Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Plugin integration with verification workflow #101

Merged
merged 14 commits into from
Aug 19, 2022
Merged

Plugin integration with verification workflow #101

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
bcf3c52
Verification Plugin integration with verification workflow
rgnote Aug 4, 2022
4e5d10d
Add signing authority verification unit tests
rgnote Aug 5, 2022
d39980e
unit tests boilerplate
rgnote Aug 5, 2022
dd95fef
add verification plugin unit tests
rgnote Aug 7, 2022
905d3aa
support plugin config
rgnote Aug 8, 2022
018b5a5
Address PR comments
rgnote Aug 9, 2022
9bf041f
Merge branch 'main' into extended-verification
rgnote Aug 9, 2022
a489203
resolve merge conflicts
rgnote Aug 9, 2022
32a4474
fix typos
rgnote Aug 9, 2022
6a52dc8
address comments
rgnote Aug 11, 2022
54ba9e7
add signingTime to plugin
rgnote Aug 12, 2022
06a6cdc
Remove SigningTime
rgnote Aug 16, 2022
402920a
Merge branch 'main' into extended-verification
dtzar Aug 17, 2022
29a39b9
Merge branch 'main' into extended-verification
rgnote Aug 18, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
69 changes: 57 additions & 12 deletions internal/mock/mocks.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
package mock

import _ "embed"
import (
_ "embed"
nsigner "github.com/notaryproject/notation-core-go/signer"
)

import (
"context"
Expand All @@ -20,6 +23,9 @@ var MockCaInvalidSigEnv []byte
//go:embed testdata/sa_valid_sig_env.json
var MockSaValidSigEnv []byte

//go:embed testdata/ca_plugin_sig_env.json
var MockCaPluginSigEnv []byte // extended attributes are "SomeKey":"SomeValue", "io.cncf.notary.verificationPlugin":"plugin-name"

//go:embed testdata/sa_invalid_sig_env.json
var MockSaInvalidSigEnv []byte

Expand All @@ -29,16 +35,30 @@ var MockCaExpiredSigEnv []byte
//go:embed testdata/sa_expired_sig_env.json
var MockSaExpiredSigEnv []byte

//go:embed testdata/sa_plugin_sig_env.json
var MockSaPluginSigEnv []byte // extended attributes are "SomeKey":"SomeValue", "io.cncf.notary.verificationPlugin":"plugin-name"

var (
SampleArtifactUri = "registry.acme-rockets.io/software/net-monitor@sha256:73c803930ea3ba1e54bc25c2bdc53edd0284c62ed651fe7b00369da519a3c333"
SampleDigest = digest.FromString("sha256:73c803930ea3ba1e54bc25c2bdc53edd0284c62ed651fe7b00369da519a3c333")
Annotations = map[string]string{"key": "value"}
SampleArtifactUri = "registry.acme-rockets.io/software/net-monitor@sha256:60043cf45eaebc4c0867fea485a039b598f52fd09fd5b07b0b2d2f88fad9d74e"
SampleDigest = digest.Digest("sha256:60043cf45eaebc4c0867fea485a039b598f52fd09fd5b07b0b2d2f88fad9d74e")
Annotations = map[string]string{"key": "value"}
ImageDescriptor = notation.Descriptor{
MediaType: "application/vnd.docker.distribution.manifest.v2+json",
Digest: SampleDigest,
Size: 528,
Annotations: nil,
}
JwsSigEnvDescriptor = notation.Descriptor{
MediaType: "application/jose+json",
Digest: SampleDigest,
Size: 100,
Annotations: Annotations,
}
PluginExtendedCriticalAttribute = nsigner.Attribute{
Key: "SomeKey",
Critical: true,
Value: "SomeValue",
}
)

type Repository struct {
Expand All @@ -52,7 +72,7 @@ type Repository struct {

func NewRepository() Repository {
return Repository{
ResolveResponse: JwsSigEnvDescriptor,
ResolveResponse: ImageDescriptor,
ListSignatureManifestsResponse: []registry.SignatureManifest{{
Blob: JwsSigEnvDescriptor,
Annotations: Annotations,
Expand All @@ -77,15 +97,40 @@ func (t Repository) PutSignatureManifest(ctx context.Context, signature []byte,
return notation.Descriptor{}, registry.SignatureManifest{}, nil
}

type PluginManager struct{}
type PluginManager struct {
PluginCapabilities []plugin.Capability
GetPluginError error
PluginRunnerLoadError error
PluginRunnerExecuteResponse interface{}
PluginRunnerExecuteError error
}

type PluginRunner struct {
Response interface{}
Error error
}

func NewPluginManager() PluginManager {
return PluginManager{}
func (pr PluginRunner) Run(ctx context.Context, req plugin.Request) (interface{}, error) {
return pr.Response, pr.Error
}

func (t PluginManager) Get(ctx context.Context, name string) (*manager.Plugin, error) {
return nil, nil
func (pm PluginManager) Get(ctx context.Context, name string) (*manager.Plugin, error) {
return &manager.Plugin{
Metadata: plugin.Metadata{
Name: "plugin-name",
Description: "for mocking in unit tests",
Version: "1.0.0",
URL: ".",
SupportedContractVersions: []string{"1.0"},
Capabilities: pm.PluginCapabilities,
},
Path: ".",
Err: nil,
}, pm.GetPluginError
}
func (t PluginManager) Runner(name string) (plugin.Runner, error) {
return nil, nil
func (pm PluginManager) Runner(name string) (plugin.Runner, error) {
return PluginRunner{
Response: pm.PluginRunnerExecuteResponse,
Error: pm.PluginRunnerExecuteError,
}, pm.PluginRunnerLoadError
}
8 changes: 4 additions & 4 deletions internal/mock/testdata/ca_expired_sig_env.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
{
"payload": "eyJ0YXJnZXRBcnRpZmFjdCI6eyJtZWRpYVR5cGUiOiJhcHBsaWNhdGlvbi92bmQuZG9ja2VyLmRpc3RyaWJ1dGlvbi5tYW5pZmVzdC52Mitqc29uIiwiZGlnZXN0Ijoic2hhMjU2OjYwMDQzY2Y0NWVhZWJjNGMwODY3ZmVhNDg1YTAzOWI1OThmNTJmZDA5ZmQ1YjA3YjBiMmQyZjg4ZmFkOWQ3NGUiLCJzaXplIjo1Mjh9fQ",
"protected": "eyJhbGciOiJQUzM4NCIsImNyaXQiOlsiaW8uY25jZi5ub3Rhcnkuc2lnbmluZ1NjaGVtZSIsImlvLmNuY2Yubm90YXJ5LmV4cGlyeSJdLCJjdHkiOiJhcHBsaWNhdGlvbi92bmQuY25jZi5ub3RhcnkucGF5bG9hZC52MStqc29uIiwiaW8uY25jZi5ub3RhcnkuZXhwaXJ5IjoiMjAyMi0wNy0yOVQyMzo1OTowMFoiLCJpby5jbmNmLm5vdGFyeS5zaWduaW5nU2NoZW1lIjoibm90YXJ5Lng1MDkiLCJpby5jbmNmLm5vdGFyeS5zaWduaW5nVGltZSI6IjIwMjItMDctMjlUMjM6NTg6MDBaIn0",
"protected": "eyJhbGciOiJQUzM4NCIsImNyaXQiOlsiaW8uY25jZi5ub3Rhcnkuc2lnbmluZ1NjaGVtZSIsImlvLmNuY2Yubm90YXJ5LmV4cGlyeSJdLCJjdHkiOiJhcHBsaWNhdGlvbi92bmQuY25jZi5ub3RhcnkucGF5bG9hZC52MStqc29uIiwiaW8uY25jZi5ub3RhcnkuZXhwaXJ5IjoiMjAyMi0wNy0yOVQyMzo1OTowMFoiLCJpby5jbmNmLm5vdGFyeS5zaWduaW5nU2NoZW1lIjoibm90YXJ5Lng1MDkiLCJpby5jbmNmLm5vdGFyeS5zaWduaW5nVGltZSI6IjIwMjItMDctMjlUMDA6MDA6MDBaIn0",
"header": {
"x5c": [
"MIIEVjCCAr6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJVUzELMAkGA1UECBMCV0ExEDAOBgNVBAcTB1NlYXR0bGUxDzANBgNVBAoTBk5vdGFyeTEbMBkGA1UEAxMSTm90YXRpb24gVGVzdCBSb290MB4XDTIyMDcyOTIzMDIwMVoXDTIyMDczMDIzMDIwMVowWjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAldBMRAwDgYDVQQHEwdTZWF0dGxlMQ8wDQYDVQQKEwZOb3RhcnkxGzAZBgNVBAMTEk5vdGF0aW9uIFRlc3QgUm9vdDCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAMiYbKR+FvRlMvlAA0xDwutU613MzfGZTX9L3eLjhC++CpPb7mULy0J77JxEzVNer2JCwcFl3yjO2/uMAh20Ler0IDQtVsH5LEDlB+4GPWcEeCbiRUx2d9ImT6Kuo/yOeUptrhcW0978KmBSaNUKRx4OgHwPSg9rh6m4WKCOE56cnAUB2aY0t4RhbAPF+8NK8UTGa3YNYVvlawEF31rJVdyhqGZErFpD54VCXpEe6u4gL7jsIKEfMA0bOLQMtYGD+USspFVnHE+EnEEMpsmtT1s/Tv7EambxX8y5fPV/oNytsUnFBxLxc922OkK5v2JUXaFjctHGaKsuk4LTmg9yO8L1VXTms5e8gQupFNNSlbzY8zswSY1gUxwHL4rUrtEI6x2eqf5wVmBbeidwYjItySgPyUT2GNR+Wg5rFzQD2/ikF7h7kQdryq3T0/r2Kgo24paDVHR+Mt1xa2iXAxhs0eKwPx3N/AOvaT6qN3NDaDSXFTgIf4VeUYUNUDxFcFrbHwIDAQABoycwJTAOBgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwMwDQYJKoZIhvcNAQELBQADggGBAI/gys4fpygZVa2ajYjeZoEg2HLEI5DukGVuAmv+zBMdevf9rCHQJUrgQ4FgFo4CAKMfZYQ7XUaEUvQFdQnbDWnUXTTMW/x5/QZmh8ArDNY2D1oof0+ndo1wdhzue7MjEYvC/NMGUOoKsYzds67wwA4xnu5tjIpMXcMMS38IxI+XIQkgQ4lIPE+2/8zUMBnQANTfHlIcznDwL5Xq/6PoCN9XOYfJZuHvzRJIvAttZnalHfGM3l44qh4F1Amb5ScQJN7PTbJM1LDQqEDpreevEVgHnG7AnYFyaHjXkOmgoEma+QmUypZSqVCVzdyJNntEaebhMmDij11lszN/yiUS2Ywl5deHhE/kAb8xPBd3WlfR2XeA3Ery9GXda5zoxTAu9ALormhbD6nU5GrsV6MTpCLIdMrXzOOjrPii7Xcxrna48MOkL+CeTrNG8/6/jT4MSoisyfur26bHSuOLrNXwhe/Gx3Rm/xLZmPkx78hyATBJGnMg4XpT0wseOalUAIZ51g==",
"MIIEiTCCAvGgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJVUzELMAkGA1UECBMCV0ExEDAOBgNVBAcTB1NlYXR0bGUxDzANBgNVBAoTBk5vdGFyeTEbMBkGA1UEAxMSTm90YXRpb24gVGVzdCBSb290MB4XDTIyMDcyOTIzMDIwMFoXDTIyMDgyOTIzMDIwMFowWjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAldBMRAwDgYDVQQHEwdTZWF0dGxlMQ8wDQYDVQQKEwZOb3RhcnkxGzAZBgNVBAMTEk5vdGF0aW9uIFRlc3QgUm9vdDCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALbo3jsPh/LGmpLlbsxlTgqcyYXrxP07UzwpVkGIginXahSpnDYavk/b4vdRtSm0I/bRnrdWRTOufgsDeocWhcqgorWmiI/fg9SP9InLdVT33aqTiMlcpi+SP1AMMeESLrOSnI41lLSKl6KmV94nF7rIBL/8uSwSrzTdSOoM63fzeO5QMG+Y/ux5s4BxGbqX/SraCGrap6RXHuazmQ8getp8lq7HTUHx2AEF0DzloZbEj+AJD68DqlEvPh8lytUdYR9ou1aNt6o4dj6kcr06bjwVLNrIquE0whWi4o+6dXK9CS0t40MgGy8hu16uYDZ01HzsHenHkcgn7yqwEqCxz5Ba0U7iRf3qbdZ9KX7ImTWKR0Uwqpix2RVBNWGCVJAtfEnV94KytFmb8AibEnjhFwjA7QM9F6WlykeGAjVqG3OMssVCv6NaufDJQOpx+yGLuaESBYtMvoqAfmltY5j+ATj7GMsZ1NzA292lVSOnxuh9M1pcCmIPXl7Aty08A16FfQIDAQABo1owWDAOBgNVHQ8BAf8EBAMCAgQwEwYDVR0lBAwwCgYIKwYBBQUHAwMwEgYDVR0TAQH/BAgwBgEB/wIBATAdBgNVHQ4EFgQU3cTJUV7Q1AFpJXvj1lK3CYzCD4QwDQYJKoZIhvcNAQELBQADggGBAAjHRe/IlWXhr4mDVcrPSTJtNiyU0GdlGoYqs2w81JPFjlB5TGFPb6WfYPQZo6V4MFO3NxY1Hyx/dJ5oFpglaQw2ouhAcqmPsvUoVCGNSfNgNjfq73GlZQbcgMtEYk57gUAJj1j1pdoalLLRL4Q98R92UNAtqx9qcRWX5MAdblKYlxATJ/tnbxQ6GQOmkpN6aWj2EXIlQ9aI5gc0tdRIOK7LKA3o4XK7hHj6rofpVZ0caLd05mcfNLUeuaDScu0q+5TABhGfk4Q//C0WR/bDouqV5/9zs0ye23RAh1CNKGf+ZrmqiHTo0Z0RzzzWlPkOiHHeJB+KLTFbBFz+p6KRvqkLxEMVTt1igP7DWbLQwvIVMtgFabqrR0k5Iex9ejSpP0FJniVVANNRRw1+setBRu5CdejDPO3Z5TbwcDy5bKZswgY0lVmeNr9BfNHW/wh+ttErf3zP2iObOAJUAlyDDTpVW5mmfG9ihr1gQHQ+bVCxbBLehvCnrTYTPbKNE8oHVA=="
"MIIEWDCCAsCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJVUzELMAkGA1UECBMCV0ExEDAOBgNVBAcTB1NlYXR0bGUxDzANBgNVBAoTBk5vdGFyeTEbMBkGA1UEAxMSTm90YXRpb24gVGVzdCBSb290MCAXDTIwMTAwOTA3MDAwMFoYDzIxMjIwODA2MjAzODQ1WjBaMQswCQYDVQQGEwJVUzELMAkGA1UECBMCV0ExEDAOBgNVBAcTB1NlYXR0bGUxDzANBgNVBAoTBk5vdGFyeTEbMBkGA1UEAxMSTm90YXRpb24gVGVzdCBSb290MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAwE8YkFUAA0R7aUkRYxHKYoVbFPx9xhuNovLKDy72/7X0+j4XdGP4C0aAX2KLfgy9OR1RIUwtpMyI7k7ZFRd+ljcMW/FgbirfhkY/8axjamOYMBO0Qg+w93oaI6HA1gvZ/WZem4PHu68LlZhLQ2BrQwCz/F/3Ft0IZ2S1aF6N6vajx2le8xTI5hQS+UZFPQGrBUqrjcYc6GkL8XqL+rLGZaKGfh3c7bF9cEbA1H2Tm6MDFnfoFemerbP3v19JoUH+EtOnvYmNZWEU51RaLsNGkC3E/unXAnIfXrNxHDcbehyfa5y3AT10Shiron6O4Bc9S0MvwtXyLT6qein3Nh0VKBFUMSdthu5ZrSR28T9wDWHMXngpa115VjHOQDY3gDPwfzZ0xitN3NpMnivxculGUCkEQpst957tqQNJpS/zipI5Mtej0YOAhVKGQMjDIJekZ2DXDNd1X3xfahrR5VEQF0gnRFhA3vhycDqFj4E6Hoc5y3SxnFqrhX3w2wyFt/xRAgMBAAGjJzAlMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzANBgkqhkiG9w0BAQsFAAOCAYEAAdONCAJxdB7H0uFDw6H+8Z5MtoRdJe6ZhlM2O5WMzkC1DLSyrF7arPnUMTeSyNS2Fx1BU38n5R1wvdgSfWtjm7o2ZyR8JQ+AngPklUCTNeL18kxNNXpmjDuMvsRlfHcr5hherjiQ49jWlpFqGRrNtZQWiVEI0r9Qz8DtZTw3GYF4MSuotA6wuUjolI1V2oMn/gdt8FFo0XUTDyiA12qpZzkUHY1rg3zJxKq3pIk04E7k6rFakHyZL91ipV2UeSbNq9vwLL7cglfPJ8+J+9AKvIPDstDF5k0ivUCYH5fIFZBGoceLiNfHSMcqA/qWfErqLBWAkACRUNyCWpAEv3DfDRbTHId0n6QQwOXj5d9YnDrmOLvQcn/sa+ZBfFMK7RdG9uVwMRyo+sRUnxo+v2lcvYwWymL7ONQqVWZbTJCxuG90Unxa3cQHZiKB5mgKweMft+vp6C3IQFhFfP8j1kvRTJq8ZqSEBADppUuBZJ1KWalwauK0AE4jpHlE0KsYDXiP",
"MIIEizCCAvOgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJVUzELMAkGA1UECBMCV0ExEDAOBgNVBAcTB1NlYXR0bGUxDzANBgNVBAoTBk5vdGFyeTEbMBkGA1UEAxMSTm90YXRpb24gVGVzdCBSb290MCAXDTIwMDkwOTA3MDAwMFoYDzIxMjIwOTA1MjAzODQ1WjBaMQswCQYDVQQGEwJVUzELMAkGA1UECBMCV0ExEDAOBgNVBAcTB1NlYXR0bGUxDzANBgNVBAoTBk5vdGFyeTEbMBkGA1UEAxMSTm90YXRpb24gVGVzdCBSb290MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAxxAZ8VZegqBUctz3BkwhObZKnW+KsN5/N1/u2vPLmEzHDj6xgd8Hn0JoughDaxeQCV66NC2obqPnPp4+68G/qZnxkXVXdFyqVodu4FgPUjiqcJjft7bh45BVgLFpOqSqDQ3ko30B7gdGfIIkoBj/8gz3tHnmIvl3MywtOhDeGnlLNzBY52wVmhPIdKOaW/7WkMrXKFCkLkNICGnIpWuyBtC+7RfM8hG6eRW1KCm5xrkRmn5ptonjxix/JTGj4me/NMkwdVkz6wcCSAJnqTgHi2oqk73qqNu0LHsEMFBF8IGqmVkn2MOHkFamPBokzQ6HXXfvR4nbcWQZCUgRinPTVg9CF0B6XSCEMCSH5kveZxTQtAFRB6NosbzuU5jDmJgpbDfauev7Eg/6bZzphcugRkVuwulymzsake5Jbvs9Kyw3CNPYH2G3Kli1FNhfc46ugXHbIfXgNQcou3xabcu+r6cFRqqK6NmV9ouMQRj8Ri95Gp2BUlpTEFhcvMb9d4nXAgMBAAGjWjBYMA4GA1UdDwEB/wQEAwICBDATBgNVHSUEDDAKBggrBgEFBQcDAzASBgNVHRMBAf8ECDAGAQH/AgEBMB0GA1UdDgQWBBS5FZjt9UsEPkcKrStrnjSpTq4kDTANBgkqhkiG9w0BAQsFAAOCAYEAKtxfv12LzM85bxOMp5++pIDa6eMcBaurYbAM2yC9B6LuHf0JGeFdNqt4Fw38Ajooj2vWMWBrARVEZRVqTC5+ZSN2meGBXBXlT4n8FdEdmv+05iwVYdmDFp8FKeoOZZZF23u+r2OrazJo1ufWmoSI2P0lEfZQQFQElltWu3QH+OLOWXJmB7KbLKyheelGK5XhtAYYapRdW4sKJ398ybpv5C1oALCcTwoSmvH8wW5J4/gjmhKICYh2goMauf0lesdxj+0His7E8blOWrUmfOB5dp73XawLKcd/UxHN8zAPC08LDL9NMcihn3ZHKi7/dtkiV2iSaDPD1ChSGdqfXIysYqOhYoktgAfBZ43CWnqQhgB8NezRKdOStYC3P2AGJW18irxxTRp2CO+gnXEcyhyr+cvyf0j8MkRSaHLXzjIrECu8BUitB6sKughdN13fs5t5SIiO6foeFdvIpZFFKO8s+4oTOSDCos2WFoC+8TZS6r583OtFLmywl1HRgQkobGgw"
],
"io.cncf.notary.SigningAgent": "Notation/1.0.0"
},
"signature": "mj-c1cVKCDUl9811YMvY5uRweSL1JeRBAVreAHJoBfULmbF2pMB3vVQOKYkY2rDnlUIqIrh6GiBG65tgr0ZCXeGvGWvL651FtCXhqwx3sJpqOLmoxZMV_Nbom0VBoQWAyyPNCn5j0Z4Gp8o4KMsbv2DseIC9nsli9VZaNJkXU2rLZquQALYUI-InxsHM2hCjo-HG_U9zZlm9XH4bZl9fDIg-O-Id78JBP2ugdn2WW4XshFmWJiuJbHN59gDaW5HPHzPpj1VvUS-sScKTm3juH2fImgyysgtX2uw8c79sEf4uO007cVgHXrKeSwtNiDP3qQZaEzHCHcFsucUQKTIz1dcA519s3rYFAMegL-Ki8Vv-OGVQwIc_17zCrQl0QklFZCRvwdEGkKPysPmZVghAuoJ1kD58FwEYHCiT1IKJ2RN2liwHvZwkTGBpzQRTZQe1oKkSiyFLnHE2WkrCudvGv61qswA3_dMmpm3w6tYm-oseFPUnf8iXOOM5ZS-_VBjZ"
"signature": "RZtqCD4KGh5_CD8wjG69TJIzzB4Cr-cxQhKTvZJYsRVIJyl3s5D0215GhBrggomVk9-LGD2FdWd2VfuaLd4bmhW3rSV3ltmAext7DNQFg2xtMeYSeCL2U_ygN2j4bc80RDaX8w_zOTVOmuhW6i2jgwRjWXdDaJeYTbZA2syA5R38tYYewVcZJ6U057Wsflt5yPWJCdxZLuTago5CkbLASL8HHnmlUkDvKKB1Y9SNDOQ3AmGP4-XJykcX_MfPo5RGRvZE-zHUJOEKj3ryfC0UTUT7V1ISTagqOt7zOa1BEzgQ-1GQk1MbaPPZWkiOZX4RqMXMV3hVqtDuZxlpT25KzZPm1USwWwJkycv7YB69fc2aoHJAPo-39uEV9fdAz_03whnrQSpfJbmHHTXMJkWKrZ5ozU-8zlEttWyL5D85zAouSMVXWm22zMrDW-XxST9QoeV4b1_BedW1PwJDbeU6P1hhobnQh3jHmSueVl_WZ5_g8_iVepSmSBcR1e4WpoPi"
}
Loading