Merge branch 'main' into main

This commit is contained in:
abdul-hai-apisec
2022-10-28 07:53:37 +05:30
committed by GitHub
111 changed files with 1669 additions and 492 deletions
+1 -1
View File
@@ -41,7 +41,7 @@ It is not:
- [ ] Should be preserved under [the `code-scanning` directory](https://github.com/actions/starter-workflows/tree/main/code-scanning).
- [ ] Should include a matching `code-scanning/properties/*.properties.json` file (for example, [`code-scanning/properties/codeql.properties.json`](https://github.com/actions/starter-workflows/blob/main/code-scanning/properties/codeql.properties.json)), with properties set as follows:
- [ ] `name`: Name of the Code Scanning integration.
- [ ] `organization`: Name of the organization producing the Code Scanning integration.
- [ ] `creator`: Name of the organization/user producing the Code Scanning integration.
- [ ] `description`: Short description of the Code Scanning integration.
- [ ] `categories`: Array of languages supported by the Code Scanning integration.
- [ ] `iconName`: Name of the SVG logo representing the Code Scanning integration. This SVG logo must be present in [the `icons` directory](https://github.com/actions/starter-workflows/tree/main/icons).
+1 -1
View File
@@ -9,7 +9,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: 'Auto-assign issue'
uses: pozil/auto-assign-issue@v1.10.0
uses: pozil/auto-assign-issue@v1.11.0
with:
assignees: phantsure,tiwarishub,anuragc617,vsvipul,bishal-pdmsft
numOfAssignee: 1
+1 -1
View File
@@ -7,4 +7,4 @@ jobs:
add-reviews:
runs-on: ubuntu-latest
steps:
- uses: kentaro-m/auto-assign-action@v1.2.1
- uses: kentaro-m/auto-assign-action@v1.2.2
+1 -1
View File
@@ -13,7 +13,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/stale@v5
- uses: actions/stale@v6
with:
stale-issue-message: 'This issue has become stale and will be closed automatically within a period of time. Sorry about that.'
stale-pr-message: 'This pull request has become stale and will be closed automatically within a period of time. Sorry about that.'
+1 -2
View File
@@ -2,8 +2,7 @@ name: Sync workflows for GHES
on:
push:
branches:
- main
branches: [ main ]
jobs:
sync:
+7 -4
View File
@@ -12,10 +12,11 @@ These are the workflow files for helping people get started with GitHub Actions.
### Directory structure
* [ci](ci): solutions for Continuous Integration workflows.
* [deployments](deployments): solutions for Deployment workflows.
* [automation](automation): solutions for automating workflows.
* [code-scanning](code-scanning): starter workflows for [Code Scanning](https://github.com/features/security)
* [ci](ci): solutions for Continuous Integration workflows
* [deployments](deployments): solutions for Deployment workflows
* [automation](automation): solutions for automating workflows
* [code-scanning](code-scanning): solutions for [Code Scanning](https://github.com/features/security)
* [pages](pages): solutions for Pages workflows
* [icons](icons): svg icons for the relevant template
Each workflow must be written in YAML and have a `.yml` extension. They also need a corresponding `.properties.json` file that contains extra metadata about the workflow (this is displayed in the GitHub.com UI).
@@ -40,6 +41,8 @@ For example: `ci/django.yml` and `ci/properties/django.properties.json`.
* monitoring
* Automation
* utilities
* Pages
* Hugo
### Variables
These variables can be placed in the starter workflow and will be substituted as detailed below:
+1 -1
View File
@@ -1,5 +1,5 @@
# This workflow will build a Java project with Ant
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-ant
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-ant
name: Java CI
+5 -2
View File
@@ -41,9 +41,9 @@ jobs:
# https://github.com/sigstore/cosign-installer
- name: Install cosign
if: github.event_name != 'pull_request'
uses: sigstore/cosign-installer@7e0881f8fe90b25e305bbf0309761e9314607e25
uses: sigstore/cosign-installer@f3c664df7af409cb4873aa5068053ba9d61a57b6 #v2.6.0
with:
cosign-release: 'v1.9.0'
cosign-release: 'v1.11.0'
# Workaround: https://github.com/docker/build-push-action/issues/461
@@ -78,6 +78,9 @@ jobs:
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
# Sign the resulting Docker image digest except on PRs.
# This will only write to the public Rekor transparency log when the Docker
+1 -1
View File
@@ -69,7 +69,7 @@ jobs:
# Install the .NET Core workload
- name: Install .NET Core
uses: actions/setup-dotnet@v2
uses: actions/setup-dotnet@v3
with:
dotnet-version: 6.0.x
+4 -1
View File
@@ -1,3 +1,6 @@
# This workflow will build a .NET project
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-net
name: .NET
on:
@@ -14,7 +17,7 @@ jobs:
steps:
- uses: actions/checkout@v3
- name: Setup .NET
uses: actions/setup-dotnet@v2
uses: actions/setup-dotnet@v3
with:
dotnet-version: 6.0.x
- name: Restore dependencies
@@ -0,0 +1,68 @@
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# This workflow lets you generate SLSA provenance file for your project.
# The generation satisfies level 3 for the provenance requirements - see https://slsa.dev/spec/v0.1/requirements
# The project is an initiative of the OpenSSF (openssf.org) and is developed at
# https://github.com/slsa-framework/slsa-github-generator.
# The provenance file can be verified using https://github.com/slsa-framework/slsa-verifier.
# For more information about SLSA and how it improves the supply-chain, visit slsa.dev.
name: SLSA generic generator
on:
workflow_dispatch:
release:
types: [created]
permissions: read-all
jobs:
build:
runs-on: ubuntu-latest
outputs:
digests: ${{ steps.hash.outputs.digests }}
steps:
- uses: actions/checkout@v3
# ========================================================
#
# Step 1: Build your artifacts.
#
# ========================================================
- name: Build artifacts
run: |
# These are some amazing artifacts.
echo "artifact1" > artifact1
echo "artifact2" > artifact2
# ========================================================
#
# Step 2: Add a step to generate the provenance subjects
# as shown below. Update the sha256 sum arguments
# to include all binaries that you generate
# provenance for.
#
# ========================================================
- name: Generate subject
id: hash
run: |
set -euo pipefail
# List the artifacts the provenance will refer to.
files=$(ls artifact*)
# Generate the subjects (base64 encoded).
echo "::set-output name=digests::$(sha256sum $files | base64 -w0)"
provenance:
needs: [build]
permissions:
actions: read # To read the workflow path.
id-token: write # To sign the provenance.
contents: write # To add assets to a release.
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.2.0
with:
base64-subjects: "${{ needs.build.outputs.digests }}"
upload-assets: true # Optional: Upload to a new release
+3
View File
@@ -1,3 +1,6 @@
# This workflow will build a golang project
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-go
name: Go
on:
+1 -1
View File
@@ -3,7 +3,7 @@
# separate terms of service, privacy policy, and support
# documentation.
# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-gradle
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle
name: Java CI with Gradle
+10 -1
View File
@@ -1,5 +1,10 @@
# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
name: Java CI with Maven
@@ -24,3 +29,7 @@ jobs:
cache: maven
- name: Build with Maven
run: mvn -B package --file pom.xml
# Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive
- name: Update dependency graph
uses: advanced-security/maven-dependency-submission-action@571e99aab1055c2e71a1e2309b9691de18d6b7d6
+2 -2
View File
@@ -1,5 +1,5 @@
# This workflow will do a clean installation of node dependencies, cache/restore them, build the source code and run tests across different versions of node
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-nodejs
name: Node.js CI
@@ -16,7 +16,7 @@ jobs:
strategy:
matrix:
node-version: [12.x, 14.x, 16.x]
node-version: [14.x, 16.x, 18.x]
# See supported Node.js release schedule at https://nodejs.org/en/about/releases/
steps:
+1 -1
View File
@@ -12,7 +12,7 @@ jobs:
strategy:
matrix:
node-version: [12.x, 14.x, 16.x]
node-version: [14.x, 16.x, 18.x]
steps:
- uses: actions/checkout@v3
+1 -1
View File
@@ -12,7 +12,7 @@ jobs:
strategy:
matrix:
node-version: [12.x, 14.x, 16.x]
node-version: [14.x, 16.x, 18.x]
steps:
- uses: actions/checkout@v3
+1 -1
View File
@@ -1,5 +1,5 @@
# This workflow will run tests using node and then publish a package to GitHub Packages when a release is created
# For more information see: https://help.github.com/actions/language-and-framework-guides/publishing-nodejs-packages
# For more information see: https://docs.github.com/en/actions/publishing-packages/publishing-nodejs-packages
name: Node.js Package
+1 -1
View File
@@ -1,5 +1,5 @@
# This workflow will run tests using node and then publish a package to GitHub Packages when a release is created
# For more information see: https://help.github.com/actions/language-and-framework-guides/publishing-nodejs-packages
# For more information see: https://docs.github.com/en/actions/publishing-packages/publishing-nodejs-packages
name: Node.js Package
@@ -0,0 +1,7 @@
{
"name": "SLSA Generic generator",
"creator": "Open Source Security Foundation (OpenSSF)",
"description": "Generate SLSA3 provenance for your existing release workflows",
"iconName": "generator-generic-ossf-slsa3-publish",
"categories": ["Continuous integration", "Go", "Elixir", "Erlang", "PHP", "Haskell", "Rust", "Java", "Scala", "Gradle", "Maven", "Python", "C", "C++", "TypeScript", "JavaScript", "npm", "Ruby", "HTML", "Composer", "Makefile", "Ada"]
}
@@ -1,5 +1,5 @@
{
"name": "Jekyll",
"name": "Jekyll using Docker image",
"description": "Package a Jekyll site using the jekyll/builder Docker image.",
"iconName": "jekyll",
"categories": ["Continuous integration", "HTML"]
+1 -1
View File
@@ -1,5 +1,5 @@
# This workflow will install Python dependencies, run tests and lint with a single version of Python
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-python
name: Python application
+1 -1
View File
@@ -1,5 +1,5 @@
# This workflow will install Python dependencies, run tests and lint with a variety of Python versions
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-python
name: Python package
+1 -1
View File
@@ -1,5 +1,5 @@
# This workflow will upload a Python Package using Twine when a release is created
# For more information see: https://help.github.com/en/actions/language-and-framework-guides/using-python-with-github-actions#publishing-to-package-registries
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-python#publishing-to-package-registries
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
+1 -1
View File
@@ -30,7 +30,7 @@ jobs:
# To automatically get bug fixes and new Ruby versions for ruby/setup-ruby,
# change this to (see https://github.com/ruby/setup-ruby#versioning):
# uses: ruby/setup-ruby@v1
uses: ruby/setup-ruby@2b019609e2b0f1ea1a2bc8ca11cb82ab46ada124
uses: ruby/setup-ruby@0a29871fe2b0200a17a4497bae54fe5df0d973aa # v1.115.3
with:
ruby-version: ${{ matrix.ruby-version }}
bundler-cache: true # runs 'bundle install' and caches installed gems automatically
+2 -2
View File
@@ -30,7 +30,7 @@ jobs:
uses: actions/checkout@v3
# Add or replace dependency steps here
- name: Install Ruby and gems
uses: ruby/setup-ruby@8f312efe1262fb463d906e9bf040319394c18d3e # v1.92
uses: ruby/setup-ruby@0a29871fe2b0200a17a4497bae54fe5df0d973aa # v1.115.3
with:
bundler-cache: true
# Add or replace database setup steps here
@@ -46,7 +46,7 @@ jobs:
- name: Checkout code
uses: actions/checkout@v3
- name: Install Ruby and gems
uses: ruby/setup-ruby@8f312efe1262fb463d906e9bf040319394c18d3e # v1.92
uses: ruby/setup-ruby@0a29871fe2b0200a17a4497bae54fe5df0d973aa # v1.115.3
with:
bundler-cache: true
# Add or replace any other lints here
+3
View File
@@ -1,3 +1,6 @@
# This workflow will build a Swift project
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-swift
name: Swift
on:
+1 -1
View File
@@ -12,7 +12,7 @@ jobs:
strategy:
matrix:
node-version: [12.x, 14.x, 16.x]
node-version: [14.x, 16.x, 18.x]
steps:
- uses: actions/checkout@v3
+10 -9
View File
@@ -9,7 +9,7 @@
# and parameters, see https://github.com/anchore/scan-action. For more
# information on Anchore's container image scanning tool Grype, see
# https://github.com/anchore/grype
name: Anchore Container Scan
name: Anchore Grype vulnerability scan
on:
push:
@@ -28,20 +28,21 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
- name: Checkout the code
- name: Check out the code
uses: actions/checkout@v3
- name: Build the Docker image
run: docker build . --file Dockerfile --tag localbuild/testimage:latest
- name: Run the Anchore scan action itself with GitHub Advanced Security code scanning integration enabled
uses: anchore/scan-action@b08527d5ae7f7dc76f9621edb6e49eaf47933ccd
- name: Run the Anchore Grype scan action
uses: anchore/scan-action@d5aa5b6cb9414b0c7771438046ff5bcfa2854ed7
id: scan
with:
image: "localbuild/testimage:latest"
acs-report-enable: true
fail-build: false
- name: Upload Anchore Scan Report
fail-build: true
severity-cutoff: critical
- name: Upload vulnerability report
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: results.sarif
sarif_file: ${{ steps.scan.outputs.sarif }}
+3 -1
View File
@@ -46,9 +46,11 @@ permissions:
contents: read
jobs:
Trigger APIsec scan:
Trigger_APIsec_scan:
permissions:
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
+2 -1
View File
@@ -25,6 +25,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: Brakeman Scan
runs-on: ubuntu-latest
steps:
@@ -34,7 +35,7 @@ jobs:
# Customize the ruby version depending on your needs
- name: Setup Ruby
uses: ruby/setup-ruby@f20f1eae726df008313d2e0d78c5e602562a1bcf
uses: ruby/setup-ruby@0a29871fe2b0200a17a4497bae54fe5df0d973aa # v1.115.3
with:
ruby-version: '2.7'
+1
View File
@@ -29,6 +29,7 @@ jobs:
issues: write # for checkmarx-ts/checkmarx-cxflow-github-action to write feedback to github issues
pull-requests: write # for checkmarx-ts/checkmarx-cxflow-github-action to write feedback to PR
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
# Steps require - checkout code, run CxFlow Action, Upload SARIF report (optional)
+1
View File
@@ -24,6 +24,7 @@ jobs:
permissions:
contents: read
security-events: write
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v2
+1
View File
@@ -29,6 +29,7 @@ jobs:
permissions:
contents: read
security-events: write
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v2
+1
View File
@@ -30,6 +30,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: Codacy Security Scan
runs-on: ubuntu-latest
steps:
+3 -1
View File
@@ -53,7 +53,7 @@ jobs:
# queries: security-extended,security-and-quality
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v2
@@ -70,3 +70,5 @@ jobs:
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
with:
category: "/language:${{matrix.language}}"
+1
View File
@@ -25,6 +25,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
- name: Checkout repository
+1
View File
@@ -30,6 +30,7 @@ jobs:
permissions:
contents: read # for actions/checkout
security-events: write # for github/codeql-action/upload-sarif
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
# check out project
steps:
+1
View File
@@ -25,6 +25,7 @@ jobs:
permissions:
contents: read
security-events: write
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v3
+69
View File
@@ -0,0 +1,69 @@
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# EthicalCheck addresses the critical need to continuously security test APIs in development and in production.
# EthicalCheck provides the industrys only free & automated API security testing service that uncovers security vulnerabilities using OWASP API list.
# Developers relies on EthicalCheck to evaluate every update and release, ensuring that no APIs go to production with exploitable vulnerabilities.
# You develop the application and API, we bring complete and continuous security testing to you, accelerating development.
# Know your API and Applications are secure with EthicalCheck our free & automated API security testing service.
# How EthicalCheck works?
# EthicalCheck functions in the following simple steps.
# 1. Security Testing.
# Provide your OpenAPI specification or start with a public Postman collection URL.
# EthicalCheck instantly instrospects your API and creates a map of API endpoints for security testing.
# It then automatically creates hundreds of security tests that are non-intrusive to comprehensively and completely test for authentication, authorizations, and OWASP bugs your API. The tests addresses the OWASP API Security categories including OAuth 2.0, JWT, Rate Limit etc.
# 2. Reporting.
# EthicalCheck generates security test report that includes all the tested endpoints, coverage graph, exceptions, and vulnerabilities.
# Vulnerabilities are fully triaged, it contains CVSS score, severity, endpoint information, and OWASP tagging.
# This is a starter workflow to help you get started with EthicalCheck Actions
name: EthicalCheck-Workflow
# Controls when the workflow will run
on:
# Triggers the workflow on push or pull request events but only for the $default-branch branch
# Customize trigger events based on your DevSecOps processes.
push:
branches: [ $default-branch, $protected-branches ]
pull_request:
branches: [ $default-branch ]
schedule:
- cron: $cron-weekly
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
permissions:
contents: read
jobs:
Trigger_EthicalCheck:
permissions:
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
- name: EthicalCheck Free & Automated API Security Testing Service
uses: apisec-inc/ethicalcheck-action@005fac321dd843682b1af6b72f30caaf9952c641
with:
# The OpenAPI Specification URL or Swagger Path or Public Postman collection URL.
oas-url: "http://netbanking.apisec.ai:8080/v2/api-docs"
# The email address to which the penetration test report will be sent.
email: "xxx@apisec.ai"
sarif-result-file: "ethicalcheck-results.sarif"
- name: Upload sarif file to repository
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: ./ethicalcheck-results.sarif
+3 -6
View File
@@ -10,14 +10,11 @@
name: "Frogbot Scan and Fix"
on:
push:
branches:
# The scanning and creation of pull requests with fixes are triggered by pushing code to one of the these branches.
# You can edit the list of branches you wish to open fix pull requests on.
- "main"
- "master"
branches: [ $default-branch ]
permissions:
contents: write
pull-requests: write
security-events: write
jobs:
create-fix-pull-requests:
runs-on: ubuntu-latest
@@ -40,7 +37,7 @@ jobs:
# node-version: "16.x"
- uses: jfrog/frogbot@de3d42bf3a454ddf156632ae520a5ead49048416
- uses: jfrog/frogbot@9304d3b1d8e05a1b5fc0ba9ebf9ffbd495386250
env:
# [Mandatory]
# JFrog platform URL (This functionality requires version 3.29.0 or above of Xray)
+1 -1
View File
@@ -42,7 +42,7 @@ jobs:
# The full template list with the required GitHub Actions can be found at https://github.com/jfrog/frogbot/tree/master/templates/github-actions/scan-pull-request
- uses: jfrog/frogbot@de3d42bf3a454ddf156632ae520a5ead49048416
- uses: jfrog/frogbot@9304d3b1d8e05a1b5fc0ba9ebf9ffbd495386250
env:
# [Mandatory]
# JFrog platform URL (This functionality requires version 3.29.0 or above of Xray)
+1 -1
View File
@@ -27,7 +27,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v3
+55
View File
@@ -0,0 +1,55 @@
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# lintr provides static code analysis for R.
# It checks for adherence to a given style,
# identifying syntax errors and possible semantic issues,
# then reports them to you so you can take action.
# More details at https://lintr.r-lib.org/
name: lintr
on:
push:
branches: [ $default-branch, $protected-branches ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ $default-branch ]
schedule:
- cron: $cron-weekly
permissions:
contents: read
jobs:
lintr:
name: Run lintr scanning
runs-on: ubuntu-latest
permissions:
contents: read # for checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Setup R
uses: r-lib/actions/setup-r@4e1feaf90520ec1215d1882fdddfe3411c08e492
- name: Setup lintr
uses: r-lib/actions/setup-r-dependencies@4e1feaf90520ec1215d1882fdddfe3411c08e492
with:
extra-packages: lintr
- name: Run lintr
run: lintr::sarif_output(lintr::lint_dir("."), "lintr-results.sarif")
shell: Rscript {0}
continue-on-error: true
- name: Upload analysis results to GitHub
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: lintr-results.sarif
wait-for-processing: true
+1
View File
@@ -21,6 +21,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
+1
View File
@@ -28,6 +28,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: Analyze
runs-on: windows-latest
+1
View File
@@ -25,6 +25,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
name: njsscan code scanning
steps:
+55
View File
@@ -0,0 +1,55 @@
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
#
# NowSecure: The Mobile Security Experts <https://www.nowsecure.com/>.
#
# To use this workflow, you must have a token for NowSecure Platform. If you are a NowSecure customer,
# you can find it in NowSecure Platform.
#
# If you *are not* a NowSecure customer, click here to sign up for a free trial to get access:
# <https://bit.ly/ns-git-sbom>.
#
# Instructions:
#
# 1. In the settings for your repository, click "Secrets" then "New repository secret". Name the secret "NS_TOKEN" and
# paste in your Platform token. If you do not have a Platform token, or wish to create a new one for GitHub, visit
# NowSecure Platform and go to "Profile & Preferences" then create a token labelled "GitHub".
#
# 2. Follow the annotated workflow below and make any necessary modifications then save the workflow to your repository
# and review the "Dependency graph" tab in the "Insights" pane once the action has run.
name: "NowSecure Mobile SBOM"
on:
push:
branches: [ $default-branch, $protected-branches ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ $default-branch ]
schedule:
- cron: $cron-weekly
permissions:
contents: read
jobs:
nowsecure:
name: NowSecure Mobile SBOM
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Build your application
run: ./gradlew assembleDebug # Update this to build your Android or iOS application
- name: NowSecure upload app
uses: nowsecure/nowsecure-sbom-action@ecb731b6f17a83fa53f756f9dae2ec7034c5ed7c
with:
token: ${{ secrets.NS_TOKEN }}
app_file: app-debug.apk # Update this to a path to your .ipa or .apk
group_id: {{ groupId }} # Update this to your desired Platform group ID
+1
View File
@@ -27,6 +27,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: windows-latest
steps:
+1
View File
@@ -34,6 +34,7 @@ jobs:
permissions:
contents: read # for checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
+1
View File
@@ -21,6 +21,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
+2 -1
View File
@@ -25,13 +25,14 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: PSScriptAnalyzer
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Run PSScriptAnalyzer
uses: microsoft/psscriptanalyzer-action@2044ae068e37d0161fa2127de04c19633882f061
uses: microsoft/psscriptanalyzer-action@6b2948b1944407914a58661c49941824d149734f
with:
# Check https://github.com/microsoft/action-psscriptanalyzer for more info about the options.
# The below set up runs PSScriptAnalyzer to your entire repository and runs some basic security rules.
+1
View File
@@ -29,6 +29,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
name: Run Prisma Cloud IaC Scan to check
steps:
@@ -1,6 +1,6 @@
{
"name": "Anchore Syft SBOM Scan",
"organization": "Anchore",
"creator": "Anchore",
"description": "Produce Software Bills of Materials based on Anchore's open source Syft tool.",
"iconName": "anchore",
"categories": ["Code Scanning", "dockerfile", "dependency-management"]
@@ -1,7 +1,7 @@
{
"name": "Anchore Container Scan",
"creator": "Indeni Cloudrail",
"description": "Produce container image vulnerability and compliance reports based on the open-source Anchore container image scanner.",
"name": "Anchore Grype Vulnerability Scan",
"creator": "Anchore",
"description": "Produce source and container vulnerability reports based on Anchore's open source Grype tool.",
"iconName": "anchore",
"categories": ["Code Scanning", "dockerfile"]
}
}
@@ -1,6 +1,7 @@
{
"name": "CodeQL Analysis",
"creator": "GitHub",
"enterprise": true,
"description": "Security analysis from GitHub for C, C++, C#, Go, Java, JavaScript, TypeScript, Python, and Ruby developers.",
"iconName": "octicon mark-github",
"categories": ["Code Scanning", "C", "C++", "C#", "Go", "Java", "JavaScript", "TypeScript", "Python", "Ruby"]
@@ -2,10 +2,11 @@
"name": "ESLint",
"description": "A tool for identifying and reporting the problems found in ECMAScript/JavaScript code.",
"iconName": "eslint",
"enterprise": false,
"categories": [
"Code Scanning",
"JavaScript",
"EcmaScript",
"TypeScript"
]
}
}
@@ -0,0 +1,24 @@
{
"name": "EthicalCheck",
"creator": "APIsec",
"description": "EthicalCheck provides the industrys only free & automated API security testing service that uncovers security vulnerabilities using OWASP API list.",
"iconName": "apisec",
"categories": [
"Code Scanning",
"C",
"C#",
"C++",
"Go",
"Java",
"JavaScript",
"Kotlin",
"Objective C",
"PHP",
"Python",
"Ruby",
"Rust",
"Scala",
"Swift",
"TypeScript"
]
}
@@ -0,0 +1,6 @@
{
"name": "lintr",
"description": "lintr provides static code analysis for R.",
"iconName": "lintr",
"categories": [ "Code Scanning", "R" ]
}
@@ -0,0 +1,21 @@
{
"name": "NowSecure Mobile SBOM",
"creator": "NowSecure",
"description": "Generate a Mobile SBOM for an application and submit to Dependency Graph",
"iconName": "nowsecure",
"categories": [
"Code Scanning",
"Java",
"Kotlin",
"Scala",
"Swift",
"Objective C",
"C",
"C++",
"C#",
"Rust",
"JavaScript",
"TypeScript",
"Node"
]
}
@@ -0,0 +1,7 @@
{
"name": "Zscaler IaC Scan",
"creator": "Zscaler CWP",
"description": "Scan your Infrastructure as Code files using Zscaler Infrastructure as Code (IaC) Scan app",
"iconName": "zscaler",
"categories": ["Code Scanning"]
}
@@ -0,0 +1,14 @@
{
"name": "zScan",
"creator": "Zimperium",
"description": "The zimperium-zscan GitHub action scans your mobile app binary (iOS or Android) and identifies security, privacy, and compliance-related vulnerabilities. ",
"iconName": "zscan",
"categories": [
"Code Scanning",
"Java",
"Kotlin",
"Scala",
"Swift",
"Objective C"
]
}
+2 -1
View File
@@ -29,13 +29,14 @@ jobs:
permissions:
contents: read # for checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Setup Ruby
uses: ruby/setup-ruby@f20f1eae726df008313d2e0d78c5e602562a1bcf
uses: ruby/setup-ruby@0a29871fe2b0200a17a4497bae54fe5df0d973aa # v1.115.3
with:
ruby-version: 2.7
bundler-cache: true
+1 -1
View File
@@ -28,7 +28,7 @@ jobs:
# If running on a self-hosted runner, check it meets the requirements
# listed at https://github.com/ruby/setup-ruby#using-self-hosted-runners
- name: Set up Ruby
uses: ruby/setup-ruby@f20f1eae726df008313d2e0d78c5e602562a1bcf
uses: ruby/setup-ruby@0a29871fe2b0200a17a4497bae54fe5df0d973aa # v1.115.3
with:
ruby-version: 2.6
+1
View File
@@ -25,6 +25,7 @@ jobs:
permissions:
contents: read
security-events: write
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v2
+9 -9
View File
@@ -17,20 +17,20 @@ jobs:
permissions:
# Needed to upload the results to code-scanning dashboard.
security-events: write
# Used to receive a badge. (Upcoming feature)
# Used to receive a badge.
id-token: write
# Needs for private repositories.
contents: read
actions: read
steps:
- name: "Checkout code"
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3.0.0
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # tag=v3.0.0
with:
persist-credentials: false
- name: "Run analysis"
uses: ossf/scorecard-action@3e15ea8318eee9b333819ec77a36aca8d39df13e # v1.1.1
uses: ossf/scorecard-action@865b4092859256271290c77adbd10a43f4779972 # tag=v2.0.3
with:
results_file: results.sarif
results_format: sarif
@@ -41,22 +41,22 @@ jobs:
# repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
# Publish the results for public repositories to enable scorecard badges. For more details, see
# https://github.com/ossf/scorecard-action#publishing-results.
# For private repositories, `publish_results` will automatically be set to `false`, regardless
# https://github.com/ossf/scorecard-action#publishing-results.
# For private repositories, `publish_results` will automatically be set to `false`, regardless
# of the value entered here.
publish_results: true
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # tag=v3.0.0
with:
name: SARIF file
path: results.sarif
retention-days: 5
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@5f532563584d71fdef14ee64d17bafb34f751ce5 # v1.0.26
uses: github/codeql-action/upload-sarif@5f532563584d71fdef14ee64d17bafb34f751ce5 # tag=v1.0.26
with:
sarif_file: results.sarif
+1
View File
@@ -27,6 +27,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: Scan
runs-on: ubuntu-latest
steps:
+1
View File
@@ -30,6 +30,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
+1
View File
@@ -29,6 +29,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
+1
View File
@@ -28,6 +28,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
+10 -5
View File
@@ -3,13 +3,18 @@
# separate terms of service, privacy policy, and support
# documentation.
#
# SOOS is the easy-to-integrate software security solution for your whole team, learn more at https://soos.io/
# SOOS is the easy-to-integrate and affordable software security solution for your whole team.
# Learn more at https://soos.io/
#
# To use this action you need to fill the following requirements:
# To use this action, perform the following steps:
#
# 1. Create an account on https://app.soos.io to obtain a Client ID and API Key (Free 30 days trials for both our SCA/DAST product).
# 1. Create an account on https://app.soos.io. SOOS offers a free 30 day trial for our SCA and DAST products.
#
# 2. Set up your API KEY/Client ID as Github Secrets named SOOS_CLIENT_ID & SOOS_API_KEY. (Also set SOOS_GITHUB_PAT with your Github Personal Access Token if you're going to use sarif upload)
# 2. Navigate to the "Integrate" page in the SOOS app (https://app.soos.io/integrate). Note the "API Credentials" section of this page; the keys you will need for the next step are here.
#
# 3. Set up your SOOS API Key and SOOS Client Id as Github Secrets named SOOS_API_KEY and SOOS_CLIENT_ID.
#
# 4. (Optional) If you'd like to upload SARIF results of DAST scans to GitHub, set SOOS_GITHUB_PAT with your Github Personal Access Token.
#
name: "SOOS DAST Scan"
@@ -29,7 +34,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Run SOOS DAST Scan
uses: soos-io/soos-dast-github-action@b524e2cfbc4f4a5733153a7e624f569913f6c6e9
uses: soos-io/soos-dast-github-action@093de8c09530d4b96f12322adeb74444def866db # Use latest version from https://github.com/marketplace/actions/soos-dast
with:
client_id: ${{ secrets.SOOS_CLIENT_ID }}
api_key: ${{ secrets.SOOS_API_KEY }}
+1
View File
@@ -24,6 +24,7 @@ jobs:
checks: write # for sysdiglabs/scan-action to publish the checks
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
+1
View File
@@ -22,6 +22,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: Build
runs-on: "ubuntu-18.04"
steps:
+1
View File
@@ -27,6 +27,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
+1
View File
@@ -51,6 +51,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
+56
View File
@@ -0,0 +1,56 @@
#This workflow uses actions that are not certified by GitHub.
#They are provided by a third party and are governed by
#separate terms of service, privacy policy, and support
#documentation.
#This workflow runs the Zscaler Infrastructure as Code (IaC) Scan app,
#which detects security misconfigurations in IaC templates and publishes the findings
#under the code scanning alerts section within the repository.
#Log into the Zscaler Posture Control(ZPC) Portal to begin the onboarding process.
#Copy the client ID and client secret key generated during the onboarding process and configure.
#GitHub secrets (ZSCANNER_CLIENT_ID, ZSCANNER_CLIENT_SECRET).
#Refer https://github.com/marketplace/actions/zscaler-iac-scan for additional details on setting up this workflow.
#Any issues with this workflow, please raise it on https://github.com/ZscalerCWP/Zscaler-IaC-Action/issues for further investigation.
name: Zscaler IaC Scan
on:
push:
branches: [ $default-branch, $protected-branches ]
pull_request:
branches: [ $default-branch ]
schedule:
- cron: $cron-weekly
permissions:
contents: read
jobs:
zscaler-iac-scan:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
runs-on: ubuntu-latest
steps:
- name : Code Checkout
uses: actions/checkout@v3
- name : Zscaler IAC Scan
uses : ZscalerCWP/Zscaler-IaC-Action@8d2afb33b10b4bd50e2dc2c932b37c6e70ac1087
id : zscaler-iac-scan
with:
client_id : ${{ secrets.ZSCANNER_CLIENT_ID }}
client_secret : ${{ secrets.ZSCANNER_CLIENT_SECRET }}
#This is the user region specified during the onboarding process within the ZPC Admin Portal.
region : 'US'
iac_dir : #Enter the IaC directory path from root.
iac_file : #Enter the IaC file path from root.
output_format : #(Optional) By default, the output is provided in a human readable format. However, if you require a different format, you can specify it here.
#To fail the build based on policy violations identified in the IaC templates, set the input value (fail_build) to true.
fail_build : #Enter true/false
#Ensure that the following step is included in order to post the scan results under the code scanning alerts section within the repository.
- name: Upload SARIF file
if: ${{ success() || failure() && (steps.zscaler-iac-scan.outputs.sarif_file_path != '') }}
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: ${{ steps.zscaler-iac-scan.sarif_file_path }}
+61
View File
@@ -0,0 +1,61 @@
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
#
# The zimperium-zscan GitHub action scans your mobile app binary (iOS or Android)
# and identifies security, privacy, and compliance-related vulnerabilities.
#
# Prerequisites:
# * An active Zimperium zScan account is required. If you are not an existing Zimperium
# zScan customer, please request a zSCAN demo by visiting https://www.zimperium.com/contact-us.
# * Either GitHub Advanced Security (GHAS) or a public repository is required to display
# issues and view the remediation information inside of GitHub code scanning alerts.
#
# For additional information and setup instructions
# please visit: https://github.com/Zimperium/zScanMarketplace#readme
name: "Zimperium zScan"
on:
push:
branches: [ $default-branch, $protected-branches ]
pull_request:
branches: [ $default-branch ]
permissions:
contents: read
jobs:
zscan:
name: zScan
runs-on: ubuntu-latest
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Execute gradle build
run: ./gradlew build # Change this to build your mobile application
- name: Run Zimperium zScan
uses: zimperium/zscanmarketplace@bfc6670f6648d796098c251ccefcfdb98983174d
timeout-minutes: 60
with:
# REPLACE: Zimperium Client Environment Name
client_env: env_string
# REPLACE: Zimperium Client ID
client_id: id_string
# REPLACE: Zimperium Client Secret
client_secret: ${{ secrets.ZSCAN_CLIENT_SECRET }}
# REPLACE: The path to an .ipa or .apk
app_file: app-release-unsigned.apk
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: Zimperium.sarif
+1 -2
View File
@@ -21,8 +21,7 @@ name: Build and Deploy to ACK
on:
push:
branches:
- $default-branch
branches: [ $default-branch ]
# Environment variables available to all jobs and steps in this workflow.
env:
+1 -2
View File
@@ -28,8 +28,7 @@ name: Deploy to Amazon ECS
on:
push:
branches:
- $default-branch
branches: [ $default-branch ]
env:
AWS_REGION: MY_AWS_REGION # set this to your preferred AWS region, e.g. us-west-1
+1 -2
View File
@@ -31,8 +31,7 @@ env:
on:
push:
branches:
- $default-branch
branches: [ $default-branch ]
workflow_dispatch:
permissions:
+54 -98
View File
@@ -1,14 +1,16 @@
# This workflow will build and push an application to a Azure Kubernetes Service (AKS) cluster when you push your code
#
# This workflow assumes you have already created the target AKS cluster and have created an Azure Container Registry (ACR)
# The ACR should be attached to the AKS cluster
# For instructions see:
# - https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal
# - https://docs.microsoft.com/en-us/azure/container-registry/container-registry-get-started-portal
# - https://learn.microsoft.com/en-us/azure/aks/cluster-container-registry-integration?tabs=azure-cli#configure-acr-integration-for-existing-aks-clusters
# - https://github.com/Azure/aks-create-action
#
# To configure this workflow:
#
# 1. Set the following secrets in your repository (instructions for getting these
# 1. Set the following secrets in your repository (instructions for getting these
# https://docs.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-cli%2Clinux)):
# - AZURE_CLIENT_ID
# - AZURE_TENANT_ID
@@ -34,8 +36,7 @@ name: Build and deploy an app to AKS with Helm
on:
push:
branches:
- $default-branch
branches: [$default-branch]
workflow_dispatch:
env:
@@ -43,7 +44,6 @@ env:
CONTAINER_NAME: "your-container-name"
RESOURCE_GROUP: "your-resource-group"
CLUSTER_NAME: "your-cluster-name"
IMAGE_PULL_SECRET_NAME: "your-image-pull-secret-name"
CHART_PATH: "your-chart-path"
CHART_OVERRIDE_PATH: "your-chart-override-path"
@@ -54,63 +54,21 @@ jobs:
id-token: write
runs-on: ubuntu-latest
steps:
# Checks out the repository this file is in
- uses: actions/checkout@v3
# Logs in with your Azure credentials
- name: Azure login
uses: azure/login@v1.4.3
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# Builds and pushes an image up to your Azure Container Registry
- name: Build and push image to ACR
run: |
az acr build --image ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} .
# Checks out the repository this file is in
- uses: actions/checkout@v3
createSecret:
permissions:
contents: read
id-token: write
runs-on: ubuntu-latest
steps:
# Logs in with your Azure credentials
- name: Azure login
uses: azure/login@v1.4.3
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# Logs in with your Azure credentials
- name: Azure login
uses: azure/login@v1.4.6
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
- name: Get K8s context
uses: azure/aks-set-context@v2.0
with:
resource-group: ${{ env.RESOURCE_GROUP }}
cluster-name: ${{ env.CLUSTER_NAME }}
# Retrieves the credentials for pulling images from your Azure Container Registry
- name: Get ACR credentials
run: |
az acr update -n ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} --admin-enabled true
ACR_USERNAME=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query username -o tsv)
ACR_PASSWORD=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query passwords[0].value -o tsv)
echo "::add-mask::${ACR_USERNAME}"
echo "::set-output name=username::${ACR_USERNAME}"
echo "::add-mask::${ACR_PASSWORD}"
echo "::set-output name=password::${ACR_PASSWORD}"
id: get-acr-creds
# Creates a kubernetes secret on your Azure Kubernetes Service cluster that matches up to the credentials from the last step
- name: Create K8s secret for pulling image from ACR
uses: Azure/k8s-create-secret@v1.1
with:
container-registry-url: ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io
container-registry-username: ${{ steps.get-acr-creds.outputs.username }}
container-registry-password: ${{ steps.get-acr-creds.outputs.password }}
secret-name: ${{ env.IMAGE_PULL_SECRET_NAME }}
# Builds and pushes an image up to your Azure Container Registry
- name: Build and push image to ACR
run: |
az acr build --image ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} .
deploy:
permissions:
@@ -118,45 +76,43 @@ jobs:
contents: read
id-token: write
runs-on: ubuntu-latest
needs: [buildImage, createSecret]
needs: [buildImage]
steps:
# Checks out the repository this file is in
- uses: actions/checkout@v3
# Logs in with your Azure credentials
- name: Azure login
uses: azure/login@v1.4.3
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
- name: Get K8s context
uses: azure/aks-set-context@v2.0
with:
resource-group: ${{ env.RESOURCE_GROUP }}
cluster-name: ${{ env.CLUSTER_NAME }}
# Checks out the repository this file is in
- uses: actions/checkout@v3
# Runs Helm to create manifest files
- name: Bake deployment
uses: azure/k8s-bake@v2.1
with:
renderEngine: 'helm'
helmChart: ${{ env.CHART_PATH }}
overrideFiles: ${{ env.CHART_OVERRIDE_PATH }}
overrides: |
replicas:2
helm-version: 'latest'
id: bake
# Logs in with your Azure credentials
- name: Azure login
uses: azure/login@v1.4.6
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# Deploys application based on manifest files from previous step
- name: Deploy application
uses: Azure/k8s-deploy@v3.1
with:
action: deploy
manifests: ${{ steps.bake.outputs.manifestsBundle }}
images: |
${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }}
imagepullsecrets: |
${{ env.IMAGE_PULL_SECRET_NAME }}
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
- name: Get K8s context
uses: azure/aks-set-context@v3
with:
resource-group: ${{ env.RESOURCE_GROUP }}
cluster-name: ${{ env.CLUSTER_NAME }}
# Runs Helm to create manifest files
- name: Bake deployment
uses: azure/k8s-bake@v2
with:
renderEngine: "helm"
helmChart: ${{ env.CHART_PATH }}
overrideFiles: ${{ env.CHART_OVERRIDE_PATH }}
overrides: |
replicas:2
helm-version: "latest"
id: bake
# Deploys application based on manifest files from previous step
- name: Deploy application
uses: Azure/k8s-deploy@v4
with:
action: deploy
manifests: ${{ steps.bake.outputs.manifestsBundle }}
images: |
${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }}
@@ -1,14 +1,16 @@
# This workflow will build and push an application to a Azure Kubernetes Service (AKS) cluster when you push your code
#
# This workflow assumes you have already created the target AKS cluster and have created an Azure Container Registry (ACR)
# The ACR should be attached to the AKS cluster
# For instructions see:
# - https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal
# - https://docs.microsoft.com/en-us/azure/container-registry/container-registry-get-started-portal
# - https://learn.microsoft.com/en-us/azure/aks/cluster-container-registry-integration?tabs=azure-cli#configure-acr-integration-for-existing-aks-clusters
# - https://github.com/Azure/aks-create-action
#
# To configure this workflow:
#
# 1. Set the following secrets in your repository (instructions for getting these
# 1. Set the following secrets in your repository (instructions for getting these
# https://docs.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-cli%2Clinux):
# - AZURE_CLIENT_ID
# - AZURE_TENANT_ID
@@ -33,8 +35,7 @@ name: Build and deploy an app to AKS with Kompose
on:
push:
branches:
- $default-branch
branches: [$default-branch]
workflow_dispatch:
env:
@@ -42,7 +43,6 @@ env:
CONTAINER_NAME: "your-container-name"
RESOURCE_GROUP: "your-resource-group"
CLUSTER_NAME: "your-cluster-name"
IMAGE_PULL_SECRET_NAME: "your-image-pull-secret-name"
DOCKER_COMPOSE_FILE_PATH: "your-docker-compose-file-path"
jobs:
@@ -52,106 +52,62 @@ jobs:
id-token: write
runs-on: ubuntu-latest
steps:
# Checks out the repository this file is in
- uses: actions/checkout@v3
# Logs in with your Azure credentials
- name: Azure login
uses: azure/login@v1.4.3
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# Builds and pushes an image up to your Azure Container Registry
- name: Build and push image to ACR
run: |
az acr build --image ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} .
createSecret:
permissions:
contents: read
id-token: write
runs-on: ubuntu-latest
steps:
# Logs in with your Azure credentials
- name: Azure login
uses: azure/login@v1.4.3
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
- name: Get K8s context
uses: azure/aks-set-context@v2.0
with:
resource-group: ${{ env.RESOURCE_GROUP }}
cluster-name: ${{ env.CLUSTER_NAME }}
# Checks out the repository this file is in
- uses: actions/checkout@v3
# Retrieves the credentials for pulling images from your Azure Container Registry
- name: Get ACR credentials
run: |
az acr update -n ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} --admin-enabled true
ACR_USERNAME=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query username -o tsv)
ACR_PASSWORD=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query passwords[0].value -o tsv)
echo "::add-mask::${ACR_USERNAME}"
echo "::set-output name=username::${ACR_USERNAME}"
echo "::add-mask::${ACR_PASSWORD}"
echo "::set-output name=password::${ACR_PASSWORD}"
id: get-acr-creds
# Logs in with your Azure credentials
- name: Azure login
uses: azure/login@v1.4.6
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# Builds and pushes an image up to your Azure Container Registry
- name: Build and push image to ACR
run: |
az acr build --image ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} .
# Creates a kubernetes secret on your Azure Kubernetes Service cluster that matches up to the credentials from the last step
- name: Create K8s secret for pulling image from ACR
uses: Azure/k8s-create-secret@v1.1
with:
container-registry-url: ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io
container-registry-username: ${{ steps.get-acr-creds.outputs.username }}
container-registry-password: ${{ steps.get-acr-creds.outputs.password }}
secret-name: ${{ env.IMAGE_PULL_SECRET_NAME }}
deploy:
permissions:
actions: read
contents: read
id-token: write
runs-on: ubuntu-latest
needs: [buildImage, createSecret]
needs: [buildImage]
steps:
# Checks out the repository this file is in
- uses: actions/checkout@v3
# Logs in with your Azure credentials
- name: Azure login
uses: azure/login@v1.4.3
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# Checks out the repository this file is in
- uses: actions/checkout@v3
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
- name: Get K8s context
uses: azure/aks-set-context@v2.0
with:
resource-group: ${{ env.RESOURCE_GROUP }}
cluster-name: ${{ env.CLUSTER_NAME }}
# Logs in with your Azure credentials
- name: Azure login
uses: azure/login@v1.4.6
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# Runs Kompose to create manifest files
- name: Bake deployment
uses: azure/k8s-bake@v2.1
with:
renderEngine: 'kompose'
dockerComposeFile: ${{ env.DOCKER_COMPOSE_FILE_PATH }}
kompose-version: 'latest'
id: bake
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
- name: Get K8s context
uses: azure/aks-set-context@v3
with:
resource-group: ${{ env.RESOURCE_GROUP }}
cluster-name: ${{ env.CLUSTER_NAME }}
# Deploys application based on manifest files from previous step
- name: Deploy application
uses: Azure/k8s-deploy@v3.1
with:
action: deploy
manifests: ${{ steps.bake.outputs.manifestsBundle }}
images: |
${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }}
imagepullsecrets: |
${{ env.IMAGE_PULL_SECRET_NAME }}
# Runs Kompose to create manifest files
- name: Bake deployment
uses: azure/k8s-bake@v2
with:
renderEngine: "kompose"
dockerComposeFile: ${{ env.DOCKER_COMPOSE_FILE_PATH }}
kompose-version: "latest"
id: bake
# Deploys application based on manifest files from previous step
- name: Deploy application
uses: Azure/k8s-deploy@v4
with:
action: deploy
manifests: ${{ steps.bake.outputs.manifestsBundle }}
images: |
${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }}
@@ -1,14 +1,16 @@
# This workflow will build and push an application to a Azure Kubernetes Service (AKS) cluster when you push your code
#
# This workflow assumes you have already created the target AKS cluster and have created an Azure Container Registry (ACR)
# The ACR should be attached to the AKS cluster
# For instructions see:
# - https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal
# - https://docs.microsoft.com/en-us/azure/container-registry/container-registry-get-started-portal
# - https://learn.microsoft.com/en-us/azure/aks/cluster-container-registry-integration?tabs=azure-cli#configure-acr-integration-for-existing-aks-clusters
# - https://github.com/Azure/aks-create-action
#
# To configure this workflow:
#
# 1. Set the following secrets in your repository (instructions for getting these
# 1. Set the following secrets in your repository (instructions for getting these
# https://docs.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-cli%2Clinux):
# - AZURE_CLIENT_ID
# - AZURE_TENANT_ID
@@ -33,8 +35,7 @@ name: Build and deploy an app to AKS with Kustomize
on:
push:
branches:
- $default-branch
branches: [$default-branch]
workflow_dispatch:
env:
@@ -42,7 +43,6 @@ env:
CONTAINER_NAME: "your-container-name"
RESOURCE_GROUP: "your-resource-group"
CLUSTER_NAME: "your-cluster-name"
IMAGE_PULL_SECRET_NAME: "your-image-pull-secret-name"
KUSTOMIZE_PATH: "your-kustomize-path"
jobs:
@@ -52,106 +52,62 @@ jobs:
id-token: write
runs-on: ubuntu-latest
steps:
# Checks out the repository this file is in
- uses: actions/checkout@v3
# Checks out the repository this file is in
- uses: actions/checkout@v3
# Logs in with your Azure credentials
- name: Azure login
uses: azure/login@v1.4.3
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# Builds and pushes an image up to your Azure Container Registry
- name: Build and push image to ACR
run: |
az acr build --image ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} .
createSecret:
permissions:
contents: read
id-token: write
runs-on: ubuntu-latest
steps:
# Logs in with your Azure credentials
- name: Azure login
uses: azure/login@v1.4.3
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# Logs in with your Azure credentials
- name: Azure login
uses: azure/login@v1.4.6
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
- name: Get K8s context
uses: azure/aks-set-context@v2.0
with:
resource-group: ${{ env.RESOURCE_GROUP }}
cluster-name: ${{ env.CLUSTER_NAME }}
# Builds and pushes an image up to your Azure Container Registry
- name: Build and push image to ACR
run: |
az acr build --image ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} .
# Retrieves the credentials for pulling images from your Azure Container Registry
- name: Get ACR credentials
run: |
az acr update -n ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} --admin-enabled true
ACR_USERNAME=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query username -o tsv)
ACR_PASSWORD=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query passwords[0].value -o tsv)
echo "::add-mask::${ACR_USERNAME}"
echo "::set-output name=username::${ACR_USERNAME}"
echo "::add-mask::${ACR_PASSWORD}"
echo "::set-output name=password::${ACR_PASSWORD}"
id: get-acr-creds
# Creates a kubernetes secret on your Azure Kubernetes Service cluster that matches up to the credentials from the last step
- name: Create K8s secret for pulling image from ACR
uses: Azure/k8s-create-secret@v1.1
with:
container-registry-url: ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io
container-registry-username: ${{ steps.get-acr-creds.outputs.username }}
container-registry-password: ${{ steps.get-acr-creds.outputs.password }}
secret-name: ${{ env.IMAGE_PULL_SECRET_NAME }}
deploy:
permissions:
actions: read
contents: read
id-token: write
runs-on: ubuntu-latest
needs: [buildImage, createSecret]
needs: [buildImage]
steps:
# Checks out the repository this file is in
- uses: actions/checkout@v3
# Checks out the repository this file is in
- uses: actions/checkout@v3
# Logs in with your Azure credentials
- name: Azure login
uses: azure/login@v1.4.3
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# Logs in with your Azure credentials
- name: Azure login
uses: azure/login@v1.4.6
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
- name: Get K8s context
uses: azure/aks-set-context@v2.0
with:
resource-group: ${{ env.RESOURCE_GROUP }}
cluster-name: ${{ env.CLUSTER_NAME }}
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
- name: Get K8s context
uses: azure/aks-set-context@v3
with:
resource-group: ${{ env.RESOURCE_GROUP }}
cluster-name: ${{ env.CLUSTER_NAME }}
# Runs Kustomize to create manifest files
- name: Bake deployment
uses: azure/k8s-bake@v2.1
with:
renderEngine: 'kustomize'
kustomizationPath: ${{ env.KUSTOMIZE_PATH }}
kubectl-version: latest
id: bake
# Runs Kustomize to create manifest files
- name: Bake deployment
uses: azure/k8s-bake@v2
with:
renderEngine: "kustomize"
kustomizationPath: ${{ env.KUSTOMIZE_PATH }}
kubectl-version: latest
id: bake
# Deploys application based on manifest files from previous step
- name: Deploy application
uses: Azure/k8s-deploy@v3.1
with:
action: deploy
manifests: ${{ steps.bake.outputs.manifestsBundle }}
images: |
${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }}
imagepullsecrets: |
${{ env.IMAGE_PULL_SECRET_NAME }}
# Deploys application based on manifest files from previous step
- name: Deploy application
uses: Azure/k8s-deploy@v4
with:
action: deploy
manifests: ${{ steps.bake.outputs.manifestsBundle }}
images: |
${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }}
+43 -87
View File
@@ -1,9 +1,11 @@
# This workflow will build and push an application to a Azure Kubernetes Service (AKS) cluster when you push your code
#
# This workflow assumes you have already created the target AKS cluster and have created an Azure Container Registry (ACR)
# The ACR should be attached to the AKS cluster
# For instructions see:
# - https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal
# - https://docs.microsoft.com/en-us/azure/container-registry/container-registry-get-started-portal
# - https://learn.microsoft.com/en-us/azure/aks/cluster-container-registry-integration?tabs=azure-cli#configure-acr-integration-for-existing-aks-clusters
# - https://github.com/Azure/aks-create-action
#
# To configure this workflow:
@@ -29,8 +31,7 @@ name: Build and deploy an app to AKS
on:
push:
branches:
- $default-branch
branches: [$default-branch]
workflow_dispatch:
env:
@@ -38,8 +39,7 @@ env:
CONTAINER_NAME: "your-container-name"
RESOURCE_GROUP: "your-resource-group"
CLUSTER_NAME: "your-cluster-name"
IMAGE_PULL_SECRET_NAME: "your-image-pull-secret-name"
DEPLOYMENT_MANIFEST_PATH: 'your-deployment-manifest-path'
DEPLOYMENT_MANIFEST_PATH: "your-deployment-manifest-path"
jobs:
buildImage:
@@ -48,63 +48,21 @@ jobs:
id-token: write
runs-on: ubuntu-latest
steps:
# Checks out the repository this file is in
- uses: actions/checkout@v3
# Logs in with your Azure credentials
- name: Azure login
uses: azure/login@v1.4.3
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# Builds and pushes an image up to your Azure Container Registry
- name: Build and push image to ACR
run: |
az acr build --image ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} .
# Checks out the repository this file is in
- uses: actions/checkout@v3
createSecret:
permissions:
contents: read
id-token: write
runs-on: ubuntu-latest
steps:
# Logs in with your Azure credentials
- name: Azure login
uses: azure/login@v1.4.3
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
- name: Get K8s context
uses: azure/aks-set-context@v2.0
with:
resource-group: ${{ env.RESOURCE_GROUP }}
cluster-name: ${{ env.CLUSTER_NAME }}
# Logs in with your Azure credentials
- name: Azure login
uses: azure/login@v1.4.6
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# Retrieves the credentials for pulling images from your Azure Container Registry
- name: Get ACR credentials
run: |
az acr update -n ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} --admin-enabled true
ACR_USERNAME=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query username -o tsv)
ACR_PASSWORD=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query passwords[0].value -o tsv)
echo "::add-mask::${ACR_USERNAME}"
echo "::set-output name=username::${ACR_USERNAME}"
echo "::add-mask::${ACR_PASSWORD}"
echo "::set-output name=password::${ACR_PASSWORD}"
id: get-acr-creds
# Creates a kubernetes secret on your Azure Kubernetes Service cluster that matches up to the credentials from the last step
- name: Create K8s secret for pulling image from ACR
uses: Azure/k8s-create-secret@v1.1
with:
container-registry-url: ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io
container-registry-username: ${{ steps.get-acr-creds.outputs.username }}
container-registry-password: ${{ steps.get-acr-creds.outputs.password }}
secret-name: ${{ env.IMAGE_PULL_SECRET_NAME }}
# Builds and pushes an image up to your Azure Container Registry
- name: Build and push image to ACR
run: |
az acr build --image ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} .
deploy:
permissions:
@@ -112,33 +70,31 @@ jobs:
contents: read
id-token: write
runs-on: ubuntu-latest
needs: [buildImage, createSecret]
needs: [buildImage]
steps:
# Checks out the repository this file is in
- uses: actions/checkout@v3
# Logs in with your Azure credentials
- name: Azure login
uses: azure/login@v1.4.3
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
- name: Get K8s context
uses: azure/aks-set-context@v2.0
with:
resource-group: ${{ env.RESOURCE_GROUP }}
cluster-name: ${{ env.CLUSTER_NAME }}
# Checks out the repository this file is in
- uses: actions/checkout@v3
# Deploys application based on given manifest file
- name: Deploys application
uses: Azure/k8s-deploy@v3.1
with:
action: deploy
manifests: ${{ env.DEPLOYMENT_MANIFEST_PATH }}
images: |
${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }}
imagepullsecrets: |
${{ env.IMAGE_PULL_SECRET_NAME }}
# Logs in with your Azure credentials
- name: Azure login
uses: azure/login@v1.4.6
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
- name: Get K8s context
uses: azure/aks-set-context@v3
with:
resource-group: ${{ env.RESOURCE_GROUP }}
cluster-name: ${{ env.CLUSTER_NAME }}
# Deploys application based on given manifest file
- name: Deploys application
uses: Azure/k8s-deploy@v4
with:
action: deploy
manifests: ${{ env.DEPLOYMENT_MANIFEST_PATH }}
images: |
${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }}
+2 -4
View File
@@ -14,12 +14,10 @@ name: Deploy web app to Azure Static Web Apps
on:
push:
branches:
- $default-branch
branches: [ $default-branch ]
pull_request:
types: [opened, synchronize, reopened, closed]
branches:
- $default-branch
branches: [ $default-branch ]
# Environment variables available to all jobs and steps in this workflow
env:
+1 -2
View File
@@ -26,8 +26,7 @@ env:
on:
push:
branches:
- $default-branch
branches: [ $default-branch ]
workflow_dispatch:
permissions:
+1 -2
View File
@@ -26,8 +26,7 @@ env:
on:
push:
branches:
- $default-branch
branches: [ $default-branch ]
workflow_dispatch:
permissions:
+1 -2
View File
@@ -19,8 +19,7 @@
on:
push:
branches:
- $default-branch
branches: [ $default-branch ]
workflow_dispatch:
env:
+1 -2
View File
@@ -21,8 +21,7 @@ name: Build and deploy PHP app to Azure Web App
on:
push:
branches:
- $default-branch
branches: [ $default-branch ]
workflow_dispatch:
env:
+1 -2
View File
@@ -25,8 +25,7 @@ env:
on:
push:
branches:
- $default-branch
branches: [ $default-branch ]
workflow_dispatch:
permissions:
+1 -2
View File
@@ -46,8 +46,7 @@ name: Build and Deploy to Cloud Run
on:
push:
branches:
- $default-branch
branches: [ $default-branch ]
env:
PROJECT_ID: YOUR_PROJECT_ID # TODO: update Google Cloud project id
+1 -2
View File
@@ -48,8 +48,7 @@ name: Deploy to Cloud Run from Source
on:
push:
branches:
- $default-branch
branches: [ $default-branch ]
env:
PROJECT_ID: YOUR_PROJECT_ID # TODO: update Google Cloud project id
+1 -2
View File
@@ -14,8 +14,7 @@ name: Build and Deploy to GKE
on:
push:
branches:
- $default-branch
branches: [ $default-branch ]
env:
PROJECT_ID: ${{ secrets.GKE_PROJECT }}
+1 -2
View File
@@ -10,8 +10,7 @@ name: Build and Deploy to IKS
on:
push:
branches:
- $default-branch
branches: [ $default-branch ]
# Environment variables available to all jobs and steps in this workflow
env:
+1 -2
View File
@@ -17,8 +17,7 @@ name: Tencent Kubernetes Engine
on:
push:
branches:
- $default-branch
branches: [ $default-branch ]
# Environment variables available to all jobs and steps in this workflow
env:
+1 -2
View File
@@ -46,8 +46,7 @@ name: 'Terraform'
on:
push:
branches:
- $default-branch
branches: [ $default-branch ]
pull_request:
permissions:
+20
View File
@@ -0,0 +1,20 @@
<svg width="124" height="124" viewBox="0 0 124 124" fill="none" xmlns="http://www.w3.org/2000/svg">
<g clip-path="url(#clip0_1_5)">
<path fill-rule="evenodd" clip-rule="evenodd" d="M78.9569 9.16863C79.8984 10.3374 80.3785 11.9147 81.3388 15.0692L102.316 83.981C94.5604 79.9575 86.1289 77.0556 77.2366 75.49L63.5781 29.3336C63.3546 28.5783 62.6609 28.0602 61.8734 28.0602C61.0838 28.0602 60.3888 28.581 60.1671 29.3389L46.6739 75.4667C37.7405 77.0253 29.2704 79.9324 21.4812 83.9706L42.5617 15.0532H42.5618C43.5251 11.9042 44.0066 10.3297 44.9483 9.16295C45.7794 8.13296 46.8607 7.33303 48.0887 6.83939C49.4799 6.28025 51.1264 6.28025 54.4194 6.28025H69.4762C72.7737 6.28025 74.4223 6.28025 75.8147 6.84057C77.0439 7.33522 78.1257 8.13675 78.9569 9.16863Z" fill="url(#paint0_linear_1_5)"/>
<path fill-rule="evenodd" clip-rule="evenodd" d="M81.4671 87.2605C78.0089 90.2177 71.1064 92.2344 63.1556 92.2344C53.3972 92.2344 45.2181 89.1964 43.0477 85.1106C42.2718 87.4522 42.0978 90.1321 42.0978 91.8441C42.0978 91.8441 41.5866 100.25 47.4335 106.097C47.4335 103.061 49.8947 100.601 52.9307 100.601C58.1344 100.601 58.1285 105.14 58.1237 108.824C58.1236 108.934 58.1235 109.043 58.1235 109.152C58.1235 114.743 61.5403 119.535 66.3997 121.556C65.6739 120.063 65.2667 118.386 65.2667 116.615C65.2667 111.283 68.397 109.297 72.0351 106.99C74.9298 105.154 78.146 103.115 80.3625 99.0227C81.519 96.8876 82.1757 94.4428 82.1757 91.8441C82.1757 90.2461 81.9274 88.7061 81.4671 87.2605Z" fill="#FF5D01"/>
<path fill-rule="evenodd" clip-rule="evenodd" d="M81.4671 87.2605C78.0089 90.2177 71.1064 92.2344 63.1556 92.2344C53.3972 92.2344 45.2181 89.1964 43.0477 85.1106C42.2718 87.4522 42.0978 90.1321 42.0978 91.8441C42.0978 91.8441 41.5866 100.25 47.4335 106.097C47.4335 103.061 49.8947 100.601 52.9307 100.601C58.1344 100.601 58.1285 105.14 58.1237 108.824C58.1236 108.934 58.1235 109.043 58.1235 109.152C58.1235 114.743 61.5403 119.535 66.3997 121.556C65.6739 120.063 65.2667 118.386 65.2667 116.615C65.2667 111.283 68.397 109.297 72.0351 106.99C74.9298 105.154 78.146 103.115 80.3625 99.0227C81.519 96.8876 82.1757 94.4428 82.1757 91.8441C82.1757 90.2461 81.9274 88.7061 81.4671 87.2605Z" fill="url(#paint1_linear_1_5)"/>
</g>
<defs>
<linearGradient id="paint0_linear_1_5" x1="85.5403" y1="2.62659" x2="61.8988" y2="83.9811" gradientUnits="userSpaceOnUse">
<stop stop-color="#000014"/>
<stop offset="1" stop-color="#150426"/>
</linearGradient>
<linearGradient id="paint1_linear_1_5" x1="97.0378" y1="63.2061" x2="76.5628" y2="106.069" gradientUnits="userSpaceOnUse">
<stop stop-color="#FF1639"/>
<stop offset="1" stop-color="#FF1639" stop-opacity="0"/>
</linearGradient>
<clipPath id="clip0_1_5">
<rect width="124" height="124" fill="white"/>
</clipPath>
</defs>
</svg>

After

Width:  |  Height:  |  Size: 2.7 KiB

@@ -0,0 +1,11 @@
<?xml version="1.0" encoding="UTF-8"?>
<svg fill="none" version="1.1" viewBox="0 0 140 140" xmlns="http://www.w3.org/2000/svg">
<g transform="translate(-31)" clip-path="url(#a)">
<path d="m161.53 3.0994e-5 0.385-0.43543-7.493-6.6222-3.311 3.7465c-0.989 1.1184-1.991 2.2222-3.008 3.3111h-117.1v7.7919l-6.8799 4.2403 2.6234 4.2565c1.3735 2.2285 2.7929 4.4196 4.2565 6.5724v93.421c-0.0339 1e-3 -0.0678 1e-3 -0.1018 2e-3l-4.9989 0.102 0.2035 9.998 4.8972-0.1v13.716h140v-88.684c1.44-2.0734 2.84-4.183 4.196-6.3282 2.279-3.4292 3.971-6.3613 5.103-8.4579 0.57-1.054 0.998-1.8986 1.29-2.4912 0.146-0.2964 0.258-0.5299 0.336-0.6953 0.039-0.0827 0.069-0.1484 0.091-0.1964l0.027-0.0587 9e-3 -0.0192 3e-3 -0.0071 1e-3 -0.0029 1e-3 -0.0013c0-6e-4 0-0.0011-4.557-2.0578l4.557 2.0567 2.057-4.5575-9.115-4.1132-2.054 4.5518v1e-3l-1e-3 9e-4 -1e-3 0.0017v2e-3l-8e-3 0.0174c-0.011 0.0234-0.03 0.0642-0.057 0.1216-0.054 0.115-0.141 0.2967-0.261 0.5399-0.239 0.4866-0.611 1.2188-1.116 2.155-0.155 0.2859-0.322 0.5907-0.501 0.9131v-32.69zm0 0h-13.427c-22.046 23.618-50.591 40.246-81.991 47.779-11.875-10.541-22.305-22.871-30.851-36.737l-2.6234-4.2565-1.6331 1.0065v15.069c8.7076 12.807 18.982 24.259 30.482 34.156 16.53 14.226 35.591 25.242 56.17 32.461-17.424 11.387-36.962 19.448-57.612 23.605-9.4774 1.907-19.19 2.992-29.04 3.199v10.002l0.1018-2e-3c10.484-0.213 20.823-1.365 30.911-3.396 25.403-5.113 49.217-15.796 69.786-31.09 15.01-11.161 28.292-24.779 39.201-40.48v-18.626c-0.996 1.7908-2.38 4.127-4.163 6.808l-0.033 0.0491-0.031 0.0498c-10.512 16.639-23.759 31.015-38.962 42.68-18.881-5.709-36.555-14.758-52.18-26.662 31.982-9.1292 60.827-27.25 82.969-52.304z" clip-rule="evenodd" fill="#f03100" fill-rule="evenodd"/>
</g>
<defs>
<clipPath id="a">
<path d="m31 28c0-15.464 12.536-28 28-28h84c15.464 0 28 12.536 28 28v84c0 15.464-12.536 28-28 28h-84c-15.464 0-28-12.536-28-28z" fill="#fff"/>
</clipPath>
</defs>
</svg>

After

Width:  |  Height:  |  Size: 1.9 KiB

+679
View File
@@ -0,0 +1,679 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Created with Inkscape (http://www.inkscape.org/) -->
<svg
version="1.1"
id="svg120"
width="200"
height="200"
viewBox="0 0 200 200"
sodipodi:docname="22618716.png"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns="http://www.w3.org/2000/svg"
xmlns:svg="http://www.w3.org/2000/svg">
<defs
id="defs124" />
<sodipodi:namedview
id="namedview122"
pagecolor="#ffffff"
bordercolor="#000000"
borderopacity="0.25"
inkscape:showpageshadow="2"
inkscape:pageopacity="0.0"
inkscape:pagecheckerboard="0"
inkscape:deskcolor="#d1d1d1"
showgrid="false" />
<g
inkscape:groupmode="layer"
inkscape:label="Image"
id="g126">
<image
width="200"
height="200"
preserveAspectRatio="none"
xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAMgAAADICAYAAACtWK6eAACAAElEQVR4nOy9B5hkV3km/N5QOafO
OUxPntEEZYRAAglkYxtYwBgbY/8YY/KyNiwsyWsweFkMXhO8gAmLsclgkFBAcTRBk/NMd09P5+7K
uepW1U3/c75b1VPd090TNJKQVO/z9NNVt27dul193vN97xfO4dFAAw2siAZBGmhgFTQI0kADq6BB
kAYaWAUNgjTQwCpoEKSBBlZBgyANNLAKGgRpoIFV0CBIAw2sggZBGmhgFTQI0kADq6BBkAYaWAUN
gjTQwCpoEKSBBlaB+FzfQAO/nbBZLFaLWewC4GTPvS5nN4BA3SmJdC5/LleQTqqapj93d/rMokGQ
FynMJtHidTl32K2WdV6Xs8vlsK912Kx9a4aG1rV1dJocTiesVhta2tohiAI8Xh/sDid4nkO5VEI6
lUS5VMbczDTSmczUU/v3P3L02Il9yUzmsXSucP65/vuuFbjn+gYaeObB8zyCXvdNPpdji9fleknA
676pp7e3Y836DWhuacXA2nXo7R8EI8XTgaIoOHHkEPY9+UTql7/81X3jU9MPRBLp+6VyOX3N/phn
GQ2CvEDR5Pdu9bqcL2sPBe7wul13bty6lWckWL95CzZsuQ6i+Mw7D8cPH8S+XY/jySce23vs9Mgv
osnUf6ZzhXPP+AdfQzQI8gKBwPNCW1Pw7raQ/9VNfu/rOrt7/Fu378TmbTuwedt2cNyFf7WmaohF
oygUC0gmEnTMYraA43l4PB5IkkS/bXY7rDYrzGbz076/4dOncHDvbux+4rHZA0eOfzuaTD0YTab3
Pu0LP8NoEOR5jraQ/5WdzU3/pa0p8MZN122zbrpuO2556cvhCwSQz+cxMXYeqVQK0XAEmUyadIXb
40ZzSwuampvhD/jhcrtRKBTIquSyObjdLpgtlmfsnpPxGB7/zYM4eexo/L77H/heJJH+zXw88eAz
9oFPAw2CPA/hstuaetpa/rynvfldW7btaNp548249eV3wu5wQK5UcOLYMezf+xTC8/N0fv/gIG66
9RYMrBlcuAazEkybzE5PY3Z6Bvl8DsFQE9ZtWA+ny/Ws/S0lScKRA09h/57dmfvuv//fR8cnHogl
0vcqmvas3cNqaBDkeYSAx711TU/H+zesHXrzbXfciTtf/Rr4/H56Tdd1HD54EE8+9gRSySQd27hl
M1768pch1NS0cI3JiQmcPnEK87OzRKBgUwibt27F5uu2wm63X/a9sM+rd9uuFUbPnsGBfXuyDzzw
wA927dl7XzSZuldVn7socoMgzwN4XY71mwZ7//aOO+58zat+77WkKepx9vRpPPzAQ6QrGIbWr8Mr
7rqLBn8NJ44dx74nd2N2Zga9/X0o5PMIhEJkWdra21cU7eVyGYV8AaWShGgkQucxN63eGl1raJoK
TVVQLsvY9fBD4c989nN/fubc2KF8oZh8xj50BTQI8lsMs0l0bBzo/fQfvfnNf/UHb3ozWts7Fr0+
cX4cD91/P7lIbrebLMb2669HIGjk8zRNw7HDR3D4wEF6zWQy4fy5MThdTiTiceSyWbz6Nb+Lrp6e
RdfNZrN45MGHIMsy+vr70NTcQrmQQDAIyzXWJrqmQVMZIWSIFhsqpQJUuQKLzYmKVIBotqBYqmj3
/eKn8x/9xKfuURXFHE2mj17Tm1gFDYL8lqI16L/xrW9+4/f/4j3v71hKjFMnTuKp3Xvg8XlJX/QN
9CObzmD/3r2YnpomgrCZngntvv5+dPV0QypKdD50HXOzc+Qe9Q8OkA6pB7MYD9x7H2657SVEiFKp
hPDcPB2Px6KYnZ5FKpWEqqjkkjFrxa7f3tHxtP5eZjGK2SQ0RYbF7oKUT4PnBQgmMwTRDKvTg3/+
0hd/sO/JXfM/uff+v3laH3YFaBDktwwCzws3b9v8t3/76c/89Y0veemi106dOIFdjz6O9Zs2kmvE
LML83Bwevv9BRKMRXLdjB0WnPF4POHBIp1IIz4dx+uQJ3HjrLVBkGflcHv5AAP1rBmn29vp8iz6j
Ui6vGMFiVufH//4D+szlsP36nUQsdv3LgarIkMsSdFUha2e2OYgQ6fAkkYQNz4qUAy+IcAVasW/3
rtJ3vv2d7333P370V5f9hT5NNAjyWwSPy9H9mlfe8YNPf/6L20LNzQvHJUnCz3/0Y5rtX/Pa18Jm
t9GM/tB992Nk+CxlwE2iiUji9XrhDwQpqz05Pk4Dj7ldfQN9EE0mJGJxjI2eI/Lc9JJbYbPZyG1i
pKLHVuuq98gI9K2vfwPzs3Po7unB9TffBJfLhZbWFoyfH0dPX+9VuWFM9EvZBMrFHOzuADKxGbiD
7fTc5vRCkcsw2V34ly99If2zX/zq7546cuz/PBs1YA2C/JagryP0e2987eu+86FPftpeG6TTU1PI
ZbJ4+KGHcNvLbseW665bOL9SqSybwGMDbc+uJzE1MYmh9WuxectWiCYRqqri6KHDSKfTGD59GtFI
FE3NTTTbUx4kX8Dg0Bp4vF6qtzKbLWjraKdrMrLFIlEUCnmyHrlsDtt37kRza8s1/x6YHklMjwAc
R25XqGcdlLIE0WzFk0/uPvHqe35nx7NZHNkgyHMMgeexdW3/59/ylre89x3v++BC6HTf7j34zf0P
UMTpNa97Lc3SyyGXzZDYbuvoJGuRSiZJO9QjmUzi+OEj2P3ELnT39uDcyOiK9+N0ubB+4wa0trWR
mO/p6yNXroZ8LoeR4WFE5sNEHKZDmLZhvweHhhade7VQKmXEp4fB8yL8HQMIZ4B8yciLSEUpdv+v
fvivv/z5D3965OC+I0/7wy6BBkGeQ9gsZv+ODWt++Cd/+rbb3vL//eXC8dHhEfzyZz/DXfe8Ghs2
bVr2velUEvf+9Mc0oH/vDX+4cDwRi0HXNQSCISodmZqcRD6bI0uRz+fwyIO/oYhUU50LJwgCOro6
0T8wAFE0wWwxX5TjYC5dMpEg8c+udezIEQiCSAOIETLUFMLB/QdgsVqwcdOmS7pql0IuPg/BbEFB
dyGRU5c95/CBvfd+9K//8m3huZlnrBiyQZDnCF6nY+DmrRt+/Wd/+a7ue177+oXjsWiUQrE7b7yB
NEelUiZ3p4ZoeB6/+umPMHL6FN75wQ+hu7eP3Krjhw+iUq5g7cZN5DIlE0mcOXWKLMr42Hkc3L+f
chd333MPWZp4LEalKHOzs8hmMujt68O6DRvQ1NJM2gJV12q5/MhTe/aSO1YT44V8HuPnzxOZr1Xy
sJhNgrN4MBmTVz3v+9/52u7//fcfu0fTtOI1+eAlaBDkOUDA47r55q0b7n3He/+r445X3UPH2KBl
hGBagc3oyXicSjB23Hgz3F4vjux/Co89dD8O7ttDFuMNf/ynNBjHz40aA3xwDQ7sewqjw8N0DUVW
0NreRsJ7dmaG6rGOHT6MRDyxcB9GqHeQPpd9Xiabxdp1a9Hc2krWZGkWHnUZdPabXbejs5NCvmdG
zmFqehaFYhH9vd3kag309cBmuzpLIuVSiBTtKMmry42f/vA7+MaX/1cmm83+j0Kh8C9X9WGroEGQ
Zxk9bc2/e93a/h/95Qf+hr/tjlfQsbOnTmDtBsOVqpTL+PkP/x3HDh3AJz73BRx6ai+++/WvIpNK
oXdgEH/x3v8Kq82OMyePwe3xwmSxYXpyighw512vpDAvw9TEBE6fPEVkqYFZje99+ztUnnLTrbdQ
7qJ/cIAEdw3MqjAi2Wx2bN66hSJfWFJawsj8yIMPYcdNN2HP7sex68ldsJmN11RVQypbwnQkB1nW
8a53vBWveuXLr/h7SkZmEZUvHS5+4tH78blP/TU9VhTlVCqV+jNZlq+ZNmkQ5FlET1vzW69bN/j1
937oo7jx1tvoGCOCzW7HmnUbcP7cCL7093+HWCSMz3zpK/jlT36IvU88Bn8wiI1brkNzaxueePgh
XLfzBvzhn/45xs6do7AuE9NsQE9PT+P4kaMYHRnB/r37FkrZGbbt2IFtO3cgGApSqYjH6yHXLRGP
Ix6PU9Eic5WYdmCWY9OWLfQ+Juinp6Zw8623oFiUqBjyV7/4BaxONx55cg+KxSKy+QoU1RDRjEOt
ISeGevwolRXsPzGPT3zkg7h+x9Yr+q7C46eRNvVddDyTTkGWKwiGDA01OnwK73/HmxadUygU/lc2
m/2EruvKVfybFqFBkGcJPW3Nf7R9/ZpvfeCjn8D2G26iYyeOHsZ9P/sxPvSpz5CG+NwnPkozNSNA
NpPG2MgwncdmcYvZQqUff/z2v8Ttr7wbB/fuIddocN06lKQyDWJGmJqL1drWRu6P2WyGpuuUJMxm
s0aFr65janKK3pNJpxdEen3YWNd0TIyP48ZbbsFHP/UJev9Te/fi7KkzkDkBh0+NYm4+QtYkm4wC
VD+lkmbiRBP8oVZ0tvmxeSiE/aeS+NI/fArNdbVhq0HXNETOn4AkhqCDh8aJUHkrhs+exfve/iYi
yE8e2AeP178sQWBYk9FMJvMn5XL50NP5vzV60p8FdDYHb9+5ce23PvixT2HLdsOd+eWPf4Affe87
+IevfAOPPvhrfP2f/nHh/OHTJ1EsFMilCTW3UBl6ZH4O97zu9dTT8Xf//b/hL97339Da3k4D9PDB
RzBy9ixuuvVWvOktf7RwnUImitnJEUxPTmLXo7sxPTEGiwnIS4ZfH/L6sKa/A7KsQVFVJOOzSKUl
dHZ1oX9oPf7wrX+M226/nXIkTPD7fH5Ec2WMjE8iFjOsUzYVg92yWGcwkoenRqHIPbBbTWj1m/C2
v/wgbrlpJz78gXdCuEQ3o1Ip0W+rEkfe3EkE4XQN58+dhd1uRiZTgc3moHMy6eXrF0VRHAwEAnsL
hcJns9nsx9k9XQ0aBHmG4XE51t103aZf/PXH/yc2br2OZtmvfOEfsOfxR/Gn73w3Hn3gPnKl6sHI
wazDmnXrye05e/okHf/xv/0/9PT14z1/8xHMTE1BKpUwNjKKDZs3we/zIDwzid2PPoiJc6OYmZqE
08ahJSjA7+bRZAMcPSJmoyo63Tz8Hh5mUwHJbA6JhIpcUYffwyHUZUGuEEZyIolxnwvbtm2B0+0j
/ZNIpbF7/+FF95pORKE4nHA63VAUGZlMCiaTGSaTBVPjp2FzOHHbjg6cOZ/Art1P4Y/e8Pvo6e5c
9Tubm56ChXwbDmY1C5m3QxFceNkr7sH87CTau/oWymEe+vXPF4IGy8HhcHxYFMVb0un061VVTV3p
/6/hYj2DMJtM9rtu2Xn4k5/7fJ/PH6ASkC98+pM4ceQwBteup5KMk8eW15NNLa0o5HNEkBqYqzWw
Zi1aOzpx9++9FqePHcWxwwdw9MBTy16D6QFRAFwOHt0tAtpCAngeRJLhSQUFSadjPW0CTCKH46My
zCLo2LkZBQMdIiJpEX/xnnch0LUTb/2LD1Dotx5njz+FSlla8TsY2nQDbtjajaNno+hob8U3vvy/
Vv3OmEV8/5teh4985pP0XOYdxo/ggs5dmM/TqSS+8sW/w+lTJ5CKh1e9JgyXazKZTN7Jfl/y5DoI
V3JyA1eGl+7Y8o3P/uP/uU2SipQx/+wnPrKgK0pSEbPTUyu+t1Iuk5bQ6jrr2OOX3fVqynV888tf
xN5djyEyN0eJwRpMZjN0TUVLkEdns0AWhM2CZyYUpLIakx/oaBLQ1y4SeSbmVUyFVZRlHTvWmSGV
dIQTGratNWNyXkFbANi9ay+8lhi6Bm/A8VPDi+4zn03D5/XD6w3Cbncgn8+C43hYLFaoqkJahFmU
fFHGhz/4brS2NK34N589dhT/4x1/hpMHD2Dzju3Uz8I0CNMfHHRonAnxWAQ/+v43KXKVzeWw7eY7
MT58/KJrma02qHVk5nnea7PZXlsul3+hadplJxYbFuQZwtb1a9763e99/+tskPzfL32Boi9SsQiH
00UDmrlRK8HldqOtowtjo8MkjmtgLprd4cT+3bvIBWtqbqECRaZRjHqqPKKRMDhdxbZ1JrQGjRmX
kSKSUDETVZAv6vC5eSJO0MMTMQ6eriCd02E2ATs3mFEq6xibVrBjgxmxlEE+RQV2bB/C48N2HD41
sXBPmVQcWlmCw+EiNyebTcFqtaNUKiIWD2P91psXzv3ql/4evUvcq3KphCcfvB8//+63cWz/voXj
N91+Gz7w8Y/S41SJxy8e2otDB/YSSVxePwY3bIPL7cO3v/Rxuod69K7ZRE1XsfAMivnsotc0TZuK
xWIvVVV19nL+jw2CPANoCgbWPnj/rw/a7HbzZz/+EWpmYtaC+fGCIGBqfBzMqoBqn9xUnetye0g3
2Gx2ejw7PXmRX202m6lIsQaP14e+wTXk9jC/nRcEcstq5HPaObQ3CXDZeXhdHOxWHsWShkNnKkQa
r4tHk4+RRcTwpIzhCYVIsr7PRLrl6EgFa7pMsFk4FMs6LFYR7a1NuO+wivFwGTwHaDowc/4svB7f
Qsa/UMhhbm4S3YMb4XR5F+5340A3Pv/5T2N+egr7H38U+x59BHt+8+CK+uEfv/0NtHd14uzoGP78
PR+iY62d/bj91W+AVMzjF9/754ve6/YFcesr/gCT506jkMtgYvTkRddVVfVINBp9qa7rpUv9LxsE
ucYQBN72yEMP7eehDX37a1+m2X3kzCkMrd+IfC67yK1qbe+g3EYsEl44brXaqL11JVhtNnJlGMG6
evqYfSBCFYtFTIyNEjkEHgj5eCKA28HTf1lRdXYqnHYeDhuH6YhKLlTIy9MxpjsKkoajIzKZnHW9
ZjT5eZw8J7O3YajbBF4AzCIHWeXwy2MOBD0OFEoqwikJkdkJlKUCkdVssaKprQcWq43uWc0lIYcn
sG6wD9Pnx5BNX55W3nr9Dnzks5/GQ489iU9+9ouLXuseWI81G3fgoZ9/d+FYU1sXbrnzDyAVc3j4
P7+PW+78PTx23w+WvbYkST9MpVJvudQ9NAhyjfGlf/zCt/RS/o+efOQ3GNqwCWdPHqekFjP58ViU
EnGaqtJAcnu9VBLCZv1LgWmLrp5ecq0mx8+TPmnr6CThz9y3qfHzFM2pZc756n/W5eDgsPGwWQBV
A6SyTgQJuAWyJmfGFbICQS+PrUMmEutzMRXDYwUizo5NTmTyGhGls0VAb7sIgecQz/O495gdOjh6
ruk6lhoCXS5DSUehZuLQ8mnKlVwJ2OU+9r8/p3/mn/+Vm569uElLNJmp6YpZZUE0IdDUBofLi/DM
OHyBZmzYfgt+/aNvrHj9dDr9lmKx+MPV7qFBkGuIG7ZteP2G/oHvpxJxGry5XBb5bJYGcSIeIxeo
t38QUrEAu9OJmckJWvbmUmBWY+2GTVQ4yHz2UqlE5Kr1czPrYbFacH50hCyI1wVsWWMG0/fFapk4
4008o5FAL1d0iKIRGmUkmJxjQp25Vxw29IloDRnaZXIqi4mpItYPueH12XB+VoHFLKCrhQPPcQhn
BByeMEPhbLBbBIqaqZqOnKSiKFVgV1KInj0LfZUo12pI82YUxEs3X/l8fmoKe+LRR8DxIvrWbkaw
uQNPPviTFd03GHokFY1G12iallnpnEYU6xrB43J2b+rr+XVJKprYTO7xehGPRmhwe3w+cq+YSxUI
hWjGY4O5Ui7Te2sRn+XArrVu42Yq8WC6JJVMUpusyWQia8LxPIqFPFwuNxwOJ9LJJCX92KWtZg4e
J4+AR6DfHieHyXmVLAJzlRgh4mkNggAEKC/CIZFhVkUmQlktAvp7HCiVZIgCh9aQGeWKhqkYj/mc
GQ6zjmZ7ATv7KmhySgjYJfo9FJKwKSRByKUwMRFb8TtzOyyg3icOF1kfBpXjUeIvnapjLmkymcR/
/+SnKKF66uhBTI2dvuT7OI6z8TwfKJVK9650ToMg1wACz/M3b13/a6vZ1M2eO5xOqoOyWqwUkmUu
EBX78TzmZ2foR9M0IkqoqZkeO1wuWvhNKi6u2vb4/BSdmpo4T9aGuVqMNDabjRZPGBsdRqVcQiwa
obIRRZYpM16kcK1KWoMN+kRag0ngEPQKsJg4nJ9RyJXye3hYzBzcTp4iXNm8YV1iKQ3ZAqBoPI1e
j1uEKBp6pckLtHhUuKw65mMyTJwCt1OEzaSBK8rQiwp4kceRE7PIZMorfm9dLX7E0gV4nTaUKhdP
ELyuoyBc3rKnjCQnjh3Fx/7np6nX5eihQ6tajxpMJtM2SZL+30qh3wZBrgG2rR34dJPf+/pgUzMN
3loUiZGDuUXMejC3ix2XZZmKE9s7Oink29rRiUAoSMRgYn0pyiWJXDLQP9NMDVLs3KnJcRTzBXK1
PB4vif1SMQMBRYo62Sw8Ng+a0Nchoi0koqNJJCuQympEmFJZR7EEIkI4oRGR0jlDnzBBzn4zzTIf
U5HMs8c8nDbAJF5YBUVTdTgFDpzGQVV08tfNdh4wA6dORTAzmUVFXl53MOvhc9sQSxXgclhpkqgV
PCqaRi4c+yRR06AzbcVdeq8n9v0ykrz9r96Nrdt34MDePYuifiuhakV+vtxrDQ3yNNEa9N96x807
H2HaIpmIIzw3a5Shm81UhRuenaGZnT1nblJLWzsN5snzYxgYWkua4tzI8AIJUA3nWm12KlhcCkZA
RqxQczN1DaKaVBwbHSGx73NxuG6tGRVZR7agI1cwCGA2sXsV0NMmkitVQ0HSKKPOLI6s6ESiZFaj
MhV2LrMuZVlHOqsRuSqKDl2RwWkVtLc54XULtIKKUtaQL1Zw6NAsJsfTaPa7MB1ZfP8+lw2pnASz
SUB7yANZUTETzdBx9ncls0Uomo6MrCBgMcrsVXBIiFbIl+Fq1XDTrbfirz/6MepX+dD73oticeWc
UxV6OBxu0zQtsfSFhgV5GrBZLZ7feflLHl63YZOzXClT81L/miHEo1EK746NDJOgtjucCIZCpEUY
Oc4NnyHhzma3kTOnSGx7vD7KQA+t30CuVzwWXfYzLVYr2jo66P3MhWDnMTeL53iYBAVb1pggWux4
4mCBBjezIOt6TTTYA14BgmCQIy9pmJhXEE1q5FrpGuh8njdKVBixmBaRFUOfMBcs6BPQHBAQ9Ijw
OszQJQ2Voo5KWcXoaAInDkdQyFWozF0QeBRLF5KcjBBlWUG5osDvsVOEKp4pUv9IRVFhNZsglWVU
VB1mnke0VIGF52HiOVgp+qWTFdHrOhZFgYfVaobJJBLZapiZmoLb48G2nTtpUbxdjz16qX8lp+t6
qVKpPL70hQZBngZesn3rN7fv2HEDm/3Oj47CF/BTn3YymUAqaUxGzBqsY66WyUQkGD17mhY+AK1b
lURbZxfau7pJl7Dz5mamEKkuOr0UjBwtrW0UtYqG5zBxfoyOMbcrm06gs8OH7t5+HDsrQdeKVEqS
yupIZIycx8iUQhny6YiCWFKjULDdaiQQGQm8LkOPMAtjEjma1Zl2GZ1WyMKwc4lEAgeThYfJzmNs
MoG9u6eQT1dowDM3qaPJi0giRyRhItxuNcPjtJK7xUjgtFsQTeWhKIZLxaRCqlgmYpoFHomyDJHn
UFBUIoxD5FHkTahwgsHeKno6W9DRFsTb//BVWNPbjmQ6h3TWqF07cvAgrr/pJmoDPnLoEPW9rAaT
ydSZz+f/eenxhot1lehpa37ta++5+z+YddB0DefOnqFSkJNHj1K/Qg19A2tItJstFoyPnaOl/xl6
BwbJRVIUhToKmdUQRRMJ+suB1+dHW2cnuW/MtRpcMwiPS8TI6BymJsbJ1WoOCnDbecqoM+HNV6NF
zJViEy5zrZglkUo60jmNXLKVoJTLKBcK6Grm6HrzczlMTqSxdGFpl92CXLGMzmYvsoUSMvkSHDbm
8ikIeB0Ix3NUl6ZqGpr8TkSTxoCOlSo0GP0WE7lZYzmJrIxTFOi32yRAtNmREyxkRew2C/74dXdQ
u++P7t0Ft9OOV962HfFUFr940Nh2pLO7G1/48lexd9cufOFzf3/J7zQej2+pVCpn6o81LMhVwGYx
N99x884H3B6PxelyY35mGv5AiMK6+bqkHyOPaBIpiSYVJToP1aQf+6/zvECl6ZJUpIXfrDYr+fP1
BFsKRrTW9k5ys9hjRqievgESzOPjM9RbbhEV0httQYHcKqmsI57SkMnrRApGEKuFo+Rg0GsUNDIX
bKjHRBn1loBR4cuOdbeKCDgqkJIJSMkspEwFhbQMEQJFy5jbxFwds1kg68GshcthgUkUkcgUaY0t
j8MKi1lEOisttO0y0rBzcwUjymXiOMTKMoqKBpdJhE3gEZZk5BUNZVVHqqIgI5XQFPDoa9f0cH1d
rQj63PjXHz4IqVRBNl/EkVNjuGnbOrQ1BzA6MUe9+sx9vePuu/GTH/zHJf+vmqYly+XyIjerQZCr
wE1b1n3D5/Fs7ejqpn/A9OQEFQsaEaz8QniRuVeFQp5yHLFI2FiYQRCoypRnfnZ4nhKGzMq0dnTQ
tbLZzEUl5TWw6/kCQVqDyu5w0Ocwt42JdEOI6mjx5rGul6cIVCylUQk7sw5MfLscHD0enlAwMavi
3LRCzxlxMnmNiORycvA4BaiyjKnxJI4fmUV4Ig+7aIHTZqEBX6oomI9nyV0KeR1oC3nIUvR1BMlt
YpoilStisDNEmqM54EIslScytYXcMIsCLCaBvoMaQQSeI0uRk1UUFRUOUYDfKiJVVqBWs+rMWHE8
x/1/b75HWzfYxf3k10+SW1WPscl5/Jd7XoKzY9PIF0u08v0rX/1qDJ85e0k3C4BcLBb/rf5AgyBX
iI7m4O9sGOz71ND6jRTCDYfnqMCwUCgg2NRk6AtdJzIwS8DIUC6V6LnVZqMIl1QsUESL6RK3ywNv
dY8PRVHpPVKxSNanvatrIYEYbGqmBeIYCe1OBxUGMreMkYRZEUbSYj4Ou0WHzy3A7xYQ8hll7Z3N
Ij122ozwLxUflnSUZaO7MJnVyLXnOQ7T8zKefHwCZ05FMDNXwsCgHwPrA2hqtyPUZodo5XDyVARW
s0haQ9V0zMYyRA5mKafCKSJQW5NBmma/GzPRNKwWkTRId6ufXC9qcqIo2gVraRMFVFQN8bKCiqYj
K6t0rKReKOcvSmXsPnCCOzE8iXDs4igfc+UsZhO2bxogi8K+n0Q8gYE1Q7RG8WoQBKE7l8t9etGx
pz9kXjwwm0T7S7Zt/nVHZ6eTuTdMkDMXiQlli8VK2fNioQCb3UG/2SzP8Tz1kzOCrNuwidpNFUWm
JUCZRWDXMZlMRjZdkRGdD5P71NndQy4bIw9zodjsx4jFXLFyuUQaJJ/N0jbM4blZuGwqtq+zkItk
qpaRLF2jKlfUyWrEMxpaq41SA50mEt8CD8SSMkQlg+b2AFRrEDu2NaG/zwW32wyX04yZ6QwefXgc
JtEgJnOh8lKFtAU7NjGXJJIwK2MxiTT4GRkYmRj52DmiIJDlYeelmM5YksxzmkTYBR6RklEkKakq
6s5gDw+XK/LRZCrzc4vFskNg/4QlmA3HcdftO+l3KpPH9NQk1m/ciNMnL67sXQK+XC7/WFXVBVPT
IMgVYNNg7yebgv672ju6yFKUJInKOlLJBJV6GHuJOyjHYbTMbqC8RyQ8R2XtzMJoqoq9+/bBbrMR
aZiFCQSbkIhFKUzs9fnIXZqfnUVnTy8VH54fGaElRhmYhWEC32QSKcTLNI+uyZQdZ+4S+ylKGrks
gmCIcr0aKWL6JuQXqMKXPW/yC1RSUqvmdTkEzCbNSOY4bOg3UdOVxcSTddm7ewp7dxsaStN0shw1
sFk7kSnQoGek9LqsSKSLkBWNwq/MrWJinBGlKBkroLBzS+ULrqQKDhIv0oIQvGiCx2pFriKTRakD
V20T/6au6/dLkvRPFovlFYIgLFprlV0/kcri7tt34PCJUbrfcrmyEFlcDbIsH5Zl+VjteaMn/TLh
dTm7+zpa/9vA0FrkchnIFZkSg2z2F3iechhsZj9z8gTNis2t7aQ3mBsUjkTBczGKZk1PTWE+GkMq
k8WmtWuIWCNnz2D0/HkiTalchtVioVLxg/ufQrlSgYu5VCYTDb7Wjk4qic9m0vQ5jGBskOcKOioy
EElocNkNF4oJdJ+LRzJjJPiY4GYwe3kqPJyJKFSjxd57+KxCv3ke6O8QqahREDhEwnk88dgEYrEC
aQeH3YKCVF7IkNssJhLpjJCMSX63nSwDg8dpJUIwMjGiMGtSvzwQQ5njkRasUPiL52pvyAYhl0Mu
t0hnhAC8FEBU1/W9yWTypmAw+LgoiovWaD01Mkmu1rve+rsYn44gHE9joho9Ww2iKG5e9PyqRsuL
EGu62z/V3tnF6ZpODU9tHZ0kppm+QDW6tOfJJ+Fy2IkYzI1iWoL9ZLJZFEslBPw+nDs/ToN9/ZoB
GvynzpzBXCRaba1NYapa1s3OYee3tzRTWQojhdPlIhLWNsdhZsAsqgi4eXKr2psEKhGpNUSVyjqG
kzIdr1XoxlIqTp83ig+ZFhmZrJClKVdATVU71pvp+MR4GsePhZFLVeB2WLG+r4WIkMwUkMoWiRjt
TR5ym4qlCoV3mctlt5nJ1bJaTKQ3xmcTmJxP0TUYQWqg++MEJEyr74vocrno745GIrVSfk4QhJdx
HGdXFIXTNG1fIpG4OxAI/EYUxXX17z188hxOnB1HS5Mff/r6V2DTUDe+8e/3X+pfbat/0iDIZcDr
cgx1t7W82esP4PTxozCZLdTaqsgyLbXJrMTP//M/yfd2OZxobQ6RvmCa5OzpU4gljWJFNvhz+Tw4
nsPhE6cWru/3euDzeGCzWuB0umiPcqZrXG53NcPO0WeF5+eoWpXpGEYSVZaqiy6IZAkY2Gzd0SRS
mbvbwaGj2USZ8pFJGbMxlToFb9liwXxcRSKrYbBLxPmZCrqaOIRcMo4diuL0qSicVitFnwJtzoX7
jCZzCCdyFKLt7wiSa5UrlCkzHknkKK+RSBuuVmez0UmYKxpRKuZm1ROEIS1c3j4iTJ/9yZ//FfWt
nB8dxoF9uwKapr7KarV+uVQqzTHiJBKJW30+3y/NZvPN9e9llmt6LoaHdh3G79x5A/q7WynStRJM
JqPgtIaGBrkMbB7q//v+vr6tczNT5C7ZrVbEk0ma+RVFxbmJSdIisqJQY9TaoSH09g9QdOmxJ54g
t4khm8/T4KlfiKE5GEB/dxcC/gCaWlrIMoWam2nWrJTK5DfPzcxQNS/TPYyMHo8XqWSKXDs2aLpa
DGHOyLHnWJnqsDqaRcqOC7TXh1FGwojkc/MoVYzn+YKGsdEUPGIOc1NxHNw/g3i0iK5mHwlvRng2
wNI5CTORNNJ5Y4APdAbp2HQ4jY4WLz1mgtxkEugYE+gtQTedG0nmqMCxJeCm7HkN7BvIipe3bq+q
KhgbOUOTzpv++O24654/wOmTx7hMOnW3ruvf0HW9rOt6pVgsflsQhGaTybR96TVmwnHKvK8b6MSh
E6PLltcbn6VmisXiQpdVgyCXgNNua9861P9tqnuKx2iwR+MJzEYiZD1y+cWFcIwwnK7D7/fjod88
jGR65QU02GAfGuij0nWbw472zm5yrebnZokUsUiYXDSz2QJfIID2zi509/UjEgljenYGQZ+DFmbw
unlayufclEJL/GwZNJOrxcB0hdXCk4hnbpWsGAsyMBL1tosI+M0YGY5jbsYIAjCrwXRCLJUni1Gq
KFQvVbMEzLXK5CUkM0XSGGxSmI1lSVPE0wXYrMxFYxbN8FQYQewWE3xuOzI5aUGDyByP4mWWstcQ
j0Ww78lHKKjxh3/yFzhz6ri9kM/2ybL8k9o5pVLpvpVIcnJ4At0dTbh+6xBiyQy5gUxP1UNV1fl6
gjRKTS6BrUP9/9Db3vJ+WZZxenQMbpeTCHIpeNwuZLKrt9IyfdHZ3ka5Ea/Xi1q5/GqYmZrE/gMH
0NHaTIOyOWCiJXXSORVBrwXdrQKVkTCLUqroVLpeu6RU1qnhiYn5eFrD2TNRRCbmKEFZD6/LhqDX
QZlupi+YhmCWyGk3koVl2UgUcss0Oq3tacLYTALreptRKssYmYqRcO9o9mJkMrrQ98HURNi8/KZA
l4OOrl78wRvfiu9+88uYPD/6zmKx+M361wOBwH0Wi+XO5d7r97qweV0v7rhlK+5/7BB2H7zg7lYq
lcPxePzG2vNLF9m/iGE2iZ6ethbanebcxBRUTb0scjBcihwUkWoKVZOKKvWJrEYO9vr50RE8uWcP
8sUiTg6PQJEljI5HcODYeUilMs5NxvHo/giOj5aoNL2/Q0SprJH+2H+yTIvCRRIaCfWQW4WDLy4i
B5v12cDuavGRIJ+PZZDNl8ilWtPdRCXsTEcwcqAqtG2WCztKMWIx0c7cMvZapqo5ajumleuaogQq
oV09orQaZqbG8dUvfhq/8/tvQHNr+1d33njr10RRXBDY6XT6jzRNWzZ1nkzn8Nje45iYjuD6rWsW
vabr+kz98wZBVkFnc+jNc7H4L8PRGJqCflrQ+VqBCXOhGgY2mcykO5YrMWHHxsdGsWfX43hizx5a
/lOSJLzyls1Y29dCg6856AKPMtLZLJwOJ5r8ZhLvRUnH2UmFKnmvW2um8hOmQzqCGvbvnUQ2e6HM
o6fVT1EpJrrPzyQwFU6jye8il0sqy5iNpnFuOr7gajEwUc4sTQ0Bj2PhdU3XyOViKFVkgzRL/jaX
eulmptWgyDK+/62v4A1vfhv7Hv/sD//k7cfaO7o2wnCVUplM5t2rvf/RvccQ8LnR22lsGdHX1cK+
70j9OQ0Nsgo8Tqenoyn4XofdLsiKbIknr3hp1xXR3dFG+Q5GDl03arA8Xh8RpoZisYCjhw/h5Okz
mJyZgywbBFo30A6fx4kTw9PYtqEXAZ8LE7Nx9HV34bq1Nsp3sBl8MqwimlQpzDsyqVAvh83KI1/i
4PB54bIB09MZanlN5SSE41kS26qmkTVgonommiERzjRYX0eANAWoXdaHoNeJ6XCKdIXA80SweDpP
hGIWqBa1MooYTVR6Ug8LsyA6ULmCZqjlcOLYQdx51++itb3L2zew9o/TqeTuRDw6pSjKGeZmCYKw
7GLAqUweZ8dmcN2GfvR2tZBFiSdTX6/fX6ShQVaA2SSKLrtt/Uu2bdpTLJUPTM7M3LJUkF8tGAl2
bN5ofI7FQmXvTS2tSzbLzOKRRx7F9DJ7ku/c1I9jZyexdV0PwrEUpuYNty/o91EepvZv1TSN3DHm
nr3ulUMY6DJE8cNPlaBkwhgbNiZLnuMoVMuENBPk52eN6zltZnKhmFVgbla2UKZaq+5WH7ljuUIJ
43PG6uo+l40iV2fGI+RmMVLUl5FYzOIiFwvVuhEm1jVw1O8hMaI8jS3cmC655/ffyIiCp3Y/9tVf
/+qn/zcRi/gCgcAjl3uNSCTSW7/qYiMPsgIqsqK0hgK/G0mkv+N12d9+rcjB4HUb4tRitdJi1Db7
4mSZVCzi0UcNcnh9PnR198BqtdLiDWx2T1ImW8H+4+fo/JaQF1vXdSPgNa5brsi47/GjuHnbGkTj
IipyaYEcmbwGTcoukIO5RS3MReN4KheZixnRrJDPiZaAC2MzcSpE5HmeolfMpWLkYIO/di6Dy2ld
eF7f3VfDUnKgSo4KxyMj2q7J98p0yb/802cxuHYjXv2a//JOk8n0Z//27a+9TpblQ8tFtZZCVdWp
pUuSNgiyCpoDvrsTqeyDq61efjVwVAkhCCIlHDu6ulCruVNVFUcOH6KkYt/AAPr6Bxbe53K7MTkx
Thvl1GA2Ge+bmo3D63JQF186W8R167rx2FOn4bCa8Zo7+umcZEbF7qNlzJ2dIavRGnRTriOWylPY
thaC7Wz2kjVhxzuavOQuMcvC3K+1vcbOTowM5boFGSoV5SIX6lIQdQ053gyTplxRz3k92PfW2z8I
p8tjVDo7nMmxc8MPfuoj77tPkqSf6bpeVlU14PV6v3Opa0mSdNEyjA2CrIAmv+emidnwF9b1dX35
+Kkz1/TahhtkgM3M9Z7u/OwMRs6NobWtHaFQ00JVMCPO/NwcxsfGFl2LDdx4MovutiBiySzOnJ+l
XMzLbthAtUgTcxk0B22QShr2HCvh/LlxmKoLYs/GFq+Xxryb3rYAhXPzxTKJd2s1SpXKFY3kIWcQ
KpFZvDxROHHp1SFrYK6VQq4VYNZVZIXVE4bMwjY1t6GltYO2sPb5Qyjks1TSE4vMT589ffLxZCJ2
vFQq/acsy+eXvr+6Yol6Kc1dn/+ooUGQFWC3WN0VWVYy2WzQxWm4dvLcCPEyYjAtwtwsgyQGwvNz
KEgS2CcW8jls3GzsFcjO8Xg8tPhDJBzGhsFODHQ3I5Up4NS5GUTiGYwWwpCkCob6WnHgxBjtp3Hz
1hZKEu45VsCxM2MQSiVaCGE5dLf4iRxMW0STefR3GkWylCRNFTDYHSLLUYtOXfXfD4MlKs/D6g+U
TZpmyWXz4CxGjoV9L8FQC5pa2qisX65UICvyzNTk+Njc7NRoPpedkGX5qUqlsk/TtJUX3qpC0zSp
VCo9YLVaX73SOeVy+RFFUcaXHm8QZAUkMtkjW4f6/282FoWN55Cq671m/2CnYPyTJQ240p0imY7Q
6EelPvT63o1CdU0tSSoi1NxjtOdWScUsSTQSgdNuJc3BcH4qSkJ6+8Y+mu2f2H8Gx85OobXJj84W
FxUe7j+Rw64Do5T1DlS5uHRXJqZFGDnmY1nE0nkS4he+C6N1dnw2seCGPR3YfT5dtFhK2UjEZldK
Yt5k/ceg297r4vFKc5NjvJSvlPOZyIljY2fvSxal+yqyckkSXAqyLN+/GkGKxeLnljveCPOuDOtg
Z+u/lONRCByHvKqTa8CGcbOJg53NfjxHC6exL7F8BSkSq9lMGXlFlumHCXCz2UKD9tzoCOU62PNA
MLiwWT+q2zgzzcIEOnOrIokMzp6fw6tu2wqzWcRsJImxqQh2bupDS9CDeLqI8dkCZsNJiiIxEm3c
2If27lakkxlUyoarxQa/12XD5HyS/kCB56mNFtVej8n5FGRVo0RhrlimerKnBY7jsoL5w+5gkKn3
NkEu3yaBv/dMOPYWVdGdNqvFpfLiIQhCzGo23SiKgiSVKpeXoV35Iy12u/1Pl3utUqnszWazn1ju
tYYFWQE97S2vK6RSRA4GBw/kNMDGA+KSUKRD4GDhgZis43LWL89VrQSbwRVFZuYddodGblSlYmTU
B4fW0LKk7DV23GQyUf9Jbdafr2s3ffLQWfjcTqSyeVy/ZYCiWtNzcUTjSYpsbVnbDb/XqMqNzcdx
5ujokp2rdMqBtDd5SJzPV7WJXm2hZYSoJQSfLjc8ra3IhsMogE/misXPliuyXSqWxn0289vWd7T8
S6JYenD/yPhbKrKSf3qftBiyLK+4220ul/vASq81CLICWgK+3y/MTC2YWEVf/JuhqOpEDEYiRpom
ExC9DJJkcnnKTbBBr6kasuk05UKkYgGV6vGRs2dx6sQJ6ne32+3oHRjAzPT0Rddi7tbmoQsEYJie
T+DJQ8MQRQF3vWQLEYwN9qMnziMzffHyplaziJ42P0XEUtkircFL1wmnqOvPqPlyUfPT00hTkKjW
dETsbe1n8pHoXedTqXeEvP6N6UJxLJHLf/RcdPkda68FNE1bNsQmSdL3yuXy4RXv+Rm7o+cxzCbR
L6rKnUK1OKKi6ajunIyKDpQ1nQZcUtWRrmMMI4pfvLwRNBcxVk5UVZWEOrMUmXQa8WSKVlyUq5Em
2t9QFKhTcTm89Pp1RI7h8TkMn59DPJUj4Q5aYMK/QI5H953C2MQ8zJbFFbR2qxkDXSEiR0EqU+ac
aRlmOXRaWtVNmXbmdhXL8hVrEEYKXhTBWa1ha6jpVDSeeOjQ6MRrOJN5n81kGZiOxA+4HPaOK7ro
NYKu6/FMJvP+1c5pWJBl0NPW8sZsIr4we+RUHQGBQ07TiSApRYenalqkKmEs1cgQ++3gdRQuMY4i
8QTaWoycQjqVpJKTEydOUJfhUiQTiYvqtNiAZrO522nH/mPnMDp5sWWotZeeGZsll2xdXxvMpTLi
EWOmNokC+toDFLqNpy8kCWciGeoQ7GjxYXIuSeFdZlkiVxDK5U0mKoQ0u9wz+Yq8p6hquyPx1JRV
EDfmilLpVFH6StBrpxKQolS62DQ+C0in0+/WNC272jkNgiyDJq/7baX5aUoMqFWn2yZwMPOGC8WG
aqLOj4opOuy8DnPV/7gcG0L+/cws+nu6aSA/tX8fpmaX73SrkYPN4pvXdiHocyHkd+OBXcew6+AZ
JNN5EuFMh4C2cTNhYiZGC6qVKzJkWTUiX+t7cerQhZxOS8BFnz0Vzizq9vM4rSTSmUDPFkvkci3N
e6wGs90Ou9eHbKn0tels8T8UrazFM9JpDuCdFstI7bx4ukjEqKywDti1BM/zvvrnkiT9qyRJP73U
+xoEWYKAx71WlQpb+VrYVWWD33jMXKiQCYgr+iItwlDUgOJF9aqrI55KQ+N4o9SEE9DR2UULFKy0
/GhT0I31A4Y3ki+UyBViIjydLeLu27ZSsxLD4/tP47r1PQvnJrN5elyUSotCu4wcwxPRRVGpkNeB
1moEayaSJlF+ReRw2BHq6/tNOBKXT81E/me+KC3aQUcqVy57C+ZrCYvFcnvtsaqqx9Lp9Lsu530N
gixBc8D75nwqRdEqVAe+v+5bYmK8WQTmZP0K6XAxAoEgBofWwuF0LORBmA458NS+Zc9PpvIYnQij
uz0Ip8OK22/YgDPnZnHHzRsXyDE1F6eo1AI5MnnMRVJUCTzQ3UyZ9xrmYou9C7/bTuTQqwI9L11e
ObrN64WUycBit0sTJeXtpXDcNjEXPrKUHM8lrFbrS2GI9dl4PP77uq5f1oaJDYLUgbkwLpvlHVpe
X3CU2LeYVnW42OzIGUe16lpTTwdWm41qq9LpJBjVnE4nkaS2PfRyYDM+sxq1+is22Ecm5tHbGcLe
IyMkzlPZAlkPUB92go6bTQKRiV1fW0FkO2xm6vrTNI3yHvV9H0yrME2SzC65N45DoKtLLmYyomC1
zZxJF96YyOQOzseSFvUyMtzPJiwWy+s1TSskk8k3Xu4e6WgQZDHaQv7X5NMpn6Multlk4ihSZQhz
jnIexWvQOFWSJExNTlBIt7u3lyxHPpfD7OzMiu9h7k44nqbIl9lkInLkiyX84jeHEAq4qMX1pdev
w9EzkxgenycitTb54HbYSI/QiojLUJu5k90tPurjYKK8UleNKwo8+jsCFNVaOF8QaAE8R0vrMY7j
Q7lcTj6bLr5cKldIU/y2kcNsNm/nOM6dSqXuqVQq+6/kvQ2C1CHodb+9nIiC1uGswlQV6kGRifRq
pIozrEmlOtbsHCijLnJGniSr6ihdBofYbF0ulynncTlgFmRkfJ5+6sG0yc6N/bQlAHOpmD555Us2
w+9xUnadEWn9YMdF5SUL7/c7yTosLThk53e3+omYxZJMJS2MRFa3u6KDk+ayhf8TEgrvPJMqvKFU
kZ+TSNTlwGw235BKpV5TKpV2Xel7GwSpwmm3tWiqcpeN54xlOqtGhAlYhX3JdQV+Jp4Dk7FMrLPh
5hP5hfMZcYI8h4isQb52HbrLojnooSLFolRGNJmhqNOJ4Wms6W0lcoCWGpJw+/XrFzSOVLg4X5bK
SlQkuBTdrT5yvWaiaWqYYqLd5HTGKuBOz+WlfxVF8czpRPo9v83kgFHf9i1d16+qZ6FBkCo6m4Nv
y6eSsHMcbHUVasz9YI6JpOlUtIhqBj2l6vAKQIq8Ef2i4C5zx+JLQ13XEEyL3Lp9LRGAWZZH9l5Y
mJkRB7RyepkEezpboBZdRVYWaRCP302uUi5zcXVuW9BNqyHGUnnqFixXFFQ0IKXg4wGb6Y7J+cl/
f8b+uGuMqyUHGgQxYDKBifN3R9KA1XTx680mo1ixoulkFdiPnQccAo+8ppEmcQiLCWLlOfDQ8fRr
X5dHe7OfSGK1XHzDmVyRLMjug2epu2/9QDsdj84bi3xY7Fas3TIIn9+NeCSBkwcXu3hepxVBn5M6
DJll8bnttJyoraXt+LnJ2Qen44kfPUN/1m8dGgQxdqr9nWQ6HXIKWHbpHWZF3OIF65FUddImDIGq
pbDw+kVFjFYOKD5DRoQJ7hqYhQB11/EUwRqbjODE8BSVhWzb0GtEx4oljJ2egMvrxNYbNy4sDiGK
i4eAxSSis8VHizPEknlaBmhyPgl7MISRSPwjiUzut9qdutZoEITcidA75WIRwjLL0ORVDSUNJMCZ
KK8J87Jm7BEu8hyCJlCkyyNigTioVvmWlOWtSG0n5qvVKdFElrQHsxYHTxpNdLduH0JHSwCnz80u
1Ey1NvkQiaexf/9puDlg0451C+QolyoYH5lauCa7pc4WLy35k8lLaPY7aStnSdFhtTv2zJwee/Dq
7vb5ixc9QZx2W7ff437FdHhuQWPUoOg60rWIpw64qsEtRhJJZ6TQ4BF4shxBcsM0qJzhXqFal9Vm
5ug6ajV3wlfJwYavpBk5lqtBMpPHzx46sPCcWRRGjkQ6R8Sp4cy5GZyfjlKkLdAeomLFckWmPpKx
czPw1/3JTHNMhVMLWxtk8iVaCdHb3o7huZmPX9WNPs/xol/2Z9NAz98KSuXDZuni9oOErC1U8aL6
ZQVEo0GqqLFBrtMxZilqlkPVdUokitzy7lrtnLKxJNSiTsWnizZmLRKZRdnyGpj1cPhcsNptRCBq
101mkZmOrHpNThDg6und//BTR269Zjf6PMKL2oIIPG/2Ou1/lZlNoFyd8WtQqiXuQjWbjmqsiukN
twB4RH7Z+UXgODC9vtqwl7TappTXVqDMRVNoaW1dcKGikQg9tjscUJIJZKQK1q/tRkvQ2Jognly1
kJVg93gwORv+yjW90ecRXtQE6e9qelNkft4t6kZ0qp4ghWq23C9yVK1bj6zKBrkGL3USLm8lVjLN
zN3KqTrtWX6t8yStbW3YsOnCBkmRcBhr12/A8JnTtEH/XbdupmSioqrYf3wM49NRtAurOxEmpzM+
OX7q+9f2Tp8/eFETxMyb/mtJySOtGS219agNXkYAJ68jr138OiMOD50y60xXuMULF2HWoVK1QHr1
/HJd49U19KwW4PEuqujGpi1bqVS+u7cPcnzWyLSn89h9eBgel53K5pVM7qLoWz0SUuV71d6tFyVe
tAQJ+ty3pdPp9bWyKm7JnM/VfTlekYeg6lT6vjTfrFWbppbmQZirJWvaor6RawWrzYae3j5ypyqV
Ms6cOoVUMolYNIKOTmMZWmMPdS+FcaenphDPFnFiZJr263v5jRupGjiRymH/k8ewUhOkyWrFZCT6
42v/Fzx/8KJd1aTZ6/qaoih9tefMAtRHsdgMX9YBl3AhIuUUOIpksfPMHEfRKuZ9sfd6xIu7ly10
HigDfa0ShqJowk233gqfz1ddzMFMe4swEkjFIuZmZ1Aql2hzUHN1ySB2PDw7h2gqRyugOOzGQm3J
TB4zc3FYqxakvsSGwepySadno++5Rrf+vMSLsic94HHeUi6X7qg/trQqxMwbg3qpkOY4o2iRWQwH
z5GAZyQoakamnf2wx3nqV9eocHElctg4IyN/JTCZTdSCW+tZZ48PH7wQ7i2VSnSsWCzQNgkMwVCI
3Lzu9hC5WQyxRBZ7Do8suHoVXaeoXD2yBemKKl9fiHjRuVgCz/M+p/0rxaLR22Axm6kPnFkLJqBr
/jib/UUYizIETMv7IDlVW9AXRWXl1UxEXGxBPAKzTvwCoS4XzBqcOHZ02c+w8EaiMp3L4eihQ7jt
ZS83XhNFCBYLrGYTRifmMTkbRyyRIctXkxdFHXAu+TNzFXn0sm/sBYoXHUE6W4J/UywW15lNJvR2
ddAeg7UVRhKKjpBolJYwBE0cRZyYJbDzF8rdNZ2Jdp1yIUHRcLX0anQqpy0O8TIB7xM5xOUL+oVZ
DVe1pJ5d0yPoyFymVuGrFqsmeRghbNWlh1DN8DO0dXRgfnaWfmfSacjlMqbOz9D57P1tZoOc0arp
ZDrKvoQgvCBc07Wpno94URHE63Ksc1pMn7S4QuhobSEffnb+QqKMWYKwbKxYYq8uEMcGNxv8BQ3I
yBpZGjbomYWpteLWihjdIg+nbkS8alEsj2CsmdVi5kjkp1SdXLN6MLIIzFqt4o6xz/QK3Irr6qIq
zDNVnymTSkNVFKhTGmbGRtFi4haIX4O6sNaX8blL7Zis6Q0L8lzfwLMF5lpdv2ngu5wu8nbbhdXE
88XFbaRaNbudUtmgNBZsYHrDKRhNUagNqOpokjSDEGwWd8AYhG6BDS7Q7Fw/oNl19Grp/NL8iV1g
lshYYii/xAr5BKNyeDWwe0oq+kKtWDaboVBcKhKGn9OXzeoXNH3RsqlKlfw1lBXlmSpGft7gRUOQ
TYO9H3NYnVvqjxXicWzftIE2wCyWJExNz1LIk83wWnVFk5RquFPsGOMHXx1IStWqsPMZIUrUK2GM
J61aq8WQkjV4xQuzt1PgiSBxWSMNwKwLe0nWdBqolSXTeEDgaMmhpWBuHvtM9l6p6u4tRSGToVL9
5chBRZg6wKaKmuu3NN3BC8JzsgLJbxNeFARp8nuv721v+Wj9MbkkoZCIw2S3weV00E94ZpbcjlpO
wyVwNHBL1ANiuFF81e/XqtaGHQvyHLlkbPZnz7Vq2FigHApnVAGrGon4im4QzFoNKy90KvJGUSPT
QfUZ9lTV7WKWrDbOl1oLVOP1nqoVqlTbfhlRi0RifSFcqegGoWoENteV5C9NXgqi2NAgz/UNPNOw
WS3um7asuWjnoGLSWF2wlMvBbDcWZnZbLYgv2VieuUhGS9KFWbjENIdmDHJGHjaogyJPZFgO1roK
X6ZX2KD3ixfP7MyahETjejW3p+byMX1irp6+dCV5G4dF16t9Xl41Ager6X92zWwt1LvkNY7nX/Qu
1gs+D7J9/Zqv8Zypfenxct6YHMu53MJCBqLFQu5SfoWlcdh5WVWjgkVmIYImnqJYHBUxamRlUM2d
pBVt2W0CajVYTJ+UlwnvUnXwMkJcrxKDt9oW9gxBddX5gIlf1o1ilrDmndlsNtz60ttx5113U30W
g4l0yIXzDYu46J7My34RLyK8oC3Imu6OPwt53a9f9sXqQNBVFVI6DbvPB14QaXCyGTspa+T+cAu1
VDpV4dZQc4PYTF2zDrJuDHqtOvNEZR0+cXERJLMSbSZjsLOfVMXIpbBT2C3Vl7JYbTZaFoi92+5w
wG53wO3x0NbQqLpx7iX6RK+6guWqe2Vze6Hkc9i283rah2TRuQCWNmszd8tz4ZKeK/rCX4B4wRLE
63Ks2dDX/U8rvW6yOyAXjVbVQjwGq9sNq6YgabLCi5LRFKUZjU58VZy7rGY4vT6EAn6cHjmHhCxT
ZKu2Ji+q/epF7YI+iCnMNTJEvrWar2CC3UqWRlsghLqk74Q9dbs92Lx166L7Ds9fWPKHfdY8MXWx
JTJbLFSntaGjE0cPH0ZXVzdZkIXXqxZouRVxGUHcF0pO7Jf5db9g8YIkiMDz5hs2rv0BuJVdBHdz
M9Iz01BlmVYhz8zOQi2X0RoMUoa8nM7AoalMw0C02uDwemGrm4HX9PXg1Mg5KKpR0avWzf7sS7Xx
oBon5uYo1QYpJpyZ+8WEslo9xyMYiTtmDWqRrkhFo4hSNBKmxeScLtfC54aammiAVyoV6vUYGFyD
9s7OhW3cavsdqqpKGfdisUClJvVgz9l59Zvo1EDRO12Hk+NgNple8C74pfCCLFbctnbgS0Gf51Wr
ncMLAq1AzgY/e8wJAnRdQ4WJdujwuF1we73wNjeTi8JcHbE686qKAk5TaVPNRDIFv4mjYkXm7rgF
o6ixPvPOV+u32Ghjop55RSETR7kNKmnhLgjsoqqhUB/FSqXQ1t6+MPDZ70AwSPVWjCSJeJxWaJSk
ItVnZbNZJJMJnDp+HLms0RDV0dUFi+UCudln5fM52nd9OTCiOxjZXK7TkUT64af9D3ke4wVHkNag
/+4NAz2fv6yTOY4GvcXppB9dUyEXi9AUBaLFSrpEymQgJZMo57IUFmY/UjoFq8dLi047nU7MpNKU
CTctI5T1qnapZck9Ike5kKVZbVSjY0vL4+VKhUrZmeWodQoyF4oNel3TkU6n6DOYpYnHYvTDyMMs
SA1t7R0X6Y9yuUTkWg56tVwfJvPpaDp772V9ly9QvKAIYrOYW2/dtvE3PM9brub9gtlMvreruQU2
jweaLCMzt3idY14U4enohLnq01ssZoQCAZr5s+UKrSaiVEVyTjMWfaBrVq2KwC0V1excHRlFR3aF
oGq5VMLszDQ0XaNdcHO5HMbPj1Fpew3MDWtubUVvXz9Zk3L5QriaCXwm7usjXWdPn6ZekkXfn822
sBeJv6mZuarH5hOpX13Nd/lCwQtKg+xYv+YboiC4r/b9gijC5vESURgyTBBXo128aCIhb/f7ySWr
B69p8JtFNLW3kcIuVWTSNswd4nSNIlvMOkiKglK5QiXp0K9sUTk2cM+fO0d7FrrcbsSiUQSDIYSa
m9DU3EIuIKoW6+TxY4vW4Z2ZnqItpxl52OeeOnkCudyFfnRmmZiFWbdhIw7uf4qOeb0emMyWtRi5
aF/+FxVeMARZ093xvqDP84qrfb/D6USiai0YQdgAZ1ZECAXJ3WKkYGKe4y/WrQK5aS5kZqYXLQ5d
I0Cguxsmq+2i9zGRLJXLyGZzmI1Ell2NZCkGh9YQIVZCNGIUX7Y2N2EubDwuSRIi8/MIhppw5uTJ
ReRAVaN0dXXTXomMKOzvZKQZ7Ovt/fUTey95Ty9kvCAI4nU5Nm3o6/7s1b6/q7cPk6PDUEoSkYFB
MJloY5gaKtWQcC3rvhRmux3+3l6Khil17o1otS1cE7QzVIH2QS+Vy+A4np7Ll7EFmSiKGFq3blVy
MMKdGx1Be0sTmoJBZLI5FKrFmJIkYf/ePRRCrvXALPz9VXIwtHd0Ip9OolAoskmhhRGlXs+82PC8
J4jZJDpu2Lj2x+CuXE+ZzGb0DQyiWCigmDU2sNTUiwerLBVRyedg8wVWvZ5gMsPf04tKoWC4WBQd
40j0C1UXyOlw0A+J91KJVhgplS7eToO5ZxkmvJMpdPX0UDiXX8Z61WP4zBlwmobWpiZ6vnFoEKlM
BulsjlwrNtibggEi5OmRc3SOw+FYIAeqWqacz8JltxHhvE77+kQmd/qyvtAXIJ73BLlh49pv223W
XvbYZreT0EwmEvRaLdbPBoCFuUls0KVTcLrc8Pp8CDW3kK8+NjJMg4f5+Wwwa6q6oDPY43Lu0utH
1cPscND1VEVBPhaB3WdBU0srRaTK5VL13gS0tndSaDkyP7fsdTLVMG1raxvdO7s/5v7Ul5rUMDU5
ifnZGVy3acOi4z6Ph37qYbVYEPT7iHyeOivJri/LMmkxu8MOi9UGr8t5Y4Mgz1NsGer6cNDn+T2Q
hnBhaP0Giu0vEEQQ0NLWToRgwlaRZRpclC/IpI29zuNxGhgWlweamiSClLJp2P5/9t4sVJI9zQ/7
MiP3fc+zZJ6TZz+nlltVt7p7um/PSJgZzxgGDX4YY7CN8IM9yAjPkx9ksMUwsryAsPGTRhgZg7EM
so0s0IOFYGAGSdPd03er9ez7mvu+REZkmO8Xy4mMXOrUvbe7b52rD5JTlRkZGfGP/7f8vjUSA/P0
u7f1ImZNYCaP14vfd7vd5PcHyB8Mwiz5yz/7U3ze73bgRYpEYyPfff1itHxWJ72/Lkv1y4tzmEkr
q2tDx/Dv7O3u0OX5OW2sLMNEqlXKqiNgCi3Mz1G5WhvybLF51u+JFPC4aH1ziwSHkyKh4HOiq/91
6snuMX2wDJJJJ/6d5fnsH5OmKdY2t/CXGYHBaLGQB0NcnuvNyNV0cR1Ep2fnKBZP0MXpMcl9EeYR
m1D9dgsmVbdaIU8kClevTlKvQ05TygYaOLjdcMMyEHbyOXI+4IXDXRXTkMYg5yfHkNaMO8wUDIVR
Z84kiz0SXLce6ng0TNV6nX72F3+B6MQPfvQJ3hdFkeq1Gkppz05PKBwM0EdbG8AWzIgul4vOTo6n
rp/T4aD5mTRGMDPj8T24XW6qloq0uvgQQoXXKh4O/vDrPqsPmT7IOEgk6N/68dOH/1wQHE7e6ILg
oIRmd+PzWAy+f6/fT41aDdI9nkhQUzOVXC43xZMpqlYqVC4WqFMpqZ4bl5scLjeAuEPz5siiiIRG
0hIbWYPYhVu5wmaUw+Gk2fkMzWcXoD1Oj4+oVMiD0XTiDSgrRNH4MI4JR6Jg6lq5RM1igRxenyHV
fV4vzaVTFI+EqVyp0vbbt3R4sA+3bbfVIKdgo+WFLCViMXIIAkyj3PIqNGfh5nri+jFTLq2uUadR
p/PLKzo5PkJKSjKVJocyoHg8ZpifxZur9N7JxX+rjJvd9h2gD06DeN2u2b/y7PE/I7J5s4tLZLfb
qKEBbD0fiYnNGYejQY+ePiOPx4vgGZs/jAEYHxzs7UDS8qbiTc+bWRJ75A6EkPbO57EJAgKDsimg
1qlVyRuOwrULLBOLQXOxBmk2Gzgv/xsYxmYz4ihyr0sXh3sIzvEm9miaCCbSzjaqG5nEZoM8oVvM
oAPzrbUVEsU+OZyOsVF4pkQiSZLUBw7j++Lf5u/3La0RVzc2sQbxZJI+0rxU+2cXRhKjx+KSjkeC
v54v1/7sG3h8Hxx9UBpEsNs9v/nDx//U5XQDiS6vb1Cr2UBHQQbjvOnMA2HY/GHpTpgi5YQpw6bJ
yekpVas18rpVc8bh8UI7sDkl9bp4kc2OTcYmkW4q6cT/ZzzCm73RaFC9WgVTVMolIxINstmggXTi
32hWynR9cUalQgGMnb++VsF7Q/OiSRKY0u4YlV28qcfVfbCmkzptskkiRRJJXDsfl0rPUpcZX5KG
AoepGbXBdSQaRdyEzTjWnHwvXpcT2lbHS8V8nhrN9lGxWnvvAZj3gT4oBvn1pw//USgQRDCQpR0D
8HarCc9Us9GAuRMKR0bcobyRT4+OKH99hYEFP/vsc5gkuneHNw+bVA6v1zCfeDPL/T60CW9axRIL
GMgSGIkxi01LdrQS4xrWSoolaxaesXaLGpUytWsVElvDSYN8XrvDOcQkfC38WwOpj8YPA0nGuXvN
huqC5ut3OGg2twKAzpvf6/NBy2VzS0hc1D1ozMgsTLxeH1LqmTEuLi9RmptKxIHh2CxlKhUL1Gy1
bi7ypX/y9Z7eh0kfjIn1fGvt7yWi4X9X/z8LQwarPn/AOIYfJr/4wbP0V5QBpLOoSXF+6D/99FNo
m3ypDNs9GLgN/NntAtm9PirU8zSbShrS2h0MUadcwvmsZHe6xkbJjc8FxxDQvyt1axVyBQLk8gVI
EkXqVssTj/X6vDCrAmHVZevz3ZZx6KacYGI2sdejve238I5tPnxMDx48RHayTnA89HpgOJfbQ4lI
+JP3voF7Qh9Evv/6YuZvLMym/tD8niRL0CL+QIDmsgtDxzPeYEDeajYRqSYtEv3qzVtqtW/Npe39
A4BfK90UivTZq9d0XSjAPmc84Y1GR9JM1Gi72lFdnsAEcn90rJuVWNMIY2IbYrNJ7XIRzDKJ+P5Z
SzBFkqmJx4m9UbdvS1ubQv56KFgoSzLWj9eRGc/tcmZdTsdkKXCP6VtvYi3Npn/no/Xl/33kA0WB
q5bNqXKpCFPr9iOFCqUy5Ss16nU6FAoGYHYwWK01TMcRIRZQazTIbrMDpwh2O9IxKrU6UjWu8gVE
uuWBQoLbQxLb+wOFbE4XKW4P1RtN8vu82MTMSGYPF2mg20qB1Aw5vT54y9yBIFzHzCD9zui0Yqt5
phMzfCgSMdLYvYEAzS4uT1zH85NjsjqiXE4nzK1YIomIOpuqZKo4HGg5Wfx+udb4s2a7czTxB+4p
fatNrHg4+Pzp5urE9vtH+3t4gGxWkcYYrCE6kkyJuQw1D/Zofj5D7XaHBIdA0UiYTi+vRs7TbLWp
2bodZgmXqSDAzOLPStUqFSvjpbjb5UK8gnEK4wFfzJJpb/JkGf9XO4YMHcbmnTccpc4UU4q09BhI
dZPEd3m8tLD+YOJ3Ou322Hwqfi+zmKNAIAgMp1Or1SSv4gcTOp0qs8QjoU+uiuU/nXpx95C+tQwS
8HkXP3n68P8jG02s7ahWynjIxUoVnhif10fzizmKut309tVLWs6qzUzYVKrU67S+tERBv4+a7Q7l
MvPIUarUaiPnlWQZHq75mbTxntjvU7vTURtd90QM7/d5PEjZUCR18+lM4g7clsgy0B7CIIoyNSvY
F0vAozXOZGNtyeDbON7hoFh6FsJgWp5WsZAf+/7K+iaYg7Ro/cOPnkLY4HiFKD0zCw8hk8/jXpn4
A/eYvpUM4nW7kj9+8uBfOARhKImIpTkDZ7+WSHd5k6ermzzFEgk0Sdt4+AgbeefNK1rK3paplmt1
fG/n8Ij8Xi80zU2xRA/X10geyMAc5WoVHRZ16vR6VCyrQJ40c8SuDMhDCtm9HnitHC43NrpsMoPQ
CMJmI7fmPBBc7hGQ3rPEOpix+t0OGKvbqMNM8/qDwC8DWcbnvGNtNjt5AiGYVoFIlLwmB8Uk6nW7
yPWKxRNIc+9rDotkOo2o+9C6w+sVpOvLC2QhsBZlZnG53AzUf/R+T/F+0LeOQQS73fOjJw/+sc/r
yenvsZY4ubhEgCyXzSCFe+/oBNI8kUxRPJlAQl+n06GzowNayswbHqhur6cCbbuNPtrcBJMwsTbY
OTikjZUlNLLmlyRJwCP1Zgu44+j0HFpmMTOP1Ix+p43GDjr1kJgYwIsZRccL/VaT5G4HUXEa4/mS
uh1qyxJynQYDGed0eG69TervdMkbS4wUZ8l2gZLz2TutJd/3wd4O/j2fXaB2u00Hu9v4f3pmbux3
qiZT8nB/Dxin3WoxUF8W7HZBHgy+U7nv3zqQ/smTB/+H1Bd/O6C5KuvNJr3dP8SYAp/Xi7+Hp2eG
Tf38Bz9Avyi2l0/292g+nRoKppVrNarW6oAB2fk5Sifi0D6sjZjB2DQL+v0A6Kxx+Dei4RBa+7CJ
FQoGwThgkHZrBDSzlGeN5PT5STIlCPJ7SFPh48dkafD7iGlo92F3OFE3IoldTWOo5zDXkpBWS874
wzehLkWnfr9P+ztv4clLpNIQJIxdup0OvFOpmVlyWBIvxV6Pjg5uG7qLYm8oCl+s1v5Fq9M7n/rD
94y+VQzyfGvtj8Mh339araqb9vz6GlJcb0/DUp83tk7JVArZq8wcN9fXFPZ7RtIwGLRXtbTxkN9P
Ho8bHUsYO4iiCIbLF0vU70vkcbvACGbCmDPtPZbs47xKLP2dHi9iIkhLMTEEawmb3TbRG6WT0+sD
XulpaTOskWLJtFrdaCmoqlUqyKdyu8fDs3qtRntvX4MZ/IEgrayta8mUTiRM1mo1NILweD3UF/tU
qZSBRfZ3t8Ekk6jRam+Xao2fTL2Re0bfGgaZTcR+a3Nl8e9f5vNwnfJmicYilM+P77xB2thjp9MF
t+TV5QWFfKOuejOD2AU7tANpbtJ4NEqxSEQF+uUKcAkfO1AUYA7Bat5IfUO6m8kTjqg9qQQBG53/
DUsEgFwmdyiixkMm5PsxM7hDYYBzPj+bNem5Odp48jG8S93uqPu3VMjjul3M1E4nMEO1WkGi5NXF
GRibtUQ4HMZ71UoZyYj8W2yS1us1ujg9BcZgbVQtl+HynUbdnnh6VSx/p7qcfCswiMvpCH3v4fr/
1hV7YIiFhXn6jb/6V2hvZ2fq92KxuFoAFQhQPp+nmegw6Ox0u9j4OvG/GWuYtYTP66HV3CKyYpk5
ao0msMxFp0PxWJRCgVsgLDjdJFliFWonlFuthRR4DZcomseKN6sQS8BEQ+muxe3rCUUA3NlEY/Np
YW2DZhZyYDiW8mTyMJsbvjH4HldsxUJDcAgA2zplc6gpg7nIwmF1fZPOT09wDDNgtTzqXpZkWY0L
afcXj4SeT30g95C+FQzydGPlfyQbpQqlMqVSCXr+/PuQaumZNAmCfaSZgZ6015ckeFgYfCIRkTd3
r0uNJv+7YdR6O50OSibikLi7B0e0ubqC85qJNx5rk5ipwg4mlTIwajicHg+JTQFaQSebfbISZnOL
NYc7EELwkZmGsQqDcqmv1qQ7AeQV1WW7kKOtJ8+GGC4QYI13ywQzc/PY5OVSEVrDTF6fH2YXawvz
R4w19Fp21jzpWRWgZxYWwSDjmINUhwnMz3Qygf/7vJ4nE2/2ntKvnEHmkrHfmEvG/3pvIOHBb26u
A1swpdKztLW1QcfHpwCLdpudQqEAJZMJeru9R8eHB/T8+z+gVy9e4Pi3+wfGeZmJopEwpVJJ1De0
Wk1yKHaqeut0fnUFRjDnYVlJL7W1CQ6joyLBnApTp3K7oRhoj6N+t0u9etXwTrE2kXpdpJUgMdLS
yC0UjdLS6vpQyj5ptS1ut8dINCzc3NDjZx/TQm4Ja6JjBq/Xa9SBVCvDGz67mMM5W83GEOjOX48G
Tc3E37kxMYiNyBYPBzdLtcb21C/eI/qVYhDBbvf8+rNH/3xgUyKszkPBAK2sbRjpE/yAsguLlFvK
0cxMitwuBwUCfnK5nHSTL+JhVysVBLO8Xg9FwiFaWl6iJ08e0yc//jEFgz568vQZBYJhbCyWiAGf
jyKhEBhI7SxiGxtkY1NowEzJWMTk7bFrNSKStmHhjUIh1a2phYYMWkTc5Q8ixtGtVaA57A7nSNku
A2RmBDZ93BbGIS3fSg/2Mbbh3wtHorgHxl/80gOP/b4I7aJTMp1GMRfT5fmZUevBuOTmajqDMB2f
XyDr2aVdc7vXelGsNj9/5xfvCf1KNcjjtaW/7XAIi31FxsPmVzgcGTnORjZ4qZhmZucRzIrGEnR9
dUnpmRkKBoPw6ni9t1msx0eHlEikkcLBElWxdEB3CALS2yeRXiSFIJ/lMLQlTSShSRRZRlwDLYM8
HjAEOqMoCrxa+MyUKKibZ/wenwdZx6TA22RuUm0mfj+zmEM+FdPN9RWFo7GRQB9p+EMnBukLGvZg
TVPM5yGASsUiPGO55VU6PtyfuAakOTOK5TL5fWpWgsfl+5iI/uHUL90j+pUxSCTo/yg3l/4v2LRy
a+nVweDoA8/fXNOR9hBn5zK0sJgDlmBGWl5ZHTmeP+Pjg8EQNlC326XLi7OhY6xmzDjSvVWTTChm
PMHhBJDViUE2bzyX1wfTzOX3o7Z9iGyqy7dXr5E9qi4/44pgaHpDyJnZOSRe6qkf+ztvaW3zwcj3
9PgQg/L0zKzx/snRAfK4wtEIhaNRQ2veXF3AKTGJXE4HEjcXMyqDRIKB9akXes/oV8Ygzx+s/y+K
jWjr4WP46HlTm+sY+qJIR0cHhuuRGYMZhI/d3n5NA3kA8ysSjcHNyYzApkWhcEOZzALFE0mYJXwO
3etjt9lIlCVyCXe/bWYUWRTHpqOPK5KiwQBZvz6Pd6QQijQTrddSp1qxGecJhen06BAMO67riZkW
l9V0KL2CcufNK8Q1ItG4kSbS63ZwXDKl5pHx7xwd7KHBA5tag4FCDsdtS6N+f3rTOtbePVFECg+b
WdFg4DvVxOFXwiDri/N/M+DzPlte30BFW1eTYLo0NDa2Jg2XV9bwwBv1Ou3uvEXdNdPhgZrNy1KT
7XjeJLOz89RsNunk+HCkFnsAY2bY1LqLNmGw7o3FR44bVxbLWMAYVWBlINS5O0jqqDUobH6JDieR
z0f7O9taA+o5MMqka4rG48ip0tesUW/Aa4w1CAYhGMy/q3d3SaTUJhVXF+dYJxYq7XbbWMtJ5HQ5
iTod1M3MpJLMMe6Az5tptjvfiYj6L51BvG7X3MOVxb8bjicANEmrOyDNHfn2zSv0rGKbvNNu0cbm
A5TRMo7Y39uhxdwyGIMwCCaNwh5F6cGXzwCXN2e1Wh5hDtJGJ9toeONJyoCctum+CsYU6JUVjg69
72DT0HKsXnPBZpTD4wXW0OvSXb6AMdVKJ7FZRz250+ej+kA20s4DwZBRDQjQ324hJ4q04iwd6M9l
MjDRdDIzhyRJECy6Ntl9+xoj1zrtNrUHA2gwc+bxONJjRi3TPPlEJPSjZrvzf0394j2hXzqDfO/h
xt8ju+DLLhq5iHDBMr1++SX+ZrKLMK02th4CS5yeHCFSvr7xwGjdwxtoYXERfaHmM9mhATGJZAqR
4lIhT3nNZieNQcypKANl/KBN0jSBOT1E7vWoW68NZeHabHYA86EcLAbtvR4Yg4/1RmLwYhHiKF50
WrQSM2Cv2SCXovb4ZeL7bI7p6ChLfXjEfHG1JPj89ARpI5mFBTgqSGMMBvLpmds+vvxeXc8osAvU
bTXBrGw6OlyTp0Xoq9Vo3TJ2JBj4hOjm3zDIN02ZdOLfjoeDvz+byQ7VSOsZpHaMFNuAtmDbWrAL
9PLLz5Fct7a+iYE1e7tvwQybWw8pn7+GRrGmhJAmwcuWeIBqXt0yiDyl1ZPa7me4XJZNImYFM5NY
kxRJN8lMdRt6zTqAv+U3mRGdXh80iLWp3DjS88HEZgO18kytZoN23rxWp2BpeGx9c8vo6CKKIh3u
7YKhFpdWEPzc+VL11PZqNbJFY0PPY2gdtLXtibcaOeDzTi5dvGf0S2MQwW73fLS2/Ccun5dSJsnG
oJrtYL8/QGsbW3Dd5m+uoQVevfwCJtP65gOKRmO0/fY1NsDWg0dqH1ltTp+ZarUqtE3N6j0aQ6xB
rCYXmxJ+nw8uWCuDkMYknYGM9BDe3ILDqZpSpnwpZSCPlN7qxMci9uJwQHpPOm4cIdioYQ9mFD6H
0+TaZrOSX4xjdG1SzOfhwWL8s655vQo316aYzYA65SIYna/HHM8hzYulU6fbRfeUZDT84ztf9AdO
vzQGebyW+y+dDkd2YelW+MiShK5+DLAfPPpI7eSnmSB6Et3q+gbiG8dHh5CUWw8fg0m237xCo7ZS
sYh6ankgU6vZItnSnZ1xidPpMswVc122onm2Blq+FGnmR75YQrq72GqOzcJlxmmVCmrqiNcLO14e
097HSryhzdrnfUnqjWoqSeyR0+sfivbrvbmuLy9ggjEt5pYMJ4jX50eMhkydH9FyVcNHzPi+WEIV
AKZUGlPZbsjrdiU7PbHwlW/mA6FfCoNEgv6N3Pzs3wrFokaJJ9P5+SkewOaDh2COWrVqPNy5+QzN
ZxawsU9PjgFQHzx6go3MzMESMhqPo/l0RTOlfH4/LSxsGOCfNAfAyxefUzo9i06Cb16paSlm7FFv
NiEZ3S4XptoWSiU0fYiFIpPb7SgKzBx+2bUGc+aZUZNcw1+HxpXhMjbiF2sS3eRi7NWo1VDP4dDS
7ZOmuSKBYJCCkajRZ8tKuna0EptZenZOPBL65Pym+E+/0Rv8FtIvpe3P043VP1FsZMsuLhnvddpt
mFO55RX01iUwzAnSTB4+fkLZhRy9+OJTeLWkfh8aplIp0fablzSXySIuMjeXwaYnzBSP0OOPnoE5
DE+SosDdu7yyht9hwD83r45MNrt7A34/khh1CZmZnaGL6xu6LpWRyk53CCqyqWI3pZD0WqPdTL4u
WZvXmclpKaBi5kDjiUzGiK+YPXtLq2vkY+xhYmK7w0mR2Xla3twy3sst35aimxs/JCLfDTPrF56L
tZKZ/Q8XZ1P/+cx8Zkiy7+9uG10QWauwSdWo1+nxk48RWW82GnR1dQGtwK+z02PgFGayQCCgjjJu
NJBwx6C9Xq/R9dUFFYsFaBXGF+dnp0iJNwfgwuEItTtt6rQ7iIuwieUUBGp3u3Rxnad4NIKNFfD7
6PDkjDq9PpInYYqNGa5jkFZV6HB51DafqCSkseMSviox/lDGVLy6Q5EhE4u0PLbZ+QxysRwOBzRw
IX9jrIXL5aJAKATvFF83m4uBaJQePf0YuV9XF+do8J1IpejVq1f4TjQcAj4jdTRD4fQ6/4+/sZv7
ltIvVIO4nI7wg5XF/0nQ2oTqxLiBJVy73aZEPIkNe3S4T0srqwZAPD1V844cggMu3Wcffx8Pmk0m
NTO1SWdnJ4iTeDxeWt/YomgsrqatiD2S+hJls4t4z0r8ewNLrfhsKomKxVfbu0hiDPr9tLyYRY36
l9u7VOv1yZ9IYSSC0+dDMwarGcLmluB2QeuwDe80ZQZ8FdLPzwzr5XOZNZnNBkeCNxZHGr6V2KTi
exe09Ts5PDTGLOjEAmp966Ga7GizUW5pRU3i1BwBbOZWx3R9YYqG/L/2tW7uA6FfKAZ5urn2d202
WyQSj+PhsCZgNX18tA8zh80i3qw7228oHk8Y+OTy4hyNndMzc5RbWkZE/WBvVx1r4PPBNGPAvrn1
EHlWqfQMpJ7eb7bX6xqZqnpXd51EtCLtQXuopP71uN00k0zQdaFIL7d3UUCVjMUoHAzS+dU1nZxf
0NnlFXrXqmPUgqgzIS1lQwfok1y1zNzSHWYR6sfyxnU4HZh+xZK8L4pULxWhkZg536WZ0rOzqJUh
zZyVpD5Jzb5RMKUTMx5qURJJdEshbein0+WCg6NZN0/Dvb03hyCkXE6HIPale93E4RfGIPFw8Plc
IvYHEmkVddpDOT7ch6cIw+9bDcQy+HM965SZg80plmSMM3rdLtJLmLn6fRHBxPTMLLJS2SSTJRnM
kc/foP0/m1p7O9v06KOniKfwhjAzCG80sy0+MIUlsnOz1Gi14erdPz6h63yB0qkEzaVStJTNqPP+
ag06Pj/HKALSGMvhEMjjcqNzis/npUQ0arif+S/b+2xe7rx5PTb4N7J2qRTulzCqYAvnqNdqAOLB
UAh1Mnq3knFkFwSYneVSEe1+zCPbCjfXRvo7C5K97W1oj8zConFMu92CdiGt37FOLgtT+jzuR2Jf
+vKdN/QB0y+MQZ5urv6JpMiQfvVaFdqhVq0gc/Txk2f06sXn5HK6qE0tbOBCIU+VUgkSn7RoOD+c
4yO1CIpNJ8EuGO5glnIX56eItudvrhEkOz87AVNEohEw09npCcyH+cxtmxw+P0tWfYi+Gawzoz5Y
W4G2yJfK1Gy3qXl8OnRfzBBOwUH+iB8zz3G9PbVnF4P7dCJhHMvaLJtTS2cxjmBm5k4MYrb+9Pnn
4UiEPvr4uaEVaG/y9/WZIIwjwCBOJzQKa9XL8zOjbJc/578PHj8xTFvW8Lye6dk5MKXZLLPWzUSC
gdVqo3WvGeQXgkHWF+f/RtDnfSIrA5qZm4NU39/bRlCQNzhrBZbAmIZkF9BMgaXk1sPHhrRjQHl4
sIc8ou/94EcIcqW0qUflcokuLs6gRVjbNJtNSL3ZuQxtPnhMK6sbYEgG6LyBb0yVc06nC6bL7QLY
hhq/8SZYWsjSx48eam1/hpuzpWZmaWltjZ59/wdDOGZlcWGoEyNpzHh8sG9s8nH1G+OoWhltnoBa
d405emMaUZsJpbiKAnPy5FAVMNnFJVw7a+6zk2O6ODs1Zqro2orN2u3XL9UuKopCR/u7Q+d1WxwB
LpdjevrxPaBvXIN4Pe7Uo7Xsf9fry8jU7RltZGy0ufUID/rk+JASySS0wvd/7UeGWxZSTBPo/PBY
szBw1P/PjJG/vkJ7fh2LxNF4eXyHQQb9gkOAFmLJyKYZUsJNrW10h681q5fxBWsEpkazBZOLf3d9
c9M4pq+ZWYlYFC8r8fnYRFK0zVouFu6ERcReD/eZMtVzmKk2piO9lY4PD2hj6wHt7+7Q4f4uGITN
WAbuvPF7WjUla+Ivfv4zrI85iHo72/GWHJZ0FJ/bc7cOdh8wfeMM8ng1999Lks0/oAFiDowxSKuZ
Zk3CC99sNmhBi4n0tRaXuvpmaaabWUsra5D+fA7GDmwu6KkUDOrfRcg9yi0DOLOm4RfqRxxOo9dU
tVYnv8eL7iZaW2nj+91ejy6ubtC4mpn5o2cfD53f5/fB1TyOOUjrZkhIsxGQbXxxfgaT7y5gnSU8
M781R4rN1Yuzk3d+n81Z1qrBYAhub37xuQYaI/DaiO0WOszf5Xoc42pfiKYPjr8H9I0ySDwc/LW5
ZPw/EgcqMOaNr9dH88be3X6Dh84M4sE88yLAq9m2ZbOIsQdLupOjA2T6MoCcnZmjRrOBeEkkMn5D
jiPelNVq2RhBZm1oUCpXSQ4P0OM3GPCjMQRrq0qtjgg7oZJxntY2NoyxAMa1xuNgkHHzLfUJWNeX
F/jL94pKwneMZ9aJJTpfO0t9/q4+sm3wjnQWNyZNOdUGDeJwfbq1AZ2eBTAtm1cnz/gmddMjqPeA
vjEGEex2ev5g/R9IiupATaXTqN9gtZxdyBleHX7AzACML9bWN4fMGgaF+5rdq4PDx08+Npo4eNwe
YJSzsxPK5aYnlPLvHB3so7iIcQ9LU9ZGLIHNm4wZ9+z8Es0grgtFdG7XKbe0TAu53Ahj6JROz9Dp
8THaDUUspa+JVHqodaeVMa1kniForEe1CrwwrvfVJPL5AxAy07xcOjFzYNx1ODLS4nTkvN7pn99X
+sYYZHN59g99HveD3kD1szdbLfx9+PiJWvhfyANw52+ukYS4vrE19H1z7TkhSGajh4+eDGXropes
ojZM83l9Rq8nK7VbLTrY30UA8fGTZ0b3D13zsP19dXkODNPVOro3m62R85yeHAMQM3ZJaCktZgpH
ItAi5VoNg/nNFE8mcZ1s0jGzN+qTvVc2ux146XBvGBSzWda9Gq0Xdzpd8NKNI76maDxO/qsgtMg0
sjucSJPp1qpqKyK3R83mNWl0Pb1kgpD45vNpvmX0jTCI1+1Ory8s/rFoLKYbBU9Pnz1HJDefv6Gk
aTxY3OQK1fOlzJ4mfhhbDx6PpLIzk+keHGamSqWM86JVjqL675k5+AGvbWyOjDPWifGEmp5y+3xj
EbW1Ddp4yhLiK31JokI+T1eXl/jOYm6J5jLzRp0F08bmFv3kX/8rdG00YxG+bzaLGBxvv341df0Y
qzC+YgZhDNZujTKrTmx6Lq2uoUSXtaGZWAvFNGyWWVhA3GUaCVrXFdIaTpjrWpw+HxredbWU/4B/
NCugJ/aPp/7APaBvhEEer+X+B3mg+Ni44o0kSX3UhoM5rq/UUleTn92htaZhe5zNsKZF0i2vrBmu
UTOxTT4zOw8Tjc0XNluYYQKBIDBPNBozykvfRXyOQlE1e9aXc8bE23Ek9vtggOvLc9rd2QZTJtMp
aA9/IABmPNjbBYZxu1zQmIXrK2QcX12cT419sBAwdx9h0+z06HDkuEAwCCyj51KxRrMySCQWN/Ac
//a7PGYoGR6jA2yscf1qVoOOW4KBUU9hpzfu2/eLvjaDZGeDP5xLxf+D/kBG9Jo3Ktv+bP6wCcPa
4Xs/UBthsO1/fX2JB8cbo9NpQ+qbic2g8BgQXqtWwAyRaBQerDevX+B8LqcLCYjBYAhuWNLqIWDW
NNWpU9ZuIfn8NV3f3FCr1UZyopk5+n0J7UsDPj8i46RFkOfSKbwkWUYDg6uzM3r7+hWEAP8+a8LX
O3tIUYlFI7j3cDQKb9Q0CkUihvDw8LVGomT9BgN13eXL5iE04BjtODM3bOZF4wlEzicRa1q1L3Dd
SJWxO52ovdevqdProRTA2jWf1G7vb6fe3D2gr8UgDMy3cut/XxoMkDfFm35n+40apb08p3KppOb6
aOnsaO3j9SFAqLfuL+ZvhuIS5pQHM9U0acmMwA+PsQWfj9+vmSSpXRCwyVCDXatCEy0sqv5//h5j
ncODPTo7Uxs7p+LDnkqnk5nXRxfX17gPBt+hYNDIE3QIAvKx+AWvWL2OQaCIXksSBvS4XU4Kh0Lk
vb4xNpZCCoKjzGDZ2RlcF+Z/mMw1XhOXxVvEaxrXzFOp30edhxIMjgB6ZjQ9HoS0FKfTaPqg03x2
EX2wzFrF2gYVrYUUtY8WIdjZNVqPWqnd7d37FqRfi0FWsrN/0+dxP+yTAjuaN16r2YStzo/vyUKO
vvj85wbOsJENqSFmMjMHP9BJQT9+6HrTahzr8QKn8MPudjqoKORNYR4swxrn8uIc16WYosJnZ5dG
P6hx/Xl5s2fnZpHde3x+QdsHh7DBfRiJ7DKwEf82Nr3RJNsJhuiJIqoSrcTfW11cgAZdXFpGMM+8
iSOx0cA0M+mLz34OwcFmU7vdVIdsWjY/r3GjXkf3k0L+BudtWDJxk+k0Yjd72+MF/1wmCxNVj0Px
fSlIcx9jfirU6fTEyWDpntBXZhCvxx1/tJb9b3p9mdJz82qThFIReU/xxK3Hh3HGz37yr7Bx2QQz
U6s53FgtEp4c32AG8IxJ6+bNNqllJwPxpeVVuJl3d94ijlAslTHeWadpfbGYIR6srSKSfpXPj930
OnncLoxR8Pt8wFnNVhs1Jl0N+PKGTsbUJEZeH8YL/vzNkOnC7+uagY/vdDrIsi0Xi3D3uuCKVRDf
MLcYZWJm2DExhDW13eF0Yq3YfGXcZF37aDwOBiHNyULabBXWmOZ0G/Qqs9mo1mz9bOJi3CP6ygzy
0Wru70iSzW8TbBi1XCjkIXkZROtkdm2yVrFuxIKlBc6kjU7AAS6ka3wVAt5pt+HSvbwctsnL1aox
qHMSsZYJBpZgHlVrdbUFjraRBd50wQDS4s2/Fw4F8bKS1+uD9mDshVEGpsxiXj+jiV44ghyxWDyB
tBpmlm6nbdRryPLkdqHjyKyZ+ZxmBvEHg7S8ettRVAfmXVGkSCiI2ny1NNeGcQ7+eIqqjda9N6/o
qzJIPBx8OpdK/Cc9uU+LCyvYJAxKZ2fnh/J1qlpnkUAgaKRP69RqtYZcu6SZTZMIkfXjQ0jncW1+
phHjoX5fpJPT85EhT2eX19jc47xmVmJpOinv6i6Unp2DKcobcKAouCdr9xU9sMj3ubSyqjaQ83go
GrfhM2WgIDnTGhUnrTOlzx+Aix3TgP0BI5JuTnkXLJ1UVi0BW32iFZuYjKWcPj+mX7F2U0uQAdD/
5VdahA+MvlI277PNlf9ZGsjwpKRnZuFuZVt5zpRWzqbV9ZUKhOe0+gPjs14PruC7ZrcSIvMziI+c
nb6f673ZaCDt/erqxggKmkns9zFXpPcVtdNdiZkBbXukPjCE3lbV6rHravY//2XMwRvX7fGo8wb9
AWjZ2IQ8tPWth8APC1r+GQuutc0HOIfe91iPsdjsdnSIJ1NKvU61qur0aLXa0CA2bQqWJxg2kkkv
C6U//2ZX6NtJ780gmXTidwM+348kRTE2Pm/A7MKikSvE0k/3ZvHDNZe9ir0eHn44HEGTuFRqxgDW
1jLYoQtF8G8LXqj89WTXpZlqtSq9ffMSGEKPeYyjTreHKkLzuLa7EpwEUwZfGtdSrVA0FsO0LF6D
/gSG1M1IM4ZgjWCeSOsbU8qrOzBYG1xfXlB2cREuXmZK1lpebY157c9OjiDYdMYwF0Xx+uqpLWxS
Klonx269ilZHjD8kWc53euK7h4vcA3rvpg2//uzR/21z2JO+gJqKXizkYc8yGL68OFebJ1xeQJLx
w2GzK6T1gmLNcbC/C2YifQpULIaHz6YAm1jTxgAwePQHgrS/t4tAIZsT1hRsJgyoPDtFy1I2Sw4O
TsYmFJqJP6/UamCSgaJ2QLdOvNWJtU6lVqfLmzwdnJzhvt5ldnm8XioWChQKhdR5JYqaFmIl3ryM
S/h6UjMzqJe5Oj8fSn1vt5ojphkLIj6GmURwCGgYp5BCtUqZFpZW4D5mIXN2cgLmXN3YBLMwTqyW
y1h/XjP+N19XHW2DREokEpiWhVnuXh+6RBYqtX92flP4J1Nv+J7Qe2GQ3Gz633M6HVvBaNTAC+dn
J7S6vgWTqpC/ga3LD2BuPot6cT3FhD9n84jBNrwwJps4Hk/QmduNh2I1x6wUiURp6+Ej2nn7Br+H
CUuIHdjQNM7pcKrAlkFpIU9n51dkU2SknU5nEZXY1Dq7vMKLtCxWQYtOM+N0xmTjVusNerO3j5iK
16MVNWnuX4/HjUGgrBGSqTSw2NH+Hjld7pH6cN6QZs3B68FmlTk2glSaMV4383tsth3s7iBthTV9
uVgA/jnc20VsaGZuHsIpEo0ZdR+6c4CF0PLaBh0cHhnpJd5IFOBc6nYB1quN5hd3WMp7Qe/FIA9W
Fv+2w+1CJ8NEMo2euj5fAP9/+/ol3KmKMoBE1Qv8+5IEU4el+sraBhiqVCpiIIyZFhaXaG93G9m3
weD0YTLMBNFojNwetzqKTKtK1CdMsfR9+eXnVCxVkG/lshOFPQI1xAGJg7uwyS3dxXwiraiqYUp4
ZPMll5kzpuQyJmAGOz89AWPw6+rynLweH1rr0JiZgaVCAfcSNHVjZHNrUnaxTjqzsGnLDMmmq2hK
fdeTPFkT8bnM3sHltXVoMBYUIZeTmvlbc9YVCCJ/K1+qfGdGQd8ZgyzOpX/f4RA25hcWSZJUidzr
daHO37x+Ac/H7Nw8vFOZzALcvk6nC/YsS8mV1XXVsxII0s3N1YjJo0p9P/plTZp4xA/y+OgA5bZL
KyuUSKTQh9fr8xrM0deOqVarhktX1KBN2C2Q3/H1qowFG5HDRuSy28htH5XkrHEW5mbp2cOtoYm5
LDhKhfxQ/tTN5SVmmjN2Y3PHPLaZiYVFQwuQ6sSm1Th3N2snfU11LcTmkz8QAMYza2xdI/Gzevzs
uVqYJQjQMoFgEGZpu91GnyxfPEneaIz8yTTqRgaDQe+7NMTzzhrkwUruv/YE/Kg1cLs9qMlIp2fB
JLNzGXis4HFhUwkPvAMAvmQZk8bfZ1v3cH8XGsVM6+tbCOi9/PIzpK6wZmJJzBuiWq1AAi7mlg3t
4/U58PmnP/8ZTBEGr8woqPE4PSe3jair8WFbGlDAKZDPaSeXYKOGKJN0B2XCLOARtERLRaGw+3bJ
+BzGfUXCqGV3CILaAjW3jPpuK1kLpljb7u/sQAPqFE+mEHjFcKDBgG6uL8kfWEOvL5bu45wUwXAE
zMNmE68/aV3fjw72gfMYpFtrTkJh1Us2l12AQ0WvgIS5NRhQq5g30t8HkjYVy+X9Trh3dboTg2TT
id9zCLatRa1IiTduemZWa82jls6y7cpahJnm9asXMJMmeaXWN7fozauXaCuayy2rTdE0oPn4yTNg
FQb8ZmLJxpLQbJqxhGQcMjeXIX3eCJsgb16/IdegT+S0U7enbuKupJDfoUbNHXYbRT0OEuUB9WSF
ZIVIHihgHBtyzGzEykHQjmWqizI57bdTbNlc62nmWjoRp1w2Y6zD+tYD5FiZB2/qNK4ikLGTuaso
awM9aDoYyHSwu0uf/vQnU5+RwyFQS4uhFLWZKNF4AkzDoPtgdxu4UXee8DoEgiF8znglm1syMoHF
vkguLUdL7ybPjOIJRyh/XdideiH3jO7EIOuL2T8KRdUUBZ1016wOuNlEYM3CG/Tho4+ADz779C/H
no+Pe/TRUzo5PsCIA+RQ+QNGl3U2t37wwx+DgTLZBXjBGPD7TY2vWRJvv1XrLPTRybIs08sXX1Kn
WiGPZkox/hDVLqDU6g8o4Lo1V1wCaxPSGIUo6Jrs1GMGCrgFzPirmbRPKh4zmENwOOAd0hMQmZn5
3i7PziZ2IlFTRhQjQOgLBIYyCux2gdY2t1QtWi4jAt/Xmt912h3D9cDn4bU7PT4yOiWy+bu6vokZ
hWoRm5piI0l9HF+4uQZIZ0FnLhMoFIvoLIm4h2mwKuOmRrv96cRFuof0TgbJpBO/4/W5H2UWFkei
2GweyJIEBsGwyMN9gOfj40MsuNPhgIQfV6OBXk0zc5iOxFKXgWMoFMKGIMRWjsEYameULuzluXk1
EMnXsf32tRpncXuM8x8e7NH58Ql5TTjD7xRI1LRIR1bILSvkFG6xA183K4JpzMHgmrWLPFA1ia4D
omHVrCItTgPXabdjtNEhLb+KXyypi4UCMAivGW/geDKp5oltvwGD8Dn0Li5W4k1vnqvC9/75X/6U
QnBSqPcbicWhVReXV6lZryFizkKNwTqbp/zvgTzA+/u7O7gmh9M51HGfUB5cRQmymWqNBmJJ1Xrz
XvfBstI7GWRjMft3oomE1tKzN8Qg52cnKG7iTd7t9cguimAIfuitRgOgnbEKawRreoheK8Ln3dh6
OPR5MZ/Hw3v00TP8/+ToCKBcp73dbSMdIre8ggZyDGhfv3xNHttgqJeAQwPTujnEGzziFmBGkebx
8Tim9x7QzfaqCXOwhF1bUuM5CGJubsGsnFQ/HjbVuVgTJGVJBlMxJnOPScgcR2osRYGA0LEDX4c+
CdcZTxh4Y3Y+AwdARpsKvPv2NWJXm1sP4RTRg5DdbhdpLYVigXKZ25y6q5s89QaEfmKNdmd6meI9
o6kMMpuI/Vten/spmzms4s2tX5pahxE2Iw4OdikeSwwBcjaP5jJZRGbZFFpaXoWar1Wr6Nreabeh
bXhTmJmDNzoz1YNHH+H/16jrjhrZq6enx0aQjBnP5XSh0rBYKlO32YDGsJLfaaeepkWYfao9mUIu
YUiTTKKuNKCWNBhqURrw+WhzdRmbnK9reW3dCHBas2THkc4crAU6fM2BAMpo34d47UmrjxmXm2bu
FMP/9ni90NT56ytomdzyKsw51lxscrGG4WfDz1qvQ2dz8vD0lERpQDOzs0Ril8T+HRsM3xOayiAP
Vhb/OByNQkoxQ+iqmIHj4f4epN752enI3D3Ssm8ZJ7ANfHx0iJ66SHbzqJ382JTQI+y6REUJ7u42
bWw+hDes1WrCe7Wp1ZCUigWUsJLe81ZjOkmS4dK1KcwMo/fB2iLgtFOzrxpHA00buAUbPFQuYdj1
y3iDwXtHHmYM0jQHMwdvOjadFpaGZyS+q1GCmS4P99GEen5Ckdgk4k1d1/KlguHbNWRsYi240rUC
acVkLHB4rROplOEOZm3P+GYht0yVSgX3Jop92js+RhrOD3/86/Tl55/R2mL23R3r7hlNZJC5RPTH
Xq/719i+R7xD2wT8IPb3diGR5uezANlenx8jB8zEUrHRrNPMzBxGFEwjNpdYuu3uvKXVtU0wEDML
Y5rNrUc4hpnlwFT0tJhbBnNcXV7QwcExeJT3crsvk2+MFmFc0pcVw9RiYibgF7OMrkzkKa7fuXQK
hVSkFReZkzNJ0wh3DUMWLs+pVipQbDbzzsDfyHe1MloWXHoknjd9WythNpcYN2pVurlqqR3bnU4w
kY6RdE2hOwii8TicHHyuV7u7KCp7/OQJBGCv06Fur3/0Xhd6D2hi1Gw9l/0jlrS82CfHR/BgsBbZ
fvMK6Q4svZlp2MyJx+OIypopEolCKr2L+Jw2mx19nBaXlsFYzUaDXr9+QbncCjZAvy8CyOo2NcB7
OAyN8hf/+i+Got0tSYEGGEdBl92IaZiJ33LabROZIxGN0pMHmwZzyH2Rjrbf0NtXL1HBpxMDcPf4
BmtDVL65orzWHdE7phnCNOI10CPuIUsuF695pVQaSj4kMNSNVt7rUCftjqFAMIgYy+XFBd0UimCO
7MIC3PlXV1eoben222/e62LvAY3VIPFw8IfBgP+v2p0OSHW2q/d2trFRQ+EITJ7dnTe0trYJ9R0K
RWBq1es1w2xiDcOSSfXDj0/kY6bTkxRZ+vJ3gSeKedraeoT4CD9Y/m09eqyPSnjxxWdUrdaBPXRy
2W1IJdGBuDVnif8fdAkUNA3z1I+RBgp1TcEIt8uFKsFQMIiqP7HfBxP1mg0aaBK3dHkOYZFbWYG5
xes0rpmCmfLnp1S4UPOfPD4/ajsiY4b8TKJysWCU+I4bDpTNLdHLzz8zmljo2kEvmLIJArW1QCI/
I8ZObGrx53vbb4x56Pz+ujaK7eLslDIzaSpWm1N6yt9PGssgj9eW/itZkSmdnkdaOmFmRBvSJ5ZI
IMjHG1V176qLyZKGJVfIlDfEUml/bwfeKKtkZfW+t/sWplKv14Mbl7/P5txHTz6+nTR1cgTgrhM8
ZM0mtMbJ6XAwMeSyU6OvBv9qokxh1yiT6GR936p1eqKIV62hasat1WXq8xqYKgAxElpR6HBXgpTu
dtojZhfpgcVKmQoXp9Q1JSO6fAGkmdyVFG1+CmmlxuPqabloRvoAAA4GSURBVPj9mfl5eNOYWXRt
MptRYzVer4/KV+cA6vqsEcZ9tVoVQqjRbMGT9vTj52on/VIJzycaDtHLg5P/884Xe09ohEHi4eD3
Q0H/b/tCIeRUkQaO2YTizfnqxecIUs3OzmORI9rA/FRqBpvZTOVyCdLu7ZuXwCF6vlSlUqaTo0Nk
7rIdfXSwj2E5jEWWV269OSwtr01uU5ZyLKmLhTydnl6MRKX5gYZcAjQIM0m5J1PAYSf3O/KveAPb
7TaAdlG+nRjCGsnnYKaT0fpG7rRHviv1unixZvGEwghmlrUEP0kU4aVqMhNYHBn+cIQkzevFWsgc
O5lEbFrpqSrJCV0lCc8ijWm+vmIAx2cXlwxcYhfsYPLjgz1E+g8P9tCjF6aX3Y4akO89/54h0K6u
LpFwKQ3kl9VG6zuHQUYY5MHy4t+SBwP0ndVJHVsmIkqudyGJao2bZ7XZg2wOiaZ2mKVSAQExxioM
sA/39xDZZZXPgDy7sIjNfniwjy7u1iKgTqdD+/u3Gp03/3w2S19+8SldXlyh2s1KujeMmaQjDRA5
r/cHRP0BEgwxwF+TxANFZQQr7kAiomAnr8NmNFQY9G1qcVHfSRJNrwVXpD5daS1zJhELn/TCEr1+
oWaN7++8xZiEaUzCZtD5iYpbBNYSppmPVuLP2Ww92t/DcenZ0TEKlatLajca1O92oAltdju15QGt
rK4adSoYwnN5Sbn5Odo/vfyHU2/qntIQg8TDoUfxSOivDQS7Yd9WqxXYqt1OxyjXFAQHbFxz0Y5N
G8hP2kY9Pz3FnPNJ/XNJ8+Unk8kR5mDzSwXltxoimUrT4f4+1Wt1ur4ZP7+e8YdbA+FehwrI25JC
PXmgpoaMcUfrAN2haRBrg7S+PIBrF8eyVJ0Q5nC43TA52+9w8ybmMhRNzeD+jOsWRXrz8ktk07Kp
anbV8loU83mMPNDXY3lt/Z11+bzJGTNa+4yJmgYaSH3qmGbAYywC2eEo0YkBO69HKBi8+enrvX8w
9QfvKQ0xSG4+/QeSMqCZ9K3EqddqAOIenxf2KMGzpZpVsjxs4ng1gHp9dYGHOa34iVW/orXItNLR
4b4RKSetmQMyhLsdOj45n3jOrjQgtymmgfR6pw2BQmZaWbktmrJr8ZF3ETNd2Kfel10Q1AS+MUVT
gssNE7BZGx8q8AYCNLe0Cs336ssvqC92SXCoOWi6B5BxA8oDnE64flngdE2p/3w/K+sbBi60Ekt8
vYyWr9XjvRU8zABXlxfUndb3N54Ywmanx8fINTu8uP4jeTBm/vR3gAwGEex258JM6j/uyn3kSJHm
ZSJtqCNLJN2lGY3GtNyh4Q0WCIa0ysET1I9PAshMxWIeGsZKhcLNiJuSNzef9+T0glwkU8gtIBpu
zYsVB6o3yjFm4yOL9ytMs+hKCuU0MNwuF5HRarPZqW/CI0gJ5/M7ndSuDbu2vf4AJVhQ2AU62N+D
qdTvdKjXqFMglYZbe3V9A4VUekGT1O8b7YB4o2PTKwoq/fxT3MKVUgn5XaxdMJulWEDg0m63G0FB
eUJXeIfLReFYHKYnoRPMJUmSyEz/8892X30nzSsyM8hsMvZ78mDgYemkS6GC1pWdgVwimTICS8wg
jUZ9SEKR1kxgf28HsZGoBgrZRLMOvLk4P6NkcjSBkXEHA/YhstnUsc43BbL1OkYqSdTDYHxAfYv3
qQEXr4Om8OadiTUS2/PBgB/SnIFsp1LGrHQXA9dej2RRJEEL9KHdp8+P9PVAOEqBaAz3dHpyCu3H
32cwL4s9uFuZmCkWckswm+YXFujq4gIbWzdX2URyOpzoumiezjuO+J5ZA81lsoZws9af9LujGIrx
x8zCIvU05mBts7+3S7lMpvNy/+ivf/2V/HDJYJBsOvX7sjK4bX+pKAh8MQhnCa5X+YVCYUg1ButW
UBmJxsAges3G9dXlyGRU1i68kawpEbwh9nbfjjZXUBRqNVvUrZSMFHYmto0jbgGp6h1JMUppGWs0
+mqu1dchlqQM8rOZGeM68GcwoE65RO5gmJxeL5oY6HSN6kY/kd1JhUoF/X1J23D9dhOaw7h+LSVe
liS1p9jcPDx6ueUV4IBWs4nkQL32n4VVwjRCYizZbIiyw9U8Bm8xQ1vfd3i85A4EKRxLUF7r6nJ4
eECRgJ/yldp/Vm209r/iEt4LAoMIdruQjkd+rzeQMGucYOrkjWZvbD40Gqq/Xk/K0zNJzcTHMchk
id+o15Ct++ChmnTI2oc1EUs0awtSJj7W2i6TkFIv0vX5OXmF8a5avaaDtE2te6WmtRS9CzXEAcXj
MZrRBufYLaC416ih4yAzCWsDu6BqrVZDNgbQqIzRGjLHdDKPPbs8O4XG1fv0qsVMtynozUZdbRP0
jvtRB+v04UwZN/ZAnwVidzphFrqYmW02XGelojIHY87izTVFIrE/2dnb/kfvtWj3kPAkU7HIb8uK
4gwGQyj24c18dnpseKAAPrV+tvGEKsX6fXGk4RjjuEx2EXGON1q5KWsQln4vvvgU5oS5xaVO1UoZ
Wb9WEsU+HRweU1uUDdt46s3YbPBI8eurMgczVr0nUzKVotz8rPYeUa816r5SBjKYpFevUadSona5
ZGhAsd2idqkwljl4U5o7qvN3dt++GVtrzpr6cG8XXsXuuHOZSNfWjDusYyWYXP4Aast90Ti8bnzt
rWIeTFyt1dTg7c5bmkml//xnr7b/8C7rdd8JGiQdj37C5pXuUWJp7g8EDVcim1I3N1dw7+pdxcfZ
w71uD/EQ1hq84VmS8V9+jwFsIpEacemKYg9mmZXQEf703OjCXn9HZHwa9aSByjzvSG/vyQMSFTst
LS0h94g3d6dVBoe8q68WwZPlgqbp1qoIHk4iNmms98HrsP3qJYqudNOVtcDh3g46ILL59q6UeEnS
25YOqDlm5BtrNmi0bocUU1qN4HSS2Jfocm+XUonEl3/+8xd/7Z03+x0hMMhsIvbvK6QAXDP4ZonP
wFEnRRlA5TtNsyxY2pn7OrHE0ruC66aWTgxQr64uxs7+ONjbNcC/ma6u8tRu39rs/QFRpSdT0Hm3
Og6dWPN0ZcYoA5RRuQU13mFOce9IA2r3BxQKBemhNp4AVX92uzFY5l3ExzIuYaaaxhxovuYd7YxI
GpO8efklPIYOp4uq5ZLqHBgMhuITk0j3fMEkMwkwNqHYJJQndHNUBIGkvkgeh3Dwky/f/qY8GLxf
Z+x7TA6v25VwOIXcwG5DvOPFl5/hg2DgtjeVoqWSNOp1PITj40M1T6dcxPukdcIwz+Yw08X5GSLq
Vqmpd2K0UqvVpsKYUQOML6qiDHctA3aX3fbOWAZrjrBb1YTIt9KaMRi/1ZepN7BRbiFLsVAQXiu5
34eEvUvqutmeZybpjvESkcZArkBwCNRPIr03rk6suQPv6BXGGq6QV4uorBN1RXjOJrh3PV44DLqd
9ulPXm7/VqcnTp4X9x0kezoe/S02r0LBMAJ0i4uqpNI3MzNFIBCCB6XVbtKnP/8pgPbK6roRxBJ7
vYkmSLPZgASzunpbrebYRtR8nrPz6WOPJYVQ/MRmF2/wSentVmJm0pkDWEOUyekLIJU9EYtSv6Pa
7bLYA56iKb2CCYMu/bDnYTJp9r8iDWtDweUmdyiM/lJ3YY5x9K65i6ztWBN3xuAO1oCTNJrd4SA3
M56iNL7YPvidTk+8+EoXeI/JEYuEnivoZ1tFxWBUc/OWyyWYUefnp/RY8zqtrKxjZIFeWssag7WD
Ds6txKbBydEhrVsKpvj9/d3xc7wLhdLQrPJppGgpJePm502j/kChzsBGmUzW6KnbQ4qIlvre60Ir
TCt/stkFgF4rOX0+MAtLZeEOIxXuQowJGV+wCWxuAMfCp16twk08GGOm0oS4B2mj19gkZEH4cu/o
D0q1+vQEsu8oOaKhwO+63R7UgLtcLiQkMlZoNRowF2ZMWIKlvrnuPJ5I0uef/gz1IOPAM2skPFTL
RuEHPs4UYUwzKc9qHLHJVdHry++SNiIPEBn3hUL0SGvyRlrWLYNXxgZsigwkSRuRPAVoB0eBNmme
om+aePOfnRzjBeLfvYPTgEyuXdLMPIfbg/u0a9hRkuX88eXN//ONX/Q9IYfb7VpNJJJG2SeDbT0F
hCW9eQrUuAKk2bmMMZZZB+msUY4PDwAWVyxu3Wq1Mtaly3R9XbiTt8hMbF1VezI57YQ8LKfW9I00
BpIGCjSGKCvwyuUWMhSP3pp7rC26ev6UzUadmhoPkMTRoJpOgtuNjfYro/dYI1VLENkQpxll6HK9
8qff8NXdK3IopAx5nMw1Fq1mc2h01zjXLpthaxtbdHpyjH8Ldjs8YbIs08rqcGtR/v44ly5pAcHS
V5jPYZwbWe2TMUMkFKKVxexQN3W+V9EU3+ibbHhlgsliEwQMk/lQ6F1mXrnaGf9A/g2BHMi90rQH
b3AzQ3Q67dv0BkUZGStMmgvX7XZjGI7a9LhFvloA9SCJZHLo2MODvbGjw5hu3sO0eh9ihs1lM2Pn
d9jtdvLFEjCrWJPIUl8tHLJIaLvggEkiuFzw+nydCP23jRrt9ue/6mv4NpPtd3/zN/6l1kd30Gq1
KBwOD+w2eGTkeqNGXq9PtpFN4c9FUVTcbvfAbrfLNpttYLPZB5eX50oqmZYURVFsNurDO1RriAwq
bYJDlDSprvZeGj8llr9zcXm3qVHvQwze52bSEwfh/BIJtVl6rZb2nq6iJMv/zX8V03du/9rUz2za
uRRF/Y7NZsO5BgMF/2+2O7L8jiz1y0Lp/xX7UvEbv+N7Qv9/AAAA//91ufCt8ZErNAAAAABJRU5E
rkJggg==
"
id="image128" />
</g>
</svg>

After

Width:  |  Height:  |  Size: 49 KiB

Some files were not shown because too many files have changed in this diff Show More