From 73cf5a390ddecd818ba8d772d071ba590cd0f5cb Mon Sep 17 00:00:00 2001 From: Sergiy Kulanov Date: Wed, 13 Dec 2023 15:41:45 +0200 Subject: [PATCH] operator [N] [CI] nexus-operator (3.0.0) --- .../3.0.0/manifests/edp.epam.com_nexuses.yaml | 74 + .../edp.epam.com_nexusrepositories.yaml | 4391 +++++++++++++++++ .../manifests/edp.epam.com_nexusroles.yaml | 100 + .../manifests/edp.epam.com_nexususers.yaml | 123 + .../nexus-operator.clusterserviceversion.yaml | 443 ++ .../3.0.0/metadata/annotations.yaml | 14 + .../3.0.0/tests/scorecard/config.yaml | 70 + operators/nexus-operator/ci.yaml | 9 + 8 files changed, 5224 insertions(+) create mode 100644 operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexuses.yaml create mode 100644 operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexusrepositories.yaml create mode 100644 operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexusroles.yaml create mode 100644 operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexususers.yaml create mode 100644 operators/nexus-operator/3.0.0/manifests/nexus-operator.clusterserviceversion.yaml create mode 100644 operators/nexus-operator/3.0.0/metadata/annotations.yaml create mode 100644 operators/nexus-operator/3.0.0/tests/scorecard/config.yaml create mode 100644 operators/nexus-operator/ci.yaml diff --git a/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexuses.yaml b/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexuses.yaml new file mode 100644 index 00000000000..35b54d80cfb --- /dev/null +++ b/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexuses.yaml @@ -0,0 +1,74 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + name: nexuses.edp.epam.com +spec: + group: edp.epam.com + names: + kind: Nexus + listKind: NexusList + plural: nexuses + singular: nexus + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Is connected to nexus + jsonPath: .status.connected + name: Connected + type: boolean + name: v1alpha1 + schema: + openAPIV3Schema: + description: Nexus is the Schema for the nexus API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NexusSpec defines the desired state of Nexus. + properties: + secret: + description: Secret is the name of the k8s object Secret related to + nexus. Secret should contain a user field with a nexus username + and a password field with a nexus password. + type: string + url: + description: Url is the url of nexus instance. + type: string + required: + - secret + - url + type: object + status: + description: NexusStatus defines the observed state of Nexus. + properties: + connected: + description: Connected shows if operator is connected to nexus. + type: boolean + error: + description: Error represents error message if something went wrong. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexusrepositories.yaml b/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexusrepositories.yaml new file mode 100644 index 00000000000..f171724487e --- /dev/null +++ b/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexusrepositories.yaml @@ -0,0 +1,4391 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + name: nexusrepositories.edp.epam.com +spec: + group: edp.epam.com + names: + kind: NexusRepository + listKind: NexusRepositoryList + plural: nexusrepositories + singular: nexusrepository + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: NexusRepository is the Schema for the nexusrepositories API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NexusRepositorySpec defines the desired state of NexusRepository. + properties: + apt: + properties: + hosted: + properties: + apt: + description: Apt contains data of hosted repositories of format + Apt. + properties: + distribution: + description: Distribution to fetch + type: string + required: + - distribution + type: object + aptSigning: + description: AptSigning contains signing data of hosted repositores + of format Apt. + properties: + keypair: + description: PGP signing key pair (armored private key + e.g. gpg --export-secret-key --armor) + type: string + passphrase: + description: Passphrase to access PGP signing key + type: string + required: + - keypair + type: object + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - apt + - aptSigning + - name + type: object + proxy: + properties: + apt: + description: Apt configuration. + properties: + distribution: + description: Distribution to fetch. + type: string + flat: + default: false + description: Whether this repository is flat. + type: boolean + required: + - distribution + type: object + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - apt + - name + - proxy + type: object + type: object + bower: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + bower: + properties: + rewritePackageUrls: + description: Whether to force Bower to retrieve packages + through this proxy repository + type: boolean + required: + - rewritePackageUrls + type: object + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - bower + - name + - proxy + type: object + type: object + cocoapods: + properties: + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + conan: + properties: + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + conda: + properties: + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + docker: + properties: + group: + properties: + docker: + description: Docker contains data of a Docker Repositoriy. + properties: + forceBasicAuth: + description: Whether to force authentication (Docker Bearer + Token Realm required if false) + type: boolean + httpPort: + description: Create an HTTP connector at specified port + type: integer + httpsPort: + description: Create an HTTPS connector at specified port + type: integer + v1Enabled: + description: Whether to allow clients to use the V1 API + to interact with this repository + type: boolean + required: + - forceBasicAuth + - v1Enabled + type: object + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + writableMember: + description: 'Pro-only: This field is for the Group Deployment + feature available in NXRM Pro.' + type: string + required: + - memberNames + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - docker + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + docker: + description: Docker contains data of a Docker Repositoriy. + properties: + forceBasicAuth: + description: Whether to force authentication (Docker Bearer + Token Realm required if false) + type: boolean + httpPort: + description: Create an HTTP connector at specified port + type: integer + httpsPort: + description: Create an HTTPS connector at specified port + type: integer + v1Enabled: + description: Whether to allow clients to use the V1 API + to interact with this repository + type: boolean + required: + - forceBasicAuth + - v1Enabled + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - docker + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + docker: + description: Docker contains data of a Docker Repositoriy. + properties: + forceBasicAuth: + description: Whether to force authentication (Docker Bearer + Token Realm required if false) + type: boolean + httpPort: + description: Create an HTTP connector at specified port + type: integer + httpsPort: + description: Create an HTTPS connector at specified port + type: integer + v1Enabled: + description: Whether to allow clients to use the V1 API + to interact with this repository + type: boolean + required: + - forceBasicAuth + - v1Enabled + type: object + dockerProxy: + description: DockerProxy contains data of a Docker Proxy Repository. + properties: + indexType: + default: REGISTRY + description: Type of Docker Index. + enum: + - HUB + - REGISTRY + - CUSTOM + type: string + indexUrl: + description: 'Url of Docker Index to use. TODO: add cel + validation. (Required if indexType is CUSTOM)' + type: string + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - docker + - dockerProxy + - name + - proxy + type: object + type: object + gitLfs: + properties: + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + type: object + go: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + helm: + properties: + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + maven: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + maven: + description: Maven contains additional data of maven repository. + properties: + contentDisposition: + default: INLINE + description: Add Content-Disposition header as 'Attachment' + to disable some content from being inline in a browser. + enum: + - INLINE + - ATTACHMENT + type: string + layoutPolicy: + default: STRICT + description: Validate that all paths are maven artifact + or metadata paths. + enum: + - STRICT + - PERMISSIVE + type: string + versionPolicy: + default: RELEASE + description: VersionPolicy is a type of artifact that + this repository stores. + enum: + - RELEASE + - SNAPSHOT + - MIXED + type: string + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - maven + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthenticationWithPreemptive contains + HTTP client authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + type: string + preemptive: + description: Whether to use pre-emptive authentication. + Use with caution. Defaults to false. + type: boolean + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Whether to block outbound connections on + the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + maven: + default: + contentDisposition: INLINE + layoutPolicy: STRICT + versionPolicy: RELEASE + description: Maven contains additional data of maven repository. + properties: + contentDisposition: + default: INLINE + description: Add Content-Disposition header as 'Attachment' + to disable some content from being inline in a browser. + enum: + - INLINE + - ATTACHMENT + type: string + layoutPolicy: + default: STRICT + description: Validate that all paths are maven artifact + or metadata paths. + enum: + - STRICT + - PERMISSIVE + type: string + versionPolicy: + default: RELEASE + description: VersionPolicy is a type of artifact that + this repository stores. + enum: + - RELEASE + - SNAPSHOT + - MIXED + type: string + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + nexusRef: + description: NexusRef is a reference to Nexus custom resource. + properties: + kind: + default: Nexus + description: Kind specifies the kind of the Nexus resource. + type: string + name: + description: Name specifies the name of the Nexus resource. + type: string + required: + - name + type: object + npm: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + npm: + properties: + removeNonCataloged: + description: Remove Non-Cataloged Versions + type: boolean + removeQuarantined: + description: Remove Quarantined Versions + type: boolean + required: + - removeNonCataloged + - removeQuarantined + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + nuget: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + nugetProxy: + description: NugetProxy contains data specific to proxy repositories + of format Nuget. + properties: + nugetVersion: + default: V3 + description: NugetVersion is the used Nuget protocol version. + enum: + - V2 + - V3 + type: string + queryCacheItemMaxAge: + default: 3600 + description: How long to cache query results from the + proxied repository (in seconds) + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - nugetProxy + - proxy + type: object + type: object + p2: + properties: + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + pypi: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + r: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + raw: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + raw: + properties: + contentDisposition: + description: 'TODO: check default value' + enum: + - INLINE + - ATTACHMENT + type: string + type: object + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + raw: + properties: + contentDisposition: + description: 'TODO: check default value' + enum: + - INLINE + - ATTACHMENT + type: string + type: object + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + raw: + properties: + contentDisposition: + description: 'TODO: check default value' + enum: + - INLINE + - ATTACHMENT + type: string + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + rubyGems: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + yum: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + yumSigning: + properties: + keypair: + description: PGP signing key pair (armored private key + e.g. gpg --export-secret-key --armor) + type: string + passphrase: + description: Passphrase to access PGP signing key + type: string + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + yum: + description: Yum contains data of hosted repositories of format + Yum. + properties: + deployPolicy: + description: 'TODO: check default value' + enum: + - PERMISSIVE + - STRICT + type: string + repodataDepth: + type: integer + required: + - repodataDepth + type: object + required: + - name + - yum + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + yumSigning: + properties: + keypair: + description: PGP signing key pair (armored private key + e.g. gpg --export-secret-key --armor) + type: string + passphrase: + description: Passphrase to access PGP signing key + type: string + type: object + required: + - name + - proxy + type: object + type: object + required: + - nexusRef + type: object + status: + description: NexusRepositoryStatus defines the observed state of NexusRepository. + properties: + error: + description: Error is an error message if something went wrong. + type: string + value: + description: Value is a status of the repository. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexusroles.yaml b/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexusroles.yaml new file mode 100644 index 00000000000..41c0831aecc --- /dev/null +++ b/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexusroles.yaml @@ -0,0 +1,100 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + name: nexusroles.edp.epam.com +spec: + group: edp.epam.com + names: + kind: NexusRole + listKind: NexusRoleList + plural: nexusroles + singular: nexusrole + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: NexusRole is the Schema for the nexusroles API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NexusRoleSpec defines the desired state of NexusRole. + properties: + description: + description: Description of nexus role. + example: Administrator role + type: string + id: + description: ID is the id of the role. ID should be unique across + all roles. + example: nx-admin + maxLength: 512 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + name: + description: Name is the name of the role. + example: nx-admin + type: string + nexusRef: + description: NexusRef is a reference to Nexus custom resource. + properties: + kind: + default: Nexus + description: Kind specifies the kind of the Nexus resource. + type: string + name: + description: Name specifies the name of the Nexus resource. + type: string + required: + - name + type: object + privileges: + description: Privileges is a list of privileges assigned to role. + example: + - nx-all + items: + type: string + nullable: true + type: array + required: + - id + - name + - nexusRef + type: object + status: + description: NexusRoleStatus defines the observed state of NexusRole. + properties: + error: + description: Error is an error message if something went wrong. + type: string + value: + description: Value is a status of the role. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexususers.yaml b/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexususers.yaml new file mode 100644 index 00000000000..6767d452cd7 --- /dev/null +++ b/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexususers.yaml @@ -0,0 +1,123 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + name: nexususers.edp.epam.com +spec: + group: edp.epam.com + names: + kind: NexusUser + listKind: NexusUserList + plural: nexususers + singular: nexususer + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: NexusUser is the Schema for the nexususers API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NexusUserSpec defines the desired state of NexusUser. + properties: + email: + description: Email is the email address of the user. + example: john.doe@example + maxLength: 254 + type: string + firstName: + description: FirstName of the user. + example: John + type: string + id: + description: ID is the username of the user. ID should be unique across + all users. + example: new-user + maxLength: 512 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + lastName: + description: LastName of the user. + example: Doe + type: string + nexusRef: + description: NexusRef is a reference to Nexus custom resource. + properties: + kind: + default: Nexus + description: Kind specifies the kind of the Nexus resource. + type: string + name: + description: Name specifies the name of the Nexus resource. + type: string + required: + - name + type: object + roles: + description: Roles is a list of roles assigned to user. + example: + - nx-admin + items: + type: string + minItems: 1 + type: array + secret: + description: 'Secret is the reference of the k8s object Secret for + the user password. Format: $secret-name:secret-key. Updating user + password is not supported.' + example: $nexus-user-secret:password-filed + type: string + status: + default: active + description: Status is a status of the user. + enum: + - active + - disabled + example: active + type: string + required: + - email + - firstName + - id + - lastName + - nexusRef + - roles + - secret + type: object + status: + description: NexusUserStatus defines the observed state of NexusUser. + properties: + error: + description: Error is an error message if something went wrong. + type: string + value: + description: Value is a status of the user. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/nexus-operator/3.0.0/manifests/nexus-operator.clusterserviceversion.yaml b/operators/nexus-operator/3.0.0/manifests/nexus-operator.clusterserviceversion.yaml new file mode 100644 index 00000000000..92b10568b83 --- /dev/null +++ b/operators/nexus-operator/3.0.0/manifests/nexus-operator.clusterserviceversion.yaml @@ -0,0 +1,443 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "edp.epam.com/v1alpha1", + "kind": "Nexus", + "metadata": { + "labels": { + "app.kubernetes.io/created-by": "nexus-operator", + "app.kubernetes.io/instance": "nexus-sample", + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "nexus", + "app.kubernetes.io/part-of": "nexus-operator" + }, + "name": "nexus-sample" + }, + "spec": { + "secret": "nexus-secret", + "url": "https://nexus-example.com" + } + }, + { + "apiVersion": "edp.epam.com/v1alpha1", + "kind": "NexusRepository", + "metadata": { + "labels": { + "app.kubernetes.io/created-by": "nexus-operator", + "app.kubernetes.io/instance": "nexusrepository-sample", + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "nexusrepository", + "app.kubernetes.io/part-of": "nexus-operator" + }, + "name": "nexusrepository-sample" + }, + "spec": { + "go": { + "proxy": { + "cleanup": { + "policyNames": [ + "cleanup-policy" + ] + }, + "httpClient": { + "autoBlock": true, + "blocked": true, + "connection": { + "retries": 1440, + "timeout": 1440, + "userAgentSuffix": "user-agent-suffix" + } + }, + "name": "go-proxy", + "negativeCache": { + "enabled": true, + "timeToLive": 1440 + }, + "online": true, + "proxy": { + "contentMaxAge": 1440, + "metadataMaxAge": 1440, + "remoteUrl": "https://test.com" + }, + "routingRule": "routing-rule", + "storage": { + "blobStoreName": "blob-store-name", + "strictContentTypeValidation": true + } + } + }, + "nexusRef": { + "name": "nexus-sample" + } + } + }, + { + "apiVersion": "edp.epam.com/v1alpha1", + "kind": "NexusRole", + "metadata": { + "labels": { + "app.kubernetes.io/created-by": "nexus-operator", + "app.kubernetes.io/instance": "nexusrole-sample", + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "nexusrole", + "app.kubernetes.io/part-of": "nexus-operator" + }, + "name": "nexusrole-sample" + }, + "spec": { + "description": "test-role", + "id": "test-role", + "name": "test-role", + "nexusRef": { + "kind": "Nexus", + "name": "nexus-sample" + }, + "privileges": [ + "nx-blobstores-all" + ] + } + }, + { + "apiVersion": "edp.epam.com/v1alpha1", + "kind": "NexusUser", + "metadata": { + "labels": { + "app.kubernetes.io/created-by": "nexus-operator", + "app.kubernetes.io/instance": "nexususer-sample", + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "nexususer", + "app.kubernetes.io/part-of": "nexus-operator" + }, + "name": "nexususer-sample" + }, + "spec": { + "email": "test@gmail.com", + "firstName": "John1", + "id": "test-user", + "lastName": "Doe", + "nexusRef": { + "kind": "Nexus", + "name": "nexus-sample" + }, + "roles": [ + "nx-admin" + ], + "secret": "$user-secret:password" + } + } + ] + capabilities: Deep Insights + categories: Developer Tools + containerImage: docker.io/epamedp/nexus-operator:3.0.0 + createdAt: "2023-12-11T12:54:50Z" + description: An Operator for managing Nexus entities. + operators.operatorframework.io/builder: operator-sdk-v1.32.0 + operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 + repository: https://github.com/epam/edp-nexus-operator + name: nexus-operator.v3.0.0 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: Nexus is the Schema for the nexus API. + displayName: Nexus + kind: Nexus + name: nexuses.edp.epam.com + version: v1alpha1 + - description: NexusRepository is the Schema for the nexusrepositories API. + displayName: Nexus Repository + kind: NexusRepository + name: nexusrepositories.edp.epam.com + version: v1alpha1 + - description: NexusRole is the Schema for the nexusroles API. + displayName: Nexus Role + kind: NexusRole + name: nexusroles.edp.epam.com + version: v1alpha1 + - description: NexusUser is the Schema for the nexususers API. + displayName: Nexus User + kind: NexusUser + name: nexususers.edp.epam.com + version: v1alpha1 + description: | + Nexus Operator is an operator that is responsible for establishing + a connection to provided NexusRepository Server, reconciling Nexus entities (groups, + users, repositories, etc) according to the created CRs. + + ## Quick Start + + 1. Create a User in the Nexus Repository. + + 2. Insert newly created user credentials into Kubernetes secret: + + ```yaml + apiVersion: v1 + kind: Secret + metadata: + name: nexus-secret + type: Opaque + data: + username: dXNlcg== # base64-encoded value of "user" + password: cGFzcw== # base64-encoded value of "pass" + ``` + + 3. Create Custom Resource `kind: Nexus` with Nexus instance URL and secret created on the previous step: + + ```yaml + apiVersion: v1.edp.epam.com/v1alpha1 + kind: Nexus + metadata: + name: nexus-sample + spec: + secret: nexus-secret # Secret name + url: https://nexus.example.com # Nexus URL + ``` + + Wait for the `.status` field with `status.connected: true` + displayName: EDP Nexus Operator + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAABAAAAAQACAYAAAB/HSuDAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAoaJJREFUeNrs3Q+QXfV9GPpzM9iTKfJonWmN8mKXtS0iu/OiXcfEjG0q1vNiTJNIyEEi7UwESwjzXosk5ADB6RN/jNQ2LRBhpLZ5VV2B6XtpDR7Map5DVTqAQtPC4KBV37xWgQSpdRrszsSrifymY8903/2evdcIkGTt7vece869n8/M6YJTjq7O2Xvv+X5/3+/3VxQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALBoHZcAAEbL/Pz8ZPfHWPkg0Ok864oAgAQAANCeoH6q+2O8d1zc+xl+EOwvwpHuMdc7Zns/43873ul0jrvaACABAABUH+iP9YL6CPgnev88XuNL6CcD4ngufkoKAIAEAACQE/Rv7P64ohf0TzbwJUYC4NleQuBZCQEAkAAAAM4v4I9V/gj6r+79bJuoDnike3xNMgAAJAAAgLcH/tMtDvolAwBAAgAAOEfQHyX9t/SC/rEh/+t+LZIBnU7na+48AEgAAMCoBP4be4H/1Aj+9Y8XC1UBD3Y6nTm/DQAgAQAAwxj4T3d/3F3UO7m/qSL4f7h7fFF7AABIAACAwH80RCLgcyoCAEACAADaGvhHqf8egf95ieD/i4XWAACQAACAFgX+k73Af8rVWFIiIKoBHnYpACDPj7gEAJAa+I91jwj8Xxb8L1nshnCgex2f6SVSAIAEKgAAIC/4j3L/A8Xwb+dXty8U2gIAQAIAABoQ+I/1Av+NrkZljnePz3Y6nSMuBQAsjRYAAFhe8D/V/fGa4L9y493j5e71vselAIClUQEAAEsP/iMYvduVqN2zxUI1gJYAAJAAAIBKA/8o+X+iMORvkOZ6SYBnXQoAkAAAgCqC/8le8D/e1r/D7NGjxdzcwuL5FevWtf2WxHaBD/rNBAAJAADIDP6nuz9ii79GTvk/ceJEcbx7HD58uJg7ebKYnZ0t//fnuv9+vi6++OJivHusHBsrJteuLf99YmKimOj+c4M93Ol0bvAbCgASAACQFfwfaNJrisA+gv34efqqflUiERAVA3Gs6x5jK1c26XI8W5gLAAASAACwzOA/Av/pQb+OWNWfmZkpnjx4sPw5aJEQuHr9+mLDhg1NqRCILQI/JQkAABIAANC64L9pQf/ZRKvA9Vu2FNd1j/hnSQAAkAAAAMH/eYh+/nt37y5muoF/1aX92aJF4LpeMmBA5npJgCN+iwFAAgAAGhn8Rz//rm7gv5jBfU0VlQB37dxZtggMYF5AJAHerxIAACQAAKBRwf8wBf5vNTY2VmzfurW4c+fOuv9o7QAAIAEAAM0I/mN6/6233TaUgf9b9SsCam4NkAQAAAkAAHhb8B+Bfy1b/cVwv1jxf2jv3pG7zjEj4IH7769z54AjnU7nI37DAZAAAAAi+N/Y/fFEHX9WDPa78aabWjfcL9v2bdvKtoCa5gM83Ol0bvCbDoAEAACMdvA/2f3xTPcYq/LPiVX/CPybvJ1f3aIt4Ev795dVATX4QqfTucdVB0ACAABGM/iPoP/l7jFe5Z8TPf6brr125Ff9zyZmA9Q0JPCznU7na644ABIAADB6CYBY+Z+q8s+IXv97uwfnFlUAjz/2WNUtAZGB+Uin0znuigMgAQAAoxP839P9cXdlkaaS/0WLLQOfPnSo6gGBhgICMJJ+xCUAYESD/6kqg/8TJ04UP3vllYL/RYoWibhuX3700Sr/mMnu/d/jagMwalQAADCKwX+lff+zR4+WQax+/+WJ4YDXbdlS5R/xqU6n86wrDcCoUAEAwCi6W/DffNE+EUeFnuglgwBgJKgAAGCk9Er/nxn24P/CVT9eHu+Z/Ony3/s/46v/HStWFGOrf7L4/qlTxXdefeUH/813X//T8ph79Q+7P/9r+bMJogogqgEq8mCn0/mcdwYAEgAAMHwJgNeKClb/Bx38v3v1Jd0g/yNloB/HO1a86yxf+Qs/58/5v7/xv/23I98ovvPqsfLnnzz/7LAmAWJXgCPeHQBIAADA8AT/090fB4Yl+I+g/wNX/Vzx3sv/arnaH/7HWwL65SYATve9U6fKJMB/7R5/8vwztd+/B+6/v9i+dWsVp3620+l8yjsEAAkAABieBED66n9M+7/0sstqDf4j6F+zaXOZAHjrV3mVCYD49/7//fun/rw4/tRM8crj/1fZLlCXCgcDGggIgAQAAAxJ8D9dJK/+z508Wa78z87OVv7637liRTfov7Y84p/P9lVeVwLgdMefOlj8vw//dm2JgJdefLGYWLs2+7SqAACQAACAIUkApK/+X3PttcXMzEzlr/1DmzYXPzX9K+XwvrMH9oNLAMz3/v3EUzO1JALGxsaKl154obj44ouzT/3+Tqdz3LsFAAkAAGhv8D9dJK/+79q9u7i3e1TposmPFB///G8UF65a9YMgu8kJgPjfv3fqz4tXHv8/i//48D+u9NpMTEyUSYBkD3c6nRu8YwCQAACA9iYAUlf/nzt8uCz9r0qU+P/U9A3lyv+ZguwmJwAWXkNRnHz1WPHSb95Z/qzK9m3bigfuuy/7tKoAAJAAAICWBv/TReLqf/T9X/qxj5XD/6rw7tWry1X/hQF/RWsTAOH7p06VlQCvPv7PK7u/X33ssWLD+vWZp1QFAIAEAAC0NAGQuvpfZd//B666qvjo1m29IX+d1icAih/MBniyOLrvH5Q7B2SLeQCvHDtWjK1cmXlaVQAADKUfcQkAGOLgf7pILv2vKvj/6M1bi4/f8fm3TPgfDhdfdXWx7sF/VrxjxbvSzx3bL956223Zp73buweAYaQCAIBhTgA80/0xlXW+6PuPJEC2CPxj9X/hm/nMq+9trgDoW5gLsLOSuQCvHjuWvSuAKgAAho4KAACGNfifygz+I/CvPPgfcitXrykrAeJntgp2ZFAFAMDQUQEAwLAmABq/+v+JO+7oBv9/7bTV+GKoKwD6YhbA4R2/kl4JoAoAAM5NBQAAwxj8TxUNX/1fCP6vGsn7E7MALv387vSZAF9+9NHsl6oKAIChogIAgGFMADR69f9Dm64pLr355t7XcGfkKgD6ogIgKgGydgewIwAAnJsKAACGLfifKhq8+v++yz/ZC/6JWQBrt/562vliR4C9e/dmv0xVAAAMDRUAAAxbAqCxq/8rVq0qfm7/Pzltq7/RrgDo+8Zv3lmceOrJlGusCgAAzk4FAADDFPxPZQb/s0ePpq7+f/yOO04L/umLKoCsnQFUAQCABAAAoyE1UHsoMZD84FWfKS6anHCHziCGAU5svSPvvu3bV8ydPJn5Eqfn5+fH3SkAJAAAoAGyV/9PnDiROlV+7fXXu0nn8BcnL1UFAAASAABQf4B27+7daeeK1f8LV13kDv0Qqzf9ctq5VAEAgAQAAEOo+av/17lJ5+Hiq64u/sKq/ynlXKoAAEACAIDh1PDV/1Xu0Hn68PTfTDuXKgAAkAAAYIhY/R8uqgAAQAIAAGoJyDJX/993+Sf1/i+BKgAAkAAAgDdp+ur/h675RTdpCVpQBXCLuwSABAAA1Kuxq/8XTU6UB0vTgiqAMXcJAAkAAKhB01f/J/T+L0vDqwAi+N/hLgHQNh2XAICWJgCeyUwA3HjTTakJgDOv/i/2a3fxX9PzFf4Z84t+Tct7zPju639S/H+v/9eciH1srHjl2LFibOXKrFs81z3e3+l05rwbAZAAAIDqgv8I/J/JOl+s/q9es8aFHXJ37dxZ3Nk9En2h0+nc48oCIAEAANUlABq9+k8zqQIAYNSZAQBA24L/8aLBvf80l1kAAEgAAEC7NHbyP81XwY4At9gRAAAJAABI1lv9n846n9X/0aMKAAAJAABoB6v/LNsj+UkfVQAASAAAQBar/zT43qsCAEACAAASWf2nyfdfFQAAEgAAsFxW/8mmCgAACQAAaCar/6RTBQCABAAANEj26n9sAWf1n6AKAAAJAABoltTV/+Qt4Gg5VQAASAAAQANUsfr/0L59Liw/oAoAAAkAAGiG9NX/ubk5V5U3UQUAgAQAAAyQ1X/qogoAAAkAABgsq//URhUAAKOg4xIA0DS91f/Xss4Xq/+XrFmTlgDYvm1bMbZypRvVAFHVkXVfv7R/f3Hdli2ZL+8LnU7nHncJAAkAADh7AuBAkVj+v2v37rQV3osvvrh49dgxN6khGn5vIzPx/k6no/QEgEbQAgBA04L/8aLBvf937dzpJjXItqjGGMuptK9oFsBGdwkACQAAOLPG9v7HCnFyiTjLjbBXriy2b92adr4KZgHc7S4BIAEAAG9h9Z+laHgVwHj393raXQJAAgAA3szqP4umCgAAJAAAaBGr/yyHKgAAkAAAoD1uyTyZ1f/RogoAACQAAGiB+fn5WLqdzjqf1f/RpAoAACQAAGi+HcXClmkprP6PJlUAAHBuHZcAgEHqrf6/lpUAiNX/S9asSUsAfGn/fgmAFsm+/08fOlRcsW5d5ku8odPpPOxOATAIKgAAGDSr/6TJrgLYpQoAgCGiAgCAgbH6TxVUAQDAmakAAGCQrP6TThUAAJyZCgAABsLqP1VSBQAAb6cCAIBBSV39jy3brP7TpwoAAN5OBQAAtcte/Q+r16wp927PYPV/OEQVwF+66KK086kCAKDtVAAAMAjpq/9Zwb/V/+ERVQCZ91IVAABtpwIAgFpZ/adO8XsRvx9ZVAEA0GYqAACom9V/apN9T1UBANBmKgAAqI3VfwZBFQAALFABAECdrP5TO1UAACABAECNeqv/t2Se897EQGz7tm1u0hC7a+fOtHM9d/hweSQa774/pt0lACQAABgWjV39Hxsbs/o/5FpQBXCLuwSABAAArdf41f+tW8st4xhuDa8CmOy+T6bcJQAkAABou0av/m9T/j8SzAIAQAIAACpk9Z8maXgVwJQqAAAkAABoM6v/NIYqAABGWcclAKBK8/Pz38lMAMR+7lkJgFgNvjNxRZh2iN+f+D3K8vShQ8UV69ZlvsRPdTqdZ90pALKpAACgyuB/urD6T8OoAgBgVKkAAKDKBMBr3R/jWeez+k+W7CqAl158sZhYuzbzJaoCACCdCgAAqgr+pzODf6v/ZMquAnho797sl6gKAIB0KgAAqCoBYPWfRsuuAnj12LEysZBIFQAAqVQAAFBF8D9dWP2n4bKrAO7NnwVwi7sEQCYVAABUkQB4uftjMut8Vv8XJ/amP3nyZDE7O1vM9X6e/n97q4mJiWJs5cryn1eOjRWTa9eWP6On/fT/2zBqQRXA+zudznGfKgBIAADQxOB/qvvjmazzxer/jTfdlHKuWP1/pRugDVNAGwFsBPVxzB49+qZgP0sEtJEIiMTAunXrsre8G7j4/YrfswxRUfCl/fszX97DnU7nBp8sAEgAANDEBMCB7o/prPNZ/X+7mYMHy4D/yZmZtGuzGJFIiUTA1evXFxs2bGh9QqXhVQBzxUIVwJxPFwAkAABoUvA/1v3xnazzRZD7s1demRa0tnn1P1b3Y5U6jrm5ZsWCkQS4fsuWYsP69a393W14FcANnU7nYZ8wAEgAANCkBMB098eBrPNF8H+mnvWlaOvqfwSlD+3bV0lpf7ZIsmzfurUMgJP74CuXmWwKyVUAz3Y6nU/5hAFAAgCAJiUA0ob/jfLqfwzu27t3b/FI4u4HdYskQCRd2pQIyEw4VVAFYBggAMtmG0AAsoL/8SJx8v+uxC3VYlW6LcF//L0vWbOm3FKurcF/iMqF6KuP0vq2/D0yK0S+nJ+82ehTBgAJAACaIi1A6U+1zxCr/9u2bWv8xYvBfqt7gX/TevwzEgGR2IjKhia7InmHg2jdSHS9jxgAJAAAaIq0ACVrGFto+up/rBJH6fk1mze3esX/h4nExqUf+1iZ6Giy7CqAxKTHZK/KBgAkAAAYnN70/5Ty/wiYshIATV/9jxXiSy+7LK3aoekiwRGJjmuuvbax1QCZVQBRyTEzM5P58rQBACABAMDApQUmmav/sS1dE1f/I/iNVf9bb7ttqMr9z1cExTHnoKmJj8wqgOQ2gCt81AAgAQDAoKUFJpkJgLsauO1fBL1NDn7rEomPSIJkDntM+2VOrAKI7RsTWzumfNQAIAEAwKClBCYRKGXtd9/EvehjNTiC3lFc9T+bmA1QXpOGtQRkVgE8mTf3YGx+fl4SAAAJAAAGozeYbLxhgVLjVv9jO7wo+eftohoikgCzR4825jVlVgFkVrUUqgAAkAAAYIDSApKsQKlJq//9fv/kIHDoROVH05IA25MGSCa3AUz4bQFAAgCAQUkJSCJQzir/396Qyf/94H/U+/3P+3r15gI0JQkQQySzEkmJ1S1TflMAkAAAYFBStv87nBQkT0xMFBNr1zYm+M9KakgCDEZWMikxCTTWa7sBgEW7wCUAYJmmmhQgRfm/4P8NkRCJrRD7/ewrx8belCA5eVrlxfETJ8pS9UFXLPSTAE8fOjTwZM7V69enzG44nHtNI+l23EcPAIvVcQkAWKreSuRrGee69LLLUgLmV48dG3j/f9bfZSk2bNhQBvsROC9niF0/EdA/EnvYz9vY2FgjkgBZ9/OlF1/M+rt8odPp3OMTCAAJAADqTABMdX88k3Gud/zojy77HLHa/dILLwz0msS0/7oH/kXQf/2WLWXPelWiJD/+XnHUuY1hJAFeOXasrGIYlNi+MaMK4Ev792dVqHyt0+l81icQAItlBgAAyzGVcZKskvOrKwyAz8eu3btrC/6jyiG2Ovxv3/pW8dWvfKXS4D/EyvUD991X/LfXXy8D2awt8n6YfjtAtFUMStbfNXGuwZiPHgAkAACoW8qybFZgtK6moPRMZg4eLO7dvbuWwD8C8Gh1uHPnzoGsjMcqdpTmx1FHIiDK7zNW4Jcqkh8ZbSWJbSFTPnoAkAAAoG4pOwCcTCopv2JACYDoj4/S/ypFKXys+EcfeRMGHfavdz8RUPXchX77wcCSABPL3+2yKTsbACABAAADk9ECkBGgLVUE/1X2xUegHbMNBrXifz6vLyoSIkFRpVtvv31gQfRkwvC+zN+R3vwNAJAAAKA2jQlCBjUpPvr+q9w274H7769lhT3Dnb0KhapeawTQVVdanE1We8mgt1gEQAIAAAYqIygaH0CAHKvRVfX9RxAdwfT2rVtbdS8jEROvO3YmqOSaz86WSZe6jTcvAWMQIAASAACMpkG0AFQ1mK7czjBvz/j6I9OVK8udCapqCYht+WLuQp2yqhoSX/ekdz0AEgAA1GJ+fn484zxZ27utrLk3PgbSVVHOHQP+ot+/ib3+ixUtAbFjQbZBtQJkJAHqTlwAgAQAABlSEgBZW6PFlPy6RNIiBtJVEfxXETAPUlV/p0i+1N1PP96COQwAIAEAwNCrs1x+79696VP/hzH4r/rvNqiBgAAgAQAAIyBW/6MHPVP0/A9r8F9lEiDK6aMVAwCQAACAdNmr/xH8xzZ/oyCSAHFkuncAOwIAgAQAAAy57NX/mFsQq+LDMPDvfMXfN3PHBlUAACABAADpItDMXP2PKflt3epvOWKLwMyhjRIAACABAACpHtq7N+1cGzZsKLZv3TqS1zG208ucBxC7AcwePeoXFAAkAAAgJ8jM2sM9Vr9/6777Rvp6bli/vrhi3bq082UmZwBAAgAARlhmmXms/F9sT/nUKoCZgwf9kgKABAAALE8M/8sKMCPwj95/Fq7FXUnXImYzmAUAABIAALAsMzMzacP/7hL8v8m2bdvSBgI+qQoAACQAAGA5ov8/Q6x4X7dliwt6mtgCMWsY4uGk+wQAEgAAMKKyyv+t/p9ZVlIkqjTMAgAACQAAWJLYXi6j/D/K3GPrP94uszLiOVUAACABAABLEf3/GWLbuyh358yuTkqOSAAAgAQAACzJkaNHGxXgDqtIkGRsjTg7O1vu2gAASAAAsAzz8/Nj3WNj99jT/dcDo/B3zhgsV5b/dwNczu2KdetSzhNJgBFwS/d9eKB7TMf70m8PABIAAGQE/ZPdY0f3eKb7r9/pHk90jx3dY3zY/+4nTpxI6f8X/J+frCqJEdkNIIL+6WIhEfed7vvz5e5xT7xf/SYBcDYXuAQAnCHo39j9cUX32DgKgf7ZHD9xIuU8WSvbwy4rUZJ131pmsnfc3X3/Rtbqa93jufjZ6XTm/HYBEFQAANAv7Y9S4ie6x3wxQqv855K1kiwBcP4mJiaWfY4To5kAON1bqwOe6VXxjPsNA5AAAGA0g/7xXlDwcrFQ2h/BwkZX5g0Zw+Si/z9juN2oyEiWzCYNbhwiU90j5na8plUAYLRpAQAYraB/shfkX10slAtzrkAyYZjcxNq1LuQiZCRLMuY2DLHTWwWOFwutAo90Op0jLg3A8FMBADACQX9M7e8er3X/NVb77xb81yejpH2krldSwkQVwHkZLxZafaIq4LXe54TPBoAhpgIAYEiD/u6P64sRH+LXhCBybOVKF3IxEWlSu4QqgCUnA3aoDAAYXioAAIYn6O/39PdX+kd+iF8TgkgVAItjXkKjkgEqAwAkAABoYNAfAX8E/nsE/c2yUgUAw5MMeNluAgDtpgUAoH1Bf2zx1R/kZ2o/nMHJhB0ceJv+AMGoCHi2+/OR7vG1Tqej3wKgJVQAALQn8J/qHrFVX6z027KPoZWyFWDCDg6c01Tvc+g78bnUPXweAbSACgCAZgf9490f08XCQL9xVwTOj9kLtYrPqOnThgd+sdPpHHdZAJpHBQBAMwP/eJh+plhY7b9b8D8YGQPpMlazWTyzFwYiPqdiXkAMDnwmPsdcEgAJAADOHPRP9kppv1MslNZODevf9cSJE8WXH320uPGmm8qjqZYbvFuFXpoNGzYs678fGxtrbOLloX37imuuvbb8mbHNZIPF51f5edb7XLOLAEADdFwCgIEG/f2BfrcUC8O1hjbgf+7w4R8c8e/Zvv/f/3v6OeO1/uyVVy75v//S/v3FdVu2+EVfwu/L6jVrlvzfxzWPa58tfhfidyJbJCsi6RE/J9auHeZbe6R7fLEwOBBAAgBgxAL/8V7QP909xgT8zUwAhFitnZmZWfR/F6v/L73wgl/2Jdq1e3dxb/dYrFj9f+XYsWKsghaAqhIAb33969atK5MBQ5wQiOD/4cKsAAAJAIAhD/wj4I+BflPD9nebOXjwBwH/ICawV5UAmDt5sgz8FvN3iiDu6UOHhn01t3KXXnbZon+XvvrYY8WG9esreT11JADeKuZQ9JMBUSUwNnyzDZ7tHo90Op2H/cYDSAAADEPQHyv8O4ohm+Qf/csRDMXqeN1BUZ0JgMUmASJgiyBU8J9z3WNGxPlUYETSJcr+qwr+B5UAeKuoLLm6+3eMZMCQ/Y4dj0RA93hQewCABABAGwP/6Onvl/kPhf4q/5PdgKyOsv6mJAD6oiz9kUcfPePfPQLQ7Vu3Ftu2bRvGVdqB/95FO8CZEjBx3SPov2vnzpRdG5qeADjT330IqwMeLhbaA4747QeQAABoeuAfAf9QlPn3e/mf7AZgS+mDH7YEQF9UP0QwGtcngs5+mTbV/z72r/3KbvAbK+B1XvemJQDeKqoDYgBiVAhUnQypybOF9gAACQCABgb9Q1PmH0FWBPyxTd8gevnbkABgNDU9AXC6SABcvWFDmRAYglaB48XC7gEPaw8AkAAAGGTgH8F+66f5x6pqBPxNLO2XAEACYPnJgKiUiIRAlTMSajB3WiLguN9IAAkAgLoC/9b39w9D0C8BgATA4vTnBgxBMuDh7vEFiQAACQCAKgP/qe6Pu4uW9vcPW9AvAYAEwMgnA57tJQKe9RsKIAEAkBX4TxctHew3zEG/BAASALnJgO3btrV1ZoBEAIAEAEBK4B8r/uNtet1tHeQnAYAEwOC1fIDg8V4i4GG/sQASAABDG/jPnTxZbtUXQf8oBCkSAEgAVK/FWwtKBABIAAAMX+A/c/BgWd4fgf8okwBAAqBaGzZsKBMBkRCQCACQAABoa9Af2/ftKBam+rdiK78o8X9o376h7+uXAEACoHlaOi9AIgBAAgAQ/Jcr/nvaEPiPeom/BAASAM3TbxGIY2zlSokAAAkAgMYG/q0o9Y8p/g/t3VuW+s/Nzbl5EgBIADRSPxFwxbp1EgEAEgAAAv/z1V/tjzL/YZvi/84VK4pVk2uLiybWlj+/d+pU8a8+9+sSAIxEAmBy+peLD37m08XrR44W35o9Wv489fq3huo6xbDAaA9oSVWARAAgAQAg8B+M6Oe/d/fuoVvtj0D/9KD/dBEASQAwSgmAiet/+U3/WyQA4n3wX/7tvyt/RlJsWLSoKuBI9/hcp9N51m86MMwucAmAIQ/8p4qFHv/JJr/O6Osfpt7+FasuKv7y5Z/4QcD/zhUX+mWEc7xfVl/16fIIf/bqHxf/5d/+fpkMiKPN+p9tMStg+9atTd5BIL4jnul+Z0QC4AsSAYAEAED7Av9Y8Z9q6muMMv+9e/cWj3Qfjodhkn8/4P/Ll3+8DGiApfmx1R8oj4nri+J7p77bqw74/Va3C0Qr04033VTcevvtZRIgkgHRKtBA8Z0x1UsE3NDpdI77jQQkAACaG/iP9wL/6cY+CPeG+sWqWJtFkB+r++/75Ces8kNF4n0VSbU4Qr864D8//++6//xHrfv7RGtTfP7FsWHDhjIR0ND2gEgEvNb9Tnm4WKgIkAgAJAAAGhT4j/UC/x1NfY3DUOb/Y6s/WAb7McQsViiBut+D/eqAX37T7ID//Pzvt+7vEoNO42h4e8B099jY/Y75Yvfng51Ox1YsQKsZAggMQ/B/T/fHLd1jrGmvrT/NPwb7tbXMP4L+CPirKu03BJC2qGoIYIZoFYgkQOwsENUBbRwkGC0B12/ZUmzbtq2puwdE8P85OwYAEgAAgwn8p4uGTvaPYD9W+2MbvzZO8++X9tfRzy8BgARAvkgC9FsF2pYMGBsbKzasX1/ctXNnU+cEHC8W5gM8610BtI0WAKCNgf9U0dABf/1t/NrY398v7Y9hfvr5od36cwM+eUf7kgGRNO23TJUDA7dtKybWrm3SSxwv3tgxwKBAQAIAoKLAf7xo6IC/WBXsP7C2SdXl/YBkwHL0P1djUOCdO3c2bWDgVLEwKPDBYmFQoPkAgAQAQFLwf0/RwD7/CPx37d7dqsF+Eeh/+JrPCvphhJMBP3PzwsyAtgwQjM/Y5668skwAREVAtAg0SAyfne5+T0US4EG/ZYAEAMDSA/+p7o8DRcP6/NsW+L9zxYpi9VWfNr0f6H0mXFh+JsQRAwRffepfF3/0r/5147cWLBMB3SNmA8SMgAbtHBDJ6T3d76zri4VBgc/6LQMkAADOP/Af7wX+U016XTMHD5b7V7cl8I+H+/4wP4CzJQP+yqaN5RFbC/7Hr36trAqIf26qmLdy4003lTNXGpYImCwW5gN8rZcIOO43DGgSuwAATQv8YxUlyinvbtLrih7UtmzlF339H75mY2uG+dkFgLZo0y4AGfrzAqI6oOkaWBEQYibAFzudzj3ePYAEAMDbg/+N3R97igaV+8eK/6/ddlvjA/82l/hLACAB0GzRIhAVAVEZ0PQWgYYmAo4Xtg0EGuJHXAKgAYH/ePd4ovuPTzQl+I+H/HjYv2bz5kYH/7F13yfvuLX4GwcfL37m5v9Vfz+Qrj8vYP3+f9g9/lH5z5F0bKJ+a8DqNWuatCtLfK9FW8ATvSo3AAkAYGSD/3u6P17uHhubFPhnrPRV9zC+ovgrmz5bXPM7jxSf2fMPyodxgDpEkjGSjvH5Ez+j5ajpiYCo5GqI+J6LbQN3+E0CBsUQQGBQgf9UsVDuP9mUwL/pU/1jtT9K/AX8wKCdvovAn736x8V//OoTjZwVEImAqOSK7QPv3Lmz/Dlg/d0Cri4WhgQe8dsE1EkFAFB34D/WPSLwf6YJwX/5cHjttY1d8e/39kfZrdV+oIn6VQF/4+BXi5+5+X8rVqy6qHGvsYHVXVPd4+WogtMWANRJBQBQZ/DfmCF/EfjHVP8G9Yi+STxAf/iazza61xZYquGcwdxvT4pjYWjgE+WQz6YlAp678spiw4YNxW/dd185NHDAYseb67vfj4YEAhIAwNAE/rG6caBoQJ//3MmTxd69e4uH9u0r5ubmGnetosw/Av/Ywk8wBH7f2yo+w+I49fq3itlHHi23FPzeqVONeX0zMzPlEbsFPHD//cXYypWDfDnjxcKQwK8VC7sFzHmfAFXRAgBUHfxPd3+81oTgP4L+S9asKVf+mxb8v1Hmf9+IBf/AMItqpk/ecVs5NHByekvj2gOiCiy+F2IGTCSIB6w/JHCj3xxAAgBoW+AfW/tFn3+s/A+0vzEmQMck6Ftvu61RgX+Uy8YD8TW/8+XyAbmp07QBMj7vJq7/5UZ+3sX3QiSGL/3Yx5rQFhbfl0/YMhCQAADaFPzHFkextd/UIF/H7NGj5cCnmAAdPf9NEStgMSgrVsTigbiJA7MAqnJ6xVO0PTVFf+vASy+7rAmDAvvVANN+Y4BMZgAAmYH/eLGw4j/QwD/KOGO1v2kD/iLQn7h+i0n+AMXCzJNVk/cVf/bqHzVqG8HZ2dkyedyAQYHl/Jzud+v1xcJsgON+a4DlUgEAZAX/jVj1jz7O6OdsUvAfD7mx0hWlr4J/gDeLdoCFOQHN+oyMIYGrmzEfIL5XXzYbAJAAAJoQ+I/1ev1je7+B9Sv2+/ybNOCvH/g3rcwVoIneGBj45XI+SlO2QL23GYllswEACQBg4MF/2aNYDHDVP3o2m9bnL/AHWF4iYGFg4CONSQREYjnmA8T3zYDnA9gpAJAAAGoP/GPV/4nuP8YxkJWIKMeMssxY9W/AsKZSlK7GypXAH2D53tg5oDmJgPi+iSRAJAMG2BagGgCQAABqC/6nioVV/4GtPkS5f2zXFGWZTQr8o3TVRH+A4U8ERDtAtAU8tG/fIF9GfA+/3PteBpAAANKD/+jzj37/gaw4NK3cP1b5Bf4AdScCmjEjINoCYseZ2DYwtp0dkPH4Xu59PwNIAAApgf9k94gJ/zsG9Rqi3L8hezN3A/+J4jN77i+PFatWdf+XjmPZB4wS7/nlHAuJgC2NSQTEtoFRlXbr7bcPsi1gR3xPx/e19xcgAQAsJ/jvb+83kIeKCPibMt3/jcBfjz/AoJ2eCFh91ZUDfz0P7d1btgVEm9qAxPf0M73vbQAJAGBRgX9/0N9AygpjFaU/cXnQ5f6xR7XAH6C5iYCF7QMfHXgiIBLV0aY2wO+uaNHbY0AgIAEALCb4nyoGOOgvVk8asOfyD/akXr//Hwv8ARqu/5kdiYCo2BqkqF6LtrUBDgnsbxc45TcDkAAAzhX831MMaNBfrJZcc+215erJIMv9YzXpZ27+m41YTQJg8YmAqNiKyq1BJgIaMCQwvsef6X2vA0gAAG8K/Md7g/7uHsSfH6sk8ZA0MzMz0OsQA6Win/SvbPqsXwqAFovKrUgEfGrXPQPdqaU/JHDX4Lauvbs3IHDcbwUgAQBE8F/uJVwMYNBff2u/WCUZ5Kp/rPTHin8MlGrCHtMA5PjLl3+i/HyPyq5Bfr7fO9jdbOL7/eXe9z0gAQCMcPAfQ/5i2F/tJf/9Vf9Bbu3Xn+wffaODXCECoFpR2TXoCq+oBiiT3oPZMjC+55/ofe8DEgDAiAX+Y72S/9q3C2rCqn8E+1EWarI/wOg4fcbLIOcDxJaB0RYwoAT4Di0BIAEAjFbwP1UsTPmvveR/0Kv+8fC30Of/aFkWCsDoOX1Q4KCqv36QDL/99kH88VoCQAIAGJHg/55iAFP+m7DqH33+saVf9PkDQFSADXo+QFkNMJidAvotAff4TQAJAGD4Av8o+Y9e/9qn/A961f/HVn+wXOX5xB23FReuuqiYj+vhaMwBI/VZ7Gjk8eFNny1+8Xe+XHxwQFu/DningNglILYLHPMOBQkAYDiC/7LUr3vUWuoXA46uufbaga3693s9f2H/Py4u0ucPwA/5zoiBsJEwjsTxIPR3ChhANcBU93it97wASAAALQ7+p4uFkv/xOv/cmYMHi0vWrClmZmYG8veOVZxYzfnwAKc9A9A+kTCOxPGg2gL6OwVE9VzNogLg5d5zAyABALQw+I+tfg4UNfb7x6p/DDS6ZvPmgaz698v9YxVnkPs9A9Bug2wLiO/PqJ6LRMAAtgs80H1+OOA3ACQAgPYE/tHvH6v+tW7xFyWL5arF3r21/50j2J+Y3qLcH4DU75Z+W8AgdguI2TllNd3Bg3X/0dO9rQLNBQAJAKDhwX+/33+qzj+3HPT3sY+VpYt1i72cf8F0fwAqEonlX/ydR8tEc92iGiCq6qK6ruZqgHieMBcAJACABgf/00XN/f7xMNLf3q9usTLzqV33FFfuuW9g+zgDMDoi0RyJgEg81y2q6+L7tuYBgeYCgAQA0NDgv/Z+/35p4iC29+v3Zr7v8k+4+QDUJhLOkXgexKyZAQ4INBcAJACAhgT+0e//RFFzv3+UIpbDiWoe9BcPXtGLOajpzDAMTpw4USbuBrDVGAyN/m4zdSei+wMCY5vdmlsCYi7AM+YCgAQAMLjgf7xYKPnfWGfgEHsUD2LQX6z6G/IHS3/v3njTTcVfWrWqWL1mTZnAi7kd7/jRHy0DiS8/+qiLBIvUb0WLo+6kdGyzW87eqTeRN1UstASYCwASAEDNwX9/2F9tX8IxhTiC/7oH/cXWfoPckxnabtfu3WXQH0H+map2IpCI5MCAthyD1osqgEFsGVgm5T/2sbpbAsa7R1QCbHTnQQIAqCf4n+4F/7WV4UXJf0whrrvkf2L6uuIX/ulvFz92yeqi6HQcQ3l4T1cpAvt7d+8+r/+/0RYgCVAD7/uhPN75rncVn/z87cVnHqx/y8ABtATE88cThgOCBABQffB/T7Ew7K8W8TAxiJL/ctW/G/gPYsslGBaxKrjY0v7+kDEqi/5dgiF3UWxN2/3+qrsaYEAtAYYDggQAUGHwH1+yd9f15/Wn/Ndd8v/hTb+4sOq/+oNu+ij8XrsElYjk3a7zXPk/UxLATABYumhXi2qAqd1fqLV1rd8SUPP713BAkAAAkgP/mPQfJf/Tdf2ZETjUPeV/YWul+4tLb/6b3b9z4RiRQwagGmfr9z9fA9hmbIQ+0x2jcrzvk58oPvs7j9a+U0C0/sRRY0vAVLEwF2DcOxwkAIDlBf/xZRqT/msZ9hcPC9FHeO8SVw6XKlb9f37/b5elk8DyRTnwckQVgFkAsHxRATC16wvlUWc1QCQBI5EfVQE1KYcT2yEAJACApQf/tU76j77BeFhYbuCwlAejS034h/T387LPUXP7DwyzqAKoO9Ed7+GY4xO7+NQk2gDsEAASAMASgv/48nymqGnSfzwcRPBf5wN/PAwNojQSRkHdO3YAP9zprW51fhbELj676qvss0MASAAAiwz+40vzibqC/3goqHOLv1jpj4efusshAaAJymG3+3+7eHeNw26jta/mrQJjh4A97jZIAADnDv7vKWra5m8Q/f7xsBOrH/HwAwCjahDfh9HiV1b71bdV4A7bBIIEAHD24L+2bf4G0e8/iBUPAGiqQVTERatffP/HVr81iW0Cn7BNIEgAAG8E/mO94H+6jj8vvvTr7Pc/fdAfAPBm/Zk4dQ0IjJa/eA6ocbvPcq6RJABIAIDgf+HL8Jm6gv/4so8v/br6/eNhxqA/ADi3SJZHS8DE9HW1/Zm33nZbceNNN9X1x032kgDj7jYMzgUuATQi+K9lm7/4ko99gesSDzFrr7/OjeaH6LgE+J2HnvjevGhionj2zruL7506VfmfF88F0Rb49KFDxdjKlXUkAV7uPv98qtPpHHG3oX4qAGBwwf94XcF/DPuLfYDrCv4XVjEeEPwDwBIsVM/989paAqIl8NKPfayu4YDl4kf3OWjSnQYJABiV4L/MgNcR/PeH/dXV71/3QwsADKN+Mr2uloATJ04sDAc+eLDOJMCUOw0SADAKwf8zvS+/oQr+4yElHlbqmmQMAMMuqunq+m6N+UDXbN5cV8VgPwkw7S6DBAAI/pcpvryjnK+OYX/9Kf9K/gEgX7+6rq5tdGNmUI3DAQ9IAoAEAAj+l2HX7t21fXHHw8jP7/8/ivdd/kk3GQAqEsn2X+h+33540y/W8ufFQsI1115bzhGSBAAJAGBxwf90XcF/BP737t5dy9/rg1d9pixLXLHqIjcZAGpw6c1/q/jEHb9eS0vAzMzMwtbBkgAgAQAsKvg/UHXwH1/O8SVd16T/ePj4xB236/cHgJp98Korewn4VZX/WTXvEBBJgD3uMEgAQNuD/0r1g//nDh+u/O/UL0GMhw8AYDAWWvB+u5YWvP4OATUlAXZ0n58OuMMgAQCC/zOIL+MyM1/DpP942KhzCBEAcHb9Ibx1bBUYQ4VrrDSclgSAalzgEkC7g/+yN6+GSf/R7x8l/wBAs8QuPBdetKp46R/+o+J7p05VmgToDxm+bsuWOpIARafTucEdBgkAGPngf+bgwfJLuI7gPwYOfWjTLxbzbi9VvGdcAkbs993vPFX4wFVXlhV6z915d3Hq9dcr/bPi+SPaAu7cuVMSAFpGCwC0MPgvt+bZvLny4D9KCz+954Ey+AcAmi0SAD+3/7dradW7t74th7UDgAQAjHbwX8cXbjw8RPB/0eSEmwsALRHJ+58vh/V+pvI/q65nEkkAkACAkQz+b7399lq+aCPoj+DfsD8AaKeP33F72cJXRxLg0ssuK3ckkgQACQAQ/CeJwP+hvXsr//vEikEE/7GCAAC0V7TwXbHrC5V/p8dOROVQYkkAkAAAwX9O8F/HtjufuOPXyxUDAGA4vO/yT9aS2JcEAAkAEPy3JPiPh4JYIYgJwgDAcImWvo2/888rb+3rJwFihwBJAJAAgGEK/qeqDv4jgx49dXUE/7EyECsEAMBwquv7PpIA8fwye/RoHUmAPe4sSABA1cH/ZPfHE1UH/5FBjy/RKsVKQEwKNuwPAEYjCRAVf1XvEBDbFJfPMdUnAXb0KjIBCQCoLPh/pnuMDUPwHysBF666yI0FgBFSxw4BNSYBDkgCgAQACP7PITL/sfJv0j8AjKbYISCG/0oCwGi5wCWA0Qv+P17xFz4A59JxCWiED3SfCaIi8F9/7tbie6dOVZoEePrQoWJi7dqqkwBFp9N52J2Fs1MBAD88+I+g/8AwBP8L2/wJ/hEMgd93WPDu1auLT+/5rUqrAmuuBJhyV0ECAJYT/MfK/+QwBP8fqHjoDwDQxiRA9UOBa0wCPNGr3AQkAGD0gv+FbX9+S/APAJzVhatWlc8LQ5AEKJ/fJAFAAgAW68CwBP8XTU64mwDAeT03DFESYNxdBQkA+KG6XxgR/G8chuC/yi9xAGD4kgA/v/+flEODhyAJ8ESvohOQAIBzBv/TbQ7+6+jlAwCGVwwNHoIkQLmLkyQASADA2YL/6WEI/mPlP3r5AAAkAYon3E2QAIAzBf8HhiH4r3IrHwBgtJIAH9p0TduTAFO9Ck+QAHAJoAz+JwX/AABvd+nNf6vcTrjlSYDp7vPeHncTCQAQ/Jf9YVX+GbfedpvgHwBordhOeAiSADt6FZ8gAQAjGvyXE2KLhUmxlbjxppuKLz/6aGV/h+jNE/wDAMOQBIjnpqicrNCB7vPfRneTUXWBS8CIB/+x8j/e5uD/43fc4WbSch2XAL/z0JokwFXl7/Dv//2/X8n5o2IyKgGePnSoGFu5ssokwPFOp3PEHWXUqABglEXP/6TgHwBgMUmAqASo7hmknwSosBKgXASan58fdzeRAIAR0JsEW1n510P79gn+AQBJgGYnAZ7oVYSCBAAMcfA/3f0xXdX5I/CPoX+CfwBAEmB5SYAqn6mKhUrQJ9xJJABgeIP/qaLC7f4i+I/Sf8E/ACAJ0Pxnq66pXmUoSADAkAX/lWZ5Y9sawT8AIAnQuiTAtO0BkQCA4Qr+K93uL4L/6FMT/AMAkgDVJAGqnK9ULOwMMOVOIgEAw6Gy7f5OnDixMKRmbk7wDwBIAlSk6h2WioWhgJPuJBIA0GK9vq5KPsxjMu01115bWfD/7tWrBf8AgCTAaUmAqLysSFSKHrAzABIA0N7gf7qoaOJ/BP+x8h8TaqsK/j+957fcRABAEuA05fNXdUkAOwMgAQAtDf6nigon/se2NFUH/+9cscKNBABamQRYO319JeeOysuy/fLkyapefuwMsMddRAIA2hP8jxcVZm+r7EET/AMAw2Dt9deXs4xamgTYYWcAJACgHcF/pRP/q5xCK/gHAIZJzDKqKgkQlZibNm+u8uUfMBQQCQBovijZquTDeubgwcr2oY2gf2rXvYJ/AEAS4Dw9d/hwZc9mPc8YCogEADRU9wN6R1HR0L8YNlNl8B8r/xeuWuUmAgBDmQS4aLKaxfSozHxo376qXnoE/8+4g0gAQPOC/6liYfU/XX/ifxXb/fWD/yj/BwAYVlfsurey550YzlxVi2bXZG9baZAAgIYE/+NFRUP/qgz+F74Mdwn+AYChV/Wix623317l9oDThgIiAQDNUdnQvyq3+/tEWQ434e4BACOVBKhi5lENOwPsMRQQCQAYsF5JViUfxrt2766snCyC/w9UNBAHAEASIF2505ShgEgAwOCC/+mioqF/Efjfu3t3Ja87JuEK/gGAUVXl1sdRuRkVnBUZ7x7mASABAAMI/mPVv5Khf9E/Fn1kVQX/MQkXAGDUkwCX3nxzJeeOhZxdFS3kdG3s7TwFEgBQU/AfpVeRfU0vwapy6F980Qn+AQAWREXkJyp6NopKzpmDB6t66Xt6O1BBq1zgEtBSlfX9Vxn8f3pPFCx03D2AkdXxPQBvSwJcVXxrdrb4o6eeSj/3jTfdVDx96FAxsXZtFS895gG8v9PpzLmLtIUKAFqnV3K1sYpzx5dEFRP/o79tateuSvrcAADaLiokP3jVVennjUWdazZvrnQooLuHBABUF/xX1vcfvWJVTPxfmHS7p7hw1So3EADgLD56881lxWS2EydOFJs2b67qZU91n0/vcfeQAID84L+yLGsM/YvV/ypERruKLzMAgGHSXzRZUcGiyXOHD1c24LnrbvMAkACAfNH3P5590v7QvyrEUJv3XX65OwcAcJ5JgCsqapt8aO/eSqo9e57oLVaBBAAsV/cDdbqoqO+/qqF/0cf2gQp62QAAhllUTkYSoApRBRCVnxUwDwAJAEgK/ivr+y+/BCoY+nfR5KTt/gAAlvEsVcX2gLHoE22fFQ0FnOoNqwYJAFiGKP1PL6mKErAoBctWZdYaAGBURCVlFTsDxOJPVbOfuvb0Fq9AAgAWq/sBGiv/6R+iUfpVxSCY6FeLbLXt/gAAli8qKqMaINvMzEzx0L59Vb1s8wCQAIAlBP/R859eRhUlX2XpVwV9/7Hyb+I/AEDzn69uve22cneACowXFbWvggQAwxr8R9b0QBXnjg/7Kvr+L7355koy1AAAo6zKCstN115b1TyA6d5iFjTKBS4BDRVTVNNLp6LUq4rtX6JHbc2mzcW8+waLNl90XAT8zgPnNLb6kuLjd3y+eO7OnannjYrQTZs3F08fOlTFyz4wPz9/pNPpHHcHaQoVADTvwWhheupU9nnLvv/bbkt/vVGSFl9IAABU572XX16snZ5OP2+0AezavbuKl1xZRStIADAswX/U0N+dfd4o7bpm8+b01xulaD+750E3DgCgBj91/XSZCMh27+7dVc0DsDUgEgBwDpVs+RdD/06cOJH+YiP4N/EfAKA+UXlZxVDACucB2BoQCQB4q+4H4z1FBVv+Rc9/bPWS7aM3bzXxHwCgZrH4EkmA7EWY/jyAimgFQAIATgv+Kyn9L/v+b789/fXG0L8PbdrkxgEADEBVM5gqnAcw2VvsAgkARj74j5L/J7LPGyVcUfof2dzsL5xY/QcAYHCqGgoY8wBiEakCd3efe6fcOSQAGHWx8j+efdLI3s7OzqaeM0rNrti1W98/AEADxFDAiybz2+tjeHRF8wAO9Ba/QAKA0dPLgqZPRp05eLB4aO/e9NcbpWYXrlrlxgEANMS6XbvTn89ieHRUklZgvKig7RUkAGhD8F/J3qj90v9s0fNfxbYzAAAsXb9CM1sMkY5h0hXYoRUACQBGUSWl/zG9NbvvP0rL9P0DADRTVTOaYph0FVtJF1oBkABglFRV+v/Qvn3l9NZMkVVet2u3mwYA0GBVVGvGopJWACQAYHnBfyWl/+WWf7fdlv561xn6BwDQClXMa6pwa0CtAEgAMBIqKf2vIjsbW8tUMVkWAIB8Vc0DqHBrQK0ASAAwvKoq/Y/+rOwt/yLwj61lAABoj6rmAcRiUwVbA44XWgGQAGCI7ck+YZRlZW/5F9njKCEDAKB9qpgHEItNFbYCKDlFAoDh0v1gu6f7I/XDraot/6roHwMAoD7xPJc9xykWnbIHTvcccMeQAGCYgv8I/NPLmyILm701SxUZYwAA6lXVTk4VtQJM9hbLQAKAodCK0v/oGdP3DwAwHGKmUwx1zhSLTxW1Atw9Pz8/7q4hAUCrdT/IYujfVOY5qyz9t+UfAMDwiMWdWOTJpBUACQA4c/Af25q0ovQ/psVmfzkAADB4sTVg9iJPRa0AU93n52l3DAkA2iqymKl7m1ZR+h/lYdH7DwDA8InhztltnhW2AuzpLaKBBADt0f3gmur+2Jh5zipK/6saEAMAQHNUMei5olaACP73uGNU4QKXgIqC//jgSu9hqqL0/+Of/43ine96l5sGg9LpuAb4nQdqEc99T/71Xyq+d+pU2jljceqlF18sxlauzHyp093n6Uc6nc6z7hqZVABQlRj8N555wipK/z9w1VW2/AOgzujfJYABisrPSAJkqrIVwB1DAoDG621fkjr4r4rS/+gF++jWbW4YDNh3Xn3VRWBk/Nmrr7gIMGCx+JM9+6miVoDJ7nP1Pe4YEgA0XXrp/97uh2olpf+2/IOB+uOnniq+sW+vC8HI+Obzzxf/7jf/ngsBA/ZT0zeUi0GZqtiiuuuW3uIaSADQPN0PqBj6N5V5ztmjR4t7k8uqIusbk/+BwQb/AiFG9Xf/6R23pPYgA4vTolYAAwGRAKCxwX8lH1BVlP5H1hcYnP/w8MOCf0bat44ckQSAAatiG+hYtIrFq2Qbe7trgQQAjZI++O+hffuK2dnZ1Bep9B8GKwL/ow8fcCEYeTH/QhIABquKVoBbb7utipfqixMJAJqjisF/VZRRKf2HwQf/Uf4MvDkJ8N3XX3cxYACqaAUod67aty/7pY53n7d3uGNIANAU6aX/v3b77cXc3Fza+ZT+g+AfmpoE+Pqv3mhHDBiQKloBYhErdrFKdnev5RYkABicXk/Sxsxzzhw8WMzMzKS+TqX/MBhR3hzBjeAfzv0+iUoASQAYjOxWgFjEqqAVwEBAJABohNSepMiW/lryB6bSfxDUgPcLcDZVtAJ8+dFHy3aAZNPz8/MeapEAYDB6vUjjmefcu3dv2f+f5Y3S/47D4ajxEMzA0pMACxUzPkccjjqPiyY/Unxo0+bU93T2blY9qgCQAGAgwX+UIaUP/rs3efDfpVu3Fe9c8S43DGoUA80E/7D0JMDCzIzfdTGgZrFolNkyWsVQ666p7nP4RncLCQDqFsF/6iCS7Czpey//q+UB1GdhoNmvCP5hmSQBoH5VtALEjgCZ1a09qgCQAKA+vW3/UrciicF/mX1SVXyAAz88+H96x3b7mkNiEuA/Pf6YCwE1yl5AioGAsbtVstgW8B53CwkA6pKadaxi8F92CRcg+IdB+Ma+vWUiAKjPQgtp3nNk7G5VwUDAW2wLiAQAlati27/swX9VDHEBzi7KlAX/UO17TBIA6vPGEOk8FQwEtC0gEgDUovGD/z66dZu7BDUHJoJ/kASAYRKLSe9evTr1mTfmASSb7rXmggQA+bofMNPdH1OZ58zuiVo7fUPqhzUgIIEmvedihw0JN6jHxz//t1PPFzsCROtrMlUASABQmdTV/+iFip6oLFGutUbpP9QiBpMJ/qF+3zryspYbqEksKmW2lcZAwFuT5151bey16IIEAHl6k0bHM8+Z3QuVPbAFOLMI/GMwGTAYhm5CfbIHS3/50UeL2aNHs1/m3e4UEgBkBv8xZOSWzHNm74mavWULcPbg397k0JwkwHdff93FgApF8J89X6qCKoCp7vP6RncLCQCy7CgWJo2miN6nXYmD/+KD+VKD/0DwDyOYBPj6r/5K+ROozgeu+mvlLlNZyjbYgwezX6ZZAEgAsHxVrP7Htn/RA5UlerOi/x+oRpQZx+AxwT809f25XRIAKpZdBfBr+VUA472B3SABwLJENjFt9T97278q9mkF3h5cxOAxQBIARlX2QMCKtgU0CwAJAJaut6/odOY5M4P/oPQfBBXAG+/Xbz7/ey4GVCR7IGAF2wKO9wZ3gwQAS5K+7V9MPs0SvVgG/0E1YrBYHcH/dVu2uNiMjA0bNhRjY2OVnT+SAM/t/N+160BFsgcCRktstMYmu6XXwgsSAJy/Klb/dyWv/n/887/hRkEF6hos9qX9+yUAGCmTa9cWTx86VFx88cWV/jkGdkJ1YiBgtANkierYzJ2xioXW3R3uFBIALFb66n8cWQz+g+qC/zr2Fxf8M6om1q4tXnrxxWJiYkISAFrqo1u3p54vu0W2UAWABACLUcXq/4033ZR2rii/MvgP2hn8R/lzrIAK/hllYytXlu+DOpIAcQC5LpqcLCsBskSL7OzRo6kfM4UqACQAWITU1f/4UMssbcoewAIU5UphXcH/FevWueBIAtSUBIj3tiQA5Fub/Dx6a/62gKoAkADgh+t+UEwVDZ78H2X/mVuwAG8ECHUE/1H+DLw5CRDDASUBoF2yn0mz22ULVQBIAHCeUlf/dyUPNvn45/+2OwQtCwxi4JngH86eBPjqV75SeVtMvNdjh4Cq53vAKFmzaXP6toDJVAEgAcDZ9Vb/p7LOF/uaPrRvX9rri23/oucKyPGfHn+s8uA/ypvLgWeCfzinOgZjfvP536tlyCeMiuxtAaMCYObgwcyXqAqAN7nAJeAtrs88WexrGvubZvnp7gfsfNFxlyDBv//Nv1v5hPAI/mPlP1Y4gfNLAoSYnVOVhWGftxT/y4MPmacDCd5/1c8VRx8+UHz39ddTzvdrt91WbFi/PvMlRhXAg51OZ87dQgUAP5A9+T979X9hz9VL3CgQ/MPQJwH6iYDqkgCvFP9GJQCkyWxRjdbZ5CSgKgAkADij1N7/7NX/n5r+FXcIWhL8Rxmz4B+W9x6qIwkw89c3lz+B5XlP2ab6kbTz3WsWABIAVKnpq/8R/MekVWDpYqXv8M6/XUvwH4GL4B+anwSIz4WoBJAEgIzn1RvSzqUKAAkAqtbY1f/oT1xj2z9IeciPAWBtD1hg1JIAX33ssXIbTUkAaLaoAoiW1SyqAJAAoBLZq/+Rscz8wFqz6VpDiqAFD/fbt20T/EMFYhhY2VJTQxKg6iQhDLvMllVVAEgAUJXU1f/M4D/K/q3+Q/OD/wj8H7jvPhccKhLbaNaRBKijTQiGWTy7NrwK4Hp3SQKAEdYrA5rOOl92pjKyqFb/YWnqGvBVx97lQD1JgFDHoFAYZpnPrxVUAYx3n/+n3SUJAEZXahlQ5uC/7AwqjFrwX8cWX4J/qD8J8MqxY+U2m5IA0EwLFazXpp2vgiqAu90lCQBGUG/1/5as88Xk/+zVf6CZwX+sQMZgMsE/1C922IhKgDqSAHEAixctrKoAkACgaWL1P62OMHPyv9V/WJoY4FVH8B/BRwwmA4Y7CRBVAJIAsHgLu1g1ugrALAAJAEZQ2hs/Vv8zy/9/avrG7v/bcTgcizj++KmnygFedQT/UYYMNCMJsGHDhhqSAH/P56zDscgjcyerCqoApubn56d8kkoAMCJ6ZT/jWefLXf3/cav/sKQH9L9TbbAh+IdGJgG++pWvVN6O88dPfb2sBKh6rggMkxZUAZgFIAHACEl7w+ev/uv9h6YF/1FmXA4eE/xDI9UxkDOSAP9mxzZJAFiEFlQBjLtLEgAMuV65T9qb3eo/DM7CkK7qg/9y67GVK11wGPEkwMKQUUkAOF/ZVQDJCYCgCkACgBGQ+ka3+g+DC/5jRU7wD5yeBIhDEgCaI7MK4LnDh8sj0XRvZzAkABhGvTKfqazzRRbS6j8MZ/Afg8UE/9A+UQVQRxLgd3/1hvIncG7ZVQC78mcB7HCXJAAYXqmr/5nDSKz+ww8XK26Hd/5G5cF/BBAxWEzwD5IAZ/Pd1/+0rASQBIAfruFVALe4QxIADKFeec901vli9T+GkWSw+g/nF/zHw/Y3n/+91gcOQH1JgNjBo+rPJUkAOLeGzwIY6+0QhgQAQya1vCfzg8fqPzTjIVvwD8OXBChbeWpIAnz7yMsuOJxDZhVA5kJcj2GAEgAMoeuzTpRZemT1H5oR/NcxPAyoX2zfWUcS4Onu51RsSwqcWXYVwL25swDGezuFIQHAMOiV9Yxnnc/kf6hHBP0zf31TLcF/1duHAcOdBAixLakkAJxdZgJg5uDBYu7kycyXZxaABABDJG31P8qNZmZmUs5l9R/OHfzXsdWW4B9GJwnw0gsvlNt7SgLAYEQVwAeu+rmUc8VOXHv37s18eRt7O4YhAUCbdd/Ik0Xi1n+Z5UaCfxhc8B8rgV997DHBP4yQiy++uKwEqCMJ8I19D7ngcAaZ1a+P5A4DDNPukAQA7ZdWzhNlRlFulCG7DwqGRQzSqiP4jyBgw/r1LjiMmNjes44kwLHHv1L8+9/8uy44vMWFq1alVQFEZW7yjgDaACQAaLPsrf+izCjKjTJkTkKFYRFls0/XFPxHOTAw2kmAK9atq/gz7euSAHDG5+DNaefKnM1V2BJQAoDWS30DZ5YZZWU+YZiC/yibrfShX/APvCUJUHUbUD8JUPU8E2iTd6++pLho8iMp55qdnU3bnatHFYAEAC2W9gbO3G80gv8ofwLqC/6j3PeVY8cE/8Cb1DEINJIAdQw1hTbJnAWQ3AYw2ZshhgQAbdLby3O8iR8stv6DN8SgrDqC/3ILsJUrXXBgIEmAunY2gbZ4z+RHyh2xsp7TsxbqelQBSADQQmlb/80ePZpWWnRR+WFn9R9ClMXGoCzBP9CEJMAD998vCQA1anAVwMbeLDEkAGiD7OF/DyXuMWr1H94I/qMstmqCf+B8bd+6tfLBgJEE+N1fvaH8CaMutsTOqgLIHgYYSQB3SAKA9kgL/mPrv6yMYnzAvSdp4Am0Vax81RX8l9/ggn+gYb77+p+WlQCSALCQBEh5Zp+bsyUgEgAjLHX4Xxar/wj+T5UPvXUF/wBN/zyUBGDUxdbYWZKrAAwDlACgDbKH/2WV/79zxYre1n8dh2MkDw+7AGdLArzqe8Ixssc7V7wrbXvs2BIwZnclUgUgAUALpA3/i8F/WRNF12z6JXcGD7mCf4C3fT7+7q9Oq4xipKVWASTO7ioMA5QAoNnSh/8llhFl9TdB2ywMvJoW/AOcQ2yHKgnAqHr36kvKnbIyzBw8WM7wSmIYoAQADZf2Bo2V/5mZmaTg/+fSJpxC24L/f7NjaznwCgBJADib9ye1AcQwwKxn+J7r3R0JAJqrkcP/svqaoI3Bv/2uARaXBPgPD/8zF4KRk7lgljwMcGp+fn7cHZIAoGF6UzrTJnU+kpQAiJImW/8xar595GXBP8AS/YeHv1QmAmAUkwAZKhgGOO3uSADQPGnlOdE7lDf871p3hpES5atPC/4Blv1ZKgnAqGnwMEBtABIANNB01omeTOobiq3/3nv5OncGD6wA+EyF83h2zqoCSB4GON7bahwJAJqg+4aM4X8pW3TEB0VW/38E//FBBh5UAVjqZ2vspKKqilHxAcMAkQDgPFyddaLM4X/K/xkV39j3RcE/QEUMVWWUxOyshg4D3NjbchwJAAap90aczjpfVr9Q7GUaAwBh2EXgf+zxr7gQAJIAkOJDSYtoMQwwa65XsVBtvNHdkQBg8NLeiDEtNOtD4v22/mNEgn97VgPUmwSInzDMMp+jk6sArnZ3JAAYvLR+nKzVf8P/EPwDIAkAS3+WzpoF8GTuHIBoAxh3hyQAGJDeG3Aq63wxLTSD4X8Msyg/rSP4n5iYcLGBVqr68ys+hyUBGHZZCYCo7s16xu8nAdwdCQAGJ+0NWG4VMjeXci7D/xhmv7fz85UH/9dt2VI8cN99LjbQSlevX1+89OKLxdhYdfPCJAEYdpnDAJ+0GwASAEMj7Q34SNL0/xj8Z/gfwypW/r915OVK/4wH7r+/+NL+/S420GoTa9cWTx86JAkAy5A1DDB2+YqtvpNMagOQAGAAem+8yYxzxQdC1j6hHzD8jyEO/qte+Y/Af/vWrS42IAkgCQDFey//q2nnmkmeBeDuSABQv+msE305afU/mP6P4H/pwX+U/gMMYxKgyrkA/dkstghk2EQLQNZg7czn/a5b3B0JAOqXVv6f9YEQq/+G/zFsvrHvi5UG/7EyJvgHJAGWp787gCQAwyarCuC5w4fTtvvuGp+fn590dyQAqEnvDTeeca74IJidnW3UBxQ0RQT+xx7/SqXBfzwUC/6BYTe2cmUtSYAY1ArDJHOB7cnc3QAMA5QAoEZpb7isD4L4YMoqUYIm+PaRl8uS0qqD/1gZA5AEyPGtij+7YRAa2gZgDoAEADVKe8M9tHdvynn0/jNMYhXpcIWrSIJ/YJSTAC+98EKllU9VV29B3bK22I6q39mjR7NeljYACQDqkFn+Hx8AWb1Apv8zLKoeJhUrX4J/YNRVPfsk5rd8u+JtW6EuscV2DATMkFwFoA2gZS5wCVqpccP/4kNp5eqfLP6He8MQiJX/qraT6gf/sQIGIAmwv4qA5E2f55/5p4+kBU4wSFFt+/88/KVln+fJmZnigfvuy3pZUZX8OXenPVQAtNNU1omeTNoPVPk/wyK+WKtaMRL8A5w5CXDXzp2VnDsquZ7f+fni+3YGYEgSABnKAeC5bQDj7o4EABXpvcFSem0yy/9/wvA/hkAE/hmZdcE/wOLcuXPnD6oBskVF1x/se9BFpvWikiWqbjMYBigBQHukvcEyy/+V1tF23y9Xie4Q/AMMSMwDqCoJ8NpTXy8PaLusKoCsKuAecwAkAKhQ3vZ/SW/8n9z0S+4KrRf7Rlcx9E/wD9CMJMDL+x4svvv6n7rItDwB8PMp50luA5jUBiABQAWaWv7/XuX/tNwfPv4vi28f+QPBP0BDkgBVzATozwOANnvHihVpz97aACQAaL6prBNlveHjAyg+iKCt5sre0C8K/gEaJGYCVLFFYMwDqGrWC9Qla/ZWchvA1e6MBAD50t5YWW94w/9ouxd+c3f6OcfGxoqvfuUrgn+AZYhWgCqSAJEAmKtoq1eoQ1YFQHIbwNT8/PyYuyMBQJLeGyqltEb5P7zxEPid5IfACP5j5f/iiy92gQGW6YH77y8rqrJVkfyFumgDQAJgNExlnei5w4fTgn/l/7RVDIKqogz0gfvuKybWrnWBARJEJVUVSVWtALRdVhVuVlzQow1AAoAmvqGyMn3K/2mzF37z76Sf866KelYBRj0J8NXHHisrrDLFAFi7AtBWWRUAs7OzaZXBReKCJRIAJJXUlL0+3Td6kz54oG6xF3T21P8NGzaUQ6sAyBeVVVFhlSl2BagiGQx1yGwDePLgwayXNTY/Py8JIAHAcnXfSLH131iT3uAL5f/v6v5Tx+Fo1fH9U98t94LOFKWpVe1bDcCCqLDavm1b6jkjGfwnz/+e70dHK4+faOYcAG0AEgAkuD7rRFl9Psr/aatjj//LctUnU1maauI/QOXKOSvJQwH/IDkpDHV57+VXpJwnqoPnTp7MelkGATbcBS5BK0xlnCTe2DNJ2/9lfeBAnRYG//3T3IfRmFBt6F8j7Nptqne2WBU6nDsgqtWO5/XJsgyxzeqll11WzM3NJX43fKn4n6dvdHFplWgDeM/kT6e0NUaMkDTHaHx+fn680+kcd4ckAFiCeAN1f0xmnCsr+H/36ktM/6eVsic+X7FuXbF961YXtiHulQCoJAEATRNtV1EJcONNN6Wd8w8f/xfFmk2/5PmG1om23IwEQLQJJw4yjioApTUNpQWg+aayTpRV/v/+q37eXaF14svxtaf+77TzxTTqxx97zIUFGIAIVGL4apZoDYsWMWibrLbc5GovpcISADThDTSTNABQ/z9tlL36H0P/9P0DDE75OZy4NWC0iNkWkLa5cNWPl9W5yxUtNTN5uwGYAyABwKDfQLNHj6b0ysWHTBzQJrH6n7ntX5T+b1i/3oUFGKBIwmZvDZidLIY6/ETSbK7nEqsA5ufnJQEkAFjCGydt+7+84X9W/2mfzAe6WG2y5R9AM0QrQCRls0SrmCoA2ibr+fzJpHihRxuABABLkJY5ezKppEf/P22TvfofQ/9iABUAzZCdlFUFQNuMrb4kpUL3xIkT5ZFkyp2RAGDxUjJnsf1f7O+5XO9csaL8gIE2yXyQi8D/zp07XVSABonP5rsSP5tVAdBGsR1ghifz5gBM9nYzQwKA89F9w0Tp/1TGubLK/7P6i6Auc6++krr6r/QfoJm2bduWWp312lNfd1Fplaw2gOdydwOYcmckABjAGybrjfyeyY+4K7RK5pZO0WOa2WcKQJ4YCJhZBfCHj/+L4vunTrmwtEbWLl0z5gBIADAwjdv+770qAGiRKN+MMs4sD9x/v4sK0GAxEHBiYiLlXN/rBv/ffP45F5VWaWAVwJS7IgFAzW+YrO3/Yn/Rd6xY4a7QGpnlm+VD5dq1LipAw2VuC2gYIG2TNQdgJm8OwLg5ABIAnIde//9kxrmyMnj6/2lfAiBv9f8ug/8AWiGzXSsqyTLnyEDVfqKZcwA2ujMSAPxwU1knyurjySopgrqC/6wJzrH6b9s/gPa4M3UWwL90QWmN2AowYzvA2D0sdhFLYhVRAoA63ygZGTzb/9E2f/J8Xuba6j9Ayx6iEqsAvtn9PjEMkDbJagM4bA6ABAC1SnmjKP9nFMXK/zeTEgBW/wHaKT6/s2S2lEHVsqp2n8zbDWBsfn5+0p2RAOAsMvv/D9v+jxGUufqf+QAJQL0JgKwErgQAbZJVAZA8B2DKnWmOC1yCxkl7gzyXlgD4aXeF1jiW1K+ZWUJKPdwvqpa1sw71iBauG2+6adnn+c6rrxRz3UM7JG0Qu3bF7l3xe7scJ06cKI+kRFqUEz/o7kgAcPY3SGMSAFnDRKAO8YCWOfyPdnn60CEXgUr97JVXZq+KUaENGzYUY7ffnpK0iSqAj2zd4aLSCtG+u9wEQD+WSHoe0gLQIFoAmmeqKcF/MP2fNskq04xstwQAQLuNrVxZbFi/PuVc33xe4of2yGrfTUx4js/Pz4+7MxIAvEUz+/+j/L/jcLTiyHpAu3rDBh9IAENg+7ZtKeeJ6rK5ckXVd62j+cd7Jj/atARAmPKJJAHA26WVx+T1/3/UXaEVMsv/t2/d6oICDIGJtWuLiYmJlHO99tTXXVBaI2OGV38OQBLbikkAcAZTTUoAvHv1T5aDRKANvn3kD3IeFrsPirb+AxgeWUndrO8ZaEsCICum6DEHQAKAM7iiSW9U0/9pk6z+f6v/AMNlQ1Jb13de/cO0SjNoSwIgdj/JSgD02p2RAOA0UxknOSwBwIj5/qlT5YNZkx4UAWiGchhg0me7KgBGLQFgDoAEABWZn59vYP+/BADtkPVAVm4Z1X1QBGC4XJ20G8Cf2A2AEUsCzM7OFnMnT2a9JG0AEgCcZirrRBmlOvr/aZNvPv9cox4QAWgWFQBIACzd4bwqAIMAJQA4TcqI2gj+5+bmGvOBAXXIeiC7Yt06FxNgCEV1V8Zn/PdO/XlvO0AYnQRAVAEkmXJXJAB4Q0pJjPJ/Rk30/2cMZTL9H2C4qQJAAmCw8UXIbHtGAqC1ehMxU94MWRm6sdWXuDG0QtaDmPJ/gOGWVeUlAcCoJQGSBwFKAEgAkPlGyHiDXrjqx8sDRikBsE75P8BQm1i7NqXSK2vXGWhLAiAkbgdoDoAEAEVSP0xM6Dxx4kTSB0XH4WjFkfUgpv8fYPhlfNZH29lC65nvYEfzjxjsnSGxCkAFgAQARdYAwKTy/6wPCqhDRgWA4B9AAmAxDAKkLRo4CFACQAKArDfCYQMAGTFzVv8BWIQY+JrhOxIAtMQ7VrwrpbU3sQUg5p9NuTMSACOrNwBwPONcWaU5YyoAaImM6f9B/z/AiCQA1q4txsbGln2ebx/5hotJa2Qs7kUFQLQbJ1EFIAEw0tLeABmZOav/tEnWCkzWihAA7UgCLFdWAhrqkNXem9gG4MFLAmCkTWWcJIb/zc3NJSQAPuqO0BoZKzAxEXps5UoXE2BEZA0ChLbIWuA7bBCgBAApcgYAJvXlvHv1Je4IrfH9U6eW/wa0+g8wWg9eSZ/7WdvQQtWy2nuP5M0BkACQABhpKW+ArJIc/f+0ScYWgJMJpaAAtEdUfmX4/qk/dzFpjaw5AFkMApQAGElNGwD4zqQpoVCHrPLLJlcA2J0AIN9EUuLXTgC0ScYcgLLlOG8Q4Li7IgEwiho1AHBM+T8jmADIWgmqynKnVTf97wc0T0bysem7q2Qkf1UA0CZjBgEiATA8CQADAJEAWMa3T8NbADasXz/wB3lgtGzYsGF5gcbYWOM/ezKGv2a0oUFdsuZ8GQQoAcAyY4+Mk2QNAFQBwKglADL2gq7aXTt3DvS/B0bw4WTt2mUF8Nu3bm3831FylFGTVQFw/MSJrJc05a5IAIyi8ZQEQOIAwPnuT4ejDUfWQ27TRQn/9m3blhz8awEAluKB++9f2ufqxESxbYmfWW0TuwD4Pna06UgZBJi3E0DMQxv3aSsBMGpSMl8ZW3K8wwBAWvfg9Y3ReRC/777iui1bFvXfxP//O63+A0sUCdIv7d+/qP8mqqriv8kor6/aOhUAjKCMKoDMnQAKgwAlAEZJZsYr4434buX/jKA2lYDGQ/X5lvPH/7/FPrgDvFUkEp8+dOi8Koni8/SlF15oRWUVSAAsz3N5cwCm3BUJgFGSlgA4kdCLYwAgNF+s6L967FjZEvDWB/J+q0D83638A1nKwP7FF8uWgLcmTWPFPwYGRpLgfBMFjQmEkmbARBsAtEVWte+JvDkA+hQH4AKXYGCmMk6SlYH7C8r/aZmsXQDaJh6woyUgDoBaguWVK8vBfm0Y7ne+VCowijJmACQnAOwEMAAqAAb4HN+kN6AWAP5/9u43xrLyzg/8uRZYlo1TFSlYGEfbhcLak12pq4hn9kWCmmI0a1nadGErzCiZBLuJ11pFojEdm+y8AAyJX8wO4GmMpVmtN6JsJtKIPzK0tZJlzQ4FgzTxmBlXI0VjPB1N9UrgjrHkKg/wAl7cPb+qe9wF9J/qur9z7vnz+Ug3l8mMbnc/9885z/f5Pb9niAFAxjnQAABdkbEN4FlHAQoA2JeFNgUAWXuCoEvmOtCoCgAgS8Y2ACcBCADYn+WMF8lI4Ez+AQCg//5uwn3/5uZmsbm1lfVXEgAIAPovM+naSKgAUP4PAHDphtqPhu66MqkPQOJxgMveFQHAEKQFABlbAD5w1dXeEQBgUDKOgn1DAEDHZJ0EkLgNwEkAAoBBWM54kawGHFlJIAAA0P8AYGtzM+uvtOBdaZZjAGcjpfNYVgPAnQqAkXcFAOCSuYeiWz609PHip+t/MdVrxELk3Tl/HScBNEwFwGykfNDzAoAPe0cAAGAAMu79N5LmIaX58Xg8710RAPTdQsaLZGwBiAQQAAAQAOzV6bwAIKgCEAAIAPYi4/iNy6+4wrsBAAADcWXSAmBiI8AF74oAoLfG43FawpVx/EbGWaAAAEA3vDdpATCxCkAAIADotfk2feHmBQAAADCcyUjS/X/GYuTEondFANBnyxkvktV44/IrPugdAQAAIcBM5iNF0gIpAoC2SjkCMGvPzYeW/pF3BAAABuS9CYuAiVsANAEUAPRaygd8a3Nz6tew+g8AAMOTsQioAkAAQIMf8IwjADUABACA4bm8XRUA0Sh92bvSjMsMQeNaU+KScQYodNkX77yzmJ+bMxAzlnGkafiNT3zCYFKrjO1333z00ZQQn3a8n9BVaY0Ay+/R4sGDBlQAwLmMx+O08paMmwcBAIO/+cvrXksLmFTRBbFilrlqBjDLecBmwrbkieXyseadEQD0Tcrqf9Zq2fy1Hyv/35F3BQBgX0bupehoAHB1yutEBcANhw4Z0A7RA6BZKRUAWauWl19xhXcEAAAGGQJMXwWwlVcBcIN3RADQR6064kITQAAAGGoAMH0VwLpeGgIA6vdc0j5XxwACAMBQA4BWVQAseUcEAH3UmtKWeav/AAAw4ABg+gqAxNM05r0jAgDOI6PT9Xut/gMAwGC9P6ECIPEUgDgxbcG7IgDom9aUtqgAAACA4co6CjDxaFMBgACgd3JOAUgotVEBAAAwnfcnTaBgFrLmAxt5AYBtAAKA/hiPx2kf6IxSGxcsuu4DPsMAuBbB/mfbSRXBW1tbWX8ljQAFAL2S8oHOKrFxwaLrPrT0cYMAwMzEaUquRVAUJ0+eNAgCAOqSVWJjCwBdt/DJf2oQAJiZv3/9DQaBzmtZiLXoHanfZYagMa0qaZm79qPF2HtCh11ZXrA+Ut58vfz8swYDgEbF6v/Sbf/WvRSU1h0F2CkqAJqT8oF+LuEIQOiL/+l3vuxECwAad/1X7t8OAaDzE5SE+6itxKMAEQDQ0i86tEHcfN14/P+0BxOARq87V7ru0KPP9LQ285oALntHBAB9krJRLOMLZv8/fbtwLZc3Y1ENoLklAHVda6L3zD/9o6dN/unZZ/uKqV9DE8Bu0QOgYzK+YBlfdGibuDGLx+tnflK8ceaV4uenfly89dprgx+X/7L6f6W8zj133TX4sfz3X/lKyiTiozf/C1/Ymj6rBw4cKD57yy0+qwmf1QhUFz55ePBj+aGlf7T9bNJPX/3dllUGx9Hpo9HIngIBQC+0pqnF/LUf827QW3HTGg83a8V2GJIxqbrh0KHibgFA8exzz20/pvHWa39bfPTmf27v8Du8uv4XxX9JeB2f1R3ffPTRqY8NfvO114r/8cjnfTiBPYnfnAhhE0Tj9DUjWh9bAJqTcgpA1jGAwDAmVRliUkXeOPx0/S8NZk1j4rOaNw4RVm2e+rHBhJ57/1VXp7yOOYoAgJqcTvhy2ScNQ5lU5QQAh0yqUsfBpOrdhFXtCwB8VmEYWjgvcBSgAIABfNEBk6rBTKqy3pc+yQirovQ0qfzUZzXxfQGG4XReBcCS0RQAdN54PF7OeJ3EIzaAnov9//Ew+W/fxMqk6u0EVfkiCJmfn2/NewO0W8bi4GlbAAQA5Ms6YiNrrw9gUjU0i4uLrXp/+sD+/3pkbFnJChKBtgcA5gYCAAbwJR95eHj0+JE1qbL/v55J5s7743Maj6wwZGVlxQe0hs/qTh8An1MPj34/En4r8iqVF/2CCwD6YMEQAE3KmFRFCbFV1XoCEc3Vdoch039WozJjfm7OYNYQAKhWgf7LOJo2q1K50ARQACAA2PXFevFFIwlc1E7Z7iutmez2SUwyM7YB6AOw4+Xn11o12e2TxYMHU/oA+KzCAK5t137UIAgAaKOtzc2pX+NDSx83kNBz9v/XP7GaljPWfVa78lmNz2l8XgEQAADQQlZV6+WItTxZY6BaxWcVmK3EHgDLRlMA0AcOJgY6NamK0uGM1UOTqvMb+t7qrCoI+//PT88KYC8yTgFI7AGAAKAXFjJe5Nnnnpv6NTKafADtlVWua0X1/OKM9XiYVE3np8r/ayesAvYWAHzYIAgA6CtNPsCkyqSqHeMTjRqHfMa6/f/d+azaAgAgAADApGqwMk4CyHy/usj+f59VgHMZj8eOAhQAANDUpMr+/4vTXG069v/7rALtkbVFOGO78sSSd0UA0HULhgCom/3/zck6Y32oq6q2qjTnkD4AwEXYIjwslxmC7gQAGanaTpfPkXcETKpMqhImVidOnJjqNaIPwFuvvTa4Bq2vrv+lz2pTN/Zzc9uVEtN26P75dsWG+weArlMBMDAZx3wAbZ1U5QQANx0+bDAbnHwOsbT6p+svpLzOis9qY5/VrG0bAAgAAGjJRDLriLshyOqTMLTS6qyJpNX/5j+rWcENAAIAAKaQtf/fpKr5sRrapOrl59daNf4+q3unDwBwIVtbW1kvtWA0BQAAmFT1cmI1tLJqx/81L6uyxxYA6K+MbcLT9hoRAAgAANijV5NWkQUAsxmvIa2svqpZZWc/q9G0Mh5AHwOADxsEAQAZxuNxyjmWp0+fNpjAedn/PxuHNAKcyQTS5H92Y2YbAIAAgAubz3iRjaQA4Mqlj3tHoGesqM5OHK+W8x6+4LPqs9qJz+pPBQAAAgAAZuenJlUzU52xblLV7L/T/v99BAAHDxbz89OvSagAABAAADBD9v/PltLq5v+NPqv7cyipD0DGiSMACAAA2Af7//sRAPz81Eu9Hif7//vzWbUNAEAAAMAMWFGdvUMqABr9962srPjQ7VNsA/BZBRAAANBR9v/PXvQByKie6Puqqs/q7OVVALxgMAEEAAA0LWv/v1XV2U+sYl/15qkf9/izOn0AEE3sslaxfVb3Lz6n+gAACAAAaFjGqmp0sY9VbGY7qdp5P/u5spq1/1/3//Z8VvscVsEQvf+qq6d+jfUXX0z7qfKOCAAAeIeXn19r1YTApMqkyme1/Q5pBAicwwcSAoCtzU0DKQAAoC4aALZH1ikKfW2u5rPaHnnHVuoDACAAAKAxWeXiyqpzxFaKaWWVyrfvs2r/f98+qyoAAAQAADQkq2Gc/f95bnAc4DllNYwTVPmsAiAAABgkR6r1d1LVtz4AWZUqPqvt+6z+/NRLBhOgYy4zBADdk7Xy9vSJE8XJkycNaA8nzH37rH7r0UeLE+Xnleltbm2lvbcfvfm3DSiAAACALkwST58+vf2gRZOzScn85Vd8sCef1ZwAQFDV3/cWgObYAgDQMW8m7f/HxKpuWfv/aae3/BYBdI4KgIEZFyODAJ2fHP6lQRhAAHD19Tf24t9B/z+rc9d+zEBAx70prB0MFQAAHeP87f7ry6qqz+oQPqsaAYLrzo7EZq3r3hEBAAC/nFRZVe3/e9yPibMKAL9HAPuwZQgEAAAU1Z5bK24mVt34+9v/33+vn3ll+wGAAACAZBpuDSkAeKHjn1VB1VC8ceYnBgFAAAAADJXV/+HQ6wFAAAAAwAC8/6qrDQKAAAAAGOqkytFww/EBAQCAAIBc8/PzKa9jTyZ025VLHy8uv+KDBmIg73WXfajjf3/2Jn6PrvReAwgA2DEajdYyXmfx4MGUv89br73mTYGO++jNv20Qej/5/9XOr6rGxPAj1y97M3vOewwgAACgRv/9zb+tCqDnlm77Yi/+HYu3fcmb2WPxO7TkPYZe0LhVAECvjTw8PDr8uPyKv1P8k6981U9ZT/3a79xXzF/7K734rH7gqo9s/3vo72c1fo/8Lnt4dP+RsU34wIEDWT8vm35hBQAA7BIl4svHv6ESoEfivYwJ1cInV3r174p/z85E0We1T5/Vf/yVrxYfuf5GgwHUEQCsG00BAADnCAH+lz/6f7YnWCZX3Z8k/8//9x/1bvI/lH/fkCb+8R7G747JP0A3jQxB/callAvv+9439WtI7KG/Xl1/oXjztb8ttk79+IL/dxvfPVG8fuYVA1azCGg+VD7O5/1XfXi70d+VF/i/6fNnNT6Db5z5yUX/b31eZ/9Znbv2o8V7t7v9/6rBgp56fPm6qV/jj7/3veKGQ4cy/jo3ZjVS590uMwSNiH0sU5/jt7i4WJw8eXKq14iJgQAA+nsTHy72Hf/pZPJFvWJC9T8c+d8MxHk+q1fu8f/W59VnFQABQNfEPpblaV9kfm7OSAKtESl/pP19k1Fthc+rzyrQFULWYdEDAAAAYKDeSAoAolo5iVMABAAAAAC0VVa18mg0cgqAAIAsGWd8AgAAIADg3DYyXiSjrCY6hAMAAJgfCACox+mMF9EEEAAAyHSx44P34sCBAwZSAAAAAEDfLeQFAPb/CwDIpAcAAADQ1umKIRAA+CBPHDp0aOrXeMseHwAAYOL1pGMAEQBwllIWAACglwFARrNyBADURBUAAACQJbFZ+bNGUwDARFZzDX0AAACAYHFQAEC+lC0AjtcAAAAyZSwOzs3PG0gBAJXRaNSqbpZvSvkAAIAkiwcPZr3UhtEUALDLfEK6tnXqxwYSAAAGroXl/wIAAUBvpHyYE9M1AABgwLJ6g83bAiAAoJ4AIIOzPgEAgCy2AAgAqElGI0ABAAAA0LZ5wWg0EgDU7DJD0Jg4CWB52hfJOgpwXIy8IwA1GvutxWcVaH0A8JOpX8NJZd2iAqA5W235i7y6/oJ3AwAAmNpCXgCwbjQFALzD4uKiQQAAAKbWsoXBTe+IAKBP1jJeZG5uLuUv84Y+AAAAwJRuOHTIIAgAqEvWERsaAQIAwLBlHQOY5FnviACgTzYyXiTriI23Xvtb7wgAAAxYxpxAE0ABAOfQtiMtWpb2AQAADcraEpwYAGx4VwQAnIN9NgAAwDSytgRnbVEWAAgA+mitLX8RRwECAMBwZW0JztqiXDgFQADAeb5kjgIEAACmmW23bEvwaDRa964IAPom5UM9n3AUoAoAAAAYrowKAFuTu+cyQ9CorYwXyasAGHlHAGrldxafVaCdWlYBsOYdaYYKgGZtZLzIXEIFQFAFAGBCBT6rMEwqAAQAdCQAWHDWJgAAMIWWVQDY/y8AEACcT9ZZmyoAAABgeN5IOgLwUF4FwJZ3RQDQO6PRaCPrtTL6ALz12i+8KQAAMDCvJwUAiVQACAB6KyUEyDgJoG1HfwAAAPXLqgBI7AGw6V0RAAgALiCjAuCN9iV/AABAzTIqAObn5zP/SioABAC9lfLhzqgAeF0AAAAAg7N56kdTv8biwYNpf5/RaKQCoCGXGYLGpTS4yGq48fNTLxXz137MuwJQg7EhwGcVaKGMSuC5vAqANe9Ic1QANC+nAiDpC5dx/icAANAdGb3AlhIrABAA9Pr7lvEiWSU3P3MUIAAADEZWH7Cso8lLz3pXmmMLQMNGo9HaeDxO+9KdPn16qtd4/czLyv4AajAulFXjswq0z+vtCwDs/2+QCoDZSPmQLyR86ZwEAAAAw/FqUgVw4hGATgAQAPReyoc84yjAV20BAACAwXjrtV9M/RrJRwBueFcEAH2X8iHPKrvRCBAAAIZhK6EBYPIRgAIAAUDvnc54kawvXsaPAAAA0H4ZJwBkVCJPrHlHBABDkPJBz/ribQoAAACg96LyN6P6d35uLuuvpAGgAGAQUj7o8cXL2H+zdepH3hEAAOi5rMrfQ3kNAE96VwQAvTcajdI6XWZsA3ASAAAA9F9W5e9C3hGATgAQAAyGkwAAAIDGZFX+HsgLADa8KwKAodho05dPFQAAAPRbxj3/yspK2t8nszIaAUDbpex3yToJQCNAGI43Hf0JAIOUUfl7+223Zf11NrwjzbvMEMxMa7YAhGgIcvX1v+5dgQHIagCUWP7XYyNDgM8q0JLrf075v/3/3aYCYHY2Ml4k7yQAFQDAzG4AwMQUoGavJ235TVwAcAKAAGBAtzMtOwlg01GAAADQWxkLfjfkHf8XVAAIAAYn5UOf8UWMhiBv2RcMAAC99LOE/f/J2/82vCsCAAHADL+ItgEAgEkB0E8ZFb9Z/ceCEwAEAEN0OuNFsr6Ir67/wDsCPSfog/5ILsUFeiyr2jfrBLJC+b8AYKDWUgKApC+iiQH0X+ZWn8xVAACgPln9vhKDRwGAAGCQ0j74GV9GjQCBSzE3N2cQoAdeP/OyQYCey1joS97/7wQAAcDwjEajzZh3Z7xWxkqcRoDQf4I+6I+5hGOAq+s/0G8ZvT6SK/9UAAgABivlw28bALAXmSHfQu5KAHCJlvL24gI9l7EAkPybIwAQAAzWsykBgEaAQMMBwAEBAPSGkwCgv2KBL+P6fyhv///GpBIaAcAgtaoCwA0A9P8mAOgHIRywF1nb/xK3AFj9FwAIADJoBAhczJuv/aI1vzdAewIA13/or4zwPyb/83nNfzUAFAAM12g02iha1AgwyoM0AwI3AUD7zSc1Aayu/0A/ZWzxXczd/7/mXREADF1KFUDWipw+ANBPmeFecidgYMY35LYAQn9lVQC0be6DAKDLchoB6gMANBQAJJYBAtN8F5OqALK2BwHtknVff4MGgAIAUqWkYLEXMCOdsw8Q+inzu60CANrBMcDAhWRV9iZWHFn9FwCQ+UX4zC23pNwE2AsI/ZNZATCnAgBaIbMRoBAA+iejAiC58e+z3hUBwOBNGgFuZLyWPgBAEzf3TgGAdlhIDABeP/OyAYWeyaj+S77mqwAQAJD5ZYjynIzVAKsA4CbgfDI7jwNTXvcTt+O49kO/ZFX1HkoMAEaj0Zp3RgDAjrTzMG9aWZn6NTQChH6J8v+srT3JRwEBU8jcAuDaD/2SVdGbWAFg9V8AwC5rWS+U8SW1BQD6RQNA6KfMQM4WAOiXjFAv+Zq/5l0RADCRWQ6TVaZjJQD6I7O0VwUAtCwESLpBj0qhzGahwGxlLOgl7/8/6V0RAPB2KWUxcT63KgBgt8xAL7PkGEgIABJDOUcBQz9k7f9PDgDWvDMCAGr6UmR8WVUAQH9kBnpOAICWBQCJJbqu/eC6v1tiA8DNyclnCADYJe1czEMqAICJ1PJ/+/+hfQFAYgWAkwCgHzLCvAj8o7I4yZp3RQDAu6V1xrxBHwBgIjPMs/8f2iezKkf4D679dfy2FIkLnQgAemNSFrPRphuCV57/E28MdFxmkKf8H9rJNgCgkrX//5D9/wIAGpH25dAIEMj+HtsCAC0NABKrc4T/4Lo/Pz+fGvqPRqN174wAgHNLK49ZWVmZ+jWyEkRgNmIlL+s7HDcDtgBAO9kGAOy+9k/L6r8AgOakfUHiRj1u2N0IwHBlfn8PKf+HQQQAwn/otowqnpsOH878K9n/LwDgfLL7AGTcsP/k+We8MTDgm4A6JhhArgMHDmw/2vjbATQnq4fHDSoABAA0Ku1LkpHeqQCAbnrjzCupR3oJAKDdMr+jGgFCN2WEd9HvJzNQHI1GAgABABeRViaTcTMQk4h4AN2SGd7Z/w/DCgBUAMBwr/1W/wUANC/tixLpXUbXbjcC0D2Z23fs/4dhBQDRA8C1H7olvrcZlX+fueWWzL+W/f8CAC4muw9AxjYApYDQvZsA+/9hWLL7AOgBBN2Scd2voeJvzTsjAKDhL0vGcYBWAWB4NwG7JXcDBmpyU8I137UfuiljwW4l93q/af+/AIC9SyuXiRQvY0XAjQB0R+bKXfaqIlAf2wBguFKO/0sMEQur/wIAZveFyfgy2wYA3ZB90558MwDUKFbvooQ3i20A0A2x9z+u/9OI347kCgD7/wUA7NWkD8B61utlrAic/u7TTgOADojvaqbkZkBAzQ4lnwYw7aQC6Ma1fyV/u9+ad0YAwIy+NBkrAnEDcOqJP/SuwIACAMf/Qfdk9uywDQDaL76nGdf+5Iq/jdFotO7dEQBwaVLLZjJSveyVRSBXlABmHAGU+bsBNGsledvO//fdEwYVWiyjUqeG8v8174wAgEs0Go2eyny9jFQvK2EE6pH9/bT/H7pnfm4uNQR4df0HtgBCi2VU6NYQ+Nv/LwBgn9ayXii+2BmdvK0EQDtlB3Q1rAYADck+utMWQGinrMq/GgL/p7w7AgD2J3U5L+PLbSUA2im7WZfmf9Bd2dsAVP9BO2WEczUE/uuj0WjTuyMAYH/WMl8s64beSgD08yZAAAD9ENsAMr/DtgBC+2Q16ayh2s+PhQCA/Zp0z9zIer3o5p2xDSBuAhwLBO3xs/UXUpv/xe+E7v/QbdklvcJ/aJes+/Hbjx7N/qsp/xcAMKW1zBfL+JJbCYB2yb4xr+FmAGhYVu+fSoSMETYC/bn21xD4bzr+TwDA9HL7ACSV+VgJgHaInhzZ53TfpPkf9EJ2FcBfrf6BQYUWiIW4jJ5cVv8FALRQ9nGAkfRlNAeKHx1VADB72Tfk8fuQuWoIzM7tt92W+noaAUM7ZJ3KdZPj/wQAtFZqCPDZpMZAVgJgtuoI4j6r+R/0RoR5Nxw6lPqarv0wW7EVJ8K4adUU+KsAEACQJPUOP2tfYB2lx8DeZW/F2a4QUv4PvZJ9okdW6TGwP1khXA2r/2uO/xMAkPiFyn7BrFW+//rEf/LuwAzU0YzT6j/0MwDIXuVTBQCzkbX6Pz8/X8dxv/YGCwDIMhqNNsqn1I6aWV/6+BFSBQDNe/Hrv5d+HOdR3f+hlz6rCgB6ISt8y+4PMqH8XwBAstRULasZYDURAZpTx97/CAXn5+YMLvRQHeGeKgBoVtbqf3XNT7YxWbBEAECi9FQtK/1zIgA0q44b79ut/kNvRbhXRy+ArVMvGVzo2LVf8z8BAB0xGo1iC8BG5mtGZ+DFxcXWTkiAd6sjcNv+LTh40OBCj91z113pr6kCEJoR1/2s1f+ayv+/6V0SAFCPVlcBCAGgfn/xu3env+bdNUwMgHbJ3PpXiQlJlCUD9cq6x67jaNBip/x/3bskAKAe6elaZnfgOJIsuykZcFbm/r9K3AjUcDMAtFAdK38v/K4AEeqe/Gc13bynnsBf+b8AgLpM0rX08zWzugPH5F8VANSnjhtte/9hOOoI/GJiEgsAQL64t876fsXRf9lVQBPPeqcEANQrPWWL7sDxo5AhfqQ0BYJ8mSsAle2S4MOHDS4MSB1bfuL3SQUg5Ms88jcqgGo47WdzNBqpABAAULP0dvvxY5BZFqgpEOSqa4XtHnv/YXDqqAKICYprP+SKbX+ZTX+P1lPxZ/IvAKBuk5QtfRtAZhVA7FFWDgh5MlcAdk8CajgHGOiAOqoAYqKiISDkOfn1/yPtteJ6X8Pqf3AOuACAhqSnbdlVAMoBIccrz//J9qMLEwCgG+pq/qkhIOTdR2duqa2p4k/5vwCABtWStmVWAcTkv47jymBI6iqr1fkfePCBB9Jf05HAkPM9yqykzTzx6x1M/gUANKWubQDZVQB1rVzCUNTR+C9Y/QcWDx6sZRtQ9solDE0soGVW0dbY70f5vwCAhtWSumVWAdTxIwZDEXtp6+ilETf8Vv+BOicGtgLA/sR1P3ppZV7za1r9V/4vAGAGakndogogc3XQVgDY3/fmz+76Qqdu+IHuiYlBHb8JUQFgKwBcmjq20NR4zTf5FwDQtEnqtlHHa8c2gMy0MLYBZB5jAn1XV+VM3AjUtBIAdFR25V8lJjJOBYC9i+A/89pf4+p/+KZ3TADAbNSWvn01uTlQNDKrYy8z9E2EZXX0zoibgJrOAAY6LCr/Hrz//lpeO7YC2AYIF1dH74waV/83RqPRmndNAMBs1Ja+rRw+nLpPuM6SZuiLuPjX0fW/uhGo6QxgoOPq6g0Swb9tgHBhUSmTXfpf8+q/8n8BALMyGo3Wi5q2AYTsI4LqnNxA10VIVtdqWdzY19HtG+iPOo4FDFHRVEdDU+jLtT97gSy29NT1fZ5Q/i8AYMZq+xLGEUG3J5cMx02AowHh3SIcq+vorP/4jW8YYKDxa34Tv2/QZf/5rjvSg//o5VVjxd/GZAESAQAztFrni8eJANnNgaIcUD8AOCv2/dfVKFPjP+BSrvl1/V5kNziDrouy/8wj/0ID/X4e8s4JAJix0Wi0UT7VlsTV0RyoKndyIwA7W2Pq2iO7uLiYeqwn0G9xzf9qTaXDEfzHaiewszWmjqMyG+j3Y/+/AICWqDWNq6M5kH4AsBOGPXfHv67t9evq7A30VzQBXllZqeW1Y7XTtZ+hqyv4b6Dfz9pk4REBAC1QexpXxx7iKHmuI/2ELk3+66qEib28dXT1BvovrvnZ2/8q0Quori1P0IVrf11VsA1U/Gn+JwCgLUaj0WZRcy+A2FNUx3miEQC4EWCI6myKpfQfmEaUENfZPDRWPzUFZIgi+K+jD1ZdR3nuEnMN5f8CAFqm9ll0TChiYuFGAKZTd/C1vXpX7x5AoOdiK0Cd5cQxEXLtZ0jqut9t4Ni/8NRkwREBAG1Rfikjlduo+8+pqyzQjQBDUffWl6jUieO8AKYVk4q6TgXQEJghiaq/uoL/6PfTQOiv/F8AQEvVXpoTE4s6SovdCDCUyX9dHf9DlP8p/QeyxKTiyccfr+31oxS6zl4o0JZrf/S+qOu6X3Pjv7AxGo3WvJMCANqpkbM5b7/ttlr2GbkRoM/qPvkiKnPq3LMLDFME//fUGCzGb6NrP32e/NcV/Dd43bf6LwCgrSZHc6w18Wc98fjjtWwFcCNAXyf/dX+u4yagrlJdYNiisqjOBmOOBsbk/9LFglxD1/1V76YAgHZrJKWrs0OwEACT/0u8CTh6dLthF0Bd6gr+m5osQdPX/jo/zw2e9vPUZIERAQAtFn0AGunSGROOmHgIAWB2n+O4CYgGQAB1iuD/icceq/XPEALQp2t/bd/FZrf8Kf8XANB2kyM6GjunMyYedRwNKATA5H9vNwF//L3vGWygEbENoO7jxoQAuPZf2N3NnfazOTllDAEAHfBQk39YTEDqKgsUAuAG4CLfvfqP/gH4pdh3XHfXcSEAXfTK839S+7U/Qrj4DjZk1bsqAKAjRqPRevm03tSfFxOQOlchhQCY/L9blP81tAIA8DZRBVBX9d87QwDXfrogPq//+a47aq/6e6LGYznP4SHvrACAbmn0SxsTkTr3IwkB6IIm0v8Qq28NnPsLcO6JyNxc8eRjj9XaFLCaVLn204XJfxMVK9GDo8GqvzXN/wQAdE9jzQCbmpRECPDdf/7J7Wdo4w1A3el/iPK/Bpv/AJxTHD9W5xbA3dd+IQBtdeqJP2xk8n9PzUdxnoPVfwEAXTNpBrja9J8bE5M6f6DiBiBuBIQADPEGIEpuGy7/Azj/b9LBg42cQhLX/P/3f/1N135aJa77L37992r/c+K+uqEj/yobmv8JAOiumaR3MUGpc29ghABxIxArrjCUG4BYZXuy2fI/gIuKyr+6TwYIb5x5ZXsB4GfrLxh0ZiruQ6Pir4n70Bns+w+O/hMA0FWTvTtrTf+5VVPAussCY+L1V6t/4I1mZjcAf3rH5xq7AYjvVJTcArRNEycDVL+7EQJYAGBWqiAqev40de2fQfC/6p0WANBtM0nxmgoBIgBoYt817FbtSX11/QeN/HnxXdLxH2iz2ALYVHPSWABwTCBNi+qTJreixPaaGVz7VzX/EwDQceWXeLV8mskXOX60mggBqs7r9gbShKY/b477A7oUAjTVqCyqAKIKywIATYheP002o7z96NFZnfaj/F8AQE/M7MvcZIOgpkqyGK7Y699kxUmTK2oAGeruA7RbVGE5HYg6xfW+qV4/le2+Gg3cO5/D+mg0WvOuCwDoh+Oz/MPjh6yJY8uqpixN/kgznBuAWGmKFYCmmPwDXVRtAWwqBKgaAzf5+8wwVItLTfaciO/NDI/6dfSfAIC+mNWRgLMIAULcBMTNQDRqgWlFVUmsMDW139/kHxACXLqmK7Tot5j0N729NL4v8b2Zkc3JtmEEAPTIzFO9JkOA6sxgnYLZr7iJnMUNpck/IATYnyqwdVQg01z747ofZf9NXvuryf8Mj/q1+i8AoG9Go9F6MYMjAWcZAlT7tqwIcKmqsr+mS0pN/gEhwPTX/vj9jgDXtZ9LEcFRBEhN95OKZtlx/Z/h5D+s+gQIAOinVqR7TYYAoVoR0CCQvYijJZs85sfkHxAC5Ku2A6oG4GKqir8mu/zvnvy34KhfR/8JAOir8sv9VDGjIwFnHQJUJV2qATifattIBABNM/kHhAD5oheQagAuJAKiWTWRbMnkPyj/FwDQc/e15S/SdAgQqmoAvQGoVMn/LFb9q7I/k39gCCHAC9///kx+71QDcK5rfywKRUA0i6bR1Z7/Fkz+1ybbhBEA0GNRBbDZthAgJkJN/uhHb4A41s1JAcMWgdCsk3+Tf2BIZhV6VtUAMelz7R+2uObPcmtoiyb/weq/AIC+mxwJ2Kove9wIbHc+bTAECHGsW1wAlAYOT9z8RQA0qxvBFpX9AcwkBLjnrrtm8mdXwe8stnsxW1W5/yzv+1rQ7X+3jcn2YAQADMDxtv2FYiI0ixAgVEmwbQH9V5X7x/sdAdCsLv5//dJLJv/AoN19112NbwPcfS2IAECD4GGIoD8qP6MCpOmtfrvFgldsg2nJ5D/c59MhAGAgJlUAq20NAZpuElTdDMTFwfnB/Z34Vzd7syj3r6ysrLQp+QeYqVlVAO6eGEYlWFSEufb3+9o/60WeBx94YGaB13lslvOBVZ8SAQDD0srUb5YhQHUzEAmxm4H+iIt+Ve45y60etx89Wjz52GMm/wC73HDo0Eyv+yEqwqpr/yxXiMmf+M96q0eEW08+/nhx+223tW2Y7P0XADA0k/M+V9v4d6uOC5plc7TdNwOCgO5O/OPiH5Uds2z4VHX6f/D++70pAOdQhf9RJTVLce2PwHjW1w1yJv6z7u8UoVaU/K8cPty2oYpK4OM+McN0mSEYvG+WjyNtDQGqUqlvPfroTG8GXr3jB8WVS79W/MMj/6b4e0u/6lPT8ot/7OeMC38bbt4OHDiwnfzb7w9w8et+VEn9h698pfj35WOWIkCOh2t/d679sb0vHm1p6hxNLu+eUaPLPXhosh0YAQBDU37518bj8Vr5n8tt/TtGCBDlgZ/7/Odn+veogoD3X3X19s3AgU/e5APk4n9B8bl9opz8K/kH2LuYNMXKaVz3NzdnO0fZvQjwD27+l8XV1/+6N6hFIuiP636ENW269sd+/5YH/6s+PQIAhu2+NgcAIbYCRBl1G24Gqk6yscIcIcC1N/+r4vIrPuhTNCOxV7O6+LdJy5N/gFaLkukonf5nv/VbxcmTJ2f+99kOAtZ3FgHiuh/Xf9f+2YmtmXHtb9MJDnGfGtf9Fu71f9fkf7INmIEaGQLCeDx+pu0hQDj54ovFb3ziEzMPAd4pbgTioUSwGVWZf1z829asKW4Annjsse0VALrp8ve9L+V1olIoHkwn+rBkHNlZNZqje754553F1x5+uF2/E+XkP6oBIgyYu/Zj3qSGrv0R9se1v239GaJiJSpWO7Ld7xoBwLCpAKDS+iqA7R/Y8oc1zk+PEKANKwKVaq9gtTIQNwXx3+SqVvtj8t+WUr/donlV3AAo+QfIEw1Uq62AbVkAqCaj8YgAoFoIUBWQL675P3n+mdZV+lXihJ9Y+e/Itd/qPyoAOGs8Hv+wfFrqwt91c2ur+OKXvjTT5oAXE/sF/7tPrmyHAW4I9i9S/uomq60dmTtU9sceqABoFxUA7L723/ybv1k8+9xzrf07xjX/w9ff6No/pQj847ofk/82X/sj9G9hh/8LsfqPAIC3BQBHyqdHuvR3PvGd77RqRcANQd6FP2744+Lf9vOYY1IRNwDR7R8BgABAAED9vvb1r2+fFODab9I/Kx2t+IvV/1t90hAA8M4Q4G/Kp4Uu/Z1jRSBCgBMnTnTi71uVCkaFgH2DZ8UFP5r6dOHCHyL5jxV/jf4EAAIAAQDNO3369Pa1v83VAO8MA6JPkC2CZ8U2ivhuR3l/PHfl2t/BVf+K1X8EAJwzADhSdKwKoNKVaoC3TTQmTYTipiACgSHdFFSr/NWFv0us+gsABAACANqhK9UAu8W1Pq75Q7z2R9Af3+fquUs63ufH6j8CAC4YAnSuCqAS1QBxI9C2bsGXclMwf+2vbN8UVM99ECl/NeHv4kW/Yq+/AEAAIACgfaIa4N/eeWdnKgHPFwhEVWCfqgNjRX/z1I+2r/9dvvZH2P/VBx7o6qp/xeo/v+QUAM4lTgToZBVApLLRLTh+pOPYoDadFLDXi2U8dp9rGzcCEQZUNwjx3ObVgrjQv37m5e3neMTFvwtlfRfzmVtuKR4sbwB0+Ado3wTtycce294OEJWAEQh07dr/zg73VRBQLQzEf7e5j8Dua39M9uPa38bTei5Vxzr8n4/O/7yNCgDOqctVALt1sTRwr+LmIG4GqpuCuEEIdVcNVKv5oUrz42L/5mu/aH3Dvv2Is32rI6gYBhUA7aICgEsRlYAPP/zw9vW/b9f+6lpfLQTE4wNXfaSRa3+1QFFd66t7gZj09yHkP9fvRYT+cfx0D1j9RwDAngKAI0VHqwDOdTPQ5W0B04YEu+11BaG60Ff6Orm/EOX+AgABgACA7ur6toBpQ4Ld9hoOuPb3ptx/N3v/EQBwSSHAD8unpT7dDHSpYzCzc0858T969KhyfwGAAEAAQMfFNT8WAVz7uZAen+xj9Z93eY8h4AKO9ekfE6lu3PzFQzk35xL7/E+99FIf9vsBUJwNfp58/HEnt3BOEfr/9eTa3zP2/iMA4NKUPxpr5dOamwGGMvF3tB9AP0VJt995znXt73Hof593GQEAfjzcDGDiD+B33+++z0C/PwNW/xEAsD99rQI434XA1gAXfwBcB/Ced5zVfwQA+BHZy4VBj4D+igY/bvgAON+k0LW/n9f+2OP/6n/7b0O69t9n9R8BAFOZVAGsDuXfW/UIiBuCuDGg2+JiXzX4MfEH4HxBQLUI4Nrfj2t/XPP/eniNfTfLx3GfAAQAZBhcKVF18YjU+MEHHjBx7JgIcuL909UfgP1cOyI8du3vlpWVlbct4gzw2v/QaDTa9ElAAMDUJqVEq0P8t8fFI86GjYuJlYGWv1dxju/Ro94rAKYSE/8Ij+N6EqcGxcSS9r5X91Tv1WOPDXkrR9yrW/1HAECqqAIYdKpYrQxUVQGLi4s+FS0QN2Zxg/bqmTPFg/ffb8UGgLxrzOHD2xPLmGCqCGyHqq9Ptdp/t2qN7ft0q//sxcgQcCnG4/G95dOXjcRZp0+fLr729a8XT584sf3fNDfpv6m8KYtn5f1kuvx970t5nX945N9sP5jOn97xueLV9R9M/TpVfxfIcPLFF4tvPfqoa79rf1tslJP/awwDAgDqCADmy6e/KR/zRuP8NwTPPvdccfLkSQPiwo8AwIAKABAG4NpftxsnTbtBAEAtIcCR8ukRI3FhcRPw9He+sx0GnChvCrh0UeIXpZdx4+7CjwBAACAAoAthQFz3IxCwELA/Ucof39ebyut+3ANwUWvl5P9Gw4AAgLpDgKgCWDASe7O5tVU8V94QPDt5uCm48E16NeFfPHjQgCAAEAAIAOj0tT8qA+Larzrg/OKaX13/Xfsv2XWj0WjdMLBXlxkC9unW8vGMYdibWLmOFLtKsgUC757wH5o8A0Afr/0RAPzyuv/ii4O99kd1X1zzl8qJvmv/1FZN/hEA0IjYZzQej9fK/1w2GtPfFIS4IYhQYL28KYibhD7eGGwn+4uL2+l+9QwAQxCl7dG5vjqiNhYD4lpfXfvjv/tYJbD72h//rVt/muj4f59hQABAk46Vjx8ahrwL5DtT8KpksFo12Jj8dxf+LXPz89vpflz042Jvsg8AZ8ViwDuv/VUocHLXYkCXrv1xvV+Ia/5kwm+yX6uHRqPRhmFAAEBjouRoPB6vlv95xGjUdzGt3L3r/z9uBKobgnhUNwwhbho2N+s7Bra6uO/++8WFfq68kYlnjfoAIC8UqFTX93jeKp93BwN1X/t3X99d+1shJv7HDQMCAGYhqgA+VTgWsFExCd9Lqr47GHinrXf87w5dYA+e/XkAMFtVJd3FrsnVIsH5/ndVaBCVeuerzpu/wP+OVrhvNBptGgYEADQufnzG43HsP/p9o9E+1UrC+TheB2i7N1/7hUGAS7DXRQI6K479WzUM7Nd7DAEJIUCUIG0YCQCybZ16KW1SBNADGv8hAKAVbjUEAGe9ceYVg9AiCwIAoPvi2L81w4AAgJmb/Bg9ZSSArou9rwKAdjCGAL8Ue/6PGQYEALTJscmPE0BnZTW+ev3MywZTAACQReM/BAC0y+Qs0oeMBIDJa4bNUz9Ke61DTjMBumt90nMLBAC0LgS4t9AQEOiwzGMvf7b+ggGdQlYDQICOU/qPAIBW0xAQoMhdwTZ+07lBBQDQTRr/IQCg3TQEBLrskAqAVnjrtb91BCAwdBr/IQCgMzQEBDop87i4V9d/YED36ZXn/6SV7ylAgzT+QwBAN2gICHRVrBZnHQUYq9iqAPYnc9yU/wMdpPEfAgA6FwLcGz9eRgLomsxtAJkr2UOSOW6Li4sGFOgaPbUQANBJ9i0BnbN08GDaa53+7tMGdB9jFtUTWRwBCHTM8dFoZBENAQDdM2kIqHwJ6JTMCWNMZFUBXJqfPP9M2mvF6v/83JxBBbpio3zcZxgQANBl8SOmgQnQGbFnPKsPQPivT/wng7pHb5x5JTUwsf8f6JhjGv8hAKDTJj9i9jEBnZJZBRCnAcTElov7q9U/SH09AQDQIU+V982O0kYAQC9CgPgx84MGdMZNhw+3emLbR7FdIrNnQlRxrCS/jwA1sWCGAIDeOVbYCgB0xMrKSurrxcRWFcCFvfj138t9D03+ge64T+k/AgB6pfxR2yg0NQE6IhrHZYcAf/G7dxvY84hwJPvEhJuS3z+AmqyV98maZiMAoJchQPy4rRkJoAuytwFEL4Cfrb9gYM8hOxxR/g90hNJ/BAD03q2FrQBAB0QFQOZpAOGF370r9Yz7Poiu/xGOZPrMLbcYWKAL7ptUyYIAgH6yFQDoiu1tAMmryFHqriHgWRGG1LE14vbbbjO4QNsp/UcAwGBCAFsBgE6456670l/z1BN/mHrWfZfF5D+7IiKO/jtw4IDBBdpM6T8CAAbHVgCg9WIiWcdZ8jHxHfqpAHUFIXfXENoAJFP6jwCAYbEVAOiKOiaUser9Z3d9YbD9AGLin33sX1hcXKwlsAFIpPQfAQCDDQFsBQBaLyaUdUwqt069NMijAev8d9v7D7Sc0n8EAAyerQBA69VVVh4r4UMKAWLy/9wd/7qWyocIaXT/B1pO6T8CAIbNVgCgC2JyGccC1uH0d58eRAhQ5+Q/2PsPtJzSf2Y/9zIEtMV4PH6mfFo2EkBbnT59urj2Yx+r7fUPfPKm4uO/8x9M/vchwpknH3vMhxRoq6h2vc7qP7OmAoA2+XRhKwDQYnEiwD01rjJHJcCf3vG53jUG/Nn6C7VO/ufn54uv3n+/DyjQZrea/CMAgF3KH0VNUYDWO3r0aK1nzL+6/oPtyXKsmPdBHPVX5+Q/ROO/Ot8TgCk9Vd7nPmUYaMWcyxDQNuPx+JHy6YiRANrq2eeeK37jE5+o9c+4/IoPFgdv+3fb2wK6KCb80dcgmhzWKY79e+H73/ehBNoqFriumSx0gQAAzhEAzJdPPywfC0YDaKsv3nln8bWHH679z7n6+l/f7gsQgUBXRMn/n931hUa2Mrzw539eLB486AMJtNWN5eR/zTAgAIALhwDL5dMzRgJoq82tre0qgJMnT9b+Z3WlGuCNM68UL37992pf9a88+MAD2+X/AC11vJz8HzMMCABgbyHAveXTl40E0FYnX3xxOwTY3GymsnPu2o8Vi7f978XfW/rVVo1DrPTHXv94NNXAUNd/oOXWy8n/dYYBAQBcWggQWwGWjATQVt969NHic5//fKN/5pVLv1b8g5v/5fb2gKFN/EM0/IvS//m5OR9AoI0iFY7S/3VDgQAALi0AWCh2+gHMGw2grZrqB/BO77/q6uLam//VdhAQ/92U2OMfRxbGo2lx5N8ff+979v0DbXasnPwfNwwIAGB/IcCnyqdvGwmgzf7Zb/1WceLEiZn9+RECxNaAusKAmPTH3v54xF7/WXny8ceLlcOHfeCAtooj/z5tGBAAwHQhgKMBgVZrsingxUQAENsEomfA/LW/sv18KacIbJ16qXj9zMvbzzHxf3X9B60Y4//4jW8Un7nlFh82oK02ysd1jvxDAADTBwCxBSBOBdAPABAC7FMEAe+94u+c/+9/6keN7uU3+Qd6xpF/CAAgMQRYmoQA+gEAQoABiYl/BAAALXZfOfm/1zDQdu8xBHTFpJOqs1SBVovO9NtN6hYXDUaC248eNfkH2m7N5J/OzKkMAV2jHwDQBSoBpqfsH+jCz335uMa+f7pCBQBdFFUAzlUFWq2qBFhZWTEYJv9Af33a5J8uUQFAJ+kHAHTJ5z7/+eJbjz5qIPZgfn5+ZwvFwYMGA2g7+/7pHBUAdJJ+AECXxGq2fewXF30TXvj+903+gS54yuQfAQA0GwKslk+rRgLogihnf+HP/7w4cOCAwTiHaPYXk3/jA3TARvm41TDQyTmUIaDrxuPxD8unJSMBdEE0B/zil75kS8BElPxHdcTK4cMGA+iK6ybVqCAAgBkEAAvlU4QA+gEAnXHiO9/Z7g2wuTnc3lHRIDEm/9EwEaAjbp1UoUIn2QJA55U/whuFMiyga5Pfw4eLv37ppe3S96GJMv8nH3+8ePKxx0z+gS5ZNfmn83MnQ0BfjMfje8unLxsJoGtOvvji9raAZ597rtf/zij3v/2224qjR4+a+ANdEyX/NzryDwEAtCsE+Hb59CkjAXRRBABfvPPO4uTJk737t0UTxAcfeMDEH+iimPRfN6k6BQEAtCgAiD4AzxSaAgIdFv0Bvvbww52vCIgV/9jqcM9dd+nuD3RZrPyvGQYEANDOEGBpEgJoCgh0WgQAcVpA104MiMn+Z2+5Rak/0AfHysn/ccOAAADaHQLENoBvGwmgD+LowCoIaPP2gCjzv2llxZF+QF9E0z+NphEAQEdCgHsLTQGBnjl9+nTx9He+04owoCrxv+HQoe0j/az2Az2i6R8CAOhgCPBI+XTESAB9FJUBJ06c2N4qECcJ1B0IxIR/8eDB7Qn/ofIRzwB9/HktH9eY/CMAgO4FAJoCAoNShQFbm5u/bCJ4qc0Eq4n+XPm8VD4vLi5u/88a+QEDER3/1w0DAgDoZgiwUD79sNAUEOC8YUA16QcYuFvLyf+qYUAAAN0OAZYmIQAAAJzL8XLyf8ww0GfvMQQMwaSMSxdXAADO5SmTfwQA0K8QYLV8co4rAAC7WShiOHMiQ8DQOBkAAIAJHf8ZFBUADFGUd+nsCgBg8n+jyT8CAOixyY/8jeVjw2gAAAzWMcf9IQCA4YQAny52kl8AAIbFcX8IAGBgIcD6JAQAAGA4Vk3+EQDAMEOAtULXVwCAoYjj/tz7IQCAAYcAq+XTfUYCAKDXHPeHuY8hgB2OBwQA6PXkX8d/BACGAN4WAny7fPqUkQAA6I3quD8d/xEAGAJ4WwAwXz49Uz6WjAYAgMk/CABACAAAQPvdOGn6DAgA4IIhwN+Uj3mjAQDQSbc67g/ezikAcA6TBjE3FjtlYwAAmPyDAAB6HAKsCwEAADrnuMk/nGeOYwjgwsbj8XKx0xMAAIB2Wy0n/7caBjg3FQBwEZPGMS4kAAAm/9DtuY0hgL0Zj8dHyqdHjAQAgMk/CABACAAAQLO2+zZNmjgDF2ALAFyCSUOZY0YCAMDkHzo3nzEEcOnG43FUARwxEgAAJv8gAAAhAAAAJv8gAAAhAAAAJv8gAAAhAAAAJv8gAAAhAACAyT8gAAAhAABAn2xOJv/rhgIEACAEAAAw+QcEACAEAAAw+QcBACAEAAAw+QcBACAEAABolIZ/IAAAIQAAgMk/IAAAIQAAgMk/IAAAIQAAgMk/CAAAIQAAgMk/CACAlBAgAoBHjAQAgMk/NO09hgCaU17YVsunW40EAMC2NZN/EACAEAAAoN9Wy/sik39oci5iCGA2bAcAAAY++bcgAgIAGFQIsFQ+PVM+5o0GAGDyD9TJFgCYofLit930pnwofQMAhuCYyT/McP5hCGD2JpUA3y4fC0YDAOipWye9kAABAAw+BIhtALEdYMloAAA9EpWOx0z+QQAACAEAgH5P/m+cbHsEZkwPAGiRyTE40RNg1WgAACb/QOp8wxBAO43H4zgi8IiRAAA6aH0y+dfoGFpEBQC01KRD7jEjAQB0zJrJP7R0jmEIoN3G4/GR8ukRIwEAdMCqY/5AAABMFwJEU8BoDjhvNACAlrqvnPzfaxhAAADkhABRCeCEAACgbW51zB8IAIDcEMAxgQBAm+j0Dx2iCSB0SDTTKR/XFY4JBABmb93kHzo2nzAE0E3j8fje8unLRgIAmOHkX6d/6BAVANBRkyY70WXXhRcAaFJ0+r/O5B86OIcwBNBtTggAABp0rJz4HzcMIAAAZhcCaA4IANQpVvuj0/9ThgK6yxYA6AHNAQGAGlX7/U3+oevzBkMA/TIej+8on37fSAAACdbKx6ft9wcBANDeEGC5fPp2oS8AALB/x8uJ/zHDAAIAoP0hwMIkBNAXAAC4FLHaH83+Vg0FCACA7oQAUQEQ2wGOGA0AYA82ip2S/3VDAf2jCSD02KQ54K3lfyrfAwAuJpr8XWfyDz2eHxgCGAZ9AQCAC7ivnPjfaxhAAAD0JwSIyf8zhb4AAMCO2O9/qyP+YBhsAYABmWwJuK78z+NGAwAGL0r9rzP5BwEA0O8gIHoCfLrYSf0BgOGJI/5i8r9hKGBA8wBDAMPlqEAAGBxH/MGAqQCAAZuk/jeWDzcBANB/UfJ/o8k/DPj+3xAAYTwef6p8eqRwSgAA9FFM+mPl3/Y/EAAA2BIAAD2kyz/wS7YAAL8UWwKcEgAAvaHLPyAAAC4aBDglAAC6TZd/4N33+YYAOJ/xeBz9AGJLwLLRAIBOiPD+0+XEf81QAO+kAgA4r2gUVD7ilIBjRgMAWi9K/a8x+QcEAMA0QUD0BIjeAOtGAwBaJ1b9o8P/p3X5By54X28IgL2abAn4cvm4w2gAQCtEOB9d/oX0gAAAqCUIWC52egPMGw0AmJn7yon/vYYBEAAAdYcAMfl/pHx8ymgAQKM2ip1V/zVDAVwKPQCAfZk0CIyjAh0XCADN2e7LY/IP7Ose3hAA03JcIADUbqOw6g9MSQUAMLV3HBeoGgAAcln1B3Lu2w0BkGk8Hi8UO70Blo0GAEwlQvVY9X/KUAAZVAAAqcqblA3VAAAwtVj1v8bkH0i9VzcEQF0m1QC/XzgpAAD2aqOw1x+oiQoAoDaTagAnBQDA3tjrD9R7f24IgCZMTgqI3gCqAQDg7TYKq/5AA1QAAI2YnBQQlQA3Tm50AICiuK+8Pl5j8g8IAIA+BgFxg3NdsVPmCABDtX09LK+L9xoKoLF7cUMAzMp4PF4qdrYFLBkNAAYieuLEqr8gHGicCgBgZsqbn/XyEdUAjgwEYAhWi52j/Uz+gdncfxsCoA00CQSgxzYKTf6AFlABALSCJoEA9FBV7q/JH9COe25DALTReDy+t3z6QvmYNxoAdNBT5eNYOfHfMBSAAADg4iHAQvn05fJxxGgA0BEx4VfuD7SSLQBAa8WqSfm4tdjZFrBuRABosSj3P6bcH2j1/bUhALpiPB7fUexUBNgWAECbrE4m/060AQQAAIkhwPwkBLjDaAAwY2uTib8qNUAAAFBjELBQ7BwbuGw0AGjYxmTi/5ShALpEDwCgkyb9AaI3gP4AADRl97F+Jv9A9+6hDQHQB+Px+EixszVgwWgAUIPjk8m/ff6AAACgBSFA9AeI3gBfKDQKBCBHrPRHuf+GoQAEAADtDAI0CgRgGmvFzor/mqEABAAA7Q8CFiZBwBGjAcAebZSPW038gT7SBBDorUmjwFvL/7yu2FnJAYCLTfyvMfkHent/bAiAoRiPx8vFTkXAstEAYCKa+sUe/1VDAQgAAAQBAPRz4v9Q+Tiusz8gAAAYRhDwSOHoQAATfwABAMAggoAjxU5FgCAAwMQfQAAAIAgAwMQfQAAA0Kcg4FPl0xcKPQIATPwBBAAAgwgCIgDQLBDAxB9AAAAgCACgJTbKx32O8wMQAABkBAFLxc7WgCNGA8DEH0AAAND/IGCh2KkIEAQAzM7aZOK/ZigABAAAdQcB8+XTHcVOVcC8EQFoxGr5+KaJP4AAAGBWQUCcHOAIQYB6RDO/p4qdFf8NwwEgAABoQxjgCEGAPDHZj47+qzr6AwgAANoaBGgYCLB/a8VOmf+qoQAQAAB0JQio+gR8trA9AOBiYsL/UDnxXzcUAAIAgC6HAbYHALzbRvn4Zvk4rswfQAAA0LcgYKE4uz3A6QHAUEVTvyjzf8pQAAgAAPoeBFSnB0QYsGREgAGIFf7VYqfMf8NwAAgAAIYYBlRNAyMQUBUA9M1aoakfgAAAgLcFAVVVQDQNXDYiQIdtFDt7+1et9gMIAAC4cBiwUJytClgwIkBHrJaPp+3tBxAAALC/MCBCgJuKncaBAG0Tx/ZVq/06+QMIAABICAI0DgTaYqPY6eSvoR+AAACAmsOAhWKnIiD6BSwYEaABm5NJvxJ/AAEAADMKA5YmQYB+AUAdYrL/TZN+AAEAAO0KA5Z3hQGOFASmmfQ/Hc/29QMIAABofxhQNQ8UBgAm/QACAAAGFgYsF7YJACb9AAIAAAYRBugZAMNVNfJ71qQfQAAAwPDCgOVJIOBoQeinjfKxVujeDyAAAIBJGLAwCQOqvgFAd60XZ0v71w0HAAIAAC4UCEQIcENhqwB0QZTyr00m/WvlpH/DkAAgAABgP2HAwiQIqAIBYPbWi7Ol/WuGAwABAAB1BALLxdlTBfQOgGZsTCb8GvgBIAAAYCZhwPwkCLBdAHJt7prwr9nLD4AAAIC2BQILuwKBZYEAmPADIAAAYDiBwNKuQMCWAdixUezs4zfhB0AAAEAvA4H5SQiwvCsUgCGomvadLHTqB0AAAMBAQ4EqEFichAOqBOi6zd2T/Zj8a9oHgAAAAN4dCOyuEqhCgQUjQ4sn+1Up//pksr9hWAAQAABATiiwUKgUwGQfAAQAAAwmGFiehAG7tw/MGxkSrBU7jfpOF8r4ARAAAEArQ4H5XWHAAcEAe5jox8Q+9uvHqv6GjvwACAAAoPvhwHKxUzEQj8VJKLBsZHpvozh77N7pXRP9DUMDgAAAAIYVDFRVA1U4cGDXfy8YoU5YK86u5G+a5AOAAAAA9hMQVEFAFRSEGybPthc0M7kPMZk/vWuCv6lcHwAEAADQdEiwOxyoAoOwuCsg2P3/b1J/1rPnmuxbvQcAAQAA9MKkJ0Fld4BQqbYivNNCMZsgoVp5P5dn3/E/b0wehQk9AAgAAIAG7NrC8K4JvRJ6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM7h/xdgAPUEY4Volf8FAAAAAElFTkSuQmCC + mediatype: image/png + install: + spec: + deployments: + - label: + app.kubernetes.io/component: manager + app.kubernetes.io/created-by: nexus-operator + app.kubernetes.io/instance: controller-manager + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: deployment + app.kubernetes.io/part-of: nexus-operator + control-plane: controller-manager + name: nexus-operator-controller-manager + spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + strategy: {} + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: manager + labels: + control-plane: controller-manager + spec: + containers: + - args: + - --leader-elect + command: + - /manager + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.annotations['olm.targetNamespaces'] + image: docker.io/epamedp/nexus-operator:3.0.0 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + securityContext: + runAsNonRoot: true + serviceAccountName: nexus-operator-controller-manager + terminationGracePeriodSeconds: 10 + permissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - edp.epam.com + resources: + - nexuses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - edp.epam.com + resources: + - nexuses/finalizers + verbs: + - update + - apiGroups: + - edp.epam.com + resources: + - nexuses/status + verbs: + - get + - patch + - update + - apiGroups: + - edp.epam.com + resources: + - nexusrepositories + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - edp.epam.com + resources: + - nexusrepositories/finalizers + verbs: + - update + - apiGroups: + - edp.epam.com + resources: + - nexusrepositories/status + verbs: + - get + - patch + - update + - apiGroups: + - edp.epam.com + resources: + - nexusroles + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - edp.epam.com + resources: + - nexusroles/finalizers + verbs: + - update + - apiGroups: + - edp.epam.com + resources: + - nexusroles/status + verbs: + - get + - patch + - update + - apiGroups: + - edp.epam.com + resources: + - nexususers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - edp.epam.com + resources: + - nexususers/finalizers + verbs: + - update + - apiGroups: + - edp.epam.com + resources: + - nexususers/status + verbs: + - get + - patch + - update + serviceAccountName: nexus-operator-controller-manager + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: false + type: AllNamespaces + keywords: + - edp + - nexus + - operator + - artifact + - storage + links: + - name: Nexus Operator + url: https://github.com/epam/edp-nexus-operator + maintainers: + - email: SupportEPMD-EDP@epam.com + name: epmd-edp + maturity: alpha + provider: + name: EPAM Delivery Platform + url: https://epam.github.io/edp-install/ + version: 3.0.0 diff --git a/operators/nexus-operator/3.0.0/metadata/annotations.yaml b/operators/nexus-operator/3.0.0/metadata/annotations.yaml new file mode 100644 index 00000000000..4032a9befb7 --- /dev/null +++ b/operators/nexus-operator/3.0.0/metadata/annotations.yaml @@ -0,0 +1,14 @@ +annotations: + # Core bundle annotations. + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: nexus-operator + operators.operatorframework.io.bundle.channels.v1: alpha + operators.operatorframework.io.metrics.builder: operator-sdk-v1.32.0 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: go.kubebuilder.io/v3 + + # Annotations for testing. + operators.operatorframework.io.test.mediatype.v1: scorecard+v1 + operators.operatorframework.io.test.config.v1: tests/scorecard/ diff --git a/operators/nexus-operator/3.0.0/tests/scorecard/config.yaml b/operators/nexus-operator/3.0.0/tests/scorecard/config.yaml new file mode 100644 index 00000000000..b3f2fc8ea6a --- /dev/null +++ b/operators/nexus-operator/3.0.0/tests/scorecard/config.yaml @@ -0,0 +1,70 @@ +apiVersion: scorecard.operatorframework.io/v1alpha3 +kind: Configuration +metadata: + name: config +stages: +- parallel: true + tests: + - entrypoint: + - scorecard-test + - basic-check-spec + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: basic + test: basic-check-spec-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-bundle-validation + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: olm + test: olm-bundle-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-validation + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: olm + test: olm-crds-have-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-resources + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: olm + test: olm-crds-have-resources-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-spec-descriptors + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: olm + test: olm-spec-descriptors-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-status-descriptors + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: olm + test: olm-status-descriptors-test + storage: + spec: + mountPath: {} +storage: + spec: + mountPath: {} diff --git a/operators/nexus-operator/ci.yaml b/operators/nexus-operator/ci.yaml new file mode 100644 index 00000000000..92e877838e8 --- /dev/null +++ b/operators/nexus-operator/ci.yaml @@ -0,0 +1,9 @@ +--- +# Use `replaces-mode` or `semver-mode`. Once you switch to `semver-mode`, there is no easy way back. +updateGraph: semver-mode +addReviewers: true +reviewers: + - sergk + - zmotso + - NikolayMarusenko + - blobor