From 6edd4e8111b2ffa9a51e5464c79f4d4b2aff4024 Mon Sep 17 00:00:00 2001
From: edwin-villa <edwin.villa@softwareone.com>
Date: Tue, 24 Feb 2026 11:08:35 -0500
Subject: [PATCH 1/7] PAC-3765 - Upgrade crossplane pack to 2.2.0

---
 packs/crossplane-2.2.0/README.md              | 107 ++++++++
 .../charts/crossplane-2.2.0.tgz               | Bin 0 -> 14642 bytes
 packs/crossplane-2.2.0/logo.png               | Bin 0 -> 91169 bytes
 packs/crossplane-2.2.0/pack.json              |  38 +++
 packs/crossplane-2.2.0/values.yaml            | 234 ++++++++++++++++++
 5 files changed, 379 insertions(+)
 create mode 100644 packs/crossplane-2.2.0/README.md
 create mode 100644 packs/crossplane-2.2.0/charts/crossplane-2.2.0.tgz
 create mode 100644 packs/crossplane-2.2.0/logo.png
 create mode 100644 packs/crossplane-2.2.0/pack.json
 create mode 100644 packs/crossplane-2.2.0/values.yaml

diff --git a/packs/crossplane-2.2.0/README.md b/packs/crossplane-2.2.0/README.md
new file mode 100644
index 00000000..46e9fbe6
--- /dev/null
+++ b/packs/crossplane-2.2.0/README.md
@@ -0,0 +1,107 @@
+# Crossplane
+
+Crossplane is an open source Kubernetes extension that transforms a Kubernetes
+cluster into a universal control plane.
+
+It allows platform teams to provision, manage, and compose infrastructure and
+services using Kubernetes-style APIs, enabling consistent governance, security,
+and automation across multiple environments and cloud providers.
+
+---
+
+## Prerequisites
+
+To use this package, you must have:
+
+- A Kubernetes cluster, minimum version **v1.27.0**
+- Cluster-admin permissions
+- Helm **v3.0.0+** (required for installing Crossplane via Helm)
+- Internet access to pull container images and packages from OCI registries
+
+---
+
+## Parameters
+
+Crossplane can be configured using Helm values during installation or upgrade.
+The most relevant parameters are listed below.
+
+### General Configuration
+
+| Parameter | Description | Default |
+|---------|-------------|---------|
+| `replicas` | Number of Crossplane controller replicas | `1` |
+| `leaderElection` | Enable leader election for Crossplane | `true` |
+| `deploymentStrategy` | Deployment strategy for the pods | `RollingUpdate` |
+| `hostNetwork` | Enable host networking for the pod | `false` |
+
+### Image Configuration
+
+| Parameter | Description | Default |
+|---------|-------------|---------|
+| `image.repository` | Crossplane image repository | `xpkg.crossplane.io/crossplane/crossplane` |
+| `image.tag` | Crossplane image tag | Chart `appVersion` |
+| `image.pullPolicy` | Image pull policy | `IfNotPresent` |
+
+### Package Management
+
+| Parameter | Description | Default |
+|---------|-------------|---------|
+| `provider.packages` | List of Provider packages to install | `[]` |
+| `configuration.packages` | List of Configuration packages to install | `[]` |
+| `function.packages` | List of Function packages to install | `[]` |
+
+### Resources
+
+| Parameter | Description | Default |
+|---------|-------------|---------|
+| `resourcesCrossplane.requests.cpu` | CPU request | `100m` |
+| `resourcesCrossplane.requests.memory` | Memory request | `256Mi` |
+| `resourcesCrossplane.limits.cpu` | CPU limit | `500m` |
+| `resourcesCrossplane.limits.memory` | Memory limit | `1024Mi` |
+
+> For the complete list of supported parameters, refer to the `values.yaml` file
+> provided with this package.
+
+---
+
+## Upgrade
+
+To upgrade Crossplane using Helm:
+
+```bash
+helm repo update
+
+helm upgrade crossplane \
+  --namespace crossplane-system \
+  crossplane-stable/crossplane
+```
+
+---
+
+## Usage
+
+Crossplane is installed into a Kubernetes cluster and acts as a control plane
+for managing infrastructure and services using Kubernetes APIs.
+
+After installation, functionality is extended by installing Provider,
+Configuration, or Function packages, which enable Crossplane to reconcile
+external resources and compose higher-level abstractions.
+
+Example of installing a Provider:
+
+```yaml
+apiVersion: pkg.crossplane.io/v1
+kind: Provider
+metadata:
+  name: provider-palette
+spec:
+  package: xpkg.upbound.io/crossplane-contrib/provider-palette:v0.23.5
+```
+
+---
+
+## References
+https://docs.crossplane.io/
+https://docs.crossplane.io/latest/concepts/
+https://docs.crossplane.io/latest/concepts/providers/
+https://marketplace.upbound.io/
\ No newline at end of file
diff --git a/packs/crossplane-2.2.0/charts/crossplane-2.2.0.tgz b/packs/crossplane-2.2.0/charts/crossplane-2.2.0.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..94f2027dc8a3449004f891bba2e74d8209fada5a
GIT binary patch
literal 14642
zcmV-2InBl&iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PMZ}bKEwP0J=Z(ufWNBb#`us`mkhYb(gEBNXkZUZCNGB$)-{%
z4~FcS!HEPI0F*qj{r>h>XaFS0;e5%m<jsjc*cuXOG#ZWmLIX&oP^!o%ht0zYl{%i%
zJp0StK3iK`TQ7EZ@&B!@t@i)hJ3G(+vc0#xySM#f>*e0|U$(ZNKi}Q^3)#A3JUX9J
zX)6D+_1SH;JNGa0(1QI0QZd2z$@O+bi=z6u6Ys=ZQ3@)NtkC%Cu;LcN6rr4m0yt5k
zlnIc3ltYjlG$=yTv@bZ(6RHVtI?O<kBBOdFWF8Tsf#!;6L8wxY4>KT)k0e!EmWeJU
zkdYKQ$;(W$A_H;_JQY&)2<0h(_k~bECTu(bNiw*GEFwffHtH*o*DL{YaCV}|NJv79
zB4Y_PxYunaf~zuzIGTtY_Q^!+LhWyE))OISB4UZ@uK$*bM8%B)o0O+gu(Y2{q{yMa
z{kNU>+ke}M3qFpnV0t5Ds`jHkNitEUQNPu{s81ZOD(Z(=Mtzb}O@~yOG6_v4=Ko=t
zT!HpbY>lW-L}6-=6Z1Fy!-AzZ2r*+rI;6gR^?MfeiA>EW_1u>Z8ltM8lBPog?h0RA
znX+)DqMS0WDdQlqKaf+F?UR}oea1)P|H+urDo%JZGQ=Z<Q$yN-TVB^-BKxrh5nVSq
z?xCl||EVXC|JO7tL45%Quvq@@Y;C>RY0Li?TaWVpUY;jp0$JWS5{^jVDM&^11Qd`&
z<T-Gy2;*9ioXV?I-0+yZRZ#shQZ}brGd?Ca6Oa%+F~UiTf>8}|^dx#h`h9Xa0m93C
z2$G0VC>9Ell7R%2e`;W)a|%T!rg7w7?vw3k36OJJ^a3=>cL_$&7zo$Qh?O6i(n3yO
zv7G6B!pkfR0NUnEKZ(+kY8X#ZbLa_#O&G;<{{6urc}+PTgEWY%II3%3xXSzFTx1#J
z<F`dhHAE51=@|ASLa@nmD1>4Lovv04HL!df5hAOi`{aFbHE!vjVBQ9j)HQS2go`kV
zrsJ3#!HAZbC6s9$=e(ikpw|2Y!Z;b!*5JUPqv?2`Y;1%rSg=KzWuy=pOQxh$kYdM{
zla64;Gpx5yPDZCfpGi=_wQu4`5H7TViI{%)Kw?WAO~>TZCx<#J^t>pwEoE^kB{MCs
zF&7dp4dx@7DRAR{kfvn7MG6;?L867UoYyfJ_4vk7SYe-h_!Pj>A_Ix~dnHIg@qO~^
zZvh}W8Zpi^gO%X8($g7i3XzHN^rDbJ(?h`xV>7N-#BEMx#MHKOj0PPUOoY;>pl^h{
z8g#L90GAxn(pr#c4H|LLtUi|1h?*9JGm#RSB%msOHI)drwb05?1x+9(22+-TBnqrF
z8l+rV?!s;l4zp5ekUub~^v_IBezdI*j2T$r(d3hh0unZwV!JJHL$JI)oOTd2j;g{q
zW$Lj>N~J|k1{obfw$gam8n3WCj`J)q%DK?1bDyntP*<{GojrPxB%<WH5?Gc743rV?
z+F0BH=!-@jq9&ruQbU_W0@aX4#Qn8Tv@9#>bSA|$OYM9$LukYg<%DL2<)*&!{Dxw3
z4!@U7LTZrWWYEMtwg3jkLmA+B4l0YZ7GP^ou+_ThRW}X8+3{-z)bJxp3?}$*PZu~7
z8P%Zl=D1`js7)gvH=o%0eP93C9EA}_w&1ZV=Sbb|BbDRQYV%GGi6bh<ZjKjrcx1%`
z2gI27W|Z8>Nm9_{ijD!HF|IVtG8F0VH3ITt97c=-0j{NCBj1bEDk74jR!E5i=S9*)
zvuo?JS*;S2laVRTIHWy7tD3LR56;L9%QEB98I|wsmKp%68CU$Ee!EY8-S}qXw<t;k
zAF*+1WpPJ$55w;(^*I`qJedRS2luH9&<vcWl07T4>;e)A+R8k1ozrv$UTsx(&?StS
z(sFu8zb|>3f$ivi!+gM3uW4bYs3WnFtkm<=;Q<+9b%TfX^2rEvGBKs9PNFOC8bmq5
z^n{fBiW~D$NK$ewjc86u0#dV)@q__Ku03U&XkEedL9n_4C)J(Qsi@|;#h5&mU?3O;
z0q^b;G5lXhbWGmxZ0fLcQtSqX6Ctit?B9Oph2~s|ZAY|2qJ;=((c};0B0t;I0%_(E
zsv2;T&A;z5^c*`wIx8wnORj58bzp|I5K<$Z9B`x;NSr%>RK%$!q_(t|Lz*~ya=#Wd
zM#&+Rw!LX_)5gPbibIMFoOm#`niw4k{vX=+h0yU>!nm!HoIP>w;ixNC98@L4uimH#
zx?8(3GnjUJL+B1v{?Kwrb6g?=X0B7z9OW;kzuH|kXm#qa4!&+{u`XDZCJXA%G52Sv
z9~w%8%$WQk#4e+M3B0!9AA;*J{g*&%nEy@8mN@`R@m%f%80I^ZOh~4uhZ$AM>ItKm
ziXxkKsHQoNU=ad2^&-D+M3!8$9IDT^ZKn;#2@)>|YXC-|WM*EV<nzM)>}_qL*spU9
zGE*rj%6+o8wUyT(UPEsD{&k?_SY@AVZ|&^9W;lI+FG0=6%zs~w+x9}-R)XWP+u3{Z
znxQ@_aUccP@Lo3wS`BBZK$4TAh3*qEgMOgiDv<l+#opfYoe;uUin3S{#NSQX77Xvc
z(kv4<XOdmB490M*5}M)M?DS>5Y?)K1CF3tZce!Cw2u(&T1EQu%Lr$pCNHpyWo;e{;
zQ)3yN3!#5t8Q5Y@97ax)9@1n|(-fN$WMD@SXZS>9DK_sa*mVTLIHBbH;58Z2<O<Rd
z5e({$%B-!@Q@Dmq6kaamkg_swn`Dap;h4E1T%%#M-)&WN$tp~ZTWu<%5*m<%8m$ZO
z6M&SQiWD4!p?3Af_Q}o`&V*V6dJmGEfmCQO=$}MZ;#6n3AxLSw0@a1t5mR<?Ds)Mj
zWE((U=;;xY17g9VC32m#$x!1_+o)fp?Zkt(63lxXtFwi#asPbLZ268EV{d!sb2y`o
zTj%h!NVkwTYTaVAQDCjErCho!oRviQN^rag_q1DEzuX$V6(KFwF)hL_R5D%g*H$xg
zfqb5#=`>^4Q#CUt-DfJB9JFM~jPrLUMGkrbr6L8@lb-e5jLD@ENsFfM8!Xpjv2VA&
z-NHT(g`TWvwgpb(j2l&XjSktRUL(+yaZqZ%6AFeO|5yg3?UMk%W>Rn?3u#8Ksbo%U
zEQ!PtW4!wa2FN&if?gX<zz}Xq2Jyg(W)ITJGYnJ=-VI{%gOCK?)4a%_M+O%Mug_i`
z$NxC~<vUy$*&dJ~Bq9gpzr72-#Sy&Mk{<KxpQsFM-xF>mX;+x}*4+$qFut<h-m0ey
zeW!=(RVWIZ-KrvEgO>E1vsw^Gg-9>v8uRM{pOtO1;O8Unp<knVowvXdlZ&!2Q&bTR
zd67{KM({{b%7%fFQdUJT9e>x>Yf;W$Gh3%Y3utbuilvZHS<j7mA^K%aIzWw<YIofR
zjHw(lEvcM_$y#qPCaFkTN*hW25we_|xX3j2#1%n+51p~__}t|a<PmtbQk$o5E{`u_
z{a)Wq8%y#(x1R5|^MCfX_O>4Lf9~TshYYAPLg_>7{*F&+4xc_n5vG6;8!Y?qA+{MI
z?xX#76efpOMS{0g$ttU~D&^i(B@O~ZVYc)^m7ZcSGt#SBh!%9nG7O-`=4)N}p(*@z
zKb`ac-2}1%q>6QM7pZ{D^1om1w)4ODUhckpod5UneE6{W4Y_9dK2c!(MLjLxyWEf^
znZQ2zX7kgh$drnX-xtP73)42t-wDpo$d&86rFyavED@RF8>C+sz+g%sP)PifO+Gax
z-&})~ECuq>_@X=^FP`I{EWap6Blezb^lM<iQ~cYac!;SV7A1?M!Pw;&8xJ^i=4~m=
z#aWC#7Oa~rB;$HSHvV1p|6Oe~yU`GB<RdQI(FDlGe{PVCcN@3p(%*rDG@Tk!#S)9I
zT8OSKvOzw5iYAcdv6^gR4~(EBj3-%{cJ?neHE2=9SCwrTGqLG1H2T9S0;sfvOEu`O
zl!&|#9Jt=MDd_!X0({?CyHaEs$d1YdmAWrR*j#1n&hpb7e7VzCon2j66IXnB0?mHn
zz&dKP5t-3P-LS4}<<wE-Bl*1)x&muPJZQnqg)sNaekNM{Li21vi3Tk9=fe5lDgP6@
zd@V%=caaXhME*bD-Fw-R|1Vy=c(niS<q7xy$RSN)TIz|A><=`=;;U~hH*ZH*jHmly
z+C!9srYY5Qzsl8FVZIV4!EA(?7R8FS2*KIWF{Qn@i^)gAcnVyT-HzE5q>RKiWP=me
zrED<4&&v$gPm;QeRmOmM-zPcM$>ddlKCvWg?F{l+Abl<RN#KlcXj#HW)bIDBd#3un
zi|x)q?H&gOR|gv8Qi&)GaV&}((JiSO$U9kPfSZ+Q!7wiGh7Xsgszn+54z7V~6%k`2
z4Bb1MKZ<{rHjCf<S(w4czf#CR!z_GSFnF(l+jxu}!`T+C%=Rx)eKQP~FaElzG}UDb
z(~WO7R_mtA6>HWWgU0_ertBX#RTpndg6_7_PM|g=QHAeT=}wcX&0TutyC}Ne&TN>l
zZ>7*S#c1YZ3u%MOa@=af9IAzy1y#p~m(hPks@Fr+P5(YggpeuYp)l!SL|jMCX<?B^
zW9M@*yjea;(wt$$(j{Lm#_^hFETx+9u}chWr0iP6^HMJ?ai{%xXmx$(&ocXO$au>5
z__NHwW&Z!xi`}OEx3jgg_59KPyN~DgmdN*(Gro2+&@k~ij7&pb6fNj!M98ekwMM^G
z=~hajz5~?E$d6nHM!2`l+oqixSZs%@mgkh^&O5bmAye&o%V`>zPNd#bHR}Z9>!l9m
z<MS`|bjtr=N&7B#gD=_ty}P@&-S+=?U+z50|ND4C`ETskTGSs^OmJHfzltomy&{nH
z%GGSJ?smSZse#EE%>Y}lHO7{sjlD8;SdM%od={dUt*U@zzp;}ekm~-Wt)={?1DgXk
z8+KTSPD?4}H@;iodRjCU&g>@lx@%#4rDJD_E!e&1q|y0#RU4|wch*rQ;K^#VM?}a9
ztjh|kHdHMcRHSP#umRi(g`lB%tyJZRaW`GEoQ-Ph$v)Y1<>wW$d1l{keY>?Wr-)6o
zs{$Vjuv~?e>(U)e{B09nqk*i!kn6JK3e$JZDO};|=UFEe7Ns`T4YzWc_CJSCEq0mN
z?oyZR*a;I%lG%#kD#B`w&+MhCMa0bRm~ei!tF7Gdibk%bdH8t-hq-2N)qG|8E`YWg
zbI$apaYR6XRPeqo%sA7BqCPaq^G-jo<%1=|PoMgxMpbNP(CncX)mawd^dNS7@IKiH
zkh10L<3q@&Pa7@hO<JuEXMg6irepH4TG4&#mqxFHh0%K1>sc2nJng{bEI1ovrp@}`
zkY-KX_!s={lSD{pyy&2`q<jqIuT+l7{&&G_v)fnWYR7P+sXpoVeUZj%LqLSJLQm(n
z-iTo>K%r6Y3*h0mJ1juK7x@CMS7R`{g?|>0de{H0F=@men`K+;t{uAu18uOqGuy+4
z5}LbHu32xc7HVU)r0toG0>5s~6Dyeh{^s?;KhMtJ99}e9!gS*wq{y2H)b#p+L6*7@
zOY^C6T2EJ#d`-CfZVyYG6y;2zlwC6=<UZNh-stYj@#|M7uTL(&vcA|2E$epY?9I`;
z(}UN?7iR~D$E)>dG`A=C<qWM+Z$!tHt2U?ci{ta3P7aUX9ULCMd3(AdQCC92m}~K@
zx}L8OXAVke$pUw5#Lvgy|M=$3KPt=(`8H<pUd1fv`zBXy2ZyPnu`fGLGpL-sIlt`e
z^2XnGcb_je3M#<Irw8A^I)3NiUv$I7?Kw+@Yz6c3)y2ERgLfClhv&za^G7E*X;KQI
z`w5)~%=G&Bd>w!~Q+>PJXD))TPL5A6*M*s6%${QwQo`xDE134kU+vjtfv%gs9jBXo
zMy*}JG|VuIZH8H+c*x|g(HYx47^>=BGGo8awO*UP+Dc~Yx<+dkcRql@+QH9Fle1-T
z_KDI|>ZpSYT9%Fh6N2rN+H6_W{B3RJPD|%A?HufDS)55Rgb?hAvaFPFIgy|yB1`wl
z^R3`>0g|ClE_kZ;$xiS|C&h(GuApW4*bs@`tQUnZJAAEHserN1glq?)+~&X-Hw4x^
z^6l2Q+Y9)7LHx&K(GK}6Lc@cbMPh3SGpwN|Jz^btZ9Zldz!qvom#l!=`WEm4`*$Vl
zw*!%{#`67>7`>17?%F6Uw|6}ruZ|Cnj?dp6zdAm=Jb824X><kivw4P6hr`<l)^{BM
z7aNPB)7&^bc=!F=)1z0%@6HY`f9%9$GXbg9W<#PbXr#kXoUuq+0mKyz|2s5R9TJqM
z^O5KlkBfbh`G)yidAl;jLS*NyfHag$H>$6XFV9a7FIGdf1#d-6=V;z;e11GWcy;;X
zyR-8*-!F1(<}38&Xnk>S!ofT|KEJ$pcXV>z32{?rYV%&ak}jAl;MRh3Ti@m${F>Q8
z4!3qU4T0Revl4m}4|myoUtEnFO<D|HD70@cXIKJa#5*APkm(GF)r2&kQN69EjU4W1
zHlh9Yr@2C}VXQ6K%RXCE7a4i#O|xg@uc39ewL)yN*_Y0_;5$@LxS5X4LYd+I5Q_cS
zfHG^c&TOx5E*LH7_=^QgOYUHUwwv9}W$m@Z;6SjrxK0{t&s|3zg)E<#7qhF33qV$G
z_&gM<lc~a5^>I~EoAmSA?S#`61n|c%g`oXmRP%tl1E-pi_WBg5dDW^S3q6ef;wj!5
zzsAvBcQk+tVSWY;n{ZbrVzb_ARJ@HG?9Y>OtMT8;vX*JcTMI;ednWLzmT${BuxTM{
zR-Vgvb7i940TLo^-<-BC<C!&M`ilkSnxGqUc#*2PYeCy$s_<;rx=`!H*O?8Mjas+L
z{|L^2t;;kHhMjFStaGc*`lDilM5p@j*qP?4(zop3oWo<o?#?}5wyX2=;H{2cgU71N
z8R{~@eGO(Jc0zmTM9nYsbmsr!H0;~6%J1MpsAcEBY;V12<^R6i+I!spaWBt@56*jQ
zh+uyt)Td9lUDeFWw$!y7(*N9(<Nv_ZIsfI5CVhMEgY4r$l#o{WPW=L;+rzh_Y*;q`
zU+lH!|IY62<Np8qc~;sb{}5Z&7qQ(vZXf&72LvqYW_xq{r%!i3{>$h8=N|^LWd6T+
zzTKYx+uM)(f9~g5?UaoBo%{We|L$|E=mQ-b(FMO+pj_?Hh8E0urx7eTkDvw~fUg^P
zf@dY;VXkgqTz3_rL;+r+<Zq$D%XRReXQ0WX?h0X=C;$~(XbQsORN7mn@KmUjJhk_E
z5plyo5(y)az!M+}xPoW?2(S7Ez%B$iK&nVBP>B}qlrv5<_6JD3o~hc7rU>Ii$P^^e
zB6{NbR};`)XFbeBa%CE4(hjHrj5j#x2}DoG8-wt<$5)+ItsnD|kO|mBk^LzMb(bY!
z%Aa*@dUF9#-9OztS}GNZ+N>zDX)j3Zn<>fh-#<1h@WDA-YV!%wvZ|<R!a$AMy4<;0
z6SK*vZU(G*p2y4?6**>eLHBtn%jd;9Z0i(Vn|=Rzel*Lt&9b-R-G81ReFoS5^Ze)z
z_?7$_8TQUNY;E4|I(4Sip11S-p2vG*V}BvrxobFjQgQX2@pSZLrkVJb4Bi2%!S9dU
z{uw;?nL_(EM_a9J!t@s&($Q|Y_EGGiK>n}0IPR)r^5t}DuPpZ06EjUx0Sfb#CiEIF
zg6R{mw{~<8^!9xVdNgD_y(`e}oS&5s82g$InX2<V9@?Aw*L&9T|8IF1)Ux>B%NMQl
zpLcflcJ?0q|ND5pu>b!#heSPC7~nonjB0jrh2x{##)c+oRyk><JBYY^{(t^qK#S-9
z_V&x|t#<rxYis*){@=&5_WZxoLxS2<{EM9!)Nbg{c6?AUY+vRmp;-dn*SSKCuHF8O
zp_RZqo;NgG<X`)|p)S7tdJZ27E<USU{?|BtX!#jHU1#ugjK+hVQPh1<&x*(NJnnY3
zk%r)BgFg4RH94F@i*|x8+JD+P4gcI5P#=$8S<s!w;}7mcAgp@)L1>%Z_9%q#M6NJo
z_1)*E8U+;pngrU4HevU{2uqJ7Fc#q=dOwQP$36Y)^<>TM?4eLtu(f@??Wc3N@}Bme
zF7Rw`w;g3Jgj+cWA++0UQ<+!)R$Eq@!0vWS$!f4a8}0RW-E`JmHjbaa^0hqv>+k;y
z*CE%71TTsI?!MT4*<Sy7x%asKb1%<5<bQwG8W2r$#{aa7Kel(_s?R!&V!?HC>T_z4
zR1cBQfA0hN#S`~Ue;)Euzdoes_5N81YP$2F^t@(p^CzOG>CS`Fb121)y3flczcfW{
zhZ?(bT1Qlc>Qh~@;=or=18S-V+fp?nzgmN{p3M8=s@QJFctV1c01yLvZ=jG0Q|){T
zo)*NgyxW-(H}clVuNxb`HL}ylueRK8RWcg+bqu<PX=pv0WA@v^w)0YHpM~lpN9MQb
z0Hc||bF+sha^-XyJ;BUZgQsydh>%3+3CJ6!fH1B>(nQ;sN+LLSzOI9UX|z+!JEWNs
z2q}6J<iQH*7ZZbB5i3xk!m_Rul4RqXjm1>x8UZ~4mqd&?x!Pks1VV=ySiEieq!yM4
z#M?k^jOWgac1J?@q-UGI{n)m8<#3(U?@X7lknceB<W9Tb(=lyN{IB&#W>jWb(2-%u
zGEEo{tLbUcW|Xzk=p8C8%+}0PUJ;0&4eJ70mxB*myDLZv!*Yz9F508pl^Q)Wu=5h5
z7jtOGrmmH4uw99mWX|2WOTj#};_5Ja*D@_1LTwoY?p<H`M%PtTUQI<$ZlkDH)i{gi
zXoWkS5(PkRCM?`Zs0h5reh*8H2AC;tq;kHz{cc6KA}t?<>Oz6?D4x2!$hADRhY(K&
z0l07R<QrW)#lO&eZuHnlxxV1p^u8zcQkB2<3||4_EvEYyG)-0ly`~`Ofcel;p)(e;
zX1w7cB!flazC}Z`)voF3x9#Erqp@4iG$)r6rlKbV6FSgK%h7meDiPNpv7k+eCX^dm
zN>NB=$QZ!0+eOh{Vth;}nnAWR_RP&MD*<L#_rB->Tg%t~TpA~JH!t2|56JTKpLW{&
zKVIxU?*F)#XYKtTm4IyROq!LE_qDg<R>E#3f2qpvy0H4u6l%ZQkAid)1MPi}{MG7H
z%s9coZjedhJ~gLu@Fy*`z=Nurw7e8o!1sxf`d@r+Yv=s8c;Ct0?|)f7|95t`c3bB^
z?(MyNod5Uo7|Y0RaF;-p;6zWDB22k}L2A#3M$I{5coKv=zJzh6>s&HZ;|9nL<=TdK
z?Yzg585=<|O)?;2gfHB*xMr062w85`Ho2iwRJ~v{b!`kpPYi6k(>v{j_3PJ!n%1){
zo+qhH`3?!ydAZzba;hu;(VEqFxaZ66nR-*u-%E%dN2=q1>c_$Q`Uk5z^80HYtcRAt
z5Bbc||7ecfl>x9s|8MW??zQ#*%iR}``u{$j56f>2Tx9*<E;A&!cks)41z%v3_so{v
z4tZr~&)glb3v$-$A~p~G)29VF=B;Gpj?LoD-QRaexoTU9jr)m2Wc%du@C@tPO~rrP
z-F=QfHI-w~Yu_jN=RbS@Yj_sP|IY~dG@fPhf9u6|`~3gs+b<vG|9w0y`QO~L9lKTI
zTZe#F5;k8~U}(NTuZVJocIZQfq1KN=J<8%g-4n?Fcmi2&cP!s+8_VMVdoSDa|M}kD
zqx`>@=LtEZT7%@ctY$~wu7C|omZgl3{au9a^kb%oDhss#h?+o_k#Q!5Hl3RBanD$e
zRI_Wqo6Umvl&6>iYZJ7|(?Y_Cy@%AwzkhoclQ%q@62Y;iL5UO~Nya$DQG9gq?m`O*
z(Gzkg@?3E8)8Pe4nN(3cW_lC<wdhCj@DI6(|N0k`@uvC5|5Vp}vj#Mz$yHg95z9bD
z-^A*sh`x!3^eXx$)_D<q^Z!Lp$WK%<Q7UqBbgZJdkm7$K(NWA&pqsXw6#r}J<87$u
z+RAfdJDJZ}bbfqr^!hl?Q~UFw2i`rw{C{<Fczk+seD`fEp8q>9w%hl=Z13zouK(T7
zLzX=U1x+SEUa<tYf|*U<!Q<>hvJ-Fh$p1@uN#&I6Y;En%tu)cP*x%f|xw(lcHWLdu
z-pp)MYBMqwFOSb(Uyy^-BXaoW^yuXB<jv^?`Qgnud3$l(Bj?9w=WmYQ;*RnjmO47Q
zxI91k{w?k?HvqO{a#UyB#*xEj!}Vx`s0qz7k^{AeL~D?_%_&F(PhE<^NJvsDFw(7%
zA}uk`rRTTx@|2`ZX~~8q$~LM9Ci&X1?uE^YQDmFwi4^5{LjGoBwoH*!Bqg4$*uqQ5
z8N?D%OeGsnv^#`bNCI3lJtaPq1>5sGqC09}IzCf2pWTRdU5{*l0E}ryjuG?>5+yes
zbP;EoAQX=UPYKO32gauL<0s~K0=VO@d+o!;htnQzV2}nrW~ZWL4o+i{BC~n|;n)Ua
z@`I3wM^VZ`D0>FFrD`?cevCF8lnv~PB2U>fTUFeE>={J@i8e?uZvXCKnh7lxM%x_}
z`w1x^T`V3C3>PD!%4FgY>lp=#-5*XZ_7q`<l(}Jsn}j4!8GB}jM@?8^AdT2aPmS(N
z4CtqOTmSwHn=_i(65azUwbB%~2AE-zpgctOj0}Oph$W0>P3Qrh^^pG}$_?^VNc>A~
zJPSvia-_*MOG^Vwl8`?f0C*2FVG6B<`s@_TXMSyisaaOLz`U3ZGrjUQrxkb<x`fnz
z9U;Z9OcS|C*@z|9*YX2weLVBo=LF+v6?Vgo5+i+M*vsefh!lF&+(SSPj4jaf^MAy~
zr9H>M+6Oi2_KLh&)G43ZcM?>Y;rtj$k&_&f3FR!Ieu8L8xiTfGXDED=xt}9Ki6sw$
z>oq%A9T3szW+L)}nF(dDZgkxo0|$wVPK^$S(kl`C+DdO#Z^_9aWz;7<`fmR$<kgH&
zxDoOSF-AFLIIW%njQeg>6Tp(rbt|VS5PD5nMu(Z7|AAcU8EI-5Frki>XeAfCbmKy^
z1S;|7-2K$<;2>0Mqg#+d9$N?EDdhy-)4a&QRCL+#SkaU`C<@>ydryXtiJNCN6^=l%
zYis2if~bu)2beaxY2bSAAXyrC#D`Rw!Q(g;Q`3gwekpP*t4vdN$xuj_E?Wx&o1t!|
zdv(lzFN{g_2xN39r2pl!`kS-K?}UUxf&#9Q`jp&EM23@s2+78b)2w66XXUY%Q=`W8
z?~yk79Q6!0`%ujdzDL4H$SJGlClpj7rx?0mH*%1WO^u^)g@hY2j(oyt4$u6c<GzIv
z<`s)kFVK+{QD=}c)B!Q7NBz)<a;M`vN4z};swo?^R}s)nIIl}9JPfeLm>>_QDGLV(
zdquUaCFES>d%>j8M(PVrv&@TaRSt8eo$&B>2XYr;j_A3mfDO4d>XupIM;X=KLTwQm
zDn=?}^M>DtFrnFqh|zrGWi@S2HmW}PGlHzXuf(z#5nL3Jg0rNDiI_A)KDv>n9!KM&
z<c|78)z?)!R;mbP=%iIWS&;s!w@?*TvMX#u@Bk;0Q<j;^8B<#ILX}mSLTais<SG>5
zOsNu#3Q15$x)OHyjplR5xOiJDBzi9pBMmMHsBP$$GL@7HwLG?%qr7xx<j*MaYSjeq
zJrSCH_57F!t_qfvqEy+G<WyckbE}azxj?ZoN7>Ifju8^JlM{`w+Bg-OP!i77cw=@7
zx9sbx+kOTvHF-h;8u^&F8YL5|$Pj=N2??MiA5I(X)RR!b?<H`ZnPw9q3t`o@F?fUN
zX9dwtO#Y7BQN@THR^9iO6}hmRP(819Iy1pE3#Bq%6BH1L7!fjb7oDJ8@QWx3H5Oh0
zx}=$BzZ)U5^oAK*gA3lrkyq>*fA*6Jm1E;Li7CzWv_FynJ;J1fYmwk~;I=k*{-50_
zZM`k%8FR2Od^{uRYH?na!;B@_)G%t1(P^)KQ-HLpR^c0GScHCCXy#Y47>(tb7CY2A
z$`(67&w~Lvqekfd2}b8ByicIeW`Zg0CnF-LtV8sS6t=Iy=;ibZdNzmOSa}{H^rOXS
zWOvpo$g-aMm*s_!+73*;<<J_+&MHJP<9lXEV8_U}N{b@H%dmJhwNy5;%b|wZ`^uFK
zIyanJAR%=txyc~`rKn^$J4cf7ah0vbyzUDp{!{gg&`fY}8Zi<1&|Q<`bUl;p3cf?u
z!*$wL3uojtk#kMln4$2xE+!`<Gyat?q%_lpr>jBH%*9>ln3~Th<ecOFv{qP^Z7qdT
zeI%Ia1}+GJw7(fAlw|Zql}wwiW-zu&!0z=&<ZGLtB^4J5IMfLiaphd?8ctFV&eV6y
zk4KJ{s-A!~#hRSxO(yS*x|!k~je3qbmFKN0s~yY~HKXTwg(`2brBqkUS5cQK^b=Dn
z3U*_14q;>{#-?*RttDGq3MHao-nMDTqXkwT4v8@vA!TLWvwUPM8m1?r(#TD>*{bk4
zlB`#|LP(IBwQ>ME$|I3w;>PNCFT3`m%CCB6ds-?@#s*)5p7l2*B&=XygjQ(!3K@h6
zXF5tzKeRoG|3WqD+Z+aM+Q3b1N<(V>cN^4^hJ~ca88>`ly~pq@R3qXlmNqbr>pn(e
zfQ8d+ISE>ppef@$Z#M@nJbDLwI@7tJ;i|!!A$n$p)!MP=xVvY>VhYA?>IKFGvZ$`7
zo9mkmL3H5L7O73k%}P%X1CdJw8ngvS(@jH8JL9CT6&G<9e7mDfqNUG_(5lAYIeuoS
zH%{MNo*W);5Do7&(%Vcs*M>2<gLcB%6^MY2nKDCJ9IpVBcReZYI71(^W;*C3t54Jo
z$?t?3N(S2z>_Tr9x&~mnDcng{WHzetb~WQpg;9D}rJk*Ls;S!dXi|@3P3xLM4X#oP
zarm!Lm^YX#oY&0&6k(%U&KQ+Bt~KB+d?9<YRHok63!+@kH|U_!s5Mj2fVjrfXE2t+
zWZE~KoK|DQh0Kk^Yzzya(%xoiM%`VX+#+)@-e^2nSGo%F(JXLYaYJJR9XGd7Voe*d
z`ATijG&O%q<L`tV89?!<I|{8b6MB~Vilq(KL4S&J(<tz?%)Qy#;21AhtpDeSvn|t*
zz&?mUv+l`+(JC?oYX``(&3~3K^VTgoNmP3kXtrXo-WmX{z*jI728ioNh_a9*Wh1<u
zGq7?yEciOK*Rf<|!31kXV$^|6ubws|bQY&`T#+z3S4|~^XPOS8c{Ktvt5ppxTv^?T
z$gL@D_^1(<sXUdIC(sy>J#=>bHLB>V)>fd3$y=U*QaEVvzQ|a@jQfiag9VZ*zA<fE
zkwGvk2xH9+UDcMpX|Wy1v8LWIj6Sd9nmIEI(F_>Ig0QA*>Q^6a{ZpY$rE2vC^~+FL
zr_4;-F}im~jUZ~OEI=wq!7c=uX%GyFYsgv`HbAPOc8SIkEaOkz3_*_!-a`_Icoe)9
zK_rZ+wChT3-@~m1yokxAH$dFR>&lL<ZbG%^W;Jj6bqi|NeDTW|GzS$}G^*z>k0I`-
zki_w@E$o@rW8ABwPR>o0@O#PJ>XF-ogDM?|6f^j!oFX=ilN3}U+0YF|<#ezyn~l%<
z+2qH~X@d?GU@7%7CPz%6>jcu2`k6{YmuWQ#DpZG4>%gMtZCtEc4B#lD^HN8_di8+0
zxvy$epBh|&CX=>{8kS~SH3#<@5xC;Fad1ISE;h*b2Nx$7p141sT>kjx?Irp7;QajH
z^z!8Rg1k8om*wC5Kn_lSA^$izJ?ar)b_Mu-Ax$T%o-mXvX%Hr@XAs6osh3kza$`w_
z4w0M{v0_9nPcB~__sHp+)Befn59cSRe?NYGe0td<uaD0Ue>^z7Jox_P)yd^A$U;Ay
zT%I0Z*z|z|2jlGE{PN`R?W==xa`yK8?9Iio)wXuEFoVqaYN`-iF<f=Pl^N?5HrXXO
zPJm;FN2J79De_+}af5iNjW#M(=IE<<am^G;b|n&4xye?jyLDEK#)b>6v(BvLy>Dak
zsv@bW^or3T%W(1h#Asf7h6CbZVQ@h*40h@X2ssTxEq*0S3#r490f%wM#=sMJ)~i;#
zdyP<T75Q1p?@z6vfLqYm5Dhv+ZY+gT)w+dmQWKhJg{$M;^TSHdhWZea4E>O03>$V4
z0UTPI({VF~Z)*FLfI2xq6_Btx$i{fWQe)WKr37QZ*qAP(nFs16bTXlaL?8*3cFo*q
z@k&>#GSh8G7pYlRGN!a|7<Ypi$ki}n@O0stxW~$LI}?^+$3mnxEDK|YS43%16m$$d
zv<XUs_=vKslvW$jY*g~vxIrb@kqMHBJU7f6(!(|k>RAu@&=~0LK%9e71=DGI&2W))
z<kB~kVvYztxxs<AGvIGAIY^97FjVl8*R*_4E9ziU{5&zHdvm(B7Yi3Iw|OfxnFwK{
zpcv_FEVg6Jl~6JQlqWqr*QC&tCty2K*f6M*epBQ-$T`#1e5_V)GmkqF!^}mY&~Di@
zV#ip%cBzFaR8r2rVydy+12Oqg+!#;Dx{?*ake&hHx__9_!n0sCq_Vl)vIquo-D@LA
zYcY!WqNP)>qSO+-juZuK;9|nYXJR8OpUs4~^Brk3s%VqK2zY91OhlG;gwCnVQ4)FM
zx}st|ol7a})iM`3rb>atjj=X}+MA6V52w!9s5>+@6sT!h8S^&*HwI>7g^Ok2<I^Lf
zSG&^S@cY5p+41So$v^ka5Ms2TD6*+bUkFq8%r`{krdmrPgj}vzq36;ln$ZMrRtuJa
zv|BN(H`l8@`4NLGRRnmF31x-;P}1ZIv?3cHs;gYweJf7eO+7QARCQio;7P~i>5<_7
zQRNE+bJPR>w`T;sb#znJM3h--O#BKD=N$xUJ6M}Fb45+LrthnTP;}}o0x|g+>^Zy=
zY-txK^->(mTE0;VEmrGxp_y5DW$c$$hft@i;0me7M45^kcu5ze#K_<cqbr&#pDy{u
zpb1p5YCYaj&ab;x;h8$fL1i*w*IrWAi-|j1+b@uG!I4Y{HmxBh2U+IjiUiz;?}FWq
zYtq1pYVuPr%n&6{O@S&2^VxqH5Z*yClELaT7f<(gJ>$+VMOj&~SY`7BVE{42@EL8y
z@H}Tz?fHLM4ysFv?(f7~SY;KHeV#GmlF*_sY}uffM~|sSfq5qRXWHZ55=XLK05nkW
zT#t6nh$SSWd|c8okg>Q1$=j)ZE__lO@M^YS@z;{{{`gc+kpEw8P`K+hmgN7xe7?KW
z&i{Y8{h0rMFHaQ6_=IxQkW|^lZlx)vXEW{=A@D>_GxPsZ4ncCzp!^LB*4K^j=yw>G
z8I{@8reCNDq<A0+8ot_w(CgoR4MpKP7pgXl&P3Izc|Hnfv&E&t^NF1gV~;2clXXL_
z6-UvNC*({*ALX@T8dMa0Lw=pb|F<479(`WsRbt-YdOO~J5pVtHz*I39cNTgcZ<#W-
ztrJT$n^7Fqy|kugcnG;P9hK6i{nUhVp~->LMxhL_YXf_4&mc-Blyk@ww)KQuV3{Z~
z1hwUfD`7N<0h0?{k;FuDx1%3pvB8<9K{^&oK|&fypy{+y04{qA&C$VNV9JRMqN{QU
ziO&4F($yZ`@bDL#gBC>-Lk0<jz}S3Pz#?r_u-f0;w3KR{h-u3NFv=n|wwit8m^1)N
z`uzpS%(lK+zcKx@lzoi^x0LnNuV`B_ES|zcH7Jc#Vp=(~7lRI^7CDA*OaT=Y6f@`I
z8XoSXtMY-cC*Cz;+?Y93SH2Qv{Q}jc1UxY}8sgf7O_`IBi)&{&i&B%^co%qMw=)i7
za)N_gS*w=OFpR(rM?{ucWSftaJz<-n6NASPxlpwdS!sqHZcOikV}&ZI;TB^}JtJ3q
z*tbp1IEpSsHH^9`8f@Y`R_Iv_Se8|{Xc&q%Y?R1PN(s7@yj}_%C@{9}0Edb4bpN)j
zJeQL#l8ZUnmf4(TWqe^#wC`sD_xmYaLv{yT@33f8McAa@_w@U3_s9SE8A0B1*QO6&
z;+3H|cBTKcX^)Mv6tCeAoRl^`Rg>`87guT3u2_sN?QS9*OvnCKe}sZv<b~jvXVQ+P
z*8JLwf<RwG|B$)*$4dIcaC3;26!juIP9kM9c>N-QEo~-OK_$&W8&&4~l28dFVJUi)
zz+`nSirY^bMIXtTuTMUbqrjy!zii=;(MQtn_eta5=pz~Un<WS2BRNRZ>IDNe@VX~J
zrVwc`dNKJ(1|L2R94I+f9*iRym1A7qSKXkn{;$8e`i<Q+vEO8j5Rq_h(J<J7<I7ay
zGRs;Z+b1)$@Eg$Z(|X;tAnb)vZLpbpyB@^){e_lP!x%@!FjD=6DEFz-$Ds|uQ*!?O
z!6ETi+7=>J*v7`Wz^VEc1<ZzTkSlvXwQ1)9g{G5_!51xXAyn1Uvttl9Jjn2J-NRtY
zH|PWWnn}Si@gpPGR5Cj~mXXVQ);RdpnRqcdx1l1N)IW#^HY3r)wc!?==Yw|xyKTVj
z@#&Gl#lh>dSI6-`j(_<MXVmt942@O<<-ffPzBLD|yR#>p>AUK1^Yp*3qo={0$?J8q
z&6<sg@Sr`jnT|M(FRd!4a>%r#avEw7SB#{kMEzh*6KCQ#1P?;}Nn~XXuSLoA{JAi=
z4oc0D7%{o<CoEJa+_<ofO`e$PkZpQtt9R0%U+tMAvVU-&yQFo4W**KV2HkAxDheh*
zdwB2~Zy867F^Z2dSPwkGz#{U@`N3;E!oj6@x}7gEd8=SlW^KO<O&w8G(zudjO>~Ou
z#0z6&Mcj^gW~?GyN3rxi#B^w9NV~Xf6GL43cas9;x>e7uZVd1+&?6=X!~$M~nPPtc
zuIYOG%nKWLt3%Z-Bu+*yHP|=-HDS>*uE8ag|A)p%E2QL9q(JON?-rZA?VZ=mqcjmp
zpMt&-^2(rbY*Q<muR9c0C;$#AW*qDjJZaF(uV!_>ub~OyOr*gr0Oq5qM7XV0+wQS3
z9nhgA3N*$nT1sx<E_nEXNu_^gdh(-f-O7s*%@nxK;_*wdJv-!*j!lP;L=d9}JhsY~
z(sWEdeX_=y-;wL~mJlpKO3CK5P?T9#>*vd=hIvm4{9yHRJCrcr3^*B`3VmjGr)@ME
zGk%6*8X4iEk;d*<*RUDcZEGRW_cM2r1l~mOXR|?VDc4$7uszgt9DCcf8dyt1F(Lz6
z6mI1J)x-dO4?J0A(3~mlgR&ZQtlzs7B5g(gtVC>{gVi)KGoUHR<IL`Q37G#^`^9eL
zV}k$o)H{QzNZPKTjT&r@OO}G#G~>1T#MbZo`p@Q!1frv5>3JsyEm=|>*co7SCPfZ<
z0;R&EczSp)quth&NLoO+I~ZTXdt8pfV&86kyM-7Gg<E7<iQ_`9_Lv!Xek2e!1{>^0
zVo!2L?Ezd7!J8w>MOt0lTKO#D%eAd;r<SZRwLZveTFeUjL;tBI;9dQN^1V@JnRss?
zw3-@h!oN!`*g)piO7P3lXcZ0E!r(3x;LcX9{|b>_KvGJkr-y=Tc&}$oFIpL2s#$cd
z5!PVSnHD<i@a0XkXKAYu$pqHQs8Xji2T#$n@Pi%vI<sH~`2`B7BAB~(Fm}U#kZ4Sx
zaXva8&;taxmdvFjg}mbTE?4*P(5kvqj5x&Z%$**gRn6Du2WK{F=)5WeSA_s9qIfS)
z8`o|F_sn0RxHKFQUZ%22;ANr16pmX1@Csp=PA=#~)3#`b1eaDi@xrZRI#>nA>vr3k
zDTMm~YO}M`bI@Bu&D?5`Bw!$;GDvut4{b8=47fpEwp!pqz}ua0?NJ{;GG&anhE$x>
z#<>N50hT@Nb~S8(v#g_u`PZ0RL)a$aSof~Fy(|sILs)0VNC=zKA_LhB+zlG<Rvdy(
z&eoz3nHWzm3JEkl#2qG-aUC`_x5U~F15FtRHOKhD6}CT?**+4+Oldhiq~Di3&A?hD
z@fB45L2aX4!PHAQ8>(=k;P8M9v9jrcH4(`O?2(MM0K;__*PP$-K}vqb#SNaIQ*tfM
z7^Wlv>2iudt%NNPv`URGYLth@cixn28IsE<q+ciq7M{@>QE^g~2L9pM+gf+oPm8Sk
zjlHd{d}BHE+}SZ7iM43fYGZqAXSX(Jx>_;P9n_p&_>W84Slo}Qh50>Mshyp@7ad&*
z45l^4qf>2k_oSnNm4~FenMRPMvz_$@<(8ef&A4<o)f$;qv{f*`E9t6|Yldz}(}Zom
zzY8mN?oBjp11xZ?wP=PGFaS|ey=gM2c|JvqH(H)acFi&v!?8-J%`pk1Z}ZD6m^+~^
zp5MGtSZ{bXJr_d%z%sDjW#y*Mdf!qA9Xg_RN0z(Cvu%kjXt(4C3NPC9!#XxU$jQ;N
z6{;6|d(U@Pga1}pkLuFytdO4vJ)B2(GisePYr(iRXY#Uvo3Uv=XXqMDuQqm_y<3sK
zD-GWY4a~W(1?6j%Ru)cbo26ZCQnbe{x&y5J%{h38_RM`c-{FD!ty$l3=R&<iiw2I{
zel<5p86>#-8^+oLwfGK$HCM_zLZtKh<1IkvHzTAfoWu#uY`&RCdqE@T-rYpf&Z8Ss
z_3Q{`H%lSuT%~qj>UGz-=?lwO$tn+ERbOUt)G`3~`QFQlO|@Az5LW(E*9t_PE;<t+
zX$y_U%|A2Fk^8#PJHjNrLzn;aigAddUtFSDofT%+eVliIxkf%?C}TX#!ilS72;47Q
zeQ^6XF-+L+E6~QxvdhZ9_NqUB8&m-o4A_PlT7x)hEM4o?!8sNkj8AzVIv}gfCFH>}
zP~?_@#E1;SwVgpcn^@%m-aa3a*iN@sr@jkYu5%_YJiU#ciK2r{gXFkJE}QlUB~zMb
zR<GC-Au8ckE%wyLB<_U|MksnZ2+q?VJoBl_)sY7`xNonOqh|As=TqiRl152?L;~C_
zJ$?jfQ+$yT?fJ45KWah7V0YsyO{K;SG=sqat9xg2pKM3bY=+Q2X=L_9_HLMcyky)j
z;q8-ESLh-_G#&2~niUfo5mJxwJ~_y4=v3M6{P(~0`@|U0IN7cg>G%I9in_9>_p21h
ztLmd^J{5`DRG`aZGy3&4<IH?sTv}6gr8cz?nc8$C*3Vtd&B*3s*8nhDXht_ylTDnr
z@64~w=yA`<!l!HhM?4lfFYe^(XMC32|MFt@Mf?7T-JR{n`ycP+dEEc;xc}pE|HtG0
zkH`HVkNZC!_ka8=?Eh%qdx<L5e!Dcl-OZPe4)UXe{OBM*I>;+H$R9qq#Hmhc^6ArO
zY&Z+AI(HY`T7ZKOA4vQUyx)94K9Ua~@DAb-^rugz$jlqa6u55(r53Z_@sipQq{YvJ
o3x3Uj3coop?aO)}FTs6$9-qhO&-48M0RRC1|7?E$RRB-{0FF%OXaE2J

literal 0
HcmV?d00001

diff --git a/packs/crossplane-2.2.0/logo.png b/packs/crossplane-2.2.0/logo.png
new file mode 100644
index 0000000000000000000000000000000000000000..94280b87bc667f8700a8c06d52561f7354f3b6a8
GIT binary patch
literal 91169
zcmeEviCa$F_xLuugfeDI61t=^RR}LqB&mcD-fJink`TgiO_^PyQpgY@yoORJ=eijp
z!@WXecrTd}Ufjr(?^=8Bvrq5u_b+_T^LU)I&f06Qy{5hP+WWk%^7eACRijA_LP)KF
z16+Lxsl5;XRj&#V-#_=-!hgSn4j4I$5W80RuR=sp?>U56l7X&${2~&HAO1b~sXtl%
zZ|>9<t@>2kTj`|~t{b{B>9TK)dv*6M+q?8;pO=<@e7}DAvRjO;S&+Zw`i~1YHHfur
zb2{ekxEGgh-MUp7dMI~2`WREMV!3DNs-<TYV}RBF0ObW@`9FD-7YF&DJpSh|<qYC~
z=I}pr_@6l_68N7t{LdQ{TY&%nXAb`}hyR&_B7y&T!~eWNv4#Hy$N%3OKAf7s*XCYH
z$%kI&Obq*caq;7_f|5Trbgk3tZAhoM2MML)TeR7n^LG2rDUTmFn>VAN=TXl_S8u;q
z<jDjpJ=m~+f7?sk&b}XW+WpVS&&|GN{rEDv?T^-Xs+|j;WqKj&>(~cal7K5R+Mxlv
zi@1|FEW>qv@oPud%&_r$KKR?7u&_)2RN?jX)BYBt=WvR4Q3}3WO7fvI)00mIICY5e
zT)yvn@<Owt)7KnG-Qa)f)`hUweibNLZNjo-Mn81Lw$ttU-CFeb$vR#IpQk@;UrG12
zSKk)8EZgH=jjnE~$wn@HY{jb&QiZ8SQ-?3x*ZJ>XTYd7beCXMsXTumJbIae_vAYD#
zv52q3Bj-Q$(qEWxEd6wcN_Sq3&zQw!VaQbaHuPV8`_`H1ufnIluixw8*L4?$1s`G*
z4E+U8@A_BwKN)JiqtmE`BLh-TasjnytMH>4I%4jHuT#z~oBys@Z~Las_}g2yaE>ll
zAIgTC7;2jMY24`E%dZ}5n8HRR&phwP`m*yKI$}~}J57~Gv&>Vb?_2ZidNOMjIz?e(
z?bx9sK3esfHtyZS?uK7JO-mf*^5%5Wl|LCNhd_mt+n&*VrtO?}Y}x#$E0)aobo0W&
zJHr?)^X7_hf|A#Ge=9v%$LHvSHV)n!E*wAT&r~g)XwAo@HMky-2dv^voqH(ctD^Z?
zX&UUR81sBsO7}6gBg(j8n%7mxx4oTr`@6PQ$;EZ#?1xa@!P7HcxKdVg6Om@z%DbIX
z-MirKg8g+2EnoNYd$V=e-1TM@O?qd^nb2SDGW)jsfrU|1Yc<dZ`wwH5rXQ`yw6x3M
zG1u0Z-fq%PepP&CKx&;~Bi?djxgluu+jjc2omJkajM<yW(zLe|hV9}e(n1-lrIl+H
z^X-m)59=Q*y567?Wx`;gjAlmN-4z28R`&93aFEdsU8{^DsIMQXow8=Y>}R2DfUyc^
zcB6-mSh(!#(5M=6kFVY(cf*f8aK?%rA<|WAKDu<v!DAjaXjznbrkZ}~rytv<Haa-H
zxiv+SCz<YJovrmBI^u+#>zfIA?LXI&8$}eiy8UVPY5%v)Ix$4&U$}j_?Mpt?tM9aN
zGalNLwuYPi55Cz}bdkH}+LfGReeUc-AkMEFzE#$0KmFJQU5*;ckenxQ6-%A-@`kn8
zop#jet*O*`{9tAo`n5_&*EOeBcemdPw$qffx_LCYm%X52-ir%O)^wdc`|k1sZ)UyT
zLDI?V@q=f-KF_Rhg?lXX9|suz58L5BGal3;jf#)0@%y>mZfn!U)#<p%UyA;mckMfJ
zWX-TVN4Lzd7R1ov+xUScF;5vSXT_prr(lQ(*#|yfZ=rWu@Oe(XOKBan5wR~eSysB7
z*v(8+wN0h@?z&&J9v7mE7Cx=MwpIR|%1zz1mq`%$C-U8%Q9<)t98Hb<_n(;4kvsF=
z-7){6cPqIo1%3N(%z>}kNXAit5`OZ3e>XmFlB;cQGjeC&2EQ3o_s*Y@!f@ghlgi(?
z>DJ6zKHn@$ZYEUFK7DKTWYk_ZY+W}+&Ry&7sVHlscsO*_aJd*f#`_U-mp_=5%G(r^
z8mn1bgY0ST%hVN7MG<wqRX!E8VXg-m2R9V!DqX(mmd`q$7$6qgMIlyCAy&5g;(?&9
zZewEWklgG0dwC!JqiAUfv;6P970N#^9H{pA!hyDd6^Y-%z4ITQeCS?@30|?z&LhIU
zHr$i7{hKY3#?4O|;rDGo$;AVd6DgxEH{laQ!@3{tIJHI6+iy_YzVTnG+rbfo3m!JL
zpm+{#xjeKDJ-pnzy1nVWGOadA$r-b_f9hD@g$^u2YKwRrlqYUUs9iKHZ%veceix$q
zZRga)uYV^}uB2q8$IZ~=p*}?!Zz_@=hSG-(ZjY|Xq_fYJ3)!=8&MO<MttGQ2A0o2m
z!NNw#z5KaZ&QbU|>ETtaq|?+Edv@eo6NgaR({47lV@gkZpr`dwYnmjzEwCgGoyMIz
zvwQxGc@#-jf`Q~y`nLPj7JKbNYLVEe8(qCK)4VB$)<hXp;+6!jR^uC+y>P5TJo6`H
z?w<c_HPgStM1`HuqS<+qGS|<a+>gk)>AM-XCR@2@o15JAsX)rI8?bpt8>*1@y8Ze<
zP)YZq^Nxfpx~#l56|bWc)>}O}?w0&5jSz$NxYrGC2ajMTDUDIoJbGBzC^y%i-8#-A
z(ugnh%}{;juqgqTu7kqgQ{Zn#pQ2r>Dv^}icjvDvn{aDR9XBTUkWHM;{Mb#mrmXY1
zF}N|&KDGGfoVvj;KJARtbS95_3Rm~HBz!e5v9fBouO`ve+u7>L!6|1pT&zQ}QZ{p1
z{%gR(GuPj*mi%pB4dPIJ+&4{Et0VDg3v_iUqCQn2cPKi+D|qAl>6-{yT9SV$xny-w
zW>;p(_KL@j-CKAvrBBhSUn-KdSN1nK@W{U@rD6!+1Jvh$J#=-;jEd^Fxe_r?J=5gC
z*wIV~20sPo6tm$yc?;`RBC*j&&1Q~ib-UUj=Ch0XbL;!=m-Fi6#RD()RVEJeHkiHd
zXk`adIK`x(cURbc9G!5zXn9_}TNOxbQk@?SZtr_DJ*5TZs&oezLg~>>Ll-wM>10)V
za1|m&l?K=!sKM3On>)MqIT~{JBHxWQh&&|n@RFj`3Uu)DSsv51`?6~Ke!G$N4!}ch
zRy#PtY$iDS(j^S*yFw=r2KOWNP?Ynj1%!-!d93Qe5fz!a#WvzGBX^l)10vOWS?Ts`
z5MfgX%B<&3&TN|_h2f)?=G8k>m1vjt`tRqv`UmJNC!bUp*<BfO!r~|mn{?WEa)H%r
zHJ}R7T7K1(oSt%~X-&$P^opCO>>8c0)oiAjS<N1Rr0I3H=0Sxm!r59IP|NpQ&E%DH
zej&2-3zLtwBA2s+@9z*~+&mJQOSNjl=4a^-v%M9GgBhn~-cq4Ohq$UPXFW=hjviUh
zUB+2=Q^I+r*2wz4$_J?^9JJh0%+V2Q`3@<rN~FfGE8SiLx?T7S#nCz|jF}>1rMv2s
z{9cs#p1zacDw4W{-5IPE?v#-h55T~7qzb;Y<uCIU)<Z^8F}w%_PqP1DZZ_h_{wZgw
zwW1q=(i<}tujQ@L5MlrNh<*FlS;E3lNE}z8V@lQJMkOa^JObCBGp^N><5SKA@1f=`
zUE@JfuDT_`4jIsORTyyKvJ27VOu5(Fw1wHq=MWf1f6l0S(8-Ot^=s~kQrC9fw!38y
zgZUMVV9t>`elZYjMl%meQ4*OuiG|?-U`Zb<6Y0+{-oohhTe$2DHCpfAQ&!<~l(UmN
zA?7D9eeD!?Xx|%)6sF{{Zrrl$y~DakMXmXI&#51vt?T8TIr;wE`&X#2^<NZXo~`#!
z$~<Wenv~vuZDMv6lvQj>advodLPPw*y042WJNVD8xC%s`7<pt#QRWtA-S4>0^iCKZ
z2K4OMo{-p-I%YHf1}9_rrhG%eX$#J3HnXwW&n^&KVwYcvN}qcF?LVif$?GpE3{`5q
zA19r7kX`QeyYqXN?73YD`H^=jbb7Sje=90|eN?|$6^L~2TR^4T1sQc%PMM`>`e&77
z$`4S{+dt}`JqaRqRYvClrxTmH=~kb`6@In4pK$|PmnL0mvVUyjdUWiwxTk2-JiM+(
zy=>9$@#hZkV#muPi!%n_n&VUzx3Y=cOd+)$b0Xg%ArQhMb`61f&`E;`<T;;}<q)tu
zt0$eT%BH-Ac1>J9*=J6H!8_2w$JXRVbizCA^Z}outaZR?@Taa;TX8mG$@NgaB-8%m
z;kExql|3{`z%0S)$?hp<7A&O<X%BKKdiv(PO01gv!qJ3~kiRGV9KCnSnL+)kAxqlT
z3XWIKl#vk53%~&96b8H6LZCi|7=$Rvggg=EP?%oE9|EQ|kq4I)EnQ9#9I9|<cRN}b
zZfX`|_I^kK_*&JM$9`V>=j6jJ&lr}HaJU^V3?F`Uuf=^>12}}vEty|*xIZ1a!*GR8
za$$IVv%6+9#}9h%cu_eEuoSwzeD+WyzZSN&k)m|$-ieNs^u>LJ;f>8s?FLWQ?k&6b
zbKkGswvV)=uO>Vl&pdmN58CY^kW>@s){IN4CiORwpqPx!d1Yy3_j*`MAfG(1c=5+B
z)8<Y(K`EJRXQ4sr)4tpG+wGHALJmVbAB>@*N}Wt`R(LQkku3q?uG#xLD}YX1&X1b&
zx50EB!Em@s%KGR8JG6pN(?Aum$wxsD>+C5C>Bl$RwGQA(B_2hq4g>uAzhizrvAE0D
zLFP5Ml`QoRE3)4^HhmK~yuoP$5OLo_rK!EkRa*?RaQfJRWAZ^Kvi-t?OAfw<paoZP
z?vB5y7wFnUAB}uKQ1a%p>!QAGx)nE*($KZHW5H54`v^=D<m~+y;De8B=*#>zjTkTa
z?MC<l<jxaotLcNh8eRMaiOY@|To%JAZ@P|0_EWdibyaB2q%=dKIXfZi)-b+8*0#r+
z(J$sR)ir&_b=dS@59HA+^30CYT^3<4#PQDypmn(JT-gFQ(x0V%NB8&gr!0`yPk6)N
zr?g=rA6zPJp|j(R7^YH2Om=WaQkHW@&U)m$va*`)irg&y^k#lhGRvk6O_Y{a5Pj#j
zF3GM8<9B;D#x>yd4$uSeIEYV|5ow!lja=vZc`(EtZFH7f_Q+dvPTirtC(lxFjzjFJ
z<@<OWSf*@UxbKbKVVc=V`}s^`u*M))`jQT!@WJiZ$)AVAyaL$oisM*(J~uS%^y;Xe
zQK*PEQ_RdxwccOzH8pPi+yFMw>-T$jU4lfdg)f8$?blxYvtd%J2002`dUpkBWl>Us
zJ$jNfa$Zxj&#m_l4W`_x7(*~}LoVm#iFEEf>N;(1$ImU13NZw64=y`Y7~T*(_}C0o
zp=&ntlCBVd;F`anQmGTYb0DqvABrkHWdl>7^v>4m$-ctEFsAgyp&bDT9Y9uh3Cwf+
zTXaKxOfMLHor`oTcNoXjkn0cA?YJznBrq^T<r%G>q!orw^`||2<hCQ5;CgCH-l<QZ
z2)QN-xfYEg+C|(=I@2Z22D6!yKSRs2=U+tmJ5HNBBZ`qZ7Ic^0_=KH~ilPD{cl6ZY
zgH}*$b7-M(qk(Wcc3{tAGoXc|e$1^ojjB>@IV@z-kyb$jxnnc?@exo~e&U%Z=ivKq
zA8mvO2)4mDrn4K6Ak2<*Ou8y-qS8Bb+uj(~Ho$#2_bi7#t@kfQ>sy3$mdqVoFvgr#
zpydC!Wwn98IBJg{b<g}H-cds&LiSC#VaGb!qjuy#SVtqNQOM!x%!M5)Ku0*qp85ns
zl}RS>dwx76b8!eq32VLoX;i7X8Rnjld_L@-Jq2djtxQp47tEnX<S@4N{<8bIG}Mq*
zx+n}a$&)A>Yh$?6wSojA3IetBsov0on~l@7xl?A+zMk^Rgn1lHu&x1j2XzLp!|<I}
z<L^O&QHw?wr39pP_3#Sn>hbUt8d@8DuxkRCX>c5)qYE0sZeWI89kqB3I!)}xzoOEA
z?be|Kv$|&7AI#IiH(evwM%6n5^tI=Eb(z-IoBEZxGmF5ov?XEvx2qj#3~{J8*KFo}
z;AS}utR}a1WYV5YhUO%ntNXEkG(-n^Ef{)M)&XiYQU&hgCf+%(x?4Res0H|)^Ufu{
z8kF<u{0AzU6)&z$O+8N4CM~h)*4#CFaHc8JpY^$=l^x71vEM9dFDv?TWtf68aIKDA
ze7`$}4t@qqw{V>~6+~4*&WwP?ZZ=cJ_iGU5Uf0}CG4ea|fvw+?aHQ3f%$@+1hm_cd
zef1qzO!X<(&K!Ao_;c_iNPZzj1KUWB83zy2{x3IAZf8pat+KxB0jcK^$YZ_$%kl|s
z7;cma-IxW>alk}3ruF_Li~?lrBnVz57np)V{$O*ic8!PE2($NNQGDd+ocwd8$yo&N
ziPT}<iBX4hA##Ft{-QZ$bF&%O@cE7%nhvX2#q)$IUk7VxROj-M$j!yb)lrxXy3xR-
zl&qv$?YcF0&mQbr9FG<j0&_fC&x}0mgv1{UI>K&zQ~`!i0j}9iU*z*eid;21;fU3f
z%zI!t@|_a<sME>zYpIoLuRTf`-o7)nBmd24VFB*hqw!hVeiht!6ty1tD|h2Nd)<<q
z%#Jw>1@h)=c|yH~_H~vokhQfSOoF{Tq2SCDz||YD>GtfS9gS(9XCcG;)dRceGukzK
z+QMV?DS@NB02u*wwEnJV8(|EU_02!oZ-w>ADC!LIRi4?7Jy00l-0Wv3bWHPgWfy#Z
zg2No9veQq(5$&OTN32kMW)?h4f6u>r^5OClYRWDfm_qf9r$*1OXI7ITd^0s`G`OIr
ze{1AOzQsqq19}U9l(aJv$w^-mHFPGO8suBWarG$XyDbUV>E!G%a7~%h;)N|KyX4%z
zY}%J+;DY)6qXa<K{$ug_S>EVi8rVv^@yun>uEKC8lacvHV}{1up~h&K#UuH5SM<s2
z*U(l2U$g+ljP5}@e#`|@wi^@P7OkFShhQIR5FL2ZB9G&v$QrsQFFwjY7H5Fm9nO?P
zy*;0EhGAyr(X$H<C-L-}s9UgdGodcVm(_-qO_DyvK>C2d(wa;Fn$#dV>B|q4@yqrQ
zQqr>WsY__@@Yof2xbWoKsL!)@qE-yn8%n~84zs*&7M~RzMnjr_c^@&Dd^4K~Gho*)
z@IbUj7=yAc4FTiQ(A8arw%A{`zwl%iXNt0(qZH@alstG2+LcB`*n3fve*O{z7EO1t
z+F8x)Z};RG)0#mu|IKukYJ(IU8nNk6+mP8pQxx-^;(oX0@J#W9F6bH}%6Y3WLQA!J
z*moP#lx_$(RO2ezJRA#?!E_9|Do{a7ft=<qs^xt=8TTB%&iC6ODEy(JhU9=Vucmpc
zlzjihNTjb_O^rxiZ~OJ!Kv<gDB9O#du`uY+4YMJly_9t!*}WmPV$XHViesZU-RfkO
zMUyV6`Rk{71z#(6z_wBjui0$&*^~F#5!GUny(lxG9g|O+ek@LV{!T-lxee2+!>?Q*
z|1o~#Rg6!C*q-5Gr|YACl2(QeUSmel8NnfN#_&U1s!$i-;}>>%eblT1)VJGnYOgdf
zI=FFZ?XkuHK-`KmuO`F)MD}NfEd5RM3{uaMG3YjsF}QX$WiZy1GuWLo*o84znKS6a
z7utI)Dfu>@3DgkRu3%y^ccJQWsPqH{NwoF3<s>q-Hh%RqZ%|D-AFL=w!?C1Tp~7(R
zRcu_H!37yCxi;ZdR`Y}=NsnB!&(DGPQe0gY@0OknqAHL#Qniq>(6M2ssRoF4GVfT+
zU%4_qP1bWhD^ot@I(%4t_^^7krNb(1&81+@rBIzpft+i@gjTf=6I!v~!bD#>QyCU4
zOqf5(3x^}y;grczuVUAAzBdL#b%5wcmi>KlJ6m?hUOd|>UPgtkzwjs~Ve3UIm*U?U
zhxy$Zhle<a+qs#IZcRD#Z^}5-&E^~iGY*5>G7i(YM}#b=J!mInGb^~mVwJS69<{EJ
z1Qw?9`5IH_vl|sB9X4YkZu&VebyOVnL!DVkpUa=2dJR+fu%EY1K0N#f8Xt+*vk<H^
zV@<bb{MxN~Q=B)5?ibG78^&CZR30@PdD%E+3**j|bLVyzB-e&!&?)_MUfEieP1}Zq
zmcBPP+YdF7Q8ba#)#hY76qT%tpN~ZoBK@0wXlBt;mew3i4f-9M$-&g@NY!b7|9k`a
zv34+na!(k+JYntcOa}hE8e<q=(#MSn-`Te4aTvBCV|m^7Y!u@-x?$`6!H1{-#&S`+
z6wLK0I{zPHyS)ft_I8$^IEeU#5lrXWY{c#DhHndh=I3k2wb*a>#td6W)MnwxFtMvg
zPbaK<NI6Qp-NECD%fOsh9@O$227=`UreZ^RD9W!Y4b0ztGq=5e6pi3EuVDoTMV{30
z_@p1f=Zr-IS^Ju7I!K#t{Ptk4sL~6|5Ei)ST*CZ3$aJ^R@%H9RZ9~7V9+@4R1A;X2
z%bac{@_me$QVTw`#W2Mjgk10ylE}S&zUEcDk#;JteUJVY$%dYLALiDcd|kPir*CD4
zAQ38QN5lKaId;sd%ebf`-?6dFbH6&zo??lFWhZ77`Z^_FFJw$XkfG7L3(V@BFmV1x
z(Q=`ZYxQItn<>e;|9XR2HKAh9jc3aehgl`}nb$~<(U#-s3SGRNP}1kTeHN93%injS
zoTuM^`=^YgwL6$#r8pS&x*v#PFj)yR@seFA7}<rHopwdh(xtdu{)vrTZtX6cMy)!Q
zm$Y*|*ZIyUszfDks5@hj*Ap5_#p@f)XQZyq_T4(vqP#ul?$p^gtY}Z(tR5Ihw1Xk0
zTsNWFQ&~*rnT%<z9)9ZiJ!a+H(90&-&6nIx7;EZVb$Hd`q}t>v-tzGN+DSLB$k*js
zra=)I3*2=N8xPQ2d;R<LgBuE_UHz(ezx}P(kji<ZnwY)YaL9s*`at&c`4?_{s)d7d
z%-k0KbNlTl+1@zT#M<r)ACK+|cclK2;P?~PE#5SSduiJIl5r1ze&2cP=jX+nAGD5}
zly$bN7O`x&?7h>EOuKWpU9bGk2rc-pfAnd`fggg0uSsr+^3>d0MiuI<J2Guwyv^+K
zHxMo4>Ik2r%)0}pn_ws83ajBt$A4@q%wLb}<ZpfFn*90E#ME?0Ox}o142!WfZl_+m
z_MFC35^|x=?z{!PgHqES=n~ZCmd|5edRhMJ{_{>bJr<x}X-8W$PFnP8e{Re<noy8v
zE_+0B$yvaWc9<m{dDyyJPUM#yE9^0`+0kOEsw;n|UK_ZnX?sR%N8_X;gEvK9p4u@L
zGZtdQHv?(_)_))So$GD!otn;?OiPc<&-d%lBQ%<kTnOvOZEjZ37TXo*mfMs(ice{H
zcPq^f_*n~0h0|#n_X2hziqxoJeDwTxFH#yda-_!lbZ*|~%&v$oN6nr#E3R;Rb9~U%
z>JjC8?!TeWuRgY=Q~Sk1Y_4l{C-vIMO&jJ^#}<yo&K_gV4C-_>a$fLn03Z%tM~l%A
z$i?K~_|4WWQZS8_rsek&3QVFS;fFi4%TA|_?ET=(J(ogcMrw3#C@?pBQ*cxIIFqfE
zW#@+>76vAP;%*=T$3qvAuF>aGHjim1!U#P+T!g(Fh?~ik`h%J$r8=K*#b@)FJz4MA
zn#FB*aQsK>cW-cNkz%@sLT7e41D{_V(vXhvDWAjEy54ncJ8*h2Lu)dCGT-vhg>bTy
z2GxklEHbav+;zM)IJ)~Wd+cZIcn!6`BP-wg;Ik3}W#<PW7B4BgCu%t`_MbWQqCFZ+
z86}f|yN)9UKFX(lYTr>0YCMzDFzByR8>A$EZdS5z22H{pyvGzIw4FDDPON9MtAnx5
z9q83*+@dBIFJTuX>p7c;P5jsxFbGI7=05-L7)q=1p1t`PT43uP!4r+gaFj=@*dtDL
z42Yp0=>|F2g817{#+$dG(kT50T%;;BxJv(|UYoRO?i^}Pv(~wI{P<@`oc-da*BNij
zU>z)B2(7<NrY7q$qK{9}{V|(HKEGN}A(CcG2OiyTKNP!?etUU8a9iQh+4x`xSl&N5
zxZY#fg93r*xZa(6g;>z}M&8`OJn2!7Yg1=-UAuwu!Z8R~M%j0nR{nPELc#VvF)E?X
z(>+L3^KkvwtfLF*>=Fu+O=*#rd5R8d$DZE-b<C#CxiLFeyr-cc(TnBOa)sH`Iu8n)
zfRZIH?)`y(>ztJpB54-~wy~H}dv9?3tLH5rW>aXy!7HGsqbEj{?xJN-XMUQm+4Yha
zE5nhF!F7up7;Ru`y7@(S9HR6Ub^Zq5>4K26>p#Z7#V40x&p<_Itb<UnOzF~mKG++l
z)4D;N+_dT*`j4Uh?!0rQpWAq4HoqB!GLfES9v_c1@^?bu9LUPt#AS<3$&9gWGc58s
z5?A>-Q2BGj*8lCA{I~?1?t-Q_JvvbT)q!^l;!#dgPf*bh&D%yNP=@+nU6Xr<#}wLr
zd^V%fPh5l(Z|*9^eb5{i4er!&27)aHMSq?A^HFy4sa9XkBEVtP(G)7GIfsJdr)+9U
z^CU8)rN_cecLyGE|8E}3M0=81kZ!@<_?1*A2Akb^LG!>EBbV)@thqe{)>!mt{t8$#
zeVh3Ohi>rSo!2O1P}rs~A8tkcqzX6h!fFCq_tR-{tus1~Lq3qP@esJ&%BZ5`L@tcE
zU}*H57pxV0Pd%SKe9h~=Wz<~Fn=wZ!hG1}aXA7CyXR9dRQ*R;2zF7W)CYuh`VJ5^a
zGMJ`(?m7ky?6vJzeAv*^<6+zx>l3*#r<Rv3L`bM9x3Y#{WrIKb>523rOni#G21kyd
zCRe~xBk9do-8=&wNu9b$Z!b(4zUFF;GB2c&9}f|4FqKDIVsLy(rBibQF}aX8MEQPx
zi<8!{PflndvKKd;n$&RYPaubSch}@<?-!uypK4IXEO6M-wKO!1-AA=ELEz0wC_Meo
zIn4fuvevMlyQMI-8x^{#Ptl*5;FDv&(0NUN0o={0KO#r$gBiZgy+`ph?9?$!s(q0;
z+te0RN-n%OZ15aY;JNuhtU$YxJ$F75Fmz(sM?_Yg_?2`zHw@mL*QY!5Hu4)SmgqCE
zHy7I5ZtU&uqc|#)$E`e?pWWGMT-k7rn9R(|;0l4s`pfN9nrUUZM|ZFB(<^N2mk(*5
z`XCj^t2=d|<c@RuL`v(xKBu<8;esbI=idQBKXh#=O?*n5`V_tVo^bm~%BPlyBM(Kt
z*5a+9I{Nj2g<aa?Q&#`z?xW7Ng=Asg=x>$?(RbvTq&tm+7gG>e+R&%yK=W^JabhJF
zycWM<R_eS&Y6^>6dUQAs8NiFwI%qh=;wkvUQshpm7C!C7qK%&(twnh0Hk(wNxdQ{^
z>}LdXiD$EYwFsQltepZ;4f0*r<O^}uU%a`Xc!AfTi@&zC3njDJCe?rc$PRYFTmpsA
zT_xJxjF&VMI)QBH2kp*#!V;lmF3VGV?fdv<>b3A$tOj3Z?Q!^g_S~gN*}%6>O4H)6
zRbqX4MvvNZE2Uu!A6gc=`cfn>*@sV?^+#c&&a|%`HmM$LPCU4f8iJuUb98;pF$KAs
z0^(_&{n<77_BQK`<b{~X5JOky#NTgUd;TX)AESJ`p(*{SkFWJL!F}VY_kEw)VfGKX
zcsot|Onut@e9bb5KxzTpcOhUyM{!gmW=S7LYzBGK_lw!`U2ZYmu}&^hK9FFuWrj2K
zG{pfQH==Qv;GN&$;P^Gx=kj{dUR{%2Ub24ZMwsRrvy8;4=p6xf6{PPst#j6OL@9Xp
zU;|2p+{y-BJ#qYQKZ{pgAanYSzCQsWf-X*ochZq**EgR%h2cj!y~=mq?labH<LrAk
z#_}EM8b){Jq;?RF9tI4;ppT?>{PyGwb>yim%}yNd6kly3Ht_R^zEU#*CbBLXe4H8%
z`Q-)Vz<Uep2d8ss{wm*lzq7zcH`6qO`H0%l5fyX?Bu%9bmXJxY-v!8YO%BO{(fx*U
z^lr*Wm*Ei>@)`hScHN}olV%(rmC&>uK6dR^^z9Li*9ZF2aC_eopqlNj$;FpxvN5_6
zDkrfjQ<(SWrUm$XV6)AZ=3o__wD3TtvR?^EtbuO2qIm%&u@Ff7d1GXU>n2SAMQXwV
zsLfcM-pZ!j!geKQNyputR@8!9O)VB$^7Qw&qS%XCc}%*o{=}$&#yCKd)C1VugfDD{
z-*t=`_~;&5fo6<ra<iM5IGsQw;=yaT7m6Sq%3e;r>k8PXE*KM3lE@EIdd%58ar|Eh
zDKSmzM9?ccP+Z^UU{o3SqW*rm3Y&%#SE9vkzp90HIWSotPQsVoO_-b5ctHTT#)4qG
zmL8L|ZL;=YFi7NQ0X@Rw3iAW$Xe>P@CBk~j`2;l;54KyEXhXy3{=?XLUZ3bIa>h1H
zb~Q7ZETW&^cT-wdMp=xcKGqsl)|bixRMu$VqGLF7N*`AFHjZ07G3)!pDey?5WfrAY
zL)gfpJWAc8d>ij-I*1y1eKsk0%-k|@d_3Y$s+ZKs7esNr16_&KMgRH(U#uO)?7|A}
zHTPVT*FJcMdGw=E*7$Y;&!StWr=gWg$5;9OD$m^1ehmsjTg(Q6Bw_}REubVaT$Ae;
z!i?XRE+ynxmN%FmhD6JbI&}2lXpbdFXrPli)}x0k90Ffg3#iu=Y1)A0_1z9$qYHp1
za<K?v+f^KrHXNqrK_C8pj^HcS9!a4rYImUKcWfr}&SQWC@1;(we3NDCoTUEPR4D>G
zbVmaY$vi<(K1BH@=k|sb!|`w=d69>Gw<Mg|+mFVEHXCfV)OhGmO>_cNsy5_~Pf_+A
zY;ncPBZ-L=CuON4bv1lpzWm5EuT9^trr`r(g&9p}=GB;enQsm*K+~{UW78lkq3|Db
zL^rR=UjhxgP2b0lM&L8kr1Lx9I*u6HyD^Q~{a&!O&C<K6*Sh3v8H~mf-7mVv;*JBu
zrcu4ET|#GIsbjilSO{H2OadBCnK@Hu2GU7{pXrhMyuKfp#&l#O*)*^yoJ!-yQkGk3
zU*4&6tW6p!#$nNJztUZI!I{<~4^m5X+27%gnD2#nwkh%?CO^{qdP(Q^JY=PePWX1k
zWoD==ito?C=Ziz4YYgc$Fl@?1d@|X>icBWH%+x83nLy*jk5(U_wS7u8KbeI@Z7AfY
zZ8DBGhISI-tO;mJ)1iLsM7%c24hjHhV{*hQ-+wQlLw0t<URJP!M{;8Lw9W<GW}|Hy
zq&>ev&-0i!VNtZ-iA9sU9&13!*G)P<9L><dmlD9~oE}Qmnz9VB0Kw*MecBagGk<A9
z*S`Ju%DG?IG@4>Pwf0!Py_;9ql(UF$!jIROfMdTH_=tvDxirf6w-;|W<p#j<UNH0O
ze6TibjxlcuU0leXdw{iPT3!13{&TAw8W+e~u%1sv(}u5!qxI*|$;|U>9}JF99`_X|
zP4gB$?V4q;JBG3puitda$;RkME`r@uo3-usliX4?BWG(Si)y!0uZ3{$th?LKIlVni
z&h#6Z_?rE*B{&(IKW*u;ypR95!I?U`j<1cm$Y0p2_MPKh-=7mcP$Wx0`qJ~`vs@2+
zbgs;7+&MaUGi9)vPdk(A#|}|~%~msuC?3O>2QJV+HmvgfO$Rc<xMYSTz7;YLSQ$F0
z2%rCI3q8bJXPm?sL_S?(HuvcYi;OeD_HEK>@Rc92BP4Rx!&odN$T}e1<<5wqM^kVT
zkrwi4J`?I!Ryp=<a4qH#u-nf(iN;>K1TS97S=>DCE#=?Ar`_7E@5ZA1^7)Ls;8@1i
z`62fKLjD39@PR_X_`v1(SiF=eaXWb4w!-^+vDFHwJ@*goN=+}5rAE3sF$3GQ!MW4H
zWw)Qr#jjI~;$~yG&;>IM&zU-_L&-nUw7Gk9jSDkb^X*J&y5J*pN5f>JO@r0pMa-+u
zupC7j#BHmMPrLfpZu<dIGKZCtWxI^6s7MC~=yM0tNHHtgOWPs)em<%lyp?rPzPp+n
zp|M-nnX~hZ3;SQwq`t$rF$Xbg33>Q@RMF_oXy4{lecJiGx=(8r`TPr)Goh0X!YlF@
zn90=4>r-d`_5&Y73ZR~{0=bdzgd9mKyX1;vtqt+x_BXI4zK+n1VX2F58Xqu3u>oPl
zY`_J4`WpR|@$C@hyTqOw!f<W~j%>uC+TDKo_IymkIL!u(X0shO4N7Z|pnH<}JUhs5
zco(;3N$mmAHC$vS#I%dd?#AXayZftdQpF8=#>!~EHD91-tSkXm+{2j84zm+qQlpu4
zTGWTSCd>6$vLLVFY!2dV5@5426R-XP6R%4Finks{>3n;ic7}>fBV*a2TX|4ARjDor
zS}ym3qEBP$BsbV`Z2d@#s@<G=LTl*<Yypja;$9607U9Su!HwB*6UWa70QuI^qe|Lk
zHq;%1X&F@B3}PR<4bvWZ5saugH{u|+tzl@!1X#Svra`_L6JSI`Mt8^)CWta@Hj4?O
zEi+z&A8)n<nk_B4ofp>!gO`D4H9LyVXCpsz21VB>{(~8*%PQto?%-9;lPuzKGL_!~
z>7EN-GX)G`S*-ro?_s_0W$jhIODesGZ|UILz#K#G!yF^OgHO9q4YLIU52zNe|JjSE
zb0A)t$je*fy}=xoLrrPcR;TFxbK4yEq3EIcy?oj^nDX=lwIZ!#i#&NkKpd96<xkLe
zg*XUTbX~THD{3i3%prqucGaE%3m{|s(fCPkb|hBs?&3<RcLM6(mqvDoY)j|5rMS9p
ziHKQHYaY4jXDr4n`4fzN3HnLyCVW?F!D4R2<t?x9Ib?%P1M?*y+F5ImsD1%6rO2VU
z=(T8p1`q;DGyh}IRipPezW)1nHcgnudPUb*n+w&J&NSuJkLDCMjLXKLm|qdt^lj7-
z@8wf$bx;})NevTmL^pUne#VJWxwa?+iPu+4x3;HV7SY(Joi}+*kIozTR#q7;T3@13
z#}K*OFVXbH$PW9qqP*l7-uat<T;Y-IfFMzS;*%Z|@F9yUcL=8A-MZrZA-w=YuX0*P
zLthq4AM}G3eX)Rd`Z(8Q%`V8tqbMh(>|-PeN{Vr<=LKW7Nru3-cny{z>4z|9dppk`
zHEl2fzA9p#ZHt%^ANTpB->{v_I-3RuqFOj1roJ<C11!!ZP9BeDK{f#0b|0a@nEMYZ
zfK3FZEY9q3i>~2!g*jgsEG2)%27W1Y9rFWodg8JksOPg)-B0X-l(5N+FbWnh$@op*
zRCtyZVDi{^4c^C&ObZ<NsFY?>r5%0R$w4D7Vq<S7%AkfXb|c`3fV>mLlF%4cs^Q;P
z&pvZtA!37-dQ>TG+Iv2h5xm(sI!zMnYPcuY`-Tll!6{@+Ks$D(lIhNp&Z1|H-r!g*
z-~dI$&E@ammgKQB7~Z=uuRNQ!06@|V*r5Nuu|;nj*8w&mC3-E&p$hBanoKry%9;A_
znLtFX!6>(b45mxY=moU%9?<z_7Wlo{#-e7SOMSHLQkanB%{c3f4}nKAn?<g?7w4}d
zUuCefY6w|mf>x8rN^R0=sIu%R%xCXoY#QkMUq3O*a~;}oBHIg;PP3S6r~<^-437Ma
zp6bm$q0+RbmNelpfXHIgq>3Tel6;VpJhqqZU8l}ceB}tE8a*2dX1N29ks@|l?ZBnw
zV=xxNIgUBmb8jNz7G@`YSm9inxQf0`1#uPU7Nj&B`V?nf8}@xxV(mrAD6s=DpJ`u2
zHp1+}y8=`5zsOa$)F1#Q2JZHgGSj<IX?|eRyz-(Yj?cR*4Cqm_Ajqtz!=rSZzn%Nr
zC3w^v2A&tZ=rILfooBCVz&_d63OBQH=TT|`2M}sMfn+tA9>0%fduiT|=RDDZ{lGv&
zy|d!0!o5u_jpvE58Iijw;XX!bZzwj(e~uZ2($Hiuhky3LfciZErmr<c;~a^@)x`0)
z-B02ADX|TVr%#3s<D%4wvz3>6?aPaCdueMpcA^bM9UjKki7wQorA}X3<FuF91Y2*5
zTu;M+4LdQD=m1N}#Y@W8WuoS~f)-8gCzZf0iDq9vds|SaliGozs=k9Vc^o}J&$mat
zEzW6h#PuOgIW)<ln+7)Qqw_@E6|(M@hKshuiO{uAhRzP|rQ<A?TzL}n0!6tSMClf^
z>GqQc_u(zM!e%#{HJ5NA*Bk>y?0H5fK20AcjO9>=eDcx$23k*jNLn1GLYc_(Ftu6}
zHsUa5we>*{-j&&GU4zqwV(5t*=bVvgZ*!k^nvR?(v%Tm)X~L7}4E*jsi@uZuh~z1Y
zkv4xN^+YkXhM-$NhlVhzV)dc_{yZ^v#*06S{E6F^KEtZ^uiC$2<Pnq8onveNR#Csa
z@~Rc&`Rh+{pN@@bWLMGp<nZbX&i(QO$#ilGfAg-<bNf#iYMQ~(1ifz2s19(iDPv51
z`FI{z4WZ`1O}{hCve@CBi7ei2WFJ3=R)?2XOr)I{o0s!%rk=AmB+&1^E^oJKkZ9h!
z-{XYCxRA3P$0T%i-bi$y%iutXHf@6n;GWE5Nz25kFYiCLzw+}^8Nj3jP|s>Mv0P@R
zY&p*EEuxPE*R22A{bl@>uV~31I1<}~zq}O)M_f<GH=S65cKPPb)Z057J)<Bv#b&w8
za21s%T5gUhM1!z}9!oEE{crFjT1fc9;#gtMAY6iJ=72#&{+mL_(vOWL*JRA-AM*y{
zcr07(_9JhZE+-D4ncc<~jc~CerGNoP=<9yn=ZHz3be4(i1FMD{hm25PCFl{nA#tq3
zi4$Mm|9Yb)c1jw9UpSl}(hs$Ec@1@FOZ&0w(dUjsyw~m>^fLaw4lzG4GrPQoe)umH
z!dPNoo}-_aZLGrrRGSq?4*xvc3@vaYEVxMLh-eJTmaW)mBEKKU6{_VV7)fCF<%-hT
zx$up3V#461G!f|fUv7*GKTR8EERD@ir`2v5P>iY8fIn;+NYxoUj!C2N-<X~#`ClQG
zH_iF=zjgF*lw~E>sZ07=bSG<Ae`zLOr*+m&EKU!2a5Hsw^?%0?!LB?&_$lmM>qZ`K
zzb?9m+;6N4BWd4FVb_}5Xs?)1cqvT;+55+Jo{9I_EN<0x44>A#Z+bp$3@H|A%J@`T
zrj7fA9PQOa*O1-3cFmYh%dZ>lm<;cqH9`3mL+U19OrR&ltl3GfjR$rGzcxL8VG;J#
z6U3CyDoB>Uv5|)VIF7cX9RlK=6ZXr(p-p?iqh=cu)~gRz=y5vS4(jnSq7}Z{&0hV|
z<aFBCkMy-%8{}XuKV1i}$trfHVQ<cIO1BZvtveIwj>hP(na>(e`8vrS9_2gO@OfZM
zZ1{@VnRVdH`|Xy6rZxhQb`Z8MG;@c0sWKDPKToSf;H#ndYId!KLq}rx*NkF>UwxU<
z79Qo{Ncegj76dip*{fd~pZ?UWZ|QIJeM5LZQ6D%E-jgY;<GmNIzQd+%@YNIW;}i5V
zj=gO5-q_Io94g=tc=^W08@i+ETeJLrW5bwWc#?*JbT4moZ;obFm*w^YvN81BNhrpq
z{!r18Jm=+6>uz}-b5toj-5+12KoY3A2x?8(g^$+Ux@*TwMWkV1F3wVXYwU9`JCeCk
z+7)~V)JkWNeBij*vP-OE=5Pa+*6a${nsAU(?LzSK<K9T=2bUqU<=tTWp_=P7C#}ms
z`S)(7zA!x>kCP2KhW*+w3*(<$f1C9O>M;uVm6v2L&+0bX0UqTnCgN{r?&07~m%>0R
zIuFHokk39p)-Eoi(Z{xpN0mg=>v@Pahvo12e^ZZ|h}bfeq(}`WJEi3~yPNO^KI8GN
zV3Ygne}kvJ!pCn+X~itl$VIZ=*Y8lWEb!*%(2?B6lSNWDkWhW*5V}@$K=Pu11jG)6
zxyw5}_+|X8SN)J~J_~2s-cBcwp?x4CxyAK-N|^Jtp*LNsYzBt(_Cdwist4yr`|^JG
zWucuG07z>KJ`?$5Lvs1|e=Wx%r?v~enuX4WwJG@%mtN@<oJeGt-blpdRvT$U76n2=
zUf!Qo{oiX3a4;iaFb0+?YpXFcdXqu-z|O)nBE>8+M+;M^7O+`t2pFe!Z`RD`=q);y
z$IG7r=-!M44$`{!I%GyWno+D(Ys~27rbhx1{Xr`ro8waTmvT+h0_fLWZ?UQE-J4E9
z^h1e!mPK(QdJG%3Pl}r(T|PNY%V>rc9to=o>B6EWE#Y3C!^YpVF^$-{7&l6LLsQp(
zeFnh2REt?{+SBovZW|yoC%ZG2WhK)sdu>xL0y=?7y+Jsp+dE^3kk+v|E$yi<wu6aD
zn(e%l8YTO|D{ZBIcki@Zwi!R1!7UP^V+CW`jWJXZ+7gYu2CUwsVPpC}&Z8gI=-5x?
z$c_}r8>g(0^CK}#%2kzijcGeL!Yo~LUPF77=q#z7)bDOtR`pq(f&d+MAsP@zmJH<c
z_Y3XL!yC;KWF})M%%art?l2^OmhIO-bv$&YC02j#UJJ+KH&D{=V3XPrOdwmB)P{F~
ztjeZj;zgkA4QnEpB&a9qIx#;u9U!4m^@Wy}zwE#1#D4xNg=M=sHow$|S%(aq>4<ZT
zj(tQRpANup^rWQ_4>e&4*HEb`EW^-kqEk*zB)r$B!$>x=+Oy2R%zi!dJ*MNeJ%MP>
zY0zT|N=VzBv0XxyrccCnE<yjn8`7S6SIU0J(eUJK0fU(MXJZUevImoRdzkENv<%3_
z%J+KwB<-Hz5{<80m<inZ_dFVRv$Y`c<6*TH&PwY9k5VaX{rbQ)tkAB93J@6?Hk^*K
zB9l({?{xpEc3-4v^hz_a-`ySks*jijW0AgtcUiLft<->Z`Q*^G`atvp8c%WNNHla!
zBpYJsS$bS64n!yS`ET7NYY-H%Vt$%Ub5?0B5Y&4o&|^-nEKWw<c>NmiHvS63Z??WO
z#u(``8-Q7@G2g!Zel-Wr(pdK1?FZHV#q<l=C>HZfV`A>&tA6+@1(LH9B{-L4vt%#o
z>Qzb@N;9O{juVt{6eB$I%Y=4-IMEe`-#>H?O2(9Zz-9?bzR_~op?N?^W8s=iyiItQ
z%m_?3G@@PBgD!2Z#Lq_iQ2M*HhW1wh`m29nhKn7>6;oE{v$TjA1y7bUvDwznk#H{!
zV7$C9rMy_9+4N_^a%B-Y3c@a=44no6_JGZx;?*x^4lLJlX2cW>L3Qzyg1*&9^n-g6
z#in&rb`rHNennDN)O0c3tBGPMo$1P}wt%@2mPN#{+`SFe5{t*#|8}YgudGon5B{~q
z8jB^jn7;k)4u_b6=Yup&KrS**DXX(lT+O(QqF)6WG#L_5i&}m+w6z~g9<Bx|^lt<Z
zIqW=|?*OQI!*NeY_OLvnV+%=bw-|qT(n8snXstI4Msl`n&hx+C8a*H%(p?fO$6+QX
z_obAiDv)LOt=_gX5Rw*xuS=^KKQ&pD*gA6w`s5r4%Oo(p3087sUKN={5p|V73J#+m
zKcI=GmdC(Oc1IEOB961~mI}y9E?ac@Uu=QvYAu?aWyPRx@P^c6o)Opt6EWvFlv)V-
z99N@16T8FCHSOVz&I~#<{X3qXhu}nG-v#1cqYg?=#B|K#h{(F|q;11oHF66kAM$DB
z#UtT88eA?DOYDu{B5Y;_&2&~l-{GEgX5)T-W*eGD3bK(>94Ny*`N-KcKYeF8#sz<<
zmy&$Vq|4=AKA-s;%4;}&9^?pV^DKJeT6)EV$|zVuL6_)`-IvjD_A!gioz)r7-9^E|
zf)w-dvV9}1Ma(dGV~Gm~-R3L$a*aG8gm(k`#+Lq&;*;Xbt)k(cbY`6Ho8^PdSfNez
znDq#~)PWQ2-Ux|mVY88Jlwdx&Vg-+69}B3SFYqT8h%FAH?vq^9hn7e8aF(uhhA<>$
zKd?pf)AGqNoElVYAK=6KGF38Z!*YI42gYY-z>b9skyx|MCkGZXv`rS{@fv9rXh?JZ
zku9}-PP7Xnit~*1(HY<Au7Q?&R2RGbKu{ilmQ?S0849Kib3@OkG`(`bkIpVfomdQS
zq+gf{Zlx!nHQJ-8=d#ElSEijvQ@oy|xHjO}Oy)&X8{%CJ=y&%~F3Q9LVl#>3!(yqi
z`O!{jm+4U2Arp%y&VzgMlv&Y5s$97_a=2jOEP5<k;-^8L-VVgxc4BW!4bH9MULL?0
zc^}{bgOL_P3QDRyX^I5Jt0T14J2d7$^XQQa2cBCk+ZCJ{jcM6W)OWS;G&<2Ky-|xm
zF*ds!{}3gxmIZn9{f=$n$pfY%Qv0wXVRm>`cDCCC@4PWB^(GtqXfr<O7lB^zDjL5-
zslWU9WVo03uW&qNQtb~JAgRI(YOT^}Ds6-&P=8-qXt_rACSzVN4+p?%NMcBh@HD(v
zD6+i*8~j4gCNG|zsXEK%zKFw)tpL#j$`WMt9j7w7<!fM{km<X|c*8pzGy-|T7Puux
znO}@O6Nj0wJC3>ZFZRlwy#jDzD5y(1$0m3^+p?5{XW+R&*$1>mdL`2$fS!hDBuna}
z7!2%FNu@<SG#M~usTB(10n5}P_=j`QW;trtCA=esROtmX&Kqo6U5U{)Vi#A2{udg@
zXg`>4IIy4G<Y0Lg^+>rT7&LKX!Ni5F^^h>8VZ@V7hY@V`Xm}9+1zv6J3|f`h5h|%I
z>mR_O-Z*;xiNz2m6btjyp8_4>Wg(8!q2S(2xCd9D%N@9r|HRH4W;DS_Ax~gNd}-<l
zFk(w5Bv<|G#c{NnYQg-|<@rB2w~s^-xITUF0ryfh#=?e-a4<8CBN#ZnLYTx1v2<~@
z5$fx(cy(%pu9MCVfg1cLA#Zyz0OBQY<&?(cLbfeMqsoR4ZHfg$nV+qM+sm*|PPD^<
zXt|tI3cYkQ)oB)TJq)?N&77F?3~e-S$W?rL6AWaWmh^2ZZP684(CZVk%=C95cJRCx
zGXdSPtc=E3a**dT*?glMTI1w`m!=)#`19@OIQAOY%bDc07Vt{Xk2AupH40zXo=s{z
zDgH*SR2qY0#A^VHsQRqU8StdTpFGgioqh*j8TgO-z-?W$FT5-#F@Ee<94V>T9RO!A
zbXY$N!MTqppMC>g1(Zi&z+sH{oF#egSPhsrt+yaH31e1Qdc?6FJf&eD1N<NR-N6ah
zp#0bvPbCJhZ~67?lS6r~T^u0k*e9QG*Np|(NSZQesWL)J1K|baTXemIw~m;bUFObU
zOsEEon_d~rMkD8TM4rZ@Gfd2xuod4aU#-Isu!JauFl}cs3;lleW~yB*pqaAI&A^aa
zu~-&K^=sJ#Mf)j|9+ofVKSlxQ?NNZu&R=MP`sl@bpF<Z&TQLsc73#;Neq-uKc+#>@
zBjL`SSq|Ju1JDGj<vBS8qoPV#_{10dLtKcwEJ-kooQ7uN$-at(;8mZ~zWy9Ikn7{f
z{yLOm4mf%?^}`(rL{{o^&$6d25KQN8ywUI^aA#&5sF)l@_r}YHpYw*>HaO7w`_sbU
zUaBKVn8Q{A@!oqP6}2A8WC?dNRNvu0xVU(`hQGPi1s>Be;i1<%<^ynVz^{T6BZj>~
z8l;qMOX95yCM1^2LOY@vmg_WKaU{iLd-(+d!y04}FPYaE7@H_sybQ~PDV5>;p+5p%
ziUk2#^*LqW+WH~}UqB<mOLnHCmg=OAgr{gR5I*<!O1K7iiMGnXW0l{hBbq;u1yAp$
z4Uvl4*#!)T4u9X10Zbk-bA&rO?;(gh7ZKOnM6qyNHjS4W0+HG!#SWxrLY#P*g*GQo
zgg!ziBU@GnYT-Pn7m-2211!We=bk0%TV=u7TIr50Ly;UFTEYLpZ`t>{n(FY`5<P0!
z4C;LB)g8uN#E5v%rKU`@VC4hES&2HuODYi~#@!YoZ5dXTmUUQJ0x&dK6(%A2@igI9
z?PVey3!x-P0gD^(u(7qmaR~oZ0NT$H{j)6wY((cEypb0z<KrO{g*|;^1kWDAukI|T
zDZ0#O1sDCpd(EKbKSJnTL=rJzn<9dL#AIwaQfWVc6%(PYWUYj5%bw@Ci;zv216g*1
zgt0zyCQNS?8VFvR(}GtqiI6G6IySPe`vGyU7`*&e8T`g-NKpQnpAla$;EIjOp5|mt
z4(Y4QZ&kNn-vJXZTEv;GFga^U_D;ERvgg~hL#MOOEqK?h<=MF-OK{n(#u`caRZD;&
z$9PHpf-_HaDhi7bFcVC<C@fZm3Gt<?FhMV0g$a740v0alHB(`No{I_-^a50vpcg4%
zT?D-Z6(;DNRbhhO0~IFdeHXB1P=99QZKA@I*;nc=U=Id^32RzzSdTmOBHHV{&|o~i
zd^y^-8pdJOec=ElB}?+yN){fp?Dvh}E|2A!2*VtYUU_0}(biL7tRLrZA(*8WxN_^4
z*<lQp&FZl*NH2p3{ZhO@9VATlh%&j6$HEK^D-<6{7qL%nk3))hI&L#kO%N_$ifaNg
zVxc3JPh^oTNcN&HcOfh#C`*GGC}_wWXmn6;Fq%>I+JCFgxu0Jq!{`!mg-<V?@^hmk
z(MG`d=g@#>iLl}i6ESs@_<<d8w~okk{+quiA`Rt--=H=sm@`uZAz2BS4~0o<7KcFW
zn5Y;L8O5|1;BpUq`7-RwQ@+SamZQVN04!vY!4VH|0jd|Gu*CWv>GE;12Y}1*))#rh
zE0Ov&kuL;|hNs3TrNoROZP5OlnN9*QJV^%R@aBc3BQeHbXCj2VfkLd07_3om<S+`e
zPI~c0Tsq~yC5ElU9*<4&)efP?ia0sSrflS@ps;95FPR;#lWHE_4imy}qRYlgm-n$t
zT&9x0eoUpgg{lQhWu&~a0~9r;0>(}+%CEw|zT5EFq8MJLP(g0~@#AXSw%9upeB`qr
z5UiHQV*lUW?LZ3B2QSJo;7F-TJeGKg7=R6h@`khd%z1$h*w<l6hF(hT`(E1~@O%jK
z4tZ1LAbfYFhY-#kbbM)2PiJ&;R@a9cZDTP6{#z#SvWk!lFAoCZX2F?_P+C0!8z5k~
z{{-kjWwL<P6R;=&TPoTf5U@%Dc3HrdincEWtdfA42-tSf)>gop3z(;XZ5M4r1gyD$
ztrf6!qHT(R)e^8=0b3{977JJ{0jnWk)kIsq+yW6*6L@^X0AO=PAh|83^S4TtLfVNG
zqZrp8^g5`*R6G#|LsUE!Ch$Z|j})OGRK)6tl}ZHFizP;=NUrq!+dT-F4HO%aPKoh8
zR<Z>Wz)G*cYXny3=oK2TWWV}2(TTb|RxDd?qj*Ll`)MO+EISGqR)**$&k-=(-(;{}
z0w(fDd69rM6L<?1o;APj=D|$*rnrsN$yLeAE-Ctu>Z&k-$9_r*d!8on@&w)+0Xr#R
z(?r{70ed50;R3c$wDl9P9|G1zz!r+O^#zRYtb;ewxJv~yLA1Ro@SX~oPQWGzdK(3d
zuP%UIsDRB9ZM_AI7pno!LBM7SdZq&QQNW%l{z2}D3}ma4zYu>har(oNB{~eERsK={
z(GC=fD-p~*Q=E(35n0MsCHW!#V%GH+d4hJDVjbFFRDy!TSAy$~qLX9+n<-#Z1niiA
z{VHJZ1?*n|>nQrzC15iJ>^A{BCSWZE?7e`!6|ioik0Sy$Pr#-NScZVv3D_3_doEzz
zL?8PEY@UDx3Rs4KwGpr{0``}HbrpT|6R_C=c1BpjR95o<b<Y*iB#+I30Gp#Mh0CR(
zb5uN$hB~TvBD6UQJYj6TM4;3Qd+8<YMb9c<&}}Gg<<U!uS*9cwSR`UsmWXzblmY+=
z<v(Kw5s>~cDPqdPdg*xt*7%(m@Hk<;rQ*+E33@uVD+z5@i?QiMhFn9139nf#W)+<<
z{2BrlDi);mm6Zk2k5!z(28)RFl0~9vgQZ{wV~Hl*+t9=bfts31+W|^hlxW%u7)^{Q
zp2*+_h&)ddEbzpXq!AUK0W?vkZS4h~;7>C|zyyDq83HEwldCJR>ViMnM!*DreA@%M
zt1kHCIV8daf3k^aEBKRb1x)ZKdkUD~PYw|<l|PX-=$w^l3i3K$@RrXDr%7Q)y?~iD
zLYe%u2*7Mr23ISVs>5w#b{$gk23f2mAZewiFp!{XZQYd;fUV$A!#1q|FIGrP!-{_h
z6CG=;mC?ltDQLO~m`cx8ftjoHSfLW=nXB|B3OtowxPYnjsw%LTD!qmRrqUA$#!Ho+
zNHAWi^xTxTlT~`d1x%$EC}1kRIRd8AtD?Z1)wT@;OvP)hz|z&QGgVP$s91=T21=OK
z!bhSYGQ5Tfn2NVWz*-5s+X9BW>FiRXu^xBI+2uTZ@8oSzAE0Lelw4BAuOZkKs+5|f
zrUGW*zsp0&5n)d<JIe))O5q$mZ+t`$tSLH7XCHk5#toIA@)yDIlLXdQTTii1HHXmh
z?;_z_e=(bAMXhs^3TvUXZLPwTzgI=n6hbeONe?k|$UhW4L@TuyB25r5kz-3w71&;-
zzC$EO0TVfnG)KV1icd-tFflzzp9D-qYpIuji787GCB?lee^~-g<*!VEEmQg92kr@3
zrt-%(a{;FEcTBWZ`Fk&5Du3MsOyzH$fT{dt2$;&>7X@aEo80UQR-&O!ECS%T1P@;F
zaaYACb^P-`LI#NlDbE)KMcJGLE74F_UpPSu|M4|AbfOaE-zfq?)uO*D1U*#=nhTgJ
zEoT8!CF3t(suUs=n5bA1DOSK#dg%hD(#sbxm0qa=6BSD$H4`wEo{NB~^a2D-r5CBd
zM8y(5K@c#N-dO=t={*oImELy+CMuTj@s5D079&cQv|`CDA(e%yvY>a5))luqZ?krN
z;U-c$%j977<q1*0RNG)`S+|+zf!)^snXh}heSyWpg<l_M4zE#AHnkE7Wj`m1bof>Q
z6hxd<_46O+h2NAFF-fc&q-(Ci#)L`4i=ZUR=J2~!JWfe%l~}Vuph-iNQ9ck-BRiB>
zsHU1ELh#}w`c+fNEFmKDR!JcZVqr}pl>Aewqc(1(%q%KMnGB^1D$|D*25XA6k}ObW
z2emXsJ}LgAW*wxNG9&oo2}gE0^B)l<I`|bI4h!YKUre-SLeP3!E-ksDU{K_h5+0IZ
zS7HN>r@<qy?7FG^bvR4-*#!=ptV|}RV!|c=Dan6zVV-2ZBEQNa(376Z1c}E{89nKd
zB9{t+J&{&QPgIzaR!VBtCeli2w~9BJt3&!-g*8~lP3(f&?;%C@HB|maD6+3FT#6h~
z);elhPIB3<Eu6!G&tbV-9N6A9EJ(7|jy;u*H;bT2PAG!$R0WvJPE`UyJf+Dl2W6!s
zyQ&05y==1xn&gCH=AI(mA%2QR(qo0@4k*Q^P&_ZjE^lQ8q_<KnfgRd{kyH^KYx*l<
z{ZoYvQ(#L}7(0pp^@=_!Oeu&;s){x2L>4S@f<(WT%AtTnHKp39B<45qlpebVC@WVr
ztt8fp=DLV!miQ{x)<hM4&N6NZqTC1{X(+>}Dp;1q!lA9|!NU}b@ls{a&o0B+V=-+L
zUR{QIy{Zp>b{eY9BK;)(%1TqKrj`8IHpt#h$VDsUS4%KR6rNYApr48zoE3{A^`M2m
zw$QoEPk0gHB;0{yDa(Adwn#*AQLkF1IC~>)P<uYA^sLfzRIL1}8ty_A#i{iulCSIw
z+luX9qT_#af%tC{O4lmMq)rqZiQJJ(K`RQ5L?nsjQVsHgYffsdGI(9#`Mo+0rQ#?}
z7Qz?Fq(&4(iAG7hEmi&!d-CvUs-{9Wm9jyUI<34^{>pB)YDE7jvbR#%`>L?_Oc)@!
zsN`x%<zR}OCzXRK&d|CXOwd#NIHF7|YA#L!6#mp)oTMv%%hX2Hok^%NUWcBlVKrOE
zyi3kgW%^NJ`j+a2xys+$^u%)}>~c_65Dv{%f(Z&iwPH&?Dx<rlN-$TMlsr`q9TbZR
zRfDvq7PlC^uc~1s8ImWdT=QgzNP|>y6)B?rOBL%>g_(XTtVn_VrM8`_h`*l-D^g$&
z)wZ1!OH~VwL`nHIPAbnzQ6!Q5F$@%;#)4bm%>>~!mdc-Goh<4uWTTRdcTp$n%gQ9T
zO_gb(!rp$BJyBBjQYTHZT2OON_!f?DOE`<wJJBip>EZ={+QD2O>b5r=@m7=`sE#+4
z$8u?~sv|{I<w79;adINLt7wtRmMnhE#Es36!1+s84Nz8!X!@q2Uou_M`8ajJp-Olv
z6(tP#jedpcYHDK(rLhW9!lJBZHY9|*zqDKxbiT3#Q|nPgR2&<sbB(?_SGuhzn8ESZ
z^DL?JSJQH-Gv`lNU3eD>;zHHpxj=sLeQlyq3ufdnm$aptOGsNeJyX@NM8&bX${*j&
zhNZ45znhA2;O9)d+m}jO-cnWEf7~b~qO#}4qlso_IT#nS=C^V%?t>biaxiYtnm#J*
z2+xzG@oK*TN_1MT@|Uh;!mCvW2~{@k>Wd{d(N;arL>a3(p)``qPdi@iIFMVVG*DG~
ztg^glqY6-~6wG4P)L$B@C{9h<NT4DuaRLD9hsu$#HY$gSO6C=yTCYZ_n5E-!T6Reu
zT*IOGr3Sxl^O5K)sv}XhQe~|QQ?^oNjS6eW#V=c`u!9P$oQmu6J`%;L7eapJyxhc3
zUpRl(=b5C{f+Kv9!@VI~9j_(-i(I4$OGFC4{J3`J-8Gzc6y5J*x}Udb;m2FIX3SU=
z88iy};Iw#{y!^43$B$=kZfwQf;!-7F=R4FNTsHXrTsZ&RhE-_Lis0DcG0PiQ_viI~
z{N1oJuKY{(hic%ZO-bgt9a-NB@~}@nCTFIbjW34N`B849z*$DQk>wZ$_6r5DgTo?Q
zA@eaM&61k)ak2jj6r*9;wFbYlgFI6y$mJW6)+v7(+Jf0TC*6!^aMB3o8t`L`IHvWA
z8k<wqO7P2P0F`Dbf?#{ymiR#=oP}}Wf<4QWbeT;<la+{f!-({K?%cAw5ox8I$4Epm
zf0@jW$;ls#2CnS;`g46SHWHP5<EoMHlw6E&g(^c)N_)0U@>~H9e7!9t8S#9P^Q>dX
zI~7U$b0uyy8n-!TTEjNx738j5cCOrNnQE2nj3=WCvhw%TU5$nkpipKRvx2N7X|9YU
z*K95qzs8v70EG=BGsxvhqGq0vQo3;qv%zC<aCno+%E6xNn`fxpW}fqSmB<biDBOML
z9Y!;&;Kp%)e{jK17ARU#GB=*9D#$#3YuM(qf;^v7_GHCR&Yd^UkfdZ5hdFmj4(9+r
zDF#E~+-at974BmOr*x>;UAQaFf9J9P8Y>;Ly-MEUMlNW%ixKij1(_wV3Njb8{LBbB
zjw1)K$yY(<iJg+iayITM$ZS=pAS*nx3XmeCt~~gf8&T#*gW)unk)7Y+bC{Op6p9KJ
zLGv0Z7m~jsXr9?}?q2hW`X>Cw76_Wh2yueow2|HMfSt$^dfp#VHY-ONxr%{THl#o!
z(Yf$#<wSN~U!h^oP1o7TbVXs1r@P!&lmt-XJMnxdXO+K`+_Jn^5G4!bX)hn4)Pbv|
zn5_-Dl(b6GC*H^$m2^;UV?<i16&l#It&ncTNuM=RqDTvQ9;^&TiDB_Za!TMyDNlyE
zeJIBsiJ?JxzYrNB&xpB=X_Sn*mys54DtlRs1U;-tNKbBg4O!)%%OjEf_!d$2YPqQY
z<0lLJSzS^YxKc~3X%q(?_}?Pa!ue0>Xa1?06GpGMl*V80J#|Fm-Y)4nhlOre`ho5B
z^hH-EBh2VGPQ=lQE*JhAKz%x3Ap4ud`O9c*yV;7q4DCw4A1B&Mw5?_Xo35K@)6_(A
z{uOOH(Vd<!)7!D%KGnn;QE1C3Sb9*Tmw(U+H9el~z?fQ>=OIPIc!*+1^Y_wThPPz<
z*~=KCd=%~ZD6A-wWI;KRZbz{NdIckPS95m%HNqXXis3FDNdH&p)??CHv57LO@X(g=
zU}D6trzM9nVR1=%a(+#W<m+k0aa)!jv1cm|wKRfSGpMasd6~s}FzNUk$=4x{Nm6H1
zUKiT#TyK5K3qrGm<C>SpP3+6*MwQo_H|N*3Z+RXLaH%&m;<rARq|@f|GCRnn-qc9G
zlbDgngN<~-+0|Dq&#qjXQ&?j};fyKMke!h(ie1?#(v3!;Ys%!HuV_SgJtw@`m~dT2
z*vpu(CnM~<s=Rn~JviaY<p~o$I3q(NWo?)`n++&0O8sJv+^4)G$RY(<V}v}HBgY#d
z_u|NB`xqh5;>c@^kh2tIW6BFS@@6As3vQS$#*}Ar<fTT)I}~JN%JUHUUfr&R%2@!&
z#+{5Bj^zy_jeD8RdueNg{76AI?qwlIwl_jv&z<nQF|sp9?rn_Rnkk3{n1NKIq}dRr
z_q4X<T{E;c(|i85^41{F%ch}9JKD$^UND1_IvAN*f<o9RYJ}F}gjX98p3Mn2H6nah
zA#4;9132LiMuU6HB{9W_!e{2ll5P1&AT3x$L!oAq5f48Y50)&<^9Zi3#YDN$D9Y)$
zcrI@&9|`=|u()Gw#BPc^6Yxc&sNuhv;jV2{UhFzMCLQxZ<qcgsjq%`M%<oq&vt~wP
zYs{hbjiB8))Wirnl0z#SK@}y>Gm>OyCNue;y>v~;CL;2jYiN>@>T|gZ4l<ftV!7V7
z8X3e*KDi7snhamE;3rKo66MJ#syDf=5fAg(DD-oT_#Mn-7TVruY+SzS>&k0h!)NIS
zMsq+SXV=ciF?7|KhSH<UQ;>Uc9y%HEuz*|NAfr(fbA#|QCd?BE=PgErvpC@{#)R4I
zEe$my%q6+f$k6n47{ks+o=kpn#r<VO!O)5$8)Zl297jH7q-BE{LylNeo@26;4?4ye
zxdBHunqJ6bj=bL(xjIKS3KC=kXJe%?vI$2vni0tjjy%H{xduZnHF70#lp_x@M&@2#
zy3uHW?>O>fBhiIc=9G;G=*|cD(-_&BBO8m(ohN0~WG&e=O0F}t%Fm6A-kHamrpC(l
zWL6(yl!ZzsR#CsvwJh%o<OnAmXhb-DH498ljr>vX!3i6=h;)b(u3$v?EhDT+FcRBb
zCJ9T=@}W)Y!6=xvE*}Qvhs^4$8^sT86~;rhktlUsqkWA=;lGNF!pz8RQru`LmWUC%
z!&w?ChZ^IuG*tT2m@ZF4`xzOEj^}k%jrpy}l)S=7l3LDhRbyyfj%zfbXqzx-Rb!|X
zgElmZAF>~lj;*nLbC@LkjlvbV#r0-sB#0Uucde1$8gRO<MtbA?HZ)4}HS3tvYZ~#J
zIDkn#-biNNEE$p48Ohg%d4Rr+kuLHWyP=i-uf6Y#sw!y$Y(z1kh>BuD1asn<8AW`f
zm{Bl*sDRG|m=MJP7`SFs3}XTn_05<N6)|7}^p06EJQWP6_{32eOkhCF+qbK`E^l_v
z**|;E?w;fO&iQ2OR##V7S65e8cUPORJA>=*c@qlv76A{{P5Yt|w8Gc46_29Wzz8wb
z-x*vXE}Ifw4}=?;5)K5yasMIAIWA$sF-&SkQ$@?~0Nq*9#2qI;xg_jOB$3~SBbzKt
z$Z3w;&lI^8AZME*Z{x__O_BK$*xwZSF-Hb(kuQvC=6#^N)f9OZM>biFk^I_#Y-fsm
zgCm=|eED4EPnjYg;K)@>dA0+}uBOOuIdXLq<Pbhj%r!;62xiGx*A%%qPzDXC&w7y<
z!=SGpnAlt?6qIOUzv2UgTn9HksfCFKIL9z0k~f&BmT@*GY+@6n37l|u6T*p{a0L^>
z$2S1sYNmuEfUv167XmJU)Yg>3Dn>!O!DRG5?8^qPeQy&U-awpSwTUN3CV+nTGHu0l
zXvLUbY^d?@gFNgUTS=IDa=OmI?o$&>A#VcQ9;RZS4nr*3Wac0fpzm!>`Mm@DYF3)G
z?J5`$jj5M$6&4bj#iqCrC(z6{h4Q{|F_B~}#F%uZOA!t4`a>o?q-)O<O=@7;WUdhD
zrlPa}+?^(()GmRZZ*4+X-<|cFuB?e#8-U-CPA2>YfkSiL#PcN6K)w%qnDl%W^hL0V
z-6wo;8e`f+ouTJ_O`H)@2=Wc7VZy^b@Mq)(CautQ0fpH8AHu*|+<yqej1p4QlrT8=
zauXB61SEOZMCv3G7_MzPl8bo9jWnSk)dePMn|MT|2xbZSfhqDTpqy$tl#8OF>(Wh;
z4{&6YDTQ7R0OZ@I$UOns#guZ`IzT>aiX6z1O(}<Q+i}bkc?clSHXTY~yn(w-k!Nyb
zlh_Xl<D#2vitGr;-%QzX2G3KD{0}n7`I~72oj0)tN^Cgt@G1#`0ip{vQF<AcxzY;L
z&JF~vZ*OWp;`*_1bI;V}4=Kg;Mc2lZu-7@Z7GBY-xM?FpIAPNv;>!sG$2{&#LSQ**
zZxR6|$6+v3GKme4hhSEsO#Bb>2G-goO&iw?Oz|jFQF?*g>zTHq5456;$*|G2V<S&%
z%5D<4o;s6&IL+I|aAln--77%%Pg5Q;p*zh@`K<z+nXX33Ab>6~mG4@Bb}I&zx4n9F
zY{l3iRo!k{^a^Yq;lAkeMNN1mokhtWM}K(uPB}NM-n!ERXx<0d_wEII<espDOr&Vo
zX!#rVYV!CIm(_5t(;m)IYdf<o8~QE)Y?7C3!0ci?KPIS!OHGmlyDuMMgN?+)3FAs|
z=tB>C_4FnZY?73KnlktSE`4RT!^*QLND)Aa3<jpl{D*0Ng^h1838p=PX&pZtAeiQd
zHYPflG7TqEC4L@NFr5obC&4ixWZDmyt_GVj$TZwGlHmvoGCd8L_W2LfD?!pcd4gct
zz?p`;ASmgMAZhpiFwL{Jl{J+#@T`I3I><BREE5;zM2C~PK-toiGU2<27O>4FS|~2@
zcQ92C8Pdjy!?&U>@<nK3_5WbM;9yV;#2(FdqNTN_jWOCXO_2G{x6p(TIPPYItu~aC
zGwd#hC~0WvHkDAaIM^Z$GwlMB2&Wom!!|OCgkLzD{U2<8eIgZdFd_CE5Mb(m1jw(_
zZ#C6xkz=#Vf7<R7nWf}`GyePUs?$HezfJElqB}FB;=Gp51=6y6czBHX@%c*(OM{mO
zokQf>Omeh5&B?<@tn8w~t_VC|71l?<W~;DU{9LnKQ-uu_u#PJ17N|XuhpDiE0v4gd
zZV6uORM<cPb5&ut1TX$7Y@mS6Rbgj1FIr0#)>XiY$>0p<MJtY!Qn_>$uwrsK!+FuV
z7o#U&#bkAc^P-(t3{Sv{$?vG(rJ{;=RMcBc21i95EsNm^dd1|jLD0h_FocL)ecEEO
z+92o!tMoPqdd1|oOVATXhN)bX=K>VH(L&xv<xiSym&019^mYk)YBDggSkMzkUTN9I
zf}WpRcCnx*&YCEAf}Wb$g9HnDR%+Q`QMRrMYbo%Yiopb47ZuiD;ECfDv|e$_R}0VR
zPzcTIF7PI+Wh-)e;`kaxQyv{)_{GTC3A8T!v;{>d5+@GB#6<wQ3zh;_jh?Di>%c4k
z>fL^luOx+4e(K$RB8?D*1Hp1C-)D=X&f+izh1s(yjW&p%)}kQ1g||{1;ifQgq2#(a
z$WCD}hts@E#qjELdWpsGM74><@WAvD@ota8UR!b9=uI&^!JjztO7W_STai6fo~sJ}
zdZ=Zq3jTN|S*4Dug1-Qjzp8@2fMWCne*wkl3H}1Wd^382KW~*@eZil%O0T})&s(Ke
zU-0Lx(yK4{n^BCO;BQ7TdV;?h#pntCW)!0*_;XO{l@$E_RSYKhb5QHxJ{lo^6@v->
z9MpPC3jY2o1{3`8jQ@(PN(%n|Qu!+>_-n25GEwkys2EJt+gjy?yJPe@reZLpr}Cma
z$D-6v4i$qTJ(ZW{g6BiUV1iy#l^1tGFQFJr&}*vl!aXmV&8-*=>8ZR}BE4cTq^I)2
z{Vhtb7);RXsPghqls#DthIlG3zKB;0hIlG3afnw8hIlG3c=_vOF_^$pS#c5Mid0*d
zFY?C9lg|{qvZ4o%Auj-na?zfXtoVw6_^Ui{uZku=6*qIJHv}iLsP*LjrPA;GEG^Ap
z%THTUSdq9QldopJ1`m)Dsl?A}($sPy-zfJf6><iV4%6tY;)y&$#@Z@O+>64qzO<~!
zQD78@v?&Y@LDPCMH3l(=G(tvkUxeZbJ8yKwIy?n`I!hHM_|vJpcnbb>;vy_fg)aEh
ziL=NQCiv4;ROt!+bSf{Nf<IkL6;JTTA5KtYwHo=WfOxBszd9-m`D>xVkUw$Diqb>=
zFv$#Ajr@tj%oGp#6X$Lz4EYmxqG%dD!JoYa)>}#NXRpejlHkuCGXRiEf<JpzE|mm-
z_V8eXB7;hTKYLYHl>~qGc-xy)68zb#{hLHz@>6IKdq{|={Fx-OINPf-NP>f-6ptSj
zRPgBQf(kydSLKo<E@ar_^>LCUt~J}MvPu&7EbP^c#YsvkV@6MvpGNSfSLLS>{OMKs
zX#{_IRel=5pI((8UxCtfm?}Sw;7_m0Pb2u#tMbzb{`9K+Lc}dAyn;hhF3~5-SUdEp
z{6fU_c5&2_B7}&`ws=UM!h~+<Rr!U8{?)7U3lW!u^s4;S`~awG{KzUba4NZcabHQ=
zhOV28x4Xp2UCLj!@E_FNc_d%xmGp_9B&D>gb6=3m7Waq=`6ebiV;l4?)znd|urOiA
zQ)z8W5X282Q&>;*VD<FvT?(MTKoyTA`D8E^4=-I0QStCz?GP0YuiMO2@x&xSW~z9~
z`#S9BsN&(Jt?eoduk$;qWie^$b`{3Y;o`F+l(rs|9358aVY&hS#)^W6m&y*S^iY1y
zu&h1a#Khb8#2)3>49h~2RHboyRT#>zlS&Wem!iT@ern22dz4>_N)P2{t(Hak4Nzey
zzduwM%I~HML-|>&b)ftPs4$e@A1VyxcT<I-{AyqwY9e59rHtm;z{~O*RXj`%d|!o`
z3w^19b?8v`;zk*zhjQMi;-O6Mt1y(GjarBDBo6!WKqdWKhe><at9Y1lHB*I^5M^!D
zI#BjrDh%bkUWK7dGgTPMuMXB>Y$)pBF-gjwnj3kGiibQuQentn9jwEM2{HXtSY+Xw
zf7-9CzwEEZoh#ed9TV0q#s6l>P4?l2Ae%iop4|e*j=50xdaEbr3rCzQ_ZN5bc*K&j
zBX<=r)t8j<wjKJCvY$Y6Mi*ADfG~7J)s&)mWsQ*P!lhJ`@v#^CSkFo6XnXU;lume%
zPvNhb5aC1Br4*p%;;Jpt<E?O>*`5~F(?_UT6{I=8gh63&zlMVM@vCJNhDqP|sd#uP
z+y#?RYnzGohKcLEG#`|(_(|e2C6THjOx%a0xq<~u+~K0L#Vv%vTRfC2=@7!u)t1&E
z4Bo#`@TLk_k~+2WTVZqzsBsn%Uc^T=Y2kHZsURNkq_AF?qUj=bI=YW!B?`+P1z5W;
z+u5RJwS9zOoK*(--6Wb~L}Vo(65guUh%3!R;@6TW9ws=Hs*1*G#I?X;c~C3igA|fM
z;PH3Y6u~4ROkDdV(rSdM^@bo!+*v1*C&E--Gzi1gw^Aj9sr>ybV5?RB_8?4^!8nAe
z{53(C${$|(FXlfk5kanE0mh0VCLldr$fD9z2(=+*PXGFhcH*A!AIW&^;3OPe86q_U
z&7&kbGhW<Frg@YEgPtmbPY|XG@K1!P0vw4jRe<#nrV8+yfEiQ)_CuH|z$LI@LC3A?
zfLn=3pH|g;Zyq=#YIaHDjd*H=u^Qs35yol)PmM6DxB1lw;~PYqyimyASNMt~8?9mp
zUL!8TJdJX7A!j3Or_tUbb%mvrCLqCYNDz|)kbKPWe4O9dqngisZQ_Hzr<$3;M`Ujz
z2H`IgA8`Yg7=+(Xd~i@3M4*&};fp7F^ndc<9bd|_)={)WCo&Qdt@2DG`{DgEqBTbt
zJQJpr#as32ODXEDdL6v;so>$QdR<%L(W|%WbyjD1ZR)Lh*&pR6c4_E))i@ZI@c=g=
zv#^uYTlFjXy+3LdG0kXg91N>bfX?EQK2aUW5S2lkS#`K#)3!z-;Oa~ZJCd}S#S+w4
zMm$_~X>nHOZ$m1A!F*cw<xns>QPv(6OY4a+jD~2n2y?))8iX}Pm_5SajaQ}KN(jS9
zik2YET$Gi^APkj5c0(8@fRyVa3==@gB@qU1EYo`BzlA~2ViHeD%|4IWsz_-ZnW_g_
zQA~S84KcpLqy&S}0<!lmX=Q}O<48(E57!gtc^#(S(4zp=qy%~tpp1gnqX1<TsvZR>
zqX6})05L6-UKOB)5R6_G-~tp(hcjX{sA=l?b~bHNGhscYL>wW_(CVn~I+RDeH;7kW
z;E9X_G{3VzBmEIg&GMv@<M;O|1FjfW^u_)tLhF<-A_2sx%BquSuk;ctIp8J??lBzI
z2wE<@XsHlk=?J@{!bDN&D8gPM-Ubzhcry^T3jN^yC>A^PAG6TFi0lZ2-eu)mRAeIJ
zT@jNHiAMeFqr%Ybx*}$N5-pN9kv=L+rH6X|3a$G(5r81~aQ1GDZxtnBD8*Am#fUCa
z=#V}7)pDzaT;kgC*dJ>8`6DQpi`c<UP&rm2gJRp6zNU%|7TeAgh7A_m&J>0X7TeAg
zhV;a?Gkp#it+v>9rZB8SY&%mJE*iwPGlgNjV%wR*Fq?Q+6zVzTMQl4$JY1J_#ST{A
zyAs>F^c6(pPi*T_81g5!btw$_6Wh8JhWu3&TT0}TNMS>2!@X-dxK^Xv<t)N>^eshU
zjYDwRuf>gL-AwGvnxcbcH5t@&91V|9%hl}e?A<?FEqy!)85H}@6ovv6`_2@G0u=ks
z6ovv6`_2@G9o!yA17>|B?Xg2XpaAW}-VVvdsoDjzK^ai<ec;AD<=KFKs}E*(H=qE0
zaAq)|-|B<(@Ew-pm_|-Ua_Z}JGR|fpB2-JHPblZ^LiXa#KgyMwK>j$+KC{tMs+$??
z-FijzL>i6+>mosZ9)^BKP&Hw(w4n&wAO@>;G{WwP^?`Pf3PZeZ2(uHi7by>DWiDvR
z)r5!lL>@@e4|V7s;_-|&w5%;px<SZ!G#s|rmuj*qTU7k+DxOHlMoJ;<9<C#np}r*H
znxQIMMIAcy#j@jztNp|i{b~sVpK4r@^hBYKLcy#QiZAUzt5_QuEQ<`rVuLTEU}CYs
zOH~*)Sk1K*tI|U}{?IrTB|jlZ|B6E4&%=77P_cejVHoBxQ(+?O5MeL1QfkV>PGZ$R
zPpuahHNUGc+;TKS*d>w1RDG0)TtfcvQ6h2)`NKzv$R*?tA0?vCU<qDIqmkf;At|R7
z#qKAuZzC*VZ5+V-93;haW*uywHe##tDiyMr!bq;me^sMc7A5+Ss)#8O3@_>$VbAmZ
z=eX2+^u??{u=59lLa@*o?xzqbL5y1suC=5q2oswVM9M>$s*4o`EQzfx^^2<CP@X*$
za}3X0*ZJGm*RXO9dJ9UFA2XW1V})yDVgPs682LD|9KCL@T0(8lGu)5#!JKv4AqW$j
zx-_9G!dQM;!<{Z$*%P$Ti6Mm#=nIp+B1plrT*<R;+@YaR49k)@G0&*sQT3TOBRtG{
zz~55oiV&C|oxhHykG^Fy<qCsEa6af}NZ~~KWviQT5JN=XQ<9B#Ko&VpNf=vR8<z#1
zrL+Yf*Zt}1YlawQMJ?5uTSIw8&&b=OOjgCR8=_ko#O4*b#9VeRI}GMI=TQ3kwSi5=
zQiC7g3!mOs-j*hfn8>6Kk0U!aH6uZ&l;ovwG=tc2UAf%p70Q7M{<Krkr72~_n%O&|
zz4AIMfAh}hc(DO}8yZKhnnu3`2*|Mf$&b-*{Z~HdajaBya1ULe;X3h)J)BkLs?GfV
z7I~Hr7jCOU-#dr105vYv=tckMxu}Lk^Csr4=bQJChP%8zHR*Ch{=AD;y8UGa&zev&
z=PZ3DnH0f%Y5dJ8hCb)W)L3d$^qPJlM&8O7slN1mQkn}z0n%TPn2M##%z-t`@7Yax
znbnjO+hLS8WLT7?pYp*+l|%jMyKAu!Xm9cEfuaqv2MmN8ldhT*-9y&tNA_G<*3+Ej
zP2=nZhBu+zVvE}kWSWR`$n}|ka^<yuD(A=ere9I!0{XOYG~2$ER%Tcz&kJG>M`-{v
z4Te8gJTWP<T`9s+k4Y<`AN^q_{gy!AHkLlH-pQTEGC_*xz7P0PzIw5(VreUk0a576
zdHM+NLMX)FXXdYpLm?KkkzBoo!Zgg^2+tqrf0A0o)v#;P`9V!*MMwugNC#%Mu1@n0
zvliP*6W9Pb06eB%&!pA4!6$gR#t2#Zq`RFrl_zpO6Rjnf+<b^O$S)Q4ZCOA>n)f-1
z>L3l+^SXv_q@_Ywsrquy=1OPzb5^&+^drQAO~CfnEm^XM)KNFvt~fz)NNPaZ2V+U1
z4`doMaKPB}XId-pxzFJA{)3|d=EP8!+2OL`Ns85z?t;9tkG85sq`9mSy`mqNQHo`Q
zNep|i{XQYnSd?2kA6T5sn|`e?edw<a>(tea>mE>)F${bM<0Su%W+WH%dg13V*1%f4
z^n3amxfT+C?$~#woN2)pOyhEy!IsWVYN7CAgd>*Hr_QlfL_3R#CR(x@qG(YnEZ6c~
zowgBjgjoc+*S_ZEiWgHFIgGi2I=64_=@*g@`~LFR**0~E(Va=G2h5cCDRp)Udf|kL
zYxJP8i&l9TuWoB<RVw~CX1V1ulUgWm3>x9or?jebtTmCR0Gk=x&nrEc3TeFZTRHtn
z!^~_FkfT1+-lWCM!K$sAbhQjILLjLJcmerlYyy@qrY@ws!1%3V?4S^oteS7y)yh%%
zYt_COyT24kD0gM#s)L6fOzNe;Kb>IHd`N7g&=Mq!g|VfjVeoAgbbQ6bts2pjm~61b
zuI`!6><MHmG-~{NnDH0v<a0$WC`Do<!0Oq3SIZLP2qw0MpxGgihEX1w8eM|q!)R`j
zaOlirg;`P>G^VzL)61xPn{0>%R!<G{{vM@#uL!Fk=QyXG=HxJ2km$~QQ|u%Ou?G=6
zNnKZhTxDlmq^0j`DWBwdpioPOZ=@6<?_dD<A*Q9+_L%frJmp3yM@oZJUb`vfCakp+
z(LtF0>bV8o={u98HV8kY_6YaVBmnv<dS7#;PGblNKv};_mzm~k+HC#KN`X^KOZ6*F
z8p5Pz2~u8}6tw9=s#5dHgZ>fv62zUI%aLkic@Hf(pTi{Z0tRV;-Bn8xtGsqj_xGO-
zQ~r_vfM#ACzOe?;G+;sxxY~x!I`olrUcrk7HbmE&Y24Mgz#sGz>B$@U_U2V0HDN1k
z%}g)vu;*6vV+e$Z<%91It&D0EYECY|s;xk$XaKng!QHrkvB5<4VcKDgba|;v=g!;?
zxApfnBR#;w`FZ2;T>43>0*1K%`yg8E9<wIK5nkRL3iiagyMM65s0lMDT|n4a`l(W-
zGxw*ao!U{6L_<Vn?vol_=qGt82w?a7Thu^9`o+{MZJ<gJK>rszZHWCiCYvz7^)_1z
zlrD+ms+o}b(CyrvZ$zpJP3dRVL-`y65kxtB_JBI17wn;CKfCX$R9OS6d~u>p7h(@G
zFIo*VkR_<V`>=321HoYySMRZl0>9F7BoGum&XK8BH==_K<<6JVS}ENe$8U1Dj_@u`
zESLu+EePMmx&)3B$)Dd`twe0$z|KnUvfch`T+KF0&p6+W__tnpV(7#ar1sb$W6uXV
zDs6FIwVcgLua9@=N%S5}5YAa!{$Q1Y?J=xe|62(%hq-ccZ<lnXH-n%z^>zH|3+@r@
z^sBTM%!UE-&uVMEd)Lb0Xh2yq4LZBgtb{{<wO52B@y86ao{n!y46wx!cRpG1SELQl
z=~+*ARwMc<z|Q8tBKnE6fR*2oi*%mWPlrzr5~=4gT4`YrxZU~|;X`|#OA9YSCNYM!
z&3yYRj!6*A=z70IYJT@Kt=3L(NnvdfpH7{uNa7$`vH#sGJ6cNL9r~>Ovu6!yTgs6*
zi2Ur2h^K8CNHL^B&hU%$mqhN(Mv|f9jaQ2NhC!Sq=<$k;CCEkQdubbiezX|gw%_Po
z6o*V2PJ6s)Od^qCkIt}k(t4W_(bR`0dOw(|r=6{S&rDjt)L!3aYo^j~)4*OCDmbOk
zT`ZuzJ2<+!Qf$uhUE`vab71=NFUQug-gdPbeb|I;R&`9?e<)|UwL;*?4Jt;;|C{5R
z$`PJOaLfB>)@ny+^_zW4N$9<_eA7=wH9L`f2zf;u+<WLun+S#2N)X1$H8IoO9&UCb
zuxpVEPa^2M0oma2&!q_Tz-gDwN)P112+<GspKB&<WY$r8U<S20?G*(#)MJ)h8>85q
zS#2z&aA@vZCT!|QFn?y+jlLS9fnbU4!oYX5py{VJOk-@%C0;3a;~%AaIzsp44)ecb
zJ!SHBqOk%DXqCP+a631wh6M?L%TEhVwwg-|N^e@wDKtR&%XMGO*YrKxuGS>GKu!yo
zX;!=lauQ6lHqy6WDQPL=SvI;XU=4=cmHICJ%gm&*(45M_`xLJ9b(P+$sr=;xy;qCu
zg2i9&dy3gtOgs7V1a4uTo_(+mX$ZT|myaJ+>Xm*#Cw!qRBB?CMdElFUN}uatvsQ9_
z_H4A<#A~(51qi0~4v#-HYP8~Ok?%0bKD^DkYNm^05?&owtC_-CF8KEP$e95Z$y2t#
zl<J2+uSh=`V8O3_{BCL$>rWK)6ih<>N8UpR3|D*{?P*Z_v-zcF5?eT~RX_dk4Ejkj
zQ#_KH%3t-UI1e0;Y(0zgVrxONhAHev`i*?x3j3sJO(#+xrk&m?2Ni{tMnaPphfXRa
ztKke#eK1}cIPffcGHXQVuyJ4(-q|JWyXT|aGLto&v#ITDNM+_DO9Mh$DC0+`rG0U=
zuJTvom(N~A6&?6&&i!&txs;~OT!$-Ia){!T({S2AMUf_yCK`B2B6=}6{N|vbmN)vg
zB^p>JL|;jsu87nURz;d4slMIM-LWJ3NKnD`OPV%o@2&VT8aULftvUNi9TLGj9O>qX
zgNlPLJ)vrNP(hOZ+#j>eG3Rt4?LXGxa_*~yeMJ)|(Qo8zD7&I;UrI5I`~8Ua6YEt?
zpG3AhQXk?$t1CKX675C!H0&;&WoU34wo$cB-%Yi#_9!$XkAQekXX+{*bX6*D3xdCu
zv-~YFz=5&oO@S|zddq?)?ReJGVaALS<TcD6@ssxMJASyUQg#}Y9mtHuy|Uy8Y>{k#
zvGF(hSvv~4<=+!Ws}SdH%zQQcyG^K4@*FR@HfD3w@nhAAGaR*O_~hu7Wm$BAPslBp
z0DG-<lFj9%(5f0+*DHgdeh^*wq|rafj-a%MBl>^87EIkUCimEAD)&>v8qsgs2<X&a
zcRQq*NpLnqHxTBMUh81aYyzgcC&_nZ)2jOwTECOGG6+{Utj=;N-g>?~pX7sJ+^=_N
zrszp87)SQX;)K5(-7v7a^~^i0ARGkNUQvwQ@J=PTkF8sixOZRteq~m$hr49bhdGBG
zNf_*xubn<RnSLVUK-G4%bm~A&ng_{;H@e*K&^e{nOIA6=)^)WLUza5ymnn~%E0GO*
zz6xn|Dc#G><(>@*1#Rn{G7|<vZRn7vPw1?D7+jFc?=5T7qPqIk`rW1_=veSkM)3Kc
z0VBv&*ja4&_RlNJ4%|^zjhc!upGBv4_*z2OA8IeZb&k?2(NQ4N(TY#d2CT<WX73V|
z{=9G&W~+jNXJMov9GyD+WMc=V%1g)Daz)dFnafudr6yo&Cm!FRNL166*LpiS%}fJ3
z0I@cAS$@7Amw;@mVNP9op1VL-<hvj?bT|iG=w9H{XnKSXP1#gVUdQHO-3-tJ+a}P-
z7p~BP+z20j3I(HhL2v4BXv{#n8t_W5@=8P7*+|xGwv(Hm0A8nZUN`RDL!#l3NI*Jx
zMt{IK*1e+BiEa!CZ#ax$cZmz{1r?qnn6ROt&}$_?k7G*=8DwS)ig<O?1m^Qqfk{NJ
zN?ibL4p5xMDZ&vHUB|+ad3RjRdV%{8Fgdct$ACB8s8mTTk4OyuHm6-?^%rKn!1K(1
zrA%GAVN@Y}n$W-Gb^GWbExOj<%ofg<M@8*!+H7tIWqB_B8v@xAB4&r%Nf1Jp>Lyw$
z>t)?A&bNcYH-u}8o+zrcSkVVf3lNn1?VV{QG$q;a%U?SgzICPpi&AfLB|Y;;-w!j&
zYqzns$sTX^?(?ak)GU7h3$iOcCf6(%8W;BDik5z&6FI1pSLBF(X~#y8ld#X_e|$fk
zBO5Ciw;{S5+kV83()vNHZ;gw#1m0%fz^RBml=?98j~^*@%nhZ0xn(b#HXFY{;XM|H
zxcp(x*Mdb6B#2jk{>RV{$$u*}-1!*Idv~bNp%R(I)R{~^J{5ZOiz3@L6i==VvQ0E|
zhT}<LX9umfIbBPck>w9u0qZ_~Rg-2SQq*0V>05(+bKxVV(aUE|9eyN*l9g;Ylk6!Y
z#-3kfrZ9PR0jSjb9I8@1nUa#ad{*qSkf~4TnwYQ4_Z*v1QT`L;Tlz-=6;Ur*n!Ja=
zQ|z|yF)wEpR+J%XBbP3`vFSjCvJ^qb&kKdFjY+P)h~DpH2HsirT5ps5J7XZ7u3efb
z(@^a8kJPI;eZMntV#_ee+{J5XK?-2;<;(l&<35p8*np@wZ7d7=zUSSvSD9QFd^gXx
zVm%R}f6%m<_hQ8uYG5Nu3RgzrPc}i3(ph{cP6jRdEj_)T+qY+tM3)V%v_9oEbU-Z@
z3!V*&$m1)cUccH+G+Y(RczAjH0zxVvJa6grX~fafabIo8a~Am_wg0^$Qw9jE`jS=+
z8ba-LWhypypKs-~;bYHVF{lXntG>s)nYqhMGY7P-S0^wfMX>0RPAlt^#D3<wEa0(h
zV#2=o3QAu~Y29zPE&Hv8LaYAhwAs;7SG$s3keedTsEj8IMaFU$7;eU$&8nEiLZX0>
zzxpmvOtX=1IBZR)6T|EdHqyV$4Iqua?7gyV#S^8o@(<HmER=C8hboRzSaj55cMBdJ
zmX{v&@}Awwg?=UeQz5_3h-Y+RGNhroCKwuI8MBzN!B63(wsd;ykdr-)TmY{+?#Zn6
zHqFeHb)K;u>lc!J_@~2<>kG*R*h-EY`P02<vzfv|K0oO-IXykAd@u48_8qTJ8#=c8
zq$q`n)Unh9c%uB3f9fN3Z6aeUYq{VyQWJ4p<EDJee#%^IvgCMl)Rx|6JHS<r8~5qy
zP>u3E6?`}OqT=&Db}wh&k2OVKD#ptjqUdr@I#O*bE67WRIt{TdSTfFR2RJ!LjHj+F
zE5Cp>s1lg6km&TNdmC-FHCY#G%g^Yt^*fX3?+e**tF27x1=r4z#c(2F*i@xKu?qFt
z<7tCNDjg9L2Mwwz!!cTIU)CUZ1#2akd$L<;&}Fj^FpC};LmT9zeCH?b<N|0=MLopn
z^xav5l&Mrcs5D41@MQN;+CyFIl`_Ds1H)fmn>K4{S(Sc~27z^ve{1PDDsVn|1m>$n
z){n5GN?4yX0>?1qWa_>&xugNkHyaM6Q~TIW8I{Jt(8Jf)#>}Mt^fK}q%ukE2{&ZA$
zD$R7}df#4go9mlp!EV>E!og$DuV>o|A^bkoi}du44lVmt*4Kf~G2hCz5DYMRk=Kf^
z^KI-V@&X2boub1up0GgSLSKRU{+3GTNrlv>iP_w`N-1Z!QkN@tqf7J(iZdo1g~n<h
zv~(C1m_ROaI`_VZ1+d2MhsGKbl~B_9Jtb;`!#3@ozo@GkqO>Iljxk7u&z|*jd$_5&
z3{JSV=cyq>54QHD7$gfO6@9a>d-r(kDxcq;88X8kbS6!-RF?cwOPJ4cdnikgaVN<E
z5Luo3-Onw87W3CXA6-tr7*%w8q1jfBaZ<6_vQo=5HY^mCGwlEPuBAg&A2`aOAAXD)
zv`wuP96vsOU0;n@n6;@b569}ed3>F)$3pS(w0A*Ur#aEE#&OL!-E~msB{RNSm86To
zTFT0W_<^5lSd~f*QkQ<UV&RU9;o#n;&Fm^D#!7PKE%Na9r^}Y5=Akf*I~Jy0Syro?
zvg*-0fu4MsL02ccDqfw(rjXowbPgP{nDN4InSE%c@S-Ta`5>6gJ06X^5Ha$S!paBO
z*Vq1h_padLv%yktP}k1K_ffep6U;GW&AWFE9Zqd_)wBa$Djn%HbV?vYu^dSU;NOa|
z)X)JK*}2_eGhI1oxD^|KK}uDNbHJi>`&!ew({OSDRN;fJmUWDUvPPCygX}CRzjdcH
zm4jfqvwPJgf93!>*6%4qEWtgI^OXhdkI_|RTfo}tODDx3K;ccQsW2Qo$=nvsQX1C2
z_40mb+g_p4#D~V8td+lZj81zPS<vOMwLOH?^o^{jwQe_2`8JSSj6L^H>yi)K*pG#V
zH}bHaGLqG_1NLaO!`>aLw!1_VP^r%MyEvxpqw%p2Mgvx2_MO8&+gcB4Z@vTGG5Ziy
zcc&}cD<gYgh^*d~nz}UV?NRd`5YG6Jd!uQyH*9?&RaI8HwhFmh$^LIfoEkXaYyt15
zlQg1rOI8L_ul3-v><Io@;?CL@X5C;cc8&nd)%@J&IK?EK>T&M+F6k5(@T5qW^2(T(
zcEEhyYn!u;Eo}Yg-u!X@MR)3y{HgS=pz(Bd%qr_CV~1<&LMPuS9FVu2VQ4HsDK9uW
zO?JrfsAYZ<oRWybZHm{y+%F$cZQGdCRJz6+Zhn$(F%@+we3RW_rFmy#ezP-%20uvn
z&HJY=Y0fqLSZR1tt*C1mPrjG>D`i^GyG`7O%-pi)wEdXP%SzljSnuGYYUaVq&aNLb
z#VoOx*89Y9&4PoAUv%EIZo|X-pJ&_Y>fNto`FW1l>#H8r#(N&VyS9EO%{1B)a`K<c
zA3r89QUqt{96rpqQrNgqtrs-sTE#}akB-h&(59^bp-#)3;pRTcDjovt@%IO_{AyZ$
ztuc4k&7#&0M;&smSj_7VzUHQW>2KRB)b(pYtEa^{+xUPZA3wCf?|EVU%PlLg=nYSv
zVVJbNVB^aY@@P)LW<cJZ`j@W*PD^ev=1hK?abRNQSO^aVX{R*#c-5#>lgqpJyQXH{
zs6q3>fr!QIcD)Z(VKFzo74Y%l;sfW8$ty~H0`;iS_^%9eKycdXJ7UD}hDx))ui1UR
zum6FGHnHFt*9>v)eW(tgd4Q{=kL>X@r~83!n@a`ry4XJ?w*ee}nUh@0de8%SVOML;
z1WP`^9V2OO%@t0Lqx!~`JIn0R&<ev|(*-!`?e_a%Qd867XAX0g1f}l{`Y-w&##V*K
zr<On5RR8|YCyF{6hIk|%IM9O40CUrCCr3H2it^gLcqI5|72qFD8SpO*kzM@yryZJ<
z+XZG1iN7q_4P14dZI7pIrZoKkk(MBB!Iq~-nL(BQ1SeHfJ7;h%-0(6;d*2Pr+sJs(
zR0V}!+&!*b8t8gWI6bEm=4_R-O$2ypZ6S^->tLMO?m9Ll@967p$6y><fB<dziT<<g
zYHo8oH{?f2EhN~I#CLwD|7?4ur~ia)T_Ishe;8caxN?5r6>x4Oes`cN{QzFJ_)r5H
zaJ*jsMf{i!mz;PVD3;3K8;pqfQU`P?WV5r)Fq5W{ParMXFZ;rt(@jQb&1=HMC2E@)
zHg(RNNlNgHgluzp6cx2L%BP)UJlAJ_-Y6Tw9W+hi&EsKalhU6J{tv=)*c6jKS?}(;
zpXrtmfQDbUzS=FWT(XHG$mSp#oqx_?pQc<1#<}fV&O#wNenK@YiuOs5&u40S!ktiq
zG%mc!$6NWz7}L#F^lb%mZ0wqP+;zyQ?@;;hg7YT&Z~Ozshjh_)#q#QRj{5drBoN}3
zv8s#(9HV<`T3kdW>nk0@AS`N-&h}pO+LkH53%}WxuzGj*xGz_lk938}2VyBCUS3vD
zaaFXX=qOxtwA=QDpZEwVf+zJzCIlBq!n)ll)&*NOo_WOObc&9jd4DV8N864w(sadz
zujiKs2bAjqzV-MSFzlr~SVfcc)w_pVPpN9X_j!3>V@CINC#h*^vt3!XNaF>XrslS)
zPN&v8$$#rXr#Jb5QtQG&W0IP0pHh(Xpog3Lwb(yFr`k0;wfq6}l>Cl&(Z(K6-@luh
z;Jp5Cuu|=24f5}k);5e*Mtrt5x_kHT1=b7GFWp`c6*l&cB{)Cv_n*|iJj0UZL)!rH
zauS~&<eO^yX@B@_*gMw;jDQ~3yMkfRK6-Z~toNJ8SGTxwhE6VvdenPO9ovpdbs7A^
zQ@=~MS4254jq-ZG+X*DOVp-$q6V{9gWV0IiIIPuV1wTlp^=XdTSPy!-+e#q5&A0<8
z+zdRKN84w+oj+z&%!LcZp4&S-+nLd~8xv-L%ZXE`+D9;2!?xPFoohBrKY<hS_gFLW
zE}QN3Lpk@gqAzr^E?DnpfZbMo!y)Hq!ci6yR2l+w`hM@GHFH?$Fe=kO2p*mET<g&1
z5!Hi@^OzoV0xzCSYOR<Y+BvTm@l<8)nw)YRUY$kCwJ8E?-R=q22kTlNc(sHdjBfW^
zT>bkiM>1Mpp$qlb-c9S^aO$vQ7TCOufA%UOW!~2jesVdhrN=RcoW>5`ub1tDF;tT+
zXf9v3WCs<pCY%pe#GrrH<LTO{dr?t)ylz6Q%X2|a%7N)@43i_<V2U=_grBTt{nfhQ
z%Jq220}=l>QwO$SJIT+!`mJTdA?@HqrpUU>i4LP?t{GFBd7$JGOa@ZRE4;J6j;_H(
zFR$@)J4dJN>y|)m?D<oSvjxiVOZyn*oa~wazV(Jz{oE#k((5<#@s*f<J1wf{g54f)
zAAAlSpbo}l=6@Uf!2ISeaCx*WYI~GVvWFckwVU7U?lv)Hjk540kB*I6qWo(x-(Jw$
zZC}rGd#1m$g$69mc00#YLwxz0MOI1fW|v3Hqb9#v9}a`C!Iy|NW4^NW3Hi=j=z8V$
z{wU{VQC?r4`SBL|x}7`PjIFf|U7F2c^>%KnC`5!?+%PBZFZ888b$eET7(BQNK7RIZ
zu-ojw8&_fc^bN7GPEi~!ws_0s_dP6s-x}=ZR?t;9>M`_ngV-MDR`UAz{SVt^E`H0S
zsHpaDv4R=FXFhe=9<=jO8gI+5wORJt8XR+X(2&=2ePCFer+qkU&6q~)*c>@~aMWD|
zU8C7vFo4M_(+c8)@%J|8bmCX!EqUZjGba3GE$dl{y9*(oNWABi2GbRVSj+@)7J_Kf
zpXpQ~8vECGU+lV!n+cnaD`;S3&6ZkCmD(&}SA&E#^H`p~=W%S0NN8obIh}hSn!^qU
z@>@)@hp)%$3QTuB{}>nE;Nw-TGPy`Fagv!+J15_Uc6C3srT+b`BNaPO4liUqBR`^r
z;a0w<*$_6JNVCA3kY<K<PHqDwOZoOz9D0(?PjaVjd%0&n*!F7w^kEEZ_{nrlm%D?8
zLzt<#v8h9$AC!E~FHYE9_?W?Ov6gpkabU;RS`G?f@#tl~vm(Cp4OVznnFv}Kwj-xc
zUUvP<g%v6(h++KVW`0=sNq>KjIpdan1T9(hVOQ#!h;fpFB##E8A)SBr?~EGpC$|oR
zuu6WJ>SI?&jACYAcJOvrw!?|fy`b4ut<QhVxV!j-FB=0!>r*SDK%&I66xcjz{Ih?1
zgm-S&>i&2b1f^+rQLDbCMs0<NCyxgt)n?sqeQ^Al<uHL-g?L%)DZN-(VUxj=&bzU`
z*=f7tljEq)4izhe!NF3anSb@i{1m-3b_$E?5ua1a7<L%k&;9F2)(>)A|MX^i0xcM^
z=G^MVdu)Bv<D9?SzD-}g0&BnduKzuuJnLU=3-4$atc<@F<m=ndZ&g&cZjrEyrCD<K
z{LB`t!9?F5h90@5%u0>BX2!J7KL%CKilb{gW!=E^H=f@m3G&|h#*J2*ngn~#`TeU~
zAMDiokmG2kU7KK)N;bvpo^ZbJ`e%XD<7>gp`{{VoAEORXx1<*9P6KyN4R({wGjmF%
z59#&*Ha?DDeA$}L(DsVh^c6r^wO{}Fw?~cmQ?<{`0N(0QTlGfaO_}IO5Wh`m@DD%f
zWs%T(#4+%ngMVw`v}3ES62c&c9$+5z-``E!9agW6ga3zd!@=-f=w4%ooh@snA%J6b
zdUqsh&`ifs$uEaPZ|>Zi^R?pdOyLc1yp-sNzniu{dQhiY@ys2QTK9V7<hr(gN?X=I
zJwHyW?T}Vs@bdBrr(fTCJAy6t7BuR`##Bds6Jpx%t%))7^7bD62}50%U(s>YkkyQ#
zX&d4F_1q;JN+&ROZI3wgdbGLz{m+Kdibj!X{33d8Of?IR(VX+yi8p53u*$%qZgoje
zj>&wa&z+$0v{5Ey*;oc_fVlg8)-zP!R0*O>zgzEMUAq7bK3TkTvDOP3LhW;D>w`|v
zoW=a|gXQf9+UboPW>DcJ)L^zt|7n^1^wX9Do%XZY*tRAt>@*X@PkLY2Q=T_0H+lKS
z@_XhhTTVom1RYNb?rNuZawv4jIo~Z1_T#df&d*4r9)J&vqw(uZ#ux9VHF8*XBRzZ<
zoTu>b*y6x;JBY`Mlh)+ZWja;eTM;#D?;vJ1KU^Q_R@;5et8?R-B<J#*ANj7~C+)0f
zSs$!py|=^ZVXUcXQ@qZ_KU<U$I)QcFaV~Tn)wpWbozB~2{tR1_%6w1l3%_-dH8O9~
zRr!A9SOhVC=WSV)|Ml?WpKq)RzK!@%^iSQpR~0MN@kPJzIv>yFDVW5L-xW!c9=rei
zzU@cV)8Fn!-CG&ub(jXYr90G}T+q5#=VNSTEnS3g4;icrjYy?(oMl~b#+^1q-)>j;
z=$h6&sU{v#LaRhN4@QwRJ^EYc>}63~sH1z7!VOV59rFgz+OINIBMJN}oX?tf%f?&B
zzd8Ar0#9z7xZSR5-Ma&rj5hGgnV#lD22+4;oNrGika+%hxW30To6Og={HQ`&Hb3b6
z^o;KgeWuq@_OyxK6%<lhJhA_(4p*8boDa-Y0vE=#mH~;|x7JeD-$X0K)gp;<+tNHU
z@~9%GqK#+Ywa)wFrh-D+@<Z?jht0R2CPy`P$b1yl>lHPQl3Aw}ij2}ez~IpH^(ASM
z{99*#rvvfTwpA~rvXqH?;HZqy@?buA?lWy^#+G*a@Ex?_+8e%A>y5YG(SOaWt5aFq
zv-o&5v~uvGOhjm-ncNHmc&jQth_jna2l9qqw6)TPD%;tx`M_0F-^h0$6_tL`xp>xw
z&Rp8L_5Nr|0TniFXqESeEyyX7YfR^33fJbDbS8L3hmO?1dCSrPH!83Io}M2BBIbuE
zQZvWQoWnNOdkd+oWJlli_40bx*zRA`L8(gC@cy@$NHwKhl|3hSQO4yI_rR_hRn{^l
zZQ<-AAziZK><+}tOPG*A3%Z5deEjEm>pW^``>|dYFTKxfdSFlX!i2;<w6Nvbf3JFF
zwCTh|X%v_K-zxH^Ol@A}Nt>jvyK8Jz#6bV<X-9@A9Fc5(SxjCqssF0GlNTj8xzix3
zzRE(7O>=Ha<TC+XGb>d0qT(OcJ&H+NyOYaia4>DmjAn!9jJrY!COdB_JKzQ{KA3lu
zwnh8h7Z3kAzTj#3wUj-dOXvGZ!~DB-ZquJJu|c3YzB!&S?A!72iglWK@?=?0Kem5D
z^u3{H$*|G1E`N)JQMBK6mjWC!4!7>w`BNh%I;lPPw+!Qtjmq47qx^8XdWjfS)A~i5
zdU+?xunv{lL)48JdQ*kX`77^rQ08<>OTWM674mV%w}WLoJ(R0Iw2Kq@s5aD6RJ*mO
zpHr9asl&ddoZCPzW^Jlk-P5TQ$mj#V93=gIkE-3eKl1wRi>Q)xD!&n>5~kl=^kHJd
zu4!~NwefexrU8<=)7uM^X<J-F$9^pAd7Mi0Z0MBG*B=T4*Nl1bgT)JoW(;q2*s5#)
z7F=7D+1M%Zf_v()uyKp2&8V^a+2jumJFa+_Gw#X6HDhAD%PMS>PrQNJ?!l$@9e$Gc
z>h!92FZR*{Y@~cj(^0oJ{_IuoK0Re_OJ}A>(s-_s`jNDiD_Z++NuGY=ZC>Jt@}Zv{
zeoX#;yXZ&vySqO=`}xCT_UD+N!GFIksekYzf9AFypZ|G#`rGz)w@Snu%eghQ(Xk(&
zr>+_E>H9Fogr3KYi8QY$J@QAelf$Whzx;e{)#Y2I$RD>O&wqLx`FQ^03fh@-iVAw}
z9ue^M)AzA#EYT3sZky3;kQ04hZ*T9M_fA_c-rh~!Yetxm@vw75yDan^n?fmEEWruc
zQolcp4<dbmnU%&-n@?%V3ulNsJKEh#*=Z&U7q*bj03LBnvnlW+S0!R7pTp)s3iH8C
zg=zJ$mS^HttD%{SXb00OA!&{(B2w&&i18xVk(7OM>7Xt}M)SVZbSgio9PbyBo9xj4
z`-i)ye-!kDPej*h>nUYjPTM`pBeI~aYvd1KWW4;le^{)9dJC0yGkv25CdXwuGYUkf
zL764ldOQR<+g3&SxNO}`!?w!La-}mHF!WEmi)&{v7_sP$^;o@V(g}bI8ekij6f6{#
zSHa4^x%lzQ^RaSGU5`6ZIgM%p84_AB7z&d<D4?(o9vOhATa5g?c`>ddlzHfYRi}in
zQFbEeZ>HMr8{x}1@KfWQj1fQbHWmO5(ehOkA#d{w8f`mw_=amc2mZ~%i5oVOKUd{M
zXbuTQ`gnu;c|*a6E*HxZEV~#lw_2fk>f#ZxjEac2QCF#mK>{&}U_W)^&OMPzp&r}v
z9bme~L7~c(gc|7`u$C`)uhyor=p_R`5kV7{#0o)6r-W|Hm8(w4YqWQ74`vzZjC??l
z)%E`IWXO%VmWm6a{PZZhB)1!`Uk8ic)lS9|m(Ph|`(Y8d)O1kW3jvBf4Z5DIg3a|4
zSNWxy*xX!9?vde+weZaw%7+;?_aq9nf;BdmAGx3_mettYmfYYI?O9}T8nQSHg{rMC
z+M;iOh(|C_+b}m|XR|Ot`mxKLKb~FXdWgA!R8GS%=TeKo=k|DPb4_MJDCG;@-fnT^
z(4orPA`5VEYxiQsJJpIYnanU%4x172nTm)_>8LiP79u(#Vp~2N)6?cSzHkC2xwhCX
z{ZL?~v0H-p%k|Wn_CYy3TFATHFcP~Z55h3i)U8BY;fYu4KS<au9g)RG$YOKMrx39t
zYS6Yhh4)u=;l@sz>9PWhsI)cw%ktd?pWna0N}Imu-BwXkx=F6~``G-dT=)?x%b70o
zI2AjUy#^lJK+p9rkd?vb*9HPfTXlST<!7)ZKb_?1?hJgE|8kkaNt&S|CYABn%nh6l
zNxE!kbPdXAw8*;M*+Bukp2pY%R?o^R$L8qIQXRHS@~4T)`(x#)E<>Smg4J9-KWHoz
zHuj_&60Z(>RDfxPi1-ujoYP<Ox39t?577#KTd}IkXVi3g%R=76@{K4lu^y+{>5M<`
zr=&dUv8-{q?Hg=9y6d`@vFr55i|>yYH7e0^Kwz0FUFTkzF=WV=K@)lpc)ab(qdSd&
zg9B)o@-abH*jiMH7g$>gvgRU`k=`8<!#oLL>Ua^_B#jcHl@5wwDy>E4FJP9D{%G87
zdANt3)>$ri(Yc)A{(*6#N)Rhqt`g*nc0yXVzqn`Sh?y13g78;kCP<%iPREX|nkSr<
zaAfQJtBSKkpKC{n3Uvdp!c-JU4hrNqEZ!7hpOLZg2s?qW1cZenEDvG7A<QdEba4)M
zHfh#dRB1JtjW>D*QK&cjP$es&G=p%AR1z1vNl*`=x|J}=VGs^aHCbcOn>R0m+w@zz
z1cXU)QJO))DUX8RoUU_TOgCGQSwEb@Kfs*|T6h}WT?85i%ywh2L8*&19?{N3iOdo6
zBk@C(`+$ah8r=-%1ktP++9AO%3profPbxv-Ba(V3;w<EPqzc1||5Rb9>rYgeN)HY6
z9Wj@ZGZD)My>Q}k`#3ZZ?2u%zdz!Hw)w{xmp@3nZ`tNOYN_^&d@tLgG@1m8S+qw%F
ziqbQtT{YriyLm321yG3fq8sZ#)N@q>QKl!tme>dwx|>NZ<(or^)f<qtp?6>jOYBjq
z^3>)B08bl%gJZ0ZA8(o})s}%%_&Q-R`trx4lex=lyG&GKoV~#t2<n`X;Cr8;f?#LV
zu65W?XE!~~cr@~@a>+*d>ES9E{mV8hW^*l60JsB2!5SBY)es8@oc{E1k)EO%>mmc6
z#Ly;NaoDBeterm}xu1T98z*T9D#Z^}`Fsmeu^fpMvr!&Jm|G^_3=zfRl}IH7J0ccA
zw5<f1h96y_Ymc%*yX8wl<4GeNF56L)<3_F=^g_AgN`I1?xB7b9pW_omdu-v78O1PS
z?YjEd#_~eRr2%Dxg{p?0We<_qg!n`Wf|t-0PO=xgujYYX8el+g#lD&77;P!hY<o;8
zsBM5SOxC3BjxfxyryYwhH4|SsAs?++GZSgO=qxE0W!4O3rY7O`rZdU516?}tl~^Ur
z0j!_*{p{I*O$~R$%8PVG<IpzgQE-P(k5?imRk3A`2;*U4>gabvSY^Z;jWAqsXiH-&
zN}dra*B@JvjoQ@_J<15NjwiX%qC0Xi&59l?*7sBiV*h4i|8~ULIYO+7=p29q(dV^C
z=gfea5w(>(rsQR2uIEk%*@Wh@Wb2E2zAjmEky}SOtND7Sm^3Yt`?g)zz85qW>lN?7
zoyw7C`YY2*Sg<3yKLreDtbNxy^7+0JdTKsv$Fif;)Hpf|?Mte*w?5F*sw!TgT5o_!
z^-<1~?)2g?H-z=uAYfw<*1}uB79y-dH38cpVDhbftAHL^iehds)D8?CS%Xe+--8{w
zr)`PLh~|Iil!3yUsNedheLea9A^fL&f1#Lt%|A~KJ$%1T;a0X;r?^mJ@u$-Wg);hL
zUz;Hlq1e|J=uh-V@5~mZ>5P4?3lRkM>qI5k{hmCcNllZZ5PH6~P;T-Qhnf0lS3X)^
zV++9``GFHwD(01v_o6uaB4Reqnp<&-$Zv^NtL!X!?)<Uv&GkP)bh;3vu<YBH2aiVU
z`J5SzzLfUhqmfQr5v6%J#+;W5^;ex(;}{_l)rpl3ivg-SvE;fKPtrk@`*F0F7to0{
zqWf%%Int!=f}p+n=*V(0Luu95>#B*4l+bY{&CxML$CbpRV~CC`iATo}9aj=Re&wLZ
zFP{T@^7U0o)VjePF7CPA_BX!hD~Z03{^aW!DJOo;sLGcLT2<QKVgi(kkjy@;6xRyG
zXT1<}4o+f89Yw#YsUP)a5r!EK^)(QNR!iRmVJKz&ZwSNLOOFxBTs8A`u#midGOEo<
zVQZzis2jN$*83vX-!#rDbR!qtZz=fNl)N_~Vc+;ze?9aKw+^{kAI4=pth)-!NSQpw
zCcP13R&P~}Pf4V!aJ99w?(nD`IfJm_8w9K?s!1nr0Xu`RTGa%ss~Dg1mwlm}rG=<Y
z(}zCiurmFGHGX;U3O8bvwu&CRGx86<)U_`qB%BerLcl5@Z0u42!=*sR=tTln2k}O-
zQ&+TZ`<=h_f7IpSEMMTm2c19Zi0g<ElV>bRE6tU35st53uhXxs5Uf>0g|P1|$T!DC
zta2q`VM5fWu+9p3%41PuEz!q*fmTOTTM*>QHz<$tY9xq08##+Y9;XsSfj(1V7%*2W
z7XFsxfQneOL^LiN2cQ%v>dhBBRrCUqhOLaRbER`a2^nopKg@QuNC2VAR!BPR?3<+O
zd<@HNR4~>!7w2@jG}ef*I#N!I8%)|q&I`0?bPh=)Az=+h9cfAxu3>UK3M2$QYDcsQ
z@<t?x69uV`1ktY|zDTe!5>#Wpj%q`?3W8%)abg_!5(b+|`OQx=#%+p&MU6BKiF*G1
z{g_zcnSf`c*l<~{Mpu$F6{B!9MjA;|p&+Z#BPUITi?A9eV&W~d!5*D1vQI>fw9~M^
zeE#4XB3(i*lUfUH9f0Obj|&lN6=p5)Zlb>E>j~H&DhyXA15}uK4)<2oCl|Giw&rAf
z=8^8shsJQ@q3v00T`ai{JqWr;^lfhM7VA`POmlXujeas92b~Z33lh6U$9=dkl`lVO
zMh`A>LzTT^$7PzB3$;$o`SO!g5=%nK&Sx*L+rErw=Ki64Y!LfO0@h-v@V)FYX1m`f
zUX;ZJPYa*j0)~;r35S&f49ZWd6C%1ZW<4L6l2J5d-+2eokg_gfE$oSr9kM2tt%ZLB
zV)5z#SUUT}387eOK6J7MVdx%`%0k&Z(bFJn1S|=Y<&*ltb<v64Vj5}?l9UIcVrkG9
z?5mC`d(k4_yep-6({;5&<2rtQzp6_rpM4skDV259S$qHS<J)Y$;WcQIA3NPdC3Ycn
z`t*-6fw1%vSO1tS+5as=?c=b<Xz@8fUGsB5F<Z(ZzlboI{0MlPy?@x{qnha8)YpEk
zjXgY@Ol!I@<l(!Z@-f$?wPs`NTN8&$HG0|kf7F+r({tOY7X^c?2He`(W?^#Mqx%l<
zI1|WJi=H@_@h<>har}~pB7tA(@Jk)|Ncg1=zeWQ~siNw`FYEBjI;h(4Yk2$`9>uib
z|GGLDR`yKc$3Ms}vFJH6I*{F}qKwM?%CpL|8odd+y*&*AUitidHN^_LeLWjiNk#aK
zn<%UX(>X){w2tHNPG;G(ln=4^Yy+8;mBr(Qbuq9nS!5<wXL&H`>GhF3QXn0D^|}_P
zYAfR4h7CQxipE{Qu#0w<-7DB?kXqr=j~8_lfJyi7bs#&}ZK($z)Q2@m*889r0K`|7
zg3|At;wwYxAX1<^Yo2f?kZu@?_u93?XB1YDe)2dWGSzm+jI{FMq-ymeKu2xD*0e3=
zNA}N1<J%R|073utly)}yNlyE%fElR(Kit3noAx%OZKE}dWw3S@WhQ9zPtIr$v0^=P
zai@!P^h6vSqm_e%K$T>#Sx3js;gX3K5v8CT+qamvy#}`r3F*<P*5bcE08-8OUuJ)=
z*5LcaY_qIEDL<}e@y4WcWU2j$P2~)`8qI<guukj}YBw+3b8}ig4Y=^U0BW}n5^LhD
z`tBuy)>^Ua8gyq|M3?ma&eWIMhx1m&ij|r{pY^fUtkOZ^jF8kDr4w;*mbB~Dgu9dX
zb0uhkpQg66(znRwEpCVc>Z>nl*sy}7?xQt}ok+c3i3ZZqB6}{+wIb|P(<{Y4ww!?{
zW+DVXWEEz7A*5!(z?8WY?t{SGg;ED?-n)lPf}CS?mwPC-y5ZmwK?|(t!F%PW5u3x>
z2Mha<N%`5JMw;b^N7}l>hM|7sfg5)p47{@FF_HgG@QVycgQ8dYby50U#!YkQNmhjr
z#*%$S<7tikA8cV+m}o_KF6GQ%>Gtz2yuaE9p4G%QWCXQO{kI)BwsYO`J1<Dc{KDjy
zH(J1&SvtXQ4%5dZ`dJyrgg*uW#R|De9cJz#A!}0Ka>m4)FWM;s{+H-fTtoVVYsyM%
z-wmdc+sTWGW4iL=H|`~jJ0SldwO6l1gTB#Y4<W-+Uvm666KyR9K}5>v#AP&&)J~i8
z`b+2p*p$@;^NV&Q-y`v*S)9e&-=OevVHop0j_ooFsVu5!o<oVQ<wPSvAmyu=IS>1q
z_3_0W5Sm<B*Z|{W-}~my!P!%QXf?6tV|*OkucR?v=#S6U`x?t#yn8xuqJzwwJ2IkR
z&g6kebe8V}bLalqlQ~hLP{vuo{Yn`dBhd^>v?0Wy<e%YlPGxTx*wWp?7(@rcw&Cnj
z4<UUa;Strpx+hxIkhbS!wd3s<Lm}UBW<&Fk!PtHg2bX7NCO+OU(9XTIv9U{LV&svg
zP;i6T$~Ol3J~nr*m^}gD6@`VDttfW+ErktBCPi?=L)4E4qPCDbuP40zvZW3vQAinq
zH22wsg~a<>X}+EAY%BI@yLhF{9ZvP7f#emj$M5vPn!HAFcvgF+ovSqc<RRYXil|3U
z3MYd`xR=v;74BTuiKPLi$4Pi%51KrP=A!h8d64z7Qzu}i*r#BnRBAd@Ra+c1lP-Pr
zI(1-IsibnBl3yP4hEnpMqECvVn%yqpQwp-%(c4ov(~f$3_w$>6mc~JyGZG*BKrymS
zoVk&Ep14&y|3vULI7TGhnA+ZQ!4p0Y*Q1&}Ip)jUHtnPZv-bG?95EWS(0EvkO4)YE
zE{psosi%S2*-haJEj@#DK69|N05WM(74U$J&J=6(qfNEt-yu^V9bmg5Hz!58DKx&M
zPuv6^QQkLyIseOj%D4zp`Uy)BN~!EMLP98N5K~=8OzzX<^hO7H6wXpSI|ZGunhyC!
zHayz`qe`d3Thrv2)ga@jLXPK`A|y2Anw73b%yU>}$eV=ejNLcm`-Aftv(}c3%{=?{
zD_?}{6+5W9mLuFN>%0>OfaH=o3e5@_peWGivu(`+3Nl$bQd->|aa3H6%TE0Ix?fe@
znlx-OTDJSNzn1PH4O7BTcjdQI_KH!i^G<$ATkWx{oaRdU@YwOwC{_B~hlLx=ZsjEn
zIF&kL8;o(uOL#1rl&p`N2VP0LTw?a6Zm+*|V#(~Oq^{vOeD->LUiLJzQ87J0Y;u-R
zG9S0sUnVtqc4eBG!|BtfH$$aK<3(eu(P?_ux_4vFkS-qw_BqkY0T5O~%6r<!JN-6k
zWDmbPiH~dWN$8^35R?BJf49qqfpa^ImEL|CmNIvATPR#x%u-}Y$e=#qt;R`{U-fM=
zA{vIOG+G3;byJdG&fK}K?^=tZ3(vlO<>y3tiXBb)cPh<w1Ak~HNv9v)O+4L(_uxvg
z*(7y4*>q=WY|*w?kFNEr{j#$3<j|0`vo&JNd|5s3vOLB(rR0V5?2TTNr<APTTCSnB
zFj#9X+N5M(%d9=ecg5^gzl}Ys`TpKz;DqMqM#UeB_>>@R9Dc%qdqF-zeqrsr9yLGj
zLk>26+YOp$TSu6h0|^P6Uq(5%nXcP)YRL4^v7Z4U8oPAJkj!hxqK>x-*9F))<ZPzz
zb|^m$zrajL;aF?yX17ZR{Ierr^G?2ZT<q&#37a28Ik%gmYk2+2Ebiv@czrD*?db1N
zQ{k?+S$m_3g3RTGj|NW<o%lC^-RFrh`09a!gWW{4*my6uIG>jAbr6n#0|_UGE;}lf
z?bJj}bg}q)@+`{wB)8c|%j!m5PdItvDD};h->!d@>OJ8<EdG3(wVdYjuO*j!s8s(4
zfZcf-Eqe6)@;JAL_seLeT3JsSwUmG5w@``ncYI#J&{2u&_Y=qD@W?IeKGonDVuw-s
zeNW!=?47^s&h_7W@<g&0KJO9^gKVUg*0CNj$-;KyTdzmHKHSs~Dhx>TAFcuH1sOA6
zH_ZPsrjuOeTYTPy<Ujy7<OyTwG5oy=o4ZpkD``SDf66$s2ENDQu4K2FwXLm=mbA=h
z>d>FcYZ$vYPOXkOb)hr#c{P1tj+0dHern80%I7h@SN9y}IHT9}(BUn2m!RSZ@4{z+
ziNZ|TE~*?k=V%L^y(?9rkz52<QO9pKwx;Kp?j3vk7w>`Rc}fq=1~z-_e4Ev;QsL!0
z63yY47cep(z*l*8IGSp@|I#xpCshm^D~bnT!+X$7OGcYVl(#WPUTlldn`rM7zC~v(
z=G94A9yOXJAfy;V?VlcNeA8BL`K``Q@9Brz`axOYA!(*IsMd+*$Lj=nv8V;vhApM1
z7Lv>bBSrA$04?2+9u!WsAHZFPZ{nJWbeZmiJ3&GjisgYdG|3rktl`FInS8uf<bK^d
zE@E7YmOUGzFjYBw-`xrHRUhT2JM<+nEh@^Ry`{^Oo^H*t^jl#<-RTLCurp)5I+Qnu
z5>ni;=U}nqjP<#%uKqP|8@nh^i5WZa6i7s#_`xrwtl`J#r&_n!`}3YZv{x#l7@u&u
zok*3`+IpMgsIf0K6ShHOAi8c16b_tj#+Ss-%c7_qNtzS8zTdjJ12eBBCxfMsxA9~X
zM7mFhLVJhyQ}VXFK0DFH?c70@uZ&i;Re2(W{Q~yB&7w&}ZLI5lbCP<eG#ik2YZGXj
zktbxLsgC_0C%>>R82ctvT6$8^m=jPozjgK|NBA?8j{I?Mv$uY&t($)el339OjTKEM
z-5)3Sw4PGOx^zH^?MIhItxX6{+|Q>5{|!QcJZY<ISue4kGP<E=7-b5QJy30U#4}Y9
z^5b{L%K3@9!7Uwgj!+Aj%*RHs&=_NNDx0NI%cGn%j<!d<$_{keR~DF@A(r^WBR8c`
z<B;f(;}kmo_mj(`x_fmvb_c{qQpB27T6k*04ac12L;u$MZs@zG?*ynxx+`p<wBytS
z4~HBFhl*D%3&(pU?(iSVX{06|d(P+b-x|#C6dhH!hsCVWD%L%PBHyzT9+c7QgWs&0
z){lKX77dy1oq4T;BRF3Ye`ta_Pj&NBW`uVB=-}WQTklndpIdWkTiXRdo9^Lb$u4VO
z?nxSy2ss^yETKF~9p75c>H2!!;kNc-NT%A~9rWbBxAl}akne?>UfgN-_j#QB_R7bM
zRRQHsKilQoJFP=|s1GlclUKbSCtqyfIcM^P{2f%v2co%@7r);B9dPAfW@~B32b|0A
z``9tZlcijsAD^OMmpcE{1S`iJ7YEl(9lpJ0HSzObwpPgKU#BLl>Z|_}bE3^4Iw|CJ
z<)c0t*)7z+&FWruu+`OV8-2Q;JC+c9y#=h(=>r}jbU5qQ%-1Q`o?UuZX7I*Chx<kO
zWnQ~Q?_MiE-9s^=lL8xfey?Ud;??}6Cz=l#_?E9v=>sEzjQP!(uSb?0+~s~*N1pD3
z(6>u?WJ#9G46f1Ycg~-?@ac&~AN`dmNW?*FYba{dgbbgT*W0c3z3S!;kZXfT8^zgb
zxz`83uPq(=r#pI%9YK4^&bs=1-iNU~u>m#Jo{y84PwoCO?R!BVyQA|ncK*qYfQ#@&
zbm!=BXjy%5mn_FlQxBINNGF@tI@W6SWzi}I)}{_IgRNez3mi77<@OEsAG0-F-|@tB
zZ0xBC)v0`R$G+{lHa%l`LU2n<-dRPB&IsP(DLbtO&Y67U+nH`|z9&|44{VIkN1cVj
z5VZUAtNneVBfK)NWj<U2wUK|2@c@d~WL`qA>2v3<v;8>g%>v+>{D>B(a0A?TbS&TH
zXyW#kFI@R?3Ds)JkB>TJK8*^S+;n?#R=EKOo+HXwQHAvL_RQBey?1>1d!fbK;ATD2
zwtVFtfb>Xo1M$d9DfBBlcvathd7JWnbap#8J-mIZys2-@Im7;tYMC-u)MCzEyWm9$
zo6{2_HyW=`S`vTP>(N7xZ*RfBrdlAB$R+(w_ss44Z<r67vte`PKeIPf%IwbNr>i8i
zLtg$er7*r^!je&$jrRAM{pIv->e`t_jsP*}o+IAg#xY)X4<xw$nAP&{ywOs`h^^P!
zWqeHtep5RC5trF5M9%)`mr`f1>)hbkwl`-4UwP3`>*qSxdwOWv3&CdoC`2}X^qXaC
zz2w;}*9&_G%$-qm`%~l_n>!a@?s{P7w8b?dx?hJU|K2zaVF#iaDs+HXN(N@v<e@hK
z;i)9Wf6@%PqAmg2A@oE5dSOp+$ZD|`5E%AinJxg@WkN$ZM8azc0;S3S#Op6cxCROl
z{py-uI>Ki%p%TAFjqpi+NdzSD%d-BOYlK(B$HcGM_m@Ay-un|alJ3y{lF0wB68Z7q
zR2>>+m$j85BJ=9KB3B$~cUp`4(7cO#o%@gPSQ+x2q6SEA|84*OaT40WK{TRd?!n#&
zApb9LMDGjyKOmQ1T%Z=xKYsOyDvkfWEFK><Zy%>QKVZbkbxN_`-TS*GcGb=QA0a%=
A!T<mO

literal 0
HcmV?d00001

diff --git a/packs/crossplane-2.2.0/pack.json b/packs/crossplane-2.2.0/pack.json
new file mode 100644
index 00000000..0d84e17d
--- /dev/null
+++ b/packs/crossplane-2.2.0/pack.json
@@ -0,0 +1,38 @@
+{
+  "addonType": "system app",
+  "annotations": {
+    "source": "community",
+    "contributor": "spectrocloud"
+  },
+  "cloudTypes": [
+    "all"
+  ],
+  "displayName": "Crossplane",
+  "charts": [
+    "charts/crossplane-2.2.0.tgz"
+  ],
+  "layer": "addon",
+  "name": "crossplane",
+  "version": "2.2.0",
+  "constraints": {
+    "dependencies": [
+      {
+        "packName": "kubernetes",
+        "layer": "k8s",
+        "minVersion": "1.27",
+        "maxVersion": "",
+        "type": "optional"
+      }
+    ],
+    "resources": [
+      {
+        "type": "cpu",
+        "minLimit": 100
+      },
+      {
+        "type": "memory",
+        "minLimit": 256
+      }
+    ]
+  }
+}
\ No newline at end of file
diff --git a/packs/crossplane-2.2.0/values.yaml b/packs/crossplane-2.2.0/values.yaml
new file mode 100644
index 00000000..47de1148
--- /dev/null
+++ b/packs/crossplane-2.2.0/values.yaml
@@ -0,0 +1,234 @@
+pack:
+  #The namespace (on the target cluster) to install this chart
+  #When not found, a new namespace will be created
+  namespace: "crossplane-system"
+  content:
+    images:
+      - image: xpkg.upbound.io/crossplane/crossplane:v2.2.0
+    
+
+charts:
+  crossplane:
+    # helm-docs renders these comments into markdown. Use markdown formatting where
+    # appropiate.
+    #
+    # -- The number of Crossplane pod `replicas` to deploy.
+    replicas: 1
+
+    # -- The number of Crossplane ReplicaSets to retain.
+    revisionHistoryLimit: null
+
+    # -- The deployment strategy for the Crossplane and RBAC Manager pods.
+    deploymentStrategy: RollingUpdate
+
+    image:
+      # -- Repository for the Crossplane pod image.
+      repository: xpkg.crossplane.io/crossplane/crossplane
+      # -- The Crossplane image tag. Defaults to the value of `appVersion` in `Chart.yaml`.
+      tag: ""
+      # -- The image pull policy used for Crossplane and RBAC Manager pods.
+      pullPolicy: IfNotPresent
+      # -- Do not use the {{ .image.tag }} value to compute the image uri.
+      ignoreTag: false
+
+    # -- Add `nodeSelectors` to the Crossplane pod deployment.
+    nodeSelector: {}
+    # -- Add `tolerations` to the Crossplane pod deployment.
+    tolerations: []
+    # -- Add `affinities` to the Crossplane pod deployment.
+    affinity: {}
+    # -- Add `topologySpreadConstraints` to the Crossplane pod deployment.
+    topologySpreadConstraints: []
+
+    # -- Enable `hostNetwork` for the Crossplane deployment. Caution: enabling `hostNetwork` grants the Crossplane Pod access to the host network namespace. Consider setting `dnsPolicy` to `ClusterFirstWithHostNet`.
+    hostNetwork: false
+
+    # -- Specify the `dnsPolicy` to be used by the Crossplane pod.
+    dnsPolicy: ""
+
+    # -- Add custom `labels` to the Crossplane pod deployment.
+    customLabels: {}
+
+    # -- Add custom `annotations` to the Crossplane pod deployment.
+    customAnnotations: {}
+
+    serviceAccount:
+      # -- Specifies whether Crossplane ServiceAccount should be created
+      create: true
+      # -- Provide the name of an already created Crossplane ServiceAccount. Required when `serviceAccount.create` is `false`
+      name: ""
+      # -- Add custom `annotations` to the Crossplane ServiceAccount.
+      customAnnotations: {}
+
+    # -- Enable [leader election](https://docs.crossplane.io/latest/guides/pods/#leader-election) for the Crossplane pod.
+    leaderElection: true
+    # -- Add custom arguments to the Crossplane pod.
+    args: []
+
+    provider:
+      # -- A list of Provider packages to install.
+      packages: []
+      # -- Define entries for the default managed resource activation policy. If defined, a default MRAP will contain these activations.
+      defaultActivations: ["*"]
+
+    configuration:
+      # -- A list of Configuration packages to install.
+      packages: []
+
+    function:
+      # -- A list of Function packages to install
+      packages: []
+
+    # -- The imagePullSecret names to add to the Crossplane ServiceAccount.
+    imagePullSecrets: []
+
+    registryCaBundleConfig:
+      # -- The ConfigMap name containing a custom CA bundle to enable fetching packages from registries with unknown or untrusted certificates.
+      name: ""
+      # -- The ConfigMap key containing a custom CA bundle to enable fetching packages from registries with unknown or untrusted certificates.
+      key: ""
+
+    service:
+      # -- Configure annotations on the service object. Only enabled when webhooks.enabled = true
+      customAnnotations: {}
+
+    secrets:
+      # -- Add custom annotations to Crossplane Secret resources.
+      customAnnotations: {}
+
+    webhooks:
+      # -- Enable webhooks for Crossplane and installed Provider packages.
+      enabled: true
+      # -- The port the webhook server listens on.
+      port: ""
+
+    rbacManager:
+      # -- Deploy the RBAC Manager pod and its required roles.
+      deploy: true
+      # -- Don't install aggregated Crossplane ClusterRoles.
+      skipAggregatedClusterRoles: false
+      # -- The number of RBAC Manager pod `replicas` to deploy.
+      replicas: 1
+      # -- The number of RBAC Manager ReplicaSets to retain.
+      revisionHistoryLimit: null
+      # -- Enable [leader election](https://docs.crossplane.io/latest/guides/pods/#leader-election) for the RBAC Manager pod.
+      leaderElection: true
+      # -- Add custom arguments to the RBAC Manager pod.
+      args: []
+      # -- Add `nodeSelectors` to the RBAC Manager pod deployment.
+      nodeSelector: {}
+      # -- Add `tolerations` to the RBAC Manager pod deployment.
+      tolerations: []
+      # -- Add `affinities` to the RBAC Manager pod deployment.
+      affinity: {}
+      # -- Add `topologySpreadConstraints` to the RBAC Manager pod deployment.
+      topologySpreadConstraints: []
+
+    # -- The PriorityClass name to apply to the Crossplane and RBAC Manager pods.
+    priorityClassName: ""
+
+    # -- The runtimeClassName name to apply to the Crossplane and RBAC Manager pods.
+    runtimeClassName: ""
+
+    resourcesCrossplane:
+      limits:
+        # -- CPU resource limits for the Crossplane pod.
+        cpu: 500m
+        # -- Memory resource limits for the Crossplane pod.
+        memory: 1024Mi
+      requests:
+        # -- CPU resource requests for the Crossplane pod.
+        cpu: 100m
+        # -- Memory resource requests for the Crossplane pod.
+        memory: 256Mi
+
+    securityContextCrossplane:
+      # -- The user ID used by the Crossplane pod.
+      runAsUser: 65532
+      # -- The group ID used by the Crossplane pod.
+      runAsGroup: 65532
+      # -- Enable `allowPrivilegeEscalation` for the Crossplane pod.
+      allowPrivilegeEscalation: false
+      # -- Set the Crossplane pod root file system as read-only.
+      readOnlyRootFilesystem: true
+
+    packageCache:
+      # -- Set to `Memory` to hold the package cache in a RAM backed file system. Useful for Crossplane development.
+      medium: ""
+      # -- The size limit for the package cache. If medium is `Memory` the `sizeLimit` can't exceed Node memory.
+      sizeLimit: 20Mi
+      # -- The name of a PersistentVolumeClaim to use as the package cache. Disables the default package cache `emptyDir` Volume.
+      pvc: ""
+      # -- The name of a ConfigMap to use as the package cache. Disables the default package cache `emptyDir` Volume.
+      configMap: ""
+
+    functionCache:
+      # -- Set to `Memory` to hold the function cache in a RAM backed file system. Useful for Crossplane development.
+      medium: ""
+      # -- The size limit for the function cache. If medium is `Memory` the `sizeLimit` can't exceed Node memory.
+      sizeLimit: 512Mi
+      # -- The name of a PersistentVolumeClaim to use as the function cache. Disables the default function cache `emptyDir` Volume.
+      pvc: ""
+
+    resourcesRBACManager:
+      limits:
+        # -- CPU resource limits for the RBAC Manager pod.
+        cpu: 100m
+        # -- Memory resource limits for the RBAC Manager pod.
+        memory: 512Mi
+      requests:
+        # -- CPU resource requests for the RBAC Manager pod.
+        cpu: 100m
+        # -- Memory resource requests for the RBAC Manager pod.
+        memory: 256Mi
+
+    securityContextRBACManager:
+      # -- The user ID used by the RBAC Manager pod.
+      runAsUser: 65532
+      # -- The group ID used by the RBAC Manager pod.
+      runAsGroup: 65532
+      # -- Enable `allowPrivilegeEscalation` for the RBAC Manager pod.
+      allowPrivilegeEscalation: false
+      # -- Set the RBAC Manager pod root file system as read-only.
+      readOnlyRootFilesystem: true
+
+    metrics:
+      # -- Enable Prometheus path, port and scrape annotations and expose port 8080 for both the Crossplane and RBAC Manager pods.
+      enabled: false
+      # -- The port the metrics server listens on.
+      port: ""
+
+    readiness:
+      # -- The port the readyz server listens on.
+      port: ""
+
+    # -- Add custom environmental variables to the Crossplane pod deployment init container.
+    # Replaces any `.` in a variable name with `_`. For example, `SAMPLE.KEY=value1` becomes `SAMPLE_KEY=value1`.
+    extraEnvVarsCrossplaneInit: {}
+
+    # -- Add custom environmental variables to the Crossplane pod deployment application container.
+    # Replaces any `.` in a variable name with `_`. For example, `SAMPLE.KEY=value1` becomes `SAMPLE_KEY=value1`.
+    extraEnvVarsCrossplane: {}
+
+    # -- Add custom environmental variables to the RBAC Manager pod deployment.
+    # Replaces any `.` in a variable name with `_`. For example, `SAMPLE.KEY=value1` becomes `SAMPLE_KEY=value1`.
+    extraEnvVarsRBACManager: {}
+
+    # -- Add a custom `securityContext` to the Crossplane pod.
+    podSecurityContextCrossplane: {}
+
+    # -- Add a custom `securityContext` to the RBAC Manager pod.
+    podSecurityContextRBACManager: {}
+
+    # -- Add custom `volumes` to the Crossplane pod. Supports template expressions.
+    extraVolumesCrossplane: {}
+
+    # -- Add custom `volumeMounts` to the Crossplane pod. Supports template expressions.
+    extraVolumeMountsCrossplane: {}
+
+    # -- Add sidecar containers to the Crossplane pod. Supports template expressions.
+    sidecarsCrossplane: []
+
+    # -- To add arbitrary Kubernetes Objects during a Helm Install
+    extraObjects: []
+        
\ No newline at end of file

From 0ce7b5c2ad94a9832e0cb006dbc3bac47670fe0e Mon Sep 17 00:00:00 2001
From: edwin-villa <edwin.villa@softwareone.com>
Date: Wed, 25 Feb 2026 14:34:24 -0500
Subject: [PATCH 2/7] PAC-3779 - Upgrade trivy pack to 0.21.1

---
 .../cks-trivy-0.21.1/charts/trivy-0.21.1.tgz  | Bin 0 -> 7612 bytes
 .../cks-trivy-0.21.1/charts/trivy/.helmignore |  22 +++
 .../cks-trivy-0.21.1/charts/trivy/Chart.yaml  |  11 ++
 packs/cks-trivy-0.21.1/charts/trivy/README.md | 112 ++++++++++++
 .../charts/trivy/templates/NOTES.txt          |   2 +
 .../charts/trivy/templates/_helpers.tpl       |  55 ++++++
 .../charts/trivy/templates/configmap.yaml     |  32 ++++
 .../charts/trivy/templates/ingress.yaml       |  53 ++++++
 .../trivy/templates/podsecuritypolicy.yaml    |  44 +++++
 .../charts/trivy/templates/role.yaml          |  18 ++
 .../charts/trivy/templates/rolebinding.yaml   |  16 ++
 .../charts/trivy/templates/secret.yaml        |  16 ++
 .../charts/trivy/templates/service.yaml       |  18 ++
 .../trivy/templates/serviceaccount.yaml       |  11 ++
 .../charts/trivy/templates/statefulset.yaml   | 148 +++++++++++++++
 .../cks-trivy-0.21.1/charts/trivy/values.yaml | 165 +++++++++++++++++
 packs/cks-trivy-0.21.1/logo.png               | Bin 0 -> 50574 bytes
 packs/cks-trivy-0.21.1/pack.json              |  17 ++
 packs/cks-trivy-0.21.1/values.yaml            | 172 ++++++++++++++++++
 19 files changed, 912 insertions(+)
 create mode 100644 packs/cks-trivy-0.21.1/charts/trivy-0.21.1.tgz
 create mode 100644 packs/cks-trivy-0.21.1/charts/trivy/.helmignore
 create mode 100644 packs/cks-trivy-0.21.1/charts/trivy/Chart.yaml
 create mode 100644 packs/cks-trivy-0.21.1/charts/trivy/README.md
 create mode 100644 packs/cks-trivy-0.21.1/charts/trivy/templates/NOTES.txt
 create mode 100644 packs/cks-trivy-0.21.1/charts/trivy/templates/_helpers.tpl
 create mode 100644 packs/cks-trivy-0.21.1/charts/trivy/templates/configmap.yaml
 create mode 100644 packs/cks-trivy-0.21.1/charts/trivy/templates/ingress.yaml
 create mode 100644 packs/cks-trivy-0.21.1/charts/trivy/templates/podsecuritypolicy.yaml
 create mode 100644 packs/cks-trivy-0.21.1/charts/trivy/templates/role.yaml
 create mode 100644 packs/cks-trivy-0.21.1/charts/trivy/templates/rolebinding.yaml
 create mode 100644 packs/cks-trivy-0.21.1/charts/trivy/templates/secret.yaml
 create mode 100644 packs/cks-trivy-0.21.1/charts/trivy/templates/service.yaml
 create mode 100644 packs/cks-trivy-0.21.1/charts/trivy/templates/serviceaccount.yaml
 create mode 100644 packs/cks-trivy-0.21.1/charts/trivy/templates/statefulset.yaml
 create mode 100644 packs/cks-trivy-0.21.1/charts/trivy/values.yaml
 create mode 100644 packs/cks-trivy-0.21.1/logo.png
 create mode 100644 packs/cks-trivy-0.21.1/pack.json
 create mode 100644 packs/cks-trivy-0.21.1/values.yaml

diff --git a/packs/cks-trivy-0.21.1/charts/trivy-0.21.1.tgz b/packs/cks-trivy-0.21.1/charts/trivy-0.21.1.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..ca5bd82e4517dac0182e04f561166c2822331bd8
GIT binary patch
literal 7612
zcmV;t9Yf+DiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PKDFbK5qzXn*EkfhYHy#HmS1-qPq!?~G&nYdm#qjiscoliRT%
z5|U7p01JR})Hv^Ne}jz#7cFrex4oaynN$XWa}ExGvtT=d;rXI{JcCRG3z)>;e1+8M
zbUKIo`|AIlPN(|+&hE?ZH{FBo{_b9<`|_~!O{crNw}0>r=zI-gswv|FvTr(n8dtS(
z|BwVz{2nomDd~avt_RaJ|FaVuz6!ctgm}nsDpcN34i_*(aRNd)X1p7;xTP%OJ<kU`
zgoGgG`9O^-&j<4?CWyf?j<HyH1SY6wzHyqd5UFZ2AyVFJx2IUlvT+d7qz!-1AV*=w
zuvoNpg?T~NZa3(9e>LO&mn1#^=P=F?|5^fI_5APdbzkmR=l@~1`!xR_Bgr{=IY*4)
z2=zd#<xR3Uu4Q^Sfm77;0AOf}xnPSPh-i3&Sb(X@O)1BM%6v0-&9ntz3kWy`m;*=v
zH9!HK05L;AftBBP!0il&Gg)lB01=wNEEa$xA^#LJq~H|72~04GBY+7gG*{pO2}#il
zK$^vIpT;;`^uXEVf{H#v91&qY4N%CC&~0NVjd2K%X+}g3bUiPXNVq^GR82+%j$;%_
z$(2b$xS$M9(QynpH`rhpBF^7Z$*wB|qn{ZT=#qr0IQ|3mz`>7LV#>vy<k{~T;zIof
zAWX9!*zI%@^;d!t#mj^4?py2u5aR@wN_I=dx(fIhhO$J+5ELk<Hs$H5ZNLP^+~ge*
zLIspUo%g_}&z_gkXkaAnF(m?h6pF}<9PxJ?u^u=)IM~~_Sr?RCQ7UpQ6aFKkS!zpp
zybda5c#dN<bqQezMwcXBNLc^IG2#m@P-38ZTU+3QMhL`kjA9NZl!25+0CJ9}B$1uD
zwFR!wq?fCZn{132K?3mr({@Bd-p)8;{xri8Y7-hEpQ9LsvfXV@{yk8CQl^=(wFQnQ
z6HKsJ$iXKtncf#~NJ)rNp?*y8G-Ha{Z4JavY2-`vZ4VlJIRQf&BVG7`Q45HP@F9tO
zk)vpP#c$pNAAZ$5C<ccmftzs^$qC5?6ljvg9DNx*a{A9Px^3T5c7w^(zr|wa)A4U8
z6ub=!tZg|QYeQ5?l%5g=5gKPxIp35RnZ$4k1T{0&7%8d<NN6MnT3)^wds|?N#hYwA
zq&J8tFh8ol&142b=Ti{TTM|<k8Mr5}Wn~4xW`K|q$z5JHcmO67$`aKCFkv(S7w=DY
zz!i$X8z^=FBoRm;SpX_#h=DBSf+3hxfJ9KhG31B`3g?-SLekQt`$N;AFgWdCC`OPY
zkV+Z5k&)#`<F={A6?GvDXDCv5vF1@sLl}bzjuFt46+9ocXEZ@=WBs)QRY?PEM`QgX
zh{mJs0Gts3qX<ie>?m-yaRmouZk9$+=sprSL0rHj1)Q38hLC^=2^0!&J41?fSO7kw
zSsWFe1pz^~h=IA)7?wL{M5qA@C<7VS14y?MP=Yj*k2A&)5%HozCFX{<2%tG)3((yK
zGnz5Ytu!0Qm`gyAYy5d12x@vI$Oq36p=6QJtmsUxiL}FzA;2>=H)M6ie5nSc?mX<|
z>I0;RDH;NBAqQI=F96TN8DLP@8khq_Xf~ZG#A-$}8f8ih0-D<SAAqyTj`}PIB}0(Q
zZo=Xj2ZRa(Vh1c}213PbOr%gSJaq603JyA*j>1->Qwfk1g?O^SWV&qP1>oP5frK(7
z`x@ey14{CdouiTvQqAI!5}w6EA+@7DLUR<$1_sW!pYOG|Bn00=$h+hh*)m9sr~}aA
z)1qL!023O=^wyG%2^UOrkpoOhm}e+XU8IPZsn>>?m?0u?2qkV`P~Ut|SY;OUr3FF>
zjD5`#UlHI>DD%Y(`5{dbDaK<=<Ro##m^Nr69Vf~<%gr^}q)1|gF<0LQ2mu&#S_p14
zPtjZp?HCHgMH@zQNJ12~rTUgkGY~Q2ZEXSilJ=a1r&vx%O#)^p6!Aif4$PI*C}ii=
z+52Cv-wjT$E{@)wI+mrhHngXxOe<Tme>52Ue0g=^l<Y&!rSoY^s?wJl`M>2%f&`$C
zn5$93mBm+}pCOY4l8g&5M&L4qzh_9z<lkhL5lNs`CbcIg0K1lUMN1WKl?gQ8Q$t)!
z3WJ;W9HbC4Bf~E)ho?R8^9&irV6IGEIi^yE=2!}a6f&3~fuw9<2;eE93`K?buuM2E
zI`-7G)f%^wi$0zBmIr>p1Hf-^dh+_65@t<0lrj)u?x@p~*UfUOG<gy{oe6LYiEu#a
zzL((TKtNnc-s7|O@d-d=ju};kjhy!Y&MA(XXF29P%XQ$SAX&*aW#1~nG=p;`Z4*c`
zB@1(fAZv_rWu#S@(!kR0ml{NCIE7$Sl?GBMX5cwT2#i#j6U;{2l1P`ouFY|IeCBvd
zl2V4`Y?|v{P>`1x0E+9<mKk3;?$&e`N++yYn>$tt&(f4Kp=Y5{-Lm-%MbbCpN(V|t
zk70O&NK}$$E3JktBh7uq0pG1ZlwB`P2Bm4Rl;QD0YTZbwnOybmC<UWb?b!NPz0I(<
z^}uMqJUrM^KmC^nhn;R`Z~q`4nr8%rl7Vu77-EZd8+vy@0&k?oWxAXc?l6|a3YxMU
zu{mODc5@U@b^r>dL5WRcEC@`nqLd35-n3OssSJ`DF&Zegx>XHfZEiR{bc^Fy$|lJ&
z>Dx(WX*W<+*FPN>)ebb7G8Rk8C~-<kO^vpuDbWA&dDuJLd-=*#5yGtk_6|E8z5{mm
zXZCx{3mlRkI7CNbs61y?1XgTzU2O}X8y>&}{y_=6<%&Oy#>j_^^nm;a-tr!XNw0Tw
ze0=%tVt9Ra(vv0HXGd?ZuP)C|uZ@;alVA3a6*4f2K$vks6YD1ms`|+FQnYzSqajMt
zSeur*upx5GbguRVu(m>T2f)$TRvLyeMnnMVzu5Vu00f3F22`%YP)RfcJZaEPU?xW+
zLL_&!XeKx|K8{*$)x*s$&2U%s@6;6NPEAqnxU_koLX|_TVDOa8-$SOjIYvr7QSAX3
zwWyT5Te4s!kB<=(CzvT?%8XtKC|~}OaLfp|Yduy<XpeI+I0qqO0#7v8)sz5{vM4B9
z>;Uu;CTWa%pv`&QmPMsqQ=rzCkQt&qJ8<;m$9AGgE|sNG(U&+>zJRhsv?sDi5%?+h
zZfzlz?*a9{9ypFOE)YBGt1439HdT@N9#H@5f&Etp`(_Ao>8a!k5DgVg5nvY$)MzW!
zk|fBXdDizlOr{KRURuK{G?B89930)C`~7#;P*baG+$s&EmfEZcWxxPdLxIsaMyyaT
zSOnU#;Yes-A)-pe5u^u!oUqz@Hb7#?l^`x;hh)6@tXA1BOeZu+mn~3UaWM6QP%qDs
zDJCC10A@5_YV*|}W+Ngn14+sx*(FfSdZ5*A6<uz%mZaZ|6oQ0V!3b`?S6Js=$)TI?
z6&qiDXCMvLnCLS!!IB0gJwN=aKm*^*`io*y#5c6~!Wikmp?gb<Qon(0Pivq)qaW2`
zDR_5vZdX{}42ON`?R~To%FB!POg+A|;-FrW=T!+U)sr$4S{qhZGV5oi|6!WO(%|t-
z#op5v&fg$u8%h|x$lKC283f{^ct9L$_kRzn`@j30r~Ti@Nz!XGOJ`#Qw7*8}N{nmS
zSc6!b^3w3Z#8dWwR(SvlB~5zm_NPw(lQ7OA1X@~J*-fPu2*Bsh!KY6kxY8?Qfs}td
zg&_i;KlkK^_j)hV>R_cqKYxA_7GEb-=l}H##VKMu5b1+$1+SU^dwY8?tMmWm{^8U7
ze~k3$Q~L#&<D{odd}(G&qvwZ2vPJru;6?lMXHS;$PCus7jmiyYV<;HM#FX=;L61p3
z^YyIvi*L%<5A?RJocsBNcQ>8E9S|%dAvoMqKXEe1CKLP-wEO}XB9Z#7sXMl7wibt!
zIScT624iLMOZ!979e6(@4PBKN5{GPq^u0ouaRfL`N|wHAt+I*rTAW&w(#EVZm!IoB
zYH)HfkY$xem!fbx@XjXr4uArZ?{X-n={zh-UcTNtki;8mmoT;vsg@sjlJl~<iJzBQ
zT3{oF$Gm{_ts=hn!{&YJ(3$f=Ln$ePg4R;*7ZaE=OvD7V{>A-&@m2+z#``6sY}xP9
z=ySSNP8GZN1i9{7Gfs3VwE(fSdsUg%(#E*F*1zq^h&#Yg8cTiJ`mP09*RA`^C7L9Z
zm?e^B6zZ=U1WePQ?1t$T{JJGjSOMM)#Yw<tZPnDKvW5q$a2<oPM@Xo#lzZ2i5Slqh
z#mSLISoz^H3944*4*Z@`k%N`IYJ`$N0;eeQ$BQye1LM6n^7;yij1lWMrP9z!;1pe<
zNp0BJg%@DewGuN+hmeI+^zyfMLFmHFT{}-z(IDR}a?0C<=4CbVmF&EZfYW+GnR!<g
z6(tr6IuJ~X&iasV|BLtJs4tUWB~Br(j_1Exz5eY})&A2*MiQ7l;9<Zu_TO%Icei5y
z9qjJ!KG}bdkxJ)(yWR~ZQ4bueLGTu)UV;RSpnyHQ6xtxB%g$Y~wC>f5TAdMqJAg@q
zhyeStjzyt&QqRu@!_$i%XmtYh-wL;|l~+1GI(~C{eR6iy1Fhw|cde?WWHgN|VYWo<
zZlY?63;Xra@lU50Ct9{It)8*iRTyOu!{Paw>OwSDzdAiR8(a_12kWZGe2KcUkWNlt
zzx%NPN^zp90sY{ov;OtT>+5&@lcV8jL+#Rbasz;q*Vk94{ma4G@bc=HChX3hX0-uM
zZxzd&3ig}fuz%gZy8ORokVUCxRx|+R6{v$HVEGrowF{&Q=*49NL|bAxIJLo4W>sl-
zM!{CbvQnYHz(fuoV&>NFY64By727om+F)>geSCT~)N`rc(?#)Svj1v{_LROPRrSB!
zK6%Ki0PEI&y8BiAzyI=J|4IKpMyiMe+x=Dv=2pE_^414fq5s{rh+~-QBP<y4;HZCQ
z><k{ffgH4&_Rw0|uPQ8(rb30Me?KH+B;aP4RLKHer3U&a5K*|wMYR;vhSZs6=l#qm
zVpqoN9<E(5zn8J46-G(3*lu?=SanHv$5m~f%Bn`s1dgV002>BK*R*HH0wfW5UPV^j
z;oSz$IZEb;9n&O*41v~v{{ZIQp!<E$X;pgqr)-Q&PuP`@ZB0UL-`G`Q%TTY@leU&L
zt`rUtD{jbQ43a5YUefM1=O=ZXIx625(?unzW%J3_$*nk<+?``trTDwn4W+s)i_sd&
zOGMe7a*0F!s*|R6eDVgQP|SGorv#uk)IWU!-&QfHqjOH{4b#89$CPfHdDe2_S%UN?
z{4xsU*J>?uBCJ=+%+EVjvz-}TNXZIBMGIx3UKaq8C1b?O6qdXkzXZ$`N1GFUu>pyu
zXrG$ZxQ(f?!>f7N{nZ-oDXmIX`!A)DJztrs>vIoa39hmKx`zjQ75ndHxAS!W^HEYo
z)v+-QgW}3yF|XI#T6(xxTd3VH?i1>Jm^G8DT)|jOwQBdXooW`2ZP?MnSvdExy|h)-
zd>InPF}>~E52rkY`mjY&Vou{MLHRMZXQ5rEduDS`l8VI%W_d<_msPx1m5*bHll-eT
z9E!q>{)R$<qC6*}x8xSG=%|18%$%aT&<ePqN@kw*kINbTvlHi<XMT%RA6?F3)C14n
zW?Wo3mr0+g(~ResWFJfARGA~PP~WpOjZuP#fU&x9%9}yz1}GCJXIFxWy*LX%0zc}@
zst3;P)dv8z@<yw^^otpaP8dzy>0|*Pou5ChBCX1QMq~8Q?*Ocm|DEn()&Jk!f0F-?
zlA7edx&BrW*Xk3@#Edfhhd!oT_~cr6U(pyn)|SC${_!KLH{)RW0H)Z8CoLmBJk#}`
z{i=k3eFmWTShl(_;;Q5vv9T?sOJ*FEV5rvi0Qj(u$-gd@D^Irie{gD&|6@!d>0dvT
z8d!J!_po;U@8GcWwEp`j>A~gyYdv`WUTQ#&>MJx+cSww6UeO>A07su~Ouo6SujIe3
zKPcUh+Z<9Mk-vKXSLeU>2p-k~Txb7v_p1K?{=wnX`Ts{rX8sc@YTL}E8;ccTkWYF2
z`LSlZzGSB_>gR_>emon#dH4Eyc=^-mMZ<=*`^rmk1g+HqcVK+Dk4V^bUSSz9_nPQh
zU`u(s_U^t*O7ZSMjhgC>&&}IcJXWw2sJ%40Sv#voW1o!4e@3dyf4$cKi2MKD`uV^8
zmwQk5KOQA55$b9XG)wjBu24nrJYO#LxBu*_sjyplRT|VqT}Mvk*RaiwAh)l)=|>9g
zb6UN*;_5@_debjo+;iSP^=Cq)X8kZ_RM3#dJup1(d(LKIQ%ltzT+!0~R|osWPM&~l
zibVg5>(=g&H&m|PPA_p=-#AyyeiHltsI)}>L+!FWj2c+y{~vTZ75RU-*L^zw{U~Xb
z{I`DVBN_L`Tz+1+xC>gg*Bnv$^eNxFTLGm6q)tS>zqi5C!e8Bge>T<TfAMI}Bdz~+
zyWN+y`yYq<FQ4ZBV<dO}!!+f^V&1@vgu&yv_jdce;ncf%+sP@ke2>229HO+SqPOaP
zUV@0QFGIKbkij@cam%Y8m0H(6^KLXRnM>|t(oME!0!27GH=NN{+r7=v`xvB^^<L+x
z>+;2yd2w36KAM%=u@#-6NioManvNUTeR5|InWJy2oifiJY&4yvQ|Y<vBGY{~J3qT-
z-;8s*!fhMJf0RzV6%Te-&MPjdUzB&DxG#a%&YG6cI|Uogky!C-hDe1^wG%2bg)<c1
z@GLPG_DZAWxw<+Dz71^81+O7TeJEz2Rk`5T+Ex>Y&*1LCA<vTXq0`blEWgNHJ-OL<
z|K$4>XISIX9QaeS;6C$UNh6zt%?g3@eYK3!M0YHg&5w;GjA~jYsCuHZY?PVj<=prF
zs#Cl6pnK^6art@ny4}=JJr~xi`n7s?T3!Dwp4=}AsxSTggEJKT`eMU!FzX0#A9*hd
zm7acYXnm>HecJ6jtM2&c&RgqErm9otJ~-{GaL(Yd9(@BgSa|Xqpvo_wH}q2i)#JxD
z=~xl6_wsw{wHxU{`S@`@7OY}!?0WsNeh9sR6@1yq-*EI->*qY`?$+^^7^T?GrWO6<
z+c(sfQv5|b12!Qtuj0{NQhQz5O)A>UzZp&H$I<on-%n^^c1x?NHZku-woNx^v69qs
zYn&IL|L(16AhmIzATqC0?t}bXXCvJk8{jTT&5A~NU$6!E0HlBwcNkXm$$DBE8SJdT
z7Q9%p4r@~`>Q*nLmhi-QjtJts&*->vLquZu5!J4K@NkAC8E=Nee&v(CGt-_S7>n5-
z)sKp(CB#dCj$wR)Vz?Nfkdlb^z(M&+3}RTRcKxy2DcjMRGIWPChWL!eQE|#urwPPy
z#*q8HQ!>tBg#R=7u;+Z&&eL0Ir_~0ZvgP`^Wg@ALJu@_u)OWlhm%EoFUX;zgCcq8v
zA2cHRA|y+U<?8+MB{Zq4ZMA8u$>2QpL&St1VYZYUbAsBXrZ(NHr<tq+SuW-Hm37Tu
z)Y)9;m(Jw_SH{#k(w@+Fp2uz!!Am{!GKNi|S6KB$ed(|6CUx9j_HlWBHTL?`@qoWs
z((Av$48@5KG4T~}tlj_Ft)BniJvewe|Me(o3-qB7h!OSDyB-4Ic7_NTXE=^jd>t6x
zz$xN^X97CpZ+-I_ieoU1=~%C8Vlv$U48>63InuE)ihM{SZwnAK)i20CPt~*7DAIE1
z|7-_9%6UMEswqiQA%kK}P~Zh8gX@8y40&6?yiWK2cmN{IxED;ZXsdrU`Cc&ogSFMa
zHe)tz%YW>jd`{X0pfL<@vQ$4Y@4X24ZR))U#_+~_5l997;{SPD;5}q2D$Ci)Dfa?%
zPs$5$gkW2jWAryKnDbBtb^EJ(b@Qa>|JCWy$=lN)iM|SsHTypYhkMoe-+lSC|NA(}
zhKCuL*uCDcAp(uDBmozYL@<_9)O`&)&~XdT|Lf%HzdUa=8hPL95W%L9iE0x7-_Lhc
zO`h-T!{)^YRbRq8BO(t{=6Oo+=!Y}MlnO2wOgVsgtiLp-i$of0lmG}m6tB1b`rN!q
zU0NUB&Y!K$xC!UweRzZ7L>D&^ypn*=wypdF`gupDTia(y-R0w0Antj7C6dDKcb*R<
zJh1njX^moq#Fa;)JNi9?I)EuCUcb@|RP19Y)!`D{s5g1A88_2L8pBkP?JGv{wgbk5
z)KeK8K^D$*zK+sb>aAqq>&|J2!d!Gt-W=Hy)d<fU(xS`rcTSafR{`SOmvBeP!Z#VC
zUgMxC3V=Z49jZq#RqQj<<MxSi6Pm>71KYhOY@t1?REmfhs3>3``gx?SU!QLkVYjwD
zt^<XF7;~XR!Z<;>RI~#V-^4;i5r{JNh-GDZ{5N><Vu;fhFM8k{a{*-g@<5Av1ddeW
zC907gVebfD#^lU?YDXwWCV-dAQD;JwnQO`yMeCepD4}!2f$c??sWeF`QNg+(=QPAB
zN=@Fuy1#Yr#HxbR?Pl8K4Ae-SfO_if`GVDXPswbD@8;EM6NV?pC}s$=yqirtYtOp_
z)s$0E%B`2Hq>~~F`s#vry0oT4Wq5b~W@*!M_keWg-GNd0mDkZS`p;BQ=KL|(d#5`v
z%40;23?~XAth{R^!xEuH#h*%dU{nf7J#wiKaJqyGB`O4*{y8Ef6`zJjKdK;BpGRd@
z6gwL$Ss{y=Cll^Zgc}KaR3$<$tu7&A=)C$4Np<rskMN|Z)Y?PG_EySHg&#8!Dc@vc
zKpB9*1eA0J+MTAzJwmaxd+xx6dN)VXqh&##M#_g_*_s(@nb9o)SEwsbVK!se%vcvM
zu?RoBk_ffPHgd5$_f?wkYwVkbDh|L~>Cj;^SsUq-p$TG$gow8VquDq{d`79jWZK@+
z=7nF1n!2i4RgP9Ks*IZ2l-XM>b}+?Mg^Yy4#G02D&gSjeFmmY%YV8e}Mrv(*&%X_|
zOLwbAa<Z7IYo@E&;*h<V6YGYE4Zu+>J#g*Fo9M&4rI@5+I!8MyWL?ToC~Jo5MLv#1
zu-TwkekOBNR5~)@qG9ZwgUREF(W;4JBc+)G%=ucc!SAAXo~&IV^zIuMwRxU{8W-G`
zZyU(C`_mCa9U@l73T+~;;a%iWi8%d`0=QZdM6`*mjj2%*R-RR^a_0^VO0hgcN{F%8
zGZycx4|?fhUy4|WwTOqqbAwF<%#>qfcYn5FvzH@|c^z?y-^25PHojHh@z4#J$iEP=
zbFXo^(z#DS%yo!SMO4*_KUCz*2a1|mYe4x}TtfrgLvt$hy0lX)o#RC*OzD~~`}DcO
zyW%D2M$xfhAkQ^pr3rPhQM5#K9)JDFpQ9r5=g8?6_g>lx^YM$Lfi8svtju(8qpiTa
zB!=kPUTEl*{GMB-?I~reOy?ybN$*3!{;Pw1gQ-M8<+|8tJq6X+rknFX-#!}|3i8+A
zSG#t@HE}XG=Rw}~;(_=Ts2ed4?t|LFY#x$d)nW(p#-Tbl!dx7bT;;4uKgb-bH9`<T
z&hb>me&4Xcb?mTlc-6}1mlpGeJ|GRwsm<kN+<~EUxbp$AuTej?{DUhYwR)$V0M{!>
zU}|l0MCM=)8J6}6H<5`{7~u~}gB0uR&Hhknp|-tM`g1$*JZpg=7|sd`iq(8D@_pHu
z8?^XAtp<MB$$$Pj0+3BJ#dkr?%BxvX9R+I_qrv~!;|%V8MzV1Ja7subTCQCF;Z^5V
zr&TMW*&yxs;UYypQ2swVF&;C>7Oi~MeW0%qly*ZhjyQnL7caE45M`m(yCh#R$sL5k
zbr~aZD=n!0<%x8f1Y|;4vU=ly>$P%ok3olQHeo|&(0C$D=HtXJQjM;VG%w6*_OW&h
zJnt8psbzB;haVba)`&jiLm=xx1bWN4R7P5R+M0neLoixM7nCC+0$`zMT+{Tygyh%E
zDhA!ENd4P^r`+~4GNCNdyVY<^Gc7SI9uBvA027*#2z;0!hQ4fU>*zFFJcPtozkLIG
eJNO6fBR{35^pyU2>Hh}+0RR6R9##|png9StzQvXR

literal 0
HcmV?d00001

diff --git a/packs/cks-trivy-0.21.1/charts/trivy/.helmignore b/packs/cks-trivy-0.21.1/charts/trivy/.helmignore
new file mode 100644
index 00000000..50af0317
--- /dev/null
+++ b/packs/cks-trivy-0.21.1/charts/trivy/.helmignore
@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/Chart.yaml b/packs/cks-trivy-0.21.1/charts/trivy/Chart.yaml
new file mode 100644
index 00000000..3b96ab9c
--- /dev/null
+++ b/packs/cks-trivy-0.21.1/charts/trivy/Chart.yaml
@@ -0,0 +1,11 @@
+apiVersion: v2
+appVersion: 0.69.1
+description: Trivy helm chart
+keywords:
+- scanner
+- trivy
+- vulnerability
+name: trivy
+sources:
+- https://github.com/aquasecurity/trivy
+version: 0.21.1
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/README.md b/packs/cks-trivy-0.21.1/charts/trivy/README.md
new file mode 100644
index 00000000..92f96a8d
--- /dev/null
+++ b/packs/cks-trivy-0.21.1/charts/trivy/README.md
@@ -0,0 +1,112 @@
+# Trivy Scanner
+
+Trivy vulnerability scanner standalone installation.
+
+## TL;DR;
+
+```
+$ helm install trivy . --namespace trivy --create-namespace
+```
+
+## Introduction
+
+This chart bootstraps a Trivy deployment on a [Kubernetes](http://kubernetes.io) cluster using the
+[Helm](https://helm.sh) package manager.
+
+## Prerequisites
+
+- Kubernetes 1.12+
+- Helm 3+
+
+## Installing from the Aqua Chart Repository
+
+```
+helm repo add aquasecurity https://aquasecurity.github.io/helm-charts/
+helm repo update
+helm search repo trivy
+helm install my-trivy aquasecurity/trivy
+```
+
+## Installing the Chart
+
+To install the chart with the release name `my-release`:
+
+```
+$ helm install my-release .
+```
+
+The command deploys Trivy on the Kubernetes cluster in the default configuration. The [Parameters](#parameters)
+section lists the parameters that can be configured during installation.
+
+> **Tip**: List all releases using `helm list`.
+
+## Uninstalling the Chart
+
+To uninstall/delete the `my-release` deployment:
+
+```
+$ helm delete my-release
+```
+
+The command removes all the Kubernetes components associated with the chart and deletes the release.
+
+## Parameters
+
+The following table lists the configurable parameters of the Trivy chart and their default values.
+
+|                 Parameter             |                                Description                              |    Default     |
+|---------------------------------------|-------------------------------------------------------------------------|----------------|
+| `image.registry`                      | Image registry                                                          | `docker.io`    |
+| `image.repository`                    | Image name                                                              | `aquasec/trivy` |
+| `image.tag`                           | Image tag                                                               | `{TAG_NAME}`   |
+| `image.pullPolicy`                    | Image pull policy                                                       | `IfNotPresent` |
+| `image.pullSecret`                    | The name of an imagePullSecret used to pull trivy image from e.g. Docker Hub or a private registry  | |
+| `replicaCount`                        | Number of Trivy Pods to run                                   | `1`            |
+| `trivy.debugMode`                     | The flag to enable or disable Trivy debug mode                          | `false` |
+| `trivy.gitHubToken`                   | The GitHub access token to download Trivy DB. More info: https://trivy.dev/docs/latest/references/troubleshooting/#github-rate-limiting                          |      |
+| `trivy.registryUsername`              | The username used to log in at dockerhub. More info: https://trivy.dev/docs/latest/advanced/private-registries/docker-hub/ |      |
+| `trivy.registryPassword`              | The password used to log in at dockerhub. More info: https://trivy.dev/docs/latest/advanced/private-registries/docker-hub/ |      |
+| `trivy.registryCredentialsExistingSecret` | Name of Secret containing dockerhub credentials. Alternative to the 2 parameters above, has precedence if set.                    |      |
+| `trivy.serviceAccount.annotations`        | Additional annotations to add to the Kubernetes service account resource |     |
+| `trivy.skipDBUpdate`                    | The flag to enable or disable Trivy DB downloads from GitHub            | `false`        |
+| `trivy.dbRepository`                  | OCI repository to retrieve the trivy vulnerability database from        | `ghcr.io/aquasecurity/trivy-db`        |
+| `trivy.cache.redis.enabled`           | Enable Redis as caching backend                                         | `false` |
+| `trivy.cache.redis.url`               | Specify redis connection url, e.g. redis://redis.redis.svc:6379         | `` |
+| `trivy.cache.redis.ttl`               | Specify redis TTL, e.g. 3600s or 24h                                    | `` |
+| `trivy.cache.redis.tls`               | Enable Redis TLS with public certificates                               | `` |
+| `trivy.serverToken`                   | The token to authenticate Trivy client with Trivy server                | `` |
+| `trivy.existingSecret`                | existingSecret if an existing secret has been created outside the chart. Overrides gitHubToken, registryUsername, registryPassword, serverToken | `` |
+| `trivy.podAnnotations`                | Annotations for pods created by statefulset                             | `{}` |
+| `trivy.extraEnvVars`                  | extraEnvVars to be set on the container                                 | `{}` |
+| `trivy.sslCertDir`                    | Can be used to override the system default locations for SSL certificate files directory, example: `/ssl/certs` | `` |
+| `service.name`                        | If specified, the name used for the Trivy service                       |     |
+| `service.type`                        | Kubernetes service type                                                 | `ClusterIP` |
+| `service.port`                        | Kubernetes service port                                                 | `4954`      |
+| `service.sessionAffinity`             | Kubernetes service session affinity                                     | `ClientIP`  |
+| `httpProxy`                           | The URL of the HTTP proxy server                                        |     |
+| `httpsProxy`                          | The URL of the HTTPS proxy server                                       |     |
+| `noProxy`                             | The URLs that the proxy settings do not apply to                        |     |
+| `nodeSelector`                        | Node labels for pod assignment                                              |     |
+| `affinity`                            | Affinity settings for pod assignment                                              |     |
+| `tolerations`                         | Tolerations for pod assignment                                              |     |
+| `podAnnotations`                      | Annotations for pods created by statefulset                             | `{}` |
+
+The above parameters map to the env variables defined in [trivy](https://trivy.dev/docs/latest/configuration/#configuration).
+
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
+
+```
+$ helm install my-release . \
+       --namespace my-namespace \
+       --set "service.port=9090" \
+       --set "trivy.vulnType=os\,library"
+```
+
+## Storage
+
+This chart uses a PersistentVolumeClaim to reduce the number of database downloads between POD restarts or updates. The storageclass should have the reclaim policy `Retain`.
+
+## Caching
+
+You can specify a Redis server as cache backend. This Redis server has to be already present. You can use the [bitnami chart](https://bitnami.com/stack/redis/helm).
+More Information about the caching backends can be found [here](https://trivy.dev/docs/latest/configuration/cache/#scan-cache-backend).
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/templates/NOTES.txt b/packs/cks-trivy-0.21.1/charts/trivy/templates/NOTES.txt
new file mode 100644
index 00000000..443a853e
--- /dev/null
+++ b/packs/cks-trivy-0.21.1/charts/trivy/templates/NOTES.txt
@@ -0,0 +1,2 @@
+You should be able to access Trivy server installation within
+the cluster at http://{{ include "trivy.fullname" . }}.{{ .Release.Namespace }}:{{ .Values.service.port }}
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/templates/_helpers.tpl b/packs/cks-trivy-0.21.1/charts/trivy/templates/_helpers.tpl
new file mode 100644
index 00000000..28d83fcf
--- /dev/null
+++ b/packs/cks-trivy-0.21.1/charts/trivy/templates/_helpers.tpl
@@ -0,0 +1,55 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "trivy.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "trivy.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "trivy.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Common labels
+*/}}
+{{- define "trivy.labels" -}}
+app.kubernetes.io/name: {{ include "trivy.name" . }}
+helm.sh/chart: {{ include "trivy.chart" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end -}}
+
+{{/*
+Return the proper imageRef as used by the container template spec.
+*/}}
+{{- define "trivy.imageRef" -}}
+{{- $registryName := .Values.image.registry -}}
+{{- $repositoryName := .Values.image.repository -}}
+{{- $tag := .Values.image.tag | default .Chart.AppVersion | toString -}}
+{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
+{{- end -}}
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/templates/configmap.yaml b/packs/cks-trivy-0.21.1/charts/trivy/templates/configmap.yaml
new file mode 100644
index 00000000..75dfb35d
--- /dev/null
+++ b/packs/cks-trivy-0.21.1/charts/trivy/templates/configmap.yaml
@@ -0,0 +1,32 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "trivy.fullname" . }}
+  labels:
+{{ include "trivy.labels" . | indent 4 }}
+data:
+  TRIVY_LISTEN: "0.0.0.0:{{ .Values.service.port }}"
+  TRIVY_CACHE_DIR: "/home/scanner/.cache/trivy"
+{{- if .Values.trivy.cache.redis.enabled }}
+  TRIVY_CACHE_BACKEND: {{ .Values.trivy.cache.redis.url | quote }}
+  TRIVY_CACHE_TTL: {{ .Values.trivy.cache.redis.ttl | quote }}
+  TRIVY_REDIS_TLS: {{ .Values.trivy.cache.redis.tls | quote }}
+{{- end }}
+  TRIVY_DEBUG: {{ .Values.trivy.debugMode | quote }}
+  TRIVY_SKIP_DB_UPDATE: {{ .Values.trivy.skipDBUpdate | quote }}
+  TRIVY_DB_REPOSITORY: {{ .Values.trivy.dbRepository | quote }}
+{{- if .Values.httpProxy }}
+  HTTP_PROXY: {{ .Values.httpProxy | quote }}
+{{- end }}
+{{- if .Values.httpsProxy }}
+  HTTPS_PROXY: {{ .Values.httpsProxy | quote }}
+{{- end }}
+{{- if .Values.noProxy }}
+  NO_PROXY: {{ .Values.noProxy | quote }}
+{{- end }}
+{{- with .Values.trivy.extraEnvVars }}
+  {{- . | toYaml | nindent 2 }}
+{{- end }}
+{{- if .Values.trivy.sslCertDir }}
+  SSL_CERT_DIR: {{ .Values.trivy.sslCertDir | quote }}
+{{- end }}
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/templates/ingress.yaml b/packs/cks-trivy-0.21.1/charts/trivy/templates/ingress.yaml
new file mode 100644
index 00000000..fc4a59fc
--- /dev/null
+++ b/packs/cks-trivy-0.21.1/charts/trivy/templates/ingress.yaml
@@ -0,0 +1,53 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "trivy.fullname" . -}}
+{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+apiVersion: networking.k8s.io/v1
+{{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }}
+apiVersion: networking.k8s.io/v1beta1
+{{- else }}
+apiVersion: extensions/v1beta1
+{{- end }}
+kind: Ingress
+metadata:
+  name: {{ include "trivy.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+{{ include "trivy.labels" . | indent 4 }}
+  {{- with .Values.ingress.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+{{- if and (.Values.ingress.ingressClassName) (semverCompare ">= v1.18.0" .Capabilities.KubeVersion.Version) }}
+  ingressClassName: {{ .Values.ingress.ingressClassName }}
+{{- end }}
+{{- if .Values.ingress.tls }}
+  tls:
+  {{- range .Values.ingress.tls }}
+    - hosts:
+      {{- range .hosts }}
+        - {{ . | quote }}
+      {{- end }}
+      secretName: {{ .secretName }}
+  {{- end }}
+{{- end }}
+  rules:
+  {{- range .Values.ingress.hosts }}
+    - host: {{ .host | quote }}
+      http:
+        paths:
+          - path: {{ $.Values.ingress.path }}
+        {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" }}
+            pathType: {{ $.Values.ingress.pathType }}
+            backend:
+              service:
+                name: {{ $fullName }}
+                port:
+                  number: {{ $.Values.service.port -}}
+          {{- else }}
+            backend:
+              serviceName: {{ $fullName }}
+              servicePort: {{ $.Values.service.port -}}
+          {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/templates/podsecuritypolicy.yaml b/packs/cks-trivy-0.21.1/charts/trivy/templates/podsecuritypolicy.yaml
new file mode 100644
index 00000000..45396677
--- /dev/null
+++ b/packs/cks-trivy-0.21.1/charts/trivy/templates/podsecuritypolicy.yaml
@@ -0,0 +1,44 @@
+{{- if .Values.rbac.pspEnabled }}
+  {{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ include "trivy.fullname" . }}
+  {{- with .Values.rbac.pspAnnotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  labels:
+{{ include "trivy.labels" . | indent 4 }}
+spec:
+  privileged: false
+  allowPrivilegeEscalation: false
+  volumes:
+    - 'configMap'
+    - 'emptyDir'
+    - 'persistentVolumeClaim'
+    - 'secret'
+    - 'projected'
+    - 'downwardAPI'
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+    - min: 1
+      max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+    - min: 1
+      max: 65535
+  readOnlyRootFilesystem: true
+  requiredDropCapabilities:
+    - ALL
+  {{- end }}
+{{- end }}
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/templates/role.yaml b/packs/cks-trivy-0.21.1/charts/trivy/templates/role.yaml
new file mode 100644
index 00000000..461ec60f
--- /dev/null
+++ b/packs/cks-trivy-0.21.1/charts/trivy/templates/role.yaml
@@ -0,0 +1,18 @@
+{{- if .Values.rbac.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{ include "trivy.fullname" . }}
+  labels:
+{{ include "trivy.labels" . | indent 4 }}
+  namespace: {{ .Release.Namespace }}
+{{- if .Values.rbac.pspEnabled }}
+  {{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
+rules:
+- apiGroups:      ['policy']
+  resources:      ['podsecuritypolicies']
+  verbs:          ['use']
+  resourceNames:  [{{ include "trivy.fullname" . }}]
+  {{- end }}
+{{- end }}
+{{- end }}
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/templates/rolebinding.yaml b/packs/cks-trivy-0.21.1/charts/trivy/templates/rolebinding.yaml
new file mode 100644
index 00000000..8b35061b
--- /dev/null
+++ b/packs/cks-trivy-0.21.1/charts/trivy/templates/rolebinding.yaml
@@ -0,0 +1,16 @@
+{{- if .Values.rbac.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ include "trivy.fullname" . }}
+  labels:
+{{ include "trivy.labels" . | indent 4 }}
+  namespace: {{ .Release.Namespace }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ include "trivy.fullname" . }}
+subjects:
+- kind: ServiceAccount
+  name: {{ include "trivy.fullname" . }}
+{{- end }}
\ No newline at end of file
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/templates/secret.yaml b/packs/cks-trivy-0.21.1/charts/trivy/templates/secret.yaml
new file mode 100644
index 00000000..0aa79c8a
--- /dev/null
+++ b/packs/cks-trivy-0.21.1/charts/trivy/templates/secret.yaml
@@ -0,0 +1,16 @@
+{{- if not .Values.trivy.existingSecret }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "trivy.fullname" . }}
+  labels:
+{{ include "trivy.labels" . | indent 4 }}
+type: Opaque
+data:
+  GITHUB_TOKEN: {{ .Values.trivy.gitHubToken | default "" | b64enc | quote }}
+  TRIVY_TOKEN: {{ .Values.trivy.serverToken | default "" | b64enc | quote }}
+{{- if not .Values.trivy.registryCredentialsExistingSecret }}
+  TRIVY_USERNAME: {{ .Values.trivy.registryUsername | default "" | b64enc | quote }}
+  TRIVY_PASSWORD: {{ .Values.trivy.registryPassword | default "" | b64enc | quote }}
+{{- end -}}
+{{- end }}
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/templates/service.yaml b/packs/cks-trivy-0.21.1/charts/trivy/templates/service.yaml
new file mode 100644
index 00000000..8744b220
--- /dev/null
+++ b/packs/cks-trivy-0.21.1/charts/trivy/templates/service.yaml
@@ -0,0 +1,18 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Values.service.name | default (include "trivy.fullname" .) }}
+  labels:
+{{ include "trivy.labels" . | indent 4 }}
+spec:
+  type: {{ .Values.service.type | default "ClusterIP" }}
+  selector:
+    app.kubernetes.io/name: {{ include "trivy.name" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+  ports:
+    - name: trivy-http
+      protocol: TCP
+      port: {{ .Values.service.port | default 4954 }}
+      targetPort: {{ .Values.service.port | default 4954 }}
+  sessionAffinity: {{ .Values.service.sessionAffinity | default "ClientIP" }}
+
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/templates/serviceaccount.yaml b/packs/cks-trivy-0.21.1/charts/trivy/templates/serviceaccount.yaml
new file mode 100644
index 00000000..2b10e906
--- /dev/null
+++ b/packs/cks-trivy-0.21.1/charts/trivy/templates/serviceaccount.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "trivy.fullname" . }}
+  labels:
+{{ include "trivy.labels" . | indent 4 }}
+{{- if (.Values.trivy.serviceAccount).annotations }}
+  annotations:
+{{ toYaml .Values.trivy.serviceAccount.annotations | indent 4 }}
+{{- end }}
+  namespace: {{ .Release.Namespace }}
\ No newline at end of file
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/templates/statefulset.yaml b/packs/cks-trivy-0.21.1/charts/trivy/templates/statefulset.yaml
new file mode 100644
index 00000000..7d7211c3
--- /dev/null
+++ b/packs/cks-trivy-0.21.1/charts/trivy/templates/statefulset.yaml
@@ -0,0 +1,148 @@
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: {{ include "trivy.fullname" . }}
+  labels:
+{{ include "trivy.labels" . | indent 4 }}
+    {{- with .Values.trivy.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  podManagementPolicy: "Parallel"
+  serviceName: {{ include "trivy.fullname" . }}
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "trivy.name" . }}
+      app.kubernetes.io/instance: {{ .Release.Name }}
+  {{- if .Values.persistence.enabled }}
+  volumeClaimTemplates:
+    - apiVersion: v1
+      kind: PersistentVolumeClaim
+      metadata:
+        name: data
+      spec:
+        resources:
+          requests:
+            storage: {{ .Values.persistence.size }}
+        accessModes:
+          - {{ .Values.persistence.accessMode }}
+        storageClassName: {{ .Values.persistence.storageClass }}
+  {{- end }}
+  template:
+    metadata:
+      annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+      {{- with .Values.podAnnotations }}
+        {{- . | toYaml | nindent 8 }}
+      {{- end }}
+      labels:
+        app.kubernetes.io/name: {{ include "trivy.name" . }}
+        app.kubernetes.io/instance: {{ .Release.Name }}
+        {{- with .Values.trivy.labels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      serviceAccountName: {{ include "trivy.fullname" . }}
+      automountServiceAccountToken: false
+      {{- if .Values.podSecurityContext }}
+      securityContext:
+{{ toYaml .Values.podSecurityContext | indent 8 }}
+      {{- end }}
+      {{- if .Values.image.pullSecret }}
+      imagePullSecrets:
+        - name: {{ .Values.image.pullSecret }}
+      {{- end }}
+      {{- if .Values.nodeSelector }}
+      nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+      {{- end }}
+      {{- if .Values.tolerations }}
+      tolerations:
+{{ toYaml .Values.tolerations | indent 8 }}
+      {{- end }}
+      {{- if .Values.affinity }}
+      affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+      {{- end }}
+      containers:
+        - name: main
+          image: {{ template "trivy.imageRef" . }}
+          imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
+          {{- if .Values.securityContext }}
+          securityContext:
+{{ toYaml .Values.securityContext | indent 12 }}
+          {{- end }}
+          args:
+            - server
+          {{- if .Values.trivy.registryCredentialsExistingSecret }}
+          env:
+            - name: TRIVY_USERNAME
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.trivy.registryCredentialsExistingSecret }}
+                  key: TRIVY_USERNAME
+            - name: TRIVY_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.trivy.registryCredentialsExistingSecret }}
+                  key: TRIVY_PASSWORD
+          {{- end }}
+          envFrom:
+            - configMapRef:
+                name: {{ include "trivy.fullname" . }}
+            - secretRef:
+                {{- if not .Values.trivy.existingSecret }}
+                name: {{ include "trivy.fullname" . }}
+                {{- else }}
+                name: {{ .Values.trivy.existingSecret }}
+                {{- end }}
+          ports:
+            - name: trivy-http
+              containerPort: {{ .Values.service.port }}
+          livenessProbe:
+            httpGet:
+              scheme: HTTP
+              path: /healthz
+              port: trivy-http
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            failureThreshold: 10
+          readinessProbe:
+            httpGet:
+              scheme: HTTP
+              path: /healthz
+              port: trivy-http
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            failureThreshold: 3
+          volumeMounts:
+            - mountPath: /tmp
+              name: tmp-data
+              readOnly: false
+            - mountPath: /home/scanner/.cache
+              name: data
+              readOnly: false
+          {{- with .Values.trivy.sslCertDir }}
+            - mountPath: {{ . }}
+              name: ssl-cert-dir
+              readOnly: true
+          {{- end }}
+          {{- if .Values.resources }}
+          resources:
+{{ toYaml .Values.resources | indent 12 }}
+          {{- end }}
+      volumes:
+        - name: tmp-data
+          emptyDir: {}
+        {{- if not .Values.persistence.enabled }}
+        - name: data
+          emptyDir: {}
+        {{- end }}
+        {{- with .Values.trivy.sslCertDir }}
+        - name: ssl-cert-dir
+          hostPath:
+            path: {{ . }}
+        {{- end }}
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/values.yaml b/packs/cks-trivy-0.21.1/charts/trivy/values.yaml
new file mode 100644
index 00000000..177a62fa
--- /dev/null
+++ b/packs/cks-trivy-0.21.1/charts/trivy/values.yaml
@@ -0,0 +1,165 @@
+nameOverride: ""
+fullnameOverride: ""
+
+image:
+  registry: docker.io
+  repository: aquasec/trivy
+  # tag is an override of the image tag, which is by default set by the
+  # appVersion field in Chart.yaml.
+  tag: ""
+  pullPolicy: IfNotPresent
+  pullSecret: ""
+
+replicaCount: 1
+
+persistence:
+  enabled: true
+  storageClass: ""
+  accessMode: ReadWriteOnce
+  size: 5Gi
+
+resources:
+  requests:
+    cpu: 200m
+    memory: 512Mi
+  limits:
+    cpu: 1
+    memory: 1Gi
+
+rbac:
+  create: true
+  pspEnabled: false
+  pspAnnotations: {}
+
+podSecurityContext:
+  runAsUser: 65534
+  runAsNonRoot: true
+  fsGroup: 65534
+
+securityContext:
+  privileged: false
+  readOnlyRootFilesystem: true
+
+## Node labels for pod assignment
+## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+nodeSelector: {}
+
+## Affinity settings for pod assignment
+## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+affinity: {}
+
+## Tolerations for pod assignment
+## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+tolerations: []
+
+## Annotations for pods created by statefulset
+## Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+podAnnotations: {}
+
+trivy:
+  # debugMode the flag to enable Trivy debug mode
+  debugMode: false
+  # gitHubToken the GitHub access token to download Trivy DB
+  #
+  # Trivy DB contains vulnerability information from NVD, Red Hat, and many other upstream vulnerability databases.
+  # It is downloaded by Trivy from the GitHub release page https://github.com/aquasecurity/trivy-db/releases and cached
+  # in the local file system (`/home/scanner/.cache/trivy/db/trivy.db`). In addition, the database contains the update
+  # timestamp so Trivy can detect whether it should download a newer version from the Internet or use the cached one.
+  # Currently, the database is updated every 12 hours and published as a new release to GitHub.
+  #
+  # Anonymous downloads from GitHub are subject to the limit of 60 requests per hour. Normally such rate limit is enough
+  # for production operations. If, for any reason, it's not enough, you could increase the rate limit to 5000
+  # requests per hour by specifying the GitHub access token. For more details on GitHub rate limiting please consult
+  # https://developer.github.com/v3/#rate-limiting
+  #
+  # You can create a GitHub token by following the instructions in
+  # https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line
+  gitHubToken: ""
+
+  # Docker registry credentials
+  # See also: https://trivy.dev/docs/latest/advanced/private-registries/docker-hub/
+  #
+  # Either
+  # Directly in this file
+  #
+  # TRIVY_USERNAME
+  registryUsername: ""
+  # TRIVY_PASSWORD
+  registryPassword: ""
+  #
+  # Or
+  # From an existing secret
+  #
+  # The secret must be Opaque and just contain "TRIVY_USERNAME: your_user" and "TRIVY_PASSWORD: your_password" as k/v pairs.
+  # NOTE: When this is set the previous parameters are ignored.
+  #
+  # registryCredentialsExistingSecret: name-of-existing-secret
+  # skipDBUpdate the flag to enable or disable Trivy DB downloads from GitHub
+  #
+  # You might want to enable this flag in test or CI/CD environments to avoid GitHub rate limiting issues.
+  # If the flag is enabled you have to manually download the `trivy.db` file and mount it in the
+  # `/home/scanner/.cache/trivy/db/trivy.db` path (see `cacheDir`).
+  skipDBUpdate: false
+  # OCI repository to retrieve the trivy vulnerability database from
+  dbRepository: ghcr.io/aquasecurity/trivy-db
+  # Trivy supports filesystem and redis as caching backend
+  # https://github.com/aquasecurity/trivy#specify-cache-backend
+  # This location is only used for the cache, not the db storage: https://github.com/aquasecurity/trivy/issues/765#issue-756010345
+  #
+  # In case you specify redis as backend, make sure you installed a redis server yourself, e.g.
+  # https://bitnami.com/stack/redis/helm
+  #
+  # In case redis is not enabled, the filesystem will be used
+  cache:
+    redis:
+      enabled: false
+      url: ""  # e.g. redis://redis.redis.svc:6379
+      ttl: ""  # e.g 3600s, 24h
+      tls: false
+  serviceAccount:
+    annotations: {}
+      # eks.amazonaws.com/role-arn: arn:aws:iam::ACCOUNT_ID:role/IAM_ROLE_NAME
+  # If you want to add custom labels to your statefulset and podTemplate
+  labels: {}
+  # serverToken is the token to authenticate Trivy client with Trivy server.
+  serverToken: ""
+  # existingSecret if an existing secret has been created outside the chart.
+  # Overrides gitHubToken, registryUsername, registryPassword, serverToken
+  existingSecret: ""
+  # extraEnvVars to be set on the container
+  extraEnvVars: {}
+  # sslCertDir can be used to override the system default locations for SSL certificate files directory, example: /ssl/certs
+  sslCertDir: ""
+
+service:
+  # If specified, the name used for the Trivy service.
+  name:
+  # type Kubernetes service type
+  type: ClusterIP
+  # port Kubernetes service port
+  port: 4954
+  # sessionAffinity Kubernetes service session affinity
+  sessionAffinity: ClientIP
+
+ingress:
+  enabled: false
+  # From Kubernetes 1.18+ this field is supported in case your ingress controller supports it. When set, you do not need to add the ingress class as annotation.
+  ingressClassName:
+  annotations: {}
+    # kubernetes.io/ingress.class: nginx
+  hosts:
+    - host: trivy.example.com
+  path: "/"
+  # type is only needed for networking.k8s.io/v1 in k8s 1.19+
+  pathType: Prefix
+  tls: []
+  #  - secretName: trivy-example-tls
+  #    hosts:
+  #      - trivy.example.com
+
+# httpProxy the URL of the HTTP proxy server
+httpProxy:
+# httpsProxy the URL of the HTTPS proxy server
+httpsProxy:
+# noProxy the URLs that the proxy settings do not apply to
+noProxy:
diff --git a/packs/cks-trivy-0.21.1/logo.png b/packs/cks-trivy-0.21.1/logo.png
new file mode 100644
index 0000000000000000000000000000000000000000..3048e8ce67f2a77e0e4534d110885b106cf67152
GIT binary patch
literal 50574
zcmeFZWq4b?vM_2poHoqN%ndip+%PnphMAe1rs0N}nXzGJPTDXtGc$kbe)l<N-|sp1
z-~D;5$JVUTkTmjWmX_=gg)b5a@VM{*002QsQd9{509wDlePN;BG2e-js^2R}Qz1Da
z0N_{Thi3z*_iJK9NhLV|z=IM10RI309^X;meE`6j82~uc2LL`N0RUKbY0Zkf?+rhU
zHKa`B<N&nqFf0HHhzfvshk)+|0K^6SmG%w+q=9(<4J!eu|4jn|0D{Z`kpHI9e6Rn4
z^nXA8yN1XD{*S~g(0@?_t+OEh8}|Lnw}1G<@V$bwll<xk05FpMeFNR{1zZ3CkeRuP
zhLeVz>}Nw;YeoYj+i%8<Zq{~xxd6OwpWi`iV<!V*H)|^!$Iotjr2nG${0{#`Gm#Si
zi^R#2k5ofWfmp=W!I+qXk(rU1lpmg$n3&hW$mFw<sQACx->>*c&77R<J~J`7y1FvD
zvNGB_m@=_&b8|B>e`5OdiQ%1s!O`8u$-s@l#*yqFA^#;u)Y#F`!Q9Tt+}4KpuUvy~
zw$4s`q@;fp{rBr1JDto;{zsFI<G;K0-a)3nElezo%uN3qo3Weu{|npSmVem()vtfl
z@%|O|S>D0i_}$>YX7RJ|{!79C1NT4X{X?&0>}YG{{FhwS#@vbj)4y5%FZ6$K{nh<h
z!Q9Q*>Z_=^wXu!kUrn4G?7U3>Ys>%2sqr72pSb^%^FLbtZ%z?gD_aL;I|D=Gza9IR
zvj0H+o0^yDuP^??H~%>PU)Xog^TYEp{r4>5hsSpM_#FTc1W1Vrski};(_y?!#BT1!
zV(U{++7ijN_WPt!giyq)z&giSzBD<c?O9oDK)NhaeIY><WKS_<D6y1p**)F$Ml}oV
zsd8fld}nu@j(bC~$Bf6j?lE#Md)tnVXO3sf$*iWQ&%2|^tgI%{IgtN<`Tu?d0`njz
z51gb2qKx=I5l|q%m#RWZV&GACl%9`iMNgYs1ZwcV3N|F_AhcP<p2JU6t>!UBW>}4%
z^rCS86xb*TYDdOhuGHLwEx3p+{~wKvo57T^#8Lm|#+HPG1w-|c$W_R%yQSrFzJ%gE
znFNfqqMi0R#tHsY1f&7Te*jE#Fm}%oWZ4zBPU`CF&80Q5cmzYgG5_f8VKdcpeK^l;
zYatq;7XQc6_2Vg_kKj}Ch*GY4yWr2LS+^bCZxw$4%gYCvT^-8Ro58oI#6SOS!(bvL
zKy#ry-DLEu=H&pl1sAU|grkJxXPxlPw%6$MIMx(bT!hwC!p+M%KY@zeHXc~AjNE@s
zxkp-HXKlmE<IVCDmV_|q8?ZWfD$uuZD$<8I-3O5WEEHkNBv*(>_hLvSP8n-;-k!XM
z@h*bZB+-uP-y(7#T?9c3fZ-cZgcdglt_-R(12>^?YE1js@6n+1G1?v9vDugD4Ne@L
zJC1yt{p#F@&y{H#o1~u0wDyrepA|X;6<YyL^sW$y;VNq-K@Kn*{x}&gEj9Eda`zEG
zqJ~@iusvH*tE3Z&w0<UK=6TiXL_$z212f*SV(S|kOk7Ie8D>pHxJi$$A;%S{rnqv~
z=ht|0jq^E^+1%JwzgV7Ui!O!r${9M*BLR)HKC>k8_gj7HfI<IQ0C6!Kv%XP@GUxq^
z&zD5I(J9+gC%~xKkM(MTtk={9X~G6RNDcYT-v-N-Bx(FdR%uY4P^&ueV9v;XuWqYb
zbCa#xJ(z7=V16?2%(Kyx--~yXP~toRn-l>RZvQ9(ouW#H0>E{|Lk~#~RSY`n;nw+c
zfr~ik=bXL1{8HvUS@!t3Ch!b6yG%n(CdrP4c%&1R@dgUctu3TPvr4{pu8~p)t)8*d
zrEmBf;!z<KuT5@ZY{K9tMwe-VE+_~a5`({shNAAf!ikQbx}pp~>PmtZ1P5=dx^)LH
zSl+%gqvgpOz(+&d%zkvKXq~a@*#lVkV5x!gjvCFjVLL~6Txj6P*6TM+P5|B$qBRF=
zJ6sW#oJZ+gEuUlAl=C{^h}9u32>@CUNfB5TP>1hP3R)Y4QVXNK%_1a4jQ8BgxH0<`
zf6xBslpz?cob#7f17}kCD;kXEuj}Pa?&qE_>AGX?5}hgfOF8J)KQ_&5#g=@~G&zUl
z`F}>OJK)N?r1<t5U2-8YLYA>)U2&zzk_Sq*2)=7@^&7w2CI|9(J1!JNHC#QRM(FGR
zsn+rzKOz!sd4<RJ#?lX`O#3FB%NnpP6IzQ^oQy4!;OTkCReQfssDG!sk9O{#VL@vY
zi~?8N0qbU%d$Inzj`e8YHILfwH9-*a<Tb(WrvMqyyb!qF$e#q0XrHwiYShqgNv^uy
zG1M$JUtY;s+CuwFD-q3zVgnmIN=L(upcw(xN(ER3H<-b5Tzx(3-ueOj5<T~fp>TW3
z5n;*IF6+ZViJ%Ca1Kmj~f?jC-U>9F#SFxMO0Y%2p=ZzWN<yYK))~R<pZB}Ni8*KW-
z+b;La<}<fZRLEOypcxOjL7j&}?KB}g?CHTxHhNI5)NicgmxXPJMT|G|Hh)$b)-h-7
zw7V}v0I6l%>V0f;6RQjdqK8;;`!eC^6yr>&fL=B;n819t5V5&J2kk+YaFNAQ=x1Jl
z3x{D%`;rv~;{t&UKvov>a!jUjCk;@tii1qrhVF9Z6t8|Pk?~__+o~pnNnUB7i$~5d
zc6h#pXv0sI(pM31NvkY<eU`vXx})>%nk&XhY?7?}GukDa7jYlG;pi;F0%TJYJH$CR
z|7Sd9*i+ZvX7iJ61o~=@B$mAu#J?(QCo1yYVX(R`upm~6KH;fmFz<-d<*UMY-dSr~
zIv|!uz}QyA&%KYCd+fVsT0=gGlfy}ld=%`v(OrH-9ca1v*!|Ct0hUU9t<=KIwH{qa
z^pkXdL#^UNROrNRtK}V%oSU4p1}KLeuQapYNQ{<wm41c06KfyHqB@jgbMT7YIvUJo
zG4IT2!}Ajzj)c6<77Ilk{0aic>T}BSnW~K0^;F3_{v7x2;tnok{<y``*SgDTV#&Yj
z^H{u>+ElRvD|kSJ5b*{lfB9)bb~M5na9fI9)EW#N$pu^RD%5A7cA&53JFk`Sl3#}0
zo^~l_iKK+VE{ZhYyYO9s75i-%Z0^HfIuZWFA8@)h>)bcjGv7Sx0-jL8PkPuG%+`f&
ze802SvLG!J{dC{VT({R&R1aiNIZ_VJYvd(x1jd7wJfxr3+_PvdkmvyK8f@T5l`<)i
zg<8gPmTL4My{=D;mdf>hpN()kVSaXRVK>|Hnft_<|F|T}*Fj^ykt&m9K{!Ot8z;FS
z<@gh_)!gZ`Vo`j6l%CktE8qpb)?RUp=E7qm2tSb&(Rk5(RonIOvr=5=pTCjvk0f27
zGb*5}M(18ouO)bETa>q23oA=V27=QPl&iM-tsaF*V1*_P=3Ds$L<9h=jmRzS=Bm7j
zQ)Q(mv^u!X)=z4RKL9?&&dfcgxmbO@!XWg*>$DMx_#&>2RF_~m7(aX3YX^C<Qq1<m
z%>=THv2*!a5#;!SgSb#(+;hr)(~5Z4Ca~EbbW0;i3%xXjo4Yi~64!-$+aP8m&CBuN
za;f1#ugMucZFIc)Y0K97%qNtZje@YJolqins9qHJ%v$Sx);2ICx^c>Yz@hE2R?34s
z58iMC?fe=EE1GK2&PZ80dKUFNy0Ro&Kt@?O8;)G0wx`zty$J?j%komofDfi8r+>NO
z-Iv}x=T1+0peGDcJHSn#0sykDK+%7XC?_)S<8*6`mPzbqMZEEtzx?<KrX){NKb`O9
z*}Mj0j@A8QDP*OY9(cqD6{M0riJv5{6bm>t))tAa6u;^}vcFe(YuSstcd^kO$fmhy
z%;!or9hLvPSP}oVy(S-}k`)z@#oF0bXTt2`x5b9I_X1vN_B?d|z;PJgz<Tq{`Ys-{
z{Z(E;ZEuM{j%52VfChLLCx~lbH)khI$y)IZZhmgcG#ZOMj*kpo1l4svWBv|kd*YtV
zB1U8O-UH(IU?qflaZC=-Fthu(Y^OX1g>P!-6>SJFA)j^7=~G&~S1J&$)`Z$}V+C5D
z-J5Mh)GYM0M0yRvPiw<_s5M+Bx?q&0d_%I0RVPNHA}ii?i#96geG6JkL47lY3%|4r
zC-1;uREh&XS>#~nKtdu4M_IMpTs$Z2QpLi?HJ<zJY3HiGp`ARI%JRMO=_6F+nb@^x
zZfNh{Gf8#=Sp@<~a+7_eTk&7|r|grxs~7g&r8>*s75s$3E%VX^Lau6`(YO?dQeM<D
z!0m^H)&|KC;~_V$!q~%>twjgt&rM(T&6nGLT6&J}wP8?(UGX)akJc3g0bALbQ)NTc
z_lr51DPBdHy@f9sTW%TyC%7d!9Iv$S^&qP13|mP<lsD0&PKpa*7d<V8Vr>PpqLh<7
z5MvtC4QnYaXpk1T#Vs5^-FST%$(?-;#R)IGz;=)+u-W{^Dghwp+qZ?!v>M;<u{E8M
zLY=FlPTO%TI^P&)T|v8vpnATQe>&+nN(PS+SSF)J78~tS0PZKMeu}r(g{?c>H)5~1
ze|;w3!7S{()7toW8r*{=(Ae~Ic}Eqb;*pJmy>7aF@nqzqH_8$OG3>B$WOPwbcL$ii
zCuk4=YRJnoYi^mmNIkMafDbk4Yx*Th;%X3=kF*UZ{@|1fH3!rnQm^cewY?R(t+n+$
z6>n&dXqUOgMXYXkV?}O$6eKE<Tn~_NC%fD(=v8l`pD$8oPWBqM>K5XMf`@j=cMnsX
zc)@@7FWBc?<8BMJ3bmh5bR%rpzq)nLBwo7W@=v`MQQvz=(%s3+Dc++gZ%CBoTe}tz
zxM{uEg(Tbijy?m4pjqNcC;!%)0#-ByvJqkyv!p@Qvf&?BTACv`T(YjyBu1cXR~kp)
zJOh5_|E8@<^$W=tB4qFoz$d{=z7xjJb#tW`5MDf#8+?v^`A#|%A6K=hsB8YQC+<E3
zJ*1#FGHna(obkIfFZeE8+ZXP<LJ2U;zIBkh7VTmSw_h4k3nMA0i4(t!U}UfJC4p)8
zULnT$L5uZ9yOdK%E*^X%KgyxAe=&99!T4J<#R`DS=vaW97(*a8T|Ew#yX2qPRMP$|
ztIV8&O6NlWqq$%86`!jnZvBG}WFuxaw<Xn$aII+_r>3*~8P{)Ih3R3hPux!SCO%=#
zF_B+*^*(boKnz-gA227aw7M>APhV<ytbY}Vcq%uGi)!*A1Z(lDf$=UojWcO_S)%s`
zB|PKh9UsdZ;o3uZOM!kKUqULk{>*Vz<Y+f26l^N3P)RXN+Ry{N8KPYb;Uqthc^VvY
z)26e?jh%B(eMHuuu+=VQ24Di}50U7TA4!lj`;1!`I{m%A@F4*LCX3*xFH0onVszW&
zV|fs>g0jsc+-Md}pk|{MWMxq#Ar7k_Ftfz&V4Mv|qq)sKWR+QuX#&Oy`rHP2e^{Na
z<Aj8IOO*;%9BmRLH<gcHLamDyevLQxfF?L+`59<2i)Gj7#eNsPFnfDy>b6DN`IwlN
z?~F$Mp74dO#FLtx6;R0RIG@Ml>vRN_>30809CLUN%_;kfPtVg=^}bnkpn~d$UF*Xp
z4U{537aKncHUox%#gJLrHU(l05BTBR4g4p-v?GwN_KW$SB~qYze}8skjno(@z;vk@
zt9u`3BTbC@2hy0+t~(5%1Wr_Lq|@~HG5ij2?CNr*E9p<l(=ydLGf0zh%=XYUl_wtF
zUt-C9aCM2@A7q+o!C@mnG&L*Jx!MOI7xI<~f^8L9c*5FzTM+{-JxaSKww^>k%tLEf
zVh$v7M_hnVG)(3A)}GM|qRxQgbD-HD)YQ5CmD|FS(R5Jf(y|{Gvl?oK{B`WP0pa2T
zr_2DjEXMT1y8UBv*7Y=R<+<L}q!mwrgC|?T+59=Wz}|1uTNRWT>}tQ1pSQTio}uKP
zCHUpP_yEdP92y!Z_V^*(qS8mjV?$z~MG%&^OUGN~g>@&dvon-8Rn69R#^c;Hag1pe
zTPT87LavQP7v;#KbcC8_sh6?1`TvmU)bCa7F|dPgtdGas81;*huTZmqQI8+lT2tH;
zCF@peV@}IlxJ<;d7O|Tj(R8=i`wh&l8F{HD)QDe%*FO#pbF54ZCkJN5t_ow#og$k(
zQhT>Ps}t4**#U9wfw*2IlnMGUYZ>B|iJn)}T4aeQZT3)M75v@UooC~NzS#}IscdZF
zD<|YgzBo;dg*<Oe6xM`}vOLxFDML>8wvPBmS6TD#6Mdk5%j=}$gPWzY@uyQcBY0eM
zv%gF3IHSM-U%XP3=!+AE%HwJ>KFG@IV`t)AzluGOyZNm2wA<zdrQ+ZgYixsZeQy>X
zZZREnN*~}VvkqC6kgjPSvOUakA=>$9Y!+-GQ!R-GWUXb0+HJBrsb;mTs&Z#H#l=U!
ztsimf^xks@CP8H(?#Z?eiQO+!lz)E!+-VC&28w9<!Z~0gVuuQ_Q}&?fplI6I9(FMy
z)v(*2Q0v{{BW&=2@7>P>H;-!1J~1JcPJO^%GK`X7l8hO%(v^TdVN)Vo{XQ%AITmS$
z0jrX<pl`Slc38y$xYn16&af8J7{d4+wI7)>-YJiS7D$^t%(N5`sd>yX$v1BbryQ*8
zoKL8fILG&M<&jRG&AHJH(iu<RfzgZKY3-G#YJJ9_m#V4)ROVH}@p=Rp{zWg>j72<j
zCAiR;h~V)a&{S`?OavP@-2X(fPzU4Wyb!JOW^IdpHbv|UpA!q^<&OL4cfa62E!dd`
z{lG>e=>@x6jTE4MrRKof`CD+m2!ac6k5Y4Ap5ccqkWHw`Wp0vcm7)$@MPgoggTC)r
z8u+RquE}QN4Q;z4Ga94U#OlJ}+Gk-X5E=ABlaz{i{&8_}wOmNr?~e42>wS6#lE^GQ
zH3wM*-lF&Cvn#?uMNVe1eRjqf2zmUSp5b!jQQL7y^j%q<JVlRNXk2aOM+^Y+v@iW0
zYqe)|-Q-RcSk|gr9n}{#{#wu)0Tiq47UTnKo*ha`)-d2Dd^g73hDg)0z38kY?v`}z
zpUz@vpT6g6hiaErAT`@UCO$$gYC{f?3>ZB>eQpYivGjnG9)0+cixEWKWJv)7TprM0
z<xVry1A8$F{w$^#zXi0m5uU$d@ulLKgKfrQ1Q3)nb*STEb{z4KBP1Z-?+}MwCtBAI
zJmF6RQ&B7Fj1x}dbbi05c6CzzM1{R%QQ6|OFOnjXAQcYPPUahY)de{|f!La9Ib^wb
z?qrYEX2Rc(duE;<ADfEz@R|neQcu5;;Rt?3Q=e94%3evj6sunXl?AcbQ7#fj9eh2~
z#EmXwA>#!oyhU(L#|A-8LgfZ)5r@y7P|nsq)<BpsvVtpHcm0Lg?W)Oy{kXtsF_QUh
z9|q~XJxPeMB74@LOb7?M<ts&d(qZTk_X>i!;%v=VPRlx@j?X}6s&k;#4%tpmMuQUf
zB1uPLxlxqJ6SKQZ!%TN><xLuxi|y(>LiK*5>hGNnD9_PKvh9Uj6uRBmr0DIlB;BVO
zBb4znb(zfx$sVsPK6<?@BT^Ke#M1RM?7qf_+$*~grp1F!`A{EiOtM0?*_)W+T8{v#
z#6W$loD;d0z^!>3gfYLmO{(-`zm{8Qq-ngfE-k3vHQvcEox<M>h96+=TNs9n+M{mE
zu0_3f<~mmH-lTj8h(Pv0E`(6r*grEX8a$ic^T%ruzX<_nD=qWztwX8Hbm}_NY)Hx+
zwJkJkuW2KJV?FFSs$YI`TtXzt{<++O{Q^LjP7&ve2cE$+F<=QLkvy24xhUbnzg??}
z<MyIveJcK0eKK35@CV(Y$gpK#+OgAm%a<iUJ4F8Cq+-vun0tEA;`=Vh>zmM7ZqpDt
zs*6!FNMj68CY^sE^vUlUnr6ke<nneUydj(GErfa5QIIb(Onen$R8Ej@o@P*Jw3L%M
zfz|y~`v9ojFrX_Pxg}?|k)-gQz*oz`+z?O~NZ7xq+-j!7R1^q1-Ln4yYIV9%LEJ$4
z`G<_ztN>(-G5=(FVei}fwgzBz1VeEBH+zbEUKcI!J&p*``W?gf)*+vMLsX%bP@y+p
z8<N!B`qY{7sQ#2M>RG<dvSOT!g)e=JQF{||UXi-5cp^7wI3^y(gRyifJTO?_h0DD3
zGob@hzvM-jvj`*Z3b6ph8OyA`>UG(2D<HOBkCi(>qUC1VhL#wfL&m0x%eCklZFMnT
z->J2ucEe|MgMj-Lg9;%F&sK8#bZt50ZKDmYS1gy*v%yC0i3Q<Ui^Z_3aPV&QS`<g2
z^uZZXF2r_MYl@H2yE5WP(q9rpTPx`=3sS*7u<EiY$Mr=VFy)@+JbS-O#0)=a_=>B=
zjiJP02_UDc+I5y7uN)#ci3bk@M~9y{^sg;WF`^?n(*!M$(r`rQYANa>Yf^uYF{eX_
zdgxLEaDLZ>KMU5ZTEnphrKaeC+|=!(CQxi4nB^s&d@vlM+@TH;R&klMpIm2YV77VY
zC=8M4V1wx$DL5%I`hOWhfaRKgH%DFa!1Ei&*zZV?;=~R)k{5<!`BWI?v)P6IjpW3n
zs>PE2q97Gi7<(05b*%?))H0p!U!677mB`{lkWmid%3_rp_IULZImOd_RjcN6@1guH
z3_*4OYhKNy;lMWC=&ny=;mT*Y1fZ3l^Y6$ib>A@8kQ_6PHvoCVOHwtu?z%$*<&Goo
zf>`N{thnfUJx=O_lr}Na)~gF{Yr>4lNQX?WD-8lULcR;OW2~b?Jl;W5b=kEs_wGmB
zwJGL}aoDhW7nEl@*Rd_0=SWZdF0F6aY<ZO=lZ*+S9G#B}8qH~2W@DO6SnZ2c%mH3O
zUrvyK;=<^0iWenK$e*|U0dFce7+y3NXVz*i5c-adk&O)rMJ)(2=SodbRZZk9zejfp
zWQmWsA$UE>p|bi!Nqp}CtA+wQK*wW#U0SUnv>GJ@mp2UC4ZiPYpeV03M~ib1lhZU?
z%_rHA%xh;ip%$ie95;ilFc1bd5%?*oeeA)ZQ_F?JeAOOK1MVAEtTgK+W1OIi*t!R1
znRe%eFMb@ti;4MKF=zoBr&J40V{KS}YY)vXO(Ke&*K89OLmBuayy0CdV$C)lILnz)
z;nYWk?VFbabFLbXSb+RnN&Ddg<w;guNGJdsX4dJ#aaRK66furLeN+@AJ7hOp2iWyw
z`D$mYRUL2p5;Mk3ZcnA@3MJ&mWGd}uue=##c-aj}rgwE9u<J&4@bi}DS{sDf5~@sG
zp@^igM%R%WrvJxy;tp0NG}^@v^8TIxSsA6dkufkp-Z5=Vs3S!)jqgSqjZJOE4=>Xy
zgV$MkEEO*Q5na%4gkQO6w1y=}<%w<g8TV-qt`|1-3*PAG4@O2QU+oDo-t^8{)9rer
zv8H4*Sy=}4K7Q)|nGeTz!q!P~t-I@m01)WDTGjeP5cjlMij$E=z(ga`&X(tW%XlGm
zeSfA6$=Us3P3gcsj&p|_DkClD<eB4P@zd?;fE%&r9T7UrTG^x9`|hK`N9F^WP&P2?
zx?$qz`~J|E?Yl&-?|#3QY|4Qp@7pTBbp!iv)DN4R7Y&P80G91Es(##%))o7LH4kQ2
zTX*tGQJUDWvs(K!JS}v*#fzA6U1RW!&B9r3K8kR}1L$or6~jiYVBk`<a_j5~G>khT
zK-;0bIox*LKkkkE+v)oJa}G_b8^Ak|Rts9LPR47_f#_!bO+w_71^?UarJ|Mf*((E5
zJFJ^P`TJIl`8vPdvj8%x!jKp)F`SX_y0(8r#nOXGrWaF-^GZ#UaK!+`Rw^7<g0hGj
zYHd213fG&-pEu<z<{<j~oNw@7?Xo$8Aje@%DXMpw0E17(>qi^rz-P&;SWd}|2Sv>m
zb|`m)h;h;UTMGTXXp^go>|e5rr~04ltHrR7PFb}cacwc_)(IM}ErY4B3<9|Fko7&0
z`0rykjAvU=r;;|$SSWlxaAK?csszlZE>D@AC16AUQ27@9_!R_jG64h~4UtO-Obbdj
zz!{8DD6_Y<Ji1WkrtSP1x4xlZh1J<<^(QN-rd+FKFwDAuXFFyE1{h3_F`i;MWiDAv
zRCK_|YuJYV3K)hOH-F0R?$OL^mmyZ&t+V;8#t~MXd1b>GWnF+j9?Tw*1>E05+Qd;|
zj@@I|-fsHX?a+MEt5X|Ab8!tSAP`xz`yqpwk)&G8ZbKjy_IG<isN*{QsMnT1OY(&R
z81I(n69XV(8I*9ok|~g$CE9C@GK3DIHFkyCH@i$ZrtNIbg||zS19Nl(HeZDE?Kncn
zOMs!N_Ipo&;?5k1(DSc$6<WPu?30lM&kd=?x<m6Yq|^!Mr+_X#a-|_nlTf%|U-X?{
z-{H6uC&51O<M^?05^4~d9rMRcoCb2c+Jl^vOyN|#+@74RwLOcH(6XkP2zpF=L0b)X
zareHLf|RkIToRrQKgJ{TP=n)4;Q+HSmh~%-2+swSi*!0lZG{<@B-s|rl_|au%sFL)
z{rj}Jw2r>WD-JXdCwLc#4`>+>0~8@q88IJMNlM++paj7<t1ddlLHI9ySc+#8dDWF!
z+JNmzw0Ueqw19*kzs;7VkR(SyyiXjscM?x<jUqUu>H$6|+K>Z!05{(sG`i>egDlX>
zHcle0HXBj9Z7KpqFz??iq3vXq&(W9EKp@AqLb#=hGUs4$$!0JxwXAsW(zfCiWo32b
z#Z*tw*iJ_``J+hR1=H@?n???)&&mC#H=nbnb<_UhglKx$atisxS7fAU*3R35AA7E=
zysDRpu`5gkd86$8S#=`tn4smKPeX+*oOUBGR|~ERY?0S!b~4Qycq&ZbGfH|O&x!ab
zCDo<%-~`+uH${6ikGg}GzlY!*i&Fdh?lVs$DgyYoJN|@E0)&KC18i+A3Xr=5y%q|g
zVRsI^Ij|y6N4s}mQenw0EOrrj`ILEDFN;S2J{PWilA?ZX>&j|FY@rDcp6#Yi9=ozw
zRV4eAMB~-ZGX=3f!UI9#pZDBjrQ*%~0k|7dnMFTcbjcf+%n|DL=ytpz4?Jh9u+eWM
za(ChrypD*dyM{&TDRV(l-qe#>yk6wJV9s@((y=S(%!F7S7R%$6BKB%>549PKfUcU&
zxx8$7<&JSvCq>{ldZ;C}V32Fxwds7MwMs;~aNmN8YAD`gqI`;m1jATM(;+93BWE!h
zBXL>a-sDVm-K<gETF$g|iEcO|tjkt*o@^=&Cs(xM&0%zS5F)-Ho*k5lU<-@HsTod>
z3XvtSJnXv%XO8Fy!y(~1DpVHw2RgmBU5Dz9*t(5C+c0q5jBYH$NbbBCP(!{*?-STu
zR7rb4kh2};{v7ujU218QY4}k{<#iSDCI8Da_;WPQPx;dUWg-e>$fbd~Ez34?WDA}b
zDT##?n9NTAMOOhglFr>G=!`UOQG+Km`aHO7V^_fN2T4yY@QMbUex@jPe_ZHZS0bQA
zz@7AwAg9y+k6XQ2A!fsxKeV|yc=AS{xeaEciaHMbw(}N5-OcxMYA?In0M1Me9dkc~
zbw!t~Eth<WeSOHx+mlsFq6jr%8QL{#&un=%X~$v3Oiu82Cjqyc3CxSp*rjq5ksKn$
z@J5AgSIpqHB(UP#K}V3`NO+qgCxQ-+)WRhF%zw-%BAZ;YW<36VR^}bQ{Go$tMvhz+
zdGbzL3_rr8?X4kc<JQ1xAq~&=Hq*6Bn^3(e>fudd@o=_Yv1|8bhDl>ut0%$wWr0%}
zF0%(rrkmh$mF64hLfkK^i>fE>tlI`@b*^I;Yj6dG5;~~K$yKaE+D_{CE1-!C69%uG
zv{nEhReW|#mMO|H<WyK?mpI(y!|P!h8-h*wi-?>k_zLSLcbjjNRnq*Z7-8bZtJ$*)
zemH!+6~7e2u~1Jr{xrR~a%FCnDG&#Z#myxKe%=iiUX>t*Za3g$4tZW)q&PDjkLwyP
zr+K)&`lYfl8+|t9N@{i|e{e)sNR?VZmFmE!srqQ-g}Smu@sZJ+h;_*Gm$e=s_!+Az
zySl0QS0JYd#ZW*KIifq6+2-i7-llEoa0aEvp>okRV%1uwtzerS=3WVJen(BK=^oCw
zvrH36BOUCIC?q&EK^;>m*0LPLN~{JCMrZX>2o_dXNIP%KJpfsxgMWFvFNy9l2)J9{
zaFvF00;<hzFZ+m>nUZ=s)QoBvLwHl?2;`U&?ap%?rXnt6BK?SPQ-&%x2^r+5N2G$X
zmR@JeE=9W)cWugJye_184WJ8M@El4ZGyc%}Jw3@%cs0t)NQob+!-=BoDYk;yu+ul=
z+QZBucRJgx=bOAqLG~m<(iZ8ose=g8ukZkYnKwq-+-~b#%^=-r9v+z?PsFNXqp1p!
zk%E|}MmJ1aPl&M$C`ib8C^MNBqm!s8iE9|nUl0pU6`Nok;O<}z00v<3apet#6?ibQ
zJk8Sv$Ibn4+ul*W)=C7Qe`m<xz9dbSoxaX#_*B^uAbv)(Ez&8B3)g^nW8o9r)#-UA
z`FPZD`2`}s?$@1r+CuC#v+&ozY8?lJwMnWgz_Qfpa>4IGQNFksG90hgtUHh8;FUxP
zrs(>fGR;ZHA~f~$6N$SHUT;j@MfXrE`N%*dN4oLTLust%U3I+Uol1OT$GwElDE3I?
za}<JTol8w`D?cEH68SWmlA~sROf+Pw5Vuw5#?fxgNCVEoRL;YKK?*7!UkE^c+n;W)
z;n?WjAff<0KdsaCA%scfdp4}$4<LSAT1=co7f#@DBPx8x&MIITD*GD8Oqq2khsctq
z;3=?hYYTHeNCr;-(D&39HBhVkyi1jgAkCxw=1kN|eJ;DT>G4LwwDg6x!<7ZgJP3bd
zqdjb1MMIPQ687QDB3D~LCK7ngcqr2p*cuh#!IQF|uQg?3(s{uExZ}zsn3TObkw$^j
z9P(A4`RXZ=Nbor*Bj(MH%*@k#=ceO2Nb-docqiol=Wcn)$k>?fI8i{)HXI>cjkvcU
z#&0h#4REmkpwc~ZKH`mSe0XB!I`YgKKFy=Q07to!G8CVLRAltw4@tQ$n1NW+34S;S
z;E6afcPzTy1dRa-E*d*@C}iO=!^~pA=Gx&IT*o<nT@%msq+3U@-PFm7<Bm$iZC(u$
z!OXFDu^fd<@u<}Od0Fy;y>!sz6qDdGivqW;jbC(?+}M~Y6~snyXAs+}wdAAcS4p8g
zWjVo>n!xVtp0v|*;j16qiY`k=gWI^rFZ(*{`D!q8!Fbp5u-Eeqr&^&2)XF28t?j1A
zSIan578-aZLvO5Ru68SgG#`W1+r9K<6Lee`u65k}R$iO<X5Cb7F4`Y8A2Ka~s$d;4
zJ%*aZ42<$yy~zl7*-XVduG#xiC4z)!DJE9!`ZWAqF<`j+CQoD{!nU9N9D;rz)Ld{~
zfnHzG-+@Clz&D%L4>QR|(LrU^_VN_lM|lDyIW)D|bX9choBd7w+zJP%NB;#&E8{g<
z%_P(bL(q<k5G4~-qqk)}O%e}@zbt=o>h=+dy8+mZ825{HMD-U&c|&@xe=geiX*c01
zC6qybloT2J$EsK==u7Gpk!DtG?2Iod_?k>!*eUt5I`-x?1V(8S{SP$yM0}ADtW!VH
zXfj(gdJoViwL*S|^th{bjtCAaSr%c%MYq9Vd$smjb(G#C%!iV5?i6n(#$AnUg!8t9
z$5QlQJ=$Eq{HB04CJit^C+2&ax^~mu&AH)Y>r;pV9%0rVwj|nAO=T|Wmo7=UYGlWw
zlNL(;`&5N4k-J1tB|Xzx$Dq&C0Ad8Y%k9@2mqYVds|{T;?JUN2cO*G&GqU-wwh*1b
z+QZBV_QK130|V|l=o9<YFbNtkEup4{76sTl69xxnKAZHyi)GPj3#oYY18jSeYs_8a
zp#XfV0UD-&MR4dX2%YgN135X_IVLtSev1wwYdK*+0_|*u>HFIoaQbb75CJLaSW?P}
zXy}A+VI+cI`zSrf8+fX&AIkj$xar@zynTQ+iREUBi=vB6osju+Xk7z31~_n&?L`X<
z6Zvw=3`9DRzAyNARB6n@bo_!_qmVJ(7`zq&KDov-zn9PUL)9B`n@^2%?><b8z9jzL
ze6N2g-efl341f|8^}>E#<__MDPWk*a%W8R2SXZw0xpfc`SJy0(v!<lVEqJ;TH8^Xf
za`PrS2+8~Eu{K^#a-qmx%w?uQldI%p(XxM@XN`NJK=vj@NnIVtA>8ie{Q`=BGRs!h
zMRI!s5S`g7DuyWYS0m#8&`_aN*HV3GTx-WC?#<x7ktC8R>izaD02e%_7y^S@MdAO=
zEw=$V;U(?XyH*u9e<St=nIGstMZN<Zhs#??UhFcS>PdV1Y2sbzn?p~R1P%Scd>voX
z#V&!Diw8VoyXlw}*SbC`+PeQINvt<<JF%a9YINe>5c<N&(-!=cZk7y4yj8^Km<ZbP
zg>F^lcW|ES{t~+ewu){7sI1aY9$wWum7t!;4JY0gOw5$cu$$^jYwr7TkjZ=><%Y{R
zE%a-F<DN*JAAU0aIPp`$D4yT1cunLh@fu^tvV%Pam#w5aZJgrFF6I-8zPG&`ggZkO
z6j`V>pCKE<H=0SXq@bSTdnTE6CrI8=m+R5xo>^I4=~F(lD^FKNiEca-FfmQigeuTb
zJ+(VVTT54oV_WI_0!c@(AtaNut_`X4q5=i=V>u93uM6Fd6GI#$qNlvM@S|)uIrv5G
z_8h_ndKt>3^_Z0OPxu?<FZD}ZoIADikCcz`*XA^6Q{2GzMFQjFg+{_0lwltxcmSH)
zHRr{$M(C{vk$-gupa^Ig%{<$*O0$Z&x?@*^Q-jB7bHYsV+$4?^HIs+V*(DBc8Qtm-
zRk>6;ZYH`x*u%zc5sWbP`EeP|;C-XRR$+TXqFrg`4!aU*dNaM=REn9(;}uC8M8!g}
zpnQtE?gQWcVdmUwH>x#8y!ONEbbYu$r0&>IoJ>qdo_6zi`v-DLGe^so7n=)@r@<Jx
z)2ZYjn!IQyj@XaI^G+Z}%Y!NbLgv2J+B=o})jy@==xq|@9bPfl^^y=Yz!{46-Ts^Q
zFDF`RMtJH4CqK|Q=bz+D8syX2hjcGOSr}y-+VHNUT)1x7&3wVZYHM2lnE59~pR^)T
zXzaE6j0vk$FCZmL8h@9bpLt_pBp$KFx2yqE$??rpI>`icG<AUYUw9Vx$N(ANxe5Dt
z_J1ANv#qR+=Qb|yi3#dx_jhpk<Stmd?uZzBnbNf8I+h9;k=hCO(i1N=P~POdNf-_Z
zxi2)z?2}}LMD(TQ2!DKtD%+vrzhdAe>lkTIOUfFCQ|<{nU$Yf8Eb7;)y%q*Pc?@$W
zv9HS@Y}4a*V8r>tJ#+EAeb&(Y!sAT3<G{!lAkws!PP9-?0S$EF(Y$_9O+A(wt7v#i
zS+x3G5cRFQVw*p5rHf_~AT2mUGszeOK71}Xtc_O~Kul6MYIv>fLF6`y*Krc6W6+!3
zv=f>q4j(WG=@i1fUB0^%W_OY46uLDqpC`x~{;35F_lA|>YTE}xA=n+vDO8md1vu>?
zlsBxwRZZ#VLf4A>LhEkWKjJk?^lZ8L0}b+71F{~9vCgNz`mD=>%R|I1elD~5-n+bR
zf$Kes1(LCpNd>i8Nv1}c7z3~_m3|y^=>6bX@o`%nXSVo_G{gy^)mqvrHMMfa!&Wut
zuJ5#pmn4f%<0TLUP5EK3Yl;DUb;1uc?z<TH8a}kId=EVs3H@d2dU*Fa)ZqaR?41O1
z7+Wgu+8iysx_%UY8Wl)bIC|AFysMicqi3l1$fzW<64>dzB7Ez}f+RKT$Z~spFi;Zu
zT%R?lT2TH?Y52C1x>|<Gwm#II?zjMNZm}TzBqS`WQ>(8}1_V=H(>mvVuP-2UcJKY{
z1A{xW#MgsZhPJBCtf1!0o>c?BE2?@?TZyqarW|CONE$C11)<;Oc3}heL-s!IqpI-^
z>%OqLM=cZ_XjZCPqA<WD0os;~GoDXT;Sb<Dhr+<W%$i}&7e9<<qzwSpBL}J42-x}I
zPq)AD=O0+;+pY2e@{bLYD2ymC{T@j;2bCz(QMX$kjn33h-K5$v-1|oP23)Hsy+@8a
z-@YMkXwl&IdD3FN1#65~C^w#1|0;b`wtiY`Sgu%^-aMW~Yw7@r-es@QU92(22u?6c
zb5f=<01p!mH9k1EG;vsa{x&)f@+|bKoke`J@z?QMfaE!3-zqaoqGT<y7?M!Kh><y=
z;d=B0!w4QU_YHZA73r9&0rwqjkLGSfd(jStjb(A$d>EgxOk6rOwnt%`;o#P{Im;Pl
zX1%-D=ot5wB^#yRc&_wtmS@o202RxVh1)%Hnq6r%hepSz0-SU$qp9Ve$}S^xW4X<+
zDKq<+ATZSZgDqOk0BK<1*5pKoMp%1;J&D%(XW?2i51seahia_<)YxSlo}T}l7**pc
z+^FT8Jy&k6%_=uN@Wa|-{TDhswI2plC!L!4g+(ILp`?=)(coc{N#YoARlN_xXG-{#
z+S9_<*m}-Z`}B18et6I0322y8crtvabQRV1oQdnr!srjGG=#L^1pV^f>2(WDygRr#
zCe?^qblZ}jY^7$z5kVI_gjKAI&fSS_OXpP!XjJ+w&{bgo<YZx^K)VmDC^HJgriK0F
z6nOSe=}9tx9b-<CO$OcD>}aJ|_8G6WJu?MvSI~U&kW!3RhEyrY0#LitaJ>3TN7N*G
z7JLoTSJw66FzjX=BPw37B6?X;@?6@oEc092nXj0OiIi(yLrU{V*nH!cBL41@**p8j
zRNQV`B)!BXJ74Xp=WCeSww=#@dsA6a8$VONUX7WBstx@jQK!rqqe;tSzrv8AC?}B+
z<d^HEE;MuK&{>MAz=hUH`8(S9TnIXCL2zv27X-D&C4nqS5XAfHt{gnd{)y)!jr4Y@
zxI%ci8i|U$!41v)&QJ&CW20Blv*YY#@zbhMV=n4?f9($LxL3RwYNS?j)U~Lkzz_3`
zSv{f<85vH#v%~U(iuUZ`-@jchMB-frMP^()9a~rf(66lGn?0hT^C4BX$PmQg6iijt
z77s3lSNUu$hPTZxo33!JZ__YbmdcOH+B3ZU;Lv0#8SyG&9M~UVkB0zvRd<vS-zGtO
z=fq?2EKtNloL<Whd3VmWV;AH=J0pmC%mNQo<ga%$8Do1m3=?VvQC%9aOufocTa=f=
zuRBkx*CLlgV9OO&zAGkovyb2OlIanl8_ml;ahzgFZ}nxsd5F!At0GosT7LftU390{
zbwcxMFRp$|_vH|6p*6q9=en1cuERCi+uS+#HyuNDalpL+#Oz@r&2Cf=d5jw_`Fmc)
zCkg+p#Y(|ZWhkXMvaS*Ol&@u6ZruG1hGSuAt$NwQqMp2Sg$}wY%lz&b!iJ6Ri4W;6
zTUa@|&LVYI)FrQE0ZV#SCLWCn%=;=_)5Z-igVu>S#$DNw*(DBrQfp<#(ix*G{Qcu9
z_o9xzpO-~W*eKsY;k=ZIK&I^+xCBsa0y>>c9)wHm|8Bq9pT0muj56>g6a7wmv%om9
z@XG-W`c<wEcrjTx#zAruK`oVPc6N!y_p23^K*K}<tB}bTscgrMQnJrn;reY;JIqx~
zML$UqNZ_U?o=y+5Y!VbF)bh$38%_IE)Ks|B<3$BYh~r1*gzh#11A_u*cgG2RLCd4x
zgtZ2Kc}G*1b>`4dRCNF(vy4YXgbui~q&KxLKFs!W#h99{rL^rAD4oe_lCzV;x=V7-
z5F2)hUWNv?BzaXnI6CNEN`pOBaQti8jDm;XKA6zGtfEM7@3A@eL*#wMBK)RiPla&p
z%$8+#*?vxN-#kLDNxyJfk|4$WW^K{npZptJ=iWth*Pl)n@}x_Zkm(PCv&+0>LRZCc
z^_`b~qg;y0=BmBMkg8)1XYzi-)tQ<YMiOG`&ku_@Nz9nPIBuF&jdIHCrpsNX5HRFG
zu+7Vq2TcGo#!fxB-ApKbh(#?Rhe5(CAaldjkb`=QKof_vJaq(;%c;&2#T~P$&S2at
zY$U1+?}c6pBXFD*(7=II)QHr%GTL@<T1ODu_C12a42LxT=G2H+{}G|_{3V3d+&JD}
zc9NFijleGZD9`IInRl4d0P*W=aor;+0{i<}enJZhabtR%f|7*#ms_F;B+hkN1O(g}
z=ee>vE!(fA48L_&J5nu@amrM(SUiEtdO}N{0DbqGGc`+*<)7+3AK*kK!R}%<-aTty
z)Zf0H^DmKaK2-P3Wf^Bki}<}PJ_L>s8OW1fmOArG58HL{AZopO6Y}ZE{{Sg-n^`B}
z2#CJM^D6fYwOPj)(RMHA+vxzjJt^j2#ExfWMu+7|(&1VeXLOp`E<`RHY@p(7eH`NX
zRCJC`q2xUAGf2*GbiUp25=mW?Kw(k8;$5SjQ}FID{QPJllT|aNe*SQU1D2M=RfVv0
z7C09S^IrGIJBf=_Srj0ufEY(>?KC9bA}tCnKPf?M4NtaDVx9~D0ChYW4&#K$Tx-iq
zcyY%&TS-%ob=N==<BuLmqU$o?6KH&#B*)vM2=aEmlWEykPW?UcSl!DMqwWt5u9wnA
zink=V6E)*0i6nPf_IC+rpPV5EPul$m#LvX|&!2okGXC&xPBj4VbNh}aX>OJu=7xXY
z`ub{pBl7Vo=WDK*5Ibyrg3H@cM#7gj965|7)6QMx`F-!n{Pzr!K4ZG|d4X5~u40<F
z;baoGrA8$3(OkpA+3UCglR(zI&6`*dfy=!`%le0zdMBy(bJpz{{=1iF882Tt@nVPa
z=m0jYxS!{gujqoY@P3l{H6ZfGqZ6+T?L2$7m~xkl5IM0Yi+&FZ*1C<C@MMFdZ*V)B
zy1JH4u|&qWbl?hmuKRP>I`(<ukzv>95dLzOVheD%U<OziPM*2f8a^yAnnc||jXUKC
z7!0WFWArGRMD%W4wCS?3Hk*!|ZCJ!i7QTjO3Bmk%gV3H@x?|h-CL#(dv5yW6g)DOF
z(?1yQuWj4gCdK0^D1zCWnE^n~R6~_fXC_s@B&A*LRB|jmL(v^So>l%rIC_b5Q(Yxg
z-mL507w$A%E9^X!cME5fBQO56Nmf<jQIhrqeoWK*^mInCjJgjCM#U~_CWsw0cbYLq
z&0Zp;i3TwGE&eJ0kW9~?D2{}n4YiJpjx&s5cd7?8IbJ_J;L^xviEm}sFY_}z*>_wQ
zq5oh9Lg<8L@)W+TCrcK#_!=<Qbj~8QJJ}mx3r)w5u(i;Ew^Uva1sKcu3bNLIUKDvS
z<_k;o|9hYs#`WQP8_^5@6n&j>$urY{qjmahqEHGohayaCrK!f>9pfj9jgiA2;euYK
zBt?B90qYt9Pp9~mn?kwzeAQbUs1xHe!UiIjN!y$kAgNg8&8=Dwx>6O=`Y-gcA4~vz
zs%ExN{ua`nCu?R>UqDrKfViDk_vcJWz=IjIF-iE>Eo+}PR6a$mJrA0+LXxA4J+dw1
z!IV$qfM04Gc;$iDUp+WXmCnspzPeZ%ly_>Dp0Ct+<)+)6q3(5a<`#9DY;~*mc>gv@
zlS?YBcUt_cwm(uZL?(TVoS?4Sn6+jq5IN_s{<oX93s$i;pjt9T_ka@Io1{>h<+zi_
z<U$n|<=KTlzqfrLhBeU&W?qKFtR9rjc~0eyj<2UmjyvAW?aq#L`l5fimX1{D$ROS$
zRD5qhW=Z*m*O{GeLd!qIGjEFSK3;o-#TxKr)(n{MP7ew`riyN+0GCmt%{?hFiB8?k
z<+Ag1DVu$n%E$fl(&%eEGBtR~b&Pd40rm+84z$HGui7B=H>=+~P95PMmpvscu#|PX
z3M_g59v~BKpFPq^<8Nl{rU^g%%=SQ!tEg=j6uyl|+KmE_W<L1$R|!!xv}0!K)y@l}
z$zV&&nK{?_&AvlWVVRs-480P;YOwsBna4^Bs_#_f(#cL`(XSCE9dkN0C;5;&nNCy<
zu=e+t=HnNqky1c}BOv~$rk0O1F@ZX<t`E@EPMRI870*Ps;g&23NDkdrRO)Ryw31z^
z&5JPrm2fyPhHsCdVzp-)qH@Q8*`g}!rzywz%`^hemNWy-h~iyz%Jl+lL6>K3@R>Pk
zPvO!w@d&z8xBk)SO#ac162Qfe7Dz!MKSV$hxW|7ph<TYJEMI~z(Q*rULn>U<)T#*J
zTLRz1+E5yrqbQ|(Ts%pPjI|RD`Q<pb?!ncUz7MHZr^^_(v8i(lyNeM<aP!AHo4_*^
zM}?^l_~6#zf!*e7sqGP<!wJ2z!Um8g4{K~G8ekIn-NA$L?OS}$QgcrubYy1Dnvm@-
zI@mi7#?r>P<=h;jeT`nz@@cuI_fN_4vD!vz*H3Z3x=`(SZagpNm0}+7?YB{~xB~U_
zScMv>#nzFnzlYaQYJ;Q=6o0`hR^ZK>I&?fhab$Q?ie<N38?Br$zKUnbS@s)6E*=R#
zdUgky&=aOsxt_6?cJ2b#i5|}>JqJQmUC#LGW+N;pJsW0OFTmL)m1E>yv~cugk7Nu0
zi1%}MC~jY89T{EWprl$gHhFMQ`!)}@uC5)JYU(lzo~~e{JLS#Xl|v5ThGcH7)DyvF
zt{XhbLj4T_zh*yEi<Wmc1nwDNwCAbRf1@>9RHcWW8T24qU<;5#h!Y%ZSs>ZG(T@XH
zKKMu13{I(`Qh)38rJ$X`)BU;+O`-#a^q;M;bQM^LkGZ-nu~UnKEY*WRzk)J@n}>Ow
zFt6k>DfiyI_TV|W4yk_wnt6sw(REXp-#5hGFIjqrP5kkg5Hp7CRoT2HUhcZ~HsXFo
zGCz>D+^JtdJ(nt+CYfX<uyA5V;o|rA=4>6y^~onEXgbT^$VNzx#~*d>&LuRJ<V(+b
zDX`*Z^y1`en`P7qNQfZt@TrcjP}@+B&@Ia|M#l-HZToTaE0wFiO57zY1Y}LB=n)+l
z0og2Lw}0L`;Gns^Ts_6%X%ihE=k}WuaM;XFSi8f$$!r00WPr7sfDmt<%Fk$=ONF^m
zx3<!)XsE8kvbgFvDVoZXTgcRi#ZS$8=im5B@P+e@vg*+xG9+LpOA<i{5(7@*0qgPL
zjXZ{iLT(w2U4Id(D!>bdc=Wa06IH9r>Gk5E(0yQG<0)(o`Hbrx-``a-9&6;9$e@EC
zxW3zNsIk#Z^PU9VKHRv3a!gVnT>&(#^XQa=Q}U4=@3fZMC)HWPJLT(~zbd!zM;PFs
zgcBl~87?JowC7$}^TfNk62Cup_9V_vm(f%yBRx#AIKRITQ&aiz&<%{KJTIMdtNo%}
z%v$FlF{vB?HMp1pI16Os=`SoxGQTu^>wtEB-Z`al89f?ksTGFU$lVe9J-BqIr0d1H
z?hWOVsK;$RE*Ij;Q+o^x!Gjn09B3?8_Zk?dnmuoa8;t_vkb!^%ZnE4M)JRb)hFII@
zXvScOKfgzwbM?eIX#4)D0%{fDvzkRGNX)S{E&Fj~WIZ-x=sxV1mT%Hcos@DO=$J;u
z^{ES^?lzffZoVUx$EyEaxO%QFx?&N3b<u$IPA!M+p7GG`1?_<en!^r(7a6Nd?4!7a
zF{HN;4_ZSQ{VSf`-{jCP`i`$l7_7<WUOg`EoWb}>XYI@3W(lq;_j%WxjBA_n8|rhE
zXV!i^4CW%4ywm*ESOaL0?}CC2^Ut0jnE5~fa4<k0aSg<N_(+x!51`V=aC!ZM^D*9*
zg=;2P`iVA@cahDlo5ii+7)e7Ox^<#iFG}#<rS@_+9{c7OmF*)9;t8P9!VlsMLwg&d
zzV`?}hm@Zo`SYbWn7!4aSX*%uB_`n*wW($4G<(68){;P<h%IL@0Z@c18wdF)9J1}k
zZha%$IaGiO&4kGu^&lz{6#gCS4aztuc+Ow(@497JY!yU>ltA5>%V!p(Z|&sGX$^`h
zTC_p_#Jhi#oU&TA(4nmsSidi+zgy>N5MK1*sfkevqtj?Ml5$n{^XS=I;|4uef9P;m
zSh)6H&QOdVgW1fl<$+?FyQ$Spc5hC%JzE~gkHYW`)nkWBW}HvIo*qT;NNn$^!Vy^C
zbK$`nnjdPVR6g;nJMI#6F#EUv^<MxqaA&xf_cPO1-`L)&N7~jr%@lfxyo`=#Js3#l
zV9A#KsV48stgAhG7w0&*dW&nq{EdvK{uBt~J{OxUPTq&bK$AbYw-Wvz0MbA$znl`F
z#3Bt9350R0apQXyn`SuHI?$$q=0jbgg3HPx8au9M15vk`>C)^Hzjke#^D<Fg@391|
zX6`M(Gh*Lo0M)b6G?xPk0CuXJ*aF{KNaa%5*1sf73R8y$85PeM{KfZs-cPw7vyeF9
zO+wM3*+t@6z`VUffa$_1EY||?>2JUn9gTbT?Ferj&jIYriibPFrx91GjD}?`@z4{P
zdL8lJgYEjwz6X#LUeK9kw{B?bu)CLTutr?@vT2HJ%}_qp1yK&jExe^{Qv%u{R|0KK
zvXR_+ma<-mG*~4NYSCcjFY=Wo0pX0Ogf4A1ZQ0Ug>(+GHWa+&50BuE{BsQY7XLWAf
zlD3mSy4j9CqRRgG`;FGpvYjPh$L<5bejNb+JKzW~3UsvyRc3t+C9*vdtdLoOXD9X=
z*@MgPB)+cz+zUK!;?MC&Sb?<s6rHxn{YDw+0pE4&aZBX=dS-tLto7W5BW!qIU@E`p
zIq&gP#!CR%j%vcr^*lI@ds}>FppUTS#8*ciE8*|+@cA4gho>{<M}y<Qx~B^t77u%v
z<x)R*?@~MVu{GA(3$&eA2hl5BJ}8K(!#nvCr88_<5uiOj(X`b}<SDs)upHxf0SQF&
z$O{N(usu@uSrj}+0)L$VQUhC%l$3_S$?&A_XRjFIQ8K0{Xm@mU*<5_Pn>Lxf<%IS2
z!S~nOCqFfj8J1%*m?=<5DFSK2Q;x#k{Sr(Nf8sa^Kt$^<28=ZwL`#=CP|Su4fg!(T
z6Yf|6@Vyb>zZzv5uogMS62KG)iy9i4N?*l1ezfrCmz!0h>2AQj)7FLx2@m7Zg3D&G
z{&xjC_+T1YI1d~6aR07Lntzh5ri>qO3!4vL0?>aGKFhdYNjRnB0&)(-Z#62K<){X!
z^aQhta~W{JzONpI;^Q^HWNNny-}4)r?D}Wc+7)YPSmXi3I7LeW+98Fp_+V?sOBZQw
zE9Jn!j-Erj&DpI0{Ataa;SRLLaXwPoQI2A`TqF=dI~VB<@Vg#J!7;Z9g2x51plR#R
zE@fSz=|CY$X+9`a^delsL`i$W<_c-6TE_&R@{}Eb7t2p>ZRc2J7hhO!AO6TBD=YV4
z=<VGC9b%FhV$OT9cOQYH`K<sd+Nh!}tRP~{2^qILmr^%ik2sZm)zGecY!(c-0BDYC
z)|lP*kl7#qZuZk>xyAi`(dM;Q^e}WsY1J%AYSn1nPt}-RbuR;t{Qkd}nVs|&vm;&!
zZ-kRANMR*ltr5P@<z|bxUq?@&cn<eh__$r7gmr6<55sO<4d|jx&$$&d%duW#R~Xk|
zb=$24j_a9`_^anw_hmVa32bVe5LLcKtsPc}*+R`&pphj!VT~C&H912mQ9wSTreO05
z3F#bUnSC!_4{8ZS&>qyq(~~(5+9@k#b-!%taO;sUn8bdO0ob#j@9eb{Snq|BLQzcs
zGKoZko{qS^etFs|Cd1F@BD?rYP42kqhH>`R6DQb&34k6X@GeLJ8bW<7L%Q&DXrspg
zq}QM!Uk}g`s9<gai~<+nOB(h_%nSPhnqf+}OdyIwAXA67{)ayU!oM(k6c9XeirJgX
zl$-}?fl~k|Wk&KE1<1}B@54M*Wp?!WW@o?7?930FmCyBYI}MrqY0z-*i&&8flSk9{
z;Q>z==YNhFB}H1!g^#EvU&-L>NyJZUDN4XvO%<uaDq1u>6RpB`&Z70U2$#FrtgNT!
z^0%HV-e9#E+qOvWh@|}<Mq~Lfn(-KJ%IAY%eWvhkOGYN$5xVjvKuEjKiNqHNOaeV?
z|9~YM6Us#b!mn%!JJ~p8G1SoP0C~LD)@Fhb;f?rc0W-A(tfs`zpH_gqyVg#4Q<eSo
zFSS@F{1UJ|ro;<)#~;WvOhCH=;4OR=U4<&*L}N`Y01(k$-BxC3*a5Huq$trxpEUa@
z!2dzObSfbFmNLTAK**g<hfEF9u9Z$W#Ix>)Fk=Aaw_*yp_X)Gto@w@%`$$_ElA!n}
z@YTB23onL;`7{7Eo;OY6aV~tkqqWBuob3VIwUlA^7|F&(WRKL;v3tx?d&{G%Z4oR~
zVD{L+c>{c@2s>S{v^Dnf>X0YLbh&pDu23xXH+gpZJCzuJo+Qw#`sXRu7)`%QKv<Mb
z-q!7bH2Z$PUyBb8VU(uCYfTePiT~d})Asr|thG;`vBDmItkL5kVT7I1G94%ulq8-T
ze`K%3AMubu!}i4<I2WS9YL!6;hJ;T*(0+4=*-Jl#iqF8}TPx7W0oNAn)<J{Z(F_aJ
zn_5YC9N>%Q{D$+)Zu^yg+ohH8IDDE}`7NZwBk@*rG<J=9$mCUKT6^3TgajZ{h-Y1Z
zUAej0E`F%e4tZ#W-P+h@3z&LNN^b4yY!-RNQ4`CmW>bpZ#IVFHl~3zMNUuj)*+1g-
zkdQz$j|_=o>d9olu%37G{A*h^oFu#!nGAS>ZP_FY)0Fs0;O*E+MfQUm+BjC)H@-I7
zPI}*@%=TzKOeUJjUH)Oe6zTG7IG>1Vq$~k!bc&G1%|A2y@V5YKwDc`#)LPU(Jj-Tc
zN3SJBnI&{SfjHk!Lm`{c2jA`Qg~%rzVpjW2Y#nIzb9g5EyeKh+1b=IpLN>8G%<nYy
zeAy-%5=}iXa#PQ%Ky+!$Vs~q?GC4|~Em>4ZT%!fr1kR79?FCh;y!N8boo(=Xy&r!L
zyaXa>54_C#o}#OB%#cgg)D978R-_=od9`u1H86ybJ9ZZMYA;HWH;4FZ{nzw)k=88P
z3Wa!2CX@DNZ||Nr6^#+#I_Gl@_W92>*)6w@v*X`9!Nw%pq{+YA+q;QtWVv?{R0JZO
zohD0qKm9d;eYM$%2jR|#hU}jEQ_laDhP3Vz0qzgcC`_DScKk6u?ErG~&Ojja3`7Z7
zdjp5JTeqRP|GjFHUGVIBdt@i3o`-TuXM1&!gpv(l?WOHf?$bZL@8Te_kzsryB+N6n
z?19cXe>Ht#FTT_V2_!Y74{yd-23!IG&stitY8_m7(Dr!ZYiRDQ`EEH4L@!OObcFw8
z+Q7L0>|3P<d*ZcuBTDMZwCz2o$YxJS*-7u;Wbb=VmEHf3&8ETAV1sui6M=@C-I&0X
zz*OiZ?~wPQ1)s2gH(+m-U><G=xZi}y<K0)_^0&mN?HUc@c7QFJXWOj_!kx#~)Z3Z&
zEwf|)v&tU9TqEr|>>iWk<VBg=3NT4Zsfohb|LWWSz()qOT{Qk~ml_N%eHrvE{`l6w
zN+5#vz{)$P)WQJQ7Wsl@Q88X4s(Br<804u$gOb_YER~vglbT;bT4nfYYk{d9N{jdE
zYSM0FhW*(!=Z?EN?Z~6n*g2nFVb4C>M7)0K*MN^Mu>jaLtIf_u!+yg;Z@YF6`{|!V
zs;<gDqs^|p857Kw?o7KR>B)F}b39kqx7gSIRb?-EpvtbVYjsPeYWJ9G0`)X@yg0w1
zTr(k&St9PtIrFR!7a^{~#7^!Ynwy=-xlZE(`gS60_d&9|=9N5E@m<6Go|b9=&URPP
zx^rJb&wW4PS}oNt^sBoc_wCBn^t3fKdC(4#XkyR&eF|&?jucvp`$b7$D1g9xykU9T
z%EqVMVCA>2Znb^)U1`^RXSJIWzZGyP;@{lKZpFCWmEaxH%Y^Wv>Gmanyf~)g7Wkcq
znXI$I$B@;U$ZlQFMgq4zwc6&~yUadcUGF?XrsJX~ux{ZERj8g#>h>84V4BK+X?K!g
zm-L-&0D7k;UR<w<i*c;#Ckp&^z;nI6B^c3IYowtefe6||qnsR<L9=ab?pc)!sPv;p
z7g%dPHSNT0p`pGfXln=f>9Y#}C<fQS(j8U>K??D|1;>vKxCkzoUVz!8fZ3Gww(qn`
z`}19!GR_!It(S+#dIt1n;d-a(*8$=Bv%Hjs)M+gf(3;rJlk^0153ywG+t~H|{m*W&
z$;f9e8wzMMf?DN`=L)m)lxA;(o|%(Lsy;DW<fE+$P(50ccCtw06-{!5BriR`sH{No
za?nX2g7%;*lI=4j8?dOZ&R4OZc@G~}U{j~3Sep(Y?O8AV3w`(>(%QJOCuo<l7Rh8h
zLj+MpX!w0WD)HTjhhH7mkAwCqG@#kOdrd8~Ej>6p@Dq+{3cB3kdSV(6`kAD5Ds3nz
z+6`#f=RUUD?qvq!KG>}V>Dulq7uG`M8>>Z|vPdqR8r)RmeQOB1Bh&ky#}xC6dVU=3
zfcDZvzHPZC)SYC!>Sqb`EX96KEJmN31j5=Qb#*;~bQqvLcAOxfbH_{;JHSTpDp<V=
z_c}=C3jvtGysX@RHrpMD+=2LgoD5X1@n|u6Oo5vd<6aF3jYi9E0zpITw1e^H6ijJP
zC4VDHJBwsWD8US(yER-3*9C@s#X7yGiK2?7w3i0lM*NEbZB4St)oh`!qQl7(^N7|o
zfdbF1m`0uew8xQ-FJ<>Q{u|^H2#x(9XEU-V3HW7KQ?_A)ugbv=TmooMo+NDzO}nSk
z);Ga{M(vnd1SmCtwl@0}ZiYr<&K$2|7xe1Z?`&ei5_!-KBc0mKow!N+9z;gHorL?{
zDh31-Q_arCztiD`!s21(NT%E~Ych+Z`Th-?x9*C|0DM_NcIr~a)TUU-+Zd*{i$a{O
zn1i0iyJjNyRMO$T!t5-`f+h3KEHyZZMz3s&)O*-OzD96EYCtaOxCrCF0g*ri?Ew*U
z9ulEq$vZ@}VPglN8i3SmzcXg$NBi|D04R8eXq&6&7j;-G%dckBj2QxLo)_V)mP<|N
z-7fMpmH9P)zO##TdPO#Ea$?U8Fq6$iKU}M2(hSQ5Q@cSsNqV!Uzyok2RStPbTBRk|
zz-joskLm@c^_XCkmYjlmNo1!}7HDs#kPc)Ja%3_P86v4up3v%5&XI<W1R`h;owBkH
zlul{CRm(fwx*qx!wBKpdyr!)w&^gyZkfI%<Z5fkeet$=&ZLaItd7d^+pv_<;9wcrs
zQjGMGG)bovFFU!MZDxZ7M**qk%+f}N087tCqmN0w_-pdwSWj!UcR5SJ!c-QmZ9w?2
zArF#VNihga>j2Y3F^!b=vT4^cvoc?4l_)VrGiPBM8P&@Sv%#eUXy=}#TtyP!-w6ps
z(B27Q?b4tCSqDHmYgEeazq8YtdwGydnJO5N_RGHjdhSji{}D&AtMOg7S|*At8qW%T
z?|D~|EnSP97fV8}<bg14t5zjli2#gK(X@}5i(PwwOe6yBXK9J{o$t&R>P7@nE~)o2
z$OpbDPPe+Qz?6L;dk+w<6PS{AJ}g~DYQfQ_7mO^yDaI|7n<=i<&7{NQ2m%?A42g?a
zUPGdoJd;5yU4yxzw$^K<)NMyorg)P@svy8j?imXnB+Hfs(Ds9oqed0l!3Pf`0o>L6
z^4Ym1mLTEt&xdprHTf9FA||h5>Ut%<+C}+*uoq#|p(#~jKUM$~@mmdw?AecPVs1XB
zj8^!{2XF^4-HV=t1{{^$5bp{WnR0e~@sk57KBq+!d6{}FBCeGuMP1$K8$<bohqPUo
z_-{~4AcFRwE}pHK^E<MqZT<R0D@}q-m{@Gnm}1_znfflJI}f!`1CWa7>8G}^)<~Fk
z?vdo+muN`Nui>4r(6<wOZfR1S1@_<nwBR1yg+I4I%%@|Ayadq3xx3c{l)feQ0&gk)
zT1+GFV-1qB*)Cw%qj7z6n_W}4#U>L*cIbq&7l`b|AGsx5$YaGA-|9)H*T8Zcrl86M
zOj~vD#iQD82pN@p|BD{l*pQA7uEEYFjWqn^Nt1#i4IK$Y&>lKv<v0y~*eh3hO`Ce|
zXbd~FA9_roRc=K4^>~_F&WN`K1$QD~`uBUcu<t-mH^cc0ln9eD0Q0~@pArNCmCk(p
z%zt=eo2^+BwCyBg`=j-~33G+k2FWR*7vWC!-iOw*Sk#ez5E4KQ;QYi|8Vx3)jG{5g
zmvud*Mv45)9Va<<lXgshM4C2W>e{mIM>};T>B&;oq;&8cnKn{Aqi$+oLx!JWh8atq
zH2xd%+8rWZ4OR(6&>pNMvmL%V676^Saw@i~_a59vvvS_Th0?14?Vj~>J2Ab;ZQ||(
zCnuwHKJd>@t69m9ESfRB#NPMrVp~+5wqawk9`xmsw7mU1ZI3;QwhK8B5#Wr+wd9@0
znEhi7hG4-^KafPIWm*rzYvhPSG6~3xARp&H*VH=@&6jCJFufG?Ka|12DcG8`N!yY=
z*xG6ADS=C1-@#P!lTZ078r8R!7TW}lY+8#puMLH@GfvOuI6G9l9*h!*pgkB%WqUkP
z!CDz7lZN{YCX42lPN#foI<l0|{r2~EW@kbX5amk5;k;3R&?le7rkjwkbi~L)JL<K9
zg)SQ=N8enC*SE0uq)a4#x}%XjFOwbKbxZWRBgmXwO!B4Y`e@yMr7;}f{ByP0X(!@?
zHwC10#tQd%F&puIdqcC$#lu7X&Vi+@7<T&7i3>aV5o3qh#1TC~dwDI!3ZBW%ohyaG
z&V$Ab!xy|~gSVodMi@ZPM>@Ik8Q<SI2}ID|IeG2c&>)7^s-DZDOFy}d4PiH<9YO+8
zQALHfTlRH&xsN65Ke*B6e5X_P;Qh_G8OpBRZEt?%A>MT)SGPYQp?1C5w=8AX-_UA{
z7WoFkL9{YAd#2eZ-ez`xjo(@<i^ZHT$&d5Re(emuj&`pI|DX*GpnNtLB?4ps^N@)n
zoact@_W`1xswMB@DHLiies=Vy;wx4<H0TG7Pwd$)9iP(kbu<p7!{bOpOac+KhggAW
z24N{~e}a*knqdF+nV3CWnl=kZVGPZ6in)tXV9LsY^Vs|G+V5d+ULDf&6@T9R5%$*O
zi|y%UXxnmY_P0GVJNaMu5@uok=GU7YW`!A_E~*pWXm&7j1jBAKI~o5rg9{i-(RBa1
z%<KyvW1C85U@{QMP^jy<EZ)>)pIcdPvzU~keI4^gii-U1H<{gVAomjiG+@tuU?X6P
z4Z5D2If&E6=^TlOWWfaAxcYP`QwAabSBs`iI<k4^l8(zj{5PNyh@d^7;?7TE0gx9j
z_I73go@mmfVte;Hifjq%d6alO@DFnNPfZ^-TnXUz#(s~1q#cfC@bj&26CiXkL546w
zg&e4H9rIdP`A<8$Kl8NK+9qbXaA<PPlu2e60IYW}^+1~|i0b_jG;)ujy<heYv)5vR
z5#i_P6kRTV^ehY|dCD<sE^7T#+qN9@$2&%s*qpIF2O(EsviNONyUoT=PnP{$()4!o
zv>k!neCFt$gB+Xi&%T9prjSwfX>v)2*CP$E1R`h;u)uRp4h(B+RW(atXKr;{k9m^?
zYaHP}{fbw3yLMjur^PJkd3$rp{(5(#TZcsc+uC7Wbi}JQ3Q0FxcJ(}bO<}73O*d_1
zEfVi$n2Gq9qs%URtJyQFa|3RPPiu5<z$@gHbIi{8NX8_gJs(96vJC5&S2fr?)&*JT
zZ@K%q{u`kdfkm2*WhZ$}E6;9w9$yDP$WeA?FWtVU=IrK-0UU{GWWrW<bD$a?#0$+~
zq#-7OJXEtGmgAw$E&$Ssi`-<)Ab0)_SG>Al*Y?PA@Jlr~C=Zfct9>FUqLsaQ;miX2
z&UIU?vXbt57R{SiYM=hpaC>eg+V*%J<e03q?fohW?aHf~?H~8ybPhQn6}rin`cof8
z9iPgA8UT;n^nA8mxE=bZ@R~N>hRb9F{uy8U93Co6;z662p+FuZ8}Q3M`w6^N0M%MR
zG@sLYg303W8EWjrJ`EFTw$VWSeJwp19JpJ^YmQ=M#w9Vp`=OIZy12aE+{gL^1FQa~
zV<G+<ViJg;J;Vx3>~?}T6L7_Q?AcDMs`4h1ps~%LuR*5*H(_Omc9z+}{1^JEb@tE$
zXoFCSbwy>h&_=&+I}y+Wd`ekONjCRfNIUN|tWVoGpz_nFZ?JW1+uY!%?948~iL?w?
zejZ;o08X1D2!MAKxFsYln$%81_smAKTQ6nwcCH6(x(^QLVE&tr*4V#U0k4dEG6?Nx
z^e>ce!KK{mmZSZC1nqa;#Gdp2s~H&lE_UYG*qJwzU@mErLvuUdph@pDDcf#N1B{#B
z0~-Nt(rL&;<M2Xxj?el>0ui+PN3Q)Is|QiDr=RwkuK-6hZTc`f<s-$mgmppO;Gn;q
z+kfJ2!r!fk#^C0g8d=z>1Ay~`b&B|<FCT4hKCalFT9*5Oq|iz$3{Im_dh+=$`^MMT
z_)UP}AuaohT8f49%zgpjYBG!fSnh10)!JT8^<0CF@|su;6yNnVvjg|_@p*fXd-LZ{
zudy%JG}r>-T**5Ez<iL}vN0+o8k!SlkG0|S8iFZC@jtQ}U+_G+;AthoYL<5W(AW~2
zmCU#dd05rZYPU0aX9kTh(4AA`5aNvIft5f6?SYkdeo~`S%0omN^}`Q!yW+{NJbZWo
z8|TVI0)T2XDjy^urH1cSQDFDp-_CS%uWhT#EezFw<VXKc+IE+Xo|qqPySCbF|9ORW
z1!j_;-iFO2AqU(7;FliAte<bNeGCA+kwb%uy1zXdMGxdT;+e!y;P0;lu=mRVwlf_7
zsP`=2XeT|h&dQmHqCFoq9pwdL++Ips-KV%%Gu&^UP(fpG=uF8<77A~U(UxDotik5R
zHfIf_tMIwd2-i4t+0j!**>E&!<uA}vTE&pYVK`yB?}n%GJQO4lL3=2aQg0rqZLOGl
z%O|Jox-3_`P&Z%l65sW91B1CDK$5oNYLOorkn;1N)n$CPg%6^mUNg>)JiN%3FHKhd
z%Ozcs(fTRc2zbAWBKy#XYwgZIZF1%dpBj-Xvj^{Q_J?nxc~8Tuq>7PPpb?PDfVaXF
zqlL@%{kuhG?>gM<#;@YTShf{lKeTeQ9rM3cHWhD+O^G0t+kBAXnTViTm^%Ks*<)-f
zd<sazMEPeJfc!OUn^eeTLD*c<RfTr!bMcDl!EUZ`RzJJ*0ol#bvhy{&GavGaaqOG~
zRK}5ppafJgWkZ&B`_xl@>URLp@`_SB;myVNOeH1~nKW|&&>$Pqlh5|PWrg;GAGX>P
zkN4EJ$B!?vvpzcxSG7(XOJkD8+?*4Uo*IhHtF;Mmp&kFGb$0JPwGOxiYEB=OnqNN0
z?ApuBu6Pd`^kOru#wV>?wr-tQFpBylW|Utu;CS(8K~HSryqCr#A{ole^I-L6d)2>I
z+C<(F+uq=m6Ze^yC3=}yngzvx^05^YlV@JbR$hKzNec`=TVN=c3aPa8NmSudcoMT9
z%QEYl_zys9f?v6*#U{c>u6FYz6Y;bQB#_HDvJ2RaNoFKKJ#62iDi7#9*yPL<!Szq(
zisRnoO(erL5l6xDKmyU={&&kyYQ3$Q!LHC)yzX`5?TyD2+mlPXY`By>j}<wk+=+w7
z7I3&?a-qHMn6>P1<27!jnXz$?re!+w6tn+bZT9kcXx~d%84$46`GiBv{{9`aw;k`b
zZh%qmi8aM>_tFh^gad5vpRLYBJ}ZSpKbeHqqGew_XN=9oH(QNGC=^YTzYOhnR!M=e
z)>lqNrD#VhQ@HcJY5Hily;ycy&ZSW6jYL;J6~K_Ce14xpRtQ6qacXE24iIzL(D&-E
zv}R^22K(h<hhe*g+(aB9R6a;)Zt&Xnx4+Y3k3X8NZKrL_*g`w^JZX~HwkPF5+a@Mq
zP#ej}e|tW=^Str+b<V~uC0ox}r39oC+Ht((0JEzuV!Hd6&EEYgY~GkcE<FdtFLT<p
z!tk1VPa5^DPp-COF^SAzk4=%5UCn2Okl3YV%Y{$wiYLsUq+}BEh4P1G6e4zP-;9K3
zeLE{HY3nk796H0>&4Wu}C-?t`-?{iu7@vCI(ur^FS_$Oy8{M@z*#lFTd)=sUDcsU}
z&Q_Et<}Vmw?|V-PCXzgObY#g^E_r?sG-WsZaFg4sQW}1ka(=|C$J&`^l-iR^Sju!t
z){8k@O2co%6x)h}#eVDr|GxKcvWqULwv8LxWmRyd5;xgLNInb?ks}T@yXdoQpzum(
zb`V%gyB1W*wyX8A&wF5*ePGdgo5!GIBREI&c?E1`R}I5-WFsy6#)|Q724rYd)!-~+
zoss{?H2G;v;8`!Q&4C2Maw)7q%l_2FQr4&OqtF`c6jj%?+7(QZpT=Nkz81c65yyW6
zE`bQz11|DBCP;nUk}T--7iKGV;N~R&l^4kfHbi*qi85%j8SPjC=7tH~OcPHt%HjS@
zfcfqZTJ3=c@p^#Vz#5oY%x<)wIMZvCC2|=TdED^Vef%$wlc{9WinJXtzsN58a<jej
z#47ve!}U&c7O-bLO9X&=Apt^VT|ad^%z)#Y?_Fx&SleU^0PK~>ifHq};#N6RUuOyS
z<wMz0?1Y7r{c|yq(61KLZNZa6yV2)bJnBJ=RNVN1pD<^fn^h^7Lj8&Uvx*jvXQhP6
zH7yrm{I|;_5J7vFi9QbrQ~Ly<3uYA9x2|r@OtcBL^3cO%SY~GuEg*#hMZU;QfRO=~
zxW9V&MmH-{jfId;IJx&eBkjf;#-inS+N3fX5nQSBMtrgB@KD)jPNDtdfi64j@KyGe
z%U0To6|D}GGw7@Y6M$4NK<h_e@yH50{NZYQ1fVR#qhz@=OXQ8SOhkfZf#?Lu1TFi^
z`%Q7{SvwF#Kw|6J^^JCJb-m3-%U+u_E|~~+@<Qop1VatPAtQ_JC5hKaa4FP;nqLK%
zLZ!cx@yFnUO9BzJ2UmIYiJKy{Tj0_jdJt_&l+?;ObB5c6Uo5p{>sV(3r-{4~z`O<X
z=>GU^-+fQJ{r-2f98l=`>-t^qnr!cSTM1?oH2rK-t{&z>q^$<1c4gY;utcrQCFftz
zWOL`Pupj<ljkP2j9t#Hp7Rvv6+FzI0IV<X{qO=J2J0?`}FkgPyy|W{;$PAEqF@XK~
z8Kdo}vWYH;8V{LgWM95Pi&4Rcz&%$|9OKnMv~}63v&P!^;l(cRLCapWq0w&Nyv53~
zXE#VLxh5Fj-=z|WpuJ1QpNGV$tD3Ed?}Od;lSZqr@5q=)q|qJ!W(`Qu1<!S(f?ljj
z+un$&V&Tj}{HQnElINRUx&lg>XGY<{a>2ziYU4>FD-FDa#-vwNJO7h3WDZfov5B2?
z_MTm6`;?{Z|4!X(8#c(;;YmpfpnhA82?x`_{s49jyvadQAAWy<m$F-lAf{tK{`A2!
zd|D(H8nydbjOt3vGxL~I&y4+?NsUjl1kV8E(Q~_7=U~sit4c0~h=3f&3ZJvMcX<S{
z40m}E<j4SZRnxxrDKD_Q{@QMjXDy$qm=8Q~l)dl0!|bU%y5TvF6R^<^@uF{kdtEXp
z2|grt^#e%zr?*b9XO?%`WI(lxHB<5i+%8q31DWetidNnwqk*I_y<d;R#=PTjr&GYq
z{bUYFSaDgC);mdBZ)=C$e$X_VHfmUAy1KONjV*0<uKdQ~DPN0GjVInUti}D6nWNpF
zlc61uY_z7y7nn6V6(95sJP6MM&+$C;BoIM+=#|-4982qLb=!5N?03JdOO`bC1Cphs
z1@?gt%C?P}0#B1%7j){Kcmw#O>E_p5*J^j%;mss&nN}eN^p1B<woiYu)Sg(}X%pt=
z*}hHu4unWb`9kr|m_(Ge=YX+3XM>O}xBmv=l$P403IO|g)~o)(!ijd|+zE~!fpwr8
zpIT%82GGlKdy&UVt{|$I<?1JTOPILhBK0x<Z3S93HtkaQ$~7&YO8md8B@jV-SC>FO
z(x*1ce|qoP1$N~(TkZMhn2nM}haNW8O)+1wtjkI?!@V0rvO@LkQubw;DCRS3@ojJ4
zXiFBiWXvS$v1`NLFMM&j9s06DTU>?N1SbmJA5h9;ez(WB0DBI=xClG;nNvpE2M?I;
zgOaueAcfoisM=)bR@T`(rpo7QF{%l~TL~zi$NJp+Bs<|KVcE}X*=_y1GL0ll%npDU
ze4gX~ew9E3?S2*Sz(p=l2w?cfKTuI2Ra|Mknqq#&C&yYn+P0hY;xx}Z@dg09DeErI
zlwJCzHP+nJ32^)PmHy-@CHDOrreRZMfmPJPqTmXcCl+>fG|nFzSuev!`gq*?E;(e5
zTg6Z1Av?A-?HX3sJLa)9mcm<PBQlY8oR79EtegGr`4gSJny87_$NWHbt^E_Ne;xyn
zt$9jsSIau4@5f`J9Ci~4$W$?JN`amG`6jDep18mzc{}>(adyB$?3$H$O=#XlKGiPb
za%K{|Np8Mni`{e+o)HNJ`}Tncjk3SoJ=vD5?yzywlEm}LLr8Fd&jM_gT47bdE}My_
z{oTXoX59NEV*z#xgP@oEdnHziE}O;gp8cS{Gt8t@TZS$Bb5lp!0aIlHQ$y|3Y+x_V
z?=54om_*Bt+F9S_JlNihWjWYNBnN(^+4%`AU3TZ4R9MJs+W^ayVmtq$v9^|x!?9EH
zZ`*dO^3fpdKd;En{A68baVKfo0&ekk%<CsG1$`oeq8&DMeq!GSWQHmQz+S6f2FG7s
zHP_90lsQCT9kTWV_MyC<*@*K2P`MiBqtYqvBBg+QKd{$iIgU6P2M?78v1R|Mev8d#
zaj1OQ&WCCl?T&os<NMhi<uWw$M8&OJV>Wj}p`G!G2CEJePLl5O8;%{1Z5g+>WqDXW
zwYP)-WetdKUd6<fiCWxgojte6y8-%vN&muoPnu%aerK#bwy49V?*(x8gGWhk*81bO
z0GqbYRsq(XXwZ)yK8IamMmqbo06T!^Zx^k#v(R`K;%-<4z%t1`FQi4ND$%AdpEbtz
zpEBA3cF^plWnZ&|LE%Kp4g-~WNjOHb%Owy&dzTkM9vJ{Q<wY?<j>4#Zcl<G1+fLhr
ziN$u_1>>!jRWZhB`BZ6$c_z8u6}s7%OlLoBm2Fs`Y!^ma(zZpXo<7~a@wG7?xc44f
zzzt4goA;AvYM5E6Og;JPGCO$c=nP={fyb2nos|aPhI`-KWK#u+B@qEveIunW5bjh=
z0QX5~*?~es@sFxnyQ99%Y1z)BCIpD*-9iEpw0DbQ%*sTfZI`o@>FH?ORh2z$+pjxj
zoV}Boit^ho9mjh@fjkm8V%nTno-Fs=*J<aUS7S|$-2;;X?m|%KGiT4}0o*ySzn#ZC
zY%eN_N*#kT%so|jY`g-~!{Q^$ZGXHrf=MKtA7R?~YyVqgQ}7h2Bhv!wTmf5rNyDE;
z`ZcYc_5&87Djz?>YxOWE4S#cMyM1FZS~e>eh5=8#7issAKm_gGr!0L=Kn7{h!<>gk
zm;K@w-gi29l8hY5hPh`?AZ+5dEfmNz1vfw~Ds}x0TkNvSR#_Wse+$q>4!BV}KXdkU
z`{tEi<DN2)Dc<=|MST+e@?W4kAHZCKpY?l3mDulJQ(^NbjMxgW|F@>z4*6HLU(cF%
z@-^@%@u?HF6m!hWFt@yYFU>fG5Ny!0?^?Ri?qd%~d5mc0XFeJVmqz?IXe1Cpd(ad`
zei^A-&7O|43hkV88|~R=n=*i@R1Q0AoSpO85op_(NfLMByrvFP6f(DZ9k%m>78co8
zzt&{mylNG;UxzO)DG%H!`}AjK*pF@;&*Ym98%<AtIJ52tlh!SuRJ%5si<yAqB3$Us
zpFYaIe^f<gwqvki>-_Ikb@sA{R<KKbfqO?g#N?}ziI0gi8d`+vtNTu|iI`oa*$bJK
zwl?kk2)698X!mQepGRA^`_y*3fBE{Jc00lB4jJl9R@b}nh7Ardz5AUvPn>$Xw}q<C
zYXC9dW)cC3fP3}xX*+oDBK!RL4Gci8c3L+0;>e}V^@mTMYJdF0WLs3-X$@>RGj=BZ
z0P&uL^Pva+zmgXlvjEEVfZ$Rz?A!L6Y+pLO%*L=mZ?Ikae56ckioEjSYBq;2FuCJx
zk___1Hc>I~$s$y^_<a%=zt@zjx1>f;T<WRWZ7f2y1z&MZYnK_v-*u1Tzuiaz5wv%s
z!t9-u#$<~56<4;f0-&F8qpGZ~^t^eccJq(N+2U25HgWd<Z|^z)<0!87+dWAqTkf{p
zt0WhYD+WTS#t=y8A#oCtK&XKvl!WpF2@rY@B_tvA5+DgqLJ6TJ#0ec@uw@%;S(bb6
zMOM4p{l9N^S9g+6wq)H&chVbsv~6~F=G(n*-@bYC9zL&qf^S$yi?&HxB<}f;xJPF}
zs@^L1QR0T*?|9-Sxg38&Z~6GcfwY{H1uGos3zNXMlDJ8OYzH+=)L$>Ij>u%F8$LQ@
zsGL?j0Ooa6NAR8Enf0+RuP$6Kha+rRPdJH!w*V75ELnuj_IR2jkA^Q9Kfw6Q=6z%)
zanD)1-FPt^j+e=5?!!5n+9v`^+U@hcnqFD>rEmBBUf+7tM%lL2^8jd~yr9I_zurf_
zaSGh0a!}Iq9-4eKz%#VrUbDbcm0WuHHo5(_RZ>-j*^yutLpr!B%>objQa34CK2*;7
z0bROAB)`Ct94K)akft?Rh-wH<l%eg-La0NoL%hY;rWVS92;pUj68kx{$oAKQARjMT
zDaU`dS_bEaj4FhYVUk7IxRhtDg7&PejL4tI^pV24!AH;4YZY|d_rRwKjkPP;E}o>R
z-6Ei*-EMC!ItKEnhKucD%v7WYz`y;?8<Z3au@XU&bf5Z*YpEt-bQ=;VR#Wkd_leu6
zN+5AxbKQ2i_7^K;`!-sYcvJ0z<)Fb~IG-9O4?Wn!5cdiwh5NwKRH~(JcAM`8O374*
zET&T@Z2$9sL2?7sA^Dwi;?yDD<eAN|)VTJ&C34P!O)|1`wux}gi7d(dQSp}09(*CJ
zRnA5jv6B-FKE4Ji|4B^V83|8*RLN*+-v}i0`D))tWoYl{>w_V>I4F76*;`}*oJn!e
zitJ31p0r<AdHA6oW>7NeQD)*X!?ma?Sp|uE{Kzc1`<_bq$&Z%F>eYcAw>NW=QZ+-R
z{qTbR2qiX94nD}1d5a^`8^qlSuA+@AST;XNiB*xT8Tn-x$a)P_H|3CM?;P4)K0K;O
zjvC>8f)K0Vvc&ImM4tKHzZc0Jh@>7&oJqDCp4S6peD|6^S5F!!VW?^12OpQg_3Ei#
zY><8!d|ZVWG1VxV+BX79+U@)P`oDNsKyYLV>Arg~SOxRDz@ZcOopu_c%$(}kZku4d
zh9!6;$;l_~H49xtoC(Pvo~x0sPF*Uq-~*hJHWS|`BuJ_uzI0GGdGQ~^<o^4*8R9NS
z!~mKG(szoP7!<JRUNn=ZlB}t>CRuO9^{5Itr(2GEcGxhv;=rNOH_wx<35TZ+VbmFs
zmlmv(;{Ps@*I>ml0y^Y!kYzH}A-J4*LGUFo5N%t9m&l6<Syt35Hsg{wMbPF4X2VPf
z%WUjmdA3zk`$j-XyM5o^y54QagqLweA^AOm@xJnR_;E!dF$QXq8*k~yJ!Uqev6pTE
zA)3k?`vX>?#JyoLrGH!I&xf=>X{G%A<qd|cJ<|3D*VwjRy|U%vO9skkpAC|;&d4?@
zlg-<pG8t}3Rv0ZN^ERWc0a;VBrYqIWz+fR<n0^IQzTet^p!{}9p-k-G&9nuFOyW6#
zNgboOpE7%m3`P)x{?H*aFmRnT>=jSSUlK6YG^H2>{Xc{(JHc0rupLIy#_>1HHptxw
za4-^WXPn7qz>t(SY9(!hfRc9G;NI$2B@u6cKWl~u`{uMwvd|9?M#duvj2V+BFTT)Q
zN>{>~1geOXn%sd5*`6&cG2jR7!{|YX9Dni#x#5>9WYfl4-@%ke+$2usi4(iZ?;aY4
zsrmUb{s3F%mPe!#3S_o58{#s{>^Zr@!1O~XS%YlLK-Pyq5B$RT{_>ZpMRIgOpP2f=
zROacfDbc=GwqAz5jVSKxc1jWS*BopN1{|Ao={+~DUI~Q1l*Jfe+#izs<@*gXl05s!
zdqv`2vZYdvpS#Y?xLl3Cs9K~ReC>KeNxNO&-nh<@S@@%;2nV9R{kFAIS?L%xN#Kv}
zq?7x|FR#gylF}4JQIBg%uxdl6Pz6iG?GXIO7QqkoO*`ZpCoh$cKiX!@*kV#Q+6{?1
zH`kWqj_)lmzdlU<{HNYBe1awOK;9b=0<s4UqZ>))2rBD_yasm6i$K;VVMgK069&jD
zAnQ{g#RhiQBt|A)o2GONHde^x|1Fo}K3y%j*d7Y0mX4pADd2mRHsLSZ%FHhTL0cc%
ze^A{ZC=ZaZX)SWcr+DL`v5e`gHrWKL<0K{Rj&rX~PwDr1T%j$GKUpo$Jqw+QpGa0D
zs!K4n{P?eCL5GZh3DB4r^+Ql76-!)`*I2*Em3@b2$&B|L=(1PI1HWD+n>Kk;cW_y@
zF;JO&>)ZLTh#4l&|GBpuc(^Sy=Xn}k_8~|C0fS><MiY^Fj4IQslgv0^usnNYk(@Xx
zUwU8w&zSMWku`~N!_FFc1TIy_{AaP;Pq(U&t|`q@4MF|2Up%-}QkHBw379(eCD3F4
zb!=bR52~6#x(+@k{xolm{GQe#MlIrzd{P>qm1G10`c;(?w<&pzq|NmDB_PNVS#s`q
zTV(9m&St=mWJvpMM!C87{sHoj(Qw)i2BDpFZL*waG}a9;Ak`(bav2W2Kwgh5=&`rS
zpPtz%x7^W34m-TN3E1nsSUjs25^e83*)r{0`SO)xddmMk*(Ogtz7^IbF*+rIQzGsR
z61;6hPdTZuw~XwaC)wC$3UtF<=PrJ6Y=c|Vw-;}cUzTo^5}5rBf$cTxSO$DZ*4~*s
zBl(GhU4Vwn$8~QR)?H2=!*K>rx(<l@<CR<FtOXmT052Q1DHZy3b5Z@1wg@O`r|qpt
zQNzG#B(n+_^nwcIv{Tl~d!OaXfB~?S06USqM~>=@AO`s|^{BNnwjfJ3LKkj~k7In8
z{Km0e`0lHQFVU*4ur7hr{plx;965E3{0szs?s>gs-(m*1q*fqa-|b2dkURq{9C~OE
zp~{6Rkho!zE|*LiWYiztk$|i{`lVFOv;%g~?_nDHeejU?I)VpaF1i#zg+hHXyUkD1
zRCeD?=s{abF-`sZJ#yuu{RXpHM!04R*v{2Es^!#~tBjv)dJbgEQ`sid0R5A82&j4_
z?QTiyG>GKbAH1*_VOMU27e3BVq!}RfxRhv*oZ1snW_p<cKNDq!VxY%wDQ_Tc%Qr&m
z?uSuBzBKN=zfy|Fu8_O$T<M2VgG}tVC1@{SHo1sAp98Co_{4J5SCiZ*tuj-hresYb
z<OG?2U~<a$-Y%1`e!5CthZ=>d5KgjLi8@;&QIe-hekpX-2SDX<*Fi(2D+Wk;ABZ{I
zS%r{gH+{TZR$@66UBvCv)Ikxb|Aco?5ISPFDb;RXLH%|JGZ3rfu}7fnZjcyd=B_)s
z%B%$u>5nKg#?~7olJW$yV*6^KmSIfGk^OBM4gcI%T)9I=6fBe9Jg`a@msc9%CMh#B
z8Ito>>-{BBQ#vR4F|#~9;!!tz5-dVaz!dbCp+hc&*Sy|1NVNlGZS#&wHEpwgOhy%$
z&hxDzPlK@gcL{qhmpH5+n!QpUq;4Igz7l2ihYP$qXwrM%L2o>}O?zp&PaTIDiWgqI
zRo;AklOeSDfw>DW9v~NA*hywDh)O?9Y-u&(W&=S^B<~%tF4=}TBn+%jfQUO6UA#>S
z3YW|6x2}}Ab9P9i7K9AZnPi+O1!PUDi;^|l<?fG{Ndd_Ew9nVeyHJZzvZl+^<seO}
z@A;!3ho(C58ki>}VYGV_)FSU4I9SFs2wBE1{iAff{B%+BLzbnwe_DTP5Kz)i4X&9{
zD<w960C41hkR1E9_43)L+w1J4DY??j?#7!3$?4yvW2va*kAMv~RV8hZ=p(!ezEs8x
z2}xl;ORoOK4jDIog<N*&G80IcHr|QS8t8)mhFFb1nz2YGyt~AB!=w2gb=GuaO3Au4
z$vS8w<3;ww%VGrv9^aTWKn@<<qwb5qsBzFX4m_SvvPOoYt(?fiL8#Vvp#*KzW%?nY
zq@8~Eq;*>a2B6<<#&*nujCttfH6}zECD%aW?%q91?zwNUoOGOL3fL={eABuuHCLl~
zAj!KDF8DYpXWwBV`SowA5J-5feC5!kvTiLpg2We&$yoo@tX1-jnXBc=?KM&W{q_)K
z>XE6luEMglBx_u%E|Glu0^`M)I{(7BesWA<AJbmy=t<c8I#{@Ar+n$-l@fwVq=NSe
z=O|&<LD*qel(akSt&epa{2)6Kd|=QZhQ@N`;vcV+&AyE^iI0PPee$#Ap+|?vSC6*k
zi=~dV8FBlpMe^PTHT-7GF)8e4%j9BMo6L8lriOIvCH9LcjOpgmIZH+&IKfJEXgzW;
zuG$tPNCOwfd0Yg-{u6wPoZ_4IvAqFdudS$-(?3{h6zl!5p97CrXi@}pJVT!W4*{CW
zZ3O}DGt8EkUyI1qSH%MI8tD(j-5+Lwk3Bg=4nMd7aknL#;M$d#Rk>w@N56sNsrdV9
zj!>$`N?SISZK8xd0EArz!hUYweED{9f74X9F(B+MP?!Aly`}OICIbzFSHHD5sM3{z
zN&f%=eHQdFs6&7gZ)lTUjDWlkJyIn%-MCV!{a^(FaSt36mOnl}M2<Zw1c@8d-AA<Y
z;ACBE<5oz<J{$APpkYd|t6`CpZ?g^5VfTw8?9;}20Xlgsux{Cb0m-Z1Um|~kDrbbT
z6j8q-DZe=xb^#^r47*_|Z7$fuc;G9CMG1U?+;P`Vx#RX#m>J2*EF?zgTOqNMxS#yP
z5IO01>bPN5g3w^CYE_a_5RzXx6*im})C>4gCGtF`r^gdE71h*XS4N_8!-q@d_nTqb
z7Y-R~7Q9C_DFXEnP|~gkhi(`G0aL6k^TLDu@`fF9_g$-uSzSDF8&$~@L*$I_F*I0I
z2EdNnSe3N3{vpk7Aqkrkb#jrHU?R`U6Z^}wePb#S;!Rvh*f)K+OzvJ+AtNzRx&$vr
z5;mo9O^QG~0!rHPXrySJ5^6>zU*ZnJgZ=y$+vTnV#N8)9M;`d?5V^?MaeEVRj9ErT
zbv8AP<sGLBE0~qb4&b>8`sshcW8aCR`qo*sP$l9KHfB41uuN`)Z|qU<DN>%ngq>-R
zdTQ=|YHL-}PA$Hs_6R~)aR@AgQ7EHx%>)kjiJRfUCXUGx68D{VLRC`Zt4h!x_N5!l
z0q?wXu-tijS4_Y`Sg_%7k!4x|+jP7HZ!ZlG>9>0&99ZoH34ek}?o$!EjF^$w0v&b*
zCimR%!4kO*VarB?uos~$b>DnqG9j_A{F-2!Im#PF`!%H&0VVAe;tL7eJi*<&(a0+T
z!h>FOFvu=um6pP*C!uPz-o$mB58@u3CBL|4yWDci3NMm6o*WVoGktzsapfSmdWEl&
zMTq#0UogX#r8JO261tbFDkxzWfv^{2Q1NICCN4T+gzP_{yRi--VFy+s+u-Nq>US3-
z&SZs=u*))tuu0Z@xM>Z;m(zTDSH#yuUN-k=N+kkH+NnX8&vRY+DSTA_?XP{M63+TR
zhs8y&AsCqIjfbA(&8I(|6MABZ8xr?~Q3zCUV})FI&2rhXosrZ@+Vtz;b>Ot`_LYDA
zv!5*4=t$WbxK4%C-I4U%gn@c!x>sEQUnUpy%#}Y*DUgDmo$H7?Anc8mHFC*2<?_HL
z_{H{BBAFy%^U)oEHxM6RMgTe)1E=pDK1>cPz=N$Rr3ff#Cl}s;g2R5b{Ea$!c_I1w
zseNQ-`B1s%S6$`vB_K5z-_l$z89{23+l2(R`NT~fH?2zU`c)O&r7n|=aiPIT+{{yt
z>M0B6a}rJn{e)%7DDQ`zpw@P?i#MIK6?<W&3-SV3h&)ixL+(AiK>Bp{f&<e!Bp~di
zh@k%c8RhciHgAUJVo2DTFzCpBlB^jDjRA+3;7g$bH=Win&maQO!9#imzRII0!s1N9
z(%aI%Ek-~|yTuUJtAN55(@&9KLuQa{8_#tFrgH9pfnoXCr30m;WRRSH9;2T}WGj4W
zFwP;$rFZg)dmXGw7)kxnCu-z--&$t8?FCcb*#VjajvC!rp8eBMx$26}2wfJD?gQZ%
zsV9z++0wnAdvO=24q=es)ld<v#*EB=z>mm<lZQwyCdTkZ#(`)qN!+v7ZkM7Ni{<sI
zs0@edBohJ|@RpIR8M)r{6YgObV*=1!L%Yk;BMW8PKK-Q&`hrKC8g1TX>I0d7hx`OG
z6ZdOM0s>0fNdPgZf;wy@EUXgb<FNmm$P4gW%>uFEpddypq}6d<;4fpCy!l37Dc&D(
z4i`tHOTNUyd!;L}k$4~yGLrf}Lqqb$+fn0fk5OYt+<ft%--ft*_0E=?ZyO@hpYLrZ
z;gqlUBB;A$xOS3AWc;KWfxa&Si5&+O!52pim*Ym}8<GZGCh>L>n}09fC==gZYOG3z
zWO<R?sR0hkd8O0uFWXPOH6zz^Cg-``b7j_H!{zb=hsvOCx$G<cO9YQNN*S_#3#S}}
zXW=Kv8~ooyx_2}EfN!KlO4^M8v$wnPkdn9|UAuUOt-qq4{gAIg-b(VuK7J)fb8;+%
z$?7G4e|?xd`fv|KL3d217rk)TG}d?Hr$^#uXs}TO5uOa9^8p90l2`w+(LhFWqBzZ8
zaR{>3H>c&x?Ae3mxMM?RB2HgS#L2--lZ?>kn;z}@hh3!D*x&1{l!C}^8QcwVCkx?P
zwTn@M@DQE>L)ILl`@`JTGWC;{(icG*;3`F+@;8HcyVjl_d)P<5l=`3}RQoJ~j(#$}
z9A2M1P=0$vflTPv)$|YDh@c3&%lFSB<nQ7cKL+_@^gjz3tKNV-j%i8)0!rFR0I^{e
zct{;)Jg^}wcOu_{GLw*>MdnwsF(<)q+Mz^x&UyW%Y~fJ3`pQmle;Sb`2n9xcH{GU^
z{L)UPfHtvh^l{xCYLC%_Lvs8H>*c<CR@Fs#Ct<PeRF{k&-$kDN<1qQvU0tPQVMI0}
zoETL?ZU%lZ^LCJ(C|xgux!zXvk3{zKgN7kUaCV*Enr~*_=&g{zuYZ5BoB`k6^xIAU
zCtHyD0Hk9I$T|-z3^2R`eO!U4@Q;k_C2t&6B*(%VVUDNviJIr!gJTE!ay{}y?E53`
zJ%tuN`yg~B>}20(CGBJ*8do14*eD)eir$p47bAZkho>Tch>U%nzMK43Sky^wzICX)
z`|bew`iUW<?+(G7pywcv8%3TpObiQF4W0aU1a)U1g`Zuv%?wbkTv=_@C2TVKY>2xD
z0tR1t`9OK+zXN34{<cvG@v9;iVOugm>L!`-9n%l}VbB6f*BABfB+HI0Fhs__@+B1v
zyOOXMY^=b5<083vH73n~uo+~5_S>v0-4fdrypX83-hj`8g|G^_s&Af@!2;&oiG!p!
zBKvS`2IVMS^Swj<_%rf;xX(8r@9>{>3N0D<N=8pIAf@B;lL4?bzlnI5`GDhD_8w+z
zUx26oT0Hz1rZYcy{tzg{$&MXSdG(b|^8M2`!-c3f@K*(g$`y#<LZVDNB`BUE+GOV!
zSa{hWP(s+2m)`CxUp|<Dv?y(}<7U+?H*Bbtr=DCVmtR4Lqc%dG*|G^Sw2XNmQ6hUZ
zHKAVC-MJS`&!BTyv3!^e8XWcr6#H4#FFwHJl~vniNKTe<%i7ecS&q#n`yeR2iEgtH
zw%5Gii^chJJapH5^9E9NutZULqilnG6~PN2Zc71N!logJDFXliKmbWZK~(#IBXOb$
zANAH-VHI*px3FBkFYX~MLi}68BD4xI&nVVELH;?O=YL`eyj||6^xd4h$5S;m69L{2
zO|5_c9%dtb;NcD-W7GOQek0>?>3fj_!j3|cak_K~$+y0fFN;Aycii5^NTrL`c`B1E
z4B@ApWQw0D)g|i|xlonZ;vm4{!H2Athkw6DcJA~72BXggWvWa1^vRaXE*~Txe>6}|
zJvqy$gu-CO?$D8^+gAlin}cwh(Ef#xuCK_?lciG&<YY`oCt<T&xR)d?qYl{u|01`3
zwA2I%9*}Lz0QmBzgpFZ<X1$9HSSkL)zVRcDCVYd?N1E_4%KM*T!uN+Gi{ucWu<<f7
zCVW1%ePvf%!L}{ZcyNNdySuwv(BKf<-QC^YA%WoTt^pc%4esu4w{y-N_Yb`B`pX{u
zW!J8%rE|@yWwfh6jz!{JaGn2gJARF)9txJSDBWqFwF(B#f2NixEXbh(f4|N}Hn$TZ
zE=-q<!l2kHaN2Nw)BBFMcU@9mgbc{_BNHa2>%}BQu9sdVPqIUTR_S;MQ<wJ?pX3*y
z*EE<@l8imESzT5>IneyGX|O@P`A(Sg<CoZLe@^Z1*;Im4kuZhC_CS<xvdu*b7OzP$
z*Y;53w@8vGq1hy!ge;w0q2~UzERu_7f6c9%f$I5HNnCVR#jxmRivg9vh6wz5jFHG+
zdkBv_6Y5yT3R*Br#V*3&Hr*eN>4MuuS%o3A_&fk`P(7C;m+adea8nEzKMvZ8H?q_%
ztt0>*pX^Pj5X5FX_Ru!V02_ZugrrAo`|L%du)oFat1ONv{(jG9nfDTdgEA%=wdWBV
zNpZC3vIWlr4AL`iRUJ1=$6b3N=qwRXq0Gg$Z_5J5DPJNQeY8^fZ^L76oaIxc;!Ws%
zye|JD^$<jqHt5_89Ro>in?tIKo5ZQqwBsyS=HvObr&YTJ+iUKE6w@Pp*}TvzYl-fN
zZVsoGMtKm7L?G2+7f4d7%a{yjT;zPPSWyN@vzmn41zVKN+iF|$>tKy^L>AvLVl+cL
z1J{=fH$Oe_!%qQ7cGgyUfTtWQD`UVF8M77b8}*a7QGlJ|WE)zhtP#v?Sv1XVikr!M
zJMQzC0q1DEe-Ns0kz**yO7jc{WRRuAhDUwruZz_w)!dZon9+Eqk<@(sRZYpbFGY6o
zcha`xLcdoU+(vfe?NSUro6&SQN7mA!Y^x*TG7~x-wdG{8H7T{`Laj8_%*d6vpWE#W
zHF+RsT}gfyvTYw^xa|<)sKY)^Xu<f?H)xFIw`hzxNH2X^YR1vcunU<GR3SfDg1kOh
z8UTmI^qCWUcG|nr@0N)0#Dgm5O-T+N!FI3XUbYy)MOe^5kKvT>49=PbfG3EoA5tz#
z6=-ph`fu73s!@i~ed$YQT&6)5Xw|=H6Oy#c);!-g)Q@^q$}5N@dbeW}c$HV;Io{h4
zT^B%qQBVKQ8B~Bk<lm`4=xdV9e~p2$C+K+@5<i!VVupALFfZV5dDIZ-mm40zok#3h
z6go+!I*dCeOWxXpQ%|lOm)HSjwVxgy)+FDKUD1G{w~`*!(C9Vz@KQ8~m%0zjB7>Pi
ztJJ+ScM~f9S%PE`&6t)*sIwHzXY#xF8|s4$i^sNbiu}{K=QpP~@p@hzX9%ePV=NKu
zrA+7O9<0q~ln=8`1QFK#7B?fNUU&EBheq3OTI|h9c9Y696**7BTuUWj7~AR)$1-7>
zjLdc5QONk4%E`wN4Ug0Qf-f^mNw#GHiKGMcb7EX+Mk(6M(SYsE;BNLlutea7k<dtv
zAtu*7ptDSf$|%_?OKz1v7SbX2n+VQXg3O}%!x{NutYkLyJ*<yK#zQSbYZjHM@%g%G
z_Wo*{^}f)w9&)gYUZ^p1l@i@?*8A=fq`3|2i8s#gJcJj|g#bpUjqdlNg7n9Guug)l
z!vcOGq>MbVZX}bg2)tINa(EIH%M=fLj$#rB#9};~{CG3{X#R)^3eRBsab(-IW?1N3
zLsE}+t_&_r+T`4f-XC{;7-k~WmdRIx_k^-@!YWZ@T>6_5ibB8QzYuLB`%z50CwG26
z0^K|>GAC|2!pj}<C?p_lfJ2qD@JFOp*L5N_k=~ro2$_)#0^s<Y2y$=Wt+$5uzLG}v
zJcbVL;&zW4*pX@^rrET6b)KhtZU8!zaT|K^m9Lf{Z>fKqHk^IsyUw-ESL%q~9q$0I
z@U+2sSOG_5Bt2GCl$+K<u}Gc3VVQmq^xf4cmR?Az8;}{IfG&cdK^bP5X2g7ntYn*D
zUA+t7I0{CvU4gd`B5w+LF-)<#521?VTu+JNb8U*D5>C2Gj(1N-S3IHUVi8NBnK7h*
zWFF6K5YzWDivH^|rkLVXc!vy35EUF^)Ca^aTlOIH*~&ZMq(`?#WBaU$>R1=au{iGO
zKy?*BADg+f|4ommT)M1G#FAYad*07R#KY_#9>GlDaD_d-QzVB!!};QlvN6u8m}^sN
z`@vq`;#0-E$?e*2^uPjNfx?*!cdNZmX_8TpWj^i#cj{ANB`XH-$mcKxgCIU@pHiz-
z5>K|56wFg7nUD2#r3^}uz3g!h=D!`b!U4Oq7BKqk%%lvmOe=*y76dampY}<q8SY&s
z7awVB4wuhe9S|Qha)v|~xvQ~DqnOgs)u*xV=~5^3_6YZR60(Z1K^HK+jxwUWVjjx~
zp?XUvVoc0VGv2}!PeUAwTVv_<poiWZ>OIKvqNEgC^zfV>oN8%gPnQ3HqEcGwrQJjL
z@)r@}xPe{%U@oZ=FY9UsVbd};`wF#jlXUY-5T{~pZCo{I_Z*~8LA$ruQsTEOtlMdD
z{c@pNr*N|oP9dW9MB+sml$sj%b~~ZqbR3#pY$KuefP=}p*9wW*Y-wr=0b%0pwe_do
z3yz+Nn2ylfrCIl;fzav5NTA4CQ;Arf+_Pco?pWY-j^O5`Vr?()mDY4+cAM3t^qSxN
zZhh|}`a_2?->xD}4#6APryTg@?mWTMkF<URN#+ftVSAdyr~c=qU-6PS-W{edcs;PL
z{<_G#jaymtyQ9iK4Gol`qrWUqhg@=;{f65t;g1_|g#d5iDE?PYJofcRYeo`c{e`qm
zMZZ|~1xX&@ZP=9;xwXo{;Sk?0!q^@{blV-d1)Tx=gUxmXPl*KPD-Oy}Z-b+bF#+F4
zID@e?1i!yxNIZ=lcSlC^k3KAkCdAh}<R6duTh!2|a&mO0(*^is#SQrJf#$_F&Y^cx
z2y$HFJm##f0e+seGTaH3I3K57`#O7Err66+K(RgsiD{i0F^Uc5Qq4TqM%N!}W$@s-
zzlp{y`-kC#jc-h4cPV`k9N>X3Og2J5Tm+77GHjd_k4p|yYKW(qZzr7a+Lg#+T&3Ck
z>z9fG=zUX%>LbBD>%={twP=%PMn9on%_qy{D=c?CaF3tk*=RfNBM~(e1xR)L?vm}C
zp0?ME?S-KCZ&ZwD-5ol&lT@0d90`wMLVDoh5;p=RMlMIWfZ2Rovow6<WQCF|u=NK=
z0pD&oD=TB0A?ts`8MwO?j4w?I?I?j+4Tjj$Wyzs;dtY~+4K}De&f5R7J2KS?0F?+4
zdga1ZuOasYVl*@H1J895kd0n@Rp<3oT&)-SKb~_x?Gm%?m#IJfs7NK=#VAGJ7S#*t
z*^Mca+_4t}^jHMyFp}I6=@lOO=z-CUr=(Iu>w56fyi1wT5Ri9s-YJmIA`b%6fhH5@
z!sQ1qtRe3&kM#^UYsETy$+-b=an;mX_Rv}-yToKYLQkV7n&$mjp>PJ8JXn-Ip^lV3
ztxNPLz8Vqy!LC_X3`0q?uAp<PYgw$wAlPWU!yHcMOit;^c2Q<SNW9NF5#|<<#N{`B
z5Z>wOEUxe6_$$Yi6N(v2gOa2yAo)-hTdIi6^RPD)1DKr$ra32%3?Epr<^A@w+X3W$
zIspO4TT~A&k7e)=qqkhbFx@T<Z$G~7S*$V{*EXZX<w`FeQ)<C<ZF4~=JT-4g+Ff^D
z=>@K2-OE39!m)y56K!E+T}>DgcnG!{sFMK529lH9!Zv%uCQ8UdeXl8lG>x+<gBpt~
z%t>249E<s{m!UJJ)VC5qe@!`-3E=-WvY?8Ol{OaRQX%{>OZSOLWL`5aBI<SkL8Lm}
z@9X?LdkJ=|KH^kH;ss%mAuVR!sXmQX*`2jM75rUL%^TEd$Q;sG(pA~Qi;W+@Cj(69
zDC($uByi9L**#cBa2x#gJhQI8_Jtsyn~P?XQR5}t%bvBvnY<_P90(xeN01w4t%5^z
z2yUMjsIEf2CG65e)Cz)U{0;FTtt*_5?Rk?AGpZhuBC<{PzT6<5`fQSfHn!psxU(&c
zG;9|ju!)~4_w+58I2wG)+9NfSn-t=rZ`lx(#zu^I{}JRst3)=xgp6r(6(yo6fS+m7
ziW=I<c3RGH*mzImmVCa3fZlDe+o<E9vn{iD6g?kOQ)O=kU!89!G=||)x2tjd=^!&n
zY?;*L4UgGEdijI2wSknjrl(oU?{0mf9*H)>H$1!uH`$4HG5Bd#W^*Erc^g=Kr?4P{
z#f=P{bTxelI%1^sC*PObq)C5WQa5x`NUIE0iv|9)d=zB$z4;uJf1394z`g6dx(AiJ
z>_`0}(7QDqPMTV$8oonaG-O>pe{UWR#gVX!CzuobHrn{4H6F<&Qm~B`IOaE^Nn-yy
z4sY0!6#F~}D@nCyMM_YIRn5=UU6W1K5!FnURl}4s20k`bhPP`+rqe<RfKFC6TUOvj
z2p@;yGIt%Rqer5Z{Ck3ah@HZwIhhF?dji`P7V?-d!mZ~UmUIgqFv9>P#%r=#mEZ>I
zrfiuPbPF^PH&bdt4tJQnNeqzExVEieyG-#GQMUU#K(ed@{uwDHGvW=S9x)nWbe0{}
z1sdtgSaCXHQ1pDC(*_R@rN%yIhRPk`MO%PaTcd0@W>K}m(Ewv)IdrF60?#f>mx}PB
zUhNLltgA^Ik@RB|sDK|sB#p%t9~{vdA6Cg?LXTfzXfuT6U=W<n3Z2dISJP{Kd#^=O
zhVMD!w{7f`$S@49e%LwN%raTRrbO600RlU}pD5Pz#AVnhUd?0bOmZhRyWWeam4qT+
z8D8vEqj>!RLddUyFGU@M!4)FJ>k_J+!tGz$!EBMB9AuY#>TVui*l)=HcB~~<ykXUO
z(trX^q<>}$rWJUtH;62tZz>9W?HLI#9QPcdqXv>V2e2kVD!C2gugQH}A256F6%r2p
z_~nvntVU@h4>FH&Qq7*HCOd&(S!G|6y%i;dgC3D^Nn7xF`&$*DKDLaLnn<k5MK{C*
zAs$a)M&ulsl|wy<&?==>!-YWzrr6&DJ-$dH!D2Sq4Uh;(eY4`fSs!U4x2IPq*xrC0
z^u9oTm0RgAblU%#8#8JGhcEpYI7%L(B1y4*jjT8`j|~wLVWJ?kL2i?E)yL7wFVvjR
zkElKZx}mJBv26I9<<SsIkp~$sob+?4$3V@xg0_gIVC~tD;@r(I_;Fs~?P($eLDug3
z@K%v4)Fcnsv#E&}Qb_l_2dWD~G%v8K1u@lq^O&h52PG&zAtGdpDP%G)X1=Q=+I4yt
zTx(9|i#kaKOJR7(gm8Ow3Fb(n?~4qfO?6=lWeH3j4om)qyZ}+W_YL(0^84?bv5})@
zKI)WJTVi2L*<@1Tx;PEWJuI{V8+xUo2jKS&_(*#Lwus@W`vemLCky0E=E923n^8(0
zM9QFyT+%;eqAFT}y$H<VigM_EoSnk}SJ)A+Z}W*08H`Hk-QxOB#DXwA!#%qx)(%9n
z%Qk;ux|J<af0m;_%=RVAt`fX~M_dX<kmzqtC|#vH_^{rjjtq$>v}<I+x&@BSU*@F6
zQ=bg%J?L~8CdrA9Zd>sB1G<j~$}f?MtmU`ZXVxwI-ND|n0F*v1+3>8tt!Oqv><JwN
zp<44pbVchWhsv|Az_AnrK|#k0^;r;@^v}Y`tz7CstyCqIC0TS4B~#MLEfS+aFMRU+
zNqlniyhH|POo<{~B!27>uJf}~w`0p2cYuikx?s7eMR!XOrOz)fptaQbkA4_QPJ@o@
zX|!%^D#+J#;d!h6^fyp9Gb^=OJFXViX9DoR!E9K@;RmhO(e07T1e=7|ZoIXNqWAXE
zOCns#PY()%msm71Pj@0|0}=wU6G|;E_HDXg7vHa<Svct3aKZ9>x6qV6{O2-zk-ZO!
zdsZl%3#wNAFv{!{Ab_2Zg|U4}3Jic&!%9*ZP|JY!*fuieD>IV;8|G}wbMdrsGvyuz
zwD+IWJ797)*|ypgM~P!!ZHOd>%f=*m6PXFQJRJ(Lzq*ir`iTA+4nEe9kUm@{s%DR9
z$j%W5(z)H`qeO0iFg>CIfM~#|T)vdI>>9Y10sC;CO(ygK1k3#VWB7dhr!6m%Shr_Z
z90f8nPdZBCH&qlc5RPcTcZM{iS~Z_&P4ffAz8|KG;|e@P@@xH<lHA}}kg+H>QE-J_
zTnJ&BBZ|<l>Pd2=17Fu?gmkjBAeGj$5k>EtF}~TWHb6|p`Mh8<5LjhH-7CtmgX~?y
zP+((+GSQm~sTpP4)?sNvq4aq_&A#$9K@4vZeFR4j*xn_!;@BRWe%)N0K$4GHZ71-0
z{~{KUL=p)z@q0Anw<S9&Kb%|^EG7(Pkd~IlBC4v_NRf=*UU51n5JzY^h}3Tjs&%bm
z5JmTQCT#s&9vl$_>Sbl>tzo~rk)r`%_B@O%p&OA|gMBh2KCZnQQqdWNXe@-p3tOzx
z0n}zU=$7xuNx{&fmfUaA^U<9k(EAkBV1$2$MHb+lhaIt&<j-iP^+s>SE*;{e0)GIo
ze`AS2b1^4ztuQO766?){#EZc3gDy?XxOzW`fDl_I-pzo^r_xI<Iu5)%CAUf9c*d9M
zx+*^QoeVLfu{7`3lfC5(3fWNrRMZh<zzTxzfCf@GC*`*JUak8&)^~F)1-aj`31r<P
zfC|0Gg`kudOO+8`yr%SV)qld}+Fpy$af7<~=-v5>(sWWa_l7fBbO3to?7Hl2b5H^3
zwVH;nHtf&Ld!H&NlGSXe{9C<tH%G<;`+u-rGLBC3nIfg*MIsi1BG``&O-1V!P5K{i
zdqeDh81|cM<9TfFTH+TJ!)>mQaFE;V1dX%EfhwNSsLHc;EFsz={1C(?9;t9}r+Ry2
z$_My+rXa%_8);ZF*_`7eOZ03w$=vqYZFlo$wlt;cS{~rc+rr?PT#F-}PLF@v&-LAI
z^$$XR<Zqzhgs>pMR{+aXB8OI7;R!6}_ufC&06%@xZ;<%v{uAF}qb%6jAP8Cvv5g_|
zTK`Y{wx^^(R`&~(=NTwa#^ELYlO+&K`x*|h$l7cB7u+UV#?^U1o);FA&%MG^+D{?#
zpFL8fJvHSh1%;q`T;q-sY4Q8?=o|((idJXj7N!l`JdOh3c&R84t8ZtAzwPs*@Mfyz
z1qcq~9f)<~MRp}BB)v{E@19&)))6ouYW(#_=T%?GC8Ni-j+y)uuE+MRKKGZcNsnyy
zZEtv!DoP(PG1U`P<>a1u<4R3X8r$rFE~2fT1M!m&)kGe>ua26;LHsLlvaUXkx4q;n
z-13^KyY<_oU^rzEsWF0>N+29>ssn9?4Z28@+g7MOdgs+lNWA{jP+u8(GRyYB7}aFR
zrTwxm!^<5{yz1Bf4<mI@3@ffGi>fTcSA1o)e+?V3ymP<Kj{3$23yNbu!#m;PN>4!P
z*~2J^;&?%|A00Nzq3Ql058whNpCp4vtRU%ahC<_3ibXDZr2x$Oq6fNI_8+2iKDFjy
zb!&0&do;e{jpQd+Cf1cx`t(Yu(t$Q;T~_$i^apIf9!SVopf=hOq{=S+a*X{!;WHUL
zFA$LnIq`85k9bb;ULL@6x8%%>oz07g=FWx|ecM?5z0jrWCncuzBT<IeM{28Zd*$L%
z*MMBBZkP}8>I-dzw!#x^+;2`1kP}xhT#7~mM==xwtzia!)EiL}MLi2@2;jo+dF$e4
zaBjfl<+jUo7-{Ky)?J9L`=LHcGqAry&ULm`hbe)vO0@bUoyydYczuI1;ewIU2l<!P
zN!6uDHHA^b`iOV?$%S^&Fh*b($R2yw6waY12ZD_-fua;qA7oGX6G1%BGNxl(^uEr{
z1RrPZ?r}X9`3umcOw-NYGul(A>X>Sj-m>c?TB@^1@=qI&kjI!0C-SZc9E^=E2lhe6
z0-vHEtgB9fH?-xVwYK`~x>hOx3~&iyR4|C{lRj#J+6~BO&OKU_-_q<S%Dh~b50&Q^
zZRSkSOMcr(r+Oz3Nh<DtoNB0lPi7DP;kf)YzIo7kgSCfs*ghv@uzOLu-AauHUqDZB
zM9eTWdfYeB+x{&Su-2~j-!Y^Ez((pP>)}p~6Agqxy|hn>9e<V6o^*e#N<Jn)Vg_{z
z)kv+<_lXL5m;6mVG;4eG>m1i>tD2qf6XI4pcvxAh>U~id89GHziy;(~s?Yk*hbsfJ
zK>jzmdFp!4m%rJZEE`bPp(wghTR7D9xuJe>1D(W)^IWJ!w;r$AKi8Dc{43l?-<{D-
zNs17?5$@D=>C3~h3aawI4=jj;4G^cf&$`B<cTQlE+6a)hTmkolnXSi*#0Jj^myi0v
zCK~mCw!)iNDfH*UIM~c^J>v@M|7K?a4ne%Y>k739Ln0Jqg9gNIQ`{stLrzPmmN^6W
zuKDvqF(UbMNacQ!p_R$2oU{Oz8X}eyEXcN$l?VIvBNm@rb{3q+IUlw8J^1e@-`+<b
zRIUCaDeV7!9x)I$z~&SY<HxJ~9>s_VspoKo=tloTdXSl+-u)st_J3Eopa})+S)~az
z1J-T$rD}u)9d$`B<opu)ys!PF3X<8S3^Z(%unvhZD^hjry>Fs{csBt~UR&(Dy8w`%
zx<U>l3ZTUZ<P-%1=qYUyutUC{!U`;x$Vm{ZqB7^FX0CeJwvZ;kf+x6a<poZ0<*F`t
z63M9PKhi)%1^j1D|34qXtf<qLXFzc_=aU`ZVYN$3zvvQYVA)1o&o3T?#ZdkU|FkUa
zrABU{#kpS!oy0Y}O5gIkOCC5auxbn^w>^2Qx*`LtSwK^?&;i(FVk)H};u*(5`SIZr
z+O*mNQ)oII2VDeCEv@trPZb-_doWH2WIOF!&Uc<W1`71w+Y4cf2p}Q}UmC58IH}=a
z6Dmu*(QG#&>fV2@EOIAK6B{vuk7-%+X~>vr0pXpCTkB(WGga!T2(aWY^6<(tQJT(-
zNTllZ9G7$wvv}0y4wz(=vGTbzqoO-pqRjI5c#{qzI;zYLhtf^|M9HcOUK2U%Pi6pj
zZKz&MF(ae+Dw<s$hQHsR+)eJv^}lLUGfo1lkzyz6O;g$wM^^LB#bxO*C$o(eA18OU
zXkF2v6mb4AxQG6hV{*(V*m#VGe6v%lZX6UKY`RAu>v<1r{>yL`_Nbvo+A^OunH{^!
z@*}Q?y?7aijg-|zcj_<xv(Qqr667^<g+aOv<kxOQ(e7W(m3v}2imZquGZX9Pv&`bo
zIkqbr?vA+}TBz>*aS{}#%9MElyVbHl53k0#QaH^vw<AtMVeU=u3OREFt8V=9u@O45
zWGeIUmPOr&@=4LMA9d#$jq%t?X$<+>cbjUdY5e;J#FBR(NP5%|$1%cZfr^J3R%_Zp
zV3&^UEf)PNXs%|#8B@@}2ez+Ck_tmaOXn9+920I0AL)EvZ#?`knS%uB!ZE~WXNl-k
zVFQbwf0d7D9dnHI38>91GF^Grh386^(|k|}Ikr{s1Mj@MKEuFr7w35$e7e?SMfKfG
zUXiRzc-SsP;WP=P%GWK#J@WQj^Gxj2js(lFVu^A(1a7Lo!mmTV45tIM`?3@`{ZU{=
z9^4sTfetfI>D1S|)D+I|1YiJ#%)kJ_%1p=nhx$}<Hb<xEq5R#|MPuR`UB{n{MM`IG
zW7mgY6Yj0Q8&JB9unz0O94^Nn#AQ7};>Qmi_tyD)v6ongvSc_wm$nH1oYBq+|4|Q}
z?kPwANOAV5OFS6`ndGt_VY<=-AD`m^CA}7ifj<|hgQ*CJ{{=>8p;GS%(Ss!Y+3dfu
z=aeHPkj2&6Dui#|6N@z!Nc><`lhgDy_6b?GC!pIuiUKz@`Bx$>%B#$F)-*yTT;||}
zHi)NY881BN&uqE*)z%Oa@FjB}LtzyQ6@!R9#0GY1!;r_x%hfc!ZUMnO|GS=sldfy2
zS>?XuR1iitj!C$>Z0|+z_ROx-tCs_-vszSCf9a0aG~NO(iaU;8@3TZxu0XZdc8+nm
zoSb4A;k+{h?5j2PEz}4f0zeyqwTG?6p+Aw;*~~VWlhT$giNFhRl9qU6&Y@3kG<_@9
zyj!40p*lUKIx_`~JI4q3`Kg{&>T+r8n64E5a+ZvH4YeFhp*c8DZiKd!h!T$a$3{i1
zwN$Q3#J3%L<{4pIvyN}-i{+J4Po40S)bJ6$hq&xvK)|%A(dIq`mVV8RO6D{oDsrqq
zSHsfGzKx2C3Bhl^ne6vVsD~tN7RBy=GgGhxR;lnhi|OgHnTc0mrFL$VEec{Uq!j3K
z?&|;`Iu_?s&xAZsL!{!~;j5h?^f@`6qF{BZo!KH@f<`5r)0dhMlGt7D^SAb$Do;UK
zXI*eB88%lF<GC8QTg1#<MPu$+$FKWhuz$q1fGlYBq}pG(QcAe68obc6RHZAwb$vV)
zo^yCoGTu2=7`DowYp1>lYu~V??ek1a;4fLumx`!pXiVH-_r4LrX1iWfT%Be?IhSHh
zvV?bfeaEU2b84o~Y=VN{L#PeCmOhc)yE^*`mt2d%Ma9=Pm22%EeIL~7T#)pPr7!Fw
z;=xq(<o5hKfWz(nnYv{>$7oF;NBPJkkFWv!vH7lsG$9U_{BbxrPT(xT_J*>6+s?#*
zS*shBSkK*2-DEf#I<CGx3%a(I*sP&OmHd^Wlq)UES^Or~f)VC!@Vie$48%&H>pE<u
z5Fv-_cs5pFQW3t~?ZJXFmcAC}A>`Q`GPy4TnisVR-)pugY%d<&cvJN~S9Zgn^ss$G
zP$!RdMBJMU9^X+6!8M=AL9{A;L%n_`gtIp`eZlX-2p8>7w9`efCeWZ99i)g^OQSTW
z0xB`ukR*hv5Kz8t(M6s3kj`cf^@2dJCg=RFHlG8Hk<$GG{2a5;GZKCq&84Kb4v*KW
zeI7SVXd(q!HLM}%_g|bal<%%}&`{R*>3h>%a-O7J)9rQ#HcM5B5o}YHQyJg#YlBbB
zF*DwuqMrKs!W++D&RN+ggOfncc@_<{rH!2oKr1ypHK!}w%#KK46SYA09&g-?`O;#%
z1rlVE#oUQ=F=^?TW0j&`G51o$nOd94zJzo39loe=yjK2GK16jg0;qQh1ACQ%4Zx;3
z*sYL4?V6dw58QM3-+o}ivL6p8VKOX8vJ(X2Jcs!(E4R*Snk%m|?uB4y4Hy0tNYKf7
z=?|)cQ%P$*Es*Lh!cjYK6)XS4f%cSl*IP;>8S>#(vU;YV?2O0iuIH|-K+QgVsk?JH
z^XXJuRr+nAmY!B`Y=3gKD!YJf7z=;~BhXM;XSS{ypRqvs2DjP@qno9ijQI_q5+l4r
zBooC{zEFZ2cuY8R(CXZ4N6h7v#KF%s{1VpY^z9q7N9%AHc7<RHYZ`W(@B+Aga4h?H
zI}<Y%9-k%KQF_7^nt-8NpYVjhm}Zm7N}6|ASw(Axnfv|ewYi}iEx%#J>36D(K;=&E
zpEE~N2lz-y?Tf>|8PCF}-^m&_OQm9HM{G`rBnrBS6OOnR^j{VeU%}JzFv~Nz;=K;j
zCji*;<$aSKu~6aWh@zB-@A3N?F53CrzT_;q`<84Thuj>*qs}~*!!2D0a{Zk+wR>$N
zd49{C0&lmwSP6~!ENgMWG;ud`IX^)xGZ<zC0dgJrbn`WCkBGhR3&?>P-U&G*wf<;Y
z>{!7$gfzeO{0(t@pn5T81ToM9s&{D|4ZhY1dNJWl-pembsm6bN1I%KBq=UVihrv2a
zDl5a?18>9z?}Svw6=wUL&wc*M+4O0UaGA1Xs9q_-u!q-|Db5>ik$A`;e76%}C(JSz
zJ@91rn><Vp-rR=N({F!zxf@Iz0bJvdSaRv9jI$fo)q7}tYVt#B@|PZvW$FPOL}05G
z!4D@iC9`>*dFbxiN<SJ5a99hE+N|Gm4|gC%5S)9#H2CC&`pPzQCt6{&k(lp=4EKk=
zel5g*B{=;h)CV(f5c-~l5f~#DAcU=Ojt-9UHNvg$?hnr|${e`pj-E`J7}9lS=YvFt
zxK{)m9-~5gv2zk(FK32vXLl;&Ao!!WRd}IP=XP#03Er88+D~5;cR{tU8RKZ}UxHH)
z4;RgRFXFP4!D%HJ?6@LZmwH=YIWp#qZg}Y8<kniU2{eixe7I8XNls4eDbJQ4e2tEM
z>SFLeX;ziN`TC5e^NC_`oyV`0HR8U;ZfK|r9;z#i#vLD4SXChmtjx${oVV6U{Vi<x
z6X(OH%Wj0Z+5q|Dq4Y~pM6YPbF_$Flq3;SbHF;4GB$j-k(Xb|~l8sqTlluV?@v0`>
zpd_MlZbi8k@nx9T`CVJYl34o!@~}N41QI6=m@)b_q#R3u2_YWaAKOg`2IwY)!Wq@3
zr+g%w0+k<p^ea)P9CN}mw`4oZ%nWhqG^xzmtkminOKt!PJ+9YsYPS<EqY6k1@1PR6
zt)ZW3YlLS@x90kbOIWmr(0fK!$$koLq}h;FY4K|3*H4}YXS7klBqr*d?C_-Uj2(Wc
zPh+5(-Ae@L#fvE_U8!}Hur|r`7FM=~?c5MKRA4}>c@Nk{HW;Zlb`h)`O8%g<2_jpr
zup=)wJ67$*NG!)dMTM6mFzCc?1!jBMlv^XHKW|uIKDcaKs7m|06C&kOhB*Rzr*)Q@
zTOzgC!hVBX#d;JI&o>xB;Y!xVipjszDfKp`Zhtkutr%sn`U^bNHOZT-6JN6yMp4`@
zs-;fmMRDpz{Bl;tnx~=OsP#9)^M4cknY<nx1<Ff`_#k|II9vgM9SA&t2nsRz<E?GJ
zOu&6Ul=KJ*w#dNYCLc$!^TF#d<WF*vS08=~I`8?#A8S<v__1NllB4E5)}u*{+lRPl
zALpe{vS(yt8=wO?ujSke(C))0S^RCzB@8o>(|ungR+!D^>@ld=d%R{!OzD@m`0X{{
zdn%)CU7);f&(u$;wBiKteb3G=<L?u*h@Sq4)->1->*?95F+v9y#8Vf@{3k(bmH;bi
z)--cqsgG_VdPQ55*b%>pOKjX$T{AuKdSkI)f3vNuE`U9~J4JLmx67>6>);cKr-1;4
z<R^`62O1Q`g$Z#JZ%#=?3^|Rg12yjOX}X6=me4mCjONNeABwFi|Dchpu%V0y5UW8y
zaJXK^`nCG$1s)e>lAE|JMOG780~xIy&*4v2i{<~u;jmHbT`F|!($1($6u5$d9y@}Z
zxpP`VnaK!ijaou_Pinv1wb+s^(`k>$-$agYSQ2wn7M&)nr&e#YUgD@05`e60;7U~0
ztla;mapdA4$tR(2SN+di@BaN0xQuQF;W?n(FytS7JVe5s_Fu}EkoWH(+o7)|SJf;`
z<@#UQbLlMNf}S$=Hq`Sb9A>&eyu<=`7mJ_&R!utyl#j?w%Y8Z<@#Q+8xmPsdBlfy@
zJjL|Sdpx0E{~q+7Ti#upJ~)rDkEx~u#s6Ub^dL1<BknaHo1n=G+3HVB+<?jn<uJV!
z9B$`Hi;A|&jS}{j0zonYo7-<YjI(^WX}K#bP2!D<X^M#i5#310?lek~Bc4mXP*Cf|
zzg1z8a!xR49R64V(;wGmKPhPJi}i(3M~DF~k|xmWm1gXzR!mfX$xboHfV>2LFU`Hl
z1iIu}ai;rj5-}S@0}PwD)Vpm8R+4`v=w;C)b-4fJ0s&?bUBayhak>2!oS%pcI0(<)
zRI8S1ZfU8hUvuA|9h*oSzK!06{{cnS1Oy-(@AeGPjn~(U_kf;77~RXevR|KTrT)WR
zV7;5hCtBk!t;UGwPhv(V;V(Sf(FP4kO5Dn{x`H+9np-2XJIfa(+@(Lu)Q_=_U&VQg
z!mOfjz@ekl=?$oUMCu57ik7VXGdoS3j?sE5*U?c!-z3%HR_qG*L$O|laV?xHI^UMh
z!d%`qX?4-!JW6<#41{Suw3I?2nnW<fJ!hgAe!os*C}sXr!kJRC4a@gObN=Kj$i53N
zkm0zGY0qx4Q;3XBu#)`2rw<lyj{`2rZh$kkpIyNY`jHb5!b25Qq4dJ^Vp`ag>yDKN
zyu-${$D$2mW(N`~M9sMCaH!N&z!t%QqA^P+GF}@tv+)SCbGB!^IBp&{g|w1^ur?xz
z(-XxR4nf91yN-eWA_7eS1gJg<N$#?u0o%&glhM{*#aO+h4q!zDEu(yg@p(g6>~W<!
z!>r(C%R@O7NDf=T_yssDVX1kj5M`@MyT}SC{m<W#tUv#OJ9_^B!fHEnbiUoy4PT~@
zoVn%46g&-Cb;)4o-;UnyQ)pA$jwY(jg}mg;n+5u~nM=ihB~!i!kMnl;tk&82Q*sOE
z{%(%z`VNLL&dm1RD;cjI_cbtq3_;kzPwLqc_0^;_QsE#MC&^g<S+rLev{*?If0AVZ
zDGChum9*FMQK*Jv@1nNIDLGYj9D3`4mWa@!lSBZPm7Sh<yPfli+;mRSg{+xQl9r|l
zUs-AsB1HL|9p2xygK`H81q2KEAD=3%7X6s=O~(-V<gpoZeO9ZEWD9%^pA;2l7vjN)
zo-PDzzujHgeZ<#2bIgyqwG!63G#RL$kw+y&=CuUBN!4M{(83=|)<b{i+3x$cbZ#Dg
zmZ^Sg&TxI&=p+>@H0xLl)A?qE+tG%kk65jzdj6)9Hn9@pWLMH(C-$>&y3fH)JyOhv
zrcmM=N*lq@*TaRBiM()u15?vDj?Z|hxZUByeKoD&f}3TzAm13?mFCvdiqV7G_#{1c
zqol9(QMFMtPZkZ9a@11z-gXoHN<F=PHG-HMuO=t3Sn}BWW;*D~vHlFrQcm?YTJ;Ss
zi&V?`G1lk4bob*L5+DUv-?qDr4s`FGNpq!P^FM}zGN1j*P`vHR#8vXMRn`P9f?J$4
zZa!@2yVjxs6umVX7OcY-@8lt?=M6Y0n=DpZcJtU<{-q4$Qr?oYYvw~Uy*Z<Q3UDGj
z+^HPC0@{!5IjyZ@dQR7$Ck`2<XjZiOxs5!db-wxPwv45QD{H!sJt_6+hxdJ*rWnhl
zP~8K|1UI1b&VKs{rOQF6Jj?0O^U1-cHSs;7%R&0-nV4^UD)bkMsa~kAa+=2uBb{91
zihRrv*~5H2L})3qTSjhu6oP0ToXDW0J<V6=OxyMR8NJ#SHz&9dd}&ypb-AqUowT<^
zUR6pgVDeWE^+CfKCweNpcupBrq|}+R_)oj}oYNhjrAWhEQ|m8A!AYRhR|s+TR!Z5o
z2ab}DXqZyeX>x#d=O_K1alY>M`xJMKQ-wT1Wwa|V^&ozKQ$|#@GcDGH9@3PGd#3GD
zS)Zf+8hGMD5IfaDbq3gt=+BhRx4kk4cuMzSoh?$axZj8ta`UG-cx8HO$#gxE3&hgo
z!{t8=rfalo80;9bAYr0<Nq~{A7hVj)d)glPta|nzC;4%KAZtI|I)&&Bw^QeEi3d!h
zG7Bbm_Y|y;p#^*GVy%QBrM!o+Q*X7f5%HLRTB0BGL+Z|ZpehTB5gGihQgqk`y84TZ
z+Fpo`^&W=<M%-dkQ`WEB({Zo0Fx>IR3IizOOKm+WGA^}{rfUVuSNG9r^m%HpIw}bt
zZsiY#>V<t0UEp>GDR`C@2=o$`m8C5>*=|aVKz!Y4S+GXd8FZuILrq_98t3rLWWT3K
zKHISNy+>Kzm(sc{wQJM_T+t{9$dKVUapOQV8jd(U5(jh&XHA1)iI)4pRNkwzT^*xx
z<TJ^3Z#bKI-UqqhJ*RMyi*uIen~gh2kMNBO>cq<l!2Z~GB-=2y#4GzNy_Wqbx%yCa
zHuJ0FXLU3pxrq0QzqoO4_n!r~rD4x+IQ-nL)hm^+##`lUvtK2MP5-&oFRP7J*mn?-
zn7;yJ&8f=}S+w=8w7NUYLjVX`7;3ah@%sV1a;Y9W!P<i<4V5;~PoWlPauo_g5rbAB
zRH?}y8BNc4B*h++(m$Xnu(6BonW|lv*pzR(f%qF1E)8Gzc}l&+MLN`_?IZc~o1{K>
zB<+%Kl<*De@;Wl>v*sM`8ZLNztpsMkg&A>AHgohVlF8NM%(A;kUH67divo;DQY(#<
zYLy`x5YY;{Hjf~v(RK!+7y#+RR;wE`KCcF0!ox*rtJ7m0)JV`cpj(<Kq>x;{o~x8`
z`@FNvk>o?BerhK{%mI5gQJ`R@{j=#eA$Ylf4IhB4C%b&qOkgbqK?5cfbj<>K-;i9h
zT7_~}iItJyJQi|W^Q)J_aZczmQ7P8<y!|Xj?m?NgCcC>~50blK@1XOal?stU)3%>8
zEr#11xc2UbEIWI7k?ruYAM2`zTkPeMS8dz8k7TenoJym4+sFkswUiPCwkQ@a$iHn@
zOEeXrAewi(Dh1>a(AF-ToOQNPS=5-*(7Wo|-PVdu>XTlDmv6tJ!tu3g?3%1TeNCpZ
z9hO<SpddEa=XeqrJg%=G;+nWNz>eioh^L0A3KqUfXr5fSqqU6@&TR^m%3zD}OFQit
zo3La%Ei{D#xSWd1i$53BYpIwP&0~{5FIg#e)zu4nE;g#Q=#`933ZO%{{?KbiK<|M<
z;MaS&Ab<FN>Y{)u%>(kJG~unmdSJ9ROHMtiT@DX)jWv>&0+G!!Y19h+qta`la%jV=
zxfDQmd0RmquF@52RYylGhii(wLOBQ;9k=q7bujLA8}EN4pbx^vbWHJrfiV4*Hkk4R
zEEYaior8&8adg>5ph93H!$WYZzHu6PI!AdpQqfsfWkbQPz3wQI%Szdim=o&EDlZD?
za|n*iN@^<_Ww#4<qfVrcD4laN*+4zomvk-p{Cd0cQes6^IJuq(23=NWWs1)*1evw(
zH^@-<E4>YZ^U7d7G-$SLPqnmIt)puO6uUzR;$4VsJM2`?o4Xpa=}rCjv|>tA2;$qT
zOThmH5f13At#E`abAOT0D!w*-*uC`Q#FQ!JHFlMntlPP)B|B-_Ai1oiH18JKjQgq4
z@ZG!1)Filo=9-LT8D5c4j*6%9Kuf2hckw9Lq~ZqV=v;j6L9<pLWw@m9Rq+b1K#z0(
z#6S+G$c81ZM7xAY#2=KRu!9F~1=@;!V@P_2Wk0z6B_Y5z7-q?U=k{>i*(AZi@ws;(
zv-SqTj7b*zf~}=Oa8&;%o3kgIl7jMX@o8vT;n$t=>wlxw-N8l(%UP>Yj7u}(;Ad8s
zu^v}z=CwMU!{%BG)nZ$~kKWWAW(G;z)OtOo(FaNbj<CEX!}1U`ay(RAv@^RI#!i&%
z(~4q=rMcueyuczM!{hb!xY>5gFy(@#Qt5f)1mR2ZSDof~JM}ek4w==-IzIn(>s)V3
zvIZg&Q+L1dlxqV3oHr!a7NwSkDe0<YXTCn%)LM3~>Z14KOq18y#Icv+D=6&m@ZHdy
zqZ^B@e$epIv3v=Wgs{A{et0c1T-5n6e@wC*JGJi&6OdUus@vB-3<n_#*i7}?5rn-=
zL0c=2t}7D>^($yg+ULJcn#QK-h#l5vHsS)-yQ;cg@SeOK33?{G$|aPn%wYk@c6_I4
zZsD*2vDg*Nf}Y)=a#=kw=8qiJ;wRS3)@~|GJd+drxPOqU*{%R81gWvX20INOA<mLk
z?~*}I<GGPFaIkX+^5vJsmN~^o<w4~w2g*6Gl@rmI1Vv5*7>B-v9QZ~X(2R(J+&m3R
z@XD|P%@4PRy9xA)+VCC&zoUqb)enWZkABl%Dk0bEIbT>k@pq@P^^PSe19j-E8#)h7
zAuyzK4y1<Bk0h!qPVa;L!SfKUp_y;UnCJoD#nU(}^wHL&I8oPX5d2;f+^iyUUe~5w
z@bA30oj|3|t!$%FZTaC8;~%HAOYinTz2JL){ooh{S8w8AZc81%&E8En(z8d6QOY<@
z(kZ5)n+9l5i|~Ny)GxlAJ|1=m-6j@FiZTKKf@f0?oU7Dn!i#S|UkhHdB0(;e4SXzT
zCuT2pZ<OfW-a|H6npx7UR(p+?yu{*f>aqwMcZjq-Oqt@Uq%`ZWmbDsD9!5^7vp0z;
z%z_7G7xCQTsqq*S&QN;eBb>Q=$4p8de_Npok=pF??9F9(HlJ0$YpFGwKH&OcFE+R2
zl@AuAd*=_5N?b{<-1zToes^>}5Vu9PCz5?@87R))iZf64xWkHhnL58KWPi*)RM(O3
zUfylUuJ{oUHZQ2(*WMdMDNC@7cA4rW@>%^wMlI~t2w|GGROsU*pHs$+YrYbFCj^|G
zDr22eTwALEzWf{RQG^-LY`f8^aI~X`QJV<y6;7zhNW32ybK}!$@fQEC<T+JND!G;U
z=)<1U3<Vk6A-fis@*a@+zKqdf^Ak&MW6TJu)^*+6_p3~2Fg;rp5#<_k-;aIx#N*yn
z9Hz0CWwcF0qNQJ~zFzG7R{fzKg@R)0(IA&V0+IRn%VrsJ-3~txN8h9JB$NU<Kz9SG
zEuj~}2`&Q9spVZKVN7mCV)t>tkt(j2Es^6yZY{zfM!f%vN@vP@>B=#>uX2Hm+-J^7
zJ<p?7+$}0|QB)atGtx%XL+*Cs?#7WC`v)<;eFVcb;sei0=q}~1VCR=qgiEaKKB4k4
zO0=vKl<BEzUh36zc&#yT+uUHIs!Wus4s1C96Br1<ddq1MqY^Q9f{@;|P4R~eo473y
z(bBY5pOlCZ7yoG_zDB-G*aAK7IP13T=m*$1h50~$O;F)n5M!ZP^Kav5u&kUiJZ)X%
zVJ3K<Hax|}b0`<(xA`?w8X`K(y@L;F^BFpo&9z-tOun~@=h;=d`yk3-EHX7*5G(Zy
zDTZeYf2vanE}Pi0JUl>l^?u7D9S=zeSTSZP^CLfsFsNXH{lTM**(9PrbUoOV0I}?v
zF~yeyqki*bFGR#c8kielTrR(zKU8$SC%sY^hG%0vYBm)N9O0_NOLB&^d3JIU?*Afe
zqa~%~c7)_uxx|e5#=<u8?0VLNH)gCn#2P$UhecbnC$n2;eWDHX&#aR1gQbwm{6#SD
zf`Y^49JJ#oQt&f1N*MPEQf0g=5`(#MWydXCQyHExEVjyNBrunOfWwUMJoQp(Chto&
z2(VqT@yT7Lf*97TySHg8JA9~hE#!nlTN3Cj>n}7iU^WD@){2V+X9mAw<dlpdMT2xt
zs_h=UEoIUZG5^2-8fH9I8S}pO4Nx*qfC48&MvPR+$pKZu)#Niewji^1W&2b>Vx4G%
zayV;6b;xpgGKAT_k61R~wpbDORp1L#s7k3g?m!xooRaH~UgqgvEW?XL4usJ9dS+#Q
z^mBjQ^LU|QKGjb*X^;=&o3(uenwqbiO_kH#A`P1J%@aHLn1t68PXuDbm?%JSLAs;7
zK3V1wJNC?=CL6X+vN9Oi=2$BttAQ`~a#UirC*2pH(<U{aRs!JaGau!i$E)6MER3>O
z4!_^jRWal~%D9@ZAYc6re$Wi;JT;cHkH{MhCO~=_^X(;gx)t<zBnt`{K-Nr6JBx?o
zyc8>zi1@Cr`ky`cB>+Z_wfd#zsQ^ub;`4Bo5q9XA!!Uq>OP)a*yOFi;JAoQaZUISQ
z2$o!R@RX}`DE|1Z;JS$H0So*vJcqIEtJ@+Gr|UGbbOBPWBO=VwjmkSGd)EuM<(e<F
zvznWldov+t$!o~QU3r!=Yj1N=(a(052h*+P_i30P9cZmTrFuC{hK*sq1pbQk<qu=^
z_|}h_`iesS0Esg5;iLaGw7umhbvfj>b>g^4z--uWr0{?`9B5QUxP_F-jQ9%!Qn6t@
zqRB)th9#cmrYc`zDP-{ARt+~KipzG4y0h|xQ^w#7X<u$R;g{$Gqc+`sBQnONuXdxO
z<JHwMe_H{9-`b-PH0#q&QJZ#28#|yXzJhu&+B?|h=d73B12z~8U}3+8d&FYMR0%d`
zkgKx!@)Ee|&DuI#BQCTRiWSa(u<B-BMk7an_qO0=TeMxc#VA*!a@|11`6d{fb~SXl
z96%GIzkr4B$3eQshG>IWwSYUB>BHV3dj9BSUR>cm^I$KHi+CypxiDm8IgK>BMCr3<
z;F$CH_$YKLyJbTww-hbyncj&m#G&_n&3e%Z8paR4V8Ou}D(b9xJr5p-(O1Uh9nxgq
zCGZ@U6=uf=aspM)!yok%rcY%X=h+Zp)96{KJL|{%>J7Df@;SNv>B<Am$8I`g1xao?
zn}N+e-H`oebi#}oq6%|@O1u=nh2;A8-|h7#GO0azIZ(fCsY-rIS{oTiFOJhB)uQX;
zEm?h8^D?o8>w1|Ok>cZ#=#JY9?gNITo=(R7^KHYOmyuoy{Sl)v;^A&9Qa9Ea(lHD&
zWu<K00yYM6YuE+`&Wn#BRi{&;wu-sh&B6aJa}=@nLFmYZzmb#3WjOntR}EW41hG+|
z^wK1!Qv@QvumJ8tF$aDQ)X-SEKS>FLOS=QMYD_N2Y390&SG&7FkiU10;aoCCpoVbo
z<Kqv$G#2ETo}W1CO_c;2f<n|{KHz%xE&s5lHJu8AF%Lit2b`4BdgA>{zeS3n?RdVf
zrhSi{3+z879kg9kG$V#6*gu{j9H4p#DBLk&WlyWyq-*+{*1-(<TC8A40#O%U5c>7_
z_#c!i4=`+rZDd=^jVgN|AklG7LT@51I;FSK+_}WBB=bbw>2iHv+xW+IymbHmnhv5X
z<(Oy42s;qDmMwwPipx74V?p~V94z{LW5x1r-AuVhI^BHu$Gi3J8CdOU76%JiEehzq
zU;C~*PIH0u!~Fvz$0q_VX3Kkj$8TV+`kl)e4HDe?L>U%fe~GkUd0t664G)_j4+)o1
zj#SPObUwrg!byOjLzT!N+5x{BG1GR+mhOi}EG1rCBj-TfQpmshwy{BNPaUtTKcATJ
z=Ir@dn3el1SfHh3yIVU(+-0^Zd!ErqX*{%%bI<ke#3lhS4d+9@b&4-MB$v(V&0QHk
zsZp+<a;5=abr9YtouY>=B-bW?YlGv?J`0p7e6ie+x6LC>pn*;B*&Z-`y88P!$IiZg
z{lq9@@q<1L)&6eBg>xhR@3&oe{H1Paq0xqzrU<F!JVS{ozq<~G3#^6p`bU_yOL2v_
zca@jL`9M&3b|K8A(~;!_pvGB3<qSC*(52Fj-h%$(tO3_FG*+;}^)row%Y<jhoYSZB
zA&lwz$5>N0#O<kSLHnebcp>QOI=}qCX47yVLijT_8`tEwy!HV!ml^uRz9_JSQFoS!
z&Elvd@&Nua_p2?%wp_0+=o<lu5QU{?<|)WTwpC;(Q_A=hUxRHo?83oL$cR@R%|$w3
zk6Kj-${zxRLm1+-l33n9;=pYq1%iL5XPnz`Q%{+2!G(JYC^FMgHpbsyT+|SupN#Fm
zrsRBqOstDI-7t!uFFPP+TUrQpl{7Yo<veTjOL_9E1Oo&AD<dwV_FbL#6g9P0V1)O^
z;B#R!kz~4?4njtxS9*0t;PpI2@P)drp&h3zQ%zx#0>@d>*ha&+Ao}6Kd&XRzAnY&B
z-14O82!}iRjz^w`p7u=+nw!dn>X7EoqTK5iWxfPS*zbu7)<RPkiJw%`Yr!NW@qf_R
zjK&8uU`H|ldDNaN+(FVi#6fR6_|d4m`!#OtURJIvf8%3iO@I|@sTL<&u;hLryxi2Q
zz7mEts0BEAHTFpH_^)3h#;^i?NIcha6>=kvtiK43qg5#TV#mU!>$>8HIe8<{A*(Uv
zL{q5f=9=kzx>)>Ezq|9L$r9K=!w*ObbGUdyAzaqGx>^(-Y}QBWQYC0ZcdXCV2x0r0
zKu(iD>$Xd=^LMj}{<fH%Nwpe6`}B|VBao82-%$y_=F0*~{faDXN7j0j)4t>{7pqdw
zrdlPBMs(@jIJ-HhDCmj_FUCqZ#?uv7{4e{BMx>XMHZEf?=ZI8+Ci#eeeW?#cS*9a+
z-QnCWn{0a7p0SqF@)p_(@_#9e|BnytnBGrFCr+S$%90ii80aS>p(tK0Y8doC3$1@|

literal 0
HcmV?d00001

diff --git a/packs/cks-trivy-0.21.1/pack.json b/packs/cks-trivy-0.21.1/pack.json
new file mode 100644
index 00000000..bf8c1a6f
--- /dev/null
+++ b/packs/cks-trivy-0.21.1/pack.json
@@ -0,0 +1,17 @@
+{
+    "addonType":"security",
+    "annotations": {
+      "source": "community",
+      "contributor" : "spectrocloud"
+    },    
+    "cloudTypes": [
+      "all"
+    ],
+    "charts": [
+      "charts/trivy-0.21.1.tgz"
+    ],
+    "displayName": "Trivy",    
+    "layer":"addon",
+    "name": "trivy",
+    "version": "0.21.1"
+  }
\ No newline at end of file
diff --git a/packs/cks-trivy-0.21.1/values.yaml b/packs/cks-trivy-0.21.1/values.yaml
new file mode 100644
index 00000000..3a5619d4
--- /dev/null
+++ b/packs/cks-trivy-0.21.1/values.yaml
@@ -0,0 +1,172 @@
+pack:
+  #The namespace (on the target cluster) to install this chart
+  #When not found, a new namespace will be created
+  namespace: "trivy"
+
+charts:
+  trivy:
+    nameOverride: ""
+    fullnameOverride: ""
+
+    image:
+      registry: docker.io
+      repository: aquasec/trivy
+      # tag is an override of the image tag, which is by default set by the
+      # appVersion field in Chart.yaml.
+      tag: ""
+      pullPolicy: IfNotPresent
+      pullSecret: ""
+
+    replicaCount: 1
+
+    persistence:
+      enabled: true
+      storageClass: ""
+      accessMode: ReadWriteOnce
+      size: 5Gi
+
+    resources:
+      requests:
+        cpu: 200m
+        memory: 512Mi
+      limits:
+        cpu: 1
+        memory: 1Gi
+
+    rbac:
+      create: true
+      pspEnabled: false
+      pspAnnotations: {}
+
+    podSecurityContext:
+      runAsUser: 65534
+      runAsNonRoot: true
+      fsGroup: 65534
+
+    securityContext:
+      privileged: false
+      readOnlyRootFilesystem: true
+
+    ## Node labels for pod assignment
+    ## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+    nodeSelector: {}
+
+    ## Affinity settings for pod assignment
+    ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+    affinity: {}
+
+    ## Tolerations for pod assignment
+    ## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+    tolerations: []
+
+    ## Annotations for pods created by statefulset
+    ## Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+    podAnnotations: {}
+
+    trivy:
+      # debugMode the flag to enable Trivy debug mode
+      debugMode: false
+      # gitHubToken the GitHub access token to download Trivy DB
+      #
+      # Trivy DB contains vulnerability information from NVD, Red Hat, and many other upstream vulnerability databases.
+      # It is downloaded by Trivy from the GitHub release page https://github.com/aquasecurity/trivy-db/releases and cached
+      # in the local file system (`/home/scanner/.cache/trivy/db/trivy.db`). In addition, the database contains the update
+      # timestamp so Trivy can detect whether it should download a newer version from the Internet or use the cached one.
+      # Currently, the database is updated every 12 hours and published as a new release to GitHub.
+      #
+      # Anonymous downloads from GitHub are subject to the limit of 60 requests per hour. Normally such rate limit is enough
+      # for production operations. If, for any reason, it's not enough, you could increase the rate limit to 5000
+      # requests per hour by specifying the GitHub access token. For more details on GitHub rate limiting please consult
+      # https://developer.github.com/v3/#rate-limiting
+      #
+      # You can create a GitHub token by following the instructions in
+      # https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line
+      gitHubToken: ""
+
+      # Docker registry credentials
+      # See also: https://trivy.dev/docs/latest/advanced/private-registries/docker-hub/
+      #
+      # Either
+      # Directly in this file
+      #
+      # TRIVY_USERNAME
+      registryUsername: ""
+      # TRIVY_PASSWORD
+      registryPassword: ""
+      #
+      # Or
+      # From an existing secret
+      #
+      # The secret must be Opaque and just contain "TRIVY_USERNAME: your_user" and "TRIVY_PASSWORD: your_password" as k/v pairs.
+      # NOTE: When this is set the previous parameters are ignored.
+      #
+      # registryCredentialsExistingSecret: name-of-existing-secret
+      # skipDBUpdate the flag to enable or disable Trivy DB downloads from GitHub
+      #
+      # You might want to enable this flag in test or CI/CD environments to avoid GitHub rate limiting issues.
+      # If the flag is enabled you have to manually download the `trivy.db` file and mount it in the
+      # `/home/scanner/.cache/trivy/db/trivy.db` path (see `cacheDir`).
+      skipDBUpdate: false
+      # OCI repository to retrieve the trivy vulnerability database from
+      dbRepository: ghcr.io/aquasecurity/trivy-db
+      # Trivy supports filesystem and redis as caching backend
+      # https://github.com/aquasecurity/trivy#specify-cache-backend
+      # This location is only used for the cache, not the db storage: https://github.com/aquasecurity/trivy/issues/765#issue-756010345
+      #
+      # In case you specify redis as backend, make sure you installed a redis server yourself, e.g.
+      # https://bitnami.com/stack/redis/helm
+      #
+      # In case redis is not enabled, the filesystem will be used
+      cache:
+        redis:
+          enabled: false
+          url: ""  # e.g. redis://redis.redis.svc:6379
+          ttl: ""  # e.g 3600s, 24h
+          tls: false
+      serviceAccount:
+        annotations: {}
+          # eks.amazonaws.com/role-arn: arn:aws:iam::ACCOUNT_ID:role/IAM_ROLE_NAME
+      # If you want to add custom labels to your statefulset and podTemplate
+      labels: {}
+      # serverToken is the token to authenticate Trivy client with Trivy server.
+      serverToken: ""
+      # existingSecret if an existing secret has been created outside the chart.
+      # Overrides gitHubToken, registryUsername, registryPassword, serverToken
+      existingSecret: ""
+      # extraEnvVars to be set on the container
+      extraEnvVars: {}
+      # sslCertDir can be used to override the system default locations for SSL certificate files directory, example: /ssl/certs
+      sslCertDir: ""
+
+    service:
+      # If specified, the name used for the Trivy service.
+      name:
+      # type Kubernetes service type
+      type: ClusterIP
+      # port Kubernetes service port
+      port: 4954
+      # sessionAffinity Kubernetes service session affinity
+      sessionAffinity: ClientIP
+
+    ingress:
+      enabled: false
+      # From Kubernetes 1.18+ this field is supported in case your ingress controller supports it. When set, you do not need to add the ingress class as annotation.
+      ingressClassName:
+      annotations: {}
+        # kubernetes.io/ingress.class: nginx
+      hosts:
+        - host: trivy.example.com
+      path: "/"
+      # type is only needed for networking.k8s.io/v1 in k8s 1.19+
+      pathType: Prefix
+      tls: []
+      #  - secretName: trivy-example-tls
+      #    hosts:
+      #      - trivy.example.com
+
+    # httpProxy the URL of the HTTP proxy server
+    httpProxy:
+    # httpsProxy the URL of the HTTPS proxy server
+    httpsProxy:
+    # noProxy the URLs that the proxy settings do not apply to
+    noProxy:

From ccfb6c3e238e2299701612f27765c9e5950ba64e Mon Sep 17 00:00:00 2001
From: edwin-villa <edwin.villa@softwareone.com>
Date: Wed, 25 Feb 2026 15:20:33 -0500
Subject: [PATCH 3/7] PAC-3765 - Upgrade crossplane pack to 2.2.0

---
 .../charts/crossplane/.helmignore             |  24 ++
 .../charts/crossplane/Chart.yaml              |  35 ++
 .../charts/crossplane/LICENSE                 | 201 ++++++++++++
 .../charts/crossplane/README.md               | 185 +++++++++++
 .../charts/crossplane/README.md.gotmpl        | 112 +++++++
 .../charts/crossplane/templates/NOTES.txt     |   8 +
 .../charts/crossplane/templates/_helpers.tpl  |  32 ++
 .../crossplane/templates/clusterrole.yaml     | 108 +++++++
 .../templates/clusterrolebinding.yaml         |  19 ++
 .../crossplane/templates/deployment.yaml      | 298 ++++++++++++++++++
 .../crossplane/templates/extra-objects.yaml   |   4 +
 ...-manager-allowed-provider-permissions.yaml |  14 +
 .../templates/rbac-manager-clusterrole.yaml   | 135 ++++++++
 .../rbac-manager-clusterrolebinding.yaml      |  17 +
 .../templates/rbac-manager-deployment.yaml    | 141 +++++++++
 .../rbac-manager-managed-clusterroles.yaml    | 227 +++++++++++++
 .../rbac-manager-serviceaccount.yaml          |  17 +
 .../charts/crossplane/templates/secret.yaml   |  39 +++
 .../charts/crossplane/templates/service.yaml  |  25 ++
 .../crossplane/templates/serviceaccount.yaml  |  20 ++
 .../charts/crossplane/values.yaml             | 222 +++++++++++++
 21 files changed, 1883 insertions(+)
 create mode 100644 packs/crossplane-2.2.0/charts/crossplane/.helmignore
 create mode 100644 packs/crossplane-2.2.0/charts/crossplane/Chart.yaml
 create mode 100644 packs/crossplane-2.2.0/charts/crossplane/LICENSE
 create mode 100644 packs/crossplane-2.2.0/charts/crossplane/README.md
 create mode 100644 packs/crossplane-2.2.0/charts/crossplane/README.md.gotmpl
 create mode 100644 packs/crossplane-2.2.0/charts/crossplane/templates/NOTES.txt
 create mode 100644 packs/crossplane-2.2.0/charts/crossplane/templates/_helpers.tpl
 create mode 100644 packs/crossplane-2.2.0/charts/crossplane/templates/clusterrole.yaml
 create mode 100644 packs/crossplane-2.2.0/charts/crossplane/templates/clusterrolebinding.yaml
 create mode 100644 packs/crossplane-2.2.0/charts/crossplane/templates/deployment.yaml
 create mode 100644 packs/crossplane-2.2.0/charts/crossplane/templates/extra-objects.yaml
 create mode 100644 packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-allowed-provider-permissions.yaml
 create mode 100644 packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-clusterrole.yaml
 create mode 100644 packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-clusterrolebinding.yaml
 create mode 100644 packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-deployment.yaml
 create mode 100644 packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-managed-clusterroles.yaml
 create mode 100644 packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-serviceaccount.yaml
 create mode 100644 packs/crossplane-2.2.0/charts/crossplane/templates/secret.yaml
 create mode 100644 packs/crossplane-2.2.0/charts/crossplane/templates/service.yaml
 create mode 100644 packs/crossplane-2.2.0/charts/crossplane/templates/serviceaccount.yaml
 create mode 100644 packs/crossplane-2.2.0/charts/crossplane/values.yaml

diff --git a/packs/crossplane-2.2.0/charts/crossplane/.helmignore b/packs/crossplane-2.2.0/charts/crossplane/.helmignore
new file mode 100644
index 00000000..f70b97c6
--- /dev/null
+++ b/packs/crossplane-2.2.0/charts/crossplane/.helmignore
@@ -0,0 +1,24 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+# Templates
+values.yaml.tmpl
+README.md.tmpl
diff --git a/packs/crossplane-2.2.0/charts/crossplane/Chart.yaml b/packs/crossplane-2.2.0/charts/crossplane/Chart.yaml
new file mode 100644
index 00000000..5dfcdaa0
--- /dev/null
+++ b/packs/crossplane-2.2.0/charts/crossplane/Chart.yaml
@@ -0,0 +1,35 @@
+apiVersion: v1
+appVersion: 2.2.0
+description: Crossplane is an open source Kubernetes add-on that enables platform
+  teams to assemble infrastructure from multiple vendors, and expose higher level
+  self-service APIs for application teams to consume.
+home: https://crossplane.io
+icon: https://docs.crossplane.io/android-chrome-192x192.png
+keywords:
+- cloud
+- infrastructure
+- services
+- application
+- database
+- cache
+- bucket
+- infra
+- app
+- ops
+- gcp
+- azure
+- aws
+- alibaba
+- cloudsql
+- rds
+- s3
+- azuredatabase
+- asparadb
+- gke
+- aks
+- eks
+maintainers:
+- email: crossplane-info@lists.cncf.io
+  name: Crossplane Maintainers
+name: crossplane
+version: 2.2.0
diff --git a/packs/crossplane-2.2.0/charts/crossplane/LICENSE b/packs/crossplane-2.2.0/charts/crossplane/LICENSE
new file mode 100644
index 00000000..ef10385c
--- /dev/null
+++ b/packs/crossplane-2.2.0/charts/crossplane/LICENSE
@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "{}"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright 2016 The Crossplane Authors. All rights reserved.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
diff --git a/packs/crossplane-2.2.0/charts/crossplane/README.md b/packs/crossplane-2.2.0/charts/crossplane/README.md
new file mode 100644
index 00000000..5620595e
--- /dev/null
+++ b/packs/crossplane-2.2.0/charts/crossplane/README.md
@@ -0,0 +1,185 @@
+
+Crossplane can be easily installed into any existing Kubernetes cluster using
+the regularly published Helm chart. The Helm chart contains all the custom
+resources and controllers needed to deploy and configure Crossplane.
+
+## Pre-requisites
+
+* [Kubernetes cluster], minimum version `v1.16.0+`
+* [Helm], minimum version `v3.0.0+`.
+
+## Installation
+
+Helm charts for Crossplane are currently published to the `stable` and `master`
+channels.
+
+### Stable
+
+The stable channel is the most recent release of Crossplane that is considered
+ready for the community.
+
+```console
+kubectl create namespace crossplane-system
+
+helm repo add crossplane-stable https://charts.crossplane.io/stable
+helm repo update
+
+helm install crossplane --namespace crossplane-system crossplane-stable/crossplane
+```
+
+### Master
+
+The `master` channel contains the latest commits, with all automated tests
+passing. `master` is subject to instability, incompatibility, and features may
+be added or removed without much prior notice. It is recommended to use one of
+the more stable channels, but if you want the absolute newest Crossplane
+installed, then you can use the `master` channel.
+
+To install the Helm chart from master, you will need to pass the specific
+version returned by the `search` command:
+
+```console
+kubectl create namespace crossplane-system
+helm repo add crossplane-master https://charts.crossplane.io/master/
+helm repo update
+helm search repo crossplane-master --devel
+
+helm install crossplane --namespace crossplane-system crossplane-master/crossplane --devel --version <version>
+```
+
+## Uninstalling the Chart
+
+To uninstall/delete the `crossplane` deployment:
+
+```console
+helm delete crossplane --namespace crossplane-system
+```
+
+That command removes all Kubernetes components associated with Crossplane,
+including all the custom resources and controllers.
+
+## Configuration
+
+The following tables lists the configurable parameters of the Crossplane chart
+and their default values.
+
+| Parameter | Description | Default |
+| --- | --- | --- |
+| `affinity` | Add `affinities` to the Crossplane pod deployment. | `{}` |
+| `args` | Add custom arguments to the Crossplane pod. | `[]` |
+| `configuration.packages` | A list of Configuration packages to install. | `[]` |
+| `customAnnotations` | Add custom `annotations` to the Crossplane pod deployment. | `{}` |
+| `customLabels` | Add custom `labels` to the Crossplane pod deployment. | `{}` |
+| `deploymentStrategy` | The deployment strategy for the Crossplane and RBAC Manager pods. | `"RollingUpdate"` |
+| `dnsPolicy` | Specify the `dnsPolicy` to be used by the Crossplane pod. | `""` |
+| `extraEnvVarsCrossplane` | Add custom environmental variables to the Crossplane pod deployment application container. Replaces any `.` in a variable name with `_`. For example, `SAMPLE.KEY=value1` becomes `SAMPLE_KEY=value1`. | `{}` |
+| `extraEnvVarsCrossplaneInit` | Add custom environmental variables to the Crossplane pod deployment init container. Replaces any `.` in a variable name with `_`. For example, `SAMPLE.KEY=value1` becomes `SAMPLE_KEY=value1`. | `{}` |
+| `extraEnvVarsRBACManager` | Add custom environmental variables to the RBAC Manager pod deployment. Replaces any `.` in a variable name with `_`. For example, `SAMPLE.KEY=value1` becomes `SAMPLE_KEY=value1`. | `{}` |
+| `extraObjects` | To add arbitrary Kubernetes Objects during a Helm Install | `[]` |
+| `extraVolumeMountsCrossplane` | Add custom `volumeMounts` to the Crossplane pod. Supports template expressions. | `{}` |
+| `extraVolumesCrossplane` | Add custom `volumes` to the Crossplane pod. Supports template expressions. | `{}` |
+| `function.packages` | A list of Function packages to install | `[]` |
+| `functionCache.medium` | Set to `Memory` to hold the function cache in a RAM backed file system. Useful for Crossplane development. | `""` |
+| `functionCache.pvc` | The name of a PersistentVolumeClaim to use as the function cache. Disables the default function cache `emptyDir` Volume. | `""` |
+| `functionCache.sizeLimit` | The size limit for the function cache. If medium is `Memory` the `sizeLimit` can't exceed Node memory. | `"512Mi"` |
+| `hostNetwork` | Enable `hostNetwork` for the Crossplane deployment. Caution: enabling `hostNetwork` grants the Crossplane Pod access to the host network namespace. Consider setting `dnsPolicy` to `ClusterFirstWithHostNet`. | `false` |
+| `image.ignoreTag` | Do not use the {{ .image.tag }} value to compute the image uri. | `false` |
+| `image.pullPolicy` | The image pull policy used for Crossplane and RBAC Manager pods. | `"IfNotPresent"` |
+| `image.repository` | Repository for the Crossplane pod image. | `"xpkg.crossplane.io/crossplane/crossplane"` |
+| `image.tag` | The Crossplane image tag. Defaults to the value of `appVersion` in `Chart.yaml`. | `""` |
+| `imagePullSecrets` | The imagePullSecret names to add to the Crossplane ServiceAccount. | `[]` |
+| `leaderElection` | Enable [leader election](https://docs.crossplane.io/latest/guides/pods/#leader-election) for the Crossplane pod. | `true` |
+| `metrics.enabled` | Enable Prometheus path, port and scrape annotations and expose port 8080 for both the Crossplane and RBAC Manager pods. | `false` |
+| `metrics.port` | The port the metrics server listens on. | `""` |
+| `nodeSelector` | Add `nodeSelectors` to the Crossplane pod deployment. | `{}` |
+| `packageCache.configMap` | The name of a ConfigMap to use as the package cache. Disables the default package cache `emptyDir` Volume. | `""` |
+| `packageCache.medium` | Set to `Memory` to hold the package cache in a RAM backed file system. Useful for Crossplane development. | `""` |
+| `packageCache.pvc` | The name of a PersistentVolumeClaim to use as the package cache. Disables the default package cache `emptyDir` Volume. | `""` |
+| `packageCache.sizeLimit` | The size limit for the package cache. If medium is `Memory` the `sizeLimit` can't exceed Node memory. | `"20Mi"` |
+| `podSecurityContextCrossplane` | Add a custom `securityContext` to the Crossplane pod. | `{}` |
+| `podSecurityContextRBACManager` | Add a custom `securityContext` to the RBAC Manager pod. | `{}` |
+| `priorityClassName` | The PriorityClass name to apply to the Crossplane and RBAC Manager pods. | `""` |
+| `provider.defaultActivations` | Define entries for the default managed resource activation policy. If defined, a default MRAP will contain these activations. | `["*"]` |
+| `provider.packages` | A list of Provider packages to install. | `[]` |
+| `rbacManager.affinity` | Add `affinities` to the RBAC Manager pod deployment. | `{}` |
+| `rbacManager.args` | Add custom arguments to the RBAC Manager pod. | `[]` |
+| `rbacManager.deploy` | Deploy the RBAC Manager pod and its required roles. | `true` |
+| `rbacManager.leaderElection` | Enable [leader election](https://docs.crossplane.io/latest/guides/pods/#leader-election) for the RBAC Manager pod. | `true` |
+| `rbacManager.nodeSelector` | Add `nodeSelectors` to the RBAC Manager pod deployment. | `{}` |
+| `rbacManager.replicas` | The number of RBAC Manager pod `replicas` to deploy. | `1` |
+| `rbacManager.revisionHistoryLimit` | The number of RBAC Manager ReplicaSets to retain. | `nil` |
+| `rbacManager.skipAggregatedClusterRoles` | Don't install aggregated Crossplane ClusterRoles. | `false` |
+| `rbacManager.tolerations` | Add `tolerations` to the RBAC Manager pod deployment. | `[]` |
+| `rbacManager.topologySpreadConstraints` | Add `topologySpreadConstraints` to the RBAC Manager pod deployment. | `[]` |
+| `readiness.port` | The port the readyz server listens on. | `""` |
+| `registryCaBundleConfig.key` | The ConfigMap key containing a custom CA bundle to enable fetching packages from registries with unknown or untrusted certificates. | `""` |
+| `registryCaBundleConfig.name` | The ConfigMap name containing a custom CA bundle to enable fetching packages from registries with unknown or untrusted certificates. | `""` |
+| `replicas` | The number of Crossplane pod `replicas` to deploy. | `1` |
+| `resourcesCrossplane.limits.cpu` | CPU resource limits for the Crossplane pod. | `"500m"` |
+| `resourcesCrossplane.limits.memory` | Memory resource limits for the Crossplane pod. | `"1024Mi"` |
+| `resourcesCrossplane.requests.cpu` | CPU resource requests for the Crossplane pod. | `"100m"` |
+| `resourcesCrossplane.requests.memory` | Memory resource requests for the Crossplane pod. | `"256Mi"` |
+| `resourcesRBACManager.limits.cpu` | CPU resource limits for the RBAC Manager pod. | `"100m"` |
+| `resourcesRBACManager.limits.memory` | Memory resource limits for the RBAC Manager pod. | `"512Mi"` |
+| `resourcesRBACManager.requests.cpu` | CPU resource requests for the RBAC Manager pod. | `"100m"` |
+| `resourcesRBACManager.requests.memory` | Memory resource requests for the RBAC Manager pod. | `"256Mi"` |
+| `revisionHistoryLimit` | The number of Crossplane ReplicaSets to retain. | `nil` |
+| `runtimeClassName` | The runtimeClassName name to apply to the Crossplane and RBAC Manager pods. | `""` |
+| `secrets.customAnnotations` | Add custom annotations to Crossplane Secret resources. | `{}` |
+| `securityContextCrossplane.allowPrivilegeEscalation` | Enable `allowPrivilegeEscalation` for the Crossplane pod. | `false` |
+| `securityContextCrossplane.readOnlyRootFilesystem` | Set the Crossplane pod root file system as read-only. | `true` |
+| `securityContextCrossplane.runAsGroup` | The group ID used by the Crossplane pod. | `65532` |
+| `securityContextCrossplane.runAsUser` | The user ID used by the Crossplane pod. | `65532` |
+| `securityContextRBACManager.allowPrivilegeEscalation` | Enable `allowPrivilegeEscalation` for the RBAC Manager pod. | `false` |
+| `securityContextRBACManager.readOnlyRootFilesystem` | Set the RBAC Manager pod root file system as read-only. | `true` |
+| `securityContextRBACManager.runAsGroup` | The group ID used by the RBAC Manager pod. | `65532` |
+| `securityContextRBACManager.runAsUser` | The user ID used by the RBAC Manager pod. | `65532` |
+| `service.customAnnotations` | Configure annotations on the service object. Only enabled when webhooks.enabled = true | `{}` |
+| `serviceAccount.create` | Specifies whether Crossplane ServiceAccount should be created | `true` |
+| `serviceAccount.customAnnotations` | Add custom `annotations` to the Crossplane ServiceAccount. | `{}` |
+| `serviceAccount.name` | Provide the name of an already created Crossplane ServiceAccount. Required when `serviceAccount.create` is `false` | `""` |
+| `sidecarsCrossplane` | Add sidecar containers to the Crossplane pod. Supports template expressions. | `[]` |
+| `tolerations` | Add `tolerations` to the Crossplane pod deployment. | `[]` |
+| `topologySpreadConstraints` | Add `topologySpreadConstraints` to the Crossplane pod deployment. | `[]` |
+| `webhooks.enabled` | Enable webhooks for Crossplane and installed Provider packages. | `true` |
+| `webhooks.port` | The port the webhook server listens on. | `""` |
+
+### Command Line
+
+You can pass the settings with helm command line parameters. Specify each
+parameter using the `--set key=value[,key=value]` argument to `helm install`.
+For example, the following command will install Crossplane with an image pull
+policy of `IfNotPresent`.
+
+```console
+helm install --namespace crossplane-system crossplane-stable/crossplane --set image.pullPolicy=IfNotPresent
+```
+
+### Settings File
+
+Alternatively, a yaml file that specifies the values for the above parameters
+(`values.yaml`) can be provided while installing the chart.
+
+```console
+helm install crossplane --namespace crossplane-system crossplane-stable/crossplane -f values.yaml
+```
+
+Here are the sample settings to get you started.
+
+```yaml
+replicas: 1
+
+deploymentStrategy: RollingUpdate
+
+image:
+  repository: xpkg.crossplane.io/crossplane/crossplane
+  tag: alpha
+  pullPolicy: Always
+```
+
+<!-- Named Links -->
+
+[Kubernetes cluster]: https://kubernetes.io/docs/setup/
+[Minikube]: https://kubernetes.io/docs/tasks/tools/install-minikube/
+[Helm]: https://docs.helm.sh/using_helm/
+
diff --git a/packs/crossplane-2.2.0/charts/crossplane/README.md.gotmpl b/packs/crossplane-2.2.0/charts/crossplane/README.md.gotmpl
new file mode 100644
index 00000000..bc6f2b18
--- /dev/null
+++ b/packs/crossplane-2.2.0/charts/crossplane/README.md.gotmpl
@@ -0,0 +1,112 @@
+
+Crossplane can be easily installed into any existing Kubernetes cluster using
+the regularly published Helm chart. The Helm chart contains all the custom
+resources and controllers needed to deploy and configure Crossplane.
+
+## Pre-requisites
+
+* [Kubernetes cluster], minimum version `v1.16.0+`
+* [Helm], minimum version `v3.0.0+`.
+
+## Installation
+
+Helm charts for Crossplane are currently published to the `stable` and `master`
+channels.
+
+### Stable
+
+The stable channel is the most recent release of Crossplane that is considered
+ready for the community.
+
+```console
+kubectl create namespace crossplane-system
+
+helm repo add crossplane-stable https://charts.crossplane.io/stable
+helm repo update
+
+helm install crossplane --namespace crossplane-system crossplane-stable/crossplane
+```
+
+### Master
+
+The `master` channel contains the latest commits, with all automated tests
+passing. `master` is subject to instability, incompatibility, and features may
+be added or removed without much prior notice. It is recommended to use one of
+the more stable channels, but if you want the absolute newest Crossplane
+installed, then you can use the `master` channel.
+
+To install the Helm chart from master, you will need to pass the specific
+version returned by the `search` command:
+
+```console
+kubectl create namespace crossplane-system
+helm repo add crossplane-master https://charts.crossplane.io/master/
+helm repo update
+helm search repo crossplane-master --devel
+
+helm install crossplane --namespace crossplane-system crossplane-master/crossplane --devel --version <version>
+```
+
+## Uninstalling the Chart
+
+To uninstall/delete the `crossplane` deployment:
+
+```console
+helm delete crossplane --namespace crossplane-system
+```
+
+That command removes all Kubernetes components associated with Crossplane,
+including all the custom resources and controllers.
+
+## Configuration
+
+The following tables lists the configurable parameters of the Crossplane chart
+and their default values.
+
+{{ template "chart.valuesTable" . }}
+
+### Command Line
+
+You can pass the settings with helm command line parameters. Specify each
+parameter using the `--set key=value[,key=value]` argument to `helm install`.
+For example, the following command will install Crossplane with an image pull
+policy of `IfNotPresent`.
+
+```console
+helm install --namespace crossplane-system crossplane-stable/crossplane --set image.pullPolicy=IfNotPresent
+```
+
+### Settings File
+
+Alternatively, a yaml file that specifies the values for the above parameters
+(`values.yaml`) can be provided while installing the chart.
+
+```console
+helm install crossplane --namespace crossplane-system crossplane-stable/crossplane -f values.yaml
+```
+
+Here are the sample settings to get you started.
+
+```yaml
+replicas: 1
+
+deploymentStrategy: RollingUpdate
+
+image:
+  repository: xpkg.crossplane.io/crossplane/crossplane
+  tag: alpha
+  pullPolicy: Always
+```
+
+<!-- Named Links -->
+
+[Kubernetes cluster]: https://kubernetes.io/docs/setup/
+[Minikube]: https://kubernetes.io/docs/tasks/tools/install-minikube/
+[Helm]: https://docs.helm.sh/using_helm/
+{{ define "chart.valuesTable" }}
+| Parameter | Description | Default |
+| --- | --- | --- |
+  {{- range .Values }}
+| `{{ .Key }}` | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} |
+  {{- end }}
+{{ end }}
diff --git a/packs/crossplane-2.2.0/charts/crossplane/templates/NOTES.txt b/packs/crossplane-2.2.0/charts/crossplane/templates/NOTES.txt
new file mode 100644
index 00000000..f1c8a0c6
--- /dev/null
+++ b/packs/crossplane-2.2.0/charts/crossplane/templates/NOTES.txt
@@ -0,0 +1,8 @@
+Release: {{.Release.Name}}
+
+Chart Name: {{.Chart.Name}}
+Chart Description: {{.Chart.Description}}
+Chart Version: {{.Chart.Version}}
+Chart Application Version: {{.Chart.AppVersion}}
+
+Kube Version: {{.Capabilities.KubeVersion}}
diff --git a/packs/crossplane-2.2.0/charts/crossplane/templates/_helpers.tpl b/packs/crossplane-2.2.0/charts/crossplane/templates/_helpers.tpl
new file mode 100644
index 00000000..d9392f40
--- /dev/null
+++ b/packs/crossplane-2.2.0/charts/crossplane/templates/_helpers.tpl
@@ -0,0 +1,32 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "crossplane.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "crossplane.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Generate basic labels
+*/}}
+{{- define "crossplane.labels" }}
+helm.sh/chart: {{ include "crossplane.chart" . }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+app.kubernetes.io/component: cloud-infrastructure-controller
+app.kubernetes.io/part-of: {{ template "crossplane.name" . }}
+app.kubernetes.io/name: {{ include "crossplane.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+{{- if .Values.customLabels }}
+{{ toYaml .Values.customLabels }}
+{{- end }}
+{{- end }}
diff --git a/packs/crossplane-2.2.0/charts/crossplane/templates/clusterrole.yaml b/packs/crossplane-2.2.0/charts/crossplane/templates/clusterrole.yaml
new file mode 100644
index 00000000..bc0b3285
--- /dev/null
+++ b/packs/crossplane-2.2.0/charts/crossplane/templates/clusterrole.yaml
@@ -0,0 +1,108 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "crossplane.name" . }}
+  labels:
+    app: {{ template "crossplane.name" . }}
+    {{- include "crossplane.labels" . | indent 4 }}
+{{- if .Values.rbacManager.deploy }}
+aggregationRule:
+  clusterRoleSelectors:
+  - matchLabels:
+      rbac.crossplane.io/aggregate-to-crossplane: "true"
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "crossplane.name" . }}:system:aggregate-to-crossplane
+  labels:
+    app: {{ template "crossplane.name" . }}
+    {{- include "crossplane.labels" . | indent 4 }}
+    crossplane.io/scope: "system"
+    rbac.crossplane.io/aggregate-to-crossplane: "true"
+{{- end }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - events
+  verbs:
+  - create
+  - update
+  - patch
+  - delete
+- apiGroups:
+  - apiextensions.k8s.io
+  resources:
+  - customresourcedefinitions
+  - customresourcedefinitions/status
+  verbs:
+  - "*"
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+  - delete
+- apiGroups:
+  - ""
+  resources:
+  - serviceaccounts
+  - services
+  verbs:
+  - "*"
+- apiGroups:
+  - apiextensions.crossplane.io
+  - ops.crossplane.io
+  - pkg.crossplane.io
+  - protection.crossplane.io
+  resources:
+  - "*"
+  verbs:
+  - "*"
+- apiGroups:
+  - extensions
+  - apps
+  resources:
+  - deployments
+  verbs:
+  - get
+  - list
+  - create
+  - update
+  - patch
+  - delete
+  - watch
+- apiGroups:
+  - ""
+  - coordination.k8s.io
+  resources:
+  - configmaps
+  - leases
+  verbs:
+  - get
+  - list
+  - create
+  - update
+  - patch
+  - watch
+  - delete
+- apiGroups:
+  - admissionregistration.k8s.io
+  resources:
+  - validatingwebhookconfigurations
+  - mutatingwebhookconfigurations
+  verbs:
+  - get
+  - list
+  - create
+  - update
+  - patch
+  - watch
+  - delete
diff --git a/packs/crossplane-2.2.0/charts/crossplane/templates/clusterrolebinding.yaml b/packs/crossplane-2.2.0/charts/crossplane/templates/clusterrolebinding.yaml
new file mode 100644
index 00000000..9864fe58
--- /dev/null
+++ b/packs/crossplane-2.2.0/charts/crossplane/templates/clusterrolebinding.yaml
@@ -0,0 +1,19 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "crossplane.name" . }}
+  labels:
+    app: {{ template "crossplane.name" . }}
+    {{- include "crossplane.labels" . | indent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "crossplane.name" . }}
+subjects:
+- kind: ServiceAccount
+  {{- if not .Values.serviceAccount.create }}
+  name: {{ .Values.serviceAccount.name }}
+  {{- else }}
+  name: {{ template "crossplane.name" . }}
+  {{- end }}
+  namespace: {{ .Release.Namespace }}
diff --git a/packs/crossplane-2.2.0/charts/crossplane/templates/deployment.yaml b/packs/crossplane-2.2.0/charts/crossplane/templates/deployment.yaml
new file mode 100644
index 00000000..4af226d7
--- /dev/null
+++ b/packs/crossplane-2.2.0/charts/crossplane/templates/deployment.yaml
@@ -0,0 +1,298 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "crossplane.name" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ template "crossplane.name" . }}
+    release: {{ .Release.Name }}
+    {{- include "crossplane.labels" . | indent 4 }}
+  {{- with .Values.customAnnotations }}
+  annotations: {{ toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  replicas: {{ .Values.replicas }}
+  selector:
+    matchLabels:
+      app: {{ template "crossplane.name" . }}
+      release: {{ .Release.Name }}
+  strategy:
+    type: {{ .Values.deploymentStrategy }}
+  {{- if .Values.revisionHistoryLimit }}
+  revisionHistoryLimit: {{ .Values.revisionHistoryLimit }}
+  {{- end }}
+  template:
+    metadata:
+      {{- if or .Values.metrics.enabled .Values.customAnnotations }}
+      annotations:
+      {{- end }}
+      {{- if .Values.metrics.enabled }}
+        prometheus.io/path: /metrics
+        prometheus.io/port: "8080"
+        prometheus.io/scrape: "true"
+      {{- end }}
+      {{- with .Values.customAnnotations }}
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        app: {{ template "crossplane.name" . }}
+        release: {{ .Release.Name }}
+        {{- include "crossplane.labels" . | indent 8 }}
+    spec:
+      {{- with .Values.podSecurityContextCrossplane }}
+      securityContext:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- if .Values.priorityClassName }}
+      priorityClassName: {{ .Values.priorityClassName  | quote }}
+      {{- end }}
+      {{- if .Values.runtimeClassName }}
+      runtimeClassName: {{ .Values.runtimeClassName | quote }}
+      {{- end }}
+      {{- if not .Values.serviceAccount.create }}
+      serviceAccountName: {{ .Values.serviceAccount.name }}
+      {{- else }}
+      serviceAccountName: {{ template "crossplane.name" . }}
+      {{- end }}
+      hostNetwork: {{ .Values.hostNetwork }}
+      initContainers:
+        - name: {{ .Chart.Name }}-init
+          {{- if .Values.image.ignoreTag }}
+          image: "{{ .Values.image.repository }}"
+          {{- else }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default (printf "v%s" .Chart.AppVersion) }}"
+          {{- end }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          args:
+          - core
+          - init
+          {{- range $arg := .Values.provider.packages }}
+          - --provider
+          - "{{ $arg }}"
+          {{- end }}
+          {{- range $arg := .Values.configuration.packages }}
+          - --configuration
+          - "{{ $arg }}"
+          {{- end }}
+          {{- range $arg := .Values.function.packages }}
+          - --function
+          - "{{ $arg }}"
+          {{- end }}
+          {{- range $arg := .Values.provider.defaultActivations }}
+          - --activation
+          - "{{ $arg }}"
+          {{- end }}
+          resources:
+            {{- toYaml .Values.resourcesCrossplane | nindent 12 }}
+          {{- with .Values.securityContextCrossplane }}
+          securityContext:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          env:
+          - name: GOMAXPROCS
+            valueFrom:
+              resourceFieldRef:
+                containerName: {{ .Chart.Name }}-init
+                resource: limits.cpu
+                divisor: "1"
+          - name: GOMEMLIMIT
+            valueFrom:
+              resourceFieldRef:
+                containerName: {{ .Chart.Name }}-init
+                resource: limits.memory
+                divisor: "1"
+          - name: POD_NAMESPACE
+            valueFrom:
+              fieldRef:
+                fieldPath: metadata.namespace
+          - name: POD_SERVICE_ACCOUNT
+            valueFrom:
+              fieldRef:
+                fieldPath: spec.serviceAccountName
+          {{- if .Values.webhooks.enabled }}
+          - name: "WEBHOOK_SERVICE_NAME"
+            value: {{ template "crossplane.name" . }}-webhooks
+          - name: "WEBHOOK_SERVICE_NAMESPACE"
+            valueFrom:
+              fieldRef:
+                fieldPath: metadata.namespace
+          - name: "WEBHOOK_SERVICE_PORT"
+            value: "9443"
+          {{- else }}
+          - name: "ENABLE_WEBHOOKS"
+            value: "false"
+          {{- end }}
+          - name: "TLS_CA_SECRET_NAME"
+            value: crossplane-root-ca
+          - name: "TLS_SERVER_SECRET_NAME"
+            value: crossplane-tls-server
+          - name: "TLS_CLIENT_SECRET_NAME"
+            value: crossplane-tls-client
+          {{- range $key, $value := .Values.extraEnvVarsCrossplaneInit }}
+          - name: {{ $key | replace "." "_" }}
+            value: {{ $value | quote }}
+          {{- end}}
+      containers:
+      - name: {{ .Chart.Name }}
+        {{- if .Values.image.ignoreTag }}
+        image: "{{ .Values.image.repository }}"
+        {{- else }}
+        image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default (printf "v%s" .Chart.AppVersion) }}"
+        {{- end }}
+        args:
+        - core
+        - start
+        {{- range $arg := .Values.args }}
+        - {{ $arg }}
+        {{- end }}
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        resources:
+          {{- toYaml .Values.resourcesCrossplane | nindent 12 }}
+        startupProbe:
+          failureThreshold: 30
+          periodSeconds: 2
+          tcpSocket:
+            port: readyz
+        ports:
+        - name: readyz
+          containerPort: {{ .Values.readiness.port | default 8081 }}
+        {{- if .Values.metrics.enabled }}
+        - name: metrics
+          containerPort: {{ .Values.metrics.port | default 8080 }}
+        {{- end }}
+        {{- if .Values.webhooks.enabled }}
+        - name: webhooks
+          containerPort: {{ .Values.webhooks.port | default 9443 }}
+        {{- end }}
+        {{- with .Values.securityContextCrossplane }}
+        securityContext:
+          {{- toYaml . | nindent 12 }}
+        {{- end }}
+        env:
+          - name: GOMAXPROCS
+            valueFrom:
+              resourceFieldRef:
+                containerName: {{ .Chart.Name }}
+                resource: limits.cpu
+                divisor: "1"
+          - name: GOMEMLIMIT
+            valueFrom:
+              resourceFieldRef:
+                containerName: {{ .Chart.Name }}
+                resource: limits.memory
+                divisor: "1"
+          - name: POD_NAMESPACE
+            valueFrom:
+              fieldRef:
+                fieldPath: metadata.namespace
+          - name: POD_SERVICE_ACCOUNT
+            valueFrom:
+              fieldRef:
+                fieldPath: spec.serviceAccountName
+          - name: LEADER_ELECTION
+            value: "{{ .Values.leaderElection }}"
+          {{- if .Values.registryCaBundleConfig.key }}
+          - name: CA_BUNDLE_PATH
+            value: "/certs/{{ .Values.registryCaBundleConfig.key }}"
+          {{- end}}
+          {{- if not .Values.webhooks.enabled }}
+          - name: "ENABLE_WEBHOOKS"
+            value: "false"
+          {{- end }}
+          {{- if and .Values.webhooks.enabled .Values.webhooks.port }}
+          - name: "WEBHOOK_PORT"
+            value: "{{ .Values.webhooks.port }}"
+          {{- end}}
+          {{- if and .Values.metrics.enabled .Values.metrics.port }}
+          - name: "METRICS_PORT"
+            value: "{{ .Values.metrics.port }}"
+          {{- end}}
+          {{- if .Values.readiness.port }}
+          - name: "HEALTH_PROBE_PORT"
+            value: "{{ .Values.readiness.port }}"
+          {{- end}}
+          - name: "TLS_SERVER_SECRET_NAME"
+            value: crossplane-tls-server
+          - name: "TLS_SERVER_CERTS_DIR"
+            value: /tls/server
+          - name: "TLS_CLIENT_SECRET_NAME"
+            value: crossplane-tls-client
+          - name: "TLS_CLIENT_CERTS_DIR"
+            value: /tls/client
+        {{- range $key, $value := .Values.extraEnvVarsCrossplane }}
+          - name: {{ $key | replace "." "_" }}
+            value: {{ $value | quote }}
+        {{- end}}
+        volumeMounts:
+          - mountPath: /cache/xpkg
+            name: package-cache
+          - mountPath: /cache/xfn
+            name: function-cache
+          {{- if .Values.registryCaBundleConfig.name }}
+          - mountPath: /certs
+            name: ca-certs
+          {{- end }}
+          {{- with .Values.extraVolumeMountsCrossplane }}
+          {{- tpl (toYaml .) $ | nindent 10 }}
+          {{- end }}
+          - mountPath: /tls/server
+            name: tls-server-certs
+          - mountPath: /tls/client
+            name: tls-client-certs
+      {{- with .Values.sidecarsCrossplane }}
+      {{- tpl (toYaml .) $ | nindent 6 }}
+      {{- end }}
+      volumes:
+      - name: package-cache
+        {{- if .Values.packageCache.pvc }}
+        persistentVolumeClaim:
+          claimName: {{ .Values.packageCache.pvc }}
+        {{- else if .Values.packageCache.configMap }}
+        configMap:
+          name: {{ .Values.packageCache.configMap }}
+        {{- else }}
+        emptyDir:
+          medium: {{ .Values.packageCache.medium }}
+          sizeLimit: {{ .Values.packageCache.sizeLimit }}
+        {{- end }}
+      - name: function-cache
+        {{- if .Values.functionCache.pvc }}
+        persistentVolumeClaim:
+          claimName: {{ .Values.functionCache.pvc }}
+        {{- else }}
+        emptyDir:
+          medium: {{ .Values.functionCache.medium }}
+          sizeLimit: {{ .Values.functionCache.sizeLimit }}
+        {{- end }}
+      {{- if .Values.registryCaBundleConfig.name }}
+      - name: ca-certs
+        configMap:
+          name: {{ .Values.registryCaBundleConfig.name }}
+          items:
+            - key: {{ .Values.registryCaBundleConfig.key }}
+              path: {{ .Values.registryCaBundleConfig.key }}
+      {{- end }}
+      - name: tls-server-certs
+        secret:
+          secretName: crossplane-tls-server
+      - name: tls-client-certs
+        secret:
+          secretName: crossplane-tls-client
+      {{- with .Values.extraVolumesCrossplane }}
+      {{- tpl (toYaml .) $ | nindent 6 }}
+      {{- end }}
+      {{- if .Values.nodeSelector }}
+      nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }}
+      {{- end }}
+      {{- if .Values.tolerations }}
+      tolerations: {{ toYaml .Values.tolerations | nindent 6 }}
+      {{- end }}
+      {{- if .Values.affinity }}
+      affinity: {{ toYaml .Values.affinity | nindent 8 }}
+      {{- end }}
+      {{- if .Values.topologySpreadConstraints }}
+      topologySpreadConstraints: {{ toYaml .Values.topologySpreadConstraints | nindent 8 }}
+      {{- end }}
+      {{- with .Values.dnsPolicy }}
+      dnsPolicy: {{ . }}
+      {{- end }}
diff --git a/packs/crossplane-2.2.0/charts/crossplane/templates/extra-objects.yaml b/packs/crossplane-2.2.0/charts/crossplane/templates/extra-objects.yaml
new file mode 100644
index 00000000..a9bb3b6b
--- /dev/null
+++ b/packs/crossplane-2.2.0/charts/crossplane/templates/extra-objects.yaml
@@ -0,0 +1,4 @@
+{{ range .Values.extraObjects }}
+---
+{{ tpl (toYaml .) $ }}
+{{ end }}
diff --git a/packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-allowed-provider-permissions.yaml b/packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-allowed-provider-permissions.yaml
new file mode 100644
index 00000000..9a373fff
--- /dev/null
+++ b/packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-allowed-provider-permissions.yaml
@@ -0,0 +1,14 @@
+{{- if .Values.rbacManager.deploy }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "crossplane.name" . }}:allowed-provider-permissions
+  labels:
+    app: {{ template "crossplane.name" . }}
+    {{- include "crossplane.labels" . | indent 4 }}
+aggregationRule:
+  clusterRoleSelectors:
+  - matchLabels:
+      rbac.crossplane.io/aggregate-to-allowed-provider-permissions: "true"
+{{- end}}
\ No newline at end of file
diff --git a/packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-clusterrole.yaml b/packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-clusterrole.yaml
new file mode 100644
index 00000000..8943b5f5
--- /dev/null
+++ b/packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-clusterrole.yaml
@@ -0,0 +1,135 @@
+{{- if .Values.rbacManager.deploy }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "crossplane.name" . }}-rbac-manager
+  labels:
+    app: {{ template "crossplane.name" . }}
+    {{- include "crossplane.labels" . | indent 4 }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - events
+  verbs:
+  - create
+  - update
+  - patch
+  - delete
+- apiGroups:
+  - ""
+  resources:
+  - namespaces
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+    - apps
+  resources:
+    - deployments
+  verbs:
+    - get
+    - list
+    - watch
+# The RBAC manager creates a series of RBAC roles for each namespace it sees.
+# These RBAC roles are controlled (in the owner reference sense) by the namespace.
+# The RBAC manager needs permission to set finalizers on Namespaces in order to
+# create resources that block their deletion when the
+# OwnerReferencesPermissionEnforcement admission controller is enabled.
+# See https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement
+- apiGroups:
+  - ""
+  resources:
+  - namespaces/finalizers
+  verbs:
+  - update
+- apiGroups:
+  - apiextensions.crossplane.io
+  resources:
+  - compositeresourcedefinitions
+  verbs:
+  - get
+  - list
+  - watch
+# The RBAC manager creates a series of RBAC cluster roles for each XRD it sees.
+# These cluster roles are controlled (in the owner reference sense) by the XRD.
+# The RBAC manager needs permission to set finalizers on XRDs in order to
+# create resources that block their deletion when the 
+# OwnerReferencesPermissionEnforcement admission controller is enabled.
+# See https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement
+- apiGroups:
+  - apiextensions.crossplane.io
+  resources:
+  - compositeresourcedefinitions/finalizers
+  verbs:
+  - update
+- apiGroups:
+  - pkg.crossplane.io
+  resources:
+  - providerrevisions
+  verbs:
+  - get
+  - list
+  - watch
+# The RBAC manager creates a series of RBAC cluster roles for each ProviderRevision
+# it sees. These cluster roles are controlled (in the owner reference sense) by the
+# ProviderRevision. The RBAC manager needs permission to set finalizers on
+# ProviderRevisions in order to create resources that block their deletion when the 
+# OwnerReferencesPermissionEnforcement admission controller is enabled.
+# See https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement
+- apiGroups:
+  - pkg.crossplane.io
+  resources:
+  - providerrevisions/finalizers
+  verbs:
+  - update
+- apiGroups:
+  - apiextensions.k8s.io
+  resources:
+  - customresourcedefinitions
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - rbac.authorization.k8s.io
+  resources:
+  - clusterroles
+  - roles
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+  # The RBAC manager may grant access it does not have.
+  - escalate
+- apiGroups:
+  - rbac.authorization.k8s.io
+  resources:
+  - clusterroles
+  verbs:
+  - bind
+- apiGroups:
+  - rbac.authorization.k8s.io
+  resources:
+  - clusterrolebindings
+  verbs:
+  - "*"
+- apiGroups:
+  - ""
+  - coordination.k8s.io
+  resources:
+  - configmaps
+  - leases
+  verbs:
+  - get
+  - list
+  - create
+  - update
+  - patch
+  - watch
+  - delete
+{{- end}}
diff --git a/packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-clusterrolebinding.yaml b/packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-clusterrolebinding.yaml
new file mode 100644
index 00000000..56e0300b
--- /dev/null
+++ b/packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-clusterrolebinding.yaml
@@ -0,0 +1,17 @@
+{{- if .Values.rbacManager.deploy }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "crossplane.name" . }}-rbac-manager
+  labels:
+    app: {{ template "crossplane.name" . }}
+    {{- include "crossplane.labels" . | indent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "crossplane.name" . }}-rbac-manager
+subjects:
+- kind: ServiceAccount
+  name: rbac-manager
+  namespace: {{ .Release.Namespace }}
+{{- end}}
\ No newline at end of file
diff --git a/packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-deployment.yaml b/packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-deployment.yaml
new file mode 100644
index 00000000..f2a85e53
--- /dev/null
+++ b/packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-deployment.yaml
@@ -0,0 +1,141 @@
+{{- if .Values.rbacManager.deploy }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "crossplane.name" . }}-rbac-manager
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ template "crossplane.name" . }}-rbac-manager
+    release: {{ .Release.Name }}
+    {{- include "crossplane.labels" . | indent 4 }}
+  {{- with .Values.customAnnotations }}
+  annotations: {{ toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  replicas: {{ .Values.rbacManager.replicas }}
+  selector:
+    matchLabels:
+      app: {{ template "crossplane.name" . }}-rbac-manager
+      release: {{ .Release.Name }}
+  strategy:
+    type: {{ .Values.deploymentStrategy }}
+  {{- if .Values.rbacManager.revisionHistoryLimit }}
+  revisionHistoryLimit: {{ .Values.rbacManager.revisionHistoryLimit }}
+  {{- end }}
+  template:
+    metadata:
+      {{- if or .Values.metrics.enabled .Values.customAnnotations }}
+      annotations:
+      {{- end }}
+      {{- if .Values.metrics.enabled }}
+        prometheus.io/path: /metrics
+        prometheus.io/port: "8080"
+        prometheus.io/scrape: "true"
+      {{- end }}
+      {{- with .Values.customAnnotations }}
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        app: {{ template "crossplane.name" . }}-rbac-manager
+        release: {{ .Release.Name }}
+        {{- include "crossplane.labels" . | indent 8 }}
+    spec:
+      {{- with .Values.podSecurityContextRBACManager }}
+      securityContext:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- if .Values.priorityClassName }}
+      priorityClassName: {{ .Values.priorityClassName | quote }}
+      {{- end }}
+      serviceAccountName: rbac-manager
+      {{- if .Values.runtimeClassName }}
+      runtimeClassName: {{ .Values.runtimeClassName | quote }}
+      {{- end }}
+      initContainers:
+      - name: {{ .Chart.Name }}-init
+        {{- if .Values.image.ignoreTag }}
+        image: "{{ .Values.image.repository }}"
+        {{- else }}
+        image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default (printf "v%s" .Chart.AppVersion) }}"
+        {{- end }}
+        args:
+        - rbac
+        - init
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        resources:
+          {{- toYaml .Values.resourcesRBACManager | nindent 12 }}
+        {{- with .Values.securityContextRBACManager }}
+        securityContext:
+          {{- toYaml . | nindent 12 }}
+        {{- end }}
+        env:
+          - name: GOMAXPROCS
+            valueFrom:
+              resourceFieldRef:
+                containerName: {{ .Chart.Name }}-init
+                resource: limits.cpu
+                divisor: "1"
+          - name: GOMEMLIMIT
+            valueFrom:
+              resourceFieldRef:
+                containerName: {{ .Chart.Name }}-init
+                resource: limits.memory
+                divisor: "1"
+      containers:
+      - name: {{ .Chart.Name }}
+        {{- if .Values.image.ignoreTag }}
+        image: "{{ .Values.image.repository }}"
+        {{- else }}
+        image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default (printf "v%s" .Chart.AppVersion) }}"
+        {{- end }}
+        args:
+        - rbac
+        - start
+        {{- range $arg := .Values.rbacManager.args }}
+        - {{ $arg }}
+        {{- end }}
+        - --provider-clusterrole={{ template "crossplane.name" . }}:allowed-provider-permissions
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        resources:
+          {{- toYaml .Values.resourcesRBACManager | nindent 12 }}
+        {{- if .Values.metrics.enabled }}
+        ports:
+        - name: metrics
+          containerPort: 8080
+        {{- end }}
+        {{- with .Values.securityContextRBACManager }}
+        securityContext:
+          {{- toYaml . | nindent 12 }}
+        {{- end }}
+        env:
+          - name: GOMAXPROCS
+            valueFrom:
+              resourceFieldRef:
+                containerName: {{ .Chart.Name }}
+                resource: limits.cpu
+                divisor: "1"
+          - name: GOMEMLIMIT
+            valueFrom:
+              resourceFieldRef:
+                containerName: {{ .Chart.Name }}
+                resource: limits.memory
+                divisor: "1"
+          - name: LEADER_ELECTION
+            value: "{{ .Values.rbacManager.leaderElection }}"
+        {{- range $key, $value := .Values.extraEnvVarsRBACManager }}
+          - name: {{ $key | replace "." "_" }}
+            value: {{ $value | quote }}
+        {{- end}}
+      {{- if .Values.rbacManager.nodeSelector }}
+      nodeSelector: {{ toYaml .Values.rbacManager.nodeSelector | nindent 8 }}
+      {{- end }}
+      {{- if .Values.rbacManager.tolerations }}
+      tolerations: {{ toYaml .Values.rbacManager.tolerations | nindent 6 }}
+      {{- end }}
+      {{- if .Values.rbacManager.topologySpreadConstraints }}
+      topologySpreadConstraints: {{ toYaml .Values.rbacManager.topologySpreadConstraints | nindent 6 }}
+      {{- end }}
+      {{- if .Values.rbacManager.affinity }}
+      affinity: {{ toYaml .Values.rbacManager.affinity | nindent 8 }}
+      {{- end }}
+{{- end}}
diff --git a/packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-managed-clusterroles.yaml b/packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-managed-clusterroles.yaml
new file mode 100644
index 00000000..14fb96f6
--- /dev/null
+++ b/packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-managed-clusterroles.yaml
@@ -0,0 +1,227 @@
+{{- if .Values.rbacManager.deploy }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "crossplane.name" . }}-admin
+  labels:
+    app: {{ template "crossplane.name" . }}
+    {{- include "crossplane.labels" . | indent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "crossplane.name" . }}-admin
+subjects:
+- apiGroup: rbac.authorization.k8s.io
+  kind: Group
+  name: {{ template "crossplane.name" . }}:masters
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "crossplane.name" . }}-admin
+  labels:
+    app: {{ template "crossplane.name" . }}
+    {{- include "crossplane.labels" . | indent 4 }}
+aggregationRule:
+  clusterRoleSelectors:
+  - matchLabels:
+      rbac.crossplane.io/aggregate-to-admin: "true"
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "crossplane.name" . }}-edit
+  labels:
+    app: {{ template "crossplane.name" . }}
+    {{- include "crossplane.labels" . | indent 4 }}
+aggregationRule:
+  clusterRoleSelectors:
+  - matchLabels:
+      rbac.crossplane.io/aggregate-to-edit: "true"
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "crossplane.name" . }}-view
+  labels:
+    app: {{ template "crossplane.name" . }}
+    {{- include "crossplane.labels" . | indent 4 }}
+aggregationRule:
+  clusterRoleSelectors:
+  - matchLabels:
+      rbac.crossplane.io/aggregate-to-view: "true"
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "crossplane.name" . }}-browse
+  labels:
+    app: {{ template "crossplane.name" . }}
+    {{- include "crossplane.labels" . | indent 4 }}
+aggregationRule:
+  clusterRoleSelectors:
+  - matchLabels:
+      rbac.crossplane.io/aggregate-to-browse: "true"
+{{- if not .Values.rbacManager.skipAggregatedClusterRoles }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "crossplane.name" . }}:aggregate-to-admin
+  labels:
+    rbac.crossplane.io/aggregate-to-admin: "true"
+    app: {{ template "crossplane.name" . }}
+    {{- include "crossplane.labels" . | indent 4 }}
+rules:
+# Crossplane administrators have access to view events.
+- apiGroups: [""]
+  resources: [events]
+  verbs: [get, list, watch]
+# Crossplane administrators must create provider credential secrets, and may
+# need to read or otherwise interact with connection secrets. They may also need
+# to create or annotate namespaces.
+- apiGroups: [""]
+  resources: [secrets, namespaces]
+  verbs: ["*"]
+# Crossplane administrators have access to view the roles that they may be able
+# to grant to other subjects.
+- apiGroups: [rbac.authorization.k8s.io]
+  resources: [clusterroles, roles]
+  verbs: [get, list, watch]
+# Crossplane administrators have access to grant the access they have to other
+# subjects.
+- apiGroups: [rbac.authorization.k8s.io]
+  resources: [clusterrolebindings, rolebindings]
+  verbs: ["*"]
+# Crossplane administrators have full access to built in Crossplane types.
+- apiGroups:
+  - apiextensions.crossplane.io
+  resources: ["*"]
+  verbs: ["*"]
+- apiGroups:
+  - pkg.crossplane.io
+  resources: ["*"]
+  verbs: ["*"]
+- apiGroups:
+  - secrets.crossplane.io
+  resources: ["*"]
+  verbs: ["*"]
+# Crossplane administrators have access to view CRDs in order to debug XRDs.
+- apiGroups: [apiextensions.k8s.io]
+  resources: [customresourcedefinitions]
+  verbs: [get, list, watch]
+- apiGroups:
+    - protection.crossplane.io
+  resources: ["*"]
+  verbs: ["*"]
+- apiGroups:
+    - ops.crossplane.io
+  resources: ["*"]
+  verbs: ["*"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "crossplane.name" . }}:aggregate-to-edit
+  labels:
+    rbac.crossplane.io/aggregate-to-edit: "true"
+    app: {{ template "crossplane.name" . }}
+    {{- include "crossplane.labels" . | indent 4 }}
+rules:
+# Crossplane editors have access to view events.
+- apiGroups: [""]
+  resources: [events]
+  verbs: [get, list, watch]
+# Crossplane editors must create provider credential secrets, and may need to
+# read or otherwise interact with connection secrets.
+- apiGroups: [""]
+  resources: [secrets]
+  verbs: ["*"]
+# Crossplane editors may see which namespaces exist, but not edit them.
+- apiGroups: [""]
+  resources: [namespaces]
+  verbs: [get, list, watch]
+# Crossplane editors have full access to built in Crossplane types.
+- apiGroups:
+  - apiextensions.crossplane.io
+  resources: ["*"]
+  verbs: ["*"]
+- apiGroups:
+  - pkg.crossplane.io
+  resources: ["*"]
+  verbs: ["*"]
+- apiGroups:
+  - secrets.crossplane.io
+  resources: ["*"]
+  verbs: ["*"]
+- apiGroups:
+    - protection.crossplane.io
+  resources: ["*"]
+  verbs: ["*"]
+- apiGroups:
+    - ops.crossplane.io
+  resources: ["*"]
+  verbs: ["*"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "crossplane.name" . }}:aggregate-to-view
+  labels:
+    rbac.crossplane.io/aggregate-to-view: "true"
+    app: {{ template "crossplane.name" . }}
+    {{- include "crossplane.labels" . | indent 4 }}
+rules:
+# Crossplane viewers have access to view events.
+- apiGroups: [""]
+  resources: [events]
+  verbs: [get, list, watch]
+# Crossplane viewers may see which namespaces exist.
+- apiGroups: [""]
+  resources: [namespaces]
+  verbs: [get, list, watch]
+# Crossplane viewers have read-only access to built in Crossplane types.
+- apiGroups:
+  - apiextensions.crossplane.io
+  resources: ["*"]
+  verbs: [get, list, watch]
+- apiGroups:
+  - pkg.crossplane.io
+  resources: ["*"]
+  verbs: [get, list, watch]
+- apiGroups:
+  - secrets.crossplane.io
+  resources: ["*"]
+  verbs: [get, list, watch]
+- apiGroups:
+    - protection.crossplane.io
+  resources: ["*"]
+  verbs: [get, list, watch]
+- apiGroups:
+    - ops.crossplane.io
+  resources: ["*"]
+  verbs: [get, list, watch]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "crossplane.name" . }}:aggregate-to-browse
+  labels:
+    rbac.crossplane.io/aggregate-to-browse: "true"
+    app: {{ template "crossplane.name" . }}
+    {{- include "crossplane.labels" . | indent 4 }}
+rules:
+# Crossplane browsers have access to view events.
+- apiGroups: [""]
+  resources: [events]
+  verbs: [get, list, watch]
+# Crossplane browsers have read-only access to compositions and XRDs. This
+# allows them to discover and select an appropriate composition when creating a
+# resource claim.
+- apiGroups:
+  - apiextensions.crossplane.io
+  resources: ["*"]
+  verbs: [get, list, watch]
+{{- end }}
+{{- end }}
diff --git a/packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-serviceaccount.yaml b/packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-serviceaccount.yaml
new file mode 100644
index 00000000..360f0d00
--- /dev/null
+++ b/packs/crossplane-2.2.0/charts/crossplane/templates/rbac-manager-serviceaccount.yaml
@@ -0,0 +1,17 @@
+{{- if .Values.rbacManager.deploy }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: rbac-manager
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ template "crossplane.name" . }}
+    {{- include "crossplane.labels" . | indent 4 }}
+{{- with .Values.imagePullSecrets }}
+imagePullSecrets:
+{{- range $index, $secret := . }}
+- name: {{ $secret }}
+{{- end }}
+{{- end }}
+automountServiceAccountToken: true
+{{- end}}
diff --git a/packs/crossplane-2.2.0/charts/crossplane/templates/secret.yaml b/packs/crossplane-2.2.0/charts/crossplane/templates/secret.yaml
new file mode 100644
index 00000000..88adf53c
--- /dev/null
+++ b/packs/crossplane-2.2.0/charts/crossplane/templates/secret.yaml
@@ -0,0 +1,39 @@
+---
+# The reason this is created empty and filled by the init container is we want
+# to manage the lifecycle of the secret via Helm. This way whenever Crossplane
+# is deleted, the secret is deleted as well.
+apiVersion: v1
+kind: Secret
+metadata:
+  name: crossplane-root-ca
+  namespace: {{ .Release.Namespace }}
+  {{- with .Values.secrets.customAnnotations }}
+  annotations: {{ toYaml . | nindent 4 }}
+  {{- end }}
+type: Opaque
+---
+# The reason this is created empty and filled by the init container is we want
+# to manage the lifecycle of the secret via Helm. This way whenever Crossplane
+# is deleted, the secret is deleted as well.
+apiVersion: v1
+kind: Secret
+metadata:
+  name: crossplane-tls-server
+  namespace: {{ .Release.Namespace }}
+  {{- with .Values.secrets.customAnnotations }}
+  annotations: {{ toYaml . | nindent 4 }}
+  {{- end }}
+type: Opaque
+---
+# The reason this is created empty and filled by the init container is we want
+# to manage the lifecycle of the secret via Helm. This way whenever Crossplane
+# is deleted, the secret is deleted as well.
+apiVersion: v1
+kind: Secret
+metadata:
+  name: crossplane-tls-client
+  namespace: {{ .Release.Namespace }}
+  {{- with .Values.secrets.customAnnotations }}
+  annotations: {{ toYaml . | nindent 4 }}
+  {{- end }}
+type: Opaque
diff --git a/packs/crossplane-2.2.0/charts/crossplane/templates/service.yaml b/packs/crossplane-2.2.0/charts/crossplane/templates/service.yaml
new file mode 100644
index 00000000..c807e7be
--- /dev/null
+++ b/packs/crossplane-2.2.0/charts/crossplane/templates/service.yaml
@@ -0,0 +1,25 @@
+{{- if .Values.webhooks.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "crossplane.name" . }}-webhooks
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ template "crossplane.name" . }}
+    release: {{ .Release.Name }}
+    {{- include "crossplane.labels" . | indent 4 }}
+  annotations:
+    {{- with .Values.service.customAnnotations }}
+    {{- range $key, $value := . }}
+    {{ $key }}: {{ $value | quote }}
+    {{- end }}
+    {{- end }}
+spec:
+  selector:
+    app: {{ template "crossplane.name" . }}
+    release: {{ .Release.Name }}
+  ports:
+  - protocol: TCP
+    port: 9443
+    targetPort: {{ .Values.webhooks.port | default 9443 }}
+{{- end }}
diff --git a/packs/crossplane-2.2.0/charts/crossplane/templates/serviceaccount.yaml b/packs/crossplane-2.2.0/charts/crossplane/templates/serviceaccount.yaml
new file mode 100644
index 00000000..5f7ecaee
--- /dev/null
+++ b/packs/crossplane-2.2.0/charts/crossplane/templates/serviceaccount.yaml
@@ -0,0 +1,20 @@
+{{- if .Values.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "crossplane.name" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ template "crossplane.name" . }}
+    {{- include "crossplane.labels" . | indent 4 }}
+  {{- with .Values.serviceAccount.customAnnotations }}
+  annotations: {{ toYaml . | nindent 4 }}
+  {{- end }}
+{{- with .Values.imagePullSecrets }}
+imagePullSecrets:
+{{- range $index, $secret := . }}
+- name: {{ $secret }}
+{{- end }}
+{{ end }}
+automountServiceAccountToken: true
+{{- end }}
diff --git a/packs/crossplane-2.2.0/charts/crossplane/values.yaml b/packs/crossplane-2.2.0/charts/crossplane/values.yaml
new file mode 100644
index 00000000..66be8a1d
--- /dev/null
+++ b/packs/crossplane-2.2.0/charts/crossplane/values.yaml
@@ -0,0 +1,222 @@
+# helm-docs renders these comments into markdown. Use markdown formatting where
+# appropiate.
+#
+# -- The number of Crossplane pod `replicas` to deploy.
+replicas: 1
+
+# -- The number of Crossplane ReplicaSets to retain.
+revisionHistoryLimit: null
+
+# -- The deployment strategy for the Crossplane and RBAC Manager pods.
+deploymentStrategy: RollingUpdate
+
+image:
+  # -- Repository for the Crossplane pod image.
+  repository: xpkg.crossplane.io/crossplane/crossplane
+  # -- The Crossplane image tag. Defaults to the value of `appVersion` in `Chart.yaml`.
+  tag: ""
+  # -- The image pull policy used for Crossplane and RBAC Manager pods.
+  pullPolicy: IfNotPresent
+  # -- Do not use the {{ .image.tag }} value to compute the image uri.
+  ignoreTag: false
+
+# -- Add `nodeSelectors` to the Crossplane pod deployment.
+nodeSelector: {}
+# -- Add `tolerations` to the Crossplane pod deployment.
+tolerations: []
+# -- Add `affinities` to the Crossplane pod deployment.
+affinity: {}
+# -- Add `topologySpreadConstraints` to the Crossplane pod deployment.
+topologySpreadConstraints: []
+
+# -- Enable `hostNetwork` for the Crossplane deployment. Caution: enabling `hostNetwork` grants the Crossplane Pod access to the host network namespace. Consider setting `dnsPolicy` to `ClusterFirstWithHostNet`.
+hostNetwork: false
+
+# -- Specify the `dnsPolicy` to be used by the Crossplane pod.
+dnsPolicy: ""
+
+# -- Add custom `labels` to the Crossplane pod deployment.
+customLabels: {}
+
+# -- Add custom `annotations` to the Crossplane pod deployment.
+customAnnotations: {}
+
+serviceAccount:
+  # -- Specifies whether Crossplane ServiceAccount should be created
+  create: true
+  # -- Provide the name of an already created Crossplane ServiceAccount. Required when `serviceAccount.create` is `false`
+  name: ""
+  # -- Add custom `annotations` to the Crossplane ServiceAccount.
+  customAnnotations: {}
+
+# -- Enable [leader election](https://docs.crossplane.io/latest/guides/pods/#leader-election) for the Crossplane pod.
+leaderElection: true
+# -- Add custom arguments to the Crossplane pod.
+args: []
+
+provider:
+  # -- A list of Provider packages to install.
+  packages: []
+  # -- Define entries for the default managed resource activation policy. If defined, a default MRAP will contain these activations.
+  defaultActivations: ["*"]
+
+configuration:
+  # -- A list of Configuration packages to install.
+  packages: []
+
+function:
+  # -- A list of Function packages to install
+  packages: []
+
+# -- The imagePullSecret names to add to the Crossplane ServiceAccount.
+imagePullSecrets: []
+
+registryCaBundleConfig:
+  # -- The ConfigMap name containing a custom CA bundle to enable fetching packages from registries with unknown or untrusted certificates.
+  name: ""
+  # -- The ConfigMap key containing a custom CA bundle to enable fetching packages from registries with unknown or untrusted certificates.
+  key: ""
+
+service:
+  # -- Configure annotations on the service object. Only enabled when webhooks.enabled = true
+  customAnnotations: {}
+
+secrets:
+  # -- Add custom annotations to Crossplane Secret resources.
+  customAnnotations: {}
+
+webhooks:
+  # -- Enable webhooks for Crossplane and installed Provider packages.
+  enabled: true
+  # -- The port the webhook server listens on.
+  port: ""
+
+rbacManager:
+  # -- Deploy the RBAC Manager pod and its required roles.
+  deploy: true
+  # -- Don't install aggregated Crossplane ClusterRoles.
+  skipAggregatedClusterRoles: false
+  # -- The number of RBAC Manager pod `replicas` to deploy.
+  replicas: 1
+  # -- The number of RBAC Manager ReplicaSets to retain.
+  revisionHistoryLimit: null
+  # -- Enable [leader election](https://docs.crossplane.io/latest/guides/pods/#leader-election) for the RBAC Manager pod.
+  leaderElection: true
+  # -- Add custom arguments to the RBAC Manager pod.
+  args: []
+  # -- Add `nodeSelectors` to the RBAC Manager pod deployment.
+  nodeSelector: {}
+  # -- Add `tolerations` to the RBAC Manager pod deployment.
+  tolerations: []
+  # -- Add `affinities` to the RBAC Manager pod deployment.
+  affinity: {}
+  # -- Add `topologySpreadConstraints` to the RBAC Manager pod deployment.
+  topologySpreadConstraints: []
+
+# -- The PriorityClass name to apply to the Crossplane and RBAC Manager pods.
+priorityClassName: ""
+
+# -- The runtimeClassName name to apply to the Crossplane and RBAC Manager pods.
+runtimeClassName: ""
+
+resourcesCrossplane:
+  limits:
+    # -- CPU resource limits for the Crossplane pod.
+    cpu: 500m
+    # -- Memory resource limits for the Crossplane pod.
+    memory: 1024Mi
+  requests:
+    # -- CPU resource requests for the Crossplane pod.
+    cpu: 100m
+    # -- Memory resource requests for the Crossplane pod.
+    memory: 256Mi
+
+securityContextCrossplane:
+  # -- The user ID used by the Crossplane pod.
+  runAsUser: 65532
+  # -- The group ID used by the Crossplane pod.
+  runAsGroup: 65532
+  # -- Enable `allowPrivilegeEscalation` for the Crossplane pod.
+  allowPrivilegeEscalation: false
+  # -- Set the Crossplane pod root file system as read-only.
+  readOnlyRootFilesystem: true
+
+packageCache:
+  # -- Set to `Memory` to hold the package cache in a RAM backed file system. Useful for Crossplane development.
+  medium: ""
+  # -- The size limit for the package cache. If medium is `Memory` the `sizeLimit` can't exceed Node memory.
+  sizeLimit: 20Mi
+  # -- The name of a PersistentVolumeClaim to use as the package cache. Disables the default package cache `emptyDir` Volume.
+  pvc: ""
+  # -- The name of a ConfigMap to use as the package cache. Disables the default package cache `emptyDir` Volume.
+  configMap: ""
+
+functionCache:
+  # -- Set to `Memory` to hold the function cache in a RAM backed file system. Useful for Crossplane development.
+  medium: ""
+  # -- The size limit for the function cache. If medium is `Memory` the `sizeLimit` can't exceed Node memory.
+  sizeLimit: 512Mi
+  # -- The name of a PersistentVolumeClaim to use as the function cache. Disables the default function cache `emptyDir` Volume.
+  pvc: ""
+
+resourcesRBACManager:
+  limits:
+    # -- CPU resource limits for the RBAC Manager pod.
+    cpu: 100m
+    # -- Memory resource limits for the RBAC Manager pod.
+    memory: 512Mi
+  requests:
+    # -- CPU resource requests for the RBAC Manager pod.
+    cpu: 100m
+    # -- Memory resource requests for the RBAC Manager pod.
+    memory: 256Mi
+
+securityContextRBACManager:
+  # -- The user ID used by the RBAC Manager pod.
+  runAsUser: 65532
+  # -- The group ID used by the RBAC Manager pod.
+  runAsGroup: 65532
+  # -- Enable `allowPrivilegeEscalation` for the RBAC Manager pod.
+  allowPrivilegeEscalation: false
+  # -- Set the RBAC Manager pod root file system as read-only.
+  readOnlyRootFilesystem: true
+
+metrics:
+  # -- Enable Prometheus path, port and scrape annotations and expose port 8080 for both the Crossplane and RBAC Manager pods.
+  enabled: false
+  # -- The port the metrics server listens on.
+  port: ""
+
+readiness:
+  # -- The port the readyz server listens on.
+  port: ""
+
+# -- Add custom environmental variables to the Crossplane pod deployment init container.
+# Replaces any `.` in a variable name with `_`. For example, `SAMPLE.KEY=value1` becomes `SAMPLE_KEY=value1`.
+extraEnvVarsCrossplaneInit: {}
+
+# -- Add custom environmental variables to the Crossplane pod deployment application container.
+# Replaces any `.` in a variable name with `_`. For example, `SAMPLE.KEY=value1` becomes `SAMPLE_KEY=value1`.
+extraEnvVarsCrossplane: {}
+
+# -- Add custom environmental variables to the RBAC Manager pod deployment.
+# Replaces any `.` in a variable name with `_`. For example, `SAMPLE.KEY=value1` becomes `SAMPLE_KEY=value1`.
+extraEnvVarsRBACManager: {}
+
+# -- Add a custom `securityContext` to the Crossplane pod.
+podSecurityContextCrossplane: {}
+
+# -- Add a custom `securityContext` to the RBAC Manager pod.
+podSecurityContextRBACManager: {}
+
+# -- Add custom `volumes` to the Crossplane pod. Supports template expressions.
+extraVolumesCrossplane: {}
+
+# -- Add custom `volumeMounts` to the Crossplane pod. Supports template expressions.
+extraVolumeMountsCrossplane: {}
+
+# -- Add sidecar containers to the Crossplane pod. Supports template expressions.
+sidecarsCrossplane: []
+
+# -- To add arbitrary Kubernetes Objects during a Helm Install
+extraObjects: []

From b0fb97a4776710df548ff2ef8d6caa0d5fca3098 Mon Sep 17 00:00:00 2001
From: edwin-villa <edwin.villa@softwareone.com>
Date: Fri, 27 Feb 2026 11:45:49 -0500
Subject: [PATCH 4/7] PAC-3779 - Upgrade trivy pack to 0.21.1

---
 packs/cks-trivy-0.21.1/values.yaml | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/packs/cks-trivy-0.21.1/values.yaml b/packs/cks-trivy-0.21.1/values.yaml
index 3a5619d4..19d84065 100644
--- a/packs/cks-trivy-0.21.1/values.yaml
+++ b/packs/cks-trivy-0.21.1/values.yaml
@@ -2,6 +2,13 @@ pack:
   #The namespace (on the target cluster) to install this chart
   #When not found, a new namespace will be created
   namespace: "trivy"
+  content:
+    images:
+      - image: docker.io/aquasec/trivy:0.21.1       
+    charts:
+      - repo: https://github.com/aquasecurity/trivy
+        name: trivy
+        version: 0.21.1  
 
 charts:
   trivy:
@@ -13,7 +20,7 @@ charts:
       repository: aquasec/trivy
       # tag is an override of the image tag, which is by default set by the
       # appVersion field in Chart.yaml.
-      tag: ""
+      tag: "0.21.1"
       pullPolicy: IfNotPresent
       pullSecret: ""
 

From b6960dd1e4cc3e64d7206c35808e39f91fdafefa Mon Sep 17 00:00:00 2001
From: edwin-villa <edwin.villa@softwareone.com>
Date: Fri, 27 Feb 2026 11:54:23 -0500
Subject: [PATCH 5/7] PAC-3779 - Upgrade trivy pack to 0.21.1

---
 packs/cks-trivy-0.21.1/README.md | 117 +++++++++++++++++++++++++++++++
 packs/cks-trivy-0.21.1/pack.json |  13 +++-
 2 files changed, 129 insertions(+), 1 deletion(-)
 create mode 100644 packs/cks-trivy-0.21.1/README.md

diff --git a/packs/cks-trivy-0.21.1/README.md b/packs/cks-trivy-0.21.1/README.md
new file mode 100644
index 00000000..f729024c
--- /dev/null
+++ b/packs/cks-trivy-0.21.1/README.md
@@ -0,0 +1,117 @@
+# Trivy Scanner
+
+Trivy vulnerability scanner standalone installation.
+
+## TL;DR;
+
+```
+$ helm install trivy . --namespace trivy --create-namespace
+```
+
+## Introduction
+
+This chart bootstraps a Trivy deployment on a [Kubernetes](http://kubernetes.io) cluster using the
+[Helm](https://helm.sh) package manager.
+
+## Prerequisites
+
+- Kubernetes 1.12+
+- Helm 3+
+
+## Installing from the Aqua Chart Repository
+
+```
+helm repo add aquasecurity https://aquasecurity.github.io/helm-charts/
+helm repo update
+helm search repo trivy
+helm install my-trivy aquasecurity/trivy
+```
+
+## Installing the Chart
+
+To install the chart with the release name `my-release`:
+
+```
+$ helm install my-release .
+```
+
+The command deploys Trivy on the Kubernetes cluster in the default configuration. The [Parameters](#parameters)
+section lists the parameters that can be configured during installation.
+
+> **Tip**: List all releases using `helm list`.
+
+## Uninstalling the Chart
+
+To uninstall/delete the `my-release` deployment:
+
+```
+$ helm delete my-release
+```
+
+The command removes all the Kubernetes components associated with the chart and deletes the release.
+
+## Parameters
+
+The following table lists the configurable parameters of the Trivy chart and their default values.
+
+|                 Parameter             |                                Description                              |    Default     |
+|---------------------------------------|-------------------------------------------------------------------------|----------------|
+| `image.registry`                      | Image registry                                                          | `docker.io`    |
+| `image.repository`                    | Image name                                                              | `aquasec/trivy` |
+| `image.tag`                           | Image tag                                                               | `{TAG_NAME}`   |
+| `image.pullPolicy`                    | Image pull policy                                                       | `IfNotPresent` |
+| `image.pullSecret`                    | The name of an imagePullSecret used to pull trivy image from e.g. Docker Hub or a private registry  | |
+| `replicaCount`                        | Number of Trivy Pods to run                                   | `1`            |
+| `trivy.debugMode`                     | The flag to enable or disable Trivy debug mode                          | `false` |
+| `trivy.gitHubToken`                   | The GitHub access token to download Trivy DB. More info: https://trivy.dev/docs/latest/references/troubleshooting/#github-rate-limiting                          |      |
+| `trivy.registryUsername`              | The username used to log in at dockerhub. More info: https://trivy.dev/docs/latest/advanced/private-registries/docker-hub/ |      |
+| `trivy.registryPassword`              | The password used to log in at dockerhub. More info: https://trivy.dev/docs/latest/advanced/private-registries/docker-hub/ |      |
+| `trivy.registryCredentialsExistingSecret` | Name of Secret containing dockerhub credentials. Alternative to the 2 parameters above, has precedence if set.                    |      |
+| `trivy.serviceAccount.annotations`        | Additional annotations to add to the Kubernetes service account resource |     |
+| `trivy.skipDBUpdate`                    | The flag to enable or disable Trivy DB downloads from GitHub            | `false`        |
+| `trivy.dbRepository`                  | OCI repository to retrieve the trivy vulnerability database from        | `ghcr.io/aquasecurity/trivy-db`        |
+| `trivy.cache.redis.enabled`           | Enable Redis as caching backend                                         | `false` |
+| `trivy.cache.redis.url`               | Specify redis connection url, e.g. redis://redis.redis.svc:6379         | `` |
+| `trivy.cache.redis.ttl`               | Specify redis TTL, e.g. 3600s or 24h                                    | `` |
+| `trivy.cache.redis.tls`               | Enable Redis TLS with public certificates                               | `` |
+| `trivy.serverToken`                   | The token to authenticate Trivy client with Trivy server                | `` |
+| `trivy.existingSecret`                | existingSecret if an existing secret has been created outside the chart. Overrides gitHubToken, registryUsername, registryPassword, serverToken | `` |
+| `trivy.podAnnotations`                | Annotations for pods created by statefulset                             | `{}` |
+| `trivy.extraEnvVars`                  | extraEnvVars to be set on the container                                 | `{}` |
+| `trivy.sslCertDir`                    | Can be used to override the system default locations for SSL certificate files directory, example: `/ssl/certs` | `` |
+| `service.name`                        | If specified, the name used for the Trivy service                       |     |
+| `service.type`                        | Kubernetes service type                                                 | `ClusterIP` |
+| `service.port`                        | Kubernetes service port                                                 | `4954`      |
+| `service.sessionAffinity`             | Kubernetes service session affinity                                     | `ClientIP`  |
+| `httpProxy`                           | The URL of the HTTP proxy server                                        |     |
+| `httpsProxy`                          | The URL of the HTTPS proxy server                                       |     |
+| `noProxy`                             | The URLs that the proxy settings do not apply to                        |     |
+| `nodeSelector`                        | Node labels for pod assignment                                              |     |
+| `affinity`                            | Affinity settings for pod assignment                                              |     |
+| `tolerations`                         | Tolerations for pod assignment                                              |     |
+| `podAnnotations`                      | Annotations for pods created by statefulset                             | `{}` |
+
+The above parameters map to the env variables defined in [trivy](https://trivy.dev/docs/latest/configuration/#configuration).
+
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
+
+```
+$ helm install my-release . \
+       --namespace my-namespace \
+       --set "service.port=9090" \
+       --set "trivy.vulnType=os\,library"
+```
+## Upgrade
+
+## Storage
+
+This chart uses a PersistentVolumeClaim to reduce the number of database downloads between POD restarts or updates. The storageclass should have the reclaim policy `Retain`.
+
+## Caching
+
+You can specify a Redis server as cache backend. This Redis server has to be already present. You can use the [bitnami chart](https://bitnami.com/stack/redis/helm).
+More Information about the caching backends can be found [here](https://trivy.dev/docs/latest/configuration/cache/#scan-cache-backend).
+
+## References
+
+https://trivy.dev/
\ No newline at end of file
diff --git a/packs/cks-trivy-0.21.1/pack.json b/packs/cks-trivy-0.21.1/pack.json
index bf8c1a6f..83fdebd7 100644
--- a/packs/cks-trivy-0.21.1/pack.json
+++ b/packs/cks-trivy-0.21.1/pack.json
@@ -13,5 +13,16 @@
     "displayName": "Trivy",    
     "layer":"addon",
     "name": "trivy",
-    "version": "0.21.1"
+    "version": "0.21.1",
+    "constraints": {
+      "dependencies": [        
+        {
+          "packName": "kubernetes",
+          "layer": "k8s",
+          "minVersion": "1.27",
+          "maxVersion": "",
+          "type": "optional"
+        }
+      ]
+    }
   }
\ No newline at end of file

From 7aa4e1485009b24662c9cdda020b25da5bf0fddb Mon Sep 17 00:00:00 2001
From: edwin-villa <edwin.villa@softwareone.com>
Date: Wed, 29 Apr 2026 15:01:39 -0500
Subject: [PATCH 6/7] PAC-4030 - Upgrade fluentbit pack to 5.0.3

---
 packs/fluentbit-5.0.3/README.md               |   70 +
 .../charts/fluent-bit-0.57.3.tgz              |  Bin 0 -> 18415 bytes
 .../charts/fluent-bit/.helmignore             |   23 +
 .../charts/fluent-bit/CHANGELOG.md            |   84 +
 .../charts/fluent-bit/Chart.yaml              |   27 +
 .../charts/fluent-bit/README.md               |  247 +++
 .../charts/fluent-bit/RELEASE.md              |    3 +
 .../charts/fluent-bit/_docs.md                |   38 +
 .../charts/fluent-bit/ci/ci-values.yaml       |   43 +
 .../fluent-bit/dashboards/fluent-bit.json     | 1565 +++++++++++++++++
 .../charts/fluent-bit/templates/NOTES.txt     |    6 +
 .../charts/fluent-bit/templates/_helpers.tpl  |  138 ++
 .../charts/fluent-bit/templates/_pod.tpl      |  169 ++
 .../fluent-bit/templates/clusterrole.yaml     |   46 +
 .../templates/clusterrolebinding.yaml         |   16 +
 .../templates/configmap-dashboards.yaml       |   21 +
 .../templates/configmap-luascripts.yaml       |   13 +
 .../fluent-bit/templates/configmap.yaml       |   25 +
 .../fluent-bit/templates/daemonset.yaml       |   48 +
 .../fluent-bit/templates/deployment.yaml      |   51 +
 .../charts/fluent-bit/templates/hpa.yaml      |   40 +
 .../charts/fluent-bit/templates/ingress.yaml  |   65 +
 .../fluent-bit/templates/networkpolicy.yaml   |   23 +
 .../charts/fluent-bit/templates/pdb.yaml      |   21 +
 .../fluent-bit/templates/prometheusrule.yaml  |   18 +
 .../charts/fluent-bit/templates/psp.yaml      |   45 +
 .../charts/fluent-bit/templates/scc.yaml      |   45 +
 .../charts/fluent-bit/templates/service.yaml  |   60 +
 .../fluent-bit/templates/serviceaccount.yaml  |   16 +
 .../fluent-bit/templates/servicemonitor.yaml  |   51 +
 .../templates/tests/test-connection.yaml      |   26 +
 .../charts/fluent-bit/templates/vpa.yaml      |   45 +
 .../charts/fluent-bit/values.yaml             |  540 ++++++
 packs/fluentbit-5.0.3/logo.png                |  Bin 0 -> 10283 bytes
 packs/fluentbit-5.0.3/pack.json               |   41 +
 packs/fluentbit-5.0.3/values.yaml             |  558 ++++++
 36 files changed, 4227 insertions(+)
 create mode 100644 packs/fluentbit-5.0.3/README.md
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit-0.57.3.tgz
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/.helmignore
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/CHANGELOG.md
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/Chart.yaml
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/README.md
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/RELEASE.md
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/_docs.md
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/ci/ci-values.yaml
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/dashboards/fluent-bit.json
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/templates/NOTES.txt
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/templates/_helpers.tpl
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/templates/_pod.tpl
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/templates/clusterrole.yaml
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/templates/clusterrolebinding.yaml
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/templates/configmap-dashboards.yaml
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/templates/configmap-luascripts.yaml
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/templates/configmap.yaml
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/templates/daemonset.yaml
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/templates/deployment.yaml
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/templates/hpa.yaml
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/templates/ingress.yaml
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/templates/networkpolicy.yaml
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/templates/pdb.yaml
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/templates/prometheusrule.yaml
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/templates/psp.yaml
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/templates/scc.yaml
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/templates/service.yaml
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/templates/serviceaccount.yaml
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/templates/servicemonitor.yaml
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/templates/tests/test-connection.yaml
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/templates/vpa.yaml
 create mode 100644 packs/fluentbit-5.0.3/charts/fluent-bit/values.yaml
 create mode 100644 packs/fluentbit-5.0.3/logo.png
 create mode 100644 packs/fluentbit-5.0.3/pack.json
 create mode 100644 packs/fluentbit-5.0.3/values.yaml

diff --git a/packs/fluentbit-5.0.3/README.md b/packs/fluentbit-5.0.3/README.md
new file mode 100644
index 00000000..5c290b1b
--- /dev/null
+++ b/packs/fluentbit-5.0.3/README.md
@@ -0,0 +1,70 @@
+# Fluent Bit
+
+Fluent Bit is a lightweight and high-performance log processor and forwarder. It allows you to collect data or logs from different sources, unify them, and send them to multiple destinations including Elasticsearch, OpenSearch, Kafka, Datadog, and more.
+
+## Prerequisites
+
+- Kubernetes **1.29** and higher are supported.  
+- Supported cloud types: **All clouds**.
+
+## Parameters
+
+| **Parameter** | **Description** | **Type** | **Default Value** | **Required** |
+|---|---|---|---|---|
+| charts.fluent-bit.kind | Kubernetes controller to use (DaemonSet or Deployment) | string | DaemonSet | Yes |
+| charts.fluent-bit.image.repository | Image repository for Fluent Bit | string | cr.fluentbit.io/fluent/fluent-bit | Yes |
+| charts.fluent-bit.image.pullPolicy | Image pull policy | string | IfNotPresent | No |
+| charts.fluent-bit.flush | Interval (in seconds) to flush the logs | integer | 1 | No |
+| charts.fluent-bit.logLevel | Logging level for Fluent Bit | string | info | No |
+| charts.fluent-bit.metricsPort | Port for exposing metrics | integer | 2020 | No |
+| charts.fluent-bit.config.service | Main Fluent Bit service configuration | string | See values.yaml | Yes |
+| charts.fluent-bit.config.inputs | Log input configuration | string | See values.yaml | Yes |
+| charts.fluent-bit.config.filters | Filters applied to logs (e.g. Kubernetes metadata) | string | See values.yaml | Yes |
+| charts.fluent-bit.config.outputs | Log output configuration | string | See values.yaml | Yes |
+| charts.fluent-bit.config.customParsers | Custom parsers for log messages | string | See values.yaml | No |
+| charts.fluent-bit.daemonSetVolumes | Volumes to mount for log access | list | /var/log, /var/lib/docker/containers, /etc/machine-id | Yes |
+| charts.fluent-bit.daemonSetVolumeMounts | Mount points in Fluent Bit containers | list | See values.yaml | Yes |
+| charts.fluent-bit.service.port | Port exposed by the Fluent Bit service | integer | 2020 | No |
+| charts.fluent-bit.rbac.create | Whether to create RBAC resources | bool | true | No |
+| charts.fluent-bit.podSecurityPolicy.create | Whether to create PodSecurityPolicy | bool | false | No |
+| charts.fluent-bit.hotReload.enabled | Enable configmap hot reload with sidecar | bool | false | No |
+| charts.fluent-bit.autoscaling.enabled | Enable horizontal pod autoscaler (only for Deployment) | bool | false | No |
+
+## Upgrade
+
+- Ensure compatibility with the Kubernetes version (1.27 or higher) before upgrading.  
+- Review any changes in the Fluent Bit Helm chart configuration that could impact existing parameters.  
+- If upgrading from a previous major version, verify that configuration blocks (inputs, filters, outputs) maintain their structure and names.
+
+> [!CAUTION]
+> Upgrades from a manifest-based pack to a Helm chart-based pack might not be compatible.
+
+## Usage
+
+Fluent Bit runs as a **DaemonSet** in a Kubernetes cluster and collects logs from each node.  
+The logs are parsed, filtered, and enriched with Kubernetes metadata before being shipped to the specified backend.
+
+- The default configuration collects:
+  - Container logs from `/var/log/containers/*.log`
+  - System logs via `systemd`
+- Logs are filtered using Kubernetes metadata.
+- Output is sent to the defined destination, such as **Elasticsearch**.
+
+You can customize this configuration through `values.yaml`, adjusting sections such as `inputs`, `filters`, and `outputs`.
+
+> [!NOTE]
+> Fluent Bit’s configuration allows flexible integrations with other monitoring tools like **Datadog**, **OpenSearch**, or **Kafka**.
+
+## References
+
+- [Fluent Bit Official Docs](https://docs.fluentbit.io/manual)
+- [Fluent Bit Helm Chart](https://github.com/fluent/helm-charts/tree/main/charts/fluent-bit)
+- [Spectro Cloud Docs - Fluent Bit](https://docs.spectrocloud.com/integrations/fluentbit)
+
+---
+
+**Maintainer:** Spectro Cloud  
+**Version:** 5.0.0  
+**Source:** Community  
+**Contributor:** Spectro Cloud  
+
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit-0.57.3.tgz b/packs/fluentbit-5.0.3/charts/fluent-bit-0.57.3.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..95d81eef982a2c77a605be61adc77704592ecd34
GIT binary patch
literal 18415
zcmV)&K#ad1iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PMYaciT9!I68mxQ()-icARTci<flkH<>q%lXT~_<M?MgJ$GJ`
zr$8hmp-lp80F<q9d_Vg;SV)4KBs-3i&WL?Z+QL!*3WY*dp->n{DI&rfVbM95LMHq<
zjHAEY?bq#gyL&r3>i^wtxBCCy_U`sydb_<R-JPAi?r!fd-QIS8=gD6{_m2C~_@!Jx
z_LuHww^be7pX7stPyq#|gby45AQN~D12IiUKBk>u3dscV0r=!O007{Db4<bk(CMK{
z10X~^U^tOL2Ecurgis*xQV|w-h6Q+Y@Cx7<P7n|j%y#{*zwNsYOz>}raaC#7b6}F>
zKUEQ@1okE50zeXi2v4Ts0?B_tL?<9&G(enFrgF!WT|gEhCjSD5n536m;LYj(sLW@l
z&m929Fvigw&;&6kFqr^8=K{stccwH(127dL;e$>`uZ$5E5)lp#WG}Kj1~2>xmRL$T
zVgV%r5#a|k?gS(lcOVlNl%02C$OU4ZgwfwoAh-b;7N9#4Z1K~RKfQoPl=*x%an8~F
zg0heg98ZpQg2}}3K(S==AE6UNOa#OPF;yDH5Jv-m!W6QQ{v&|VJP{bmE;;}ZC<lr{
zjuXU+(gbpZ;(rJR3CF^RNs^b<S?6gK!D&%J(2E$&&*8;CCNiM}{VdBXigSTx$e-fm
z0!2|n6_szY9i3#2mD7|3NR2L=20aA|@48^eVrR}QBd4yv`^4XNzV=f4CO->dGZ>|a
ze}N5PG5_E0?R5K9{=eJZUi1I^_%^_EG=^y;fS!KEHw&Wh9cM%FeBgQDIYcofr$_+G
zz;l#DbRHuj9K9#xxv~mFNrVG<KvN=Q)i)%X1DL49QG@^<E2vK`D0Y<r=sAwsGUTSj
zP(nEtl+6bqV19`)*VerQzy^3TLyX}NaUiBB+k4;yTudoPAT%S!99&%iU&}rF`Thg0
zuN4qEP(gv~x$=L63XpQ70ERZo93Vl<euj90xR8G(X%rpP2nX{4cr`wv;+P>W2k8jJ
z#Y+ZbBsU0I6cLG#Z~z2Tuq5B(2@KT8a}<=3FiQD+L@!mk-PC?`0q0yL%PxTk%I4JX
ztZy2t$7vLuqJSa62jJZY#cVU24S?%9<1~tDi4I3>h6A)81Zt8T00M@fKzZkFX#!kb
zXPjN;q=Lq>)@cdG89hg2;5cjqg9dnnhO#8$d;rEU;xY}*5D~nb>TG}mO2&ASG6WJD
zaulQti+Q3D<7|KvG%j}U^K^t5K>~3}K_LxzC!i!iiQpYwqm$6k%Yb+$&Dj8BMq}`6
zULExO{_YkyK0TJS6rzNo016a3l6X*CgQJK}I{j|H-|7C?>2F)P-mK^KcRhw81Uc$#
zlzL%gF=qq(6KQlpfdd#ta}Z*#R+Z|=*zTa&17-JQU**D`;>i>-C!yh~0d2^~LVt$q
z`h2pK?DMxAF+-JUga+V5Chn8D0{}-#=+e0x;B1OH(D(z8^E5U~Qcf%fkRgzADTD1N
z$v%rI0}P5OVn9qG0jDn%EWfEGX9K)R5ILRVvG90;0zAe62n-RZE;}?UP+Di%*fPW(
zNa^iT98kgqlTsAVI)9+B0ZtDN6jywi^B5&f!YHB_iX~vZ#45C#Nj0vke$-J}LnZ)X
zo|Ms<Bh>V=T<~?ug(_@1{FWntE-_bPt?V`?Ac#^agl-j>MZ|O!5Oe`3(Vfle9c7)i
zDI{xMc6<W>Fy=oqnkEC#?{>S6Go@S{Atm!>_zelqxYB{{!As1zaAbyFsyQ&l@erFS
z(RBl8J)`IM{cV3o{pJX=V2Z3<!h1fS1-==a7g8zz`sfnINrduZ@!Ssy_jP@rr{gic
zRGBm}8cz;TOSvHx+@t}`-3P$!yOm-nB;1U8Kf;hB%|tg;5u6NwYkHqmlqJ<Diw4~>
zrG7*M7!}an5oB4K!&^`vzyywPgat0Zg^VTz=>5Y(^*2K>l>6=prQ#)ykk)eyeQspr
zcSMOSP)$};33_UJ4cnKrr|Hhj=&NJ7)lnuS9rU|$zaj!L0;4kq$7386j3uHld<G*(
z0>lm?$ayvKR7v+IM%{e(p_2XTSXF={6lKe2LotzK)%<o>x4)5*`>W#t=soHCy*<Cz
z^?Qx1OpY~SG)7{IQpK4QD5eA8c3^@#vwkN=g5iL7ib8I4HPr`K;-I+z4;Ykqb0v;t
z5p=2X^y)Yp>_#a~L-9c0SO4Wx@R|}S0yOfod?_j60mQnfR2g-inwuGn<g9X&raN|q
zV?<L?%0LkcOiPNciUAEkJok#9y1>Q;(AWYDsaZ0tm`l+~%6)VB2Up9JgAp22h5(k6
zEoa2ffaw2gNGBQ)CKI0b!UI|hJT!#xZa9pQfWu-79U4pxRpp@}hYuM5DHyQ{5(>Z|
zqn09<p$WPifJgr0O*=7(V1T5QIsgx@de=o3477Q|6v>gX3Krm4Al8ZmcDvyxG#tux
zF_ffW4V$9`GAL&h{GZxz|35k22Q4^~&?K-neDs!Jg9lTT?}Hlvh{)am9EGlD2ue(V
zSZW%04CXWi7mz6VJD`!IMMD)_%U}?Mcsxc75urGc2BWIsC;|kbP}j|bLM3#d3ssl{
zN>l>66bv4#l!Va)F)^330K*W=fxzem2@|SBf^3y~hT)msWXoMKj!rr8W(%%@r3#vK
z+FdL%VCZYXD!Yqiwq%_(FSJD~t(myM=Pb1x6-{gHa~506YHM3=%hp@_f~z6LDH!vK
z6qxH9MP-|CwfIqx{9&=jZWyuK$Qd4h5t6ijMBk($NyW3dK>S$SUzO6M<;a8$q_Bw|
z<%;@{s`A5x(O@`|wT6NU7`@w#KWu`hPeIpIE?J|qF~*2<sRn~jc@nVA%b0K>g#@Y0
zKhPqApQl}4|G<H69wbpZ!Ne{m5dp5R!4z_(;3wH&03>s(HPvUO1V90#awb4;S8}UV
z>U4QQp2jhh3i=TR8bv_i2vm_YmXy)kjm=LZ*A#Hj3`yB<00M@UlIJ)f<kJy_${O6T
z`zsK?qWJ(!7#u?ahk1o8_ctxiHVZ>#k^mq?0<jnqsT2fnao&;>;V}y4fmFr}i6ji2
zib4QImnbNP63{q?BpiTuZfAr^hfm!t;Cg}lmq!RCpx<>rNU$?R5SQdMQe-Q2=bw>L
zcnp8le=GhgvmHl@xOizbBhF0`jKs77MrK*g1{C2Ki+nnQBvpcNHd!%>l@X@b|M4|8
zg7zON;;YthHZ}lN=CB#Wk!=l=TDoNr!(_q`Z=P<Gr$p(aLd|Rxa?92SQ_~NW6b{G)
zlgp-ZBH|tlVq0pJYK*-T%HOt$KGVN^5rtaFW$>3Jbv#w7QgdSiXqA3mY|((E@hIOy
z^aSqqo=B-*L`4gdZ7ajpQRV!=GfjA=2>`MI73|b&8_ddc22(+K0OeL9;m#7MDX}tv
zjTQl;#2;cV03CyzE`gXrq2!erVu~ApgoYq%3Na8sBDX)mXyj-1T(uDfNvdoWngX?z
zLYIqBcv2AlyAN6GziBJ*&6?bgB6@+s%!CXX0w-oo?33_NEhp8FELEzdc~2z@YsLLa
zXLY{@SvQ}fF(z87i{YiV#h}o_ndH?nH=+8JGKQC?m$~(2Lod|6T&TcES7xDhyRUIW
zOPH+E5+*lo$s|gWl`}7){dT+$7?Ru*kx(1NgqCd+MrSxgMXn|x)sK9(3=JC7SpjE|
z*{*e)sXD7I)O6jCQ*BN|99&G1G8z>SLQ_Z2va;x-P?jSAf@7-I0~e49wTFg_Amr`Y
zkit}|tO^Bkr;+GTaD8x0ImdG4Sybk}8IR>o@`_-AVI==NLE5<GZmIU&{ZvrbH*M*b
zU(*l`fXr~3cx#Nwi9U<qdbf<>Ws$J$Wb)d<@!PioNBG}r0*(<25D`jHd9rI%9aZkN
zn(Ku{HvmUyk$qY~e$G2AC7wA%k#IUw%J9D_5is%+8hZKi^e$j@E~bp8lWAwe;z=GQ
zUYte(OGaq46%Ufo3sNp<>=g=(PB>B0U(Q<<i_|8dV;XWx4ozriGtykWD5qs6(F6wP
zNN_Jf%;PAaBrFxvXscG$?e5PIgA??dIeD=QKr3qidgosNv7HT`CUWob#*}%vwRsdF
zFT?N%P2mhvxlv_*=7NRN^I(LY(+g6FNZLMbne*z1wuhP7C3niH31V0oY$*x(0PJ-e
zfoaNXgxBjX1Gw@on9%S!<}6iK)@NyGX0x`^>f%ZaFW-_J`~bMy-G{E@NS)|3GfAnv
zQqTyotg76;;CPIQl9^?;Whr!O`)oqP{f0D4^N}O{g<gP&k_mW(3D8u^Hvv?nt_%!n
zhaDlw?j$OVzMU|t1gwmUg#}tRHXOxUU^vgvx~wG-!#NP}T)EDmODw>nl%sJPfeS3A
zAQ#5Ll+tt6Aw+n}5Qs(~L<~(Z7aC3Kgo+ZhDZ8O%dzJn(g8@1&&9&4bF;&Lrl6>hP
zGRrL8nJxU~n>U(lGHdw=GS_i7z}XZ5L}vfQVtSTD05S&WV1y!ip|mZD8ZP&{RO)sB
za^NB|bGN`KRRTepBTys}7^g%jx=N?lD-Z}2ClS=R=Ypx-&Kx*N;bbI1YfQ<_$+jpZ
zkaG~u35;=&?Iwb%#?)D`)%X-eF@S86$_WIn=W!&!-)4|u+3w$;{!LZ?yHuhxCL^o(
ze5%>YlwJtsM#Tgl3Y_pEB;inU#&h1;Q0;hPiae1-UN%UlKwAU0hy60XudaZvg(H7V
zX&+o)yUvEQ0pyPX7(v!o^Y)U_ST7WVBZEc`5LO#Blt@eikute+tJ#w3ZUdSfC6gb}
z+~3H6-B*=j8X{){RLd9(f*wXlJ+90Y5}IZ@`lLHQ**1z)t~~w_(jT_K4|%O0REwvo
zKW$BdPu{AnVj+n^?GJ&72FfeII%n~JO-IOh2l%hy@05Y-YkzSmOjN1*NK7MgIOcR#
z4rUyse5%|Y%pQDPoU1s6ozgmJvQ(g~4KwuPYEHtapaG2r;OyYoq-mUpAjy7Phbg<g
zC#KQgXq3j8hG3<<rfFssb+k}*D)|hW%=698oMqBTZj0I}P;1L}O19-y`F>AM?`z5T
zQf`F6gds0f!gy$GeKAaw@dv>$6Pu|N)iuSU5KIw6PIj=Vt*NhJqInt7=aq%*+h8Zl
zHE?6KvDVNjLf|lkK)WcG51xTh9RVib<i-B;*Dw4ybfOfVs=~z<ld%lRD#~sxF(fIB
zIxy5G7!9|RwIaEO<+!C(c^r6h9dt@P@y0kpj!qh=GjDy82R<o*_}%G?liyw)y!hZ`
zo4$790dL0RJn5yROklGam2iEXmpG)8;USu#$SxJpiB7W$9z(_v<HMIYLcsRbLn7!T
zI@6cEU9E;J+0laPu(9?pXJ^O5Q+2cq-jH&#RI?EQU0?lI&QtaVYb@51w1@MHGAIoX
zrYJa<@U_6XbW#(Xpa>Jx!6ZoqSJoW)M?NdBj*j1+6?3B0LIH7PVMR<qX9ig(qLWU(
z?s@02M0;LLN&2!SUt<S^G&o0W3j_@3h0fqaS$_P-dD3eX51*yuq0+>`?(1iH&gnT$
zhKH0)hKHCSZU)`bWqsZpmRg!pF07VLbrCte0x>W={nzQ)i`UPGZ;xJ`J(azRknj!B
z=9Q!XHI)0=@C@SUHi#dq<|O9LUpeYuzB)X6aZ(vbp*9pKf+CpK@x~@-ct|HUvHglr
zqSLH3_3MwP-l2Br^)-o?s#v)%E`uly(QQVlt=_WF=C6E|Z{D8Or)$~hexY0d6hSU<
zpgk%)?cZ$k0WKh)4qs9hLtzi;1PL}b1og5ofvwn+3e|j8Px7o|hQ|0(?R$&6`GpvD
znsC7oj6LJ~qFd7PYiTzrxt48#L^+44eet8(k(F=9$80C`9RM=W)(PwCWMepKZUZnZ
zI47Rt{gcz$649JxNa#@DxWK1D|L>d@6L5xOG?c5Nv?5IE9F*#-R0HJUzr2UB_b@zr
z_{-qo>%qfQ|KXt;oW_|l%yD&)r9?u8<l;tLD@u@!uwanQRiZlVkRpH6jsiw=V`Gzm
z&e2>uMuP-m#(mQuk{Mux0-AZWWpKB&*;G}j=7a2}KxQ3RQ)ih6vWZjMn0?^&?(OmE
z*~yFj*B?qsdRD%tM1E8B=*{yN<zniX%lt`0<n>Cqa&?(Md;KSBKP(qe>X!a?w!7VK
ze$b;0<h8zLi`s^v7k0@%%U<DQO8v*BbhXGwkY&20UK3!Z#80^<ls72~<#ZXF=2oW5
z7-g;|`RQrd0>)ySx$)95a4o}s=KJb8Gh5bm3Qa=yMO%Ai=CM9!Y9J=Z2{X6oOq90Z
z%plA5YdHxDjG=vVbY=GVN*z4X>#f-Nm%_lKj;_-wRmxr3L=eMZiV4EuB3N=<rl5zz
zk~5;D<=SxTxU<G=<L*WStyOFpUEu?ldu6r`*oN6K$_gMSQ|J^(d*(-&*xu+4WD_%f
z&yxyAh}qK$rI=hzRn<%_<yz#a$?Eg9cucTZqQqB<+)|tF`ThQ?YH(GjuXgg!q|#>^
z&;VdErj9eE;siw$hRr9s&945FX~5(z{X33h9L{+zT*NT(m;zV$`_H<5Z`UX@#btyA
z*AW0HpMINd>7SA(+p2%fTiU>7c!nc1vBv@QPJEnYz2E_ip!QNJ$}IFv1<k&xpzNEv
zx4XODFA|MIa*<kgl+~O{JIZETjCPg%+Ba~%?q@NZ%x=OvM{mwvociKY+)W!x?*Df8
zx_g!TUpr5Bd+YmO_woIVgzZZ;N^uk_ekEmYseO#*a(xkF5a%f4dwk$H=u(M>$8Vkw
zkM>``c>3Ux;e=p<ggz+oyxg-$SyWE+-4_2SPrbedUIbj2B!2mPPF8$+bp<fdDzGi1
zDftZe;QD&2UNLk2dRlD|TwlAuqe>r<0?kwR%Eto5{9X5hA0q)nD4>FU?QS~RSXLTB
zb|`oOSqL6v7*Y1yfimI-DT|aAHt2M6F<WH;=PUA{#`Qm(q9{R(`y#oEtDuY5f3N#w
zw|f6`cW-BRz5egxySnN;1~VKF07pV8sZyGM8cVbUQ#1gNJJ;8aEakkoOdtuhC$;6N
zq7Juw$CUGcw$V4NR<9_a)Gl-JQZ3BP(rVv11fS%-PXe&Ft^UOEsk*_VZe(V_5DC@a
zx{Kz<7R=j_y4)Q6k-`X%u@s4uM0MVG{)senRbI$8<UqL8*<s2NkaDGclTHnJj8PP7
z*AwL=sJ+aEl*Av6<_aCpk4|M-6<8oa!KUxL8Uu5qPXjS33fGv^Y1laT=u^uOKn|el
zyy@*C?B@DvjubpDjP;d^oOzkn0xMxX;svA!Y6OF)t52-e&m0*VN|{~feJ!QlxPuA9
zM2vy^kb4igTY;wAy$Pwc{aqqKYi{MD$?jo7uIJYfi!P;{6&BC2D(JS3$VRySJG;yL
zDRT`6?ti<$9lEz!RWyz%F<#0GyQzz4IN3S4>iPh*Y~*HOawm6Miez_@4h?WqR+D+t
z<?XsekcWb3yzl)9{E<?DfHn9=C@~~(f<kXJACv?EbEO$HA}@1WSp|L7k$R2Y(5mlJ
z!Kk5TCKwHBa!hmI4J}tWzB!NqP~YK}EHLG0$;j+m-$!lSs$9%B*Hk@o=5}?JvzSLs
zV=ow?zu5+o*n`cOL<P8O{%}_U(#i>}`@%W`fwDvkIO%BJd?CVAjRHpx1e{0~tF8#L
zIdEO@C}RQx$pRh;YAh$dfRoKl@Q5<-2*rt*>lE+^{h`))wd7{ei0)TgJO5CuMwi*l
zVQ0VVtV#ao0>7|k=uu>?G$ZYmK5_^9d2}E}W=tF7f6Q;RFGim6aW6s)m8eZJ<VR&Y
z&;Ic%Q<D3?Kn`5v9)QWjKmSqlke<5<9&r@U5Idl8qWn+){<P=!e)78R0=v=ASeQRG
zmYP5p^!OS58zBK(JGt}uomBA4D+gT)L{zuR`I?1Vf9lyiK_X>Dj?qk!aTgv%OJtmE
zMlnBCrCqabRSSPKvx6oo@Hbngwqa*)>~C&xt=_;`t^Zl|SC!iKc+|pOGNu9#azyHa
z#wK{A2<I-)(N0OA=l6bGOiCFYZQdBCQYSx~CpX09v8nZ+fkTbN<8TDv5*DfWh;0R3
zh}9$<eGb1gF;ZHYWWRSa{*%Ki^P4=mmDdzF`sH|k`8J}RcOo=_!5oY+;{tH1-99sW
z2<U)wbrO#MjkK1Q2?~Om5IZaFO49^>4u&l^{?4o~$KP+j_1}7afBR;rZU9_Hdbz-A
z`j0I$=7CzkX=}`tRfNbqp37+v)I>-^MJ}%81^xCQFSc-5mRsDL!Lb9UEYm+-@aX0e
z>`J|mwVD`i@prTRr`i6O(D06Ie}7qS|Lb>mc53$jy|w-SUcR>7fQIGOh1ztXMS;Bl
z!OH)0Vel{8(efs+%kpJi!E9BLn{?6Krl54RtUJ|MX|hl)ewvXu1pOC`BjAHifM60L
zB0#^=$BMFByJR8DG~B$f@Y7hO(n4tj^%zbXS+&F58w{b;z`~m(vc}@8CTeh%HcHW?
ztifC9vX~WN$|{tnHug3TK4kzL<et&D9lsR>D(ia|6Y4Xdmfao{*;QOI3@x2w629WV
z)jl1Dj!nCXZ1h26vvPOJ3oh-USMF_Kb)#^_C@gCkU25p1aq&7W0?^`I(2Bji0=Vgs
z<@eFD=8ZY!QH<CGmDe|T6yiVtSHOw2J=d*-rAnFU#4;V`ojA6<EiB5^^$J&vVib5R
z^_8p~A~XB%>;jc(0g>6j$&gdRt*n<jr!Pib4SDh>gJgoh11wMs22U4sp)}{Jd~OiS
zJS)uQq^m1Mg}RJ(iF{B+S*a(r9~QebmzXR>s5?y!1Flq9OgS|?n)B_f9m~<{hBR59
zTF55c;vB{u$Tz+~S&Ny+Sj(^!kd`U6(A5fFJDcf5Z%T#jMbtDIrkYZ<2NeQP5j3(%
zuiQUcet)8TEvaD)R(z%sWouGhRLbT`RpM;uXDO+<i?UeutK6H)I%=n^;<lzKUc^$l
z4acj6OlcvQQn@C|sYg+1fmANo+`-a_izo?sQ+XKgTa38sk897g<&z6m@XNKR&03(v
z9j(>Yk#0Ilp}q#jmo;w}Yaksw2I!BxWp%OI&BH3Y&D=ecY?}OTSLFQF6;}eWsL^`q
z#SN~;qB68<zNBt-G>BbU)vqm5)O)0*iUwxxNl=+Fz`H=BDW&IL%A%*nFG$7yR1tC>
z@+@kR#zN`Xrp{G2OUzv_6Hj>>UqBH|JEg_ZSfWh8wmcACZh;3g7}-LBHFH&eQM)Jh
zaO+K~s@_96HcW(SX|t8H-g4<T4u7Rp`vuWb2v4%UwcA+jTd2DYx)v;$Tl3^zzhy}`
zukOlq?2=4WQ(G3*vDBHCVl^elbTL<RDvC}Em}Ve#1!z{k$zf4gkl!;l=**}4=BB^;
z4VD7Wx7xN^h`+thOS%fKuRRM^of?+zXUq4p+QclOxzdVTylX83U0OnR5E5CS6qMvM
zl>IDniL#VsQA|F^BvXV&Q3e<*Qp(MsF18%6zwhB|wEvrMt&B$KE}nx~;{V_8*53cx
z+g<zr-p^NIplk#K`((_1q)X+&RH)!silJEkEBXx>6Bz!4M##zh=?Bh@wv!^vd!e5+
zRElzEz=DVE$m%9wtqND0V0A0V5*W>63^kF*D*~YMJSovJ&KlGtg^J>Fl9F&oLkooZ
zWyOWIQxirn=gs0<bA$HFCw7xMy+v+DY-Ejcf<*pzgn98p$(V(J21(d-hM+B%8G+Q!
zo}c#o{_g6B&qg9?m?raXOUqPMA9%rtmx><27?qW-mB_A!tW;fATV#_gj%F)TR>PRG
zE~`phRl>Awh*{x4tFJ+E(tC@M*3ZpX9`RZX_|Cs&`~L`&5R=Jgi2=**|2^5R-2dr!
zd)@we|G$s#i|zl<G~s+TF@Q$s1dY|xV}=(m7=Z&oU4Xe+e|b7mk9=y;LqjXOEjUXR
z>sHSMP!8JPb_?+q?7DgV=QqrYsPmt}0hX-)-gbApy8ipS>-B#xU)6$QO?W2KWY#ZZ
z`AndgZh;3wFn9`puP*QVKSy)~+@fyhvHv@#M45Oh@BEr|mKmIG!yg`i>+6Cty{oIz
zH73*YqY>n$w?@(|FQCjA_n=`VJ!rrNvDcYpU~MXEMV!^8E3YiKT48o<xAsitya^wC
zQ00TVQe!W(CnLc1^<ZHcm298eXY;k%OkG`pVlGr;pGsEUM-MV8LL!^6+BiJVTbrl8
zz_*0|7q;Cm$N#&#Pj;&Oe|u-m|L^6y<zYfqHoP0gUOi4&P3ZYdNzr0vW`{dRbA7g#
zBKvgDLX2V3s%XYOA1PNS<K<NG47<AeRvFjg^?x^yfiIK)c53k-_If){*6aU1zN`A}
ziTa`Ams{=kyTlt}1>3^NBm0b5uK~Xl15>Z-ihNZG&9)3+c6s{2CTNz`nycv$!8fgC
z!rR`onu!<NT+LDiaz<&hNdqGbO<Cua75u3BO^B@-URP+fh^l!f?S5<A`tH9*{;v<<
zITH86|NBpR-5UR2-~YLvZ#6d!oB6{e;f2L7FZXTl0F6FTx^%OLV;g{W@7~W)`m1b*
zCn(V2`U~$80AeVD>7j*%c0ANWrY!f>EkEO+3ss(WxY;Ng+NeB#qf1ra#L4djRiI`3
z$za1GHvr1yaa+{<XglN8I-frgR4vtjjT)r7%PnQ#ku7%Bl&np=<^3vkf$DRqrE}wj
zfbG5oQxu%@G&VASY0>J)AK-z1W-#wRgB+>H2i%H|;BKnn^C|4_?(sBkJ;<&qQI%d4
z%HJ(|Qngkr?o{o#y_Qg&{l+<1g#;Ge5&$4u?Te^Z-N&r0Vhhl1`G52NpTAjkCj!8d
z{eQcD|95YDZ+pG}-^bUw|K}vIOaLg}H(N^pcP;@muyZRKLz$to{EbTM>Xk`6P=UHu
z*rA)G0Djy3|6b*nKaXs2SCU1W)7V<F_)nEAzAf2e{eAmiqx?5b;N4h$^ta6Zv)k>}
z<G**;^51=YmcK7}B*nl5a^NOdD1=ny#1`SN8U{;k$6A*BC4YALn1=iLWAop(U|A8>
znlO|-1g%@kpM|c8Q;VuDk+dYD&eXfv#_J7$CYfEP*W`9^vkPC<C(<ox)9$%d##FMO
zQE#hMlrfdG>--V~FMg0c+YGZ;uuqKlwAmLkXX-+}Gk5xuG*2m>B+owc+PKwV>!4Qa
zooPt*&?>mZ1HInPg6HOMiHKN1yh~iH(8te5hxLTL73Fu~YO||Y3vSV6(67zFKl5wc
z|FbZccO(NW+5dNXy{i3ZcW-xRz5n0GCn@=XneY7szcMjV!QkoAxVjDTQ;Sg2rqF3i
zyxUdax5vs|-d+|H_9pEVabz3d%PlbL__8fBuf%783MgZpQ=8*|Up<^-qGlE$Ko{HL
zHm&$zy6cwOy@KS`7`?WTz6_q5rL6)1_h+!HY0CKkmKfTaoCS<8m*o>%gykH7huqbU
z0*{*AxHemCXU*n1IhRXUKy^^nfYQ2=YHB&8*utvzhE>}rv#KI9IthEC$^n*YWu*i$
zrCd}@Vy2eLvA1zgTiq&wzm^zBxC*a$REphHq}hhN20(4|1VDa0)b4UXNdQG{ym}zD
zHFqf({KX!lMuzT^dQ7!8QWf7NA9Vu7l-u%?mp!j(rR6i$%GyeT63ByR4}gBzxCX0)
zX#I^~aE^-LW-Tq-`$7dk@uYkuxt(>CKRKj&-GW?`N<c0Pej1MuGl98UOI=msfV9HM
znRPpuI{p^HH;6e}0S$`>YXB9|%9@KU?MV)xeW;6v*|@&GA5r)}@@tg;O*ngf3;Xl6
zfMx!_{a!Wx!;@ZbZU4KMuOb$hnK$?RTg1!e7c`6%=^oi2+}qjiN*m}s+VC{R%U#q!
z@_=guH&<ncr(f_$(`>gb@m<SPlf9jhiy&hw7^+=+tYfCi1lgo9ev}WBtgQpQ`%v2i
zN})fMw30`~bk7csU2CsM@;#<e;aP7V-`dy6|C4ZZkLN$V{*&tckM;Y%_x0WK{3oH|
zbIe(qNS*sx8cvY7={ZpK!5PaEaa@P~ZJz-(o$1%`^Lg$;4c3MjUcM!825}@2Uw$Z{
zq5X34FYlq#xQkUiu387Z*QngDw~IUen)yGYF%naha+cmf2)L#Ef4BPn`;-2YHUGbt
zuVj5*@&Z*%2^N&8gEGnxRk8Bb<9U`tSx!19l5|=$h&D(W|1SZ#GuFQ-<U>pU$(<Xt
zOAo-5+Ja$-CA)@E*%`3m%yL=H<*ucRyP~Y5y5=MgV`c>|&YwnWd3siMTU%OJ=sl|*
zw}R$Sq-&o41-@qf&+q8wxBiy-fA#mO{C~IGTgQL6m+$Hx<2_cdkyjpb%w_*_>$hhA
zRTftp*3AU+mB1_)+7pInI6@N?4!{^jD&XP<I6;4;n4u5|3KFIQdIH1)7#X;N0!FFu
zWhbMEUL0poUgU*raA#Ajp4Me3Oi2id&_Xz&#FJpae}fQn1*qtc)!vo@GD-!wKp=nw
zB#h2*hyWH~OqtwB5#b160z#CCsjqGy=n*_;G_k26v!m@F9y(bV|2*-B$3Hj#toY!U
zF8J#Bpctu4IDYj!OK4KVDwD-hvd`ag#IoZ+^K(IH?56!_Nh=&3Vv=5FI+przgBE0^
zG)W>P^==s1kwoQYIRHPrPPsUdeg8qHLNX}=fo_18l#Or*q+CEI>Mc$+?P@Rgoy?3E
zV=@4}ToH@m<pAvM?r!fo0F1egnRl;^G6cgnB$}U4D%2(ZITt9lXLl_J-0|1A|MMWY
z*ZqIzN!|Xpj{kBmU&H=i4{BV`S^lnWWv_3Heq3mL?GFR5zWuj`IlgN*q?OQchnE4%
zJARnISTX>DrO0U)2#V}qC>PH$)306}N9hD-*+wbeUm{g($c<mJcje$>1xwGt=R3Hr
zkf&Q4cAlnQYpbUgJGn|jVM&kx?>;!X6Com}a~>F%B@eidU1#y$u}C`c!0TU+-aN1G
z>nqK3NuanBabl%rjZjf~)YVS8K?j;e4dWp$2eeP-<u`Bg=VH{akY11r$in^OSL!#4
z6ES~|nUi@&9YZlyKN86exIo0b>~au696RPj@plvm6gnpQIYVN-;orm8y#Jds+xzkV
z-rm`(?*D85@B8{1!@8Nc)!+7+TjTLkM!8X|1@-3F`ZJhc;CjDivh@eheUUqO+6H>d
zJG@lTHDSwN9lM+0QME{rWf~{u{C8u^d2Wlxvt?1qs-R1O7=h8NV}lqgq0s=`RB?GE
zAv`W&pc<!YbIJ5!q8mG7a6HC={RneoR%@()WgRO|%^`*1GZ;Y<Am(l^?qXz>RnFXc
zl~hv~_G~HOQ+3DdL@Dnz_;%*!hkI&j{?&1<(Toz8;o9;;@(NF*MUF<<Wi{>kYQ0um
ze|i|ypEO=+=^fEfdDb?qJYw>!cN(*##;#|XEq?7+%U(yWyYAP^w7-mOqpF^}>?P!+
z#XY%##F}4N0~VK}Z3&(h(NNjp;Wpk4JKvQ&x=8+m`W=cde*WL>@7B)$d+Yb#?&WLV
z(#;DbZ7;!81;y-vla=Mg1rMEkottHqao?e+XAn$KYg?(H>fzrqGSBEaB7k7UVi%QZ
z+DTS|y?*d>{VnAG#!Kf*^Z)Jo`TvvtI{xqde0S~tWk~0>A)VX#f1Q?qG;b@7E=Vgn
zfGzO<s`USE{lD5bo~%7?y)S)3%SC2W_??cF*s6lQ_~+>eF@gkA*K{!9LaJO+M<-!I
zF{vt4wvLoNM4zF}?Z5<gX8r6vQ_D}(Z5xnz^QX-nxKdgv;-yFNvy>$lepkS3z+i&T
zaExebDGsIN&u&B`<^(Akz+_@MI@hu)arJ6X;@5nn6G;OP7Q}(8T>fmKof|}tTRvdc
zG*ng}<gI&CmraWaoubm^aP_-M8fvR?!v;mf^?MhV%A6%Nk8>HERf7dDnt{Ui^F_9z
z%dl29eCE8a;f`DVq1iUc{L9@aSRV&{fv-{i6Nn4_uNP24P@ta5ytNp(O#k28-L1a=
zwX?VO|G1a0!t&&tzhp2*7nGg1NpCaDSF=Glb60!kt3qDxZKSnwcNYk2QxwHMpLT*N
zG)Bax9;#ex>#Yk=GwV{De;|wd`$=LjQ;qvkuO34JCn)qr^Rjir2)r$}hOF~bO3w#C
zj=7fXg(yM-d5Jl?P-#330)#>o=CWasxsK#gpPsUd;$3(g!%4g0M&-IK_*a?r;3q2i
zIE^CvT%{d=pX5ag7y*rAC`s;}%ct%KlM2~{%Oo#ww}8tdgc7jJ!GHai8W8Z_toZo*
zp#2y@wN=}L^C6uoPX)8%R#R_$fWnYuMk2%05t<?Pg}1#%{y)3l_^*50wex?Oz2^V-
z@Y(wR67}B>l$eKo==_G5z(FNqtGn44UQyCj%bwB*+-x(AO?>Ol2{oQkMZ_0yCtyhO
zNkl@!;O(=%mR?v@avr44fDIFJH1{>zhDx-Y`tyt;CYRn6%W;mD;zGh<G>TA|g(T%R
z@2_QkwpzJjZ*+mCuIQXE+m9Gt?rT3t%Z!kxec`q-skfb{-MVdYlMuxg*(zrb1M+5z
z{i;1ctQ@C)@4^;0?39*JEQ^4cAFpYcFMuMYY+!0TrM^!^*V_MmDNy1Gp$y$^8%y^8
z?(TN={C9h2cYXeQFW&|@hC(2w@0jV?2NzRBz$nF$y2+Ek;2cg6_Z@SwEDM+l_!LDE
zm_&4>4Lz7lwv_cx;2Bc(V=En!(AfY4P1F_#9wjPDAqw@<`s=0--jHYxC{Z<Kmq3CT
zh%iCE<3B$go(js4vjGlh98&^*J2(X)X58^7Saj6Cy8Dhl`Zw#Sf3t+?q$B^ye)1XV
z6o5uBI8PHW#u4JqW1n9n&SQTB&z;A<h~?ju;feG3f1M5R8)TTK9K3q|f;+x(T6TOK
zBG}Qz8U5YyXFQ-G>iikZRMz@G_+|g-=NE@>e)i+=PTN?r{`czf-?n?(>-WFz<=X%+
z6$OB2Sb$$p6ayu|$$!ZNMRejge+TdWdi3V(#Ruo_U_Xk0lu}0#0)Z-`_=b>d!7K-G
zfujhF5D00I#)t?M0!(xfxyJsFx*9m9EQSJL4n~lp5Ksc%{VMf$STz0N(Nu_p4?3N5
zgc2BJ>FTf$kxtL=`rXc^QeH|ufZ-G|-LrS6D27Df02o076AP}s(Ckw-=|~y6GwVx`
z{#3-#rtdg^`>W?U8yg#7KMYX_Jn)h-K+pvkBPdd)SmMTp>2Q{xp#>9=y`&AsDG9WZ
z9*eoI^c*D&1yJPmIHklB)EgndP)uhitTc0CQcXALMN7GtimU2Ukj%j-odC&cO?GzG
z3V7fZ0RiL)&@q^$5kaib{v6NyyW?zZfOl_?PF@_o*gt*o{DV%Ib^YBZ{`Lppfqu8Y
z=XH0y-V?{hgyVSNtrB{`upqA?cysVd8%fm6%y#{*zg<km1dC}pQj@E>QpaLWOe<-;
zBjBW?Yi|1B(YuW&z3w6qQl{~gU5|H?G>SS;dfm-UF#HD>XojXZxj<1gv<KF=2iEQ1
zc3}Nm53Fwn*4@3?z`DDO2iCirf%R@ZuwFK>of{5pXYs(g#lW_`{`PGLwvdh%4y>CE
z?1rS+T}X<1_Q3jH->fmki{!9=JKnc7eh|aCWV@1);W5qxtB;FR{*Og#yEc6kt=$Zb
zJAVI`D_YgmXx#hh$&Jvs_tTR_Xxz2Y*z@|Wgl}zx<zdOb-EKLnnr2i#-i+$^eq2cP
zJN9(-yzbsDM%BCJT2?j9sJ4H)*{JsR)TsUkMJez1O9RTLY1iv@z3xx98qn?5u&Q~>
z0d4=J1|)Dy37VV_jnrWFOmO(>=+{%dnc6$4cC=aEhF}PFVu(q{Bot$C@{M>^V5LD9
zfIJPx$@jlIf!BBPZRbwl^_-mB-wC{~lQY>nfVY>y+r69d?q=iNy_^2+X8qf_oBr)&
z{oA>l{_XhPKZCaX{e2csJbAJI{Pl~wR{odj|NSSuoof8w{$6)&|GSrO16VtX^VfH|
zIo|9o`Cf?QiO;7PMWH&J8^LgbI;OPQK|D;fTCX(S|A&itgr1HgC_Mg03K`l2e|=YY
zOAJ6o|7&caDDSD_OWSaqmyio(6NvC+DlU-x7esUd5=H~Wxl)TmFsAGRGATHZDFZ5Y
z!WMXQ`adf3+39mIhB1!jfF_7RrN!%z65My3$B%!ZF-qVB4IV!Rf6GRoQK|eSXh*Bh
zuOZG{E*$3*Q0HQwz>65-2z&x>Sp+^gpMd9i9?<{G{!r;C<TybLd;)(%VG3DD{}I4w
zo(K#jll?pR1XMW!IYRMy8bxp_3+vzi5DXHIg%6V?FM38VVl+R87qXnle*9x1dsKpH
z3!bv9`t6&9T6sBEeR&id&=5I}g_ebqm`2kp!Uc??EO3;vL1_U{%6KOzp&Sd!=8khl
z0oH|8Nwu|rl;<I*a^)seRbwQkGz4>+sz7EbN5=dVMf5^eGM**A<9z)1Q5m!yxo3ei
znJ^e4;CWedMW+D`upHMkU~;A#wmPe<=NYFVv!rA@YG@naH^lH52l`<{XP>LC$zJPG
znf(%A4mh3=6oSzlygQ)sN28F+@q`P?P$y7jHuGW6WJ7ZcVIwrA3}u*<c)&tJXDJ~W
zDi`8Nw~zt$yZ|ww$AUbH!@$Fwr-<c}fuQGz_)uBFxUc)1a>N2k1R_FqzXAn^hzKm^
z9zzp!nSdY41AebYtO0tGhjTpv7nGfkBYMF*?@cqEBFSL%z4C7PhyUL{RNB-Pau^=V
z2@ljKc}ZP$eb)FEfR#vPP$3X-M2T0W|NThaRTp@MqIr$3BQ$}*Tm|~GsDFlG^NjKu
z*~<|F7=~uNpv>9~M&(HCA*`@sY74)0T>yQ^D!JvaXbwIB_1M)X@Z7iq%D?nm?8@cN
z`J|Yp{x|zy=`Z!m`2^s2j0qMJBpoR`@h9-{>iT2G@XB!<n~Sgsf7ks0BzI&IkDtIt
z*Hd#IV)oSLYe)ocxn8eUPsh=zR#VT;cWk#rO2!tf=GTFn``h}qX@u1~Wgp*tXe^w0
z>3jksN+tXMsNyI!mbKsP{RA*kaJQR_T5kg9MSG1!mpq!A*M73wSiS0DvjT$J98s1c
ztI=n~o@#=l)`~a5bj2xT#W7i~94pqat%@a*H7>c$#JI>4q6B3>6|?|hSW#_R*{foN
ziS^U2D;JO<?PJI|Vr9&`?~eCRPG6jScuxQTTKo!WaE{oJ(4oLF(it!Han$de5}j~{
zV>DC;Qg6oNQqmk0)l`zH`|w}h!`OQmo<00!@bLBE;i>=d@I9&ZRYhb_0m|BD!xS82
z$?2=ZdHL$_tUR2;!&oQ2h9a1%RR6I_L2QDChjaqon9<3B>4a=>zy5gY9n#4}PNYU;
zQP|3Qaj9KyWL|A(m?WvFcKFrN@!K=IzXIY&|2&3b3OX~$IuV_83g6_;V?Ux3T_#Q=
zx&8_A6WuF4ds`r2*vtW(R7M*QpQYpBA&#*CyRV<=<kNF3hfF5JLrf4?BY02h-P1yT
zSiqiAE;87sI&=6^%?%iy{_FJY#p~z8w@0tep2|){D8JmUYn&h$4qq}F56`5?--tJw
ziU!2Jd3#prTKf$DLb(7af?VK$BglfO7eg)()7gh~!Ug2hj8wCkJwbxa4WeF3uA@-0
ztYI4=w`@31*H2Zd@E)yQs^QBZxPq_K7bm~HI(T9Ft>Xd}^!+kQ`PB9(8>@ut>%2q5
zLo`E?T_mCtotBj{97aw*0@Ynx(<fKE^$Nw+Ca)RSuwM0-v$NyjDPl8g9jdfL6+aJj
z)j4(7%24r8tj?P|nkGz&DTrVsro)3N3eKBJF-^E&2*z!^Da^tx=>UGOX-b5Yh<p`g
zKrQGp6E~~dT@Hb0)!3>$gKUMWy(Nv~QAhI(i^Hq{v$;EXq+#6%R2G`j+T#UF(UOY&
z_Hjx2iD59sM5;;4deCng3=)BXuo8e94na+57Wz@&0lpbo+>Rm?wwE@0BZ9aaT2MG#
z)Ug$3v<ydR#mIsqInCnAt5X7>jwoayUqy_zN{2`w7Gr|tmhcw03$|9BWiqf;RC(NM
zz0exNguyW+aF`ct9Ehr`*khCOVHGScl9gJqfRf@0Z!<y&H$KHB2qsS7OU$?>#Ue6m
zRx%KoNztJ-^PgBu&yuJm-#8x~WWie72BRd>Jg9JszGDRvYtOg2#?oRfCG@`BFh7}R
z_nR4F3|DoEVmNYn>_-^#wifJX1==WXO2r9^C=8d<rd3jo?VnOaS~$R>g1+t+;t5iP
zn)StMaqD(m2?4LhM^qd$#1Rp0Yi-M*RbD{GKJ`0}V;s&oB^@mh#4z!gg3u0Bz)6KW
zcKzP2-)*YFEVa6E<rGCL(U1MMIM*voO%+sNUvvr?O={Zb{^4O$_p5-4*F0{~i{_Bk
zZCmUDI4RlJ&ovb5W^Z?QyT5APBT8f+ZrQR5e%;dWN+f<8!d^_y0rN{|F*WOB6;PFg
zYu&Ridp0g>^C0gkyJc2%8EeVQNyZ{IttCxQmlrYrS7AhtYNCK!D=(r}fLJWsGt{M>
zQUgV_R#_<j1t<f>L!+v0ls#nDh`|VtQ7{i8)LvkQ2;%&h(Gl{eLL@&U(Ij}e%c@BI
zsZ>SgShX@8u~Y_=v1Q?kQh2Hi)~(~Qm9=~&^}GFUQ38__1jG3$3MdKN&5Nt-kj;;L
zw^5<g&9jIgZT+u58PNvq#&0JqZE^Wi6fJCRB@meuwP>-d1gI`}-w;5~Ya8VLEKL6m
zL6)BkXn>o)_)`E*Xt=+8dX~L^dxL7rC~AeLZcAg@?mjGy=5QgWvEFvd-db2*vhiWC
z6)V+fwl><f7p>Goip%Jt^{uMaYBNj~DwgdZEzf|qjf#z6uw=EWBI;o@z8?gL^Tog<
z*IHH%!4R*sNtm!_Q)NDLmjYO_WiWjLb|BTHilU=TEHF{|l5kC2u&0&Haj6i^S0mY`
z$o5N$mP58TZ2F7Ct+#DkmAL&&I#G*=z8r2T-1v=(+ab{x4>@VyzDv=rn@j?)j@@eE
zreL&-5wlX**Ck`Gg#K+=jg`W+&8-3OqJU+K&{_>8*|wau*-7E)X9fdwj2KqTZlS!?
z9Pp@R)J@T9mgqK10^F2!&gcTpt*y4HZkxt4O8I<5FBey?De5ZRi)gFVYz8Zhjz-Ek
zPLpQC9O@(BQ^BA>lUC1**@}k=4M!+$E0DUtr7ap+4QFEmyyb9$w6D!u<wACtLSSTd
z$FXi2DBA-EDc28l>enzK&}XzVEv8}SVTDORV+o9*fU=Mq?=*eZ1K!CdwEqhC3oova
z2E44Z#*m~i>LfTp5hkc(&VxHq3O99^f1ww$>69a20oB)j)O|?fMyJe;Tgq36PiY#d
zHyY(nR;ni`_*kea9|0y{rq7b*Fpjpeh^xw3EWZSfj8~W};uN(94lu|WqDvSj5%QxH
z4!|cB_#nFunH7;!^+>?UmO5JJ0>;Uf!QN&bX~OeBk_z4JD1{)PAp%pxkbYYdkx+XO
z?T^)zOrh9P(@{o^zM3j`?ztTB2ubvX0CLk8?t@bbh}<-}K#3fwpas4RNsO=n?{tL~
zrZAu+K#Aa;5DMs3CUjHby?o|h$NiWxU=TSd@Ezo_Cr!l+!I_&tjyxr+0U!~Vr|HvN
z0RARN<_S3Yd!D871xkmO28W&cwC2?U7)5G+i)qz!@>aQ$$k~`u8g5yRh;l{-j^lv?
zz288P+a1liv1!tGJg^^z0G3v}#tsaorMWJALX|}Kv1u%S(|`Ou2V5qYAGp;U$W5dA
z!ZVVhv|qj*eS%^Xk2FKzNT^aDHK>mO3c>Iw6-eKPMj7)kqipKl$1Om`6tN4Oxvk;|
zX(A?6Na7vSlqk2*aZZ@N<9Ijv9A`fjbb^Rv<tPMWMq@KOS&Svq$#=@>Pttj#`zfL9
zg3|E!PF}3D>94PKeA8d){)f7pcJ~)Rmc@VRKdHul=|Ac3t?z%_$M>hcwg0t|_Z@uJ
zWDS)7bNAQ3md1bF-tN`b|Moim<Gp-qC1|Y#t(Bm)67=0EL0_A({z*Oy;Q{Uh*t1sL
zUA3`f|L^VgtM5PU>^xb=f4i5jWbqxScY%}%d;kPXk>h0k4FeFOQ95y)nxmf`Xjo->
znnURKKQc@10Cen3FUj77*A*dAYusB1psA1sWcO-uhqA}%2jJ>@mG(>Jox(@7jw%4E
zuCF-`zp_M-w<(39VIjdZ^&z4Gj6g&u!$`TcJZ-!XQHk+i?Rd4FyBdhK*PA;t`Ce}>
zt>n;%-s`ytX)5y6Snu|a9Vho`YnsTKCubJ#x<(#eGv$2kRlWLW@&AIj?aQaXb4ot5
zjfMQb*W2m!tMUK$cDn2L|L^6yasY6x6J~b+t`udv5$3`jfOlCK?|c!tqZCKt6>$fk
zw^gJ{xn8>^<S<N*m?tvLwVsRHvh!0M%IpWvPlv}RZ(hGR`{l*kQ#UVhZ8f4-s;gJ3
zl|IE`Ln;m^IiL|`5<HuX;G^yq==XYCpufAj1$vuSKU@_xd;nbAyXn8ceuS8?`<suZ
zxNBhYG%u7aNcGqai)-q#yroFzRec56MIjcIak*p60~q}aL3S!26R#-|Q+EKmDsw`R
zcqNfW(kRj?3?|bvN+W@jY+_toDiUFGF6Z~%2lI1=j_8Fu0O}lFr6rJ{i08AO&7vF7
zD1r$`p<Q~>tS_GP#WSAIw>x1tJf^%1d0L@6IfDL<m2jD%$^4$n-!<5(2Rpm@?_%g5
z@-%%1om;B_lqtKF=9g3ba=I^3J^(I5V>RdQzO^>YUsj*7P=w^33Mi~L^Zqb;q3avy
zSNAfNmBmnWYm8A8>N_gsX3br5Ugah+OcG2c<*CvgoifCyGzzPAWGx!%LF6F>s<Xib
zO3G7RpKwz&$au;|xU&PdVFi>bqx2}V{3^NE)#3}A=>POnu(P+QiEb5s>Gy|Lf=UUN
z9Ns0Apk{VUjVG~2_Uh|%`=;x&*StRW@}Fhq1vDXCK8FGxD;FXOqnkr@X;R+J3Y@++
zgrJdUbwhE`EEh6l&#L=-$^{<J^XybmJDV~ri7KP+nR&3rF2Ycl2Ix&gzhuu~6x3<Y
zjUX2`KPZ#CS~<M5nm|q#Jmb`j^D5A#D2=6t{v=8#n3&L8ve-}luD|Wx4Qsq1<CEKC
zF>z8aC=VE2CTgkhG=6lRj?gfn;SiHCz51Pwp1yZwn#Tnc$TN=i@7=B3x#{V9_d)*S
zy}P9y-@@T&K2*M!?~7Xt<y=`wR?dP7x!0TJe(6AEvS(858FIuhs)#<>^S1R_%yM4B
zKqyYoD`iJ$f=Ku>Z(%=BZ!R3uu+jp9WKtK6+P0IeZ*MXQ4bhOR&1@J@qMZj9&1_!i
z>3dh*nRxGR>H1IKyAlocnQEVgDxMWUa74rEOfJXsv+otpfBh1OKBC0?3}hcHl#v)D
zJb?@mQ2~+*J8~S&V$z>p7T#%*g}1+7S=iFOUTgaOR^;Lvi@%v**e2h?2nm6_AcCCZ
zpdEwyB(@F+USfWL<T6F!|BD!{Qn_8smZzjhQJqv-NL{a~Eq9Z79Kis^dKp%QDphC%
z*?xp4#FXh)vO@+hPQ_eLa)e1us2}4fdXvBa3rYFA)%p_#Ln*msgHV!irOXtE=p}1F
zRnD}UQ6woO*T<XlXZYVWF%8re1U0f(a!L{!<wB-Rgsj?Infgy0ifL71kjq+1%BT3>
za;Upi?I(Z{dXBk1p3_a#hMQ5mX?g*C2ZQ)wpZSzt<f6Gt&<xf3$`eSA(kS9BG{yxC
z&M}!Zb!Eb6nrH@4Lu;JRCW~RTxSNH}n9)(KsSF$)k1McR7gt?d0iUnB!V#xYD(*ya
zoiK#RmsDFB3KxO@@pE<7X9>Ssm36POjrRIWw$a_@ZM45gWo=YTb0)H?N_a$tTsG~R
zVTgGW!CYHamfTW-#OAvrD&$U3Dj-+yVTrjlBD-L4WfP5QSOssZ0H#be8X_Llx9&f`
z{>h*~k8=N)p$dsN9L)vdLqP?Mj6hu|jjf94^}F5p!{#O!&B3FDhFj`L>*gA!v5eRF
z>)olIS6ATU)m1{n>+8<dmF(s9^+#}h{W*GQyD0ZcViY`+7zM{Vpf@HHZ~`sHm~T|-
zxKSfzE!wR`yR~Sy7VR3reM!+S#-vK#YjN+}7xzjD3*^0@*7Dw3-pl1Z?Upo57!B4^
z-yKSQZxmkFV&7WqTZ?^G-dgPYX2rg>h<8H~k9~EEUa!RqWv9EA@zye4#inQOHLm5m
zJGAPZn7g8D0k4r}*8<*Jz_aq!0^ZuLw-)+7+pgCt_4U?L-&*QxwCt^Azq^$EjBQT~
ze{0#VnR5RVWxw89_FKz-YuT?nyzfW$<5MX?+^_UkGx<Gf7XEr)Son((tj=9YAgpA?
z@Nz99{%K@HhJ+MP{u9JQ^<FDRDn8g<Ns3#4qA4Cj9HH<l&GZ+U(3fgN<$2Z7RBku3
z&u*pz2sZCzU4Q~L+|yah|2Ckt{J)m}zZ?1A4nxq?$+h(V{Yd|aG0J#{qu{F>fZKF{
z@9@~)1URds`}VSZC3?trF57Fe{ZA0>@6Yo4LgI97?X}^orM<PZSLA)4(%#py_O5+4
zzujv&Ki<@U+uv>$-gb9BOH%vOSy=x=q%ad;_={bwSv@|{{YpwNb(nm0|79&C88~Yp
zX)Pobd21nQEhM$z=sWXqTq-2hOkAx}((YPH`hKOPFX*QDjmt^qBFS1(GH}+C(ppj~
z^45~lT2gAk(Rb$&cw>XocH4E3AJ?MN_bV#FF#Hb|m-fSOEi$b|rnShl7Ma!}lP<9q
znLw+^R5LHN%1lqzGSl}fGlh&M|G`4jb4HWfOHF_JS46gdYF_iZ-|;gdzosL^2oi{|
zpApI6tmWjjoLuC6pK|ioxtFk(lJ87P4pE?7hE@=iowgpk>hW+?XPVj0=Z@wlXo4=2
zIw=*>uiNn-1BU)c5f`1sRFyEAASQ6FU-iCOozOU4fXsSL#o#Vcm_L=g@v?t#&^>5?
zViB0C;?_!B-+~TI&(&7q+q`zcFm6B+PBryQ*o}8uo*3Tkt#zR9K?e#b5fBr^hB1mM
zn-4E2le@~0BlEzE^;Tk}-U@AfVl<)Q)Bk<%K1gV&-%-?%pT2jChxgyR*SUIh7mCsM
zb1NIpCdD(a#k4S_`!O`!mEY?1*YebWwz=8LT6_B5)%5T=Z(W)m-*kFbyITEPbq~Dd
z_M6vh>;776S!*p>-dbx}Yb}j9`g7R!*DA|eWx3V4O{>n*UF$6OrnB6+QTrxZje7Jw
zmw(F=^`MZggCrfMQh*$C6i||#_Y8O%4>5xRU41LM4oGNt%Sc6^sqK8VdAvt`XccuR
zNYc;Ig-X+yZ988s@YKQa+m%%#$3T#6NKr->+SRk{@?eT$Sg?rgA9ZpjpNEj0>yiRm
z!jUUboJg_O67)2SEO?2<c!QKN%_vJ`$x(y?Q9n!6!;!kl0Jz7^beZo?c7aCzYNAir
zhA&KlC=Jnm6xEw{qfGgEUaT4`Tl3?3HA#J{R%w;kvQNGx**lH<M~c|IT_si7zhz^!
zbBfvQl~O0@vRag%<K!)iPUj?O=y^ss7MG}QCDvTRD9XF@V4Oyg9JuE{w%hxh`QERD
zkt`<q!Egxem^1byw{o~;{B0R`D>Z_~nBZKOlXNmvz2gNV!(>cv#jyg0pg`epG#{R0
z5<Y$JK8Gl#<W$+@tXx^C<gIYMRoQ=*l6;x_6cnG(@Ft{QDZYfjOS6(w{kMxnn<*DO
z<~PVN97X8=$^pDkTb)-*YbKpyvGzZ2u^QRWo>~DXYDMz@n<3RL=eA^+g`uaywt{hV
zrkTAhv^MbqLudUaS~|*R#ciM*(v+Fg#MKq>PxQR_IhgWRx*|&pDB%JUv52898ieUZ
z(-2rat91ZhrSC7(C<3zerru|ayRG|%T>wj5^7A^tzncN6|4U8rTFVqTF1WWl*5*5x
z&<k(7o2gc=peE5R)k|=2ZW#=+^)}1|I9tidgdg>HuWS9-wtw^rb<W+j{_fd7ik``w
zY4La8`nzY8_Yc_^aEyi)w_Mta4S3H6Y`4<iv40et*?kh){muGPLf^loCYkYvLdsm7
z5X?4ubp-@s1Tv`<F-*i5xbNME{JrafM|=u<JdKN-hunL}-KMqvXi2l1o12@!C2177
zz}L*r4<Vn9C}bh`LnIK3F~MBm;4PLSx$5LBmvfber+b0W`Kf?fn|7UR=P&DT{jI<C
WxBkBE@Ba?~0RR8XTrT7Q@Bsh|TJ>fC

literal 0
HcmV?d00001

diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/.helmignore b/packs/fluentbit-5.0.3/charts/fluent-bit/.helmignore
new file mode 100644
index 00000000..0e8a0eb3
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/CHANGELOG.md b/packs/fluentbit-5.0.3/charts/fluent-bit/CHANGELOG.md
new file mode 100644
index 00000000..da1107ef
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/CHANGELOG.md
@@ -0,0 +1,84 @@
+# Fluent Bit Helm Chart Changelog
+
+> [!NOTE]
+> All notable changes to this project will be documented in this file; the format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+<!--
+### Added - For new features.
+### Changed - For changes in existing functionality.
+### Deprecated - For soon-to-be removed features.
+### Removed - For now removed features.
+### Fixed - For any bug fixes.
+### Security - In case of vulnerabilities.
+-->
+
+## [UNRELEASED]
+
+## [v0.57.3] - 2026-04-17
+
+### Changed
+
+- Update _Fluent Bit_ OCI image to [v5.0.3](https://github.com/fluent/fluent-bit/releases/tag/v5.0.3). ([#710](https://github.com/fluent/helm-charts/pull/710)) _@stevehipwell_
+
+## [v0.57.2] - 2026-04-02
+
+### Changed
+
+- Update _Fluent Bit_ OCI image to [v5.0.2](https://github.com/fluent/fluent-bit/releases/tag/v5.0.2). ([#705](https://github.com/fluent/helm-charts/pull/705)) _@stevehipwell_
+
+## [v0.57.1] - 2026-04-02
+
+### Changed
+
+- Update _Fluent Bit_ OCI image to [v5.0.1](https://github.com/fluent/fluent-bit/releases/tag/v5.0.1). ([#704](https://github.com/fluent/helm-charts/pull/704)) _@stevehipwell_
+
+## [v0.57.0] - 2026-03-23
+
+### Changed
+
+- Update _Fluent Bit_ OCI image to [v5.0.0](https://github.com/fluent/fluent-bit/releases/tag/v5.0.0). ([#700](https://github.com/fluent/helm-charts/pull/700)) _@stevehipwell_
+
+## [v0.56.0] - 2026-02-27
+
+### Added
+
+- VPA recommender may be specified with `.autoscaling.vpa.recommender`
+
+## [v0.55.1] - 2026-02-27
+
+### Changed
+
+- Update _Fluent Bit_ OCI image to [v4.2.3](https://github.com/fluent/fluent-bit/releases/tag/v4.2.3). ([#697](https://github.com/fluent/helm-charts/pull/697)) _@stevehipwell_
+
+## [v0.55.0] - 2026-01-22
+
+### Changed
+
+- Update Fluent Bit OCI image to [4.2.2](https://github.com/fluent/fluent-bit/releases/tag/v4.2.2). ([#684](https://github.com/fluent/helm-charts/pull/684)) _@stevehipwell_
+
+## [v0.54.1] - 2026-01-06
+
+### Changed
+
+- Update Fluent Bit OCI image to [4.1.1](https://github.com/fluent/fluent-bit/releases/tag/v4.1.1). ([#639](https://github.com/fluent/helm-charts/pull/666)) _@Xelus22_
+
+## [v0.54.0] - 2025-10-09
+
+### Changed
+
+- Update Fluent Bit OCI image to [4.1.0](https://github.com/fluent/fluent-bit/releases/tag/v4.1.0). ([#639](https://github.com/fluent/helm-charts/pull/639)) _@timonegk_
+
+<!--
+RELEASE LINKS
+-->
+
+[UNRELEASED]: https://github.com/fluent/helm-charts/tree/main/charts/fluent-bit
+[v0.57.3]: https://github.com/fluent/helm-charts/releases/tag/fluent-bit-0.57.3
+[v0.57.2]: https://github.com/fluent/helm-charts/releases/tag/fluent-bit-0.57.2
+[v0.57.1]: https://github.com/fluent/helm-charts/releases/tag/fluent-bit-0.57.1
+[v0.57.0]: https://github.com/fluent/helm-charts/releases/tag/fluent-bit-0.57.0
+[v0.56.0]: https://github.com/fluent/helm-charts/releases/tag/fluent-bit-0.56.0
+[v0.55.1]: https://github.com/fluent/helm-charts/releases/tag/fluent-bit-0.55.1
+[v0.55.0]: https://github.com/fluent/helm-charts/releases/tag/fluent-bit-0.55.0
+[v0.54.1]: https://github.com/fluent/helm-charts/releases/tag/fluent-bit-0.54.1
+[v0.54.0]: https://github.com/fluent/helm-charts/releases/tag/fluent-bit-0.54.0
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/Chart.yaml b/packs/fluentbit-5.0.3/charts/fluent-bit/Chart.yaml
new file mode 100644
index 00000000..6c54eafe
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/Chart.yaml
@@ -0,0 +1,27 @@
+annotations:
+  artifacthub.io/changes: |-
+    - kind: changed
+      description: "Update Fluent Bit OCI image to v5.0.3."
+apiVersion: v1
+appVersion: 5.0.3
+description: Fast and lightweight log processor and forwarder for Linux, OSX and BSD
+  family operating systems.
+home: https://fluentbit.io/
+icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/fluentd/fluentbit/icon/fluentbit-icon-color.svg
+keywords:
+- logging
+- fluent-bit
+- fluentd
+maintainers:
+- email: eduardo@calyptia.com
+  name: edsiper
+- email: naseem@transit.app
+  name: naseemkullah
+- email: towmeykaw@gmail.com
+  name: Towmeykaw
+- email: steve.hipwell@gmail.com
+  name: stevehipwell
+name: fluent-bit
+sources:
+- https://github.com/fluent/fluent-bit/
+version: 0.57.3
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/README.md b/packs/fluentbit-5.0.3/charts/fluent-bit/README.md
new file mode 100644
index 00000000..e3f87bd6
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/README.md
@@ -0,0 +1,247 @@
+# fluent-bit
+
+![Version: 0.57.3](https://img.shields.io/badge/Version-0.57.3-informational?style=flat-square) ![AppVersion: 5.0.3](https://img.shields.io/badge/AppVersion-5.0.3-informational?style=flat-square)
+
+Fast and lightweight log processor and forwarder for Linux, OSX and BSD family operating systems.
+
+**Homepage:** <https://fluentbit.io/>
+
+## Maintainers
+
+| Name | Email | Url |
+| ---- | ------ | --- |
+| edsiper | <eduardo@calyptia.com> |  |
+| naseemkullah | <naseem@transit.app> |  |
+| Towmeykaw | <towmeykaw@gmail.com> |  |
+| stevehipwell | <steve.hipwell@gmail.com> |  |
+
+## Source Code
+
+* <https://github.com/fluent/fluent-bit/>
+
+## Installing the Chart
+
+### OCI Repository
+
+To install the chart using the recommended OCI method you can use the following command.
+
+```shell
+helm upgrade --install fluent-bit oci://ghcr.io/fluent/helm-charts/fluent-bit --version 0.57.3
+```
+
+#### Verification
+
+As the OCI chart release is signed by [Cosign](https://github.com/sigstore/cosign) you can verify the chart before installing it by running the following command.
+
+```shell
+cosign verify --certificate-oidc-issuer https://token.actions.githubusercontent.com --certificate-identity-regexp 'https://github\.com/action-stars/helm-workflows/\.github/workflows/release\.yaml@.+' --certificate-github-workflow-repository fluent/helm-charts --certificate-github-workflow-name Release ghcr.io/fluent/helm-charts/fluent-bit:0.57.3
+```
+
+### Non-OCI Repository
+
+Alternatively you can use the legacy non-OCI method via the following commands.
+
+```shell
+helm repo add fluent https://fluent.github.io/helm-charts/
+helm upgrade --install fluent-bit fluent/fluent-bit --version 0.57.3
+```
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| affinity | object | `{}` |  |
+| annotations | object | `{}` |  |
+| args[0] | string | `"--workdir=/fluent-bit/etc"` |  |
+| args[1] | string | `"--config=/fluent-bit/etc/conf/fluent-bit.conf"` |  |
+| autoscaling.behavior | object | `{}` |  |
+| autoscaling.customRules | list | `[]` |  |
+| autoscaling.enabled | bool | `false` |  |
+| autoscaling.maxReplicas | int | `3` |  |
+| autoscaling.minReplicas | int | `1` |  |
+| autoscaling.targetCPUUtilizationPercentage | int | `75` |  |
+| autoscaling.vpa.annotations | object | `{}` |  |
+| autoscaling.vpa.controlledResources | list | `[]` |  |
+| autoscaling.vpa.controlledValues | string | `nil` |  |
+| autoscaling.vpa.enabled | bool | `false` |  |
+| autoscaling.vpa.maxAllowed | object | `{}` |  |
+| autoscaling.vpa.minAllowed | object | `{}` |  |
+| autoscaling.vpa.recommender | string | `"default"` |  |
+| autoscaling.vpa.updatePolicy.updateMode | string | `"Auto"` |  |
+| command[0] | string | `"/fluent-bit/bin/fluent-bit"` |  |
+| config.customParsers | string | `"[PARSER]\n    Name docker_no_time\n    Format json\n    Time_Keep Off\n    Time_Key time\n    Time_Format %Y-%m-%dT%H:%M:%S.%L\n"` |  |
+| config.extraFiles | object | `{}` |  |
+| config.filters | string | `"[FILTER]\n    Name kubernetes\n    Match kube.*\n    Merge_Log On\n    Keep_Log Off\n    K8S-Logging.Parser On\n    K8S-Logging.Exclude On\n"` |  |
+| config.inputs | string | `"[INPUT]\n    Name tail\n    Path /var/log/containers/*.log\n    multiline.parser docker, cri\n    Tag kube.*\n    Mem_Buf_Limit 5MB\n    Skip_Long_Lines On\n\n[INPUT]\n    Name systemd\n    Tag host.*\n    Systemd_Filter _SYSTEMD_UNIT=kubelet.service\n    Read_From_Tail On\n"` |  |
+| config.outputs | string | `"[OUTPUT]\n    Name es\n    Match kube.*\n    Host elasticsearch-master\n    Logstash_Format On\n    Retry_Limit False\n\n[OUTPUT]\n    Name es\n    Match host.*\n    Host elasticsearch-master\n    Logstash_Format On\n    Logstash_Prefix node\n    Retry_Limit False\n"` |  |
+| config.service | string | `"[SERVICE]\n    Daemon Off\n    Flush {{ .Values.flush }}\n    Log_Level {{ .Values.logLevel }}\n    Parsers_File /fluent-bit/etc/parsers.conf\n    Parsers_File /fluent-bit/etc/conf/custom_parsers.conf\n    HTTP_Server On\n    HTTP_Listen 0.0.0.0\n    HTTP_Port {{ .Values.metricsPort }}\n    Health_Check On\n"` |  |
+| config.upstream | object | `{}` |  |
+| daemonSetVolumeMounts[0].mountPath | string | `"/var/log"` |  |
+| daemonSetVolumeMounts[0].name | string | `"varlog"` |  |
+| daemonSetVolumeMounts[1].mountPath | string | `"/var/lib/docker/containers"` |  |
+| daemonSetVolumeMounts[1].name | string | `"varlibdockercontainers"` |  |
+| daemonSetVolumeMounts[1].readOnly | bool | `true` |  |
+| daemonSetVolumeMounts[2].mountPath | string | `"/etc/machine-id"` |  |
+| daemonSetVolumeMounts[2].name | string | `"etcmachineid"` |  |
+| daemonSetVolumeMounts[2].readOnly | bool | `true` |  |
+| daemonSetVolumes[0].hostPath.path | string | `"/var/log"` |  |
+| daemonSetVolumes[0].name | string | `"varlog"` |  |
+| daemonSetVolumes[1].hostPath.path | string | `"/var/lib/docker/containers"` |  |
+| daemonSetVolumes[1].name | string | `"varlibdockercontainers"` |  |
+| daemonSetVolumes[2].hostPath.path | string | `"/etc/machine-id"` |  |
+| daemonSetVolumes[2].hostPath.type | string | `"File"` |  |
+| daemonSetVolumes[2].name | string | `"etcmachineid"` |  |
+| dashboards.annotations | object | `{}` |  |
+| dashboards.deterministicUid | bool | `false` |  |
+| dashboards.enabled | bool | `false` |  |
+| dashboards.labelKey | string | `"grafana_dashboard"` |  |
+| dashboards.labelValue | int | `1` |  |
+| dashboards.namespace | string | `""` |  |
+| dnsConfig | object | `{}` |  |
+| dnsPolicy | string | `"ClusterFirst"` |  |
+| env | list | `[]` |  |
+| envFrom | list | `[]` |  |
+| envWithTpl | list | `[]` |  |
+| existingConfigMap | string | `""` |  |
+| extraContainers | list | `[]` |  |
+| extraPorts | list | `[]` |  |
+| extraVolumeMounts | list | `[]` |  |
+| extraVolumes | list | `[]` |  |
+| flush | int | `1` |  |
+| fullnameOverride | string | `""` |  |
+| hostAliases | list | `[]` |  |
+| hostNetwork | bool | `false` |  |
+| hotReload.enabled | bool | `false` |  |
+| hotReload.extraWatchVolumes | list | `[]` |  |
+| hotReload.image.digest | string | `nil` |  |
+| hotReload.image.pullPolicy | string | `"IfNotPresent"` |  |
+| hotReload.image.repository | string | `"ghcr.io/jimmidyson/configmap-reload"` |  |
+| hotReload.image.tag | string | `"v0.15.0"` |  |
+| hotReload.resources | object | `{}` |  |
+| hotReload.securityContext.allowPrivilegeEscalation | bool | `false` |  |
+| hotReload.securityContext.capabilities.drop[0] | string | `"ALL"` |  |
+| hotReload.securityContext.privileged | bool | `false` |  |
+| hotReload.securityContext.readOnlyRootFilesystem | bool | `true` |  |
+| hotReload.securityContext.runAsGroup | int | `65532` |  |
+| hotReload.securityContext.runAsNonRoot | bool | `true` |  |
+| hotReload.securityContext.runAsUser | int | `65532` |  |
+| image.digest | string | `nil` |  |
+| image.pullPolicy | string | `"IfNotPresent"` |  |
+| image.repository | string | `"cr.fluentbit.io/fluent/fluent-bit"` |  |
+| image.tag | string | `nil` |  |
+| imagePullSecrets | list | `[]` |  |
+| ingress.annotations | object | `{}` |  |
+| ingress.enabled | bool | `false` |  |
+| ingress.extraHosts | list | `[]` |  |
+| ingress.hosts | list | `[]` |  |
+| ingress.ingressClassName | string | `""` |  |
+| ingress.tls | list | `[]` |  |
+| initContainers | list | `[]` |  |
+| kind | string | `"DaemonSet"` | DaemonSet or Deployment |
+| labels | object | `{}` |  |
+| lifecycle | object | `{}` |  |
+| livenessProbe.httpGet.path | string | `"/"` |  |
+| livenessProbe.httpGet.port | string | `"http"` |  |
+| logLevel | string | `"info"` |  |
+| luaScripts | object | `{}` |  |
+| metricsPort | int | `2020` |  |
+| minReadySeconds | string | `nil` |  |
+| nameOverride | string | `""` |  |
+| networkPolicy.enabled | bool | `false` |  |
+| nodeSelector | object | `{}` |  |
+| openShift.enabled | bool | `false` |  |
+| openShift.securityContextConstraints.annotations | object | `{}` |  |
+| openShift.securityContextConstraints.create | bool | `true` |  |
+| openShift.securityContextConstraints.existingName | string | `""` |  |
+| openShift.securityContextConstraints.name | string | `""` |  |
+| openShift.securityContextConstraints.runAsUser.type | string | `"RunAsAny"` |  |
+| openShift.securityContextConstraints.seLinuxContext.type | string | `"MustRunAs"` |  |
+| podAnnotations | object | `{}` |  |
+| podDisruptionBudget.annotations | object | `{}` |  |
+| podDisruptionBudget.enabled | bool | `false` |  |
+| podDisruptionBudget.maxUnavailable | string | `"30%"` |  |
+| podLabels | object | `{}` |  |
+| podSecurityContext | object | `{}` |  |
+| podSecurityPolicy.annotations | object | `{}` |  |
+| podSecurityPolicy.create | bool | `false` |  |
+| podSecurityPolicy.runAsUser.rule | string | `"RunAsAny"` |  |
+| podSecurityPolicy.seLinux.rule | string | `"RunAsAny"` |  |
+| priorityClassName | string | `""` |  |
+| prometheusRule.enabled | bool | `false` |  |
+| rbac.create | bool | `true` |  |
+| rbac.eventsAccess | bool | `false` |  |
+| rbac.nodeAccess | bool | `false` |  |
+| readinessProbe.httpGet.path | string | `"/api/v2/health"` |  |
+| readinessProbe.httpGet.port | string | `"http"` |  |
+| replicaCount | int | `1` | Only applicable if kind=Deployment |
+| resources | object | `{}` |  |
+| securityContext | object | `{}` |  |
+| service.annotations | object | `{}` |  |
+| service.externalIPs | list | `[]` |  |
+| service.internalTrafficPolicy | string | `nil` |  |
+| service.labels | object | `{}` |  |
+| service.loadBalancerClass | string | `nil` |  |
+| service.loadBalancerIP | string | `nil` |  |
+| service.loadBalancerSourceRanges | list | `[]` |  |
+| service.port | int | `2020` |  |
+| service.type | string | `"ClusterIP"` |  |
+| serviceAccount.annotations | object | `{}` |  |
+| serviceAccount.automountServiceAccountToken | string | `nil` |  |
+| serviceAccount.create | bool | `true` |  |
+| serviceAccount.name | string | `nil` |  |
+| serviceMonitor.additionalEndpoints | list | `[]` |  |
+| serviceMonitor.enabled | bool | `false` |  |
+| terminationGracePeriodSeconds | string | `nil` |  |
+| testFramework.enabled | bool | `true` |  |
+| testFramework.image.digest | string | `nil` |  |
+| testFramework.image.pullPolicy | string | `"Always"` |  |
+| testFramework.image.repository | string | `"busybox"` |  |
+| testFramework.image.tag | string | `"latest"` |  |
+| testFramework.namespace | string | `nil` |  |
+| tolerations | list | `[]` |  |
+| updateStrategy | object | `{}` |  |
+| volumeMounts[0].mountPath | string | `"/fluent-bit/etc/conf"` |  |
+| volumeMounts[0].name | string | `"config"` |  |
+
+## Usage
+
+### Using Lua Scripts
+
+Fluent Bit allows us to provide a filter to modify the incoming records using custom [Lua scripts.](https://docs.fluentbit.io/manual/pipeline/filters/lua)
+
+### How to use Lua scripts with this Chart
+
+First, you should add your Lua scripts to `luaScripts` in values.yaml, templating is supported.
+
+```yaml
+luaScripts:
+  filter_example.lua: |
+    function filter_name(tag, timestamp, record)
+        -- put your lua code here.
+    end
+```
+
+After that, the Lua scripts will be ready to be used as filters. So next step is to add your Fluent bit [filter](https://docs.fluentbit.io/manual/concepts/data-pipeline/filter) to `config.filters` in values.yaml, for example:
+
+```yaml
+config:
+  filters: |
+    [FILTER]
+        Name    lua
+        Match   <your-tag>
+        script  /fluent-bit/scripts/filter_example.lua
+        call    filter_name
+```
+
+Under the hood, the chart will:
+
+- Create a configmap using `luaScripts`.
+- Add a volumeMounts for each Lua scripts using the path `/fluent-bit/scripts/<script>`.
+- Add the Lua script's configmap as volume to the pod.
+
+> [!NOTE]
+> Remember to set the `script` attribute in the filter using `/fluent-bit/scripts/`, otherwise the file will not be found by fluent bit.
+
+----------------------------------------------
+
+Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs/).
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/RELEASE.md b/packs/fluentbit-5.0.3/charts/fluent-bit/RELEASE.md
new file mode 100644
index 00000000..cd917e47
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/RELEASE.md
@@ -0,0 +1,3 @@
+### Changed
+
+- Update _Fluent Bit_ OCI image to [v5.0.3](https://github.com/fluent/fluent-bit/releases/tag/v5.0.3). ([#710](https://github.com/fluent/helm-charts/pull/710)) _@stevehipwell_
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/_docs.md b/packs/fluentbit-5.0.3/charts/fluent-bit/_docs.md
new file mode 100644
index 00000000..5264f306
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/_docs.md
@@ -0,0 +1,38 @@
+## Usage
+
+### Using Lua Scripts
+
+Fluent Bit allows us to provide a filter to modify the incoming records using custom [Lua scripts.](https://docs.fluentbit.io/manual/pipeline/filters/lua)
+
+### How to use Lua scripts with this Chart
+
+First, you should add your Lua scripts to `luaScripts` in values.yaml, templating is supported.
+
+```yaml
+luaScripts:
+  filter_example.lua: |
+    function filter_name(tag, timestamp, record)
+        -- put your lua code here.
+    end
+```
+
+After that, the Lua scripts will be ready to be used as filters. So next step is to add your Fluent bit [filter](https://docs.fluentbit.io/manual/concepts/data-pipeline/filter) to `config.filters` in values.yaml, for example:
+
+```yaml
+config:
+  filters: |
+    [FILTER]
+        Name    lua
+        Match   <your-tag>
+        script  /fluent-bit/scripts/filter_example.lua
+        call    filter_name
+```
+
+Under the hood, the chart will:
+
+- Create a configmap using `luaScripts`.
+- Add a volumeMounts for each Lua scripts using the path `/fluent-bit/scripts/<script>`.
+- Add the Lua script's configmap as volume to the pod.
+
+> [!NOTE]
+> Remember to set the `script` attribute in the filter using `/fluent-bit/scripts/`, otherwise the file will not be found by fluent bit.
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/ci/ci-values.yaml b/packs/fluentbit-5.0.3/charts/fluent-bit/ci/ci-values.yaml
new file mode 100644
index 00000000..1c48569f
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/ci/ci-values.yaml
@@ -0,0 +1,43 @@
+testFramework:
+  enabled: true
+
+logLevel: debug
+
+extraVolumeMounts:
+  - name: extra-volume
+    mountPath: /extra-volume-path
+  - name: another-extra-volume
+    mountPath: /another-extra-volume-path
+
+extraVolumes:
+  - name: extra-volume
+    emptyDir: {}
+  - name: another-extra-volume
+    emptyDir: {}
+
+dashboards:
+  enabled: true
+  deterministicUid: true
+
+luaScripts:
+  filter_example.lua: |
+    function filter_name(tag, timestamp, record)
+        -- put your lua code here.
+    end
+  filter_with_templating_example.lua: |
+    local log_level = {{ .Values.logLevel | quote }}
+    function filter_with_templating_name(tag, timestamp, record)
+        -- put your lua code here.
+    end
+
+config:
+  outputs: |
+    [OUTPUT]
+        name   stdout
+        match  *
+
+hotReload:
+  enabled: true
+  extraWatchVolumes:
+    - extra-volume
+    - another-extra-volume
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/dashboards/fluent-bit.json b/packs/fluentbit-5.0.3/charts/fluent-bit/dashboards/fluent-bit.json
new file mode 100644
index 00000000..584a8c94
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/dashboards/fluent-bit.json
@@ -0,0 +1,1565 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": {
+          "type": "prometheus",
+          "uid": "$DS_PROMETHEUS"
+        },
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "description": "Fluent Bit dashboard.",
+  "editable": true,
+  "fiscalYearStartMonth": 0,
+  "gnetId": null,
+  "graphTooltip": 1,
+  "id": null,
+  "links": [],
+  "liveNow": false,
+  "panels": [
+    {
+      "collapsed": false,
+      "datasource": {
+        "type": "prometheus",
+        "uid": "$DS_PROMETHEUS"
+      },
+      "gridPos": {
+        "h": 1,
+        "w": 24,
+        "x": 0,
+        "y": 0
+      },
+      "id": 45,
+      "panels": [],
+      "targets": [
+        {
+          "datasource": {
+            "type": "prometheus",
+            "uid": "$DS_PROMETHEUS"
+          },
+          "refId": "A"
+        }
+      ],
+      "title": "Status",
+      "type": "row"
+    },
+    {
+      "datasource": {
+        "type": "prometheus",
+        "uid": "$DS_PROMETHEUS"
+      },
+      "description": "",
+      "fieldConfig": {
+        "defaults": {
+          "mappings": [],
+          "thresholds": {
+            "mode": "percentage",
+            "steps": [
+              {
+                "color": "#d44a3a",
+                "value": null
+              },
+              {
+                "color": "#299c46",
+                "value": 0
+              }
+            ]
+          },
+          "unit": "none"
+        },
+        "overrides": []
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 24,
+        "x": 0,
+        "y": 1
+      },
+      "id": 6,
+      "links": [],
+      "maxDataPoints": 100,
+      "options": {
+        "colorMode": "value",
+        "graphMode": "area",
+        "justifyMode": "auto",
+        "orientation": "vertical",
+        "reduceOptions": {
+          "calcs": [
+            "last"
+          ],
+          "fields": "",
+          "values": false
+        },
+        "textMode": "auto"
+      },
+      "pluginVersion": "9.5.3",
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$DS_PROMETHEUS"
+          },
+          "editorMode": "code",
+          "expr": "sum(kube_pod_info{job=\"kube-state-metrics\",namespace=\"$namespace\",created_by_kind=\"DaemonSet\",created_by_name=\"$release\"})",
+          "format": "time_series",
+          "interval": "",
+          "intervalFactor": 1,
+          "legendFormat": "Active Pods",
+          "range": true,
+          "refId": "A"
+        },
+        {
+          "datasource": {
+            "uid": "$DS_PROMETHEUS"
+          },
+          "editorMode": "code",
+          "expr": "sum(kube_node_status_condition{job=\"kube-state-metrics\",condition=\"Ready\",status=\"true\"})",
+          "interval": "",
+          "legendFormat": "Ready Nodes",
+          "range": true,
+          "refId": "B"
+        },
+        {
+          "datasource": {
+            "uid": "$DS_PROMETHEUS"
+          },
+          "editorMode": "code",
+          "expr": "sum(kube_node_status_condition{job=\"kube-state-metrics\",condition!=\"Ready\",status=\"true\"})",
+          "interval": "",
+          "legendFormat": "Non-Ready Nodes",
+          "range": true,
+          "refId": "C"
+        }
+      ],
+      "transparent": true,
+      "type": "stat"
+    },
+    {
+      "collapsed": false,
+      "datasource": {
+        "type": "prometheus",
+        "uid": "$DS_PROMETHEUS"
+      },
+      "gridPos": {
+        "h": 1,
+        "w": 24,
+        "x": 0,
+        "y": 4
+      },
+      "id": 43,
+      "panels": [],
+      "targets": [
+        {
+          "datasource": {
+            "type": "prometheus",
+            "uid": "$DS_PROMETHEUS"
+          },
+          "refId": "A"
+        }
+      ],
+      "title": "Fluent Bit Metrics",
+      "type": "row"
+    },
+    {
+      "datasource": {
+        "type": "prometheus",
+        "uid": "$DS_PROMETHEUS"
+      },
+      "fieldConfig": {
+        "defaults": {
+          "color": {
+            "mode": "palette-classic"
+          },
+          "custom": {
+            "axisCenteredZero": false,
+            "axisColorMode": "text",
+            "axisLabel": "",
+            "axisPlacement": "auto",
+            "barAlignment": 0,
+            "drawStyle": "line",
+            "fillOpacity": 50,
+            "gradientMode": "none",
+            "hideFrom": {
+              "legend": false,
+              "tooltip": false,
+              "viz": false
+            },
+            "lineInterpolation": "linear",
+            "lineWidth": 1,
+            "pointSize": 5,
+            "scaleDistribution": {
+              "type": "linear"
+            },
+            "showPoints": "never",
+            "spanNulls": false,
+            "stacking": {
+              "group": "A",
+              "mode": "normal"
+            },
+            "thresholdsStyle": {
+              "mode": "off"
+            }
+          },
+          "links": [],
+          "mappings": [],
+          "thresholds": {
+            "mode": "absolute",
+            "steps": [
+              {
+                "color": "green",
+                "value": null
+              },
+              {
+                "color": "red",
+                "value": 80
+              }
+            ]
+          },
+          "unit": "Bps"
+        },
+        "overrides": []
+      },
+      "gridPos": {
+        "h": 6,
+        "w": 12,
+        "x": 0,
+        "y": 5
+      },
+      "id": 2,
+      "links": [],
+      "options": {
+        "legend": {
+          "calcs": [
+            "lastNotNull"
+          ],
+          "displayMode": "list",
+          "placement": "bottom",
+          "showLegend": false
+        },
+        "tooltip": {
+          "mode": "multi",
+          "sort": "desc"
+        }
+      },
+      "pluginVersion": "9.5.3",
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$DS_PROMETHEUS"
+          },
+          "editorMode": "code",
+          "expr": "sum(rate(fluentbit_input_bytes_total{job=\"$release\",namespace=\"$namespace\"}[5m])) by (pod, name)",
+          "format": "time_series",
+          "hide": false,
+          "interval": "",
+          "intervalFactor": 1,
+          "legendFormat": "{{ `{{pod}}/{{name}}` }}",
+          "range": true,
+          "refId": "A"
+        }
+      ],
+      "title": "Input Bytes Processing Rate",
+      "type": "timeseries"
+    },
+    {
+      "datasource": {
+        "type": "prometheus",
+        "uid": "$DS_PROMETHEUS"
+      },
+      "fieldConfig": {
+        "defaults": {
+          "color": {
+            "mode": "palette-classic"
+          },
+          "custom": {
+            "axisCenteredZero": false,
+            "axisColorMode": "text",
+            "axisLabel": "",
+            "axisPlacement": "auto",
+            "barAlignment": 0,
+            "drawStyle": "line",
+            "fillOpacity": 50,
+            "gradientMode": "none",
+            "hideFrom": {
+              "legend": false,
+              "tooltip": false,
+              "viz": false
+            },
+            "lineInterpolation": "linear",
+            "lineWidth": 1,
+            "pointSize": 5,
+            "scaleDistribution": {
+              "type": "linear"
+            },
+            "showPoints": "never",
+            "spanNulls": false,
+            "stacking": {
+              "group": "A",
+              "mode": "normal"
+            },
+            "thresholdsStyle": {
+              "mode": "off"
+            }
+          },
+          "links": [],
+          "mappings": [],
+          "min": 0,
+          "thresholds": {
+            "mode": "absolute",
+            "steps": [
+              {
+                "color": "green",
+                "value": null
+              },
+              {
+                "color": "red",
+                "value": 80
+              }
+            ]
+          },
+          "unit": "Bps"
+        },
+        "overrides": []
+      },
+      "gridPos": {
+        "h": 6,
+        "w": 12,
+        "x": 12,
+        "y": 5
+      },
+      "id": 9,
+      "links": [],
+      "options": {
+        "legend": {
+          "calcs": [
+            "lastNotNull"
+          ],
+          "displayMode": "list",
+          "placement": "bottom",
+          "showLegend": false
+        },
+        "tooltip": {
+          "mode": "multi",
+          "sort": "desc"
+        }
+      },
+      "pluginVersion": "9.5.3",
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$DS_PROMETHEUS"
+          },
+          "editorMode": "code",
+          "expr": "sum(rate(fluentbit_output_proc_bytes_total{job=\"$release\",namespace=\"$namespace\"}[5m])) by (pod, name)",
+          "format": "time_series",
+          "hide": false,
+          "interval": "",
+          "intervalFactor": 1,
+          "legendFormat": "{{ `{{pod}}/{{name}}` }}",
+          "range": true,
+          "refId": "A"
+        }
+      ],
+      "title": "Output Bytes Processing Rate",
+      "type": "timeseries"
+    },
+    {
+      "datasource": {
+        "type": "prometheus",
+        "uid": "$DS_PROMETHEUS"
+      },
+      "fieldConfig": {
+        "defaults": {
+          "color": {
+            "mode": "palette-classic"
+          },
+          "custom": {
+            "axisCenteredZero": false,
+            "axisColorMode": "text",
+            "axisLabel": "",
+            "axisPlacement": "auto",
+            "barAlignment": 0,
+            "drawStyle": "line",
+            "fillOpacity": 50,
+            "gradientMode": "none",
+            "hideFrom": {
+              "legend": false,
+              "tooltip": false,
+              "viz": false
+            },
+            "lineInterpolation": "linear",
+            "lineWidth": 1,
+            "pointSize": 5,
+            "scaleDistribution": {
+              "type": "linear"
+            },
+            "showPoints": "never",
+            "spanNulls": false,
+            "stacking": {
+              "group": "A",
+              "mode": "normal"
+            },
+            "thresholdsStyle": {
+              "mode": "off"
+            }
+          },
+          "links": [],
+          "mappings": [],
+          "thresholds": {
+            "mode": "absolute",
+            "steps": [
+              {
+                "color": "green",
+                "value": null
+              },
+              {
+                "color": "red",
+                "value": 80
+              }
+            ]
+          },
+          "unit": "rps"
+        },
+        "overrides": []
+      },
+      "gridPos": {
+        "h": 6,
+        "w": 12,
+        "x": 0,
+        "y": 11
+      },
+      "id": 40,
+      "links": [],
+      "options": {
+        "legend": {
+          "calcs": [
+            "lastNotNull"
+          ],
+          "displayMode": "list",
+          "placement": "bottom",
+          "showLegend": false
+        },
+        "tooltip": {
+          "mode": "multi",
+          "sort": "desc"
+        }
+      },
+      "pluginVersion": "9.5.3",
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$DS_PROMETHEUS"
+          },
+          "editorMode": "code",
+          "expr": "sum(rate(fluentbit_input_records_total{job=\"$release\",namespace=\"$namespace\"}[5m])) by (pod, name)",
+          "format": "time_series",
+          "hide": false,
+          "interval": "",
+          "intervalFactor": 1,
+          "legendFormat": "{{ `{{pod}}/{{name}}` }}",
+          "range": true,
+          "refId": "A"
+        }
+      ],
+      "title": "Input Records Processing Rate",
+      "type": "timeseries"
+    },
+    {
+      "datasource": {
+        "type": "prometheus",
+        "uid": "$DS_PROMETHEUS"
+      },
+      "fieldConfig": {
+        "defaults": {
+          "color": {
+            "mode": "palette-classic"
+          },
+          "custom": {
+            "axisCenteredZero": false,
+            "axisColorMode": "text",
+            "axisLabel": "",
+            "axisPlacement": "auto",
+            "barAlignment": 0,
+            "drawStyle": "line",
+            "fillOpacity": 50,
+            "gradientMode": "none",
+            "hideFrom": {
+              "legend": false,
+              "tooltip": false,
+              "viz": false
+            },
+            "lineInterpolation": "linear",
+            "lineWidth": 1,
+            "pointSize": 5,
+            "scaleDistribution": {
+              "type": "linear"
+            },
+            "showPoints": "never",
+            "spanNulls": false,
+            "stacking": {
+              "group": "A",
+              "mode": "normal"
+            },
+            "thresholdsStyle": {
+              "mode": "off"
+            }
+          },
+          "links": [],
+          "mappings": [],
+          "min": 0,
+          "thresholds": {
+            "mode": "absolute",
+            "steps": [
+              {
+                "color": "green",
+                "value": null
+              },
+              {
+                "color": "red",
+                "value": 80
+              }
+            ]
+          },
+          "unit": "rps"
+        },
+        "overrides": []
+      },
+      "gridPos": {
+        "h": 6,
+        "w": 12,
+        "x": 12,
+        "y": 11
+      },
+      "id": 41,
+      "links": [],
+      "options": {
+        "legend": {
+          "calcs": [
+            "lastNotNull"
+          ],
+          "displayMode": "list",
+          "placement": "bottom",
+          "showLegend": false
+        },
+        "tooltip": {
+          "mode": "multi",
+          "sort": "desc"
+        }
+      },
+      "pluginVersion": "9.5.3",
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$DS_PROMETHEUS"
+          },
+          "editorMode": "code",
+          "expr": "sum(rate(fluentbit_output_proc_records_total{job=\"$release\",namespace=\"$namespace\"}[5m])) by (pod, name)",
+          "format": "time_series",
+          "hide": false,
+          "interval": "",
+          "intervalFactor": 1,
+          "legendFormat": "{{ `{{pod}}/{{name}}` }}",
+          "range": true,
+          "refId": "A"
+        }
+      ],
+      "title": "Output Record Processing Rate",
+      "type": "timeseries"
+    },
+    {
+      "datasource": {
+        "type": "prometheus",
+        "uid": "$DS_PROMETHEUS"
+      },
+      "fieldConfig": {
+        "defaults": {
+          "color": {
+            "mode": "palette-classic"
+          },
+          "custom": {
+            "axisCenteredZero": false,
+            "axisColorMode": "text",
+            "axisLabel": "",
+            "axisPlacement": "auto",
+            "barAlignment": 0,
+            "drawStyle": "line",
+            "fillOpacity": 10,
+            "gradientMode": "none",
+            "hideFrom": {
+              "legend": false,
+              "tooltip": false,
+              "viz": false
+            },
+            "lineInterpolation": "linear",
+            "lineWidth": 1,
+            "pointSize": 5,
+            "scaleDistribution": {
+              "type": "linear"
+            },
+            "showPoints": "never",
+            "spanNulls": false,
+            "stacking": {
+              "group": "A",
+              "mode": "normal"
+            },
+            "thresholdsStyle": {
+              "mode": "off"
+            }
+          },
+          "links": [],
+          "mappings": [],
+          "min": 0,
+          "thresholds": {
+            "mode": "absolute",
+            "steps": [
+              {
+                "color": "green",
+                "value": null
+              },
+              {
+                "color": "red",
+                "value": 80
+              }
+            ]
+          },
+          "unit": "short"
+        },
+        "overrides": []
+      },
+      "gridPos": {
+        "h": 6,
+        "w": 12,
+        "x": 0,
+        "y": 17
+      },
+      "id": 11,
+      "links": [],
+      "options": {
+        "legend": {
+          "calcs": [
+            "mean",
+            "lastNotNull",
+            "max"
+          ],
+          "displayMode": "list",
+          "placement": "bottom",
+          "showLegend": false
+        },
+        "tooltip": {
+          "mode": "multi",
+          "sort": "desc"
+        }
+      },
+      "pluginVersion": "9.5.3",
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$DS_PROMETHEUS"
+          },
+          "editorMode": "code",
+          "expr": "sum(rate(fluentbit_output_retries_total{job=\"$release\",namespace=\"$namespace\"}[5m])) by (pod, name)",
+          "format": "time_series",
+          "hide": false,
+          "interval": "",
+          "intervalFactor": 1,
+          "legendFormat": "{{ `{{pod}} Retries to {{name}}` }}",
+          "range": true,
+          "refId": "A"
+        },
+        {
+          "datasource": {
+            "uid": "$DS_PROMETHEUS"
+          },
+          "editorMode": "code",
+          "expr": "sum(rate(fluentbit_output_retries_failed_total{job=\"$release\",namespace=\"$namespace\"}[5m])) by (pod, name)",
+          "format": "time_series",
+          "interval": "",
+          "intervalFactor": 1,
+          "legendFormat": "{{ `{{pod}} Failed Retries to {{ name }}` }}",
+          "range": true,
+          "refId": "B"
+        }
+      ],
+      "title": "Output Retry/Failed Rates",
+      "type": "timeseries"
+    },
+    {
+      "datasource": {
+        "type": "prometheus",
+        "uid": "$DS_PROMETHEUS"
+      },
+      "fieldConfig": {
+        "defaults": {
+          "color": {
+            "mode": "palette-classic"
+          },
+          "custom": {
+            "axisCenteredZero": false,
+            "axisColorMode": "text",
+            "axisLabel": "",
+            "axisPlacement": "auto",
+            "barAlignment": 0,
+            "drawStyle": "line",
+            "fillOpacity": 10,
+            "gradientMode": "none",
+            "hideFrom": {
+              "legend": false,
+              "tooltip": false,
+              "viz": false
+            },
+            "lineInterpolation": "linear",
+            "lineWidth": 1,
+            "pointSize": 5,
+            "scaleDistribution": {
+              "type": "linear"
+            },
+            "showPoints": "never",
+            "spanNulls": false,
+            "stacking": {
+              "group": "A",
+              "mode": "none"
+            },
+            "thresholdsStyle": {
+              "mode": "off"
+            }
+          },
+          "links": [],
+          "mappings": [],
+          "min": 0,
+          "thresholds": {
+            "mode": "absolute",
+            "steps": [
+              {
+                "color": "green",
+                "value": null
+              },
+              {
+                "color": "red",
+                "value": 80
+              }
+            ]
+          },
+          "unit": "errors/sec"
+        },
+        "overrides": []
+      },
+      "gridPos": {
+        "h": 6,
+        "w": 12,
+        "x": 12,
+        "y": 17
+      },
+      "id": 10,
+      "links": [],
+      "options": {
+        "legend": {
+          "calcs": [
+            "lastNotNull"
+          ],
+          "displayMode": "list",
+          "placement": "bottom",
+          "showLegend": true
+        },
+        "tooltip": {
+          "mode": "multi",
+          "sort": "none"
+        }
+      },
+      "pluginVersion": "9.5.3",
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$DS_PROMETHEUS"
+          },
+          "editorMode": "code",
+          "expr": "sum(rate(fluentbit_output_errors_total{job=\"$release\",namespace=\"$namespace\"}[5m])) by (pod, name)",
+          "format": "time_series",
+          "hide": false,
+          "interval": "",
+          "intervalFactor": 1,
+          "legendFormat": "{{ `{{pod}}/{{name}}` }}",
+          "range": true,
+          "refId": "A"
+        }
+      ],
+      "title": "Output Error Rate",
+      "type": "timeseries"
+    },
+    {
+      "datasource": {
+        "type": "prometheus",
+        "uid": "$DS_PROMETHEUS"
+      },
+      "fieldConfig": {
+        "defaults": {
+          "color": {
+            "mode": "palette-classic"
+          },
+          "custom": {
+            "axisCenteredZero": false,
+            "axisColorMode": "text",
+            "axisLabel": "",
+            "axisPlacement": "auto",
+            "barAlignment": 0,
+            "drawStyle": "line",
+            "fillOpacity": 10,
+            "gradientMode": "none",
+            "hideFrom": {
+              "legend": false,
+              "tooltip": false,
+              "viz": false
+            },
+            "lineInterpolation": "linear",
+            "lineWidth": 1,
+            "pointSize": 5,
+            "scaleDistribution": {
+              "type": "linear"
+            },
+            "showPoints": "never",
+            "spanNulls": false,
+            "stacking": {
+              "group": "A",
+              "mode": "normal"
+            },
+            "thresholdsStyle": {
+              "mode": "off"
+            }
+          },
+          "mappings": [],
+          "thresholds": {
+            "mode": "absolute",
+            "steps": [
+              {
+                "color": "green",
+                "value": null
+              },
+              {
+                "color": "red",
+                "value": 80
+              }
+            ]
+          },
+          "unit": "Bps"
+        },
+        "overrides": []
+      },
+      "gridPos": {
+        "h": 8,
+        "w": 12,
+        "x": 0,
+        "y": 23
+      },
+      "id": 54,
+      "options": {
+        "legend": {
+          "calcs": [],
+          "displayMode": "list",
+          "placement": "bottom",
+          "showLegend": false
+        },
+        "tooltip": {
+          "mode": "multi",
+          "sort": "none"
+        }
+      },
+      "pluginVersion": "9.5.3",
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$DS_PROMETHEUS"
+          },
+          "editorMode": "code",
+          "expr": "sum(rate(fluentbit_filter_bytes_total{job=\"$release\",namespace=\"$namespace\"}[5m])) by (pod, name)",
+          "interval": "",
+          "legendFormat": "{{ `{{pod}}/{{name}}` }}",
+          "range": true,
+          "refId": "A"
+        }
+      ],
+      "title": "Filter Bytes",
+      "type": "timeseries"
+    },
+    {
+      "datasource": {
+        "type": "prometheus",
+        "uid": "$DS_PROMETHEUS"
+      },
+      "fieldConfig": {
+        "defaults": {
+          "color": {
+            "mode": "palette-classic"
+          },
+          "custom": {
+            "axisCenteredZero": false,
+            "axisColorMode": "text",
+            "axisLabel": "",
+            "axisPlacement": "auto",
+            "barAlignment": 0,
+            "drawStyle": "line",
+            "fillOpacity": 10,
+            "gradientMode": "none",
+            "hideFrom": {
+              "legend": false,
+              "tooltip": false,
+              "viz": false
+            },
+            "lineInterpolation": "linear",
+            "lineWidth": 1,
+            "pointSize": 5,
+            "scaleDistribution": {
+              "type": "linear"
+            },
+            "showPoints": "never",
+            "spanNulls": false,
+            "stacking": {
+              "group": "A",
+              "mode": "normal"
+            },
+            "thresholdsStyle": {
+              "mode": "off"
+            }
+          },
+          "mappings": [],
+          "thresholds": {
+            "mode": "absolute",
+            "steps": [
+              {
+                "color": "green",
+                "value": null
+              },
+              {
+                "color": "red",
+                "value": 80
+              }
+            ]
+          },
+          "unit": "rps"
+        },
+        "overrides": []
+      },
+      "gridPos": {
+        "h": 8,
+        "w": 12,
+        "x": 12,
+        "y": 23
+      },
+      "id": 55,
+      "options": {
+        "legend": {
+          "calcs": [],
+          "displayMode": "list",
+          "placement": "bottom",
+          "showLegend": false
+        },
+        "tooltip": {
+          "mode": "multi",
+          "sort": "none"
+        }
+      },
+      "pluginVersion": "9.5.3",
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$DS_PROMETHEUS"
+          },
+          "editorMode": "code",
+          "expr": "sum(rate(fluentbit_filter_records_total{job=\"$release\",namespace=\"$namespace\"}[5m])) by (pod, name)",
+          "interval": "",
+          "legendFormat": "{{ `{{pod}}/{{name}}` }}",
+          "range": true,
+          "refId": "A"
+        }
+      ],
+      "title": "Filter Records",
+      "type": "timeseries"
+    },
+    {
+      "datasource": {
+        "type": "prometheus",
+        "uid": "$DS_PROMETHEUS"
+      },
+      "fieldConfig": {
+        "defaults": {
+          "color": {
+            "mode": "palette-classic"
+          },
+          "custom": {
+            "axisCenteredZero": false,
+            "axisColorMode": "text",
+            "axisLabel": "",
+            "axisPlacement": "auto",
+            "barAlignment": 0,
+            "drawStyle": "line",
+            "fillOpacity": 10,
+            "gradientMode": "none",
+            "hideFrom": {
+              "legend": false,
+              "tooltip": false,
+              "viz": false
+            },
+            "lineInterpolation": "linear",
+            "lineWidth": 1,
+            "pointSize": 5,
+            "scaleDistribution": {
+              "type": "linear"
+            },
+            "showPoints": "never",
+            "spanNulls": false,
+            "stacking": {
+              "group": "A",
+              "mode": "normal"
+            },
+            "thresholdsStyle": {
+              "mode": "off"
+            }
+          },
+          "mappings": [],
+          "thresholds": {
+            "mode": "absolute",
+            "steps": [
+              {
+                "color": "green",
+                "value": null
+              },
+              {
+                "color": "red",
+                "value": 80
+              }
+            ]
+          },
+          "unit": "short"
+        },
+        "overrides": []
+      },
+      "gridPos": {
+        "h": 8,
+        "w": 12,
+        "x": 0,
+        "y": 31
+      },
+      "id": 48,
+      "options": {
+        "legend": {
+          "calcs": [],
+          "displayMode": "list",
+          "placement": "bottom",
+          "showLegend": false
+        },
+        "tooltip": {
+          "mode": "multi",
+          "sort": "none"
+        }
+      },
+      "pluginVersion": "9.5.3",
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$DS_PROMETHEUS"
+          },
+          "editorMode": "code",
+          "expr": "sum(rate(fluentbit_filter_add_records_total{job=\"$release\",namespace=\"$namespace\"}[5m])) by (pod, name)",
+          "interval": "",
+          "legendFormat": "{{ `{{pod}}/{{name}}` }}",
+          "range": true,
+          "refId": "A"
+        }
+      ],
+      "title": "Filter Add Records",
+      "type": "timeseries"
+    },
+    {
+      "datasource": {
+        "type": "prometheus",
+        "uid": "$DS_PROMETHEUS"
+      },
+      "fieldConfig": {
+        "defaults": {
+          "color": {
+            "mode": "palette-classic"
+          },
+          "custom": {
+            "axisCenteredZero": false,
+            "axisColorMode": "text",
+            "axisLabel": "",
+            "axisPlacement": "auto",
+            "barAlignment": 0,
+            "drawStyle": "line",
+            "fillOpacity": 10,
+            "gradientMode": "none",
+            "hideFrom": {
+              "legend": false,
+              "tooltip": false,
+              "viz": false
+            },
+            "lineInterpolation": "linear",
+            "lineWidth": 1,
+            "pointSize": 5,
+            "scaleDistribution": {
+              "type": "linear"
+            },
+            "showPoints": "never",
+            "spanNulls": false,
+            "stacking": {
+              "group": "A",
+              "mode": "normal"
+            },
+            "thresholdsStyle": {
+              "mode": "off"
+            }
+          },
+          "mappings": [],
+          "thresholds": {
+            "mode": "absolute",
+            "steps": [
+              {
+                "color": "green",
+                "value": null
+              },
+              {
+                "color": "red",
+                "value": 80
+              }
+            ]
+          },
+          "unit": "short"
+        },
+        "overrides": []
+      },
+      "gridPos": {
+        "h": 8,
+        "w": 12,
+        "x": 12,
+        "y": 31
+      },
+      "id": 47,
+      "options": {
+        "legend": {
+          "calcs": [],
+          "displayMode": "list",
+          "placement": "bottom",
+          "showLegend": false
+        },
+        "tooltip": {
+          "mode": "multi",
+          "sort": "none"
+        }
+      },
+      "pluginVersion": "9.5.3",
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$DS_PROMETHEUS"
+          },
+          "editorMode": "code",
+          "expr": "sum(rate(fluentbit_filter_drop_records_total{job=\"$release\",namespace=\"$namespace\"}[5m])) by (pod, name)",
+          "interval": "",
+          "legendFormat": "{{ `{{pod}}/{{name}}` }}",
+          "range": true,
+          "refId": "A"
+        }
+      ],
+      "title": "Filter Drop Records",
+      "type": "timeseries"
+    },
+    {
+      "collapsed": false,
+      "datasource": {
+        "type": "prometheus",
+        "uid": "$DS_PROMETHEUS"
+      },
+      "gridPos": {
+        "h": 1,
+        "w": 24,
+        "x": 0,
+        "y": 39
+      },
+      "id": 53,
+      "panels": [],
+      "targets": [
+        {
+          "datasource": {
+            "type": "prometheus",
+            "uid": "$DS_PROMETHEUS"
+          },
+          "refId": "A"
+        }
+      ],
+      "title": "Kubernetes Metrics",
+      "type": "row"
+    },
+    {
+      "datasource": {
+        "type": "prometheus",
+        "uid": "$DS_PROMETHEUS"
+      },
+      "fieldConfig": {
+        "defaults": {
+          "color": {
+            "mode": "palette-classic"
+          },
+          "custom": {
+            "axisCenteredZero": false,
+            "axisColorMode": "text",
+            "axisLabel": "",
+            "axisPlacement": "auto",
+            "barAlignment": 0,
+            "drawStyle": "line",
+            "fillOpacity": 10,
+            "gradientMode": "none",
+            "hideFrom": {
+              "legend": false,
+              "tooltip": false,
+              "viz": false
+            },
+            "lineInterpolation": "linear",
+            "lineWidth": 1,
+            "pointSize": 5,
+            "scaleDistribution": {
+              "type": "linear"
+            },
+            "showPoints": "never",
+            "spanNulls": false,
+            "stacking": {
+              "group": "A",
+              "mode": "none"
+            },
+            "thresholdsStyle": {
+              "mode": "off"
+            }
+          },
+          "mappings": [],
+          "thresholds": {
+            "mode": "absolute",
+            "steps": [
+              {
+                "color": "green",
+                "value": null
+              },
+              {
+                "color": "red",
+                "value": 80
+              }
+            ]
+          },
+          "unit": "decbytes"
+        },
+        "overrides": [
+          {
+            "matcher": {
+              "id": "byRegexp",
+              "options": "/.* request/"
+            },
+            "properties": [
+              {
+                "id": "color",
+                "value": {
+                  "fixedColor": "#F2CC0C",
+                  "mode": "fixed"
+                }
+              },
+              {
+                "id": "custom.fillOpacity",
+                "value": 0
+              }
+            ]
+          }
+        ]
+      },
+      "gridPos": {
+        "h": 8,
+        "w": 12,
+        "x": 0,
+        "y": 40
+      },
+      "id": 51,
+      "options": {
+        "legend": {
+          "calcs": [],
+          "displayMode": "list",
+          "placement": "bottom",
+          "showLegend": false
+        },
+        "tooltip": {
+          "mode": "multi",
+          "sort": "none"
+        }
+      },
+      "pluginVersion": "9.5.3",
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$DS_PROMETHEUS"
+          },
+          "editorMode": "code",
+          "expr": "sum(container_memory_working_set_bytes{job=\"kubelet\",namespace=\"$namespace\",pod=~\"$pod\",container=\"fluent-bit\"}) by (pod)",
+          "interval": "",
+          "legendFormat": "{{ `{{pod}}` }}",
+          "range": true,
+          "refId": "A"
+        },
+        {
+          "datasource": {
+            "uid": "$DS_PROMETHEUS"
+          },
+          "editorMode": "code",
+          "expr": "avg(kube_pod_container_resource_requests{job=\"kube-state-metrics\",namespace=\"$namespace\",pod=~\"$pod\", container=\"fluent-bit\",resource=\"memory\"})",
+          "interval": "",
+          "legendFormat": "request",
+          "range": true,
+          "refId": "B"
+        }
+      ],
+      "title": "Memory Usage",
+      "type": "timeseries"
+    },
+    {
+      "datasource": {
+        "type": "prometheus",
+        "uid": "$DS_PROMETHEUS"
+      },
+      "fieldConfig": {
+        "defaults": {
+          "color": {
+            "mode": "palette-classic"
+          },
+          "custom": {
+            "axisCenteredZero": false,
+            "axisColorMode": "text",
+            "axisLabel": "",
+            "axisPlacement": "auto",
+            "barAlignment": 0,
+            "drawStyle": "line",
+            "fillOpacity": 10,
+            "gradientMode": "none",
+            "hideFrom": {
+              "legend": false,
+              "tooltip": false,
+              "viz": false
+            },
+            "lineInterpolation": "linear",
+            "lineWidth": 1,
+            "pointSize": 5,
+            "scaleDistribution": {
+              "type": "linear"
+            },
+            "showPoints": "never",
+            "spanNulls": false,
+            "stacking": {
+              "group": "A",
+              "mode": "none"
+            },
+            "thresholdsStyle": {
+              "mode": "off"
+            }
+          },
+          "mappings": [],
+          "thresholds": {
+            "mode": "absolute",
+            "steps": [
+              {
+                "color": "green",
+                "value": null
+              },
+              {
+                "color": "red",
+                "value": 80
+              }
+            ]
+          },
+          "unit": "short"
+        },
+        "overrides": [
+          {
+            "matcher": {
+              "id": "byRegexp",
+              "options": "/.* request/"
+            },
+            "properties": [
+              {
+                "id": "color",
+                "value": {
+                  "fixedColor": "#F2CC0C",
+                  "mode": "fixed"
+                }
+              },
+              {
+                "id": "custom.fillOpacity",
+                "value": 0
+              }
+            ]
+          }
+        ]
+      },
+      "gridPos": {
+        "h": 8,
+        "w": 12,
+        "x": 12,
+        "y": 40
+      },
+      "id": 50,
+      "options": {
+        "legend": {
+          "calcs": [],
+          "displayMode": "list",
+          "placement": "bottom",
+          "showLegend": false
+        },
+        "tooltip": {
+          "mode": "multi",
+          "sort": "none"
+        }
+      },
+      "pluginVersion": "9.5.3",
+      "targets": [
+        {
+          "datasource": {
+            "type": "prometheus",
+            "uid": "$DS_PROMETHEUS"
+          },
+          "editorMode": "code",
+          "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{namespace=\"$namespace\",pod=~\"$pod\",container=\"fluent-bit\"}) by (pod)",
+          "interval": "",
+          "legendFormat": "{{ `{{ pod }}` }}",
+          "range": true,
+          "refId": "A"
+        },
+        {
+          "datasource": {
+            "type": "prometheus",
+            "uid": "$DS_PROMETHEUS"
+          },
+          "editorMode": "code",
+          "expr": "avg(kube_pod_container_resource_requests{job=\"kube-state-metrics\",namespace=\"$namespace\",pod=~\"$pod\",container=\"fluent-bit\",resource=\"cpu\"})",
+          "interval": "",
+          "legendFormat": "{{ `{{ pod }} request` }}",
+          "range": true,
+          "refId": "B"
+        }
+      ],
+      "title": "CPU Usage",
+      "type": "timeseries"
+    }
+  ],
+  "refresh": "5s",
+  "schemaVersion": 38,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "selected": false,
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "includeAll": false,
+        "label": "Datasource",
+        "multi": false,
+        "name": "DS_PROMETHEUS",
+        "options": [],
+        "query": "prometheus",
+        "queryValue": "",
+        "refresh": 1,
+        "regex": "",
+        "skipUrlSync": false,
+        "type": "datasource"
+      },
+      {
+        "allValue": "$fullname-.*",
+        "current": {
+          "selected": false,
+          "text": "All",
+          "value": "$__all"
+        },
+        "datasource": {
+          "type": "prometheus",
+          "uid": "$DS_PROMETHEUS"
+        },
+        "definition": "label_values(kube_pod_info{job=\"kube-state-metrics\",namespace=\"$namespace\",created_by_kind=\"DaemonSet\",created_by_name=\"$release\"},pod)",
+        "hide": 0,
+        "includeAll": true,
+        "label": "pod",
+        "multi": false,
+        "name": "pod",
+        "options": [],
+        "query": {
+          "query": "label_values(kube_pod_info{job=\"kube-state-metrics\",namespace=\"$namespace\",created_by_kind=\"DaemonSet\",created_by_name=\"$release\"},pod)",
+          "refId": "PrometheusVariableQueryEditor-VariableQuery"
+        },
+        "refresh": 2,
+        "regex": "",
+        "skipUrlSync": false,
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      },
+      {
+        "hide": 2,
+        "label": "Namespace",
+        "name": "namespace",
+        "query": "{{ .Release.Namespace }}",
+        "skipUrlSync": false,
+        "type": "constant"
+      },
+      {
+        "hide": 2,
+        "label": "Release",
+        "name": "release",
+        "query": "{{ .Release.Name }}",
+        "skipUrlSync": false,
+        "type": "constant"
+      },
+      {
+        "hide": 2,
+        "label": "Full Name",
+        "name": "fullname",
+        "query": "{{ include "fluent-bit.fullname" . }}",
+        "skipUrlSync": false,
+        "type": "constant"
+      }
+    ]
+  },
+  "time": {
+    "from": "now-30m",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ],
+    "time_options": [
+      "5m",
+      "15m",
+      "1h",
+      "6h",
+      "12h",
+      "24h",
+      "2d",
+      "7d",
+      "30d"
+    ]
+  },
+  "timezone": "",
+  "title": "{{ include "fluent-bit.fullname" . }}",
+  "uid": {{ ternary (printf "\"%s\"" (sha1sum (printf "%s-%s" .Release.Namespace (include "fluent-bit.fullname" .)))) "null" .Values.dashboards.deterministicUid }},
+  "version": 7,
+  "weekStart": ""
+}
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/templates/NOTES.txt b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/NOTES.txt
new file mode 100644
index 00000000..7e09ee62
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/NOTES.txt
@@ -0,0 +1,6 @@
+Get Fluent Bit build information by running these commands:
+
+export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "fluent-bit.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 2020:2020
+curl http://127.0.0.1:2020 
+
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/templates/_helpers.tpl b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/_helpers.tpl
new file mode 100644
index 00000000..84a30563
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/_helpers.tpl
@@ -0,0 +1,138 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "fluent-bit.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "fluent-bit.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "fluent-bit.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Common labels
+*/}}
+{{- define "fluent-bit.labels" -}}
+helm.sh/chart: {{ include "fluent-bit.chart" . }}
+{{ include "fluent-bit.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end -}}
+
+{{/*
+Selector labels
+*/}}
+{{- define "fluent-bit.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "fluent-bit.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end -}}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "fluent-bit.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create -}}
+    {{ default (include "fluent-bit.fullname" .) .Values.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Fluent-bit image with tag/digest
+*/}}
+{{- define "fluent-bit.image" -}}
+{{- $tag := ternary "" (printf ":%s" (toString .tag)) (or (empty .tag) (eq "-" (toString .tag))) -}}
+{{- $digest := ternary "" (printf "@%s" .digest) (empty .digest) -}}
+{{- printf "%s%s%s" .repository $tag $digest -}}
+{{- end -}}
+
+{{/*
+Ingress ApiVersion according k8s version
+*/}}
+{{- define "fluent-bit.ingress.apiVersion" -}}
+{{- if and (.Capabilities.APIVersions.Has "networking.k8s.io/v1") (semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion) -}}
+networking.k8s.io/v1
+{{- else if and (.Capabilities.APIVersions.Has "networking.k8s.io/v1beta1") (semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion) -}}
+networking.k8s.io/v1beta1
+{{- else -}}
+extensions/v1beta1
+{{- end }}
+{{- end }}
+
+{{/*
+Return if ingress is stable.
+*/}}
+{{- define "fluent-bit.ingress.isStable" -}}
+  {{- eq (include "fluent-bit.ingress.apiVersion" .) "networking.k8s.io/v1" -}}
+{{- end -}}
+{{/*
+Return if ingress supports ingressClassName.
+*/}}
+{{- define "fluent-bit.ingress.supportsIngressClassName" -}}
+  {{- or (eq (include "fluent-bit.ingress.isStable" .) "true") (and (eq (include "fluent-bit.ingress.apiVersion" .) "networking.k8s.io/v1beta1") (semverCompare ">= 1.18-0" .Capabilities.KubeVersion.Version)) -}}
+{{- end -}}
+{{/*
+Return if ingress supports pathType.
+*/}}
+{{- define "fluent-bit.ingress.supportsPathType" -}}
+  {{- or (eq (include "fluent-bit.ingress.isStable" .) "true") (and (eq (include "fluent-bit.ingress.apiVersion" .) "networking.k8s.io/v1beta1") (semverCompare ">= 1.18-0" .Capabilities.KubeVersion.Version)) -}}
+{{- end -}}
+
+{{/*
+Pdb apiVersion according k8s version and capabilities
+*/}}
+{{- define "fluent-bit.pdb.apiVersion" -}}
+{{- if and (.Capabilities.APIVersions.Has "policy/v1") (semverCompare ">=1.21-0" .Capabilities.KubeVersion.GitVersion) -}}
+policy/v1
+{{- else -}}
+policy/v1beta1
+{{- end }}
+{{- end -}}
+
+{{/*
+HPA ApiVersion according k8s version
+Check legacy first so helm template / kustomize will default to latest version
+*/}}
+{{- define "fluent-bit.hpa.apiVersion" -}}
+{{- if and (.Capabilities.APIVersions.Has "autoscaling/v2beta2") (semverCompare "<1.23-0" .Capabilities.KubeVersion.GitVersion) -}}
+autoscaling/v2beta2
+{{- else -}}
+autoscaling/v2
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create the name of OpenShift SecurityContextConstraints to use
+*/}}
+{{- define "fluent-bit.openShiftSccName" -}}
+{{- if not .Values.openShift.securityContextConstraints.create -}}
+{{- printf "%s" .Values.openShift.securityContextConstraints.existingName -}}
+{{- else -}}
+{{- printf "%s" (default (include "fluent-bit.fullname" .) .Values.openShift.securityContextConstraints.name) -}}
+{{- end -}}
+{{- end -}}
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/templates/_pod.tpl b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/_pod.tpl
new file mode 100644
index 00000000..2e7c5f27
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/_pod.tpl
@@ -0,0 +1,169 @@
+{{- define "fluent-bit.pod" -}}
+{{- if ne .Values.serviceAccount.automountServiceAccountToken nil }}
+automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }}
+{{- end }}
+serviceAccountName: {{ include "fluent-bit.serviceAccountName" . }}
+{{- with .Values.imagePullSecrets }}
+imagePullSecrets:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- if .Values.priorityClassName }}
+priorityClassName: {{ .Values.priorityClassName }}
+{{- end }}
+{{- with .Values.podSecurityContext }}
+securityContext:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- with .Values.terminationGracePeriodSeconds }}
+terminationGracePeriodSeconds: {{ . }}
+{{- end }}
+hostNetwork: {{ .Values.hostNetwork }}
+dnsPolicy: {{ .Values.dnsPolicy }}
+{{- with .Values.dnsConfig }}
+dnsConfig:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- with .Values.hostAliases }}
+hostAliases:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- with .Values.initContainers }}
+initContainers:
+{{- if kindIs "string" . }}
+  {{- tpl . $ | nindent 2 }}
+{{- else }}
+  {{-  toYaml . | nindent 2 }}
+{{- end -}}
+{{- end }}
+containers:
+  - name: {{ .Chart.Name }}
+  {{- with .Values.securityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+  {{- end }}
+    image: {{ include "fluent-bit.image" (merge .Values.image (dict "tag" (default .Chart.AppVersion .Values.image.tag))) | quote }}
+    imagePullPolicy: {{ .Values.image.pullPolicy }}
+  {{- if or .Values.env .Values.envWithTpl }}
+    env:
+    {{- with .Values.env }}
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- range $item := .Values.envWithTpl }}
+      - name: {{ $item.name }}
+        value: {{ tpl $item.value $ | quote }}
+    {{- end }}
+  {{- end }}
+  {{- if .Values.envFrom }}
+    envFrom:
+      {{- toYaml .Values.envFrom | nindent 6 }}
+  {{- end }}
+  {{- with .Values.command }}
+    command:
+      {{- toYaml . | nindent 6 }}
+  {{- end }}
+  {{- if or .Values.args .Values.hotReload.enabled }}
+    args:
+      {{- toYaml .Values.args | nindent 6 }}
+    {{- if .Values.hotReload.enabled }}
+      - --enable-hot-reload
+    {{- end }}
+  {{- end}}
+    ports:
+      - name: http
+        containerPort: {{ .Values.metricsPort }}
+        protocol: TCP
+    {{- if .Values.extraPorts }}
+      {{- range .Values.extraPorts }}
+      - name: {{ .name }}
+        containerPort: {{ .containerPort }}
+        protocol: {{ .protocol }}
+      {{- end }}
+    {{- end }}
+  {{- with .Values.lifecycle }}
+    lifecycle:
+      {{- toYaml . | nindent 6 }}
+  {{- end }}
+    livenessProbe:
+      {{- toYaml .Values.livenessProbe | nindent 6 }}
+    readinessProbe:
+      {{- toYaml .Values.readinessProbe | nindent 6 }}
+  {{- with .Values.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+  {{- end }}
+    volumeMounts:
+      - name: config
+        mountPath: /fluent-bit/etc/conf
+    {{- if or .Values.luaScripts .Values.hotReload.enabled }}
+      - name: luascripts
+        mountPath: /fluent-bit/scripts
+    {{- end }}
+    {{- if eq .Values.kind "DaemonSet" }}
+      {{- toYaml .Values.daemonSetVolumeMounts | nindent 6 }}
+    {{- end }}
+    {{- if .Values.extraVolumeMounts }}
+      {{- toYaml .Values.extraVolumeMounts | nindent 6 }}
+    {{- end }}
+{{- if .Values.hotReload.enabled }}
+  - name: reloader
+  {{- with .Values.hotReload.securityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+  {{- end }}
+    image: {{ include "fluent-bit.image" .Values.hotReload.image }}
+    args:
+      - {{ printf "-webhook-url=http://localhost:%s/api/v2/reload" (toString .Values.metricsPort) }}
+      - -volume-dir=/watch/config
+      - -volume-dir=/watch/scripts
+      {{- range $idx, $val := .Values.hotReload.extraWatchVolumes }}
+      - {{ printf "-volume-dir=/watch/extra-%d" (int $idx) }}
+      {{- end }}
+    volumeMounts:
+      - name: config
+        mountPath: /watch/config
+      - name: luascripts
+        mountPath: /watch/scripts
+      {{- range $idx, $val := .Values.hotReload.extraWatchVolumes }}
+      - name: {{ $val }}
+        mountPath: {{ printf "/watch/extra-%d" (int $idx) }}
+      {{- end }}
+    {{- with .Values.hotReload.resources }}
+    resources:
+      {{- toYaml . | nindent 12 }}
+    {{- end }}
+{{- end }}
+{{- if .Values.extraContainers }}
+  {{- if kindIs "string" .Values.extraContainers }}
+    {{- tpl .Values.extraContainers $ | nindent 2 }}
+  {{- else }}
+    {{-  toYaml .Values.extraContainers | nindent 2 }}
+  {{- end -}}
+{{- end }}
+volumes:
+  - name: config
+    configMap:
+      name: {{ default (include "fluent-bit.fullname" .) .Values.existingConfigMap }}
+{{- if or .Values.luaScripts .Values.hotReload.enabled }}
+  - name: luascripts
+    configMap:
+      name: {{ include "fluent-bit.fullname" . }}-luascripts
+{{- end }}
+{{- if eq .Values.kind "DaemonSet" }}
+  {{- toYaml .Values.daemonSetVolumes | nindent 2 }}
+{{- end }}
+{{- if .Values.extraVolumes }}
+  {{- toYaml .Values.extraVolumes | nindent 2 }}
+{{- end }}
+{{- with .Values.nodeSelector }}
+nodeSelector:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- with .Values.affinity }}
+affinity:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- with .Values.tolerations }}
+tolerations:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- end -}}
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/templates/clusterrole.yaml b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/clusterrole.yaml
new file mode 100644
index 00000000..550ac8fe
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/clusterrole.yaml
@@ -0,0 +1,46 @@
+{{- if .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ include "fluent-bit.fullname" . }}
+  labels:
+    {{- include "fluent-bit.labels" . | nindent 4 }}
+rules:
+  - apiGroups:
+      - ""
+    resources:
+      - namespaces
+      - pods
+      {{- if .Values.rbac.nodeAccess }}
+      - nodes
+      - nodes/metrics
+      - nodes/proxy
+      {{- end }}
+      {{- if .Values.rbac.eventsAccess }}
+      - events
+      {{- end }}
+    verbs:
+      - get
+      - list
+      - watch
+  {{- if and .Values.podSecurityPolicy.create (semverCompare "<=1.25-0" .Capabilities.KubeVersion.GitVersion) }}
+  - apiGroups:
+      - policy
+    resources:
+      - podsecuritypolicies
+    resourceNames:
+      - {{ include "fluent-bit.fullname" . }}
+    verbs:
+      - use
+  {{- end }}
+  {{- if .Values.openShift.enabled }}
+  - apiGroups:
+      - security.openshift.io
+    resources:
+      - securitycontextconstraints
+    resourceNames:
+      - {{ include "fluent-bit.openShiftSccName" . }}
+    verbs:
+      - use
+  {{- end }}
+{{- end -}}
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/templates/clusterrolebinding.yaml b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/clusterrolebinding.yaml
new file mode 100644
index 00000000..e4b55b20
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/clusterrolebinding.yaml
@@ -0,0 +1,16 @@
+{{- if .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ include "fluent-bit.fullname" . }}
+  labels:
+    {{- include "fluent-bit.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ include "fluent-bit.fullname" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ include "fluent-bit.serviceAccountName" . }}
+    namespace: {{ .Release.Namespace }}
+{{- end -}}
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/templates/configmap-dashboards.yaml b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/configmap-dashboards.yaml
new file mode 100644
index 00000000..8047d51f
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/configmap-dashboards.yaml
@@ -0,0 +1,21 @@
+
+{{- if .Values.dashboards.enabled -}}
+{{- range $path, $_ :=  .Files.Glob "dashboards/*.json" }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "fluent-bit.fullname" $ }}-dashboard-{{ trimSuffix ".json" (base $path) }}
+  namespace: {{ default $.Release.Namespace $.Values.dashboards.namespace }}
+  {{- with $.Values.dashboards.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 -}}
+  {{- end }}
+  labels:
+    {{- include "fluent-bit.labels" $ | nindent 4 }}
+    {{ $.Values.dashboards.labelKey }}: {{ $.Values.dashboards.labelValue | quote }}
+data:
+  {{ include "fluent-bit.fullname" $ }}-{{ base $path }}: |
+    {{- tpl ($.Files.Get $path) $ | nindent 4 }}
+---
+{{- end }}
+{{- end -}}
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/templates/configmap-luascripts.yaml b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/configmap-luascripts.yaml
new file mode 100644
index 00000000..451e433d
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/configmap-luascripts.yaml
@@ -0,0 +1,13 @@
+{{- if or .Values.luaScripts .Values.hotReload.enabled -}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "fluent-bit.fullname" . }}-luascripts
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "fluent-bit.labels" . | nindent 4 }}
+data:
+  {{ range $key, $value := .Values.luaScripts }}
+  {{ $key }}: {{ (tpl $value $) | quote }}
+  {{ end }}
+{{- end -}}
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/templates/configmap.yaml b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/configmap.yaml
new file mode 100644
index 00000000..37821d3c
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/configmap.yaml
@@ -0,0 +1,25 @@
+{{- if not .Values.existingConfigMap -}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "fluent-bit.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "fluent-bit.labels" . | nindent 4 }}
+data:
+  custom_parsers.conf: |
+    {{- (tpl .Values.config.customParsers $) | nindent 4 }}
+  fluent-bit.conf: |
+    {{- (tpl .Values.config.service $)  | nindent 4 }}
+    {{- (tpl .Values.config.inputs $)  | nindent 4 }}
+    {{- (tpl .Values.config.filters $)  | nindent 4 }}
+    {{- (tpl .Values.config.outputs $)  | nindent 4 }}
+  {{- range $key, $val := .Values.config.upstream }}
+  {{ $key }}: |
+    {{- (tpl $val $) | nindent 4 }}
+  {{- end }}
+  {{- range $key, $val := .Values.config.extraFiles }}
+  {{ $key }}: |
+    {{- (tpl $val $) | nindent 4 }}
+  {{- end }}
+{{- end -}}
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/templates/daemonset.yaml b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/daemonset.yaml
new file mode 100644
index 00000000..12570954
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/daemonset.yaml
@@ -0,0 +1,48 @@
+{{- if eq .Values.kind "DaemonSet" }}
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: {{ include "fluent-bit.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "fluent-bit.labels" . | nindent 4 }}
+    {{- with .Values.labels }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  selector:
+    matchLabels:
+      {{- include "fluent-bit.selectorLabels" . | nindent 6 }}
+  {{- with .Values.updateStrategy }}
+  updateStrategy:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.minReadySeconds }}
+  minReadySeconds: {{ . }}
+  {{- end }}
+  template:
+    metadata:
+      labels:
+        {{- include "fluent-bit.selectorLabels" . | nindent 8 }}
+        {{- with .Values.podLabels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    {{- if or (not .Values.hotReload.enabled) .Values.podAnnotations }}
+      annotations:
+      {{- if not .Values.hotReload.enabled }}
+        checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+      {{- if .Values.luaScripts }}
+        checksum/luascripts: {{ include (print $.Template.BasePath "/configmap-luascripts.yaml") . | sha256sum }}
+      {{- end }}
+      {{- end }}
+      {{- with .Values.podAnnotations }}
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+    {{- end }}
+    spec:
+      {{- include "fluent-bit.pod" . | nindent 6 }}
+{{- end }}
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/templates/deployment.yaml b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/deployment.yaml
new file mode 100644
index 00000000..7ba61b5f
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/deployment.yaml
@@ -0,0 +1,51 @@
+{{- if eq .Values.kind "Deployment" }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "fluent-bit.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "fluent-bit.labels" . | nindent 4 }}
+    {{- with .Values.labels }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if not .Values.autoscaling.enabled }}
+  replicas: {{ .Values.replicaCount }}
+  {{- end }}
+  {{- with .Values.updateStrategy }}
+  strategy:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "fluent-bit.selectorLabels" . | nindent 6 }}
+  {{- with .Values.minReadySeconds }}
+  minReadySeconds: {{ . }}
+  {{- end }}
+  template:
+    metadata:
+      labels:
+        {{- include "fluent-bit.selectorLabels" . | nindent 8 }}
+      {{- with .Values.podLabels }}
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- if or (not .Values.hotReload.enabled) .Values.podAnnotations }}
+      annotations:
+      {{- if not .Values.hotReload.enabled }}
+        checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+      {{- if .Values.luaScripts }}
+        checksum/luascripts: {{ include (print $.Template.BasePath "/configmap-luascripts.yaml") . | sha256sum }}
+      {{- end }}
+      {{- end }}
+      {{- with .Values.podAnnotations }}
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- end }}
+    spec:
+      {{- include "fluent-bit.pod" . | nindent 6 }}
+{{- end }}
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/templates/hpa.yaml b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/hpa.yaml
new file mode 100644
index 00000000..243459f8
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/hpa.yaml
@@ -0,0 +1,40 @@
+{{- if and  ( eq  .Values.kind "Deployment" )  .Values.autoscaling.enabled  }}
+apiVersion: {{ include "fluent-bit.hpa.apiVersion" . }}
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "fluent-bit.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "fluent-bit.labels" . | nindent 4 }}
+spec:
+  {{- if .Values.autoscaling.behavior }}
+  behavior:
+    {{- toYaml .Values.autoscaling.behavior | nindent 4 }}
+  {{- end }}
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ include "fluent-bit.fullname" . }}
+  minReplicas: {{ .Values.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+  metrics:
+  {{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        target:
+          averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
+          type: Utilization
+  {{- end }}
+  {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        target:
+          averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
+          type: Utilization
+  {{- end }}
+  {{- if .Values.autoscaling.customRules -}}
+    {{- toYaml .Values.autoscaling.customRules | nindent 4}}
+  {{- end -}}
+{{- end }}
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/templates/ingress.yaml b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/ingress.yaml
new file mode 100644
index 00000000..a6ce859b
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/ingress.yaml
@@ -0,0 +1,65 @@
+{{- $ingressApiIsStable := eq (include "fluent-bit.ingress.isStable" .) "true" -}}
+{{- $ingressSupportsIngressClassName := eq (include "fluent-bit.ingress.supportsIngressClassName" .) "true" -}}
+{{- $ingressSupportsPathType := eq (include "fluent-bit.ingress.supportsPathType" .) "true" -}}
+{{- $fullName := include "fluent-bit.fullname" . -}}
+{{- $svcPort := .Values.service.port -}}
+
+{{- if and ( eq .Values.kind "Deployment" ) .Values.ingress.enabled }}
+apiVersion: {{ include "fluent-bit.ingress.apiVersion" . }}
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "fluent-bit.labels" . | nindent 4 }}
+  {{- with .Values.ingress.annotations }}
+  annotations:
+  {{- range $key, $value := . }}
+    {{ printf "%s: %s" $key ((tpl $value $) | quote) }}
+  {{- end }}
+  {{- end }}
+spec:
+  {{- if and $ingressSupportsIngressClassName .Values.ingress.ingressClassName }}
+  ingressClassName: {{ .Values.ingress.ingressClassName }}
+  {{- end -}}
+  {{- if .Values.ingress.tls }}
+  tls:
+    {{- range .Values.ingress.tls }}
+    - hosts:
+        {{- range .hosts }}
+        - {{ . | quote }}
+        {{- end }}
+      {{- with .secretName }}
+      secretName: {{ . }}
+      {{- end }}
+    {{- end }}
+  {{- end }}
+  rules:
+    {{- range concat .Values.ingress.hosts .Values.ingress.extraHosts }}
+    - host: {{ .host | quote }}
+      http:
+        paths:
+          - path: /
+            {{- if $ingressSupportsPathType }}
+            pathType: Prefix
+            {{- end }}
+            backend:
+              {{- if $ingressApiIsStable }}
+              service:
+                name: {{ $fullName }}
+                port:
+                  {{- if .port }}
+                  number: {{ .port }}
+                  {{- else }}
+                  number: {{ $svcPort }}
+                  {{- end }}
+              {{- else }}
+              serviceName: {{ $fullName }}
+              {{- if .port }}
+              servicePort: {{ .port }}
+              {{- else }}
+              servicePort: {{ $svcPort }}
+              {{- end }}
+              {{- end }}
+    {{- end }}
+{{- end }}
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/templates/networkpolicy.yaml b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/networkpolicy.yaml
new file mode 100644
index 00000000..aee927cb
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/networkpolicy.yaml
@@ -0,0 +1,23 @@
+{{- if .Values.networkPolicy.enabled }}
+apiVersion: "networking.k8s.io/v1"
+kind: "NetworkPolicy"
+metadata:
+  name: {{ include "fluent-bit.fullname" . | quote }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "fluent-bit.labels" . | nindent 4 }}
+spec:
+  policyTypes:
+    - "Ingress"
+  podSelector:
+    matchLabels:
+      {{- include "fluent-bit.selectorLabels" . | nindent 6 }}
+  ingress:
+    {{- with .Values.networkPolicy.ingress }}
+    - from:
+        {{- with .from }}{{- . | toYaml | nindent 8 }}{{- else }} []{{- end }}
+      ports:
+        - protocol: "TCP"
+          port: {{ $.Values.service.port }}
+    {{- end }}
+{{- end }}
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/templates/pdb.yaml b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/pdb.yaml
new file mode 100644
index 00000000..d073f678
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/pdb.yaml
@@ -0,0 +1,21 @@
+{{- if and  ( eq  .Values.kind "Deployment" )  .Values.podDisruptionBudget.enabled  }}
+apiVersion: {{ include "fluent-bit.pdb.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+  name: {{ include "fluent-bit.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "fluent-bit.labels" . | nindent 4 }}
+{{- with .Values.podDisruptionBudget.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+{{- end }}
+spec:
+  maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }}
+  selector:
+    matchLabels:
+      {{- include "fluent-bit.selectorLabels" . | nindent 6 }}
+      {{- with .Values.labels }}
+        {{- toYaml . | nindent 6 }}
+      {{- end }}
+{{- end }}
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/templates/prometheusrule.yaml b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/prometheusrule.yaml
new file mode 100644
index 00000000..26e92e56
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/prometheusrule.yaml
@@ -0,0 +1,18 @@
+{{- if and ( .Capabilities.APIVersions.Has "monitoring.coreos.com/v1" ) .Values.prometheusRule.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ include "fluent-bit.fullname" . }}
+  namespace: {{ default $.Release.Namespace .Values.prometheusRule.namespace }}
+  labels:
+    {{- include "fluent-bit.labels" . | nindent 4 }}
+  {{- if .Values.prometheusRule.additionalLabels }}
+    {{- toYaml .Values.prometheusRule.additionalLabels | nindent 4 }}
+  {{- end }}
+spec:
+{{- if .Values.prometheusRule.rules }}
+  groups:
+  - name: {{ template "fluent-bit.name" . }}
+    rules: {{- toYaml .Values.prometheusRule.rules | nindent 4 }}
+{{- end }}
+{{- end }}
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/templates/psp.yaml b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/psp.yaml
new file mode 100644
index 00000000..2e7f500c
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/psp.yaml
@@ -0,0 +1,45 @@
+{{- if and .Values.podSecurityPolicy.create (semverCompare "<=1.25-0" .Capabilities.KubeVersion.GitVersion) -}}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ include "fluent-bit.fullname" . }}
+{{- if .Values.podSecurityPolicy.annotations }}
+  annotations:
+    {{- toYaml .Values.podSecurityPolicy.annotations | nindent 4 }}
+{{- end }}
+spec:
+  privileged: false
+  # Required to prevent escalations to root.
+  allowPrivilegeEscalation: false
+  # This is redundant with non-root + disallow privilege escalation,
+  # but we can provide it for defense in depth.
+  requiredDropCapabilities:
+    - ALL
+  volumes:
+    - '*'
+  hostNetwork: {{ .Values.hostNetwork }}
+  hostIPC: false
+  hostPID: false
+{{- with .Values.podSecurityPolicy.runAsUser }}
+  runAsUser:
+  {{- toYaml . | nindent 4 }}
+{{- end }}
+{{- with .Values.podSecurityPolicy.seLinux }}
+  seLinux:
+  {{- toYaml . | nindent 4 }}
+{{- end }}
+
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      # Forbid adding the root group.
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      # Forbid adding the root group.
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+{{- end }}
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/templates/scc.yaml b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/scc.yaml
new file mode 100644
index 00000000..b9ed6d64
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/scc.yaml
@@ -0,0 +1,45 @@
+{{- if and .Values.openShift.enabled .Values.openShift.securityContextConstraints.create }}
+apiVersion: security.openshift.io/v1
+kind: SecurityContextConstraints
+metadata:
+  name: {{ include "fluent-bit.openShiftSccName" . }}
+  labels:
+    {{- include "fluent-bit.labels" . | nindent 4 }}
+  {{- with .Values.openShift.securityContextConstraints.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+allowPrivilegedContainer: true
+allowPrivilegeEscalation: true
+allowHostDirVolumePlugin: true
+defaultAllowPrivilegeEscalation: false
+# forbid host namespaces
+allowHostNetwork: false
+allowHostIPC: false
+allowHostPorts: false
+allowHostPID: false
+allowedCapabilities: []
+forbiddenSysctls:
+  - "*"
+readOnlyRootFilesystem: false
+requiredDropCapabilities:
+  - MKNOD
+{{- with .Values.openShift.securityContextConstraints.runAsUser }}
+runAsUser:
+  {{- toYaml . | nindent 4 }}
+{{- end }}
+{{- with .Values.openShift.securityContextConstraints.seLinuxContext }}
+seLinuxContext:
+  {{- toYaml . | nindent 4 }}
+{{- end }}
+supplementalGroups:
+  type: RunAsAny
+volumes:
+  - configMap
+  - downwardAPI
+  - emptyDir
+  - hostPath
+  - persistentVolumeClaim
+  - projected
+  - secret
+{{- end }}
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/templates/service.yaml b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/service.yaml
new file mode 100644
index 00000000..ad92af56
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/service.yaml
@@ -0,0 +1,60 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "fluent-bit.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "fluent-bit.labels" . | nindent 4 }}
+    {{- with .Values.service.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with .Values.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  type: {{ .Values.service.type }}
+  {{- if and (eq .Values.service.type "ClusterIP") (.Values.service.clusterIP) }}
+  clusterIP: {{ .Values.service.clusterIP }}
+  {{- end }}
+  {{- if .Values.service.externalIPs }}
+  externalIPs: {{- toYaml .Values.service.externalIPs | nindent 4 }}
+  {{- end }}
+  {{- if (eq .Values.kind "DaemonSet") }}
+  {{- with .Values.service.internalTrafficPolicy }}
+  internalTrafficPolicy: {{ . }}
+  {{- end }}
+  {{- end }}
+  {{- if (eq .Values.service.type "LoadBalancer")}}
+  {{- with .Values.service.loadBalancerClass}}
+  loadBalancerClass: {{ . }}
+  {{- end }}
+  {{- with .Values.service.loadBalancerSourceRanges}}
+  loadBalancerSourceRanges:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.service.loadBalancerIP}}
+  loadBalancerIP: {{ . }}
+  {{- end }}
+  {{- end }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+      {{- if and (eq .Values.service.type "NodePort") (.Values.service.nodePort) }}
+      nodePort: {{ .Values.service.nodePort }}
+      {{- end }}
+  {{- if .Values.extraPorts }}
+    {{- range .Values.extraPorts }}
+    - name: {{ .name }}
+      targetPort: {{ .name }}
+      protocol: {{ .protocol }}
+      port: {{ .port }}
+      {{- if and (eq $.Values.service.type "NodePort") (.nodePort) }}
+      nodePort: {{ .nodePort }}
+      {{- end }}
+    {{- end }}
+  {{- end }}
+  selector:
+    {{- include "fluent-bit.selectorLabels" . | nindent 4 }}
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/templates/serviceaccount.yaml b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/serviceaccount.yaml
new file mode 100644
index 00000000..433e182d
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/serviceaccount.yaml
@@ -0,0 +1,16 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "fluent-bit.serviceAccountName" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "fluent-bit.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- if ne .Values.serviceAccount.automountServiceAccountToken nil }}
+automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }}
+{{- end }}
+{{- end -}}
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/templates/servicemonitor.yaml b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/servicemonitor.yaml
new file mode 100644
index 00000000..75ba026d
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/servicemonitor.yaml
@@ -0,0 +1,51 @@
+{{- if and ( .Capabilities.APIVersions.Has "monitoring.coreos.com/v1" ) .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "fluent-bit.fullname" . }}
+  namespace: {{ default .Release.Namespace .Values.serviceMonitor.namespace }}
+  labels:
+    {{- include "fluent-bit.labels" . | nindent 4 }}
+    {{- with .Values.serviceMonitor.selector }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  jobLabel: app.kubernetes.io/instance
+  endpoints:
+    - port: http
+      path: {{ default "/api/v2/metrics/prometheus" .Values.serviceMonitor.path }}
+      {{- with .Values.serviceMonitor.interval }}
+      interval: {{ . }}
+      {{- end }}
+      {{- with .Values.serviceMonitor.scrapeTimeout }}
+      scrapeTimeout: {{ . }}
+      {{- end }}
+      {{- with .Values.serviceMonitor.metricRelabelings }}
+      metricRelabelings:
+      {{- if kindIs "string" . }}
+        {{- tpl . $ | nindent 8 }}
+      {{- else }}
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- end }}
+      {{- with .Values.serviceMonitor.relabelings }}
+      relabelings:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- if .Values.serviceMonitor.scheme }}
+      scheme: {{ .Values.serviceMonitor.scheme }}
+      {{- end }}
+      {{- if .Values.serviceMonitor.tlsConfig }}
+      tlsConfig:
+        {{- toYaml .Values.serviceMonitor.tlsConfig | nindent 8 }}
+      {{- end }}
+    {{- with .Values.serviceMonitor.additionalEndpoints }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+  namespaceSelector:
+    matchNames:
+      - {{ .Release.Namespace }}
+  selector:
+    matchLabels:
+      {{- include "fluent-bit.selectorLabels" . | nindent 6 }}
+{{- end }}
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/templates/tests/test-connection.yaml b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/tests/test-connection.yaml
new file mode 100644
index 00000000..4852059c
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/tests/test-connection.yaml
@@ -0,0 +1,26 @@
+{{- if .Values.testFramework.enabled }}
+apiVersion: v1
+kind: Pod
+metadata:
+  name: "{{ include "fluent-bit.fullname" . }}-test-connection"
+  namespace: {{ default .Release.Namespace .Values.testFramework.namespace }}
+  labels:
+    helm.sh/chart: {{ include "fluent-bit.chart" . }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+  annotations:
+    helm.sh/hook: test
+    helm.sh/hook-delete-policy: hook-succeeded
+spec:
+  containers:
+    - name: wget
+      image: {{ include "fluent-bit.image" .Values.testFramework.image | quote }}
+      imagePullPolicy: {{ .Values.testFramework.image.pullPolicy }}
+      command: ["sh"]
+      args: ["-c", "sleep 5s && wget -O- {{ include "fluent-bit.fullname" . }}:{{ .Values.service.port }}"]
+  {{- with .Values.imagePullSecrets }}
+  imagePullSecrets:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  restartPolicy: Never
+{{- end }}
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/templates/vpa.yaml b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/vpa.yaml
new file mode 100644
index 00000000..7b5fe135
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/templates/vpa.yaml
@@ -0,0 +1,45 @@
+{{- if and (.Capabilities.APIVersions.Has "autoscaling.k8s.io/v1/VerticalPodAutoscaler") .Values.autoscaling.vpa.enabled }}
+apiVersion: autoscaling.k8s.io/v1
+kind: VerticalPodAutoscaler
+metadata:
+  name: {{ include "fluent-bit.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "fluent-bit.labels" . | nindent 4 }}
+  {{- with .Values.autoscaling.vpa.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  recommenders:
+  - name: {{ .Values.autoscaling.vpa.recommender }}
+  resourcePolicy:
+    containerPolicies:
+    - containerName: {{ .Chart.Name }}
+      {{- with .Values.autoscaling.vpa.controlledResources }}
+      controlledResources:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.autoscaling.vpa.controlledValues }}
+      controlledValues:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.autoscaling.vpa.maxAllowed }}
+      maxAllowed:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.autoscaling.vpa.minAllowed }}
+      minAllowed:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+  targetRef:
+    apiVersion: apps/v1
+    kind: {{ .Values.kind }}
+    name: {{ include "fluent-bit.fullname" . }}
+  {{- if .Values.autoscaling.vpa.updatePolicy }}
+  updatePolicy:
+    {{- with .Values.autoscaling.vpa.updatePolicy.updateMode }}
+    updateMode: {{ . }}
+    {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/packs/fluentbit-5.0.3/charts/fluent-bit/values.yaml b/packs/fluentbit-5.0.3/charts/fluent-bit/values.yaml
new file mode 100644
index 00000000..bcd8982f
--- /dev/null
+++ b/packs/fluentbit-5.0.3/charts/fluent-bit/values.yaml
@@ -0,0 +1,540 @@
+# Default values for fluent-bit.
+
+# kind -- DaemonSet or Deployment
+kind: DaemonSet
+
+# replicaCount -- Only applicable if kind=Deployment
+replicaCount: 1
+
+image:
+  repository: cr.fluentbit.io/fluent/fluent-bit
+  # Overrides the image tag whose default is {{ .Chart.AppVersion }}
+  # Set to "-" to not use the default value
+  tag:
+  digest:
+  pullPolicy: IfNotPresent
+
+testFramework:
+  enabled: true
+  namespace:
+  image:
+    repository: busybox
+    pullPolicy: Always
+    tag: latest
+    digest:
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+  create: true
+  annotations: {}
+  name:
+  automountServiceAccountToken:
+
+rbac:
+  create: true
+  nodeAccess: false
+  eventsAccess: false
+
+# Configure podsecuritypolicy
+# Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/
+# from Kubernetes 1.25, PSP is deprecated
+# See: https://kubernetes.io/blog/2022/08/23/kubernetes-v1-25-release/#pod-security-changes
+# We automatically disable PSP if Kubernetes version is 1.25 or higher
+podSecurityPolicy:
+  create: false
+  annotations: {}
+  runAsUser:
+    rule: RunAsAny
+  seLinux:
+    # This policy assumes the nodes are using AppArmor rather than SELinux.
+    rule: RunAsAny
+
+# OpenShift-specific configuration
+openShift:
+  enabled: false
+  securityContextConstraints:
+    # Create SCC for Fluent-bit and allow use it
+    create: true
+    name: ""
+    annotations: {}
+    runAsUser:
+      type: RunAsAny
+    seLinuxContext:
+      type: MustRunAs
+    # Use existing SCC in cluster, rather then create new one
+    existingName: ""
+
+podSecurityContext: {}
+#   fsGroup: 2000
+
+hostNetwork: false
+dnsPolicy: ClusterFirst
+
+dnsConfig: {}
+#   nameservers:
+#     - 1.2.3.4
+#   searches:
+#     - ns1.svc.cluster-domain.example
+#     - my.dns.search.suffix
+#   options:
+#     - name: ndots
+#       value: "2"
+#     - name: edns0
+
+hostAliases: []
+#   - ip: "1.2.3.4"
+#     hostnames:
+#     - "foo.local"
+#     - "bar.local"
+
+securityContext: {}
+#   capabilities:
+#     drop:
+#     - ALL
+#   readOnlyRootFilesystem: true
+#   runAsNonRoot: true
+#   runAsUser: 1000
+
+service:
+  type: ClusterIP
+  port: 2020
+  internalTrafficPolicy:
+  loadBalancerClass:
+  loadBalancerSourceRanges: []
+  loadBalancerIP:
+  labels: {}
+  # nodePort: 30020
+  # clusterIP: 172.16.10.1
+  annotations: {}
+  #   prometheus.io/path: "/api/v2/metrics/prometheus"
+  #   prometheus.io/port: "2020"
+  #   prometheus.io/scrape: "true"
+  externalIPs: []
+  # externalIPs:
+  #  - 2.2.2.2
+
+serviceMonitor:
+  enabled: false
+  #   namespace: monitoring
+  #   interval: 10s
+  #   scrapeTimeout: 10s
+  #   selector:
+  #    prometheus: my-prometheus
+  #  ## metric relabel configs to apply to samples before ingestion.
+  #  ##
+  #  metricRelabelings:
+  #    - sourceLabels: [__meta_kubernetes_service_label_cluster]
+  #      targetLabel: cluster
+  #      regex: (.*)
+  #      replacement: ${1}
+  #      action: replace
+  #  ## relabel configs to apply to samples after ingestion.
+  #  ##
+  #  relabelings:
+  #    - sourceLabels: [__meta_kubernetes_pod_node_name]
+  #      separator: ;
+  #      regex: ^(.*)$
+  #      targetLabel: nodename
+  #      replacement: $1
+  #      action: replace
+  #  scheme: ""
+  #  tlsConfig: {}
+
+  ## Bear in mind if you want to collect metrics from a different port
+  ## you will need to configure the new ports on the extraPorts property.
+  additionalEndpoints: []
+  # - port: metrics
+  #   path: /metrics
+  #   interval: 10s
+  #   scrapeTimeout: 10s
+  #   scheme: ""
+  #   tlsConfig: {}
+  #   # metric relabel configs to apply to samples before ingestion.
+  #   #
+  #   metricRelabelings:
+  #     - sourceLabels: [__meta_kubernetes_service_label_cluster]
+  #       targetLabel: cluster
+  #       regex: (.*)
+  #       replacement: ${1}
+  #       action: replace
+  #   # relabel configs to apply to samples after ingestion.
+  #   #
+  #   relabelings:
+  #     - sourceLabels: [__meta_kubernetes_pod_node_name]
+  #       separator: ;
+  #       regex: ^(.*)$
+  #       targetLabel: nodename
+  #       replacement: $1
+  #       action: replace
+
+prometheusRule:
+  enabled: false
+#   namespace: ""
+#   additionalLabels: {}
+#   rules:
+#   - alert: NoOutputBytesProcessed
+#     expr: rate(fluentbit_output_proc_bytes_total[5m]) == 0
+#     annotations:
+#       message: |
+#         Fluent Bit instance {{ $labels.instance }}'s output plugin {{ $labels.name }} has not processed any
+#         bytes for at least 15 minutes.
+#       summary: No Output Bytes Processed
+#     for: 15m
+#     labels:
+#       severity: critical
+
+dashboards:
+  enabled: false
+  labelKey: grafana_dashboard
+  labelValue: 1
+  annotations: {}
+  namespace: ""
+  deterministicUid: false
+
+lifecycle: {}
+#   preStop:
+#     exec:
+#       command: ["/bin/sh", "-c", "sleep 20"]
+
+livenessProbe:
+  httpGet:
+    path: /
+    port: http
+
+readinessProbe:
+  httpGet:
+    path: /api/v2/health
+    port: http
+
+resources: {}
+#   limits:
+#     cpu: 100m
+#     memory: 128Mi
+#   requests:
+#     cpu: 100m
+#     memory: 128Mi
+
+## only available if kind is Deployment
+ingress:
+  enabled: false
+  ingressClassName: ""
+  annotations: {}
+  #  kubernetes.io/ingress.class: nginx
+  #  kubernetes.io/tls-acme: "true"
+  hosts: []
+  # - host: fluent-bit.example.tld
+  extraHosts: []
+  # - host: fluent-bit-extra.example.tld
+  ## specify extraPort number
+  #   port: 5170
+  tls: []
+  #  - secretName: fluent-bit-example-tld
+  #    hosts:
+  #      - fluent-bit.example.tld
+
+## only available if kind is Deployment
+autoscaling:
+  vpa:
+    enabled: false
+
+    annotations: {}
+
+    # List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
+    controlledResources: []
+
+    # Values that the vertical pod autoscaler can control. Allowed values are RequestsAndLimits and RequestsOnly. Default is RequestsAndLimits.
+    controlledValues:
+
+    # Define the max allowed resources for the pod
+    maxAllowed: {}
+    # cpu: 200m
+    # memory: 100Mi
+    # Define the min allowed resources for the pod
+    minAllowed: {}
+    # cpu: 200m
+    # memory: 100Mi
+
+    # Name of the VPA recommender that will provide recommendations for vertical scaling.
+    recommender: default
+
+    updatePolicy:
+      # Specifies whether recommended updates are applied when a Pod is started and whether recommended updates
+      # are applied during the life of a Pod. Possible values are "Off", "Initial", "Recreate", and "Auto".
+      updateMode: Auto
+
+  enabled: false
+  minReplicas: 1
+  maxReplicas: 3
+  targetCPUUtilizationPercentage: 75
+  #  targetMemoryUtilizationPercentage: 75
+  ## see https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale-walkthrough/#autoscaling-on-multiple-metrics-and-custom-metrics
+  customRules: []
+  #     - type: Pods
+  #       pods:
+  #         metric:
+  #           name: packets-per-second
+  #         target:
+  #           type: AverageValue
+  #           averageValue: 1k
+  ## see https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/#support-for-configurable-scaling-behavior
+  behavior: {}
+#      scaleDown:
+#        policies:
+#          - type: Pods
+#            value: 4
+#            periodSeconds: 60
+#          - type: Percent
+#            value: 10
+#            periodSeconds: 60
+
+## only available if kind is Deployment
+podDisruptionBudget:
+  enabled: false
+  annotations: {}
+  maxUnavailable: "30%"
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+labels: {}
+
+annotations: {}
+
+podAnnotations: {}
+
+podLabels: {}
+
+## How long (in seconds) a pods needs to be stable before progressing the deployment
+##
+minReadySeconds:
+
+## How long (in seconds) a pod may take to exit (useful with lifecycle hooks to ensure lb deregistration is done)
+##
+terminationGracePeriodSeconds:
+
+priorityClassName: ""
+
+env: []
+#  - name: FOO
+#    value: "bar"
+
+# The envWithTpl array below has the same usage as "env", but is using the tpl function to support templatable string.
+# This can be useful when you want to pass dynamic values to the Chart using the helm argument "--set <variable>=<value>"
+# https://helm.sh/docs/howto/charts_tips_and_tricks/#using-the-tpl-function
+envWithTpl: []
+#  - name: FOO_2
+#    value: "{{ .Values.foo2 }}"
+#
+# foo2: bar2
+
+envFrom: []
+
+# This supports either a structured array or a templatable string
+extraContainers: []
+
+# Array mode
+# extraContainers:
+#   - name: do-something
+#     image: busybox
+#     command: ['do', 'something']
+
+# String mode
+# extraContainers: |-
+#   - name: do-something
+#     image: bitnami/kubectl:{{ .Capabilities.KubeVersion.Major }}.{{ .Capabilities.KubeVersion.Minor }}
+#     command: ['kubectl', 'version']
+
+flush: 1
+
+metricsPort: 2020
+
+extraPorts: []
+#   - port: 5170
+#     containerPort: 5170
+#     protocol: TCP
+#     name: tcp
+#     nodePort: 30517
+
+extraVolumes: []
+
+extraVolumeMounts: []
+
+updateStrategy: {}
+#   type: RollingUpdate
+#   rollingUpdate:
+#     maxUnavailable: 1
+
+# Make use of a pre-defined configmap instead of the one templated here
+existingConfigMap: ""
+
+networkPolicy:
+  enabled: false
+#   ingress:
+#     from: []
+
+# See Lua script configuration example in README.md
+luaScripts: {}
+
+## https://docs.fluentbit.io/manual/administration/configuring-fluent-bit/classic-mode/configuration-file
+config:
+  service: |
+    [SERVICE]
+        Daemon Off
+        Flush {{ .Values.flush }}
+        Log_Level {{ .Values.logLevel }}
+        Parsers_File /fluent-bit/etc/parsers.conf
+        Parsers_File /fluent-bit/etc/conf/custom_parsers.conf
+        HTTP_Server On
+        HTTP_Listen 0.0.0.0
+        HTTP_Port {{ .Values.metricsPort }}
+        Health_Check On
+
+  ## https://docs.fluentbit.io/manual/pipeline/inputs
+  inputs: |
+    [INPUT]
+        Name tail
+        Path /var/log/containers/*.log
+        multiline.parser docker, cri
+        Tag kube.*
+        Mem_Buf_Limit 5MB
+        Skip_Long_Lines On
+
+    [INPUT]
+        Name systemd
+        Tag host.*
+        Systemd_Filter _SYSTEMD_UNIT=kubelet.service
+        Read_From_Tail On
+
+  ## https://docs.fluentbit.io/manual/pipeline/filters
+  filters: |
+    [FILTER]
+        Name kubernetes
+        Match kube.*
+        Merge_Log On
+        Keep_Log Off
+        K8S-Logging.Parser On
+        K8S-Logging.Exclude On
+
+  ## https://docs.fluentbit.io/manual/pipeline/outputs
+  outputs: |
+    [OUTPUT]
+        Name es
+        Match kube.*
+        Host elasticsearch-master
+        Logstash_Format On
+        Retry_Limit False
+
+    [OUTPUT]
+        Name es
+        Match host.*
+        Host elasticsearch-master
+        Logstash_Format On
+        Logstash_Prefix node
+        Retry_Limit False
+
+  ## https://docs.fluentbit.io/manual/administration/configuring-fluent-bit/classic-mode/upstream-servers
+  ## This configuration is deprecated, please use `extraFiles` instead.
+  upstream: {}
+
+  ## https://docs.fluentbit.io/manual/pipeline/parsers
+  customParsers: |
+    [PARSER]
+        Name docker_no_time
+        Format json
+        Time_Keep Off
+        Time_Key time
+        Time_Format %Y-%m-%dT%H:%M:%S.%L
+
+  # This allows adding more files with arbitrary filenames to /fluent-bit/etc/conf by providing key/value pairs.
+  # The key becomes the filename, the value becomes the file content.
+  extraFiles: {}
+#     upstream.conf: |
+#       [UPSTREAM]
+#           upstream1
+#
+#       [NODE]
+#           name       node-1
+#           host       127.0.0.1
+#           port       43000
+#     example.conf: |
+#       [OUTPUT]
+#           Name example
+#           Match foo.*
+#           Host bar
+
+# The config volume is mounted by default, either to the existingConfigMap value, or the default of "fluent-bit.fullname"
+volumeMounts:
+  - name: config
+    mountPath: /fluent-bit/etc/conf
+
+daemonSetVolumes:
+  - name: varlog
+    hostPath:
+      path: /var/log
+  - name: varlibdockercontainers
+    hostPath:
+      path: /var/lib/docker/containers
+  - name: etcmachineid
+    hostPath:
+      path: /etc/machine-id
+      type: File
+
+daemonSetVolumeMounts:
+  - name: varlog
+    mountPath: /var/log
+  - name: varlibdockercontainers
+    mountPath: /var/lib/docker/containers
+    readOnly: true
+  - name: etcmachineid
+    mountPath: /etc/machine-id
+    readOnly: true
+
+command:
+  - /fluent-bit/bin/fluent-bit
+
+args:
+  - --workdir=/fluent-bit/etc
+  - --config=/fluent-bit/etc/conf/fluent-bit.conf
+
+# This supports either a structured array or a templatable string
+initContainers: []
+
+# Array mode
+# initContainers:
+#   - name: do-something
+#     image: bitnami/kubectl:1.22
+#     command: ['kubectl', 'version']
+
+# String mode
+# initContainers: |-
+#   - name: do-something
+#     image: bitnami/kubectl:{{ .Capabilities.KubeVersion.Major }}.{{ .Capabilities.KubeVersion.Minor }}
+#     command: ['kubectl', 'version']
+
+logLevel: info
+
+hotReload:
+  enabled: false
+  image:
+    repository: ghcr.io/jimmidyson/configmap-reload
+    tag: v0.15.0
+    digest:
+    pullPolicy: IfNotPresent
+  resources: {}
+  extraWatchVolumes: []
+  securityContext:
+    privileged: false
+    allowPrivilegeEscalation: false
+    readOnlyRootFilesystem: true
+    runAsNonRoot: true
+    runAsUser: 65532
+    runAsGroup: 65532
+    capabilities:
+      drop:
+        - ALL
diff --git a/packs/fluentbit-5.0.3/logo.png b/packs/fluentbit-5.0.3/logo.png
new file mode 100644
index 0000000000000000000000000000000000000000..bbeddc493672291f12a13c9ab919c893f1ba47f6
GIT binary patch
literal 10283
zcmZviRZtrau=PVoAOs8U5VTO70>ud~#oeV8E5#}9R<uyu-K99irBK{mOL2Gi?|)yv
zdmnbs+u50&*)y{<zi<^L8B8cC6aWBV%E?Nq{ihTERW1bOzuvgS2?GG&069r94fl-W
zOw<(eKdHBCWhYswnTr+mde*Aa{t9P5%=uy!`Qk!iVWG4s61d%TW?dk%DkL(ju`Ut}
zl+E7$9#f<^NK&_dNHqq84us1XIQ3b(eD?F^*8b0jtgMAq&DD45mKKMW`IV(JtM9H)
zZ!3S5w~E1G5D+i`@xR3)_I!F$Mzm7WMt`2M<6u7l#!AXpO^v(gcd30U^nx?328X49
zU3%}aPZ%kj2PCKG#hE~Yq%E|Wk1taVHk%aD>B*EZ<8(wUoHb{2SA-i=Q)wl_Jo#8V
zUpk0;rqRZ^KL6ZOUrXd1S6vKFY%x&Ub1g%gtjQN9Bjf6!symwdO?)&rGKSJkl6z(H
z%+u0qI!~DDr6anO1%`n<1r*00@^WfAshwnVyH9EENb3S8=D+cwk<nv+I2!GD<stwF
z(x4PqqUU8_?{UPBWgp$-UM%&*IM0r*aGIU;=wmlqFQzIO2IR=fjRz>TIXH&zM1swK
zRiOgK&tKIg^f29mL>J~t6h-cm^-o1NnGj)Iw*Ogn<A(@3ozNO~{D>cZpvlqjU04HB
z>wcExiKqPQvex;k2a!{WGTG#`#(7<H7M1=KOU1Q|>|gwaTf;-<yED%hpDz!XRYw9x
z#mqlVTVN0<c|2HPuRyTua}mWPLu=cZjCsAtd4ZTh5_hz*Jk7t;CG^k7z3sShc58RT
z(^-}e_z)=U)2jK&AB{IiB&+YU{4w@*xFIh(u~Rj8X>|T%ysKUZYDM+|IsRR9hKU9p
z`aC=t&k*8$`aeCDv9io|>>7#R#py>eH)l@1Yh(TN^Ltzueg5ZAL=}*O_%{gn-u7=D
zYpukZKp{YtaWHA-pri0A&SlLX&qTJ#7u3>nBT?as+f7_`7RY;A_n=EL(g+F^3avp1
zWX0k5G1Nffvk7Hz?R28w$juQWi4zYof6i&k$Lt9xIt3Y=B<)|nwoox{U&CQr^ef$-
zfAi+sTlL>lokgeZm_m<tL^GOU4K)g-+&l%yFT9W#a&SpOy}IgPUi587ead1ZBG%FY
zT;P16$=;5G@hf|ijlvcu_K(jdgf`I?mw5Am8jvTI`;HJKU`GR2e8i>oKG_je#vcv>
zd7#gSOow}(^W>D4`3g#qX05n;NZ)?f9vhx^lXeo*lp}B_bpwWjEv;&=uIr6`?@&vM
z8y}fq81%dn{M{oVAGA=HTq$?S_!l|O_)o|je$SiOr{ao%zMFFu@Z^bUa|5n&<N#$$
zMSljKj@`z+lNaRz;KpE=qu+mI<jNjOi~hu_shP6Fzo(Q$SF7psH2Wp_mQYh*xQV-O
z5hFy{5ei<}D0?2pv)L1Wjw%owAifsq>?gYy%eamEILYVpS<uJ@#b33oglp3)>l%?h
zZzIvc`d<aWq1KjwlV$XOS}zod!;i(Hcaw@EV^GjNLk=IV;a+J;fXU%^7p<z_^Fr?1
z8A7_QVmz)v_0EEDIGf&q@0TUo^7qR3vqJ(!wFr(dhfwBWxyYoSZ@69E=@yVqE;xnt
zI^qeXzF$)5&$FjuN%g?W7?BNhkq{-)zkfV-wjB3*S`>o=#o)zzgt;}tI7t9Aw0fNs
z$3+aP1#Yfg_4469=QZ+&tELY*Lik9wr$zv@4^1<Vb)_*r7uQ$)+Dac?4dBEkPPh}O
zo$0S6!1}rE%HR?|zmFolb%rHw>o)yPN?E~$O&`9w9)si=O=4`gelT~YJ@lr%n!ZH`
zA<K@<YdZuRRFJ{!|L8zY)=b&9FfJ;#+uB&R=cGiov$!0N7m?|RLBTkEZ1XWiA~mk_
zTgH_lDc1kx2Y?@a?^$$o83q6EG^@h?fB>Z7bREmd&ZzNX<^WU#_adum1r05=2GqZy
z#0Xyf8MNgz-p3T<=gmGX4d1hLmzYl4Bx>W3juVRZFDbC*RGH;y@}_;L_kNS9)X;z?
zq*H}$zQpiCjmSl|hR2Yl+Z9XErkg7YTVG!HM}8B7q6Aa2{?L6sqJM-1?tc9cU=HSx
zg`v9@4?AbQUX^dlhoRAeX5m4NUdk;B7w%Y-LiEviRIg_=MU{vN>?`+Z-IOEa5}Ekx
zdW{V*DSA*+%XPPFtY8=O?$#vBcIlJ+BC?A%^28@}mJfDr9`}*)*}ARd2igM)WC1zY
zS2_rr>}G*b&XzYkIp)S-$-qiPX&;6Kijfi5yXP-p8`LC@CdD@lLj>3Zt)xgAtgF)J
z2^l=*-saO{%HBdj)^ONW9OY<0REGO#oJGWb%AJG+EJS73_e^u%e1|uwId=a+S#;b_
z!I@=%TvIku%w>hRi;doS7(`7+h_TXsxwJ|72}>Se$>!<&MZZ!Ye|eWOI(#Pyq6VZ~
z(ZdP*X?Pp&>`JioUZdr1xQDJ_Oft@e@wYoZpi&wV1IUQl@9Pht!z*jR0Y-ytmc`;b
zuEs@N(56Yg8KGP4d}YtfMe;?D15SBCT^kYB*C0zIP8tXI7VJ;GTP|MiWt7`t%nBc2
zl<#m0aAV|BYGh4jZw3wPOy*b;`I}6CPhxi%PO@6xCWGpoKLi!bk>#-|sBAp;F_K)#
z6<l{pio;x~NzZa+2cpwy*!CrW7w<6V{SKe0@B0`N%Z&BjqvClB^zAvItqY)i(Bx7R
z!X1c<y2g9cC`@?}dvf)@bIS3i-eZK9^-2#R@W!BZOCn+rZN?#*VP+OuIJ+7Dk%MJz
zu<?PE54fRAXe8Q&r&44TTmmCC#Ekm|QdttGQ88QB!iA2m_>Q72rvx#7WDvTT`%17{
z^VrATUq*mQj*3f%n#E~L5sO4MfkkD9=6P0YC)ZML(>?Oyvj`}h3L_F}RuI2y<&s@f
ziPb1qDeT4Ml9oOA!QtL7!8pk+34CjX%2?<HkURV!?{j<1m+L}R$4>Y_my<frLQ*MT
zz|^tDExdpvo>{5FyOHzvTa^cJ6Vf;6gFL*;NDnJ3Rnnmu2n(A?A;r3@T53PL+f6}c
z;gS}4yrKWv+B5!r6^}_QBVdaTw-w2nBBLxgCqF?NNckisDXz@T{xFyAdBOVqVKhSR
z;F3*)BkLHr&+&dh(@ry~us|iFQBnPngTEhvqk<Xl3bY~<cVUeawxJV$-)AtDlv!8i
z`OJ|nf+oA$WRolm(rJ&*iz1kM4Hd*jEQX!S-42T(25=Go!ou0%b%+s~hB?J2yxg~v
zpJfh-^iu`at6%?QuD$+>Ohslv$uc$)DNOyD-onGJ8!lEA`~!!WBWPOA-}JpoCs`mh
z*tLY%=jV_+0T@>raR^v<QZNlfKf{5FHQ3QSuA~M3=)n2b;jzqFgcgbwVM5V&myN%U
zNgASf;;`JvzB?Xvb6d4&iL_7d_8eyc{S>8&XknyTJyy};VSCq<8j$JpGA(!;U6=Vu
zOIDql*R+E2FE2<4cl(D<3AO)34Qn!a)~pK=G;#dtIl)>m=yZl#+T7A~0b5q4=KSKz
zuby96ZS}TU^p$cG;Q*0bofnvy4&L;{Qsw0#DeB?we)1uWWTEp9jPfq0_C7-+@M@;w
zzjAW)0a8xoaLg~CMuvw;9{cFyFbZ->tPC;zKk|8l{<(S`7U;MX?>6%kpLRT@Xew+1
z^Kah!wSGPz${g2nfnB0O;m#Yi-t#kR-|pLCI!YQDYZI=5rG0Xy1!H9cXGG^ic%$Jj
z9Ac@ySonW|pmL<ihIF>HC60v7h-cYD>VBhNF8qo0b!x^8QmO2`xO*VuMdGfw5go9_
z%QW`7O}SUU^KDBhiu*>>9SLXq>fI?(wnm&o(_x=sGUapn%Y!dUI;V1bvqN9#PfPh$
zCg-^w-K;Nj0m=OdyY&=gHvQxIX_D`0=-RRHt8)16s;-l%NCt{eo7X@tpP!*Ioej@`
zKfURMKi2KJ$^CJa!2>_H@^_q4U$3aWZEqJD8?nLz)wG8pjH=0jq6;rNJ%#-*vHS}{
zmLsQ0evj4Tz|*9!pKpTV<1Hk+hRq~_W553u*j`@66G^Mmbc=HQVedzHZAOONA1mFa
z`@<<!+^@wI!&!Nu{e0|dW;iO<WGnQA`(nZ=msHhy%+LufnxIx!jh1N6k;=|nF4&2u
z<?W94c<_VgZ*m7pwVU1poNqkbCuGyai5vYkf@ivsCb$9A_A6FY22aOw9KHoa9d=k<
zm&|TrHg5H|T8xHS)t(?~dH)Vt)BAn3nA56LLw=@j-|BWzpWnhW^X+vmlp_Y@nC6FB
z7@(5V0BcBFhy0vRoes&%HT3{Z&e2JF4b^jtsbwOzf#&vk%Rp26)|yH0>sL4KGke?Q
zo!4pqBGEIw;Vbr_{0%A<yZ^SHEFV+xHlWy^A7`jt-jhtxmbz)@mrX8n#bN|qxmQs!
zJw6>on91g>v)o?D3EP<ijOY}to}h{yLqQaw+K?fm>%{rDz+BvpEtj0OM~2^BAFFf=
zESmQw-T}Rjec?4adg&xMZ_Yf2iZnc!$)wxPx~WHaFT!e++5B7%b_(3P95{3tPTSfv
zE-#fT-i6B)H@1K}oO_9HZr8!I?jC@L<Yx}m88jO|hb`NXx0J*XB-{I*BRl!+!>%0^
zekj^|w8xc+#aUpmmB9}OD$em5k?(#U6wVI&K}D0g6KsFfjgHBhJ8u5)SaMun_#c=L
zA28UXuhNmsT`fuXv-}OHSs~>l(;O6`G%Rk>=uAq&hvUh;vmbAxxZ)kSBcoco8(p3^
z@=;)(b`0Qz$BY=>-W`box~bASdS{r`Fhx_2uKh(<DE-d0NdKnnZaeO`%jijSN~UE>
z(S2YmoYB6v7~SBR=eiC}QPn@|r@iSPF$SC-tp%Mm7}@uHcRdO4nVk4@6MsTx&X!}@
zOHkx*r{i<^e*Ed~A-|D}f{+pUX2e=ZoF9`B$_3U+9xFr;=l#Pb)>hZqk>cfRvDdAs
zmjV#v68An)Uy7u}LFicW<xj)j^mn%1go}J>GbVW)SvyIu<<~G1p$zh}sK-h&b7~X^
z*jHKyY8uz4wD=y!Gw8Hej&2=XfKrsy`4BLH%}xF9zIh8qysM{TAX=H#rcb<y16;Ct
zaE3NpD3{8_@3$HW(NUd(VSdm3#EFMKcWL{>XNy(ikwr74LyL)cjLmC?HQ(Qpc6#-?
zeREQ|Gjg{aQMD1g{k~w?DDpktEj=t%{pyG;{_T1Wr^rI%Ja&5elS1>cE5~1W>E4Q_
z8+l#&;ysNC;=k8nOYuW8aBeIHeZZly7X7OYCuW;GQ<K5YGPXO=kuX;MDw_4Zuia%!
zSN^v~{vX{V;X*&KN><Zdj~#sQ>@qAarE3GW|9vyE=lkSi()N|sN7ryPtcz`&y7IQt
zbRn4jxB%OJe|L7#qu0Nack8lfK?oT80<6m{tDzAi4xHFN-FN%zcVeK+fuhIVH^T*f
z6K9>R=DXKBc<{ZJNGs~o0XBzOwvq2`!l;<EP!zhk?7K@s!CU4?uRiDJC~HhHGMJ|{
zXCx|$1mbMU8#Bm7>wy}K5=Bx}UF=JE2_T2mi)n0UFL?31uIrHfHP)p9c<GOt4}$E=
zjS5|k_J+=vW!hgRxr-e9iEHjw9pf8=Pt@~9=7%tKFU4nfihFB+@Mp=^qNyn3VU&UP
z1k3%r#k)g`oy}E@46g6<okdVoD8u}!LzVeyxvpvD*!=x>zWsF2-bk(?Ia_=wTKz>X
zi&ke)2t#*b3rk1Q*a^~SV=7OO@lk#3Ye`i|M>4t6Ud@jA67Gl{_5Li{x(<S2mn>#5
z$8GHYW$pYJujwdgIp#5Hv4-Z;#NVgJm&wc1B8`WYv~fYdBC&AcnJwb_P<?9LO^iLh
zImccKZQirPzHhQ0P>Th5J(I<Mto~Hfo_#bke)MLWHWlSMDeZi597-C1EK}N6AiGsx
zUVJ$yno=q+7ZkoaEkEU3m$Jx?ND%Y+N`tAL35tc-UIxcIZtD194+DH52>ohgjUk&%
zX76qexIb4kVuoq}gst|Kyd}1VMl(U9Q{#574@oyzU?*mHT+m(O>`|xg9*ev}Vy7}7
zRj7#ElMx}YWGpU`FF?D?@u<;@QRd&_?UZCZd$zb=Ue;Cz|2CqMiy$Ca%0HeUI8SF@
zYI6K?#oFIlI)vI15E;#kdVc+bIB{q@W~RMi-_&UO?}mO`p2hE^fvH+HRxfPw!>-ZI
z7F%!TUOb(*l|z8X6{{1k>z+eu)}WV*zoRim)p3EJyl~={3ZgBAg3%-$A$k(Wu#bTl
zx-)wKb`DiS+8il&?C<q%+qiR3iDos&!(O*v9bGO<WQ6QV47SHBdUbDT_#1e^NPKe)
z=^RnaXc@g0ZHV$>va-RYokOK3vN{Q=vDmg}&&{fx71@&dzgjFNmpwt-{mGhV5=2Ka
zE(poZ;LN(;(7p&?YucnVbjLicr_3=rpQft~wAY0P-ia@+bE(!|Lg@_lXvzFqz#Fd*
zg&u3h$}8{GMU&c|6D4hEvivM>%!xTZRmGehs3{fTyK#v&nZNWvn892cU8;L@#}l~w
zQKG+xva*_-Lv4g{5@+Q-MRg{1nEsd-D|*^LKB#L?7_EwnZr5mwX20lKr9CH`t`K$n
z;W(jE1_=d_bYi#8&YBVhWNz>IHa!rZ)K-49901K+jd+N$4AzzSW_!gMNFdMLy}#a6
ze?IUc7MMYvz&#ACE?OG*<2zgVh0pdJK${ub9ILLg(lj_C`tQ$Q`=d~b<>IQPjMWI@
zl&ghWY%D_}5n%k$+V?sR_q>hBXk9~Fe%?*B3fqP&#8s_5=Cbw|tW<v&UJ*Voirg%+
zRA3f+HtT{vS1k=J7^{*%?<2(oh1;=v(0J)P!X>+Af^4^<#_=$98jnMb+2`woUmc{Q
z_)aMo3pO^``b7Mbyc;{!x>;U*cqyEtkyGb8lBHKCHE&%$&fkytV$j}oUcsHuY(FHy
z<<ff$9fojV4OwX2M-QAfC)KF(bW{nZM6&yTa)ouYi}m5pA2+)<<F=20>W6jYvDCJ<
zc=?=ua6;jh^LnNg^XJ)dc6O>&;#J<`$g{nS<kFk16ZO`5MSlBd0~v4#=2t8F5#f6c
z3*%56iO&IQUwquh44`++Hok0T-}GMfg0Rl9O(A8dCiWF1H@KoMs)_BQgJMDgcJkDu
z7`kIiPnX!WMJ%)U1ql!M^A9a<9U^l}t}Ca;>7v)e4$IwSp75+IY0rbKn*Q-RwYhuM
z1x3?KNkwp{4T7DR2<Sl#U-gbf3{EC&+)4JZd5=DA#~7;%((1UK&amx$Z$PMj5v||*
zod<$caiKQ!jGr#lD|T2_Fv>bU;@_fveO+)VGUC2?)taTe5FKtD)uDL#peQlJsWBRK
zFH#!@xBY6n@=g$`47V$JIv*Cv7}HI#G3ux5yVGsHbZk!!b#fO5(=4~xceS{?o}@QW
z#3w&}_=NVU8DnJtxiH6nc_)2egQKZ9%53$$Iw?tC&SGU<UH}Tk=WlCu*7}<T(KY)I
zW+k2<v~J6(?CdAj#;VsRh+SF=cvE~Ld^fdJSIOteE_#9V3pW$Z=^6xv8Ru1e)temA
zvp#jwhewDss9pgDaJ{{neG1Sj$9xpTQE!R~3@^NQG$<RjbEMHsf(}0Cz!<2lG;e!;
zo+&Nhu7E}-i>CSnPOoI;sC*;HwYA?p_SY%6B0(^!&;Jp-B&qtB*aX0ofhXg_GYTEf
zi^32YKP++^({>VUjB$OF17N@2`9a~5^FeXd4zrPp3K}Dx3{oGi2@A3`uB;kOH2gY4
z5DMCF3_0iq%04R-DWwDl0AA0XQUK)lKd25GFYVVH0?}}<9!}I>rscvx)s6xI$g?2$
zzX$xCET{UO6Ab1HHH1L?snG+Mcun(+g~_cRf{;4Z0D=0W5E5MldRuJAFLVCR`5;a9
zBY<>@(Q#*t1j=FV4EgW;qR`*&TJZkV^Ai#h*#Ry%q@WnKY)`@h2(6(8{5Egu@Ol#3
zoYtehy#C4XNRYSL&{g7cyP%7W7VO6fZOEix{HoXo>*g{N<!qM3dUg;47*pv1U!P*+
z_kIp=e(wq|(2WsJ_p(qRGwjHT`Q6eJzcGm#xpr+yP5I7)8J>Bp-+;%M_)e7A62V2-
z6K6lqroO|1V2Fe<a1G3ChD>=OEE_<l*@kF>Sm#?N-AA+*soZ{Sy+@s5QKLNgbCjiG
z6X_KMiNH_wjbV#V9B-<?1#4I*5ppsru}jUvZte~!K4~oGQHdYl?t9j4S>UO&Pty5g
z_TT+$uVc<_kghqV`}NhfSu~To2)^I~2^mF=zY{4yYqcXCJB@FkwckZZ9~>B0Cdz&x
z^S>U&ZVsu+l-Ot<_jAe1_l7ZleY1<7)Qn}xHe)=)Eou4?3fHJll~`@_h+KW@KUqIN
zM{P3$MQ`GK$u3x1HWQJ{$!Uu=;yC>GBAB*8-N~vF7y7WM$dwcm&EC3Wy4k_6i>qIY
z;TZwbxAd=w{jnoJR3X%gE5g@Kp4Q(wVgs&R-qNE!l$rr~23IztbocioeaVz2IR|tn
zpqy75JDSLd>Ez(!`L!Im2hM2v%RV&%7#>hEtkQ$b9ihg{&Ee~5ToY~b7bBzLP1MeR
z5$o4@#I0|j`RN~3R^>O;`SqE5w~#>X5Yj_BE7BPF=TmCnfor=wyO6mKJMq`N98iI?
z$}@AZs{G%nZ(!OSO7v38lXRt~Msn_$-w`2iip0dfs}e8fiAlAhbg%*GO#$>!xHW!B
zF!g~r>=J&KY`XWhXMz`3EN5m1fSHqmpR2e%+jDJ{ZNSKfv_G?2_lY-dhCYEIl!+D|
z6q_Pce2*<7t0lh4?B8Ur#X`<WAkZ}Z6}5RU;g#))mV^&_WBIf7^!l=t&=ahpCfS7p
zl!5s;uDJxpm-(9<F=hm~uAv~~$EEFM*vBv*<rBL@X~Mel*Nb;qX&0We@kf;J);BaP
z;QA8*Z*iTIncZrQ_Fw>}t(KCo?^a!mI!OE6tM4AA@&+yexfz5V4*AYlbA3=p(@W?P
zz7zukQ%PH~k&{|?=Z+r-qZQKrQTt&ay`<KTS}<g@QTIgv>q~Jho#dbpUcp+@=@yCX
zpE5#~UCbRLRr$+{P6I~w|FP$>B>CE^1diewZ*(FZ5H{$D7ia!){AZzmTkswT9r!Ob
zi!mR`ww?Z%HsMp6o%&r9cTH;M;JjytcY$C{=1)Cy$SApJnh3fhVm{)Lv#)+ZztsdY
zg>8CG)(+zj7k#V6GScCd_#t5Vn%g&Z^H#M&L9%L=Z)0%6=tY&-PV}Fauz7zq)QE%8
zX6HQ^wZqA_J*8FAWQ(_N_>FDi)QU~5QPmevxvPd(ng)QVd<EWRqoN*6>TrjGJy5~)
z!{*{DtJ_$nIR3V6(Zo8)X18O1L*+waMF8?+)+Jd1lH=nxKe**lLS7Zhh$UXX-A|Mu
zhQGb2kz{x$u-v8H&X%L|u~OlO4)u|?FICG^L7q3-8A81cC|~<}gHBi$;RKdS@niph
z6=cNfw(E^&m>ba3^g)7ko^a<cwy+dCJQMks@fmsH6b6mi<5@*CAWR=vDOuyTSixpU
zEr#?-)ChFBd;8*{*F&Ces-B_nv<X$d4QO=xL7JY5i)cLi>f*xGD{m;_`}i9Hf817{
z@u>SwcJK@{Jp!8UCf5B%waa{D9i<hOb-dXYeLyBM6Vdj(SK?*XkToIb7wX<??%BVk
zf`lgetJSXwohrReCKn?pO=aSSmA^F&QN;*AhUU1)i{2RfTA-^l?BVnbg_z~wYd(1n
z+B+&3LVAyS_ivx}-jAy$G)Jd9E<&$vz}m@e)B=8UI11e`YJ(<mF!hqh^h$Yn|5pLc
z0<29{Ntrt*Y;ycq_X3Dkp{r(--E;3*BZ6=!+rX0w>(9xAHygj+F^|x}9JPZA!Y%tC
z!21+w8})@*$tRA9TpYRxL_^XgzQ0O0V;)-4;$_yH{wQ1Pw#MRdk2M8oV;wpSU{-#%
z>p1>Qjb5V7-p*>F#A5764^H8wpTiI=oUGQT1e0#C(6Hug3px%@(;WBoUi%cOOuPvO
zb2<Et#3qkqd?7+A*t0L3H*O<9A|Wlnnb;#m!(n+B5aiwIBZftL*6=Zq+gq=Hw)m&X
z+byKuA<RHFgC`TIs4fBVNjgJ5G$f>g;DP{<q7yxLi;TbV%~tzkQB^AIKEUCT6V`?8
z%9io<jXIMujLiTiNA0fiMax4rOS3|hsR;Br-<E@S35%i@J56YIVuJ}e?OT9?8?0+N
zcP)!T6wP}@xB1mlfnKZ=&H@9Bc%27;NyR&-m4mGhB~%S0>8t~y2<80nGO~&Tft4p}
zR_6&4-!?{tYAhjP`sAYEm~5aH-lHtj=fVWaRp0A<kM=3OCI|3{6#HMlz=(od2>e&3
z|3+Yq_t@6DyPgzoJ+qOOTe5g@If!Pei_FcCI}3*72I(TmbF52UdJhd#!OWa?9ksUS
z!o0*-|4qP1#O7NP>i@u{;*ftgO!A}KCqL;j^16=SI1eN(2~;6K>wBC8Z)wYSu{Xo%
zTB%uvVTtB_JV$7?^4$c}h;TI(8h|{@3*x9iGk8n?m%3NT0lJt_2$sDh20EeebN!Uj
z>I0jKOKp6^;8s8`%P|c-i`EpBWL40aB4aGZl%I`FnEPk0Bn7KSI}>Z5dy4WeY5;C7
zyfoacL~XNCahXGx^4Zd`)~|d261shl@*7A1&z!A{G4qeFV;$T9<Lew%sF%e=eO2ei
z{1lxMV&MP|7Ymzvz2jJZ(V+e@+}k6D^3AlF@MI(Tv=fZfE^xhQXGL05ZswA<AViDI
znUyM%&Vx2)-|`@I&Kn~3aRF^_D)}@s20+Pc&J{Dyi=hDG59?XM#x@dkHoB4VPN(I0
zDgppdcm9V3Fm0Swgk((L7+dmkXo8XZs&OaGKb#1I0m8|)&j{r=p+3Y{!Ysdz-$*kV
zEO=h~c@Jq2U@(41E=_6L*!HpngcSOBVfwf%XVm<nI~R&ftgW1n$E2yRHlNhB=cErr
zvebd>MHJpDA}L%WX_>Q1G*YpA#b7r_RDl1rn6=ZoF(<aAZ^(?Ik3GCoSL9&CZ}%r`
zH}Zo475%z4_{e;EYlyzB?jF&s+hRK|ab3q6j<A}o#;Mn3bF=a7surc0OfY^%Vs$U{
zZ7Z50fSAPX<I)n#uo^?2kTSfQ4LjS}f3<|}{p}0ceF?N?Al8V`Ld<vS8AsCPv9D!+
zdB1Rc5e;tq3QxYrSc^N$^J(*(^X1aQ6|T4JZvGfxMX8biY<X$OR)`2}#03-yV2^-=
z%X-3?BMTiNww7yEBTIqY_`V%p-5#PAZ_z`8^YA7xhfjnQ3eQA<DMR=cBuC9n=IxHh
z8JA8C;tx(Jo`)wPb%&|A-La|~z?S_6!SD3MRg#dtAZpJfe<GtI6XEvsgRL*Z4}5Eb
z9Tb?<^;Yx0`8z+#gCyi9A$vR9ZkbZBxm_XJ033PTzGtT*%dZ)%Xk@E(<^3>mf3~G_
z<6Y6=1W0H`9&7@8t;r0B{z?;YhU5mjsK8#>S)ASX+8RYO(w~9)k1hDlW@x9-h#9F&
zl-IBuc;{;Dre8n`9n9Xw7z$_VRF3SVi-ik9ob-HbD|>8u#`8y5h788*Yd!Nr&-n$b
zGV0<Nk;MM0R0CT)_D2&VmK#!3JUu_FT%fSBi=Hpuhw@LG#Jo4LBl{O*mGmb1(<v(L
zofl}3=(x>E300kOfElWWaC^RP%;#1xrs2l3-i&<XNQ9MsI#aa!b)n;^(kMyjd0ax@
z+u{94HtpX<bpU>b|B2^i<1ka9G7{YWE&H}Fy-0yHZS<PzK>Ok(SA-&!2W>`rX1>%$
z_b)Y6h*Yv|`$1l(qaNfUArMF9`7pArto%q$exD%Ye6$P0Jt16gxxwx22TcSwErsP_
z+$b~^bjJx3@H-4VJ^t9pG++azfx4Y8iwb45cvI2%GuN{9M)f2kv2Tq$jtKa;X5TNH
z9xnQq$OpW<ze|XJ&w8g!odu+;Vx8FdLnN>N*2bP5{{)O+bIltk%Nx6-RM+=K-G?&S
zn91Z}*9rEy4z5vwtOTe2MPO<hHVzeei6O=Q0(zSK!7jE_9drilNm^VvqJDnexqMKV
zHz&Qe5-DIGyl<G_ZNBWezm!lY&B+-MMB3NdJv>NDFD+V)#JPxbaezA)y$54roc*i=
zy!(3}l!+6L+$YfXppfP3haKH%x#t`;aBaihDX)`BLtO>B8W8p6Fng1;Mhopn-p2NH
zbtno%=03MF{5)#;XnGNKoFXtbA6dKGzmEu;OQxDROTV?4E&p${$sjt?Y*k6}u*q5s
zBqaNAT-s7Hu3-M2m!apUs5%wz-1k-rtv%1aOPzpaE#q1fs%aIKGmK{c7q{)N@0eC^
z@pJbe9q51RNJ;pp*ZIEqJo>tOJRNUgfpxI(*DlX*iGCihYtt~oLlqFpJ`SUNiuBkp
zakj#LPZ*l5-OI-J`!AlKY`<LKJVgTAAM=N+3<ouE@hO7Xa*F3!F2o^r(;7~KDqB3w
z8Y2J;R`d_X;>%C>nB(+yKfi5$v80FVy;cqX^om)G%CREhMw*@W6gmkKPL72=#Q`ga
z51i=p?MALi)g5wnfpx2t-^gj4J&7N{1=h+HZ5Q9NIST{xEW5x3ouB?Gm;V$<_MUK{
zD%_JzAit45Lb1X+iIdaWN6%KWS!GFWM>o!A0G$cGEmdxF8?3BUkm{}u5azkXYjJp4
zlUd6~#-Fvpr^xc;fyj0A4m};f5`6It%CJP&bUH;J2HTKlACzX?DK^o6T@h)i>g1|E
zrOVIX%^RhO8doHpyy+!7z+hQ(4Qf3^%+m+|W+lzBhecon;VK}f>Y?z|V0=F8I$iVa
znwg_X>a`S(p3sBufny6h+c;m7q<8$mKGJPe5I|Bzhj%b^iD%W8VqP7=QyQ5z=1iQ_
zJz{yo+M|_o^-3pc<bLesW@|1F4y5xToTzPB6HLWzi}iP<&KrntVI}4K_)oGrg<oMj
zY2&Ql_vZ&sh5NVQI{;%F81&M3wIMjinFs=6wc}10i?*8p{hc^-_n_jF)P3&+UMt38
zf>Tjzt_cr5O}W%%m<nf95<3yD+ky5JCHM8;Ca(Edzffc<&<4QK|Dz~Q4|kL#h({Sf
znaYf5a&ZxeL9r~`eNjL7EtYhF^sm@Dq=HUS)Co_-84gS*n(1Y)*+X=d0p(jx)s|g=
z6$>KVhA7X40B}L;pAYLIw&Wz1X=-<WsEtTlr91%okNTV76;=m)tX(34{`7Hq$={em
z66>5UW?V_PVWS{Ja)L;?<VhEx0XXDnt$;|}0V>4GjB$!T*p)P*^k_c!5^L>9t};rg
ziccDePf`L)!c}HunI0n4>ZS6hie$zgL&6dWh-somP5(rwZws4m%2-R5CFPX}gsSlP
zYgFQ>a3cyq)#6MSs`7@x09bG<H#F@<-aRKp1(7KkgcXtVL1Ln?Yy!;YX7gO}Eq$>P
r4Vo%W82f+FbpJnMXVL@&yix@P4`hq=R4)Gq0RrTtlq7$On*{zp9&Lkq

literal 0
HcmV?d00001

diff --git a/packs/fluentbit-5.0.3/pack.json b/packs/fluentbit-5.0.3/pack.json
new file mode 100644
index 00000000..ed8c2460
--- /dev/null
+++ b/packs/fluentbit-5.0.3/pack.json
@@ -0,0 +1,41 @@
+{
+  "addonType": "logging",
+  "cloudTypes": [
+    "all"
+  ],
+  "displayName": "Fluentbit",
+  "eol": "",
+  "group": "",
+  "charts": [
+    "charts/fluent-bit-0.57.3.tgz"
+  ],
+  "layer": "addon",
+  "name": "fluentbit",
+  "version": "5.0.3",
+  "annotations": {
+    "docsURL": "https://docs.spectrocloud.com/integrations/fluentbit",
+    "source": "community",
+    "contributor": "spectrocloud"
+  },
+  "constraints": {
+    "dependencies": [
+      {
+        "packName": "kubernetes",
+        "layer": "k8s",
+        "minVersion": "1.29",
+        "maxVersion": "",
+        "type": "optional"
+      }
+    ],
+    "resources": [
+      {
+        "type": "cpu",
+        "minLimit": 100
+      },
+      {
+        "type": "memory",
+        "minLimit": 128
+      }
+    ]
+  }
+}
\ No newline at end of file
diff --git a/packs/fluentbit-5.0.3/values.yaml b/packs/fluentbit-5.0.3/values.yaml
new file mode 100644
index 00000000..740833b0
--- /dev/null
+++ b/packs/fluentbit-5.0.3/values.yaml
@@ -0,0 +1,558 @@
+pack:
+  content:
+    images:
+      - image: cr.fluentbit.io/fluent/fluent-bit:5.0.3
+
+    charts:
+      - repo: https://fluentbit.io/
+        name: fluent-bit
+        version: 5.0.3
+  #The namespace (on the target cluster) to install this chart
+  #When not found, a new namespace will be created
+  namespace: "fluent-bit"
+
+charts:
+  fluent-bit:
+    fullnameOverride: "fluent-bit"
+    nameOverride: ""
+
+    # Default values for fluent-bit.
+
+    # kind -- DaemonSet or Deployment
+    kind: DaemonSet
+
+    # replicaCount -- Only applicable if kind=Deployment
+    replicaCount: 1
+
+    image:
+      repository: cr.fluentbit.io/fluent/fluent-bit
+      # Overrides the image tag whose default is {{ .Chart.AppVersion }}
+      # Set to "-" to not use the default value
+      tag: "5.0.3"
+      digest:
+      pullPolicy: IfNotPresent
+
+    testFramework:
+      enabled: true
+      namespace:
+      image:
+        repository: busybox
+        pullPolicy: Always
+        tag: latest
+        digest:
+
+    imagePullSecrets: []
+    #nameOverride: ""
+    #fullnameOverride: ""
+
+    serviceAccount:
+      create: true
+      annotations: {}
+      name:
+      automountServiceAccountToken:
+
+    rbac:
+      create: true
+      nodeAccess: false
+      eventsAccess: false
+
+    # Configure podsecuritypolicy
+    # Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/
+    # from Kubernetes 1.25, PSP is deprecated
+    # See: https://kubernetes.io/blog/2022/08/23/kubernetes-v1-25-release/#pod-security-changes
+    # We automatically disable PSP if Kubernetes version is 1.25 or higher
+    podSecurityPolicy:
+      create: false
+      annotations: {}
+      runAsUser:
+        rule: RunAsAny
+      seLinux:
+        # This policy assumes the nodes are using AppArmor rather than SELinux.
+        rule: RunAsAny
+
+    # OpenShift-specific configuration
+    openShift:
+      enabled: false
+      securityContextConstraints:
+        # Create SCC for Fluent-bit and allow use it
+        create: true
+        name: ""
+        annotations: {}
+        runAsUser:
+          type: RunAsAny
+        seLinuxContext:
+          type: MustRunAs
+        # Use existing SCC in cluster, rather then create new one
+        existingName: ""
+
+    podSecurityContext: {}
+    #   fsGroup: 2000
+
+    hostNetwork: false
+    dnsPolicy: ClusterFirst
+
+    dnsConfig: {}
+    #   nameservers:
+    #     - 1.2.3.4
+    #   searches:
+    #     - ns1.svc.cluster-domain.example
+    #     - my.dns.search.suffix
+    #   options:
+    #     - name: ndots
+    #       value: "2"
+    #     - name: edns0
+
+    hostAliases: []
+    #   - ip: "1.2.3.4"
+    #     hostnames:
+    #     - "foo.local"
+    #     - "bar.local"
+
+    securityContext: {}
+    #   capabilities:
+    #     drop:
+    #     - ALL
+    #   readOnlyRootFilesystem: true
+    #   runAsNonRoot: true
+    #   runAsUser: 1000
+
+    service:
+      type: ClusterIP
+      port: 2020
+      internalTrafficPolicy:
+      loadBalancerClass:
+      loadBalancerSourceRanges: []
+      loadBalancerIP:
+      labels: {}
+      # nodePort: 30020
+      # clusterIP: 172.16.10.1
+      annotations: {}
+      #   prometheus.io/path: "/api/v2/metrics/prometheus"
+      #   prometheus.io/port: "2020"
+      #   prometheus.io/scrape: "true"
+      externalIPs: []
+      # externalIPs:
+      #  - 2.2.2.2
+
+    serviceMonitor:
+      enabled: false
+      #   namespace: monitoring
+      #   interval: 10s
+      #   scrapeTimeout: 10s
+      #   selector:
+      #    prometheus: my-prometheus
+      #  ## metric relabel configs to apply to samples before ingestion.
+      #  ##
+      #  metricRelabelings:
+      #    - sourceLabels: [__meta_kubernetes_service_label_cluster]
+      #      targetLabel: cluster
+      #      regex: (.*)
+      #      replacement: ${1}
+      #      action: replace
+      #  ## relabel configs to apply to samples after ingestion.
+      #  ##
+      #  relabelings:
+      #    - sourceLabels: [__meta_kubernetes_pod_node_name]
+      #      separator: ;
+      #      regex: ^(.*)$
+      #      targetLabel: nodename
+      #      replacement: $1
+      #      action: replace
+      #  scheme: ""
+      #  tlsConfig: {}
+
+      ## Bear in mind if you want to collect metrics from a different port
+      ## you will need to configure the new ports on the extraPorts property.
+      additionalEndpoints: []
+      # - port: metrics
+      #   path: /metrics
+      #   interval: 10s
+      #   scrapeTimeout: 10s
+      #   scheme: ""
+      #   tlsConfig: {}
+      #   # metric relabel configs to apply to samples before ingestion.
+      #   #
+      #   metricRelabelings:
+      #     - sourceLabels: [__meta_kubernetes_service_label_cluster]
+      #       targetLabel: cluster
+      #       regex: (.*)
+      #       replacement: ${1}
+      #       action: replace
+      #   # relabel configs to apply to samples after ingestion.
+      #   #
+      #   relabelings:
+      #     - sourceLabels: [__meta_kubernetes_pod_node_name]
+      #       separator: ;
+      #       regex: ^(.*)$
+      #       targetLabel: nodename
+      #       replacement: $1
+      #       action: replace
+
+    prometheusRule:
+      enabled: false
+    #   namespace: ""
+    #   additionalLabels: {}
+    #   rules:
+    #   - alert: NoOutputBytesProcessed
+    #     expr: rate(fluentbit_output_proc_bytes_total[5m]) == 0
+    #     annotations:
+    #       message: |
+    #         Fluent Bit instance {{ $labels.instance }}'s output plugin {{ $labels.name }} has not processed any
+    #         bytes for at least 15 minutes.
+    #       summary: No Output Bytes Processed
+    #     for: 15m
+    #     labels:
+    #       severity: critical
+
+    dashboards:
+      enabled: false
+      labelKey: grafana_dashboard
+      labelValue: 1
+      annotations: {}
+      namespace: ""
+      deterministicUid: false
+
+    lifecycle: {}
+    #   preStop:
+    #     exec:
+    #       command: ["/bin/sh", "-c", "sleep 20"]
+
+    livenessProbe:
+      httpGet:
+        path: /
+        port: http
+
+    readinessProbe:
+      httpGet:
+        path: /api/v2/health
+        port: http
+
+    resources: {}
+    #   limits:
+    #     cpu: 100m
+    #     memory: 128Mi
+    #   requests:
+    #     cpu: 100m
+    #     memory: 128Mi
+
+    ## only available if kind is Deployment
+    ingress:
+      enabled: false
+      ingressClassName: ""
+      annotations: {}
+      #  kubernetes.io/ingress.class: nginx
+      #  kubernetes.io/tls-acme: "true"
+      hosts: []
+      # - host: fluent-bit.example.tld
+      extraHosts: []
+      # - host: fluent-bit-extra.example.tld
+      ## specify extraPort number
+      #   port: 5170
+      tls: []
+      #  - secretName: fluent-bit-example-tld
+      #    hosts:
+      #      - fluent-bit.example.tld
+
+    ## only available if kind is Deployment
+    autoscaling:
+      vpa:
+        enabled: false
+
+        annotations: {}
+
+        # List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
+        controlledResources: []
+
+        # Values that the vertical pod autoscaler can control. Allowed values are RequestsAndLimits and RequestsOnly. Default is RequestsAndLimits.
+        controlledValues:
+
+        # Define the max allowed resources for the pod
+        maxAllowed: {}
+        # cpu: 200m
+        # memory: 100Mi
+        # Define the min allowed resources for the pod
+        minAllowed: {}
+        # cpu: 200m
+        # memory: 100Mi
+
+        # Name of the VPA recommender that will provide recommendations for vertical scaling.
+        recommender: default
+
+        updatePolicy:
+          # Specifies whether recommended updates are applied when a Pod is started and whether recommended updates
+          # are applied during the life of a Pod. Possible values are "Off", "Initial", "Recreate", and "Auto".
+          updateMode: Auto
+
+      enabled: false
+      minReplicas: 1
+      maxReplicas: 3
+      targetCPUUtilizationPercentage: 75
+      #  targetMemoryUtilizationPercentage: 75
+      ## see https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale-walkthrough/#autoscaling-on-multiple-metrics-and-custom-metrics
+      customRules: []
+      #     - type: Pods
+      #       pods:
+      #         metric:
+      #           name: packets-per-second
+      #         target:
+      #           type: AverageValue
+      #           averageValue: 1k
+      ## see https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/#support-for-configurable-scaling-behavior
+      behavior: {}
+    #      scaleDown:
+    #        policies:
+    #          - type: Pods
+    #            value: 4
+    #            periodSeconds: 60
+    #          - type: Percent
+    #            value: 10
+    #            periodSeconds: 60
+
+    ## only available if kind is Deployment
+    podDisruptionBudget:
+      enabled: false
+      annotations: {}
+      maxUnavailable: "30%"
+
+    nodeSelector: {}
+
+    tolerations: []
+
+    affinity: {}
+
+    labels: {}
+
+    annotations: {}
+
+    podAnnotations: {}
+
+    podLabels: {}
+
+    ## How long (in seconds) a pods needs to be stable before progressing the deployment
+    ##
+    minReadySeconds:
+
+    ## How long (in seconds) a pod may take to exit (useful with lifecycle hooks to ensure lb deregistration is done)
+    ##
+    terminationGracePeriodSeconds:
+
+    priorityClassName: ""
+
+    env: []
+    #  - name: FOO
+    #    value: "bar"
+
+    # The envWithTpl array below has the same usage as "env", but is using the tpl function to support templatable string.
+    # This can be useful when you want to pass dynamic values to the Chart using the helm argument "--set <variable>=<value>"
+    # https://helm.sh/docs/howto/charts_tips_and_tricks/#using-the-tpl-function
+    envWithTpl: []
+    #  - name: FOO_2
+    #    value: "{{ .Values.foo2 }}"
+    #
+    # foo2: bar2
+
+    envFrom: []
+
+    # This supports either a structured array or a templatable string
+    extraContainers: []
+
+    # Array mode
+    # extraContainers:
+    #   - name: do-something
+    #     image: busybox
+    #     command: ['do', 'something']
+
+    # String mode
+    # extraContainers: |-
+    #   - name: do-something
+    #     image: bitnami/kubectl:{{ .Capabilities.KubeVersion.Major }}.{{ .Capabilities.KubeVersion.Minor }}
+    #     command: ['kubectl', 'version']
+
+    flush: 1
+
+    metricsPort: 2020
+
+    extraPorts: []
+    #   - port: 5170
+    #     containerPort: 5170
+    #     protocol: TCP
+    #     name: tcp
+    #     nodePort: 30517
+
+    extraVolumes: []
+
+    extraVolumeMounts: []
+
+    updateStrategy: {}
+    #   type: RollingUpdate
+    #   rollingUpdate:
+    #     maxUnavailable: 1
+
+    # Make use of a pre-defined configmap instead of the one templated here
+    existingConfigMap: ""
+
+    networkPolicy:
+      enabled: false
+    #   ingress:
+    #     from: []
+
+    # See Lua script configuration example in README.md
+    luaScripts: {}
+
+    ## https://docs.fluentbit.io/manual/administration/configuring-fluent-bit/classic-mode/configuration-file
+    config:
+      service: |
+        [SERVICE]
+            Daemon Off
+            Flush {{ .Values.flush }}
+            Log_Level {{ .Values.logLevel }}
+            Parsers_File /fluent-bit/etc/parsers.conf
+            Parsers_File /fluent-bit/etc/conf/custom_parsers.conf
+            HTTP_Server On
+            HTTP_Listen 0.0.0.0
+            HTTP_Port {{ .Values.metricsPort }}
+            Health_Check On
+
+      ## https://docs.fluentbit.io/manual/pipeline/inputs
+      inputs: |
+        [INPUT]
+            Name tail
+            Path /var/log/containers/*.log
+            multiline.parser docker, cri
+            Tag kube.*
+            Mem_Buf_Limit 5MB
+            Skip_Long_Lines On
+
+        [INPUT]
+            Name systemd
+            Tag host.*
+            Systemd_Filter _SYSTEMD_UNIT=kubelet.service
+            Read_From_Tail On
+
+      ## https://docs.fluentbit.io/manual/pipeline/filters
+      filters: |
+        [FILTER]
+            Name kubernetes
+            Match kube.*
+            Merge_Log On
+            Keep_Log Off
+            K8S-Logging.Parser On
+            K8S-Logging.Exclude On
+
+      ## https://docs.fluentbit.io/manual/pipeline/outputs
+      outputs: |
+        [OUTPUT]
+            Name es
+            Match kube.*
+            Host elasticsearch-master
+            Logstash_Format On
+            Retry_Limit False
+
+        [OUTPUT]
+            Name es
+            Match host.*
+            Host elasticsearch-master
+            Logstash_Format On
+            Logstash_Prefix node
+            Retry_Limit False
+
+      ## https://docs.fluentbit.io/manual/administration/configuring-fluent-bit/classic-mode/upstream-servers
+      ## This configuration is deprecated, please use `extraFiles` instead.
+      upstream: {}
+
+      ## https://docs.fluentbit.io/manual/pipeline/parsers
+      customParsers: |
+        [PARSER]
+            Name docker_no_time
+            Format json
+            Time_Keep Off
+            Time_Key time
+            Time_Format %Y-%m-%dT%H:%M:%S.%L
+
+      # This allows adding more files with arbitrary filenames to /fluent-bit/etc/conf by providing key/value pairs.
+      # The key becomes the filename, the value becomes the file content.
+      extraFiles: {}
+    #     upstream.conf: |
+    #       [UPSTREAM]
+    #           upstream1
+    #
+    #       [NODE]
+    #           name       node-1
+    #           host       127.0.0.1
+    #           port       43000
+    #     example.conf: |
+    #       [OUTPUT]
+    #           Name example
+    #           Match foo.*
+    #           Host bar
+
+    # The config volume is mounted by default, either to the existingConfigMap value, or the default of "fluent-bit.fullname"
+    volumeMounts:
+      - name: config
+        mountPath: /fluent-bit/etc/conf
+
+    daemonSetVolumes:
+      - name: varlog
+        hostPath:
+          path: /var/log
+      - name: varlibdockercontainers
+        hostPath:
+          path: /var/lib/docker/containers
+      - name: etcmachineid
+        hostPath:
+          path: /etc/machine-id
+          type: File
+
+    daemonSetVolumeMounts:
+      - name: varlog
+        mountPath: /var/log
+      - name: varlibdockercontainers
+        mountPath: /var/lib/docker/containers
+        readOnly: true
+      - name: etcmachineid
+        mountPath: /etc/machine-id
+        readOnly: true
+
+    command:
+      - /fluent-bit/bin/fluent-bit
+
+    args:
+      - --workdir=/fluent-bit/etc
+      - --config=/fluent-bit/etc/conf/fluent-bit.conf
+
+    # This supports either a structured array or a templatable string
+    initContainers: []
+
+    # Array mode
+    # initContainers:
+    #   - name: do-something
+    #     image: bitnami/kubectl:1.22
+    #     command: ['kubectl', 'version']
+
+    # String mode
+    # initContainers: |-
+    #   - name: do-something
+    #     image: bitnami/kubectl:{{ .Capabilities.KubeVersion.Major }}.{{ .Capabilities.KubeVersion.Minor }}
+    #     command: ['kubectl', 'version']
+
+    logLevel: info
+
+    hotReload:
+      enabled: false
+      image:
+        repository: ghcr.io/jimmidyson/configmap-reload
+        tag: v0.15.0
+        digest:
+        pullPolicy: IfNotPresent
+      resources: {}
+      extraWatchVolumes: []
+      securityContext:
+        privileged: false
+        allowPrivilegeEscalation: false
+        readOnlyRootFilesystem: true
+        runAsNonRoot: true
+        runAsUser: 65532
+        runAsGroup: 65532
+        capabilities:
+          drop:
+            - ALL

From d7e12f80eaa23c0279cfb00104fe1ae2204ede88 Mon Sep 17 00:00:00 2001
From: edwin-villa <edwin.villa@softwareone.com>
Date: Wed, 29 Apr 2026 16:54:50 -0500
Subject: [PATCH 7/7] Remove cks-trivy folder, not part of this PR

---
 packs/cks-trivy-0.21.1/README.md              | 117 ------------
 .../cks-trivy-0.21.1/charts/trivy-0.21.1.tgz  | Bin 7612 -> 0 bytes
 .../cks-trivy-0.21.1/charts/trivy/.helmignore |  22 ---
 .../cks-trivy-0.21.1/charts/trivy/Chart.yaml  |  11 --
 packs/cks-trivy-0.21.1/charts/trivy/README.md | 112 -----------
 .../charts/trivy/templates/NOTES.txt          |   2 -
 .../charts/trivy/templates/_helpers.tpl       |  55 ------
 .../charts/trivy/templates/configmap.yaml     |  32 ----
 .../charts/trivy/templates/ingress.yaml       |  53 ------
 .../trivy/templates/podsecuritypolicy.yaml    |  44 -----
 .../charts/trivy/templates/role.yaml          |  18 --
 .../charts/trivy/templates/rolebinding.yaml   |  16 --
 .../charts/trivy/templates/secret.yaml        |  16 --
 .../charts/trivy/templates/service.yaml       |  18 --
 .../trivy/templates/serviceaccount.yaml       |  11 --
 .../charts/trivy/templates/statefulset.yaml   | 148 ---------------
 .../cks-trivy-0.21.1/charts/trivy/values.yaml | 165 ----------------
 packs/cks-trivy-0.21.1/logo.png               | Bin 50574 -> 0 bytes
 packs/cks-trivy-0.21.1/pack.json              |  28 ---
 packs/cks-trivy-0.21.1/values.yaml            | 179 ------------------
 20 files changed, 1047 deletions(-)
 delete mode 100644 packs/cks-trivy-0.21.1/README.md
 delete mode 100644 packs/cks-trivy-0.21.1/charts/trivy-0.21.1.tgz
 delete mode 100644 packs/cks-trivy-0.21.1/charts/trivy/.helmignore
 delete mode 100644 packs/cks-trivy-0.21.1/charts/trivy/Chart.yaml
 delete mode 100644 packs/cks-trivy-0.21.1/charts/trivy/README.md
 delete mode 100644 packs/cks-trivy-0.21.1/charts/trivy/templates/NOTES.txt
 delete mode 100644 packs/cks-trivy-0.21.1/charts/trivy/templates/_helpers.tpl
 delete mode 100644 packs/cks-trivy-0.21.1/charts/trivy/templates/configmap.yaml
 delete mode 100644 packs/cks-trivy-0.21.1/charts/trivy/templates/ingress.yaml
 delete mode 100644 packs/cks-trivy-0.21.1/charts/trivy/templates/podsecuritypolicy.yaml
 delete mode 100644 packs/cks-trivy-0.21.1/charts/trivy/templates/role.yaml
 delete mode 100644 packs/cks-trivy-0.21.1/charts/trivy/templates/rolebinding.yaml
 delete mode 100644 packs/cks-trivy-0.21.1/charts/trivy/templates/secret.yaml
 delete mode 100644 packs/cks-trivy-0.21.1/charts/trivy/templates/service.yaml
 delete mode 100644 packs/cks-trivy-0.21.1/charts/trivy/templates/serviceaccount.yaml
 delete mode 100644 packs/cks-trivy-0.21.1/charts/trivy/templates/statefulset.yaml
 delete mode 100644 packs/cks-trivy-0.21.1/charts/trivy/values.yaml
 delete mode 100644 packs/cks-trivy-0.21.1/logo.png
 delete mode 100644 packs/cks-trivy-0.21.1/pack.json
 delete mode 100644 packs/cks-trivy-0.21.1/values.yaml

diff --git a/packs/cks-trivy-0.21.1/README.md b/packs/cks-trivy-0.21.1/README.md
deleted file mode 100644
index f729024c..00000000
--- a/packs/cks-trivy-0.21.1/README.md
+++ /dev/null
@@ -1,117 +0,0 @@
-# Trivy Scanner
-
-Trivy vulnerability scanner standalone installation.
-
-## TL;DR;
-
-```
-$ helm install trivy . --namespace trivy --create-namespace
-```
-
-## Introduction
-
-This chart bootstraps a Trivy deployment on a [Kubernetes](http://kubernetes.io) cluster using the
-[Helm](https://helm.sh) package manager.
-
-## Prerequisites
-
-- Kubernetes 1.12+
-- Helm 3+
-
-## Installing from the Aqua Chart Repository
-
-```
-helm repo add aquasecurity https://aquasecurity.github.io/helm-charts/
-helm repo update
-helm search repo trivy
-helm install my-trivy aquasecurity/trivy
-```
-
-## Installing the Chart
-
-To install the chart with the release name `my-release`:
-
-```
-$ helm install my-release .
-```
-
-The command deploys Trivy on the Kubernetes cluster in the default configuration. The [Parameters](#parameters)
-section lists the parameters that can be configured during installation.
-
-> **Tip**: List all releases using `helm list`.
-
-## Uninstalling the Chart
-
-To uninstall/delete the `my-release` deployment:
-
-```
-$ helm delete my-release
-```
-
-The command removes all the Kubernetes components associated with the chart and deletes the release.
-
-## Parameters
-
-The following table lists the configurable parameters of the Trivy chart and their default values.
-
-|                 Parameter             |                                Description                              |    Default     |
-|---------------------------------------|-------------------------------------------------------------------------|----------------|
-| `image.registry`                      | Image registry                                                          | `docker.io`    |
-| `image.repository`                    | Image name                                                              | `aquasec/trivy` |
-| `image.tag`                           | Image tag                                                               | `{TAG_NAME}`   |
-| `image.pullPolicy`                    | Image pull policy                                                       | `IfNotPresent` |
-| `image.pullSecret`                    | The name of an imagePullSecret used to pull trivy image from e.g. Docker Hub or a private registry  | |
-| `replicaCount`                        | Number of Trivy Pods to run                                   | `1`            |
-| `trivy.debugMode`                     | The flag to enable or disable Trivy debug mode                          | `false` |
-| `trivy.gitHubToken`                   | The GitHub access token to download Trivy DB. More info: https://trivy.dev/docs/latest/references/troubleshooting/#github-rate-limiting                          |      |
-| `trivy.registryUsername`              | The username used to log in at dockerhub. More info: https://trivy.dev/docs/latest/advanced/private-registries/docker-hub/ |      |
-| `trivy.registryPassword`              | The password used to log in at dockerhub. More info: https://trivy.dev/docs/latest/advanced/private-registries/docker-hub/ |      |
-| `trivy.registryCredentialsExistingSecret` | Name of Secret containing dockerhub credentials. Alternative to the 2 parameters above, has precedence if set.                    |      |
-| `trivy.serviceAccount.annotations`        | Additional annotations to add to the Kubernetes service account resource |     |
-| `trivy.skipDBUpdate`                    | The flag to enable or disable Trivy DB downloads from GitHub            | `false`        |
-| `trivy.dbRepository`                  | OCI repository to retrieve the trivy vulnerability database from        | `ghcr.io/aquasecurity/trivy-db`        |
-| `trivy.cache.redis.enabled`           | Enable Redis as caching backend                                         | `false` |
-| `trivy.cache.redis.url`               | Specify redis connection url, e.g. redis://redis.redis.svc:6379         | `` |
-| `trivy.cache.redis.ttl`               | Specify redis TTL, e.g. 3600s or 24h                                    | `` |
-| `trivy.cache.redis.tls`               | Enable Redis TLS with public certificates                               | `` |
-| `trivy.serverToken`                   | The token to authenticate Trivy client with Trivy server                | `` |
-| `trivy.existingSecret`                | existingSecret if an existing secret has been created outside the chart. Overrides gitHubToken, registryUsername, registryPassword, serverToken | `` |
-| `trivy.podAnnotations`                | Annotations for pods created by statefulset                             | `{}` |
-| `trivy.extraEnvVars`                  | extraEnvVars to be set on the container                                 | `{}` |
-| `trivy.sslCertDir`                    | Can be used to override the system default locations for SSL certificate files directory, example: `/ssl/certs` | `` |
-| `service.name`                        | If specified, the name used for the Trivy service                       |     |
-| `service.type`                        | Kubernetes service type                                                 | `ClusterIP` |
-| `service.port`                        | Kubernetes service port                                                 | `4954`      |
-| `service.sessionAffinity`             | Kubernetes service session affinity                                     | `ClientIP`  |
-| `httpProxy`                           | The URL of the HTTP proxy server                                        |     |
-| `httpsProxy`                          | The URL of the HTTPS proxy server                                       |     |
-| `noProxy`                             | The URLs that the proxy settings do not apply to                        |     |
-| `nodeSelector`                        | Node labels for pod assignment                                              |     |
-| `affinity`                            | Affinity settings for pod assignment                                              |     |
-| `tolerations`                         | Tolerations for pod assignment                                              |     |
-| `podAnnotations`                      | Annotations for pods created by statefulset                             | `{}` |
-
-The above parameters map to the env variables defined in [trivy](https://trivy.dev/docs/latest/configuration/#configuration).
-
-Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
-
-```
-$ helm install my-release . \
-       --namespace my-namespace \
-       --set "service.port=9090" \
-       --set "trivy.vulnType=os\,library"
-```
-## Upgrade
-
-## Storage
-
-This chart uses a PersistentVolumeClaim to reduce the number of database downloads between POD restarts or updates. The storageclass should have the reclaim policy `Retain`.
-
-## Caching
-
-You can specify a Redis server as cache backend. This Redis server has to be already present. You can use the [bitnami chart](https://bitnami.com/stack/redis/helm).
-More Information about the caching backends can be found [here](https://trivy.dev/docs/latest/configuration/cache/#scan-cache-backend).
-
-## References
-
-https://trivy.dev/
\ No newline at end of file
diff --git a/packs/cks-trivy-0.21.1/charts/trivy-0.21.1.tgz b/packs/cks-trivy-0.21.1/charts/trivy-0.21.1.tgz
deleted file mode 100644
index ca5bd82e4517dac0182e04f561166c2822331bd8..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 7612
zcmV;t9Yf+DiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PKDFbK5qzXn*EkfhYHy#HmS1-qPq!?~G&nYdm#qjiscoliRT%
z5|U7p01JR})Hv^Ne}jz#7cFrex4oaynN$XWa}ExGvtT=d;rXI{JcCRG3z)>;e1+8M
zbUKIo`|AIlPN(|+&hE?ZH{FBo{_b9<`|_~!O{crNw}0>r=zI-gswv|FvTr(n8dtS(
z|BwVz{2nomDd~avt_RaJ|FaVuz6!ctgm}nsDpcN34i_*(aRNd)X1p7;xTP%OJ<kU`
zgoGgG`9O^-&j<4?CWyf?j<HyH1SY6wzHyqd5UFZ2AyVFJx2IUlvT+d7qz!-1AV*=w
zuvoNpg?T~NZa3(9e>LO&mn1#^=P=F?|5^fI_5APdbzkmR=l@~1`!xR_Bgr{=IY*4)
z2=zd#<xR3Uu4Q^Sfm77;0AOf}xnPSPh-i3&Sb(X@O)1BM%6v0-&9ntz3kWy`m;*=v
zH9!HK05L;AftBBP!0il&Gg)lB01=wNEEa$xA^#LJq~H|72~04GBY+7gG*{pO2}#il
zK$^vIpT;;`^uXEVf{H#v91&qY4N%CC&~0NVjd2K%X+}g3bUiPXNVq^GR82+%j$;%_
z$(2b$xS$M9(QynpH`rhpBF^7Z$*wB|qn{ZT=#qr0IQ|3mz`>7LV#>vy<k{~T;zIof
zAWX9!*zI%@^;d!t#mj^4?py2u5aR@wN_I=dx(fIhhO$J+5ELk<Hs$H5ZNLP^+~ge*
zLIspUo%g_}&z_gkXkaAnF(m?h6pF}<9PxJ?u^u=)IM~~_Sr?RCQ7UpQ6aFKkS!zpp
zybda5c#dN<bqQezMwcXBNLc^IG2#m@P-38ZTU+3QMhL`kjA9NZl!25+0CJ9}B$1uD
zwFR!wq?fCZn{132K?3mr({@Bd-p)8;{xri8Y7-hEpQ9LsvfXV@{yk8CQl^=(wFQnQ
z6HKsJ$iXKtncf#~NJ)rNp?*y8G-Ha{Z4JavY2-`vZ4VlJIRQf&BVG7`Q45HP@F9tO
zk)vpP#c$pNAAZ$5C<ccmftzs^$qC5?6ljvg9DNx*a{A9Px^3T5c7w^(zr|wa)A4U8
z6ub=!tZg|QYeQ5?l%5g=5gKPxIp35RnZ$4k1T{0&7%8d<NN6MnT3)^wds|?N#hYwA
zq&J8tFh8ol&142b=Ti{TTM|<k8Mr5}Wn~4xW`K|q$z5JHcmO67$`aKCFkv(S7w=DY
zz!i$X8z^=FBoRm;SpX_#h=DBSf+3hxfJ9KhG31B`3g?-SLekQt`$N;AFgWdCC`OPY
zkV+Z5k&)#`<F={A6?GvDXDCv5vF1@sLl}bzjuFt46+9ocXEZ@=WBs)QRY?PEM`QgX
zh{mJs0Gts3qX<ie>?m-yaRmouZk9$+=sprSL0rHj1)Q38hLC^=2^0!&J41?fSO7kw
zSsWFe1pz^~h=IA)7?wL{M5qA@C<7VS14y?MP=Yj*k2A&)5%HozCFX{<2%tG)3((yK
zGnz5Ytu!0Qm`gyAYy5d12x@vI$Oq36p=6QJtmsUxiL}FzA;2>=H)M6ie5nSc?mX<|
z>I0;RDH;NBAqQI=F96TN8DLP@8khq_Xf~ZG#A-$}8f8ih0-D<SAAqyTj`}PIB}0(Q
zZo=Xj2ZRa(Vh1c}213PbOr%gSJaq603JyA*j>1->Qwfk1g?O^SWV&qP1>oP5frK(7
z`x@ey14{CdouiTvQqAI!5}w6EA+@7DLUR<$1_sW!pYOG|Bn00=$h+hh*)m9sr~}aA
z)1qL!023O=^wyG%2^UOrkpoOhm}e+XU8IPZsn>>?m?0u?2qkV`P~Ut|SY;OUr3FF>
zjD5`#UlHI>DD%Y(`5{dbDaK<=<Ro##m^Nr69Vf~<%gr^}q)1|gF<0LQ2mu&#S_p14
zPtjZp?HCHgMH@zQNJ12~rTUgkGY~Q2ZEXSilJ=a1r&vx%O#)^p6!Aif4$PI*C}ii=
z+52Cv-wjT$E{@)wI+mrhHngXxOe<Tme>52Ue0g=^l<Y&!rSoY^s?wJl`M>2%f&`$C
zn5$93mBm+}pCOY4l8g&5M&L4qzh_9z<lkhL5lNs`CbcIg0K1lUMN1WKl?gQ8Q$t)!
z3WJ;W9HbC4Bf~E)ho?R8^9&irV6IGEIi^yE=2!}a6f&3~fuw9<2;eE93`K?buuM2E
zI`-7G)f%^wi$0zBmIr>p1Hf-^dh+_65@t<0lrj)u?x@p~*UfUOG<gy{oe6LYiEu#a
zzL((TKtNnc-s7|O@d-d=ju};kjhy!Y&MA(XXF29P%XQ$SAX&*aW#1~nG=p;`Z4*c`
zB@1(fAZv_rWu#S@(!kR0ml{NCIE7$Sl?GBMX5cwT2#i#j6U;{2l1P`ouFY|IeCBvd
zl2V4`Y?|v{P>`1x0E+9<mKk3;?$&e`N++yYn>$tt&(f4Kp=Y5{-Lm-%MbbCpN(V|t
zk70O&NK}$$E3JktBh7uq0pG1ZlwB`P2Bm4Rl;QD0YTZbwnOybmC<UWb?b!NPz0I(<
z^}uMqJUrM^KmC^nhn;R`Z~q`4nr8%rl7Vu77-EZd8+vy@0&k?oWxAXc?l6|a3YxMU
zu{mODc5@U@b^r>dL5WRcEC@`nqLd35-n3OssSJ`DF&Zegx>XHfZEiR{bc^Fy$|lJ&
z>Dx(WX*W<+*FPN>)ebb7G8Rk8C~-<kO^vpuDbWA&dDuJLd-=*#5yGtk_6|E8z5{mm
zXZCx{3mlRkI7CNbs61y?1XgTzU2O}X8y>&}{y_=6<%&Oy#>j_^^nm;a-tr!XNw0Tw
ze0=%tVt9Ra(vv0HXGd?ZuP)C|uZ@;alVA3a6*4f2K$vks6YD1ms`|+FQnYzSqajMt
zSeur*upx5GbguRVu(m>T2f)$TRvLyeMnnMVzu5Vu00f3F22`%YP)RfcJZaEPU?xW+
zLL_&!XeKx|K8{*$)x*s$&2U%s@6;6NPEAqnxU_koLX|_TVDOa8-$SOjIYvr7QSAX3
zwWyT5Te4s!kB<=(CzvT?%8XtKC|~}OaLfp|Yduy<XpeI+I0qqO0#7v8)sz5{vM4B9
z>;Uu;CTWa%pv`&QmPMsqQ=rzCkQt&qJ8<;m$9AGgE|sNG(U&+>zJRhsv?sDi5%?+h
zZfzlz?*a9{9ypFOE)YBGt1439HdT@N9#H@5f&Etp`(_Ao>8a!k5DgVg5nvY$)MzW!
zk|fBXdDizlOr{KRURuK{G?B89930)C`~7#;P*baG+$s&EmfEZcWxxPdLxIsaMyyaT
zSOnU#;Yes-A)-pe5u^u!oUqz@Hb7#?l^`x;hh)6@tXA1BOeZu+mn~3UaWM6QP%qDs
zDJCC10A@5_YV*|}W+Ngn14+sx*(FfSdZ5*A6<uz%mZaZ|6oQ0V!3b`?S6Js=$)TI?
z6&qiDXCMvLnCLS!!IB0gJwN=aKm*^*`io*y#5c6~!Wikmp?gb<Qon(0Pivq)qaW2`
zDR_5vZdX{}42ON`?R~To%FB!POg+A|;-FrW=T!+U)sr$4S{qhZGV5oi|6!WO(%|t-
z#op5v&fg$u8%h|x$lKC283f{^ct9L$_kRzn`@j30r~Ti@Nz!XGOJ`#Qw7*8}N{nmS
zSc6!b^3w3Z#8dWwR(SvlB~5zm_NPw(lQ7OA1X@~J*-fPu2*Bsh!KY6kxY8?Qfs}td
zg&_i;KlkK^_j)hV>R_cqKYxA_7GEb-=l}H##VKMu5b1+$1+SU^dwY8?tMmWm{^8U7
ze~k3$Q~L#&<D{odd}(G&qvwZ2vPJru;6?lMXHS;$PCus7jmiyYV<;HM#FX=;L61p3
z^YyIvi*L%<5A?RJocsBNcQ>8E9S|%dAvoMqKXEe1CKLP-wEO}XB9Z#7sXMl7wibt!
zIScT624iLMOZ!979e6(@4PBKN5{GPq^u0ouaRfL`N|wHAt+I*rTAW&w(#EVZm!IoB
zYH)HfkY$xem!fbx@XjXr4uArZ?{X-n={zh-UcTNtki;8mmoT;vsg@sjlJl~<iJzBQ
zT3{oF$Gm{_ts=hn!{&YJ(3$f=Ln$ePg4R;*7ZaE=OvD7V{>A-&@m2+z#``6sY}xP9
z=ySSNP8GZN1i9{7Gfs3VwE(fSdsUg%(#E*F*1zq^h&#Yg8cTiJ`mP09*RA`^C7L9Z
zm?e^B6zZ=U1WePQ?1t$T{JJGjSOMM)#Yw<tZPnDKvW5q$a2<oPM@Xo#lzZ2i5Slqh
z#mSLISoz^H3944*4*Z@`k%N`IYJ`$N0;eeQ$BQye1LM6n^7;yij1lWMrP9z!;1pe<
zNp0BJg%@DewGuN+hmeI+^zyfMLFmHFT{}-z(IDR}a?0C<=4CbVmF&EZfYW+GnR!<g
z6(tr6IuJ~X&iasV|BLtJs4tUWB~Br(j_1Exz5eY})&A2*MiQ7l;9<Zu_TO%Icei5y
z9qjJ!KG}bdkxJ)(yWR~ZQ4bueLGTu)UV;RSpnyHQ6xtxB%g$Y~wC>f5TAdMqJAg@q
zhyeStjzyt&QqRu@!_$i%XmtYh-wL;|l~+1GI(~C{eR6iy1Fhw|cde?WWHgN|VYWo<
zZlY?63;Xra@lU50Ct9{It)8*iRTyOu!{Paw>OwSDzdAiR8(a_12kWZGe2KcUkWNlt
zzx%NPN^zp90sY{ov;OtT>+5&@lcV8jL+#Rbasz;q*Vk94{ma4G@bc=HChX3hX0-uM
zZxzd&3ig}fuz%gZy8ORokVUCxRx|+R6{v$HVEGrowF{&Q=*49NL|bAxIJLo4W>sl-
zM!{CbvQnYHz(fuoV&>NFY64By727om+F)>geSCT~)N`rc(?#)Svj1v{_LROPRrSB!
zK6%Ki0PEI&y8BiAzyI=J|4IKpMyiMe+x=Dv=2pE_^414fq5s{rh+~-QBP<y4;HZCQ
z><k{ffgH4&_Rw0|uPQ8(rb30Me?KH+B;aP4RLKHer3U&a5K*|wMYR;vhSZs6=l#qm
zVpqoN9<E(5zn8J46-G(3*lu?=SanHv$5m~f%Bn`s1dgV002>BK*R*HH0wfW5UPV^j
z;oSz$IZEb;9n&O*41v~v{{ZIQp!<E$X;pgqr)-Q&PuP`@ZB0UL-`G`Q%TTY@leU&L
zt`rUtD{jbQ43a5YUefM1=O=ZXIx625(?unzW%J3_$*nk<+?``trTDwn4W+s)i_sd&
zOGMe7a*0F!s*|R6eDVgQP|SGorv#uk)IWU!-&QfHqjOH{4b#89$CPfHdDe2_S%UN?
z{4xsU*J>?uBCJ=+%+EVjvz-}TNXZIBMGIx3UKaq8C1b?O6qdXkzXZ$`N1GFUu>pyu
zXrG$ZxQ(f?!>f7N{nZ-oDXmIX`!A)DJztrs>vIoa39hmKx`zjQ75ndHxAS!W^HEYo
z)v+-QgW}3yF|XI#T6(xxTd3VH?i1>Jm^G8DT)|jOwQBdXooW`2ZP?MnSvdExy|h)-
zd>InPF}>~E52rkY`mjY&Vou{MLHRMZXQ5rEduDS`l8VI%W_d<_msPx1m5*bHll-eT
z9E!q>{)R$<qC6*}x8xSG=%|18%$%aT&<ePqN@kw*kINbTvlHi<XMT%RA6?F3)C14n
zW?Wo3mr0+g(~ResWFJfARGA~PP~WpOjZuP#fU&x9%9}yz1}GCJXIFxWy*LX%0zc}@
zst3;P)dv8z@<yw^^otpaP8dzy>0|*Pou5ChBCX1QMq~8Q?*Ocm|DEn()&Jk!f0F-?
zlA7edx&BrW*Xk3@#Edfhhd!oT_~cr6U(pyn)|SC${_!KLH{)RW0H)Z8CoLmBJk#}`
z{i=k3eFmWTShl(_;;Q5vv9T?sOJ*FEV5rvi0Qj(u$-gd@D^Irie{gD&|6@!d>0dvT
z8d!J!_po;U@8GcWwEp`j>A~gyYdv`WUTQ#&>MJx+cSww6UeO>A07su~Ouo6SujIe3
zKPcUh+Z<9Mk-vKXSLeU>2p-k~Txb7v_p1K?{=wnX`Ts{rX8sc@YTL}E8;ccTkWYF2
z`LSlZzGSB_>gR_>emon#dH4Eyc=^-mMZ<=*`^rmk1g+HqcVK+Dk4V^bUSSz9_nPQh
zU`u(s_U^t*O7ZSMjhgC>&&}IcJXWw2sJ%40Sv#voW1o!4e@3dyf4$cKi2MKD`uV^8
zmwQk5KOQA55$b9XG)wjBu24nrJYO#LxBu*_sjyplRT|VqT}Mvk*RaiwAh)l)=|>9g
zb6UN*;_5@_debjo+;iSP^=Cq)X8kZ_RM3#dJup1(d(LKIQ%ltzT+!0~R|osWPM&~l
zibVg5>(=g&H&m|PPA_p=-#AyyeiHltsI)}>L+!FWj2c+y{~vTZ75RU-*L^zw{U~Xb
z{I`DVBN_L`Tz+1+xC>gg*Bnv$^eNxFTLGm6q)tS>zqi5C!e8Bge>T<TfAMI}Bdz~+
zyWN+y`yYq<FQ4ZBV<dO}!!+f^V&1@vgu&yv_jdce;ncf%+sP@ke2>229HO+SqPOaP
zUV@0QFGIKbkij@cam%Y8m0H(6^KLXRnM>|t(oME!0!27GH=NN{+r7=v`xvB^^<L+x
z>+;2yd2w36KAM%=u@#-6NioManvNUTeR5|InWJy2oifiJY&4yvQ|Y<vBGY{~J3qT-
z-;8s*!fhMJf0RzV6%Te-&MPjdUzB&DxG#a%&YG6cI|Uogky!C-hDe1^wG%2bg)<c1
z@GLPG_DZAWxw<+Dz71^81+O7TeJEz2Rk`5T+Ex>Y&*1LCA<vTXq0`blEWgNHJ-OL<
z|K$4>XISIX9QaeS;6C$UNh6zt%?g3@eYK3!M0YHg&5w;GjA~jYsCuHZY?PVj<=prF
zs#Cl6pnK^6art@ny4}=JJr~xi`n7s?T3!Dwp4=}AsxSTggEJKT`eMU!FzX0#A9*hd
zm7acYXnm>HecJ6jtM2&c&RgqErm9otJ~-{GaL(Yd9(@BgSa|Xqpvo_wH}q2i)#JxD
z=~xl6_wsw{wHxU{`S@`@7OY}!?0WsNeh9sR6@1yq-*EI->*qY`?$+^^7^T?GrWO6<
z+c(sfQv5|b12!Qtuj0{NQhQz5O)A>UzZp&H$I<on-%n^^c1x?NHZku-woNx^v69qs
zYn&IL|L(16AhmIzATqC0?t}bXXCvJk8{jTT&5A~NU$6!E0HlBwcNkXm$$DBE8SJdT
z7Q9%p4r@~`>Q*nLmhi-QjtJts&*->vLquZu5!J4K@NkAC8E=Nee&v(CGt-_S7>n5-
z)sKp(CB#dCj$wR)Vz?Nfkdlb^z(M&+3}RTRcKxy2DcjMRGIWPChWL!eQE|#urwPPy
z#*q8HQ!>tBg#R=7u;+Z&&eL0Ir_~0ZvgP`^Wg@ALJu@_u)OWlhm%EoFUX;zgCcq8v
zA2cHRA|y+U<?8+MB{Zq4ZMA8u$>2QpL&St1VYZYUbAsBXrZ(NHr<tq+SuW-Hm37Tu
z)Y)9;m(Jw_SH{#k(w@+Fp2uz!!Am{!GKNi|S6KB$ed(|6CUx9j_HlWBHTL?`@qoWs
z((Av$48@5KG4T~}tlj_Ft)BniJvewe|Me(o3-qB7h!OSDyB-4Ic7_NTXE=^jd>t6x
zz$xN^X97CpZ+-I_ieoU1=~%C8Vlv$U48>63InuE)ihM{SZwnAK)i20CPt~*7DAIE1
z|7-_9%6UMEswqiQA%kK}P~Zh8gX@8y40&6?yiWK2cmN{IxED;ZXsdrU`Cc&ogSFMa
zHe)tz%YW>jd`{X0pfL<@vQ$4Y@4X24ZR))U#_+~_5l997;{SPD;5}q2D$Ci)Dfa?%
zPs$5$gkW2jWAryKnDbBtb^EJ(b@Qa>|JCWy$=lN)iM|SsHTypYhkMoe-+lSC|NA(}
zhKCuL*uCDcAp(uDBmozYL@<_9)O`&)&~XdT|Lf%HzdUa=8hPL95W%L9iE0x7-_Lhc
zO`h-T!{)^YRbRq8BO(t{=6Oo+=!Y}MlnO2wOgVsgtiLp-i$of0lmG}m6tB1b`rN!q
zU0NUB&Y!K$xC!UweRzZ7L>D&^ypn*=wypdF`gupDTia(y-R0w0Antj7C6dDKcb*R<
zJh1njX^moq#Fa;)JNi9?I)EuCUcb@|RP19Y)!`D{s5g1A88_2L8pBkP?JGv{wgbk5
z)KeK8K^D$*zK+sb>aAqq>&|J2!d!Gt-W=Hy)d<fU(xS`rcTSafR{`SOmvBeP!Z#VC
zUgMxC3V=Z49jZq#RqQj<<MxSi6Pm>71KYhOY@t1?REmfhs3>3``gx?SU!QLkVYjwD
zt^<XF7;~XR!Z<;>RI~#V-^4;i5r{JNh-GDZ{5N><Vu;fhFM8k{a{*-g@<5Av1ddeW
zC907gVebfD#^lU?YDXwWCV-dAQD;JwnQO`yMeCepD4}!2f$c??sWeF`QNg+(=QPAB
zN=@Fuy1#Yr#HxbR?Pl8K4Ae-SfO_if`GVDXPswbD@8;EM6NV?pC}s$=yqirtYtOp_
z)s$0E%B`2Hq>~~F`s#vry0oT4Wq5b~W@*!M_keWg-GNd0mDkZS`p;BQ=KL|(d#5`v
z%40;23?~XAth{R^!xEuH#h*%dU{nf7J#wiKaJqyGB`O4*{y8Ef6`zJjKdK;BpGRd@
z6gwL$Ss{y=Cll^Zgc}KaR3$<$tu7&A=)C$4Np<rskMN|Z)Y?PG_EySHg&#8!Dc@vc
zKpB9*1eA0J+MTAzJwmaxd+xx6dN)VXqh&##M#_g_*_s(@nb9o)SEwsbVK!se%vcvM
zu?RoBk_ffPHgd5$_f?wkYwVkbDh|L~>Cj;^SsUq-p$TG$gow8VquDq{d`79jWZK@+
z=7nF1n!2i4RgP9Ks*IZ2l-XM>b}+?Mg^Yy4#G02D&gSjeFmmY%YV8e}Mrv(*&%X_|
zOLwbAa<Z7IYo@E&;*h<V6YGYE4Zu+>J#g*Fo9M&4rI@5+I!8MyWL?ToC~Jo5MLv#1
zu-TwkekOBNR5~)@qG9ZwgUREF(W;4JBc+)G%=ucc!SAAXo~&IV^zIuMwRxU{8W-G`
zZyU(C`_mCa9U@l73T+~;;a%iWi8%d`0=QZdM6`*mjj2%*R-RR^a_0^VO0hgcN{F%8
zGZycx4|?fhUy4|WwTOqqbAwF<%#>qfcYn5FvzH@|c^z?y-^25PHojHh@z4#J$iEP=
zbFXo^(z#DS%yo!SMO4*_KUCz*2a1|mYe4x}TtfrgLvt$hy0lX)o#RC*OzD~~`}DcO
zyW%D2M$xfhAkQ^pr3rPhQM5#K9)JDFpQ9r5=g8?6_g>lx^YM$Lfi8svtju(8qpiTa
zB!=kPUTEl*{GMB-?I~reOy?ybN$*3!{;Pw1gQ-M8<+|8tJq6X+rknFX-#!}|3i8+A
zSG#t@HE}XG=Rw}~;(_=Ts2ed4?t|LFY#x$d)nW(p#-Tbl!dx7bT;;4uKgb-bH9`<T
z&hb>me&4Xcb?mTlc-6}1mlpGeJ|GRwsm<kN+<~EUxbp$AuTej?{DUhYwR)$V0M{!>
zU}|l0MCM=)8J6}6H<5`{7~u~}gB0uR&Hhknp|-tM`g1$*JZpg=7|sd`iq(8D@_pHu
z8?^XAtp<MB$$$Pj0+3BJ#dkr?%BxvX9R+I_qrv~!;|%V8MzV1Ja7subTCQCF;Z^5V
zr&TMW*&yxs;UYypQ2swVF&;C>7Oi~MeW0%qly*ZhjyQnL7caE45M`m(yCh#R$sL5k
zbr~aZD=n!0<%x8f1Y|;4vU=ly>$P%ok3olQHeo|&(0C$D=HtXJQjM;VG%w6*_OW&h
zJnt8psbzB;haVba)`&jiLm=xx1bWN4R7P5R+M0neLoixM7nCC+0$`zMT+{Tygyh%E
zDhA!ENd4P^r`+~4GNCNdyVY<^Gc7SI9uBvA027*#2z;0!hQ4fU>*zFFJcPtozkLIG
eJNO6fBR{35^pyU2>Hh}+0RR6R9##|png9StzQvXR

diff --git a/packs/cks-trivy-0.21.1/charts/trivy/.helmignore b/packs/cks-trivy-0.21.1/charts/trivy/.helmignore
deleted file mode 100644
index 50af0317..00000000
--- a/packs/cks-trivy-0.21.1/charts/trivy/.helmignore
+++ /dev/null
@@ -1,22 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/Chart.yaml b/packs/cks-trivy-0.21.1/charts/trivy/Chart.yaml
deleted file mode 100644
index 3b96ab9c..00000000
--- a/packs/cks-trivy-0.21.1/charts/trivy/Chart.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
-apiVersion: v2
-appVersion: 0.69.1
-description: Trivy helm chart
-keywords:
-- scanner
-- trivy
-- vulnerability
-name: trivy
-sources:
-- https://github.com/aquasecurity/trivy
-version: 0.21.1
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/README.md b/packs/cks-trivy-0.21.1/charts/trivy/README.md
deleted file mode 100644
index 92f96a8d..00000000
--- a/packs/cks-trivy-0.21.1/charts/trivy/README.md
+++ /dev/null
@@ -1,112 +0,0 @@
-# Trivy Scanner
-
-Trivy vulnerability scanner standalone installation.
-
-## TL;DR;
-
-```
-$ helm install trivy . --namespace trivy --create-namespace
-```
-
-## Introduction
-
-This chart bootstraps a Trivy deployment on a [Kubernetes](http://kubernetes.io) cluster using the
-[Helm](https://helm.sh) package manager.
-
-## Prerequisites
-
-- Kubernetes 1.12+
-- Helm 3+
-
-## Installing from the Aqua Chart Repository
-
-```
-helm repo add aquasecurity https://aquasecurity.github.io/helm-charts/
-helm repo update
-helm search repo trivy
-helm install my-trivy aquasecurity/trivy
-```
-
-## Installing the Chart
-
-To install the chart with the release name `my-release`:
-
-```
-$ helm install my-release .
-```
-
-The command deploys Trivy on the Kubernetes cluster in the default configuration. The [Parameters](#parameters)
-section lists the parameters that can be configured during installation.
-
-> **Tip**: List all releases using `helm list`.
-
-## Uninstalling the Chart
-
-To uninstall/delete the `my-release` deployment:
-
-```
-$ helm delete my-release
-```
-
-The command removes all the Kubernetes components associated with the chart and deletes the release.
-
-## Parameters
-
-The following table lists the configurable parameters of the Trivy chart and their default values.
-
-|                 Parameter             |                                Description                              |    Default     |
-|---------------------------------------|-------------------------------------------------------------------------|----------------|
-| `image.registry`                      | Image registry                                                          | `docker.io`    |
-| `image.repository`                    | Image name                                                              | `aquasec/trivy` |
-| `image.tag`                           | Image tag                                                               | `{TAG_NAME}`   |
-| `image.pullPolicy`                    | Image pull policy                                                       | `IfNotPresent` |
-| `image.pullSecret`                    | The name of an imagePullSecret used to pull trivy image from e.g. Docker Hub or a private registry  | |
-| `replicaCount`                        | Number of Trivy Pods to run                                   | `1`            |
-| `trivy.debugMode`                     | The flag to enable or disable Trivy debug mode                          | `false` |
-| `trivy.gitHubToken`                   | The GitHub access token to download Trivy DB. More info: https://trivy.dev/docs/latest/references/troubleshooting/#github-rate-limiting                          |      |
-| `trivy.registryUsername`              | The username used to log in at dockerhub. More info: https://trivy.dev/docs/latest/advanced/private-registries/docker-hub/ |      |
-| `trivy.registryPassword`              | The password used to log in at dockerhub. More info: https://trivy.dev/docs/latest/advanced/private-registries/docker-hub/ |      |
-| `trivy.registryCredentialsExistingSecret` | Name of Secret containing dockerhub credentials. Alternative to the 2 parameters above, has precedence if set.                    |      |
-| `trivy.serviceAccount.annotations`        | Additional annotations to add to the Kubernetes service account resource |     |
-| `trivy.skipDBUpdate`                    | The flag to enable or disable Trivy DB downloads from GitHub            | `false`        |
-| `trivy.dbRepository`                  | OCI repository to retrieve the trivy vulnerability database from        | `ghcr.io/aquasecurity/trivy-db`        |
-| `trivy.cache.redis.enabled`           | Enable Redis as caching backend                                         | `false` |
-| `trivy.cache.redis.url`               | Specify redis connection url, e.g. redis://redis.redis.svc:6379         | `` |
-| `trivy.cache.redis.ttl`               | Specify redis TTL, e.g. 3600s or 24h                                    | `` |
-| `trivy.cache.redis.tls`               | Enable Redis TLS with public certificates                               | `` |
-| `trivy.serverToken`                   | The token to authenticate Trivy client with Trivy server                | `` |
-| `trivy.existingSecret`                | existingSecret if an existing secret has been created outside the chart. Overrides gitHubToken, registryUsername, registryPassword, serverToken | `` |
-| `trivy.podAnnotations`                | Annotations for pods created by statefulset                             | `{}` |
-| `trivy.extraEnvVars`                  | extraEnvVars to be set on the container                                 | `{}` |
-| `trivy.sslCertDir`                    | Can be used to override the system default locations for SSL certificate files directory, example: `/ssl/certs` | `` |
-| `service.name`                        | If specified, the name used for the Trivy service                       |     |
-| `service.type`                        | Kubernetes service type                                                 | `ClusterIP` |
-| `service.port`                        | Kubernetes service port                                                 | `4954`      |
-| `service.sessionAffinity`             | Kubernetes service session affinity                                     | `ClientIP`  |
-| `httpProxy`                           | The URL of the HTTP proxy server                                        |     |
-| `httpsProxy`                          | The URL of the HTTPS proxy server                                       |     |
-| `noProxy`                             | The URLs that the proxy settings do not apply to                        |     |
-| `nodeSelector`                        | Node labels for pod assignment                                              |     |
-| `affinity`                            | Affinity settings for pod assignment                                              |     |
-| `tolerations`                         | Tolerations for pod assignment                                              |     |
-| `podAnnotations`                      | Annotations for pods created by statefulset                             | `{}` |
-
-The above parameters map to the env variables defined in [trivy](https://trivy.dev/docs/latest/configuration/#configuration).
-
-Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
-
-```
-$ helm install my-release . \
-       --namespace my-namespace \
-       --set "service.port=9090" \
-       --set "trivy.vulnType=os\,library"
-```
-
-## Storage
-
-This chart uses a PersistentVolumeClaim to reduce the number of database downloads between POD restarts or updates. The storageclass should have the reclaim policy `Retain`.
-
-## Caching
-
-You can specify a Redis server as cache backend. This Redis server has to be already present. You can use the [bitnami chart](https://bitnami.com/stack/redis/helm).
-More Information about the caching backends can be found [here](https://trivy.dev/docs/latest/configuration/cache/#scan-cache-backend).
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/templates/NOTES.txt b/packs/cks-trivy-0.21.1/charts/trivy/templates/NOTES.txt
deleted file mode 100644
index 443a853e..00000000
--- a/packs/cks-trivy-0.21.1/charts/trivy/templates/NOTES.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-You should be able to access Trivy server installation within
-the cluster at http://{{ include "trivy.fullname" . }}.{{ .Release.Namespace }}:{{ .Values.service.port }}
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/templates/_helpers.tpl b/packs/cks-trivy-0.21.1/charts/trivy/templates/_helpers.tpl
deleted file mode 100644
index 28d83fcf..00000000
--- a/packs/cks-trivy-0.21.1/charts/trivy/templates/_helpers.tpl
+++ /dev/null
@@ -1,55 +0,0 @@
-{{/* vim: set filetype=mustache: */}}
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "trivy.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "trivy.fullname" -}}
-{{- if .Values.fullnameOverride -}}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- $name := default .Chart.Name .Values.nameOverride -}}
-{{- if contains $name .Release.Name -}}
-{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "trivy.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Common labels
-*/}}
-{{- define "trivy.labels" -}}
-app.kubernetes.io/name: {{ include "trivy.name" . }}
-helm.sh/chart: {{ include "trivy.chart" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end -}}
-
-{{/*
-Return the proper imageRef as used by the container template spec.
-*/}}
-{{- define "trivy.imageRef" -}}
-{{- $registryName := .Values.image.registry -}}
-{{- $repositoryName := .Values.image.repository -}}
-{{- $tag := .Values.image.tag | default .Chart.AppVersion | toString -}}
-{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
-{{- end -}}
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/templates/configmap.yaml b/packs/cks-trivy-0.21.1/charts/trivy/templates/configmap.yaml
deleted file mode 100644
index 75dfb35d..00000000
--- a/packs/cks-trivy-0.21.1/charts/trivy/templates/configmap.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "trivy.fullname" . }}
-  labels:
-{{ include "trivy.labels" . | indent 4 }}
-data:
-  TRIVY_LISTEN: "0.0.0.0:{{ .Values.service.port }}"
-  TRIVY_CACHE_DIR: "/home/scanner/.cache/trivy"
-{{- if .Values.trivy.cache.redis.enabled }}
-  TRIVY_CACHE_BACKEND: {{ .Values.trivy.cache.redis.url | quote }}
-  TRIVY_CACHE_TTL: {{ .Values.trivy.cache.redis.ttl | quote }}
-  TRIVY_REDIS_TLS: {{ .Values.trivy.cache.redis.tls | quote }}
-{{- end }}
-  TRIVY_DEBUG: {{ .Values.trivy.debugMode | quote }}
-  TRIVY_SKIP_DB_UPDATE: {{ .Values.trivy.skipDBUpdate | quote }}
-  TRIVY_DB_REPOSITORY: {{ .Values.trivy.dbRepository | quote }}
-{{- if .Values.httpProxy }}
-  HTTP_PROXY: {{ .Values.httpProxy | quote }}
-{{- end }}
-{{- if .Values.httpsProxy }}
-  HTTPS_PROXY: {{ .Values.httpsProxy | quote }}
-{{- end }}
-{{- if .Values.noProxy }}
-  NO_PROXY: {{ .Values.noProxy | quote }}
-{{- end }}
-{{- with .Values.trivy.extraEnvVars }}
-  {{- . | toYaml | nindent 2 }}
-{{- end }}
-{{- if .Values.trivy.sslCertDir }}
-  SSL_CERT_DIR: {{ .Values.trivy.sslCertDir | quote }}
-{{- end }}
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/templates/ingress.yaml b/packs/cks-trivy-0.21.1/charts/trivy/templates/ingress.yaml
deleted file mode 100644
index fc4a59fc..00000000
--- a/packs/cks-trivy-0.21.1/charts/trivy/templates/ingress.yaml
+++ /dev/null
@@ -1,53 +0,0 @@
-{{- if .Values.ingress.enabled -}}
-{{- $fullName := include "trivy.fullname" . -}}
-{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
-apiVersion: networking.k8s.io/v1
-{{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }}
-apiVersion: networking.k8s.io/v1beta1
-{{- else }}
-apiVersion: extensions/v1beta1
-{{- end }}
-kind: Ingress
-metadata:
-  name: {{ include "trivy.fullname" . }}
-  namespace: {{ .Release.Namespace }}
-  labels:
-{{ include "trivy.labels" . | indent 4 }}
-  {{- with .Values.ingress.annotations }}
-  annotations:
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
-spec:
-{{- if and (.Values.ingress.ingressClassName) (semverCompare ">= v1.18.0" .Capabilities.KubeVersion.Version) }}
-  ingressClassName: {{ .Values.ingress.ingressClassName }}
-{{- end }}
-{{- if .Values.ingress.tls }}
-  tls:
-  {{- range .Values.ingress.tls }}
-    - hosts:
-      {{- range .hosts }}
-        - {{ . | quote }}
-      {{- end }}
-      secretName: {{ .secretName }}
-  {{- end }}
-{{- end }}
-  rules:
-  {{- range .Values.ingress.hosts }}
-    - host: {{ .host | quote }}
-      http:
-        paths:
-          - path: {{ $.Values.ingress.path }}
-        {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" }}
-            pathType: {{ $.Values.ingress.pathType }}
-            backend:
-              service:
-                name: {{ $fullName }}
-                port:
-                  number: {{ $.Values.service.port -}}
-          {{- else }}
-            backend:
-              serviceName: {{ $fullName }}
-              servicePort: {{ $.Values.service.port -}}
-          {{- end }}
-  {{- end }}
-{{- end }}
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/templates/podsecuritypolicy.yaml b/packs/cks-trivy-0.21.1/charts/trivy/templates/podsecuritypolicy.yaml
deleted file mode 100644
index 45396677..00000000
--- a/packs/cks-trivy-0.21.1/charts/trivy/templates/podsecuritypolicy.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-{{- if .Values.rbac.pspEnabled }}
-  {{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
-apiVersion: policy/v1beta1
-kind: PodSecurityPolicy
-metadata:
-  name: {{ include "trivy.fullname" . }}
-  {{- with .Values.rbac.pspAnnotations }}
-  annotations:
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
-  labels:
-{{ include "trivy.labels" . | indent 4 }}
-spec:
-  privileged: false
-  allowPrivilegeEscalation: false
-  volumes:
-    - 'configMap'
-    - 'emptyDir'
-    - 'persistentVolumeClaim'
-    - 'secret'
-    - 'projected'
-    - 'downwardAPI'
-  hostNetwork: false
-  hostIPC: false
-  hostPID: false
-  runAsUser:
-    rule: 'MustRunAsNonRoot'
-  seLinux:
-    rule: 'RunAsAny'
-  supplementalGroups:
-    rule: 'MustRunAs'
-    ranges:
-    - min: 1
-      max: 65535
-  fsGroup:
-    rule: 'MustRunAs'
-    ranges:
-    - min: 1
-      max: 65535
-  readOnlyRootFilesystem: true
-  requiredDropCapabilities:
-    - ALL
-  {{- end }}
-{{- end }}
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/templates/role.yaml b/packs/cks-trivy-0.21.1/charts/trivy/templates/role.yaml
deleted file mode 100644
index 461ec60f..00000000
--- a/packs/cks-trivy-0.21.1/charts/trivy/templates/role.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{- if .Values.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: {{ include "trivy.fullname" . }}
-  labels:
-{{ include "trivy.labels" . | indent 4 }}
-  namespace: {{ .Release.Namespace }}
-{{- if .Values.rbac.pspEnabled }}
-  {{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
-rules:
-- apiGroups:      ['policy']
-  resources:      ['podsecuritypolicies']
-  verbs:          ['use']
-  resourceNames:  [{{ include "trivy.fullname" . }}]
-  {{- end }}
-{{- end }}
-{{- end }}
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/templates/rolebinding.yaml b/packs/cks-trivy-0.21.1/charts/trivy/templates/rolebinding.yaml
deleted file mode 100644
index 8b35061b..00000000
--- a/packs/cks-trivy-0.21.1/charts/trivy/templates/rolebinding.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-{{- if .Values.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: {{ include "trivy.fullname" . }}
-  labels:
-{{ include "trivy.labels" . | indent 4 }}
-  namespace: {{ .Release.Namespace }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: {{ include "trivy.fullname" . }}
-subjects:
-- kind: ServiceAccount
-  name: {{ include "trivy.fullname" . }}
-{{- end }}
\ No newline at end of file
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/templates/secret.yaml b/packs/cks-trivy-0.21.1/charts/trivy/templates/secret.yaml
deleted file mode 100644
index 0aa79c8a..00000000
--- a/packs/cks-trivy-0.21.1/charts/trivy/templates/secret.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-{{- if not .Values.trivy.existingSecret }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "trivy.fullname" . }}
-  labels:
-{{ include "trivy.labels" . | indent 4 }}
-type: Opaque
-data:
-  GITHUB_TOKEN: {{ .Values.trivy.gitHubToken | default "" | b64enc | quote }}
-  TRIVY_TOKEN: {{ .Values.trivy.serverToken | default "" | b64enc | quote }}
-{{- if not .Values.trivy.registryCredentialsExistingSecret }}
-  TRIVY_USERNAME: {{ .Values.trivy.registryUsername | default "" | b64enc | quote }}
-  TRIVY_PASSWORD: {{ .Values.trivy.registryPassword | default "" | b64enc | quote }}
-{{- end -}}
-{{- end }}
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/templates/service.yaml b/packs/cks-trivy-0.21.1/charts/trivy/templates/service.yaml
deleted file mode 100644
index 8744b220..00000000
--- a/packs/cks-trivy-0.21.1/charts/trivy/templates/service.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ .Values.service.name | default (include "trivy.fullname" .) }}
-  labels:
-{{ include "trivy.labels" . | indent 4 }}
-spec:
-  type: {{ .Values.service.type | default "ClusterIP" }}
-  selector:
-    app.kubernetes.io/name: {{ include "trivy.name" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-  ports:
-    - name: trivy-http
-      protocol: TCP
-      port: {{ .Values.service.port | default 4954 }}
-      targetPort: {{ .Values.service.port | default 4954 }}
-  sessionAffinity: {{ .Values.service.sessionAffinity | default "ClientIP" }}
-
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/templates/serviceaccount.yaml b/packs/cks-trivy-0.21.1/charts/trivy/templates/serviceaccount.yaml
deleted file mode 100644
index 2b10e906..00000000
--- a/packs/cks-trivy-0.21.1/charts/trivy/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: {{ include "trivy.fullname" . }}
-  labels:
-{{ include "trivy.labels" . | indent 4 }}
-{{- if (.Values.trivy.serviceAccount).annotations }}
-  annotations:
-{{ toYaml .Values.trivy.serviceAccount.annotations | indent 4 }}
-{{- end }}
-  namespace: {{ .Release.Namespace }}
\ No newline at end of file
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/templates/statefulset.yaml b/packs/cks-trivy-0.21.1/charts/trivy/templates/statefulset.yaml
deleted file mode 100644
index 7d7211c3..00000000
--- a/packs/cks-trivy-0.21.1/charts/trivy/templates/statefulset.yaml
+++ /dev/null
@@ -1,148 +0,0 @@
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
-  name: {{ include "trivy.fullname" . }}
-  labels:
-{{ include "trivy.labels" . | indent 4 }}
-    {{- with .Values.trivy.labels }}
-    {{- toYaml . | nindent 4 }}
-    {{- end }}
-spec:
-  podManagementPolicy: "Parallel"
-  serviceName: {{ include "trivy.fullname" . }}
-  replicas: {{ .Values.replicaCount }}
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: {{ include "trivy.name" . }}
-      app.kubernetes.io/instance: {{ .Release.Name }}
-  {{- if .Values.persistence.enabled }}
-  volumeClaimTemplates:
-    - apiVersion: v1
-      kind: PersistentVolumeClaim
-      metadata:
-        name: data
-      spec:
-        resources:
-          requests:
-            storage: {{ .Values.persistence.size }}
-        accessModes:
-          - {{ .Values.persistence.accessMode }}
-        storageClassName: {{ .Values.persistence.storageClass }}
-  {{- end }}
-  template:
-    metadata:
-      annotations:
-        checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
-      {{- with .Values.podAnnotations }}
-        {{- . | toYaml | nindent 8 }}
-      {{- end }}
-      labels:
-        app.kubernetes.io/name: {{ include "trivy.name" . }}
-        app.kubernetes.io/instance: {{ .Release.Name }}
-        {{- with .Values.trivy.labels }}
-        {{- toYaml . | nindent 8 }}
-        {{- end }}
-    spec:
-      serviceAccountName: {{ include "trivy.fullname" . }}
-      automountServiceAccountToken: false
-      {{- if .Values.podSecurityContext }}
-      securityContext:
-{{ toYaml .Values.podSecurityContext | indent 8 }}
-      {{- end }}
-      {{- if .Values.image.pullSecret }}
-      imagePullSecrets:
-        - name: {{ .Values.image.pullSecret }}
-      {{- end }}
-      {{- if .Values.nodeSelector }}
-      nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 8 }}
-      {{- end }}
-      {{- if .Values.tolerations }}
-      tolerations:
-{{ toYaml .Values.tolerations | indent 8 }}
-      {{- end }}
-      {{- if .Values.affinity }}
-      affinity:
-{{ toYaml .Values.affinity | indent 8 }}
-      {{- end }}
-      containers:
-        - name: main
-          image: {{ template "trivy.imageRef" . }}
-          imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
-          {{- if .Values.securityContext }}
-          securityContext:
-{{ toYaml .Values.securityContext | indent 12 }}
-          {{- end }}
-          args:
-            - server
-          {{- if .Values.trivy.registryCredentialsExistingSecret }}
-          env:
-            - name: TRIVY_USERNAME
-              valueFrom:
-                secretKeyRef:
-                  name: {{ .Values.trivy.registryCredentialsExistingSecret }}
-                  key: TRIVY_USERNAME
-            - name: TRIVY_PASSWORD
-              valueFrom:
-                secretKeyRef:
-                  name: {{ .Values.trivy.registryCredentialsExistingSecret }}
-                  key: TRIVY_PASSWORD
-          {{- end }}
-          envFrom:
-            - configMapRef:
-                name: {{ include "trivy.fullname" . }}
-            - secretRef:
-                {{- if not .Values.trivy.existingSecret }}
-                name: {{ include "trivy.fullname" . }}
-                {{- else }}
-                name: {{ .Values.trivy.existingSecret }}
-                {{- end }}
-          ports:
-            - name: trivy-http
-              containerPort: {{ .Values.service.port }}
-          livenessProbe:
-            httpGet:
-              scheme: HTTP
-              path: /healthz
-              port: trivy-http
-            initialDelaySeconds: 5
-            periodSeconds: 10
-            successThreshold: 1
-            failureThreshold: 10
-          readinessProbe:
-            httpGet:
-              scheme: HTTP
-              path: /healthz
-              port: trivy-http
-            initialDelaySeconds: 5
-            periodSeconds: 10
-            successThreshold: 1
-            failureThreshold: 3
-          volumeMounts:
-            - mountPath: /tmp
-              name: tmp-data
-              readOnly: false
-            - mountPath: /home/scanner/.cache
-              name: data
-              readOnly: false
-          {{- with .Values.trivy.sslCertDir }}
-            - mountPath: {{ . }}
-              name: ssl-cert-dir
-              readOnly: true
-          {{- end }}
-          {{- if .Values.resources }}
-          resources:
-{{ toYaml .Values.resources | indent 12 }}
-          {{- end }}
-      volumes:
-        - name: tmp-data
-          emptyDir: {}
-        {{- if not .Values.persistence.enabled }}
-        - name: data
-          emptyDir: {}
-        {{- end }}
-        {{- with .Values.trivy.sslCertDir }}
-        - name: ssl-cert-dir
-          hostPath:
-            path: {{ . }}
-        {{- end }}
diff --git a/packs/cks-trivy-0.21.1/charts/trivy/values.yaml b/packs/cks-trivy-0.21.1/charts/trivy/values.yaml
deleted file mode 100644
index 177a62fa..00000000
--- a/packs/cks-trivy-0.21.1/charts/trivy/values.yaml
+++ /dev/null
@@ -1,165 +0,0 @@
-nameOverride: ""
-fullnameOverride: ""
-
-image:
-  registry: docker.io
-  repository: aquasec/trivy
-  # tag is an override of the image tag, which is by default set by the
-  # appVersion field in Chart.yaml.
-  tag: ""
-  pullPolicy: IfNotPresent
-  pullSecret: ""
-
-replicaCount: 1
-
-persistence:
-  enabled: true
-  storageClass: ""
-  accessMode: ReadWriteOnce
-  size: 5Gi
-
-resources:
-  requests:
-    cpu: 200m
-    memory: 512Mi
-  limits:
-    cpu: 1
-    memory: 1Gi
-
-rbac:
-  create: true
-  pspEnabled: false
-  pspAnnotations: {}
-
-podSecurityContext:
-  runAsUser: 65534
-  runAsNonRoot: true
-  fsGroup: 65534
-
-securityContext:
-  privileged: false
-  readOnlyRootFilesystem: true
-
-## Node labels for pod assignment
-## Ref: https://kubernetes.io/docs/user-guide/node-selection/
-nodeSelector: {}
-
-## Affinity settings for pod assignment
-## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
-affinity: {}
-
-## Tolerations for pod assignment
-## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
-tolerations: []
-
-## Annotations for pods created by statefulset
-## Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
-podAnnotations: {}
-
-trivy:
-  # debugMode the flag to enable Trivy debug mode
-  debugMode: false
-  # gitHubToken the GitHub access token to download Trivy DB
-  #
-  # Trivy DB contains vulnerability information from NVD, Red Hat, and many other upstream vulnerability databases.
-  # It is downloaded by Trivy from the GitHub release page https://github.com/aquasecurity/trivy-db/releases and cached
-  # in the local file system (`/home/scanner/.cache/trivy/db/trivy.db`). In addition, the database contains the update
-  # timestamp so Trivy can detect whether it should download a newer version from the Internet or use the cached one.
-  # Currently, the database is updated every 12 hours and published as a new release to GitHub.
-  #
-  # Anonymous downloads from GitHub are subject to the limit of 60 requests per hour. Normally such rate limit is enough
-  # for production operations. If, for any reason, it's not enough, you could increase the rate limit to 5000
-  # requests per hour by specifying the GitHub access token. For more details on GitHub rate limiting please consult
-  # https://developer.github.com/v3/#rate-limiting
-  #
-  # You can create a GitHub token by following the instructions in
-  # https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line
-  gitHubToken: ""
-
-  # Docker registry credentials
-  # See also: https://trivy.dev/docs/latest/advanced/private-registries/docker-hub/
-  #
-  # Either
-  # Directly in this file
-  #
-  # TRIVY_USERNAME
-  registryUsername: ""
-  # TRIVY_PASSWORD
-  registryPassword: ""
-  #
-  # Or
-  # From an existing secret
-  #
-  # The secret must be Opaque and just contain "TRIVY_USERNAME: your_user" and "TRIVY_PASSWORD: your_password" as k/v pairs.
-  # NOTE: When this is set the previous parameters are ignored.
-  #
-  # registryCredentialsExistingSecret: name-of-existing-secret
-  # skipDBUpdate the flag to enable or disable Trivy DB downloads from GitHub
-  #
-  # You might want to enable this flag in test or CI/CD environments to avoid GitHub rate limiting issues.
-  # If the flag is enabled you have to manually download the `trivy.db` file and mount it in the
-  # `/home/scanner/.cache/trivy/db/trivy.db` path (see `cacheDir`).
-  skipDBUpdate: false
-  # OCI repository to retrieve the trivy vulnerability database from
-  dbRepository: ghcr.io/aquasecurity/trivy-db
-  # Trivy supports filesystem and redis as caching backend
-  # https://github.com/aquasecurity/trivy#specify-cache-backend
-  # This location is only used for the cache, not the db storage: https://github.com/aquasecurity/trivy/issues/765#issue-756010345
-  #
-  # In case you specify redis as backend, make sure you installed a redis server yourself, e.g.
-  # https://bitnami.com/stack/redis/helm
-  #
-  # In case redis is not enabled, the filesystem will be used
-  cache:
-    redis:
-      enabled: false
-      url: ""  # e.g. redis://redis.redis.svc:6379
-      ttl: ""  # e.g 3600s, 24h
-      tls: false
-  serviceAccount:
-    annotations: {}
-      # eks.amazonaws.com/role-arn: arn:aws:iam::ACCOUNT_ID:role/IAM_ROLE_NAME
-  # If you want to add custom labels to your statefulset and podTemplate
-  labels: {}
-  # serverToken is the token to authenticate Trivy client with Trivy server.
-  serverToken: ""
-  # existingSecret if an existing secret has been created outside the chart.
-  # Overrides gitHubToken, registryUsername, registryPassword, serverToken
-  existingSecret: ""
-  # extraEnvVars to be set on the container
-  extraEnvVars: {}
-  # sslCertDir can be used to override the system default locations for SSL certificate files directory, example: /ssl/certs
-  sslCertDir: ""
-
-service:
-  # If specified, the name used for the Trivy service.
-  name:
-  # type Kubernetes service type
-  type: ClusterIP
-  # port Kubernetes service port
-  port: 4954
-  # sessionAffinity Kubernetes service session affinity
-  sessionAffinity: ClientIP
-
-ingress:
-  enabled: false
-  # From Kubernetes 1.18+ this field is supported in case your ingress controller supports it. When set, you do not need to add the ingress class as annotation.
-  ingressClassName:
-  annotations: {}
-    # kubernetes.io/ingress.class: nginx
-  hosts:
-    - host: trivy.example.com
-  path: "/"
-  # type is only needed for networking.k8s.io/v1 in k8s 1.19+
-  pathType: Prefix
-  tls: []
-  #  - secretName: trivy-example-tls
-  #    hosts:
-  #      - trivy.example.com
-
-# httpProxy the URL of the HTTP proxy server
-httpProxy:
-# httpsProxy the URL of the HTTPS proxy server
-httpsProxy:
-# noProxy the URLs that the proxy settings do not apply to
-noProxy:
diff --git a/packs/cks-trivy-0.21.1/logo.png b/packs/cks-trivy-0.21.1/logo.png
deleted file mode 100644
index 3048e8ce67f2a77e0e4534d110885b106cf67152..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 50574
zcmeFZWq4b?vM_2poHoqN%ndip+%PnphMAe1rs0N}nXzGJPTDXtGc$kbe)l<N-|sp1
z-~D;5$JVUTkTmjWmX_=gg)b5a@VM{*002QsQd9{509wDlePN;BG2e-js^2R}Qz1Da
z0N_{Thi3z*_iJK9NhLV|z=IM10RI309^X;meE`6j82~uc2LL`N0RUKbY0Zkf?+rhU
zHKa`B<N&nqFf0HHhzfvshk)+|0K^6SmG%w+q=9(<4J!eu|4jn|0D{Z`kpHI9e6Rn4
z^nXA8yN1XD{*S~g(0@?_t+OEh8}|Lnw}1G<@V$bwll<xk05FpMeFNR{1zZ3CkeRuP
zhLeVz>}Nw;YeoYj+i%8<Zq{~xxd6OwpWi`iV<!V*H)|^!$Iotjr2nG${0{#`Gm#Si
zi^R#2k5ofWfmp=W!I+qXk(rU1lpmg$n3&hW$mFw<sQACx->>*c&77R<J~J`7y1FvD
zvNGB_m@=_&b8|B>e`5OdiQ%1s!O`8u$-s@l#*yqFA^#;u)Y#F`!Q9Tt+}4KpuUvy~
zw$4s`q@;fp{rBr1JDto;{zsFI<G;K0-a)3nElezo%uN3qo3Weu{|npSmVem()vtfl
z@%|O|S>D0i_}$>YX7RJ|{!79C1NT4X{X?&0>}YG{{FhwS#@vbj)4y5%FZ6$K{nh<h
z!Q9Q*>Z_=^wXu!kUrn4G?7U3>Ys>%2sqr72pSb^%^FLbtZ%z?gD_aL;I|D=Gza9IR
zvj0H+o0^yDuP^??H~%>PU)Xog^TYEp{r4>5hsSpM_#FTc1W1Vrski};(_y?!#BT1!
zV(U{++7ijN_WPt!giyq)z&giSzBD<c?O9oDK)NhaeIY><WKS_<D6y1p**)F$Ml}oV
zsd8fld}nu@j(bC~$Bf6j?lE#Md)tnVXO3sf$*iWQ&%2|^tgI%{IgtN<`Tu?d0`njz
z51gb2qKx=I5l|q%m#RWZV&GACl%9`iMNgYs1ZwcV3N|F_AhcP<p2JU6t>!UBW>}4%
z^rCS86xb*TYDdOhuGHLwEx3p+{~wKvo57T^#8Lm|#+HPG1w-|c$W_R%yQSrFzJ%gE
znFNfqqMi0R#tHsY1f&7Te*jE#Fm}%oWZ4zBPU`CF&80Q5cmzYgG5_f8VKdcpeK^l;
zYatq;7XQc6_2Vg_kKj}Ch*GY4yWr2LS+^bCZxw$4%gYCvT^-8Ro58oI#6SOS!(bvL
zKy#ry-DLEu=H&pl1sAU|grkJxXPxlPw%6$MIMx(bT!hwC!p+M%KY@zeHXc~AjNE@s
zxkp-HXKlmE<IVCDmV_|q8?ZWfD$uuZD$<8I-3O5WEEHkNBv*(>_hLvSP8n-;-k!XM
z@h*bZB+-uP-y(7#T?9c3fZ-cZgcdglt_-R(12>^?YE1js@6n+1G1?v9vDugD4Ne@L
zJC1yt{p#F@&y{H#o1~u0wDyrepA|X;6<YyL^sW$y;VNq-K@Kn*{x}&gEj9Eda`zEG
zqJ~@iusvH*tE3Z&w0<UK=6TiXL_$z212f*SV(S|kOk7Ie8D>pHxJi$$A;%S{rnqv~
z=ht|0jq^E^+1%JwzgV7Ui!O!r${9M*BLR)HKC>k8_gj7HfI<IQ0C6!Kv%XP@GUxq^
z&zD5I(J9+gC%~xKkM(MTtk={9X~G6RNDcYT-v-N-Bx(FdR%uY4P^&ueV9v;XuWqYb
zbCa#xJ(z7=V16?2%(Kyx--~yXP~toRn-l>RZvQ9(ouW#H0>E{|Lk~#~RSY`n;nw+c
zfr~ik=bXL1{8HvUS@!t3Ch!b6yG%n(CdrP4c%&1R@dgUctu3TPvr4{pu8~p)t)8*d
zrEmBf;!z<KuT5@ZY{K9tMwe-VE+_~a5`({shNAAf!ikQbx}pp~>PmtZ1P5=dx^)LH
zSl+%gqvgpOz(+&d%zkvKXq~a@*#lVkV5x!gjvCFjVLL~6Txj6P*6TM+P5|B$qBRF=
zJ6sW#oJZ+gEuUlAl=C{^h}9u32>@CUNfB5TP>1hP3R)Y4QVXNK%_1a4jQ8BgxH0<`
zf6xBslpz?cob#7f17}kCD;kXEuj}Pa?&qE_>AGX?5}hgfOF8J)KQ_&5#g=@~G&zUl
z`F}>OJK)N?r1<t5U2-8YLYA>)U2&zzk_Sq*2)=7@^&7w2CI|9(J1!JNHC#QRM(FGR
zsn+rzKOz!sd4<RJ#?lX`O#3FB%NnpP6IzQ^oQy4!;OTkCReQfssDG!sk9O{#VL@vY
zi~?8N0qbU%d$Inzj`e8YHILfwH9-*a<Tb(WrvMqyyb!qF$e#q0XrHwiYShqgNv^uy
zG1M$JUtY;s+CuwFD-q3zVgnmIN=L(upcw(xN(ER3H<-b5Tzx(3-ueOj5<T~fp>TW3
z5n;*IF6+ZViJ%Ca1Kmj~f?jC-U>9F#SFxMO0Y%2p=ZzWN<yYK))~R<pZB}Ni8*KW-
z+b;La<}<fZRLEOypcxOjL7j&}?KB}g?CHTxHhNI5)NicgmxXPJMT|G|Hh)$b)-h-7
zw7V}v0I6l%>V0f;6RQjdqK8;;`!eC^6yr>&fL=B;n819t5V5&J2kk+YaFNAQ=x1Jl
z3x{D%`;rv~;{t&UKvov>a!jUjCk;@tii1qrhVF9Z6t8|Pk?~__+o~pnNnUB7i$~5d
zc6h#pXv0sI(pM31NvkY<eU`vXx})>%nk&XhY?7?}GukDa7jYlG;pi;F0%TJYJH$CR
z|7Sd9*i+ZvX7iJ61o~=@B$mAu#J?(QCo1yYVX(R`upm~6KH;fmFz<-d<*UMY-dSr~
zIv|!uz}QyA&%KYCd+fVsT0=gGlfy}ld=%`v(OrH-9ca1v*!|Ct0hUU9t<=KIwH{qa
z^pkXdL#^UNROrNRtK}V%oSU4p1}KLeuQapYNQ{<wm41c06KfyHqB@jgbMT7YIvUJo
zG4IT2!}Ajzj)c6<77Ilk{0aic>T}BSnW~K0^;F3_{v7x2;tnok{<y``*SgDTV#&Yj
z^H{u>+ElRvD|kSJ5b*{lfB9)bb~M5na9fI9)EW#N$pu^RD%5A7cA&53JFk`Sl3#}0
zo^~l_iKK+VE{ZhYyYO9s75i-%Z0^HfIuZWFA8@)h>)bcjGv7Sx0-jL8PkPuG%+`f&
ze802SvLG!J{dC{VT({R&R1aiNIZ_VJYvd(x1jd7wJfxr3+_PvdkmvyK8f@T5l`<)i
zg<8gPmTL4My{=D;mdf>hpN()kVSaXRVK>|Hnft_<|F|T}*Fj^ykt&m9K{!Ot8z;FS
z<@gh_)!gZ`Vo`j6l%CktE8qpb)?RUp=E7qm2tSb&(Rk5(RonIOvr=5=pTCjvk0f27
zGb*5}M(18ouO)bETa>q23oA=V27=QPl&iM-tsaF*V1*_P=3Ds$L<9h=jmRzS=Bm7j
zQ)Q(mv^u!X)=z4RKL9?&&dfcgxmbO@!XWg*>$DMx_#&>2RF_~m7(aX3YX^C<Qq1<m
z%>=THv2*!a5#;!SgSb#(+;hr)(~5Z4Ca~EbbW0;i3%xXjo4Yi~64!-$+aP8m&CBuN
za;f1#ugMucZFIc)Y0K97%qNtZje@YJolqins9qHJ%v$Sx);2ICx^c>Yz@hE2R?34s
z58iMC?fe=EE1GK2&PZ80dKUFNy0Ro&Kt@?O8;)G0wx`zty$J?j%komofDfi8r+>NO
z-Iv}x=T1+0peGDcJHSn#0sykDK+%7XC?_)S<8*6`mPzbqMZEEtzx?<KrX){NKb`O9
z*}Mj0j@A8QDP*OY9(cqD6{M0riJv5{6bm>t))tAa6u;^}vcFe(YuSstcd^kO$fmhy
z%;!or9hLvPSP}oVy(S-}k`)z@#oF0bXTt2`x5b9I_X1vN_B?d|z;PJgz<Tq{`Ys-{
z{Z(E;ZEuM{j%52VfChLLCx~lbH)khI$y)IZZhmgcG#ZOMj*kpo1l4svWBv|kd*YtV
zB1U8O-UH(IU?qflaZC=-Fthu(Y^OX1g>P!-6>SJFA)j^7=~G&~S1J&$)`Z$}V+C5D
z-J5Mh)GYM0M0yRvPiw<_s5M+Bx?q&0d_%I0RVPNHA}ii?i#96geG6JkL47lY3%|4r
zC-1;uREh&XS>#~nKtdu4M_IMpTs$Z2QpLi?HJ<zJY3HiGp`ARI%JRMO=_6F+nb@^x
zZfNh{Gf8#=Sp@<~a+7_eTk&7|r|grxs~7g&r8>*s75s$3E%VX^Lau6`(YO?dQeM<D
z!0m^H)&|KC;~_V$!q~%>twjgt&rM(T&6nGLT6&J}wP8?(UGX)akJc3g0bALbQ)NTc
z_lr51DPBdHy@f9sTW%TyC%7d!9Iv$S^&qP13|mP<lsD0&PKpa*7d<V8Vr>PpqLh<7
z5MvtC4QnYaXpk1T#Vs5^-FST%$(?-;#R)IGz;=)+u-W{^Dghwp+qZ?!v>M;<u{E8M
zLY=FlPTO%TI^P&)T|v8vpnATQe>&+nN(PS+SSF)J78~tS0PZKMeu}r(g{?c>H)5~1
ze|;w3!7S{()7toW8r*{=(Ae~Ic}Eqb;*pJmy>7aF@nqzqH_8$OG3>B$WOPwbcL$ii
zCuk4=YRJnoYi^mmNIkMafDbk4Yx*Th;%X3=kF*UZ{@|1fH3!rnQm^cewY?R(t+n+$
z6>n&dXqUOgMXYXkV?}O$6eKE<Tn~_NC%fD(=v8l`pD$8oPWBqM>K5XMf`@j=cMnsX
zc)@@7FWBc?<8BMJ3bmh5bR%rpzq)nLBwo7W@=v`MQQvz=(%s3+Dc++gZ%CBoTe}tz
zxM{uEg(Tbijy?m4pjqNcC;!%)0#-ByvJqkyv!p@Qvf&?BTACv`T(YjyBu1cXR~kp)
zJOh5_|E8@<^$W=tB4qFoz$d{=z7xjJb#tW`5MDf#8+?v^`A#|%A6K=hsB8YQC+<E3
zJ*1#FGHna(obkIfFZeE8+ZXP<LJ2U;zIBkh7VTmSw_h4k3nMA0i4(t!U}UfJC4p)8
zULnT$L5uZ9yOdK%E*^X%KgyxAe=&99!T4J<#R`DS=vaW97(*a8T|Ew#yX2qPRMP$|
ztIV8&O6NlWqq$%86`!jnZvBG}WFuxaw<Xn$aII+_r>3*~8P{)Ih3R3hPux!SCO%=#
zF_B+*^*(boKnz-gA227aw7M>APhV<ytbY}Vcq%uGi)!*A1Z(lDf$=UojWcO_S)%s`
zB|PKh9UsdZ;o3uZOM!kKUqULk{>*Vz<Y+f26l^N3P)RXN+Ry{N8KPYb;Uqthc^VvY
z)26e?jh%B(eMHuuu+=VQ24Di}50U7TA4!lj`;1!`I{m%A@F4*LCX3*xFH0onVszW&
zV|fs>g0jsc+-Md}pk|{MWMxq#Ar7k_Ftfz&V4Mv|qq)sKWR+QuX#&Oy`rHP2e^{Na
z<Aj8IOO*;%9BmRLH<gcHLamDyevLQxfF?L+`59<2i)Gj7#eNsPFnfDy>b6DN`IwlN
z?~F$Mp74dO#FLtx6;R0RIG@Ml>vRN_>30809CLUN%_;kfPtVg=^}bnkpn~d$UF*Xp
z4U{537aKncHUox%#gJLrHU(l05BTBR4g4p-v?GwN_KW$SB~qYze}8skjno(@z;vk@
zt9u`3BTbC@2hy0+t~(5%1Wr_Lq|@~HG5ij2?CNr*E9p<l(=ydLGf0zh%=XYUl_wtF
zUt-C9aCM2@A7q+o!C@mnG&L*Jx!MOI7xI<~f^8L9c*5FzTM+{-JxaSKww^>k%tLEf
zVh$v7M_hnVG)(3A)}GM|qRxQgbD-HD)YQ5CmD|FS(R5Jf(y|{Gvl?oK{B`WP0pa2T
zr_2DjEXMT1y8UBv*7Y=R<+<L}q!mwrgC|?T+59=Wz}|1uTNRWT>}tQ1pSQTio}uKP
zCHUpP_yEdP92y!Z_V^*(qS8mjV?$z~MG%&^OUGN~g>@&dvon-8Rn69R#^c;Hag1pe
zTPT87LavQP7v;#KbcC8_sh6?1`TvmU)bCa7F|dPgtdGas81;*huTZmqQI8+lT2tH;
zCF@peV@}IlxJ<;d7O|Tj(R8=i`wh&l8F{HD)QDe%*FO#pbF54ZCkJN5t_ow#og$k(
zQhT>Ps}t4**#U9wfw*2IlnMGUYZ>B|iJn)}T4aeQZT3)M75v@UooC~NzS#}IscdZF
zD<|YgzBo;dg*<Oe6xM`}vOLxFDML>8wvPBmS6TD#6Mdk5%j=}$gPWzY@uyQcBY0eM
zv%gF3IHSM-U%XP3=!+AE%HwJ>KFG@IV`t)AzluGOyZNm2wA<zdrQ+ZgYixsZeQy>X
zZZREnN*~}VvkqC6kgjPSvOUakA=>$9Y!+-GQ!R-GWUXb0+HJBrsb;mTs&Z#H#l=U!
ztsimf^xks@CP8H(?#Z?eiQO+!lz)E!+-VC&28w9<!Z~0gVuuQ_Q}&?fplI6I9(FMy
z)v(*2Q0v{{BW&=2@7>P>H;-!1J~1JcPJO^%GK`X7l8hO%(v^TdVN)Vo{XQ%AITmS$
z0jrX<pl`Slc38y$xYn16&af8J7{d4+wI7)>-YJiS7D$^t%(N5`sd>yX$v1BbryQ*8
zoKL8fILG&M<&jRG&AHJH(iu<RfzgZKY3-G#YJJ9_m#V4)ROVH}@p=Rp{zWg>j72<j
zCAiR;h~V)a&{S`?OavP@-2X(fPzU4Wyb!JOW^IdpHbv|UpA!q^<&OL4cfa62E!dd`
z{lG>e=>@x6jTE4MrRKof`CD+m2!ac6k5Y4Ap5ccqkWHw`Wp0vcm7)$@MPgoggTC)r
z8u+RquE}QN4Q;z4Ga94U#OlJ}+Gk-X5E=ABlaz{i{&8_}wOmNr?~e42>wS6#lE^GQ
zH3wM*-lF&Cvn#?uMNVe1eRjqf2zmUSp5b!jQQL7y^j%q<JVlRNXk2aOM+^Y+v@iW0
zYqe)|-Q-RcSk|gr9n}{#{#wu)0Tiq47UTnKo*ha`)-d2Dd^g73hDg)0z38kY?v`}z
zpUz@vpT6g6hiaErAT`@UCO$$gYC{f?3>ZB>eQpYivGjnG9)0+cixEWKWJv)7TprM0
z<xVry1A8$F{w$^#zXi0m5uU$d@ulLKgKfrQ1Q3)nb*STEb{z4KBP1Z-?+}MwCtBAI
zJmF6RQ&B7Fj1x}dbbi05c6CzzM1{R%QQ6|OFOnjXAQcYPPUahY)de{|f!La9Ib^wb
z?qrYEX2Rc(duE;<ADfEz@R|neQcu5;;Rt?3Q=e94%3evj6sunXl?AcbQ7#fj9eh2~
z#EmXwA>#!oyhU(L#|A-8LgfZ)5r@y7P|nsq)<BpsvVtpHcm0Lg?W)Oy{kXtsF_QUh
z9|q~XJxPeMB74@LOb7?M<ts&d(qZTk_X>i!;%v=VPRlx@j?X}6s&k;#4%tpmMuQUf
zB1uPLxlxqJ6SKQZ!%TN><xLuxi|y(>LiK*5>hGNnD9_PKvh9Uj6uRBmr0DIlB;BVO
zBb4znb(zfx$sVsPK6<?@BT^Ke#M1RM?7qf_+$*~grp1F!`A{EiOtM0?*_)W+T8{v#
z#6W$loD;d0z^!>3gfYLmO{(-`zm{8Qq-ngfE-k3vHQvcEox<M>h96+=TNs9n+M{mE
zu0_3f<~mmH-lTj8h(Pv0E`(6r*grEX8a$ic^T%ruzX<_nD=qWztwX8Hbm}_NY)Hx+
zwJkJkuW2KJV?FFSs$YI`TtXzt{<++O{Q^LjP7&ve2cE$+F<=QLkvy24xhUbnzg??}
z<MyIveJcK0eKK35@CV(Y$gpK#+OgAm%a<iUJ4F8Cq+-vun0tEA;`=Vh>zmM7ZqpDt
zs*6!FNMj68CY^sE^vUlUnr6ke<nneUydj(GErfa5QIIb(Onen$R8Ej@o@P*Jw3L%M
zfz|y~`v9ojFrX_Pxg}?|k)-gQz*oz`+z?O~NZ7xq+-j!7R1^q1-Ln4yYIV9%LEJ$4
z`G<_ztN>(-G5=(FVei}fwgzBz1VeEBH+zbEUKcI!J&p*``W?gf)*+vMLsX%bP@y+p
z8<N!B`qY{7sQ#2M>RG<dvSOT!g)e=JQF{||UXi-5cp^7wI3^y(gRyifJTO?_h0DD3
zGob@hzvM-jvj`*Z3b6ph8OyA`>UG(2D<HOBkCi(>qUC1VhL#wfL&m0x%eCklZFMnT
z->J2ucEe|MgMj-Lg9;%F&sK8#bZt50ZKDmYS1gy*v%yC0i3Q<Ui^Z_3aPV&QS`<g2
z^uZZXF2r_MYl@H2yE5WP(q9rpTPx`=3sS*7u<EiY$Mr=VFy)@+JbS-O#0)=a_=>B=
zjiJP02_UDc+I5y7uN)#ci3bk@M~9y{^sg;WF`^?n(*!M$(r`rQYANa>Yf^uYF{eX_
zdgxLEaDLZ>KMU5ZTEnphrKaeC+|=!(CQxi4nB^s&d@vlM+@TH;R&klMpIm2YV77VY
zC=8M4V1wx$DL5%I`hOWhfaRKgH%DFa!1Ei&*zZV?;=~R)k{5<!`BWI?v)P6IjpW3n
zs>PE2q97Gi7<(05b*%?))H0p!U!677mB`{lkWmid%3_rp_IULZImOd_RjcN6@1guH
z3_*4OYhKNy;lMWC=&ny=;mT*Y1fZ3l^Y6$ib>A@8kQ_6PHvoCVOHwtu?z%$*<&Goo
zf>`N{thnfUJx=O_lr}Na)~gF{Yr>4lNQX?WD-8lULcR;OW2~b?Jl;W5b=kEs_wGmB
zwJGL}aoDhW7nEl@*Rd_0=SWZdF0F6aY<ZO=lZ*+S9G#B}8qH~2W@DO6SnZ2c%mH3O
zUrvyK;=<^0iWenK$e*|U0dFce7+y3NXVz*i5c-adk&O)rMJ)(2=SodbRZZk9zejfp
zWQmWsA$UE>p|bi!Nqp}CtA+wQK*wW#U0SUnv>GJ@mp2UC4ZiPYpeV03M~ib1lhZU?
z%_rHA%xh;ip%$ie95;ilFc1bd5%?*oeeA)ZQ_F?JeAOOK1MVAEtTgK+W1OIi*t!R1
znRe%eFMb@ti;4MKF=zoBr&J40V{KS}YY)vXO(Ke&*K89OLmBuayy0CdV$C)lILnz)
z;nYWk?VFbabFLbXSb+RnN&Ddg<w;guNGJdsX4dJ#aaRK66furLeN+@AJ7hOp2iWyw
z`D$mYRUL2p5;Mk3ZcnA@3MJ&mWGd}uue=##c-aj}rgwE9u<J&4@bi}DS{sDf5~@sG
zp@^igM%R%WrvJxy;tp0NG}^@v^8TIxSsA6dkufkp-Z5=Vs3S!)jqgSqjZJOE4=>Xy
zgV$MkEEO*Q5na%4gkQO6w1y=}<%w<g8TV-qt`|1-3*PAG4@O2QU+oDo-t^8{)9rer
zv8H4*Sy=}4K7Q)|nGeTz!q!P~t-I@m01)WDTGjeP5cjlMij$E=z(ga`&X(tW%XlGm
zeSfA6$=Us3P3gcsj&p|_DkClD<eB4P@zd?;fE%&r9T7UrTG^x9`|hK`N9F^WP&P2?
zx?$qz`~J|E?Yl&-?|#3QY|4Qp@7pTBbp!iv)DN4R7Y&P80G91Es(##%))o7LH4kQ2
zTX*tGQJUDWvs(K!JS}v*#fzA6U1RW!&B9r3K8kR}1L$or6~jiYVBk`<a_j5~G>khT
zK-;0bIox*LKkkkE+v)oJa}G_b8^Ak|Rts9LPR47_f#_!bO+w_71^?UarJ|Mf*((E5
zJFJ^P`TJIl`8vPdvj8%x!jKp)F`SX_y0(8r#nOXGrWaF-^GZ#UaK!+`Rw^7<g0hGj
zYHd213fG&-pEu<z<{<j~oNw@7?Xo$8Aje@%DXMpw0E17(>qi^rz-P&;SWd}|2Sv>m
zb|`m)h;h;UTMGTXXp^go>|e5rr~04ltHrR7PFb}cacwc_)(IM}ErY4B3<9|Fko7&0
z`0rykjAvU=r;;|$SSWlxaAK?csszlZE>D@AC16AUQ27@9_!R_jG64h~4UtO-Obbdj
zz!{8DD6_Y<Ji1WkrtSP1x4xlZh1J<<^(QN-rd+FKFwDAuXFFyE1{h3_F`i;MWiDAv
zRCK_|YuJYV3K)hOH-F0R?$OL^mmyZ&t+V;8#t~MXd1b>GWnF+j9?Tw*1>E05+Qd;|
zj@@I|-fsHX?a+MEt5X|Ab8!tSAP`xz`yqpwk)&G8ZbKjy_IG<isN*{QsMnT1OY(&R
z81I(n69XV(8I*9ok|~g$CE9C@GK3DIHFkyCH@i$ZrtNIbg||zS19Nl(HeZDE?Kncn
zOMs!N_Ipo&;?5k1(DSc$6<WPu?30lM&kd=?x<m6Yq|^!Mr+_X#a-|_nlTf%|U-X?{
z-{H6uC&51O<M^?05^4~d9rMRcoCb2c+Jl^vOyN|#+@74RwLOcH(6XkP2zpF=L0b)X
zareHLf|RkIToRrQKgJ{TP=n)4;Q+HSmh~%-2+swSi*!0lZG{<@B-s|rl_|au%sFL)
z{rj}Jw2r>WD-JXdCwLc#4`>+>0~8@q88IJMNlM++paj7<t1ddlLHI9ySc+#8dDWF!
z+JNmzw0Ueqw19*kzs;7VkR(SyyiXjscM?x<jUqUu>H$6|+K>Z!05{(sG`i>egDlX>
zHcle0HXBj9Z7KpqFz??iq3vXq&(W9EKp@AqLb#=hGUs4$$!0JxwXAsW(zfCiWo32b
z#Z*tw*iJ_``J+hR1=H@?n???)&&mC#H=nbnb<_UhglKx$atisxS7fAU*3R35AA7E=
zysDRpu`5gkd86$8S#=`tn4smKPeX+*oOUBGR|~ERY?0S!b~4Qycq&ZbGfH|O&x!ab
zCDo<%-~`+uH${6ikGg}GzlY!*i&Fdh?lVs$DgyYoJN|@E0)&KC18i+A3Xr=5y%q|g
zVRsI^Ij|y6N4s}mQenw0EOrrj`ILEDFN;S2J{PWilA?ZX>&j|FY@rDcp6#Yi9=ozw
zRV4eAMB~-ZGX=3f!UI9#pZDBjrQ*%~0k|7dnMFTcbjcf+%n|DL=ytpz4?Jh9u+eWM
za(ChrypD*dyM{&TDRV(l-qe#>yk6wJV9s@((y=S(%!F7S7R%$6BKB%>549PKfUcU&
zxx8$7<&JSvCq>{ldZ;C}V32Fxwds7MwMs;~aNmN8YAD`gqI`;m1jATM(;+93BWE!h
zBXL>a-sDVm-K<gETF$g|iEcO|tjkt*o@^=&Cs(xM&0%zS5F)-Ho*k5lU<-@HsTod>
z3XvtSJnXv%XO8Fy!y(~1DpVHw2RgmBU5Dz9*t(5C+c0q5jBYH$NbbBCP(!{*?-STu
zR7rb4kh2};{v7ujU218QY4}k{<#iSDCI8Da_;WPQPx;dUWg-e>$fbd~Ez34?WDA}b
zDT##?n9NTAMOOhglFr>G=!`UOQG+Km`aHO7V^_fN2T4yY@QMbUex@jPe_ZHZS0bQA
zz@7AwAg9y+k6XQ2A!fsxKeV|yc=AS{xeaEciaHMbw(}N5-OcxMYA?In0M1Me9dkc~
zbw!t~Eth<WeSOHx+mlsFq6jr%8QL{#&un=%X~$v3Oiu82Cjqyc3CxSp*rjq5ksKn$
z@J5AgSIpqHB(UP#K}V3`NO+qgCxQ-+)WRhF%zw-%BAZ;YW<36VR^}bQ{Go$tMvhz+
zdGbzL3_rr8?X4kc<JQ1xAq~&=Hq*6Bn^3(e>fudd@o=_Yv1|8bhDl>ut0%$wWr0%}
zF0%(rrkmh$mF64hLfkK^i>fE>tlI`@b*^I;Yj6dG5;~~K$yKaE+D_{CE1-!C69%uG
zv{nEhReW|#mMO|H<WyK?mpI(y!|P!h8-h*wi-?>k_zLSLcbjjNRnq*Z7-8bZtJ$*)
zemH!+6~7e2u~1Jr{xrR~a%FCnDG&#Z#myxKe%=iiUX>t*Za3g$4tZW)q&PDjkLwyP
zr+K)&`lYfl8+|t9N@{i|e{e)sNR?VZmFmE!srqQ-g}Smu@sZJ+h;_*Gm$e=s_!+Az
zySl0QS0JYd#ZW*KIifq6+2-i7-llEoa0aEvp>okRV%1uwtzerS=3WVJen(BK=^oCw
zvrH36BOUCIC?q&EK^;>m*0LPLN~{JCMrZX>2o_dXNIP%KJpfsxgMWFvFNy9l2)J9{
zaFvF00;<hzFZ+m>nUZ=s)QoBvLwHl?2;`U&?ap%?rXnt6BK?SPQ-&%x2^r+5N2G$X
zmR@JeE=9W)cWugJye_184WJ8M@El4ZGyc%}Jw3@%cs0t)NQob+!-=BoDYk;yu+ul=
z+QZBucRJgx=bOAqLG~m<(iZ8ose=g8ukZkYnKwq-+-~b#%^=-r9v+z?PsFNXqp1p!
zk%E|}MmJ1aPl&M$C`ib8C^MNBqm!s8iE9|nUl0pU6`Nok;O<}z00v<3apet#6?ibQ
zJk8Sv$Ibn4+ul*W)=C7Qe`m<xz9dbSoxaX#_*B^uAbv)(Ez&8B3)g^nW8o9r)#-UA
z`FPZD`2`}s?$@1r+CuC#v+&ozY8?lJwMnWgz_Qfpa>4IGQNFksG90hgtUHh8;FUxP
zrs(>fGR;ZHA~f~$6N$SHUT;j@MfXrE`N%*dN4oLTLust%U3I+Uol1OT$GwElDE3I?
za}<JTol8w`D?cEH68SWmlA~sROf+Pw5Vuw5#?fxgNCVEoRL;YKK?*7!UkE^c+n;W)
z;n?WjAff<0KdsaCA%scfdp4}$4<LSAT1=co7f#@DBPx8x&MIITD*GD8Oqq2khsctq
z;3=?hYYTHeNCr;-(D&39HBhVkyi1jgAkCxw=1kN|eJ;DT>G4LwwDg6x!<7ZgJP3bd
zqdjb1MMIPQ687QDB3D~LCK7ngcqr2p*cuh#!IQF|uQg?3(s{uExZ}zsn3TObkw$^j
z9P(A4`RXZ=Nbor*Bj(MH%*@k#=ceO2Nb-docqiol=Wcn)$k>?fI8i{)HXI>cjkvcU
z#&0h#4REmkpwc~ZKH`mSe0XB!I`YgKKFy=Q07to!G8CVLRAltw4@tQ$n1NW+34S;S
z;E6afcPzTy1dRa-E*d*@C}iO=!^~pA=Gx&IT*o<nT@%msq+3U@-PFm7<Bm$iZC(u$
z!OXFDu^fd<@u<}Od0Fy;y>!sz6qDdGivqW;jbC(?+}M~Y6~snyXAs+}wdAAcS4p8g
zWjVo>n!xVtp0v|*;j16qiY`k=gWI^rFZ(*{`D!q8!Fbp5u-Eeqr&^&2)XF28t?j1A
zSIan578-aZLvO5Ru68SgG#`W1+r9K<6Lee`u65k}R$iO<X5Cb7F4`Y8A2Ka~s$d;4
zJ%*aZ42<$yy~zl7*-XVduG#xiC4z)!DJE9!`ZWAqF<`j+CQoD{!nU9N9D;rz)Ld{~
zfnHzG-+@Clz&D%L4>QR|(LrU^_VN_lM|lDyIW)D|bX9choBd7w+zJP%NB;#&E8{g<
z%_P(bL(q<k5G4~-qqk)}O%e}@zbt=o>h=+dy8+mZ825{HMD-U&c|&@xe=geiX*c01
zC6qybloT2J$EsK==u7Gpk!DtG?2Iod_?k>!*eUt5I`-x?1V(8S{SP$yM0}ADtW!VH
zXfj(gdJoViwL*S|^th{bjtCAaSr%c%MYq9Vd$smjb(G#C%!iV5?i6n(#$AnUg!8t9
z$5QlQJ=$Eq{HB04CJit^C+2&ax^~mu&AH)Y>r;pV9%0rVwj|nAO=T|Wmo7=UYGlWw
zlNL(;`&5N4k-J1tB|Xzx$Dq&C0Ad8Y%k9@2mqYVds|{T;?JUN2cO*G&GqU-wwh*1b
z+QZBV_QK130|V|l=o9<YFbNtkEup4{76sTl69xxnKAZHyi)GPj3#oYY18jSeYs_8a
zp#XfV0UD-&MR4dX2%YgN135X_IVLtSev1wwYdK*+0_|*u>HFIoaQbb75CJLaSW?P}
zXy}A+VI+cI`zSrf8+fX&AIkj$xar@zynTQ+iREUBi=vB6osju+Xk7z31~_n&?L`X<
z6Zvw=3`9DRzAyNARB6n@bo_!_qmVJ(7`zq&KDov-zn9PUL)9B`n@^2%?><b8z9jzL
ze6N2g-efl341f|8^}>E#<__MDPWk*a%W8R2SXZw0xpfc`SJy0(v!<lVEqJ;TH8^Xf
za`PrS2+8~Eu{K^#a-qmx%w?uQldI%p(XxM@XN`NJK=vj@NnIVtA>8ie{Q`=BGRs!h
zMRI!s5S`g7DuyWYS0m#8&`_aN*HV3GTx-WC?#<x7ktC8R>izaD02e%_7y^S@MdAO=
zEw=$V;U(?XyH*u9e<St=nIGstMZN<Zhs#??UhFcS>PdV1Y2sbzn?p~R1P%Scd>voX
z#V&!Diw8VoyXlw}*SbC`+PeQINvt<<JF%a9YINe>5c<N&(-!=cZk7y4yj8^Km<ZbP
zg>F^lcW|ES{t~+ewu){7sI1aY9$wWum7t!;4JY0gOw5$cu$$^jYwr7TkjZ=><%Y{R
zE%a-F<DN*JAAU0aIPp`$D4yT1cunLh@fu^tvV%Pam#w5aZJgrFF6I-8zPG&`ggZkO
z6j`V>pCKE<H=0SXq@bSTdnTE6CrI8=m+R5xo>^I4=~F(lD^FKNiEca-FfmQigeuTb
zJ+(VVTT54oV_WI_0!c@(AtaNut_`X4q5=i=V>u93uM6Fd6GI#$qNlvM@S|)uIrv5G
z_8h_ndKt>3^_Z0OPxu?<FZD}ZoIADikCcz`*XA^6Q{2GzMFQjFg+{_0lwltxcmSH)
zHRr{$M(C{vk$-gupa^Ig%{<$*O0$Z&x?@*^Q-jB7bHYsV+$4?^HIs+V*(DBc8Qtm-
zRk>6;ZYH`x*u%zc5sWbP`EeP|;C-XRR$+TXqFrg`4!aU*dNaM=REn9(;}uC8M8!g}
zpnQtE?gQWcVdmUwH>x#8y!ONEbbYu$r0&>IoJ>qdo_6zi`v-DLGe^so7n=)@r@<Jx
z)2ZYjn!IQyj@XaI^G+Z}%Y!NbLgv2J+B=o})jy@==xq|@9bPfl^^y=Yz!{46-Ts^Q
zFDF`RMtJH4CqK|Q=bz+D8syX2hjcGOSr}y-+VHNUT)1x7&3wVZYHM2lnE59~pR^)T
zXzaE6j0vk$FCZmL8h@9bpLt_pBp$KFx2yqE$??rpI>`icG<AUYUw9Vx$N(ANxe5Dt
z_J1ANv#qR+=Qb|yi3#dx_jhpk<Stmd?uZzBnbNf8I+h9;k=hCO(i1N=P~POdNf-_Z
zxi2)z?2}}LMD(TQ2!DKtD%+vrzhdAe>lkTIOUfFCQ|<{nU$Yf8Eb7;)y%q*Pc?@$W
zv9HS@Y}4a*V8r>tJ#+EAeb&(Y!sAT3<G{!lAkws!PP9-?0S$EF(Y$_9O+A(wt7v#i
zS+x3G5cRFQVw*p5rHf_~AT2mUGszeOK71}Xtc_O~Kul6MYIv>fLF6`y*Krc6W6+!3
zv=f>q4j(WG=@i1fUB0^%W_OY46uLDqpC`x~{;35F_lA|>YTE}xA=n+vDO8md1vu>?
zlsBxwRZZ#VLf4A>LhEkWKjJk?^lZ8L0}b+71F{~9vCgNz`mD=>%R|I1elD~5-n+bR
zf$Kes1(LCpNd>i8Nv1}c7z3~_m3|y^=>6bX@o`%nXSVo_G{gy^)mqvrHMMfa!&Wut
zuJ5#pmn4f%<0TLUP5EK3Yl;DUb;1uc?z<TH8a}kId=EVs3H@d2dU*Fa)ZqaR?41O1
z7+Wgu+8iysx_%UY8Wl)bIC|AFysMicqi3l1$fzW<64>dzB7Ez}f+RKT$Z~spFi;Zu
zT%R?lT2TH?Y52C1x>|<Gwm#II?zjMNZm}TzBqS`WQ>(8}1_V=H(>mvVuP-2UcJKY{
z1A{xW#MgsZhPJBCtf1!0o>c?BE2?@?TZyqarW|CONE$C11)<;Oc3}heL-s!IqpI-^
z>%OqLM=cZ_XjZCPqA<WD0os;~GoDXT;Sb<Dhr+<W%$i}&7e9<<qzwSpBL}J42-x}I
zPq)AD=O0+;+pY2e@{bLYD2ymC{T@j;2bCz(QMX$kjn33h-K5$v-1|oP23)Hsy+@8a
z-@YMkXwl&IdD3FN1#65~C^w#1|0;b`wtiY`Sgu%^-aMW~Yw7@r-es@QU92(22u?6c
zb5f=<01p!mH9k1EG;vsa{x&)f@+|bKoke`J@z?QMfaE!3-zqaoqGT<y7?M!Kh><y=
z;d=B0!w4QU_YHZA73r9&0rwqjkLGSfd(jStjb(A$d>EgxOk6rOwnt%`;o#P{Im;Pl
zX1%-D=ot5wB^#yRc&_wtmS@o202RxVh1)%Hnq6r%hepSz0-SU$qp9Ve$}S^xW4X<+
zDKq<+ATZSZgDqOk0BK<1*5pKoMp%1;J&D%(XW?2i51seahia_<)YxSlo}T}l7**pc
z+^FT8Jy&k6%_=uN@Wa|-{TDhswI2plC!L!4g+(ILp`?=)(coc{N#YoARlN_xXG-{#
z+S9_<*m}-Z`}B18et6I0322y8crtvabQRV1oQdnr!srjGG=#L^1pV^f>2(WDygRr#
zCe?^qblZ}jY^7$z5kVI_gjKAI&fSS_OXpP!XjJ+w&{bgo<YZx^K)VmDC^HJgriK0F
z6nOSe=}9tx9b-<CO$OcD>}aJ|_8G6WJu?MvSI~U&kW!3RhEyrY0#LitaJ>3TN7N*G
z7JLoTSJw66FzjX=BPw37B6?X;@?6@oEc092nXj0OiIi(yLrU{V*nH!cBL41@**p8j
zRNQV`B)!BXJ74Xp=WCeSww=#@dsA6a8$VONUX7WBstx@jQK!rqqe;tSzrv8AC?}B+
z<d^HEE;MuK&{>MAz=hUH`8(S9TnIXCL2zv27X-D&C4nqS5XAfHt{gnd{)y)!jr4Y@
zxI%ci8i|U$!41v)&QJ&CW20Blv*YY#@zbhMV=n4?f9($LxL3RwYNS?j)U~Lkzz_3`
zSv{f<85vH#v%~U(iuUZ`-@jchMB-frMP^()9a~rf(66lGn?0hT^C4BX$PmQg6iijt
z77s3lSNUu$hPTZxo33!JZ__YbmdcOH+B3ZU;Lv0#8SyG&9M~UVkB0zvRd<vS-zGtO
z=fq?2EKtNloL<Whd3VmWV;AH=J0pmC%mNQo<ga%$8Do1m3=?VvQC%9aOufocTa=f=
zuRBkx*CLlgV9OO&zAGkovyb2OlIanl8_ml;ahzgFZ}nxsd5F!At0GosT7LftU390{
zbwcxMFRp$|_vH|6p*6q9=en1cuERCi+uS+#HyuNDalpL+#Oz@r&2Cf=d5jw_`Fmc)
zCkg+p#Y(|ZWhkXMvaS*Ol&@u6ZruG1hGSuAt$NwQqMp2Sg$}wY%lz&b!iJ6Ri4W;6
zTUa@|&LVYI)FrQE0ZV#SCLWCn%=;=_)5Z-igVu>S#$DNw*(DBrQfp<#(ix*G{Qcu9
z_o9xzpO-~W*eKsY;k=ZIK&I^+xCBsa0y>>c9)wHm|8Bq9pT0muj56>g6a7wmv%om9
z@XG-W`c<wEcrjTx#zAruK`oVPc6N!y_p23^K*K}<tB}bTscgrMQnJrn;reY;JIqx~
zML$UqNZ_U?o=y+5Y!VbF)bh$38%_IE)Ks|B<3$BYh~r1*gzh#11A_u*cgG2RLCd4x
zgtZ2Kc}G*1b>`4dRCNF(vy4YXgbui~q&KxLKFs!W#h99{rL^rAD4oe_lCzV;x=V7-
z5F2)hUWNv?BzaXnI6CNEN`pOBaQti8jDm;XKA6zGtfEM7@3A@eL*#wMBK)RiPla&p
z%$8+#*?vxN-#kLDNxyJfk|4$WW^K{npZptJ=iWth*Pl)n@}x_Zkm(PCv&+0>LRZCc
z^_`b~qg;y0=BmBMkg8)1XYzi-)tQ<YMiOG`&ku_@Nz9nPIBuF&jdIHCrpsNX5HRFG
zu+7Vq2TcGo#!fxB-ApKbh(#?Rhe5(CAaldjkb`=QKof_vJaq(;%c;&2#T~P$&S2at
zY$U1+?}c6pBXFD*(7=II)QHr%GTL@<T1ODu_C12a42LxT=G2H+{}G|_{3V3d+&JD}
zc9NFijleGZD9`IInRl4d0P*W=aor;+0{i<}enJZhabtR%f|7*#ms_F;B+hkN1O(g}
z=ee>vE!(fA48L_&J5nu@amrM(SUiEtdO}N{0DbqGGc`+*<)7+3AK*kK!R}%<-aTty
z)Zf0H^DmKaK2-P3Wf^Bki}<}PJ_L>s8OW1fmOArG58HL{AZopO6Y}ZE{{Sg-n^`B}
z2#CJM^D6fYwOPj)(RMHA+vxzjJt^j2#ExfWMu+7|(&1VeXLOp`E<`RHY@p(7eH`NX
zRCJC`q2xUAGf2*GbiUp25=mW?Kw(k8;$5SjQ}FID{QPJllT|aNe*SQU1D2M=RfVv0
z7C09S^IrGIJBf=_Srj0ufEY(>?KC9bA}tCnKPf?M4NtaDVx9~D0ChYW4&#K$Tx-iq
zcyY%&TS-%ob=N==<BuLmqU$o?6KH&#B*)vM2=aEmlWEykPW?UcSl!DMqwWt5u9wnA
zink=V6E)*0i6nPf_IC+rpPV5EPul$m#LvX|&!2okGXC&xPBj4VbNh}aX>OJu=7xXY
z`ub{pBl7Vo=WDK*5Ibyrg3H@cM#7gj965|7)6QMx`F-!n{Pzr!K4ZG|d4X5~u40<F
z;baoGrA8$3(OkpA+3UCglR(zI&6`*dfy=!`%le0zdMBy(bJpz{{=1iF882Tt@nVPa
z=m0jYxS!{gujqoY@P3l{H6ZfGqZ6+T?L2$7m~xkl5IM0Yi+&FZ*1C<C@MMFdZ*V)B
zy1JH4u|&qWbl?hmuKRP>I`(<ukzv>95dLzOVheD%U<OziPM*2f8a^yAnnc||jXUKC
z7!0WFWArGRMD%W4wCS?3Hk*!|ZCJ!i7QTjO3Bmk%gV3H@x?|h-CL#(dv5yW6g)DOF
z(?1yQuWj4gCdK0^D1zCWnE^n~R6~_fXC_s@B&A*LRB|jmL(v^So>l%rIC_b5Q(Yxg
z-mL507w$A%E9^X!cME5fBQO56Nmf<jQIhrqeoWK*^mInCjJgjCM#U~_CWsw0cbYLq
z&0Zp;i3TwGE&eJ0kW9~?D2{}n4YiJpjx&s5cd7?8IbJ_J;L^xviEm}sFY_}z*>_wQ
zq5oh9Lg<8L@)W+TCrcK#_!=<Qbj~8QJJ}mx3r)w5u(i;Ew^Uva1sKcu3bNLIUKDvS
z<_k;o|9hYs#`WQP8_^5@6n&j>$urY{qjmahqEHGohayaCrK!f>9pfj9jgiA2;euYK
zBt?B90qYt9Pp9~mn?kwzeAQbUs1xHe!UiIjN!y$kAgNg8&8=Dwx>6O=`Y-gcA4~vz
zs%ExN{ua`nCu?R>UqDrKfViDk_vcJWz=IjIF-iE>Eo+}PR6a$mJrA0+LXxA4J+dw1
z!IV$qfM04Gc;$iDUp+WXmCnspzPeZ%ly_>Dp0Ct+<)+)6q3(5a<`#9DY;~*mc>gv@
zlS?YBcUt_cwm(uZL?(TVoS?4Sn6+jq5IN_s{<oX93s$i;pjt9T_ka@Io1{>h<+zi_
z<U$n|<=KTlzqfrLhBeU&W?qKFtR9rjc~0eyj<2UmjyvAW?aq#L`l5fimX1{D$ROS$
zRD5qhW=Z*m*O{GeLd!qIGjEFSK3;o-#TxKr)(n{MP7ew`riyN+0GCmt%{?hFiB8?k
z<+Ag1DVu$n%E$fl(&%eEGBtR~b&Pd40rm+84z$HGui7B=H>=+~P95PMmpvscu#|PX
z3M_g59v~BKpFPq^<8Nl{rU^g%%=SQ!tEg=j6uyl|+KmE_W<L1$R|!!xv}0!K)y@l}
z$zV&&nK{?_&AvlWVVRs-480P;YOwsBna4^Bs_#_f(#cL`(XSCE9dkN0C;5;&nNCy<
zu=e+t=HnNqky1c}BOv~$rk0O1F@ZX<t`E@EPMRI870*Ps;g&23NDkdrRO)Ryw31z^
z&5JPrm2fyPhHsCdVzp-)qH@Q8*`g}!rzywz%`^hemNWy-h~iyz%Jl+lL6>K3@R>Pk
zPvO!w@d&z8xBk)SO#ac162Qfe7Dz!MKSV$hxW|7ph<TYJEMI~z(Q*rULn>U<)T#*J
zTLRz1+E5yrqbQ|(Ts%pPjI|RD`Q<pb?!ncUz7MHZr^^_(v8i(lyNeM<aP!AHo4_*^
zM}?^l_~6#zf!*e7sqGP<!wJ2z!Um8g4{K~G8ekIn-NA$L?OS}$QgcrubYy1Dnvm@-
zI@mi7#?r>P<=h;jeT`nz@@cuI_fN_4vD!vz*H3Z3x=`(SZagpNm0}+7?YB{~xB~U_
zScMv>#nzFnzlYaQYJ;Q=6o0`hR^ZK>I&?fhab$Q?ie<N38?Br$zKUnbS@s)6E*=R#
zdUgky&=aOsxt_6?cJ2b#i5|}>JqJQmUC#LGW+N;pJsW0OFTmL)m1E>yv~cugk7Nu0
zi1%}MC~jY89T{EWprl$gHhFMQ`!)}@uC5)JYU(lzo~~e{JLS#Xl|v5ThGcH7)DyvF
zt{XhbLj4T_zh*yEi<Wmc1nwDNwCAbRf1@>9RHcWW8T24qU<;5#h!Y%ZSs>ZG(T@XH
zKKMu13{I(`Qh)38rJ$X`)BU;+O`-#a^q;M;bQM^LkGZ-nu~UnKEY*WRzk)J@n}>Ow
zFt6k>DfiyI_TV|W4yk_wnt6sw(REXp-#5hGFIjqrP5kkg5Hp7CRoT2HUhcZ~HsXFo
zGCz>D+^JtdJ(nt+CYfX<uyA5V;o|rA=4>6y^~onEXgbT^$VNzx#~*d>&LuRJ<V(+b
zDX`*Z^y1`en`P7qNQfZt@TrcjP}@+B&@Ia|M#l-HZToTaE0wFiO57zY1Y}LB=n)+l
z0og2Lw}0L`;Gns^Ts_6%X%ihE=k}WuaM;XFSi8f$$!r00WPr7sfDmt<%Fk$=ONF^m
zx3<!)XsE8kvbgFvDVoZXTgcRi#ZS$8=im5B@P+e@vg*+xG9+LpOA<i{5(7@*0qgPL
zjXZ{iLT(w2U4Id(D!>bdc=Wa06IH9r>Gk5E(0yQG<0)(o`Hbrx-``a-9&6;9$e@EC
zxW3zNsIk#Z^PU9VKHRv3a!gVnT>&(#^XQa=Q}U4=@3fZMC)HWPJLT(~zbd!zM;PFs
zgcBl~87?JowC7$}^TfNk62Cup_9V_vm(f%yBRx#AIKRITQ&aiz&<%{KJTIMdtNo%}
z%v$FlF{vB?HMp1pI16Os=`SoxGQTu^>wtEB-Z`al89f?ksTGFU$lVe9J-BqIr0d1H
z?hWOVsK;$RE*Ij;Q+o^x!Gjn09B3?8_Zk?dnmuoa8;t_vkb!^%ZnE4M)JRb)hFII@
zXvScOKfgzwbM?eIX#4)D0%{fDvzkRGNX)S{E&Fj~WIZ-x=sxV1mT%Hcos@DO=$J;u
z^{ES^?lzffZoVUx$EyEaxO%QFx?&N3b<u$IPA!M+p7GG`1?_<en!^r(7a6Nd?4!7a
zF{HN;4_ZSQ{VSf`-{jCP`i`$l7_7<WUOg`EoWb}>XYI@3W(lq;_j%WxjBA_n8|rhE
zXV!i^4CW%4ywm*ESOaL0?}CC2^Ut0jnE5~fa4<k0aSg<N_(+x!51`V=aC!ZM^D*9*
zg=;2P`iVA@cahDlo5ii+7)e7Ox^<#iFG}#<rS@_+9{c7OmF*)9;t8P9!VlsMLwg&d
zzV`?}hm@Zo`SYbWn7!4aSX*%uB_`n*wW($4G<(68){;P<h%IL@0Z@c18wdF)9J1}k
zZha%$IaGiO&4kGu^&lz{6#gCS4aztuc+Ow(@497JY!yU>ltA5>%V!p(Z|&sGX$^`h
zTC_p_#Jhi#oU&TA(4nmsSidi+zgy>N5MK1*sfkevqtj?Ml5$n{^XS=I;|4uef9P;m
zSh)6H&QOdVgW1fl<$+?FyQ$Spc5hC%JzE~gkHYW`)nkWBW}HvIo*qT;NNn$^!Vy^C
zbK$`nnjdPVR6g;nJMI#6F#EUv^<MxqaA&xf_cPO1-`L)&N7~jr%@lfxyo`=#Js3#l
zV9A#KsV48stgAhG7w0&*dW&nq{EdvK{uBt~J{OxUPTq&bK$AbYw-Wvz0MbA$znl`F
z#3Bt9350R0apQXyn`SuHI?$$q=0jbgg3HPx8au9M15vk`>C)^Hzjke#^D<Fg@391|
zX6`M(Gh*Lo0M)b6G?xPk0CuXJ*aF{KNaa%5*1sf73R8y$85PeM{KfZs-cPw7vyeF9
zO+wM3*+t@6z`VUffa$_1EY||?>2JUn9gTbT?Ferj&jIYriibPFrx91GjD}?`@z4{P
zdL8lJgYEjwz6X#LUeK9kw{B?bu)CLTutr?@vT2HJ%}_qp1yK&jExe^{Qv%u{R|0KK
zvXR_+ma<-mG*~4NYSCcjFY=Wo0pX0Ogf4A1ZQ0Ug>(+GHWa+&50BuE{BsQY7XLWAf
zlD3mSy4j9CqRRgG`;FGpvYjPh$L<5bejNb+JKzW~3UsvyRc3t+C9*vdtdLoOXD9X=
z*@MgPB)+cz+zUK!;?MC&Sb?<s6rHxn{YDw+0pE4&aZBX=dS-tLto7W5BW!qIU@E`p
zIq&gP#!CR%j%vcr^*lI@ds}>FppUTS#8*ciE8*|+@cA4gho>{<M}y<Qx~B^t77u%v
z<x)R*?@~MVu{GA(3$&eA2hl5BJ}8K(!#nvCr88_<5uiOj(X`b}<SDs)upHxf0SQF&
z$O{N(usu@uSrj}+0)L$VQUhC%l$3_S$?&A_XRjFIQ8K0{Xm@mU*<5_Pn>Lxf<%IS2
z!S~nOCqFfj8J1%*m?=<5DFSK2Q;x#k{Sr(Nf8sa^Kt$^<28=ZwL`#=CP|Su4fg!(T
z6Yf|6@Vyb>zZzv5uogMS62KG)iy9i4N?*l1ezfrCmz!0h>2AQj)7FLx2@m7Zg3D&G
z{&xjC_+T1YI1d~6aR07Lntzh5ri>qO3!4vL0?>aGKFhdYNjRnB0&)(-Z#62K<){X!
z^aQhta~W{JzONpI;^Q^HWNNny-}4)r?D}Wc+7)YPSmXi3I7LeW+98Fp_+V?sOBZQw
zE9Jn!j-Erj&DpI0{Ataa;SRLLaXwPoQI2A`TqF=dI~VB<@Vg#J!7;Z9g2x51plR#R
zE@fSz=|CY$X+9`a^delsL`i$W<_c-6TE_&R@{}Eb7t2p>ZRc2J7hhO!AO6TBD=YV4
z=<VGC9b%FhV$OT9cOQYH`K<sd+Nh!}tRP~{2^qILmr^%ik2sZm)zGecY!(c-0BDYC
z)|lP*kl7#qZuZk>xyAi`(dM;Q^e}WsY1J%AYSn1nPt}-RbuR;t{Qkd}nVs|&vm;&!
zZ-kRANMR*ltr5P@<z|bxUq?@&cn<eh__$r7gmr6<55sO<4d|jx&$$&d%duW#R~Xk|
zb=$24j_a9`_^anw_hmVa32bVe5LLcKtsPc}*+R`&pphj!VT~C&H912mQ9wSTreO05
z3F#bUnSC!_4{8ZS&>qyq(~~(5+9@k#b-!%taO;sUn8bdO0ob#j@9eb{Snq|BLQzcs
zGKoZko{qS^etFs|Cd1F@BD?rYP42kqhH>`R6DQb&34k6X@GeLJ8bW<7L%Q&DXrspg
zq}QM!Uk}g`s9<gai~<+nOB(h_%nSPhnqf+}OdyIwAXA67{)ayU!oM(k6c9XeirJgX
zl$-}?fl~k|Wk&KE1<1}B@54M*Wp?!WW@o?7?930FmCyBYI}MrqY0z-*i&&8flSk9{
z;Q>z==YNhFB}H1!g^#EvU&-L>NyJZUDN4XvO%<uaDq1u>6RpB`&Z70U2$#FrtgNT!
z^0%HV-e9#E+qOvWh@|}<Mq~Lfn(-KJ%IAY%eWvhkOGYN$5xVjvKuEjKiNqHNOaeV?
z|9~YM6Us#b!mn%!JJ~p8G1SoP0C~LD)@Fhb;f?rc0W-A(tfs`zpH_gqyVg#4Q<eSo
zFSS@F{1UJ|ro;<)#~;WvOhCH=;4OR=U4<&*L}N`Y01(k$-BxC3*a5Huq$trxpEUa@
z!2dzObSfbFmNLTAK**g<hfEF9u9Z$W#Ix>)Fk=Aaw_*yp_X)Gto@w@%`$$_ElA!n}
z@YTB23onL;`7{7Eo;OY6aV~tkqqWBuob3VIwUlA^7|F&(WRKL;v3tx?d&{G%Z4oR~
zVD{L+c>{c@2s>S{v^Dnf>X0YLbh&pDu23xXH+gpZJCzuJo+Qw#`sXRu7)`%QKv<Mb
z-q!7bH2Z$PUyBb8VU(uCYfTePiT~d})Asr|thG;`vBDmItkL5kVT7I1G94%ulq8-T
ze`K%3AMubu!}i4<I2WS9YL!6;hJ;T*(0+4=*-Jl#iqF8}TPx7W0oNAn)<J{Z(F_aJ
zn_5YC9N>%Q{D$+)Zu^yg+ohH8IDDE}`7NZwBk@*rG<J=9$mCUKT6^3TgajZ{h-Y1Z
zUAej0E`F%e4tZ#W-P+h@3z&LNN^b4yY!-RNQ4`CmW>bpZ#IVFHl~3zMNUuj)*+1g-
zkdQz$j|_=o>d9olu%37G{A*h^oFu#!nGAS>ZP_FY)0Fs0;O*E+MfQUm+BjC)H@-I7
zPI}*@%=TzKOeUJjUH)Oe6zTG7IG>1Vq$~k!bc&G1%|A2y@V5YKwDc`#)LPU(Jj-Tc
zN3SJBnI&{SfjHk!Lm`{c2jA`Qg~%rzVpjW2Y#nIzb9g5EyeKh+1b=IpLN>8G%<nYy
zeAy-%5=}iXa#PQ%Ky+!$Vs~q?GC4|~Em>4ZT%!fr1kR79?FCh;y!N8boo(=Xy&r!L
zyaXa>54_C#o}#OB%#cgg)D978R-_=od9`u1H86ybJ9ZZMYA;HWH;4FZ{nzw)k=88P
z3Wa!2CX@DNZ||Nr6^#+#I_Gl@_W92>*)6w@v*X`9!Nw%pq{+YA+q;QtWVv?{R0JZO
zohD0qKm9d;eYM$%2jR|#hU}jEQ_laDhP3Vz0qzgcC`_DScKk6u?ErG~&Ojja3`7Z7
zdjp5JTeqRP|GjFHUGVIBdt@i3o`-TuXM1&!gpv(l?WOHf?$bZL@8Te_kzsryB+N6n
z?19cXe>Ht#FTT_V2_!Y74{yd-23!IG&stitY8_m7(Dr!ZYiRDQ`EEH4L@!OObcFw8
z+Q7L0>|3P<d*ZcuBTDMZwCz2o$YxJS*-7u;Wbb=VmEHf3&8ETAV1sui6M=@C-I&0X
zz*OiZ?~wPQ1)s2gH(+m-U><G=xZi}y<K0)_^0&mN?HUc@c7QFJXWOj_!kx#~)Z3Z&
zEwf|)v&tU9TqEr|>>iWk<VBg=3NT4Zsfohb|LWWSz()qOT{Qk~ml_N%eHrvE{`l6w
zN+5#vz{)$P)WQJQ7Wsl@Q88X4s(Br<804u$gOb_YER~vglbT;bT4nfYYk{d9N{jdE
zYSM0FhW*(!=Z?EN?Z~6n*g2nFVb4C>M7)0K*MN^Mu>jaLtIf_u!+yg;Z@YF6`{|!V
zs;<gDqs^|p857Kw?o7KR>B)F}b39kqx7gSIRb?-EpvtbVYjsPeYWJ9G0`)X@yg0w1
zTr(k&St9PtIrFR!7a^{~#7^!Ynwy=-xlZE(`gS60_d&9|=9N5E@m<6Go|b9=&URPP
zx^rJb&wW4PS}oNt^sBoc_wCBn^t3fKdC(4#XkyR&eF|&?jucvp`$b7$D1g9xykU9T
z%EqVMVCA>2Znb^)U1`^RXSJIWzZGyP;@{lKZpFCWmEaxH%Y^Wv>Gmanyf~)g7Wkcq
znXI$I$B@;U$ZlQFMgq4zwc6&~yUadcUGF?XrsJX~ux{ZERj8g#>h>84V4BK+X?K!g
zm-L-&0D7k;UR<w<i*c;#Ckp&^z;nI6B^c3IYowtefe6||qnsR<L9=ab?pc)!sPv;p
z7g%dPHSNT0p`pGfXln=f>9Y#}C<fQS(j8U>K??D|1;>vKxCkzoUVz!8fZ3Gww(qn`
z`}19!GR_!It(S+#dIt1n;d-a(*8$=Bv%Hjs)M+gf(3;rJlk^0153ywG+t~H|{m*W&
z$;f9e8wzMMf?DN`=L)m)lxA;(o|%(Lsy;DW<fE+$P(50ccCtw06-{!5BriR`sH{No
za?nX2g7%;*lI=4j8?dOZ&R4OZc@G~}U{j~3Sep(Y?O8AV3w`(>(%QJOCuo<l7Rh8h
zLj+MpX!w0WD)HTjhhH7mkAwCqG@#kOdrd8~Ej>6p@Dq+{3cB3kdSV(6`kAD5Ds3nz
z+6`#f=RUUD?qvq!KG>}V>Dulq7uG`M8>>Z|vPdqR8r)RmeQOB1Bh&ky#}xC6dVU=3
zfcDZvzHPZC)SYC!>Sqb`EX96KEJmN31j5=Qb#*;~bQqvLcAOxfbH_{;JHSTpDp<V=
z_c}=C3jvtGysX@RHrpMD+=2LgoD5X1@n|u6Oo5vd<6aF3jYi9E0zpITw1e^H6ijJP
zC4VDHJBwsWD8US(yER-3*9C@s#X7yGiK2?7w3i0lM*NEbZB4St)oh`!qQl7(^N7|o
zfdbF1m`0uew8xQ-FJ<>Q{u|^H2#x(9XEU-V3HW7KQ?_A)ugbv=TmooMo+NDzO}nSk
z);Ga{M(vnd1SmCtwl@0}ZiYr<&K$2|7xe1Z?`&ei5_!-KBc0mKow!N+9z;gHorL?{
zDh31-Q_arCztiD`!s21(NT%E~Ych+Z`Th-?x9*C|0DM_NcIr~a)TUU-+Zd*{i$a{O
zn1i0iyJjNyRMO$T!t5-`f+h3KEHyZZMz3s&)O*-OzD96EYCtaOxCrCF0g*ri?Ew*U
z9ulEq$vZ@}VPglN8i3SmzcXg$NBi|D04R8eXq&6&7j;-G%dckBj2QxLo)_V)mP<|N
z-7fMpmH9P)zO##TdPO#Ea$?U8Fq6$iKU}M2(hSQ5Q@cSsNqV!Uzyok2RStPbTBRk|
zz-joskLm@c^_XCkmYjlmNo1!}7HDs#kPc)Ja%3_P86v4up3v%5&XI<W1R`h;owBkH
zlul{CRm(fwx*qx!wBKpdyr!)w&^gyZkfI%<Z5fkeet$=&ZLaItd7d^+pv_<;9wcrs
zQjGMGG)bovFFU!MZDxZ7M**qk%+f}N087tCqmN0w_-pdwSWj!UcR5SJ!c-QmZ9w?2
zArF#VNihga>j2Y3F^!b=vT4^cvoc?4l_)VrGiPBM8P&@Sv%#eUXy=}#TtyP!-w6ps
z(B27Q?b4tCSqDHmYgEeazq8YtdwGydnJO5N_RGHjdhSji{}D&AtMOg7S|*At8qW%T
z?|D~|EnSP97fV8}<bg14t5zjli2#gK(X@}5i(PwwOe6yBXK9J{o$t&R>P7@nE~)o2
z$OpbDPPe+Qz?6L;dk+w<6PS{AJ}g~DYQfQ_7mO^yDaI|7n<=i<&7{NQ2m%?A42g?a
zUPGdoJd;5yU4yxzw$^K<)NMyorg)P@svy8j?imXnB+Hfs(Ds9oqed0l!3Pf`0o>L6
z^4Ym1mLTEt&xdprHTf9FA||h5>Ut%<+C}+*uoq#|p(#~jKUM$~@mmdw?AecPVs1XB
zj8^!{2XF^4-HV=t1{{^$5bp{WnR0e~@sk57KBq+!d6{}FBCeGuMP1$K8$<bohqPUo
z_-{~4AcFRwE}pHK^E<MqZT<R0D@}q-m{@Gnm}1_znfflJI}f!`1CWa7>8G}^)<~Fk
z?vdo+muN`Nui>4r(6<wOZfR1S1@_<nwBR1yg+I4I%%@|Ayadq3xx3c{l)feQ0&gk)
zT1+GFV-1qB*)Cw%qj7z6n_W}4#U>L*cIbq&7l`b|AGsx5$YaGA-|9)H*T8Zcrl86M
zOj~vD#iQD82pN@p|BD{l*pQA7uEEYFjWqn^Nt1#i4IK$Y&>lKv<v0y~*eh3hO`Ce|
zXbd~FA9_roRc=K4^>~_F&WN`K1$QD~`uBUcu<t-mH^cc0ln9eD0Q0~@pArNCmCk(p
z%zt=eo2^+BwCyBg`=j-~33G+k2FWR*7vWC!-iOw*Sk#ez5E4KQ;QYi|8Vx3)jG{5g
zmvud*Mv45)9Va<<lXgshM4C2W>e{mIM>};T>B&;oq;&8cnKn{Aqi$+oLx!JWh8atq
zH2xd%+8rWZ4OR(6&>pNMvmL%V676^Saw@i~_a59vvvS_Th0?14?Vj~>J2Ab;ZQ||(
zCnuwHKJd>@t69m9ESfRB#NPMrVp~+5wqawk9`xmsw7mU1ZI3;QwhK8B5#Wr+wd9@0
znEhi7hG4-^KafPIWm*rzYvhPSG6~3xARp&H*VH=@&6jCJFufG?Ka|12DcG8`N!yY=
z*xG6ADS=C1-@#P!lTZ078r8R!7TW}lY+8#puMLH@GfvOuI6G9l9*h!*pgkB%WqUkP
z!CDz7lZN{YCX42lPN#foI<l0|{r2~EW@kbX5amk5;k;3R&?le7rkjwkbi~L)JL<K9
zg)SQ=N8enC*SE0uq)a4#x}%XjFOwbKbxZWRBgmXwO!B4Y`e@yMr7;}f{ByP0X(!@?
zHwC10#tQd%F&puIdqcC$#lu7X&Vi+@7<T&7i3>aV5o3qh#1TC~dwDI!3ZBW%ohyaG
z&V$Ab!xy|~gSVodMi@ZPM>@Ik8Q<SI2}ID|IeG2c&>)7^s-DZDOFy}d4PiH<9YO+8
zQALHfTlRH&xsN65Ke*B6e5X_P;Qh_G8OpBRZEt?%A>MT)SGPYQp?1C5w=8AX-_UA{
z7WoFkL9{YAd#2eZ-ez`xjo(@<i^ZHT$&d5Re(emuj&`pI|DX*GpnNtLB?4ps^N@)n
zoact@_W`1xswMB@DHLiies=Vy;wx4<H0TG7Pwd$)9iP(kbu<p7!{bOpOac+KhggAW
z24N{~e}a*knqdF+nV3CWnl=kZVGPZ6in)tXV9LsY^Vs|G+V5d+ULDf&6@T9R5%$*O
zi|y%UXxnmY_P0GVJNaMu5@uok=GU7YW`!A_E~*pWXm&7j1jBAKI~o5rg9{i-(RBa1
z%<KyvW1C85U@{QMP^jy<EZ)>)pIcdPvzU~keI4^gii-U1H<{gVAomjiG+@tuU?X6P
z4Z5D2If&E6=^TlOWWfaAxcYP`QwAabSBs`iI<k4^l8(zj{5PNyh@d^7;?7TE0gx9j
z_I73go@mmfVte;Hifjq%d6alO@DFnNPfZ^-TnXUz#(s~1q#cfC@bj&26CiXkL546w
zg&e4H9rIdP`A<8$Kl8NK+9qbXaA<PPlu2e60IYW}^+1~|i0b_jG;)ujy<heYv)5vR
z5#i_P6kRTV^ehY|dCD<sE^7T#+qN9@$2&%s*qpIF2O(EsviNONyUoT=PnP{$()4!o
zv>k!neCFt$gB+Xi&%T9prjSwfX>v)2*CP$E1R`h;u)uRp4h(B+RW(atXKr;{k9m^?
zYaHP}{fbw3yLMjur^PJkd3$rp{(5(#TZcsc+uC7Wbi}JQ3Q0FxcJ(}bO<}73O*d_1
zEfVi$n2Gq9qs%URtJyQFa|3RPPiu5<z$@gHbIi{8NX8_gJs(96vJC5&S2fr?)&*JT
zZ@K%q{u`kdfkm2*WhZ$}E6;9w9$yDP$WeA?FWtVU=IrK-0UU{GWWrW<bD$a?#0$+~
zq#-7OJXEtGmgAw$E&$Ssi`-<)Ab0)_SG>Al*Y?PA@Jlr~C=Zfct9>FUqLsaQ;miX2
z&UIU?vXbt57R{SiYM=hpaC>eg+V*%J<e03q?fohW?aHf~?H~8ybPhQn6}rin`cof8
z9iPgA8UT;n^nA8mxE=bZ@R~N>hRb9F{uy8U93Co6;z662p+FuZ8}Q3M`w6^N0M%MR
zG@sLYg303W8EWjrJ`EFTw$VWSeJwp19JpJ^YmQ=M#w9Vp`=OIZy12aE+{gL^1FQa~
zV<G+<ViJg;J;Vx3>~?}T6L7_Q?AcDMs`4h1ps~%LuR*5*H(_Omc9z+}{1^JEb@tE$
zXoFCSbwy>h&_=&+I}y+Wd`ekONjCRfNIUN|tWVoGpz_nFZ?JW1+uY!%?948~iL?w?
zejZ;o08X1D2!MAKxFsYln$%81_smAKTQ6nwcCH6(x(^QLVE&tr*4V#U0k4dEG6?Nx
z^e>ce!KK{mmZSZC1nqa;#Gdp2s~H&lE_UYG*qJwzU@mErLvuUdph@pDDcf#N1B{#B
z0~-Nt(rL&;<M2Xxj?el>0ui+PN3Q)Is|QiDr=RwkuK-6hZTc`f<s-$mgmppO;Gn;q
z+kfJ2!r!fk#^C0g8d=z>1Ay~`b&B|<FCT4hKCalFT9*5Oq|iz$3{Im_dh+=$`^MMT
z_)UP}AuaohT8f49%zgpjYBG!fSnh10)!JT8^<0CF@|su;6yNnVvjg|_@p*fXd-LZ{
zudy%JG}r>-T**5Ez<iL}vN0+o8k!SlkG0|S8iFZC@jtQ}U+_G+;AthoYL<5W(AW~2
zmCU#dd05rZYPU0aX9kTh(4AA`5aNvIft5f6?SYkdeo~`S%0omN^}`Q!yW+{NJbZWo
z8|TVI0)T2XDjy^urH1cSQDFDp-_CS%uWhT#EezFw<VXKc+IE+Xo|qqPySCbF|9ORW
z1!j_;-iFO2AqU(7;FliAte<bNeGCA+kwb%uy1zXdMGxdT;+e!y;P0;lu=mRVwlf_7
zsP`=2XeT|h&dQmHqCFoq9pwdL++Ips-KV%%Gu&^UP(fpG=uF8<77A~U(UxDotik5R
zHfIf_tMIwd2-i4t+0j!**>E&!<uA}vTE&pYVK`yB?}n%GJQO4lL3=2aQg0rqZLOGl
z%O|Jox-3_`P&Z%l65sW91B1CDK$5oNYLOorkn;1N)n$CPg%6^mUNg>)JiN%3FHKhd
z%Ozcs(fTRc2zbAWBKy#XYwgZIZF1%dpBj-Xvj^{Q_J?nxc~8Tuq>7PPpb?PDfVaXF
zqlL@%{kuhG?>gM<#;@YTShf{lKeTeQ9rM3cHWhD+O^G0t+kBAXnTViTm^%Ks*<)-f
zd<sazMEPeJfc!OUn^eeTLD*c<RfTr!bMcDl!EUZ`RzJJ*0ol#bvhy{&GavGaaqOG~
zRK}5ppafJgWkZ&B`_xl@>URLp@`_SB;myVNOeH1~nKW|&&>$Pqlh5|PWrg;GAGX>P
zkN4EJ$B!?vvpzcxSG7(XOJkD8+?*4Uo*IhHtF;Mmp&kFGb$0JPwGOxiYEB=OnqNN0
z?ApuBu6Pd`^kOru#wV>?wr-tQFpBylW|Utu;CS(8K~HSryqCr#A{ole^I-L6d)2>I
z+C<(F+uq=m6Ze^yC3=}yngzvx^05^YlV@JbR$hKzNec`=TVN=c3aPa8NmSudcoMT9
z%QEYl_zys9f?v6*#U{c>u6FYz6Y;bQB#_HDvJ2RaNoFKKJ#62iDi7#9*yPL<!Szq(
zisRnoO(erL5l6xDKmyU={&&kyYQ3$Q!LHC)yzX`5?TyD2+mlPXY`By>j}<wk+=+w7
z7I3&?a-qHMn6>P1<27!jnXz$?re!+w6tn+bZT9kcXx~d%84$46`GiBv{{9`aw;k`b
zZh%qmi8aM>_tFh^gad5vpRLYBJ}ZSpKbeHqqGew_XN=9oH(QNGC=^YTzYOhnR!M=e
z)>lqNrD#VhQ@HcJY5Hily;ycy&ZSW6jYL;J6~K_Ce14xpRtQ6qacXE24iIzL(D&-E
zv}R^22K(h<hhe*g+(aB9R6a;)Zt&Xnx4+Y3k3X8NZKrL_*g`w^JZX~HwkPF5+a@Mq
zP#ej}e|tW=^Str+b<V~uC0ox}r39oC+Ht((0JEzuV!Hd6&EEYgY~GkcE<FdtFLT<p
z!tk1VPa5^DPp-COF^SAzk4=%5UCn2Okl3YV%Y{$wiYLsUq+}BEh4P1G6e4zP-;9K3
zeLE{HY3nk796H0>&4Wu}C-?t`-?{iu7@vCI(ur^FS_$Oy8{M@z*#lFTd)=sUDcsU}
z&Q_Et<}Vmw?|V-PCXzgObY#g^E_r?sG-WsZaFg4sQW}1ka(=|C$J&`^l-iR^Sju!t
z){8k@O2co%6x)h}#eVDr|GxKcvWqULwv8LxWmRyd5;xgLNInb?ks}T@yXdoQpzum(
zb`V%gyB1W*wyX8A&wF5*ePGdgo5!GIBREI&c?E1`R}I5-WFsy6#)|Q724rYd)!-~+
zoss{?H2G;v;8`!Q&4C2Maw)7q%l_2FQr4&OqtF`c6jj%?+7(QZpT=Nkz81c65yyW6
zE`bQz11|DBCP;nUk}T--7iKGV;N~R&l^4kfHbi*qi85%j8SPjC=7tH~OcPHt%HjS@
zfcfqZTJ3=c@p^#Vz#5oY%x<)wIMZvCC2|=TdED^Vef%$wlc{9WinJXtzsN58a<jej
z#47ve!}U&c7O-bLO9X&=Apt^VT|ad^%z)#Y?_Fx&SleU^0PK~>ifHq};#N6RUuOyS
z<wMz0?1Y7r{c|yq(61KLZNZa6yV2)bJnBJ=RNVN1pD<^fn^h^7Lj8&Uvx*jvXQhP6
zH7yrm{I|;_5J7vFi9QbrQ~Ly<3uYA9x2|r@OtcBL^3cO%SY~GuEg*#hMZU;QfRO=~
zxW9V&MmH-{jfId;IJx&eBkjf;#-inS+N3fX5nQSBMtrgB@KD)jPNDtdfi64j@KyGe
z%U0To6|D}GGw7@Y6M$4NK<h_e@yH50{NZYQ1fVR#qhz@=OXQ8SOhkfZf#?Lu1TFi^
z`%Q7{SvwF#Kw|6J^^JCJb-m3-%U+u_E|~~+@<Qop1VatPAtQ_JC5hKaa4FP;nqLK%
zLZ!cx@yFnUO9BzJ2UmIYiJKy{Tj0_jdJt_&l+?;ObB5c6Uo5p{>sV(3r-{4~z`O<X
z=>GU^-+fQJ{r-2f98l=`>-t^qnr!cSTM1?oH2rK-t{&z>q^$<1c4gY;utcrQCFftz
zWOL`Pupj<ljkP2j9t#Hp7Rvv6+FzI0IV<X{qO=J2J0?`}FkgPyy|W{;$PAEqF@XK~
z8Kdo}vWYH;8V{LgWM95Pi&4Rcz&%$|9OKnMv~}63v&P!^;l(cRLCapWq0w&Nyv53~
zXE#VLxh5Fj-=z|WpuJ1QpNGV$tD3Ed?}Od;lSZqr@5q=)q|qJ!W(`Qu1<!S(f?ljj
z+un$&V&Tj}{HQnElINRUx&lg>XGY<{a>2ziYU4>FD-FDa#-vwNJO7h3WDZfov5B2?
z_MTm6`;?{Z|4!X(8#c(;;YmpfpnhA82?x`_{s49jyvadQAAWy<m$F-lAf{tK{`A2!
zd|D(H8nydbjOt3vGxL~I&y4+?NsUjl1kV8E(Q~_7=U~sit4c0~h=3f&3ZJvMcX<S{
z40m}E<j4SZRnxxrDKD_Q{@QMjXDy$qm=8Q~l)dl0!|bU%y5TvF6R^<^@uF{kdtEXp
z2|grt^#e%zr?*b9XO?%`WI(lxHB<5i+%8q31DWetidNnwqk*I_y<d;R#=PTjr&GYq
z{bUYFSaDgC);mdBZ)=C$e$X_VHfmUAy1KONjV*0<uKdQ~DPN0GjVInUti}D6nWNpF
zlc61uY_z7y7nn6V6(95sJP6MM&+$C;BoIM+=#|-4982qLb=!5N?03JdOO`bC1Cphs
z1@?gt%C?P}0#B1%7j){Kcmw#O>E_p5*J^j%;mss&nN}eN^p1B<woiYu)Sg(}X%pt=
z*}hHu4unWb`9kr|m_(Ge=YX+3XM>O}xBmv=l$P403IO|g)~o)(!ijd|+zE~!fpwr8
zpIT%82GGlKdy&UVt{|$I<?1JTOPILhBK0x<Z3S93HtkaQ$~7&YO8md8B@jV-SC>FO
z(x*1ce|qoP1$N~(TkZMhn2nM}haNW8O)+1wtjkI?!@V0rvO@LkQubw;DCRS3@ojJ4
zXiFBiWXvS$v1`NLFMM&j9s06DTU>?N1SbmJA5h9;ez(WB0DBI=xClG;nNvpE2M?I;
zgOaueAcfoisM=)bR@T`(rpo7QF{%l~TL~zi$NJp+Bs<|KVcE}X*=_y1GL0ll%npDU
ze4gX~ew9E3?S2*Sz(p=l2w?cfKTuI2Ra|Mknqq#&C&yYn+P0hY;xx}Z@dg09DeErI
zlwJCzHP+nJ32^)PmHy-@CHDOrreRZMfmPJPqTmXcCl+>fG|nFzSuev!`gq*?E;(e5
zTg6Z1Av?A-?HX3sJLa)9mcm<PBQlY8oR79EtegGr`4gSJny87_$NWHbt^E_Ne;xyn
zt$9jsSIau4@5f`J9Ci~4$W$?JN`amG`6jDep18mzc{}>(adyB$?3$H$O=#XlKGiPb
za%K{|Np8Mni`{e+o)HNJ`}Tncjk3SoJ=vD5?yzywlEm}LLr8Fd&jM_gT47bdE}My_
z{oTXoX59NEV*z#xgP@oEdnHziE}O;gp8cS{Gt8t@TZS$Bb5lp!0aIlHQ$y|3Y+x_V
z?=54om_*Bt+F9S_JlNihWjWYNBnN(^+4%`AU3TZ4R9MJs+W^ayVmtq$v9^|x!?9EH
zZ`*dO^3fpdKd;En{A68baVKfo0&ekk%<CsG1$`oeq8&DMeq!GSWQHmQz+S6f2FG7s
zHP_90lsQCT9kTWV_MyC<*@*K2P`MiBqtYqvBBg+QKd{$iIgU6P2M?78v1R|Mev8d#
zaj1OQ&WCCl?T&os<NMhi<uWw$M8&OJV>Wj}p`G!G2CEJePLl5O8;%{1Z5g+>WqDXW
zwYP)-WetdKUd6<fiCWxgojte6y8-%vN&muoPnu%aerK#bwy49V?*(x8gGWhk*81bO
z0GqbYRsq(XXwZ)yK8IamMmqbo06T!^Zx^k#v(R`K;%-<4z%t1`FQi4ND$%AdpEbtz
zpEBA3cF^plWnZ&|LE%Kp4g-~WNjOHb%Owy&dzTkM9vJ{Q<wY?<j>4#Zcl<G1+fLhr
ziN$u_1>>!jRWZhB`BZ6$c_z8u6}s7%OlLoBm2Fs`Y!^ma(zZpXo<7~a@wG7?xc44f
zzzt4goA;AvYM5E6Og;JPGCO$c=nP={fyb2nos|aPhI`-KWK#u+B@qEveIunW5bjh=
z0QX5~*?~es@sFxnyQ99%Y1z)BCIpD*-9iEpw0DbQ%*sTfZI`o@>FH?ORh2z$+pjxj
zoV}Boit^ho9mjh@fjkm8V%nTno-Fs=*J<aUS7S|$-2;;X?m|%KGiT4}0o*ySzn#ZC
zY%eN_N*#kT%so|jY`g-~!{Q^$ZGXHrf=MKtA7R?~YyVqgQ}7h2Bhv!wTmf5rNyDE;
z`ZcYc_5&87Djz?>YxOWE4S#cMyM1FZS~e>eh5=8#7issAKm_gGr!0L=Kn7{h!<>gk
zm;K@w-gi29l8hY5hPh`?AZ+5dEfmNz1vfw~Ds}x0TkNvSR#_Wse+$q>4!BV}KXdkU
z`{tEi<DN2)Dc<=|MST+e@?W4kAHZCKpY?l3mDulJQ(^NbjMxgW|F@>z4*6HLU(cF%
z@-^@%@u?HF6m!hWFt@yYFU>fG5Ny!0?^?Ri?qd%~d5mc0XFeJVmqz?IXe1Cpd(ad`
zei^A-&7O|43hkV88|~R=n=*i@R1Q0AoSpO85op_(NfLMByrvFP6f(DZ9k%m>78co8
zzt&{mylNG;UxzO)DG%H!`}AjK*pF@;&*Ym98%<AtIJ52tlh!SuRJ%5si<yAqB3$Us
zpFYaIe^f<gwqvki>-_Ikb@sA{R<KKbfqO?g#N?}ziI0gi8d`+vtNTu|iI`oa*$bJK
zwl?kk2)698X!mQepGRA^`_y*3fBE{Jc00lB4jJl9R@b}nh7Ardz5AUvPn>$Xw}q<C
zYXC9dW)cC3fP3}xX*+oDBK!RL4Gci8c3L+0;>e}V^@mTMYJdF0WLs3-X$@>RGj=BZ
z0P&uL^Pva+zmgXlvjEEVfZ$Rz?A!L6Y+pLO%*L=mZ?Ikae56ckioEjSYBq;2FuCJx
zk___1Hc>I~$s$y^_<a%=zt@zjx1>f;T<WRWZ7f2y1z&MZYnK_v-*u1Tzuiaz5wv%s
z!t9-u#$<~56<4;f0-&F8qpGZ~^t^eccJq(N+2U25HgWd<Z|^z)<0!87+dWAqTkf{p
zt0WhYD+WTS#t=y8A#oCtK&XKvl!WpF2@rY@B_tvA5+DgqLJ6TJ#0ec@uw@%;S(bb6
zMOM4p{l9N^S9g+6wq)H&chVbsv~6~F=G(n*-@bYC9zL&qf^S$yi?&HxB<}f;xJPF}
zs@^L1QR0T*?|9-Sxg38&Z~6GcfwY{H1uGos3zNXMlDJ8OYzH+=)L$>Ij>u%F8$LQ@
zsGL?j0Ooa6NAR8Enf0+RuP$6Kha+rRPdJH!w*V75ELnuj_IR2jkA^Q9Kfw6Q=6z%)
zanD)1-FPt^j+e=5?!!5n+9v`^+U@hcnqFD>rEmBBUf+7tM%lL2^8jd~yr9I_zurf_
zaSGh0a!}Iq9-4eKz%#VrUbDbcm0WuHHo5(_RZ>-j*^yutLpr!B%>objQa34CK2*;7
z0bROAB)`Ct94K)akft?Rh-wH<l%eg-La0NoL%hY;rWVS92;pUj68kx{$oAKQARjMT
zDaU`dS_bEaj4FhYVUk7IxRhtDg7&PejL4tI^pV24!AH;4YZY|d_rRwKjkPP;E}o>R
z-6Ei*-EMC!ItKEnhKucD%v7WYz`y;?8<Z3au@XU&bf5Z*YpEt-bQ=;VR#Wkd_leu6
zN+5AxbKQ2i_7^K;`!-sYcvJ0z<)Fb~IG-9O4?Wn!5cdiwh5NwKRH~(JcAM`8O374*
zET&T@Z2$9sL2?7sA^Dwi;?yDD<eAN|)VTJ&C34P!O)|1`wux}gi7d(dQSp}09(*CJ
zRnA5jv6B-FKE4Ji|4B^V83|8*RLN*+-v}i0`D))tWoYl{>w_V>I4F76*;`}*oJn!e
zitJ31p0r<AdHA6oW>7NeQD)*X!?ma?Sp|uE{Kzc1`<_bq$&Z%F>eYcAw>NW=QZ+-R
z{qTbR2qiX94nD}1d5a^`8^qlSuA+@AST;XNiB*xT8Tn-x$a)P_H|3CM?;P4)K0K;O
zjvC>8f)K0Vvc&ImM4tKHzZc0Jh@>7&oJqDCp4S6peD|6^S5F!!VW?^12OpQg_3Ei#
zY><8!d|ZVWG1VxV+BX79+U@)P`oDNsKyYLV>Arg~SOxRDz@ZcOopu_c%$(}kZku4d
zh9!6;$;l_~H49xtoC(Pvo~x0sPF*Uq-~*hJHWS|`BuJ_uzI0GGdGQ~^<o^4*8R9NS
z!~mKG(szoP7!<JRUNn=ZlB}t>CRuO9^{5Itr(2GEcGxhv;=rNOH_wx<35TZ+VbmFs
zmlmv(;{Ps@*I>ml0y^Y!kYzH}A-J4*LGUFo5N%t9m&l6<Syt35Hsg{wMbPF4X2VPf
z%WUjmdA3zk`$j-XyM5o^y54QagqLweA^AOm@xJnR_;E!dF$QXq8*k~yJ!Uqev6pTE
zA)3k?`vX>?#JyoLrGH!I&xf=>X{G%A<qd|cJ<|3D*VwjRy|U%vO9skkpAC|;&d4?@
zlg-<pG8t}3Rv0ZN^ERWc0a;VBrYqIWz+fR<n0^IQzTet^p!{}9p-k-G&9nuFOyW6#
zNgboOpE7%m3`P)x{?H*aFmRnT>=jSSUlK6YG^H2>{Xc{(JHc0rupLIy#_>1HHptxw
za4-^WXPn7qz>t(SY9(!hfRc9G;NI$2B@u6cKWl~u`{uMwvd|9?M#duvj2V+BFTT)Q
zN>{>~1geOXn%sd5*`6&cG2jR7!{|YX9Dni#x#5>9WYfl4-@%ke+$2usi4(iZ?;aY4
zsrmUb{s3F%mPe!#3S_o58{#s{>^Zr@!1O~XS%YlLK-Pyq5B$RT{_>ZpMRIgOpP2f=
zROacfDbc=GwqAz5jVSKxc1jWS*BopN1{|Ao={+~DUI~Q1l*Jfe+#izs<@*gXl05s!
zdqv`2vZYdvpS#Y?xLl3Cs9K~ReC>KeNxNO&-nh<@S@@%;2nV9R{kFAIS?L%xN#Kv}
zq?7x|FR#gylF}4JQIBg%uxdl6Pz6iG?GXIO7QqkoO*`ZpCoh$cKiX!@*kV#Q+6{?1
zH`kWqj_)lmzdlU<{HNYBe1awOK;9b=0<s4UqZ>))2rBD_yasm6i$K;VVMgK069&jD
zAnQ{g#RhiQBt|A)o2GONHde^x|1Fo}K3y%j*d7Y0mX4pADd2mRHsLSZ%FHhTL0cc%
ze^A{ZC=ZaZX)SWcr+DL`v5e`gHrWKL<0K{Rj&rX~PwDr1T%j$GKUpo$Jqw+QpGa0D
zs!K4n{P?eCL5GZh3DB4r^+Ql76-!)`*I2*Em3@b2$&B|L=(1PI1HWD+n>Kk;cW_y@
zF;JO&>)ZLTh#4l&|GBpuc(^Sy=Xn}k_8~|C0fS><MiY^Fj4IQslgv0^usnNYk(@Xx
zUwU8w&zSMWku`~N!_FFc1TIy_{AaP;Pq(U&t|`q@4MF|2Up%-}QkHBw379(eCD3F4
zb!=bR52~6#x(+@k{xolm{GQe#MlIrzd{P>qm1G10`c;(?w<&pzq|NmDB_PNVS#s`q
zTV(9m&St=mWJvpMM!C87{sHoj(Qw)i2BDpFZL*waG}a9;Ak`(bav2W2Kwgh5=&`rS
zpPtz%x7^W34m-TN3E1nsSUjs25^e83*)r{0`SO)xddmMk*(Ogtz7^IbF*+rIQzGsR
z61;6hPdTZuw~XwaC)wC$3UtF<=PrJ6Y=c|Vw-;}cUzTo^5}5rBf$cTxSO$DZ*4~*s
zBl(GhU4Vwn$8~QR)?H2=!*K>rx(<l@<CR<FtOXmT052Q1DHZy3b5Z@1wg@O`r|qpt
zQNzG#B(n+_^nwcIv{Tl~d!OaXfB~?S06USqM~>=@AO`s|^{BNnwjfJ3LKkj~k7In8
z{Km0e`0lHQFVU*4ur7hr{plx;965E3{0szs?s>gs-(m*1q*fqa-|b2dkURq{9C~OE
zp~{6Rkho!zE|*LiWYiztk$|i{`lVFOv;%g~?_nDHeejU?I)VpaF1i#zg+hHXyUkD1
zRCeD?=s{abF-`sZJ#yuu{RXpHM!04R*v{2Es^!#~tBjv)dJbgEQ`sid0R5A82&j4_
z?QTiyG>GKbAH1*_VOMU27e3BVq!}RfxRhv*oZ1snW_p<cKNDq!VxY%wDQ_Tc%Qr&m
z?uSuBzBKN=zfy|Fu8_O$T<M2VgG}tVC1@{SHo1sAp98Co_{4J5SCiZ*tuj-hresYb
z<OG?2U~<a$-Y%1`e!5CthZ=>d5KgjLi8@;&QIe-hekpX-2SDX<*Fi(2D+Wk;ABZ{I
zS%r{gH+{TZR$@66UBvCv)Ikxb|Aco?5ISPFDb;RXLH%|JGZ3rfu}7fnZjcyd=B_)s
z%B%$u>5nKg#?~7olJW$yV*6^KmSIfGk^OBM4gcI%T)9I=6fBe9Jg`a@msc9%CMh#B
z8Ito>>-{BBQ#vR4F|#~9;!!tz5-dVaz!dbCp+hc&*Sy|1NVNlGZS#&wHEpwgOhy%$
z&hxDzPlK@gcL{qhmpH5+n!QpUq;4Igz7l2ihYP$qXwrM%L2o>}O?zp&PaTIDiWgqI
zRo;AklOeSDfw>DW9v~NA*hywDh)O?9Y-u&(W&=S^B<~%tF4=}TBn+%jfQUO6UA#>S
z3YW|6x2}}Ab9P9i7K9AZnPi+O1!PUDi;^|l<?fG{Ndd_Ew9nVeyHJZzvZl+^<seO}
z@A;!3ho(C58ki>}VYGV_)FSU4I9SFs2wBE1{iAff{B%+BLzbnwe_DTP5Kz)i4X&9{
zD<w960C41hkR1E9_43)L+w1J4DY??j?#7!3$?4yvW2va*kAMv~RV8hZ=p(!ezEs8x
z2}xl;ORoOK4jDIog<N*&G80IcHr|QS8t8)mhFFb1nz2YGyt~AB!=w2gb=GuaO3Au4
z$vS8w<3;ww%VGrv9^aTWKn@<<qwb5qsBzFX4m_SvvPOoYt(?fiL8#Vvp#*KzW%?nY
zq@8~Eq;*>a2B6<<#&*nujCttfH6}zECD%aW?%q91?zwNUoOGOL3fL={eABuuHCLl~
zAj!KDF8DYpXWwBV`SowA5J-5feC5!kvTiLpg2We&$yoo@tX1-jnXBc=?KM&W{q_)K
z>XE6luEMglBx_u%E|Glu0^`M)I{(7BesWA<AJbmy=t<c8I#{@Ar+n$-l@fwVq=NSe
z=O|&<LD*qel(akSt&epa{2)6Kd|=QZhQ@N`;vcV+&AyE^iI0PPee$#Ap+|?vSC6*k
zi=~dV8FBlpMe^PTHT-7GF)8e4%j9BMo6L8lriOIvCH9LcjOpgmIZH+&IKfJEXgzW;
zuG$tPNCOwfd0Yg-{u6wPoZ_4IvAqFdudS$-(?3{h6zl!5p97CrXi@}pJVT!W4*{CW
zZ3O}DGt8EkUyI1qSH%MI8tD(j-5+Lwk3Bg=4nMd7aknL#;M$d#Rk>w@N56sNsrdV9
zj!>$`N?SISZK8xd0EArz!hUYweED{9f74X9F(B+MP?!Aly`}OICIbzFSHHD5sM3{z
zN&f%=eHQdFs6&7gZ)lTUjDWlkJyIn%-MCV!{a^(FaSt36mOnl}M2<Zw1c@8d-AA<Y
z;ACBE<5oz<J{$APpkYd|t6`CpZ?g^5VfTw8?9;}20Xlgsux{Cb0m-Z1Um|~kDrbbT
z6j8q-DZe=xb^#^r47*_|Z7$fuc;G9CMG1U?+;P`Vx#RX#m>J2*EF?zgTOqNMxS#yP
z5IO01>bPN5g3w^CYE_a_5RzXx6*im})C>4gCGtF`r^gdE71h*XS4N_8!-q@d_nTqb
z7Y-R~7Q9C_DFXEnP|~gkhi(`G0aL6k^TLDu@`fF9_g$-uSzSDF8&$~@L*$I_F*I0I
z2EdNnSe3N3{vpk7Aqkrkb#jrHU?R`U6Z^}wePb#S;!Rvh*f)K+OzvJ+AtNzRx&$vr
z5;mo9O^QG~0!rHPXrySJ5^6>zU*ZnJgZ=y$+vTnV#N8)9M;`d?5V^?MaeEVRj9ErT
zbv8AP<sGLBE0~qb4&b>8`sshcW8aCR`qo*sP$l9KHfB41uuN`)Z|qU<DN>%ngq>-R
zdTQ=|YHL-}PA$Hs_6R~)aR@AgQ7EHx%>)kjiJRfUCXUGx68D{VLRC`Zt4h!x_N5!l
z0q?wXu-tijS4_Y`Sg_%7k!4x|+jP7HZ!ZlG>9>0&99ZoH34ek}?o$!EjF^$w0v&b*
zCimR%!4kO*VarB?uos~$b>DnqG9j_A{F-2!Im#PF`!%H&0VVAe;tL7eJi*<&(a0+T
z!h>FOFvu=um6pP*C!uPz-o$mB58@u3CBL|4yWDci3NMm6o*WVoGktzsapfSmdWEl&
zMTq#0UogX#r8JO261tbFDkxzWfv^{2Q1NICCN4T+gzP_{yRi--VFy+s+u-Nq>US3-
z&SZs=u*))tuu0Z@xM>Z;m(zTDSH#yuUN-k=N+kkH+NnX8&vRY+DSTA_?XP{M63+TR
zhs8y&AsCqIjfbA(&8I(|6MABZ8xr?~Q3zCUV})FI&2rhXosrZ@+Vtz;b>Ot`_LYDA
zv!5*4=t$WbxK4%C-I4U%gn@c!x>sEQUnUpy%#}Y*DUgDmo$H7?Anc8mHFC*2<?_HL
z_{H{BBAFy%^U)oEHxM6RMgTe)1E=pDK1>cPz=N$Rr3ff#Cl}s;g2R5b{Ea$!c_I1w
zseNQ-`B1s%S6$`vB_K5z-_l$z89{23+l2(R`NT~fH?2zU`c)O&r7n|=aiPIT+{{yt
z>M0B6a}rJn{e)%7DDQ`zpw@P?i#MIK6?<W&3-SV3h&)ixL+(AiK>Bp{f&<e!Bp~di
zh@k%c8RhciHgAUJVo2DTFzCpBlB^jDjRA+3;7g$bH=Win&maQO!9#imzRII0!s1N9
z(%aI%Ek-~|yTuUJtAN55(@&9KLuQa{8_#tFrgH9pfnoXCr30m;WRRSH9;2T}WGj4W
zFwP;$rFZg)dmXGw7)kxnCu-z--&$t8?FCcb*#VjajvC!rp8eBMx$26}2wfJD?gQZ%
zsV9z++0wnAdvO=24q=es)ld<v#*EB=z>mm<lZQwyCdTkZ#(`)qN!+v7ZkM7Ni{<sI
zs0@edBohJ|@RpIR8M)r{6YgObV*=1!L%Yk;BMW8PKK-Q&`hrKC8g1TX>I0d7hx`OG
z6ZdOM0s>0fNdPgZf;wy@EUXgb<FNmm$P4gW%>uFEpddypq}6d<;4fpCy!l37Dc&D(
z4i`tHOTNUyd!;L}k$4~yGLrf}Lqqb$+fn0fk5OYt+<ft%--ft*_0E=?ZyO@hpYLrZ
z;gqlUBB;A$xOS3AWc;KWfxa&Si5&+O!52pim*Ym}8<GZGCh>L>n}09fC==gZYOG3z
zWO<R?sR0hkd8O0uFWXPOH6zz^Cg-``b7j_H!{zb=hsvOCx$G<cO9YQNN*S_#3#S}}
zXW=Kv8~ooyx_2}EfN!KlO4^M8v$wnPkdn9|UAuUOt-qq4{gAIg-b(VuK7J)fb8;+%
z$?7G4e|?xd`fv|KL3d217rk)TG}d?Hr$^#uXs}TO5uOa9^8p90l2`w+(LhFWqBzZ8
zaR{>3H>c&x?Ae3mxMM?RB2HgS#L2--lZ?>kn;z}@hh3!D*x&1{l!C}^8QcwVCkx?P
zwTn@M@DQE>L)ILl`@`JTGWC;{(icG*;3`F+@;8HcyVjl_d)P<5l=`3}RQoJ~j(#$}
z9A2M1P=0$vflTPv)$|YDh@c3&%lFSB<nQ7cKL+_@^gjz3tKNV-j%i8)0!rFR0I^{e
zct{;)Jg^}wcOu_{GLw*>MdnwsF(<)q+Mz^x&UyW%Y~fJ3`pQmle;Sb`2n9xcH{GU^
z{L)UPfHtvh^l{xCYLC%_Lvs8H>*c<CR@Fs#Ct<PeRF{k&-$kDN<1qQvU0tPQVMI0}
zoETL?ZU%lZ^LCJ(C|xgux!zXvk3{zKgN7kUaCV*Enr~*_=&g{zuYZ5BoB`k6^xIAU
zCtHyD0Hk9I$T|-z3^2R`eO!U4@Q;k_C2t&6B*(%VVUDNviJIr!gJTE!ay{}y?E53`
zJ%tuN`yg~B>}20(CGBJ*8do14*eD)eir$p47bAZkho>Tch>U%nzMK43Sky^wzICX)
z`|bew`iUW<?+(G7pywcv8%3TpObiQF4W0aU1a)U1g`Zuv%?wbkTv=_@C2TVKY>2xD
z0tR1t`9OK+zXN34{<cvG@v9;iVOugm>L!`-9n%l}VbB6f*BABfB+HI0Fhs__@+B1v
zyOOXMY^=b5<083vH73n~uo+~5_S>v0-4fdrypX83-hj`8g|G^_s&Af@!2;&oiG!p!
zBKvS`2IVMS^Swj<_%rf;xX(8r@9>{>3N0D<N=8pIAf@B;lL4?bzlnI5`GDhD_8w+z
zUx26oT0Hz1rZYcy{tzg{$&MXSdG(b|^8M2`!-c3f@K*(g$`y#<LZVDNB`BUE+GOV!
zSa{hWP(s+2m)`CxUp|<Dv?y(}<7U+?H*Bbtr=DCVmtR4Lqc%dG*|G^Sw2XNmQ6hUZ
zHKAVC-MJS`&!BTyv3!^e8XWcr6#H4#FFwHJl~vniNKTe<%i7ecS&q#n`yeR2iEgtH
zw%5Gii^chJJapH5^9E9NutZULqilnG6~PN2Zc71N!logJDFXliKmbWZK~(#IBXOb$
zANAH-VHI*px3FBkFYX~MLi}68BD4xI&nVVELH;?O=YL`eyj||6^xd4h$5S;m69L{2
zO|5_c9%dtb;NcD-W7GOQek0>?>3fj_!j3|cak_K~$+y0fFN;Aycii5^NTrL`c`B1E
z4B@ApWQw0D)g|i|xlonZ;vm4{!H2Athkw6DcJA~72BXggWvWa1^vRaXE*~Txe>6}|
zJvqy$gu-CO?$D8^+gAlin}cwh(Ef#xuCK_?lciG&<YY`oCt<T&xR)d?qYl{u|01`3
zwA2I%9*}Lz0QmBzgpFZ<X1$9HSSkL)zVRcDCVYd?N1E_4%KM*T!uN+Gi{ucWu<<f7
zCVW1%ePvf%!L}{ZcyNNdySuwv(BKf<-QC^YA%WoTt^pc%4esu4w{y-N_Yb`B`pX{u
zW!J8%rE|@yWwfh6jz!{JaGn2gJARF)9txJSDBWqFwF(B#f2NixEXbh(f4|N}Hn$TZ
zE=-q<!l2kHaN2Nw)BBFMcU@9mgbc{_BNHa2>%}BQu9sdVPqIUTR_S;MQ<wJ?pX3*y
z*EE<@l8imESzT5>IneyGX|O@P`A(Sg<CoZLe@^Z1*;Im4kuZhC_CS<xvdu*b7OzP$
z*Y;53w@8vGq1hy!ge;w0q2~UzERu_7f6c9%f$I5HNnCVR#jxmRivg9vh6wz5jFHG+
zdkBv_6Y5yT3R*Br#V*3&Hr*eN>4MuuS%o3A_&fk`P(7C;m+adea8nEzKMvZ8H?q_%
ztt0>*pX^Pj5X5FX_Ru!V02_ZugrrAo`|L%du)oFat1ONv{(jG9nfDTdgEA%=wdWBV
zNpZC3vIWlr4AL`iRUJ1=$6b3N=qwRXq0Gg$Z_5J5DPJNQeY8^fZ^L76oaIxc;!Ws%
zye|JD^$<jqHt5_89Ro>in?tIKo5ZQqwBsyS=HvObr&YTJ+iUKE6w@Pp*}TvzYl-fN
zZVsoGMtKm7L?G2+7f4d7%a{yjT;zPPSWyN@vzmn41zVKN+iF|$>tKy^L>AvLVl+cL
z1J{=fH$Oe_!%qQ7cGgyUfTtWQD`UVF8M77b8}*a7QGlJ|WE)zhtP#v?Sv1XVikr!M
zJMQzC0q1DEe-Ns0kz**yO7jc{WRRuAhDUwruZz_w)!dZon9+Eqk<@(sRZYpbFGY6o
zcha`xLcdoU+(vfe?NSUro6&SQN7mA!Y^x*TG7~x-wdG{8H7T{`Laj8_%*d6vpWE#W
zHF+RsT}gfyvTYw^xa|<)sKY)^Xu<f?H)xFIw`hzxNH2X^YR1vcunU<GR3SfDg1kOh
z8UTmI^qCWUcG|nr@0N)0#Dgm5O-T+N!FI3XUbYy)MOe^5kKvT>49=PbfG3EoA5tz#
z6=-ph`fu73s!@i~ed$YQT&6)5Xw|=H6Oy#c);!-g)Q@^q$}5N@dbeW}c$HV;Io{h4
zT^B%qQBVKQ8B~Bk<lm`4=xdV9e~p2$C+K+@5<i!VVupALFfZV5dDIZ-mm40zok#3h
z6go+!I*dCeOWxXpQ%|lOm)HSjwVxgy)+FDKUD1G{w~`*!(C9Vz@KQ8~m%0zjB7>Pi
ztJJ+ScM~f9S%PE`&6t)*sIwHzXY#xF8|s4$i^sNbiu}{K=QpP~@p@hzX9%ePV=NKu
zrA+7O9<0q~ln=8`1QFK#7B?fNUU&EBheq3OTI|h9c9Y696**7BTuUWj7~AR)$1-7>
zjLdc5QONk4%E`wN4Ug0Qf-f^mNw#GHiKGMcb7EX+Mk(6M(SYsE;BNLlutea7k<dtv
zAtu*7ptDSf$|%_?OKz1v7SbX2n+VQXg3O}%!x{NutYkLyJ*<yK#zQSbYZjHM@%g%G
z_Wo*{^}f)w9&)gYUZ^p1l@i@?*8A=fq`3|2i8s#gJcJj|g#bpUjqdlNg7n9Guug)l
z!vcOGq>MbVZX}bg2)tINa(EIH%M=fLj$#rB#9};~{CG3{X#R)^3eRBsab(-IW?1N3
zLsE}+t_&_r+T`4f-XC{;7-k~WmdRIx_k^-@!YWZ@T>6_5ibB8QzYuLB`%z50CwG26
z0^K|>GAC|2!pj}<C?p_lfJ2qD@JFOp*L5N_k=~ro2$_)#0^s<Y2y$=Wt+$5uzLG}v
zJcbVL;&zW4*pX@^rrET6b)KhtZU8!zaT|K^m9Lf{Z>fKqHk^IsyUw-ESL%q~9q$0I
z@U+2sSOG_5Bt2GCl$+K<u}Gc3VVQmq^xf4cmR?Az8;}{IfG&cdK^bP5X2g7ntYn*D
zUA+t7I0{CvU4gd`B5w+LF-)<#521?VTu+JNb8U*D5>C2Gj(1N-S3IHUVi8NBnK7h*
zWFF6K5YzWDivH^|rkLVXc!vy35EUF^)Ca^aTlOIH*~&ZMq(`?#WBaU$>R1=au{iGO
zKy?*BADg+f|4ommT)M1G#FAYad*07R#KY_#9>GlDaD_d-QzVB!!};QlvN6u8m}^sN
z`@vq`;#0-E$?e*2^uPjNfx?*!cdNZmX_8TpWj^i#cj{ANB`XH-$mcKxgCIU@pHiz-
z5>K|56wFg7nUD2#r3^}uz3g!h=D!`b!U4Oq7BKqk%%lvmOe=*y76dampY}<q8SY&s
z7awVB4wuhe9S|Qha)v|~xvQ~DqnOgs)u*xV=~5^3_6YZR60(Z1K^HK+jxwUWVjjx~
zp?XUvVoc0VGv2}!PeUAwTVv_<poiWZ>OIKvqNEgC^zfV>oN8%gPnQ3HqEcGwrQJjL
z@)r@}xPe{%U@oZ=FY9UsVbd};`wF#jlXUY-5T{~pZCo{I_Z*~8LA$ruQsTEOtlMdD
z{c@pNr*N|oP9dW9MB+sml$sj%b~~ZqbR3#pY$KuefP=}p*9wW*Y-wr=0b%0pwe_do
z3yz+Nn2ylfrCIl;fzav5NTA4CQ;Arf+_Pco?pWY-j^O5`Vr?()mDY4+cAM3t^qSxN
zZhh|}`a_2?->xD}4#6APryTg@?mWTMkF<URN#+ftVSAdyr~c=qU-6PS-W{edcs;PL
z{<_G#jaymtyQ9iK4Gol`qrWUqhg@=;{f65t;g1_|g#d5iDE?PYJofcRYeo`c{e`qm
zMZZ|~1xX&@ZP=9;xwXo{;Sk?0!q^@{blV-d1)Tx=gUxmXPl*KPD-Oy}Z-b+bF#+F4
zID@e?1i!yxNIZ=lcSlC^k3KAkCdAh}<R6duTh!2|a&mO0(*^is#SQrJf#$_F&Y^cx
z2y$HFJm##f0e+seGTaH3I3K57`#O7Err66+K(RgsiD{i0F^Uc5Qq4TqM%N!}W$@s-
zzlp{y`-kC#jc-h4cPV`k9N>X3Og2J5Tm+77GHjd_k4p|yYKW(qZzr7a+Lg#+T&3Ck
z>z9fG=zUX%>LbBD>%={twP=%PMn9on%_qy{D=c?CaF3tk*=RfNBM~(e1xR)L?vm}C
zp0?ME?S-KCZ&ZwD-5ol&lT@0d90`wMLVDoh5;p=RMlMIWfZ2Rovow6<WQCF|u=NK=
z0pD&oD=TB0A?ts`8MwO?j4w?I?I?j+4Tjj$Wyzs;dtY~+4K}De&f5R7J2KS?0F?+4
zdga1ZuOasYVl*@H1J895kd0n@Rp<3oT&)-SKb~_x?Gm%?m#IJfs7NK=#VAGJ7S#*t
z*^Mca+_4t}^jHMyFp}I6=@lOO=z-CUr=(Iu>w56fyi1wT5Ri9s-YJmIA`b%6fhH5@
z!sQ1qtRe3&kM#^UYsETy$+-b=an;mX_Rv}-yToKYLQkV7n&$mjp>PJ8JXn-Ip^lV3
ztxNPLz8Vqy!LC_X3`0q?uAp<PYgw$wAlPWU!yHcMOit;^c2Q<SNW9NF5#|<<#N{`B
z5Z>wOEUxe6_$$Yi6N(v2gOa2yAo)-hTdIi6^RPD)1DKr$ra32%3?Epr<^A@w+X3W$
zIspO4TT~A&k7e)=qqkhbFx@T<Z$G~7S*$V{*EXZX<w`FeQ)<C<ZF4~=JT-4g+Ff^D
z=>@K2-OE39!m)y56K!E+T}>DgcnG!{sFMK529lH9!Zv%uCQ8UdeXl8lG>x+<gBpt~
z%t>249E<s{m!UJJ)VC5qe@!`-3E=-WvY?8Ol{OaRQX%{>OZSOLWL`5aBI<SkL8Lm}
z@9X?LdkJ=|KH^kH;ss%mAuVR!sXmQX*`2jM75rUL%^TEd$Q;sG(pA~Qi;W+@Cj(69
zDC($uByi9L**#cBa2x#gJhQI8_Jtsyn~P?XQR5}t%bvBvnY<_P90(xeN01w4t%5^z
z2yUMjsIEf2CG65e)Cz)U{0;FTtt*_5?Rk?AGpZhuBC<{PzT6<5`fQSfHn!psxU(&c
zG;9|ju!)~4_w+58I2wG)+9NfSn-t=rZ`lx(#zu^I{}JRst3)=xgp6r(6(yo6fS+m7
ziW=I<c3RGH*mzImmVCa3fZlDe+o<E9vn{iD6g?kOQ)O=kU!89!G=||)x2tjd=^!&n
zY?;*L4UgGEdijI2wSknjrl(oU?{0mf9*H)>H$1!uH`$4HG5Bd#W^*Erc^g=Kr?4P{
z#f=P{bTxelI%1^sC*PObq)C5WQa5x`NUIE0iv|9)d=zB$z4;uJf1394z`g6dx(AiJ
z>_`0}(7QDqPMTV$8oonaG-O>pe{UWR#gVX!CzuobHrn{4H6F<&Qm~B`IOaE^Nn-yy
z4sY0!6#F~}D@nCyMM_YIRn5=UU6W1K5!FnURl}4s20k`bhPP`+rqe<RfKFC6TUOvj
z2p@;yGIt%Rqer5Z{Ck3ah@HZwIhhF?dji`P7V?-d!mZ~UmUIgqFv9>P#%r=#mEZ>I
zrfiuPbPF^PH&bdt4tJQnNeqzExVEieyG-#GQMUU#K(ed@{uwDHGvW=S9x)nWbe0{}
z1sdtgSaCXHQ1pDC(*_R@rN%yIhRPk`MO%PaTcd0@W>K}m(Ewv)IdrF60?#f>mx}PB
zUhNLltgA^Ik@RB|sDK|sB#p%t9~{vdA6Cg?LXTfzXfuT6U=W<n3Z2dISJP{Kd#^=O
zhVMD!w{7f`$S@49e%LwN%raTRrbO600RlU}pD5Pz#AVnhUd?0bOmZhRyWWeam4qT+
z8D8vEqj>!RLddUyFGU@M!4)FJ>k_J+!tGz$!EBMB9AuY#>TVui*l)=HcB~~<ykXUO
z(trX^q<>}$rWJUtH;62tZz>9W?HLI#9QPcdqXv>V2e2kVD!C2gugQH}A256F6%r2p
z_~nvntVU@h4>FH&Qq7*HCOd&(S!G|6y%i;dgC3D^Nn7xF`&$*DKDLaLnn<k5MK{C*
zAs$a)M&ulsl|wy<&?==>!-YWzrr6&DJ-$dH!D2Sq4Uh;(eY4`fSs!U4x2IPq*xrC0
z^u9oTm0RgAblU%#8#8JGhcEpYI7%L(B1y4*jjT8`j|~wLVWJ?kL2i?E)yL7wFVvjR
zkElKZx}mJBv26I9<<SsIkp~$sob+?4$3V@xg0_gIVC~tD;@r(I_;Fs~?P($eLDug3
z@K%v4)Fcnsv#E&}Qb_l_2dWD~G%v8K1u@lq^O&h52PG&zAtGdpDP%G)X1=Q=+I4yt
zTx(9|i#kaKOJR7(gm8Ow3Fb(n?~4qfO?6=lWeH3j4om)qyZ}+W_YL(0^84?bv5})@
zKI)WJTVi2L*<@1Tx;PEWJuI{V8+xUo2jKS&_(*#Lwus@W`vemLCky0E=E923n^8(0
zM9QFyT+%;eqAFT}y$H<VigM_EoSnk}SJ)A+Z}W*08H`Hk-QxOB#DXwA!#%qx)(%9n
z%Qk;ux|J<af0m;_%=RVAt`fX~M_dX<kmzqtC|#vH_^{rjjtq$>v}<I+x&@BSU*@F6
zQ=bg%J?L~8CdrA9Zd>sB1G<j~$}f?MtmU`ZXVxwI-ND|n0F*v1+3>8tt!Oqv><JwN
zp<44pbVchWhsv|Az_AnrK|#k0^;r;@^v}Y`tz7CstyCqIC0TS4B~#MLEfS+aFMRU+
zNqlniyhH|POo<{~B!27>uJf}~w`0p2cYuikx?s7eMR!XOrOz)fptaQbkA4_QPJ@o@
zX|!%^D#+J#;d!h6^fyp9Gb^=OJFXViX9DoR!E9K@;RmhO(e07T1e=7|ZoIXNqWAXE
zOCns#PY()%msm71Pj@0|0}=wU6G|;E_HDXg7vHa<Svct3aKZ9>x6qV6{O2-zk-ZO!
zdsZl%3#wNAFv{!{Ab_2Zg|U4}3Jic&!%9*ZP|JY!*fuieD>IV;8|G}wbMdrsGvyuz
zwD+IWJ797)*|ypgM~P!!ZHOd>%f=*m6PXFQJRJ(Lzq*ir`iTA+4nEe9kUm@{s%DR9
z$j%W5(z)H`qeO0iFg>CIfM~#|T)vdI>>9Y10sC;CO(ygK1k3#VWB7dhr!6m%Shr_Z
z90f8nPdZBCH&qlc5RPcTcZM{iS~Z_&P4ffAz8|KG;|e@P@@xH<lHA}}kg+H>QE-J_
zTnJ&BBZ|<l>Pd2=17Fu?gmkjBAeGj$5k>EtF}~TWHb6|p`Mh8<5LjhH-7CtmgX~?y
zP+((+GSQm~sTpP4)?sNvq4aq_&A#$9K@4vZeFR4j*xn_!;@BRWe%)N0K$4GHZ71-0
z{~{KUL=p)z@q0Anw<S9&Kb%|^EG7(Pkd~IlBC4v_NRf=*UU51n5JzY^h}3Tjs&%bm
z5JmTQCT#s&9vl$_>Sbl>tzo~rk)r`%_B@O%p&OA|gMBh2KCZnQQqdWNXe@-p3tOzx
z0n}zU=$7xuNx{&fmfUaA^U<9k(EAkBV1$2$MHb+lhaIt&<j-iP^+s>SE*;{e0)GIo
ze`AS2b1^4ztuQO766?){#EZc3gDy?XxOzW`fDl_I-pzo^r_xI<Iu5)%CAUf9c*d9M
zx+*^QoeVLfu{7`3lfC5(3fWNrRMZh<zzTxzfCf@GC*`*JUak8&)^~F)1-aj`31r<P
zfC|0Gg`kudOO+8`yr%SV)qld}+Fpy$af7<~=-v5>(sWWa_l7fBbO3to?7Hl2b5H^3
zwVH;nHtf&Ld!H&NlGSXe{9C<tH%G<;`+u-rGLBC3nIfg*MIsi1BG``&O-1V!P5K{i
zdqeDh81|cM<9TfFTH+TJ!)>mQaFE;V1dX%EfhwNSsLHc;EFsz={1C(?9;t9}r+Ry2
z$_My+rXa%_8);ZF*_`7eOZ03w$=vqYZFlo$wlt;cS{~rc+rr?PT#F-}PLF@v&-LAI
z^$$XR<Zqzhgs>pMR{+aXB8OI7;R!6}_ufC&06%@xZ;<%v{uAF}qb%6jAP8Cvv5g_|
zTK`Y{wx^^(R`&~(=NTwa#^ELYlO+&K`x*|h$l7cB7u+UV#?^U1o);FA&%MG^+D{?#
zpFL8fJvHSh1%;q`T;q-sY4Q8?=o|((idJXj7N!l`JdOh3c&R84t8ZtAzwPs*@Mfyz
z1qcq~9f)<~MRp}BB)v{E@19&)))6ouYW(#_=T%?GC8Ni-j+y)uuE+MRKKGZcNsnyy
zZEtv!DoP(PG1U`P<>a1u<4R3X8r$rFE~2fT1M!m&)kGe>ua26;LHsLlvaUXkx4q;n
z-13^KyY<_oU^rzEsWF0>N+29>ssn9?4Z28@+g7MOdgs+lNWA{jP+u8(GRyYB7}aFR
zrTwxm!^<5{yz1Bf4<mI@3@ffGi>fTcSA1o)e+?V3ymP<Kj{3$23yNbu!#m;PN>4!P
z*~2J^;&?%|A00Nzq3Ql058whNpCp4vtRU%ahC<_3ibXDZr2x$Oq6fNI_8+2iKDFjy
zb!&0&do;e{jpQd+Cf1cx`t(Yu(t$Q;T~_$i^apIf9!SVopf=hOq{=S+a*X{!;WHUL
zFA$LnIq`85k9bb;ULL@6x8%%>oz07g=FWx|ecM?5z0jrWCncuzBT<IeM{28Zd*$L%
z*MMBBZkP}8>I-dzw!#x^+;2`1kP}xhT#7~mM==xwtzia!)EiL}MLi2@2;jo+dF$e4
zaBjfl<+jUo7-{Ky)?J9L`=LHcGqAry&ULm`hbe)vO0@bUoyydYczuI1;ewIU2l<!P
zN!6uDHHA^b`iOV?$%S^&Fh*b($R2yw6waY12ZD_-fua;qA7oGX6G1%BGNxl(^uEr{
z1RrPZ?r}X9`3umcOw-NYGul(A>X>Sj-m>c?TB@^1@=qI&kjI!0C-SZc9E^=E2lhe6
z0-vHEtgB9fH?-xVwYK`~x>hOx3~&iyR4|C{lRj#J+6~BO&OKU_-_q<S%Dh~b50&Q^
zZRSkSOMcr(r+Oz3Nh<DtoNB0lPi7DP;kf)YzIo7kgSCfs*ghv@uzOLu-AauHUqDZB
zM9eTWdfYeB+x{&Su-2~j-!Y^Ez((pP>)}p~6Agqxy|hn>9e<V6o^*e#N<Jn)Vg_{z
z)kv+<_lXL5m;6mVG;4eG>m1i>tD2qf6XI4pcvxAh>U~id89GHziy;(~s?Yk*hbsfJ
zK>jzmdFp!4m%rJZEE`bPp(wghTR7D9xuJe>1D(W)^IWJ!w;r$AKi8Dc{43l?-<{D-
zNs17?5$@D=>C3~h3aawI4=jj;4G^cf&$`B<cTQlE+6a)hTmkolnXSi*#0Jj^myi0v
zCK~mCw!)iNDfH*UIM~c^J>v@M|7K?a4ne%Y>k739Ln0Jqg9gNIQ`{stLrzPmmN^6W
zuKDvqF(UbMNacQ!p_R$2oU{Oz8X}eyEXcN$l?VIvBNm@rb{3q+IUlw8J^1e@-`+<b
zRIUCaDeV7!9x)I$z~&SY<HxJ~9>s_VspoKo=tloTdXSl+-u)st_J3Eopa})+S)~az
z1J-T$rD}u)9d$`B<opu)ys!PF3X<8S3^Z(%unvhZD^hjry>Fs{csBt~UR&(Dy8w`%
zx<U>l3ZTUZ<P-%1=qYUyutUC{!U`;x$Vm{ZqB7^FX0CeJwvZ;kf+x6a<poZ0<*F`t
z63M9PKhi)%1^j1D|34qXtf<qLXFzc_=aU`ZVYN$3zvvQYVA)1o&o3T?#ZdkU|FkUa
zrABU{#kpS!oy0Y}O5gIkOCC5auxbn^w>^2Qx*`LtSwK^?&;i(FVk)H};u*(5`SIZr
z+O*mNQ)oII2VDeCEv@trPZb-_doWH2WIOF!&Uc<W1`71w+Y4cf2p}Q}UmC58IH}=a
z6Dmu*(QG#&>fV2@EOIAK6B{vuk7-%+X~>vr0pXpCTkB(WGga!T2(aWY^6<(tQJT(-
zNTllZ9G7$wvv}0y4wz(=vGTbzqoO-pqRjI5c#{qzI;zYLhtf^|M9HcOUK2U%Pi6pj
zZKz&MF(ae+Dw<s$hQHsR+)eJv^}lLUGfo1lkzyz6O;g$wM^^LB#bxO*C$o(eA18OU
zXkF2v6mb4AxQG6hV{*(V*m#VGe6v%lZX6UKY`RAu>v<1r{>yL`_Nbvo+A^OunH{^!
z@*}Q?y?7aijg-|zcj_<xv(Qqr667^<g+aOv<kxOQ(e7W(m3v}2imZquGZX9Pv&`bo
zIkqbr?vA+}TBz>*aS{}#%9MElyVbHl53k0#QaH^vw<AtMVeU=u3OREFt8V=9u@O45
zWGeIUmPOr&@=4LMA9d#$jq%t?X$<+>cbjUdY5e;J#FBR(NP5%|$1%cZfr^J3R%_Zp
zV3&^UEf)PNXs%|#8B@@}2ez+Ck_tmaOXn9+920I0AL)EvZ#?`knS%uB!ZE~WXNl-k
zVFQbwf0d7D9dnHI38>91GF^Grh386^(|k|}Ikr{s1Mj@MKEuFr7w35$e7e?SMfKfG
zUXiRzc-SsP;WP=P%GWK#J@WQj^Gxj2js(lFVu^A(1a7Lo!mmTV45tIM`?3@`{ZU{=
z9^4sTfetfI>D1S|)D+I|1YiJ#%)kJ_%1p=nhx$}<Hb<xEq5R#|MPuR`UB{n{MM`IG
zW7mgY6Yj0Q8&JB9unz0O94^Nn#AQ7};>Qmi_tyD)v6ongvSc_wm$nH1oYBq+|4|Q}
z?kPwANOAV5OFS6`ndGt_VY<=-AD`m^CA}7ifj<|hgQ*CJ{{=>8p;GS%(Ss!Y+3dfu
z=aeHPkj2&6Dui#|6N@z!Nc><`lhgDy_6b?GC!pIuiUKz@`Bx$>%B#$F)-*yTT;||}
zHi)NY881BN&uqE*)z%Oa@FjB}LtzyQ6@!R9#0GY1!;r_x%hfc!ZUMnO|GS=sldfy2
zS>?XuR1iitj!C$>Z0|+z_ROx-tCs_-vszSCf9a0aG~NO(iaU;8@3TZxu0XZdc8+nm
zoSb4A;k+{h?5j2PEz}4f0zeyqwTG?6p+Aw;*~~VWlhT$giNFhRl9qU6&Y@3kG<_@9
zyj!40p*lUKIx_`~JI4q3`Kg{&>T+r8n64E5a+ZvH4YeFhp*c8DZiKd!h!T$a$3{i1
zwN$Q3#J3%L<{4pIvyN}-i{+J4Po40S)bJ6$hq&xvK)|%A(dIq`mVV8RO6D{oDsrqq
zSHsfGzKx2C3Bhl^ne6vVsD~tN7RBy=GgGhxR;lnhi|OgHnTc0mrFL$VEec{Uq!j3K
z?&|;`Iu_?s&xAZsL!{!~;j5h?^f@`6qF{BZo!KH@f<`5r)0dhMlGt7D^SAb$Do;UK
zXI*eB88%lF<GC8QTg1#<MPu$+$FKWhuz$q1fGlYBq}pG(QcAe68obc6RHZAwb$vV)
zo^yCoGTu2=7`DowYp1>lYu~V??ek1a;4fLumx`!pXiVH-_r4LrX1iWfT%Be?IhSHh
zvV?bfeaEU2b84o~Y=VN{L#PeCmOhc)yE^*`mt2d%Ma9=Pm22%EeIL~7T#)pPr7!Fw
z;=xq(<o5hKfWz(nnYv{>$7oF;NBPJkkFWv!vH7lsG$9U_{BbxrPT(xT_J*>6+s?#*
zS*shBSkK*2-DEf#I<CGx3%a(I*sP&OmHd^Wlq)UES^Or~f)VC!@Vie$48%&H>pE<u
z5Fv-_cs5pFQW3t~?ZJXFmcAC}A>`Q`GPy4TnisVR-)pugY%d<&cvJN~S9Zgn^ss$G
zP$!RdMBJMU9^X+6!8M=AL9{A;L%n_`gtIp`eZlX-2p8>7w9`efCeWZ99i)g^OQSTW
z0xB`ukR*hv5Kz8t(M6s3kj`cf^@2dJCg=RFHlG8Hk<$GG{2a5;GZKCq&84Kb4v*KW
zeI7SVXd(q!HLM}%_g|bal<%%}&`{R*>3h>%a-O7J)9rQ#HcM5B5o}YHQyJg#YlBbB
zF*DwuqMrKs!W++D&RN+ggOfncc@_<{rH!2oKr1ypHK!}w%#KK46SYA09&g-?`O;#%
z1rlVE#oUQ=F=^?TW0j&`G51o$nOd94zJzo39loe=yjK2GK16jg0;qQh1ACQ%4Zx;3
z*sYL4?V6dw58QM3-+o}ivL6p8VKOX8vJ(X2Jcs!(E4R*Snk%m|?uB4y4Hy0tNYKf7
z=?|)cQ%P$*Es*Lh!cjYK6)XS4f%cSl*IP;>8S>#(vU;YV?2O0iuIH|-K+QgVsk?JH
z^XXJuRr+nAmY!B`Y=3gKD!YJf7z=;~BhXM;XSS{ypRqvs2DjP@qno9ijQI_q5+l4r
zBooC{zEFZ2cuY8R(CXZ4N6h7v#KF%s{1VpY^z9q7N9%AHc7<RHYZ`W(@B+Aga4h?H
zI}<Y%9-k%KQF_7^nt-8NpYVjhm}Zm7N}6|ASw(Axnfv|ewYi}iEx%#J>36D(K;=&E
zpEE~N2lz-y?Tf>|8PCF}-^m&_OQm9HM{G`rBnrBS6OOnR^j{VeU%}JzFv~Nz;=K;j
zCji*;<$aSKu~6aWh@zB-@A3N?F53CrzT_;q`<84Thuj>*qs}~*!!2D0a{Zk+wR>$N
zd49{C0&lmwSP6~!ENgMWG;ud`IX^)xGZ<zC0dgJrbn`WCkBGhR3&?>P-U&G*wf<;Y
z>{!7$gfzeO{0(t@pn5T81ToM9s&{D|4ZhY1dNJWl-pembsm6bN1I%KBq=UVihrv2a
zDl5a?18>9z?}Svw6=wUL&wc*M+4O0UaGA1Xs9q_-u!q-|Db5>ik$A`;e76%}C(JSz
zJ@91rn><Vp-rR=N({F!zxf@Iz0bJvdSaRv9jI$fo)q7}tYVt#B@|PZvW$FPOL}05G
z!4D@iC9`>*dFbxiN<SJ5a99hE+N|Gm4|gC%5S)9#H2CC&`pPzQCt6{&k(lp=4EKk=
zel5g*B{=;h)CV(f5c-~l5f~#DAcU=Ojt-9UHNvg$?hnr|${e`pj-E`J7}9lS=YvFt
zxK{)m9-~5gv2zk(FK32vXLl;&Ao!!WRd}IP=XP#03Er88+D~5;cR{tU8RKZ}UxHH)
z4;RgRFXFP4!D%HJ?6@LZmwH=YIWp#qZg}Y8<kniU2{eixe7I8XNls4eDbJQ4e2tEM
z>SFLeX;ziN`TC5e^NC_`oyV`0HR8U;ZfK|r9;z#i#vLD4SXChmtjx${oVV6U{Vi<x
z6X(OH%Wj0Z+5q|Dq4Y~pM6YPbF_$Flq3;SbHF;4GB$j-k(Xb|~l8sqTlluV?@v0`>
zpd_MlZbi8k@nx9T`CVJYl34o!@~}N41QI6=m@)b_q#R3u2_YWaAKOg`2IwY)!Wq@3
zr+g%w0+k<p^ea)P9CN}mw`4oZ%nWhqG^xzmtkminOKt!PJ+9YsYPS<EqY6k1@1PR6
zt)ZW3YlLS@x90kbOIWmr(0fK!$$koLq}h;FY4K|3*H4}YXS7klBqr*d?C_-Uj2(Wc
zPh+5(-Ae@L#fvE_U8!}Hur|r`7FM=~?c5MKRA4}>c@Nk{HW;Zlb`h)`O8%g<2_jpr
zup=)wJ67$*NG!)dMTM6mFzCc?1!jBMlv^XHKW|uIKDcaKs7m|06C&kOhB*Rzr*)Q@
zTOzgC!hVBX#d;JI&o>xB;Y!xVipjszDfKp`Zhtkutr%sn`U^bNHOZT-6JN6yMp4`@
zs-;fmMRDpz{Bl;tnx~=OsP#9)^M4cknY<nx1<Ff`_#k|II9vgM9SA&t2nsRz<E?GJ
zOu&6Ul=KJ*w#dNYCLc$!^TF#d<WF*vS08=~I`8?#A8S<v__1NllB4E5)}u*{+lRPl
zALpe{vS(yt8=wO?ujSke(C))0S^RCzB@8o>(|ungR+!D^>@ld=d%R{!OzD@m`0X{{
zdn%)CU7);f&(u$;wBiKteb3G=<L?u*h@Sq4)->1->*?95F+v9y#8Vf@{3k(bmH;bi
z)--cqsgG_VdPQ55*b%>pOKjX$T{AuKdSkI)f3vNuE`U9~J4JLmx67>6>);cKr-1;4
z<R^`62O1Q`g$Z#JZ%#=?3^|Rg12yjOX}X6=me4mCjONNeABwFi|Dchpu%V0y5UW8y
zaJXK^`nCG$1s)e>lAE|JMOG780~xIy&*4v2i{<~u;jmHbT`F|!($1($6u5$d9y@}Z
zxpP`VnaK!ijaou_Pinv1wb+s^(`k>$-$agYSQ2wn7M&)nr&e#YUgD@05`e60;7U~0
ztla;mapdA4$tR(2SN+di@BaN0xQuQF;W?n(FytS7JVe5s_Fu}EkoWH(+o7)|SJf;`
z<@#UQbLlMNf}S$=Hq`Sb9A>&eyu<=`7mJ_&R!utyl#j?w%Y8Z<@#Q+8xmPsdBlfy@
zJjL|Sdpx0E{~q+7Ti#upJ~)rDkEx~u#s6Ub^dL1<BknaHo1n=G+3HVB+<?jn<uJV!
z9B$`Hi;A|&jS}{j0zonYo7-<YjI(^WX}K#bP2!D<X^M#i5#310?lek~Bc4mXP*Cf|
zzg1z8a!xR49R64V(;wGmKPhPJi}i(3M~DF~k|xmWm1gXzR!mfX$xboHfV>2LFU`Hl
z1iIu}ai;rj5-}S@0}PwD)Vpm8R+4`v=w;C)b-4fJ0s&?bUBayhak>2!oS%pcI0(<)
zRI8S1ZfU8hUvuA|9h*oSzK!06{{cnS1Oy-(@AeGPjn~(U_kf;77~RXevR|KTrT)WR
zV7;5hCtBk!t;UGwPhv(V;V(Sf(FP4kO5Dn{x`H+9np-2XJIfa(+@(Lu)Q_=_U&VQg
z!mOfjz@ekl=?$oUMCu57ik7VXGdoS3j?sE5*U?c!-z3%HR_qG*L$O|laV?xHI^UMh
z!d%`qX?4-!JW6<#41{Suw3I?2nnW<fJ!hgAe!os*C}sXr!kJRC4a@gObN=Kj$i53N
zkm0zGY0qx4Q;3XBu#)`2rw<lyj{`2rZh$kkpIyNY`jHb5!b25Qq4dJ^Vp`ag>yDKN
zyu-${$D$2mW(N`~M9sMCaH!N&z!t%QqA^P+GF}@tv+)SCbGB!^IBp&{g|w1^ur?xz
z(-XxR4nf91yN-eWA_7eS1gJg<N$#?u0o%&glhM{*#aO+h4q!zDEu(yg@p(g6>~W<!
z!>r(C%R@O7NDf=T_yssDVX1kj5M`@MyT}SC{m<W#tUv#OJ9_^B!fHEnbiUoy4PT~@
zoVn%46g&-Cb;)4o-;UnyQ)pA$jwY(jg}mg;n+5u~nM=ihB~!i!kMnl;tk&82Q*sOE
z{%(%z`VNLL&dm1RD;cjI_cbtq3_;kzPwLqc_0^;_QsE#MC&^g<S+rLev{*?If0AVZ
zDGChum9*FMQK*Jv@1nNIDLGYj9D3`4mWa@!lSBZPm7Sh<yPfli+;mRSg{+xQl9r|l
zUs-AsB1HL|9p2xygK`H81q2KEAD=3%7X6s=O~(-V<gpoZeO9ZEWD9%^pA;2l7vjN)
zo-PDzzujHgeZ<#2bIgyqwG!63G#RL$kw+y&=CuUBN!4M{(83=|)<b{i+3x$cbZ#Dg
zmZ^Sg&TxI&=p+>@H0xLl)A?qE+tG%kk65jzdj6)9Hn9@pWLMH(C-$>&y3fH)JyOhv
zrcmM=N*lq@*TaRBiM()u15?vDj?Z|hxZUByeKoD&f}3TzAm13?mFCvdiqV7G_#{1c
zqol9(QMFMtPZkZ9a@11z-gXoHN<F=PHG-HMuO=t3Sn}BWW;*D~vHlFrQcm?YTJ;Ss
zi&V?`G1lk4bob*L5+DUv-?qDr4s`FGNpq!P^FM}zGN1j*P`vHR#8vXMRn`P9f?J$4
zZa!@2yVjxs6umVX7OcY-@8lt?=M6Y0n=DpZcJtU<{-q4$Qr?oYYvw~Uy*Z<Q3UDGj
z+^HPC0@{!5IjyZ@dQR7$Ck`2<XjZiOxs5!db-wxPwv45QD{H!sJt_6+hxdJ*rWnhl
zP~8K|1UI1b&VKs{rOQF6Jj?0O^U1-cHSs;7%R&0-nV4^UD)bkMsa~kAa+=2uBb{91
zihRrv*~5H2L})3qTSjhu6oP0ToXDW0J<V6=OxyMR8NJ#SHz&9dd}&ypb-AqUowT<^
zUR6pgVDeWE^+CfKCweNpcupBrq|}+R_)oj}oYNhjrAWhEQ|m8A!AYRhR|s+TR!Z5o
z2ab}DXqZyeX>x#d=O_K1alY>M`xJMKQ-wT1Wwa|V^&ozKQ$|#@GcDGH9@3PGd#3GD
zS)Zf+8hGMD5IfaDbq3gt=+BhRx4kk4cuMzSoh?$axZj8ta`UG-cx8HO$#gxE3&hgo
z!{t8=rfalo80;9bAYr0<Nq~{A7hVj)d)glPta|nzC;4%KAZtI|I)&&Bw^QeEi3d!h
zG7Bbm_Y|y;p#^*GVy%QBrM!o+Q*X7f5%HLRTB0BGL+Z|ZpehTB5gGihQgqk`y84TZ
z+Fpo`^&W=<M%-dkQ`WEB({Zo0Fx>IR3IizOOKm+WGA^}{rfUVuSNG9r^m%HpIw}bt
zZsiY#>V<t0UEp>GDR`C@2=o$`m8C5>*=|aVKz!Y4S+GXd8FZuILrq_98t3rLWWT3K
zKHISNy+>Kzm(sc{wQJM_T+t{9$dKVUapOQV8jd(U5(jh&XHA1)iI)4pRNkwzT^*xx
z<TJ^3Z#bKI-UqqhJ*RMyi*uIen~gh2kMNBO>cq<l!2Z~GB-=2y#4GzNy_Wqbx%yCa
zHuJ0FXLU3pxrq0QzqoO4_n!r~rD4x+IQ-nL)hm^+##`lUvtK2MP5-&oFRP7J*mn?-
zn7;yJ&8f=}S+w=8w7NUYLjVX`7;3ah@%sV1a;Y9W!P<i<4V5;~PoWlPauo_g5rbAB
zRH?}y8BNc4B*h++(m$Xnu(6BonW|lv*pzR(f%qF1E)8Gzc}l&+MLN`_?IZc~o1{K>
zB<+%Kl<*De@;Wl>v*sM`8ZLNztpsMkg&A>AHgohVlF8NM%(A;kUH67divo;DQY(#<
zYLy`x5YY;{Hjf~v(RK!+7y#+RR;wE`KCcF0!ox*rtJ7m0)JV`cpj(<Kq>x;{o~x8`
z`@FNvk>o?BerhK{%mI5gQJ`R@{j=#eA$Ylf4IhB4C%b&qOkgbqK?5cfbj<>K-;i9h
zT7_~}iItJyJQi|W^Q)J_aZczmQ7P8<y!|Xj?m?NgCcC>~50blK@1XOal?stU)3%>8
zEr#11xc2UbEIWI7k?ruYAM2`zTkPeMS8dz8k7TenoJym4+sFkswUiPCwkQ@a$iHn@
zOEeXrAewi(Dh1>a(AF-ToOQNPS=5-*(7Wo|-PVdu>XTlDmv6tJ!tu3g?3%1TeNCpZ
z9hO<SpddEa=XeqrJg%=G;+nWNz>eioh^L0A3KqUfXr5fSqqU6@&TR^m%3zD}OFQit
zo3La%Ei{D#xSWd1i$53BYpIwP&0~{5FIg#e)zu4nE;g#Q=#`933ZO%{{?KbiK<|M<
z;MaS&Ab<FN>Y{)u%>(kJG~unmdSJ9ROHMtiT@DX)jWv>&0+G!!Y19h+qta`la%jV=
zxfDQmd0RmquF@52RYylGhii(wLOBQ;9k=q7bujLA8}EN4pbx^vbWHJrfiV4*Hkk4R
zEEYaior8&8adg>5ph93H!$WYZzHu6PI!AdpQqfsfWkbQPz3wQI%Szdim=o&EDlZD?
za|n*iN@^<_Ww#4<qfVrcD4laN*+4zomvk-p{Cd0cQes6^IJuq(23=NWWs1)*1evw(
zH^@-<E4>YZ^U7d7G-$SLPqnmIt)puO6uUzR;$4VsJM2`?o4Xpa=}rCjv|>tA2;$qT
zOThmH5f13At#E`abAOT0D!w*-*uC`Q#FQ!JHFlMntlPP)B|B-_Ai1oiH18JKjQgq4
z@ZG!1)Filo=9-LT8D5c4j*6%9Kuf2hckw9Lq~ZqV=v;j6L9<pLWw@m9Rq+b1K#z0(
z#6S+G$c81ZM7xAY#2=KRu!9F~1=@;!V@P_2Wk0z6B_Y5z7-q?U=k{>i*(AZi@ws;(
zv-SqTj7b*zf~}=Oa8&;%o3kgIl7jMX@o8vT;n$t=>wlxw-N8l(%UP>Yj7u}(;Ad8s
zu^v}z=CwMU!{%BG)nZ$~kKWWAW(G;z)OtOo(FaNbj<CEX!}1U`ay(RAv@^RI#!i&%
z(~4q=rMcueyuczM!{hb!xY>5gFy(@#Qt5f)1mR2ZSDof~JM}ek4w==-IzIn(>s)V3
zvIZg&Q+L1dlxqV3oHr!a7NwSkDe0<YXTCn%)LM3~>Z14KOq18y#Icv+D=6&m@ZHdy
zqZ^B@e$epIv3v=Wgs{A{et0c1T-5n6e@wC*JGJi&6OdUus@vB-3<n_#*i7}?5rn-=
zL0c=2t}7D>^($yg+ULJcn#QK-h#l5vHsS)-yQ;cg@SeOK33?{G$|aPn%wYk@c6_I4
zZsD*2vDg*Nf}Y)=a#=kw=8qiJ;wRS3)@~|GJd+drxPOqU*{%R81gWvX20INOA<mLk
z?~*}I<GGPFaIkX+^5vJsmN~^o<w4~w2g*6Gl@rmI1Vv5*7>B-v9QZ~X(2R(J+&m3R
z@XD|P%@4PRy9xA)+VCC&zoUqb)enWZkABl%Dk0bEIbT>k@pq@P^^PSe19j-E8#)h7
zAuyzK4y1<Bk0h!qPVa;L!SfKUp_y;UnCJoD#nU(}^wHL&I8oPX5d2;f+^iyUUe~5w
z@bA30oj|3|t!$%FZTaC8;~%HAOYinTz2JL){ooh{S8w8AZc81%&E8En(z8d6QOY<@
z(kZ5)n+9l5i|~Ny)GxlAJ|1=m-6j@FiZTKKf@f0?oU7Dn!i#S|UkhHdB0(;e4SXzT
zCuT2pZ<OfW-a|H6npx7UR(p+?yu{*f>aqwMcZjq-Oqt@Uq%`ZWmbDsD9!5^7vp0z;
z%z_7G7xCQTsqq*S&QN;eBb>Q=$4p8de_Npok=pF??9F9(HlJ0$YpFGwKH&OcFE+R2
zl@AuAd*=_5N?b{<-1zToes^>}5Vu9PCz5?@87R))iZf64xWkHhnL58KWPi*)RM(O3
zUfylUuJ{oUHZQ2(*WMdMDNC@7cA4rW@>%^wMlI~t2w|GGROsU*pHs$+YrYbFCj^|G
zDr22eTwALEzWf{RQG^-LY`f8^aI~X`QJV<y6;7zhNW32ybK}!$@fQEC<T+JND!G;U
z=)<1U3<Vk6A-fis@*a@+zKqdf^Ak&MW6TJu)^*+6_p3~2Fg;rp5#<_k-;aIx#N*yn
z9Hz0CWwcF0qNQJ~zFzG7R{fzKg@R)0(IA&V0+IRn%VrsJ-3~txN8h9JB$NU<Kz9SG
zEuj~}2`&Q9spVZKVN7mCV)t>tkt(j2Es^6yZY{zfM!f%vN@vP@>B=#>uX2Hm+-J^7
zJ<p?7+$}0|QB)atGtx%XL+*Cs?#7WC`v)<;eFVcb;sei0=q}~1VCR=qgiEaKKB4k4
zO0=vKl<BEzUh36zc&#yT+uUHIs!Wus4s1C96Br1<ddq1MqY^Q9f{@;|P4R~eo473y
z(bBY5pOlCZ7yoG_zDB-G*aAK7IP13T=m*$1h50~$O;F)n5M!ZP^Kav5u&kUiJZ)X%
zVJ3K<Hax|}b0`<(xA`?w8X`K(y@L;F^BFpo&9z-tOun~@=h;=d`yk3-EHX7*5G(Zy
zDTZeYf2vanE}Pi0JUl>l^?u7D9S=zeSTSZP^CLfsFsNXH{lTM**(9PrbUoOV0I}?v
zF~yeyqki*bFGR#c8kielTrR(zKU8$SC%sY^hG%0vYBm)N9O0_NOLB&^d3JIU?*Afe
zqa~%~c7)_uxx|e5#=<u8?0VLNH)gCn#2P$UhecbnC$n2;eWDHX&#aR1gQbwm{6#SD
zf`Y^49JJ#oQt&f1N*MPEQf0g=5`(#MWydXCQyHExEVjyNBrunOfWwUMJoQp(Chto&
z2(VqT@yT7Lf*97TySHg8JA9~hE#!nlTN3Cj>n}7iU^WD@){2V+X9mAw<dlpdMT2xt
zs_h=UEoIUZG5^2-8fH9I8S}pO4Nx*qfC48&MvPR+$pKZu)#Niewji^1W&2b>Vx4G%
zayV;6b;xpgGKAT_k61R~wpbDORp1L#s7k3g?m!xooRaH~UgqgvEW?XL4usJ9dS+#Q
z^mBjQ^LU|QKGjb*X^;=&o3(uenwqbiO_kH#A`P1J%@aHLn1t68PXuDbm?%JSLAs;7
zK3V1wJNC?=CL6X+vN9Oi=2$BttAQ`~a#UirC*2pH(<U{aRs!JaGau!i$E)6MER3>O
z4!_^jRWal~%D9@ZAYc6re$Wi;JT;cHkH{MhCO~=_^X(;gx)t<zBnt`{K-Nr6JBx?o
zyc8>zi1@Cr`ky`cB>+Z_wfd#zsQ^ub;`4Bo5q9XA!!Uq>OP)a*yOFi;JAoQaZUISQ
z2$o!R@RX}`DE|1Z;JS$H0So*vJcqIEtJ@+Gr|UGbbOBPWBO=VwjmkSGd)EuM<(e<F
zvznWldov+t$!o~QU3r!=Yj1N=(a(052h*+P_i30P9cZmTrFuC{hK*sq1pbQk<qu=^
z_|}h_`iesS0Esg5;iLaGw7umhbvfj>b>g^4z--uWr0{?`9B5QUxP_F-jQ9%!Qn6t@
zqRB)th9#cmrYc`zDP-{ARt+~KipzG4y0h|xQ^w#7X<u$R;g{$Gqc+`sBQnONuXdxO
z<JHwMe_H{9-`b-PH0#q&QJZ#28#|yXzJhu&+B?|h=d73B12z~8U}3+8d&FYMR0%d`
zkgKx!@)Ee|&DuI#BQCTRiWSa(u<B-BMk7an_qO0=TeMxc#VA*!a@|11`6d{fb~SXl
z96%GIzkr4B$3eQshG>IWwSYUB>BHV3dj9BSUR>cm^I$KHi+CypxiDm8IgK>BMCr3<
z;F$CH_$YKLyJbTww-hbyncj&m#G&_n&3e%Z8paR4V8Ou}D(b9xJr5p-(O1Uh9nxgq
zCGZ@U6=uf=aspM)!yok%rcY%X=h+Zp)96{KJL|{%>J7Df@;SNv>B<Am$8I`g1xao?
zn}N+e-H`oebi#}oq6%|@O1u=nh2;A8-|h7#GO0azIZ(fCsY-rIS{oTiFOJhB)uQX;
zEm?h8^D?o8>w1|Ok>cZ#=#JY9?gNITo=(R7^KHYOmyuoy{Sl)v;^A&9Qa9Ea(lHD&
zWu<K00yYM6YuE+`&Wn#BRi{&;wu-sh&B6aJa}=@nLFmYZzmb#3WjOntR}EW41hG+|
z^wK1!Qv@QvumJ8tF$aDQ)X-SEKS>FLOS=QMYD_N2Y390&SG&7FkiU10;aoCCpoVbo
z<Kqv$G#2ETo}W1CO_c;2f<n|{KHz%xE&s5lHJu8AF%Lit2b`4BdgA>{zeS3n?RdVf
zrhSi{3+z879kg9kG$V#6*gu{j9H4p#DBLk&WlyWyq-*+{*1-(<TC8A40#O%U5c>7_
z_#c!i4=`+rZDd=^jVgN|AklG7LT@51I;FSK+_}WBB=bbw>2iHv+xW+IymbHmnhv5X
z<(Oy42s;qDmMwwPipx74V?p~V94z{LW5x1r-AuVhI^BHu$Gi3J8CdOU76%JiEehzq
zU;C~*PIH0u!~Fvz$0q_VX3Kkj$8TV+`kl)e4HDe?L>U%fe~GkUd0t664G)_j4+)o1
zj#SPObUwrg!byOjLzT!N+5x{BG1GR+mhOi}EG1rCBj-TfQpmshwy{BNPaUtTKcATJ
z=Ir@dn3el1SfHh3yIVU(+-0^Zd!ErqX*{%%bI<ke#3lhS4d+9@b&4-MB$v(V&0QHk
zsZp+<a;5=abr9YtouY>=B-bW?YlGv?J`0p7e6ie+x6LC>pn*;B*&Z-`y88P!$IiZg
z{lq9@@q<1L)&6eBg>xhR@3&oe{H1Paq0xqzrU<F!JVS{ozq<~G3#^6p`bU_yOL2v_
zca@jL`9M&3b|K8A(~;!_pvGB3<qSC*(52Fj-h%$(tO3_FG*+;}^)row%Y<jhoYSZB
zA&lwz$5>N0#O<kSLHnebcp>QOI=}qCX47yVLijT_8`tEwy!HV!ml^uRz9_JSQFoS!
z&Elvd@&Nua_p2?%wp_0+=o<lu5QU{?<|)WTwpC;(Q_A=hUxRHo?83oL$cR@R%|$w3
zk6Kj-${zxRLm1+-l33n9;=pYq1%iL5XPnz`Q%{+2!G(JYC^FMgHpbsyT+|SupN#Fm
zrsRBqOstDI-7t!uFFPP+TUrQpl{7Yo<veTjOL_9E1Oo&AD<dwV_FbL#6g9P0V1)O^
z;B#R!kz~4?4njtxS9*0t;PpI2@P)drp&h3zQ%zx#0>@d>*ha&+Ao}6Kd&XRzAnY&B
z-14O82!}iRjz^w`p7u=+nw!dn>X7EoqTK5iWxfPS*zbu7)<RPkiJw%`Yr!NW@qf_R
zjK&8uU`H|ldDNaN+(FVi#6fR6_|d4m`!#OtURJIvf8%3iO@I|@sTL<&u;hLryxi2Q
zz7mEts0BEAHTFpH_^)3h#;^i?NIcha6>=kvtiK43qg5#TV#mU!>$>8HIe8<{A*(Uv
zL{q5f=9=kzx>)>Ezq|9L$r9K=!w*ObbGUdyAzaqGx>^(-Y}QBWQYC0ZcdXCV2x0r0
zKu(iD>$Xd=^LMj}{<fH%Nwpe6`}B|VBao82-%$y_=F0*~{faDXN7j0j)4t>{7pqdw
zrdlPBMs(@jIJ-HhDCmj_FUCqZ#?uv7{4e{BMx>XMHZEf?=ZI8+Ci#eeeW?#cS*9a+
z-QnCWn{0a7p0SqF@)p_(@_#9e|BnytnBGrFCr+S$%90ii80aS>p(tK0Y8doC3$1@|

diff --git a/packs/cks-trivy-0.21.1/pack.json b/packs/cks-trivy-0.21.1/pack.json
deleted file mode 100644
index 83fdebd7..00000000
--- a/packs/cks-trivy-0.21.1/pack.json
+++ /dev/null
@@ -1,28 +0,0 @@
-{
-    "addonType":"security",
-    "annotations": {
-      "source": "community",
-      "contributor" : "spectrocloud"
-    },    
-    "cloudTypes": [
-      "all"
-    ],
-    "charts": [
-      "charts/trivy-0.21.1.tgz"
-    ],
-    "displayName": "Trivy",    
-    "layer":"addon",
-    "name": "trivy",
-    "version": "0.21.1",
-    "constraints": {
-      "dependencies": [        
-        {
-          "packName": "kubernetes",
-          "layer": "k8s",
-          "minVersion": "1.27",
-          "maxVersion": "",
-          "type": "optional"
-        }
-      ]
-    }
-  }
\ No newline at end of file
diff --git a/packs/cks-trivy-0.21.1/values.yaml b/packs/cks-trivy-0.21.1/values.yaml
deleted file mode 100644
index 19d84065..00000000
--- a/packs/cks-trivy-0.21.1/values.yaml
+++ /dev/null
@@ -1,179 +0,0 @@
-pack:
-  #The namespace (on the target cluster) to install this chart
-  #When not found, a new namespace will be created
-  namespace: "trivy"
-  content:
-    images:
-      - image: docker.io/aquasec/trivy:0.21.1       
-    charts:
-      - repo: https://github.com/aquasecurity/trivy
-        name: trivy
-        version: 0.21.1  
-
-charts:
-  trivy:
-    nameOverride: ""
-    fullnameOverride: ""
-
-    image:
-      registry: docker.io
-      repository: aquasec/trivy
-      # tag is an override of the image tag, which is by default set by the
-      # appVersion field in Chart.yaml.
-      tag: "0.21.1"
-      pullPolicy: IfNotPresent
-      pullSecret: ""
-
-    replicaCount: 1
-
-    persistence:
-      enabled: true
-      storageClass: ""
-      accessMode: ReadWriteOnce
-      size: 5Gi
-
-    resources:
-      requests:
-        cpu: 200m
-        memory: 512Mi
-      limits:
-        cpu: 1
-        memory: 1Gi
-
-    rbac:
-      create: true
-      pspEnabled: false
-      pspAnnotations: {}
-
-    podSecurityContext:
-      runAsUser: 65534
-      runAsNonRoot: true
-      fsGroup: 65534
-
-    securityContext:
-      privileged: false
-      readOnlyRootFilesystem: true
-
-    ## Node labels for pod assignment
-    ## Ref: https://kubernetes.io/docs/user-guide/node-selection/
-    nodeSelector: {}
-
-    ## Affinity settings for pod assignment
-    ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
-    affinity: {}
-
-    ## Tolerations for pod assignment
-    ## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
-    tolerations: []
-
-    ## Annotations for pods created by statefulset
-    ## Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
-    podAnnotations: {}
-
-    trivy:
-      # debugMode the flag to enable Trivy debug mode
-      debugMode: false
-      # gitHubToken the GitHub access token to download Trivy DB
-      #
-      # Trivy DB contains vulnerability information from NVD, Red Hat, and many other upstream vulnerability databases.
-      # It is downloaded by Trivy from the GitHub release page https://github.com/aquasecurity/trivy-db/releases and cached
-      # in the local file system (`/home/scanner/.cache/trivy/db/trivy.db`). In addition, the database contains the update
-      # timestamp so Trivy can detect whether it should download a newer version from the Internet or use the cached one.
-      # Currently, the database is updated every 12 hours and published as a new release to GitHub.
-      #
-      # Anonymous downloads from GitHub are subject to the limit of 60 requests per hour. Normally such rate limit is enough
-      # for production operations. If, for any reason, it's not enough, you could increase the rate limit to 5000
-      # requests per hour by specifying the GitHub access token. For more details on GitHub rate limiting please consult
-      # https://developer.github.com/v3/#rate-limiting
-      #
-      # You can create a GitHub token by following the instructions in
-      # https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line
-      gitHubToken: ""
-
-      # Docker registry credentials
-      # See also: https://trivy.dev/docs/latest/advanced/private-registries/docker-hub/
-      #
-      # Either
-      # Directly in this file
-      #
-      # TRIVY_USERNAME
-      registryUsername: ""
-      # TRIVY_PASSWORD
-      registryPassword: ""
-      #
-      # Or
-      # From an existing secret
-      #
-      # The secret must be Opaque and just contain "TRIVY_USERNAME: your_user" and "TRIVY_PASSWORD: your_password" as k/v pairs.
-      # NOTE: When this is set the previous parameters are ignored.
-      #
-      # registryCredentialsExistingSecret: name-of-existing-secret
-      # skipDBUpdate the flag to enable or disable Trivy DB downloads from GitHub
-      #
-      # You might want to enable this flag in test or CI/CD environments to avoid GitHub rate limiting issues.
-      # If the flag is enabled you have to manually download the `trivy.db` file and mount it in the
-      # `/home/scanner/.cache/trivy/db/trivy.db` path (see `cacheDir`).
-      skipDBUpdate: false
-      # OCI repository to retrieve the trivy vulnerability database from
-      dbRepository: ghcr.io/aquasecurity/trivy-db
-      # Trivy supports filesystem and redis as caching backend
-      # https://github.com/aquasecurity/trivy#specify-cache-backend
-      # This location is only used for the cache, not the db storage: https://github.com/aquasecurity/trivy/issues/765#issue-756010345
-      #
-      # In case you specify redis as backend, make sure you installed a redis server yourself, e.g.
-      # https://bitnami.com/stack/redis/helm
-      #
-      # In case redis is not enabled, the filesystem will be used
-      cache:
-        redis:
-          enabled: false
-          url: ""  # e.g. redis://redis.redis.svc:6379
-          ttl: ""  # e.g 3600s, 24h
-          tls: false
-      serviceAccount:
-        annotations: {}
-          # eks.amazonaws.com/role-arn: arn:aws:iam::ACCOUNT_ID:role/IAM_ROLE_NAME
-      # If you want to add custom labels to your statefulset and podTemplate
-      labels: {}
-      # serverToken is the token to authenticate Trivy client with Trivy server.
-      serverToken: ""
-      # existingSecret if an existing secret has been created outside the chart.
-      # Overrides gitHubToken, registryUsername, registryPassword, serverToken
-      existingSecret: ""
-      # extraEnvVars to be set on the container
-      extraEnvVars: {}
-      # sslCertDir can be used to override the system default locations for SSL certificate files directory, example: /ssl/certs
-      sslCertDir: ""
-
-    service:
-      # If specified, the name used for the Trivy service.
-      name:
-      # type Kubernetes service type
-      type: ClusterIP
-      # port Kubernetes service port
-      port: 4954
-      # sessionAffinity Kubernetes service session affinity
-      sessionAffinity: ClientIP
-
-    ingress:
-      enabled: false
-      # From Kubernetes 1.18+ this field is supported in case your ingress controller supports it. When set, you do not need to add the ingress class as annotation.
-      ingressClassName:
-      annotations: {}
-        # kubernetes.io/ingress.class: nginx
-      hosts:
-        - host: trivy.example.com
-      path: "/"
-      # type is only needed for networking.k8s.io/v1 in k8s 1.19+
-      pathType: Prefix
-      tls: []
-      #  - secretName: trivy-example-tls
-      #    hosts:
-      #      - trivy.example.com
-
-    # httpProxy the URL of the HTTP proxy server
-    httpProxy:
-    # httpsProxy the URL of the HTTPS proxy server
-    httpsProxy:
-    # noProxy the URLs that the proxy settings do not apply to
-    noProxy: