From 81f66accb4adcf83ce373c7bad996b073ae2a5df Mon Sep 17 00:00:00 2001 From: seemywings Date: Thu, 25 Jul 2024 12:31:38 -0400 Subject: [PATCH 01/21] add initial How To --- pages/how-to/1.md | 1 + pages/how-to/2.1.md | 1 + pages/how-to/2.md | 1 + pages/how-to/index.md | 6 +++++- 4 files changed, 8 insertions(+), 1 deletion(-) create mode 100644 pages/how-to/1.md create mode 100644 pages/how-to/2.1.md create mode 100644 pages/how-to/2.md diff --git a/pages/how-to/1.md b/pages/how-to/1.md new file mode 100644 index 00000000..8ec2bfa4 --- /dev/null +++ b/pages/how-to/1.md @@ -0,0 +1 @@ +# Section 1 \ No newline at end of file diff --git a/pages/how-to/2.1.md b/pages/how-to/2.1.md new file mode 100644 index 00000000..5309a6ef --- /dev/null +++ b/pages/how-to/2.1.md @@ -0,0 +1 @@ +# Section 2.1 \ No newline at end of file diff --git a/pages/how-to/2.md b/pages/how-to/2.md new file mode 100644 index 00000000..2f4b18a4 --- /dev/null +++ b/pages/how-to/2.md @@ -0,0 +1 @@ +# Section 2 \ No newline at end of file diff --git a/pages/how-to/index.md b/pages/how-to/index.md index c2120333..951dbad6 100644 --- a/pages/how-to/index.md +++ b/pages/how-to/index.md @@ -1,4 +1,8 @@ +<<<<<<< HEAD --- title: How To description: How To Guides for Getting the Most Out of Plural ---- \ No newline at end of file +--- +======= +# Hello, How To! +>>>>>>> 363b131 (add initial How To) From 6ed78ba14fad640c7252cfa3a1d4cb88db4080f4 Mon Sep 17 00:00:00 2001 From: seemywings Date: Thu, 25 Jul 2024 13:37:37 -0400 Subject: [PATCH 02/21] adding more how-to placeholders --- pages/how-to/1.md | 1 - pages/how-to/2.1.md | 1 - pages/how-to/2.md | 1 - pages/how-to/index.md | 4 - pages/how-to/set-up/new-mgmt-cluster.md | 5 + pages/how-to/set-up/plural-console.md | 269 ++++++++++++++++++++++++ pages/how-to/use/index.md | 4 + 7 files changed, 278 insertions(+), 7 deletions(-) delete mode 100644 pages/how-to/1.md delete mode 100644 pages/how-to/2.1.md delete mode 100644 pages/how-to/2.md create mode 100644 pages/how-to/set-up/new-mgmt-cluster.md create mode 100644 pages/how-to/set-up/plural-console.md create mode 100644 pages/how-to/use/index.md diff --git a/pages/how-to/1.md b/pages/how-to/1.md deleted file mode 100644 index 8ec2bfa4..00000000 --- a/pages/how-to/1.md +++ /dev/null @@ -1 +0,0 @@ -# Section 1 \ No newline at end of file diff --git a/pages/how-to/2.1.md b/pages/how-to/2.1.md deleted file mode 100644 index 5309a6ef..00000000 --- a/pages/how-to/2.1.md +++ /dev/null @@ -1 +0,0 @@ -# Section 2.1 \ No newline at end of file diff --git a/pages/how-to/2.md b/pages/how-to/2.md deleted file mode 100644 index 2f4b18a4..00000000 --- a/pages/how-to/2.md +++ /dev/null @@ -1 +0,0 @@ -# Section 2 \ No newline at end of file diff --git a/pages/how-to/index.md b/pages/how-to/index.md index 951dbad6..008774d2 100644 --- a/pages/how-to/index.md +++ b/pages/how-to/index.md @@ -1,8 +1,4 @@ -<<<<<<< HEAD --- title: How To description: How To Guides for Getting the Most Out of Plural --- -======= -# Hello, How To! ->>>>>>> 363b131 (add initial How To) diff --git a/pages/how-to/set-up/new-mgmt-cluster.md b/pages/how-to/set-up/new-mgmt-cluster.md new file mode 100644 index 00000000..a00f5471 --- /dev/null +++ b/pages/how-to/set-up/new-mgmt-cluster.md @@ -0,0 +1,5 @@ +--- +title: Setting Up a New MGMT Cluster +description: Using plural up to Deploy a MGMT Kubernetes CLuster +--- + diff --git a/pages/how-to/set-up/plural-console.md b/pages/how-to/set-up/plural-console.md new file mode 100644 index 00000000..f00c6c49 --- /dev/null +++ b/pages/how-to/set-up/plural-console.md @@ -0,0 +1,269 @@ +--- +title: Setting Up Plural Console +description: How to Deploy the Plural Console to a MGMT Cluster +--- + +# Pre Reqs + +#### [Mac Homebrew](https://brew.sh/) +```sh +/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" +brew update +``` +##### [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html) +```sh +brew install awscli +``` +#### [Helm CLI](https://helm.sh/docs/intro/install/) +```sh +brew install helm +``` +#### [Plural CLI](https://github.com/pluralsh/plural-cli/?tab=readme-ov-file#installation) +```sh +brew install pluralsh/plural/plural +``` +### Configure AWS CLI Config +```ini +#~/.aws/config +# Note: The profile name is arbitrary +[profile plrl-sandbox] +sso_start_url = https://pluralsh.awsapps.com/start +sso_region = us-east-2 +sso_account_id = 312272277431 +sso_role_name = AdministratorAccess +region = us-east-1 +output = json +``` +#### Test access +```sh +aws sso login --profile plrl-sandbox +``` +```sh +# example output +Attempting to automatically open the SSO authorization page in your default browser. +If the browser does not open or you wish to use a different device to authorize this request, open the following URL: + +https://device.sso.us-east-2.amazonaws.com/ + +Then enter the code: + +XXXX-XXXX +Successfully logged into Start URL: https://pluralsh.awsapps.com/start +``` +##### See if the you are authenticated and can assume the proper role +```sh +aws --profile plrl-sandbox sts get-caller-identity +``` +```sh +# example output +{ + "UserId": "XXXXXXXXXXXXXXXXXXXXX:kevin", + "Account": "XXXXXXXXXXXX", + "Arn": "arn:aws:sts::XXXXXXXXXXXX:assumed-role/AWSReservedSSO_AdministratorAccess_63ff4a47c5786193/kevin" +} +``` + +# Deploy K8s Cluster +If you already have an EKS Cluster running you can skip to [Cluster Configuration](#Cluster-Configuration) +### Create Plural Console Install Repo +```sh +mkdir -p ~/git/plrl/plural-console && cd $_ +git init +git remote add origin git@github.com:pluralsh/plrl-console-kev.git +git submodule add https://github.com/pluralsh/bootstrap.git +mkdir clusters apps helm-values +mkdir apps/repositories apps/services apps/terraform +touch clusters/mgmt.tf clusters/providers.tf +cp bootstrap/terraform/clouds/aws/outputs.tf clusters/. +cp bootstrap/test/aws/provider.tf clusters/. +``` + +### Configure Terraform for AWS EKS Deployment +```sh +# ./clusters/mgmt.tf +locals { + console_name = "plrl-console-kev" +} +module "mgmt" { + source = "../bootstrap/terraform/clouds/aws" + cluster_name = "${local.console_name}-eks" + vpc_name = "${local.console_name}-vpc" + db_name = "${local.console_name}-psql" + kubernetes_version = "1.29" + deletion_protection = false +} + +resource "aws_route53_zone" "primary" { + name = "plrl.livingroom.cloud" +} +``` + +### Run Terraform +```sh +cd clusters +terraform init -upgrade +terraform plan +terraform apply +terraform output -json +``` + +### Get the Kubeconfig for New Cluster to use with `kubectl`/Lense App, etc +```sh +aws --profile plrl-sandbox eks update-kubeconfig --name plrl-console-kev-eks --alias plrl-console-kev-eks +``` + +# Cluster Configuration +### Copy External DNS and Cert Manager IAM Policies for K8s Service Accounts +```sh +cp bootstrap/existing/terraform/aws/iam.tf ./clusters/. +cp bootstrap/existing/terraform/aws/values.tf ./clusters/. +``` +### Add your cluster Name and OIDC provider to the terraform variables +```sh +# ./clusters/variables.tf +variable "cluster_name" { + description = "The name of the EKS cluster" + type = "string" + default = "plrl-console-kev-eks" +} + +variable "cluster_oidc_issuer_arn" { + type = string + description = "The OIDC issuer URL of the EKS cluster" + default = "oidc.eks.us-east-1.amazonaws.com/id/CF79038576E92F4C852874A4B10AE974" +} +``` +### Add an AWS Route53 Hosted Zone +```sh +# ./clusters/iam.tf +resource "aws_route53_zone" "primary" { + name = "plrl.livingroom.cloud" +} +``` + +### Apply the Changes to AWS +```sh +terraform apply +``` +### Configure your DNS to use Route 53 +#### Get the Hosted Zone's Name Servers +```sh +# Replace the ZONE_NAME with your domain and run the aws cli command to ge the name servers +ZONE_NAME="plrl.livingroom.cloud." +aws --profile plrl-sandbox route53 list-hosted-zones --query "HostedZones[?Name=='${ZONE_NAME}'].Id" --output text | xargs -I {} aws --profile plrl-sandbox route53 get-hosted-zone --id {} --query 'DelegationSet.NameServers' --output table +``` +```sh +#example output +----------------------------- +| GetHostedZone | ++---------------------------+ +| ns-534.awsdns-02.net | +| ns-1750.awsdns-26.co.uk | +| ns-234.awsdns-29.com | +| ns-1029.awsdns-00.org | ++---------------------------+ +``` +#### Create an NS Records for each AWS name server +* A minimum of two records are required +* Ensure the NS records are for the root or subdomain to be used by the plural consol +* In my case the is for plrl.livingroom.cloud +* I'm using CloudFlare as my domain provider with these records + +| Type | Name | Content | Proxy Status | TTL | +|-------|-------|-----------|--------------|-------| +| A | livingroom.cloud | x.x.x.x | Enabled | 1m | +| NS | plrl | ns-234.awsdns-29.com | Disabled | 1m | +| NS | plrl | ns-1750.awsdns-26.co.uk | Disabled | 1m | +| NS | plrl | ns-234.awsdns-29.com | Disabled | 1m | +| NS | plrl | ns-1029.awsdns-00.org | Disabled | 1m | +##### Note: You may need to wait for [DNS propagation](https://www.whatsmydns.net/#NS/plrl.livingroom.cloud) before the console/TLS validation is available + +### Update Helm Values with the created IAM Roles and use Appropriate Provider +```sh +cp bootstrap/helm/* helm-values/. +``` +```yaml +# ./helm-values/certmanager.yaml +installCRDs: true +serviceAccount: + name: cert-manager + annotations: + eks.amazonaws.com/role-arn: "arn:aws:iam::312272277431:role/plrl-console-kev-eks-certmanager-extdns" +securityContext: + fsGroup: 1000 + runAsNonRoot: true +``` +```yaml +# ./runtime.yaml +... + +external-dns: + enabled: true + serviceAccount: + name: externaldns + annotations: + plural.sh/dummy: ignore + eks.amazonaws.com/role-arn: "arn:aws:iam::312272277431:role/plrl-console-kev-eks-certmanager-extdns" +... + provider: aws # <- change to the provider you actually wish to use + + domainFilters: + - plrl.livingroom.cloud # <- you need to change this + +ingress-nginx: + controller: + service: + annotations: + service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing + service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp + service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: 'true' + service.beta.kubernetes.io/aws-load-balancer-type: external + service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip + service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: "*" + service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: '3600' + +``` +### Deploy Plural Runtime +```sh +helm repo add jetstack https://charts.jetstack.io || helm repo update +helm repo add plrl-bootstrap https://pluralsh.github.io/bootstrap || helm repo update +helm upgrade --install --create-namespace cert-manager jetstack/cert-manager -f helm-values/certmanager.yaml -n cert-manager +helm upgrade --install --create-namespace plrl-runtime plrl-bootstrap/runtime -f helm-values/runtime.yaml -n plrl-runtime +``` + +### Deploy Plural Console +```sh +plural login +# Note: If you deployed using bootstrap terraform you can get the PSQL connection string from running: terraform output --json +plural cd control-plane +helm repo add plrl-console https://pluralsh.github.io/console +helm upgrade --install --create-namespace -f values.secret.yaml console plrl-console/console -n plrl-console +``` + +#### View and Login to the Console: https://console.plrl.livingroom.cloud + +### Add an [RBAC Binding](https://github.com/pluralsh/documentation/blob/8e205adfede17b0e412a2c8d81ac511dd71fe59b/pages/deployments/dashboard.md) for the console users +```sh +mkdir rbac +touch ./rbac/ConsoleClusterRoleBindings.yaml +``` +### Configure the Cluster Role Binding for console User +```sh +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: console-kev-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: admin +subjects: + - apiGroup: rbac.authorization.k8s.io + kind: User + name: Kevin@Plural.sh +``` +### Apply the Bindings +```sh +kubectl apply -f ./rbac/ConsoleClusterRoleBindings.yaml +``` + diff --git a/pages/how-to/use/index.md b/pages/how-to/use/index.md new file mode 100644 index 00000000..c798facd --- /dev/null +++ b/pages/how-to/use/index.md @@ -0,0 +1,4 @@ +--- +title: Using Plural +description: Guides for Using Various Aspects of Plural +--- \ No newline at end of file From 4afd134c19fa4f7ef609d1c2caf42dcf6885e616 Mon Sep 17 00:00:00 2001 From: seemywings Date: Thu, 25 Jul 2024 13:40:03 -0400 Subject: [PATCH 03/21] adding more how-to placeholders --- pages/how-to/use/plural-api.md | 4 ++++ pages/how-to/use/plural-console.md | 4 ++++ pages/how-to/use/plural-docs.md | 4 ++++ 3 files changed, 12 insertions(+) create mode 100644 pages/how-to/use/plural-api.md create mode 100644 pages/how-to/use/plural-console.md create mode 100644 pages/how-to/use/plural-docs.md diff --git a/pages/how-to/use/plural-api.md b/pages/how-to/use/plural-api.md new file mode 100644 index 00000000..b7692158 --- /dev/null +++ b/pages/how-to/use/plural-api.md @@ -0,0 +1,4 @@ +--- +title: Using Plural API +description: Guides for Using Various Aspects of the Plural API +--- \ No newline at end of file diff --git a/pages/how-to/use/plural-console.md b/pages/how-to/use/plural-console.md new file mode 100644 index 00000000..fe6d9016 --- /dev/null +++ b/pages/how-to/use/plural-console.md @@ -0,0 +1,4 @@ +--- +title: Using Plural Console +description: Guides for Using Various Aspects of the Plural Console +--- \ No newline at end of file diff --git a/pages/how-to/use/plural-docs.md b/pages/how-to/use/plural-docs.md new file mode 100644 index 00000000..210dc16a --- /dev/null +++ b/pages/how-to/use/plural-docs.md @@ -0,0 +1,4 @@ +--- +title: Using Plural Documentation +description: Guides for Using Various Aspects of the Plural Documentation +--- \ No newline at end of file From a5092b881754b9a0cc9e947d16462bc58f4b1377 Mon Sep 17 00:00:00 2001 From: seemywings Date: Thu, 25 Jul 2024 17:28:05 -0400 Subject: [PATCH 04/21] add plural-cli --- pages/how-to/set-up/new-mgmt-cluster.md | 1 + pages/how-to/set-up/plural-cli.md | 28 +++++++++++++++++++++++++ pages/how-to/set-up/plural-console.md | 20 ++---------------- 3 files changed, 31 insertions(+), 18 deletions(-) create mode 100644 pages/how-to/set-up/plural-cli.md diff --git a/pages/how-to/set-up/new-mgmt-cluster.md b/pages/how-to/set-up/new-mgmt-cluster.md index a00f5471..c59f2a78 100644 --- a/pages/how-to/set-up/new-mgmt-cluster.md +++ b/pages/how-to/set-up/new-mgmt-cluster.md @@ -3,3 +3,4 @@ title: Setting Up a New MGMT Cluster description: Using plural up to Deploy a MGMT Kubernetes CLuster --- +### Prerequisites diff --git a/pages/how-to/set-up/plural-cli.md b/pages/how-to/set-up/plural-cli.md new file mode 100644 index 00000000..38026803 --- /dev/null +++ b/pages/how-to/set-up/plural-cli.md @@ -0,0 +1,28 @@ +--- +title: Installing the Plural CLI +description: Guides for installing the Plural CLI +--- + +### Prerequisites + +[Mac Homebrew](https://brew.sh/) +```sh +/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" +brew update +``` + [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html), [Helm CLI](https://helm.sh/docs/intro/install/), [Terraform](https://developer.hashicorp.com/terraform/install), [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl-macos/) +```sh +brew install awscli helm terraform kubectl +``` + +### Install [Plural CLI](https://github.com/pluralsh/plural-cli/?tab=readme-ov-file#installation) +```sh +brew install pluralsh/plural/plural +``` + +### Issue a Command +```sh +plural cd login +``` + + diff --git a/pages/how-to/set-up/plural-console.md b/pages/how-to/set-up/plural-console.md index f00c6c49..1efeb5ef 100644 --- a/pages/how-to/set-up/plural-console.md +++ b/pages/how-to/set-up/plural-console.md @@ -3,25 +3,9 @@ title: Setting Up Plural Console description: How to Deploy the Plural Console to a MGMT Cluster --- -# Pre Reqs +# Pre Req + -#### [Mac Homebrew](https://brew.sh/) -```sh -/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" -brew update -``` -##### [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html) -```sh -brew install awscli -``` -#### [Helm CLI](https://helm.sh/docs/intro/install/) -```sh -brew install helm -``` -#### [Plural CLI](https://github.com/pluralsh/plural-cli/?tab=readme-ov-file#installation) -```sh -brew install pluralsh/plural/plural -``` ### Configure AWS CLI Config ```ini #~/.aws/config From daac523a57f51bbfc2c3cc1a3c6d1c933a4353b0 Mon Sep 17 00:00:00 2001 From: seemywings Date: Mon, 29 Jul 2024 14:38:58 -0400 Subject: [PATCH 05/21] mgmt cluster --- pages/how-to/set-up/new-mgmt-cluster.md | 62 +++++- pages/how-to/set-up/plural-cli.md | 8 +- pages/how-to/set-up/plural-console.md | 247 +----------------------- src/generated/pages.json | 3 + 4 files changed, 73 insertions(+), 247 deletions(-) diff --git a/pages/how-to/set-up/new-mgmt-cluster.md b/pages/how-to/set-up/new-mgmt-cluster.md index c59f2a78..3dba7707 100644 --- a/pages/how-to/set-up/new-mgmt-cluster.md +++ b/pages/how-to/set-up/new-mgmt-cluster.md @@ -1,6 +1,66 @@ --- title: Setting Up a New MGMT Cluster -description: Using plural up to Deploy a MGMT Kubernetes CLuster +description: Using Plural CLI to Deploy a MGMT Kubernetes Cluster --- ### Prerequisites +[Plural CLI](/how-to/set-up/plural-cli) + +##### Ensure AWS CLI Authentication +Plural uses the _default_ profile when deploying resources in AWS +```sh +aws sts get-caller-identity +``` + +### Create a New Repo for Plural +```sh +git clone git@github.com:pluralsh/plrl-how-to.git +cd plrl-how-to +``` + +### Setup Repo and Deploy Resources +Ensure your _[app.plural.sh](https://app.plural.sh/profile/me)_ User has `admin` permissions +Follow the onscreen prompts to setup the repo and deploy resources +* Use the provided Plural DNS Services for the MGMT Cluster +* When providing a domain name provide the _canonical_ name, e.g. how-to-plrl.onplural.sh +```sh +plural login +plural up +``` + +# Troubleshooting +### "Console failed to become ready" +Sometimes the DNS Resolution can take longer than the expected five minutes +It's also possible the console services take a bit longer to become ready +```sh +Apply complete! Resources: 5 added, 0 changed, 2 destroyed. + +Outputs: + +identity = "arn:aws:iam::312272277431:role/how-to-plrl-plrl-stacks" +Querying console.how-to-plrl.onplural.sh... +... +Querying console.how-to-plrl.onplural.sh... +DNS fully resolved, testing if console is functional... +Pinging https://console.how-to-plrl.onplural.sh... +... +Pinging https://console.how-to-plrl.onplural.sh... +2024/07/29 12:31:03 Console failed to become ready after 5 minutes, you might want to inspect the resources in the plrl-console namespace +``` +This example is an EKS cluster +I am able to get the _kubeconfig_ via the AWS CLI +```sh +aws eks update-kubeconfig --name [cluster name] --alias [context name] +``` +I'm now able to use `kubectl` with the newly added kube context +and see what's happening in all the _`plrl`_ namespaces +The key namespaces to check are: +* plrl-console +* plrl-deploy-operator +* plrl-runtime + +In this instance I saw images in the _`plrl-console`_ namespace +were taking a bit longer to download and initialize. +Once the services were _up_ in the cli, I was able to access the console url + +### User "someone@example.com" cannot list resource diff --git a/pages/how-to/set-up/plural-cli.md b/pages/how-to/set-up/plural-cli.md index 38026803..a37e8329 100644 --- a/pages/how-to/set-up/plural-cli.md +++ b/pages/how-to/set-up/plural-cli.md @@ -3,14 +3,14 @@ title: Installing the Plural CLI description: Guides for installing the Plural CLI --- -### Prerequisites +### Install Prerequisites [Mac Homebrew](https://brew.sh/) ```sh /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" brew update ``` - [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html), [Helm CLI](https://helm.sh/docs/intro/install/), [Terraform](https://developer.hashicorp.com/terraform/install), [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl-macos/) + [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-welcome.html), [Helm CLI](https://helm.sh/), [Terraform](https://developer.hashicorp.com/terraform/intro), [kubectl](https://kubernetes.io/docs/reference/kubectl/) ```sh brew install awscli helm terraform kubectl ``` @@ -20,9 +20,9 @@ brew install awscli helm terraform kubectl brew install pluralsh/plural/plural ``` -### Issue a Command +### Validate Install ```sh -plural cd login +plural login ``` diff --git a/pages/how-to/set-up/plural-console.md b/pages/how-to/set-up/plural-console.md index 1efeb5ef..af4c0ff6 100644 --- a/pages/how-to/set-up/plural-console.md +++ b/pages/how-to/set-up/plural-console.md @@ -3,251 +3,14 @@ title: Setting Up Plural Console description: How to Deploy the Plural Console to a MGMT Cluster --- -# Pre Req +### Prerequisites +[Plural CLI](/how-to/set-up/plural-cli) +[AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html) Access -### Configure AWS CLI Config -```ini -#~/.aws/config -# Note: The profile name is arbitrary -[profile plrl-sandbox] -sso_start_url = https://pluralsh.awsapps.com/start -sso_region = us-east-2 -sso_account_id = 312272277431 -sso_role_name = AdministratorAccess -region = us-east-1 -output = json -``` -#### Test access -```sh -aws sso login --profile plrl-sandbox -``` -```sh -# example output -Attempting to automatically open the SSO authorization page in your default browser. -If the browser does not open or you wish to use a different device to authorize this request, open the following URL: - -https://device.sso.us-east-2.amazonaws.com/ - -Then enter the code: - -XXXX-XXXX -Successfully logged into Start URL: https://pluralsh.awsapps.com/start -``` -##### See if the you are authenticated and can assume the proper role -```sh -aws --profile plrl-sandbox sts get-caller-identity -``` -```sh -# example output -{ - "UserId": "XXXXXXXXXXXXXXXXXXXXX:kevin", - "Account": "XXXXXXXXXXXX", - "Arn": "arn:aws:sts::XXXXXXXXXXXX:assumed-role/AWSReservedSSO_AdministratorAccess_63ff4a47c5786193/kevin" -} -``` - -# Deploy K8s Cluster -If you already have an EKS Cluster running you can skip to [Cluster Configuration](#Cluster-Configuration) -### Create Plural Console Install Repo -```sh -mkdir -p ~/git/plrl/plural-console && cd $_ -git init -git remote add origin git@github.com:pluralsh/plrl-console-kev.git -git submodule add https://github.com/pluralsh/bootstrap.git -mkdir clusters apps helm-values -mkdir apps/repositories apps/services apps/terraform -touch clusters/mgmt.tf clusters/providers.tf -cp bootstrap/terraform/clouds/aws/outputs.tf clusters/. -cp bootstrap/test/aws/provider.tf clusters/. -``` - -### Configure Terraform for AWS EKS Deployment -```sh -# ./clusters/mgmt.tf -locals { - console_name = "plrl-console-kev" -} -module "mgmt" { - source = "../bootstrap/terraform/clouds/aws" - cluster_name = "${local.console_name}-eks" - vpc_name = "${local.console_name}-vpc" - db_name = "${local.console_name}-psql" - kubernetes_version = "1.29" - deletion_protection = false -} - -resource "aws_route53_zone" "primary" { - name = "plrl.livingroom.cloud" -} -``` - -### Run Terraform -```sh -cd clusters -terraform init -upgrade -terraform plan -terraform apply -terraform output -json -``` - -### Get the Kubeconfig for New Cluster to use with `kubectl`/Lense App, etc -```sh -aws --profile plrl-sandbox eks update-kubeconfig --name plrl-console-kev-eks --alias plrl-console-kev-eks -``` - -# Cluster Configuration -### Copy External DNS and Cert Manager IAM Policies for K8s Service Accounts -```sh -cp bootstrap/existing/terraform/aws/iam.tf ./clusters/. -cp bootstrap/existing/terraform/aws/values.tf ./clusters/. -``` -### Add your cluster Name and OIDC provider to the terraform variables -```sh -# ./clusters/variables.tf -variable "cluster_name" { - description = "The name of the EKS cluster" - type = "string" - default = "plrl-console-kev-eks" -} - -variable "cluster_oidc_issuer_arn" { - type = string - description = "The OIDC issuer URL of the EKS cluster" - default = "oidc.eks.us-east-1.amazonaws.com/id/CF79038576E92F4C852874A4B10AE974" -} -``` -### Add an AWS Route53 Hosted Zone -```sh -# ./clusters/iam.tf -resource "aws_route53_zone" "primary" { - name = "plrl.livingroom.cloud" -} -``` - -### Apply the Changes to AWS -```sh -terraform apply -``` -### Configure your DNS to use Route 53 -#### Get the Hosted Zone's Name Servers -```sh -# Replace the ZONE_NAME with your domain and run the aws cli command to ge the name servers -ZONE_NAME="plrl.livingroom.cloud." -aws --profile plrl-sandbox route53 list-hosted-zones --query "HostedZones[?Name=='${ZONE_NAME}'].Id" --output text | xargs -I {} aws --profile plrl-sandbox route53 get-hosted-zone --id {} --query 'DelegationSet.NameServers' --output table -``` -```sh -#example output ------------------------------ -| GetHostedZone | -+---------------------------+ -| ns-534.awsdns-02.net | -| ns-1750.awsdns-26.co.uk | -| ns-234.awsdns-29.com | -| ns-1029.awsdns-00.org | -+---------------------------+ -``` -#### Create an NS Records for each AWS name server -* A minimum of two records are required -* Ensure the NS records are for the root or subdomain to be used by the plural consol -* In my case the is for plrl.livingroom.cloud -* I'm using CloudFlare as my domain provider with these records - -| Type | Name | Content | Proxy Status | TTL | -|-------|-------|-----------|--------------|-------| -| A | livingroom.cloud | x.x.x.x | Enabled | 1m | -| NS | plrl | ns-234.awsdns-29.com | Disabled | 1m | -| NS | plrl | ns-1750.awsdns-26.co.uk | Disabled | 1m | -| NS | plrl | ns-234.awsdns-29.com | Disabled | 1m | -| NS | plrl | ns-1029.awsdns-00.org | Disabled | 1m | -##### Note: You may need to wait for [DNS propagation](https://www.whatsmydns.net/#NS/plrl.livingroom.cloud) before the console/TLS validation is available - -### Update Helm Values with the created IAM Roles and use Appropriate Provider -```sh -cp bootstrap/helm/* helm-values/. -``` -```yaml -# ./helm-values/certmanager.yaml -installCRDs: true -serviceAccount: - name: cert-manager - annotations: - eks.amazonaws.com/role-arn: "arn:aws:iam::312272277431:role/plrl-console-kev-eks-certmanager-extdns" -securityContext: - fsGroup: 1000 - runAsNonRoot: true -``` -```yaml -# ./runtime.yaml -... - -external-dns: - enabled: true - serviceAccount: - name: externaldns - annotations: - plural.sh/dummy: ignore - eks.amazonaws.com/role-arn: "arn:aws:iam::312272277431:role/plrl-console-kev-eks-certmanager-extdns" -... - provider: aws # <- change to the provider you actually wish to use - - domainFilters: - - plrl.livingroom.cloud # <- you need to change this - -ingress-nginx: - controller: - service: - annotations: - service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing - service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp - service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: 'true' - service.beta.kubernetes.io/aws-load-balancer-type: external - service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip - service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: "*" - service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: '3600' - -``` -### Deploy Plural Runtime -```sh -helm repo add jetstack https://charts.jetstack.io || helm repo update -helm repo add plrl-bootstrap https://pluralsh.github.io/bootstrap || helm repo update -helm upgrade --install --create-namespace cert-manager jetstack/cert-manager -f helm-values/certmanager.yaml -n cert-manager -helm upgrade --install --create-namespace plrl-runtime plrl-bootstrap/runtime -f helm-values/runtime.yaml -n plrl-runtime -``` - -### Deploy Plural Console +##### Ensure AWS CLI Authentication ```sh -plural login -# Note: If you deployed using bootstrap terraform you can get the PSQL connection string from running: terraform output --json -plural cd control-plane -helm repo add plrl-console https://pluralsh.github.io/console -helm upgrade --install --create-namespace -f values.secret.yaml console plrl-console/console -n plrl-console +aws sts get-caller-identity ``` -#### View and Login to the Console: https://console.plrl.livingroom.cloud - -### Add an [RBAC Binding](https://github.com/pluralsh/documentation/blob/8e205adfede17b0e412a2c8d81ac511dd71fe59b/pages/deployments/dashboard.md) for the console users -```sh -mkdir rbac -touch ./rbac/ConsoleClusterRoleBindings.yaml -``` -### Configure the Cluster Role Binding for console User -```sh -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: console-kev-binding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: admin -subjects: - - apiGroup: rbac.authorization.k8s.io - kind: User - name: Kevin@Plural.sh -``` -### Apply the Bindings -```sh -kubectl apply -f ./rbac/ConsoleClusterRoleBindings.yaml -``` diff --git a/src/generated/pages.json b/src/generated/pages.json index 4cf7c606..19eef25a 100644 --- a/src/generated/pages.json +++ b/src/generated/pages.json @@ -305,6 +305,9 @@ { "path": "/how-to/set-up/plural-cli" }, + { + "path": "/how-to/set-up/plural-cli" + }, { "path": "/how-to/set-up/plural-console" }, From 4e591d731a69ca215f8dddcdb70b73841ddbcae4 Mon Sep 17 00:00:00 2001 From: seemywings Date: Mon, 29 Jul 2024 15:44:34 -0400 Subject: [PATCH 06/21] cloud auth --- pages/how-to/set-up/new-mgmt-cluster.md | 88 ++++++++++++++++++------- pages/how-to/set-up/plural-console.md | 14 ++-- 2 files changed, 71 insertions(+), 31 deletions(-) diff --git a/pages/how-to/set-up/new-mgmt-cluster.md b/pages/how-to/set-up/new-mgmt-cluster.md index 3dba7707..49853d71 100644 --- a/pages/how-to/set-up/new-mgmt-cluster.md +++ b/pages/how-to/set-up/new-mgmt-cluster.md @@ -6,12 +6,23 @@ description: Using Plural CLI to Deploy a MGMT Kubernetes Cluster ### Prerequisites [Plural CLI](/how-to/set-up/plural-cli) -##### Ensure AWS CLI Authentication -Plural uses the _default_ profile when deploying resources in AWS +##### Ensure Cloud Provider CLI Authentication +Plural uses the _default_ profile when deploying resources + +AWS ```sh aws sts get-caller-identity +``` +AZ +```sh +az account show +``` +GCP +```sh +gcloud auth list ``` + ### Create a New Repo for Plural ```sh git clone git@github.com:pluralsh/plrl-how-to.git @@ -29,38 +40,65 @@ plural up ``` # Troubleshooting -### "Console failed to become ready" -Sometimes the DNS Resolution can take longer than the expected five minutes -It's also possible the console services take a bit longer to become ready +### Get Kubeconfig for the MGMT Cluster +AWS ```sh -Apply complete! Resources: 5 added, 0 changed, 2 destroyed. - -Outputs: - -identity = "arn:aws:iam::312272277431:role/how-to-plrl-plrl-stacks" -Querying console.how-to-plrl.onplural.sh... -... -Querying console.how-to-plrl.onplural.sh... -DNS fully resolved, testing if console is functional... -Pinging https://console.how-to-plrl.onplural.sh... -... -Pinging https://console.how-to-plrl.onplural.sh... -2024/07/29 12:31:03 Console failed to become ready after 5 minutes, you might want to inspect the resources in the plrl-console namespace +aws eks update-kubeconfig --name [CLUSTER_NAME] ``` -This example is an EKS cluster -I am able to get the _kubeconfig_ via the AWS CLI +AZ ```sh -aws eks update-kubeconfig --name [cluster name] --alias [context name] +az aks get-credentials --name [CLUSTER_NAME] ``` -I'm now able to use `kubectl` with the newly added kube context -and see what's happening in all the _`plrl`_ namespaces +GCP +```sh +gcloud container clusters get-credentials [CLUSTER_NAME] +``` + +Use `kubectl` with the newly added kube context The key namespaces to check are: * plrl-console * plrl-deploy-operator * plrl-runtime -In this instance I saw images in the _`plrl-console`_ namespace +### "Console failed to become ready" +Sometimes the DNS Resolution can take longer than the expected five minutes +It's also possible the console services take a bit longer to become ready +```sh +2024/07/29 12:31:03 Console failed to become ready after 5 minutes, you might want to inspect the resources in the plrl-console namespace +``` +In this instance the images in the _`plrl-console`_ namespace were taking a bit longer to download and initialize. Once the services were _up_ in the cli, I was able to access the console url -### User "someone@example.com" cannot list resource +### Cannot list resources in the Kubernetes Dashboard +This is due to missing [RBAC Bindings](https://github.com/pluralsh/documentation/blob/8e205adfede17b0e412a2c8d81ac511dd71fe59b/pages/deployments/dashboard.md) for the console users +![alt text](/images/how-to/k8s-dash-403.png) + +##### Add the RBAC Helm Values in the MGMT Cluster Repo +```sh +./helm-values/ConsoleClusterRoleBindings.yaml +``` +##### Configure the Cluster Role Binding for console User +```sh +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: console-binding-someone-your-company-com +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: admin +subjects: + - apiGroup: rbac.authorization.k8s.io + kind: User + name: someone@your.company.com +``` +You can list existing Cluster Roles with `kubectl get clusterroles` +There are several ways to manage [RBAC Bindings](https://github.com/pluralsh/documentation/blob/8e205adfede17b0e412a2c8d81ac511dd71fe59b/pages/deployments/dashboard.md) +This example binds the _`admin`_ cluster role to a single _someone@your.company.com_ user + + +##### Apply the Bindings +```sh +kubectl apply -f ./helm-values/ConsoleClusterRoleBindings.yaml +``` \ No newline at end of file diff --git a/pages/how-to/set-up/plural-console.md b/pages/how-to/set-up/plural-console.md index af4c0ff6..2da038ec 100644 --- a/pages/how-to/set-up/plural-console.md +++ b/pages/how-to/set-up/plural-console.md @@ -5,12 +5,14 @@ description: How to Deploy the Plural Console to a MGMT Cluster ### Prerequisites [Plural CLI](/how-to/set-up/plural-cli) -[AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html) Access - -##### Ensure AWS CLI Authentication +### Deploy Plural Console ```sh -aws sts get-caller-identity +plural login +# Note: If you deployed using bootstrap terraform you can get the PSQL connection string from running: terraform output --json +plural cd control-plane +helm repo add plrl-console https://pluralsh.github.io/console +helm upgrade --install --create-namespace -f values.secret.yaml console plrl-console/console -n plrl-console ``` - - +The `plural cd control-plane` command creates the _`values.secret.yaml`_ +and we use `helm` to apply them to the cluster From afb80b284b4f7d43b71e00e35a226e427a113975 Mon Sep 17 00:00:00 2001 From: seemywings Date: Mon, 29 Jul 2024 15:52:40 -0400 Subject: [PATCH 07/21] console --- pages/how-to/set-up/plural-console.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/pages/how-to/set-up/plural-console.md b/pages/how-to/set-up/plural-console.md index 2da038ec..1a45b1c1 100644 --- a/pages/how-to/set-up/plural-console.md +++ b/pages/how-to/set-up/plural-console.md @@ -6,7 +6,9 @@ description: How to Deploy the Plural Console to a MGMT Cluster ### Prerequisites [Plural CLI](/how-to/set-up/plural-cli) -### Deploy Plural Console +### Deploy Plural Console +The `plural cd control-plane` command creates the _`values.secret.yaml`_ +and we use `helm` to apply them to the cluster ```sh plural login # Note: If you deployed using bootstrap terraform you can get the PSQL connection string from running: terraform output --json @@ -14,5 +16,4 @@ plural cd control-plane helm repo add plrl-console https://pluralsh.github.io/console helm upgrade --install --create-namespace -f values.secret.yaml console plrl-console/console -n plrl-console ``` -The `plural cd control-plane` command creates the _`values.secret.yaml`_ -and we use `helm` to apply them to the cluster + From 220e282d748d82a07f5a42e37fe6709cbcfbb394 Mon Sep 17 00:00:00 2001 From: seemywings Date: Mon, 29 Jul 2024 16:04:25 -0400 Subject: [PATCH 08/21] PR comment fixes --- pages/how-to/set-up/new-mgmt-cluster.md | 42 ++----------------------- 1 file changed, 2 insertions(+), 40 deletions(-) diff --git a/pages/how-to/set-up/new-mgmt-cluster.md b/pages/how-to/set-up/new-mgmt-cluster.md index 49853d71..aa5f59aa 100644 --- a/pages/how-to/set-up/new-mgmt-cluster.md +++ b/pages/how-to/set-up/new-mgmt-cluster.md @@ -41,17 +41,8 @@ plural up # Troubleshooting ### Get Kubeconfig for the MGMT Cluster -AWS ```sh -aws eks update-kubeconfig --name [CLUSTER_NAME] -``` -AZ -```sh -az aks get-credentials --name [CLUSTER_NAME] -``` -GCP -```sh -gcloud container clusters get-credentials [CLUSTER_NAME] +plural wkspace kube-init ``` Use `kubectl` with the newly added kube context @@ -71,34 +62,5 @@ were taking a bit longer to download and initialize. Once the services were _up_ in the cli, I was able to access the console url ### Cannot list resources in the Kubernetes Dashboard -This is due to missing [RBAC Bindings](https://github.com/pluralsh/documentation/blob/8e205adfede17b0e412a2c8d81ac511dd71fe59b/pages/deployments/dashboard.md) for the console users ![alt text](/images/how-to/k8s-dash-403.png) - -##### Add the RBAC Helm Values in the MGMT Cluster Repo -```sh -./helm-values/ConsoleClusterRoleBindings.yaml -``` -##### Configure the Cluster Role Binding for console User -```sh -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: console-binding-someone-your-company-com -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: admin -subjects: - - apiGroup: rbac.authorization.k8s.io - kind: User - name: someone@your.company.com -``` -You can list existing Cluster Roles with `kubectl get clusterroles` -There are several ways to manage [RBAC Bindings](https://github.com/pluralsh/documentation/blob/8e205adfede17b0e412a2c8d81ac511dd71fe59b/pages/deployments/dashboard.md) -This example binds the _`admin`_ cluster role to a single _someone@your.company.com_ user - - -##### Apply the Bindings -```sh -kubectl apply -f ./helm-values/ConsoleClusterRoleBindings.yaml -``` \ No newline at end of file +This is expected and due to missing [RBAC Bindings](https://github.com/pluralsh/documentation/blob/main/pages/deployments/dashboard.md) for the console users From be40f8670373c13b006a6abb223bb031cbaa14a9 Mon Sep 17 00:00:00 2001 From: seemywings Date: Mon, 29 Jul 2024 16:09:14 -0400 Subject: [PATCH 09/21] repo creation updates --- pages/how-to/set-up/new-mgmt-cluster.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/pages/how-to/set-up/new-mgmt-cluster.md b/pages/how-to/set-up/new-mgmt-cluster.md index aa5f59aa..e00b2840 100644 --- a/pages/how-to/set-up/new-mgmt-cluster.md +++ b/pages/how-to/set-up/new-mgmt-cluster.md @@ -33,7 +33,10 @@ cd plrl-how-to Ensure your _[app.plural.sh](https://app.plural.sh/profile/me)_ User has `admin` permissions Follow the onscreen prompts to setup the repo and deploy resources * Use the provided Plural DNS Services for the MGMT Cluster -* When providing a domain name provide the _canonical_ name, e.g. how-to-plrl.onplural.sh + * When providing a domain name provide the _canonical_ name, e.g. how-to-plrl.onplural.sh +* The Plural CLI will create a new repository + * If there are permission related repository creation constraints + the repo can be cloned before running `plural` commands ```sh plural login plural up From 6666cf1cf4d862e016ed58a4f5ec8cf7c1e6a048 Mon Sep 17 00:00:00 2001 From: seemywings Date: Mon, 29 Jul 2024 16:14:52 -0400 Subject: [PATCH 10/21] rm repo creation block --- pages/how-to/set-up/new-mgmt-cluster.md | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/pages/how-to/set-up/new-mgmt-cluster.md b/pages/how-to/set-up/new-mgmt-cluster.md index e00b2840..2fb90f17 100644 --- a/pages/how-to/set-up/new-mgmt-cluster.md +++ b/pages/how-to/set-up/new-mgmt-cluster.md @@ -22,21 +22,17 @@ GCP gcloud auth list ``` - -### Create a New Repo for Plural -```sh -git clone git@github.com:pluralsh/plrl-how-to.git -cd plrl-how-to -``` - ### Setup Repo and Deploy Resources Ensure your _[app.plural.sh](https://app.plural.sh/profile/me)_ User has `admin` permissions Follow the onscreen prompts to setup the repo and deploy resources -* Use the provided Plural DNS Services for the MGMT Cluster - * When providing a domain name provide the _canonical_ name, e.g. how-to-plrl.onplural.sh + * The Plural CLI will create a new repository * If there are permission related repository creation constraints the repo can be cloned before running `plural` commands + +* Use the provided Plural DNS Services for the MGMT Cluster + * When providing a domain name provide the _canonical_ name, e.g. how-to-plrl.onplural.sh + ```sh plural login plural up From 6bf545546ef39fc2e597505b6584873b2f0cac21 Mon Sep 17 00:00:00 2001 From: seemywings Date: Tue, 30 Jul 2024 15:58:05 -0400 Subject: [PATCH 11/21] add other setup and upgrade docs --- pages/how-to/set-up/mgmt-cluster.md | 2 +- pages/how-to/set-up/new-mgmt-cluster.md | 65 ------------------------ pages/how-to/set-up/pipelines.md | 17 +++++++ pages/how-to/set-up/workload-cluster.md | 2 +- pages/how-to/upgrade/index.md | 4 ++ pages/how-to/upgrade/mgmt-cluster.md | 44 ++++++++++++++++ pages/how-to/upgrade/plural-cli.md | 28 ++++++++++ pages/how-to/upgrade/workload-cluster.md | 44 ++++++++++++++++ pages/how-to/use/index.md | 4 -- pages/how-to/use/plural-api.md | 4 -- pages/how-to/use/plural-console.md | 4 -- pages/how-to/use/plural-docs.md | 4 -- 12 files changed, 139 insertions(+), 83 deletions(-) delete mode 100644 pages/how-to/set-up/new-mgmt-cluster.md create mode 100644 pages/how-to/upgrade/index.md create mode 100644 pages/how-to/upgrade/mgmt-cluster.md create mode 100644 pages/how-to/upgrade/plural-cli.md create mode 100644 pages/how-to/upgrade/workload-cluster.md delete mode 100644 pages/how-to/use/index.md delete mode 100644 pages/how-to/use/plural-api.md delete mode 100644 pages/how-to/use/plural-console.md delete mode 100644 pages/how-to/use/plural-docs.md diff --git a/pages/how-to/set-up/mgmt-cluster.md b/pages/how-to/set-up/mgmt-cluster.md index b9bcebeb..935c1300 100644 --- a/pages/how-to/set-up/mgmt-cluster.md +++ b/pages/how-to/set-up/mgmt-cluster.md @@ -46,4 +46,4 @@ There are a few reasons you'd consider using this over Plural Cloud: * Integration - Oftentimes resources needed by Plural are themselves hosted on private networks, for instance Git Repositories. In that case, it's logistically easier to self-host and place it in an integrated network. * Scaling - you want complete control as to how Plural Scales for your enterprise. `dedicated` cloud hosting does this perfectly well too, but some orgs want their own hands on the wheel. -Plural is meant to be architecturally simple and efficient. Most organizations that do chose to self-host are shocked at how streamlined managing it is, especially compared to some more bloated CNCF projects, so it is a surprisingly viable way to manage the software if that is what your organization desires. \ No newline at end of file +Plural is meant to be architecturally simple and efficient. Most organizations that do chose to self-host are shocked at how streamlined managing it is, especially compared to some more bloated CNCF projects, so it is a surprisingly viable way to manage the software if that is what your organization desires. diff --git a/pages/how-to/set-up/new-mgmt-cluster.md b/pages/how-to/set-up/new-mgmt-cluster.md deleted file mode 100644 index 2fb90f17..00000000 --- a/pages/how-to/set-up/new-mgmt-cluster.md +++ /dev/null @@ -1,65 +0,0 @@ ---- -title: Setting Up a New MGMT Cluster -description: Using Plural CLI to Deploy a MGMT Kubernetes Cluster ---- - -### Prerequisites -[Plural CLI](/how-to/set-up/plural-cli) - -##### Ensure Cloud Provider CLI Authentication -Plural uses the _default_ profile when deploying resources - -AWS -```sh -aws sts get-caller-identity -``` -AZ -```sh -az account show -``` -GCP -```sh -gcloud auth list -``` - -### Setup Repo and Deploy Resources -Ensure your _[app.plural.sh](https://app.plural.sh/profile/me)_ User has `admin` permissions -Follow the onscreen prompts to setup the repo and deploy resources - -* The Plural CLI will create a new repository - * If there are permission related repository creation constraints - the repo can be cloned before running `plural` commands - -* Use the provided Plural DNS Services for the MGMT Cluster - * When providing a domain name provide the _canonical_ name, e.g. how-to-plrl.onplural.sh - -```sh -plural login -plural up -``` - -# Troubleshooting -### Get Kubeconfig for the MGMT Cluster -```sh -plural wkspace kube-init -``` - -Use `kubectl` with the newly added kube context -The key namespaces to check are: -* plrl-console -* plrl-deploy-operator -* plrl-runtime - -### "Console failed to become ready" -Sometimes the DNS Resolution can take longer than the expected five minutes -It's also possible the console services take a bit longer to become ready -```sh -2024/07/29 12:31:03 Console failed to become ready after 5 minutes, you might want to inspect the resources in the plrl-console namespace -``` -In this instance the images in the _`plrl-console`_ namespace -were taking a bit longer to download and initialize. -Once the services were _up_ in the cli, I was able to access the console url - -### Cannot list resources in the Kubernetes Dashboard -![alt text](/images/how-to/k8s-dash-403.png) -This is expected and due to missing [RBAC Bindings](https://github.com/pluralsh/documentation/blob/main/pages/deployments/dashboard.md) for the console users diff --git a/pages/how-to/set-up/pipelines.md b/pages/how-to/set-up/pipelines.md index df9053d3..7f7f10e0 100644 --- a/pages/how-to/set-up/pipelines.md +++ b/pages/how-to/set-up/pipelines.md @@ -4,6 +4,23 @@ description: Using Plural Deploy Pipelines --- # Prerequisites +[Plural CLI](/how-to/set-up/plural-cli) + +#### Ensure Cloud Provider CLI Authentication +**Plural** uses the _default_ profile when deploying resources + +AWS +```sh +aws sts get-caller-identity +``` +AZ +```sh +az account show +``` +GCP +```sh +gcloud auth list +``` #### Ensure your _[app.plural.sh](https://app.plural.sh/profile/me)_ User has `admin` permissions diff --git a/pages/how-to/set-up/workload-cluster.md b/pages/how-to/set-up/workload-cluster.md index c468dff3..26006f26 100644 --- a/pages/how-to/set-up/workload-cluster.md +++ b/pages/how-to/set-up/workload-cluster.md @@ -52,4 +52,4 @@ By default these stacks require approval for safety (terraform can do the strang {% callout severity="info" %} Cluster provisioning usually takes quite a while. On AWS, expect the process to take upwards of 20m, it can be more like 10m on GCP. -{% /callout %} \ No newline at end of file +{% /callout %} diff --git a/pages/how-to/upgrade/index.md b/pages/how-to/upgrade/index.md new file mode 100644 index 00000000..3be62ad9 --- /dev/null +++ b/pages/how-to/upgrade/index.md @@ -0,0 +1,4 @@ +--- +title: Upgrading Plural Components +description: Using Plural CLI to Upgrade Resources +--- diff --git a/pages/how-to/upgrade/mgmt-cluster.md b/pages/how-to/upgrade/mgmt-cluster.md new file mode 100644 index 00000000..0d69fdcb --- /dev/null +++ b/pages/how-to/upgrade/mgmt-cluster.md @@ -0,0 +1,44 @@ +--- +title: Upgrading a MGMT Cluster +description: Using Plural CLI to Upgrade a Management Kubernetes Cluster +--- + +# Prerequisites +[Plural CLI](/how-to/set-up/plural-cli) + +#### Ensure Cloud Provider CLI Authentication +**Plural** uses the _default_ profile when deploying resources + +AWS +```sh +aws sts get-caller-identity +``` +AZ +```sh +az account show +``` +GCP +```sh +gcloud auth list +``` + +#### Ensure your _[app.plural.sh](https://app.plural.sh/profile/me)_ User has `admin` permissions + +```sh +plural login +``` + +# Set Up +Create first workload cluster with Stacks (should use the cluster-creator PR automation from plural up) + +# Troubleshooting +#### Get Kubeconfig for the MGMT Cluster +```sh +plural wkspace kube-init +``` + +Use `kubectl` with the newly added kube context +The key namespaces to check are: +* plrl-console +* plrl-deploy-operator +* plrl-runtime diff --git a/pages/how-to/upgrade/plural-cli.md b/pages/how-to/upgrade/plural-cli.md new file mode 100644 index 00000000..c0cda7b1 --- /dev/null +++ b/pages/how-to/upgrade/plural-cli.md @@ -0,0 +1,28 @@ +--- +title: Upgrading the Plural CLI +description: Guides for Upgrading the Plural CLI +--- + +### Install Prerequisites + +[Mac Homebrew](https://brew.sh/) +```sh +/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" +brew update +``` + [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-welcome.html), [Helm CLI](https://helm.sh/), [Terraform](https://developer.hashicorp.com/terraform/intro), [kubectl](https://kubernetes.io/docs/reference/kubectl/) +```sh +brew install awscli helm terraform kubectl +``` + +### Install [Plural CLI](https://github.com/pluralsh/plural-cli/?tab=readme-ov-file#installation) +```sh +brew upgrade pluralsh/plural/plural +``` + +### Validate Install +```sh +plural login +``` + + diff --git a/pages/how-to/upgrade/workload-cluster.md b/pages/how-to/upgrade/workload-cluster.md new file mode 100644 index 00000000..ce59725c --- /dev/null +++ b/pages/how-to/upgrade/workload-cluster.md @@ -0,0 +1,44 @@ +--- +title: Upgrading a Workload Cluster +description: Using Plural CLI to Upgrade a Workload Kubernetes Cluster +--- + +# Prerequisites +[Plural CLI](/how-to/set-up/plural-cli) + +#### Ensure Cloud Provider CLI Authentication +**Plural** uses the _default_ profile when deploying resources + +AWS +```sh +aws sts get-caller-identity +``` +AZ +```sh +az account show +``` +GCP +```sh +gcloud auth list +``` + +#### Ensure your _[app.plural.sh](https://app.plural.sh/profile/me)_ User has `admin` permissions + +```sh +plural login +``` + +# Set Up +Create first workload cluster with Stacks (should use the cluster-creator PR automation from plural up) + +# Troubleshooting +#### Get Kubeconfig for the MGMT Cluster +```sh +plural wkspace kube-init +``` + +Use `kubectl` with the newly added kube context +The key namespaces to check are: +* plrl-console +* plrl-deploy-operator +* plrl-runtime diff --git a/pages/how-to/use/index.md b/pages/how-to/use/index.md deleted file mode 100644 index c798facd..00000000 --- a/pages/how-to/use/index.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -title: Using Plural -description: Guides for Using Various Aspects of Plural ---- \ No newline at end of file diff --git a/pages/how-to/use/plural-api.md b/pages/how-to/use/plural-api.md deleted file mode 100644 index b7692158..00000000 --- a/pages/how-to/use/plural-api.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -title: Using Plural API -description: Guides for Using Various Aspects of the Plural API ---- \ No newline at end of file diff --git a/pages/how-to/use/plural-console.md b/pages/how-to/use/plural-console.md deleted file mode 100644 index fe6d9016..00000000 --- a/pages/how-to/use/plural-console.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -title: Using Plural Console -description: Guides for Using Various Aspects of the Plural Console ---- \ No newline at end of file diff --git a/pages/how-to/use/plural-docs.md b/pages/how-to/use/plural-docs.md deleted file mode 100644 index 210dc16a..00000000 --- a/pages/how-to/use/plural-docs.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -title: Using Plural Documentation -description: Guides for Using Various Aspects of the Plural Documentation ---- \ No newline at end of file From 4f37990a6810fb049679f48d4c5f65a911ef4c49 Mon Sep 17 00:00:00 2001 From: seemywings Date: Fri, 9 Aug 2024 18:30:41 -0400 Subject: [PATCH 12/21] workload-cluster --- pages/how-to/set-up/scm-connection.md | 70 +++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) diff --git a/pages/how-to/set-up/scm-connection.md b/pages/how-to/set-up/scm-connection.md index c3b5fb40..fcc445af 100644 --- a/pages/how-to/set-up/scm-connection.md +++ b/pages/how-to/set-up/scm-connection.md @@ -25,6 +25,7 @@ Some things you'll need to run this tutorial: * This is only required when creating the webhook * The workload cluster can still be created without the SCM webhook +<<<<<<< HEAD ## Create a New SCM Connection Creating an SCM Connection is easiest just using our UI. You can then reference that created resource via k8s CRD to drive other workflows. Step by step, you'll want to: @@ -50,6 +51,27 @@ Once the connection is created in the UI we can reference it with a CRD instance * ❕ Ensure the Name Provided in the UI matches the `spec.name` in the CRD Exactly * An [`ScmConnection`](/deployments/operator/api#scmconnection) yaml template for GitHub exists in `bootstrap/pr-automation/scm.yaml`, you'll simply need to uncomment it. It should look like this: +======= +# Set Up +### Create a New SCM Connection +* **Navigate to `https://console.[YOUR DOMAIN].onplural.sh/pr/scm`** +* **Click the _Create Connection_ Button at the Top Right** +![Create SCM Connection Button](/images/how-to/console_create-scm-btn.png) + +* **Fil in the Required Fields** + * **Provider Type**: The SCM Provider Hosting Git Repositories + * **Name**: Reference Name for the Provider + * ℹ️ **NOTE**: The _cluster-creator_ PR Automation looks for `github` by default + * **Token**: The Deploy Token to use + +![Create SCM Connection Modal](/images/how-to/console_create-scm-modal.png) + +### **Create an [`ScmConnection`](https://docs.plural.sh/deployments/operator/api#scmconnection) CRD Instance** +Once the connection is created in the UI we can reference it with a CRD instance + * ❕ Ensure the Name Provided in the UI matches the `spec.name` in the CRD Exactly + * The [`ScmConnection`](https://docs.plural.sh/deployments/operator/api#scmconnection) yaml can be saved in your MGMT Cluster Repo + * You can use `kubectl` to apply it to the MGMT cluster +>>>>>>> 0a3170e (workload-cluster) ```yaml apiVersion: deployments.plural.sh/v1alpha1 kind: ScmConnection @@ -59,6 +81,7 @@ spec: name: github type: GITHUB ``` +<<<<<<< HEAD You should now be able to commit and push, and Plural will sync it in (or create a PR to merge it into your main branch): @@ -82,16 +105,32 @@ If you want that functionality, simply add a webhook in your SCM by doing the fo * **Navigate to `https://{your-console-domain}/pr/scm-webhooks`** * **Click the `Create Webhook` Button** +======= +### **Add an SCM Provider Webhook** +If you navigate to `https://console.[YOUR DOMAIN].onplural.sh/pr/queue` +You'll see even though the SCM connection is complete +and the PR is merged the status of the cluster creator PR is still _open_ + +We need to add an SCM Webhook to fix this. +* **Navigate to `https://console.[YOUR DOMAIN].onplural.sh/pr/scm-webhooks`** +* **Click the `Create Webhook` Button** +![](/images/how-to/create-scm-webhook-btn.png) +>>>>>>> 0a3170e (workload-cluster) * **Fill the Required Fields** * **Provider Type**: The SCM Provider Hosting Git Repositories * This may be obvious, but you need to select the same provider as the console webhook * **Owner**: The Organization or Group Within the SCM Provider +<<<<<<< HEAD * **Secret**: The Webhook Secret to Share, you can generate a cryptographically secure one with `plural crypto random` +======= + * **Secret**: The Webhook Secret to Share +>>>>>>> 0a3170e (workload-cluster) ![](/images/how-to/create-scm-webhook-modal-0.png) * **Click `Create`** * Copy the Webhook URL and note the secret to use within the SCM Provider Webhook ![](/images/how-to/create-scm-webhook-modal-1.png) +<<<<<<< HEAD * **Create the Webhook with the SCM Provider** You can create this webhook at whatever scope you'd prefer. Depending on the scope, the permissions needed will likely vary. A simple place to start is just creating a webhook scoped to your `plural up` repository. @@ -102,3 +141,34 @@ Here's some docs to help you work through the webhook creation process for a lot * [GitHub Organization Webhooks](https://docs.github.com/en/webhooks/using-webhooks/creating-webhooks#creating-an-organization-webhook) * [GitLab Group Webhooks](https://docs.gitlab.com/ee/user/project/integrations/webhooks.html#group-webhooks) * [Bitbucket Webhooks](https://confluence.atlassian.com/bitbucketserver/manage-webhooks-938025878.html) +======= + +* **Create the Webhook with the SCM Provider** +❕ You Must be an Owner or Have Admin Access to Create Webhooks + * [GitHub Organization Webhooks](https://docs.github.com/en/webhooks/using-webhooks/creating-webhooks#creating-an-organization-webhook) + * [GitLab Group Webhooks](https://docs.gitlab.com/ee/user/project/integrations/webhooks.html#group-webhooks) + * [Bitbucket Webhooks](https://confluence.atlassian.com/bitbucketserver/manage-webhooks-938025878.html) + + + + +# Troubleshooting + +#### Get Kubeconfig for the MGMT Cluster +```sh +plural wkspace kube-init +``` + +Use `kubectl` with the newly added kube context +The key namespaces to check are: +* plrl-console +* plrl-deploy-operator +* plrl-runtime + +#### Check the Status of the SCM Connection +```sh +kubectl describe ScmConnection github +``` +Take note of the status conditions. +The Messages will provide failure or success messages. +>>>>>>> 0a3170e (workload-cluster) From ed5f160bfe18a79e71fe45d625822741fa62045d Mon Sep 17 00:00:00 2001 From: seemywings Date: Thu, 22 Aug 2024 14:04:18 -0400 Subject: [PATCH 13/21] update controllers --- pages/how-to/set-up/scm-connection.md | 72 +-------------------------- 1 file changed, 1 insertion(+), 71 deletions(-) diff --git a/pages/how-to/set-up/scm-connection.md b/pages/how-to/set-up/scm-connection.md index fcc445af..eda07df4 100644 --- a/pages/how-to/set-up/scm-connection.md +++ b/pages/how-to/set-up/scm-connection.md @@ -25,7 +25,6 @@ Some things you'll need to run this tutorial: * This is only required when creating the webhook * The workload cluster can still be created without the SCM webhook -<<<<<<< HEAD ## Create a New SCM Connection Creating an SCM Connection is easiest just using our UI. You can then reference that created resource via k8s CRD to drive other workflows. Step by step, you'll want to: @@ -51,27 +50,6 @@ Once the connection is created in the UI we can reference it with a CRD instance * ❕ Ensure the Name Provided in the UI matches the `spec.name` in the CRD Exactly * An [`ScmConnection`](/deployments/operator/api#scmconnection) yaml template for GitHub exists in `bootstrap/pr-automation/scm.yaml`, you'll simply need to uncomment it. It should look like this: -======= -# Set Up -### Create a New SCM Connection -* **Navigate to `https://console.[YOUR DOMAIN].onplural.sh/pr/scm`** -* **Click the _Create Connection_ Button at the Top Right** -![Create SCM Connection Button](/images/how-to/console_create-scm-btn.png) - -* **Fil in the Required Fields** - * **Provider Type**: The SCM Provider Hosting Git Repositories - * **Name**: Reference Name for the Provider - * ℹ️ **NOTE**: The _cluster-creator_ PR Automation looks for `github` by default - * **Token**: The Deploy Token to use - -![Create SCM Connection Modal](/images/how-to/console_create-scm-modal.png) - -### **Create an [`ScmConnection`](https://docs.plural.sh/deployments/operator/api#scmconnection) CRD Instance** -Once the connection is created in the UI we can reference it with a CRD instance - * ❕ Ensure the Name Provided in the UI matches the `spec.name` in the CRD Exactly - * The [`ScmConnection`](https://docs.plural.sh/deployments/operator/api#scmconnection) yaml can be saved in your MGMT Cluster Repo - * You can use `kubectl` to apply it to the MGMT cluster ->>>>>>> 0a3170e (workload-cluster) ```yaml apiVersion: deployments.plural.sh/v1alpha1 kind: ScmConnection @@ -81,7 +59,6 @@ spec: name: github type: GITHUB ``` -<<<<<<< HEAD You should now be able to commit and push, and Plural will sync it in (or create a PR to merge it into your main branch): @@ -105,32 +82,16 @@ If you want that functionality, simply add a webhook in your SCM by doing the fo * **Navigate to `https://{your-console-domain}/pr/scm-webhooks`** * **Click the `Create Webhook` Button** -======= -### **Add an SCM Provider Webhook** -If you navigate to `https://console.[YOUR DOMAIN].onplural.sh/pr/queue` -You'll see even though the SCM connection is complete -and the PR is merged the status of the cluster creator PR is still _open_ - -We need to add an SCM Webhook to fix this. -* **Navigate to `https://console.[YOUR DOMAIN].onplural.sh/pr/scm-webhooks`** -* **Click the `Create Webhook` Button** -![](/images/how-to/create-scm-webhook-btn.png) ->>>>>>> 0a3170e (workload-cluster) * **Fill the Required Fields** * **Provider Type**: The SCM Provider Hosting Git Repositories * This may be obvious, but you need to select the same provider as the console webhook * **Owner**: The Organization or Group Within the SCM Provider -<<<<<<< HEAD * **Secret**: The Webhook Secret to Share, you can generate a cryptographically secure one with `plural crypto random` -======= - * **Secret**: The Webhook Secret to Share ->>>>>>> 0a3170e (workload-cluster) ![](/images/how-to/create-scm-webhook-modal-0.png) * **Click `Create`** * Copy the Webhook URL and note the secret to use within the SCM Provider Webhook ![](/images/how-to/create-scm-webhook-modal-1.png) -<<<<<<< HEAD * **Create the Webhook with the SCM Provider** You can create this webhook at whatever scope you'd prefer. Depending on the scope, the permissions needed will likely vary. A simple place to start is just creating a webhook scoped to your `plural up` repository. @@ -140,35 +101,4 @@ Here's some docs to help you work through the webhook creation process for a lot * [Github Repository Webhooks](https://docs.github.com/en/webhooks/using-webhooks/creating-webhooks#creating-a-repository-webhook) * [GitHub Organization Webhooks](https://docs.github.com/en/webhooks/using-webhooks/creating-webhooks#creating-an-organization-webhook) * [GitLab Group Webhooks](https://docs.gitlab.com/ee/user/project/integrations/webhooks.html#group-webhooks) - * [Bitbucket Webhooks](https://confluence.atlassian.com/bitbucketserver/manage-webhooks-938025878.html) -======= - -* **Create the Webhook with the SCM Provider** -❕ You Must be an Owner or Have Admin Access to Create Webhooks - * [GitHub Organization Webhooks](https://docs.github.com/en/webhooks/using-webhooks/creating-webhooks#creating-an-organization-webhook) - * [GitLab Group Webhooks](https://docs.gitlab.com/ee/user/project/integrations/webhooks.html#group-webhooks) - * [Bitbucket Webhooks](https://confluence.atlassian.com/bitbucketserver/manage-webhooks-938025878.html) - - - - -# Troubleshooting - -#### Get Kubeconfig for the MGMT Cluster -```sh -plural wkspace kube-init -``` - -Use `kubectl` with the newly added kube context -The key namespaces to check are: -* plrl-console -* plrl-deploy-operator -* plrl-runtime - -#### Check the Status of the SCM Connection -```sh -kubectl describe ScmConnection github -``` -Take note of the status conditions. -The Messages will provide failure or success messages. ->>>>>>> 0a3170e (workload-cluster) + * [Bitbucket Webhooks](https://confluence.atlassian.com/bitbucketserver/manage-webhooks-938025878.html) \ No newline at end of file From ab8b4932f8ed9d188d2bda6cad90161fd3c5815d Mon Sep 17 00:00:00 2001 From: seemywings Date: Tue, 27 Aug 2024 12:29:49 -0400 Subject: [PATCH 14/21] addressing comments --- pages/how-to/set-up/pipelines.md | 17 --------- pages/how-to/set-up/scm-connection.md | 2 +- pages/how-to/upgrade/index.md | 4 --- pages/how-to/upgrade/mgmt-cluster.md | 44 ------------------------ pages/how-to/upgrade/plural-cli.md | 28 --------------- pages/how-to/upgrade/workload-cluster.md | 44 ------------------------ 6 files changed, 1 insertion(+), 138 deletions(-) delete mode 100644 pages/how-to/upgrade/index.md delete mode 100644 pages/how-to/upgrade/mgmt-cluster.md delete mode 100644 pages/how-to/upgrade/plural-cli.md delete mode 100644 pages/how-to/upgrade/workload-cluster.md diff --git a/pages/how-to/set-up/pipelines.md b/pages/how-to/set-up/pipelines.md index 7f7f10e0..df9053d3 100644 --- a/pages/how-to/set-up/pipelines.md +++ b/pages/how-to/set-up/pipelines.md @@ -4,23 +4,6 @@ description: Using Plural Deploy Pipelines --- # Prerequisites -[Plural CLI](/how-to/set-up/plural-cli) - -#### Ensure Cloud Provider CLI Authentication -**Plural** uses the _default_ profile when deploying resources - -AWS -```sh -aws sts get-caller-identity -``` -AZ -```sh -az account show -``` -GCP -```sh -gcloud auth list -``` #### Ensure your _[app.plural.sh](https://app.plural.sh/profile/me)_ User has `admin` permissions diff --git a/pages/how-to/set-up/scm-connection.md b/pages/how-to/set-up/scm-connection.md index eda07df4..c3b5fb40 100644 --- a/pages/how-to/set-up/scm-connection.md +++ b/pages/how-to/set-up/scm-connection.md @@ -101,4 +101,4 @@ Here's some docs to help you work through the webhook creation process for a lot * [Github Repository Webhooks](https://docs.github.com/en/webhooks/using-webhooks/creating-webhooks#creating-a-repository-webhook) * [GitHub Organization Webhooks](https://docs.github.com/en/webhooks/using-webhooks/creating-webhooks#creating-an-organization-webhook) * [GitLab Group Webhooks](https://docs.gitlab.com/ee/user/project/integrations/webhooks.html#group-webhooks) - * [Bitbucket Webhooks](https://confluence.atlassian.com/bitbucketserver/manage-webhooks-938025878.html) \ No newline at end of file + * [Bitbucket Webhooks](https://confluence.atlassian.com/bitbucketserver/manage-webhooks-938025878.html) diff --git a/pages/how-to/upgrade/index.md b/pages/how-to/upgrade/index.md deleted file mode 100644 index 3be62ad9..00000000 --- a/pages/how-to/upgrade/index.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -title: Upgrading Plural Components -description: Using Plural CLI to Upgrade Resources ---- diff --git a/pages/how-to/upgrade/mgmt-cluster.md b/pages/how-to/upgrade/mgmt-cluster.md deleted file mode 100644 index 0d69fdcb..00000000 --- a/pages/how-to/upgrade/mgmt-cluster.md +++ /dev/null @@ -1,44 +0,0 @@ ---- -title: Upgrading a MGMT Cluster -description: Using Plural CLI to Upgrade a Management Kubernetes Cluster ---- - -# Prerequisites -[Plural CLI](/how-to/set-up/plural-cli) - -#### Ensure Cloud Provider CLI Authentication -**Plural** uses the _default_ profile when deploying resources - -AWS -```sh -aws sts get-caller-identity -``` -AZ -```sh -az account show -``` -GCP -```sh -gcloud auth list -``` - -#### Ensure your _[app.plural.sh](https://app.plural.sh/profile/me)_ User has `admin` permissions - -```sh -plural login -``` - -# Set Up -Create first workload cluster with Stacks (should use the cluster-creator PR automation from plural up) - -# Troubleshooting -#### Get Kubeconfig for the MGMT Cluster -```sh -plural wkspace kube-init -``` - -Use `kubectl` with the newly added kube context -The key namespaces to check are: -* plrl-console -* plrl-deploy-operator -* plrl-runtime diff --git a/pages/how-to/upgrade/plural-cli.md b/pages/how-to/upgrade/plural-cli.md deleted file mode 100644 index c0cda7b1..00000000 --- a/pages/how-to/upgrade/plural-cli.md +++ /dev/null @@ -1,28 +0,0 @@ ---- -title: Upgrading the Plural CLI -description: Guides for Upgrading the Plural CLI ---- - -### Install Prerequisites - -[Mac Homebrew](https://brew.sh/) -```sh -/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" -brew update -``` - [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-welcome.html), [Helm CLI](https://helm.sh/), [Terraform](https://developer.hashicorp.com/terraform/intro), [kubectl](https://kubernetes.io/docs/reference/kubectl/) -```sh -brew install awscli helm terraform kubectl -``` - -### Install [Plural CLI](https://github.com/pluralsh/plural-cli/?tab=readme-ov-file#installation) -```sh -brew upgrade pluralsh/plural/plural -``` - -### Validate Install -```sh -plural login -``` - - diff --git a/pages/how-to/upgrade/workload-cluster.md b/pages/how-to/upgrade/workload-cluster.md deleted file mode 100644 index ce59725c..00000000 --- a/pages/how-to/upgrade/workload-cluster.md +++ /dev/null @@ -1,44 +0,0 @@ ---- -title: Upgrading a Workload Cluster -description: Using Plural CLI to Upgrade a Workload Kubernetes Cluster ---- - -# Prerequisites -[Plural CLI](/how-to/set-up/plural-cli) - -#### Ensure Cloud Provider CLI Authentication -**Plural** uses the _default_ profile when deploying resources - -AWS -```sh -aws sts get-caller-identity -``` -AZ -```sh -az account show -``` -GCP -```sh -gcloud auth list -``` - -#### Ensure your _[app.plural.sh](https://app.plural.sh/profile/me)_ User has `admin` permissions - -```sh -plural login -``` - -# Set Up -Create first workload cluster with Stacks (should use the cluster-creator PR automation from plural up) - -# Troubleshooting -#### Get Kubeconfig for the MGMT Cluster -```sh -plural wkspace kube-init -``` - -Use `kubectl` with the newly added kube context -The key namespaces to check are: -* plrl-console -* plrl-deploy-operator -* plrl-runtime From 508872e3658ecd7bbbc075c728f6fa124bbda3cd Mon Sep 17 00:00:00 2001 From: seemywings Date: Tue, 27 Aug 2024 12:32:44 -0400 Subject: [PATCH 15/21] addressing comments --- pages/how-to/set-up/scm-connection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pages/how-to/set-up/scm-connection.md b/pages/how-to/set-up/scm-connection.md index c3b5fb40..c1b33fd2 100644 --- a/pages/how-to/set-up/scm-connection.md +++ b/pages/how-to/set-up/scm-connection.md @@ -35,7 +35,7 @@ Creating an SCM Connection is easiest just using our UI. You can then reference * **Provider Type**: The SCM Provider Hosting Git Repositories * **Name**: Reference Name for the Provider * ℹ️ **NOTE**: The _cluster-creator_ PR Automation looks for `github` by default, but is arbitrary and can be changed - * **Token**: The Deploy Token to use. + * **Token**: The Personal Access Token to use. * **Click `Create`** ![Create SCM Connection Modal](/images/how-to/console_create-scm-modal.png) From be46fc128638194b5521d978f36fd417f6c3a433 Mon Sep 17 00:00:00 2001 From: seemywings Date: Tue, 27 Aug 2024 18:23:56 -0400 Subject: [PATCH 16/21] adding microservice --- pages/how-to/set-up/micro-service.md | 23 +++++++++++++++++++++ public/images/how-to/import-git-btn.png | Bin 0 -> 7878 bytes public/images/how-to/import-git-modal.png | Bin 0 -> 88984 bytes public/images/how-to/import-git-status.png | Bin 0 -> 50404 bytes 4 files changed, 23 insertions(+) create mode 100644 pages/how-to/set-up/micro-service.md create mode 100644 public/images/how-to/import-git-btn.png create mode 100644 public/images/how-to/import-git-modal.png create mode 100644 public/images/how-to/import-git-status.png diff --git a/pages/how-to/set-up/micro-service.md b/pages/how-to/set-up/micro-service.md new file mode 100644 index 00000000..ed63d0e6 --- /dev/null +++ b/pages/how-to/set-up/micro-service.md @@ -0,0 +1,23 @@ +--- +title: Setting Up a Micro Service +description: Deploying a Micro Service with Plural +--- + + +# Set Up +For this example we will deploy the [Plural CD Demo](https://github.com/pluralsh/plrl-cd-demo) App + +#### Add the Application Repository +* In your _Infra_ repo, add the `GitRepository` CRD + * `/app/repositories/cd-demo.yaml` +```yaml +apiVersion: deployments.plural.sh/v1alpha1 +kind: GitRepository +metadata: + name: cd-demo +spec: + url: https://github.com/pluralsh/plrl-cd-demo.git +``` +* The Plural repositories Service Deployment watches for changes in `/app/repositories` and will sync it to the management cluster + * The status `Pullable` means the Repository is ready to be used. +![import-git-status](/images/how-to/import-git-status.png) \ No newline at end of file diff --git a/public/images/how-to/import-git-btn.png b/public/images/how-to/import-git-btn.png new file mode 100644 index 0000000000000000000000000000000000000000..2c0ba810a2fcc2dac2c308b3d09668055fefeb6e GIT binary patch literal 7878 zcmch5byOVN^XJSkXdn#1f)9}350-L=>e&M4*a}cBU5ACIEnBSe!bthDsk^y7t#EFmoXIThJ01NDKTHG$MS2!YTX$ z8v7DE;1h|is{Mf>kf@O^TOYA2YDN?6^`3!-X3wyrtXT@Edlh#ybTyRr^ysuHX!a|u z;p#bnkeZu9iL?k6)>;80CL@$2i%Axzc0r(k0_kADo>ghl!I>FJz<~bU)#)J;%=kb} zB56wS?#XI&?c}u%;EP5moBIn}fi7fVJADI%0}voeV8@aRd(~M1B4I&?tOc{C=C;SN zre?K!ZE%L2FobFY6qVNPyEFj>bt36{KZgPccYPqd&pbfn07B=`hto6a6R3R14BlKQ zG=7JT)pw-tHpR5(3sp!AM-Z-4G=3b^Uo^Hi>GDI~`iF#jzMV`=D~-wT-3BM$xjUN| z`_pj9J1rqsXl&U=(5a8tfqv9=Aun@{Wjep&Toz!d{|Mkl@PzQ5y%oZO5D5`e42DOk zo)RPlKsdYXgELhS5%)zyFUa+NCV;7FY&gTIyXk$hE|LuKRQfWuLN|O(T1h3HViKhv zrf0otmC00?`{iZ*6G4?GSx|05LzmFBR}H9G(kY{2vnAU?M3wA%cx|t{PP`4wGlj|M z2XR8W=nrJhUI(6abDBMy8I^8sgYvS-Mw68U4@CE3ZUxkw1rL4`B55_2{k@{&exIq| zy-;b}`i54h@JvV*^0NG8xQeJprL@;VY6d>t`VhHm3=S1d?^++Cy%62`iL8>4bvA{3 zGffCKX>lm>dn5|rGcb_n%a3Frl|M1me9vY(*zHp~q#bDZ1@XFFsSiC$GWrT-l>><5 zFG#+I&^J;K^I#^!5q{i*6xZ_v$a>gid5bc+qd5qK0z8iO=*V6ZpT?u7!^Dpp1c&zp&*L2U7a(ufY)3G$ zuR_un$p@5s7zfZEs1MqPRzmW#swsJ6luq9`0%k9_qIWNM4@Ky{>pUfriIotD+?Zlq z-0x>xh+KM9L|)In&<-VO|7DP0@oYw^1UOQOtwA~Ui6mwFsYtAcg%v7FV-)VTo0%lO@U zdvdAwP5#?8zFV6QK)<6fe}8|<<%VNy!2Vg#{L``9uXvy!Nf97ba4_!EGhAY(Cdi7m zFv1}_fCAjbci?egaX_ey za{oFbWO)X0i_Rma~|sT&nWs>BpAD$QrPDj(F&5z)n2%3);Y zDLpHYDVUrXpFp0#++}y6cB$o2@Tv6-_H4Puy+|N5#-PW@>j6hnL^?(y5GHVVa`Yun zB{RrHZ88j@4Rt1Saop9IYcXlDXx(Uq*SK2fj_giRS!i1!Tb)&JS=mhrls+VW9Az+P zAWY!=TpQ{7aVl42qH@$=@Ar1>&i<&y_|Ev`l*_o>R9caCmX~au3g&p#l+oVC4&&r} zxtqw*_?vZuL4$jP@Q;(vn^^Z-9_=3hKCQlmzG;sx4+==mf%<_ufg4B|NLLsRB3_+u zJ83@>VGO^#d_GNZ$d=06?0o&W>K36$>6PQ2vm>q@sTFw}DHkCUDb}+Wp+Iz%yqyG2 z{GC|B%56JlB+YighMQQ%%5QL+S|(#QcD8M`!+0*hMp^ZSt#B5vinD5XlXFvQvwPEJ z^NNuM4?SEqTn%ps&nG@FUMZf9!HVHXBf9kEyV-YECBHOV>S`^f^{ zzZX_En90;!)TLQ#n|KXHnfF!<)XeKo+kT#Fnm3zQpLy>JBjFGoM?#_s z2pz_ihN5>gwl&tTN2G>n#|mc(J9aiC2cj(~6F&2Cou*VZIi;U*ZZ$E@F|9InGs!WP z>mKMfl;M_5iz`V4M4 z=OW;V(C9Jj@n8;6&z!a{&(R}m;ctG{eC74DvA!L%S2d9DRXt?>xNVa|c9(qT=v{a1 zdOP|s_P}}Pa+`AFbYFZ=hNuBP2Gt_-8O^acB{n57Bcvg8`-gy*tC}_0G^qnCGDkAU zGHdk@R=%xVbYKb(ihLKg6uuQ+6v+=sN2d%D3u44<>f)}-{%adbJoi_MJ1rA;#uk4oa+R4y_og4VD^#>S`C z@|S+FKAxF0YU*kDOi$ou)I4-uxXvv5CiM%~>WpY)SZWyZ80rq~PSaSMz2RH6)JJqz zaT9T}gl^qVpN?lMrE3?*J~#B&!>m4R>c*~SH>Rb7yM33#Ov8t`72rL@a>pNzoEy!< zk$sENyk8Q&swb3x%}D>CQNTEeTPw?&#O|UT@>58aVmEc4-{a!9fJ2ab6F52|fgNwV zo$TgaVd**kPN#6&k54}^RlepECl+z2y{&OceyA23Psa_$dEg|;_?5QA*J<6eK!9n+ zYG#`hJlLN&$v1C!c|WV`B)qksDwCALdv#^FwT9bmx0O3+m2AiN;n#g{ThODjO12&a zQ$s_$Sw~**wQ$FeTCp6wQtk87Sar|J!G@CN{Q<+nweYsa`^L*@|JO+}bMc-Gi}exp zvi18tj!zrB>gJ_1S|{!%6aBYp=W4mdOJ(Wxx55qDH+dYf9Ag}5R+Q76WmP(L){6-j zvwP+0;CB;hglbGh-fjMMtNlHGku@n1TyZwH)tVJIQ}H8=7iv>#8`@#o&*}sg>`$n>WFNa=O0}{>?O8-U8gZlrcX{bMYuAS3R!*Q;BV?ZuwBNk&aa%Rbd^cd)1B3; zP;b1tX+8Jhx|G{=ryvdzd=5iHRk!vSIg(Uh^vU1k)=`Z>T&0goPb(HR*VjeHf9vRQU!?|FVDF* z8?d*0hRIr1d{&Redb&T#kS6SEFKS~x96sJl0enGnEGw5@_7WTU@q3lMXP+=e=Nuc=9^*~?_du;sCd;hEqKN~;8OXhLn zw(2zZU?A`V;{D_tS6=yE-1TJpUbh|k(!TrNWo?6C?Ndk7y<5g|g72H_iZjaf^#%pn zjC7y$)8KQH1NEkIxn+vhMWUZ%FCh+H#5d&tB>Lne)b>3RfT9X8v*V1wq-5=$nmKfB zkWOMn(4d<@NskXu5d3uH&~kjVNd@q#>sZI1n0|>2W5D$jW%i3ApT6Jj<`oZw)?a;cq6hPSO?47Me?Qml zXvWOK&CSjHhLxF>l@ad2=;UGRY~apl>qPmVApa|lsEL!2qlLY*g`F+*Ph0~-I~Qku z3W`68{u%#yP7`;F|7Nmv`g>aN2{Qk&FtaedVg4sJ9Lo1c%cE%FZepz|YGDJf89avo zHz(g;?*E73zX|^Z)c7xum6iS9$bVV>cchw=iKB>}4LqZ>z<*ckZ}7j3e*^iL|4jT} zh4@dE|I)(CEP%$x{LhjJpjGpl2*Ov9*g{l670%&%?62_#ex-ra9}XuJT$(*J_>Mqc zl@b+FbqDUJd06AP;Pfu<&pIYl>CDB?XHr0eL?~Ih0wHox_aGR~?*bj6LwbKjAUBv0 z#uP2Wt`ycIh;z&=w(*6iAskJZRuQV0*)+d+a^=din6zVEcRl~T+IyMIYw&*Q-c;c1 z?s4g^Wwu({GKM`)9|{1Wl4rvFP*O(@06;2; zKqC?m1!4pMzmNogWTD>97$6qJnSv8ok#;%PYjrE3Pisgl5CD(}R79BR<>s{Q`6%B% zuxL2`!&gNW=-DDin==`rTI#9orC^N+gjBq?zxpM`<7P^Dy6}p2W_X|bFj9T#nc8m&du&ujCgRkN<~ZvtC&V8^q9Ud=k1#KbQw$X!uq7TYpsstt7AZOoUY-UkCAG-Un{UXAgy5D)`4rfYy7 zF%U&DimX`(_6Y!{3C8>dg-QTGvFpfokS`Pfp!8}W8_G{CKfuOy2NC!i3d~RWdIcTi z2!_JAeUFiVv>-?(j=I)|!qToyLzh@Mq7Pe>AX z9#Lym{8Y#vR{iDmz7Vl~XZ+O(azG7{>#<^JJOj2H!lmMi0ws|w-}0scGfe7Al!J)i zdV`p2qZ;G^JeB+?c|tCp(~NrGS=?_NdkC%}-rIFTewYu8o)y$@?aC6Acg=ksJ@`at z={JyF&onsESg^+ALITsJa!X^f;&U?8(d^F~-_hhbs!Y9P#9HXp)%pii`WQi)F+FIL zMJ9M#S)JrsjSC7LG#wS`lJA=Y_P$kdXBF(2HJ9g79CCm)uvF%Vw~h&S{ESBKZCMnX+AziIrdN5d+EW`9tN>x(8$B?QPp#aWz0i z8OL(&6>F8FbT{qua-wlkH$|;v;r#9&Piwhj^dI!Lo#GrJ z%Sv^d6jHhHxn~lkLh?ysQ@@QwWqc}-#1YZ}C{&OC5_GChv7DN?|Mh^IUEYd?5rm5a zd3aC|WnYbC(Mvzt`F8bDbjtEdw8rsLCxg*WV4|40X}gpQTwq8~qqy@>DS)QgSaaIS za5!A!9VsEE8}2KA;#)oj+P?^hSt21O0Em3VS2nBkBfG9GHvYmg;_YzuuIzb`3PJwM zkj{^dg-+CFeT0GY6`4~X@SySoCGp8cBR@Qrz7Fkig12WXA&~?ddFbQ?3lEjXa%e9JMB+`-}MBB2y5QWR8<4+23C_y`l=DW%JIqU(GV(c`J>k z-pTf?^KoH%PECo9vYX`W#<%+Vacs0OhVS){%`m$YQgkdQ`S>>D z(~)^i54(r&p}sR^ayYmyjGoIUz8}7U-)b)m7Gm>L8SKEgzYivEoEtKqxOeur zuP9_}-1agSW5vFL!Vy2Ex`U1E+V(KWu&H z4-b$zc~^yYY^Fr(?F4((Xn*$!M_-zxR54q1DJNHs!uChVa>_9&e zi2ck%f7y`#V}&@3$%#5_V(&Ow|1H1OIL`}=>u(-DKeAUte-7gig`Zc6edG=}5QKco zo!#uubb;Y4D236x5PL+0uWwr@S>}X7xk*y^7V)D>#Pt_ko%8VgFAlr~?kmD}T_yrrn?;Nk_U^*aNj8wrdDmO4Kcfqv@z6yj>ojwgR1U1%H_I$lQ??4 z{z>A7Ka1tJlxu=`Tfsw`?BTW%WojSo40WA6$%_!k(kU)bMauX08!neEGIE^x>G@AT za=jjS+lUZ|Z7%C}A9VlV`weWa zu0}*ZWzoDeK2(Mws9-sz8m`wIPr#Es5__qM41Qv_+`s;zTo`k4gDX+%fIVoq`QCjy zIA=Z^g~g;X!+q_ImJ60HzOje&CkEm)Dp^jlUb=QQ!^mO@w)M)AjCBt4yGw^rzeg?A z4S`MOb8P&MlAhp%^K(g4{lyRG=AmzWIFsYt)bLh5!2A8v)A@W#K2qG#9%1??$@Rv?qZjKd4f@~!rREpJB ztZ4fFTw+Vv-|_SI3?Ys~HZ4g9JL&0V>1m5g;w!};^70#Z)h5gLim!@1F(qmUYkqu_ ziA*^h*;q&{uQD_J(url`HC#?km%1CiCz&$Ev^%?qJwU|UA#ryZVz_*hEy9cM;-khG z!__5Y_Nxc8LB@>BWp_JjaxY;ocOYSsb+U-td@bmF=3z(>X(v4CamMXH?5UO1a%lp0 zpx>ug2A^5nMy+f=(;~Pi&4xFCeO<+f*JtTiv6y)BS5x+~8OOs^EjHff-Fch*ba`)b zoSy8>+qCah*@_?T_(fx=dfDRMO)PHDEXkF-C?!>r)aEM$I`U7{NAo;?cyQSZWcQNi zL*PGZI0IFi+Q8n&l@Q7V7(8QhJutVl9CDyXwO95397Pa7^Dm##g zPEI3FY`TSU@s(LhRJ*(^MjS((;3cCl1PV59L|$m27LCa#7-qk;-`|Oyu=ATy&2(W6!p_5S3! zgK}2J+pe#XuA1ZVeV-#^XC*Jc%U=|i9L*^6Hw&SKLXlDtG zcR7AH$&~_Oc(t@%zxbTI5u)1^uT|{r7ya6oHTVNha5;Cg3Cl~5mI(%G<}{|~#*|sr zq2PugKL^pog)e2`&pFDkS*Wn`Lb^eYkHU#ex@Z!@*1Adqt?|qItgJtgfkbeD6DE!gg;D~5{Xd~( zU~4DAqZ(WxS+W1+=CMV1H2% zLu)7U$Czm^){{IY2|8FVaY&Bl>_LIBDGBi)jp8vXhzI1o;&`x2&hx&S$zrCkG+EVe z?ngZm{9qXmFAt-F27-SqyqL7B!Uq2rs(a+NCn&ezaDXDbYXhXj@427c`S5;uzdep)X7wXSwv=k{J*RSqAQ92X4@4PQZCS_2IYvlk8R z)~7pIz%Tav@zH2#cg4X{QtAp)QZ(vLP)o2a2n|jCeVjJ7j%E)@ntt>r32SuBoVN>@ z=*;LjZ--wX@9@8PKok3jDDVTN;VTD(89GHHOP0y)ZxK_vnBK;0OiWv5?WN5M=!Pe8 z$bplA)axtfRdK7q)P@rRG;&5k+Lu&?I1;Vp5|63L<*8$mWEovCXlc+{B+$ElC`$KF zP06G6nVg^O?_fz-AYRKQ!o|<8AtOKc=nc?5>Ad6dcwjH~4IBLnYXhw#I+`>Ylq*-_ zX-D}jO0K*2eg<==LG;gb%VdndR&S>`nGkkg?D)eNJ6U}* zj}pyDG<(w5-mUn7TB+onV?HZhPEPyOYEWx(_Npoee7;oy%A^q_H*=+I>x>uFto;u|zp)~e4(NjpI{B^erbZN-+h~Njl%uGNgZrYo z3D*K^4ubo0Bq>`hlz%N5cwA(dbk0@Sw?1Q*EI5#Sb?;HxqcBZr&k9BFxs-HLmgRvb zZZQuTn7V)V+;)&;IowlzDQTNUtJ=&IN<>xk4%--u799^0UFg%-By@&=$28VkcI(0J zAJXo9K{xw!`}E7pp1Tq9Q73nP@S#5p5P$L$qi48Y!jqHw;ft%Sdqwp^fy$oHOdn|u z4_rsFcW9owMl96ykN4y6rb)=|5+Wb#G(1}n(E(jvr%_w9@hE?nW+B_ikZbJ9py&Gh zNct{a$UTIE)EwbSJKYaHG%f9v0B`)k+te>Bew0&L@a-6rH>G{HOgeA<;=_+WeC~jV|^++)GA8+rUz2US>6&aLmj7 zXHIC-$7@lW$D2D+ER_b=pQ&Yv$)wIK@sBRH(~qQ%J>xnpciD^|Ba! zxPnNB4*r2M=11nlk#uV#R!e8!a!;^Op#Ld_Pi3XDVhSY1JEe^Yg?p+ALRx=GdYZ&Q zVgVu@PTURql2;XMkayoj+e%vi&0>+Xb8AZ_<)SHIy~b~C^%DIJ@_j%+0NrB4E)m-H z!Q0vEUH8FwbaBc;v=s6FxDR;5k2#v|E$P3&*x|)6xyAN|JtdNL7fp-?4Kv8$9>xPn zmd|L}Lm^uRcVTbHOgNa(K_+B6`0yYV6V@r5<2RQX=#OvbebIHmsSes&;xG_3T)MrE zf&5~HDJg%4IP(eCJ7%-s=QO2vF!rPZqvW4bDaedQu}Qy^k0Sdnl5Y_sB3HQm*-kRl;7Y31M!`J0w1Gq=-@ZP74w9Jedp>+{!#54@k%4{0( zI(+Db(-Ps9#X0PE*QD?>m1T&a+1-!9ohD!%28J$6(_9@vt>6hWm0dyOPN52;Z93I& z;OCU?Z&{z;Rr}g-YT-lD`p7sE`E6^D}6EY2y;kfr-|X}*Z&nKJyTepE{jmj#t4 zxhJzHMZ(HjX_`xXJ6v=vphJ z=3DC(?A3xIK1v|Bz-PsWbzz3nhC790kSFkY@%1FZlh{-uR@nw{2Rf1j_|9vr^*Hpn z^v?9cYTUqv!<%phus#GEa!|bnfli2(Tz(E2VY6l z9s!SSj7`8@$5h~{h5DJ^%5|EAV^whTt(6V-iP?UpNt zOElkBzXHG1E7wakESDgYAcLS4EPSjJd`Btoj^`cBAr$ySkB$i@$#!^BgqvMXuYS0H zRHyUK_Q>9l)eqMTM}@0=lnR&W+WM$Qagwy2i23=~=VER_`%!a6o+BRO&!ya=rl^!s zC9Bbcb;t($p%@Qc)ia)gX_6}bs-ac>RfW~gRoB%Mb|#X$Vaj2zNd`!K<6-eH<9XO1 zY)GA`l1Ez8T9D#F-IluA3e^fDlX;VQyKHDjEpuf-MT3=6%~4&dtv<+mAi}!4ysu`~ zWYRuzrfJq{R(s0WO@dP7F(v`UV!*`ODAPt$_0N+5-oHbXBEH} zXq}a<)8FAeVLG|JGq7VUDkA!gs)kB5Ek11{EiO%fOz5Ldmsyu5XP|b*q-|NY5p|1b zGhXwF_w~y1ddyZ;U!HgMfc4e7T{iW3(z%mQ-KiUDM3L38AdwUiB+h+5R;}=lHFDs{TWL-X6yu&(9(H;Rg&1+ln3uk3QG)?%7A%Me`O2 z>e6`{IJxeh$7aM5GpCx%MkETZY809l($sK;$Hu4BikA4>?oLgZH+3~cvXZ%*HxHZ^ zEORP9OZg=5V@f*wead_6QJf9tji%8y2eap|Q?Bm1$%1656FLn$eB1GsN`4;g`kt|# z4srYPXj`~homrOjZ}uDyaSZJcmt$_-E_3?o#J|!!6y7r*CHyHNT05aEIz7!_C!f8a zxK^1vk=Iot^t8A~G$et5}GnLe1hAktymHAhBh#cgGu7~J3cc|v5??D%5Z(D}vM zc8XGBvhc}?+1gLyPUu>0KO_k%;y-xN-S+lMLo>^WmZPEJi&Z-;`1D2l*IJouk`n#H zl2~o8ivEV;=IuVSou6TCjTeo_lL7RJN;C0ZZ1eRW>y_)byPU39gte_pnDq8MK;ylr z*N3ljixx`L>QOHm^v_^?v3#R^sSvtJ{?aOgI@|e#qv@?OZA`84*W|A`3VqrF>VEWg zy$P>L{wNSNzh2RQua8$JHXq-Nn1g;?EUcrj=bXKA4Rw%P8$3;A zpGcdSX!_{JULpy};S+7@M%XVBRp(W}E8LV)jSQ!a%C#F$&RP$B1&-ymp<-X2t9uV` znyfsT$sF~{@ze7)mU5G_GPg1B{;}IJpdzLc8u6TR+Hri_x|3_(Tq#mBVn|%fA!}Xw zT4AJTK~p!6N&F@Tb5-xW*#}b{8KEVS52)sS`+YBdzW>#e zP zbwckhY&X+ApG<8k%jP?UEQ1Q1&swbzJrE|PL6gPI6?<&kmg-)Cd?W?=mL_}0ytXp)*z z3JSodrnwUcWbbSZby4M3dkXx3;~=l=jD|)+fAd0D(0IBF^gjuHrQ@QbqAX+%wc{|g zfSQ3gJnS59`au)%5CRVEKrW^<9(K0&&O#odwEs9m2spm^nUj|0AE&rLL}_(Y)M=!k zP9Pe7j%OUtXvJ`8XlO*7EG&gIq-FngIq*%C*4o9zL5P#n-QAtToreSJWW~uPC@9GJ zjGL32n;kfV-PzOL#ngk{-kI*7o&38WX^^wI6WGB847I1Z>DSZ@>gpm&OM7#p|NHyr zI6)rZ|J=#m`CrolCdhfy!pX()jPw8c1}+u3`Bg|A>;baXl?K}ZYX;myjGvERr&={L7U(|GAQjoBO{m{Y%sDm%ereIY~k7fP1=#{YPH^y6;~b|8=1V=grjrvK0SZ z=YRYPEVLM|20TMj^!oUd`aKCW zbj;u1zW=(Vd#9KCjPlC{-5a!9cWD0mO$R-Y+aB|8SKajV5lxb;4*hRe+;kvIqtw}J zH6lk=ck2)B5-?JEUG;drFpIuul}d{qv#UOvtG+`&wBPRikFPlx0a7rQsZ1&C0sqin zUotUhu{DhZ*pxQ7iK7i!A+@&A!rD|lQ9M>c&+Q1%|2{tnw1Ax3$B22>rjzaHAZ%r8 z5_1K9roJfFgkJ+OL-TV1m**>QrrXq4j?(&}0nCZ;_}d||`e+~Z;I|FjHb>R-Tqp1Vs=rfXfD*U6+YLBXm_ zW~6g9&T{Lx%F=&aY&zUuJ;_5<$8Gxj!Bk?Bx=eUPf11Ywl{Xn|Bc)7hL4Q{pntKUo zlDY=A#c%)6_R0DdCg{DJj3D(N^eUhp^G@$iGjsYswMi4vFez2D_MZJoQ@+tlsFRRV zus->34gSZePm_S*WEs93#QuYZ&~Ts!R@P7H;QXm=1Q^Z(#0Mv_Kdr7K&b`>q&Mw72 zwY_JMP>;9Pjy;h4!y>;^0@jX$U+cvm+T?kG;Yc@Sr4asUvl#$u=U7qk;7@H?z;Nhi zh*y06w1<8^pkWFN3y=F#+y6v)>wlvBpH}{V(n__E2TZz^Z(~`tRX>oh(+1-b$A(h~ z^lVN*w*9ZK&Y^{aD}i`63Q@GdzO$#lVstCrkz$LyvVT*%rE)aML`RPw!D~6P;Z{*`_imZqx{doQA=$q1B}Y?n#H(VRC${&65$XQ?y+viJQIp30N^Zyn zO4kN!p07Jwtfkg8`n9(2YjMYZH`L$90ei8!A9@>iWCu5}(wbX2Qf3LYm8{eq;r@BX zJlITkj-v`Z#y}>pL!Zcx2>(1ea=T*(5?J~0e&w_OwlNY6fc51e6=73<=SF=mRwhQl zf9zm&fX;p1H4pja>ZI+A+xz(OVzoI}G#^B3W8v}%c%d0Q*W~>p7-#?DVA;$_e7jW@ ztPZcWgN*r9y=xje+7g)3v){qQ`h9WaX@IcHnXBVgu=V8U47Ma?RB|c$kQ{Z(nsB+c zQ6lY-2+vmmgwDsqjWH#10sBXdMU=vB-=S^nF~qD|iWO#^IX-7j8ilWVhC%5*`(V$5 zfsM?AK%$PFtynA&w3$n$H(qpN{_tm~QjY7E+s<>0-wpWFXh1j(NoNOZ3ER_Evs*Kz zh7{n5!dxV|+UMO$<+O{W)LM6>(R71z9#o8OLzAWj6Lhp?`~(B*Fic|9VLM6=)r)N7 zjQs3AB11YuZr%Q6d#OFhshcwOS6(`abTLuNaG5c6fnH4|)TznMy%%0G>oXQj{)9Bf?P zkVy`t#iB!d;BC<6xPnIW>HF4=DobCE`NpF|6=6L(Opu&XJc9PW-DHj&;B~&de!_(J z#$svY@Lp_<{k-B%Q(2Xo<0a|{Mz-pjRnrm8x|VLNBpdG4RW}uYft~X*+j9S8@%j`- z9ezKsGCQ-E|F``&S_JsrrQXNk8Oj*Ry>V&@nrfmlwYF#4)#;3gNERKZmENO8C(u)? z!4#On0uqKSTm%6TWV?(x)lf8j*sCJ95QG(rajQ=)XK`nkKQV%ol}|=EuS_GiGM2-) z@*%t4w-B*pemnlPniugLhVe-%a)#Q;-SM2paB^Y}108tjrIOgy=~#XrH8Mjv+_L|( zC5nP|MYwA%je>Q#yX{wU{P;UKOOg5y-bGsT?g-LLq%|op6ZZb&-)9nYGZUL{6tTB4 zf)jbfW4o!gI1#gTakX}{pO;ueoARVW3EuO!Y)wMn%q~u^Bp5Rgig}c!xQr_7I0=<| zpV*U$oRSgMH!mmed^B)3F5{uv~|b-Xmer} z|HJZ12ch`!fRg=F_no=Xie*ZetR@EYt9S?BJGyPdc*I9Ju+GNCHX!|7&ECEXgE*B{^t_NMr9 z#-1xOi)KIoo)Chc+|w0K;X4*X-f($5n*-`20TL7qib|VdR3B%U3VwJ_)afG)#B~an*NwwMq@ZFLH%3 zyq|LmK^NSePUcUP!pW_Yhi!7K5oOjZ!K4hIL0vNa5hSt1OzIN6KE3hm`rm{WaFERh zX?Mwa$FZCiHcUGvinMtyZA587y(tg)h0SKNWWsXQ(z{n8#kHjS@l@ZD#Db@IJ$5yt z1)yn5EUV%1>GDHqE%O^2>`YBRLbg=Y&oaDygr50dMLMmerUJ@GF#>r6S&~^g;7d<;;e648vs4>VUpa z)z`qvvbHNNj`|F(==NlHx|vs%D#>nHHK|!~`t}V9J1r;nBdc$jnNjiTh-xFLk{m@H zb+<{w)Rk$g&@-E5&$_(@ZyrQ#Di|2=)?!CY+U~a1v$=x-;<+`u69S zHjAw#8|Ov&(CKnLkf~&1Rdk4JIw zj6VLWhw~gh;+!nxn&h+JV^zy+e7rqv`)n$sosVG{vR+z*G1HyIZ#P#Bj)6A1KV@Um zFE`12RptkC=b~7(n<{U&bq@8pI6 z;MUo^ln|nNzqU=pDv2&=(&06_ydh#_T^NP;}>_37ipr@{OBt+3kuN&>Z|%wA2A{M;A`s={W?63uIK;l#nEoz zJh|~FAHl@2;B<{igRyVpSu@+SQbk$s&6Ve&6wUFy)#ek zIEhCwOm3#9*{@H+cB(s5v$d4^6!7ISsH3u7m96m&u@TbyPhXSsH+MB39lTtm)r2X> zJdsMZRYhw)BEMtZ_2@O&s`DL7xgW?a7pV5ToM)yU^X^{#bYE{NQA38gpDbZI;Cqz^V;BkOM_-|tdWN)<$2bvCiU2BVwP9(VwZ>4KF)jwW1rZI z-`)ldi3!gfjvXsb{p3;+UXYv)<7}mwC`|n!47W-nds5cS-3chu6DH@Ur@vzuOQ(14 z#onH~v4RmhH67;bErGyB`IZnl6tc_Ln2YZ@W`+i8-&{Wj1QAhkBhKyZ5Mx zvzL$EgoSRaJBBoRF&aqj!Ch@*U(>+)$AkHo5`#gBUv^Bb7diFC+Fo5SE(sCf_b?cdB?Rs9FfhP##1V3iF$|`}g z?V_K*-6dYodLh36J=~AsH7*I8Nm2|-xI_&+)`x|kbhF>0XH=pOBHY#8uFh&K#+k1B z@Qx9)R>u3~o(DfxOBB++`11fc0Hk!SJDOgJWbr2^NQ~fbxsH4duzTJ-1H4v_&_{Pw z?c_7x-S#G6Rp%OAlRf)ZU$=ry`4UT88!Ijj)J9X!5;%=jVJhAebtSQGtLY;_-1zlC z5a-(y$C@x?`t9Aw{(fJ@Nec{0IZ+phg(s=2{?_sL4XeQj7`a`gw;9UDcQY=%>0jTt zKQb<}&(Nq~JpZU#JLIkkg@{MSc!~b3K#B9(xr$x2XDhfp3R2pjNaf!g3EdwrDC=8l zzw#BrdwcXU9vFpa-9n4EVhlrg%2;(eWU@34rUI3()k@so%?9h#=UG5qgtmh@36~ z+PZ&va*!((I(Rdzo*3hJ#W)re!&V>uAw9O~iZv$aChh_}ukzv!OwC^|&BH7MIy3UP z0Ems1lX#z)k@8siFmdpk@T^H$07n{OS z5Ijdg3gB2IK+k^JG*AL*0^!oZka*?fq~Ie2BO(C1vF9cdxw<^Jqqd`0jQs>SLnQ)A zp$9s`|d1KuMr`O-EdSjXCe9y&bCyLU^xP}rP*a9mvrP8BkY9gB( z4l*{9RU9rxL9`!OomqgOK+ zHDL1W+rriPI7&F0<8qgZ)6e&v+kLnkEr(7N$I@({v52b6Dho6j6#>D&r~_g) zH{DjB2G?=Yd#~~xl499(zt$BWTFvP;dH9oBPQsPs9buCyAW5>`Nl zNd|>@S;^fEohTm(CKq5v$Ns{_X_)YuZ>CM`*-Esk78>e?nTz+ z#E|z|TO&=a{FJ_XofY=sN=Ompt`woGK+TDzHzU`_-?NU88^j`k4H#l5^$tBgg%JY6 zO^O&y5j?;+knNPL^gh|K4yzxl3A*Ai+zHFi{l#(bkxrvaB3SIS-fs2LXJRg|>Ok)K zD1M$2Aao%6U{u;%8DP86Opm$+ewHU6^%XX4M(AwF@!k_MBV8>QDQD-rxTLQbDWeX< zo~Z=kd9G*XbaVj$2G?c#z=yMDoqNB#fd{5{bs%@m~| z{Ia@sx;-dVS=^q&VjxLeCb!fecBj zz@^cEO;T4#)P(@=H+cYG<+TAzy|L+(b769)SHr%G{I@I%_$u)k@MoVDv65uf;{!NI zLO=Yr@6c{-=m9q}G*0_P7?Hu|Nf-aSI{;vRv-=pgj>E+rU99Re%EuWj$deSe`&viVi|cP9>rF97qV3z~=v`f&EavxdVFXAMeNPrBGjQsW(P%vE(a4g~+T9`XRBl{1py~=7HQTbMfa(>aP zFw6DSY3hlL$1(@jD|ya!lCsBM0rJY{@~CcqyDHn_Y+pRuFzxoe@A z&2@eF37Pm6J(;kZ&-e`JHXccAB9B#lo3E(%aeSm0>Z#f6`->(L$4WAjuQH^DCRZ;_ z@Vi3*uRx1##Cf{jjJEiuT*2+O)w$>pua~>I}Lm? z$=9BJ0Ai}R1xH9zO9!o7p5*l@Fs52C0(jV@6SBoHFwElnp7US<7!n2MDJyp>4y*)* z)Og7R8cG}B6%_7yimDp$UBKb|vb~_?{3FCl`6ek&!7P~ny ze%pHONE32WiQrXymXULKJum|I<(i2LS?o^NkzR9YwiNm3nH_MmR#lXrmaOm$C_&NqjFBrBze$D!2k zYBas`NL~XrVw+;*Fc{PS@+jc~>3;y4EH%8p)h*PH(|eeUb$L!03qVg5RGV2V9$278 ze>?u7%siqw@Mrgl*WuET1VI@H)@C1hb$(~yZSmP3KReZ`Q?nrcYGp0QAsY`x_jB=e zD=ngKk}+XXPJ{Y#+qwFe@f?>bSEuH|^Rm^~o+kyVCBm5@{GLTXT^S!t=>DZu0!W6^ zt&`t>_WO#%_<75_vB6mJ^Nfq2EuuSDDPd;lU9c!o^GTT7t)0hhRC!pLUPjbD4!?wd z=uW_2X<*E+0Y%;c-*e*HZKKY#O_n?j_w)>t}!(VI2AcKHBup#W?;^6Br z!D!8yc@(Y8wi7nNcHJVoJ3Y_6xd`$N(cF^+{zO(ol*MebBVwklxrknH4uFa_=9?0l zKEl0P5VgYD{9N|)jd64C##Zj0mzNFuy&?Bio*j8-YpDXY&A66Qp)`^<$e>&5(9+c* zh#5tZck%*2a(ZskNdJ>V5TK9k*U83 z7VU+KCnFMTV(g(K*!=j&G%p)@>ua9IZEWgh$ikrK^NU2m11TaiQ7|Ni*M4reiFq0T zUX?%ZMmO*GK3qK1kqaT9wD?*f!|nK!HH(vfcprvCFs7sq>mIuS4Lk5Bw=&ofGxOlD z<-vpbB75J=8AO^!BOnqk%i(q3$JE4`Yaqt7Q_>dxZaOf)RKPy6eyv|ESu$i zWt$UCirDiH=2S0H__+!(vb7j~-D=4%7$!$rngk;ZD6#Hh^3v zeW?mBJ5H~96VjC}8(vXko(dkc+NC;JC@N^MFAyzTa-?@h<{h0Z?)@P84_*>5e#c@n zLz(*3>R{@MSk5|z>TIq1_p&w)l_;npXqIsa=Z{^w3zEtzpxAY_uj#k@Ci ze$e)u>~1ed>*Jw23q-I&`{x$fOc3XUG$ z9)NBU;P>&yKIXHj*M|)1GM*N+OWhQEdgF=$t9;rwlcA~tvn)@%B2;m(K;&J3u`eHf z^Ho<)oX@9mIYRaRlWh0Ia#Q?TA=k#S)ZDew8uh@Hif*bJ72MQ~Nh9x;3vd#ZSD3wA zUBau8871;Z!ABbpeZHTB5H8rkc$vm_4W+~`TO1V?1G(+=0COxKOIU9#f#`FW9j8+izrU6VP3KB5dcC3jyj1PlR`4Pk@TBBe0>7nK#Dqm$Sh~6V2 z2%C_{PoTGlF#(surn|=Z0w_XHGn|^@t-G6@?qt zBSRjS`t_jqSa+!XPAf_zbDzjN$xuH_!FDMjgAwNI9h%O8yI?g#3;x&FKFOm=GKNiJ zOR8h59|6vhsZD`x4IgD`OKlXzur*T#pKqXPoB-3PPWK`QvFN&yH^taF2Ocm3h54r^t}DrV`{*^q~LF8t>c?4pG|4#J$nF!c8}~ojDMsWy7t~LePLmHQ9gOYYVZ{ zIQZt;Z`u;FXZ@@kK+bC$KEvN^z)SKB4T4h9F;ERPc`jM-*by35rTF4nvP=PsbAXSf zJWxe9fRXCUa8$r)=CPJ4Feg*Z9}~j2kk!4n*Ntp~)t~`DuH&52 zQyJusK{YQ0>cP4ecy?$}!lQXZ%R3%6SbB!yyM2mx$4s zGQC4#LBESfb^LiDsyvp>=E?M%N_f>F`TP`aAFk-$T$#VAlioSlMdpO8%sds@ z3%`%hmT^BvBR|g+3R`QQ=XP#u_^X3r=WGWOqNDhI)ePT&>fX8A7QUEE2%NuREe-n{ z#jR?vb6A1kM312wq<`MWS>Ih`A>i;~EHS6i-0{nJ0VtKXP?I~7pKpsCRhlSJJsQlb zvprFyX3fKjAX0+tJ?C>GNxG+LSY!M&&)VOLv*j=lfv1$`dpu2goH>~s&Rg%e`W_`^hyTnsKlSd)0#@jtcX+Regine%y6AVM3WpQE#C zf>TIA)?;<61JJ_~qmDzvBcPPkFb2d1<;_mC^M+On&DV)ZwkM6tLic>Ws{zEP;Y=wQ)~Nh}@Ieyt95L(pfUaE~v_5P#P#eLU zplmi_VRc*TDO7#cP!PVzhZHjHXusUxMn&RaU=t9Ogg>{P8rxA4I&2zi^~E-Bvn6*C zKN=^hJ*&1?!XU$sI~4vEYkfXGW2MUDgr5MA5eyD*)2qHTuQ`tAx3fQ;UvL36oriWw4*w05C=GFLJdYxxHgm=fZ4!oomtF}((vzw_tKnOkZ zne((_tn2VV29mE^XDr2*!ytprI^tte>aZW9(^lzrsQ9KuZMvt$WLnRvy?#Zt+K0C- z2~HNRA&Is^DD00#Glcsf;Ux2=BtQ|B^WN~A3FdZRvFnTHL?~qk%ck^`xv`#cw5Co< zBtSGQ03W3Z@7x8RjhTn*j3hBGJd;?1i0ia?QVCe6acwoij-FDVpj@wtmbUx*sxVPc%O26OSvR2x2CFk9m6MEc0fh$ zdJ9p1#d-QET}yKMhR@_}kmA22{u)vdzAsyfkA?;bPQBe#*dUbYlI}iyU)|{9h|`)zKw;Xb@OX*0wH)2 z$V$iMRsM%nL_m6E-+iwCGnI6!g?uYr4(w{wzWiZjK@D-Txb^j~3}`Swn_7K2UU$#P zc>t)#=~iDk@V*+3s6ImHEdGWv*@x?wHM9@PQTv)fVuJ0|f*$30!mzkV4PQ-ad$&{g zSRW|kfBCAoiw@H+`#vLSx<${2@Bo+|OY0)9ATb3?c=rxHYL2zn1_`Cd)%QZQ$YZU; ziEOL+QDbhExGtlq|v6N;N`ZNGuCnm)Rx3ssnQShhNJ z>8dY!<(<6MtTx|A$4GOM&Gxf-mjOi^uj8}HTjEnju;u~mf{s;sBIlHs=Nm1?UjwzR zOk1w6k=F~3vMShX9kezvf;@bOCC1kdZ5}g^t2OiJRA^E`(WvoNS0Dl?)pvFRI2f?n z71kY=1!V6{(UM5XpBg%rr&a}}n;@=cSeeikaGN|Lz=T*HZJoU3e2(iUH_F0M5vTe8PL^ zW$i(%#h~Wb(`;8=pUUTTs8hEAQ@xXxjWtXz9U8ZE@)}8>=T?g4#ADTpC_T|Bof zUB^_JiT$O}!b}X5P-tO%7K7q#@dyb63|{ES6-2M5kuQtK(U2h?o5)brnD!Gu0HIWV zIZ}7a3sUVF6!|Zb)RpDH4ak%1C?q^q*9+DxACFzWA4~7vJd?AR=1q0TXYK^w6HBp? z&}usV;n1CkynHO?^R6t$8`+!_QbPs@49_aZ&v`4I;SILW?E3s;n1^_E#~)koR{$VS z>hw;Y+xUD&`vlC*-)50NqI5`6V*YD&^$_ zzq=dkcJjB|)cXLZDy)`r?RoV1_&p~8R@^b0k=B)t%2 zt)I;Smf%j9#T;c4dPyd15#6r0qzyw4gG0xxMce!gh*yVL;mf#bYBsIc?RH#$h2v~) z-|02GSNy6V5K&a1RdO(wTcgH>&}P&z^L#dP<D~xtumM@gm)=1ukQ;qtes&R_k%t{Ad*60?J;OEyM`4PkO%Guj`PdNv5L++2m=l_TWvO28O8KjlEr}heB%_4yYw6Y6 znkG4lFAeVVg9!Z?v-l$6aWy?FZo}=hSlq%YP|}<^)T?2zslh_2RElHG(ed>d};Tknp%0wz%j1 zuZo>8QqCxN$>nA6#z!40WtWEODsfj~==Ek1wBPGGFD8cFdDUkF!m*CuTP@ClNMI>8 za2W}P9h^MbDYm}6tjGKI%s~W5s(P~rVp9MX2i2@`oKf4a4+7PS983ppw505L&=Hpp?&;)c;4$62jr^*Qew&xMeAy`vwu!a@j^49LXg<#@f7|8RTJSNt*V#TX z4C8W9`Jk_|6{JBF`x+<}FsKNPCL{sOomV^!Sx?{qGNWo=@$L-Of?Cf$nL{Rwv5lU? zh5%ZNF_riB`**HZLs#EIUItbdy*np=Xj_c%tIN8Z%0iwo>>cww4y}DMf>!2T9;&JfY0-tDj z;r3P!@ge)3qE4tE?K$DD%{8a{U)BtsRDN6%jG#ElvbHNP&*Bsvx!It{Dmo4O8?Bab zl%=ZODw)B>=+-fQ8@kJ3D@| z>h~~IOc0xnDAlPLb$h$h?<{5xs3NFFFmVjMF~pcqWO!m)`h!@DWFmi0Gis9|Q}W}n zvFpja+^x5zhTc;!QRW$4lOKS+%w=%d4bkek4bpSoYTP1l|CKsdiB7VZ54b$3MgBr) z(p?hYt?bsz0cMn&rf*+?W(a|AukZBR))LKRCosDZw7~HE!9jeh(!Lq@|5-82+Gy$Qvs6%SN+oVInhhqS;e(WBNe;+Oj=C z&^lei7j@_~8Lo98e{S!LdL{xe>8RA({95c{^w*XGpQQ8511>ex)vHL$PMPP$HHAXZ zKV%lDqMCg>VZoVzf*>vXcs6e_yqtUV;45}&*-7+*rd~BC`(^ioymboBCRgG8{kv9; zem0uAqJDYn$umb!E9rP74BO z;Cs&VuIy6OIfJ5gFn~2S>VnqR?q<U-_zh*IhJJJ7*lb zdY{7Wy7^T9K)SmINsBKOL_gK0VFS>!YT-;{=SF?N6Cf%)^};V8hBiD^K-w{LFj?ma z(08Wry|30vj_LsjK~va1cAbK~#&&AA&KDyS-isG+LL^$^3ZNIw^l}l8kA13-BjU^J ztl-7E9pld_R!aH(uLxmng-!F0ly~5Y!dd`xl7K>BN3ag77|t+8u7whQsCDy%o+o-o z%nn6IpXA$XzG-|cr>5dFGF)Kf=x?+2xp znmw<1pz2$8=OCx}k%T+VyI-9Z++I=L?FBfB_AgRPS5N&blSeG|$>Hlkz%xnh#m;NH zs@JI?v$K!%Ok;Y)CyR^IX&qA)M89e#jUqu~JKWu@Ok-R7$FpV00*X`wq?2XFP@79v zXW?Tw2Aeuf8{)AM^|u=9yjcKN*xI6Fe-sNQ8Ua}PT!f=?kDD(Y1ZNvI3%god>t#Pa zVwg$zM1rqH!DnM>(`Z|@jB2|fr{ z`H*1H)lWkP!>}bC51>bKz)mX3A&I=;%DVvFlK}ggbo-IvIrrF`zJi9lMRfczAWR%F z9Ay-HB)H~vig1g zg1(+o&C6`8*5TKre$R3u*;1+QMgc^@imTEM{uq{uouTQFI?H&h3sfZ00$`jz<@6bN zuB;5Q)SfjQoaYe*osWatE^GTQVB+f`jr58sPqSt5>n@u&eAoe)Hwt(H$iw4T+qHnL zM>zQE|FQR$Uu}2MzhDI@t_2DdD_Xo1cPTCI8ni%gEyW3;c!5H3cP}o%r4;vK2_B?C zan~U8?Q`$k`MsF=4`!{rVG$Bma?alSeC+rZ(8}Y{opTNV5J0Vx&3<`TP`Mdy`f?dRli1sRB7I*D}W&GH-XXbv5yE zsG&)AqgfvJ>U>ysAi@?sut2oQ;^UiT4n@nS-7G1Wt zw-TPpP=hp0guMhnk@0M3Wg^Af|>UwQUXuP0-*&2r3qz-y#HbS1;huBmg&2OqG<)O9tvNsMi&PrU;j8Wh`fhK4~=4>d^k_P(1K zKG0_rz;Im5hyYzoanM~U@-*VSDdQC1zYlds;1u>h)%=F@7_}N*h{9 zfc3JLEvW{pNi-*vzP^YvB}8szqe~IfdkWUmUt^bPF;8w{*!l1RP#VZMWJ$8j&j6MP#>RWN9w zw}avPHoxDxuAx!=_D=Q;^-L3l?BGzg!Hg$gu}&SnLw3ZZ?0S5wEBmd67j@=Kq!jj$ zOLgU(*I}!j{>2;UsQ}Ma5abSMo2zN^Y3wzT7E4JTN3THohCdSgp)9jj&}GNnYJUP+ zpORLa7kQ6clPo9_w(sk)wz~;DYr0CJS#SsJ!>lEO@5r;dZCjZ@^-%U(&7X_)^9vW?CBCGca!G-eVcwP z>l6y3m&iH_jQ^=iNqi(d2ld++POjtk*qLsgcHH?pVE40tV0Iq&L;Bs{r*4{Z$X6cY z;?#~RWY)rtEr{xmZ>^^<4FDEGYj~G=LN%jZ?y_w32eYc*4BY&9%q=ts7$9pVH(jVj z7M(=1J(8wCFD&|^U@)=_+tNE_F4n1iL3{YSf3j)FPrXjpbraY%W&shtZYX+-_zv2n?CBft&B9Ee|dU$Daqsf#ZTcs{}%a6jV&N2 zXTGQs2&Jj7JHN51({$V^;a88*Q{Q}9hJnoqGO{+2`ee{^IHNmtefx~oj|1>@E!{f_ z?*>CKWD9J7nw1WG@zV$60EOV|3|Kvl0Q8EvhhrrZjCz(KcFjK(0^XI5aG#5D5mJke3KC;=5N+5F-_``QR;b`MFRuCa@%&w6aT=A`Fl=b|J z{dktRLWMa>dvY@gRR2B|1FZVbHSL&G@3G%v+5Ol$Gyk|0A4Kw=cIEA-36SxPIl7}r zDNMC~ZXFms;>8N9b4Cnu)pKP8IHrmkcHtE`c=H+H_U!q^I^|R?2dP@Gcqo~>3PKcM z!d@`};P1K8+mnTIvI6@-iZM*>q~h=I?spGI0O7iWO~GY+sKke|f-_G}&KOzfhclyd znrY3sqHHgo8mKzXyvsg5m$6nI`;~){~};kxHYR&k^*}r$}go zCCf{>vSmlnw{rdr&>3jt;rtyY0p^oYG>kC&Pqxs2EsPazpu~S?(_w3658eAi4zJB?d8;yZqIF}Hm#<-Ze-lM5I^Xu?$N?Gn zuOI%ZdlsW;s?tIIChiD$_BL=Hyi-FW!t!PR@BAI!d_eJx(Yf=_^eGd9JzsZqy=A(W ze$9LJnrV6!>0wAEe7Tr*kpZM`Fc`OpWvFi@ld((zNfxDmKlaa9=CH>YfTshxqsY&5 z-u|Er?ggQSC-e1HYS~!_sz^V#(2=zBX3?>q$D}JLsNdb3=>PNo7Xa^EfTi{SCer53 z1%Aie_BVs~|2+Nwd}aYs|NkHU{~yl(_sWqfA{YXq6W9xtvR^&Jr}^&OaSsBVbI+$7 zT|B-~#z~s`8+7_--d-#?zp02{CjX&X7y-m-DF1WMT%RMDw(nft_8xDHq-xpCh#<3e z0ZrNT%VgnVPQ&{|etY-;;K-Co9xfq? z**G6AdB45YR5#$gCHabltcpGono0-dfO3x#RLD=fWrW^O0!ShAT=jh`A5wy9WcG>o zNd_y7YmZ&njV$4?lgj2E_m1g+gbku74rHo@0V+TF24_R+OAmdbf2tQc3rv6=-0Mpc zR9Nr(wm*}`>s{OS;O_v9^)>$)|7oYRcxWpd%C&CtBK=LJ2k!^(ho=Ms0JF@3^hZ@h z@er&htaGb3xqPH}^C?06`+dx1Jd;wiX+UaL^v0EG>Ytb#qwAB&wHq?c3Lp1>a^oKC zXZSC_t4UtJGl86wPOKIvHaZa~o!5=kMn=&Js!E_7bTuR2a$|kr1rH4busoY*qB(%; z+~1y#GbTktbzych8y%=aa=hU{@bQ`)ujP^1sY|D*5PQ)v5WqJO$=#l@SKD%T*pbe{ z-Fc?Dh*I=m>G%3#;eHo=Y|HfLAmVuiTe9(en|R|=>wWAc(lKds%iwg;Nwd<=;@Y>{ zFZJ#kV%q@`NU1?rt@5kOFu3FLB`(v0aGZ8*lV4)-JBdu8IidgQzn0y&1W&CmPMXMLjK}-YRdhwoA`-Ku`sj`7r}KGlLIGMA8Pl)g!7T z00*yHSZtxONagJC`kbrND2e;QIE&It=t`dCjBj?}dMlgT(|wPT(#B>2q(nKe$HPCM z%3)%pDzeQu2#ofb#W2BaY6+uze*V$C#Ce!~Iwg1?ycJD7+2~Abxcj!r!RG>#X7~7| zB$;%iN!3Lok{-y~iyuuF93(h}euoO&GZZHY>)56G$_8mw7z_L@{ZiX)G?hT+tlj|R zqX5Fe^j54F1X2OW-h~qk%L_uc$V9Rd%a{#@44vw)^~%3Dwy+*v9K!Ov1aeQ z6VdTEIWkJi_IZyrv@=ZwemOK)TR3HToR>VgNDrgp&^VFNLLF+frd}eOb@6Eyljl{6 zBF}M1*|?M85csWk`f#vi%<#OVbw9)ih=ZG|`DexYPLH0E2F zlEaHU74~A)%vYvkne3E3qJ?H%fs;)NB&DVgY*a~FgQ(4f%U<)F@kkSH$0W(m17@b*b!s%3w&&`S@ic%bGObPA;(df% zoAew&Q~k@h37-vxTehx6uooJfZvIo%Q?W|I8=a?7Eap$QKmVHO@ZUbGe|z?EV@PM< z)A3WOCI8$i>&fpyAQJ0x^%6AJW7QR>rEP`2Von(BD1U0GwR}UYVyxOX^j|dr9HKyx(D1#avC1Z#RRC^wQ)Owno0K`qmwX<`z*EcNA z6vmy`d`ao z;0oQkP}ZmulbB--Wz2AQ{2|`9u@khLkTM9`h%$=4I3FGmNIjm#8k*ev!SYExNkHZm z8rYU;(Bq#;E{c8y4V*3zqGve}X8`ab_q@APYL1))`@cIM)?--aav_RAwNt91DvC)Q zOx`D(HPqf!CNQ?aBHfRTF&=0pxiaXlJ=VT9V8MYHGiA3*{?|X~bNCGa7=u+Vk~AKA zf8P)1{aqvqnrw*yY{MrCbF~|P{!FqgFkAog!Ass>G3-st6mN`YBWcRA4m;X?!QG*F zn`yUcd)HYGB5K@51>yUAkVIE_-WH@U)p|ZH@WzD_zF7KhFisQ5tpdl)A+X&t=2v~n z+DMrECrsj**ECUL$j}+vH#wU+xcckWV?X4cH;B9PKP<)KZ1E<$sLA5+#rd zB0%=tQ(?6x?dZ1O7{ql-`Fn5eH|8%pA1@j%Tl}{A3LaI`jYz+DEpu506JmFc+#t9Z%@u6#nNYs3NFSe9W^tjvmLF|Bz=`BouJl1 zozO8)R6w(7hPqD7hfaGY#iZ}eZkw}`D09*Hfx=H4B3-xM(4y zRlc!$`nyem%*?~NI)(eClU8SNMTpj3Pu+e!XL@oLk-wjA>L;g=&zAFa$0F&i+w}u$ z#k|ku*oxJgCg=lx-N7sCDWdEh-Pt`B)BE_*Y;SbS%gS$?hmMjh2yXL` z2WFwog{Y-UV`#b|cbTxs9ZEsPt)ejnImOWV7#%0^?Hw!GTSQBXcIiCaX?0k5X~cPQ zRhRU^$slcKKHwTB!+e~fxS7219u?*=cUxxI%I;OZ>^79y8vdN)b6RG?bR^{&=+B73 zK+~;7Z?-49FBmr7f9$jXObnkqdjAV?kP;!M zV?|ZHh2p6m987D_>|QqE5!MUH#~ctWgdwW!|Du6S{f?X4cm#Z`?{$7?Ckiw!?@0U+ zS(pqfj*+~VU-r6lKP68scvzV(5(7QWjrMMue8%WJ!LzlIY?2Vd3=r6VeE_*4hdXyG zhdGrGKDTNLUFKmki;Bo8w|2?*&n+mYi8Ru#JQzh5l{nj=dS8}vx?y3o_X=*-;pS+1 zMJkP3{p9_{!ba`z&RjBal($p8*fgw6yTT{50+zp9a@XdK94d)raLmb7*>DoP!^$-K zg;{K)e-q-Z(alKm)5fi_AR_eTXd1uZ-4oIi&Z4`=K>kYFeziEfvGhj3?0w*Bf&j90 zYZ>(}h}U_7&}V0eGNv60|o7yc$WhrZciq0JYABmF>bvZIz5N?{qN zj%zYQ`#xXX`2z1s+t8~B*KdOFUS5p2oMH@;w5OlrHMZ_I{1&|1Zf zLv%OB{tUkaMblmemeS7*x3$+~v`#xZI-m11%}|s!H-3h+)7sDc0H z>I1=P6d4;-F&F7&((vk!vf!BQ6$y~_{k)OuncH}3Sfx>eLV>`yDBT@X_r&@)omxIB zEn-(v5x;ODLEAtc-A8*WiRq0lo7Qj<@j_{X#<14(LqGSang>tb+tiP_3o608Gqx+cB#0eJ9TsU@%ezMKX z-K5nWd;54r`P6EdrM*s>@Z|y|1A#WkKelZieJ+E%@hO)agT7CCkYL!P1Wz1*+f6!e z#o!LRj=t0oQS<+Dh3J+52e@}&ExzY6{Y}6Hz?cf;0A|F7D2TuEU%5ztNlU|NN1eGN zeTr17fjC4h0A{O)q`>i<`KZM%_a?e;nSdy0|Ig-Ot!Lb0VGnWDh-nXyon0x=9;YyT z#;9iEe!TuZ#es6UJjml$tN$Cc^l2)#9-c8dFVTVrsUDAI@cj`~J6Wid4mq!W9CM%) zBvzplFA0^P8v9#gv$Y$;G@&7Ni`3jT<*yt_K$@+3l>~JqA2x3kXvP zI2r4H9QC~uiKaAvCT~w&Vc0n)wwLS~qhhan%LDEBD_amM0Ai4`&r0Nn8DyM59|W~b zARDCCd}~_vF^k??tDT=gdZ#>92u)=84x07ps6>5so>zom#$;G|x|1EaDmfG#v>?|G zD~cf#533|_f0G&JjK7o!512qrl%^ICSWz17Jgs&5KugIVPGy!Bc-QdRwnw0?pZEep zwF(HOTyP-Fq0est(v)W4_@93XXI>P{sflGq?q24qcgbiDO~0J}soq#Ka)!R~98b3G z?#uRPN8-6wHCogie7B%$R+1T)+vbI%`*8wqQU1kaHJW>+7C7V0 zJ?e0MPWi9MSa&^*FTjBJGkj*r`Z@-iHe>QUFv@dw(cW_3z2_w`YTk%75r_1Zwl{u8 z0A`v5T|ru`$1svxfDcXtpna$hSS#|k5d&oP%f$v6=ZH9vo%rWq?6Qel@wdbp-z|r& zoqCq#{Zx)FlJZCA8_=(1pShZ;rBBDbj+M`RUe+o+WGVkkeig;$$tr%j}sGUEPM z7L8aB+-4dyLc$ysqtD!o^%`%8W`Akn{(e`y^wO%Daq=7|%TROO_S{+pgbt>KT;(mK}oCv8g;i@okUGcur^yDTPKxPQ~RN;LxAh2+}wDhj3{`%Xs=eTcMn z%k!2lZro2twpLB_{NFq-o-eGoQTMf7THQP(4}0i3`}w84LBMD%1HB>{-ZbeZSz+$x zYx2=KPVArHfUw*#T1S?j^WLJu?EXG(32it?g>I34uF=Hj5RAt!XumJ)#+_|;0A@jh z=bV-`FKHemNAU&4ga2Yx)t*?At3+o;m*c9f*YO^SE8|T#hABHkE(4N8GABjWTqyVwMcxW~ms!S_tiqp2W2f_h53GvBsOynHL=Y%b?EqHFF7PS7G9Lcr0k zn+GqnV1$@tNF@lBiVWf#R59ec7UTFEi(b>vQEp0j`3euGB?#;?U@H%s6{AmQ+dGN#$Fvrn|? zKL(XqHe;Rhc}?W0OxM594Hch%*Pu5}a{vS&4f}E^0D%6i?Uji2m;;sKU;f{D^nbwT zJ6}yKIDrcl;;=T2);Mc`TuJBTX&&vWwDK_ouyNGQ=rp&_+ ziqWInIEpF@jZ+{;U#(i7xM60}1Y!2RomGzP>EcuBNw*2gDj?M@4ni+ID`M;FZ0pwF z!R$5Z$jMK?AAGzHQQ4Gp{@zyaNy`A>IbPDXp(7xPoXn6r~yxuX)tRraU!Bkrv{_vcmW zWudScWc44rr(uqQOu(9rrut|%zT*u&>Uv0>&xrR+SFYdP5^ZLDKY22qR*yM!rhcCF zTQc8zBqi$yGRAI3bbemGWz;me%??>#k{eCt80rb1yG#pM6QN45^>Pyns$FBrWFR*c znGGdk*SpQeW8^DwiH3bj6wo{$x$rQu*VyJ=CI)i3Hq+gAzSYymhLXBTbRut4$xNOO zx3*WWE;dIhb~A%oxgsHMTeXE%zE4^?ijq!@;fCq_{EUxyOqoRcya0g7vIxAf2Yc)V#r-8-m^RmdU}HBjUTzZa)}2ojc+G93tXP;dr&>3 zUj{cPOIB}`kAR6n(Sh?<~Hm9kT z{oi1I0WXke)pu(xG%E^Jo;CClwJ z-aRz25*%$8^V1K}2LoXe)7#fTgs*CS!+?0^VKnCFj4(fA`*18df1a&<&YP913@mDX zuPKlLfrJb6-Kidg2VwOYl=YJ5XK3cKqYYuf-TmM0t$tdFWf0n-pS8aIfQ<@;xGvt} zuY;%7bJc3jLWQdqY9yg{W@H@m28|f}pmb%Gz`{WoVhB%g(PsSe*gs~DhodPfv^6LU z7e=2vzsr9_c31;&TH7Lal@}l7(h2R3@(Dub_c%cNIo0m%Q|5S~X{Mf;fc-Pmm>=|( z8BZeXA|bGfowE5ynZ4rzAJB(j{gV&)&7loTTbDqFh#IRM^d!y zoS0OdqrA24T(o>RVV3}~z*i4*q6AIZKP01Rnb>Pz74X&$D;C6Y`jRmXjnO3P43OpW z?H6bckr@yflt#tzf!`Grb`teI_>HYEZY`n~QK%*4%H`=*24dI^0ie++iOc2wYcV8! z+8~npYF))g_I1BI`E^8L`XS2t0U_X)f+%pky$e>mzIq=1h3rpyO>| zP4}_QL*>^bbuwESf<>xw-JR+5V&-#~)S%rA!{+uyDc5xs{^?wOEbwcsB2pOGw5o-z zJ!-pI(_wDUDm7Kc0A)FBq6q4RFfCz-&O7z1um%lV^s;d)PKbp?g`H>CGwy!GB5R0; zIQMln+lodGKx47H{lWGpN+@tgICZQhL3}zod9fZ2azv z48g$Gamv*SBz&d|>e&SAhA>J!0UqR8k3x9Kb8%`)YTz#!BtdxY~%_g~ph) zqn6AdtgW~C{Ux$4b*S6Aafg|DbqtLkvM7(reVc8{KMPIS9yf@a+ zC$RIvlOJK=#3{rVmso#X`T3Zwq-jpI+FdK-lkfYp>uR<=cttBEs)6^Oi22CsOBwmQ zC;Du3Tv>V(zp|*v>$tmud7JvX()ufYj^YHe^}M%CmP?v*i7?Go?#ILVqxfxCuZk-q zMYm%5G|;nGr5tNoE!>iDc%@~oSS|3;fiCSKWgJfvseW!VcrYqa9b>qKD^4zl_?tDm zI_l;H$CGS7y8xfQW0Uk6Y86-Zl-b|y9|$OLDl+WgDy-d)n}iUhhI-iJoskEVlf-$I z1}o+`yGq=<0(D&Q)d;*s>+sX+YQODXa%0ZK%q?%nbeXxe-pIn0hOUw{8IZHpch}q6 zvZf??yMQP5+L*m#aWDJFy<^7q|JO>#c>DrN__g5AsGcdEix^rGQzYd8QU%%~;HlE* zmv_@%Rc28`JY?pIHq4-ZQhv2UzmfD8ZlM3U3;di+v-9PA`GE?;4I7NP7?Wa&nemYP zSu_KQjrQ>}VU^un+_M6dxy$O{T!(2S@0PdILUpz5%AI6k79XHJO14wEJs3QC9!XrRju_Yzl$osmPTK~Ylf8Iz~Qs@MYn zM#Q>u@iv3pY;$pC@X)9lPwF%3f8E*cgAOfmZz#iwo(>b&)gS(rW~M6nW7lg9?`|Qp zGfDi4E-)Z6 zHR#-kC-O&^Z0HZ%N~c%#bJDSV^p<2x5n2NU8Lr;l;I(>{+rK{^W31de3PbEx)pr9mW_Lm%4pBGfoD z!W1cCFT+FCF=EjJKYoo9xAYrr8)BLo{iT8f4%Y}}#P(O@ z3#k=3Cm)au1}D;xo+dupbcgh)2FcMYmIw11(cT55vlAP6kz!WE3VUBf7@9h_wrBe# z?PB(L8g_D(_SVfgjm{sISf5R)g?@$j>ZOD=ss1aHjD#Q1SQF3*hj>)Q3(7|Jc}b`^ zLRT(|(8K=~%Fm-|;yFF9s($X=Pz3DKlt-`NKW%(b*Cw#;&K}@i?e#$fC&z6K{xHa* zb1|sa=%7KuR|nY=Dd#tX5q(uplEoOIVYR@L?vd$&-V=HGUmjE?$~|4=bRVJHI=60< z&_Z8*k4xP%iKTr8q4$4j)IE|HQY#goEFZ#~DTlAiNf`Qsw29B$ywzq^CK3Iuy75+x z*;+znHjA3c8^0b*7?$VzDK;!JCc+|hLY8q`>U{i+hgii65{obqM^IyJvp2?WMqLI}Mzq|s4Q#sJ{R(E=;;=?*|SQD4Im&xmj=&ih7EpCl>d zK6i}8u$Qo0K4VLcQz!dN{p(I{cW$!W%vI+-#-Fefv>I$ANl!yiZ;C;N48`K~GkhPA z&Nia4inAltn+A?E-18{hGjxq9VfDo_OPk(U07@lov6$Cwjeyvt82?Nnm-_AC(^`*T z^8%B^5$YFfk=#u!`}qWe-nUQQbfk3J|0a+$;0AbM5_hzgXH^!YY(tXO#-8a{*FZ9q zw}lMr)2bFsv*;$pe`{`hyX7S~QUB2dT}ECAFWR7_=Y`}Kj$~FsaXSBZWj4veOEl%v z-?7dR42GokO<)YRT%i1MWQ%%&Uq_L~A%FU5>JPq#3KljR{~9LM#sPQneoOl%r^Fgm zsGX03vqqMhSp>A;rI*K%!S$LW)X10fI70Sz?Ytp9^1deERld}eU93wOXc>`M37Hw^ zT{I3d;3-P9i1c0Nv`C@HVaCDw{s`;4lpk@9I@vp59FS|emfn*Zp=y$n`3saZTk>-C z&_&yjKr9C4>0C0j+Yf~9#-W2N*O&?496)canVSs$T8tHvp)(K-{bpuv__kqrg1?QA z>2D=nE~r01|K*Fp2ud!;+j0R%`@1bM1xqZRL(ft06>&=knZpy669&>DK0SzvR1?ns-belt1=Kdf-Dt=X-&%^M3U?$O$?AYo~=H&K@?g7$a=I7PdaCA~Y7E@bh! zBmpPP(3lyeNV-Q+uu{3*Mh6)BYO(}^7*p;BK>tJmJSVuP(D z1HaYTa+1lj${JNAankCJD<_X-a*!X?Oz!Z6)l0lPiT1P}*S*6!la(YVlv$xXtlz=@ zT#0z2#p;XNH!zKQyRi+yoH3SmF&e0WHoPgs}9|1(nfy9^8ED# zJsrD;D9AmP%f(Gjtf?Zq%Wmqf^-zyBC?L>R=2j^Dt<{%Dr^U+3kMw3<3J*Vnu||fd zhenm*r8D})&`rx!<7uyirm*Q?=pAp%;QSj!iSQ`HCJ~ol)3+@bI+DX*4raV@zrOx1 z77+5U@yXLkV5zg>yh`{u%kyP_iG`l-!1u77os3JLP@Q#(44lHsP?nk%xm)pG2 z*h@0xi2dn!B5((zV57=hc(YVw^6M2^61`!AU*6)MGk*@48Hr6CZ7I;ahs;XDtbeI> zHJSOzyzc6Gy`)Q*J5oA6B?FK1S7I=L1U)k3u%t4b3CS`=xH91_y?VY-2(Kjv z^`~V!-V|R~;EEX?GVOX2dDd>PS4lKkVb=XoM4}!JdSq7fpQfC}UT6M!3}p;hA^T>I z4R(UZRR5%6eh3ISe9|E*ufN7j%(8Wi({pWpUnwogRiy55DQ;1is4HyBWtLc`sy%oA zig+kO;uW;9G5)w0fAGp!CEkp{a;X5d(|^OM(7olEA~Q#T94A2@_#0}MO2}a!q-u}U z&9E;h;AD5Us}k5t8l6{;>T2GzbJfY|syl_+V3L`zCyR4%*2IHSQKUolUSBVwY3^iR zes}Hjf4H-Ey@ft2NBw>?wKkE5d*}4qE95!*R0K8e_lHZaFSi=c(B0L^dq*=TI)RW^ zx$CK{Lbk_&c1O1a`kOPQf~JlY##1^5kJI|81g_Qn*R{T8nkvUpm?QZJ=HMF7;Le2d zOE*6_hmJU)=Nr!#noX#@RNI1es@$5g|67DBYeYHfo3gCkF7-}R@3kvHDp=3d2q+l| z^RXYNEtwlFxg(697%;wRwqGcM-HwlLSHIWpZ#Wrxv|X%0t%M_8+UmYfd6bZB>a9bk zWK|!`yVXl*jY&bU8WF579^+x-Y!MU{=>j_;#u>R_R!u7}pINM(wC&oI!3OWo!^jia z^rGeezB%l-7f%r?9LHfy0FPzJsa~0C>co2a?6^&M?+O)+-!j^<` z)MvBh^``gNo@2HIpvTGhiMvRx#ZB;jjd)9e?v=_FubMj&1tT44uK~gA@^p3u>@c5T zflC6)d*qX9{o9}Om_l^G{2@mn4t;8<=U&Gut-4k^;+#vD?ZieUW5GuZDe9p`PO;FG zzlaBgnVn}!$q|jqiXvFb2kToQe4tMI@3&965R$h?L0&$;r4YlZWKo1&$EZ;b|7FKI z|7v$?_Cck0Z^o+(p}9kG+sp}ts+k(oj^E9`Hm$BNvxRqfSDGMxsS3$Z#NpHBh^~FD zh?}G6ehp0LDfL!5G7TS_;&n@|GHM4zZiiXePKymM23#t)#Ga9v36eLdp`-e1sycmC z_HOK2>e7xF5`Y9U)oJImFFTi>$To&OCnsDB9U2<+{{bfql>?>v|*Z34fTc zY4Stz2+PHNy)sCdDLB}r)hVf5PHy8z_}wN~LRTQc*T?E)BfSru`w9`$k6#n{uUC$DGsFx$1S3l530Hhq z0)ic!ok-u<%6z%{!yzIHQ15e{owGo?WnIL)Km`X-5$RODdaZ&;iORpKXWV^BCt1uS zL_PcZtj#EauoJVZMkC`5faTx_kZZEaE{Zh$kU&87nS z6}2T_Z!lgBlJMzR8J!8uTBY%*POjPG>mdVbb;HsX5LSpw;{*~UUPqIRX!fDo?M z4Q#an1l)-w7|AM))`R1g^V|eg9Vw`DeGH$l&v)|KoIC*`1WEEXftEB*axnza!XdnS zQ*%_Y=;U)Q?GX(by~k!Uz^w!u?-~!pr|W(v&ze%K=L?*5M=xx{3k+hUipw!pC){dYge*V4O|e zs)l0P>~bN7F$GJZI6LtAeSr4P5+=zSHmc0Lf*>U6y1DjgtVppiyi2`isH=AJHt$POc)288U_erpUoY=1*BrNP;h*$x40z9zTdrF%zm`kJIbHY0X5|qg=i)_U z?j#J)oT8^p_^`b=U2pi`KG2|$J`KaAaiB8Y>z~DslSZtvg>6+AkKkYHg&&mIJVSpo zM!1Xn%Ovb#--xBO#Jc5NC5umkPB)`&WeymzJiB7#@=yKTP+ylJe^C0G=hhdZhvAn< zQwN#`xGQH{>y>Jb6x}DQj+w+eOt8QAUxBBb=lVB9LwUyz^pT9U3O>!{zwn3^DClbQ zny|p%()oyh`!O~8Ki;9U^H~2IYd&K!CrEz}EaY6q@`D~rtT*q^7uIdj3VmMi`D%Ty zyM54X>QB(V2H$S+PxcSt6+?7~#;9{0QVBW{R<&hJ%P<6uLmr)cEL#UN1>H%06Z~nZTZg$Xfz#zEi^DZ8+^eSQcb)ve?grGSl6iAsEVo* zEm+^@So&_2%7X$E0O5G8=O6yu{Ko*yO|y-XPOiKF>A%n`CP2q3lX7$Y^TS%aiW*BP zdRO)PipGLOUnjLl-b|s@-(BC#*Kax$=6^;{+ty<0U*~##%`m7X(@GV86FO1P+A3g( zHRlw#A-t&b@V(~uFV5{rW0ob;;@9llO)*Z(M+wT|U;@!tZm6urPDB46Ce4!Jrmt#* z354Ca=zD_B^$*gx<3ho@j8#%tAAn8Tp3qdRDPy&leZdi1nLb|9Fhc7kQHIE{Wzurl z-A&XhB7^O;mG%9usA_4y6%-_5QgqkzlZ-b2J>2_dOIUJ#bj+sj=4ZpGg2l7{Z>Tf# zQAjOeFmF^ezD(tZAthEV^VsKTM>vP%6xP-^XSOHF%Luy@+?r>utt%bLz_mb$)Fgof zyu>0(iEKLW(i^Z|{j4RBAjBaXX=Jv!Qu6|&%88_8V}|WMuoMZ$A9Yx+hwZ$q=iLNl zcP=c3%oZ$=I^RZO6*?hU@|rFX7CL=iLtUwE)pz!Vbn(n~sy9nq@`rC|&gb2VUb)C5 z&cxvY!v@9A)tZHhPbi2qHpkOh$hb`$zH^-*%r?=(@lc@sMxFIZ*6_Oz6oJ(R9jrtS7b$$YBsTZ=ag7fwEU zH(O(&s6WeIXWGHmE6vk&4qSr4_(P|P%WNZ@*Yn^df1e#g6s?sXQxl8qBI>ZS?nE-D zlf||ozaFCnb%3o{odrlz{rUtAEgpYq>dvQ5#H{;(oz@*jpk?3`&$s6GY;g`l{H~tZ z%@up`Ot;*K{K=wknPo1U9EWvBhoNY^)#LI0y?Y<^+=pKd}PJrZG4cqgq*+`%dH zoKsgDt1-OpS)=*wmwliYHhpM%lEj*5X6*iV#m5%!A}eC_^T8tY)zXZxrPbU$TOVBV z;Wl^8-Wv;CqysmF`g42u3oAr8OAd|DU57Z%kH(ZhZjqC$H zlnXid5QiyW9sPtvAF)3xAbm@pT%8ldipKtv7mONy&??YC0PIERNX$7Umj*)kc9@L9 zbPxUbFqNbh3LS7pbdD`xwPXq_5iv=9#Qi-k`%I8^w{N=i?XY!KFfq;Lp*Fg z^$eku74IN4s%ko68x)7Ft0`Fy?x~`V~cw_Ik1j@WcJxn)f#4hO$Xc zj9@IqTPl91a)FQSk3DmzOSKfD4Rl&(FGor=c(W#)AQ6t+)^W6WxwzyZS7A{hK4M*@ zm*p&LB|%?B*0{RzxTlGgGbZ;p2IKYq(ybF3!_10fEWS!yBn?s%wql}_Tr%*QL79aQ zQjWF*o1E*GeUwzn&m}m5&U^oK=(GsSJeT_-6#RrCZap%Nx`$g|#}1%CK_E{}5n)2r&Y46P58PM^QtNZz3$ z{M!QTT6Hh9-2~wz`A0= z1~3xsg%z4R+rBBP+g}sY&-$f81Lh1Xxwy)!Nf9U{6Z$|bLwp~u;@CQQxOD*lB?>H$s%DBB zcAk#xuFlEs@iJaNT90H(_!tOHf8Omhq&2mJ&&&J^#IBN7Zbxfw3m!=@#Xf?0}yvBwP8MQ*3*eg<2| z_06|a_r1unDbuQVqCJz78wiGlf>s;P_R=K65V{d5Tv@Kh`aMSN4cG@SjC2RX6!`>zRRujMjy6RXg z((AH3xg_cs0M2_@th-LzoK!q1sw%!cUv?rG&ck(lb=dP_IQ`rEZSc>Cs-Ym z{byXEZ|S`k7FdYl64#aB5FdM4^tK!FH_+9v^S~8+TncOgF+wx+7-H6o+{$sL|M1SA zAq-Nv9Pa@7CRPa~fJ^&EQ)T7fxj9`H1X-0_2ZNQ_Z$B82E3W_!*dM$$Ysnw0pCo6e z@!QX#y~qgCH)Gf3Ag>k(l3&r``545n1|-=h1QhQ|Pp1lcR_b^7rIIeNYe!-&C7HZh z)(pbHn<>ya>?RJJXsB4|Nq6qpwiV9bWvIk43gqeH$LXnQuI)@Y@+JkEs|^aIMAd`H!Y zG=USN+G-7pRMK_%nhzy3N;Sb{TwLf%-#N4W@@kXK&8aE^FWZ6K?-R*({z86Z>4kTc zhYtr!rjfuc0P+rt)xgb0k}?!G)Yvgnm)kFgrQFYJ8YI2+mfP>(7;p<5Xu}pILvGpyW9g4;w`CBscPEzHR zHExlQI_))-+1Dde&owWx$P55hkHeTD9S2jSg-&1+!8?0)*(bAwp(m~b)gUDo4wh!Fj!IK27`)WWx^%lj>WmSi9N zjMbi1pOl^ko_Ec^0m*{RjAt}|XVr2FAnqS|T75Qub6q#7m0L?0Zv(tN8Lu5#!mF2y zQW}J6c&;&h ztM<5k8CLxymtE(_v^kLMkpzy-cGGxviD@5hzagF-3-=;?(-wzz<#;LsA7+2L6yzu`o_TDn6uBF=o4FrM)mjFS7Yw!TUA-Lcdzc*-DA!< z27oOm+=U;HRdl}v6EfMuj?&WykR%A5*=cxgpS}XEf;w)UcP9A-51$%f?3g4aWuY;k z4Dxjlo(tg|^)x*}l2xDWpq-=xiL%|GBSxEPjat1LH$~dqjAbme(_LwM^o889E?hRD z_~GQvC7#Ur!oNhYRksw1&}noEh18xcz-gnd_^31MAX0Ee>ApS~yU~7H$sAry-h0U( zx5=RHBg};&NC|$w=&%aTL`LzEZ}cY>@bVY`q&)&yoX{Cb(v|*<0owh^!j-rXp3rkL zP2snnizhY}_g}d+dFFrVD?{&}tBCTqdwPui@>>|9AX5S~-P?+;Yd`-+VS#~!h6<}k zU5Xc3e1r`(RV&{4Qpv)f>Q^Q0SFduAIHoH|L^|PLFWt<&z{}FJZ$BVqB$&y9>SU-0k*4asE-D@$JbXmIejtn+t>PWY)?BzE`p$C~ zeYb}8r@v?qUYL2-=}C_ykv#G|KEk+7pdnNDsvRFzj*41`e1@T0hJN5}ip zLEUS0bVHm{m&ZMGGOpaLnauUKiD=iNc!I+LI7Ar%h0m=mwEDx1QjI4UUjT8L*(*ac z@6CZk9*JLGeFI@%A&^!5X%TtM&lXC#2z$&e%eQ!(Ck(n3j`vBYsWlR1VtzD2^D=@m zCiQb82dYgZwtlh`j{~@uON6>Nl`mxL^T>MUzU%TO+7$5*?8O!u!N=XvqG;6aa}AW8IS}gf&Pyk^34^1OlpB#vrEG z_P7@Mo=GJIZG&UnfAY><2{-de$-qIYX$AvVKozEV;8FKQayJ0*I}@#P{F*;ZkGGPHO9( zz|s47UO&M0^&4?@cbALRhA-)kN?%+K5;WJtpuHfTQ#?jRpwKgSxjAFTBln4}X1o>L zyEjiA@@=?XbqP~@^~YO<%KizE!gO2waSr~^{~Sz#q(MN?^}RRQD1bx#{PTN(2KXPJ zZZ(ttS@oYz$>0A3?f|?W$H%afDE9ZSfBW3!3pDnHz$V2XZ}N{Qjo<(OjM#u&5nx_~ z{PH0Ddf&fa7bkfJ)VKQyH`5>Z?yoqd|5Wwd)*%K0z%)Sqa2oe-?K~C(3fx5^c#8aj!hh?5KYxMt z6dG&5;7MlkA19hWU-NHm4&et1tlCP?zWS|ue!KpEL*hSu_W#Y02n2jsEgZ#fTseXo z!{e!T}}U4RC#-x%rdD2 z7*?Kd=Xn0R0{>%aUL#!L{A7BdDr?xlM>N*=-!T8zQ7+S7C$CzhOcM*hr2lVj3s6Fk zm5nB*3xQHTxa0rZ{Pe;+Vn{F^%+gMv*6|ktc|}usiv8O(`q|BM*lJp&2SA?S@zjX+ zjv|%ZOVrc2w~_xcyMKnJ0lk5&JsLwAP`^_&xx@I=Xz4-z)o6XkgqNWHVhk~AP}PnU z0$qJ|r~J37|DP59vuFO#3jet#{r_@dwtq+Bd119WZ&?+l-Q>~>8l5Hlt2yv91LB=F zKBTf+sw&jm30{}SWMFC2{iO1)^t`k=257}XCJIL1Sm?H<7b+Fth=yU|bce5yIcyBk zwBBE6RyuAn9s@KCVE}g21A~0yILIKX;=^Ln{0@+Pvlv0nCGL^{PeF?gHi()#t}mr`EMr74nO2$Ic>8} zJ@>+Yf_=@m2U^Vfol>i9j}KME%@MV)74~Kh5yn0U^4hN_s!=wa0@~DJm4?~4NVtr$ z4tqlTpB3}s%%*nq6{^kjXQVQCTxCnNZ!2H07}a0h9zHfqf0zCF@FTLXWt=*BV z`~1EnhIDR#=%b*h%(7d`&a_CmunVC3!@OKnA~icKkVz*6j;an{Jz|x8&1R}h)yA5y zpSGp}!j5fjtD)Yjy~LMSMWd3q?*$yZ#Tb#9Yw<0iml~aM0GSOTXT#B~Y>|n4R0Q}V z6M&^y=NjxjG(Xkg=xQE$7g;lm{nw84lL}}zW=fd)tRMr5Oa0<}2e{(}_mXu{!dZ+Z z!_#d?Y>8Ckvy&JW$Wy6v#^WeXyMdUIf*sq%dI_h)hx+|RDR;xg`mtPtZjo4I{|SgO zT{n=>z<9Db%2YbE69x!vYt+H-HgPVe7+Z^Zt``>EguaX1SxD>t;rtUuZTHI-je5x? zlJ%C8#+62UyDJpafn`Bgpvx%qx!;ewsIK?aNSzX{PQk1&F)BDNKDOS50`BsmjeVgeGJ_LjDR?Kn5uTYG`snD1oI|6 z8LlfuL+dNtWU_J`+n<}{g^&vVzbvb0M1F%n*vAJTiwiM)v6t8u4LDWR)($78+cYW+ zW!^^BSnf>DbajO)O>$^Gv2AOK&>-gXs_4t$iq}}F*|j`A8H}Ig)?$C!@V&jX63}|5 zMFY=Qn|H;&Y75(6Xp4c`_EFpPyr7%$%}>`oR2m@U*M)&Sgt&vtZ52o=EhOU<;0P`=uW0&@PX$` z8*5N;Lc|gMpm)16dD;|rx5NO>5S30Sbvp0U;X0@}kzzt;`!%s7`c%3#`wy*p|_&#N2uTS{$=|ZotD1 z(5?kc*EYm4EYz@E=;<`V=^&Bs5fj`Einq7uC|QmraYf0?=FxfaP;vtis{pvnX!2n%?=T#4*$y%VZR>y_${ieEsB9888rUV z_#cQca`4!|tGujEAYe8KslQy_*hJ9!xzlsfj%TXz=3)jvw==E!> zS!$_oWBXz^QClu&7^8sf1QJ8tyg({EAO}W~#@?ixO*>zANDkoP`qqZ9_q!9D%nBdh zImgnf_{ZeYWyI!A0?gb~o?8?yDTc5~fVG#&w$UsDT%j1_GbJE8kIMsF9-G>yf<>Sz zoYgr~vHpt#9GXvdL5hWnk-oX%b9(jr9ne*lGqTV=Bz8FP58|^>P(!6`NqA)0UM$RX zMql1vhVRW)4PL$f0xP0X1w@ppo;SCvaLb3DWr{3Zed+Usx=(bb3Dm6mrrpK)Jug`Y z`__nF*p!)zySGlQ+=jz%$epovp?aHSB{Wk4Mbtxgw`trWvg_~1?ic|UQaccmaSDB@ZkvW|1SUP?HL1;1Q47Qg-q`CEIuy67 zx3X+51|^Hm%v+bel&!^v;9}7QNrP$MXg)7IZvMzk*!F5t>0XY*fQ*1WKFP&-({mN#ud(`Dofg3 zLQo`M>voK>&TUl-WEpG}@OG_szGyP8nYwT1;Wg+oo7t@1z^@bGR9Xua=1#= zUs}ytSR28Ne?falxG?HVf>@BLwN8M22l)&JqJfQm=g)<8o270rxi28pC7q*G`Dq1m zz&Z+I33>GbQpso%{k6dU48Ptwv?Z?gx7<39a}7M|n-pJ70{^w$e%i$WJ-jDsd{rr! z6d7>g6!n%i%Xfu{5TD)Bx_N`*?~6Ju9&}RdRhecb1yaeXz!j&LXPU1`|LNm5u6FB+(o z>wN4%9(sMz_yG*hKe9RevKa7LQORW~uVQGiA2aw_l4uF*qi^1!Y&~!#o3!0kyY800 zSi>!KeUVfWj>Di}Q(Dn(J^m@j_&V$uc%Co@)Cx_)_Tl(+=|Um_ofhk0Vw3h#_yLm^ z<`~X0Y?a7vW|yOZ#@uRCgb^Je?vU+d-XdkfS7rmEDg$=1ZgpBe<((XukLp2$39dB!PL>pdjoFD-hHimO#t&v@2qYnD7ox^D?hLf&=;-U`kx64a z0l6yhYq+^|h5T-`<#;ew_NoApi1u){W>9|!?ieb){acRN_*+Rf1a zl9goBd#SNd-pUPF_7kE5hy^UFgx3X)}=3lehtt?i@n3ehNfA_I%`!} z^(rlsHfb;D_8SL}*;h160=h8^(~CV$(TBTh<%J6JT|o10pL^Cf<>;WvHuSB#jbd*G znc7rQVq$%PT*e#wupdWh%hgF0BjZVyc8(=#<(1CT?o*(Gbia|4V$K`NOuyoZ53#b#$^dx-4`o^5UldKJcr7EK>UpI7O=p^*0k*s~OIYCi|BVqs%mAY%KV?&kt{;5(a{ME~WLn~EEq zROW%^Wd%UJ>ZsFg_ig@rLtNCKYT-22Wx z+TLWfNEcmixp^+hcsvZdIDs8xKo@EWk66CM%1qO8IwHw&+>=4w!HWr!D2*w=PCpincvbpeEC9jARoYi=&R*;UJzI z`$}w(J`L$S-@3tUOp9(BeerB(+S-W6Mz)BwTII9+lu4%l0FZo>0JWN|aq0KM5^ZA$ zBhuyQCBO+mRtz#)J;iqo0YvG@yXqDo>q^+Ta@kuENNOM7Ws>`2?BvHllZkL@XE27% z9$pfTS;J^_61wcoiqNriy$GbhLe#oLJJQ7sS+s3QOd0BQf2nn(Q=eFnUE6dpRqm55 z6Z5)vKuTP&DF@!z%>|$_EGx-ay!m08Jy))`pK6GlJP2%&8+4$j^#B!Z>NsEzs6dkQ zo^izXc^4C_PG(uKDXePP3pgxwL3W!vU%rx(tK4(hv=s?E-ykA-G=4zlR`RR9_M~C= z&$;Ox1Tpir9J+P56%Je27daWJuj&0WDg1vd@FIXToW4*{p9UCiRe``GsU9Rct76#V zfQ?~d`l}t`Jy;mZSeydSqI9Xe)@Sq`dg$+=aVJjJ>E^qn_~R`A znB;&bX%~-v7MRffORAyocddxeHK5`hdF^yvswb7wK-?U4|y<32ww&h z?4GP2YF4fdy)XjowIZIL0%~Qs#f*)fqXeUB$!7 zH3*J(CqFa-oORvbIwTlq>r&LG1+(cw?qPDIaYKx>8_y~l^tTPiw0^3`)glK0 zXMicSyLthzfEQ!e_Bch1qh5C)>_;C< z4bQkg6tZolW(yp~pQY0!aVgB#S_cn=6zrx+nM%`}+F4hXWjk*gp&n-gir_9CqAX{n zz>UTkDgvg4nGJjTuQVJ>t?RHOPV4PQ#npO|9ZE(KyGHTfy49f{|P61erEKly7_2r`Ds0N6@Czi3hZ)c~V{T@#h)CeTbdEv$!PnDA7Akg2+1KTz^ zg%*!oXEU}H39z--sclnfLN#=YaE}!|ZMI+Mw5$3|M+-?REF^GeHTWa2Hl$q|dp`=J z4|IY}*--y$IpD(lc}kdIfj{6-DW1l#dpxE^!fB>**lg7yd>;fuPm$4G4zJgUDs%_P zh}Bim=q_xCAlQV!o1nM~mXadf~Oswu@HMPPZKWA;ER0)M-+qQe1P$QrF z^WV}o5Y0`TJRNPL?#}6Yqg@*XH~TtX z?t?}=C2B~E=OqQ#nno%whv~@6>4!`n*SSSS`}RW~19l7}iXbe(6(66h`h&(@4195F5+QWV4YaOn zpG!ez)OsUE0?&yk(t*#ubAxD5D*M{|?Sq>fSE{wezF#qc|5vyH7z-5+RlT`b;4sfJ zv599`{-{!q+375s{G5P;Cb`hCH)>mZ8sn1JdR|0IyaUR#`IYpvT8X*=h(r(`yp^L0 zO%@KanEXshlC}kn!~he@`OEz2BIh8_FthR>%%9gdFgKrDGMv&V!++MEjM2M*gTYOgIx?-g|Il~I7IeS|h2d#BT5dq&qM zk-6WZNGXr@p3CHWCWx58ObU(3uWDgCp%yOjlc=X{47DfH9~`X zWfuWcC+={VzBnq|b)F`HREJ#4JCg#~%DD_5`cMnujXb~1>}a6>hgXhA*X(=JJ9djd^4?I6-#z>_DOls`}Sdyjxyq~CX>#rVjIvb%j!jkT4NjGJAXGni2_D63_#>jxDm&@6ocWz$dc;{O?Nb0sovq|TL7Un zD#`V}VY5US!&)t51Y%><$Yue@(_|Ttel>9HCTavg`qsifEaxCKzUpQ;z$Rs~Or za3E{_ypT8=CCXG4#{_CXJ;wO~0GdLsPjNvD>J2{;N!|$_(wC@sEJCosqZwRPcPNup z2Kd`CB z0@RJ`VA$2&q5wsbjf>fQ892N%p8{uw5|On`AfYQPf+}^(1Q5tQ?6+K4yLe8>-G`xS zzhp;008qanMFM`Wq|q)jH3e?`%OLNxl}G2@JJ{1+ck1u0tO%y3RDbbnlk5J%iS@0Q z@1SVto#j|M0Yy=TTx@!@>X>}GpIAJi>XLTV$LIKGpRhD{c8V-f z8MdOLM$wgXGVx@wP|vxbo9XmrNElPgSw>1*nh4S1F^NkyqhhbP5tlUPx#2N$?srvSe8s z^##Vjpo;=<@HfAt+F6wwb?U-=pjD7+d~v{;b^}BOFe@Zk!_~;*%$noP*6uGi zHGQ_)>#&$9`EU0ep)56xVBR%zYkytoiAm{kP)FuB3k`gO z7I`bg10cQHA%JB;{RhjU^$YEJhC?Pak$(yDyMOweW3j){Wj{xRy3S)pH(N?0Y`7xy z+2=a@HA?fu3%59>7+(8t0-hOUrWDe9F`yCiZhw!FPz=g7fcZR5EDlF{{yQVw7~|x4 zvpXvd^#%Mn8&|BicF(hPqfEH(w%g;d4&!N}`vEGdncUBGA%>;I}PS9 z(3vMa1Xaqu4t7VhYP#SWL}cC1@`B~G7H#P&v3wn)pYWZTl0@;!V2`ovtMvr2KMPcJ zo$g~F5##Am$$591^lw_BPODd}o>;t^bnTjJ1ynPWT=wVtU0z5K#q5!)ckqO`GRuP+ zof_P3wsRy5%C;Q=p!5@ca`o%{OG5RUwPExH>{^KmJt-WTV~$^Gc> zQ3zAJ3ifxvNq{xPLxB&pyUQWDIKdhk(ysxF$4hFC9gPW|VDdJoy6Lu>Y|1u-BB!NRoCNV?()K5o@a*29} zgY)E51bx^8=kgW~rS=o3PL&VPyMZ=K+@XK~rN-2^9_0dAp$}G;o7X_H9BtvZD>U$s z|8A#@-NsN|*GOh4-o+5N4JJi>JAgCutaIe=cIKI{cJ&V!$Q&XW<1qk>uZUGH5pN@+ zy1(D{WMO&Gcp|woAkEGM?EFfhW51B~(Cfj6zv!CufBn6nJuTmQVVdQQXDPV>R1Z|g zky@$7{#?R}#CbQ?z*i9b8$fhCd79-pY!_`+##?tq#LwZdi!AyIn4blletH)@)bwIM zBC&*eU$4tjyffgHM>r=$m`vh(PYw;JX4W7qkL)EhmN_DDFlfA`#&lv+oDSHqUmRR) zI8_-c5=b(CvpKC9PJ=rQcpTM}jNC5KJds96G;N3Fg|K#disj$8>PIY8yNg6JcUf1p z^PWd?nuMbAYsHI@3-cDpKSNSguM_$#IwZr6)tZcy2fM(QzMJpP&_cA$6Y6p_ z^yN9h!4%-28U->*XX>-!7?-e*Gueo1Co8()D#Jh$6X3h5%`XEh8l`h*2I{e)@S(EX|Kp`K0Mh`Pdka%)5TqPF46K3 zAo|SphrnU_W!wiN>6B@4<&mT-H0nNJ;iSv2pqmm8S;N2XI|{8gpuW8%j>)xBs*?Qb zTmgmK9PFUdQU|Y&+QFXS9}%VJc($d0&G|aPajnp%(aC&@Ck6;1F+O(Q`kM3Ma*Z;f zLlFs9>qP2Oy*Xa|#dk_c*v3b|dZD>u_FQq#MJw$@lZ2S#4*Q#;_di7&MJqd# z$+g!V;kdT~@X2FG!s$O_qW_46^pgtx84hh;t#yMhPVHDYqD>xSh43bz_SG)=L#37$ zv|k`3d;wF3;RRGHYX|)Co8S7seO=sFXpVw!2Wx=w7|Q7K6`9>2LpRK7exA5}kOSvP z97UA{YEsJi4m-l&07EXyv60%0l(oXUx0O`wu9O#s?L@yjz`8j7J_yapT!+ms26}fr^X6c)$rS#@iz9e$oCr!q?orPS&U& zh+d{-IlYd*yKETYpf#v(R~{c+T9&Y|2DBQwhGh|r?OCz*`a~&xefNshm@t8D7(^Qn zYE>)}ACqnS{XV&kNF>lHpK~HSguP62qY|F~9xF>O3@sQ0dD(C>OFsb7N!Ql@APVw& z`}~y{N+Q%pOh_^KdR>jhav|Yr>xHKvG;Ych{|o*Taiqjyv{W#pCQvrR|D$OTRHP!ck@@sh3XLZ!o~OIMNS6kd-JR`+Y}5MB_58`uN|j z{uWd#PLc}5FeeQ?OQ;k6YiP}X!e`NlfY{#e_G_TO?0)}q83^N!02*$@@uB&@;+g&v zIO}%=U}s3t1f%~JRVi))0}u~9!aaHN_~>;sCI3GP(tDY38CdMMy~1KZh(kU!BD~99 zSlD`vFChUfM*M9@2#w9Qn3&uVQsx4VaJs<0Oj1SoicC(vlVPhd!%{Pxjr zh_XT=GOY|+Dw!U!R2&w_)??fY{I5cPl`p-3c30(eBAB*_U9Xbe4l3)x9P$c~4n*9JSgKQRDxd*LUX7uxA zt5ow1)@l1=$^Y>U^r1r&%#^bZZjQ3?KVGt*E=gS)%al55P!}&%q|UXCnkkjLH}uu-!Mf$-U&MgM#FLcu3sLLrzC-pV-{%xy+5r5#Vac2uQ4oi<`Z ze)CKUf}tf1Z%pAUruer?2;iWZL6qRCY!4Mc`YK6PLUY@$;MJFx{BuphI8Oa1#n3{a z>&nfczYSMEClZok$eOL^L|@0F@Y1DpFd2pR`wZ-X#-+=k001{~TCqn!ACT;cp8Wf7 ztw`)v_lfH*-r7x<;b{{Fvd|AmPWl0*1EahCUb=+DSN>wAD8fdZen4@;3*NZ!yEx0<*-0labQw5e2HGrV!0 zf1)($|4x}d?};b+>qZ~Bt<14;a!RWE;+XzkBS&D212vMhW$2D0OGqTsg1rBG)8KzK z4SBmLPg6P&GQKW#@DF_ibS2P72=~>KgCX*&J0V<9e}CHkulDDGsTjhcfv3S5k3jvc zZQ{1S+P1wUJop(1LNSI(oA|q39Zz{8ga?dR*HH)^z7S}xazpy>RdS+;u@(XWjzPkm z74Q2gtHpX|{}!Q-l*6ZFK68;C=LC)XkMF3F4EpD+10fmK9<(Tbt4s)5A4g6J_*Pqc zX&HP;SmiRDCe90ZH>hXf0lS3rE(rYh$1alneC+P@LgTZ$y(+n3Ak~#DGE^Q%u;bke zz#P4%1%R3V>6$#bZ}*ovu2gf6zK;nH{coQBap40z^c-aZgEoY^x(D7kM_tl%v#jaB zYJ{svlicyX^azNlXjlO@fAjat;L-a7PQnL4YN=q=56J&hn;&GrleDaycaVW5k${12 z|NfEQxaG9Ak`s?9j3RBD_wudYxZrDHYN_h(5V-%eTT$vs4t>qr{^!38rsTVyBdElP zw=bXXGJ|!PYxB-hFiHCTIztL+0>y;Ir~h3oD5!kpRUO{{_+u0nzKUTL0#%i2u9xaw zmQS##wn)oRN%n-%Pp7i8pXPes8xk^30mLzRVaY@P8MuIkE4(rDnB5u2u$jMVypNw=?q{cNx0I_CTT26~j6-+s zZ7Fm7!=a#Ak+tq2-=}EeaqS09b)4)LRtBy2E{&jCD^OfROi44s*QoU+=nQ^bU=pkg z(J6`jG-9d3B&LB78`H}nrK+K9{!!^{j^{Zgf#AuuuL-ZyQ~C!zranS&2DqJOXC_NP zU+%8ftXM6l_flTIK}&Dn$FybV*{f*5V_toCdO}y;9g$+zoPyW&#_ptFTY5%Gj)mCk zC>GE0)SB6#du8eK7>>zirfc;)ILm#%hI37fG4JE~?hGrSFjPEvKg_wpygO6Ql*hWR zTAOYK33cD@E|3PqHispsvh}_1&+8JP`rhC6UM$qH19~d#gGr2>+1?jz2^BPvyEID+ zm27YFKQXTwDHf|T06CPNO)r3lSAqcPgN)fiUZ*2LxHMXo;uQ0VR?gFnVL9uKA11WQ zpY@)h66v`t8JlkUTm<3j$fkt(l+*8Cwgn=Ii~KV3eKgQquM+laO@o_V_G?`uc^o&8 zs~n6U!sk}5sOemSqqA&ic9}|zQcJQ~YhS_JdwgVwgQQp$ORirswvMlEvlHrW9Gv!+CTN`ltsxhEKH?wy+=PBp- z<@uN4J6)WVGVM`Ga}ebFgMIgUa>~c(10%l2RjG;cm35l$O87HMjdh0RcG41tUHwMs z)*5M^hpBr8PCTb?fvC_?dxL_DuTo5W))q5m#x||S8SXdRn~LdN4XHp6u*OqGI+6of zh!#=&-zNhLNfIa`!a{z{MEPeh4)3TfCqKC_yI3!zG1M&%7!0!l5P05~aCy~c9h{AN z{;d%HJ+~CJ{HkXYK{D&eL`*s~;lwg#zUV?Xh)e>aj`^N_rB5urvpM5??XOXwzxPrC=A9ynZ=na9{{mlxmOY^`lvNVwwky;;76 z7Xm>k-~D0M*QH4c0wH0Ev>J|&DES`eG9~IqLBi2M%ZavhjrO|Tvd>E8lmugipL&!&@SoRzuP1R^Uiz|_zrncOOxZf-phWK zdh6Iv0Uk!^B{t0RIx%Oxs10SN18}tzJS=;?(_v0lAfrIcj2*F zfj6$~`{eRyl5TARaB>}0F)!bS__Wa%U$#z8r!4+ja7h;6e}_xi}C9c#JWP40%;MuTcM(-H>lyps)hR>mYX<8Hnkv0*FZeOO$ zdPfZ-dTe4UY$>yNi_#ezCW zJokdd2hRyyO2avg2bKUG_x*u#4*I+E8EEesmqmL|r4|im)?Qgtt!B5%@QF_nh7+~> zE+!K)mgzxAJ~gddtt`cA<@UW{H)7}JOO1({{*^VL27|n7_XDk_oxP#lIBa*Xa0dJ| zs%*DDuFS*9Ynao^6`$aI3AQYZLDCCVO>6Ta)k2Hb$M0~go)>a9w3YxuHpIwt_~YcU zN48R{#l!iBR*_o3&G~RxA|2Uzkw#6?oO=PGcE%u6+idB;^@ir5x{pP9J-E0;PJ}D= zg49Zn$+QnpDSyplwK8&}sAX<42QdpXFZs5xpA3sM1fWvFAN$obc^0A&b;0+Mpe7e< za-9@Wz>H2w7hBgcmulGVdL@Mh<7A1e#MJnuaMp(7(QDT(Ui1@(t?#w&yI2pYYTBA} zlxi=~LmsxBNHB9FY3h}oLlrX~%~NKW z*luBt#1h@-SS4!Q)gRjqx0cBUcY%nQdXCeBR~YLrO4M=}cH}%Lx4A0xzdXC#i{WQR zXb%nCy4@)O@i*MMnBP)Qh+*-18XXsVCTH>Z+$TQLGepVfo35y8va{Cg-8&vEUfX=n zG#*UuEotj@41Vj`JFB#A{M1Dv`)}Q$_P`uf*!(P1KvM1(R9_k*~4khEb*q^U- zt6UlWp1vCCeIK^KEEjY?#Rxf(54UB&0zRX^mVKf5T&}y{4+DO;Bl(ZGV9+xf5uQvGf)5r`EmTC&EpGyz;q!WE zz2H(iYk#OWjE3|!@t97;io2`<4m!@dMeb#K?MC|g1?yXv@VeK5s&G>~*@#qGPL0?5 zb)q(!k0MCM_%F=;pxWg9qCZ2Ws9w^C>g8jTFhN?IxLx@=&At&MYsBbx^$`r4W`l_q zwe>WGI=b&~-jFi82|Rq~d$?+wc7GVAv?AGM2uOIh{~2oEmyVJ7BzY~s(sB38VR3n@ zy>Zh;TJhq5m&R*=Z;XK5Lwb>gw#*BT$YqvvWBHbd&2`B+TkgOc?3wt3`_x^e&b=ZF z_o8Mdq*O|MYr3>}+y0?JR_pC`f(>l$RkKQ~`9yv?f$a-@wpq29zJ)5a6>%>FBSM}7 z+Y!Dd%^XYdSn`1tyR~7HjUiAhoA;}|o8#WI^dT@g_KZ>m^7hxLopKBXVD&R5*Q47a zdTZ{`dRUPA=Gm@N#{Sy=qzgDifd?jlFJaLdH^=?Q7?pn$l2vb`Y% z{>a_A{SV0C4IV=~8ZySUP0i(~X%@Jnfi&g{e>BynO^7Lk;>EQW&$oj%60Q|B7 zjD{SX5kw~Qbt@DnT530SEAFFOu1oNn6N=vN;AS`F0Au#5I}x6OS%VSQpV)*9{b4R< z*RM)w!L-Kx;5vCI5Fs8DhwbC(^h%@HW%VeT&;IQj48ro}fmVXqskHNqui(=yL)o+7 zrSi65m_xbH=4hvV4~P`706(Gf`E{rg;6m@?%CRD_sHw1R6*vZFO)zI)FN_BZ`Ttrhl!f%>U5oU0d)Sp2RobMd_YvwXC4ERKS%A-wp29AIE3()$Z3aL_XsH zq~gD@)#{ei)#9k}H6N`Gnw)K=-)G0J{M@Ic_eQYbSJ3q#ZtmK))+F(#YY3XSa(-2s z19C4m0k#S9+i3d0d}+MH2d!GG)NO~=?U9pqV$=teh6`H9K2kU?C?O${5_#pf;Gk?4 z_l#KQcz==h!`93V)mKxv59hm_DVAj|%MAD*){Vx5 zcHhGAO^M-6g&I#ZzIHnzz|w5oc=Q%YOxoUYaB!7!|`@Ml*pNGOtv{m_r(v!OuH2Yvy|*h+V7b1_5fO40s?^t4-4~jPinewr9OiFasuc3(7=Z0N(jpEmhR3O!%IHUT1mtG%%}a zsI-pqou*XP$HdSfwdx)1tHkXNZK5x2ba*5wQ%}@PHB6vSchD*G%pikoUdyXC5L0$Gtw1K4_bGf1pm$AxPa;=OvGQlp*-H1uJ z+D?AhnzW6ZUnD)VJvNt6hk(q|jWGOZ!wSakxdR~H&2hc`fiX0Y8DupeDKQEYs(@(Q za$k18#oQQUJMC{oBet#a%i!g&g|W%UHjsjEx9o*1mw=_;>#8kNfG6Y*`zDf#=C_w|LZ(qvudw>PoS zlCX|_pDOMSt)RBDi;60Z7#EM z`nuLF&8J(IwT_2^xR>{b4pbu~tq{wYdgn|t^&4IJ2hR;blCm{Pczk9STi-gKN(bLx z*b99t)E7~=C=LAB?00lfuT-Xr4e@JJBZ=27mG zZocELhf>4xGNRWrRpikMA|0HH`3Jc z@NC8>Znsgh?RSShx^H$BmJYpUXTmlyZWFT)zBF?9chm*lEYH{M?yYh?eKkrA`f8D9 zB(td^|1#A0l~`n`G?KMNIo>)c9UG{_nd`V(NVN;{WV%WssZ3+YBu<<9-K8}w?`0JC zj(BqL!!#L-hIIZLL4%a6ZeZ8zc&P}=v}`Oz4Zhz*W3~HcT;}D$K}nl%eP(g19*%T< z*{0m4cH?-8^aoHyjpCPqF+jV}5vAHPiG)tHBlHNTj5g@-6 zQ#d}O&{7I#``q|plwulESb_Gn1f+EOHNbU2P(?HueC9iX8m35*&~h@c`|j!B7D>*I z-|Zm_zDUbMkEYA~NFTIRi)bGM*#XFxM?6Bn)Di?8EE^m65c zFS-4>KOe5xvqQd?{8V=+y#Yd30+8oBIDYIyAitd*%-BqRQ*nFyBfcr675Bm+K>8Xb z0;RR3n!hoF&!%}-+TM#Ok0znt<7m&(qw9>2DqLCyD!C6l%>IQesi+m@X5XQ+a>Ib` zO!7@Kw$AIWMsG=gR1ML%Uq`MrVtYIa0(}4$Y!mV?W-_IZdT_J%W?#A~EJSUh>DRx+ zU(dUUT~Atub7Fu6ADL@7B{TMNp^Huf)R&y4U$>2~^KMh?QleVRaU^5fQ9zaM{23T7 zomx-D_q>n%nlkvAjPWQFmb^}>ElXR{G2h>6d%264A>jxbqz2LkZAG)UGC0xCV`$xy z^YK0|#viPO^TB62?4$6X`D`a` zqJ}EA#gCGgSI}M80Kd-L=U=nD=Vc?ST3uIVY!#MI zl$^J6;2I`GP`BdUGv`5ZwKl-H|~vx583w;?yHBpzwW}2@wdmo9w7IYfC3B`GHDfEUxF5K=Z6SA4Ty2i@!b5rc%;$&KaL>Xeo@vpmRH;D*skBl9yO+8J0N9kZ z76ERxm$upJQFu}aHUY2Km}}4Fu%1`9khE>7dVG)2k-_|aJc6NE54n|*Z$lNn{t0%l zA1)nTS&fF8eTFtCXkTOg8|1K?rJ-ALG zjyKHdyLBa06j?``0(6d+HE$FzbLG*E1Dxibr^zv>u)K{LbW69?)e{FP|7d+VvUuxr6gd3|8RDPpgil41-l(;Z~Yot5LGD0J|-55G*)C;x47 zfQ_YlqGyr>wtYIXH7J|mE4GMZs4OK^c9#y1$t=EoPy^f1F9XdHq7=!PwqDc}8o;37 z{!3A%P+_^hOw`Ws4-@9aRt@XLG->qozok^rVh$ z8RhgNYqq4iQE*6hL#WUqJ+c8R;(Nwo-`J>0k3wDl@BG$^v~3nOl0o@h#MvpUA7vN% z%GN-rSq7~)P8U!Zqe8kU?xe9|a6?D%CVR0sb4a|xy4Oz2>$9EK6bV99rKcw}U&@q9 zGc{rRjTd6F^e6lS77fKe0Ei$7QX0gu5KW*1@Sg_mchK~Ct$x9-F_08_=^1CF<}uKx zJ3BRA8vB{KKEuoDv^=aV2BzNRO{ms)p?N7*_FP7DyMAXrLyp|Ra~tcV&2%K^&^?f- zHnckh5^vZoxOVQUOx3#2{*s&K1&ooa4vXAJ+zr#e1r0cTCWcQ|dgBQsf zn#HHMJ)~lm-i4=M>9sceg2VR_+-c12sZSSZ(78d?b9!r8K z%&TWn1X>j8E%5gjJceMPMXWWA*GLBLNe-)A{~(=a5faaa^M0hws^f^NYD(=lSAp@t z>Un&}*mqG60QXSD96Q+$qXEsGN6pGJ|_BstXRLHR467wkOyGImB=_0-06gn+~&aV_gs z`)eva^zz|R=hu5MP>Jq7z>e49q5<%_sa2$Z4oOp)HdpbB@- zeHs9BCr+whgYFk*1+40o0=$ToQEUm;qXPq@o(`sQc%QYOrZJD6`4b^t+Y9A%#`T9V zTEfo4&UMTKjcOkW)!Bd6^*2@&;1=%8)~WS$WOm(1GWLxdRZk5d@IIPZKC`gvV8JS? znDT5tQLPy~9lU=k{8_jmtB@CEbFPi7r#4HjN(?lIEs)y@VmBRfIDy4oALRZ1#dv zfFW`8WX|H(WiX(I-bS3Z-mFr+&=tqo+L;owg@u_0bFJfzR&rKuxC}RkwR9A}Ti0Z= zjQ)w=vs@ArBMDOW>DzsT*sR^tbC|xsmZW0bt~i%(-%=gH?*J-FohR=6%QJVAkaKUv z>)v-XzAJrs`ZiH>T(2!Gj7p47ot|+@*ja1hfwOy}_)><#^IZ=DCNoqnz6A|`vR(pi zdd3jWtBCvS*GHWn5H2aCxfrLlzi}Tjeg;8KOFsDIMS{Ul*bv=7->l~IsnWdUQj@ZQ zNT;`{4LZ3#DgwGP5}Kv$Q>Btes-kPP(oj;IKr%|(F^z?~MTP^E?B5lbr|UOX{8_wm zIk<@HqJ#s0)OnF2+gNRp=9jXLmNQziBte)?4`dl@BdS8bzNYVpbjHutJbLB@8!-$$ z48-L$YkYVzz9$xxZ}!^QE^FEfvP9*`2Hu-C%+=W|=VS-*Ex$b*+rsVob27yZSTAM>u-mM;?TDbD&d* z$EMr&37~q55yd$wgKm6vD)ib2bOPklCQgn6d7}z|PEaYNnKL|^_Bw^TZlj?vFbwt8 zd>AtaU?>8x@s_+-0t4x$Id<_fD4;w*l?s!Vt%!7An?NX)$wDboK^)XOHrM<`fmh4F z5iLJGOKlTB5MCrOKNDio7AD48;OW?|p+Whpi&xJv`aQ{nd6-7xOtuGND>MuFO7$~A zts*n&up^bcz#AC}(bv98K)G_%t|BYe9MF zr@d+Fk`f>;7K9OvM@~|5l8mOUM%DnA3^}fO5FoWF+o{$e@Cw0@t$A&#?<=EcS(10T z9tefccs;i$PNWJEWVMM99{K^=!9mO#%u?Lc-Ho1qn7~2AYo;+jdW5+19Cu`2Mfpd1 zmUvqrO~i_4PMZj9qR|Tw6{c~D=c$OpsPSDNS4=BQryoSgJ>Z?97eAzdhSx4`4X}Cn zWO*h~Dah9@>u0kB&!Dhh_FBZi&8iQ_^cV9hrh{=hD%IHMT2xL_pqm)Hnk0OyS(QW9 z*(s2~mBBqhmxATny2?K3a9qT^XO(2o;v(RAI4cyZIU|F>UP@?l7{(-?=8p)O9Jg%H zz@|yR5>?6V&6Yl9_aW#KJ(~y?<^|Sk_0D_Q1Nd=W3{csoWWKHpoP2Bxv^IVgIar|E zp+}@R3Nc>)ftCFjr1%MyP2zWw6_~?l$!T@_5tuArFIP=mmNHU4PO!Vwx+bYarW$r7 zS_8}gO!1oMebK@SN@I=~6?wv<)m$HXT%UfZ=*;NAUusBsG3dasDm*_&v%5w#*&Asr zugj`{etN}d5m-h@+vkmm*>^NJn}}?UGIY!Tp*0ZMmtQf3$oI@~>=TbWl4ihyH9Zs= z!(SSm?+BOCjs)!H$=XZ5&AAeUsbiaC+Pa7zDFMHdnh^K4$4blj;L$9` zGst#6L63s)LT9W3(x-c{i8+j`O&e}x&Sh}q(o6X&57#0JF5#V}Z;q-&j7MsibpHy# zteL?j=1y`l92U>lnL~fTBIkRx?>^@XPzOxpiI}XiFoMi&-p*8vNPR~2{(9Zq9=6E2 z2OQ%_b&|-1Ia!GoZNk2pl(1B5nc9+_GAJiqB6)eAXq17UZZwCVMAdu@ z25b7^oz=nvWIjPwUMO`tKgU@Eo5}eqfXUo;b2hx8B0H*@Zz_7&W*=<`(Bu3{`$}kx zn@lZAK*RBM_Bw5jW$c}5UJxI`GgY8>8hh~UG3h`^j|lHzThAM~c-)w{y5K3P&=@P% zu0f-()Hz>|;2xL5rQ1@aNDxyb%}qrp^5I6T4D{f0P&M|6D{xB5(mZ^{-$@!)P;G~* zXHRx$`C6Cq&eN?QEMF*CWVYm&kHOp20_Y|o38Rp+a@JPBd(LoS*jn7iKEaOUj#VEF zE;A_c3~RTS1A=NKW1FJL#W&rrS?POMG$L<{y_0ja%6Ryx`w3}q5Z)V9JF=9Tn!RNg zGk0BTqDshJXK*+dLTZ}Q3C1egX%i|#Wwf~W;!Kly4Q=Z4m7Z?&4vcziCCv)+L`l#G zLCANuVvTpYiL}^%d(&GecYsbr;ABreyEIYijd-5*uA2`v8yNCT1cs=6o#p_2tJ*hp zaR~V`N&f6AQsO;UJL_VB96n;6O3pj2Xu3UkbRj?s3y+;2aPb7v2S6qA5523!!!h-oNQXE*5IJqD+njqZd~1ITYMeGm zP9Qy;Q!s4SD0m$59GHZ@x0+{*&u`o-{q@ZgOqapVdcHhuzp5q>v61dLDF{?3;&v?85l< zHJ0C5@O#-LkXCx$hc#3R+}loWMP3ar&*%~@`;0!|oiLcUWq;gk*Swu(qg8fD1YkXn zguRsrsk?Y?97`ncO$VL9L1U^4bgNCIvd5IL=QdQ+GlliE0#?s#lCDJC_e*juRx{7Q z;(Pk-yy$Xp{kaP-H*4FQ%eT}9X4`^RBW9dHL88QDgQUb_5FBm>*{*ZlG2m5lzXU2l zMogMA```5H;$^2dJ|icv;LJq>m*BBMX0P7w$2mEnFW4o#hva#KxkWl-eG@`9YdwID%#pIaVp^WF&f_TPDe~v{+cA9EGuT4=v2k2{ zp6>c~vkaR%>Y7#i!pnywz3@M1^Zw4H+KI}VjC2QnMFwHx6( zpzlX&aS9&lc_Hg>3Vv?*^YcNAeM0~`HjvRh-!Ht30WYY#vM9a(PEJ$T9U0X_B}cyp z`Gl`XnD8Zg!nj#ZT{H={U2}Cw+6ho6ekOFK2k4>lQH&?~?B|2aq0kj(R44FQfxP8) zR@1q9BU<6JI_Q5gGK{XBEbQSqBgU;Ti zJ$1q!uA4y141b@C&FEe(SM0UrWf@mC68IW- zHl>xp%&fqCS^X)`HBzdz-C0ayeht_Wj#sY=ecq9<3&-Uj{e{gpy`_X1mLInsLaNk0 z1Mp)(*`j5^A3dt@mBixR&t)Qbz8r&@TfTLj?Q|{-O8GMu(98Fpp*p4w9F|%E*jf~g z+V?C{$UQBgmQ0$?m1tI73$CPY zztIvX2XN81OOKp(`F{J1_<~Af1aKN#S6E7Ybg~pFMq-?74{;Hsi}%E5yfo{pB!m&kNyX@%0!}- zXg8OV$2%qsb$xYR)y9?LQd1JM zE@+&T9>Qb;I+yYpwBcq-Vc10?u;me;rO-yH&?_F|KA38W72tZU$vB8+nL9zu&jg%= z>%$0Q5Q{GvuW!$>O0;RKtZO}r$c!I9fP(CLna-e@aVro!!||VRny7w-%Df1R>WJ3n zaXP|0agVoe)x{x)0x4=n2l!EVgq|Xh-3{2+m@W_S=M=U{Z-B2pG0x9B-xD`z`x*RX z-66H0L;R@KW7F$9fNb{hB^(Y@xdLkRzffEx)hED&%v{0ifu*Yn)!Al&mEiejKtgiS z+5NJsT%;V{!%9BiAv+s`LXEL~_uhSH_3Wy@+#%94JN_rTmO9mxQ_W-NWW-kIJ5t^2wG%cs1zNmI= zcNr)QeGqT(gfz1CTljEIs9|60{xb>kH;&WtCWEpIL~CBnB0<1B!<;?d-zFUGw+TP0 zNtM)mH?sw{$BlDekzY4V5{$Kly~vqJ$q|ox>?m|V?O-wdB~dNk4v3Lmide>m2Gl zhWIKj?hSjum6R#Jrr!Ol=H8xg+fuOSwApuiqwKk)$G<{Rp?JYWav9e0rs&G-?J+>c$PeZ% zRb^mrLi7IAUisUlD)tz>(E7rk2+r^e+~(4mwmxZ6;+3P<72h$P;Ge%_<~KMS z03C~kyDlO}a;8Ewc0FhT5OOUXFtW8yGEXFHT4IcnKs>IyEJim;bxQ}A)<-Pwo$%>0 zo>boICsfdVL}4b((YA7DNSx5Lk*m4@yNG<0gx6+%vlvc$*{g+)*wsQ_0KJcnAw@?x z@*QfT^bU{zXkbFb-88?y(S1%I-BLmp6y>HY4gxjMN0liN2FboUl#T2oTJ*&tlKL21 zbj~yGs8Ui@HXH7w)Y}k1E{c+`N-cFA!GJEziqfv|9+0eaj~QU8bYWWKj(Dp)G+aoF zabb}szYl5oX$F1K_+m_fOV6>|6>8}oPZV37?CktZHrLhMr#xR*q86a!=EfG zvB25tOvTMZgDIn}rsfk3+(QMA;>>mh;Fl6c1RF9fZ%FSm=1 z`_5F$P2>~e<$1>kn9GrsTcCg7MNg8efN*i)unbsM9`@{1H=tqQW$oYD;Lg@$!?L09}zC?3)JQ`IoF(tQ&zo% zb2*VyFseD4H+ez`qNF)mjni`XY;1Z8O%-7TWa0jp=jwWg}rp74@s&H-WYjtGkx4=qc7CJ-Uh)v!Q&p|}LKljtMA!0tB|I#x- zNvf~jUad|mSJ}c6lA1HIqkh7ouyWy{ue=r7(*C9LH^$+E(G8Y_X558xWuES(LZ46C zHzLw2@p&XQrx!9?z6EHFb;mT0=cjGp#Ozby@YzT<6HEb+&Kt0~rEn>O*sPCJmZU0* z370+z2J{WGT9dGGV%^|GVawO4Pn$cG1#jQ!Lz!=qQL!9U#EsMXq(mtHT<9{36q!Lv zFL{C+MsQ#pqdR~8symUdgJo6O z732<;YpH6x`x}X-gn#2r(obc6wEB31l-c+%ePz^*w1i|E7Kk4q`c>$ex`dxyX;(~e zjI~L>hNYUv4L>B_OcZSmY=WTU`vGt~JF`q%oiTQ=@lO#^pTCDolbPImxJ(Z6f5yx! zUsby}wg$j*dmD%d4=x|8lO6s6pL-*Jg9#e+Vx-!8Nzb{6_;4Zb^XZ_AiLJp#uY~F8 zqPSUaYCYfLa`)o8;jrU4kf4|SL}LD1SxbK_tNJwJnEI?I@Mb!X<2le#ecy^J@ES1lr>_D2 zE5m*xD}0xn&d!Hv%$(!FZ(jcO2>>+r=GD!Mjk;hk+!Lqo7|F_*`4<-F-(UA362M>r zh#Qb8V*c|Z1V_~Yy};krO~L(pNysl8f<(ZQY()dH|GuQ#znA2g(b;n+jd^c8jO5?H z^6!UVzrI25eD$Jd>Zgh{mgIbc@xN~Ey=cH6=l-s-tieaPmHDgHe?Vj<-}sx|I=Y}Y zl##~DhHnV|{zVZt%Z^y*AB_UgYc*qE#{Rydh-Wt#F}a5JYAyijI{Z}?{r7SB6Lw9> z>IVMRvdJ|X3t*9+Xh-q?9r_t4eX})JAzE2OU~A@0Z&?1mBKDiD5oFXD*{XhouUl(d z-23;txzVF**+$-ME!~SIZw`RLIqkjS`}-G(16$+Jp%=I)P?T#ysC9m+6QCZLk-!8X zPlVmRb$^$$&NHQ)*W3>0*0%A%Yr}DV)mw3WgHvCn{c4=agjgf-xl2_en;MU_3hz?5P~_0v#Zu| zV})3^2>?izZ#hPrLlG?|n{TEA_i9N*F!KCE{_FZh0I5#$ZL#P-75o5=I&`h8gw$#C!c~(?&0DV;E_d zPBxWpc!uD$!yDt}BE;pngRz+qBSoaIy*}MP zFE|>9{tdn51kCt$5FEG!3!rEMAZW$Zf5eSbv|_lXS&hPJ(y0G8-}(P0_`FvR&+=bf z0PjWre+Ht{v<9pGvvOZoJ(xR4B3J*e64%O24cJO%KAW$9hb&(||6k65zuEg+DF2r^ z2mUMSzZkCnJ-viIKuAEK`0ziGTcl&0Ukv9i>k=PS3;*$o=uT=QR8$mRYcsRTus;5Gln zXgKcQ!mR5bpa=pYq<;?Qu9xs(9&n2^Jt6;L+aL+Rt^|>M$^8#zM-lkg&H3wppgN%h zqCC(*tSah1ugnejxV?mm=Fe~9-!Da!@S5r*{pVN4e-=nP9zb=HOv>1iPT!b(w#ra|x3KWC{Pqo`d<%EBmjg{}w~F{a4g~KOz4;)qgXF z{})d6*JmF9KI(X_GG1=AJatY2Mpc<6+&5pXo`uE4m;%!%3@>%6elUaUnOXAG3L6%<)tp!L!kqI(e4|>cpV)M-)n0C`QGa8B+2p z6?zvk(+RvT3g$@#nkVHW&bXAIVt<^fuPD^f7yE{V5hf~|D>w*59R~ehtR#ifn>+C~ zphCz?s&K2z+7z6&*O-y}EtC|Eu+eC3fnuwb2+0NE2P#OGCp@bl82=;UJ2@0Z%fs!& zA`bv$J%P{%!GGK98)srqGn3y=$Qo;_o_|`R)A6I-;fp8$SC*Tj?Ml?to>Di~{IXy| zF6XCZ>Z1lQyYTN*BmSooy#A_4|L;8G<#r)wrWeO|hm2?_U(Fg}wB^cOC?UNDu{$`e zDw-@`Y_j#-Yy0KU(Rg(`m_gJWlvD@ zDwrh8y=*lLm;;n$4;&qUASBD6C2&DAcO-kN(k^4PNZ$w4V3P!N*#(2@Ov+Bq3L834 z57rFmX3_urLO9-wR-@w+zYnC0ru^Wz;s=nO_0s?EV_Lsts4fQw1v{MW})*f;#BKLum}_sI&S(mcK+qqe_j_5RC`aB=yj5Dsd9 z{N__p$DS&jEKeo7VAN`lKipt`!I}#S3W5znudIhO*I-UVZ!DWW9Y{rMuRJzdQO|i} ztkR-YuU4Y|Zjg7hd7y~Uj)3vp^7c{dR!7(FLPrsYZ0o(Rf2K8J$M_l~ic|9bX&c5L z3X@)wX-!k2M{ij++3hBF8gKAz`v{!pT~p#-V>5Z0Wm9(=&R?K)kX=$AL7>iq0%~o4 zU0~9s6~4->UER#AT~58r`{d6tl#J>1_P%mbA=FP%`ZLJ^jwXn17xxFr3Tj@%-p zXEDAUAYE>=N=c(YfQW{vb8Beq^^oD{W7X-d{6U?Kv4rYX^Vf^Bk`2bzUM0m3{uC0o zsolIfM(Ao1a6nF$IbtOV=L+^S~hM<685pY2vy z$o0XKk>-iaSx5gWD=SSG_RX(m|<_SIN+kW{K)M-@@;<)$rAU)#E5#%#?}K2XBAi+)X-xG7=mQ!<*OwywW7Nc1kli~R{Ebu z{!z`i7Qy%H{dq6`gDrdGcxj?-v!Pxg*GxBRo}FaF@3g6t&e^a(8+6^*%BW0coHTOA zjI@Z|Te{F0%3kvP_xgc&-2c_JU}I6|MHLt{IYxWyWw4RU@X+)pijKk3kWs2J;L!yE#_n6ArK{PyE^1dy2>v|ZZo+OiQO;TcXz|VCxhDIQ9J&=tu1ynS|2*;jpM8q{ zwQ`{|Jvp=Y`>nGRD-J7~Dj(sFR#66#uM}1nV2}j_!D0oN=wntS4IpEUY#r)7x-XhM zo+AguhM;oE4B9N`4f#m}G_8G#s5D?0Y8I%(^BF7uG(aPjK)`hQTsE4S9RP9%3MU>w zftHkqi-`_B*Gy5|6_Y$e-=-h+hkh>~x3MGv$gv<-b1r)uywhL7w+$m@>Ipp#>c5wk zV11EG;vcNtI~->>F!{N8&9Wg(bm(-nA&@1k`*teYf3u%F(Sy~&F4mfL z3lf{Y-hm1xgl*AQS;xi?eUa`&^ZKhxj}p7NpG8LNOx~gZPflm~czIy+>23!b;)0Y< z_f)?c-S})nr9Bp^(gQic}R@KJL zI`N;}4rauPA7&3;&ip_V=}I=|u^I`3?XgKWmNfX6QPgFTn| zQ8^oU+ax>5#d)x5ty`cAVET??QR~QccNEzYbm$dBO8^)p;&7V$jO8ZFi|qM$uz&20Q5YT zRebcqMWZ5Udg1QXY)A0oVzH%cxG*Ri3vgVH<^j}*Vz;E~!ytv1KsR8D$uIAdG`_Dt z?4V{pp9yfbH$s81N)8CGU{1r7duO}G&&poe#1J9&)iz?l5QeZ50K%QXI}PVczFl^(g)Q_vkS zw^>n+dVVfJJ8e9`FT}+~CUA2_r|`J8QojN$vYK0BbSzq*99$H{Hn_RDEdmo$*;P_J z`^^%yd560hZI*Fbnl3xp?{$e3tCKD&4e{5 zaW_9aLyBk&94}Dt^aTY~*4rV#$#Ypu419G*m1B#{hZ`vMkS!63=db9yue`|6=0#?8 zId4jeBOf^|U?rj?a9a+29SAIZWaNxbsZ?Sj&*_FBwYhqbAstuPa9OSNw1G;+mjev( zI?=0wZ(sD1vu#ZS>?%zU`C08+UM#JbbXGeRgYQ#cs^z?CIR|L!7j&(ZZU9>L}r#2nD+p#}-6!8H50%=-tbIdgPpj)6WNo1ateSX=I>-$3y@}ca0_k#-QUZC#q*EfA$P>8b*m_%d#`=#t@=0dTcD!$W z=%);m6$hEK%c<4307R8e3cEMik`J8}VXWeDQ!0g|9L=RxaSd-{msu(}pWCFo=mRMC zg$&qfi{(@}xP53U-;M~mOj`rk&EU@Wdfk~oKlbD;0LM0JbczE|NZK~auTy@)l-;;r zU8Izz{ACf<3c5C$6Nm|I)g47C>Dz3Pf&Q!OV{qV%6A0`_i1& zhO%-m(kquMrVUsnC@hPk$LAZAF5V_pOKBsH9q6~7)9qY7#afRX1UyPr{dl^hY{|vp z#yTZBQx`C37*7}0Ha$MF$73_mZ1u(vujJh?@z%vq5nNl9;!%sd{LZ1FG25oo2PQia zEmBT0nOD^;HEeP}*astJ0{UfbJRMa^(F1md<+#A&oQr*2p8|#luNyxN zrjUf0W&Q=)IuZZ++h{AvC*JAmbn~fN?>P3R>IIOJX!JXR80qApe3+BT9Hz;yLN}8k zSg?uH=V8UQme!Vo=E&*Y1-DH>erOOOL4FXqVXL^?BAQ42Z0Gv|-8^rCpG>i*2fJ&< z1FTxlEuE9Scv*BzppXljQJD9rRmnM*bAMReiQ%OU3X)hbNzElbI zaJ%LFnwAO<4aRTM$*Gxl`k_s~6;UCO4l#1nk z#Q2Wv!VVdmFxlZlNa1>#lZ{C_{IHH%*JI<63v61FC@xbrrqcSV2S6Mwb*IJn+L$J8 zx=2GV_yDFzGE171jH(I#t7%81{G{E5*GAc}#O&#V2a7#|Ys_@JCtjyfR}}#3S(o5R zGoGEKwimn5#y+wu&F`|+OyF@T|4Q8u`?cRAp3q(2AY{?zr>m@4hs&mw%5Gq$h6U{C-V z%`jyvX}GZ85Vm+ z0QEFpqT6n6kMtP3=90f6T~kx*VBE$u+4!O0_V+v1Un_ArogOsf#R+lhx}C1DmMW!`f zhU;qRx@E=*94)m?Ltc_QDG07mGg)lRxJW`4lIMJ|r+5{C5mL*DP~3EzYI8a2`s5_s zmQ!6|!WV`Xp{sMd#`f1&6;HgZ0*L@ttFA=%)f}5>>F3E)Duk?>Z#Rp28sa#Am~I^( zYwhT5Wo(RU@; zbKa117smahBN*p2q^3{DQJ(JUDqZeeK$w$lCId+ zSToU~ydL=Cb5TT~RHuY5tFtfZ50GLMH9aiYU{WiQgt53~!C6lPD30r7BNO@V~LiIr7Nq(8S!fFE(%hIQEFGo2s zrp4Fj{T+6W+XouswTG*Dn=M+=@^BLT3O_Q>UM|Km+L@Tah;BcBBuh45N z!6M^Vn5_HC5r=|s6}pnShXV2P`7q3hVK)DMP+e(w-J`MS;xL!Iei3p#klq_v?n4|4d})=_`W$|dfQm|U@R_}4R!WUO#@B)^vS=xFXHczaIVmUDy zK<$1@ir8jxeV`*h!FG;}L!>9pnuQ$bHU$^*|rvc$>-DYr=FCD@zH+$4+P zeo*td;L`MMi&qGhr)hF`ni;YaSMR~?&&jQ)@(bVK+8eP`cBCvNd+<;mn>{bwr%QH? zaLCGKGl~C1Na{T0Mr0Z16RJK8hh%>rlR#^gG8fi#LS1fmrH5_)y|dY$oqkWw%O zMy)0I8z+BE?bry4LgB2V2ze~bY~Pv9wyL3`>=*iYB}*%C?RaMnQ*LQs;Fi2!WGszX z)|M|3A)+5k5&*XgHyL?GuCzSATG)O_CDw(OKjE(25HzVO7eIISo{m1G?1!4;H;ux2 z>x{L;$4sB_=svsr$PUeBL%{VSV)ru3m}^cJ*%i)rTMyRO3a!~)FRPXk2@)hKie@BJ zT)k~H`8QPD?t#66Yo@44fHA{+sOeehLQ(qZ!U$X(gaZGHk;A%OD<4lan&s5fkZ zG7KLaA0YsiSGu!HzUOZWvyWgcU|C5+^44b56j!o6uc;qdshjz4R++vqcKa{ zrF%_Fg-h@DF^2$vZggH{xia~hj(5;65M z4&WZ`Kg`9}KE3tyKFPS*XT1BT-?Ku?gYz>Jyr&eW+|H~ulI8Og61@&5E55`0&Nl0Y zyIj#1|K&M=xh2q^l8ajJGR*OrEShrji$bR;i%K)QWV{L^eV&W6;PNZg=i{Z!W;llp zJ-o5nt@%v1sDXhk4r<9cY9-z!^YJEoJ1S3}Snm|R%Q{HCcVEkJx)CeTCUE@7+cSs< ziW{|rys|E`G5b8~5c=Br{+_Kc*wb8OJyhG0x*qi<5E<~=%J+ufsxVVdb{dXYVqX0e ztYc_;JijG!xa^4|el)B3?%S9ljdO#Lp`%<&J3Pz+lIGxn3&om304JfDvwo@cGPLhqDbl zAHRw6kIAfb$;&VZ7md8QxSjWyy7>H*$JU14{(J@{f14_FVEH`C{A|DKyTaYeI#GN! z{3t)AEN>ZDWbb3reeo9-`wuoHRly)2fXZK{|EV~xG_5*~wP#-5n(Pq|QFl~vo&V+6 z6*L5Af9!ctwl$~$X2+g@Lbu)4!;sUNA|4%%%(^1=z7asg`E%%0?;C z;<)tAG#2>dJ|g#6?|W-ES$+=_mnnhQ_E%QXb^ay|vL2TM%}Yx68e*V=ru0#WGdW3> zFgO}G-xSwG-=F~R<4eMOvLW5~*l_O%Zq-*l$t&68pohC6xl8^gFWXRku+{Rp_m45~ zCTofhSL)=qY_ARHN-V4c3^~b^;qp3;@QuMf{pPaCXG*j^${>>J-gC$*ykG48`QQoT zbh0pj7X0ZYiflDUt;<-}rFp!coO2|Py1?$(R)#9fV}4-ar2~wdtqaOHvJwhXqa}ZY z5DfUy5XTsquNiJ?q(*yNM(ncn6Idhv`@qktz1>cyrr{BGIY?cFrAps@5>4(a?6bm; z`9Z7~OEV%K8NM7F(cifix}C}u7o;O(obd($#?9;)nTn}BvJ3YSd@o_RKUdW*-sd0m_EB4?Q)<;C7rjDxxL0t}!W z!R|*R^Q1T6(AC;DT+kj!6;`j_9RcIF&PKOm8RL2sG;B`$mG1Vv1kK8J0OaaT4+T2q z!APGsSqmcP+g=}3HVm^x4~nx^NNQg@-pBKf6!kf3SJ`}L?R7BdgLSNrUN6^Xu&Tmz z_z_j8*|y3F#!0M*mbN|@DpIb_GWR2J^{~BvvD|J>H%VH{ZVtG52NMr#tA7f3e!TIlIWo!sE5W-ImrQHs*;< zW#7pj`q?Z~9;X-gP=~QH+X#Tl2N*l5V$M!;&EbtRYlU9Lo}WU1^Hq@b>HS~A=aca(a4MMzw%UU=H|;-Jm00Y@lG4WK8A z=tldb>M_>MMTf4dsHoAAggnVC2;$B9>?NvXg>qA#Bq4?7N%jE?k6C^a2w$n)N}bzU zIKxlFN!<R_sG0 z!E_26FcgM`kRpvrJuE}BPUclxxIaBpjAmmH##ZfKNY!2l18Ta{Cg85!$INX~B${LL z8}f-IUs$q)iD6v!%0{U_k9q}(VWq21+$`-jFfJg!uSd^_od)~HFc9CLms3YRwgRcp zCf96yq$4qtUQfgy^mArs=CIN4sX@0;Ma}qNjYg0E71sv(&{e06X*2$YCq!?bAwxy-|EcTa9V z1@#!^KVI<>9$A?y!R`|u-E-DYYh6#5=}X&FJ|r!)yc9?dX>Zl)y?B4rx{5S!q^P?q zjpntzCmtJuD)Rco1wX}PJ5`L`Ys`W$pl}#ZQP3vYYmqpmlOj@534g3jHO*?It;}Yy z{jKlAtI)(Vjezy)^+0YLOcNu&$z}J~#>f@_^PGUO>6$GP0je4B4x<*m$I-=u#qOFW z(^?5EO)oZ(p+-hmk1W%hDHC5V^7$q?^|$(I(npLYR}Zf+J!8h~*~(Rh)+v(2vaA8%;pGz8DE;EW z*E>+=DppUtAF(r0(o?PW+-m}$j+){V(KrQ;C>itzhC{mV3Io1>DA#TibCM(_qk)kw~rs+d-UnahufbUbsd8X+98B4!<KS>P?vgke zKbz@e{c%twdL?|=Y44D^wotWO7;pvVd8Zq2DbIz|&o(|gy5IJIv#Dt7>L;(tq{<|c z6AAo#;gJ&R=;Y!=I-OgbcXbewbBG2h`bImcrXe4=;v>!-==dyC%VJdrtgoXT#0r-h zuV|<{w`kbVYyrT#+=L%g~rE$u@r3YT&~G<<;tX zRPS|JDG~IpFwfkF|6D`)%lJY^OpW=)9GiFo7Ul(-=Q47FZ+;2;lRC+-eUN~+l|v>= zt4hbi0+p`Ec-$-21)*?{&AJ}-Ut2~Hr>hH-soLxao5LuP)9@#qVqS&k>x&77i}EdU zE={&&UNJdxCGvc8mfwFehtZ)^yuWoPpU_`iY4PmcfdI}>VKlUmJG5H)m|&d6*TVBb z1(h13Xupf4ra3FU$IR{V_1*TLCNU7=dgD(};fw0E^@GXj3zcDLq0M2=vX&zEu$ICg%q4KElDwbGWjM-^yp4jN1N^V!badDEH*Wf*4Q&eyG+jk2`=cOwAafReD?n;N_ z(iUCh$>@d8-}MJ1b@D2j=?r~sA2b==J+&s`OK+2_sxFROqH4(FZn%1RY#&lFzBlb$ z;~B@3F%~?wl7i;Labd-Ol|BFwz=?Eg>=YujQj#*gv=+(X7>#SVbLT+p5py-VlG=8o zGd>@xQSQBDdjB|{4Sr6~X8)Pige1MncWG5#-RqxDRJC81WeHz6`o_7o5IiXKlYeTR z;0;;RUXn=Xyjm20*Z|f)3t#3&eQUu%2*y_jm=kvj4gq%fy9QJ0elVb(^7%=+pmHqE z-iI(c3wTyYFM&Hs(56g5S%zc1rSz!axj&UoZ=9l7oQM<&T=znchG}8J%Szf!c z$g?<1M3!9LkQudQl*F+AW*7C9nJDXIt+jbT!y*N}EVGPKbgk6rEt9#e+ zTbt7dgNqj}2V$d_89|-cbX=DYa@FH4vVEi2%R}K<)?nlM&f3heZ-!7XI-*u$pA3tK z{)wRLw-pOZ1Wc>yhcj7KetS5v%jL-;kc_b1b?4D@y*xoJj~gc))l^FuQq~&lIxOaD zUN1@;LPQ0ZX^z2_ruW|@Em~4{9NS+P19$LfD`UQJv+r{Q2#YaGDYa4+2FxX{(@?hQ z?0Y&K`N)3b<=^zAz5Kw_2y&Z}o zO?ripVH6HMZ5`*omGWa(b>b>vbNKCRt!JK;)mcP@K4V^<%p}Klw68$QzQ-; z=IH32>h@9fot~7yN%)=Mh@9OJFs;x>WK)r%mqn1S6FQqxP=&CsxDFG#hl5)o(rMf8 zkt&i9<#t+MT$EQOB~f~9)_d^EMu!^u=wBByJG2i)Twgj3c8muq5y4yAU1|mGnv6(! z2ApcmCm4<@^V{q*U?RHFT`5KVtT|9eWzf(dY8Lw$NLq6zs;pIZny|Fi7c0dVng4dI zBvv6aac$MqCB*|Jz6BG7rvT?8bvz9(=Y^qw1RNzO2dXmo9j`|N&rI`Nbn)o%72%nQ z&YTT-sP@4hChXD-D*vjI;ux4Od;7M5_{Hu6ONeaV^#@}G8`BGqtu^ch;+ru#yvv0- zTcz114h0$GE#&Ef)-XPRgwY@+fP_8OF8-7W9Z4vxc34)a(DA{O<|kLkX3H6KGM)-N zlB7DSEXAc$`-lBI3*oiGb6verGBusUx{d?S?jkv7CHEa?M3`VhV~2Z>T)|0pEv&v0 z@O!S-D(#%kD$k~L&Fu|eW0ux}ucyQCcRig^rR~N!^DhN2FEA6yr)pF~N~0+Bavz+G zLc1+Q){b=2+u3qP;tl&A5hfjv&LL7on>=OZEEe$&-mj1FZJHBhOfG=s-Vlm!K1GeZ!L zSU4fq^ZhTcoOsyU4S)BStKZN<^yKAC6T7+~DZYD+z-0$hZAHGa7n(5bQ1XI_DL^&H$CEVRgFO#v*V!4j$Z$ zaLM*sd0zNr!vp1T7GU^w;6gjdd$d*Fb*cTe|H1s`WXGuW2b~^N;9sQUMTS~tT*6Fw zfPy07N!6R@8luZ1B*kR67ZaKli4tYL8K}*M5^3=WZiHdDop2wf$U8a{zke+d?S{wM ztrX~|o#q8!sG~<+J%L|$SqzkE#PC&4#ew=3>{2;1R^J{zU0F?iT|kNosu*zUZx9x5 z(H8{Kf>=KYQA%|XTbt{4v*sRklb@8reAZjWY3R!ii~^&Q^)guO?R$#4g?ti>t_y;f z<-Y>wx%Qcva*}?WYYjz3q^NVAg}4mEr=^o)W9aYG`>FH2+zAFb(xC}05nq?zPDdqvt~ z)||DS{>F%+?)r5?S0+i)(vD_`I-OxkTW+D))gpOYOPW5C?M-|PSQS`1R#F--S;DGb z0_j8Lh4{~dBDjz~dOLtCtl+2@>N5a|icaspC@FU@fEV}R`Xf3G=da-#mmghjm2xe= zqTk-uH^xrXBlRW}-G7U-tYxydB)HbkWb|9gl!q?8gi%{Qs9cb*Ck6T9orGLX)M~2V zT!z2^vfIJf<>diHhCD~wLsOQe>9Z5ykITQ2T8*xy~M0ld1;@lHp2jfdQ4BIRu=vC_U|*>^KS( zt$t^RXSKOiVnH2w0HC98AQViiDA%pxWW6h;Cz7r)=Fh>FdiNlDZv?} zq02#_4b9ay;g`LHf~CYQTjAYLVBNjlW|Cs(=XJ-(wx6u8o_m^Fwvo*(Rd*6fuze(d zKbm?~6o2A2A>B55A|2R-b|)J+LjuxVGW%_BG2Y`wo9S{G0Vrhjb#*4ZZsbFsxf{OH z(j4uxx%1vh;H}fW*EIQ1wC1Z5r*%^) zE?J}a5ry^5EVqM*y7?^IZ6Wqg;ErQ?;N`9)Mx z*n!NtVmZey29JesWy-nq@x&Kg$(>Ga3_E=3-5GDE*Y4rtu-@ZPtWMM^4U<5Mx$8t- zT6wDd!k4$`d&&8!PN1f@%CA|_=YYuzPrsm4+nGl&f()2g)CV0{BcvA}l_ZwA?RQDVFZAtIS8g!-S(0f+O4oJ=m`awD6Q&`&)A4MG?t4tKyo53WM9@EiPNtJ=eD0^wA|)PDxQJ zyp$#@*CSuQ{Pa%692Yk-x3%#_v)IG4c*%;M1BhO|S*K7qS<*CcWbA~EX4f)hI5V07 zLCqg&cArzQO{OYg3XLnga(U&^+Htw8WtJ8jvGJ|hLUvQZ!c)0LMfLOtr=9jE@{V_L zw0y+Z<{v-=JB4k@_1WY|PRR{F9P0VF;Sh()%RA{T)Ng0KQC6sUdYQ4Q8NH_@dk<9` z{RT+;$vf@0Ec#c?s{_{;z&VvqkS}yyrwvB*0VL*(i<_q1c==TIWaN|lC>V#31Nj*M z8Pym0=*p|Up9^zfD-p|0yu5}=<7}HBRmP`f@6tX6zh#BZO7q4$P{4-Sslml%pE0xh z94ob`gof2B0pWu6g4LV8`XGKt9;aAANbbPx@|te6P)Sr9$5h_7NJzxCJ5l($-@r%& z!POux;A~A%sY6Iu0pbP9(6t(FVNAYA%)j0Q)UkoKDp6u|up-tfDHd5)$R*zoJ>yW% zm2P;cSvbxX%}W{k zi*BTKl&uMxzk_m(Fe|xdHZ8RQ*L1$n@mX(pS6y77Y6N!^dsmf|@hd>)ZBoq=0e3S; zk&VxPb0L)5(U-Ogp6KI7a(8Qk^?=G+$GLAEkH4b0r2>%P+}WeK7#+FZ;>}K2aea)@ zeK*}_O&3?_oR(kG>>QPIJcj)!QS*Yu&dYUJHZ zRR||JJVOYieI_0Tqh4Zep2>>j>HN4=B%>C}o)Q(=pIC@OhfuRf7K?Ji3-siC?ay!d z$o(VNnxAakiKWx~zQ?}E>PPvlSam%X#IX{aBgJL67hEF!r%l%CR=i0|vfvp>!6x0#>KOatPYd6#UQ>YU_XU$ePA zf>GgNbP2%7#=lUE6ps;LNk>s(=**b(On4!Rlld*=S7 z=_tMh=>&`pOUF0s5#Vk>wO9rlv#Pe1JSC=PknTHO#p48Oc(_2jG`*w`#9|E5KVm}` zbzx9ksN?f2*S6Z?k->2{H&%34q};%C=RD7NU0_L|+p;hBEw`?u-9JZpObw!LNACgARgI1dI(9A7}y+kV9%ao-*2j`80k#s=jC0zkbW=w%6s&qFC}HmbwLC+C9^wc zfC_y=xZ}%yrQd||ilbqs7B7uU-`fvE^=pxeRd>QA84wHSBHIrUpB_Z8DViZOGc1v9 z*BbjyZfYLIAEF4_2IPVLrv2bDcQ<`N^sA( zWFIQir=Vv>FQ%$W7Sttlce%A|=39EscG-fEUw5d&_{T$^>1zjMuZqSoAdIcs2DLW7 zC7I%#WRbl^%;vGPpT6mZ$!Cz%JGs&w)xN66X;b~T_XayfW}b22rAnPBUTB$dC=6Yz z0^ir7a?KyO8uSIYxqafm;f1V~c35je39C8Yh2k9DyBHeN;c+ih47AkJk>fWg`n~f; zR6$kuutqREPsq4E)4Nv4sX(4j_HUJJDmmkgAAN%|U@>HllQKUo?4%7hc%PT*IMCdU zU!O6dWur;(IN;Bi_C z0pCnhw6jSwsgH8w)yG+WPLv?Ix8cXqq2VuFbE4@yC1vl7S|~O5ZIB+Z?Pr1QLZ-@K zWussz{bzIBL+?91;JUiFdV{pPkn`IqrJ9V|b+K4%>IS_dagI0R1t?b2*l<}0foW>cd z^h5P~w~s(Sf$v%!G-as_W_>p`Gjgj1-?n8`hC3#o{D78)?Jj~ogK_&G5gg>F1odyV z_6a>l!z>q?>@v;hR#Zs)8R}oIKLP{?y^CiaRld zCAYFN?Uc;Ja0=NC{UwWqmg&S}${jCg$~pH#_Q|%UNj&lvZE<~W*jHz6QLz}^xroR*KgiuJMgs~GU~#9gsiwn<_UJb9 z`4glL>({6%@^RCg+>fhW9F$sb)tY?|gE2*Wj!4yq13m3@7t0y0rF_icysX6NK7%W4 zKzPRnRxvKp#AY3fN0?mJZdntsavokzK|O#fN!`hYy~qjPHk+y$xwnTj4N@DaatJ6LlP`vT> zEZ@XgP|Ld$#Ozl$s|HvtvB4iB~ctaN2e<+HS?6z>&c~=+L4FnYT=Ugmh>Sz zoOwO4k&y1Ao|%X8m&I!e96y87lpe6tv}stGsJ699DBAx^d|(fa|7b$Mxzd|DoS0um zj4SadIWoSv#I2c;vAyXmSBID}yQZDAN5#1Ayg+$6a77<4(7Eht8mHA-9`1y0mKC@i zS5*EWW8G;q^a(D4QD6rgKM=y-VG@|fz>XX8Q%vIfDf8l}53#$EAJozN|o$t~+`gCmhneFJY9m@db32fj3j2^qzF=J&I2rz;Hag*(Yi{0%2jM(eH zsa4;tq)Ag#=GX^x`3hg)fN>zbsJI#c?qpYW7SE8OD7F@HYu)(N@4*Bpi!x*%hg9C_ zTEB7TkowrQ^PrZTIFW-MAsDfPY$gS1MMt)1tJ5xZZj)1rz$9+hyL_*=I3r);+>7z9 ztpZu|wONHh^xRmtkQp0Cqea>ij=o%9^ z7!0;sn>B&L;S=_c$TkKBv6Fpeal#T3vIPn~Z=?E*O-vl+-9V0gZMs<~86H#^y{Zb# zT5@T3-{c>C4?Uu`6#eS^jD2FJ8PIpF{%|9u%tjMV)2b@sG4)Z7PO}SDNB~~Keeqinq>5BGz-?^qL@jE|(AK$N z3e{Fgb#&G!%fqGxm716?>F#Hrsr1EBOTl0A6gc1Jyp`SMhSYZ$tc_3cT+-(knK-Lr zyp>^ETdB!_sCBFCyY-XiKe&GMz4i_qJs-8`<%%6mSc<`jjj1(1Idv3(;~tR+^`D^o z#SD{k057ryDWrz=3qRl8Zo`=k2n3az$(uNd{sSsN#IL!^M*AK&yg|G$;OfDd-^YMBrHqLEMckibR@VMO7~8ZIxow6Y?~aYs zCTM%BLlU($BTyQ<6c*UPzC+cdni(VFPxKoq+LDs@?hPtGj48jd+X~7U!5uJ|l(&-7 z{C_cJZjhL(a1PXxoAVaGTVcu;%ufa_sYmR4PIccCJf0;Hv0oigUzhc&I1lD^k5YzMdkySIzER1qnk ztbVL^uP?=&=eDOc^UUBv;QH6sEUsP?hlme0=F1j#>ySUtqS1?Ihz!56F!>lk78$L4 zUl8CJM+G)LSdcIl#Aq|CvAO>ykx0w5+hDEX-$G;x#M}>bM~){KtPtA1dr8&q3o6%{ zDtFqg!uP2GB`|EMlNv0y-`VtK$6;yYCS&b6M%!F`$}M2Jl{g=vijwl@&x4H%J|rb7 zE0TrcI8==BZ6|wzcVpoc2MF*6`wtvJ2Wni0zj<|x=@{e&-fl$;3Wc6nbY8Wb8uW}g zb#0kD)ygibiN7~5#%XL3sq4N{kUrucRGzN%*Uawbm>3wzhbxM_*}7_7A5DK!`hKR1 z={Zyx%vo6Ik%BXot@d_pQK#kFB`bKHan`DPf(hPMztJ!(ve$i(fSh<|w}fT9GBPN| zqznY7bE}h2vQ2P$>{y9|Neh#ZBHNun7kpu z4u5(S#K8{|?Ne)y+BI$eRw!UkCSnk`&YvE!7XfX)JmZBv{acN@jKvT7e-r+{3I7YG z{|79rybPM|u8$TL5s|uzcM-iU^JlznGqA^ZcXy{m@`$K;6u%Bo;qVTcTmDv?BrGwj z1L0J+{*yQ2pI`*OA{(W(rYW)vB?+k*_ZAQ70NKD95YNmSeg`hQJylHMK4u~iw?#ZWZHuj8hdw zmB1>vq0mU_qm{hwS8`tISlL^ z93idE$lcog$8FidFvZ1fGsEUc#{wj&IQ47B>V<()PDaEd&R5fa{NigJ;LVEpRPcPi zN4wjbi37gX!P@rhpFXYKS;S6j#!&w>v)qUPnl(9T%=8C^Di^bCD!C?M96d3Fkv+iQ NO$|NuVpXf4{{g_TkY@k@ literal 0 HcmV?d00001 diff --git a/public/images/how-to/import-git-status.png b/public/images/how-to/import-git-status.png new file mode 100644 index 0000000000000000000000000000000000000000..6339b22cf27a667827dfeb11cd8b552dc3c00d17 GIT binary patch literal 50404 zcmeFZWmF{1mNtreL*ef3*0@XK?oQ*-H16IwH16*1jk`nR?(XjH@KwKa=FFKh>)v(W z`Fp=wnH5o)84;Nwd++DjJ1bN{PW%%b4jc#w$R|k&Q6&%%SW{r$6$T3U?IG8U00M#_ zU?C!+ASoh3q+oAjYVq9!1VkbyRK8ZKz)j$eX!gg6p}aj9aIPT(X&pfrM@zqh1BM;8|*Kt{g4JY1hc2^ycN zil@vAynI+rZC{b=fJAGAu)3mH^Y=l6cF{JI*nxtGV%snm2$J>w0>fuU0Bi@cq!)B0 zu%zd7dF-)=UeSeUgD5EO*!F3H6gP@w>J5(h;T(Gbc;MZ@h(T~1L*A}$D6fd*f)_EC zLx>WOSXsO$hn~|+e@9aU$FT*VJH%in5c!J652W1t6z=#Wz49JqBUx(9)$|)&)o}H; ztqo_O5%+!rJixK$8WGJ0J^KHkYz)RKFqZC(MY}IXR`2oS0(S@S+;9pZ18{}#NJhgV zRj#p9`~d8Iwt?BokdUXMA$P=jgGmsSR95U^l>M|`Id>_B7|KIg2O)djCLIJ44spp+ zZwpJF4N8Q{jKgv=zR6(KCOJf0IEGFk8D!0{$Wm!jUzW-bg>b7s>tS?~_g#4!m}d(U z(vG49_tBn7-;n#?^s}46FHT9dbrSI~%ft|t2ad!HARYMC-vo~43*mPd%j|CIxV~n8 z?O(07?qH%8D!CC-0bo^Og(-`=RZDrSre|T&?2HjR$DvVB4QvlV+6vL!Udbp5ea|J4 zYoiKAB`6Dl)`ubig@*v;j_yeXrSQcgGC#3840QRK3FrbfjD~#dQXE2vl!$qN*d_FA<6S2rWD1I1B3dVCt+ zY319Z&hfttvCWv2Y~oW?pnIntrkaGk6Nzsgd}PLKVw-gw0JqaGMoh5dTLo}#TTddP zJ_Kj35sxVSrXPWOqde;z+YBzssUziyQ@m!f2U)s5h&jGLJ{O^>(fLRw{8ElB@?`qy z?)5b5PUPP0SH$BIigpNo*SJB^FZe~pa?r_YR1MPkpZIZGIdgZS9W7Ap{UbX=f!uyR zkGP&SH8N7^mgyepom9_okIE(&=3S{|sT3H-CYX~cmtkE+wShWC$d2k}>Kq`(8<_nk zC$j0Ut-go#-Us_{pg%4`eSLjNH<~X|K~8T1Rz5CW#uGsW@Jm6`1x6Eo!lUCcv;sD@ zg~881gMS61`$3-`MSBUtPXq$tZwmlN5u!;3$(sl|(LpHuf&G<%3e@B)w#KJ8O09sB2`JU!SV^53@Ed8j9zLP7ASDJUg zMQUqD4A)+0(9kU&H zb);+TqL8P|DP@cV6d80ZBXv+8F?zI=#EC?!B&CG9gl;|(O({(wO(hL6jRlQxf?b8*X!`XUgiAcbTc&MFmgl(0IIIonb90`aOg_ zg1v~+($ePAq;Kh^f=-dgT668C2dadn-YPR{wdzJC5z29;^olDv&Przu%eXWN-(){! z7b?OROBc`0&dfs3A{~ErqI7EDmiKCK4|H#TM!!qKG5$pRsqi;M1WAN_1UOC-n>*W3 z>U=7lY~()O7~EKIDhJz3y}1^H7PHoqR#?5Wh3@3>JcWg}CA8&D-GQae9Dl`Ia?li= zIUP_j|z zIeV#ta6e68-6JkwpR=a(v^hS$Z@Gjkkb2~~<{gP?M`%SnN63bYM11*u5-yMXkb0N` zk-VE+&cbCqZ6w8d$BLd@$--ywoL(tyHhptwc|?E9&q`X$#9Fe1QOjOCvCqCQx!=F< zwEsX)g@F(z6Q+tWhT)Z1n5dY@N@q!Tp%GJorM9GISw61W-q=trSFQJT?dzIVo=tB9 zbxlcivzc`LU1P>~Z4-~NNb`YTBlRm^7p$X}TUX3h)ED)g1@U?DAP{l!xWxcst`UI9 zVjQ~}#j%(pjYEx{$4SWv>gkfjlJ28DiIEr!(xfO}j_b7AR)@?R_JdZ2Wri(=eg;{F zD%~^P=1TO+1u;eO!0=SQQoC7N4rq>!6|qL`^Un`d50K|$=lXoSe0>D<1bmr^nMauk znH<>M;TpdUf4edIsb?>IugcRSZ0Bo(Z+r0g*xNabJEL2)YOnuL|y^!ds<)++XM3700Rn~uHH^-FwqJUVrTkyvC3*S=DzK`Bu^b3}Y% zdIMjD&-cs4IiuF!%~7=2E=Fx*k0m>dGEC{w99xT`5uxd!(9^I-)JLt;owkOYs_E|t z&SEBFgh~Cny2OSqsK${6ATmQ=)WLNAgkYj*(Hmq~Qa(E=1rG|TkQ}F<^10pZ^4kTtwnD^&Cw;~^ z>>_+pE2+4}Jn9wh?D^S)q#Rp>mt4xG%31G}`d0U4CKEjn?TsBjYdm9}xA*(+Rcs_P z7BlOVz|rC4Io=h+``0C12jPR$bm^2do`(m+gKhMFn}dQ;%Tya)pYhj$&VY9%g2&|X*FECpoN4!bZ!Ir<5oZxIqi;q7TbI3Kvi!2ak(~HT zcC)AE{mg4d(oxEh69W9Uxrd@3l2b$L%9=$49P-~gJlsc*Ea~m&t;|Tq(*qh7Dup}Rv#l~3{|@*`O({AK6PXZ*{k(=+d$r#F?DxtLiV((kj+ zwbun_BmO>+uXD>Bg;ggBk8@oo{Wb{er>-aW4b1`#AKk65E?FB%-b|0bZb)}_n&qjp zGQBdd18+^v)LW}$H%L0xa0dyo0Cs(NPgNjLw5chuT_^Y;3d*3_-8a}K<=d~6j3L{j zG~$~A2L0HIdb}XTfgcxk?Uxt(6d)dr-8-1G3s}&Cbm%`s8Gl6Lu&F>#e7kliCH-pECcEg2x7dKm&iF0C(4H zu>ZUo)-)UZKl322z;hr%$|91Iz*O1D-o(V(!Q93%bSp#zcmUQ`Lel{R1cUs~4l1cc zb_uM1!9qpDQA1XS+sMX>!NAzY(1gL&%Jxq^AiS>Jz^s*tqXCht)pu(LZdX2%zpmg0 z=KmaKBq93i5=Tou5)D}eA`u&V6C!p7CI%)FemEi`B3^rAQ*I?uv40c?{^BDscXYJn zW@L16aba*_Ww5a~V`S#y;$mcCVPs*U2VOz%;AZV;;7V`pK>8n*{AWF)CJsjS7PgKS zHr7Oc>NPO5adPA%A^FqLKR^F*pC+yr|J9PU!#^Gi_<)Rm&M-1FFfsnKZeUT~KS#M0 zEL=^#Yl>P}0s9Qt20t?k6YpQw|Bo~O)#AUD)cCKGET5U!|F!79oci~ostzXhA~sgQ zHXZr@YrOtZ_+L-{qaZKipGW_fuK16B{_7~Pqxs=@8UHzG{BSPK`o+L;#Iq2UR{^HL zS@ze57x+yD-2bG&T{RhuHhT{QL=Z$$R7k}Y^fUuHc~11DU!Rs}I$=HS$7gE45J>8V z3r2Rq{D*ZOI6-Rq`}+;;&D!UgZUl?* zk}NmUEJI`ITo8aK>RN@UgW0G9y)pRru6?!=~%HJ zJ>~g!J8EQtV1Ikti~$MMB$%>=gpCII+Z$N~u(0IL?~4D$GfQ-lg2L7E=5E2E5P|;f zO#%lrtEc?tV4T8gV)f_$rq`yafz3}Jg__k%{{1l%7Vj!zI#GD-n8eTUp!oZ@Pvpx) zCTO6Bm8qf@`uA_1$OKj)Iicp&&GB#d+y8C&?@iVJ+tq((iv8bN{kKHP|1T$3K8=A| z!zmZpO@`*~{R-=#EXP`WjWHho^T+#xK(q5%sZNWl(0In%%vQUD%imIG&JgG08R9i& z6V%wOrf@v;e!5=Gbe|!zUz+Uq7`Z&|!_&FlNIpYv>GehmmI6%I+*hn(dF1(rqKSwO1Z z^_Pb;Iivcoc5!KfKjCWu9ZY7Gt&q9p(n$4q92w1nev z|KDu`!Dt9zjrtvaV2Wz5zU^qnkVA24AJQOT6)5BvQ`_Y`15qsHTb<^dCL%=rfto?u z^Lryn)3W9Q0oH9hk)w`dHO)lLA%COu{m8#Inc(xIF&<20eR6hL&4fTf9!zCxMWa^} zhW|KBO@R4iMhBs!ldM|jO5H5kERiAL!|=LRgYa0|p;>FHJcaW?8H{w!k$BDc|JLF8 zRKC1!*HS4pCQjJS-!~|HUa!P|CQ>#ddZ*#YXxA81QP`7@5=b3Z6NpiBAym=hgYqB*^4Yq&2$Po!v!FL|A>BRqJzVX|8 zIG&pJ%TKfzQt`;a^R?Dnea{(0vNflNwbUcNf{PgCBKZ;P{?GjUdg7BX#sc$gs--Fk zbegrt{X8z;lV-kc98sH$CM$lM^%PWpI;;}^Jaenyv$KqFizEKN>UIqgV7{^5ZvXmN z{iETE(n0CuYopE1J59xT6|33!VCGuuUY9Sp{o6BJ>nTCfn%hB!{RE#${`Y44Wl1P2 z!sV{7DpZi)8DE-aqaLi9(ueBQqiz>79WSPo2|UUx`86*pG)coS8D%^u z8M;se-XBq?8+1K{ii+5*UY^WCBO>mp6f}O>R%a`-M$cAQVh%tO7Dy*0c8df_-k-v5 zWQ^@`xn1XrM&i?pM?GVh=a9PZ4k{{T3kuyZ+9K%oe7}zPaI@AptZ{v?=-DKQvPYcRC4>yI57OLbI z)di9*+vKynuP1wvp!>}4%TunG%(9^BBC1BaXS>^M>Qud6?$x*3Quq7aaSUlzQCAw? zP8-HsKr)7OTb+}*qxkk)vch@)NR+*Hwu|BE0_pHCpl?7BR4bFktXwb2b?bc5`H@Md z)kKu-m47$d>~N5{ z60T~Qd>(4tbvC$lt%~0|0FxHWxnHDpMPZ_xX({1hf;Z7rJ3JxRQrtJYys>#q>#TyG z51Eae93k|bMsx8j?DvNYYPsk~ON-MPppdXjCsu%+W!!4d&6Aftz6l5zS4&^GIhYv1 zA}{53Wm-2s)V<{rMQv?p40_5Svf@G|aAUrD1`lP}l@3SF;AD(>pE<=136Tg)6Q z;N!iw>Y&?Ty+$(-^+vH2Z(c4O_)}{TYHFZdlXdsT>4Z0Nz`CElag_v>Qr5Zol1Sbi z&2*~;T$=Rmd`_7w_04cJXl>(bmEG!&YN^`I5TqZaPNReze63%Fzv81z3d<0HyoXLd z$4}4kbdlL>Vx!``)#HM`>cVB!MVUfA)~550&U<#d(pzd(l~iaI(xtsO7!hv0ebZhg z-(0c%qdv=vqSkC;*2+&2%IDqrd|DOfv+HUC8y{RP4x2TJY+A>u;jgdnyib?CNIExL z?8x6&kf4Wu%j#XjOLzN0LQa4e1!{KBck4W=RcJ}~nq|#|U4DOmI;e1OvELi6dsHhY2SaEhq>1WR!f4=dDKU%tFcuR|Gy>ZLkbVi|lTGQkD zvNuZNg5Rqi08fG!u=+C`54B+{iNNz$!|jQHpni0jdM8a)X9Krl2yOth|A}%Uou=RU zYrmZ>ZwQt9{bAxEXZI@dp=c(TLxc0n^HwmS@$&4D{n0e}0t0ak4wLP#t`ca&ihC(@ zvn1O}v+-0?x10Thkt9axzF#?hh+3rR^jb0`17C*lT~>)ZKi*p%PnMU|ihbW?Qn+>D z&}s5@yK{d>NRw^*Ng$jX+lu)fob^k`du4EWd>yr@Qm6vJ*;~86TO!eZv0Bqp{L{yYJ%t`#x(_ zoYUdDZZpojtSwtQvym2w9qGCJYEhFuv3CH>tTMiW{4D0eSs}K%^*FbfsQ<>6g4C#pFPCHvJCIROWMK7+q+@!;2et$uMl;wfnRbG$mq>BAJxJ zs<9H~qQPgzPNpik>$*56*E%`;qb1gEH#o4}6xO2F%oI+!Mr%HuhpRdZ<=qj+(-Xk( z16qJaI=@k37cqjIhijoya>DLNFm9m(7*J5$z;{g?D<|(!QWe!IChvV#JdgT!D})zS z5UVb|`FuWuE{Q=mpJ;@&^inI2-`#B7vxq>}Yd=aE!7};xIK#!tXXl=t_NJqJKI|Of zMb%2rtnZKexXr918A>HeCVYH$hB_LVTXu?5V4$FQg<_Fd*4hKmmb6!DouJF~Wlm)n zm656|qXZZj3_79|@+rrzlq`q~w|l13#fnB}A#?58n9Z(=?FSkt0lY9pkk$5C{O!9* zy}|TcqNS>33?ji_4xb~i2#9%H&TU7)IWn1zNS*j{e}5U?9}{TW^Q8soG)9w<1Pxba z@T^^D%~u-3V~!>v@w;x&N3HpJK3&sJEvS%-w&s+XPbIwy^JY;BzLEoiO=UU>t;I4Xh zz(y`rFP*{df*hdm^4@ykD52iUJ8y!8$82$};+r>Bl;utGB@APxXYye~n=}j~(8pZI zA6mFlY@qL0)4^jdkEgG=qjwnRMUvJ>Wa(ZT`<9SN;oF@1q+L#JoKr{|lcZEURSq7h zPpn;x(OSAVv3C>}zi_8R|G>b=k9V(%x!Ic>Px+(eidKxTJyur-6#^q4d^h2E+>R2@ zcP3OKD{hLVW78bYa?&JKU%``y0r_yN2hjKPx0Rq^C)CI-Gslo_qC=O%$G0a1I05~V~TQ-+%PD**2RRt$82jLsq%Pw z^X_SLZG$jrtC4n6d(F3cXM4@;J|RMP0CcynY5%aQyE11+*A?01=dWEvZrN(|13WQ` zh@9@Ks>I73FX!54?mH#lQ4;{A8duxPs<7u$^Tr|9MEQQ%!^%Iy!(;6q*2{R(ka4C` z0S&NQX+!|arQ8&!ddm*kH0Ku7#{qinI@&bLz$92w&kcEjH!9|-sha2d1*h{{iqTYl zqe7z7-Bh-V;}eWrp4CQ9LI9|%G=MOH)}?A3h0v!`H6-+|5Lo<;o?z{Hb#1(+~acJ z#hu(-H(;+juvGRWk^8h%msn3}>jtNc$-N1Qcu~aLfhI>d?svcJY}oVdId$i&At6-l z^V`G8uTa}5%ek87w5Gl`c_W;G{;P@1H)SGW9DYNU7Bo}rT=sydvyG}MjDhVA_nR>e z_pC}WSHn0rQfKedytU&SE{K0?G#4&c( zv)=B(tEawxk3Zb7;i=PRCioc4ZgU(zRO9`Yv_B^#%cBZiOJ&m+0<%=@)oRrYh;$rH zmT0#g+!O-4pGPZwh`-(=t|KT~Im!`%8hJa`6CV_Xt1UPCaYMFA2qZaQcjDI_6q6H# z)q!)A8X_~8{J#^H5=jt0F&GO3)-wfsBCR!#&fpXX&!(!8phJ71!7pUwZJLynz1%hm z3v0V;%)t!SGkMD(*ywFwzD;iVyqq#?Pc$9L`jyljlS!< zW|W(FBu+&}6JQzIpy?EaTL<~PQpg`_8Gk7KAdHbeiL2I3@&ys!iL)&Nmt!!X>1vMb-V&x2QY_@cr;GWTlsJ0R@*8^Pl!}*fR!qcJQMrtKWsx?%Y z8F}J9bNFYO!$9ePMy*ws?EKqTB$8`yFh&G}PN#eXrop!PDjsNU=mc~0I@Ei$vNPnQ z#}M}L1f;aMZVBg3n*Vm+VI05kdB5>lRvbwKj1GP*8aWksL}hAyoh~zTaayfCQc6|@ z0zGU(4k07oMey9H;zKO*uXMEfUiEr~GMUCiwQumC6yt2Ml;W)A9zucP-wTDsgwtmW z9K`8rWSvgt1LT)^z-`UQ+NRqtu^x_~rSe%J@1T!XQCc2o8-ZTO{599}j8E&s?qvk%r2JC*Nka z18}^?FjuUo4E2d1cY(vJ#7>yXwKbe0ajOY1CV0qd=f`~>WJ5;5&aehstMCyRmPqA$ zlTl-QMM9q|3ZoWa*k40NjEei4jr2%f40bGZaK`-k&1mO zVg`>(0#uYhWiPbL;pF&E^Y7O2*C+UdS{H_=+cFX)%cweiFOD? z1>0;`vQIdlMS&<7J66uvXC#K%NKCV18y$Zbka20dz(VP8z`yGB{sBm*o6xO2*)C8Ofl7ZTRqV(azOhMU!_jyywXQDOLI;k+I zbi>r%j(fcxoZviEH}k&T`sC}rAZq;p;!!hQXZ;n<_H}jqF1I^N8yI28=N+_wU*WdQ z+RgTXZBJr;tvcBz?0q=4vwpRSjRDsYs))R{vnw?wwTK%*ufN+fGljAFF9qqbnQWuI zy>n#06f1J7%BJxvlZqbd1Weu~rlXkd4aKP&4h)p|(rDgoF;Gp>rKb=*1JQYB$3C$& z0WVoMHFHT1osAQ76>BB5&$9Q8b25Wkc`~AZnB^xDl@LW`k|*Ho7km)kwFp2Bm^nOD zguTG=ou{6Bh%X$Ts*JI3=yh7E73Vk$`L=rEI0_ffe-kGN29$cP`(*h6;YT9qE3WW3{rda$QzpAS@x@A=+j>v??ACH7Q6IkW8nMt1NMejw zZEW-uAVVpQfEQ?lSiWU3SYWYBHNpCIMlA1hI-fG+s>;j1M&*)#=D zu;%b<><>1pYJV@RMCHEe7MN6d>Uc2@fU^nOjS|dJzu> zl?+r1%c^H%)8fYX8fd#5(6374SDs0(G@R`Ud^`ZTV<#nUm*d0ZQ_%r@2tt^FUHWvC z@mACxIvCRZl3)CQK^>aAmpx(&i%{uuOHQ~+&= z*iF|Uxh)|5IQX#PMOj@vrN>dFqZ!&H7C9~K2h^rbJ#2;I2J>$Z3%1S6jz;QmbN7Gq1xI>S~f*#rh@()9LhMmy}ie89cD5>8-=uiJz=9=K2{?JSo@ zZ$2JIS;3O{18$_L8|i$GL6AS4P7xTbKt)OFst;2v-0_`}EGnvSy<8@*V#oV2 ztz}~L#EW(?I<2~e%LL@j!B8-v_h!A0tzZD^HjqRvaH}oUyIHP4*ySS^>O-#(+0a^n zgsVM0w8w^hln2U!56yyubfDgtTtZri;-n6U`*%x-2($`<>hkg@<*EAhAI;JKPt9TE z;Wxem36Ck=@O^2wqH#SQeFPOxGu#38fu>0VU%*=@3?qDRzEcjSHd6(E5MM={1p>ut zrEXf7_{5G$KO00?cxI;*rYi^H;}POg zK6+e!Z9~A}6s(;KWO-YtQMGitUpm-5RBVbS3m9Ona848DWC++3PUhw$e@e5h_(aIB zM59)k&y(|Vf3(MDjF%n`Tp^XBI&SqK2!2SU1>y!6Jy7%IPd`pq8r7kYaLltOeSp@5 z#Pj`0)t7(_ZYSGjbn@YR({z9-I*pD-pN#O- zLYb1F5l@qR!Jj?GEOnQ53ks+6hos%BmsAH*Cz1#1gDsifyFh(^OxqgwJOe=iO90D4 zm3|z1h4xXy_-23upMGc*ar6~>B#VXtMkJ^&R^{2le0fZN*oT!s#5I=B%k3HEAEGDo zQy>%VWWxqk($htB4zg0a`yHCY$aN#4xw2aOb1K7gAFN%CK`+PtwDOw`WBvoCFsaFt%(p~b?t?dO&k$lP^ZoI%ei71_4)CokcjWnWdh+bV}KUt znQOJx$^?t^sJXUKT%(a6^`h`;K%{k(HMtqkcMyljre0^x%;m5jj$(3$=|EZDOeaP~ z&dJmrI;5V;XI6DqbAg03KuqLO zinM^kAkmpb>D~3 zw<*k#S8SM=-u)<>NMtkfS8F=tyn!C(!T! zGiu1T8u-C(-f6BU_@r#P??^m~Lx_5WV({caqE_yyDoi~IHxR}7USq=l@6L4z>p#=J_n>!U`m*CL3GIfQ(%1I8{N^mkKoHQSn8-ieJ(#-L!t8SHdFFm|M42@R zq~gmpZ`)9N%9)Kw3OobhYPQmBjJNwZS9Y-A#UlvvI-b<*b&?@nvXT!q&R8IQ7o)qu zQMod)1|IGkRZ5g-JU1aS$jP~5h}V4;z&wdeaSBDT)v5!UUxUJ+t~*xiLfsP1ZfVQZ zEI|R4kUFUE`Gt%eabgiTC*`)}empUa5JH-(0iny)2>4Ih4d3PB`TpntPY7r-7~JK0 zD}B%-6}BmWObf3*CN8HtH8gga;V| zC`8}Vs`z8XOxJ7sX*BwyEM_R?ken&~>L~{j9JDbpuvG_v??Egc`-~rW^1mbYX0~XMbb)Sf6jJ@i(6AM03`YG5{PwBF1 z7i__e16(jv&m8~nL8AmDaP8)Q_9g@3A0&bvwp~n|HM-MN|9db4a3J;x@ zd`Pv__5{6Rj{{$(T2|SQmHdD%HH244{Y@u-!pkU2%$!lCv!cg@p)p{j&)z{8ABYc* zEI|#j0f@t?(`ih!6wYn&3|>(ki9j~^TYt_0@ol#N8E5|4MyI}f+J^&BJO*^U?j`Bx z%U@*fueHhw`~%fQ!qvvwN3^2L(Eq^2)meIff3Z1QuCE=qjB;LqYNexg`T+x%E0I4q z$b7w%NUs-WP*-HR?j;T+;ZNBZ)wZAg(ooN@ba`Bc52r}2R@`qQwHmESCq8?sHO2vM z7j@H)B$MabzDT>hKVg0*`St6k{x7fzC0^y2L`H2Io6fhy%!YT&a;6cy=NgkR)8{8E zz943OpxXo8-la6tN$D?}CVt?x(eY@S8;>GU=qpT)fqh~AET};^^7vwwZKs$A4j~~U z_%mfwqFb51(z-GL3?+x?Dsw>}A6(ee5-4P(0&d6vSbsR30~459cEX=YT>9mAmc3)a zD6MwS^@=p3Xbr$vz$RliZUGo4PFvf6qB%(|0&7CMSO{O-n1A!)3$h?*caf$D7ESj8 zfievrGyl*2mw9NSN;zb(t@+H^stv&w$9k9fD+o>o2DOg0rYWoXP9Q!$ItF@@jDLq) zgx-S}VT1&*TRrQ+|3s;%8^yxU!sW0APzqxU-!hqg&&L4QZE=(g5=V&Z4Mx(8JodoY zh6*u{R?0=iu9UJ>_apkcAAWTGba3K{(E_9whjYHyj4xE#*l;-xI<$wO(^3H4RFZ=$ zRZ;4c492CpFT_G2QZS117232wZsZp_?IHg9OmVrF<@yWWf8_~Ov`3Rk6&ER%FJkV2W$!jto+vizwo)(iKf34M-Lh|;T#}AbnfYoZ-6FfQ4mw{6MPB=B7c7)e7RtHrZJ4ig-GikOV32mXXLguiNfp^^X1SAfui% zzJy*C&$bi_46*Oe1RBXgnH1xT%=T}$MK8e>0D{z3Ia4s+g&~CWVA8+XN{Kn3h=X~* z-4wA+VJT288j<5$W`E?P*dTbs<$coNaU)xAl$+k|NGAbUpA7-guF$}FhnI)Rkl{rn z4R8`B2nWKCAPKw@O)17$OAr>TN(U}T!LVK_#fjOUrM7ZH;V%H-1rZD=N5562J8jB= zCeeflovw=6Zmw9j%3eT&K>}r@Ew=Dtl~e+ay%f&Ps5mqhzIt*!p4VcP(q#oh)hts{ldOhhom&7Z%_ z|Cld4`rZ8_>c{KtMZ9W_l~vyxPLSbfRy$m<4eB<#P`RAL7ao2MWVs3lv$ol8`SANSC5+Y;r${G zldrTC{`h*a*&TnS^SH>_oSb!vpUlPppWS0*+fG+1M2!#QcMduXKKvFlN>6j4_aF_T8 zl1{t(L(KIiKp2!QmuL$%%fl)-Sf<-}nIzEotbcXywd9x%iQF{N}l&*k3 zu~7A4l|-*fPpeteWZ#sW3;A9&OSQaDzg#qU!%(7-{{AU**50LD4p9=rc&PtGkwt-Yqy64U0OQw)#ar9_2xmK#_P-_^gg*vfq>f4 zMslI19k+2<|A4W1KO?pH)|Fm8?S7!DbEJxAjR)|?rDmV7kX1v*CeK+<>2|%Fu;hS( z=d?eXNuK5X9I8$yHb5UhaJJkql`}Mo8&9RFw7pGn{3Vk+H4KBEB94NxiGB&TmPVzx zSj57B5=K9m$=Ue`cCUE$Dku+VxzV-FJe;lQ6R21t!&n4edTKYm8@p&^jQ~+n8F!44 zW5@2fC_Agr0Ry)ixMYw&(kcsgiH(?ZF6XaQR+r3GFBj{l$DOFYm4_jv0;v)Q?2>-H zP1wrK6Zvn;w=P$PwvQ8|ua#@Ene6(3km!-Rks;9t6f_W z;V>CU;)-PECXj$qr(16aiWNa4qbvZ#;4 zpO3YMQ6T6|6ep<2>lXqnyGq&43a6<8OOi}0+l&r-E$>L7s92h`0&C|Uv$EAP*o z7@x_n=+h5k+7{@h241^O=G5wy>FSNtFy5vUDF^n?aB9iuGAmImX)}Y0dG%j$#tqw5 z7gbshV!1k%XS(M>-*nB5h@^s~cbDt$H{gKeP*DcqmEN2rS0?sDa6LhHThT7iYazsDMLxWOannXc|`t+S$u!C zGK_tvbVdysyD-DwMjuShRQ~g-7qdirfx-UOb(&}Wtv=~NjiP9N4H$RSeMn8Vs9zM2 z-Cfd>fB%M6y%z;^L00CB6H{ArHi*NV{J2Eqi6?)6x$~VELM!!PuE;o1U~#_obX&$e zT>-N4rRvZxpuIE9p7i<+o(1p4obrJ*kBk2F^;KTBUYii3gzZ*(KQ8#>yoM`zI`H02m=4``bb`L&c|EvSkyRM++fycj7hVuv(R4GX1wU5lbY^` zD{GUaNzcL!RQ53B# zXUY)b$xsA!WHKHD3~s_aBST1kmrL)6U;J0lh{-N_Pzs6Y0q?%JFn<C^K+d${f}XP^1vP-%mRH2buhB;I&wiNtGzKd1-l#} zII%dgA2S}R22Q2_MaNA8oo-8?8C$FK36O7@TR1m?Yiqkc9D1hYO=2Vspy~;9geP=AisYiSoDNaXKf7;=8XB$!Tm@Q!hyW{xW8O(+*qj zl|VfS^qJ=Xy%S1h^Zw7Ti1;jv6^uxJ{dS7Xv3wrRSr^Q59YwC&26ZnmCO;>Wwi1>6 z&7rKWKh|7RX6q3NNa}r-kH$ zX*=0(!~pglx)82%uyS--{W)Qbt_E!z$~IxW8)xSnEZtUYNdMso!#X@R|2t3=%0>wmR`h;ddxxVtc;j-}4;rq-C^wy1Sae zeXx$<1cCoqw2!o-EQ^_n5jb-u!aDK%pZWJWzO4#7?LTp( z@{4`VAS1NtaDS?KCKiQA5dsTzIFUUi(AH-# z!LJC7`i~F$LBfAK2#S!}4czG_E^!S-0kZ?wF??5O_yDxwZ=CGh_VGt&`2u zkKZR%mY`%11m->~#TT7`RU)$QK;Gl~ml%NSCtP+Nz%>9i=Nu8A*Bou({({gaed=J! zxgaU2VAceA1Yu3c~MMkx5ak}Uw(rc6O zxSY;TOnsXx9jcw+V{CP~n2*$0oRmur+%rvLPv5CHPJPn-v@GTrQmR_|?La7?-172q zXE1YDAxN(AEpH$ky~&(_>pJZAXlNwdm8dGGU#R^sr1C>pSGV)pHl>7fBfKVY3ZX*01d}6haJ6k+cCHD?X#{zDOy7X< zS|#^XXeQFf{36siaC7a+^W#ob*pzo|&^7o#dT$bLq7AF!f?7xH&&r;t9o7oO{j;)@ z12t`57dwoS;E$}1NwwEK-3nZ*b1O}fAFqlkj{Uub&0|Grm4;-NSRRVU)1YkOI~S%fUEqChsFU?nyC3gyOs&QC-700M_09pzSk-?PtbbE-34(?$h4fZg;p=| zHWEICGpvWs-|_efm*FgwYj+(OA)~dri)7-s>U_ScYF2-eKa|ASDU<$rY46c`ow9>9 z5{n=wKta~YoJ78d?z_W+u1g8xm^nVnL>rP!uMk1T;#gWEn&*g2DHHtG5s!@zG{WJ*e)vAUzDfg#hh7Ycz{C9ZU6a9PM##(hEY2unqMX zed%#xHvzsffV4qx`wsh?8MtCsZQ=TyJ~h$>WZWbmxG=%68h}K{?;7LVdcyQCQyD-* z*h|d6pjCPSBj|6ja6TC}6YzN)S-rj4l-T?F;i_a)^TE`LMJQQ^N&)RF(9DQ;vh>!c z8%(&>JzlK zX{1v?>F!24rMtTuhK_Iho^!tIdjA%k!I|IMYd!0E?j5IfESDJI)a?{$;n4o)iEqhO zk6a9JtdwdV%yPwjmOrM}DW?^^;Fs);;KlL%Ky%+B?(2YqGZ&keCp%kxzPwE0-WC3o z>aEOqJTItd6dxCSe*VhrVc=EfFuKg&|5YNNO5SIyzA~%N;76(q1ak6d}rnjnyow!{4YACR|3@i&8o(Nx@@_pv>lsqt~P(O62IAoSae zgZ43Iu7{}EDzAa}$>&*><*cv?lVk2&_JovJY*yw6q{^|idJNk2jk zz&CkxHdLt%toST?5PgtV7x7nQZ3A>64srcf8)3loKu4%#eND!aaNG|DfnTVQHG5SYWM3gecg~t zMA&9Ss*D0(Xz8Wj0~+Q*Wtti#BWdee_~trghS5heS1v-f?JNf`K79ig^RW`SFNod3 zg2$104%dq=%l*(o1K6JK7}yxOU9ZaAvqlWb7{!Z}1d+LGHL4gLj!^nJzCyT5JyKXb z(3KDvJe;ppM#Qv#{YZU5h8donbnWhb>+G;&xw+bnxZ7 zJEW_k7$#jB|L?L$%Js%Q7}`Y=i0-J$kWz22-MLAz=h1fWQ7X}JLY~@9Ez)tcGK+Qd z=g#=zM*5cFw*~oU^jf_Y>*uST@AM^k%%q>xw@|~zlH>X;|GC{Hp?w~^)`oNY%c#=TB|$k7QA8aI-$$M^?6oQn8TW= zQw0VCu1fi*t_@RK`{wO*uDN{7fiJd4su+IEnrv5lC0iRFC=vUtz*`+2!M)Egc$+{S zp#4;Vw4GmZgGvK|?Evq!CB10HEOPD_S1|XcOBu}gaFl3+)1VwzVntGJw!#!>p^a(` zEe4xED;T?a@Eg@+A9{z9sB>f0HTwSS z8J^ZZ7QkCSr=>XNc;>>tFWian>j~=3ln4S6C?yf~FpOWJh>pcFsmmX!U2f1Tr$zzG zT3uHq-*Jav_$?kV+@jz!(Y#i-nqT%7DzN@rd=n#x*?8!-7ev(VSY`fLQM_4Nek^|W zDP`>U@hE$H?UHjL8G7LB_hsFFgqNGL9#=kcnm4=bVhzV_1kvFtD`V!yja3tRKh3bK1+`#Ftwh?QkSWY%V_ z$L61{G^f$|(Ee`b^LAnYwh@?g6F@v`z+kTdff`EU1l5k=!VJPq#SCM)KR?L0^;{vs zpaE$yd6YbIUhN5WQ18c$Rs`!Hy-MgZQ1BJ8gdx(U&=!ED8*Bk|3!&(r9YkaPuM zcHI4JLiGc14Q)%=BUhfB!Vk9;%~s@p!3ly@u9UXoNNf{awmWAV9qt95N41K-?JJry z_YW6OiNvB_ia8|_^f)TI&)SQKRg6O*H##Nh5U6e}{b(b+{4a_yFH17K?2kci73%za z+&tS(ah9}a*=ugI1NJRa6l5-g;PRuKdsj$3&vW3G?7g*!v?;oPn@(X?L~gBKL6;pU7gnWRc9rfXHp7 zO#K5XJ>=4A&+pu5()-w@>47(5bH5aH8(yT5`)QO>3s=QpZ7{)N+t)s3dTKsxeueuo zvOf&J14q5VeA8nCALjkd@#erypyf$63zk?fVvNYBmKh7Z*`@B;TnOnLA_Xy^qu%&; zX9sRv&|>`G$IEi%y5k@6|s(V7F;4(_h{kq_j^ut1R%?rj`ok&{I8>RlVWs)o1Z@{ljP1GS4!ZxbsB?{D1UZG199hahdAE zmD=bv*1?Vi+=@ONGFLC>-ll2P6H=`<=8aoh=hX!cc&qxQV7F}Y&a6G6gvi|&oQLnN7jPr^2;`KgLs+TcZm(RNJernJP}6T<8x z2?XT7eu8@)$iIx}Vn!oA|{;*xI{`7~I)~b{5dLmw>gC~A2u}t^~e$11h;{$T; zV4ei!z5Ok9gf`MC$Po2@z#}JFBN9Fc_s3=r#b;A9qMsrT)%Eexc1$jY_nKX3$v&`3 zV1z&%xcY;J*3g$dixKp8?%&YAnINzTI&7wG`YKT$p=1d4l{E#f^akq528?qcH@xmV zdc4k#oIuK6bk^1#h^mFw9>Gz5>@4#?i71JSNA@|-l5B<6+Su@p^7E}58((z5M@Y*$ zV+ty_BN)Wz?C6s5|MbaHfpk$siaq+jfiAWGp5x;JmU3xr4xjW#qt7hdPdr11g@yXj z)A|r={mo?F)|vV6g))@NBlY%hQLo#2X(*x4T;=D;!4x4GT~>dS+wT~#k{EWba%`Wn$txio|CbE?wpc5ap=0u7Xj_FFagzvrLEBKQ=G zBW*({XYhL6xH^s%o)v^5e^^cyHcF>ZEnC1Ot-1$yMF+k&m1X&CM9XYCIi+jlpPMRn z*P~sE@?09bC?@WcVslPpE0&&)Zu#R_JMS)x>ZtK#In_`I!}T{9EM8%E$XMDTam|Ip zOF^#xyr`ZC9;UOoBCiS2Y#-C!^CT5C@v(MmxGF1-j`^QTxcTQ_CA15dyq*VkqiIaU z{a#BSf|PxNoeNw`M?(J|e&sFr%#p&;JaAMQ3U&sxtMLN~V-tlWPnb9NCC6Go9U`||7)%yPNTe#H_F?>E$ z>`skijjRWacd{6woLp;XwFi(KgT3Qr2Kk&@aKpPW4ft*$X z4hWhR{{PiW3RJg^2)SkWn=g~_pmVQi`y$_Q`_m5LeU)P zH;b%GKg>K1&BI9#d!z9&|EmpZ8Sl8n897UuReOs?x&J$Iz&?g@*Go%O3fJgT$`CH^kMBE;S?aW8V~Cf~S>!i^c5f_fRGs?l3p zN{?2?g%1|85=h;*X~c3j4LtCEorAj|PMC4<;9OXga+P!My`p)}G+m{h2phdnKWjgU zP`S)xDiKbsyY3OtF1)PV^t!TD)*=t)C|saccS<^Dx-S(Xy!-~wISpQ;pMCz4mPNMv zX*Qh()5>#Sq9>xZ%KQ{ZB)I+dZfu@6-$HM9?Dr%$rxK?8zevtwN^*ZsMbuYzID$^# zKzMh!vd(C`?EUcD`7p?;b=qx?j)%2}uS-*-c*<`mNCvHvv?wmQe*pZAxM!UdN!-i% zw~UWfCH8+)I$pI-{Q8*eL3S$YlqRp_N)bgQ#jS)=d5cNFP;Dua2NklOdv*AJKG)Xg zFgPe+r*fu1*K&2u1td8z)ujGKFvtoan#9l*QD18E+n2ySQ6R}ESr%Y2Z4kb>Gw%-U zj@8^GTjB8A(seIEj9$Yy`VrcMOQYjzjObS`O@-qw1Vtk%mMA{*VLnq@a_85q0kxTFt5n5iUzg-#*Ro?nSR8w zgqyJlL6rOiZOBMNlICjB2kmDf=kF!+)#@uuhU4`jAH`dWAwKqAYPzs~W=r@>ZMKZbX53qNhDxjWgp(3KmAr4gD;K6#Vq=+Ky5S)m0>%o&9BNY#O)=mLVV1r9qt9y zn>o_CT89DSAzNVz3d3(vU63<+c4?&Uh)7)iH^2vh*n=6YutMWIYNQX;D;W{je8u)zUWka`Nk|pH~0xl7gsV6W875G zap&hACpM3JOC1xGw;4SVgNXl+lSrbANh$>Txk^BpqP-{tcRlu5eyixz$IS&to$#fg zpD&yw+INKO>Sya2k|KAZ4Kl;}w>nayd1W7EbjQEwwGSW)-Wv5hmAuTPU@@oedADy5 za^#8_2g~f+YC$5YiDekbq_-V$*GO=1P%hM1I^|>r{#sek%BnffCF!-x$D&VjTZL2h z3l{lH`lQ}SHui|?Mfg9s94}372Q#eu(fS8sk?8!eWAkfP4u6=@!`*Th0+#Y-yiBn-m*Xx|VJA+I&+nG41ClPL+iG6t%Slx6x^2c)GRi5UB|RVgYh zhDvLn@KvYn-^epeXdqLr4t*O%`yzO&6e7CpeaEU&X52fACz6=tn(sS4vjM@4N*}EJ_;XtKk$jFkZ} zuRi@=Bhyof!WJy;Zu^($t;aeeVb*1L=!`yBs!icSN+po1k4$X&)*pyzn3e1Sqr=vCyEsH2xN~al?^WY zG>XYhdCVsUv=QcKDyX#|0$pE65b?5#UT~ZDOk{) zwN7(;E-iyWDyY)(VDrPR9LVGaAF~^9sw3<~_;3$5y3yv&XHI{p3AIewILXEf0EK}j zU_)u~pDIoaN+B%vxk}b;>x-f8sY8b85?!ZBN*?4&3M&b>%FVt_ri{hTO^4Se-rII? z+iXyInn9JU!ql6|+8id+;#uAEef%a`12*qz9^3ceg_$12X)W;Q6>Kz)8`5#SYfD4) z);_{-Su`3ZREi+S|GYXpZ9IL4CxQOr4c2$m7atDCRF$7(=4zF9nnEJJPqd01oc-Q1 z-9hs^Z_Ygl&aXdUAx2(-Ah%#!J?zpal_1s;VGx^fU6YBiG3ofYNV;~?hQ3bH%nh;d ztjz$P)JM9-0#k?52V{#Z2^NzEst500?C=r4Q(rKWY@GhB@@Z|c zh`>G`f8)|0)BGp@?HgPsBmCRdbgv^fzHC%+>CVv1g5iPSIwM5eBW_Oio{PKVR(d3- z1I5J2_W?WpZN9nwqQ~YuD>pr?PZ;;yw_}Gjz$uc+Zk)Oo#B(cAJfA7{rSrrnzx^#U zkFK$XXufI7xiRc_@>sy&&8K3kK*Y9K4JWysTBx8$vPC{pJ4J-~wXeRJo~ELOzTk8| zeM(%&KkTDTLIeZ##C|qdA`JRhV5t#hwoX-9RA9Ox3hSzJn983CUH4c zkf>y$hQpUn{cQ8A9zpa?J6dd*dkhw5xqj=1vyhqm#(T8JZ*GR3$fVAJBAk$0{t1bD zO8bdO0{zV+A(zR>5gED9eKa$%ek#`I*$>wed1tWcqcr4yd0~E`x8|>SY^R zDJK5hH{V8rN4%yChA;m&dx=b8rd5U}u#8hN`Fr}|Cgg4?>o+ZQcSgKM8u{aMTa|D5 z=9VmB;HAIt7Xe98{{qR1{TV*N&f<0!huM`G-=IlIzn4`24!)awAOZZo-6DmUzgKsp z`HZ3ShqMu_W{SUwoQk3bwMxLO$URh?hSbyhI+z2MieC6@&$|da#x%;nuSi%*7IjBu zWS$gdvhwXc%{ht&Q&(SM)Z}C*V1*yOcePyFWdzpx_HiBj`2Hm2mQvJ$2iRjM)67zD zr6rn9jIcYLv`_6=1uaweb&1^u;b>2m^Q0)b<0wW~B0v71mI)tSLoVu3cpqlJ$!T?X ziW78);47@__n}r9Xw+!#Qgt04qBzJZ#JthaW{LNx09NujQ!OaE>nb=w0?m{;4kX zwE*o{l8|kL%=1k4Zs`ZOhtL}1>)`0yd!N&;?c00F8GjSc6Cb(im$K$5(LJdgw+`Kd z+P9nJ7&g~4bus})Z*-F>-Vo)?*;XkAdX?$jSucI27_VyuYhtHf^@Uo3=jR|MQnvO;#8Lay6JvsNU`CnZ z_++C1u3}RXuW3W^vBk}g1eU(Jl+rCwdxSDf#Ngpg6h=pDGl*G%;kIC zwym0eb`iY~SDHV9$lXU^LU4!2+~~xO$W|GiS>J9c`2JK!TF*Q8ZW|P7`UylR!1mN9 zW&0Xp4!bF009K>VVYqd}ov%y!5vdZG^s`Cu*58}nKw55ZiSfLzG@Zhjn10zw%s6Lb z9SS*4uA+zEe0cmFMHTBPS$n+EV*3Ky4CZC*yV09Kan|a7^IdA{I2K9D635Ib5tlMR zkrH>^XNK`5uXRFULMe)FzPwuNG*9C3PKh5^ZO4w3Q(KsJqSNM@LCopUd;6me!jR=E z$;0jM6pqF%WAAk5+XA5ax#jkbnoUqbx_fLhyoOr;sw7@5n*rCxrOPJ4p-6I1*3S`X zF}eX~vamp>jR-5`?AoV~Hm3X-BvmoYcKl2$==n-;mI;kj z0=JBkNboWNO^ePuZh@bJ1||B9OgneHIPX7askf5dz8Put7lo7B`*Yz}4INNb7AYPG zx{3gA-#tv<EBeSZy+4SBk|3=V*{Jsjn`yoP7PuD=0#+Me@$s{_=pZ z_RVlCBXzUK)#Pa@UtaEjgTjSD=X#_V+dzEj1f(MnJ^FCI#!a3n$4j=%aTn)iV?AMO?=){q1@J($xats~wzDcOTd_Pn-j&X7)?CnA z?@w9(x>exW$nbfL_V)4^X!Coy*xz=O0uTzqw>#PH2HQ%cn;U&Ulz`>^nBpIx<6y2H zB*80MFX@!inPwd}qAFzlTeCjDXy4y7IG4a1W%t z#x&CIfcsnP#}4ds1}n3O2W)CzA)X~(S?p$pHM}$!4gsY%I6B*@Vz$z(zjoPsJ)RbL z{%-5atJe8FJ7pQQ%AyvU+*BJJy=6d@c18H0Z8GOPis`me!T3vi2^-HGM_D@&tv_&e}I() z8it2g2p)}eMLi;h;$pLv9<|mGeSn`K;TG)q{(axe-Rx4RFvKmC`jr$RbBd2H`+%JM*%_1MwsIGB%l=~myhC&v)>ZhUIT zwFHw~kjCrwV$ArbMehC>vGH`(qs@8?mrom&T=JXz9!|7v+nq9OmAns>i?8o4jyBai z3pH#N!jsweYcO|~l`oH%x2wpBwJS_UjS>4L%7|NG5ghl-s$1H-AVV`$|9(+StftQcUtoF*Qi!YPQ^-p*Gt*@VWMWVAQ#=a7uk?(!27_{_03?-=CSw3yE(vc*&>3Gz=Yn49lJc0GP|TKh+<2$a z$l-V`;m|9wfB^*WOKl@&_HfqmTCGIJl8E(j@s#@^(2PVY^HmEnCa{ZNBh&!=1O zu6}up>Q$o@e_+>ktWx=O0j}=x7=i=aKXjYP&d}G&X74i?08%c_9~rm5M6Yo(O-W>9 zwIe8^%C=?pgHG#Wd--CsjKOS`MW`_`bG8h6+;%#1;rd8A_{jQ-A+@9y@(FB=xb$ID z!(RbICB~>jX5eVigY*tMUBW2h;b>=7Yc;9ANH38A9jO6dE@np6oDmC-oXb5C@$mCT z61VTK7=J~W#w2=d6 zH^-eL7|?k<>-s&KI24g+JbyLNj*(3=ueA%?Rg;US+gKcKF{tV5*FPFw*mW?8cF_pj zy8G0Ra&zdl?LrC*s`^329y@9}U!8A~_FW}c(?Mpj5`q@beHSTEGj2A(ph$le^@?z8 z=L(&8`9Y#3efR!g$x2?iPp=?q$ZuJX+Q6Lo>UhZ^_FJ40aeOcJQ@F*9=;O4vc4oxx z(cdUL_=g6apy}Vb9SLQSAivh*Skp!NM8)Qd$)#&#T-nG-I)$;=KF3>C4~&7a5?m4( z#o6f_#$SJ%-o|hl>!g_tEBo{pc#mJWo7}Iv;+)3Xi2zK?+k%!8-|7CAr$?cr(sZAr z<IXPDC+|?~Fg0 z|5{R>%2(BVP$Db!Hh99u#r$R+u@2AS!vo?Ba`7x1wQ-~o;8QDrdiuIQqIx-3D!kTP zpHa@2POSjV&QRd zKx;Y>?{IKDo1H=;>N!)cSKw%|J73#se0Qk9x^cES5MkZ4-z{VdKj^aZAhcDAeIi71 z{vy$qug$528my{S3e*_;5*dH=w;Hrud#1@TC2H!`nTM?C;Y$?8|6Sbr&=Z-#P=CHL zdM6V`KnHnp6k|8jM+|9Eb0EF`Ym2V9WW`k4a+@5XQ?k`ArsA;nkuVFK#Bn{x#YYIN zItqQM^}i>x>MJ&PuycRS2L+kGOeZ7Yy0UfN8cuzuQN2&&F`OD7Secdqo7eDuJEu{= zacbX;Snv3jq0)atiSNgY`k_OQp`J{+*m?NIDPLl4*#%Qk-@Y-_G~scqaOrfMDS?! z8l4i(Hko%GO85k&l95jhQ7hdq57@AjW&)m5w4A45!0 zCyo)8g|A=yP3B1`w6req`_MUbncd2gvi2f}o3OV*yFyO%I?SVaOMMdVs{0=FJ%V)3!*k@@3SXo<)>nLjD`{%D_WFP_)ak?Rz12^v zzBgo0o(EFogKpbMLazgkD}*rW#YQJ592Q7r%dgH>TV`wyUtsd<`D)z8IUAB$WE!5q zA*YNn6C(fD%{LF#t4p|ScJt~oWn)pj5cc3XWaVV-x$bE#ZiO<+cuVcChh;v8fb`64 zFp<_`{P*}eQFpDlL=Am<6dnij{QRXi}?38H@8Tf?3j z5I6cR(Ugdg-CI~LjxkMFz~STL!}0INSL#6Fu5xh#X%SD`t72R^W-|023nhDRUs_opq@W$5xd&y`zi zP-ys>qpxPX#5A=kR3Fp;Cge_{2;G1saU>g#!-=}EPUwQ*m}R(@6&6UkYo_bFMDoNE>e zj_oeT0pVdq3a8{Z?n=MHxCW!>6m=f3nLA^8lu4$qCY%6i5$iK&l(-cw7O50BHtk>q zx6N0N(=k(Kcye*-x|X~2H*Vj7(O&hqlH2$Bs#A}Pgs7TymiU&CA-_o#*Tgr>T5LlT zc!#;El}HZgK^<}opRK-#%-4Ed0`)R5e{khtl1PePbdVhVgQYc6dx;3@8b^DNcx%WS zX)xqzF%Gt`2B>r3eeZVrtMm*%-QD*Arw572Gel^f>H{Wn=NW;Fq-&oq-_W58T9 zu3pYKo?WAm&U!vj%fRw-Dn-daOb0<;GLRvZlNW!1N@Ze-Npo)F_V- zJ!%S~G(It@YbgC7*I|drBSbO9l~l+`4_AZNCFFV%i~I+B^a zk((j1Z2MlP@_lh<7w9b2*=Gxp{8i}yLr_C|J`& zQzjCj?7mJk8qA=4G`l;;=~P?tS4@6VQcCQ7x@h&U;b?89H(uHm zuf4_&V&a-}dt1WiK_^#^QmJ$#NOL}i<}zo?%fwqst*+B-$!j_)WW2F6^z=E>0}pu# z0sA0I4Q=6vH$zZPP+#f&%gB%sx#|$lHriRU0<>FLq%(`Z*!q8)S296#@d2Xb*pGVI z&;-t&2(n3u^x}RV%1+i*uM@uy#$Ek!zQ5@cBJ+sbGO7?z@ME#5C3JC{#<2^QR4J3J zA3G-JK$r+d)<~R|goT;Ifr@6}QC*@4mB_N3E}{OLTsx9OXJkLdvXo33OZ%@>#SPCpEWmaj<3s& zBQ_q9V!?M(xo0mDke=oO(a9OpJDqYqZs`WrW+dAmbW{685FegS$7Sk~Zn^3vB;I>& zC2^gpJ>JWQ!Tg<{P!xQ(HcRBl@r^WGyXmM0QEUyQ?u^&!c^8_)ZLjz2cR21s$bT#k zE$;nnlib+N4ebMHY39bUZ;|(y^R=xWr z{zwnJd8sEvO zI4Dfr*V8E0pq=gbu&*no{2fc+*e@;hiNg&1%hQ(@A5a({jVLL}qHWZZ+*WD2?b0eV z241sSATwpdqb85Kxs~}CJ(03;+V+yqt!~Ut82PoR*?-;P@=f+XXJ$z|OQRdZ3j~MZ z!s#Yk-mVm8N#!N^m9bf7W1hI#TE=i`x8yCi~x1pXy|tSQMzOQWd*7tQ{= z0ICFQ-#?~6O&RsBw@*T1I8VdT3IK> zqpk;duD+aiDo&_=RlW$prQcs{@y97K6;FIY%MYik)~;^)bG5iOSuU-i)Eu`}uhBpG ztctm(fXSsAek)SEPuGA!NVvVId+#NIztWdRq^r<$-~T-pg+^n=dcrReAc-*h;<+)| z5I$X2)j#%K$fg!AeN&h~)ZvY@Sn$KHhY@Lt@8s*z>qOTQ9!J zY;4+eS$rAI(pfRJawweSxQb_%bdI=uf!b6TDdmO7tRAD3)?l9L+&rz1yt99kV<}v^ zzwN4Dxiv6WF*#qAXsX1OK!XL^&ze6S2^<54gE6#~`0rO=5c#u0YM3;en*Z7~4@Ofr z+QXLAL&{JEyHdgj5=t3RL-YUU%pg~maoa8}$UDv})Svv_l-+NDi=LXX!$tVS1wEl1 zOy>4Te#Me#@HyoD>wqap2(Hn9#4>)Pv4sZJ_PveflGJOamfW}bC{w?cy>u}e|v^!YKA7;z97sQv6#Vj7gaGx z_zf#|f5ZIjr0RxTR?-BQimAnet6{^%XWLV({e=j+5#*|fvfbvI8#Dh3X}dpibr(z3 zX?HlW{x;9Ym;R>nv8VBQXrr4%q4J37djR+r`#$Wo**kx8rdP_n$+?06v!kr7p|hF1 zPld$)&1l z1gs}Le>`JdTE{r8`vPOLhyN4B$t)U+> zp{`MM;Beb`hvaC50{++N()Y0}AH!|widz-Jm$fk|$QCdo2!-^I1DU1jq%K~i zvuV7)Q6SH9nGau1KfC$PXFP?nnS<>MQGUKY=TSJlbN4fiV?b-rH?A#HQlcB8Y?^fK z^XQhhh@5QA@=%W%pqa>HxI)3G-{kN9^G;PemBg%g$@&2(xbX3%B?he}3)n5YHOmmG zLqVtCKu=ryi&xYa=_solsvU>~9xm?xJX{7w_~sD=oLcFnC#i^`%Sn?41^d^ZIMoYc z_h{!-tpAQgiMgG{Rv_Jkk_bC$C8dfneI82xVcU8$cyP%u$c1cZU8q~n)xY8Syw6}o z?wf)X^y_9xEyN|NBS`Y^>>W6g2t{-gLhPej6#htRC|phxXG%jm8^8I+UvJXUPmRB!bT#(x{Z+*>nOk_@cWc@(AShn zE3X2z%Q7}W^RCwZz`gXzarR*yzo(}3l9zB=oq|U4`tIKJ#;oQl^6q_G?j=byb1r-0 zUnD(y;gAnaEdPCjoUc4ZL$Dbjh|_@ya=PadTsYG=NSL|Cy#Jg}?YL>b&}9jU<8pP6 zv7KqK!XpUdbn*=ESWwCk@Ux=+rtk?BB=TE)m*lUu@3Pl!ynN9kT4Z?SH8^7z!9RV2 zasEh-3|0#aCuX0}ySee#+NlO5T99$+85K_JVIH&u7k?Tnc1W@Yc<@OHKPKY2YkX?r zD3pzs;IbL)9igr$3XtJ9{eDW*-~MY8j>C5wA))<9eT`76@qzm0`FX#59>h-;1_o6l(7?ww7pkhK;gL z$erU>y#@Qu^>CeI&l9lXo-LUwhPxKcI_PUjd?0qaBdOhD#hAQ{Z#j|2SiEFYyzYfu z$$=b6j+5?t^A--_&3h}vy$1X4!PyuA2eTX9kP7_UvQ8jGP-nHZfK35(xyyMM3tXD* zdKyj+F!PJ{G%%T;uh5L}bvOQe$AI&eErW_*RcfK7+J60lS-YfdFOaRNon^YhD_n6ax!nnetTt=(Q1{Lu z9HM>0-J(5ySGfc(8F4%9vYZQNSO`HR8p}~+KHp-WnDwj|E7pIYwOGt4R)X?*ztpLf z6Z06-1@{|eE4zdNKy#eM_~$(vFc+# zBCIRn2K2j~sMmnZ_nHx|#8AvHWqp%MZEaPJ%jGPz_J{v|07v*ML!N$S=a$puK2LWI0B~iFyBGRpe!aykArM zDNV1qHpzcoBqRkUII86Gq37#gRySWb#JPU9h1&{Up@c(xhIP;+58CbC`Bnq+*;?BS zMv4A}(w{8lE-qHJmXi`Cx-ADYM_`GfR-*FGmR!JIOIzc3J&|3!nS;U?b4l?_+A#6|A`T9A!Pc=snEgy6i6t}+DsL#<>PCI!FOAs8`kWM-gl*Oi=mFn;ql+Y%y z8^ojuIrs7{ds;7&?(Y9PNH1PoWlMmNF=dyl5kAIdA-jZuco3ORua0Y{>XMW;L$iDM zNWxGF>~;?0Qh~(h9SZ0MIqabHh8#VJ*ncWEDPLr=bB0@xcfR=&>Nsovf@9N28weS* z$KGixRV{Hcd5;8w$c3$Ny$=#`*xX;|z!&}-75%kW;9O$9jMf0a_RWRr z)hY2d;U}&z&eiI~0P^VLVsC?tQf=y&?(uKin`uJwZU zRqMoIuZl2no!4t~JzLi1Yt+{&EGOaPO9Y$8+t$H7s3Gn~c&Ke)N>hkM#b=9`A@@@2 z4kM#Y;eA*wx4aNhwsCn7PzJ5A_Aqg$2A19|LKW`z%a)^QCWpVwnt{Q<1~=EWYbP7h zW<+#TSlSZn=CD0Oi@V=p0)+4uZ|+%M-)PV{zNN&Pg~Rj-(C&-L-!Ax#N@G12wf(FP zr%1K-+j>%_!Zya)9Mp-&4@l=sr%%i_!s*@(!CZ%;qu9s5U+@Lh25r3HGdfZ>FSAPs zNcB7X>Ool(yFC%<8K?xNOi5%d$qWI|*vcm`WqS8S+Qr`VlM*4lr9>2J?R;bvFZ;w0(;!daXJ%m{j8Eb_y(Ypg3LKJk<3+r zJZAzjt{9z&SUR97kgX-dmWqYA8q8#FWVA=Q+km7pRbj|8;2+nV(+ie;Ns2vOPE%+x zjV90Qy;r~A7eBI*iS4UJQX9b+eGv|MmdEnnsA{TUaYyXGD~p3bGl*kg%vhHN)E4R> zOwuupabO!|1k3#|2SUY7Eod4JZ6ywCU~(PYG}d2_P4)wO`ABzLwQwQ@Uf5L(0FCCMkn3Ke zr5}dBsKH7b_=-VDn?kryD?di*Mf0Cpc{Qi|PP?1+t7Xy~aD_*KE>#5nU?0^VT#T(q za$(n>^O~jJFCO&C@66t7N`LgeCM*1i|F0!5eb%G~F5zKF)uJ4%K*^)%lrSH=4j;)@ zg9a~WcCrXL^S8dSm;c3U_zg8Pgez3@m#k5<%@w<_FMI53&?~g~V{H+DPalOr6CVqk z^5S4rvA%@gs-l6Fl1As|i0KgDrZ1-JY?q!K?DVm7yk-I|orVsy%@T}}2WU9f6W>^< zu;%%e^%H?RKp07vcYk#eiKxv}ys<+k=;i#`p)v*J&^qJ+4!0D5m#bdZM_Vdct>5lf z06s5xlvT3D#`+`YISd+B-B*`~(+0}+p0Lf=6(1PCQmSx2=WFG)o|oI~r$jOBY+TyG z+8*}524w5sUskF9Sw9GQ#`GBiDtu`XE%J3cC)G;UC`_JlYjTp%&9qG{tbjg5IL?n3 z(#4%#6xo)h$+@XwwcOG?SB-b3{h}x{Topf-V&>bj>9v6~dflpWvaq(nytA2bcmTfc zXOUR*m5F@Sl6Sod?2{jk3?%514(9g$r$ABfeSL-^!C*^C@bGFg#aGR*Y^ob&SL zW240x?Up1hB;rV=9H^#$zGD?3yQwT0>wb-*QO$WTOIF6g++?g;cKgXuX!=oio#@)< z>7H=8X!k+8$CU$mNy6$H@Y5;rY(63g6)H}2;d0?2)V95E`zChU0P{wX(`oP3&2A5D z>cE{;V(9q`M1i%#Zrh%rXPW=8EggZ86ZOK{Kjn+*W{sM$u9V?{w6z9|2JGNIL;Q>8 zp|quPJh!&PT_FF(VjWcc@uDJIC~C_%f2D7PfAkuQX`QJ3`n%oK5S-a?dVhufY{hM= z^Wm7bQid~ms8KmvfV=B_^}yqm!8lMR78^=;Jh(bj_NSi=MRcFfw|L!Jxa7`YYZz%z zv?iqz{Xqw6>rb3ut8YQ-iPaY4_^>f(*t+Y9J#!q+->tqM5CH3wOo|#_odE&7ebb$? zj}g|w^EDRZW95s#q3k#3!ylq0#(v3xTbq#gx^(nqh%}Axr8LP)^nN2W$U3h4c?*M7 zXa4}9)4zLTxh^g;gaE|MqM8$^Wi0iJ9sDRAu;-|e^Z6r*pEQ!)h}|-5NFs&>lui`? zPM@9=+DmLTEN6jSmKY0BY5G2(kwsgZ&Sw5o0}xdc)qykM&}@X{Z_-20M)pV4&HLyd zF`_c~`3rk^j3=IQl@NAniA31cFS3~Jq^K)MnK;ksq>a5yy~!I&y@bWPk-&-;nKXjoe(6K z(qxV!?yY>O%-`>Ja7r^~)@CS|!kQh?=y4tqR$91(uvot@iyO^MqD&RTHt^qC+X_yw zQdW{w2oCZR)L5wvG6QDT^z~|P3b2Q3lYQ9~D1Na?#4)|tYG6<+!2gSzj92&EkeG~3 zUhF*VY$N*Zu`_6b9CV!BPDP&p%L(H&Ded2sk;Mg!Fg-!v7+yLIlr((Rt+y|%kH)U) zG1~*zg=I_#l`|?G*ABMy>PqKAS-2wSGaA6nV8356`)l*3+8Imp`>QqIUQENWKvM-a z{?}7Bm@_`c)~pIQAnjUYnwj`dSD^LhP`m;|n-+pb88FBc(dSW`)Ol@3+!rroXa`8; zG`;l;WMHQ5+Gr0zwOmOlTCh$X{gF%HSlm{H*{`YP?^}WAo3KA!3MH>)$X02_!c-H%wT;>vUoW* zn8s%iYW+oWf4*nd7kkWU=Q;u~ebv1fTQuSeku7W~qpBEk8*uij9+mT6?32$w&9Q9{ zrN_PRFV+uP>lgfyEd02&Us`SY>X%FNDCJNFvYpoZZ=10%F^>j{lDO3kt`*W6ePAYB z{Tyuz{B1(QN8=nJn9Lf9y6rc*HC7=9OVtqNyaX0)mA#g;0svdm^ujX`*F02A45-nq z`=X!LVZsFv4qoVM4FiDQk?hG%A5O$GwN38(R;#sKr<$|JbU~qg`O81cfsR+c4h+F! zIWv3c>^Dw-vA1oUjZo(^K#JD*VQg#Z5}$WxZMrr-`2g7OVMHR*kdNQ+s=##zf-I+B zJI?W#QKY!a+JP6`pbz956wgT%e59Dc#*L8Aydwxb&U(H^aIY4EEG_n~K8HjZH1JM) z@|9+Pop4W#pnRfqr<8%4iXU$P8MD$$O#!M>HlPqW{0 zu}~4he176rwhQqh6tYX#Ivfu3*fe82{HHGJ4M$Vw9+j3wz`MkA=O`xtZ|=@{c&Uu# zbUroK9MwvT(F4;9yWW>}bPs7E8>Mx;4Jvvy{~sG z`hC6gH7fzJT}I&7V&HMq=`^*j5!+@2qvb?UsUO9wp3^@%v%WXyBvZWDnyqd7Iv)b= zx;Nx-5e&BK0>^%5M2mXe?e0`V#YVP=c+d&jiz@38SM>4LhheQxQwH>HIC?QOA?i28 z)#}4w^Z%i=wKYk1zSkPmPcQ@ir+#i8fBf^wC^G$FqH;uECVs6eBR*eMg0+85p)Z5) zp6Tw2GzyJyd|-gbU~H;nA}Y^clhS~@0sLDtiK87rx{kU-u2Ieq%|_4%;|f^$q83I9 zq3qouUp^Er6!Sor=K2caLCrh^4wH{&!^s8ne%A1HCc@4Kb&p6WS5&x1fTp=GE<{EB z&n3V$Hz+t^>$`CCCUD=!AoLYU+bc6uZ?2#!Jq{_dn^J@17k?aB{KJsS4Aoa|MqZy` zQw|o4?WyO_G)3g=BX=nEfkofO+^j+jr!p_&$9*@qH%r-j?CI3u>_$`nuf4O5ih|qs zJ~7}RAf<%T-Q7|m-3>!Gk`f}IbO=aEr!*p+Lx(hy0@5L!f^>uL=G^n#^E~&y=d5$z z|K7E(YyNNzAkOUBd;jA5`+VcoH&F147E^E>a7>8Md!C4z^b$KJDVY1U{TPZQ|=PReQ_RI zip0mxO&Su!60Akq!8)uRy#Cf?r){P>mw<3-y=KkXt{fy6b@$;SDn7*`mEObh3zk3eWs9OHYklbXge2vEBxtBv_jBz4A8 zJj)x9c9=>LdoXttfiFPVmlSOO`OX$lLc&H3CwjVIvVddJrq-M3cT=$qZNm-76q_@5 za`=fv`(5;A70=!o_X^<89Sy;Z6eFNAjmI98e{eq8e&l+Dh4YkLl(`v$NJs~rsoWlu z-TJO;)N{gNdd_~c(vi|#tXING@nDh?!i!BuzIYFt_R7R#fK@D)!*YP%UJ>PrVxb`` z(0VH_R7o9m?r9_mSD%*HItcN=&UOsYxi_)o*!=bq$10Ld2UMO`0KA6G9Vl`p+IiJ$ zUF+Qs#Cd3`)kJGjAd(>c(+NPua?+Q^PP=nA;j|jc?jb#HeI#cWV2ebd0=8D5mEC`>>;-76bYObz0Z+L{dl%pg6=&kZbVHwB>^^- zD~M>;`yFJo9!|n5BHT9Lp+utI*+Vvb-i--Fy}bGx540xP_cCa|a678;)MG~Db`M2U zy<_U9D;W=Tw*()>)vhTX-3Wtjd)97Pco7gJkM{U;Z&In}D>fmgTAGD8@?4w zoIqS+k#xeey)dm;FFTjtX%YSCE^dSEM(&(|aup_MWN+-{DMjS|+&LZYqjMt}O(?kZ z6zOnE0kIm&nZG^3gAr3YX~~2~I?0!I%bXteVz$!7;LKqwYWa>|DK}BN*=uIt@mZgs zMby0pH(el#N@nHm*K@A*v$A|TbFGtEE@g*$3iI&ubtk-9)&!WsFNhX%n;Egbw??rg)c<}fLgT$FFGb0RCfaOFd zKnGDqD@Q2bwtux0#FvI+mx9 z`}FsV9~7Vg2l@4Ww6(D*y)QgtGNHkXr6W+054WK6G{Z<781j0Oa`c=^7p;tar^{x% zdX2Tt@k#Er%GLe0?feO6@>dn;*kx@&I$iJMiN$%Lq$2u_T8pm_;BQU>Xa~e^&YdRn z%K_JgjJKi|ds0Ncxq4hEzO9@C zfw=k6x}xqTW@0m_Yh|(ecyqyKJ6-RhmA_?s;C5!_AQkb{ct9#x+&%xi@)@k{@YocM ztdiR^r=@{_TZOGyd|<4jaD1sldUb4AM0?mK<7*FD$tmLilHzJf(Hz>u+ucVr6N)R4 z^Y);yN_AMvM-H>d*Va4L>h@sLRJ;W^Skh+{%718z~qtVC^j=BK{a~B7O-< z*edRo)eLzyJ8uq;<=2RZOR;{5eu!c>JCjY&-`mEAZKPoIunATybmI7+ z!7o*NcsJuVM~{gCt$c!l9+k3!)o}uD9Ny+}Z#jhEQTg0<#U9M2u=Ub!sV|XTj z4OI?zv`C!n%=%c)8z6$<_OW~dwJKGW8@C(kDCD3i-zhJfNh6qq`iG7C>)P0Sm(Z<(|tgqL_%w-{D;-Y5?D~MYwZ;gLT zuJa(g_^l-Qu7s}3!ZK506~Xu~3}}_-4eK+J@Pj&ncV|LG74+Q&pl6V?>4@^OHMw1r zoeQk2JI!6awk!f|We9?{ymO@jMpfWRJKYiGH{Cri*>zZlK2S7MYnbgs=Sb5OTX;Nu zIA_agIY7=Z&P6sy)UKwb5tMX@L8|GQZQERt_2Y3(Xe^y(=|xOG+$9l`{rNNWPQqhd zX%TlGirY&>W9M&Cw2vyBZZ69v8zai9tz`6J*5?QGWwgVE$qAF@r|LuZl!wk&Gnn;- zbLvzE>-e?!=Tg<=G17GFb!?}5PJM4qaeR2Me>?ZOZtKL-jlX= zjotpTNkB6M`b(w>0^CLX{hcOT{mbzm*_m|q&`WkhY}uT$8yAsF)5uNR2jE>QoOEY#+$#g{(`+Mg9=`ybGAnkjyOUo!&17_RgFET*QJJ@eAK2H(EH&- ziDt-eGl|omV1^6Ff`KP*uE9%QDMN&&(QP*lxNf^MP3(w_Y3t*)G4fs#3prkc zas1LolGzFG7W-MPR$+%sUrviY8)XvhQp4zvPj8*$zCOa;mqZ{ntla1=*nIezRG(ait383iI4UV`6v}b%l+5y&GQsHmvvDim5ei z-m5z0vK3!YF5#{t9fz2vzCis|B_GdNQc=AZl`XE>qw^<20 zdhk@P)AN%vsm+l>xL6R(#3^`FBP%#!>Jqo7V@d86f#;WHjJaPFQ}qJXq}t@xig%Y; z-(4@Ft2p-((Q$BlyzitJaW|dK3V8EUo?Xo6}-IlTIt5T6X59I@98gu3PA5ZQ;U3v_l2&d9x>r{!>#tGoN=dLn)N4# z8}#7JcH>>+mjVkSA?+6b+0ceki0;wG-~mILbN?m{(uwQlH&__|2fM*-O;DGojS?XD zwOLrUXOVJJgq$7Anm4Eeh|PosAq%gOopN`(XN5gElj>hXSJ zu?ednK&r48^5aK~Ed+)-3Ba&Pcj%)qm28X%YgbsJiVw}ny>J)H;qpgx9&M{m+S8T8 zvh&)8EkX#!Jcrdb{GuPr zc*GTrflk|cTiF&(V|eWzBk20rZ%tpJd<7Yk_;**>P=XSWV40_LdiY-=998EKD>EsJ z8Ylp)YN4BY(po6)iUC?2a{=U0VVOvsj}e%m(-ZJq{UCJNn}dWd_$a-M`e3DJayfUm zk5MBNk(Bx!21!AX;zFQ2py!ms2Q+K-{+Q%oV8)${V_a68U=^` zz>Z$d`)ZfqVzUEFA;C9czTqS$9MCw=*sj^KwY_?!GEe)=g3zagik~~>+8COpD_7%KdMM$Xr~f^i zeB$0sKZFC=6{-VMHJ4MTxIL%jEYYBDAH!`u)_Y0j{UKweJk+77`c5~q-Budz9ST9$ zOyFn*jqjUSZii}zyyN;7B^njG1SD}Sb{K(1Xnr&jXDl|jEQ zBqdO`q*YAh?P)PDpU?i{vkT98EAQr}h~*CB6L6P{Kvfo(kX4v}kW8kxne}g(w??p7 zalR&zwtK9+Xj<^wx6OHHf+d;VyV_89SPQ<*b8OC8?CE(r-7{feqN^ND8T9Jch_uf` zC#}$=#mGT`0%~X1f%?W>>EYIX&;dCkazV6OuSt)w&EGH!L*L%e-&jWIpq z`GH9r?+jPRcLu!T#%tZ+{R)>vQs>hFqGTbDCL<4pY$OzP*(ysGI6LmdiGG)Me33@{ z_PA}|*H}99?qdceuc^2td!WNehfrbr!e1QJ)Z~53fgvD}v)=JmznsmM$?YFTS1ooO zyQudxG9`WmU7CSUySV<}5c>*A0vVy{-O$;A@bEE+vA_d|XRSBuOf0Wz+I=VEO6T9a z7+D51hq$oe*@=1Y609d8x{h8CNWZg@6J%}DA>YFs|J5LJb!^7sT%!f0a0UjJYeqD> z#7|%6N{=M+M7ho%b18cTovAailuAEBd~cck-gB-X5!ep67^n#!#SbLUy7;sI3=Pd@ zCZ+}V9{+S(FK(*gG9*A+pM}b>$vtf|qKGb|2NZ|IK=5LZwwQ;bP{IX#IXYQ^QDbN6 z5z*$zK9P`$=?InZmHjb4mR%5+-xPN`@T!qB^l6U1z8;I3X^uIHelJv7+=BI(dq68` zHDw}W_tQ)G2l1f${d9dn?lpGGF97gdl%)1x#5ZQW1A@V6|4`nr~V7 z4yANY_>FD9c#?iTd;f=}(I&)9#K`mF3DOD!p3~)J(`iLPOEa z@RUDM40%G~j6waq^ydBR02?|9jY_^;$ruXYL{~^wf4sJ}F3?J)vo=py;l@ zgQn2KA8&hkVPHW7^?I`~pC8n5T!5F1Is;1aNoDFqIq)CX2oTaPaD}wHu#jIU$!mY!i41q)#bA z02od!6o`)IC>%3ZS&~9c%mnWFmoL-Ez2`I03dPM^1#UTsEPA~4up@DUJ5s=UpRSS) zgyvR(Iww-=W$pOhassOXH3$tQ;vPsPp-d_Q+<@kUTbPZlFm|ZN{qD6Vb1Iqzmy|)U zbTN*FP_dM1>pYdVcISgp$*6=SLD#)cSDeh2^`{m_H`SgO8+ls04JNqeueN5MFSgj9 z7H>Ig)ZUKBe7Z z{xJ%niY7OE*B36NJJk(g&qYsYc@K1;Zk+;1j&!<8^~au>5)G}l4I`)Lwk`U4>Dr~z zCVsdH^d*Q|CFyTVoA3!|V6M+apZkDlw^$*Ce<)>qL-3OC@`BIEhv7%TRg}S(Uw*vy zPkYzo6RXFW8@bb$!SaoRH#@mElel(gkq5taxV2SU8NkkS{nJ=^n>*1s zALC2^ZO4I4_s8QIsM$$>i|+o6bb&#dqm-Ca@w4{9L;X-G$nvN=5`pzgCX-PPn!2RC zK!Vb?5Kd!Ro6Zml(vl%sH6%8jV?TP+?eC#87AZLT?s%5<6B`Zo%${PK$M6)#2h`_J zqcN5UAjYMv--_?7!3>#7^lD>W`baKwWl!9`RL{wMAr(%TV}R9eI)xc#@pKIEjd!(a_L>S% zq8FHv06$25h6&vWAPY1~WhY-`y=SWkwMI^)UJUcCAmw|xU?=cu-&fsv3=7A4GUGmD zZPrVM+AKhvj?U|=B#{`mj*o8&lOy)LJZ6YGGm4wc^s5ws6;{^-2JQS{CG2;Z;xiT_ zt1p90-=dBUd!9U6P`;t*dxdkiN+FqjoFx$V2$;3wJRWeK6p9XAJg+;(rSn&+Z2{_Y6XCA71r&Tf| z(?XYVxV8OF=l!MA&DmiW!OklVDaSiG#(f%MzbSMrIa(%;hs@e2xYx-t@4{T_K0G%7 zOo!Ma?J~ha(BuMlUCu0$wsV!GQY@J07935EA03X1esf~zrgQd~&zmy{hWa3JiE`h$ zL{KeDTyna>HLR)DCQlF6a>+19*q%M_hkT{!GfWGnS)AhhY`r^%Mf55mFU{E63v`hX)nADx2BDjc0O%s@?9fCu}{E$%cKostLaY$ni zAJh~Ba>+*?1>OC+#ymEw?DYVfk^d&0$>`al;6wZaTv~-p{lrghKU-ZkYJSdDJlC@i z4AY-fsWi9tvt4Yxond9tW_Fz~sb$hEWn^pCP%q25wVf3IWH-hY~^J>c~N^cPQ$*5Je(D$Tc&dWrOsywh23%#E+jly(x1ps(D|W$9~Q7 z5}1f%xC)b@;ZkdW@szdRr4Ij4lg53JJC9~Px2k`$_Ff^4U#rnWT#%{`8pe)}*TfP} z&kO+KhgG-{#aBP^8Vj4dFSw%hD@-j4vY2nKfrg#axf4785NuYo6=_>O)pGYr`<)D+ zalD^jJ+(QP*J%DVMiZYkiRtR>7vBAQqHQ9_I!hwJgx)?-`e07nWf&VEXAokmK}YK*M3I-KE18@Yp>yB7ig8p^}d(A6Eq=sQ4Oc`Q3-|h zXzr-b7i{5)2tpAFko!xRBs{{N>`*{hUT_n19UrCw`Q`@@jyJ}maByD&bGAgddq2;! z65T!$lb{XPV{o|x?@Tjiy?HmF_{%G?q7V(#E?O|yvlM31Ec`BKPE0A6#^;uhx?^&D z^m_Nlh!%@#Ti}6NwY=mculo$|%|I%9*qOTWF(Dc3E|O**b*d#bG;=zeyXU<6&=N(Q zDa4v#;69}SzT`g+-Tyd!MWE(Gmx0uB$4PT7Uh>L@7cxWh6(M5R5HxDpm|W*y3kCu% z+Y-!zl~X?SKWi&~6Zce8g)^Sl`-m5Ln8Lu(BHPexy!-#^Ou~7x;4A7TcY#$7i)=X8;S7K2XNj4&9 z^vHw&jP=l+rED_wn=K#~jn4uH^a~t*3H>`Iel8ztwlRan+?1;BIk3n;#?o$=A%FfZ zd^F3<>g0+y8Xwu=M-7hxO;#GW^=PlA1;xhCWG*F(I2LU~+?l_Peqs|kIV2#iz0?*Ol*H6P6TCPrQFV<7b z23UJ=@t>H~AAq2GhH?&(2K)BxhYx&Q{#gBZ?f1f+Uyfdr>8gAzNmpv~@=^>LA#X6k!b#5J5fRTc`ZnVGa;Ie}DLuW6MNy#^)-< zDm7v@xbA%V%r|Vp@Xo{ZG2+RI`)F>Iyb#Zb_u8T4#Z!b@Vvb!EGqbm#3bO)>XzO_> z-HoU7^TkLdTtu~eZ97}Oa#z9-%xw*s>s{;vG43M{!YZe^yB@d=l82U*~2Ot z$5)?UpC7>ExfR}j)71(Wj&1jT;xcSdZ0$k(Sh>=2kk&r_3z8O}F$ZdbS^Hyh&&`FL z+Dc1T3#Q}*Dt~RgEeSw0OF?3ZQZi3A zwzhh$ALVGHH<~JVu#}x;P~z|zO`m^imskM6!dSf8o>Ode)ypi7XcL#aI2@KQnQ`qJ zw;=>xSGZPhu`|)WlJdeE2@OtrPywZB? zmmpgZ3~|L072R*f)i8P^y(lv%0Ndgj3!oFm2nOnL!b}t@^dMMUW-ljrr~mRGcSLfGN;p0+ zk6|~V3@(cQB5xA8selk`Uq0%*vyR!o7CuDB=v!0q0~H}mHb9P?HJlEh1XZ$&hhi8t z8DV7*m=Plw;YXee%2P}o`eoXrh}uyp-LGYT46LMLBrDy1Ikfhl#Ia}7#wgYUpSGAh zd3?EHLobx<+GMUzHca}T03L@3SN~ET0blHg&4gO|8^%_Aq4x35HMiR@5qYkV_NXGEWLiQAYILs^kynKO3V=4E^Tb)eMQ-#&2!93AmhRGHt;Jh9air3wDakODK z=Kek$3M2@eYwbKMkt9AKpGSt%h(O`wV$U<#<;@mb*|9&Xt)UcXHNSfee<~lE)&z4s zs&zkx_mI9-INh7h=?W~pAfF-T^^C(OZa19>xQ9h7YmA8}z6t1U?hkpii%w%S3NEuf zkC*Np&c1BrKfJ6m-FpjK(#g&qq9+^7>=A5W51dnW-Yn64v1M+8tVrF`69C3(ytb%D z$3WiYIJWd>QOd8e`QJoiB0+e_7nv+A`(LAq|IF;Du}h#|#tp9?P&kYL6pZ$Tgrmd1I_a#)=FUB9Xi};wPl*dKteR+#>0$lJ9 zz0$m`ug|ugiUEDgiYmWm*}{(6WiqF!)j{EUKm3j?XkF2hHqAA+-JedC|4Jp{`~j1j z^$VBGHt1)6YYue#yIc9y=F}ZEFf$M~n^%aNYd5!F<$1X!9Z9Q}v?kUTj{p?{{65ea zL3IWj*4~3rg(Ew^@G!-${Q5@i=0-(+&g9>>9&Q;?W#7P}s@ z$XKJYWU6~s;Uevru1R?Y)zLG@32`>jS}#_9!H0X!vHvZ5Ig%McRTXPszr&n$AR|M- zm69>#i{O8)o&0HUEwdwrgaG;@6Sne~h{Zy;#2qvgpJ-#sI<-8;N{=zJN^sBKT8?dn zFPffgyR8kgq}m^~FKY!yI+mTgCl$L-;a?h=ODIz3oX^1H(Tfframzz($X^F+4n78^ zgQJTLY)Fp5Xthb$9s}t-9f~?jEUjhUx;d6C1v(X#tXBb86ZBcD9A3MoF%^}S*GGT? z7XN7Uiqow7;oTXpt_iGJCib4LbcN*`WZr&)P@Uc4xvr|L-0vg@IbH(bZ@-ufQ%b&> zVqcLc4}yJeu$@egVQ{gO7X1iHviLU1ma0h>GLBnpe&Ru4y{RvGWA7EV4t#tnuati5 zvxkLWV(3-U(ttYLpE6!Fx7Sr3H<@i=%aWqoY#Cpf2A?(Iz`9Cl85dvfi7G>BOXd5$ z^xeGkY+Zjgvm4B;Zn(~?U z1D}z%tEe0$prmM#AqVRJR-LDvAbSg?R!&!g-5V@HDZhvHGeY=YHx-(oAJ}+p552az zxBdnO)vI;r_AY{Ln-H_%?Uy@)h^#>adPy^g^e9f&@GVcSV9Fj7 zr3O^@PJg+~*fZ~bu^7$t^J-pq>-)?bzSy41UL-x-a)(+Ier8V_ZP3p#8%q}v3y#1P z#f<)tG#RPXk=KxF>rSW}I`uf5WHfo`B6*-2Z%ORk)(K5HT!G8ezV4(&vCcV<8?8!S)i2SIN_LIE2Snk%323}khML0rLD zyI5mzQp^VdiXrbH?C*fZVlMveN8z_}tc4uueh{I%Er|cvve@!j8VZxzIbxYNiMx%< zK)AL)^Yx}|+$IN0UpBlr$>Z^~%^&gie+J@z{3QevlEP!l06;m1J1Pk*2Gpgcs70D@ zWf?*8ulHL6uc6Ohn!F9l3aS)A*3!CZjX`jON}sNTFc zNj9v~(O^VZi&>x^$DMElC@?KvUt%OzzhFR$;+c7f`M1DrC48s*1#&tj#UE?&k2L9z zX8_m~;7M)xte!D_K#4{`gM1Vtzu}gRp|;89NWO!w=uM#IayaTGF>2bxpJmrnKaw&0 zMB`Vdgs>MxCgQoM-725Cu3-|tw;Y6y2rGh^5q^*k{(v5sKAdbjI$y!K`wa}X zAL^?^XorZovAETsVsWn5Q#dCItJ8(nx!i&A5^s^fOR%7CD=|?!$sr3^q3Q!vmgkGJN(zgd5I#;=!B%tXsP+EVx*;lZCuQUCf$r*{ZJFsF5m zBe8#R+WjR+{L{Tg83ukhS~BJ2-+VXz{B4~?NDnQ$lGO*1Y5vXE`KNCSVFo`eiElme z{GUfi|LiTmwt|AJ!%B$&Io8aQ1I(N3ONnLq!s<^Q}&;IwFR6eYhl=Df6)m4o9Bv{FXR?0ZP45y TqA$%K0sN7bRFWtaH}?NOH~3K? literal 0 HcmV?d00001 From c635e8c1d31ab3eafe8dc09064c6bda5d46cb556 Mon Sep 17 00:00:00 2001 From: seemywings Date: Thu, 29 Aug 2024 16:14:12 -0400 Subject: [PATCH 17/21] controllers --- pages/how-to/set-up/micro-service.md | 45 +++++++++++++++++++++++++++- src/generated/graphql.ts | 5 ++++ src/generated/pages.json | 3 ++ 3 files changed, 52 insertions(+), 1 deletion(-) diff --git a/pages/how-to/set-up/micro-service.md b/pages/how-to/set-up/micro-service.md index ed63d0e6..7f2d293a 100644 --- a/pages/how-to/set-up/micro-service.md +++ b/pages/how-to/set-up/micro-service.md @@ -20,4 +20,47 @@ spec: ``` * The Plural repositories Service Deployment watches for changes in `/app/repositories` and will sync it to the management cluster * The status `Pullable` means the Repository is ready to be used. -![import-git-status](/images/how-to/import-git-status.png) \ No newline at end of file +![import-git-status](/images/how-to/import-git-status.png) +* Setup a Dev and Prod ServiceDeployment using the Added Repo +```yaml +apiVersion: deployments.plural.sh/v1alpha1 +kind: ServiceDeployment +metadata: + name: cd-demo-dev + namespace: infra +spec: + namespace: cd-demo + git: + folder: helm + ref: main + repositoryRef: + kind: GitRepository + name: cd-demo + namespace: infra + helm: + version: "x.x.x" + release: cd-demo-dev + values: + image: + repository: ghcr.io/pluralsh/plrl-cd-test + pullPolicy: IfNotPresent + tag: "sha-783cc0c" + ingress: + enabled: true + className: nginx + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + hosts: + - host: cd-demo.plrl.livingroom.cloud + paths: + - path: / + pathType: ImplementationSpecific + tls: + - secretName: cd-demo-tls + hosts: + - cd-demo.plrl.livingroom.cloud + clusterRef: + kind: Cluster + name: plrl-how-to-workload-00-dev + namespace: infra +``` \ No newline at end of file diff --git a/src/generated/graphql.ts b/src/generated/graphql.ts index 7700fa48..43e155f6 100644 --- a/src/generated/graphql.ts +++ b/src/generated/graphql.ts @@ -418,6 +418,8 @@ export type Cluster = { /** The ID of the cluster. */ id: Scalars['ID']['output']; insertedAt?: Maybe; + /** whether this is a legacy OSS cluster */ + legacy?: Maybe; /** whether any installation in the cluster has been locked */ locked?: Maybe; /** The name of the cluster. */ @@ -457,6 +459,8 @@ export type ClusterAttributes = { domain?: InputMaybe; /** The git repository URL for the cluster. */ gitUrl?: InputMaybe; + /** whether this is a legacy oss cluster */ + legacy?: InputMaybe; /** The name of the cluster. */ name: Scalars['String']['input']; /** The cluster's cloud provider. */ @@ -4919,6 +4923,7 @@ export type UpgradeQueueUpgradesArgs = { export type UpgradeQueueAttributes = { domain?: InputMaybe; git?: InputMaybe; + legacy?: InputMaybe; name: Scalars['String']['input']; provider?: InputMaybe; }; diff --git a/src/generated/pages.json b/src/generated/pages.json index 19eef25a..d55e6c5b 100644 --- a/src/generated/pages.json +++ b/src/generated/pages.json @@ -299,6 +299,9 @@ { "path": "/how-to/set-up/mgmt-cluster" }, + { + "path": "/how-to/set-up/micro-service" + }, { "path": "/how-to/set-up/pipelines" }, From a422a7ec2c1ce24f0e2205c69574e90daad9bc68 Mon Sep 17 00:00:00 2001 From: seemywings Date: Thu, 29 Aug 2024 16:15:08 -0400 Subject: [PATCH 18/21] micro service --- pages/how-to/set-up/micro-service.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pages/how-to/set-up/micro-service.md b/pages/how-to/set-up/micro-service.md index 7f2d293a..59778047 100644 --- a/pages/how-to/set-up/micro-service.md +++ b/pages/how-to/set-up/micro-service.md @@ -49,7 +49,7 @@ spec: enabled: true className: nginx annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod + cert-manager.io/cluster-issuer: letsencrypt-staging hosts: - host: cd-demo.plrl.livingroom.cloud paths: From 2c4f96f64353d54e30a3beb570efc8d007ddd4d8 Mon Sep 17 00:00:00 2001 From: seemywings Date: Thu, 12 Sep 2024 11:48:49 -0400 Subject: [PATCH 19/21] pipelines --- pages/how-to/set-up/micro-service copy.md | 73 ++++++++++++++++++++++ pages/how-to/set-up/micro-service.md | 11 +++- pages/how-to/set-up/pipelines.md | 67 ++++++++++++++------ public/images/how-to/micro-service.png | Bin 0 -> 109638 bytes 4 files changed, 131 insertions(+), 20 deletions(-) create mode 100644 pages/how-to/set-up/micro-service copy.md create mode 100644 public/images/how-to/micro-service.png diff --git a/pages/how-to/set-up/micro-service copy.md b/pages/how-to/set-up/micro-service copy.md new file mode 100644 index 00000000..2b039706 --- /dev/null +++ b/pages/how-to/set-up/micro-service copy.md @@ -0,0 +1,73 @@ +--- +title: Setting Up a Micro Service +description: Deploying a Micro Service with Plural +--- + + +# Set Up +This example will deploy the [Plural CD Demo](https://github.com/pluralsh/plrl-cd-demo) App + +#### Add the Application Repository +* In your _Infra_ repo, add the `GitRepository` CRD + * `/app/repositories/cd-demo.yaml` +```yaml +apiVersion: deployments.plural.sh/v1alpha1 +kind: GitRepository +metadata: + name: cd-demo +spec: + url: https://github.com/pluralsh/plrl-cd-demo.git +``` +* The Plural repositories Service Deployment watches for changes in `/app/repositories` and will sync it to the management cluster + * The status `Pullable` means the Repository is ready to be used. +![import-git-status](/images/how-to/import-git-status.png) +* Setup a Dev and Prod ServiceDeployment using the Added Repo +```yaml +apiVersion: deployments.plural.sh/v1alpha1 +kind: ServiceDeployment +metadata: + name: cd-demo-dev + namespace: infra +spec: + namespace: cd-demo + git: + folder: helm + ref: main + repositoryRef: + kind: GitRepository + name: cd-demo + namespace: infra + helm: + version: "x.x.x" + release: cd-demo-dev + values: + image: + repository: ghcr.io/pluralsh/plrl-cd-test + pullPolicy: IfNotPresent + tag: "sha-783cc0c" + ingress: + enabled: true + className: nginx + annotations: + cert-manager.io/cluster-issuer: letsencrypt-staging + hosts: + - host: cd-demo.plrl.livingroom.cloud + paths: + - path: / + pathType: ImplementationSpecific + backend: + service: + name: cd-demo-dev + port: + number: 80 + tls: + - secretName: cd-demo-tls + hosts: + - cd-demo.plrl.livingroom.cloud + clusterRef: + kind: Cluster + name: plrl-how-to-workload-00-dev + namespace: infra +``` +* You should be able to see the service and all its components running +![](/images/how-to/micro-service.png) \ No newline at end of file diff --git a/pages/how-to/set-up/micro-service.md b/pages/how-to/set-up/micro-service.md index 59778047..2b039706 100644 --- a/pages/how-to/set-up/micro-service.md +++ b/pages/how-to/set-up/micro-service.md @@ -5,7 +5,7 @@ description: Deploying a Micro Service with Plural # Set Up -For this example we will deploy the [Plural CD Demo](https://github.com/pluralsh/plrl-cd-demo) App +This example will deploy the [Plural CD Demo](https://github.com/pluralsh/plrl-cd-demo) App #### Add the Application Repository * In your _Infra_ repo, add the `GitRepository` CRD @@ -55,6 +55,11 @@ spec: paths: - path: / pathType: ImplementationSpecific + backend: + service: + name: cd-demo-dev + port: + number: 80 tls: - secretName: cd-demo-tls hosts: @@ -63,4 +68,6 @@ spec: kind: Cluster name: plrl-how-to-workload-00-dev namespace: infra -``` \ No newline at end of file +``` +* You should be able to see the service and all its components running +![](/images/how-to/micro-service.png) \ No newline at end of file diff --git a/pages/how-to/set-up/pipelines.md b/pages/how-to/set-up/pipelines.md index df9053d3..237862d0 100644 --- a/pages/how-to/set-up/pipelines.md +++ b/pages/how-to/set-up/pipelines.md @@ -7,27 +7,58 @@ description: Using Plural Deploy Pipelines #### Ensure your _[app.plural.sh](https://app.plural.sh/profile/me)_ User has `admin` permissions -```sh -plural login -``` # Set Up -Set Up a dev -> staging -> prod pipeline - -include creation of the rest of the cluster fleet with stacks +This example will setup pipelines to deploy the [Plural CD Demo](https://github.com/pluralsh/plrl-cd-demo) -include CRDs +* We'll Create a Prod Cluster to promote the _cd-demo_ application to + * We'll follow the [steps for creating a new cluster](/how-to/set-up/workload-cluster), but select the `prd` tier + * Merge the changes from the PR Automation and Approve the Stack changes + * Once the cluster is created successfully we can create the prod service deployment -use the prior microservice -# Troubleshooting -#### Get Kubeconfig for the MGMT Cluster -```sh -plural wkspace kube-init +* Create a Pipeline.yaml in your _infra_ repo: +```yaml +apiVersion: deployments.plural.sh/v1alpha1 +kind: Pipeline +metadata: + name: cd-demo + namespace: infra +spec: + stages: + - name: dev + services: + - serviceRef: + name: cd-demo-dev + namespace: cd-demo + - name: prod + services: + - serviceRef: + name: cd-demo + namespace: cd-demo + criteria: + serviceRef: + name: cd-demo + namespace: cd-demo + secrets: + - version + edges: + - from: dev + to: prod + gates: + - name: approval-gate + type: APPROVAL +--- +apiVersion: deployments.plural.sh/v1alpha1 +kind: PipelineContext +metadata: + name: cd-demo-context +spec: + pipelineRef: + name: cd-demo + namespace: infra + context: + version: 6.5.4 ``` - -Use `kubectl` with the newly added kube context -The key namespaces to check are: -* plrl-console -* plrl-deploy-operator -* plrl-runtime +* Apply the yaml to your Management Cluster + * `kubectl -n infra apply -f pipline.ymal` diff --git a/public/images/how-to/micro-service.png b/public/images/how-to/micro-service.png new file mode 100644 index 0000000000000000000000000000000000000000..1d68f81998ec4c52d285c9f43f84cb7785d0c328 GIT binary patch literal 109638 zcmeFZg;yO*);>&-009C72|*7QAh-l~cLD@=cejH}u;2vuAi>?;U4y&3yW7{?J9lQ* zymM!Lf54B`htsFK%XU@m+O_xd^!G2)B1mtr-#|b>Ac=_z%0WQD2tzs_DfPntt4*?5&zXLvB ze!hZ$0={3p-2Vyr*OM^9KcW6Qhq4FmL-5H9h=~E;@_M!g29|clR`$c)ICDV4X_K$Y z_R3O{?0QxfG&=fLx&}003+tC85S(Ck;MBsvUIzrWFt@a02Xhhq@dP_?{&Ja?2=vDz z_GVl}%2HoI0#>#LAZ8jm8ag8GHy{v*(^lV*T~1K=AIX7VTtvq9_SWpQv`$V=G){~( zR<=g8^lWTwv~&!#3=Gu36V!Ijmi9VeYD+ufKQs9&A3*~gSM zTtq}K1^x5y&w3hwP5xDqrQJW81vHTM@WX7AxeLerWrp1QEU{|M- z8$1q<@$vD;w8f>=>B&j>vFwqvv|N}C3XsU#!;X)k(4t;{d#o{e``Xky7UIH3K>Y1d zOBgXzhpd^&^bYjuZ;!xzXdn1YqmksG{Y!(#|52nUFKbLH0p#Ci1o8%pc(ofhHf$Es z{cV*ZApB%KUjL6$*6?1v$vi!Zt!O9Vh5Wk%UHJCH|7wyGGQsmR)d6BCpzu#CHwyb@}GV5|3=7vjF$gj0^wbY7mWC9=GYg_ zRzM>5gXCjyn;9^$Z(e!N*H{hAGUjYdPEB4*P~1lYwlJ z5b&MikYZ6EqXt#V6U*gsLt|M;aEYdTEIL@O z5wTpT#qY=h-`0wPoX^mIFe+Kff99qXdBO`T%ey#1=d!y)7aHwt$r+4<)+K#~81Ykz zcb=E{AA<2DYi%xUStg7PhZY6Vpq^|S`AH^J^p<4?Py}`VLQYPbgz@3v*1IVjB}(HB zfzOQRmXQH6OMl6X@l_=}Vi9W6F=#;gWzL=kK-`y~ZfjO#13#YlTD8(J=-g9NGoDUA zd>{DLY7~-=ow4<{C!P-b^Q2Dk-|3o{>nO~CQqp16ee*w*AFD8+{BRr63*Y{|^5dNW z6qEl@AjSVufLK6THV6LY?Ej-iI%t4$VkXZ1&k6Q#!z)nlMG2PS^zZ$T6~b2vsPtbW z<-b=76ox8_+q2j4M>f3CXrjriWzjSma^mQ;G+n{(qrAM5Z4YK_*uXobgHNtu2a7d4 z{R6EC|FuxT5D34~z|-|vplPQeyu7?L9~d_5C=|+l=M!5lbd_$;M`jsTD)?-#4peGP zYNP(!@(0?2xBlclxC|8wXm3y~it+ECsSj8CGHrsRuGdF>vv%7D*d&tiUlN(!m771X z$c<%*=^bwiFA)B2bY@K8Fp9n1pFOXtm8YNb{kQBv-EbR2NlI@psf?dDhf~ykkceUH zZGI1bKO9Hf(s(zwFZYwT?MC?#thNn4rcb1hHxx@|jZEfrX5c6AQLnS@i=kB7SnCQ# z?e8Iw4wG;=g-xXrSO7(kN*I1%I*}Jk<*dv5oyz6IA%2LH9p>c{W7owUwfld$cZ+) z-IDP6K-;dgzN&LPRIM!^%5xttP%7!~LU`Zqz%4`c$4Cg&gnYbfA^X7i`dIDhdfBtw z?UvyKi({dBJ^Fo>{|@Qi{basE2~CyRbYz9maBs7_tNVzT5isjdHL=_aRT%rCDWVYZ zndtagPGXcaV}yb+chTom{%qs-`qqKBo=!&#r?AjeQ1HGWh_>-}LQaQs)G{@ew9_S8 zHRBr1ZbHJL_&Lbw(;G!KE(wp51xhhLNP`Drspk*u7ycT&PS7CVYV+GH&ZkZ^+x;nO z;t<`Rhv6R>H@4Gq-r$G1m&Iuv(NHQC({10|rm~ovzb6MJFdD^rKHriJZZu~hF*1I9 z$;undtGzYIv(djf@PksxE1FVE({!qkltMl`I-L6fgg?P;SipK%qh)ZM%2n=so*hpO zSAt&zz1BpBT~z5z9}bwzSKOvcjWQXiq=42{g4KoY$Qd8d1Wf=4tUY()IZ ze0K0?s_2=_s^zhm@%yZQuWGIJPjqV48GC!jgBel|r=#fe?M2rsbSh;~JY5o%id>#n zNwI!^vY2AAGAW1SQF%!um#br*Y-VB@t5L+`J#z2ZuYpjdf)rjBNGJrcu`E7$yNK8L zV&rypX9lFMSLWSlj{8$ZkZmkf0}+HxF1?teExdI$kNy-0oq96MIfW_}qOnvelGWQx zh;66qWF!uIU*)nTO(+x#bCX9=Rlytnq~v;Zq*~35@04>RHu{p(-r{jmsnu9S5sQS? zQ!@y{QpFm~hT(C*q@%pq7$Gwli21D90{a$s!qHd{?$|RBtyYWfq>Re_&R#A<&}P2~ zcMPVM#!O^t(srYl27@v>?%*!y)z2t0nZCWrXNI>$l;q81-eAd}eBWOCyt=3LM=T@g z{T;r$lo^oB;iR}Vl(fxa-ycJ5G$&={E2}kjCk3N|@}i6b`5-F{hbNlX;N^Xi+3flQ zON7O5&oD>?{1NX8t(Rz2>g{*4^z-C?FiWYstu zI37eaI2|W)mhUz*81$Q_Zf`7mK3ARlfz;IBCvdrMRhlceXpZH`&;pY@5{*o{w^)PY z*Vo;#AH*Wkvt{l{&7LQSx&~fmfJpnnEk}zD)6qj!>WZrS7{T+gpA=M4xFIT>2_@^3 z=us6@aF|U=oQ@Y_3j@BVMK8{pXI*a;dURMvCx=OXA}v;y~C{* zc#F?T&KAwG7ktOYC47o2%iDpAPN}FqynjAWZK3vU5rML!wBP90dVwcupnN;|+HJay zXv(Lm+xE3@hoq2hN2TpkDU3(f9oN_8}P&FV?a7EGy-eiu3|+HL%wzL-x397Z^J=gL+Z%bss8 z<{{s}BIBRTCbh=Z|6HZ|<#xQ(WCSf{l&PL+D8-hq+vyF}rnFwHQV@&FZBH)Pl!7Ri zBV80KNqBpI%#+d}uqga3hA*eo|6>Tz@{hS%7vhlEk}tAdnWXrB$zKpUzS*SmPUgpu z%4P^=r=r{&4xK%ybcH{?*FscU<^E;9SkEPB^h#H=!EvP5ti&-+zwd{i_Vs+_?%8fm znwfD}L0g!6Is!M}ps$Y0Q%;&2ISLlFT7_W|=e@d7o>EOUBKAc>P%iS>Qj=@A{q9}) z?x6CnNGL81o8115qb5hEX?)Y~-s!?C`DJCi-ya_d#yThq=jNo6sPSIKo}M-2piC=@o0+TIUm zeK`c;yKfR)OZcn!PiN=Xj`gpR2$*pJWoLZc@w#)@Y5D%k)^Li| zF|65k-IRBIKaOYYC3rJbdz%m9d1L+hm(9AcYRigF6Jf+~@@-rlW@Cr(%i5X*(deUC zq)xFv#kHgKbUtEgAwm{dAMWpkrbxip311KO*!*ydAR3t=wBaLNrqy5=x@%XTU3C{< z2MKBadpE)vq7vWq)cP&$Z>BqtW{ZbAUI_cUwVL7n5qVX~b6WML!UDQHQ4m=fiz!>x0#7TIjGmMK5c2lm*a?%E$^5HdFL_EtlEKeMJwu?cqpS;+E?9 zNg|;j@w8^E1iR6xj1|?h_t?zlBvBXFuD zEomv+!L&^zv*iYHEX&}5^dtro+1BHeD!=C@bbOnO)N${i1} zUDH@LE70sZO5i#_=v4A|1^G~{U`6ug1@Vk zZ=!AdE#(*bbj9t2qmZvSes_fMF;(05b*4T_w0z!gBr7?vqcelA055TPWHuGBr+DD} zg=E3g`PKfyhRezS3^a7Q-g8KR`_QT#4bMY^!mf?7VzpRr;u_Z0@EO=j?BO|fYg8|6 zZ$qDL4e7<5bbgPz({mm7IJVU54oNt2#96gkm?^1x%+(EB4Iyn}Yu_LLhO9MTLzo->mv*h@!;Z|TJ zv!3@Ib|h0IJRwpQt{~9v`n2a*!tyd6FPkW59F#Ae%B0D2KRaX@4YTxv6&61R#ohJV zMPP3#&%#&TOn)u`wmKM-f@%ogbs`#L?dN7!kREbgJXo4zoWSkmr$(EHFZs<~flhU4 zNcAgRR9MW^6u&nZ(RuPYy-8g6*rOQRwH4vqZZaZ2C==W8BcIJRPrUFrjlF^rq&5Yi z*JY4#*hS~N6SvN=zRqRJ+c6Zx(aupVG?1l&2f_Kx3y+_jgf_Tej3U7mFPCG12Z=q`tE5+#P_S>YWS$XZ9%W#yxPOf2$jtW@ac_M- zR7zoURZJaYItlr}Y@dtz5lZ2A=OFZj#TQNYyG!yA7jah^&rEiQJ@aHJI<@w4OlsA9 zCmB;;-hdwp^iU1+2{1eBsfBnqF-ZBBe4GOy}zON?nXoA3`oA zFKW7pffA*Y=`^KHaF*&X8OL&E_1ryJ%>%xeq_3)g*u!vG6t_l_C^0A%ejF`ojYd!p z863oq8hRm0s~9+7Lih>>{;W0Z3W^!5I0CHFZ!w6PndjRhQ3TD;nx?xIJife@zhdcv zY@2S@1`H2l(md{D9SfXHa3*=_dMCdOFrSBiXgjM|n#hx%4$P=siXY9qU?WQ^-aIK@ zVOdF=EC_90wMdC1^GJJ>w>~+o6-xKbX{Kgt`Ezy=t!AUIb862W-3^x)xy!{4sv5MA zs*-Dk5p5r^-8jvEyo^h8$X3OlWYdhs&*yOfKdGb*Y$x(8_i%c%5{4Km$?lOV-1T_g z7cHJ-KwaM9SoNP_3~c%aDc}6&xqdijINL8_0-xFnG&hC~5+h+lSRrXW1bqTu?Jf=k z>aikc5VHFl3sMOr)aQBKO$MSG>ciZRf_TaOPQC}|4S<5Kj<3T|uYQ9rcgK}}kVzEt zcMohyOy%0>xq~e&u|aSYJDrz%iy|T%%=5(jDEr*E_Fmmw=G5{ZWva{HUQW)}PyFu2 z!cX5}tMfaf{_){zEx}O`58yb=zA>pYn5mw%rD&&8SdAE0l?7b0I zzr5}ezl9)R1dIR+DPs4{egh2i@w_iweGexqsZ3U*;-2PPST@*c-?lmIe?Y1FYk4G? z4wtBvc-LPnpY~BsCHFo*`0#38qSOrDNh%+^J6p_GS5XJ?3mz=3JGiePB=&oc+yM5& zPvRtpkeQj|l;*KZzc?<#XUQa^Nj;aS(=%TP`2De8nW)Um2eTrIMRy{wda4r3++0It z*-`{kku%o|Z|St}?%oRonB|x>vV}2c%jax|Dp5)wO`NjbK3;!d&%MwF?H<;+&S&iW zARWkZN~@`|a~M@eXy1tIcwL|*$DJql>j!5}YVNWdM;or)BQpL2V46(@Tt0Popk-{_ zA774#X+T9?h+PWfvDt=jSHdEF;$`)tLtMpJZj#OH?pLN}=`?_Ali`|_o6pz$$l2z4 z+?;v%D1Ht)cF|}QndQC%dvzb(4}lK_T04DIPR=@=n)PzFzhXTNCc6NO=wpiWr1^A# zl3Hpbf$FRA)m03$*)3|dLMb%Qk#|Cbtk1`u77np(Y~%h)xnHE49}O!_WN?^rjeKp$ zv^dZ#fsJb?4kUP{6Y9h$&C?Q}fyHtm*ZuqB6>lL-dmMMR!&}WX_bWEBpNIF9T=h7| zpbNaRGn%^|sLMpU%4aY{=eM&R+04PJGL&Ag5$d#U0gny=%{8KfZ@hknxsEXyGXv3UH57p~iQWrn1m&8})e9;PEK%cWd7jd^O{ z-;qv8R0UpXXpNr_CwRE_NT)c^6-7+Nm2LR&ZR5N<;e~LgWnI&bAf&QE&)7+3tKiz` zTuevZScjvHcqLwIr{es{6NQ*CL~+V4J@{veuhAanB=+#$O8hwJV>>a%Tjcoq@MRcI zPrcVr{9-DbKHGa~6+XB^AZdQyCh(|xE#1a*+S50kE!yPh-%CyhC&{x$k4Bq#hAGEs zbhaBxs@-@~yZz^}-y1^9wV9#zG=7OkRP_JoYJ<_fCt38WA?M!DJ^ym)(!~hd4&O>o zob;yFI@w2a)$BHTdc|=N4Q_V}>)hb14%%Qs?R2T>dGM?8zCM`YYG-M&)3cRZGO6t= zfdqONcUGPK?mK3S4p@Stq<;IBK;@<8)w!iJhv&iSI{tvKv_8_mJc8 z3G7>~{ER&UwG>ubboV8cf~!EWs1k=;($2@&2aHn+kuv2gYDv-0FC=P>g3r`K0Y=hYa`}jDt5>{cA}pXT*RISDc15 zoc=1kTR=n0!Vvf6xwnA1EIJ3h(AJ^TQdLeo@0SAkoY<75I(m->K{QyjlyR}BW@JoQ z`v)g91HW$EuJFrf3Z5BVQg(rpTzjJe#b;u@Za2N*Hk;(&>*psNrWCYqgtSc;KJK45 znNgR~{VC3^TFz75@ebxIj7qo#k=wKBlau-k{G|4=hCLrcm#!+EB=wG`pP@JkVfyi~ zlzYXCmrjf9e^TaB3v#vKK2@b);>8kp#OEJQ5=G&UFRyy<_hmml6foS4!sTe!fluW+ z#>KVxMVhEPCemOK-Y2vyHe9PVRB3SP9QW8rvMPq`r_EX6$lB$1w)5nr8bTj; zIQT=TRm!6mTlfjkDzvwTQp~RDWs3n*UTVI`GkI1B>^eL4>kg#S#koMt$eEjXb(#ii zb5#1=>J7C;_+h@3XJQ?W5s?mKnE|jP0vsPwH%HP&lKmY$7iQ?ug^-Y*L?D;YN;_p) z@4*Z~8L7SC8Un&~x(2w^@KS>2w2Z@RnX5i;Z@!Tfz`V|WxSK!TvYObT-?Rr;jzNJN}{tVABMo83Fn-fNOkbDFHkCCurMWkT=Z^BK&S?v5}ofoARp4-&C^wO z#3RAyfC`co>zFOUC$p`E{RAF2nz2i1@GFBObDE9DWhUDLO1U6nkx)gWP^%$r{MTDl z6=!b?h810M$W0F`puap^wVtRUR2Wjkv(P-Rvf(>)g75`p2QUZIto982m`|$Q6uI3l zks)o`^_W_^6X(kfD!4*t`GZHb2hQ@n0w@lp1v10(_)dl^5!=bL7dVh?C<-aom3N@{ zv&X~mxlCQfRPPatAF>;r&lBGkRUwy{jAzr+vnSsdt2gPk2qm02EuwmMB&Mc_a@f&z z`tvXTZnK-?LqhO^ky?4>HB7U{R5!KBgAq}L>Qu6y;f6YZUa-oBwCOtyiH&DYt5&@b z@<8k_^7L>U3J#Xd`;C|ZD;&S#w`+ z#Y2FYPOS&EV}GR$YDz71x2oF%Zl>5fi}GtOFxiRhaFKvrlVn-Ao^PS%A=LvieF; zpFF2Ats4d3_jg?f(%(>LkAj_sIYDn|)T#mB?YFs~`3j$K%7znO&nts^8SJG`z9oN@ zGOaK>PK8|>Ls_I73x@I0-qF?>B~VJ@eng(u*m`VqMzG(g^O>aqJl84RAENB4xLbA0 zNR+<4&%;25PkSCS5a0bdraP@a*EeI(sGb6Ay+n_Ji(onr)sb6e0C;}Nm<{r(*-q#j zKEox4;;=9^Br%y#@jP8rn7upqXnPPMys}zu?pQLisc^cf)p6!qW%6am;@C1n3T9A? zrP8pB=Yu#}+{R;!Sks%51cDtXBJe+@dWa-$2BIk{Ci2uo1U^;8>F-H>?_$*k<{!1B z;&bUf0`1HD zecrEqkJbvbZ=!H|a^kR^-1i6aQHUcM)+_CZvYp}n(|Ma3CY$Sr1)B#j$O>AB77T_N zx@~-exUH1g_tSZ5GWGUH#`gGD`?zxs=^u1Tk#C7f5L2gD8}+H}H;)zyuB#GD_s~CV z+Bvx&1>-}0&)jB^b&c7dE|z$U1c#eQm`%23Kkho<7|;|PJQ?F>rk{HHqio8PE;U$}ei7NWNG zlu4ajkW<+m<}hb9MmUa8o}i!*>hPJ5X=~juQ_={jvR9e5%Y5MlJVqj}X3ExwuF9F&& zmH4Tni;%K0p)E@MpY#@J?!p(pR^ab<$p`{!eeJ9V+2h6U*QP6F-kw)miUxxpQQ`-3 zd%y4*skmnoLi!^;^27E_uhIcfi&j|3qfXhN3~q=EA_`qw?z7%ZLkM_Af$2hc+u!^L z2CS#r-I<$#(A(sa7ClrdSg9qa_|l>kM$Z<8UKw1ETl2@2j|Il5Hq^%>q!RCObS}R4 zBqgcjE1&efyK5xRPSLN4McDMMHSHqvgEj35OBo88Iqvo}%W<#-C2L!1pj%Z9S8J3E z%aY&!PS@IFhjq@fjwFKgo=#%tIJd8{NUr-@VVrF?WWP7jMN-x%y7;T78ETIdAswrN z!gliw-KnT7cj2|qP1fUG6SWajx0!zQi2R3Io;`SI3LaU{6!NBa?#ms)M#)a6((G=5 z!cKA1lQ*4ktdMgZ3fOpD1yFt_zfYhA9}umOmSRcmD>rFV#4SHyO157n`^%bu&2$BE zh>v4+FeD{&!UGS-8&_w8Q1QSOs{YomPJ+6=x>*g**RQyoKs-*Np2O=BV#5wN;7$u@ zpduigW~`vHO|Bjt=W!Z`(8KUJ?ES1I8Mc3g?K<(!@b?X`FQ@yRH_E=`{t&b8+zD2H zU?eFVFgLkQ*!{0l6u6nn13yESzy@Z*tvsZ?$qdD2p}&S&Dv4cP)jND7_-sa?^_bL3 zs8KgnE}6inlEmG_4pSdYL&%x@L8JZ#)EID%YlQu14dc4+wtgGPsBm%^9A?HIu5Ks! zzRd}LDIxw->LMYtW~2SAvv}#DM3~-edHs8GclQ&2qX=66-HX&g6&@KAqWb438EzK& zO<*egTqvKN1xyZ^`AIinrW96_AVe&>-b`g00A=INDg*H-+IgD%i++}lYs5q>igc3i z7^H)C4-8-59x_bj{_Nm&ox4VZ9ga-*n%9$~C7rIES?sXWs8&x4b?4<8Mia`hUtrX% zhUDjdv8O!wSuTdq1-04drJ8Pc|&%i8221^g6#Ar${5` zt)DEJwq=wTGIa9VPB#+H2l)wD$0ZV>`G;{Co_Ifxx!r?T#yHm1Dz)0p!(lGHaBlH! z@O)K$Vq_0t{V4k7Iie>jO~`JI2x-eNO%gRCBuF%L2_BG zf0L2%?Mm=`YYXA6P3f=VpSyR~;oY0jZ_1Tp@F;V2pmRK*AI?Pevy?a6bu)J7%xI8Y&I&{YC!H}EY zH^BrL+k2NB4leEvcrgMZcs$BGU;)Xlb}iSdgRsI3x-=}1^$cMM|H9cup9w~h(#SN7 zXO-C`Q`(0E9@~vvhZ(&_DH7g$gV{C#WM~yLt*?zlodFyJ(Yt&qzv(&bK9WP+>y+&O zXdA{%=O*e1GgY&iT_Nlk47$eSXj(bNKu}+8z?S!y-o0La&f?o9z@&=*Y6FYC6e~9n`!3;{{#v3ej}Ety-ZVXQD$y38eT6`E-L|QrQ}utI=#;r_q0M zMgJU6uc4?wr0 zXh5Zbb63B}6R7w-w#J9Yh+2Bar5lzpWd9i~$TgcEvuj5rIVnNgV$PY7Oq9>!K&e(; z*!bKQ@R1YUcL#9)?>W-XH}qfDyU9S3tl+(Jvw}s&7L=XfQ0LBRXXHp_Tjf&G5~yqY zt=MvH$-^jsHZpkVV8g|k>A_=APUTqW$zap&B)rkdckEH~Qpv)+!bUO)uib zPOj$N54}08_78Tkr#uiLR5hyt{eny$bUr9%h$Jgbl=O9k=f0L#|4Hk9v3h@%7pcI_ zAz&#;>CL)I|3=pKck9S6`R!o_aPRwWSG4gWp2rI`wbIV_xJZshp=I>e+P^bE%1rPy zOIQw9Q*@ua6xh|cE~AUZ7y8{sM_05R7>$hH7HcJ^V9MsYj4FB?%6hq&bog^mb8P4D93+Vy@ zbHTzYDjkQ-7W0liN(1+;>|47Sx9_RGeBp9pfsybTwuN6S#B(bA$kk~oV-7r?9UO$Xj!BMGJ z3i5n=e*lgxO7jrszBxgw*%Xi*-cGZ!3R`tpYJ@Soymi0#;Z(DR2nMz3EiO8dfShPJ zmKPg{mlS6b{K{o>wfS7rNsY?Y?|z$o$WBqSSZHoS=A49r#Lp@lTf;~vFW(m}Gl*1p z->Fo!mO_*agQ;y>^>BN>+nu^=LcogT)xfel4av3 zepD;}vw(){4g2f#1=5Z_v}>_I%jIo=H(`ibPH!_JlMspqFP z&_3UzUaIZ=U13fX)@Ak9=jnW^NR8>~6pPaAJP77HyZr&V`?AaYh0gB)d=|^Xgnnbv zPJwe__Y)y($#vY%rdbZ;oo2=+r*zH0TE2c;`4x70arU6)IhONNpso%oBB!4Ja75d; zZ$lAh*_J47^z(1%g$cJZkZW|iY&E{v)i(^-62M0QivMIWODLH)Cu}637y58Rf|gsk zby6IHEZOP)nsFozyi{p8tlD!LbcK^aLX|n}*!Z(OHOJNA_KY;j^7hPtaLTgn4*Lj` z>G0`HVheZMlYH9s_>yG=l043gmEA~n`zpFGiV1O*gwZ-+nG7z!cuOipjcd03vJ&Ok z)gD>Jl5&*xlh4}7B+5F5XS}ml!kb!J;F(+XkyY1c5DJ;E?9a}NpE8p;j3#6H>|+sw z79G|=ylEWV+VL(W{Uk^M4l|smv!N3Xsu?{PllqN~$Y=uI&owGRSul3JS>e*&JXxnR zUaBX}40rN$^$=s*Rr-UTaQN6H6I$XhUbay{Ph$~6JJJerD9+ygcRcK6qxqWiJo4wA zT!n3##e*BasXh(|*__YMPkQYHwcV^LYimn9Htpbjru)m^>EG@I=w>_!=DJ~zuaO8UsLQ65jx! zBz}UAH3=A?l+XN#X*ElG7RT*tA_4(#S&nNg<}GQ3eVJeJ%mwo7G8I;9HmQEDKuBYQ zD<9Pf=UJKvv>gt6=R2?XmbM#!8O#f*q|ehf&rCL!d`WLarAmu6GivN8xF(9EIZei zssbV=JLYfoMvF^Y@GZ!itXDH0m@Vq5Lxk@X@M58ml$mTQ*82GK~%n^DV<7 zYaLNFx=Z@{v}+k7JMN6M!b2>Hhz2BZ75kU3>EICNFL2?qj|aqHx~qacGiZ;8Eltd8 z0Qd%T3&o9v{UMs_HdwxlF!OCM@OW00l=%t7c$KXhg+pgR3G+nvB3r=kt)a5P+2x#~3*3h#H@2dSRL!O$1jtR1*BnM{ z5d_)!aij5M#r}8Bdk_uTp<&nLGWydz?EOP#g2}DOJkpaw6+YS39Z}nv;Y;J*-y_E| zdn7)Asv}sI-J}SZJz0p-9jaD4T4I|39VJAorC8#Sa%VA1S<+}OtchBK21TY^^-zE+ z;4s0GtJ0mpseD1jUMQI`#&B{j!z65JbH1WdX^eVnJEL8;W|wi0*%ML`3`B$3@yKrm z8he;72?e-W_(}G>?|5qu7VnWb9=%3h?*?8f+`9`hXUn9S*imTYXN6!r`JIA>;_1K9 zNXyADd6uM62W7ZF-NyCqF0c(WKDWNQx0o&eHDn6-4HwmfeE8U@D+1lkH~V3i3R5^7 zBEs-eV*p=Jd>cdZwRm{kVWru0QB6%9AK*!7f&Y2fE(wy!$c>T)-^cH8_)i81rS+tc z?=^DY36g(f*-FIxb_nCp4apCq?HyT)=>Em(&Ua}7sohrj61jkr^AGH$jW-0etRymz z$3v~#<)robJ=*)dF7^m7TIjWqo?O}(L)B;EQth@zZNGM=JPxPEePdXTNGl@2pF$GL z>$s`YU09ej>L}^^-TqOhE7R47=Vvd`*P_JFl96T;x!GkaKAfBy`(C?a()6f3gpP`N z>S7%XoP}lH@(GRVBOR`A;on}v!bm$gah6{fsaB~fHJa-_sh@WnABzwm)1^Zv_i*34 zm7>3)GWJ~oR))Tt)3zL4RTEUL@prOC?x@awHD8{cc%nx$MdG_cu$gjm(k1u&df)Bd zT^*7IWPqgiyF-%<(%vk^e?l%$Id3yPAKpEAerixGEq$jOsQVGB)9%4L@3R!u2Z0D(T) z5GcQS56SaH*JXgbEDY;y((?Ebh?`Ov^haOr*`kq22ENb8g;~GYWdz`05>RL_ z?_Wfr8E!gjv17)&Xy$6a;(O@RXt?sFd@BPs<^L_aQo7^*5N?t z(ZCpu7A)&ct?0~M)PARduF#~YimH5 z&Yg=|d|YqO8JwM#HXiY2dswLDXXprJ=a+}BXdS{|rHGrp;4mKS{{vk1@rSRDSViKm5mkJ^*%n76tUsN~{-$O>{=C+SdiKm;U$4~b6U~d29sC=l zVR5fXRSXk+B>vMW&56YMOy7`2F(LQgw^6*%jALRU~+M7FBs|LvW>8tTQHj4JGU z=|RcQuWs*&Yr8Q>;e5V%4W4an7b2108pID5>GtNVJFmrHUEI_tazQegsQr#R(;`Eo z*$6tE;~{fC+dzs%_c7L?z6K^ZiBNy^Si0VOvAmL1dN5cqSD9kWca%DbMeK;vnM9-B zewE_w2;sjW&Huvj{(;BTgVt@L3)&rJQ_%N?h@)0>6iee4C{=@|?e_A5NQ15){3OZ_ z!v*Fx?2qmnexIQchRb$%Jp*^h&dLH*;|IHgX998umB;f40)VeE1`=_-0Hh;J zdeOxZvlk7&7=R{34<#}86EJ$j0qB+wHsjLh-LL!8D3xgXA_y~kqWO~T0<^tc{p;C~ zh>Y(pc86%FK$S)#_<5>D{*3T7fc5_mcsxiQ+H$#>S}f`{weI_3MDV*mhMSiR^zW^V z!%LP1_xo7x;|9;CtD5q1&aya&zsL$ZpVT+BXvge2qxbzo@fmKXish9YkLO4w;%JzU z>7^b{$y9r1D~uFG2gm_1>JLEI6QT6+SA0?^7+Brs>;h6mDhy>rZBpKP zuC~L7#Zo0Cv)ZT+r?Tl0TvtZ2SaH|6T;}6)I8I1Io>oNK21K}us9;dYeFYHB_y+-| z6)q-Dq% z$ukgBqP_PtU&1rL{dl}Qr=_a`^N(Mrw&0SwZ0mp=u0LoNFMcGQLC{O zX5vT%90D&)jW@3XGmPyub)JO;Tr9Cf22nf3cPmCaF!s($LDgH0NXq6%&3@76dG{i3kcN7!!&((>BjyNKHaZ%!Zh34xmCs|@QU$tux7uPfTFq3-dAL2GuWOeVyDM5_ z2-_q3Po+7<9r72uQx*no4|U~=FtXt3wIw#B)K;m_TRTqcEs^p$(%9je3o;W3nuRzl z<`L2<4cIcu3zTqu+RY9Fh8#H2<54w5DSbR^23E1$&0;7#z4`B4BbbB-+Jk$fAWzW!$W7g+)(oljiWSQ=u`Yezwl8}_ z-NR&%9{?a}VU(i$U~HXFtc^4p@7EI;x2@Jcd_M>6@P%|-Tvr&4^sWj7gn&%pGkM&2 z`ZjQ;93+Vzt=9b=EQLmM)M`-S0zF+$(7SF?v}D5oUV+MN-&z;K=1{7;dAJlfeGQoq z0>E;c_lGGBoV_O}e}1T#qk-B3Kit^tmpT_|wdj;$C8OXX<8x{&w^2?^mLlWoh)vjC z52vh*W1lRshcW#UkBj7oLC_hWS?vf25h2SS?)ZiQ#J_b}8aY=9O;rE@ZD;_c;8(bb zQUE*`&ss!I)+x6@*2%h9?+_eKrO*#9U242-{kGm8GvJTxtEB$z-$yW^7c4q=mY^?a zg!F~FP|N4l0&BC*U5pgUgKfZ*n@eT#q#Q9;Bnu)BhZsq)h(HUg3r@|1RKj6~T0^{jP4QJwU}^(WPB8 zCi)7I9osPgNad?AiLVHmpx^+g_~^G#Wb$kJQImL8PuUW^SwND5AJ1$del z7IWniALCt+PNlv{0^>cc5hgS8g6rR{U%U?=QH=aX<*|?R%x7)ej%YZ^sp(Phv&=p} zWs!BD+jqY8%h@VSU<~;JE7PUhCDBX6W%xY-Xs`U!OpBDB{uB41((b~qq=|xQUcjZf z&CJ%1c&tFh>1*3j3PSfCIse4mj?H9FwLZyf31wzw`=p=(L?+5CP%ZPFr%XkEYNJnlLE!dY-Kzp7?R-sS(L_*Spxb>ZR+6O-K zwS$ml;X)?!VYS@xY~%~}GUQMKY#QY@KcyEx9W`=u%F+MApYEIh2X>+8K2PS|#_~n` z8d2&d`8e_NdZ|P%C3K7L-@Wn1NUcD^W@a!L0G8ITgdK>( zP;@>cFt41|1+@nFQxKNgAj!WobVpJjEpzC$2vD?s%jZKNSY z)cy1jhBrUxI&BB)R#c>~0Kx(imwTUw`p*FKpklzAw-JD#|4^;ki-*Yu&2051$j8zm zsH(%CvY>qw%?(ME7)q>?DwG1pFE!b*_!|A<;B{q6=5@Y=bH9nq7S{Hgrs7nm9#Mho zQGS4L#K|{SeJ4M={eUMa=onX0g?u}mD?1R_fnT<)8>E3ct1p1G`6aHPzeT_(*{DqE*$6DFL)QMi;^$hB9~2sSoEg9mYR}Zv z691-N{v~A;HFy%yB<=xEayQ;oNW++#oqW+<1`PYXYp9Wd-dY+?!m=PvL8%-aKBCTz zNDpw^b9Ia!Nm`{VeNKf<2EO4(O|PTjSZaq^8vLPz4M7<$28Q?%Q!5S zzQHWResI`|Pbbw?ohD8O){6ln!Zq(325zi+{81z|#?Rab-;tv$e`U5%$EomJnf#X} z^-q%u*x~@VRt!CK-9!#P>PDiUB~Co-#ZaSkOby`Ewl%S%F+RxxSXPln`)t)H>v|25$MVUv2Zl7^f){_rA$#Bu0y`8yQ^0j~_bHn=9C==ZmS z^pDZ1^Fj&7B*Z5JRQ3SYw&q{&0{A;y*zSdaS*O;lqu9mnG z0D=Ie0PZ2D?AME-&SI%PJ*~D%!!dtgow@$~WoiH|?=>xHs>ecm=@?%07x4;dCr|_D z3q%p09I(Xzu>3-korvX9BjNMowbnvD$V}ix_8$BofOY9}BbPUx6$2Qad-nMQ+;Jfm z)g!%N$d`@4jUn>X)XvK2E|yjxQ3us?F-hNNeXc>;*!*`0uy7Y}w{rQ{v~SfqiJK+nCA zoiN3D_@x<05wv^$=i4N_;|aZ(u`J41PK9R;dj`4I6kaAa1hkt;iCDMDeVnr-B9A?}^gNFA+!~{^uYG`~az(z@$>Xp{bElN6kfmHkBv;D&1cyOae)jzfA<^lE{qEQY8a7+~@J{svjF-FwLwJXi*(B$qfrS&! z0A1x)Fc&2fY^z=%Lz1DR_|njqZZClYJSIvtNilyIje%&u9=Ad=^`Zz7pA*ENAf(8R z`bm%^71-1vb^Ma=*(Rb_G8B4AiAwytNi6*?&) z(S_G14-F0etBU?pbi5#X`ahfAsRh~hgEXq#Kte)Wn{c+ps-VXpVxac&HTgCGpb*tm<`@quonB>m|lt}}pXIUDD)_PuB0s%ZY~ z`k+oOPY$LpjwQVC$td(-*^^i9mpCZ^_m2i>76Sn8u8Mp5;Jh#t@xz#e-ZeF_emau@mY&^6uEoxnw5ezW~0aVlTk1IdsGKs4dG9 zjpWCqQYLv%qh5J!_YIh-Pw#qDI9e-1pBEd*l9;VVtM_@~umAv4%-&={e^bM?{%Qs( zVVG+}$GqFSkCM6am%-u*48JyZA~Wwe%Ef3j>h-lg0yHGK8cS-njGk(XdBV??=6z9Q zalhuaQaGHX%MFG;0fepCitXWnvrWp))TtqpkDiZ@6h*hh;g|a?{XozsS*&p`EaYxu ztP~pHPsQ39jr3)7NgVEP4a6z+$I(*ugr`Nk#D?x)9QA(=iIrzyjk$Z~(uIHNG>|wP zI*qz$ci3$|T;LQ8KpiD1X`GXPOTew`NGg^1RXFrcu0NW_fHV@o0-IX7Hmpi;hqIV{ zdc3=ggob}NGb@wCEWrJ=VW-ykLVyBr!5Pt?6!=xEOm)T8o^{f2Rs%q~ zez@H>ui5rhNPC0P-zP6q6&;z`-B)X~E`<;HKB54^({vyLqv4=!60H+3$vSBvkFPu> zetW3+w47l-HB3ysbadn{mO%f)(w;>G4iMxW}Z zU|N59ETnTwx>x^D2{-RwT=xz<%GiJS!!RKMsBI)_M?ieQXkU~kT?RgWZJI}YOk;lg z8jjTk{pQZo8GVUU+vFRPcxz|Ht&Z~aX zW57!c){)pZ@6!&k<{EZy$(gx*=H{SLPa=;nN?fVs%;diPtB`_(=p)zbtE6v9JKK$bHh z;@v7*p-e$`sm`6fhkR{jzr1}PUAM+6RjuxaTE3&?-}#hAm=;uXevK3kKsHk}V@jOs zO7~qNVSsjMo7TU<>AXy%*;TPjtMP^ZhpmQ81A1OSe6l)vV0%Vh4uN+Mg1O zqtY@E8tjcE?rcY_G2K4w#+&wKsR`z|2u zj|e4udcH}d|Fwloo|kpxcHT0DS$&HmrXCxAq?jS`Ml6^gB-?(cpTo z^s09PVK0T?=+IUx-y$2-Le(&p;+yY;i6opvo>mS#LaI`hGhM2d%3z~7z@oRz6V%JE zf9xoRNR!GIiug++9+&*`<*=3jS!s&=T1pogf(P%xKT!>86SeCA*ds>xnOmGUUZHer zlDIp*%|rZB!Eyf~{FW{3sUKhZ-i$Z+;!>T%``T3Z15?etqRK9+%bWC_#qEwM6XNaF zsZ@u;@b$@I#G&N9rEok?QXNc74nU>pQkvc#fZD9kv zY`)!}xph1`1!b4pLm`pSTi6H&XY1Mt55S@?nHN)g+_y&LME}7SjpIyY`yz`dKQme8 z$*vQ*SkIeZt6ZotcxT1Jaob*JnHHBb7_DYKdK|&?rpH~pwx{0}RKOYtPs$(QZpisW zSD={rn~iAe%NNv`(`Bcnd9Q$j3fgw&!?yYLbU5yV@5ghNk?DDFW>X_Fm(}X^V?y?R zKZ0K_mw)YzsA6Q?dgqfZJ#CQ$izXYt8811RJM!DlK~#g{hw>fx|A5wl90%#V0jgw< z?u`h~kQJkjp5qHz&HG)gz$W@D0I(!!u%lH)`gdL@{RCLzl1sqauN?235j3Y@aU>Ou z7P#6UH*V2^pB}AZ!u&fuD|YC+DNgGMTlWlbseWu_(>}(uXqQQIduRikfxKCD!@9do zl*>Jxcv=XT)XmwXCFi#na678Xxo&#OcgtlbmFCcUGCxs?dq0SyO8tJ4nkQs(M3b>z z&~^sgHV_xR~^;4O8uKz$6Gsms^uPk-@2rCEq!A?`k*0pOW5q?1YYslcrp|-KxcL0~R#% zTO7H3AN>AE(yekJcp!~-quJDBbVO}NUqa>jkT)oVuO7juifj;n2l@-`q zm>g)Pc6;v`me6achC|p@qgL~6*~CqF0W(9}B{XDU*UWgu?%g+Uzt(>nk2$>6yWMN; ztEbnO+UCsMEt(dd^%FVJTp*|3c6y3`-3eQxwV1k6}y zJ|adoJ0CwC2~F#jf;Or7uQV}DTK&oQ1uQMUkLJrM=elqbz63evCS;j%1qLXkyFcG0 zo8DZ|^!nff0{Ez&qfLcY*I0PLi#l$2?@iTRldBbN5&;9?FRUrTI=28V@giJ$_mX%LVxh$PCP|x4|I=U4r5#*m+W~qmbFwZI{6cvnsYgaS63&>SnfObRQtqiH4w#O1yALSO!D} zEo2JbbT+ip#39QjXFlo^u}n>fHTCJdQFtmdpV-6A z#h_>Ca(U(JTyA*25R_wG)Elpj3T1GWf9Q@^2g|w?Jk{Quu(CjTi6tGU+XS>P`I8;Wce|7|8?ok>TkM7ie5-W1m~0jg<_c=*!0Pw-2i~2 zGlnV+Oi++Ayuv-wYF3HxE5*v@`w+8xIVtvqzAd3DT?v8HjMxL&%PgRI#QD)V##%_{P4JimXu&VQaI@hTR-wDoz5?tE(0Bi zZyPXBZoSDkoz6h)Bu5xk+J5KuA7B4mA(F}YrP$nBHea0@<5J~qFpx~7MwvwDZf45W z)^0!(!=Y9_93sf&twSl zAvnyJA!VXJgB6*+yTN@9YqjS2mxQB$1%aqf4L~yb%XAcVG`116^psdf?=s~?Z*Z}H zwFz-9_6>z61O-MdKSLt1O0GdfmMF)A%_5M-{>h(nsV0$|(vPZ~;hp$t<#N$0VpI*} zqJ~zrsK%Z3r~e9D^?NigCE7g}qxj6qOn*Q{8)Mv&kC(*TB@~vNV0i+h zU=cCY&-fau&co;@KEIJ@AwO{JkRTu2$b7FacU&m66r*B5iumx|+i@IR@;vQE6RMqD zCvQY`w<+96D6X>_9xg(&sqMre?gG7+;sPLnT|QxJBWCHx0G@2sNo7p*r)Mvr7z_(= z8)raXKfe6?2j;i(F&H!&*W_C1!wNFw7EYpQo}obJ+%XlWG-!m`+e>@Rvj{ejMcbWd zakTC(R{;I z=4VF*Z852yOZJDmJD1saZqiuf_RtwDuQLM{)vqLd1(Zn6XX~@$V0j|0^flt>pSl%p z0uyK-Gc4N+KqVWj6wvw7bX?n*ypYq(ALQM;wkJrOy{BYrF>;$hz4ACiXDwcMlU=+y25IylAoFll&}OY#J}#iKw%?0b$F=sz zZlOkc+JpZ}a0Qg`M}we@85~Pdto)mrsN~D=&Rg>P z>p8}@YLjUGtNPu{yV`K@?(od#PIn%VN4WPZ7&h0NK(<_?(j~xaj{u2hb_lc_I3Q&L z!baqZ9dVG_%%*zIM>YYdWw1{Y%iy*sqqE?9nhC+Zy^dAijp?3qY|(6v^JO&s+cLhf z|3%ECLC=S=gMnu`P*AyPBJ@*2#QiVshyZf%)kSTjTNQtpab9rqKG$JK1FitlX zR(^{piD&2_j4ZfHz`?z%h&JMx$9r@dZ8$817bd&(&FGK4Y$c<5<%{j_VJ*>U!o-}> zDAlnuH+;gp;aEj0&DK1)Ufz8J>S*P$6Sk5qBTOQjv_*GTmE7t5G1B>Q?YQ@|)xV*S zc0+|Y5I#X=@Onr%EE zAx-+@n08F3eRWx9>D2nC{(O8D?Nf{7IZZ0hY`^AX1MMCBPxWTqBTo4Z2l+Qt=O<;0 z=RoSvtXBayk8Qb$4cDz5Q4;r`%+o^KIWdV-qFFsbJ4cBy(YZESY@P>xb^CC799g6N z_={|o@eF&z1oh?X(Zk<;^N_Y*n(NO8-VCu$?7GAv>~x?Qt%y7*tu&el(IQgmmh&CW zzB--4OuYnrdfE$Q2yV~8cO| zCTvc^$<9~V?hXwTMQ|H&^3oaN!eo(%!2h;+2=};4-NWYm!m@wctuAEzwi1p9hWi_O zTi9Jy{9iVq2&Pu=A=cFX;`2pZx`=Y^tuQr1SWod$RRzGqFAzFFuO7Rr zE+qz>bUelGG;vqti=+#^c{tU);%ir_T8hRqgp9mCsFzO>$#&PL#q+tg4)>3XOwEvo z2D&{ysH$>bq5T#9{c;ZAY1{g>s>X_|LlCFvD-kt+=E|pgI3zPI`oGA zPcuH}}l-kLDGR-VCS$wenc%iExb)XVK z?FlhrHaf)+WH;HUyqINLa!|1>um*cld`{|dIEw#d6+q8hRaIc+k2GO7g#kuuQmc;N z@vojWPMe>t6(8nmfGgcqO<|7nbP{*{{G)kX6jbR`L4}JH{LoIOQ}e(Ro>8%~XXL%n zAI?R?-2~Grx3~6aDhIK{AMTL|GUIrhXK|(lhqq3T(MXL z32{8GqhcMcoI9v+*b>|Khiz(!&?$hh!yXQ{zLGs}K3CF6Gp44lRH~M_Svn;Wp{x~; z=a5O-L%CYxlC4wpG)J8*NhMRlKk>Hs?dp_8UvjO}4(1uBh0FR_f(kOHqNXW98*oWd zT;W8x8^o0paKzx!_|v@o3BWmjZID($17lJd@Cmo(azEsD7Mx{oEU~Kx*q7u$o!yDUFpRym( zytO^vL@{}01hiakVMX(NQ-hF5PEYBw3=^}8YYx&WBl z)j{^C!Qtz;PyUkj9C$M6@B6SagLSdt>k0&_cq%Oun40F9V!N@Fc6;wU$EHYgL`|FX zx(!yP3b=^Ob$b5oygJMKlAug?X$VNi^R>dt7hk>`zwhG%H2Tg%9d>#jWbw*v?#h^t z*%|l=x6Zv5@bGwcg`NiJs=y7P?3elrd^hnnv)qxJn^ZfcM-5QQH8QD|Y^{_8xpT&S zLY%X3j%huPnwx~+pu!ia=8ew3gNdZfmTs6Mt~*fy27P$d2Cq*Ww-J&K`l>)c-zB}V z(6?Ikmfwh3&EU=GQeJ$L&?;A!3InaaWm(2@)*rxpxJm8AzfDc*e&OtKeRZqzD+9rJ zrdHBPi?Zg%q`VY;ZjLR`TKH2q&&_?|uA8(T8Uk zf2j)#D5Tl5@4oW|x&l_RQ(|UXp6{>qI_H|#-Mrev=v4e|K`danH7%EULnUM%(0$KW zZ$d#3CMl_(6(Qrv^%E`D(|d>T&j`)=X0bzZ6*8Zn7XZ(erR5LX+CX)%aLXlqTn%Xx ziAln+B9X%HM@7PWzvTy$>YRE}+v;6LS>2dA#r+_Gcu#pl4Dc>tuT-n&MEn@KM zatXLm#PEt>6&=_uJG#Y8%w&9jPm-P^PNU$W=mq;~?si`@Tl;)u$RP60x4Nv`9y^Vi5kOt?*CN^J3ikai*R0-UA-5e7|( z9kKmuTbo@Y^30GRV#&vhu#l+`2D^WdDiVnLyGoX&oj&<}yU^8nk7}O6bG&sVv?XpF z=rGF=PO6^9*Z3;}UR0n&=LM!0_fy7T zIe{9q{6GHQK3?+34oa-DT>@kEca9*ZKh-}EoTmP}L1QkG#xx?mj&RGjns>9~ zKCz)3uXF-a`-7wb^H%fDS$CTz>#SvIrJjdHcPfVs9_hy5xC$Ib<>8a`f*fF4kpP0T zhScD6pH_l?TdZJmADAPOzI3tB?A)5N=q8Ys_|R4+^j>7~N<{W%C(-p(yiUeeX_>BY zJ~uTYroyaeCi6=p&$QnF!v(O$0Okx7$VZ0hu0+W|t2pHzhKD3*>{#6jTIpI$nnb3}}2 z;{vXBsE|xr-h_E(G~cHEt-7iPtjfEav@F=e|0NxI@~J9Hh=HaclaH-i3Qq}b%a;#N z@PdCyq-pA{SHB_*urcd+Cxl#elZE&F;pn4(qWtXKM=I(wOJ)6Nj-X0|c!39Uw75;1 zWda=cJDYIYktE$7ks-oT;<%dBY{rRQRW=jI@0%!tB)l#4v;na6jgA2PJu+GG9e@=h zc8Y&AKZxN2;FRt2-6=dwc#ksfugtYK!eAf6X=&}akbbG;*h6_kG0NC9w-Jf*dm-d7 zn0p_Gf7BvrKp(J%gmD&O3(#C!vr~EIXHT2*NF_GT?}diL#FZspj;_WT=_)h#-RZfp+5QX8tAicT zVb-4+mlVNr(&!hHnRyF6>g%I_Dt`GLrUepDqgh9r!1_z?aeuw`&TYSP`>DeHXvTC~ z@NgwvB!9e5kW!{1<7BycUVoO}V1NuT7yk>;_MIiRkG%om!p_p|F)(Vn+S0elH?6Mi zBt-4FH1V`N4;qh>n<|mc{5t2+4nFM<2HM}=)hHCmDE0f@zoXG=1v4pH1GMYK2HjSR zWmM!k(k5uFHa{i}3qZQFGLI#>c&IcFc~U?&kvrKqUlWq#eq zvkMh=8{{8h`tc(Ym$RXqNf;ny$r9fJ@~xYy2W%lC(de8|Q5g%XP?T%&I4TTX4WJ2y zQdwjJGeN&l51Y8pn-01Ebzc}E?6T7dbC}>WV2pHgy%5@2{S8&Hg4EV7gdZPG0PHg_ z{tNs=!RzQ=nHevhe z>1>!I;UqDd%K4_di^k7*^antnGuw4u ze{SIN#LY;9VVyhs`=>Pb*>@lQ>=jUBNTzwJJrj)LxNp6eJDsmlNYt9|sKdj90b}qJ zK9B-Z086jNb~kvY+?sYMWl_0xWD|S~D09v zcRKI3)3UnUvi*5kA4N*4?mVXXga}pwQ01#Ve1&2tm8}F#^muEW#;w%axyf{)A$whK zu?oQL06oksA!^PZV8>}+oW68|>k@!A0}hQU2SY9`P3yq5G?@d|Tmr$dL!-%t$B?0&L;NDd;zh)O75GBpP^r~||* zipcX_upPJ)&_%0{*S_>kj&C`|U9_O;FJ2u0`#r0RNxKciZ$GO29SM`is>FjU(7W!G zTM5R4>L8udg^$5l!tgjF-%OP$Sl*HLK8_9|t_WwF6C55Mk26N|FD`a7 zf28BfRuA{nJ!D*Qc9i1F(x~q;`tb@R>*XzE zEq-hLVRYhbU#hVj*LUt8U#@SVLysVpLeEcAf9lAZ@IJ6OW)Z)sb+Fh8{n*mn!Lq>V z)EZ=XpKjw37~SqTj~0vZXt8PkMo5!l(i?mlO~0p|EuQzY!f@=)ezUY&{R#*gM6^8~ zF{ssA7^e`kxk;{N$0&MDj}IDeUc4=pb5Zqq@=x{mCOw}mn!{1dWK*N__Tn$1CRu*@ z9lxDN#bqOcsEqvldDrO*ma~_?>NXWeos7&DXh-HdyxRqS9m8FqUjBJgUn8({%Bbt1 z5}1O-q^P#a3u2I{&lQA#$tScVU zuk8>@VT~;Ie0^;0%9LLJ{B+v@83HsmVV*!Bb*JN|5(9LJnW))n*%b{Ss_+JE8i~+o zT=O|r@SRNoOO6`xLgGs0>jW%vb*IjA1?Jvl&dLhsbG$k;j=F=y#x!5dR0~ag)y0TD*W^(RaKspC)1p6t=WRSC@QPKhHsP$%YCNJ*VPel)(cZA zQOQ#uUAm@XI2l;V6Yli%5QG^uF9$|5l>r-QViwG;3FASUgvw+s*C} zp$of`p}VaknYfM@S+ekuOz%Rd?zX0s1_?TTv(<<#4Rxxk?e?+zb$)kCIt7KX_b4ODxih&*24KjG~h+4MdppPwbi_L@B)_H zHCB>-%+tBz#Y-x67T_qz>)f0dk*v0tG*D!XDMN8vqXRH@ypYNs0B|Lr@Dm z$8Bn_^^UP2Q4>|LO+k*ORW$h=D{77RrJGFiXYL!TjgiTN@od@!Bp9h$euj22VWR>8 zVysMvTEnL@)#{-gSE>QpHYc2(pwPtM2Y~RaWdqihD}aNLDwf{pX0n{05Vj|$+vgid zIErPrnmmzEr3@H3w72;SE-7dA{(xx|I=JemDWz)GUMBoNh_BdLBH|jJCkwK5HABUL zvXMv=jp+HZH4X0gB1}{^xU60>lKpY@4}A?tBw{5$rV!0_5TJ(DvH|s@!1qGk&THA{ z@V;qVY;btzJ|(+IKMB{K@YALpdf89GI{bcys3MTC**YjW_~;-6hhT0udKF(9H%1cW z&9b3-$RK4^0E5A=?BBo$N@gnAKs(PDtBsD%izY?^+wwf%E*H8M_!|4(!#CPK4nz>hcEf^O546Vj$e4$c+cee{WntTUAG?nanaYckLn2S8A(A zo~7W&+h+5E4Ry9yh4Q{7Veb6d2P}~3rK%fCI4i*6By%{lw$9X~5XVAqOZ8Ky$}j7x zABkc6I4!tay>`kuWMjS^U!cB~!)GU~V>J5jjO4^y$&!K<8++8P9T|LG^X6OuV0W4U4%%I$tV1k0#xID?X)uro;tnE%vJD40C$YZw|lfYJH6pMoX*Kd^aF8^)R{g!3WZ7}5CZnnCPf@nkAJBYoYZ^L zTVN@Ye(5Z`*b&`k4fTRUYRF&gE%yPm!c=agr^OLxv`HYqI11JN$tC9CSu3aot$a)VnG2Et)YXwBnAAmezb8U zj1yJ8qo(34o=1jC{|mzRiQspYRXto@XR>bZET;u4zRW&e=b>`l9?$0j9g8Z|rC`=b z;HpTE7Ajk9L5tMOE2}mp%OqomlAT7eisK8o-Cbn>mw3~WgkLkc;&6%|(bmP|5<6Xy zrgF9slLL+xDuC)5jij%(&s)9=94V!_xtO=dMRW_aQu4J$V^ zZ|!D@&8ih?6)TOJE}-$7ZsiodAiAp7-uLeNHm0jkh{B*=JDXzP&RYXU12XO<1t!I% zxfY4R77NpPQaRl25EO{~4jrCNj>jY0>SEpPSed~(u*(gypdPZ}qdVT@Y#Ex{C+GIy zRq}E4;HG@rpB<5aVC!lsS5w&XTke9e!{KBthrLm^7J-mu770ogC`cgFAIaEtk5^HI ztO>Q8l8*hL&$^P8x!t7glno)rWan05_X&8(40`o%oj#`14 z2;~kHEhjDl9)dZ7gIZP*>b`Z9Iqb+TUaiYfQLQr zpUVV%;RTH&7pwgB3;!tn&{}~h`OJ8QIhRofHcr&jA*3N=jySc#%jnD52a%iy z=_b=;zX+c`KKB%53v8p193VeVfPN8`Tf%(Hm}>!cdn28?3N%Ro-(CdS$%Btc=>{KSsM&+jXaOc|m%sQ;>h5TAeUTkL z9MfWjE>bL&tj2Spr?pDEs3*C%;3RE(=#Ia=)s+t7Cm(dF3iQ{_fOO==AbPS2prwGE zA#Qr(ND`NFdA-G=n4kb5Y5^%=dXX3989Fxz-2y+F#-QyF?M441xU??RA*>%CVggWu z@}ep~-{E8s@CW!~kz;avQ@8h6^q&h$kSI?BS1rQmH$Gj6-;UB+!=a~3;^e2Gn5#oA zebtSwHOkR|4|IeCyW&HC`WymmgTQ^0LFMlY;`3B2P!VlR^c4^UJiVka!9yAWqEi9$ z#!!&6O;U&pp(EbeWOalUFEk&DyEn2Q8B8KfUb3*rsrUp@G)BT5Vz|{GV zztRO~hr7i}4n_dyK$)H&;aWbmcP_2oAYop?-HR`H<(`lAG1~{IcH7dk;!V5v8AcA_ z;~Sxaz3J$exLP!zpo)%RQ4LH-lZfwCFd~tcg#i;2*-L1fSK#scys9I=^=y&9D@NrG zuD-|l%Zu%FTs^<#~+)krp>;1N>8&@SaaXt`Hze ziC!`tPo#us4m~5}Ar;l#41UNHV(X^6o?@7UIhKXbg}?a)2zgsEwPdv0Jp|9Ng&}>O z7I5A+1FYF9yVYB9wX809EhYikaFMOL%(z*`{A;6+l~Q&xgw+w;K(t()w>y= zQ791bWdA*pI(ZmwQ6HD-S9cEU)M>DmQt?}UzNs@MjRHO zL%Wuk`q2SLks|Q!pB(1{EG2@I+UMM_v)7-M)J1Z30`cYTu2D;4ijO%V${lj>3Mm2n zF$(Xq+YKQiIV7-3ryBC$KmjU+$SU890bx`|=>V=5IAPm<5dxEq!}3Dd|saGFMW|kOWs51~77D zqT-lLa|yGchXot2KUh%*A&G#KR*d?P=?-UuChP&r0xLJl!Lm_?&yC1Rz$3#GR_GT4@$g&X?0mPJ#> zf))z8yJtXiq`N&pHZWun;}5fk;d%6`OHin~gie_d0SDIO)ZI>}lv{1 z(Xj?QnS`pl*#e+a1tFIMw(JhGi{tXPAE3@?7nY)$;ut9(!P(L{DHcn^b|xn?~nD7=aPJ zEg#usEzqOBE^4mQ6H8Inz%FO= z)jPE1P_D^d)OGCqL}V{ik}`W^{dYL_;$l}jWP0-`pk2g}UUm<4n(Xq2MhtDJ*lV}H zjGi^Gr2}t++L0`@#1`8v(?T2fpCGQ7!>ou+P%B28s;}OYE4Q+YRo~qam6vXOx;?(? zn^e8a;6R%Cv7>=3fIozkUGYcY1%_DsXr?i_3VZ5|Kbkn`@cFz=@fUAxRklP9AyzA$ zDLfTpREo(}jHz1f5BGQq)f7PFm{SilP^7z+v)wykQ*^vJ_!WMisG?fH_h=#)-R}^0 ztg>V|ca-4SeT1xfw3)=?HWuK|vU0b&@VYWJoa%xV=h44u&Lk_w;>P?GQTYdki`#tO zawC4KQ4GVpQmyuB>}^c87K}t9G1Rr>{em!zyNT-Am-&^M-!Q*^CZEgd#-nyv4zs<4 z@nOQ^FX6H_ z5tg+Q-Yxh*R#>Y-I3E>@iLpVSw zyv9JC39>bkf?TUGj$(*U)9k+V*Re9bBUe10jOn|8|1uBa8#?&4y@E|x>AlglapGJ6 zTVg>hR(t8DUiQXCeAqZ~+!q1P|A)95dQ~$ zfjg3>R%6`u9M^R3(fywnKmef=t~A?hvlLy1lc<%OyvVYBuIP+sNQ$v<#8d z+sWRB5gTieYIUBSgrPON{lkx1^W~(uvR8Ot)$>reAEY}RydcL^s=pO&kKRE4M55Zl zKd~`Fl}rY31r>(rSK6P9G{%q*L+xVD>B9xkxGJmCKVRi7y)THhm1>bf00TiL9lE82 zpZ$`uIDMF2na#>Off!EY6bIF8F;i^p6dqw8Q7VXb>}0VwvUqaG5aeoqE@rnkrhMu5 zbbl-vPouq8a?^b4s>?>ERud>EXR|n-&QmTH#~7gRVMYtPaH?AOn2W{eei{7bs$n|C-imr(or8=881U*6tmQo$qo>I=@%fcH@IcWT+it+4o;Rqmj? z8tkF7+qrGEN91wwWZ^gS7OI8I6zIqw z!epre!heb^Klne5fAb^c1>x;U`U2JBI7-3ioKQdkv2eAHQKj>y5&o=}q^~ruFiOzk zvv;`}dY23P5vJpT>69)sIl%0e7P|O-!(5P#0!Zvu+pw4QGgXERd}lGPx5)=kiM$$d zwAyicm!5Y+fUmHi^#WFrMWa~D=B=Enr*s-}OlTOaoI{~{K59QrX}7LOQsJ9U;v!J& z!Q_51FVbo)3(EA#hAP1kl_-T9=<;UR_lfitK|VM})1xifSFdn9$tuLD><&r#M7PR|>pZVDFtlmflWXqJ z1?ux@Vi>I3sP8w|4^MH;;lst&3<@k#0yBht_e!6F_qk>QbW?@yYcB5avH@*A(tonOuC_r;QllU?&iHh1K6Ljeo{b4_ra*0))N#a29lxkwFMf#}_ zfd2F@1+dn{9c1p9;m-tlX@nk1mkdI@S<1VNdj0EwfUF?&6a6fW=98}c;FQLO5gtZw zbg`RC9~32CgK98PTK!i;; z*^^^-J%0Ha%%`JLVetqpH4vv=9swE(C1ePc#+7z2oRjDs*n!sDYA$PM>+hWlot)kd z@zU&3E+EH1e=B%GX>p0wEJJm!n1Hy1Ci8eH#;tyBh4f9fcmOt|;Hwe3En?K)qnhHsKB3s_OuEpU4=W;jsbJXdg%Ap96!6ybz5dWJ7ZM+({J@`9h?8 z20|L&4ZhxDahv4e7tyHE>Y9oaz({CqP5VvaeL}BX7X}ftb;U!E4M^4EER)42Z?w$;vVb74bQw2`t6ZpjM z;n2+ZXlO5TBMOJfPW$SFc$!sFVQVj#FKsR_oMB~4qf_MMA(@a~zxzXcTgy!7kVzBk zfS>^qgogj;p$;Wh=3Z*>7_+c|2h7Lqg7<)A%_{G48s=z>zN6+8+i?p+^l4Kpt5=iUV+SS^#XxJw{J~cE#-d1e*Meba6wK!r z4ja3WZY=E1cP@dls3DX86mZiZe?q9ceh0|plZ$aOQS`vh0T0#%@mcuB;USdl=+?(? z;ztFv=nG&H0M(De6x`h0d?mmXN1#ro(XNb&*q8mP3YLO2|C`GDbsoMj#AYBP&72$k?2xdRakNc0f1?K&QYCKEB zD(#X-s^klc=5}Y_C50Q8gw)s+M`pRDqSk202u3h#p~=xl59)-TZAq2O^>NGZa$}ZG z)3EpY%WI0agXc1mR(FT)>(BU2U(ZaROBhkUS&ycogX`B;OciFSYB4*t7GerAbGUMN zHZurcDEs9bfxO|U+U+4w<(9HgOhN?W_CSG++hgUMqgnA_v~e!N00Q^_Ocf#ouQUH| ze`xB21&o({qi6o@=pB!ctVQLiJU$1LTQ!Fav9WqUB|nDA7zp1E(WLxB4aAe~drB5X z>XcHN9G(Ssl`n5^H+QC12V~F33a5?a0Po2HwOWc8GFd{wXr)p)HuOjloiJ{o1L4oW z+eBtd%%{6#S~lKE6ET2mQ1KLwjE*FaMy-|rWWqwQm@|q&g@97t!b!d?VR(x~ywEQH zTTD!;S*hyU64%c{^g;x9y_ukTh)OaV?KfJL5xMV<1d<8K8S-TgL0N<3u1r_hGViySy@yM*(St%qdWw?Z=?*IlF-|89g$@wqwBg zUVA1yFpj9it9O(w9FBk}f4){Lh|m^Jn&;T70hH$iFSnbgn;fuaxFC-?cb^7AewO46 zw$8j?9Wof@J>Q=RtVInCWZ{62%ehXO*MWS_#8xB$TqTj?OI2~Xf56(~DDERoZd)zC z`C)e5kh>7NlA%6FV6ouxU?ah=sOVj`qW$;uw&4a5$p9-xZ|Ge%CpR-i&Z?%)BsBat zGOTc)jStQD!^rg1t}bpIq2hfECIMh&%WrbLREkQG;_UeiGz2QWRLj5-#9YnV+Pca8 zxo*_2x&mI1z96#CV6J7AXLY6IdtP0A)Bru2TR-J(3DHK8r*fQYOot1wnyYMhHv~KE z>b?X?d$&9U1@Dl>SYeY6{D6x}@cx8)psSkG|24)S?muVHH!uNX;qYht?Ei8*AaOwM zh(p@kIZpa4RYI_;*8&*Tj8y{F%-1o33Wi_%8J0a8yKAZ0GOxUNd%4sit%!{^_=`|kt& z_iX$>zv#Yt7Z~TEbz4PB{NG>ngOmafmJ$KH@>suu+P}H^@y!1+?En1ze~-LH!hs8; zUcL-o{O_s%?*;$o5wK<<>5hI&*=ADG?8f6o(oh2?j2%pdu} zk{{>@56Dg~mbLOsHT`>YOc34Kc{PqJ>W`28Q-Bb^EdwE_?dIcQ6z=B+Jw4rT#s7OH z?+d|CO=#@sO$+}IdtVh)SF^T>CBa>SOYk7U-QC?axVt+9f;$9v4eqYNAwY0(7?wJ;)5g@8&6^3 z59`g;piw{rt|q zX@B9@2jpMtNDuXOx2Rl5BjDo~j~+phT@)(!f%OB5^nDvehNFFikHPdUTZ_XvP*Leh-;!I2QY9DgKN$y@9D5^a z&2Ah_=F0j9PY^YLna3-dqfPSx7&SzDr2Z(v*75L@Tdkwr%8im{nh)Tglqju%hAl*^ z=fw|Z%Vn&?mezOIb>HBw04HVn=SSDQ``Uv?95%qhg>$S~EQy{(sZjPu*;ykXC|5AW z)9_gKS?Ogz0nWT}g9|C*Kd6Ln@HumFIh@`tJgOXBT#(_{M>50Xvh&Mia8E7N-*jMJ zi1mGi3P~UrMmXll9M-7Y(|Wiy$mS1#{sSOICO|HmTO-at=P>W42yf6>zjx#%(t6LI z_#fGBA|5_oe=^=0e>xCV#-rjJec{Rw*~~*gIs$*|18i=wO8L)hm$UV;*-CHuXAjp} zN+3Ew^J#V&Tx9;IPB}arHnYE8Pe>k1yUCdR{qaMF!})o27Wm%TMqeC@HJ;ggO?1%> z0EO&Nxr1CCO?;~|8qOYk4|n+5Z06rdRGrGzZk@l}s>mWe(kEOfI3a+Bg`F%4xJ{$c zQcq@f1VgDGP;3RLisOUv=2Y7H=G*}=7`aBnSQCkrC?>!B2a3W0r?Iiq7tg%@fIJBm zRSOm9cR-P4M0h%tkb!iWKsx*T&UjG}i-%j(ICgT<~f2{18n9)4J@{EGV#PO zsu8XaU@H8Sdvl_7*`Jh-^+eXqa5UjaF6gYOcEA@^nogbSL-ii3F4Y zynr{9$)ryE&z{{d%xcu1f$y9{(WQPOpoBg>Ajq9w9*!wRXA?;Fh2fT?|IBbWUj5>5 zU8hi?>vg{#+Uc-0sDyRbM_$*~D5cfxl>HsaCVY!%8jY#u;sN zb?yPE@#1dSpj;BJ#*;-~5u5kM0O)lHaX$WSVtq13D4zpG-WQ*YD6oSL3@ z#6BW5|K>>ZE*i{NFgRA0zfKQuc%_yPBdda42kP3($2kVK>q(v}SPJ>bjg80!O8LuQ z0ild;mpqrrEVjJNPDkUxbyjm_qM|Y~2=`XEDrR^WJGAoXSF@}|+NB`^_V&4H_#%%o z(b+B$RH_aB=UW#!o!{;!66w5UYxl1tFEJbzFZW)?GrYsIw7Hro{7|pFo~{s@di{4- zJD;FZq+bo%(@siHz3*)sh=ed`)uaJei(E~~BH(2^mqVjGvc=O!S5hreq`SZGI(|8x zEI%pwl?v010C`;G$W5Aa^n-=E!}C{!a6%(Opg_&|pU(DJt+QInntup*crT|K zr?nm4O)mX>d2upWi`-2eH0I-jVHOSd8Bf*Q?<4g9%xt?0056Qf*w?&_@}OK*dfrXh z%vX55Qz}#BBNG-#Mxf`|=}(uc<CT zM6v@1^DNz4FK@$>7Gm2Ba`$j{gwG|`oXnc>{&*Hj$?@Cjs3#O{s&qk#@WphZ>0OU~ zWWkf-3gA7i@=`v(5CKj0Ymb&sHBX{sT=4>opjO3n3>A`0CN*y~dA0UifdILz#6E*Sw5 zFstIux7!-}V^&8H;LfEth0A6qiC=&t$OWNGL77{)_3%FX7FYv=$;v@;Lmy4^AcX*} ziLwwZ5os0a!wo*M2V>`VIEW@ul!k?G9*iqBd$W~Xo%S8%fC5JTrG0)u`goB|NfcQ} z2YnAx!f)LblzOcyTy0VlJZUOQ@hFu!=O=y#I~A$=qF7su45LmvE}*deQ4RxRIdJ zdW*~9=I`vHAiqte#@g6NI2g}?khi%4fSBVc5^>~ohC}ITiyMs-fQ#WQ(~GYc{Dk^Ku7b1J0QWdC!nZa_v)YCiZHZHRsZ5UW@9l zyqP%7cHX^K(ISy}Ih_LE_d@%=Fk-IfJwNjWf9B-kDxLn;V+go%SIzq}!3MDh1&R#n z&XlNDQmTRxy%dZpa*523A)AF^^8^Dugwb4lVq~adPFG~XOtZ7Ynrr0B^lm?`1D@PF z6U)R65ExDSvH5DI*UgkduZBqD_xf@}CDW1_&4eh#h0~VvBrmXK=uwzGX@g=z(dpvi zAHj<9MfHnP1vd2d5?iX{dU*el%5UoLVrUq#S}6O}c;;RtcWlp37}R=Xau0X>ghDDU zH-q((%HiC3JF%v3i36p^gH1B_;F8-5ApLb|wgEi031dSs%70&|NsBg((SdswrkmnPaP^i~F9mg2|;V7+bQAz8qI!AmD z@g3nM8KV{I=d1c6$6e*#Trujv`C~Hd+4x4EOyPyihcFCU8V$8JQtOej=TTLsf}Ppl zxa>{}xi~S#9n{D)YwF`94LK<={hZ+zOgta#Mwgu;aCyW4rW+AZ%c?g!eKUhDJD4g` z)^nCp$ewJ$clXj?t~dwC=6>l7;8syVD$p2GmV|iY9zcdmE_0)29`B@yu|*IEoza#AmYT&e0yLqjL>-jX_uOT zk?eot0Z7q{gT{bwoDGnm|J=i+>|*x)M*CaW1~`-Y76$U3vNRO3d|+Bvw1_vQ3Hh^$ z>m&s@zVRy*NNy$!ZKy}zOLv^LAM-TGFc?WHV{>11mfORbJ^yP5QA`<>^c_Kx^`a=`w(?V4;;-a}Pr~y1|CNo8up7w9%96^%Z z@WY)j8?%ToXB|<vS#B8rTRDiO_Sr%Z{@|KQYY?&4ZY{v3G4eizHj$(7e?V% zE3B#=5ZgCSqz(*?e||*<$L1r)G{UWg?e?f*borq+AH!m13sb3KTf~ER;V0We#kwEqhQ#Lm0|z$8#C6F%^jXtpT7ok!{+WBZN9;_x>ZZP zB=D35m`r&xJWu}5&kqRklF-BydLsItOc$d@bs zL_x`riT8g5huI3{SS;uL+%6CG&&4tba|XgzN35hnvca6zS*+(XW3$PJ(z(c%+P!7S zgygPQwj>;GPx$~+gP?XMtlm$pL#(cG0T0Z zjo?rVwtN3^jKQA?1HQnSTo4apl^cPjH(oO0Yv++!r=L9lpP2RxPEq~_&eqiNhGSt# z)uxk$m2Ni`{P$P&Jn;vlRBWv+ExVy#SN3;~xGL&#iFW|=ITpfvQ%r4}>*Fb{0Ft|h z6I-*A>ucjuJY;=`ljXoDDk!Uie$AKNGZZXt5C4!O(- zZxYY8r~0Gs2vW`#>iO2dluMsilMqYfC;;|bx5UQ`N`z<8m$?1u#42TSNh{kf=a(j% zlw?Iyn`VCmrm=WG)og+9UIX1bYI)6O(}lu- zb%)-09X6NCsVoqtKHT>7zPKSL2w%Ni+me6rkK+N4e^8ZiSVYamXhSfi8s4&fv&VS! z{;BW;;IL=9Ypk<>mVUH1p^l6AOJBAAS4Sq$Aqc_wj_p3G{S+ruQhN}#RhEb#y5@Mm zTx7LsTA?ozg%nV!!xqs7xml>pKQn{&p)T)Hic%p&()5?(FQ^!@{2#IH#G@scziM^% zBwrgnzPmwhec|P=dVlqWHLdeDEfBd_xtCWvGh$0Ofw%@1VryD!X{z(c0mN0Bl_E!u zdy8G(*mHDh_2PsIKw*;@2ORXGslSDcTOT4LR8G^3O#M{I5Ra$n;<$QFO}k^X+?ve; zlyyBnWrG6?Sl)5gALYjaw8QGC-t5%hPh{Yj}cr=R$K3Cf+n zK*1*ufVw@t>GF#YVa<4N>wqPcnBv?%DR(aT@O%cBy?tFgOJ4GJ;puI{vCJ$GtpU~2$wBII;^5B@#7n_~L$ zXr6#pkL_z3Mf8zms9dSFN0;3T+zXFyxAruI8x*##jSxa8>o~l_gZ{D!e|s6CKc}yI zTb(azGB?qL2S0;XV{a|wY;iT;cQ*rRksX$!g4ss^Tfk1w9Y}~*hQ*aqxyi6QB3P-9 z2(KnOGMgBChfT2>?cH#>XW@xU^9{a0nrPvkBsHIU2|)gY2smG~gs?;9j8~#DXu-(w z`WhH8;?`2RsyyzH@1Gy6O^=eNS{h{d0cu;;V&lcEy=mfpcle34Z#nq4TBQDCW!v>W z7-gDwucxAFBoNFH13bd$Y+li7ap=$L!1#xzRz&@%>xD|Vt*DEnn->Vtqbf^}EWI1N z>yPZHB+=MCUA(F}8f9awUQ&sxG@%iXA5wwiv;uRkMPwNvQe(IFn~EY`W}}z0sGp7N zXTWqdg0T|v4_CP9hJr#b`gviX>{x4l21j(gU3uXaU3#xBgxG9)ZlrYbF}PJ8k(*BF zndMPre|Ary&W;DiNA$GdNL)hox9h!?p<-)drp3PSxp-+G<8D4Z@Xh-XX zN_-nPt34C-9#2dJ&7z>t{Ny+p#1kfuDbW+lw65^Mh(F!{xmZ!0ID)`vpF|vQc_{eq zV_ci5lA3r1qvj0b&v|U^1Fdj9pqa_By+raNCnq?tKjo+LgEV zUAG{FWPP1J5t#C}$JRbtQChhVk%&&~ie;dZQeDX$$062*Ob?x}J9>lPAMqeU&gHjyz5eneejjuM@aMY`yEeLz8dcEi|h zB+G#y{(WuU2T3oZV#PQxJRU=NCaBWqef*_g1LfLm;ySJk-tM_lcE4M`mhrSV_tX~>7f@?D7PTbDNndNS9I~XYa#r>LBP}VP-lC9~?|Nah zV8LKqrkTo{OVO+vUhrAvc_S1fgFV!lGzhvOYy6lUmlR%lBsWN-#ClIzZC z7KgEAY}3~xoid=G>l=kc{yW%>N(`{HKE6f?5ZZw3G0hivh2=#A!-O$gS4loGu( z&sCjUfGq+nicZ$!GZVYmPD&iv9G(xdKcEA4XS0XhuqzHz7hS$sr?zFsq+!SCJe>nV z1{Hc7e?=adrK&h)Z{}pxa{N|!7qLC)?abbs_hY_E#jw=fVO?zYJ1E@3d?f~NRm?MF z2R);68a@1h`3n7=so4Z!i)kZM;6V5*3&$dVNO3C!DepSJ@pDgztGh{pe(*+Bq zJnD=#kHdGXj5dp(NhUhq{jG@JTFZ$2+Ib)I&W89aHyVC^A)A3um&?uh1o>FM(@?fi zj>kH@>}A_fdI`be*)Q>8?C{k-%Bs`tc>g)JWa1)Y+#kgw zOwjxF$^?+z4sUJ7&_8_O-!zf=o023FsH$A<0VQZBGOZ~ZK9`&5MsN6kzF_#V%P~>E6rrIN|h!}Wsed{?VWU8=m@t<=@NOb08RrU zsA^~gHcK$CU9yBAi4Hw};3I$<_y+Om&fE&MBw_LbnqSJBO9pdi4$dea5t%DX%?Zm5~Zk`PIQ z=Q9DhMR2RV``14+vwz&4{4V&qA1XM#_waRNJWd=tignqSW>rM5vdVRAAklI-TkM8z z6(T+%fu*NwE9Q#QT`NoV;8i&95n!t>wb*v$eUj`Jd&l9l&wsH!lApq&wU8h|MidSM zmc>ipL|ztbo6zF*G-wp{5XB4HiS+|EnXuOKXc0gXO^2GKvibj1ClZ)6ysYk*V%-v8$2~ zDH$S5k`YuaiNH|)s32tT=Sz?e_^vszKRq|gI7V2~Jv-Q{bD@Mwn$yWx3Nop9p2FrclpyQFDXGMRS%m{P(No!Hz{uw`D8by&@nkhYhPrZR+) z4<3Pwlb}Ej=$6<$&YjLtW&l#wbMZxBS?*9js}q|^@e99lLbLc+yQ@kqj_zWhnahiG zyiNPQ4k|Rm66Sb}*Q6^}2-QLkKSvOIVASL0W34#IX+s4CC)djfdA8Ugx+0P*w?MqM zeb8wV`v_~U$HwzQ6Jc zc%BL&baXDe)O-zkv3^Ms{aqpRSiPLCSPB6j7yuDuVZ}NvFD<13<{`QB%+oUwmf>`H zfq^{-wP$+A{g@~mb%ys;fKkF=GBwBALJTX4fW(o6+APwoZZZCKUG6*J;r5U5h5#ia zurV5@pExkb&Aj`RA1zF!;62+B}6-sl`+h2cUwj6LviFc&aznFK7*+Vsh;1l z)=a93qZP!c!!d9k=R#u7mz5@&OaLOxYAWnmG~&KD@x9^Q**IX7 z=Ff%e5T6sAUhXM?fqo2))oXS4wq~}T*QMu;3Iwp8lKpq@+wvjKQ2vBrD(nFg;3DnH zb&{mrA1xjD35!nYt4WPcHPJO{zBd zIzE%uclKSmTwM(C?<)Y%Pk=?FhjnqI1MGnaCdlI-ed+9eWv;m6WYYmrwv3L0#7%&Q zKoic!Qa78Pcmjn80zPM^fh4nx9#ym^w%%|yAIZ%wi{Ovt8xV6vu%!)10 z`jyRw@|7-yCT;rHQ7Q`Qj}tTX)Gvt$CaAsCT5~{51$33)gH>$aPoX?@nJ5(np8-%DvM;kBRGJ|n~v=z2;(5<=MDAn)HRK@C`UYD_ZICF1&(0g;&y!~0L0kjqmV@?05J~a?h&aWqMmo>c~u}sK&blu&au|S z85VZr5Oy$6#I5wz%3Z8gh~i?ac|lQ3dhjA3NdZDhnx{?x&kwmXJra|tA~ZJ?3i)_5(c^Ro)8d@W>; z=aClbsG_b=XpZVl4FFk>Q)gIlQpQ*3*d=S($TssFswY6yLMoJNrQ|8OIFmN{?1VI6 zLO{zg;4WalBYL<`}j}1czl^4 z&_icI7a7!VQ2*5=^h!tgg#a3k3fGQTdZV}#h^J^O%W*!kC(xF6A(wz=M-~TzTC zxR^TUpApGyDP=RGC5@HS$cgEb8YbZ zKCX5G{$SMF)wk<4N^|wjkwn&X>A+l&yFSF%TRL8B)QZlw(GrnVa*kLy*xNE3M=$eb zqTqh1G~59oR{*;d-x+*E#ZA6r* z3V9)Us{W0>NRyFN@5UG2x)G^9^c=ne4g{y+zy@f6sfI^eO0enS*wp!O#%)*#?Nb_m zj+ZVtkEi*(+&m(V*>ljR;8$$^0`cRQ%t$j>gjJbl$9w=pXni@77I^0i9-x}6U{aK>y}&}$#j-C1Am$>pmIfhzf^;NJpM1&m z!gfTVZq{5GK7xEAn~Pc3`SXSLkdHz*t$i~m<1I8if4WR!lDy_8&(N)pTHSB~8zn}pBR;9*C^9h%y{dlKBZ~WQzNU>?F8iN6TLp9gkRj;cTKkZJN)x9;L z8Guz3mx$-)=2ivM6d6+bGtGA@uN1BU=%brX?V&}EnHYeE{#LI&sQUZ_vqg{3QHNcB zqg)>Ot>XrLR-KSv%>-;Q>}dgOquN*|{(!5ZM7tGTtJN*wG|W$1@!xlY+0rR;c@R*zXOYs z3%2LceOC2WTHQ`^y@k@TX4CiS?e5CxNqJyv#S?S;3aLd58@u)M~QKVIXM{BcU z7uFbRARYEg>lEN&Se&8I<&qnDY}`B6mAM{14v4Iw^PvOrhW^Us+L!^xgaVP2kObF1 z(W}{u!q`Y7ssXd0L99z|4F-Pg%9MLP>0kb=$%qX$pSHK(J7I`a5sN^Kg6@9($h|qF z;?o;}X?S(M;A|z=_BbUq($%m*%>zl754gimgeJUD5RK)^lY9HDnEa-bEs)8`*1Q>$ z>=9Q|9M6$uHl6v%_gy-PUJhx5Kr{sqLVAb6(#!I-SIh^HP(kE=?pOYeE1!yD*t5el z0kAzvA?1E&iH>FO<2?Jbe0S@!Tm1r7rayy&7ow?)07mc`pSwZi=48os?!yrbh1uv* z6uX~~KBULhl+FD`Io)MXg|!JFvL?m20a~ZM07(8G{yq%o1RC3wxkt8H>@oN!Gg+I< z(7NUsOyGjB*yQ9bL#~itDO}hMZ5c;9ftT3uX!SQ)sR4`Xp*umLfPo~ z=qOFRaUs$AxMK^#k|>9SijT0rFll@h*`FS<&IBB6oX`G5?%m0YNfL$JOw1~0l~(fT zio6yD3UES73K3bG#*zzMr*>rzfdv^dFa~ z@tCr%rD8PukxHOndQ9!FJBvrGC8V<8`=&XiIcc}Ok!^^g*zA?fW;5vmZK2#``W{>Z zLgM#QJGY+tqq`K__(`s4;N#A>hh>(yk4%*!v7$LUh|OOm3Mo%%9DEQNXDv>!81AZq zKi0Yh{>X^7F`At2Y!(-!90Yp2DuEf!Ed}0VF`b{;6QB+6ttO51@~(Wi=ayUcpA9(^ko;R>*!O z#ft@~))$w_!x}Z&PltN;ryXAWoVbUg`d^L3JXpODomAyMfFV~)EnItCMhq<%CGw(> zg-uWw^V$GTQgno@9Q#CG2cJ6l>&}F;U88$Atv@W7J%=qyTPw{ueI60+Iw&PBW!iQtsCf?_Byg z1tCCmA-a;4E7HLLDvV&ssQIEd!ywKH%f-x+QnK0GzWbI#pnhD z0o=m!uo7S}FL@H&7X9($Y9Xztl$4+4Eley|+Txv#9-}^z5^F&%0VyV*;`dnTG&st> znv3jS&O7c`2MYXQfY1jaoUhez#^TzS*|L=_v_Y!X)vj{M!XiqCIpV%gq_)v5IE%=@ z0A&QM7>cMBE3Otn=7M+7HEAlzd$#8{#ZWF2-Bfq$%$Ag+vxBMwjh9pBUdFv&w1h9r z&alT_qq08Yr*{%~jE&a(jJ@1RzVrBF6c~}F^nEMyu-CLu`{}zGC>%fNG6q4x&PY-~ zQ5=H`&ERi;re3u?Ge`9n6JKs;CBA2W4zTR%QURL#d3NRzZU*mVoFe7c_gBXgI;}E& zwxI$db9u`jzZ(oE$4_Q{)sN4F@=xbE&~513nEgQ@ZFDq$Wr9s+0xQM~B5f!!2!vgn zyO>ex*&O_kV&`)Q)Q14}i$-Q*HgpisaEShrY_t4vhB5bgc$6=ac8jgX^dWk@+M4b9 zsL|fo!Ed&ujjP=<9I4xoP#eSJxksglZTAka4@zeA^qCPNkRb%jTNDUez9{zt&1A*% zLhH7>2r#x0@)$!*7TGRr0VeW06iNvHk8o%fcF}L`F*$7CPk{&*{LP{2hhN76-w{x` zOXDDjCubw2Pa6gIq>kM~`Yx``b04e_tk;{2>4msVRf&-|-{)v9l(X*yCiv*Q6(+y<(T_j7KAtC29bbjsf$Tg!p4*mW%I){OJF0zY_=L;j zq^Rb##@X-B^KvVNR8!FbHs|A25d>huso?;Np4~qbO}i!lhe-${)B;hhLzLJ60`BGYaNZS(y$oLuehi09zMF&o1+|txUT{ z<@dw4K6nzr`zL_%ebK*HbZq7FUQMeE&hT`pTYtF$AU8^wav(;gNU9k)#gd0E0LSQs ziPTA3I$(lPgHzql)6~eF-BIKy*F7|Mxdp)iKbF7Vci9AH~bN2@Y2A8w@Jz>*ZP)jvD_eB$DlL%e zK4eyia&Z7;)bS_GLF;Jf^4D{_occIAK^c-jb2S(ZQ$EqVJ8S`w@ZWmsI7T+{7h(Bo z)?4sV8n-K@Yo&F$pzIuP%F;qw1RIUSLiF9!vEA9KZDp4>2a(aB#DNx&66UkPXnLA* znQB>IA9wc;u3O-w?;3`1@x=`lYt9^9i!}=<)38~=YQYdQ z{fD0h2Bdj z1!+5m$g^|2gaFgba45ae`y-P?B3}9UsBcyrrFqIlu45eo=8oO*Ac^q-Fo#;=ha%Ii z+$w6+4YM)StThY3IvC3dyy|InU5Z;oDB&rE>WwB8cz-^OgW839RnZV`cmzg)0g>th zf<8a5w*WOPhC+u5+Wq5O9v5>$=1`{h(b69|^k*Y%@t2WQVZ$LMS>-E&LuM<@a(CF- zoX=~fnMkGc)Sc^(k3ek7Ix2dMjpNK>Z!P;gOABhnDU-~8L0bJzV>Hl_DH^2N1!O$3 zsvXGaDaHW9t79E9SePof^a9xW<$BrlN>n+!{0_LuxGP2CYFTLunL4-eTSx_oXn{5N z>7+F}8VYPJyyK?=*(XNRuP&o3q&H+T+ld}GhR3g+*Bm6DP_{*iwIX;H9P=NE+XS8J zm)V%0!9AbQf8AzMH(>t&l$~mXomfyX$_;ZIO~v65M{9!X`|5(j z;WNF*9);sn*tdfBp=0!7D0X7!IOW64DI|fq10(ch$ywB9H{6h8h-= z*`R^$uFm!MYTvqJuH^2Z(V)&|Dop%^U`v8^`Jg+qF>JRf6-$28g&-I8P^`BQ_7-ya z1vm|>*UmNVMhC|i-PKlj3`c(|fJX4KxA`En>PA&VNH&*-gf85#4SRNank&rGqe zzk30|b%wNzeI&kqAnd3ek41TBcHy$(e&_Jhv z01+A@iW7=>yVhK#v?()%rI_k*cyYIqq7GmW$MfMre7f8cpPqsA1cM4K^Iv|q1_|T6 zyBP(6xqha(3lN=%jO4r@>JZdo1l+827a=RhYt&!@-t~*SaQS3T8cg)U#RZ{!_gKuT zrsOAzbhS4&FJQA(=--J>`nd60e`Dd#>lle%`pSZEI9Vv@gNOl^e`bTD-ApM%`<}Dx z9pAM_spGu#<-Z9BS?e85rQUknACOK@ zFC!G2AUB}C4Ds%+#$_vAF`AB3!YCMc)e|45K7zq0tA?v1BgP~v{mi=8XI^u1BpFy8b#B?m-?Ua5s*~7Y^=j1@z2YOpU@Bm4oJf};u zmQAqkDwLV#4sddz2V1*45vLN)Ie(#`cY0f9zknS8yi}`t-mJV1-Kk<67GaDkqvVPt zw~)!;uih;RnDJ;TJe`+=!JqhPNVy|!|I0-XLMVwpQ4o$L(b)|n)22kP9I=jnFzpL{a$rR`LHJ@TyBnNfE>i=BwAt zf0bWF!-DRvMy*R?1%75<2>Oomm)f`OO&IQMFrMKay~H;Gp_0faVSB?ZVWfPAq<{XZp!MQ>vx2oI6zp7kv&^ayEe z?mCm$@ojto)oH}O`A#IS`tKML23Hpse<(;67M8(SGM1i5d>+Z8{vJPGMSegxQ|M4{ zPy$>Dkr0y8eP5;=TqoB35dr{^G=tf&2%Y)ZUj=Q6fJAPRZ-#$||Azkq2N9t9?cG8~8{$+^3DCW$H`^5d1{<9!s+A58n<3j7go zB4P*s0}xEu;-2iYxU`{AGFw%SO3J&X_jVgg2z(&KgV63LUxJr@WN%9a|5JLu>hUTu zOyi+6m3tf0zE`;#T}$q(TEANtVl~^eoWmIQyI4LAaF6_Wb9s3koN^oB=pp}_AHK2# zQFH?DDYcr2xey>T0n^{HQjK~^b>CVmKzsdDwUWr=nAvi+VqmkSm1n&-Tp|DlEjP8% z?$6l<+1_}Mgfi_^FX}C6RGr0~FtCSB9rT7`L}D=(N&x9bWI8L7aXjAK?5^jiKysyz zKuk{#a!;t-J?x$d&=eq@F@@{?AMUt}K#x+IgBswwNW9LKyi@Uwf1U4d^W+~=n%TgP zRlcX6LZLlg6QG{HcY!>8jA6esol$mUn(~Za#xnZoShLNv;?i-59Of_Q>=h8$X zhL~T$1QpD+{1WOCwSqD4`Ge#g|ZSH zoml&wTcTYjtyU57JBSupM=$(44769b(|oaZLKD^r{zE0u9_|n=NMY8 ziWHX>>$UX_kLC(w5cU@e$iguhA^@#j*8U^iIR>|m2AS~EqTa-DZo_>C@n}xAt-*MO^1yEaFbTUfr^!qJ28loKKjb}t z+;e3PNYupt=AK9qf)a_xmH+0SNa`&F;d{zUFs~Z6j$c<$K<4V|Isq7c?*VYpJ&&jg zSP~EobAB--0X!ThUI?43cufD{{{JsP?%M*(#s~BAY6P-OOi59`aWvBPlJ|>t?=ubp z;1*)lH~^b*h_I#tKkU!gG1tihh<~0U)xh%e@JTSK~b* zKcCM?LFnCu_0E*{g`OV(5CvZgNRvRNV+VZ1lnGdHd&><5#&HgBh))zb85@~p@Oa$r zFDagGRt#G?b=n>ki=DLCZO>V`8oYIA6TtuD$?`8xokO9Hl@|(EclQ9*rInS87#mHw zoDMi{G2{vQZkSqh22@Ml-{ohQmtUBRBRVTztucVY9Pe;(%6!Hzo=tvr^ilkmKh!rZ zKYGMpK}wWFkPTSA z=y1i*U>tRMi9k3RpoEeHkk0t1Y+>0qw$$I)4FCQMhaV(q4e9eFc}1$lN?WOwDO9M8 zfh!9%GLA1!t%`0I)Mv#DC-Hbnq>|vAz6b>%MtT>7?AtiENCaL^pG>;y?=SczzKGBf zcw8f!7JA!ib}5sTYE=+vT<+41Hz}!6_OUy}{zK|^mN4xX2t`9Z3oto^9 z=MW?kKYl|nCt4bhM#siW30+xo1~&n9u%Zx~-L`z6?epler;mtI9vqIh7%d_s1)``g zqT7j3^0=UEbWvepL(_HDe%W!ox$}~i^OR$#xfb>;5^6V)$UW|ULgI^P=Ei?J;%@Uj ziP+yjlz`zb!!xGQ{-kjy{h`_DdM)iH6$MfETX7Q)QFd83lbOZMOeFi6lz6LKw2^jr z-H1_5+w_z*>pI|;elc=D7Az(PhioatvWtC4FcM=7wpF6V1`f4GT~s^QRj!tW z*v|Fj`8CIh*vT^2)^>_@T;csyp6LXs-9jl#%2+8GU~BJI@VUI5PROeL$q19(p#s;j zm~Wi$+lP2o%fUG3Lna3jx3u~ixg1v4%jgeVJs8iHdc;U1`zi*3?~Qqq?tY5dx$`$U zpO|g1!qnU;@LAp?_UJ2|?Oxy&IC`2bFl4D|$?M$+|oMysBGz|(0 z2@P4+ub8$wvU=QB;DWWAZoFp*?2|BZtk*|2`o3Ck<+z>_;_olWkYtlfrBgRKf?M>^ z)z#HK3c=v$UVaBYoppgVi{m)=@$PQt-L<^0FCRb@aS3Lg0TL7@>8*!>D={RY#7vHnrRav+QmtpbDMC9tqD&KDuvm<0ukZ}Ezg(4s2OiEg zDx|xt)6zdw(~i`bj)-Jxg4Gi3_sqU*ZlJ`H=)bhtr712^!r^f$zDK|$Emkg#ivO(K z5A^*=I5-wcQ@p&q>_%JL8TMum41q-1YgI|futm28E&82>a>J3-*jS90tDnZ3Q!3hV z0MV(bHcQ~z`Dl@_+Q@T#u^fh0s>Lqm@!9v`uDhn1fPr+#u$=By{YqB~eS;;Ef);jU`=6V zlL~rT+IB&Uu3C3EtVC}PL!62W+ot34{<>aqJ$?P7OaDHtPuY2l*_hevH^yf!5)?|G zTZUFvWcE{FXD=^fp{&uY0H&XCX3=w*IQaQ})}@<*j^|YX=hIDla>*zWCWBK8=j|VT zded>o^^eD8j(XUPUsn7k6Xr6~Q@^OHl7TT6C`BY$3u;QpjnU228yjkX z=fPnyIyC=yZ`w7?Sx_d#Agts4q@+V93?mMYj#f82AI}mt5qZkWR#-6bDfErX#X^_CP@vIz^~~Gj z++5hVN9cPC=>Ro0O{sdlt;W~3Mko*T_DE3%OuJS$b|kyx0o1h5FZVmuPFaP3bAZxi z%%sSFe(kpp<*NhH!u_Sm>xq4AYMYkja|=sYX!V6Hvt=?>EZGV{a(tuf1*v;+AUtjy zko%PwzbhgRSjG_(6ALne12J32bj5u)P7errD{Y?RS)P5!m}z@P?eG(kq2>l)C45#p zikHLnD;|~)Hp5J@fVHEQ6JMSLO`{||1H)4CxYBNU-5BoxTN*6})a`tSkXpx?(ABQfK`u#zo3Hda5< zyrV{;V8rNo{A<-pO}p`^RkfQ2xamq(j>pqgLS2MWUb^*tW+*K#x5w;U8NBa|6VB(Q zo$d75h~VI8cw7#NXw2=GP9S^TJXWX(h6zB_hSQr3hm24RPdp&q+PHlP3P`6vzg{3I_;UPLGh>RWy1tn@is`?u|phKF92 z!QqOEua$Cp5i|xKo{=B0HGD2kD*{d{5=2Bqi(m;o2WDx&?uMdDjY&2Aa6d-ZjFB* z2OkkI?t02r5$K&&;(?wv*8{jQ$uWO_h=I{jmd~Rn@qT`f_LHAzLjT(v^A01u{$)n(dwxe>66k*` zT>i1&rE-C0BoEOue>pV*1|M~>L;6Mm->1`1I|2O~l@%#V7{{KATAWyePny*^{=`S)aE;SupWlVZH z&BIN>5TFIsDy|6spKC=?!*_T0>U^lY~!T)0Kt)rq|*Y{yX1W^zb3`$U1q)Qq^ zq`Rb1x_jsn1qGx-x?6_s7KtH-ZU#_d=njd2-@`uV?C(As&ibwOuJv8-df#>a+k1`7 zeBycT=f1D&y04pn3Ro4UIpPnUH8g5M-JjRT~uz(KfRMOa-{3 zNxnF2c$@=io54NmK*D@_2Xjy*< z5f?XEul+(L9ow8j|YMnYPaZ1)a3E^SlUG zNa&N$&^-e%%VRr_$TE!jv1jGDL6E88ia}ai2XGV0$fjv%J!u2u4gcKa|14Vsm(ciJ z_QN9SqB=`WHYRQcJYd7 zSH8f)y%o*p3Xz0B$`J)vYGCG66jO-+12hz;eA!v3sYzk_hfIIJLPEl4fB&e-Nn)co z7c$=3@*h81W4{d{!lI**-#RhS>YvV#65l&5oRWHl5QD+^w=n0WIio{DXi!JEA!l_* z#W?<^(|fqiE5q~(SrC$A?~u5-mD-HPMnQ3tsh8trW{gcwo`i)KO*?lv2n*Z+<`~aG z0uvD*Z$7X9<6zqyFW2G`pRVYsEsq|~A0KV}HhZ$UXE&WPRkK#|MlfIR?Ci|d z)}su1*0n6B?TyLo*2ae{uS(-UrtCI0(m_H;^|2PJY2Bo2V%pye;HBj#W$x`?k_NQ| zVWjx@`e@lC`ZJBU%qO@VbD|<5@Co=_;(x^9g0X?{@b7vb_cciPGQAa~%|^^9V{r*l zz1ytQljc*k;< z``KL$c>@lED}McESM1>xI-MUn3rdAxpnm%*Ft`UVwZZf{m6xqQ#Q;tAIbC1*yVpVD z#JuA;X&~UVi>n1xQHVL-ovYiyMrZ5Tr9s5bIf2#Y-%wX*pFJzyV@r;)Arqc*S#e+` zKK;ROv2k-Cm{xJh8bgAeN2%eXT7^gc>S#T}MM2KmmZlCv{vrL5 zTIN}Q!`z(V{x$jI^-ABm7Y!FGfyONKAY!hkJ^aU<-IuVM{Fc z%6?0mJ&ihDTpThE7te*M5GK6{Pi6ju9sXs!Mph?AzzRyT#Jv+vVAM~6d@4tO9VFJd zx#zXmH>MqHY(ie8*01&usD=u{ahrhhFm;{--2@5Yg7 zdCMR-+dBa0rNJ?gR1E+5=}u=kM8O2)v(? z3Zca+rsY$RW#%*cuk`TG(`d#Wt=gjlo50} zfy$|e6E`Yv{+7}mv{5AdG04RO^ukYZ`A#ae>MUCP4Iq1LeEU;1iu0q4!qX&3{QD$! z=HnmZz!?<3L06nYSGvZ2bzD|LoU!NBAfvK)e88DE@wjaoKw0`c4|6aaUH6yi&)n8y zie+XmzAdLJL0en@QnobdEE)Gs4APa@k6$qo1==mNWu<#__1-<;HlGUprfeKmXK#T= zANzc`;Y_e*?MPBIV>x#h42mzWaftXPBc1K=@cHj1Y{bU9*M+YGPQr|H$#PwzUeOf|!?a=m3mw+?U%r@`z#DRs!76{%JP zOkVb(ct;m+m1!*owMLmGc~UiYRe_E`hm6Dt>R`uWKYMoaSAolyL_XI}FnJVFFJv;x z1jo)2D6$S;;W}No))M+Hmy`)-_SY(>aL|)opa~DD@w7`qZAwTZW?i05TztX8Xr#4g zP;3%N%B1rMpW#*p85WZbP69`-gJn;h>%eO6o~PTUd&u5`ii1In`8LluYex?e)ezx3n;V9=Z~xv$r`yoZDt^5@aZo7aLeOJo+HNO`uy+D z18gC=7Spz!YlhE+iUNeBlTP2p*d zaj)F#z{*!av9Ql1c}*+tMLVMyLIYk0MugnK34#{URcJZvl^F*0_jGR_a_xt@b9yGC zngyoa=+dTRjh`KUWuBFeT4Ijj+<29s$TtDZ2gP5vl9k*Ue8oeo;}es><5*_00W8O5 zk;G}${qa#yt(pm3%C)%60@-+{vV=Fz`>SdT6ORR!hVp{7gk&B%r~Vyq_43-dY0RYH z2Q}+6m)8muM-tO(PdU5#OC4{z6EXJc<+$#*CnY)!{$N~=`B5NMqvMkZ74eA|I4f;z zeN21|4n9+~g3eX`kyos3TO0LpMymM*idjJx6{Ynrmbd-ADsB$?XFt?C>-dEiE?xfX zvsXd|LdrizakpQRvE-`!S`D0_+G0Y52P|7E=rMbS+wNDJ{&EW*tXsD@Y3Ka(4~q?0 z>@tr#O!K?mNrAWWcHx$VzQBj_uS1B;dQ{X-TqpnuI)Bhn!!}4OW#b&^2*pS^Pi+C6 zl7o(pJ{mc(06$cD5a%qU8Nh&_k=JWhp6lUd(sw8=`h`#r`D{pV$vY6+`3&V4-=sCN zGxoYs^?GWmUfq64yJ`~F!N)&?2}u1iZf$Nv_iK#?G{)SB?{1(=x)I1-$UaH{s_kM9 z)(*`=F~9s3-c+cNq9_rxfZIq^=xs{E=BR_Gb2&Q=;k|qB8kD(|-Ejt&H$4(Yn#&fQ zUAmZcKCLj9-`#Wowfxn^m8eP5zs6^!{3~Z3IqEv<1ui?Z0 z9bPABT*uvCC|x{gfv=d#dbLSt|BZdg?|W^}^hBNP`6fKp7TX6nkl93!l@CfCa=aSH z&e4$a^s3u`U3vd_zj81%dd$5LvuO{7BLsK-tIp8RIBP}BJyWW`-WaSdI*nZ~N6F}6 za>WIRi-*8x{Ul~(=;M#=o8>FkK6zLkJNqOYf7kt{z3mwxp#Xnb)D353Ej+mx4FURdKlRdfn zv-q$k!`50fmQTCD<{R4*LWpGmwqP|`jt1v_6qlBXhma$l`7Ub{>>#0esNty7tlv#n zReZS*j`5oP#vxo<_LGiR1OENTB?ZTv8|Bh%9I`LwDQ$0)+(-3=MaR(lK{n{*9an-o z=i5{>Cs1mbwTv=&NJqOdUK5pBS(ZpvFly3^9vDU#2b0{0 z|9r)}kF{@B^CG;KOnAc>GLOqBZMPy`_raItS6>`rpWQV2-L%e8G|wx~_!jIut3hbY zjz!&XjDDnVA0$X#3!&|kqi%Y5%(LQD99nH!vQv6(LSYReh8Tyt6Ls-sesn(MkUMTk z(k?1+vEJ)Cgmasd$*G-(QOPjKg;M2;w;e_DSTs-cH@g~_^*-~8gQM51TxD(t)3{x| zhkTHUtraKvPz3hPTcNOxGi9{*Xa+62RtBd#85>t1A6z*i-1izd2GLqxsR`)igNzQ9+aG#wu97U;{3>TEddmcnWPJ5ltTvS!M z2c-hEv=x!)6Yx6YE7n0{V6BN-aydx6T zGXvF(4@b2K$q?HJmXT(2aygSfxKHAdVURRY>UqM3zCT-&VEX_L#Ry@tXWUUeskSfV z|BVs>ao+%SEHVLu!MRsB)AQh%Be(6K6gujdrlO(}3#UFAB+p!v)VgRXo=zHiL}?Z6 zrd_ja&~!OlW>Gsjjov<-WsKI&L30&u{(e|tc)b>GFw}8W^Q?!@$-UJWcvk*sqZZTE zmCHFG0;t{cF#R;|qacivE(x=7Lpix63-0BF71g>5fFH%LSX#SZcwL(>uXcBJaoLx4 zCA#9{4?PGbJ)oh<12>>Nyl z_wUowtCvQkrao1xfqWt6vaRf*9|RgZYBPfRa_3?BS*km0oI)(W)ULs z#)xF(OFES_B^$+${4doGE8=;>`SZx62bBp#j~>xThsTL)Hop*;mW;$%(Dsk+?Ui#y zxlqwLu0+unyB;u9aQKfP`7WNi)>LR9q=cDx(ASwP`Rtd*aX05@AEL1oia&Ha+!ZYTFF6;kGV(A%O}Xx-zhP2!&`q#3+k3<56V*5%#-7gpM z@{4;IutJ*>SCg;;IbO67r+Eu`TjFNgMML|`%s8DFma-`L+>^Tdi9Pzn2tXxq*qKCH z(e$zcPjkvxZWjP%p#U8#20Vd6dj%&aF>YrMM{(|W%V9qL0O@V69)IRsQzQC37=g%^O)k>^; z1O&90xGsf+3DgPm#DCv^re0n_hC`kOD|8v#*9-IA6m?AcjL_0%TeY;8S^LbTM*8cu zFx56^aXDymkJ*K7Piwh2Xhth-YDu8$>eCLc0F*udgsoY@ZwT~g3?4R>xeQ4Vu$z{u z-RQuUm8EwVtHWSdEzqU}8Y>9E24gKOWJ@^9@bTw5^9pK>D@Yn{6Ti@9l`LBWq7`n4 z>TmX8{gBtMhk@PzZl4$j=ma{|=h0F5>O9xd)YR1OJ$OLHOm$5;>kh!KC^QCX0f79s zeHuv}Vs@|aefOZ#N5g9V_i2&HTzV5Zwni!H>{fhq|62f_+0{978@}zp=;7ly?VdCN z{rv%*r@}BAia_kIOeXYE*(o5mc$Hyr{zK99y**LCG#-BpiLyn_6obf?0FNj$Xr1=U zF26*$eC|#({Hx7V*8v-CO-=Hpp_*U{Dyq-7-5t@LWJk(pPZaA~+o(rzKf12hP3KD# z!rX@HUvzx`C?Kw&fOk$!imRLEVl6-;4tJ1T*P4S|F6wX^W3U$6mFS_qoP37WyKkFc0!JUJQz7%Jw#?U0a>Hu zp_{-^P|ep|s!hCYF~TJ{@=cBW9A`|A3+yHr4Qfvd=3Dw^*YV{YLGkJ7dhnYKof7?N zSI1mpx~NngCHr?C@)jEZ&?~Ttnh4j3Mal^Ej$oIaO(@Ea*T-)k5&s3V|3_Blee;&_ zOwf$h$FUbzy;<*B2gfGJD^A&L!%2A3ZQN?ze*biZ-!^+-Xm8(TqMGTLXzfdMWYGe= zc)G2R7^s+H4g88$Hl0PqIqYH{;Ny1;(ptShKKo)e*lzPXqJYqR2w>HuZBHdY!-PX# z!9f9CKj!u8HS`=AYB@16q6rQT4D#Kdz*wyAQ@1me+u^KFu!P_3gw?0=aDVel3)Gp9 zXdc?5NY>?IjNkV2`vKh@n?;5qE;v_$2za!iXG34^nJNtTsHoK%r?7zlJzlm!7SPq} zG7=VB-Ui>u*$KfwM?dFo2v}We%_0>lDl8E1dIpaBTH@@PGlHl>mehf&f(9Tw%yfOh z5nx=z=+Be$zj4|vV7p3P%Zz;+8yBZ{v>B>J(V_Mk=kG!0 zkGrT+JQ_jPvs;P(%G*l0tKq*Zf?rJ3&{Gi!lieJ7ekVwn=Vkx98RP!Za0&Rj+I z{@&IW?{RpJ;gD-*FO>D^(+#{wd~UhVAa6W?{J?y3HzM+dmmuZMS0Zi0l|88vb7{1H z{oxk@XeY<>&)?bQ5RzMSoIy=BTeDX@MTXoJ^l;4Ar<2yl=WVT$7-({FmWWdgu8Wif z!Ig6fGVuTU9e=KCH}T}wZsui4++bIsKkJS^KRv%cFef?CWuaB=Z^7uF|2xwH67#y> zKl>am{rWqbQeKVOMwY>0_}cyvv~0WHeU$Eb#-+k->q;`V_|)sulL>0@;vjtclR!^tuyZ3!8$s^($lHnL^9$g4Ap?QzJ;v+@Ph)zND~4YSw`KsIPjl`ry(RV|%hF6DfqH#Ty8V8~G^@bl-$*Ix(& z_GvjdR9?P(N$j_32Be-Q{cLLQeS8r6I~d+}wAR~spX|m0SSuk~JE9(K2@N)8DcRZW zZepuZj#D0z`)dtDz+;&==%;xi`$VG z&WPlN8|IUR+OaWLkPF>$<})l+YW`9Q+rFBBQ24d6!Ppi=5{_SDHQR~#niU=f1TTGc%P{Ws;tK)(?6w7j2~p>6| znm)B1kgkB~oE=fay7O!C?Qp734`FR|5#{w}BQnk>MSgSbq2xj9+x{0`^^F(T!RS|N z_oLlN#;(UC1bNLXBl#L;@38!&y;#M8(*NDHtROFgcq}GU2r{dLzsS2^yY6VzS%Sn{ z-l9^iWMTWD0VQ(#G4D)mkR^KT^ZtgDL##MNPSX%%ji>!Rsi$?`>`~^oqcjF0z4s}u z^HrX_7T2n|F_*!ioIcEmWBh)s@D^hj@@yx5b*gRxL#`~yFv`>``aQruH-YxHW$Wgx zTWgqYfdm8T<>ExL_Ts`L)!g6eL^@SibQ=%%hxXj0_tyJLqEWN$U`JieOgITMuHjMAtup##HbA*;m&>Y{#gU_ZnXZg59`Qt3V5PWqJD zZ02(8j09+C_}sAXthCyQRA%p2TuZ9bB-lb%MAC0)-zYM$Oc?!dzWIvP?{ZVe**HP}At79-E zD{k_{Zoy4Yc4*(@d|B{XX?JnRZW(SC4++165x8 z#Sr6=LH0)kpscPycx1u$yTY6Oa63hSphKGKI%-H&r%=fUoC-4z zD}xO<<3o-@|!jepR6@!XhXr{3h0{kZrM9oLp&Tx{%O zI#@>Lx=m)LnU{)UH~WzLM7af3hTA9nug)(|_j-&hrgvYpIrn8w^L29yaPu{`LMhRfM=BzJUp%&lRLJP)2H>>0JJy+BrFuv`VKbAuzN5Ho1W_7NWNhSm z4c%lzalPodSa?(tPEM7d@zP=PtP(@);*u-)C-*peEk;szVz~WVANW(7as_c|%PQ;m z{a(?`98(($%7qMCZrv>*bga_t)jiyku85uG+CDT&>e!y|j7JuFH&)%-1fVLCL2He) z+{4_>WZxHgIg`D2V0=S z%e{KAGa6>zH*wI}oqV91J3T(rt!Oyew(IMXr!NBHdO-tsB&P4Wq^xW-&~Zsh?xf7p za5ojo2!8XHptq2gQ#$Jfh3$N{!Y}0puD+k^)o5`KP*I{KBC_}Khqx`q%fovNdy0kR z-3xN&NqfFpQi)ia^9w$8h%Pxf*+C=1A0jcKB6p~W`SyaFyVZFze1%8W@Y;nZlKau? zcHBtSONSphaOPaf=|Gnuc4e0Xt{&_H0fI;LY-utmkC;|jR?c%__)5~6jsR*m4V#E# z5^(v74}(ZprwCSh>y5WZ-5cBm*>rQyyCMwBj}DKe#5$%PHq3o@J8XP=4 zNB>6Klf)`TKJ89u>lto6aki6wsTOL#Hm=1cm`69Y63ZB55Xt7e+D2L*tzlV(2rTBi z>lee15{9uA;oL++s?X@#uW264VHcc5g0k64u5@l586(hc$-$Jn^LgBTL77$HkBXR; z^t~>%#=pD(SfCl%i(hy0J;>9>QV8!14b3^A{d%bVJ9x**gebP?@MxuAT>OJZsWB~g zU_*hL+>(_npW3p-ZWUKmdCW|*ZpFgxwI9>ZE7O~|=@g#1p!`dvwJsD0FL=-hD}Fbh zp`brn>QVbe3h{Gtm`H#^&`535OtqNFX9dWO#vthr%QR++17Qtl~vxYQVy&)NG^)U9_g-Ei1kb zl7v2QQ8RTDJzPj-29maIfyDOf2g zE~j%r6_5YAM9dQGrMI+x2 z0?}yv1doQSNEhI!;jRK^!KY7`)pbZ>p>!}Ews-0F9AnAV9kqszQ|B^}mV+tF9zklx z;VN#1S^zMbzfaFPP8(8QboixvUVAT?9aU=Ghoei#D%T(G(-Cm5z68Ky2~cZ}ljSgs z?t+$J)fak$;VVhGI;)q|VjXl$BhL-%Oy_Sd3Cy@v&4tM;$h{#uW5d$R3do44a9@5R z7m3Et8d3kEUz0UUWP{(`Vsp#qV7kn2n!R~ZG?;)oI*5>7RjO9qUYSk$VG<{>pIqWj zY75Hm}w+@1fjh!a@b6t0ZP`Z$WgT@ltWM+IVq=+ZY4W~H4{7){-5dO)3 zR_PN*8}goJG0GD_r38SpLQ!PWGDQM8=y~Smm~qMF&R84yHVo9B@mm$NiP{aN{6)Cl zc9ftcKtqo|03OLaBJ!7{-@D`P%rs-!mb}OqoR{6TT8-4mM|=BzFV8LoaRrl2uipq%$!E;JTnjJA4(Mlf z9MYRwmuu<0bMI$|+6Ai6(_Z!k_wjDv;Dq1VnMJCW*p1pp9#6)b!XV{Afn1WHYPUL3x+mo6<+YtRf$S=89VeosOL{ z6SWu$;nfw9-)qsv>aEL&5ph2uG9?~b=`ub?#p^qy84#&-iam4c!?CL3)6VPrL;1zd zcrlNt#rdRMs}76pVCr18)OAkxr^w~jz~!mbh`#i@cz53ZSm{=iPq?EOMS>?O3IeNS z0Rc^4=dE6*{~>4KwBOsZ4S9xiKRo@28-HA_;}FWWG^G9VscB~;55q%dq{)&yipJSw z5Mf)p`1^D9_*5FFEL2QT=`X|=`^VJ^4(22+xTTKHWJ~ulkI!H z_I?VdNM3RkBG)~fOk&fa;}rS6`(fqeM^P>=olSger(?mjWF~nP?eG?}`M8D#lLM}x zs>DjCWuxNdaOdKMfermJOq~f~`mXn~LH)L3jI`VkDSp>gN^y-6k#bb!%LldG!ls8q zVLvP_h=-g+0A9cpQLoPbfcugqsw6c7sBgFJV^5gF21>-2mr2b~U{|LC1MU4a%5ss^ z7*#f%e$EZs#{*uOQI(MH_+w(CAibm0#(kw4o>EJT<7MNXo@pIR)X6j?X{F%xnxf`( z@fX1|JP={l9%GSQ5@C4pdS~Vu>kb2B;_`Uycmh{`BD#0}3DtvKM0GI+HrKxJDhRv?Yk;DC8G7HQ{tsq~>-s zkAC;J4GJK`S>pA`hP}iIJ(I3%;FXrc^tPiCY+d9^Lw>(x1r6QM&m@fi^;OlY*$Gc= z%7G2nR_Lqgz3p2WK58laLtV^AQx=|4C=D4nkNU44imRih4>V%8CXD8Lq3%><+^>!% znbcXz*P~(#p##?@_Tzs&hmgzhp__^f25>>OKFdl)fl@VBv|#Z%+Ks_C=e@c70j8@1 z$kxBy|0aWX$I(GRd3d;1(IFq5@UwK8%J{F;Yy~W_;kvAU0s=e-ffKiIZXu_A zjlL}=;3y4GD?6_zrtHqkr(Pnkn$bh65~bsO6c-&itM_s;sNfb;#MDR<(}CYbjN|;s zpagB1dTeB5f`lA_c2lE8sd{1cR!M+(<~~r?Pt&e*`DHcUHQF$p_yDvH02(?PSW>8_ z6D(h7T>0bc1=$|}Wv{UoUVH53DGx*nh$(5UWZfli6SrIQK&m-WnDLB7%thPV zos6TofWU13r_yr6KI>?5tK4Ej+|V!+bkcMq*S`>5vIp*DkNtu6@YZ|s9|WFL$!tEQ zpz{v^8iMCFZTocMQ2?L`d2+YZuX+Px#dZcg3EfgOW2L`l6#puhHg8@{iUS#3FYxn` z$do;kdrH0{37SOQ?+`MrjpbDgLbWE=nv7NS-Q3t=O*(BQOjm92aS>Ne$Jq10znn!V7mbSL6TRS@?s3AL&4A9a-36~WUi{Myz z>>s_Ysd$XYcf~#D{sx2nZ8_xgROnsTK7FdbXLOWj32iI0qLwu^2)@Ex>M_w;ez>#wpd*s8v1_0gnH< zM)j-xRW7b+6P^K&flOF&E4mL!2JgtA?(z>hXjt9xzJv^4tPvlx!zD8N- z<|fnDv4N|VdMwEN3x#@N;Z}uL2P`xy#FD1mGolU~T^5!aBrGkVX}2y?o`PK0ZS9IF zM}J`4lqOEg#6$-g**lMDOkWBm=U#W?V2bUp{fOm@5i1f7Q7%id(0ORm!L$=ozc;)B z$1MU-bk(nIIxuvTQ-9unzC6*;UE5)gz1R|^K33#jgW!Zrq60Ai1wbZ}aTZLk?2R^%yQ zKpW5tP>7Ry&Jo@Vk8SteTZ!Krz4&&wvF1+hp<`pQV@Xh*XMU{|Y&6SEIj{$lu0!W+ zbgB42Cgf}FZE>ry+%kJ6;c?XhbrV+hyhQmqVAgW(Q;;AeUuPKbAm1F4MGn|@6{se| zaku}0ixg{9Itey940Kb9vCqIL6Cw?AF0uyC|^eoA-k?YWf zo;b5&?E-eid&H4@RFd{nlU9^`e098tv`c~|h<`&b8-Z-0p!VdwR^+LDZdrPi#{F)O zZ@Hiy&Iq}AG8axj$q>ES9YS^axKUr+B8nVk?dSRQ&Wtr=2vP=Lj@m zds5((fm}? zA(uu{a5|fI{kRWWs#Dbx#HC|jBneqt7yf8rzsH)0s48IL1Z@&;SzkLmq0!22-%4xh zMIFoPzcGzkN)h%mx9;B??~bdmcQ>mj>3%9Mt$9?y6USzcj(D( z^_@W=rJ$+)UbkmmRh*RMI`d+%%dtOMNEpWJGHCd<-g4pTke6}AI-eH&9o~g^eI9_8 z>E-m$(zsu_wFRy9S8QBa8ZWD%pymt*JPrq4PEz~mH~+R$V4MnTA7#X2NTLDpUhK`A zuknuB0#!Ru*H?bEJROdPl)qD&8Su5fiu;tsHjSm|iMG8(uBhN?4spHe5%3HF(g+x6 zTgb4itA@{3%O{#Gzk=gYYtx_Cyk#qcp&(}V=c$tNROB#_&C@I$?~B`&e2T=7^m+e& zbzLQ2;K|1ckuSjNBTb5wUOc-w;0p1R) z(X_i!ZXhB1>r>D=zvl0V$-?p~iyT;noRJtnV|bKU6*f-0-M6P)tvXXb3Uu~U22k?z z3qh-w2`7v!%yQIdmgB7IZR1=2!~JQWbLo$W?g#!eKXLb?OY`ye_J-e|p-ZdVE=>`V z*V3nDW!;Gwa`@y5{0`Q7kH)Fwj%I{|W1Iz(%6Gi06XyUG6niy~?t8Ryhn@6Vc)6k!|z%d5jnTFnJ#-z!LXNR%Ke(eP7bvD_doduI2JUzFKbNKLVYjohlbukKk%8nm z0F3C(vd4egKG#jVh|`8pLcIbPaIrsv)eBcNb{5c6zvbdVspWl|({L(&`!NOGfSm~Z z)n9;zKNo$nJ&;3Z)Wq-9aVHtMxEyh9V3Pb9_5NC`H9oxlNMa*EHq!O7+y!hI7633r z!J36GzphOY@H_Rtm8z&O|C~k>0>{EyeZA=5kKX9RKQB35Pv z3=@{=W&J%ajhkMA8RwV-n*`zIPyg!wPygJj=cfJoqzF*UYW_Ms_s@FU>>EAmnM)$y z*Ju0lBe{&j=qw5d`!X~R9^1CuSA}JFwu()ZuSt}$yX?LIol$f}NhCLvRKemK+Jp5n zURZqD%xKcFRFdIT(vp)_`ugs8Olu17&T=4wIe1SJxTCQP6LUSB_eXLRMb|5LESJoW zip&mVU>#j-O?^cyhO15$1FpNPltMyHmdDR#zf@0pv>_t<@GZz@sDMJ{i_b;dE-%5o zhc`f;nMw5(xZtm`@Z;^Q%iDshn5v|Dxv<@6dbT%#)c3^_htmNtlNsx!}bQvy`60j%xvd5F()cpDI z2??oi2s!X^egoZ|7~s`bXwAv3U!z?$vge?_3<``__6}emq&;tg2EES`fTv;s+~zju zN|am^1_oLgHfgQ*)Eer~%~Ia!5w%ZPH5m9!AQu+Iq@=#N{cdsv<7@jBdI~fuplmDv zwwdm!BI$v{!#Jm%q;Ce_uU-=kqdqar29-h*+Z$c)M~mfzXf=hR2-1-K*E5*G%P8}O>=vD`xTO`4z*un;Dbex znYCe;x8js`6_#~&8ez<|^GotIOj%Wn-1Be;&vr)8cXt_aE>d&vXf&>cJ(HG3kOKvQ z9UIaOQEX6RH&Jxg+_zugFiUi8BCnu+7#?@DH=;9su=NFRE}+M#vqyljaD!T#OWb9D zk+Q_7$2Oh;kZbLF!F&{l3sa?w?EHsL)qzBgRkgo=?Z90?69d6{6N7Ll$6v$oKVrEz zE55Pr`}ft2p=Nz==b;(Oc^t)%Zqpncf#o0Tvrkr0Nw$;l}@ z(7ki7TG#DPz?6s-R+{C}HaawAN&t1{>YF_L^FaCYkjeJ)!r%q-Y8D``iAs)+ zTNu1MjZ2o@Qe)`YfVRYlkE9sdJSVHXTWMy~efpe5sH+%`D6`ALCe=PwUT5w8E)^7( zltc~A@SqA{{Q0oT_(zK&jXM-(Dg97Dz|(H+Dbfbf-qYjg+Czk%t8k7pFZW;M%E;tC zqk-`Qk(0G+ETFYKa&$Q-PC`d^Sz1gx55D*|> zHLR@#bZas2b#ncEatmYPdb0n>JRh2oq?htiPZZn8W#E#WZcE2J)lPAqR;YHIKeKS( zM%97iJp#2eYz+p~E>OZdA0*`1&MSwnriwK+H32=&lW0ws7!r7c@z(c#+2`e|ej^XR zb}8e8nD%j0JJ=<0B#+X5De#DyA*D3U_3)tFMKANyjOCpUyfBvn5DP^T*j z=o0CHtln_Z*}E(5IA1O0R4`J@B?GG!Bi0OO(X(EPZDdF{2m0u25@;R|+>!|&p`2RT zs+O0{y4y2`oAE4HDu9cFafpK71H;7G!_1EZ!H`2eMq- z-4^3{u;Ky)yy0P32 z@Vt1;-t=ASagmJz0a_QcI>zlw(B|`n+QIIgntHOsp>$_#C&a^7%%h0d8muyQN>Ut-PIilyFO=X*W; z{Us9anMtg3L4cmVX^!i<@Ucv^Q-Rw`%$BcJB zIamnHg6v_*E^#e-#RKt}&G=LM)-PAO4HQ7iDCp_Swh7ZI(F3n|%b&9T{W*cK126J2 z)VxjXtM-uI9OIJ0$2@J zu2})o33T~ci(@EeYMLGe8=KPdU=BHeIw~KB9m&gwef_HRD_%N|qvI;xR|k5R4Rual z-bsfF1VoekO@f3;!4Is}>`=6;?Ay>PlM9KrU@{>V5KIWwpLx`;PE_>dtDa|afH?nz zaW$BP$1vC=+3LrqfO+EudA!kYbm#6BATQ~EoTr=@6-es&vD9o@2(mF{P$FH10Ie~l zZA8F#H%Ny;G>Ev!8z#%2$Z&Y*Y}+S7zGl;XqFG~^?{?g+y6?WFbM8E4lZgV|M^UqF zvgw~7%abC*ae?q}-=sA7o;_2ytlXl4b#{k;s=jNx*!$LbFY;lRJ8@Z?Xz*jReUh+! z67G&xoD~Bwc_|fDznp7kUg&ssis~tS@agrv$-7c z_pRh}x_clKXyN=z?EC8zbR^vNVXLdpu{edMa}=lXaS9dgSl_tw$U$uL64horxi@;a zP1R9}tfZz^37e<-X4=FlXnC81QIkf$fA7XqU<9-i3Et<2Y56)Zp-{55Ev5u=TMxUQ zjk!F=hQhtQWJ5&{j$=i&qIWSRh=)3E+NVc@tSkl{MBwy&i#+{B1i*48A*oPc@xzgv z)5a6mxOndJ_|0X_VWboMdn!pOGFCvSw0^0XG_0%N*~d3Z7{$PuD{6auuTFrTaMi+e z{A2(xSPZ1~-4qtO@6&?7Oxsr_DQbm;`0lV>XCPqZFm~(AcN`4_RRd~VO_}xG*~y&V zLj5iM#loNcC8}0vX)+`nN?s|uCysxo{Q(aXujkFgO3XWf&eEwE^;~TZ+ZL)>^c~|a zdzw<`&t|_lgkx6hYX3`~hsJJhsR&X7-)tUx!ikN1lhw=T- z`+r@1>w0yEu1bxS6?26ODAwF##q$WD^xgL8P=gqP@d97~>(T%kS?u|`IM80U(wyDB zpkKIxhJ2$7VAcLnY`f{x&fcx!>hQ>zdEWS>BrD|XAeS(^;3H7A;ZbQm0qs2O0rxXt z+B<0kU%8bK^4rpxIeL$30kxs+Aa>kcF-bKbaMWuU0DV*6r7b-1>C|(7ou@wcsm081 zys(gvJ80?h!W%Sos@I!*-;*Vi(L8wW^=1jp-%M1*aZj1{dny#?I$bJ$=(9QrQ9&0! z3iNwZJJ?gRbtatNa|;U#oX1V^tVRo6T?Z6rygZc8ByK)#(g0yuZA-HQm-y*OcmM^&jY6z`uc%p;D%^NrD zo#8m3qB*<_XR=kB=|R+_%OG69?D41KGBV|^X_z#7t7DSdzeh^;AE)g%voXZ7nLKM6 zZhAeN2t>w_giIEr+46*xi~^FfegcryN~Hq%fi7Z{@e$jxf#2=NOy1+LaDFCN*Ku4H zo0QI9SyC~^QLQW5SqRIGCsy@a>bbF)xa-jvI7BsbW`Zi$nkdkVpEfESeKVGSa52AY zzv>O#=0AB}^;~*;U1*QZQHxNg<);7gY5c8)o^B;MrJ4-MHdMZDHoR+4EtOuqJgl+t zeavzZe0(rtD@L3yUpRyt;g+`)y~CeeEwH3b*Ep6kySEVGiqkb^9$B-rpuys1ao;TF zSQr*(L=czuZ!mAZ% z9wPp)wFVUo-qCgRk^4=mBwt44dWpT#w-5TEVE;hh+WLuI?#Vp&Lk7*!=NThc^i;y& zN<(UiLBavW3ZOd_IQ6lbvCn&?(spu9n;pB{2;VtPhW99HgKC42x@{_hHpwpO0Nr+Z z;~71cVPIy)%f}ass1QjsLQtj8VeKtBY<0!3F7b6R>EK%Tdya)NP*>(!7=hB+Juu)H z>6Nj%$hy(4gSN^X+fdJ$b{Pi?&TvVuMw$kUi?z%7y@qT6P0T`#EZpla)cIe|{qsM) z#HHfDfBNsc^8eXmYK%iaIXRgtXQ+@^8)w(59x67lGjX)gh~`DcEf3{Nj6k)1OrIrf z$`rj5$#6Y@DmwoKwzM7pZor>2`^3kmTpQ@w>QDz>}+192NLj9_7PGnFgmwEiM_nMjhRP{wpXe9qoe;|cTvD!QvI2WwcNcAHv=+A7 zFvMk7PB%lzA=(`Q>2nm$X5Uv*y_Kb}su0b#HJGo5hlMFTKt8^j1R9B!OOm3zFKD?0 zweLD16AmbundR3THXaYmKM_s}Io$D#94kSl^LzklR!1jeaI`2U-&2tQU&(xR_W5BA z9$34)9%b4Uq*Vib6gZ(}UI#vUH-!LQK3KF$VyzAQPY~r!US5nhe`8+v3+nT}kHtu} zWn<)S6Bvl~@9*Rs1ZszPhlKQ+2V?+4$dz&n7Slm%F6UqA_9ap62cFhmKU!K0MmIqA zD47>UpYF0}YRGkZFnvbDYUC0Amc+gCU5f+()684EKoX{zCj=bk5kNZ8Y{7SvEMx#} z?9g!@T7dor3?E(`l}rzD`si6YrkTXY^T>+uHhab90k-_ zMcc%@(bk*!q~qA4G^~~=Q0r@qFc{2Gt!|=~#>*=htMW{8tLQ50h30mEd`zI*W1&z7 z2jR#hPjL?OQ5sS=CN(gCnidS5fT$h|SSQt@hF5+ekw!=ylB0<87@z66TU2|}VWt4p z{IhVi_`vA=vZRmgt&?YK{VoxESzpR@>_3<_w$& zr@BA_R`|Fon_3X5z>|X7BVX*tynTSdM;79ab~m)| zad3w5jDl=ok3@Amx0zE&eH9grhMX!Ag zs>czxo80d&28Hv)FcCOPEz_EeUxFr{qbCLDoDh4``=CpbNU(mqvcO_;k%+y--R68d zHkzG(+?|ztsd2{*vKd-{awUdkl3c9K&iC&oA^2E(hj#JC#piRLoI6Q?d&^2U!MwQj z&kwQx-ui#v`o$XVzYG4dy*_zEDOX7i01t*hHCIq-;+p^A?wGO|6l!+-g?iMnRI6XTSa`{F?+)#OH|WD~OK6PAu)ovuVpPj1VoKIboW6PU z7MY&Xl{>EpBmqB)Mi_;VRlyxrT?K%~$bS8KdLDBA{CT!gxl#gYvE2zER~Emqk#Wmp zx50#ISf}!!UOm4b%r>oW8Q5->`uaS3wRn%hJ95M57L_aCi5!Q+8H>D%bN~Lw5h8g@ z4@IGo+Brg$cinl(HW2Mp3%T6zwX+Z!8O;w97SkV=HkI zUB~db3PzU$x%U2QmD`1D4+VTM^-Q+`pAl+e*wE>Vb#|vlmT?=I=|az{!`7_q zw!VLX>x6TaTM4&eWmBE&YSe88rG$mi((MKIcFeI)BHixp(lEbq-?@1r*vxp1<8%qZ zs(Gn_tL$oFN!-CMS-YXnDmS+k)ZIOy=*s~q6|wnffkDIj#K^kmUxgieed^Vyg-%Mw zLx1w_td;Qeo|UqcLB!4V0PzajkjKo-j43F#@30%_$Fb@?0AFmXKO2uHJBQWVqNt>Eg?w zl8M@6pMe}D&R*w{x{GSN4aDpQF}jsjFcH+ad6SxXpk|)7EN1seyXMvJH{kmTx9Chj znI)%j+lPov|G8P^Qb;doDnpOkA!NGG%zt1uj$O-KR`zYp3%A#9Wg{ zLIKG+Upe>gpxbe7zysuCc|g_NvqwoO{QB9go>e}-&K-l2!$>LZ^Mjf2E@ed(xM&V3 zW9W&83sCQtrtQ2UxHfs*Tf-X}*$0>1c3jc2;&AGW37r2)LlEIo*AP&TZnfUq4q;vbfO`%wbtYP-J{Kp0*q`TufBr^cc_j4ed|Q8yA^Y09ybT zH~Frvxx*e97a+paQV+e9SukkRDHoKFV?=Td44~cIhpmgV7j~C;IlgMKW}fe1NFz6* z@Kzr$$-ozNu3mFzA}2D7`+;yWW*GVO8`|(}xX6HxUl;%3ySHx>Mv8%QQ6vsLM6E64 z=R=Lc4s5~5c)+zq@9|_zZueNI4zZww2I|Ss?OBQr2w9keB5fVaNo z=eVU(d8^NWFgZM)s;|7`xs`>=23kH2C&z?x7Qerl`6!7z_WF9{MzSXZ+gTm!Om(iC)r)dQ({6>uHSn@sV;4>ckxy4Gm7vL6ZM}$2c(I*Lb>?~H5U7PU!r(H^L*+A`sV4TS`1tYT`M3LBaCl@`cp-w`h><1@Y1i&27*xlnH)U8&fXrt<}m4lQn;9MsKM@kRiz6YV#=G zS-%iA)t1J?0AFU>rCld(&u=QMkm?EPt59!0V=~1-b}EB+m#g8Nu{)$+km*7oGFFk< zkWjXhFM&Uo!+ zgb&}#bEomrz;5|9;Z1{$2Btr{%PBRAyd>FaArU7^htGKOj8 zbF{oScOOL%_0(;gw4*ws);#5-PL4~bjNu>K*d7G(y|c@v*v~zmfP_KWQ|jVr65&5@ zM+am(Nq1R0&mMsDRR-OW-N4><>c0)~KkPC!GpH$-XGrRteQz6=K{g}0NkW2qb~a-o z3F4fy3#r)TOY}aNEMgF)@&C&S{PVwlMd0STgNRJea*J6{18;$#g|Am`++%&Bzj(|h z{{U*>UGPSU1hmEsmc&r(Aw5?+S{HKoybEaSv=iqTy6dlVFOt~)EXc(;$$M7E#4|KfG@>$AFIc09Bo zT}`U(`f$h3`^s|ps@W^!JFUl~*6gzJY*oMJN@g=4b=GsoD2yXrX*)Fl;rVl? zAGTl0O^bn?%5hhONIsyV(JvC-?s^4a7z(>Ax!gvuxJtA7*7kl=7$ixK9g+Qvls`IG zAr@{^5)D{nMwJK1svy2sOTmQ1(p{*Z(iw@Zn=&;}M+5#t%6+dI5=6{C&*f`fiskVb zikWT+l0~gSvb~RM=g}IK)*ZYyV+qSZqXf1~QChw{RH!AL#BcZT-Icph$+oqR!HgKw zT|fnCNeB7ntrxGSI0nkkvKmkQOMnPs{?_g>=>5clxV2VTp1nyuKPu;BG>*-%>0qfa z%M>>60`Z#6QDi<8ZLlB1D+*3Xut1L2M329ckiLB7ii0;T-c=%=RmnT-Yf*?bUD!a9 zUozKS#%JO?I*7&wNt*#u$4)`_(%p)BxHST!dzpYhu`pqT>v2nx`LHD)x zLW*3(Y14ELr-tDfV^)Mh(tZgp9=?3uU1|zWqYw20zY$ws@uL-UdD`>2C4%o<=Jt~i z+l-E7){=jBWiH!xLNG@GRMSiljZL!wR6blNQpTcZjrG?k$=Nz&WgRv%+BaS(!+r#+ znH(+ORv{N}NUdu$r?FJ$e76rajmSRnM|F(yE@!{8p0?=z7Z}DB#s4Q7KE#pX51DMC5HL+ zP&zg45aDVlrc-Z{Uu4+SxA~B{8p*)kv{SEMsHuTf8BrF-U&pjPkCLZ$v00aw)RuS3k#zy}Zzq zn7&98e(j5gfFr!B?4#TN3 z6NOwGnGUBUP%u#0G9BM$PdWq~NixG@g2@*mqN1V{51BQKfB+|d!a~@|;(1w6D2-#H zQgSp&gj&v7H#^4M-SAvOzS!#KMH{7h>6)&iLI0HLnVIYXR*2$e6rFs#7Plzx7;!yn@`sZlr`7DU z%U79Sc563iC_zP8K}NNOu#7forXft+v})0_Tcs6ocZwdX-K%(0q1RQn)_}6b*0l#F z&o7hB@BUCdsK?+T#ZKGVh^siHzYdYPP(>JVaek^{?@=qu1$K?H*}J<^7m~RflPsHz zTRJtiwtJgC^sqT+&9sFlkK~2T9m3*EBR+nY3WN`39lIR`-sf`LQkTBFT@GZn%r2vo zc$dfL`R(98aB(Rfs}ytCP2zBK4`e$K*?A{z2VV}ds&v$x+CQW+3+{Q)Fuv0gZ#bf{ zo2-z!7g=Gu8y1JVq$#~e{N38pj^JP>Wj?&(Kd<8Gj%G3q@9nI zcwa4nRzf6%jolC!dzj&wx^gwNpC)u$OU}zk_h*kMUAcJI$pixL4Nc}7IWN?96%Z`Z z3;GX40udguTQ^no0coI(SsFkR(y1|wSAB}>W7pfOyDP5fP~Ul^z-%}MxOeL01sZf} z2X}wwsN;>BWO?S+;@x$cFdyt@UTL$pw=V;%VuuFog9V_1&gRy`4-6cq$2&IdPd^3p zb|3+Sh6nEt#8KQ6M<@jq>Bq;DwLip)8o)!U&5$v5ngRF~{=Cv${_ME!oGC@sH;8YZaJJ+9NYn^Hp2a zO?f{p2F7fS=QTGE3K=bVXT7@`P~*hF!lIxA6_|-y@N}GCH}6wX=^4o{QHF}r+=q*n zF-22WXZL#Ezj<%>U1|Hh({2Y~;4f{Ul&j3opU;QJGOBzd|2dnNm7B|NJNS&xcKl`8 z&fxA6{DlPRok6-CyN2ViO6i4jj^Ao2pTrpS`=(JI0NZ8#oTuTa60Xpd#A_|1uAX%) z2dOn26YLP-X3DfTS3d!g?Piu94erjXM(#%SVXSk3+g1Y=vc`2O28+k7p~?DNDR!U$ z{o;DP)j&?H;}<}kzG z`t{j3_wH=b^Svym75su@M2%w=iPVCg-AxgWb^+weA0H*sc+hl4MqT+k*eIbCGwG^M zc*Py4&Y1l8a3Ah)a0%2>Zi$E(pq9tW%}d>4FWx|S9}>7t`FX5r@xRnI3?mnLILfdP zV}K#IW`9OduXHp8LBd!0+-8BI^Kz+ZbZQ;j?gW~GsdRwMwbQ|JVp%jF@SMepx=vVL z7w`Aao=oB}P)e<>pvrTk5UF08JY0)=sPQm4-4yt@;tR2Y?K?>5uNK`ZD<&$%lV^kd zk(0+wgtKvaws9_S(G1diwxbn+M~AD!EpDZ1UIAZ3nn|lJ1~|K6nAw}2hx){`DBaX| zspl^}RuIAGFAep@oDuiA>8C&Yc;oUH4Dy<|a_;P`iR_2)awYz7*j~;;PbxzbruG@V z;*nUQDaBqUKCNZH7cYatewFa_!r-$JKAqbm}2Tj%kt#wmkD(wG0#_}E7nOHq8(3Kb(@-c zJkSN2GnT8|x=-H|c**fBrbN6_GV9vc#ccO@xbXAYjI#JsdOb<=H2Nfb^vZ{MBLxtt zvd0Hdl3R3+;caicGmOkoF^eDP`h0h8F;c?qHKP;78Rd%+eN^h%B_9R{J*ZJ4J|I^C1Ha|HAQ5NQee}dBXSNFAy{^jB;K`cBt-RZO ze}Tts%cJb1^a7XX5AL23OM_hgHJ+=vk=QO-K6O@;&-uWhkg^L1Lyr0G7_0CVRV!6f>rxOvdL<}>v`-g||s z)?yA1kqSLAk5z2sfoj;B45l&o773s_t%oZzGZyrw_-E8oA=#`idv?-IA?K{UAnurB zSHoa7$>FT8(i8D&s15y!*PlBaQBV-bl%&nn^vrfC^v|KfM$#=~UBAen_03bwcJyI| z_PPl6xw@@U5qaeHC~;=fDHAZIh9hXq&2JVYNMm(a^Em`jLnz=@>|uYMeCKrmeLrmY z4XMS^Q7{P{3|Ds-DH4Rd4+u!kUPkzc2@Tb?w|n5QWcPX?LMTsRIDCmOnG8o6dMSI3 zXJ^mW2oya5<;ybO=Gc(OgckkTn}Wf8dQlgj0$K2fwJ!}(LL&ClSyfKm42O{rAFaf% zFIp|kVi*CR$f-Myn85)shu%%TvQb|)wPF7cGK~z)l$nhvMUtDRzm2WnRAbv$7eBO} z`cr?(J5wGYVe?u~=6Z1217YiHuV}zuxAlD;a{69gXNot}I%k!jT`LzWb2`*=j*lG+ z&>cQE#HqbNnui?Qz&&Hb3!W!C_@lJZNjte0Wf_$3i!ZHw=f&v(Pt+AY zMS8|B8u@vwt{0_cH7y zx8IWq%BiZV#*JPgU}b^&>_w^<>$cc5z)1YZ;t#~n$MqjJOPgFe^+u)+aeB(ds6d!Y z@@c*pBP3IB7;4q;K@hSO<eocOj(awI-DZ{D2V3U zq42Iz;JoEMJw0_NK5q*;S=e>4>CR)r^%nU!&>K0YD5nSN4x?9H8IoI1w%1-u1fM86W@E|2y4?uBvSdx9R?;T+`_vO!KKOU+)lyx%c?> z$;C2v{^HEUrfS--0d_e6&8}%0UFz-TpP&ZvnpJOd47L4KIM0t)(TBu?zz`NE_NDUz z;ZC&8n5zt;5heTN$&(;B+l1BB*2$!oe1S$GJ&>l05^{GT1`3DB@i`X(uY(XsE;a$A z5{*pNe5Dm%7f!*gdhwqbV0>Tjyr!@7?oy@8&w)Nff3}>?*v0XO$zZk`LpW}pNGp$` zY?v!;+N&FMZFKu}a8a+yHhyolG?rDbD(Ukhv4v3$aH_b|xD7uz}1v3cRf`yCRj$ zTHY}pZ6}vJN2`&tn);1z%v{c+PSF$T-XiFY?}295z-Dn}bJrObjIPvJc47M}Pax-w zL0@zG-J;bcl$r6sbd9}S@zYj(&36CGT+4x0)lvfp^0gO(!0U|&i*!_tIW$txxg-uu z7mhgFRyX>OJ2?`MG@bb3;^6_##$1^b{B?PXdy1SM@Xa^Nc8k=hwn(clWQ@ijZ(5d^R|iFKn}a3yzj8MAbGqu~=`S_4?O>v77Y=OJwvvi(qTcus1vX!`w~wWOs^9SP{dlcqs$5yJRct z$dq;1FmN;IWiGx`Zf4`MA1oE^Ccv%8ebr^_?ebSyY)fzNWs3ancHjaXAd{n0MiHkr zJ^v`5Hu-YAqT`BwnoGy^lFvQp1Gn9XR&<_i&{rgi^t(=RgDRQp8PI_pKUz8sAn`r zYw!1C?lVMxs7tSm17BBW^=X-FXQy>Kfi-E;QF#F$A79qXI`9Zo(vu31dF>z6-Cjt3 zD>@cqr-+JK`i&r|jhPV0zV<^<%&`$ZhaAXN{`{uKym;=ADp4Yar&_>NZfPXBXLkoM zO}4^*$WqAxx#TQt-7s0lu(SDbxVf8IVNcqSM6A=7mz{vaWiIM2Q1jd467lNfeZ8W} z7|jnFL^qG)5o&%%*PHjx+LOdT={Cc%zAA}iPeSB$TG6;3uFj52ZvGc{yH!0zIz&t# zs${%X&wDo618+8+ks>J82}xe9k0E9#(kTQ6(JAq_4r26VTh)OeA*Tpv#E>v)v1z^! zzsG9mBO=eIqjzC3%5@@`CsRF3=4QTneuj>Nm~pED3CHtKmp@FJQN+Xy4c5DH19u~v zG?b*5J0ip|F{W-Ff{A>e>L^gc%??h}wr0#3ICTff=Fg>hZ27}#$o0==p;lAerW*q{ zc_19?3~H@?BVB1G>x@t}v1FY93Rc~Ep6=o0z%_{gVJ6VtkGRFjIj?@upDo{^rF0mU zQ&jEH^6+w1T$7m49?7zJmLSlbVXv7K++pOFC1eN+4vrqPt<&K7mG3uV-WFDNJ?de~ zi(S5Az0MQSM6F#n>U7nj_P67gu#f-_3$XnE=fT!MN=Ob2QE)#ZubJhnsSJsd>^_dA?m z%P&3A1!KWljeMdq> zWOkj|p=5nccNwX=UqlZnGt5!2w6;9rEJs*qE-kNUQUtTv_geLnq`S8dEOPeNs1J=4 z%Ez-rq`B_gBp{NOmQDmUfQV!&RcxBm8bp$rsFHC8@N)_eC(JkRq8P7Ck^_@hCz}}` zV^W!c(s=ws4OP*@6_`2*T5T*}sVTqewW>`?&-(&od02cfH4HFNEvo~>@USaERudq# zMXw!F?Qnh1@*6(7b*KBr1AIz{hhEpyx8zP)PI2m7T%JenmOg!TMcE4{1Kp zqwYIH(8(xxF@pLa+(~vSJKoU$K|Hou3ZwF!KXurt?XG}S1yKZ28QJ_4139P)0)TVq z0p!qL#n}!8}Ns@p_Ln zJ3RXspzC|ACwiifO~dmQ`U>`7gaw$!9#ns$cI_u$gUs>$FNOATgHUI~COFMVw`;KU3g6JB@g)u(%hMoHHS6=vqT~n>YlU>wVowzDP)aKODLUb1PH3Ho(FHE^4R#z^ zcysnyBEOvjN3Al2@4*HqEvu`}!LSL84?@R?z?{F$B>^H8ThhD`M32jPRonXU4> z%}!b1L~m_Ms}+k|l)ap&RiyOsj5xv^%DHWP^mF+A4Nv+rk5A*)RudR)T7DT|J5ej6 zZjuGWcZw^LunU!Rd=@Tgy3VQB$twp?t?dXYJ<)WB@RiULk%yrQ(^8P>|@ z%6LDL9vezJt-1tUzE$vTKv~50P3BdiqldLTM`1#>@`oq z+TOS*-Go8FV-IS&BuG;ZS}ff!d%ybQw;TK8cM7f7GaMfha;yX2qE)=WKjNn{abX8E zU15P@>~bQMKBiCV1=TYdnX8SR3sai1hUoL#z2ar>|IyV zE~ImM-n*PPcqdZ&A}lAga1L>T7Ss9k{6*4Sdp(z5(YwXcB37$YB_dEz+4pUB9XWE)H_c7Pmn4(&O%BQFR|^K}t%ggO0Dp@!Nf;Z0>!h)|f26xry(7>X3;?QwKLq3- zYLw7|0%WqhL0P3f1ce!-I{jR-52madP@U4Is#PFSqh2$W_x)TxSJ?SEzzlQD?*Urur0oRhUJGXku_WSzwUQQA9lFG=;k z=2gD%tyas@UG~D)+T47{D`0Zes3l0y+&=Xxwo-`alypYGx>e?zc5VF;?*!-dQ~@{C zgzE@5t8;5^+SXdijxP;Cm>D1Pnqum^q%D!|WPZinpvq-9*2|c@bG{cdgGj1eo}JBC zV`CV|El3Cq0in0v*O6}-+@`5&*eVgwcO;<<$~xvcED*H$P;g9mseRnD<=jbEtm7K- za3UasO%h;`J0l9abi~R5GHWJCZOpijj~I7yxo%~_))F&&!uL2QJ7q;GpRIfzYxq;j zG9|rmMg#qa>Wu6cDBWawQqT)GXjvE7ydF8%UL)U+a9aFn;FObnQMS|?!KP7(91!EQ zS(M$WwaZVN#jN}?pKUlfthxj2p9Z?f#Nw3;oFCBvXdu}`NqHkSHeUT{_K%g8dTx9* zInA{U zhNod`)?5*5qw5(%PZu$PjqXl9i2%)Y06A{-XMvQ7H|`(Zwia-!7Z%)S8Z!e`5H6=* zj7U#w2A%2+V)Rz9T3elDWqEVcg(w*xtpYk`+GbUgpD|xim zCyxesZOG4`vTBc{*p4;#XpjPYm(9LPj&-FPafgWs3IU%fpyP?*8})Oo!(pg?oNfce4md~ zJ(`X&DN;g7*cb&*c{Z1N`gwrup^YOS&l(Tnj!qV9x2B8g05Yqvv4hMF&?`68X-G|O zqQ#YRRD+%=(&?#74Uk@xK1LrF75acV1BJNymt$YPA0$o<%=BFKr{PEEjjaSUzxv<{EJ8RY8l?-D6WuwHV!e?$O>M2d|T=X7X`46w8 z6tK$u_l2L{Q~w`*;fNd9dM`-N(5=t!;o)d80uA^p=kvo(Z)=lyaS$8Ny(hDaGiW%J zOa3w}2lz>0g%T1Hrav>o4`v#NI2y0SjB%hX^FlDSxPt87K` zA%_LmU>i5i+hMnFvEh5~Q_fnv@sy;W5crJu& z%`wZ2{Br2g(Wi+p2ito-QCU*@RP~@)3(pE(M8^u)m0b~TdO%hAJ`mX99oDOQ8QBA= z9sRB(Cl?i}`JCte{mI#uA2AURe*eBjK|w<&7gqrjFns%-DDKK#<_>J^mG$hyTkUeC zRJCf2CWXYZL<1v3fJ0%@Dyhf4cu}yabxs$N|9AjQ|JKefU;C9I8Ju(kCa$rReK1Gc z8yi{Yn!M5mb68KGUuptBUAV&zf`}~wNH5h04^bnBoR^Z$O@k_bS2^&{(Zq)L7#Nhu zDDZ24v;254yHT@iuDKwpfhb@AbpQGs2@>r`CBu zN|@rn25D^rsWn}&+MEy%V#d55Y*1 zTM~7z2){0yK|LeLVu%Q0tbXnSG>VHro8)(?(C)4Q0M?Yr*wsf#c%`3w=kl3k4||ZY zF6@1jP=Deo)SXlnK`G*)v+mhb@ez+%qu@bl!$B02xz;R>pFWr=O}e_s6L|VCJi7Y! z?OQp0&y-Y+TqTj^jcn_c!(P$Dr+X*6@m^30VlWdJL71yhaUqV3uPFXHg&hZMsmcx! zR}lCxwy<+r@+#1_qOwW^z=_(JLW71J&*R-##b>xU2c}?C$|5BW>J5 z^%bE29S)|WVpb--;NGStCKcq5INBOr8y~&i@O>&NEnqHNgBHn^iA-!-v)im%Jf zzU8`C6jO2i+1B>9{IY$mn|0BJ1l#)jXz=C|67&Cobr4cz3wN!5o>@8A2$&A(6AH>D zoKJpUvL?!R)Garwti)@sG=t~Q8#-%HxGnznn?LTEtCnge!%g5^A~5t5J>>(%8;KtI zh^o*lyBh+AQ5FC{Pk&3q#sVmWBJr-ycf3Jwb5-N*ac~A zKP^sf8L@cUeNNptUu z`1rwTGSHDMXQ05@#k8GRJj0lKm|!*0^(A-i>fML5=EaExNV?VVxIn;GA)dd}85QnZ zF0OP85vclIZN}6f@dkSO5@2{lzXC+_d@{(z61c34%&T!TWNy!Vmz;;LXl8mIU&--( z#-!|C@!$W;X~RC|8W6PbxE@=cF?fUx-W(o-9mvcnXbWdY@u=f3b zGc*6ME?ivhpOYn$4}=i0tQ6C9mtNOeeHXX^JAZ=^Rql@<93Gk@|qIgiH9Q=hN{e+uTQrLYW5*>Z6_Zh-pY7KBL5`v}(~1T;e8 zsC-heJpG@x`)g&Cl;YUUJ#8qFbqnnK8h~4uMLv#=+f7zhmdgiI+FxWDT~QDn;H!M) zQ_LiT7_wW3jGytP$DeLhy{SAE~sEomjRD958@c6I?^X3*7A82V) z96RLQGGQyu=mr`~>Or)@_U+rf^3R{AXI>J!x#0%RvFJ(Q8U2X;H_apE_70dMJQC4q zlA7noPD;c@;tYUhqzt5qJk|y=XKYdj$>*!J&KV5-#1GYF=2;=nQI82t1VLTKs~3pX zm?-&*NO3PbWjZ5F)53Ei><5e|25Fy^qJYjO87)iErwWTc1<{iuW8`Fmb;(|6>&^CH zaDKL@wK988ZwPk0_XIvt@FEBU&3nRFQ+eV}Y#|s>sBw)5cBj2Phof_QgISfQb7kpY zM&7!T>8z@dn%{@^Mg8DxY!AlCDTZ8FhJ^u&IY6&`5<$DRgs4D|d5unQ$f-gccXyG; zDu&0kAuu&?n<8|ILZ|K$Yg?(Oc(GPsUhU`2(+>h`1vX-URZ*55I9pfZ((6$0aVh$a z(-|XnSko>H7=Z`X`YZlJ9&P}pQ3kC=@hDF1=YQBRWo$wk!?SwISO1CXe21|huq5Tj z(*GeF{_oQN`_}*7I{)49XP)(DA&_-Yznx7rd~W~=6mO1I&pE3FF1~jeOHNUsS;*EB zEZsiY;DMD9ayZzrtn&k8^);wQ%+^RQ6w5I%f);RAsdXX&?#^%kI^5Ru0RQ?*Z+^~e zb{tA#>hX1Z2huaLN!6=>mHqMB%8)e91sv1$G_h={(4;Lu&h*qjIxGfoGbQucMgX;R zfwI}Py7kz?k`iNt`GVw_bxAB>nrQ#xw}}qHqHI>@+rI4-g_ofg*Abk z%Ub_Xj_m(ZD9En=5E2sg21=Fs{<}^}aadWUZ-LHMPHOL$#)e=uUCe5ORyX2v9&ep@#gRbK{ zYZF?XvCQm%m=WS6fJx#l?9L>!tJkSTRZAEZoAYZAAM}X8Uuq~qY?mJb87SU$Hk)HC zt6#^0*rnMlaTg4vW|_ewr1ti-!0B*2;yVthuYQv)q(Bn@#?Iz+Fe9%H`C{fJ3OXUO z!md5)fDNH!q<5!Nh#_nlcSjW;F!vjR&Cv7CjfeBmJY-K zXXB7IWY4G45ff9HhZifQy7%X-^6nj*Lv;dJkDW~eSc~_)YJfy4F(B9)SkWrL7fEzd znVtH2L3J|8ufR{`7EU8zNEsY%;+Q#&xh^ICRb^Ki!=|ANq`fQ;Y8@9`1l+dX-T~-M z0BN`{Tl?yFP+LSo!s1p~d%H~e+eU}j0v8NkAqAi$!IGkQ>VRmK-3M|8*PGju=e^Ln zY%GDL6Vj;fLfp>(Br32c{|8Y)9B7%OuCC9&yEKb;UMaixs$rn$sf5H=`6`Px2N3nd z$&&6hnCE%j08dQ$XVM%IOkC`|hRmuiH_tW+jM7O%*0@ZN=4+MuU2a?|%*@D`4P*$= z4q&~joJ&`BbA$D~S;zq#Wx{hRD2Twv>wzlAfUY*sdlQ5mqr@0LzPk#Gq>(oH`o^v7 zIi~)abe8GC-YNqa(2g^QdeMI`>mjTHWHDyF7z3b+!3O3;p540Lt7p?43m|&}Sb9h3 z-9ORJk>T}!@H@UNS}r$CI)kU~%N5WET99FpMD1U@ew|1pQnXxl8H~K@z}9Ya>9u6* zTUfjRz4Q=yO8!f;@3Hx7HZM_Jf9`)`Z>)VO$_yB|a^N-N>3MJl#)2zZN7#t5$;-a= z43bQ&uK=Q}hB&8e#-AQTyDK*0n_w_+KK0oCoM!RoF^E&S*FQp&|G)fda{wOTVWaap z*tzB7^G#gz2+-h~UfLkGC$UgJBgWeb68|>{`j%Wgk^zSjixatNMta8A9i*Rc#pL(b zb~~4u_fC!@&lNuaSuE!9*N?^(c9P$MWj)7r*jMQ%PNgV-fJ`3X$a%($n0A+jBEf9` zAEYuEE6Kuk@E51<2Zo2o1AGA}kqgR!i4xQGNiQr!fcOI-5=Fj(2m$mM?>q(mb@ES3 zbiYiUn7m+d-KGOM-So=qW0ls-VDdbgK9o!r@IBA{+MLO;sk=pdX*TMQIVF38g<#E> z<}19E6mXx7sM``gtD5i$_rZhAa@II5&;0?_8dbW>tmF^PdsAXT15d}VQ;iF=dztGX z@poC@6)Skn!NU=N7<8&TRvHs~_)t|8V^Q!nAOO}GTbKp<^F`Vis~;)wQX-ay3OfL;GaZd|XeFW>52xmSM5>S0+5y#6 z$+QuT9Lh#2YA94IE$q+&;mTfq?-KrSC*bsg^sv(n#E%4i*L`Bq4c~QFp{jtEv^N7gZGC&2icDj17%n<#pK0e zS%eqLe+O_&0?hAwwn9XubrnFr%&Gca!yIlhK!Ywy@^&ZfrUF_jdC;mQ8JxO_(@57G zqJlU`3pqVcxRux3ahn0+o)(irYu?*hGn=X`Z1)BlrhtVqOg0pbFsR2*xBd7b1A47@ zpEp!M^D^~2pEl~U#wrBb=)P*<_~?fUKN5;zUR*4;9j~x zE&h)m2J4!MMNdZd_uE8ofjZ}N&!tjPirf@IPVb#e=%7c{Zg?~0O%5ZcaE@BQl<{xB z2>!xz#MKms&JO!-UPR#f$yC5xr*z0YgUKohUvcO2G*X3Qk0k!O+6{|7oZPM?opa}y z%w?ZGRv*Yw3?8o)%a&GKt!&DD?yRA3x}ZOdD4S}@_f>5JQ<1sUUC7ycBCW7xQ4 z-B+$vTD={nH}jDR)tYFo6hh|hJ;OFBX^#`i^s^ve8lhOTEb%@xNb>3ef6g0&+y7ef zzt--elI{xiW~G-Wi6DaLR(X4|=vG(|dwhK47f1Jr{iLLebF?h20sgPA|KDfkqBAw* zw(Wu@CB9+dbiTBo|A1ZmL zNs4Ua<1*J@>jtmPPm1_P2;YA%_}@qRKab*nH_iWcEX2nyu9TlXhPqkJfSSOl>#=dB z9inj)2sF1Dhl`TK;#irhc4O3(gX0a{In5e&RM80(IJhp#z=TdXI^O;JR6Y;CqVVWA zqeooPD)f858WRRKdL6_zHT9*U8rH*&$A3%L_l;Gj zHG4Br-1z75spzEW>dOJ%)bw?uWAZ-?XPe^qW2#_UHtRsBHd7RfNj}Lak&tJgj6N+!T zc8`POUAaVt^YZ+r3RKi96C}}ntV2K;@4OyFOYm9km;8LDi`Plj1;ijYdt6_eoPl zOC?+nrZPYwT2LyPQf+hbP5eYG`ZokPQj!gNPcW#`P{4oEVwsyt+2DZ+qzM;(_%8jz zbS>4(MtZ8lp8+Sd@FIigHv>6N>)D$V>-y27pX;j^#t`1Jf_u80{Z0oJ3r6!@BrTh) zC(&bk0+nLnGGM)sBK?{Nn3*KIAIqgp26wt&EO<dt2B-;Ur@INtl~6hvxvb*6>7!zDVm2^HO570w8G zJf9{pZ-KZX5^*{`GJpt|{aVdJc4VgFXK>B^&F~WjQJ@Yhe6$g>-#rr^Ylm(`o!F0i zAKGm08;29Um=T(^*Wt9bhMuYv7njeNXzqSWIxqz$Itjgu`@s+&f7n|YHTaRhsCr&v?DH?1MV zdf0ZebG(N0)l_=LCH1BR^ihb@@%e5xx0OC=mwQ3;S1AGevk}iC5aBUi8q787O87i? zIE%z_U>pOOvqw|D7cwOR_WBrD1vP5stR3|Uro}YcUFm;GDpzaNR4CR=?b1L2cQ$v z-J^9_21a(b@;w#3CmJd!oCo{t*YtXoOZ!X1jygR-k4TlGd#uuX;y`tC+HvN+SW2%= zhfSwmGM`NbkfyPhBE7FSQniv~m|u1CS6nldcj%bl@~PA5+iXCbu-hMO|1@dYu`>og z3C{zc{1H8ye5t?BTmgHWw45d%eQ)mwnC9Ig&lGXrDH5g-2&q3@lWl2gWZF5J3J^`2 zCrMQcDSD~7fij%$^{Bk3bI`DkG3R7h{L;A+XzaGL)I!`;p0K_HhDKR!-41?m(Xx`bnab^bYYKWgOmoZ@V^KdxyiQf{m(B>E>TS=3#U*kXD-ZKpeWv z;=L6;iVVM7+OQBizn&kP$JrW)PP>OERTWQ)6a)o*n& z&uOf|h#SAAl7~z>%@Ek5@2)G-sA=V>lqDM->?{OvxVYLKH=TIM>+gICp1G}sapPQa zL6@1@8y9454INB0R4p&5rE92#H@1}N|1*FdHfP@rI%S~(@Z3?zDy^~@VfS+5Bx1)Q zHkQ^H>4f>=jzSwZ?>^!9g)g162ZBzE&r(Y38v(?%MW#PBRk>noG2Ue;WqzP~0txPRM0RNA9Y-uQmCa zc1XSEKKFZ{}QMRoSd(tPuq}znzYO^>N)f1ulXVUZUv3hzC zh|;fweE)mDVg1)&DfrAATAcRxYsG%~nWQ*}E?(=4zwZzGl$Nx>XHC7Dy?@!XKTa|4 z0rkCNoEeTk|M_db>@tJT5axwoyzSp_@*ioG`pp|5ntt{Pf4>K8UT|>tMhJYpe2Dw3 z+bOtoNvg2pW2sF5X-vu;NN7dKPmIXV5`&#i*Tj}3D1X;sb(p_iJ6 zdlMO2rT(tkCF;+$VDTl}H6A!ZGY#CPE~R@*TFyu=j#_6j-3Ia0)SDsjkqbj0miixy zOZUdRF0gXEnKL6=_x<|yd$06Uw&7H3pY-#aOXAoeRqSGIAq^}Jue1oqdS0(9B#PMB z|EeZz{cLy8mDXqz+yH%E(IQGpaQfvkUM6=vLP&DCn89bkAzHQWX0U0vqTPV1svBUEJNW)nB9HQ6m)pq=bCqfQ~1 z3t@pdYneuv`nIUw+{m4r&If%!$z;bPL0h3NVx89mo&|y+`*JR{Jf&ZywsFoUXvug6h_ep4QIIPq79# zn5S;1sxSO{@PoqjhqTf6177>(Zl62MT0P7Kl%mrq_Z}_2t@hcP*DBj)?7gjYU{o)> zke1-o))vGCsl6T)tyJ^S_ISut=%sByn21sP&w(HZz&{aOf*d6_tga*vndb`^+27Ls zG!?iw_}O*VL%DWFIVjyBfL|HUJ^RM%mHS#h2*dy=7>avFhqAubN#|8=> zYX__EGX&0wE{ret&-{wPnM2y|aQaYgt3Glcrl1N9MWPpq)p8pxN#8B2R!@rH<%Z`* z9Hu{d7+bd*2Q$`@{OLWFAg`L-6!B!mJa{jh4E6iLB3os{O;Nne(2bbg$iM7`#U_sb zMd+Py;iI9~d&qTSo7Lfy#YcxJ*1_k>9A>BE{!e??8P!zQwN-FHQ4~dDp{UG=bP$kU z93(g(L8(ef5LAj3=>!59u%MxY83dFP)QBh@DWNwhN(y!34{zuC?S;Z;(UMJ z=Z>{(KJ?EaX&pvxU``LHxD?v4ML5%5BkG8#QQpD3cSM@qo1bhv-pI?}0=^|P) zrib=zXM$BFo#U@|uj(wW;l;2wk>Q)~OMOWw^}G)jSD%LkXGYC7cJydETiIy3ue{N^ zu(wX6aG=pb)uZnZS&zuy5&{s`s(%BYbOx)2{UclIH5_xJ>YvayjZrQhxM(@|S1hMd zs}>0|*=u+A-(V<$@K{KPc#vnFF8WHAowy;p#4vFXvYoa@R#sBjGam3wPPfc@Euwp^ z5w)lf?ie84ecN9WdpYAGT_~<0QW(wg6!nwr`C2hQDJp6yxA=EsHiAf)dL__!d@y(O zjaI5@Yy&5AJ5euO6WyoaqZ@9(fx6doYTF_)YdwuAN~1J2$87&u4HK0NV+s&(h~cN| zgnX~;ro!5>XhdPvIYJuOpFu*3%oB>uIvmV9}ROn8Ku-#aPqSgyWJ!h_F$hBWv!nxQdclaVKSk@>lV+@b(pv53}|p%~e@KJ^WW% zZ>2KfX7xb{1J%1%xi_^%dnf_U0umcVqOFo?(CWt0^B5SzZ?w{lGhiXROKER0i1Ju)+4ouuM13lX6arQ@|1Gjee(knI;CG( zBjc>kmGC!n@h1$?69!wwoQt+NN!h9%X|P{C*%?6KLPa-O4kvTg8LEp<4y766LDr|3 zjRRlaTGYDQ+#_!kz=_d%k1olI_S|9l-RdIHLszSx(R``d0C%|cupG^+`-0JW_A^Ab zSqM3mLKW8vV~wSzbjYvT7dc(y1ZQyRRx05};lVWlU93pEU$AgYAGymtEpEoXjOCQo zHupKG{2uO1+x%DaR6Tp8|awW3_FB zL7^iqp==_+N0p{Vz+nqRvp=G!`zte%>Ua{6If%Nbk9t{dJAbiluCLj1JzA1vn(HaH zp8FRzf6(cTWm^8+Fn98HIsBmy$0eZaRd8)cR#$8YAWXl$mQa4I;>K=INgh4zJHAIk zclm1`7T!9ZdW&lJC}gS$MWD1RHXI3Q0D@cu#C{_)ZgeE*mEu*>c|HLx@ z8hd~75Sh7s)64~-u`EBk|KDq*#d;=|JDUO)I55XsMp2ISfec(ZN zCPY;dk1wY_&)CynM>dHIU(r$lONCu8ZM^l7X0?>H)y?v@^A!Raq(JW(HZZTL23$Zt z>86B)bO~vaJ^2##);p(y*KOq~9W>iGl*mg{$>q;ygSv}{(kc3Ymy_Ths zC8TrwOjofX#g@v7F;sK+#>kZYroQn$w?V>GoRiyz$bqZh6DBh|XYu-6>|JT~z-u^H za{gZ+({K*Cr+JQ8(dF9QA`|BZui!e9Qr{jMjzw$L-uU%>5IqpTp|ZXzl}%(Xxt6;_ zZ*9$3Z>ttIY`N}-#*Jg%8NWELgdT zmb>q-zV?ZgT!~iKVe69TQ{PZQj}x@yYl0+1IVZ>*J663sPEUruelUNkHMzm*;adQX znKj}pbMLPm!kWl;5#}3Q%Awf>QM|DQH>D|NuO(Qr`Z?%A&6-3q>YsUx=yS3O(xLOB z8__aOTN7vYC5U9WnE&*n7BDJZkp(D;6}e9HE4k>^U=&soevLlmm_Q z_PQNH7T)ODiiz`;n;q&l0Rc$#!*!@A?Qe4iDsVhq42?=qr6!`qg8e8Vj#-_>gOoz` zmWlvm*J;hzk6I4x)A#zN`d zw(-xpo5xcf0sI%Itz%yN%nu&r7m3d&QQT8Oc|?0hjMeGbY@nhvEKDA)(;JAMmEB#5 zBb#Jg^meKxaV&75n-~L}%yv=8(8V}q`jt;`o}lK>CIith!Z9@CBhkjhWtD$1V}lxY zYgRdwF(np|;!^%dPq2q4_Tv}49nFA^BK#%f_yrdvb~n$B`v=?qFfK$$Z@E>&^Ui9B zt~2z~9{%yFKV8@fr)v0kMKXDCUjej!?VvNm6=1KOoATJTzO(yz$J=p`D}lgdQCqt- zev*ya73~b9oEB?d$p1&s_P-Z>1izOb%jNJ5A$~S)h_jJO&HUY>A2tfawl0P{!%_}i zWAUWUqSr+{NHxxEdc}X3LF3ve!X0Nw3M{uJt8U_o-77^NXHuC9-!6-3H%leQ|rO<=Xn`Xe4VERf4zwyMx zwCgV|GFJR&ziyuhq>M`)8sApD6+n7suzLoaV{b@*zId52tD4`9BBCEzkcBM(SiRBe}7lJQ?}&5t9j;uJywFrUa$ zu8{@DYsnH1YyXn@3s&-rsZA00g&6f8usZL=H5G-yRbub{0? zhl4km?Qv5pqvIgWi6DOk=XFV6Mqc1`~!=pGSAul7jZ*Smy z+w3->xW(m96tmIUfa0`0iDB$>7XP-Y9|GEGp&o4e0@LCzPZhG;tYv7{W zI^L|7jNd?QvMEtcN@*|_@-7W&5-Y4faE~bfA~UD1!G(vuNsl`<_|AO7wRW?^8xxGo z#Y)z!%%gOOyk7&TKQw|~e*ckS+|wycapO37I@X8xS9S%Dh(DQS!RN=_g2a<%`3lFF zF_1WrzOy)OIKtcE9W}9Yu#{c#qDKtgDHE}(tzQ2cdG(}5_@%NB@K!I}qV$0LCR$9$ zq+W$(uj)Efy|kc4Fky_xf(hy}RH2xD#cqU;=T5SJ<#Kr}FJRY-PLYQy#PeBa0BAS0&Rz;)&A0K2M2-m&EI$n}(72be zuVi^(osrvqpg=f~8Pihg5h3CZBt7W7^|AM=v@SzIDnoa5OB7XU!Fqs!8l;ATbE=Kp z@ip>vjqHf>o3BvH@R_+kqdRQHpU$O$AJ6K@<4lAwa(0TR zrF7E_C5N>j5me&wzo6LcZyM_t60^hrR?w#u4gSbuf}_DA&$-N*^0j`J>bLm(IQ#wx zw$^D#)<4T5Ri4IW{pkR`1DG$rC)1EMrvs7!UaG&dK4FXFFFk-L&2Ej|EcV1hfk5f# z)Ia4XBRdl7U%%&m(wh2&&V@rV@UZoTGQ;>q3+ZV9zgZWkXPf3rBBwyEQ#U8PF0OhO zh0b=vT5nAo+=$o7S{|V5j*5~6hpzt18*iH(zu;|Swz8eXCKQ;+{lFhC2<)lnvPZEu z&4kZeYSXg^GBML}Dc?ZK;pfgxaNpl(@U~M+uq!0Cu1y;p#hSv7`-}!diVGT#9J1tC zb-#$TEDO+Gzi?JDDQM=pJs6-N0iKN(gw7vuwMc7^Qyx14*y~CJr|FVR`}K~Eo24UG znB1V|n2B~b^oARaI~4GuE*W&YW@aE_U|F+cGkLr6t2Rta^H8F56~k9sAyrB(hkL%J_BVjLYeJh6H`m|K^wXG$X_7mZPt z^OBkp0lTYvBml#6J5HB?_WE*$byufIB%oA**B&ug-nnTl9^?Go-~{h5%cG|GKV+(Q zI@=rtnB`>uOy1#vH=}EIm}NS4_y;0>r*qyufLZ>m1>u#|4zoH~Qb@oCA*P|LPcB{Puf~RjC5S#A-G3@B8gJ_*>F8hB-0ZKm>rDnS(yh zwvC(tP+4)ICWtO4UYMVor&e*~(<_gyh)$$E*NfGtv650A&aDiN%N0{>?yMX5p6UgPF-(6z<2UEdHQ2+n{ literal 0 HcmV?d00001 From 75d4b895c44181bd0a14a5f4adc0cead00c3c9f5 Mon Sep 17 00:00:00 2001 From: michaeljguarino Date: Sun, 22 Sep 2024 16:16:25 -0400 Subject: [PATCH 20/21] Get these docs over-the-line Fixes up the: * pr automation * microservice * pipeline docs Also rearranged structure and started pruning some old, stale docs --- pages/how-to/deploy/microservice.md | 91 ++++++++++ pages/how-to/deploy/pipelines.md | 200 ++++++++++++++++++++++ pages/how-to/deploy/pr-automation.md | 110 ++++++++++++ pages/how-to/set-up/index.md | 4 - pages/how-to/set-up/micro-service copy.md | 73 -------- pages/how-to/set-up/micro-service.md | 73 -------- pages/how-to/set-up/pipelines.md | 64 ------- pages/how-to/set-up/plural-cli.md | 28 --- pages/how-to/set-up/plural-console.md | 19 -- pages/how-to/set-up/pr-automation.md | 46 ----- pages/how-to/set-up/workload-cluster.md | 12 ++ pages/index.tsx | 28 +-- src/NavData.tsx | 106 +++--------- 13 files changed, 441 insertions(+), 413 deletions(-) create mode 100644 pages/how-to/deploy/microservice.md create mode 100644 pages/how-to/deploy/pipelines.md create mode 100644 pages/how-to/deploy/pr-automation.md delete mode 100644 pages/how-to/set-up/index.md delete mode 100644 pages/how-to/set-up/micro-service copy.md delete mode 100644 pages/how-to/set-up/micro-service.md delete mode 100644 pages/how-to/set-up/pipelines.md delete mode 100644 pages/how-to/set-up/plural-cli.md delete mode 100644 pages/how-to/set-up/plural-console.md delete mode 100644 pages/how-to/set-up/pr-automation.md diff --git a/pages/how-to/deploy/microservice.md b/pages/how-to/deploy/microservice.md new file mode 100644 index 00000000..7f85e786 --- /dev/null +++ b/pages/how-to/deploy/microservice.md @@ -0,0 +1,91 @@ +--- +title: Setting Up an Example Micro Service +description: Deploying a basic Microservice to a cluster managed by Plural +--- + +# Overview + +Now that you have a few clusters up, you'll likely want to start deploying real workloads into them. This will show you a relatively basic usecase with an example repo we've created at https://github.com/pluralsh/plrl-cd-demo.git. + +You will: +* add a new git repository to your Plural Console +* deploy a service to a workload cluster with a git hosted helm chart. + +It's worth noting you can put the helm repository in any repo, it doesn't have to be the application repo. You can also create your own helm repository using OCI or Github Pages, and source charts from there. + +## Add the Application's Git Repository + +To deploy anything, you need to have a repository to source yaml manifests from. We'll just use a basic Git repository, done by adding to `bootstrap/repositories/cd-demo.yaml`: + +```yaml +apiVersion: deployments.plural.sh/v1alpha1 +kind: GitRepository +metadata: + name: cd-demo +spec: + url: https://github.com/pluralsh/plrl-cd-demo.git +``` + +The example repo is public, if yours requires authentication, you can backfill the auth information in the UI, or a simple way to check it all into Git is reference an `SCMConnection` that can provide repository read permissions, like so: + +```yaml +apiVersion: deployments.plural.sh/v1alpha1 +kind: GitRepository +metadata: + name: cd-demo +spec: + url: https://github.com/pluralsh/plrl-cd-demo.git + scmConnectionRef: + name: github + namespace: infra +``` + +{% callout severity="info" %} +`scmConnectionRef` requires that you use an `https` git url +{% /callout %} + + +## Add a ServiceDeployment to point to that Git Repository + +You'll also want to register a new service deployment for this `cd-demo` repository, that can be done by writing to `bootstrap/cd-demo/dev.yaml`: + +```yaml +apiVersion: deployments.plural.sh/v1alpha1 +kind: ServiceDeployment +metadata: + name: cd-demo-dev + namespace: infra +spec: + namespace: cd-demo + git: + folder: helm # this is where the helm chart is located in the git repository + ref: main + repositoryRef: + kind: GitRepository + name: cd-demo + namespace: infra + helm: + values: + image: + repository: ghcr.io/pluralsh/plrl-cd-test + tag: latest # VERSION + clusterRef: + kind: Cluster + name: plrl-how-to-workload-00-dev # replace this with whatever you might have named your dev cluster + namespace: infra +``` + +## Push to Deploy + +We registered all these manifests under the root `bootstrap` folder a `plural up`-derived management cluster listens to by default, so all you should need to do is either: + +```sh +git commit -m "setup example microservice" +git push +``` + +or create a PR, approve it, and merge to have this new service deploy. + +{% callout severity="info" %} +You might need to wait a minute or two for the system to poll git and realize there's a new change. +{% /callout %} \ No newline at end of file diff --git a/pages/how-to/deploy/pipelines.md b/pages/how-to/deploy/pipelines.md new file mode 100644 index 00000000..ac005c43 --- /dev/null +++ b/pages/how-to/deploy/pipelines.md @@ -0,0 +1,200 @@ +--- +title: Setting Up a Dev->Prod Pipeline +description: Using Plural PR-based Pipelines to automate Dev -> Staging -> Prod Promotions +--- + +# Overview + +We've already gone over provisioning clusters, deploying a basic cluster runtime, and setting up a microservice. You can use almost all those tools for a general deployment process if you wanted to and still maintain good velocity overall. But any robust organization is going to split their environments into at least a `dev` and a `prod` stage, and start wasting cycles on promotions between them. Plural Pipelines are meant to solve for that. + +This tutorial will cover: + +* Using the cluster-creator PR Automation (PRA) to setup a prod cluster. +* Using the same technique as in the [Deploying a Microservice](/how-to/deploy/micro-service) tutorial to set up an example prod service +* Setting up a `PrAutomation` for generating the promotion related GitOps codechanges needed +* Setting up a `Pipeline` to orchestrate our promotion process. + +## Setup Your Prod Cluster + +Go through the [Setting Up Your First Workload Cluster](/how-to/set-up/workload-cluster) tutorial again to create another cluster which will serve as the prod cluster. This will involve: + +1. Call the `cluster-creator` PRA to generate a PR to create your cluster. Approve and merge it. +2. Wait for the new stack to be spawned, and approve its run. +3. Wait 10-20m for EKS to provision fully and be registered in Plural. + +## Setup the Prod Instance of the `cd-demo` Service + +Imitating the [Setting Up a Microservice](how-to/deploy/microservice) tutorial, write a new `ServiceDeployment` to `bootstrap/cd-demo/prod.yaml`: + +```yaml +apiVersion: deployments.plural.sh/v1alpha1 +kind: ServiceDeployment +metadata: + name: cd-demo-prod + namespace: infra +spec: + namespace: cd-demo + git: + folder: helm # this is where the helm chart is located in the git repository + ref: main + repositoryRef: + kind: GitRepository + name: cd-demo + namespace: infra + helm: + values: + image: + repository: ghcr.io/pluralsh/plrl-cd-test + tag: latest # VERSION + clusterRef: + kind: Cluster + name: plrl-how-to-workload-00-prod # replace this with whatever you might have named your dev cluster + namespace: infra +``` + +## Setup The PR Automation to Perform Promotions + +We're going to use PR-based pipelining. The main goal of this is to ensure all changes made to the system are recorded in Git for auditing and to ensure your setup is fully repeatable. The PR Automation needed is relatively simple: + +```yaml +apiVersion: deployments.plural.sh/v1alpha1 +kind: PrAutomation +metadata: + name: cd-demo-pipeline +spec: + name: cd-demo-pipeline + documentation: Updates the cd-demo service along each pipeline stage + updates: + regexReplacements: + - regex: "tag: (.*) # VERSION" + file: bootstrap/cd-demo/{{ context.pipeline.stage.name }}.yaml + replacement: "tag: {{ context.version }} # VERSION" + scmConnectionRef: + name: github + title: "Updating cd-demo version to {{ context.version }} (stage={{ context.pipeline.stage.name }})" + message: "Updating cd-demo version to {{ context.version }} (stage={{ context.pipeline.stage.name }})" + identifier: your-org/your-plural-up-repo # <---- replace with the slug for your plural up repo + configuration: + - name: version + type: STRING + documentation: The version tag to use +``` + +## Define Your Pipeline + +Now that those two resources are in-place, you should be able to define your pipeline: + +```yaml +apiVersion: deployments.plural.sh/v1alpha1 +kind: Pipeline +metadata: + name: cd-demo +spec: + stages: + - name: dev + services: + - serviceRef: + name: cd-demo-dev + namespace: infra + criteria: + prAutomationRef: + name: cd-demo-pipeline + - name: prod + services: + - serviceRef: + name: cd-demo-prod + namespace: infra + criteria: + prAutomationRef: + name: cd-demo-pipeline + edges: + - from: dev + to: prod + gates: + - name: approval-gate + type: APPROVAL +``` + +To give a quick overview of what this resource is doing, it is: + +* creating a pipeline with two stages, dev and prod. Dev just has the `cd-demo-dev` service in it, and Prod has the `cd-demo-prod` service. +* Updates to each of these services use a PR Automation, defined by the `criteria.prAutoamtionRef` field. That's pointing to the `cd-demo-pipeline` `PRAutomation` CRD we created above. +* The single dev -> prod edge defined has just a standard push-button approval gate. + +Since this is also wrapped into a repeatable, declarative api, it's very easy to generate these dynamically using a wrapper PR Automation or any other codegen process. + +## Push to Deploy + +We registered all these manifests under the root `bootstrap` folder a `plural up`-derived management cluster listens to by default, so all you should need to do is either: + +```sh +git commit -m "setup our cd-demo pipeline" +git push +``` + +or create a PR, approve it, and merge to have this pipeline deploy. + +{% callout severity="info" %} +You might need to wait a minute or two for the system to poll git and realize there's a new change. +{% /callout %} + +Once you've configured all of these, you should see the new Pipeline available at https://{your-console-domain}/cd/pipelines + +## Trigger your Pipeline + +A pipeline is triggered by binding a pipeline context to it. To test, it can be easiest to simply use the ui, which can be done by + +1. Navigate to https://{your-console-domain}/cd/pipelines and click on the `cd-demo` row +2. Click `Add Context` at the bottom of the dev stage +3. Enter a json blob like `{"version": ""}` to setup a new context. The context should match `spec.configuration` from the PR Automation `cd-demo-pipeline` you created for this pipeline. + +You can also trigger the pipeline via CRD, wich can be done by writing a file to `bootstrap/cd-demo/context.yaml`: + +```yaml +apiVersion: deployments.plural.sh/v1alpha1 +kind: PipelineContext +metadata: + name: cd-demo-context +spec: + pipelineRef: + name: cd-demo + namespace: infra + context: + version: {{some-docker-tag}} +``` + +## Use an Observer to Automate Pipeline Context Creation (EXTRA CREDIT) + +The [Observer](/deployments/operator/api#observer) CRD is designed to poll external registries, like an OCI docker image registry, or a helm repository, or even Git, and execute defined actions based on the result. If you've adopted a `semver` based release versioning process, this can simplify the process of picking up new images to deploy, and also enhance security by adopting a "pull" model for deployment, instead of requiring a CI-derived push and the network security issues that creates (having to whitelist all Github or CircleCI IP-ranges). + +If you want to do this, a simple observer CRD that could be implemented would be, defined at `bootstrap/cd-demo/observer.yaml`: + +```yaml +apiVersion: deployments.plural.sh/v1alpha1 +kind: Observer +metadata: + name: cd-demo +spec: + crontab: "*/5 * * * *" + target: + order: SEMVER + type: OCI + oci: + url: ghcr.io/pluralsh/plrl-cd-test + provider: BASIC # we support most OCI auth methods, this is public so easy to use + actions: + - type: PIPELINE + configuration: + pipeline: + pipelineRef: + name: cd-demo + namespace: infra + context: + version: $value # the $value is the convention for the result of the poll operation against the OCI repo +``` + +Basically what this resource will do is: + +1. Poll the `ghcr.io/pluralsh/plrl-cd-test` OCI repo using public credentials according to the `*/5 * * * *` crontab (every 5 minutes) +2. When a later semver is discovered (`order: SEMVER`), persist it as the new latest and trigger the associated actions. +3. Execute the lone action, to attach a new pipeline context which will resolve to `{"version": "$value"}` where `$value` is the new latest semver \ No newline at end of file diff --git a/pages/how-to/deploy/pr-automation.md b/pages/how-to/deploy/pr-automation.md new file mode 100644 index 00000000..f7073cf3 --- /dev/null +++ b/pages/how-to/deploy/pr-automation.md @@ -0,0 +1,110 @@ +--- +title: Use PR Automations for General Self-Service +description: Use a PR Automation for an example Self-Service S3 bucket creation workflow +--- + +# Overview + +Cloud infrastructure changes rapidly, and often the manual nature of infrastructure-as-code workflows can become a drag on velocity, causing organizations to reach to more self-service approaches. This can involve stitching together Backstage, Gitlab, ArgoCD, or any other set of tools. Plural provides a single cloud orchestrator to provide all those key functionalities in one control plane. + +We'll show how this can work beyond just a K8s provisioning usecase, to provisioning an S3 bucket, a common resource also needed by Kubernetes workloads. It'll operate by: + +* Creating a PR Automation (PRA) to make the provisioning of buckets repeatable +* Using that PRA to create an `InfrastructureStack` to provision the s3 bucket using a Plural terraform stack. + +{% callout severity="warning" %} +This Guide will not work properly unless you've finished the tutorial [Integrate with your Source Control Provider](/how-to/set-up/scm-connection). +{% /callout %} + +## Define the PR Automation + +This PR Automation is going to leverage resources that have already been created in the `plural up` repo for you, in particular: + +* `terraform/modules/blob/s3` - a basic s3 bucket module we've predefined that can be used for provisioning the bucket +* `templates/blobstore/*` - a couple of templates that will be used to setup the blobstore provisioning process via a PRA + +Given those manifests, the PR Automation yaml could be something like this, which you'd place in `bootstrap/pr-automation/blobstore.yaml` + +```yaml +apiVersion: deployments.plural.sh/v1alpha1 +kind: PrAutomation +metadata: + name: blob-creator +spec: + name: blob-creator + documentation: | + Sets up a PR to provision a blobstore with a given type (eg s3) and region + creates: + templates: + - source: templates/blob/stack.yaml + destination: "services/blobstores/{{ context.type }}/{{ context.name }}.yaml" + external: false + - source: templates/blob/service.yaml + destination: "bootstrap/blobstores.yaml" + external: false + scmConnectionRef: + name: github + title: "Adding a {{ context.type }} bucket {{ context.name }}" + message: "Setup a stack to manage the {{ context.name }} {{ context.type }} bucket" + identifier: your-org/your-plural-up-repo # <---- replace with the slug for your plural up repo + configuration: + - name: name + type: STRING + documentation: the name of this blob store (if using s3, this would become an s3 bucket name) + validation: + regex: [a-z][a-z\-0-9]+ + - name: type + type: ENUM + documentation: the type of blob storage to provision + values: + - s3 + - name: region + type: STRING + documentation: the region your blobstore will live in +``` + +Breaking down what this resource does, since it's somewhat complicated: + +* It'll create a self-service wizard in the Plural UI to provision new blobstores. The inputs to that wizard are defined in `spec.configuration`. The API will also typecheck each input provided to ensure everything is sane (notice the name field also has an additional regex validation to ensure properly formatted names are provided). +* It'll write two files: + 1. `bootstrap/blobstores.yaml` - this creates a service to own each of the blobstores. This is just to prevent the main `apps` service synced under the `bootstrap` folder doesn't become too bloated. + 2. `services/blobstores/{type}/{name}.yaml` - This records the actual `InfrastructureStack` crd which configures the Stack which will own deployment of this instance of the `terraform/modules/blob/s3` stack. +* Finally it'll create a PR with those changes against the source repo configured at `spec.identifier`. The `scmConnectionRef` provided will need permissions to create PRs and push to this repo for that to work. + +## Push to Deploy + +We registered all these manifests under the root `bootstrap` folder a `plural up`-derived management cluster listens to by default, so all you should need to do is either: + +```sh +git commit -m "setup blobstore pr automation" +git push +``` + +or create a PR, approve it, and merge to have this new pr automation deploy. + +{% callout severity="info" %} +You might need to wait a minute or two for the system to poll git and realize there's a new change. +{% /callout %} + +Once you've configured all of these, you should see the new PR Automation at https://{your-console-domain}/pr/automations. + +## Execute the PR Automation And Merge + +Once the PR Automation is created, the process is very straightforward + +1. Go to https://{your-console-domain}/pr/automations +2. Click `Create PR` on the row with your new automation, and enter the wizard. This will create a new PR +3. Wait for the `apps` service to sync, or manually sync it with the UI. +4. Go to https://console.mgmt.plural.sh/stacks and find a stack named blobstore-{name}. This should have a run either in-progress or `Pending Approval`. +5. Validate the `terraform plan` in that run, either using the dedicated `Plan` tab or the command output. Click `Approve`. + +Once `terraform apply` completes, you should have a new S3 bucket! + +## Generalizing the workflow + +This is relatively overkill if you're just creating an S3 bucket, but the pattern can be easily generalized to other cloud provisioning usecases. The general flow is: + +1. Write a single terraform module to accomplish the goal, eg creating a RDS database, or S3 bucket, or Azure Virtual Network. +2. Write a few liquid templates to define how these will be instantiated as `InfrastructureStack` resources, and maybe how to chain syncs via services descended from the main `bootstrap` folder. (That's the purpose of the `bootstrap/blobstores.yaml` file). +3. Write a PRA to automate generation of the files from (2). +4. Profit! diff --git a/pages/how-to/set-up/index.md b/pages/how-to/set-up/index.md deleted file mode 100644 index 8dc538f2..00000000 --- a/pages/how-to/set-up/index.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -title: Set Up -description: Guides for Deploying and Setting Up Plural ---- \ No newline at end of file diff --git a/pages/how-to/set-up/micro-service copy.md b/pages/how-to/set-up/micro-service copy.md deleted file mode 100644 index 2b039706..00000000 --- a/pages/how-to/set-up/micro-service copy.md +++ /dev/null @@ -1,73 +0,0 @@ ---- -title: Setting Up a Micro Service -description: Deploying a Micro Service with Plural ---- - - -# Set Up -This example will deploy the [Plural CD Demo](https://github.com/pluralsh/plrl-cd-demo) App - -#### Add the Application Repository -* In your _Infra_ repo, add the `GitRepository` CRD - * `/app/repositories/cd-demo.yaml` -```yaml -apiVersion: deployments.plural.sh/v1alpha1 -kind: GitRepository -metadata: - name: cd-demo -spec: - url: https://github.com/pluralsh/plrl-cd-demo.git -``` -* The Plural repositories Service Deployment watches for changes in `/app/repositories` and will sync it to the management cluster - * The status `Pullable` means the Repository is ready to be used. -![import-git-status](/images/how-to/import-git-status.png) -* Setup a Dev and Prod ServiceDeployment using the Added Repo -```yaml -apiVersion: deployments.plural.sh/v1alpha1 -kind: ServiceDeployment -metadata: - name: cd-demo-dev - namespace: infra -spec: - namespace: cd-demo - git: - folder: helm - ref: main - repositoryRef: - kind: GitRepository - name: cd-demo - namespace: infra - helm: - version: "x.x.x" - release: cd-demo-dev - values: - image: - repository: ghcr.io/pluralsh/plrl-cd-test - pullPolicy: IfNotPresent - tag: "sha-783cc0c" - ingress: - enabled: true - className: nginx - annotations: - cert-manager.io/cluster-issuer: letsencrypt-staging - hosts: - - host: cd-demo.plrl.livingroom.cloud - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: cd-demo-dev - port: - number: 80 - tls: - - secretName: cd-demo-tls - hosts: - - cd-demo.plrl.livingroom.cloud - clusterRef: - kind: Cluster - name: plrl-how-to-workload-00-dev - namespace: infra -``` -* You should be able to see the service and all its components running -![](/images/how-to/micro-service.png) \ No newline at end of file diff --git a/pages/how-to/set-up/micro-service.md b/pages/how-to/set-up/micro-service.md deleted file mode 100644 index 2b039706..00000000 --- a/pages/how-to/set-up/micro-service.md +++ /dev/null @@ -1,73 +0,0 @@ ---- -title: Setting Up a Micro Service -description: Deploying a Micro Service with Plural ---- - - -# Set Up -This example will deploy the [Plural CD Demo](https://github.com/pluralsh/plrl-cd-demo) App - -#### Add the Application Repository -* In your _Infra_ repo, add the `GitRepository` CRD - * `/app/repositories/cd-demo.yaml` -```yaml -apiVersion: deployments.plural.sh/v1alpha1 -kind: GitRepository -metadata: - name: cd-demo -spec: - url: https://github.com/pluralsh/plrl-cd-demo.git -``` -* The Plural repositories Service Deployment watches for changes in `/app/repositories` and will sync it to the management cluster - * The status `Pullable` means the Repository is ready to be used. -![import-git-status](/images/how-to/import-git-status.png) -* Setup a Dev and Prod ServiceDeployment using the Added Repo -```yaml -apiVersion: deployments.plural.sh/v1alpha1 -kind: ServiceDeployment -metadata: - name: cd-demo-dev - namespace: infra -spec: - namespace: cd-demo - git: - folder: helm - ref: main - repositoryRef: - kind: GitRepository - name: cd-demo - namespace: infra - helm: - version: "x.x.x" - release: cd-demo-dev - values: - image: - repository: ghcr.io/pluralsh/plrl-cd-test - pullPolicy: IfNotPresent - tag: "sha-783cc0c" - ingress: - enabled: true - className: nginx - annotations: - cert-manager.io/cluster-issuer: letsencrypt-staging - hosts: - - host: cd-demo.plrl.livingroom.cloud - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: cd-demo-dev - port: - number: 80 - tls: - - secretName: cd-demo-tls - hosts: - - cd-demo.plrl.livingroom.cloud - clusterRef: - kind: Cluster - name: plrl-how-to-workload-00-dev - namespace: infra -``` -* You should be able to see the service and all its components running -![](/images/how-to/micro-service.png) \ No newline at end of file diff --git a/pages/how-to/set-up/pipelines.md b/pages/how-to/set-up/pipelines.md deleted file mode 100644 index 237862d0..00000000 --- a/pages/how-to/set-up/pipelines.md +++ /dev/null @@ -1,64 +0,0 @@ ---- -title: Setting Up a Pipeline -description: Using Plural Deploy Pipelines ---- - -# Prerequisites - -#### Ensure your _[app.plural.sh](https://app.plural.sh/profile/me)_ User has `admin` permissions - - -# Set Up -This example will setup pipelines to deploy the [Plural CD Demo](https://github.com/pluralsh/plrl-cd-demo) - -* We'll Create a Prod Cluster to promote the _cd-demo_ application to - * We'll follow the [steps for creating a new cluster](/how-to/set-up/workload-cluster), but select the `prd` tier - * Merge the changes from the PR Automation and Approve the Stack changes - * Once the cluster is created successfully we can create the prod service deployment - - -* Create a Pipeline.yaml in your _infra_ repo: -```yaml -apiVersion: deployments.plural.sh/v1alpha1 -kind: Pipeline -metadata: - name: cd-demo - namespace: infra -spec: - stages: - - name: dev - services: - - serviceRef: - name: cd-demo-dev - namespace: cd-demo - - name: prod - services: - - serviceRef: - name: cd-demo - namespace: cd-demo - criteria: - serviceRef: - name: cd-demo - namespace: cd-demo - secrets: - - version - edges: - - from: dev - to: prod - gates: - - name: approval-gate - type: APPROVAL ---- -apiVersion: deployments.plural.sh/v1alpha1 -kind: PipelineContext -metadata: - name: cd-demo-context -spec: - pipelineRef: - name: cd-demo - namespace: infra - context: - version: 6.5.4 -``` -* Apply the yaml to your Management Cluster - * `kubectl -n infra apply -f pipline.ymal` diff --git a/pages/how-to/set-up/plural-cli.md b/pages/how-to/set-up/plural-cli.md deleted file mode 100644 index a37e8329..00000000 --- a/pages/how-to/set-up/plural-cli.md +++ /dev/null @@ -1,28 +0,0 @@ ---- -title: Installing the Plural CLI -description: Guides for installing the Plural CLI ---- - -### Install Prerequisites - -[Mac Homebrew](https://brew.sh/) -```sh -/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" -brew update -``` - [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-welcome.html), [Helm CLI](https://helm.sh/), [Terraform](https://developer.hashicorp.com/terraform/intro), [kubectl](https://kubernetes.io/docs/reference/kubectl/) -```sh -brew install awscli helm terraform kubectl -``` - -### Install [Plural CLI](https://github.com/pluralsh/plural-cli/?tab=readme-ov-file#installation) -```sh -brew install pluralsh/plural/plural -``` - -### Validate Install -```sh -plural login -``` - - diff --git a/pages/how-to/set-up/plural-console.md b/pages/how-to/set-up/plural-console.md deleted file mode 100644 index 1a45b1c1..00000000 --- a/pages/how-to/set-up/plural-console.md +++ /dev/null @@ -1,19 +0,0 @@ ---- -title: Setting Up Plural Console -description: How to Deploy the Plural Console to a MGMT Cluster ---- - -### Prerequisites -[Plural CLI](/how-to/set-up/plural-cli) - -### Deploy Plural Console -The `plural cd control-plane` command creates the _`values.secret.yaml`_ -and we use `helm` to apply them to the cluster -```sh -plural login -# Note: If you deployed using bootstrap terraform you can get the PSQL connection string from running: terraform output --json -plural cd control-plane -helm repo add plrl-console https://pluralsh.github.io/console -helm upgrade --install --create-namespace -f values.secret.yaml console plrl-console/console -n plrl-console -``` - diff --git a/pages/how-to/set-up/pr-automation.md b/pages/how-to/set-up/pr-automation.md deleted file mode 100644 index da6d5f3c..00000000 --- a/pages/how-to/set-up/pr-automation.md +++ /dev/null @@ -1,46 +0,0 @@ ---- -title: Setting Up PR Automation -description: Using Plural CLI to Deploy a Workload Kubernetes Cluster ---- - -# Prerequisites -[Plural CLI](/how-to/set-up/plural-cli) - -#### Ensure Cloud Provider CLI Authentication -**Plural** uses the _default_ profile when deploying resources - -AWS -```sh -aws sts get-caller-identity -``` -AZ -```sh -az account show -``` -GCP -```sh -gcloud auth list -``` - -#### Ensure your _[app.plural.sh](https://app.plural.sh/profile/me)_ User has `admin` permissions - -```sh -plural login -``` - -# Set Up -Self-service PR automation for common usecases - -chose creating a new database with Stacks, write basic terraform setup for db + pr automation to create it w/ a few inputs as a CRD. - -# Troubleshooting -#### Get Kubeconfig for the MGMT Cluster -```sh -plural wkspace kube-init -``` - -Use `kubectl` with the newly added kube context -The key namespaces to check are: -* plrl-console -* plrl-deploy-operator -* plrl-runtime diff --git a/pages/how-to/set-up/workload-cluster.md b/pages/how-to/set-up/workload-cluster.md index 26006f26..c2b20ff1 100644 --- a/pages/how-to/set-up/workload-cluster.md +++ b/pages/how-to/set-up/workload-cluster.md @@ -53,3 +53,15 @@ By default these stacks require approval for safety (terraform can do the strang {% callout severity="info" %} Cluster provisioning usually takes quite a while. On AWS, expect the process to take upwards of 20m, it can be more like 10m on GCP. {% /callout %} + +## Overview of the GitOps Manifests Created + +This PRA creates basically three GitOps manifests: + +* A `ServiceDeployment` at `bootstrap/clusters.yaml`. This spawns a new service syncing the `services/clusters` folder. This is meant to reduce bloat in the main `bootstrap` folder, and is technically optional. +* An `InfrastructureStack` at `services/clusters/{cloud}/stacks/{name}.yaml`. This configures the Stacks api to create a new terraform stack to manage the provisioning of the underlying EKS/AKS/etc cluster. It is tracking the `terraform/modules/clusters/{cloud}` folder. +* A `Cluster` CRD at `services/clusters/{cloud}/clusters/{name}.yaml`. This creates a pointer CRD which is often used in other CRDs like `ServiceDeployment` to reference clusters. + +{% callout severity="warning" %} +The `Cluster` CRD is not created by default when registering a cluster. This is why the PR Automation creates it, and if you registered clusters another way, you'll need to create an instance of it as well if you want to use the other CRDs which reference it. +{% /callout %} \ No newline at end of file diff --git a/pages/index.tsx b/pages/index.tsx index d9c8e1fa..1dced610 100644 --- a/pages/index.tsx +++ b/pages/index.tsx @@ -7,14 +7,12 @@ import { } from 'react' import { - AppsIcon, DiscordIcon, GitPullIcon, IconFrame, MagicWandIcon, PadlockLockedIcon, SourcererHatIcon, - TerminalIcon, ToolsIcon, } from '@pluralsh/design-system' import Link, { type LinkProps } from 'next/link' @@ -202,9 +200,9 @@ function Index() { } - href="/getting-started/quickstart" + href="/how-to/set-up/mgmt-cluster" > - A guide to getting up and running. + A guide to setting up a cluster quickly } - href="/getting-started/cloud-shell-quickstart" - > - Setting up your first cluster in browser. - - } - href="/applications" + heading="Guided tour" + icon={} + href="/how-to" > - Applications you can install with Plural. + A guided walkthrough of the majority of Plural's Fleet Management capabilties. Common issues or errors. - } - href="/getting-started/manage-git-repositories/setting-up-gitops" - > - Share and manage your Git repositories. -
diff --git a/src/NavData.tsx b/src/NavData.tsx index 4ad16058..fa346cec 100644 --- a/src/NavData.tsx +++ b/src/NavData.tsx @@ -68,10 +68,6 @@ const rootNavData: NavMenu = deepFreeze([ title: 'Architecture', href: '/deployments/architecture', }, - // { - // href: '/deployments/browser-quickstart', - // title: 'Quickstart from your Browser', - // }, { href: '/deployments/existing-cluster', title: 'Set Up on your own Cluster', @@ -120,68 +116,20 @@ const rootNavData: NavMenu = deepFreeze([ title: 'Set Up a Network Stack and other K8s Add-Ons', href: '/how-to/set-up/controllers', }, - ], - }, - { - href: '/deployments/using-operator', - title: 'Deploying Using the Plural Operator', - sections: [ { - title: 'Architecture', - href: '/deployments/operator/architecture', + title: "Set Up a Basic Self-Service Worklfow with PR Automations", + href: '/deploy/pr-automation', }, { - title: 'Git Services', - href: '/deployments/operator/git-service', + title: 'Deploy Your First Microservice to a Workload Cluster', + href: '/deploy/microservice', }, { - title: 'Helm Services', - href: '/deployments/operator/helm-service', - }, - { - title: 'Global Services', - href: '/deployments/operator/global-service', - }, - { - title: 'Defining Pipelines', - href: '/deployments/operator/pipeline', - }, - { - title: 'API Reference', - href: '/deployments/operator/api', + title: 'Setup Your First Microservice Promotion Pipeline', + href: '/deploy/pipelines', }, ], }, - // { - // href: '/deployments/clusters', - // title: 'Cluster Management', - // sections: [ - // { - // title: 'Import An Existing Cluster', - // href: '/deployments/import-cluster', - // }, - // { - // title: 'Create Provider Credentials', - // href: '/deployments/credentials', - // }, - // { - // href: '/deployments/cluster-create', - // title: 'Create Cluster API Workload Clusters', - // }, - // // { - // // href: '/deployments/cluster-config', - // // title: 'Configure my Cluster', - // // }, - // { - // title: 'Destroy the Cluster Safely', - // href: '/deployments/cluster-destroy', - // }, - // { - // title: 'Optimize Cluster Costs', - // href: '/deployments/cluster-cost', - // }, - // ], - // }, { href: '/stacks/', title: 'Iac Management with Stacks', @@ -217,28 +165,32 @@ const rootNavData: NavMenu = deepFreeze([ ], }, { - href: '/deployments/services', - title: 'Deployments', + href: '/deployments/using-operator', + title: 'Deploying Using the Plural Operator', sections: [ { - title: 'Import Git Repositories', - href: '/deployments/git', + title: 'Architecture', + href: '/deployments/operator/architecture', + }, + { + title: 'API Reference', + href: '/deployments/operator/api', }, { - href: '/deployments/services-deploy', - title: 'Deploy Services', + title: 'Git Services', + href: '/deployments/operator/git-service', }, { - href: '/deployments/helm', - title: 'Helm Repository Sources', + title: 'Helm Services', + href: '/deployments/operator/helm-service', }, { - href: '/deployments/global-services', - title: 'Configure Global Services', + title: 'Global Services', + href: '/deployments/operator/global-service', }, { - title: 'Upgrades and Rollbacks', - href: '/deployments/upgrades', + title: 'Defining Pipelines', + href: '/deployments/operator/pipeline', }, ], }, @@ -280,20 +232,6 @@ const rootNavData: NavMenu = deepFreeze([ href: '/deployments/notifications', title: 'Notifications', }, - { - href: '/deployments/ci', - title: 'Integrate With your CI', - sections: [ - { - title: 'Overview', - href: '/deployments/ci-overview', - }, - { - title: 'Github Actions', - href: '/deployments/ci-gh-actions', - }, - ], - }, { href: '/deployments/operations', title: 'Advanced Operations', From c1b83a2c119f7e3eadd936fc40aa43b710276524 Mon Sep 17 00:00:00 2001 From: michaeljguarino Date: Sun, 22 Sep 2024 16:40:27 -0400 Subject: [PATCH 21/21] rearrange nav and intro docs a bit --- pages/how-to/deploy/pipelines.md | 4 +- pages/how-to/deploy/pr-automation.md | 2 +- pages/how-to/index.md | 15 +++ pages/how-to/set-up/controllers.md | 17 +++ pages/introduction.md | 89 ++-------------- pages/operations/security/index.md | 31 +++--- src/NavData.tsx | 150 ++++++++++++--------------- 7 files changed, 123 insertions(+), 185 deletions(-) diff --git a/pages/how-to/deploy/pipelines.md b/pages/how-to/deploy/pipelines.md index ac005c43..b645bce2 100644 --- a/pages/how-to/deploy/pipelines.md +++ b/pages/how-to/deploy/pipelines.md @@ -146,7 +146,7 @@ A pipeline is triggered by binding a pipeline context to it. To test, it can be 1. Navigate to https://{your-console-domain}/cd/pipelines and click on the `cd-demo` row 2. Click `Add Context` at the bottom of the dev stage -3. Enter a json blob like `{"version": ""}` to setup a new context. The context should match `spec.configuration` from the PR Automation `cd-demo-pipeline` you created for this pipeline. +3. Enter a json blob like `{"version": "0.1.0"}` to setup a new context (`0.1.0` is just another valid tag for our image). The context should match `spec.configuration` from the PR Automation `cd-demo-pipeline` you created for this pipeline. You can also trigger the pipeline via CRD, wich can be done by writing a file to `bootstrap/cd-demo/context.yaml`: @@ -160,7 +160,7 @@ spec: name: cd-demo namespace: infra context: - version: {{some-docker-tag}} + version: 0.1.0 ``` ## Use an Observer to Automate Pipeline Context Creation (EXTRA CREDIT) diff --git a/pages/how-to/deploy/pr-automation.md b/pages/how-to/deploy/pr-automation.md index f7073cf3..af79e91d 100644 --- a/pages/how-to/deploy/pr-automation.md +++ b/pages/how-to/deploy/pr-automation.md @@ -52,7 +52,7 @@ spec: type: STRING documentation: the name of this blob store (if using s3, this would become an s3 bucket name) validation: - regex: [a-z][a-z\-0-9]+ + regex: "[a-z][a-z\-0-9]+" - name: type type: ENUM documentation: the type of blob storage to provision diff --git a/pages/how-to/index.md b/pages/how-to/index.md index 008774d2..9e1f8788 100644 --- a/pages/how-to/index.md +++ b/pages/how-to/index.md @@ -2,3 +2,18 @@ title: How To description: How To Guides for Getting the Most Out of Plural --- + +These tutorials will guide you through a miniaturized example of the Kubernetes adoption process. The basic steps are: + +1. Setup your management cluster +2. Setup a few workload clusters to separate dev and prod workloads +3. Setup a base kubernetes runtime, in this case for managing networking w/ ingress, cert-manager, and external-dns +4. Deploy dev + prod microservices +5. Setup Pipelines between them. + +We also go into a few other usecases that will often become useful, in particular: + +* Implementing cloud self-service with our PR Automation and Terraform Stacks APIs. +* Integrating closely with your source control provider, to tightly integrate your deployment workflows with the code review and approval process. + +They are meant to be consumed in order, but you can also browse around. \ No newline at end of file diff --git a/pages/how-to/set-up/controllers.md b/pages/how-to/set-up/controllers.md index 011ef3bd..1303ab68 100644 --- a/pages/how-to/set-up/controllers.md +++ b/pages/how-to/set-up/controllers.md @@ -295,3 +295,20 @@ spec: ref: main folder: services/cluster-issuer # simply source the raw yaml from the services/cluster-issuer folder ``` + +## Push to Deploy + +We registered all these manifests under the root `bootstrap` folder a `plural up`-derived management cluster listens to by default, so all you should need to do is either: + +```sh +git commit -m "setup our cluster runtime" +git push +``` + +or create a PR, approve it, and merge to have the global deploy to all your clusters. + +{% callout severity="info" %} +You might need to wait a minute or two for the system to poll git and realize there's a new change. +{% /callout %} + +Once you've configured all of these, you should see the new Global Services at https://{your-console-domain}/cd/globalservices. \ No newline at end of file diff --git a/pages/introduction.md b/pages/introduction.md index eebc4dfe..d8c81aef 100644 --- a/pages/introduction.md +++ b/pages/introduction.md @@ -1,90 +1,21 @@ --- title: Introduction description: >- - Plural empowers you to build and maintain production-ready applications on - Kubernetes in minutes with no management overhead. + Plural is your single pane of glass for Enterprise-Grade Kubernetes Fleet Management --- -## What is Plural? +# What is Plural? -Plural is a self-hosted, open-source, unified application deployment platform that deploys your selected applictions into a Kubernetes cluster in the cloud provider of your choice. Plural acts as: +Plural is a unified cloud orchestrator for the management of Kubernetes at scale. In particular, the fleet management problem as we understand it is decomposed into providing a consistent workflow for 4 main concerns: -- An infrastructure provisioner, spinning up new clusters as needed -- A continuous deployment solution, allowing you to deploy your services across environments -- A single pane of glass for complete visibility into what's deployed where -- An open-source marketplace to deploy 3rd party software into your clusters +1. Kubernetes Continuous Deployment - you need a GitOps-based, drift-detecting mechanism to sync kubernetes yaml manifests, written in helm, kustomize, raw yaml, etc, into target kubernetes clusters. It should also be orchestrable via API to support a scalable workflow to any fleet size. +2. Kubernetes Dashboarding - A secure, SSO-integrated Kubernetes dashboard layer for ad-hoc troubleshooting. GitOps should handle anything on a write-path, but you still need a strong read-path that's not burdened with friction. +3. Infrastructure-As-Code Management - implemented via [Stacks](/stacks/overview), this provides a k8s-native, API-driven mechanism to scalably manage the terraform complexity that immediately arises when using kubernetes in earnest. +4. Self-Service Code Generation - the glue that ties everything together, a repeatable PR Automation API that allows you to self-serviceably generate the manifests for any workflow in 1-3 with a simple UI wizard. Think of it like Backstage for Kubernetes. -Plural leverages Cluster API, Helm, Terraform, and YAML to create your desired infrastructure. Spinning up a first cluster is as easy as running `plural build`, and all configuration within your Plural Git repository is fully ejectable from the platform and ecosystem. +In addition, we support a robust, enterprise-ready [Architecture](/deployments/architecture). This uses a separation of management cluster and an agent w/in each workload cluster to achieve scalability and enhanced security to compensate for the risks caused by introducing a Single-Pane-of-Glass to Kubernetes. The agent can only communicate to the management cluster via egress networking, and executes all write operations with local credentials, removing the need for the management cluster to be a repository of global credentials. If you want to learn more about the nuts-and-bolts feel free to visit our [Architecture Page](/deployments/architecture). -![](/assets/introduction/introduction-marketplace.png) -![](/assets/deployments/deployment-services.png) +## Plural Open Source Marketplace -**Some key features of the platform include:** +We also maintain a catalog of open source applications like Airbyte, Airflow, etc. that can be deployed to kubernetes on most major clouds. We're in progress to merging that experience with our modernized Fleet Management platform, but if you're interested in any of them, we're happy to support them in the context of a commercial plan. -- Bundled infrastructure provisioning and application deployment -- Automated upgrades for open-source software -- Cross-tool dependency management -- GitOps workflow with batteries-included transparent secret encryption -- Built on common open-source tools, so if you don't like us, you can always eject your application from Plural and use it as you please. - -Notably, we support bringing your own Kubernetes cluster for our continuous deployment workflows. - -## Deployment Options - -### Plural CLI - -This is the current standard deployment method. Click below for a quickstart to managing configuration locally. - -- [Quickstart: Using the Plural CLI on your Machine](/getting-started/quickstart) - -### Plural Cloud Shell - -We have created a Cloud Shell with all of the tools and dependencies needed to run Plural. This is available [here](https://app.plural.sh/shell) to try out. If you want to **try out Plural without entering cloud credentials**, we offer a demo environment of our Plural Console that you can access [here](https://www.plural.sh/demo-login). - -- [Using our in-browser Cloud Shell](/getting-started/cloud-shell-quickstart) - -If you need support getting your Plural deployment up and running, join the [Plural Discord here!](https://discord.com/invite/bEBAMXV64s) - -## Architecture - -The Plural architecture has three main components: - -- Plural Console for management of all applications on your infrastructure -- Plural API and Catalog site (available at [https://app.plural.sh](https://app.plural.sh)) -- Plural CLI and Git SCM to maintain the state of a user's applications - -### Plural Console - -The Plural Console is the operational hub for all applications managed by Plural. It is deployed in-cluster alongside applications and provides a few key features: - -- Horizontally scalable Git cache - we should be able to ingest as many git repos as you'd like and auto-shard them throughout your cluster automatically and efficiently. -- Configuration Management - supports re-configurable backends, but allows you to easily parameterize services with information like hostnames, docker image tags, and other secret and non-secret information. -- Auth Proxy - this is a secure bidirectional grpc channel initiated by a deployment agent used to make kubernetes api calls no matter where a cluster may live and give you full dashboarding capabilities from the Plural CD UI. -- Cluster API Providers - Plural CD natively integrates with cluster api and allows you to create and manage new clusters at scale and fork your own kubernetes cluster APIs on top of existing setups for services like EKS, AKS and GKE or on-prem solutions like Rancher -- Support - in-person support can be handled in our chat interface available directly in the admin console, with a lot of nice features like direct zoom integration - -It's deployed as a highly available, scalable web service, with postgres as its datastore. It also directly integrates with Plural's OIDC for login and user management. - -See our [Plural CD Architecture page](/deployments/architecture) for more information - -### Plural API - -The primary responsibility of the Plural API is to store the packages needed for open-source application installation - terraform, helm - and ingesting high-level dependency information about them. This allows us to properly sequence installations. It also serves as a publish-subscribe layer to communicate updates to clusters that have installed those applications, and can leverage the dependency information ingested to delay updates until a cluster has caught up with all the necessary dependencies. - -It also can serve as an identity provider for any Plural application, delegating authentication via OIDC and also maintaining user group info and communicating it down to applications. - -### Plural CLI - -The Plural CLI can be used for interaction with the Plural API and Plural Console. The CLI effectively uses the Plural API as a package manager, and works as a higher level build tool on top of the DevOps packages it supports. - -It also is responsible for managing secret encryption of all application state in plural installation repos and provides a few useful tools for troubleshooting an application our admin console might not be well-suited to solve. - -Finally it also provides the toolchain for publishing applications to the plural API. - -## Docs Translations - -### Japanese - -The wonderful team at [St-Hakky](https://www.about.st-hakky.com/) has translated most of our docs to Japanese on their website. To view the [translated docs, click here](https://book.st-hakky.com/docs/plural-overview). - -St-Hakky のすばらしいチームが、ウェブサイトでほとんどのドキュメントを日本語に翻訳してくれました。 翻訳されたドキュメントを表示するには、ここをクリックしてください。 diff --git a/pages/operations/security/index.md b/pages/operations/security/index.md index 329f3808..879bf16e 100644 --- a/pages/operations/security/index.md +++ b/pages/operations/security/index.md @@ -3,29 +3,24 @@ title: Security Concepts description: Learn about what Plural has access to at various steps of deployment. --- -## Cloud Access +# Plural Console -### Plural CLI +The Plural Console by default has access to nothing in your cloud. To grant it access you'll have to do one of the following: -Plural **does not** have access to any cloud environments when deployed through the CLI. We generate deployment manifests in the Plural Git repository and then use your configured cloud provider's CLI on your behalf. We cannot perform anything outside of deploying and managing the manifests that are created in your Plural Git repository. +* manually configure a SCM connection to connect to your Source Control Provider (eg Github) +* manually bind a workload identity role to the service account used by a Plural console-related pod (eg for stack runners) -### Plural Cloud Shell +In addition, the Console only will make two outbound network requests, outside of those used to run terraform or pull from Git: -Plural **does** have access to your cloud credentials when deployed through the Cloud Shell. In order to streamline the Cloud Shell experience, we securely store cloud credentials to create resources on your behalf. You can eject from the Cloud Shell to the CLI at any time to save your configuration and revoke our access. This is done with the following steps: +* A request to validate your instances license. This can be replaced with a cryptographic license key, and thus disabled. +* A request to compile our deprecation tables using our upstream dataset. This can also be replaced by an airgapped version with the tables baked into our binary. The tradeoff will be staleness. -1. [Install the Plural CLI](/getting-started/quickstart). -2. Run `plural shell sync` on your local machine. -3. Run `plural shell purge` in the Cloud Shell to destroy it. +# Plural Cloud -## Plural Console +A Plural Console running in Plural Cloud can collect creds in a few ways: -Our console has elevated permissions when running in your Plural Kubernetes cluster, but it runs in its own environment to alleviate security concerns. Its permissions are required in order to listen for new versions of packages to apply automated updates to your applications. +1. Plural-managed terraform state could have various credentials inside it +2. SCM credentials are stored row-encrypted in our database (but can be revoked at any time). +3. Service secrets are stored row-encrypted in our database (but you can use cloud-native secret managers if you prefer robustness over convenience). -## GitHub - -When using the CLI or Cloud Shell, Plural will receive the following permissions: - -- Create GitHub repositories on your behalf -- Commit changes to repositories that Plural has created - -Plural **does not** have access to repositories that have not been created by Plural. +Since you'll still need to create a small management cluster to attach to your cloud console, that will be what is bound any cloud creds for executing terraform, etc, and so you do not need to exchange any cloud credentials with Plural to use Plural Cloud. diff --git a/src/NavData.tsx b/src/NavData.tsx index fa346cec..be09038e 100644 --- a/src/NavData.tsx +++ b/src/NavData.tsx @@ -47,14 +47,6 @@ const rootNavData: NavMenu = deepFreeze([ title: 'Introduction', href: '/introduction', }, - { - title: 'What makes Plural different?', - href: '/getting-started/plural-difference', - }, - { - title: 'Concepts', - href: '/getting-started/concepts', - }, ], }, { @@ -118,15 +110,15 @@ const rootNavData: NavMenu = deepFreeze([ }, { title: "Set Up a Basic Self-Service Worklfow with PR Automations", - href: '/deploy/pr-automation', + href: '/how-to/deploy/pr-automation', }, { title: 'Deploy Your First Microservice to a Workload Cluster', - href: '/deploy/microservice', + href: '/how-to/deploy/microservice', }, { title: 'Setup Your First Microservice Promotion Pipeline', - href: '/deploy/pipelines', + href: '/how-to/deploy/pipelines', }, ], }, @@ -347,6 +339,68 @@ const rootNavData: NavMenu = deepFreeze([ title: 'Sharing your Plural Repository', href: '/getting-started/manage-git-repositories/sharing-git-repositories', }, + { + title: 'Reference', + href: '/reference', + sections: [ + { + title: 'Cloud Provider CLI Setup', + href: '/reference/configuring-cloud-provider', + }, + { + title: 'Common Errors', + href: '/reference/troubleshooting', + }, + { + title: 'Handling Partial Deployments', + href: '/reference/partial-installation', + }, + { + href: '/getting-started/manage-git-repositories', + title: 'Manage Git Repositories', + sections: [ + { + href: '/getting-started/manage-git-repositories/setting-up-gitops', + title: 'Setting Up GitOps', + }, + { + href: '/getting-started/manage-git-repositories/workspace-encryption', + title: 'Workspace Encryption Guide', + }, + ], + }, + { + href: '/getting-started/manage-git-repositories/your-plural-workspace', + title: 'Plural Workspace Layout', + }, + { + title: 'API / Developer Tools', + href: '/reference/api', + sections: [ + { + href: '/reference/api/plural-api', + title: 'Plural API', + }, + { + title: 'Console API', + href: '/reference/api/console-api', + }, + ], + }, + { + title: 'CLI Command Reference', + href: '/reference/cli-reference', + }, + { + href: '/adding-new-application/plural-custom-resources', + title: 'Plural Custom Resources', + }, + { + href: '/adding-new-application/module-library', + title: 'Module Library', + }, + ], + }, { href: '/operations/advanced-operations', title: 'Advanced Operations', @@ -440,14 +494,6 @@ const rootNavData: NavMenu = deepFreeze([ href: '/operations/auth-access-control/openid-connect', title: 'What is Plural OIDC?', }, - { - href: '/operations/auth-access-control/identity-and-installations/audit-logging', - title: 'What audit logging does Plural do?', - }, - { - href: '/operations/auth-access-control/identity-and-installations', - title: 'How does auth and access control work for Plural?', - }, { href: '/faq/certifications', title: 'What certifications does Plural have?', @@ -456,72 +502,6 @@ const rootNavData: NavMenu = deepFreeze([ href: '/faq/plural-paid-tiers', title: 'How do the paid Plural tiers work?', }, - { - href: '/faq/local-development', - title: 'Can I develop locally?', - }, - ], - }, - - { - title: 'Reference', - sections: [ - { - title: 'Cloud Provider CLI Setup', - href: '/reference/configuring-cloud-provider', - }, - { - title: 'Common Errors', - href: '/reference/troubleshooting', - }, - { - title: 'Handling Partial Deployments', - href: '/reference/partial-installation', - }, - { - href: '/getting-started/manage-git-repositories', - title: 'Manage Git Repositories', - sections: [ - { - href: '/getting-started/manage-git-repositories/setting-up-gitops', - title: 'Setting Up GitOps', - }, - { - href: '/getting-started/manage-git-repositories/workspace-encryption', - title: 'Workspace Encryption Guide', - }, - ], - }, - { - href: '/getting-started/manage-git-repositories/your-plural-workspace', - title: 'Plural Workspace Layout', - }, - { - title: 'API / Developer Tools', - href: '/reference/api', - sections: [ - { - href: '/reference/api/plural-api', - title: 'Plural API', - }, - { - title: 'Console API', - href: '/reference/api/console-api', - }, - ], - }, - { - title: 'CLI Command Reference', - href: '/reference/cli-reference', - }, - { - href: '/adding-new-application/plural-custom-resources', - title: 'Plural Custom Resources', - }, - { - href: '/adding-new-application/module-library', - title: 'Module Library', - }, ], }, {