From e9d26510807e16ac8114b320d2e39bb2e3ee2f76 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Sep 2023 07:50:54 -0400 Subject: [PATCH 01/12] chore(deps): Bump github/codeql-action from 2.21.5 to 2.21.6 (#1763) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scorecards.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index b8dca51fc5..7ffe32efe2 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -71,6 +71,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8 # v2.21.5 + uses: github/codeql-action/upload-sarif@701f152f28d4350ad289a5e31435e9ab6169a7ca # v2.21.6 with: sarif_file: results.sarif From 50b2a0fceab8824c0905691cd5d4828f42639c78 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 15 Sep 2023 07:45:57 -0400 Subject: [PATCH 02/12] chore(deps): Bump github/codeql-action from 2.21.6 to 2.21.7 (#1764) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scorecards.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 7ffe32efe2..89733b307c 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -71,6 +71,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@701f152f28d4350ad289a5e31435e9ab6169a7ca # v2.21.6 + uses: github/codeql-action/upload-sarif@04daf014b50eaf774287bf3f0f1869d4b4c4b913 # v2.21.7 with: sarif_file: results.sarif From 982d340ca4eccbe88c0dbe268dab8e82d553a958 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 19 Sep 2023 07:42:37 -0400 Subject: [PATCH 03/12] chore(deps): Bump github/codeql-action from 2.21.7 to 2.21.8 (#1767) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scorecards.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 89733b307c..580619f1d2 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -71,6 +71,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@04daf014b50eaf774287bf3f0f1869d4b4c4b913 # v2.21.7 + uses: github/codeql-action/upload-sarif@6a28655e3dcb49cb0840ea372fd6d17733edd8a4 # v2.21.8 with: sarif_file: results.sarif From e281f77e3c427d4d8debf40c96a79af93fd2fded Mon Sep 17 00:00:00 2001 From: Bryant Biggs Date: Tue, 19 Sep 2023 16:19:42 -0400 Subject: [PATCH 04/12] fix: Use namespace resource to share across `istio` charts to avoid conflicts (#1768) --- patterns/istio/README.md | 6 ++++++ patterns/istio/main.tf | 44 +++++++++++++++++++++++----------------- 2 files changed, 31 insertions(+), 19 deletions(-) diff --git a/patterns/istio/README.md b/patterns/istio/README.md index 9c7433c5b7..6d69ad81be 100644 --- a/patterns/istio/README.md +++ b/patterns/istio/README.md @@ -16,6 +16,12 @@ concepts. See [here](https://aws-ia.github.io/terraform-aws-eks-blueprints/getting-started/#prerequisites) for the prerequisites and steps to deploy this pattern. +Once the resources have been provisioned, you will need to replace the `istio-ingress` pods due to a [`istiod` dependency issue](https://github.com/istio/istio/issues/35789). Use the following command to perform a rolling restart of the `istio-ingress` pods: + +```sh +kubectl rollout restart deployment istio-ingress -n istio-ingress +``` + ### Observability Add-ons Use the following code snippet to add the Istio Observability Add-ons on the EKS diff --git a/patterns/istio/main.tf b/patterns/istio/main.tf index b9e4ba1da1..76a38c8ac9 100644 --- a/patterns/istio/main.tf +++ b/patterns/istio/main.tf @@ -58,6 +58,14 @@ module "eks" { cluster_version = "1.27" cluster_endpoint_public_access = true + cluster_addons = { + coredns = {} + kube-proxy = {} + vpc-cni = { + preserve = true + } + } + vpc_id = module.vpc.vpc_id subnet_ids = module.vpc.private_subnets @@ -67,7 +75,7 @@ module "eks" { min_size = 1 max_size = 5 - desired_size = 3 # When < 3, the coredns add-on ends up in a degraded state + desired_size = 2 } } @@ -99,6 +107,12 @@ module "eks" { # EKS Blueprints Addons ################################################################################ +resource "kubernetes_namespace_v1" "istio_system" { + metadata { + name = "istio-system" + } +} + module "eks_blueprints_addons" { source = "aws-ia/eks-blueprints-addons/aws" version = "~> 1.0" @@ -108,32 +122,24 @@ module "eks_blueprints_addons" { cluster_version = module.eks.cluster_version oidc_provider_arn = module.eks.oidc_provider_arn - eks_addons = { - coredns = {} - vpc-cni = {} - kube-proxy = {} - } - # This is required to expose Istio Ingress Gateway enable_aws_load_balancer_controller = true helm_releases = { istio-base = { - chart = "base" - version = local.istio_chart_version - repository = local.istio_chart_url - name = "istio-base" - namespace = "istio-system" - create_namespace = true + chart = "base" + version = local.istio_chart_version + repository = local.istio_chart_url + name = "istio-base" + namespace = kubernetes_namespace_v1.istio_system.metadata[0].name } istiod = { - chart = "istiod" - version = local.istio_chart_version - repository = local.istio_chart_url - name = "istiod" - namespace = "istio-system" - create_namespace = false + chart = "istiod" + version = local.istio_chart_version + repository = local.istio_chart_url + name = "istiod" + namespace = kubernetes_namespace_v1.istio_system.metadata[0].name set = [ { From b932e7b0df3c4c5c0dc70318ae90d02f8a373e28 Mon Sep 17 00:00:00 2001 From: Hans <62668681+awshans@users.noreply.github.com> Date: Fri, 22 Sep 2023 12:52:10 -0700 Subject: [PATCH 05/12] docs: Updated Stateful Pattern Readme to include validation of Velero (#1771) Co-authored-by: Bryant Biggs --- patterns/stateful/README.md | 45 ++++++++++++++++++++++++++++++++----- 1 file changed, 39 insertions(+), 6 deletions(-) diff --git a/patterns/stateful/README.md b/patterns/stateful/README.md index 7ed485442f..dd7a20689a 100644 --- a/patterns/stateful/README.md +++ b/patterns/stateful/README.md @@ -42,11 +42,15 @@ See [here](https://aws-ia.github.io/terraform-aws-eks-blueprints/getting-started ## Validate -For validating `velero` see [here](https://github.com/aws-ia/terraform-aws-eks-blueprints/tree/main/modules/kubernetes-addons/velero#validate) +The following command will update the `kubeconfig` on your local machine and allow you to interact with your EKS Cluster using `kubectl` to validate the Velero deployment. -The following command will update the `kubeconfig` on your local machine and allow you to interact with your EKS Cluster using `kubectl` to validate the deployment. +1. Run `update-kubeconfig` command: -1. List the storage classes to view that `efs`, `gp2`, and `gp3` classes are present and `gp3` is the default storage class + ```bash + aws eks --region update-kubeconfig --name + ``` + +2. List the storage classes to view that `efs`, `gp2`, and `gp3` classes are present and `gp3` is the default storage class ```sh kubectl get storageclasses @@ -59,7 +63,7 @@ The following command will update the `kubeconfig` on your local machine and all gp3 (default) ebs.csi.aws.com Delete WaitForFirstConsumer true 2m19s ``` -2. From an instance launched with instance store(s), check that the instance store has been mounted correctly. To verify, first install the `nvme-cli` tool and then use it to verify. To verify, you can access the instance using SSM Session Manager: +3. From an instance launched with instance store(s), check that the instance store has been mounted correctly. To verify, first install the `nvme-cli` tool and then use it to verify. To verify, you can access the instance using SSM Session Manager: ```sh # Install the nvme-cli tool @@ -87,7 +91,7 @@ The following command will update the `kubeconfig` on your local machine and all nvme1n1 259:1 0 69.9G 0 disk /local1 # <--- this is the instance store ``` -3. From an instance launched with multiple volume(s), check that the instance store has been mounted correctly. To verify, first install the `nvme-cli` tool and then use it to verify. To verify, you can access the instance using SSM Session Manager: +4. From an instance launched with multiple volume(s), check that the instance store has been mounted correctly. To verify, first install the `nvme-cli` tool and then use it to verify. To verify, you can access the instance using SSM Session Manager: ```sh # Install the nvme-cli tool @@ -105,7 +109,7 @@ The following command will update the `kubeconfig` on your local machine and all /dev/nvme1n1 vol0ad3629c159ee869c Amazon Elastic Block Store 1 25.77 GB / 25.77 GB 512 B + 0 B 1.0 ``` -4. From the same instance used in step 4, check that the containerd directories are using the second `/dev/nvme1n1` volume: +5. From the same instance used in step 4, check that the containerd directories are using the second `/dev/nvme1n1` volume: ```sh df /var/lib/containerd/ @@ -129,6 +133,35 @@ The following command will update the `kubeconfig` on your local machine and all /dev/nvme1n1 24594768 2886716 20433380 13% /run/containerd ``` +6. Test by listing velero resources provisioned: + + ```bash + kubectl get all -n velero + + # Output should look similar to below + NAME READY STATUS RESTARTS AGE + pod/velero-b4d8fd5c7-5smp6 1/1 Running 0 112s + + NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE + service/velero ClusterIP 172.20.217.203 8085/TCP 114s + + NAME READY UP-TO-DATE AVAILABLE AGE + deployment.apps/velero 1/1 1 1 114s + + NAME DESIRED CURRENT READY AGE + replicaset.apps/velero-b4d8fd5c7 1 1 1 114s + ``` + +7. Get backup location using velero [CLI](https://velero.io/docs/v1.8/basic-install/#install-the-cli) + + ```bash + velero backup-location get + + # Output should look similar to below + NAME PROVIDER BUCKET/PREFIX PHASE LAST VALIDATED ACCESS MODE DEFAULT + default aws velero-ssqwm44hvofzb32d Available 2022-05-22 10:53:26 -0400 EDT ReadWrite true + ``` + ## Destroy {% From b1386b8b47c6a523763b116bd7f4c81f3c0b6005 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Allamand?= Date: Fri, 22 Sep 2023 23:15:20 +0200 Subject: [PATCH 06/12] feat: Upgrade bluegreen example using new gitops bridge (#1769) --- patterns/blue-green-upgrade/README.md | 83 +-- .../blue-green-upgrade/bootstrap/addons.yaml | 32 + .../bootstrap/workloads.yaml | 67 +++ patterns/blue-green-upgrade/eks-blue/main.tf | 41 +- .../blue-green-upgrade/eks-blue/outputs.tf | 20 +- .../blue-green-upgrade/eks-blue/providers.tf | 2 +- .../blue-green-upgrade/eks-blue/variables.tf | 70 ++- patterns/blue-green-upgrade/eks-green/main.tf | 42 +- .../blue-green-upgrade/eks-green/outputs.tf | 20 +- .../blue-green-upgrade/eks-green/providers.tf | 2 +- .../blue-green-upgrade/eks-green/variables.tf | 70 ++- .../blue-green-upgrade/environment/main.tf | 14 +- .../modules/eks_cluster/README.md | 15 +- .../modules/eks_cluster/main.tf | 549 ++++++++---------- .../modules/eks_cluster/outputs.tf | 29 + .../modules/eks_cluster/variables.tf | 89 ++- .../modules/eks_cluster/versions.tf | 11 +- .../static/gitops-bridge.excalidraw.png | Bin 0 -> 270527 bytes .../tear-down-applications.sh | 118 ++++ patterns/blue-green-upgrade/tear-down.sh | 42 +- .../terraform.tfvars.example | 3 +- 21 files changed, 796 insertions(+), 523 deletions(-) create mode 100644 patterns/blue-green-upgrade/bootstrap/addons.yaml create mode 100644 patterns/blue-green-upgrade/bootstrap/workloads.yaml create mode 100644 patterns/blue-green-upgrade/static/gitops-bridge.excalidraw.png create mode 100755 patterns/blue-green-upgrade/tear-down-applications.sh diff --git a/patterns/blue-green-upgrade/README.md b/patterns/blue-green-upgrade/README.md index b7b51eb261..4c28dde26d 100644 --- a/patterns/blue-green-upgrade/README.md +++ b/patterns/blue-green-upgrade/README.md @@ -8,7 +8,7 @@ We are leveraging [the existing EKS Blueprints Workloads GitHub repository sampl ## Table of content -- [Blue/Green or Canary Amazon EKS clusters migration for stateless ArgoCD workloads](#bluegreen-or-canary-amazon-eks-clusters-migration-for-stateless-argocd-workloads) +- [Blue/Green Migration](#bluegreen-migration) - [Table of content](#table-of-content) - [Project structure](#project-structure) - [Prerequisites](#prerequisites) @@ -25,8 +25,6 @@ We are leveraging [the existing EKS Blueprints Workloads GitHub repository sampl - [Delete the Stack](#delete-the-stack) - [Delete the EKS Cluster(s)](#delete-the-eks-clusters) - [TL;DR](#tldr) - - [Manual](#manual) - - [Delete the environment stack](#delete-the-environment-stack) - [Troubleshoot](#troubleshoot) - [External DNS Ownership](#external-dns-ownership) - [Check Route 53 Record status](#check-route-53-record-status) @@ -53,7 +51,11 @@ In the GitOps workload repository, we have configured our applications deploymen We have configured ExternalDNS add-ons in our two clusters to share the same Route53 Hosted Zone. The workloads in both clusters also share the same Route 53 DNS records, we rely on AWS Route53 weighted records to allow us to configure canary workload migration between our two EKS clusters. -Here we use the same GitOps workload configuration repository and adapt parameters with the `values.yaml`. We could also use different ArgoCD repository for each cluster, or use a new directory if we want to validate or test new deployment manifests with maybe additional features, configurations or to use with different Kubernetes add-ons (like changing ingress controller). +We are leveraging the [gitops-bridge-argocd-bootstrap](https://github.com/gitops-bridge-dev/gitops-bridge-argocd-bootstrap-terraform) terraform module that allow us to dynamically provide metadatas from Terraform to ArgoCD deployed in the cluster. For doing this, the module will extract all metadatas from the [terraform-aws-eks-blueprints-addons](https://github.com/aws-ia/terraform-aws-eks-blueprints-addons) module, configured to create all resources except installing the addon's Helm chart. The addon Installation will be delegate to ArgoCD Itself using the [eks-blueprints-add-ons](https://github.com/aws-samples/eks-blueprints-add-ons/tree/main/argocd/bootstrap/control-plane/addons) git repository containing ArgoCD ApplicaitonSets for each supported Addons. + +The gitops-bridge will create a secret in the EKS cluster containing all metadatas that will be dynamically used by ArgoCD ApplicationSets at deployment time, so that we can adapt their configuration to our EKS cluster context. + + Our objective here is to show you how Application teams and Platform teams can configure their infrastructure and workloads so that application teams are able to deploy autonomously their workloads to the EKS clusters thanks to ArgoCD, and platform team can keep the control of migrating production workloads from one cluster to another without having to synchronized operations with applications teams, or asking them to build a complicated CD pipeline. @@ -82,12 +84,13 @@ git clone https://github.com/aws-ia/terraform-aws-eks-blueprints.git cd patterns/blue-green-upgrade/ ``` -2. Copy the `terraform.tfvars.example` to `terraform.tfvars` on each `environment`, `eks-blue` and `eks-green` folders, and change region, hosted_zone_name, eks_admin_role_name according to your needs. +2. Copy the `terraform.tfvars.example` to `terraform.tfvars` and symlink it on each `environment`, `eks-blue` and `eks-green` folders, and change region, hosted_zone_name, eks_admin_role_name according to your needs. ```shell -cp terraform.tfvars.example environment/terraform.tfvars -cp terraform.tfvars.example eks-blue/terraform.tfvars -cp terraform.tfvars.example eks-green/terraform.tfvars +cp terraform.tfvars.example terraform.tfvars +ln -s ../terraform.tfvars environment/terraform.tfvars +ln -s ../terraform.tfvars eks-blue/terraform.tfvars +ln -s ../terraform.tfvars eks-blue/terraform.tfvars ``` - You will need to provide the `hosted_zone_name` for example `my-example.com`. Terraform will create a new hosted zone for the project with name: `${environment}.${hosted_zone_name}` so in our example `eks-blueprint.my-example.com`. @@ -208,19 +211,19 @@ eks-blueprint-blue We have configured both our clusters to configure the same [Amazon Route 53](https://aws.amazon.com/fr/route53/) Hosted Zones. This is done by having the same configuration of [ExternalDNS](https://github.com/kubernetes-sigs/external-dns) add-on in `main.tf`: -This is the Terraform configuration to configure the ExternalDNS Add-on which is deployed by the Blueprint using ArgoCD. +This is the Terraform configuration to configure the ExternalDNS Add-on which is deployed by the Blueprint using ArgoCD. we specify the Route53 zone that external-dns needs to monitor. ``` enable_external_dns = true + external_dns_route53_zone_arns = [data.aws_route53_zone.sub.arn] +``` + +we also configure the addons_metadata to provide more configurations to external-dns: - external_dns_helm_config = { - txtOwnerId = local.name - zoneIdFilter = data.aws_route53_zone.sub.zone_id - policy = "sync" - awszoneType = "public" - zonesCacheDuration = "1h" - logLevel = "debug" - } +``` +addons_metadata = merge( + ... + external_dns_policy = "sync" ``` - We use ExternalDNS in `sync` mode so that the controller can create but also remove DNS records accordingly to service or ingress objects creation. @@ -349,52 +352,6 @@ Why doing this? When we remove an ingress object, we want the associated Kuberne ../tear-down.sh ``` -#### Manual - -1. If also deployed, delete your Karpenter provisioners - -this is safe to delete if no addons are deployed on Karpenter, which is the case here. -If not we should separate the team-platform deployments which installed Karpenter provisioners in a separate ArgoCD Application to avoid any conflicts. - -```bash -kubectl delete provisioners.karpenter.sh --all -``` - -2. Delete Workloads App of App - -```bash -kubectl delete application workloads -n argocd -``` - -3. If also deployed, delete ecsdemo App of App - -```bash -kubectl delete application ecsdemo -n argocd -``` - -Once every workload applications as been freed on AWS side, (this can take some times), we can then destroy our add-ons and terraform resources - -> Note: it can take time to deregister all load balancers, verify that you don't have any more AWS resources created by EKS prior to start destroying EKS with terraform. - -4. Destroy terraform resources - -```bash -terraform apply -destroy -target="module.eks_cluster.module.kubernetes_addons" -auto-approve -terraform apply -destroy -target="module.eks_cluster.module.eks" -auto-approve -terraform apply -destroy -auto-approve -``` - -### Delete the environment stack - -If you have finish playing with this solution, and once you have destroyed the 2 EKS clusters, you can now delete the environment stack. - -```bash -cd environment -terraform apply -destroy -auto-approve -``` - -This will destroy the Route53 hosted zone, the Certificate manager certificate, the VPC with all it's associated resources. - ## Troubleshoot ### External DNS Ownership diff --git a/patterns/blue-green-upgrade/bootstrap/addons.yaml b/patterns/blue-green-upgrade/bootstrap/addons.yaml new file mode 100644 index 0000000000..f9415677a6 --- /dev/null +++ b/patterns/blue-green-upgrade/bootstrap/addons.yaml @@ -0,0 +1,32 @@ +apiVersion: argoproj.io/v1alpha1 +kind: ApplicationSet +metadata: + name: bootstrap-addons + namespace: argocd +spec: + syncPolicy: + preserveResourcesOnDeletion: true + generators: + - clusters: + selector: + matchExpressions: + - key: akuity.io/argo-cd-cluster-name + operator: NotIn + values: [in-cluster] + template: + metadata: + name: 'bootstrap-addons' + spec: + project: default + source: + repoURL: '{{metadata.annotations.addons_repo_url}}' + path: '{{metadata.annotations.addons_repo_path}}' + targetRevision: '{{metadata.annotations.addons_repo_revision}}' + directory: + recurse: true + exclude: exclude/* + destination: + namespace: 'argocd' + name: '{{name}}' + syncPolicy: + automated: {} diff --git a/patterns/blue-green-upgrade/bootstrap/workloads.yaml b/patterns/blue-green-upgrade/bootstrap/workloads.yaml new file mode 100644 index 0000000000..73f2567cc5 --- /dev/null +++ b/patterns/blue-green-upgrade/bootstrap/workloads.yaml @@ -0,0 +1,67 @@ +apiVersion: argoproj.io/v1alpha1 +kind: ApplicationSet +metadata: + name: bootstrap-workloads + namespace: argocd +spec: + goTemplate: true + syncPolicy: + preserveResourcesOnDeletion: true + generators: + - matrix: + generators: + - clusters: + selector: + matchExpressions: + - key: akuity.io/argo-cd-cluster-name + operator: NotIn + values: + - in-cluster + - git: + repoURL: '{{.metadata.annotations.gitops_workloads_url}}' + revision: '{{.metadata.annotations.gitops_workloads_revision}}' + directories: + - path: '{{.metadata.annotations.gitops_workloads_path}}/*' + template: + metadata: + name: 'bootstrap-workloads-{{.name}}' + spec: + project: default + sources: + - repoURL: '{{.metadata.annotations.gitops_workloads_url}}' + targetRevision: '{{.metadata.annotations.gitops_workloads_revision}}' + ref: values + path: '{{.metadata.annotations.gitops_workloads_path}}' + helm: + releaseName: 'bootstrap-workloads-{{.name}}' + ignoreMissingValueFiles: true + values: | + "account": "{{.metadata.annotations.aws_account_id}}" + "clusterName": "{{.metadata.annotations.cluster_name}}" + "labels": + "env": "{{.metadata.annotations.env}}" + "region": "{{.metadata.annotations.aws_region}}" + "repoUrl": "{{.metadata.annotations.gitops_workloads_url}}" + "spec": + "source": + "repoURL": "{{.metadata.annotations.gitops_workloads_url}}" + "targetRevision": "{{.metadata.annotations.gitops_workloads_revision}}" + "blueprint": "terraform" + "clusterName": "{{.metadata.annotations.cluster_name}}" + "env": "{{.metadata.annotations.env}}" + "ingress": + "route53_weight": {{default "0" .metadata.annotations.route53_weight}} + "argocd_route53_weight": {{default "0" .metadata.annotations.argocd_route53_weight}} + "ecsfrontend_route53_weight": {{default "0" .metadata.annotations.ecsfrontend_route53_weight}} + "host": {{ default "" .metadata.annotations.eks_cluster_domain }} + "type": "{{.metadata.annotations.ingress_type}}" + "karpenterInstanceProfile": "{{.metadata.annotations.karpenter_node_instance_profile_name}}" + "target_group_arn": {{ default "" .metadata.annotations.target_group_arn }} + "external_lb_url": {{ if index .metadata.annotations "external_lb_dns" }} http://{{ .metadata.annotations.external_lb_dns }}{{ else }}{{ end }} + destination: + name: '{{.name}}' + syncPolicy: + automated: {} + syncOptions: + - CreateNamespace=true + - ServerSideApply=true # Big CRDs. diff --git a/patterns/blue-green-upgrade/eks-blue/main.tf b/patterns/blue-green-upgrade/eks-blue/main.tf index d13f2c4e16..b04dee0585 100644 --- a/patterns/blue-green-upgrade/eks-blue/main.tf +++ b/patterns/blue-green-upgrade/eks-blue/main.tf @@ -26,39 +26,34 @@ provider "helm" { } } -provider "kubectl" { - apply_retry_count = 10 - host = module.eks_cluster.eks_cluster_endpoint - cluster_ca_certificate = base64decode(module.eks_cluster.cluster_certificate_authority_data) - load_config_file = false - - exec { - api_version = "client.authentication.k8s.io/v1beta1" - command = "aws" - args = ["eks", "get-token", "--cluster-name", module.eks_cluster.eks_cluster_id] - } -} module "eks_cluster" { source = "../modules/eks_cluster" aws_region = var.aws_region service_name = "blue" - cluster_version = "1.25" + cluster_version = "1.26" argocd_route53_weight = "100" route53_weight = "100" ecsfrontend_route53_weight = "100" - environment_name = var.environment_name - hosted_zone_name = var.hosted_zone_name - eks_admin_role_name = var.eks_admin_role_name - workload_repo_url = var.workload_repo_url - workload_repo_secret = var.workload_repo_secret - workload_repo_revision = var.workload_repo_revision - workload_repo_path = var.workload_repo_path + environment_name = var.environment_name + hosted_zone_name = var.hosted_zone_name + eks_admin_role_name = var.eks_admin_role_name + + aws_secret_manager_git_private_ssh_key_name = var.aws_secret_manager_git_private_ssh_key_name + argocd_secret_manager_name_suffix = var.argocd_secret_manager_name_suffix + ingress_type = var.ingress_type + + gitops_addons_org = var.gitops_addons_org + gitops_addons_repo = var.gitops_addons_repo + gitops_addons_basepath = var.gitops_addons_basepath + gitops_addons_path = var.gitops_addons_path + gitops_addons_revision = var.gitops_addons_revision - addons_repo_url = var.addons_repo_url + gitops_workloads_org = var.gitops_workloads_org + gitops_workloads_repo = var.gitops_workloads_repo + gitops_workloads_revision = var.gitops_workloads_revision + gitops_workloads_path = var.gitops_workloads_path - iam_platform_user = var.iam_platform_user - argocd_secret_manager_name_suffix = var.argocd_secret_manager_name_suffix } diff --git a/patterns/blue-green-upgrade/eks-blue/outputs.tf b/patterns/blue-green-upgrade/eks-blue/outputs.tf index 7e166f24e2..06ac616086 100644 --- a/patterns/blue-green-upgrade/eks-blue/outputs.tf +++ b/patterns/blue-green-upgrade/eks-blue/outputs.tf @@ -3,13 +3,18 @@ output "eks_cluster_id" { value = module.eks_cluster.eks_cluster_id } +output "configure_kubectl" { + description = "Configure kubectl: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" + value = module.eks_cluster.configure_kubectl +} + output "eks_blueprints_platform_teams_configure_kubectl" { - description = "Configure kubectl for each Application Teams: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" + description = "Configure kubectl for Platform Team: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" value = module.eks_cluster.eks_blueprints_platform_teams_configure_kubectl } output "eks_blueprints_dev_teams_configure_kubectl" { - description = "Configure kubectl for each Application Teams: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" + description = "Configure kubectl for each Dev Application Teams: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" value = module.eks_cluster.eks_blueprints_dev_teams_configure_kubectl } @@ -17,3 +22,14 @@ output "eks_blueprints_ecsdemo_teams_configure_kubectl" { description = "Configure kubectl for each Application Teams: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" value = module.eks_cluster.eks_blueprints_ecsdemo_teams_configure_kubectl } + +output "access_argocd" { + description = "ArgoCD Access" + value = module.eks_cluster.access_argocd +} + +output "gitops_metadata" { + description = "export gitops_metadata" + value = module.eks_cluster.gitops_metadata + sensitive = true +} diff --git a/patterns/blue-green-upgrade/eks-blue/providers.tf b/patterns/blue-green-upgrade/eks-blue/providers.tf index 68943de818..fac76269c2 100644 --- a/patterns/blue-green-upgrade/eks-blue/providers.tf +++ b/patterns/blue-green-upgrade/eks-blue/providers.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.0.1" + required_version = ">= 1.4.0" required_providers { aws = { diff --git a/patterns/blue-green-upgrade/eks-blue/variables.tf b/patterns/blue-green-upgrade/eks-blue/variables.tf index 98e8976dff..77416b8ed8 100644 --- a/patterns/blue-green-upgrade/eks-blue/variables.tf +++ b/patterns/blue-green-upgrade/eks-blue/variables.tf @@ -5,11 +5,17 @@ variable "aws_region" { } variable "environment_name" { - description = "The name of Environment Infrastructure stack name, feel free to rename it. Used for cluster and VPC names." + description = "The name of Environment Infrastructure stack, feel free to rename it. Used for cluster and VPC names." type = string default = "eks-blueprint" } +variable "ingress_type" { + type = string + description = "Type of ingress to uses (alb | nginx | ...). this parameter will be sent to arocd via gitops bridge" + default = "alb" +} + variable "hosted_zone_name" { type = string description = "Route53 domain for the cluster." @@ -22,44 +28,64 @@ variable "eks_admin_role_name" { default = "" } -variable "workload_repo_url" { +variable "aws_secret_manager_git_private_ssh_key_name" { type = string - description = "Git repo URL for the ArgoCD workload deployment" - default = "https://github.com/aws-samples/eks-blueprints-workloads.git" + description = "Secret Manager secret name for hosting Github SSH-Key to Access private repository" + default = "github-blueprint-ssh-key" } -variable "workload_repo_secret" { +variable "argocd_secret_manager_name_suffix" { type = string - description = "Secret Manager secret name for hosting Github SSH-Key to Access private repository" - default = "github-blueprint-ssh-key" + description = "Name of secret manager secret for ArgoCD Admin UI Password" + default = "argocd-admin-secret" } -variable "workload_repo_revision" { +variable "gitops_addons_org" { type = string - description = "Git repo revision in workload_repo_url for the ArgoCD workload deployment" - default = "main" + description = "Git repository org/user contains for addons" + default = "git@github.com:aws-samples" +} +variable "gitops_addons_repo" { + type = string + description = "Git repository contains for addons" + default = "eks-blueprints-add-ons" +} +variable "gitops_addons_basepath" { + type = string + description = "Git repository base path for addons" + default = "argocd/" +} +variable "gitops_addons_path" { + type = string + description = "Git repository path for addons" + default = "argocd/bootstrap/control-plane/addons" +} +variable "gitops_addons_revision" { + type = string + description = "Git repository revision/branch/ref for addons" + default = "HEAD" } -variable "workload_repo_path" { +variable "gitops_workloads_org" { type = string - description = "Git repo path in workload_repo_url for the ArgoCD workload deployment" - default = "envs/dev" + description = "Git repository org/user contains for workloads" + default = "git@github.com:aws-samples" } -variable "addons_repo_url" { +variable "gitops_workloads_repo" { type = string - description = "Git repo URL for the ArgoCD addons deployment" - default = "https://github.com/aws-samples/eks-blueprints-add-ons.git" + description = "Git repository contains for workloads" + default = "eks-blueprints-workloads" } -variable "iam_platform_user" { +variable "gitops_workloads_path" { type = string - description = "IAM user used as platform-user" - default = "" + description = "Git repo path in workload_repo_url for the ArgoCD workload deployment" + default = "envs/dev" } -variable "argocd_secret_manager_name_suffix" { +variable "gitops_workloads_revision" { type = string - description = "Name of secret manager secret for ArgoCD Admin UI Password" - default = "argocd-admin-secret" + description = "Git repo revision in workload_repo_url for the ArgoCD workload deployment" + default = "main" } diff --git a/patterns/blue-green-upgrade/eks-green/main.tf b/patterns/blue-green-upgrade/eks-green/main.tf index 7d4e0c900b..37fddfad3e 100644 --- a/patterns/blue-green-upgrade/eks-green/main.tf +++ b/patterns/blue-green-upgrade/eks-green/main.tf @@ -26,40 +26,34 @@ provider "helm" { } } -provider "kubectl" { - apply_retry_count = 10 - host = module.eks_cluster.eks_cluster_endpoint - cluster_ca_certificate = base64decode(module.eks_cluster.cluster_certificate_authority_data) - load_config_file = false - - exec { - api_version = "client.authentication.k8s.io/v1beta1" - command = "aws" - args = ["eks", "get-token", "--cluster-name", module.eks_cluster.eks_cluster_id] - } -} - module "eks_cluster" { source = "../modules/eks_cluster" aws_region = var.aws_region service_name = "green" - cluster_version = "1.26" # Here, we deploy the cluster with the N+1 Kubernetes Version + cluster_version = "1.27" # Here, we deploy the cluster with the N+1 Kubernetes Version argocd_route53_weight = "0" # We control with theses parameters how we send traffic to the workloads in the new cluster route53_weight = "0" ecsfrontend_route53_weight = "0" - environment_name = var.environment_name - hosted_zone_name = var.hosted_zone_name - eks_admin_role_name = var.eks_admin_role_name - workload_repo_url = var.workload_repo_url - workload_repo_secret = var.workload_repo_secret - workload_repo_revision = var.workload_repo_revision - workload_repo_path = var.workload_repo_path + environment_name = var.environment_name + hosted_zone_name = var.hosted_zone_name + eks_admin_role_name = var.eks_admin_role_name + + aws_secret_manager_git_private_ssh_key_name = var.aws_secret_manager_git_private_ssh_key_name + argocd_secret_manager_name_suffix = var.argocd_secret_manager_name_suffix + ingress_type = var.ingress_type + + gitops_addons_org = var.gitops_addons_org + gitops_addons_repo = var.gitops_addons_repo + gitops_addons_basepath = var.gitops_addons_basepath + gitops_addons_path = var.gitops_addons_path + gitops_addons_revision = var.gitops_addons_revision - addons_repo_url = var.addons_repo_url + gitops_workloads_org = var.gitops_workloads_org + gitops_workloads_repo = var.gitops_workloads_repo + gitops_workloads_revision = var.gitops_workloads_revision + gitops_workloads_path = var.gitops_workloads_path - iam_platform_user = var.iam_platform_user - argocd_secret_manager_name_suffix = var.argocd_secret_manager_name_suffix } diff --git a/patterns/blue-green-upgrade/eks-green/outputs.tf b/patterns/blue-green-upgrade/eks-green/outputs.tf index 210da14f30..06ac616086 100644 --- a/patterns/blue-green-upgrade/eks-green/outputs.tf +++ b/patterns/blue-green-upgrade/eks-green/outputs.tf @@ -3,8 +3,13 @@ output "eks_cluster_id" { value = module.eks_cluster.eks_cluster_id } +output "configure_kubectl" { + description = "Configure kubectl: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" + value = module.eks_cluster.configure_kubectl +} + output "eks_blueprints_platform_teams_configure_kubectl" { - description = "Configure kubectl Platform Team: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" + description = "Configure kubectl for Platform Team: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" value = module.eks_cluster.eks_blueprints_platform_teams_configure_kubectl } @@ -14,6 +19,17 @@ output "eks_blueprints_dev_teams_configure_kubectl" { } output "eks_blueprints_ecsdemo_teams_configure_kubectl" { - description = "Configure kubectl for each ECSDEMO Application Teams: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" + description = "Configure kubectl for each Application Teams: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" value = module.eks_cluster.eks_blueprints_ecsdemo_teams_configure_kubectl } + +output "access_argocd" { + description = "ArgoCD Access" + value = module.eks_cluster.access_argocd +} + +output "gitops_metadata" { + description = "export gitops_metadata" + value = module.eks_cluster.gitops_metadata + sensitive = true +} diff --git a/patterns/blue-green-upgrade/eks-green/providers.tf b/patterns/blue-green-upgrade/eks-green/providers.tf index 30c08a8dfc..fac76269c2 100644 --- a/patterns/blue-green-upgrade/eks-green/providers.tf +++ b/patterns/blue-green-upgrade/eks-green/providers.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 1.4" + required_version = ">= 1.4.0" required_providers { aws = { diff --git a/patterns/blue-green-upgrade/eks-green/variables.tf b/patterns/blue-green-upgrade/eks-green/variables.tf index 98e8976dff..77416b8ed8 100644 --- a/patterns/blue-green-upgrade/eks-green/variables.tf +++ b/patterns/blue-green-upgrade/eks-green/variables.tf @@ -5,11 +5,17 @@ variable "aws_region" { } variable "environment_name" { - description = "The name of Environment Infrastructure stack name, feel free to rename it. Used for cluster and VPC names." + description = "The name of Environment Infrastructure stack, feel free to rename it. Used for cluster and VPC names." type = string default = "eks-blueprint" } +variable "ingress_type" { + type = string + description = "Type of ingress to uses (alb | nginx | ...). this parameter will be sent to arocd via gitops bridge" + default = "alb" +} + variable "hosted_zone_name" { type = string description = "Route53 domain for the cluster." @@ -22,44 +28,64 @@ variable "eks_admin_role_name" { default = "" } -variable "workload_repo_url" { +variable "aws_secret_manager_git_private_ssh_key_name" { type = string - description = "Git repo URL for the ArgoCD workload deployment" - default = "https://github.com/aws-samples/eks-blueprints-workloads.git" + description = "Secret Manager secret name for hosting Github SSH-Key to Access private repository" + default = "github-blueprint-ssh-key" } -variable "workload_repo_secret" { +variable "argocd_secret_manager_name_suffix" { type = string - description = "Secret Manager secret name for hosting Github SSH-Key to Access private repository" - default = "github-blueprint-ssh-key" + description = "Name of secret manager secret for ArgoCD Admin UI Password" + default = "argocd-admin-secret" } -variable "workload_repo_revision" { +variable "gitops_addons_org" { type = string - description = "Git repo revision in workload_repo_url for the ArgoCD workload deployment" - default = "main" + description = "Git repository org/user contains for addons" + default = "git@github.com:aws-samples" +} +variable "gitops_addons_repo" { + type = string + description = "Git repository contains for addons" + default = "eks-blueprints-add-ons" +} +variable "gitops_addons_basepath" { + type = string + description = "Git repository base path for addons" + default = "argocd/" +} +variable "gitops_addons_path" { + type = string + description = "Git repository path for addons" + default = "argocd/bootstrap/control-plane/addons" +} +variable "gitops_addons_revision" { + type = string + description = "Git repository revision/branch/ref for addons" + default = "HEAD" } -variable "workload_repo_path" { +variable "gitops_workloads_org" { type = string - description = "Git repo path in workload_repo_url for the ArgoCD workload deployment" - default = "envs/dev" + description = "Git repository org/user contains for workloads" + default = "git@github.com:aws-samples" } -variable "addons_repo_url" { +variable "gitops_workloads_repo" { type = string - description = "Git repo URL for the ArgoCD addons deployment" - default = "https://github.com/aws-samples/eks-blueprints-add-ons.git" + description = "Git repository contains for workloads" + default = "eks-blueprints-workloads" } -variable "iam_platform_user" { +variable "gitops_workloads_path" { type = string - description = "IAM user used as platform-user" - default = "" + description = "Git repo path in workload_repo_url for the ArgoCD workload deployment" + default = "envs/dev" } -variable "argocd_secret_manager_name_suffix" { +variable "gitops_workloads_revision" { type = string - description = "Name of secret manager secret for ArgoCD Admin UI Password" - default = "argocd-admin-secret" + description = "Git repo revision in workload_repo_url for the ArgoCD workload deployment" + default = "main" } diff --git a/patterns/blue-green-upgrade/environment/main.tf b/patterns/blue-green-upgrade/environment/main.tf index cdf3503a36..ee29c7803d 100644 --- a/patterns/blue-green-upgrade/environment/main.tf +++ b/patterns/blue-green-upgrade/environment/main.tf @@ -12,6 +12,8 @@ locals { argocd_secret_manager_name = var.argocd_secret_manager_name_suffix + hosted_zone_name = var.hosted_zone_name + tags = { Blueprint = local.name GithubRepo = "github.com/aws-ia/terraform-aws-eks-blueprints" @@ -47,18 +49,18 @@ module "vpc" { # Retrieve existing root hosted zone data "aws_route53_zone" "root" { - name = var.hosted_zone_name + name = local.hosted_zone_name } # Create Sub HostedZone four our deployment resource "aws_route53_zone" "sub" { - name = "${local.name}.${var.hosted_zone_name}" + name = "${local.name}.${local.hosted_zone_name}" } # Validate records for the new HostedZone resource "aws_route53_record" "ns" { zone_id = data.aws_route53_zone.root.zone_id - name = "${local.name}.${var.hosted_zone_name}" + name = "${local.name}.${local.hosted_zone_name}" type = "NS" ttl = "30" records = aws_route53_zone.sub.name_servers @@ -68,17 +70,17 @@ module "acm" { source = "terraform-aws-modules/acm/aws" version = "~> 4.0" - domain_name = "${local.name}.${var.hosted_zone_name}" + domain_name = "${local.name}.${local.hosted_zone_name}" zone_id = aws_route53_zone.sub.zone_id subject_alternative_names = [ - "*.${local.name}.${var.hosted_zone_name}" + "*.${local.name}.${local.hosted_zone_name}" ] wait_for_validation = true tags = { - Name = "${local.name}.${var.hosted_zone_name}" + Name = "${local.name}.${local.hosted_zone_name}" } } diff --git a/patterns/blue-green-upgrade/modules/eks_cluster/README.md b/patterns/blue-green-upgrade/modules/eks_cluster/README.md index 23b10bc527..1148fdf654 100644 --- a/patterns/blue-green-upgrade/modules/eks_cluster/README.md +++ b/patterns/blue-green-upgrade/modules/eks_cluster/README.md @@ -41,7 +41,7 @@ The AWS resources created by the script are detailed bellow: - Kube Proxy - VPC CNI - EBS CSI Driver - - Kubernetes addon deployed half with terraform and half with dedicated [ArgoCD addon repo](https://github.com/aws-samples/eks-blueprints-add-ons) + - Kubernetes addon deployed half with terraform and half with dedicated [ArgoCD addon repo](https://github.com/aws-samples/eks-blueprints-add-ons/tree/main/argocd/bootstrap/control-plane/addons) - Metrics server - Vertical Pod Autoscaler - Aws Load Balancer Controller @@ -51,9 +51,12 @@ The AWS resources created by the script are detailed bellow: - AWS for FluentBit - AWS CloudWatch Metrics - Kubecost - - Kubernetes workloads (defined in a dedicated github repository repository) + - Kubernetes workloads (defined in a dedicated [github repository repository](https://github.com/aws-samples/eks-blueprints-workloads/tree/main/envs/dev)) + - team-platform (create Karpenter profiles) - team-burnham - burnham-ingress configured with weighted target groups + - burnham app deployed on Karpenter nodes + - ... ## Infrastructure Architecture @@ -69,7 +72,7 @@ The following diagram represents the Infrastructure architecture being deployed - A public AWS Route 53 Hosted Zone that will be used to create our project hosted zone. It will be provided wviathe Terraform variable `"hosted_zone_name` - Before moving to the next step, you will need to register a parent domain with AWS Route 53 (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/domain-register.html) in case you don’t have one created yet. - Accessing GitOps Private git repositories with SSH access requiring an SSH key for authentication. In this example our workloads repositories are stored in GitHub, you can see in GitHub documentation on how to [connect with SSH](https://docs.github.com/en/authentication/connecting-to-github-with-ssh). - - The private ssh key value are supposed to be stored in AWS Secret Manager, by default in a secret named `github-blueprint-ssh-key`, but you can change it using the terraform variable `workload_repo_secret` + - The private ssh key value are supposed to be stored in AWS Secret Manager, by default in a secret named `github-blueprint-ssh-key`, but you can change it using the terraform variable `aws_secret_manager_git_private_ssh_key_name` ## Usage @@ -81,7 +84,7 @@ terraform init **2.** Create your SSH Key in Secret Manager -Retrieve the ArgoUI password +Once the secret created you should be able to retrieve it using: ```bash aws secretsmanager get-secret-value \ @@ -122,7 +125,7 @@ Connect to the ArgoUI endpoint: echo -n "https://"; kubectl get svc -n argocd argo-cd-argocd-server -o json | jq ".status.loadBalancer.ingress[0].hostname" -r ``` -Validate the certificate issue, and login with credentials admin / +Validate the certificate issue, and login with credentials **admin / ** **5.** Control Access to the Burnham ingress @@ -133,4 +136,4 @@ curl -s $URL | grep CLUSTER_NAME | awk -F "|" '{print $4}' ## Cleanup -See Cleanup section in main Readme.md +See Cleanup section in main [Readme.md](../../README.md) diff --git a/patterns/blue-green-upgrade/modules/eks_cluster/main.tf b/patterns/blue-green-upgrade/modules/eks_cluster/main.tf index 6bc975ff7a..693ee92c5f 100644 --- a/patterns/blue-green-upgrade/modules/eks_cluster/main.tf +++ b/patterns/blue-green-upgrade/modules/eks_cluster/main.tf @@ -7,33 +7,27 @@ provider "aws" { locals { environment = var.environment_name service = var.service_name + region = var.aws_region - env = local.environment + env = local.service name = "${local.environment}-${local.service}" - # Mapping - hosted_zone_name = var.hosted_zone_name - addons_repo_url = var.addons_repo_url - workload_repo_secret = var.workload_repo_secret - cluster_version = var.cluster_version - argocd_secret_manager_name = var.argocd_secret_manager_name_suffix - workload_repo_path = var.workload_repo_path - workload_repo_url = var.workload_repo_url - workload_repo_revision = var.workload_repo_revision - eks_admin_role_name = var.eks_admin_role_name - iam_platform_user = var.iam_platform_user - - metrics_server = true - aws_load_balancer_controller = true - karpenter = true - aws_for_fluentbit = true - cert_manager = true - cloudwatch_metrics = true - external_dns = true - vpa = true - kubecost = true - argo_rollouts = true + hosted_zone_name = var.hosted_zone_name + ingress_type = var.ingress_type + aws_secret_manager_git_private_ssh_key_name = var.aws_secret_manager_git_private_ssh_key_name + cluster_version = var.cluster_version + argocd_secret_manager_name = var.argocd_secret_manager_name_suffix + eks_admin_role_name = var.eks_admin_role_name + + gitops_workloads_url = "${var.gitops_workloads_org}/${var.gitops_workloads_repo}" + gitops_workloads_path = var.gitops_workloads_path + gitops_workloads_revision = var.gitops_workloads_revision + + gitops_addons_url = "${var.gitops_addons_org}/${var.gitops_addons_repo}" + gitops_addons_basepath = var.gitops_addons_basepath + gitops_addons_path = var.gitops_addons_path + gitops_addons_revision = var.gitops_addons_revision # Route 53 Ingress Weights argocd_route53_weight = var.argocd_route53_weight @@ -48,212 +42,100 @@ locals { node_group_name = "managed-ondemand" - #--------------------------------------------------------------- # ARGOCD ADD-ON APPLICATION #--------------------------------------------------------------- - #At this time (with new v5 addon repository), the Addons need to be managed by Terrform and not ArgoCD - addons_application = { - path = "chart" - repo_url = local.addons_repo_url - ssh_key_secret_name = local.workload_repo_secret - add_on_application = true + aws_addons = { + enable_cert_manager = true + enable_aws_ebs_csi_resources = true # generate gp2 and gp3 storage classes for ebs-csi + #enable_aws_efs_csi_driver = true + #enable_aws_fsx_csi_driver = true + enable_aws_cloudwatch_metrics = true + #enable_aws_privateca_issuer = true + #enable_cluster_autoscaler = true + enable_external_dns = true + enable_external_secrets = true + enable_aws_load_balancer_controller = true + #enable_fargate_fluentbit = true + enable_aws_for_fluentbit = true + #enable_aws_node_termination_handler = true + enable_karpenter = true + #enable_velero = true + #enable_aws_gateway_api_controller = true + #enable_aws_secrets_store_csi_driver_provider = true } + oss_addons = { + #enable_argo_rollouts = true + #enable_argo_workflows = true + #enable_cluster_proportional_autoscaler = true + #enable_gatekeeper = true + #enable_gpu_operator = true + enable_ingress_nginx = true + enable_kyverno = true + #enable_kube_prometheus_stack = true + enable_metrics_server = true + #enable_prometheus_adapter = true + #enable_secrets_store_csi_driver = true + #enable_vpa = true + #enable_foo = true # you can add any addon here, make sure to update the gitops repo with the corresponding application set + } + addons = merge(local.aws_addons, local.oss_addons, { kubernetes_version = local.cluster_version }) - #--------------------------------------------------------------- - # ARGOCD WORKLOAD APPLICATION - #--------------------------------------------------------------- + #---------------------------------------------------------------- + # GitOps Bridge, define metadatas to pass from Terraform to ArgoCD + #---------------------------------------------------------------- - workload_application = { - path = local.workload_repo_path # <-- we could also to blue/green on the workload repo path like: envs/dev-blue / envs/dev-green - repo_url = local.workload_repo_url - target_revision = local.workload_repo_revision - ssh_key_secret_name = local.workload_repo_secret - add_on_application = false - values = { - labels = { - env = local.env - myapp = "myvalue" - } - spec = { - source = { - repoURL = local.workload_repo_url - targetRevision = local.workload_repo_revision - } - blueprint = "terraform" - clusterName = local.name - karpenterInstanceProfile = module.karpenter.instance_profile_name - env = local.env - ingress = { - type = "alb" - host = local.eks_cluster_domain - route53_weight = local.route53_weight # <-- You can control the weight of the route53 weighted records between clusters - argocd_route53_weight = local.argocd_route53_weight - } - } + addons_metadata = merge( + try(module.eks_blueprints_addons.gitops_metadata, {}), # eks blueprints addons automatically expose metadatas + { + aws_cluster_name = module.eks.cluster_name + aws_region = local.region + aws_account_id = data.aws_caller_identity.current.account_id + aws_vpc_id = data.aws_vpc.vpc.id + cluster_endpoint = try(module.eks.cluster_endpoint, {}) + env = local.env + }, + { + argocd_password = bcrypt(data.aws_secretsmanager_secret_version.admin_password_version.secret_string) + aws_secret_manager_git_private_ssh_key_name = local.aws_secret_manager_git_private_ssh_key_name + + gitops_workloads_url = local.gitops_workloads_url + gitops_workloads_path = local.gitops_workloads_path + gitops_workloads_revision = local.gitops_workloads_revision + + addons_repo_url = local.gitops_addons_url + addons_repo_basepath = local.gitops_addons_basepath + addons_repo_path = local.gitops_addons_path + addons_repo_revision = local.gitops_addons_revision + }, + { + eks_cluster_domain = local.eks_cluster_domain + external_dns_policy = "sync" + ingress_type = local.ingress_type + argocd_route53_weight = local.argocd_route53_weight + route53_weight = local.route53_weight + ecsfrontend_route53_weight = local.ecsfrontend_route53_weight + #target_group_arn = local.service == "blue" ? data.aws_lb_target_group.tg_blue.arn : data.aws_lb_target_group.tg_green.arn # <-- Add this line + # external_lb_dns = data.aws_lb.alb.dns_name } - } + ) #--------------------------------------------------------------- - # ARGOCD ECSDEMO APPLICATION + # Manifests for bootstraping the cluster for addons & workloads #--------------------------------------------------------------- - ecsdemo_application = { - path = "multi-repo/argo-app-of-apps/dev" - repo_url = local.workload_repo_url - target_revision = local.workload_repo_revision - ssh_key_secret_name = local.workload_repo_secret - add_on_application = false - values = { - spec = { - blueprint = "terraform" - clusterName = local.name - karpenterInstanceProfile = module.karpenter.instance_profile_name - - apps = { - ecsdemoNodejs = { - - helm = { - replicaCount = "9" - nodeSelector = { - "karpenter.sh/provisioner-name" = "default" - } - tolerations = [ - { - key = "karpenter" - operator = "Exists" - effect = "NoSchedule" - } - ] - topologyAwareHints = "true" - topologySpreadConstraints = [ - { - maxSkew = 1 - topologyKey = "topology.kubernetes.io/zone" - whenUnsatisfiable = "DoNotSchedule" - labelSelector = { - matchLabels = { - "app.kubernetes.io/name" = "ecsdemo-nodejs" - } - } - } - ] - } - } - - ecsdemoCrystal = { - - helm = { - replicaCount = "9" - nodeSelector = { - "karpenter.sh/provisioner-name" = "default" - } - tolerations = [ - { - key = "karpenter" - operator = "Exists" - effect = "NoSchedule" - } - ] - topologyAwareHints = "true" - topologySpreadConstraints = [ - { - maxSkew = 1 - topologyKey = "topology.kubernetes.io/zone" - whenUnsatisfiable = "DoNotSchedule" - labelSelector = { - matchLabels = { - "app.kubernetes.io/name" = "ecsdemo-crystal" - } - } - } - ] - } - } - - - ecsdemoFrontend = { - repoURL = "https://github.com/allamand/ecsdemo-frontend" - targetRevision = "main" - helm = { - image = { - repository = "public.ecr.aws/seb-demo/ecsdemo-frontend" - tag = "latest" - } - ingress = { - enabled = "true" - className = "alb" - annotations = { - "alb.ingress.kubernetes.io/scheme" = "internet-facing" - "alb.ingress.kubernetes.io/group.name" = "ecsdemo" - "alb.ingress.kubernetes.io/listen-ports" = "[{\\\"HTTPS\\\": 443}]" - "alb.ingress.kubernetes.io/ssl-redirect" = "443" - "alb.ingress.kubernetes.io/target-type" = "ip" - "external-dns.alpha.kubernetes.io/set-identifier" = local.name - "external-dns.alpha.kubernetes.io/aws-weight" = local.ecsfrontend_route53_weight - } - hosts = [ - { - host = "frontend.${local.eks_cluster_domain}" - paths = [ - { - path = "/" - pathType = "Prefix" - } - ] - } - ] - } - resources = { - requests = { - cpu = "1" - memory = "256Mi" - } - limits = { - cpu = "1" - memory = "512Mi" - } - } - autoscaling = { - enabled = "true" - minReplicas = "9" - maxReplicas = "100" - targetCPUUtilizationPercentage = "60" - } - nodeSelector = { - "karpenter.sh/provisioner-name" = "default" - } - tolerations = [ - { - key = "karpenter" - operator = "Exists" - effect = "NoSchedule" - } - ] - topologySpreadConstraints = [ - { - maxSkew = 1 - topologyKey = "topology.kubernetes.io/zone" - whenUnsatisfiable = "DoNotSchedule" - labelSelector = { - matchLabels = { - "app.kubernetes.io/name" = "ecsdemo-frontend" - } - } - } - ] - } - } - } - } - } + argocd_apps = { + addons = file("${path.module}/../../bootstrap/addons.yaml") + workloads = file("${path.module}/../../bootstrap/workloads.yaml") } + tags = { Blueprint = local.name GithubRepo = "github.com/aws-ia/terraform-aws-eks-blueprints" } + } # Find the user currently in use by AWS @@ -296,11 +178,14 @@ resource "aws_ec2_tag" "public_subnets" { value = "shared" } -# Create Sub HostedZone four our deployment +# Get HostedZone four our deployment data "aws_route53_zone" "sub" { name = "${local.environment}.${local.hosted_zone_name}" } +################################################################################ +# AWS Secret Manager for argocd password +################################################################################ data "aws_secretsmanager_secret" "argocd" { name = "${local.argocd_secret_manager_name}.${local.environment}" @@ -310,9 +195,13 @@ data "aws_secretsmanager_secret_version" "admin_password_version" { secret_id = data.aws_secretsmanager_secret.argocd.id } +################################################################################ +# EKS Cluster +################################################################################ +#tfsec:ignore:aws-eks-enable-control-plane-logging module "eks" { source = "terraform-aws-modules/eks/aws" - version = "~> 19.16" + version = "~> 19.15.2" cluster_name = local.name cluster_version = local.cluster_version @@ -341,7 +230,7 @@ module "eks" { [ module.eks_blueprints_platform_teams.aws_auth_configmap_role, { - rolearn = module.karpenter.role_arn + rolearn = module.eks_blueprints_addons.karpenter.node_iam_role_arn username = "system:node:{{EC2PrivateDNSName}}" groups = [ "system:bootstrappers", @@ -364,16 +253,14 @@ module "eks" { }) } -data "aws_iam_user" "platform_user" { - count = local.iam_platform_user != "" ? 1 : 0 - user_name = local.iam_platform_user -} - data "aws_iam_role" "eks_admin_role_name" { count = local.eks_admin_role_name != "" ? 1 : 0 name = local.eks_admin_role_name } +################################################################################ +# EKS Blueprints Teams +################################################################################ module "eks_blueprints_platform_teams" { source = "aws-ia/eks-blueprints-teams/aws" version = "~> 1.0" @@ -386,7 +273,6 @@ module "eks_blueprints_platform_teams" { # Define who can impersonate the team-platform Role users = [ data.aws_caller_identity.current.arn, - try(data.aws_iam_user.platform_user[0].arn, data.aws_caller_identity.current.arn), try(data.aws_iam_role.eks_admin_role_name[0].arn, data.aws_caller_identity.current.arn), ] cluster_arn = module.eks.cluster_arn @@ -396,6 +282,7 @@ module "eks_blueprints_platform_teams" { "elbv2.k8s.aws/pod-readiness-gate-inject" = "enabled", "appName" = "platform-team-app", "projectName" = "project-platform", + #"pod-security.kubernetes.io/enforce" = "restricted", } annotations = { @@ -438,6 +325,7 @@ module "eks_blueprints_platform_teams" { } ] } + } } @@ -455,6 +343,7 @@ module "eks_blueprints_dev_teams" { "elbv2.k8s.aws/pod-readiness-gate-inject" = "enabled", "appName" = "burnham-team-app", "projectName" = "project-burnham", + #"pod-security.kubernetes.io/enforce" = "restricted", } } riker = { @@ -619,109 +508,164 @@ module "eks_blueprints_ecsdemo_teams" { tags = local.tags } -module "kubernetes_addons" { - source = "github.com/aws-ia/terraform-aws-eks-blueprints//modules/kubernetes-addons?ref=v4.32.1" +################################################################################ +# GitOps Bridge: Private ssh keys for git +################################################################################ +data "aws_secretsmanager_secret" "workload_repo_secret" { + name = local.aws_secret_manager_git_private_ssh_key_name +} - eks_cluster_id = module.eks.cluster_name - eks_cluster_domain = local.eks_cluster_domain +data "aws_secretsmanager_secret_version" "workload_repo_secret" { + secret_id = data.aws_secretsmanager_secret.workload_repo_secret.id +} - #--------------------------------------------------------------- - # ARGO CD ADD-ON - #--------------------------------------------------------------- +resource "kubernetes_namespace" "argocd" { + depends_on = [module.eks_blueprints_addons] + metadata { + name = "argocd" + } +} - enable_argocd = true - argocd_manage_add_ons = true # Indicates that ArgoCD is responsible for managing/deploying Add-ons. +resource "kubernetes_secret" "git_secrets" { - argocd_applications = { - addons = local.addons_application - workloads = local.workload_application - ecsdemo = local.ecsdemo_application + for_each = { + git-addons = { + type = "git" + url = local.gitops_addons_url + # comment if you want to uses public repo wigh syntax "https://github.com/xxx" syntax, uncomment when using syntax "git@github.com:xxx" + sshPrivateKey = data.aws_secretsmanager_secret_version.workload_repo_secret.secret_string + } + git-workloads = { + type = "git" + url = local.gitops_workloads_url + # comment if you want to uses public repo wigh syntax "https://github.com/xxx" syntax, uncomment when using syntax "git@github.com:xxx" + sshPrivateKey = data.aws_secretsmanager_secret_version.workload_repo_secret.secret_string + } } + metadata { + name = each.key + namespace = kubernetes_namespace.argocd.metadata[0].name + labels = { + "argocd.argoproj.io/secret-type" = "repo-creds" + } + } + data = each.value +} - # This example shows how to set default ArgoCD Admin Password using SecretsManager with Helm Chart set_sensitive values. - argocd_helm_config = { - set_sensitive = [ - { - name = "configs.secret.argocdServerAdminPassword" - value = bcrypt(data.aws_secretsmanager_secret_version.admin_password_version.secret_string) - } - ] +################################################################################ +# GitOps Bridge: Bootstrap +################################################################################ +module "gitops_bridge_bootstrap" { + source = "github.com/gitops-bridge-dev/gitops-bridge-argocd-bootstrap-terraform?ref=v2.0.0" + + cluster = { + cluster_name = module.eks.cluster_name + environment = local.environment + metadata = local.addons_metadata + addons = local.addons + } + apps = local.argocd_apps + + argocd = { + create_namespace = false set = [ { name = "server.service.type" value = "LoadBalancer" } ] + set_sensitive = [ + { + name = "configs.secret.argocdServerAdminPassword" + value = bcrypt(data.aws_secretsmanager_secret_version.admin_password_version.secret_string) + } + ] } - #--------------------------------------------------------------- - # EKS Managed AddOns - # https://aws-ia.github.io/terraform-aws-eks-blueprints/add-ons/ - #--------------------------------------------------------------- - - enable_amazon_eks_coredns = true - amazon_eks_coredns_config = { - most_recent = true - kubernetes_version = local.cluster_version - resolve_conflicts = "OVERWRITE" - } + depends_on = [kubernetes_secret.git_secrets] +} - enable_amazon_eks_aws_ebs_csi_driver = true - amazon_eks_aws_ebs_csi_driver_config = { - most_recent = true - kubernetes_version = local.cluster_version - resolve_conflicts = "OVERWRITE" - } +################################################################################ +# EKS Blueprints Addons +################################################################################ +module "eks_blueprints_addons" { + source = "aws-ia/eks-blueprints-addons/aws" - enable_amazon_eks_kube_proxy = true - amazon_eks_kube_proxy_config = { - most_recent = true - kubernetes_version = local.cluster_version - resolve_conflicts = "OVERWRITE" - } + cluster_name = module.eks.cluster_name + cluster_endpoint = module.eks.cluster_endpoint + cluster_version = module.eks.cluster_version + oidc_provider_arn = module.eks.oidc_provider_arn - enable_amazon_eks_vpc_cni = true - amazon_eks_vpc_cni_config = { - most_recent = true - kubernetes_version = local.cluster_version - resolve_conflicts = "OVERWRITE" - } + # Using GitOps Bridge + create_kubernetes_resources = false - #--------------------------------------------------------------- - # ADD-ONS - You can add additional addons here - # https://aws-ia.github.io/terraform-aws-eks-blueprints/add-ons/ - #--------------------------------------------------------------- + eks_addons = { - enable_metrics_server = local.metrics_server - enable_vpa = local.vpa - enable_aws_load_balancer_controller = local.aws_load_balancer_controller - aws_load_balancer_controller_helm_config = { - service_account = "aws-lb-sa" + # Remove for workshop as ebs-csi is long to provision (15mn) + # aws-ebs-csi-driver = { + # most_recent = true + # service_account_role_arn = module.ebs_csi_driver_irsa.iam_role_arn + # } + coredns = { + most_recent = true + } + vpc-cni = { + # Specify the VPC CNI addon should be deployed before compute to ensure + # the addon is configured before data plane compute resources are created + # See README for further details + service_account_role_arn = module.vpc_cni_irsa.iam_role_arn + before_compute = true + #addon_version = "v1.12.2-eksbuild.1" + most_recent = true # To ensure access to the latest settings provided + configuration_values = jsonencode({ + env = { + # Reference docs https://docs.aws.amazon.com/eks/latest/userguide/cni-increase-ip-addresses.html + ENABLE_PREFIX_DELEGATION = "true" + WARM_PREFIX_TARGET = "1" + } + }) + } + kube-proxy = { + most_recent = true + } } - enable_karpenter = local.karpenter - enable_aws_for_fluentbit = local.aws_for_fluentbit - enable_aws_cloudwatch_metrics = local.cloudwatch_metrics - - #to view the result : terraform state show 'module.kubernetes_addons.module.external_dns[0].module.helm_addon.helm_release.addon[0]' - enable_external_dns = local.external_dns - - external_dns_helm_config = { - txtOwnerId = local.name - zoneIdFilter = data.aws_route53_zone.sub.zone_id # Note: this uses GitOpsBridge - policy = "sync" - logLevel = "debug" + + # EKS Blueprints Addons + enable_cert_manager = try(local.aws_addons.enable_cert_manager, false) + #enable_aws_ebs_csi_resources = try(local.aws_addons.enable_aws_ebs_csi_resources, false) + enable_aws_efs_csi_driver = try(local.aws_addons.enable_aws_efs_csi_driver, false) + enable_aws_fsx_csi_driver = try(local.aws_addons.enable_aws_fsx_csi_driver, false) + enable_aws_cloudwatch_metrics = try(local.aws_addons.enable_aws_cloudwatch_metrics, false) + enable_aws_privateca_issuer = try(local.aws_addons.enable_aws_privateca_issuer, false) + enable_cluster_autoscaler = try(local.aws_addons.enable_cluster_autoscaler, false) + enable_external_dns = try(local.aws_addons.enable_external_dns, false) + external_dns_route53_zone_arns = [data.aws_route53_zone.sub.arn] + enable_external_secrets = try(local.aws_addons.enable_external_secrets, false) + enable_aws_load_balancer_controller = try(local.aws_addons.enable_aws_load_balancer_controller, false) + aws_load_balancer_controller = { + service_account_name = "aws-lb-sa" } - enable_kubecost = local.kubecost - enable_cert_manager = local.cert_manager - enable_argo_rollouts = local.argo_rollouts + enable_fargate_fluentbit = try(local.aws_addons.enable_fargate_fluentbit, false) + enable_aws_for_fluentbit = try(local.aws_addons.enable_aws_for_fluentbit, false) + enable_aws_node_termination_handler = try(local.aws_addons.enable_aws_node_termination_handler, false) + aws_node_termination_handler_asg_arns = [for asg in module.eks.self_managed_node_groups : asg.autoscaling_group_arn] + enable_karpenter = try(local.aws_addons.enable_karpenter, false) + enable_velero = try(local.aws_addons.enable_velero, false) + #velero = { + # s3_backup_location = "${module.velero_backup_s3_bucket.s3_bucket_arn}/backups" + #} + enable_aws_gateway_api_controller = try(local.aws_addons.enable_aws_gateway_api_controller, false) + #enable_aws_secrets_store_csi_driver_provider = try(local.enable_aws_secrets_store_csi_driver_provider, false) + tags = local.tags } + module "ebs_csi_driver_irsa" { source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks" version = "~> 5.20" - role_name_prefix = "${module.eks.cluster_name}-ebs-csi-driver-" + role_name_prefix = "${module.eks.cluster_name}-ebs-csi-" attach_ebs_csi_policy = true @@ -753,18 +697,3 @@ module "vpc_cni_irsa" { tags = local.tags } -################################################################################ -# Karpenter -################################################################################ - -# Creates Karpenter native node termination handler resources and IAM instance profile -module "karpenter" { - source = "terraform-aws-modules/eks/aws//modules/karpenter" - version = "~> 19.15.2" - - cluster_name = module.eks.cluster_name - irsa_oidc_provider_arn = module.eks.oidc_provider_arn - create_irsa = false # IRSA will be created by the kubernetes-addons module - - tags = local.tags -} diff --git a/patterns/blue-green-upgrade/modules/eks_cluster/outputs.tf b/patterns/blue-green-upgrade/modules/eks_cluster/outputs.tf index dba52fc9fd..8c8c5f5a90 100644 --- a/patterns/blue-green-upgrade/modules/eks_cluster/outputs.tf +++ b/patterns/blue-green-upgrade/modules/eks_cluster/outputs.tf @@ -3,6 +3,11 @@ output "eks_cluster_id" { value = module.eks.cluster_name } +output "configure_kubectl" { + description = "Configure kubectl: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" + value = "aws eks --region ${var.aws_region} update-kubeconfig --name ${module.eks.cluster_name}" +} + output "eks_blueprints_platform_teams_configure_kubectl" { description = "Configure kubectl Platform Team: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" value = "aws eks --region ${var.aws_region} update-kubeconfig --name ${module.eks.cluster_name} --role-arn ${module.eks_blueprints_platform_teams.iam_role_arn}" @@ -27,3 +32,27 @@ output "cluster_certificate_authority_data" { description = "cluster_certificate_authority_data" value = module.eks.cluster_certificate_authority_data } + +output "access_argocd" { + description = "ArgoCD Access" + value = <<-EOT + export KUBECONFIG="/tmp/${module.eks.cluster_name}" + aws eks --region ${local.region} update-kubeconfig --name ${module.eks.cluster_name} + echo "ArgoCD URL: https://$(kubectl get svc -n argocd argo-cd-argocd-server -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')" + echo "ArgoCD Username: admin" + echo "ArgoCD Password: $(aws secretsmanager get-secret-value --secret-id argocd-admin-secret.${local.environment} --query SecretString --output text --region ${local.region})" + EOT +} + +output "gitops_metadata" { + description = "export gitops_metadata" + value = local.addons_metadata + sensitive = true +} + +# output "debug" { +# description = "debug output" +# #value = data.template_file.addons_template.rendered +# value = data.template_file.workloads_template.rendered +# #value = file("${path.module}/../../bootstrap/addons.yaml") +# } diff --git a/patterns/blue-green-upgrade/modules/eks_cluster/variables.tf b/patterns/blue-green-upgrade/modules/eks_cluster/variables.tf index dbd4fca8fe..087f7fd1b3 100644 --- a/patterns/blue-green-upgrade/modules/eks_cluster/variables.tf +++ b/patterns/blue-green-upgrade/modules/eks_cluster/variables.tf @@ -3,22 +3,17 @@ variable "aws_region" { type = string default = "us-west-2" } + variable "environment_name" { description = "The name of Environment Infrastructure stack, feel free to rename it. Used for cluster and VPC names." type = string default = "eks-blueprint" } -variable "service_name" { - description = "The name of the Suffix for the stack name" +variable "ingress_type" { type = string - default = "blue" -} - -variable "cluster_version" { - description = "The Version of Kubernetes to deploy" - type = string - default = "1.25" + description = "Type of ingress to uses (alb | nginx | ...). this parameter will be sent to arocd via gitops bridge" + default = "alb" } variable "hosted_zone_name" { @@ -33,62 +28,94 @@ variable "eks_admin_role_name" { default = "" } -variable "workload_repo_url" { +variable "aws_secret_manager_git_private_ssh_key_name" { type = string - description = "Git repo URL for the ArgoCD workload deployment" - default = "https://github.com/aws-samples/eks-blueprints-workloads.git" + description = "Secret Manager secret name for hosting Github SSH-Key to Access private repository" + default = "github-blueprint-ssh-key" } -variable "workload_repo_secret" { +variable "argocd_secret_manager_name_suffix" { type = string - description = "Secret Manager secret name for hosting Github SSH-Key to Access private repository" - default = "github-blueprint-ssh-key" + description = "Name of secret manager secret for ArgoCD Admin UI Password" + default = "argocd-admin-secret" } -variable "workload_repo_revision" { +variable "gitops_addons_org" { type = string - description = "Git repo revision in workload_repo_url for the ArgoCD workload deployment" - default = "main" + description = "Git repository org/user contains for addons" + default = "git@github.com:aws-samples" +} +variable "gitops_addons_repo" { + type = string + description = "Git repository contains for addons" + default = "eks-blueprints-add-ons" +} +variable "gitops_addons_basepath" { + type = string + description = "Git repository base path for addons" + default = "argocd/" +} +variable "gitops_addons_path" { + type = string + description = "Git repository path for addons" + default = "argocd/bootstrap/control-plane/addons" +} +variable "gitops_addons_revision" { + type = string + description = "Git repository revision/branch/ref for addons" + default = "HEAD" } -variable "workload_repo_path" { +variable "gitops_workloads_org" { + type = string + description = "Git repository org/user contains for workloads" + default = "git@github.com:aws-samples" +} + +variable "gitops_workloads_repo" { + type = string + description = "Git repository contains for workloads" + default = "eks-blueprints-workloads" +} + +variable "gitops_workloads_path" { type = string description = "Git repo path in workload_repo_url for the ArgoCD workload deployment" default = "envs/dev" } -variable "addons_repo_url" { +variable "gitops_workloads_revision" { type = string - description = "Git repo URL for the ArgoCD addons deployment" - default = "https://github.com/aws-samples/eks-blueprints-add-ons.git" + description = "Git repo revision in gitops_workloads_url for the ArgoCD workload deployment" + default = "main" } -variable "iam_platform_user" { +variable "service_name" { + description = "The name of the Suffix for the stack name" type = string - description = "IAM user used as platform-user" - default = "" + default = "blue" } -variable "argocd_secret_manager_name_suffix" { +variable "cluster_version" { + description = "The Version of Kubernetes to deploy" type = string - description = "Name of secret manager secret for ArgoCD Admin UI Password" - default = "argocd-admin-secret" + default = "1.25" } variable "argocd_route53_weight" { description = "The Route53 weighted records weight for argocd application" type = string - default = "0" + default = "100" } variable "ecsfrontend_route53_weight" { description = "The Route53 weighted records weight for ecsdeo-frontend application" type = string - default = "0" + default = "100" } variable "route53_weight" { description = "The Route53 weighted records weight for others application" type = string - default = "0" + default = "100" } diff --git a/patterns/blue-green-upgrade/modules/eks_cluster/versions.tf b/patterns/blue-green-upgrade/modules/eks_cluster/versions.tf index 729454b581..eda2864d1e 100644 --- a/patterns/blue-green-upgrade/modules/eks_cluster/versions.tf +++ b/patterns/blue-green-upgrade/modules/eks_cluster/versions.tf @@ -1,10 +1,19 @@ terraform { - required_version = ">= 1.0" + required_version = ">= 1.4.0" required_providers { aws = { source = "hashicorp/aws" version = ">= 5.0.0" } + + kubernetes = { + source = "hashicorp/kubernetes" + version = "2.22.0" + } + template = { + source = "hashicorp/template" + version = ">= 2.2.0" + } } } diff --git a/patterns/blue-green-upgrade/static/gitops-bridge.excalidraw.png b/patterns/blue-green-upgrade/static/gitops-bridge.excalidraw.png new file mode 100644 index 0000000000000000000000000000000000000000..f90a3927ee9c7ae8781f4eddeefa0af0aa4f7bf8 GIT binary patch literal 270527 zcmeFZc|4Tw|38YzR#8YPODRO5LLp`(X%m$t>(sl&I%Ll>h9spdB??)SZ5m^nu?(iD zh_c2oV+~nn?1mXLbFS(4{hr_F)7$%ezUTaN9*^@l|I|Ei-}iN2ukHDIK3~^7F}rNM zRY*#Ri;HXP`EzHka&hsqxwv=*1U7@8Oi%A(fd9C?uNt4`Ds0(1$;Bndb^eTj`F)3( ze*Tx{Mx-zE{-ULMH|jzUeBP3$v|s31)Puk3-rv5I&iy$QrPBK>N>EZl@K;gP)4vkA zUuM6qSH5s8m+y+W{9SLd!5$Kdl>0@8a_hP!>-}OiYyGzxiLFgP|XIsDlV4t`K z@Z*3}_cf$9_UvQ(fro5At8Bm(c1ajK-sUA8xNF!w@HsLlcv5;}6CaS2TQ_z8Bq1PY zCJgS64Q-JJ9u{_Lr`&q$$j7&n8yh@sJ9vX<>Q@DM1a8{^+jM6Ahy<2@XbV2~ja;1F zI8Nj^j^QO=2<~qKd=$gyBlCpgFU8=;G9of2#v5f#u{zozv&vCAb<#_!4IVYVBFA}(Y2E2j%GxG;r zJV~4_C{tSA2W&PBK8w&+J9IZrEay1E+4opQ6q>OUrX4pqdEI&20lLwzwqiG_VWn1s;r`77jTpd(0wiW zt#-E^sRNxYZvChnnP%_bS1p)>dzkXa+}$|KLBD_nA3uBE2sqezaJx$`S0%yLh=zdA zbFoMD{=vaNfz7Yp2d;?+AGEa(YX||SY_tX!y^)rZdbF`gG!H;mVTNs|HgofKhyk~2 zeTw4v+G*f|YD*_VSsSnLzf$CAHn8I7o7N>ikGqS|cvHcO&a(hH|8@)vB$W z?kfFSwcJ^Y{D~JKn=Ce1({@IZ;#M|w)~4^_gl7>aJP{8kWjFT61Dt(Q_(TKYslt=A zjZI*!>EivUyHwVE5~o{RQrtX5_Id_I)S^|7V0Da)B=nICG7U}pv51~L8|~&rn-?@$ zdbWAm%?+(JcyLMwp+EQTX1DjNTa>z*)^p9vzt%?F>cGO1@U#+;p)O53sGbEuD8xxS zqGyxzIbQttO@;2~u0sxp0E3?oyA;6|T5PC65c*lavhzaHiaNLZP3n)IMXY>XIM_Wt zxd<=y-P6O2j4fX7wmY%F+%s71%1o>Mpk)(enBuu`Dufqc^S?|Kd_{Z+Vgg z*vNInyVS)xh)Gzrnk%L_ak*z~mu^t3zGZISW%F6s^<$l?s=FukUGZa7KjT-^`v(c@ zy{B|(pPTzgLzo|zF}920ZqO7KZY?lHVP#^yH5=k^dGNY_?rb|}1}$=spn9l66X*#{ZC-LC$Gq zfSA@kWY#qYvt`QCokYs75{Bt1*DEe}}Xg|03npb7 zF75TtG>rY`G@I3|<$>jsomB4PJ0DAoaES06%iBh{@oZJ9bme3{s*q}cH6ET_6) z4*_pTp`Y5babfoY(Fl<|8>R)`mM^T}5j#8wcC%G2ZP;=h;<#4jpp zM-ZP?-)Qyu_4@GR*>mK+gCNPId|!2ou|LMV(CH03HGGq{wlDUL+u-_osx)aGiZ7^# zWEBL>;ziI6*TzYc=%AjXN4EJA3-%I5wy%(3gx&?1RnJ*hVrh5E>`#T`8ohbjJ+^~H zV%7#SF`wSLkIcqz`t8|VIuQi7*VPQ=VfIu<7mlbGStYR$PSYEV=^a+T=7juMHmo(< ze4=lP-4taxFzD5GE@h5d?;gQ!Wb*e8lYL{Vs+S*@47N_L-Tv_@bjTddXcA;*P_G{wD~))iIaqQ2 z2jXCQOG%j8R_}CY6f>IG+n58ke}G9fr1c{D-Ld5a1|~Y$AD>EEIH2p;Iw8F&col+b zK)NwCiKw<5BgkPaHQv;ur+dV2<}TaKKaIJ>xIkvJ-hxNS_~yc41n1FO*%14i{QAMC zZ||rdu%*ZdvNbb@$}Dqx^ld4_F>DY0EhlEYYoz=U>ST9lviNsyr7Es_}g z;9y{zM0a(FnC?=$43#ENBlK(=qz;|K?_|&AOY2n<7|e%;#$>APjLof)`f!dx?REfk z_pUwT$luEwr{tOK0WXWqY&pIiDt9ofKx2 zMGolPiJNML!3m65FJg7~v@`0OdBeJ|b^MM*O1oXM(bEtA3T9npu- z=RuNqb1ITdYXQuJ4_7w4m@gBjS{do+HTjMXZ)7_L>mA-P-BH$q&~u_otgQdst!j>(c#Q0|QXv!<#;&NtF%W#i%RJ?npr1aB z`)hycmaT>PjjlxYNP7&pdIT>PQU>$Twwag`kO|#SgiY(%yMwZ|tCC$6P)^uidXcUHOMUlW%hFG;LLN8^fF^eUoN$dSJ4WH5{+#sn3O{dT(lOxnp->E|B%9UaE?y@}RKqaj213ULwwK(z!5{ zN5N;$G(~WNaThRC{mFtQ!HqL%$98}lji0)L2J|dnffOs3)YuwA?*Mtt!+-5fnrYRX z{TPkFDuS`;-#IBDuONgqBB{GDU%SFoYjz9Ac9+ZJbbIJjzXx#KfWmp%$#matY7J$n zTknMfte4M)tk^6`o<*_mHSBbH!S$PQ`OtTupcq(rq{=}AV3!TEh*=z`0%*_pNQJG7 zHu|k%ENI52RF8(4d#|?+(AHm?S-wgn(NHW&>&f&ElQBu>@z8D2B$ABnOkxY%?kOiU z<2db{&^bHMqHXkyOirt|JlCPkyI?Cv9wztbXJ+sLjJU7Aa zi!`6>01z1}#{h5Kd*YYiMvDb+Lk7RD)YC897WM$FTy0`FcadXX8}MUiPtT(pzT>|% zh5}E)Zd^b6B80Quy`Yn7tvzb`x3&FVYFHn5Kr3ZF(^o*86AuO=kW@~~-2qae>C>lA zH{J}nhhQc9_L^5cgkA?hR)6fp(k5`b##(TPmFNJTjTbnI1HX2U6+s(jWB^YU4qTl) z#j#ytXdU}ndS&Cl6yvlF?VnyxPIM^>ur^1D}Db%q>7SQ{dJ24@ANLHr8pS3`z>wt+xX-&?*mW-d_A|vLwI} zwPq{$a**2JZ3xu|Rv#b9Yro4Y1h@kNbaS#hr)$~`07EO+ev1vGAQb8V+P?ASx%T_K zbpSfZQs>|KbF8ia_Ud^4dHcUVhx6>XSYV2^lP+bu!+3y)sl|omq;Rg<%xU36&jAi+ zqb0@>!Bqiz!5T9E#s&Rrx4*$C7hAR-%W{BQKk?W@3U@yS0THrhcho;4+4x7fF5Q?@IKg4^@#cBEBj*0$%bNzqSTsLNHX%%T{y;W9WORs+i+5er;22oaL z@QxGG(4BlXrW0-+%ZPnXO*33J?i-^%eKx-Kf0CFbK(gpB&b%WaUJb7LNZ{e(T;(h%%F6xxnbYQO5ICa8K&-@V zRq8j8y96Tqrj!YtQxb2(zzP^&PJ#0E_ZkICnicr9f5W51eP(muDn7Ol7w6{L2SG6H zl>ALj{QYszM&MJ1S{Xk4Vd`K_kE!klD)04tc;v&g&QlSCWs!LR$I_t-pwegx@G za$SXs^BQr9;1zA`>^P};gBRNe7%!3D&<<(dI?%ey=Co(4akhO0SfkYAo7hJ01d8nc zd&Z*F@_3K8p!+vx&n;@Ma>-^fx9VCeO%LBQ+uEM3{vJrO)GtX5cIY1`;XOM zfqLLt{nKS48(X{tunXxX_ETrM!dwI&YOh;4<;R&rrj6ABauXc;XYVJP852L!# zP&UZ8)4|>*EbXsfcw?tleaYAWpdIVH} zw{90pdwtPR-NpyFq{}s^7}pZ*Y5FDeym&4^l`kF{{Ri6CjDw7@ zdOW9O0c|TGaBWp~3)4Ea`67_jdd1s#<(a8(39d3BtHW;k%HvZC>#ddhG7UEJDA3J? zgIj4n{tjAsIlZu=hwKo|Ld#JXO;r_UXOKvR6gO{y!o4~{#fnre4epF8<1OZBK245s`gSY2kY2oB5JAsAW0nn8(6&`1aB$NO#yZ<72*iPoU6A)+uVV$ zR^P&lKkwA;?ZMR2n=b3G-JTvK5SAy}<(>B!M@!vV9B(ZryW_uWk=;tOiQWb`1;m?H z*bmte^ZK0^H{RUGAmO&Aa7a6qxYl8IU!}Ln&6GN%C3Ad6<(E`9%1TW#(KYf>v=&Ke zTuL`!;dZ&}r^~vO+pYQxw~m#`)Xs-tVC$^MTTVYat$q>Qj&5jOTaPJvszPMaL~B!oVxc+IT8=%%6W>QH!RAZ7qTvzNRO zv+HObZXj^FjEbgy)}5^`Wv(x_u6*Q|?V(R&VEt3aLfBhR^xY`$^Lh%$Q*bK_&1#D8 z*{@(Bp7Ffq?gXZv?o3hru>l$7Z?Ld0(R=WM=Qr_h^MOPbgDmT5J}I`bd9#&4NEe6` zfovHqJnFrQk+W6#Y9Y>wtZ_1;7u~Gyi}Fr5bS>vP$`Y;Y6SO?lWtn?9RVdx`&B^vh z+oWA29qwmt-K8$4N|b~J595AeY|GuhoW$;^Iv=l4SZim$713?&*!v^@TK^|r6SH&X z`s;Isx}$N1eFv=^0`6RB;Jv*iKFZ4hid1vH`oix;8*ixk&N{Ywj56Z%pH0#KYCOzA z^1hbvQwMMg8D+4a|2+%f$=Tz2nUcwf>m|3J*oUl*T~X#q~Bh}RN5J8@IiQW4u)dY>l}JAmrnZ!B~{28L{FS?daZoi z2*=&)tH;=7&Yd%FyjwhNe=$0WZyA?AAOtM_k{BqIk2zU45W;}d*1%KX_?eQ6qsb{A zwY~1u^JmFk%}3CNk=s;99g6>ou%#4AGzl>!Sgy8=7cX8stEnWJ+!#dAur;&+vJ7IW z{aIH^eiVy7t>)VOJ_)6oASjf4-LuQWs&d)`Ptnp{pQ}IKB|atiBy^CTJ_k9l>B5PP zGci{fXRH9T3CIWUp}XqXw^gv-J0S-3WfrWS;#-tt*FsOL$!BW@;hU{JJ&PqIBrF1R zV|d$ESgjCtweUL#W9B#m_-TK^3Y$5L^qjr63c1}VsyqKljPm+cO!3;{IDVRF|u%D43BtuME;TP|7t^j9!T&41r5qv`Tem}wysFuL89jDstrh?T3Fm|ZWr z5q88D_syo;zGmf3o44E>kHi#zk#epP@$dJ2W$*b}LW0_Ug**3+R}|KztI4nDCO`RZ3Vgqq zP#}#8@60tlQR$BDvUJwNlsvUapX!R;E`Rp->Pv#xyd?8bZxAcJE&5lU=et>G6yJOs ztrb;ehd&g&`27U#^G;jyRaJ)?Bx@}fZCBZ$HE@3<52N|q(0I$YWX)#g93EosxZ^Vs zhJ>@}L_!}`6uCYhNuGxqVEqt}kGK%OB^{?MwnF^lO>dX|N_MrZpfY9&<+HVn7Rs6D zZgr38WiDOH<%~~N(}gKtZ+^?KDqBYGV!JOix-rtPVfIA-18XM*T6@gRdorNM&F5qU zh(FbCk6xh9L>-$!#kaE7T9H)-)xf#zCs1$}*d{AZlBR&@$bo;3PoND1wWb;qfH}z^ zcg^6|WKX!inRE)Z^{COLQXJC)a`YCz9bcI#ZLRuXWwft|B)X+?nbE99=#$cLx&fjv zzYA@9qClT-h`?sy;ke$rD<3wARJgXB9N7Y5qWOiUE_zn-h|TC17&o@=w#n_2%RjEc z!?$WZwv8pBM??pZYy_wgl$l2PSf7Ty6X$pm6w~h4`GN3gtP%RE88Doi9^z%Ze**t8 zoS&>m>${~BVgNxo-C^B|)w?^=5L?b>(Fo5OzTdwprn}i!`8=`9wcoTzQAepcx~Wv zmsS6DXMO>gcuzBl5QMVA_~9>Yk=5_B&*~STFHetusdT6be9q7)HW1r3`gU$ma@kPq zv>zE>?t_1^NEBm@uZy-rH?D8cj3!V|EpkTAf=a_-N^lXKDA+zf#tNn1M96}%G&y3K z)!;5$D0iPhDKF14Ng>rTsM8OeWLwzd5cW}oEIv7CpgO>BeZGOr&A<1Cn8KyUWOd51 z492pdN{z&A8ih=Zz~!d;B@3@xfXjdBTLp|npXghBU=%M<=3=KZ0&2C(iAm_k08knF zx|eO3{aHrBuDvDif?7zfm{ggUNy78&SvCt(hv1j?iR-^tzg5Dr14*CERdw6;Xt1R1 zlh9iJVTbCTsUP_xA!xxJ$-&zXd$o@~GnPgCux>nqn(P`pF&KQ@D_`OAL_i3(mWOq- z{!x2qc?Hvjx@pZOpAWqR#aD5x3y>rgcu5HnGgR+@8Hj+B(B)AYiOsz@M z3&PoZf7f(Jtu#fQCVh=p#KYII9WdJ!m7=XX`I;kTLn^S&onO#(F;?qmHc4w|ggV>| zD013S2hjg5P6@O3?XqxZ_)$KH9wxBpDA&j)6-@PC<%1!3TPDoJH@Qx!I+dS!Pl zTNv-lb9(U5@*ApEsA(*_YbDud=&7HY**)~^ZOwZ_P|0(y_(00#jD$&L;hl%?iEV!n zzo*Rg0eyWqQnu=e5Gc^^gzMC5SO3x-f8*`e^zx7&wQ{_QVL?mvADC2daJmzG{`?bR zCiBy#{patPCQN#28`KiVqR&TBqtV zaySX~b$3+@Ka=PXgeEt^bfuh*MJa5VsOdPcnF1YtN^R%mqsU}9I_)jQQ*~%TCW&V4 zH3i1ZF8n(|agvdN5i3$A(8&Uy=uL~5pUsgwMrMuosTgzgm|6y4e=tO)mosO-+PLDfji#Oyw<;Bv46V|tTt`W7V2 zz?Q`TkhwZm``0d7s^1o~`-NGxt6X|X^T1-RK@{vO{H4|ozjfuo;6;<$j1VU4-7ANv z_lZPaKE4j2R^RNfG)z{8%}1-4- z;o%M0+SQ-J<+|Zf3KCA`+^`>M<7q)H(nm7R%i5UCmM;+(u~(6-^);#&r7&auRc6e| zbGZ}OAKd+(TxqKjW9wFI)JG0St#xVDTy!n0%yBJ`iZM64fzfi_iwKxTm%k5T(%p}R zLw?@)@@%*J>8JI6yp4-x^XB%sya20Xy;ND7MsJivH&s6GJ0E3wG+w;e_1DwC$#V=wa-e<6Aby+^Uh^vCis_f-0@ zr)}eTgWJ~@Z0spk9@F0F$7-soeq#JSU+_Fmd_%QLZrxY7Y?i53ch&4F+R#6`r+gs0 zKfo}QKE$qB^2qcSeIg9g27|BIw&Wg@(pT@cq+8i}M&RF-mHj|Ff%4iQZ?V^_ai6uTLF!2#xeof{Q${bX>I$&Wl}arF;~L) zpJCGCcf6>a%;VEDHj0OWDrh#mvqt!P$_f8;mFk$Sg_@Jlc*8P7!+Ya=Cdy_-vriRX zPwY-UkaeD0M**sP{MlaZlDgwe#^u#?H(u}QAka%niP-#}Li#(`qsfsgN(WAD1zbI# zl}$IHHmfp6<4tEkjrB3T`a1Z_ZpVsHdva&%8|_YbIYydG+{QHl7sV48QA}#G=dP%| zHirc1|17%2QkwJ^Y`9o~N9p7Wo_jUJ&VXQvLHSH~e~)NU79wK5-ZLMunpfQ zNMHIq$KDt7KgTK*QSwnz?Plw;32jSgD|hJ2M-BOpW}h2W4`i{q+sN3 z6sERcXjSpj>!GOyl}W@ZX3jx(yOU;ZjE0#y=B;qq@vu673F+9jk~}iw zQ3}V`mpV=TKv~AKT;AbhHk-8ukZe`O<#Q6P4 z&bf_aQ}}O)_J@L$kRpKhXsju{=Sc(Fl*EiDvVq3T_H6}=ley`B@q$aPCgN>DGKqCf z|4WM4C`o~zDFXpu(GpNpEkdI~s~B~k$&Pp0)3ynZ_^d1%@GyfK%Sa4Jsw-o!U^XB- z_1y`PsKnhNfH=21iMHse<+bvg4uO9xOjs29FxFEO zLk4kNiKb&+AULI$mPIJ8>&wb}t@=qj96qPpV%n^XTCd)N^;#|!FY|}b4EYyW#S4p@ z4+1da-W;4DqZe2q$RE;G`@pGka;<8-xIxDIBM!0vW&VirF?rTTvxQ?5j$dsTS^+q? zf`LsS)CEQ?OqGg^X&%bFoT{UGl4b;tTaGu?pNu(Swnww&V*-Pf#|5E(9Yw zdqu|VH%nDczLfbySUFjs9S0|8V|pFa5x=&WD+`k}1L{q`w2j7X)#}OU2xQK4l`LtM zw7q5=O^l@H(mHLYD>j=b&&@t4j7FHo`zeU1wyips@PXp+@kaYU&@WIq&di_2$BMmx zQ@RWtX7`+!#g@}+&Adgvx5fJ;-rrS^oIiZM=mTh~$8o7v&Oh>=>z3Mcd*0*2@woH# ze?$`{NYn2FQx6gV3OwtqQr+D&d*jNv{36@olEEw(fj0hw;fgK5BN!|0lRlT-403%lT1EF&X9(o2vbYYQcIRkhm&%i>_pp^7v6hX+quFhux$``BJ!K43+^&^A}A`NIaLk{i6oBFQ7>7p;+9LYxizD!Ns%Kh;w*U!sG8}^FzHrcDx zEC)q2)dn+{iQRy?s5sKCwc?7Y!BKEzcZ;d#xG=ySwxWUitL`lXG)2NxyNOU1Hp-4^ z2b!3X?za+joh;~0x(9*zD@MW0jIi8oOIF3tTpgA%;kte+TC*>T9U&}90;qJ^ZrPM1KIQ~%SQO! zt6j`_(%UEepa-d9ToBvl^YB58K-(t~lQRLok{tW+Z{-hZ95oQ*(g-*M)bNfEIVtW^ zy_s^jkV^Jky$F^0#4#z#wASwJ94!9Y=52dltC?IzrJ@ymTABrKIs3l&2jP_~>;kB^ z0h)lbbOcDq+t2B$%WK>K(Zw5GFyL1D{c6>CEQEEBoBCys$D592J99jb6zcO+NiraH zwhOjkU7>fxWD3Znq~nfNL!?<%QCk?`gZe&2=U>aMx+UxLjr*WYhG-qz(;ic2o8+=`9Yp%M`{$#H*Mf_!<5v=JhsIXSOoyZK*1e23L(JlX zrEbd)39$5jb^Vk{TPJYWG=>-eqYy1d_q%RVp3pejE4&i^Uz>*61 z)05Y{pC1}8iqX~AoRi6!^FPH#j3Z?gg2k@gkG#4zD40ZFysYcRRGYBcx=uSC zn@3Ie2c#4GSsj>Kj#J}V+skTA)g@j&Im~NY<>Op?uk$kR>3!-5y3ce!zMKLG15TSC zk!6}R!#j*r(99PG1IXt;!1uiVxe^#LdK&h(xdgdpuoc#ubAHb#fifWV_LqUc!?QQK z3M_CSn^&>E0URXmcZ~%|k#RVuxhPN=DyLn-!T;)V8CU&#PoA*@(7p~^!3f;{IZa_! z$}^shtTjnH)%)Kh)_46=4e4iB(?>R)S^OQ8mLmP%u+ei6$H>Qz{+tdFy$lw1FGi*2 zbcQI1USZE4sP1t<8TPhi8p79C=W$(@wif6eRH5h(Q4%U{0G@XP1_gC3_p%c`;YkcQ z@o@UN4meNnUl&gv|C0&U1|!7jo5G<$5tEY#`?34x;l~$1uP3wT)cvCVfbmqn#(k0E zXVNDR@K}Ih0Zfz>jia{R1w20RrawR?7%m6SRo7w&1PjizyfyTDsWOKM{7qrH_g4wp z>N|HF*mLam<9?q`6ThW)<8f;>;quDP9FtO1VO3KhpcBX-Z|^uA42ToIg|CXXY!(x3 z94iy?)be|p7|Tj5jtqv8ZgBR(Z({P~pRa@EU|c-w6rf~}DS|iCZVrAwxlDwWQ~U8` zK1sV9- z!kdIVH8ApVG)rSgSRH42CDju$krD0&n9Py}nV|PyqB05`iXWby|^-^EZGXSrR zFVc2Q^-VNM)#>VnArXwBa1j^$WB_Ab?DENvE4_}g9QANuW#5&0TcEjv(J&7%`Ym*a zJs}RJ^3tFQb?mW=XrJLNDlP*@$3knDBA#3R$gv6}qF8sOuhzHU=4PH72_*7kpZtB? zOB<*}>5GPEHf>k33*!tG{X#NvHDJ2E+VHimf8n9qoOCmQ)pH0J(VbBbnysPDjKo54 z*lrutS$eiQEHgwIwT9&h0b1)yo1us`hdRhcbOkhWz(h--)nl}vgh`5)3BC%5NtIm- z019FOhxHDDgb&UU*v!_Io?9ZsXNC5765!Rvw9bo}EwS<+j6N z>X4_6mi^nml?Za>Z>A@!tFzNe1UKdLE`>ZW2v^9r_xLqsbzZy8N;dJxc_v+b%Spta ze2APW2%ANpAt$ZhCkN7X-@ebFf0l%my?C($hy~Ws8kcNYuG7d=K}f_f2k2koIYz-^oP>(y_2$GQ_7V$kj@`LHGFI*bjJ6+W3rWE3oTYVq?uAuMbv4~b zPYr+#DCqq3eh@`rVJUoX!d1FHQ>O507uxr3<{m2jcp%8ke?$?P>Sle38v={tpa|j#Jtd?a^AXjj#55| z~;87gDm`a{HVKjZ%0p(Q2Xka;ka|+Z6)N7rhv-1XXyB zXYw+a5-c-)846ROU(-tr73AV$OKtiip~f*l7OjMwEfWoU0ERm-y_sy#-kLN>ys!L~ zta_s>$_oaL8z!s*>tGnyKaPXu${7d~yG-R<~hSl_CLT_>zoVaDjPf<^!E980jW ziIvg2O8v3jc<)W2#_`s4j}$o0x{k4~%8jXBh|&Zpam>-&FVphf^y^K#m0k`4##Y6y z0BUoW)84_$+Ru8T0s+eIr}7oJruudl_xq8*!#mTbsDl3@X52baxo==<)kLfJ(`D^3 z@e`Yq4-^CC_KZo%Drl@{fL`D|k}2y_excmG-|gG$qg}WH7rsE_%X-V^{*3JN@$W$a zOR&U(zWRi(+5w%aikg6#JtCbh(g zBmx1WRkdP>hjvAM-Kq_pKooLAT;bAlY}u;|Y5}LpURicZ@rxJ_=NGwLg+R`oMK4*J zF+ol{u+>#U00LBr6#%DSld`<(x1M5f8&Rax!vt^g-nld9O1i5B6T)6IP0@ne z{1^wcd(ozCC*>BB6n1X`f@%q!#St)CojbD6k0$#MB8Yr5^G%J<<@*b0Sy@?)M4JR8 zK%;>BqmZ!P@k&0?maEfr4pj+C%9!N`+2Fa4?kULVB!%-F6~Z%pBzChv$f0zwb$v0q z)RUc5A&WzRmP(Z?3lAOO$9~29jI~O)OGm6&+X4j@>oGX6?bICf#J=J8r7d2skf2Pv zdp(T$vd$qin1euIxr8HtxVY{3&?m+(Zt~y6lN{ffp7!7JeaE|}jKfJaeakIN(?qpf zv;G!+$30t3PW0dAsOV0Q)f2nLbjaXHqixC~bX|`g{UK25532{S&b_p?s=D{cn)&5U zJl9pFcg=|vsE(?TwT==A<{@z__QJbE<@qJk%Y(!-@oQI|gkJrLLqegNAk(1)8z}%f z>H!2b(@Rfgua1aF&Jb3AKBdZ|r(iXKSTZ-%2t}8O11v516C+`S&dLbiR^r{F-GFu? z3L((SD@JUAke-{77F8~6P;|Wvrhupc-zue1#GwVdZCsC(9}5C?xg0Qp%@*&@3nXV` zbPXn-`Ate8?nNMH2WsqXAwc)G1#PAYs@gZT2@vSck$b()iRa+R#M`_SyCDn%i2U|) zgjM_jZDpp{oyHY0lN_2M z%~$pSHr8=b4XfFGydTG9c0Ss==k6d7>#hdX2v1fIdOr6a0xinkUA)O40cMIT z0cMwNn;rM`0UJo%rxh}0|HN27s({>u7UA9sfY{p4;DZ021!&?81~Z_jlM-nvN{M-}F+gCqb3I7l@kf_%N|IgPRJgY+i&3j|rUqz=?}4)ZoO(#fa)?q+Cq}WKs@3+O zL#(dvIV@yL>+^2C;9O==J9WXljAV}*un;FrSK3$?b}b17$LdTe(NZn*T~*d^%o9}v z^ym|B`!7s@VCd#spGrBbA!vYV713KV^G6L@K*ePAS*y2bNe`IQ7{WlrFr6Q{Y|Wlv zg0fT9#Zcz_-6)Y>Q`=eKZ*sL_u1>hWo0j}|4v1O3ph``BIlT-B?p7)Oh%OS`pyB9h z)>p3o){7#B=A%fz{Q1mkgob@*LPMl&%Y^hRbo5u5An8*qn;0V!J_OM5Z{ro})!c1p zH2cDGijkEnS=I!j5U=nDt|+Dl|5SL`cyS>4Ued4+uwQZ^~0z?~Xm@`sG0S0`o__e|)S+*KPlADn%t z=6(cueihcd>B9(U2+DXuPNZk*Jyo&yoVEJKkXU&PZ@z0utF#cC1M}g`KpwOBm&L8KjNEma&{&i`+c3w9Aq1*x^@*LkgcJ{f_ZKP z<_a}w3I?K4p6DD=%X24!EYvEYfPziMre)5t0J|Hb8<(7y(KQn?hNt!eiBq1aT-1Gl zd)Y{3EON{49as}W`jDI&JOT)QvYIkNB#YZ#thI5xpjdL~&{G9bC)W^4ZHB)AYH~Ry zPg=*)fZ2wl(QEu5bH)lz3?y5%(d*Z@q{3|yCY#%M#iIMc*oZ5Tc+wcbK;?UW!-0SV z2)FNyu*vHyOqa+R^S|uPV--^K*g7jifJQ9mOc$j}l<9sFfvgWrb@OgDxo+03+gs&3 zt&|1y!a9>vX6;8sKHid6E;U_d7W$}r4GBlEb+QcO&(~e=S%Exzdm&x4QG{ETrQ&8K zN3C0>N57SV=>RN?W~4Cn0y=hn*N_}2pIoLbgEj@PwVH(aip-^3v}PsU8RVUQw(pvK z;e=A?ecvy52cnwU*35;WNhtLf%Xh5sn?qInNMLxT%E-TRlZB4-Fn9Xn8MHQ%{nj|PWir$Rm4gkmL4B22VRX$%*+*262KxE4Y{t+_SElw6B z*xN|UVwB>#cCG?hFxu@chRYs>mPk}o2@wvqm&C&f3IeOr{NgRsjobv6e#|;il}o6+ z>vF_^zKZE113Rid3JeYMjRXA5-p}XUw8|?=kfJvG&es|lvu`gh@gNzUR+bh-=)7fPJD7J$7tyMk}8b!~5 z@t04^YI|ja(XM6$CLJp^2jIcITiN@Aq7CNGg>wdwq=Pb~H*4$+G&T1Te;9LV4u5{) zIJ%YqW=>wzoTfJN+1vK=ZowMjPv)&N2HAePkkuF8YO7}bJH9y1^VG2q|GcWn1I~#+ z53H*l0b@6A8L}rZ=-eN z2WHP@FfnK>$&bYSCR!^1(?KB@(b+VN4}MIW7*1nfgkRCGhj~2=N5Y9nJi>r zjWLI;dno9>|A}8hTTrfN`}5zkP2|j*AmaUW4V8e?@{p`gt1K?3o(`-R-5B!cI;YO{{0TpO&_!rPCFQUvegs-= zFSzc_qr1)NL8dTU*SEy^m9!ad+90d;5%W$a@=pNpFK0nG=bqE;5lAZ2NYY*$%NI0r zjk%LfxBFOJ=Y)Q389Mz`v=ldXOPx%k=> zB;fuSFr`rqqfi;cdghT2T;XU;*1c*l)8mO+65A{OY5F9O$*wjnR&t-HT{I?PA^CoW z7ULHG17mP*4KOKQh%46%@4>{x)-?;RQQBh!SrZXM6-@;I!U@7oN*iPdZYwsr^&Y+I zdnr_5bDl#2M_dz>B*CFZMCXpjQKXSr?zS_0SnGJD_502zHks%=&ky!J5Jn|_ihUxc zSe3f#_KWvUV}$h43{Q)}v5BVxdy@3lM&l3lx?X+a=h*m(k@}v}O9x_%ZOIRCAnK;% zJ@WLCq&r5bs<^D51`<`a`__pPV>hdS995=62o7Qi8E^WekFFlrty1obqJ)RldPMrQ zw=hoeT4|8EXx4jW)4T%Ls!o&QcHVmSiw4C+ik;}GM5r!z(H>|I`*9oO-@CCe zH!ua@crh^$Fnc)wxRGKgs4fX0D$frT>jK z-owxl|EcBH(*{U95e^WS7uyUb>9&@?(6esm<-#7VFseR1#Jy>A518nYs${Ylv;O41 z26sV>#Co!526|kAu2ROKH~M?$3Jk|TsVG^o%Uob8->_Bo=?y#idWAmli^$A?L!%8` zeBDAc3-P~b)5KQveOkPnxSgvml42u@QM%t9wcAa zeaJuL4r1;vJ=jP--4f#fm)7-rHdB?saxUkV_RToDSQv6ABx}A6puS@j^I!JJzgnK` zY|se!Wa@q$>yltwIjhKZDOuwydO&0+MI%F=cfDoDzy-uB$2oy81g)RQ$BdTJ^s-P2 zCKjAFv1@N)-X0@+5PWG6=2GXCcnb|nmse9(=l18C&k(I0rN@)o(s{jMq?UQU z80RZGZY;Nz+zROsVmBLl`NP5$1g+|grG-Vs3XRtiBbVyaZEn|lBu%jJ*S%1)3V44ws$F8UiaN0% zfPko(YOfL6h2;x&YhRfI!^by&^samj*6_SBTo>Uk!RWU2pjf_c*qQo~#i2ZI^kJTv zT6)X{MPDNp+RJkn`yFY!vN@#V0WO->uyaCx*&v?ZTs%W%J!b1F_5v&&0PzsPl&mKL z^K|i`csdL)6M3=N7c4NV>PhK#2{dtQo0Xt4O5A#n`McGDzjnx!PJWXi$eY}_eJ}aU zRt|LQ8+~#F*OPTRXdU5V6~1|EpC)K>YRFwTC|Dv#ifjQBjVVH1u77<7+TPTc`z>#@ zbLM|spDk%tl_>1u4Fx@%{AA1ak9#Dj%?1c_{8b7HBkzea78a5k-uxhhBB0Kse17g)CLCHA{qjRGulsoDfq1bU(icV5)-gpR z&=3&_`p>UZ%2)wa*0nWFQ9cxUmv2FP{nbOBdAn`wuCsiVHWBD9YJvpX%W4scGx<6$1{*_7>B-rXpsNQ(#1hZ@KZf^|( zgJCvDjGQa3Iy;gnF9>qzYc7+-bN+U&B_5UQ?}LK~H3x^0ssxKN!0UKf%c18W?K|m0 zq;N5=9q0v-_iaRFB>3Wzrw@W7sL$tMFsFBjwI+5~YplAouvuS?>1bNx6)sl1Ps~99 zhdsxyWSm}2&oiw&)yTQszv0I)I}Yvr`AVh<@LGv5^@nU5dlbCKyCxVY6YgWxJoh3N zNq1`ihwZLe`QYd2L!|Fel~x#H*@6M&=KkymKqmG&1X0EmR5@A_ToMTeM|y#yI4B)n zI(~*H`DHdCzOG^c$s&5Bu<#$7*rGK>K73(&cbrpPk0sSXa3UX%&?NF2E^mHZqkk7m zs0(4X9n}D5x!Q*bemj+vy)<8{zS*vQ_r~hn@D(xs{qbDKd=49!ug=EGJua^|*cPp5 z^5>+loCh%9;@vzaB_4qT+XW0)0c|%<{t&il_jH_qlP*KmzN$i+3s78QFC5yVPjBaN z;Lc-^VPxjBlgu;VOTmP)rC68{_|=6YOU;U0c?fsOP_Jm$g*#9Z@o9M|zXoGOY69IHGsq6|uY~@h= zt)!@5-ydJ0qD*YSWIPrexlKI*L9&9uyzz3u zb+Ph&W{W&@-Sc8xbzo3Gfvw5DJbwm=f*gnGE$}Bq)Yh?oNz1D&)j0OGA$!!zlLz6` zgYOOd=3x5}sWpLkmnG!la!|t1(M|3h1Eo*@T&XdF|?0yL*dHladAzmn_2g{ zBiIKI9!$7=S1FqoQTyjWL)?|HgQf3%z8+SY(ok~7K4hPNQUSC?my2?P_3RY)s;_5b zW#AWIsiKdZPD|kni@&V%^=@k#oL%# zVfLc@&&~9Yjz&Do^k@}c`tiHp9=o;ATK;lPK@xOenXL7oKHkvD^uibtn8Bnfh`o$t zQzeU4=*@~UTaYf#w-WCBm2G{+nA_<^n1Xut{lf-d`{idspEg*Xd>|(cD>V9ZQYq{k z=PT5{JhuT_p)eexW~a7eUO{ZoA1ILVMY46?nDYRjgB{4 zvS@0y#V}BHN*Xk#Z#?(oJ+Z0+xeFEBWJhj_m3kZ`9_q*4gNwmmMzO>3o6UdeBGw-h z$XN+&@qZ6u4kN4yI6#}X;~&A!U6R`}On^D>=`K3byX(+rIhRwXEXiHqK+rS$ zY}0+>b4W=_X{&yY;NhEx!D+O;7W9YEZGs1S9n`dZFo#EJm!@2gB_|qy(~K6~?asG|f9ZGh^?b{V5>CB@ z=oi-=-K?z%2l9Ps;JEselt)gC0!TUmuPj2i0w2pf?4aKq5dU6uGZq zYPYi_zc4PTZEv&)yPt{Y36_xj+2BS1bB>w#ki3dEf@3jR8%n0&DU1}~yfVD|7}C?z zdZ@5#WqHplz2;e{sNI_EN!1VNbxbz3=ZSzjEiCOb^>tVU{LpOYvjpQ=G*LAKgUB>7B-1mFGU+>pV8G4382u|HIZ^Q|FZpNUy>>W|g zhbll^i6~!x@FScTJLh)CkEF!!TyYZ^t?~h>=M2wHs+oy(6+Oi9jCzGA7H0i=x6egq z&t(kfoaHO;sWa;uP7g>4lK3!@Tm7NT^NTaa`KWR_x9r{Ymj!jkM^|fi}3#|~l4q~ZwIh@z6>Jls)t7%%R*W84jWz=tpd6m}G zONpVCWXadJb~+&Fyrx`#6SH$*LFn1nwYzG@^E2lN8B)=)=1h_z!FI1xcBeaBzm2+v zCB$GN2JgXNWG~VSTRqch_4_jaK_&T!7x!e*O8yfT73LO1feL(Lm3PHR1d-+JLW0-9 zE;X*5z%fz`)emEmvgk|Fbe;Sc7`p6X$i@*VLhuECYi2uww|cb$%Xig_COX|_@5{6b z4$8D33ox4RL(Lr(^K{eh-O{3{;`8!GS=qsiQ3^KQ%lpg7*)_Mtb0HO970pN{6P}}% zzb`Qp`wM);^St2nFkeC&j>yL|ih)H52N#Et+zrK^QlSL;cPVi`R5-g{#J+hd>2N5VNS5m!&)o0SIfb*bUOq zD?Q9&V|`GJaL+xI{zHG;fvh8#rxHA-UJvE^ZP^h<$03nr5-&KV0cA6BS)R#cmvDvPwp z9#ZhBiw0hJL^ByU_+i*`){AY?b1Intb$-*QPBZ7GN_ZeEe|LIUV>s4?=q*#_{n;eg zmg)(@+Mj!4~Ub+T%aReZ@agfHt(#-6O|9sFF3u2 z6ih>uHZeJ;EwwyVbTc>41R8JFwhqfe%;G(JMH;ig5$EVH&yGYO-NSjCWUNuNq(GlS zf}B_NPG1jEWSzaUrDx{l=66<$Vj`5<`;i$cKy63L9XYWyGPTtES>~<63$jgm&)$|i z@4oj;M7k-m;2;nv&2_6YqZp!f*N@9J&zo*;(Mz&k6>~DQ3LypfWL*6{ogsoNoai{$ zbq1(_g!K7=XHR(?^ZCAJT!9}`^ra`fCZQXFT9SM8ded{2eT^1$$^*^Q4uBVWcj64x z9-Ds4vPEu&k~(5tFZf*w4sso@AJ`lg5&%H$6Q^#n%$;8a7W#N@1M`OnV85Vm; z?rtOVZ_~X+R%N4g+b4qGid4Tturns4+g$$V%5Up=wCv6%R#cH~6UWwOGf{eCi=Y(dTHf~Vp`R^RW6#3lM_0M>JDuf?!BJ)Ql`v3!b^ zMhui{{`~#jBYfQ07D0ER;CrmDOIUA<$6rZ5r!EZu zLf8w1!OI|Y5@VVOOPA9BG5y)=K_qDPem8a#iLxi@Ws6*zdzQw{=IQIpn|`YH($0O# z?-u@9%|6u3tGM!@^h$rLg5Oe|<|2OTaZaLtpP5Ok93^sfGO5 z3{IMy!*ZQn?k>mGbw%HVtKO)xoub;c+mJN<51iruTqwU7Y&zzUYZbyuW2g#iKj`xX z2E4U)0o{_3?E~f=k?ne4mF)>(t7%^HibZhkX7N^^_in;ySK50R8jShkt&tM& zL$uV;6=XU$&mWrm&pto5Gs`*|eYk_V@Vj^Q?%nLfH4!q^aN^*TG(ckpR#Prn&OJ&3}bgnH<`TzFp=1?*Vac=$cP3L;JiKG$H&F_Y}g_^nX+i z)aTQ+zt%U{82@asxWrCa2@ZIvg}GezicYpKWEagBZnTB}u*CC%-Z)uvUDKta5o8V) z-^(I*Gkv?)IVpJAmi)%%;xGkiyqYW<<21EUwu2AI^aL{#CgT}O7+AIXir3P5)S>>6 zV&Af$>hSO2zSdjNAH2+x1K#K#asV7L2)nT;m%1zhe-sEOP0wfEa}EPE@x`z8W*hjo zO`6#Y#+@xk)YaAJKajrQlbnVeO`xj&a4WFZZ)Fxzw=%$1>;#&Kt*@mSck|BC>3>Yu z`WQo|u$^{1H;vhQ!D7|I+8Z@TjbkQGOyEBJix;7+dd>Zk-7S9HVEi^>WtFGht z7Fq@2JpYaE)=$KK=Jf7GC=is9^nO^3x&N+10+is5pv!jN;Hk2f8!#a=x`8BoM5s5M z-uy6!ALk$;>7>iME8>_9ZvDrLip4StCAC2t$9I^Geb;2dlqTco|o@p1k;yK=V`5H+_33-S=ArdiY5)Gl|%b*kl{1 z{!5zJjhrKBzan9o=$Eg~UKRY`;u4%IkbI=+WvQDn{Qva`GLMP!uk_CO`^>f2OWTHu zCf9=NRF;<;hV&RCWY{brT#z)1nxxpOe%AkiDM3_(bG$%xgkdKgJQ zDhsn?J>Cd|T_jH-f*1GVN((KCjEQ|zS5A|<{STN(9?)xnXKpZq|1lKyO_%=%5CbT2 zumG~>>wXQtU>Nv7G7Cnc;GUx43P;ZXYo5T_y<6YOcD}QcEOV^t-MHgosYzj@WILPD zPO}b*1Ly4?8U;@SoUZsfolI+B;Y1#G0OzmDy$!za#-Ln=O3KbkolBlo${q`=jW!|_ zYNLl%(?)=7!S;7f<^LmS=5Rs4VP2D05KN{17_3h6bUPXJZ8>mMt!eBAWg(W2&xf}% zGrz7?T_|WJkwYYMQ;T5a_$HFWet_hJ}t_|6al9XB|P!A zWY+>O+Pr#sz#!1wQ~3T>o>;vSG7&ZxfH;&Obsc#^EFn>7C7Sq_XWcrx>P*4j^f1ubEDuao?u>cEY+r6Q|msv-P zw&|U>tm>b6elCA3FEue3p#&8{1S{rN@6uI~@jl>MzSFbbcsxyFQKz@l@}>XQ%OZ{X zE;U$L1qmtFaM6Zrf8f(A8J!O_UsrT891g9f{nl69#q#@_RRDI%Ud8!Xl`>QVB6>Mn zEj`3zIzmQgXO_GP8yc_l@zZ*Ln^oTMTe85xeTRrGg{^D#YZn6GoS%mg>11cEk(tc* z$S4`Y_V66K5>3BGAwL88g)MX}%K&7sy1?6l-SkUMm4uj+`4xVUxi7I{;iA5&>A@sx zm>>DeIevIe8`UpKC`WKn{|g7SH-!z(&Y^Zb?OHBBwe2rSBq+F*cP@N*8Vga@n<_6y zhqFbBZ^P#BLFP7tTUJ-}>b9Tc^*c3Monb6E!#0^0XrGjJCEX#Mj&*uIQeeEdSK23H z>%`Udjy95M5RETF@Af|~@;^vpUsFE_3VVPvm>`h_@ z*=8S9nGy?Q=;v{eZa;xlSwRW?J%Gmh%bXl$0_BHwkLsWAA*z&Zd!k$91#KeYAq()n+ZHXPH`@f0@zjB9%9Nkj7MjU);q1Tvwb1 z9HsBEbH|v`SVm;(E#%jt|G`FLgndz)s%@~8UQy1so0KG4dSPM(8oj3J`cofsbNo*~ z4O0EGVDz+qY5*5-`Rdi2f#&pUpBa03*S3$>I&Ka`4Pw!A`_r9BNB+6eUwav+45zu< z<_t3!@LVuQ1?W0W!%>j8g!d^<;7L|;;IKdd|iSVENF{T-!HPnrGrDN08%RL)@K?c`(c75u25_Q!MmJ{w z^e=$P3wQqRtRuC(rd(tE!J)J^i2q_yu{z$BhO`-NkzTkc&)Dt|M(oV^G&MQoyizOp zUdC`JaXAv}ybHA6Kybt2P+KfpwqqVXY^QF05VI|BUoH4HiPv&tVe6x>t5Iv^@A)el zix6e|!^Zs|A0q4(0%QF}Ub&|PDO|oh5U;OLff){;Z5)wb4%~SiFZ|OsmTWO^y0%uu zmz8y-e5%Otl#Obj#l8TqkAYE_s}_zaHzu_eMgyDatq$#i3R35!6UmlWV$X8*zk|PQ zBt9u!uQ&kR0Zp*M;pEq!AR;D>+^_I!?4s2p*zgspr%2a*U?%U5h}oG7G&_Czg9Vwr z)Q~wc6@H7Q{UJy*F&0L=FC;emoywVlK+S{e*2DX|eRL+PIzBBuUQKl+kED6N?&A}^ zR6{877*M>~yfaaRegCh136gv`yuSAo^z0w>WB-VoE04t4uUna#+Edptzo1ZE_7NoY zd}!UfDRYKne{RcBAuD?x@7Q97v-{LzFr83o=5cNge3?j87>Rvot^a0vn_7eJ+Vn*p zZ~EB#?{JQ(!w;3_^!+ovC|citePr~zJb#OY%^}`m7KTRs-`6j|-sFHHJ{4&8{MG2V z^NJKEkq>bC@@e^@HoW|R)1czDY|k$vA4)7R_dUga;B~a|g~3k#dS>-lxB5$xv942pc3u8@Q5(%``QMkrjawv%7(88Ix~$vJ z_d-CRryEO+BofyVbAN*W7(z_jY7k7aTR1i1SU99ed}s4o5_as`Q?(mGG`l z19te!^YX(UsXr9#c)$OUOH*A^RFb-JAzmp0=W4XwVJdgHI)oil7oF}RnB5|kb3}D` z=M)cF_6?#YOJ~PKvB$-Xq68GVoJjFZxV&O2Yk!eODjmjj(Ik>eW~t$Y#(t0SwnTfm z!R4CcN@~&!K>KsDm@R_Tw$fn9s2cHLm&kRjCgJx_z-bP*=yQy{nrhp)r)SS@d*6&; zg`e71CydtDw|ZDIa-bP06)<~9*IhdHi&J5l&?e3Jh-u@*EidfOg&qI4#mKZnZ+lOp z1gILGs0``$_wNuGRF)MD|%Q$jBxU9&u)+yxyK`kVM)&9VY+cn|fg1P$m zCTocxu{kMQ9yIcl|M>)4^C>p7V}zyREbzm%h$Up7M?-0Yw!@2&dHFUc+h9sbaXT zlL!+2wGk1ND-SGe<)5d=Dr8sH*H!1<4RB!$EiFTxJ{v>|s-M8o%50CrT$LArc z8DGTp9c&I}16gDJw{;fe=R(=hH%VX1C(OmE*6$FQ{A=Z!Ni5ao8cq3lCu1Rqcd6%aGLgpa4aG|h}h0s|v(5W$y zUH6Lj)cc^T!@0AHbJBFl7UbF{CR!N54wJVQ8|=o_9nHvj{Ps~AK@RJLf1@U>!x4^Z zBL1&)bxnkQGtqj+4o4_Od4h@b{%~y~89`S}P~lKU(+0B{$zUP`6Sm(Dxt&3V5tyJH5h_Wv_6%&&KcM+VQ zOb0}ezR#dWu#2YU$Gg8r_LeZAmUG)%e57r2>fmS=MepXp_}pI7wB%WQUNXyURD1)- zl>RpT@~gLtTK`fpm78!Jas8)7ZeUfS;LFZ_y}}#FT5GgG$)u*-9YOZ(urJorRtAna zC@YG_51D7g-t;#d<~q<|I2emXc|5MGqO+dVuY7DDx+1rVk*l@3v9fTle6lD_B8qg$ zzOQ_{H}Jhff4R2B`Ofc=8I^)0-8Z|9O>if!zgheDg5c51x`a`DUDuK_JlX}eV!`Pp zOB%8!m2hN*pLGgDu_5sUgN=Ic#{jmZrwNQ0F6-GTi+ZbtBAlSp3Ci(&J~%$1jfsd& z8h=YF_*Nd+TBex46Rw+V&t6cV8Jo<~>@-o!?D0e^rCr`Vl0;X;L;0Ha@;gwQ-#;T7 zn7iXHQ9N!1YO4=sj#1wvoo0AO269r5sQNzNb{*tb8Z}_Wi*pCKc!Tv1TVL98+57W- z8If*pzR*v-g^ttvT{(zj1`)H<0)zt6ey-2`YXd+?7WnGP@NqVco(F^SF{my~YrXVt^cf z>Hz^Yo96X5ik5-}F}E&j)O4JEBxR*T*kDL|UyAiR%|mQyd0Ud?Y&5DEMk2^P*?se0 zBF(X%3Iy%7g)Op^tCULH^>t@#Kl@xv3Fvkf;{1=vA|Rsfd*YXfp;rAEB+aDX6-qUc z&PIMVT99U5^`+i)j#ye%^P}7;(?VItJ#DVf$yDs;wvfAh0H2oc94I3D_(xoaIfFFNt029 zN(AR;xY=*CH{lIG=oF-QWQ6Q5Ox0Ma`Fy(mn&;Lz4@T5S3D6|g57Wx>yjXA99~0C5 z0$q=(15FBf#G+t+QPiZ2D?f+!>|);TYJS&h(Dt|h&ay6dHeaP zusrCbW_(oh(&meFykGr~=>P^Jc~R$|>IsCBj-yH|VE#oVj&}TSM0hnN$CZ z`1N%kgHgppe|lrW1fm=)Ix%Ws*{t9(J8#pT-$u4Vi~%g$sp{r)S{&=>G%t%L4uu04yTTHDE1OkS|ytjJV=Q zuRAlplym{!Z$Z9{qA|0w)2DTP%OeNEX?7ocA0^XLr{w3_>|ws;M~{Af6E6qt{=DyAr2O`(0bDgJ#Z zk+Eyls3SVEiR@kMiHAH#DxUE^MVElh{LLN1e+e3hMDm}eI|+iK1?MNPb=&rr3%r83 z!2YebJ@JHkstVg8yQW-$4HG}(^|b^|m-EY2Y9H&GeMf^2IV`WGx&{4VPboFv&%JW% zt-Q=g$%shC#jO3j$QrOHBpfNG+8vBlxkos(>UVj`DsVnOfi3X#f_H7&)0S)AK_;J= z+U$ZI{t(v$qj=%G2~y!1@k$lQ8t3^4Gkm{}30}qfA+!G<0*}96Jd_t6ol#k2&P)}G zg)cduMVn)hHLZt20Fq|?o%;{x^S4r?Pl543xzMR{1-pXfQ2e5Y>eWLOz7TPdGJ>lh zER@2S0|yQ;va&vOFgSALNJ4TlfAk@#yAXwjM=9WmHA3bU`gcXGL~?R+mVxR`8%p>p zG>j$?uKxX$|9)`+u~o^A$C9)#jhgVK*!)4;UrI-UAZmeq{y`!L;d89e-YCbuVr3Yf z;-2X(N~-l=(_R{Fer%Lyd=w@pj~M4Ci*tr<0^^QyV6ANnU7pgSIrteCIUjw5=yeLn z5_`6i`8YY1pXjBDum`PY^!NkYY<>+)9Hv_A*Z9K;pcxmbVDA(f-)VtrFRQ}Zg0hzm zAR<7ihn%^`aHTyXr58pch9#bgiC6Q~sav_-8Y}WxfB(6xScQbAseWxfG#$Xysx+n5B?daLpqF5+_e#xH*=g zmC^>wvkw~u;AWzkbESIZCQP5k!8n!{ObU;~tlC|ei9Q$z4UVhIDh)7>D-2UJXNwkw z>#Y!4RMmBjOC+vXxx?}C@yh@d=3hg3xT90mG3f6X|G1BoN*M5d4)%P^$&4h27i|)n zpcob5yCboh94R1>so1~t$^?<@#64S}m{>-%;n%EgHd-yzt8n_H`;rddsTr8JaEtE? zfUWx|41{Ktkk*&Rx~n`LvNG{todhCL!bgs1o+ zsj|Tj6!DhYcla|D+Ee9c+OxDLt)5?w4p?g57otW0XSD$k)sOpuH93inRc8O#<0nsY zA7KKSm4F=b(w7RiGews2<=-#b{lS!QpxF@>vmJR512XS`Rk7G+R}8ALp;+pOM_t*w z^@V||w(N){Tk`0WBy{-5V#ab{Mn|0>l_Da^{aQiw=h&}+vai#&^TaEm82%Y_j6Q2U zdi3Zc{S1{ekF}YN9>$WJ5qWg(w!(H@e077i#AD+0ir>cac;X5PW~j63Kmf{S2g>!z zT!uve(|5N@1?2=Yk=;-OHy0-YuS1)K5+7x{YLbY>#m;o)ZT!s^uRCP_iM;+cLx>?J zgd>($OrK5zEUy$MgP*9nSkAZVAWmP*Ik}_baGrOx;VO zXO(#ria!>yb@l31_xUfC=B`~7T4;K?MFNaEt6u9y$pE3KQQgj}*~&WrUK**_XI*}F z?jjI=9d#R38>dS*1BRV%P@;a!q~ycuPV8wBF@}$6iKC6U-1J2|6KyxS{v7 zCa5nkYld(VC$5J*LcM?~a=|3RXmgZ~jZJ3Bl2kb?`Av=Q4{jNm{>M)J&+TFZ*1v`? z!^m?sF?kI}5#x?K^;i6qll{ZygTW_&ez7Zk-vf(M;KWgnDq>{~2{ZP1i&|Oh22`5Z zH^dcWs4MZINA$K?f+u5}4s)X?i&Pz&3yW@y*3abkK}OjSh^!dML;0pUGp;kP7gbFQ zOaYVg7a(O|Jaj0;$a})Y~_H=wd@hD!-roM>|#?0I44bQed-0xJ`v5XO!dKo z*B|~NgoYGQ4N}0Q2KRHI6KPD8UQ6twU#`$^@Frp)fnj$5hXaeiC6UU+KP%&dJLA4%3C~qPGo1{{z@Am@-WWDm`V3<@y zbP{Oo5`YM0d|J`(=M`Uo-WFJPw6!I`xK=B(i8-g9+*0UZy&j_5M#LA#T+BTOC%ttOfbkg`344|a~V$p7td1#uq@myF|4;?TK~;souoUiR$x^Qz(CnC z`;VGN>#@LUZcYD{ts|qcirs{K(rdJdDl#hStkn>Z3UoiW)AQ^>B~Xi6*6;&6S8M<{ znPo6qxmc7rMS9Ue%Bc6_hyQR;91T>H!#a?j3Z8kjxv4bJ$tAQ-EB-4m$8rQ)?+4CxWkI7Pum=nOlUo<{)k(^ z_rmA7Cr;ic<|KQyF+^mS*hy(=M=#yf(Fx%o0f%ra;Bf!3KEO$G8w-}(7pZ?f}j$e0Op#RgIzTki9JQ4+m|08ylIns=O8iD*^ zgB3Q!Xgi$J8-}+JczyZG+u%D^lb%ojkcw_#n!hLMa98RHWuG`uxbsBq6TJ%*9@$p2 zTh+7&j;c|;jhIO^v0U;#@nBdDm8r;ra_#*A9_^LL5`SDX-mH=RFh0_GkULY8;mBjB z>e4>FuC(D^Zd@F;hKJ}dfUmtmxs6*Zs$DfTn!*FUgm$I-_#@yhWMpQ(RIJR%W=@8X z3Ecw_xnCem!*}POmw1J?2CHMg`^BwWyEir_(#DaXqtv0dEuKr`*0VTs%86iLd&t2a zJ^m->6g+|?BR*>}@wb&)nLv8k6N$LN&Nvi`Q>61?C~|p*CivlTU{)zI`}#HMEkLW8 zzeqY0cfByX{w+&l)()XT2Wo}LcPUb$>|EGST)qrTxPoppdtCFB3c9YaU&wdDlhBp=27qa6E0%;P|vTY-FIo0V$#fdc`Dy%44YIY^WJO0*#KZ!0!A2?w8Ro08!+_;z65Z!Gllbx}l zIi->zZOxpDGSLTD(&GDuyz@l**l(co=towEVP6>m`B`!%&DTXip;AgpC)Qnf1 z9WK)q%E@s*J~8jav#z)tp|(f(zSERmqasTTd+#4j^REO0tqjq+k|Wu52-b@=IQpR8 zv7>tB`p8~QBj5sE0N0iK>C+tW=EMW6QX3)j$XMummgNX$zqZc05p%V#IAfE=8I`Tl zvRPP9^lRKH*3#0lH#dC5bpciO97eww&-J{z&~TQvm-gqvuobWZW)pX>KDo`0WIYIJ zy@#})A|@lmOje9zL|?0ka`pK|(I6)heV5{cd{QkBF-1K{*%N=-sJ?N?CO$$X?9n2G z{Ekt3_iU>!rQCEl{3~Dot7?q=8;s*9h8V4sxm*du=2sydq|~= z?36|%+>ZV|ph3Ulxfei+qQILI58;7kXrWrEhjt8$^kEp#tpwWdbIx@emp#={^BG}_ zGue&u2yj8*-Ux8S+&$z{V}Nk+Jd;=lLz=xc4*AWIL4B=5-wO276iQsbsx(vPFWb9X zop2o?OybiwJf`}C(c-%g9@7L4chWdDg*Ofiju|kI@_^lCK5?peBb87_YUy~Sq{*_h z3$1sPbY41fyDF1?G{|x6wfzBxt}aH1Hy@;lt5REe57vj&`$>!rYvZki?tAHNF2XP0?ycH6QNjSO&mYPVdV3k`^ZC-4)##5Sicfy>{(|Nf*%K zs-*@jYe}|1^NL$R!7?xg8xPzhZy*W!818j%5<)PTOgv&G&MNQs>u!&66}OG$OXG1U z?`Vj@CJrvZg)7q!Y%I-n2ohIC8^@a>nL_X%4{P!8^73|66!XqfRlMvv+;_i>*pdcC z%3*nWE8SvPqWXhlXk|y+ zF_YFUs1)K*4cvrn@$Y9Lq~ykFLTQYm+gWTc{Ei@|k(=m{;zU^*Y`sB3GEg8g$@hVs zGmgwG-Uz=!|8`@hu=@115*5o9y2L4;d7xlB8-sps*KyYhzheYP!2`Sp#e*8+BDuBi z6Q^+ooQ5fR4Q|6b$>O$mstL9BFw#J$b?@kr$RD86tV2?3G3 zho@84erjr}yVApsX9O<38EcbAi*JJ`e9cv%f)>)xC>mIu8`$--yq28eIylDMHvGHj zZ|DaHBBrVuwb0@!?=+5kL4OfmAV_>DoT&l)b>c{2n3vp#QU{Z%q1tN0{Bz>HA93U2 zdu&ljQ!HYnt0NKp6FbuneOl_Xjm^QvSlh2#?&h1p>lqXC0?W=}=}>mO zdUrjng04E&?p=-NaJ||q@`^#pv(?SWU}0zD=@MI=F%?!?H#)cpeO7{xK0D)-GnsM6 z_z4{L!}*K($m#y?r;aZ!X)<=ru{o%Qd`+){OpK~wZL9eJ5<_x`{Q-*bCEwUj$T8OUSNN7hXCyj(7)y~ z(sN*kA#2g53_o$J&6!(blHR-hh`@%MF1jD2@sZEcs26*$xJv8EL`Aj0!8l43gJo1Z zt~;Fe&=c$y(BErPZD$`0Uyn|9b9xE5&yQn1d#SLvjQ5!<5J8Io#hlUM=Y^x;gaL@R z?#W7R;in@GEzR5z7gI<$(pl`H$=#_U8M**BD||>EsOco`Y|$tVwd*}_)S@cY{Qpc&-fW9?qwrlUMUnsCRO!X+@DtOAz87{?o_ zCNR!8*D$5)5~vCy@RUtE$dQ0sJiEine@-&*8}$!1xNN7~-a@mC!1W5~hN693%i`8E z4z(*VqC*~MOtWhpcHL28RLYi$jUq`m2qlSV_4k*$um0#DF)wl*<}SHnaAc{Ki`ozGX};@xLrsE^vyy`|yneZqUkv8W|^r$HGm z29CqLCvU#E!pYhN7%)qH^?+-Vd~U};xl2)K;0u@&=0~#~R#;W#6P&bLA*xQ+Z%*eW z*2;(a7&g5cN7G`eQt7Gog0F$H{QecT1aw@n8xRNPY5O}Bxp=uMDH=98yba)Xux4l2 zckl~^YkR}K-s2S?j!H-vb)ygFE^#go96zBta(~yH7eTV&2xco?a3wz74Jb#mlN(Nz zLpX1t4O6oZ_Wd-XJ>j4k&}hl!#eMC{zTGIaeK#rD`zPReQY&#U*36z;&VF`zA`xVe5Y4dn67i( zsKMej#OwSWo_q;(V$Lg%Wmjx>Km}ChJcvTFBu7Y!Chj4nd}d4|KhYu2A3u*4C^49u z(`-^3mlt^QzUN!N!VZ9{4UO7OlQmXk6R_8=Ka|VO0aK!t#dr`SB+$ZnP*qLJdVot>RQHJ~Q*cI|a?SFXERP?f$h;n>Zmhu>{IbG8r^WsFz3TH;6 zVZ|wWwXs zib;7K-K7R_hbx)_D7!(N;`fHi*U81LEt`$6%BB|btQkqq$juKaFAXQ&PKs5K)`TD1NaOlW&uPYKD6XUy918a0*JmYqO1GZvlj2iN zPBnNLH1^tQG>A(g20*m}NNte?` zy{s=NRm9?7L^^aZUn%@dpP0aFvRAlse?aoDG`K+(6yKkcI~@9@i?YGiOr+idv!}Ur zJA?YAbOT<;B6@I{oNQb=`@v6z zJsr?D|7w+uG}-ChJmzV*kOh%+ZYUY$OCTVBUd4zS6`Y;pG<;=jA>|}W|JJi_NOe|y zm#jeTg~-_67lVqg8)Pi57UzUp$Zx6^AD3zhUpF`(doD98YrLqQc*ZKLQ4(#!m7alN zO&rIia6W;{pG;~g?66H$5XPE+Rf_91L8o`KYy}Hk``Oa7`f0*4> zSE-x4Zr_VM^e5V0YVN`j5AXJSIy9^9eB4e1J{Ad;S|_n~9?ru_%S5X23zh1f-D z$^SHoI}}fQls>ODunv#W4*as?yf+Ijipa|?EbVhP8?3$hfp_Xl<#Wa;&YCe(l<-Xz zwQy#|+=(tR3N<5-4>1_rBBz3C!;M9!0sY#T_0FK36_ZAbh3xK6TDx%NOZSNf+c6b3 zD3w}4+7O7|!z!F($Q&9ZG2i`XO3$KShcD80v6f9&alS!gr1np1dpwt{o2NL9>*(T0 zc=esF5bY=I69~@dOpTA*N@`gHh5ur+MDYg=vRA+YmrL9<#WvmA(O|>~jJh?4IKA?_ zFh#%R&rLpwrQ|-tBI|X^Xd&xf<%s#D1FE>(l}w3Q-Xx z8wwprS52~>E5m|jQ%0J*NM56a>~(NF1aI2 zzMRaYJw-=a0ZS{{F1rK&g>Jj5lPX z?r5RfDVG8f+rM}eyuBs)yRVRL1e}Cg4@rrs589{&0*&~sIjK@R=n)&K92E%WoSwc> z-G70`rA$r3Q#QAjlWlCsXOQET${tCY9v{7dA6W56lpv(B>%I0^E&Zn0QQ}!Oi4;B@Z9pTObQ6$ZdE(6ON-3XID9fz1Y{vWq^K` zaZsN3wT$dRM~+q1JH1*M3ObfJU_u|tz7y`0a$2r4k$Cy*ftrR+p;NY`xKqLO5d&9F z+}6w#GpSpf>{2DCJ$TWu?CImjT4@S_x3DP6aT#glBKE{B>obou8CDW3xxS!BQc)Td z`DohqUB&k`m=!){6j67c#X8TKZ0;78yDgDFk@(kb9y>*`XRL~}jjv=ecVE?Y-9=<`n+ir&P&e{>;)>S?Z zZZ3wAhLr?oVdj z{SlWW`gYu+nwz(U=d~Q}dud=tmn79Z@4h~rE5-XfvU!<7E@sSb{7);X=2XMJ%=$UT z%~Byw;oR4qR1I(a-y#B`$*~WlLk?+wWdP8i-o=YCQ)G7a{n{hj%aq?%=gp+5sg>ly zl3mIM^z`&hG8J;$<|Lt3_@%UVcqp+)<=u_eTYVfylSHkCvX6R?`+B79Y^@10RDfj` z8P>H)cpt!i`k7?-<7np`{N*Rp@0CI~>P zL9>dY-J%JqNFa-3bv>)3g0bl};q5!^4)?J_vHq4R9*WXmhDteNEY zguuZ#uX=O8&g(6ADK`z}Qf7bXx+~1dJ^0l$Y4S?s)h~UXN(>CA$BN78B=NU-E5B1c z3B}wb6|yrS(2)PuEEn0(_y}TIUIr6kZ8eDt(PM%Iw9S0Qz>BMdA(c50p0gO+VoAf` ztoy7z?PWdlF`qDv2VP!X*r#?9NhEemxe&}_* zy5RO6n;-@^E6O6B7Hvk#a&mx6h_9 zk6M?;T8zS^4pCtbp$(U~d@ljeVmcRP?h+hIX1I}M&u$_KB|WW5>?R8+WSJ>ubRt%L?=Ib>1El z*@V#do7@`a@2gyu&pbJu_*2;I+j6Qrq-P_-wpZvVE0Xy+L{^{kwGUVZ#y!n;x!+8Le3 zaA&GXi}T^K*K|)~3oCFHx8#}99GkM;mi;Ko2C9Y=TPCSy9 zN+E^mTKuh4tjc{<6aK}FpyXWz-D--TrmwWDX(pqsUAe7QIfR9EEyxIEK%t)lHLi2w zK&q*$EKHm^OC^5$CH`Dstot(sjuDjvf`kc%=c6dmR7k^HQ|$xA^E_g?i&RLt=V7tX zod=ZwEI4F>d8jlZz_7c-Hti;IWc2BLxc&t=I()xtL>sqyJA? zXoMZ}{PO!ViKL~aB>{r|-W?~ZHHY&mo8?0D?28BhjDUR^0sT0!en*i+Y)CYGX+0qR z`p|AH(xd{0VchlsR#w*Cocm6^h6dGn;BCD&*{OV(i;G6iQj8YbmdRdG&j2vDexIP; zlsl=2DI>1OO5LZpP4TXs%$J9*PloP<_Q6h@dNwK1r)U#Kav$MfDLUL=xJbmLL7Iqk zj&-^cN%S2jj!qWMun&MDO38jrlx$OW);^1JW60s-`i zLHdW;VnJ}7hCD?uS3F>1eolSR*ehbrpCaXQx8%}WKc8!K`>r4b^ZpnyHh7>5Q)ftB zvyFJ@&TOxcjo@n9=~^K?tCpmSfLTqPxyL291s>F%i%Y&d^e22eKDjj*bQ6peqtxGx z1_m*bzZ#Vf_87q9YN#?&>9o{cd*-(6Vux7y(PxWW~AFYfg5#C!0IpIZQq|cx>+Z4rpTsCzu|7}4Gb@BMS>WPfmQgK?*089 zQ=#Y|iP*v_n&jKN-iTYP@5draZ=jP0#=}wYUeaA#x zt=A#k3JSfS|8jqOX`Ab7%NHvW}ouHKTGo0 z68{Anl)6I&cP^j3D{RIKQOlWUHqH8$0=>NX+Y_9KDkxyKVxGR4aG=w9S@*nTYqDOY z9>x$}A|<75PNk=*?nuE{1CUFn#>(y$GlA z(!xx^+L;nUULj_lm%0fqr0vvg=nW73@n0Czr2qWb*ckI}!yW&ZXNJu;(wxR(r*|9$ z@frobJ?Fv~N?R*Ml&lVoO=8$jw0K>w{`%hwFzE=amQT z#<~hZNG{t$9$NZE*BfsGB3I1pNA=-p*|EnDv8yaPi5q6II^8+f&hM-pIC56Vlqhpw z`|I!lC70R-n-YS&NidW~-aeiih;F^c?vY98Nkm5JG6*pBD@z}XYKwQ3lMniUT$}l zn^Ww0BA4d#^@XK$`APkB+Yh6P37iesXc%DXla2wWfIA9iCj6bTJ0~}875Q?9fdeIq zoBXRoFDWF@SW6I{yzz0AbnAe`BWR5(@2i(ZKVKeZHJ#PLWau;){~UH(54mQ)mrru+ zre-*=TSBpDv(s1h7k6qcM-N6uunRFb-3S$Fu(rBK6N$OZIsA|t?P)|Ph$1}1Uf01B zkAS)1PY^gjFxidW%4uW9f6qDVp6~5)M8cQ|J<+@U}Dcakf|(=iwJV?UcomNO^#UvlCj05gtFvt1t#aV zU@{8qCws>X2w?D&3*siw{D{+S5Zcr;_0soZtK?u!xpOuX-}1z5dWV+us8wgU+GMF{ z<1&;w(#~wt$1_bpG+=tw*m!lL?cJWph&aj*9@CN!BD1q+$s&R#nGPJ;D`&U)WxDc# zc#ns4$NsUA+pVp*V3w-46+hR8-M=+bJpRTNt2s51N;4Sde(5iV!N!xG_hkX@v5+i$ zy35n$CW+}&Y7*4ieD8$EB#qWZ}@Vsr#@_YhWLcnUmTVv99 z2(tbC)=pTSV`^6#x~RDWxIMX$4T`r)HlhoW5;+q?f$R#e1t z5CJQqIyyFHgi3|ub=q2>T_Vj;yv?1V)_;Hz$=_bNtF?3dz|B*SCAIDYI7t5 z3Z*yGVB5Q@06qA1@$0K)z|_12@1H;V0IuvsZj5>D00b0q(5N&W3fgk&@-G^e^PYe3 z4jNfcPTk8Cn0>07!V8#+L`e5c0T=q15#5$3$QLWO9Pu&#{0AO3Pje zOE*e~(km(z7{9N>cvi17rTbnV(3Dw~kiv zwF}~cUJ{k-)ze$FT!`OSFXfQ3ZJ9M${(?TT({z>S2bBE%&c9#C3vXd2NX5dhKiG~0Z;KyK{fI8R{mdXmiKmzy)pxyJsD21l9`T-oz zk}BYm06q>Cg|wgse`mtB~LN1Xv1EFF^oD}h$P+V%vnnzdKc(31iD zQv-SnK&~8}AC?thhf+vHga$WaT?A2%X%7hGBQTRC*;g+$(C_?Q>(ub^vI3NWT{7^u zlNGt9W@gOjkY_ijqoa~&h<$oGE`p&Y@F=b&DEoh9>!OW!B5$AW(s)dIUpt13;#**Q zLf$&-%vYbHzx#WKNgaylDeBu539SB6T);P_yjK`Z;x z8*x8!kE?ftn(QCBgaur9KNpgh`*r6*5&gXo@#7*g-1pR5PcLOLbm9E> z8wm0Q!u>zxu@_o4CH_7e2=Mp{a6UGh z_TV!tY*zz$H=c{@O$XeU3E{55gO?V7hKQn(2x|@|c(lA>QZkVaCa}FJcN^J}YV+}| znsPw#{_6^GMdk8WAoqgA0?d^CEXs(&+`#rJcnofowa*VPaMU?~*%|DJ=*e?*aGM>! z1t*k06h-1hQ6c_3fw4zXS5YSQzSOS9)%K~o%0*YwLxjX4eZU?mH6%Ut`R_d_W(}CC z?lozK&NzIQOiIbQkzJlC(sls87eevXO#D{}-2VgB_PUMzM z7McZ+6{Y${nDnj&6mhzjfN32auhv9=dq^bs6X6!w*NLPRQaDPTSt57YvsM2C}#L&AZ;PRM(b$!1e&!6*r z?W;wlTEr@_w$4*^+I~LRtWQCc2L~j_#ms}3sSYu2=xTE=)4q3Ge<+it_1s? zq?FqeRfemtx*;X{xk|fJw8_aTOU>6u@k}Vcv=nD1%2ob;VEC%&>-cZf+Wpvfxhs-Y zQ;OZjLqY~|)m8y)y%tAi{E0To=^h1cS6`qMiA0FDdtspAuUK%a?(I zN8NORJi;(H_`wv#0@%nlk|l*1&sPR$L}oQ6flpUJPmf0m7%K{Z$a2@(KEBO6vjqeHtB+vaY;ORh=K(M`#r_v-b-)x25FsrgaRqA? z|B~b#jmu)V;`BVQZNB_A(`#6Q_LIAsjII-rG5g}40@V2R|G&^&VZK8BqJ1&%wBjdt zJ#VRyZjbgH*!`KxBSqk?OOzVt%4WSXU{P1Gq`Lgez?@<&8Vlho8IJww@9nJDQ&uXC zs*k<>E&G#iS`e~RUwF2*Sws+Q%By`I^l7Tu(tUNwPe--v1oNU|cebM2UVox?F3Nlc zL+s72_IvEh_WsSE{AlPV#bA7qr46b8RCb-b{Lt$6tTE9vkN6Rc!6iECOLOjh7UgE- zLM#h7_6EEuJ@_~xYz!}461rJSm`GxZ*!ai3N9xVgD!=*qTzy>Ilw6oC0h5@%LXFvp z(C2Y!B$HOz$1lhOz=6Q049i9KM)+Rw*~HHLqHDd_L6A}@S+k7+&zR+xJND0HhCh4f zXLMHR9~AM1``*pTXtXv~Qn4_+E@3N}VQu>k_Hd45h@mQ)EV}+X?46Ni{%nF{8$GTd z_*e8n12o4R+`}JbEv#KJ4uH{-dnHZy5ikw(z*=G%l2;#ug#dP~A_M8bBTz}Ho85s; zKG}E5L4y{6xlk`qiw1R#3J6orPD5gO9}&0bEW;34^t}Ga@bDk_h-ebXxDTM4rG)@b zbI#;}JQ-xcQot23@sBHQzLH}g*$5o8zlEg*=p(@EhP4i5zx%1a0A4YT$dj#6c_K~& zHb5r+aDYqzz;I`-X}Z?x^*A{%YaBB=KOv_@KF`gh1pXb3j&0}9%O#!oun@~S;A~L z(XV{I72bjX*HYo}(rqia(vQ+vNZ^A1 zH1D$;*kmB{9+#Nl0H)%7DHVb9h_>vsRM4da|I);AJVB+&T^95{EO&jt&Dv{`&U{F9 zTTr5x%qk06Vv!u#xKBu5t^G8FO}X95Du_qKe>*70h}e6p~}ud$GyBP1MFsL?<)9vl?d^_e-jG8m$u*?76*`*BKZ!U(29A zB5qj54tX~udVe&Z4wMwSonekC)egBi?Spx6z* z_gU6^7K3T*pg$!nkTGP9m%iaX49#lIVp8%0xk`lD29k=L|uB}NpvJe0pXXDZRqU3(#?~VX~cr*~# z)^r5OQ5917qPMp`MG3%ZYN>&Fvo>E3AHyGx@_x5vU8?|SGlKJ3B6dba$iDycyoc-s z4&IvH%eVML;?D}w<%Le;Qb>7vwV3?xiZF?bhzz{iVGN?%-*%>?!+RMjrp_b~ptj@Z z^{CdHtCUt(V%0sr-izI^9Nqc(L+fuXagB9!ca~JH*7aF$$?edri~O%l36*+pZ|2Jh z6STRcr?HH(z2DPWhHL+VPxjCkHP^K(0*azj^BDufVQDpy;rK7}sYV2O2uvhlT361Gu`2}1LGjkBW))9{jsKD0RP!w4jVqWVg z;1`fHji!}b5a9)rzlywz%k^FdL!Qr4D#8do{ihjZzgR&*@vvo`GKB4}w6ls|IQaOn zbi}ig+*S`|LKc}$X4RD?fGWB7lQ56e|G45q{84nUzjg1@WHmLHb7=7jjjWS0bjy`9 zXTAmO_(lD;UfWNkvy*^==;#cTu8i?odJQxrD*ck=@3EINF;naG-2| z4=Nw5AfLYLv!3#~CagofNEE!`&4ALrtl*Y}MeZd7YXntgp~=U7~hz zAi+G-SVyYK|M=!KQ7({c3^C&vQ*9o8MGE~emi$!it)_J%8#miVnPqp0_{jHMoSY5_aZhd+nh%@UAp>IiW~l z8Ru3v6gv9QIFDPW!g5vNOUZ$c2flG$XWGn{8`*VZ_pui;b(3i%{w7DT=vGrphYccQ z9z=aHHVT~CEw8674K?pnZ#WOe9R8E7q6JkO?<>(k~X$;i)!jg*W3& zn0Mk0rk%OKP9~?-HSRkUr3E>pBD~I<8B~;i{aW4X)3$H+Sc|uJ{6k;*d({gxpa*k3 z3yqEu%_HEFL;!i%_Fc?P)eoaA5m)64oKw}Gr*+~BGcNNOd%Bu_N1QE8zC>?oiB4!P zBtG!yRu$T_6EWO;N8B~w@7Y_t*x4{n_5%8dI&oN#y|J$M&S6(P(`UI870;`@URyQy zWd-Mt5xtI;W;dG{1S>mL?<~pH&a;oMk3f5Pj=6G_*|7D z1W%$uS@()-;)V)iQIwht)&hwCItBr<*U-2@9F3XR8uT(p@(leFaixM55f$HEei-(4 zQ56&j2O~PJb&M zFlzP)+KVGc-j4i;Z?#8VRA}p%9$|&lRRO~I&pCD{G7SnZHorSBSLijf<@Y7_fr-9K z2;SSWtspYgk_X*_o;uhdY9D@U1f!H8<>PTKa^P07=>0q3bsC>S$*aJxrxzXj%xIM6 zscOX8-un&=bIp@o*3PNw-%h`!nsF$oko1M`N8DD=Gp3H<$jC&|vMHQrhu&urxj8-Y zQfMj8I}@3FZFlKle2c^r5TMXrPp3!+|Jnazs2uS`}Xh71L8I9L#4HfXHO624pYwcT-jQ&#cB?0f+_j z*>kEh9B@zHEe>ddS=Ajwh7_WyC;#YfgkHPpv6RjzGlPqss>X}wzY(0LY_xu?sB_x= zq26gV2aI-m)3)(R5xtuQ{O8#gsY0xe4LnE7j%qAQ)35qC3!WJA!t3qOL{A02Xnzzs zTKL3*lF{)ANA8inm~DCY;`KhSJ!|VK$HjkfF|cS{KjbWo};Gnik8Yzt!_N zo=nV(l{D!v|6sb`!|7Dt47n+1xFMb#|%_%9VEn~d#)7X zd|wn|e6AreG_?1LHA+ns%WK}+y=OZAMdr-SfY|qD3CX<4k*zC%58-HaI{)TzI63T6 zACXoLW;N+r!~Yfi3OY>H?)Fk8CIzvGZem045Vtq28MCw;Z)ZqhgQjp7{=sX2oIhE$ zGm=|g=+5=*6otRUjIRNV31uZS#eXHEJuQ36OCRf_nYPaOR5jK254h6T%1yTH>1!5J z^0zsl2lI}X{0JmoOI-^u(kd6PV-g?2_P6w4zY`H$&XIfh)_~_1#}E-S$~6+a8U5OMZlxJwCH*a9(Cg@(a(tVDl*n_P3xuA$@|Z5 zfPTsZl3R#1?uf(a(g&z~!IEp%&)%l8mC-)QqI@9;Etfy}?^n;$CbQ50S>l6$iyjR2 zSHNNJKz8Q)DE5NqbLigDf}-5zjs9vtJ!V`_F8M5u1iNrIs6Pr z_v$5}EI=FrglE>Mru6-SF%1r@Tkvo#Ag_LrZ-J!>1UFjYQ>JwjM**I=4 zvhjiL^MzrUkTsP5d6DX8#1wnm^I8I6p@V%W;_>{$h%BL;eC0)F@{}!G6u|CNJ*_fP z7ElArbkvr)mOpH{wqaJQ{5Ja|?eajviRkm3^Vg1W%J=j-)W)!JSQ6QQ<)+xDI9>lb z8g0n-lgIa3H=!2AK)+?dkmS`9u=l$A7@w1=&t(_b_khw`Z&aylUr-pN2_iFrTJ_I< z+cv*0P-mjkv2(e7H|}AHH=p*_mgs^awDQ6x7UEryVWHk_7sA4 zBA|;aKf#ZndDU8R^S+$EB)&Us%-g%V#uSvnA8~7+A+vQro{}f}qn1*5mF>I%a@nNW zwD+vj_@$-J009gs6tppNOX9<6pgQ1Q7JThB5yK|?eZ*`%8gryvmOnE1j&w9_MeR|| zh7bAcI{NJWLb_8HA}pFvz55uo(ydzq9s*|vxPdgd+4*w&+$Mk5>wBAk^J!}v6u2=! z8N=U+_xvd7?=H05ioy>BWe1`>F0)Wc&4QeQ_Q6+Qa^`|+vGELM|6uE$FaAUdc+6r% zqdW0HKVaM3ba=C&lug^R^fzBlRQl8{0Oablj~nh^Ww8_SAKzWez2)WAlZKo_Cw^y( z>oE}Zr*l@Hw-z?61YxOe%Tw|xX|GAV;&A9=*EsJK*b1`zzo}SvlCqBFWjiZkcc-~bgh^BxA-K7Z8*pDlc{N+_tewlD&(ejCGoT>uy3IbizH_qaa5d`^ zPlvYl(wU^=Zi7X=qRWS%HA~8G1vM3>wD+4gcOuoL-fImRN8$s!FDi;Tb-sQRRw8sJ z(=5F`U*YdQMkemn{0X1A?5i&k0uL3RVdz<@Uq`3KKMFJlPG1sTls~CpC3jOAy<4@G z2h4~0v+E$XuL?PrExui`Y?NL=S_qMeAgDNk8FwJe=rv?Xq@*G#+N6+l%T()BQ+FAi#p0I~GL(=cFe=n}wb2a`n)Yp= z?3c*d#j>0d2d{gT9F%V;D`3l4VA|fL;itLDzU?0RV_$szdU(-Jdh*a}7SVeztV4Dqz*@?L6H^ zd&ApdBu8@wCYGwFjmq~& ziwiq;!4*F0Aw%L5WiuV8`jfR(W^D71Lym__ybL743}i6$&QZzY=IuyB(Mnuo^qX`* z=`^6=B`W2q7KeZJyFAx+l2$t1Rs3~`mmQ;zPw9IQ423}o=77p`5B$CBV?QZ>hGTPCNpzZ!6#fdXIyiDqCaXk`LO}vc7P#9PC#eTm2 z8XxjZLiR)5)(phrP-Em!eu4@GY8TxK!n;<0F*z2bkokvqZ_|D$+Xpd$JCP8SC?8FX zBq>CQe5`3(HG#@^@!_b4tFz_f$1ESP6`;>yO4?YTFY-omk@5`*Z7n;KR*wW6EO=H&zx3;0{p<7H&tryxAYs~*QPF@E(-%_uvRta`g% z%=DK!G{CmD%@ynRX>2SS;a17BnfH+e&Q4j~oR| zybO;sLBVGnQpz+~S`5lPa2kIEt*i8MRhT~dq#qxEIjUvk1lEvu==r8sI~OBmg*-mq zQoJ6x8L%S00n=h2M;h1CicSR1HWw@n)};&6G0TENw7A2qu<)T|7%P$WrTWE2wlz9B zdb$3^r3Jr$Q$hK6OT$7};-g<_|LA|!!{@Gsal$wK)^%?v)kQ~N z*>}8j`lsUs5qHuSbV>_=zFwchtf3hZ4Rr3?M^J zpR5OWVtZmc&+ncuxECyLZ`|R{t^AJ)JL&t^mX^Q z-J%8Uyw0rE@o=IkLQwOjczJhTmrOXooaikj6PTi{^enD@E!{oSQqF#C8Z}2iWgjv$ zIIG8BYg-KDZBwfxva4DUd~B7i`JbL?xFp2KzTggX{P{@msar*~lCc-g`aO>a3jcgP z3z*P6(=LiL+zKIvYPvl?J*td=Gtm(A?P2asEBw|X(84rN&<^|~VcU>dA$B_i*+@zQ zP=GCtFEb}hKpw^sNW%c#qc@w&jJ-4yN3@m0CsE+5Fa=wWE8LFFnYWiX17}HuR~o=L z>ymv9D%<)U)~Dp668+UcW$c81F=7|bz=))dI45OHGZ*S)c>GC)D+Vxc()XeSL zF<~ujb|5{_H;NW=C;|c{it{txG*sVlg7v&Wa{SL&roTDDY^+F|#n^AjTgH>sjvIM! z0=TCo19mA0#Dxsxq>f2oF_|wWCME};4=?Q%q7?JF>)&Jy;W@;E=W z?PWK`&;O&ER=-wM-=42baS;_EVq;^&b3#6%cccF+9paGnLGJ8|jtq4plG{qXov(Tq z`(bZJ8>GH40XxW`qcJj7rQ$ZI`w9>q{@Ab*dc*%mj+*w3gD3z)6W60maBYB5lJrWf zqHuKe`)PNFx1|8vm}k}EXTtDD`#*RM>SNB{h@Zqcs+D~Ck2ED;Jjc3$F)7-B@C3z? z6)pM&0cfK0egYlPK!>Z}kIo)Nd?~#BNX&2XpVSyoHsd0OmH3o~EIq@HPd}NV`FV&* zdQ=)2M%m-y0CZX;GYrIBQ|BRnv4Y(M?jS9 zFatkKtiL}jU#mRJ0@dEJ>hE7Q5WLdtzJ)|-K+Z-3zu$fX`kz5Y#i4gEeiQ?~CFF77 z5(zzSHLQQ^?zo0B5nx6Y$K7a~6FGWXAjp~;{QpkdVsHp{W0(R(K=$yk_pGURsS~?+ zNq?7kg^xt|A2#WOgOS9J5CRU0l`9`3TtxIU6lcIew&1vY{!i?=50aT&AnP~)$GRTC zhvv=HY@8Z__di!HU*!nYfDNa5VlNca1htV7WsihE)&kmxZZMPjDtiloJm{xw8j7j^ zT%BkG3aG0lM>o8)?Vq2}Bpsc0SHb464o3(FMZ$ zBW1xK>b~V&&8WsBszb0|ICuDJ>Azdcft{rDSP_8{b!#~e_=;=c4Yec&@9=Bpyet$P zr!@A}Y5ON*qkve}7MJH}qrKiYhe0>s^T8(|SWcC-ei@L2qdXsP=@lFgkbp$6{!GKB zev>i1Lo-TtFxk$^?nea*X$tIxl%LxAk2|0;k(8P)10mGMxCOo zO1U1U1|*znPo zo1@QcAR5AQv|#n$hqfwGgs|vOqN#lNwZvW@DJoW!w$}q>Bsk)O9%i&D#g4FtlYNR*hF_o@d(cKy0R%_=8%DS$?DuAr3%j zER1(HQ*BWD+L-R8eOGRgPK4+L+AokwDGiyN*VZQLsQ^zofu-ogrCA!l-%sD*;19tD z6uvSd=Rrryzd|IXE~#E=B7A1==e_%Ip{S+l96(*%DGYckJk0`o(CQ_TUuIBIFXza?e?I__*#D>> zMqKM9kuWvtzxUj?!6GYUY_Rs*SwLTK1bt0NU=(oPQMxT{*n0ttAU`G=To2#mYnB?M zIW_}o^od#TL;Kv)zBZ3Kx{l4wKi~U6K9cEDM~Fh*5|wZ5JtSaRkafEvd;R<^E&>^Z zvN`p`s)P{KR=s<(4Xc0iRY$7csm3$mvi(kd>iS;{H?GpJ<*Rd6w>pBP|>>uF6WubXTK&0x<$4oT)o%T?>ahZPiR)6N5%g(7D zdCV+;elf_Y1hrHWIpSI56Xn!4M`#)pIR5RY0A~+59+zgx^wd&=_-o9?Qce-pbDsX{ z%~C_*sd#C$!JFidleh@Ps{y-9Z6RNx-Q%yp8L1FG{f5aisvR)gL2D7Pnkb_ofapy* zIsZHPt)KwW4?&iw$g#k23lFY5m~(Rm+$U6tKg(kpe~nq1*I^4_L-$91tH6VZb{@_1 zZbUN8eT(_@MF%numPy$Id_RAY?9I896xJBeQxX#=uD4gow*s*)7reliLDaM$__+d@ zllU(XJE`a&;-rWJZN+8avT*iH7d3Z+9Bn0KF}yNJmR6Y$1!2d%=MT}8JLVRN1z3W8 z@~ENEP$nrnrKllU6nvRa^bH6%&g9d+7*m&@jFU%mj)K6b_S7XUS)XQ~y}?BuTp;T7 z=mZvh-Q7yQb%5KFI*UgDW|oKA7%;^uz^iWN0zkXk*&xcW_s_qEp1^HHqdrv{&smk! zy&Qyy;h%1gbK;to+s+G%ZMvnP-+h`d1G;q&hyvZhV}-ZV(9m$CUxK`2SQgR&U8Ig- zbbxx@))X2R#`Ym%$<@sP{dF#U#=-)15Zq%zsu%b~YjYz0`Zo2!D2!Zawzd;xZT4q# zS1ECSOPA8JFAPc509}7Ug`zs;t*i2_Uq6ve00-Rv+p0Nk#l24oTu?XXGcORl*Ygqb zZ6-Lq+wtvNDKW5{P|>4};g~wpkiXYgRv3kvgQXw8SJK;6z>e?<7!JpD8P>j7(XaKg zDmuSFnpGCQ!w!yr0B>0S`QH5n^TNT?e3rx-<{Jz4y@iXV!B>}WOvYqG5a0B?Wjhfq zF%DG$J`KqTd1;XP0WI{U>G0MRk^T^b(S`gbik2aR@~s~a+{XA&;c+dsh?v@6g|-IX z9fQV&=p?FUDo;6k1z0TqBo?(>Sz8w+EFtC*ck3kBDDHrt0_s#v_eichX8#|McM0sI zpJpk+?6BoR3g?$<73C-d5--GFQ>mWrQg-gj<MTAr)UPkmrrV;;kHxWrFdAIxulMS=OK7P+m3e_I=k3YNEEEZRqDmJ1}o zFs^H4d;C~Bz>_Y9_9;d3Frx{n_q#w*n+|W&46?mr$=*K?jU+ZqSKbJQSoeAI%Q=*=M-u^!;o4$#=}M13nx zHTCQROt4H(zpnRx#?3{?p=1O1NE%>)Z(-i8$eplGjS-cP0QB(;aLGg4)i$#)2y;L> zat`p7Ie=U^3>=(9Ff@BthVtZsCWCnGb24uG8Avx{2EWSa@ia)J^*w_jmtX+8?N9j~ z2poF`Z=*1%{mQCY@|OiJH7gd|8M%Nl6Aj3g4V|^d-|b1LZ77W0sO`djn6J2?9Uf}z zc3_#&x`FE=nh=$R1mxbC2@mZ3$AdO>_c6f2|EcUu+4EB9-S+TZ@^*_}ucudPh81NY z1(wuN z!6Y6|MduHjSvYFm7mF%=ata_1q#}Vc@d}ezF5toyhx}wuDP0JC-{v^SLg3l^FaEze zWOl-N(@yl7pZNmYE4D%!n=-K>TeOfzLb6qUX$!|YkdmOzsdT$!iq!_Y5FGt@^)CHx zPGHjW$PFJZ3B8!q&^o>6VBTOJv6~!rwREPNw$yUi$1;`p?ZTG*+;;5S0abANy*&^# zpHYOtb=*=E;wS{lwi=9!uK=XMeKfOb)*T`3{9N*NaJqi|hv@$PSNx#cQLo}@ufs!x zr!xgbK5$bVp(vHOpa8+v*?&b~K+J40?CT49ahpMy<*ux~et@T;P<}+F+BMPw{sr*7=9!Q{HqV8 zK}J6`>}^;91oxwI3>8B3XIdhgHZAai4DGn?m;r-sgeC02_|Lc3TLk`>08i48GKbMF zxWTx6*ujS18IAIf;I2gaX}X>(;Vq8HbE-#EB%cO6`uJ2GWdYNVC=iFL#7mo@cS-T?F~!JP_FRuR8#Q=%3;sYAZAZxES`@P;$?QmnrXg8HJ2TOW|;ndjvM!U2VI& z=pBl)-m_8lMuy(lE3;UWbkv+kNLql9ywQc_2;;;9&n=PdQJt5UqP&3O| zUNf`w)W*+vB-N!rgeToyPHK3htRtF^;TqTw+9E~d-o~?ZCAJdBk+FYo+>D%FSHf-v zQ4ThP>K(!^AGUH-pXvRO6Q`xUpUUB~uFz7rWM_SBKIw8gs*>+$k$*a-Yh&_a(zgdk zkUDwZn=?~cdBo`QC^l8$6+^g=Z3}yR=%ve?EN2G>IPv5HM2%4(B^8V7`oxdfm*wZi z4osgQu>33V5viz{VF!_>1H67z3_5x?1Tj}Lm%cinH z!VWU?Pt+)A2&4QFl&Qmxq@qt5n}T64y3_i>>JH640W$yBVV`O(dmANkKoV$G3gBTP zs3HA0z7*bKrJAK_4x-;)z;s}^)YCH{BX6QySklJSS>hE>{QV(big;8dV~F+|Q}n&3 z;xC@m58rRK1W_hm&5wRY1%zKxd7daslcBW9Z<92`XNJ8KHxOuPFgs*0i8H*9+6P!Be3p{FMqPnP7$sY+8 zjDFj3TGQ;{t^4*q;Nq$S^!+m<=qTLC&CP9#_hQi#ew7FDX?@rq$pX8;aiq?GH2dU>U9bjTcR) zDKobz58ds17ol|xoT#7eh^punz3|i?G79z}n zgV$d5o6PF*0Bg@feCZ@}LlVGB5G6mkGQNnkDjhJV2vcc>l-Cp)QYs z_at06{`0`;HreD+bAR*~SIs*sqlz75rHN&V?B&SCPy=>(g@p8VVXe|IZc#h0wPcGA zOclK}5t<+=@)pG#CZALdBl%>((R{H4RmY%aN%z>R8>z81EbcerxiQ%Q0l!Xa=B@SJ zmeQvvbQ;7i94|$s?Ye*$Pn{%)1`hKj&C`MWZ1U^IMtM|>A9^3G{#cH5@(f0NPj&tx zZ?HEf_U8x%u_3{OnRH0e27%wVdrqL`!y|mTLeNzC7S(qQ!ex3WP!l2Qgq}jBqm{IU zj!fe2SWnEqUHfXQ0FSaS5x1{MC(umKj%ijrY{@~cSiBHMp|@L`+;QNdlh&|)9lQUW z(k|}&`^NtDx-^bHfoRX(E$<99KkxwsY>hHFugLVw)+l1HqaUa@ooa+oaJQdIu5!`t z7T3_9hV$l#7wh0pHZ`p5&9P4?0?t>Bf?tJY6){`OrY}L=Nh$x$dw25>Lzd^YioNmt zkMZ8}a5D9aXYJfXesEonwf-lVQ+7_+i|o1udHR&i@%Jxi8QJ$9;F6S8>hgM49H9|s zz*4*hjEu2JWoB|@-v~HJI;T2D45C%mzDa5_52s)AmhRAV%iUw;WR|5D)XM@xDwa#c znmtdX^!~JU1zpQ(s%G!qv~`T@cClZR6I$=llxR2x=!p4& zGc#icgPI>zZ@eWesz^Y@AE~$e8XJ7`em?6;j_q7vz_)Tf{e&5 zJUW+iCX$YjbSIi}xCkms(eB&HbaG83LxnO=Yh?IDdk2G+;lst@S#9Sdppp4s0CiEc z4)1^$to(S|aef4Z#oU`&m-%Ln@}D z`E8$!(D;kGoSmhi*M<4UeEz^0o` zgH~$MQp3L+FIM1fhj+?!djO`>YnbT*B{rp?)+eS{WcRBCM5FHM z;4BE!EkKLuap|9cj48q!`)|n2ELWio!4^aKkZX6~(cppHQ-5j%n)^RKSY^@y_eqj6 zNKw{+iTL^i+x^&aX=_IANVpRbqqO{#eqkE+>K)>}Z1T})y{W8B&$o^JY3Y~yax&Cr zH?BQNB8J!I<7wPKqoY4A9Ck5y?#(jH+1NpZI%$IGJBtteP zhQIdlud(#-$Hm*CJ-4pxDKFOTO!&fr2O`&HyzCtFMSIf!)(>uc<{UdcKHE<;LENaW zR4lUVz~z1ispU}%c$^G57T)ePg9-!e?S0b zgk;<%6ZhmhMbvaK7u>YefX|KkDB&XVM`|Skvyf4Av4#G7hXtrv{6aCe@-3<`sw46_*{ou*fU-{$Tov&8BwZXa>X+!okEUjTr;I3DPK@FQ)i%FpZ!|T z>F#sFx1}CJMUh<{j##0e;W*5u_-07G9q4Viw0=pAaq$F&?kc+q(XW2JGVcHL==|>0 zJA=Xsu0QjMiV@B6{-O%vemlQychzh`d~)tmWdcWh&dr(J0K<>y(XY=<0?kvW9UY#D zLTC*$lg~gw{lg*G95pE2y}-Z5hMk6xHK9YF|E3MyVIzQ8!Ifx9?}SiOMsjEwU zKJ#?y7^F>%{NZ7pwwy3ri(!aqa{pn9xGGFTc`$j_UBVf?=>6c5y&%*>*rW|AoBmYV zQXwVJrPcJCfQV|HCTITN%J2T^&R_g_-(MLj`OR_&9PQ@_Sm_KT|{K zLHfLQUt;{4AG>binGHUgAcS&#ju#d4S~c5 zEfJFpn)qC?JHhLR4_2(@Xd}9zK{WC=$gteDzg23Y)BZq?C$4*46yA#o!kLtwcZ13a z#gCxq9ye9)84Y=mw$}#C{*gx|=~$PW_)5*BwZj1aI$r@th8$`E76=qo9vrm`i2T+m zp*)~dNa=&(Cs2k!`uR#4kK~%jH0HT*Kzh#Br%~yYYp@)t0EMiUic7PRI&Il{rtVYH zpy}1u1!!ZSGuna`mau3P1S)!vUKg21>gx=HpZJIkb$Kb%w80b>(v~R~6^yXU%Io*a$HH!K2rC@!jcrc`JF#7wx>dko^Nms1TK3-Yq9Vh!7!}0ic5M3hkXo6ee zONW#k0-Nnzm*{)okvq+6_xi9BPE12TwwIS>Q|H;iU3oaRvmcZ4Byp*^E z1xKxb&A7G&^I-jDac<}os-&G7J(oD&ugurtGslD5mpWJ|G@C$JB}5aaqhlyipa^;N z{FTz{HnMf4gP2MBTaY5qElow(9TsE@U$Z;WubHIZO?7!j*9-QQm-5j=DzVFWU~lz1}%KiYaaAQ+ra^%^2tV(I!OAbr~|~6 zGTk*r+mnOw$r14KV82dvZ*R&6I}u`@xmR_Uo2Xpg9OsJv{^GEZ|6SprfoWoIhI_jb zF4(PAB@^*}l9ur6v*FUy3P9?V_}yOE=%BI8@t=w&Kn_{fG$Qv36~zGiXUnn|%|(=$padlRi(+ zz(Bb1&QJ~F!z$CA5#;n9SJ`Moo;7l%1)Cdj;nA}5g5@pGLWHrww${z$i%2JIm-T0Z ze2Le*?ILp)b>1!tK_WeB<3q=1Fz$eWrE5?qd}&{uyV0();7BoXE>)+#09 z0iW;IGiY=zUluYgtpUe^sI6-phqUYmQ{}Hmr%C98v}B}aW2so$<6ytvSdoPbmMww!>Kg*?P?l$0p>x6B1g1V$@V%G@j5a9R;b_9d4mm5`6Nf z4bwyP0P+C(LT)OX-Ix0!)CU`;_6#WeTAF1qjXf%aVPm*Qug6;4aKxWqO@1Xp!_7Ig z2)_OWO2xdT7c7{3WRjLJT+x}A(-6(TCX@6r4R}df+ch5*d=3oSbuwEgXBGoId={XE z=|KFv$-V%aIEJtFzv~y&{a8dI7e!I~XFczA!)nbEBSso%3piB_rA#M%v01Erz|@0w4Z9+MjP`ltMVv zLUjx{jRX8o>J7yQZc7Uk`D^hX%J0>ksIX7!um4eG5EN-08vXTW&Qnvx&{I7~j4voS zxxu669-b&9Qt;ZEu!V;2aRhn(GPU{AX^~lcn8gp#N6AN%L3 zCw0y9vbWbdDV^=N$S?iom0!`ekp1ZOqp1Bx+6ij9V&Vzp#q#MNP)L8>mM`nQfqfIN zozsnaC;X?T!AK$Yci2lafA_cfO5Y=74AOQep5%y9`zJqkZ-wM@gB%LadI1GV>W301 z&)Od4J@=_Vz{9vu&?j4NXhUjd*X$mR-g~w1G8_a(Y~0;a?3;1u(Dx)*>a1a<=>L8U zY`=YTjr#-qeAj_nczguGgTL(1@je*&J;c3H_T14D`|3OEd9^_i?!AmP$@^BxHvtFB z>qhw#iL>+eS`ubFQ-PjGacCz4j~Xo()N$uvQRTFx;eIL$FSqj9D!LanDup^jk%bYZ z967i6zTWQn{P=TNz$563GH=!Qbj#DW46B(zAKw19NRQ9MDynP#$4nZfH-@f@0bh3a3e?55_pq|~V7nk9gQ$V+*McBe0z5|--|NsBGF0Q>2*|NzjBJAJC4Wzc&%{my?yF!%gGJCf6&U zq0bV3^g-XIzb7YN@QDma!+0cWTCl?>y<>8<&PZHsNOO@Yoc|2^tPcU&i#$nVfQpLC z<&IAS5;AOGIx&k;*x{$+{oEdunwu{c#AF?!CEfYd3; zH`btAX4@L3{!U^fLftCq8jr>YCltk%bTf49hwTySA(K1(x>b2KaoV)lz}*!^kIJX8 zW$|p!v7+0{a6YcZil5o=?Jk6bA+AbpER6%&G5nhRs~-s>cn7MiM7iVH*Quzk37_vJ z+1z68zVBfhPRK;$NlVULFi%Vsc9>|z1GP(0Y4!ii)(m`~T`z?`QGov9v%2S1v zJvpqk@~I&yudUk;s;>L9cjDt6jcxA@TiRreFL~bRUg4Ehg@00q2~d8{mT*A8VlM2D zrtI8kIppT%CZ?-3Tpmri8d(k65@Q%ZEO0t7nHcJBeGdDA726kYl=6P#?lIGy*dC0X zjy!zeTKsT9zb#2s5*@q&Ax;4#U*z6Lc4H~S#ksC@BRp8-mmO8SBN5;3O;8{e3jmfD z-qM!iI*9DZZCk`_+#oPd(pdNpO>-bH)24*I`Lp5o~v*^;FEZ1QeC^ zp2XKa5E^vuM}NCw^kVe>+MuQLrietE>n&!MqzjiL97+7GX-7)lSt=$T{ZL5~f8Ic+ zJNucOiL>Y(=l5&9%$XbSGMn38P~7bDt9@~}yr{K&bXeHXy+<^`sPssWOZa)kFIvGE zqO~Fkh!wX-tQJkIp*t|OaqAPi?ng3EdeQt!TX9*)1?bNc} z2h0OyCAY5wqUWzulx`KOG9WAz6V;JtHfC%bd`s|mrl?hCWDlA_z@p(59}Z$^c=yb- zV>H)%lCbTJ)X~lDP$8nW47UZwBrnAqTVD=bi67ssn_V8{_5}Ik!`hFYd1ZBuvX9I_ zGNe%d{izS{F%uWH*`0#B3SdR_DynHm9pYRySsN zJN&7+nxnYCo!Uo4DDSaOhAF=>ic zIRD~)9otc!;kfnwt%rpiZX{MuYKfdjRv7}lSsfY@#ytv0xr4CVa_hKnPZPY+bu3J_(b7#^mlu}T_h?0? ztwh|?53f_oXJtBGLvOTN2NVYoYvO=p;s(;**XHh%ie;)rN|_(SBA%`#i;G>K9mRV+ zpNLbdg7oyYYw%A@ZZQ%Pxm>t|li>ho-;!(ZH*HeaxN zAnfq?AkNwPJf_08HaTpi`dclb)^Y;n9pc{@$s^XyYx6zLhG z+(^T^8wq0^txr9JVeCVBtKY6tgP{KQm6zdiy%??p!Z8u;TCz`UkMR=SCrv*-++tJ$ zUHcdeucsUmOWs(D62R8DC{=#X(~)<3V!?=j0r8i@0^p57sdzLf@RN{t1fAEI4(e3{ za4+`L&kt8Nf);SeUIPgJ3fCnLK0b9&RLu^esarUCb8tfUAXorE?5VKb4>cDBV9+i< zj;ai7ZLsAF(Y$;6pB!}#geDaW2gMeKg4=kE$=C$a?x+f6J!>_$kP8yKmvNi*h-8g8 zP}BOG!N|{IO1~?vQiTnXzwULk#;l6p=Q#MT%k){7HKZdY@5W#O$csuEmuBw-O0s4I zmfp+s{#tzQAXG>_^P83sOwIF?nS-z5VqoXJFBu#t|Y+%?Vc8R4^bRprjpbAhDKbdFw#JS$vzE%EWO#okc46Nt?A zY?oOjQ+{wz^PVJa+L>Ws!dv^**ub)|^6ti#C6QY@(AUTXPXh8@-k+cwT+eRgCOUlV zY5GE6%cnQV-7t!noQ9W|ea3LSYfv@22kNKF60J>e6o26^R0XJoRi$?OFW1wLjZIAA zo4L-!&j!IB@EMGWM2m!vrcWc5D?}E~1oY&sxHC=2D0v|atttG16Yjwtt`DlPy5r&? z@_zz^BoPDC`F>hHB5QMkW(niwX4>+n2d(H0*0wd>y z?(H4TiSu}`7X4Dvx5A~BKDfh?Wtwvu8&$ds~t|* z14F3l3j^WMdBQ>!K@QsM1*Rqhi}^`BjrHDh@cvQ`CZaZjPL{i1+? za854Fei&DaOCJ2Aj5&uvm-}wx^BqorP?6p#5 z#K(k>bG2TZ-ODJO`(qBDYK>Jieh@4FLoBBi9c~E%&+jew(2hQ7+i04u}ZRh=(e2O z(gQ{$l3HS(x2`?fn6<^5@Xx&2pQ7J8m4=->u3szpO630aCdCcf$SpogWKq# z))a_7Wj&gGNo6$czH6b!*58#GdQ|e(*`yS0QWyOr9kMwv8*Oi?K z!jNvJN(3IN{F>J_r(ZZ@p7OQ(wN{@i1yaE`;pOf(t*EV;#D*Le0K8t3d+z=;j6b)z zuG%)Qr}#=LhJWg>4%6ZcmUG=JqeiXXlFgN#MLfPP@2ar1F!;Np+Q z_a>YG&sc1qp7UoH1M_XeTi!p$Wkv?2%rTZ<(v>71H3lguofmF&_|>2#x2%KUkXG5+m& z_JTgMyz9szrXZ_GQgYv(ABE$c#6s3RzIz&RYHEfFAXd)#E7pKp8P~nYgEWWP#=*!Q&y@W`m zCm~TUqPc8%4`PB?dc|&o=w=#7r3cs~ZQI~89!`=Au&vk`#ZH8s|B@Wdz8^@|(_uO+ z>CA}3^sMT=slb!c5kALg?ws1?XRibv3!K;e+5RFkq4)XBW@gfadbG?moc|uMGK8uU@|l{eU({XOtQm*R@=NAPcxq@md*mVi_Li-l^;l299!G< zaDihZh(*u*{6HI$uTkSlZ2r#9*_P*ub~)O`*?JCpIO3+Na_+4`VJmaKxSZK$a;kFn zG4?_EHigBJha|6P6nFwETc=x?R?4HVk@}v73-)&LAs)wc5zs{|huy=axc2nzsKc*& zG}COU6E&UL*NGim+!&et+>;OYSExL`p23?b$jqd9tB`spI_iSr(cIUkKlEWe#O5Fi zYW=lTUl*kfz%BGic(R!k1dZe~-q_mW=9FI|IA0<>%DOzubSdL((N?G%RicRx-#IrL zx5d@g=YHort^DbjWUM3f6om^bY^SDe28ljYBXh2|Wb)T9>ndr+$#}_+!J4s&aRlzC z?~AW`pZI*bHRGtSchmGviFSe<+a`t!j3xH1WDZJ1;sWiP zM99I-ZF~9Py;X`3sqOW66b}~L6+!RUitY!fqm0I&=)IV|(O1Iv7_ueR1+;7lF};UI zV$>2N;PM9q_}}2HhUXot9B3}$0mV)XKXnw2o3_&t9wJ16iHo!m!D_9M1hq^eA7`ZRInMei&5ECi~$~?#eU1 z##6o=xAoYHbtotx@ZMdj2Z=(X8V^=tHzF}Y)WQR6uNkZ52w-8yMH?4Q1qkIyk@lEt zJKNI?YNNo*gFgXLaMYzM%a0N8FjQ(V_Tp)37-k*Y*nF1(1FOg#A|s5U#);VtS|wM+ zT+3$wJ#aNR(-r7{ow~uud9AJ*ua2+$IiA|49sCQ9Q97KMToXNqI@;x0a%cU9zSYN8U{^i^fm}P;|XFd6l_eH6L$7(`numb=Ln> zesaZRHM&s~Q_fZhV@>PZRrbUr!oTU%TwhD_d4Za~yYb5#s<41Jna&*6iJZ zVXp5;(2(ZS5@C;=i04mG`$4Tf@=c>m1PVii4n2gx7M(O1&?8?}0T4E!Za24v-JY5GbI{L%#|{|n0mJ0T z$*_XF!;F7&@*Gw3LHbaQNc1ljT3T)pUSAKD>AVd2JxBxuIW>N&oPY|c4H^w^mAaM* zrn&}enjDmZwvfZv9vJ+md-)kE9x=H7CzjCEkVcv9A>DfmyOUpldS3f}&}Wr1CwIT= z>h2@&kbuX5Y8%gr`3C;f0vN?UetvZ1`F=AA%z3GO6>l2#`MjlC4*)pqAO9RWR9!LY z_mpM(q!V(m&AG`Q$(N7O-@an%Y79h9z-k>rfs_`Ekub{+o*650Uz^5AY4{P4l@eaYg463JbAS?8cK*pF0OQ&oA#b-*%e}ZB{;O7A+!b2pz`_|3}$hZ4#x;Fh#pbGU`28J5Z0tn z#TAI4)mT}f!qCP$)34Q7g^>vVofR(~{Z}2-$D=0hIKXWfyfxJRT2{LIhQ`)n`c z*Q2*DI)aHUr?~bcLc?QxnI2b!;aJCwC|6xT)+x(lxoWlYJ~ooGA3@z7qC+(+yFp`%xSj z7E(&sYgG)wEu*yLPi0R+^X^YEGTf?#2Jd5Vskzl-ZS!JRUtgJCr8QHVI%B2Q8o_32 z97KKc(K0S!+um~paqU7YM6lN%&>*|>vr=qw6p3xzQtg#Hfz+ziKv3xi-`_*M)C7ez zGNCUMCTil#oS{y^70`3K;{7@)61q+Jb4Xsv4i^q2{$bJgvs3C&mO(g}-?tYe}FenH) z`gVFLCJ&^z4XuOYwyj>HS(D3VJ=ZfTlV^)I2q6+!HGyy4Y2dK!;k%q7rU5cAQ6Z!Z z&A!|zG5wV68O`~(suwQGfL;;+>3tTnh@KVQ6MCoF$MliEJ)Vo~*agkJ{K6TUh9v-g zR^D?HbfF*^eG_ZWqh^ z4t6}Q3=|or4@eO{El;qpZPEM+t*_zaR9FpsV;^)+8C3me255ZLKr7G(oV>d_prtoo zE+#|A=9dVLZA=!e<@$i;(9Eb(Vl$tff4khJf{Vi-D#$A3ZXXZqJ{ZnB zc)s0p%OhwWTYq68hx3T^lf+B0_hIe^5R0eA5VFExyJ=RY$(d=Mhh#Z`N+ce`}~ zYuRvm-qCSo{FUy4US!$M#jJ!Etha0inKnr1FT9Q6b$A4w1X2g=kN@Ua`F$!R3X;jI z+U1h1sr%?BQ5Q|MPuWFZ)v#;Of9*~dgr$sQlM9b~^Tv{zS$T;EJ7 zv3}!KC97Pgpm^b1N?J``O7hB{>e{GVM_@A8xR~?42YfIap!}9g?o)}GV@eRnry;j# zFix`cg2yAPpi==4ii?QW4o-!j4oaJ$qW-6k`|P18G;QWKt8*hdWt7Uq`cs$_n_Ya}q zf=G^B3eP$s!g;Y?PQDPVAf+R8^d6L$;BV!wo*saI*PVP9AjnE!Q&0lp@^LXVb%{-@ zp}pmleHIYH>@>9dI1MYTtvTJ-yLYP3SW?K-!~G%(kx*73M_~+XTfc8hgKJdf2Q9KCh8gR!|6- zKJ=fZkD0$J15Dr7&m2Xd^I4ULmu$LR_FfQZI|v7v#Dduw_2n9DAt{DDna1P3&Ocv(C-{pI?;s8a;h=poz432S6sgTvKocK zds(M780VP0M-_~-_Wm(fs3Ja));7mR9qrCifxJ||=y}c)`EdR0kKzq$!QbS2vIy|k zAqAY}_6*FHXj_IoR9o54oPABs^1Skzx$R=T!>5xia`Fq;X#aI#8>;1*9PH5YJtiU~a zHyNOTtPl!d>4>}J`YikY%R$(SDvwS^`vJHO3Yhs1m=ZZXhoo_dTBiLl9gJdX+i#Hj zm^n}Gj)w`7S3&$%z>ZjjgI_VlH1b01!Ws-QPtxa-|L7&lJ>5<6B~oNIr_0>m!tg%;BF^_Wd6|6T@)aeGpHFVa2v_ghDGSAp@TNM z`I{A0mEYV#W~o%*3>;}DQht!u`{(iRtyDszDYu_HsX(7Vx`6vV+ztQ{|CNC*=imRd8jKkh^vKGJ z0$`R@RHwOawIyoIRC-WJJmkZLNyD2y{d+E-lxnLj3j3+`)#p|v1xv52jdGqP17FQU z4iTmQrM}}bb}WQ#QPWQDhfZ!2bfp}4k-+<>giS3tzp@6+#98%c#A!Go6ivGSm85Cl z!{xdcV$ore&K#~^kXfR32@TF`|J)aJ2i9;x{x9O*srJ{7?VMr3dMu`zbOUON ztnAb1F_!hTWgbF?V3*N?&37_R>@mK7V=ZRPL3LuoT$n#Ker}!$WXJnUrF~)x&Fe@C z-}3tcsd;B-PPab6Cy5uH1e}oP-@kzJTV^vSoLMbw$_PM-|7)?02>~6T`G(>2dz!GUb0jXHm|6$&^R6EO6#VM3`=C zG?w4dxI@@}%y*wOYVG4Izw1c~`&0&$-sdj?$XQ7eS`z@7HrRE9*p$??c1RLh33dK} zov6#4woQNjD+s?turyS}wl_D@z|=!|V#4rY8>cWtRjj`2fRbte5idZnBdB@GRFvT( zJIV9lS{{D1=k078wBQ~itAGKCQJ^+giEsw*G@yCZ0k+LW$>ZUSr_^iXk_92D)BgGj zRd4Qd3lP69U{}c}g{=^SuhFJT0F&xDxVW0ZXr8k)e0n@_pFo~0)2d_gFs1LEF*j&7 z=Xdo20bmPICbQlywbBSWaVcWF%55P2S>=aV>Sx*9ABXmYIuNG-bO_GFq#;dNNO%!J zETk=tusd@mYHubnO2o57$;9>f5xtZX2QI7`UkHbEk&H+RNIhrs!$Vg>;>SUq2Tb zJw+R80miM0+7Df1n&dMy2V+Z|x|C_>`=N1Rfuszl7t6}g$D08e&feItIkrDca?C1V zPMXCo@XY?{9f~+{VE>0s;48y{JD%(BO%6YPK)Go>aRfk9e;FHGV7L)sb2S2z8Z)_9 zq5@*(qFJenyqBzc-%Wbqu_FR^vIlKk>EuXtA{pguK7@^At3zuj8Z1d(NSMj}`^{+8W{>LgY z6zb>Th6KYMljX!eUh+T7{dA?4Z%@nkgKo8H%Gq15*v>7n4E3FT>#DUT_x4$0BBY2# z;PkM3FsY&A1t*Phi3J{vMT+GkFbBtE;Ndb`31FO=V$0TpA0L|TuhnR!$X==j6I4Xq zmWOULJ^GpTW(suE_lkhx?}+~Xe)wcKvkV^qbLs3GrkSVA)dtXba2g_t#(e9pvp1@} z%Fo>>%s`=Vdj$khpFEW$0Ui?Y54i!$e)3oz68jHPlyRWCAZ3T7f+xrH5mRvtaY66L z2;fwhtn27b*OoaR+f#o9ahBcT*uCQuQb%Z)uuSjYBBm8Qh1?Un_dQ}1jU6sH8*)*| zw9?S$@RtE8N!h`AOD4bwaRQCnP3kx`~`(y2Jr8Kyu8mi0IESOt)g&bMPh25y!}te#C+iVPPa5OT~Q| z07eH)qvy}kee(;ATp2)Gz)YK(E!YGG9%mjXh`Nir_O_e zJn|5)=vO`woN_{-obqHpFhW%3FpN+#kvFi~d3bSx_b6H-GsDmALDT!lSY*!u&<>j5 zRh~q0PtXB6^;BY{bCkV8?$RYAz*w)-F8#o(mBk)7&v$2r60HO9v%WsT%2kE=-gk+1 zV3J&e?BV7&dJ6|&uC=^$8{q{g9en|&HN4+rEUWGCFK3}=1F}2*q{YR z=@o~eJS^q3YDy};92F5I05u(`1%uhSv3K=W@VjdilREaa8lW>jF@eJ|0x~AumaP#< zR}wRBx5VWF903E26qhfC4Wn}inzm=0=K1cYX zAw9AZSsWgMg9TBhqg^mcuiMTmW?r=(7Q92T!8Y}I)zjkWb3~+^RXbx-dwblst5R3Y z6g4nFXqLl_7wFBr)*gq^i74cd&_QE)GC*qVr|!x~)ih|3>?x(9qWbW(7L;nw(-EUr z%^>!lIVd}Jqd>F^D62KSxnrjPEB<3de}m|F6$=iq{o_w@C}VYGaj*V$fVG|AC1E6& z6JST>fo)VhdMzk0crxCA51&e9Av6>%AKY~Gukqt(_(dp ze46BeHpMUmQ7y#V0HCHT7b1Xp^anZ= zKL$vEi(kAehTqfRL2yy`*)gJ62-@^K=zy4&r+|HBr~qw97F}t|g?0m?Hs9YyE)JGz z<(vr!3R;K&uw>R0umk^Fc@PLBz}Vv~6N0-PA7Liskny6XV@_1<@4sWV5C+KyWvS_f zU%XVO>Fc_Ws$I1=gZ}OVJDeK<^V)v--K?xLUGn1bXx8Q^So5r+dyu@B>SZh#VW4hd zk@1-nfx|j@gvRctxPZxzP-wzH<34K61=t_F+T_5{&zox1oz#G@&*a)LWE3`*)X?Df97RdUjn3PHro4z||e{On@pP)lx|a885l0 zU2>UA<(CBr2*BJ5rq=IhYl{Wr%jXvw`&q>85-j%sRK)DF0-iPUS4?NCMJz_s)nNf{ zwo*6<9O>0s+-FpWbXZ{e-eau=CI}~xl@v-CaYSRk1VH(=GN}Nam&ZyCGz{>8E>`co zP2Mp#b@h-W@2!D#FdH*_C%noVAk19CUnsR3&_OGY`4Xz282rGn?YAWJ&b-GapYCrL z@>1RedNR4*9;CBVlFtvHMC~A_1M)j2klLHGhrgczzmp4&2ZtGz#DM--5J=FZ#dvb! z$g$-EkkBQ!@b!JJ&}!knQ7}1Ipgg?wI6dFI%04K|%X@iZV&a3HkD;NVuPWsQ&^}UG zbAM30tr84_>#_4W_-RKmaqUd)J$G4vP?T+u=Tmp^p5l)8B=rnR_!Cgl%>N!dZg7>&(YPc|=U%SM3hE`TW+`Xc*v_`uUXKHr4mB*9I&_?UJdwQ!XkN!B=iVXSKN=S3S(F2He%w|{ zh3x+o#becHhpOU{{mfF#(u!-N8YoH9V{1$lBr-u$i!KGBO-Iu$VvNpA+x)-sP8|$G z!s-OHWc~Z1S}g(6P#Hbj{ky~g*Gh>N4ib3S+Dlr?(0q!ENNZRv0n0^k26`IK>w%=i z&)S^h|FQ(Q@P%Nz$C5bR{u@2ihu1#=8Sst@1$ZVj(RjXKx)u62?H33-nDz@7Nr`{& z^*M-bnQM*g8-SXeKFq z5R@bX8qMR(Z^rG{(dC4Ywm`f{;u8_<$TJRPHve+BUlh2#RB2cHFzuy87v?|P9C)eNYp`i z$Xiyd^taCjH`7=+D87SGAi=LS=MC^vI0`6S*w?4gAp*vtFjiE1%;5hB(>IkZB3}WZ zCvar+8O9sG-dUldB>1b@p$pUi6=sKp@-*KdH!Vw(afzv;7!}eKY@7e~A{aEs>RWrZ z768GV9Q)rTjVVDJ%l~)tz{S-N)YmTQHl6Lei3PV)Ao@=k`k}%X5V#YNQ}5`%W0t9t zV3*uqrRjA=)=6`D$2^o|!PFSkgYid;fdk&5#?fkC*!@;L#}6Ggf*pq%MsXaRNERqy zS1rUt37aC8pa0ntkhlYmDi$VVXdn8&*VIE{0TXWVE3q`j-!h!s-{$^!!4-`!7XQk` zHoiBCTjoKH&BD|+ld8pxz`N;#xE`%X)lr&bf~6p4Odqy;`QCNH_~LLkfhHYhxgxId z{7tk?)rIi9b1lr$!;`bSU{%sM04fkqn%F)9`cXIrWvUakI6rDuXZ#@|>7^9sQ9UhZ znn?w$|4ivWE*=NPB6ME+q+=i-`e(JZxbRR3rkKPx52Dh`OW<0&AFaLCLKiHC+u7GA zI(6?l#2Ya$_Dd}-ACC}xD~YjbZ%y^`89CEBV<4r$;(#rN4~yyZbujst0P{eyXhke0DfrLAz0NO+`==IQ-9TcFi=i(pCb1)%KLs0?k#=bjEm0arY!s`d@9j8s-!;-S+9&$m z<>x=${C`pwE{t7kx)jGP5?ePl8F@d$v^ZEtN?NNt^X{~Ii>m(R#7AB0!*kCvXW}1D zD5IHT7Dfi%3jMlothk%1BX9Va0_y2yp6|=hJQzC*ans2|TmMhI$Y@XQ(W-gVaIwY& zmzH48bUE37B?OdJ&Gd_nK1qKZ)44h2#W>sO-bwW7&8(I0JSvu>1EzfX$jBt=iVsZK zBF6Ui9@Di4H~Z?i#j9`IW=mI?2XU~-a!HX}($4ED8NT&$H8!5_&QQ_kfChCK=5jRre&P_o{{8D)q9~v=o>EZTyMONDGGS%0OStq=PtA`Y z=FGYDvwRm{f80+OSl@k-p>Vz@9{ZB-f#9$J!?p!7V9S*>ZF+>59<&%=<1UMO@tohe zkFzCmQCe~%CcFE+&xe43nAS;Iq1;%~if>x(WmkKU<(0ZgNnITJ-k*FzL=hARaSlrS zc$=5ry@>m={aw9IfQ?h*k><_x>!;NDKBhmaT^x;`-hWD9G2MGXH8C*1lVaD+N$W<@ zVSaju|3)&!m#%b=+z$^Z*x&tBv58Q<6=z%20?LyC5WL1E@vtuQ$E*3BaK%yMYJ+N{ z_;Z8NMH%;|L!7p3u1{AJGpPTf%HNEUX*fYwhPDMGg}4AS-*Y(*iw_n@cfRF;LgG^4 zP9OpJciTWzhY_5NXQO&rv@NpvJJ4kf3n77kmE_ zn>*|}DQlSLZO-wnhGm!XxyQv$yYp-7&0=rnozTmdD_oFz_-<-uU^;3`Ec2>efV9km3iF|MUaOBo z6H#qJ7T;BkU6}8D+>&9MiZP1)m1%(Pf9HIO!4Ea^@l~c)Nw7n?<8es&*o;A{!I7|w z($23z+`O0wb&?*6;BLDDrN~Ym7&KMB(DQR!0kKq|KDdQc`~R57tYw6YvMze<3He5k zZ&^H@G;muSYN~09JABTkHtM2pVq;hpb#U1>=K&s&Oz-oN$VRN>XN^`H5Z11l1h`|)0-YZ#*TbU|w#1D9t8 z^5viJ)XeQuG_xhpT1M9lunGCp=mw_TFi5Vhyz%PJqHAPwM{d`-M;~x^9_bNenF%QL zaxlgn2{GlF=WngOuP-6Wzj~9(-rc9mj9~hsn|SlmY)`!7;fuK#TG<+X0C!`HXa1GF zaU#X)k@Z4=@#yHHL#A8K&-JOhZ5fVF)$5a;hxg+a_Kj1P*kV6pZ5PbFdDd1%=GUk0 z1$D|zzSgHdC31J1%wxRb~9vb&tumiISz zZstGgIqQ;_Q^J&|pl#Ue?Z~KJN4jxl?Z`Kjq2=v?E4~R=ZX8f8&3ABLG&dfoBQ2Lk zbbaD$wk)kZ{oR5}yW_9DgY}Tb*-K72P%<`b-Ot_UYYp4MZl9OoxRmCw#v+fmN*-8* zdV&q1QD79H(#-LDQ#~S>Comvz_@ghT^!+HfyF5<;WVH z{k0-(Klb!G+5k4YGeIxV^q|#9ruNdA!tThI_Frr&gEaR--@K2uF-Xa#!QZRQ*H>Ol zZp*nhh=bs!v%PsPw(JuyWg$jW5=$c*wue!)TD&N2B*< zi*vd1Zhlk9)+dXWk{dc}b`+DqBiizvfFl1w^T8@u!ZrFR_`8#@28;Xed zm4^eHY|wCTiHoXukOIX}Liru|{+ISk;9NGG)Cy0cgBNXXs-Som~>6U ze(r{WQEygm)sh=iYg|4NTX(g5SV;5hMX7+prD)<6#k=bDi8==hZka9F_p_)>+4Kah zO-$$w`AA5-H?(N-*}AnV)1KS)#|mzHt(WQ}Q7DClN7r7w3b)&wmne?fFh1(DgdM#g z!ZAtw+Po+gZe=fXUQXWBv{K{irVWSNwmmCp1LKNEc=vAp1FSS_1sPN9>0yD)K|EpZRGUDLzE#J6+B6r5(#FPCesX4~( zAnd~HvjFbC_oDgSu>~1Jg=4G|2!ZKZv?dF5`4ea?FAq~m*y!-S`}#Wv@Z0A}g(^@y zWd8Ml)ctFHHyM{EpOGA-wZ`x>`vWu6m6f4xLhl84~dTvz)D>YtXvDiCuptAEJl%_ot9nO zEV1K9SG(V;WL)rcc>L_pL5V@KR9P&KZ8L!3v~mQlA5-pqeAeca?V*)tW5hYmklI_x z8+s!o;JNBz!)$g#(97qYomNwnCy@3Mo4M%%l;(-schyF-7N)GZ=&vOU$Y3WY4C5Fm61m8)C9g5L!sM zV)WEF6D}jV7->VUA@|}94Q%F}R%E)Qc=_8aq-O?ll3na?Dw`hoywTkEiEpi{sQU1Z zMSyFAxnrE}N&J`Bjn2m*qydaC#VCn?B6GL#)*{D42JcUr`&ky7+U=N^Pm% z;cov?f!X&wGSWL!8-s)D)2oy6cwZf8T{A3N!e~5;b>u7dx(ZjTpCy}57*efX22|<2 zZa8;RXME{*><5&`&?B_7j3t2ocj=+vzjlT;Bwb9A|41C)LXL=NtN0L_tGQ3)+)N7N zR#(22s6;L&jI7eZUNQT*3};iWKX8gWceIdd*MDfnh4rQt*Ta#XZWN&@x}smRF@;nQ z4kzr(biAz_g%7`k&NRk-B+X;n;}vBtLbmh6{DRtqEN^i6BtKXwugTtBpu zt5C@yPK~Wg68A5_zq#`89eroo z)fj%aU0K2%X~;!DE4du|@#;@80%F&7m_3w0waqti7>GBB!cxCmJKz3yTc|;{U^erA zu@#V*r3K}|jYY&%Q`7YoAui=s8`M~F8gUNGN?Gt7sDA5AHx9v-e?L2GZk(oeaCJMVutx8 zKxA}`3C>^oT75l|k@VR}imTqE3pspD4E63-PVFaAISQA5>lF`!K)qrl|37{zkZ#T4 zu);Pulb1Z`rM8I8^m3!0)!zPeyK+}d1jEJz z<01CrbA5t{uc24SlITI)8L`d25MTvvi3bM%7| z@AogEAWJjSaD6@E*VZ7=T?b&<-&8^cU|G;@U%NhdC0$(MiFYbN zep6MNOcp874`+n?SDBrkrM(TKhs9y*U99GYI zB0~+0>r|-P&R3eSF-7n-=Ip7Dv1aFq3O3wN9|>oOy}(Ow;3`E(kcTM*>EmQ5{|>p3 zaf7n8@nA_%EcMT?K-U;!>bL$?$;NrnpHAfXceUE6=TA0OSsoXc(Q#hB9PBksv$MTy zGU>ett$6^Uv}0DxO*+bLF+Np(HpVFTr{RY*Dq^ z4-n!1H+1~JI1u!GKM}1qHWx+g8K+nu=vr{x7PoWw6>)|IEDRT%TaCMJNcL7Z*@kMt zK*+b}%Bv!0C>WN*gYxc&HyyGw(cuLBPHy-TgUH;5&40L>4zACy_xQ2$2uv6zOi%i= z$07#Xa*}BHBRNUg&6_$@XSy>RO^VeAju;Zf(ht#}Bi8My9E{;cJJ=(`)Ao!MPfoXa zMMmm|1$+RAQK!@IyTg|0n4dm5JUit2l;kAzTw4XCid){{?GOLnUMxjt8v3>hP8`~e z-i$>yC;Qx`4&H9BzUGow{$I;k=V7uiYvHk9@>btD#p>4q$&7Xn=ZQP>CYgb zfZ7V7$v=IHhZfU$=6nKdO!x<50^(*U28qq{iS-k|byVi2Npjm5!Lxuyo3R^-Z^%Eo zDiWf8ZjOp3ED>KR?S5H}tpKL$g!J6c0g=sIQG64iJp7?WcR^58mRwPK^Q5Hq_~kNc z91TmZ?%7sfhz^^Ye$(O7RSol8u*VNM%!Lj{(Ra@UJ|wJHm3uwWU{*xQG!xG9?CvXP z3koM<4aXaUmI;!V@TDKWe-<%t%&}^zj5rH%c==q*7{|Sz^iA3ad6bk=f0qF+%0R^N z=zSq|*s*B&Edfx}!f!Iizmz!&@9eNTOsOfIGekinO_|kLr|l?B2V%l{JiiI2dOKT> zV_hsoMn-oTysqFgYVg;NOxckvF@{hT(WDCzHcTBwGOPJ(oYX=)(EEN_%0HKq@mhBR z9Yoo46;zzsNPT|tuhjXeh(e$x6}yN~gZp{IXqD?%J4b3{l|23vUc5to7(9JA^y+_;efT1Krm$b`6!R^6HUm#Arx)?HY`N50v)YOOq9 ze(aEZu$~E}G*NJDyDK2_N~lI@9FlKi?(l~Nea>DNl1}O{YH0`|X<2m}FE=w25|{`Q zre*}pV2J0d68sk{YaMpt3h&Nue)9xF{DAmU--+*#9eIf#-G!kl!eg%pnjFiLwv%?i zm)H!~I~*(~dE1a%`S^FdyB$<;cc}hb^ilhgu-|we&7AUH3HxyWe5a%+1@*p4>K!Fk zWwhIf`PZv(do|R+0;he@t?%r@Vabz${N{}(ciPTs-qfnJmmXecbTh15_YFmnWBU2m z(~RI{DDLwytBqqhZ*jg^ygmX5+y&DHGWSmZwG(2hNIdkNjJYE3eKDrEVczqHfR zO<@0FY^n2G`JKJUIOliqQ^c-GXbi>B^230U7R*46Rw zEO&3`kV}Ef)%{E%o;o6i@7Bfm!5H~JObae9kox{q!rr)Z=f?Et zg~7TT;64{2>uT~uzG@r8;|{zm1WiIJwd9l=zh?>K6MQ?WDOv3gN8AiRH4mJvEabhx zBu9H@B8VXGUJwJmQeB@*^$-hY^F|pPp|6ih0RCR8@dB&nBCRiA?D5IrEHzoBS^VSrh^yS@O)ZKi zB8}CphcBQ#;S&P(W(Cg8;k!o}aqq}L;*Ghg!fE`6cF*?n!s=HAZ%qfF&+Hz)tQjxO zy?rXqh+@jNZt95Ax=$3gaDHHTd#XQ~h4Ouszquw|-?h7<$PV-;~!X-e=`JKgR;)HPL30|QQ?h0C`yqL6%5dMZ5#l%)&=Lhi$X~*wJM&5FQ zIsARu-R6jpVGFGh+NLa-%d{$M*c;bL;HjG)aeE7EXT^A(6THNayvl0_&L-g9;p6#} z5o7gK49l#T(y4sk?@Z)}8Gg9|D$I2X{<8x?aYU!mloQGX1zslENSkcz_!(l&+KmgF z_rMuK+UqR>;0}Jgu0L7;W?f(e*YHzVuir(yET~05W17j+0oM@u*C$4~{hDG5Vsgv& zF`g0}T zT509E>E#Xa2&*(b;8anP#et;4Y!SKekbK^p5-+(!Z%y<1uuuF@vyXPy`W-lR#FZ+3Hda2;JO*G-VZ_F0 z&(VC?I<7!~vhXiqj4mOiFiGc5RfO3MU>LzTN@IYdb)t-XQ3Yy23R-FTyvXsR??L?> zFw&gs5SN$xGYP(^dd=rDP!e!0ZautwO7`$)d7d~tyTh=P9E`>bmy4@=3Rz`aQjYQe?%n3#u^ruHe9I_}s+wu%Z!*ISqU z7b~QJ2@++?H0vWUVFO^S_uvcHD)3CrRDt-v-?8f6d9e0!#3TPdf`(Kgc_{%~mI|xN zHQ;^HdQ1q`%PqVj0MBHipHvh(!=WPhI&6{Xc7BRyb?7&9_~ICX&V)TIo`t9#70dLm z3E6^DAUTg{NzTl7o-)#;*L;Z`pdYOlV}e2?g~4zG&*Ak0zmJ5I&el0(WZG!Wt*85! zEG3xu$M%@!6{d!(Gw=>u%`raWCl*Pp0S{f@DDfy! zXl)Saqf2zky#Ar&&C961oqR8m1%YzgAyqWYKCMCT=t=L9VN z{y?Qza0kZ)24v3Ac+&a56@gNc6GEF5PfUf(rgxVZqIb}fH%URT;rJm!gBz@9DO=v) z{khbI4kj|;Zf|-7=n+*b{%HZuJuwOf1?Y>{WdFhYo^ZGg1c-;zLnTxhnP6tq_|fe| zjVC&Y+uy{epnPOWx8zrDNa}rAF`?jN$S(A$`ud_qXQNfW8+g>3(H>oMWLhCrgBjJ8NfuW$aFsxQ1}`4;HLRHp^_J4A$aV|P(=nb+hlN}Z5@N^zPB<`tI?n?p1Rhmt-+ zqE3U^CK9iI;b*gLmbm2gO^mp>-O>tP-now*MCbX=^J0g&75whO%d-u=(ZKNSG|@4f zx1(QzMs0qvW%kn#yo?Ts^2nUTS>3HnGnQWFV7il+3XS$?o*jx0bh_2(Y3^`#=mpOE zxTx5nm%pJA#0Ocn^FhGum&N2i6b#+odNeLTqr?bvN@O(1tQt5})};E8pWg3}N{|`{ z%ditX#%24(wx51KmOkq#4Eq~L8hFW@iHd+yP~%e~wnmgf9@I9pHxX{aJnqm@DS^q7 zx(93{XP8U!Lt6?vEwa+)kXozXUb;rFTrHR%MC^ozVE?c?Ka^Wqb1ZW27gy%8V$5c3ve-Uy%zz4-g85VqbtVs^a*Ah|gqvxuv-N1>)s8 z*vbonq5y{faLfc{QpJOqL@|XkH zo0tZ8s~t|q$@t*~0^nnc>l3Qip+8mG`S zLB`QXi=awcLQA{^2a=iT>3Ye?v09$wK)oGHjptMM%A9y9wbwh}zY0n=2PdzqbBNP6kg~am|9k-DF zUzD1s{C^NIeh(bm{Y-z@+h^d|ijPDG>g>F?c%1p$b8g=K%l5b$74%_%_Rv)*U=B>I ziYcVFwIQFb@!I$pT&Ycb3R?=&PqrZgq%wzD7-CS0p-MbQgl3bJ>2ZsHDt4X-_J$u+ zz07b1LQAslM}lIMj=1oC*GUcydz6B3#5M4A)6J)OoB-s5SS4SJ58)a9?oWJqYrafyt^$IYbpaBp`Oe@X684QS7Xv zgyBKJUe@7pmi-8zHQVLP*0TSwH&_IpLK z-<7+myv~NTh98L;OY+cu%84Ke-+Oc;pXZ_0=C4H{B+Xw%r=jFi*IrYSiZb&+&W3NK z*IaVk3V5SHHftrfgH~D-+PX(y1JWyHNlR7FRS_J+P++D0J>Y4(m&dm%A{Y*lg&xrODst0-w-Cgb zrHyCB`I%OU^VL)1s~;kpQ4h8e^#VuLQg-U?qR#w^?Va6LCv%B%r;0XAlG7c(4r9P) z6r=WJgLvYI-v!u}!l3n>STfEdFAsndn#=#ob*S^De|)bvf{Py^@$S*x?~EKY(m#0L z<;)!*F&>&0pzxE?dX247!iY_Y#2FR?KBNRJVGJ}EDHb|IQd z88`#}8;j^i7~|~?-Z!L4l-r2Aj_5~RBN@RtYQKT?^ns!V?D zWFY#T@*CKMHb=YB=s`>%iclEjo^Wk-YXFSk`I94jPbd$~{YnUZ;A-p&0_0=EJMx@d zJSIeC8YAL6`h*c3ygPM7cTfVxw`lkTo@ED#|N3lX27;Ldi;sPsVb1w9}1&7spBE+&m|Aa9D}_L^#>P7`1_c=@PE7kt9%GcD23F_ z_z(08+fLSSlY?jPBMTL7=@Z7UR9>F;Sad&kcWcFS{U5E@Ljojk&$kJ~#Yu^*Aa`S_ z#rvwzCv0hQ9lkGD;Z%cJH)f%F9cd=W+fZMPI`KxJ1@pc#n=HRe%>BYpWv0Zlp?rIDyBS4_% zoaY*r==Eh+AdX!37QSEgXz*@<3QC4Dbmx3Q2K9+NrM=9NHifH?g~r|L1HlW*vtQ zLH#cnanVYn|B~9T<|@9g_0?QLbisji1mXha%eq4{!vw4%L19KuQrrx_}?woSkm58xJrQqCcrjkYj`I01OqK;DPDDkdhJBp(ibf1zNviJOQ9OB<;g8ymHl zj@b(O3-OU+4^f2Oe(GW`D;>y)ueK%v>lw6|*)s+Gzkp{u8+-MiuvZDu$xnj19j|$3 zM?EYa_JwXkoyuKr1M^7=Xc-XtxeT+1aK!nag5P|6L}C z5<58c2RFg@TZY}<5`R{IDSHAVM1xp2GbApEkW$Yn^&{Q12pd=H>>MZw=cgY6|6VHE z&{@}3wq&X2PU)aNV)J7hE!ggzE9)QRnO^szSN=)=wVY}j! z52#=aiy4;VV+=}Rn|xyn=?F0XC5DG*XYM|7OI($vy>5RiK^_Y?5AAJCtGG`Qm#R@Spi;Q z?t%nr;`-j$?vsQ$zG#Qj(dCTMEPvfb9--=FP*HMNhg zZxVxcz^qY?dtUJ#7L2i7ZD!I*Ei9xbEk4pTs24$3~`?WfU z>q@DJtkbK19IFY5XvU14q6BP{YO2B%_Qm^H*!5mkXCxzHx{hU|ECXxOua4kb*7(sz zwz+u1Ttle)SNp6>mthSy04qU$$0_XAR6W?{pzem%hQ)8KO3k~BkL49ULcMUIHmaX0 zto{&1^SHV7UYrib?=(%Rt{a?ocGs9}U>M;5sY| z!8RhoCJtL7`E28o2td{mp|Jr~fE*~mRC2wz71cZMBQIsdsC=j-e0&Gw4wMVtll&NG zFxsNYh_Lbj*It;U188(1GvWnyz?@D_+7FYeG`8cNQ2`hKF&arED0uP07zs6jv%>(n z8QsnnkAwKeG)fAlNl?9h>KKofF>ax2X{Aq{TsX{KbPb}bXc-9fOM>wf@b!LPfw?dP zYUT>B`LupYmNgt_AMso_a0Pgy;VC}rH1))N`$QSn4`1E|1O)UH+h}aHSzj33H+A_e zcvH?JNJ#xi7|S^kVWP$eOBhAT{coRu-8i3-UErO61o=n=nuQRR!D_xWc1hqqGvH4u zw5)3nQ*_fXwb5^tEJ3i%tUPJ<=>hMu1t>s}u`z@VNDyOc4_)Nbosm&oF|pSko+d{!nn_zX1qI z)L4!_b&^bMALMgEEtL{6wEVv^a*EEO>=}(CG06(vEo$lw9MqTe@D&v+tY+J)@Zfl8 zdgB&7!0-eK*w7S`5&mBN0($cVtADX`=&L2{B?c&?8tFiA%fM3OAg|fzydh)^V)~-D z6l`>y7>s_goIQY#0)}b*4UL%^z1pDXaa=Y$OOrv|t*YF$dNWc>ao5U0b{5J5vHyA#hXC zaw;h)!NB^i=U^9K`khSevPfl*v**sWc#Qi7X(dQnfH?*FLKoFWVm8gkwNn%#o;^d9 zy=Z7?xH)T9_V7eKeqBRAK;ZOiV2L+uI}-Tf#ZMUnaPrFp4|wyOgEG!G1LfFQlwu5E z;L7Xa)>ICXnU`#0&EOD01kr=!6Dyp4$Ua|$H}Jla$r7fI&VeWvn2Ka2I7$kff&f1< zsfcjJ}A3 z_OJL)49l;bE}lNUhT02lDnH`KK*$(E674{`f-;Bo2_0_g^wA1aCjR`|V$^R8&-q3eDj}!U_trAR0nZV%t@2>OJ94wK`~3}aW_tIC8|e#HojHvkd*%du^QV4y zCVAib7(>1a@Qu|#p~Z|sY&y%=`y~+`etrtu%cHrBl$&oKl7FK$(<0TY#WEE3zb^7X zGEYK|+%|Z|wEz09O36#KFiER*&=vry7HCL!Jy8Lyq-x2!l`dy{)dURWL8~$r4nixV zVc%ng89=*OH9t0t&;JEuw?4#Q9oVyseRrOe6hVcp^n=9XUK)`R1%I9)=M*G@f|_9~ zt3X7Bd<3SOP~tjZK^rI4|2@NpeOytl~u5;Sq&fA(HtG#4kzx~@Q* znTnIS1@*W2DycX6E@%Hv0g-NAT&vk3tR;;T_Wm>GEij5VgZvkq;8d+{$|PZ$NVUGc zz6u5wSne#3Qq$5JOjVBv_iZyOCrCQJQX+yq**UmmpLKQoS`@0;wM*W%=010V07pA_ z?C1Al8qb=*n1hImww-#_gVhOq-4cA!X^PxjQ6vpZdIcsdH;{CWJ|O?rY{k>ZYCborZ5`m(EsWy z{$TrIUPB5j=xB}tEp&a7vKEJ&gj3_Sw%+hGM+;0-l#*H$$yAoz37Kx}HG9^BZu5w=*$`JXT zLGpmlh|K=@{+;B|CPCO-!vcdgM7s}ZA@Ec^CtY^|QqirTnXivf9kPWrF$OCNt5w_F zc2_L~rxt`%>C}n?F1?urAISiO+$}7pKTinN_hxpb)><&9qR$gpz4MCk{aURj3=tt- zgT*#R6;514a2N(+_?sn^Dnm=2ImK``q$3{Uo;=mThNeM)*vt8Xx|U)9rqRwytnSC% z#_#N_HY~t^i+1rGYtMLn$f|gMDOp3U*G4?~#9$Q6P!-{%0p8X{jF?L2m$)zcilB)# z1l24#U07`u`pZB6kbe;Gt0g-kE5uSSM2J9Ib+xV?QXFc41qXETTM`m+eV7>hUsVIR zOT%sNTYQp^rHVosQ36zR25Z$uMB7(*1j81n)(Z7^!?FOr*zbpbj{cs84Hx_ji{SzI zigJJ3DI=2Xu|a}@Z*`6(3Je*EGcwbU{o?NJ?OpU8^U#X{>qb#$v;xLuoxJi+Nn{E{ zx^d(sYfwBnRZdb0R)(dT-5sv=D#?jw?eSe2D*JLv>FofdVN-X>`S>olRui+cwj9@L zXw?{>3GmMeNhC`viXZQszHiz`%XN>!bL3d0|t{1nnBx@avDTlSHt{1(VD!KqXtdLG5F}*;B{TD0x@>|XY|Z}~88O)+f=NQ<%Y5x&=L-__erj;b zd{Q#pG2}E3gupC`s+(7lBb2AS7bOIV9xG#95OD{)Hme8?{-)M-mODo@EPFH+!=uU> z9IK>Kfv{b^JnM2C!MB@m&Y&Fy0pi^Vq=;%jW@7CZ8Pe@el9-eivbK&_NP;K(>eDi= zrqp_+yZz6w;k=(v?hQQCi$#q%3FOoXZ$NnGed~7bU zDT8L3`Snzg)!i@4sK=SQo58dnMzIZLRx6Od>UPG$ z#DQ1q)- zp6KdgGm(`YuqNxzD?0hj=;97c{Qa)v2&CVhN{i=21AK<9yT;?ui3+{mFh{I_pc+`Q z_3;XeQa))l^7o<{HH5lY^mKrZB7vEgmp3Ox?{}CR)@M&-MWuAS^g-;EPf9;|7qUMN zhCwl~$%TbnMv?dO5Pl>6f=%cZ;>1hUQ@8BjT()O{I<~JN?rkc*HbVmyUUd8|wVv^# zDP&?*55Xhad*aFEe`R37i;F|bxDe1y@4`TQY*~gdc(|vPuXaZ6$?iUGGULTt>M%LR zhHsL|lQHNZCVCw7v1066PqO@JdAHC$=v4iw&ZWgW{D`e4`D6_lTL>HHV6*#B&a}gY= zRaRE=Ki(bZDki{6=-U;Ea$bxs$It>)XOZixy>KDja@(To1?C_F94BP}6%xCUckg-kn~Qe|D+V=f z=B9DzmLuU$CA7KNS36V0^CZ5?aC5cLwH2>Te(j*=`i-2b z=hSWeG`?w$5h~y1vo>_#%dxe#&iVx>RgCQeQ*63LOJG(F%>rNT%5VjppPwJ=R?)q@ zFMJR;v>UWkBD+$1N058Y+8?0&uZc20Uc(A~aqi8{&E_Dv&yNAzl?rlxoY)x!1+y(C zS%Xo5TS}3~qOVgsQ$&A=lFiaC#iSn)IBJ`sh&r{BEMtu;akraS3f zfG5l{(f43`E%kpA?Wcac^!Y#!NH~&M7YHNpgxMntBzkf5%^K*R_wP-)0B5 za};AE@}7Piu`I+Wl3cpZo?*(}?~c>r&`5^@iKOWsAa~e?0w~$Wk!k<50KDdNx=drB@Y24*vp)CUAo>jW!r)hsY!K+buF$i1JfJGiG&!n$2Xz$&mP?Y#6GqA;Hw z`;}9Slrm(&FG-n*eD5zn7UcY1%EO5&FlS_BR8GF&;7O}01*nyV|3)~dyU>g^Qjf+Q zaEssu=<07)j6Ka|+!eKt;p9n!z&tgxr439zJ~1j>!duDUllRBB>?MDr+&Q7dAug_arqWM~ zvjbjN3f0})HXYm#+JC3xQ1VcDX!Qp>-q~wVBCaNxGdzAZCwI>^?CYGQN6>uD>g)XY z3#D#%#4#I(+6~V$fTS_2UNe!Tkq#rpAcnn+DI^G;oIF~FI6xTg$+Y?06hv&+ejOJS z#dBDpt_Nf0x4_U%eVN2WTL^>2XAE6`)*AfWDjJ>3kac>$U>IpIqxeoo6zHML?}oPt zl1l&2juyJ$2*E^{2pqXzu#)IE2F4!${=9*ugW?v0(D~T z*3uaVo%UYnJ~XOI^sXa ze9PDJQ%u3_RUk0w!+x;#-+g5g?(J1DFT1nD^%#mP5-V}~Yb%&A1yqE0zn^QFz{C?o zCo@#mj=Y7(sO&7BfH@V901avTbrp0;L-xY69& zng*sX&Gi?ge169l|Nf~0Glas+65>Q{96Th(y*6IC&dfyZANLF zzA@61)|!~#S_D!#KOZSBJ*J0e6T3{RnPo%`Ke4gAXg4(TN3D#}zKv+Q^0wi3lkM8< zOwcX8hi9bpG3`7)8v`&^9puUy>qnhWqF{1r5t5vEc`4>;)Q@6B9C zu4BqZ-Oqnm7c^S%A?IvTx%e8{y@BUbr93yu&goxKuqQ27D2?Ws1w>a;kfE-a&lX6Hp?C&Y-CjC z*dE20^fINKY8oC-zTL)jY=tuv*jZlQF$z^uWForzs+tVvX8ic&w-PkIx(Y=O{gyA9 zJHmFnFUWZ-txo#!1w*%?y=I=~@~mplxj}KimIY*rt}n7WL)0mK3HxIw{y^`BZevs% zq3u{#f9M7DNdC0^Ii?~&itWo-d7km{aYQ6DNlKLy=zVUYBUca75X4?0nC0Nye*A>i zOX_z%&x$9?ubk{<1KWU1U{_3jj8^CbMv&e_~lX5ZPR(iTBy0rA?}RyIocI*mN_d*3xM zx$;>#-}dHC8~7pJ-#2`z5o?M+HF-I5oQ*3o04U%H^CrDb_t2!iqC##Uqk8S0f+V*Bm0~R1aNEJ(y-#njKW^`o`Kh^0i4a>p? z4A&MGVveQaj%p{-Kc34h{%UGKtl3j;T~(iugM0TtK)R)-a3>g;dw>In++cr0g4e&5 z)R%Gg0!~fge`>3j_mT=`_eEU_s8v=mA4KspZaY1E;VBm?hD0E^DM6wzm-}^|Xo;$O z*?sA9Hs=L#Bj=9l-`^5uA6i@>$%>?eK(FuaqgwwF9fhlNU*CKrdZgFYPD8#0IXKAI zmd>QVM!%|kW_-${){P#hiOn0onL4Hf4ET)& zCQl1fzMJQ!;tYR2EvIR<-Pt*VvE%8NIwhSRbNqsf2K}kUfchd{Ad7RTlJUb|=BU6g z2n#Mpt^7C=6OI)TI}Vt(NwD-pU&HMBnySK;oc-YnSzx=X;;6ag*5xwajdM}{cg@Yl?jfzJaKNJc49&L4o8#I3D=R%N4-gMjH!_@lCdiFCgNud zBeTQsi%l61u_2)8n3TgZWTxXF@r(0JCyyS8hSB6589`Cf5&(}>;$ZZnEckMj9 zZka_vo70`=^>5h_wzZD|4b zpD2yAfQ35y5O#{)(WB1uvH>a;?ky|c6`us7Pz8*fkqU|?5u%@|q=*~Wj=5+Ja6fgA zzhZe+WWjKBm_u1M=(WWDqIC0{#(H0uM~`ZWZbz&~Z~LsyxpDO-depn=n*PZ1LeqUU z$Q`140GN`gAGoKYs)!`JLJuPS$l6N40E(~QJw+Q)h2I+mU^+EF?Bb^|DUZhBe2b6U z1v^ZiI1c(pS|sEg8(|qw(&cgT5HSw*e|#nzeTww|VSBT0_S+DxYv;3h=`aB}=U_Fxs^7lB=w|`+6@)cdXySj9 zMr{lAyV$0kq-u%e3<;)S&pj*C3j$nb_dTlYmS2iyJ(OLV%MLZ-z~DjW zk#Ws0$cgE9l%km8dj;?5p>2{7Zl18)f-4k0Lj~f()K>OrUzzOql|Y~qy!B}v=z1nw z{a;eAUrbx6O`6|eb(()R9HeS^GDUz%)6WshSmA-k`s?RU7DX|wc1Heq7};sst%mQz;Tl6RA0-7>6&R1HUW^vTK-9Mh<{3dj%r0&mdM`%i48F5Luw=6|_+VXMRZ=*s5 z&?~xlqr9ayBq`eS1AS8pp@-!=!LW6zXyHoM5n|vR&^izo`EmB>k1ja%E!Cry`bCUpEoOgnH z4Fyywa%(=!&7H`%_>pu&G~?Ec{#$C?_tI|h{w)c(i>V2Tlg^2uSR6&vS{qktGCsCP zfJ|Dt?Xlo!v+6{$JR~@>H94LKhvN7Rqg?otGVBwUMik!B)xLBaQ(rxV3?u+HJv(K_ zkD<#((<@GqBqmYazd@I5np>GTsxEwC&dZAvUE+b>c!{26IG>sMtNC(&;r_T*xnxbM zo_?kVZZhO*&Zn9W_sfkKaH}3U!}-EghEG4#QvV>#uIO17U&{8wklp4 zecs=lyS}8vorY$RxWSwi6#>>FlW}p|;jrg^E#>mOOj6K>@QIp_?}`m>ak8>LOYUhL zNQ!rqZS$LD3ZOR*+cK1_7m#t-{SzMgsL!_!7<1EN*vANyQhjx*PYPYGRJ#4qnfWQE z2-J;pvZ%}@>gT{OrXN=)V58>Jszt_Mv`aS{7cIV|(?MrJ(6R0HuDh>ZJ-0qU>$cRG zJ7fWH^vtKy6y=zs0)y8~D4*bFdo}bdnkq3nLna*4CH&cY@fG{hM z<&(tA@*?=ZMqn;doz!M(^;KY^iu|N8p0%ewtqvOuZEFd`>{wxhH^I=At4fSiPrkz( zA^DxXUti?H0O0N#(#dbFBmKWC1glLq;7GtOf1URZ(py+jxEFY5a;NVh^|@Cb33!QW zsuqiHHC>`FQPb@&+2o&=Ivz`+=3%7_PY9^oI?A(CnRB!uxqpc7{nGhhtHxzF@t>g- z2No73ee$z=d+mP<6lUODh~S{Dv)ji|P8C}882jyI_;$eO zfqwB2@mVt-%ZhGft1y25+pn{>bxRwAS3T3Kx$R(P64K7Ky{=Gif~E z6nL+7?SOJIn08Bbwyiu@BTmpdxLe!_U*3?a+GXloJ?t&alU#C1kBh(_4s-y`rSe^*go$aRxHc?? znFp}hGj(;cN-giqa)|Vh1Luu8qqKGkTO# z_v`r9YME*6M4dl_tXJhT9Oirg$p$GTqU05tKZ zkb^>inmZQmYpMLIJHe-%UODAVN&NW!9PCNhk!m|PlDeN8NU8T{99I{QCjt9v*h-Ym zr!MPeeN6djLklR#hU!(;**2J*hn4N3&gYf@Zq8e@aK1p~kR)4-CQm1<1L|cm+_t;r zr0_>-Vx^{cR$bgQUt}6gWr=Ao{Ozw$o=*81DiY4GE)^`t`>;@H|9;dfH`hki3sL~p7d5Iw`$BI)$9IEgdI0f& zyL0ims-m_M@X`}EGLv(zAn)PtDAO}c1Vrda#j{m&kpmOF~L0Dh2)4F~ZMt~0rE>iOvWhJ^g5qV@a^hc)ER7X^}+ zrCgON)m|@pXd&yjpJdzf^z1#)?Xc@J4|%kHRukXVi;#pN2RxT6_1ubJ_zy!eU>vDA zAJ8X)8a?bDT2V_Y=PUygCx$eV=y6qq1}O>Mfaiyha0jdqkS)uqYdD+QhH=rtfc?Ha`Mw z(~ybLWxNEr_((5>#Z?7Q%RUMHQRwS*=S@!RAqqm*sFv$*<05*jeT%gp+zBc(pkZ1v zrhKI#K!4RNX9+XrM{~oCu7ay5HA=kuCysGvsVUttjsPU#%C~R4V;r|hDi-n$d?p}z zwx*5>xTa2fkh3q$9c@}$e2e52BmXYYm}*lf?x&EHxjSc%RQ%38yRIRDA1t1Zkl%Qb z>NZC)OIfsw+DM4?T;Gq}?U-XTsk0OJ`*vDam1abSZ>U_7-D9K!*E=N8qr^x%a2Ous zg8yqwNLbn~@{swlqlVjtKzzFzKSE&ZW{c1g>L>Wa8v!yv4+AOxW$Tby()vOM8nv5g z1A|H5L~rSnC(tH0zV!?xMg+$zzf?*mNdiu@$pmwdbOwpvs)_zxYc07<4D!1LeMiVf9)&axWF_V|IE1?&qd>2s868+etL@Dm~<$HiC}|SSWGA(h3ME zt}I4vckKvBRr5t{;11;{2~UID1!eK;#tKBjH}yrW&c>JH>v50I^5N%BO?o~tq1sZY zXb(>YkXQjXJvIhxi<@a>YL{`-{oA<P6Q$9;ka?Zn6m~*kft^WzdQ;1AuZ~xlxnpqYpwcP9!XzKVEh# zlJ=^f4K3Bm3jVlII=tdos0i!Mqq{9^_)W1B1;Nn18s#5>jkZ!Sj53Ac!C*_dH97mv z476atfAMd>VU^TxlXpc{i7-B9M?|tfqGEcB_?FfKFHF=T6Kp!IP8KadEw|^hhtjJ# zCI`q#v+GJ>#J2B8R|m%~+0=Qg>YWnW3R7weZg`rqF{?sdrN{V~q^#3!`S#fatz^2m zWx``par~Xv*T*NkwG8mi1?9K+u$Qub_vaPc?_bQ`#nb}{`-&SMFk;qjsFyg|njVhSUZ$eK@@|3g{PBW5* zewg?W%GdtdI=X`Y$jF>O@8!(rU%%7h7Gi|gKT@jv%!hjoxXJ)V4xc-(cx;8yodFr5 zFRiv!FK`Kfg2_e&wt;st_rRVKGsQJc-YcbNUAga>uvK7%hMp;AWpV-K#H1 zch)#1FOf#Xo{y*@3z{=|5LcN5Cx*N>8kP$sIQ>}a8jG`9{(3)m-`5CC@KdLz7Y+vLEjlwxrBGZfgw{Zt{;z?3 zjO6C?SWz_8LC^|!>rJ6ro`>v;ZxaCsa)+iUc|M`K%!u<>zyn6R{u51)5--?8vM*Gv z)G~G5D0xZ$Zh`dVtG%1r)f!A`@LMfzyKPojRS5T`vn4N|>mYmK&Gc6^n0k=Igkf3u zK$J6~7s|Z84GNO0Ve>Jt)F^oLj#l5YSB(o5(uB}oqf7l{o%;V4WJ?QWP@v% zow|TIrwp`*fPU&8dwWjFB7}lM@cuMw!pl3>2G>0NiYQbvD2;A@(?vzFzcZW3qqxBq zZm`StarGkm#EQLAa0=a9+#Zi~!+Ss4&5MoWnUiPWmKM-tzFwS9im~32qIWAy9M8Z2 zE5m!Amw7bHE$EWJHf4H$e=L^{E570k;~YA}91~1GXZV{L2$&A*I00Q*5HIZ8Lh3-; zm{)JmZ${x(1sQ-O3f|5DV}=&0ssLP^znUs?;K;a#>kklq#Owb7IEb;??O@;OstLle z+AMMep%L*KsuIQ;#;tBoVOfZ7GbojteEVSyV%Mq#ST*goKFsqy!)kMOhmdQjdo~bQ zJN17$t9|8l40>n0B3kG@8m7g53XDKtTs?nitNDEr%!gsPVns=^)mVr+yq%dok+5d0 z&2Yh0<0aBs#W{ps<^Dy`IR=mBni87fMmmLp5R;GQ4Yq02y!6SVUw>Wz=0w@g4&|wp zrOYZS2F!767DYy2y9nObmx0Cly7fh*;P?JMh583skN=7m0e-b5odnIH#4vEm(Yc|} z5XHoss%%Zz>ZjQl4R^3fj@W72$*$h;l0;d=h_wm9R|I%IsaAaEPQN>B(TB*=#P|Os zxLCCuA=)gs&|`Gpi!8KAq~0B#1Ry#1t@4iB>n)U)tnnK%bS3k2^2j@nJ8-rx_@UWnecc`JMQJ6$a7>9;&0&p zhChHxo(HNftiJYCwgR+78?0z5({>-x8JobqEJ9>*?sTB(V0RNNn@WgL0I#Nvl<=j? zIp2`izHHzSm9l6p&0P>AYRuFd?L?ite1vaP6_nzF*Bp0HglMJG2Y;-XpfXpbJNF=s z?l^tou(0e|(*#EilhxMQKzs0}?RwXn)n3Q)zhFnRIydC-?2lp|5E*=_sGa6$U zo;YGTjrqcgS8{MwET!F1-caJ+jX&vkR;j6d)rnM|kbe1p096n6%pX@LuyPcUFGlok zWO*DS&@DjjkcPUaU^aT-uq83lLpZ6=?vHOX+C2fcgoEo05TF+bo&V)8yw;lAby|b? z_MTfDbU6gNP(Cm>?h7%^G^5l{#VdjhD_=U^@?}A@Qwq9whkZ+_AARh~b}} zNX_N``Oznz2w&AEeVnX7bU7q-I7#I~4uyZ(ZPA!cmPu;^i6cjD_MD}sra6AS1jdB# z+uLLjY!53eI7_h6JV$Ig67XuXqYF&Sxsqj;6St)(K9S44X=|emXUV-QNEv^QlKItJ zFo8|mUE=J0o(pH`B_`|b*ca_N(pWSsS^qr>IIFPvXt9!t9h-b+tJ;62$(uX?0gAXS9`G008Jp!Gm;2sd)^hi4oxk>H)R)Ovh3p4HK3R4%R zqwFt#44x#hb~a&9K9Gz$LT{7y3f+_Sm)LF-P*3~$0QOfI6?L3&i{f)4AZFywyY#l7 zw92~KT(H*q)V*7Rj!lZHroYap>z3z1lGM|_2UcYM(*peON;56zMZ=p!%SFYzfgh(V zcPU?``dS|i+}#tA7>AYg?n%Xu@72ODN4|$;T}RY>i13MXMz1pzrk3`i6Gv{pPwogB zoCnu!#YPO68wavAj|r_7!b}Z#Frcl9 zZ!PG2;+JaB4(~7klh@0j+}GxAQ&_!zLk|a~JB|^}iQX&WG+~Jf*!wvW~4bEvApRBzMj_WqlD?x-2ES;fn z|6SI=v+%DziJwJpprdHy`N+DftGG39>|8lQvP6K%YiTj8rz$V71YCLX{c~!g4hz-c zB?43DfP>L}flZpmQviU&Q&o9j1k`E72^Hv7iHh`-D|82*l`h*rQsD;136GnLtpMj< zfvwiat=AS^KeNcEB3UfVD_}PENaIPuT&5Inbq3vsk;fT~P)j)qET!6=xvm~Dg(Vm7 zgj;Ti@7%2UTWKsXE2m$}YB6UlDb27ik@!^|eQ%^ujFiuGy%E*>ieRv6HxVl*wO6A!wEiFEL+~aU0%6fIyhXR@NJ9V_|y6;lod^bDTeaVy7H{3($8=+5(VHSn z3tKPY+kFslZxK3Xzi=rLZKDOqQ+pq(xL=j%ywCcMXFNPuSMf>IksHwkoE#JTTJ^?8 zU_?y~Q_1Rt{?d6bB>|t2vtEr`XD(hlyk-A0ZUfy0T)Qi4#$PF(^1}Dl(|avdz<9f# z&6&z!L@?H__zTd3QHc%8f^)Ic>AUk=U(~yVPKd`;^{_AWA#_0F>H+@hg)U99u~%fG&oVTEgg-Z*)R{NDioK0kt|K+dC)RMeg4h-cUsRpW(_o#O{86305k)nLZ^vR zlD8sf=gH4*d?6;M?~d=vUS6$MWvKAGns?p1jH-<#m-zkDr%&A#kC1{yLkHejCYrZp zTz);amhZ%`RRe6oHGS$2(wOSm7dt?B+1AJvhM}s&Tr~Zis*xi-mH-VO_sYxvGaUr~ z_1k=>nw0~^FU?01$_IBRCPy*>tKASprjo(JshAY?D%_I%`AK>%1_Y9u>0{cLl!CDe z)@k44l!5ziCJI6qj{hI3zB(-Gc8hlCM!GwsLqVjw8v&&oL0Y71=uQz3kP->$?glC8 z?nY9&8D{QpzVDoK@BPOIeH@fG_Ph4lYp*@XR!>*jL?oZDcpunYrz2)r@V3jL{`(Kv zfC|~W*AywffkS3t2^x!9hzy6B*z$&_8GSIUXSKSc{@jgZMPo!=$Vfg45p*y6#;v)o z3YyHiA7qb#?4@_U0q)*sHYovH|97fh;5_`$T_=DL5(8D>PxzbVZZpMP6S(gN7Ns)- z!v8N@9}pvf1G;I9xqOfFXFM~aHOsaVeET_;f)LdAU`jw#qjBuA67FIJY;q;g z;Sa0%%fni|(e+c*%6gAclplSQ%Ww0@GO*h&aMmmk#ag;8^2{0o^!BS}v?iDqnM_T2 zdb|O2;2p+m$jNJ1HY_&oARzMw&Fvvj;J6XIZ)H?^ao5N?Y3hpMhb@2i)z9oD#U@MT zbH*Pr>eQ^scfTLfXn%iy_|g-&^4;RwFl%tZVB}a5!v4Y(Z9nFd@#ZGbJB(2Y&I*pG zaEkC9=i~c%eJ2uyzW#e|$oqEG(W5_(dUk&@-_Z$V*x>Ntc+;Lr zqXfo`kz4W{`^R7LH|V~kK@@23(cm|s7zx3-5ytbvu=-Mu{-sLv1osrJxl{meWREj1 zN76bbQWL<#ZRkb8!6(^1Q+FHh|sUgcGh38rU7iY{#Ofl3vZWr@kk1A&q%E(#dbFtecIWuQ+l(jTE~4V;fpk`(NNxY5qpj;@8Oz z)wkb`xsEy@1A*J1A$DSzydF-$9w7)6GK&c&n^>7Q)h$e;2%KTy!;Dro6G-c^L%>v4 zF%QpkmFl3`0xv#~{K^By9{xzzwSxqfkhuFA%gZJaRKtkKU5B;RIcb4dCe9j8%=ST_ zb%aB1TwruUz=!~p5fJn1pLT!X{`DN&1M6}n(u4l*sWFO%3sIJEQDqQK;A7zDB@mG} zo+E!z%Ke2ILp<>v)~)URe+>r~^#}gJ=5)YGyA(PTfFGmU?Rkkap$;#1h88s_8Bq8v z^&sH#i#e09n_-PWX4-;5?l0lo8yR@n^6QHVAyl{PPlHA&I0o9gom60#o#{+ovlXgi zliTmpTU)ZgE4ild|HGz)2u+8Et*#;IAAfe}YOHw;!tcA7X0P7Tf}ZPM^2|MmlW-vV zW20YO2USY>fnr(tDH9V@BBVd*`*+UTX{A72BO=c~bGqa$butXMu$@{1U9!8N!6XoB zK0fq0A)t(4;v16?-FxVNIcxw#VZV!4MvRk_ zgc8&3J6kX zeht>8_V_{l9->Vf(@0_V&ex{P5lU|eA!cEnoe~fTLCOdS*)Tz##c~T-i(A-5+R)+YhW@)>7J7TUztaBO+^g6X|NoG`daVETi2i?2 zJrx4i1FZ^AmyPc<9f>c)gG#tqDTI0;i!nLy9}_}0ksF(YKj5YC5qH|!&X|7-j zPL$*_MCbo9a7;1yNm6$rRzh6{FEq)yM)KDM>s$WaJ?6 z$iPIHzst1sP_U#Y1KkeT^E;O%1|k<@7aFA>@400Fv5B!U-4F2ZL?tZXBatD%Uw7qv zpg?r2oA~eH!~v>L zs-?0>?O~A4!;|?Jrw<>>d!#5Z5Q78hCQOjahLyi?8b!)Bz-;EAhocBzX^?u+yf<9K zh*B!-xn=8k`Ss51gx}!cIIRXc9~xqP zpx4RFvTw<3b*CZ z0y(~iqX?YV8~67QpR#Ex(VV6OyO#p&Ot5t$=^hH+vo%XvOUkI5kfX9Zx^%gK8*Nr% zR>8ht;a#8(4PQqDsoW39p^&s`dUSL|<7i-!j4>+@A;}uz2M-?E=} zgB5hJ%8or8QRoIW>-bYs{8bMBhc_`j2$%#7?~Q^>c?9!t<8>wGX8hGkVaC*TP+IVm zyWVxbSgQ~F%MLm^^eY5p1{9RRbYWtjH*b0tVe_G!e(lZJ1wnN3@yE~7V)UW)9`_?% z^A2Ad!m%6COt>;uI~jozk~K~VW5e*Dgp0#Tdwv7dna@XBT7f9Nb9u|CZlQ@r4b*FK zrJHMKI4fb^ynkKy^FSjdcy*ECiH?l>b9ipP_)6rFnsa)3k2J9xU0TI2{5OuJGibD9 zyMzLnu8$rcKV329kcx+>qvGCoY70sxfmX5jRb)OY;atS@kn!~;h`nqbhXOWek6k=? z`rm<{106BAi(5)^5N3?nip`FGMUDKxaDSS3P78*7tfgEf`mk;|1Tl6m5n*T8AG{`H zQ7>ye4)-0q6`2Ctn6du=+vKwP1K&eZ2EJE(@V%mzGn<1jhz8sT3g{p6U4kpkxjBtn z>J~TC&rh2$v4yVebapB<83Khq{i%zF6xD*l5J$rp5pzSN$^>&aUm4Sr}zwy~RBkv%gvzfw4Y0Pq}L#jVKboQEBMD9d-43#}iiBB1=rfdyGDdA|g?Sew-1w zb>>Svadv{1_fYkLl~NcpWsOKr{U%`bk5F`2rK{`)69*NqR{@&v!96Kr!c>W4Fw)@=7F*l>@?~&TYklmGUz7C8L zMyY7K7_Kl-PJR;p0So`D>$Ts`<>g*)_2BvVd@wLr5|I&zGKkIc+;-*i$i<6V?sjslJ=o7h;y3&g6cK@A!BJa* zVa};}Tnq@GVMP3RXj}B~%?y@&$Cwy-11ktZ7hl$l+Oa|kK~10d@VoM2?^Vjv=_Kcm zrj@h9=bTuq6&RMj`XG8W89js(y?v2Bk#skc(vT@oZ%v|3GtSR-&am6ogv7dhbopY; z3C5~dj7zDnPt<$FJL5y~F$@EVM^75-(K&HSkfkQFLQBMOrSIIPo2vKQ90D#qE`9*1^?!%E&^{J5U7Mv5a?kdDDnrg zc>A^JyoS)@BU9}iSd)sYVI0yB`2E@Pi%_|?7#mX$EE?alc%PllWG>iYt*3y>SI^h? z9HLIlFu{K(N^`gJ1yNRJPY>t2mjd%e z41=Jp6((w-N7fT8b&F!epO3P%=C{rq?CK+u*1PoFb~K#|LU?rl_pua)hmBr%7&4BQ zWcUnYatpgUow7{U%u0qx9F^6!7=eJNQkt4lKbCG{8z1kYbHF)CRTFQ25H0?g6 z_s>Ip!(bL6jotZEem7NTyOb+saOBLw1}>Hs4wA8RUwwaXDD>86wC#l~tUeLX*E74|{{?mkJKUWai^ zvi>-w?-I5iz8+*GS4c8zUk!p;gr*%fcD?T zM34$ZN5ALUgRg80QIISnObK!+pFr}+z{Psd;xa?o0ESJ}PX-QJ4!tlP2-bowNF4x;wU zv2hg@6LgpK`IS~P3O2bv(?tNJSZ*G~atRQE&JKLvwg>8XR6h5C4IN-YF9seuIc?-J z_t;4Pxp)9LA?SumkTslNrz#Wa>YC4-ke{)Z2E=F#rQm=+pGapcYwBO_HpH!bR@MpI z$Ldn`QCWOQc3A)LSlRt{9igcQG8CuD&qB$J)s#?pu`p#Sb*G9f*hz{N@-?a zK9?G3ni(EMltb!vmB59t@eK_Vgvk*+xcD|sM!wKY(O@qvRsY-)sXF*p6cg@a#v##u~6Vw(iSmj%?W0z zgWt19sq%t#I;74`BDMwF%h0;l#!K|fo+3CSZZu_>YOhOh@7XYmzJRb;k;qlaiUy?`oim2-@dRaw1fssl8e4&orX0 zPRcSITHOBn;(%9pG9hQ2`^4X#@U3;)Rx}$UuRlccYt}+1WCHWw5RZDg0KYrK6dQyiz3t|X$+;CFhJfX>gJO@SM-%p zgxxT(!1q?t2L8g@FtR^kAo`;r7(n?hb6y?YeuG+M4uT`jviWS(W0*QZSdBpj3=qpn zmiuv`hF?j!T&<)Wh`E9r)vtdqyLuZhN3SGQJ57=c?tY{E_0VaIJ}mbyR`+Rrg1r+; zVJ(X^OV}KmaF6*S>h`O1*`?L(N2}^rPy?FGf`LgC`r?z%jxPW`zO?+trLU)ZM()fd zc{s2!usnldEgl0TPf};Yosf?REkJD5QSVhYZoR;3WlWUg{cg( zL7!yGf&AjoUcOh4j?Pz_*(@1IsqQQxsjW+|w0w<*_1ZuTuLIGSIl9VRitUIZ3q7Ab zYuG>F{BY+#;5{tQs6ggMevz$Ki`T+b zmLKQ+h#%!=824!S^2A2b6Zo&4MLQZpMpz;Wq^TM?edwp4S5u>Q4eZxR=Pz205C33o zIPTz&gJ*og@C=8AK2dQ;;$y+8L^<@sJr58NP!ND{$+gR1p#-}>b?l}zCAGK$MiM+W zqIi7(2Gb%M2g5TV#8S7V5PZ!WpG8`!Ot*4$kZ_a62q21Gtf5hZ!gIuJ?xDXMKo!Nc z2wU3UqUdNK1%D|)(!_*jO#IQ|8&I?S`odEFQAD|l10WVU&1OpgP?;Bzn4X?)R;seH zJA(lt;gViDUR3;xV)GEu2C9j%<8>{5#ul)2z(-BX%P8>12o>V=e&2qqolb+816x*xi2w|k298uG1m_;$41I?_~ncPUextC zv)`IxhzLh>tmMo);DN@F9hk&kcJxjeBQFqGmuAd8t)aK57dZ{E-DcW+22Ye!V7SP+ zrSN!avsz|N3?#J97gWkD>`PKFsR0QFm!oNrq)dkQW{^5?jR#m41R9Js30}1worhe zXDHBxo+>wAf(~71dn7~Gx#>jVAPP4g_oky!rI7A$Bgz4zHQ)fE7EkE&g)05mxmtQ> z&2B%u+IaI`(ZTY2f-*Fb*PYpWx_e*piiT{3-9!LeK`YYy=D%B^35O+UQowJ02oR$b zp_kprC?JBa9OxCxb>N?)%1(I$gABetuKG=Ii(67U)2&F(LD#hf@; zf0#Ab03LVL`uh5-FFQ+0*qOu4L?LIrg7-VgBK#+SuMqrc-nyFBcqh?IU>p-jjY(hS zK#u9$LEfR1oaj9+W-MZc=EKAJY73bPR@aR$!|@8yRca)tF(6v z-zj+=T99T~#))-Jf1kE;QKs9A%Rg}3b}O`knTdG6?{t#9t*z%GbnylC29j*7<6yC` znzVmVKmnci(8GGo7m^+dP$>lFyS9*o*>Q#N4GXhk?D*=(xah?1pM7l!b2z! z+t)jGewrir;cfJlm$P7XP{ac!Bw`28abNhaNbZmF6s=kgh5eJSz!SzEIOo;lRL-f2 zx1R#PJ{*nZv&kKgC#~m$j0qd2um@6Hk>jejrt|M88^R&$dU##nPIgT^jDz)e8qsBj zc>DM8PhH+BzF%mDeIK#8jQY^$n!KO$7x<7jUQHOIwu&F;=VRHqYp(`iwI~` zc%&lH2xB6rqPyt4b~D8So69M2a2uWN>v_|67GbBIunvw0yLaoby8(%r=FW%1(vN_v zRDEeegGt@{Q3};8VO?X7y(~|UCMv{LxxRd$dFRre3+i=pDBSJIDz;-ENKif-OZ*{y5=(0RJI;a;o2=h9N%{j7nci_w=~hqH2aBvdf^ zs+LRY0^cCb6h1WKIB<|5_i$D19y(Iavh`Lu&Xq4D31BynjBYrW@MEuEx4JR;8rL&p zP>lSZOElGs`#ua(Cldh~9A_9bBM+Q_CrOt-&d%UB-7RdokoQ0u3B*6ZZ`3~ep7d2W9czgagt%e`MW0=1SEV`CDA^6L?W&luN2S80b(EkPmV^3S&O61u1*5H__69Mo}&9` zB_Dm&dgB$*GgXk#r%yV`w~RtC_N4#;PJiw^jr^OngyF3mfhUR~=oqG2h%sR>wNrX9DT3q7msegaP_81(iI0HK@G{WAGJ`sow>yq`n*(lP^5lWytpY5dftjim zW=>9HB<9Za{DeL}$+25w>3^uz9Ud_w{u42!p|?L)_aV)qPgm1$uQ`{|SMwWFDm;$Y zpd>|PKs+Jy@#70z;r(2ibGnMz=v&;NyD*l20t_s3BdCC0JHuGLt_uxs?Idh`Pj z<17aTu}Mp1-xf>UmY&ddgwc9!AV97w!M_seWpv0@DnM6_tlMA<5>cKKxZG7mZ$g%eVx3Ycw=wN*)wIHHE>YA1AYpoI?{U?q zLe5L~Wu#^F-1QcXr0WN1uM%bRgSMXFxllvNR?r8+duPdcN1_A?{AL!@$lOiDSJ-N! z5v~ZS;)*xTo9-_jJ3s2YjY!HOm3&)*rcdrr)O+fbg&wF6`?NmNUvm7?$h`+$l~w|; z@b0Pch-?s!_5Xo@Abgi>m3=-_R1c9FeNFz>)|2U;I zR(hO1Jgj^j=vdi)Q&Q{uX%H-q&hWDwimp#0ez$?tcC%!E=$nelt48SU?QQmU05FvN zA-+Jn{Y6_{OJBsF{thpCPae3PRm(Njsc)@weJ`TE(4eKfIv^V-S|mA8a|=gEq?p$r`!=r=Ym z@J_FD8(yhrsy^Ev#0|sKYrvLkTn(?o;*mX!C2w_m`-_;~ueBaAC>N#kx1>97aJPQI z4<_;nN1PT%)(eT*nM4bUTzR_IGJ=9vbtm()0rEpILH*kdN(w}>tJ!6;wmY__vZYQe z2UDI)3A=XMzxmYhpmHWyzNPG*(aS%0JK64BC1OhG2Of1)QiM_nfy*;VCzo#yCyI6J zt<9(Bl#%T~ji^lC*iJr^q<}x23V4eA7dh$6xZca8gD}AJ)kL31SXOKt@#x1(k>0&a z`c%kX2+{j#(Z}Q3=zY)NPzi~zQUsJwkGBJGhF0;?oDv7*}A zjd+mU&{!k9|5jCbUOI<+Tx{3=wl!sN!a95E9=5x@f=#2FniJ z?aNQklIXP*&RNv*Fn9pZf zgjFsBV}Kx-U32CO6#T0_H2HiR0*n)m#uy;}QR$Z7f$I}^u?u(AKY)q8m`Hco;pm(T z9~I9d5$+i1v7h!$2lcAa3mv=P_e(g!vTmYPil{+sH_v5}xoEx`EW;EnEwV4S(Fl3J z=gG{weZi)Ufz(#W>f4bp_>hIq`W1HkL?91%hTZ-mk9LmVVT?^dAB4V4;zlWG)o6vS zW^dwm(_?e*wUISSmT}UZ!V=rnCpJZ|1mkjQ;QyyC_7Cff1HZ#K$_I)7s@|dp5Z9>~ zDd5n>3-`XP2Q6t|n3K^Kzo4>Li-6cXS1gkZ{0mqtzgGo}n8VG@#>H;Skb;o~?S=Y4>g4VS;=Z+v*_e zmx1|JhjIIzlaD@U>oY{u>ww$r;aYDq?Pfa$;|W7kY*YWkqh$!<%-)XhiKVv;v z6l3`qbH1N0&`mx9$xum+HB(V~H|)q1)-uGkvEbZx9zKk@=Rd9ie$dv@)n%K?I=}eM zv%L}W%;}b7>ORmKnd)VxfAWgNRwN@u($&Zz46udIU0Jc%9%9MSu{Z_{$=;Rkg%YZ3 zreAWV0enL@8m)sz0FgSUK^=NdzysS?1dZ;l^8s2@mX1iz7g0W`Gr6r)Tz63jzX#7d zJ~Mm@h>!dHnE1Pxa>@xTeJ)QVSCjkanKFK{rPewU1627s5of@9L^GL*L>n^V&4m#3X zrtbuh#q7Q|i#9c!jBZk;jcH(@ML^y2VixppGd|z-LTo7{PRb0qD5)!7W4=5s*WASk z9O_*ekAVihfP^UoOZ-WhiAm9WXIp_O2u;&<|6fkEfrem;9a6L|Hcc8{bJ>?QFEgIQ ziHcX09FG4Z=PTrZGf?sCoewGUgD6l1UNXdcXt7Jg8#GzRKtHS)B?9870Rc45xko#t^5kE}5AExHG%u znWYCLjMOBursk#GkD?zxSl{^kiYB(pBC->yc3c+Nt^1?5nd|}s7G-9|>$Jgcw#4U> zE@@m`&@>t;1M~AOsgVnUIFR@Gs6{eUud9om_sOTdQSEx{S@7CTdH3bhN+;~enR#Qw zL`X^t^)!bfl_7WHo3wlM^fro;&-;76n%de-H%{B5HP`ZQ350-sUM2yrrUTt1Sx`0| zDDpEbB^ts)opX#NAFmkxQ_-vV82p+KCiYzKyh9MLukb>7A)_=N(#ZcF%EwRE5R_|z zqC-a9m--XhQJ^q3Z*|CvlYi_2z4t8$8vm6F!RyKqh zo8v;_4RtswVaDI^iZV#=a9UR&WolmURPTfv<*bZ+?mlU)rszHh8D|)g$|mrRMR(eP z>Cxznl3O$1?AIXyKhU%!wL_vaBTQDO3YCBz2#B7YkWdK;8v~uoX(9iDqCmQ;7yzS! zNfCH@F%kXYH8tOL^-FUM+BrdT-jM*IjXUkYUQ*iLViGnAKy6tR9#HOtSFEYcn<1+ zm@gVjnI62D9B#fvqvd;Adg_e?Zr`-R2k|2b)1F_B|6%@ZBBHZ4`LP%nU0hM zV8=ERy-3eQbH&NpA~xHHom&6S*$OcwCkP)F3xCgXvTjTJ$vao#+r(jXcxApiOf7t{5ws}T*WN~8gJQG#(=S{X!ak+ zT1%FbrkY8$z$5oR17&xlrhe7gXWi9fMIv3~HsA72Iu*Z2T+e8e@!KZ4GJX}{G7#7T z95Xd`L#CTq}ZOMs~`lW!w*qjp(i z3?E6f5s>&zH^H6r==HaLe(SRew^o{F?iql@joQb2RksGKBWWe>UX|Zw)|`8OqnxWS zHXQ#;?;-YgaoP0g@SXcxm=W!s-!NNIozmc>VL*qlWj0_0GjGz{^>`Yw7l{ z%t<74C(eHJY5bC`&Yh3HTv-SanbGGH=lDO z4B0)+8HeoY7I&jmpw2A!o$ZJo<$PVC_)3GrE(2M&(X=Wq>lPN@H!s+FffzYkq)YL? zOf4%0h-6tYMOW}t8V8}%T-Vc~Zsy{u{-lh#H5ze>I(ockCMFiKr!!ADnc@T+cao3*!j z?&{AIgP!x=7<)Jhu9oc;o_aZ4NW~w@2}S z(Gjrx@mHdJZIC2d7yuoO+cjSFeqqx-lsyF87R%G3Xhq)bIaEFCTwk{(|GQ}DA^j0; z6_eG@W(Wf{jM%MH zo9H$nYbi(f2AoVX;@omn7XLW2mCH)0p*MV=w0C?wDjy2wAdr7ZJMD(ubS74pBfdh? z#v^}$*x#|eN#6WAc818-1Nqgm3ZBU&jEyNBQyQ6hP2h~YVK*f#ERujgh)OuKSyN7XA4<@GNcZD9FbcvFT0AF;dAz9 zqSzwpVrT_VHF%TQa>uorlA`knodc55%hVB&d9B<*n6e&MBCPJQ^R`?~FU2^TqcFDX z>Kw^@>Ok^;EICjqrUqhdE43>*P*gXBAGybybi#JW&FiC!%Q=dnqK9JBuzz0%1Cm_|09aFjGs|v6f1=cpCb!6ixu*$IdYvz<9hF zVCXzk)ckMm*0Kt$ z_p{S9IiVs-Ua9Q)#rjzXWGY_JW%%=5{F>i*NYP?id7ZwH)@PqS1!vrBPNXxw9w_uC z-|Xinl=#xWZyrzQQ!tkC4H%2Kl~C6#lbn>c@1=)j+G)H%8ghUCOT-EJ8xr4%hR9!j zW~*G@E{rXyikQ(&@>6&h>9)8%TRd~{VLVJMSB~*oTDnpKAyvHhO^XSFxihECcVn@;EOvxJhg=LSLU&vUo)q$V(@9_yaD}!mR8QDfkZd$ zto#}YI^N}k=^G$hcJ`XnfEiYNPq0Q6lA`h|Hq&h)+UD3fWUono2YIdsr`O_EM55R} zPqdP`JSe_Cb&ge%mHD9@V(iHH!@f#^7JK_ndt(VENymm`wurYkUb=P3mD`5geJU>R zbztE&2g&V2Vt%9z{yse>caYm1ST41rrx&Fo+@ z=U3rNI67U9Z@^~yFJ)N=*I9B&GvUCw6Gn6XHDHkY#Td2g;5mknfg=1y>3n8#)q zfXa7+ON0N^a`Kq;^U%FW?YImv4;|X!S9*9EwQD$QXp$CxnLttU0DImjeZBYTVE9I2 zNW1f`@Uo{4NK$-f0m+|iYP<_9UM8!nwv3FO72>*WazpW_N1V|}ukL$^n#{xrcpNFd zr{wj?hiP~Jycb91(>~cu;!(#7tXy2Wx719Xu`#mHZ^d!mdC>JE+JyJ?sEma)3WoeY+hOW!eoRS1&_W zI7HUX)z!7Mfjt!>akF4aOn)L+r{&-RcZT+5TblS(0f3W_)YTdm+2`==z`@<%53To3 z(nsTYz3jjR7qxG+d{@-3L7yKvf#K`OEgk0_NtKggfdw0p^wb-eSXjjJOucMvW_gQFj*?uCugz>eYykn^aAO=Dp!;-?JBQV&QpS3e$#{gD(Kl1=#Z> zW7#I??lrIg<&ZwPI5y=*SU)KlK4pNmLWu&JyPdtKPVP!H>pKwY zxCAv48UK~WsA&QM77VeL0d(}$GU?)yd;;=h_jEH$Tu+OWN`^t-<}GGN1I0304ha2l zP~}GXz67Hw9~^QN5$BQ;Zia(`W}*`>fefu3j}UTUa)`#tkksV*jY=2}z(3G=`nS1Euo@2?nTylZ^g9W0!e9}oD=Iv-{m_@oCyOvX1oY_d^&y@C zGA`uj@^_Ek%fh>Y0I3NZCyiQyij*n^C81QHloz+om)eDY&cBw*@gqpk)s*MGx>A2o z{)&5O?-mbY)A2U7)P5{1{-o4$R)t>y%E ziKcB{FTR#*AU2uHGT^UxEIS^qg<6RnP4F2$!99iTmI&_Ex4eKXKklJGGO*!^shSNt z_iMV8uTT7^HSfKjr%D0Nt1Y^#j7fvf%}4F2eIb7wjwo>{RG`{rl1EQ)Z+^kc5xyhE zkC-^D8-JdNx;E&3vP$n%CWm0Uc3B29L^XL9conXCdw|B+i(w>*^oDj3o3sEMJO4}qpG zhq_&VKptOQJsx9);)-Aob!MZ8aS>14HO7*|Chfn|iZD{CWk=9N(Y0BNv7feLu`Pcx zJHWR!!IG~*C{QoP!to$OPeV29mNi>|Ds~+EkcC8)W;@CnV^YYw?GzVuI!53PuLjmc z{9zFD>X(PnD|cjWagU}4 zUqB!6pK=vCB7nQw-MEjBi6?COdB%xFGTaln?r^^qyO-l?qaz{_%jqM)j_LIywgJwyz~GIxNx~%S{EPu z6W$qif6ZT6Z$^$+&uQhta4O9e$sX$N-<h!8a#=IqKm{HI;SzZt*`P*r?85h z*%FO6VIx=;vC5^e6yqeAGpJcZ8?zvu$Iu9CFPH0?q_0g129(d))&9}n{oD7T3oj2G z4dwhSjE1cL9emG2c+sg_tjq|f@_FC_id&Rrk2T~A`V7loWX`Y;)q@eb=QIqjJWcK- zt+xB)h7qT?&x;)h3|{n?&MvHdn%AxbzC+PT?1&1$7B9hjDIDcgm#`3{!X!BlXwmhf z`J3++%mrb^oXnt&+wh9br+Vh5{d8Jhr$(X?@%Lo$3ykHueG-!v{Q_ZyZ2E*RfSOSp zNcH;2>oH!+rS&_L+Q;Uwz0|iG2e<5IuSSbJkL0bGjs#E4X#25Wy!fjr0m<%9PfV^{ z53ecdCmb`pf0uhl=wJ*pZyalG#CfZ&Jw13Kwnm}2BpkfEQ07dq4WH%o>cI1O0b%Zk zO_ujst)RfIuCDH(*wXxKA~6vO?@EOKY5^>hew+X<>2|$BS`J+;XMpO$yPYyAw z{_pZz$MM6NYh1) zpB^lcQ1*q|?_^~5e3ONWKOX0wTnjiXy$ov^i{Fv5h6|BIyYzQwAui?jhz%s+f9lO^0Mq`< zTm&hcyeT@fX8a5{0?3{z>axppL@ur-)WHvWzXun6&73Cv=IJy_q5nXX2V$p5$C_tR z(LA}#KRoRG&imi5!G1 z1(yQOC0kvkWc(e8^xlqpt#gA;o6Bn$CM$-5rzRGtl$gKF{G0B6d@0`#4^Y6u%U;g# z+;FYU_vP&k-2{nm`_0w5Va12|tJ~%)VT+s!#M4TS?v(M$U)~D1-DOI>Us!X^F@jR( zR=NG+VeI~s|cl(ca zI&bH}u(N8KZ+^wJKLc>qoiI0lda_e20;VPo41A+qHb-_kPy3ChRLJqH@11Tqm1(TS zTi1DE3_YoEH_KX24`6-Xbi<<4qM;nI+Iuqf@$reVyqZCE^Ur;x;(Kak@bX}_rIZ*p!!7b#_ ztNrx?y^D4GuZp_qFnqm|4oSxkG}NrDWl|?M?0P;rAbxXMf|{2rk@b(TU-Tg^_vgJY zzJvW)QW{Ru>q!4^kHB*{ij5BkQ0x^GGC>lA<)g}lp){T?2O?3z;Qa>_nfq6 zjT{e_u+{Gk!^cMn3tRJM7RGWy`T1dJ4xli@@j(h zh4dC|&c>s-Ic~_6zEUulCD$PiT%s zrp-csTVWLS?HiSx4&1CKg348~CvjE`_1Hud9~$rx8OHhXY}Iq!yeAZc?6s3oB{72R z5KNh@0paBm+fND)+N}sJ`^WM5_6$G+me+J$PK>aF7VMsWosahzKf!d>DMgwwv6NJ`=GKDXY zTe`Uu*f62I*%r-#W}?#nfMc-a9$d`5XUQ%G=cOLudYGq$p_C}NUNow)sD?o*w-PR4 zGhMy!XmvW8Q?0-2kcB4qfq}Gz;W9_BgBa)UlO^9%R&rh>?6zU!l-B7Nio&zMyyvG^ z%RoqKlzQ$Y%z?8lKRqm@ywcgs9%z`orsZj-G(y{wrqG_IP1aw9P-rKzTj)6HiZE}@ zt^ks!v+doR)A<9Nod5H4o@8B!>`B|*VTq<6P@I{qCvh_q<@R>Jn0M?wYQ&NDsj2t| ziXP^~KCof63Cgb+(w0U41pC~IqE=pw)XJWbx9yYbTf z9C?Z3mOv&E(8g}f>$1^hQs4G!8L@t+6GKlJq9h=1!`wZQKgLag?Nx_9CH7oZt@ozH zZs#pB9zyM!eU$sCeCL+M51uCSitdm^*U=n=UKusXb~^dePRN@SY_n4)2q~vt?jYFU zavo&}b}FGT8r+(w(||MqXob{lxlIb_jo!?!8I6z>X6BG1JH~5h_{KA% zY;t@BT2SL{mYX($vCbAO6J9OlxU9X`k#Ip1%@p{4mn)-rmT9l$$p0MnQFY!9kTFrTSAMKUiNP}O41o#`dn-I^wL?1?gc(v z5Et!K?Wi$wxs+1+u#>DIc_Gn|{r+7%i~m2ej){MSjw$=f>tgspz-bZr0j9Iv+$<0p zu7G{(MJpW#YMNnQKO}C;N+ZF0qQC@7a$vZgj3^qYA+H@8XH&5G_36U_wskvrGel0% z{M$3n(Gkr)*!?Z3#dZTP$?8kZq-#I0OL&kF-;|UHbnz1Fd^enKt%Xtf4{d-P&1Zk% zwHy($?!>tKiq%4NFzRn4h?QyOgWrmj2{Xypn*l$o>(^(;?poD@^l6UeB4hJU3^+E_ zS)qnGT;29L0u2u~y>m-X1D`;-yn(Max08;>e5rcr4=qhUJwHf%^h;5zr)hYA2kLN86Fg{UkIcQo0!$MU)wz({2ahcDkys{EK>KKeM)?6mZ zXO=qfPyA5|T&LsAeyT2WA>Te=aEP$Z;78l-#T z+jEZR-upez`~gY~@7{auwbm~dPG)o&1i$k=eGL;0opoP3;=6{(&FBeo8ZHbYKxLSQ zB{AeyYkwFZe6$CU?v%q7QNLjsT?P|K{y<*aDF_`CTmbsW4*|Kl2C- z>VY08A?sP+L@>sHDHLG*IfI$+Rm<_~Bve2w-in2ff_!!_H@{xO&e#?1 z$bPXb@^n1(i+WstV@XS~^nEe7)~{o&E6W|t=@0f1Y64?TIHP1BHUIhpkw+yg>*37Z zI!)X8`IP=A^XTsPy$7IMfo51Y>J(R?;DWZG?JXS)7V=6EHQ0DTM{rFQ&?$o!E?u`qYA8?UQU?x2pLFc( zWqjPj*t1zQP!7+d=WifMb`g6}_4L@A!?Lb@`rKAV$-MB>tD4(7|)Tzy?~*f*b~PfaDV|PU;l0V1!wsBe#~#D zI}5GG7OSo*=M5jfzytJ2&)J1uSlcm)HP2lUO@ndxw>-5N7=K2a9tjn?a1F8GjlZO~ zwYF;{usWURf=B)M_;0KM^h_)vZ{-m-71mPXpy~%&nv|B=R86DZ43cUzBS>o!Q7J~) z+v*VPup2z@%C9DW`Hc|Vm>-$SgM}2{N901&cG{khuo=H186Byx=rv@iB#2Gx!`mUV63Jc6feJ*l*Zs^qNf@rxao^r)Fm zk+L8wg7LMey;HCm+I3u-o8J;6{9E6Bzs1A4(9=AB+?6SGHT!10{5fI?m;Db?1Ah+1 z9}<7v^jO({bt~bj$-do-DzuN)Ne%5cX+As(bUi7?w+Lp-k`}={to}&=N1+MRoOZZ5 zX5m8dbYJYk`qG~NQ=YTou8dhPqHAmU#f4_p>Q{;i4c#Ri+c~mw*9JDT;iP%ws-zUy z9(wv!|AZYf7}+cY%Lg8)dL$8`qx0e!Y`vc|B7K2<(KarR}xyEa+ecTZuBZv@fS;jx@Z)(4&Ql^64> zUnbCU6;8PGNQxQ+hOB}Y_oii`{m2Zx)3n07Z}`Pz5h;Og=As0>lkPEgA&bcvhb0|o z$l>MG%JWyH_IJ?J3TM;h+H#nu>x=xfxo*M_5>bp{*)mO)1;5)qZmq8!_7Ku}r(hJV zQgoxL9Ed4MR|xh7SE-xP$KI8fyP51V8+!jn7T^+r)muFi`(HInCF|{H*UK7~i2KpI zssyDB-y+wdy5VCO>VIgaN8VVf-;NCLp{oG4VIX<$Legf3Jub`ou+74rd?qUD-ta8* zy`9(OsVaY(L|C8-I_^XlHt#;ZuD)u*D*xp0CVu?qPyj0 zPafN!KK5Z%gL!lX*Sk9qHGKkY6E-e*b`^A5jZ zo}bxzH$@SOje3$YWf1?kxQ-!{fwhsp`z*&l0I%l{346}rWcOUXenIhJ1q^52m$>&{ zdFR;}*ZrJlVz+Y0xl1tt_o{MlR(yS+jqUf82I>ZtzZSm2N7Zig(QoS8#SM~c?~E%D z-fSsaa0dFLoYxrK>Q_kD7)L=+xm!HepiILAvaJRT=ijZ?4(`v>u9yyvk$Q#pzEc`f zMu195ebn}SQWb50*Y#!Yai~H}7?d^Bd69j=_9tS zq}$$4s<$SbzEX4jL(W>~#MVJY$AFiw0vS<>=7u({_`LxU0L8Pg`ZWc3kYIZ}L7vN( zdsQ^C$X(uzVQXzO){aOmOb8wGgQm1IpF|Ekh?d+jZ7ymeOUe!-x9E}jF0^X+MtRlV zuSTYs19c*GRznFNLQ>X-!#pnEje-xetu)sNG6^G{x9hW*>+`b64NBcYb_u#9BvzvL zi`LZkkHm3a2DE>yALqd&%}m6dGo0wYrxaxhXWBi!?WHC?7s1d})BYa$|NC>l}OE;KkS@0F7f+c2ntqZ6% zMyzKb4odVA40;8Eb_IF!cNA5waOqLS&j~RK3uPX=I8rr`;h;2Vgzb1q2ws>nX^&$v z?^Xv%%IZ^ooG(+@d`s{qKH#W zB)=w18*hJZNJ#M|?6fezg7k{cme`1YCG<7&%PKo%vn~0zgPjjdbv(p3&@>Nb(9((X zcX12B7$2AG=gp!+H_6Y--;{`jZ97A^$LHG%SrtnRbtAYOAGl*Xe)29B&6@-*i&q9% z{_FaM&c$MNs@3o?iH%13wHyDRa`--)hT?HU>Ngwu(=-D!zF#w}x33cg3&kRc?*bIP zL-O$}9>OD0?1{H#79LP><-w?)!7F7Az{r8hKmn$y%X;q7yuOg@rvzIM-1e&-wT);( zhf95oL9n%!@;i7Uh!qTKHIkpOrAzuf7?u-eOvec7wd5IJ>4F zQVpK^cb|(BN-2dXa6p1JMB9PXgEXlRr&YpkgkuHf)=hOU1x@ZQ|Loy1V>w+QIXKZsn#V8YD_LJsVO?Lj?HmXtVwjp45|2 z8iTG=(S(L4-8tAT4_(zt8t41qJidLk(%H}^@>}AS(xC2P3rNKtR-$GqqE;oV&r`Co;<~BJ>8*Knw3hjD5R)Qg*dS;?h2b-^ zPN%|<_a^r214T$yB{cmyw@}lCe7@)N zw&ZK)mHVd$KdpNIdm?w^X zGPuUYrSciJ4M?K*wY27KtU@}Ui^$I!Mxhy{qsaG^tHo8&)rlXD~pQd zuz1vUOXG^FaJxlekh9}7M2VX-O`K3=CgzF+Cr@7DOWonnRgI61<3~@YD{#_y&5tND zTw96J=O2GzEViW%m0q6fS~^BOyJaz1u`o*Zj+={529wkAd9uO@XA2mPw6Aqi7!T~X zHyMivb`?~idHzrdHC_8ZFxCI{QixFGc+rn=p{~ZL9!Q(ZaE9d8gg&%xMKyJxoYh1I zLMNmqZkJJ35jZRAV3j}$t_s*1v_eg+Pg5nI3{bG8U1Vh9YERZC$Txs|WnPP|>xpE1j#b(alWkujYXg``?0&IP z6ql+Zps<3n4n_|>;}o*#tv?DDh}y2>-v5eIV%kKHB^|;b16A#ZN1e)yr2auIG94j& zs8Z$;WK5kSnwjLomOKi~w&PEEI_C#1FVur#NT6>XFhA}NXELX*DM*S4IQS?+kc3Mbo)W>UK4ifnz;efK%m2}h z0Oqqjx%@)nj*bGI{lnM1%zltC|10!X{Rob+EgdC=(lY*v!aEe6c!bepB?H2t^Y1M? zQiQ(z(h2|D5C8L{4Q1*j|IYlsTbttr=vTsDcy@OwS_0B8-IJ#x`kYa_uX)V zPn+f~_m_H1SJh8I%kQKAZZpH%OCw#yC4(ZSqNF|`;7CdnFyQCRevzF`nm$0sKu3+~ zu%Hwd7uR?zVbvY;wEqxLFT~G-9V75c?P*+}B~mT`rfEAESs&ZnEKABLcBix{KOZt( z=d5e>0_ZI$0PSh#hi;`y0G$NwBkOK$iibhMHt&bq5`>MFtL)od?~Wd;IdD#z=*L=o zyDff=$)rQ<$ozl_Iba?>T}R0z3cCnhUX)p&yb^x5<0OM4$i?8%)r=PC;xIf4y<;#E z_so*xUDb{_g@ym?{o%Y&{NHegn|sd8-uIQI^1H}&A6an9-XeJsP9AmIuDrk|LHug? z(`p%>5}|9q;@%;J1!nJday8x4?z_K2ZavELBI5Uvf#?;6#@xMzxVwW9XSEN$VbX~A zKKuh&oa?l7ool(GstV=6IQ`;lI={33=~K7WtDWAL{y$ynL~K{FPxK`lHb-Z~y`Vmy zPo+@up(75TfhqF6T6%9w)UpQ~gQ+K#3m9arf1LFpfi37r2dE_R zy`9I80XnX&r$^`Wxu>Uxm!Drrilr=|?dq>#30lHiDnE2h6h56tDe5Tj(mLoHwtuet z`Jj30m$_pEfr+iACi!@&agn_47j2-b|EODJb#b&Y2?QZ}ej#P?+TFb}^9*mz5vKN}}m6!Xy^abR}E^;*+n)>uuVt4LCQtRPF~Kn%^(}co#SL z=N(RwhpCjB&pPt+^BZ7MHeIAf6=WotR8eJ-(0Za&Vw`KaGVxW!F~a87x0%T3)gX@y z-NrI1Zn09yMKI~!>t2amJ;iB+zQhNXaUx-gz7SwG@*sLAGSfUSdgryWr9Hm-z?}s9 zj`(fbS>G9#>j5SsR3Ej_Tb2<@_~`mpTD`i&fcd$Y4tp09KOpFvxzpR4E%VfB>b6gqv#*?a(i-K+%Z8A*(BNC!aQ!=!GQqM0(7w)j zEhTA9?JJ$4ywsD;e$~>8;a~(pBfiaWYr<@ z^BE;P>xl-fVGj^GYUsnvsjbb@mZ2f@=wjvehvHXB^e6S#dJ2Qu4wk>aw1JD0(%SBM z^qVbfyI;JYoP%o&rjPk$|G*onC@j1>yBqoD_WJ+_6@u*7PpysJx#}3E&Kz`an_>K$ zCQ&|p9WO=y$u2?DE>sifo-vxZx{cJ}lV0q~75xu4_W!IL8}9wD1qCnw1L`8^MX5NL%PELMU`s1<39X-^QA6Btr6KEi69;5k9PX%k?_N5e`l}_r7`V zrD*q`HlFRfOT(e`TS>A9gmtd-W!vLf&(WyMWgt`O4Zhr&;MTrBHw5I6^MQwCfX?{t z{%m2`?>{r2J?MU+W;})$fnubbnpqZow(QJQ-IAah=sMG&GnT&l;meyAkM-@XB_fzq z)HRr$l$q{QSmA{|udv(2wb*%WlXiK#MRtL^76G|LiCcuM>+;&Brl$9hx}*x0Up}wp zPOrSe3?YF#=UJe~?Wm)h$uCx;HDD$?c9fn2u5NpiQpQ|JY$ntJwl|;=bH#34AC3$RU?m6X)tHq-sMUx2Z71n*C7#BJ%l9H0rE_hV9y)_-K{MKyL%)R3|oxsb5h&(>ZMf4%dUieub zJ|4axO^3(i7+CR!8Z_pa2ZU?oeA4loTU!5ciQjmOq!6=9dg7CGCO9Sx>&8;Yh6%tWO?Mbd!B2bvF(o={;!fk@5G1B$O2zcpT>b4#vh*wM z^9OR3?muuHM7s^Jy7{L=+CmNu*f5#=C6GTH__^mZ$@x6zoge>*AhBLJtcqG?bpL_H z{@mbh#lQn>VeEQdt(di;lr&1h2+B_Gs>To*-nStFOJ&F9dhUwftx6a4jY}^)K8}-> z8rPQ9>X(i+E}CgWbsXt%RkUB`SimBTlS zW`DHIJq^;FHepEM7bns_Li`Tbs~tmUB`=;Xe50Bj9F8q`P8s(A6ZM-HuVQ{PBw^e0 zMxbD*dWstj#1~gVS1~=ru&-V29;!rDnzBJB-7R@7ZI9jYtaN5B`?km4xUnmvng{WC z(@q^TaO~N>d+&G`fth}!4s?tglQs4Xdy|TQe?Zaq zp|>#3M?C~!8m(uY+vy-X$?V2@sANRY{xOoz`29mC!vyts|{nbiut=gyL{ z;+oT$gTVZ2$ilHyA;0_pP4SVrIZgM0hOyEsjEj`~69ZS3?d^P4mw+t2{omcyZ!zRF_mlE?r2{(V} zbmsw`ab;Bv{scNew2WzjA+_&By|@kMam>T|xDdh^@KTt*Ug1Q(&7*b8`sNa1URxHRt0-UF zv#GO<4&0~Q2(I@OK`*Novhn_rM&xOwsc}ry!n8TIGj8d2^MSo;)5}nfx~HgsD#s)g{)> zH4xYkHK0zWx2Dd314F{6vPR;(pc6*n*0ZHX2X8Y4od96K;59J^lpPkF3cfQS3@vPJ zFL#pMaC-K7@&=wy{o}coWFkTexg*LbQpO+aEiP%2^CoppMjtjmzpx1FnlMKsR1ZlH zJc=^+7!>E$=^%UDak%X-`Oy;arn*4W)`5kX)AEa7DwQ>sx_vn7Sl&V{EK+o_mj7nK z{PAOl6mz>}xaYd|(ayA_)QkuH{?Yl5jROEygId=ivTw)iwVD*9q;V1SQ-% z3je(F>4@$lT~*FDALHIxu*EK_E_N?qx5Fk?@>!n0V=<$+R>+AzspGdX_j`207o)-O znW?-nG&O3u6_?6~GGT#z?n4A7hN^ypgwGHToJk6wp8!r+FP7=RpTQ?_6OCMhF9Q+t z2T6kGZ)w*lfUQR(v5$Veu2UQGU_hf2(i5zI#O~G(^@5#LSavDI1-0INft+$I@0rJ- zeMTjA5lgW=3LV+wm_Q5#;w;=RX@|w*o2ZwyFNhUxhl7$>KsH0#%b_5UK?scS)x6!4 zJsJ#XV3}LI7u7=YXP1ChKk+Vku1Jf0^v_aH+*a{1v$yBQ`}8HiOuDH`>8T{O*N(F# zyf~AQq2Qik{TZ|d5{#j1=O@#y%!M*mUxvA7DQ2X0YDT}w8lIQiF@_f6BJ__v%A5UUv0yp_91>hN!5^D_`#QJy`>?$-~I9{ zv2vA!b2 zVm2QL3sJtt(WjKKqS&w6rtFRhvNWn)YU@*M?2FDmBK4Icqoz>GbNe|-u3uJq$H*;rnqAC^5w?Et$(8}C*@VJq*P%)Y{2J4S2_0KS2M<932W3~vJ5}T za(O<2g}=`Nz9iPVG6Ph1B96S^MS#2P`1<~~Y5sP-VMu`(s+1+n1 zZN@4Z-DceTUf271-$oSO-@*U1&7+=Sk&7R$s4KpUAL&&uoudi`O^`0h`9SM3pQN08 zT}bJLUm)buvELjDD3A6ow#u!iYV21ZpL`ctzpr2$7PW){JpTj$FV7Kfm&rizg7imk zz6r4s#*{rxlcQlo2DjN?oUi5eVHwwrE*YK*iW!`4U2Z+#JRM5o=TO-lVtScfGoGX2 zs12>vvyf?*rojeMQWmKZlY5`gQJsN65yME6%AFxX8T?XFm$a*|=1D*GvLR(It{ad! zycQKt%g$$|sBSgs0@T)VLeydy{B$1()f^KMb_3(+7bVtu?Y#`2Bnq62xh_uDpOf3a zqCzo0*hySbwDA(>|MW>+9+CvPPl2l~wYvdK+B>k~hM@sTMHLM-Zc?!=Of9>NYJVoQ3Z=1(A)ugqizx9=5CFuXgP>8tq+TuPywsEqi?_BP3TlOjD1) z`7ww(`D|W(qD5|4dVC4~3CW&UI~9XU3a*%XG!r>}sdnT#+@#^5g%3jpq*@(-rd@(5 zT<8y9@n~Z1$z@4I;fRJUME~^Ab<}HXoN+oBA8)(qPva+-Vy89W5h1AwUCRw9Q{~8S zzW@xGaiVQcy!^=^;KFew0Kv_n{mxcNK~po)K5huoycWgmBGRV2O#y$}>BVjF5ZdF@ zi@iBZj(?q8jb^bbTWi>mAE~z0T4r$rjwhLpubtXA1L}f+?LpSTrns!vF}EMOmCt@&)%L- z!ez$p#JOQ1uS5^6p(rRsv5-oa^)px}T}Q6`_UL$8~HOf6Xiwxf!)UBN45m?eZO zzc4?!bM0>L!@xupWA&%^?{r(0#9py2xrlkH)%|vOulknt_uT2bf~((uNX)c!4Zq1E z%)cIDSXMPf9eRPy4DQuP!YZjTTX!%H%oKwrk)&+|wu$R5!I~_3xUuLRXIuN${s$qQ z5<6?m_yTY8{8kzFkRHSrvH`h@mN{>wz_<&n#m-2r<3!`M(X7^DmeN@`g?tR1fId>a z0RzkfJF2&g-VZw<(9T*N*-9w%<*sWAiCyh3zR<3HKO5WjDd4I|oNAw;f#b;*HJ+5d zzI*iaW%T^OGHgipP(5`WR1!s5_2AZqr(U7_W9J4MNtQqn)oZ$tVVx+d1W&rVFgbf2 zCZ8wkCpILtOgaO)6Zzp`mvd|Z+m@5a(>9Fwq4i!ZU^79pBwZyA=ctqulgfzIzn%@c z28X9=N`DlN4f80RhUDP-A|Xi%cDst-^S17^dYVmESmGQU9%>xmpAzpNbv5=}8&=^Z z<(+TG=+>u*)^qc8jQ5B5gP$M1sq)wVen>?)IcZ`_=Bgq7Ts|jph+UQ_kH!up0XvTh zZ59)Mke{JYr&iNNyX}X+WcJGEwYQkGaX27JJ9sQ`rzCd0*@H!yKeA5f0}s!O`KCRc zQpq|TvP3dB9_wF|OIm$eH0x%N64ae%tCxx?^Iq}(_6&T zOoG(DBe5!_#`#j=_+gfx#UR7nCamDkkvK2u^a-cCq)naW57b{X58UtZB7)TDu7V2d;VPg$L;Ax;KaC`5dbFBB!6s1-Wtq zA?l4@RD`}R!*}Tn-wJCl21-VG=1_(9y?4_Pfs@uJ|!m z&zNClEA@E}a(zmiwT=cj0Qryk5!w znx2@|HWxMO+CtK_+sYH>n9g~2TtpZwNnzMVI=A_(J(Y;3oFXv%G_>|q@xveO5G|Jr zy1TcT7jYs3o?{YZAR~PFvO>&U46-rKro_pwbIAvk7vaB!Yvh#f(Ex`EtMkT$3TKkb zqwR=^)ieuT8^{=xz+QgfI?w9byV~fL2^Nq@V(+E=9U5?@oJ`!mMjLu^CtofGgM>wm z5l|ziM~B8uQbQqav^G|W)Q}X*+FQL(u7Nb=m%jS4Ghb*99i~eK@fdkHa2iK0)ComB zb6+U?OpP*b6lpZaef(MhSb9{d*w%XLa`LGhH8(fs<=D)-t<$#qT(6Pv*6{KY|N8Z7 zJSy15~v~+hGF|x z|DmjV93#DXiBNTQLW(&p#kR%l{_4WQUXf|4q}3}`WZX0&ieY+avSlpSmYjI|-c>M$ zk;ZfHc*@z(;9)Eqp3#?`-=WqIR+ZBZ78P&Hg+LBk1KEwr^&}p6DZ#bA@PJZ<#+EkawX&Uy(pleDW?`$-rMBQ-Xb_kqR3w{8RMz1kuk4Q4S z8f?3k5kHb~wwqC@|HM=2+$QM_Cl5vIB#c>!~ zG$Sno9k?T$lR~l}?KkDIA6H^m$Xjsi;WNq@eWa`UQQH$IEl|i8Bl0G~hIQM>Z`{6b z_Y!>JM}?418NADql9C4XXkomXL<;y6hcK(k2rmscz*z9n0U_q0Vy{E{Xm6?CjmhUT z{XtH+*EVlnGWX=pKAUOPi0A}~)-0l2Syh;J^qkN?Y`w-!LJTcVX0P|=8h<8npE1sW zYF8iEnAGl$t2=6T)NKiPQVGZ~zp6#;LW5OZM-vf_cyqaE`m#Jv`8nwz*Q1?e`r^5@ ziL=2NOjaW;r`xXr-cwL@O$zQ243b#jExHR%z6y8tru-E5NvCowTJAY=JuTf#a+}At zykl)Z!rH?I5>8Srx-r73hp7(_D(8FtPt|*!DAdMdK@eLNjmfZ7bYoaKf8c>9AaphP z>rz`lT|)%s)i&j<0BoOU1XPo{v%lE}s4#3};e_wxLHhl%tvAy$2=?MRW-u20Iyk8W zRa^OAp`AeUp@hil`=&GRuPQRr1F?}>HEuy%z{R%{Y0*@i?C@gGxq1 zntg*xux>vqBACEgW{HPqAm;a5zO z!{_`q_M&p6k4&A9;Rx@ojHu-(ub#bN8E;zqWwqkP*uTwyCa_o9W`#a;3&LW#l8cw% z!_>B8ZQI>6O?f}F2)9Y0^%v$u5E*5y(-?(iY_ebrl7+!vTRMA)z;TC&;IdH1-Cg|) zkaW5>sT|V%Q>WhdhUr0p8@Q|D{)NMDFLmY9Fel$xSdaiDX<2ck>bu|m+Lyq6;j=my zr@P2{O8$;|ZD;7I@EMUL;!LO*dhKE~fm5=c2G#+QaGed)u*s_U>~vEsTw)IHBX}}c zz32`mhpn>T+FWF=LfyErndF?xuJAq$nrA)nUT~5yzqq&a>sZ?4V`uC6IivL#S>#&R zh)7(H5#EgkJ%k6|SB5m#v!{IWNC?{mEeq3I%zQi;o@f55^u-zWe#y>lPiE&W26yHxH_+ zM&#hk@@;s1$|RWN$lyM@c@9*hOmc0o*I^o_w`Lxv?^%U+R%A6Ah4+-fRdgw!y~P zVDdME=p@2*CKwoZ?RuW#ymuz(xtSeGemi&>wovK(q}(i`1Th!;EhUXAghchSZl!Cc zir56bYLJ1^#e=a?I894*wmJJPM28n#dUdo|6BL+7F(lrA#O0z%b&q!+Q%3mod$YdW z4U*#5YGIldga=Ag40=}tTho30TKC5KDgFh+Q_dUHqjn^Vr5`WgVJknm{{0&{N20Lr zzbmfbO{@Yx<$b+<1gKzp56nR%O=iJeAMfa9jm7j=nlaf-^MFmiQ~u)al>pe{+cw7? zxceiDCxw0@e(E<4Rs0*_+Y2+36pBLs#tsl{uV;iTLzo9XRk~^1mM}0Vu>)EgP zis6e{^<)f&aqE?eJpTa6H1X1ahF*hxFGWVBm0Ynivm(its*vi_%}BnkfVZx9@sWaO zr&1w$y3_JWly=*$WYP9`lVZmKF%cG15ycwc}>zjd_nigACQuewd3 z%kl6*#Zl1%JX+Z7h#GN>`mvVe77j6?rXq4@}hO`WJ`PT-;KZWA~UYgC{}@( zI{6quEL>dpvl!bO;t%%9wSXnWqRVRGpHN&EJidxQbN=ZFh7i`kpdO^{Q>BJY@0r+K zDQ9K8?vx+seF;7%e^U0C`Z$J#WO7NhD{M(Du(FWpwNd+C@aHSZi^_M&dV*c=uh-jM zvX=;5x;{V>6t`^fvImHLy{F!OFsSG>`6x2J=GL};Mkw3oV8aAP{9B?9k1?2?`-8J?QpJ1AAr2Pwd#TMDZ_yAc#dbr` za8JsNW1(OI;am%6PEbJl@S+3uQEzCdW_)D*z5A71q9}5Ci&4y0w#S&Rn+A)==kKMQ z?z0KQt0eKghaZHEeW(2I_lXlp-P|QaeHLBaWYyGO!jMyKfZ{Xs73F=Ee~wh)zemah z_xIEbldbpP>zu)oOrKoXd48vHQ^9=wr-)n`A6I;fI1==V{%?yhz)pG}PHLgp1L47R znPNTOhcQZCl0-Ov2EVbo?at~@E0&TdcTzl zowQeWHTIS`i(mhn8gWwMfm_`I?)Ua{hsT_N!u*TDIl+B6ab4phP}%syK60b0H}kwP zx<#4^Y*Bx()r}r_tHyL~(psX}ZRDglz3+()bxp(8mUiXjQf?C_>Y(V=yQp6teDm=y ze$q}(D5cgGdHBt_VjOd&F$M3^YY9P11kp+HW|_W1`ZEW=JsX-tX0mT!7!-Bq*W=Oj z>I)3W=k_+!xuiU`dDL&el|1nHVKv^$MEzeYHzpaBRD_BfV&K6>U>|H=C!7XC3ywg) zN=U!V1(JIr)4t|^3$G`*ohpclDa6tTw!7PTw;FknY$O}#9oyeO%!Z9l+vA^ zkMO1p1>Q)fai^Bfk6nDFyd0YG;*22UCv99-&~NT6Qks-*EQX1A1Mbs4kfiYT#kDRU z*@QWcg^jp5emXFE zy_?Y{>`;o~LoyGC^mhHn1=!D1h0yE5I5Tsd36x5Iu8{qFj#1|oxiQ84x!n*wE&s^1 zB((nY&mMY7$q+?=!}vO+k6Fij(6oCKW4l_`6A~tvjc}tN-A$ifk{J6pvBLsAv>@!? zgQ}&2Ypgp*f&V$C23h3Qu(XCt56~2>E&*%#iQbEb6TTp<;R8=*`sXt{5mim_TvBdW z$S}&|Vft)K@2;;gHJqT!*0tg=y~Rl8u50^kIZjL(y8n|5Xm`(>;M?{*#6=k54xi3< z8P`#TdcirhE7>;uT0#|DEP_src1&yEwp#0AY~5R9clw}rlIlhG=MOHF5}J&lxg6Oc z4C2hrXE6JUXCxtPrj*+=WRqT$%_w{vxy#P4n-#i=kP>v;;m(SoiAm_E#6Q=zFze|$ zKK~(F1BBq>XN1oR!8j?6!QWv$P+j}@Q%Onp>R^_Rw)V(2Wh?r^5sNJqc3xnunoAdp z&8h5Oh5)VyDOC(BHr=!S_{vJFoem}N$yxT6N80&Zj(PTO{Q7PpK;^b4RR7Bb6r@6r zjUBy-@28Waa~jJ(XJuPZPSf8|a62*HLx{7t4jMyvAW6=Qj+p!+>bgDx^K!-ZWYdLn z5q{>8Rp;Z; zg8>6e8Al5>;?9E~hI5WkgC}XMq;>jSAqad_du@s{)D2jIvXOkB&nW^8p@t=<)PH`F z0zZ}S>T)fwC9Hi|{NQQPZ9ts$16z9W>4o1f+I}ed_m)i7_4Ydur&&@b-bmd#HqG;= z3w^E&PrRaB&+IJD)7#@tBYN$+5dzmoY}a5}<5^Fj_!Ka^ThRPB@7wI7Pa`4_qukEu z+25hx$QAs#we=tN^;EJ*nfipvd9q|5J1%TICe%{Y;*eop|4H{{Fg)#bt*#!%g{K&; z^HLa2)ArJo1C-@YFoVv_+qvLnm}BZOCu4mFqIj- z^I-PcKK%VF-Bf!U>?8Dp{tS})KY8YvT!vIJ;rGc)$w>XBHi`dourigI-(Gvx)_w{7k`^*uKK-QvbFSWXv`dbk zkU7Kik;kW5O6kUPAUNmZjXc8?(S@*5W3u8!_UB`e+-Fu9#vxn0?e)^0Flh#e0Ki< zC+3CwvvO%b+S9N>0lo(9Y=V1pCg%0}bba}TB_Q|=0%r^ingL7d6mDGSL;@SCq~#A* z(>2c1djPM0a&Mw;%Ui^%o3I%SnEO7xzTU_r9&Tq8Tc@p2GkeV2~! zsJJP>FYK?@|0w&T@DAqNzgJ7^y4LCL3}T-7S?XEdR~c0gntxGJ0o+%#26v3ll6J?_ zvfiF?ZEemE)LoI)Y^OVwbSnMm0lA``9H}^4t$aFRcDi5`t}`MkB+X)uAVnT;j>xgO z^74h~Vf^HjU_lLM!>5lg^aA_J6m}KcJ8xSqA9emZU!zqf$*o$f4qThK-}=&OGbjE$;m`u6JJLgfZ>pph}s)`qrNzo*m9c z!XVrYz=`OZnln_mP^M1hQeGOSCEyf05G1qZ7?>7;IZWB1!1RPA-PGIY)@;pGE$}y! z=hn=Q!5Z2&tY$jCW$OdjX(TYRBu8BwcYS+(v!E58D=7>7?-~Ht#T}q$ivW6yw>41x zE@4WU@lDKY^XJ_@W7Y~CGrC(!I{Hik64=Z`1MmXMTfS%FGSQ%JFiwv?IRw%MfKgjNqln`)ntA0MXN!2Wd8~9+;RJ_f0$KniN-k4#%OOEQCg&2V;+I0y=QVrg z!+qmS&7y6zb<2QZO^d$t84!yNBdw>*6NZ4`|9tu6Yjj`G%^x4jAH!z6g4Z1kki!DF z#6EbfxyI(m-AaLqr}poJqNlcgu<{zUpmK-s+)m)s<4wa6waa*S*(kC-i58Ak=FplZ zw=bK-W>7=V&RW<^+#k7uw4#Zobe;Zh8b}%H3-CvFtwsm1A0X72f@xgfsVF+#IO2mH%wrf7B!#bd2m#|T<1idZR5dNHKC?I&Q$;3LR|}uvV!BGxq4PsuY|Z&=7Hgv z{EUXlk-Lau1+%*OX2gkNq*So&9R!2^hQmTqEvC-fcP1InbBncV6=QWbXdj5b+w1dG z5?|{fRZyWTadq>fwFGYK_U&q?QDBvNk?@7d*f$ZOQuwL7=#%}&f{%?8L0u%GN<;iV zt5b(9i>Dt`B;3V)mE+JHc<`cnIP&G8?3TJI{S-^4Bq62tGM{LP@@^ z_BB>HN;b5B39%^JQ~NC~_slUQPLnP3_dHF=e3?+6sB%;0 zDZWqAkJYwCyLu;xi`3PlVgWS636A$KoUx$~DH67Nxdar37HFTX7dr`aA8R?H4W&$oGEr4TQe)a|;317g+ zN}y>649>Ia%XDE=hwd}C`YxGlh-fi5f~Et}{|az8Qf z@k3M(-us%JAo3zKULJL%o0{DjOXF8G7$Luv`w}z`;VbD4W8C+@ zV>%cG5^CXyqS>}#N3PZ%ZDWKVtpDd2M&a@vNYY-O2VNi_dJdgr@uP*wy3tU)Usrz0 zJzCLXfEXMV?O-&Gk&<<{^yu2XmZ36~)EHKhb#dP7Q;4G<-k@=WQ!gZ9|J}TI zuubloZqF7_4?Y4(uWMhA$BJL8Z1~$70xf*;H?fmuvH_9XYY86tdk+^%{0aC9msbJ~ z$kO33yj;dQ_Y^&kLFL^x&gJx!4eKYSO+E!M1;~D<49j)*Sf$)JqR3etoF+}bzj_PL zA;`d8&>!<~qJ4j(VF8w!LCF?JFVy+{9=o&Px~XD%+PQkz0u_u@nxmpPj~qg(KUCeB z2fMXPR-W%O&8=2-;wuY==Ma#Z; zNRB|mt3Un?3D3*`n=#2Kb??K64J+DItf*uXPLLIka z3;a2{c00OtRK6SqB>zc5a2aor2!-{Z{y%iF-GwcXIHM;6nT0P;=TrT zy@mK`(c=Ez7UWGtfd|qHlW%Y#jl|hOID17zwVF5~%N`-Rg`G@_1Yw4nW%duWhRnhP z=8a>mqrG&F5#Jh}`VCAgBNR`}a>h zCqOmqhb?ycTHk{|;P*HAQ_%I9&0#YK4QUU@ZQWArL(x4(KDIg-<&45TNAV>(vD55AG(lH<{(h}0$ z-7z!ocSgOx|Nr~Gwe&95z1Q)b_nfoO-p_uXXP@qi4qr8`y$F1N;EH8n?qR9C;{pT( z`Q}53FK3y|0uC4e2q5MB%G7t|6K_q_8|il!D)lrL&0(G5!^V~|($n`zaTA(s5rAWI zx7}+FOv&KTl0UJU>uumB*hIAc`l|Cvr)f~%%*0D*IE{?gYr;eSoeusH{&3R9-cgbg zHy}134g*%aB&$tR~q znTTAW*qi@lwlB^*=c9*{hl5b1YEukn4kU|G5?IX!WLG3+)13dbt!xzjGHOnWbTUxD zpXXEA<646KDV7lj!fO~&P6N8?n}U2+!%%;~Yq73&7?nKD@v@o1`{0jgmhlD|aKs`TO!#!QcoCnsk%k%)nShtds=6)S~XGUJ&Lpo%I0BNpi&L0b5+aIANo zr|}L_i&#^4&uOxj$=(L^jy#S^g!G5brw+DN5&nyGW%Sq9B(WeVfr>>J>U=dY_Jduwc& z3GrC^r3xVQ0KreY{rVTWe^<>@1{mnVjJApJ3rjwiLu8Ai1P@E&5nx=|XCnl<2>m4Y zkY7bCc-qNrsI_7gg=F#3wuFiOB14DiPZs)@pvoj~uI7winP%LKyzV z(g33oF=IXSyQE!NY|yP_Jo2t{yp%6lrTfuZmt;jm3i}LqBkT9IvNiZ2>-ulvOJmZk<_ksj;aw)Zq(>Bjz2yBo6o*$L3-XOWgyo1~rKbj=3l|a#B z_QYJqO;1Xo*p>RtmQ@f{_W3$5{}NfB{0KC zJGh>|7%nmvE6j$zs}iHMPR&taw*xu2NZZTI(>8b>J5{BOq9tLur^Qp39cK7~tO=69 zb8wkcvQpK0A9?PehNtf_KyDSvF)~~-?hhMkdhiy~G{z1K{Jx8w1U{TPrpR&-7I%>T z%{GJHJ=(su!WlfH2Q4ifTVs$4o2zPncFTJ5t2CD&QirP%WF%?o{Voh++Ralub-NgJYkqo#nXxy>?% zXN+ZYpuYR(_v)|T9&R|&;^ptXb?@y@kq@XYHnFK(`c{h2dxDcDEqc`VJoD2>+gQsI zIS{wFo2uV>2a{RSyoCWpOCC$=8tXKBNP{KuGM+-CS4TWgdryy~=k^T4R34rek%ffP z7#3*FnO-9YH_wfp>dZeWLVa%bh)K45oTj1nUI-r2V|!~0&{54{glt5{hyJmTPk~0p zoK}XIn%$n3Fy%_admj0o>M1aSw7AZT?))<0b_EL4bGUP3KsP_s2a-ub*Bv+CdINh5jdWlV?u|j(Og! zLmxln+v(ugfe+1QM!I|c1H&2YhBU;HO3;X_o*fSU1HXEcNbg;AymGjAvVZbvIekMC zYF+JDSm(GG=U|U9+~BZ%@d%BQFC?t-?ELc1FZ(V2`ItpkY$75$1 ze2;rNRl&6a!DHf+iVv+u+~F zX;?IcsRh#~$lb`_HJbO5E<1WiIb{Wnf${1$@snp)3Ih*vZ#Jf=;?e8;<_lq1?MqM4 z>Z`7-9AQ;$C>@iuA2IK)w6U(U`@LDd6cepV_N_BpCfKe8(MZIYqUK55G7ZK%=1co_I5X<~U&{gKx?p&GC5? zfcfy*>!#V|6lSXJh6_9@w!LAz1ikzXn*P&iHt#%=W?Fno`!hNS?GyGsc*up^KEr`1 z_8V2*z|2sraPOGlu;U14E&v9ji4_90{f?&8xK^Y`hE&7wBOMb^U`l~MppJQ#Ri zNN%!t!Cf|Mw}7|J3x}~M^~DR0Kv$MvxF6eUD&k2v82=xHLLCfn6K08xX@@r3 zhwIr5@VMA_=g*oVi+WH2tR=@=Zx-4b2=&gwW1Fx?b=&^?c!>UQ#k$T zB)@8MJeJSR1a*0Db!c{+8VSB$QfdD< z!=hniJ@5|VYQA3XIPpxNmtP7fZQrUnL>2qz0cYAt=_AKEdPn|wH&!sf-LbB#H49G< zQ`1J{Wd8vEf;$}JL+rsw7+x^t(1Iw@zy1zU87YP*t%1B(nokloM%?wU(|^BaKwgAixPql{c4+h zHl{g09hf-)GvPXBGLOd(Y2&MGQ@BB%*%;lYhpnj?z(QCk@B8%ktH!d`+3OHjaK7Dx z3=r1dn9W|$yk@-bm5S9Oym(nWX882V0pg+<8#$aSB8zlH^d+NoNm8=+0vY~sM4RG~*ca3&~ z?;6>~+~D`r!ImN~BvE{MHct4@a$Y@+Rn#WB(hc{Ko4!#bA+_vnz7g9HOYtnt>$Wnf z)gqqF6e;>Fa5_8j&B@GqIXsVI>-Kgq|F-Zu#_D=?Z7I5f@IgQG+;vtx2vOWFtN+0=_v{4Go`4e@WSK)f$R*%z~txgIG z2wbNk0?H1A#{21}vO%x2C%0iO2it0x*48`sQ!zIrvbWcyTf>I0RZW9o(4w29Ry}Io zypkZ72l0sNTdmg;$LPaF!k_BYvYo}XVR(RS6!m%LTr@S(_vJqB@Hw2QhOFL zFZ=qJu5CXbLZTxcI7=U4F2sQ~X8;U>r?hxh5C^54Ng9qmmA(3-+}>0Zus{FGU`g>- zu=h#~NzPUbrvFI#mHyvNqepn9lH~&`c%+9rsHKJBZje_?VBn`)q8UcV#}+4| zWm7f?jT@Cq6AYxI!1txIMVd?5Ea&TgTmT9ev}y4MpMayADaa6M*(M{PPiNu2fvdbUoqqp#kok_L}{es2S6=$IglJ7Sm z&yiSDf}YIL%xK3t{PI4od35q}3dV#fBej$`q{b$#ti4B7egFI~_r~uXXjQ z??|~>z>gmoJ_c!DN+{pbB+4DM4exgA|462HYe3+g?usmJ(DOZjCjTtP2UDF3?V=JF zzde`&*ssPcKG84W=)ETy!>%H|pOJQVZ)NDA9j#@KBK%_H%;s*oQog-6UBED$ zVwaSW;h36T*===>H?D{_Lz#5DGGhBZ7vWjvfPy6rzZ<*g3@-zBlw_Nxp2q%kdWYTi zbfb)T4B)Iw>;H!Mp0x~WmjJ{Ac~vkm#YF;;JKUerP%S4%6L@uLKI@y}xv~SeB&v1) z+IeiSf{`9eKjUD8s*7~ejq_)FC79*@##qbn7UgwnzS&WxmjVAKsF(F(I&8Xz*PP+n9w!3Sc+A2-xdxYM{OF3OOn_IU2H^ z@V8_srOIhe)&w9vh{=0K%Y0!r?ilV)pSR~2ym$1-B4Ee#Oa8d)77%F zZi%W?Cxa;&yq6UJM*=#p2-0RtQXNgeOZ%1rLfe^W~t?rEcw@MsJ@l-(n8XUQJ^vUlpg z#Bz?mzD5F?x{wUIW||l4)rG}9HRLiSYx55(?iLXr&T7y2?_Q8qmk-vpCWv8-8HN@3 zz($HL3?&SQH6z;auZ(2dH2Kb}1)a(_mC#&SrkEPkZoHys?)w#Cbpl`WURmqnGz6Z`?8mv!=ZPw6qPHh^gd0p`_~( z3hFITnf0Kzd8?ZLZWHf*Pfs%wSGDE-`(G-uziDLZL|~LSS}V%$`~TAMwSEn2l;Ek& zshq0a#?*L@8ty-viZO!rckn~r^TJ^6M+R1x-~N9o6k!Br=BG&-l)ab-DBx^eQ*3SL zHlpTeZTC3N;pJ@?=Da99lp$pFhi!dlDk^t`#St4c_QnldH|KD@DLdC4T6&Bs%0SEA zEA67+or^zHRK=qsNzZ%8SNV9euSglTnoT1~o3-606FAZcR$#?f0$5tl)BJTSLP-r!LUaP0P; z9m^jyb)ZK40kwUo`b(|k#$DjeV*0VTPW7MUo<;=rA6n$Lc?L!r&JDgA)w~1~Vt^u_ zA3_k?pKTI)LZCHK$RaG4mz)FXJdJ%S@EX@aklFFShwJe5CLaau^+h+N#Ws)=AgC&fjnYdo)93smb5C}Y`+x;A(xMN zVSh7&Q9=A8Ke8U5Lc9QFiReaG@8hCBZUM7OoQchd%c}#~)TZ7uM3w`EPfcJDW((o6 z`ZYVVsOUTxQX0yj9osncF2^^PCfFbXV*Qb3miTzIMldd6CIN$ZIdr!Rbg2PDqvDB- z%&c=CatNy{US7PfeE?iVYPqpn>s0*#e~)**Y7h)XbIKBdDac1ajv%MPCinud>h41h z_*J;YtgoB@W`Glst60D>Hk;hPrW|I&@i1bJ&Tyxvk?0wo(T)uLnOtiQJZp2WYt&t3 z5${;+_TWJ<^9Zt*e5q+^#$GtIu$3TNA8x=nL4f{7?!E2GX~2+L&PSQzFIlvfaksXD zqY9SsDQ|vh#}%JblDcx!N2=6}Xwv(9Qdbr}M|z+itj(A-cWd*5r<8m(-3=zH>4PTK zo)-&|Q+=Subn4QsIsJ>#s(8SNEjN3tE;7tg9$o5O)I!{Un z+z&|10WHIz+MVBD9vKv=P)hii2V0tOHu)$Rf!X5Q-%5&fyL%XiK^>an#2D~{^sM zDe1zora|80aPSET5dI0!MQNnVUU76_hFkO zva$`YQsV4|Lk!-RGH&xhdBKAKTLs@Fn#Fg6Q;n%7uj9qs}?l3>id+%XI1d5kY(^!IPpLct!m|7F@vtg~a{WSE-BKdA3IwoYf@1 zljFryFvsu(DcqH)4WSCQ>8&sFoFG|_qv)NT>LlDRFYEm$^l)x(=mxaK=|dg;zY+8D zG+5@sI$XzJA0!fUQTnd{FMt-hxYV-gE-T)7%_- zsk*Pd=`pzcH~v2e!6ORf+Lt_kX7UKaPLxMuuCB7fzva@L@ElfjpUMP38%dM+K3PO{ z#V~9-)hRe}s;R<7$Ub#f=G*oWo*uF6Z)t@J_QflBc2iAwNYv|FG7Z|fK~+xQPh8la zKT@B0sLK?Mh*f1TnkIYFv^l|{w}oHiw@EHoC{z2cy0Pg+kVG75L!DZ3Et(bnnYHiH zAe3J!KA8I#W|83qnIfA={bylVBxmnXGZad}__*;ok%!KboBYL!Nnb(0W{Z7NJPyby z&a7?eECnFastCh&&O@pVWsq5I0V|4qi~`yUf`Qb2c&PWO*K_bH-USU2JCZSCY&Xnw zEkly9w3xAm*{7s`U+hLwkl>*hQxC&&GJUdTM>Y9X;R5h)maNbEK7~v@e4xJWBs11R z_N(FR2+U8NDKE!WD#?M+7b{}bxz*r$)pEnh+N$x#2Fz-4eIy3iMs6<t(8dWePmEZwuRvS$fLr=XVnjzqfmtKwWyQZ?~Fq>M^aHHlWBAlqLVAQ7qE zh5^w}-}j`zK$#6_3+fR#C;aof6V+CzXvp65QMu4sONzD;Ww{;LJqdOvK>0K5Yy0i* zJNT;IP_|3Wc*aksjWmnu{vCJ`SGdC8bFzd~+myA^Y<@*?rds?Yb9Tb<>V222QwW3B z-PyI@gV+D}mkJ?x^vL&l@=EX7=psUoxAYbz^G5jej^wbD_eQ7@4!}C%Ms5)hau4T+ zouxk7Kqe%FJbw;zU+#7P{H+=CtbHqfkj1C4g8*hfE-ss-6%gF@NLE9xq(T}PRl&Zh zfw1nHXRp|Ynmloa%on`WvRS_NLC$ zACv4}Duzeu8!PhR>p{@H2a%=JS8wy?t0FRH&)L=y?gC}mNARWZ8# zo__}=dJBoEER>`_I5BOC3aBp!)4Nk<#Cccu4xBBJJ*B0kYoF($(4Z$vxums&0M>_} zeGR}T#~BmO8lGs=YT#9FVHl3fD`AXmM%-u6{3tuK!y5o6D3e_cPX1p}guj6?>4S@P zg#fn6+a+2IUFDVkdLt7w&MjEV1@ZU!5X)XgG^U)6_Jk!0<1Zg*P+z>S9|4qZ(@Qw@ zFt{hiSoJ^rZ(T-IVV#Q&fxAj>rT@gk4l1*dmg|rMSov3UPp_<^jt+clC6_49ttAp{ zeYW|*pV#n)rBRV`o9`Hec7rMP|yCVh@&GlaJPeRx@x8~StNGe z)r1QaH+O-gX~O$Awq{_Sk!4`gBsl$C;W{+dK5BPy2WMy_Z~Uk~NAOf%Z_NAYqJZ1? zt7ReTt%o;sv3ZBd%Tu)9tN)@V3WTY=3c*vP7|Q0r;UN^FV&gH&8hVB_O!FY1I`u!uqB$I#^kZk;+{?WgWH)STw1vBLSDf<6A4iLD)B!!N zbpDfYhEw}Ou$F~e8lM7XhlDbQW_B(Xj?&}P1gVZ%G>?^8Iv9$xrxeqQ_?J_aK*QbY zIOg_P_iFVJR=da0Zv7!t;jb>&XEuZ_HWVCPlkSwKvK|rqcX;JMHfB@uPH-FaVB6w7 z7;qwmT6>g_`^-lWN8~^pIU4(H0>i;Brhwg{NbIS1fT$VAPyO~c_-TMkDVFT6_+=Qs zHm7lsS&{jz34gA#3F?Y5>cUAUgLhD@cGS)~Br#JP;+LYFDX>3R74!{@1Y>n`pgA%_ zhiHYDWZY`#r6OAh+9t^@dg>tE4X+Gehb(K8o)tI%kYnm}Z8{1l{}8&bUQw->f;zqZ zArS4xZZI?X)d3CFt9pUVy@SVNHAeqP)D(oqf)K#sXCYjJXB<@EzvMc(7bvf`6C-TO zP`3$3x$px`*)ytsa5rk){H8JpZMe`q?fx58gmC)Gg>!??Nx8*>RdV;6i2R11A@`o> z$}|N`G3=d;0$Yyz;k^B;=$a|RVDLLeFlIFb{C@ZI>DnukL5RQfO{$6vXWW%e$oUO8 zM4%`fsTB%}Rz7MTx%BRJ;-Uk|H}RIk+aNTo<-1#E!i6v+rN=TOw^Vwm8F%O|Eh~ozCAJ`j)zW3bx9ckC zExR0d5k`+)>F-NLYJ-g7N&cYvEDo{}ann12%iD7}nX5to$+yF=!J)bMM zWd_So`bUd;RUGU78zdOIx*OTz&45; zCw$bboIo@g{=mXr)(SFcalB@K1D*d_fGW5=|HCU`wgbeqv)T&)K8xvr-5AJehF);# zhvT-*dAh%)QV&$Gg-a0tixFriH16y+Jh$KW(mNB3Ps0m^7CMvXfUQp(=#E8!f{543 z@B%R35MfCTso#h}x_aWhwi3H+n9=4&@#OuzrrZ&J0pF8gJH zOY9oq<>Kk=l%DqyTY9TCJtwAFx~C5Lx8bIbI0wNtwS)!P3CRQX$UXb{Kic)jWZQ1- z(~MFt%Q?|*tR;~4y8Jz-NZbWfp3Z*?m$Kx^$S56(ph9Aben+4SmXRw*?W6GW_K%L5 zvxr~q?tjkwH*#G2amrikPq4UHJmndLPc)W~1_?44XOpE9g-uLMG^ldr!I_cc2!f%Z zp~v8BYkq=r;HIX#;N9bnX;|O-u?=*qtk;W5b0E5K6S=#9 z7Qy@n2KChXf5n*(Kd`m-@M`z%wAIHMNn#*(I{B(11e=;a1O0&oU>th`u=m zKL%({5xA$9f5sa#3JBNtWlX&S8{ghs1ssx%iK!DATlF!QGc`-auW)@ zjW%${R$Rmt#C*M_!8%CruEbx;P3eOG=3`rGrA$&+aH+kP(xGo8%Nt*u>NxlpU+=wj zGmx18d4fSn0Sx`_@?RW|fV||^BS0$?d=L(*pFR4q)Kq4AMn;xK1dsxP38~aYJ@RMo z0q(ze)&Pz+Ar=LEl@?{bgXT09t_hd~f&CD$s-Rl(_S*fW$lrE9Z4T34hk_cmiPqPT0)H6?Es0W3!>f%KCk_r9gf=gY7EXFt_5fXQfQ8BF|p&s~oD4zd?S zMJh_P7zu5#-ixy)#0LATtZR3$%|xN;cli$sfl>fBJp_nVc0ha7yen0_wI7O8q-q4b zK%8^gH1If=7=*6Ed>7x^{4pSWhN$nZ1Z50PjqqkZ@oEC_0sxLPX{*o-#x=ouggN_P z3ym8`%vUXa_*Jxbkr2DR8ql3|h%OL^BPH`D^%nwN*U3OuQLM%M3A71jNo#kl$v)TB zz@(W>jeXoXUb6p^c6pb}M-zdAG-QYk`A+r!WX@7S;35L5EN;l^SdJFs_42;{zs?i^ zZ00d)4sQS@5V|3iB9DYCUPdSuBYUhDkiKb63}+#YoCXUhizZ^6+;eefA=zve$KjaT zQns+T)O~a9>NboLcnD*pt&?g@O_5~_GWc*X>5nw$>?^*c9F zl=f-ArxIt%e0Xq9MQ%63|AHpCU{Vgwcw17oQ7%vKn>#2%>|wWyG^>a|a+2!~Xhh6}aA^YM?ZnD=4AV!q$$r#zG*Vr>>G= zg^75{?`v?ik=?p}IUI-an z?&D`;WbG%YdRs3cli-n->(XpuHXUPjuA$G*)3$W(SHr)1`!6^beu0jZ@f3-``V6q& z3DgJE^R@*7b+;=n`aBQ^Tls5}dI(_Rshr0jh2ZE$fj7En#9=qV%^#V5bCSWmFk({i z{Ym=sSt|Dxit#Qqhh+v4Q3$k9Qy>{+T8JML+=4vs_i58BDSQgykdp->v$i7+2rk5*M%Rd0IXdAuHF*O@GRWy&}55d`DXYo1R`rf7$r-p zJKo6lOj8%179s97xwi?9-NPzK_GdyiwFz^8(jkXxQj)lu>Zgdy83mJ;2bem!Th*wl z+m25SZ?#TLHdr1!y8|BU{hz0kq`9{{m9|W5F)^fg;ro=@u}mZu>|1p})c@Ho#&rT# zl^?Amc#-tViP^P9L*=jFPf07|kp$fzu$*t-(Gh@fZ#8($vYjyTj8lp?jCsMa+NIM4;tMPeeyZICW2{h#`Q3+C5*A8voXj!8P^ zknzm>m8-8EMbH13l?X?|AYfO6Wl`Xw%fkM>c;f%K0Khjl9w;C_PY3029bANUX2!OQ zI~Beuc-8r%?I>&0XDRzN`KJN9&a5X@k9Q+E_W9t&z2$!%_R3Szte;G_VXXZp#rEL^ z^N8~E4C64SJNt95qIWp8ZlDDF%yJ&`lTlMkTECeWskCd8cIAOQ*#0bioHWd-Yh2jU zX5--r!h{V9rS2))Z));p$|5`Z2k#-@={$T>CPjn zPGZIq3q;h+1`rAq@>5HinL3ANItE`fbR z7lFva%+1bb0p{BZD-pPRxjx=~6@Rcc+?gV3d1Dn`ne?jX?wqN{Dl_1%_$ zrL(+=pUk7oY20k4C!Ofp-4lri^>3gY-gy~=(Z4J9oGf_x#Pv!4!4stqnCz%u_Q-|h zH)!h59X)dfSARQwJbg!liNgYTG1s>7?!I6jQn`VmeMSw-7#BHYApna~C^&!b1Tt>? zOmcz`Q^TG$azACH|NGJO!Tw4Os)uugk`B7*>8h%)Z3XAD99w8@ONSj+*e}D*^X8i^wM6sjo8^o{k`63epWQ#wFE!(Vm-``q^KxAT*g&y%LhMjv2 zxQI`3*r#6^s@(Ls8%0m``gUM#Z?e72#har?r(;p)2#tWn$t_u$Zphd*WK=`(dRG2W50<1 zeG4=mJ`aR3r-gl?&})T&%=kth`Vc9WgTfgoD z@u_>WO!Srg@Y$bJOs_zA^*3VMpoDV`8u;m%>IN@t70PK+WqH1%BWdcXm`Xx47M(uzSL zpbXh4id=eq^lZa)VuJ1Cd}xNpuIY#5XUj4cuYMZ)-OE7Lmyi3YGQ^hccA1@7_b#zm z^_#p}__4=Tns*dS8J=}?mbqhyL{&`A~YU&)hT-Ud;KV_WA7!9DQ* zb8wn3K!r~q=!F^IpRmu!;fGb-X<%fD%ix6wtO>4HxXrH3WrlT&YdQv&y?b-zLHlqQ ziM8KdQxV_#7w*i9dVzKC32%{n0*gRIj!zn>xL*^8k;1nhNqd_9^VrMf9jT612NqT) z>o0F``Q-H>1diN1&J4X7{#C^V_Vm}4fE$Oexs+eVCu`HI5MT>!N@3C zOJ_7iW@qi_P-wojOG`fbBGwWs_;>-UJ;V|YW2Go5d22_dHWg_%Ul4PDH$}xuw9t%`HCm{n&wrt*oji(oaMl%b%rhFcGWQbXc;`1DleQA#tLrbHhmX+8GbpL?$V z{R6VEJ*cReMW;;6AU(blC*BSR9UT{_d=d>ypQx5T>B<5O@az7^+is~J*MWv`9{67; z1J&GA?tQ43jPKJx`-1DTK?%JO>$CLAkJQ{9$~32R&Ub8zyUDo6vU#J_{(=+k;hZzn%(cf`ln>Vrns%JhZ|$oZ*l+NqLG!Z;=4CA8?P?IYNT(SkGx6@}5a|18Q8 zP0FcPUhU4Br!6f*!7jAf^qHsU@^mL~Ex})@_SQnGzGje#Q8WIoYO7!I?Tx^N zi}5EM=;F?H1g&Zd>gP+%73n6UcAplE&hsIp_7f25eLTN8;g(Ps25u==#AuF`bVB^) z0lijLlYXsFSwn;?+T19$lbYzfq&;F7Fdg~+f@~M4YCHd3RZO(dH>U+GpH})6Fgvg7 zTRPuq)Z;Phk4b4cPpIuKQ3{4<>voDU^{;QaZ#Ie>wE_d`T5?30j0 z|7_n#$nI{BfE*I;JeswJUMJA%R(~;`%B&rCQ)M`@S-P)?9lok>eBm7GO1@({jJJD2 zNR%X|bFJc+*zos`y`%PRC&^BA$zL7Ubn$Jqogcgpe0aasK~L_3+S|;M{gt85(%WZ& zK6yWl-4q(SZ+cDtEcUSSo6*tyd!{%Wz?p(K@bywmOch&(bMx@1T3KbCWPc_-rUjR7 zKxBD2E{q4qG-NdKS&y%??Jl({3P2po2`d0f^CgIX^_>x0(bfJ!tK$xL70O=Wy5{^- z%#)SCx24$kd801Blzv#+7d>I%fg|=T3@^On9Q<)1QH%0NN|&L0r)gkRYW zf6fbfcwA{;<8_|7{o%nuUlmh9wJ@%Q6dZ2#`(#PwU>Ju$Y{Zi_O#VcAuB5V{8js9*1QZ2nb}64Fs;(w z9d?}>^EJ690k^VhJsuJ88{Qb)aqm7=yuQ3gx#(XOrUdnbq^0c**^23L#PK6GB&|DN zFeWVys&#NBXUE<%tKNthM{mNz#+PKLXw$4%mB)sKgr;P@ZzTyuwk)3o(jbeIX; z5bW%%TU~q_DJ$cV>wmmd;7)UtwCts}Jyv_j&?9&m0Uzege`UBv^&=V@pm@KuoD}uA!n>-Mr!M{YY1TADu>eYzUGwCe-G{M8yL&lO zRW`fT?i;rblZEdaFy9GfSt1kvmx*&KfQp7QMTzbC|ZYbqj_A6%b-PLPX z@jKnv?w@Rq?7{65kDw9jsN3n1UmrY(vw={de)A)d1GYVbV#Dlj>gk43T;nPo)|66~ zJu)`Z38k?)iuEI$Q|K}%eeo*T5Ayr!~QJe+d326A|;PkSlEHst&EhGQRDzahU? zK$qPU5n0`4tV>_`!cm8fgZ@@M2 zedP_k4tq#Dg#GaOc@y5s#V?F=0jW0gANjO88KaNLdX}eQ!CTL!G05C!7sUxz8%^I{ z5CTK$v;3}M0ct2R#cu6bhWWGVE~3gCc@FbzPI_ZU_@F~h zlaPcsd&arX4vnfDD=Rwu6us~~oAGTsc8gd--0owOAfjVvgxgK(*}1}rhx((#g86;e z-$HjWCb&QqjHlGFss7>+De#~)Ac>1qb%sn;lct>rrsCL@F0BJpmcsmCh=TC5UPW>k zxWX7;7!HYo(kLjKrooTn1j@Ad@MI7Fx;FSTB+9s~=IWK`8bb#fl7>gq zR8(0Bt7A+v%9%RCGG2|lI*$7K(v2J*#p@@()iiuVaqrr_P8sk#OKghyx4;*X#TDn& zz&d_Q6igm8)l`B*)BBMZ!YXrn;5=t?a3-UV%IBp5PQTfYm20-fa)`h&`w2JfNA8*W zZIoT@@Sn%x^vo*IBd0oD0CI1>uD8-v&2L*|fhB!$SEscZ{t{q{%C&q`J5s7;v;**h zgzz^J2^BCUBwvQf<&`n)@$5b?+XS$ z4c}qNQhI&Q7Q6m07K37x^Z> zY9#xp!q3*$h>qG!Pcvg#Z$Rp*P_$}XTm2;Wl@Gx^B{pO27-U|88CKf-^1_n5%l%Z# z1WhlP;};&OjUfq!g$_sYPySyY_D`jHT)>_NQ)DUD^|u<%?KnwfADlD=zS0;a_9qKO z%jh+{^dd@s?m|^gMa|ma_2v4nh^xHs?h1>k5lGQb8%%$@WafCo4%S2y{D$;pp+`O` zlNeX4KLkqmw3B0(J9*HVmwB7|6QMP=OZ#i`1|&FvIZ=F zA66?QKp^Re`yNW6{^2$@t#c2+YogSJTz6l_3Fzin$$Y36a9;hz|5bU_&&Pv#SzK!t!m^aLfE zdnHit2yQ=e4FEpLz)_`@ujyOg&}RIURF~cvu+pjE(XQyep)JQPY*i2-vEaYxGbW%l z(OdHTWldeMh6%eMbzt?REGl#VSCMPZp1=#yX3?+cRHfXBi7l9hHIT*+JC<_Gxu(N!(2mlz+U?_1eVjK>y7lU59 z-NEqbw5=MOb&Kwfu`%jP+{a$*ZqItCu+zZIPws4A@Zj?o?QSv$rN6tc0d@Y$y?HqI zF0cl;f`YI$+ee_l%L27un8A^LnygQWEbs-~UH%yRgDX~cR&s){sXpK=6+4{{=H2wL z9&G?94&iR;%x_*gQ9~@P7 z^J01M*%H%#SGqAFtwBq+@Zw%Y-lWGv-hDgniPW6i$$Z^)>FsMinR5Axe_ls)P{Mk} z{alq3Hz@KPwOHTxi${!^=J{_>@tEo`7!kgbEm^Nojc2|rP=C>~u-F|kl}1l{{lJJA zmM8&tm{i+mc-oe?ZphM1Ui8^|{k!MKAz!*ibi3J(Kg-u?T9fYLxEk@WPd7>5tAwIa z1Ku30UVe%nYdwy#%6LlxesvwpAC}I0`uFoI-cSsB#1%RiCzyjAD6{TUo=>gN|Exp% zKH&0cq!OakD}XLQn?7)YoM+zov1@7+L*mX$*~KK^l?SF(A;o*rOe9|O`}rS;oxQ@Z z`0QjmEat+IPi;qA)1yq7q_wB7n!h9F1oAKYkd>{GF&34=B!=!4=9LRK>rV@3@mw*} zq!|Sg$I-8L5BdXadk(~gSwUJcOlnIqghCg>QsrW7oHJUA^?e5u`A`$~1)Wz2&5cW) z&dfb-X4d~JA;nNVW9|lyfkzy3=Yn_f!*Uw9kWO)1Ntj$cg|jSt=O>=Wpf2(8F>>WTqD)3=V& zfzy%@2ujD3)ezrv9L9bnKM?P^97NFYWkvL^#65ruL^~7>CULODnU7Qt`CLDkd9u6m zy^goXUrVAq-7OAm-EMiblXZISp_{u=x5nil5I;?bO-v`^`1R|s6_M4?e=2`%SlrK| z;?}t|%Ay>~V)I-^-q`YTarrBIq-}w&wi8UI?fVnql$#$zon^f@!}E8S5*WXpd+I2R zCmlE3sd?c0@=w#?0>1hohisC)tBT0D|45txMR{|Y3PN!=I>or>&HWOyVJ%KBykNv~ z?TRz3;!VbR-1bY)A1pbwEMCgvr?m9Etn!T zrTE7{nw&K+w)p#e%az@xiU3jFa_mvtBW7JH{YRiwF_!eSPF17tn~~M$WraI*A0>%n zCu(?+a`z|Y9zBdp_8WYyD--i$T14^(C<)K;YcdP6zVK#$=k8^hus3P@#!mWiB8N;bggFzND{Lv0C5_rRgA3! z7^z!%UMV(QUY)1kWpY7o?56AcJm;&Bs3yhn;_)q2b=Q3s^o){P_r=O zD_uE>HxP5OJD`@`ZC_$}MQ|6?e@sh687NhFkPggl_Ul&p#pfI$DbUQ;!%rmXH=Kux z=HcDv5poko_vDuMW|;S|!2uo+(eCk^u2z?m1iw_$>rkG^&|6)fY5CoL?LJ;1!my@Y z5yeyhF#cEeJP%d~=7fAAYG=Y&tUx~j7Ab4heqQk*3UpMSB<-AAXzb_M0Byc_(5f~O z&@Z?Ol-rTb&CR6L6;eXiVyM_2SnCDYN@^(;xVTeHMIFZZFEu za9zxXO$kGXp>{dh?G#}N$Fo!Mqr7-c0St=0bSEmSr)s`a)b3H0^85F3P?C4We5H(1 zt&Fv6Y%Tj&QbIV)$3<$|z)z%8U9MiiZ~+PkcAc)6S)=@a=z7brD7!9fc<51yp`^Q8 zQbM|0kZz$v(SW_=ZJW(1Syq;y1@1NNK1RdE z&iYpdvOHhfw$q+$1hUHd(n2e+=s|u*fjEvmD-*h*;K(x) zO1CI4r?fF52rg$9^8rxipJDM5>tFnMA-{#9@eQ4A(CVc6pZP1AUrkC>nGr@TS0~HQ zuT!d%n`O6>Plkc*_3g>L>qLP(R*^=QVF1K!8H-ptARsO-zf(B(UU@wqPvw4`2)xUU zrL}anbx2E`2y&@pL6$< z5Wyf16r!)3q*#-s2ZuJGa;zQ5-cN_XvgEAkJ&^BO5_EN5Dq9Y*nN32ms3xTPF8cS2+sUPq zjO$*H+?{XEUKQv(()S0Erp1PpMkIx9bu#&Ox?+^WYbcOdV_UGoHtB5PRg(jY{Q+GD zKv0*@y1n+QtazaZ_FC)m%BqAD_>$!VOU{%)uOg`%HcCyy9v$ zM#g;QSn2!?r=TvBEV}c1%Aa*RRV469Ez`qnV*$2%^c`{AO!Y#?Yuf8R3H9IT1p4X>KavmK`q{HM3?DUDCX)iR-&DURUy@W5Bd91BhZNwLTJa zrt_uJAm1CF((exB?e2cvRMTG~gBtZpdA|uf&wI$GSMr?N^a_Ab83uS6DVNPjNSnvG z!Rr2zz1{gVgk@fr-90C-_zfo|aN+Hby6_SA?aW$B4K;^oI(IaShEVq-4!({#08Rn`|+FoQ4wdV z|DaEdTZ3?VTq)nZN2RfMj_+uhg*ChbS%SlG|7CA8PtQ7#d29u;XdI)@9)5W}XlQK7 z)){at$x(O(j9mvnJTL@yVaC67KHL~#ThzfQa97+<=?ebLMs(e!eE* z|06ERg-#f(aYQz;^s3#;AplKYoNM6kf3*PYp0nla^z+z`gwZGOt1QZQVwIbY0cDA0 z$K)dLhx3OrV^^ih=BNK$au=&(2xTY){}kgRyJE(6_uMsZFpGP0;?M%9mSqOL%2geN z;*R9q*I_8JGr9Db&IK7?}Ipx0Uv7p^W{**8ZW{!l$YH5 z>rpu=G9kX#pifq&yT$9zM9W7zT3j;XJgtj*B)(AoP@6Q3i53T`3GV8HC)wgs&q^VXS$SR&*s~H*v+s<$J ze~+NRuYDZPc@9{ZrG`w3`Ff`p7GS-7>0S&e2X$dM61_E3zur-srP&7v7PHxT5xS<# z=Se^N^Bew%tsAEJfj{m3qy_XiYoNs)7K)d%>MQ9Fpa`*HM&%aE z`fpcZb%QM4&Krf()c|dfQS9D^c1zFaPf;5nmz+K^Zc!if;j$vuVsvc7o{w;~V`NUo z^KpDdv|=FU#sm*OuE0xVT)Vz1b=Df;;X;4ZRUMbuYWBs=7XZ5_$$-X zQ$)6Iwi5nBSjs8_>4jH*P7}AzXmN4IfKBmh1Yy|Orjb~1f)Ofa- z6O!*W7qb0T3SnY|6mX#4q+SAp*0-QUi#G3y1;5pJM`U8c!=-nfOr-!)2t)1 zjWq7Q3XG~-nn?K7@r<($#S_9k5HS=s=`&;LwAN`spc<neDg5h@YH@mm&z>TS=~mt89#imyG@`0+WX9A~XG_fj&l+xE)YCZ|r9qmH-d#k+sRP-wji4nat& z1PdEmKuGwBF2ishF`>LJl0^W%+>K%S?rCe%Yu|o!mhlkKfOEewZ@xL;!jnn#T{ZOr zgpw1qE&-@fq>y1ExBTRV%(+?~kOfv4zs+N65zN8mRsZ_dT9$N{ft=hST4~@AY{k~L z@?THGZ*KzH#a58+kNq(OphRMmdt=$R$BJ>fqc6({;-G=dyG#q{O}xI5`LCp{JGTjxxNbw=T*<3zz=boF-AY9b1%`tq%&2EW?^A7Y8v;> z?clAo;KG8iP)a0W>TefW@{k;6_wyrXCbOkd6FQLxcRwrt+$1CAdkcQ9KYTm-zj>(A z*h}G*>f0X)5Z1z?Fe%|10SEa5&jz-MWX>4ly+;YPqP^6D=+&57goUDy0M_^Q5_>Q{ zMc%|DV>nNG{%KT>tkN;^>Y@a+(Hl}u;Emc99>tkv>;p4qpw2xw>Z;iSyh@&+M(3qu zb>ED<>zn*jY4En|oWYabIfns%UXE4YUF>ZlwXk5pjp%47P>8_S0G1#+O5`_N_)w0u zOWUVgupyo$Lev1uU2D1d$Ct`aV8H`_#C7ta$C7Ix)k4KN_=tc~2PUpqj)RNYBZpiq z_X7IX>}WU{q>^MqwdfQ$Ku3F#MumRK8UROAK_0ltUdt+>KX{%IL0B|U6llMk&wJnp z4KOyZcZ?r|uNwex&(qBE+3^<@`sYVjuzgM%x!AD`K^9BVI~Gge2bd+0>Rp<7W9|gR zMncg~X)zKnn>B94y;v~U$p-E#GfA8^nKX>#Eey zFW1;mH>RKNJW%#zep}`TBp!0hpim*nh!2My29X38Bo4icN*-(%RJ9riJY>fX^v-k0 zMLwFq09&%NAQd2z?^AaOmgve-{Vf;Q{~TE6yD+qx?27lW00ElRGU6v|75m@X0S+eX z_p2Z&WmBF^XsHxu3&>vvX+#5#9)t||igp<4Vb|ziD*aZ3t#oRHzY|_c9r4!<1X#5w zQCs4QIGYWKXL<=d4Vhhfq;h#n&b76*rF2s`?%0etA%<8rgjir{6dRiuNH?U#yvzJx zraIREXhV%P;oy`8biY%eJ{W7gK}F~UARr})(3v8sgtMQTBu`p-F5K!%ACLI&WK z=r6BFA$SX}ALRb_MNG`^=RGVa)ZV_-y88;3e~qSL8tU}9DVIs^-GeThk>&&={q^I* zO-;2jTapQcU<4Yl4~1c<1!m@4M^bK#48ATMzur?} z_J?05=PrIe1iH+O<%Qri6shhV+qsX|Y}SX;Hr)C~DD^OEMhTz3zzo)ou#u7iYn({O z^K%iJQw~qArj}5D4)m0CmGe|r^&{niWoDZq)K$c#6T3TvQdC+6Ef+wbCfJZZuX$R8 zOIS|H!Sh{QcXsW!hKU1h+$1>=2|1`VFvQ9&61yi~!7c{Q`g7SXVvf*54y|}Pud9pd zK#$#^bJEo@ccf;R1{=^!??3xYO%`IK1X;;HWe<(m7|ygK)1KWoSdpc4n!m7<^!O1+ zD;;DOdy_CN`J>2s?kVxi&A$cc5-o-i&QCu(^HVeuFmD=G>QfvhbzXd>h)3$-#-I?> zmoFXIgk}~z0S1zH?-kpJm}rjsSGm56N#KGj;lXp(y<*cyy|pWEX5JshZ`nrK%2T-Y zCZ0-Ih4HlZ_i8_l1BMGgNXo#%35M+-Q6^DaL<9tBprQ|=)4qeE5>*v$L_o^e*w{+q zoBe*T%vM`!u1pf;-~;qKU{vr<%UG_IF@X7OZ*?ON^HBpJY0j<>cko3PX5PDE8Iu~D z5JYa5u+YXDcsG(jsBz}I!sKA^@%;NtA+#2`xOH^VHwS#NF>^1Q!x=twsa$Pdcuo*< zVj?0TV>KWWlHH*q zi#gF8`-DM)%WIk;`SV@DSl@L`@TyPsa9 z`hr^hSs7@8bOwCgCa)JrcB7I&I@i>l@k2^3-0Jo{Nz#fgyM98&($(SMcuGNq^ON0d zHZ`?fmZh;XrZbOQ0|V|4<@}dlMbQiC;8FG`-+TosmwvI@d6ZzEb?trSQw}vvTpY|0 zEhNkD5r4?`TRoI~Ev*j>Xtjxd86PZhq2Oa|dK0a-rq_6iZ6CDeJ&^wFitVY0WYCpi zN!i>@-%sz?*asxH(gD?>FX|+%#CLw7q{6ek*X%Cw01H}CKrAP1K|FwmZ7~=G4Jy2_ zd%^zcJ>Tz%H_j5X9RhkkS`)ACs8^)IWwbKHsD44kW8f$Fc);vm1;PV03=nP?7sOy|VP*u7r#eJN5GPn>PwH0_>PDoZvXnkvSe*9*)sCqdKUICD-7< zEg)RQ&BmrIbNNfrA9&J)Tw@;~Ir5+C7Zw&C%;h$$3VRj&GQl#_>t=!BuYvP~cPTW5 z!HMaw(w(0hQgta?hf=IA&ua?F-IRC1iIuwvZP7&LOXmK;mLh;a|3hm#j>3B1b8gCy zu_3vY8UUf!9Iv^{vRVO}1z~hOIQ;owi7dnbNVM~rnbpqC>)^e!T`ZcB*A9?Mhvqwr z4LRYFoU?CT)QAUoFoE%$TwYp+2Rq1um5)2Z->L+5DA0f(Duh&9X~vf(sC4 z0GY0~*FNS9%BXN8PaOPUlE{PhbCXqMEuo)42fBYS^ z;sF!l7>w%-RP>HWeo}gNikXNG_L1bv1kax~IrDZVK)w#}#`JaCC)y^`UNO}k~ zZ%&M7^DAbu4+G*-1<2XM+Kr62QOo(Bbg%xx2)NL%&tg6!?CahqY9E>?(WBzhE52JGUv)*mh%Ll|V!B#FJ=>gp zfbvrufbGJ4`#I%v71U9XEc@MulHh>N;JkvK;Q@tb{x@Fx%hd$-8y`@8&tfK;o}erE zBN?WP9b;Zw=BpiJ{Fk_C8fwvwss}G(rmV0DK&uCK;w6DW#_a3;Ah2Sg7$6t&!ZLKx zD8^gPi;pwG#C_iQVqy!9%DlN7^S6Kq5dV)rxQZNqj9U&R}K*k58!I36=j9> zp3yIHq`@lZfvy@2_XSuA*1BF|O#dJc(Sp_JBVp&4owoaevn{vBl}=c8+*mK~CGNgR z)xJnh{W+6X3_XKlLU41T@0bM z)*|Oi)*Rf>bB94VGtd0Yb2YXra|774jZ)0}iDpX&XG^K~1H3%j4A`XAiiv<>=du8Q zFEQ}{RcH)(lcu9J5S#RF()z>$1ei{vIY})o;s|h$tpg(DC6KZV0ZWzFy)^nFXiGfg zH0n3_Jg;-F9mtiv2B*ff`Nfyee|t+gc}1Wx2o+nEv{LTwN7sA1?yF)6F-SVE>3uQG z>lFMyIXWjEgEFGH46Ioq`sqk5P?U0L zK96q5fGM>Ez zx6i7v=JZ2Umix(T4}M=td-|`|Z9Kc(QC`}{^ZAAX-rvzLkqcC?ofWjM{Vn*}y1=gE z`5`b;1t9>wVh=VGl2B1?H(yO9aA8WwGr|VoePNd<^DftyXT|q~%3XZWSO%-h>?7iu z10*SO!FAeXJ-RSC^{E-|lM3$U<~O__dld}lWX;JM|8b+?(EMpW-M(gX;w9vXe2~#c zCVjWv*cbY4t0KLzTx(zZ-%d&C8Y;9i*!u_(8BBsg;C6~Vy@|2MP*mEl1{f#&&cc9) zKPdikn&|gO91om9A3gLaYm64?SN=NhIG~eyq6S*Q`uGh7a4&<^0*YYEDF@h6cjzzM zD8J8mEAZrzKX_JroE7k;_ec3vE>SY)Yv!2=-nSG17nqh89CW#*NZyJCdZF1<WuK?gT(vL6V z;0xpSA!kc10(xppUdtwRQ?fkkV;tc+&w%1i1j{U*Inft8^=wQk(k#pgmLcNStYuEl zaW$t(#YXwRk4b@kOhZ393^x)vmkVG!!dw*oYH1^9XwnFN^V{`)Dg ze7?Vw0d1sd`eLhBS%cfsVybEF{fJbqd+f`5yJsq@s+u4){@LuKCf8?R^gj4Ns+&RaOl`TU z3XVc5q@JyOd|skoqA@#7hmQluUv6M^A%U(aM1%_OFM$1e0%+W00c`9*3r*}LT+3w^ zf-ZJThXLqa3|evw*^v+xthn)=czKpi}FF(Vhc)jp-AO)=ipO2m^iOap`bhPicv z?LV{?u)kQN-!5w>_UQ9R{cFP4^w_}Lw^85_5mteZR!{;fv+31IiMuYX`4tG$OhZAqDyLf5jwCzBg zSseiNVxpseJ$351%QBAt>eZ{(>e<(HYf-&w)l#{=Sm0yxqA4wU>3{*L{f?CNaq)Ym zJ`e*&YLN$tz0;R(#s4t4OyCnDXIixa!m%I{#My=d6$dB`VHd=V9>+FZ@%i3larazCGov*ZZ#Uy9=J5${(;6yzy>C3#mh>p;Q3o^hPOTg zu^c19U1b|An+5baDhd4LU-@#L=|zjs3|#)+&vL0AtQ!PQgv?Z0K&B@%D_>fN#vd^# z)vGEi4+2cB1dMqSkw+jWCLN^AXuBu3{CHjI`Lv^pAy{7nY%J5d4K#ZX{lUOl_fu#H zQeI~>S*A-AyOk)%it4dmM_pb096})_)KT+uM#+CKK=ujr1sJ!`#dhWDmUcOY0_N{O zSmd(i|F5xxU8o^c!8iL}cJD!*I-b`r6HhaHcxUYQ35YuUF)P|034=l9E*T`f)j-0A zR8gY(oUA?sT#U$2$SG^if})~=J?LZaO%9g-r@`)tlRJ7UAF`RgbI~x}Y90L~s@I3SuZCo~+Sjqa_$wB}&wx7bxMNJuSo-F60ES&6l@^hhq#eA@6c5j^=rk92?3IDXUuM6~diE zwJi%k9+q9}JG@g$2q$|WF)uGE3_~j+F{6R-kRvvK011X&oE13Ghbta101V=IOapOv z4WVxhypAnq-UB`1ko_hP503+|Fqiu`gBB@GxLxM|TsJ;c|G91$%h9%+^0M2Ec$<8f z0~(1~u~JC`I=>iK`r@d(5}ry3Ncf2yCM!~@$u)KWvpjtCH_*`L#?ZO}T#RYn>ppB$ zsg|X7&$(_^rKz3eyABHM`{4(^;zJpC1{OVT=uIJw>9dJmu_X)S%@Ic?)t=0NuN)fuI zWHqL!{ZKSESeN+U4%v-+R@YuuANegiEoJ0_1eDRg*HYpY_K`1Wz0}VCKyfxK-FcKh zqR=i!hfnFwAK*5+PM=SM0AEcd&7$&9>1IlgWu+!UANf|2>L{fU%iy2;=@&h^)d!8W z83^F#1R*M^pexbz^J_T`J^-7HwN2JG-8+>brq?|CaBXKwwP~88V(KCNPO0s*6Z=i` zk4dL6_}hO9HSbJ?Qh^2^-q(^N>7&7T&v$RZdF^xS21we;e4l>F5qdfA)}>t;ysxf} z(W9Fc3kv)I5G}?}T>{yn!)T5~sEAbGF)0p)E=l!?h018xQ^bKOKcdNXK5Ho^e5}$T zBCY;$A?bZPyAqvT$;?t}xhB|V#7Oq-8^w1BZ-Ss+;c>(s<;+7drS4{M847_r){8J~ z4X^SBe@nNx?dOC^#tYDgJJaHWzB&2ip3daUmPu>f^jBl2V5MLM`T(YbKkQ&CO~_a^ z>o}4{6~%3grfh>bDvTD?>$@dwI>Gi#$)#WT_6H1~0j-+iq_q6SK^;|`;$#ni1C=3$ z2^1Jr;|(02Bq6I=j1FXfO$VQd`wQm}{;LIWgHrl;ZXrk}oHN3`gLvK2w#Q?G85jYM zulP$~&eP=n3wD}`F4tTr(|On8>_AZ4LZ`EY;sMX>J|1bgCGbkb1+yV%1)WNcR8C6W z=xQBHFbN3>en{U!iY|5CaPF2dYgy7(KcmDqru~dwfV)wx>;hfGNaAIgOkeC#*N)jp zLix~OYtpO_3y8{!$37`@(R_SS2;wgWtEvc#)O#r0N6 zh z=$;b+cx&%%u~1KIf(zT>YTJ{X-8~==F4fKFA0Ho|c=s$&SY_`E zAiN5=nm`DQ7ph+^Q^;kS*A$S_J$c^bpifQ%yI`|ixH8auN-6J}^uuf7jqa#s+`jS; zzwU&5#~&yqJ=NKWxL~_l&vTsYSi{Q$cm*g%w@3L=Zzs8SiDqSO_Z~|;V^^M=lGK$H z8MCqyuB1F0o*-47wWK7*jb>O~)4|M!Eh_ zQfsY;gEQKW7*7Z0FQs7Lhl}4pOD|2D8eu0Xe;wS6T`a#=V@(i#Ncz?e57X9qO9$Ye z9$0Fxy87eAM~8HHMg=zy!q*a+HiU)5)@E~}S|SPal(S@a4mIfje)S z*FYz$dn(1M1*kUs+0YLSlZ=ZJj-W|%ww|dp9&7Ob#MfL*ObioJ@&PI_wuv&`e6KdJ znu%XgZdOeZoZ^I6vWcG4j63fx4>T(Piq|H_s2x4z6A#S=OMpBmf8DhG4W@LO1-H&) zqY$+)wH}NRM5q$@P4|Xh(51FJcqu?;+dPzDkZl1H z*TV06L?mYzWyziVJxc#F;M>?}D1>RMT>va&M*MBfNzMkp-bcZ`Jet|#!_Ti2*-5Al z(&34=RD%&t#xJ@qLF~tQrU{s9Bvb{XC%`?w09(t!N-TBj_^m>X*q4k-jZ)j4ev=); zzA5R<(l5cmIHL#qW#7=Xi$#3QNo-@$-^yQO#PkNVP!C7d4;IYBcsJVtnVt2vg?@!K zlF$0xWzGY?0oznq&O@9%8|7zU6;WJ_lCP*3Pm2mE7vVeDBIV|@u{`M!(a50La_=b_ z_q{f-J$B@34fJ#QcaAXy$+=UJ>lrS5tX+p~!x`Pgn|OP63uCvYF&y5cL|M+1D*|S_ zC-HdshEBR z;O3xte(lP%Mg?Es~g1&<>h2AfA#i#58ZlNMkeb=N~J3+e%kU9J-PIKhdyl;)1x@tV6Ds@ z-}i<%-OkBGFZuko+&T_$4Nrgj+GAUS96O|!0fC3bcGA?WEN>K(e=;RI5?JLKCwh-JP4P~_S;RE zK~Kr($Od{jfd7;gN5}kBeb2B0FG~BRE8irmFSe@*Gy_-}F66Ot1Kg)_XBPLn;J7^V>jKoa;4b%f^&Pk%A&x>`l9k*ZlonD_%@IjBf?b6Q=oI8VNSw! zRAeB*Q3%lvEEJqQ($&(^dXCxf;W}|pqB5lelLZs?*}QXgF)22tUYb&!B9u`TCsT2L zfNV7tqHe3s;AAOwFhO#652m10P4b1nH2fZhUQrXhlg?xM9CQg(Opv=N_+)~F(O9dP zA6M|jS{*pcv;@%w;Tg3*pwoI7jX2DAY6b23T0~_fxUxwxqXU@E9(P?mnPlMkKD;!{ zgJ{WAEcDMEf1hZicK`4`X6=U#MNIiT;@q8T`R-a7y(F7Avs(t!$-)z9oYvWH(o%)7 z$ghV?m0rDc>TaWHs`UOJ@S_Htm{Bo>kp`=7(_)Tvn3tAx0H%c-mkKN7HmYXb&@VJm zrOQ!dlw;D3sRlk^o{GJ;(If{aJ{AeL_`_&;p2l;9&e5G)GrH59GqMJ_;uLR+$Y-Rg zBdRp3)x{AuuwQCB?UGu*vwg5b7uL-ZTA!28m^&%Sv|jT_beFu#SpQ<}3WRoYqY2X1 z4SRc|=_N_BkcyNKP92;df6*mq0GsT+EG_9{Q#`yJ{6_(hnI|pC<&N-_5FgIfpx?j% zM?LW^MF*nxJH;{hSP}l_9)*bsRnP{>N1U9yx2oe8SSWdP?ASDl14iZpOX!GBsmZXa z$cj7P9!lBSuR_ai53hv0##xg%odD*{oRrren=pRAD1zpXdIdY-SHp*icET>g1%4L` z^eFs`M%%K&_gh&tByaQb*hYvnjD6dL!uekQXN=_Konk5OqU!=78EqsD){6>qgK#&d z%Hs_j0MNmgO%7(Gkp^|}9#bw9@a_(70AA#cGxzKZ!01`QX6(pAmgRyWe6-vCc&nW+ zt`yjiVRnyitZ*7V(oGx}zF(|jFG#h}*p@1g*4Fix&j6SxHaX@ZD{9bbw6`FozyoJ2 zt(?OXMgon3@Ekus3MkP?8-A6zmBeIci9G5L`tkct3nF zem9Q3`6~P@1jEjDA=$lj*6* zX~j)gV4332zE0tcLiNiUTG}~;mADhAZ4}L?yWKWNa~vny@p~R|Z0_GI!>H2gg??Ucum&Ky4kZVV69Ta}y~}iR zC)Up1ghm}oC9LQ4t3!HgV-NW`Op^A(19AJVaP?>BK-cD$>g@jEeMRuV(;b_naZ1-> z*&jGZ6ix!P*|+*W^g$DFhUr=g7i{i{-;I32Sd#1Np3724ub;b9(+C0$vuYRY|SQ~gW;qvuluT56(Vwo-<*i6Q4}h?p%n_JVC|;! zU0_ON6;pm#Xy6>|l(3lM6GN))IDW+C8|&b6Ff`Sx%mRCujIYy93jVrvfCY zl1d0al+Gf0!<$-SBu2x*dBq|`e%iSFZqMazoLOW4cMJW-hlaO}>oPi4U^Y7IxHDmV zgR6vk%9%e$37Vxg^IHw#27 z=X*S|weqm3B@{_*oMEeORMIwQgQ_`1>rEL{DO?|4&CwL|%zo*Y1F7Pb@_~ay{LmB~ ztC7;1A>Etja@oKw*yoHvLf`xQItLwKm%^!UYz+I3`D7dtIozoJsIw~hvF#&MH(eFu zD*zQ8H*hoVxV7(!NqBE1#uRT_beo23Jz?GSsFU+yXIZs)Ux9l^&)MTOk-Ka2jGOsr zBY&W)CpZ0PG5eNIb}!4YpHbrd?%v(Dp%>{snC@vSW4j&SQ^SR!#0Se-S(tqv%o+%( z8%E6Do5o#~v!OV&v+Vc2SeUmq)#~V3%hyH(-bkPxW|;}1y)2Kqz%TC9UQ(D}IP}=- zwGBnf^J}V21;pEIrs5B2ccQyI3YSSm8RHO`F2jpEKWP!*kQ1>Vo1=))8DSQkG^~LasL1D+D=jBMioKX71-BOTGS^&J*`@tmz5erHO;yOIUbs_oc z(VW~5ATjtpJAeeF;CorMAQ>(f4!vw)Hj>HfQsoCZ0(*~)P2WGid41~DgRcLa@ZtZ^)Au&y3s075lTb#w!+u9c)c59VH%|l=AbL!d`q`ir{~hp(6(bdq5|h*|UasOm56EPZsd=7~RO`6F_Bw%9;=bBk z)hL1Q`MM63T2P!se-0srk;8jYOUSwf9p=+Ce$ZD;nL6k^N)_iO{ z%GXH*=o4ih4@rz!lGzQVX^yn2$VNZ$6|Fu@?3(&`%%CdhTU&?SsqL{cCot-<$C3CM z_L;NJUEtHePoJsMh}u&;<1aXsD!peOT6H?MMs!hP9xXP6yszTx33Vh-0tT)J?CMttM4?-)3^{7mW)6zWaw>&i+VP z-|<8#hMXWyzl>T?+L`GN#UOv8Er! z+)N;vK)4tM7{Q^>Jg;fM`Bpw}f1)~wf|!cTX`^#iyZQ^JV(a7~$xF#sG$-s?omlTy z-43hFg|t=@*fp=}UrRsr)GdE&-&M_r7E53PZ_c4r{{>5IxyI#A^0k}TExHL=^enHK zm^M12FAD#`GvS`$cy9Mm?$vm&m?=^$hIHKkYXP%53XG zp1Ua4$OYRbrYEXDbt>9HB#ih$MF)bx7JCW0S2h<=d0eg#`9!&L2UTd&LkKfoSj`rI z1Axz3(6d zj+H%DYLSP?2NPGg(A}z&#CY@Qb_<|eO1RWvx!3hRwp2ttp`t+ae-q7S$MBpynfK=< z9@!%?+{>ZaJK?##F60HR*~YArg!qtpJi3STYunWaqML$Be5$1HH5xeI9jg|gOSyS1 zK?$}n(4|;&lgEhH@{0v2(}Et$cggoYu#Y#aCiM7wzTObxPIm-YBAMPJcBMP5OC@qtQ{*{+nwv5~n%EvaS;x)$!Ae!yYQN z_WVor9x?Yu(0bRxF{Y%}(L{zk?_1@a1?Tcdo$V$b&sM1kWyGyQat##=g3d#@qYZ_a zvVg=tE)I!SEBD#D00I%0A*av%fxDqjw|a;+>84MVMC9iuuipU_S>jq$Gq9bByz$Su z>F%eYqa(&me_}$W*Ys#M`HAZaZU1=xC>4S#Qy7`_`hx^RlV>rFN3|C>%hArv*h2p9 zRdyp}qe>J%N}`h5Zl^~g%*QeJ^yk$LS`P?%=fs@fU9x4XUY}WNLfk68p+fu+FM4N4 zRc+JVP@BVRcWzDJ`C7Et{cPG~);N;w`ORct>C)ULiFl@QKL4E?u^$#Q!+v=^1Snb%hW(Ag zK`#Jpqxy1u;A~%;?IP)Lf4U*(kyw6GowIc^(-o5_bjz3v-j#2)Tfn@058Lnb{)=NE z_tTi+-*4-XI*>`gtT0qQcHV3dRPO!+)yir%FMSi660}>SHAM3t8mEAfC6VP|>G7E& zFL8{kLuoD~*_i%5RPo82I^?ToA_a^hvHQ`Sd4*jeAJcp^gyY9}G8GJ899M2`6}rq? znivszE4apk#5pD=Cer&Hq-5d`;#`|(_jPlgD2`z|nC*@V4h?3cmf=x=l7!00nY1KJ z#>L>dOyTY{efqzy_Fj)HYWy872HB9u3m`M}$Etg?{(f5-= zYO5yXRi4eEE)k8`aH7{}xz0HO)5klcwKuly;~Q1IYg2OSTnP0mytgMF=Z_6@xWtOR zHmFGc?(xry@z{4*5l2{)V)-@U@~$@q$OvVMG-Xg*_R_KVxWu25if zVp{TWWY);?BAcMrr|D-dBmSbDD#Fb@Jsz=hZAN+8O9lIuUmB<0`_#eb5^s|lt_hC# z#Cb(QJ&hG5APNj$QtBMM^4vx&s~EFeqn06Z#Zs@amV?7GeAtWJj?#n{Qd&;!9pea` zs;g3|#M4Je_Xw&hY;qFhhFQ3v83JYBQ+uQb@}7?_Q4)=x56cdT`3vSK-*x{UG(gSb zpyNoWU&XT#BeWpw&TMz}DknuxgM827rrnUxlK4w^S#MXYpU(M9Z)(4XuYv>?C8agL zj49{&K|);vA$Qipa2yr{5x+PD#x`CRpzeQG_Yh=R$9!CQC7Dx<8hOJ#)S(^a;PNPW zVX-NhOn`)&=t;HXKt9N&qJKDk^)U6)mw|_miWRyhXCF8c1A;}?pk}6Ns#5t zJ=ifdaO{%>5T%6(vR6PXXpX~ts~-uZYlW_^7b9>JyoCcXjwqJZU5ixt1% zM;Yzdi6hR0)#a?P5$*6pfbVOyVNX*<9%8rxS{g0y)gzRNz=5HgzP!bHbpFh%YdS7EM_kuK3*$00GY$?4j;#6O~V&frD%b?X9Cd{1Hb;-Um zwt9)Y9kB|rmc@8l2_emiI~>n^nyaKtrx+(bsM_#hq%iWjlQYz{o29fGMXO|jW zN`wt{C_Wg_0)9s_N}$U_wuG-uZ3Puyp0aApOA^;TaOr5MpkrFsh@^^wuwC33KKLBM zjY+Q@ERCPtH(EsQ;t(qbVeGyljc72GB3%p7F)Yz6%E2qd?!MLd{9h?vusL)s4@t zb*@2h%~NLr$1m%$Ojq1hPJ>h;-Yc}(0OIG-M7*A7A>j9obT;ArH645mIHx<2U ze^;7D@|@Cgskemp{C72VUW^g)Nx>&N+BrE75H%G)<+ zB?^l9k9~%;$88V^R6gs&R7r`jBrp!>gDLl^{-OqA<}D>ZLE_OE>Qe^_vr76NwvyJb zYdXu~x`8~DjIa<#qTbSZz6Pc<`#jsG|R`w38DPBPQ5*0RH>~ z;HVvdS%G~ncc2{@($#_QTwAHKGRH@*@TGbgQxgTh#RE_Il;>21shsAX@`v|V201@; zET^X+2GwVCj;{6NkujDt;K8P$It&B8n=02OIb2<43zhIg9&%vA?H`R&C%Zw`x%T36U7mXeV`m3XK;C(EM* z^ho)~g>TSSIyf_A5PY8mfu!*y6idIGMOm-fZ$JM>8hbkCJY|Ig!$imP1C4Jc{i>So zYtd}8DH_7#5KMwV%Hrf~Dc{Eh-li87P(Lz^z0Tr>8wA&qUKty_JWs1LvOjvTYL@v= zy#u0HRj40Gcr5aGXbj|Pj4z=kJ`fp?&uVIFw+;?6Mojm9z-%UQ?mB*tC8(1suJd+X zQixof8!WOy9L0!0tb-6GdW1}Gn>i*SK-c$4d9}9}t>HuKd%S;s)sq1jBtuh`Hn|cu zBWiY-LC9Y1Ga-=SJiFa!G?za>CRQ@NC&S)pW|a8$J%1A=i-z>z~L zE@U05D~wlhm6k&NZiIx&p*h!PqcLFmkiz&^3vg`qw>3*7 zLM^b3RK869(w>mDMF!`%+EoKy1EkqF+G@kN5A8Ub6wB=%d-XkHyH| z#{j}0-PU<66$%41B@Jmqa8e#=L@==9_?6nqzIFgQ)q|6Hw@(-QT>{3IK55%jT!%kq z-UHz#(u& zml%Zoe%Tk+%9DecnXT`#}y`;pQT!>p10oz!ykuH#Ploh@fKB<+iH0n zwwqWEPQ6@&8dgX`qyr>4i~ zFb(iPLuiE_Aa8}B;G)&{OCVxz2hs)yARcy9E1s~2M@Uo2sE7Ola&o*$cOTwZxdhm9 z-kqRP9n(f(dHO8_!!{A_?4s4in*Y4zFaI^vS_-ehM@~$i+#7^<5RK8Rr<;*@=Wgl#Iw8$0lTtM4=GM zOi^T{ag3~ttn5v;9OIn(I`#Sf?!A9NI_JD!@8|3Jd^{f`O-78_E`|hnPMWuF-4b~7 z0D5#qo*B9y9TuXv47o~a3pm|H44japgN`yyBPLjCJgGjy{ZvPd$X6FoBef|>3b8c;zf*3@uc zWxYi)h@PU8UbhO0!SHRt&BH+j#85k7gcLnfVZQF23BqyI) ze6kf521sqQL!xG-pN$EC>t%3GDNkSnsF-_zN}-NR2a%^@M>QNIAP*+T5J+m}m#mE3 z+}vIWRWXO_aCM~XuZFe-cCVGe@3q}=rzMO5$#g%S{x0>`&NTV#**cjMa86F>(WTsX zL{7oN@gj4@$ZF%n$7nPH0RwaBWIqBySnux;>dJoD3?z;38`-p`fhW#r=PQ>VO48D) zZ7z1mgm-McRRIGjq`Ik#H4W{Qle;dX@0hrKnZ8$upAH$yr^;)mWHq5Sbby!|LQNqX z5Z46SkR(#V$J)<|*ydk|x|0OtJzkQE+jaU2h`s#$vT%XJi3o<5S|pC8tQy}TLH0fc zt=y#wEmEI?!OM;<*^6GhB>kVLzR!gyTfj#{Y$13wxm~{1_m9PTNSPb=-I+-oNB;}hHDomjF$h9GYj=V|K@@7}V1}5*r-F~wz}~eN zL@KJB8QgZJmI_+z$&c_9azH>ZDOezl*sb7|vmJbGQ4{dT_1GD3E(?IDUz!O-;OzMz zbq07blUa_>c#DS^IOUQsU-?aVLTS05Sn>)xhip+#w zZ9d0GhJ{e@RoV{;T5@Dz!Y!$cYA+KR7xU``{yj4^;&Et*bTX-~_nDLfZ4j`M>o3qw z4RoYYWhuDf!u4oisI7@{pNdW!6#ij|Vz3YzV*6wBm1%8CEuOTn9ST`e!Cj|cQw(?{_&j-F zVx=WkY<>N1K~oqOk0V4qkcCT4d_PlkoP17^V(qk=}S1NT{Az)(v_r= zounUZ;QyTc(x_O^?T(Ks2ke*jhHsV{^~QNOY~~GoyQ8=Zaoi$ZIvekBc=IGqUTwS9 zrl9+9Ab);fJ>PBb>&YTGLaJ&A92VgNN-|S`FTG--d*es2QJMQ zXc-v?n;r>-zI^5%+m)-*UE#GhlHL}SMv0MZ0nbyOj>p~))LNRY1IZ+UkioOriOmDx zmPS(w0qcIMV^Eh5i1%-2B`4=M{RV*3Ei=^}AcJt`{sWBFZZ*}kP=i?Gmw-zC_>cfx z3Y>s+`$)0t97+ii31RJGzRw5?FNGeMi9ALK_)b3*x(3B^2-q&?lrZDo*tHTun$Aoul&m8xjX%}&O^0jqe*VGic-qe3J?(E@Ng(<41Pe)R8PIZ^l5u0+a zoUDdsGQKh>ySv{vKl6|?&`_}_PUd0l?{{Au8pA? zKo8pZPEm>&Jy%bVpBmFG*mm`2)$7|R zCMImq!OqmVe9n#eY`2um%+tB|ZI8$vz7^2}ugnv}!or+@(drRyj;EY#X+gN)Iln5y zf#GC<>#0vp^wS>%I@5y^*t4-=d)HjHp1I__?nkfaKG$*HBQcZG$8g%mF;y}r;czGx zgR10*b*U5i`B;)mD5&W30Jn4@uCM$?eKAO49J>wDw9X85SM%@qF-8{O+K-Qp0Olof z(P^3T#PPcO;miFct(oY9(?%^osNpDeGPyAWPC+K6M~K~361#BkXVP2?t(2e&6_4Sc z*TM{;Xy1@eYQ3O0w@E8s{C0UqmU|2p`AF-*>J8n&ue@jMD1}~Y5IH{Fy89kd(@G&9 z21CI^awQuWSwaARb)f`?o^4{e81jG@QHO&4)*;3n;ePAqgzw<;_`Z*_tNjv;GkSsI zp{A9$peJdOwvO(9WtzwBv_)RgDvjvhaK((U{yw+AIUp^bvYIkgFv zgTlIny7sB_?<)1bmG^~2YQA6TVrc&n`KnfquF3a2(tnyryVK-4%vPRZnc8;fYn^$! zX3%GI`H#@j=*RmzGci&9&!hSw@0hQ@zk(7LfdeCEQGX!WC0OY_)y7`N?JV{l-18TQ zmLFNwx^gi9PVl-naDxyQ5Qs>H+oGqj1#0h29Hw4;ZU#)wiYBT86#)_tFn;*pw|!=y z{6_YK8kLq*}+`DD-T~D*u^>{-ImwjD+R$_7CE@zay-4e1rQ9sb3z#2;j+%sKM6zy!2R5mYv zoM!@G0p}qg(T-Nv&{*Q(Lu&x33To#oJ@QgG6~nafJb+2&6uS!w1cD*^2P+lw%h#Mm z+U1)VL8SM2g}{BuZkpsT8h4uMJTII6iJ&~oUzZ?&X?a71%>I^ zR~W4F+oog#AY>A0ydcGJ;c$P5a=^`-H{XXrB9459ZisH5g2(e47V5BE75nrjvOWt> za;&J!*jYb$N~`Tot;I-_+cmV~z6uYwo`L~Vq~r~k(Y$bg0UoDmL9^Lvji}=zRD5yW z-h9=MYcZk~H;*Oyijq#s1VwHsF2Xt&p;YPcQw#-hK_852jokNSBJ zG7j7w3W`C%d0yEd zeEhv<^aee0IFR+keZ$+PAAxC$EhA$yp%dUtgoev()r9;$nn>MrY@+AI94= z?6jniFnaPHy`#OP$-=6YBBlY<7|luhKz9A>xCEt3O4qW=uI6R-#x2}y#EcpU7`NK; zEMIGCNFo)fiHZMrPF5pB-XxLg2wxb^y#}-uu@~vNydGXtpCZTL9u`T99#kCXZ^6rM z)MxPUxu0}%0>bcounv=-C_%Hc^?pSpVYvLp8u&+fkbE&(Ut8lcA~f@wftY_ks0^Dz zAB5r4cSf)`Q_yjzfr9!nQS9P8b3upcrMG|$pSW-}jjBYZ-_`uY9gU^9sh{ZMD(j!G z$mVBXVvz|lLb`!fLIk%?l~xaE%;Rs)BOcJYE0oYlA%We>3U_y4Y{7lz@blj~>F&72 z^QvN&6n%+P-DM?>|HgS_?N8>~b^G4NH$zU{O9B~xhEj+UH6@)9SGSiN;WA^PJLYlc zW}B|x!(|mvLCu9oI0g4C>jQ;YZWqI6r;z22eIws&bR8|M48G@v&vMi*Ei{$)e0@PW z(J16P-Zk488{prQRU&?eH0<2(=~~cBt~A(&eB)4k zGyD|S3kFS6;Zrvy^#Rd&`Yzc!(|uatC5>f<=7dgJ(Nh&_*snXU0lnaYSOBZkqM5~I z)S;xXZK<=Jot=CrmBVG;A*3RXs3hdsoG0@T0&CsA&=4&xlk=T72I8m^I~LuqTz#B> zg~o>WN1`-V*!xot<61fcmqHo~b&^tqv|^5mtx`^^2qnxeB_QwC<7~}{i zp?_eBY6+Z3dVF#86mLF|iO#O9beyn5i<(u!V~zopdEqe;c#6x(!L}SF)sI!L(hr62 zM8mU6DWd)u)zTwr(Q+N>9rg3cyk8d`hpQcqq`0H#DQH$dp3xbke>>3M`t)NE-dRcb z0>+hlrL?SLUYI!Ck@)-!iD99nAG+a(VOD80sL_Fptg|MOq#e6v(H!SNwRCrbn^Gm! z-zM7arXMxAEluwPX1AM4H~S7oyjo?pCrFI=CA-?&_f^MSWACX>QT~CmueZ(ElPKJ_ zzjHUq^7n03V*O}rN8pX8N2EYq`j4a)3;)6(L zE;<+4b?=5fjNx$EH$ivv_}btrxdDc)qIH{l7@88ce!qFFs;$}3Wuj?Ytw7MmiUpB- z;P%48+nHdMEs5hglGLA>g&R5S(P=kxx2t=Gyf^ogQ;8;POBZBQ_HwQig|A_i293|K^vkLqJhM1lYm+Uu2o}KvUE7HS%zsRG0mYL zxEDf!2xz7;`5KJ!ibMN1poG{YEQ5aBud6gL^lDafn!F;hJq~pC4v1BSEcG8am2aVu zph5PSe4d~G{mA9~gKh6K3`k^=x0k+(Xl7^Nk1tRz;0l)^|c%fm?4MpxEBTM*Nr7I#nG@s!vbpo68SFTKhc`@*Ke3%SzFUBvi zBA^h_Ki^D_(QeBGTa7J|n^sf?eHCWnlaCud&XHSBoeu+5O9$`&Fr@G#)=<&k3B3zT>&2`@D@lkB>bKs z`C6NR^U&+X=sgh=Zuo(L%CR~Yi+#_TkeK)~KAt|KIxu6KyAZ-lq=K5!ox3j$ zUsxOqYmxyC)zOVx+bv+@!_nQ{?w;}Z z8(NcUA`?CCsSMTJvYUmvr^Uvp38G2CKq&dWmnFt#{}dBb%Z2(h3)OQ#_}#6?{tj5% zBAj+x zL~AaIBrC`YuN!ZX(8mj|@0({&$4J;8s*KBoTqUw~TNL7VPWO?T44x#B-Vq0riChd& z&)Hqh?>;6+e#_fUXQxe1xcKe{f2gQ7DA(oAsY$$*>T0xxk%*1eo%wSd^dKixrN9gI zapHvnR_f0ehhdMA%Dvt8-U9A{lDmX^)1nd-Sft{vQJhkEdzz^VGwiY#qR<-23;CYP z-c+AialF{ZE|d2K$5!Ple(Zh5jEkowD>&P_ILd4F zK(n6Z=08<9{3Lw|@0)I>61eZ4vG(mfa~GxiGpaV+V}GLN^&GaTBU-k@eJ-jCkQ}zi zsHo*=O(~j#un$G@3oeV8m6yw?1vmV>x!nvWW0C#w<{=mgJ&XOO+4p||72aM;iu~#E z(sq1U$Qnvm>wu^9vdK{H%);3H#H&nO6W+SKm*~jDHyZJi1{#OQp=OG2CS>d3+kqM_ zvG8zP3g0zT#QOG~ktW?|c0LocJ%3ZvH02Yg*nStAP-cmZ>4g_u-Z?8UfBz&AOs5`c zqVy5mTK4!+Xa0LeDs&Do_mfC9u5()VvCrv@D$)B>63=g93y`dmA#OFvf=$5MlJiIN zqoYfI##*ZhH*b=(DW6m;>!fhI=o^WK$Q%LR_?F>sby>19@riz_QJgOQ6mg}Oiin9T zD7{c&dv#U{lSw$ud54%&R7A9NJ8;#Qe1MXK&@%;Y_UTGg;iA0SX;&j+(2+=asokFE zAE}Ib4bS2`J7wU~75vPx0L z%L+w0)14BNd?lc2y{$`6?X!C9j<~9 zmJaNJieYkwy4CX*ao{TaGa+B~V4 z)dJBB#be^HO{NDc-bKGU$oN)(XxeQW(${@Aa#(+zDJL zH65-f=(P~pB7Ke)$G^09<#XG$F?aeLi@Sz}w9t5oIFQB(!8S^d2*2T^1bQNWYHP9m zeS>3G{Kl(4gWO#khXio>4Kd-}=PW;HJ5a^?TG;!Np#v$HocZUh43YPDeqQQocRxo- z2(*jZz93LDnPd3$i^cF4rFvamU4A$#`o#pN=xWY)Hr)|g*xqII?jV;=y;t-)#g@so z(J+aneQ_&|nEQqRJ3bn6VDCMrj>iQ^6vY2mDQ&&roqQy0`;{!INNqhewY>{Ow#(yT z5bCzqf<;&>{uyo$Qt=JSv*N4*r9D@#XLHN`h?+Q? z55P@H>?4kCAeg>CFN>dM2vlx3~Qm(+_p`pyUO>R3Sl~SLd0G@PK4z%uTJ`+Kj0CMl^ z=Gj+0I~jS}8g0-`V$`WQCS&tJq}3_GD+j}JBFZ5p41Nzh^{yis4k?M#Sh8Ob=TFF; z8Zf&)sVQeYU7%vhR#|R27jh|JuhNR0-c!9_dXHs~7p8;4gnn=WhVnhN(DKFBj*br( z;s@lK*#drzzm}X;f!*5hGo(_T*zid@9AU@pt2EN3l}w&$rS^nFoBO+u1~qmippf71 z0szp3xd=c969gIZzlm22z|7Dx;L zeF+5NeC3f4e9+I~5^+!c)hoA8MK)xJe@6za^@?zEQnq^el8%JRJgols=!xiCa6IKl zOl}^E_SF2k;K_6pd!(ry8WK>wvhlp8Iazn;4rx^X&QJ4ii?vOpIp<9-2HnQ{*{I4S z-%DyL=cIPOj_uM(@WoZMDB>zppkY*LoW_nY&MmwUMuRy$V&8&AhWv`BBvT@7!IxG0d;^CBNLOj5zCmSX4Y8d zYc?zxm;*wXvN%}psR?$CxK1J_@^^^SWC$0#Ir=t%!#POfMX*Khn(Z}aOqypM(9)$3 zyXoIUv4*um?MXV2kPFG_jd18UO-wa$+xmr9GEI%RNHTZ%oaWl{fxJEhV_l$P|H|l` zzxpUjwaZ!i>1LkRw~4oVn}&GY;iT9L&>>=I7Qw$FU1Ux|+4EC0^C1V`~*ES{Eo97LNw9^(J4@2ilJWZ8*!g$UP~0 zcgnJy`S@bdd4k`{j>#+19*^EM37|4}nWxq6Ecq07MO->k4r4kHmuttuFL4)ZnfRN% z#M70?9Mqq*ikf_8{G}w=!EMA-A?w&is)qZLaV@9KD?DyLycy;Ydz6^N{I!toAGYv! z3Tb|iYM$7)K?-dIX{zcdjN|dM_l}QX5bvjY&zG8VXFM=qmNAZ$8iq!<_a9Dqwf7e9 z@pe(h_=^6opJYYbN)eD}gYnbhpRMb?#fQE`g;ttL9ij7*lNq10MA?P_<09#*gihCV zBZjc+1BIH3_A6@VAz1{;vIxc5{bb4t`)RX18L3(<9-HC}TzRd6G0u1ClbQ`hn++Tu zQ?xUpAy5%G$dzV18PB=`K$@E;tkRi641kM`2=)1EC*baz(;9m`>M~)1sCdx2OWvrpdyE?!+YqIo9NBtw@8W-2A0Sq)DJg9l;j4$_O^Esi{vJiTL^9pkkasQ!6bR) zEzZVJr*GULygwM4$G?U4NGw&b5Ev~xyy>u6B6}s zaQc=SfhKVTF>Fx7fv5w)V71x~!$O>SLz+H8C#o~kiK=ZNn!zAJ)1V!T_JtrgcH z-=2SEj37OKdYVS1iO8Q&lSSkorS#0eoqhT;iFjKqEs1nHL{Og+O08l0Ymn8F;HaeW zrEqSEm+@PGEJNNYo})GwqJJ$L8skF}rQ*51(ed@dDVOk)nVs+l7pJIrN|ARh zv~xrM7_53ND{Z4P8GV0GwaaWiTwPH8$^V1+e5PusWFeeoDXRz?u@L>yF{LEvqesoX zYe9SWcWQ^Xh?W#3i5?V02OYy917vS<+_1<^!!y2xLEh+0W3irtvai_#FE8c`g#O?5 z7mbkPfgvQVz?yM^_%VyCX7R;L{PCgMqs&^fK9VpUd8Ro>S8#!s^wbR*^X+dBiGca> zgHu-_wZ=ONz!jh0OrJS}hX&oKnd0N!S%X#2aKByP3ED9VX4oCVKEE?}ko+;B)yw`( zI44yWQY{Or^}*SpDLFY&ndutj)5VHa&te*&b1P862keyTIXrA#2aYOIp^u1Zg)d*e z@rRfq(Ar3fDk89Jm`lo#^|Ir|L!=0js19&%7NrP!4k^O584dv-CEmMCigZ2~EZH?C z=086?$=Lw0!Fq?^yWC8<3bvjRo!h|aH05r8@y!|=xRWgrY-9#SCGvRjjCO^THBTWp z)JT!m90<5H%QZuO3H6w(mX@k1T7H#XU5+L({R}-W9At)ag2sE{Tvd18a^8is(2&@O zlrZ!4n<{+nuuw>;Iwg!7Gm`zhC~3mlFqdo1v94DA}N8c}iNsOlw#7#$f|<-8wX zJi+zdd{YxZ5wy`E?fa*vRdAgDzwJ2ZxkH;|BHr>w!^#QXdYiUG(Y~gdE|cmb@%=gk z!42x<@en;}i|7yZl)cg9B@}Ir|5;&OC4;Nr4=7jr=<&b+fK6+^Zu{nML$uSsrd)S;93DZ{ z8`tTJ`hcgRDxozdf|bNz>ifk2u&veGnD(&`nOTTo;`b$c(w~Gu=}od04Uv$kglsr! zQKXeyT`CYNUmgab*X4Npp&BUUZ;jc4wCGzZcLxsEn`c0(##A$8l6sCJskg1I&Gg+p zi@QIH7#s)HJa~M=LxAnj-Guz!Qx*?J>TjfLLZ)7a358tvT70dFubazaeGv)eVl`;X zqM+VEX5q?Okguh~_%U^M<7A^E5%}w(yclD+J1hSHb}{=y`P9^u{}zuRJ!a5OxtXQ~ z*{r0j{H)D#6^bW_dO_wM=;+Yq(}&TjL(U+cHILnA7^FBZUO_Pfhsrh)R-I$mcGv+V zOw@ETZW#wm{vv`H!|w$e8YZ>*zSmJR=Oa~}DTQMIXVp*t<_Y+uNWIxSFT$Qb&(tYm zU)DwQ|6TOA;z`bh$GoJNd$=PjuSqGICAX0er}}m9q%c&u~MBT`Nx7syXUMCKyKr9`!g|9f zR_QbuB5W>X!jCAVS3mbjU6>r8?D_#rm88fv^MU1z*jUv*p0}$^tRZ4PKgs(PUrCjs6pvsm*@YI__8) zLfB9cB6$u*siZ_y6gJFiK!3*`J-?I&0YTB_LV-+h2u}|W*b&?5(PldrJF2*j$u-gs zwMxLH^ZG+dJ>6a#*ypO1a)+MexOi`Jk`j(&Wk&=7*qvIVlfTvam48xZx1km$iAsk9 zT}&aML@yx6Ol_!xNf*VSBScXSNCb7TFuyZEZ2e{VujnBl!S z%Er{Vk=0E<<2f7Dru;tcpDWN9csNB zxP-9w4Cbw-N;nDy7W5dlom4K}fhMMM%8oj+!LTYCdvKJ!pU6bG&2m zr1m3Bgab2P z*MR+vn_cair`}7!8S|K-_^ZXRW-ZShmjjl3otEXET&NUI>w(NotpD?gFUj$D3s(TAR`!eWQfaOgZPF$wyCs*daeHK zUF>-*YKp{A0XF}`Q4n5P8P)>!iZpPgFizXY5?`_I5Mt>5P=@e6ur+)fBP)X%1r(9# z%qbjz=k>#Q#l;^&X>}i4M~~*IHP3xWzb@%~T?<+*Z3e zM!Q+Tm)~4~^fu`g2GUR@n74+#`sBmTZ%n-6iC;zKac@V4pXA8WpK~udHtlJY%!xDJ z6kb$tE_*7vYtp|(vg~UzxQ5m}#5GAgV~^Z7^yO0FJ$9)ajyS4?7WWmRZ8hOZ4mO+5 zPS`8qekCN}4gUw0<(N zxPtp6WT-A$Od-ZdP3>zV*o&lgI|UH78~`K%6NR&0o(Ze_vhQodX1|!4lHyB`pUHM! zGzt@V#Nb%!5u{d@SQ6NOaEKWw~{`; zehAoxgX$&+9#rto)p4G zkS=KGs;9jWVntq>Xe5NtLiSgzXw&=rj7JrM-@_njJ2>MJ7yq{=!WUlc@noWBamf<- za{o~$lTO3logs}=`q?LdAc>6d(`c^5dx7?K{1~hl2Q+C6UB}f694oQF8+m)Q|D2}|+ zxbyE9*kaXO$JEye9IS8pfZQx^Ou6|H==0E9V z*pbKCM*^G5`DaNM{}^5;$b`}p9m1)VFqok>#`F(>85Y~qMPD0+7&Cr>=gkP$Pm7L5B5=ORK!SeLu5 zr^EywI|WS}UL7ps=$^>wOPPmJnc>B+zpFerqZ4>4{br*fC-7D~VODPSzIY7pV+Fr8 zsl?Ejan>YiKwSK+!xFux7oHOJlJ*hg_rr{}gu)BaC&&$N&J=)^EP|S%yI%GPHRZk# znbVz1BA(uA>gmy?{%=}(r;5SjuJei>(*g`$5PWGjn!6rkAPWKOii3b@KS!@XA@o=O zhpQG_B1UrQ=&~BzL?!0TJ9=$09ky+&b~^*0_+23#?%;&-r;seGRYc_b-ld$Xj_Z$uh#7u9Y}p6Z*;d&;lL;xHtrihUJO- z52I>mZ-apqdWi)!mHCEj_N z&sJ5u)q$0{xItZ2; z7Qz3(mPiJ&)_Jav+E?C?B9CNG+TQt(&uOayew$jJL8%mQMwsJ4Wuvqc5dV9XxL<(Z zO6|MTl|d(Vp206T$++mrKhjdIlvLIjjG*$jIig!~6M6E^S?GU7A@n(#gx!$t#bvHe zc#1qcYVg|mmSz7TC8g!Faw@?>9bjSC`fQSqecwC3pv{?+IP>?Zyx^uUJUc*Zlk~~4(rqoP@BJRl13Ex zoiwOE(vu50IB{Dx@BV?hzaK(oN#;Badb?qP#Q}CC*c^#L8z;D?QsadJb)I%<-F8$9 zkE6bhy8mq+@iY9$++L+UdlI9-OKE((RC7)$^tb&9LT2xMLl(W{^KJz~EI_Ru|G zecA7vqc%JCcUs69<^wB}R&P~btUN8cE zDdS2qWtk|sprhdTBES!I5q9+h%ike~2JC>Fi)PGAjAD>)%S;j;eDNsC3)`@%+2)%P znmtMeoP3-x723`V0I=oSH;f&##UzD7dU>VE|JxwL}@|VIY<_p!w zn{1-%srq~C@~L{q+0@3%Cn7o4d<1IO_DbuU}6{{W(7b*czu7**CD2kr_Wp;9ryg zOV|VFXe7@Sauj?7f=jeCJI;3ivr-*qIg-Hr)(7)rU_zAl!YyDCJSi zM9*zihwxYNb!5!A=Vb?nZ0wri^E+U#WF(+*fZ} z!Q7ND*A94~k3VL^dm>-SmR$bQ$B97yD|Fz|$w|Ym=o4pd*McxtnFou8Kt7l&T@k*2 z4pAot1I^89U;F331z3^>T6Tm3Fax457QeO5aVkb?;Qe3KO52t!&G2&m3 zkSPf@zs^?ks4Hs`i|bbOwj@TmG#x(1N@wAgJ=ncm4W9un<^F~RKKQVrB3>Ajtv$6# zuq5iwSEDYMCZ{-=`1;D7oI(FFyQ(ZTz=VQi1*)x#*UJu-{@K~FXCr}c&*2q3QgbKb zT|2OLPzAHR3V1|MY*eq3zzZ>)3F_&Va}o(SXDg5x*@z%^Vd>$0xELk~LL~^(BJlqh z@4qst63E_!P*> zjvt_H1P(CIa`!&q@mh?ghEY}E!)OAnt)Qr+u$m3fxpEWs_ZMwC@OWDlQ-}sQE39;H zT`l9?lh1m-o#;wUhC`JYjZO%wv9BQT6S^7%XFZnZCBwZZ)y_8^F zK`lya^>+y;uQJ+UXBs#Euv?KEskDW zKGk>~*31wmpEL&Ai_2=`kF6?poTGJjPVbE@gQ^v)Xa#N{cwRuz^Fgi5KWB&<7qu?Hm3 z*V&S88d6~-;V_Cxj**a_Zw7D(dJ?8X8&!&Ek5(ZarBa*#iCV9C=zOu~p;66L z1xN99dd;eitIa6N#BCO8*`Uk}f?_8bdLOdX*ExloJ zTl_pTTdGb=u;9}0?NIQv_D;n5{P$GP014V`(}$&gW%Of7$2+&6FkqY#;eQWo!Dox_ znM;{J%jSQb3dCfUwA11L?)q@Z>|b7x0B$$7aLMYE{s)yBdKZP@^snCZ4t_Y^}7Xnrzc);ZD`8WLYg%NZ(XWy2jxHfUzXQG!p?}|Xt zD@>R?7*$Q*(f%=5kxgMJ>_5LOD3Ij+1*ipAIYRQSAYo8bD&^UAY(Y3a7qHSq>59D- zy;t)<9M%(^3^DC&S+^oywJ1p_V~SM?6hq{(*p%FlcGgJ~PNw5b6C$gEJc?1Q7o~Pw zfU5xK24w7=>-ZCXPoAN2i#Ji$!32k|$XK}L1^7MzTyWAwz#00~M_`ctI`2s?mz;Y@ zxCCbLg#?@%JReFLTIN$E>ov;er)24T8%y zf${3@Aibupfx%0Fa0IDWt~FG-b{BPi|G@vj+zk}eA^(nhf3GJ9?EkQtdf9|P9hMgd zSY??qAN@0}I?L5avoASFD0%tx{j=Q)Z(hOC=1Hkz3k!>!wZv`>zubG(xb7_b6 zQ6>P!v%7~7k8C}DEX zL*Y?CO>7d0@!i$wg#S7d0z&Qr0qJ+n>&-(Bqw}NSxBP$_juW=Cd*{$`ie1T9GXInX z1{1QDQ{_Q^Q0;0T%zVIu8t~|_2M?;5Tj6}}|F{5;m>^S4P74}mh~)N=WJZ1NN75h` z{-nvm%Vxxn@8R!Pt7>3^39Jd>y$mJ~c0N?q(R*RFTD6WlBjZM0B}B_qRbB$J{X)LxmEd{RSSgDg|j zakoIwUwMM}Z@zFof4h_Q00dIY1#mkcK=7elHW9QbVik$#aNwGlei*9Ml>eCsPR+IN z7)mZ*U*E+A%C^9L#vcb%UKDUHTV>%;%OX8CR|+-~5ZzW83k7T1QUvo^&{7Rh*wO%( zPR1!cep8+}Xba8ZhyOUC|}J z%D$>+XiuWEod496NG++A(*iURnt-aw%)`@t;&zgL0Em#*N+u;~27r%5r&9dXU(&(V z+vAI1G(Z&uGtJHbOalDc+)#~!39atg@RO)x{LWA+kz1XABnp*cmAs_lJmVKDm#)V@ zLTTdbqJr(yW&+Aj?bBDrF490X_QHFp+jv-fo@x^v>Su~yo8Rvmqi&mckM-Ny*_d3# zY3$9^mxIZ2_H5SinVaH|KqJ+>%Y?ZRkThEff|MS1Xg`l?$Pl}Xf>gI*t;4l0M=3}R zV7*@z@Z=mnRlz+w#6~H`tO5Gg`G<@YcNo+*LX0U`f!dMmJYWzw6QnhAczC#Sh|L9z ztlMT#`!BD8Q8^)c-ddylPLShI=zKC^cEM7v272@N!os&uXwq;rZzYs%2S}+FNcWToRRJNnR+4tK$!~dpMzMIf4%frKSW^9UMezZXQq;jevu3NC;*~ zeg*x4zZ?bN%BGz&^f>lgQ|)9cM5(H(?m*du6GKi=6g@8Syih1{had5iHdL_wT-7Y@ z=k)qe>J8jfFmtlRY8J@`(u`A!>dY-12`GMU;9Vt?(SMsN{;e%3Sm z#<2wKH7|Bleq#X2(H~17a_&sANHMjT-J3716nCr6YD+5hgFR$BvH7vwb3sq(D(5@5 z;h=6hT>q!>eu5CbLn>sd>X-Z+%^sc6n@XlGm`qganCdK)2pzM~Qg;{jG`O7aNB@kD zddHZuiW3^=2G{h`r-!4LnIJ9Q>ZBW>)RqWrZ4dVHIHt(c(SKI<6#5GtEUE{x|M~GY zUnTWOb+6;=iN9l|9QhLOue)y-d@^h0tCpuYHvV3aK#uShkNPF8H9%^<&x5zp%s7aX zXe4Khk;h|?+X^r!CQpb6AA?A$<-x^(!X2zSz6mk`fGpLH-pe%_LbXpZ069va4`x9ag0$-3 z3IGOiex970`w}E(S)*0a0|DN;PRVrq!eV)x#k8&%3X^$}TpnzmFcYR{p?bWkX5J8X zLtFdh0(ZF{VDO~m`gk`d{2%9HQW#Iv7x4zADV;OeC1N(XPH|EPvygqra)(Rp_vBB^f))x`s$W5AdTmP zB=w%zIpO%+Gsx$6oZ80dznyjZF1FcWRskx5nfcXua%K1pyrqtL*Cy(8?8LSuU1+)O=x*x?V_u3Qauxea}-w!Db` z2bYG|*I&HY`la9sh~QXAu(iVSpcX!O`10TL|2Q0Sw{fQ7cUkSP>CW8-y@6EO&Lfqe z1DRa;sZM$lfRA6U!?M=Vgts(UbZ)P83DoIZeIP+wflQKZLo^o}8QryL{(-ano?>Olrx6npe=C}4N_i{m4F4-RZL_elyj_9nO; zz6O%p6`(#8v8Wb!MfKQOF5r8|#L>YgFR-CKQ%UBIRDEU>Hl@4h_UknciKPVk*9GsQ zu7NQ>tpIHE6U1b&JK+5&_%A6q5>Ur-#XrR+mG5lV4mUOgR|0X1aI*e>2P<08|dnC}C72Um-uMb}F zYf*Hv!*!?LfwZ_ri+7(S za-T@N^;o|_j$HD13k7vS4LYuZFJw~z5u`q?O4Mshp7K&Zg9QErAPTN|=*4eV_g?mc z2zB;?Z)A6*7e6jKSQDlqscBwAxkU^~bQcjsEHymc&xKmPayeKX)ul)HsT zOISIsPJKF|GL?EU55|gJW;DFnO|;B+EGCTJz|f{ z$e*jXTT0*K%~`TREmeGR{7(abysA!|Ab2Mvk-BPc|NdQ-vh~dXzvJlOaQ~gko(G}c zUPX%3T1wbj0rIAUPT~{jFR|SUqbuG%at_45hw2&^RQxO;1+fs^?nwe#Ck2D>`EqB)Bp`Gh|>zMzXNYb4F|wpsqWd&fNfk)eQoJjExC;!$ z-{hpd8)TLmVQQhB=CZGgt=5<*e!mOWs8ZUxbvl05mY$wJfOq^&c2`6TqiBO7XeMy> z+EBGg#XrP3A=Q9+L_BX+22fm=Y)es#meF5-@ZiBY2l!58wA5<`qPRtM#L8o`yeIx@53`=FqRmyW*b|CvL!oXUy_im z#gZkWvLuw4u}k(W$xe%qt%Smi>=9CSvhTa>%gl48`g}j%-|u;z*K7XBE6dFLoO7T1 zzOL)O?oUbaR5Pwm^)R7kcT5z%4SEK?cMbnQH>ogW*BK0;$IkcWtBY@wm%G05DKKC% z*6*)Oz`u6z6)?{?38=ObuB7}Zx1m{|?001ci6EfzEIJ&2{as8NsIc+m@*J2(Q(eB< z%T~ZC+&S#7B6Ld?4yIyhf%%5h($~{l!a_pUuL^day>zLgEUWSlhW-x{MZnHs(Z+Ga zRy&>^-WN*!Ow2!RB?AL>2)v~X>8@L`>Zqg*U#<^&`6#sfgxM2x_ z#d-$44N$i};b+_PQZGdJW)U+j8!8)peO0ZkAyrZQgShj(*`lj}b`(#}xC^ zB>d}K6c`<&r6|rAp#F>JCB}2;?lmCeIdPXu^OaZTEvEyHV46+h|LP%&C;H?n3r^!s zo=r}xDggY;LELt1Wc%quK)+0l^CeZ=ytnhF0E5Dr2iMdztvJk3myZ&{%WAB>;15G$ z`C~sOr=;J1HWPQ7#D<}agyHVVVb`|g!ZmJp*3df1@1HSc`ASu7`Ij>y0oH$TH+Lp@ zWYAF-a64(A4(=cVS@m|0VQVLGv9N^g1sG{L9hYxmazHIRQZ&^Z0PxQAQMyU4?Hu&; zDP_%#f^lerYl^tdy$>JI)~-QOUcwC7r{@}j#m^&0qmVE(406E z*Q*`}BivpJyDBAqf9D-vt0WIxknL2E6tXlh-*qpvA|z)TxQT8W=ljK428sbdRhZ z9fYMqppZrRw2omPvb4;6J_!4Zh=^^TvWO?h_DJ8}D885;53u_qI=ednx`(Nno6Oy2 z-c35f%u&p|y_?|)no8&oZzVCjI_Zi6Dt{THL>1~_2qNJ0!CJzxpP^uUR%Hx9?wNsw ziB$f>2R8aOne|WzNi_}9J^Fr-?qO1xHFr1;lK1ag5K&`leEjoh*ZjLc@vCtKUiyfH=u8;+IHIv;iPfh8&_r0$VcA+(ZlHF~g#-QmE!!$6~XSJtn7y!TG z6{%h{ay#*gGm+Pl>^C`!zA;pd%NHfhjL{;@&G0j^qRvuq8Zkl+n;1o%?;+|+9YA{3 z)LZN!yUBA1r+`_&s>m|q^#%`PW(HBU?e4?j$ zp>uQ0qK9yi-|p?r2znX1vw1?tIv;6f#V`(s*Pm@!sEFV)Pypr!YqJVSWw%>Ur!{~~IY089(?UQhCP9-(yO&*EXcdFjEAVFYUea&X&lZ)_#!u3JHp{AQac+E$R<}H zOaj@hqM~y8-5G}+V35_SsZ4jkYfnFU=*V6UD$p9>+`1{%|}H8z|-YbzKHe17$Qaz^~~yt6aE{ydi9y z3$IiJzzQW4r3(qmrW&X2CBHxG$Y}XO8-J>v9g&=WYUMvONVe`q;=$-}&7zOXU)%d}SZ;x^zu(QbTK2 zz3AOeMgCvs67Pr^yG7T}*F1gz)tZoyU^&FyD1&gn%Ow7i z-~pj8x9atxG!9tk5j@?*`@0T!;3TJ5ydv*r=})zbd`bDe1hG|9tnpDfLJ2O8N9xfI z9@P0CZr0eMUIs$ThtvidEX+(GAr&r^IG?p&-|mw`i)X<_cCzzD|JR`gomWv<0z>vX z;F{c@1OklYcNJ>b_!i_i*s`mm!@+JO@nLGvvzr`=$^!s@2Y_9aQ9rk93@Qdxk<#bl z_QOjg#&ZH%h!c6#Oc35kW!uQCYnwcQEO@Fw6n>8c*w#WCg1L8CB{sIs+k{nRR|^UW zrB&QY9$zZxuaeq#%clrhqvk!bdLYzZGXjMk-8HFKl2h_>WQLqw82cR<`9WZk@x*Or zO$4k|XrW}(0s$HDIuhx9H+>1)uDJ=ao zAAn#PpVGC3PfjjO)I*^k`3_I;0(MnTHmT|?IFW`=K^Bn?omduD9jVrzPay*&LuJ(f+(m^r?@K^%BVP)}ysC94<3LYxKY=^I;g( zwUIctUp1-k`x$bcig~`9Xy%$$(1%8GDJDyQPMUblqlwYgMc_ipazN5V7Wd_~rGtaO zgSB57X}N|+04}?)7eR6Z@((>v1l9^wXIq_;2I*wT_CER_dc!=9fDPb$8xa_oyfE6a z1-2gtSW00&+w}2q+tno?9{?@dUUk;&F!FKM1G4IOwCr=D=0)B1PqQg)qihk(4v+`% zp9<0stc?tf)Znje!!8)9N+kA%^8mygg~4F_DO6e+;bv?J>yg5t`cQWna*U==-jNz` z=t_;#yL4$Lo6Pp5K7BUNauOI~-VJuawm$Xi&i2IW)X%qOqgEF0S|uG>)N3P58GFWh zeabqzGLYQ`5aCdi#S2`S0S4)cBDVaY68u0HTP_9J7DK?h>_sE27^VU@~#+^wc%F-+WXY4M5UwjaUy0R1}p!F_rf zr)-og`6r<%rH7#i9<$-)F91?^9<&4(T&pPXr${mW^S}SDMkKr_4AS|Av+3H;^@_Km zi#NX9Uw6qZASS((y^ycN^5Nt=hq%hiplSt<0eQ;mA8B6tfP0ZzAoDv*qj;{n@fgi9 zXjV@pv6+Q#fZ9>Fa12b7$^eE>((?4diEN2fBIZS{nyNwc0DAbcMzS4xzY6;6FM+Z4 zmUUKz9hjuE5%V`4YJ%CiL^-&A2T`j7da$j(f3LZdrh@dkfJgGZIFeI5C5zf!}u4^L1#=Qwl7@!*1X}vP@@$Mh3nOu%j(< zvzGalxaQLJT#B{f!t0JpR`y?CT%8Oqw4QRAR*g_Y5)qyZlVfH+?>a6bQ3WQis2j$q zsUiQ%g{5=(pKZ^=q3YDzh1y*sV8)_lcu=SuzD#^LY?rTAN)Pf`fk7hO(M@o$0$E!E zt;qflOe;QNo4#=M;*)-9IS8bjfJxUott!s-z|{d$K8DohC35-NKXLtwQv^af7mW;m ze_pGbDvZOqK;qof)h8L0e*E8N+ux3~U&uH`Sp zaMpsr!>h@Jlu@lZ$ zpXmJu%Mam`?+T}U*7+k?f3ZV6)n3#9RO05X*D7s*`s(SM!kyQx0h(#SU#oh}s4FZ=*F z?PURXI=sj;JMeIU?#W#nVbaz2vi6m9x!{DbL&mGZN#A~X*!Owge9L}*o#U9&SuvX5 z{!`0)Ot)71ZjjwS6q)xs>WS)`^}hXM=iWtvsA;?&?%t>ZX!T~|J>-~y8-+ox);@Hc zoU7my){y`dUZ-=5hNkfgnK{SyhjLG|J~rZe54{C9ZQ26uzrB!k>#SEJy_fM%h{u2< zxZ&A6I89VL=o({b7$ksx1Bvf|@L(M>eI3T@C^yWbKNzEV;OdjmN>n7w>9=B9Z1Qq9 zjr8^l?*s^*uiSBm^&(o6*8nAO$}q1(EcY7J+Eldrsf#>v&@CcMe)Ex5Xf1H# z`g=)pLIwP?AJ4szaV60N=UsjZ^Aa52BVgXzXl2!!p|{kvLuY<==6&vWkKqek5ne_2lnTyejP}bADkekv7@R>tiFD(^pE~9XauwPPBDE!wcJYL;$aGq#BSJe zn~qp(m7g8q<0HE9x_j3EnX_Wh%DBeuwt&{{tO#6Z`7!D+b%4I(^pUH12Z5bA<+acu zL&(nxV{*^+l9$WO5*pTB^(h7;f1K#>?~ss*iUX;uI_mhOPD(B+ ziw&)Rxe+uC^t+*!56xqymJPD>t5BN52_o z6_=t04;(>M_3URCmHcDhP}x9|Hg;m?3-FVva)8`viQ$6h8W|wnec(4{X03aP6#GI~ ziK}&mj)c`P2q9B3cMJDlWgnL8kFw9{K#?D07dH9?%s_+M&yR-kJUkk2Lr=ci+#%avURt-^nz7y{PJPz8u8EghX7LF6>^ zpj)n}=PFQS1zrRXJrV)6kmnKO+jFq|BUXZgmPT|&tksL}Lpe%JgBVe9%GN+oC8UDO zMGsJ#?>*OgGEn1>5mjHm)$$R!6(-mH^y^j5t??!WIp%?qBRo`gImZ+hBc2yauUOTxyAk=n>v?p}PfHn-;@DrMx+rObh!*8`sDah((8im!V%m;m{T60mYNR}0 zf0O4W5tt>VuVB_6Q=hoa^-}0~Lvhh5)|o>c*&zP*{%E#_AW=12OVGul|1u21IsO9x zKxAU-yf?ZNj>q>wHal0&i#n8kA0fRLKMDY#oy&2@67iej@OjU-|K7tT2FL~ms77BX z`&|Hn1at%@E%$5&4Q!Slytn=5ZOs2!v{)W%m?%4C+6`B-)}of%lnLI zc72xSO&qbfYSKfYiIc?xE;B<6ucs|qc*Xr|Iq@(aGo(Cp5_$-tnMKnSV{kl^;kv6uS}cU+cT7Bfog+v z3YW=An6fu~S&j68Rc;1)iSj=)^6=YVwIq30Z1@eNQ5U^xjB{(j zmH+n{i=K7gnm1nTc|{W%8ailZ;@cR(@Bs*^H+Obk1LT1Dk+)fa>4XY^a`S;oI&}52 zg8K>hjVDJKkZx3mWs_LKDpnYZcz1hWR{Ma=s%=ZQuH~QT+u%mz5$1aUUFebcwIj(- zeF%dhhKZH1a;b4oOtt2%`2IfkXD5+1s<{?KiU_Q)KHU0t>ID!a zk+f;24W8TfO1_i^&%X2=tXP*&qL83nyZXEQoKa8OzjJ(rv^-bNrub(>M@79{9sPWT zBmf6DvNuN!aQgAuoYv#+Iu-Joj|dngG=V_yP79}<9sugswSgu6UnD~8He%c@U4~$8 zcOFT2>TNxph1!o_$ogMV6Li#ry6e3d&@NV<4Lb!tl(4oIj77eSgF_yGYa#d2Xo##K^-i#d&FMNGm3Bw6ZV@p&FxSMYHw``g28WU3Ax$YAU`UuWt z{#&|a6si#?nBOK7gtbSFM@|z#`IfI9x(qS?tCRxqQxi0*?B4Lndru*$0xI+apd^#O zwtuw$`(Z9w>I4w4T;r+*R1^t(t+Kh;exm3`bwa@5ifm+b^vo&OhlBpRqdLw{H(_?G z;n+g3ctG;_EnWVHODb-)@+2W`10V(YK!s{rMpG8nJ|-%33O>BZZf(Phk%pO7;3zPR6? zQy-YC14PZF$DQOAXIQI+C+}) zFwS5&$QFC{HfDR@!Q;JwVD?mo21p9eC@G}}(_~YiUgFa35kCK5*&M6wA9LS{a|9@) zP&7biX4qF8jZAM3mJ8DR%y;u{{{H>Gzx$qa=l^wuSl#=DBI1YyKf?8U1-JDux`$(5 zTcf_+wrGMJtHXy|Pfu^_o9tLOki=?aW@bj&0Cn_lT47-%)9vw6 zQbekKRqylww9CVpgY25p-#2fA2?`g1HGG(snog*iCkPiuTx6i<-`R!n;-0Cq*v zctR-d0K$}%g|rY|e z3J3a)i=@J^_N3G9eh!|VdejxWC3}OM3g%wyf9BU;I?fWltW7u>uaL6NS@R;_#XHyD zdN%%*VLG*<25T)qcV8JKOx432WXlNvc5fJrzW(t}4q#7zcT|MDI#mSp z-XWAM!Vo-g@<?vbP@$~1KwK6;*=n@gpN|;88fJT z^yN$?J!cTAh_k+*uT{7lNeIz<6mQ@3l-V2`>9DzIe$uABxsEc^Z&iM%^k(qjU`z6z zZK3OIS60`U{YfE10pSd$=JkyHy3f>$PN3@E>bvgdA#H03#PC7qJcf1|=0i0kFJAm) zsj$JouiXs@`b%^UqRyN;!)vce>%{t@;NwG^HX^;BT*Oe{8J$md&1-pgq(2?*h)m;d zyOszZ*8c{jvEd$7InULjZ>|m(_xro!j_0d^L(%3IvV81(;>r(z9sIR30=G{#691c9 z-?1}OIn8@@L{ItARyIH}5rFYSjlV?5@$VBcn5ORev&n*Ex=8G^d!`=OL7oPON;8x$ zjaB}~)HEn*B=o4ui5FBk@2(|D58HsA{l#Ckij@JNp<^Df+FfcP!CSt^+x`3gNymsU zob_ZRTLObapaqbeI0k#hGYi_-Qt1?3kZ}8@bnnq*BNa(UbMZ}JqN?XKA~2%GS6Gc?H?S1UxsDHg zG1yG|Ad_JokmZ6UcL(UC?t(kTE))Xi!3#x^+pN>$+(xRt-eaQhLtf-&;@bcsgslNrtZqw4cM3r-hOX=;>gM@?oy`G z)sjY--XjY-DbVZaaA(6GB-wpI*=0kAMiFZ6thC`?p)z1C_Y|Y?sz;+z=QVm%X5+8TZloo!?V}t8A6W4&xiB`{yCDT`LhKH#tL+8=Rm8=Z3){kLg40JqX zbe@cfQr}7NuZBY{$+Z_W|Ey}b7T%axN41~Tm23>~(EGY${7<;Y!UkgI#B-ySDg&uI(0Ns~lJ zC`6z({@cvN7+qK07!GM+T68aZ+o|XT;$jEGT`&T?@e=kvfI_xjGJF-pyGiz=@xc1Q zHSWd3cXu|4?|rztjm?HR#`F+^p>f)}C@*y?6HO|(QKTg#Yfo%|+gnWc%KD&Ut|hWm z`LnPJ1A*GSvG_cLrZ1lfUrspE<&++3zhsTpsV3DRVWC?3_e#YLs#L$r`x(;Gosa!6 zbFB;uV94+zwh}HL%uyK_QdEeUYL5jR{f%l@6qKqZdU>S!N-bf0k6wVd7o1dUXy@6l zHUS##ObvM>gfe~A%if;ZS~^)=wtI?`t?NR&*p{nmK)B#6;Fldh#9yqv33ip|k4v%- zAAbT2rI8;?;O;4b$m)}~M%HAW5P{p%<`*ADt*3A}XtvBx-aZ zRFJje5mBo&owod6dW^LxqU9amA}hnKnw17hk0k_76S=&2TI&t~hc*f(uC&mdHB=!}ziCmK1^$=}?eLr7**1^-psIZSW?Q)=Nz71m{W@u2niIKlQn?DEP)QRhUmX;<8+@#-qC03+Nmc{DZO7XTzGYJY#LIu90^lQmsJ0!NK5^`=BAwg#W zbmkl^g;lN-|BAfrjDqnuZj69AZ~fOFfdYwO;#~eME9H9-KThC2GrabKdEn-~k4eP* z0}LT8W3#zOS<2g;#%w0m1rtfg{N-3t`DTTv<8-=xytB*zlFyZT-2z^?SJFhFW)NJT zo5}OU{S?`0c&JXZ&qZraU^*Nfx;I-jNad$|pZ0kk3d)Fr68W%eP zs`eRyPyp7x$v`4%M70aDna>K`K!wk3#B$6=QxF<2fE6Kv{v!=4rfWyx(s`U!d} zm0v|il~%U}Rv&|2S+ffe%>X4GL-`q|2i~=YY~{5`n{?Y6cZ&QrX2|3Q=uPW=;Cr`} z)i)X+ {~ahm>8hJu+{isGqjA;9me;*nL+neo!xLgn!SSS49i`1pJr5bVnjz4~PM zImT=4mz5xG)v5jceV0q?3ZebZ>pFJNO1@YVOZO=){5-zN^yhm_`oFUJ>}`1ezLzx! ze+fX5l;6HV&Xv%ge!^$>^ZR3YKmP}lss)5G%TH;2gihG@m+c_}(fzwe^#gYr_5sO0 zn%YvmOQ`3Kn7cD2h5H-q(2c=QO1EvI2Vz^oeJ&cELp6LBD#)S*d*biw5I%ksx|Ysz z_S(xj{x5T^Rkh@s9(PA*1dw;&9l|jkH>^?bljr)|OeCnX4NKo&A^p_498|gvcQXO( z4ojE3J^Hlii|48}-Cs*Kx*|6AB!apx^dS>bk2TnWElEB@;j)a4(gOlx?hPlTKnnH{ zqzXy3#8)ZS1uA=}Gmxb1kAd{+rGv52(PmGerK37{6COP%G60EO=FL=AJrhkM%kG`M?+KS zu;#W*8G`^$Zm&GKs+P;!e`=IoXc?(U`p_WpFy}48=%^CMS$fkACH#81CgFq&wZN5$cAjB8+s06k z17sM#bRk9$_#xQ*bmi&{)y$3ezM#gJs3Owjy9R2%Ue`pGTlK%H+&|Eam`Mb1xnt`+ z&J-&oB_=0di*->;v!v`0<>k%!iY!>-DH-#{ps&wm_+;uA;FTmXrr&Twjyxf{ZuL+-<`NM)eoVXikAjZBZ5n>% z*DlO1E0EMnw07Wbox~Y0hj-#0+T@JSMHcZVSQwr5A8u;R`66{2Q(n%4iH%02FpQqr z@$+aeyZvW320{cO6FhoLz$U;v%LkM)cam%kCsfg_=|8Bi!EQ0?EShXpjzSDzh@m%d zAw!q|5(V$rBHYr{-@qlG2y-z;aOKa2+fw9kCFSj1rqujRBVJ=q!ok6E}Dd+*6gg}-;Q~~;D4;3W8N2@1j z!x9ojsUFYr&7Brfu)({YckSd8T3rQnHpY~o0S|f}gf&8Va8p5$GrWsSSZ5i}=~j{7 zp{O6gvTEC>iVk(g4wUJOV@QDsTU(~UaXG9e1w5VXd>7>5S;VK?Mn^=ywvAU5ne?F3 zF8R?pG`#8eCs2s?Jsm#?>`w)gx%B}iCc47s4=D;GE7I~8rV!>DPl6waHwh}Dgy zex&5Yfb6sZb76aBmnV25hiL?Uq4ryS1C)yWfE2X1dSjaxYSj3r~1#;sxXmbeRQH8@au^;Y=$e{n@vKjr0XkU@V=$CsfM>9cFE zyVaUiC(q*_RB=be<3j|_PA%;M5lzy?NR_-gg^vo=R4bDe^fsCc{rcaiOX_ut)Kzs` zgA}37QTvV#4*A=p5SyeMb7;(^3UYf#{#ZDzfI-dySD^g(wsAQB@sev9{njCk_4~s6 zr||)rlS#GwCrefK=&2Z*@tO5Y2Xu+%L~i=_O@2*0b#oX zi@6_>Y zB8Tmwng<^%BaYec+H2Yb3qY&}$9T_}C|o!kULBJa#aruQ;iMOyNW~UP1XX-~7fN^h zRvd&1emXF57?VI=>HVx@M}{@n*M4Woo3(9sxP7UpXDnV`k^#@4UlT_9=?*RIB(A!z zVdDFEFoIC{&F+*PO>zC@$41|sE^5>SIfphv5ls2Iy|Fo-Qp(C!(d00Oq9Wc%4OH+z zXo1#sMK@Cmb+O=3p9l8p93CDXi>D%P=D*g_at4|DyJL1J3JQVIH?qNpTDE%!L+oRo zlND&(EwnPeOYL#RVua5F@^PRUi;gI88o6#YGnnI8za9l-0l~ZLblK`HSd5 zCdI8;ZNJmUbL5h2iIajMLq7vG;ii!qv^us$`7dxF7kg(;^z{#t#sfFR0wvk#CyF1_ zkR?>UBXTN!9Lz!DV#|`=oHVc;&Xy2oC`Sno8!IENy8v~J;yw_)_qqzs=C#CV3JahB zl72?0sb%0hfU0xOE;fMu0-VhL>|?OpY>&BXIhB-jCpo zQ!CekE7bU4B6r;16%V!e8uyko>=DBJN-24(fb_{mFt}!`=i;IX=YwGW>+1@1^_(qD z=m;H*To7dG^)t>=p0YQ~T6aOntAc;t&DtD9TvueAaPgzBRD`6dnjHCr zB*+)%9OK;j>a&_Kh$H>R|EBFp>#-t)o1>G0qLr4Dd<}vsA~)hVu>#l+FA;jKEWEdw z4*lP^4bV`5T^NT(pOo{M4AJN8)2TJyqo1Fdoz_J&IEPw zH~;Ko47l}nvno9OULxmtZ`9|0{)7*Ias6KPs|4Q|0kVN}!|(mP{ft!ZK|rp?Q#kkH$H4OOLHK=$;-cu2yMS6|d~XhlG?(sQB;XdLz*? zGQ}fOV6@|&*s@ozUR@QfnYaT9Ekn_Q>v9nGDRlyQ92(niYnq;o$q;}V zbGPXtqBzcxlM>C`3+lU+yC)HSx|v@_u9%pZN->Kqd>4m%Mi7ym6~AGtvY({KB@u(V z@IXJ><~3)cwl+vq<>=GCy)H&4r%_&bbBtqMKYRw#{s7J&P+nDWoWUlwe(zeEXXHzb zgjX&+xpjzQ#%-UoJK+(n>#I)~BW>6~9{=}sj{#3CnYz!%*fmiT)}_is7*+q8riXV! z?CBrvhKpcySWf6c*x#OTP`{Np+P-nj@g-C74gbpTQ-71hU8+5kqmsRQpG+OZQ@UMQ z`xM-V2>p?*+cdU1(UBSmeq@WSQ#7@ysadW_f*PzIjf!i;6tUhJ$~ZAl->}1dQ}pZF zNc9hw!&v@vMoqLjNJJ5`K00}&G)gD5`a3fOCd5c(^y&l+CSp7Sbc&dHtYL*m-(2P~ zdv{`kr+4mJhYq?yD3&!#H#N(W?(-6}mes*X}3|lO}nkRVzb<`>avMAmZ+epDl z2}ubB73%1aQXh59S>#SU8Y=)<54DWdB|TE8!p;;Z`fSl zcMaqzsYh7uS6+^c3(0pkJ07chtF;$C5Zg^E5|wLi4sia7AP}mEe7G-Xa5ZT0+D?V) zwdy9m=~be!hmnixU89q!PhJl+ zhurV%h@(C{I6wj_kW3RoMi~@Wbh*Fzhz-?U_Y(^>igVw<;sH9TxBb-mL zF6*%>2fCwS_F5?QyvtKccZNfpV;?Tro1h5xhHM-+kmCl}0&jS_rO^|*+2=xVr-*ih z9OQ#*zaiDs9;5!#v3#W#V``Azmu}~i56o-Cg?H1&0NKj@z3Mxn1bb!F7yh_J>~@ne zd1nvG@- zeTV)@)da4%EyymJ=?K3b+2JXjx@;S`C0{Dp@8|OOUo#$+rMM?TcZB+QYz}f%m!;)w z=Hbv2A3h$(?0lzdj>zM6*Cb~=6^9PQZ_w&`s$t~3p?+-{jf%^}#h4Ly-;?X=S&RdI zRi>Fl?>7ajbrVrc>_5){BHi-S%3Cdov^_Vb!<^r4zbu6Js5po&MAje6qoCU6dTc_xe%zJpG2MQG+!j zB+_er6j4Ydd(bN{4kF3>li7Q2JIs@N;3BF~2PqMG;YWiKI;nzhyss-~N}d0s1>paH zu6w-i>6leQ=Dn34fgPYKW18bvKObJT5Af!~0xDBa*Nv0vaxn~~(y54wVvnQIZ6uib z{)f5gJ>gEWtChO`*prqdzMSctm7@X0FUd3KY7<+mwk7DP{TU9>;80VKRL zfU%7OoMWF$!&>LFMq$F3*N;mgx1pV6wiLY9pEX7v^jqm~g)hPSdXot8h#-EhaYji{ z`Oe&fSc69Ow?jO-)NInX43ZXX@7^5d;ovA_B9Oci;~A(Bh#lQ1d|myYy7%q^ zeWAYq6Pp#Ym(z3Eg2#AnKkB6@nc!obHwIq;0!5WD+sbkDGqv27Bn#`eHz?12UY6QM zrgKR6RB2Q(G7+tE%y)O44~fqs+^g@p(>ShmuG0p7Vj)%x#4h?H_Wvgdw*A3Ff(aA8 zU(hz&b1ehmqhS(fFMY9BH5ksxJ04Y=$-lDk=Q==~hG|dmWL;TLHQ;GrG2oQ5U_^KW z1Woxp*)I-eaa}li+>b-xit*7d?e&j;u%u4L?7cNHN$bm?U_-)TT1Vj$RJ`ArhcUHr z`C-}*4goAW4U}UAJ?!kCkVd=->Im&@K2EcrfFe!-_{r5>XtCn)){l4UwE>W%;cG_y zK}sSy6%nyZsK@HaunG)lzj6eys{T>Sm@z}Nig9W*evG$UU0B<}$%#g6;Q@M2tI6-` z)zkvM{wHMGPxoJ30LdWgG)JfpqGhTj)PAhQ5GwUpV0rQ^MF`-kEM)fmhcx-RQ@o2 zr`fI~rPe^5!Z1Eg%_jlzC-!55;p>B}PnO(EG=jucKKIOysrlAK!C_I@$|fTE!%<}= zd9#ytdq{`yHj>%{`GG)RDn#=}112yo3*Xwc_euYuzbg0U)o$~pVa!^YV><{ioghru zNK4;+RdSZN-3wqalivQ1fzwdSSbn4GfF@=O;j&)q>=TGBPzog_Al%=vbQ<3*Ie7|& zwmU3!w4Tzb>H4HGIPrv3Y?Wj*gC03C!d7Y!&;#Kob#~fb{p)&(a{BZ^I*E zJT$tSQ}n8#ejaDpKH2N=!!?6r`B<< zGvg~4M2{K~@fDfkN^M#*u4-=*Ub`e|=pQY5tRaV+&wZLG9JBphhu_%(KI&v_96uSK zm}t84yqjVNSq!*HV?7CwueyxJS>5B%g&=5X-WPL#@~sN@sd_S>^086HrA&7Roc(B7 zmWP{xLDZ;9>E+V!c!!*m^qixGU=Ap;lTo^B`vY;e^BRb_{dTI2k4^XIW*T1OOpoi% zywRrydT6}C!@+Ql|C5leGopxaviC9tm2WVl3FBtumgjO7lXtmC`9b z+cxA{CCvi@^& zrKi?0F^VHW{}3aa^7G{XLfM2gkN)mjuYSg(ZM%eKA52W#44kDq89|rH#FHK@t z2+D|Hf*}c&ZeztNQ|Evo1t353V&HkbnCv2nIW<`E$@SNJYY{W5n#5i0rt3ly_aCZN zP(e;gh*@Gu>>=vQ+eBd`}gBu{&qgUPu-19kmzzH9lq$u|NW=;&Al~-<# z`{OE*CGPCs3w(YxqkH9d{ZHd?cXYS+mfy~DJZRu5m}0ViIFqDsis7@2D99FXS+UPG z%lt0nD!;SDz@CvR_BXSYf1Fh8twq}I1-rb{ZePnHj`NqrOVBd`H4ZZ@7qy4k%qC)& zHg^Bk$vI+#GdrKloNIc|f;Tt%r6o-d3l9pxvJk*IKbz&hld5onyZ=Go^`Oz*kAl@y_tq7+0V=-TXo$E-b2Q(Sl8;y8x+{Y|!ie@_l_p8=#$ z#oO)=&i|jVfA8xcf{IQf2}k%Z{dbo6D1Viw?;GDv!w9ZHPn38`Udz0Uhy3`%CjG&? zTc;pQ#7pm)I6)xC>QUkKPUtj}bQha|oofRbj_~ft{a8Jn_M3q5`$-O!jvzjlh3~!) zIf(x9>GLE`G9G_HPt9Vje;RExsxTNy1V$}E#D67co#43ihK=UdE@MvrIi}mACCyL5 zOy@znR(o(Q_;qk9QbiE@tIR%}mQ4cxX;F66>zSBkDcW|X4qW&O`#f8qe6r4bw0Nc( zU@g5}wlo9V{On{Q3H@A&tDJc$T{dbD_LMj;@r2iH!%-w_hg|%M88|d z%TI{cmcyUN797_+9@t7L7~@^^(Ji;!$_uhdoEBePL)@LYTs9`X)L^c386=`}spVRX zs6adlTf%%%U;pR#+h78FmIB}1FCkPP_UWT$X2f*ydGH!Rf}-7iiBN8nuMT{7C;|RK z5v}bK>=H{ap>U#T8V<2|8CJme;-Tgle@NXt@C!eZqj8R$EBm#`| zAuN!OP;#T%1k7-r_^6xt>={43@>bmAjV4y=(~Pi#-L*9(OZw3=uLTpJgo+2Mo=5pw zM3>i9RhEM$oiAiAo_Gw#=tnxoF$JRe+&?%#vF!tbQ{-n+~!keYd>4m0Y zL7C#58;>4cah%HfFRRez%wb=4B#z$3q*j#UG)!K4-MQrfu_b*0?rm zA3p`YDE64L0$&6ef^Bn5-nhRBK1omYeJ53$2|ODCSO7VK?mrSF8b zspe@%o7miwf`vm?h+Nk%p51Zf#auDWF*S{NynhJY_xH*95OEjv=40f?$m6QI8dx8J zA)!x9{p!(`WuGXS5-EA8(DJr{%1OFd5}Z78+Lnm``e_Bgn1y)Yp3<{8cDMWv77k0p z$~IywG#{IebY06_+bylQ4>_&AF}9ZS>?Db{y8@o)vDbv$9k4HVL9p_PC%+g$j56WrGDlJiW&apPDY3-zz&$OaF{MVDOCy@$(z) zt4#q+Tl8z0`C`ZHqzClp6{s@~lKJwx!xv_^%W(EuVqd)tpOifL7_4J-FJ_lYZDuXx-?uPF~sAre*Zq+a0HSlc+5fEKi zM}{s*4Y&B-`DM|eh{`9>_qD!AzmuU*NDO|!>i!FS@CSO>NsLvG(-`UB+9dpID4>7v zf?bP%(Hr>shz@Y6Eir7V@2u4T`VDE^FJ4K83D4ni7X4+qEr7>d8*fS3N0{!kXoZQE z@$?e+lvTc(Y?C&3!)HO^c%GzV(f2W}P2$BV9o~}Vws$JgI?ekeDF%3GlQp!;|1}+ zEjf}*5Nr_vu){N7wtWPcg{S}KLKrvTn9O1B;eQ%@1v`HTB>ay-}+$C z8fAhICLI1Y93KF8`B4%`<1kk8V5*WX{wyr;G$C)3l@CP%B76}aTzd6^Iiv1|DmLZu z+JwnN!f?jd#Q?8c<+Q7uOZ`-kp|3=|9_bi>ct8;DUEgfHV=mUWa~B71?zmb4$>+x_KELV^>(8Zq8{wwTSzXt}XUIwCWLzl_eUf+vqJX3HrKH-ECb>&e zix5-yrn(B}2L>vRiSd(DQa7D1l1TkBj!W)I?*{(vZ?pQ?MZ!&x*eVKWMMgADjtTGN zW%HO5O1FH@Ki;2c{w}$pK)QIqOM(oVH=mW62?QrzWpu7Y!m$W11asNI;CzGoN(|J7 zIXNk*Erv^RngnP7v85ik1suSTpbrPKD+M050=5CLOctUQ!#5!Z?RJp-%&?6cHq{C_ zbAuas-j>O5e1@Qn&N*+Jc##A8GXf{*~pgs=bkQJszyJ0SVKfykd!I z*yQ=U{nn}G3ot5cWSDo`wBPO!>2Cto5xH0KkX7>-+|GhKJYr&3a4kBag#{#}jr|u$ z(ef5?q$A>y`w90tX?HL@ZG12w{cRhSoPCMY=394P@MpPCkLSt? zthhK7tF>;I=2Z*?> z<8$&iyl&j%8p-WkCPv#~v_e~F{X>JYkcVe;|0e|(Ja8>jJ$pvI=Y^K;i}0p^>)9%Y z?o*rko7#-)Vo=Bb1tC28=Qns(ry#s>;$shj@~Uw;7=1>1HF!$T;gFn}mZcZ(=Whte%bHyi28m56u&zxI^VmcLan$d0n@TSCiN{I!wV8ASF zX2<~-R^(oxQ=GQw4R^LrNKH-H)LOEv=b2_S;VWn$e`$R@4b%(^JzASf+In##F@va&GK` z0ItCj4lXVwVBKCylnk6uVjTUhcLM;^CYes##W+o*w{5x)KltQDMED8kWKYV`XUC)# z{;cMbxQ6FBg0B)(GlhQ!;H`!SJnQ^*3IKlc=GBWEmN^V`|;<DA;kZ1PG(_V7Js`2V{VadRTrZv70>uy@3~FIj=}`I&xV{rOJM@_xFUK~ zaxTr=-_`1=JODlK`Gkv9a5;#^**pD9kLuX5^NL$?uH!qx6P{wD&yXHK$DdU zVkXMG0NgFW_qId=Rlq|a9%1VjvL9D8tg~YhnsW`2m6Mwgy&a${2^!%#P=0Q1EoZ^> z^mK}se}jF1a|(;*v?-1g6BBh7sX2NBLESh2<`{6F03WzfL{wBFmVrWz2cLB}F8HYc zABV*W2kR4K?|DzGMpp@B-X+)Y8#SnYIbS9b@j1u^gUvWo-@<|9aAL#__{ZIWqK(Iv zjt;b*J|WkoFq)aszc-sFh_mm2@25%azu%94#T51wgSOho^U>N)iKeGhw}{fhA#dT7 zeD5OO;a*{`Ik>O2pt%6F(uz67$k#B4V*Y=xSEC-7v6(4TLdq?sSKpagzjuQxDdBwQ zTTH|$ZWzTJfXW1Cmma5Im83~9(4NDdFQkO%Z~#r(apf6^%txsp5s-6!0fC=ue>0if z!8ht@W!Dp)otTqu?iwZ(-{p;xYBnENxfNE&}O&NU@0nzL3%W=r5Ke) zW6Ens62Jn8Grk+mhVakm$NLIvp*ptV=_9{US18Qt8;a)5-9}Vk-D%|qcJ|hz|n0Dbg&Hwp(o`O}d8xG!@2a+h)Z-GjjBiv3+>xWcD3X9~y`Oj%jk3TOq7x+yh^|9+sPpx{J`;pQN~ zCE^nrgho~`O*$t`OZHYgnJ32_`VoJfH>sJgAfk4jT<#F_c;+F0$bjkf|M0WEH~H{c z5MnWP2}U>tT|aCDLP}L^0;`g;asnXtOdgXxg#!b^mbd=C%xgq2HwM^DjW88GaA88m zr_uzDXwAd8p#IoUJXXA1GRwD;^kQJH3LB8me?grZc}m1mH-WP?vF}PQtrc|tymN6x zWSv$gi%fxm4yfZRSM3hK8B}s~EcfdOoyA!O<00Myti2{51QR#|?`LtJIfe{@iyupW z4vwbIGu&kinD@R4M!x95`#kOLXg+_Qn?UpK#$9GGo<|S3U|HxQ=+;X zW;AJoa$VV#_<92!YQEYdy%|f+!mIM2IB_C)6YPPQrZ^Tz8JJUX5tFEfR%b~`_!GA%|k4{#qA@o zQ&gYINhA=@)YlFZOq^4P2;6U8rSJt2_7m|qz0z{nxWW<&oP&k1PE8y|iq5ONpY@Ow zBpAq&b#e;qqk{l$OvFQgAt$-*YOnPOv?GRqr=qGdI6Q8#K1K?SokhjHj)&hH!$P+7 zEGXZrGz#=h{jHsy`6OKcg9JEEgARuL^Zf&gqi5h^(j&x=I^QRzF`HZAVw!oeOTAuR zRvq~D>%8P#ddH*Xy4IEBZj_B{$$^kf_R`3cVHxwGFU)K!D;&I+CqxEjl%Z=f|Dy$P z66U-jQBLk%6mJMFUFGK#v2cTMa@OkpPrX!=c>`K)F-azbLy}2Z=8vmBwLO6{7r_O^ z+zg@gF{pKuzyu+^l4wDd$98HSuIxmRmjtD^m|ibo9Kaw3Yw!x*LOaZ|24sTkARm92 z9o=g5YF|^B-k#UN{c}AVDF1rxUuz>A4pCtENe)FFQ&WBmd@zY?YaKXg*8mnA?1lgQ zC}+=$F!isXSR}XG2V?2=I%s+@KzUt8j0TCIS`zPAa9y=K2^a!$XXKf2N>@Rb;S5K6 z{F?z}apJcGX~UK9hfZo>4A9cmWycCUM_qB#9@)lj-8svB!?4S1@L4uSFKmxS$zy|Z z08i0SAM}xwZ92~d=xKd}E|v)KS>-zy7}N>v?nGQaHyujT53&X$?oCb~G$Br?>hM zG^EO#5yW@rMAS#r;}Yu_$*-IQGETn5WXuLPV!I!p+Qz{lL_^U|-x5Dcbzex9+{BmC z+v82n@lI(nE;O7?m@<@@ZKY=(0FzEC@#D%WTS_ApwTu|B3lAtwwx!r}cwK?({>Co7hvNmMQEYB}CGRc_p2n`&@uG2wxY~fI}Vt zICSMSg?i)*4T-}0U;UvoU6!t-($d}7MC9b!PT)4MZ}&Ren=f@@CBWK*usR7()VrHB ztlZqCy|12C=ZJci&Uwu`xr3Lnj3p2Xl91!UK%9U09N%vkFBt_gE8YWYt=QoKe>j?O z7_SeC1SiG*MgvYTD$9F8GnP>ChIDJV0==&++qA_n^o(4QA_xyRRvybQ8EWlzP$It6_I*J;Bg45c7c1yn7bhlvOemc}{I z!vz>Z+9JJlW--Z<{K^91QnD16T0Zyk?gF1?!zwz9@cn-vAwDU@%tf3NajcT!CZomn z5ti2R(bZw@f4g5`rB!9kfiTqfyzgOLO#h@`bIUs>^Y6yl`!xkYAHeH(Z~$J2nwdq* zvf+2&cV}Y17nhwO&}OW)JWJiCQ@ZY9b00cr(F)(LXjBHT702tB7Q09TH;CR8FYit^`w zN2S*45vDJkfCT!P1O)>q2=X#L9>DTdIv*p9S%C4Vf&TGxV`E-0_o((U4#YA%A|f87 zhVUS8{Ba20Vy${3;(t}+MsHS1VaexxAU)U*?A-|lmq93&d3MzlX2pI5gv_`NFX5(= zj+ZLQ2V`FX9~%}Gt72>wn5kaepS#6?og2ee;KV%P zq=W!u{xdQB1)x|NaimxwMwq!dbjAYf8?bh!P$3tSH zapRl1Dj;Az_?XA3XvDoU( z8(bw7mD&Z%TbH}@p)fEJB##2ul{cvJi-x+ot^#o#c%00CVt|*i|BhKe9tD(fCjW>* z=N!6?s4&tid_~J}046&R0$X*`c^tQ|FitK%D>W-C>s0*)wyr|4v9akWYd!F)c3Y9} z!9i^F4-9Bhp{YrFOXnf)gMwHnzFhpF0qdzi{s3&BHf(e4>~1Xq_}G*{1?18t_xnBg z|B8%3L;wRnl*ISrJ6$HYyLpDK5@t5AcA3~) z45>siMuVNPH8`r{=y9;9^9deZ;3C7SNf?h-NZ|TcGRVG;Lo*OiUG8!4ZX>SOq{jGE zm#QqE6dzVwP0I;Z)Qs{+4g(OKB+t32t2F*uu0W_YUblXeVd6{n@N0F}y)IC!78_r$ z3=%NP)BQ3%pT)nj_HqUu#} zdOuP!ic1K2_xAY%lA4wS+_7%DZ3);94ZcgV+@4i!>=JYq;4|(3vO?$TJSa}uTBUqW<)fcrtgyi_;LX)Pz^78hNHoMQjL7EIw&v+FJ_y~Zlcos>}i3Lc4x-JviA zxCqNf-obb5fv-@vv0diJ5vBipC|UdGQFz(P@9%EDGuK=0PbLL|;^kZl%ai5){*F*H z8v%77CQC}zZVo3JI>-&wT8=wPN7q$lQQ_!-hRlmE3It* zTJKq|25g?K@3StU>0(T*P0z)t0-{2w_hZHY}j zkh7xfGw=4m`T4~&ID*Z=_bD~y4Os{5k2LNcCE(Bq)OC0ND@JIXIx*@-1MF|DvbPuk z*_hVkf$PZ={YSI{u8g6ZwgvsU>TVSDe?kL;c(OjM(nn(04G2j=(*o>?Tw)ymMln7WH$WWn*gcy&MQZPAy!@R}xh2AKG^~{(CT`J871sW;{>pUy!Wzo?TmU@KIAB zw);wt7&gv!(VJ^jyI$rT(2KBYmocWocp7==t|{g3F6t=5R`$x$A+ba)ms@4l;MzR` zZ7+&D*!Npl4V=|q{XTf0qr?alEDVHY{UZOaAQz&kNR;n|HE?iopNrwcwNGVSgK!!pos{s}X#d7%89+D1=( zZu!4yuP8P%>1c4$Ney^+`cR9ee^g9myhh->ktf35PtvDqw#Gf)a1anYV-r1J)l9(c z4>UDedKeJpF$P>B1pBMj*ga?t`d&F=;HGEf1S}NUp!IqIIIfDFT)03v5KT4<`~SX~ zjJjd^NN>m6OiYqcq!Wh_R;*&KR%wiok^{QBgz!rX_3w)e{6IkySJo@gDkD9;4QkN$ z!7o^?eq`+l_F(UZHdSeoSwp0&F15S0&ndTXmQ&yKmX7VL5V6(_9gb7yDMR@`LB*09 z?g9lyz{b{e{lp>9>17&A1IDmgAqOau^rBSE^nN{V5VABLF^;>6Q6NBi57?J@ThUOq z7*BPBT#6*D>RA%FVF&vAUGuIjfbJD^7)urX-SXIDg?3|qJY4qJ!mi14JRHI+!=1&X z7pznVhj*fqrMgi-Of&t#h!yywR+p4o;o+!rf5Tcrr81eCMK8mzb{LJr9F2W*mgnf) zHC4w*%-4pa%ql60AItFGyD|mVTA3=zNh2e(4P(EiuL6Io2MKJlUdum^>-crKI8C*3 z0{+wy3ZOHJs}VMQ>@s?~I1T2j_~jp92C7wII7~{ z3BdQ}0KH1->t+9C4`#$3%6=h8(Z55<0p1of5}<7*zUC(t3Kzf5g8^7c=WA63@-Xdg z56nNRbQi;NFO=&Fb9`%<#WiFZzEsI)Ym);Qn7tbmAlg)TbV2|7UNPh9$c=d_OuNZR z)%p`}?Y3j3imF&S>4Z>HAPOj#+y~FOYbX#p!lS?HRTah#BQg-wag0-KXT{}4mux1+ zZA6()|E%>l!6JM3V?i<-xCNg!?_>&Mj~u5FjO{q5d33(xJAiQQrPEl0hThc&m~*u8_~U2ur0SwRl67UWz6{_o%*PL4 zLW@~q_BWd7+AE*7L%Bqp-D>~ZP``yATl$a32wmCCVs{3(;K3@W$@>QxKE1! z(`GOut2xi<`dX@z>C+Nr+#fG7zdx=}+%Z@*oQ~`0lMfvV-y>39Jre?ZB^_{@`HvE< zUDv0A)Ud6-P>mzToQFLiUmueBWfA&=YIorlW*he%$2C4D6tJHE`t_?2xo> zOyr%c*Ydv?%ZmR~;t0!vD^4cOha6mSx#WcGhj1`K+WtbfT;IY(9wnrQs0Rdl<-*oM zAh5`Ko*R1eANK^z(Xs5G!EyH__XTlQJf`WmE29;p^bU}MfB(uGU91${zB;@@BOgY@ z5vKx|MMPXFKLLpf+x>^eY`CjbNd`Pu7Ke*92BD$nnx1ec|EIGU1_>`?_MBPe>t4|n zySF<6GM78d?$Z$LUI$ylxpSq0bx8)-5Q%tlTAUWP+adP5vamxeaNA#k%cg=Zl@;_= z49nzx67;||$|+{S*HIi1RMic3U}9A|ORHeQ6@gGn#vS?u3}`W(Z;1M#p8{`lVu@{E zF&Cz}LsfT|H+jDyxj$|e?d5cM9Q%M614^VY$EoVzs>SSg!>9kCi4v|PB}Psb&QI>Q z`z#*3f3&X@<*un4S^s+vyb19`&ZPkA_uXq=za<_1T3%pY^XCYa+w&@5n^5+?JR2D) zY1O4OscoULSUTN_3fvgEY{}qUv0Gfq%|U!1+RFkYa25wHbq@^5u=*$Pb}Jx8W#%+g zBHvdu%K;5~@5>9g)=uBzFVI6YghZlFv*W*-gMBaMY8EB(=n8w9Y~KgLp+VFM85w1c z7;>OH@_$M1cMVScOWRP8l#-A3_dXE2Si(J$SeHie1Gvy3loTD}ZdQX+lA7-R7&|U8 zO{O&}=HC`fM{6mTM{}P8F05X^87Cu&SM%*#I~^r0V}-c%gbv%?&AD6n0TJO0@pdfvWc$1kAyj0@fVO9Ly zvmdC(Juxwi@m8ZTYC)-3edv$qdf~Fn^S3ol};SgK(EDB}V|F6muTDwI=PczA9 z`q@3|8WoZ`B|uC3wj*Ht{qRFjQax}p36kkJ1Ar)nhLl}tu`OwRMwYts{fI3M%R+0D z!?S{ODbyTwbFo9Hj(ArlC*#D#;Ab-mLVDaUw=qu}=70ImUq?>;pl)vS52Zl!`*3K` z-x~v?3*HWN>Uks|!1r@|A8sYdb8{`71zK|xF>WupHC{b_0;ETW-cDy#CeGqBcWGGu z=?q*WgEV^J9P)sh`#(xBPV}}ioX{1z{GTU`1juMSm*X3aA4Rhd3L~)P#A-MT2@9vOqoMOOD6BtIYh|H=%kVuMV3J|4*LGa17Yh;GyeLfyN z0{!Ytsu&R_kiz6*A|9#uXS$D;hzOrKxCM%lh!;MY>~VXT>xq|s)MIhsDpRAnb%(Ff zN>*v6)_-k~p8T`BLW!ePfH6Cn9WNp?l4bYVYB|EgdOe})Jb_Cf-MEIUNZUvV+!+p{FZt*7-$>0Tblx>RMP_OA|;5#1kZnZiU5?kAX4Lo#KECr&PGH@&S zf?Hvcmx{nXtaDtWao}@>g4NHay;9|&Jl8JM(Y#aa9TucVC_Vgym>Fz-yc7;@{l~`u zDsJiJpMc#_<*4*T8LLx~HVMaU%$N|Qk$}q~s#U%}nSu8CBkY~v;$p{b`{e_V$Nh-J zCp9Nl+rcZ!J1&$o>=l;V1H)?<4;_4i6(&tPO!Ebt&PMYM#owg-TZAA5Lc2qTn0c5w z&wwMtO1#&+Q)n_~kK&(5?lA=+@L10}zc^q21Qf=_4!GD(q)g{_e60er9SRm?ehwBazr$R}!EN<@Ppf%%MMmqny~yp+tOs8(&(FQXSg{xY@CI1L zngkdh2k>L}KZncwlTx$^`HX6tI4uwp1?5oun7~k@0nwiIp(k_A-x>}pDcuQc0tFtE zkw+A3zEgD15vE`&uA}I2)O*25l=@+PJ2gN$}+#m!s{|fD5m|k})okvHTTVOMqNXiLffm>88f#u-SNixx%#s+81Vq zy+R4M-EQ(mK=ikP-U5izgUfQvXR1UZfjy@V3TyB;R7G~{(a4%j(@3^?B5~)Ss0un_|P3JLMJ135oDj}q6m7kS9ui~ zpA&9u!NW1J^a@9FdSa`xzHgNw(l_=~7=JK^d247(-CbY;Z6)|zfMVr#4s*UA$3-Cu zZZSX<;RyZ2n686_J4~BiIGSX)!9Da|5bczKjUQi&;PNt4-Qt>mfk8hU6>A-7tvL1F zxijr{kQTj>%~)kTKW&+H5&5fmv@-dmm3VdiN@$}XXuh^C9eS=S+hkN$1^cIe@tC}=*oT_V~3AWoKjXOd9AOzF}zDI;q zF69js2UWXhU%@CLyIQq>ON~YAXLmmX*%n~bpoGgE4M^`v!&$P_C>e014_I(7>xpE% zj!%d_+WE>|>p_d^+x{O7(|_eLpEMvr`e&CK{#MhIEI=!xt?MYktYJE4dVkc;#_-Tg z?{$ZVWec#@>JjibbqsMaIL0^gc#Mar>`SW6uzz^5;dx7cXh3Dn$M@~A(;XI!P(wz3 zPxV1VoI;Y31~ z9`Ed@v&18Ja@H7ReTV*+wDE66eGpa5%ht~LwKv%jM`InLI=}Ue4flT4P$gx)Ur*V2 zuLqlQny;e1#r^sBQT0lvKze|>N<>T@tEw<1)SEv5*52a%EkB^c{hdj!nS&}WC$~hN zv5|XR3U^WZ?V6ixEf#6+9LkZe7;kR9RZLAPwl~2sH*+aBKC|&$KOeSBH?Ouj?GgQM zX!=~~xN-N_v?VF*KhP9($)b8J8NmLYT>ULJ@`?>u;6AHIqzT}3>YfuYvetvB(Q&^_ zwXA2B>)o4O_BEGSZOiA&@NL-RO2Qtvvp(4QRak4KP8*gJV(cff+lJGt zEKAW?{LvEwn4)#H_t6Whx%b*HbTL)KqRf~8i}p9fJV!Lw3pi(8!neX3T@+LMFD={; zqqf;@Z%-0&lc!-<=ml7SU9Gv6tdD|P~P5V~MMyhCVwjN;?#&tgQJ#j4}N!<%{ zv5r+mn@622n2g>y*tUF<;v~VF+IBAWn1Pn=XzOuy4eE@o=ofid90_tc(@I(!^b1G|9%lqiTLDlI>_V zecJ$3M9`9yo1MyL0>$Rog3!Y82?K%ku|vw>@?Z4`y-~HMsBsdK_;?A*wFPpgxxJ8^ zzy-pJvm>m}J4;6UVpJokWa%P3Fjs$uRWPCWokc>b89Shw$GGz}lVu@O;HEXnG1xDM z?h&`QC_;*zGDn8}FPjD2H4%gptP~tj;fGHjl~?dfg1jL>RzM%9taZ@Wrc*$6h%m0! zPeGbt&)wm+lz;qPXCEj{uBe4u0WN+(fIS?qu3Tc2V`)GZ8WQB*TnonQ++h-`&p`PT73R3Fq+ZC(qVG zjMOz>mh!JC9=dHFE{*CEy!Fci@mQPaFSKv^t}X)tv%%bF`H8(4Tfx*Yg$B=7GBb}i z9yqdc?Y9+u(ox^l4eED`+uS{Ef%Us#Ff+3TQAXOo@Quy=s*O*1YR>mSpUU=TAj9dv z{5K;k<_Kr8^zg=6FsRW(OTf$O?-Kq?BxEit3r0k@-geYcl1bw?6)TO(Gg;Qwif`{9 z95O;8|T_GkozrJf!&~5R4=O!`Qw@sPXtEFNsKrG)qbR{ zU1`bCD?eH0<>J}o-)!$bR5xrGMk>jGN#T$yTS#QOMpC%`KAz&?#)#p5t@qc&9NVGc zDsNq1!qIfi_Cx?gEjK5b4QJS&lzPD$gs?*8Wk2P_>lFJz`eYzE<+i*9gAy5wZB^}) zKm+-Nxkqg=z$o6nUib59x7V;Dtp8H22i>W>|n)GrgNY0;ZkTC4v(?2t-xbhLd7vB8aU+Tf!E^nLj;& zf!01tci%r+7YR;g20TXi8Q3NKP(u7e27TAcQvk@@rNhFn4nA<*Pe9xYW? zc--J7evZY=C>pr-XP+>_Ry*S}Wg&yO4R*$6tb1JV3f<$ctSfy}>l^Lgx7 zLYvKDE9=e_ARVdT-N1T-mV(w&fGb_b8P&jso{+u?qbu?o3(M@FfypwrfP;u{$#N4q z{=;ZC-2TuDw5k*e{S_K#I5bq7ng;JV&b{EQLN*zB(F(K2Y=tS8oy)tg`&O`i`nkA$ zGSraozNvzFu`HRu{`vGy*}6=}shSnKqDZ)HO+87k-$80OKDA@EFhTjX`OUt}Y2*76 z5=tl{ghbN@zeufRd2S2L^HkH*3a@(%PUgTzIig&@5XG8IwC_~8Dt|C)sFa4J3wU;>Ete?C08K^LbWLWjc<-pS@bsDP|haw%9!J>ykXC6tCEc!||q_i$0O@s>u_2Z`SdfdL@d zWgm22_US4elfhPA#ctVvU}15vWjnBKM5)vt(WjVJ(qzSb1wAge$_8R1)EeCgm(+88 z_Tv6`jQ*&gTRKkdM^!9?Y!IA7`0@|!yBA15o%)Ckkou~g6qWmu`fxYth0bH4Wsn(p z(O2#{*>_BAX{-^qWlr^Ew*nbLf}vo=kCx)m*}FH{GV?vyelJg>s@^c3#TU{g5b8sC zY@l)a;`Xmfc`wtN%){<`Y?V@vN<*+!OxB)B9`&aE->^F(bV(I7}ujKKdAaj!6x_#bo`h@L;^ZW!ml65@&;q4#@?AzV%6H-4H z>Rt3lpmMo>x*Uw1KXH}?a6cj|_K^l$Pa(#d0_e`Jjsl}7PJ;k{4L$ObE85?ovhPjF zFuaPe>YL%0E+#pZlf?c+!@FYGvaI_7bvhm2o6)$yXUIICX!rGE^sQ{TIG z5}ZY!;cJ;}?^WNR-gUzK56!Yz*A*kI#80E#vpWq>e0NfnuU5|#t`v<|7bnphBpzSM z34050S>xMWb&8ZDZU{4X|6CXB4fS+ z%JrC<&+Z~xuiM5JUcUwrDEB2Se&6cP`{UatZeA3Qx&Yyx7pQ_E0%KER(m%?M#^sJ9 zV)rvVA`9x6wYTK@l=Q!G5)s`zA&xo(O<|@-gFH^Hzlt9{nfx^x6Cc$gPssa;NtlTf z-71rF2JS#@1(5eE)hp(3v8eu1amQWoy`we1?jG_A^R3K5g`xG$lh-+l-ETI4Yw{=6 zk|!3PK0gDS6oIO>7;E_!Ou^znRj5e;q(rs-iO$&u_4k9wKk8%JBZ!e zPZ?~z@>}%#vcIu$<3J|*%`k4y|L`uB$+mertLi29Ut{A~#eyLL3Z1>w%t>t>A2QgM z9-FaD(mT7^j=*TqC{&6!T3Zd{qsRYhah&<3Sfc}8C@+!Sv83{)Z#wJs+G8V7|vm8a-x~na$ z(vTvQ+E}Hb$4ibSQ_f&^cS$B`h$t$SX$Ctt9meT}&ysw6S7z>eiJ*`O^5%n!6MMdt zMUM~j4vu~AR^P)%7fUO9{%%e={<;u+^LMn*Uh)LbWAIO9c6P%OC20 z!y&30ALJ8D5H>lBpG~NLr9N4>^m#`1iq1vk6CO(VDD#OrvC^IJEn1c($siWS*XE9K z##19RMd+&rRL{}3Ki}L7itV2%I?+%#6OJfiuKo@c+)7uLyfIOf(IpYv=jxa3e7Y$k zTgoGhvth|px=phTZ||ojB0^me(rCm|cEvnmj_0_l1pT~H^v`!c+s)C)i%A=PAc!=( zks1haI6gVfqbQ7x{&iyTk881@0SshL*xS|DrVVQygb?DtIUjvg|GkwQm_G_Y)GGzm zT5Dv+(UE&I5NZ}$52YN9ztBj(6B|B$jo}3zQRmm+C$GR51K>+&gJfpGH3l>f|HKsf zC$*z`+7nhkpa+!G{>nCK&3_mdHojChsc2D<6XbR&BLR1}?9@$vVxEYZhOdbmb`nqb{U7+v#!rY*mmW|FRtt?P^eN^>xI1jG!`rM`hNtNsZUZBib**c+rbEYm5*kNe~(bHd}5itMqI2 z*rZo?8WRD7R0gkV>1b4ztd3dlnC6Our&OSCFr8(SSLi%@w)a!(;?-XZ>vpml43a)V zIY=H}#;{?sHh1Q&x7wfex3L&jwew3g;*Tq1&{XuwEvRBk(0LpS9i!}asWaJ(>no*{mfFUbNQt!cac5pi-fio#?RS?h|9b@|-fZz4wBP5-)dpxD7EfrY)X!qe@@IF*n!wfmH=+DMG0MxNskPo=gJ;m^@5 z{)Mc&uT7@O#JD@f9^Fx>`YvL~&1PM%7u8jI71#dOy{TALlwGcr+c8sT$2mz)SnnhP zEq|t#l5V!Ituw0lEKQ8v1h9;b-kg_1t)xoipRLW}De}rFhnXIBY0*t=q!s=ALf6Gt zTFT_i^7=9I$X}yT_o{N%Aa{gRsF!1iCTS5%`BPm>!NcTw2)b2S^&c=kKl zGuk78UKQnwI=LeT3Ocn7%6;|FRBQ!MO6<*MzCtF3`Ou|{#O(gQ@ybstRA_+!=gzar z1`HxD?;|Ff1HoxQvW<5Y7>*H^K_{1q>1|&2xOfj(<~YCTa7 zIlz!{{JpyihR!qzrIo?wafEk;<(^%iFM%Njpsobc*CcU2?ow4DO_kbuMJ+~WdOz&s zyQ9lJle49&`@&eR)8ch5dO5oOY`Q$TIl(?>R|GjeSf%giSYz?7O_+dEO^^nUT|*5KBa zzn&=Z61C5P4i8x26p2-PgeX6Em7(^wzM-Vf zPSP|Mc1UlVNa@PI@XMP)l)Yn@_qj8-e_WEH73zUVg_`AsheCGf?Y+dQ+po52nmg#p zGr1`ZJMuy&;-H5KyB)W`&#(R7yqcA0N0hK5VpS4=cLvn_b!cy5CVs4xJt%0p8@}Sk zL3*QOjIE&osh07iUb2$mn?{!G^Te1ANq1}D1s@>|`Iq?uAxaAh8tsOE`)|;R(@&1l zsP~b?-X4Q$(y21ogTogrO@Yxgm<4f`zdk=9-2tA5R4@PxB=DD;MI(}*I?uQ0V9gHm zt=_3XcsP~JZroxE2IRP}CF_;?>s1)CDJk7{`|7Bv7qH`YFbOkma?Qhfr;dQI2`5%(z}mHUkHRI1tWH~SfKrZ)D4E0WB{r(WF@Q#Tx<9}h@*Jv-=F z)4aJ|QmXB}2G`W-C9S_cNeQ3MqDbVDT#dRu`cN; zB{1e`i}gH;&2ipmKxp3Rf4iCGs(Uh<{w((+O_$4d=(~rO1EdqtlD72gRV;OM?M@8x zjUhE5M#Z6_k7xg`<(r-HxRHQNzft~Sa#dK{wx9!>u7e-|Q_ZS}DkHBct&+ zngnhP{iLBz{p`Ej7_&<~P?{0T3w^2AtPin2&md@cFW};$J;1H9-{7KWM)$~8I5_8! z)~D{`_muNkkxBFh|NBEBVTC0}e>(HSiPaa$FW#8KvvNQ70I?CdVc6|Y@N;i|-yKSo zE}R6MPAC0F{MKa*kJL^|*lkpyu(TcjeV)`S$zd&ZJi=L1Xr@s#q1Gy`%kq`vF!-Mth!=_#P!5+;^+h5jIlcKH0a z5Y`S|dmdE4frQIFd)>;m z@7b#>d(`dq3}EDzeEoHFQrgOWmDwvgDoj1$mwmg4q@;_nDTK$P5s}F5YZ%&AmRq2s zSjBB%;T`8u$ppI)eSYo6mG9KYZ|vZ5c5$JF4lwoBE7=tovq2{eIvoygulGv5emZ-v z=<(^i+R@LdW}QkfuqOji$dl*)N5;xUy>CdhhEs<=mcq zm!eE=0N0gTTT@Dg)?+uhLqvUh+pncuT;A{tuT)IyY~DYmpkZV$Dv})t;^3X!!8Etj zX1WwD-|Ko%iYXKOb~L2C+w(XM*sxt&KKKr{y#9`&@DNcl+VH_UpDGiU z2hN!eaY6ZCXAwmz`+dC3qR(1Ig5tgKq`SKCFm{$yU)<)a$ZQBHtf9Jy2!Hh#mAI}^ zKX%O*Y^jhr$HcR&MK+`fy5IWB{28^kSxHxr03~J?%w$%8nu{L{Y6cw2YPKqx<#QS)?gZ94AR$YBUCv4{3eXX_{~NZs~anev|Tl zoIK>mK_to18HiWq>*1`Zm%4m@z3r1K?Tl8l^2Yj)9DkCvw!0lAZVNv09=<+S->cYS zcN9!5opGTkJtr~4lEDt0XEOEcOy}RIR=OkHxkNOXDrizwUZb9itR&qYYtoc(YdD&x zqOhq$_K8=fc}u^CEU8lWz_oLq<$gThzwy*m1>iP9EN+X9&iLmAz_!-Z@B_HfVl}tG z#G0TU6~Ju%w{(e})6~*B!t7)b`DjmEU>0|vgiyv{=`Lpfk4?F_ILi9k#2G}Rr)G969XTlm^gRz_xOiU-h?YME#K$ejHM+ots4 z)devR+dm`2XX0cUj2Pq$Kj5yhO1o_Y1_+RB&P~IK z^mw+Lnn%0dlB}h6APX=5hDjlr>|S(S?TP)Xql_Az|Gi;NmxtY{8?d#<96sm(%2sv8F=)4GDMm1EmYj*c|$bKxTf_RnQnQT2i+ql zXLqjnbWlrT8Eppp&{w0J_Anv#&oxXB*6TG=d2&q3@Sh3}`>&)+BteTGjk|H2i^Rc7 zWKFCvDf1rX+@lLJC+^7o6hW@FIA6w(&s62E4)e{3-|#VVGmEw975#bYUhEzec>|h0 zd@uBra$mo+g((Bw;Nka}=1uudcB7y!ZRd8PyjNn^ESQFL+1hBL0b#HGqto9w5vKiI z9@clmpypN1%eRAswf7xvNE>~&h$EH^(*H#BhGj(bOCr+G_)F=B+zisa^U*;%SmQe$ z9A~kj#!RWJA@-{LItlKZb^^Na;IcBj&=5)=`$L9jsQq7si4&9>luk5 zZJWzSiPs0z_^b3Jh1T;3oukcn5~W?CUmDD}qPDH}j&?u))?i`f zV^fM4??A7Mp8RSI<_mQ>r%1l>spB~2Y?x{LJU#-Y^Zbo-zX>CH#=?p z)&7)PPolM##wQeUB-W5Hd~8*+V6=V{-T9YXPprC!1H|FLo4!1?K5|*`)V~ICp4BTF zVH%O?s7x<4{Jz;fJMd@!%i%&It?HjvlLY61OQA@l3Ji+0<#!G^op!n;#tZl&%g+7q zxxt&6`*Np1_+l3UR0!Gsv>%MYAfx3_ioShN0_fJ$ux^(~&SFxmDd%el&Hk3eUek*9 z^cAqep19y&Ki*$Ff4d>Fp2>1@a`M?)#j@9+%Cvnof+L&IUaj%wvw^c$zdjA93C$P4 zuFt-oKPodrDc{5lXuz03oPx6(_wj`HXFih_?G`VI(`&HmC!v;^F9M#`^BJ#`Puv5! zN1V_O4T%$NE>6z(gM-QE%^2?hATImCGP^lVV2xG<>?KP$@L(umf^_F~*_XAqc{%vdE`F{BqHw}X;pg7k?zOQxeVrG< z=VU(vepkpOakY}t#@8iT=@fQ0J{89tY~P~_f0;?Je!uSle=pPdH7d503a(VDMTCl) zN$H2ZqM|>8I}C65U3=Z`i1c1&E3|uEjC}jN|GYi(J)9RRGm1%^=9%!7eTS}+UmeiN zZ&7L)&DuvhhBT3p-;&F%CX?#PHGCa)DB<)+YSA`${!FlUf;&?luq_m6?N^tXyr-en{xC%Z!iG(;is2|m| z3RNTb;TW1R-(znt*W|B>8j@TS6BBPb2<)+5kNumOXFe`aj2o&Cgb1tzmJ!uTSuHF( z|37qn2RN1QANO%OIApJqb?lX$6*^Q%OG??J%o0LY#yP0Sh-8K+4YK!kD0`$-c4nyT zWFO~w?}yg!|Gw{axm>3%Joj_o-}}42pN|(huBBLlee|@^t(Rm68X*H`dm1f=%qQW8 z#mIe&bA>Dwtu06Vofh!pnf(WvdKuNpG>q-Uw(e_IEZ@`3S*74wucg!Y<~hBx8fR8k zDh41wYv+;Q9~#@<1y$&Uu-Rkh9<6Z5?6pOs}3 z7JQ9~Jn!T$97*mMAq8iR9bD)$c=?J(=@Z6lLCshHMu|ptvE|5z!7CgwK+LCDPKgHCuLr3Xw#HFO9UkJHGavG51^OWZ5`5&ctQ(2?BCXJ zm+DBp39wuY*517F4|xOda$Ethb4E?yRS~I3L>RNKs@_FYbZG$Ve#hZzBQvfW-8#ZL z#*f@AHU}ru*8&jHfYMJCdSn(bn&+H9{l2X~5x@a;q+$u|t|3Hpo6^{AW@|9r)JAA3 zb)UJ!dI+Bu!LNNk;~G1RzaGx1ENi&t-JDn>eAK+o8W{?W32|<0xNqQMMr&{``hYcHJ`(QEp({>1wh<|2oDSQZ&vaS zQucDH>-Tn^w5XbX|Gi&>svG8{+3*3(z=8PtFj^65y&2nP6K^&Z&ym|w4*2F^XpT;E z?ZyxoVMbPtgYfnECrbT;eE`;pnp)!>&G6oUNBusp8MPmsKDvZuis2_vv_aSk%c9C= z;*W9F-dKq8fn_7q@*#YimDhJ>hW^~)+V$bCkDt)xe7ua0YNrsMAGU@~oQH5_Nk`6R zq=g(`R9oARLq$zSip!SH=3dlL6Pb?8lK)X8_pyX4Lp2cF6iu>a!RV)JJTo^o5^f=S zR^AaK@jLL)_A-7IN4;RR^M;%nhi}-Cw&oefaZXOTYlq3j6$%0HD}t&R^s!^RDB+J$ z>Z-t5;fXY#d<;b5G`RDMnqSKH6u#s&!~zW9lbE|FB2+pe65E35dE#)y2_DxbcDob6 zTY1#6XN>zb2}YNYZS&(Oj0F^Cmlpi)d(~)1a*K%@hY=Xopv_*ws}f$1V?S4WxqTNk zU|c7ChWa=3*z8L6gTW$HJ|+1FIPcY^V@OBeHO5kYu5@P(sRo#;uRd0hg5EQXuW+Tk zO!cq)9vSXo9W~S8hhj*po&>|)=}7K#RAVsKLOpZkW!+R9sbYW`$tlg&4^?WQn;wsN zP0+50OIIwvRY|&NQnx*e-RkeEPHqCUl|2C|Xlbu6541ToY+~t=j0_EyGy@32rz``X zIWIsbg9<=+Y#va&?7DjYGHF5)O|Hwgl5d{*#?Q8e2(q}kg66js+DO39~4h_s2RGde&o208) z-6(P0?(^N4tEl0(Iv!(C@om!i3ncMb2$B=BFl%JUpsnyp)St_ZjTcVEq;D!}4Hbba zULJ%v4tYCxQ2YCrc&GYS%|%s?lXsOmamngi>Q?ov=5+@yMv6B@J-N>&xrBQYKE>MA z(Q-7~!q_P5I`zjFY<8{1UaN#S?@4gzUVD|5dp=MWiPj3=|NeRj;M%U$DOD*<<$ZiqRa<8Z0RI@+ z=pPf&tnjzKG(qS6nIQx(b^Dwv4{hm-moM8ZrXSC+KHx3pui6H{4|IDa*Iy?*pRYp8 z_P|uKg55#F4L-B2hD_W(nx%?JQ49lrA6asNMU5hQ!f~)P7K{&Ps8d@%POky8udV}E zUuF^rD?KJ+hIM5%0H6E3fq^i3YQL;?$dw=rwZzZ#L)dcO_0im_`SaBgWRy?vMQxO| z5Pyhl-Cl~s&B~9odDBeIj-DO{c#N<3G}BZT+@Ie~ za;nt1w_aI4-SQ*Y`P}C*fJJfM4s~(w4Ks>B^`HHX-mqKW-N0qoJF7Ov5yKpc-4pSA zormt#e4<-VHMRF_P-pHzc=$kpa#7bHZevJMDX3kDAFOLlHP3%=^+iS2-v;UeT3|l9V@2;CdoN1qX zb-4MdvuBq0VXdDtK(^e`Cx7<3@vCr+7fYVukqj8hU3Zp0H6k%iAhc0b{=^#cqZ1-v zlX4UuzSIxo+!?qO7}Y{P0JDfZM=+0nG)Ajl%@w7N+g8+UpaYWfgds$Di69st!=hDd z^;CHBNcDqU%?c*Egv#eE=I=w z1q*F-*}O~Bc$Gv)Q8yBCdeIrhVo8HU!%T^rZ-lJ3g64pQ5l~h(BEOcFV_0z1#h0`( z{fWSPDAl!1G&(MBs-}6^0;8SZk^Q4SmOg*41|yIE`V%ov=j(^PkbH-c`?FU+X&@8Y zXH}o-O506mzI=Rsfe}PKmw?V>HB||?`-+MAy%4X@2`SbqrO7nEouY(`d1cdakGUOWtkK2NO<8UW8; zS}?!RHTCEG&|!i17E*zh)@aC>SSD7Pbl}^EdH@OXauZJo-%>BVBc9KDt_M4-evv%? zQ!MMOs}&A7j!e=(Rdg-yv@Z)VM56eFNbyq9ckQIkp<~xavbHp5a@*wlR3xTwfS7Wr=5`x{DE&61Leu_S-zTsnbl!wr)gc86o zAdKeiGtT2zQrhnJuzzk5gSHoNBd9~i-TOd;QX83Uu?bTTqX=2RCI~tVj!Msm1l!Zd zaMITA%eZUV@l(q~Rg4=W&RI{lxCcoaC6mjs8fHmbO|fJl7i<}ZA-6h)Ab&*-mGC~UIzT4O9J{Ogt9 z^>2-i061^k;+vCuOzCd`n8M87wS|#9(*4nWpBa>pT9xcU;@Q>0oG!0Yb%5IzmhCeo z9|xr#u2pZMncaVm82;=N3&gL@kqE63w^Y0@yTlsb>~3*#UC{L7v%~MbWW2mhc5!Jm z{OMGeOS<<$?y#uZ;nHZ0&jaOk*B*hxVxUC=-_rNe;r`hW$V2m1RzKu1T~dh~$;MeV zVW;qmdEohPTm8YU78s3$Gaq~5!~TC|J~E6b{R~tJBlKQzUXh-E6pYTgb5o*k;xO`1 z$l~V0y5jLK04wk;X)zcp;=+B#&LW*f4M}rWX$&QwTHD3tcg_qEDBRSUinXxG;osu& zted&py~vQu2x$B;p);;44AGIC%Hym?4?1a=wxnx#^SAQ^pzFub3W>Sr@ zjlE1ZZk)h+vS36z9>Nx7q@TtX1%m*eedUZEF|vAZ?Lf6f?V!tvw<U4X=o?TqBgekBv=hq_r51 z3nbw%aIc~(Gkn(S$Ri+3SUv%qMFD{TFGh%8G+%?E=~lpj<2wrTyG_bx+6NT?(QlZS z;iyZh>g~1>;*{da7VQd;ki-^S-7{xctq)H;_Bn+9ERq;m)#Z*S^QUy-fB-7phuHOd zFD!!l%rAaQFbeYNb}b?z2~cOR|LDA>=;NloUyB0!iYLvL ztf$ExxzFt8gI;d*8pHPzzjC@Uzzce5tNB*#Cs3?98q&-yBh^+nBUK?Sd;sNt$ZxHR zEd^Mbqmz5}_tp&~<*VV)aHGG=|3zim`C}jg>MV8KSUIFTYbkE3nG^}T@AHlKBcB}CIR63JpWqEOjY_V?G97k5cF!%Oq?XoC zJKVmSp2D;5ScgAI=T!3@@sI4dX`P>5j6K=saG8^!9gE1OBIBkFRF?e?_gk$v`(dli z_XYX@{Fsk^^Z8V?8sq@&mY{E7AWp{Vk=Ai|b9T7KWLu+@s;4nEG?Y3o&3T9(xexPh z*tK2a%oixGiHVx+-mp^5VPs&)Q)-+7M8%Wea}x{J;RC_s0P49s(4 zxXt@Doe!~!|Bfv8WKl@3R$bk5Hh&35=JHX`r$ADT5&+)Q(^gip0bz7TAAr;R*wdqR zo4&`a!u2`z6?KnlC$z8nH=ks3tGKF^T93EspNi7Or7fMLHS+`M*5A$W2H^lhj_cy6 zhWq2CO%U~n3a8vWFSqt)&5K8sxcFwccLyO;#_DbvH8OW1LDjoZ5rJ?UyGACyaBuW6 zqDT9iI&T%3e2;;pZW)6#P~4``QdX2U+VTj{Drs_-VlIRw;I4}6$MZmmYbMV`;nk1~ zxeqdP#SuzI@JVAmuElLHeDTj8eiwMNQ5Dwp8JzDHW|E4_ly$|#(OOPL*Xs+v<^-H(vr?0+u; zVJ+(r1cxhhX1OE#kK^AO6BTV|`S);c-<&FPIq$nf!OO~5;2dNade8xv*i&jrWU$AN zB16j13~(UaHl*F7>*`wQc^JLSpv5}`N-551Xf#`Ap3-K@_oz91RN(r@0D9 z-oj1|eha&oovd9{6g0Ev+})8r27w?;`a}9bFu(gF>-F?-EK>L8r#tFNN7E3*cK|`c zwzkLW94%P@mp$6IVDmA$C-_p69^6uky2X9?8P_WP^Apl~Agc z%l`Syi*WG}<5e(P?)jL}nDq#(N}A*39^x;cqH69>-Q2)QbR4^_So%D+jpOo3q;w2-4TA&Twwur2ksb_qtu9B z(#~{=5s9=8@&Y6SH#cqx_uMUypaBlxfU-=A__TTxw)R947FP>$yD#rWWJu%15bJ?V zi3;n1v`-;`DlUk{THJ${-ZsacEwa~F8fIpTcj}?77fkiv%zWikAGaUHfRLWqrtWvk zFwZ^kN$naOl?yj{Pe?|BJJa<+9a*4(fS`zzmS-su4NdboMprvFUoJXFu={|x`}SFU zD$h~77Irv)29OK2!K$}>kA{KId~pBsjVQhI+@4J{OcUi+zA&;BK%dU2n&tl-RSrx7YEI@Ms(We8ag}G+ISgh?lnW zFI+rvDJv!;7MhOtT=FU`e;Eh1aC!q1(1%Go)yE;%7bMZh)5>Mxdh~^F!Sk~Uv#;o9 z3U};*i%AK^k-^y5*i1tDfh4*FbQW1MJSupZYH|74>&nL*@a%R#xe$ZQE?ZOU!>Q1p z2j27b3ebO_DFiPYrJewuRYuPy*wGxxBX#lOMHn44i)oEsbrG++)W9t3IdAF?`92#2 zrL6Shvw%a_40JOweVa5Ra1(z5AItoPJd$+3g9I`s=30^55^$_HGxsuJm8yJF4NwQw zE{tD3{%QWOx3B;6>gwwzAKRei_9`zWouMEuAY*gyu2?XINRmlhi;s&FJ7y~}ELF5` zAuLxI7Qsf`h2yiZJ){osVuI>YLFlJet*3S3#p2EN*@8` ziyts1o?yJ`Q~yGFL20+C(+mCTH?$UpYc8fWuo{^10+ix?E{(ioW!1vqvX6}wmOri@x7K(=+{)=Un@cCTLx$j^&|6y}BJv;2$*#>&PADKPk= ztW6t>QR#J~hj#!Wni1$qyKWsZc8!r2$Y4XX;HfX&r=(&*3!J9)h-rfv>ZuVa)nd3} z=HR7kf&mf6JOXmGmz#ReqZa@L^B{L>;092Vq55Zoh3qkR?bI8bp zYYZ_9)yro$K*c93?znm#fPCgJ@hx&cvhjuaTTf0Br{|E1UQvDL-U&7?)Ak!%b7k!S z{p+JqKo>xG{d`@)ac=;gW0;u*I(Ea7lP1D;1LyC(kCHOPBwxEu%UjKdxkwQRdO7+l zjpu~lsvq|&>RwlkE}!N;57!M*$7ilxdZGnU8_u4*Ru#DP#mI1+H3?3@MX3v*!8H;P zaiiUhf=&SRNS>?Xrl5Vcjuq&&;CTvP4S->^kNuGSxvvjh?&dRRWM)2q@wna|*}4w! zxX@d-Oz|j&hLK$p0^$(rJtE{OoWlKRPa&<&yZuq?zH8D*!%#(I6-RzIASH?&`4Pg7pT( zakqpu=A*6-o3d8}Kf%l9Wp?&qKK4wVA4??_-J){+RS)yZcpg|(7oJ+FS}j)SmKWE2 zY+7mI#PRv8&`)PU0uC2R9Eqpo8medsi}zqcA-;;C6OvyO(nFNlff#ARV#LT&1s@3z zBNkYUCM6HR?K3R!1?M+g9TDZZ!42MGU9heYTADGbQc04}JIcLfS(I$_QSU`+|FKQ? z)?$@AIV9qbw``IgK!LYIBd7451j&!4v|~azBWu`u^PcrM^*F zy174b$fLsjrb@+Bu|nZxgBqrvl%8iEE>o1ot*AtvDDx2QmQ0rsv2=C}@-0d?KRfqW zvbk$OEcm_`C;#(1xYHT!+vy$Hw(VVkdIsy|XZPH|pewAHPr#c_)n*FD66)Mh;~K=? z@c|fS|HDgNPcEwi;FO}uQH#E}Kq?zmuXFt#=sATfOx)FTIs4B@s@0q_Y=?De!x85p zwVkawK$fxrH+S6giy5GQ@uco;ui|9udy2^L?JbWD{{=no?}67dRm5Z`N92F3vMP5I z++HOU`!4kx42pc6xP>2VE`BI}_A0+y?O_pmT%m5$>QzCUQc+Esc^7Nmd~{^HLy*kN z{{8y=3C2U0wucSpEi7=OEquwhVLJ)>v!*FI^83JG8ysKS!to`$!TWRIO@*l%9q?Y`Sk_lNCg}7rM?&TX^{G(-^Ib z5-!yl{3+nQ(8l?#TR}6zV%;p~^sSr?Qx94i0V2nmqvu(;w*wP!4nB?yl=9=9HP=O; z_y7y(5npxH$uL3hZqo}aI^2=X6_2jGXfJ?K6Q44M>|5eVENRLATzvJy(~77qpq+2X z0C|-3I2&{N!z4sGWz!Z;rS{xf-NW$USiI-u`Zk?iIH}jC)hQ8QY1YrRK{)xGEbAA7 zt=c1>+N@INL6-qf7T@9qt(icTyKB)X5=B0`hBGR($W<+g5QCtOeU#RQ8kIj6l7;R> z>bJgUsC~|193?5T7WpEJYjmM0l=8Ax$G4psSSd1p|IzxL8_E=-jbvno+V|t3nYE zoe~~QySD>$T73lK4rHj7S)7C#4+HkGAs$=7v3qM^DpGGIAZ1L^>eV4oOYWVok*OUd z-Inx@GY|1I=rq38^vEM8mqy$l->cPlAOdwsEj(SYGiESCdbG`G_Q>V}QX&Q#GV}z< zKmcl+jJuQ^h^S-%*(W%0_Q992$$j!?Ds7*)5NU%aBYEZ?j&pzeajXA{?G$Z?&O;65 z%tHGMIr=>Ii?#QEK!dA1w6-eOXpoFi8<8)>IY)2p;rhbxvw`yjtk3D-J3)zYrQTUM zSucztbU6MUX6Nd|vV`O)Bt49dPT1zT7xV^h#W+os|Aip>^!7Z%{0|6RgeQQ#+Q~e& zSKLBCN3iTfcS0gnD?Ujmz>6>K)Hp}c_?D_ZYmrIvrDVYiVS{2@E5jnh=4_R#N>mMk zKo&wymAPKnal;p3H=M|bK`@;-ja=d*Nf{M3B(2cb(+ZY?&{L-Ckmnhs6DBQH$BXW> z*F=Pq^gV_0aP@Lnzo^73Cr{l@QGdgwe2q2~x~$zvegbm^b<;ytc7iuXDkuA4yZJDC z!Agp8OX^}|#Y%0maqu#1|J6lM>l?f*w>W{O2Hx1{C2($^zq1d(_x}>Sh&|D7NxhR0 zJA$Dn{Y@*7U?ju4*VxAz08(96`GLARkg$Xm|2wnF`ceiF-z9eqW+;Ed`eX|Keq|jR zH~>EO_GzYoWe}bYAtE7hF+ETMa<sc4 zd|0DDiD}xN{wgZCr;v-RNos+!zD4H>$Z|vbUD?hEk|lxg06M@o;d#j?>8R z18iEbS;PR1#(2B)IgrPpW0>Iv+!;1xvg8&$@B9O8Zapa(be)=AWE?0fGuFvb7({-Z zra?yaov0HdGb2GWIh2!??>|p=f2g``3OkcV&%68qUBx)A+ADesLk6LU_om}(sxQP{ z>ZxGrFCIUbXgt*8Fqo|DCLk=_Y*JGftMx&I33Fz3(E4{TK)`LGx-NREIe(`eMLiy; z-q3(!d_QtZK=+Y&x5M$U(+^d-BZZwZ-C#5*Jz<8tacteukRXg54RZbG2VGV-6j@rq z0d?#97^L)2-%sxw>5gN?nS!|TB{dn)jS%IcR3jz*aauc!wAp`j3~TKv_yy&hH}Iql zvU?`j{&9(1*49#6=adfhBXUCZ-UD2eO(L)p@?GiC8KeUGYvBgq`X1H;j%A_DG3&}r zYN%yhdol3+e2d}hi?B7UI}9#k{@YNsU0ZM^_*hN|8P4bV5H1U2VYrjUr7-X1$;E!NN=qZ;h74 zz7)_av?pqE*=#1NJ+p}KNFxI-X4-of%W$~Bn|?pNU%>Jq0*L^zH*j^+k$9)dj@nI{ z^HG-%t88*)QSNWH%3mOy5&rotZ4Vp3iPoRO?gT33u|Q7BKgkt`?b>)20Aoq`mi_q0 zVpYOg^9P0H+#9t@3Rd7Sr<6NoriJa%2VkQeC+U56jfuoqUkY}Lm( zc4ciA9JzD+{w;9L8_2=qUB5^!$Eq-cMxZ-pO$N12|kJ57vyhM+fDe3_sBuCc*>hnw?| zFu3umth>LrbONXk)myPXKtD;tC_5~S0EQZVSd_Xx`u2HP&1g2-m;#F8T_M={ekB@q z8=ei???CZJ;bBf{RX*?+sbDJCqm?O1zoGy#f2~#>Dai{~A?bqZ z+&z&SG4Q?Z3Z@Tv>01DFk3(g!KxFfT%v>W}2L}kY;0YRm6VkiZo+$(oV7cRT6-?j&!+@{u`9RK|dS^?)&E>T`2;pq?Kzh=a{#&nLk>(}hkNeu9W9S&E zYeR)PH~n6_jNRRpFL=l6kg$3~+%wzxhfn}udlet!!McMqDCkJ-OzcxL1g17fu-OH? zgA9Nn$DOWlx?qqW1g&gF7^HUn`@7`Tk6AvHqvsi>fO$6HhxKWWmb(E8sq{!h?x8vXS;)ZKml6Z1F(Jjm+w{RoB%{^S4O*DO~5*PsiIP(% z2zBeTdqHXb#*`R%OG&W3BQ|tTlz*QZUj1(lEQzM0J%*k6*2z}vu$Z(BykIYDrU)QS$Cs7_gs$vkxIa%HA3S@=4`x1 z=wvR-Mf@UM4md89?>|Up1cn)&2?)1m))YSTJnH~Vr_Dt=hZZT z)af#4yCwbFB6Z|tfY^>bXs9d-?sYQLJ0nt``KhN6=x4UMYLjy?Cwn>C>*lPU@O^L z)`=yrD_oMWZMdOGri#FR&Tsy#)%}~37oZOXk+ zvBayDqM^`>kiH#AgFn}RDY7o~%+{BBPleXuH!HFg0v1hlZE+nxV;c6vr68LccS1ueZqZ6ca@^W+IfQGkCBry=*+e!^jqYqP%DFqhv3ox=mj@JXm z3ABc@0C9F#lka@Lcii$<|B|e<)P-LjG4s`}A#o}%sy@*??H!Bs`xnjtah<-mV-u}V zn9cObFJCgSl{NX-gFk*Ob3MJdW^<$%V+Oh!sr(C-K}wY%$Em#cmqz-n?Qf$oTTm-` zk_~C#Kn3XJO_a^W_d|?Vx@?9t>xxFnY|b&wf0C;(=`xG^aNw6322TW~@lfdf8kxlI zXNgTv2v?A!NF<%L*)ZuB6(=)%Vm%x@PEh7wh1d7b*9~^EILI^cm_6NpR?@H^{6U#1 z=|`}UQv%$^P7K?AicJ{&JJT~u*hBuDy9L?buP(qKh-~@+U1;9dk`TZpC?P0%vgd}; ze;$MhFodNbu3FOsr~p09hi+~R{1380XG!uoOSA$!CF zcseD$KD;kq4^RLI1vS^C_uh~3-kp?HL3X_;D9YqAfcI2Z+XlUrT(1(!@Y(OAF(#QMd zfz9#fDIG6D+I#u`^gYplz9$fgsEU%BCtW69{Cm+(U{rq%x)C=2R|yvSMfZ! z`tnb^=D&ZZ6Ww7}V8-p8ceK#>IU0B%cmY(v56y_dL-%rZ(QHEke?_?uM4lr;(r{FI z0}Qf{V^KGX`@_~MdOU<_m-nG8t10RgMP9d-d_J_V5vS-KRQew`24Jn6N&6LvPD$p) zk<8?52H4dMNm%hDnD<6!V5^AY9RFvwi&y>)gZfZ^kNVrQm> z+-QDdHtIKO!P9%b_s#7woM%=oi@E_5KH{x$d zVYdOLiMm=Igzwy5^QRGi&c+G$U2`5kF$4eOK?N|jZRQ^I-=6|F?j=g6Ua*#xIK)ko z#$KJzzpVAR@N(xPc|aHUg5+dv-CwtV1`yphaca5!=kDWC9aJ5U40v(d_Iul*r1UG1 z`-OlKxtpT>;m^-KJq!G;k7nw7fJk!kjp`B?me0lV7jeja>@Ypfv?R0`!47zp<$>Z17%NQQ3iH=f7Gd#1qzOcB$`-Vxfho!~+Y1 zQzRxh?|^bsD*Nj&!IAR)@h{fko%ICL8gW)SJ}(;}@w>$jMk22Ej?b_5C}i}m^>9D* zSRQ=d^5{E%Vb`Kc%v!JG>bT#@gx=>HDcSmIz0#KsO2?6U4fv10x4CTgC=t5c*bZlm z{=H{UH9^7>a%$$SxO~0V^pJpo?1u|aZRmOh$(mtLiBnYgmy-e<9Sj`0Ze%}p1@jV2 z_R~XR!1Pu#z8lA$B&BE9JWTv~sR5UzdU@X?QpK}E(35r1OJP%U*Aqa=L5@lxX8-f> zKwL{!q3g5z2S+O&9A}<@iwOpQWB{45zV)0qJKm|22_=C9Tnj)`ZNlYRy6Qg zlCntLp4}-ELa}slIV;GWpN(!5^a1P~nphBSLyNdQV9^RPOjc`x6Rvb|GY~ z9;kJ|8D|yLO)Vciy$398Y=8Lh$-G8BX3qi|6oMyAUEratf4}xISZ?6< zDFq1qNAKcK0hQ)Fj~=>5yA%bwwJ{zrV80;5SUpi3#XU1lc<&#xO)14C!l+_iY9}fO z%`IJV{`b!Uo4#LY@k?;hWC6XHjb*QbtC@}``zOMlcBnZYdv$jl;J494odTkI!L?(P zepSGQlj?Xpm^E5aTPCqUa@S{p*F8PtJn6M$S47!HWvn7_+EJjtm(zrnE~n zCsG$#JB|Z&D9+C!4NzE^@u|yB#x2X66oUIx72yR$_$_sx{oel~O8^t4LwV|UwdlUH z46TLGV|pG2-Hj_cj}P_6fX37p#h*%p}- z7`+A@I;fHrIIv4BDBK~ddpFS5$M(u1DUi|#3Usx2X=jY!E@+IN7#SC(5`Nv*X1)JWuq*E5H1&EHW+X z0{xmdU?#4nQWiZ128VZj*?TR2_jpGkGvU>%!=S?)N{WgG-XBDWCK7qHjLya`aU<6d zG{_TpMXIv>%&4J*q+q$Ek^64p<5;h;jf=*{*X%+QzH=0G09Y#-cS-w$f7J(&{suL0 zdKQH)k<~@FUfx`Y;)RvmcBOUGc5OvHNLakAHYd(LQUUJ7?^WBO8;aKRinh0HHaUuj zb5XawJUkXCzNPLXRT1X;8fyijzM`U9bMIVN44FH;JVJXB{j*>C5`W!tL3VcdIDy%j z6R5s(UpW6G9DtRWNgYuav~WFo!GklJqiL#L^O&mo{9#2n+lJehoXy6F& zVum`~wkX9nw>G)>22!vmtr*m+Yk13369n)y9_aqc+cg}Z(POFE?e*L^HsJ{or>bE4 zr?>3Si-8aADBI4gC|u4Eub-Q7ySMOU3rJniAo5Q~a;58}joojO5)&b5f7ojZ+6H%x zB<2!TLl~HT=3ysozRbg7>h4S&aSZWc-r|bBOwR5ip4JHD_Vc}Cb!BbZK*FEadMk!P z_(E{4uLR+#{4NGMyT@d_ace<@LUaLN4*k!j6zCxOAvXj4_Glxn$VZNiB!Pwf_SZK|YjsbOJIBLF{ z31dDiFcdsPrQRS3ib@`Lx3(Qw?=p{L#lrS;AgPWz0w!(^X8X;`+vlb|2E72Q(=vMQ zAIXCk6haMa8!*}fhsGecR7Aw-SJ!FI0jJP8m~HFNUPP&1Ko$s)9NzP&paqD>){lXa z@iCgC@y=oTLi6jZtgiD>^RC098>${)%P;fcr;i#LB^uP#&Q7L?ZDEr;4Pu&&%QxTj zy*Pl3w1pN;U(b-5zPm`&+&yx3))Ck?MG@-Q3$L=WCd`RE!(~B7eSyRC+U?-4`(E)- zxRdpp{L@DFXt;u+8h7K;zhVY|wm%DwR#&p`AjlMFAP{lTw5W>;*jA@ChPmBRF!-Sx zash@+kjXguJ?^TFquhI4yOGWNv+@z$B5daw{sscGB0WC(s3E{M23TkW%t9L ztxHXYHC%wZwQV1bTTT%~`8>dz|NDie1Qjsc4S$o0+-Ftc-$yin1NypvWm+I03K(p9 zDjv$+oF}*i0!n0MVNlEWJLQy@yS$`IQfAFV%#1&Nn7@B_J+frGKTz!o4$hveQjKn; zrP4mB&g%?x3x8Uj=S838NA7F&iBY9X9ESo0eHp@gg%D_TUu0Jr+%|S!vJv;E3uE`{ z!<(awtRzBr=YpR(pLIx7%FY6p)5D4E?QzgK4BEW9o(L+_{-dgBcNVv)ZFKFB)z$Bo z4TsW4Z8{jVED?|1u72VhVS0Fd$dW!_;UcQmradSne&Pg%k!pVonDrx6RMz{?IE%OhKx`|B2*u@y4pFLQsYH9 zE#c(Qx~KMeIY%Cs{YG1WIx~l+20YuO{mpe`hV~$P^I6z)`?;k}a6Zb~AMif&pwGmz z(8n|s0I-{oLyu#PRgd^2Y^0{qQ#k$6p1T{FW`lGyxE`-PoE4Qj_u=9Obh)|24uPQm zXX{`~MYXdio6KXa{+e-wi}fR+VL=6rifA&MviH7u3i*XcwxZPenDOg*BP#V2esGz#|4VNo3-H6727$?xRxjYR;tbY5*iaZ+zHPxZ|T03yUy3aREJBW&Q4cz}@ ze;6@~tFO3T5pkdOB2BSE7H?HD<=P=_yh{8ZS%E(U++eyYG|ij&GBduZaPFU@__5 z3+-^k?Q4fr_boQ(8s_Z@@}+$Yw`5T-k3~A25_6~_DBh>izu2I}=I{-{H(`hp>Xb!M zf2;UuxP5?>ld4kd@y$};r+n_!M#d&_x_3PFESt&>Hogac-g~ybu(3$C6eAV)MaS*T zd+FtWYHh#GH}J&Upe{2#iRGTz==+Y{);sO>7?tzwZd`xw=FY|kQXd!0mCXW~)#VvdR`OD5FQx8Px09C^ zVVIKtq+P>e-v7H7;LEnNL+lObRZeNQ*d^sJUrcRh#@$EMg=|SCPuS8xp8TrUDsts1 z6XX+N?*d{G-ux-J1?}IjX(|k26i%0q)B0F{Uq>dIcBk}1Z>^@n|07ilj7TTYtiK4l ztNSH4Mxx6pWeCp?8fA?WuuC0ZrN#RpttBu|4RUY~thzL>B;X0^iAU%!8Vx^){myks z=#7u>0DUYn`{!D3^Lq07*8x+I#pO#{<96(3B@}hfUcySdu3LYi$TTi9RdbjST^G5M z2-xs)IQ3Tl$CbDt2V4oLw~gz3LcHko;{^WnO;1Y%K8cGB5Iur|+!IictF{^?{S_GjP#JD{alNm%?yna`lj(YFjAQ!>rDD|TZ?*e3- z)~9^JK~p?kfY2HKTxT|MXYO2XgpgQ8)}cT`@^5s`g7shPQZ61I zj~Wy>#ve3W*BH9zT(JH)t#e)&KZ{F0xBa@1%eD74e;iHOkMMk1#s$a=V; z%=0ishWfV6%1A;*M-vA-266d}QDXSQxhIcHT1b)cT1!}S)m9in`rohPw?U@_$O4@_ zVt9d{IoSPy=ma(B*JAu(+7J)-M13~^-DnDb_rC53nIh0wDj7NGZ+$hNW{px@2BR75 z*{)j(k=}3@{eYUf2N@1cobfHf@hJy_1m0*r-Zne>@~ZiVqQjyj6Tjj0`Ib~mo>|j! zA%wvmLqDwpYmqWt)kR0CAbXJh@n0pbTJ}SjdYAqGS!Wd7`L>%Fso!v%tc;#N2rV3@ z7rd*%0x`eo8WQ~d)9PO6@{2?;YEuOY!rn#aa?mCoMK?^u1|4nGMylS(*y`Ar75UVe zi0L>bAB&fhl8~T{EK(MyYG5SW_LrgVxr9VyqvjGWcXtI_l5g4HgKB-CWn9n6$YWWb zJSJooLlPld;l#W@uFkK`#M6^m@4#i~&mTVM=W5)pt2^`h2c#;<2y^?6w^U&MED(Wo zU!isVlA&EwNm$Jg5WHt?_d>_`WVAzKg%Pngkj0-O=?>3{s4~9c#LxWm;-qxK!h)sG zslaD?;aj^mN_D=_+01ACs$mE7;y#4sYOVWGVsDoKij(}q;^~A-L!~;U{`mo@TYlmJ z^i7CNoYcs{U`5|ocbh@`x1S!7e(I(x&F|&xii7%VW)SynIe51E*r-fuZx;dc4?3=> zy6zzO;9TApLpQ7bQeCK!}D2IajXWaWehfgdd_vF$dZ)B|#EbEab zMo_>>@0m0*3%w)n79zMy`Ce$8;53eUa<|jGT6g;=>r%(m`)xwzfVeo;yR6l0%C`$7 zor_N+x~LEN8Eo%u_h>QO8;Rm%0a>)NQjGx{fvk!pntOt|wW<||#E5Kqa46WI>{?yT+{0)YtdL zBsG6NRdpS0PDVz{R(47Io4IXJn+Xdcne+Y1V;_I`Wy$M+1FGPEGWSvVQ&gb5wW6)| zj~Dg+)8rYm&}dt74REv!@04~roZ&l;$ws{bXoOWj27=^OY~0S|eB{iCzx1v3$MR)> zn$E0pD&FH;E>)a+`Z~QHH7+|83Xt{QCa1Np@AN_#GkwlRaj&bKu5~LFAaMkdGyDX7 zf^(f$=w>uPe+PpwNT=e`qqsy6n3xV6zof)yaOgQK$1E_NGo>txmdPeXuh+fUNCkuw zq0sriS>XpT6y5)o6$Wt@8Dej5Z%b8{r%o9iyX)fsB;%K`8`Qc--T>MRiIX=zE8w>@HrBh}Lx zEK@HsBY36JXDqhfcRPVGyR7&k+31hDYQakt4B=;*z@cWMK3Ua_#ri7|1RjNPC@4)yeq7!?+ywdw@`tUuAnXIW=GHN!a zckfHC98*c4yHTaXa30I}SO(qnQDHeyc_wKpJM zwZYb%T+XNtl@uArhnV{dQp-P~o2t@NmWlpR#y=Gucnjv9o~($PqG>cp*=?%9Pua;~fn}ACYzu|Ck^T+w zbYI+DR23U{0ahN0E;3EARm^fcLc6#|w>SWi%4QU`Iq4?`V{0rH`qS_p) zzk1i^=qBvRf9s1Ktx+C=Ux-EIbU(B?XZ|92Agd;MK>Uov(74|Qa z20^~-xmJ)6(n}ZhQvozhD|(v* zt7|!M3VqJ$tu~TMqfQaubQW{28XFY;@*q*S0d|S&%65KWxX|;0J)Q5P@%AgV^XfpK`Kc50MlOEqH1(LNcy0#w zK5shtq`z~V^d9fo?ki~rvlB&ioL;5hL(v}7;f*Aa%y{om4CrP51a06$UCEy`-yQEn z*ZF(OvafKIp!u=KAu~+ME=#| zLo;0Fnw%=Sb)0LDtiF3w6>GuU`|AtNM^q;E#Lg>b9kIN9Km=cBPdP6N*)Ex!H#R=t zj(dk-0!{vh2R|E*56>QWVE8%fz0=4vW3GleLj5TfWC=j9xX&J1`|Y>=a^OY}AX`YO zRZop;`#sJLl$?y+P4GKZA3OGU!FbeDjkMfajr*J{36eQMh+*@RV|2ZWEiJWN&oX>W zj0ki1O~^q_SFfz}M>-joHKV1zM}fN-TwbuMRgaFv^YjWLWPvwK(@%pj*xk> zGmb+G6)M@YA|iWb9H+8EMs^O4EypL~#vJ>X1+6+u)34WTF8Z$8(4L(O>xkR4D)c<3SBJ0DXX=!c%~Yb{ zjUq4f`;0yj0Ris&ix?Fry)yH}83K;(B26a&H_BGEc&m4fW->A1rk9hYl0-1nn;rSU zj+PXpKo>XN-j)NJO4_jZzk;M&-BgJQ#7v_ zdR{&4eECMe55roC(A@dp4#U8w;-!vT-}9iWt*-L7v4|f*DQU;)?eBRS8`|ZkV2H?J zQec=$(&Z{}^s2C`F6cK^ljwkB?kaVHa@=#ZSxysXZtA5VPp z=S8&&T=r7e?#xg$*Q@`?-^X>ibonh~3<-|A0CI7zH2er~(*0;RHPu}|brRR$F4pV0 zHifTWzkaZn`*HM|S>@Fui75Gby}ii_!GDr-iX(BsC|W*u+2C|AaJ@Cd$i3%Mxtkg;Gg)X}yz&)r6Yuw8i~Xq05q8$JA)l83swWP9fkEheteKDh|Pl zFM-z?TPb8FJ>Wf#&XvZ9kB*soV3)gHIMvE(6mME{ZpmyvVrM z)^Ua4)lk`8&iX*<=dW-YTmv(YHOaNOn{L&5zlp9y@ZQlH`1JQsssRTFCYrnapG%Hj zf%DP9Gc7!mS6xj5m%xU%<;>xm2Z&LQeLR^Z(^0If1YQ|&WsS)gUY~vJ5g`~xWk@*Y zY-R47zl3jB?B;wq4(b6uHppI`7K|NP^{DaYk-If(iLhj)B4X?oqt@Xy99RT#5{9q$ zy1c-0&c6F3e1!+Rw#xY^3cMUmMb-Z`!`UE4q8H(tB=KRKitrU2s>$!ZjX4~$3@&WD zFWLPE4*)g@@}hw@T*^DTd{UM=`f{ho7J(GV(-CLA<%=ua`sbUvZhzoWA_@OImnwSd z+#PLTr9GJ#6bJWNKOJxsqnp1PG*oGEZpB{VuT`n$M@$^*)Y31X;&1Q41|Rn>A5mtJ z5#-#^$7h9u*PJ8sg$Pz&HL@4qL6qBWv)wZ`zL&e&3*ZJ6H71|)D)fi-+rTn9otPmm z!%3ggJU+pD7dF;epn1aWT|R&^1aH*VIzu-qZ|rkiyIxvcSSWU#%~cxg@COYZzW+8! zR4?g_)1%dm>J=A@RW&Q_htS(Za0~f(xGLtKwES6R@b-Nr+)-&<<<*jNFGJBoNmGES z${W`C#CIbcjx$Zs4G$S33$qnZ$QBuv(zGx!EKx34`1;Y|uy?#D@3L%vu9C2yMMS*l zhXQFtO|rEU$d63n>3Z>E0p``S=CvPZuRa<1#4w^KTK$GANJ;fCMm+{bT{=eI#WdPT%@qqu)m{R0#&uahG(=?PTlSGik>K?Ol+~V{&tBC-f{EgY0I8zUaa|!Dh2??Ep z1CrGtC)!Tz&sFE-XkLy3@9#sz5qq=`zVDoR_Mz|UJ7ykeKh~o^1PVQ~dAV6Y*7o2o z3dGX+kAeOsLl`F{D&FLkbdL+}`GGH02|^rC&vQ5gFWqJsK2WuOo;#rWxIe^kEM4ZL zIQ^7vB(&j3Z`I#*U%PTKw@_X4d3%^WTjVr3@^-lbvHM2mQO1%eJ;Y-xLuX5OT0v^6 zfP5&#^7#$9_nen^EdodM7C1r^3cG~70qJF*o==!f6Z?pm4xS=3ImWyxA+YhDOJyOW=|XnTofh|j;_NbO%<1*^7eLiv@KIET>b z>FM>I0$nywTN1&`mF+ow;E2m_Z_+(RMR>pYnrI`EZ;E0SLDrOxpQB%Hzo9}~dYT);^> zhskjsmzLz-(;;uIhKWoc>e42A1Ofjmu)mB3WW*B7tkXROt%r?Osj0|!A8?Zif-`vd zUJw{ox=vCtM9vnwKK>p>H_a^nY%dwO>)!N_7SwV}yysAeB(@DNed4Gd2ftE8VbN>>w5egi~FIhQ$nOCZW z#EbG*?;zykn)#>sTg*%jxX1N7QQhNx_NpJGHbU_O2D0Ho`E;+nva5!mPNS8^7^LYd z&PwTZI&j|QzFBe@LQ4SYn|bETk0t@W23r*7I}KF3U{?x=@8w(=6&2Q6pU47p1XzIU2=yDZRW`sb@SI^DwN!@MZ(38wpeiK^wW7&{dc&Xwzw;*k@nbMUY`f4mI$ z=!6&8%SC17{?6ZQ;!zA7bI+SANy;eag|7GN`&}URuyJEny6Wpag>~KejLF(t$-K3S1ETYkm zmW917BCxL}l3u=Xkj~>&-CbS;E?0l+@#7-DGC4=2q_MI}$?6t*-`Vr%teK~l$esQ} z;H~sR`-CH3yN(^TtUW55q+hHvU|6IhOMa`!NrhYK3gHugtrutc;8N@~vxZ}tQ}8s7 zckr*gmuqasva9T7oFB5sC2+}fIlx0N{?&dZ5O-u0gS(H5eN3FT{3NCkZ=ZRBegv86 zI^~DOXGiGZP2ZB&@wR;R@4Z-YBoAy2qC%Hy&Ud|$*tD<&%86lpB$E10t)*CW-&}UU zeanj|tiNh&UF-TJV^kssA-HPVp`?3i-qGFDEusV$*!VUv)n(yFL7a?Fy!EwWD|7|% z`?(w7@;&sIY3pPR^S3I2WDIMIKs*Kk&Qom?f;=}|1E?j#wsr$7{gP(XD!j7^0PcRlBlVvUs7=uRh%D-TsKmERZ2t2+MquqUmJ6+!koo z{iTqtTbwzXYZ!$XQEtmowGJQpz(~y5Q*yPYxvEW4=7zV2osekDtia4(3&{t#0@w{M zkWzDL4o=v?-Hw9RHG*qc8AHVS&sNtGu)=IXU&=1FDt6_`IiG2L5NB^UmbWT6hJ(55 z5d8hU>iTMNyK?$Z8w5YCwYGu>blsB=zWewk?A}RE4p_S5GnPHEHj{DlkNV$`*GfCO zB%0J79opOMn)a8|!WhqK8RF~-uQk+eD~|J;$9i?G3_ZU%aE#8);u02c6P*p%?~dAI zDfdprNLG3&77t7Tn>LzZ(`B#__$n6e@vh>;Z^0y#KGhG= z2T8T7gAs4a>S4muZ#M83uICK2!%tzeA0YcFuW7s+@%b|O2uBr$)OwfA814R@NP!^nvh8WN|Yl7A2HOfz`PD&cqTEK6t81FwR4Jxx{B?~oqNUr#MK zR6UJSoBfUtN(X@KP|%qlweM^mutaX`+;vl9H`Mh-@j9`@`UOs5>o%ILMAUu;wZYzr z?gpgZtQI!`6r_(-6SIe9Wj+Tt>Ff1#ehC4USR!(LZ70tK{GboGJAGa-2zpB+f7*17E*_DjaKh zWB7FtJ%Pp6hr^uo5L_Os_!k1I60_H!%0<4q`l2`GagP0jvVF1sgLl6@GZtZVo7ULu|IYv;r>cJ4-293 zMxE!2V!!;1Z#D~i%rZ~zs?1U?cZ-o2Ign$fM z7>I{K>;5N1v(tO{CZsn~Dfc{XxYl4BZ-EzE;7J}?+GFW;Bdo>Drx$B;==Vh9te1^3 zV@}=Br?aFooc~kAozf#@>?B{K71Bhgx1{z0J;-8W6FlR+Lz6G&q8DPs)$i#nNZ#V_ zD(gpla?be7aAe@<2g$)0<%eg79%u~6sy9D57IAa^UH&Mc)}NL%9em)4`C*r1f0MiJ<-#^o}!`}CVquxBb$7}cD(Lgeh5F2%>h?flZYgMd$XdX3E}<)bW1+D zg@qkbdEZ5AmG^MYO`Ur`Xs|3#99WB;y>DYdxt_d?hR-oLtrTSE!X--C{`R~%1FY$U zA)}ZIv~^TNGitO@IFi9+dHTpYUSDeLLwuLYv##$=AEI$tx>BQ!4T!V0S0oPm;cZOw zW=b=6>z1ws4%mL>4va3t&EB*_*~qP%Iw2AFH>6a|xOFOQ()6?!KCjE zb3MJB+g}O=^`>1*=_sZvC~;;Kjw;fnPnk}<>C#}*SaIpcg4Cmi4}p4QLCgU zd90q*85omdY>bve3?;D0R=YFuY@9=fv!{|ZOEc$t>BVm4V}11)ODCbMC{*B-ZY=?V z<261`W#CZMIS;fA9~BqAq&fTYhGFg567C(>t}{(3++zBc!FlrWz3WU&2UxAHSDZ8* z8}?7)PFA?G^Z7;f!?&ItK78DtEk*lP;a|nAi!u@bS^(6Y-uhjGCBR_@Zv_ zZjIZEMpa>QlCsFz%M<-k*_EDpiKEV=M&0TJrxI^N=R5Yj8!4d#GY6>MZfWZi^%ES%;Dl?*(!K%)xt?ymTt8v zzii9T^)HI!L^haY&AeM4*$(SNZ8sF+Rgu$Db>lfP7>>B`x1@zv(p~e*cQDFQ!fw|U zc=7I<{XS>OsQHS;;8HKX`}`8Vei$*kv9b1xSTtY%a#(2y-`hnhDo!fpD;KY?TgIVp zj=2pD#Z4%mH&LBO@yZ@NftIvrEc}KO91q@~S6*wYFC8f&XAh~jQA>qR`kMKz&kHRu zb38$bOckdrmQ)Dr{Z4Xyg22CvP=FunSM{f&rlDhC`T-9J;2;NTzW<6EFLiGZ#8#^B zt2()>C#uk*IG5b@^ulEPVRj^3NI%rO{p4iLdaB!O(;hQ)VFYwEasGOV?rw5pFhM$? zcTY8)e~hTjI6Kwjw*J*1-iHe&Mkce1jlES2{L;rU}E>O!(8^V!Vfe_ zfZgVi(mLrIOWT^n`@(7)R<6nWX&T1EyH^-o_~LzCC%)07TE2qG^{a(v@vTonNisLkNC`7*?xZ@#m>X7KbplaK}5zIch(4 ztrlDkEwk9Ma#&v`k7E93f5i&6)t>lmN(C6T6Q9QXJuFv zCzPqLdAF5Vkz7J&dOf9PiXUErdfYAI-1U{^66UW@)LC|VslD(TnU@$>A`M0FO0emv zOR}W7sCGAK{(>Vqq#fxfCF$rk{nXcS`aQFhgPTy^XXI2kyxDTU)XnOQrPnWga?-Hm z9FFqUTg0f&v$N$zr1ip<3!dXAALsPzv%PF%6ZSezTB;3&-JSjLX-<0b&6M-eGrRZ) z8t-a4k%sqqwaIt8d`O(whgp3Ks;wzHzx*u_p}iG2`PU!N4U?b$6fi4_sLnkUu$ zI(*MbTg`5t$DOrrl)?^KSbCh`q*-~Mw{tLF8S~fJy z-m?qKp#`OudkCT{*jukU>r`>gk!BSF^pjXW=&hIihJtFhP^0CttHY=MqUwWKh(wkc z7ae(W8lEGhuPV2uRmW&&K_9^IjmKA5hA4;M7D&Bq!?-T zarG~)ez(Qq`yyy-nz~Id^mmbomzI4kR*Twq`Q%{VJSQ~3Vd_{^@d!gePc2Ea&M}U5 z+BFAK+E{>dsPk3YlL{N2UA&M!ZHs+8hg9DCIC-g|#VLHibGF}W`18||5>5D_yh{_` z=*KF`yABKDTFP+q2PV4N!gq1cg_>{bKJ(D0W4QZX!C?{L1cu2qyc8!Jqw=MLpLuCEwr^l@o2Od1ZaJ(BPns;ywDYWobOqPk(EYjyjM z$vETd*H&vqPteyKf5k5+*F>{I-)+XK6*%ve7 zFrU?R;{xhDzO%2EKP>T_KmuZUWIa8=LU6t31+i8sQT2Y5y*iv-?rfH*%hfPadA1^Y z+?A#6Ly@FjIdK)vq3gTHc;6qHs@=0Pmzdtv!LDQnKXD)CT z_ruP(Y1Ir|`{pWA`C=SZ#+g;AQup2YCL5RMgZVSNIBDiob|8IGwEnPzUu0rp1h%2CF=?A z7U;`|V|1Pg226O&1opzYqDr!8L9@-usLA8F*>!a3q@&Hib3X6t9(}{dtrrF$BaI%e zCa?7fw{hLDiLCJ_ZQ{@T7Q5l9j4i%r;6|{_?hzBog$ZP%l*NIuToddwzJT{~SwiK0 zwhcQcTf3Vx!gdMg^+VUtcTeLVF_%jcXGJk7ukK5ECR(cxW zZIoNAj?I-`eI_x^bLsJ%TGXoZBuo(hrVr{&XrFt< zPCf8KMNK$Jcl1dl!(*i1+PK%)Qj{>sXM?<#ooiaE_)tWN4!(^2E^}nvgNL*phr%yo zdc2Wg&OAErD}_VP1^J5?zspe+Xg(1ZF`Ktg#?Q=Ddk)VmtCV~=6YJAkvWmdZ9{Wp) z2{AH{N!x3>Ck(xixVJsf^M;`Q>YL&;irqV3GwQ#~GEjG#eO2+p5w59EQaR5{UYprp zsk2+^$tU}};_Cz8@dX?#M*xVBW1Qzayo2_W9=FP=JpDGqhmX!iLD&Sr(()DeueqNl zJ(IpmW)(LK7IsTOu~Q)nr6oC0viXgMwyW)MytD@w&0vY6>{<8@^s;1TibQs)g<*CP zFaF52$?^m4bw0%TB-v;8M=_NjF4tT}^wYMyU4>d?5=bXKF7a=a-o6Xta-BZ$ZMp2T zO-qxKRY?!m;HMmQH8XP46dqn^-=Wf&MxW^YYH?t#r>IWNV0tR0&!^vg2O@PgX}~hU zZG$yTSB#95_P|)JJY6{;<>H2bmlul;lz1kRx}`s*M;m-w?s;$*J0nK_uXIUI%`hJF7C=pQgyziO#$z?(ULtjWqJWwv zgj-8<2pL^R=ilf=P&$%7RP8oe9kF=Y;jUs`o{qwIn}S!9&vpr>KEG_#wr5dg@-Z3} zUuE?QCE^&OvC-d*Z&l9%ZU*l;GyNFWB{_w-x4~#uW zpFM2mH0wRDc=d1#FuKc&ID9s*-g5{YM~<<`zw+Rt%nU|7?5hS_zhr?c-~DtRJy|v* zTwTHEyCv;#O?;ol^?lqv!-!>6!NQfW*VV`GM<<_I9ou)GpZO|W&cnb7f;8Bp>ZJ5O z1?s3#^*9#jE?(P}XLP!ZJNzosPo00nbvL*RZ!9x+1J^gI6E!n5aq+7qLc&A_p zcRA|(!Mw{KrJBk1y-uW?lV~j3w(`UPbZ4gQ$)yU{Gw+6jO5P`&Ltd_9bbeDU%z-~o z2qlUWTHmoOb}N|q0?J-WJAZaGy(BA+FRwajWaQegPcsiT`ua-GOAgda;S)c-Vuqyx zdDKJb6DteVEV1s%w%lWMKQs^x9_fGju4i^STdf%TCL zG0qdOaiYfd*O#Z}+q zRj+w3O%^croKJuz(p=We;=hw|_q5NMTCVL@?R$-!MVdB^l&^f@QZ*s@){VF>IMbdP zO6I3H$8Jpss9EVmHPYEw{$;fPopxYBfU8~LY7^jsZ<~A7m}-wlp3_`7KiPkD>F%K_ zvCz_>{(X<<1@!_&>=R6mGH3Q!I*iDONK{5tbYEM||Db=CoVTayliUZJ7@3hNb8_aM zw!w=zFss}Y>fotiSjiLN=&<_BXAWMDgg3D$MCxT%_~;q>X{pL;aI0+MOzrW;I6mp> z(NK=q$~>%MLb>@d&-$v#fHYIJBxIepZMVAq%)HdZ&R>@Jqx`}2x;Z&%o~ucs4sVvS zciGzvSkQdLh8l_%$q`h_26IGGMm*Rf^$vBs&_I#b3ulh*Oe=9Xf1KTO*>&=xkiHt` zz4&>V#o>EP4>PUPAg`8;$w9N`20>^QV^QPw*{P~62ALS%jPi1l^yt1hISBmiIOJ5) zq$li10!PfUO6-S$LFo(TwU&zuMXuvQS9u;4zO~GWO%N_4)HDyx9wD+R9jspO*PGop zn#178BcIGnXLpcXQj)r3LbLwX1tJVXnt%BjQoLKf6tLy^57MB^r(%}s_mI0v)rqhB zL#WQ{>7Z>#m{E~Iot>htr%B#}*rGOuLzcRp4xZ@3{YrnuS3ugZ*UF_m1qMSK} za2TPURzNR2X}&U~{h}1AQtAr4mPfClZha|lgP5q}k#XB5Xh1q=3NOtRjDkg^E1mMHf?efm9fH-cdqxEk0y&v)$Euw5*-IdKvp^g8rPXz zU<_?uRft)&6Ckavu(fx?@5(}6QF(%+mej+E2J5g)LRy8#dwHS>IX2Kt1BPDuE*-#m zg6$Y`d3xzdxvAPcNO9xjH#QnNoVxs)8Jy=W>X$o5O+%|PnCi8sjklyptwfIO>+QW# zA!fZcSh#K|m{t!r7SH*Z;~pF_MM-rGX!`<yMEDr(uQ zb4hkQiZL~*f2pN{-6#It05;VaI~-_l4pIDaRnU2Q z!hjE6J)BQ-_V|S#pKnYKq)ntnjYqX*roOb`^JiFSLC-vN`u<25`=VqiiL`L9CR=JT zfv4@utE|cQ#TO=Lkmx>-WGLe-Pa*!l)0LT zv%SrBp|8p)PLKIb>LIkmz29s}74Y`Jc>=DkeNtaGG8AL)u+d@Eb$D)P-msirhLYFx zl7y~!GSYgMSV*ufNnKlxqj!2SP(q5P#(%@?TuHToWAr9TUOuRm;*PWH(H;4iLKV0x z`&N|s(Vk}c7+Hyp+c*q*oV5h^voL+Ui%KDQ&<`)MPaS>%ZoN@Atxxdn^E9@(W4dfs zs6L0C80DZi=rwd815wLU&>n6x)8=`pn1q)y5@-39y#X_6bq(lQkSiu*9hxHAV4*Rs zi@WW7mEK>6c@jfx>-IiMg(2O1JCiu-nERH#Oc&N45qx{5D$=*&N++y0jCG~RMyRZK zFy-6&84wrW-inJ`gJ_mH$aT?uo>)Y}5R!PI7?QK8jc*>3bR$Hxi8DfcG8@x^2-yc= zzD`ZeHdp3gEG!l^$oE8jifoh5(R_w_&--izKNOdYR&DShR1tel)=AN+b8iy%oTIdL z4RzP&nz+Rz{evkNvxIC*yCSKvUEa6NQ9iq&sUe|u#h=`0&bdeI(i-|WR)LSI!{V>a ze!{frppm*Tv)dMzgnEY#1Nh(epdLaNps6=Bw>&`k zaR!&Vr>+65348Ol>8I9wl;3~5V@~er2!lTyRZJ^StSm`oSSjx+XqOaBVZLwL43oSS z*tw9SFbB&dS$3i?Q93AMWg>TXVcNGGXwcLld76UpW=;J*8A0~K_9OKc8`NT_W3`|A z&!M?burdEyvdELIw}+4p1;}<5NEsiSyJCUJzD4u#1r0f|LUx|W0KMs%Mf162^8yRL zO!ollEV$0H1*4y6O^*RBT6b{#a&^Vh1=Tk?mhiQ)I+1qE#>_mwKIO{MsG2^s-h1SL`g5s{QVI<$Ctth}zW6CIL<&yxF9%Xw`%b$dAOA7!?d`}0Bs%1D`$~GN{Q?5N zNNdm#a!K;u8u!y2w;j;yaH_|0E%6r$PTk6TA5hx17y+{Y1_O*>meb?Kyo|;CTZ*Bl&LJ7X}d?gNLl~bp|&^A;CbF22L>YKRhZY(B2 z@m)7;5-PpbYL-oXW{M{5%?O5)%N;uHD;T)hJYw1V)g0PXNu&Hfr}z&U`dH+?dMI1cmMV(5j$}hmgtLp@#y!?w@z@E&2Ftlu>_%Di7+({g%@oA5IT~S<^aQ z6$4k5n(jVjkjq(AT)dJWSp!Ed)bq8U%zXa>64ZaIkq~Q9L~4@2#&;Q5hPXtnu1}_jOHwzMF=!4#VNrtWeRu9A;T?3!W(%*|B|SGx(-6VTL;@8! z=@YT%zgB>nrje7AXtq(wgNHcbBwht>)}t>f%IGJIN$G>a20nr6gdwsz4L>G0s(mkT@Qe%jgJg=&!{q)6c_L}gZbEOi~L@~L&d>#GK5bHiPXVYUO%X(rph{6$%ei7AjY-+GOcX_PGp*h4GWIhQGY}4q-HL zVJTSCms_sDcnwKf?oMO$o4dc>E0|Mp*0K1zwXWmTP#`Q36jOVgKNA#KNt%JTgfoFU zdzBf*H*cIIjKHAi%MgDOp>LusO?LTRO@`NGYE&C)bs$cza;6ybHZn5O%B#b_RB27l z{L!V$+Yu!{MzcrbNP@^gvcA)}%CGT*3tETJpsajAz^PX8R{RliluGInC`|qi3A41h^wQc<9g78*S^b{X6p1X-#bYl zpC`yhUM^8LHOoxqK@?dlRuGqXp?Fo2Fp zP?;HLJOq6eZ5d^qy5_f51$$dkxtz7W>N?S^jwKANwt@ObFSv;!4Ss}~D9>F%chLO6 z6nXag;89Vx-5LbaQVxq+k48YuWJZ{*G=*p`sEITHdUOfmxJmxtJkn-ppA`|d3#1$9 z?tlWn6CUWf&wJLZoLi{rk3HLWVf0yH?GgJ^OVj$MUc4kwHe5pj>+70$i>Z4yua099 z)H7PtuA8stOZs}^OsRQWit?lo+)LHZG|%TVr8;+CB_ndJYVy%hCxi4v_ihsjQ11Cu z!rkHEgm5<8>_e}tPoE)g_6svx*@aE24tNU;hs5&Sl=M&L)7k-W%F3jB(O*7kclF5) zhS?``&^IO6j4_Jil`q}IM1rU3#zGW2o_2xTKg`Usi2VLWfh4A6eLQYLm!xoEs;su+g?^;lVicjYRd+`96<&L{ibuaFpJmbA!Pg;FQ>9|&g#WtPJAr$owJ<@-E= zy%@9HaZo6aApd}9g7E;Pp2EzdI102Ji&%97#o{I;L1$1i2ECLjl8RdC6%66%&nqzH zIWUCedHPy*o3)Z}r@+JMi~FxFqx5{>;WQ*?fG8731B%JjbNSMBGn*@c#q@regCtE& zqRCU}wq_}O{ADsvnDkk8_l|4pu5~b^@5Bmp6kg%H0rn2D2Qo31tO&K^{GZo)4x0nA zYj(e~UL)f7ZJn^T_%%j!5x3qmAg4FP#(RR+cW959fdem@xW3q~c+~Nw2Oz6vkJ@W= zc?)tX)53Q)CezYDwXHMVBnr8%3aL1Jg55+sSOjrJ=+X0luG$~$V$q&fV^U(evfiFV z)~}>xrJ~|krvaGh7x3^E*$!aYkUU%Lv}2#9E!bBkzs8nj3%d zMwoZ#h4JXV?5?h^j4(6gb$%kA(Y@vPrbG6df>8&6pR&Jo=9gx*?*XDCvr@^Mf82A- z`^T$ETxO0&-eZzF+`Ii!<^W**zNJ3bmN9>6l?M~{IVcY@!XXa=h!)MsKm$v*phq%k z1o)0ydZ&pvsc;$sMM=+TatCor-&^L5&_r&uPl7sJGsF((I(AS~%%HG3gVb}AQ?Feq z7iI<4x`~>I8CWS^0@aL>dCySM>8Blg3&ng^rhU~roabxU(q3H-9GBFPoJ?5)jKU9* zW$<2_vqsmNLD4q1@fe%8fHj3lpuBAp%bwQ<5T~-A?Anp}K3^q~iU|>{%uwUZa3*Hx z$D6R`a0VP=zkJhY=%x0&YcNQ8=^T-IhsjB!81Exh}j(G)_QTWLq~JQE$EK)399Nm zDrf1BuX*)8)ujY5KqIlyx4=Dl#(;WN3!j>kKkpIw8otXSDxl|{+zHmFfPh|2@l;?z z`Ow90ba@fTm)yj#da5%5=HIl{P6gRiH`C^+egqYiqQiCuEqtV9OaUw7`U>N>T8>Sf zAE}!NQy_o}<&UIolh5zx3_TFUPFKd^GnWNN2-axqR)~>+n-+&CAE;@jyLksVKoh|S zmkmJ*Fm0vyx*f&prA3VGCr9zRP;c|2#0tQyW0cIWKj}HZ4$yMutMq-q1JoXTD%yON zLSIs_yiPr%)SFe0go-brr!t@qYxnjDe=&lTqDfO`kYvu?u>D3ON_RK}Cr4J9Tje0) zq8FP#!wMWtTB#{p91Yj>;Ml@ihZhNM(a!UXjz` zNyJ+lGjL?wz-r}cD%^MEXoBEWlGk|5QWcDRy5{(!bU{5FzMw_+LT*^HEDaR>bZ)%` zDO)0b;y|@b-aWYu);d@!8Hp^6MoqQ5e&Ry)yx!fb?gdbzbvg;o2cMswx5l9YPT z1Kv|(D>WKa-zs}#lB4OE%6C-|`th@kuVxC$?2nLFli5B)9Ok7jw>+9nz{F}M^I@jM zlR`PR!s`a0Ta8Cc?}31WH7K{DM^;V`0}U}EzfAP78IhExhQDs`gr2u}^+=Hcz1S=@ zK_xwl0T!ygT~jXMGU4?B!68eRk2bQ4F~lJY@Zxwx%_6sS7yw8~ioO{_d4D>j*jeHWLdi_scLJ%g^#^ia{GscI`hinfznq9LAyD>o0k=<3asY7A5y`gW0KG zCsK^Lz-;jTa4PO4#wdQ^1DX|QmT(huN|@VCx4TnJG%`J=jEAzJlw=~o77mP+x7 zR|_*Jl<(Z|X)8hiV|_%(5d`4d;PKm)%i!iD=Inl>0?uMt1{j2(S9jG@+hmW?|;lJk_P|E_GlYwX)GeCehHxmm#2V&`)v=?WnP*4Qf znJ8~>Z?BngSgU(CMBj1e_Fr2#`MZUm-)QXtPL0q@nax1K4&)SaQj2Z2QX#)3y7htf zlKh$+=c9`}lrNGWgP7u^MaJVl+uT~0bVkrN;%PXz77pY}#%PNEf>gT`B2{KYwWm5J zt&a9+pNvqk%K3v4|2bjv!yv|N^dCP+!TzCEn%~jbttZFGVF?{sPv(&F=yOMu{sRd( zBaleKj-)M9Y;o=f|2eGD#qE#cv?!d?d2>}P=GQb@C&091`BpX~y!1Rk&$WXbe{_(s zJ(kH-jKFP$fMO9K+at;mlaMHFAN3Yj(!4qOk=+c?QBQ~Er`u$8#K8QM@*7wD18A@G zmomklBU^e0y43X2)u8;B1j1T8y<6CyE(XY0tm?Irez_P06c>ZEw-pJ*B$fz%K3{u1 zY-`OnpGn>Y1gU=dOW7|Q{6{BR4r<@Z>B%5q~|RHkb-)3gtF}B=D=O2@49dW7BldeihOzKCmcijHfh&&7^7U7V=CVgnR0+BV<%RJjY)+JL; zcuw~~q~QrzxS>Z}7h!kj)^u*41-}U2`(YMPz@G~EtJ@I1T#(x@)uD{dh%z=x<90k? zJwgi7D9^~x0L3jTSUJ9ZURvUy=}vy#trRnbGnDB~OMn;I`Vq`@Cx@}gZ_sVRtrk#* z#B2}l@J~r=9R&?I#>;GON89m%4ik#_wgVs_1E45V@g4Wiu9KB_01Az|?dKq{+v>b$kAr#1SAIJN}GKbGP$_ym}SH;by#sr9Bn3l|9}ZyZqv=rCUCz z@%C?)TUhV{0`ub0-&_;~kj#{QMPcN2EVwZ&nfu7x`b_~(0DMrazmN~MUXNZQZEdXm zTL0gV(lr1J(YU{K6970hp!qhmZ%hCF^G}IxNn0Mj18h1CgHx#2e6qUk2(Q*q_qwTv;j3rvzj;N8Z_A47$DP%^96i z9z{xJCMRYZb&w3)=d#j)0>h+}xvrHQ^baaX?kJ=UD zYP;|KuDsd(YHJRbXI)mVfbHBp9o_c~*BHb7UkWBgRIW&jW z1C!7UvG=CKu5xQsT4Be@SO+QIf-U zsQkm`nk;Y1uzrfPYKvpDXzHU$38H z!b~aHes?siS^e+_cK~Iz2dK)~rTfP)BzG*VcyHRUGbgC-iu~Q$FTDcrv$vU1-X;K$ z;-%y+r38p@VqVwf?Q%YyOwk;>^J0&-O&15uk=X=o`uet(eEwj?L&%*rUuEM{`q5Z+XEzKX~ zumuGzIY1H{hXsYU8QTCqrXTey-lSIPKfN(JhFc&*%(iu^;@8;S_*(DJEX!}B6^ej1 zfTw^pTS(k`U*vy4@MjAd$AJL%r`TnXx4-hQCx8D0XnHNpjHB(R zb)ALFu4{6D{`Ufszw0X<`tK2M|K=sI2LDQ+Fr^!C7I)jZXfUwd4LdA9)AeQe3GW7g%|9#Y1)D*M$o%~IKi2p}U$09^W;Zrzrs z!EUoswY)feWcL=M1(Ve`Q zvE2vR-pOX8OBC`#kIF=Cb@4BJ{=(#Su!Ug8d$sfTI{(Lq05VX=)u@Vze_7){dfz0J zzf)8R|HEn6zEqndvpdx~5P2|Oj#o}B5VGWR$50I+L+a{A{%HJ9!THPI0Cx5UH{146 z2Rz>4osTlDi75M*yQrlB=Bx2#V!Psj)Y`U#Z4GcY-aq?FmH@IJ_)+?YNKc)j#GmW5 zAb0%xjjLZm*U|xlQ!kbIBV`3VM(iN%d!OxMFi!@Cj~@5sHruw2JKlhWXKCC((U(N@!c#OIe_8IHL0pyTWkFt<^ zmC*G@ujEe4zNsnb{y@@f-4n*7R8m9{2f9Unir`v=v+c;qv0G2CgEZ+suO@l>GFGXt zfm(u}+J42ezZ8RCFc$^Nn@w8!>@b zuiijcw5XC~2dc3X2$Qw4IrqF<)DUc%46pP(^0lr3a)CM)|LEgyTeU?Qr{{J!5aj0S zuKwFvZHKVGd5n4{il`>p*^=o@$Yf{`lh24ptzY{ xYjL}V{G0ed?po?UTiF`sf5dbD9>pL;+pqv@C{-7Cq5}Vv6*R77UoyY<{{SFXfENG& literal 0 HcmV?d00001 diff --git a/patterns/blue-green-upgrade/tear-down-applications.sh b/patterns/blue-green-upgrade/tear-down-applications.sh new file mode 100755 index 0000000000..4e8090e010 --- /dev/null +++ b/patterns/blue-green-upgrade/tear-down-applications.sh @@ -0,0 +1,118 @@ +#!/bin/bash +#set -e +#set -x + +#export ARGOCD_PWD=$(aws secretsmanager get-secret-value --secret-id argocd-admin-secret.eks-blueprint --query SecretString --output text --region eu-west-3) +#export ARGOCD_OPTS="--port-forward --port-forward-namespace argocd --grpc-web" +#argocd login --port-forward --username admin --password $ARGOCD_PWD --insecure + + +function delete_argocd_appset_except_pattern() { + # List all your app to destroy + # Get the list of ArgoCD applications and store them in an array + #applicationsets=($(kubectl get applicationset -A -o json | jq -r '.items[] | .metadata.namespace + "/" + .metadata.name')) + applicationsets=($(kubectl get applicationset -A -o json | jq -r '.items[] | .metadata.name')) + + # Iterate over the applications and delete them + for app in "${applicationsets[@]}"; do + if [[ ! "$app" =~ $1 ]]; then + echo "Deleting applicationset: $app" + kubectl delete ApplicationSet -n argocd $app --cascade=orphan + else + echo "Skipping deletion of applicationset: $app (contain '$1')" + fi + done + + #Wait for everything to delete + continue_process=true + while $continue_process; do + # Get the list of ArgoCD applications and store them in an array + applicationsets=($(kubectl get applicationset -A -o json | jq -r '.items[] | .metadata.name')) + + still_have_application=false + # Iterate over the applications and delete them + for app in "${applicationsets[@]}"; do + if [[ ! "$app" =~ $1 ]]; then + echo "applicationset $app still exists" + still_have_application=true + fi + done + sleep 5 + continue_process=$still_have_application + done + echo "No more applicationsets except $1" +} + +function delete_argocd_app_except_pattern() { + # List all your app to destroy + # Get the list of ArgoCD applications and store them in an array + #applications=($(argocd app list -o name)) + applications=($(kubectl get application -A -o json | jq -r '.items[] | .metadata.name')) + + # Iterate over the applications and delete them + for app in "${applications[@]}"; do + if [[ ! "$app" =~ $1 ]]; then + echo "Deleting application: $app" + kubectl -n argocd patch app $app -p '{"metadata": {"finalizers": ["resources-finalizer.argocd.argoproj.io"]}}' --type merge + kubectl -n argocd delete app $app + else + echo "Skipping deletion of application: $app (contain '$1')" + fi + done + + # Wait for everything to delete + continue_process=true + while $continue_process; do + # Get the list of ArgoCD applications and store them in an array + #applications=($(argocd app list -o name)) + applications=($(kubectl get application -A -o json | jq -r '.items[] | .metadata.name')) + + still_have_application=false + # Iterate over the applications and delete them + for app in "${applications[@]}"; do + if [[ ! "$app" =~ $1 ]]; then + echo "application $app still exists" + still_have_application=true + fi + done + sleep 5 + continue_process=$still_have_application + done + echo "No more applications except $1" +} + +function wait_for_deletion() { + # Loop until all Ingress resources are deleted + while true; do + # Get the list of Ingress resources in the specified namespace + ingress_list=$(kubectl get ingress -A -o json) + + # Check if there are no Ingress resources left + if [[ "$(echo "$ingress_list" | jq -r '.items | length')" -eq 0 ]]; then + echo "All Ingress resources have been deleted." + break + fi + echo "waiting for deletion" + # Wait for a while before checking again (adjust the sleep duration as needed) + sleep 5 +done +} + +echo "#1. First, we deactivate application sets" +delete_argocd_appset_except_pattern "^nomatch" + +echo "#2. No we delete all app except addons" +delete_argocd_app_except_pattern "^.*addon-|^.*argo-cd|^bootstrap-addons|^team-platform" + +echo "#3. Wait for objects to be deleted" +wait_for_deletion + + +echo "#4. Then we delete all addons except LBC and external-dns" +delete_argocd_app_except_pattern "^.*load-balancer|^.*external-dns|^.*argo-cd|^bootstrap-addons" + +#delete_argocd_app_except_pattern "^.*load-balancer" + +echo "Tear Down Applications OK" + +set +x diff --git a/patterns/blue-green-upgrade/tear-down.sh b/patterns/blue-green-upgrade/tear-down.sh index 66fe877400..0fd665adeb 100755 --- a/patterns/blue-green-upgrade/tear-down.sh +++ b/patterns/blue-green-upgrade/tear-down.sh @@ -1,14 +1,40 @@ #!/bin/bash -set -e +#set -e +set -x -# First tear down Applications -kubectl delete provisioners.karpenter.sh --all # this is ok if no addons are deployed on Karpenter. -kubectl delete application workloads -n argocd || (echo "error deleting workloads application"; exit -1) -kubectl delete application ecsdemo -n argocd || (echo "error deleting ecsdemo application" && exit -1) +# Get the directory of the currently executing script (shell1.sh) +SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" + +{ "$SCRIPT_DIR/tear-down-applications.sh"; } || { + echo "Error occurred while deleting application" + + # Ask the user if they want to continue + read -p "Do you want to continue with cluster deletion (y/n)? " choice + case "$choice" in + y|Y ) echo "Continuing with the rest of shell1.sh";; + * ) echo "Exiting.."; exit;; + esac +} + + +#terraform destroy -target="module.eks_cluster.module.gitops_bridge_bootstrap" -auto-approve # Then Tear down the cluster -terraform apply -destroy -target="module.eks_cluster.module.kubernetes_addons" -auto-approve || (echo "error deleting module.eks_cluster.module.kubernetes_addons" && exit -1) -terraform apply -destroy -target="module.eks_cluster.module.eks" -auto-approve || (echo "error deleting module.eks_cluster.module.eks" && exit -1) -terraform apply -destroy -auto-approve || (echo "error deleting terraform" && exit -1) +terraform destroy -target="module.eks_cluster.module.kubernetes_addons" -auto-approve || (echo "error deleting module.eks_cluster.module.kubernetes_addons" && exit -1) +terraform destroy -target="module.eks_cluster.module.eks_blueprints_platform_teams" -auto-approve || (echo "error deleting module.eks_cluster.module.eks_blueprints_platform_teams" && exit -1) +terraform destroy -target="module.eks_cluster.module.eks_blueprints_dev_teams" -auto-approve || (echo "error deleting module.eks_cluster.module.eks_blueprints_dev_teams" && exit -1) +terraform destroy -target="module.eks_cluster.module.eks_blueprints_ecsdemo_teams" -auto-approve || (echo "error deleting module.eks_cluster.module.eks_blueprints_ecsdemo_teams" && exit -1) + +terraform destroy -target="module.eks_cluster.module.gitops_bridge_bootstrap" -auto-approve || (echo "error deleting module.eks_cluster.module.gitops_bridge_bootstrap" && exit -1) +terraform destroy -target="module.eks_cluster.module.gitops_bridge_metadata" -auto-approve || (echo "error deleting module.eks_cluster.module.gitops_bridge_metadata" && exit -1) + +terraform destroy -target="module.eks_cluster.module.eks_blueprints_addons" -auto-approve || (echo "error deleting module.eks_cluster.module.eks" && exit -1) + +terraform destroy -target="module.eks_cluster.module.ebs_csi_driver_irsa" --auto-approve +terraform destroy -target="module.eks_cluster.module.vpc_cni_irsa" --auto-approve +terraform destroy -target="module.eks_cluster.module.eks" -auto-approve || (echo "error deleting module.eks_cluster.module.eks" && exit -1) + +terraform destroy -auto-approve || (echo "error deleting terraform" && exit -1) echo "Tear Down OK" +set +x diff --git a/patterns/blue-green-upgrade/terraform.tfvars.example b/patterns/blue-green-upgrade/terraform.tfvars.example index 6ff5fcc5c3..4687c83db5 100644 --- a/patterns/blue-green-upgrade/terraform.tfvars.example +++ b/patterns/blue-green-upgrade/terraform.tfvars.example @@ -6,7 +6,8 @@ hosted_zone_name = "eks.mydomain.org" # your Existing Hosted Zone eks_admin_role_name = "Admin" # Additional role admin in the cluster (usually the role I use in the AWS console) # EKS Blueprint AddOns ArgoCD App of App repository -addons_repo_url = "git@github.com:aws-samples/eks-blueprints-add-ons.git" +gitops_bridge_repo_url = "git@github.com:gitops-bridge-dev/gitops-bridge-argocd-control-plane-template" +gitops_bridge_repo_revision = "HEAD" # EKS Blueprint Workloads ArgoCD App of App repository workload_repo_url = "git@github.com:aws-samples/eks-blueprints-workloads.git" From e0d65f7ac3012c826daf1967a3817a316ab7e4f4 Mon Sep 17 00:00:00 2001 From: geoff golder Date: Mon, 25 Sep 2023 01:38:07 -0400 Subject: [PATCH 07/12] docs: Fix typo/bug in readme (#1772) --- patterns/blue-green-upgrade/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/patterns/blue-green-upgrade/README.md b/patterns/blue-green-upgrade/README.md index 4c28dde26d..9c4182b0d0 100644 --- a/patterns/blue-green-upgrade/README.md +++ b/patterns/blue-green-upgrade/README.md @@ -90,7 +90,7 @@ cd patterns/blue-green-upgrade/ cp terraform.tfvars.example terraform.tfvars ln -s ../terraform.tfvars environment/terraform.tfvars ln -s ../terraform.tfvars eks-blue/terraform.tfvars -ln -s ../terraform.tfvars eks-blue/terraform.tfvars +ln -s ../terraform.tfvars eks-green/terraform.tfvars ``` - You will need to provide the `hosted_zone_name` for example `my-example.com`. Terraform will create a new hosted zone for the project with name: `${environment}.${hosted_zone_name}` so in our example `eks-blueprint.my-example.com`. From 6e25820d760a6ae57926f6875c4e0d805ff87608 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 25 Sep 2023 08:29:50 -0400 Subject: [PATCH 08/12] chore(deps): Bump amannn/action-semantic-pull-request from 5.2.0 to 5.3.0 (#1774) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/pr-title.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index 04153efe94..ae9100b017 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -23,7 +23,7 @@ jobs: with: egress-policy: audit - - uses: amannn/action-semantic-pull-request@v5.2.0 + - uses: amannn/action-semantic-pull-request@v5.3.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: From 92fe0634d30c8b308731b7a400c9b4e462bd5956 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 25 Sep 2023 08:30:07 -0400 Subject: [PATCH 09/12] chore(deps): Bump actions/checkout from 4.0.0 to 4.1.0 (#1773) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/dependency-review.yml | 2 +- .github/workflows/e2e-parallel-destroy.yml | 2 +- .github/workflows/e2e-parallel-full.yml | 6 +++--- .github/workflows/markdown-link-check.yml | 2 +- .github/workflows/plan-examples.yml | 6 +++--- .github/workflows/pre-commit.yml | 4 ++-- .github/workflows/publish-docs.yml | 2 +- .github/workflows/scorecards.yml | 2 +- 8 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index de63223cdd..641e026c59 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -22,6 +22,6 @@ jobs: egress-policy: audit - name: 'Checkout Repository' - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.5.4 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.5.4 - name: 'Dependency Review' uses: actions/dependency-review-action@6c5ccdad469c9f8a2996bfecaec55a631a347034 # v3.1.0 diff --git a/.github/workflows/e2e-parallel-destroy.yml b/.github/workflows/e2e-parallel-destroy.yml index c66e8b68c3..e3c38a0058 100644 --- a/.github/workflows/e2e-parallel-destroy.yml +++ b/.github/workflows/e2e-parallel-destroy.yml @@ -41,7 +41,7 @@ jobs: egress-policy: audit - name: Checkout - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Setup backend # Un-comment remote backend for use in workflow diff --git a/.github/workflows/e2e-parallel-full.yml b/.github/workflows/e2e-parallel-full.yml index af56868f00..3317eb38fc 100644 --- a/.github/workflows/e2e-parallel-full.yml +++ b/.github/workflows/e2e-parallel-full.yml @@ -32,7 +32,7 @@ jobs: egress-policy: audit - name: Checkout - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Auth AWS uses: aws-actions/configure-aws-credentials@v4.0.0 @@ -74,7 +74,7 @@ jobs: egress-policy: audit - name: Checkout - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Setup backend # Un-comment remote backend for use in workflow @@ -164,7 +164,7 @@ jobs: egress-policy: audit - name: Checkout - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Configure AWS credentials from Test account uses: aws-actions/configure-aws-credentials@v4.0.0 diff --git a/.github/workflows/markdown-link-check.yml b/.github/workflows/markdown-link-check.yml index f9e85766f4..69751e30b7 100644 --- a/.github/workflows/markdown-link-check.yml +++ b/.github/workflows/markdown-link-check.yml @@ -25,7 +25,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac + - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - uses: actions/setup-node@v3 with: node-version: '16.x' diff --git a/.github/workflows/plan-examples.yml b/.github/workflows/plan-examples.yml index 1949ab5066..1abd797d68 100644 --- a/.github/workflows/plan-examples.yml +++ b/.github/workflows/plan-examples.yml @@ -32,7 +32,7 @@ jobs: egress-policy: audit - name: Checkout - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Get Terraform directories for evaluation id: dirs @@ -67,13 +67,13 @@ jobs: - name: checkout-merge if: "contains(github.event_name, 'pull_request')" - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 with: ref: refs/pull/${{github.event.pull_request.number}}/merge - name: checkout if: "!contains(github.event_name, 'pull_request')" - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - uses: dorny/paths-filter@v2 id: changes diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 4d72ffb6d5..c2d5f00766 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -32,7 +32,7 @@ jobs: egress-policy: audit - name: Checkout - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Get root directories id: dirs @@ -55,7 +55,7 @@ jobs: run: rm -rf $(which terraform) - name: Checkout - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - uses: dorny/paths-filter@v2 id: changes diff --git a/.github/workflows/publish-docs.yml b/.github/workflows/publish-docs.yml index c32cd39ebb..2069e306f8 100644 --- a/.github/workflows/publish-docs.yml +++ b/.github/workflows/publish-docs.yml @@ -23,7 +23,7 @@ jobs: egress-policy: audit - name: Checkout main - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 with: fetch-depth: 0 diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 580619f1d2..473090df94 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -36,7 +36,7 @@ jobs: egress-policy: audit - name: "Checkout code" - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.5.4 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.5.4 with: persist-credentials: false From 2f57644896c321d52729039dbbed2cb746555e77 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 28 Sep 2023 08:06:37 -0400 Subject: [PATCH 10/12] chore(deps): Bump github/codeql-action from 2.21.8 to 2.21.9 (#1778) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scorecards.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 473090df94..d2ccb7a5b7 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -71,6 +71,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@6a28655e3dcb49cb0840ea372fd6d17733edd8a4 # v2.21.8 + uses: github/codeql-action/upload-sarif@ddccb873888234080b77e9bc2d4764d5ccaaccf9 # v2.21.9 with: sarif_file: results.sarif From 9e407f03a2454c1148cd90a1667e74ce8c142362 Mon Sep 17 00:00:00 2001 From: Bryant Biggs Date: Tue, 3 Oct 2023 07:44:38 -0400 Subject: [PATCH 11/12] fix: Ensure EFA installer uses full path to EFA bin and does not install if already present (#1780) --- patterns/elastic-fabric-adapter/main.tf | 163 ++++++++++++++++---- patterns/elastic-fabric-adapter/versions.tf | 8 - 2 files changed, 132 insertions(+), 39 deletions(-) diff --git a/patterns/elastic-fabric-adapter/main.tf b/patterns/elastic-fabric-adapter/main.tf index f0476d7d71..550df48250 100644 --- a/patterns/elastic-fabric-adapter/main.tf +++ b/patterns/elastic-fabric-adapter/main.tf @@ -28,26 +28,14 @@ provider "helm" { } } -provider "kubectl" { - apply_retry_count = 5 - host = module.eks.cluster_endpoint - cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) - load_config_file = false - - exec { - api_version = "client.authentication.k8s.io/v1beta1" - command = "aws" - # This requires the awscli to be installed locally where Terraform is executed - args = ["eks", "get-token", "--cluster-name", module.eks.cluster_name] - } -} - data "aws_availability_zones" "available" {} locals { name = basename(path.cwd) region = "us-west-2" + cluster_version = "1.27" + vpc_cidr = "10.0.0.0/16" azs = slice(data.aws_availability_zones.available.names, 0, 3) @@ -66,7 +54,7 @@ module "eks" { version = "~> 19.16" cluster_name = local.name - cluster_version = "1.27" + cluster_version = local.cluster_version cluster_endpoint_public_access = true cluster_addons = { @@ -98,6 +86,13 @@ module "eks" { } } + eks_managed_node_group_defaults = { + iam_role_additional_policies = { + # Not required, but used in the example to access the nodes to inspect drivers and devices + AmazonSSMManagedInstanceCore = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore" + } + } + eks_managed_node_groups = { # For running services that do not require GPUs default = { @@ -113,7 +108,7 @@ module "eks" { instance_types = ["g5.8xlarge"] min_size = 1 - max_size = 3 + max_size = 1 desired_size = 1 subnet_ids = slice(module.vpc.private_subnets, 0, 1) @@ -133,14 +128,26 @@ module "eks" { } pre_bootstrap_user_data = <<-EOT - # Install EFA - curl -O https://efa-installer.amazonaws.com/aws-efa-installer-latest.tar.gz - tar -xf aws-efa-installer-latest.tar.gz && cd aws-efa-installer - ./efa_installer.sh -y --minimal - fi_info -p efa -t FI_EP_RDM - - # Disable ptrace - sysctl -w kernel.yama.ptrace_scope=0 + EFA_BIN='/opt/amazon/efa/bin/' + + # EFA driver is installed by default on EKS GPU AMI starting on EKS 1.28 + if [ ! -s "$EFA_BIN" ]; then + + # Install EFA + # Note: It is recommended to install the EFA driver on a custom AMI and + # not rely on dynamic installation during instance provisioning in user data + curl -O https://efa-installer.amazonaws.com/aws-efa-installer-latest.tar.gz + tar -xf aws-efa-installer-latest.tar.gz && cd aws-efa-installer + ./efa_installer.sh -y --minimal + cd .. && rm -rf aws-efa-installer* + + # Not required - just displays info on the EFA interfaces + $EFA_BIN/fi_info -p efa + + # Disable ptrace + sysctl -w kernel.yama.ptrace_scope=0 + + fi EOT taints = { @@ -211,8 +218,20 @@ module "eks_blueprints_addons" { repository = "https://nvidia.github.io/gpu-operator" values = [ <<-EOT + dcgmExporter: + enabled: false + driver: + enabled: false + toolkit: + version: v1.13.5-centos7 operator: defaultRuntime: containerd + validator: + driver: + env: + # https://github.com/NVIDIA/gpu-operator/issues/569 + - name: DISABLE_DEV_CHAR_SYMLINK_CREATION + value: "true" EOT ] } @@ -225,14 +244,96 @@ module "eks_blueprints_addons" { # Amazon Elastic Fabric Adapter (EFA) ################################################################################ -data "http" "efa_device_plugin_yaml" { - url = "https://raw.githubusercontent.com/aws-samples/aws-efa-eks/main/manifest/efa-k8s-device-plugin.yml" -} +resource "kubernetes_daemonset" "aws_efa_k8s_device_plugin" { + metadata { + name = "aws-efa-k8s-device-plugin-daemonset" + namespace = "kube-system" + } -resource "kubectl_manifest" "efa_device_plugin" { - yaml_body = <<-YAML - ${data.http.efa_device_plugin_yaml.response_body} - YAML + spec { + selector { + match_labels = { + name = "aws-efa-k8s-device-plugin" + } + } + + template { + metadata { + labels = { + name = "aws-efa-k8s-device-plugin" + } + } + + spec { + volume { + name = "device-plugin" + + host_path { + path = "/var/lib/kubelet/device-plugins" + } + } + + container { + name = "aws-efa-k8s-device-plugin" + image = "602401143452.dkr.ecr.us-west-2.amazonaws.com/eks/aws-efa-k8s-device-plugin:v0.3.3" + + volume_mount { + name = "device-plugin" + mount_path = "/var/lib/kubelet/device-plugins" + } + + image_pull_policy = "Always" + + security_context { + capabilities { + drop = ["ALL"] + } + } + } + + host_network = true + + affinity { + node_affinity { + required_during_scheduling_ignored_during_execution { + node_selector_term { + match_expressions { + key = "beta.kubernetes.io/instance-type" + operator = "In" + values = ["c5n.18xlarge", "c5n.9xlarge", "c5n.metal", "c6a.48xlarge", "c6a.metal", "c6gn.16xlarge", "c6i.32xlarge", "c6i.metal", "c6id.32xlarge", "c6id.metal", "c6in.32xlarge", "c6in.metal", "c7g.16xlarge", "c7g.metal", "c7gd.16xlarge", "c7gn.16xlarge", "c7i.48xlarge", "dl1.24xlarge", "g4dn.12xlarge", "g4dn.16xlarge", "g4dn.8xlarge", "g4dn.metal", "g5.12xlarge", "g5.16xlarge", "g5.24xlarge", "g5.48xlarge", "g5.8xlarge", "hpc7g.16xlarge", "hpc7g.4xlarge", "hpc7g.8xlarge", "i3en.12xlarge", "i3en.24xlarge", "i3en.metal", "i4g.16xlarge", "i4i.32xlarge", "i4i.metal", "im4gn.16xlarge", "inf1.24xlarge", "m5dn.24xlarge", "m5dn.metal", "m5n.24xlarge", "m5n.metal", "m5zn.12xlarge", "m5zn.metal", "m6a.48xlarge", "m6a.metal", "m6i.32xlarge", "m6i.metal", "m6id.32xlarge", "m6id.metal", "m6idn.32xlarge", "m6idn.metal", "m6in.32xlarge", "m6in.metal", "m7a.48xlarge", "m7a.metal-48xl", "m7g.16xlarge", "m7g.metal", "m7gd.16xlarge", "m7i.48xlarge", "p3dn.24xlarge", "p4d.24xlarge", "p5.48xlarge", "r5dn.24xlarge", "r5dn.metal", "r5n.24xlarge", "r5n.metal", "r6a.48xlarge", "r6a.metal", "r6i.32xlarge", "r6i.metal", "r6id.32xlarge", "r6id.metal", "r6idn.32xlarge", "r6idn.metal", "r6in.32xlarge", "r6in.metal", "r7a.48xlarge", "r7g.16xlarge", "r7g.metal", "r7gd.16xlarge", "r7iz.32xlarge", "trn1.32xlarge", "trn1n.32xlarge", "vt1.24xlarge", "x2idn.32xlarge", "x2idn.metal", "x2iedn.32xlarge", "x2iedn.metal", "x2iezn.12xlarge", "x2iezn.metal"] + } + } + + node_selector_term { + match_expressions { + key = "node.kubernetes.io/instance-type" + operator = "In" + values = ["c5n.18xlarge", "c5n.9xlarge", "c5n.metal", "c6a.48xlarge", "c6a.metal", "c6gn.16xlarge", "c6i.32xlarge", "c6i.metal", "c6id.32xlarge", "c6id.metal", "c6in.32xlarge", "c6in.metal", "c7g.16xlarge", "c7g.metal", "c7gd.16xlarge", "c7gn.16xlarge", "c7i.48xlarge", "dl1.24xlarge", "g4dn.12xlarge", "g4dn.16xlarge", "g4dn.8xlarge", "g4dn.metal", "g5.12xlarge", "g5.16xlarge", "g5.24xlarge", "g5.48xlarge", "g5.8xlarge", "hpc7g.16xlarge", "hpc7g.4xlarge", "hpc7g.8xlarge", "i3en.12xlarge", "i3en.24xlarge", "i3en.metal", "i4g.16xlarge", "i4i.32xlarge", "i4i.metal", "im4gn.16xlarge", "inf1.24xlarge", "m5dn.24xlarge", "m5dn.metal", "m5n.24xlarge", "m5n.metal", "m5zn.12xlarge", "m5zn.metal", "m6a.48xlarge", "m6a.metal", "m6i.32xlarge", "m6i.metal", "m6id.32xlarge", "m6id.metal", "m6idn.32xlarge", "m6idn.metal", "m6in.32xlarge", "m6in.metal", "m7a.48xlarge", "m7a.metal-48xl", "m7g.16xlarge", "m7g.metal", "m7gd.16xlarge", "m7i.48xlarge", "p3dn.24xlarge", "p4d.24xlarge", "p5.48xlarge", "r5dn.24xlarge", "r5dn.metal", "r5n.24xlarge", "r5n.metal", "r6a.48xlarge", "r6a.metal", "r6i.32xlarge", "r6i.metal", "r6id.32xlarge", "r6id.metal", "r6idn.32xlarge", "r6idn.metal", "r6in.32xlarge", "r6in.metal", "r7a.48xlarge", "r7g.16xlarge", "r7g.metal", "r7gd.16xlarge", "r7iz.32xlarge", "trn1.32xlarge", "trn1n.32xlarge", "vt1.24xlarge", "x2idn.32xlarge", "x2idn.metal", "x2iedn.32xlarge", "x2iedn.metal", "x2iezn.12xlarge", "x2iezn.metal"] + } + } + } + } + } + + toleration { + key = "CriticalAddonsOnly" + operator = "Exists" + } + + toleration { + key = "aws.amazon.com/efa" + operator = "Exists" + effect = "NoSchedule" + } + + priority_class_name = "system-node-critical" + } + } + + strategy { + type = "RollingUpdate" + } + } } ################################################################################ diff --git a/patterns/elastic-fabric-adapter/versions.tf b/patterns/elastic-fabric-adapter/versions.tf index d75641f32a..bea4d78d15 100644 --- a/patterns/elastic-fabric-adapter/versions.tf +++ b/patterns/elastic-fabric-adapter/versions.tf @@ -14,14 +14,6 @@ terraform { source = "hashicorp/kubernetes" version = ">= 2.20" } - kubectl = { - source = "gavinbunney/kubectl" - version = ">= 1.14" - } - http = { - source = "hashicorp/http" - version = ">= 3.3" - } } # ## Used for end-to-end testing on project; update to suit your needs From 61ed1da016a69ba7fceff42a1de5299b6d0c566d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 4 Oct 2023 08:42:57 -0400 Subject: [PATCH 12/12] chore(deps): Bump aws-actions/configure-aws-credentials from 4.0.0 to 4.0.1 (#1782) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/e2e-parallel-destroy.yml | 2 +- .github/workflows/e2e-parallel-full.yml | 6 +++--- .github/workflows/plan-examples.yml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/e2e-parallel-destroy.yml b/.github/workflows/e2e-parallel-destroy.yml index e3c38a0058..5c5f538756 100644 --- a/.github/workflows/e2e-parallel-destroy.yml +++ b/.github/workflows/e2e-parallel-destroy.yml @@ -48,7 +48,7 @@ jobs: run: sed -i "s/# //g" ${{ matrix.example_path }}/versions.tf - name: Auth AWS - uses: aws-actions/configure-aws-credentials@v4.0.0 + uses: aws-actions/configure-aws-credentials@v4.0.1 with: role-to-assume: ${{ secrets.ROLE_TO_ASSUME }} aws-region: us-west-2 diff --git a/.github/workflows/e2e-parallel-full.yml b/.github/workflows/e2e-parallel-full.yml index 3317eb38fc..815a4d68fd 100644 --- a/.github/workflows/e2e-parallel-full.yml +++ b/.github/workflows/e2e-parallel-full.yml @@ -35,7 +35,7 @@ jobs: uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Auth AWS - uses: aws-actions/configure-aws-credentials@v4.0.0 + uses: aws-actions/configure-aws-credentials@v4.0.1 with: role-to-assume: ${{ secrets.ROLE_TO_ASSUME }} aws-region: us-west-2 @@ -81,7 +81,7 @@ jobs: run: sed -i "s/# //g" ${{ matrix.example_path }}/versions.tf - name: Auth AWS - uses: aws-actions/configure-aws-credentials@v4.0.0 + uses: aws-actions/configure-aws-credentials@v4.0.1 with: role-to-assume: ${{ secrets.ROLE_TO_ASSUME }} aws-region: us-west-2 @@ -167,7 +167,7 @@ jobs: uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Configure AWS credentials from Test account - uses: aws-actions/configure-aws-credentials@v4.0.0 + uses: aws-actions/configure-aws-credentials@v4.0.1 with: role-to-assume: ${{ secrets.ROLE_TO_ASSUME }} aws-region: us-west-2 diff --git a/.github/workflows/plan-examples.yml b/.github/workflows/plan-examples.yml index 1abd797d68..9354068e52 100644 --- a/.github/workflows/plan-examples.yml +++ b/.github/workflows/plan-examples.yml @@ -88,7 +88,7 @@ jobs: - '*.tf' - name: Configure AWS credentials from Test account - uses: aws-actions/configure-aws-credentials@v4.0.0 + uses: aws-actions/configure-aws-credentials@v4.0.1 if: steps.changes.outputs.src== 'true' with: role-to-assume: ${{ secrets.ROLE_TO_ASSUME }}