From 3a2216096bda7a271dc40781b4150ac08f3f55cb Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Wed, 27 Sep 2023 10:51:24 -0400 Subject: [PATCH 01/42] first example of gitops-bridge Signed-off-by: Carlos Santana --- patterns/argocd/README.md | 117 --------- patterns/argocd/gitops-bridge/README.md | 20 ++ .../gitops-bridge/bootstrap/addons.yaml | 32 +++ .../gitops-bridge/bootstrap/workloads.yaml | 20 ++ patterns/argocd/gitops-bridge/destroy.sh | 16 ++ patterns/argocd/gitops-bridge/main.tf | 231 ++++++++++++++++++ patterns/argocd/gitops-bridge/outputs.tf | 33 +++ patterns/argocd/gitops-bridge/variables.tf | 20 ++ .../argocd/{ => gitops-bridge}/versions.tf | 16 +- patterns/argocd/main.tf | 188 -------------- patterns/argocd/outputs.tf | 4 - patterns/argocd/variables.tf | 0 12 files changed, 376 insertions(+), 321 deletions(-) delete mode 100644 patterns/argocd/README.md create mode 100644 patterns/argocd/gitops-bridge/README.md create mode 100644 patterns/argocd/gitops-bridge/bootstrap/addons.yaml create mode 100644 patterns/argocd/gitops-bridge/bootstrap/workloads.yaml create mode 100755 patterns/argocd/gitops-bridge/destroy.sh create mode 100644 patterns/argocd/gitops-bridge/main.tf create mode 100644 patterns/argocd/gitops-bridge/outputs.tf create mode 100644 patterns/argocd/gitops-bridge/variables.tf rename patterns/argocd/{ => gitops-bridge}/versions.tf (58%) delete mode 100644 patterns/argocd/main.tf delete mode 100644 patterns/argocd/outputs.tf delete mode 100644 patterns/argocd/variables.tf diff --git a/patterns/argocd/README.md b/patterns/argocd/README.md deleted file mode 100644 index 507c96553f..0000000000 --- a/patterns/argocd/README.md +++ /dev/null @@ -1,117 +0,0 @@ -# Amazon EKS Cluster w/ ArgoCD - -This pattern demonstrates an EKS cluster that uses ArgoCD for application deployments. - -- [Documentation](https://argo-cd.readthedocs.io/en/stable/) -- [EKS Blueprints Add-ons Repo](https://github.com/aws-samples/eks-blueprints-add-ons) -- [EKS Blueprints Workloads Repo](https://github.com/aws-samples/eks-blueprints-workloads) - -## Deploy - -See [here](https://aws-ia.github.io/terraform-aws-eks-blueprints/getting-started/#prerequisites) for the prerequisites and steps to deploy this pattern. - -## Validate - -1. List out the pods running currently: - - ```sh - kubectl get pods -A - ``` - - ```text - NAMESPACE NAME READY STATUS RESTARTS AGE - argo-rollouts argo-rollouts-5d47ccb8d4-854s6 1/1 Running 0 23h - argo-rollouts argo-rollouts-5d47ccb8d4-srjk9 1/1 Running 0 23h - argocd argo-cd-argocd-application-controller-0 1/1 Running 0 24h - argocd argo-cd-argocd-applicationset-controller-547f9cfd68-kp89p 1/1 Running 0 24h - argocd argo-cd-argocd-dex-server-55765f7cd7-t8r2f 1/1 Running 0 24h - argocd argo-cd-argocd-notifications-controller-657df4dbcb-p596r 1/1 Running 0 24h - argocd argo-cd-argocd-repo-server-7d4dddf886-2vmgt 1/1 Running 0 24h - argocd argo-cd-argocd-repo-server-7d4dddf886-bm7tz 1/1 Running 0 24h - argocd argo-cd-argocd-server-775ddf74b8-8jzvc 1/1 Running 0 24h - argocd argo-cd-argocd-server-775ddf74b8-z6lz6 1/1 Running 0 24h - argocd argo-cd-redis-ha-haproxy-6d7b7d4656-b8bt8 1/1 Running 0 24h - argocd argo-cd-redis-ha-haproxy-6d7b7d4656-mgjx5 1/1 Running 0 24h - argocd argo-cd-redis-ha-haproxy-6d7b7d4656-qsbgw 1/1 Running 0 24h - argocd argo-cd-redis-ha-server-0 4/4 Running 0 24h - argocd argo-cd-redis-ha-server-1 4/4 Running 0 24h - argocd argo-cd-redis-ha-server-2 4/4 Running 0 24h - cert-manager cert-manager-586ccb6656-2v8mf 1/1 Running 0 23h - cert-manager cert-manager-cainjector-99d64d795-2gwnj 1/1 Running 0 23h - cert-manager cert-manager-webhook-8d87786cb-24kww 1/1 Running 0 23h - geolocationapi geolocationapi-85599c5c74-rqqqs 2/2 Running 0 25m - geolocationapi geolocationapi-85599c5c74-whsp6 2/2 Running 0 25m - geordie downstream0-7f6ff946b6-r8sxc 1/1 Running 0 25m - geordie downstream1-64c7db6f9-rsbk5 1/1 Running 0 25m - geordie frontend-646bfb947c-wshpb 1/1 Running 0 25m - geordie redis-server-6bd7885d5d-s7rqw 1/1 Running 0 25m - geordie yelb-appserver-5d89946ffd-vkxt9 1/1 Running 0 25m - geordie yelb-db-697bd9f9d9-2t4b6 1/1 Running 0 25m - geordie yelb-ui-75ff8b96ff-fh6bw 1/1 Running 0 25m - karpenter karpenter-7b99fb785d-87k6h 1/1 Running 0 106m - karpenter karpenter-7b99fb785d-lkq9l 1/1 Running 0 106m - kube-system aws-load-balancer-controller-6cf9bdbfdf-h7bzb 1/1 Running 0 20m - kube-system aws-load-balancer-controller-6cf9bdbfdf-vfbrj 1/1 Running 0 20m - kube-system aws-node-cvjmq 1/1 Running 0 24h - kube-system aws-node-fw7zc 1/1 Running 0 24h - kube-system aws-node-l7589 1/1 Running 0 24h - kube-system aws-node-nll82 1/1 Running 0 24h - kube-system aws-node-zhz8l 1/1 Running 0 24h - kube-system coredns-7975d6fb9b-5sf7r 1/1 Running 0 24h - kube-system coredns-7975d6fb9b-k78dz 1/1 Running 0 24h - kube-system ebs-csi-controller-5cd4944c94-7jwlb 6/6 Running 0 24h - kube-system ebs-csi-controller-5cd4944c94-8tcsg 6/6 Running 0 24h - kube-system ebs-csi-node-66jmx 3/3 Running 0 24h - kube-system ebs-csi-node-b2pw4 3/3 Running 0 24h - kube-system ebs-csi-node-g4v9z 3/3 Running 0 24h - kube-system ebs-csi-node-k7nvp 3/3 Running 0 24h - kube-system ebs-csi-node-tfq9q 3/3 Running 0 24h - kube-system kube-proxy-4x8vm 1/1 Running 0 24h - kube-system kube-proxy-gtlpm 1/1 Running 0 24h - kube-system kube-proxy-vfnbf 1/1 Running 0 24h - kube-system kube-proxy-z9wdh 1/1 Running 0 24h - kube-system kube-proxy-zzx9m 1/1 Running 0 24h - kube-system metrics-server-7f4db5fd87-9n6dv 1/1 Running 0 23h - kube-system metrics-server-7f4db5fd87-t8wxg 1/1 Running 0 23h - kube-system metrics-server-7f4db5fd87-xcxlv 1/1 Running 0 23h - team-burnham burnham-66fccc4fb5-k4qtm 1/1 Running 0 25m - team-burnham burnham-66fccc4fb5-rrf4j 1/1 Running 0 25m - team-burnham burnham-66fccc4fb5-s9kbr 1/1 Running 0 25m - team-burnham nginx-7d47cfdff7-lzdjb 1/1 Running 0 25m - team-riker deployment-2048-6f7c78f959-h76rx 1/1 Running 0 25m - team-riker deployment-2048-6f7c78f959-skmrr 1/1 Running 0 25m - team-riker deployment-2048-6f7c78f959-tn9dw 1/1 Running 0 25m - team-riker guestbook-ui-c86c478bd-zg2z4 1/1 Running 0 25m - ``` - -2. Access the ArgoCD UI by running the following command: - - ```sh - kubectl port-forward svc/argo-cd-argocd-server 8080:443 -n argocd - ``` - - Then, open your browser and navigate to `https://localhost:8080/` - Username should be `admin`. - - The password will be the generated password by `random_password` resource, stored in AWS Secrets Manager. - You can easily retrieve the password by running the following command: - - ```sh - aws secretsmanager get-secret-value --secret-id --region - ``` - - Replace `` with the name of the secret name, if you haven't changed it then it should be `argocd`, also, make sure to replace `` with the region you are using. - - Pickup the the secret from the `SecretString`. - -## Destroy - -First, we need to ensure that the ArgoCD applications are properly cleaned up from the cluster, this can be achieved in multiple ways: - -- Disabling the `argocd_applications` configuration and running `terraform apply` again -- Deleting the apps using `argocd` [cli](https://argo-cd.readthedocs.io/en/stable/user-guide/app_deletion/#deletion-using-argocd) -- Deleting the apps using `kubectl` following [ArgoCD guidance](https://argo-cd.readthedocs.io/en/stable/user-guide/app_deletion/#deletion-using-kubectl) - -{% - include-markdown "../../docs/_partials/destroy.md" -%} diff --git a/patterns/argocd/gitops-bridge/README.md b/patterns/argocd/gitops-bridge/README.md new file mode 100644 index 0000000000..ab3e22f209 --- /dev/null +++ b/patterns/argocd/gitops-bridge/README.md @@ -0,0 +1,20 @@ +# ArgoCD on Amazon EKS + +This example shows how to deploy Amazon EKS with addons configured via ArgoCD + +Deploy EKS Cluster +```shell +terraform init +terraform apply +``` + +Access Terraform output to configure `kubectl` and `argocd` +```shell +terraform output +``` + +Destroy EKS Cluster +```shell +cd hub +./destroy.sh +``` diff --git a/patterns/argocd/gitops-bridge/bootstrap/addons.yaml b/patterns/argocd/gitops-bridge/bootstrap/addons.yaml new file mode 100644 index 0000000000..025359235a --- /dev/null +++ b/patterns/argocd/gitops-bridge/bootstrap/addons.yaml @@ -0,0 +1,32 @@ +apiVersion: argoproj.io/v1alpha1 +kind: ApplicationSet +metadata: + name: bootstrap-addons + namespace: argocd +spec: + syncPolicy: + preserveResourcesOnDeletion: true + generators: + - clusters: + selector: + matchExpressions: + - key: akuity.io/argo-cd-cluster-name + operator: NotIn + values: [in-cluster] + template: + metadata: + name: 'bootstrap-addons' + spec: + project: default + source: + repoURL: '{{metadata.annotations.addons_repo_url}}' + path: '{{metadata.annotations.addons_repo_basepath}}{{metadata.annotations.addons_repo_path}}' + targetRevision: '{{metadata.annotations.addons_repo_revision}}' + directory: + recurse: true + exclude: exclude/* + destination: + namespace: 'argocd' + name: '{{name}}' + syncPolicy: + automated: {} diff --git a/patterns/argocd/gitops-bridge/bootstrap/workloads.yaml b/patterns/argocd/gitops-bridge/bootstrap/workloads.yaml new file mode 100644 index 0000000000..60293af458 --- /dev/null +++ b/patterns/argocd/gitops-bridge/bootstrap/workloads.yaml @@ -0,0 +1,20 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: bootstrap-workloads + namespace: 'argocd' + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + destination: + server: https://kubernetes.default.svc + namespace: 'guestbook' + project: default + source: + path: helm-guestbook + repoURL: https://github.com/argoproj/argocd-example-apps + targetRevision: HEAD + syncPolicy: + automated: {} + syncOptions: + - CreateNamespace=true diff --git a/patterns/argocd/gitops-bridge/destroy.sh b/patterns/argocd/gitops-bridge/destroy.sh new file mode 100755 index 0000000000..195f9885a5 --- /dev/null +++ b/patterns/argocd/gitops-bridge/destroy.sh @@ -0,0 +1,16 @@ +#!/bin/bash + +set -x + +# Delete the Ingress/SVC before removing the addons +TMPFILE=$(mktemp) +terraform output -raw configure_kubectl > "$TMPFILE" +source "$TMPFILE" + +kubectl delete svc -n argocd argo-cd-argocd-server + +terraform destroy -target="module.gitops_bridge_bootstrap" -auto-approve +terraform destroy -target="module.eks_blueprints_addons" -auto-approve +terraform destroy -target="module.eks" -auto-approve +terraform destroy -target="module.vpc" -auto-approve +terraform destroy -auto-approve diff --git a/patterns/argocd/gitops-bridge/main.tf b/patterns/argocd/gitops-bridge/main.tf new file mode 100644 index 0000000000..23c18ba65d --- /dev/null +++ b/patterns/argocd/gitops-bridge/main.tf @@ -0,0 +1,231 @@ +provider "aws" { + region = local.region +} +data "aws_caller_identity" "current" {} +data "aws_availability_zones" "available" {} + +provider "helm" { + kubernetes { + host = module.eks.cluster_endpoint + cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) + + exec { + api_version = "client.authentication.k8s.io/v1beta1" + command = "aws" + # This requires the awscli to be installed locally where Terraform is executed + args = ["eks", "get-token", "--cluster-name", module.eks.cluster_name, "--region", local.region] + } + } +} + +provider "kubernetes" { + host = module.eks.cluster_endpoint + cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) + + exec { + api_version = "client.authentication.k8s.io/v1beta1" + command = "aws" + # This requires the awscli to be installed locally where Terraform is executed + args = ["eks", "get-token", "--cluster-name", module.eks.cluster_name, "--region", local.region] + } +} + +locals { + name = "ex-${replace(basename(path.cwd), "_", "-")}" + environment = "dev" + region = "us-west-2" + cluster_version = "1.27" + gitops_addons_url = "${var.gitops_addons_org}/${var.gitops_addons_repo}" + gitops_addons_basepath = var.gitops_addons_basepath + gitops_addons_path = var.gitops_addons_path + gitops_addons_revision = var.gitops_addons_revision + + aws_addons = { + #enable_cert_manager = true + #enable_aws_efs_csi_driver = true + #enable_aws_fsx_csi_driver = true + #enable_aws_cloudwatch_metrics = true + #enable_aws_privateca_issuer = true + #enable_cluster_autoscaler = true + #enable_external_dns = true + #enable_external_secrets = true + enable_aws_load_balancer_controller = true + #enable_fargate_fluentbit = true + #enable_aws_for_fluentbit = true + #enable_aws_node_termination_handler = true + #enable_karpenter = true + #enable_velero = true + #enable_aws_gateway_api_controller = true + #enable_aws_ebs_csi_resources = true # generate gp2 and gp3 storage classes for ebs-csi + #enable_aws_secrets_store_csi_driver_provider = true + } + oss_addons = { + #enable_argo_rollouts = true + #enable_argo_events = true + #enable_argo_workflows = true + #enable_cluster_proportional_autoscaler = true + #enable_gatekeeper = true + #enable_gpu_operator = true + #enable_ingress_nginx = true + #enable_kyverno = true + #enable_kube_prometheus_stack = true + enable_metrics_server = true + #enable_prometheus_adapter = true + #enable_secrets_store_csi_driver = true + #enable_vpa = true + #enable_foo = true # you can add any addon here, make sure to update the gitops repo with the corresponding application set + } + addons = merge(local.aws_addons, local.oss_addons, { kubernetes_version = local.cluster_version }, { aws_cluster_name = module.eks.cluster_name }) + + addons_metadata = merge( + module.eks_blueprints_addons.gitops_metadata, + { + aws_cluster_name = module.eks.cluster_name + aws_region = local.region + aws_account_id = data.aws_caller_identity.current.account_id + aws_vpc_id = module.vpc.vpc_id + }, + { + addons_repo_url = local.gitops_addons_url + addons_repo_basepath = local.gitops_addons_basepath + addons_repo_path = local.gitops_addons_path + addons_repo_revision = local.gitops_addons_revision + } + ) + + argocd_apps = { + addons = file("${path.module}/bootstrap/addons.yaml") + workloads = file("${path.module}/bootstrap/workloads.yaml") + } + + vpc_cidr = "10.0.0.0/16" + azs = slice(data.aws_availability_zones.available.names, 0, 3) + + tags = { + Blueprint = local.name + GithubRepo = "github.com/csantanapr/terraform-gitops-bridge" + } +} + +################################################################################ +# GitOps Bridge: Bootstrap +################################################################################ +module "gitops_bridge_bootstrap" { + source = "github.com/gitops-bridge-dev/gitops-bridge-argocd-bootstrap-terraform?ref=v2.0.0" + + cluster = { + cluster_name = module.eks.cluster_name + environment = local.environment + metadata = local.addons_metadata + addons = local.addons + } + apps = local.argocd_apps +} + +################################################################################ +# EKS Blueprints Addons +################################################################################ +module "eks_blueprints_addons" { + source = "aws-ia/eks-blueprints-addons/aws" + version = "~> 1.0" + + cluster_name = module.eks.cluster_name + cluster_endpoint = module.eks.cluster_endpoint + cluster_version = module.eks.cluster_version + oidc_provider_arn = module.eks.oidc_provider_arn + + # Using GitOps Bridge + create_kubernetes_resources = false + + # EKS Blueprints Addons + enable_cert_manager = try(local.aws_addons.enable_cert_manager, false) + enable_aws_efs_csi_driver = try(local.aws_addons.enable_aws_efs_csi_driver, false) + enable_aws_fsx_csi_driver = try(local.aws_addons.enable_aws_fsx_csi_driver, false) + enable_aws_cloudwatch_metrics = try(local.aws_addons.enable_aws_cloudwatch_metrics, false) + enable_aws_privateca_issuer = try(local.aws_addons.enable_aws_privateca_issuer, false) + enable_cluster_autoscaler = try(local.aws_addons.enable_cluster_autoscaler, false) + enable_external_dns = try(local.aws_addons.enable_external_dns, false) + enable_external_secrets = try(local.aws_addons.enable_external_secrets, false) + enable_aws_load_balancer_controller = try(local.aws_addons.enable_aws_load_balancer_controller, false) + enable_fargate_fluentbit = try(local.aws_addons.enable_fargate_fluentbit, false) + enable_aws_for_fluentbit = try(local.aws_addons.enable_aws_for_fluentbit, false) + enable_aws_node_termination_handler = try(local.aws_addons.enable_aws_node_termination_handler, false) + enable_karpenter = try(local.aws_addons.enable_karpenter, false) + enable_velero = try(local.aws_addons.enable_velero, false) + enable_aws_gateway_api_controller = try(local.aws_addons.enable_aws_gateway_api_controller, false) + + tags = local.tags +} + +################################################################################ +# EKS Cluster +################################################################################ +#tfsec:ignore:aws-eks-enable-control-plane-logging +module "eks" { + source = "terraform-aws-modules/eks/aws" + version = "~> 19.13" + + cluster_name = local.name + cluster_version = local.cluster_version + cluster_endpoint_public_access = true + + + vpc_id = module.vpc.vpc_id + subnet_ids = module.vpc.private_subnets + + eks_managed_node_groups = { + initial = { + instance_types = ["t3.medium"] + + min_size = 3 + max_size = 10 + desired_size = 3 + } + } + # EKS Addons + cluster_addons = { + vpc-cni = { + # Specify the VPC CNI addon should be deployed before compute to ensure + # the addon is configured before data plane compute resources are created + # See README for further details + before_compute = true + most_recent = true # To ensure access to the latest settings provided + configuration_values = jsonencode({ + env = { + # Reference docs https://docs.aws.amazon.com/eks/latest/userguide/cni-increase-ip-addresses.html + ENABLE_PREFIX_DELEGATION = "true" + WARM_PREFIX_TARGET = "1" + } + }) + } + } + tags = local.tags +} + +################################################################################ +# Supporting Resources +################################################################################ +module "vpc" { + source = "terraform-aws-modules/vpc/aws" + version = "~> 5.0" + + name = local.name + cidr = local.vpc_cidr + + azs = local.azs + private_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 4, k)] + public_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k + 48)] + + enable_nat_gateway = true + single_nat_gateway = true + + public_subnet_tags = { + "kubernetes.io/role/elb" = 1 + } + + private_subnet_tags = { + "kubernetes.io/role/internal-elb" = 1 + } + + tags = local.tags +} diff --git a/patterns/argocd/gitops-bridge/outputs.tf b/patterns/argocd/gitops-bridge/outputs.tf new file mode 100644 index 0000000000..2d3b6e57a1 --- /dev/null +++ b/patterns/argocd/gitops-bridge/outputs.tf @@ -0,0 +1,33 @@ +output "configure_kubectl" { + description = "Configure kubectl: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" + value = <<-EOT + export KUBECONFIG="/tmp/${module.eks.cluster_name}" + aws eks --region ${local.region} update-kubeconfig --name ${module.eks.cluster_name} + EOT +} + +output "configure_argocd" { + description = "Terminal Setup" + value = <<-EOT + export KUBECONFIG="/tmp/${module.eks.cluster_name}" + aws eks --region ${local.region} update-kubeconfig --name ${module.eks.cluster_name} + export ARGOCD_OPTS="--port-forward --port-forward-namespace argocd --grpc-web" + kubectl config set-context --current --namespace argocd + argocd login --port-forward --username admin --password $(argocd admin initial-password | head -1) + echo "ArgoCD Username: admin" + echo "ArgoCD Password: $(kubectl get secrets argocd-initial-admin-secret -n argocd --template="{{index .data.password | base64decode}}")" + echo Port Forward: http://localhost:8080 + kubectl port-forward -n argocd svc/argo-cd-argocd-server 8080:80 + EOT +} + +output "access_argocd" { + description = "ArgoCD Access" + value = <<-EOT + export KUBECONFIG="/tmp/${module.eks.cluster_name}" + aws eks --region ${local.region} update-kubeconfig --name ${module.eks.cluster_name} + echo "ArgoCD URL: https://$(kubectl get svc -n argocd argo-cd-argocd-server -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')" + echo "ArgoCD Username: admin" + echo "ArgoCD Password: $(kubectl get secrets argocd-initial-admin-secret -n argocd --template="{{index .data.password | base64decode}}")" + EOT +} diff --git a/patterns/argocd/gitops-bridge/variables.tf b/patterns/argocd/gitops-bridge/variables.tf new file mode 100644 index 0000000000..a74ce0645b --- /dev/null +++ b/patterns/argocd/gitops-bridge/variables.tf @@ -0,0 +1,20 @@ +variable "gitops_addons_org" { + description = "Git repository org/user contains for addons" + default = "https://github.com/aws-samples" +} +variable "gitops_addons_repo" { + description = "Git repository contains for addons" + default = "eks-blueprints-add-ons" +} +variable "gitops_addons_basepath" { + description = "Git repository base path for addons" + default = "argocd/" +} +variable "gitops_addons_path" { + description = "Git repository path for addons" + default = "bootstrap/control-plane/addons" +} +variable "gitops_addons_revision" { + description = "Git repository revision/branch/ref for addons" + default = "HEAD" +} diff --git a/patterns/argocd/versions.tf b/patterns/argocd/gitops-bridge/versions.tf similarity index 58% rename from patterns/argocd/versions.tf rename to patterns/argocd/gitops-bridge/versions.tf index aa00573a68..2de60d58ee 100644 --- a/patterns/argocd/versions.tf +++ b/patterns/argocd/gitops-bridge/versions.tf @@ -4,23 +4,15 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.47" + version = ">= 4.67.0" } helm = { source = "hashicorp/helm" - version = ">= 2.9" + version = ">= 2.10.1" } kubernetes = { source = "hashicorp/kubernetes" - version = ">= 2.20" - } - random = { - source = "hashicorp/random" - version = ">= 3.5" - } - bcrypt = { - source = "viktorradnai/bcrypt" - version = ">= 0.1.2" + version = "2.22.0" } } @@ -28,6 +20,6 @@ terraform { # backend "s3" { # bucket = "terraform-ssp-github-actions-state" # region = "us-west-2" - # key = "e2e/argocd/terraform.tfstate" + # key = "e2e/ipv4-prefix-delegation/terraform.tfstate" # } } diff --git a/patterns/argocd/main.tf b/patterns/argocd/main.tf deleted file mode 100644 index 20438794d4..0000000000 --- a/patterns/argocd/main.tf +++ /dev/null @@ -1,188 +0,0 @@ -provider "aws" { - region = local.region -} - -provider "kubernetes" { - host = module.eks.cluster_endpoint - cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) - - exec { - api_version = "client.authentication.k8s.io/v1beta1" - command = "aws" - # This requires the awscli to be installed locally where Terraform is executed - args = ["eks", "get-token", "--cluster-name", module.eks.cluster_name] - } -} - -provider "helm" { - kubernetes { - host = module.eks.cluster_endpoint - cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data) - - exec { - api_version = "client.authentication.k8s.io/v1beta1" - command = "aws" - # This requires the awscli to be installed locally where Terraform is executed - args = ["eks", "get-token", "--cluster-name", module.eks.cluster_name] - } - } -} - -provider "bcrypt" {} - -data "aws_availability_zones" "available" {} - -locals { - name = basename(path.cwd) - region = "us-west-2" - - vpc_cidr = "10.0.0.0/16" - azs = slice(data.aws_availability_zones.available.names, 0, 3) - - tags = { - Blueprint = local.name - GithubRepo = "github.com/aws-ia/terraform-aws-eks-blueprints" - } -} - -################################################################################ -# Cluster -################################################################################ - -module "eks" { - source = "terraform-aws-modules/eks/aws" - version = "~> 19.16" - - cluster_name = local.name - cluster_version = "1.27" - cluster_endpoint_public_access = true - - # EKS Addons - cluster_addons = { - coredns = {} - kube-proxy = {} - vpc-cni = {} - } - - vpc_id = module.vpc.vpc_id - subnet_ids = module.vpc.private_subnets - - eks_managed_node_groups = { - initial = { - instance_types = ["m5.large"] - - min_size = 3 - max_size = 10 - desired_size = 5 - } - } - - tags = local.tags -} - -################################################################################ -# EKS Blueprints Addons -################################################################################ - -module "eks_blueprints_addons" { - # Users should pin the version to the latest available release - # tflint-ignore: terraform_module_pinned_source - source = "github.com/aws-ia/terraform-aws-eks-blueprints//modules/kubernetes-addons?ref=v4.32.1" - - eks_cluster_id = module.eks.cluster_name - eks_cluster_endpoint = module.eks.cluster_endpoint - eks_cluster_version = module.eks.cluster_version - eks_oidc_provider = module.eks.oidc_provider - eks_oidc_provider_arn = module.eks.oidc_provider_arn - - enable_argocd = true - # This example shows how to set default ArgoCD Admin Password using SecretsManager with Helm Chart set_sensitive values. - argocd_helm_config = { - set_sensitive = [ - { - name = "configs.secret.argocdServerAdminPassword" - value = bcrypt_hash.argo.id - } - ] - } - - argocd_manage_add_ons = true # Indicates that ArgoCD is responsible for managing/deploying add-ons - argocd_applications = { - addons = { - path = "chart" - repo_url = "https://github.com/aws-samples/eks-blueprints-add-ons.git" - add_on_application = true - } - workloads = { - path = "envs/dev" - repo_url = "https://github.com/aws-samples/eks-blueprints-workloads.git" - add_on_application = false - } - } - - # Add-ons - enable_amazon_eks_aws_ebs_csi_driver = true - enable_aws_load_balancer_controller = true - enable_cert_manager = true - enable_karpenter = true - enable_metrics_server = true - enable_argo_rollouts = true - - tags = local.tags -} - -#--------------------------------------------------------------- -# ArgoCD Admin Password credentials with Secrets Manager -# Login to AWS Secrets manager with the same role as Terraform to extract the ArgoCD admin password with the secret name as "argocd" -#--------------------------------------------------------------- -resource "random_password" "argocd" { - length = 16 - special = true - override_special = "!#$%&*()-_=+[]{}<>:?" -} - -# Argo requires the password to be bcrypt, we use custom provider of bcrypt, -# as the default bcrypt function generates diff for each terraform plan -resource "bcrypt_hash" "argo" { - cleartext = random_password.argocd.result -} - -#tfsec:ignore:aws-ssm-secret-use-customer-key -resource "aws_secretsmanager_secret" "argocd" { - name = "argocd" - recovery_window_in_days = 0 # Set to zero for this example to force delete during Terraform destroy -} - -resource "aws_secretsmanager_secret_version" "argocd" { - secret_id = aws_secretsmanager_secret.argocd.id - secret_string = random_password.argocd.result -} - -################################################################################ -# Supporting Resources -################################################################################ - -module "vpc" { - source = "terraform-aws-modules/vpc/aws" - version = "~> 5.0" - - name = local.name - cidr = local.vpc_cidr - - azs = local.azs - private_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 4, k)] - public_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k + 48)] - - enable_nat_gateway = true - single_nat_gateway = true - - public_subnet_tags = { - "kubernetes.io/role/elb" = 1 - } - - private_subnet_tags = { - "kubernetes.io/role/internal-elb" = 1 - } - - tags = local.tags -} diff --git a/patterns/argocd/outputs.tf b/patterns/argocd/outputs.tf deleted file mode 100644 index d79912bf44..0000000000 --- a/patterns/argocd/outputs.tf +++ /dev/null @@ -1,4 +0,0 @@ -output "configure_kubectl" { - description = "Configure kubectl: make sure you're logged in with the correct AWS profile and run the following command to update your kubeconfig" - value = "aws eks update-kubeconfig --name ${module.eks.cluster_name} --alias ${module.eks.cluster_name}" -} diff --git a/patterns/argocd/variables.tf b/patterns/argocd/variables.tf deleted file mode 100644 index e69de29bb2..0000000000 From b465514329f88e8f646ffcdec7228363b4e422c0 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Thu, 26 Oct 2023 23:41:24 -0400 Subject: [PATCH 02/42] refactor Signed-off-by: Carlos Santana --- .../gitops-bridge/bootstrap/workloads.yaml | 20 ---- patterns/argocd/gitops-bridge/variables.tf | 20 ---- .../getting-started-argocd}/README.md | 0 .../bootstrap/addons.yaml | 16 +-- .../bootstrap/workloads.yaml | 31 +++++ .../getting-started-argocd}/destroy.sh | 0 .../getting-started-argocd}/main.tf | 108 +++++++++++------- .../getting-started-argocd}/outputs.tf | 0 .../getting-started-argocd/variables.tf | 81 +++++++++++++ .../getting-started-argocd}/versions.tf | 0 10 files changed, 184 insertions(+), 92 deletions(-) delete mode 100644 patterns/argocd/gitops-bridge/bootstrap/workloads.yaml delete mode 100644 patterns/argocd/gitops-bridge/variables.tf rename patterns/{argocd/gitops-bridge => gitops/getting-started-argocd}/README.md (100%) rename patterns/{argocd/gitops-bridge => gitops/getting-started-argocd}/bootstrap/addons.yaml (62%) create mode 100644 patterns/gitops/getting-started-argocd/bootstrap/workloads.yaml rename patterns/{argocd/gitops-bridge => gitops/getting-started-argocd}/destroy.sh (100%) rename patterns/{argocd/gitops-bridge => gitops/getting-started-argocd}/main.tf (57%) rename patterns/{argocd/gitops-bridge => gitops/getting-started-argocd}/outputs.tf (100%) create mode 100644 patterns/gitops/getting-started-argocd/variables.tf rename patterns/{argocd/gitops-bridge => gitops/getting-started-argocd}/versions.tf (100%) diff --git a/patterns/argocd/gitops-bridge/bootstrap/workloads.yaml b/patterns/argocd/gitops-bridge/bootstrap/workloads.yaml deleted file mode 100644 index 60293af458..0000000000 --- a/patterns/argocd/gitops-bridge/bootstrap/workloads.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: bootstrap-workloads - namespace: 'argocd' - finalizers: - - resources-finalizer.argocd.argoproj.io -spec: - destination: - server: https://kubernetes.default.svc - namespace: 'guestbook' - project: default - source: - path: helm-guestbook - repoURL: https://github.com/argoproj/argocd-example-apps - targetRevision: HEAD - syncPolicy: - automated: {} - syncOptions: - - CreateNamespace=true diff --git a/patterns/argocd/gitops-bridge/variables.tf b/patterns/argocd/gitops-bridge/variables.tf deleted file mode 100644 index a74ce0645b..0000000000 --- a/patterns/argocd/gitops-bridge/variables.tf +++ /dev/null @@ -1,20 +0,0 @@ -variable "gitops_addons_org" { - description = "Git repository org/user contains for addons" - default = "https://github.com/aws-samples" -} -variable "gitops_addons_repo" { - description = "Git repository contains for addons" - default = "eks-blueprints-add-ons" -} -variable "gitops_addons_basepath" { - description = "Git repository base path for addons" - default = "argocd/" -} -variable "gitops_addons_path" { - description = "Git repository path for addons" - default = "bootstrap/control-plane/addons" -} -variable "gitops_addons_revision" { - description = "Git repository revision/branch/ref for addons" - default = "HEAD" -} diff --git a/patterns/argocd/gitops-bridge/README.md b/patterns/gitops/getting-started-argocd/README.md similarity index 100% rename from patterns/argocd/gitops-bridge/README.md rename to patterns/gitops/getting-started-argocd/README.md diff --git a/patterns/argocd/gitops-bridge/bootstrap/addons.yaml b/patterns/gitops/getting-started-argocd/bootstrap/addons.yaml similarity index 62% rename from patterns/argocd/gitops-bridge/bootstrap/addons.yaml rename to patterns/gitops/getting-started-argocd/bootstrap/addons.yaml index 025359235a..6276ebc659 100644 --- a/patterns/argocd/gitops-bridge/bootstrap/addons.yaml +++ b/patterns/gitops/getting-started-argocd/bootstrap/addons.yaml @@ -1,32 +1,24 @@ apiVersion: argoproj.io/v1alpha1 kind: ApplicationSet metadata: - name: bootstrap-addons + name: cluster-addons namespace: argocd spec: syncPolicy: preserveResourcesOnDeletion: true generators: - - clusters: - selector: - matchExpressions: - - key: akuity.io/argo-cd-cluster-name - operator: NotIn - values: [in-cluster] + - clusters: {} template: metadata: - name: 'bootstrap-addons' + name: spec: project: default source: repoURL: '{{metadata.annotations.addons_repo_url}}' path: '{{metadata.annotations.addons_repo_basepath}}{{metadata.annotations.addons_repo_path}}' targetRevision: '{{metadata.annotations.addons_repo_revision}}' - directory: - recurse: true - exclude: exclude/* destination: - namespace: 'argocd' + namespace: argocd name: '{{name}}' syncPolicy: automated: {} diff --git a/patterns/gitops/getting-started-argocd/bootstrap/workloads.yaml b/patterns/gitops/getting-started-argocd/bootstrap/workloads.yaml new file mode 100644 index 0000000000..b1d105ba3e --- /dev/null +++ b/patterns/gitops/getting-started-argocd/bootstrap/workloads.yaml @@ -0,0 +1,31 @@ +apiVersion: argoproj.io/v1alpha1 +kind: ApplicationSet +metadata: + name: workloads + namespace: argocd +spec: + syncPolicy: + preserveResourcesOnDeletion: true + generators: + - clusters: {} + template: + metadata: + name: 'cluster-addons' + spec: + project: default + source: + repoURL: '{{metadata.annotations.workload_repo_url}}' + path: '{{metadata.annotations.workload_repo_basepath}}{{metadata.annotations.workload_repo_path}}' + targetRevision: '{{metadata.annotations.workload_repo_revision}}' + destination: + namespace: 'argocd' + name: '{{name}}' + syncPolicy: + automated: + allowEmpty: true + syncOptions: + - CreateNamespace=true + retry: + backoff: + duration: 1m + limit: 60 diff --git a/patterns/argocd/gitops-bridge/destroy.sh b/patterns/gitops/getting-started-argocd/destroy.sh similarity index 100% rename from patterns/argocd/gitops-bridge/destroy.sh rename to patterns/gitops/getting-started-argocd/destroy.sh diff --git a/patterns/argocd/gitops-bridge/main.tf b/patterns/gitops/getting-started-argocd/main.tf similarity index 57% rename from patterns/argocd/gitops-bridge/main.tf rename to patterns/gitops/getting-started-argocd/main.tf index 23c18ba65d..f47455a7aa 100644 --- a/patterns/argocd/gitops-bridge/main.tf +++ b/patterns/gitops/getting-started-argocd/main.tf @@ -31,51 +31,73 @@ provider "kubernetes" { } locals { - name = "ex-${replace(basename(path.cwd), "_", "-")}" - environment = "dev" - region = "us-west-2" - cluster_version = "1.27" + name = "getting-started-gitops" + environment = var.environment + region = var.region + cluster_version = var.kubernetes_version + vpc_cidr = var.vpc_cidr + gitops_addons_url = "${var.gitops_addons_org}/${var.gitops_addons_repo}" gitops_addons_basepath = var.gitops_addons_basepath gitops_addons_path = var.gitops_addons_path gitops_addons_revision = var.gitops_addons_revision + gitops_workload_url = "${var.gitops_workload_org}/${var.gitops_workload_repo}" + gitops_workload_basepath = var.gitops_workload_basepath + gitops_workload_path = var.gitops_workload_path + gitops_workload_revision = var.gitops_workload_revision + + aws_addons = { - #enable_cert_manager = true - #enable_aws_efs_csi_driver = true - #enable_aws_fsx_csi_driver = true - #enable_aws_cloudwatch_metrics = true - #enable_aws_privateca_issuer = true - #enable_cluster_autoscaler = true - #enable_external_dns = true - #enable_external_secrets = true - enable_aws_load_balancer_controller = true - #enable_fargate_fluentbit = true - #enable_aws_for_fluentbit = true - #enable_aws_node_termination_handler = true - #enable_karpenter = true - #enable_velero = true - #enable_aws_gateway_api_controller = true - #enable_aws_ebs_csi_resources = true # generate gp2 and gp3 storage classes for ebs-csi - #enable_aws_secrets_store_csi_driver_provider = true + enable_cert_manager = try(var.addons.enable_cert_manager, false) + enable_aws_efs_csi_driver = try(var.addons.enable_aws_efs_csi_driver, false) + enable_aws_fsx_csi_driver = try(var.addons.enable_aws_fsx_csi_driver, false) + enable_aws_cloudwatch_metrics = try(var.addons.enable_aws_cloudwatch_metrics, false) + enable_aws_privateca_issuer = try(var.addons.enable_aws_privateca_issuer, false) + enable_cluster_autoscaler = try(var.addons.enable_cluster_autoscaler, false) + enable_external_dns = try(var.addons.enable_external_dns, false) + enable_external_secrets = try(var.addons.enable_external_secrets, false) + enable_aws_load_balancer_controller = try(var.addons.enable_aws_load_balancer_controller, false) + enable_fargate_fluentbit = try(var.addons.enable_fargate_fluentbit, false) + enable_aws_for_fluentbit = try(var.addons.enable_aws_for_fluentbit, false) + enable_aws_node_termination_handler = try(var.addons.enable_aws_node_termination_handler, false) + enable_karpenter = try(var.addons.enable_karpenter, false) + enable_velero = try(var.addons.enable_velero, false) + enable_aws_gateway_api_controller = try(var.addons.enable_aws_gateway_api_controller, false) + enable_aws_ebs_csi_resources = try(var.addons.enable_aws_ebs_csi_resources, false) + enable_aws_secrets_store_csi_driver_provider = try(var.addons.enable_aws_secrets_store_csi_driver_provider, false) + enable_ack_apigatewayv2 = try(var.addons.enable_ack_apigatewayv2, false) + enable_ack_dynamodb = try(var.addons.enable_ack_dynamodb, false) + enable_ack_s3 = try(var.addons.enable_ack_s3, false) + enable_ack_rds = try(var.addons.enable_ack_rds, false) + enable_ack_prometheusservice = try(var.addons.enable_ack_prometheusservice, false) + enable_ack_emrcontainers = try(var.addons.enable_ack_emrcontainers, false) + enable_ack_sfn = try(var.addons.enable_ack_sfn, false) + enable_ack_eventbridge = try(var.addons.enable_ack_eventbridge, false) } oss_addons = { - #enable_argo_rollouts = true - #enable_argo_events = true - #enable_argo_workflows = true - #enable_cluster_proportional_autoscaler = true - #enable_gatekeeper = true - #enable_gpu_operator = true - #enable_ingress_nginx = true - #enable_kyverno = true - #enable_kube_prometheus_stack = true - enable_metrics_server = true - #enable_prometheus_adapter = true - #enable_secrets_store_csi_driver = true - #enable_vpa = true - #enable_foo = true # you can add any addon here, make sure to update the gitops repo with the corresponding application set + enable_argocd = try(var.addons.enable_argocd, false) + enable_argo_rollouts = try(var.addons.enable_argo_rollouts, false) + enable_argo_events = try(var.addons.enable_argo_events, false) + enable_argo_workflows = try(var.addons.enable_argo_workflows, false) + enable_cluster_proportional_autoscaler = try(var.addons.enable_cluster_proportional_autoscaler, false) + enable_gatekeeper = try(var.addons.enable_gatekeeper, false) + enable_gpu_operator = try(var.addons.enable_gpu_operator, false) + enable_ingress_nginx = try(var.addons.enable_ingress_nginx, false) + enable_kyverno = try(var.addons.enable_kyverno, false) + enable_kube_prometheus_stack = try(var.addons.enable_kube_prometheus_stack, false) + enable_metrics_server = try(var.addons.enable_metrics_server, false) + enable_prometheus_adapter = try(var.addons.enable_prometheus_adapter, false) + enable_secrets_store_csi_driver = try(var.addons.enable_secrets_store_csi_driver, false) + enable_vpa = try(var.addons.enable_vpa, false) } - addons = merge(local.aws_addons, local.oss_addons, { kubernetes_version = local.cluster_version }, { aws_cluster_name = module.eks.cluster_name }) + addons = merge( + local.aws_addons, + local.oss_addons, + { kubernetes_version = local.cluster_version }, + { aws_cluster_name = module.eks.cluster_name }, + { workloads = "true" } + ) addons_metadata = merge( module.eks_blueprints_addons.gitops_metadata, @@ -90,16 +112,22 @@ locals { addons_repo_basepath = local.gitops_addons_basepath addons_repo_path = local.gitops_addons_path addons_repo_revision = local.gitops_addons_revision + }, + { + workload_repo_url = local.gitops_workload_url + workload_repo_basepath = local.gitops_workload_basepath + workload_repo_path = local.gitops_workload_path + workload_repo_revision = local.gitops_workload_revision } ) argocd_apps = { - addons = file("${path.module}/bootstrap/addons.yaml") - workloads = file("${path.module}/bootstrap/workloads.yaml") + # Uncomment to deploy GitOps bootstrap from Terraform, instead of kubectl (Recommended) + # addons = file("${path.module}/bootstrap/addons.yaml") + # workloads = file("${path.module}/bootstrap/workloads.yaml") } - vpc_cidr = "10.0.0.0/16" - azs = slice(data.aws_availability_zones.available.names, 0, 3) + azs = slice(data.aws_availability_zones.available.names, 0, 3) tags = { Blueprint = local.name diff --git a/patterns/argocd/gitops-bridge/outputs.tf b/patterns/gitops/getting-started-argocd/outputs.tf similarity index 100% rename from patterns/argocd/gitops-bridge/outputs.tf rename to patterns/gitops/getting-started-argocd/outputs.tf diff --git a/patterns/gitops/getting-started-argocd/variables.tf b/patterns/gitops/getting-started-argocd/variables.tf new file mode 100644 index 0000000000..53b75b5731 --- /dev/null +++ b/patterns/gitops/getting-started-argocd/variables.tf @@ -0,0 +1,81 @@ +variable "vpc_cidr" { + description = "VPC CIDR" + type = string + default = "10.0.0.0/16" +} +variable "region" { + description = "AWS region" + type = string + default = "us-west-2" +} +variable "kubernetes_version" { + description = "Kubernetes version" + type = string +} +variable "environment" { + description = "Kubernetes environment" + type = string + default = "dev" +} +variable "addons" { + description = "Kubernetes addons" + type = any + default = { + enable_aws_load_balancer_controller = true + enable_metrics_server = true + } +} +# Addons Git +variable "gitops_addons_org" { + description = "Git repository org/user contains for addons" + type = string + default = "https://github.com/aws-samples" +} +variable "gitops_addons_repo" { + description = "Git repository contains for addons" + type = string + default = "eks-blueprints-add-ons" +} +variable "gitops_addons_revision" { + description = "Git repository revision/branch/ref for addons" + type = string + default = "main" +} +variable "gitops_addons_basepath" { + description = "Git repository base path for addons" + type = string + default = "argocd/" +} +variable "gitops_addons_path" { + description = "Git repository path for addons" + type = string + default = "bootstrap/control-plane/addons" +} + +# Workload Git +# TODO: Replace values from fork to upstream +variable "gitops_workload_org" { + description = "Git repository org/user contains for workload" + type = string + default = "https://github.com/csantanapr" +} +variable "gitops_workload_repo" { + description = "Git repository contains for workload" + type = string + default = "terraform-aws-eks-blueprints" +} +variable "gitops_workload_revision" { + description = "Git repository revision/branch/ref for workload" + type = string + default = "gitops-bridge-1st-example" +} +variable "gitops_workload_basepath" { + description = "Git repository base path for workload" + type = string + default = "patterns/gitops/" +} +variable "gitops_workload_path" { + description = "Git repository path for workload" + type = string + default = "getting-started-argocd/k8s" +} diff --git a/patterns/argocd/gitops-bridge/versions.tf b/patterns/gitops/getting-started-argocd/versions.tf similarity index 100% rename from patterns/argocd/gitops-bridge/versions.tf rename to patterns/gitops/getting-started-argocd/versions.tf From cdf1ebfa1526aa58e4f4d2303660fd661b9a417c Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Thu, 26 Oct 2023 23:58:50 -0400 Subject: [PATCH 03/42] add game Signed-off-by: Carlos Santana --- .../bootstrap/addons.yaml | 4 +- .../bootstrap/workloads.yaml | 7 +- .../getting-started-argocd/k8s/game-2048.yaml | 66 +++++++++++++++++++ 3 files changed, 73 insertions(+), 4 deletions(-) create mode 100644 patterns/gitops/getting-started-argocd/k8s/game-2048.yaml diff --git a/patterns/gitops/getting-started-argocd/bootstrap/addons.yaml b/patterns/gitops/getting-started-argocd/bootstrap/addons.yaml index 6276ebc659..286d49c696 100644 --- a/patterns/gitops/getting-started-argocd/bootstrap/addons.yaml +++ b/patterns/gitops/getting-started-argocd/bootstrap/addons.yaml @@ -5,12 +5,12 @@ metadata: namespace: argocd spec: syncPolicy: - preserveResourcesOnDeletion: true + preserveResourcesOnDeletion: false generators: - clusters: {} template: metadata: - name: + name: cluster-addons spec: project: default source: diff --git a/patterns/gitops/getting-started-argocd/bootstrap/workloads.yaml b/patterns/gitops/getting-started-argocd/bootstrap/workloads.yaml index b1d105ba3e..7ae1fe43d0 100644 --- a/patterns/gitops/getting-started-argocd/bootstrap/workloads.yaml +++ b/patterns/gitops/getting-started-argocd/bootstrap/workloads.yaml @@ -10,7 +10,11 @@ spec: - clusters: {} template: metadata: - name: 'cluster-addons' + name: workload + finalizers: + # This finalizer is for demo purposes, in production remove apps using argocd CLI "argocd app delete workload --cascade" + # When you invoke argocd app delete with --cascade, the finalizer is added automatically. + - resources-finalizer.argocd.argoproj.io spec: project: default source: @@ -18,7 +22,6 @@ spec: path: '{{metadata.annotations.workload_repo_basepath}}{{metadata.annotations.workload_repo_path}}' targetRevision: '{{metadata.annotations.workload_repo_revision}}' destination: - namespace: 'argocd' name: '{{name}}' syncPolicy: automated: diff --git a/patterns/gitops/getting-started-argocd/k8s/game-2048.yaml b/patterns/gitops/getting-started-argocd/k8s/game-2048.yaml new file mode 100644 index 0000000000..0b2a860582 --- /dev/null +++ b/patterns/gitops/getting-started-argocd/k8s/game-2048.yaml @@ -0,0 +1,66 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: game-2048 +spec: {} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + namespace: game-2048 + name: deployment-2048 +spec: + selector: + matchLabels: + app.kubernetes.io/name: app-2048 + template: + metadata: + labels: + app.kubernetes.io/name: app-2048 + spec: + containers: + - image: public.ecr.aws/l6m2t8p7/docker-2048 + name: app-2048 + ports: + - containerPort: 80 + name: http +--- +apiVersion: v1 +kind: Service +metadata: + namespace: game-2048 + name: service-2048 +spec: + ports: + - name: http + port: 80 + targetPort: http + protocol: TCP + type: ClusterIP + selector: + app.kubernetes.io/name: app-2048 +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + namespace: game-2048 + name: ingress-2048 + annotations: + alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]' + alb.ingress.kubernetes.io/scheme: internet-facing + alb.ingress.kubernetes.io/ssl-redirect: '443' + alb.ingress.kubernetes.io/target-type: ip +spec: + ingressClassName: alb + rules: + - http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: service-2048 + port: + number: 80 + tls: + - hosts: [] \ No newline at end of file From 02d63f851952f18c28a0f45d544564d6d36953da Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Fri, 27 Oct 2023 00:38:25 -0400 Subject: [PATCH 04/42] fix ingress Signed-off-by: Carlos Santana --- .../gitops/getting-started-argocd/README.md | 45 +++++++++++++++++-- .../bootstrap/addons.yaml | 2 + .../bootstrap/workloads.yaml | 2 +- .../gitops/getting-started-argocd/destroy.sh | 19 +++++--- .../getting-started-argocd/k8s/game-2048.yaml | 6 +-- .../gitops/getting-started-argocd/main.tf | 2 +- .../getting-started-argocd/variables.tf | 1 + 7 files changed, 62 insertions(+), 15 deletions(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index ab3e22f209..083adf2565 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -8,13 +8,52 @@ terraform init terraform apply ``` -Access Terraform output to configure `kubectl` and `argocd` +Get `kubectl` config, and run the output ```shell -terraform output +terraform output -raw configure_kubectl +``` + +Deploy Addons using ArgoCD +```shell +kubectl apply -f bootstrap/addons.yaml +``` +Verify Addons are ready +```shell +kubectl get applications -n argocd \ + addon-getting-started-gitops-aws-load-balancer-controller \ + addon-getting-started-gitops-metrics-server +kubectl get deployment -n kube-system \ + aws-load-balancer-controller \ + metrics-server +``` + +Get ArgoCD UI and CLI access configuration, and run the output in a new terminal window +```shell +terraform output -raw configure_argocd +``` + +Deploy Sample Application +```shell +kubectl apply -f bootstrap/workloads.yaml +``` +Verify Application is ready +```shell +kubectl get -n argocd applications workloads +kubectl get -n game-2048 deployments +kubectl get -n game-2048 deployments +kubectl get -n game-2048 ingress +``` + +Get the Ingress URL for the Application +```shell +kubectl get ingress +``` +Verify Application on the Browser or Terminal +```shell +curl ... ``` Destroy EKS Cluster ```shell -cd hub ./destroy.sh ``` diff --git a/patterns/gitops/getting-started-argocd/bootstrap/addons.yaml b/patterns/gitops/getting-started-argocd/bootstrap/addons.yaml index 286d49c696..58bd8c2344 100644 --- a/patterns/gitops/getting-started-argocd/bootstrap/addons.yaml +++ b/patterns/gitops/getting-started-argocd/bootstrap/addons.yaml @@ -17,6 +17,8 @@ spec: repoURL: '{{metadata.annotations.addons_repo_url}}' path: '{{metadata.annotations.addons_repo_basepath}}{{metadata.annotations.addons_repo_path}}' targetRevision: '{{metadata.annotations.addons_repo_revision}}' + directory: + recurse: true destination: namespace: argocd name: '{{name}}' diff --git a/patterns/gitops/getting-started-argocd/bootstrap/workloads.yaml b/patterns/gitops/getting-started-argocd/bootstrap/workloads.yaml index 7ae1fe43d0..8c883ea346 100644 --- a/patterns/gitops/getting-started-argocd/bootstrap/workloads.yaml +++ b/patterns/gitops/getting-started-argocd/bootstrap/workloads.yaml @@ -10,7 +10,7 @@ spec: - clusters: {} template: metadata: - name: workload + name: workloads finalizers: # This finalizer is for demo purposes, in production remove apps using argocd CLI "argocd app delete workload --cascade" # When you invoke argocd app delete with --cascade, the finalizer is added automatically. diff --git a/patterns/gitops/getting-started-argocd/destroy.sh b/patterns/gitops/getting-started-argocd/destroy.sh index 195f9885a5..9fae53e59c 100755 --- a/patterns/gitops/getting-started-argocd/destroy.sh +++ b/patterns/gitops/getting-started-argocd/destroy.sh @@ -1,13 +1,22 @@ #!/bin/bash -set -x +set -euo pipefail + +SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" +ROOTDIR="$(cd ${SCRIPTDIR}/../..; pwd )" +[[ -n "${DEBUG:-}" ]] && set -x # Delete the Ingress/SVC before removing the addons TMPFILE=$(mktemp) -terraform output -raw configure_kubectl > "$TMPFILE" -source "$TMPFILE" - -kubectl delete svc -n argocd argo-cd-argocd-server +terraform -chdir=$SCRIPTDIR output -raw configure_kubectl > "$TMPFILE" +# check if TMPFILE contains the string "No outputs found" +if [[ ! $(cat $TMPFILE) == *"No outputs found"* ]]; then + source "$TMPFILE" + kubectl delete -n argocd applicationset workloads + kubectl delete -n argocd applicationset cluster-addons + kubectl delete -n argocd application addon-dev-argo-cd + kubectl delete -n argocd svc argo-cd-argocd-server +fi terraform destroy -target="module.gitops_bridge_bootstrap" -auto-approve terraform destroy -target="module.eks_blueprints_addons" -auto-approve diff --git a/patterns/gitops/getting-started-argocd/k8s/game-2048.yaml b/patterns/gitops/getting-started-argocd/k8s/game-2048.yaml index 0b2a860582..3dea1dd872 100644 --- a/patterns/gitops/getting-started-argocd/k8s/game-2048.yaml +++ b/patterns/gitops/getting-started-argocd/k8s/game-2048.yaml @@ -46,9 +46,7 @@ metadata: namespace: game-2048 name: ingress-2048 annotations: - alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]' alb.ingress.kubernetes.io/scheme: internet-facing - alb.ingress.kubernetes.io/ssl-redirect: '443' alb.ingress.kubernetes.io/target-type: ip spec: ingressClassName: alb @@ -61,6 +59,4 @@ spec: service: name: service-2048 port: - number: 80 - tls: - - hosts: [] \ No newline at end of file + name: http \ No newline at end of file diff --git a/patterns/gitops/getting-started-argocd/main.tf b/patterns/gitops/getting-started-argocd/main.tf index f47455a7aa..e189be2165 100644 --- a/patterns/gitops/getting-started-argocd/main.tf +++ b/patterns/gitops/getting-started-argocd/main.tf @@ -76,7 +76,7 @@ locals { enable_ack_eventbridge = try(var.addons.enable_ack_eventbridge, false) } oss_addons = { - enable_argocd = try(var.addons.enable_argocd, false) + enable_argocd = try(var.addons.enable_argocd, true) enable_argo_rollouts = try(var.addons.enable_argo_rollouts, false) enable_argo_events = try(var.addons.enable_argo_events, false) enable_argo_workflows = try(var.addons.enable_argo_workflows, false) diff --git a/patterns/gitops/getting-started-argocd/variables.tf b/patterns/gitops/getting-started-argocd/variables.tf index 53b75b5731..c2b31f65e2 100644 --- a/patterns/gitops/getting-started-argocd/variables.tf +++ b/patterns/gitops/getting-started-argocd/variables.tf @@ -11,6 +11,7 @@ variable "region" { variable "kubernetes_version" { description = "Kubernetes version" type = string + default = "1.28" } variable "environment" { description = "Kubernetes environment" From 1b181faf8052acbc87b42dac3fd5391698f4c8f7 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Fri, 27 Oct 2023 00:59:40 -0400 Subject: [PATCH 05/42] update game names Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/README.md | 8 ++++---- .../getting-started-argocd/k8s/game-2048.yaml | 16 ++++++++-------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index 083adf2565..d0cd0db8c9 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -5,7 +5,7 @@ This example shows how to deploy Amazon EKS with addons configured via ArgoCD Deploy EKS Cluster ```shell terraform init -terraform apply +terraform apply -auto-approve ``` Get `kubectl` config, and run the output @@ -46,11 +46,11 @@ kubectl get -n game-2048 ingress Get the Ingress URL for the Application ```shell -kubectl get ingress +echo "Application URL: http://$(kubectl get -n game-2048 ingress ingress-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')" ``` -Verify Application on the Browser or Terminal +Verify Application from Terminal ```shell -curl ... +curl -I $(kubectl get -n game-2048 ingress ingress-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}') ``` Destroy EKS Cluster diff --git a/patterns/gitops/getting-started-argocd/k8s/game-2048.yaml b/patterns/gitops/getting-started-argocd/k8s/game-2048.yaml index 3dea1dd872..44e2d12e50 100644 --- a/patterns/gitops/getting-started-argocd/k8s/game-2048.yaml +++ b/patterns/gitops/getting-started-argocd/k8s/game-2048.yaml @@ -8,19 +8,19 @@ apiVersion: apps/v1 kind: Deployment metadata: namespace: game-2048 - name: deployment-2048 + name: game-2048 spec: selector: matchLabels: - app.kubernetes.io/name: app-2048 + app.kubernetes.io/name: game-2048 template: metadata: labels: - app.kubernetes.io/name: app-2048 + app.kubernetes.io/name: game-2048 spec: containers: - image: public.ecr.aws/l6m2t8p7/docker-2048 - name: app-2048 + name: game-2048 ports: - containerPort: 80 name: http @@ -29,7 +29,7 @@ apiVersion: v1 kind: Service metadata: namespace: game-2048 - name: service-2048 + name: game-2048 spec: ports: - name: http @@ -38,13 +38,13 @@ spec: protocol: TCP type: ClusterIP selector: - app.kubernetes.io/name: app-2048 + app.kubernetes.io/name: game-2048 --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: namespace: game-2048 - name: ingress-2048 + name: game-2048 annotations: alb.ingress.kubernetes.io/scheme: internet-facing alb.ingress.kubernetes.io/target-type: ip @@ -57,6 +57,6 @@ spec: pathType: Prefix backend: service: - name: service-2048 + name: game-2048 port: name: http \ No newline at end of file From 00e361c1ee5fc64ead71039d0ac83bc4e99ab81c Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Fri, 27 Oct 2023 01:21:32 -0400 Subject: [PATCH 06/42] preserve the resources Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/README.md | 12 ++++++++---- .../getting-started-argocd/bootstrap/addons.yaml | 2 +- patterns/gitops/getting-started-argocd/destroy.sh | 4 +++- 3 files changed, 12 insertions(+), 6 deletions(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index d0cd0db8c9..758b9db048 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -21,7 +21,9 @@ Verify Addons are ready ```shell kubectl get applications -n argocd \ addon-getting-started-gitops-aws-load-balancer-controller \ - addon-getting-started-gitops-metrics-server + addon-getting-started-gitops-metrics-server \ + addon-getting-started-gitops-argo-cd +kubectl get sts -n argocd kubectl get deployment -n kube-system \ aws-load-balancer-controller \ metrics-server @@ -44,15 +46,17 @@ kubectl get -n game-2048 deployments kubectl get -n game-2048 ingress ``` -Get the Ingress URL for the Application +Get the Ingress URL for the Application (You need to wait 2 minutes for Load Balancer to be created) ```shell -echo "Application URL: http://$(kubectl get -n game-2048 ingress ingress-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')" +echo "Application URL: http://$(kubectl get -n game-2048 ingress game-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')" ``` + Verify Application from Terminal ```shell -curl -I $(kubectl get -n game-2048 ingress ingress-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}') +curl -I $(kubectl get -n game-2048 ingress game-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}') ``` + Destroy EKS Cluster ```shell ./destroy.sh diff --git a/patterns/gitops/getting-started-argocd/bootstrap/addons.yaml b/patterns/gitops/getting-started-argocd/bootstrap/addons.yaml index 58bd8c2344..e867a1c878 100644 --- a/patterns/gitops/getting-started-argocd/bootstrap/addons.yaml +++ b/patterns/gitops/getting-started-argocd/bootstrap/addons.yaml @@ -5,7 +5,7 @@ metadata: namespace: argocd spec: syncPolicy: - preserveResourcesOnDeletion: false + preserveResourcesOnDeletion: true generators: - clusters: {} template: diff --git a/patterns/gitops/getting-started-argocd/destroy.sh b/patterns/gitops/getting-started-argocd/destroy.sh index 9fae53e59c..b2a3d8b32b 100755 --- a/patterns/gitops/getting-started-argocd/destroy.sh +++ b/patterns/gitops/getting-started-argocd/destroy.sh @@ -13,8 +13,10 @@ terraform -chdir=$SCRIPTDIR output -raw configure_kubectl > "$TMPFILE" if [[ ! $(cat $TMPFILE) == *"No outputs found"* ]]; then source "$TMPFILE" kubectl delete -n argocd applicationset workloads + echo "Waiting for ingress and load balancer to be deleted" + sleep 240 kubectl delete -n argocd applicationset cluster-addons - kubectl delete -n argocd application addon-dev-argo-cd + kubectl delete -n argocd applicationset addons-argocd kubectl delete -n argocd svc argo-cd-argocd-server fi From 3e9198ffa39e6050a199975fed8aa8cf06e29e3a Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Fri, 27 Oct 2023 01:21:58 -0400 Subject: [PATCH 07/42] update readme Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index 758b9db048..e8a0529498 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -56,7 +56,6 @@ Verify Application from Terminal curl -I $(kubectl get -n game-2048 ingress game-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}') ``` - Destroy EKS Cluster ```shell ./destroy.sh From c60267b65de1ae019601653a37235913b8ea17b3 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Fri, 27 Oct 2023 01:27:44 -0400 Subject: [PATCH 08/42] update destroy scropt Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/destroy.sh | 4 ++-- patterns/gitops/getting-started-argocd/main.tf | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/patterns/gitops/getting-started-argocd/destroy.sh b/patterns/gitops/getting-started-argocd/destroy.sh index b2a3d8b32b..79d24cd4d6 100755 --- a/patterns/gitops/getting-started-argocd/destroy.sh +++ b/patterns/gitops/getting-started-argocd/destroy.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -euo pipefail +set -uo pipefail SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" ROOTDIR="$(cd ${SCRIPTDIR}/../..; pwd )" @@ -14,7 +14,7 @@ if [[ ! $(cat $TMPFILE) == *"No outputs found"* ]]; then source "$TMPFILE" kubectl delete -n argocd applicationset workloads echo "Waiting for ingress and load balancer to be deleted" - sleep 240 + sleep 120 kubectl delete -n argocd applicationset cluster-addons kubectl delete -n argocd applicationset addons-argocd kubectl delete -n argocd svc argo-cd-argocd-server diff --git a/patterns/gitops/getting-started-argocd/main.tf b/patterns/gitops/getting-started-argocd/main.tf index e189be2165..cd870cada8 100644 --- a/patterns/gitops/getting-started-argocd/main.tf +++ b/patterns/gitops/getting-started-argocd/main.tf @@ -122,7 +122,7 @@ locals { ) argocd_apps = { - # Uncomment to deploy GitOps bootstrap from Terraform, instead of kubectl (Recommended) + # Uncomment to deploy GitOps bootstrap from Terraform, instead of kubectl # addons = file("${path.module}/bootstrap/addons.yaml") # workloads = file("${path.module}/bootstrap/workloads.yaml") } From 15175766283b639d60866f1ad6abf09fae53d1b0 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Fri, 27 Oct 2023 01:35:32 -0400 Subject: [PATCH 09/42] add note about waiting for lb Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/README.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index e8a0529498..d785463306 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -46,11 +46,19 @@ kubectl get -n game-2048 deployments kubectl get -n game-2048 ingress ``` -Get the Ingress URL for the Application (You need to wait 2 minutes for Load Balancer to be created) +Get the Ingress URL for the Application ```shell echo "Application URL: http://$(kubectl get -n game-2048 ingress game-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')" ``` +!!! info + You might need to wait a few minutes, and then refresh your browser. + If your Ingress isn't created after several minutes, then run this command to view the AWS Load Balancer Controller logs: + +```shell +kubectl logs -n kube-system deployment.apps/aws-load-balancer-controller +``` + Verify Application from Terminal ```shell curl -I $(kubectl get -n game-2048 ingress game-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}') From 88b417c100fe284a28122710f0021bad46e740cf Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Fri, 27 Oct 2023 01:43:32 -0400 Subject: [PATCH 10/42] update readme Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/README.md | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index d785463306..68d9b5f05b 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -1,6 +1,6 @@ # ArgoCD on Amazon EKS -This example shows how to deploy Amazon EKS with addons configured via ArgoCD +This example shows how to deploy Amazon EKS with addons configured via ArgoCD using the GitOps Bridge Pattern Deploy EKS Cluster ```shell @@ -13,6 +13,15 @@ Get `kubectl` config, and run the output terraform output -raw configure_kubectl ``` +Terraform added the GitOps Bridge Metadata in the ArgoCD Secret. +The annotations contains the metadata for the addons helm charts. +The labels contains an easy way to enable or disable an addon for the cluster. +```shell +kubectl get secret -n argocd -l argocd.argoproj.io/secret-type=cluster -o jsonpath='{.metadata.annotations}' +kubectl get secret -n argocd -l argocd.argoproj.io/secret-type=cluster -o jsonpath='{.metadata.labels}' +``` + + Deploy Addons using ArgoCD ```shell kubectl apply -f bootstrap/addons.yaml From 64684676dfd6e8b60a8b895d61992a24cd10f45d Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Fri, 27 Oct 2023 01:48:17 -0400 Subject: [PATCH 11/42] update readme Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index 68d9b5f05b..b67b761111 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -13,7 +13,7 @@ Get `kubectl` config, and run the output terraform output -raw configure_kubectl ``` -Terraform added the GitOps Bridge Metadata in the ArgoCD Secret. +Terraform adds the GitOps Bridge Metadata in the ArgoCD Secret. The annotations contains the metadata for the addons helm charts. The labels contains an easy way to enable or disable an addon for the cluster. ```shell From d851a8e6e7ae1bc0d1e45ef747cf5095141a8404 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Fri, 27 Oct 2023 01:50:32 -0400 Subject: [PATCH 12/42] update readme Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/README.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index b67b761111..67b4e8089a 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -73,6 +73,11 @@ Verify Application from Terminal curl -I $(kubectl get -n game-2048 ingress game-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}') ``` +Verify Application CPU and Memory metrics +```shell +kubectl top pods -n game-2048 +``` + Destroy EKS Cluster ```shell ./destroy.sh From 05d86efc5f85c80ad5cd59d48ed8e2fc38c90ed9 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Fri, 27 Oct 2023 01:53:35 -0400 Subject: [PATCH 13/42] updat readme Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index 67b4e8089a..8b43d2ee5e 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -43,7 +43,7 @@ Get ArgoCD UI and CLI access configuration, and run the output in a new terminal terraform output -raw configure_argocd ``` -Deploy Sample Application +Deploy Sample Application located in [k8s/game-2048.yaml](k8s/game-2048.yaml) ```shell kubectl apply -f bootstrap/workloads.yaml ``` From 9e0dba4704e183f6d191489d88953e7604570e1d Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Fri, 27 Oct 2023 01:55:24 -0400 Subject: [PATCH 14/42] add link Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index 8b43d2ee5e..5df95b54b2 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -1,6 +1,6 @@ # ArgoCD on Amazon EKS -This example shows how to deploy Amazon EKS with addons configured via ArgoCD using the GitOps Bridge Pattern +This example shows how to deploy Amazon EKS with addons configured via ArgoCD using the [GitOps Bridge Pattern](https://github.com/gitops-bridge-dev) Deploy EKS Cluster ```shell From a2f9f8252ff24161089e20ce874fb3f4fe6e2693 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Fri, 27 Oct 2023 20:17:08 -0400 Subject: [PATCH 15/42] change to final values Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/variables.tf | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/patterns/gitops/getting-started-argocd/variables.tf b/patterns/gitops/getting-started-argocd/variables.tf index c2b31f65e2..0e99ab6032 100644 --- a/patterns/gitops/getting-started-argocd/variables.tf +++ b/patterns/gitops/getting-started-argocd/variables.tf @@ -53,12 +53,11 @@ variable "gitops_addons_path" { default = "bootstrap/control-plane/addons" } -# Workload Git -# TODO: Replace values from fork to upstream +# Workloads Git variable "gitops_workload_org" { description = "Git repository org/user contains for workload" type = string - default = "https://github.com/csantanapr" + default = "https://github.com/aws-ia" } variable "gitops_workload_repo" { description = "Git repository contains for workload" @@ -68,7 +67,7 @@ variable "gitops_workload_repo" { variable "gitops_workload_revision" { description = "Git repository revision/branch/ref for workload" type = string - default = "gitops-bridge-1st-example" + default = "main" } variable "gitops_workload_basepath" { description = "Git repository base path for workload" From 4bbec7b2a29ca7212a4d30e1538bf3261384abe7 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Fri, 27 Oct 2023 20:17:20 -0400 Subject: [PATCH 16/42] update readme Signed-off-by: Carlos Santana --- .../gitops/getting-started-argocd/README.md | 35 +++++++++++++++---- 1 file changed, 29 insertions(+), 6 deletions(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index 5df95b54b2..22e3108840 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -2,7 +2,27 @@ This example shows how to deploy Amazon EKS with addons configured via ArgoCD using the [GitOps Bridge Pattern](https://github.com/gitops-bridge-dev) -Deploy EKS Cluster + +## Fork the git repositories + +### Fork the addon gitops repo +Fork the git repository for addons https://github.com/aws-samples/eks-blueprints-add-ons +Set the followign variables to point to your fork, change the deafult values below: +```shell +export TF_VAR_gitops_addons_org=https://github.com/aws-samples +export TF_VAR_gitops_addons_repo=eks-blueprints-add-ons +``` + +### Fork the workloads gitops repo +For the git repository for this pattern https://github.com/aws-ia/terraform-aws-eks-blueprints +Set the followign variables to point to your fork, change the default values below: +```shell +export TF_VAR_gitops_workload_org=https://github.com/aws-ia +export TF_VAR_gitops_workload_repo=terraform-aws-eks-blueprints +``` + +## Deploy the EKS Cluster + ```shell terraform init terraform apply -auto-approve @@ -13,16 +33,17 @@ Get `kubectl` config, and run the output terraform output -raw configure_kubectl ``` -Terraform adds the GitOps Bridge Metadata in the ArgoCD Secret. +Terraform added the GitOps Bridge Metadata in the ArgoCD Secret. The annotations contains the metadata for the addons helm charts. -The labels contains an easy way to enable or disable an addon for the cluster. +The labels contains an easy way to enable or disable an addon in ArgoCD for the cluster. ```shell kubectl get secret -n argocd -l argocd.argoproj.io/secret-type=cluster -o jsonpath='{.metadata.annotations}' kubectl get secret -n argocd -l argocd.argoproj.io/secret-type=cluster -o jsonpath='{.metadata.labels}' ``` +## Deploy the Addons -Deploy Addons using ArgoCD +Bootstrap the Addons using ArgoCD ```shell kubectl apply -f bootstrap/addons.yaml ``` @@ -43,7 +64,9 @@ Get ArgoCD UI and CLI access configuration, and run the output in a new terminal terraform output -raw configure_argocd ``` -Deploy Sample Application located in [k8s/game-2048.yaml](k8s/game-2048.yaml) +## Deploy the Workloads + +Deploy Sample Application located in [k8s/game-2048.yaml](k8s/game-2048.yaml) using ArgoCD ```shell kubectl apply -f bootstrap/workloads.yaml ``` @@ -78,7 +101,7 @@ Verify Application CPU and Memory metrics kubectl top pods -n game-2048 ``` -Destroy EKS Cluster +## Destroy the EKS Cluster ```shell ./destroy.sh ``` From 2537145b61483b011daa4b152c39a08046165168 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Fri, 27 Oct 2023 22:07:35 -0400 Subject: [PATCH 17/42] add diagram Signed-off-by: Carlos Santana --- .../gitops/getting-started-argocd/README.md | 123 ++++++++++++------ .../static/gitops-bridge.drawio | 1 + .../static/gitops-bridge.drawio.png | Bin 0 -> 88833 bytes 3 files changed, 87 insertions(+), 37 deletions(-) create mode 100644 patterns/gitops/getting-started-argocd/static/gitops-bridge.drawio create mode 100644 patterns/gitops/getting-started-argocd/static/gitops-bridge.drawio.png diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index 22e3108840..3a206b64c8 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -1,107 +1,156 @@ # ArgoCD on Amazon EKS -This example shows how to deploy Amazon EKS with addons configured via ArgoCD using the [GitOps Bridge Pattern](https://github.com/gitops-bridge-dev) +This tutorial guides you through deploying an Amazon EKS cluster with addons configured via ArgoCD, employing the [GitOps Bridge Pattern](https://github.com/gitops-bridge-dev). + -## Fork the git repositories +## Prerequisites +Before you begin, make sure you have the following command line tools installed: +- git +- terraform +- kubectl +- argocd -### Fork the addon gitops repo -Fork the git repository for addons https://github.com/aws-samples/eks-blueprints-add-ons -Set the followign variables to point to your fork, change the deafult values below: +## Fork the Git Repositories + +### Fork the Addon GitOps Repo +1. Fork the git repository for addons [here](https://github.com/aws-samples/eks-blueprints-add-ons). +2. Update the following environment variables to point to your fork by changing the default values: ```shell export TF_VAR_gitops_addons_org=https://github.com/aws-samples export TF_VAR_gitops_addons_repo=eks-blueprints-add-ons ``` -### Fork the workloads gitops repo -For the git repository for this pattern https://github.com/aws-ia/terraform-aws-eks-blueprints -Set the followign variables to point to your fork, change the default values below: +### Fork the Workloads GitOps Repo +1. Fork the git repository for this pattern [here](https://github.com/aws-ia/terraform-aws-eks-blueprints) +2. Update the following environment variables to point to your fork by changing the default values: ```shell export TF_VAR_gitops_workload_org=https://github.com/aws-ia export TF_VAR_gitops_workload_repo=terraform-aws-eks-blueprints ``` ## Deploy the EKS Cluster - +Initialize Terraform and deploy the EKS cluster: ```shell terraform init terraform apply -auto-approve ``` - -Get `kubectl` config, and run the output +Retrieve `kubectl` config, then execute the output command: ```shell terraform output -raw configure_kubectl ``` -Terraform added the GitOps Bridge Metadata in the ArgoCD Secret. -The annotations contains the metadata for the addons helm charts. -The labels contains an easy way to enable or disable an addon in ArgoCD for the cluster. +Terraform will add GitOps Bridge Metadata to the ArgoCD secret. +The annotations contain metadata for the addons' Helm charts and ArgoCD ApplicationSets. ```shell -kubectl get secret -n argocd -l argocd.argoproj.io/secret-type=cluster -o jsonpath='{.metadata.annotations}' -kubectl get secret -n argocd -l argocd.argoproj.io/secret-type=cluster -o jsonpath='{.metadata.labels}' +kubectl get secret -n argocd -l argocd.argoproj.io/secret-type=cluster -o json | jq '.items[0].metadata.annotations' +``` +The output looks like the following: +```json +{ + "addons_repo_basepath": "argocd/", + "addons_repo_path": "bootstrap/control-plane/addons", + "addons_repo_revision": "main", + "addons_repo_url": "https://github.com/aws-samples/eks-blueprints-add-ons", + "aws_account_id": "0123456789", + "aws_cluster_name": "getting-started-gitops", + "aws_load_balancer_controller_iam_role_arn": "arn:aws:iam::0123456789:role/alb-controller", + "aws_load_balancer_controller_namespace": "kube-system", + "aws_load_balancer_controller_service_account": "aws-load-balancer-controller-sa", + "aws_region": "us-west-2", + "aws_vpc_id": "vpc-001d3f00151bbb731", + "cluster_name": "getting-started-gitops", + "environment": "dev", + "workload_repo_basepath": "patterns/gitops/", + "workload_repo_path": "getting-started-argocd/k8s", + "workload_repo_revision": "gitops-bridge-1st-example", + "workload_repo_url": "https://github.com/csantanapr/terraform-aws-eks-blueprints" +} +``` +The labels offer a straightforward way to enable or disable an addon in ArgoCD for the cluster. +```shell +kubectl get secret -n argocd -l argocd.argoproj.io/secret-type=cluster -o json | jq '.items[0].metadata.labels' +``` +The output looks like the following: +```json +{ + "aws_cluster_name": "getting-started-gitops", + "enable_argocd": "true", + "enable_aws_load_balancer_controller": "true", + "enable_metrics_server": "true", + "environment": "dev", + "kubernetes_version": "1.28", +} ``` ## Deploy the Addons - -Bootstrap the Addons using ArgoCD +Bootstrap the addons using ArgoCD: ```shell kubectl apply -f bootstrap/addons.yaml ``` -Verify Addons are ready +Monitor the ArgoCD Addon Applications ```shell -kubectl get applications -n argocd \ +watch kubectl get applications -n argocd \ addon-getting-started-gitops-aws-load-balancer-controller \ addon-getting-started-gitops-metrics-server \ addon-getting-started-gitops-argo-cd -kubectl get sts -n argocd +``` +Wait until the ArgoCD Applications `HEALTH STATUS` is `Healthy`. Crl+C to exit the `watch` command + +Verify that the addons are ready: +```shell +kubectl get sts,deployment -n argocd kubectl get deployment -n kube-system \ aws-load-balancer-controller \ metrics-server ``` -Get ArgoCD UI and CLI access configuration, and run the output in a new terminal window +Access ArgoCD's UI and CLI configuration, on a new Terminal window run the following command ```shell terraform output -raw configure_argocd ``` ## Deploy the Workloads -Deploy Sample Application located in [k8s/game-2048.yaml](k8s/game-2048.yaml) using ArgoCD +Deploy a sample application located in [k8s/game-2048.yaml](k8s/game-2048.yaml) using ArgoCD: ```shell kubectl apply -f bootstrap/workloads.yaml ``` -Verify Application is ready +Watch the Workloads ArgoCD Application ```shell -kubectl get -n argocd applications workloads -kubectl get -n game-2048 deployments -kubectl get -n game-2048 deployments -kubectl get -n game-2048 ingress +watch kubectl get -n argocd applications workloads ``` +Wait until the ArgoCD Applications `HEALTH STATUS` is `Healthy`. Crl+C to exit the `watch` command -Get the Ingress URL for the Application +Verify that the application configuration is present and the pod is running: ```shell -echo "Application URL: http://$(kubectl get -n game-2048 ingress game-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')" +kubectl get -n game-2048 deployments,service,ep,ingress ``` +Watch the events for the Ingress, this take a few minutes +```shell +kubectl events -n game-2048 --for ingress/game-2048 --watch +``` +Wait until the Ingress/game-2048 `MESSAGE` column value is `Successfully reconciled`. Crl+C to exit the `watch` command -!!! info - You might need to wait a few minutes, and then refresh your browser. - If your Ingress isn't created after several minutes, then run this command to view the AWS Load Balancer Controller logs: - +Retrieve the ingress URL for the application: ```shell -kubectl logs -n kube-system deployment.apps/aws-load-balancer-controller +echo "Application URL: http://$(kubectl get -n game-2048 ingress game-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')" ``` -Verify Application from Terminal + +Verify the application enpoint health using `curl`: ```shell curl -I $(kubectl get -n game-2048 ingress game-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}') ``` +The first line of the output should have `HTTP/1.1 200 OK`. -Verify Application CPU and Memory metrics +Check the application's CPU and memory metrics: ```shell kubectl top pods -n game-2048 ``` ## Destroy the EKS Cluster +To tear down all the resources and the EKS cluster, run the following command: ```shell ./destroy.sh ``` diff --git a/patterns/gitops/getting-started-argocd/static/gitops-bridge.drawio b/patterns/gitops/getting-started-argocd/static/gitops-bridge.drawio new file mode 100644 index 0000000000..51f8e7eae1 --- /dev/null +++ b/patterns/gitops/getting-started-argocd/static/gitops-bridge.drawio @@ -0,0 +1 @@ +7b3XkuNIsi36NW127sNugxaPAKEIQQhCEHjZBg2Q0JLk198IZmZ1V2W1mJkWM2M7SyShAx7uy9fyCIA/4If2Lk/xUBl9ljc/YEh2/wEXfsAwlMEZ8AuuebytIWn8bUU51dn7Tj+tONfP/H0l8r52rbN8/mrHpe+bpR6+Xpn2XZeny1fr4mnq9693K/rm66sOcZl/WnFO4+bz2qDOluptLUMiP61X8rqsPq6MIu9b2vhj5/cVcxVn/f6zVbj4A36Y+n55+9TeD3kDjfdhl7fjpF/Y+qVhU94tv+cAj+gvwv/SCb1Nzjp1bMdP0/+g76fZ4mZ9v+P31i6PDxNM/dplOTwL8gPO71W95OchTuHWHXQ6WFctbQOWUPDx/XT5tOT3X2wo+uX2gd/kfZsv0wPs8n7Ah23fPQZj35f3n+yP0+/rqp/Z/suO8Xufl19O/ZNZwId3y/wDVqI+GUnUzp/sNN/yJa3ezTT0dbe82kHy4C9o2eHtHwl2PcA1P2Lkd1Z+bx39eSX6eTfwC/3eFb5d+b119OeV6Ofd4NJHq79e+b11NPm5xd8ejX7naPSbo8FfnO/Xpam7/PAlyqGNi75bDn3TTy/74+CPBDuVL6c4q/Ovtkk0IyLEz7YJ9QROVPcd2N71E3Qsvqib5mfHCAh5QGmwfl6m/pb/bEvx+gFbsniuvkQGdPoaIIceJ3lj9XP9fvqkX5a+/dkOXFOXcMPSw+CJ35dS0Kp8+jqa4B2+YyKKfSy/exy8ZDwPb+Yo6jtsBw9AZoAb23sJ8fjHeJ+JH6d87tcpzY8pbA8PFt8+fb1Xfpv/svglvxO+5J8VvR+Q9u+Ecf+Dsl9bCcfoT1b6ss9XKIdgf5ad8E92OsaHT6YCN718bY+v46Pru/ybYHpf9cnTvw2Its4yeJnvdsDXXfSH9AH+TR/gn/sA/04X4H+apxKfegBG5S87K/rbzvrJ6H+I5Sj8a8sx7GfvJb5nuj/LeQnmk5nyDDC590WI8H3Zd3Ej/rT2G5f6aR+9h8j8Mt81X5bHOwTH69J/bdz8Xi+X98Ph5xB+BvnsbUm4/2yT8PhY6MD9Xn7aES6GP9/202GvpY/j3u4P3tSv9xqwwQvtf83P3gnNEk9lvvyaVanv+8GUN/FSb1+35I8Ph8+8C4TD/yZgaZggvfrfOMv67j8hQAic/JsD5CO//MyYZQ0YCLAnEF5l/r8JUCIAyYF5/gPMyaB/tznZT+Z0pX9HWsF8MtRfSr7IvweXf8JYBPkaZX8ErvTrQPtasvKpBhaAHvwFwn8G2h9Y/6tI/wci9gfl+E3EJvG/E7HJz1FxmPJ4yX/AqAayxmQCn0r4ifs+dENrvQTUb6DKL1JHoG7qZ5x8kUhfC3Hh1+LsvYb0fvAPXyo3P++wX3HyX45KoHtRlvoqMN9x6Xd3y/vJLXg3P9ulL4oZ+MO3/falDf98V3543M+6kpvK/iD87SD3pV8+kgHymbb/pRj3kZz+/bnnH4lIH9XY30IkHPl+b/41iER9llROHmdgDTcMDUAQWKQ55wAhPiHUB3L9fM/v7LbXwOkwBDQ3zuIl/u9ANOoX0sj76UFaRUn0qyj8H/RfQ7QvDIb5+pA/EeH+DWvfBP3b/O27ZSGUZX7Z1P9SBH1Q6J+ZSa4Xc/icu/9rKkMk8duFIeyvLAzhn0tzH/zpWzgCou4VhUP/K878N+k44lt1wn4uG31vZOeDVv7xdv1cYQC+razJfwQQ/KUkB/9cPwj66db0cQa8EPl3djvyG1sSJPXZ7bAfye9Y808DVeaTNY/dvMTwyG/5Q5dxcCAbGqWJ57lOv7bY1575wQo/GOI/VpH8Wil/Ec5/QUXy3bv+aTb5k9Si8I9a8MeUg38ocP5F/oJRX/saiXyDXW+meD/qJy/6dCIc/dZpvznRm6l+5UR/AYP6LPf5vl/Ob1XET4r/K8L9yc+/Gj7/mX9/Ncb6Qo/5a/T4ZtgWY2hSxD6Rj58P2347OP8qEsFRZ0h7vxoYfx+1/mYt+9213xu6Z9lfODH9OvpHlv0do/MQ+r/a90X6f3O4+TdJ1dv487dDxrc1yacuB2b+sX4bMB6m9/HidMr+ADhmvnFshvhdAUr8WVhMfNYBTg5uOK2b79Wtft2L/zm0fnOUnyP2W5XyH4Zs+rcwG57l29rmH4jjH4jwB+A4QhPEV46C/ZU4/j/fjA2TKAVQ4qcf7J9DdfQbZUGw5I8swdAo/fqf+RgB/t0g/436/vMxn/gsB895Ov0foP8nAvr8s577lzCdJr9y6y/z8/42TP8smH9pIOIXvPcPoN2/E8H/qCGqv4OOv6HBr8I4xWBfQ97fCuMIDcLup59v/O/3wjiGflvIoD/k478RPSd+qfb9bQj8VLv+dkvcdf3yUfn+96I62N9MdT4S4R9AdQAN+KaYjv+dQUKw/yS7Yd8m+H6VCLAfYZnvF+Lt3yFIyN+dKQ7NOkNX+vep0GCvWcF/a6YgfmcUoL9OIMC9YPg3vvPfFAP/KK//8x2fYj878l85M+dvqzUSv3f24xsL+rtGronPYxM/jUgH51c73u4V1t+7PIf9Ap9wmmBr3keHkP93dM4c3LdvAP//8cf/D27s4I75fehneLKlylv4q//hV0ax/2vG9v4H/3Y04IOf/nyI9XujUH/a6B75y6N7/yep/9Mk9dBnf4CX4t8+moD+zYKa/Kwlfjb8939u+n9u+uaSn7H0L3XTj3nhfy2peXPPj+eDf5oB8IfQFZL8F1nIL020+qaGQX6b336Bo/5R/JP5nPWAb08xIDDtdwoRw9A8vtu3/3Fz65jfUkKfSmb/6ty6P19MfDT430NMsBT1z8jivyCM/wWh/NeoDuZznodZJF2a/+6YxH5dNEBeQbNfU7J/95gkP1e2PjO1d8YQpwukVn/FI0rfyK8vcy1/Rhm+9yQX9Wepr48T/3c+ofRRZfw3ekKJ+FP4DMZ+XXUjUPrrU/zuiVfE5woeifzeCt4fVp37PCnll8rSv6zD/iOhmPrt4ZL/uIep6N/xqMEHFNft65VEvy0KG7iBj9Nb+UKjD3Wc5UW8vlzkF9438u07Q14X5D7WIh9r4KlgJRDn3hYxaehKIFtrnzedHdHksufAz+nsVaJXgk8G/E84HrgjXF+b104Fv8er2Ii27xCd+chy3/F8OgHnGqPbeJgOtl3Hju3wN5G/22Lg2CLW3Qc3qJGQdKslvhVel2TjDxh/2fTL3LjRtsXuk5n6Z9bOFH4OW6c1U1nTz6NwtY2+M5jn4+KJnu9nNlCZkh8/QaYGfsrPGJ2XY3+gaqUHiwV96APwO89T8D/F4s9JwLc1fTzPydMjwqtmVhbY0muhShqzzu3N8SBVsSjqh91QA74KzyV/2Bfh4FehLE7cPqs2V4VBVWn7LBy88hhIvW2/Dg1lqdI4cCgCDpXK8Ax22BsOnhAcCk94fh0KTgi2+GUYiD0HDrXBoeBS2m7oB4+DJwSH/m1t6QwHxfggdNVIOIaCBaMhtx/JwApyqbChzidodrnPuT6KkWvHiMueR8cVI0GLbNFC2cIH2/12RtvFb1c0GC1nPEn9VQyvqiY4sXW4OGAddXGBBpSIlOYH8NtyEdIkO41kDlgGlgHS8WtpWNWqt6QdNjtYp0rQRUMQjrRaVFp3oRDJUAdzWKYYW/Uq7H3Bpi62XLKKg8SKE+tOPHlUZ9xLsN9pyBTHm9jCjYWz+7DPXU/OwtM5Umf+HGHBLncXmbxwsWDHhYsFp93k73iGZ8UFxDbvPlK3So/OIQzuM308SgfyahSgQVQo27sM78G8MaWtHRjndhrWk9OeTPdGJgG5pPpSTOwZWYAP+4fRuZ6GDc2v2H1DrPMxGPp+Y50L0hmc6x97oUFuhl/b2daSaxgo/HOmzX0WufpQEtZlQhnr6dTKTilEc90PXelUtm1cG2abqLVH5Bt6DanTUZWOY3PRyE3DluTiIJLVtygH7qQedvqSNKjK8HnjaAjwHJI7RYJZC1qDBFfZ8Pla6AuBvGhC2avpxUdYS3jU/agThU5dGjQDHlv3zN71J569hs7N4PtGRJYuwrJrqKmWal57Clu2pPH6hpU38Y7tu6xWoB9Qs8ISA3jXvfV2udxFdZUeqzc2SNbFZn2sytmvS7uMBc5Wa2NoGAskwpcRqj5VlPsjHbVyiB2jVEjueIrk07VHtCrUpdDiCStvKttSwVWoe4lzSaZGlurow232q/m0bPoD29RbfVnplTz0LjSI1RC9pKvgBMcnWHSu91a5PA1FnqaRCs7jRbqnHnpyvevxYeynmypEjTpxucYZ0QHsAk4Fun898PYG8cjaQ4GL9ftFxbKVXugUVx/2zRKeLEbzZRw/jHJhnyluJi05u+L9lBXFHX+oh4tLXRyYmTDeMIqpeYGa1A11KPPpJXra8RJYPXsZJbuRfD/2bU075Dof6b1/KGXbMlTgu1d/XxMMXU5RY+g1sQKvACfqBirX0HgOdL60vepY6znOYtaluiL5ftUiVwB9DLxzHM+3QQMHbBNdEzkIJAnYEOGpsnQPINHcRO76uknCPyAgoI4Od1xaOls7obLbrIvusb4EAs+NGoeBwEwWijl4+AXEjWAO+Ao82eCo6C6yfH8SqOKJcTtXHg9dt62mHQtlQjxk7nG6hsgIfGdtYOwxuS6vU0206pxI9wDglcjN0gpiqLYfsWF659YHLQW4g2ZLcsaSp01oh76PQ5ZicpeAfTwk547EjbiVhiWbKnBrGLslbybeqLRTH8AwMrjkDeISsLUQUcUjcOqZ7ewI9gNgmzy8ZeiJFJuu7vGmivbYJDSKNrNcPkQQ30h5lIXUWzgEMcZ+l8NDeJu8rFTn03Vu1TKKhxX2O20+K4TOxnM7lIQhnB50BlgRP/hWgkPnOO2MKczHuUmlchdAdKSTg/jy4EtDFKTdlfHv2SW3amLQzrfyKHA0vJ0mpRt3o5B9PxMeaoLobbzhmXbaOFKLdKxEI6YBLF4U4KuI2nmEdeDq47Un81XhQW6o+lDmSsYtFmqdRog6jTc6fCqeZz4Pr7zRpgcuvobhnR+20+XKyZlmnOsYPg+Awe4mwc2N4zyUhnkFveNQN6a9AchDgxbNLw3J26HcDVhWhuahdaP5wO0WC93p3g6YBNYDfcXKAChBb3bATisAFLzQARI9MRsmgQvwr3su7TswS8ISDMD8HkRy7vsXKRJ0nF6wpFN3Q2D2hwsMeuyLBgY1dtnOlGA8QSwVPNI1iZAkEfHwNTQ3r8c9tS4jsgHTt0Ge39Kt2RKMLQlT0IZAc8dcKFIHpCMXGhln0QxcriHyg92oMRov5wEJz/XlhImv6JVudainx1ipiKBmgouOMqt+uHsab+/FNnRgjzTcZe4OsuStFDlb5uuwGx7gbAlAIc0/5/kznGNq1evYfQTxU2XGCDVKNuhrubgtpTOC7EeD3u7nbbtWON08Fr9ZkgDfJnTE2gFwrvMBZLlU6Pk8SaHbGlhhXnSSMc9cGZ4umu+sOebytDzxin54+OfFQ50mCvxuod/o1LXXFD3cz5U2sanCc69A2gbZ8YIlmPxxD4+SIYYyQfvmgBmP1gdN9ttjFgXX++LPp81SSiEaUuWwQ5gE2Mv0wMk2mi0mP04AoOzZkeMnuiUh/9MD0sOS03yR7zUZL/LV7ITuuizM814bLjpfj2clg/PPpaIoUDa7nDH3ER9UoxpPFk9ZzyBMBC6Mr2nUzmy+BHT21h84CfI4iKlncT4+5ciVuSifHmLknG4P7sKdBHjOKwjeRZWdW6I95p55O7Ip61sCQFSu0WAoLzKBywA5KoTKrAsNbOnayEm4kabrof6Zs63DpCDe4xIDREXlAfVQCzphYXXyvY8rcPPI4QHaGT+Dwx2iFeAWzKYDgJbM541yziqgu8LVSTiaunbycu6ZTRVS5+DGie7YmvQgU8qcxsdaPH2KzfEMECcWz/RIOhJa3kOw3Jq0a0CyAlTsgvJ2KsenYMaSbLoBNoExFA7Cdpgi2b2BWKFRisxi4NUSsUk6H+r6KbUPPGeLPHcWBy1oyiSgHaNzNxcFTnCjtK6GvG0f3MrC2gNHW883ELWJ1IwBI9x8ugAnpKE6h6kMeCWwDXXp6abzwY/r4Sc23y7NA02WTrnexwMgGc28BXGvAt8PfDLvhvUNmnmQSUCm4QLidPVCQSphpxTvORLELYjf5OWV4yG349QQOKvt6AG9mrzU6lirQyWS0FEV01QFyGjWqc/2qXZX0rRvEjfBMcZsGOMWRgd6uvilj8hOWQIkh3CGgni4qI+0SRaMyuYs1tNWGdhiBFzoWMB2PO79qB70IRcMx4oThym6h683td2qNZmtjd1L/LHQPbt4nqqZhlxXm9Hey2+kx6FRkQpkPIbPZtk1PjwFox8BDwTgpwCwzItixZ05V5ZkyNTDuy17yrqSoEMB7g/tM9u6a7YpywVvbmol2w8Zthsi6pMBCuEw+6URtsdHG4xoOxdXwK1mFjgNBCF8hnntkMj3NGyWfo6tCa/FuMMy+9QK4JCIY7GTWbuS7fpocQG3FAJ3t+tjfdRh7zLz9M5RGMBXUwQF3BO0cIF9hIP4zDBZcFbQzmPP2qRzrB9XxK+gE5y9Tl+wa+Ccj67heXt7Y4qr7lPMCtiqG/tnGDUTFTSyb6XqwaadIVxb5WhLq7TO7bHVwmfhTuET47Owea7ZgwPaFAOpm8dbsgoj+XwLanql1rVC1hvVeY/Su6cXiX1rcKE/bsPZa1SgbY+pEmFdR0n6RWZmBUgIT+J3B7AyQWQs7nHV+MpZAQqoh7RL2AeR5sqhurw5IUNCtgDR4rREre8GVogf/eTBJSnIr9Q2xYBAxdIeCU62vR0jbXNzi9tl0kAbONdIjKSH+mGR+pNRilHszS2rIOx4vh/8h9SQxUUHAlciz7QVgSwXZOtFa6I4kLqDieQdAnEVYN0KZDSinUFYPHcGN0VBR1LtgdkP34+CCHAz6R4Gj9V/HJQKOMENZBcK9Ci0wW3yKRLyb9mT8J1qAOhEVMQ66uLUj0qWVVsQ7ujoO3GArpM33hC5R88jUEKJ6uqggSibvN0blIvgX6VtDrV58ZULcD5whKvvg8uAaOJLZC8ZmcvBH2c0T6Cxfaa/KOrWPyOG2oESy6+w+yFHmiggNZWSQLnznDkGHW5q59J4UmFLMy8D3A2CHGKCdISfHilkolcPOWlOMD5EhE7ToqAe83R6MHlxsort6FI0rkSKHM7W9JbnYKg82Gzd3J3wLEQXbqnbOjfSiE8ym6+XdOsYohvsSxQYk9PN8tOtNd/TZpHNoL/Fp9zVkmAYAX2KkbVBtMHTsDLaxSNmXBWOUPTrFSTinl/vgiFyIrNnDCDs3l3z3BRodAA2IETcU3QFt8yc6rqvj4CX8dFTiz78NcOle+nUp/oy5JqCU5fzeAebYteJOYjV4DPLSiBSZhBXNIDXCaEs4T4bwy0UxAiHmTDtOvx+9tEcLz46i6/s+eJOJ7viTHHIigmKVJckGCyb4nGxht40nnKP83v6zm3yxkKpe2TAElpunY4Dwqvhhud9Q8tnvn+ijphX7iF8ytzzlaoRCDfxNX/n2sV2eqYotRUUTdOE4J75i5I4Fd8bfH4V91Q7SeaBI8jTIPCokmoZoNBZejjkXDFzxgT4qOqcAD0MFbMK6H59SxPg7w0pb/ao2A9m1p/izCglWJmWB75x2Bv4eFby8AFpBoA7X3pxGF2pnwNCA99P7VjeeduTQN48rXgB7Ldgk8eVrUI7yP0SQNx7y+QTSrHaIB1PQMA8RZFQDGr049lUrnsIPADQsqY80cdVl+v72SJOj6db9is90yd3yDiQoZ5vlgd/5ROdP2cxMtT5YAznkQ1uD0k/KoR37ImxeihO7x/rOx1D6suHjUwBai4Ivc5VVllfe9qEmiE1DQXk/BujDJbKWoBe0PCpdj4dQXa8zU1DbSp6UYmEDyfBn9D6DtSa++76MAGDj0o2L5DfouwF33c7xZPlTrCZfzk+jvXQNqeumFRA8tYhvjSs2blOkWtwIo+8ycSqX/dVuL+rKb7stYP6vF2shz1hT1hgi1wt0oZkgK0CPCZWngRjgqjWeHMgzAIW51xZ4y2f3z28B87H0NKzPS8IAiLgamyNUDIWyrpeJGedCfTXCrRppvgoUzTM4g+LGhbDlTmU7EXFM7YYMp5LBA/d4qAZYPVGKh6P90wFYIgEDMpcL8zwKOebV3studBsPvg3rxSPiC2Xd/EsTirMsSCZJi/5DOuJHcY+6auB3qhTqkPJv9F3JlX0+9upL0NxIdl4utA7wYnxXAmJ5Nv2mN3vV3TOF60914BbrtHRsM0ZDeWYu48hIt+wDqFxHO9WyFfhmeCrB6Vc4d3HTQ1UbGkLzJGOIl9GK0YnC7viCUTTWbivqSLsPZxsw68dTrPgFCtl1v26Dw9VGw7a+pxfap3JTakK/XiKEjWSgR67sZC4SYA+mqCz91XaQbeVZWopzXXb14cIVM/1mLCpPhRqZAI6AtlIsKxJH4a27sdCaOSonDsX4fzEXObE3Nf+6AxeGQQmOBZfdDs18cg48jyR49s71i5d1L4sal25u4Hl0CO0zMsc2DKFeHhAiLPJUu+b/nZAfQ8XIOwBgnhx41WeLwG0FyqCyuRrNIOMu+oTSMzAeyUn8Adwo4lW9zdtQ0G2TDTLkflbtF6KDR/PN9WqfOgz+pBNDKPOQqNUAdV4GGiW6XL7TQVyE1ztBD5z0qlpjwtvE5eAHiUMVkLpuONfNcijKCjuSp91rttT9jywxkmA8lSPdK0dxuQBWP1bEIKVLHt/Hu7hfBPHZjbcI4wRDLnfgZazHoDrgi7F2GIDkbherA5kK41UNBJkx2GiILPIN7e/nU9KU98jYu0GM+6mLjzvAhcJSUuvC5xsxptP0OZDxKuDCYgnHqMo9KIX8BeQ7ZXGZDya2q+KTeYeLWDqzzTQJdjIzIRlW9tfoc1V4iAm641jmEOmP3RyQW3N2tJgfpx8j/SO876GkS7f97SwAOSBDqkATjKWsN/E8gY0b24MnQENcC4JDHQYdECpnP0G8C/REe+whEl/wcB1A8qHAL2e3wPruUI8Z1qQx4AjXu3z9jirRajFIAEx1rZte3oRQnCs0rNSX3RQNlrwLgeXZFm26c6Lo3TeKYxYRpkyYYSKym983/M116WiMWmJdpUhk5YTd92q1JlpwIJsbZ6lfgWNB9ihDJBA8xvIlm+t3Mt5q45n0eXdLUHe1Y471bT5SEHvrXSOs0+3KHwpu+yMVsH8AWAgPrEkATg+DOjjKdsrTXV49i2LKiABRYoTm85uivHVALKPXPzLBcUekdF6KuWL5uNcemMbgw3PFLdeFGmh827i1GNy9qyCUKiTbQdnC1b6AOcYP5TYPB0fsP6qH/b5+LAEPMMyTWMGl2BCwUiAhpwFbjdAjrsTRKpJt0h0Um4A/HRCCUMWsjaq7XvY3qiW2SyA1fkJ6En8KFZlJBfd9E5j43q4BM8q1O0RLHEjfoHVlxQorBebG4GOUWrAgMDCWJDIbN4ubQtzxONAoIXtXe9356ZGvnYA0EMvQM7CBGt2kTf5TKLckUxyUvGYqBB7HUAjnvAhagpQ1c7qnrNy5A86RxtneVYGKt9oDNYtJCCqvejqJYHMxQLwUeWOTxdhqZjgOmawCjFNMUDUo9GadXUpYeQ0TxMceO8TRJWfsY6F+XLwxMOaOLHgALESLJDF8zZUgt2dKaTz6Dgrodga0XGEdYUCFNK864kyFdkYmnSqiEB+YvkTXg8IuUtF+IC4ux17E9K9YV81zcJK14sB2ZGNEgnCy22JxzqlOfplGU3hLvT2JZN7gxz5uml5STR5SzfiaxyjQAdOcMhsg32pS/UeKg6WXXvPLQ9LNgeq5NwSub36Ey2AW3OqSeAWBkhBNVwCOvpC1WlI90Abh+EwrsCRV3bzsQkFesEfj7sXq056BiCa66ajcOLaJrX/uBLX1fVn2JGXNN/Da2MjjJ0cwmt9D7jnySItlTa3CSJXAvKn3lQCkkO6KOwMrEuIjY/0MWiyScE6wAb3i2NEq5gTWEEdnmcgEyCWQLULo/u52wh6EgqHcg+JiwyOdosnjrTvyUET61AgpMt1l0tGgVXR9GJVzNbnSgXM7iM8x0nTrZYG+2RiUHJ559HTKk+7InmFmE2tV60tTg4+rs4e8m0pDUJjt6JdQ1z8YiiYmGFVsuu6mzyd01Kd4qfVWESYlTY6a9IBRInlDrASx9saV4TYdLVDVPZQx+NV/QxLPB4QAZk5IKd57x+Lezxmz4egcUf3QECIPNg3kIH7I6GIZB9rNb4881sIqBMsBZyWNIvkqBXK3ehFzAPEJubLVAlBjn3Mg1Z7zkE31vs49D0s3ztRxWJkK97b4g3FpNY9dVOD0UsHpznxAIPZO9A6Z0A8EkvsugOfJmKlw/GvaGKx8+lJ1Dw3AkkL3O3wFIPKE4VdRGE0WggOYEUMTVbOji0tQxx2bxLfx3AwRKnSC1wDWFYL4hmkY02T7PqgHlTUoyrGUAXuLioUxChx7lmFgKizpxJ/Awn+pTAPJWU+N6cpsf6ZGEbZcZ7HIVi743qQou0MuP7aXe8EADJbAWHZ3kHWzEEWuebRBEcL+codDeE2SXp/9RetLFx/OEkDgOol8Jc4M/EchGbfYi2I/tWwHjiShjF3wvog0vknzm6xWUNme7ynG06wiXHEQPLruLU978FhDiZPyzjW4R5eo8KKhgMSITg5nXFXm1yWt8xBHr1doIrC9U78cALygoeM9Cxej9cKocXKcPsAoMTSnzTkGW9y45JXgfbPo++/YkOo7FumVIxUEoAR+IdHwdXpyoou7IRGFo96qZS9KfTAlpCph+3pOrDx6N5vVJfSVyYCiHXSzwgU+c2QBOQat8BSD6gdHqIp2j5tJlH6IEIbIvrJ08Z1GsFt5ODe6904cO1TZrLRIAbmeIccui0NBIPSHNaa/MMgFVdkVOpp9FpRrvQQjhqSYSDBERYg0KJZtEtR4egOySmbOx91GbOEqsRA3wMi0KBTIj/mMb45NXM5drIYQSlb2kcFtKenEEUT+9tNh1e2IM82BzSYJq6o3EvfraEsspCFwHoY1GPsyiuW60i07To2B84wPa4gcaSAnDyzDa92V0ROjzTdz51RAChcL5fxxeMhIL+XLqI5v9zI6nA9ILelfuvHoLdb+XywGkEMRhRruX0+dTMIwQAa8xRswVXYxE4T703lGfztBDJXMHhUNsZtX868gc47lcaOgdOPFGgskL8ajMpMWK8qiteoYYGRF5OeA0gPJf0KhKLda2an32qAhFzXoBmeCyGkkxUcNc5WtaSOEsuh3oi+DxoyHOBQ6iNu25H05ELbmLt6wLa0z3TgICWQGA8XUiZwLXbVFc33TmZ3dL3QkB3vyAvi3XBuAGRk52aT0UE4uPAuy+OBO7EsM79V6TOtOaPA322gZGH10Of2AjU4o7lX3tlmG/G4SIA5oVDD8HQGtAWuo+3jfoAlrod30+uHUwVGQqJ+VsCtAhtTgUzVNM6XqpOEnQR8ddFd5J4uwex2DOx2UoIJREuFOoWwQZhCyW4JRoOfadTqsHMQ9CA5q+GS0tzk7vPRe4eqXPcsDImqffpmnt7QODDOE5o3CJZ10VstvRtsLz9mLTLaaqrldxo09+ZGDWlxBxACi+IgwRurgnZLgPYvnsx2jOX7UhHCteH46yRa2DOfsHwPOOQkOMhrrEFwZ3xCEntkSqVjtNZj48DiTVkYM6FZaDJP2kdrQ7/mRngFSYyx3ZmapErpKQKCIF4vzhxIbdSwrKJIQoovDPDyR9qoEfLym2mDdRyGTlRWjcPbPoBkvCJjs8IaxYviARe7G2exKWe03NUDOTawVoifnulzJs1FnpGJfyh5mnrMZLtCnz9zC8Syv+JTs+J0CYegczji5hy1Csg55VQTaX6Cl920C7Ko57HCnw6UDS6cQRHAelmy3IzqJh5vO7YzN1Z+1DQcGJ203ShkqWf25/5Eudhl9CqFfARPekRTSkI+aPVQ+anepVBNHJHcvOjNg8xAR9F8ojCtfkox2g0fV1X2GrFvzE4o+ZE6tzNvPQcJoaLpRAJFbJ9LO3VS9ZHhRbFAzynW7jLt+gVnTWGiQCfTKGm5MO7cAYECgi28aiKHK31ub2QulEKjneA8EFi6AEosQo+RclWKPE8Lc9ABmK8PxJHG9Vq7TWoah8i8voVWEGAQmwEjpVe9JDRIb5QDUF8Kv6e6aql8Gcq1gAhogVzZ417fwqsaAYeq4OOZ0Mt0/hKI6MnNv/gdTl7DV9aFUb5F1anUjKo2gKS8KE8SSHtYD7YDc14qg6+gb3SQJrPByHqZ4qC9SojRrPOcqDSux0LeCQw867NlrBjHIbIN6O0e3Z4RIMEy1eTPUDX6E+cxr9o+xLfNutYQDKPiSZqnltyS0jYUkHBTHSCZY3lMbVfikKqa/Vzvx/MjctU4afGtffJNyGFuN7SKy+VhyfCxS5ruDY4XuZfwRA/GqWPglVKT40AW0EA654Vk7PUK3i8dmajJVvkAFPoNqJZChZmKlvnzDjyYKMIGaEeospdhguqzURPCNPSOQd9qp3zg5Ve8uBO3IHLFCD0Reu09Iv9mYmsqh0EK5V9v8UeeOwLgwrAMozPs5LvhWa+Zzezc5aQu1pua90Hmv04zQWB8EkSaR/FhRZMAGdfAb6OVDufQRJbzWa6Oq/4g5m2brx3zClerRLZIffCNM2EqSQcooJ+8CNQ+4N8wT2JJ81TR2LcKntjMvChw+gKyhIlHRXDMqn6O4bCOTp8zRC4ROMFNwnHFsmgg9p+sNlhCSQTSyUXYJODXk8L3hiM7LZmZzbnewn4hVJDdsXFshzW5xXTKeTI/J+JdqeicYXfX5syKNEkrsgTCgcWM9AI0mOJid6UwDi1Qq4K9NuTq3ArlfIbI5fjKpXkMF0DE2GLD6SxdNxHomjbJVoyO8jfvNX1xRWqGmfupAsSAkk9YtkXIk48h/FOkerKgzISDXmcfnPUeaHfAs7t2P4rCa4SrgwDjEckpeokFmAQZbKx2Ni+ON2xL+pt7Sl5pE/S/CAyyl/KSwKS+TRjNshvpIoJwZz7K/c/na/SKmbe3xDl+KYcDRy8wLOp1QOWodjhcMHG538rnQLDm00Yq4X1onP5yBGJLZ/DjoyRJFgCu7kaDmBtqEdQdDhpONE09XgNisMx51AfbxloandAHlblbsSwsW4duW50PMJta8LxvdYcclhaVMzPrJ2jqwl21ITkf/HFjnwH0bDgjCUbN5XKB/jVS3PuYtX5gNv7OdmIVwiFmQEEGODmGXR2SYOKTdF4CiKvqmViTRvNblwRpftObGkcBClrK9Qln0Zn03ZTsVb6xLbVbl7oz28ECkvs1+UfXIY99aAtFsfHCWg6So2fJVC4jqktA199zK268dtDO4ZiPnCodG3WM6/pYRHcgvvSqe97Jt3l1CqxEn8GVFKdH0m5x2uEaIQvUBtu2rebd1Ui0Kjk1h6N1zi2UmXYfpWNt36pTpcIpdnBiyVbQFEW2UQswUQeesohUYXX4iB5apHjYRnifY7mv6FI95c9b9OgPZLENzzDsUVpBSYIIL9u7N+S54cJiHm+Ve2glS4vp1xCDM+OAfaDpcIo9nSyIvGfxEdxUfn8Vtk91lvReX6iRPsD8gmVTKEw2i5hX5GngAEHWwDUZdD7ccWk3T8pmXYKAsuP7nMhZ56OBn8y43jwH1VGu1eOeu7cjAuvMljHLcDYDrByGuVxNMbJIdQuZbx9cCihOgRwp5olAeEMFSNCxojdeZTq7td75cNalGjufD27/UHcyJUdAPXJtdweCMQ+q+ChsB5brMF33gH525ScJTX2R0OyMDNpRpWfGVAQ4sEudtpmWn0QEO+5QOaIjegDL1y2YkoVkHvFdnS8SyEuB7oy4ejsJNi3f5+I1aSOvjhfpmZZ7ahFQ1gOflA9lqSOSY1dSvz7nSdXOt0kMr/LlAT17Z8TKdCdwywtQoSDFAQHleLEUjBTQSOkcwhUpuCD0Rl/YUrVMpY1sB4ZBcJw8jDBOZEVBB/WCgqt4vQXJACcAAKB1S57GsR9ntmUAp5GpZ3GbkiI3hu006ESoJMVhgK9k5c/XsZlGwtzaYU4Odm4BivjQ0GR53AsDdBLJ24HUJRt+xfWnmMlOQ1LU2ZuQvjWvNdFr6nW8XlJmRpZQp3FE3KQWjicLgC4GLpT+jMbYGzmas0HlljdT+AsxEhppw0kOSUEg3gaNJAbuXmuq9gRMNEuwKBCfQQTYzVkF7Og8Js6zVl6eNuDdrBjoNgfG4SQ/86OCKYKSr52nn6HE2AA6MWcLKjVH3o6r8cjMZ7rqQL/jydafFR9lk3KY0DfQvG4UjvONPbDWggNQHcZQpiMFoeK8wCfYvR16teHIBJyRojq6ugTbBc4ARfyCfh/F3OiVyiWbujsUPheE5C1olueBR60hnoS1PAvwEQ+JGcxC1FmQyuDw6sA4lwuO+fkpOQ/eVplaJ3Gw9Xt6pxXYxVL7VlXl79sgwKGrFhWwSKsjKBEoxMu3J8EEXWoQ6b1+hsR8ei559vBHWAhmmNfsvvD6DumKqfjH6GYNV5hhL+XtLGJS42bEVgiHwyOzOjgTxvboh/W6LUimiZuqNxRTm2oV6jF/lJFrarm95zEHWGxkm7Mft7Ezi+XaEK04ZP7YOMaTDFB8kq0ubJezMc+T3T333c5B0IPwS+0WBfrgklQ7VxAdVF6TiyzaetHbgzG8JCP4R9gl/EV27xYYqMEziFWMkgZnAcljDuZY309D6V6ca8tJs18ZMCdfV/pKrvMKZXj3JNE5x2nAP8Am8SqPmpOvmFb3w6l9Jvdch96WAjx9Ei32lgDtMzTeTGSRetipzqOp2KM1WJM8hWcrHtepp3KGqP1LXY8+yxTWg7gzrxHnnvNHOGVqYFm2apk5ehyxAOa4NLdk586yi1xYSslYV+h3sLh6+OFjkPeoj/fiisE7JEHkLbIi8EDK1n2v9Ysh59ZruAWf4Y2YJL5RZq2ODu+DPNgF/ulsAtI1qFmStmc1N9tOLtvzczSJzkrxDNPrfgRId3tM603XDvNk4kJpKwOsZ9cP1VfJbG9GNr9e7iGcCYiSuVK3J/sA1MqTGwRaYW8HbTrx42ko5MBRXuMTc4d3quwYAalhpnIWF41pT9fyCfg2yRiWhd235JVV4WMMIPtfivo1Y1W5uBvFfmEaUg6/pSDKn/eu9jxWh51/ibFmOj82+Vhz9eJfFyefpNC1dAhzlmwViFu4c5GGQpyc4aCGebAZCyoEXLwjQYeQImUqGZ7RDqunXSryfWy2RAsuROuuEvWeqUynfdp8GJckQ2WQtd+86JG+avVOtt0tRG19YvYB7KkeRHxwgZ1IO/k6MkwaJs1EvGY1y69xAwwWJ3WYExQOKAgXzZ1XBXjw4+A2MGm5FZus1/ExgRXOWiY1RyRNYROvG8x+5KC5N+4oP+arTjRzc1NrrwFKeBgosL/nXK6IXR+zBuhJzAqW5gbnZOgCWsMMAUt0d/kMznsB8qwNmqfVSPP8SES58W7gBgb98fI3S6W7W92vOkqhiYNMLZ2jJ1YaYvlWF0URRV6nvMWbAblozd1CgUtmErEenLPT2fx8DJVShAzfzrA+E4EMeTajLD0+Wgb/UlGGv6yc3MKTXDvn5TIB9hj2ge8/fDPwK6h9WZJEcbzbNivW6Ck57KkEM2OCVMeztYfi7tEX0MrGvwarmuAukBGSk15K4vjOZWwXqXXtetwNU0rHJoUVgTSDvWnBubrk3XgWUGgyLNHf1IPdelbUqAa/SpEbJ9c7Qkcbg1mp/So9rdIpEvG2cqXUSmbMaxZZPHfI260gw2v2vN5maei3PCzbGE7ACq9qQYwPnA35wlu72M6Cs8bP5X3m9XdO3W6aMs+3VrscYA6GrVOtIlrNJ1BVRki1Z3DsfKzv/s2ed8zQDvvGs9jxNTetU/f0gc3VIdhQavGDcgU0TIqAGcMB+jvQUyyVH6BnGodKwJTxKZGV7Qsehr3LgkhmIOeBELLNBmHxNv+YsJqZZ7aBBG9zBmj7gCOYKHvklwfsSRpb0DiArHul1go6T6FUe6oI6eEhgjR9ew3+5EZuKlFCVsdcgcNBsOATlQZfv19a1bW7GMBZlxccR4HPbWtqhhdHvhGUfqFo8znDWUKMX8+eXcMxAXsU9+NZrIyn4Qb54LAWHHABKtOJCR9SNcW5RbZVAYvnJhx80MZpZGD1R1EfsnZHRzKTgU43WvL0lKMnYDHm2WtVwBYPfo7v+4TD0suGJ5P/uMY0nBfjnE5k2h0fdwG/oEvUAuu+qpLtmSPNqENC+nCDkwjgfMo+FvkJyGiAqNq1B+e+jY9iPRrMvTxSe1MeW5Hd0x3w+6St7W+fVBIOtDQYTGyfRZ7n2FNlANJGqEepq5xK2yWk+uqpp/DchZsAYtQR8RP0wftrBCw6lFZnIzxP+DwPpKe8X2414IkhduoGMk+xAuotHlC7leBmILhZ5vHC4bdeKWZfcnzE7PABGS/HO3UPXmNuE4XcBshyCDdw3admYc2NFNErhcTgVoFuzOd7a+DyU75xpajuTJ6p82k2R/YKwON0mk8Q8BjyyXQDfPTlApRz441NBGcYBCOebx1CG6mMJdkiO0hxiiazGYdH2imvOjWsREhUsxxMj5Xq/cJ5gGYil+v13qOWtXW3DOYMGvffq8JVQVCjaVm9Xu4ZnePd6806pxMkTekit25kk28RvMG5OFLxZOBM5bQ7PWFDQWYnG4OvVpde2idJpEVxrSjWrABSGwkcvYHx/CVLbTj8KhvpjfLDBA6RkjmqVAwAWLrK5+clvQKIlYfmubt2OMrWbA0bODE7GgH1qmi+4UEVY/ZUgmV+7CR7mc9tire6v2K7EGrIIYHz3KxABpqhHOf2yG/HyOzqMe/v537QQrHsJLNzO5FQTlpwDoEy6radOEq2xu2WQKc5OzWvqk4EkJZuYK7OhWMhSBLK3IrbalihfUJYQU4gW+lbkGpehQf0kR9boMeA5PrhbchgoxE2TUAMtHYLSxXKQOc7IttoFDQzgiez9jAoNBhRbQhPSKGIrH5GTsNz2EnuzUq3ay+b7ykFmgDiO8CQJkXlrlafHDY25rOngsMz2DqcRjiixujs5Uce6Acljil2wRJVmnzIZpnUu5w6UzifNWXfYQ8I6oBWPVVBOj/rh3KC4z3XFiQWVVMISU3uLi1bR2/xa5ArBE5wZhAeiiTtyEm4cDeIM3o2vagQQJF5fKz27TCZbLJ1O7lIcLQVVgMbIMiJPVY2koxyVWf8Pb3IdwODE4XrXBziSbSPg9irj1x5jefAeH0mDGHyZeeRXWRnD8Am8d1OoR3MxirQnnLg1OPOQVgOeN+RCzgp8vxTlV7frCcyd1s90MgFTwvFedhnxQXGOO2LFMh3lC6nBs6KxeCs1UKAGvpL9QamyZKQBUTvn89XYMEQs+rbMCag2a54n+M1APqZyXXpzhvvPl5d5V5kX6NFdjYEzypO67UWaROFk3xkKxN69m1eAGi33GxCsV0W/EGGSwwfODu2ACIBMNaNanulx+9UpjVgsYezTEy8WMVDrsJaJhwEVGnacM8apFBWsBW7R07NiFJb13VPlmZXACDJhuQbYsHMdefGGwsfshjjeoIvGpGQPj+PYhU1ZDdqqyiY7n/Hk6r/altgoF52juOst06FzxBf/AuTTdwRPufMcWfPNx2NPITHI3yAG+fTph6s+PUOi7qb8+X/wUfQAW4gxNsvSCVev+Gbwcj/7495nQbKfvnioo+H4b/zqjgU+c6XG1HEj8if9RoZ+vO3RX1+O8FPr819f1XkL78z9598a+g/8629X78FCPuDX5eL/c63ZNC/0O1/zdtw0W/fhot98/aV3/19F9982cuXl2/+Ra/RoD9/z9Yf44c/fv3Olt/ph//IO5//VD/8eCHFb7+8/G/1w/9hvnkRy8e30P3j37vyCSR/ZCmMpCiGIFiU/Xh/2b/slmBx6vvl57vDVzEafQbfwiL+/w== \ No newline at end of file diff --git a/patterns/gitops/getting-started-argocd/static/gitops-bridge.drawio.png b/patterns/gitops/getting-started-argocd/static/gitops-bridge.drawio.png new file mode 100644 index 0000000000000000000000000000000000000000..3e69ac3446156c8d4f9c6afe98022e8371e4f0d0 GIT binary patch literal 88833 zcmYhjNAB#(_aF8I7=|H38?Zh70rKGgz#N9mp_@5#A}}{|jyo{C3U9yztwJO3!@F?t zJ_#~#Z?l`BSas^e&pGG&f0(-TAO8LS^6&rp>#zTy$h`g6U;o4Z{MTRq?*IIs{zq`; z|N77W>wf`d|NL+N?_Ymu@g{^@f0cDt{Pi!C`{&!g5a>6q+rLo$UkD;} zMYb*D0KS6r{g~HfUF82WqW)x$Qfzki`D_^k|E(Saj44L%JAe1zaX4E-k<|4-!q4!$ze)D=OIe(LRCh=`-) z-zWi2|HqH)YTth$9QfYVZ2=Bak+tLdNWLWJ-}MM?N1(sSzcFx%`z>P+ZW3XL_#65g zM=<(tn5My%|Gq#Gf&WJTM!`8JDU+rC|Gn;Ad$A?eKkFWOx%*-bj{Eb29EEM4PW#V# zk78MCK&(Hc`)@CQAKvb%_~&e19CZd}0thAmlIL|&ElCe(aWTVe)}V8H&DWb8*PTI6^Pr^fp~7m^6#;)Y6s(oZx6j!5R4-(DG}BC!Ng@ zNsd&Q;)w{+?g6OI(g7`?Axy)yc2E#DJyKJY@EOBfXCKMcg6XqCPq$m%(V^Ih@=!u+ zR2n2WfApUf1AHMC<&u3x8GPe;*et&YQ6lA9rO6jEck;|ta0TVyn$iKyMRfh2=9TP_p+`~}D>j9nSN-ZROlIigsjfLuZLp0LA3&PtjJ>uU&?A=z7 z4vSN40g)z;G^az#JD13hd>c1dwzy$`2*-ZugFUccNFLm~{&$8(emwAp!iR1Ti=lATlAk0hrFFX^mgw?)0eS1?$AMFRX`Sl@{cgxq#01FVC z^Y-0}pNfMlMYxo0xWz;7DcfFx4wg z?RyG{viSIh>hcu#Dn!X2Y@lGpG;m)XEn48lOIE=4imBU6;85K3W#$@IeNgNqKf^%H5LoY`Do&!d|4^H%ch}Z z?Q1GP09pEL4d?*$to)OF|;8s0>y`ogd}&&e&e^h#Fqyz z^lEJLcpwzYpjM1+;eclD0FMBlLL7F59z#|WsgkO*8r8x1lWtM#pwRN@*1+n9zJpLY zg+dGPDY)FnLt8YG{E!1#LRVLF?}GM+d*vq%M5Vl*q#$?`g}ye#dq<+4@79ZAU(&oW zl9)ds=Rj=|dL6H5B%EK8S8l>tR7uqG66ISm72ssnn?8I=U?pq9(0hKw7?^lzsiJvv zJW^NLY8gf(DU`QCrxXNnFHZ)p9zEHixz7#uOeC$?KC@eirKC{tWiyU%nZPkhoM#2@ z29nHbw6A{Y;O@Y8fx76j4KH+hr(n1x)^1KijaN#c8&ZB=jsv5L%`0o_Yh~E^L(`4t zfD31Wp$K`FbgYG?JKD`aF564hjL=}@KtJ_?v1}QqWT{gJPG&P!m#;)zAy5V4?hfIJ zy!x1W^}}&ZO_|6q^?08sd3~)P0r~`=^43c8_j)>_9ADs5jD~9F_4XDiy#a#2ngN&@ z`*a7oBRi#|skwgfJ1T+ip-}JkH=BraCR~!``tnIi;lOUDlQ99cBAP?06lU7*w%eWB z1J1zjO}t&1z%>Q-FmtD_Jef?RDNJuoYN;4NJFz}jwILUV%VZsYf~PEJe*x$BtE7@( zq40a9UUnhi5BT(GUO(WpXHb*s;q8x6kSU8|z%^b!<&U6Z^(LPs{*i%?CCWNt@~SYh zo!Lz99vq>^qO{$$*4Jzs=V2h{eH(Z@esHOhDfE7oPIDYI^>DAC-<0?aEf6mesC@R_ zLD>?4nG(CzMHFg@AALuyFH1+*CP3#Ji+J3Wxi7&s^1LW$uiAA z{jnevk6jL5S}+c-!a`&tm6g9QqDuoX0@%}1(n>eAfSyzUE#A$y59giSCroHE`%$9# zs`hQ&vb=B+{G-J@1+x~reWG@gD6PfQ+y)cK)d)CHRBt}Kir}fIOP(~)H;E?QnteuN`sVV??{%1Pn7eoe0_^hg z7DDE9lm5^L_@mE4-7i;=aZA5`r?HgBb7i*tQj030@zc#REs6&fN97}PMF7s*gLnSn zVX(2^2|7-+5r(zFCNB~Me7AsGSVg0lnfo9-@8!l+DBLG&EaNU<`u{;#vbD)U)AG%L#Ltw&OEGFU8v~r zDeE#i&e zOn5o+ym`$j7_3Y%kv%^Fa4i&5K5c`0#SUy+T!5r4Kr9)AS1HP-m+xey&%!_@1^9V{d## zc;|nW9Qs#fC0?z%{VQ&Kn*C%)<##=1@Q9rv7COWw@f&|$idJ?bGWg^lNbq?1XAcWCAo0K_j(AcjpMK-e#^1+=An$4#cG!nSNrZCD> zKYF7edLMl!c|d%TJ$R{GY$(FfD1j%_9oh%A>xkVGm+;zWmHeK0_3JJ}X?!ff>4SH-*ksEf z)`HQ=|HfO$ZhcSGunn$SX;C2)1WSI?>kpLu^b=28tmYgz&Bm8qiB=v`0$B0!K3E(> zDurTi$AAJZumGHN+96W%c(7OBD!oQ)>lY&P3vO3sB{b_Q8-_Q%nk!z zo>x?Fo8Ss!deN2`NHN(kq2c#ild#oS)jpw+0NG{z*d>(uf6!k)?wqN=ezWx4X&%Dy3FHu*fQL!R3CK2l?LFPY`l}JFKM`P0m-nwj9@WFXTUf%B z%Zsq#1?H%y0=JyZKvdBT(=5ghuaVxq=o}a;{`B8qN=GnpHY9ze%b3!-K@9(x8zk^7 za=M|d;T&hFztR=fl>e*10^5G1A$g`lCQiG6ggt))t@&*7b^EDfL zma7Z|L*s}SW+h$`YC!eqTtnVF9Y*6n7|x)zuyC*-%A$hub6=nvXj>|E(pR|P~9X?$m4>b(@GILA}p>L%ga(ZmAr-4>G8QdoYvuV^MD@9 ze7e~-v)+YgjUNMd1SLL;oQWgB1v9|>QRVTc*&1%pF0xanPzf#BXf$M@R^T#T|k)Kc_~W)#i+zajrr%xTV%7 z{3nMMu^X?~AnHEmiTi9$7Tzw>*N*4GOB7>-P-8gfp?{4$|EeYmN+S8Y5E2$cC0I#! zuYDX(&m!@dS!qBJS6Ocgjp~#bXH&HC_@X~7S+OuJcpOT<^ZkbcjM5*|ehh=xJF)%?lU{F-ND`vC;8aV}QVOWQP7{M`JAyr4_K#V;s|h7JjfFHJbU%3kh)3*^GSyBN4_U zM_s`0+E0gIoTxmSqq>U6&$nqlOS$|=>2-mR%Z;H(p&(QWcYgV{i*4b+va{*3vTK1! zr)qJs{`w9juHjdcY~g~)kU;r*cU2YaH0hX-J@!q!r`j*MqRAac5Ylg&++-8*iXc`P z^p2rRAKC0fK1|@?zR}>O(EpHYiXtC}+D0}*wlBWZaxDDNQ;S7W5zumMVK&3%8M#_5 zR65Hgp*t{qSv30k*S@|;(>WN2rH>L)N}L)uR0doR)@*A@(ps6sM<#CQNOsFKjjl+1 zbshk6h*J03@h5fPZWWA(1yMGw@v1(J8;BGP=EJW@EH^4Sb_xhrM3CWK`uc*4}*R3D)rS zsBDPd0E*8Hx1rQi46-6%;(MrcX*&)VUgPSu1FO!G++f+*Q?Clz2L9mhwOJ%Z;qLdR z*ixoty#;XZhokN)TN%Tdg?m1~eDF-j`crpR>WP1Jb!u!UVO8j^ISgcrxFy3Lvl3At z!qkG8AC!M?Ltv5L8|YM&mXE)%64$$DFfMqELeExg9=`_%do9*46G9E&z4svB+so=2 zhaFKDND77o)BJY`q1FtDQui?bTtod_s91r#g*LV$i!|Ajg{+64 zBkAnF<=SNW`J5X-)8WI^FOdGo9gP7By!?)gN;p4bEGAyAx|M-pqUd{ylFV1h2!p;+ z`(x>P*Ah6oX1u}<`oZ|ua(+u5J#P|AVLqPlR_K^%7dUKiVXGD9D9JqXX`PEh6cmi) zc3q+U-eAx41ioI#qGFGDreI@=W=QMWjkU#G_gDb)!Si6!bBFl!2TCsmJzZH!L1-qn zkz6bbHbr3dirclEs^sTyRI&Y2o14%Ejkfe(J$3!x5Ji=p5n{vS&GW{VAY(>zLda{y zN5HaaAB#gL!+dUnc!|*b4>Mm7kC25*%zYGRK7QEfx*d~N{JdEB#QZHiNE+)dMzM)j zG8QFZpNv_x`x~u6ZumtIYmIl3>sC-R(atQ-6qrf6X1ez~^2t^)Mete8S5r!(RM}@B z2+L11_fAMt*}iry;n&coxGnxg7;jm>66kI+<`w#}*KQz;#p;hMZFucCJZ|T#S~9K{ z?#XsXi9{CI?XtL>EWv_MFDj@TM5>}|cy`11uqLqi>25N|mXY%cly;s$$Oe#xHxE6x z8F7|AIX;6 zUajem4zWYej$Cl24wy&&UYRzYRR&~;G#>d`{2U*0Kq{XXZ|NuwnTRP*U~7v~IP6Vm z*#{Bp=mh0{CPMN^uz5hYnX|3_LhnuDv8~_7l@IcoV1PP5i&JaG_6z(KxNJUwC47KS z2RU>lw;*>srZZ(YB88+f^pk#9Fn@#m)Rs#Dzz<99oFf``m`q!3eb_pQC_$x1u%~?E4xCTcrXDMU{oo*EA19`(_M1)= z*s}o}XQDt=1iLfynO5E{Z6IC9-GzY}={PgZT&4`El!pxo!mf4@Fyk`OfN57jhB3*_ zojxJzOQj#J$CW(_vM`w2cudYIbMyo0!eWxuY@fd%6`Pw*ZU}sM+uKp=cY|NTIC?gm z=Pc6+XhBx!$1b@8Y7!Y)9_+3>Onw>;E=xA{7>II!4~;z4qbhf9^xX~cd!T;hbjG>PW{H@kAVq_z3R6BhZU$>qFNOBd7)sDgvl1s=S zsQ946&`#vmWAkOyapR*BL5dT3l8{LM+)`@2+DCQCeo{5%X3RBIkeW|0sf(lnc$luS zb8YqpI*0cW2H9NDk`?&gMqEu2|6>^nCP{OKR&%CbI(fL4ADU!x@OER zTI(70o94!K%0D>dd5R={xNDXs3{v;pfeJj{kw^D|ty*~9pE@~EbBmgl_HZ}h#<@>C z^$#+7iB5cf$P;?WgH7Z-K`liwHZHYRA=>I@T^7NeAX)d>d%kNJ;HBgq!N_9*WYC8W zlIS>KCw`NK7O=ar55Nvkkj!I0tE;U%`ZOyap40~&u!^_%Q-zMht+i!yO(u~5ikTzd zH_W0)udPxX4-N(>1Cm!UY6?ahZOf{y$OZ1Gs_y~`v6?!oB9*8eu9Ea}xl(QkP0K16 z=@)xAIby`}rAv4PB@HrkqhuG8Q~PYKto^L#DZdp72y)jMQLa}N6T^A_4pU*5LY`R4 zKbr%&#EKR_CHihukT5l;H6rUvJ7w5x&qUj^%+J-W;L$_gFdj$rk;wZ(JS|oT8F*`> zQL?r!1V)r~RtkI7eZPuGW4onlO;Vp;KgiSHFjxM_!h(#u5(noQgIpE|a+w#z+-Fg1 zenaKtR4J#;C{mnYVLa3xMIp-($63NhuMetjVcnKOx9(&C5InJnqgJ@x4h1yIEF%JN zpa{Vpd%)b_kA+(j{O*2^g(h<+9MjrL`70+>w7TSa{|WA$hKEKT*<$R)7oPCt6 z_ZEOGxhIrS0ig09d=f(ta-YuqE+we(`4OYeA~5~Dgn=KBRrTLYJZlPp3gAbkq2b8U z&(>mT9nuH#vm+HkjrSJ2{l24%bviSSP8vw#mt5oBj13|d&W_;OGA;N(qg#No&NYT; zJIh|#GvvD`C=IbQr2%L@s{s?S#1Kzd%w9Oa&@a-4m+r>r@Jirid-7BMj)K4Rv4yWa zzynN<7m&c2Xy}a~41xm#{La;)E0#UJ&Gi91!iJ1Kenk(M^(IKHEY4}GZR4Gz+n4PfKqQTBJ$mfg{a!^vxxb7Xbe&nVFl+&Ao!=+3beb-Y5+Vi3(n0-~Xgc>w+!>xJBKHDMcx<;ZBa&*9wAK$LWgiF7T zCQ4RNI4J_03DE!sXd*A^%115EVJ#enf~_&9o$^d{o3weHe57us~D=~WS?OM$pZ)?qT&obqB@ou6%%3IX-P(P5+m>x%gV&w zr)njK8*cj274{uj+%uT)kNj7qpD6&I|7O4DWTk^1I&#px8kRm*#r_tAjOfFveukJ% zLDC*ZU8Uc!4l9r)`05*kQ@(BNlxNp>;{vqJYQs(^$yYR^8h0>smpzTD3ZY6{UUEgSWK zWgv`HRyP73G5vV?T-__}xLu!2X?%Llz#0Dz4mSNNY?m^F0Bs3@gE_ zElX}i{oVzQZxE^siN)*4_i)8`?i-k)H^K7_9}ZOH=vqJh2WFh0S%@NKfB zF%?rN!G7NXyF}s9R&I&&9M*>wpJtD|AY@#X_4-IS1QQllg90}>P=+RrAP_*`1X2rg zL4bm^8(@IEjBP z*W==dbK5XvL)x*7*!CUjJNE+aaaTn4f*J z#lRRDz?7mj)g9lUi=Z;F-noD3%79l&JH1jk+Dot$!tDs`1$1h!GkannWy@;TqQjTz zHFjRb8F18CWY159=@W!mC6LdSj$To=j6!N|#C!^m2q{z7_DI1_P;NA%-#Gz*d7?JNthKe*qv?X zh*cY3n}of4!@Qzrzqju4^kC({3j|D8%&+U*F2X4b#@-FAvQTkbaoGr`(WjMR1~Vbs z-Ubj?e`LrSE$EfJ!k(~a)-gW5|CF`B>F>tqx_ywKvKZ8$tdq>UD&ef4H4+E~?}%dV z^Ldn+c5PyDeqmAlWIk)p)?gIwVn@h%k}3I}xl*>BhU5)7Yk{Zw(aax=EshY^+i$e1 zMJRqJyM2;DbXOgRZsYk)AlOjGaiGa0Jl$lk1|)IY5ob;i)S|{1729v|>|JHfN#G8ba|^ zro9dCAQ^!C@ek<0v=9QO%&yiICTi*>%*>Z-2`REGMuBl|NvltP)e|sBQ+W8Lg3V4J@SP=E&1M2B;Rga23$g zU;v9Jw6zBO>PaB00O)>DiwE5EVSRQY>>H&S%9bs~-QY7uThwQzhEZX!tWe92%D6mG z6Ho}aKz$BC*n&Uwj=NWR88a040n=lH!l5Jm8afEz+Ecx(SrRd$G81M4oIJdM+R1*y zlLVFTnK3b7DxOO%n3%9l0#M$5OmOJ%olG^Dg&+tHzg;}9@@AF5|LL@xdh$NGwN;h- z5!>x_nll6Gsv(RF>qoTe<7YxQrNj4S$fBk#IM|CTk!=0-`%70hQ>4lyBU1tFDcm5v zu*7M>r%5Q2S|9}w43`QCP-ikD3~BpTJg0zcZ_HPX@3T87UI4>@;>)->Bx*n=&XAML zykMb5K@>wrN0nvSPswmT43uy6n6;#u?x%wqF(H8G6q!>0RY08bC;@z~2?XD2!)HDuEPzUj zSBo|k<0wLFyOfxkM)Z}gJq=!VViYn7u9oZF0+Z%@7q7qOty$n_$6vY`BzKs|=0LV$ zw1FD)q>Hn37A%^IQk2!?LZZk z+mKm~;BEQ=@UK)6n!8QA`2BjXNNi6@s2KoSh|U8p2V2z{J=SgaR`;<`F*lTN(9X;y zh9ltxZNzLmb4|kIb}zohVX~X;_nL?0GweFT=e>%%l%t|)pB6=h*%m0itt;mPs)hh| zJ`coga&_?G2T|J4K1}IqF?tYLRV~tcn|MY!7>r;n;I)e#2Dh2vn*h?#e)(t2MI&P| zf6m&9)NZEwVw8XfN#VaReQiOFAaS0Ywd9pT`}q1dZM#W2 zCuRS%MyuVI`ALuuDk^^V8mr}akw(^*@MO9n@J$E1_8K!MZMAQf1}msPTi6$p(yPub zGwH&P%t7n=y~*^nlKsqCcPY#^Dk}O|%@--E@aQmH1F6BKWSBQxvtrL7WX=^r0E3Bg zE6eTaMV0|6up8eG%hGv2a)FQ(Yf+`7@0tgHgC?e|_E&2U03ch{H2ov&@-Z$w4tYfh z?}aQeg`#pMWPgE@+ESR_XvwWGb@lm<-`=lW+zcfZP$>s8Q6OuRocBXhW ztci`!eX|CqZ>CaQi2RRc{DHeZT5U+NZ&LXg2*vPRZQY%9hH>d{m(*BidD4ZW^!pK7 zW*=ImKOM^0R4hFBHb#O+d-_nKf5*klw?Rh6H|6{7s*T;F`j~P7zTxE>aqh_W#BGpF zpiYO`W#HPx1Y=KH2KpwvUoDIC&p&-E%|OER_d+e~yCVB8jnFZb=&MKo(h~Mm~NM-3(hxFq@-9lO_c&Gzhzjfcj17&*~ z)i+WaH=$))Y4rfFg9Yd%i-Xr_aIuCO0w1;f!mHkiNuU-0m```Evd$u9j)->sI`B}d z0#lz9JUl@uj8Q%#3|VZ&XOa z#!`d5BA`6-l6^Jd7m{p!9mdGS$j?W}jV>Z|V~yd`xoZQU%EjjWDKU1_gC9Ym*VhEy zEg$ICrwvreWC~)j!OW-m7J!^10NGS=_6K$0A$I|J?@8M+FcW7@;{#4Q2dIA%R4le1 zr2Z(|KC*E=G7ufxpZPR~OW<$VF(rVuzg`qbZRgM&lQ(|D1kDsT0*d$~Ga8qKX|2c! z$s9_l?K&e@GB;|ZH}%t9rM=Xe6ldA%3_!AlT`_=VTen!jL@Fh%XK*~uC7qt>Tg=n} z3so7(B)itFr%sy)G9|YTFa{90R6Rh)Uj8GnOi}&% z^G7e|?8OOkM1>2<|qmhhxlbT%HNnMesZSyxsT0p)CgLRK)%|R z2Y?HpYW-5K!J=&Keh`@Bnxz7+n)vyVUr)&T>qB(qTa#_H$zGv#wh&jGD(xwUKvk-FbEaR$Kev^WOw1o#S8)&-mo`1{#As zBA3&D=?c$B~2{vN2G4T|nl_opgFs{oL^ zf+B}OLG6L>lT4ieRHgE2jjEXa=@&*tasWx;aJzgVDy1Ym;AJO$IT)k?UUvicGQqR5 zA$&H|^nmULk3{Pk_Zai49#9LN zzF7<0ze@UZ^8t+NUmbJ0A~Y2jSDk zYDF3h&I|I}5ik)V^rZ+GPuzGp?+9$}QaWK+MBaVKyF;i?qZ>>asXEqqrGERl_D9G4 zV4iRb0_Rg`Wrv1P#R0@jW)w?3)vqn6RTJF-^4%4(=hcZx&<+@w04f26Bj!uTIoNHS z?znwpQFRDw*?hHyV`N$roL_N=AJAUcfE+^x-$_8KPfT~>x4yghbAo=$Eed&*qIg*; zXjd*!S;SbxQA{NWY!OqWa5=V;xMKDpo-nIk^?cgx>7aN0_-!H6kWi4!>ptdu#1i)6 zeT5-i@i|SMA|%Te?^}DA!dfE2ce>2%kY?z*zv@nenXEnHf1ZOhbmUxpd$sVO)JsQIDU`=I7(hz&z_3(f+*_X8>NL z*b1e(wV)t}BfH}U$=_465(`{#Xplb;*Z z+T>{u0+P|Wwu|K-x4qkI)-LMYFVq60_NVPNrm0J44*vORYXfLRLe87zfQ!0J$zM`$ z4R(RwCrEKHRBbK|J=n`IWH^rk#08~G+79ZF z_6BZwfOPh(2b?WbyK_d`q9|e1bS6tC9S#e07FDSZAt0j{V(qwHn2s|1i&x{o+hF6p zgEnL%yDXn_Ua*oRcs9ZPoXAyv_U|}W^#Yp(wjxaUb$d`($*8WO20-1422ylu*$|Rb zcigWBZ33@%s#;0}n);*w^eu0%ie)E&1(tq`@0i!`0}#62VoBaS82Y6n_$L8y2>xQL z14=s39!bUEfI9X;eB~2so-~7U$;3islmKy5TVl&t*EY;m)R**;rX7*Lj^BG|D2bsJI2CwgK1#yWB`HdLLE;Z>__$j+~k=Xn@JxZLw@ZeJiNhjyi#P` z*K%3tF=^IGPbYr>!iB;2(Mq}coxLF8%x~=NjMFfSr{$uWx^*-m-q1mdN_8K#cWcX^ zkVfRu-e*-~ev?r~@NN(MVTkX$%@JtLfJa&2 zgTq%BHbw^TGtz$KLKMrgpc{i`2l`f?!vAp65`msN%mE$dO82P<@Ob$p&>86<4f_Bq zgAvVX6o~GIe0`fG_ow^Y`?~mG2&xq@rc&kDWHfLV>5;d~-< z1fJ*g| zPs~BeOrGM*aPN@LqH8f~6y&C#@7BD*09n1-$x?%v&3)Rx%T#Lv5CSZ>yv{FZD|DEJ~S5XV zKd8CRuEHda>5a7QyK}e+ol4WW?G^^fxfXK~V}o(!@(M3VtB61NGn1M<)HyX&rQ^}q zv4NV?i)F|hBo8OJ0=@5%IqUEz<24KAo~JP6Gax8$y(!%6RRqlHl_GF3^1Uh!4b%u& zJ;2KOUI2enVE0Jl#M|UUs6H1B++y)%PmvIuneBvIWI{mgy-=;Vp`U)SI5(i{)`GtcFfP9UAZ#G<-0Q4D z7N`7%mF?^yvP}3*X#*X?1_Jkk8dVm(nXQ;LEW(Gv)q=^~&uiMuEOgf_4tC^MAz9BN zdL>W3{x%(*qcUCv$i`|7jkF7@;SW%GG+eGer09iXopQJPHN!tXXJqKnZiwFIM-aVi zl|Lp@{{lI2khIT11=sL(YuREu7=f@%^^Yb8l!x#;@4MVrPgQY%aKAJJ;E&C;T;T5) zK!+Fo>tXNWSS z>i~-01eGM+DtlNXgZ}#5OmF2yN}%fc$|A7swKM5v?>w$Cf>!bqAj(d)lz| z*^9a6@;AQnd4LXFL%)7Ou5|uHPOA<@*v&|@fvXjKvmU2D)x$Bg*bZr{iZ>=vR&2&w z;WKr0^WfF2e{4uEoCuQ6dB|CyEp1+a6Jg<+ReY{ZwU>SdlMsm_+#M1i@#;BvJAVi* zvgRzQ`|`3pQigEgPi+{IX7)Elfli`DlOxr{{y(<91FESlXg3K71VRZNrG+LfND~Rt zLPtSBR1AnnuhKgRCIO^~G!YO%L9qf-1Vw3~DuNV6njirLRJuxUZ%6OF?_clzYvtZ$ zvcfrg&z|zlH!~-W{($86w(&GP=Wbz6(D!$8adI=&alxtL+zfqmEmgpU{V$pP;Zx5U zsCcUeSgQD{95?ZCcR7wz1!LMe-sVnfUS~~I^n<_?V@`rJ+sXr=2LIz{b!ZyqU(dHn^xaH=sVW_@ z2~|98q8DQA5v1Vhr(|Q`@1PtI?BQ%07!IyuWT}sHQwp;-cla~PZEog%O3lX8*g!4x zjElu-0}odp1(z@ncmHrBRVyn{-&O`h{~7-fwcv9~dTs`7{$5BPi+}qec;)vR*qo%=rArUIH;HzV)rlafV zp>F`vmE$L@Xrb(gO^9wd!1aczVX9%~I!fojKV6MMQ##Hf6lk}V@o_(#3NF~p#QcP@ z%1O1Oo~I&!$?7_TDGVCUb3S6?N>B-)UCAWGga97ep=zpn1PoMy4^$L`j)o|Qn$W5m zgy4{H9L-`?6a&L8E*&|AI}sET?&=<(?CW6a8WN~PFb{VOqFn~3O0xh}@SizoAOf7a ztHsF>7heV7pA20usRo4{v8F9IBJ8NL3-I-Z1^|oD?q=i)k~&@2Fj|%i9{fYg@RXIp zX-|hRB>1Qvp|O?@j)tn>;UGF8&a^9l57bOl)If)n%ehc54-;!Q@bnL7Zwo60f|`=j z5kO?oE=Zs~bxhY>In>Hm&Cmy@2U5!roIZGf7r4T|&+z*5KritApU0>v8^j?FSVJHf z$Z>t0Ghue~`HVFuKk>IWcKy=0mSkz^krtjHE}r}G@hj&OGfz6u2NOA%JU*1@=&q`A z_2r#Fp2|@CmAP|w{p0I3&Go#%p7M3A$faM;W?%J8=T#3bpP!qL9H?!a$Z3gZ6XxOJ zz(D_(*G4KukqcGBYfOay|F06b6px>F8ieuxe>scdD~SB$|K*R2iH^|q|LsrG@XoL* zEOqgJtRow_v%SGHrV|Co$W|Kn47N!+pzg9-nL3d0WLLU9zfd;MS0QFI~kn^D_q9S=|5 z{ylr!w;}yv^rpdnz3cmf!_VDPZD2Wi+OZHP6-Y6Jz)V%?*J%>D@@wXO1oh2!IiAAy zqd>SS{#ZK$CNjeEo<8IE zvD#3>IYYGjctgF$*0=islZle93Cxdw_ZbOyWJ;g@x;0nUgJ!jQW-Hy9C3l(xU1WA| zsnMVwOhA6y{{7KB+x30!@r9A<2Y3?fz#_`l_8%ofN&p3k{2vN3iGlEvADCpntMd2= zj}K}Urksv)l1o$dwR>VwNX`rFR{K!ypjUm6?^w`djlGR2ST?kVoexDme&bNb-79<2 zyW8tMM_@HlcxFCD$Jivqz|WO8!kzt3PEWs@z4Ng}i)ky~q$Nku=}acR@$TiHi6u7G zC!#kd7>298&RvzD`{86d-I<*|PPQ)3f@i6m{qM zp^6{$_Hs8Q&9lY_cMsDsu$Z2}QrgOe__Qw92!xLM2P{+%dPbJJQwZlu2!+jb`p^W< z^Di#-ZEffz$9yzXKZ&^7ex1MgK@7Wc2D$y(@joVc`6SViRF<6@Bl+*z{E{Gd27E_r zPF+B_cI6aW!O;vD4w~Nmq-Qy3e2qu$2*rN3JAeAcXP=Lfs{@k{2@urPsZ?#dQjQXY zKdaBHX`X5yV$I6t?A^JZm*dgJ%}{+r7s`rp^~a|hCi3-Xo?4aWiiF|XauzcF*l}1k zqz$(8jK#?CUwcY}!O-w5`HP3;>z2u`@^}Ru4U)WNQ9|x^%hLYd_EL6+go!I0rGGSr z-={`r@%7x{YV7hog5SrJsvVC{-S1~==IZj^`u+V!1B4yAuS(();R*WItJAHyZkw-; z`r~f!5$pwoG`qR?!+#e6T#&v9QF6gtb2W2kV=C1KW&YXZrpyBvq?I^m7kTod(AwOf z{ApP<%8##cckQ#LG!KRz*1q2V?NO2Gu+pvez3-3izB}(*FTtkyJI%&YV`sTVCW|rx zQDj%xFD`4axssEVE-Xw_2xDPj)*swT)lUEGFi8qUsN%O6+1f;q4ZctVZ0_j&1y&G{r!5;rGeZnubhAvg( zr?DxN)n9Rj{XGlR3U=QpwcFX6IEO~EHyykiK64;nZ00ApOXp|b#?r%ld?tv9 zT6+^%AQvM{i=PiNF#&PTF8qPU=GPl95)l)l=;lNOJ+JNI#o8sU&6(T2nG9GN%t5@q zjw!s=tKb1t+m7aJ(6&G*9t0#ILU%Vvp`bJl*;x zb`8qfQP!~KnI-uRje6nz`B2o>?~Z<@JMBgsC^Q3v#J2KPh==L%_WJmhVnmB|G!{f}=*m5&w0rXVC$=gSd-BAmik&@?v2ej5bJ@ce_o^hur z9jG)O!f1g-Qtt(v`0GZ&|0fu!=!T&0mMVj9Lr;u+3;@VUncgB#K8q7X+o zm6EDR4dzsa&{6hJS+E5vc(Ac&qIGqyA5=N>m6$;M9gn8R5DVmXD4vt;{J#BR%ma{k zcV+bo$Yk?a=y>U_m>66?RlZ?E)M+00z-+5hn16t^Z!DBf-c0o z`EKN*+UEB+cg2mm1uToL`F=CHrEuS_y#|#!zlZsB})m+Ef|y$lH}H zBHC@BEloOO0*luThzDFB2NO9RNoP$J_K!BxO&&T^LO5j*bCrevX)mdZ!RbxPdyYu^ z-U1!VLftsiEQC9oB5&G>l?T~&mWB4CHU96QQMN&S1~$SKJpVwC9TN~0t_-G#{TCI0 zMB}&I?nYTXG{5^S-W~~GE>k_g8u9y^i1+6gp9ru4SSQ)f5$p(#)IX+!gy6*EWz$Pw zx^3iMy82H^lq&Wfm}CG;35xp6;<1HD@F@y({1|Hjq8zKBi0TR}afFs|QB#(IlkhZ! z6V9F~wK*$vd08ho#{M7qNz&wJtD2JgKjbIi3iQy1ftf&Qz8zIX0oYrFSOz; z*TRzsL`Z!8vEX+{&MwE*HeHi%czl@U;m+#d#Sb9PzaO$FwNbgH5gs6#5XSPyCWs73 z3+ysQ)DQWet*^1;A3|#mmRLVGbV43+@5NtbK9C_{qdkho@Eq~%m%2uPbduwRqX__s zKK5ar8!Q{7Q^9hXGG3QN&oS$^!2&NlHqZ^>VJh6UraRPrjAzbP;V@FRTnTT=&?=4} zrB6UmJ>=3`Vg0uhovtSHDe9g+B^n6(8`p^1!1pZAzV`3`Z$0eD5<-RU`x$?#3JK1@ zCREZ)s@4a7G9HqJQ0R-7rAt!TCf;x)9Vq+$5y>&k$k~BJ6fUA%nT_KTAgSd?iQHGu zN|6YD?^Ooh0z9N_&0{|rIMa1%kgZ09(nk6lH7IvM)Yu3d!+HLXsF9Wr+53g-5-k@I zUDy8It2dm4IRDb;<}GEncXMTp&!pK(8J7K4AeHKrcvd!VYKNvi%JzJXpM$2U*n5#^ zvbowVDU0-*3Vr}VU6L(%Kj)k8-OR&!ZxbKf7pLs%)XU;p*AG08e21a zC-RKc27t#ZXi-NF@zZ_7Pa4IfsEGIb(;zd^j zxeQQuCGa!Jn?u9ABf1!U=X4@BJ)FmjsF%#0g+QawFNyygXCv)6LlM%*gT10IU!~hPILQtx^YRi6AkQW>MWX ze&YXW@KFw=Bo9?3XHhJx$+vO$p$Gd7b|zi6KI3XanVsh9tTwmqD`}64(`7GS6)1+MNjA%gf3rI03=jWRG{>wgx^f70! zL$#r0b*lsCe}W7NwX>`D{uig>plZB3fi=&+{Q%7iJh7>M>SYD5xVHsRuQTwUKLOPB zvZeDHh$DPPmb!(BphZ8N4w)M`Ifg}#qP4}0QcSBn{@zra3I!omqZ}y!`!}Q#cj3td zqMqC+)G$@3vv&min;x=|%R$M|25y{rIKT*yv<_4B%bRK$n=U!8|u zM29UmF$CwaX)NQjRwk}WBECN`%~tguIifeJ=nHydGZo6jXuik|cx%5b`Sbt9 zSz|Ij1P0ALYX117YG<~5Hed!iK&t4iwlfLI7c*j&wyAndzo5QQ^)VwST~&S;@EZ?6 zfUg7uz-RifW=6@ko$`$WFEj};_TJaeBID>jmp>Pw?Wg=Y*xF}{%0F*tK#Anc$hS`R z8=wn=T^DxJK|hgCK;Sk+4eTosy3kQRnKO?uz<1VAA(tM#imse`{%ebtmVz9x2r9CW z<8-8ga%|DPnZzFR?Wz6jiRW^(nDB)-(jizXW!EsghGv&@( zU0|ceq>_n5-@28nm-jYj$&x>Dgu4Onqysu6vW;WtS(JibIlW;GpNQk_Z!QEBz=s;^+^3pO`wMg}lw)hw zM!crG)tCBn5Fa0z4?f!RGa)KKbRgQe(U$26z-#n5j74uR+_w#zi1WOz;PF8m;DBpid+uIz5?~hAvOSS0m9F^JTx(Mwk$UmU z?%B4)y6|62lggAfsMETh;v!?8l5FoJg-y0Y5vXriIxt=NXH0MO{~<`UMABsDpf6YY zpItbgg|)snW|pI%<5Rov0;@+k9rjCH$b5H&^Wbv`!wP`JR|WULd8(K}St)*z8-S(g ze}}1}G#6MtIB{Trb3AH2pO!A109?mecEU0sY&s`(EkIb^1T4r|4T=h~9r==;0Kq(i z*&a$Zpsy6Q_g;9LL>;hc6BV$>ab}S%wuC@); zg$HVG+{X~a$&3dpAY~V#H>W+Vi5v9gM+kLc6$1<7jg2;kF>B2<9;0j*sEy?_TeaO# za7@!cr7d1EB;WU&Xl}UB?k;`c{a%qD_4D*J1#n)rfQ+Lc-p>E42|K2k+*P8#JTe1^ zer*+&;aka1tp}v9Yb7flt*vqMW!Bol=T1N&aJ&RjTHO&rO=GRVWQ;eSy_BQumeOui zo`f(Sc4yu4BS`@`_*xtjH3fty3p6u}#$CiGzo5dPB-o0ODZ~JN_V*1JovI$bI6Ccd z5-tRo_!$}xCG&GW`=3CqVT!o`6!QX1AdgK*V8HpCGM z!(Nq5xNTp8Kx;#9u><%};gCE)%W*e<6qognKo2tkTRYoC=YxEhDSy$9=F536UalAo z9giXb?hY>D; znw8%|Bv{X}Ic${LsZLmN8>M!sp_pO47xt0_K%T3!DWTf)=4%$d3W!tGulK6T7w8=z zi--hoVi&6vni&w*4;4A=y)UCzGJyGm85@RB`_WNpkmXu6?jPW$wc3 zpmas2cK3W5-8qN3dG85>7u?zS?M>Np?aOE>|IMG%GD@^;C`Pi`684NKj77JJ-?vT# zc`0FiBAQ5G{`B6&TLDd~Gx|0R`j2vNWJ3_-)&bTh zh?O(ZpI>;7KpY{I9^ncY8p1BkCLHmtFu8rI0=qF0FMK2h>PSz~g~A}V>=w&gfD3%e z5K%Yyg(iViXR? zzIz5RRTS4e8~jOYFq+pwUeH8*0)oW|0X*^MLX+AJ{1#1@qP@BgfE5FmT*MB2%{%mR zC@dnigpU8{rCvk-f_4%9_%P0%f=k1d2MZL`E2s}|`(yy(-d!De2U!RqF|eP8nE&o$ z8!^y1M31B!i0)ng)^{KHfkwSHSTc%C|0U)o6w6@mu?)cP(`rh&LyI$o2;I`!iruE$ zGH{Ipyo!gtL96L<;8A$3)tzS21@U245P`>OsQz=3f89Simc|0LVZ*&NIO;u8#IW$_ zZuGI!uk{650ZJ^EMy*t70fH)i8+Et_-vCI%<-dfnpB}gh< z-thAPp0&Nxs)9QIyeBKLNAujBsI}qb^>p$|8}G%gp!W&vV*Ljld+umjkHn{uq6tcz z3g2~4ZduILR^g~VAlE`31aV8}{HgBvzYuT%ssCIE!klwc)#HQy`$yLEBE*(WG6MBG zQHu;Y3etI*vrmf-GvdBYsR;D?_r^=W?BvfpPHR^$=gHZ+&q83Mrm>-5;MW@rofV1O zbR)6nbwT~&xw8y#6mKt=J9lsdpTeW{YzM16PD>NY?Xx<3#~UturqM<(5{KyB^8BxA zroq0Pz&1nC%YnSh*D2rA@kE-1E>8w{{*_*n1b&W0edaByjFRLL|G-*yJP%*h#gyQW zpTPLPsLOyGV^jd*DY~j2`8VaokZKq$FbVwDBet}x$K>S1zp0P7A<%5c(Xc;|9w-gY zjM&5|Xe5xsiq7==(f{O_aFLllMVH4Hop4CNKDMibdOdhj3S^~~90df*g@0>cLZbLN zD4QI8ye{l0XMvx+vc*x5Wl^PoY*Qv(rv5#2O(>`J7~J%^9f=w{^WAApu7V!u#zmw) zus4|Khe?XOY=?ga-jBB3#gPElzkeqrVLysWM%xP>VrANJSc9b=wj;M}f%**M3Hzy^ z)18ul?99kl4}Ay9Qc5-@7aJRBq4uKJPQCJdEaot}Ad-Yi z(;PKeUmR0;;0R3LWuU}5L(*L66{tfLUD@CJ04)1t87|_tJ2%wkrH|Y-UipDD$uuba z5Px~D^d;Pb3#6kmfwSE=fvb8845;YL6Uz^!=T%RR4Lva7m7sA<9)r*F<30S``;Znm z>K;JW%S=F$cGiq3F@Lqx0?wDGV9|N&w=;%EAh1g@U^YMW52?ZfFX!RYj;^cQ`cYgN zx$dI|a^p|BG`jkLV-ql*2gd255f_TBN{ax<{rM$w={TUp5IQWpSVF;I^`&9UL*{o% zrZgsEInU_ZuV_Q3a-D5&mMGtABkd1nD`TK#oPd~E<(}O5OH5qWBM#6tSj!ADFjY_i zsgo74`h!-S?60II$v#U11(CBCII`r<9}1ouxTzJjW&H8s$>#}(7zVa15a-`5PqeJo zbIV#i{sbN6*V>@c1)s-9N(mkdN*k&6s?{CjTxYAl{snZ#OG>gTHZ-Z_q? zMEc2w0m^22#H;M)_F}F1*n#NX)pKgA{imk^FP8?kVOQpGTo?vW7zQUA7xQ}=tAAziDWlxe|RNF3AD7teZ~aiYcYi5l|qa~Y+!fapAP`({z)N_ zAYl2K&_b6O2_zT<1qr8Pi^%R<@MfTOl>EQWChaIq_r0@nIe~9WNQcD5@aa?>WGoT^ z*Yc?OmZ$V5_HlynQuNU?@ENe$4m8n^NZx+9`O+hmhoK{Fx>}rSPJ^qjd<0bf-kA%= zg{;w}=`=F?C zd8xESng>Rv7*7!SufoYjz^g6~WGai&(zq%NaMx7?S2N(4DKWIO^*e@4{<}VD3G_8TA~ZLLL0S;2 zE=f8f0xIe!d2&Dgsi>Q^A?mr zpgFyRoo||GDoT_Gs=M5#J@E!S?}ZTGkkX?YEuqy5g~GdYo>%6R zX^XGZr2>bQ!Yl!fhV@oPAN%~JBPT(qGX5AhTSdD8MhIqxf)7;Sv3x_KkEmWVilPm> z`Ndx_O>BSY`67OjQ;M2l9tWxfD=kp;xqI^R*dY**y(i~WX*alx$J|^*(8+g6@1Cc; zri=&ZEJnnLheiRqdT3DqCHW2?nGa;ZyZobIATmo* zAFkr7`j~4JvYBfr35ayhgSY9H8t&Ha;gb-Wj&kKkQ&ymnWt~$@&U7x;N{Y%MF2a84{ zOH6wA$+jQLUezC953usVqUo2nDQ(m)C#3nzz1hql0u>@gl4w$g8DefWF)rYrI5us*ns-0ZMyg|B_~DxXli|S< z2@3ibdp`OV?2YfV&xLSTC2IYtkzvM=8#-9zg&Xd-xX}XX%{s3a9J_ge1pS0*=7)zM zH{M5J4*raOpPGQ^n9+Uv`P(;#s2&r!uhfxn%c^lLZl<*!VbPi01-986m$P2a>=tdu z6M7RIbs$=Hd4L?o=fQWRcnFV-CotUzw^a&2Tj-$&)2(2=WHZW!?bWRdj$e>w366KJ zZX_Bs&b)fy`@B^S6(GpqMTU~cw`bXIM*RY93|tG1s#7Z5$b&3t3oSq0sETD1alKws zE;(g=kR-&4u2U3nP6miNAj)1#NdSZ>+&)i z#|_qCwJWQd;|Yir&Cfl-wqn(2qVaN%@2@lB8?!GrMS1w+9O>4+&u!1J+`N39!F{(e zekP{y!o!HogKQiEYwJ3fa^eZ}x5iVa_iMB+I@$0H)oTxdG?ci`2tQ6!rrq6k_G7@| zkpeFb|8eHxCo#s0h>B*5iUJQGHEjH9LUfS;=juK#b85Lvw5hI8h9kDNVS`e?6@8V^ z8%EsGgl8eFKc7=9T!AbIuC90UbNmYHy|cPSnC*`EqepO<4)Beuoq7K_i<@w`JSN)KY0T!17R)Vc*>~(cXz$M?1ypd#(vR$E>eh zm$*2!M;>Pwq~zM?>~%lOtnp2q&sRTl#V_qm&po;1F%WM%GYL+bDgAM(pvQ&_DXJHLR%hu~fKiDBwN5PlvcSN4_w|$Fc&C|T z;GlMVA2YES9P2s*OfvOB&QS~1+BpToem7cyiWDT4*6pbC*pIk>o7g(A?(U!FbC>B# zceW!*d+_>w-~yHpfMDL*U>}t`lm6u-`Z>mnuZfIi>YkI2+*dUX+4prfbzle-95-fL zc$Mla&M?@Oy>R2atF7Be%eS>1-<`=~bHNcd z(IUW{O>PZ+Uo4$%8;+rAQvmL82(&AdC*{!rWs+p!WixJ^Fk4_T7G zy(r5S%=gONT^v_3wSLE31j5`IGW5{uUBZOxl=xep)pBJN=jLW2x|l^<7R~KF(yHxlHPzm0NL4J5`_~tOzQT(u?#)me zmlN%+!$03`fGC!5_dpp4490;#G4jSB^|@bf+FegcK+L51SaS1_3B4tEF9{HEKelVN z!wDhQteZ7j>x?X)#vo<4*LtJxa31`zzkXgHu_L@oEpJ?SWfkDJO2+QqJWzSsRC{0z z<4GtB&Eol6=~x1LwC~Baz?H{~oj;xjf>-PC$_XIRBO(-P?Bd~|vi9%?Mq)K0&Mf|f zZ#z)S$JW}z3I%>c>n5XXg{&cStpnCySDWaRR7NTRjfh$Jnyeh19o@=!V zum`tZxXJ(ewCDu}cGwg)NJ|biI;J@f%3%}~koHg`lOYb@d59po=lv(|jGno4D%KGi z`iJ0&6#;my-}~B~>%UI)T%B;@p)Ozewi8`hsNG5~nSP9cRA2%bqk5{U=bVs;38#aZ z{4Y+&#nTm6(i^r$_B~Tsc$6X@2}}S(>Ic~)6}xT>>LfsaaGl!uHjfBtX2tJc0bW;M z0;Ded{6%i}>pt8U8AVqbGD&^dNgyn{X@i|dHTEwk|6VQSv~de>Y+X=3@{=;dSlU(< z)3TSM)*|}QzGQjXY*=X`fq)*lxET+^O!~7oIF#xm7m{iSw~-F4o0G6J7kxn8t(F?P z@HBjSR3`kvFN8t<(ol>hs5<$ck`kzSb4)Pu9w9BIxLXZ`eJSXa9TAHtM7T!L((H9r zR4X}>|0~O9|A`qKas9?>)V0{C#;=0H-{#J@U(B42`t^l$7FBgUKTv4kuKR=LWx# z;g%Nb{=|=1v+~IVK^yrz0&yL~GoK@9=SRUQ+5ufB*>k)#6G!F;A4{YMxk=-!6FaNI zi6n+67iHyBL4e6V7w-h>aK^ci7|ui2dspcrj&w<`53u=K7dSQ{qNY>7Oq`5-&W(C{ zw10CxPg7%3Wc=7flGsaOc2u+hv84;KWZ=axRYag}tvSTg*pA|2oqK{0V%&jq>KmKr z3g%+Xo5*D?wfrYz#k>c=oidJ!_Kgv9gj!1GX2#Bh_VMgKcnfZ}ZfDTaaB=3avjz@( zyS=*OXY}{lFFgqXX)is+hH;CcYRhx!nF)ovIs4}#oQ+x|-e^@`2_voAaDPqh1eo@*Y)j1j{KhzSdCr%&nq)Df@d^D~rRFvUg?O#fM_8u)5In0=q9y zS*pM6T}=NDDP((o)wJaIw~%2)6q&M&T{;)>dujhm48QKcoMQJqxvkglQt|<)9x|aY zreg&4>5>p@i+YmhuN@L7xaex-m(j5P`5}S2t1^iM0I->sh4{TRSl>F;N=9vehhFwh zMLIT(?I$A4F-i^<+h_QVEFg9uiz>QzFpbX!45SBG|X?WK4fF6uR&6S^^%)Y`TkVN?}RIYGM#^rB_AZ_!eckeIh7~>3o<`3bQ zM;dOTnU`~``AndFdtHTBwvEsX_AY+OXQD6P-rIh=uh*$)`MX&Ql>BQuaS9wra}2kr z4%z_7VQ)Xy0FYjzobLYAeU%g!pr4L~t;c}DNQ>Ej*w3MA43Kg%8f(0DzhBrwog=`w%_G0mSf-AybC_&s9ElC>D$Cb@zKalvrCW5_ILaIHX~hU^t8Xk zq}eBZ=ifJqN){UpKCmi3FI#gJvdbV9kNK-sC(eowH6!}Qg2)BYDz9-Z%BbD>6y7JM#pv5rpX z|M&tj(g?&5s5B9K>xs81C#ZK`Z$3B=uP6vB7GqfbG}e3#;r^yykzv@&kg+d@P1IRNdEX2vw3ep|{G2i8sZvTL>DyB<7 zqnUTCKp%{E8wbBHR{FrLvm%Nw>|P}~lFnI?r$Dq41<}f*YKYPFY#VuGv*qg{v~=Io zR4%ViMpmJ6>}ye8X0U$QFF&;Bh-^l02iT1C--i2DU0~*gQO1Q+-nt7feATWXeN}%_ z*dSDzZ@eo>BxTbwcjJPHrC|0*6Dv%@(d&c~)@UK?4g-$0AcG2uP)f9?1kVKIS78|S z(OK?70<~;)()~E)B~V`K=LdmN)Uh95v!7M}I&aCHDHKMWA@EgZq^Ot0GoaTB26vU^$>a zn{~b%i##_PK$pNn=qptmdZo*SnlJj^_(BS#@b5*h=Q!&44P+>bKzrB=@YGilD{aKr zpQJGtda9EU@%!qT!dW|#Dw#}UUv7FU8@?MjFjF4=dsi%eeR*HL?{#SVgy0~r@7Vcp zyf|flMSW!T;TY4{!#UhQs;6w^If0W8_(tSM;wcmWo2lNgidI>oI{wj&f%kP`g^)E? zM9kiO?j*#QFWLeZ*5LOZI3Lk@>fxWJ`Q}VNsD?28n7;vsnL=Qs4omy|hm2-JMaMaF z3lL$u3pqA}Bk66hYOb1Z-$X9U>c_B6aMIYVxo3z%*ffFF8o6ZK?Cky9Zz>F!#*{buCSN*uuhDM?C`xL zW`TwMdLnS)$OL4{(KYVOGqZsPX`V1IP29oTNNOqnw%EZsh#R| zdC!g=^p=uOVl3;(y##3bBufAJu>@yLv^1-3iPOqf5-7iHF@-x_26)-E@n`$NQ`qJ9 zV}4vmIguFz>YEl}pS>fJ&%;l@>9w_J$O~3`Nep^|P>mfr(Q!1Y=KGg9E>%B9+V8L9m4l%7gVP`$sge6YWKRQRvR)VDM1DFl9f8HAY+=E2Bs zj-4;RI^8Naca46BDj{}HV~ww3$|Rt(jQYp&?$3r{Q6N9DD=yg4oYctMXRc(Rfop2L z%0$AYLzLUK@A1QV@<_PLc&OH!1VnoXhGTDjTz>3@`Jq1hkF{2P)N(G|tHR8NjmO62 z-!+Sk)1tOP^4iRsfOzovLnVb*Scp~0n{mScYka28_)|0e^b-4Q`cuKy=+nnRA|&(u zx$imT^2{QWYsjP`OlNpqh9~dra^odBTylJKl=xmR{^9a~!%)v`}T9yV3>LV{-#6+KX zsXoH{5)jP9m&lEiSUfYF^GM%$@#iUrq^_jm*vgiUr1UTXhBvR^-BC>gqH3tQ90S7? z2dQ9w+sutOqqYaj*LM$-@jyqTj923UY2NN?4m@3sbJ9cJR^4S}6@b4FU))s1(~up?47# zm{*W^JHi*Gg^1&~Ox&%han;7td`Epor9hb|1C*v71@L+Fh1Pu^xYs5NQ7B79B&JAn zUlY!3G|DrQ31QndRiROwcF?sY9Q4bmpivjAhA~EJ+pdkAn_x}-8o2MgKwsI|&?Nz8 zR>GD8CkN7K(^ls$Mpa)11!zmqZ>#pJOZmaMGP?j!GnLeg6~3}_3KX@(crOH<`rwTy zC4o6JYs^7fOW?g}_jm&+7IlwXJ_!+>cpg|ASViw5I?tTO7q#jp27`$r)zFLb!VGsY zG#LW-yCD8Okn+JO*k!>rQs=1c)6%68m+R-6F z^^nYJufY=)j%^va<6k>&Ot-LU_aC)Z;-t0XO_LaedU-)XZ6o2HPRI(ApC(8jL(lz{ z^%B(X`$ZbHUmGG2o(vBQOl9XPMkE2(5@nQtaO3*9JCa$?<)~vm-V?)_aF;@>{)2vR zO9zbam%0Ni$^5EjKL*R>L1*Ag(_2agYxBcmZv;d0f)+;3UYY5+E3e`;ka_C9A+2cU z0y+`5wvrDhR|#P`yFp)sM{faXeysK!twgOImZSx$)1WWq%Ga#(K7E52iy|*lFci*x zx;c?Pnj5vl@e)H*z|^4nYenmI(mX}$TaVi2!voE)xy*>`{jt~*YvaYn{kJ!C8nXkk zfxq59ct~jvOci#5!;=7wmS#hp+Ms6U@$unxs`N(b%P%r|SDE`F&~&u!O8NTV89QsA zeSdztpGqr?Iyc8M{seL~1~p5BA{ulks@>9zd{MXav$N8rljq5)`&Vrag60kL0pFSl zdhh4ps)?pegM&Fkh{790S!68tPWRy&k!P#-Tu2v{Xg-~Nc4F>46r3~AKSuJD%bp1E zH?&ejbt+`NJ_e054z2iyauqeb|Ph!z>Q^xlm4Jo2nvrkX+43gLK;$_OSFGq z3@OUG18TTgpmcZq!HJvBi=(f8(k3cFna~;3p*_7JortNc%V1dX`|026i#2-Nxmr=L z&pfu!p^XRarv`!F7>~AVy4BDB4isPq44z97rb-^iy?!Vy@CBZ!qczw8F5InKqgB#PUH> zJ08i6idbKi0}XkvY$F${59}8BfN@7UywaXDUR+^-YeFC9b*+NHOPOyx{p()t3x%wV z1Om~^0;2@ik)jA}tV?B$P1@xbl*C82eyEiMMYH-n55?_*QLY%J)T*H%p&Vz6H4}@O z36flsNKpc9x^OyKxjPLMyKS$6YBLyAIx|Qj(J{PRYTSQj#bAh~p#95@X5bqmQ&cuy z7=aT^CK&rP?uP7!gBo>}rWgO_XhEjzdX=E{=LSSiJPPaQ#+V3PP7uAyaO{ zq3_6k&7SDx#LY6vjdH9wq_Erap-EmsYTduPMP5B+s_F))Z>f7!%9#V7H+G}58T@=7 zar=t{<Nv854s;zqd&249unanvzz@*Zh=9gTBpfvIoDzX5GNP|hbG@FO zDuy{*5Y?MIB=2I4Zzc3!Lvv!pDZvw#(E|-Jl|o)8L zbje*&a2rebow3(On7-ThBE^zRA34vG`p+Yms{qxm;&9!HDvbI#P}aD2?Eb-@kz&ET zJNDLf=9uB#$(sl0U4-l=I{ZO^ZZ*WPH$mji8^nP5sR3%-gyA=%YcS>1g3&ilw~Q(o zehh`o_St-6(|#2&owWIZFyr9OJYdnIyGv0ZbaR&hilL(Rhc_R*7c*^5K|;+$8d--eNwoDw`Zo?x^Xl^$RT<(L_d z_F5q@S$8j5QXl>4+Tqv6%k@0p3F+?yccbJ^>aX>|-N|8S@%oU=7P`zZLg(nAS18 zx4UfudXT;*O5U-!p+q=NJ=8OK5!SKDTh^t~7oHq36K=ipDO72)so~Z`7_{WlEz1wH z4HH0ScH!k$Lb;iI<~|q=_zp?Qn+r%xciv3@uI$=*!(3bb#+_(=nJjtPYmIw$^sLcm z4!`_S~|c08|9sk%?pHoFZaYx{g@N@lozk2-0EnC-Ufy|JD+6Q%yOSdNkFU zwIBSLCMRkc&ESDwaTYe830)YGP?$10bQ2&bg78mjZ_2vEUTVym$D@3nbR&&95`zn} zDrupj4CQ=$3id=Ti@Dyyn9->9v4E-Ts-DSYw>#m7I>WlP z_b&^|H^hrhp-N;et^g?K*%7}<*$wW_Q_Bqr0S^oCtbph=!vlja_YLbj%n^GdaMiR` z7X}qW_ncJBdIHu6W(&kW6`$*Ir+-MWFkX=A=x&kW!GFaUed|12Yf5Vre1=e9h#7*) z(sen2rzM0i-}Wv_0Ol-V(9-?E``#}iq5SuwX{CuL6Aq6YTgh7MqY^Je7i7=B*poZ` zMqA{8$<5v^O$OGR+5^66=k8pQnc8}VYDjB*>6;zGTfNLAl+wZgw|7jgN-Xd81YUfI zead77C0~c}tzWfzxGq+|7~{d(9mrR8|{FLkfFn-Uz`;ZSsba&JN-}-&k zhY2vBpskXS`~HPl_)fkRwvjHB;mTOgcOzv`?W`?uidxHI*;7^A$jg5XR$z87Q$F_efA>1OUK}N z=gzINVgr(NIrdxMm4yD{s28@qRq6f5=7Q8-*_`d@s6jj#I@qwtc`;!nt`->XkEcA( zK%TV6Q7gv>H;|&d+ge#VRU>%dk9Zv%Q(FQ+X9%FH633>Y3a3@WWNoxUu`=SG(H)KOs>9dT8HehZ7VcEA(_@gAw-;V+ z(G{|2hp`~kKHOkO-H8ZE>VIq}_p#Ua)!vC}W+GvErdF8Akq=|mB&TZoU1;9-tA&YbOP~YC4BR3ZV?+h`a26 z3eCkl$&E#c)~Co%E1Ye2n|@mS%u?8qK$@@vlZuau&E*^3it(^C6o|ppE+?-@@E>X# zdma3-<_I>C)A$h8L8E?4v%uk-ZT;T5)IfFOkyK~4{^2$(vKp(fx7S_?VTDmX-*|zUe@Fr{7US7`J2MCa#jk3S!x7=L+4EBQU0kv%1{5spD*F7o05PH+4z+X{5z(9)18~|3jHC(QC_8*EMxppeG)OK|jR0 zEpZNPr>Wu=Lb+UEjvaz~zNj`gDtLmtZWkXdy#d6k2T1zbi7+jUcTdbBw)QAAp138LmgW0ww^ zGno?c6q=gs78qQ=)_Jb=LYLfybbbYX*N~7*ebaB;$d2nuX(ibO4hHX`}?*(1lAMpC@@giYu{7mHf}m2+j)Bu_)Wqpub;O4juyZP<$3k2 zkNuB{_*iD06K8pUCMwfBuC`QrT=KS54_95(oDfB*A#_6cFt#8H(QKH&G5^IJ5sVI9 zzfNo3)WiI-k_ztp3bV>`5_Qw0?xT4afx>tiUYUApqCfK&HopG1;{1!Mu_x!yqAc?n z^JrQ0IZ>0W^4={oFV;Cxm(o_LdvuGiZ`|zuu%cX~^V>jrcn$Yk62jA+H;S+PNmI9r}xP3{<=f6yt^%% zcj8Chcf2h-#t7uv6&&avf?)>E;2yJ^*4xLUC-6y|U5pfa=lg#CuIN>CfyaWW+OUY+ zjrLTJ>BxaO<}^h~$7#dnGLCmrS*I<%kQ1l8iw-^6m+`MVT5nWOQ%ZCjdK}E38xf&| z=&{x2Y7@K?g3PycM}8|o&T^EEu~Qx6B_8hvINsohLDir(|twy0J^=OF8wbg-G;h%n;_;kP z;#Ml3S}}cwHDs;Hsm7*rzVFf^t8XYHDa+RuOE%3ou9Dl^OZ@%Y_5E`25?^2AB|%?n zhuK|VWh7>+)K>S^x;rQ9g+s@0r5TBg)M#AuKsc0k$2cFOM(1cIRl|YDm<3^v!2n-{ zPi9&BZX(m0&Non;&dl^k1>_x>qQ<>ni~wnFhY`|vwGs#~fc*CX9d6i+0O!0!z^&aS z$5_$&E6acR(-SL<$~9`{Ruwod0rPVFZHO@ZU9#ay{581joTOz7;QMYnq&%Oz1!7e# zvI5VPFtjbR)?Lqb_B$_SxyGLWqlzs9>o^4bQvp^}8rldBPw+i$0$(33nP z5q!NV3M*`ioeGIOCR;=y_v0>PXPO8r2Rx+4h4IP?hu z(DKyggVbO!faSAxW%*sR7OQ6_4<0W*Y(UP(A=3% zL?0<3RcaXM?P2yNVR(e&p(nhwoRy3XDOf&Xg9>`Ct)Y^ZUPE`h?eT*kS;h#w7L&(= zTZ%BHT3(PwPp9o52xkO^G*p)@fyRbAVW~43v^GiOl%+O)wY(hV}q={Eo0Te_o8|zOX(3Fz^eVq zHJS4UaFtKwe;0FvFy1dTg2QriZvxWEZleJZ{LyI*=~q~5Tq*`47cq0Su69~|p-CF* z=b`9ZcT)sL4z++e#jijY71W_;4Hwc$r1x}F?y(f(sDd+9jNa^H} zdSuukz$)0Jqietr!r*lL=kXAy9e-o-7-=K0=2zR*b1B$7V}`WoX(}S55vX$BR*`zg zuwBQ9w($MyMOFF zdSb<}m?6iXMhxu*Hvj%R9>o!p2nOZ?vpPZ{!oKWMyoY%I+{eOjV_tY8z2GN40E@Nz zA9Zu1o|SQ;_*857kWEnB0QTDvYxX?Xr(nh`SX(IW3}@w5O|TiX=pllf0e=biD(A2C z*Cs0q^55QmneyoCv)jy&ombagqrOsB3}BwY^$pjJu}c-}Hruf->j`ky`eV?wYj*m( zZK3o%IKbc>2`C9^19D#GUsmv4ALj3jq`v_S9`X$1<`?m7c3-d%IYLZV?7(Xvm4*uzu2kh9^wvkLJ0}wFMb>U|04uDiw-@|M7N;3pdu^!3}E~@n!z! z(Xa}64^~AAba8b^tsB!-F~H5E(6IcS1JH`yfSW%Z14b0loA>M7o{|bg{t(2%AHdwL zFVl0ju*CfIRkQ!)GB9Y<>l4V!47p1uP#a3lTHgyoaFo4>tm`@52fuvej;X7|Doo6*R;>(ZeXt_qFDJmmtd}EJj-5~{(m|Nj?=W7> z;fF3UtpE>@y-?+4`T@&2u~UKR`ZzyZkcaUZ_Gd`z;e1op6e=-w(c!yIhl`z3-k+!~ zi4WkW&ZAb8^$Y_0!co_j)szF{xBHc5!3(R{0CUQ%){^?a% zVpD;-XsyK`$d35fkK_<*INb|k85?Y(z%RP*`w2LTUYia-0v6VMd5F|NbKY2zp7!C5|Q?SYq64gPiFTmPvb@3jcRq^5B6mih-$^s`+z+B!%h4!vpsOtuKCtvx5`5;p(3qv zAi;gnL1VDy8>?{kF+VHBz7+sC*V84Pu)3-ZUu@}vnABMqZ3v-Q1Yb0IQa1jC+y%nv>3OUD z8z_ZSlV_+HIXnfD6AIz{QE52OB;SYa~d1 z0xEI|KyrP5i6IBW1%>_dVG6_m^>RU>^}Uk14L+dOa}~RNV>SqBA<{)(js*AR*-s!d zvj(nzj0f}J*dzea`#G__?(xmlh0o8sT7LfDUYsSjl}=KsmQjaHxJXgc!gYV$b<^>cd=s6BkZ2 z@Z@v3w$tJ)j)fwBfkM|<&@0Yz$T$Il4m|LA6PRz1z+EG|%wPNs|ITb_6=3#b>Dv+k z)}pgq;LLhXgmSpXpxx)1f%m~#JG>PwE=2nR4ZIr6fDL6T@WFaMr62T^?b8XU@8NoP zf-uNW$=bQ$3LMr?3a%M|KFGIRO!NKFLTI4lYZ!Bk;E=Nm zfKH0ewiX|~?7_MTj20P*mJs>=Ik11Njvx+tr(`_EQOxK2r!r0-zCUNZUCIQ{fm3iNgqTKz?9Yn4wFt%+l!f}jOyaJ|8afsO+ppbH1kHuvzb9XDM*$mOfG3}; zdsAKqJo!U{6a;G!=w?$_Vg-Twu3)esx?z5|>AWO@OdUtUs*_|u)X|a_^AOsC0k25bh(fYe9+ z(;E6M5G>$QPAt+0nB3KNUPA?MgZ-zCPsaT5CN2UJWvE;4@%-pRh&q~Q27%Xf@%wJ! z!_O&Ksyi;H8_MQrSr{%(+6)VLZDz<2ZIFBIYSD}zgh{ge&z{aj;uT_NC$FPRtVH9t zlaX#)dgjjI?E$4r}w3f27<1Go%FprkZPHTLNSe14t3PAd(qZp9L?>C?l3KnBJa09zJK{ATC!fL;UKbF!HTi{u7K2$-lY*CnZ{uIbL{*my?H&gIdpY_ zU9aYe*!Qsk;CT~9StesB2&;D&I)8Vuz9RHrLa_Gay_hI5>3y%8tNf-0xdRD?EK^JV z0%saq3$q>#sfSjuVKSl8-HA5}FD^o|Srcj(l%O zz8=Pe<~|<}Jh?ZN1b)+G3*7RA!Eik!HA=`_Ll9PYA&^J+ba349zYm+)>^ly`8Yh%Z zq*hXm6cmtN-*B5nX7Qk!n2FeMVV%V- z8+CErJ|L?Je%oBCF=p2?H!9^LhyW=MX|G&E8MhSvU#tiq`|F}Q6_#5NIPdkQlqk)Q z+#VK&>rYKw1_5Kg&OzJGSdA3Bt}MqC;{spIrHQI5JQKhTVzGEV>n8Xa~4ojB38IO)SDaReV9Er?1fhjBk>HY#@8SjutYF62#x#e z#$tc<*I(?fo@O)K#XbA)S3jNLoS)EPfAx`Ij06;0euhM+p1wuT6%!Th>Fxg^r7J~_ zlUlfwqhzgC9fqi#AeKsieJNUdos&;q{;@}FJ0WieadBEj) zBq;yCDyCCQhXg#BnFiflx)yi5|IC&92ox?llh;pxTojX?9Sd|{kYnA=b& zoC0?w&m!0zY8n)VC_xIn6Ayb=2)G)JJN$*GV1HQ*j)S!J-@(z_?Dq)5ve1Mkk}E3^ z&gUzRexIfQzjN+Z=4!r679{vRup5%0Re|`D<5>nzozL?66sD=YvkW-eW8q~9D8#Xc zEvcFZhp0Q^#T(PmS7QoIRtG%v_Ko(g6UFp8{dZ$DZ?ncoe#M5LDT=GP?51w|19Hl$FEMK3*jtHWyDj+nDdwqa?Lr=i@ z1^1ukZ7@|AI?Va}8{9Y0Y7eV}zB1yE5mSOW&Q8Z?k+BENef!Q8mXgY)gn5P+ zcT3bVI8ZmBcfc>Z|Fp7Rg61I1KmZLv*b76+ij~L*zIqLX5sn|Xj*0IQaCI*Lju4iz zQEsW(=YyR!t|!_*J^q`uZFoOE4)#>$q^2g~KqZ}a5b%scwbcmx*N`H(^RSMXUO=rv zg4C~-CeIfSr?b@9ZxVX2{8-W|Sks>l1o3Y-KzWnON3q7}WY=W6tzzY`1Lt&&XK;s~ zUo?7?c&WnZnKS~rS1hX);o5^C&kN}O+Z2r+taj-F;7fZbmyfcz=T`=12Abr^vvB%T zQ18yUQXB}vt1`E9OiJdDNdu{QzJB5m4AG1f~;F%+mJP=g&=i6K3twGwa1-qsI8w&wTDc`Tj4HF3SQ?~1TMD- zJGkP; zF1eRF$dpUVX|hGqVEVgL{>ZfzIm&PYNa#p=;Bb&XJArR$7@oc)ZWsi-?ZBlz{|Rl7 zeQBdUHvTF9fOQ9Q|o28CXl%0@VMzRCXRvhP?*E@_JHUB1lx@?dn+x{Lb+SGJ%c2WkQ&Ez}Nkp zt=p2T3m_U3FR!Durkg_=zikHz)T%yDK~_?G1P9auPjsv|%la55I2S_11f zllAXTnYVrl_7LMK{fu;cnZFl8V)lqKoDMQRNd);A)aDO3n#v&|h9{LhVQ9Y~kmDvs z30js{#hb{7;eqWs=0KQ_ty(33V#-%)FJK2KehhqB2oARaYpoj?mVug$+lUt~f)v>E9tp3L9=hFg^slQY%N2cF)UaE|nQJ6o+a&bW+0l^gp0z4br8XSnA{38^A5`kyheD*6@2Z@^vhY1R%W{u^mpNX_uD4u!G>K7;jt~ z!RxZ*%xU$WyCt-^3wNXry1dA@3Mt{!VGqr_Os$!Y5$ea4=0iL`h>6;DkUYK<;okJZ z>47Crn3ln-8V11b~2TFJ_5^o9owaE>DQgFm$PgqB(=mZ zpD(H3NdOlj0RraRVYSTSOmyf|4O9=G_r^lHlS09~gy{Ro5>&wjk9 z=f|@J+_&mGgi;yUX!E;-2?#FpCjh7;ng0Vf{#fSBwBp&T6opnisV{nY>eWM8tgH4D zb}g~4t7(^7{~NN@NPe~_+}q3Ph=Z$i=Xk5|Z`0bl$kC96yhQCgUL^jFi1Us@jDpf+q{kpmeio1Z zt1ES0-ZmoqOhFz#q4VmLVV{K!&U(eR586>H{&5bkv`t^F4YNgaBmz%S?s_8YDGz^I z7*SZ_ZvpJlsb5w4eqQuAWgKtzoE|Lr>|5ts5>#d9D=g2k3oe=;oc`IMG)vX28RUsy zqJahYQ-?q-fu$o5+s%UI)rE^umBX7yO!GZAHy(U?pfN*f?il*2?F=~+k$B$GQ#E7E zExQ7Bfha?R8IrJ;ZYL|?T6m|LPNwx?jiwyKuiOIYNgwqY5f_#>oFzX260O_LwDcm^ z5NJiyDFSR>t&0ZoZ_9&i`V<{0ZMkVHTgae1H3#r00DhmF=~&k zD;N5Thhhz(ME<>4s#Y@7VQRqrjt9#EOzqtO_o0qn@GpV+JfiIZF-B}7D8qa`~d?%)e`S-_Xa^b3vWQd z$^*Vue6+~xP#6Ol@RkI&@7IA->t}4?9*2c}Jixp4akIbQYqgEWmCR{D?W*nTJ=QA} zyw27QX2Xl5UTf5>+%QH{k4YQ8pN%K8zKmXnpd9p|FEW}*vUk2ENWA3VgVxpq0J(SB zMi)#3f3Ov(hIs$Wvvu+f031ciTmp~8&F{G&JTt(CP*|W8K=hlwHD;KKdB96gP-F4F z_5Fr~{kY~*7WVNGd9kd1?K|)!WCMK7zWW8{ErHr>+BGxQ$4^@`Wt=TQZ~UqTCk|}$D_UIxO%4H8dK@+GSh~B<$B&@D z$gE)n|HoH=y!IvPq4^J~TC)rX+4`?v4=!)5QVh^h+s5pt`Kc0nJz15rdfFF`4h@rj z0h0D!0K?tD`WCN$FX#hrrVU^aG8!xc_GJQiH6H?>*$<9PVe?sfAzrcF-Vu4U$?cXZ{=^x12RZEj^o$#(Mh{Kp;sc=vK5bB8Y7;nvrE?Y{DEdKk|f*5nQX)M?d^gtxdmPd zgiww+7m}g`NI0p0Alj?=_u_pD#QBB@3@(7j;(u!4Hw4Vw1I^dJeRxJ%_Ttx_uVkm7 z=r_7Zc*Np&c<-8Wy2SH5&@Tg6a3Vhf>#~P^fkaf-KN1Frebxu`HTUW1pz_1yZiVO% zCe@p`HY|>=REHw;>LLOniZ~*nI9|=8PykNclVnYO%iJPmuQwsgYG-4+W$EixW@LSyKJh9{i-SjD%Lh&!QcMEbtDphHmds>F9}eA?x=*f#D`7m3(vHEfcA^I@`py0iwbc zzpaVWep9Id)-H|;CC;kEmq8tAiBODibje6TY$T9$k zN)pt-Ly6t`v5PBZi^zXle_JX)&24OJ1)7WTL21^t(K9;p`v*`#Nv+aM+xeWe&_gdf=iq@GemN zbr@QJk7r>6@L4(fq!vO0Esul6<7_Hm${yze^?q+jJS9uD#^jLfVEgGX=!KMx=Bf}x zzYjpA^&|n*Xg!ORuI(HYV_h6ZQ zFc)P`G(U;41Lao*v>`g_y*e-P-3&c#X|57B4j!JxK;RIqa=Y@@Pt@zOd8I8xJC#z7 zZVk-j<$edF7xlPGe1!PNC&oCjh2Pk;SotyW24sLDD%mdGqwSLBJ*!iMrPF(tLvca#ouY3ROmd z?ptm?3&!+iboa2Pds-Y%i>a1}(wR0%%OOS*HyaPXMeRHrFX9Eorh3~!j0N3}V0T8q zVY+h=uYOUQLWr6sNduW=S~wN=9l-k;y94Ewut@&)?lwHSngZN@e>ptx+hNv=n8ZsE zk3H>=uHUJA+?PTn4#AKfxdAr-Z|U!riS3lKvG}Ne?Oip^YtXoKZ&n-veV>|Vo2d&iiq{UvSE8l--+nM|RmbB-) zkN2qGC8?++>9L0=3|h2na^|*Oln!k)&ra?xNh|v9+9{qJZPv|h`pwNb?Yh@YG>)5| zoLtSGJi2a5SJzH?H&{z@MvUzAE*RB`>u~Z0AULgTf~qcyPKQIXx#RzS<70YslPol7Tno zzlPLZPpVqGOJ!}O$|_>08%phZEjk62nLe0PGp-8f^DNOP%FBDnAh0HQym(gp$o4BA z%CTslat$A8PO~S+f7J-YZE99u26r`+1JlQ)=*wgMwyZdKFwQF)b`1w^qA%_pGRP7K zy=hrmy@I%SO$5N{VGX;My9^Ciw*B>tU#J9r09SmRp-WTWZJI>S-!=A$@gxFq)bZ61 z)p3K)0o5zQJm4j6g6k)pm}u6kz1RCEtq4j(XOOvf*oDvtVJ-(gE;XJsxDd(DkI?bW zukw<#{D=ZYQJv_c&BSIdSTfTsQv@dDC6cJfQUJz7?~8_nveufT)E|LH57nxed?JBZh79KhTpvu)({DZ*@fdbksFO~zszOsrpm{NY{-H>gd7LI z$X}hRj0$7)s}ouRE52IzZ}geBT=XAJ$9#zz@S&!_u38{_An zY=xtP8uF8~b3T=SEjH~W4vMv_Fi`5TbvPLO9rMmZc5P63!A}dNRNib~RIV!KSkE<_ z9^yiCE>-OJUX&zYp%REK)$TON!KNH4wZvBRj2y~4-UZy8QdEU5rCe#~6AHzNqJC@j z-1Sp=Mzc>&GeB*BC`9lK}8mAMU zKs*vDRnLt!`IBj?=quL0r(MFM=GlJ7L_*$`UpR)NHYf2a*6&IgKdhhShtE&T-OhcWLPk5@(qOE2_US$h1xjjtHYiN2I zRhbvWMcFq-?ss>0gfsvZ7fG2C#va-K{HhQ@#e0Yk$Ln6cW^XfnKh(JMxoq$8Pt^%g#0GoSalK}HZxLx8|p{lLM82?aoxpXsQ|9HT@kgL_a`0bOhoCbpsoNcK@xO zG24VRxs~}b0s2Oc0GiYg-J&wL7Id^Mf6mmHVozW;E$FDJ8*FECw9=f*ORB9iJK|8*@p zbe5bN6Gkq^6~7QRlj2?EFAl!;`R6FE%ljW-JGGl-E#yX=;a!^6q(@;cc zK->ClIumN%skQNjcXAjK*(`ojGcgxr8+a#a$ls9Vm&B@&dh+a!5rmSekZ?VQ$w5M@ zKJ#dhj}@0<0tcC-ewNKfIXzl3&q>pnzspCt`9|+dU9u-*Klu0c_6 zlDU?dB#0(pB}8flRC}y{NR8>NIl`BN1b@svNzF|u(WZ_-b_KWy5w6Q$hm@hZ(cU)iXGj7RMnjSQmH?GZRU0mMHT%q}+!mVV-6;zDGOVhg;#Eqi|d_POFD zsG>{wsUMnOwMiQ0*z>35z$v!1tUR`WUkR!jft%)*e)Ai}=54|#pEc1-0v_JO0Ml>x zChX5L@K>`DK*z1m9&o9bW> zkpD>4=>EN^TtUC}yCYUUAo^5&CV)XNBwO~!O0T4?^&F9@3|dq_W*r{suon&Us?l}! zuDO2XfBcQKPAZH`VsrCGbYssFsw*`eZSdtuL)|_^wqwXxmZ#}e{B7FsP=%l@Hqko^ z#dulJcf(&8eicICy2Vg4l2avv8$c7@I8tvG#nHv0D`{nHVLW2@#RZ9ruUw8*o5f!Z zK$0rW)83Iv)5_TVGI_zqjZx-1HdI_?(06Ru?>u$tv}X9w<0IaC+RM_#d1O&I>>Db5 z2}>I>$Q4Tybff7`ajY!!gsYV6z?`T)tICg)m7%=g7~=F>8o7cPNp$en6;)EaHS~fN zE53SO9Q_fzxW$;hT9X|dhyLB86zp;E0LQ`m`_oJ6Rj5ZiMqtxVIDSDO_Ps_#4`MyV zFq%7AX-Aib%s36L!q(O}HFViz@J(DZkUA8Df)T4Pb}sciNqAC19~$?9HjILR`LuBn z#UCW+|FQyPX(hYDDA8};4p%Sx|Wd-}LjxaZ<}8LG(NPQ$!~Gjy2KFMZ5& z>Yag2tX0C<{T&Vq0U|k^R!h8YQVtzF^bdv4gc=yJmUdWYzA^m|D4NF{>Ji>7{D|7X z*)r!xGn5F$Pb3^^9xzNlPqo)K8x38aqqkj3(O4F7O#jnJLTi03&5CGQ%PxldRm^LJ z&pvZ+x}EjAM#RQcShrIQZv^0lHwOH^Ve}9Nmw7eF(V@GM;zoKY9f0>_HlmGhsPJ^h z)EtV!EKq;U>0Z1^CJ}&_=?9@z*CiN5Fp;4VI#<6_n_oV&bc)QXvSCi-fz2d*(T#d# zr_|Evuc1M~{nRdN_IadfvV4rjM%%|$e2q|fzjxKjmcj9aV_3$a<&%J0>8)nL0YoY- z^cEMp07Dlhho(T{kR}UH74ak>E>QC0M@W=p87e_rlX(|jz0Z8C^>e6ewoKa@8n|jI8;)?)=1x`G}dL4s-yxu8(qUC)V8RS<2x3jzq<(er<~hJm!2ad z_8?or^MMzzV=X*1#5j(Ag!GzYAB0Cej@OQ`Dqyd|(L7*J& zap=Q~8>RG+970;^^Z9E61mU&qc2+mL-wPFsJeRkT%b`k~;dEK~&Z1WRC-FyYm!5y5 zv8^6VYxJ`Vr_r%gZ%L`ECa-6R-}vk!0cFbNLk#|KtYt0e?qF3C?IJj?Etc4wAkru3UNx&9DNA%36i-&A{#-0E$=@Gd#8eo1>NoEyQ3 z=E>-A*mzi&vm6}7#ge0Or?maq(&!}r`r9^c^t=+ek8T6GX_Vx9)~}C^i*cXxl;5$d zkWkI_=@`1BEBR4sSSG{A|L2F)EJmu7;NaMg4K{S>$aEw`w6J>tS^tNL5@NN^_fc2gJrsQ};d%CssQ>8i8p%uSt9|&Wic|CTRNEvNmJ4(h! zv6OBxOCfkywLbCHQo?RqIuDbzttviw*yhfPTz=Ae5}vjEA~P1((6aukj~O4|RQxUY-2dqTnNhwl zV~otkN51qPcO7Jasn5osk1DfZrn^CZgrbt`{zKKs$Bdk%7h86UO!C1Z8Sjxesloo{ zfey95QbuYXLUbsTM$GWJt=yB2B>LZGx*5+B@K{9Dc&p^Q&r>YTKEEbX@m@yfK7_)M z*Auj|8XhxuGOx?AodW%ZmXdI3yU*DkbQR-fN+L-z2kAwv_2bmG>zAt*zhUEYI(w4ffkvAfVhz{=bhzqSx{t^Bkh-13ksYSBdz zM3wAXbIE!Qo29QVH<#Q)qw2P+rfy2qf{xJ>t=9Bnul}5nC!qx8lN~h42x_IsWY%)% z^K;z>6-^SHH9v;<4$L3|GNDh*bwxC}NE2}aW6a;ECJer)MeB!xlosGlT=98I;Y0xyH6X56p+3wJq#*Q9aY@CT?3D8eucw` z7PG7j>F^>GRr;nS{A010>oQ5P?Pa&OMWZE&#@2X`BSqKtBN=H4wCMUV+3w>4$JIFb zS%tWtTgR>fO#LwP7J#xbO?)+U315M5i1gqPeqF++l0lZgbAdOuj0*pS+`7beaBZ_< zIY{&BYRr3~?9)wPZwc!55w5WTC<7twZY6d-8JsP-u zN7L!szWA@p%BYyr|HB0kNX_rRg%8$>s#Y>t1FThYxP-y9Ig#6j-&j`NyMoWzhG)OH zpNJS@x~UQc|4_ZH)*O+mjc7XsO%<*+W`ec~PEvrQ{2p*ox|w=W7VW2s5`p!LA)?*v z#W!N}hgAQhw+{b8xJB8Y<2!(M7xo0*1)%|A5 z${Z?zGO{6s^DR7lr&5=^Bfe3b?M6}P(}#fsMG!Um#hHkvdIi0|LcC3v+fHh=LT3Sx zlF^3s{B%oyQU_xDRJOmL3>x{c<)Qt#mG6y*^eSkoP|#>K>ieS`DWJuqR1>+mS1VOk z88X1GcMRGSM%`gO3W^!l%b`W%m+5*u?UOFT z9wxKN1Bv3Z3gdjPKResDwn~*N94GlO@Mssna##461Ov1iS;zFcL|0-}q;zV7q&TY5 z3t|Ww*VbQnZLbtsL8OA~J4>?{9#T8%jSE_3v8|eK-%+%AA1x7qgmCmOFzcc3bqKji zt={MqG9Tqs4OD3glCG7xI9S^^7g6@Ql~|A(zh?5~H*=`a%rE`JPgV(ghVTFKYsA*C z7fO3(rWxar=+9o{abN-$FGS}#@e@z)<%-_DS!*q3XhIZzGn+E02PZ%pwTpIh%QINV zqhMDjY6!AGj87gqVbx@ky z<6%wQ*6-tBM@5jF*($-{oQJrC-{2iJ_YI-CU`oWzSvTDAcqJklC52h0y~!Ok4dN`> zAzV?(+TTchY{_9fkek8=pLnz;yST4Co?POoZ_?nQoz>h67$ zjyj;OllfFB)G0*Tjek^YNRLNC|Kg!;;H%$>*#d_oOS<(80`#}7K6%q3JNI<(B5}ta zTjW?GsY##8wEeKk>Cr<{aOj9K)&s}dR~9$N)qZc}&mHjL&_t-p>ql;Wqc4^l8fPMR z;dASJd%Iww)X{>F6Fn{uqjnWA!;LGL8j_#u z5fCyXIZDdY{jGgYS`}dV*BK7q%cV0!v7%eo{e6+)d&#)8Zl+4a0tiZ|6r>+Q5p2Ka zIr)L;+>61A&zIR|BDIsS{f_xN@jdW>$yS)!et5u@YQ*sB``Me8!2ALA9i4S-(zDJ! zKr@KOl{xYU?`15V41W-;kw)A=j{mH|>!%}Fi3eh)1S=MD?rjleM4PFpLrN^g(jhEs zia&4W1Uq>BqDS_e!wKiZtv~(=qAZfisV88{Y#;>AAP4%~_tS`Kh*GJ z$EeFKM-LDq{sgw*K!k9x8H@VTE-oAbOf^~=6HN0{zx(i4@J8G(jx@rA+03uW8ZpRn zJYK^e4sm&m3vd68GbQAS<}M-PB8ZBn9!xZ(4L3sfSU9ywVJL+pDe)}nA&_zcYAae| zn2>r-_Ankgz6@%?arVn;*NQp5_-JZ-6_cf1hN(p1pCz<{<{FL4QjwQk#_Luvcz?0t zx&&_ST?oz=%`2-=XzrFy2funbKYiSC_@y)8+Nqki9-!!#1nR{sSOu*#ZDQYVoqeNU zhvXACLi0x2v@vxg-VYwCJ$zC4srh-SWDwr->;<`|kTp>wW+T`Ed%$4qHV^hN^qg`U z^ZOj>`i!L3dv8RTw+Lm`S*+#~y~dvpr~gGNIW2U*dIZC8R^qHOXY*i>MRrTp*~(C8 zkCWSKRQ*vGM>oW0MKqfsn$ci}rUka&?%!ES;A~!&^APSj|J?2LZdRX#O=@A(XvHF&=Z~7B)*p1wDiGaD$UykEpZ`Fvqzcc1HA4@6rV3D48OSg^ zL8+V*4|g}sSK*$=dgoJNxcZ6EH<3h<9SyLI?%Q+Q8fm0w#<=h;wZm4{UC5&{5eWBj zA>Z$J*hN#3>|^Q5J9?vH&Y0mYh6tkVjwx^>cwm!ALZSnejV=Ec$PU)?~m#Xn|a92SW#sDmcM|_Ah?Z0cB zbkR{+e>MH#jrQY;TYP%0>UH!at3h6-kK(5SGQ8A#t&e||33$A9SwjCD(Cgy4lXcUA z_)^aOebm!Oo7I)Eot)5X9=Ao0kKo#&z@+ z2nmd({$|V3OXMB0ytC4&681Izt~+I!nbqLwR5mVU9y4Cl>4S(`$p{}l&5#K*c9{iO z;ht`~j=c*0Iau~thLl5%9b!|bSIm1IfQ;?4iWx*8EOXQypUC&tWfNl}Jky}@sMbSS z_ngH(j9G&c+hx;)&*yWA;CKDg^vWJ2SxOd^C>$g)L%yf>@ao2iS!PUFtDpJ)y)b5zOKEuu7*-SL@$mB;kr~?1*rtK7b?7P^RnbT<|APj9^UXo z^E0ZFJ&y|1ZZoGgTCrp03D9=N_;2e}H!|tYdz+fGR4>jd6lT@&2CUAuOflEvlfy$& zbu7BSu~`V+-t}OlkU+do$er3gX&b!EapBCrZL$?;aV|fwO35?)=5OxAP{HKH)35UC zrTJr}_oi<6GAE9{CJLg6d+}iJ>T&k%GPL$Fv5LBRfHT+mAn3rz!hoCLyOc(+^ISl*Fmw&<8a0u z=JlS=nfjCt+>>*!a6XXW+)Zye{5|UKQ`dPkN`t4rdN%M$hLw^hl$O&O(@nsDA#uT% zA10m)oWP!>o8L zh`ZJDgsws=qF}UntBpg_Xz5|2U^NR#C|dy0ow}KhXvNv}6!e&>gyWlAHxoF*LHf%9ictR)aSzQFLxq<8=G3ScM8dUbzuHiq5nsX z-moFx@vizGwok(ps>$sMB%duJtjiY%Z0dI((tCC;9f#(pR;@k!cc!J?ID2h|`}o_3 z>DX@%Nf$3SySRqh%gz10I#I({-al&xy=$eeE8^bFOK|+Y_e$Dhx@m#&J`ow$oV#fF z;xUQF!jVLwG;WNakJ zpC{8i(oHG)KLfWh7S8w5Vz^hL<`$`O&AbKZP3eGl*9F0{_}Yh8ZD_m%^Ab?a6z1^z ze)s?E0o>pOa=?_V8=;DQ8dviFvGvwrQFU+B@XQbc%n$+&ARr(q9ZDkuNH;1SLn9!K zGz_UCB_${&AfO^0(nF_|NJ@9NG<;{C-}AiJ_g>fgAOCRX?7h$4`@Yw`*1Bi6N1%G& zYkfVa|Mu+$p41VDD*65xw|LwB6^(aLsbso!;^cWhS%y$w@%I3LyV)C^oi$@|w`Rc} z&AuPF8-F}D9349HS-qMpzM4pzBv#J;HY6!g=krm27!a|sZuSck+^=0NuW9Q;x0B#y z{rRJQ3>JAlON6%YkQY6a0?O+aD=$6l@sk}^jGZ?SgsC%EKWX1i{^a0H#+ogfhI7bp ze-Oqo$=36fS`{03b63BH&De8&QUw!s>Uw;!ct^Zq8&LXlo65gh*uJA{YP3IlzWt#$ zQFC!!GsrjURwp-^$c~}p?i(CEDmm>Ci80HKR%}*VTqZPgTUVcnt(V*P-KN3k2BTE# z2F{p&_6bA!=O<7)7o?iUYik$4YOup0rk9tH8>3Z_1AJ=Y=OWH8tV&QbHvS}?Myq*G zY>nJSlfKisC7lm{ccQ7Ick>yc^Ux-w*O)FgenyiNIHk*6$az*(IrDspKIL)pv!Z3? z^M@OC<&q@bqW~yb;{CP_pVpD=`LBiVR{?+-RYYvi<>I@l0Rpe>DL}?aTO4NHCv>nJ zJI^!?V2e1Kj{E0N6fOX20F6|&Do^E8e+4>G=9%=PaY8plO+(A|2Mpxm+sU6?FdSRU zTKt`Yc~v=T$mIz1lz#UphIOuk<`dNEnfKME8N+V**bX4`q#Ff#JC1jBKKfhg0_c!& zt8Mv-euG(DlJeolAY#{La;sX6C;mPZJ=~kmo-{+QvSCNt0K4c7=9jA3`LIf!5v@MH zM}5pNBH)Xhu4l!&<`D7Rw5gP@|9&4|Wq(G$zZcAT{Ml%_-eAXF8bDPnZ%lmJxaRka zpWXYeysoN^SgChOlbm0Jxwe@eYwe=IWX@#ONBmF+?YAK>!L&uCQk#Y4EdYy>mbdBh zfPg=jA9pTHeAxnp%+B>I_FmpDsMT6IEHBiP7fY0iDcj_7@6R*POYVK}`36%Zq(4}A z*46L@i9IlZvq_j2?qO$bRz;p?J$56FORK#} z$X{}>^XMu9r_*X_j*W6tn}CLW3=Y2c7%OFkh`^6!PO{=@7&ix-sMR=I^ai>_)aJuJ3X-R zX>}vJb7=_#-34gW|AI;|cX{Z*?rI-9GMYmU^eiVffpnsWVc)~P&n-3Pk6-17<`A2o ziaY9fA5Ye4}ZSL8}I!%G-uh5Lzh_4<;aK1m-QU zYQpAYySIUtc+N@WrhM!2JcKAqdYIkA6pFel`pU9m_Hk3d^Y3(l%#EE|xpe*Fs%Y~0$_o;W7H+w3U$Zh5%Srw8>PYBW-_t~RWjj*=1ge#*Fm z_bf8@eOR~o7c-gT$Kl1|G*9qh*N2(9DGwJFXs z&$a$3SSXi$$mKKOO;9Sn^b*q7YE*NNCQiU|YxrMu|LCKbW8CIH00zK6Ob@(u=;KJs zHsQUf&`1_xiQRhlaexke;rpEa4joHHJ8WeTL+wE@zwd%_{SjAbu)r?w&%(D4$PMn? z?D8+%l&z>%9c7%CHI+ znw)+!yW$KfYFUunG^~?H7_bDgZ>PKQQNDGqF(w+vcPih{2)u9t-|}DFTJ2bxx=%`s zX^~Lpcro;?tW*1CfO^WN;CbA#P6TD|H)depbqkJ-Xb}S6H{8BAI9MRMC6aS}#u`7l z6=Kg68r9q}HOCyAJutrdCXSo%cM?03wayN!8w$)Wu z+HRe<*2(SIWl9R~AP_~26C)yx`_V1{vfb9EBdNWXo$*Ugp}LixRBHEU!4=z~%(-B9 z{D!W`S59VzwfU2kN$>TH;b_^5ADvRX{SOU9Qy{8qG5is@2+>3c9?PiUjTM`2iX_Dq z;t-Xl^Es+xT{F{E(&=p^jZKX0t`b_NUoBL-`6LuKR5?*Yw^X_UJD7ALZVD= z+KkT)1Z=@2jM}rmJISa{c$uCEz`g^jopLehQ%{Pz z7$ZN|px7~uLnxf)ClRAOn6WD*05GtTM?^p>nxpn4OBmaOAwqp`Z9CViYoY7CEU;pu zX(XkGu^XPg`PV@)N4Vo#CrZP+->^JCL7pYyy~ceA3Jt-$%4J@mIn7Q9%2Lgqg|KzG zi~zHzu&o;S=rLM7wXz;3q2B~TgbrKyvt9h=nbxskM#XMUedgE{$8gU830Lqx;XeQx zo3G|{51dtvJEzmQKaT(?8(P04$vk)unSui=4y;bSR3M)j=re}C@sH3w;_zyI4;m*rSK4%IBNQF$_1$>0=xq?7quxRLx(LCeJ7$c;nL``VP`rmf zl_zM`)Tf=~g*f8KZeHMc81jp(EBdH8-v3(lgSjL3h6Ot|byt&U0 zJ`cvT5TJMhAk>({pJ?kY2wxakT&&h>C)S}g@csHr5Xl@)36l1JV-Lcq4|n6^HwA;p zIeX|op(sH}<16-?ko|)KztPhY0`Gb7!~2do1c<1~-3Q6otqLhD+xaJs2Ts9)#f+81 z_Q8Ln^@e?Gc$GeRPhU(wEu?{Q8Cs(H8ZJs z2H4H=g-p~ zJf_uWgf-IP%7O;3kIi1UilV^cb?2;34{T_1D`R(J8&L4}i=wxd$sSrH1jsPk?#Bl* zgjr~K{GE7K@p@eUC1Oxqg%)`SmMP8_c0iYmzWLTES}G<}p?@#`=R{(eK=wQrO8a`L&r0Qjp! zYr4QTe(2|9!>@e$j2*@;V(k+3i)f;`W&nmJ`?4TQK;5=s&2I*DYq-UYl%ECiWM&GP zW)GKgbXXt;;)6@QKa&uqRn~#c*hj~>;GYrB_c;))VwbA4SlJ& zZ!jJxUHg2RvLuT(y>@9?#MQI4@XH(8)N-Pghr5`PUui8Q3ZI}ro;)QOW4xZfZD3fD!g*|%#q*nrS*>KH(*Yx+7F|9b|-5+l60Eh%wHj3 zI|hWemIY9SUR(?N%XC`&cwwXj?t|4%?Ym%7z_or&w#nuxEO@XAeli2q2f@&Uf{Qo| z{3L8Vk|+8U1veP{>PH|Ugqi>Tc=9FjbR-vu)tB-P3Z5Zi6STyoHG)ULSZ#6EYj#Z@ zd}~aP)#cum>BkOEsBF_8vi5WF3#llzh~MwcH#Yojw5HQt#}_NKJ0(Ipv=td_8luy@ zP^UC>?;%qNDFDTa$lSlQq9?a|Yx?YAj4R+0wNg|hY_qJU^Ir19hz35){zLRv;gk=x z(!YL=+`p)uw7~Q}p8fv%j4Dq{UKs_>$|}0}Xkv7_%okL%>GG$M@%emVGLT`KO_zJ{ zf6-AW|0>dYB(X{lTyHlgeOV=;GL@D8Os~vgQjl5kKhqmyncUcG?VveI(x*r;*mlcMsnYi*Pp_K%}a<*J;OS1B&t2c=A^340JfMc?;zskl< z&@G=T9tpq<1}C{0zn-g`Bnf^PP3f_#7OKFQtERrk(V-E1+R5GCwNj}yTDa=F0sNjv zb&)HJP&vWHe_VipA3pZqydIw#6}`^B6t=H+;_e? zatXA#Wh6mWYWm3P;E1PR+QVxP@t-7Q)jfEUzqRS;;7k6K=RIri*CT6Psr>0B!=$L5 z53R}@-9AvZcQbaoy0?494EfmnYJWPI3wAG6f8+%s0w<%6A&&r>s-Vkjy^ zh~Hg=nOqJnY+D`1ji&iqFN~j=nhCzA7$25lUtBhtJ=guhtcDC$nL<~M)dZ@hzvfM1 zb-@&~u&DLLrX`jbc30y`I{Y#$c-i5;t)B3|_qY2H7&VpYzp}$uQ?``Q9OC-WqwVAX zUnm=+;$N>Z@m~4jzBX>nSA3N$B5{w>egH65+3!CWb+eO6niTl4W1z7!Ay#W(1`D<2 zk{;3p&Rs9yys26<$cVibGDubj4ww(RYPxG5aHl_~)>;=!%`BAdilt}Zy7yYEGPX}7 zePK^$2(LYEbfo!wZu5eUhOR(`LZP_2Fm!m0NAIws@O!v@Zk$89{J&2&82RKB(0>TP zK~-yRbc(ub>*}`CWqdlOLJi)&hcj)-6vXs+)0u)hR6Cw{#?!uLN%bEe#iV&o zI=oYA$93Ldz*kpvtE9CBuxOA@3LN=uM=>gEV)=8sLKX62Xu2vYhi5Wr706^>3@wYs z6b}CS*w1~j-u>*=2P&oZpouTo3(5=li2s`#?@HnPa9*xz9aHs8GsjCxEUroSHNOr;h2 zRlHjLMWG$Jq=JPY~#==8bXfOh+u<~D^$b4;jm85HU|9Zl?>FVCp9R04hqCOBEx8y%M z{?heW-!|RzUcp|!SEG>RJfS8*vG4D1E!coSLu@(G1+chLs1Uy&LoBe2qX51o)vX^S#QK+I~KNyVzSE7b-bM6Hx-d7#+>)t^1t}44dsp zeXDo!3Je~tGX)kr4;)|DNbn^6dnCO5uzc2qk}>iS3&neq(OsXa<^yp%q)^Q=yVnYo z3E5|W>qu1W*q2BjjR&FxA&di#f6oI|?f@&wOJJBJH>a^T)G<aH^Z^`*B`)xQh;y)tFZw`0G%hK*;uVcxS;eNTBo}=*SiD=e}JR|H@lb| zTNn@^$v8|~4O0XZJoAT{H~yzU>O~WDEq!w+z3*JZ0|y^oc`rFlmDv3?3=4r7wG>X zziOVi^ME7xvM^9bV|*Q8kI#xme!{zdpQ)Wj&&K_`2M#_dH|nTYCXR^t+MLu+{}ezK zsUBUeYbw^j__P4Wg!;8x;18;i9AD-mxr(R(AE+pAWJ3L5G!cm-i5_qm8a}xG?GChF zXcxa;HoImOgv}fzS3l+>;d|%1Bq%x`MiKIj0z0NxwvP@|VdQk;bdAT~or#;yemYxp z;V3}(bBI6lIMfomzw6}x0K}qoKoV(JKK3Uc`V*>4n@l@8;b40B!KF{2v(0%BU?);z z)mEoG`zG&ZSAdBi8Z!$D7=KYc-Ez`+(m=rJatfhcTG_uc0umfcYI=l;1)^kq=Cng3 zf~tNFZ+`+8K`@46&*1gPb-#{7pjg~r2+Ozku8Z4c{+k{rF)Oi*Rp{+Xt;vuQ@%ePC zTHK6BQG1Si-0U;l+@kR~-|Nw9EZbdDTX5mjO=~6NG{#};4rT-6eYu~IPFjAOs4-_l z=A&|eR5y<`Av_sru$2?&%O~>(tGSB)t{oZm_pcB`t7&-i`+~$+* zTkMAIKv?qdT?3y&%uJ9Eail=9lL(0DMD zx#xoq+8C-zk$zU{fxz`>(z8cim!&^ZUrxlb$+)Op_T&b*;b7NM2}_nKKXVhi`;)8) z)i{E2Dg8H%X7AjWmZ`RZ2IB#;So8V~r$or*d)r({M+>J@j~$`H5QOWwhqzWOz#GY+!>AXQ1+o&NWrC^b=m>T zTHeVGtGB|%#lS&qAQ(S6h^SvCeihOYJl@Za{kO%W210Iqhwqj5;y`p-VdG-I>@GrJ zysxV&E(u$fSO{Kv@`I*R?=Q<@0x^k}A{OH&zU!X_G|BR2v68jfUrxn3T>9uT@bMgt z76B!M`Ao|o9Hb?zC91#!cs^*>yBpLm0j&UO*6&h6(zX9&FYK&f>D?W9DSIAskJ)9U zf=B&5Oumt4@5?L&#~Q4-wNsDBoN3Lq0_oFf6F};Z`55PWlv)xL{r&+>7R_8 zAXj<=2jf{Mnqwd%Vhq9^Kd#)uZ|lBJbaP$#`*cLIbWLmL;ix|I&RdH#Ga> z4XdqhSH`-zsqwhilD#kkJs{1VxaUR8s;Cd-U9)A+Rivw>-u$~iS==XbyQt35QHQ8ocg-|VM@B}KIm53e&9{&fInLZ7521Pl=!mSZO&)F7l%}u#VT+I%&$~l zpuk6#p~S+kq1|Im*T?S+_CE6k+}{HBuXfi0NiPRH@YP^WjJSR7hL*5#QZ5jn@ea-D z9l`8zy0y{tXz<-HOX=}xgr9NuO0i-UulBE9J%tPlk1zdnl4ahR@b4Bv+<^%F-BU?v zNho;c!D+eM=V4!n8WC!hTf@KqPGK0J zsjXb~7{y0WbAP}c@Gm8c)SxZwYa>Ywv_Ypp$tb$If!1($qn(r^DNAXiUOx2*Q6v=u zy6EPNnYn(BzepT1q1i8Erbujc6amtz&agN0d%PZ9?(Jc>*;1Q}i8-R>oGlo-Mx&w` zn{iQX-nTK~`s7eM!o3bp4$wu&S8PnLJ$Zy_YP<>nXzCYGx(D!NZxj#WqJzOpdK zf&&niD7`K9?jk9%G?!WI(}p1!tD7@tl0*|Xmo;WJB*Yx^?4e^M` zxIHSL;9nI}K!Y&2OmLtosp8V*;-vwhD|s^PzG1Zm3r5YF-^MCqhf1TP8IPKIWVRf* zy|+u5Cc-wBN?ch>GjU)Q`&gRrWNW{nBOlZ4?#3PA{7OKeMrlW*{3AWx6_v;WL1JFB zc;J5n?*i$`JKg3r8<0>GA*?cKKc+0wlw|vs#M?@c3vzX?dziN^jLZuVs@s9Q5QNMu ziWc6zBwwULR`wwlO7LdU+hhCKs#O`WcP~pKi2O8Nj(>6+n}LldpA0Se2@vt~fMCvn zhaVSH)J3yE{1^f#W7f|e@9rs^;p6ZqG#)wc8xaAUEJ#j@46(K#$(3ppL66dXG(q|{ zgwhxq!kf168Vl_|2BEZqqReiNp|!f)b|QAXBsb?F8y1o)Ayo161LK`-$mQS;RuzqE zF&vh6RCu;@@2JRd2bs$4L`;I0)*0lXfpMWxljW2VadyicX{yN}LKGsH-#B=+CKYV24$&xTu?sS+7Io_`{u_wx4gzH?vUm+PDNw{ ztITXzk!&?>&izL`ZStY$@m9U~yXoF*%iX+HQ8_Wgusa-SwNB??N|!X%>;ig?r(%C9 znh{G`o)U5Q!h(s{qdG_|GxKnpGE}Q9iqE(=qYM%cr7xYKijTlxabn_i-C-fZ@2=Ch z%#zd3zo_7^0A14P%e5iI)UTsFP+;7S<{Ih<42G?b1vkSbLe%+XDH&(zqh(HhnL%3A zV+#_|KatY&zw^jaNRUvdnL?F6UgV9OSIOPsHo^E{s`NLf)Z0j?-3V9I;2R zp=rxzj{>)A&cXSE=VO*-Y>-ru2|HX3%gIIyyLCTPOH+fMS|5JRTnOW)WYp#}DHT0Z z_fr{eG62CMC$?Tad_7s_y6SrL9vRvF%1*DDjic%jp+2aqoT|o&;0Y`xk_V)P$9QUK z23k0`G?DGP2*z713O6UkF*xZ+Ks!_9(b*`ge0`vyeqRp{P<_ustRuqYS9t>j7}ISF6tzo(1CkJ6%}giG>Y3P8l)dRvPRzvu^vkz|9ybB|WSc|laZ>qNRlaRi|< z;7JyY?cl=NWx(x^%EgaZ41F}Zgg3Zy}I`-I$ay-Izb zop%e`MWC;vzAx0Z;5;DV!ieBA?)cAtZKY z%&3BQK=CHEkeGXJXjz8W=GBsbi#IMK3JQW5OE+_b^~>$k{2?R*v3OqtG!-*ADOuC} z4P4&iQlkW9ok_*%Q&oCvgq_y9G*^PJ-2;dtUgQjAw;iYmjr-6rXC$Cw3l1O}REq&dLxF}n&}z2K=P%R>hk8*`u;zLSf_;;l`=*QjPfqVv>U zKhEH6;Z*s5ylftC#Xp)}st0+4R)S|U5^Ot9bmk}Csp2q#B*}R1Z;}2YTf}%3j#s&K zvnAIfK8SMFXtpZ-FY|{B*_Q9A0eEZq(^0WJ1G`@}594IyN7pmHG2Ge2i7~kL^R9x8gvrM9(Wh?DC zadrvD-q#B2v2?iY!!T~8js`g@G=^@I>LpJ2)}mnuz?>(eUjo3O@D# zRFtSz{1i7D@BZBYgz)5_&UIzbn$2{g=QE2{rOAU^KoXai|GdFy<%Od45&bgdUbLoi z$TALO2j!DQ^1YD^ z#~!rkRRJREHaO-nmo1B62TgSS)`A?Gh~ysmwHU5wE(iPxlo;QI(~Uaoi`R<4AfFhH z_XBTg|08Tm4`=T|DFWD4u z=^;o#-1mnN;1IZyQ7ry)=-06zyE-DdYBtm|<1=v;U7iLnaV%{Pri@ePI9hl*u>sYd zNcchd&qSa;qhmeosZ!3f$kDTP@NoyGnC@k}cVfsT^+3|O{Z+)Yh+&yVX-AcRD0;tf zU-poCGs=5bRH5D(5ogxS33{1x;B_IUpvRU>4Mwf=7+pI5CdX zu7yr4$JBt8=IA~tG2&f9BOUkz80t3*5>C6>p>9Z)z-j*n2nS6wg!xyotJprxMi&!`;%dLmDuqfPLT6DR` z57_*4hP3@9Jz0(#Do`RT|MtOApc2YzvJDgfw=i*}xY?5d~|+{v=oYHPYsTSwuHuEU|A40|ZdM(%|h zUpekw4uFfEAU@UOE_Fd(pks#rd-|zMmb)%A+7eNLB2yX^ix5ZRpd?#U-%GQuw{v22 zDT-dXqCdSlW+RO)0r?P@^wwS(n|{zJL8dS%qAwNnJ!Qwjo_Fizl6>-Q!Knalz)QXH z9OH*?3>g1thZvdrWkB`2zGcNu14VhFr9lqUSK;p>ZiDNo5bU@bMo3&oBDk;*na-5@ z?=QlI;dwp6C*KVJ-L3Yvb&ZqX(qbv|*wvyF4gt<@?Cd)OP8#l%&l5cX>0fcb{!yE> z8&~rzTPfV<^eivm@pzHbbY-4*CN${&1yj?5Qb?OWG1LSHxG#)1}zNl*X zr|qA*Pl~T;Lemw^l)wte>P)XX@moI_)8PD!M|)Vms`-~G_#3xP8O?(IMVz$Ad zGf%!M7D3D%+PMOyxVV1~gv}|haB(9g(0KFy)P!Gh$wbT}-H72vVQc#YU{3M3C4f|_ z{ToePrIe$Qr=;F;ptj;}>aTxFKsPF8y)LqV& zYwT3j|K~Z#z8Va)bXgbBE-DeO#;>7K8c(;X4a84NuGYNHw2TpB(+CdxdvJWFVbQ0Y zNc#9By}gR!Tv|DmQy(-fg0@JzVhLS8;nh^Ee#!XgdSnPHkiHh%{s)#5qbDm5{iM7> zUHOwU^ZgU^M7b%^fc1wbIit@yYy=%Y0w&@Q6 zFhtb7-7@P3DpNU zB^E%x*|9?XeFZW6#>ZzVHsn3|Qz85lEbqKp)9W9#Lr_YEqMphr#djG)weUe9M(8D< zgiQ8nHg>bvKjK?*g%V7GARIAYe_Ph=_O*|>YQ)@eTV0-VW2SyDqRb1+y3*9_>WR{q zfj)WBZ{Bs(s5p;2lHmUINH$FE!8{hfeRpTwzRThhZan*EzYp!`$T776<+7y@N=iDV zKXwfc*t>CjG&^{vo${%xivoAwy)j~F3(|e|^+|&Ee_Q~oF%2(s&0z(akKHBPv6H$2 zY>`ei9Wcl`TdX({XVJ@G^LDGG>B+oa;Svwx=liK&M;AG+Xmw4=i@Liq;%hzqNCRqO zPAjyJKbIG;%f-pU$Pt&inW`2UxqtK?(#fGGA zSDzj_hz~4ZDrc=eUkX8~4qT7Ps1xc$%7zRn6m9( zixt*B0CSTSLl|9=EpYxJk|jaDCuIAH>-P5zuE5|0KAK=kFee_j3vmv-zX%y7eCB0A z^ST`u!4a?Q2_eks0t|7mV0&)+(`RklgWw>l=V{heV-HGDDe@v49nYfPw4hu?y#{<% z!3}CPh|N3g)QZ2|o_$d-D(@rLM}2?Ou=Bp4L%fjr(Tk@6G_1Rr0#CiqmI$F~Xnrnf@1L8x)Z@}CO>%Sv+|J1g7_);kfU zMiF0%IaY&CXTc5Rw#{6xLR^6k2ajg);FC25UoK0 zUyETiEX;1-KXsFty*9w`?~IaW$Rr#_*-A2J zKL!*zjt@p@B;X9M?%2imb;mO_93&O{qx+%^r2n)RdW7Jer`P)gW|F8C+1<;;7UPDW z&}CEJHGTnRjF%xm&2_hN#C<=5nVq)aoP&K@BvDF44Wa-cwXUN&E8!vm0}({)3mjzW zuDp&Xk+=?2Nkk;J>7>ht+%FsB#g7p9D6}uyf#ObK8VJ~NZv|R>P+O`5%PmAummp@a zcp)}R!9(`&6HRZYDvKmoq;Kf>(!chre8|BTY1-SP9^~ENv;Tr)`e>3(RuQCq1w z7Z&9?(W;m}hKqPztOGszb)IvQzDZr#Q(L)m{=E~+ItN^*@6H2Kn&_^tzQb%2stkTV zUo>6&D3VtJwv2q)#iQ%*6z|d$^KRe1`FsOq@OSa=_>dixegW!8R2Og0-)_3OCLJH} zU9WZ}`juThX!&ONA4nN9CR&?{3C;yN8Pjt-+3hs(v#uX&bB*$?lZkJABf(dPWYN3a zYRt+IR7syFoIc+~TF_f(WkpSFnJ7|>$yPG=S60ja56xlT{5{Kxx$An@Dqq}>tAF?a z4oDM0RO7N~9drf#d5$dYXNl@>8+s$GZhpLZ{enx6^p)VpJANkDIPw}et9=%b1=kfv zPLxdTx0K)(z$?!j@()J=OKkS8F3pvJKR)3vF6-gco=fk@edDqg-cq0nCy>)_VTM@Q ziMILa$r3=0)70AWdCzcgXo)k1!a9b&Gf4i8f8rf8w9FVv&nVpfObsrW712HSd}(4E z4(2b7ilo#XBt&#I7V;52e!~QjoOfMa7Sa8LXLk`r<92_AXAjPNXZi7L2@#qxy(2tu zgE^Gphiw1!f|0iexqcQsVVYH7UKr&8AbPv={PHR>!QApgPR2!614`!;A?#f zLV^yvx+?iE_qjbte}q)Zyyw^dfRD(PbB$MBo&PcR%1TR(a%mXfBCtE5@tvkf1OB6l zltP9hwnG&!7Cjo>;wLu=0wfidl;7mG5*t&d7Q{8Ya$s_6m3NQRSMO$VJeHruy44bx z9{=hz^&Kq^8kaaC!U6rjRZBFdCwMO9X~ckmDHTx*`h}Ff+`%EU!6-*+mY-2ABUc)Z z`~cc>^e%*_Fd!@Is?U%H=(x$Xi!>s6s7~AY1KE7c;JbkHbgsaCmy?(u^tiBc_>{?U zk?wK5oLR8p-XNOYuDTtuqeBK8I)?~{E25r*cOe8OC~0b_L&N+JPm2P`KP{`LW3FPM^(g*62+Zn)TWezXP7~ z+L>s}hJ~g`bApDy!3z(?Ft4)d&eugsFn84KN*ekz3Noi7Yt;I3od9OT_vXN+%p+!T zvkn`couqTK3H*j~a0pTnLB7qUqKA)7JY79HCgrn*I-*>6n0(5e#LRG4up%6#U7yk-BR7XwPdTu|A zAFS+cN@KF{^hkyYrjYHI2Y`foz)i++Pm{>ULQJ8ln+|f_FYhL8u-o?cKIm= ze~AqsS>doPP#Ml$LVAEsx(6|m3tmdKJ#T@fBbX{Qf5=OhWc})uE@<++Y83ilJDySi zgd;YM?@fgY!--h5cvzpBKS(&{IQ$Uh`Y}gcyZH`;4ypKd^9KQT*@flN3@@W~`aTV5 zGWfBoZjVX7KrMp`Dg9m(Pj~QbT2YiHhZ!Oqg*rMp^;xbqVz41UMjG^#?*C9+{oTWAh&0%X23g;vab&mh-4KaI;z z=aZ=Y>2`#`WJxXf7CFEQ=TiXhvPLQt2WH*RNyv4KmoEWrFJg&K^<^PLZ#ny@S5wv6 zZ%Rpy#Apsf-4MvUqfYOm%+-1!zj|@4+)r9jymJK3h1u$kM3@$A*W4_=bQIXKz{nrQ z!YKf&;FAo4DuG$3McN|&K%;}=bRf=Jp7FLKQqJ?{xA`Yo&`SoDd*lE!0Q`Z2kQ+3D zTs^v_gpr84GxFF5?4jKh`I(^{_0Jlj64pPDVG!_;+_CN)4bAmSUyLEWGz6-_+k6+GR6g| zxQr7bj($0#!1RDl!kNIcnwI73BV^M4E&2-R$o>UeG)@lMRoZ@?>Yf&xzLp|~EQF}U z+HJhK-~<1}p}HX~A)2L0${Aoo|BnvUB)HOA^YiST`$SFrb_;^%LbuE#V;f;_`rBWP zo*T6%==2ES0V(EC{X&1j)b)FB;UQQI1#x;V;FkF8L=WW*jHMS%3WW_{`2yv#p|!Ip z>I|s?nUKpSJ!$Ih226-v)A{eAlDXy8D_y7|fgFDl<;!;*lYx&2xV4}*c#NUJAji4q zpQEBs9d%^z2ezf$3wdC~dWPTrwcTly-EQtMA!2XR>#ei72YU%x`;Ct)&;gkD$5?{b z`z{kd01O}YGvx4-%-s-hS_(XC%CQ0TZOEW%F>tGpm1vFvJ(N>~TK^n< z9LqMPTIGCUYNusIGQt#u8oRA$JVXI(tGlIgS!EtAfsDec*$9-3bU=kLP`sHww{1cd z#^LPA8l`BE_Z}HCfIyoR;~bgD;sDH~+WzzO3j^t^Dx2@B40kul811(SLooinucG=9T*leWO{P>^-6NfsZB6S?A!PQLsR;-}M z-&Pu|yahG11qp(K*U-eN=461&DeAP&6Ad+W^|sB*lFA{LFvbcW_PvS#c82$>SHnVZ zTs&%~AV}*MJ?X(bzhJ!jd!Sd3*@v7C@Dc29t7&u0-~@ z$F#%cdM!x@zjZ{RKnL|DTrlX5V^$o^9BA$dH=IZMeGu{%)lRwxg)F;1D)@t<8)i=n zB-4WIVzlO<_qvr-nwnch@eMUHMTWgfe=wPSVzR=mSg&f-ag#Y>MG>dBjI4_kH(0&L zKoqAg7^>75!>W$0Yb3;<^pNNuJ_hLLuy4)I;X zrW9|EVEkh*7_wULKl*uxcgObXi1rRoEa6JbJz@1sUz2cyJg1jEB|WvBCT|z($8ued zaA05gM-;Z;vX8X?jXA#lP<`tG={0iLj~ zf)5Pm3odw8Xph>&7nN?l@B5}_)Y|cQoo^zKR;YIU;UYEYG5b2-90@FUtp2N9NU{^& z;2u^nc-`}1#HpuLKuNRiyJCPX_u=?2O<(pi3nD&k+x$lwlhPd$CBx#pf|TdqNu#Lt zpUd+2eh&@Ye-4D3ShnUx%9K>puknkdGLLd2+GnFuN+La%0SO<xK#&X}AeJ79(_o z)~h^S$mU!j{h15k2wRTk9D6|ee~z#kNro%iG68^@N?9}}$`ZS{jBsk+{MZZRA3|Je z%+_wsWyTwS)O;(S*{D5*z`~B;PrQ#MimTOj%{#Cb{H;%gMugywpG4{}Mx*NyvXS1a zeo5jNA|s4!-d&P7u)*?00?}fG>1Y-ivhAgPKR)}K@xOfbL(x2}>j!|e zekjv-KV((PQVIA{wnHBA$m6y;O=lq*FJXnJ%N#2A&1Rca*qUeL(H_kUGTQZm!yWi_ z6>nzsf?R0aXCLl=2^r!k|8kxsWA3YF_5aN6ugc>d{o_xF#c;nC)`fi{HIaYPF~sME z1ki*8peVD2G)?yBSs3IroC;MpfK?KEE70EYaEP4JULk()ze`D|w&L#Kwj=`pG)D5O zM&>E`C-=6Hlf^!I>v8Zukoa8eACMUM0gY}EYr1j>BITni2KGq^6cR{iyqR|LXB3BZ zFtIXjHLngAKNvUN`6q?lzaU3h#G(IDrt<8uAm%1J4QiS`j#%EHd!=?)uDu`GCM&E4AWyu^QA#Xi#CUAp7_{|Xt4 zvED}_ANgZs6p%xzukHKl%ygBX+8m#q@LMO=MSo7e%drAK0}# zdbD#%IqT3X+7l;FvBA+x?bM?GbxrR7E9*U=n%cJSVG;raLJ2)6Lg+}5CW3+xnp6c; z1e6Xcigc0C6MAn7f>bMBKspFgq<1L_g7hXJH54h*zI}ZE_kMSb?~dFtxZFd|K6~%8 z_F8kzHJ9los9{9*?_HiEkiR0{5i&7&^pQs3m(fDyDm^)y)}xPru-59poOXR_Y;5^a z-r3DBM;J@E(UNYGN1XCZ|Ky`ac}k$8{5p42q{W(vi{8Q4F5Bv{pV&dns8hALg-lvO zk$Cm7nWZd~FggF?%8#PuiWiJVcN~~^Hl(i%C%Zo5i4q(z{60vyiqU2D6V|m9r9e3W zoo`ab$6E3B{BGRQ6qPcj^fg3=*|@g*RA1?0W#OSmp^rJF1k&W5budN>k?`datJ|BA z8a)Ow_-qjKn^cx_S=?XGT=NOg#|!~|JCz}=km-0edTIur;U+l45u^-40t|48iFNgOKiQLiwjsfI#d)c?U#8sppDrmLbm;p_ zD}ppk6y;X+o zV(Juu-lt)p@2Vukd3Qb63uwHggg9UR!@V|TdPo$#iAsq?l$TgK_|fanRx#$*<+Aio z&J#bU{h!YZZLV(Tm*%%f>*aK*ZiGG%RhAiL(&AXi`vkP(YYW{3Ur5Fp7E18P8P*)U z?sPT?2<^BN&tUpmr*>>%oUIgMMCTQJ5>ebth@*x2N8sBOCKxUDJB_c6^??=}>|;7l zd*IB*DWWD=q6jX~i;V6?QQY&Ft)N_zqr_h4jMueKz3QpP+{Tn_WU%jm42WNlcbPie z>W!oP3DK~d9sVjPXwDwi9jrxhYh76Y{k1T}po}LYXKOZMoN2lL^o2F@Mu{<9Q$E@z zMd5NjA#GQcU;KHNml@Ce7v{PjA@c6~S zbM>!B_aIT;kTS9@m6M5siQU#e6QExCKNTUa&5YAy?!7T&RE2e-W6`Ma63|>N6k?Ef z8l6PWLe!a8#DK$%HqCu&V>0^-lfGM++1~z^#lEtl&bG%f%&|%{gqr5lKu&~S2nzM+u_5Y zhwsQa;4&8nfDp_Kaq&>GBRwoDnuwfx06~ny8T=?nT);qLnlI*padG1gD@o|@M zCw@PhGj_|5NsIE1>1nTznL{6TjkKLdW-+aj>lbz&1W}Bq&|O@~77;)5!6Lu3Zqlq5O@*JbOp-G@fAqTY?SAE4fMu1K8I>i|^32D2bPkT=jl8v==D>qli3Wel?9IP`j*_54Ebt&{Hq56&Q%U zkA>8`Rjpu>a0k^<|3WMI6!vcVsX$)Z=9G3;QFY-U@~EcB`)6)mYJg8XwdftJq8O~L zVrQ5G-CO<7zPHHO>~u5|f?;7(@x~t?_BuhecLVP(#~N<2@?X?ba8?mAi7(X1*HP0f zeEyBRa^0-&1Eiesw?64{xQo(WtVlhX7>*~s2NuTVZC?rMUih}Y?w%MGdK=lv`h%2s zq+Szbz^7vs*224$^@0#=!#?u%Zoedmu0#H=3?yf5{iN4D)$WV@Z^ykabX}x-R~z^I z?J_WbrknQHFW)`ge)ZI7k)QVDeu?viTw1Ze1vi&}Zc_5|ZG)mb!}B5`blJJDi)Ajn zTv42^hjTa0UHuFW177dgTkAply}(8?#uyXmXXgFRd$oF1e+B|G>I~HZDAC0se?!s{ z6Q^JiS$%(=(iG*3fF-%2DINwdt$1Y|2c=l{+<2=e=*7XOqik1U+G=Q zh@)?*A|X6h=5GE-)0^pOT)=b#uG4q9r5_I;jCnBdb3W$ll$T5A|7DbldfUnIVn@m1 z`!LX!E1Byr^Y&d%uY$eWn#tF_ChTsQ#Fr~wGzHPUvk7)y_HG7FT2*hnqQomqqK9m) z;0S~DzG**2FOuPsUJ05^%CkV4C6^3iHLz)C%POgEcyOkUqZpumGw@4wakhm!98E2a zgdLuwwCryfeJj}c&&GZ;$89iFE&(m4HR4vkCCfERiBE21TzLZi2Rv=!i!r@xx z=Chn;N&1N7_Uma*VQ7D=L;EOII!>4NAF!|mxEAlg6es}qf+{k}DZ|xb7rvzWQbR^2 zs3XlM<7uBg%Ycu}h?7nMrd)Pf&t?-{_0YS%>_s>-zAoA*YeH zdMzJ+RB6id-4AjWzlZz7#-5e**hKpN0%Z^F0{68bu#P>#u`Dk`{=q*1y;?KbUE^eX ztcUzMg{*30ZhZa2^~BMbW8(a^lQ6&gBOtGN#JLUWA=;;x9v*nPe-{vXcF~samZ1na z>T&YR^`K;$rW^U`@o@Wn&?pkU#jF)fMF%J2f6bOeFN}3!@XInzzkdRX#8mQoV#q<6 z;jQSd1v>VfsYxdCh+gL1p}eDODmr~aheTJpZmY$2CINo;)NPfwb3vQRp3_J++*VAn z37Fow-BXqu8KB*S3v8Mr!W8#Tm9a>+UB06WGe;1vSSAtsv&q!>l^>JAXrOd9>8fRPiAVcaU$&|uV&oj&v`&@or!)YY!aX-V$y-=;QD&`$1>+)7!b)}u{ zD2&v=<%Cv=6sN6yk-l5?z~P^j<926$yFR&7MW7+K)fp`bPjs6$998zE=y`g|jlgM% zV6wFOU85PB0H^}8?GLEFX>Q=|R_WHWQfhteynYD?uo2#x?hKDyxBUF(-BUQ?$nHGt za(3s@yWIUWXzy13-Mb0PsSMONY1q&&<6iNH6?8py{A>wSP>9=x?yC%Oo>J6tm0lhj zHm@gt`HI+YG97eGSc)}O^s4o^?DVf0hkkH2`F*xx)Y-S`yRk3*+XS;Y`uO}J;X<2g z{{YYmzD<(6mkb8g@(H786F@P9jJJ5?dfpv;xM%QLd~1!BM7B0uRPxlH%W^#_tzJUT zYqMJ7pJkRoBn*`j2h~IyaZP}oE^W|vI4F8n@_yu)YF$zfcMp!>MO({jLWV_8Aho8n z8akUBL4V7jz^(Xrbz{L#-i#?^TIf$$7Q@PypZuN^SyWlBojVec)T@IpuZW*M$8mkpkVCrsJL~GM zC{XuP8<`#Kf41I_ukCfdOC2plyaJF(4+7j6JD(_Ekc`-zw@Bu9zg)@>vJ-wFHtiji zr#0z|`L5URFn1oEM5Y9dfZt<#=e zq`=Th_Z@H?2Gs-u0{z9qY;94=-MhC0`T*LoaA`fsGMjrjo82edm@C-&;Ok>kxd+@? z>bF469=~+^Isp2BHd}zZk|$qJ+QHaWFD@5k!q?~t#pSmTW*6r@IPFNgy2%$7$E_Oz zX<52Iy<0ezQ-RM)hkK7dj5ndmSRq>f0Lh(y2;Y|}ft zSI65l2bU|NZ3kQz78dRRCFzv){j8||g)e^R-d$uUQG;yoyI4>OS9R?!XUnMR{m=8o zA0Q__9|(~`;T$~>UcuM+)yp>j4O5IKyJ^X`Z^W*;Y6Y>t?K@qK+C?LaZ;xT9hGzp$H3;NjKs)xVkq^e2L zyEOZGJlWj@-2Yf_UT(n47Th z^FhP!>5O&X`%o*!CeSXHLkS4$g+hks5L8LhLvD5@@N^n&xeta(kUTw9G@lSt1YF@z z$X}g)6?Km0zs_+Zjc7g^{89o`pndiP!F190+YTDZ4c1|2*dVD`6ZWZTQ2s<;=(p<7 zG&*^_gA@aqg#aXwT-4kf8LDHOYG%cvV}lOa%4B)(7twnu34-L;26gSjD)QcrbF zwH!$O`;>2fDVMteZ4gsT8z(Jub+SGYA-RHkU-VmCB@(W=*K*w@Hk%7RE{Jg_Jx7@JrC9WBOxLdelX916?CJC zB@r2Xv2cnoZhyS*wOV6y52L?I2T*;l3(#zB&B|MziIO;{FDYa2E!$%Z5QLI&(*BgX3T&P48$l*jf3Gz__NmQEa(yhQn6EQ^ zPrTUF$j$y?Ev>UP6|G}55t0<{cliuSAH3%J{eEv(NO`|wubP}*9{ULN9&i;lp-4dj zbszg-0Nyr1^09mF)<`$(-?*^#SdD8lKBbAwgajx!0@Cbd)9Vn%qqzN&f$rm&o35QC zGK`GN%(aDe8X!bwcBic_A3~up9@NBEO?mmXdYgc{V!maZ<%MCZAQCA|x#l06f;W~y z-(9}d2bzwc?%m}sR4;aWYYG=n1dY{hpHKA?J`o}wCUlNS#zDtmZ>RiHr=?_UgLK>< z-{YL?ArBMM>I|2HQE(jLP-p2`V2U0bJe?j$-)>BN4tf%>+h!6FSjq1Iubd18Z9q2?F5^D_l$koR1h5pJ8X4b9W-&4m zq&b=J7=AV;!6QC1K@y0!GDJtP0Bfh;Rulx0Y@|LmTvJ$OIeDWVH3ERMquBw7Y7v1Y z9wJgG$dI@efCHUw2!#Ym5;~?Xgqfb(R3xJdHrXbp3pK5t#mpN8QIwVlb$?Y->iUy; zkSSnL4r$hv2fH7c!exYER3EG_%gD&rjQtGNwfat<8XXJ5Gnu{W{6MF}WV+|H$31WN zndFc6W}85LJSP~?WQz;g&lqQ4TSydyEtuU5DD$Fr1|cMq^KqYwl-SFy+s!kB5ww#~ z??gs>Evp7dArlq>iGsY>KJHdU!7xS1kZc z%#&VcF7xDi6Q*|V{o>|iOA&3j>4^@LUBNq7CbSX>kVwP?RiC+Ajq&EdTH&@PJ%KkR zslicHhcvNA;fesl+?;g;1TtcKQI=X1T4c@flKrglj%RVn%-7_t8(cmSDNAYCx^*T3 zYXE&(_NQw%)V5J_{ZxD#&>!I;&LvH!?hgeV4T)um5k~~#8B)um6y;I`&;kTvUudEm z`{UTVF|yy0+((O=d`-3nZfffn5=1N-gX0g3&l>UR_ZKRy>g*VW!-(+vvn!-)t4Dp}?pA`Qm zBBF&o)S5l|g|Z!IQN2QBU-$(wiq`nujT-q<#0U>KOUpoiD&Z1@P6F=Z9e(NRY?l6c zoh$J;CA(N`{-J#`F1cQniHwE+R)ZvASCT-a45gsELV*gkW`46Hb>`mNIX~Z9_e6GO zbhAH$`^U@j>tc1WI@wQ+;+v(rtwp0Gb+h%T=hW_{e(mD-R{RKuP(b7P`%3Gx-=6t9Dd=V^f@jTEG@XA@f&dyAN-K~&%}nj2 z&MW6Xp7+?hw+DL67PffY=iiBW%Ijt`GGTT{CJkZaL8}y}XyK?U6x3z1qFywSI^c1y zh((M6W<>E3^`Fi&UzqHH ztWT9rv3t?DDlk%EKRgwP7m)l1(F&t2Geyu{Y6!G`%Kl{eKuntEtNf;t(mxmGcS{j3poKVZ z%jG6ff;c5W^xA7D*J8nGG16*hNBC5_r^X^i3IZUr^H(RR2>1fQK#kSzl4{R~d(?K+ zkCW<)s2Qqj0Yf)f7J0*fa@?iQ;naYvE;XG(TmO!qq6FBwUJ1aY&)&#hu>X36(W3c{L`PVk?@`e10k%wyA zpAPse0RY|zUcHr~uR5Y3pTS#gJ?Xbg2UUPqLRvGxSf924)*>tp7`JH zL*hp+D?6J}&^CRlZIymV@w9ySXw_8LKBXa0qzpThDj?|x?eahF@jmeaee%?LO(uD_ zk@aLaGOKKiTYuj8WBrf!WxBGLewbDsKUkcEv~^;3AoX~`?HWMQe9Z%dzPrMp)PXI^ z3Z#}8AQkw(-VYGK0ZJRw>Fzxd`GMf16kc(`;dpO?@A|V0d1^+pYlO{NYwtd81(g$Zh z2eFIu&s(2@$z(8rXP`Z=nHIb4A%+Nsb(5@CMZZeeE7+zV-rsp zCll9BQCQ1q^&P+(clq-xCk!&Ae|2OazA(PmXM&ktX>W=YETqWe3)=5cgSEKdB;mgi zg=BiO31u^(7HQTSE$j@VjvvhrH;xb1xlO5*PxgD8poALps4q8A{HSC6K@Mdz5HK)DANNWj z6@_U52`_CsaVY$dQYSV*aCb1!0g{0vfu{S^80d1+-E{2uYgX<`pw@w^P19Fhi8GLs zo1F#uEqpgr!kg#QoVnEg9)uvJHjQGe+zVLEpeka~7z!Q5Nxm|nWMLr}4y1;WizG*? z{_`Fg4x>#WbBA|_*qkE|Hwk1ENWwIPn_#nF5#S;sCNvmH0&n0yorRfOCoxUGE!HN+ zfBeX-ayB-sU(?gy{dT$3eL`vB{7{ONZK%Tp;7*fgm#X6s(YUXHDz}2+!$~t23m%BV zdC|(S2#O6EqZrSC)aU2&OrG%7EMHu8I3B5mCZ#YDKV z@bmG~DLJP{f$Ck!;zLNadI#&NdZHk2JYoZQU9RAl?gy(Mv+mU3iz6uT>{tR1Ti=sS z9s}>4l?T(z;dCOrSa=AdF#oi*Q9=4naOmBG+mQ=+BmA-nBbqpd)Dmltc^b<^e5ird zRo=w>37J0=@2OJq?K8_(VU1+)KR0qlmQKK0Eu4~lI2X#my$1XS`JfH3^M-X!#;V-S zOYeOVYij`BgY~4;WD@fq(jR22Z`0du&kytfUK3WO+y=Zz#}hu z;V3ro5)xvhs6#Mq_&)v;zIX~~ow=U5^th;Z!vzoW9;nXp_?7VGhrH->#5bGlZ!W)l z*&OJyP;^@m9)gZHF+g6<5QTFH7|_^$zzA=M;Kb@b)bu5?3Wm68%^Y4YI;SsYCGgp4 z{8O?mp*c9?l80NZ&+Y|;S}3h+ukuNa4+td0CdpcrcqpEoGyhZxMA?TLsb1MMfEPua{pXGMV?AefJ{ zu?nA5f+$VT@GsAe%o$~$Yotepq{umEI#NXn8$J<~;9_Es~FE4h%+9Aa$gS1zEzDRVDc zVQ(tPaWG(}If6~6e#3FJqTH4d-Wtcfj;1(QIR!T^w7A@L12+r{Sv|e+D7$DD9>Ki+ z`NV%0bTdt{SHTB4-x(?}cU%Yo`;%W8|LGMHj8nMb&DE zX1RRw;q0|y>@|rHn{8QLkI+je?K1V90bgFong>zReII^70v6sA#U|zgEZUc)F$#Y@ z5+|0LcLw$oNc0sWBCozU?^^CKWMR9QEMd9!a4`37KquQ1ovE=j>O_8C z&iLR27s?vWo4{GbuvUpHKS z&zQ*u2lHUr_A)qgpH#%M!NB{uN4T_>1YNddQ2qrGO@y1iaP4^Sx zO1VL!C#U(=i%uQow~d*=onVY4#5U)U8JhSAyj}4zt~VvrvA6zSEJLeeqmqB)(TAkF zcaH@$S0+WpZ$F(sk;k~+MnYU4M9}ZR9yIaKajS*)dmjH1&~m`@DYSVAIf{| z6*lWCudzUrCyki#k3|(B!*LIQnG>e-G&e$AS0k(}0pBAETHx#7?oIZ|w*<=9ve3XT zdT-nB0ywHNC(~Ob=izW}oa4@3b$sJ@Kf6DZKo)u&M19L3YEkk8?EqM>-wj!4-A~*H z6-yr`G9b2qC(!)TRB^l_h7*X?o|zE5HP`EBdB#H`Gsq z{pFcQU3Un6mi|BbcVOg{l@0|} zt$x4^JAr@Y)IQzFxmIA?7VFd=&-0zGh5@oF2M6HUJ-B^IL?2+n9G?@3f=WnGcWsmLY=FuU#bCgk#TT({UVW|QloJonDfA< z_g7Aq)8se7o_#ROE0X{*E3IC96$RJ}mlpsss5|u0*%C??%2(V|N6LfL%NS@6;&`$? zRG6gzw64DJO?S)mK7P~>=~mvU-J1X6Zrd8|3IgIjU!qB~eyNpQ4Xjp}+(lHVbsUHExPetx;9=-Gwt`ce3J05%L59UtYTieY#-uz`)*(4U z8_a8!0%*m)B13znN1!z$fKPr}`|Ia`0GX82=k2Y2L(ozIFpW+ixha_de=RL;13M}- zF3jZkj`=wz6n5rG3Ut2zF1*{7e6N1?qLh6fcK4gUa%%B0kPjVs5)8bnJdQ=*C%~I5 zWJ4h}u(Z>qy-M!PLf0Mx818McS;eDNYHFZ09l|lM$>|#G19~lWhp&%Sl@3NNx&al% zVaynKL7nzU)AQz}W@i0ieC^5c!S{E-xBQ~YW#RYRXlrK5JLa@p#S>lxmT4vfmkC!| zU|8T2fi&6jw%D*KQ|5tF{cp6Hnc2|TJ!Z$SCpW_Pr(Z9rW3RxGvB-=EXPHo6rLRBC zLFQ)=n&Ds2j9M3Av~skqfJf6&3lLAIhCqsYWLEiB*rFF&HJ7e*ff}!6i-04KI~35H zKHixmIu82wSc$&Cs7cgrCmwM(Q3Zt>JzlEX8FBbxUjsDQ9b1^2LL8vxxK5jM9S#E_ zhGj0(s=J_>-6wAUy@u!;x2{L9w`sNbWjqgmLt_JLRkDEXCmX1u?LV`lOjz$Hoqz&4 zSFoAlMgi{XnB?>MXh+7Hu%3#V*lVtAes4z)b)~()fQi!N_8Vw@=d-)^L{W6Kxmu=x zvrXrc>wb3}@a}$0cE_9#r`QhJUvy`6Q64C?oQ(FAV4J##3qWg2CQlRl<2LB;^ro*; zr>adrzC}GI4)HlM4qF6fA?-fd49vFiHyTAc2Vu`E{+rgw!>nbVYXkq>XlsV8iPL!S zeRtvJW5eo6a&P$7f13s`QZXqcPU%nk<;`|JL0*>+0Nid~vNcn9yl52|ze_(;2}l{^ zejrG3DC3(vP+N$=Eh19Z@pEFPC3YS+7*UMFX!O}|pE0?y6Z7gPU;fcWy5dhrKJ4Pb zlo|M$2nREX92!x1`?awuLBv+Nj&6cUd~(8d1r6X0K%V+B{{= zn$-LNbA&%rHJuV09MZf}lc$CPn)aR*aI%Z#*k^&IYReJQ$H!ZKrS&|cND$oI%} zx-}*<_z9lH;JY9j@X7{SGXfbqJEf}_NGv34R-{&CHy?fROw4mQMUWc^Nn~FNJ6a<# z$8&5rt=D~W(J)#{MWiGfTAfsxjTJ=SCJt+G!D~c?$4+-!-rAYc#HijB!-@qN`8N~n zRnk?$o7@S@*U`NqOepj*i9WI-!j>@rvs*&V>ct^+GqCu6OYxJ{ktcM) z8p(NY+xKq%>=IyOnH4n3Xkbja;P~Q5khfFz(Qsd;gOVn)@pRzW8||knUVDSamQ|}C zCzW!PZt}B{PDe<#UuM%xFhNsk4D!Hv;~8LHY;$T?7s7E?2wx1mW9)^Tvr|D2i}Y(| z9mv&UM%C@lpLXxyQueQ@1~}nLNJJoGa}-lsDNU4X6N*JNulbITGn_WS4PzkrLh`1= z_x!3W=9rRzJC$@-^Q)gIFf_f=d1zQuPgh7|+do+#oQp-s4Zq_l9U&H%m+`Paksqn^hYmdz0 zYiT9~1trli%#MF1x5t2?V17ahy14!{L;i3BV{w#`>YBi3rrt@+5oY2i=+0bO9N9jW z zwaE9GN6H?Qj%*PR5;&;`@(^KF6JD3jeL@)(W$+IfatY5=wUojG(~a@^QRuQ;EOEB}_w_iyA&;7@61%bwyH`1!3^c zW;VWC(jf^$Fg zYl-2|_4QN!^QXoZFl+-|oq}-W6()ChTp&2*hiF+9!(Oc-mtMYW4aapO(4VTZ_G)L8 z)Nr$MPklHW=;AIlJ|hk13VR}VW7v5%#(>ASy291y4&zDe!!~OLy8$Dc6sE}-syyK_ z5F_mJ?W)`lXW?E-|I!DjUTk8K8^bKDVOP<)ifzI!oT7|X1*jRSa5H8F=afGjj7&AL z9@G{Sj?U^~BN_mQ5qXz?fSys9Ko+XF7LQ>$Jk6KEYGm`Z!?wPwccd9kdo_y`ZDe>$ z8!Q%{moyv47)S-NI`3|*Hs5=vB1Xb9!c3APyg5kD%?Myqe0#HU@jNV&zD9xQx>ICi zw7<30Rc>CA{p9h=^X=PlBsrb|oz~MOFzHoH2o4L*B$Y(C`U12hr43hTQ7bm8oMqe0 z#IA3GlBklo*DV>8D1SIn>vIP~b48F+NFwK@b4I(Oz=cVlUVJP(3hz^hJw=`Ts*OY(*P76C1 zH)+0hCfH?7#$OX@9U00)I?%~bWERGYxH`Kzu4%8S1?&17S2;5t;kn}3TNhNPs))#F z&|@a0Pq=2ga@Xsgi-ppiN;da=U}2vYEU^*iz{+XGmKX5DHTddvC|YS-c>-+bX4bT< zDFO$XXqg)6Tpoxmo7RhnP%=q~*#!vAb9}rq*5ikPOWg1eIWwEc&K;ds;$bbkvDu_U zBbv!C8|}?jpwODAhy9AA!pvEzTbnK5L$@ zA4Mea+^##?xg+E9`p3tO^Vv@G22#3A5~)fJJQ91`QFXkr29@lRoM@f)@dSrMX^%$6 zUJ6UeP3vwEo}*VvYZ{o6rMUjk(LSsWV?KSo^9Cdh)Nu+)Kd@s6AXp*KED>1cS;ZEN+RUD>8Xk+Hm^UwPp z-^v@YfY&-Qx}%QGL-4cNdDsmWKGYzvBeV81VrLt}yQ=hklToy{q^0;>i1WVEAv0`1sfLE%nCgT<|<|e8Qq^=<5V3GA@O1bTGAg z3tV-FB-zMEnAsA*mhr7HGO5@z&5(W0o0FLG-Q*)V(>S)|5huM>-y)rPeWPnoc-HA8 zLe5Psf&bq_Nie=|Mfkpl@xlaRUEo<;gwJYphFVSWJ}UPdCr)YC*zv|rSM=tZ4KS01 z=CdU(2R-*?1ySY-8aqeHmyzTX?Mu_^?k^+xiMsIB&1VYDVGs7r>0edzSXH`nHNtq` zu(Q5rw#`B#Yp6&fi^IjQe}c20*hkeEO!{P-bE=|TLmnGP>yfxX=o3=X6q`E5kE;a= z|6*p;>wKyr!>V#`5}Vx>-yG+P^TrziV5#I%$+{TZy>&E5NgEcCL`8F8fDH{$NOI9Cw~Wq7wk(l#|0U3#V6FN23YHt z%CQ-mNLTCtA&?5LZOBMNvapduxV@VyF9M^u&4pE@(9YNSdXt8S7D*LO!LO*HMH(%3 zOP{O~c+=kp2G(x?Hb?*%*yjBl8Gs4Ed8aJ*5^w+Boj}!8z7@z(5pJSTNc7xLHOsWm ze%@_xMQ0UFT++o(j`93tv^`LNqTCP_F^20;=LuFu^QySnG?Tf(H=JoMYLVP{w$O!OL{1r7vMj{LPeXfe>$~jgAO_g)23@_=b%1TRYF?XI&LOtU} z6w0R7JLb)A31g=*6BOP+A-PZlz%giIB2%Ax&6_ zN0NdzM~phz`Iy|tL8y{k7S(LbU(Fj^4*d6IS)aM~gyfr1D?jYI3l`m#E5Pwq@@N7y zYklgGq#g^x@v7>%L|r$IM4h;eeSt%w1wZLTLZD0MbRjteS>X^O0${G*hCe1C-vokt z-=uwd>MT5jSu0H?RX6Ua2hoovnDvOZO1<4YNAd~NPmyfcK`H+pxFNoE!N+@6pneC! z(@OLv!;t{aC?vT{u$4Xd)++5)8YdU>p$eRmvZGmwpuHVUXC#6NHItop=`U2a4c6tE zKkWdVF+2#|R$e%l9)i10(RG@|C+1xQg_+Qw<0>6VDLFBVtuOAub&?v2E zDUYuqYwZM2qWf6E>#vTz2KSC_)4t&mf%^r)Z)beWO%Y6d(0$a4>+kPNgrJTZLr~*@ zf3gfpjs3!es3*t))g(0yN}E@ZQ>;zBs$4x9ge~W_M|@%VTZqVsTYx z$aZ3?u#>qSv|ctsV7*qfj9wz21%qvqXf>pvk$oOvXTX-_qa~qb!D2t~zW>yj!bSIh zzL}ON$F$~)?(-(9>Jri{SraGbJp7^BzfFgrSC}Zq2yB_|>woHQ-Up^EcWW_kofmC- z_u5kx4x2i-a;oYkK1I>11mKn-UTo^R8d(RnxAIM<-|3~!ETXg-pPs9+%LSMn_`FHO zovm5v7|v4YdCM{R~3y+C!=Cr8h{sC|oZ?0xV6@t43ouglpz1bFNJ-J}!p#(og~sRD!R z(H83y``;fzKM-fYUmKX!<(dPS9Enh6LoKcWCh{x@(Xx2A&5R=d_eJ0boHQ5 z?vJ1jc8U(0s6&M5JpT_0{-5z_odqxC*)#I8cM!QU#J-q~zER_hh1fsm{yoX3!8KK` zUk$;d!5ER_7=~Iu7~R_!AQSZ8_2fkhgKLQN(Jur5$SC!nFUqL`|M9;ou<#^CFb5nw zeiFbAaQ^2K_Ax@P%D=B^0N0?$;@?BRO!|NKO4=CQ{r5Gz*kYVJSUIc*LRGF+&DnB^ z(u@vDBK-HGl@1=fIbk^v{8b3ke+C?~Ikf-pFZm$^;QIsHe6C2`JklyU%mP}9zO?r{ z|F?0Vr3e8_Vej^T>-?{E%2xrPkYMn?7Uh5cv;Gv~n5x93_tu-NJrWuCM_c2XdV#7{ G;Qt4{QM!i! literal 0 HcmV?d00001 From 3ac3d16f6f292e040f95567bbeaa37d2c1c7a462 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Fri, 27 Oct 2023 22:13:05 -0400 Subject: [PATCH 18/42] update diagram Signed-off-by: Carlos Santana --- .../static/gitops-bridge.drawio.png | Bin 88833 -> 89536 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/patterns/gitops/getting-started-argocd/static/gitops-bridge.drawio.png b/patterns/gitops/getting-started-argocd/static/gitops-bridge.drawio.png index 3e69ac3446156c8d4f9c6afe98022e8371e4f0d0..603b7e3e33b22c5805b38e756dc748ddd16bfeba 100644 GIT binary patch literal 89536 zcmYhjN6z(1w;pybU>JgcI|0GnACMdOfH^dobJ`>~Lq}jvn>lj?Qo|h&!~^gkJP!}R zeHXv~3KHwo-D|M9QC{`yx%=0AV^^}qbj21EabP#%Q*17+a%1;_tJP%{2!`=ly{f4>p_ zHw13*pN%AIhHYHyf1oV*t_)l81MlE4c(q*c5`upi`Y$m4U&#L*d}OBSR|G|>HQPTB z5l6|tQ34$P&zkHR`acj3eEv0E0p6q{>&Ewzd`Zr~n-Mfepufq#F>r{hm$3(pL>MCe zhW^G8jQ$&@X>jI$3{XViztO)@aLi50WNH4V$Gu}Owxs&!xKpXivpM2Wawlv>xUb09 z{yE;GSk?vz>yPOE`@`Rhw|gr7c{DGMCIdYIvJ!yE^Cqd5qz6r!f0ybzGn zEt$=X8-Rq~n+ypU!k=5)K(PM?|MMnfh=#x2l-3;$6AdP13=0mq6F4D@&YF`>V~Z(< zQBw%q2FP5@;O?7-e&|AvfvXY_JWEVw7h)gD6WRr81#pD1!HXu*H*8Q}At~_;vL#i| zONtZahcP0!0-_fcb&-2|@l~fr>BRSOgkHemZMxF;Y4}bpU0J{hj{Yb(BlQ6-bvr!i zY=%g3q{0+WM2PkdAa#}wXaNmj8g7h(g0Sh4+MUnQR zNw64M&Sv@js}mXaip)B;u7i|Y7alTFY3E~o?JP%35*AQrJ?19G`%>nZ8h51rEPup1 zaZ?IjQsKD3?J6-{hh{%IN1|;eQIxDu(O*l4HeDWb7vc$M1e)ia6^d4v8Mb@Ay--m+ zcOh+}z?XJTFc!=$8{L{#x^GvD>!xDJ*;E+gf_=2h5YE%?>5Z7oA8m%)v3)6fxcb9VP8^o)f7$>PJf(DyQa(T@q3 zZngq1;#7f`^Fa}&Br=_P51Bspvu%fKsj0}t65d|bf;;*>CuB8HcXliMh+b?|*r*46 zPyY_adv5>2*{OXE#;v|aLMPXqtUe{Ykgb2v8&E;9aFBP1ud!tlojO`M(%ZavC(Z0} zaB#s(V7I}9u=1ImZ}%$nLAJ)rN-|ap`CN1BJ*z+9)W)$TKfH^MBvL+v*8Do?`grH$ z9b$rz@bem)px~AV&kN(d5NkK{exTFF~NLe5@F}MXF4c6;s{$~{Lk5&7tq83m%!?)5KtxEQVH~3 zobm=0@>ijc?Rij&?L0zTfW=@%m!-iQ_2jH-&Cew3x5b#tE{P+f=!~*LID57im%Pf? zS;tVI_^^?Xc2~To%V%Z?Z-YID1)#U9h|o>o&Kg#w(@J z4Jox(@4#Kf7MvCp;G#r!)@Zu*U&nkV7>bZ*NykQ5dgG@Z$YleIkIe`JMh;YK4vb~X zI3-JyI&dukAgqsVx)vj~o9IC2y|HBS2c9mA6sa^&1U| za(sbTF&e6wH@jP;%ofZrYX_ib?DIR&9oZ=pP3=|3@2CXvi9)?bq1{BBv*D5~*H>Fo z3Ph!lbS=gk97dj_?s9^NQm7DbtICET#E^$qMwdhExL~>(?(`?y$&2(yy-a@pgQU$gu|9W=($t3-tx53!--r2NN zzOux7fu??=J=iKxT~_?3i9bcK$i&|O?kxIy`gzu!9-8*bueWxXH`9>rk zlqdN7xa@cOiK?E#$XKQwD6kC0hvKlyp5ocOpWu9DJ^uJe`+Y1o|tEW!d{aIQVwcK+IR{e;Qfr@SG4%*=vX&qBYqP4Yeiu zgGiJD5i__VnOKq_ftHD~~uvYnE&Dz&ATCZ^uW0)NQy`fB3nNdm{EYz1HZBc~OWuQYO|+Hgr|JFg~reQ^j2&V;%E8L@1fTC;3?VerN?<~ zD4D2qqV7q069P;m=s{CHIgqm~F7j?KHQPpR7u@KzlpLY5U;@R{ZuJSMzSv(Qg6LsV zKIZG=Ry64;*^aCkiSG$a7b}m!l9q0MdS@v@pb1oh#lSvQ&H+sq?MgM;@bpnqBJ}gM z9H;r!9yrpinwK%YEMnp{6n7Vt5XK!dI$`L~8fxqlw!yQmTo6{<7n*8dbivgYOZ3|3 z`Bu8qmWgqEy}m zJQV6uM}Nwz-(-I4z2T*=yhF9R?O8-Y%NHkgL3#{sK!OJfN#jxvK<*+IIFEfAR9<+;ghb}P<(D@4LLNTG2nfmmSRH3*}hyYSmRLv#26DC%lU)L>O zD)C{<<}9x!Cy*h6>{~;HZwguGTQLN%8Fkw*3~uJdLBLh1lvEUEig?pC^0?hE@9N(o7$L+<7Do#KPXl z_*(BufVKO)D!I%91bh!~81{joWc#b=Ej||E6<&*Zun}T2wg{7M*c=mS^_iw*`BzE_i#$v5{Yaw5e;9fJ8T`OFi>U&SOJ^XQi0eqrS` z5X9{3{>)lof}bBbV|Gk*-|o;EpCXjg5+^O{b#%bAuZzc2`}jo%a;aOg8ns~M95S!5 zCDIpa4^7&m(YPIa<&27QV%J;$ilmq;40FVrL?mhz{c^G~(Zx7txsJ)-70*9weW)~I zgS7a=FNgI(k6recXmifjOux1>M9oZg@Q(x6Kg@gWIiqEox{tDAwnfh1(2>p<0S~*e z#y@1%aQ*n+@XhADeDa4(0c^>XdB)rXxQk4t8yQoGvDpQ8${1mVO*8`!asbqsh|zRF z9e-rVM31`ozHnsxAcVbQG1v9^IYbv^-elKi4L}eBU7MJtkk;>U$Gc{_?Ey2+*;dd| zC>+KH=lc12CpY0_{ET>IpB!>$W?E0UvKGTEzpHpo6xwuVb2O;q=bYZv#veKG8@l!l zCjt!sX5!rd<`{H$c!R32$OAnwu|Sf*Xn-qXlgHWX)z)*~{j?n6i$leRSA|eNOLi@Y zBBFD+vmSQl{1k-`=t{#;_R)R>C!cbu1h*){P+Qb0-Cop(=}I0!e(pX9D7OtL@C&R| zt7BVS^>V?5NpFPHT9Q-_DiFd_>!+M98U*JkI^GLAA=GBaOJk?t3 z6`IYz{#3>B!#?kN+lrlUlB)$u#|8o!CPX$!gS1Cvt(-zcN|=k9C-!va)QhEKoj4rP zV+s;qC^2OUnm9_%mK^wrU&7*viH|la5f`MQI~lQR#G}raIE{+cp|~p7jZvA?S#!k{ zycH4Lop~+)zL)M%S&zy+EMq)}<9fpZ0yy@gbh1o1U)>sfl$GMQt-)0niI0)Uwr|u7 z8(bE7m#DJ}jCh>Txq?HN4r)Kec6r33G}6P;V6IpX*K;J%Gdb#7Mg-{wlv6jzQ@@Ng zXmu9~!ISYnsd=M#M1hhKyo=>9h=N-xUVmK4ZcbOMvcnHnO*6l47l*eCo~X}T^$Giro5d7$ zf3c!}&3Hy6(T&^pWgUc4$R&(Xu+%rFMZKnGge_o&O(?VJQ0lz?9x3{qyEJBU9d5Y$ z&BjoQtKz7syiKBj6hL~Bv)%E)J@EQ8h&V-@LYn(0YD)ceFtQeU=I~E@knR=<^cy=J z=AN+J3W+AT^xJ-*3gD~w^C|IgvM=QgU`%gs_M1{Dk__wdu;D_C?m$4iW>y&l0Ik<{ z$)(7dNqfb%hAS&Zv%X4=eF?Iwb?n%z+CJaXJTZwJu%bm z)ccrCtzP{y27$F;=qXIL2|^y|n%W=7HpPy>!?ENswli%5C6yZ9KH?ov zptzSfto2}L73av!{pA^4mO~Yp@P06ehUnY!A-h`iqz5824UF*{N%Bbem);TtVc-x#*^0t=_qNb_}oWH_Jg<2 zupS346g3o!+QeTHPoyzOd@0s7%F3Yxg)5nrxpi#(=AcJ$7Q{;Jzret;?dL=QaFVYA z%qBfMwe}rJqE#ese2%}Xjd)QyHlue&V{O>$4@x7srZ+>=w@^IU4WD9+cbwX0Vto1X z$_DQ0t>QpfY1AKV+VbnM`uEN_w`N^F-jn`}5QHtV`Q>uvlP|9sg#DC5m)&;KL@5-nH>>jChb-Dda->>2eLp+Eg=Z+ z5tc~Xc2cElSh#%1c+J%>8RZ^Lq)bA-(~7n52g2e5ZQcRd%X79 zUoS4I+W2%72w903WGUwqr?5BJ{&EaI3}6H(TLZ9^4~oN&B*ac)t(N^6c-HnUF))3p}QCLw#;i%Y3bihyJq@sR|8zhy>4yG1K%b_4*v003gwpLKxo zL{~T1YOxwF41Kq}CjK@P9qvAtBKxvHbtG#k^Qn*DTdD} zF%t^5hg!&x=L7W6;;L_^DCx~%J|T(#5;!{l_BxbQ2FyFYjLE69Qp2zjOfv4TGZ|H= zDSuvlRG84skAoBM7RTjLaa=h6vJ5OBMY^IO7G@7GJ{Gz_kNn)-N+>cm$M}Jyr=}sxGDVR|n(Iry~8w7ifGRpvcynm<>}X`HrE|`Br>y zgp1nem&I4JCwA|sgQ(h3QA6{9=!BT=%pY|Sd31gFGWy-ssm=wcKIdsd62s$asq-Ra zx<~elnh7U!jJ|^Gd;);~CBrjW<)C@cvE=YX6EQkw&+#6D{FEmH|82;?y zsv%a$RhSK*!jo-*s1YuIHu}0W)c|6EmsvF=*J8=@z+{SKJ*9SO(}L_t2P)Xu zPag&i_FF+Bn>YCTDU$*vyS~7si%iN;{Cm}1w+BG?Q4=wY`9_W3`45y#_I1`SM)`P4Xz^K0_WzcJL(f#_YZ){>LukR51uc)oSw(;oG zu6%h?$w)B_FP_RbCAb(~FRx?|| zI}R34r-zBxH;l(`drZDV0b>p;cnq9Z$rw26PY!6;zz6}fYYs7JJ1IEnj7GZw&dRTeknnUo_VCNBh4Vg#aBx~+dRABfepPbBsLOS(4nO^HRws6T)wv7bk;?%A#G@1m!nPfrecd6z8-*bZW!W&}3on`l>#)wUO_zlX_IwK4=24JVXlx z%pPBQhyoNHUP#|TAjJ5qS zS`^RCUS^gE$|SP?<+GnhE}>owr2MPe*kJIaD~Rt%wnoRV_KYfwvjin@1gvd7z*4bp zVm-l)eXgpN_c zu=4(Z^p#6;pWYetZF#5BnfB!pL<6o5*-&!h&8XV0+U8_S!Z+CFTU_3|97iD&WZd8^ ziTr9Nt9bdVu!H2R(K}!jci<7-&d92a1QSnJvZ|8+lnAR_%|CUaMxpVV`%~hmMtNZ; z#|E~ZKF%`8urKy3PSu{Ge3;8XhGNjbobEVkvq)%4A5H`C^k@o--?2AUs(V%FVEdh_ zfB^u7z%{TvNw!$4VgKvfh zsW#>(kLGd&0iZhRI=&|ty{+ z+Clld!P;-z)S~9o`0C_G(yr7MSihjTmrrtePl;vp{E=K=}n6r{f4RvN}LXA;9MVI_WF| zJnn`9>boFY_~7tmf;?2YOpu2PkxX5-G8`=CWK*G0jCkeGfvEF`JV}roj=^`SGk$H1 zRQ+hek6zst{c3N3<>|(>aADDIz?q;d04O(QaQ{v_U@Q+uu-U4}+0ukDnF?D$S7#0v~y+`=-Jxv&?2R$}G`JJ1UDuvgAFk`x3NR4hsSiq~cd z(tY0Upl_n}@Gd~^&RT$OlXQZr~0TvPRXZAwVj#!#Aw1%K`IimkeI22FQPwXX~!pwRlBZ_d&s* z71OGZBLK2QO9eFA8bd|17)I_@#5hID9tvZlA4vJ!9vLLVh2u-+_*@=wZM6Xppn?jD zztfW5Glk-1cQ}7EPPTV|`l867nEPVq7a@bldng)^h$-I%6k9*L<|Z&n%#k$WnFX@q zhH;W7Cs_CySxi;aD0f~Q#LGT!C7v})DEl-xZF#f&+gVi!cJrt;C;6%%Xm1R4+*p8? zC}Y&mcP4+gq;A_4ZCr5eo7{<2BWgd9tfW;tgNrwn3m&RNCQQbN~i&bl=!>+YZShugdtK^0>yCjlesNsf^?z z%&Of-WUYNZruTLD3)kIIW>KIm#K=xm|q?6T(5XnaLxdhj=jF4 z18$vcwH-1YAJ}_sf7!`4?ZJeb6-y0zsBII!sy7O?l&bK;EZ9hNw0T*$i{Buv=Yvq6 z5kv(});R-vTf4QJOSb}YDsKZ;tiuK(fuk7acpd9dF#&wAJX1gp`xh%C)=~PO4d&6H z$?j@`gV~Yt^Aga-D~cT?%|SiCnN)^p|FD4UYCgQ*=bIx;Z|W=w`^}Gh6%**9D|$SA zczM9LP>Pl_NBkD(6a;JUhD#W!X|1`eg40p@$v=h!rB-i~(Zthq$cX?u({?>j9$!pF zPj5q_VRE}La~?nysCAsj0C^~=F|P^7BtI)TVerr>XSJDBX4CTsJ!nF!t7YErPKe`_ z`(j1_ttV>HoSTq$KLg1hayI%%{YE`|RJkw;((sW4!~hyL$(c-^Nx%iq5pZxrT+i`ns6lijRx|>c3u~cf&x)x zMoQFjZIB%sMf8zVRRV-JLsZTC*~CzfPKRcIi`tY6+&!|nF;$-Qm@b^bVN@HToFTGO z%h^bg0T8bS@hajVd!;|;skHhH>>AGBvWB&MvwETQJ%isWxR%TmcPj?g`fMo|)5@}If%-hjpo9fXUgpm9d3>GK z#s<^*8LZ>bZPVP`LnI#D;IwN7W>_Zqc_{QnSv}N`LW~vrEdQsSv^+1X_ z^>Y$~fWysH>l`p**2tR&Ip8*IlG$z(<9Ll4X}L4i)x(M12DvQ*k`WOi+HX{36(In8 zVKsihmaAw{wDgI8_X3Y4R(+#>(9$z)9jUW`%hcxsGXG~8mpm!jG71OM2znQSzaAjp ze@1deOli{_zF`D${jyb?2W)`^j0Kmr3VLK5=;UfbLfID#_0alfk3>{Nv~qy zdk2~8I`D%}&3;PB;(smq`TR-yeO;J(xYUa}m-Ng;Ek z_ZDg$Mg7fdUjo7vq*8brE?>HN%cp6cK(!>KV)uM(9mJMX0F8aGWF`gW z>%Sg>1Qc=bmdm&{UC^$+IU)FS)6TH7v?&KrIOUOM8&R>hvSWgcRI~K`0{ftoa?r zI}wti$}5umddI-r1Pwyie0K`4c*C)w&58Wjq&pt1p>m?RWo#f7bE+0qBn?ecwqiB7NkPH47vN?uoR~9Wy}OhpbmI^Ff5@hO;rQQb~+Eu`t6R;WQaX6NZ z{y4)8o}HIJQ19vto1qaT8D8ltb4AL$nhR3K7=s#X>I0J}*xF#B(eD>+ z6`61CSVnvTV_**(QDL~wL350x0jRn8b-K+C`uYIyXW5cn*&`CNk^s~l$e#6IP&e4S z-OjF8!YE+M-8l(1oz;SERElC`vSRGd*qxa(5GjZZ#qw*ALf?W-g?cr-Q>R6!8DX5L zyCC7Qt+BPI{T^aajcWsBM)lzfHfb87YUc~}f)2ZLktD<>TC`i@_Bp!`1&+G&_maM9 z!7T5}8onTqBoi(_AEC6qK4I=-1SBm6S7YH!Y5l%5d3(TAi1sXsjcSj^qWOe9nP{^a z2JFbpO zXq(tf)2#NZQ*XHiDW;-#E+F2+J|EKhbx!d{MvX!?uNAkkIaR^?tXn;O{1^~%@Hm_8 zy|31**h&X*zW^uEK(@Qy1lWX!(ds@-p1D^Js0Np)6-&?4WxS35t|RQM8EpETsf^AM zT4v28)&ncRf>R3k&dA67Q!@_z{4P3-+*F*w;4QS-a3y9lBy2h{3_IZtsT3inWF&;@zM=1cfw^{b1@ z=_HLgb&U#?N#gpd%M}1MZf+*XW1A9y#WBZjeZ+iq^B7;_k|cp$Frdo5k0SdmucF#r z#>W^&;Fn)}gFQ3g=~im2jMtdnD3_I69z zg>D0d-+%$gd&sr46d{+1Do~8sn*PpZPqBHU@}65y2H4}QG6w@Ct^>CER zmG8cqUY*U^lZJ+vBJQczu%suIW*ixKvXeT5asJr_jCYv`qR?OXY_<(q>gtG4v|_4NZUemM${N8)giLeRFJ8S? z_AH(QN>=N`c~$!fzfkV<2#24b##4cMx(IfB?YXf0{1wT=Y%DpjVeNZ3x-b z=u&*rO1UuCz#Fi%48S>&Yd8`wz0ThK2Y^(R)daP88tm)95k;CI4wRmX-W3V@`mw(_HhYV`*IE<9q*gY((-(`E@_at-L)bLh_gY-H1G3}>01l^ypC*x1DrL4C;z5*)0>+=!;%e-Yn&az zvPwRPVXbDXnEh)!(%uASZ3oqx>AC@b3+&Y%qy$78;+6wJ4H1qFJ0OnkIKqz%C3p7-H7XUW9vy2B`;&n3(IQXG^|Y1X<+(cnx&=ia7|{8mSIyF_SLK#(f>H z{ga>t!eBh{;)S{+;l)Xp!~KR<_Pq~&cN6t#H;XAT*2I2(VY+!~BAkzaZMQ`=MeQ3UJnC!ZefK;Ce1}Ia1{#5N+HvWiY06`kItXT91q?^DVi(v1U ziMooe1jt9k6vT*LnetLi>ngF6WqBq|BT1n|2IL&f@DvmuB>w zE=eBh>3}1ZJH%llC20s+IgLXeNd!;(4lYzLC3L@lDhG^iIll(YMRLMOWdfk~1}0q0 zFC)Hx$j}ixtNvh~U=lXWLI$t7015S0r1mhP0k6p8Yj&W$&U==>>h5|YLt*QDVBSZ;kw8*?Ep>*PV4 zNH=y1@X`H~A1WNH6$G+VwJ_lM_XFK)*}7W2eLU5>%6yjD`*uILgRd@1+#*xGwI_~2 zfC1{~OtWX3f6Z;zBmj^pOuVIUL3~pB`jqPx4nf=Fa|(8QSU$zGPV^!Z_WnIT`vZWw zob!4XRHng-xN}C_lqhDVbR-WY9&E5%Mg)A$7Xn;5Kn>}l`o?IK;Tz$I?}aV#i- zutOjM`o9uW{UrtAL~Uw%!`Ys0L|%~|*h zAn~uKTIz=TGuS|LNAP{$g+(|Uys`CGu0@KPz-}DHw?T~fX2dV~t?H_@*yFC#99d&X zj4`Bqvx~!cZ4&s)_6>sK7(bRU0>0xk0wM=cxtn+dH@7M~zcSDVuR{}TXGrdVm?20`9d61LmafKy$yLM#MdOLt$;Dl?a{s zf5@;_$r*16%hx~nU`Z?HLxf;(iyN!s$QNBC%-Qs6czb=!>YW(a7mJDnQLh!A?$a+3Y%5B6VkP0(KbNJdeF5 zrN(Hk=_|DRefsa#Z3>+OXbPN{aPG<2ORHM2&v*n^h-Ju$HKb{%^%H-RG)gudnR_0~63=&PXn%dPFWhbvq!4)HM_8cf45I17NHevX zaX#jMfFV`wz*>stIgP27s3A8F>;h`c{hI=#@XG%tz+!TLa^8EFhtr_Ax}V?5C?`{; zDvX!A*VuM1B4f2W>$U^f6_9cUc5*^Qq0cOsKP7faRm>-_H&=jr<0R}&G{L@wDQaSF zjN3kvo8t@afQ8_fT3`Y2mzKi^ziI*wZM&46v1x%726nv#OErUdfK-VCWNjAM#066u z>@~U4Z>pGXsG@FEQz+(>C0=u9TzvOGv{*H%S})72;&O2bdV6iA>ncYR{G>H-q|OA! zp{VQ^BJ%eD8F(!9QuiHHAakFyQA5+8KNYjeVB#oRFDl>B-t}Whj?m z(Pa6C_()X;dh7=2kORKg09XYwqyAtp{w)5iZN6@mk3V@o72g0-7`LlrXs1bT4uQF)CK;wTh*mm!bfJo{ zp?6rp1*k^34JtFkD*IR)vO=57@r_Xw#L${7+H2JWGx&`b=kc^De}14;@GicDdPA4< z!W@{9wql;STqc7ze)WY5-FMxu)_IPcZhEVDGtzEk1NI$-ocaJ@o&m(uA?aeUWhB6y z7!3Qf7C)h`xcApOSb)laUyQnuz+3V``(RSFEKGzrD&v8`Y*hh1JFg^Gpl^{plGJkv zcdr#Xq$*ib3}te-rPqwGR5=-vp?5bhfIHP%@(5zlWzU^O#sJHHJDb_HWTW0v5D zZz|a6Za^=`+W()gH-Uz_|Ki7I#$fDY-x*6}3)y8Ej4edAkS&rmYj!b1MY1MKND`uC zDM}I}vSeSfMD``wlYRTWN6+(o&-wp;=YP(eQ(0!-%e}Ary03fhCnqDI5vd0R>gu`x zEkerDEJ)2yQYy&E@4By=(d7_=e+HO%n%-~%gSxW8zEZjY?$`9?v;%cLJ+3%P-t@aA z;cBTz5ClAR&0QTN`&Lgz#|A4jk=?bm7ki~WerO`&>epR z^bIP2FM5NvOEpVp1<#vSF4BIMV3bhziliyV8PwlESGtw7q=}xkpQXmF^KLQ(0rbjw zUw?lmeS`DrT%MA-@ryvt=pI~h{ zGjk8kK&cz@R;IE9Zsl_xq;)_9F|?Eg6>KkaBlk=4@+JxfAWI?8?TdjSK{65wQc{;C z6zKO174*sos(HzhxElbM) z@JJ)@7db#&wL%P?&lA$C8~WFcjpdC3rNG}k9V`gdOR0cMvU(s)15nYD4KWK=Fmw!X zGxC+c?xlA_$~#03eA(AQ*Fs9>mKmB$oCAM=he(}1bl`>>C_qSs5RT*~;qerpGD~ z|M!*80F5OPlKH_Q`tNtpZ^#Z0*6P3CRSw;5?R~CIe4={mXOgJp8w@qKiYO^HN6*O& z3pt(5Tx+t1@7&ij!M|sd)$fw)etT(F5VrSwe@|EN3IAOR=Co`DzhCtmjq3kwA^_~l zo>_NL?ML)^sspDEYt5V(&s^ zw@7KY9=*Q${#W;qU4)qG@$U2EgLJ#_OAJ+MR5&}l>^1t% zK<-$c`T_iKlA|(e-#ei~2QPDSxS2Re_5hAR>?#~Azb$b166-r2yx?lH`%DIwe(v-P z(fMEjn2WIs|62eW0-dpf_}DM@6`T*<_FyC{PnIhsnwL`%v8pV3bk4@=HDuB@Ni`ze zvNovV(OFO|-ujh#`6Dff;;o;kMAhT!Y@cRURtKU>`@1uVPTwnCeK$MhoDqnnp|W%t z_ranbh#cv_HESMkswQ~l?bQzp7auT*<$M09G0sKfDBqJ@`nxg+8JrK@i(QKRpGoHN zLxv*FUYWPWu}Z+>q9=kvO}kZblU->ZI4KM;3&M+E0=V&CJ{j4fh^Ov99ZxAGak zx!x9+8`&D}-7faN_4dw>7ilD(3{;*US7ce0Ln^H_Ga@TGvlUE!u%QGdPXs1;F;M`+ zzTRcFEpl|`IYk^DWf%jMu~(OZ!@u~0lYpqh?UqSn$u7Mpx)g#mK@PnJINYDTx+^8F{=9Bu9Bg2S{&&ls;2pi640zg$PGr=Ktx_xl&Xe6wh*W!b3LGAiy3b#@k zJtBtPJv+Zn8RIfr<=g$#swcWB0lG0A@b{?HJchdWuw;N$-nnGtG`ERTGlrhCCtpYLYYAsMxo zR&UN#UXBfdND@oZBfD{Fq_v+2kpn*gkY+bDTtV@_+d#qt*2cxSZ~sZw&r!1Mr=4$0 z(e6??@YtHt9whQevkP6R67?G3VOt*iU=p&k`lR?q?Gu_aY^X~R82_|^iYSx!>O{oJ zYbL6)y8V|PW7U`0WIc*D=m7MW0AtR7el+;{s(X*7M;DI^-o_qy#_yH)6JOV-8i^M< zHwL+;>nAMaYbg>O7`^O6(zjUly~0U9CeETVE>}l2)Rx>^V0gm z`L|;0m-q;0_LMHyWwQVNT={=7F_IpCBMgKUx8}r7#f}XT)1q7^7_-f-i~eh645B-W-Wt2R9 z36X@CZ)kI`f4DD%rJg)FD^KGnu}DW-i;Pr@XOl5q#%5qE?;{bYJGti$@v+l`SG~Rk zQ4OMFili>|LULir4M(K3@Y6=sV(+UR>1hH`Gmv10Ok*dCEccpQW>s{Zp&4RlBPOC@fSZL5JuAL-PXSR|KZ0q z#AN60X1A*NMA@;e?`#K;|F3~$yYOSp8vnIICXzvzUX;r1{h}pwt_!k58TuI?IC1-h z8pV_r_Wgc2Z@K4ed;yjgQNn&=|CAMq4|!tdjWBy}W{=f`HNh-6CP~d{kh=Da*f@mu zO>|pVAIeA?FB9X1t+6-5Exo@vTIkSJHDoKosd%er`ya2WC3w}&LK5G9dxBD6^=@tK%uNtFQaBJYpgRh0{|Zf3Bxqu_Y5`Lvg`M=+ngQ&grF}O9jlL zcobJ*iw-QmCYKfF$YWo_>LQke=*0^QXGE|=VLpss)5XiC)n=OG&DPO{cYJ1=o$eb* z*yAA}5Lyf95e-CVQ0g@7{%#k4WiJta7&M2KJy(C|tIS=&^6zR5z-r$wBz_Y74+AtH zSqEhF0<9g7rTnERpFxgy1o%E{&?xf*nC`bAA{?oG9uxzG(_z@u5zt{#QjupRaF}Kk zKK|3Um-qqNPI!wiRSDH(vr&-|kG~CGYvMai3`x1Pgd~-IL`fdBglV#HeLQr{wF7Qp zXN4uIzPlMCC~|3-WiCDg->J8WIe@?*g3x~*u7ot~N>@6l8aq&F7;xh00kf{hR#(nKxu zR;hrS55~)gGU=1W$srdJFij#qo7}tV0ZbIQ6-y!!t?$fB7Cqt!(Q-v}2WgWi+L|gL_a!esH(_iFVBY@A3502fs|I&4Jq{VyBCz<_@Gwv{IYS!}@ zVz@gQ0VtuORQ5GA%%lwN?;87io|yfC%T`w(+h^9Fcc z1C`tu3h<%s>#o@F?kqV&8}-Q?$PnrO&*!3LiFSt^O&&mEV*aQGtxtMrMuAMCb$R6N zT)fjK=<#HC`^)#aWqleuVBW2&&X;u(caTM_v#ztBp= za8V4mB-f$VGUN}vzm|I{vc$_=5`LtS4MUK&-oc8JA=oURYf-ISz(lco)n2v@+xQ}y z*8p(UX?5(w!-=ebAb)(JI=&*%8ZAQTCq*8>;bN>d9*0~ ziKOqe#r#)FEO^`pOL~JST9LFJzNj?+$PoQnqCd20%N;g1!{4d3@=Z5mJE&uo^S5%;u$fay5vHPdrP{y9ufvL%) zyh1Bh+oQ5#>Yfg6B8CiW|6thT%1cw-iE(W{y6Z!Ne7yL5NGTMM+=>#rdKE{dfOmIm zkP@_(g7&GTh{LpIg`Bi6C9%B%^+ zYfe?PaJ84}DP8(&;l9AatyR>Px&E{8WqA2xPDzJ5CDtE|x0gqr7n4`C$>pil0&d79 zgh=kH@ECbh5jfBw!jp!dcKG^8==ZNzWiP$$wQGs!7a;Z5ZhHSJesR7K7q$7dkgyfh zWkA^YV?~$F{2L*>A3-9IZEp2yKK|Y`UmdtM{w8eCcl6+)pdr`R+*;4GC=&P|D_rjH zsc7!6P50^N%Ic3}MRXj>E7Ha7Y>Bg^x|O8*r|dUpWdfGP3Cqr>BhX~&Q4W!RHnAH6 zk$p-Bqio;lLk;f4)QZ`}kmuLbf%4VIcA8!!vqcp9GEz4O#oebAA)3N&tzF zZhiQX^aG5jB&WJRmp@N4(ezo12d+f0ZoWjNylB{$oP5}|nZMZm_~~d%q{1Isx_?g% zLROuGf1arF@)Mi1i&5J6)Y}`KnTsS0kx)@e^D^7lBecHr9jrSp9ajW)R~k8=0Uqu% zw3tSY9H0&lbF8 zaLadKx5jHLWQhn-?bhm;CCK2M+XYzI7daGsb$atOWvVAYE;r+LqvF;oU}0&Oo+!47 z*B{cg Fu9R2B^BT$AA%0ZrttBz;Xp$)RjC8s9taRwxM=Gi52|Jpms7S_Ci%8-GM z>&&!RFx+vY$b-t_b;MY_aQ2X$dq5CrOEFXt8b*w|HgkKOEZ2sED0m*Q2r3TO7M8~Q zB!l76^vJlg7-o_S&YAuMi2yxI&o`D4(cgYc=E-!qA-FI_;o67cA})7K(B zSlFM-Ncr_nxrs-FJaPRV7yB|m&^EAmA;4U}4$J}vn)||RXZj!-*Vz1Sfk|)QKFd*|D^W^9eJfe#b z6h*z>Y5l9%pz;J3acY#W?MpVu9H8%Rbh3RoIX;+SqAJ(bR=Sg;9D4C!d!xC2z1MW2iV$LEQri8dbtQY9Ume=c+b1+A`E?&O{MJwNA; z44(HB;U76v!sO3JW_i}=Mo}^eo1SIDTr1lH=rWrVy4pL8++fImo~;z@+hN8+0XMbx zca$(E_11evtlkk6%tNq23l{r~*D?r95iDZsjg+{rYAW)S4=CrM5q1F2v&UpOsO$`40M+6A8~Td4kj+ zcAMf1D%Y1@Cm9wgR%A&=SnPFPAjnYsC&-|#!Lu32OQP`ex0eQA`y^6i?E!PL^j+u@ z3pxn@?)t*XWB3~JdK0~&&c^hYxt?blzek*(wt*|puIRO^aJZWtalH2!19i{F8s$N) z>ADn`N+=tMc!^4wld7OA_}Dzn2TX4qTc{Zs3NJkoem@@KKITYO0&&!ii?Xm`K;1&i z>tLQ?lMpXUQV1p=Ne`sR)c>SNdv=_+CuuT?WaVoq*(-lKq`Gz9d;X{#1aegycxO}n z@-%?9?d8`R|L|3F+rK>l&VkgJdR!`pGM!@AZxk_hd-G#Qfzt`EojhioisuVz{^}Za9z*g}V-*DM^3dBkP~LwbnjUxR{NW^3Sc9^skj)P6vH^;HEX+Q_*n?FNZ?31yT4-iE^7eIXKe%oFF)-bFF zu7#7qlJwtec?5Y)#`{#>V{-JpR~a+P5o#>VOZ>b_352-ccp{pnGi-6(s&SD+arYb{C=xl$Up%9A_&y~^FpgOCl8Sl*d~ zTeGaQ!lUFS!c345+Loy_tOXU&kK;KWwscdbe(h~i1}@klnDGN7!7=wCno$|$8@&G* zH%Ldxi7Prejp?Svj=G*)sDd>i&>WB^I&>~3|00J{khj)cuLWD!&X2&%4Ip;eS3r0m z=g80Q9)kGQAFrI?4?_ER&W{$$TeDBTXV_vv`gt2E-&viigyH&#h_rnk zmt4-Y4!C~i<&=PdkVi}iYcX(6;rxIXCBFSC`M1WA&w=wEgkzz8n}F&STgp68hL`Kw zfm%l0ly*5@E1pgFE;-|X8I(Od>|VU0>|wb+egS-?F9CDBH zka|BrKk>d&boISwS_g@FFXS;D5OGRNDG&iMOPO+B=ZGnoI?nF`3gLP*`tD}GBJIH> z&}H9}KJ0eCk3mCVF`1CNkwwV`9mEV&V=~_ukYh63%OKT6F9VZl z>Poos4`V}rCXjEg+=3G2J8Z zMwPu;dbKooNor#>&C-X$M`Bma&s9&tBA|cvT-3=BEZ`x?`(eKol<2$_04kn)iV8?P zMP|Gz{Aa-A(+_b@{4`4I*g^-7q0%Qn4AcHS+r}sN<5o(3L4oc<*Ap4B8IZ`CQo8gP z#*1Ekr*9$;J~1UzaRcx^rhGdNP<;}$C`UIZaEgExqyyyC-C6x1Gv^4f3!u|0^Hjk2 zTlx%aXJ9Y}q_qUuG7MZ330R9Yc9WqemT(6n(8VEH?0K{dr8_n!)mmy2I z`}Bfe-OD}+00Nuxwo6e@jO6>fn^`<;1WppmAe1*`6ENb`_tx1k_~dA(0Pvm2$>;~n z;)6?8?>)s#UR*L$1k!y?ESc!IpuKfk97T#hrV_n=eCP}3pCkr(WvztX^4~y#btc@p zl*wF>HV<2gMTI)Zl2E|d&Ge$c0?b!yH!t~{S-iawKTu|82PAs2&MdiZUN%Y~L0wD} z6mVn~7xCd%woN5EDI+942sG=qU2@vRS1aBH!TkczsF zym1ofg|tk1N?iL4{{W85X%dh7HNW0(sM-dor`W{pohM^qo1Gz4dcTl}^!rdX1|d{_ zm(`?>E-D#VJO9ITO9H3a?)n*M4dB5S%|5Y@u{qu#jTD~mVn-2*Y&6ik4Cm@gb&bHE8g33=UX<>#Ry~kz!8WJ_!NbUI+ed;3a+52?*ssbNyypc|aL?r~?s0C#MhJcJLg#X9lOkPY%C! zm-%{c-sSIQ!Vo``W#T+I+njowpGr=*GQlBCj?h!8@b?=`lKN=38 z1_QbOA_+|nKqKjMO7}BD858}I5L;e$NVn+1_>tmJ1mbLvXJ$l}qALz5Zewc*8z*3X z)@HNq-=gPr4Xipe{S>5{v{7_Ws8~h@Vxy}06P+F|C<2q`fs!N6 zWitfa2QoQ8=t%qe5~>roDSi#9x-(Py)5rI$X!^A(OVwEujsJgjEXr7CNWkheoAE# z0q9lmv*nC}B7c82<}Tz1wZpS!cfxY<7vKaGgqkRXICG8k118anl3952oM8C4e0p%M zeJ`+_1jPcEkIcm;F)VvLf;)gBGU~>y+N4vYL|MU*|6Y z*wdVTvmegV)bnqx8!Lz~La#STSEQ&Al#v(o?biql0L@Fr|2@+ly_9`_x$e0?&C#x% z_Nb#H0eL5xU;v!-bgqC%=#o^-K_B@fwNL^qUr1?>{thTu96U)xe^5}U1qa$5V zdB8@P;z~|U<4_H+>mKRdv|qJvC@tZDV~$wBx%4EZksMcFkS7P%=YrtZkd6UVUqOG4 zrBna6HC=82bm%mm=Sve@9U|q@gK`}#c|5cD+Elu_>A;8TxAZT=UR1%F1a%JFI34{) zlZYHq{Bc{}_kavkM#BqBl232Z051kaA5?)23>3+!CX?*T;?=rh4d#9}-(}r$aE#b} z`|REOsPF|>X>`PC#R>HdQLQTt=*xP&#H1A1(s$vxAU<$6C}U%#(-^FzkEc+_ zF^XfN>csrM>iRz9NO633*mb$${_IU@G>Q$)FJBoHGkY`6;C2KfZGxxO*=S~(s@KYY zMhDiW3K~mKu|Xd`Cd`HrL9s~k2q0=>;9&%gVkq#i@zkdA;_3v2@%`C`@%+h~7ta$i zv4YC95BY|A)q?Q%;2_ocTl~yCc!Sw!lB^lCzN)e_|MH3@#0wnOu`Pd}4R~a)h1PUc~%AX7oL7kZ>j&1N! z1>Ik!9N56}OvPFf7jE{cI`-F{%$Whu>fXPzCf+&)mT zyum?2z#$9<{~%8-cbBW{E)J%SX~zog-62p%eg0_ROCUe!V9rFl!+Ow24TjBtCcQiR zw%Jcykm1rFgk{VsAoVn2Y{I0>JU1FPjHOrXo1OPi!qSW4AMY)+%X_LclH!K6+L8Xx zRsP!&GZil*vSY$BWl-|l{Not|DuQP^<|teQp7|6hF+v@Ovgc%~E3f{sg6ea{y7YY1 zERE~exT_&8m@)H#he>+zg+qgC{kca`5AH2`Ep2HYa3*OyxYvfet8vE8#N*dNTj{mE zw|A~~gif>klCMNoP`^>sfWPA&HZ+OIpP3InbxUSgI33kl)UK16FGmG{UZjYE?I}^F zrd>}NRm*SPuWS`%!}!{Sd;HGYHc6huf1YtrD>tq^fhtt5SG(Akjwnb+^!Ro9a7Yhf z`k4I^w)S00XFi<1xj!tNkt&i5vD@Lc;aoy(zo<)fY+<2a)z zER4lSyl959Hhqqg?U=u+j#N5#1vbz*GM}R4WmvHQn-SXkR&a%6Gzb*lEb>{WfdWKH zwVzczAA`9T{b@z1BDJN?deh1txPnjA6oyO&mJdYZhO(BZMOn@roOl(HQ)?=AF>Rh0 ztyrpxdtc5Zr#d@gb7e9woOQu>?$i~9X?2`>QATL|Nh6TEC^UqBu#R(xXcBpKv4!j$5XJ%81hsZ9p$jnhBs!yL!W|O5j}pKL zbLDb>EPO{TWHl)t{x7r`Nw+G_2&{sbR`~tL>_%|D^V>1CC-mjC;=@V?$7~i7cQ!w7h$&;Rk<45D6G-TGxT5Ito=&j^ zA`-JHz4D{ZkcW$sBGau`2T?$}MiFY;K!1Cymu|s`aDOOX;DfxMANkM`-}xD|;o(fU z!Zf+7;0o7ypjPz5s>Po&=TdVFUZ;_qR9!CD{O;3hkA9X!mE}i$Lb((<6*tKh_W!ar=gf5TfbHASmK67_>!wm#31|C2GyDnA6k{JAk z->mHUf~4C2nihUHic36vNEGniSy{^j(hE0!jqbD|MlPtn(o}nVEwr-Kevn+A>6fCk z?fSH|&_G_<+x1~K0%%ra0Yn}MHXsm1BXF~(dV_6ZE7WjzwhY(*qOv-HQT|TT>J|u| zdnVv*i2j4^D3FkyX5L9v?X!1H+6ro;&uiFjYfVbp+l^>Jo#jaR%)HZIv)#qb6Z!^0 z665Rr@DXR7_B##fVdT$gZ~d>-6YSGge^|Gkm$f+ZpLTqrg~5)KhDWH+pjc=Dd^_yD zuv!6ldb3%<7Hqp5ewLxy5m)5W!;(fKFgqDhPw{>^)LQx{g zwoR7a-az%>&A^rL*;TOgu|K(63?K5vHHoy%DcN~&v&hyXPCglflY(d8SgX{-NdXlRf}b){x~jsHX2r zrbuuSO*M*iew@U2n!F8Ct%TU}zv}yC^CvmLT?{5y$gcF}UK`JiI@?E{r^davGBp|g zS#TmyU7Cd(BQ5Vk$++;k&*EJ|G)uX>Xo(5;DC2J>j!|Vfn}BYzb1E5iA)&Ivq2Tk7 zV)ZF|>D?5UV*Ff}z^Ic-`+FpcH|61}u`Fq3n68>aawmixESf z+AEbe#m?Tnxwl?`v$N}VVx%f*S@%Ma%8O@v8%=H4ya~NjvrNuQdFR4C6}0r(?=KUd zFAuW-{pb^%j)y5fG6)dZasQ0g?*xjS{+NYMcY@vDM0&khsUjU1sv1ZU@%8P~4fpm6 zw4-X(8tIunR3>^h$*Gu%{@h4eJ3*^X{Pq|XZD}7n!QGP^+ZT0UjWG?I_EOmGpN=~r zrHFRIf0lZ{0+ay~yn{7TM|a?PNP{QKmog zcc2V0B)Bu{7Iji=6e<_0!+m--JGTlA4kLzI7Ju)wEQS>Ir9?RIN7#oBE?HA#aRQ5J z#h_RnaNJ*rK<7n$g?fRnv?m2Ycj3@hgvF91Kb$6z9bG>AK9a{MmBEAz)BDXQ=Uks$ zZ+u4=l&coLc$r(0>P_8&_+ZVBPwyl&hQu;4eev)ZfI9~!s-va-mI}|=xR2`k7r%r# zOVfpwI^dU+S)a}X)k$TxHf$lVLA5y!uMaNv>V>)=$#Wke0-h+;yDX`|rm%NGR>%&| z>%51Q7k1?FzBV@_Y1!O4T2O&>5VK7P2GMQMGH}8F865tHi5Er;5A4da`IPr>hdiOs zHVEHsynZY{GKdoK<-~DqZR+jpdmHY0^?Mofs7s$6tVui^BU&Z1OnllmcN<6CF!5IE z0i?PvXsJ#Z#$kP8sTGUiqn_M-w)NC0hNO@akIN|c+m4CbMsZE^B%Pr-y_LJXi zKJQ?HBiYM~X|B}MQmnK4H{69fG)@WRPTjp7I@^LvuxKpF88BB z#kWf$iGX79r=z!Qv(y7nw$D&wt-KZLyVp$b&VIiC%s-Yy61};52ISQ&yqfSeFu+c< z*2x;G56d|N@`LV6Pi8pRY|F5>%GlMVUHT8IU3#i8O-I7v)0vbT_DrHQ3Cv3sL`zKV z+>YPxGBJG~pkL;7|3Mp=CJ1z7`AZP?Knpgw$fXaYcPQ{bO}UrhhQ0Vpnd7e>z(CS3 zYMm&=w(G8wZa)lT-pNv?14U8}h=wK7N;LMYTmJlR* z^%ft|qUX>*F<(6jD;4*douQOBTxof7g^U&jjS1#Vyj+5e3t2weZYz1Xco?mZ?KCz_6^lA7V z;ryR2R_$`?wng0FYXE;~s~QZ~GFI&dElfJpI8eSGgGE|G(CDJ83U=?HNFwd1nlvwY z{&rc84hGeRU&qJ}gU=6qs9ao=va6Qwnl}QaT@@(pUQ9x4)n1o|`LYm`iHsCv`MfyC zmi5&iqXnaPr!iVf9s`iI-5p(FL%Z|ObhM~1Gvxw#hS&X=K*1Gra$)?*G>xaE$`5(hI?LOapPefZR|-J6w-c;#@f6Z=QUp`-UFv>0OEsh9}< z8r_Ckqj=Y7FfqnRs!M-F6htCl17p3ejj~pXa(Tl9_j8OnvjqB8mv3~8%!KcK{8i&Mk+?y(TVYjwNY(O#1E@1X`xdp~17!F3*wSD~l6b(G|SUjVUbkC%>3Z5$A$5 zC~8c}A7G?$_852{v7X@(I^nU+_v!`u+dbpov9`v!ZhTe3!^g*G!EyLiX~rncPWwF0 z8({o&mTkR@ADT{It|u+gc;^D_*B$$wy@$M)6IH-rR8^CN?}aw`U_RXm#?cVkog4Ul z5y`ZZ8Y<^6DYe_d58teQw6@1Y4KI+g2OJiCX*hWPN6=cx+nf)VMHIevvLRJvj9&|i zt)kf&Xmkf!9Gy05K!8(B%h46!_a?{Q+!}35a&>5;%*S-VhIhKCLT^YxRc3FJeEp@Q zh8JJr%2QkTP8?Zi9k+cuqBsCa!==K*r6h25f<3i({LoqEVMHZT10cs!W1E5!n9f%@)Kh8`y4DKX6Af11EyIeGAO|rr3!h)odQF>j;Dtw_a;D>ATbn6G^3>5xlvzHE zK<+Eeqz({BhVLdB^4koqm=i4Ui96$?OI76Gr*n{BpFBfXX}yVvSN24-G;-bWH$3~} z_*w%E!3i&r-O651<Gh5c0DygXHJae-}K}6`KC(q9}Ot`*ZEzZ7^7xU}gi7kJBvB z`jUgLDstTyo7Y^umA+hCcX+qBs%*P|F_t7jESy>H52%i|fzh@C(7tzWwLrCo>1O6T z?+r?H)6G1!lG_)XmroBQIqqAdYzk=VR(s=&UAdqI-k%^2Gt;iO*VLbcMZ}Oeq1dc- z^@x~%@FoN}9qn)ZCd{mugBDi8{2OS1wc`rkz4l=`R%Cj$<=3}YbA*AjcJX?p)tW=| z22k2MhomXgf6P1OTif^ z(w+gk3uUBoW1@6e=l)8IfATcF?$AAy;*FESm)CNI8fbKlPQe{)@6{pa(Wu_SfXAM!Ywvb^eqK>MmW4&^mo%X%ddv>t$QlCz+I@?Jkn)?j;WLOfO2>>(&z zEp~%iV?HPzpAY%tQf&LF26Q`Xt3H)+Ps<_Iy9>srbf0U*&w^nXLdoc;;p!Hc-r57r zMY9PPR(rZprulBTD(D?XlgRs|wv1G@bVGQ8^(C0zj?Le$26TV>@WsH-y(Gip#d&)} zB)Gpd)3@c6Y=2_J=Tq}=;)RmG)CdJOLL*2p=st+DJpc`t7eRTM*z3z0sK~J@-YUu= zy=)KWc7B5n^>)yPDNLBlBeWL?7-aGjs$iAwLzj?zQ(#%?U|R7jIDTHxg^|uC<5n~W z`a9MOk3d&kuOjGN=kh=K6pp)p6Ddz!9fP)SSX%}yuU2waY(ZzDB2OLNHiE7Eqyh}U zAt_{RXLMm-=(KxWX~=fFZ9Tibmxu zVYm_WJrc@=#V6Y37>`532vMr?SB^gzwJZPD4Uh1zyw$C z`(Ha_eu?j7KvNuH`j0R{bi(aMbhF>c#*(UuWvTj_E0zU`G~o)Ktwyox>PJ~jlg4Fz zylVdiI}kHGscq6xHC6h|1xeMr+dVh&ZI|^8$r{McCqF4TCOY!tqr>7RgC4&Cdk78L z9}ecG4O(~-I14&v&E@WZ>%S4V97%C535=NNfZpiYHo>Q+m!WAeF!%OwsxjJG@x4Yg z_4$Bhiz>zHwYr0R(4ND_$73Y@^V_TRFwnH;I}WIkW~mEGv97SCqJ?P<9|`GiUyiUXfwWEJGq2up=+Z(OkP{G>S~@#()Z1$#?N=! z8+*lPbc(;EH#O`#ecE;6(6uJ_P;7&PDzhM1bdEJ>tUB*8EYbE@>O~F1pS20Q@Pie( zDs_oGXiY4Y%6Tz7GdB!kO<`}-ldntv0aP`&7J$DG?#H=+=Kn+dZRj~_y)@BeFf;M$ ziyA-48(A3@h74K$=jMe1-3@wc}Rf;i}j%ljFSJJeTmNC>TwJ1=RmB?@RUjm@8 zoZnVsZ2&;wiXqK~bQH{bhYZ&4ri&th*+m>x;jIXRfSJCuOr&L>wlhg2?}SF0Nn?$A zs@$(IG9ceVD#$&nr%0;KqnnAVg|htzEh9}I=!_sPLnC3^^j6lVv&>yX6x}r0GxVd)u{G#*CQSr^Gb1#oqs5FUA zy2P}Z(0Fkg?fSSViUC#t_~PNL(Nb@_%*XU0l9b^mM}ZA%CWgvp2JaeEx0Z(5gFTWI#UQRW1@vQA)WbX5RCx`W%r*@E?7ifq zE~rOANkEW)ZGnAPOV@%Y9~bZTN#Of6dY^fhpi*(`^F||C0c!EhFf5l4W+}j==%3EC ztq1PQGQTgrKzRSSpqaTsP#WXW{6Z{5EgT(AfK4GESWKEVK#t}o_yT|MRCKk}pB%p` zcHFp){OnXooF{n4BtNe6scJ-J`sN`&L51R9_ZSR@Rj6=0S##ZGn&Bih4&Xr!fV%ZS zrHnQ1L{#4vj5j3vu>FqWn`1t_ZV7U(@vZ4J+I=Su*-b2CN@#WV$xx%wpv5R5)l zGzfW`6hupgl6R%1RE8(>l znJ&x4Qz0yMlRgnQ*iEsS6h0I*FAw;*Zd7h=^y!H&2CBoaegci+#1rnx&5R>w&HHGXgzIf`=# z05I3nHq~XGf<}Fhb}T=~r5s|~`R8)o(e_nW(4cZGJ8uaZ5&Ao~z+`4AjiGzP=+Sc6 z6}|?#HF=vS)s`ZRr4==}5X5WIY~oz))AY8YxtaU%B~aLVBxIt+74nlu?cx;^)I-9kaO6M* z5}rgm4|-r9MUm2c1&zjAnxo+7u7hTJw}NudABsm=?&P*cPr`n;od=yERXRbSabzo0 z+9Lb*_Q-iKAIHd!%px|Y+~t_~uwlapwYSU$v*&n)K@Xue`0}wM_-VUh32f0|(Bw0G zAB5(@*-tU|p2UD71XFFI)b@1ubVfl(bxLKWbn)fq_ms8EV}WmDGsPt8Rp@T$zc2ET6Q^a54Tm|L;UJfV@yLo&!D9|0y~+(x1|@L~buwZWOC0bnl0 ztpNhA;I_eT{#%@=r0yj}lD3$;@Gu=zX0#)JBaI*%C5r_5<(0CW%T)T6xf$OtPjg0t zXfTXx?Ym-ky9%@unb}a=3y|~@nUk_K{_K6e@>6z6hwjugYn~L0ShPTU?Z54~JM~E| zszp0sqQ;e1Q$Bv&N?y5eoVG~+^kIr#YR_iqHn%{%*RhH1?WxCcOU$Cj>c`_%df)BF zzlsG7)6gKXi;{g}pRHa2WKj!^6K?_2vw5{g+oO*YqW8y$8n?}u9pk-_;&Aa6$?^nc zV5qf+%XKOP^3y*o98Ka3q{j2EQjGUBazfaBEh<057{qTUaTWw^OtYDKgP!FOF$a># z0vg$|UEAnKCC{cgFjCyRo`?!a8q7J{=Uxr{3~UF z#Ey!H(pkOpD0Y-^z=L6ld_a)jculAT?@mQK5uVs^^Skuz4_lzw$u&a#1AJ6@p+wvr zWdd5u80*d;I~yhG5L1{aFx9pc^@CwI^ao%9$);H=3L6QH!fbda*t{c>1UW!LbMtHi zl4{cVp3;IO^m8vE>Vz%(^5*jwLJ`F@X)-+27-!v#<*jD z7#Lx8a$}lkTLp9IF&H9xRrk5CsWq-N%=N;Vd)Rh0&uHbNC`hm9c?NxapBsvR4M06pGYPQd(Sn&ngY=h&F5@ts!woJ z&$;@P8?;l}p4|~VJ-xJWFmVcjh(r+@4ZBoN!nTA$!90$sG>e>Pwo1}QG;BVg5PjI1 zBAA%d4$do}EcBzc2ONeVnh4vBKSp~u(x_;tC2R#@qMQZvQ`o+}y76nDQ_k*18VpG_ z9NvWUTr20EBYGJ2czN`_UH5H=pa_LBEt!u#~29o1J#>yJaWB=4EAk-k@;4RoDiIYYi&9Fk`ln%l0)xKIZQ)d{uQXD)WB$f>~aWZL(r323} zV1Y1O{P}Rb?IG(?gI_TiQr^$A-<E^G0Zzk|B7G=0NzJC~%9jC>F**$qhT$WSz& z4|}6C!&ocpRAR-D`+pew@^C2sH{6-Q82i|F#xDE56dJoiRI-$1?8;8|ZLHasY)K>} zm4t|_V<&`?ecwabvqk4K-{1FlopY{p&UKxC{bAns{VdP(+|PaA&(`b*6HnJm7+Akac_0GQbhPqtR9VS&NDZ=4%ow(c8N~-c+XA zQeyC&hHcTNw{MMPdTB(gh^tiwI0)60C9uyxNGPo*?aoQw!&l>}&qXHLg>} zGrT*E0jED+$$nHTaDrqLBA(%?p`qO!bNfJv`5=qfw5I%S&Gqu8-*?a1##nU8lm;!m&ZL+!8y;0W*-2x1-PaoIP6N$hvw(1x)PZf%NP$Rf4| z_jw-BEt4k7WWPRvBcc$udyQU2+KXWC!qkSN=jWa-^sd`mg#k=um z`{A*xUQpT>a;qw8J94Ypff%T3`$MKeBJ2yNq1(1p!KsnBUjSikorL3;XQ^b$liS1<5fL?!vSQGDf#Y9@ z1zOhyg=WV^v*^%8^H_47hS+1$isXo)`=mA!^EpmZ{PPWtc-2pjf;kPc9Wp2rOoej~ zcGpx@Mv9pJFKI+!h=Rk|4CWvGsnM{H_wOj2=YlR@#(e|{B8wnQ!IX9WMN-7lab#3w ztBi;dI&aH=*WU{<-t>!BF&=;)GVOX()sf<)NJ<-aVvWeb7Sk6K)MZ4}IdAhl1536@ z6q-H1Io$W`r109LFzLh1&fH-$J#W98qYxNnRAzVsgtvQv6l`1#zCUkn5;D;ABtvZ4 zQTeU1W9I3*dYz2cE?d@*6U0Yi;mHx=gU9l-i$rH^tphv1kyf+2B64Bg7>1eZ`?t>* zlM&1Q1cq{!|MG*}M_w^^}P_XbjPn#;8!8z*`s zt^OUSY_$pREDobswUt<%5o0}UNU;@en6a&GvKKITSyy(gkwI$_xztsDx&Q!Ao5Nnb zkIK9dmYk#lBXp}+$F!_M0y|_)FGM{B85B|KD>FtS^-*4Jlixe$+U6eI#t}VVnt-Q; zcbb86^V!P4=wlt!=p$R22Da+^Es5=}=I4`~@5>kwaKU3KLT~kBXI5c?V2(|NuEgiu zwp|7kmzyf+DoV^{1e#=)*qLP(?+2`$40{E>jNijdBF(B?qUl6T(Y7oybABSR>&2{b6XyP({J zg>TwV$*igt@{xKnSWLKlD3X3Qa8uMrAG zTOE`t(Ehj>4l`opH(fqSpzQJCut|J29r453#hkAZTP zmyB`hkO}I-wxdNZM!d5ky8^O^@95}?y@9wrGp@t>B}B!K4YG4 z_s>OG<2uxU1ftxH1!>Ke1y|r)B%Ix7eYf!XRX%CX-mtCzghdLq&TsE&F>|&@7QE79 z1hqs6ck+xvu#nc2n50hyp)I4&KdJghDcQN}+{tCZR{!>DX)piS`^C?z9g3Y^^EP};aaU_Q_6El`d6T-&G z^fIY`Fu}qPDOQemm%azHto9+k!aqDH)=(3(`y+C04<`K5d2J0g>63D{ejlPpo-;96@-NbBzv>P z-Q_A98vt)w7vMWCe-FH=yYLO;Rci32p*^WwEQCLSij?9qtQf1l?CY|T_S|`ZdHt#FY_u}12zN1|50OF}mdkf2t=c`}x0Cu<+?=shH5&5xo4;KrMwZO&> z4l}e&w+tueu7R=?I!k6wYYC9~nm*w0NmMnri^mG7lr1+e;aB`Y{kT~!g0MVj*;#u- zwixq)fl#j=TrB{4x@|Q@L#XyYJljTXoe_I(}RbSG2&~lKN5KudvK(xD*G(fDJQBBbNX5wHw~PzP9qOIN(W=%9w9iYX~y|QEZbfWBSk_a zP=-3|MgPy|z!pNsuvUoU6~!-}$M%|DY{U3YpeVvHtj#o;j;dK3ieO4nvDm19$UihJ|%tBNWC^W!E!+N zKQP=9bCfXNPY$?|YXY1&!;?jXEVYeVj660BVqKt<#(l~h-}?n(5(^Oh&j2>zkk$qJ zQIcRjnisIiw~5xW)dusGWi>??YXJr$U`M?3M>@x$On~bOMOhstGxKw&xO4WB&dQx< z^|r5^QtQ2+d-1HPtE`kfBlvxj!vXv+^9;Q1V3ur`Ch=DwEt0{6E2gjXW)Tp_KayB- zX(_Wv=IJ8Bfd>aIs#mX4@={_zi)wgi@lz-l&SyJ2XIVjKUIE%N{mnARpw4K#Ltcll--{7jBS>w+mbluYp+Yl;BwCi>yJ@a4|yTYQ(Snj5z!Yji~^ zFah6zZB5dd7ci`IhTQFlQ3Ucl8P`c8yk^{oy8SOG421DUZg(GWS%{i9VJ0&3^UHr> zEQLeO8rU9<8FQRD6N3!U*U*kVABB6=C{PlYSDgbHYZ^eCv6JxTV6A@r;I&PxJHdt(Wo70#*G@a_R9Btm$3Vhjg!kcU!`(5l zcv%SDI0K!C6<}dOOIV`mn*-VrrY!PqB0wIO0d%aSU%xj42R4>s1~;o7V`(6|r5AG; z%zqc|%q7IcSP@H{zD#>w<*S&?E6ywToDM|1#}Ro+{P?b4Z^0LQ+iO#0LK^q`8qN|H z`svlrmye%JV(1MU{dW^h;lO`om`Q?G;6?`UiueH!16p+R_spsWM zzfKqG3 zZ`gXJE`?8#w(IZgeU8rDzn-ld9|%=GTbF`awlJE3Clb)-WW zsA&`GIZ(~5;Nz8c?p0M$9s|aVj_Z>BvK#H6Ji@T1*k+WlKDbdEqoiz=5Y3y1i`hX#;!8WHfqU2g zUixoLJYHE?&-Uz4eo+R9r{SAKX2^@9mcP9~a&*wQ4H`(|K-g7r+6^zcmskp=J{-=I zw2e7k_1FuDgySJPh-ySN& zJBfL<5-~bGxW^VLVJ$VlG>igS{OJThPVHCwb698>@ZBTO%?u)aYc(p?z3|$;`^zL= zAFhuwOF9ElaQi~hhU%vP#^OjPI#%A)#4_OJ(}7iB7b<_2ciHDL5E*XV6Cs?B7<7{% zQX|x}_uHmyQcNys#;gVYychsXK{lSwNPiQZ4fE}qpw_q2`=FD$c`sxW&S~4aFKv*o zBm}{US|9H$JV?T#V*l}-gowcvlGlXu8)CzUN^kNc-N$ZvvgfyYs44)L&J|ER-GQPq zoFLAGvE&4B@*!tT0A!&STnYJYoBxE+2NRVa73I$hpLs;^-`WcDo*g0ro zzIMlzmVm8%*RC?qU9*{JtNvWuzxJ^7Erd2N168>3JMx_pismNZDM1h7F;w`wf*b2Z_*o&%*4Dh)MX@8+Y9puG(WkbiYtlssk2J+}x~e%fj|It1~Kz@e|0uN6W3c79#js#r$JIqCut4 z(7?h87G!Cu`)$)Tl*dea2;`(0h;`qFeymUcpQ3}aqF&(1pXHaj*`p6Jv5pYk$l0bK zXE!fX1~jif*y(r_mgS@Y0QoHQ$kuk`PgWR=RD}M9@}Utu1@O6zchareo^$%ZrE#U% zY0$Ah(kbp_?T_6Y*#%c`nu0z~+<8oV$s_P$BEJ^wke%OuDvxd=0rQ8{RO!1sVZ^(j zy4pX$1Sw)}y#J9@&2)p`doMwwQbT@@SY3!JM6p-@1eku79!O>?Ac~zGgHP>4w*f;N0z*#bUPxCcAGZ^ z^wm+AC$LsX8&vlJwa#i&>fK_+yA32DFoJ%e@1XeRzC1`WF7mCCzo>yeu-GFbUcl6O z-tTF&U32N%SI-0|?2U7YH)=v+n;9J5QrpoP@WIyZf4@v@keZq5b$rwE*0;RL$Q5;! znzgHUv^ia7uAZ(J?S=h43S;q`FH8{IBYbK%(-O`=h>e#2<0HJ**CskdiW*mBH2xyo zCvWF#8~YHJ<*M+ccM&=^tjTpN@Iq1C>?k4(;lezZtM7pKH8O5^Mp)740z)*opM z(XaYNR>|5@Airx?ygbr5&(QqH7wkQ{izmRIt5F{8?5WGDvzn-Y*?@aVg- z@U$*jL}CtdK+V=X(#h#$Y1$4Pqk`_6yy^ehxM}@0xQ|Uh{2zX_ny8$d2L6>~#FBkJ zKh}rp1;iNsJoNOnWB22-GkJ-8)nZ7b>*~8!I)V=zgmA^gYW8Q{b@1V#y^Bx1^^A=M z$vir8|5K9R1>XP8&e-}>YcOd3$7PtoC?(KKZcB!Jw zr~+soQo0A4=|Bkec3L&y+%gf+NuXSQveqiFbdmI3w)KHM^144L8epv4riIt$5Y7a_ za7ivxRfwi@g{C*9Cc&Wib}2kHF^KC8<(?f40uX!fUwB@P59l4i^%}!4cqjvX#kn_H z+X%>=`+6B*!bg?%Wh&@>(6k^)ki^zJg57NU;q$!ol1`U`4Ir@R9vkkG_A6G1N&F(x z!XQ@Mke{Q&Jt=5vHm1$o!7KSa#=LLT`p@s|OrBbYrTT$)69Vc`YG@l+fTKR#0 zzkPcNG5!D8DA;tWfa01+)A^ceUr+AU6-i{pU7`+;fG$2Q2?X7nXXZz{2Ui=M(H*$?5LR5El{mg^0c%M_H8P0eYy zrt7qGV}@VX!DSzeq=G6=#r6#zEe3pr41s)qHQ<;)J4Q2J@ADQIhEFm|DlEd%20Cxd zk;So*ZQc+C{ECK9X6*;>RFdT^!A~#p^=vAu<9Z)8rn?3>z{ZDD32iLI)9kckYusw} zv%f9vJaxii;t}Of)?vdaQBnQ!#=Yw^)9-=P9bhc+;_ZKd0Vh}a>LnJ9n86=GTve94 zA~Zeu|DKrh#9eZlV|-Cr9+SZ}zpOsn`|*|oEJSI@bTpy&b6TFJu82*x&kB zpYVPAihGTTMN-62vJ075_}uA|dTsWh1Yc@{#u?)YaI7u{=5Kg=aD0ay-|f8xJdVt2 z9%KTJk~V{wxgg%80@#A~0=W8>F&QXAvp^zw9U$&@e~x#nWqMZO4^J&UmiDnBd;I@i zyt!{M61c?y(lr6s0dp}X0i=(O=M1S4m>exOj8up_Rhd?QwN*K-*PZp`#~8u>g|>`8^QS-bT0LyPUp1 zCm)DnVZxw~b{q^UcPYPL=4LISO~Jrj-D_uFHAgw-N5ek1%HxTH-Nf#2)`Q;ShS&(XY_opn4KtP+xs>zmL+ zy`CL_R89^o@WNRyOy!QRkst~1^a#9_P8qTMtbbAQt5=R9uR+xBW%rwYQBEv~ zFI0dzkvbmL%>mXbMsJPv0a{e7O2;LI&ZrP3dd)cMBNFm(&ocI97%;d815>c%t(vBFoYf$hm05 zeiqVtQbcshU=vzJYp1#8r#&L;d2ojXz-tfBPpm=XEi34RjC4Ye7l`Re<_jzAdTDAz z6gJB~$OQHLy*Rpxw=>86j44z-CN4@pf^iP>Vg&G;@>Q3$B?C@$IEBdUx#5$-Y1R+A z!#LLc4$Db2?)9T!-&{0n%;IYyur@Elhjx4`L3=xYqv3WQMUC7NJ^7z%hP=A4-A-~V zOPe?W$mj$KRDn46Vr!9^kd!>FTs>VCx(R;?Di3C>9`1KM4f`k-a#lIL4+2lTe%6d# z2Q8KFUh}}teQ2BzBzL3jpmCTEI0h#8*3B*{ilf?P;?@UIe9@i^Otj1xQy=U;^Zt@% zpmGvbs4AB}-_evha~Wu>Vxz$=;8xgeeLj`4RySeZ-8MZi#w6Jh%ahjiz-#}>pK1Ac zcxb*wvM6o1#?|F_Ns1F$Q?Djs;dnkI4d3;;riN=jtSSy8YHNKKl zjHgS35s~%)sPDiOkRoLHVfnP+D8?6`W?U7ZK2rOv&Ii#(fW(R4i_Q1^r=Ojgs~fMe zyk2fY>juy$I^kZXNfFYVq*6t#+ud_}if&ZYh_3-;j?bVKDT1#T2Y~4>ie+A&`;F~B z)|(nhkv7r-sG=d>ihz$eV^n;%vYhcs8QC8}%!H=_Q9Pk(%6P?78`*>u`)?d^FI9`3 zuT1_17Gho*w0#GEamTS}3z5Mc^lvM8Y|rQqplAGY_job0s^?X8`_ze@0v>9J+>F^xyr} zYVb73a+=o=A-FQiy;<=H-FOtC+=LP3MJj`BJEM`<9y>|rtGP5?kg9obWXk;>B#t`u zWm9(uX?9boWYGdsUS!K)*S@xripYO~s|{H0Nn_a}FKh)Dya1>#ytGt~z;*pbaSu3_ z@_;r)ZkLjR$2=CUrCSqm_*ih?v!zV4q0731z?2DZ0nMx{`oxg-vpzKUpgwco{%#3g z^>Hu(fE_Km2Gq!1?WsO_w$ER+Du6d;JpF6m?Eue4-x)GXwku~_uK#>dCT;GGgS`h_ zR7V3GfSNx*5|n|0-B7_ka}idpD=cToJ;%3O>&rp?{j`X^F#J+%ndPe+?C0CG21;DO zF@7Y>3Y420lOC%%j#@Jx$HZ}g*Nh-2@R(P+p|pl{Z(G7jjj~#!B7x?UzK+0DcRrx? zOPpUGT=x^x7g4U+-!uW|plp(L)&XaUW+G91^W(nd4j+p0a}CfP`2OS|*5CUeW_Fjg zZdS*=d#j-BxNiik{mTufcJl^mwTm` zLnC+D2Sch=8w+=%{>O~fm=$@!E$X2TtoW;diLDL4lqPu z>@gt#L1;{wrokn{Qi}m`nmHVK1PF$0IPez%fE|9nnz|#|y$TJJphi-+Qr~{Z>*dN{ z-658|KjOFQ(( z`s<_tKK|znJRjOwNb5aa*`*dbXN+M>V%(CBSh)Z5rQV1AUHEg*g2&gGx9_REUQ{THJ5R&(921JWD7HTz+NN_qwc z*?^7Q2j*7rf<+m{#l}WsW{>3n7g$yKp?gi7xp-XJ)V0FhL>?n-uTx8@CM%QV&0rep z;~hNFdG{BX9xw)Zi6p$<2tZU&IAPi&tPNd=hv_=x+k@IQ; ztKi*e5%W5UK1Bcv>(MPf*-UcG>za0gi5-B*jg7g}g(vZU{^dDtVa0ZP`HgOG=bdja z#G;KQPl|0bvSwt}w~|~5p9LQ)Ok}xYT}lxtDWH{cN1hQ_Zha@#^Cep21a7T-w#-a& z|GfE?hEFy7{$)#uHDS{IZl``#bt0{5?`LTvnX$M>vDdtS9rEW7gDS${a?Q$-cKi(B zR6Ag1#o}iN5V1V~x%L9~+4nqx%4=>-hsH^^QozzL=ZYW5O+O1)d97Uk1lUP3mKuN` zE>rOXaK=a2f1GZ7sK22|Sxb!xqfx~kX?wg0U9dTN%Ej0a*JZ-_AJse+wa4DVlHEOyr!Zex z!tj5ORa6(q%a$8&eDsh2RlldbJwn!Td|Dk7ZV!QFs7YX74uOgmZw|T#_HL;?#5_51 z2-X))&7-w0xs(q{z)#zG?SliIr0;j8F<=*r~q{z_@D3n2|Xw%jdB_s-Ov(YejLke2~ zJShmWyKmT+6%yzz>bFjY4Zg0eROTsq_d!3bi(9e~8ev=m<^#N={i1wi{$sAC#X&Q? zK@E5gkHkY)Vp!b_YvHC0s6(O9rN0$-(bKeVogl;9BZ@aFQ>ycvM(-E<@GmK~B=RtC zjXOAj>)FINrTy3GpDK87r-k&jVVuQ&>nv|7NF6x^rmmx;jDI5k{o2Uu?gv1mWiKF6F+dG)V>aZ-;{2Mf?rlasJ5^OJqBYfJV}r1X3_5f1xJ3Lo8lX54TUWgE#;CW7d?72srcAFe?jH5_(`386 zuBjN>u`_$N@G=m7@P(=`?1k_oR(A*#mgPq;SmUimGiR168dT)_YuH0jj8_CFO~7S% zW?IFcP5Ym1FV_9#mnIsOw#k>~qb(sbb)(mf4M|?csyW3%c{}a)E(N&MBsf$&%&;gd zIcW(l5JChctGsyv_VmaAged3s^$fum%yf7%_9Zan34X2mpNj31*Ge@QN#XZkl)hiF zgV4@GmBjZ3c*rVpqFb|cR)BzH2=fB@o&Ux&L106j{6?tEuUJeIYiLIw z_mc7(N-76GENGIEP%(P`(O_F9kPuno3txP=GdfQ`ShjojR_BcIN5DTDl$-t0)F2O| z-vCmRz;A#!C>;$lh+vRGg!h=%s1wqBvZOJqRrjyXF1kWiP-9T;8Ig4!JsyIFm)jg=kIzbp2UCb*#Y0FV|)T5so5dKJf z6$QqZRM6T$&F$s`Y2V6%W>m3|rqC_ZRZ#Vaz7gZ`7hH_lnr*t*`N4Dp9a*ui>O$SY zs*1i@hp_PMq-QCh8`XFbFMI4{#GbNaH_O?odJ?T0)rVUA*28CGl>AI*7)Raj(n0a> zh0Z!&MYT(a{b%Lr1saxL=%T}ZLI*0B5e67pED}5Ww=;EhWa_Wttg4E~fv@;O^k={`qQ0u(}M|IQeaPy-?97pn3TGkA=2e#gFKF z4dM=k3Z40MEc1?bX~xKe%D~y86NQ>r0-5V2s4y*mqE1`gvui zI!XcKQ+mbJQ94`gu$xpO^Pkwa@4Gmv1(jzLzHK&)vhgi~d{>Pv4wPzKD6l}=q54j8Rf$M7!}u>ohfuRy&7+ZEo491ty|x_I6c z1f6@&vftezz*`tg%2jA|W0?B&i*^lad%72qR+n#ID`xuEY8LyYi1({ZDuEGdZWJlCNP`Yj)Etpwz2;EH4rL@F~;?h8K8+?*62Aw5{ zUgO2#dn)-bk%q0Rg{Q+Wv+fE_0gQqG0x^W#G6!~>321^c__-G=VzeW0^Bp6W$_GI| zl>dkGK);kyJ%7Qy|F`r4O;`GRf(ob(@&Xc@YBciKc`hu7IMs%&T&vS}i0WrLBTCCZ zW>dGuRY{`m$Hf`uofI8(CP(JIJ3*j zH(#ymR}MJ`B1$*aek3$MRL$}^;0lNP=tzE-q@{84-e;yix=ahx&2!O&Nd{QKC}I+> zw1nnnnF-TAXUSnEA&1dakoyctOFED)M!LOw`yAr!KNU{SM9{cvv(MaoVL#Gvs~W+w^>NCL+2BIuY>W1B@E*=N zy^>reRVnT0PAOsg8DNf*7K8^AJ@$WNK$*;W4jjC<+i1C+JOHEhkz+KgM8|nw-O|8O zqbJF=`2|L``6EfC*73x{>Tfs54mZ=o_{cM_Xv`uZF~MBa)iyFPA*K)r6ps3Y(a>=N zpS>17zYOf=$=^CvKWELgAn*X^f;?2PN>bn(D%@g1Gyy!MoR%m2!*qEtp z5@wn5dbK>+(&r=37r&Ei{9y!6(e%a$qksUo<=NyIyhtUBFUyphX~T^eCxKc1di5Fw zl-P?@=WARX#Lh4*H1y)Q`>F#~(0Ds+?q3c(DiOjkREy4!ZWIQ$_oQ))Dz?`)IBXfS&D@}f3 zB)q_;uyb0c;OBqu5eWo}baRRJ|GILRvr+>5c?b2(k84v;?Lhv^fo{Hk{du#tPx=1+6&m&X667j>7N{KY z(`AONHO0uhUDzRY*bi8_0;m>MND$XFhBAtMIJrxECKq z-A~lkLuPKzWkx;nNpXI$!J2_hO2eTFvJ+`IUJr)+@?JnHtRE%Ds`gI!m$RWejih5G zDA{g_*RL0%SG3w!`BtbM=6CIOVMQqftoT6?9^((uK0nz$*R=wu^|Vz^yhtm`?kiu;yialq0FOROdn%s?2Avw*1;Kz+$qAr;*G25b*k z3jJ(Upd29>><-cFl=jur;a0)gSu6rVeYg*o9$(B%P@`K$OHjseHFc9iSP*;_4s?(R zS;8m@{+JhXQBJ7|r)Bb+@sjr`YzQ?yp!b&ETAe>Iox(Cz8NRyMRWiusb$@a2=GS?_ zFHgODoREY{_hhWOR|Ez&UL@hRwX`dA6PLz)lYgcp;bBK0HA@l4sor0xE@?zXcE0QGl;bwkd9$q2%*x$! z%YuXWY4bEuV{rh_CvUWsKnG&kf6J zHy|;lTa}@Mx6ANDQWsj7Gkr3|Hoq$@y$xdfHu9)OZJT-hfXqY7Dta8#HgpGbukpNX zR#d4|g`^`%g!Rz$3J9p;Sm7-izL*ZcD4-pE%Bny&PtcVT!X!bhZa*Tv3{SWIDwPCo zBm@_|Rsg4^27IJC3r9;-?TLRkle+NT!`pVjR^AF0Ft6wI9knR&_e zM=<5%3}KWyzq<%N`#(+<}{un{+zV{()d_Gnu-OH0|gTrwq}@AFIbmc z{`-C)_7xLcgMs8ouh4+TREMO0L%a6Lj)!q~WvchpQrGIQswCswPRI$i()q`CHHQk0 zgE)lX-wKvpoQA1o(0`5D?grfI49gCOW1)|X<|DW_8x$rGEOciOnbaQ2Ixb%}B-iX8 zKJkFwh`1*4z{zY+y&}XzT`zS-NIa1&D=R<0!LyRQfWZI0A5}Z)6<(I(gSc7JOlnK+ zsI}#E14=Gp8ZXiWY7TxSqDVqS1xW9sm559Ua1s88ug>Y#A^k+?ap!PoB$}XCNz%Jf zoV?q6T*33|bB)1QX??suU;4%9q9iFE$Mh!=eqEK8znuqvnvN^`5pwX9j+W!gq(c3h zD9MZJCsAth^3O z)cb!y3h5%+PGQdwJ-MG)7wmifaqY!FZ&|JU_jS{5VzODL$;_th*VCvtSh{0&|B=6cNVGpZ~>vq?$Zu`!ucE+Ib9BX_vpen>luYUJyBNn=ak}yI09mm zi493uhw1+O=dz@)Li~*Cs+I(v)s$}*y#sn7(10P-9Pu_rS!bRvlr>#7KRQ~7?A@zG zgp6%fE2M>%Uc-^XHregbGMftOopEbJ@DTpYwslpq+x|34K$_ z37Nkn+`?co)3ffw-Tvk$H#Mu!BVU4lAC?#y(5P$CrVPov6oF3h`egArdLxMFl;)vS zh@;*FsNu&e$d7` zMHrekfsKl$K$0%%X-CmA?0z ze6IbzCT8(8>Fl`x?YDw^`{{wVi@@HzT_kb)jxJNRAUh6y$?R}n4_F&;vP49&}T?zNt zc|ZNxa=gl_6eCqw#7~eD6@`g$X*wKj?YRRnq{$h!iV-OCd3I=QKXBuU*fv3yg!c3Z zm-H26T-vrT74!7Xf>)OyBqEuBD*wStcAV{rxZu=p5l9;^Uj%$F0`UYDBTsoZ>|W3 zs|L;$uZeA+u<&J6{UM5+-TZvIBI^6@c~GUTHF7U>Z+h>|{xNf|5|l=FcX^K=bdFxM zUWt?YvQGVWut6}!%H|RWz$dS&3>{hA>72T#A8QgbkL;N0ZA^}!KXlV_{xTg-=|A9{GbqlOivng#Xj-!vfgHTaB@OSCyC+UA}kr9l5k1ha;dQ;DiD66*ldo}dXLPFg2+@}x-S!$H3 zO6huov-}~|hsCM63*S_-B~GS!p)Y{*erb6QS6<=Ed>|fn()VG?y+!#??a9OU%5Z8( zG?ZPHV5!=8-~PjZ9N9Jj3&-E%Zt?2}%-#VI&kpRp?$MU|pRAp84c5F7@X7CvTYQHw z;*O^cG*prEvhM@*KeobI2~lmc7#Er^Py_S(4>+N0Jx34`2nR%vkMuA(um`3NONHq` z%t_yW)jluaIiRZ}DuqgnSe$xMg1p9O%;cz1)F|Yd7#ZJ5>rcS?_&<(Q;cUw0r=?5# zOA=qaf1$rTVPF2VbaODMnazec;1?5&a;f|;s{?i=dNT8{uhel!5z|0wH~}gh7!&S^ zmrgeu#$0lU?Q1}aBqfu4+Kc&$ZS0NmLi)qWDTby5xBNC*2H%{OrmZJ@ zO5<&?jMDDNgOO(qF?wPIF~ZxSBh&?|p%=_vG_lu^uZMB~ALTMrdHG|FqLjG)TmxY+JO-Uk0?@^1y4vsJnD!Ul}Xy(m>)CCW#m=RF)2qn)v+ez&{ z!ToBj9tTGua#$=?vmLT!H`3cWX2?< zb!~>7Iz6l-4`YVA4b!{PZCd$`2fq7e&%zeON3{?3x?1+72pIRel(Q0?N15I$4Ue*> zc#1sidaC(h?7iv&3Ar1GtISz& zKMYf3V|-JX>C_qa3c_VSK5iHtBxHH$s&y-jB^@L@EVQm~ z>e^`pH_jFEuW(4nn8XlG3V$y5H>nQX{TQj_NBMTWiSo-GCBHkGW6_6wn``KlUu^0$ z2b_6~7&W=ZhvaGN6mZ0jp49lC0#aehjbFoB(u0xk#-YZsv@}$PYDi)+A&b%XEQja9 zFya$}diB8B_;9gXKNCHKHX@+pHHw+jjO_ ziLPAiI7Tfu4jJSo)x-8>XkndY2AhO}%@YGV3yl(}!=ok&0;n@?T1PO}6N2dAH%v5( zMa-ij!qiwG+HE9J>Fe2HO)23TA4j(f<_JRK3&I`4DGvBzbcbkzq9qv5Qa*j{MzB1& zcXjtSA(uXuz=h$jO+2({%isi@22rNR%W)I{xHlohw(aAXmdY9)T64a))$>Uy`gOX< z^aHX=+5{~fZs+!}c%=07P0^)KGT-N#$8yn;&4V5+bKD@t3tVbfx?WIvwB-Mbt)A~^ z`V-OZ6=2ok%(48bFA|PljkRL3O~zR6m;mraC^Os+Jm4*F=Y|5A85?^k&nah_7|E5d z^)tyop4vr9Mdj}%Iub5*(FX(!p&Kjbb`PK&Ok(S!ZJhp`?64w%4{x@znr#z5&}sL7x`+%Y&?BXNQ6(GpZwLoiN>D4SD8$A3K^RO*BQ6PAt`PFF>aq? zhNN)_a>mNP2T^GQkS=4Kh>f0>dXDN_3}erW*4w|D7DWj=J(pVv20y=--1?aQgYP0t z_Rl==Rm1|(Xo9S@_~S%F!Hk_KB`2ITm4~$v!QR2`Hk}~)dB}L&Ks!>vBq-P8ExoZR zSA`@mxsg0Nnhjb&4e3xDDgiffa`e{EbR6$B^2%$CDeN|(%qx+hRCI!tpAdf}-B&y6 zi8&@su-dHYqO0^f8e*qz25k?A)|8wuR|^?K8wosGzd{Pe zUp?)~{Tdz8NI6pmO5#yR%J2sdyS~2xf|~o|>gyb+>k4F}1>1}zb%*e7D5`Q)M^_y-U`E9 zgT^qG=Q_@AQTg!8hA_$5(H9L5^!^qXifo+Mw?;_dGRR1vkKr1GtBmsOzepYrc)pqElp`GFV z^ERB3Rev_tLBB*PN%9A43KxU6(7-iZXwtPMtE(Vzf8`{bkFR~gMcvwV zEbmjW-Z%cd#gprz$)%|#BuLHD!HtRQO3YyC4#_-JBAVQmOWM)|t^!H59vt_)^YT;t z82jBwat{+!^6h27yVQscKdStYQ8h>PHkU)RrF^CHd<< zm}W|wTkKEJQSh;se174ibWeZ_r<`)~dm1ZQw~Mu^t9fmz|`9~L%~U*CG{r$2t( zFXBr@M-EF}H#pFMxw@;IZ0%4!)n|RAoKy0NNlQkDiCf>1i?bMiMj=F$RHZn|7p319 zU-c>Zp`+JN7Wr6LKe0MiOfBR=LPaCC;xs*TgdDF&p3X8U#Wp$@q>Ew2Fuvi2^=O3hfi&amv zn9)?x!Gjm4vThANDYj2fC2S=KZ79iHAe#W*80xLsi9)a-Y^%1}JUghvZ=!y@3hk^= zLT3erOxaW!xayL|zrK}K`aR(Pg6&j)I_Xdt^{i?i9MC8Z7ki8zN#|dR>^rc`1s})m z=W0motU{#V{xrR^ReIpBy*FQ1PxXZ^bJFxYV$(>)^=LD(RpV+~>$rNZMAFnu_VJ5?h5ah`Er>)$=W;5qN6TBa zr*tF+8S3k$?T+aoIzEFjgin8uAFdQlWqbC=82|o|-PuSexr~_(xvOlyt@rj->E50h zgs#%ay!E8tQRTxSNsceuJ3j?k1zMW*1k3Nr$@e#C-B22;U&u5Saw}e5QzZ!S;ayDR zs!(M{lb%j#)a!@#8WVXk=FlL*$TKD5HMgQs1h0|McNWLFF z>2Zr6DSAz2CMCiBTO6qPA3XA3yzU)$*8L(~Qu$=Urz6??n;edb-&DY&>j^(PxCr4h zH0e>b@cNmM|J$A|ay2upvvg6@Uhk9f@H+ulEF3t!2Kxe5=A8JpYR<(SkSzC^yEh%G z!OzOGo7eBmEIlbvi6iB^gqK{lD>Ck*ET`^`5SvujS5=eduGY4kyFxg4wasnf_|)#8 z2~Ny;6@UBH;+FeLHQp_4tjTyW*SN-*LX%Z#j#7H`Mvv$=RBTV zq{VO@^#)nnmrcjzWD!&aO>>cS}XX7_F(cb~V+K5vq{YKrUzNd3%_-5TE zzj<>k;97p%kzh^}!Relpd)g8CHM*6ZG}rd=vFTs8--Oz8)Vn|+1uW^!N>eX>Q+j`u z(X!<~TXp>4$mct9jpb>F*x6pV6kVA@*^j4aka=D#fE`b*%{JC1B7!}$_eB{Tv$NH* z?FaT#POR2cH~NqbmS^uKmQ7vf$3?>+2kXNDC4(h0kx{&B|s7~tX;)8|L)B3-uXWNNLOCM+}Mwr zVKi2FMr1K_z&N|tV-}!FgW23OEz@v^BFL@#e~dEdOFw^5XEI}(9H$asV=Sia>kN^p=7jZm@`^$FFr(9k-)vTk$fRg>@dT9+WO(`h*I8cnexIX zrwE5f^W*h3e=ulNK4}VGx=Am^vOc(R&)R3WSvzQU-*^MFxZfN-x}Ym&<$UwW&6I{L+pe@rE~aYqUo?c5sT~)ZR7$qK1r$Ret@mX6T;}>v~S609)?R zd<$S0?{=!Eds_N(s1=)$j;NAfH)HjVs&snz-d){+zVL6~78BQZvLUKR=DBInGNKNz zHRTsi9!eOOV>B?h@Y&UPCbausN*jJS7TDa3RbW7%rg`>}O_B55>46?Q0%)cWIEjJ8 zHYD#7unA$eYqz9ulPjs4{di*x8WRqm)hDw*@2G4ZFJfOh4^nC9T+kkvAegFg4wKou z>02P34#Ct*5bQ>OHvd$o9&EA%xMy1!ZA{`R3j>r2Rn66q($`-rcaDLvIF9!)eWT){ z3;Uj4n}rB=7*N36gK_epP5ays*{qt+n|~o#?125c%E&VHWt;REc$&U1 z00VnYdQ7in8b~9O6)$~~H|*DW{c-ic1B{KnzfPW29?Td2URFTNsbE=h*K-Je=DYK= zWC5Bw-u3f!7828RBgwfG0{d)eq~Bz` z{sW<3fRmF^=LPB+Rt;atuK(@jynYHcAq(x1mP&{Shm8qiiZ#L`WS6T8U}jl^#C#Vk znGCeu0rDZ_J)XnG#2pO{h=Bwv$P6;Ebv%|ijWZ>V@`wpzzyUh|+?M{+6_n(Y^1b! z0G$0q<*Ly_l}NQ6505>{XH+Sh%x3RY*W@hvFD3-JcBgTj1nwIrC7KK_uB~F3_1z0_kn`gRCvz`_z1T0 z4(^@pUuD^rQM){vP&ftTyL$wCARW&2k4<`m5ERA<6boVv9*2PL{)zDW8BDD?CK6tZ04Wrq1%jqAR9XmfQ;@#-Ooa zfIA^0oZ}|2bDd2Rx2yn%`%fYu5hc$^KO7qy&wf8jRGbfwUfu&iXFw-l;hDyyOe*!$ z)@SN&hwpz-%+aFJ0R9)E^}d$89L*dOK-mHNfo|9WPVBxm7^2u z-gX!F5VEwPaMO6wsD7a|gQu2K`2^>Z`f2H7swD(*DiAy%N@r!sD76srAgH7%I?1-# zED^4BvIn3tZ_VwH`qjDVCMk+of!GM>rCw^2|BGwGGjHQA4Y@Rwx|~^?SoCh4BP8u5 z*NJgU{Lgy;)M|{i_p<)IwPASOgjsaxZb6flLzvG#ce*Y3616QnGwL|YZ4%`8{`yab z&y(fPU;~dL{7?VTp&Mo8_^yTuj7bI?31+@-z-c0>TbL!rbGMUf*o%trebLa@VE;Sa zk9M&^h+1Uu|M6h-+0rdX$Gc;Ogk_v;2rnvv(2Y`qpV)+H@^HS^ z*b5-Y^i_P(s@NvTcLE#QfG`6QY~dsT@f3iq+8{w7Hwe3hgS@+fuY#I;M%+B^TKB~Q zy6Ix$D|SO6qx1gMJg!+W^id4q8B;Df6pZONkr$^Oimi1EtG|eQIj3Go+=UT?W*bv? zof9?x%{as0qJX{J>MUHzho$tnc|X?C0?6~QP(*YJhRSb<`da!tS=ygCT#1=>6kz#W_ z5f^?^Ru0u(o1~ip_Z`ka-N9#kI|h`}!94;MxBn@0omYh`kB}z$?AeZAch)Z9cRLO57JtDi(^Ia z^KqlakEx@B38;tg5OQFao(f+e4IS%M7^JZ^WltQ<)D;PN+#hYtwqDnuu-*s9cT)e0 zqJSH^U>cZ~p+&a{wxWR(fuRKORf+TQE=le+??cQ2pooa#2P@P#`5FFm&kB|y>^)9@ zMharOwx4-P;v=#JY&~%cbAI5!K=_@l)5Z__kn6SL_OsodQl)jy1*y5Ej{^UxrU7Q< z%i-|ys*nCw-C)e;x3UmixQ!-FQbrgTWVdIA z7>*J*ftky&PemiJze8j~^w={XiSvPm%nWeK#e?@hst+USC3x*xebh!AkA*!=V6W;# z+lYRSS}%HFYuH|I1J?)O%HLLerPeU}$+&m#1LufK_g~Dcl;L{c%@`pw?S+YIsvx(fVcmZsD;|S;xrXOBOU$(-&_#mpst)qNJu=ny)`=AlBdPc?_Bw zaW*$cIJdihVYaQ-N&b|~DwP+LB)?Y`^#Ta`bM4QMe!;k#_=cg30Q;p&*2CA|FR0Jl5 zVk3K9NRTNA$Jr8jMbOpPzN5R?{%9^0d!oZBPTYpip=D7={%*CE|7<8)|6RWebYqKg z-pn6{!s$AeLN7*-^@%ppbj2H!r2V#*%#ABsYAVw<8Gct>jCk2^>gCiwt#0gX<(d2-G!s! zZR!dkEiB$I*L>)JL@p(y69$9J_7-sR0$NtM3)Tr>zJwhRfN=RpVGBtNz2jV*f=(gZ%#0I7q=f%~|iV4OBrL!|ZST&aXd-yq6T5u*a3D zsL8HDQ6YUGTlF+Ky*R!R3{Ij|9`^tYHenqax$QK2w;TM=w}^(Ijxn)dfDMS5-W4K< z)o2jmjBemvT&rqa<=~b6<=GSdfItjAO?)uZ+PwA}I6T~PM_soSk-T2NIz+OHt8;Yi z3sYI*t(L@8OL5^D@?PYP*_5pqGGEtIg)EIfaffl>`Ed!{3bsXS^C-i+fB4?1PQ`K9 z_Xs@XYiWtobgeS;kb$tbk?Rz@dudRv036`%6<=fmKDP<%Yx=y;z~kQ-Xpo#QAT%ZF z$G|*nRmC8?1rsh&oAi6DRmmvP-)R8VjdeX_5?>=7H&SL1^_U4VilKf_DX~rv7HkAG zTp-joUXsY842Z*1C+^hC(k3;(Uf@%q24UTJH7IhugJ;7RVP!a4^|dtXk?ognT`L72JqMntyLp+5w29Qr|2rmS|94EtrsruKUnNsGaRn#_+a^Av1D+vrupT^ zB428SV`??EZ_Ialsn%k~+u7IVJ5z7WUk$R@|IB~34IKH)lQwViUwgs?Ck?Wz9KUjh zHTE9|N4*ENQDw0MJPWMG?Y4T8sO4&zmzXYYnubOA{jZUNW`eKYX+-S6S@`O>P`O3R zDCm*qMT@n3=!2LqrT++cVzSDQPTxHQ_NF&3bk#?OW%}M5SOjLipu^^L7^^Umpo2js z3);jWQuW*?nRXz>aPxZ8zPEYc8>QI-`uOjwxmUsW1x=YR1UK!4KJx}|oPgcz6I=?Au#7G{pqBj+@R4M!EUF+mX^aE@&@0F^TYl(Yg$>``s=giy72HDyi zz)J+LifjJPWFfxk9sQ*}xqKRg6SE}yWP`ySLZ~<6o0=_$9hC!9bzYDjf z?Q9EKncdzY??586zoTB7RB!OIQ-)}{k=*+|F}v*HL7Dh+M0lK3_H z4LJON*vCHb>K)KBZd%^A%59*79rlk!Y<}PB`tbU_O$lCWkbd{8b=?0}2D!yHy^&DuEq=pDx$!+E z9SPjRJFY6|qFT#}oATesv8k3$BX*+gHpYGdyJN{cx93KEh9AyXrc!(XRLvWR)? z7WbxVSM|4{^_n4sFe|rI=K6L1Yu&l;|9LX^`=?rcZc0cF-^`b48%*DY9_BZ!IAwWh z8U?*B5T5y=+UXVdJ9<5L=TI->xxo5%*)t?>0|3;$H8lQm!dpoY_UsFfFVGadj4fIJ z-oRQ`xYPggv3>6h*7#B_o9km|2}V1(S@UtJ<1euh99VG;@tSw`X5DxsOkEcP_eyD@ ztp`KtCw_LSk1?V~vNY7nTKw0{W85P-cL203TkkHoRtNf{~(kO{+T|1Gk2K<**QFLp$C)DUyp27 z{?G3|k{cTFA^7mK!7d3H=0>w5vpTLl16TV#Bk#s;x7p+dCo&c8-`s()aP6X83MnG{ zP2ax)QO5&QB4mo_6xJAHM?>tweSL?OSY3Vm0Y&CtV$lHdyaSw!)y1;G7w=ad1Y-FP zFJHzy;5cbhwVkdS(lRCA_LyI3isn}E5_{9|L2QSO=Z9FCeUqc|j3J`}Fn?qHMPB5i zOzQ|^7WA=ip4%sqqYyh9_zDUAQMD9!z zgmu2*4Ve+iA8SkGO z)=A#?TUvbsN+vH#-WeY?<1Z>QW9yy(jjF`ue!PF9V%}YYYYj+9d`}YNeOUB?4K-Wq zi1~5LGPmPThRca=tAE7#K!T$9liRC9sscv)$5WxT=y4sbC)Y^`Wk8 zFn%iR{e~(2|f+r2Gt*~x2z}c z1VCH)jMp|N5enk>E68Wgx`eHM8+qG*y8{>*0bxz`a+*HRldX#OHh-xV{`jBo03>!V zm}3v{`3U_0w8>SjgQ9HH0CrcM{9KGf-{t4S>N|>kQh)Yhd<)PF_X5V0A1EgjkH=U( zLn=35n**0-Cz#rSnQpM!WPfY8=;_SOQJ|U5~!Q zyk`!p zZqGm5{^V)7I@luraQ1ZXKx&yo4Oa@A&Itj;LT%eS_N4&^{w=K!7cWd$OX_C4fOZ!6 zJ-HG9wl-vRbC7PW@9^F79Z)Y>`QIFVfEMqa5BW=)?*Rb)_$1%}%9J?&sWxbIkd$uG zP3Nitq78r=1AkRrB(eQ^l2YG}6ag8!*G>-TW$O4ueD5$%nI;%6puwIv3*MQaRV@jP zBjk50D*EqRYE=LGmH=q=KrmA%HBRN}Mpp+JENzc35bIY*)&bdzWUWap!1Dx}1EJ@> zd@bwsyS<#n4r?vNqwpKgXT6!vqt zrJLasgOo$5t8%8!7jKe5YLrp7TylZgJ)Uv#rK;$AkFvs5KLx=?9tb`P%xFRRCC+Ne z6BhA$Nv(?jyS4_6z|3s)Jg)y)J7d)yXCFe`!?`#0yIBafU&&S3K{km+YnM=Z2Z}YF z&d?@31RTD9!8Rg52(IjbOjnZ&ATYGJy`H_LM+DzlaVCE^pVaPo6NIdauZm8#Gn`ax zrD#3>*$fO#*zE0&dkg+;@8d*l!e-!`w2JpT%7?-#0dqL-M)Z69KCbG159rR^XmVL7 z5z#}p*MtAtko@vj7NLx12++sCkxKD-T(zD%8;e||YiJ|5w)^MM;c>aYgm?FonM6Zi zP)|u8qG8%(L znzjINTl14U3Dyzu;(RNypHnsDP2R~D+q}@S0@fsqu75X0nC*es)n4)W9wCXq>EVZ4 zac=-~O}SoTllu9}(CruBeN^4<@LfBz1vj-*^I0J0jQs|<(wx18Qd0~;^w0?_v$fN7y(+HwS@9kRclTG7Wu@D&(cF^Ms^^2;)OFpXC1dBio zbXQZv2z&qa^&0ar`EJ@|nsLAko4c(EuToLGL!EF|WVytf9<}OS^#0w{>-i>ZKz2PDZG5$WmJ)gpM*r?_%k^{%rhJZM z;Z?s;Qvwi-=5;#m&932Z+ z*?pKa4Pf9w!;haQf@l3!@^xOp{MG^l<`3Bq#qM~3MY!t+>%+TEn3d9;llNws*B{po zM~8vFth{lqxM=S?@@N%i>IQQpJ5)yFGkI)ieV{=(U|kCX(43RsK6k4+i9@&& z+fSY@S~N(JTe{+p#O=-QEyKYMAT#`EB76e^jp4#UL^$29?L(>BM$`oUzO50LL$_B$ z{lY2vle0M=YA~-(n#QzE#OI`Ma_^|bKX7=AT%8FrkVtkXPiT#Hf&5YjDOJTKb&wce zV(F1+pHOZ$ql=Z~m9Q@|S#o<)*JA0%s)VI!srA{iO6#E#L`#_of(0CcbzQy2e8rO* z$W|bwoUW{gwg@CWd|=U3jz@DRj$nS}n?$x8C>P)hc6v#+CKd@FeNxR6c*LE3O#OcL z=JcQPvDwBf_52JSE=kdNID5V09vnEJlirvv9j6-r-YH}>fv-rb{COsi0;zzJ5Hv^@ zTro$-@{=ckE@Rv00QfVw!7;6LFmQz*8wd{pkz30VjQz%2KNn>3tgoEO=lOlpI7&o= zpjLls0AZkLw?jw$<;-a_)d7y_jUjNL&r58lrDB2!)kTp^;+S}?G8QZxU%rxHJi>m{ zU2h3Q72vxIMHd+W)Fp&4#0)7KW&7gK^R(1|__Fa85`F%B)_NI_g zorU51Yh_>zb+B|Jgdby5B7WWHtYgs;aEaIdV)tlqJTq5~tXLnyKhKOp#%W^05uXnO z%~Pg%wGEs*5s#_D9n|C|$-fdE8=1#GZfj=8`uodEGQ*FT=dZUUYRzA+uvG-vifqL2 z)5ea_3|G;j2V6BAz?kYQt`~hPO8ievmtn>8WVhr=B|*LbC6|(^N8`=80VV?a-GhSJ6@>wkWq|M94r-NAy$XQ5e+&Yx(x|90 zdx3DDd-~r3at?AtOuYZq;(X4;=~{jI7?lpwm?N;q;;vShesV*DXsU+gX+xpQn*gPY zf}a6Kuas@TY%4vnK(@(F;2%DmA1~=uvY{?&P+71AT(;D@r+tJU1)bCgU;sfFzO0od zb>RNO097p|JqvU1tm;`PVO&tWI;|-Q7N0f&R^`h5KrHjm9$p?qEGE2Jtp2S`q=2@d z!z1sd>~dnPw0}E$SW7Y*fHBf zK)IABrUIIG*b<+|27-SzoG768u5z1JC>ioV@2BL@C{f%8s9Mw(%{hRx{X1j4O(&=PpMthP5B)m+tdET{QY8~cg1^NQ<~2}jAdsW+cSC&g?` z&}-!4$LBI4VvcA5>L+#=Ie}*P5$a4FcQtSDK6hr~{cpkhaUUHZX!$|$!+sP*-Jo+x z(h9EA)o9m?v7-JYB8zC7-`PyO5uf|OK(aFQr`4G)^v&WP?Icds6LU7jr(h<2Bg_Ei z@eXOdkDq+XO+Un0)ZYnO3$dy;9dS(n zK?Cq)XrqwQDj_`q?$04i6Yk9WgWd=QOSvcEHxZ?sW*~8-=bqhbsvwyRpuTnG3yGF9!&ORw%~dJA ziAQ;&0;tIp`7}FyuMW~%2)3Xzf{|ye7ep3A0L9o_`{!$v@>%EkCbn;`v$H}STK>MQ+(Qe~tmuI+dUPZ0?&7|$1 z;MTqV3n1)AWa88QqfWqYyJd93=q)VS&Cxr5A47WnkDDL~DgbI&CAaNV*t=gy_>D=S zbUK70kI+uh8vYJ;31@|z7}VVBTd6J+w9**7-D`n*9FmftJ=c1WWFI2eVr?J67Wbd4 z{1Sl2i>_oOG?96r)GbP&giHcNXkeX&3FXO~?!^f9c-9?;I#HkSrw2v`t$-fhPew6o z`{3~kccOeik|H3%Z_9$}S5h_D`1halnNvq-s7!QwU`xUT<3)%Y+lAyq?my39<~mPT z!n8;T?jQE+_>$q%lj?GP{2M#i07BqGgGJNvj)O<+nT0|IHWNfB$Xfmwo4rl8SgN!C z7XpgU6a+_LVu_DqXM&B{)f;z@?x+=iM!0pC)s05Rz*oPh2UR8ka+VEdiEG&>DaHQP zAeyD>S?$L$7gd2p&IIX*n8|P_;Z~lWI!Qts5W1S`dm)Z1esPopNC%VUtdbYxdaaXA za%hTdEdZR`c}(jw7G!(&ZSULRkw4Q}KXa^9p@^ziFNG*|?eaJ7O)VJCP>8M4ZXzB# z%=;$Rib1{+IW$UcaB-f0>$Wd1T^-f4c{cJnrvX4o?{Jch+}Y4C<&ozm`c)dDvSAOY zO9ZS`+)pa@a7wPPgh_+JKLQu0++jW2E%)LKXDw#ieM~RUvoT`YHWX4{Nkemn`NLZ? zIGNrhuw{VP9^tD5!?au52h@2eE9pQGBPT5Tr^-GP(a1pJC-I)m9+LOP_fLr^NSMgK zA`-;0L37L4_Yv=4tH3$$$Y6Vvn1K-t-tEORkDS3-BS8gOzu)hj7@$Ie!vfl?JdDTA z&6uI#Y!pxPzj#kVe0rh));uc7pZii zWk7*|GUFv0n#G06fIxg0QF7vfz$H@FAmCD6l*|jiLm8?70?US=PY|v)8}$HT(lhE> z#VCJAGcAry*@En%4*SKy5g!T0ASEX`4-|I3u1-X^-zVIhQ}?` zS|Fgf9kB5OLXj~M^~gFg#%3NTP_UtTx^&D8geFJA>jp%mc{upiH1>YhD8 zJmn_>$zl+i{b;;dik@UXYI_fhZzn@qzrO)V9bnqbp(!)TN#T6hL?Of8Q0C-}_Ib1q zVV0oMuaNobcVK@I z+!{{5_Ty(H_zZ-Gwo0%O$M1e>8-4H_%LEj`6r(A^w8D%Pw5!u>Z<=Dr^_u&w^DE5{ zUjXv!uFHFoS*`2AI?%nR`(^XJE{C|Zwg-bjZD)q%(Sc&#FEf0kCbDb=hy!Yflbx^oB6J(U-?yS770MF9alnHBnM(&H0uv{>?=^xg9~u1c`vAm- zWbv1^X}hYgfe0>Wwj{fuOouD3fR}L;fGp?XrHz&|?i32M8iU~3vkVoTW+tW<5)l=C z`R^oRLj)HRtQn3PlH$^Fv=@XK*hx=>&-`cCGSn2FG-sl0>*&s{o;)!b0S{@wJKZiQ zL6_902+UbMWXo=$Yv^UIuT-UB0LjMT0BGsL?`&n{;j9PdC4xP_A;8>)wDVie>js?> zy|sms0?C*E7W>5l*429|S@Cg!SPktS=Jf}UIAYuw{TTpFBFIgm3;&|Ndm1VpZ;Ilx z!jW$fHBZzS^jLDEl7bjGF(ty#rYKW6Q>2&^Ux<0)BFMKXV-?Y|L@_r%=e)P?-qXVt zjZ$~Ymd=%!R}U5?iT;DrRWjQNfukJM%Y)jY9UKYp@-qlJzIIqdqloPw*mSv1cFhgW zBoH0fNFuHSOp&$XXN+`V9(wm}5**XnusbIjJt)_t9Trc*r9bdm0?|FV8C3iw5Ezui znTZ_wLdcpwFv8C({Kka8xLie>PSevHB!+h`CNBT3OC(!2J6ky$V2y&0?1Uep3!34& z?%5+-eIf?}Keh_JtMi9`JUHAHQ}cBCcA`u?c=E?$U8s|0>VOc^d)b9QXD-Z(>J9-g8^Lr!;zy9)B1u814t!GqZWRNv=`Z zDp?j9C94)cP=7~u`BHbsd>#F`Q*;iKOfD59G;{Yc@T{b+UpqLrAPR1X`39%}R~(t= z9c=)8|shE^Jv^;E87y^}~yw+x; zrXbf#fXeELNZ*Jl6)rglc8&4+P&Vki)!2_F&$>(O&Cgr$`?FiIFdr)$b zLVZ9Z_JmciAFrb-DV)TwhneY?G%Y7VXkPz-`m-#~hYGMggpdW7l87T+)q(~mI0Z*r zVRi$kqM1pfQkwo{I)SIHdO-chxXydj#Bc0fruZ~+>nWP+HPNnZS%fXsb0T% z1@RsJ+Z>ZWIq6V-!n*n(Y!}yfajS8ws;|x6A`O5GtzLiAG=9Py$SRyFNh6YzQ6swk zG`T^y_fhHZi@Ji^D1U2AmW<=aFR^vhQ>2sUq$d}^M0{rtsf_G^xRT-XK0o7E@dj9J zlLy*R?^pF%v$zAvN80rP??41?S9}y^k$H}7RLl2^^+I;`Nx)oDaw2(qkyoj4!Bb^Z zuV{xJe>bifz8&kj`X8%EzL`Nh%eeLJ&g{K(Ncw!Ik;Ryn@;#l`K?UyP^dF@e`h@D+ zC#XA?hdHmzNw|*SyON?vZov;f?1Hr4YJN!bcnKkuz>d>{^YiCsXr*FemD8Ng=43LH ztPxx^Xv&f4T;%FC*5fV1+<572M8H+eFgE`Oo5b@!1dDOn3v$>WUvI$b23S9&yPCdl zpJwsp$i8&m{9>;4dCDr={^j;)@v1?pu>H3^*5Bsz*R&6VLodAlUI=h9V=wmnaG;JI zJrNla0#i~%zNKhdmUB@Z)+Z~t{jU}PxMhdjj4qo?fSa6wSGJN4 zP>nMOj<9I&#ZFs?v!*EGB;pF=KH09(LaH=q3K+8ovpn0+wdVi0AiC(9#1F(sR;BRn zM5nPRCrQtwDD@$yxmZhWC%i2d(s1_kRPRmJFB(pb)@XDWYSvymPxp4K40HeXmuC5U zH7qYZ{EJ7O>%*9f`t;jLdCGF$0jbe3FS;WCm&*_Nvk7+i&!>^6=&b1oV_I!vpx$B( zfw_=mVlH$QmHzl5p6yq*xo89BV(*1{AmN^iL5_{tSWyIlRkOmS*q?7ogl)wJmamkM zo0lHHr~%u~m$rL5M$5*eUTzQwyq_5(jR*b&p{Z}y=(5&kllgGvZb2Ub2oTtlp5Ft9 zIxhiR?q=B!9<*iFqXn(;|jzY&zjgW#kDVK7h3q;^()=^fGkGeT}w>JzR8fjTP6S#AI$I~N2=lc z&dut>82IY*7;j)%S?GmA)|;*D|E{$o+o^LB7ZAK>+QROMr^EeGB%TdwvhHy3N%-`Z znb~|}%){GzQK+y+KpfbnYn(XoTNMGr3J3!(7!bHJBElS8m41HcyiykRSMyWz$M?7M z{+vfDbXdIfZ@PdxUuj6FyDCb45{%t3SMz!gaAP~nN`CA#%-^hj1+MCl^mQpEcNFIp zum~SkwTaRpZ3`ZYU^6w@q*=s+Jb0bBNunBcCJX2p50HL)6j=qp$-NGKtmp83IcRur z%@id12a#@}m&USg$?H9NZDHMiG0$WD35RCQ{b=XhTU_M(RHV-obpkx{1w#M;<86!LpcP9!Cwk4YJx{3&OGhwVG{7SN4-ymWth& z_EJ!#VZ7+PPkL|Cmg+%!#z3YAy*VGHN+R(22tEOVJ!JYh5)=(cWyc|RsrA)Bl;|5$ zq^4XYwuInzVN$u4q4H#FeMzYXzt)i+rQ=0A{@_M%RXrEz(u#cVDXO7Pz>H0l*ua z5Xjx(*`K&!*DJ62UTv~wqR~$ABtAQO;+xC46Ib=;%E@H~^(Aqq!G5+!xfX+z6z~Xl zdcha4APg>_Ie_l7K8bbodGIHe>pO|;u*Bfkk}72qpW$LSGf|5=wOb^qDW7u8(*y#d zaL-+3I_ZksU5tHGo~K*oeeEMDGHi6@F!wH`}&CRrY64I3?HzX-Dg5pd8@Uwn=y z@MppoC64l+pN~WazGLx9;>Z%v?7u_&O7@AhG_jgH)d@)XrItEKFzJSgQG_U&+W_!N zVx?{1**;edaZgaEbUL420|4~2JEuI`PcS%Df3Gd|qk(mu5VYYbnejCStYLCt`U1CQQt`6qY*|!^0&Z=5Tnx zDW?A6v~e}m3G=z;yFAw>AKby*!8kg@Ev8kQL79_s*Wx{k7N}VTSY-FTV-W{F9?f2m ztTLZ>mCIC?jAJZs)EquofMvjx%JD%_OrJhz$}cR6gv|G5P!;DEDp?_KqAVFD*$swf7|=jmPa#)(1YtC(^0PNSFFw!zLWblCXGv& zG0e6mMDh`0FrEA^DP@gHp+9|wjX@#9%Oup@md<-Z_{UBaDI^$9`5=l4F4!!B)dh96 z*Lc20V}l$5$fk5P4B}p)ibwofFeZNSz_OI}TA=_e(j~J$(@0odz&GcW$27|>4ig1y zOy9r(-9Agdoh6H;C%p>tQAAw0&ZZfd0S}O^e7+bCgpb-U6n59h;+yZU+#%lh7Z@y@ z(Zqe>Y$@B&^G&w^5>HWrQAZ%212$~xog<+kg?-PJI#W3qI5+fy+ixVdyWeJg+w`fk zU7WZ%o3)T3@8WPF?hwc5Jbg9o-;mL%!-!%UvVax&CyPHbrdI@Ea?qKQ;l|xQ|2^Jz z_CV3G|Lgw_m5R7?r_c)542$rsIAFWy6d8X1fZuB}z)tYF*{b=s7r; zMXbbs3N->Y;5Z?n{XrbygseKN5VukPM!e)o10p2&-(%H=wB0Q7H+*OlGLnxfB0Uk9z9J$ z&HfAEUVKb<>kqH+&O4UD6fxw_4JB~(SdMmm?`ring*Z9Sn!jz*e{fk@e8{ZBEXCDs zwfu#}sgsy4IB@O{09hQkJ(Wa>E$OesZ;v-9Va)z$}F%2?U9FRB>X&dtSX+%&ji>Fqe z`Ez0T#>rn7zsE{=bj{Cjy{g1(m934v0e=y-kI6Eh^Rgz=5Nx7zcMs<=P#*9_0pBm8 z@ct;`vQ6G2gd!lwS+=6bckE1ogN+0`l+DX)@sN@!4ZNuOQ8D)wK3@DYLC_v^8i(-{e(6#H5?!-ZGmW5ze0U#?6o{Wld^%k0xBb&Gc28Ky z3;SMeSsx;}>bM@zv0%(`?cnQhySU%&*ZHb0>eS;>7ZwZ)Ip0xy%vz`h;J=i>CAo-c zfRA>Gk(?QD-BENC1;Sb2PWC7989Ex6F>lJ8wi1zbTM z`)w#=e*KWnqUSdKIJnXPi>7hmUO5gHR=Jd8y%<^!7E;;a6r=d}mEEp_EB5;syz(56u>FNw=~8l z+`jU-{P+3ysBD-QMJCj}hjGmfura3xVOegH>SHKBW81K5&307lKT~d%Fq6kPgS9T1HqQBSS5+2@--S+2JNYLQ5(87g!t-? zzLs27`|n)R=ydz=E#%PVc;*=A7#0!Y!&r>Ju@*{Ld1vOA?0A0O%r;DM{WMJut0BYu zsDEfBfS~?dOcTSIp}$DryePecl+qF1+39r*<&H#AbWao;s61 zmW%PfefXj{9v8%FbnRJZoI8^T$yk9fP-@M5^;brI5V=3~?h6CB07WnJIDRQ$KMxcV z5}qL4ZzHyD2K3;O_6ljO^>u77A~V}i%*M5M`}3eR6mOlccLBd;T>wGFg!NZ45w$R7j+ZG((rI5GqR%YVv&N1Tk84x+V8xedWOFHz& zA+yWPM=uwRVY@oSF`6#1pL);wE~5M#xKNSOSfs&&2Dtola$!qg=7aqw!5dxZJucrb z4{{Y~-RvLjU;HptYU!Q&LL>O8#e&vx0#@)l#sWc-Q_unuFG;BKd>Q_fCm0Vk5A+Il zXUUI0|IG+CPst_Hi@zAOS!pf$aP&N>3-<2g;77^l(^B%{=n=6&LCUaFVglH{tqfo9 zcx%O3t-$q+`>b!fow#TVMxESr&w)Rh#JP#$?Op?KEQH z@@2fk+VpODW}DZn@hNLX`oAk)EPciNOywOBd@Xt*HC8rB)X32k)`)c3ma5&f{pv-rJIs5$;B zhhIzPEePvQxhxa;*5=0qG5h&AVN{Dnp`|Fkm}mfp*zuh%v%-_*QK@Fu*Z}KhnZUP( z-1T0OuuxVwE=>&WM|EtQgfgv?XWpBoMVz*IGa8?!{+|*0k3JqA7YC%QsD2vwCU$>j zES7`iAISZbLYCq3S6PhtD@5??!@I><`Ld>#s-cQfk9IFcI3(xok*B-GO)bxFqxIHI z^+Hds|3II-Vj2JH?*Bi})o}>q;U_Ev6Pk$xHFB?ubymKt-M@Q24dYsjFyBVny}Hl+ zv>yLy7p;6Exi|c>;sJemG0(HyLdAr%Uf+jIM!uABWs0#ysn z{z=*AE#=p)TCb~1%X);5&0TQepLu~V{XC-EzZ!oLW=XKr6vp1uc|)lft-_sC|SaZ=cK7l_LWxIZjAt=S~ypOx`Ls+Gga5fQ^t)XH3*?g zbvusa8ZtO2Z<-b0TIz5uIlj7%y!#q}MK-q$h=}JKI?GaogwKJDlqer9Dc1D=Q`T39 zMb&k0&kO_1C<8+%NDeTB2m*?f#E=3ip@1meAl)rPcdH;uC>#D9ou+ZZgENYvbHQJV-K}oJXoy{te^#i^ArEsx<7+8 zvsZ?IwEd%ZfRQys52^?3L1Q9{p}jkxLB=v*0Ci+;m%a&0cx%@gFMGVZ47gWrWj{Sf zEF)Mv^|liur0`Q8PJXn>JpM~A-Dze6+|zR;<$wjyQUh_pD5W=hIs>+{fCy1AkD>H_ z_W1rLAd+A719W|zdu-iRl2QksH6C2j2f#?k0CC_Fuo->2(q zRmO$A+%M*lVffT{eENpFDf5((p9<@g_d(mE@!Vr=U{RF%Q);zib3ZQvZP5{nJ4Qa1 ze>F(-0nf0wymrN5sKaQxIFG4nd)V%B`Hz;8hW<0JPn}iGMi-f|HiTSUp7O|b`N#5Z zT}w}CysS0%=yO~MSpyLw^N!x7#EXLxlMvIr>hYtC2F4X&RAih-V}7d`Hnr9{h${^X zg-SL2nwiED1J**=Izb)5hvf^#durQJ8vY!9OZwxC6b3tWBp3sUwp>HNGY>6#U!O%Idw-ZMP1GH7@>psO!1;?l+vVz4DBI|gbexES_%o;k}WvXzl$ z&pvwZZ;2Yz106w1Al~ltV<^8sBwO@rqRqta6Syt5ppqS;c;;ot71^nC-3+_TxSX$j zv*F28o8$BtLH_C947-IU0|9#L0 z60z|=nL95JNmJAt9>)Ulsv;!<>&DIYRNc^RQ zM|wduNNX*vO^W;KY?^tn3x?ng1f`hvy*GQWS%Wf(C6a2GjWd{C3yA+3^85&Di*hi< zcEUh*q;ayTaaZJp&*u443Z6jXk)l-wJ6V5nP+tPDSB=JMnS!Gl=jcf^EFL0cNo~Y? z)o^Z_1HA}=cTNkhQYo{89)Jjf3ZpD4B+n8EsBOW6thi#JZaZqNzOhnR(j`gK_GZN& z&NzKg4mxI%7d5Zubov~AW=JEbe}VAbhRvS${?(v;t|82o;e-LuTgRfH8i^sk`~n&V z390ObHo83pdznr?u~n3C{|re$&kuS=5r!6bl}Xf1+Xe3}v&oeYZLDyd z^Y{OKWN%T0C(zs|OPS?<9gglH7QAcRkH=p>Th>AkZA?Dv&gW zaTW2FuB@JF4e@E*gk1u>wAd(v4~n7U;uYeh-rs{jWWDzK@8o~m=FXB$bE=pO|CsIX z@a4kCfoDjDJeZ=<*lX!pQ1W;Cmfd}3myAU*lWGbn2C*!;ht2YHSAZ-ta2Z~UxF7mT z$Py2`NJAirjSL5<0fKN7dh+U97- zq(!`W=Bnm-uu@LWjhmH2VwRwt4TUP#GsP_*40?YcPQJ)>L*Qbe~K}q~5_X=0Ms;Aui{i!NOQ-GkVb; zbLYqzcX^dp_W>fs*5mH($JTYHc2NhOafe9tYcW8|=ZjB${hy3gWJ2}HSw|sowJBn* zhcd{K5U$+~AW$0R|8UA~3}M~OzVQJ5>XZ#(h&*l;G%c=7P(MR^1%VMl^)Ua*4%%lZ zuqa4Os!a4^mo=KCr)05ka)fbGGC;YDk~q;}-UBdrng#?p9l2e0&@)m!vIaVrv<-go zXLNET?DUr11GSpr1LfGK{;_uk->ZZr zBRA3bGQ1f-$f}!UtTU^SxsXVCTL(WfcDZh-OXV5cUK3h=Jc#T^9KmngMB>q5y+ss7 zAbVn6bC)DR#X29T#z_%R)^C8~vLc~{3Qgrtl?yHjexn>`&HQpQ-#z9w+-Ydi63e~e z%Bl9yD5dgN`m^WUJL}vBh6UAvQ#QA)9Li?&=Q=SA8T4-q-IbHvZd2y9%7s8oa3V?a z;`45~TK2i*B>_-k#h#h)9L+%ZtdO!pJ=1&b82d^HpO;)OZ$dWQy}m%k2hI)0Y^-byQ!!@wqxNo{0p&}C zO!8vnFhkbMB$}JEBUgB!8Z8Cyh|n7rc{j^dQP+hYxGS@xC?%(tvzt@k{M5l~$*DDe z>o+gQVk20(pI+Xh`;uwrMyvYN|7oAPgNG8rVZN5i{o5z<5AkU=a!33mo5bg7X2UFx z+=YytYVP+o))gk#Te&c6SZ=EIg}lBi;1TCxv=~LK5<*VKeb^Pfx`T3?c3*qK(ZkQ`P902-zb8$#a_Q59-&pN}*qvG|MgR3YJtTN7? z^Ae_AI}))?cJ7+bxe#XRJx>;SA!fSlNPH9}M?(;l0Efv$GpH7~aXS-xjrS<%mZ{ij z7|01I;YYJ_HJ(Fmy-U5JuJlVcp87N0Qg?8_38p)sbG&!@$I8>2KZU6C{6Czekrj8% z#Vzw?9=+Bh-Pf6k{v@}NWy$B3vfm$8H6u%-HqV5aNZmm-P!^=>N0NZ<1^XQhsV!-4 z2pFyuR^70p6KpOERZ%Jg0H(?Q1bGVfHf?SKd|{*-YVU65;3>yyxZGSc{pK5jw7FG3 zEUahx!MA>c(sk+kZ&&wx0sBSN;?eMY0`eXl6WP(GbxCn>`E!?SfeH1l=6;1l#X4~= zWh*lO4*h%4dzo@A!7_sIZ2ObFTOR{h-N;H4c8YF&tb6-5*~#n2?%VIFfs_MD2GeH~ z`-KF-O?mtPRIZWVFSI7YK|SD&MAFuF(1M=2hGB1KK)}A`Y7@Pbxlz%%9-g4H43y28 zPc3ew)TD^+slI$X_QW|=Yw>@$03PVl=Q|~%$~Tm4Gs%NU_x9LkJnT2HvS^z`Sjg}9 zMxR3@bf#H1-nkz;lOcM{mjUES2r9ZpL`0l=%&p7)IEabAt@z*}W_dG*Nq8YPC z;1mWKX==#?LmHK*{)WjnwmOslew+hmF~wUVsY_Rc4;zTyLgu@49Q7FJMRNO6@Aggg z58{K$xHQQa_4Gp+U_=t!L@qM&lS}T>M%K@#hTA26zuofXWe!by>V#t&Oqj-_MK@o9 zgHb^@FYZ_+J0)8#u;r<89~b)N&ARI)N&9_||9Pi*-*mKPLnE(3K-#427dvrEo5UuX z;d_R888X+i`LpC)GE!&Q7+U3d&1oObsOAo*7It5Q9&XW->Qc&{->)2q2P(kFotBKB zQQ+A!dF?=$8&kV_ooQ;m4JSCw+Z?EO>!a4HE-8k_M5v4ZwRH-T?7GP? zRDT#p3o&?+efy(|2;maq&uZjV)~aijGo?rwtpZ=?XnUV&yv8w3d<)cFp5F7E9*de` zI~F?$RFzjnNGAgW@e_Gs%ln9{Cwy$@RooZ(uhM!qV#PagX-E-<$I{Z{<66W|c=PM4 zoe9WM&*|4MwNx4AlsG(s$h3@-&TDf8e#V_kU12FH`wc9z^mz^ljG2nn95$~3DW>^u zgV#y1iI5RS|6_!8rNU7UC~|}~ZjHZOjh#ArRvNcybOmhys?vr)SLZA!kQ{=9PaH2e z2dtCJ?lvwvIQi-4S|mtsqwbu`@?Fe(#24`8b|y`siGjy}4!yK-P4b6ZN?cUZz{T!X zm)V{b>pt$J+@6kpr5$cyX8s9OU@2TQ@$u4SmawZti4 zN#B$qcC)-@MqubE2&L4T5sc43S>6y(n|n+MQKNbK`}tisCf1b(Yc9EP1*K@Bh3K z46rQ&@wk-}2n|XAA|RmeyYQ-n%721n2%K6;N1#IUGb`u?X${HkY(pW;h~4|zVu;rj zlu-oQk6VL29JZdlO7xaI8Sb|{L6cSM3xySC+u+IPiDbuqKpe62JCNH1dY*@C%_V=j zWo7$GiBL>i3{*M?{z?GAgg`^Q!1ghKkysl8mCB~-G)ho*dBVK^0R)d$j##)oq!~LT zG50LxUETiTb1Gsyq?tNmofT005%l!)4eHdyjdu>&ZhdT!)c!8 zaZ1VgY~*!b<1L48t6Q>UwFRbET8x zP&hmk0;0ubs8A-B%#?-@3i+uAqjNI!Kgjj401WagPOV+GjL96d=8uH%kRt4+Wlo&v z7uNlr2v42PxJ|o$#@~!KLf8G|fZ;1YV|GA38j96NWbDp_>Ui^KU-7KK^una^#EXn{D5vGrp0g=DuUz`I%b09_8vV-5% z){y!}8Hk7@ib5c*1MNeIwiQYX!*Imlg2^D!2iPf4eaZq_La1gj;WZ2OA7?W;$ZVv*T!EaJ!7-vAaAn4Kk3Oav=Ng2RXk(Lsm|t}_NO z%>dcY-Zw&gbU5`#mll1$seU&~nMAjWsAj!wfAQOT7~IZ3=d_KJ3CRs6fBSAKJ8>n> zThwL@ixg4Q*z9xv6r~JyDAh{kxPoEsyhY(=cq!wPFYruaCO~Lu*3O9yLMk5w9?u0@ zfk0pi@s#M;;YGx(ftFKOg~){HqO;-7aw;Sylb{HhfhrKDQR4xDlwQ2g0Z4% z8OT_*?^dTU%-;+lD=Fsb?30n{*w5V01ZNXyP|y?p@HUew;xaFsyzp&i`Z;E!Mb|bi zA-jm1t!=$?Ka=*#3xmUJ+FGw$AK!d+Km*BS6a!p~>i~$0GBqI|iq%YFhCuh4D&FM@ z5UA^yzCQ+d>t{-d=|pUyW{tXV;0y=JZfgCZC5#y?7*O*hH8HE4dEC*@sS%t=&QH=A z$^%pxhQ0xuG_i!B(xiTMg|30TAQb2Wi-z*TK>Js-C>YL!?-1kzz8anE4@L-u-xYLK zXmOERP}Sfgr2;8KTm;ZMF2t0SC1}X>ZCWK0P9Q!1<8Bv5)8qz48WpyKsFv?BsSH%f z<$HH?lQ*57zm})gWhTbMbsHXmZ4OHy~KJ8Ej`8>>n)U@-B>VvMFog8>E33%mP~le1v<0J zLB?`~$JUBST{+nhJW0ljOwovM_1{+TbT?|}v#eez>o8!S8@K%e#nvVapmR(2m+uB{ zUlX4ga#Zkfv54lYoCn~!W<64fW?$3HG31xtchEBTuO5tvf2>;Y{LhP*Fjg~UVZbjo z<$5KIM}zzixC7G@|Jjz)f8<11*s@y2Ymmn)HEQZ1svG1tQoiBpuHKLWl8kyj zx3*Lfs)(I(%(2*Aq^dwNpvSw?w6_KCdzdkG*7<@)yDpuD!3RzBby%}3Dv;$_e$wr4 z37M6i6UbEK8vtG)fbyzYuc&`z~i?ULc7;fMZXeNWFUYSkh9UE1sK zG9#pyO(*Mo+^tPMfz7*(WbCZtdqs^$cZMQ~q)EcUDE@Y;7pF!{Mh`hsh-710p*J?+ zLPFul1y*XL7>M(Tg)+3O{HF9)9g`9~s9u`92>P_H zJ*ytG^z(Z3%>MWBCvlY9j#-3)>Hl=Ub7G|@0 z1;o&Ft@ySstD2O89Vm29c_9iPRGCCbvc!@b&GcLmlTU99LSUfGLn!|eBwk~}zzc*y z?^M+S9EGCWp=#mvlb2?$oF)<>$U9*q~w%@a*uw|+uc~Gnfdel4 z9|6cx0Jn)%)7+5l|3)CJodYC?*uY*a}tq zrub&!g<@#ZHmfFFf=G(blTd-W_Nidf;q*sRWIh=X2fr}8e-0niNCR?A!S65`v_F}j9GNF~Ft z^2Y@8o3|-odoCt5;2VM-|Cx}Z7RgPYcJ4u0C7EK|fbPDp`=xwMlZ_Z_MyPpP7)7U&{UEkzdK;Cz8<(~LC-&ccEeVXxRPG6DiseJ`05ve-bPWAZy~(1 zQC`@(?AR*m=k_9t>91NMKDlfLusP|TzP+M~I5GB{L%0uY9t)FsJFSa1I#<6Zb#mexI49ku|Hf^5 z$S)(H&TckitgCvb%71(KV0o@ObMCGwb)pUS`uewbYqJy-L?t)xbw|U{b5O zf;IY4mRy64yl~mN%RTVqsN8Pgtxn_0f+96G=ogAEc|5z~tXr0$V-yt^<3qEvx$4xY z5Tas;P+^EKJEDP6{I2@2}cI|Z(QCDsFNt8si9Q+8hCS2!|YfZP^+zKy3?<8 z&;%9-;K`0a#$?F|P`a)xJcu&~k%80c?)lNmk|@$pr=k@uBQpEjs_Id<)g?a36WU2W zn0-1WX3?G)Jn}7y1BduTt8!1gp}E0NfKE2u;=al+iOf!wfw!oaS>S^FDVE268?{4&0xo8sa$v_BUOo+7imK7|-PS-kgY~@%nmmyDzPAOx2Uk5&FN{1?vy{ zS`fxY-jk%)`71%9q{8uM)leHqfMocvCu(j0S+Wm_RKu?VXzu;`Kww4FXwvM<8Dn`= zjP~~Cvh+7pU9}ptl#q(qLWrSzjP@ty~P;2!%LX1) z$eJnollN)5U$3(Bbi{-3Mxw&4=riKmKg{1v#n20Sy3KaxjY$U!@Ci>)qj{UdF(uCQ zQnaE&7PPd;c$s~h111iH#HlsPb_$INCvVPJW{Ey|x(7#FcLqysZ_{#9icb(3C(+)* zqd=aHn>&$z9Y`E`;@?Pte7(K(X+@G647Lf2nZLS6!%J`E{X9$uCz%UAjP6=?T1%u| zpKB$LOed=yP51hh$#>>T1mp$}t``@mD|rja7fnd7TNd7p`Fb7a6f*iP>x?tSEEH?? z9dJhNrCyMl1c#l76A|d$cU`gVYl&kJZt|G#X>66W{6eR{cQO$|W$3P1^f}g}zrYAb)klUx2$UV)LWuc^E5%Knzr@ zU79%Q?Cn&H^k%e(CW}11TqxwbX>-~yJI?BBx=sukNly*~l8B7_S?%QoSa&H;MIF+)H1T`vtq;mu7;_C+TW(>@A~l>k zSC#N0$SM>SNl-`F?iD9+h_E}nXfzHyngJvaX)&J-i)+th^7~pAOM>GEVJ;gCuTiHX z(aWrwBXdR~4JurdY|28UVgY66?T3mj<-GK0{v;?y3@Ll&>%L=lJVEh>@;2E19<3DR zmhl4(gB(&xni$%{h$aMyol!S|EI67H{S)W&>zjt`3g|g2G$rk^sC`;^Viz>`{1UH( zO%r!{p};)c=>G&=>gCCxwqe_ z%N=?oqo5sj9Tzp{{UPA{9$5EEw2DYiCl(GawZu8*$UZyvZtm-z4D0JH-==JdA4Wgg z-O(RXX2!{lvqvzS{oa_quqJ#^DZ_TjA~K_S`$0u#$vd22G{g9xxo$!4j(SaF(a#D* z9@vWxK=rs|?jLx#9-&`k5;Ow3<>b3D?VgV00jVEqUeKB19oM~4P+MpKO#8mUoMp#j z2`RDN&li^q8Y+QeUCzg^@#s*E#2eIbICbPw_+Ush^zC?6T>qSR@{Rs7)WZwlY@YF* z>35>$6%H!(AG)?+3)>KJW>;q;$vWet+jqCI6}J7NG4|YLeqE3R_(E~VU~(Pbz9mt( zFY~4mh#Ik74n1G7N}n=^!#un0AM-soa}B9TQvXNcnM1w+HJFojB|^8$*VEK0RNz$$ zm5&*tP>O0e0po401kS~Mj#?WZ-S9S;>SnuK5x6B|;@XtPV#x4^ob2Oi!sh%&tUF%1 zpWOn~DeCAkk*};@J#CVJ%3U(0_jgQfCk)mmPKzh4g>xoI^+7pn(r52(gY!WV=Zo-- zzt*jNC7N&xoYr_Hqm^jF1hQ|#l5Ix3k0z5Cb9Iv3{v<*S?y}!9Qlf-YrHXoW0)qLQ z+BkN${6Q2+rA+sjD|Ih1G#U@*f34{AGkPJS>kJ$k5pOIpb1KZ`+g%PU2N)B((U~n( zBm$TCSnzt`=uG*q)N|XV66qf#7g1X^Hw|wUV%Jnc{r9 zOu-*qv7?~ni*bKH2gL+vdE*6mLFqm^{$THrhLLtYllYdTmsCSD9kRR8A@~#MZQXMo zS5fl;(^8!vv){fr-}5}A8U(UGfiPd)7s<;9TFz6FT1YV8#VExiW_lCwsnaMG5taDb zduM}+*$JYa1_O7)E|$~0vcbL@l+R@bTi@gI+jWt4{*M8_6ZU{c-)O1rH|E$EdXw=R zmMH?O;3ZY-3?gChtVh+3QO zl^8++lJ&u^sn@S4o@2ZGaBZ;-1%Nu1Y)MPtN%x~B{@dqzN)_7XUO27Ca4sDdZcyXl=lWgm!^ zTzb5H=h;-^O$GA>=-;q+nYNtyghj~6p8;RAX=vdFH7c3_92bX2AAJ7ICT-g-|M)QbtEOt;iwaX* zMKNy;hL2r@-FVrh2Bkbirhh%Tg_?wE>e<0`Bxk&HsCLo7G@P8-BwR{ggOXM1#}R0W zZdED^FEu;fU}tW~S z9fnI?sAP7t&;6P9%^rI!pnp%Ce2f&}gu|%FfIJ!*K|>2Ry_u`5GWp z`WuuYe%wwMb+~_|h$Zm1=m$xW`FByxab9HhUuzsNVngw)41c^l3C_@Mp&&SWa8~C7 zo1HNKRRjwUVx5-Yt+>XYN;BhDW6)agAewLw9P}znj|M9EqG9C{FHzr- z6KR+imlm6vR9s3reyYeJKCKbM;00N}1kvlKonaEC$CTF4a2r4$mRzQy) zxqVAHfpz7__e6DH=!Rh_xhc78FeWCIV%G^cE+Q2FUomwYF;r!r)>Ju_L4jBI0kJ5-=DIRh%^uuxK~;zikfy{5PsspZen8L z!Y_-WWU$?gOU>N-Ggl4avEP?&$Ck?p&$UXnr!mG%DG9w5#lqU9iP_3>ux8!{=Y||u z4xoBI$faD8)5g(}_r}yvhMw1~5KF5s*fi|~;NEQ!sM6kkK-O;%B?ZGyui>)|PjTFH zcmYS?#^j#_`~r!X>C7+cH7Fi=-ij=}pn^N^Gd~6qg-jY?)n4Z=m^X29l=NhQi(geF za-mM^@@JYfnSiPQ9*(XRfUa<-?J;wpoKbG?Yq!(UGk_lZXyn1c%AZAN@P_duROqO= z7F`sXmZmlfaAU$~5^XejB{FyrLDXxLXnep3IC8#{rpt4C$WzRAW!SxF1U)(I3Wq_v zRd>)z>PfA*mQc92=`U|xOJP^dNMjIFY9LB6Cz%x6(!6xH$ zlxAhZ{3vspV_X;xz1MKVSM0tQ==Ks1&YBXpK}RjY{1`VZ*V@LU6N)V|lunQlcgmHG z!(cZ!yUit3GST?C$I|zKOzddFv}U#umpp&!RgEM5aM*J~#UI4A`fmWhRsu?nNz1unt%Bvr*?N zf=i2U9k7}6@DpIul2YJ}IQ%D-K?8ipvIaRA5I?O-!0P|2Yb>}nioe!Vb3X{lH& zY^^NEu_Y*ognZbGx0|f4WZ`r-F8QM?)f9E(IQ5QA%=EiRvQ3YT>CfC!xMj}S6oxC& zz|f!ZYe}``EGI0|{NFbrj7-`wnc?hV{D-bn7xqZn-5Rd4rN*g2UgztEo7oomQCz8pgFQJlvyma$H`cnu!F1BE~N+``6ZDtvEMl+es%9pX|Ud)o!=%+dEY(r#_ z&KX(tW6LXQnPew9XWC*+m>qT%BWvab4XgTNeRZkNkDg}0;zjZ0*Xq{4_Nz9@NuBd= z{K3N?siV-U6fhby8sQB$sj+yEExz9_-K-lA-OLBNjSf!+)P^_o1@}{gMTHdSse;X{ zF7*xXCwVnXY9hZ7VF<}_Tkp}e+LoiH(YXisJ>GEX{6l{ueMf3!c&7pB18bV_?%ISj zVr1HR#y z_5_R+swiBf+7uYy?{gq*xdHg__0Aphd|pJ2%I=MI3g$s&v#fyNQh$@8;wZTwJCV7R zp^Vgw&RLCD6^KIHy6}7f!vH73^*|v zEV=bx8^-SlzhEW5E>nGGQq&MFIz zVr8sM;(12wmxwlMRs>y^2E36aC_xh~{}_wjHR7s=&!xx)ji28DignrJk9OaLi zwruD?36e^^k>~sW$3+`-ihDuQQIKJiB^+ndAu)-4(RB*U(AKSGI zhNDpBiJQb!xwd!~fe7pvI#dxW6H0Hi^ZTcRz6BDQ%yx^%2aAgO<)%n7jMKV*a(pBZ zi*~}x3jh~3EBm50bN6~SSwUAMAsX@-*FO#PC}!V6KlF`h=?sm2l!g}uN3Hm9ZvTP8 z)Y%|4Zf8Ix8F7?-Qk}SV;~Ea1MWq^Y9-2QkM5XGXZuF4;#o~Ny6Cw(8Qfj}UL;Dq^tgU4GRO&zKWvK#74 zw<%OHF2(?S5co|lhwfznnjs($V~h=qU}H~%=quE|_+bC;1*C|_05oMVG+nwreo*s= zXA;Y;wfh`inpW!6O&q8UT$Jz&m_*2KhI~9tO(qK6$sc+4Fb=CIe_o#7H$K8!r=JH3 zltBzpvB3ZLL2JP@uPLlLz~Fo>vCHSav-(1b8PwPu}< z(L_{1IANCWI(t!ZE!tV&>kVx^m5i{=5NBd4NpP5;(GA|xuAc4-A5~tYe(kX)?(-mk z3zH8bTZU%*U1(_rMRP)W^yBF`M z9nnEy;wW;Hd9V|*5dh+3+T|rh66}#!%#Rl!f-j7D_f_Z0Lq$FL!sB_;^HmGD$Gso4 zZ-V!6BqHI`Z7JD>qDt8!0BCp^o`3&L5DuMqZXd*NMFqVUM%*Kp&<}^p9PCEK;ux=d zDV8jWqtzE1*si33C&~|HwI^wBA*^_DzvzRm0kAKEp7QvOZmM|ul%ehZ) z6`y0dK7fY?sEX}zlR_`vzl~H=0BdMl@m7}_6%Tvz(SNIjL!eHW!%$-7fLasz@@gzB!hhDrQwhH)xguf z$?U!UiQXZ>hGsPBJphSioWDL5>)zW-WLH>z2AKV=D@Dzej=O7{sMqhm{DkPRw6e3;~Fk%67{pn5|SX#O7kXk!a3j?!CX!_IUtN@%#m*Hi6|R{spTNk;jLBG)~Lz&ZHW5 zJ|+5-fuiVAKX5h(EKG`y*iSt;Ir5@Clj*y7-V5|jNEb?6`m-!RPmNK@W$?PxgazO` z+dRD~D_EQ_(7a`L`(*o0+Je@tOgp&uGm?JdrtzxzT+S?@?1ie?n0jPVN4ca0Mm)&_L=9I~$ zzGFEDLOO4Or=cpk_TOK@25E!HC-F8Mvzr2>;h=^3=Le?-#`NN4 zUKRMi87J0t3>HQ9;U>wIzq=AT3BZr08FYA2=nVk>!QGr?v{+}0sHxU-0OXrB|J4^|efs{Xs!PNoYU}fO(9#6*F6~2EDJ(?ZYn{9US zBN-oJfdgBm#p-*~cZErW@!!953jo`ie8q3?fIQzzq`cS{g;ir!!FWFU|CwYk)hZY; z&v}&(86#2JXM=j;HhK>3+$~Yc`3Exn&sspEk^j6P1$MO}I@IxD#8|zeU?$_gpTo-p z#`9(NR$dO6lPCYYEXyk8UxOo}rlF%x=AnBm7^(ArzQ>tfo8{l@j!Fja!U@Jmav?a1 zBoWV(Yg!;)#RU4T1jE?c)zdo8U4ejxG?K9wBYmtNHNNsL( z%btXeDQ#)|YhejUT_|P39r>@n{IB7tgP9Q#{;wJQ%OpTTlJdVM_P>7urb=U?ek}BY UF*Z8X3#zTy$h`g6U;o4Z{MTRq?*IIs{zq`; z|N77W>wf`d|NL+N?_Ymu@g{^@f0cDt{Pi!C`{&!g5a>6q+rLo$UkD;} zMYb*D0KS6r{g~HfUF82WqW)x$Qfzki`D_^k|E(Saj44L%JAe1zaX4E-k<|4-!q4!$ze)D=OIe(LRCh=`-) z-zWi2|HqH)YTth$9QfYVZ2=Bak+tLdNWLWJ-}MM?N1(sSzcFx%`z>P+ZW3XL_#65g zM=<(tn5My%|Gq#Gf&WJTM!`8JDU+rC|Gn;Ad$A?eKkFWOx%*-bj{Eb29EEM4PW#V# zk78MCK&(Hc`)@CQAKvb%_~&e19CZd}0thAmlIL|&ElCe(aWTVe)}V8H&DWb8*PTI6^Pr^fp~7m^6#;)Y6s(oZx6j!5R4-(DG}BC!Ng@ zNsd&Q;)w{+?g6OI(g7`?Axy)yc2E#DJyKJY@EOBfXCKMcg6XqCPq$m%(V^Ih@=!u+ zR2n2WfApUf1AHMC<&u3x8GPe;*et&YQ6lA9rO6jEck;|ta0TVyn$iKyMRfh2=9TP_p+`~}D>j9nSN-ZROlIigsjfLuZLp0LA3&PtjJ>uU&?A=z7 z4vSN40g)z;G^az#JD13hd>c1dwzy$`2*-ZugFUccNFLm~{&$8(emwAp!iR1Ti=lATlAk0hrFFX^mgw?)0eS1?$AMFRX`Sl@{cgxq#01FVC z^Y-0}pNfMlMYxo0xWz;7DcfFx4wg z?RyG{viSIh>hcu#Dn!X2Y@lGpG;m)XEn48lOIE=4imBU6;85K3W#$@IeNgNqKf^%H5LoY`Do&!d|4^H%ch}Z z?Q1GP09pEL4d?*$to)OF|;8s0>y`ogd}&&e&e^h#Fqyz z^lEJLcpwzYpjM1+;eclD0FMBlLL7F59z#|WsgkO*8r8x1lWtM#pwRN@*1+n9zJpLY zg+dGPDY)FnLt8YG{E!1#LRVLF?}GM+d*vq%M5Vl*q#$?`g}ye#dq<+4@79ZAU(&oW zl9)ds=Rj=|dL6H5B%EK8S8l>tR7uqG66ISm72ssnn?8I=U?pq9(0hKw7?^lzsiJvv zJW^NLY8gf(DU`QCrxXNnFHZ)p9zEHixz7#uOeC$?KC@eirKC{tWiyU%nZPkhoM#2@ z29nHbw6A{Y;O@Y8fx76j4KH+hr(n1x)^1KijaN#c8&ZB=jsv5L%`0o_Yh~E^L(`4t zfD31Wp$K`FbgYG?JKD`aF564hjL=}@KtJ_?v1}QqWT{gJPG&P!m#;)zAy5V4?hfIJ zy!x1W^}}&ZO_|6q^?08sd3~)P0r~`=^43c8_j)>_9ADs5jD~9F_4XDiy#a#2ngN&@ z`*a7oBRi#|skwgfJ1T+ip-}JkH=BraCR~!``tnIi;lOUDlQ99cBAP?06lU7*w%eWB z1J1zjO}t&1z%>Q-FmtD_Jef?RDNJuoYN;4NJFz}jwILUV%VZsYf~PEJe*x$BtE7@( zq40a9UUnhi5BT(GUO(WpXHb*s;q8x6kSU8|z%^b!<&U6Z^(LPs{*i%?CCWNt@~SYh zo!Lz99vq>^qO{$$*4Jzs=V2h{eH(Z@esHOhDfE7oPIDYI^>DAC-<0?aEf6mesC@R_ zLD>?4nG(CzMHFg@AALuyFH1+*CP3#Ji+J3Wxi7&s^1LW$uiAA z{jnevk6jL5S}+c-!a`&tm6g9QqDuoX0@%}1(n>eAfSyzUE#A$y59giSCroHE`%$9# zs`hQ&vb=B+{G-J@1+x~reWG@gD6PfQ+y)cK)d)CHRBt}Kir}fIOP(~)H;E?QnteuN`sVV??{%1Pn7eoe0_^hg z7DDE9lm5^L_@mE4-7i;=aZA5`r?HgBb7i*tQj030@zc#REs6&fN97}PMF7s*gLnSn zVX(2^2|7-+5r(zFCNB~Me7AsGSVg0lnfo9-@8!l+DBLG&EaNU<`u{;#vbD)U)AG%L#Ltw&OEGFU8v~r zDeE#i&e zOn5o+ym`$j7_3Y%kv%^Fa4i&5K5c`0#SUy+T!5r4Kr9)AS1HP-m+xey&%!_@1^9V{d## zc;|nW9Qs#fC0?z%{VQ&Kn*C%)<##=1@Q9rv7COWw@f&|$idJ?bGWg^lNbq?1XAcWCAo0K_j(AcjpMK-e#^1+=An$4#cG!nSNrZCD> zKYF7edLMl!c|d%TJ$R{GY$(FfD1j%_9oh%A>xkVGm+;zWmHeK0_3JJ}X?!ff>4SH-*ksEf z)`HQ=|HfO$ZhcSGunn$SX;C2)1WSI?>kpLu^b=28tmYgz&Bm8qiB=v`0$B0!K3E(> zDurTi$AAJZumGHN+96W%c(7OBD!oQ)>lY&P3vO3sB{b_Q8-_Q%nk!z zo>x?Fo8Ss!deN2`NHN(kq2c#ild#oS)jpw+0NG{z*d>(uf6!k)?wqN=ezWx4X&%Dy3FHu*fQL!R3CK2l?LFPY`l}JFKM`P0m-nwj9@WFXTUf%B z%Zsq#1?H%y0=JyZKvdBT(=5ghuaVxq=o}a;{`B8qN=GnpHY9ze%b3!-K@9(x8zk^7 za=M|d;T&hFztR=fl>e*10^5G1A$g`lCQiG6ggt))t@&*7b^EDfL zma7Z|L*s}SW+h$`YC!eqTtnVF9Y*6n7|x)zuyC*-%A$hub6=nvXj>|E(pR|P~9X?$m4>b(@GILA}p>L%ga(ZmAr-4>G8QdoYvuV^MD@9 ze7e~-v)+YgjUNMd1SLL;oQWgB1v9|>QRVTc*&1%pF0xanPzf#BXf$M@R^T#T|k)Kc_~W)#i+zajrr%xTV%7 z{3nMMu^X?~AnHEmiTi9$7Tzw>*N*4GOB7>-P-8gfp?{4$|EeYmN+S8Y5E2$cC0I#! zuYDX(&m!@dS!qBJS6Ocgjp~#bXH&HC_@X~7S+OuJcpOT<^ZkbcjM5*|ehh=xJF)%?lU{F-ND`vC;8aV}QVOWQP7{M`JAyr4_K#V;s|h7JjfFHJbU%3kh)3*^GSyBN4_U zM_s`0+E0gIoTxmSqq>U6&$nqlOS$|=>2-mR%Z;H(p&(QWcYgV{i*4b+va{*3vTK1! zr)qJs{`w9juHjdcY~g~)kU;r*cU2YaH0hX-J@!q!r`j*MqRAac5Ylg&++-8*iXc`P z^p2rRAKC0fK1|@?zR}>O(EpHYiXtC}+D0}*wlBWZaxDDNQ;S7W5zumMVK&3%8M#_5 zR65Hgp*t{qSv30k*S@|;(>WN2rH>L)N}L)uR0doR)@*A@(ps6sM<#CQNOsFKjjl+1 zbshk6h*J03@h5fPZWWA(1yMGw@v1(J8;BGP=EJW@EH^4Sb_xhrM3CWK`uc*4}*R3D)rS zsBDPd0E*8Hx1rQi46-6%;(MrcX*&)VUgPSu1FO!G++f+*Q?Clz2L9mhwOJ%Z;qLdR z*ixoty#;XZhokN)TN%Tdg?m1~eDF-j`crpR>WP1Jb!u!UVO8j^ISgcrxFy3Lvl3At z!qkG8AC!M?Ltv5L8|YM&mXE)%64$$DFfMqELeExg9=`_%do9*46G9E&z4svB+so=2 zhaFKDND77o)BJY`q1FtDQui?bTtod_s91r#g*LV$i!|Ajg{+64 zBkAnF<=SNW`J5X-)8WI^FOdGo9gP7By!?)gN;p4bEGAyAx|M-pqUd{ylFV1h2!p;+ z`(x>P*Ah6oX1u}<`oZ|ua(+u5J#P|AVLqPlR_K^%7dUKiVXGD9D9JqXX`PEh6cmi) zc3q+U-eAx41ioI#qGFGDreI@=W=QMWjkU#G_gDb)!Si6!bBFl!2TCsmJzZH!L1-qn zkz6bbHbr3dirclEs^sTyRI&Y2o14%Ejkfe(J$3!x5Ji=p5n{vS&GW{VAY(>zLda{y zN5HaaAB#gL!+dUnc!|*b4>Mm7kC25*%zYGRK7QEfx*d~N{JdEB#QZHiNE+)dMzM)j zG8QFZpNv_x`x~u6ZumtIYmIl3>sC-R(atQ-6qrf6X1ez~^2t^)Mete8S5r!(RM}@B z2+L11_fAMt*}iry;n&coxGnxg7;jm>66kI+<`w#}*KQz;#p;hMZFucCJZ|T#S~9K{ z?#XsXi9{CI?XtL>EWv_MFDj@TM5>}|cy`11uqLqi>25N|mXY%cly;s$$Oe#xHxE6x z8F7|AIX;6 zUajem4zWYej$Cl24wy&&UYRzYRR&~;G#>d`{2U*0Kq{XXZ|NuwnTRP*U~7v~IP6Vm z*#{Bp=mh0{CPMN^uz5hYnX|3_LhnuDv8~_7l@IcoV1PP5i&JaG_6z(KxNJUwC47KS z2RU>lw;*>srZZ(YB88+f^pk#9Fn@#m)Rs#Dzz<99oFf``m`q!3eb_pQC_$x1u%~?E4xCTcrXDMU{oo*EA19`(_M1)= z*s}o}XQDt=1iLfynO5E{Z6IC9-GzY}={PgZT&4`El!pxo!mf4@Fyk`OfN57jhB3*_ zojxJzOQj#J$CW(_vM`w2cudYIbMyo0!eWxuY@fd%6`Pw*ZU}sM+uKp=cY|NTIC?gm z=Pc6+XhBx!$1b@8Y7!Y)9_+3>Onw>;E=xA{7>II!4~;z4qbhf9^xX~cd!T;hbjG>PW{H@kAVq_z3R6BhZU$>qFNOBd7)sDgvl1s=S zsQ946&`#vmWAkOyapR*BL5dT3l8{LM+)`@2+DCQCeo{5%X3RBIkeW|0sf(lnc$luS zb8YqpI*0cW2H9NDk`?&gMqEu2|6>^nCP{OKR&%CbI(fL4ADU!x@OER zTI(70o94!K%0D>dd5R={xNDXs3{v;pfeJj{kw^D|ty*~9pE@~EbBmgl_HZ}h#<@>C z^$#+7iB5cf$P;?WgH7Z-K`liwHZHYRA=>I@T^7NeAX)d>d%kNJ;HBgq!N_9*WYC8W zlIS>KCw`NK7O=ar55Nvkkj!I0tE;U%`ZOyap40~&u!^_%Q-zMht+i!yO(u~5ikTzd zH_W0)udPxX4-N(>1Cm!UY6?ahZOf{y$OZ1Gs_y~`v6?!oB9*8eu9Ea}xl(QkP0K16 z=@)xAIby`}rAv4PB@HrkqhuG8Q~PYKto^L#DZdp72y)jMQLa}N6T^A_4pU*5LY`R4 zKbr%&#EKR_CHihukT5l;H6rUvJ7w5x&qUj^%+J-W;L$_gFdj$rk;wZ(JS|oT8F*`> zQL?r!1V)r~RtkI7eZPuGW4onlO;Vp;KgiSHFjxM_!h(#u5(noQgIpE|a+w#z+-Fg1 zenaKtR4J#;C{mnYVLa3xMIp-($63NhuMetjVcnKOx9(&C5InJnqgJ@x4h1yIEF%JN zpa{Vpd%)b_kA+(j{O*2^g(h<+9MjrL`70+>w7TSa{|WA$hKEKT*<$R)7oPCt6 z_ZEOGxhIrS0ig09d=f(ta-YuqE+we(`4OYeA~5~Dgn=KBRrTLYJZlPp3gAbkq2b8U z&(>mT9nuH#vm+HkjrSJ2{l24%bviSSP8vw#mt5oBj13|d&W_;OGA;N(qg#No&NYT; zJIh|#GvvD`C=IbQr2%L@s{s?S#1Kzd%w9Oa&@a-4m+r>r@Jirid-7BMj)K4Rv4yWa zzynN<7m&c2Xy}a~41xm#{La;)E0#UJ&Gi91!iJ1Kenk(M^(IKHEY4}GZR4Gz+n4PfKqQTBJ$mfg{a!^vxxb7Xbe&nVFl+&Ao!=+3beb-Y5+Vi3(n0-~Xgc>w+!>xJBKHDMcx<;ZBa&*9wAK$LWgiF7T zCQ4RNI4J_03DE!sXd*A^%115EVJ#enf~_&9o$^d{o3weHe57us~D=~WS?OM$pZ)?qT&obqB@ou6%%3IX-P(P5+m>x%gV&w zr)njK8*cj274{uj+%uT)kNj7qpD6&I|7O4DWTk^1I&#px8kRm*#r_tAjOfFveukJ% zLDC*ZU8Uc!4l9r)`05*kQ@(BNlxNp>;{vqJYQs(^$yYR^8h0>smpzTD3ZY6{UUEgSWK zWgv`HRyP73G5vV?T-__}xLu!2X?%Llz#0Dz4mSNNY?m^F0Bs3@gE_ zElX}i{oVzQZxE^siN)*4_i)8`?i-k)H^K7_9}ZOH=vqJh2WFh0S%@NKfB zF%?rN!G7NXyF}s9R&I&&9M*>wpJtD|AY@#X_4-IS1QQllg90}>P=+RrAP_*`1X2rg zL4bm^8(@IEjBP z*W==dbK5XvL)x*7*!CUjJNE+aaaTn4f*J z#lRRDz?7mj)g9lUi=Z;F-noD3%79l&JH1jk+Dot$!tDs`1$1h!GkannWy@;TqQjTz zHFjRb8F18CWY159=@W!mC6LdSj$To=j6!N|#C!^m2q{z7_DI1_P;NA%-#Gz*d7?JNthKe*qv?X zh*cY3n}of4!@Qzrzqju4^kC({3j|D8%&+U*F2X4b#@-FAvQTkbaoGr`(WjMR1~Vbs z-Ubj?e`LrSE$EfJ!k(~a)-gW5|CF`B>F>tqx_ywKvKZ8$tdq>UD&ef4H4+E~?}%dV z^Ldn+c5PyDeqmAlWIk)p)?gIwVn@h%k}3I}xl*>BhU5)7Yk{Zw(aax=EshY^+i$e1 zMJRqJyM2;DbXOgRZsYk)AlOjGaiGa0Jl$lk1|)IY5ob;i)S|{1729v|>|JHfN#G8ba|^ zro9dCAQ^!C@ek<0v=9QO%&yiICTi*>%*>Z-2`REGMuBl|NvltP)e|sBQ+W8Lg3V4J@SP=E&1M2B;Rga23$g zU;v9Jw6zBO>PaB00O)>DiwE5EVSRQY>>H&S%9bs~-QY7uThwQzhEZX!tWe92%D6mG z6Ho}aKz$BC*n&Uwj=NWR88a040n=lH!l5Jm8afEz+Ecx(SrRd$G81M4oIJdM+R1*y zlLVFTnK3b7DxOO%n3%9l0#M$5OmOJ%olG^Dg&+tHzg;}9@@AF5|LL@xdh$NGwN;h- z5!>x_nll6Gsv(RF>qoTe<7YxQrNj4S$fBk#IM|CTk!=0-`%70hQ>4lyBU1tFDcm5v zu*7M>r%5Q2S|9}w43`QCP-ikD3~BpTJg0zcZ_HPX@3T87UI4>@;>)->Bx*n=&XAML zykMb5K@>wrN0nvSPswmT43uy6n6;#u?x%wqF(H8G6q!>0RY08bC;@z~2?XD2!)HDuEPzUj zSBo|k<0wLFyOfxkM)Z}gJq=!VViYn7u9oZF0+Z%@7q7qOty$n_$6vY`BzKs|=0LV$ zw1FD)q>Hn37A%^IQk2!?LZZk z+mKm~;BEQ=@UK)6n!8QA`2BjXNNi6@s2KoSh|U8p2V2z{J=SgaR`;<`F*lTN(9X;y zh9ltxZNzLmb4|kIb}zohVX~X;_nL?0GweFT=e>%%l%t|)pB6=h*%m0itt;mPs)hh| zJ`coga&_?G2T|J4K1}IqF?tYLRV~tcn|MY!7>r;n;I)e#2Dh2vn*h?#e)(t2MI&P| zf6m&9)NZEwVw8XfN#VaReQiOFAaS0Ywd9pT`}q1dZM#W2 zCuRS%MyuVI`ALuuDk^^V8mr}akw(^*@MO9n@J$E1_8K!MZMAQf1}msPTi6$p(yPub zGwH&P%t7n=y~*^nlKsqCcPY#^Dk}O|%@--E@aQmH1F6BKWSBQxvtrL7WX=^r0E3Bg zE6eTaMV0|6up8eG%hGv2a)FQ(Yf+`7@0tgHgC?e|_E&2U03ch{H2ov&@-Z$w4tYfh z?}aQeg`#pMWPgE@+ESR_XvwWGb@lm<-`=lW+zcfZP$>s8Q6OuRocBXhW ztci`!eX|CqZ>CaQi2RRc{DHeZT5U+NZ&LXg2*vPRZQY%9hH>d{m(*BidD4ZW^!pK7 zW*=ImKOM^0R4hFBHb#O+d-_nKf5*klw?Rh6H|6{7s*T;F`j~P7zTxE>aqh_W#BGpF zpiYO`W#HPx1Y=KH2KpwvUoDIC&p&-E%|OER_d+e~yCVB8jnFZb=&MKo(h~Mm~NM-3(hxFq@-9lO_c&Gzhzjfcj17&*~ z)i+WaH=$))Y4rfFg9Yd%i-Xr_aIuCO0w1;f!mHkiNuU-0m```Evd$u9j)->sI`B}d z0#lz9JUl@uj8Q%#3|VZ&XOa z#!`d5BA`6-l6^Jd7m{p!9mdGS$j?W}jV>Z|V~yd`xoZQU%EjjWDKU1_gC9Ym*VhEy zEg$ICrwvreWC~)j!OW-m7J!^10NGS=_6K$0A$I|J?@8M+FcW7@;{#4Q2dIA%R4le1 zr2Z(|KC*E=G7ufxpZPR~OW<$VF(rVuzg`qbZRgM&lQ(|D1kDsT0*d$~Ga8qKX|2c! z$s9_l?K&e@GB;|ZH}%t9rM=Xe6ldA%3_!AlT`_=VTen!jL@Fh%XK*~uC7qt>Tg=n} z3so7(B)itFr%sy)G9|YTFa{90R6Rh)Uj8GnOi}&% z^G7e|?8OOkM1>2<|qmhhxlbT%HNnMesZSyxsT0p)CgLRK)%|R z2Y?HpYW-5K!J=&Keh`@Bnxz7+n)vyVUr)&T>qB(qTa#_H$zGv#wh&jGD(xwUKvk-FbEaR$Kev^WOw1o#S8)&-mo`1{#As zBA3&D=?c$B~2{vN2G4T|nl_opgFs{oL^ zf+B}OLG6L>lT4ieRHgE2jjEXa=@&*tasWx;aJzgVDy1Ym;AJO$IT)k?UUvicGQqR5 zA$&H|^nmULk3{Pk_Zai49#9LN zzF7<0ze@UZ^8t+NUmbJ0A~Y2jSDk zYDF3h&I|I}5ik)V^rZ+GPuzGp?+9$}QaWK+MBaVKyF;i?qZ>>asXEqqrGERl_D9G4 zV4iRb0_Rg`Wrv1P#R0@jW)w?3)vqn6RTJF-^4%4(=hcZx&<+@w04f26Bj!uTIoNHS z?znwpQFRDw*?hHyV`N$roL_N=AJAUcfE+^x-$_8KPfT~>x4yghbAo=$Eed&*qIg*; zXjd*!S;SbxQA{NWY!OqWa5=V;xMKDpo-nIk^?cgx>7aN0_-!H6kWi4!>ptdu#1i)6 zeT5-i@i|SMA|%Te?^}DA!dfE2ce>2%kY?z*zv@nenXEnHf1ZOhbmUxpd$sVO)JsQIDU`=I7(hz&z_3(f+*_X8>NL z*b1e(wV)t}BfH}U$=_465(`{#Xplb;*Z z+T>{u0+P|Wwu|K-x4qkI)-LMYFVq60_NVPNrm0J44*vORYXfLRLe87zfQ!0J$zM`$ z4R(RwCrEKHRBbK|J=n`IWH^rk#08~G+79ZF z_6BZwfOPh(2b?WbyK_d`q9|e1bS6tC9S#e07FDSZAt0j{V(qwHn2s|1i&x{o+hF6p zgEnL%yDXn_Ua*oRcs9ZPoXAyv_U|}W^#Yp(wjxaUb$d`($*8WO20-1422ylu*$|Rb zcigWBZ33@%s#;0}n);*w^eu0%ie)E&1(tq`@0i!`0}#62VoBaS82Y6n_$L8y2>xQL z14=s39!bUEfI9X;eB~2so-~7U$;3islmKy5TVl&t*EY;m)R**;rX7*Lj^BG|D2bsJI2CwgK1#yWB`HdLLE;Z>__$j+~k=Xn@JxZLw@ZeJiNhjyi#P` z*K%3tF=^IGPbYr>!iB;2(Mq}coxLF8%x~=NjMFfSr{$uWx^*-m-q1mdN_8K#cWcX^ zkVfRu-e*-~ev?r~@NN(MVTkX$%@JtLfJa&2 zgTq%BHbw^TGtz$KLKMrgpc{i`2l`f?!vAp65`msN%mE$dO82P<@Ob$p&>86<4f_Bq zgAvVX6o~GIe0`fG_ow^Y`?~mG2&xq@rc&kDWHfLV>5;d~-< z1fJ*g| zPs~BeOrGM*aPN@LqH8f~6y&C#@7BD*09n1-$x?%v&3)Rx%T#Lv5CSZ>yv{FZD|DEJ~S5XV zKd8CRuEHda>5a7QyK}e+ol4WW?G^^fxfXK~V}o(!@(M3VtB61NGn1M<)HyX&rQ^}q zv4NV?i)F|hBo8OJ0=@5%IqUEz<24KAo~JP6Gax8$y(!%6RRqlHl_GF3^1Uh!4b%u& zJ;2KOUI2enVE0Jl#M|UUs6H1B++y)%PmvIuneBvIWI{mgy-=;Vp`U)SI5(i{)`GtcFfP9UAZ#G<-0Q4D z7N`7%mF?^yvP}3*X#*X?1_Jkk8dVm(nXQ;LEW(Gv)q=^~&uiMuEOgf_4tC^MAz9BN zdL>W3{x%(*qcUCv$i`|7jkF7@;SW%GG+eGer09iXopQJPHN!tXXJqKnZiwFIM-aVi zl|Lp@{{lI2khIT11=sL(YuREu7=f@%^^Yb8l!x#;@4MVrPgQY%aKAJJ;E&C;T;T5) zK!+Fo>tXNWSS z>i~-01eGM+DtlNXgZ}#5OmF2yN}%fc$|A7swKM5v?>w$Cf>!bqAj(d)lz| z*^9a6@;AQnd4LXFL%)7Ou5|uHPOA<@*v&|@fvXjKvmU2D)x$Bg*bZr{iZ>=vR&2&w z;WKr0^WfF2e{4uEoCuQ6dB|CyEp1+a6Jg<+ReY{ZwU>SdlMsm_+#M1i@#;BvJAVi* zvgRzQ`|`3pQigEgPi+{IX7)Elfli`DlOxr{{y(<91FESlXg3K71VRZNrG+LfND~Rt zLPtSBR1AnnuhKgRCIO^~G!YO%L9qf-1Vw3~DuNV6njirLRJuxUZ%6OF?_clzYvtZ$ zvcfrg&z|zlH!~-W{($86w(&GP=Wbz6(D!$8adI=&alxtL+zfqmEmgpU{V$pP;Zx5U zsCcUeSgQD{95?ZCcR7wz1!LMe-sVnfUS~~I^n<_?V@`rJ+sXr=2LIz{b!ZyqU(dHn^xaH=sVW_@ z2~|98q8DQA5v1Vhr(|Q`@1PtI?BQ%07!IyuWT}sHQwp;-cla~PZEog%O3lX8*g!4x zjElu-0}odp1(z@ncmHrBRVyn{-&O`h{~7-fwcv9~dTs`7{$5BPi+}qec;)vR*qo%=rArUIH;HzV)rlafV zp>F`vmE$L@Xrb(gO^9wd!1aczVX9%~I!fojKV6MMQ##Hf6lk}V@o_(#3NF~p#QcP@ z%1O1Oo~I&!$?7_TDGVCUb3S6?N>B-)UCAWGga97ep=zpn1PoMy4^$L`j)o|Qn$W5m zgy4{H9L-`?6a&L8E*&|AI}sET?&=<(?CW6a8WN~PFb{VOqFn~3O0xh}@SizoAOf7a ztHsF>7heV7pA20usRo4{v8F9IBJ8NL3-I-Z1^|oD?q=i)k~&@2Fj|%i9{fYg@RXIp zX-|hRB>1Qvp|O?@j)tn>;UGF8&a^9l57bOl)If)n%ehc54-;!Q@bnL7Zwo60f|`=j z5kO?oE=Zs~bxhY>In>Hm&Cmy@2U5!roIZGf7r4T|&+z*5KritApU0>v8^j?FSVJHf z$Z>t0Ghue~`HVFuKk>IWcKy=0mSkz^krtjHE}r}G@hj&OGfz6u2NOA%JU*1@=&q`A z_2r#Fp2|@CmAP|w{p0I3&Go#%p7M3A$faM;W?%J8=T#3bpP!qL9H?!a$Z3gZ6XxOJ zz(D_(*G4KukqcGBYfOay|F06b6px>F8ieuxe>scdD~SB$|K*R2iH^|q|LsrG@XoL* zEOqgJtRow_v%SGHrV|Co$W|Kn47N!+pzg9-nL3d0WLLU9zfd;MS0QFI~kn^D_q9S=|5 z{ylr!w;}yv^rpdnz3cmf!_VDPZD2Wi+OZHP6-Y6Jz)V%?*J%>D@@wXO1oh2!IiAAy zqd>SS{#ZK$CNjeEo<8IE zvD#3>IYYGjctgF$*0=islZle93Cxdw_ZbOyWJ;g@x;0nUgJ!jQW-Hy9C3l(xU1WA| zsnMVwOhA6y{{7KB+x30!@r9A<2Y3?fz#_`l_8%ofN&p3k{2vN3iGlEvADCpntMd2= zj}K}Urksv)l1o$dwR>VwNX`rFR{K!ypjUm6?^w`djlGR2ST?kVoexDme&bNb-79<2 zyW8tMM_@HlcxFCD$Jivqz|WO8!kzt3PEWs@z4Ng}i)ky~q$Nku=}acR@$TiHi6u7G zC!#kd7>298&RvzD`{86d-I<*|PPQ)3f@i6m{qM zp^6{$_Hs8Q&9lY_cMsDsu$Z2}QrgOe__Qw92!xLM2P{+%dPbJJQwZlu2!+jb`p^W< z^Di#-ZEffz$9yzXKZ&^7ex1MgK@7Wc2D$y(@joVc`6SViRF<6@Bl+*z{E{Gd27E_r zPF+B_cI6aW!O;vD4w~Nmq-Qy3e2qu$2*rN3JAeAcXP=Lfs{@k{2@urPsZ?#dQjQXY zKdaBHX`X5yV$I6t?A^JZm*dgJ%}{+r7s`rp^~a|hCi3-Xo?4aWiiF|XauzcF*l}1k zqz$(8jK#?CUwcY}!O-w5`HP3;>z2u`@^}Ru4U)WNQ9|x^%hLYd_EL6+go!I0rGGSr z-={`r@%7x{YV7hog5SrJsvVC{-S1~==IZj^`u+V!1B4yAuS(();R*WItJAHyZkw-; z`r~f!5$pwoG`qR?!+#e6T#&v9QF6gtb2W2kV=C1KW&YXZrpyBvq?I^m7kTod(AwOf z{ApP<%8##cckQ#LG!KRz*1q2V?NO2Gu+pvez3-3izB}(*FTtkyJI%&YV`sTVCW|rx zQDj%xFD`4axssEVE-Xw_2xDPj)*swT)lUEGFi8qUsN%O6+1f;q4ZctVZ0_j&1y&G{r!5;rGeZnubhAvg( zr?DxN)n9Rj{XGlR3U=QpwcFX6IEO~EHyykiK64;nZ00ApOXp|b#?r%ld?tv9 zT6+^%AQvM{i=PiNF#&PTF8qPU=GPl95)l)l=;lNOJ+JNI#o8sU&6(T2nG9GN%t5@q zjw!s=tKb1t+m7aJ(6&G*9t0#ILU%Vvp`bJl*;x zb`8qfQP!~KnI-uRje6nz`B2o>?~Z<@JMBgsC^Q3v#J2KPh==L%_WJmhVnmB|G!{f}=*m5&w0rXVC$=gSd-BAmik&@?v2ej5bJ@ce_o^hur z9jG)O!f1g-Qtt(v`0GZ&|0fu!=!T&0mMVj9Lr;u+3;@VUncgB#K8q7X+o zm6EDR4dzsa&{6hJS+E5vc(Ac&qIGqyA5=N>m6$;M9gn8R5DVmXD4vt;{J#BR%ma{k zcV+bo$Yk?a=y>U_m>66?RlZ?E)M+00z-+5hn16t^Z!DBf-c0o z`EKN*+UEB+cg2mm1uToL`F=CHrEuS_y#|#!zlZsB})m+Ef|y$lH}H zBHC@BEloOO0*luThzDFB2NO9RNoP$J_K!BxO&&T^LO5j*bCrevX)mdZ!RbxPdyYu^ z-U1!VLftsiEQC9oB5&G>l?T~&mWB4CHU96QQMN&S1~$SKJpVwC9TN~0t_-G#{TCI0 zMB}&I?nYTXG{5^S-W~~GE>k_g8u9y^i1+6gp9ru4SSQ)f5$p(#)IX+!gy6*EWz$Pw zx^3iMy82H^lq&Wfm}CG;35xp6;<1HD@F@y({1|Hjq8zKBi0TR}afFs|QB#(IlkhZ! z6V9F~wK*$vd08ho#{M7qNz&wJtD2JgKjbIi3iQy1ftf&Qz8zIX0oYrFSOz; z*TRzsL`Z!8vEX+{&MwE*HeHi%czl@U;m+#d#Sb9PzaO$FwNbgH5gs6#5XSPyCWs73 z3+ysQ)DQWet*^1;A3|#mmRLVGbV43+@5NtbK9C_{qdkho@Eq~%m%2uPbduwRqX__s zKK5ar8!Q{7Q^9hXGG3QN&oS$^!2&NlHqZ^>VJh6UraRPrjAzbP;V@FRTnTT=&?=4} zrB6UmJ>=3`Vg0uhovtSHDe9g+B^n6(8`p^1!1pZAzV`3`Z$0eD5<-RU`x$?#3JK1@ zCREZ)s@4a7G9HqJQ0R-7rAt!TCf;x)9Vq+$5y>&k$k~BJ6fUA%nT_KTAgSd?iQHGu zN|6YD?^Ooh0z9N_&0{|rIMa1%kgZ09(nk6lH7IvM)Yu3d!+HLXsF9Wr+53g-5-k@I zUDy8It2dm4IRDb;<}GEncXMTp&!pK(8J7K4AeHKrcvd!VYKNvi%JzJXpM$2U*n5#^ zvbowVDU0-*3Vr}VU6L(%Kj)k8-OR&!ZxbKf7pLs%)XU;p*AG08e21a zC-RKc27t#ZXi-NF@zZ_7Pa4IfsEGIb(;zd^j zxeQQuCGa!Jn?u9ABf1!U=X4@BJ)FmjsF%#0g+QawFNyygXCv)6LlM%*gT10IU!~hPILQtx^YRi6AkQW>MWX ze&YXW@KFw=Bo9?3XHhJx$+vO$p$Gd7b|zi6KI3XanVsh9tTwmqD`}64(`7GS6)1+MNjA%gf3rI03=jWRG{>wgx^f70! zL$#r0b*lsCe}W7NwX>`D{uig>plZB3fi=&+{Q%7iJh7>M>SYD5xVHsRuQTwUKLOPB zvZeDHh$DPPmb!(BphZ8N4w)M`Ifg}#qP4}0QcSBn{@zra3I!omqZ}y!`!}Q#cj3td zqMqC+)G$@3vv&min;x=|%R$M|25y{rIKT*yv<_4B%bRK$n=U!8|u zM29UmF$CwaX)NQjRwk}WBECN`%~tguIifeJ=nHydGZo6jXuik|cx%5b`Sbt9 zSz|Ij1P0ALYX117YG<~5Hed!iK&t4iwlfLI7c*j&wyAndzo5QQ^)VwST~&S;@EZ?6 zfUg7uz-RifW=6@ko$`$WFEj};_TJaeBID>jmp>Pw?Wg=Y*xF}{%0F*tK#Anc$hS`R z8=wn=T^DxJK|hgCK;Sk+4eTosy3kQRnKO?uz<1VAA(tM#imse`{%ebtmVz9x2r9CW z<8-8ga%|DPnZzFR?Wz6jiRW^(nDB)-(jizXW!EsghGv&@( zU0|ceq>_n5-@28nm-jYj$&x>Dgu4Onqysu6vW;WtS(JibIlW;GpNQk_Z!QEBz=s;^+^3pO`wMg}lw)hw zM!crG)tCBn5Fa0z4?f!RGa)KKbRgQe(U$26z-#n5j74uR+_w#zi1WOz;PF8m;DBpid+uIz5?~hAvOSS0m9F^JTx(Mwk$UmU z?%B4)y6|62lggAfsMETh;v!?8l5FoJg-y0Y5vXriIxt=NXH0MO{~<`UMABsDpf6YY zpItbgg|)snW|pI%<5Rov0;@+k9rjCH$b5H&^Wbv`!wP`JR|WULd8(K}St)*z8-S(g ze}}1}G#6MtIB{Trb3AH2pO!A109?mecEU0sY&s`(EkIb^1T4r|4T=h~9r==;0Kq(i z*&a$Zpsy6Q_g;9LL>;hc6BV$>ab}S%wuC@); zg$HVG+{X~a$&3dpAY~V#H>W+Vi5v9gM+kLc6$1<7jg2;kF>B2<9;0j*sEy?_TeaO# za7@!cr7d1EB;WU&Xl}UB?k;`c{a%qD_4D*J1#n)rfQ+Lc-p>E42|K2k+*P8#JTe1^ zer*+&;aka1tp}v9Yb7flt*vqMW!Bol=T1N&aJ&RjTHO&rO=GRVWQ;eSy_BQumeOui zo`f(Sc4yu4BS`@`_*xtjH3fty3p6u}#$CiGzo5dPB-o0ODZ~JN_V*1JovI$bI6Ccd z5-tRo_!$}xCG&GW`=3CqVT!o`6!QX1AdgK*V8HpCGM z!(Nq5xNTp8Kx;#9u><%};gCE)%W*e<6qognKo2tkTRYoC=YxEhDSy$9=F536UalAo z9giXb?hY>D; znw8%|Bv{X}Ic${LsZLmN8>M!sp_pO47xt0_K%T3!DWTf)=4%$d3W!tGulK6T7w8=z zi--hoVi&6vni&w*4;4A=y)UCzGJyGm85@RB`_WNpkmXu6?jPW$wc3 zpmas2cK3W5-8qN3dG85>7u?zS?M>Np?aOE>|IMG%GD@^;C`Pi`684NKj77JJ-?vT# zc`0FiBAQ5G{`B6&TLDd~Gx|0R`j2vNWJ3_-)&bTh zh?O(ZpI>;7KpY{I9^ncY8p1BkCLHmtFu8rI0=qF0FMK2h>PSz~g~A}V>=w&gfD3%e z5K%Yyg(iViXR? zzIz5RRTS4e8~jOYFq+pwUeH8*0)oW|0X*^MLX+AJ{1#1@qP@BgfE5FmT*MB2%{%mR zC@dnigpU8{rCvk-f_4%9_%P0%f=k1d2MZL`E2s}|`(yy(-d!De2U!RqF|eP8nE&o$ z8!^y1M31B!i0)ng)^{KHfkwSHSTc%C|0U)o6w6@mu?)cP(`rh&LyI$o2;I`!iruE$ zGH{Ipyo!gtL96L<;8A$3)tzS21@U245P`>OsQz=3f89Simc|0LVZ*&NIO;u8#IW$_ zZuGI!uk{650ZJ^EMy*t70fH)i8+Et_-vCI%<-dfnpB}gh< z-thAPp0&Nxs)9QIyeBKLNAujBsI}qb^>p$|8}G%gp!W&vV*Ljld+umjkHn{uq6tcz z3g2~4ZduILR^g~VAlE`31aV8}{HgBvzYuT%ssCIE!klwc)#HQy`$yLEBE*(WG6MBG zQHu;Y3etI*vrmf-GvdBYsR;D?_r^=W?BvfpPHR^$=gHZ+&q83Mrm>-5;MW@rofV1O zbR)6nbwT~&xw8y#6mKt=J9lsdpTeW{YzM16PD>NY?Xx<3#~UturqM<(5{KyB^8BxA zroq0Pz&1nC%YnSh*D2rA@kE-1E>8w{{*_*n1b&W0edaByjFRLL|G-*yJP%*h#gyQW zpTPLPsLOyGV^jd*DY~j2`8VaokZKq$FbVwDBet}x$K>S1zp0P7A<%5c(Xc;|9w-gY zjM&5|Xe5xsiq7==(f{O_aFLllMVH4Hop4CNKDMibdOdhj3S^~~90df*g@0>cLZbLN zD4QI8ye{l0XMvx+vc*x5Wl^PoY*Qv(rv5#2O(>`J7~J%^9f=w{^WAApu7V!u#zmw) zus4|Khe?XOY=?ga-jBB3#gPElzkeqrVLysWM%xP>VrANJSc9b=wj;M}f%**M3Hzy^ z)18ul?99kl4}Ay9Qc5-@7aJRBq4uKJPQCJdEaot}Ad-Yi z(;PKeUmR0;;0R3LWuU}5L(*L66{tfLUD@CJ04)1t87|_tJ2%wkrH|Y-UipDD$uuba z5Px~D^d;Pb3#6kmfwSE=fvb8845;YL6Uz^!=T%RR4Lva7m7sA<9)r*F<30S``;Znm z>K;JW%S=F$cGiq3F@Lqx0?wDGV9|N&w=;%EAh1g@U^YMW52?ZfFX!RYj;^cQ`cYgN zx$dI|a^p|BG`jkLV-ql*2gd255f_TBN{ax<{rM$w={TUp5IQWpSVF;I^`&9UL*{o% zrZgsEInU_ZuV_Q3a-D5&mMGtABkd1nD`TK#oPd~E<(}O5OH5qWBM#6tSj!ADFjY_i zsgo74`h!-S?60II$v#U11(CBCII`r<9}1ouxTzJjW&H8s$>#}(7zVa15a-`5PqeJo zbIV#i{sbN6*V>@c1)s-9N(mkdN*k&6s?{CjTxYAl{snZ#OG>gTHZ-Z_q? zMEc2w0m^22#H;M)_F}F1*n#NX)pKgA{imk^FP8?kVOQpGTo?vW7zQUA7xQ}=tAAziDWlxe|RNF3AD7teZ~aiYcYi5l|qa~Y+!fapAP`({z)N_ zAYl2K&_b6O2_zT<1qr8Pi^%R<@MfTOl>EQWChaIq_r0@nIe~9WNQcD5@aa?>WGoT^ z*Yc?OmZ$V5_HlynQuNU?@ENe$4m8n^NZx+9`O+hmhoK{Fx>}rSPJ^qjd<0bf-kA%= zg{;w}=`=F?C zd8xESng>Rv7*7!SufoYjz^g6~WGai&(zq%NaMx7?S2N(4DKWIO^*e@4{<}VD3G_8TA~ZLLL0S;2 zE=f8f0xIe!d2&Dgsi>Q^A?mr zpgFyRoo||GDoT_Gs=M5#J@E!S?}ZTGkkX?YEuqy5g~GdYo>%6R zX^XGZr2>bQ!Yl!fhV@oPAN%~JBPT(qGX5AhTSdD8MhIqxf)7;Sv3x_KkEmWVilPm> z`Ndx_O>BSY`67OjQ;M2l9tWxfD=kp;xqI^R*dY**y(i~WX*alx$J|^*(8+g6@1Cc; zri=&ZEJnnLheiRqdT3DqCHW2?nGa;ZyZobIATmo* zAFkr7`j~4JvYBfr35ayhgSY9H8t&Ha;gb-Wj&kKkQ&ymnWt~$@&U7x;N{Y%MF2a84{ zOH6wA$+jQLUezC953usVqUo2nDQ(m)C#3nzz1hql0u>@gl4w$g8DefWF)rYrI5us*ns-0ZMyg|B_~DxXli|S< z2@3ibdp`OV?2YfV&xLSTC2IYtkzvM=8#-9zg&Xd-xX}XX%{s3a9J_ge1pS0*=7)zM zH{M5J4*raOpPGQ^n9+Uv`P(;#s2&r!uhfxn%c^lLZl<*!VbPi01-986m$P2a>=tdu z6M7RIbs$=Hd4L?o=fQWRcnFV-CotUzw^a&2Tj-$&)2(2=WHZW!?bWRdj$e>w366KJ zZX_Bs&b)fy`@B^S6(GpqMTU~cw`bXIM*RY93|tG1s#7Z5$b&3t3oSq0sETD1alKws zE;(g=kR-&4u2U3nP6miNAj)1#NdSZ>+&)i z#|_qCwJWQd;|Yir&Cfl-wqn(2qVaN%@2@lB8?!GrMS1w+9O>4+&u!1J+`N39!F{(e zekP{y!o!HogKQiEYwJ3fa^eZ}x5iVa_iMB+I@$0H)oTxdG?ci`2tQ6!rrq6k_G7@| zkpeFb|8eHxCo#s0h>B*5iUJQGHEjH9LUfS;=juK#b85Lvw5hI8h9kDNVS`e?6@8V^ z8%EsGgl8eFKc7=9T!AbIuC90UbNmYHy|cPSnC*`EqepO<4)Beuoq7K_i<@w`JSN)KY0T!17R)Vc*>~(cXz$M?1ypd#(vR$E>eh zm$*2!M;>Pwq~zM?>~%lOtnp2q&sRTl#V_qm&po;1F%WM%GYL+bDgAM(pvQ&_DXJHLR%hu~fKiDBwN5PlvcSN4_w|$Fc&C|T z;GlMVA2YES9P2s*OfvOB&QS~1+BpToem7cyiWDT4*6pbC*pIk>o7g(A?(U!FbC>B# zceW!*d+_>w-~yHpfMDL*U>}t`lm6u-`Z>mnuZfIi>YkI2+*dUX+4prfbzle-95-fL zc$Mla&M?@Oy>R2atF7Be%eS>1-<`=~bHNcd z(IUW{O>PZ+Uo4$%8;+rAQvmL82(&AdC*{!rWs+p!WixJ^Fk4_T7G zy(r5S%=gONT^v_3wSLE31j5`IGW5{uUBZOxl=xep)pBJN=jLW2x|l^<7R~KF(yHxlHPzm0NL4J5`_~tOzQT(u?#)me zmlN%+!$03`fGC!5_dpp4490;#G4jSB^|@bf+FegcK+L51SaS1_3B4tEF9{HEKelVN z!wDhQteZ7j>x?X)#vo<4*LtJxa31`zzkXgHu_L@oEpJ?SWfkDJO2+QqJWzSsRC{0z z<4GtB&Eol6=~x1LwC~Baz?H{~oj;xjf>-PC$_XIRBO(-P?Bd~|vi9%?Mq)K0&Mf|f zZ#z)S$JW}z3I%>c>n5XXg{&cStpnCySDWaRR7NTRjfh$Jnyeh19o@=!V zum`tZxXJ(ewCDu}cGwg)NJ|biI;J@f%3%}~koHg`lOYb@d59po=lv(|jGno4D%KGi z`iJ0&6#;my-}~B~>%UI)T%B;@p)Ozewi8`hsNG5~nSP9cRA2%bqk5{U=bVs;38#aZ z{4Y+&#nTm6(i^r$_B~Tsc$6X@2}}S(>Ic~)6}xT>>LfsaaGl!uHjfBtX2tJc0bW;M z0;Ded{6%i}>pt8U8AVqbGD&^dNgyn{X@i|dHTEwk|6VQSv~de>Y+X=3@{=;dSlU(< z)3TSM)*|}QzGQjXY*=X`fq)*lxET+^O!~7oIF#xm7m{iSw~-F4o0G6J7kxn8t(F?P z@HBjSR3`kvFN8t<(ol>hs5<$ck`kzSb4)Pu9w9BIxLXZ`eJSXa9TAHtM7T!L((H9r zR4X}>|0~O9|A`qKas9?>)V0{C#;=0H-{#J@U(B42`t^l$7FBgUKTv4kuKR=LWx# z;g%Nb{=|=1v+~IVK^yrz0&yL~GoK@9=SRUQ+5ufB*>k)#6G!F;A4{YMxk=-!6FaNI zi6n+67iHyBL4e6V7w-h>aK^ci7|ui2dspcrj&w<`53u=K7dSQ{qNY>7Oq`5-&W(C{ zw10CxPg7%3Wc=7flGsaOc2u+hv84;KWZ=axRYag}tvSTg*pA|2oqK{0V%&jq>KmKr z3g%+Xo5*D?wfrYz#k>c=oidJ!_Kgv9gj!1GX2#Bh_VMgKcnfZ}ZfDTaaB=3avjz@( zyS=*OXY}{lFFgqXX)is+hH;CcYRhx!nF)ovIs4}#oQ+x|-e^@`2_voAaDPqh1eo@*Y)j1j{KhzSdCr%&nq)Df@d^D~rRFvUg?O#fM_8u)5In0=q9y zS*pM6T}=NDDP((o)wJaIw~%2)6q&M&T{;)>dujhm48QKcoMQJqxvkglQt|<)9x|aY zreg&4>5>p@i+YmhuN@L7xaex-m(j5P`5}S2t1^iM0I->sh4{TRSl>F;N=9vehhFwh zMLIT(?I$A4F-i^<+h_QVEFg9uiz>QzFpbX!45SBG|X?WK4fF6uR&6S^^%)Y`TkVN?}RIYGM#^rB_AZ_!eckeIh7~>3o<`3bQ zM;dOTnU`~``AndFdtHTBwvEsX_AY+OXQD6P-rIh=uh*$)`MX&Ql>BQuaS9wra}2kr z4%z_7VQ)Xy0FYjzobLYAeU%g!pr4L~t;c}DNQ>Ej*w3MA43Kg%8f(0DzhBrwog=`w%_G0mSf-AybC_&s9ElC>D$Cb@zKalvrCW5_ILaIHX~hU^t8Xk zq}eBZ=ifJqN){UpKCmi3FI#gJvdbV9kNK-sC(eowH6!}Qg2)BYDz9-Z%BbD>6y7JM#pv5rpX z|M&tj(g?&5s5B9K>xs81C#ZK`Z$3B=uP6vB7GqfbG}e3#;r^yykzv@&kg+d@P1IRNdEX2vw3ep|{G2i8sZvTL>DyB<7 zqnUTCKp%{E8wbBHR{FrLvm%Nw>|P}~lFnI?r$Dq41<}f*YKYPFY#VuGv*qg{v~=Io zR4%ViMpmJ6>}ye8X0U$QFF&;Bh-^l02iT1C--i2DU0~*gQO1Q+-nt7feATWXeN}%_ z*dSDzZ@eo>BxTbwcjJPHrC|0*6Dv%@(d&c~)@UK?4g-$0AcG2uP)f9?1kVKIS78|S z(OK?70<~;)()~E)B~V`K=LdmN)Uh95v!7M}I&aCHDHKMWA@EgZq^Ot0GoaTB26vU^$>a zn{~b%i##_PK$pNn=qptmdZo*SnlJj^_(BS#@b5*h=Q!&44P+>bKzrB=@YGilD{aKr zpQJGtda9EU@%!qT!dW|#Dw#}UUv7FU8@?MjFjF4=dsi%eeR*HL?{#SVgy0~r@7Vcp zyf|flMSW!T;TY4{!#UhQs;6w^If0W8_(tSM;wcmWo2lNgidI>oI{wj&f%kP`g^)E? zM9kiO?j*#QFWLeZ*5LOZI3Lk@>fxWJ`Q}VNsD?28n7;vsnL=Qs4omy|hm2-JMaMaF z3lL$u3pqA}Bk66hYOb1Z-$X9U>c_B6aMIYVxo3z%*ffFF8o6ZK?Cky9Zz>F!#*{buCSN*uuhDM?C`xL zW`TwMdLnS)$OL4{(KYVOGqZsPX`V1IP29oTNNOqnw%EZsh#R| zdC!g=^p=uOVl3;(y##3bBufAJu>@yLv^1-3iPOqf5-7iHF@-x_26)-E@n`$NQ`qJ9 zV}4vmIguFz>YEl}pS>fJ&%;l@>9w_J$O~3`Nep^|P>mfr(Q!1Y=KGg9E>%B9+V8L9m4l%7gVP`$sge6YWKRQRvR)VDM1DFl9f8HAY+=E2Bs zj-4;RI^8Naca46BDj{}HV~ww3$|Rt(jQYp&?$3r{Q6N9DD=yg4oYctMXRc(Rfop2L z%0$AYLzLUK@A1QV@<_PLc&OH!1VnoXhGTDjTz>3@`Jq1hkF{2P)N(G|tHR8NjmO62 z-!+Sk)1tOP^4iRsfOzovLnVb*Scp~0n{mScYka28_)|0e^b-4Q`cuKy=+nnRA|&(u zx$imT^2{QWYsjP`OlNpqh9~dra^odBTylJKl=xmR{^9a~!%)v`}T9yV3>LV{-#6+KX zsXoH{5)jP9m&lEiSUfYF^GM%$@#iUrq^_jm*vgiUr1UTXhBvR^-BC>gqH3tQ90S7? z2dQ9w+sutOqqYaj*LM$-@jyqTj923UY2NN?4m@3sbJ9cJR^4S}6@b4FU))s1(~up?47# zm{*W^JHi*Gg^1&~Ox&%han;7td`Epor9hb|1C*v71@L+Fh1Pu^xYs5NQ7B79B&JAn zUlY!3G|DrQ31QndRiROwcF?sY9Q4bmpivjAhA~EJ+pdkAn_x}-8o2MgKwsI|&?Nz8 zR>GD8CkN7K(^ls$Mpa)11!zmqZ>#pJOZmaMGP?j!GnLeg6~3}_3KX@(crOH<`rwTy zC4o6JYs^7fOW?g}_jm&+7IlwXJ_!+>cpg|ASViw5I?tTO7q#jp27`$r)zFLb!VGsY zG#LW-yCD8Okn+JO*k!>rQs=1c)6%68m+R-6F z^^nYJufY=)j%^va<6k>&Ot-LU_aC)Z;-t0XO_LaedU-)XZ6o2HPRI(ApC(8jL(lz{ z^%B(X`$ZbHUmGG2o(vBQOl9XPMkE2(5@nQtaO3*9JCa$?<)~vm-V?)_aF;@>{)2vR zO9zbam%0Ni$^5EjKL*R>L1*Ag(_2agYxBcmZv;d0f)+;3UYY5+E3e`;ka_C9A+2cU z0y+`5wvrDhR|#P`yFp)sM{faXeysK!twgOImZSx$)1WWq%Ga#(K7E52iy|*lFci*x zx;c?Pnj5vl@e)H*z|^4nYenmI(mX}$TaVi2!voE)xy*>`{jt~*YvaYn{kJ!C8nXkk zfxq59ct~jvOci#5!;=7wmS#hp+Ms6U@$unxs`N(b%P%r|SDE`F&~&u!O8NTV89QsA zeSdztpGqr?Iyc8M{seL~1~p5BA{ulks@>9zd{MXav$N8rljq5)`&Vrag60kL0pFSl zdhh4ps)?pegM&Fkh{790S!68tPWRy&k!P#-Tu2v{Xg-~Nc4F>46r3~AKSuJD%bp1E zH?&ejbt+`NJ_e054z2iyauqeb|Ph!z>Q^xlm4Jo2nvrkX+43gLK;$_OSFGq z3@OUG18TTgpmcZq!HJvBi=(f8(k3cFna~;3p*_7JortNc%V1dX`|026i#2-Nxmr=L z&pfu!p^XRarv`!F7>~AVy4BDB4isPq44z97rb-^iy?!Vy@CBZ!qczw8F5InKqgB#PUH> zJ08i6idbKi0}XkvY$F${59}8BfN@7UywaXDUR+^-YeFC9b*+NHOPOyx{p()t3x%wV z1Om~^0;2@ik)jA}tV?B$P1@xbl*C82eyEiMMYH-n55?_*QLY%J)T*H%p&Vz6H4}@O z36flsNKpc9x^OyKxjPLMyKS$6YBLyAIx|Qj(J{PRYTSQj#bAh~p#95@X5bqmQ&cuy z7=aT^CK&rP?uP7!gBo>}rWgO_XhEjzdX=E{=LSSiJPPaQ#+V3PP7uAyaO{ zq3_6k&7SDx#LY6vjdH9wq_Erap-EmsYTduPMP5B+s_F))Z>f7!%9#V7H+G}58T@=7 zar=t{<Nv854s;zqd&249unanvzz@*Zh=9gTBpfvIoDzX5GNP|hbG@FO zDuy{*5Y?MIB=2I4Zzc3!Lvv!pDZvw#(E|-Jl|o)8L zbje*&a2rebow3(On7-ThBE^zRA34vG`p+Yms{qxm;&9!HDvbI#P}aD2?Eb-@kz&ET zJNDLf=9uB#$(sl0U4-l=I{ZO^ZZ*WPH$mji8^nP5sR3%-gyA=%YcS>1g3&ilw~Q(o zehh`o_St-6(|#2&owWIZFyr9OJYdnIyGv0ZbaR&hilL(Rhc_R*7c*^5K|;+$8d--eNwoDw`Zo?x^Xl^$RT<(L_d z_F5q@S$8j5QXl>4+Tqv6%k@0p3F+?yccbJ^>aX>|-N|8S@%oU=7P`zZLg(nAS18 zx4UfudXT;*O5U-!p+q=NJ=8OK5!SKDTh^t~7oHq36K=ipDO72)so~Z`7_{WlEz1wH z4HH0ScH!k$Lb;iI<~|q=_zp?Qn+r%xciv3@uI$=*!(3bb#+_(=nJjtPYmIw$^sLcm z4!`_S~|c08|9sk%?pHoFZaYx{g@N@lozk2-0EnC-Ufy|JD+6Q%yOSdNkFU zwIBSLCMRkc&ESDwaTYe830)YGP?$10bQ2&bg78mjZ_2vEUTVym$D@3nbR&&95`zn} zDrupj4CQ=$3id=Ti@Dyyn9->9v4E-Ts-DSYw>#m7I>WlP z_b&^|H^hrhp-N;et^g?K*%7}<*$wW_Q_Bqr0S^oCtbph=!vlja_YLbj%n^GdaMiR` z7X}qW_ncJBdIHu6W(&kW6`$*Ir+-MWFkX=A=x&kW!GFaUed|12Yf5Vre1=e9h#7*) z(sen2rzM0i-}Wv_0Ol-V(9-?E``#}iq5SuwX{CuL6Aq6YTgh7MqY^Je7i7=B*poZ` zMqA{8$<5v^O$OGR+5^66=k8pQnc8}VYDjB*>6;zGTfNLAl+wZgw|7jgN-Xd81YUfI zead77C0~c}tzWfzxGq+|7~{d(9mrR8|{FLkfFn-Uz`;ZSsba&JN-}-&k zhY2vBpskXS`~HPl_)fkRwvjHB;mTOgcOzv`?W`?uidxHI*;7^A$jg5XR$z87Q$F_efA>1OUK}N z=gzINVgr(NIrdxMm4yD{s28@qRq6f5=7Q8-*_`d@s6jj#I@qwtc`;!nt`->XkEcA( zK%TV6Q7gv>H;|&d+ge#VRU>%dk9Zv%Q(FQ+X9%FH633>Y3a3@WWNoxUu`=SG(H)KOs>9dT8HehZ7VcEA(_@gAw-;V+ z(G{|2hp`~kKHOkO-H8ZE>VIq}_p#Ua)!vC}W+GvErdF8Akq=|mB&TZoU1;9-tA&YbOP~YC4BR3ZV?+h`a26 z3eCkl$&E#c)~Co%E1Ye2n|@mS%u?8qK$@@vlZuau&E*^3it(^C6o|ppE+?-@@E>X# zdma3-<_I>C)A$h8L8E?4v%uk-ZT;T5)IfFOkyK~4{^2$(vKp(fx7S_?VTDmX-*|zUe@Fr{7US7`J2MCa#jk3S!x7=L+4EBQU0kv%1{5spD*F7o05PH+4z+X{5z(9)18~|3jHC(QC_8*EMxppeG)OK|jR0 zEpZNPr>Wu=Lb+UEjvaz~zNj`gDtLmtZWkXdy#d6k2T1zbi7+jUcTdbBw)QAAp138LmgW0ww^ zGno?c6q=gs78qQ=)_Jb=LYLfybbbYX*N~7*ebaB;$d2nuX(ibO4hHX`}?*(1lAMpC@@giYu{7mHf}m2+j)Bu_)Wqpub;O4juyZP<$3k2 zkNuB{_*iD06K8pUCMwfBuC`QrT=KS54_95(oDfB*A#_6cFt#8H(QKH&G5^IJ5sVI9 zzfNo3)WiI-k_ztp3bV>`5_Qw0?xT4afx>tiUYUApqCfK&HopG1;{1!Mu_x!yqAc?n z^JrQ0IZ>0W^4={oFV;Cxm(o_LdvuGiZ`|zuu%cX~^V>jrcn$Yk62jA+H;S+PNmI9r}xP3{<=f6yt^%% zcj8Chcf2h-#t7uv6&&avf?)>E;2yJ^*4xLUC-6y|U5pfa=lg#CuIN>CfyaWW+OUY+ zjrLTJ>BxaO<}^h~$7#dnGLCmrS*I<%kQ1l8iw-^6m+`MVT5nWOQ%ZCjdK}E38xf&| z=&{x2Y7@K?g3PycM}8|o&T^EEu~Qx6B_8hvINsohLDir(|twy0J^=OF8wbg-G;h%n;_;kP z;#Ml3S}}cwHDs;Hsm7*rzVFf^t8XYHDa+RuOE%3ou9Dl^OZ@%Y_5E`25?^2AB|%?n zhuK|VWh7>+)K>S^x;rQ9g+s@0r5TBg)M#AuKsc0k$2cFOM(1cIRl|YDm<3^v!2n-{ zPi9&BZX(m0&Non;&dl^k1>_x>qQ<>ni~wnFhY`|vwGs#~fc*CX9d6i+0O!0!z^&aS z$5_$&E6acR(-SL<$~9`{Ruwod0rPVFZHO@ZU9#ay{581joTOz7;QMYnq&%Oz1!7e# zvI5VPFtjbR)?Lqb_B$_SxyGLWqlzs9>o^4bQvp^}8rldBPw+i$0$(33nP z5q!NV3M*`ioeGIOCR;=y_v0>PXPO8r2Rx+4h4IP?hu z(DKyggVbO!faSAxW%*sR7OQ6_4<0W*Y(UP(A=3% zL?0<3RcaXM?P2yNVR(e&p(nhwoRy3XDOf&Xg9>`Ct)Y^ZUPE`h?eT*kS;h#w7L&(= zTZ%BHT3(PwPp9o52xkO^G*p)@fyRbAVW~43v^GiOl%+O)wY(hV}q={Eo0Te_o8|zOX(3Fz^eVq zHJS4UaFtKwe;0FvFy1dTg2QriZvxWEZleJZ{LyI*=~q~5Tq*`47cq0Su69~|p-CF* z=b`9ZcT)sL4z++e#jijY71W_;4Hwc$r1x}F?y(f(sDd+9jNa^H} zdSuukz$)0Jqietr!r*lL=kXAy9e-o-7-=K0=2zR*b1B$7V}`WoX(}S55vX$BR*`zg zuwBQ9w($MyMOFF zdSb<}m?6iXMhxu*Hvj%R9>o!p2nOZ?vpPZ{!oKWMyoY%I+{eOjV_tY8z2GN40E@Nz zA9Zu1o|SQ;_*857kWEnB0QTDvYxX?Xr(nh`SX(IW3}@w5O|TiX=pllf0e=biD(A2C z*Cs0q^55QmneyoCv)jy&ombagqrOsB3}BwY^$pjJu}c-}Hruf->j`ky`eV?wYj*m( zZK3o%IKbc>2`C9^19D#GUsmv4ALj3jq`v_S9`X$1<`?m7c3-d%IYLZV?7(Xvm4*uzu2kh9^wvkLJ0}wFMb>U|04uDiw-@|M7N;3pdu^!3}E~@n!z! z(Xa}64^~AAba8b^tsB!-F~H5E(6IcS1JH`yfSW%Z14b0loA>M7o{|bg{t(2%AHdwL zFVl0ju*CfIRkQ!)GB9Y<>l4V!47p1uP#a3lTHgyoaFo4>tm`@52fuvej;X7|Doo6*R;>(ZeXt_qFDJmmtd}EJj-5~{(m|Nj?=W7> z;fF3UtpE>@y-?+4`T@&2u~UKR`ZzyZkcaUZ_Gd`z;e1op6e=-w(c!yIhl`z3-k+!~ zi4WkW&ZAb8^$Y_0!co_j)szF{xBHc5!3(R{0CUQ%){^?a% zVpD;-XsyK`$d35fkK_<*INb|k85?Y(z%RP*`w2LTUYia-0v6VMd5F|NbKY2zp7!C5|Q?SYq64gPiFTmPvb@3jcRq^5B6mih-$^s`+z+B!%h4!vpsOtuKCtvx5`5;p(3qv zAi;gnL1VDy8>?{kF+VHBz7+sC*V84Pu)3-ZUu@}vnABMqZ3v-Q1Yb0IQa1jC+y%nv>3OUD z8z_ZSlV_+HIXnfD6AIz{QE52OB;SYa~d1 z0xEI|KyrP5i6IBW1%>_dVG6_m^>RU>^}Uk14L+dOa}~RNV>SqBA<{)(js*AR*-s!d zvj(nzj0f}J*dzea`#G__?(xmlh0o8sT7LfDUYsSjl}=KsmQjaHxJXgc!gYV$b<^>cd=s6BkZ2 z@Z@v3w$tJ)j)fwBfkM|<&@0Yz$T$Il4m|LA6PRz1z+EG|%wPNs|ITb_6=3#b>Dv+k z)}pgq;LLhXgmSpXpxx)1f%m~#JG>PwE=2nR4ZIr6fDL6T@WFaMr62T^?b8XU@8NoP zf-uNW$=bQ$3LMr?3a%M|KFGIRO!NKFLTI4lYZ!Bk;E=Nm zfKH0ewiX|~?7_MTj20P*mJs>=Ik11Njvx+tr(`_EQOxK2r!r0-zCUNZUCIQ{fm3iNgqTKz?9Yn4wFt%+l!f}jOyaJ|8afsO+ppbH1kHuvzb9XDM*$mOfG3}; zdsAKqJo!U{6a;G!=w?$_Vg-Twu3)esx?z5|>AWO@OdUtUs*_|u)X|a_^AOsC0k25bh(fYe9+ z(;E6M5G>$QPAt+0nB3KNUPA?MgZ-zCPsaT5CN2UJWvE;4@%-pRh&q~Q27%Xf@%wJ! z!_O&Ksyi;H8_MQrSr{%(+6)VLZDz<2ZIFBIYSD}zgh{ge&z{aj;uT_NC$FPRtVH9t zlaX#)dgjjI?E$4r}w3f27<1Go%FprkZPHTLNSe14t3PAd(qZp9L?>C?l3KnBJa09zJK{ATC!fL;UKbF!HTi{u7K2$-lY*CnZ{uIbL{*my?H&gIdpY_ zU9aYe*!Qsk;CT~9StesB2&;D&I)8Vuz9RHrLa_Gay_hI5>3y%8tNf-0xdRD?EK^JV z0%saq3$q>#sfSjuVKSl8-HA5}FD^o|Srcj(l%O zz8=Pe<~|<}Jh?ZN1b)+G3*7RA!Eik!HA=`_Ll9PYA&^J+ba349zYm+)>^ly`8Yh%Z zq*hXm6cmtN-*B5nX7Qk!n2FeMVV%V- z8+CErJ|L?Je%oBCF=p2?H!9^LhyW=MX|G&E8MhSvU#tiq`|F}Q6_#5NIPdkQlqk)Q z+#VK&>rYKw1_5Kg&OzJGSdA3Bt}MqC;{spIrHQI5JQKhTVzGEV>n8Xa~4ojB38IO)SDaReV9Er?1fhjBk>HY#@8SjutYF62#x#e z#$tc<*I(?fo@O)K#XbA)S3jNLoS)EPfAx`Ij06;0euhM+p1wuT6%!Th>Fxg^r7J~_ zlUlfwqhzgC9fqi#AeKsieJNUdos&;q{;@}FJ0WieadBEj) zBq;yCDyCCQhXg#BnFiflx)yi5|IC&92ox?llh;pxTojX?9Sd|{kYnA=b& zoC0?w&m!0zY8n)VC_xIn6Ayb=2)G)JJN$*GV1HQ*j)S!J-@(z_?Dq)5ve1Mkk}E3^ z&gUzRexIfQzjN+Z=4!r679{vRup5%0Re|`D<5>nzozL?66sD=YvkW-eW8q~9D8#Xc zEvcFZhp0Q^#T(PmS7QoIRtG%v_Ko(g6UFp8{dZ$DZ?ncoe#M5LDT=GP?51w|19Hl$FEMK3*jtHWyDj+nDdwqa?Lr=i@ z1^1ukZ7@|AI?Va}8{9Y0Y7eV}zB1yE5mSOW&Q8Z?k+BENef!Q8mXgY)gn5P+ zcT3bVI8ZmBcfc>Z|Fp7Rg61I1KmZLv*b76+ij~L*zIqLX5sn|Xj*0IQaCI*Lju4iz zQEsW(=YyR!t|!_*J^q`uZFoOE4)#>$q^2g~KqZ}a5b%scwbcmx*N`H(^RSMXUO=rv zg4C~-CeIfSr?b@9ZxVX2{8-W|Sks>l1o3Y-KzWnON3q7}WY=W6tzzY`1Lt&&XK;s~ zUo?7?c&WnZnKS~rS1hX);o5^C&kN}O+Z2r+taj-F;7fZbmyfcz=T`=12Abr^vvB%T zQ18yUQXB}vt1`E9OiJdDNdu{QzJB5m4AG1f~;F%+mJP=g&=i6K3twGwa1-qsI8w&wTDc`Tj4HF3SQ?~1TMD- zJGkP; zF1eRF$dpUVX|hGqVEVgL{>ZfzIm&PYNa#p=;Bb&XJArR$7@oc)ZWsi-?ZBlz{|Rl7 zeQBdUHvTF9fOQ9Q|o28CXl%0@VMzRCXRvhP?*E@_JHUB1lx@?dn+x{Lb+SGJ%c2WkQ&Ez}Nkp zt=p2T3m_U3FR!Durkg_=zikHz)T%yDK~_?G1P9auPjsv|%la55I2S_11f zllAXTnYVrl_7LMK{fu;cnZFl8V)lqKoDMQRNd);A)aDO3n#v&|h9{LhVQ9Y~kmDvs z30js{#hb{7;eqWs=0KQ_ty(33V#-%)FJK2KehhqB2oARaYpoj?mVug$+lUt~f)v>E9tp3L9=hFg^slQY%N2cF)UaE|nQJ6o+a&bW+0l^gp0z4br8XSnA{38^A5`kyheD*6@2Z@^vhY1R%W{u^mpNX_uD4u!G>K7;jt~ z!RxZ*%xU$WyCt-^3wNXry1dA@3Mt{!VGqr_Os$!Y5$ea4=0iL`h>6;DkUYK<;okJZ z>47Crn3ln-8V11b~2TFJ_5^o9owaE>DQgFm$PgqB(=mZ zpD(H3NdOlj0RraRVYSTSOmyf|4O9=G_r^lHlS09~gy{Ro5>&wjk9 z=f|@J+_&mGgi;yUX!E;-2?#FpCjh7;ng0Vf{#fSBwBp&T6opnisV{nY>eWM8tgH4D zb}g~4t7(^7{~NN@NPe~_+}q3Ph=Z$i=Xk5|Z`0bl$kC96yhQCgUL^jFi1Us@jDpf+q{kpmeio1Z zt1ES0-ZmoqOhFz#q4VmLVV{K!&U(eR586>H{&5bkv`t^F4YNgaBmz%S?s_8YDGz^I z7*SZ_ZvpJlsb5w4eqQuAWgKtzoE|Lr>|5ts5>#d9D=g2k3oe=;oc`IMG)vX28RUsy zqJahYQ-?q-fu$o5+s%UI)rE^umBX7yO!GZAHy(U?pfN*f?il*2?F=~+k$B$GQ#E7E zExQ7Bfha?R8IrJ;ZYL|?T6m|LPNwx?jiwyKuiOIYNgwqY5f_#>oFzX260O_LwDcm^ z5NJiyDFSR>t&0ZoZ_9&i`V<{0ZMkVHTgae1H3#r00DhmF=~&k zD;N5Thhhz(ME<>4s#Y@7VQRqrjt9#EOzqtO_o0qn@GpV+JfiIZF-B}7D8qa`~d?%)e`S-_Xa^b3vWQd z$^*Vue6+~xP#6Ol@RkI&@7IA->t}4?9*2c}Jixp4akIbQYqgEWmCR{D?W*nTJ=QA} zyw27QX2Xl5UTf5>+%QH{k4YQ8pN%K8zKmXnpd9p|FEW}*vUk2ENWA3VgVxpq0J(SB zMi)#3f3Ov(hIs$Wvvu+f031ciTmp~8&F{G&JTt(CP*|W8K=hlwHD;KKdB96gP-F4F z_5Fr~{kY~*7WVNGd9kd1?K|)!WCMK7zWW8{ErHr>+BGxQ$4^@`Wt=TQZ~UqTCk|}$D_UIxO%4H8dK@+GSh~B<$B&@D z$gE)n|HoH=y!IvPq4^J~TC)rX+4`?v4=!)5QVh^h+s5pt`Kc0nJz15rdfFF`4h@rj z0h0D!0K?tD`WCN$FX#hrrVU^aG8!xc_GJQiH6H?>*$<9PVe?sfAzrcF-Vu4U$?cXZ{=^x12RZEj^o$#(Mh{Kp;sc=vK5bB8Y7;nvrE?Y{DEdKk|f*5nQX)M?d^gtxdmPd zgiww+7m}g`NI0p0Alj?=_u_pD#QBB@3@(7j;(u!4Hw4Vw1I^dJeRxJ%_Ttx_uVkm7 z=r_7Zc*Np&c<-8Wy2SH5&@Tg6a3Vhf>#~P^fkaf-KN1Frebxu`HTUW1pz_1yZiVO% zCe@p`HY|>=REHw;>LLOniZ~*nI9|=8PykNclVnYO%iJPmuQwsgYG-4+W$EixW@LSyKJh9{i-SjD%Lh&!QcMEbtDphHmds>F9}eA?x=*f#D`7m3(vHEfcA^I@`py0iwbc zzpaVWep9Id)-H|;CC;kEmq8tAiBODibje6TY$T9$k zN)pt-Ly6t`v5PBZi^zXle_JX)&24OJ1)7WTL21^t(K9;p`v*`#Nv+aM+xeWe&_gdf=iq@GemN zbr@QJk7r>6@L4(fq!vO0Esul6<7_Hm${yze^?q+jJS9uD#^jLfVEgGX=!KMx=Bf}x zzYjpA^&|n*Xg!ORuI(HYV_h6ZQ zFc)P`G(U;41Lao*v>`g_y*e-P-3&c#X|57B4j!JxK;RIqa=Y@@Pt@zOd8I8xJC#z7 zZVk-j<$edF7xlPGe1!PNC&oCjh2Pk;SotyW24sLDD%mdGqwSLBJ*!iMrPF(tLvca#ouY3ROmd z?ptm?3&!+iboa2Pds-Y%i>a1}(wR0%%OOS*HyaPXMeRHrFX9Eorh3~!j0N3}V0T8q zVY+h=uYOUQLWr6sNduW=S~wN=9l-k;y94Ewut@&)?lwHSngZN@e>ptx+hNv=n8ZsE zk3H>=uHUJA+?PTn4#AKfxdAr-Z|U!riS3lKvG}Ne?Oip^YtXoKZ&n-veV>|Vo2d&iiq{UvSE8l--+nM|RmbB-) zkN2qGC8?++>9L0=3|h2na^|*Oln!k)&ra?xNh|v9+9{qJZPv|h`pwNb?Yh@YG>)5| zoLtSGJi2a5SJzH?H&{z@MvUzAE*RB`>u~Z0AULgTf~qcyPKQIXx#RzS<70YslPol7Tno zzlPLZPpVqGOJ!}O$|_>08%phZEjk62nLe0PGp-8f^DNOP%FBDnAh0HQym(gp$o4BA z%CTslat$A8PO~S+f7J-YZE99u26r`+1JlQ)=*wgMwyZdKFwQF)b`1w^qA%_pGRP7K zy=hrmy@I%SO$5N{VGX;My9^Ciw*B>tU#J9r09SmRp-WTWZJI>S-!=A$@gxFq)bZ61 z)p3K)0o5zQJm4j6g6k)pm}u6kz1RCEtq4j(XOOvf*oDvtVJ-(gE;XJsxDd(DkI?bW zukw<#{D=ZYQJv_c&BSIdSTfTsQv@dDC6cJfQUJz7?~8_nveufT)E|LH57nxed?JBZh79KhTpvu)({DZ*@fdbksFO~zszOsrpm{NY{-H>gd7LI z$X}hRj0$7)s}ouRE52IzZ}geBT=XAJ$9#zz@S&!_u38{_An zY=xtP8uF8~b3T=SEjH~W4vMv_Fi`5TbvPLO9rMmZc5P63!A}dNRNib~RIV!KSkE<_ z9^yiCE>-OJUX&zYp%REK)$TON!KNH4wZvBRj2y~4-UZy8QdEU5rCe#~6AHzNqJC@j z-1Sp=Mzc>&GeB*BC`9lK}8mAMU zKs*vDRnLt!`IBj?=quL0r(MFM=GlJ7L_*$`UpR)NHYf2a*6&IgKdhhShtE&T-OhcWLPk5@(qOE2_US$h1xjjtHYiN2I zRhbvWMcFq-?ss>0gfsvZ7fG2C#va-K{HhQ@#e0Yk$Ln6cW^XfnKh(JMxoq$8Pt^%g#0GoSalK}HZxLx8|p{lLM82?aoxpXsQ|9HT@kgL_a`0bOhoCbpsoNcK@xO zG24VRxs~}b0s2Oc0GiYg-J&wL7Id^Mf6mmHVozW;E$FDJ8*FECw9=f*ORB9iJK|8*@p zbe5bN6Gkq^6~7QRlj2?EFAl!;`R6FE%ljW-JGGl-E#yX=;a!^6q(@;cc zK->ClIumN%skQNjcXAjK*(`ojGcgxr8+a#a$ls9Vm&B@&dh+a!5rmSekZ?VQ$w5M@ zKJ#dhj}@0<0tcC-ewNKfIXzl3&q>pnzspCt`9|+dU9u-*Klu0c_6 zlDU?dB#0(pB}8flRC}y{NR8>NIl`BN1b@svNzF|u(WZ_-b_KWy5w6Q$hm@hZ(cU)iXGj7RMnjSQmH?GZRU0mMHT%q}+!mVV-6;zDGOVhg;#Eqi|d_POFD zsG>{wsUMnOwMiQ0*z>35z$v!1tUR`WUkR!jft%)*e)Ai}=54|#pEc1-0v_JO0Ml>x zChX5L@K>`DK*z1m9&o9bW> zkpD>4=>EN^TtUC}yCYUUAo^5&CV)XNBwO~!O0T4?^&F9@3|dq_W*r{suon&Us?l}! zuDO2XfBcQKPAZH`VsrCGbYssFsw*`eZSdtuL)|_^wqwXxmZ#}e{B7FsP=%l@Hqko^ z#dulJcf(&8eicICy2Vg4l2avv8$c7@I8tvG#nHv0D`{nHVLW2@#RZ9ruUw8*o5f!Z zK$0rW)83Iv)5_TVGI_zqjZx-1HdI_?(06Ru?>u$tv}X9w<0IaC+RM_#d1O&I>>Db5 z2}>I>$Q4Tybff7`ajY!!gsYV6z?`T)tICg)m7%=g7~=F>8o7cPNp$en6;)EaHS~fN zE53SO9Q_fzxW$;hT9X|dhyLB86zp;E0LQ`m`_oJ6Rj5ZiMqtxVIDSDO_Ps_#4`MyV zFq%7AX-Aib%s36L!q(O}HFViz@J(DZkUA8Df)T4Pb}sciNqAC19~$?9HjILR`LuBn z#UCW+|FQyPX(hYDDA8};4p%Sx|Wd-}LjxaZ<}8LG(NPQ$!~Gjy2KFMZ5& z>Yag2tX0C<{T&Vq0U|k^R!h8YQVtzF^bdv4gc=yJmUdWYzA^m|D4NF{>Ji>7{D|7X z*)r!xGn5F$Pb3^^9xzNlPqo)K8x38aqqkj3(O4F7O#jnJLTi03&5CGQ%PxldRm^LJ z&pvZ+x}EjAM#RQcShrIQZv^0lHwOH^Ve}9Nmw7eF(V@GM;zoKY9f0>_HlmGhsPJ^h z)EtV!EKq;U>0Z1^CJ}&_=?9@z*CiN5Fp;4VI#<6_n_oV&bc)QXvSCi-fz2d*(T#d# zr_|Evuc1M~{nRdN_IadfvV4rjM%%|$e2q|fzjxKjmcj9aV_3$a<&%J0>8)nL0YoY- z^cEMp07Dlhho(T{kR}UH74ak>E>QC0M@W=p87e_rlX(|jz0Z8C^>e6ewoKa@8n|jI8;)?)=1x`G}dL4s-yxu8(qUC)V8RS<2x3jzq<(er<~hJm!2ad z_8?or^MMzzV=X*1#5j(Ag!GzYAB0Cej@OQ`Dqyd|(L7*J& zap=Q~8>RG+970;^^Z9E61mU&qc2+mL-wPFsJeRkT%b`k~;dEK~&Z1WRC-FyYm!5y5 zv8^6VYxJ`Vr_r%gZ%L`ECa-6R-}vk!0cFbNLk#|KtYt0e?qF3C?IJj?Etc4wAkru3UNx&9DNA%36i-&A{#-0E$=@Gd#8eo1>NoEyQ3 z=E>-A*mzi&vm6}7#ge0Or?maq(&!}r`r9^c^t=+ek8T6GX_Vx9)~}C^i*cXxl;5$d zkWkI_=@`1BEBR4sSSG{A|L2F)EJmu7;NaMg4K{S>$aEw`w6J>tS^tNL5@NN^_fc2gJrsQ};d%CssQ>8i8p%uSt9|&Wic|CTRNEvNmJ4(h! zv6OBxOCfkywLbCHQo?RqIuDbzttviw*yhfPTz=Ae5}vjEA~P1((6aukj~O4|RQxUY-2dqTnNhwl zV~otkN51qPcO7Jasn5osk1DfZrn^CZgrbt`{zKKs$Bdk%7h86UO!C1Z8Sjxesloo{ zfey95QbuYXLUbsTM$GWJt=yB2B>LZGx*5+B@K{9Dc&p^Q&r>YTKEEbX@m@yfK7_)M z*Auj|8XhxuGOx?AodW%ZmXdI3yU*DkbQR-fN+L-z2kAwv_2bmG>zAt*zhUEYI(w4ffkvAfVhz{=bhzqSx{t^Bkh-13ksYSBdz zM3wAXbIE!Qo29QVH<#Q)qw2P+rfy2qf{xJ>t=9Bnul}5nC!qx8lN~h42x_IsWY%)% z^K;z>6-^SHH9v;<4$L3|GNDh*bwxC}NE2}aW6a;ECJer)MeB!xlosGlT=98I;Y0xyH6X56p+3wJq#*Q9aY@CT?3D8eucw` z7PG7j>F^>GRr;nS{A010>oQ5P?Pa&OMWZE&#@2X`BSqKtBN=H4wCMUV+3w>4$JIFb zS%tWtTgR>fO#LwP7J#xbO?)+U315M5i1gqPeqF++l0lZgbAdOuj0*pS+`7beaBZ_< zIY{&BYRr3~?9)wPZwc!55w5WTC<7twZY6d-8JsP-u zN7L!szWA@p%BYyr|HB0kNX_rRg%8$>s#Y>t1FThYxP-y9Ig#6j-&j`NyMoWzhG)OH zpNJS@x~UQc|4_ZH)*O+mjc7XsO%<*+W`ec~PEvrQ{2p*ox|w=W7VW2s5`p!LA)?*v z#W!N}hgAQhw+{b8xJB8Y<2!(M7xo0*1)%|A5 z${Z?zGO{6s^DR7lr&5=^Bfe3b?M6}P(}#fsMG!Um#hHkvdIi0|LcC3v+fHh=LT3Sx zlF^3s{B%oyQU_xDRJOmL3>x{c<)Qt#mG6y*^eSkoP|#>K>ieS`DWJuqR1>+mS1VOk z88X1GcMRGSM%`gO3W^!l%b`W%m+5*u?UOFT z9wxKN1Bv3Z3gdjPKResDwn~*N94GlO@Mssna##461Ov1iS;zFcL|0-}q;zV7q&TY5 z3t|Ww*VbQnZLbtsL8OA~J4>?{9#T8%jSE_3v8|eK-%+%AA1x7qgmCmOFzcc3bqKji zt={MqG9Tqs4OD3glCG7xI9S^^7g6@Ql~|A(zh?5~H*=`a%rE`JPgV(ghVTFKYsA*C z7fO3(rWxar=+9o{abN-$FGS}#@e@z)<%-_DS!*q3XhIZzGn+E02PZ%pwTpIh%QINV zqhMDjY6!AGj87gqVbx@ky z<6%wQ*6-tBM@5jF*($-{oQJrC-{2iJ_YI-CU`oWzSvTDAcqJklC52h0y~!Ok4dN`> zAzV?(+TTchY{_9fkek8=pLnz;yST4Co?POoZ_?nQoz>h67$ zjyj;OllfFB)G0*Tjek^YNRLNC|Kg!;;H%$>*#d_oOS<(80`#}7K6%q3JNI<(B5}ta zTjW?GsY##8wEeKk>Cr<{aOj9K)&s}dR~9$N)qZc}&mHjL&_t-p>ql;Wqc4^l8fPMR z;dASJd%Iww)X{>F6Fn{uqjnWA!;LGL8j_#u z5fCyXIZDdY{jGgYS`}dV*BK7q%cV0!v7%eo{e6+)d&#)8Zl+4a0tiZ|6r>+Q5p2Ka zIr)L;+>61A&zIR|BDIsS{f_xN@jdW>$yS)!et5u@YQ*sB``Me8!2ALA9i4S-(zDJ! zKr@KOl{xYU?`15V41W-;kw)A=j{mH|>!%}Fi3eh)1S=MD?rjleM4PFpLrN^g(jhEs zia&4W1Uq>BqDS_e!wKiZtv~(=qAZfisV88{Y#;>AAP4%~_tS`Kh*GJ z$EeFKM-LDq{sgw*K!k9x8H@VTE-oAbOf^~=6HN0{zx(i4@J8G(jx@rA+03uW8ZpRn zJYK^e4sm&m3vd68GbQAS<}M-PB8ZBn9!xZ(4L3sfSU9ywVJL+pDe)}nA&_zcYAae| zn2>r-_Ankgz6@%?arVn;*NQp5_-JZ-6_cf1hN(p1pCz<{<{FL4QjwQk#_Luvcz?0t zx&&_ST?oz=%`2-=XzrFy2funbKYiSC_@y)8+Nqki9-!!#1nR{sSOu*#ZDQYVoqeNU zhvXACLi0x2v@vxg-VYwCJ$zC4srh-SWDwr->;<`|kTp>wW+T`Ed%$4qHV^hN^qg`U z^ZOj>`i!L3dv8RTw+Lm`S*+#~y~dvpr~gGNIW2U*dIZC8R^qHOXY*i>MRrTp*~(C8 zkCWSKRQ*vGM>oW0MKqfsn$ci}rUka&?%!ES;A~!&^APSj|J?2LZdRX#O=@A(XvHF&=Z~7B)*p1wDiGaD$UykEpZ`Fvqzcc1HA4@6rV3D48OSg^ zL8+V*4|g}sSK*$=dgoJNxcZ6EH<3h<9SyLI?%Q+Q8fm0w#<=h;wZm4{UC5&{5eWBj zA>Z$J*hN#3>|^Q5J9?vH&Y0mYh6tkVjwx^>cwm!ALZSnejV=Ec$PU)?~m#Xn|a92SW#sDmcM|_Ah?Z0cB zbkR{+e>MH#jrQY;TYP%0>UH!at3h6-kK(5SGQ8A#t&e||33$A9SwjCD(Cgy4lXcUA z_)^aOebm!Oo7I)Eot)5X9=Ao0kKo#&z@+ z2nmd({$|V3OXMB0ytC4&681Izt~+I!nbqLwR5mVU9y4Cl>4S(`$p{}l&5#K*c9{iO z;ht`~j=c*0Iau~thLl5%9b!|bSIm1IfQ;?4iWx*8EOXQypUC&tWfNl}Jky}@sMbSS z_ngH(j9G&c+hx;)&*yWA;CKDg^vWJ2SxOd^C>$g)L%yf>@ao2iS!PUFtDpJ)y)b5zOKEuu7*-SL@$mB;kr~?1*rtK7b?7P^RnbT<|APj9^UXo z^E0ZFJ&y|1ZZoGgTCrp03D9=N_;2e}H!|tYdz+fGR4>jd6lT@&2CUAuOflEvlfy$& zbu7BSu~`V+-t}OlkU+do$er3gX&b!EapBCrZL$?;aV|fwO35?)=5OxAP{HKH)35UC zrTJr}_oi<6GAE9{CJLg6d+}iJ>T&k%GPL$Fv5LBRfHT+mAn3rz!hoCLyOc(+^ISl*Fmw&<8a0u z=JlS=nfjCt+>>*!a6XXW+)Zye{5|UKQ`dPkN`t4rdN%M$hLw^hl$O&O(@nsDA#uT% zA10m)oWP!>o8L zh`ZJDgsws=qF}UntBpg_Xz5|2U^NR#C|dy0ow}KhXvNv}6!e&>gyWlAHxoF*LHf%9ictR)aSzQFLxq<8=G3ScM8dUbzuHiq5nsX z-moFx@vizGwok(ps>$sMB%duJtjiY%Z0dI((tCC;9f#(pR;@k!cc!J?ID2h|`}o_3 z>DX@%Nf$3SySRqh%gz10I#I({-al&xy=$eeE8^bFOK|+Y_e$Dhx@m#&J`ow$oV#fF z;xUQF!jVLwG;WNakJ zpC{8i(oHG)KLfWh7S8w5Vz^hL<`$`O&AbKZP3eGl*9F0{_}Yh8ZD_m%^Ab?a6z1^z ze)s?E0o>pOa=?_V8=;DQ8dviFvGvwrQFU+B@XQbc%n$+&ARr(q9ZDkuNH;1SLn9!K zGz_UCB_${&AfO^0(nF_|NJ@9NG<;{C-}AiJ_g>fgAOCRX?7h$4`@Yw`*1Bi6N1%G& zYkfVa|Mu+$p41VDD*65xw|LwB6^(aLsbso!;^cWhS%y$w@%I3LyV)C^oi$@|w`Rc} z&AuPF8-F}D9349HS-qMpzM4pzBv#J;HY6!g=krm27!a|sZuSck+^=0NuW9Q;x0B#y z{rRJQ3>JAlON6%YkQY6a0?O+aD=$6l@sk}^jGZ?SgsC%EKWX1i{^a0H#+ogfhI7bp ze-Oqo$=36fS`{03b63BH&De8&QUw!s>Uw;!ct^Zq8&LXlo65gh*uJA{YP3IlzWt#$ zQFC!!GsrjURwp-^$c~}p?i(CEDmm>Ci80HKR%}*VTqZPgTUVcnt(V*P-KN3k2BTE# z2F{p&_6bA!=O<7)7o?iUYik$4YOup0rk9tH8>3Z_1AJ=Y=OWH8tV&QbHvS}?Myq*G zY>nJSlfKisC7lm{ccQ7Ick>yc^Ux-w*O)FgenyiNIHk*6$az*(IrDspKIL)pv!Z3? z^M@OC<&q@bqW~yb;{CP_pVpD=`LBiVR{?+-RYYvi<>I@l0Rpe>DL}?aTO4NHCv>nJ zJI^!?V2e1Kj{E0N6fOX20F6|&Do^E8e+4>G=9%=PaY8plO+(A|2Mpxm+sU6?FdSRU zTKt`Yc~v=T$mIz1lz#UphIOuk<`dNEnfKME8N+V**bX4`q#Ff#JC1jBKKfhg0_c!& zt8Mv-euG(DlJeolAY#{La;sX6C;mPZJ=~kmo-{+QvSCNt0K4c7=9jA3`LIf!5v@MH zM}5pNBH)Xhu4l!&<`D7Rw5gP@|9&4|Wq(G$zZcAT{Ml%_-eAXF8bDPnZ%lmJxaRka zpWXYeysoN^SgChOlbm0Jxwe@eYwe=IWX@#ONBmF+?YAK>!L&uCQk#Y4EdYy>mbdBh zfPg=jA9pTHeAxnp%+B>I_FmpDsMT6IEHBiP7fY0iDcj_7@6R*POYVK}`36%Zq(4}A z*46L@i9IlZvq_j2?qO$bRz;p?J$56FORK#} z$X{}>^XMu9r_*X_j*W6tn}CLW3=Y2c7%OFkh`^6!PO{=@7&ix-sMR=I^ai>_)aJuJ3X-R zX>}vJb7=_#-34gW|AI;|cX{Z*?rI-9GMYmU^eiVffpnsWVc)~P&n-3Pk6-17<`A2o ziaY9fA5Ye4}ZSL8}I!%G-uh5Lzh_4<;aK1m-QU zYQpAYySIUtc+N@WrhM!2JcKAqdYIkA6pFel`pU9m_Hk3d^Y3(l%#EE|xpe*Fs%Y~0$_o;W7H+w3U$Zh5%Srw8>PYBW-_t~RWjj*=1ge#*Fm z_bf8@eOR~o7c-gT$Kl1|G*9qh*N2(9DGwJFXs z&$a$3SSXi$$mKKOO;9Sn^b*q7YE*NNCQiU|YxrMu|LCKbW8CIH00zK6Ob@(u=;KJs zHsQUf&`1_xiQRhlaexke;rpEa4joHHJ8WeTL+wE@zwd%_{SjAbu)r?w&%(D4$PMn? z?D8+%l&z>%9c7%CHI+ znw)+!yW$KfYFUunG^~?H7_bDgZ>PKQQNDGqF(w+vcPih{2)u9t-|}DFTJ2bxx=%`s zX^~Lpcro;?tW*1CfO^WN;CbA#P6TD|H)depbqkJ-Xb}S6H{8BAI9MRMC6aS}#u`7l z6=Kg68r9q}HOCyAJutrdCXSo%cM?03wayN!8w$)Wu z+HRe<*2(SIWl9R~AP_~26C)yx`_V1{vfb9EBdNWXo$*Ugp}LixRBHEU!4=z~%(-B9 z{D!W`S59VzwfU2kN$>TH;b_^5ADvRX{SOU9Qy{8qG5is@2+>3c9?PiUjTM`2iX_Dq z;t-Xl^Es+xT{F{E(&=p^jZKX0t`b_NUoBL-`6LuKR5?*Yw^X_UJD7ALZVD= z+KkT)1Z=@2jM}rmJISa{c$uCEz`g^jopLehQ%{Pz z7$ZN|px7~uLnxf)ClRAOn6WD*05GtTM?^p>nxpn4OBmaOAwqp`Z9CViYoY7CEU;pu zX(XkGu^XPg`PV@)N4Vo#CrZP+->^JCL7pYyy~ceA3Jt-$%4J@mIn7Q9%2Lgqg|KzG zi~zHzu&o;S=rLM7wXz;3q2B~TgbrKyvt9h=nbxskM#XMUedgE{$8gU830Lqx;XeQx zo3G|{51dtvJEzmQKaT(?8(P04$vk)unSui=4y;bSR3M)j=re}C@sH3w;_zyI4;m*rSK4%IBNQF$_1$>0=xq?7quxRLx(LCeJ7$c;nL``VP`rmf zl_zM`)Tf=~g*f8KZeHMc81jp(EBdH8-v3(lgSjL3h6Ot|byt&U0 zJ`cvT5TJMhAk>({pJ?kY2wxakT&&h>C)S}g@csHr5Xl@)36l1JV-Lcq4|n6^HwA;p zIeX|op(sH}<16-?ko|)KztPhY0`Gb7!~2do1c<1~-3Q6otqLhD+xaJs2Ts9)#f+81 z_Q8Ln^@e?Gc$GeRPhU(wEu?{Q8Cs(H8ZJs z2H4H=g-p~ zJf_uWgf-IP%7O;3kIi1UilV^cb?2;34{T_1D`R(J8&L4}i=wxd$sSrH1jsPk?#Bl* zgjr~K{GE7K@p@eUC1Oxqg%)`SmMP8_c0iYmzWLTES}G<}p?@#`=R{(eK=wQrO8a`L&r0Qjp! zYr4QTe(2|9!>@e$j2*@;V(k+3i)f;`W&nmJ`?4TQK;5=s&2I*DYq-UYl%ECiWM&GP zW)GKgbXXt;;)6@QKa&uqRn~#c*hj~>;GYrB_c;))VwbA4SlJ& zZ!jJxUHg2RvLuT(y>@9?#MQI4@XH(8)N-Pghr5`PUui8Q3ZI}ro;)QOW4xZfZD3fD!g*|%#q*nrS*>KH(*Yx+7F|9b|-5+l60Eh%wHj3 zI|hWemIY9SUR(?N%XC`&cwwXj?t|4%?Ym%7z_or&w#nuxEO@XAeli2q2f@&Uf{Qo| z{3L8Vk|+8U1veP{>PH|Ugqi>Tc=9FjbR-vu)tB-P3Z5Zi6STyoHG)ULSZ#6EYj#Z@ zd}~aP)#cum>BkOEsBF_8vi5WF3#llzh~MwcH#Yojw5HQt#}_NKJ0(Ipv=td_8luy@ zP^UC>?;%qNDFDTa$lSlQq9?a|Yx?YAj4R+0wNg|hY_qJU^Ir19hz35){zLRv;gk=x z(!YL=+`p)uw7~Q}p8fv%j4Dq{UKs_>$|}0}Xkv7_%okL%>GG$M@%emVGLT`KO_zJ{ zf6-AW|0>dYB(X{lTyHlgeOV=;GL@D8Os~vgQjl5kKhqmyncUcG?VveI(x*r;*mlcMsnYi*Pp_K%}a<*J;OS1B&t2c=A^340JfMc?;zskl< z&@G=T9tpq<1}C{0zn-g`Bnf^PP3f_#7OKFQtERrk(V-E1+R5GCwNj}yTDa=F0sNjv zb&)HJP&vWHe_VipA3pZqydIw#6}`^B6t=H+;_e? zatXA#Wh6mWYWm3P;E1PR+QVxP@t-7Q)jfEUzqRS;;7k6K=RIri*CT6Psr>0B!=$L5 z53R}@-9AvZcQbaoy0?494EfmnYJWPI3wAG6f8+%s0w<%6A&&r>s-Vkjy^ zh~Hg=nOqJnY+D`1ji&iqFN~j=nhCzA7$25lUtBhtJ=guhtcDC$nL<~M)dZ@hzvfM1 zb-@&~u&DLLrX`jbc30y`I{Y#$c-i5;t)B3|_qY2H7&VpYzp}$uQ?``Q9OC-WqwVAX zUnm=+;$N>Z@m~4jzBX>nSA3N$B5{w>egH65+3!CWb+eO6niTl4W1z7!Ay#W(1`D<2 zk{;3p&Rs9yys26<$cVibGDubj4ww(RYPxG5aHl_~)>;=!%`BAdilt}Zy7yYEGPX}7 zePK^$2(LYEbfo!wZu5eUhOR(`LZP_2Fm!m0NAIws@O!v@Zk$89{J&2&82RKB(0>TP zK~-yRbc(ub>*}`CWqdlOLJi)&hcj)-6vXs+)0u)hR6Cw{#?!uLN%bEe#iV&o zI=oYA$93Ldz*kpvtE9CBuxOA@3LN=uM=>gEV)=8sLKX62Xu2vYhi5Wr706^>3@wYs z6b}CS*w1~j-u>*=2P&oZpouTo3(5=li2s`#?@HnPa9*xz9aHs8GsjCxEUroSHNOr;h2 zRlHjLMWG$Jq=JPY~#==8bXfOh+u<~D^$b4;jm85HU|9Zl?>FVCp9R04hqCOBEx8y%M z{?heW-!|RzUcp|!SEG>RJfS8*vG4D1E!coSLu@(G1+chLs1Uy&LoBe2qX51o)vX^S#QK+I~KNyVzSE7b-bM6Hx-d7#+>)t^1t}44dsp zeXDo!3Je~tGX)kr4;)|DNbn^6dnCO5uzc2qk}>iS3&neq(OsXa<^yp%q)^Q=yVnYo z3E5|W>qu1W*q2BjjR&FxA&di#f6oI|?f@&wOJJBJH>a^T)G<aH^Z^`*B`)xQh;y)tFZw`0G%hK*;uVcxS;eNTBo}=*SiD=e}JR|H@lb| zTNn@^$v8|~4O0XZJoAT{H~yzU>O~WDEq!w+z3*JZ0|y^oc`rFlmDv3?3=4r7wG>X zziOVi^ME7xvM^9bV|*Q8kI#xme!{zdpQ)Wj&&K_`2M#_dH|nTYCXR^t+MLu+{}ezK zsUBUeYbw^j__P4Wg!;8x;18;i9AD-mxr(R(AE+pAWJ3L5G!cm-i5_qm8a}xG?GChF zXcxa;HoImOgv}fzS3l+>;d|%1Bq%x`MiKIj0z0NxwvP@|VdQk;bdAT~or#;yemYxp z;V3}(bBI6lIMfomzw6}x0K}qoKoV(JKK3Uc`V*>4n@l@8;b40B!KF{2v(0%BU?);z z)mEoG`zG&ZSAdBi8Z!$D7=KYc-Ez`+(m=rJatfhcTG_uc0umfcYI=l;1)^kq=Cng3 zf~tNFZ+`+8K`@46&*1gPb-#{7pjg~r2+Ozku8Z4c{+k{rF)Oi*Rp{+Xt;vuQ@%ePC zTHK6BQG1Si-0U;l+@kR~-|Nw9EZbdDTX5mjO=~6NG{#};4rT-6eYu~IPFjAOs4-_l z=A&|eR5y<`Av_sru$2?&%O~>(tGSB)t{oZm_pcB`t7&-i`+~$+* zTkMAIKv?qdT?3y&%uJ9Eail=9lL(0DMD zx#xoq+8C-zk$zU{fxz`>(z8cim!&^ZUrxlb$+)Op_T&b*;b7NM2}_nKKXVhi`;)8) z)i{E2Dg8H%X7AjWmZ`RZ2IB#;So8V~r$or*d)r({M+>J@j~$`H5QOWwhqzWOz#GY+!>AXQ1+o&NWrC^b=m>T zTHeVGtGB|%#lS&qAQ(S6h^SvCeihOYJl@Za{kO%W210Iqhwqj5;y`p-VdG-I>@GrJ zysxV&E(u$fSO{Kv@`I*R?=Q<@0x^k}A{OH&zU!X_G|BR2v68jfUrxn3T>9uT@bMgt z76B!M`Ao|o9Hb?zC91#!cs^*>yBpLm0j&UO*6&h6(zX9&FYK&f>D?W9DSIAskJ)9U zf=B&5Oumt4@5?L&#~Q4-wNsDBoN3Lq0_oFf6F};Z`55PWlv)xL{r&+>7R_8 zAXj<=2jf{Mnqwd%Vhq9^Kd#)uZ|lBJbaP$#`*cLIbWLmL;ix|I&RdH#Ga> z4XdqhSH`-zsqwhilD#kkJs{1VxaUR8s;Cd-U9)A+Rivw>-u$~iS==XbyQt35QHQ8ocg-|VM@B}KIm53e&9{&fInLZ7521Pl=!mSZO&)F7l%}u#VT+I%&$~l zpuk6#p~S+kq1|Im*T?S+_CE6k+}{HBuXfi0NiPRH@YP^WjJSR7hL*5#QZ5jn@ea-D z9l`8zy0y{tXz<-HOX=}xgr9NuO0i-UulBE9J%tPlk1zdnl4ahR@b4Bv+<^%F-BU?v zNho;c!D+eM=V4!n8WC!hTf@KqPGK0J zsjXb~7{y0WbAP}c@Gm8c)SxZwYa>Ywv_Ypp$tb$If!1($qn(r^DNAXiUOx2*Q6v=u zy6EPNnYn(BzepT1q1i8Erbujc6amtz&agN0d%PZ9?(Jc>*;1Q}i8-R>oGlo-Mx&w` zn{iQX-nTK~`s7eM!o3bp4$wu&S8PnLJ$Zy_YP<>nXzCYGx(D!NZxj#WqJzOpdK zf&&niD7`K9?jk9%G?!WI(}p1!tD7@tl0*|Xmo;WJB*Yx^?4e^M` zxIHSL;9nI}K!Y&2OmLtosp8V*;-vwhD|s^PzG1Zm3r5YF-^MCqhf1TP8IPKIWVRf* zy|+u5Cc-wBN?ch>GjU)Q`&gRrWNW{nBOlZ4?#3PA{7OKeMrlW*{3AWx6_v;WL1JFB zc;J5n?*i$`JKg3r8<0>GA*?cKKc+0wlw|vs#M?@c3vzX?dziN^jLZuVs@s9Q5QNMu ziWc6zBwwULR`wwlO7LdU+hhCKs#O`WcP~pKi2O8Nj(>6+n}LldpA0Se2@vt~fMCvn zhaVSH)J3yE{1^f#W7f|e@9rs^;p6ZqG#)wc8xaAUEJ#j@46(K#$(3ppL66dXG(q|{ zgwhxq!kf168Vl_|2BEZqqReiNp|!f)b|QAXBsb?F8y1o)Ayo161LK`-$mQS;RuzqE zF&vh6RCu;@@2JRd2bs$4L`;I0)*0lXfpMWxljW2VadyicX{yN}LKGsH-#B=+CKYV24$&xTu?sS+7Io_`{u_wx4gzH?vUm+PDNw{ ztITXzk!&?>&izL`ZStY$@m9U~yXoF*%iX+HQ8_Wgusa-SwNB??N|!X%>;ig?r(%C9 znh{G`o)U5Q!h(s{qdG_|GxKnpGE}Q9iqE(=qYM%cr7xYKijTlxabn_i-C-fZ@2=Ch z%#zd3zo_7^0A14P%e5iI)UTsFP+;7S<{Ih<42G?b1vkSbLe%+XDH&(zqh(HhnL%3A zV+#_|KatY&zw^jaNRUvdnL?F6UgV9OSIOPsHo^E{s`NLf)Z0j?-3V9I;2R zp=rxzj{>)A&cXSE=VO*-Y>-ru2|HX3%gIIyyLCTPOH+fMS|5JRTnOW)WYp#}DHT0Z z_fr{eG62CMC$?Tad_7s_y6SrL9vRvF%1*DDjic%jp+2aqoT|o&;0Y`xk_V)P$9QUK z23k0`G?DGP2*z713O6UkF*xZ+Ks!_9(b*`ge0`vyeqRp{P<_ustRuqYS9t>j7}ISF6tzo(1CkJ6%}giG>Y3P8l)dRvPRzvu^vkz|9ybB|WSc|laZ>qNRlaRi|< z;7JyY?cl=NWx(x^%EgaZ41F}Zgg3Zy}I`-I$ay-Izb zop%e`MWC;vzAx0Z;5;DV!ieBA?)cAtZKY z%&3BQK=CHEkeGXJXjz8W=GBsbi#IMK3JQW5OE+_b^~>$k{2?R*v3OqtG!-*ADOuC} z4P4&iQlkW9ok_*%Q&oCvgq_y9G*^PJ-2;dtUgQjAw;iYmjr-6rXC$Cw3l1O}REq&dLxF}n&}z2K=P%R>hk8*`u;zLSf_;;l`=*QjPfqVv>U zKhEH6;Z*s5ylftC#Xp)}st0+4R)S|U5^Ot9bmk}Csp2q#B*}R1Z;}2YTf}%3j#s&K zvnAIfK8SMFXtpZ-FY|{B*_Q9A0eEZq(^0WJ1G`@}594IyN7pmHG2Ge2i7~kL^R9x8gvrM9(Wh?DC zadrvD-q#B2v2?iY!!T~8js`g@G=^@I>LpJ2)}mnuz?>(eUjo3O@D# zRFtSz{1i7D@BZBYgz)5_&UIzbn$2{g=QE2{rOAU^KoXai|GdFy<%Od45&bgdUbLoi z$TALO2j!DQ^1YD^ z#~!rkRRJREHaO-nmo1B62TgSS)`A?Gh~ysmwHU5wE(iPxlo;QI(~Uaoi`R<4AfFhH z_XBTg|08Tm4`=T|DFWD4u z=^;o#-1mnN;1IZyQ7ry)=-06zyE-DdYBtm|<1=v;U7iLnaV%{Pri@ePI9hl*u>sYd zNcchd&qSa;qhmeosZ!3f$kDTP@NoyGnC@k}cVfsT^+3|O{Z+)Yh+&yVX-AcRD0;tf zU-poCGs=5bRH5D(5ogxS33{1x;B_IUpvRU>4Mwf=7+pI5CdX zu7yr4$JBt8=IA~tG2&f9BOUkz80t3*5>C6>p>9Z)z-j*n2nS6wg!xyotJprxMi&!`;%dLmDuqfPLT6DR` z57_*4hP3@9Jz0(#Do`RT|MtOApc2YzvJDgfw=i*}xY?5d~|+{v=oYHPYsTSwuHuEU|A40|ZdM(%|h zUpekw4uFfEAU@UOE_Fd(pks#rd-|zMmb)%A+7eNLB2yX^ix5ZRpd?#U-%GQuw{v22 zDT-dXqCdSlW+RO)0r?P@^wwS(n|{zJL8dS%qAwNnJ!Qwjo_Fizl6>-Q!Knalz)QXH z9OH*?3>g1thZvdrWkB`2zGcNu14VhFr9lqUSK;p>ZiDNo5bU@bMo3&oBDk;*na-5@ z?=QlI;dwp6C*KVJ-L3Yvb&ZqX(qbv|*wvyF4gt<@?Cd)OP8#l%&l5cX>0fcb{!yE> z8&~rzTPfV<^eivm@pzHbbY-4*CN${&1yj?5Qb?OWG1LSHxG#)1}zNl*X zr|qA*Pl~T;Lemw^l)wte>P)XX@moI_)8PD!M|)Vms`-~G_#3xP8O?(IMVz$Ad zGf%!M7D3D%+PMOyxVV1~gv}|haB(9g(0KFy)P!Gh$wbT}-H72vVQc#YU{3M3C4f|_ z{ToePrIe$Qr=;F;ptj;}>aTxFKsPF8y)LqV& zYwT3j|K~Z#z8Va)bXgbBE-DeO#;>7K8c(;X4a84NuGYNHw2TpB(+CdxdvJWFVbQ0Y zNc#9By}gR!Tv|DmQy(-fg0@JzVhLS8;nh^Ee#!XgdSnPHkiHh%{s)#5qbDm5{iM7> zUHOwU^ZgU^M7b%^fc1wbIit@yYy=%Y0w&@Q6 zFhtb7-7@P3DpNU zB^E%x*|9?XeFZW6#>ZzVHsn3|Qz85lEbqKp)9W9#Lr_YEqMphr#djG)weUe9M(8D< zgiQ8nHg>bvKjK?*g%V7GARIAYe_Ph=_O*|>YQ)@eTV0-VW2SyDqRb1+y3*9_>WR{q zfj)WBZ{Bs(s5p;2lHmUINH$FE!8{hfeRpTwzRThhZan*EzYp!`$T776<+7y@N=iDV zKXwfc*t>CjG&^{vo${%xivoAwy)j~F3(|e|^+|&Ee_Q~oF%2(s&0z(akKHBPv6H$2 zY>`ei9Wcl`TdX({XVJ@G^LDGG>B+oa;Svwx=liK&M;AG+Xmw4=i@Liq;%hzqNCRqO zPAjyJKbIG;%f-pU$Pt&inW`2UxqtK?(#fGGA zSDzj_hz~4ZDrc=eUkX8~4qT7Ps1xc$%7zRn6m9( zixt*B0CSTSLl|9=EpYxJk|jaDCuIAH>-P5zuE5|0KAK=kFee_j3vmv-zX%y7eCB0A z^ST`u!4a?Q2_eks0t|7mV0&)+(`RklgWw>l=V{heV-HGDDe@v49nYfPw4hu?y#{<% z!3}CPh|N3g)QZ2|o_$d-D(@rLM}2?Ou=Bp4L%fjr(Tk@6G_1Rr0#CiqmI$F~Xnrnf@1L8x)Z@}CO>%Sv+|J1g7_);kfU zMiF0%IaY&CXTc5Rw#{6xLR^6k2ajg);FC25UoK0 zUyETiEX;1-KXsFty*9w`?~IaW$Rr#_*-A2J zKL!*zjt@p@B;X9M?%2imb;mO_93&O{qx+%^r2n)RdW7Jer`P)gW|F8C+1<;;7UPDW z&}CEJHGTnRjF%xm&2_hN#C<=5nVq)aoP&K@BvDF44Wa-cwXUN&E8!vm0}({)3mjzW zuDp&Xk+=?2Nkk;J>7>ht+%FsB#g7p9D6}uyf#ObK8VJ~NZv|R>P+O`5%PmAummp@a zcp)}R!9(`&6HRZYDvKmoq;Kf>(!chre8|BTY1-SP9^~ENv;Tr)`e>3(RuQCq1w z7Z&9?(W;m}hKqPztOGszb)IvQzDZr#Q(L)m{=E~+ItN^*@6H2Kn&_^tzQb%2stkTV zUo>6&D3VtJwv2q)#iQ%*6z|d$^KRe1`FsOq@OSa=_>dixegW!8R2Og0-)_3OCLJH} zU9WZ}`juThX!&ONA4nN9CR&?{3C;yN8Pjt-+3hs(v#uX&bB*$?lZkJABf(dPWYN3a zYRt+IR7syFoIc+~TF_f(WkpSFnJ7|>$yPG=S60ja56xlT{5{Kxx$An@Dqq}>tAF?a z4oDM0RO7N~9drf#d5$dYXNl@>8+s$GZhpLZ{enx6^p)VpJANkDIPw}et9=%b1=kfv zPLxdTx0K)(z$?!j@()J=OKkS8F3pvJKR)3vF6-gco=fk@edDqg-cq0nCy>)_VTM@Q ziMILa$r3=0)70AWdCzcgXo)k1!a9b&Gf4i8f8rf8w9FVv&nVpfObsrW712HSd}(4E z4(2b7ilo#XBt&#I7V;52e!~QjoOfMa7Sa8LXLk`r<92_AXAjPNXZi7L2@#qxy(2tu zgE^Gphiw1!f|0iexqcQsVVYH7UKr&8AbPv={PHR>!QApgPR2!614`!;A?#f zLV^yvx+?iE_qjbte}q)Zyyw^dfRD(PbB$MBo&PcR%1TR(a%mXfBCtE5@tvkf1OB6l zltP9hwnG&!7Cjo>;wLu=0wfidl;7mG5*t&d7Q{8Ya$s_6m3NQRSMO$VJeHruy44bx z9{=hz^&Kq^8kaaC!U6rjRZBFdCwMO9X~ckmDHTx*`h}Ff+`%EU!6-*+mY-2ABUc)Z z`~cc>^e%*_Fd!@Is?U%H=(x$Xi!>s6s7~AY1KE7c;JbkHbgsaCmy?(u^tiBc_>{?U zk?wK5oLR8p-XNOYuDTtuqeBK8I)?~{E25r*cOe8OC~0b_L&N+JPm2P`KP{`LW3FPM^(g*62+Zn)TWezXP7~ z+L>s}hJ~g`bApDy!3z(?Ft4)d&eugsFn84KN*ekz3Noi7Yt;I3od9OT_vXN+%p+!T zvkn`couqTK3H*j~a0pTnLB7qUqKA)7JY79HCgrn*I-*>6n0(5e#LRG4up%6#U7yk-BR7XwPdTu|A zAFS+cN@KF{^hkyYrjYHI2Y`foz)i++Pm{>ULQJ8ln+|f_FYhL8u-o?cKIm= ze~AqsS>doPP#Ml$LVAEsx(6|m3tmdKJ#T@fBbX{Qf5=OhWc})uE@<++Y83ilJDySi zgd;YM?@fgY!--h5cvzpBKS(&{IQ$Uh`Y}gcyZH`;4ypKd^9KQT*@flN3@@W~`aTV5 zGWfBoZjVX7KrMp`Dg9m(Pj~QbT2YiHhZ!Oqg*rMp^;xbqVz41UMjG^#?*C9+{oTWAh&0%X23g;vab&mh-4KaI;z z=aZ=Y>2`#`WJxXf7CFEQ=TiXhvPLQt2WH*RNyv4KmoEWrFJg&K^<^PLZ#ny@S5wv6 zZ%Rpy#Apsf-4MvUqfYOm%+-1!zj|@4+)r9jymJK3h1u$kM3@$A*W4_=bQIXKz{nrQ z!YKf&;FAo4DuG$3McN|&K%;}=bRf=Jp7FLKQqJ?{xA`Yo&`SoDd*lE!0Q`Z2kQ+3D zTs^v_gpr84GxFF5?4jKh`I(^{_0Jlj64pPDVG!_;+_CN)4bAmSUyLEWGz6-_+k6+GR6g| zxQr7bj($0#!1RDl!kNIcnwI73BV^M4E&2-R$o>UeG)@lMRoZ@?>Yf&xzLp|~EQF}U z+HJhK-~<1}p}HX~A)2L0${Aoo|BnvUB)HOA^YiST`$SFrb_;^%LbuE#V;f;_`rBWP zo*T6%==2ES0V(EC{X&1j)b)FB;UQQI1#x;V;FkF8L=WW*jHMS%3WW_{`2yv#p|!Ip z>I|s?nUKpSJ!$Ih226-v)A{eAlDXy8D_y7|fgFDl<;!;*lYx&2xV4}*c#NUJAji4q zpQEBs9d%^z2ezf$3wdC~dWPTrwcTly-EQtMA!2XR>#ei72YU%x`;Ct)&;gkD$5?{b z`z{kd01O}YGvx4-%-s-hS_(XC%CQ0TZOEW%F>tGpm1vFvJ(N>~TK^n< z9LqMPTIGCUYNusIGQt#u8oRA$JVXI(tGlIgS!EtAfsDec*$9-3bU=kLP`sHww{1cd z#^LPA8l`BE_Z}HCfIyoR;~bgD;sDH~+WzzO3j^t^Dx2@B40kul811(SLooinucG=9T*leWO{P>^-6NfsZB6S?A!PQLsR;-}M z-&Pu|yahG11qp(K*U-eN=461&DeAP&6Ad+W^|sB*lFA{LFvbcW_PvS#c82$>SHnVZ zTs&%~AV}*MJ?X(bzhJ!jd!Sd3*@v7C@Dc29t7&u0-~@ z$F#%cdM!x@zjZ{RKnL|DTrlX5V^$o^9BA$dH=IZMeGu{%)lRwxg)F;1D)@t<8)i=n zB-4WIVzlO<_qvr-nwnch@eMUHMTWgfe=wPSVzR=mSg&f-ag#Y>MG>dBjI4_kH(0&L zKoqAg7^>75!>W$0Yb3;<^pNNuJ_hLLuy4)I;X zrW9|EVEkh*7_wULKl*uxcgObXi1rRoEa6JbJz@1sUz2cyJg1jEB|WvBCT|z($8ued zaA05gM-;Z;vX8X?jXA#lP<`tG={0iLj~ zf)5Pm3odw8Xph>&7nN?l@B5}_)Y|cQoo^zKR;YIU;UYEYG5b2-90@FUtp2N9NU{^& z;2u^nc-`}1#HpuLKuNRiyJCPX_u=?2O<(pi3nD&k+x$lwlhPd$CBx#pf|TdqNu#Lt zpUd+2eh&@Ye-4D3ShnUx%9K>puknkdGLLd2+GnFuN+La%0SO<xK#&X}AeJ79(_o z)~h^S$mU!j{h15k2wRTk9D6|ee~z#kNro%iG68^@N?9}}$`ZS{jBsk+{MZZRA3|Je z%+_wsWyTwS)O;(S*{D5*z`~B;PrQ#MimTOj%{#Cb{H;%gMugywpG4{}Mx*NyvXS1a zeo5jNA|s4!-d&P7u)*?00?}fG>1Y-ivhAgPKR)}K@xOfbL(x2}>j!|e zekjv-KV((PQVIA{wnHBA$m6y;O=lq*FJXnJ%N#2A&1Rca*qUeL(H_kUGTQZm!yWi_ z6>nzsf?R0aXCLl=2^r!k|8kxsWA3YF_5aN6ugc>d{o_xF#c;nC)`fi{HIaYPF~sME z1ki*8peVD2G)?yBSs3IroC;MpfK?KEE70EYaEP4JULk()ze`D|w&L#Kwj=`pG)D5O zM&>E`C-=6Hlf^!I>v8Zukoa8eACMUM0gY}EYr1j>BITni2KGq^6cR{iyqR|LXB3BZ zFtIXjHLngAKNvUN`6q?lzaU3h#G(IDrt<8uAm%1J4QiS`j#%EHd!=?)uDu`GCM&E4AWyu^QA#Xi#CUAp7_{|Xt4 zvED}_ANgZs6p%xzukHKl%ygBX+8m#q@LMO=MSo7e%drAK0}# zdbD#%IqT3X+7l;FvBA+x?bM?GbxrR7E9*U=n%cJSVG;raLJ2)6Lg+}5CW3+xnp6c; z1e6Xcigc0C6MAn7f>bMBKspFgq<1L_g7hXJH54h*zI}ZE_kMSb?~dFtxZFd|K6~%8 z_F8kzHJ9los9{9*?_HiEkiR0{5i&7&^pQs3m(fDyDm^)y)}xPru-59poOXR_Y;5^a z-r3DBM;J@E(UNYGN1XCZ|Ky`ac}k$8{5p42q{W(vi{8Q4F5Bv{pV&dns8hALg-lvO zk$Cm7nWZd~FggF?%8#PuiWiJVcN~~^Hl(i%C%Zo5i4q(z{60vyiqU2D6V|m9r9e3W zoo`ab$6E3B{BGRQ6qPcj^fg3=*|@g*RA1?0W#OSmp^rJF1k&W5budN>k?`datJ|BA z8a)Ow_-qjKn^cx_S=?XGT=NOg#|!~|JCz}=km-0edTIur;U+l45u^-40t|48iFNgOKiQLiwjsfI#d)c?U#8sppDrmLbm;p_ zD}ppk6y;X+o zV(Juu-lt)p@2Vukd3Qb63uwHggg9UR!@V|TdPo$#iAsq?l$TgK_|fanRx#$*<+Aio z&J#bU{h!YZZLV(Tm*%%f>*aK*ZiGG%RhAiL(&AXi`vkP(YYW{3Ur5Fp7E18P8P*)U z?sPT?2<^BN&tUpmr*>>%oUIgMMCTQJ5>ebth@*x2N8sBOCKxUDJB_c6^??=}>|;7l zd*IB*DWWD=q6jX~i;V6?QQY&Ft)N_zqr_h4jMueKz3QpP+{Tn_WU%jm42WNlcbPie z>W!oP3DK~d9sVjPXwDwi9jrxhYh76Y{k1T}po}LYXKOZMoN2lL^o2F@Mu{<9Q$E@z zMd5NjA#GQcU;KHNml@Ce7v{PjA@c6~S zbM>!B_aIT;kTS9@m6M5siQU#e6QExCKNTUa&5YAy?!7T&RE2e-W6`Ma63|>N6k?Ef z8l6PWLe!a8#DK$%HqCu&V>0^-lfGM++1~z^#lEtl&bG%f%&|%{gqr5lKu&~S2nzM+u_5Y zhwsQa;4&8nfDp_Kaq&>GBRwoDnuwfx06~ny8T=?nT);qLnlI*padG1gD@o|@M zCw@PhGj_|5NsIE1>1nTznL{6TjkKLdW-+aj>lbz&1W}Bq&|O@~77;)5!6Lu3Zqlq5O@*JbOp-G@fAqTY?SAE4fMu1K8I>i|^32D2bPkT=jl8v==D>qli3Wel?9IP`j*_54Ebt&{Hq56&Q%U zkA>8`Rjpu>a0k^<|3WMI6!vcVsX$)Z=9G3;QFY-U@~EcB`)6)mYJg8XwdftJq8O~L zVrQ5G-CO<7zPHHO>~u5|f?;7(@x~t?_BuhecLVP(#~N<2@?X?ba8?mAi7(X1*HP0f zeEyBRa^0-&1Eiesw?64{xQo(WtVlhX7>*~s2NuTVZC?rMUih}Y?w%MGdK=lv`h%2s zq+Szbz^7vs*224$^@0#=!#?u%Zoedmu0#H=3?yf5{iN4D)$WV@Z^ykabX}x-R~z^I z?J_WbrknQHFW)`ge)ZI7k)QVDeu?viTw1Ze1vi&}Zc_5|ZG)mb!}B5`blJJDi)Ajn zTv42^hjTa0UHuFW177dgTkAply}(8?#uyXmXXgFRd$oF1e+B|G>I~HZDAC0se?!s{ z6Q^JiS$%(=(iG*3fF-%2DINwdt$1Y|2c=l{+<2=e=*7XOqik1U+G=Q zh@)?*A|X6h=5GE-)0^pOT)=b#uG4q9r5_I;jCnBdb3W$ll$T5A|7DbldfUnIVn@m1 z`!LX!E1Byr^Y&d%uY$eWn#tF_ChTsQ#Fr~wGzHPUvk7)y_HG7FT2*hnqQomqqK9m) z;0S~DzG**2FOuPsUJ05^%CkV4C6^3iHLz)C%POgEcyOkUqZpumGw@4wakhm!98E2a zgdLuwwCryfeJj}c&&GZ;$89iFE&(m4HR4vkCCfERiBE21TzLZi2Rv=!i!r@xx z=Chn;N&1N7_Uma*VQ7D=L;EOII!>4NAF!|mxEAlg6es}qf+{k}DZ|xb7rvzWQbR^2 zs3XlM<7uBg%Ycu}h?7nMrd)Pf&t?-{_0YS%>_s>-zAoA*YeH zdMzJ+RB6id-4AjWzlZz7#-5e**hKpN0%Z^F0{68bu#P>#u`Dk`{=q*1y;?KbUE^eX ztcUzMg{*30ZhZa2^~BMbW8(a^lQ6&gBOtGN#JLUWA=;;x9v*nPe-{vXcF~samZ1na z>T&YR^`K;$rW^U`@o@Wn&?pkU#jF)fMF%J2f6bOeFN}3!@XInzzkdRX#8mQoV#q<6 z;jQSd1v>VfsYxdCh+gL1p}eDODmr~aheTJpZmY$2CINo;)NPfwb3vQRp3_J++*VAn z37Fow-BXqu8KB*S3v8Mr!W8#Tm9a>+UB06WGe;1vSSAtsv&q!>l^>JAXrOd9>8fRPiAVcaU$&|uV&oj&v`&@or!)YY!aX-V$y-=;QD&`$1>+)7!b)}u{ zD2&v=<%Cv=6sN6yk-l5?z~P^j<926$yFR&7MW7+K)fp`bPjs6$998zE=y`g|jlgM% zV6wFOU85PB0H^}8?GLEFX>Q=|R_WHWQfhteynYD?uo2#x?hKDyxBUF(-BUQ?$nHGt za(3s@yWIUWXzy13-Mb0PsSMONY1q&&<6iNH6?8py{A>wSP>9=x?yC%Oo>J6tm0lhj zHm@gt`HI+YG97eGSc)}O^s4o^?DVf0hkkH2`F*xx)Y-S`yRk3*+XS;Y`uO}J;X<2g z{{YYmzD<(6mkb8g@(H786F@P9jJJ5?dfpv;xM%QLd~1!BM7B0uRPxlH%W^#_tzJUT zYqMJ7pJkRoBn*`j2h~IyaZP}oE^W|vI4F8n@_yu)YF$zfcMp!>MO({jLWV_8Aho8n z8akUBL4V7jz^(Xrbz{L#-i#?^TIf$$7Q@PypZuN^SyWlBojVec)T@IpuZW*M$8mkpkVCrsJL~GM zC{XuP8<`#Kf41I_ukCfdOC2plyaJF(4+7j6JD(_Ekc`-zw@Bu9zg)@>vJ-wFHtiji zr#0z|`L5URFn1oEM5Y9dfZt<#=e zq`=Th_Z@H?2Gs-u0{z9qY;94=-MhC0`T*LoaA`fsGMjrjo82edm@C-&;Ok>kxd+@? z>bF469=~+^Isp2BHd}zZk|$qJ+QHaWFD@5k!q?~t#pSmTW*6r@IPFNgy2%$7$E_Oz zX<52Iy<0ezQ-RM)hkK7dj5ndmSRq>f0Lh(y2;Y|}ft zSI65l2bU|NZ3kQz78dRRCFzv){j8||g)e^R-d$uUQG;yoyI4>OS9R?!XUnMR{m=8o zA0Q__9|(~`;T$~>UcuM+)yp>j4O5IKyJ^X`Z^W*;Y6Y>t?K@qK+C?LaZ;xT9hGzp$H3;NjKs)xVkq^e2L zyEOZGJlWj@-2Yf_UT(n47Th z^FhP!>5O&X`%o*!CeSXHLkS4$g+hks5L8LhLvD5@@N^n&xeta(kUTw9G@lSt1YF@z z$X}g)6?Km0zs_+Zjc7g^{89o`pndiP!F190+YTDZ4c1|2*dVD`6ZWZTQ2s<;=(p<7 zG&*^_gA@aqg#aXwT-4kf8LDHOYG%cvV}lOa%4B)(7twnu34-L;26gSjD)QcrbF zwH!$O`;>2fDVMteZ4gsT8z(Jub+SGYA-RHkU-VmCB@(W=*K*w@Hk%7RE{Jg_Jx7@JrC9WBOxLdelX916?CJC zB@r2Xv2cnoZhyS*wOV6y52L?I2T*;l3(#zB&B|MziIO;{FDYa2E!$%Z5QLI&(*BgX3T&P48$l*jf3Gz__NmQEa(yhQn6EQ^ zPrTUF$j$y?Ev>UP6|G}55t0<{cliuSAH3%J{eEv(NO`|wubP}*9{ULN9&i;lp-4dj zbszg-0Nyr1^09mF)<`$(-?*^#SdD8lKBbAwgajx!0@Cbd)9Vn%qqzN&f$rm&o35QC zGK`GN%(aDe8X!bwcBic_A3~up9@NBEO?mmXdYgc{V!maZ<%MCZAQCA|x#l06f;W~y z-(9}d2bzwc?%m}sR4;aWYYG=n1dY{hpHKA?J`o}wCUlNS#zDtmZ>RiHr=?_UgLK>< z-{YL?ArBMM>I|2HQE(jLP-p2`V2U0bJe?j$-)>BN4tf%>+h!6FSjq1Iubd18Z9q2?F5^D_l$koR1h5pJ8X4b9W-&4m zq&b=J7=AV;!6QC1K@y0!GDJtP0Bfh;Rulx0Y@|LmTvJ$OIeDWVH3ERMquBw7Y7v1Y z9wJgG$dI@efCHUw2!#Ym5;~?Xgqfb(R3xJdHrXbp3pK5t#mpN8QIwVlb$?Y->iUy; zkSSnL4r$hv2fH7c!exYER3EG_%gD&rjQtGNwfat<8XXJ5Gnu{W{6MF}WV+|H$31WN zndFc6W}85LJSP~?WQz;g&lqQ4TSydyEtuU5DD$Fr1|cMq^KqYwl-SFy+s!kB5ww#~ z??gs>Evp7dArlq>iGsY>KJHdU!7xS1kZc z%#&VcF7xDi6Q*|V{o>|iOA&3j>4^@LUBNq7CbSX>kVwP?RiC+Ajq&EdTH&@PJ%KkR zslicHhcvNA;fesl+?;g;1TtcKQI=X1T4c@flKrglj%RVn%-7_t8(cmSDNAYCx^*T3 zYXE&(_NQw%)V5J_{ZxD#&>!I;&LvH!?hgeV4T)um5k~~#8B)um6y;I`&;kTvUudEm z`{UTVF|yy0+((O=d`-3nZfffn5=1N-gX0g3&l>UR_ZKRy>g*VW!-(+vvn!-)t4Dp}?pA`Qm zBBF&o)S5l|g|Z!IQN2QBU-$(wiq`nujT-q<#0U>KOUpoiD&Z1@P6F=Z9e(NRY?l6c zoh$J;CA(N`{-J#`F1cQniHwE+R)ZvASCT-a45gsELV*gkW`46Hb>`mNIX~Z9_e6GO zbhAH$`^U@j>tc1WI@wQ+;+v(rtwp0Gb+h%T=hW_{e(mD-R{RKuP(b7P`%3Gx-=6t9Dd=V^f@jTEG@XA@f&dyAN-K~&%}nj2 z&MW6Xp7+?hw+DL67PffY=iiBW%Ijt`GGTT{CJkZaL8}y}XyK?U6x3z1qFywSI^c1y zh((M6W<>E3^`Fi&UzqHH ztWT9rv3t?DDlk%EKRgwP7m)l1(F&t2Geyu{Y6!G`%Kl{eKuntEtNf;t(mxmGcS{j3poKVZ z%jG6ff;c5W^xA7D*J8nGG16*hNBC5_r^X^i3IZUr^H(RR2>1fQK#kSzl4{R~d(?K+ zkCW<)s2Qqj0Yf)f7J0*fa@?iQ;naYvE;XG(TmO!qq6FBwUJ1aY&)&#hu>X36(W3c{L`PVk?@`e10k%wyA zpAPse0RY|zUcHr~uR5Y3pTS#gJ?Xbg2UUPqLRvGxSf924)*>tp7`JH zL*hp+D?6J}&^CRlZIymV@w9ySXw_8LKBXa0qzpThDj?|x?eahF@jmeaee%?LO(uD_ zk@aLaGOKKiTYuj8WBrf!WxBGLewbDsKUkcEv~^;3AoX~`?HWMQe9Z%dzPrMp)PXI^ z3Z#}8AQkw(-VYGK0ZJRw>Fzxd`GMf16kc(`;dpO?@A|V0d1^+pYlO{NYwtd81(g$Zh z2eFIu&s(2@$z(8rXP`Z=nHIb4A%+Nsb(5@CMZZeeE7+zV-rsp zCll9BQCQ1q^&P+(clq-xCk!&Ae|2OazA(PmXM&ktX>W=YETqWe3)=5cgSEKdB;mgi zg=BiO31u^(7HQTSE$j@VjvvhrH;xb1xlO5*PxgD8poALps4q8A{HSC6K@Mdz5HK)DANNWj z6@_U52`_CsaVY$dQYSV*aCb1!0g{0vfu{S^80d1+-E{2uYgX<`pw@w^P19Fhi8GLs zo1F#uEqpgr!kg#QoVnEg9)uvJHjQGe+zVLEpeka~7z!Q5Nxm|nWMLr}4y1;WizG*? z{_`Fg4x>#WbBA|_*qkE|Hwk1ENWwIPn_#nF5#S;sCNvmH0&n0yorRfOCoxUGE!HN+ zfBeX-ayB-sU(?gy{dT$3eL`vB{7{ONZK%Tp;7*fgm#X6s(YUXHDz}2+!$~t23m%BV zdC|(S2#O6EqZrSC)aU2&OrG%7EMHu8I3B5mCZ#YDKV z@bmG~DLJP{f$Ck!;zLNadI#&NdZHk2JYoZQU9RAl?gy(Mv+mU3iz6uT>{tR1Ti=sS z9s}>4l?T(z;dCOrSa=AdF#oi*Q9=4naOmBG+mQ=+BmA-nBbqpd)Dmltc^b<^e5ird zRo=w>37J0=@2OJq?K8_(VU1+)KR0qlmQKK0Eu4~lI2X#my$1XS`JfH3^M-X!#;V-S zOYeOVYij`BgY~4;WD@fq(jR22Z`0du&kytfUK3WO+y=Zz#}hu z;V3ro5)xvhs6#Mq_&)v;zIX~~ow=U5^th;Z!vzoW9;nXp_?7VGhrH->#5bGlZ!W)l z*&OJyP;^@m9)gZHF+g6<5QTFH7|_^$zzA=M;Kb@b)bu5?3Wm68%^Y4YI;SsYCGgp4 z{8O?mp*c9?l80NZ&+Y|;S}3h+ukuNa4+td0CdpcrcqpEoGyhZxMA?TLsb1MMfEPua{pXGMV?AefJ{ zu?nA5f+$VT@GsAe%o$~$Yotepq{umEI#NXn8$J<~;9_Es~FE4h%+9Aa$gS1zEzDRVDc zVQ(tPaWG(}If6~6e#3FJqTH4d-Wtcfj;1(QIR!T^w7A@L12+r{Sv|e+D7$DD9>Ki+ z`NV%0bTdt{SHTB4-x(?}cU%Yo`;%W8|LGMHj8nMb&DE zX1RRw;q0|y>@|rHn{8QLkI+je?K1V90bgFong>zReII^70v6sA#U|zgEZUc)F$#Y@ z5+|0LcLw$oNc0sWBCozU?^^CKWMR9QEMd9!a4`37KquQ1ovE=j>O_8C z&iLR27s?vWo4{GbuvUpHKS z&zQ*u2lHUr_A)qgpH#%M!NB{uN4T_>1YNddQ2qrGO@y1iaP4^Sx zO1VL!C#U(=i%uQow~d*=onVY4#5U)U8JhSAyj}4zt~VvrvA6zSEJLeeqmqB)(TAkF zcaH@$S0+WpZ$F(sk;k~+MnYU4M9}ZR9yIaKajS*)dmjH1&~m`@DYSVAIf{| z6*lWCudzUrCyki#k3|(B!*LIQnG>e-G&e$AS0k(}0pBAETHx#7?oIZ|w*<=9ve3XT zdT-nB0ywHNC(~Ob=izW}oa4@3b$sJ@Kf6DZKo)u&M19L3YEkk8?EqM>-wj!4-A~*H z6-yr`G9b2qC(!)TRB^l_h7*X?o|zE5HP`EBdB#H`Gsq z{pFcQU3Un6mi|BbcVOg{l@0|} zt$x4^JAr@Y)IQzFxmIA?7VFd=&-0zGh5@oF2M6HUJ-B^IL?2+n9G?@3f=WnGcWsmLY=FuU#bCgk#TT({UVW|QloJonDfA< z_g7Aq)8se7o_#ROE0X{*E3IC96$RJ}mlpsss5|u0*%C??%2(V|N6LfL%NS@6;&`$? zRG6gzw64DJO?S)mK7P~>=~mvU-J1X6Zrd8|3IgIjU!qB~eyNpQ4Xjp}+(lHVbsUHExPetx;9=-Gwt`ce3J05%L59UtYTieY#-uz`)*(4U z8_a8!0%*m)B13znN1!z$fKPr}`|Ia`0GX82=k2Y2L(ozIFpW+ixha_de=RL;13M}- zF3jZkj`=wz6n5rG3Ut2zF1*{7e6N1?qLh6fcK4gUa%%B0kPjVs5)8bnJdQ=*C%~I5 zWJ4h}u(Z>qy-M!PLf0Mx818McS;eDNYHFZ09l|lM$>|#G19~lWhp&%Sl@3NNx&al% zVaynKL7nzU)AQz}W@i0ieC^5c!S{E-xBQ~YW#RYRXlrK5JLa@p#S>lxmT4vfmkC!| zU|8T2fi&6jw%D*KQ|5tF{cp6Hnc2|TJ!Z$SCpW_Pr(Z9rW3RxGvB-=EXPHo6rLRBC zLFQ)=n&Ds2j9M3Av~skqfJf6&3lLAIhCqsYWLEiB*rFF&HJ7e*ff}!6i-04KI~35H zKHixmIu82wSc$&Cs7cgrCmwM(Q3Zt>JzlEX8FBbxUjsDQ9b1^2LL8vxxK5jM9S#E_ zhGj0(s=J_>-6wAUy@u!;x2{L9w`sNbWjqgmLt_JLRkDEXCmX1u?LV`lOjz$Hoqz&4 zSFoAlMgi{XnB?>MXh+7Hu%3#V*lVtAes4z)b)~()fQi!N_8Vw@=d-)^L{W6Kxmu=x zvrXrc>wb3}@a}$0cE_9#r`QhJUvy`6Q64C?oQ(FAV4J##3qWg2CQlRl<2LB;^ro*; zr>adrzC}GI4)HlM4qF6fA?-fd49vFiHyTAc2Vu`E{+rgw!>nbVYXkq>XlsV8iPL!S zeRtvJW5eo6a&P$7f13s`QZXqcPU%nk<;`|JL0*>+0Nid~vNcn9yl52|ze_(;2}l{^ zejrG3DC3(vP+N$=Eh19Z@pEFPC3YS+7*UMFX!O}|pE0?y6Z7gPU;fcWy5dhrKJ4Pb zlo|M$2nREX92!x1`?awuLBv+Nj&6cUd~(8d1r6X0K%V+B{{= zn$-LNbA&%rHJuV09MZf}lc$CPn)aR*aI%Z#*k^&IYReJQ$H!ZKrS&|cND$oI%} zx-}*<_z9lH;JY9j@X7{SGXfbqJEf}_NGv34R-{&CHy?fROw4mQMUWc^Nn~FNJ6a<# z$8&5rt=D~W(J)#{MWiGfTAfsxjTJ=SCJt+G!D~c?$4+-!-rAYc#HijB!-@qN`8N~n zRnk?$o7@S@*U`NqOepj*i9WI-!j>@rvs*&V>ct^+GqCu6OYxJ{ktcM) z8p(NY+xKq%>=IyOnH4n3Xkbja;P~Q5khfFz(Qsd;gOVn)@pRzW8||knUVDSamQ|}C zCzW!PZt}B{PDe<#UuM%xFhNsk4D!Hv;~8LHY;$T?7s7E?2wx1mW9)^Tvr|D2i}Y(| z9mv&UM%C@lpLXxyQueQ@1~}nLNJJoGa}-lsDNU4X6N*JNulbITGn_WS4PzkrLh`1= z_x!3W=9rRzJC$@-^Q)gIFf_f=d1zQuPgh7|+do+#oQp-s4Zq_l9U&H%m+`Paksqn^hYmdz0 zYiT9~1trli%#MF1x5t2?V17ahy14!{L;i3BV{w#`>YBi3rrt@+5oY2i=+0bO9N9jW z zwaE9GN6H?Qj%*PR5;&;`@(^KF6JD3jeL@)(W$+IfatY5=wUojG(~a@^QRuQ;EOEB}_w_iyA&;7@61%bwyH`1!3^c zW;VWC(jf^$Fg zYl-2|_4QN!^QXoZFl+-|oq}-W6()ChTp&2*hiF+9!(Oc-mtMYW4aapO(4VTZ_G)L8 z)Nr$MPklHW=;AIlJ|hk13VR}VW7v5%#(>ASy291y4&zDe!!~OLy8$Dc6sE}-syyK_ z5F_mJ?W)`lXW?E-|I!DjUTk8K8^bKDVOP<)ifzI!oT7|X1*jRSa5H8F=afGjj7&AL z9@G{Sj?U^~BN_mQ5qXz?fSys9Ko+XF7LQ>$Jk6KEYGm`Z!?wPwccd9kdo_y`ZDe>$ z8!Q%{moyv47)S-NI`3|*Hs5=vB1Xb9!c3APyg5kD%?Myqe0#HU@jNV&zD9xQx>ICi zw7<30Rc>CA{p9h=^X=PlBsrb|oz~MOFzHoH2o4L*B$Y(C`U12hr43hTQ7bm8oMqe0 z#IA3GlBklo*DV>8D1SIn>vIP~b48F+NFwK@b4I(Oz=cVlUVJP(3hz^hJw=`Ts*OY(*P76C1 zH)+0hCfH?7#$OX@9U00)I?%~bWERGYxH`Kzu4%8S1?&17S2;5t;kn}3TNhNPs))#F z&|@a0Pq=2ga@Xsgi-ppiN;da=U}2vYEU^*iz{+XGmKX5DHTddvC|YS-c>-+bX4bT< zDFO$XXqg)6Tpoxmo7RhnP%=q~*#!vAb9}rq*5ikPOWg1eIWwEc&K;ds;$bbkvDu_U zBbv!C8|}?jpwODAhy9AA!pvEzTbnK5L$@ zA4Mea+^##?xg+E9`p3tO^Vv@G22#3A5~)fJJQ91`QFXkr29@lRoM@f)@dSrMX^%$6 zUJ6UeP3vwEo}*VvYZ{o6rMUjk(LSsWV?KSo^9Cdh)Nu+)Kd@s6AXp*KED>1cS;ZEN+RUD>8Xk+Hm^UwPp z-^v@YfY&-Qx}%QGL-4cNdDsmWKGYzvBeV81VrLt}yQ=hklToy{q^0;>i1WVEAv0`1sfLE%nCgT<|<|e8Qq^=<5V3GA@O1bTGAg z3tV-FB-zMEnAsA*mhr7HGO5@z&5(W0o0FLG-Q*)V(>S)|5huM>-y)rPeWPnoc-HA8 zLe5Psf&bq_Nie=|Mfkpl@xlaRUEo<;gwJYphFVSWJ}UPdCr)YC*zv|rSM=tZ4KS01 z=CdU(2R-*?1ySY-8aqeHmyzTX?Mu_^?k^+xiMsIB&1VYDVGs7r>0edzSXH`nHNtq` zu(Q5rw#`B#Yp6&fi^IjQe}c20*hkeEO!{P-bE=|TLmnGP>yfxX=o3=X6q`E5kE;a= z|6*p;>wKyr!>V#`5}Vx>-yG+P^TrziV5#I%$+{TZy>&E5NgEcCL`8F8fDH{$NOI9Cw~Wq7wk(l#|0U3#V6FN23YHt z%CQ-mNLTCtA&?5LZOBMNvapduxV@VyF9M^u&4pE@(9YNSdXt8S7D*LO!LO*HMH(%3 zOP{O~c+=kp2G(x?Hb?*%*yjBl8Gs4Ed8aJ*5^w+Boj}!8z7@z(5pJSTNc7xLHOsWm ze%@_xMQ0UFT++o(j`93tv^`LNqTCP_F^20;=LuFu^QySnG?Tf(H=JoMYLVP{w$O!OL{1r7vMj{LPeXfe>$~jgAO_g)23@_=b%1TRYF?XI&LOtU} z6w0R7JLb)A31g=*6BOP+A-PZlz%giIB2%Ax&6_ zN0NdzM~phz`Iy|tL8y{k7S(LbU(Fj^4*d6IS)aM~gyfr1D?jYI3l`m#E5Pwq@@N7y zYklgGq#g^x@v7>%L|r$IM4h;eeSt%w1wZLTLZD0MbRjteS>X^O0${G*hCe1C-vokt z-=uwd>MT5jSu0H?RX6Ua2hoovnDvOZO1<4YNAd~NPmyfcK`H+pxFNoE!N+@6pneC! z(@OLv!;t{aC?vT{u$4Xd)++5)8YdU>p$eRmvZGmwpuHVUXC#6NHItop=`U2a4c6tE zKkWdVF+2#|R$e%l9)i10(RG@|C+1xQg_+Qw<0>6VDLFBVtuOAub&?v2E zDUYuqYwZM2qWf6E>#vTz2KSC_)4t&mf%^r)Z)beWO%Y6d(0$a4>+kPNgrJTZLr~*@ zf3gfpjs3!es3*t))g(0yN}E@ZQ>;zBs$4x9ge~W_M|@%VTZqVsTYx z$aZ3?u#>qSv|ctsV7*qfj9wz21%qvqXf>pvk$oOvXTX-_qa~qb!D2t~zW>yj!bSIh zzL}ON$F$~)?(-(9>Jri{SraGbJp7^BzfFgrSC}Zq2yB_|>woHQ-Up^EcWW_kofmC- z_u5kx4x2i-a;oYkK1I>11mKn-UTo^R8d(RnxAIM<-|3~!ETXg-pPs9+%LSMn_`FHO zovm5v7|v4YdCM{R~3y+C!=Cr8h{sC|oZ?0xV6@t43ouglpz1bFNJ-J}!p#(og~sRD!R z(H83y``;fzKM-fYUmKX!<(dPS9Enh6LoKcWCh{x@(Xx2A&5R=d_eJ0boHQ5 z?vJ1jc8U(0s6&M5JpT_0{-5z_odqxC*)#I8cM!QU#J-q~zER_hh1fsm{yoX3!8KK` zUk$;d!5ER_7=~Iu7~R_!AQSZ8_2fkhgKLQN(Jur5$SC!nFUqL`|M9;ou<#^CFb5nw zeiFbAaQ^2K_Ax@P%D=B^0N0?$;@?BRO!|NKO4=CQ{r5Gz*kYVJSUIc*LRGF+&DnB^ z(u@vDBK-HGl@1=fIbk^v{8b3ke+C?~Ikf-pFZm$^;QIsHe6C2`JklyU%mP}9zO?r{ z|F?0Vr3e8_Vej^T>-?{E%2xrPkYMn?7Uh5cv;Gv~n5x93_tu-NJrWuCM_c2XdV#7{ G;Qt4{QM!i! From 65676ac16a9ba874e94dd83d7eb0a0788c36a947 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Fri, 27 Oct 2023 22:36:04 -0400 Subject: [PATCH 19/42] update readme titles Signed-off-by: Carlos Santana --- .../gitops/getting-started-argocd/README.md | 24 ++++++++++++------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index 3a206b64c8..1086887ba6 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -83,12 +83,19 @@ The output looks like the following: } ``` +## Access ArgoCD +Access ArgoCD's UI and CLI configuration, on a new Terminal window run the following command +```shell +terraform output -raw configure_argocd +``` + ## Deploy the Addons Bootstrap the addons using ArgoCD: ```shell kubectl apply -f bootstrap/addons.yaml ``` -Monitor the ArgoCD Addon Applications + +### Monitor GitOps Progress for Addons ```shell watch kubectl get applications -n argocd \ addon-getting-started-gitops-aws-load-balancer-controller \ @@ -97,6 +104,7 @@ watch kubectl get applications -n argocd \ ``` Wait until the ArgoCD Applications `HEALTH STATUS` is `Healthy`. Crl+C to exit the `watch` command +### Verify the Addons Verify that the addons are ready: ```shell kubectl get sts,deployment -n argocd @@ -105,23 +113,20 @@ kubectl get deployment -n kube-system \ metrics-server ``` -Access ArgoCD's UI and CLI configuration, on a new Terminal window run the following command -```shell -terraform output -raw configure_argocd -``` - ## Deploy the Workloads - Deploy a sample application located in [k8s/game-2048.yaml](k8s/game-2048.yaml) using ArgoCD: ```shell kubectl apply -f bootstrap/workloads.yaml ``` + +## Monitor GitOps Progress for Workloads Watch the Workloads ArgoCD Application ```shell watch kubectl get -n argocd applications workloads ``` Wait until the ArgoCD Applications `HEALTH STATUS` is `Healthy`. Crl+C to exit the `watch` command +### Verify the Application Verify that the application configuration is present and the pod is running: ```shell kubectl get -n game-2048 deployments,service,ep,ingress @@ -132,18 +137,19 @@ kubectl events -n game-2048 --for ingress/game-2048 --watch ``` Wait until the Ingress/game-2048 `MESSAGE` column value is `Successfully reconciled`. Crl+C to exit the `watch` command + +### Access the Application using AWS Load Balancer Retrieve the ingress URL for the application: ```shell echo "Application URL: http://$(kubectl get -n game-2048 ingress game-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')" ``` - - Verify the application enpoint health using `curl`: ```shell curl -I $(kubectl get -n game-2048 ingress game-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}') ``` The first line of the output should have `HTTP/1.1 200 OK`. +### Container Metrics Check the application's CPU and memory metrics: ```shell kubectl top pods -n game-2048 From 837f4cfc3c1dcfab50095d6649c085549442f144 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Fri, 27 Oct 2023 22:37:32 -0400 Subject: [PATCH 20/42] fix title section in readme Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index 1086887ba6..0e6549c329 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -119,7 +119,7 @@ Deploy a sample application located in [k8s/game-2048.yaml](k8s/game-2048.yaml) kubectl apply -f bootstrap/workloads.yaml ``` -## Monitor GitOps Progress for Workloads +### Monitor GitOps Progress for Workloads Watch the Workloads ArgoCD Application ```shell watch kubectl get -n argocd applications workloads From aa6342d02f5f632d5d54a47603b0375ccc39144e Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Fri, 27 Oct 2023 23:14:56 -0400 Subject: [PATCH 21/42] add docs for gitops pattern Signed-off-by: Carlos Santana --- docs/patterns/gitops-getting-started-argocd.md | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 docs/patterns/gitops-getting-started-argocd.md diff --git a/docs/patterns/gitops-getting-started-argocd.md b/docs/patterns/gitops-getting-started-argocd.md new file mode 100644 index 0000000000..1492cc377a --- /dev/null +++ b/docs/patterns/gitops-getting-started-argocd.md @@ -0,0 +1,7 @@ +--- +title: GitOps Getting Started (ArgoCD) +--- + +{% + include-markdown "../../patterns/gitops/getting-started-argocd/README.md" +%} From 4531c732f02aea7a35eddec5568e7449f05fbc01 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Fri, 27 Oct 2023 23:28:12 -0400 Subject: [PATCH 22/42] remove old v4 argocd Signed-off-by: Carlos Santana --- .github/workflows/e2e-parallel-destroy.yml | 1 - .github/workflows/e2e-parallel-full.yml | 1 - docs/patterns/argocd.md | 7 ------- 3 files changed, 9 deletions(-) delete mode 100644 docs/patterns/argocd.md diff --git a/.github/workflows/e2e-parallel-destroy.yml b/.github/workflows/e2e-parallel-destroy.yml index 708e8dabe6..e7725a05f2 100644 --- a/.github/workflows/e2e-parallel-destroy.yml +++ b/.github/workflows/e2e-parallel-destroy.yml @@ -28,7 +28,6 @@ jobs: include: - example_path: patterns/agones-game-controller - example_path: patterns/fargate-serverless - - example_path: patterns/argocd - example_path: patterns/ipv6-eks-cluster - example_path: patterns/karpenter - example_path: patterns/multi-tenancy-with-teams diff --git a/.github/workflows/e2e-parallel-full.yml b/.github/workflows/e2e-parallel-full.yml index d1692e282e..cf254b9cda 100644 --- a/.github/workflows/e2e-parallel-full.yml +++ b/.github/workflows/e2e-parallel-full.yml @@ -62,7 +62,6 @@ jobs: include: - example_path: patterns/agones-game-controller - example_path: patterns/fargate-serverless - - example_path: patterns/argocd - example_path: patterns/ipv6-eks-cluster - example_path: patterns/karpenter - example_path: patterns/multi-tenancy-with-teams diff --git a/docs/patterns/argocd.md b/docs/patterns/argocd.md deleted file mode 100644 index d9fd12c2e7..0000000000 --- a/docs/patterns/argocd.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -title: ArgoCD ---- - -{% - include-markdown "../../patterns/argocd/README.md" -%} From d962ff7963ce4d418fc553d106fabf2f18de0bc6 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Sat, 28 Oct 2023 00:08:21 -0400 Subject: [PATCH 23/42] update github actions for new argo pattern Signed-off-by: Carlos Santana --- .github/workflows/e2e-parallel-destroy.yml | 4 +++- .github/workflows/e2e-parallel-full.yml | 9 ++++++--- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/.github/workflows/e2e-parallel-destroy.yml b/.github/workflows/e2e-parallel-destroy.yml index e7725a05f2..741248262c 100644 --- a/.github/workflows/e2e-parallel-destroy.yml +++ b/.github/workflows/e2e-parallel-destroy.yml @@ -28,6 +28,7 @@ jobs: include: - example_path: patterns/agones-game-controller - example_path: patterns/fargate-serverless + - example_path: patterns/gitops/getting-started-argocd - example_path: patterns/ipv6-eks-cluster - example_path: patterns/karpenter - example_path: patterns/multi-tenancy-with-teams @@ -64,6 +65,7 @@ jobs: run: | terraform init -upgrade=true terraform destroy -target=module.eks_blueprints_kubernetes_addons -no-color -input=false -auto-approve - terraform destroy -target=module.eks_blueprints -no-color -input=false -auto-approve + terraform destroy -target=module.eks_blueprints_addons -no-color -input=false -auto-approve + terraform destroy -target=module.eks_blueprints -no-color -input=false -auto-approve terraform destroy -target=module.eks -no-color -input=false -auto-approve terraform destroy -no-color -input=false -auto-approve diff --git a/.github/workflows/e2e-parallel-full.yml b/.github/workflows/e2e-parallel-full.yml index cf254b9cda..697b05a39b 100644 --- a/.github/workflows/e2e-parallel-full.yml +++ b/.github/workflows/e2e-parallel-full.yml @@ -62,6 +62,7 @@ jobs: include: - example_path: patterns/agones-game-controller - example_path: patterns/fargate-serverless + - example_path: patterns/gitops/getting-started-argocd - example_path: patterns/ipv6-eks-cluster - example_path: patterns/karpenter - example_path: patterns/multi-tenancy-with-teams @@ -114,6 +115,7 @@ jobs: terraform apply -target=module.eks_blueprints -no-color -input=false -auto-approve terraform apply -target=module.eks -no-color -input=false -auto-approve terraform apply -target=module.eks_blueprints_kubernetes_addons -no-color -input=false -auto-approve + terraform apply -target=module.eks_blueprints_addons -no-color -input=false -auto-approve terraform apply -no-color -input=false -auto-approve - name: Terraform Destroy @@ -124,9 +126,10 @@ jobs: export AWS_CSM_ENABLED=true export AWS_CSM_PORT=31000 export AWS_CSM_HOST=127.0.0.1 - terraform destroy -target=module.eks_blueprints_kubernetes_addons -no-color -input=false -auto-approve - terraform destroy -target=module.eks_blueprints -no-color -input=false -auto-approve - terraform destroy -target=module.eks -no-color -input=false -auto-approve + terraform destroy -target=module.eks_blueprints_kubernetes_addons -no-color -input=false -auto-approve + terraform destroy -target=module.eks_blueprints_addons -no-color -input=false -auto-approve + terraform destroy -target=module.eks_blueprints -no-color -input=false -auto-approve + terraform destroy -target=module.eks -no-color -input=false -auto-approve terraform destroy -no-color -input=false -auto-approve - name: Fail if TF apply failed From 17cfd491b09bfe3a68bfe101064e831f578105f3 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Sat, 28 Oct 2023 00:08:35 -0400 Subject: [PATCH 24/42] update pattern to be consistent with module names for addons Signed-off-by: Carlos Santana --- patterns/private-public-ingress/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/patterns/private-public-ingress/main.tf b/patterns/private-public-ingress/main.tf index 1a77cf8fdd..fd81fc2772 100644 --- a/patterns/private-public-ingress/main.tf +++ b/patterns/private-public-ingress/main.tf @@ -243,7 +243,7 @@ module "ingres_nginx_internal" { } } -module "eks_blueprints_kubernetes_addons" { +module "eks_blueprints_addons" { source = "aws-ia/eks-blueprints-addons/aws" version = "~> 1.0" From 642e5c58266eb5a6c01b7bbcd7b975edd32f9972 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Sat, 28 Oct 2023 06:52:39 -0400 Subject: [PATCH 25/42] update readme with gitops bridge definition Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/README.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index 0e6549c329..748b77cdfa 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -4,6 +4,21 @@ This tutorial guides you through deploying an Amazon EKS cluster with addons con + +The [GitOps Bridge Pattern](https://github.com/gitops-bridge-dev) enables Kubernetes administrators to utilize Infrastructure as Code (IaC) and GitOps tools for deploying Kubernetes Addons and Workloads. Addons often depend on Cloud resources that are external to the cluster. The configuration metadata for these external resources is required by the Addons' Helm charts. While IaC is used to create these cloud resources, it is not used to install the Helm charts. Instead, the IaC tool stores this metadata either within GitOps resources in the cluster or in a Git repository. The GitOps tool then extracts these metadata values and passes them to the Helm chart during the Addon installation process. This mechanism forms the bridge between IaC and GitOps, hence the term "GitOps Bridge." + +More examples available on the [GitOps Bridge](https://github.com/gitops-bridge-dev): +- [argocd-ingress](https://github.com/gitops-bridge-dev/gitops-bridge/tree/main/argocd/iac/terraform/examples/eks/argocd-ingress) +- [aws-secrets-manager](https://github.com/gitops-bridge-dev/gitops-bridge/tree/main/argocd/iac/terraform/examples/eks/aws-secrets-manager) +- [crossplane](https://github.com/gitops-bridge-dev/gitops-bridge/tree/main/argocd/iac/terraform/examples/eks/crossplane) +- [external-secrets](https://github.com/gitops-bridge-dev/gitops-bridge/tree/main/argocd/iac/terraform/examples/eks/external-secrets) +- [multi-cluster/distributed](https://github.com/gitops-bridge-dev/gitops-bridge/tree/main/argocd/iac/terraform/examples/eks/multi-cluster/distributed) +- [multi-cluster/hub-spoke](https://github.com/gitops-bridge-dev/gitops-bridge/tree/main/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke) +- [multi-cluster/hub-spoke-shared](https://github.com/gitops-bridge-dev/gitops-bridge/tree/main/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke-shared) +- [private-git](https://github.com/gitops-bridge-dev/gitops-bridge/tree/main/argocd/iac/terraform/examples/eks/private-git) + + + ## Prerequisites Before you begin, make sure you have the following command line tools installed: - git From ffa99f7c6cb8dfebdbd2c04be583de75a368f3c8 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Sat, 28 Oct 2023 14:35:28 -0400 Subject: [PATCH 26/42] remove environment variables Signed-off-by: Carlos Santana --- .../gitops/getting-started-argocd/README.md | 33 ++++----- .../gitops/getting-started-argocd/main.tf | 71 ++++++++----------- .../gitops/getting-started-argocd/outputs.tf | 2 +- .../getting-started-argocd/variables.tf | 5 -- 4 files changed, 47 insertions(+), 64 deletions(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index 748b77cdfa..da3a989bf7 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -74,11 +74,11 @@ The output looks like the following: "aws_load_balancer_controller_service_account": "aws-load-balancer-controller-sa", "aws_region": "us-west-2", "aws_vpc_id": "vpc-001d3f00151bbb731", - "cluster_name": "getting-started-gitops", + "cluster_name": "in-cluster", "environment": "dev", "workload_repo_basepath": "patterns/gitops/", "workload_repo_path": "getting-started-argocd/k8s", - "workload_repo_revision": "gitops-bridge-1st-example", + "workload_repo_revision": "main", "workload_repo_url": "https://github.com/csantanapr/terraform-aws-eks-blueprints" } ``` @@ -93,17 +93,10 @@ The output looks like the following: "enable_argocd": "true", "enable_aws_load_balancer_controller": "true", "enable_metrics_server": "true", - "environment": "dev", "kubernetes_version": "1.28", } ``` -## Access ArgoCD -Access ArgoCD's UI and CLI configuration, on a new Terminal window run the following command -```shell -terraform output -raw configure_argocd -``` - ## Deploy the Addons Bootstrap the addons using ArgoCD: ```shell @@ -111,23 +104,27 @@ kubectl apply -f bootstrap/addons.yaml ``` ### Monitor GitOps Progress for Addons +Wait until all the ArgoCD applications' `HEALTH STATUS` is `Healthy`. Use Crl+C to exit the `watch` command ```shell -watch kubectl get applications -n argocd \ - addon-getting-started-gitops-aws-load-balancer-controller \ - addon-getting-started-gitops-metrics-server \ - addon-getting-started-gitops-argo-cd +watch kubectl get applications -n argocd +``` + +## Access ArgoCD +Access ArgoCD's UI, run the command from the output: +```shell +terraform output -raw access_argocd ``` -Wait until the ArgoCD Applications `HEALTH STATUS` is `Healthy`. Crl+C to exit the `watch` command ### Verify the Addons Verify that the addons are ready: ```shell -kubectl get sts,deployment -n argocd kubectl get deployment -n kube-system \ aws-load-balancer-controller \ metrics-server ``` + + ## Deploy the Workloads Deploy a sample application located in [k8s/game-2048.yaml](k8s/game-2048.yaml) using ArgoCD: ```shell @@ -135,7 +132,7 @@ kubectl apply -f bootstrap/workloads.yaml ``` ### Monitor GitOps Progress for Workloads -Watch the Workloads ArgoCD Application +Watch until the Workloads ArgoCD Application is `Healthy` ```shell watch kubectl get -n argocd applications workloads ``` @@ -146,11 +143,11 @@ Verify that the application configuration is present and the pod is running: ```shell kubectl get -n game-2048 deployments,service,ep,ingress ``` -Watch the events for the Ingress, this take a few minutes +Wait until the Ingress/game-2048 `MESSAGE` column value is `Successfully reconciled`. Crl+C to exit the `watch` command ```shell kubectl events -n game-2048 --for ingress/game-2048 --watch ``` -Wait until the Ingress/game-2048 `MESSAGE` column value is `Successfully reconciled`. Crl+C to exit the `watch` command + ### Access the Application using AWS Load Balancer diff --git a/patterns/gitops/getting-started-argocd/main.tf b/patterns/gitops/getting-started-argocd/main.tf index cd870cada8..42bfe363df 100644 --- a/patterns/gitops/getting-started-argocd/main.tf +++ b/patterns/gitops/getting-started-argocd/main.tf @@ -31,11 +31,13 @@ provider "kubernetes" { } locals { - name = "getting-started-gitops" - environment = var.environment - region = var.region + name = "getting-started-gitops" + region = var.region + cluster_version = var.kubernetes_version - vpc_cidr = var.vpc_cidr + + vpc_cidr = var.vpc_cidr + azs = slice(data.aws_availability_zones.available.names, 0, 3) gitops_addons_url = "${var.gitops_addons_org}/${var.gitops_addons_repo}" gitops_addons_basepath = var.gitops_addons_basepath @@ -47,7 +49,6 @@ locals { gitops_workload_path = var.gitops_workload_path gitops_workload_revision = var.gitops_workload_revision - aws_addons = { enable_cert_manager = try(var.addons.enable_cert_manager, false) enable_aws_efs_csi_driver = try(var.addons.enable_aws_efs_csi_driver, false) @@ -95,8 +96,7 @@ locals { local.aws_addons, local.oss_addons, { kubernetes_version = local.cluster_version }, - { aws_cluster_name = module.eks.cluster_name }, - { workloads = "true" } + { aws_cluster_name = module.eks.cluster_name } ) addons_metadata = merge( @@ -121,17 +121,9 @@ locals { } ) - argocd_apps = { - # Uncomment to deploy GitOps bootstrap from Terraform, instead of kubectl - # addons = file("${path.module}/bootstrap/addons.yaml") - # workloads = file("${path.module}/bootstrap/workloads.yaml") - } - - azs = slice(data.aws_availability_zones.available.names, 0, 3) - tags = { Blueprint = local.name - GithubRepo = "github.com/csantanapr/terraform-gitops-bridge" + GithubRepo = "github.com/aws-ia/terraform-aws-eks-blueprints" } } @@ -142,12 +134,9 @@ module "gitops_bridge_bootstrap" { source = "github.com/gitops-bridge-dev/gitops-bridge-argocd-bootstrap-terraform?ref=v2.0.0" cluster = { - cluster_name = module.eks.cluster_name - environment = local.environment - metadata = local.addons_metadata - addons = local.addons + metadata = local.addons_metadata + addons = local.addons } - apps = local.argocd_apps } ################################################################################ @@ -166,21 +155,21 @@ module "eks_blueprints_addons" { create_kubernetes_resources = false # EKS Blueprints Addons - enable_cert_manager = try(local.aws_addons.enable_cert_manager, false) - enable_aws_efs_csi_driver = try(local.aws_addons.enable_aws_efs_csi_driver, false) - enable_aws_fsx_csi_driver = try(local.aws_addons.enable_aws_fsx_csi_driver, false) - enable_aws_cloudwatch_metrics = try(local.aws_addons.enable_aws_cloudwatch_metrics, false) - enable_aws_privateca_issuer = try(local.aws_addons.enable_aws_privateca_issuer, false) - enable_cluster_autoscaler = try(local.aws_addons.enable_cluster_autoscaler, false) - enable_external_dns = try(local.aws_addons.enable_external_dns, false) - enable_external_secrets = try(local.aws_addons.enable_external_secrets, false) - enable_aws_load_balancer_controller = try(local.aws_addons.enable_aws_load_balancer_controller, false) - enable_fargate_fluentbit = try(local.aws_addons.enable_fargate_fluentbit, false) - enable_aws_for_fluentbit = try(local.aws_addons.enable_aws_for_fluentbit, false) - enable_aws_node_termination_handler = try(local.aws_addons.enable_aws_node_termination_handler, false) - enable_karpenter = try(local.aws_addons.enable_karpenter, false) - enable_velero = try(local.aws_addons.enable_velero, false) - enable_aws_gateway_api_controller = try(local.aws_addons.enable_aws_gateway_api_controller, false) + enable_cert_manager = local.aws_addons.enable_cert_manager + enable_aws_efs_csi_driver = local.aws_addons.enable_aws_efs_csi_driver + enable_aws_fsx_csi_driver = local.aws_addons.enable_aws_fsx_csi_driver + enable_aws_cloudwatch_metrics = local.aws_addons.enable_aws_cloudwatch_metrics + enable_aws_privateca_issuer = local.aws_addons.enable_aws_privateca_issuer + enable_cluster_autoscaler = local.aws_addons.enable_cluster_autoscaler + enable_external_dns = local.aws_addons.enable_external_dns + enable_external_secrets = local.aws_addons.enable_external_secrets + enable_aws_load_balancer_controller = local.aws_addons.enable_aws_load_balancer_controller + enable_fargate_fluentbit = local.aws_addons.enable_fargate_fluentbit + enable_aws_for_fluentbit = local.aws_addons.enable_aws_for_fluentbit + enable_aws_node_termination_handler = local.aws_addons.enable_aws_node_termination_handler + enable_karpenter = local.aws_addons.enable_karpenter + enable_velero = local.aws_addons.enable_velero + enable_aws_gateway_api_controller = local.aws_addons.enable_aws_gateway_api_controller tags = local.tags } @@ -203,15 +192,17 @@ module "eks" { eks_managed_node_groups = { initial = { - instance_types = ["t3.medium"] + instance_types = ["m5.large"] - min_size = 3 - max_size = 10 - desired_size = 3 + min_size = 1 + max_size = 3 + desired_size = 2 } } # EKS Addons cluster_addons = { + coredns = {} + kube-proxy = {} vpc-cni = { # Specify the VPC CNI addon should be deployed before compute to ensure # the addon is configured before data plane compute resources are created diff --git a/patterns/gitops/getting-started-argocd/outputs.tf b/patterns/gitops/getting-started-argocd/outputs.tf index 2d3b6e57a1..d4ecfbf1fe 100644 --- a/patterns/gitops/getting-started-argocd/outputs.tf +++ b/patterns/gitops/getting-started-argocd/outputs.tf @@ -26,8 +26,8 @@ output "access_argocd" { value = <<-EOT export KUBECONFIG="/tmp/${module.eks.cluster_name}" aws eks --region ${local.region} update-kubeconfig --name ${module.eks.cluster_name} - echo "ArgoCD URL: https://$(kubectl get svc -n argocd argo-cd-argocd-server -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')" echo "ArgoCD Username: admin" echo "ArgoCD Password: $(kubectl get secrets argocd-initial-admin-secret -n argocd --template="{{index .data.password | base64decode}}")" + echo "ArgoCD URL: https://$(kubectl get svc -n argocd argo-cd-argocd-server -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')" EOT } diff --git a/patterns/gitops/getting-started-argocd/variables.tf b/patterns/gitops/getting-started-argocd/variables.tf index 0e99ab6032..d0ef0fe9b7 100644 --- a/patterns/gitops/getting-started-argocd/variables.tf +++ b/patterns/gitops/getting-started-argocd/variables.tf @@ -13,11 +13,6 @@ variable "kubernetes_version" { type = string default = "1.28" } -variable "environment" { - description = "Kubernetes environment" - type = string - default = "dev" -} variable "addons" { description = "Kubernetes addons" type = any From 2f077a620864a3be4519389d515aa156204a2eca Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Sat, 28 Oct 2023 14:37:34 -0400 Subject: [PATCH 27/42] update readme Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index da3a989bf7..c000662f78 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -7,7 +7,7 @@ This tutorial guides you through deploying an Amazon EKS cluster with addons con The [GitOps Bridge Pattern](https://github.com/gitops-bridge-dev) enables Kubernetes administrators to utilize Infrastructure as Code (IaC) and GitOps tools for deploying Kubernetes Addons and Workloads. Addons often depend on Cloud resources that are external to the cluster. The configuration metadata for these external resources is required by the Addons' Helm charts. While IaC is used to create these cloud resources, it is not used to install the Helm charts. Instead, the IaC tool stores this metadata either within GitOps resources in the cluster or in a Git repository. The GitOps tool then extracts these metadata values and passes them to the Helm chart during the Addon installation process. This mechanism forms the bridge between IaC and GitOps, hence the term "GitOps Bridge." -More examples available on the [GitOps Bridge](https://github.com/gitops-bridge-dev): +Aditonal examples available on the [GitOps Bridge Pattern](https://github.com/gitops-bridge-dev): - [argocd-ingress](https://github.com/gitops-bridge-dev/gitops-bridge/tree/main/argocd/iac/terraform/examples/eks/argocd-ingress) - [aws-secrets-manager](https://github.com/gitops-bridge-dev/gitops-bridge/tree/main/argocd/iac/terraform/examples/eks/aws-secrets-manager) - [crossplane](https://github.com/gitops-bridge-dev/gitops-bridge/tree/main/argocd/iac/terraform/examples/eks/crossplane) From f49ac38eb47cb3b20956a24d4bca960ce748c6e0 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Sat, 28 Oct 2023 16:40:39 -0400 Subject: [PATCH 28/42] update e2e tfstate path Signed-off-by: Carlos Santana --- patterns/ipv6-eks-cluster/versions.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/patterns/ipv6-eks-cluster/versions.tf b/patterns/ipv6-eks-cluster/versions.tf index 63713abb40..c5ae1a14e3 100644 --- a/patterns/ipv6-eks-cluster/versions.tf +++ b/patterns/ipv6-eks-cluster/versions.tf @@ -20,6 +20,6 @@ terraform { # backend "s3" { # bucket = "terraform-ssp-github-actions-state" # region = "us-west-2" - # key = "e2e/ipv6-eks-cluster/terraform.tfstate" + # key = "e2e/getting-started-argocd/terraform.tfstate" # } } From 6afd7fb65d04a0e77201388ce9ccb0d5ce029c11 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Sat, 28 Oct 2023 19:29:00 -0400 Subject: [PATCH 29/42] fix readme Signed-off-by: Carlos Santana --- .../gitops/getting-started-argocd/README.md | 26 +++++++++---------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index c000662f78..115a64e541 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -109,12 +109,6 @@ Wait until all the ArgoCD applications' `HEALTH STATUS` is `Healthy`. Use Crl+C watch kubectl get applications -n argocd ``` -## Access ArgoCD -Access ArgoCD's UI, run the command from the output: -```shell -terraform output -raw access_argocd -``` - ### Verify the Addons Verify that the addons are ready: ```shell @@ -123,7 +117,11 @@ kubectl get deployment -n kube-system \ metrics-server ``` - +## Access ArgoCD +Access ArgoCD's UI, run the command from the output: +```shell +terraform output -raw access_argocd +``` ## Deploy the Workloads Deploy a sample application located in [k8s/game-2048.yaml](k8s/game-2048.yaml) using ArgoCD: @@ -148,18 +146,18 @@ Wait until the Ingress/game-2048 `MESSAGE` column value is `Successfully reconci kubectl events -n game-2048 --for ingress/game-2048 --watch ``` - - ### Access the Application using AWS Load Balancer -Retrieve the ingress URL for the application: +Verify the application endpoint health using `curl`: ```shell -echo "Application URL: http://$(kubectl get -n game-2048 ingress game-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')" +curl -I $(kubectl get -n game-2048 ingress game-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}') ``` -Verify the application enpoint health using `curl`: +The first line of the output should be `HTTP/1.1 200 OK`. + +Retrieve the ingress URL for the application: ```shell -curl -I $(kubectl get -n game-2048 ingress game-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}') +echo "Application URL: http://$(kubectl get -n game-2048 ingress game-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')" ``` -The first line of the output should have `HTTP/1.1 200 OK`. + ### Container Metrics Check the application's CPU and memory metrics: From a0702a7c10624995c4766eafd7cece00443262a0 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Mon, 30 Oct 2023 07:49:11 -0400 Subject: [PATCH 30/42] update readme Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/README.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index 115a64e541..5dba764a0e 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -34,6 +34,7 @@ Before you begin, make sure you have the following command line tools installed: ```shell export TF_VAR_gitops_addons_org=https://github.com/aws-samples export TF_VAR_gitops_addons_repo=eks-blueprints-add-ons +export TF_VAR_gitops_addons_revision=main ``` ### Fork the Workloads GitOps Repo @@ -42,12 +43,16 @@ export TF_VAR_gitops_addons_repo=eks-blueprints-add-ons ```shell export TF_VAR_gitops_workload_org=https://github.com/aws-ia export TF_VAR_gitops_workload_repo=terraform-aws-eks-blueprints +export TF_VAR_gitops_workload_revision=main ``` ## Deploy the EKS Cluster Initialize Terraform and deploy the EKS cluster: ```shell terraform init +terraform apply -target="module.vpc" -auto-approve +terraform apply -target="module.eks" -auto-approve +terraform apply -target="module.eks_blueprints_addons" -auto-approve terraform apply -auto-approve ``` Retrieve `kubectl` config, then execute the output command: From 86fcaa582f9f2951a510920111364d000ebf352e Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Mon, 30 Oct 2023 08:53:42 -0400 Subject: [PATCH 31/42] add variables to enable auto deploy addons and workloads Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/README.md | 11 +++++++++-- .../getting-started-argocd/bootstrap/workloads.yaml | 2 -- patterns/gitops/getting-started-argocd/main.tf | 11 +++++++++++ patterns/gitops/getting-started-argocd/variables.tf | 12 ++++++++++++ 4 files changed, 32 insertions(+), 4 deletions(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index 5dba764a0e..b221cde3d3 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -89,16 +89,19 @@ The output looks like the following: ``` The labels offer a straightforward way to enable or disable an addon in ArgoCD for the cluster. ```shell -kubectl get secret -n argocd -l argocd.argoproj.io/secret-type=cluster -o json | jq '.items[0].metadata.labels' +kubectl get secret -n argocd -l argocd.argoproj.io/secret-type=cluster -o json | jq '.items[0].metadata.labels' | grep -v false | jq . ``` The output looks like the following: ```json { + "argocd.argoproj.io/secret-type": "cluster", "aws_cluster_name": "getting-started-gitops", + "cluster_name": "in-cluster", "enable_argocd": "true", "enable_aws_load_balancer_controller": "true", "enable_metrics_server": "true", - "kubernetes_version": "1.28", + "environment": "dev", + "kubernetes_version": "1.28" } ``` @@ -169,6 +172,10 @@ Check the application's CPU and memory metrics: ```shell kubectl top pods -n game-2048 ``` +Check all pods CPU and memory metrics: +```shell +kubectl top pods -A +``` ## Destroy the EKS Cluster To tear down all the resources and the EKS cluster, run the following command: diff --git a/patterns/gitops/getting-started-argocd/bootstrap/workloads.yaml b/patterns/gitops/getting-started-argocd/bootstrap/workloads.yaml index 8c883ea346..abebd17f9e 100644 --- a/patterns/gitops/getting-started-argocd/bootstrap/workloads.yaml +++ b/patterns/gitops/getting-started-argocd/bootstrap/workloads.yaml @@ -29,6 +29,4 @@ spec: syncOptions: - CreateNamespace=true retry: - backoff: - duration: 1m limit: 60 diff --git a/patterns/gitops/getting-started-argocd/main.tf b/patterns/gitops/getting-started-argocd/main.tf index 42bfe363df..a4a0413d89 100644 --- a/patterns/gitops/getting-started-argocd/main.tf +++ b/patterns/gitops/getting-started-argocd/main.tf @@ -121,6 +121,16 @@ locals { } ) + argocd_app_of_appsets_addons = var.enable_gitops_auto_addons ? { + addons = file("${path.module}/bootstrap/addons.yaml") + } : {} + argocd_app_of_appsets_workloads = var.enable_gitops_auto_workloads ? { + workloads = file("${path.module}/bootstrap/workloads.yaml") + } : {} + + argocd_apps = merge(local.argocd_app_of_appsets_addons, local.argocd_app_of_appsets_workloads) + + tags = { Blueprint = local.name GithubRepo = "github.com/aws-ia/terraform-aws-eks-blueprints" @@ -137,6 +147,7 @@ module "gitops_bridge_bootstrap" { metadata = local.addons_metadata addons = local.addons } + apps = local.argocd_apps } ################################################################################ diff --git a/patterns/gitops/getting-started-argocd/variables.tf b/patterns/gitops/getting-started-argocd/variables.tf index d0ef0fe9b7..b4c7511302 100644 --- a/patterns/gitops/getting-started-argocd/variables.tf +++ b/patterns/gitops/getting-started-argocd/variables.tf @@ -74,3 +74,15 @@ variable "gitops_workload_path" { type = string default = "getting-started-argocd/k8s" } + +variable "enable_gitops_auto_addons" { + description = "Automatically deploy addons" + type = bool + default = false +} + +variable "enable_gitops_auto_workloads" { + description = "Automatically deploy addons" + type = bool + default = false +} From f57e831bea8c5c8e51d907b3904b30398bd329f7 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Mon, 30 Oct 2023 08:56:54 -0400 Subject: [PATCH 32/42] update destroy Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/destroy.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/patterns/gitops/getting-started-argocd/destroy.sh b/patterns/gitops/getting-started-argocd/destroy.sh index 79d24cd4d6..b957fa5293 100755 --- a/patterns/gitops/getting-started-argocd/destroy.sh +++ b/patterns/gitops/getting-started-argocd/destroy.sh @@ -13,10 +13,13 @@ terraform -chdir=$SCRIPTDIR output -raw configure_kubectl > "$TMPFILE" if [[ ! $(cat $TMPFILE) == *"No outputs found"* ]]; then source "$TMPFILE" kubectl delete -n argocd applicationset workloads + echo "Deleting ingress/svc for game-2048, takes a few minutes for Load Balancer to be deleted" + kubectl delete -n game-2048 ing game-2048 echo "Waiting for ingress and load balancer to be deleted" sleep 120 kubectl delete -n argocd applicationset cluster-addons kubectl delete -n argocd applicationset addons-argocd + echo "Deleting ingress/svc for argo-cd-argocd-server, takes a few minutes for Load Balancer to be deleted" kubectl delete -n argocd svc argo-cd-argocd-server fi From 251c20cca1805db5ca5f879b22c7daaa44562260 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Mon, 30 Oct 2023 08:59:56 -0400 Subject: [PATCH 33/42] fix typo Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index b221cde3d3..a6fc7bf465 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -7,7 +7,7 @@ This tutorial guides you through deploying an Amazon EKS cluster with addons con The [GitOps Bridge Pattern](https://github.com/gitops-bridge-dev) enables Kubernetes administrators to utilize Infrastructure as Code (IaC) and GitOps tools for deploying Kubernetes Addons and Workloads. Addons often depend on Cloud resources that are external to the cluster. The configuration metadata for these external resources is required by the Addons' Helm charts. While IaC is used to create these cloud resources, it is not used to install the Helm charts. Instead, the IaC tool stores this metadata either within GitOps resources in the cluster or in a Git repository. The GitOps tool then extracts these metadata values and passes them to the Helm chart during the Addon installation process. This mechanism forms the bridge between IaC and GitOps, hence the term "GitOps Bridge." -Aditonal examples available on the [GitOps Bridge Pattern](https://github.com/gitops-bridge-dev): +Additional examples available on the [GitOps Bridge Pattern](https://github.com/gitops-bridge-dev): - [argocd-ingress](https://github.com/gitops-bridge-dev/gitops-bridge/tree/main/argocd/iac/terraform/examples/eks/argocd-ingress) - [aws-secrets-manager](https://github.com/gitops-bridge-dev/gitops-bridge/tree/main/argocd/iac/terraform/examples/eks/aws-secrets-manager) - [crossplane](https://github.com/gitops-bridge-dev/gitops-bridge/tree/main/argocd/iac/terraform/examples/eks/crossplane) From 43dc94debf933f3e28cc1d9c512da8b68b7a11de Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Mon, 30 Oct 2023 10:32:57 -0400 Subject: [PATCH 34/42] update ipv6 Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/README.md | 3 ++- patterns/gitops/getting-started-argocd/destroy.sh | 2 -- patterns/ipv6-eks-cluster/versions.tf | 2 +- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index a6fc7bf465..adba6e98b4 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -26,6 +26,7 @@ Before you begin, make sure you have the following command line tools installed: - kubectl - argocd +TODO: move fork to the bottom appendix ## Fork the Git Repositories ### Fork the Addon GitOps Repo @@ -52,7 +53,6 @@ Initialize Terraform and deploy the EKS cluster: terraform init terraform apply -target="module.vpc" -auto-approve terraform apply -target="module.eks" -auto-approve -terraform apply -target="module.eks_blueprints_addons" -auto-approve terraform apply -auto-approve ``` Retrieve `kubectl` config, then execute the output command: @@ -125,6 +125,7 @@ kubectl get deployment -n kube-system \ metrics-server ``` +TODO: UI is not required, they can even disable the ui. ## Access ArgoCD Access ArgoCD's UI, run the command from the output: ```shell diff --git a/patterns/gitops/getting-started-argocd/destroy.sh b/patterns/gitops/getting-started-argocd/destroy.sh index b957fa5293..06f44bf77b 100755 --- a/patterns/gitops/getting-started-argocd/destroy.sh +++ b/patterns/gitops/getting-started-argocd/destroy.sh @@ -15,8 +15,6 @@ if [[ ! $(cat $TMPFILE) == *"No outputs found"* ]]; then kubectl delete -n argocd applicationset workloads echo "Deleting ingress/svc for game-2048, takes a few minutes for Load Balancer to be deleted" kubectl delete -n game-2048 ing game-2048 - echo "Waiting for ingress and load balancer to be deleted" - sleep 120 kubectl delete -n argocd applicationset cluster-addons kubectl delete -n argocd applicationset addons-argocd echo "Deleting ingress/svc for argo-cd-argocd-server, takes a few minutes for Load Balancer to be deleted" diff --git a/patterns/ipv6-eks-cluster/versions.tf b/patterns/ipv6-eks-cluster/versions.tf index c5ae1a14e3..63713abb40 100644 --- a/patterns/ipv6-eks-cluster/versions.tf +++ b/patterns/ipv6-eks-cluster/versions.tf @@ -20,6 +20,6 @@ terraform { # backend "s3" { # bucket = "terraform-ssp-github-actions-state" # region = "us-west-2" - # key = "e2e/getting-started-argocd/terraform.tfstate" + # key = "e2e/ipv6-eks-cluster/terraform.tfstate" # } } From 09ff5b9d3ff1e6542e6f89db55067099af571e9f Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Mon, 30 Oct 2023 17:21:12 -0400 Subject: [PATCH 35/42] add appendix Signed-off-by: Carlos Santana --- .../gitops/getting-started-argocd/README.md | 37 +++++++++---------- 1 file changed, 18 insertions(+), 19 deletions(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index adba6e98b4..fa4e1f05cf 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -26,26 +26,7 @@ Before you begin, make sure you have the following command line tools installed: - kubectl - argocd -TODO: move fork to the bottom appendix -## Fork the Git Repositories -### Fork the Addon GitOps Repo -1. Fork the git repository for addons [here](https://github.com/aws-samples/eks-blueprints-add-ons). -2. Update the following environment variables to point to your fork by changing the default values: -```shell -export TF_VAR_gitops_addons_org=https://github.com/aws-samples -export TF_VAR_gitops_addons_repo=eks-blueprints-add-ons -export TF_VAR_gitops_addons_revision=main -``` - -### Fork the Workloads GitOps Repo -1. Fork the git repository for this pattern [here](https://github.com/aws-ia/terraform-aws-eks-blueprints) -2. Update the following environment variables to point to your fork by changing the default values: -```shell -export TF_VAR_gitops_workload_org=https://github.com/aws-ia -export TF_VAR_gitops_workload_repo=terraform-aws-eks-blueprints -export TF_VAR_gitops_workload_revision=main -``` ## Deploy the EKS Cluster Initialize Terraform and deploy the EKS cluster: @@ -183,3 +164,21 @@ To tear down all the resources and the EKS cluster, run the following command: ```shell ./destroy.sh ``` + +## Appendix + +## Fork GitOps Repositories +To be able to modify the addons `values.yaml` or the workload manifest files, you will need to fork +the addons git repository [aws-samples/eks-blueprints-add-ons](https://github.com/aws-samples/eks-blueprints-add-ons) and +the patterns repository [github.com/aws-ia/terraform-aws-eks-blueprints](https://github.com/aws-ia/terraform-aws-eks-blueprints) + +Update the following environment variables to point to your forks by changing the default values: +```shell +export TF_VAR_gitops_addons_org=https://github.com/aws-samples +export TF_VAR_gitops_addons_repo=eks-blueprints-add-ons +export TF_VAR_gitops_addons_revision=main + +export TF_VAR_gitops_workload_org=https://github.com/aws-ia +export TF_VAR_gitops_workload_repo=terraform-aws-eks-blueprints +export TF_VAR_gitops_workload_revision=main +``` \ No newline at end of file From 05804dcd112a617b50bbe2829bf253708cd443d1 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Mon, 30 Oct 2023 17:58:43 -0400 Subject: [PATCH 36/42] update readme Signed-off-by: Carlos Santana --- .../gitops/getting-started-argocd/README.md | 35 +++++++++++++------ 1 file changed, 25 insertions(+), 10 deletions(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index fa4e1f05cf..4c97313f25 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -26,6 +26,8 @@ Before you begin, make sure you have the following command line tools installed: - kubectl - argocd +## (Optional) Fork the GitOps git repositories +See the appendix section [Fork GitOps Repositories](#fork-gitops-repositories) for more info on the terraform variables to override. ## Deploy the EKS Cluster @@ -131,24 +133,39 @@ Verify that the application configuration is present and the pod is running: ```shell kubectl get -n game-2048 deployments,service,ep,ingress ``` -Wait until the Ingress/game-2048 `MESSAGE` column value is `Successfully reconciled`. Crl+C to exit the `watch` command +The expected output should look like the following: +```text +NAME READY UP-TO-DATE AVAILABLE AGE +deployment.apps/game-2048 1/1 1 1 7h59m + +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +service/game-2048 ClusterIP 172.20.155.47 80/TCP 7h59m + +NAME ENDPOINTS AGE +endpoints/game-2048 10.0.13.64:80 7h59m + +NAME CLASS HOSTS ADDRESS PORTS AGE +ingress/game-2048 alb * k8s-<>.us-west-2.elb.amazonaws.com 80 7h59m +``` + +Wait until and event for ingress `game-2048` contains `Successfully reconciled`. Crl+C to exit the `watch` command ```shell kubectl events -n game-2048 --for ingress/game-2048 --watch ``` ### Access the Application using AWS Load Balancer -Verify the application endpoint health using `curl`: +Verify the application endpoint health using `wget`: ```shell -curl -I $(kubectl get -n game-2048 ingress game-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}') +kubectl exec -n game-2048 deploy/game-2048 -- \ +wget -S --spider $(kubectl get -n game-2048 ingress game-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}') ``` -The first line of the output should be `HTTP/1.1 200 OK`. +The output should contain `HTTP/1.1 200 OK`. -Retrieve the ingress URL for the application: +Retrieve the ingress URL: ```shell echo "Application URL: http://$(kubectl get -n game-2048 ingress game-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')" ``` - ### Container Metrics Check the application's CPU and memory metrics: ```shell @@ -168,11 +185,9 @@ To tear down all the resources and the EKS cluster, run the following command: ## Appendix ## Fork GitOps Repositories -To be able to modify the addons `values.yaml` or the workload manifest files, you will need to fork -the addons git repository [aws-samples/eks-blueprints-add-ons](https://github.com/aws-samples/eks-blueprints-add-ons) and -the patterns repository [github.com/aws-ia/terraform-aws-eks-blueprints](https://github.com/aws-ia/terraform-aws-eks-blueprints) +To modify the `values.yaml` file for addons or the workload manifest files (.ie yaml), you'll need to fork two repositories: [aws-samples/eks-blueprints-add-ons](https://github.com/aws-samples/eks-blueprints-add-ons) for addons and [github.com/aws-ia/terraform-aws-eks-blueprints](https://github.com/aws-ia/terraform-aws-eks-blueprints) for workloads located in this pattern directory. -Update the following environment variables to point to your forks by changing the default values: +After forking, update the following environment variables to point to your forks, replacing the default values. ```shell export TF_VAR_gitops_addons_org=https://github.com/aws-samples export TF_VAR_gitops_addons_repo=eks-blueprints-add-ons From df53dea4596e5018e741d279ca47bb1f688c4950 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Mon, 30 Oct 2023 18:07:51 -0400 Subject: [PATCH 37/42] getting started in tfstate path Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/versions.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/patterns/gitops/getting-started-argocd/versions.tf b/patterns/gitops/getting-started-argocd/versions.tf index 2de60d58ee..c3fb7ee058 100644 --- a/patterns/gitops/getting-started-argocd/versions.tf +++ b/patterns/gitops/getting-started-argocd/versions.tf @@ -20,6 +20,6 @@ terraform { # backend "s3" { # bucket = "terraform-ssp-github-actions-state" # region = "us-west-2" - # key = "e2e/ipv4-prefix-delegation/terraform.tfstate" + # key = "e2e/getting-started-argocd/terraform.tfstate" # } } From 8ea848db123772af33c95a15a1ea391e564192b3 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Mon, 30 Oct 2023 18:10:33 -0400 Subject: [PATCH 38/42] fix EOL Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index 4c97313f25..c05ed120ae 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -196,4 +196,4 @@ export TF_VAR_gitops_addons_revision=main export TF_VAR_gitops_workload_org=https://github.com/aws-ia export TF_VAR_gitops_workload_repo=terraform-aws-eks-blueprints export TF_VAR_gitops_workload_revision=main -``` \ No newline at end of file +``` From 2e60c578a90c9a0d8b10c384c8090d2e513ac204 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Wed, 1 Nov 2023 18:46:27 -0400 Subject: [PATCH 39/42] address PR feedback Signed-off-by: Carlos Santana --- .../gitops/getting-started-argocd/README.md | 102 ++++++++++++++++-- 1 file changed, 94 insertions(+), 8 deletions(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index c05ed120ae..e74a58a1e4 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -42,6 +42,17 @@ Retrieve `kubectl` config, then execute the output command: ```shell terraform output -raw configure_kubectl ``` +The expected output will have two lines you run in your terminal +```text +export KUBECONFIG="/tmp/getting-started-gitops" +aws eks --region us-west-2 update-kubeconfig --name getting-started-gitops +``` +>The first line sets the `KUBECONFIG` environment variable to a temporary file +that includes the cluster name. The second line uses the `aws` CLI to populate +that temporary file with the `kubectl` configuration. This approach offers the +advantage of not altering your existing `kubectl` context, allowing you to work +in other terminal windows without interference. + Terraform will add GitOps Bridge Metadata to the ArgoCD secret. The annotations contain metadata for the addons' Helm charts and ArgoCD ApplicationSets. @@ -95,10 +106,20 @@ kubectl apply -f bootstrap/addons.yaml ``` ### Monitor GitOps Progress for Addons -Wait until all the ArgoCD applications' `HEALTH STATUS` is `Healthy`. Use Crl+C to exit the `watch` command +Wait until all the ArgoCD applications' `HEALTH STATUS` is `Healthy`. +Use `Ctrl+C` or `Cmd+C` to exit the `watch` command. ArgoCD Applications +can take a couple of minutes in order to achieve the Healthy status. ```shell watch kubectl get applications -n argocd ``` +The expected output should look like the following: +```text +NAME SYNC STATUS HEALTH STATUS +addon-in-cluster-argo-cd Synced Healthy +addon-in-cluster-aws-load-balancer-controller Synced Healthy +addon-in-cluster-metrics-server Synced Healthy +cluster-addons Synced Healthy +``` ### Verify the Addons Verify that the addons are ready: @@ -106,14 +127,35 @@ Verify that the addons are ready: kubectl get deployment -n kube-system \ aws-load-balancer-controller \ metrics-server +kubectl get deploy -n argocd \ + argo-cd-argocd-applicationset-controller \ + argo-cd-argocd-repo-server \ + argo-cd-argocd-server +``` +The expected output should look like the following: +```text +NAME READY UP-TO-DATE AVAILABLE AGE +aws-load-balancer-controller 2/2 2 2 7m21s +metrics-server 1/1 1 1 7m41s +argo-cd-argocd-applicationset-controller 1/1 1 1 109m +argo-cd-argocd-repo-server 1/1 1 1 109m +argo-cd-argocd-server 1/1 1 1 109m ``` -TODO: UI is not required, they can even disable the ui. -## Access ArgoCD -Access ArgoCD's UI, run the command from the output: + +## (Optional) Access ArgoCD +Access to the ArgoCD's UI is completely optional, if you want to do it, +run the commands shown in the Terraform output as the example below: ```shell terraform output -raw access_argocd ``` +The expected output should contain the `kubectl` config followed by `kubectl` command to retrieve +the URL, username, password to login into ArgoCD UI or CLI. +```text +echo "ArgoCD Username: admin" +echo "ArgoCD Password: $(kubectl get secrets argocd-initial-admin-secret -n argocd --template="{{index .data.password | base64decode}}")" +echo "ArgoCD URL: https://$(kubectl get svc -n argocd argo-cd-argocd-server -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')" +``` ## Deploy the Workloads Deploy a sample application located in [k8s/game-2048.yaml](k8s/game-2048.yaml) using ArgoCD: @@ -122,11 +164,17 @@ kubectl apply -f bootstrap/workloads.yaml ``` ### Monitor GitOps Progress for Workloads -Watch until the Workloads ArgoCD Application is `Healthy` +Wait until all the ArgoCD applications' `HEALTH STATUS` is `Healthy`. +Use `Ctrl+C` or `Cmd+C` to exit the `watch` command. ArgoCD Applications +can take a couple of minutes in order to achieve the Healthy status. ```shell watch kubectl get -n argocd applications workloads ``` -Wait until the ArgoCD Applications `HEALTH STATUS` is `Healthy`. Crl+C to exit the `watch` command +The expected output should look like the following: +```text +NAME SYNC STATUS HEALTH STATUS +workloads Synced Healthy +``` ### Verify the Application Verify that the application configuration is present and the pod is running: @@ -152,6 +200,11 @@ Wait until and event for ingress `game-2048` contains `Successfully reconciled`. ```shell kubectl events -n game-2048 --for ingress/game-2048 --watch ``` +The expected output should look like the following: +```text +LAST SEEN TYPE REASON OBJECT MESSAGE +11m Normal SuccessfullyReconciled Ingress/game-2048 Successfully reconciled +``` ### Access the Application using AWS Load Balancer Verify the application endpoint health using `wget`: @@ -159,7 +212,14 @@ Verify the application endpoint health using `wget`: kubectl exec -n game-2048 deploy/game-2048 -- \ wget -S --spider $(kubectl get -n game-2048 ingress game-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}') ``` -The output should contain `HTTP/1.1 200 OK`. +The expected output should look like the following: +```text + HTTP/1.1 200 OK + Date: Wed, 01 Nov 2023 22:44:57 GMT + Content-Type: text/html + Content-Length: 3988 +``` +>A success response should contain `HTTP/1.1 200 OK`. Retrieve the ingress URL: ```shell @@ -171,10 +231,36 @@ Check the application's CPU and memory metrics: ```shell kubectl top pods -n game-2048 ``` -Check all pods CPU and memory metrics: +The expected output should look like the following: +```text +NAME CPU(cores) MEMORY(bytes) +game-2048-66fb78b995-hqbjv 1m 2Mi +``` +Check the CPU and memory metrics for all pods for Addons and Workloads: ```shell kubectl top pods -A ``` +The expected output should look like the following: +```text +NAMESPACE NAME CPU(cores) MEMORY(bytes) +argocd argo-cd-argocd-application-controller-0 43m 138Mi +argocd argo-cd-argocd-applicationset-controller-5db688844c-79skp 1m 25Mi +argocd argo-cd-argocd-dex-server-cd48d7bc-x7flf 1m 16Mi +argocd argo-cd-argocd-notifications-controller-7d7ccc6b9d-dg9r6 1m 17Mi +argocd argo-cd-argocd-redis-7f89c69877-6mmcj 2m 3Mi +argocd argo-cd-argocd-repo-server-644b9b5668-m9ddg 8m 62Mi +argocd argo-cd-argocd-server-57cbbd6f94-lp4wx 2m 26Mi +game-2048 game-2048-66fb78b995-hqbjv 1m 2Mi +kube-system aws-load-balancer-controller-8488df87c-4nxv6 2m 26Mi +kube-system aws-load-balancer-controller-8488df87c-zs4p6 1m 19Mi +kube-system aws-node-ck6vq 3m 57Mi +kube-system aws-node-fvvsg 3m 56Mi +kube-system coredns-59754897cf-5rlxp 1m 13Mi +kube-system coredns-59754897cf-fn7jb 1m 13Mi +kube-system kube-proxy-lzbdc 1m 11Mi +kube-system kube-proxy-pdvlm 1m 12Mi +kube-system metrics-server-5b76987ff-5gzsv 4m 17Mi +``` ## Destroy the EKS Cluster To tear down all the resources and the EKS cluster, run the following command: From 42a66c4dd9b17a8e815fe8be9725123dcb9108c0 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Wed, 1 Nov 2023 18:51:52 -0400 Subject: [PATCH 40/42] update readme Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/README.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index e74a58a1e4..84ec2d1f8f 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -196,7 +196,10 @@ NAME CLASS HOSTS ADDRESS PORTS ingress/game-2048 alb * k8s-<>.us-west-2.elb.amazonaws.com 80 7h59m ``` -Wait until and event for ingress `game-2048` contains `Successfully reconciled`. Crl+C to exit the `watch` command +Wait until and event for ingress `game-2048` contains `Successfully reconciled`. +Use the Crl+C to exit the `watch` command. AWS Load Balancer can take a couple of +minutes in order to be created. +Hit Ctrl+C or Cmd+C to exit the watch command. ```shell kubectl events -n game-2048 --for ingress/game-2048 --watch ``` @@ -221,7 +224,7 @@ The expected output should look like the following: ``` >A success response should contain `HTTP/1.1 200 OK`. -Retrieve the ingress URL: +Retrieve the ingress URL to access the application in your local web browser. ```shell echo "Application URL: http://$(kubectl get -n game-2048 ingress game-2048 -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')" ``` From 64c0bfca72d8cb961671c91462436da15cef4216 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Wed, 1 Nov 2023 21:44:31 -0400 Subject: [PATCH 41/42] Update patterns/gitops/getting-started-argocd/README.md Co-authored-by: Rodrigo Bersa --- patterns/gitops/getting-started-argocd/README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index 84ec2d1f8f..6f9830c91e 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -196,10 +196,10 @@ NAME CLASS HOSTS ADDRESS PORTS ingress/game-2048 alb * k8s-<>.us-west-2.elb.amazonaws.com 80 7h59m ``` -Wait until and event for ingress `game-2048` contains `Successfully reconciled`. -Use the Crl+C to exit the `watch` command. AWS Load Balancer can take a couple of -minutes in order to be created. -Hit Ctrl+C or Cmd+C to exit the watch command. +AWS Load Balancer can take a couple of minutes in order to be created. + +Run the following command and wait until and event for ingress `game-2048` contains `Successfully reconciled`. +Use `Ctrl+C` or `Cmd+C`to exit the `watch` command. ```shell kubectl events -n game-2048 --for ingress/game-2048 --watch ``` From 9ba8523f4a9f627500ca47a5ac7df4e3f519b117 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Wed, 1 Nov 2023 21:47:37 -0400 Subject: [PATCH 42/42] remove trailing white space Signed-off-by: Carlos Santana --- patterns/gitops/getting-started-argocd/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/patterns/gitops/getting-started-argocd/README.md b/patterns/gitops/getting-started-argocd/README.md index 6f9830c91e..80c0e06663 100644 --- a/patterns/gitops/getting-started-argocd/README.md +++ b/patterns/gitops/getting-started-argocd/README.md @@ -199,7 +199,7 @@ ingress/game-2048 alb * k8s-<>.us-west-2.elb.amazonaws.com 80 AWS Load Balancer can take a couple of minutes in order to be created. Run the following command and wait until and event for ingress `game-2048` contains `Successfully reconciled`. -Use `Ctrl+C` or `Cmd+C`to exit the `watch` command. +Use `Ctrl+C` or `Cmd+C`to exit the `watch` command. ```shell kubectl events -n game-2048 --for ingress/game-2048 --watch ```