From f24db42c800412554da416509b64e4169594aa98 Mon Sep 17 00:00:00 2001 From: bhlohumi Date: Thu, 18 Apr 2024 23:42:56 +0530 Subject: [PATCH 01/26] Automation Toolkit Release v2024.2.1 --- Dockerfile | 65 +- OCIWorkVMStack/data_sources.tf | 15 +- OCIWorkVMStack/installToolkit.sh | 2 +- OCIWorkVMStack/locals.tf | 2 +- OCIWorkVMStack/schema.yaml | 8 +- .../BaseNetwork/create_all_tf_objects.py | 7 +- .../export_network_nonGreenField.py | 6 +- .../LoadBalancers/export_nlb_nonGreenField.py | 3 +- .../templates/backend-set-template | 8 +- .../templates/nlb-backend-set-template | 5 +- .../LoadBalancers/templates/nlb-template | 4 + cd3_automation_toolkit/Release-Notes | 10 + cd3_automation_toolkit/cd3Validator.py | 26 +- cd3_automation_toolkit/cis_reports.py | 659 ++++++++---------- cd3_automation_toolkit/commonTools.py | 13 + .../example/CD3-Blank-template.xlsx | Bin 184975 -> 186454 bytes .../example/CD3-CIS-template.xlsx | Bin 245052 -> 246513 bytes .../example/CD3-HubSpoke-template.xlsx | Bin 214700 -> 216189 bytes .../example/CD3-SingleVCN-template.xlsx | Bin 234738 -> 236205 bytes cd3_automation_toolkit/setUpOCI.py | 121 +++- cd3_automation_toolkit/shell_script.sh | 88 +-- .../user-scripts/createTenancyConfig.py | 45 +- .../outdir_structure_file.properties | 1 + .../user-scripts/terraform/firewall.tf | 204 +++--- .../user-scripts/terraform/identity.tf | 28 +- .../user-scripts/terraform/instance.tf | 40 +- .../user-scripts/terraform/loadbalancer.tf | 1 + .../loadbalancer/lb-backend-set/main.tf | 1 + .../loadbalancer/lb-backend-set/variables.tf | 5 + .../terraform/modules/network/subnet/main.tf | 5 +- .../modules/network/subnet/variables.tf | 2 - .../networkloadbalancer/nlb-backend/main.tf | 1 + .../nlb-backend/variables.tf | 6 + .../nlb-backendset/main.tf | 2 + .../nlb-backendset/variables.tf | 12 + .../modules/networkloadbalancer/nlb/main.tf | 1 + .../networkloadbalancer/nlb/variables.tf | 5 + .../user-scripts/terraform/network.tf | 101 ++- .../terraform/networkloadbalancer.tf | 4 + .../user-scripts/terraform/object-storage.tf | 2 +- .../user-scripts/terraform/provider.tf | 2 +- .../user-scripts/terraform/sddc.tf | 46 +- .../user-scripts/terraform/seclist.tf | 60 ++ .../terraform/variables_example.tf | 281 ++++---- jenkins_install/init/01_jenkins-config.groovy | 264 ++----- jenkins_install/init/02_jenkins-view.groovy | 109 ++- jenkins_install/jcasc.yaml | 5 + jenkins_install/jenkins.sh | 6 +- jenkins_install/multiOutput-tf-destroy.groovy | 154 ---- jenkins_install/multiOutput.groovy | 198 ------ jenkins_install/plugins.txt | 27 +- .../scripts/AdditionalFilters.groovy | 212 +++--- .../scriptler/scripts/MainOptions.groovy | 3 +- .../scriptler/scripts/SubChildOptions.groovy | 6 +- .../scriptler/scripts/SubOptions.groovy | 6 +- .../scriptler/scripts/ValidateParams.groovy | 5 +- jenkins_install/setUpOCI_config.xml | 25 +- .../singleOutput-tf-destroy.groovy | 149 ---- jenkins_install/singleOutput.groovy | 165 ----- jenkins_install/tf-apply.groovy | 243 +++++++ jenkins_install/tf-destroy.groovy | 228 ++++++ 61 files changed, 1769 insertions(+), 1933 deletions(-) create mode 100644 cd3_automation_toolkit/user-scripts/terraform/seclist.tf delete mode 100644 jenkins_install/multiOutput-tf-destroy.groovy delete mode 100644 jenkins_install/multiOutput.groovy delete mode 100644 jenkins_install/singleOutput-tf-destroy.groovy delete mode 100644 jenkins_install/singleOutput.groovy create mode 100644 jenkins_install/tf-apply.groovy create mode 100644 jenkins_install/tf-destroy.groovy diff --git a/Dockerfile b/Dockerfile index 827347bd2..06471e52f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM oraclelinux:7-slim +FROM oraclelinux:9-slim LABEL maintainer="Team at Oracle" LABEL description="OCI format to generate CD3 image" @@ -6,13 +6,16 @@ ARG USERNAME=cd3user ARG USER_UID=1001 ARG USER_GID=$USER_UID -RUN yum install sudo -y && groupadd --gid $USER_GID $USERNAME \ -&& useradd --uid $USER_UID --gid $USER_GID -d /$USERNAME -m $USERNAME \ -&& echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ -&& chmod 0440 /etc/sudoers.d/$USERNAME \ -&& mkdir -p /cd3user/tenancies && sudo chown -R $USERNAME:$USERNAME /cd3user/tenancies/ \ -&& yum install -y vim && echo 'alias vi="vim"' >> /etc/bashrc - +RUN microdnf install -y sudo && \ + groupadd --gid $USER_GID $USERNAME && \ + useradd --uid $USER_UID --gid $USER_GID -d /$USERNAME -m $USERNAME && \ + echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME && \ + chmod 0440 /etc/sudoers.d/$USERNAME && \ + mkdir -p /cd3user/tenancies && \ + chown -R $USERNAME:$USERNAME /cd3user/tenancies/ && \ + microdnf install -y vim && \ + microdnf install -y dnf && \ + echo 'alias vi="vim"' >> /etc/bashrc USER $USERNAME WORKDIR /cd3user/oci_tools/ @@ -20,18 +23,19 @@ COPY cd3_automation_toolkit cd3_automation_toolkit/ WORKDIR /cd3user/ -RUN sudo yum install -y oracle-softwarecollection-release-el7 \ -&& sudo chown -R $USERNAME:$USERNAME /cd3user/ - -RUN sudo sed -i -e 's/\r$//' /cd3user/oci_tools/cd3_automation_toolkit/shell_script.sh \ -&& bash /cd3user/oci_tools/cd3_automation_toolkit/shell_script.sh \ -&& sudo chown -R cd3user:cd3user /cd3user/ && sudo yum clean all && sudo rm -rf /var/cache/yum \ -&& sudo chmod -R 740 /cd3user/ +RUN sudo dnf install -y oraclelinux-release-el9 && \ +sudo chown -R $USERNAME:$USERNAME /cd3user/ && \ +sudo sed -i -e 's/\r$//' /cd3user/oci_tools/cd3_automation_toolkit/shell_script.sh && \ +bash /cd3user/oci_tools/cd3_automation_toolkit/shell_script.sh && \ +sudo chown -R cd3user:cd3user /cd3user/ && \ +sudo dnf clean all && \ +sudo rm -rf /var/cache/dnf && \ +sudo chmod -R 740 /cd3user/ ##################################### START INSTALLING JENKINS ################################### -ARG JENKINS_VERSION=2.401.1 -ARG JENKINS_SHA=600b73eabf797852e39919541b84f7686ff601b97c77b44eb00843eb91c7dd6c +ARG JENKINS_VERSION=2.444 +ARG JENKINS_SHA=ab093a455fc35951c9b46361002e17cc3ed7c59b0943bbee3a57a363f3370d2e ARG JENKINS_PLUGIN_MANAGER_VERSION=2.12.13 ARG PLUGIN_CLI_URL=https://github.com/jenkinsci/plugin-installation-manager-tool/releases/download/${JENKINS_PLUGIN_MANAGER_VERSION}/jenkins-plugin-manager-${JENKINS_PLUGIN_MANAGER_VERSION}.jar @@ -39,18 +43,16 @@ ARG JENKINS_HOME=/cd3user/tenancies/jenkins_home ARG JENKINS_INSTALL=/usr/share/jenkins ARG REF=/usr/share/jenkins/ref -RUN sudo yum remove java-1.8.0-openjdk-1.8.0.345.b01-1.el7_9.x86_64 \ -&& sudo yum install -y java-11-openjdk \ -&& sudo yum install -y java-11-openjdk-devel \ -&& sudo yum install unzip -y \ -&& sudo yum install git -y \ -&& sudo mkdir -p ${REF}/init.groovy.d \ -&& sudo chown -R cd3user:cd3user ${JENKINS_INSTALL} \ -&& sudo curl -fsSL http://updates.jenkins-ci.org/download/war/${JENKINS_VERSION}/jenkins.war -o ${JENKINS_INSTALL}/jenkins.war \ -&& echo "${JENKINS_SHA} ${JENKINS_INSTALL}/jenkins.war" | sha256sum -c - \ -&& sudo curl -fsSL ${PLUGIN_CLI_URL} -o ${JENKINS_INSTALL}/jenkins-plugin-manager.jar +RUN sudo microdnf install -y java-21-openjdk && \ + sudo microdnf install -y java-21-openjdk-devel && \ + sudo microdnf install git-2.39.3 -y && \ + sudo mkdir -p ${REF}/init.groovy.d && \ + sudo chown -R cd3user:cd3user ${JENKINS_INSTALL} && \ + sudo curl -fsSL http://updates.jenkins-ci.org/download/war/${JENKINS_VERSION}/jenkins.war -o ${JENKINS_INSTALL}/jenkins.war && \ + echo "${JENKINS_SHA} ${JENKINS_INSTALL}/jenkins.war" | sha256sum -c - && \ + sudo curl -fsSL ${PLUGIN_CLI_URL} -o ${JENKINS_INSTALL}/jenkins-plugin-manager.jar -ENV JAVA_HOME /usr/lib/jvm/java-11-openjdk-11.0.17.0.8-2.el8_6.x86_64 +ENV JAVA_HOME /usr/lib/jvm/java-21-openjdk ENV JENKINS_HOME ${JENKINS_HOME} ENV JENKINS_INSTALL ${JENKINS_INSTALL} ENV REF ${REF} @@ -65,7 +67,6 @@ COPY --chown=cd3user:cd3user jenkins_install ${JENKINS_INSTALL}/ COPY --chown=cd3user:cd3user jenkins_install/init/*.groovy ${REF}/init.groovy.d/ COPY --chown=cd3user:cd3user jenkins_install/plugins.txt ${REF}/plugins.txt - -RUN sudo java -jar ${JENKINS_INSTALL}/jenkins-plugin-manager.jar --war ${JENKINS_INSTALL}/jenkins.war --verbose -f ${REF}/plugins.txt \ -&& sudo chown -R cd3user:cd3user ${JENKINS_INSTALL} \ -&& sudo chmod +x ${JENKINS_INSTALL}/jenkins.sh +RUN sudo java -jar ${JENKINS_INSTALL}/jenkins-plugin-manager.jar --war ${JENKINS_INSTALL}/jenkins.war --verbose -f ${REF}/plugins.txt && \ + sudo chown -R cd3user:cd3user ${JENKINS_INSTALL} && \ + sudo chmod +x ${JENKINS_INSTALL}/jenkins.sh \ No newline at end of file diff --git a/OCIWorkVMStack/data_sources.tf b/OCIWorkVMStack/data_sources.tf index 159f9ea9d..19f9c38b7 100644 --- a/OCIWorkVMStack/data_sources.tf +++ b/OCIWorkVMStack/data_sources.tf @@ -19,16 +19,17 @@ data "oci_identity_compartment" "compartment" { data "oci_core_images" "oracle_linux" { compartment_id = var.tenancy_ocid - operating_system = "Oracle Linux" - shape = var.instance_shape + #operating_system = "Oracle Linux" + #shape = var.instance_shape + display_name = var.instance_os_version sort_by = "TIMECREATED" sort_order = "DESC" state = "AVAILABLE" # filter restricts to OL - filter { - name = "operating_system_version" - values = ["${local.os_version}"] - regex = false - } + #filter { + # name = "operating_system_version" + # values = ["${local.os_version}"] + # regex = false + #} } diff --git a/OCIWorkVMStack/installToolkit.sh b/OCIWorkVMStack/installToolkit.sh index 38d148f7a..0ebd4fb85 100644 --- a/OCIWorkVMStack/installToolkit.sh +++ b/OCIWorkVMStack/installToolkit.sh @@ -67,7 +67,7 @@ echo "********************************************************" >> $logfile 2>&1 echo "########################################################" >> $logfile 2>&1 echo "Downloading CD3 Automation Toolkit Code from Github " >> $logfile 2>&1 echo "########################################################" >> $logfile 2>&1 -sudo git clone https://github.com/oracle-devrel/cd3-automation-toolkit.git $toolkit_dir >> $logfile 2>&1 +sudo git clone https://github.com/oracle-devrel/cd3-automation-toolkit.git -b develop $toolkit_dir >> $logfile 2>&1 stop_exec sudo ls -la /tmp/githubCode >> $logfile 2>&1 echo "Downloading CD3 Automation Toolkit Code from Github completed successfully" >> $logfile 2>&1 diff --git a/OCIWorkVMStack/locals.tf b/OCIWorkVMStack/locals.tf index 4751182b5..3622850c1 100644 --- a/OCIWorkVMStack/locals.tf +++ b/OCIWorkVMStack/locals.tf @@ -19,7 +19,7 @@ locals { listing_resource_id = var.mp_listing_resource_id listing_resource_version = var.mp_listing_resource_version - os_version = var.instance_os_version == "Oracle-Linux-9" ? 9 : (var.instance_os_version == "Oracle-Linux-8" ? 8 : 7.9) + #os_version = var.instance_os_version == "Oracle-Linux-9" ? 9 : (var.instance_os_version == "Oracle-Linux-8" ? 8 : 7.9) instance_image_ocid = data.oci_core_images.oracle_linux.images[0].id diff --git a/OCIWorkVMStack/schema.yaml b/OCIWorkVMStack/schema.yaml index 7bae304d2..3aaeceb8a 100644 --- a/OCIWorkVMStack/schema.yaml +++ b/OCIWorkVMStack/schema.yaml @@ -127,8 +127,10 @@ variables: description: Oracle Linux image OCID for VM provisioning type: enum enum: - - "Oracle-Linux-7" - default: "Oracle-Linux-7" + - "Oracle-Linux-7.9-2024.02.26-0" + - "Oracle-Linux-8.9-2024.02.26-0" + - "Oracle-Linux-9.3-2024.02.26-0" + default: "Oracle-Linux-9.3-2024.02.26-0" #pattern: '^ocid1\.([a-z0-9_-]{1,32})\.([a-z0-9_-]{1,15})\.([a-z0-9]{0,24})\.([a-z0-9]{60})$' required: true instance_shape: @@ -429,4 +431,4 @@ variables: mp_listing_resource_version: type: string tenancy_ocid: - type: string + type: string \ No newline at end of file diff --git a/cd3_automation_toolkit/Network/BaseNetwork/create_all_tf_objects.py b/cd3_automation_toolkit/Network/BaseNetwork/create_all_tf_objects.py index 247051616..5dc39a41a 100644 --- a/cd3_automation_toolkit/Network/BaseNetwork/create_all_tf_objects.py +++ b/cd3_automation_toolkit/Network/BaseNetwork/create_all_tf_objects.py @@ -25,8 +25,10 @@ def create_all_tf_objects(inputfile, outdir, service_dir,prefix, ct, non_gf_tena os.makedirs(outdir) if len(service_dir) != 0: service_dir_network = service_dir['network'] + service_dir_seclist = service_dir['seclist'] else: service_dir_network = "" + service_dir_seclist = "" with section('Process VCNs Tab and DRGs Tab'): create_major_objects(inputfile, outdir, service_dir_network, prefix, ct, non_gf_tenancy, modify_network) create_terraform_defaults(inputfile, outdir, service_dir_network, prefix, ct, non_gf_tenancy, modify_network) @@ -36,13 +38,14 @@ def create_all_tf_objects(inputfile, outdir, service_dir,prefix, ct, non_gf_tena with section('Process DRGs tab for DRG Route Tables and Route Distribution creation'): create_terraform_drg_route(inputfile, outdir, service_dir_network, prefix, ct, non_gf_tenancy, network_connectivity_in_setupoci, modify_network) + #Create Workflow if non_gf_tenancy == False: with section('Process Subnets tab for Routes creation'): create_terraform_route(inputfile, outdir, service_dir_network, prefix, ct, non_gf_tenancy, network_vlan_in_setupoci, modify_network) - + # Create Workflow if non_gf_tenancy == False: with section('Process Subnets for Seclists creation'): - create_terraform_seclist(inputfile, outdir, service_dir_network, prefix, ct, modify_network) + create_terraform_seclist(inputfile, outdir, service_dir_seclist, prefix, ct, modify_network) with section('Process Subnets for Subnets creation'): create_terraform_subnet_vlan(inputfile, outdir, service_dir, prefix, ct, non_gf_tenancy, network_vlan_in_setupoci,modify_network) diff --git a/cd3_automation_toolkit/Network/BaseNetwork/export_network_nonGreenField.py b/cd3_automation_toolkit/Network/BaseNetwork/export_network_nonGreenField.py index bc53e929f..14803911f 100644 --- a/cd3_automation_toolkit/Network/BaseNetwork/export_network_nonGreenField.py +++ b/cd3_automation_toolkit/Network/BaseNetwork/export_network_nonGreenField.py @@ -1097,9 +1097,11 @@ def export_networking(inputfile, outdir, service_dir, config, signer, ct, export if len(service_dir) != 0: service_dir_network = service_dir['network'] service_dir_nsg = service_dir['nsg'] + service_dir_seclist = service_dir['seclist'] else: service_dir_network = "" service_dir_nsg = "" + service_dir_seclist = "" # Fetch Major Objects export_major_objects(inputfile, outdir, service_dir_network, config=config, signer=signer, ct=ct, export_compartments=export_compartments, export_regions=export_regions) @@ -1111,11 +1113,11 @@ def export_networking(inputfile, outdir, service_dir, config, signer, ct, export export_subnets_vlans(inputfile, outdir, service_dir, config=config, signer=signer, ct=ct, export_compartments=export_compartments, export_regions=export_regions) # Fetch RouteRules and SecRules - export_seclist(inputfile, outdir, service_dir_network, config=config, signer=signer, ct=ct, export_compartments=export_compartments, export_regions=export_regions,_tf_import_cmd=True) + export_seclist(inputfile, outdir, service_dir_seclist, config=config, signer=signer, ct=ct, export_compartments=export_compartments, export_regions=export_regions,_tf_import_cmd=True) export_routetable(inputfile, outdir, service_dir_network, config1=config, signer1=signer, ct=ct, export_compartments=export_compartments, export_regions=export_regions, _tf_import_cmd=True) export_drg_routetable(inputfile, outdir, service_dir_network, config1=config, signer1=signer, ct=ct, export_compartments=export_compartments, export_regions=export_regions, _tf_import_cmd=True) # Fetch NSGs - export_nsg(inputfile, outdir, service_dir_nsg, config=config, signer=signer, ct=ct, export_compartments=export_compartments, export_regions=export_regions, _tf_import_cmd=True) + export_nsg(inputfile, outdir, service_dir_nsg, config=config, signer=signer, ct=ct, export_compartments=export_compartments, export_regions=export_regions, _tf_import_cmd=True) \ No newline at end of file diff --git a/cd3_automation_toolkit/Network/LoadBalancers/export_nlb_nonGreenField.py b/cd3_automation_toolkit/Network/LoadBalancers/export_nlb_nonGreenField.py index 0bb8bbf5a..b08342380 100644 --- a/cd3_automation_toolkit/Network/LoadBalancers/export_nlb_nonGreenField.py +++ b/cd3_automation_toolkit/Network/LoadBalancers/export_nlb_nonGreenField.py @@ -128,7 +128,7 @@ def print_nlb_backendset_backendserver(region, ct, values_for_column_bss,NLBs, n elif col_header == "Backend Set Name": values_for_column_bss[col_header].append(backendsets) else: - oci_objs = [eachnlb,backendset_details] + oci_objs = [eachnlb,backendset_details,hc] values_for_column_bss = commonTools.export_extra_columns(oci_objs, col_header, sheet_dict_bss,values_for_column_bss) return values_for_column_bss @@ -145,7 +145,6 @@ def print_nlb_listener(region, outdir, values_for_column_lis, NLBs, nlb_compartm if 'ocid1.cluster' in created_by: continue - importCommands[reg] = open(outdir + "/" + reg + "/tf_import_commands_nlb_nonGF.sh", "a") nlb_display_name = eachnlb.display_name tf_name = commonTools.check_tf_variable(nlb_display_name) importCommands[reg].write("\nterraform import \"module.network-load-balancers[\\\"" + str(tf_name) + "\\\"].oci_network_load_balancer_network_load_balancer.network_load_balancer\" " + eachnlb.id) diff --git a/cd3_automation_toolkit/Network/LoadBalancers/templates/backend-set-template b/cd3_automation_toolkit/Network/LoadBalancers/templates/backend-set-template index 0e384e7e9..77ceda4e0 100644 --- a/cd3_automation_toolkit/Network/LoadBalancers/templates/backend-set-template +++ b/cd3_automation_toolkit/Network/LoadBalancers/templates/backend-set-template @@ -29,12 +29,16 @@ backend_sets = { interval_ms = "{{ interval_in_millis }}" {% endif %} + {% if response_body_regex and response_body_regex != '' %} + response_body_regex = "{{ response_body_regex }}" + {% endif %} + {% if port != '' %} port = "{{ backend_healthcheck_port }}" {% endif %} - {% if response_body_regex and response_body_regex != '' %} - response_body_regex = "{{ response_body_regex }}" + {% if is_force_plain_text and is_force_plain_text != '' %} + is_force_plain_text = {{ is_force_plain_text }} {% endif %} {% if retries and retries != '' %} diff --git a/cd3_automation_toolkit/Network/LoadBalancers/templates/nlb-backend-set-template b/cd3_automation_toolkit/Network/LoadBalancers/templates/nlb-backend-set-template index 470d36c6c..7f65b79f4 100644 --- a/cd3_automation_toolkit/Network/LoadBalancers/templates/nlb-backend-set-template +++ b/cd3_automation_toolkit/Network/LoadBalancers/templates/nlb-backend-set-template @@ -54,14 +54,11 @@ nlb_backend_sets = { {% if request_data and request_data != '' %} request_data = "{{ request_data }}" - {% else %} - request_data = null {% endif %} + {% if response_data and response_data != '' %} response_data = "{{ response_data }}" - {% else %} - response_data = null {% endif %} {% if timeout_in_millis and timeout_in_millis != '' %} diff --git a/cd3_automation_toolkit/Network/LoadBalancers/templates/nlb-template b/cd3_automation_toolkit/Network/LoadBalancers/templates/nlb-template index 3f540c62a..29c79a245 100644 --- a/cd3_automation_toolkit/Network/LoadBalancers/templates/nlb-template +++ b/cd3_automation_toolkit/Network/LoadBalancers/templates/nlb-template @@ -44,6 +44,10 @@ network_load_balancers = { is_preserve_source_destination = {{ is_preserve_source_destination }} {% endif %} + {% if is_symmetric_hash_enabled and is_symmetric_hash_enabled != "" %} + is_symmetric_hash_enabled = {{ is_symmetric_hash_enabled }} + {% endif %} + {% if nlb_ip_version and nlb_ip_version != "" %} nlb_ip_version = {{ nlb_ip_version }} {% endif %} diff --git a/cd3_automation_toolkit/Release-Notes b/cd3_automation_toolkit/Release-Notes index 58be28aab..ee3499bb4 100644 --- a/cd3_automation_toolkit/Release-Notes +++ b/cd3_automation_toolkit/Release-Notes @@ -1,3 +1,13 @@ +------------------------------------- +CD3 Automation Toolkit Tag v2024.2.1 +Apr 30, 2024 +------------------------------------- +1. Download latest Excel Sheet using Jenkins. +2. Docker Image upgrade to OL9 and upgrade of other softwares also. +3. Dropdowns for Region and Compartment while running setUpOCI using Jenkins. +4. Fix Image OCIDs for OCI Work VM deployment using RM stack. +5. Review of existing terraform modules. + ------------------------------------- CD3 Automation Toolkit Tag v2024.2.0 Mar 22, 2024 diff --git a/cd3_automation_toolkit/cd3Validator.py b/cd3_automation_toolkit/cd3Validator.py index 5c00369a5..84def4aa1 100644 --- a/cd3_automation_toolkit/cd3Validator.py +++ b/cd3_automation_toolkit/cd3Validator.py @@ -307,7 +307,7 @@ def validate_subnets(filename, comp_ids, vcnobj): cidr_list.append(entry) # Check for null values and display appropriate message - labels = ['DNS Label', 'DHCP Option Name', 'Route Table Name', 'Seclist Names'] + labels = ['DNS Label', 'DHCP Option Name', 'Route Table Name', 'Seclist Names','NSGs'] for j in dfsub.keys(): if (str(dfsub[j][i]).strip() == "NaN" or str(dfsub[j][i]).strip() == "nan" or str(dfsub[j][i]).strip() == ""): # only dhcp_option_name, route table name, seclist_names and dns_label columns can be empty @@ -1412,14 +1412,22 @@ def validate_buckets(filename, comp_ids): #Check for valid destination region for enabling the replication policy if columnname == 'Replication Policy': - columnvalue= columnvalue.split("::") - if len(columnvalue) == 3 and all(columnvalue): - replication_policy_name = columnvalue[0] - destination_region = columnvalue[1].lower() - if destination_region in ct.region_dict: - destination_region = ct.region_dict[destination_region] - else: - log(f'ROW {i + 3} : The "Destination_region" of replication policy is not a valid region.') + columnvalue = columnvalue.split("::") + if len(columnvalue) == 3: + replication_policy_name = columnvalue[0] + destination_region = columnvalue[1].lower() + destination_bucket_name = columnvalue[2] + if replication_policy_name.strip() and destination_bucket_name.strip(): + if destination_region in ct.region_dict: + destination_region = ct.region_dict[destination_region] + else: + log(f'ROW {i + 3} : The "Destination_region" of replication policy is not a valid region.') + buckets_invalid_check = True + else: + log(f'ROW {i + 3} : The replication policy format is incorrect or policy name/destination bucket is empty.') + buckets_invalid_check = True + else: + log(f'ROW {i + 3} : The replication policy format is incorrect.') buckets_invalid_check = True #Check for the retention policy details diff --git a/cd3_automation_toolkit/cis_reports.py b/cd3_automation_toolkit/cis_reports.py index c4ae5ac91..8b0c1dda1 100644 --- a/cd3_automation_toolkit/cis_reports.py +++ b/cd3_automation_toolkit/cis_reports.py @@ -1,5 +1,5 @@ ########################################################################## -# Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2016, 2024, Oracle and/or its affiliates. All rights reserved. # This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. # # cis_reports.py @@ -35,9 +35,9 @@ except Exception: OUTPUT_TO_XLSX = False -RELEASE_VERSION = "2.8.0" -PYTHON_SDK_VERSION = "2.120.0" -UPDATED_DATE = "February 23, 2024" +RELEASE_VERSION = "2.8.1" +PYTHON_SDK_VERSION = "2.124.1" +UPDATED_DATE = "March 25, 2024" ########################################################################## @@ -138,7 +138,7 @@ class CIS_Report: str_kms_key_time_max_datetime = kms_key_time_max_datetime.strftime(__iso_time_format) kms_key_time_max_datetime = datetime.datetime.strptime(str_kms_key_time_max_datetime, __iso_time_format) - def __init__(self, config, signer, proxy, output_bucket, report_directory, print_to_screen, regions_to_run_in, raw_data, obp, redact_output, debug=False, all_resources=True): + def __init__(self, config, signer, proxy, output_bucket, report_directory, report_prefix, report_summary_json, print_to_screen, regions_to_run_in, raw_data, obp, redact_output, debug=False, all_resources=True): # CIS Foundation benchmark 2.0.0 self.cis_foundations_benchmark_2_0 = { @@ -169,7 +169,7 @@ def __init__(self, config, signer, proxy, output_bucket, report_directory, print '3.1': {'section': 'Compute', 'recommendation_#': '3.1', 'Title': 'Ensure Compute Instance Legacy Metadata service endpoint is disabled.', 'Status': True, 'Level': 1, 'Total': [], 'Findings': [], 'CISv8': ['4.6'], 'CCCS Guard Rail': '', 'Remediation': []}, '3.2': {'section': 'Compute', 'recommendation_#': '3.2', 'Title': 'Ensure Secure Boot is enabled on Compute Instance.', 'Status': True, 'Level': 2, 'Total': [], 'Findings': [], 'CISv8': ['4.1'], 'CCCS Guard Rail': '', 'Remediation': []}, - '3.3': {'section': 'Compute', 'recommendation_#': '3.2', 'Title': 'Ensure Compute Instance Legacy MetaData service endpoint is disabled.', 'Status': True, 'Level': 2, 'Total': [], 'Findings': [], 'CISv8': [''], 'CCCS Guard Rail': '', 'Remediation': []}, + '3.3': {'section': 'Compute', 'recommendation_#': '3.3', 'Title': 'Ensure In-transit Encryption is enabled on Compute Instance.', 'Status': True, 'Level': 1, 'Total': [], 'Findings': [], 'CISv8': [''], 'CCCS Guard Rail': '', 'Remediation': []}, '4.1': {'section': 'Logging and Monitoring', 'recommendation_#': '4.1', 'Title': 'Ensure default tags are used on resources.', 'Status': False, 'Level': 1, 'Total': [], 'Findings': [], 'CISv8': ['1.1'], 'CCCS Guard Rail': '', 'Remediation': []}, '4.2': {'section': 'Logging and Monitoring', 'recommendation_#': '4.2', 'Title': 'Create at least one notification topic and subscription to receive monitoring alerts.', 'Status': False, 'Level': 1, 'Total': [], 'Findings': [], 'CISv8': ['8.2', '8.11'], 'CCCS Guard Rail': '11', 'Remediation': []}, @@ -196,7 +196,6 @@ def __init__(self, config, signer, proxy, output_bucket, report_directory, print '5.2.2': {'section': 'Storage - Block Volumes', 'recommendation_#': '5.2.2', 'Title': 'Ensure Boot Volumes are encrypted with Customer Managed Key.', 'Status': True, 'Level': 2, 'Total': [], 'Findings': [], 'CISv8': ['3.11'], 'CCCS Guard Rail': ''}, '5.3.1': {'section': 'Storage - File Storage Service', 'recommendation_#': '5.3.1', 'Title': 'Ensure File Storage Systems are encrypted with Customer Managed Keys.', 'Status': True, 'Level': 2, 'Total': [], 'Findings': [], 'CISv8': ['3.11'], 'CCCS Guard Rail': '', 'Remediation': []}, - '6.1': {'section': 'Asset Management', 'recommendation_#': '6.1', 'Title': 'Create at least one compartment in your tenancy to store cloud resources.', 'Status': True, 'Level': 1, 'Total': [], 'Findings': [], 'CISv8': ['3.1'], 'CCCS Guard Rail': '2,3,8,12', 'Remediation': []}, '6.2': {'section': 'Asset Management', 'recommendation_#': '6.2', 'Title': 'Ensure no resources are created in the root compartment.', 'Status': True, 'Level': 1, 'Total': [], 'Findings': [], 'CISv8': ['3.12'], 'CCCS Guard Rail': '1,2,3', 'Remediation': []} } @@ -942,10 +941,10 @@ def __init__(self, config, signer, proxy, output_bucket, report_directory, print self.__raw_regions.append(record) # By Default it is today's date - if report_directory: - self.__report_directory = report_directory + "/" - else: - self.__report_directory = self.__tenancy.name + "-" + self.report_datetime + self.__report_directory = f'{report_directory}/' if report_directory else f'{self.__tenancy.name}-{self.report_datetime}' + + self.__report_prefix = f'{report_prefix}_' if report_prefix else '' + self.__report_summary_json = report_summary_json # Checking if a Tenancy has Identity Domains enabled try: @@ -956,7 +955,7 @@ def __init__(self, config, signer, proxy, output_bucket, report_directory, print except Exception as e: # To be safe if it fails I'll check self.__identity_domains_enabled = True - debug("__init__: Exception checking identity domains status \n" + str(e)) + debug("__init__: Exception checking identity domains status\n" + str(e)) self.__errors.append({"id" : "__init__", "error" : str(e)}) @@ -998,7 +997,7 @@ def __init__(self, config, signer, proxy, output_bucket, report_directory, print def __create_regional_signers(self, proxy): print("Creating regional signers and configs...") for region_key, region_values in self.__regions.items(): - debug("processing __create_regional_signers ") + debug("processing __create_regional_signers") # Creating regional configs and signers region_signer = self.__signer region_signer.region_name = region_key @@ -1142,7 +1141,7 @@ def __identity_read_compartments(self): # Need to convert for raw output for compartment in self.__compartments: - debug("__identity_read_compartments: Getting Compartments:" + compartment.name) + debug("__identity_read_compartments: Getting Compartments: " + compartment.name) deep_link = self.__oci_compartment_uri + compartment.id record = { 'id': compartment.id, @@ -1187,7 +1186,7 @@ def __identity_read_compartments(self): return self.__compartments except Exception as e: - debug("__identity_read_compartments: Error Getting Compartments:" + compartment.name) + debug("__identity_read_compartments: Error Getting Compartments: " + compartment.name) self.__errors.append({"id" : "__identity_read_compartments", "error" : str(e)}) raise RuntimeError( "Error in identity_read_compartments: " + str(e.args)) @@ -1203,7 +1202,7 @@ def __identity_read_domains(self): # Finding all Identity Domains in the tenancy for compartment in self.__compartments: try: - debug("__identity_read_domains: Getting Identity Domains for Compartment :" + str(compartment.name)) + debug("__identity_read_domains: Getting Identity Domains for Compartment: " + str(compartment.name)) raw_identity_domains += oci.pagination.list_call_get_all_results( self.__regions[self.__home_region]['identity_client'].list_domains, @@ -1212,14 +1211,14 @@ def __identity_read_domains(self): ).data except Exception as e: - debug("__identity_read_domains: Exception collecting Identity Domains \n" + str(e)) + debug("__identity_read_domains: Exception collecting Identity Domains\n" + str(e)) # If this fails the tenancy likely doesn't have identity domains or the permissions are off for domain in raw_identity_domains: debug("__identity_read_domains: Getting password policy for domain: " + domain.display_name) - domain_dict = oci.util.to_dict(domain) + domain_dict = oci.util.to_dict(domain) try: - debug("__identity_read_domains: Getting Identity Domain Password Policy for :" + domain.display_name) + debug("__identity_read_domains: Getting Identity Domain Password Policy for: " + domain.display_name) idcs_url = domain.url + "/admin/v1/PasswordPolicies/PasswordPolicy" raw_pwd_policy_resp = requests.get(url=idcs_url, auth=self.__signer) raw_pwd_policy_dict = json.loads(raw_pwd_policy_resp.content) @@ -1257,42 +1256,44 @@ def __identity_read_groups_and_membership(self): debug("processing __identity_read_groups_and_membership for Identity Domains Enabled Tenancy") for identity_domain in self.__identity_domains: debug("processing __identity_read_groups_and_membership for Identity Domain: " + identity_domain['display_name']) + id_domain_deep_link = self.__oci_identity_domains_uri + identity_domain['id'] try: groups_data = self.__identity_domains_get_all_results(func=identity_domain['IdentityDomainClient'].list_groups, args={}) for grp in groups_data: debug("\t__identity_read_groups_and_membership: reading group data " + str(grp.display_name)) grp_deep_link = self.__oci_identity_domains_uri + identity_domain['id'] + "/groups/" + grp.ocid - for grp in groups_data: - if not grp.members: - debug("\t\t__identity_read_groups_and_membership: Adding group with no members " + str(grp.display_name)) - + if not grp.members: + debug("\t\t__identity_read_groups_and_membership: Adding group with no members " + str(grp.display_name)) + + group_record = { + "id": grp.ocid, + "name": grp.display_name, + "deep_link": self.__generate_csv_hyperlink(grp_deep_link, grp.display_name), + "domain_deeplink" : self.__generate_csv_hyperlink(id_domain_deep_link, identity_domain['display_name']), + "description": grp.urn_ietf_params_scim_schemas_oracle_idcs_extension_group_group.description if grp.urn_ietf_params_scim_schemas_oracle_idcs_extension_group_group else None, + "time_created" : self.get_date_iso_format(grp.meta.created), + "user_id": "", + "user_id_link": "" + } + # Adding a record per empty group + self.__groups_to_users.append(group_record) + else: + # For groups with members print one record per user per group + for member in grp.members: + debug("\t__identity_read_groups_and_membership: reading members data in group" + str(grp.display_name)) + user_deep_link = self.__oci_identity_domains_uri + identity_domain['id'] + "/users/" + member.ocid group_record = { - "id": grp.ocid, + "id": grp.id, "name": grp.display_name, "deep_link": self.__generate_csv_hyperlink(grp_deep_link, grp.display_name), + "domain_deeplink" : self.__generate_csv_hyperlink(id_domain_deep_link, identity_domain['display_name']), "description": grp.urn_ietf_params_scim_schemas_oracle_idcs_extension_group_group.description if grp.urn_ietf_params_scim_schemas_oracle_idcs_extension_group_group else None, "time_created" : self.get_date_iso_format(grp.meta.created), - "user_id": "", - "user_id_link": "" + "user_id": member.ocid, + "user_id_link": self.__generate_csv_hyperlink(user_deep_link, member.name) } - # Adding a record per empty group + # Adding a record per user to group self.__groups_to_users.append(group_record) - else: - # For groups with members print one record per user per group - for member in grp.members: - debug("\t__identity_read_groups_and_membership: reading members data in group" + str(grp.display_name)) - user_deep_link = self.__oci_identity_domains_uri + identity_domain['id'] + "/users/" + member.ocid - group_record = { - "id": grp.id, - "name": grp.display_name, - "deep_link": self.__generate_csv_hyperlink(grp_deep_link, grp.display_name), - "description": grp.urn_ietf_params_scim_schemas_oracle_idcs_extension_group_group.description if grp.urn_ietf_params_scim_schemas_oracle_idcs_extension_group_group else None, - "time_created" : self.get_date_iso_format(grp.meta.created), - "user_id": member.ocid, - "user_id_link": self.__generate_csv_hyperlink(user_deep_link, member.name) - } - # Adding a record per user to group - self.__groups_to_users.append(group_record) except Exception as e: self.__errors.append({"id" : "__identity_read_groups_and_membership", "error" : str(e)}) @@ -1322,7 +1323,9 @@ def __identity_read_groups_and_membership(self): "id": grp.id, "name": grp.name, "deep_link": self.__generate_csv_hyperlink(grp_deep_link, grp.name), + "domain_deeplink" : "", "description": grp.description, + "domain_deeplink" : "", "lifecycle_state": grp.lifecycle_state, "time_created": grp.time_created.strftime(self.__iso_time_format), "user_id": "", @@ -1338,6 +1341,7 @@ def __identity_read_groups_and_membership(self): "id": grp.id, "name": grp.name, "deep_link": self.__generate_csv_hyperlink(grp_deep_link, grp.name), + "domain_deeplink" : "", "description": grp.description, "lifecycle_state": grp.lifecycle_state, "time_created": grp.time_created.strftime(self.__iso_time_format), @@ -1390,108 +1394,123 @@ def __identity_domains_get_all_results(self, func, args): ########################################################################## def __identity_read_users(self): debug(f'__identity_read_users: Getting User data for Identity Domains: {str(self.__identity_domains_enabled)}') - if self.__identity_domains_enabled: - for identity_domain in self.__identity_domains: + try: + if self.__identity_domains_enabled: + for identity_domain in self.__identity_domains: + try: + users_data = self.__identity_domains_get_all_results(func=identity_domain['IdentityDomainClient'].list_users, + args={}) + # Adding record to the users + for user in users_data: + deep_link = self.__oci_identity_domains_uri + identity_domain['id'] + "/users/" + user.ocid + id_domain_deep_link = self.__oci_identity_domains_uri + identity_domain['id'] + record = { + 'id': user.ocid, + 'domain_deeplink' : self.__generate_csv_hyperlink(id_domain_deep_link, identity_domain['display_name']), + 'name': user.user_name, + 'deep_link': self.__generate_csv_hyperlink(deep_link, user.user_name), + 'defined_tags': user.urn_ietf_params_scim_schemas_oracle_idcs_extension_oci_tags.defined_tags if user.urn_ietf_params_scim_schemas_oracle_idcs_extension_oci_tags else None, + 'description': user.description, + 'email': user.emails[0].value if user.emails else None, + 'email_verified': user.emails[0].verified if user.emails else None, + 'external_identifier': user.external_id, + 'is_federated': user.urn_ietf_params_scim_schemas_oracle_idcs_extension_user_user.is_federated_user, + 'is_mfa_activated': user.urn_ietf_params_scim_schemas_oracle_idcs_extension_mfa_user.mfa_status if user.urn_ietf_params_scim_schemas_oracle_idcs_extension_mfa_user else None, + 'lifecycle_state': user.active, + 'time_created': user.meta.created, + 'can_use_api_keys': user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user.can_use_api_keys if user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user else None, + 'can_use_auth_tokens': user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user.can_use_auth_tokens if user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user else None, + 'can_use_console_password': user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user.can_use_console_password if user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user else None, + 'can_use_customer_secret_keys': user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user.can_use_customer_secret_keys if user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user else None, + 'can_use_db_credentials': user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user.can_use_db_credentials if user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user else None, + 'can_use_o_auth2_client_credentials': user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user.can_use_o_auth2_client_credentials if user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user else None, + 'can_use_smtp_credentials': user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user.can_use_smtp_credentials if user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user else None, + 'groups': [] + } + # Adding Groups to the user + for group in self.__groups_to_users: + if user.ocid == group['user_id']: + record['groups'].append(group['name']) + if user.urn_ietf_params_scim_schemas_oracle_idcs_extension_user_credentials_user: + debug("__identity_read_users: Collecting user API Key for user: " + str(user.user_name)) + record['api_keys'] = self.__identity_read_user_api_key(user_ocid=user.ocid, identity_domain=identity_domain) + record['auth_tokens'] = self.__identity_read_user_auth_token(user.ocid, identity_domain=identity_domain) + record['customer_secret_keys'] = self.__identity_read_user_customer_secret_key(user.ocid, identity_domain=identity_domain) + record['database_passowrds'] = self.__identity_read_user_database_password(user.ocid,identity_domain=identity_domain) + else: + debug("__identity_read_users: skipping user API Key collection for user: " + str(user.user_name)) + record['api_keys'] = None + record['auth_tokens'] = None + record['customer_secret_keys'] = None + record['database_passowrds'] = None + self.__users.append(record) + + except Exception as e: + debug("__identity_read_users: Identity Domains are : " + str(self.__identity_domains_enabled)) + self.__errors.append({'id' : "__identity_read_users", 'error' : str(e)}) + raise RuntimeError( + "Error in __identity_read_users: " + str(e)) + + print("\tProcessed " + str(len(self.__users)) + " Users") + return self.__users + + else: try: - users_data = self.__identity_domains_get_all_results(func=identity_domain['IdentityDomainClient'].list_users, - args={}) + # Getting all users in the Tenancy + users_data = oci.pagination.list_call_get_all_results( + self.__regions[self.__home_region]['identity_client'].list_users, + compartment_id=self.__tenancy.id + ).data + # Adding record to the users for user in users_data: - deep_link = self.__oci_identity_domains_uri + identity_domain['id'] + "/users/" + user.ocid + deep_link = self.__oci_users_uri + user.id record = { - 'id': user.ocid, - 'name': user.user_name, - 'deep_link': self.__generate_csv_hyperlink(deep_link, user.user_name), - 'defined_tags': user.urn_ietf_params_scim_schemas_oracle_idcs_extension_oci_tags.defined_tags if user.urn_ietf_params_scim_schemas_oracle_idcs_extension_oci_tags else None, + 'id': user.id, + 'domain_deeplink' : "", + 'name': user.name, + 'deep_link': self.__generate_csv_hyperlink(deep_link, user.name), + 'defined_tags': user.defined_tags, 'description': user.description, - 'email': user.emails[0].value if user.emails else None, - 'email_verified': user.emails[0].verified if user.emails else None, - 'external_identifier': user.external_id, - 'identity_provider_id': user.urn_ietf_params_scim_schemas_oracle_idcs_extension_user_user.provider, - 'is_mfa_activated': user.urn_ietf_params_scim_schemas_oracle_idcs_extension_mfa_user.mfa_status if user.urn_ietf_params_scim_schemas_oracle_idcs_extension_mfa_user else None, - 'lifecycle_state': user.active, - 'time_created': user.meta.created, - 'can_use_api_keys': user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user.can_use_api_keys if user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user else None, - 'can_use_auth_tokens': user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user.can_use_auth_tokens if user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user else None, - 'can_use_console_password': user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user.can_use_console_password if user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user else None, - 'can_use_customer_secret_keys': user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user.can_use_customer_secret_keys if user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user else None, - 'can_use_db_credentials': user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user.can_use_db_credentials if user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user else None, - 'can_use_o_auth2_client_credentials': user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user.can_use_o_auth2_client_credentials if user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user else None, - 'can_use_smtp_credentials': user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user.can_use_smtp_credentials if user.urn_ietf_params_scim_schemas_oracle_idcs_extension_capabilities_user else None, + 'email': user.email, + 'email_verified': user.email_verified, + 'external_identifier': user.external_identifier, + 'is_federated': True if user.identity_provider_id is not None else False, + 'is_mfa_activated': user.is_mfa_activated, + 'lifecycle_state': True if user.lifecycle_state == 'ACTIVE' else False, + 'time_created': user.time_created.strftime(self.__iso_time_format), + 'can_use_api_keys': user.capabilities.can_use_api_keys, + 'can_use_auth_tokens': user.capabilities.can_use_auth_tokens, + 'can_use_console_password': user.capabilities.can_use_console_password, + 'can_use_customer_secret_keys': user.capabilities.can_use_customer_secret_keys, + 'can_use_db_credentials': user.capabilities.can_use_db_credentials, + 'can_use_o_auth2_client_credentials': user.capabilities.can_use_o_auth2_client_credentials, + 'can_use_smtp_credentials': user.capabilities.can_use_smtp_credentials, 'groups': [] } # Adding Groups to the user for group in self.__groups_to_users: - if user.ocid == group['user_id']: + if user.id == group['user_id']: record['groups'].append(group['name']) - record['api_keys'] = self.__identity_read_user_api_key(user_ocid=user.ocid, identity_domain=identity_domain) - record['auth_tokens'] = self.__identity_read_user_auth_token(user.ocid, identity_domain=identity_domain) - record['customer_secret_keys'] = self.__identity_read_user_customer_secret_key(user.ocid, identity_domain=identity_domain) - record['database_passowrds'] = self.__identity_read_user_database_password(user.ocid,identity_domain=identity_domain) + record['api_keys'] = self.__identity_read_user_api_key(user.id) + record['auth_tokens'] = self.__identity_read_user_auth_token( + user.id) + record['customer_secret_keys'] = self.__identity_read_user_customer_secret_key( + user.id) + record['database_passowrds'] = self.__identity_read_user_database_password(user.id) self.__users.append(record) + print("\tProcessed " + str(len(self.__users)) + " Users") + return self.__users except Exception as e: - debug("__identity_read_users: Identity Domains are : " + str(self.__identity_domains_enabled)) - self.__errors.append({'id' : "__identity_read_users", 'error' : str(e)}) + debug("__identity_read_users: Error is: " + str(e)) + self.__errors.append({"id" : "__identity_read_users", "error" : str(e)}) raise RuntimeError( "Error in __identity_read_users: " + str(e)) - - print("\tProcessed " + str(len(self.__users)) + " Users") - return self.__users - - else: - try: - # Getting all users in the Tenancy - users_data = oci.pagination.list_call_get_all_results( - self.__regions[self.__home_region]['identity_client'].list_users, - compartment_id=self.__tenancy.id - ).data - - # Adding record to the users - for user in users_data: - deep_link = self.__oci_users_uri + user.id - record = { - 'id': user.id, - 'name': user.name, - 'deep_link': self.__generate_csv_hyperlink(deep_link, user.name), - 'defined_tags': user.defined_tags, - 'description': user.description, - 'email': user.email, - 'email_verified': user.email_verified, - 'external_identifier': user.external_identifier, - 'identity_provider_id': user.identity_provider_id, - 'is_mfa_activated': user.is_mfa_activated, - 'lifecycle_state': True if user.lifecycle_state == 'ACTIVE' else False, - 'time_created': user.time_created.strftime(self.__iso_time_format), - 'can_use_api_keys': user.capabilities.can_use_api_keys, - 'can_use_auth_tokens': user.capabilities.can_use_auth_tokens, - 'can_use_console_password': user.capabilities.can_use_console_password, - 'can_use_customer_secret_keys': user.capabilities.can_use_customer_secret_keys, - 'can_use_db_credentials': user.capabilities.can_use_db_credentials, - 'can_use_o_auth2_client_credentials': user.capabilities.can_use_o_auth2_client_credentials, - 'can_use_smtp_credentials': user.capabilities.can_use_smtp_credentials, - 'groups': [] - } - # Adding Groups to the user - for group in self.__groups_to_users: - if user.id == group['user_id']: - record['groups'].append(group['name']) - - record['api_keys'] = self.__identity_read_user_api_key(user.id) - record['auth_tokens'] = self.__identity_read_user_auth_token( - user.id) - record['customer_secret_keys'] = self.__identity_read_user_customer_secret_key( - user.id) - record['database_passowrds'] = self.__identity_read_user_database_password(user.id) - self.__users.append(record) - print("\tProcessed " + str(len(self.__users)) + " Users") - return self.__users - - except Exception as e: - debug("__identity_read_users: User ID is: " + str(user)) - raise RuntimeError( - "Error in __identity_read_users: " + str(e.args)) + except Exception as e: + raise RuntimeError( + "Error in __identity_read_users: " + str(e.args)) ########################################################################## # Load user api keys ########################################################################## @@ -1678,7 +1697,7 @@ def __identity_read_user_database_password(self, user_ocid, identity_domain=None ########################################################################## def __identity_read_tenancy_policies(self): try: - debug("__identity_read_tenancy_policies: Getting Tenancy policies :") + debug("__identity_read_tenancy_policies: Getting Tenancy policies: ") policies_data = oci.pagination.list_call_get_all_results( self.__regions[self.__home_region]['search_client'].search_resources, search_details=oci.resource_search.models.StructuredSearchDetails( @@ -1686,7 +1705,7 @@ def __identity_read_tenancy_policies(self): ).data for policy in policies_data: - debug("__identity_read_tenancy_policies: Reading Tenancy policies : " + policy.display_name) + debug("__identity_read_tenancy_policies: Reading Tenancy policies: " + policy.display_name) deep_link = self.__oci_policies_uri + policy.identifier record = { "id": policy.identifier, @@ -1702,7 +1721,7 @@ def __identity_read_tenancy_policies(self): return self.__policies except Exception as e: - debug("__identity_read_tenancy_policies: Exception reading Tenancy policies : " + policy.display_name) + debug("__identity_read_tenancy_policies: Exception reading Tenancy policies: " + policy.display_name) self.__errors.append({"id" : "__identity_read_tenancy_policies", "error" : str(e)}) raise RuntimeError("Error in __identity_read_tenancy_policies: " + str(e.args)) @@ -1716,11 +1735,13 @@ def __identity_read_dynamic_groups(self): for identity_domain in self.__identity_domains: dynamic_groups_data = self.__identity_domains_get_all_results(func=identity_domain['IdentityDomainClient'].list_dynamic_resource_groups, args={}) + id_domain_deep_link = self.__oci_identity_domains_uri + identity_domain['id'] for dynamic_group in dynamic_groups_data: debug("__identity_read_dynamic_groups: reading dynamic groups" + str(dynamic_group.display_name)) deep_link = self.__oci_identity_domains_uri + "/domains/" + identity_domain['id'] + "/dynamic-groups/" + dynamic_group.id record = oci.util.to_dict(dynamic_group) record['deep_link'] = self.__generate_csv_hyperlink(deep_link, dynamic_group.display_name) + record['domain_deeplink'] = self.__generate_csv_hyperlink(id_domain_deep_link, identity_domain['display_name']) self.__dynamic_groups.append(record) else: @@ -1733,7 +1754,7 @@ def __identity_read_dynamic_groups(self): debug("__identity_read_dynamic_groups: reading dynamic groups" + str(dynamic_group.name)) record = oci.util.to_dict(dynamic_group) record['deep_link'] = self.__generate_csv_hyperlink(deep_link, dynamic_group.name) - + record['domain_deeplink'] = None self.__dynamic_groups.append(record) print("\tProcessed " + str(len(self.__dynamic_groups)) + " Dynamic Groups") @@ -1749,9 +1770,9 @@ def __identity_read_dynamic_groups(self): ############################################ def __identity_read_availability_domains(self): try: - debug("__identity_read_availability_domains: Getting Availability Domains for regions :") + debug("__identity_read_availability_domains: Getting Availability Domains for regions:") for region_key, region_values in self.__regions.items(): - debug("__identity_read_availability_domains: reading Availability Domains for regions :" +region_key) + debug("__identity_read_availability_domains: reading Availability Domains for regions: " +region_key) region_values['availability_domains'] = oci.pagination.list_call_get_all_results( region_values['identity_client'].list_availability_domains, compartment_id=self.__tenancy.id @@ -1759,8 +1780,8 @@ def __identity_read_availability_domains(self): print("\tProcessed " + str(len(region_values['availability_domains'])) + " Availability Domains in " + region_key) except Exception as e: - debug("__identity_read_availability_domains: reading availability domain" + str(region_key)) - self.__errors.append({"id" : "__identity_read_availability_domains" + "_" + str(region_key), "error" : str(e)}) + debug("__identity_read_availability_domains: reading availability domain " + str(region_key)) + self.__errors.append({"id": "__identity_read_availability_domains" + "_" + str(region_key), "error": str(e)}) raise RuntimeError( "Error in __identity_read_availability_domains: " + str(e.args)) @@ -2635,7 +2656,9 @@ def __network_read_ip_sec_connections(self): ############################################ def __network_topology_dump(self): debug("__network_topology_dump: Starting") - + if type(self.__signer) == oci.auth.signers.InstancePrincipalsDelegationTokenSigner: + self.__errors.append({"id": "__network_topology_dump", "error": "Delegated Tokens via Cloud Shell not supported." }) + return def api_function(region_key, region_values, tenancy_id): try: get_vcn_topology_response = region_values['topology_client'].get_networking_topology( @@ -3379,25 +3402,6 @@ def __budget_read_budgets(self): raise RuntimeError( "Error in __budget_read_budgets " + str(e.args)) - ########################################################################## - # Audit Configuration - ########################################################################## - def __audit_read_tenancy_audit_configuration(self): - # Pulling the Audit Configuration - try: - self.__audit_retention_period = self.__regions[self.__home_region]['audit_client'].get_configuration( - self.__tenancy.id).data.retention_period_days - except Exception as e: - if "NotAuthorizedOrNotFound" in str(e): - self.__audit_retention_period = -1 - print("\t*** Access to audit retention requires the user to be part of the Administrator group ***") - self.__errors.append({"id" : self.__tenancy.id, "error" : "*** Access to audit retention requires the user to be part of the Administrator group ***"}) - else: - raise RuntimeError("Error in __audit_read_tenancy_audit_configuration " + str(e.args)) - - print("\tProcessed Audit Configuration.") - return self.__audit_retention_period - ########################################################################## # Cloud Guard Configuration ########################################################################## @@ -3648,7 +3652,7 @@ def __search_resources_in_root_compartment(self): # query = [] # resources_in_root_data = [] # record = [] - query_non_compliant = "query VCN, instance, volume, filesystem, bucket, autonomousdatabase, database, dbsystem resources where compartmentId = '" + self.__tenancy.id + "'" + query_non_compliant = "query VCN, instance, volume, bootvolume, filesystem, bucket, autonomousdatabase, database, dbsystem resources where compartmentId = '" + self.__tenancy.id + "'" query_all_resources = "query all resources where compartmentId = '" + self.__tenancy.id + "'" # resources_in_root_data = self.__search_run_structured_query(query) @@ -3687,7 +3691,7 @@ def __search_resources_in_root_compartment(self): } self.cis_foundations_benchmark_2_0['6.2']['Total'].append(record) except: - self.__errors.append({"id" : "search_resources_in_root_compartment Invalid OCID", "error" : str(item)}) + self.__errors.append({"id": "search_resources_in_root_compartment Invalid OCID", "error" : str(item)}) debug(f'__search_resources_in_root_compartment: Invalid OCID: {str(item)}') except Exception as e: @@ -3772,7 +3776,7 @@ def __core_instance_read_compute(self): # Returning Instances - print("\tProcessed " + str(len(self.__Instance)) + " Service Connectors") + print("\tProcessed " + str(len(self.__Instance)) + " Compute Instances") return self.__service_connectors except Exception as e: raise RuntimeError("Error in __core_instance_read_compute " + str(e.args)) @@ -3808,7 +3812,7 @@ def __report_cis_analyze_tenancy_data(self): # 1.3 Check - May want to add a service check for policy in self.__policies: - if policy['name'].upper() != "Tenant Admin Policy".upper() and policy['name'].upper() != "PSM-root-policy".upper(): + if policy['name'].lower() not in ['tenant admin policy', 'psm-root-policy']: for statement in policy['statements']: if ("allow group".upper() in statement.upper() and "tenancy".upper() in statement.upper() and ("to manage ".upper() in statement.upper() or "to use".upper() in statement.upper()) and ("all-resources".upper() in statement.upper() or (" groups ".upper() in statement.upper() and " users ".upper() in statement.upper()))): split_statement = statement.split("where") @@ -3877,7 +3881,7 @@ def __report_cis_analyze_tenancy_data(self): # 1.7 Check - Local Users w/o MFA for user in self.__users: - if user['identity_provider_id'] is None and user['can_use_console_password'] and not (user['is_mfa_activated']) and user['lifecycle_state']: + if not(user['is_federated']) and user['can_use_console_password'] and not (user['is_mfa_activated']) and user['lifecycle_state']: self.cis_foundations_benchmark_2_0['1.7']['Status'] = False self.cis_foundations_benchmark_2_0['1.7']['Findings'].append( user) @@ -3996,26 +4000,25 @@ def __report_cis_analyze_tenancy_data(self): # CIS 1.15 Check - Ensure storage service-level admins cannot delete resources they manage. # Iterating through all policies for policy in self.__policies: - if policy['name'].upper() != "Tenant Admin Policy".upper() and policy['name'].upper() != "PSM-root-policy": + if policy['name'].lower() not in ['tenant admin policy', 'psm-root-policy']: for statement in policy['statements']: for resource in self.cis_iam_checks['1.15']: - if "allow group".upper() in statement.upper() and "manage".upper() in statement.upper() and resource.upper() in statement.upper(): + if "allow group".upper() in statement.upper() and "to manage ".upper() in statement.upper() and resource.upper() in statement.upper(): split_statement = statement.split("where") if len(split_statement) == 2: clean_where_clause = split_statement[1].upper().replace(" ", "").replace("'", "") if all(permission.upper() in clean_where_clause for permission in self.cis_iam_checks['1.15'][resource]) and \ not(all(permission.upper() in clean_where_clause for permission in self.cis_iam_checks['1.15-storage-admin'][resource])): - debug("__report_cis_analyze_tenancy_data no permissions to delete storage : " + str(policy['name'])) - + debug("__report_cis_analyze_tenancy_data no permissions to delete storage: " + str(policy['name'])) pass # Checking if this is the Storage admin with allowed elif all(permission.upper() in clean_where_clause for permission in self.cis_iam_checks['1.15-storage-admin'][resource]) and \ not(all(permission.upper() in clean_where_clause for permission in self.cis_iam_checks['1.15'][resource])): - debug("__report_cis_analyze_tenancy_data storage admin policy is : " + str(policy['name'])) + debug("__report_cis_analyze_tenancy_data storage admin policy is: " + str(policy['name'])) pass else: self.cis_foundations_benchmark_2_0['1.15']['Findings'].append(policy) - debug("__report_cis_analyze_tenancy_data else policy is /n: " + str(policy['name'])) + debug("__report_cis_analyze_tenancy_data else policy is\n: " + str(policy['name'])) else: self.cis_foundations_benchmark_2_0['1.15']['Findings'].append(policy) @@ -4025,7 +4028,7 @@ def __report_cis_analyze_tenancy_data(self): else: self.cis_foundations_benchmark_2_0['1.15']['Status'] = True - # CIS Total 1.14 Adding - All IAM Policies for to CIS Total + # CIS Total 1.15 Adding - All IAM Policies for to CIS Total self.cis_foundations_benchmark_2_0['1.15']['Total'] = self.__policies # CIS 2.1, 2.2, & 2.5 Check - Security List Ingress from 0.0.0.0/0 on ports 22, 3389 @@ -4247,17 +4250,21 @@ def __report_cis_analyze_tenancy_data(self): # Generating list of keys for key in self.__kms_keys: - if self.kms_key_time_max_datetime and self.kms_key_time_max_datetime >= datetime.datetime.strptime(key['currentKeyVersion_time_created'], self.__iso_time_format): - self.cis_foundations_benchmark_2_0['4.16']['Status'] = False - self.cis_foundations_benchmark_2_0['4.16']['Findings'].append( - key) - if self.kms_key_time_max_datetime is None: - self.cis_foundations_benchmark_2_0['4.16']['Status'] = False - self.cis_foundations_benchmark_2_0['4.16']['Findings'].append( - key) - - - # CIS Check 3.16 Total - Adding Key to total + try: + if self.kms_key_time_max_datetime and self.kms_key_time_max_datetime >= datetime.datetime.strptime(key['currentKeyVersion_time_created'], self.__iso_time_format): + self.cis_foundations_benchmark_2_0['4.16']['Status'] = False + self.cis_foundations_benchmark_2_0['4.16']['Findings'].append( + key) + if self.kms_key_time_max_datetime is None: + self.cis_foundations_benchmark_2_0['4.16']['Status'] = False + self.cis_foundations_benchmark_2_0['4.16']['Findings'].append( + key) + except: + self.cis_foundations_benchmark_2_0['4.16']['Status'] = False + self.cis_foundations_benchmark_2_0['4.16']['Findings'].append( + key) + + # CIS Check 4.16 Total - Adding Key to total self.cis_foundations_benchmark_2_0['4.16']['Total'].append(key) # CIS Check 4.17 - Object Storage with Logs @@ -4909,12 +4916,14 @@ def __report_generate_cis_report(self, level): # Generating Summary report CSV print_header("Writing CIS reports to CSV") summary_files = [] - summary_file_name = self.__print_to_csv_file( - self.__report_directory, "cis", "summary_report", summary_report) + summary_file_name = self.__print_to_csv_file("cis", "summary_report", summary_report) summary_files.append(summary_file_name) - summary_file_name = self.__report_generate_html_summary_report( - self.__report_directory, "cis", "html_summary_report", summary_report) + if self.__report_summary_json: + summary_file_name = self.__print_to_json_file("cis", "summary_report", summary_report) + summary_files.append(summary_file_name) + + summary_file_name = self.__report_generate_html_summary_report("cis", "html_summary_report", summary_report) summary_files.append(summary_file_name) # Outputing to a bucket if I have one @@ -4925,8 +4934,7 @@ def __report_generate_cis_report(self, level): for key, recommendation in self.cis_foundations_benchmark_2_0.items(): if recommendation['Level'] <= level: - report_file_name = self.__print_to_csv_file( - self.__report_directory, "cis", recommendation['section'] + "_" + recommendation['recommendation_#'], recommendation['Findings']) + report_file_name = self.__print_to_csv_file("cis", recommendation['section'] + "_" + recommendation['recommendation_#'], recommendation['Findings']) if report_file_name and self.__output_bucket: self.__os_copy_report_to_object_storage( self.__output_bucket, report_file_name) @@ -4934,11 +4942,11 @@ def __report_generate_cis_report(self, level): ########################################################################## # Generates an HTML report ########################################################################## - def __report_generate_html_summary_report(self, report_directory, header, file_subject, data): + def __report_generate_html_summary_report(self, header, file_subject, data): try: # Creating report directory - if not os.path.isdir(report_directory): - os.mkdir(report_directory) + if not os.path.isdir(self.__report_directory): + os.mkdir(self.__report_directory) except Exception as e: raise Exception("Error in creating report directory: " + str(e.args)) @@ -4948,11 +4956,10 @@ def __report_generate_html_summary_report(self, report_directory, header, file_s if len(data) == 0: return None - # get the file name of the CSV - + # get the file name of the HTML file_name = header + "_" + file_subject file_name = (file_name.replace(" ", "_")).replace(".", "-").replace("_-_", "_") + ".html" - file_path = os.path.join(report_directory, file_name) + file_path = os.path.join(self.__report_directory, f'{self.__report_prefix}{file_name}') # add report_datetimeto each dictionary result = [dict(item, extract_date=self.start_time_str) @@ -5238,8 +5245,7 @@ def __report_generate_obp_report(self): print_header("Writing Oracle Best Practices reports to CSV") - summary_report_file_name = self.__print_to_csv_file( - self.__report_directory, "obp", "OBP_Summary", obp_summary_report) + summary_report_file_name = self.__print_to_csv_file("obp", "OBP_Summary", obp_summary_report) if summary_report_file_name and self.__output_bucket: self.__os_copy_report_to_object_storage( @@ -5247,13 +5253,11 @@ def __report_generate_obp_report(self): # Printing Findings to CSV for key, value in self.obp_foundations_checks.items(): - report_file_name = self.__print_to_csv_file( - self.__report_directory, "obp", key + "_Findings", value['Findings']) + report_file_name = self.__print_to_csv_file("obp", key + "_Findings", value['Findings']) # Printing OBPs to CSV for key, value in self.obp_foundations_checks.items(): - report_file_name = self.__print_to_csv_file( - self.__report_directory, "obp", key + "_Best_Practices", value['OBP']) + report_file_name = self.__print_to_csv_file("obp", key + "_Best_Practices", value['OBP']) if report_file_name and self.__output_bucket: self.__os_copy_report_to_object_storage( @@ -5289,7 +5293,6 @@ def __collect_tenancy_data(self): self.__identity_read_users, self.__identity_read_tenancy_password_policy, self.__identity_read_dynamic_groups, - self.__audit_read_tenancy_audit_configuration, self.__identity_read_availability_domains, self.__identity_read_tag_defaults, self.__identity_read_tenancy_policies, @@ -5385,146 +5388,61 @@ def __report_generate_raw_data_output(self): # List to store output reports if copying to object storage is required list_report_file_names = [] - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "identity_groups_and_membership", self.__groups_to_users) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "identity_domains", self.__identity_domains) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "identity_users", self.__users) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "identity_policies", self.__policies) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "identity_dynamic_groups", self.__dynamic_groups) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "identity_tags", self.__tag_defaults) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "identity_compartments", self.__raw_compartment) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "network_security_groups", self.__network_security_groups) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "network_security_lists", self.__network_security_lists) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "network_subnets", self.__network_subnets) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "autonomous_databases", self.__autonomous_databases) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "analytics_instances", self.__analytics_instances) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "integration_instances", self.__integration_instances) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "event_rules", self.__event_rules) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "log_groups_and_logs", self.__logging_list) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "object_storage_buckets", self.__buckets) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "boot_volumes", self.__boot_volumes) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "block_volumes", self.__block_volumes) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "file_storage_system", self.__file_storage_system) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "keys_and_vaults", self.__kms_keys) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "ons_subscriptions", self.__subscriptions) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "budgets", self.__budgets) - list_report_file_names.append(report_file_name) - - # Converting a one to one dict to a list - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "service_connectors", list(self.__service_connectors.values())) - list_report_file_names.append(report_file_name) - - # Converting a dict that is one to a list to a flat list - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "network_fastconnects", (list(itertools.chain.from_iterable(self.__network_fastconnects.values())))) - list_report_file_names.append(report_file_name) - - # Converting a dict that is one to a list to a flat list - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "network_ipsec_connections", list(itertools.chain.from_iterable(self.__network_ipsec_connections.values()))) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "network_drgs", self.__raw_network_drgs) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "cloud_guard_target", list(self.__cloud_guard_targets.values())) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "regions", self.__raw_regions) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "network_drg_attachments", list(itertools.chain.from_iterable(self.__network_drg_attachments.values()))) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_csv_file( - self.__report_directory, "raw_data", "instances", self.__Instance) - list_report_file_names.append(report_file_name) - - report_file_name = self.__print_to_json_file( - self.__report_directory, "raw_data", "all_resources", self.__all_resources_json) - list_report_file_names.append(report_file_name) + raw_csv_files = { + "identity_groups_and_membership": self.__groups_to_users, + "identity_domains": self.__identity_domains, + "identity_users": self.__users, + "identity_policies": self.__policies, + "identity_dynamic_groups": self.__dynamic_groups, + "identity_tags": self.__tag_defaults, + "identity_compartments": self.__raw_compartment, + "network_security_groups": self.__network_security_groups, + "network_security_lists": self.__network_security_lists, + "network_subnets": self.__network_subnets, + "autonomous_databases": self.__autonomous_databases, + "analytics_instances": self.__analytics_instances, + "integration_instances": self.__integration_instances, + "event_rules": self.__event_rules, + "log_groups_and_logs": self.__logging_list, + "object_storage_buckets": self.__buckets, + "boot_volumes": self.__boot_volumes, + "block_volumes": self.__block_volumes, + "file_storage_system": self.__file_storage_system, + "keys_and_vaults": self.__kms_keys, + "ons_subscriptions": self.__subscriptions, + "budgets": self.__budgets, + "service_connectors": list(self.__service_connectors.values()), + "network_fastconnects": list(itertools.chain.from_iterable(self.__network_fastconnects.values())), + "network_ipsec_connections": list(itertools.chain.from_iterable(self.__network_ipsec_connections.values())), + "network_drgs": self.__raw_network_drgs, + "cloud_guard_target": list(self.__cloud_guard_targets.values()), + "regions": self.__raw_regions, + "network_drg_attachments": list(itertools.chain.from_iterable(self.__network_drg_attachments.values())), + "instances": self.__Instance + } + for key in raw_csv_files: + rfn = self.__print_to_csv_file('raw_data', key, raw_csv_files[key]) + list_report_file_names.append(rfn) - report_file_name = self.__print_to_json_file( - self.__report_directory, "raw_data", "oci_network_topologies", oci.util.to_dict(self.__network_topology_json)) - list_report_file_names.append(report_file_name) + raw_json_files = { + "all_resources": self.__all_resources_json, + "oci_network_topologies": oci.util.to_dict(self.__network_topology_json) + } + for key in raw_json_files: + rfn = self.__print_to_json_file('raw_data', key, raw_json_files[key]) + list_report_file_names.append(rfn) - report_file_name = self.__print_to_pkl_file( - self.__report_directory, "raw_data", "oci_network_topologies", self.__network_topology_json) - list_report_file_names.append(report_file_name) + raw_pkl_files = { + "oci_network_topologies": self.__network_topology_json + } + for key in raw_pkl_files: + rfn = self.__print_to_pkl_file('raw_data', key, raw_json_files[key]) + list_report_file_names.append(rfn) if self.__output_bucket: for raw_report in list_report_file_names: if raw_report: - self.__os_copy_report_to_object_storage( - self.__output_bucket, raw_report) + self.__os_copy_report_to_object_storage(self.__output_bucket, raw_report) ########################################################################## # Copy Report to Object Storage @@ -5547,12 +5465,12 @@ def __os_copy_report_to_object_storage(self, bucketname, filename): ########################################################################## # Print to CSV ########################################################################## - def __print_to_csv_file(self, report_directory, header, file_subject, data): + def __print_to_csv_file(self, header, file_subject, data): debug("__print_to_csv_file: " + header + "_" + file_subject) try: # Creating report directory - if not os.path.isdir(report_directory): - os.mkdir(report_directory) + if not os.path.isdir(self.__report_directory): + os.mkdir(self.__report_directory) except Exception as e: raise Exception( @@ -5567,7 +5485,7 @@ def __print_to_csv_file(self, report_directory, header, file_subject, data): file_name = header + "_" + file_subject file_name = (file_name.replace(" ", "_")).replace(".", "-").replace("_-_", "_") + ".csv" - file_path = os.path.join(report_directory, file_name) + file_path = os.path.join(self.__report_directory, f'{self.__report_prefix}{file_name}') # add report_datetimeto each dictionary result = [dict(item, extract_date=self.start_time_str) @@ -5614,11 +5532,11 @@ def __print_to_csv_file(self, report_directory, header, file_subject, data): ########################################################################## # Print to JSON ########################################################################## - def __print_to_json_file(self, report_directory, header, file_subject, data): + def __print_to_json_file(self, header, file_subject, data): try: # Creating report directory - if not os.path.isdir(report_directory): - os.mkdir(report_directory) + if not os.path.isdir(self.__report_directory): + os.mkdir(self.__report_directory) except Exception as e: raise Exception( @@ -5634,7 +5552,7 @@ def __print_to_json_file(self, report_directory, header, file_subject, data): file_name = header + "_" + file_subject file_name = (file_name.replace(" ", "_") ).replace(".", "-").replace("_-_","_") + ".json" - file_path = os.path.join(report_directory, file_name) + file_path = os.path.join(self.__report_directory, f'{self.__report_prefix}{file_name}') # Serializing JSON to string json_object = json.dumps(data, indent=4) @@ -5661,11 +5579,11 @@ def __print_to_json_file(self, report_directory, header, file_subject, data): ########################################################################## # Print to PKL ########################################################################## - def __print_to_pkl_file(self, report_directory, header, file_subject, data): + def __print_to_pkl_file(self, header, file_subject, data): try: # Creating report directory - if not os.path.isdir(report_directory): - os.mkdir(report_directory) + if not os.path.isdir(self.__report_directory): + os.mkdir(self.__report_directory) except Exception as e: raise Exception( @@ -5681,7 +5599,7 @@ def __print_to_pkl_file(self, report_directory, header, file_subject, data): file_name = header + "_" + file_subject file_name = (file_name.replace(" ", "_") ).replace(".", "-").replace("_-_","_") + ".pkl" - file_path = os.path.join(report_directory, file_name) + file_path = os.path.join(self.__report_directory, f'{self.__report_prefix}{file_name}') # Writing to json file with open(file_path, 'wb') as pkl_file: @@ -5722,8 +5640,7 @@ def generate_reports(self, level=2): self.__report_generate_raw_data_output() if self.__errors: - error_report = self.__print_to_csv_file( - self.__report_directory, "error", "report", self.__errors) + error_report = self.__print_to_csv_file("error", "report", self.__errors) if self.__output_bucket: if error_report: @@ -5795,8 +5712,7 @@ def create_signer(file_location, config_profile, is_instance_principals, is_dele # check if file exist if env_config_file is None or env_config_section is None: - print( - "*** OCI_CONFIG_FILE and OCI_CONFIG_PROFILE env variables not found, abort. ***") + print("*** OCI_CONFIG_FILE and OCI_CONFIG_PROFILE env variables not found, abort. ***") print("") raise SystemExit @@ -5908,39 +5824,43 @@ def execute_report(): # Get Command Line Parser parser = argparse.ArgumentParser(formatter_class=lambda prog: argparse.HelpFormatter(prog, max_help_position=100, width=180)) parser.add_argument('-c', default="", dest='file_location', - help='OCI config file location') + help='OCI config file location.') parser.add_argument('-t', default="", dest='config_profile', - help='Config file section to use (tenancy profile) ') + help='Config file section to use (tenancy profile).') parser.add_argument('-p', default="", dest='proxy', - help='Set Proxy (i.e. www-proxy-server.com:80) ') + help='Set Proxy (i.e. www-proxy-server.com:80).') parser.add_argument('--output-to-bucket', default="", dest='output_bucket', - help='Set Output bucket name (i.e. my-reporting-bucket) ') + help='Set Output bucket name (i.e. my-reporting-bucket).') parser.add_argument('--report-directory', default=None, dest='report_directory', - help='Set Output report directory by default it is the current date (i.e. reports-date) ') + help='Set Output report directory by default it is the current date (i.e. reports-date).') + parser.add_argument('--report-prefix', default=None, dest='report_prefix', + help='Set Output report prefix to allow unique files for better baseline comparison.') + parser.add_argument('--report-summary-json', action='store_true', default=None, dest='report_summary_json', + help='Write summary report as JSON file, too.') parser.add_argument('--print-to-screen', default='True', dest='print_to_screen', - help='Set to False if you want to see only non-compliant findings (i.e. False) ') + help='Set to False if you want to see only non-compliant findings (i.e. False).') parser.add_argument('--level', default=2, dest='level', - help='CIS Recommendation Level options are: 1 or 2. Set to 2 by default ') + help='CIS Recommendation Level options are: 1 or 2. Set to 2 by default.') parser.add_argument('--regions', default="", dest='regions', - help='Regions to run the compliance checks on, by default it will run in all regions. Sample input: us-ashburn-1,ca-toronto-1,eu-frankfurt-1') + help='Regions to run the compliance checks on, by default it will run in all regions. Sample input: us-ashburn-1,ca-toronto-1,eu-frankfurt-1.') parser.add_argument('--raw', action='store_true', default=False, - help='Outputs all resource data into CSV files') + help='Outputs all resource data into CSV files.') parser.add_argument('--obp', action='store_true', default=False, - help='Checks for OCI best practices') + help='Checks for OCI best practices.') parser.add_argument('--all-resources', action='store_true', default=False, help='Uses Advanced Search Service to query all resources in the tenancy and outputs to a JSON. This also enables OCI Best Practice Checks (--obp) and All resource to csv (--raw) flags.') parser.add_argument('--redact_output', action='store_true', default=False, - help='Redacts OCIDs in output CSV and JSON files') + help='Redacts OCIDs in output CSV and JSON files.') parser.add_argument('-ip', action='store_true', default=False, - dest='is_instance_principals', help='Use Instance Principals for Authentication ') + dest='is_instance_principals', help='Use Instance Principals for Authentication.') parser.add_argument('-dt', action='store_true', default=False, - dest='is_delegation_token', help='Use Delegation Token for Authentication in Cloud Shell') + dest='is_delegation_token', help='Use Delegation Token for Authentication in Cloud Shell.') parser.add_argument('-st', action='store_true', default=False, - dest='is_security_token', help='Authenticate using Security Token') + dest='is_security_token', help='Authenticate using Security Token.') parser.add_argument('-v', action='store_true', default=False, dest='version', help='Show the version of the script and exit.') parser.add_argument('--debug', action='store_true', default=False, - dest='debug', help='Enables debugging messages. This feature is in beta') + dest='debug', help='Enables debugging messages. This feature is in beta.') cmd = parser.parse_args() if cmd.version: @@ -5949,16 +5869,17 @@ def execute_report(): config, signer = create_signer(cmd.file_location, cmd.config_profile, cmd.is_instance_principals, cmd.is_delegation_token, cmd.is_security_token) config['retry_strategy'] = oci.retry.DEFAULT_RETRY_STRATEGY - report = CIS_Report(config, signer, cmd.proxy, cmd.output_bucket, cmd.report_directory, cmd.print_to_screen, \ + report = CIS_Report(config, signer, cmd.proxy, cmd.output_bucket, cmd.report_directory, cmd.report_prefix, cmd.report_summary_json, cmd.print_to_screen, \ cmd.regions, cmd.raw, cmd.obp, cmd.redact_output, debug=cmd.debug, all_resources=cmd.all_resources) csv_report_directory = report.generate_reports(int(cmd.level)) try: if OUTPUT_TO_XLSX: - workbook = Workbook(csv_report_directory + '/Consolidated_Report.xlsx', {'in_memory': True}) - for csvfile in glob.glob(csv_report_directory + '/*.csv'): + report_prefix = f'{cmd.report_prefix}_' if cmd.report_prefix else '' + workbook = Workbook(f'{csv_report_directory}/{report_prefix}Consolidated_Report.xlsx', {'in_memory': True}) + for csvfile in glob.glob(f'{csv_report_directory}/{report_prefix}*.csv'): - worksheet_name = csvfile.split(os.path.sep)[-1].replace(".csv", "").replace("raw_data_", "raw_").replace("Findings", "fds").replace("Best_Practices", "bps") + worksheet_name = csvfile.split(os.path.sep)[-1].replace(report_prefix, "").replace(".csv", "").replace("raw_data_", "raw_").replace("Findings", "fds").replace("Best_Practices", "bps") if "Identity_and_Access_Management" in worksheet_name: worksheet_name = worksheet_name.replace("Identity_and_Access_Management", "IAM") @@ -5986,7 +5907,7 @@ def execute_report(): worksheet.write(r, c, col) workbook.close() except Exception as e: - print("**Failed to output to excel. Please use CSV files.**") + print("** Failed to output to excel. Please use CSV files. **") print(e) diff --git a/cd3_automation_toolkit/commonTools.py b/cd3_automation_toolkit/commonTools.py index b300c638b..a0aff38b8 100644 --- a/cd3_automation_toolkit/commonTools.py +++ b/cd3_automation_toolkit/commonTools.py @@ -48,6 +48,7 @@ def __init__(self): self.home_region="" self.ntk_compartment_ids = {} self.region_dict={} + self.region_ad_dict = {} self.protocol_dict={} self.sheet_dict={} self.reg_filter = None @@ -112,6 +113,8 @@ def __init__(self): # Get Export filters def get_export_filters(self,export_filters): for i in export_filters: + i = i.replace(" ", "") + i = i.replace("\"", "") if 'reg_filter' in i: self.reg_filter = (i.split("=")[1])[2:][:-2] @@ -212,6 +215,16 @@ def authenticate(self,auth_mechanism,config_file_path=DEFAULT_LOCATION): return config,signer + #Get Region ADs + def get_region_ad_dict(self, config, signer): + for reg in self.all_regions: + ADs = [] + config.__setitem__("region", self.region_dict[reg]) + idc = IdentityClient(config=config, retry_strategy=oci.retry.DEFAULT_RETRY_STRATEGY, signer=signer) + ADs_data = idc.list_availability_domains(compartment_id=config['tenancy']) + for AD in ADs_data.data: + ADs.append(AD.name) + self.region_ad_dict[reg] = ADs #Get Tenancy Regions def get_subscribedregions(self, config,signer): diff --git a/cd3_automation_toolkit/example/CD3-Blank-template.xlsx b/cd3_automation_toolkit/example/CD3-Blank-template.xlsx index f1ff289f514285a89beec3f8f73be69c0c007105..f966c207871fa8f5d3fe59f92dce374e14ca81b9 100644 GIT binary patch delta 28812 zcmY&B)8TDA7t*VZq- z1b(R=zCIToBK_SdI=KLz5ilt)g09&aB6}f56~y4yZXH6EJ zVZr|;#zPkDysWY+-@mfm;d$K2$*uJ&8nR&DS4;BT?WeYJ-tYCehnvdB7c--u3|Rf6 zxAyaQf*u-vRwmc2OWPm!zZa1W^S*tQfPff!Y2--G7FJXiaGJTXzXHyfGobSo-i#fk zuB@)q5V1ko&z*<0IXpGG^lK~J=C7mZLo5@Z2lAB&qwoCec&!YZz+f}%q;~vy+^}|` z92|cKW@q<}yB27_`+=fN$DK-CvReOOY0YXC78GX5H#ok})@1C2yfQ+3U;cGf=)}+` zomBDD4ATEtxo8@srWTNs_FR{$p(r1+qZlVDR2+p@Z-hiVP@^S!E>mZ#SG|U$K%XB| z3fgR1%R%ZTU8vF8eKNF^Ua{YB9n}u$_M?sa$gg%(g^ePs_f&Jhm%NM z(C@-Vcl}3odi*R+bv->kVTjP*{aoZ8M_$Y#cJX}&G+6droaq3^TbP5bjF9NNsM_Vn zMUk`?{2#r+@EzUQpxn#f1XIIVJvBH%#1xB;15ub1s{&sUC<6UOf-j~^DA7?qoOE+cy7X$}e#76$_akQWMM+nz=_ zG8RsUe!FZM-`fDR(`CpB8%M-+_^i|sr;!uKcS@>ka5~85~J?DXCv!kz&;_wg+ z%j_R%@wu$m)!!==-_JbPW0ktLHSrv33a#Iw3iOvM)1y>+F7EMt>gJtJ0isqxy7PYv zdKx+Hcy2X*fMFyG;bk~wD>u2ioviS4zcbW*(7qmRjUNIUd%VJb3dIrL<6S%seK2%> z^AuPI#QNTLKXn-fzjqB2`+1&OLlIV|(yu=_X56?zZQ0)80od8{!~JG>LdX3qA^9Hu zR%Tq)w*IX}{=j%ox>Ca2h}OW}hyh@AdQl-}j!z`ewr(wiQ}ll2N8+Ezr)tI6Si4?8 ztvhk0L?i<+O_2<(+ler=E*}f9?Qt4`1I9vq*Vj;V@n34pg5YDTvS!*Fwx9DP1yo{R zEsRAE*H+8LCR&&@9+-Wv3`Shhu+>BEuXC_FuB_h`+_lb}z7hLvbSZn0ff!x1o+I{9 z1(4!9bvY7%Fr6V{VRxJxr&8W#Uj(C|XFzuh&&>eh(x!=``>zf7ce{@hsbU!)g>TbQ z@tF*;__kUvYIvshaIEKK_OZDnq)S+dSx>+7<^_1XB@e&)r@(L)Ll!i1>~*~)qA5H4 z7XE@A`YS=l-zRqUTf&qoOo0lbkr2KiMv!RZ(Zn=K^cFIn(qqG? zGfo~b1qRd3!b<7yuD|Vr`@)2wR~VhegY6zk^ENA!0?&%jE|K8$(T;`ZX0Z+%IvCLr z*UvxsTlS=ZWYw3|v0VbLt;tN6d7@F8VeJiXaP?c6!yd*AWfaJ0F1nb<5oMp!2AYz* zLSQrxVP7>4rpwwf8t)EX-uympy=TGbH-kdJNY{>OkVa&j?8Z*|c|SVUesY4P3kPB( z%ekR+&bBEvVkC9f)G=WYFLLU&$O*z=L=*%&#gzU>$7Hgqaa0SMthgyskGa5cyF5!q zhU1r>a~!Kt-MQ1R=q?KGvSgzX+*(Vr(m4xz<+x~)eDcPYL6eIT5ET9^fjt=_kh_Wi zuvPq@7-*e_dxx zV%xLe^&6f3YIGPHPyBJhWjVBTJ&_y)_~au>h*^-1oyCFBe#LyuHcg1hV=hLIgPwm;D{yO%#&;XsP{8@+d z9M-_7io0TB7_SPWx$G-bb5{nzW0V`}{g}t^*)?Uqa1n9*?5mE>M7PFrh^)In{g2tnLq6?{Y#3GGdVqM$p7&BpHZ`tNxn)7qev>%wI8&QXXA4PVB1(gUw5C0kJ>=>R>={lKO^#OWTe5 z@?%l7Vm!4$Z;mcAlXiS?7eX>DzKoU+-MXQWJ+PF44c&T=tPv1U#>~f6Ux;BMX0#Pux7M)_y4GZ!p)SKsn9kqCGZt z*{@AoCT5Cb)9R=Gh{0$U;Va|b*?6nPg zcy;F|n?djW?az&)4vMFH(z!5H4{@d`p0Lx@Ke&v}V;upLmu^`RnXZQDtjo=Rc{_d> z?x;c0QG@QfupRa(-XDMK6KZRp{zgx?KD=9)Fa=@=z(iXU85a}7w>Ef8#XdH2+rXY6 zKxkqqW)IW~bLYCswe9ymNPU|4zQ0IH=zaA!VFpT<7_Aagmjw8G^b%tDBaPH$ZO9X& zS&CA#9rT!ySJuR!G8fc_o$=et6M~8^X9G6B-HiouQH+ahLO}2piBGdfSL0K^_esqU zpUijx+Ia}^mC+$qeqLG?s!V7A-t<>xxU z@b=mPfEuZrC)YXw+{I10tW>8rzQ}MUwUmgMky@w)4vVa{fW?Ns;=`YSXEij7U_>nv z+L?>Wn~|IO29C-+LxCqI#xO#W{mn5`aQ!n5h!EBncxu^+S0?sp=h=4Dp@T!f0F9Cg z>^~it|F)})gZ>?)RY{r@mT6f!h?ESr7F5r%>?Nr~K;DdL`NzD$ZZi%j9IW2XsT>A4 zVk!oxK^z!w{}n{HDO5b+WjEDz#X?}XM0N?F-_FuuaN699GdTXD&*QPhs7zfD_2Wtm zkO@U##DKnA1aC>^=RT_t9M6y(PqDHa%+%;7hb!Wd+pqV?iD zR}sz?o3yxyGG#DM<;Fh!22av|W0zyJO=q^L$OOPCx%Fz9G)=L7N&)O?5KnP0u7i(}NDCK&kv zVAS+{&b5YRKC86&hz1q6&E2ZAcorq|6&fkFbx!K1x^=z==QrX|PcG$?+;KdDe^bWg zIlHqmXVH{=51<8y0o+e^5`edh`^l3(v3Fy%k?gqH14NgF)>`wvz{CVPqw=e?(h9I5z*;UE@Le5n*PV4XJ*&$>caT3N>eOBUlbt zc{+bsuSBc#_XZisZE1f^^C=qwqTSD8sxJV$t>7{hT~+veAKa|w!=`(()le40NS5WgJSOe7lIh%W513p z>NpJCzdXbhrxfId86haU!tF2Dk;(Qou~q&6O&AcLTK0Cpm`Jtrcnq0KG|3v*73c!}U=J{3Vo}diRCeuiRD0$)b^vZbJsZoTAG+!d{H`lfi2w6Q9Z4KbOSK6?XqVPplhy z>TRRPy6JnE__MI2gI=4lbC2!TjG`5Dw08ovOG<*5mq&NyxfW9zqq?l|qOy+8rPT%t zj<1%_nX7SSFx(EY>~1Zy0^_E4hu|PRSW=0~;i$b?byAr?+@D}1pYyNA@q9_#kR&?J zW=H+Moz;*w?_BGpy}^p{ufGQyg4|P(Fl`~idUa9o%kLcsC(WvW-Q!RyeK5kl@xDVg z3gRNdz@5LPbbFwIfDA-@Vky~y6nLne_E<1Nx23Z_jGqKw<|xS2XV4V4D`y#|<5BU;?H}uzuBVAplTC^d zaq;HH15+P+Is9_~Z*1$b&9j7NP@pC=lov6$@YC~6W_;12@5WC<)XmDSV#akH5&UEH#jDvZ_Fis;uKic<;gytc-ps6F)?4`rySiuSp z1-ZjvqY}Rljr$}-EePIrA)AWL8usyrD7!PUPj0KD<8_*9~oYt`jBqk z1F)$g1c$cT1bgY}UUN!Fegf+I=^36W7`l4T_Em?{xGCSWg$~}uld5wpntWXMBvbjv ztKkR%sWo$w2}k1$&*4XnwA6LBLhQxryWnoftS#AC3B|tpqX)pRwpu8KKM~gY z)f~6!Tl++$t=I?9D5uH_{MhbfCEQ?XGe)!5*f;S^KHZ_OUC zN^2?U=4F{BcHwYYa3^AcOxVkfwy|Xt!MLitf1%Cn8O(97CSR)OP|WkfQxVU{b0!PD zFNv;YKrZdla||lb%{4 zd=QX_iGTFN^^bm1{y+L*Uxh%`)X*y5sHr5XB^)8ea>-e<1l9QV5T_`XP)@T3BVhdU zVL8k`_4kQJ_jWktuz}wB7!v14+^;Clbuhq3OP&Rejd*)hQ-c|#5Nm9{7O^k`vg*0} zK!&Kuv3nrC*>mWn-5QH%6SXg3sZWkEl?3X&vZl^=NanXh;aw4l%r{Z5@ad3HpAgd1 zEVX;G6T|wc9MY)fL6O(?-7X@VAfX_1iSzrn7`a*S!UINbYUm-EnIX${S;=2me}%$e z3y#Zo(EGTFHrt-?m4nnMo2z4?%|8fk9G-vXzl0ddv_1)kz@i)d;C6%u@Dvn2gknrF zS6c@SU51okX9zMiuiRAj_5|-{1|puLOa!eUX-yM%>b47cYgCnx{6yW3;>6nO@nks)cPCR3i{g}{%Rgm z$;N6Z;vn7%i}rZ=Ia4tJ5S#Lq=jn&9bpCR0v)!v!s9YiL;777nX&^oncC{(zYO7_| zL?=UB5Kqiu`cU29tI%r)aGNle(=~gQT*HjgnFp?i(P0q_c--Cyh}H+}wKRfU!JN0> zh8a|%wqx#fu^46q!Ozvfru>8}qS!);{Yf^Bhg?Y=C^QYh0fZzfY=1T%;7i=m>Wj8t z|1exgAn2Dt@Y5u}3Qx_6{^b}-*BJ{w>5HE6hTtzve_b!Sto)1J_{0g03!9)6e~JkK z0w8xQ$JBEQ#?KO=i4MOJYNc`8P z=SLIoFFsayQ;c9?Qz>mfTA2H1>cix1!4_|jG;K>L0nJxhPU7=+O7zG{4mi>(cye@n zewH-1%H+85uYIRBGl% zgBrhM!b)knw+yP(kM3q#dE*`7Mkd(@4lJ_eB&32Qw*`x4EmOWLM5V8sU*Y@1`Lk&C zB)Z*7Rpjbk=-My~_-Ejy|7eb;+zn+n2$pN$F|5I30H3^D6Y zx|`F-7)B3WIH<2pbze)7jDD_geW3`{acU^!6LcHsy{mOKf>vWx2O&@D-!x=l6nysL zIqE3ox<81?;kibKXg?!Gfrc3aPoh%!vrymlLoROZ16)j65M>WWq4rN(aLBzk#ULmr zt~mK6Rj>wfAdkr35!VuMl)a2-fv{H&5>ms22aW#hxvCHz(TlWHWRM7OW0!|3@$E|h zNF$@lH7FdE9*uw!5KNXobG%aIe){Ai5A+|Kj1pd8D`^e6Z|)PNk&$IjdQx4`J^5_lfT{2qWY= z(4Fu@948Bne5)9syn~zCIZerjt38Ix_t+aU`KX*>8=*dPA@bmcq%RcjrU|H3 zXn@jrr$}K`q}L=$3~(6f9%-jDBA^zZgg*Jy1p79X}V zNjjigA8D!Uy)QvW8j+amix-_4(oZ~*BOHOf?UR>29~z@~P(j7@cv1Gcg!!SrzuXD^ zMS))ClmHP_o$E2A(e;4Ye>bm-uudD!q}KDi{hDJs=(%LG=zCy>3zKjw65#h0B1@8_ zn-tVIp?5`Idf2LpJ0t*63}?E3y`@13%#2$0nD9a9E7~LeX-%;wg(P*LOTtDcSpMSt z&_J;#!%wqNq}3o<=6283Cgp_uTQZrYJI>@UjXD}cU~rvC8f=U}Y>9qiiv*zJwDu{F zsLzG9{i)-U6DT9TC|1opYbu`JpYcF3>}9N$29&-%7-T~vBvdw`9t0)dJn6r9y*sNj z`d|*rZE9plu}T&0wFvh4 zb>NbwIfa;V&GFCnC8u&l0eBznmIg0kj1^HT(kNVV(1*-{mo5``V5TbdU{B?y3oVyl zJjOZ`{KJFX)8jj>5L8*l>V+qI?IIFNvwaCaB#l(mbly@fSG8loCHW+dv^01=ME41c zB2G`XtgK_xB0V-}W{%)?t5H%Ci$Ce+gD{*pyXj!nExwl|C2^w!pbT5nHME2{?~=we9-_;K*lvz8^R9&SGlETz{_@n3qFsLb0^*p)0ZU!=x7+eKhl8X0Z-Cp z{NuQOYnkP0UO~8V(u?ljGa$>1+Tr}FbHsWw^!#ByJjxguOSyjT>@km9d^J$$Tkn$a zF9c0rd>KQ@jo?qy<~qF85MJ;GzxcY~V%ngUaezLMlkPB!$bUydN{Tqt$?+YKQ`zo2mA^z;y&;22$FKj&ER^;n&t$b=ehp#7P5F8;ejY8d^eEAzw8KNrN;ZR5vvFd!0TBUrn|Ua zbj&gIS|AdRxGLGe|lX|Pn)`S{obDX5|m)2eD zoY{b}NICD^_T=fX$|jbQC^uA^wP;ZOTs|wtinnEqEZ^#hOtCZ?*P@D&pPoLF3Kn0S zVS(~32g_(Ls%@t%BpAOxOaRK8d9Wx>i~xEUp*1b(L*`24MO%C3 z`%k)k%~8|Z4-k;XQiFL=xKqfGI3ghD)WLpYB01Lx9gsY@i$T_3`3LTNOTCJy?tiK} zQ1jaZAwF7pdCRQs4r$y`HbB5E%@bOu$f`E>i(;58ipd~;Dcr0*+w1wMPl~ZQg9Dsy zRhZS|C}Ou>7oc^6zKav{2n)1;6}Pt9VV;GfdM_zUq`5PYyJRj&*J~krrYUQ_pMQ)G z5L0B0B}a$nM^@|uBc57f{A&0k_aIhKl%uW!@~srD=EOP)5$Ne#J3Izc>_HQwbyteQ zO(}Gq+iX%wy%D{MM?=`$XRac5`7in(@3Li7S!!bF96%1Pil4aNB->zUPi0%5koyy4 z%byyZAv?eCwaSvs=V2Nd?{oKC3QiCL(v>_5N3SlA1*D84vkO&H+D>d=`>IMVlc~FO zb+Z8K&2yt-R-&|}I6AW{2-1D-pk_G?me*vYvlN+o&dmtE(_$k31W`KfyU1Mlry%Nv z@8;I(nPo0Hz?L#-#&$-09#O6hJ)JK+eb%q2aq|zcC!&mS> z{cZ=~%;We~v74}qtg-@kK{CkXCF|MT#Xu#>7FWa?N&0j%K5hHaJ5(AJOj7>`pOrE0 z0qEIqFWmiV6&4dHCuHC}2MT_i^sT?qZgH-y6v+dEP}gy*%&EsH=gGgb3xJ*BqE3T< zxr%~c*zO1r>`3qyu}roWIYj&Q^M~E;UoT9sN&yIaXj%P@z>E6%j^K0ijBP z+dsNdS8>W_LGjOT`UrR>>J`C}AYE*#)HN!#Ic>2T;fd6UVPChIQ+&DP&*mY~AZw!8 zMasVHxY_h%a8fFS&C8h6Z^7(0i2++u)w%J|DL=yKS6ZzphVIjyPo!Bw0e?Cr+_syhI>z7=UD!7fE>b-UG@ZnE%p;_QgD}`|(yJJ4 z4|L0Sma=wMy^`O_e`axflceaYNYZswfSFK9zZu_8SHVT~G4b(!m*oKPL}U2wwFC-k z{B23OdhJiWH9x^0`wO4Rn669UWl+#_{gf3rbdNQ?H@5|~EZn5am+SXw;!c$t66sjJ zGguE1K!&xJin;JG@5)89DgOc+(P5RIwZ%0^;Dk4%7Npu0t7CTbvSzHHO-clB5R z7k(r!c~pu#_tYtTzXn8Oy38}`Zq}9fHSPHFDBG)9AQou`2ELz@Z|(|Vztm3K;oMFk zj%Z<4M_M`$8+CH=XNckSXE}@(u)dk1VgU~mPvCw&chA_q)o?364P=-G^^oM7-#AC; zYW%PM2-8+V7Ex1TKecO^r^uHOa6phC__YK@(>7_J572S# zCmOHff-Q+Rpd9Jstb@gXm@E(d3h(W9Cm%(&qR=L0>q(;YBQRj8CrZ)}45%f5s17gI zBGE)P81KFQ{=_*`GQD&AmZd6o#_y0DEk#B8t?Zg!H}+dy%{;en=cMM9fnsl_z6^>a zG+sG5F2Yg-A9a0t_*WlHWmT+uz8_Pk2QgiS)%yh`!9RHKTxETJQWOoK|5P3Xs(c|! zSsYke#cWAHa`Q;(EkOVq{Xmg)tUwcwLXoN&u-^DVcLT(|4Te!zmSrW z1SvQRC#RJfS!sw1 zUF5J9)@8fs1D*m5`y!$IcoMebMh zn3Z8|N@!H2cUJ8C)g!SpH(9I%j>tJ2h!kKn=4@LlW(*L7*aI00wkMD_bJd214Do>* z3`}a@+Mofme0GocD0y&bGZbB;7AHue_H5l%Lk?UK-y3^#2mt6CK@X0U90)>~BFmaC zkJBqT9}29%5QU}g#%y+i9vq8%@o?|`E-di85(a5p4_F0-)1!qo0R>{M<-ZHO5`+l= zodc#?4*ycEcYXX3(9b}kF#xE+MyNn3G(S_VghxNOVIr${cXiHxS|8(|*57SUnJn!U z1~5qDN-g~;HE(v52vqLhD;pX?z6s{y@4)OQCE;l4)jL}I)cT=7tzTokBU=({iu9g^ z_@f538i7nBnIaCLR+wRbmC3>`j?-RAfjymdnQFa(Ybr5G@Yt&N&p)E%m|C_vN$Xc( zq1frjd%}H*!N{-SisiC55Z{#MGa(>E^h0}$d*Rr9H=z3Tk6KJ%Y`nhR%)->XCa+@c zbpVtwr3lozIj0>=pnXKkHPjx%{IriUj2Or{shK%IshLjl!f0G0tN`>cF z>8{!PLyS}j&L*7>_Te6W-?8({8hdrq9{8z|srOjSzI%>3iRt z06OiAIm|qUCFLvK9?RJ}DY4033g|S|zK;gP-LOAb#S$?t!l<%S%dAXz-Mi`p7W%#- zV)jO)+?HWyr4fn?mXwCza&R?P~K`!0fATzdBh@-b#Prby~ zbdilM1L$t`%2qTLW4-_Ba?+i&nGG~Q4;M{%Op1as!qN0W3a69rdn_`Q9>ez~o$V~e z+T%{Op6sPsCE%02+g)MGNMihQCc${7Ck;%xs>;30 zFN$mg5aiF$i^dHZz0;?twa>g&-67y)*Zj&F>i9x!d7|A%!!mI9&<5)c))s<&n(wLiX8B={u3$ z0DN~=lE$Jt_`N!*Har|Ys%PWykY+#7LTh%u_1(~U$;LP5a;Y)L_LGp2!ki-aRLyHK z-D5^j)UR`{R(km!go!Tm|IS4!wfzFZp48uEXszpWadxuDd?SMf9cgAMZI()~=L{!B zkkUR7c+WZUcY~9QEr%` z&y<8D`RFIdSc09l!rYO0HUiv+Y1B>+<=+mt5AepTh!0RWtf1NIcp#XZ5&yXY^k{4V z@aR>NEp+KMuivlzOCQ!OKOI4wVh#zZL!-nFYuwQdfj_&iz!+SYt3ya7yh0%axgono zl#klZCG)uG=gniXDX}%&Vds8y0p7f`^4lqU-c}fxX4IRAnI-}vXTD6ahQmN3;UO}HMw}WkAESG~ImW1mR~D``RmBb;l(&1( zFWaB!h}DAegzLi)hb@W|fLR+zNY}+o!RDxA1C750o882s#Uv;Qh-l~qBpu=gP&&#$ zjrAjHO&ba1d*=$AK26LmT4~V6GSI;5vJQ_%tzq#*4)Y2OFyt3|OC_mr4PX0VwdR$8 zB)0XFOfEydOO!HKtnYHaqP$wy9v-)<{>3kP5#!uj6r36+hGx zVUqPMU&jY)J7j(XFnTRnOCpAw`$x?=?zZdmfl~$VhU}RiZI(I zpzCzp^8mH(RW=ZzAT>4!c^^i8yT%{nKrkkLv~qK+0uG9AM50yp5F)^VQV$B2bYcMd zcytpPfOv7R8F_#RarPF;ldG=_n;d{^baD{uk)R2sG#`6Gl9k6vQ4rxcr||<*%t(QT z>SyKQ@#Z2$L5`yOXd)OOzqfRUf7@XslvNt$12#6TTKit*CLjx2) zqx!JR)MsLbZP`7FkN_BZ?T}w3x_3AB1meID>=TAB+x%Rx)q{{+K?p7a)15aa!^+Y+ zMOvS}H1I!PDmQBn2MksV)6IasR1WA%u^$H!{j>buIfQ8b=Sv}Lt2bkTNqrPBsc+s# z?9`!WtOx~2cfn2qrI!!2PWXRibDvee%=W;S(`IA8+7-jU!+E4x%L_sNYLU4>W4alf ztnT#CL8Rsi9g$idD(Fokl@yznEoIYQNqR{xODison2*yfi#=SoE%8r!tpTOibe7XR zao9jY13VCg9V`@x|4^u<{>mx~tX)iow6y<x>^5RJMY=p zH#wkH)fVGRRQqK&wE;qQQwHBeqDAZIM1A^gCR7-o8Ly^%H(}37WepCAG^Z~KnC7=E z4+)GW^T@#*UmE(Wg){5h)0IO6Y6wRb{pC0c>zj4{9hnPNYCDQ{0ko=vCJiUE>jS)7 zJA^(%u?8^GgAwPk8U_vMi-l7tI7rB#>tZrQ2@J7pWtU1Y2%+Ht=OiZsD96d4FJzs2 zpjJ*c`#dhL!7p@9k?vI|q{msTagF(5gP|#UKN_b&>`(KAwx&(sfp24a{OcSf#6RO5 zym3FV1p-dw<9YNaknKADW4o?2Xn+CGrDB9#erB)T$i^@jg$b25VVdWqS@$mIIMhF) zTrBxN59hZLq!778x;2_zoU0dLqR*VUoo61L_o?|Q|4;Kvb}$0l=|zeWU`4dlq{7I2 z4bT1Pas4#^T7H|n>f(rsqN}!-+x((~gV(YTOhnGT;XSzka`Lvj>Q3T70$ehr$YzNv zWJpnOdQ`|bVMS|DGBGJr zCGxtaO}pdwOY}_DFeSWh*4HGV*dG7XfBc7!55g<3?6>KUibZOHJ@@sah{YVw_MKq^ z1X>;N`Xfok$7Bec;faKyqjzI}t}(b={*_y)$L`R^%Yh2>VOs5_MiEED4g-#4R3c^#qYFkcq+e3!=pGsMEQhj7TShpx1!FJ8 zMIXr|H)S_@qmzI5_Lclq(aBsJr)!)c{oMgTiRk;>C}to2zuIV?osP}i#rGwqE-p}xL-O}7X8Kc=w*atLEI8kh^v^C(#?n1L!RDZpGUqi$;iI@BZ;;zidhtKl^>1;7I{7_k>5{k&w~plSWRfBmEPX#<+SmxA&un8O+p3;uXnz zc8nAW94CJh_m6;^wtK*>h6@;+XKk+f7%+%k{4a>*{V#}> z|75y=|ClZ^8N>z+*lf2p`Ia|TKJ)O$0lAK+c@nJhdE3)oMr1Fk7Lusms@vP=&N+qA zXLk)|5t9c_EXHd@owD5_5b(Y-p$eSU7)a_ZUW4Vg^&y`=Txvp>c$V%0XEpAny|K;T zlp;(JKTYNlfN*2s6K{1}XrG;=6NMgHxQQ4ACZQ0zt6*rsA6=IBav;%70g0}4LF}~@ zwF~Gm6@dwy=ZpVv${DCil;%qEX9D-$be>Xb0q;#*1ZiD=+OCg0{}XEKAfpEa zH{YId$6zeTPlP^XGpt290I0QrS^)LemW0CJqfvGBPxvNdFmAu+o($E24#02;!Tg}b z8Oz^eeeyYcnO>NB+NZ0b>9tt5Br$X>NRtAXz^#IX_pt?YDmPM0&C%!=%PTC=v*~L7 z$7_bzk7g-=$lNfkN6N>(jaMnhLirMpi#=E}L<5x0-xHHqYyha?R>1L}p%Ww`r$Bt+ z`)Rz?1?PzO)^dCBOZYskA-i^`^E(#AId6igA}?M;f30vJw(w=xg4Be~y}$Y#g!L_S zOnf6!XifkRM^vvxB zh4YR@&X$1$0a-&%PAtYt?*&F*fE@LIRQ2s&pq3Yq87&~Y8eEMsC!|ndJ;nHOs2#a_D!G8tmqGecI28xC+x?d}8gZah zqqDA{%PV5%KK8hK-~3yC+X$p8^3gAu1n1S8%zG>Kgy{=0i+NfAXR9Kh%4fRc;_{ue z*%fVwkxeT8QCujNjsP!65x!;*vF{1ws=71E$V1BJFFmV~U9hVZ_(@8tZ+lNgCwQs>+a#I~sgN*MTT9#J2a!D6=oLlltnzsh3?#Sb4wdgzlpJ2o3DCIdZ?=>d`*Ms+4gleSbTAj=pi$0bKHJ*QNS+TtOdGyOjJ*Vn6B~ zeT7rVchQUX3U!uDT-TKa6Z14#Q;7i@kRX#Q81-tb7FWkgaTc`a&ofn&tqit zIg(VM$+Dh{O3r1Q$(3W<)1zZ1U4b%>v}&6tLA9c?5Rsh_8x#*ePL(-LALh1*F%A(J ztH_)ZFF;TRWs97&Wz@gH1~CwaWEH1up5klGgL9w3G$bpCQ!NLS=3kTuP&PLdv*|6U zE{s?PtB@dFCqeb07%+7qfw?-);LkB#DHE982t+t_U4% zq&IpAj6!`{4qJGIAQZ6P zYCCIdjznQ$i~6eQ<#Da`YP6p*n^qUBVi_-^pbVD@fus#hh4po$N$utC7Y#}rfT}&U zx1BOY7WYEX$7js8LeUYfq}sLl6}{9P8pCcD#`m@uN0tk))g(9n72JhbMhutF`f=zg zABoNXP43^tO+^gg6?pO^^d~wbwIHAW`sz8GK(X+u(FT@RvDXUtDPc*joyb5q zrr&<+NBs-zBktJ>EUk?+3xylubn3ltJoGXdyGviY{k z%iwhOBeeoxdU|~6q|kqA0nAz}B0^sRqUM&Idv<(MI}1C8^ROF9vWI6=1{+;&s@4E| zrfT8|5SrhTC&%~Exe?m8Bro=jD+6JSB~;ti;T7ePw=R@@yhY|HeSCC*F*iv4Dd-ps39=_`ATbe4ix!y<2(zr6;&6ZeL4N0E0)@E7ra1_u(j6Ygv(z(u z<76ob7+k}_c6S#LUHU*(SBwYvzxv_ddhA=>0-*jCDRRI9T|!&Kpr)O9@&5gvo%lSl zHP4rX{23$#Q0=JZG0AR+6BDdAFJ09$@XJ!=d?V&KW`lM>uB>wd_FVfUL!;Wd*iEXO z)7OFcem!0C#;#Ws$Bq9RJ%$6HUXH)xT_r}qA=Tflox=<3X9;cemqi5Qs=Q&6w?r&dTaBQQBO6Y1Dd*jp zI-dOPs!Wl>%7H9u8vq*HLmna}wl*mnF2#nF!F~6jq9Fl3Qg~1*msruPI@i~@2_ec0 z#E*W@KF>q@Sbti|9+p3)xt2J*!OW>^ZGeY75wA0j>nL_BPIG^#U-8BAf3^_8rk;r3 zXo1dF7BSq^KcYX)d1I#u(@(NB^_*+ogime{RhFtOJb&>59Qzc_ma6_#keeO}d4q)q zq87EAp_GmW2Iw4kCRjveAA~N}{9xS?$Xhry$4L4jg++~(h`_F4NIk{b2uIY)0Hx48 zLSUp&#;%muD9`#R{N4s9!$cbtGEQqJiQuMXt^3EQ2vmPpNukUEp;yAkpeXSHw{n3y zr18#%wlDd)u`SZsjiJ)*l3$=H??t~WGeTg2CT()?q517$Ngr>h7QH9OE86Yx|T5&yv*O3FB-@zK)swBW*b66yB&w)4n zHo3Qk1wcvxQ@*C!)UB{6l&@&oYm3Idj?oUZ8OyRc#inGMsK)z`8}V+_T@y}Ik{6v{ zNO765nebj}#m7^usy7%nF1MG8R=yUKSxC7W&V|0nmH0NkKAQON?de?5Y9MLT{O;eR z|C-^Qr|{53;yQuc6hf`X1Xs9Iw&MMlgl3HH3n0;V<$=78q}tsMp54SO*r}DFgg%c5 zUbk{B;ybSjO3y}PFvrqVW@?v00{VgN-brX%Wq#BB7cW$!KGisGVEPeq8Tntu!n&ppWO7SyVs#Ua& zNRr17hf+2~+VlO^AFu8*xMT6Qt|Lba&L3_3Ct0>{p4%?Xj6e!l46SBm=xIDPY-bS8 zj%>^;OJ3WS>qYZuOrRepYuxwsP~T|FR(e2nojSKai%(Kl*G=}#o}CZbPZWj5m3)1f`I6p z>Q__L-doSQb%j!{0cnpwQ@@9b8wfa796z{2i52-$h7xn$iCgeJPt}yaqpx+{v|X_?^{4?`?hP$LE$D^R0i>y> z{8}+MTa9TQSjBY?i4@LOL=>I*ApuQdlER;VPUBn;R zcoY$%p|V}~t5Ky!Yr54)hB2g>EkAI+^6oo=M3q>`G+P*wxgumWrJu97slw3*ua-65 zBEl1+(yL1+zvT!Il)nS!kzfuodP!0()gpBYMICn|$W_7W{08inV8+&818vRP1)?}= zGD-LVDTH<=Wl3@<;KIN@IoGt{NyzYrkCkc&#zvX=MM@EIj`n}Dege)8Cuh1TCL7z$=b)eIqfwsFUnSYaD zV4XZGd-L^KCq*&@Nn!bETOznD(Gx$58(bYn(xH z)&~=@H)$Ydr5%Vf$mfuoqrp69XkeE-gY9n&?L+>1%26O_X2sSRvB;wd4Dhz@<~MXi zb6*|rCHuHj`YsEJUx*v=F(j`xa2K?$(GYcp?`EhUHqH^LmNOAH>GW?AjL2)M{gpi} zz3xFl4aX+|t6iYno&?+rI%wc`XgiFn`~A#_UI<8;uS4+_TJ<9+*f$pxU ztf|Fi2W4q$7inhgki@XjWfyg)@vIJ|PE`-WY17D-xx^qZ0S81<$?bXJ!S?Gdure&* zAn9o2H1Nwl1T~kEt5lOh{aNPRwgD~`aDYn%kDlx=v>qZq4iUNQ;xHhCn25M))Xg^o zF36`~5aZywVP94AhtG}7|2?B%A!Z!cp2ht8NQDS>josi6v1D+g%nxiwe4a0qm-MjP zxB6ouY2C^8fVE_ujs?@{aj>^Y<$PEPd**A1GUw|Tu6LlT%1)+k*2QahXTYxj0|!3a z67UPbNimShCBxiXDBI*EbMgj5vdUrsTpo$t^cyTj72GW>a~}FjnD1_8W3Z4ObWaJ! zHqDR8sWR)fZ%ybM?%5v4%c_oykD!BtElNu)wj<0lfF8d*X#sW9?K_QJ>Ml>}eOXAm zLR^^FF(B4ZL(sK9vBqvcHQ=2!NUP-d9B%Y`7k)n*&#$-s^w3$Qdy7?Z*I2}+U|!Aw zoNgBn1__#=6aCx*i%a!UtU81UhR|Ikf|_Jl3v?A0MAJvauXInY za#a%+c6OPEScCjk<0l^JbIQ@Mfox`e0*at3A6?0L+PDpN7wf*eE;#>LW`&Md7jnxo zAq>`5-YsK7D+Y4j-U09sUA?%{jh zhn!PBCXF!aom5CV))f+x7Yobee1Zyuhq2LHTa49!S#>+PuBycWs}32VmuHC zz_RPNem1J9Hzh`6BEV4+oWF!CiuciGX|P4Ao-9CJF^MM+ZOA-09wGB*sCatG!Jg<% z4O%RJ5{?Qx^s@t{-ue$(fB0Ne%SMOKN|;6yI4MSvVO16I)dfz9H4wWW-1~Xf@INQT zo;Ll@lK(2D)MdE|61xw*wZ6k=^qsc5j zv6p&d&n`1lNQ0jPhlds1I}M7VaeIxl+(rYC5j@fkP327{IvuAj;rCoah?&)iE(EBj-Rc9H7DRuKIE}#gO=g9YQ<9Q^*T&kh$cs51xm*ZdY%eB zjY9Obb`tw-kAGD22*8XNoQUdT_&FN{gX1J7UHug^z*rA&<3E%q7rCkVs{0kL^PUKF z84U$R83wNhxPK)<;U7Jl=uI^zp`-|28OP7z`+sF!by!r}*Jg$;3F+>XZc##Mq@<;h zZj=TY0qK$)DQP8CI%R;Nkp@A!rBfvogzpS+FZajiA3V=m`#pQkIkRWSTJO6w0rjg& zg&8UN7$_a@VzG~aQW_QpOf;I06`?ym#J0L}lH?l-?-RT>cn%_jCcS?qz^5V7Oom6m zshXxq0*ocH%JJd_Fr2`bv)4;FI>Z3T0uxtxsRS8G}Lr7>2?h1=v#D^kAm{Qu}BPcS- zR_gICvcNEN-)?(f2E?J~G%b2OrI|&a7RUm7G*R+0drFlNCY3tB1!CDNv71kTEDGH& zBe_OM423`YX{dC^fC<}$-l39!x07`Mx^C@CqB+KIv@#bN5@p_J63l5TpXA>QAtbLc zw3Qb=rJKlOem<4I>Z`GQY%*+!9M(1y4s3c&Ywr%X;hTeTreu&}>@glZiK6ey6JUjGAnB8J`5S8M^1b0+$Zw`9Tjq%cA|O5 z21Fi9ZoEKR_$Xv$n5p*NjlJl|12m7o<`27V-uoT{xIwv~F@{VoP2y!t zPbO3<*RDsyxv`-MvtmM1l*Jaji;ryra?vo#K<`E{+)AWONA0B@=q#+fk~@i)^Q0f( zbQzeBpaGF17LikUP2Win8J)fiORmLY_3sGS2hf8p!q2x{wSki#zSKHy&?^*toV)oF zB$(-S2{brhw`opsLM4^{>L%+21-2l{R}%DpEgp(>>ED0%EvsyI+p_}R$_mCz_&qRQ z2*kDz6ZYE~AR7M&BgFA%x$^BsJA5j(I<^|`i1f@HMkPKm54g2gq<=W$DP`ciSpH^8 zF9!8Y@(leJf?PaQT&hZ8WS*KwhS{eAkc->qOvZA>7i_BjarH=KHhTpwl>2A84pH|LXXi)lFL*P?Ba=)3fpK|8V>9jaJqNli*R|{ zcomY!iKq~3VUs96eXef04@_Sb#z`$?jTY4^^{mb0()S)l1o{4?4Gx?otH4H9GZn<8 zk>T`W<68DVh${J2uk>cB4;hFccyNT7i7|BH{v@_t4I7Cz7A>Ts^oM2b1bk>2eP9}~P z_tB7$@~99C98|LUB5pl_i1s1&?O~^H+d+hc1afy|GoW@~4<K7<1z;>%c{Lf|VD zH+&cPzW%3OML9Ke4R3__a}&Hk_kgCj@Qyc(doXqv8xnTUQNbu)Y3zfP{JWu%nwZtRaT? zTj+H;RVNIGGfb<1UAqne^4UR%vwJJc8lzia!MB;Q_m3R{%)2?AVq%EA16Kw%pKz3a z$l68TxxGP6)bRB97X^8Ze?F6__T!!;Od#6l-RLBVUGaJ_dA zIk~eS-9zkY0rQM!=1RHGowVzvpCvisT^~kLkrFF;@L00_Z-6BAt<^I@1DWUdQXW}r z9Fj)MbF=c;-Q%|qOGwgs8(;xvYff3HVt-AG>MGeYOf;o?x7UY_Dz=40?^##aeNweD z?En_hbCOPv$f^B=3RvUu_Jj;izF!sTTL|3NLZvi9BaKV#+)1HvUbSP#k%3n9 ziveL@^Isn0RNQG37vCfYS&yW3l2CY-(O-_EOmY+FEODG-ZX<8+bO9Cmoq2W_Ty^~b z_v1s9ni{UWBr3z1%vV&bGq#MfjE*Wb7@`kDU;4<+k5ATu0?6-Td_^Oi3HUXDU!ZTT zK!qy0F0Y95MEPA`;FPNKMvLluY(TF&J*3i)Utr{UUYzz;F{_$MB)TPGn7r>vGmL#) zG#w3Hk|HioJezW)dAs*B!EBPfTo`=AQoT}a(%LY-*7UPW1xjxb3YOKBPdYNN2zFsY zrNu%2XdN`CA{Kec8coJM+3I%bRjPD81Z_rbm6qc4(0qDIAv7-NL?~~W;yEWdGzOBk zRGO+(Y;1*et(oy`&L;th5={mwX0~};%_N&-=069|Np7i|-f`pr$OO=}W?UaK$eG|I zJ4~3f-w_EXntkZYWFKz~u7NASX%U7r1SACmH234to^c1k_etp8cU2SeXq7oA+$_j8 zd_}*S)008895}t7#xfz;1ds|s%8_zK4?H0H2b+2Is2f+kSC(rFo{%F|zVNeLBemZ? z%r{oxOCT&nJUFzH-~a5vMT8lf67<~fmmj%50V$s)^@t@9VV=J;cB&0QgqVk8^;=*u zoc9yr@Zt}|0Xo$E>4+kk^R7Ge>$g)v)L@Df@y5x)3I5V8>o`X&Oanicd$w?+bmrC~>j10bcjiGqjT}rGf9085 zO$#;i;y-u9U2yN~+CjES-okAb@9m`ue0vh`d+M2Ar!{d+jkcef=ue~boFFkFs@`*g zBqR8K;E47<>de^TJ+UyKnJv7klP~ShP~m284*G;X+=`v%UGvx@`i=Ca2!6K#nSHu2 z*ec&wawq1&+XTmG?eZj#cj72{gN&y4=y}7@m{c%SrH`-(Io9JIPLQY6B7FiD#D}I1 z?Gco(&oIGHvFq~VYZPBn)x7x?g0sVqPRoioMy`~n&(CgQj zOZkYlVsrQ#2$Q~Fm#!EXSmRJBaS$bh?~-O`6q^IgWpfti$m^e_K;*oOZPY^IJd{T# zb%{CAiS>@u88cguIRheIKC?cuJZSZ5`ia@ZV=AvB5?cBP?*o)jp~}|B2)1E@gB+^o9({O5pi4B`mtb1%tawCon(YY3blIH&DaPTCzU`rl%fw z4PhI-90?MBT*+;2_|h69T^L`_0K>u`|A$LJ^JMWa0-P{uS4uuTU#1vF$?9x8B*#gL zJR$DE%@4TJuGpx#+U+|=MUE1DWL&?pLsuT95!WzNc+j9NZ`~s!P5mV))}avz%H`=* zPlmlCKLb@zelrDQ_1EW<2mw;~EN18&4u~Qla{>*b`ER~VX7-^uGP%?%f(;CJ;n80( z;TV82{H~fjOZy!5?Uri6>j#1a$9H1}>Pntl$Fl0nlmHs$FE|VSfegm{Ns-SIvUlf_ zVSEu$`If5K+COkI>ZD_T9_?Dm=X+Z9)J4C{79^j1@;S4k%*=qhaJ~3G&qB`=TSW+0 z!-k5(Vd}_qkOe^klj2iF*>H}K!kw1vF?;xNf;oD(vO%1Uu{!pC+Q;!UU{_BH?CN() zclnr)fL(oXskK@JL-)IZw8ysf9CW+4X&#eg2%ch`qQj#loAxh~zE#`E&kfuC($1LP zwk3`}s`>4i18>#)sk=Zit{ztd34SFnL~7fG=FFsQ&yV2fh247yiSHRfj+}}AwMUlh zva@9(2ypZo)({*$bZs_jeRYybFp;gStw7>0`P*J-ONvS?Pt$Qa8Hon0U88$Z!`g^h zhW#?KQQvZtxXc;-@bt&<7t}pLu=F@{KP@cL+ZjuW5tEK)-#$|+gk&H~K70@!nM9f{ zhAFqA>vBLY0=pCzbEL@ZJeJc~QRLiXn4)O=J&75>$ zaAY_dUE+IGB-|sUQV@jKWuZpu<>13+w5~2`o$2v>m+YJs0Z(6J5 zaY322h@}4)yYF$YBd1=0Uw)41W0t0J(risLcF)ITaD9gNJ;17(lwERJ@srjfYZ)#| zOTkLM1_rqsuE?Qg1>tll8P>EyyCO0f5)#g>ivbG}xSA*tysFEn#{HLyEl7x%TEUBy z`d#a%k4gji5LAV)09E03yi#0w0fyhg;`5zv`-@II2ETd%HZtc$LswJFF zDh|-yH*4??%%{H7C$we{w_2wP?UD6*paYg!qzDo$!9I;!#?yZ^P1E%KJ+S0%Q2*6X z@_+iZFHMGA0s`^iaKcW9L-t)-fHa)wFGeDwIz#WClmt5drcQMezbtz48qY^t?q8E6 zsnrnV7q%bJ0*9r*r&{}|P6oan@8GA)e~Ucu3_noXfI%gsX2#Szb!ILchSuh~%$i(Z z(K+K=GMw;*W_&+Wf?v3#1B@4DDq=YY`w#I?Ddb~7xPf~%rSgKJ0U*QR=JER|TNvR% zZWQvGgeLO+F$$%O{Fn;-k@4q90b`*kzG%j=s6IdNOBvgazL%3`JFfvTjh}~$#8|_* zAGlH>7-u}Ex#j0As zp^aJ4$EVnTKJ72ulcpJmKJb9D@Jr&LnG9ItSyK12w0PRNUG(RKWIbP^z84X(i(x-> z(%GHkidB+K$-oyz3Leh0u-^732npGhf%mF!%VMetD?vzmTXbQ#ea6_yV(%I7me^85 zP!pI7iAd@rLna-VNIfHHu{0)?WFph`yXLl*XT7QdJ>xjv_}|?^Hzf9bt=D5XS#g_L z8cvEg_1Lz$KYQmkwE#`J;A#7wJG9Qt{naU?cPsv|))`Fm!vK!}sV8M}1v4^z!T-2J`G)?y*cEy_>! zW=>*^bkZtl_fIc(?(FC7{emDN0dUbNv%u$|`BGegGPBU>YLV5}-)u2*f+1}ip(dmI z39qN91(8SGdAZAfX7EyZpnI@&P}P3PepHJV+-7vkr2#h^|~HjKrx{q%`vB zd^`5Q6sFFfH{vST4tLvX{XhcRl><&VZkdV#+(Jt^OF=M9Y zD<0@6C#JD+?=d@&JN}8-i_$|9FLt3JyCM_kgTIWGr18T?N;a@pW{Am+eXXlGZcUs;4io_)@%Nf9)fnImBuNs_)bz?3euaBJ@ zk=Z~nSrWGJ-l}}Q>&;hD__T-B$UcZli^M@TCN3eG)0K=#%|l5Uydn$lh3@OeY~|jD*l5Q_SI(-{Vn|nWRR8K4*tTC{-oHtVOW_+ zvL+UgcDq@gn1v82x9(Cou z6IyiCFHURtZ63)#F5bn*tcOV4ZTpOhr{4T$hWnF)6feA>XU}vVOmQZhB<>vzw!f;@ zeFswMq&C~wK4oRvGG~2NO&a2fY3rl&2TDH$X=j-EbBbD{b{|BIj5SA6*?b5@=c2GK z&c)EzQXpU>`S0=N;fUueaJ^JpcT~)T_hh$)6YF_9Y)nJExI?ta}(&?X=;Xm?IlnqkDNofp4sK5QP z$5jE6y~36H+hC;Z@>pCk<@2bUOZ@|&5-MW`1ddylGi)llLSJ9d@ma2AEnqIty4y}3 z6km{HIJPm~{7qQd{Glm%z`mLCX|pLZq^)sfw}pCMir63Wh>-lqa6yXX#cPM*ggTFP z2i6FxbA5@BpR4Tx`+;uddpVt=`)^y`c&RPzpDMp@>-H-@jkF#aV=eI!u5uI71q9)N z74vM50mY+3Owf>Mut{QG04&!Am_n^e%v+@0ydG-e|ZqcKf?Jb=PFBeM3t@yiPW%8>&&u-(ma&eG#2#CVizRT$hv%4p7^Zbt08n$&$015uu z(P>dF+FT*`oj7bXw9c$9u1S6XngL;@hB&@V!~{kW)n#-=%D zsGM!fqWY-{R~$VRbE`CP8W8JsaLM`@VT11y)%`mo^1L%Q%}6_k^;6|*_ZUTywyyO3VQAJ$Szs-^YyScO<9NFtQ$@*3FX?08hdbgt_KRCG;P(sLy1f&S8R&d40ipOCSN^BN zrn~7$UotN){iC4K--ci0fecxfWM$!gyg;#N9z?|AS%hQefp>anN}XA)u8pctXsUmB z%LfOlD6Gb;wBdB&3a7~}iLPyH?qtq_l;%$()1~8TbymD6)dZjJuqd-(G-@z!@dkyg z_fKrotIzRQO&CbaBS)?Hx=`!F(>DrfqfY)U5PrFd}ed7gAZa5`Tc5TbfWEHkS_yFgu1qX8fA+h-hHkI zNktTGoRQJv?!A%T;1E4(S|aP!6}q}LOJ(lgA`!u|*!cuJTA%m!AI@cKE#}*is+?Ni ze$MX8qxK_NV!?v@x39(|0Yq6HdJ3cIPKk=&Tut->O~?uqI__XETFUsidf0VfGf$*V z&gh+k686G~Yoz2srf;!e9%#}-z#NHzaZ%#w^5l}B5)05wu5?JqWEfxs&m_9OMtd~2 zf{#TH{${eDrMT!E_LTK?(qq{n2Gi!llin!n1|QKcG%y#(R}>rwa;gOHXqcJ70_~hg zBo*V+^}#`7+=iBt>G{wLmdUXA2tp5nrn%5RS%&kl^)7cI=2u7;`WxG%EDAu7)y`##@Kmi0??lgBc( zO9aaY_0=PY7&*}l7TEMiT$sJ%+GSO91WguQU|80cj9H4)9dvzDSP+Kq(D9FZ*ocy0 z&W&-KYflO@(!2r{7)eof#h$|e4LBscjGmOoX?uB}%VlZmOg}gELP#0CJ?{tKxARgy zg28ZBq~Eq_JXrjG@3#tdva)LmqVBWL7E4`UO0!HB?hp zkn5R~g6WuY^IK-uKM=(=k?*uMrK=!yJggYJ=S?7Bz+|Id44BK9V1j-uAieFJ<2(?j zo4x&X)yBMC-_eu!f|=AQ(6K~@8il=VH@Z6;kp9>>r^UlN^!kHt$&-!xR#%dUSc(6W)u_$n%(lPjm-6PPo+wSt$mm z4^+^(AfLW=*zLI5K*JGbbtr6;ETW=s_gO0Ay_%kF<#p#my+>I#Huwj*EpUIn9L_)3~P)qweJj5L^yaM7SW7%4em3~=f6+6CT1t~*cSuwaIL^ zesf5m33tPE^KG{2n8xsv7wUwTRIkul6V~iiBE95|x!CKFaSos#{BEZ|ek|Sh?TZNu z>)&p=r$K_08Kg}q+oZ31I&v}lJ0g0E{|bl(=%TnE=AxMqv49M6ENeIP7W_z0wuk19 zH6^L>CPYiyC%tpkl+4Q+=OzE$px03T1_2e6OC(r-AZ8J^i&+G!^9O_nxzI3fF=a6U zT3RQKqw1nRt{w0Ca}|fnBc-APc%N6bWq1vs(li$if3Q zlY;VY<7f;=ROahmbppHr12?=Md% z*bqYay27ekGHre{@3Xc9WCG&;Q9#^ZKjyP3@>Ys{pFxJFc9+Wn5*sB1li9cK4ExsX zZgXNCWCyWAEjVYU{00Y#!;OX|Z~J=c_vYSHQBX?wUHMyuwh^mtolX&}I2$o@Xz1NC z+7-a_cA0sI#>>e3cQg2%Wv40LdoNiTQgVGS{yBs9qXn(jyuYOjgJ{PqOyXsnKTAmm zVUJfR%Y7Oy2zIw$A8jHh;{fzw1Bt&N0n$1yAS`ja3=`DGKK@(K8tGF|6&G>|&NnZ9l&(2+3S=9{zgq*K*H zf*V>Lwz6mYHo-hUu(sN}ZIhqx2x;NvTbSiAnw= z)<@)C!b(A|V263dVU|bMYxC)b?=e~g+q)!c z%DbZD94N@JGFdY|hNKpuyM$y1Qsh;L#+aYxx|`aatV+$Lu-Pv>*%rvyQk_W0?bCQs zX-*`pa$D%re+%;7J^2y33>``XlhpXof*oTo{(Bhc z<|nWi=D$^~pG`)mLl>xB-RByV`+q}gkEEECzw@waFB>aCrbO&+?>qo$@ zOPt(<$-TOS5tjq7>k<|>Vg6y4Fhd0Fx;Vj2*l5%xEEfU0){@_ZrNv#sHW09D@$XI8 z=$lIzUj+cWmTcaHwP#$yyb!Q!iQfN%WkaR^fJhLkJz}bB<eF>XJz^;j}H(^PiFJX*T0PLEucoXK{ zdd{1X1<3<1*r{~bo~?#m935uba_Be@C7?z@Bm z)DmK<>)iiMSoc@NS49F1LBRga`ZU}=Is$2)=1+)8H8u5UE>!W z4gujq4eP;J$nmeP8ht*41;Nl@Xz6FLI&yjl2%5bJqJ%mJ{Bwy?;6ImShh8 z--TUSEeNYI{K_JN0o}DmK$T!%Nw8}iG!h0D1Mj9mJ78cbgeEC8lDhSIixxu~uWFgKqk;Pmp_e$fJqq3bQ} zO<3*uC9Jgt%!Ay742Hr5z)Vo`R=|3Qeq}iW7Pu1&n$-%{0u4a3+rZ3FiZ);n>EK@> zT-yM=G2w;92<<411#_XIW(^w%s}<;CJKy%MDRZ=Up@nLu^oIL zEWiwt4#p7LKck#zz$u_|EGLA8qI6}oA}s7jV5pfK zm<>w(1?c;g`c<3b7oZJY>%wA!wtfL~gKz0ThX%m6p?wBm94KKA@B&Ws{^N1h1fxN1 zdw@rBGyIRcvIn>=WaIyMP)}0rzi& zJNxB-+%kPYkBpK3@gyQVkxBpYoW}x}uJ?gCKt#~N0Wi_!V+i&GxU6ghju{%!5BxaK zaxRSv{07hrl7KD@f?1$a13+s~{$=amOz_p5Q8fUj0JpzGxb?wj?=PD#ZeM2*=v$!h z((^I*p9?w$feWIGF5T!uK&KtWmxk0k0OK$OJRR-FOV7nS&3q5sIq;jshmH>cm->CW YY$G2A3xO+3pz6b5F|_FlVC*6NABrKv%K!iX delta 27360 zcmZs?V{{x0xHTGQV%xTD+eTyCYBaHJHnwfMu^Ky#nlwpc-?Z;J_kQcH?@!ibWoG`& z&VIJ$M?GA830!?H90cW7FjaB^90L#`Bp;><#5k!dA(D79hY^>=)Dy}uX8PGYY18K8 zMI*b7Q(+Aey+}Vv_@&~kvMle+A^ZK$#>OVYn~BKDiZiylLIhUHW1!CN=|$NQ>Q z)=yRJ%y0IcyKi*$auZi4b1}IgT7u( zG!acr1K#2NEB8o^N(pALqmODUwW<)@9e54CM$W-T89mO<#*KLQV$5b@F^GU2Wudea z&E!b5OJ;wO*gdkiLS;gq%wqyEIcrzE{T7fW=UV0dvUmgTdM4Vo)9ii95b%L})u$PX zYueO|BM4a-|iG<)zUV5%^qZ z_X2fG8-bO(>b$2`Q)#QKWAAwKikz|^YA<;{b8QgtgD`kNg>mhCEoKXNf->I234`^E zL*MbLDv(~wVHgaF@%-5UVpH$#PMeT&bt@C8nh9Zzr~!@n3YHuCEnI8SCUfy>AjYDE z+lguN?2-gR9N_>Ns@}E|>2fO*XNm~yqi-ro6yuRUx-1Hz$K@^5W^HshhKy*G+Q}02 zsrO}HoYsf!7%sg6Y(xS0mESMmuymxTSTrL|U+29SkM%@lP8aQo1XlLy#r_g8iH8*^ zViPEQZ*#cwXA=i)7FKutaMr&}r^d5$MOJL(C2G5FIi;#}Tf^pU-Ce59izG_8Wy~LV zqv#KR8gu^Cw%yhueW1T5{ZYi&lvBsql=n~THX}#KoSaIaY1?i>k_h&Ejp ziEicCSMK_J7km395(~Wav#xZ3$68aK3OF0l7qh8oeJ^%kX(!$NgD;lvW{=WWQV=fB zjr%Y|wSMJTE(61JP{s@L=;$p<9SxYb(ih@kh|z)8hLm*`Ape~hEYmYgLDV zj{+hoJM1oa^3yL5no~^~;0oW_{r5so%2RGon(ng>AgwlpXpSF>)XNL#0W~Et55J{k zS({To`n##s!>0a#^QEqI0*D&|z~OaHx_tjopt7a1W+G2{(3i8`dpRA1SBOB(WAUf0 zI{&)XcD>S^3a(ODj8Dv}Q>u2B_gPPAs}FrheX{|kYY9J z%XjNY8Yh%8vJ8wOQbas`QfR#)TW?k{4@UHkI=S0+ETEoz1MMfAtVl|-Yk;mlt^!|OuyjKUiA`GkxiCLE+r z2Y4v8A%r8xFQYh(X}8{6>iBBtXyV3URd+Hr)HPsmU!89}7@=dz>kk;)hny zN(#G4n*=AiDiP7bYA6`{MqF};37Z6D(khXpBVaX@%sne^|0{qsX_*+tRWq18sXi^? z0I7;*%#_oxUW7BGPm^tyj!q{oMuF=n6uL6uH15ZZ5_ZD{5WemuueW?K)yG(`_fHcQ zIOepkK{gUpRAGPSAiG6UyD#^gn;?wkQBWw_%%wg)a@c+HeNh`9sSw652Sl%?O+kc4 z51_wjTZ`H#goXSCm7h{S-CNXl5Efaw>6%D*h7bp+)M815n;~91Q&72LX#M;9;!pJd zp1An$9aCSSz5%t(2Fwm$<7K+;n44$6G5Vi(UAW&{_XKZ_Yy5#n^94S`bC#EE*oZ&M zAjKpPxSI0@U!1CS%zDa1U5J^Lpm>PQC}s>T%ie`xwjbsW96it|kjwMbM27s*y-V5B zX1JmO*GLGs;>NkzrS!S&H6qg6!s^9Hbu|4bPM84^qyv&S2P(qB*yrC2*7*j#xAglB zY?|exiSeR6P9@Ah^{OeX#uu{Y;ko&GNJ|m=dP`e@=Mte-Lh_1yzHkN^#vXs>ThP8B zGnp+Xj>KgxyG)4G3qTlF=z8Dpwbx?LILh>riEa%1;AaR39s?P~s@0SBmiP>?8Ule+ zmoqMW6gW9@z3P=o+|TGMgcfVFhnGbSW}p*yjAoz$sGpY=C5E?xB9Mm)dO$cjC&}#x}}fq&>M^M44oYTC`+$`8EO?u zvriQRPF#@3LBpu7Fxb4#yFbcTs`AlTu#9SdiR0Noo92VBXN}8<##3eCX-8uW>CI24hW&6+^l!*^ zDEIuNdL3u#F>utTS52DJOlBY+<6JN+K$giJiE);M%tX`qYu#4ar+KJ36G?NB8Vhl# zITy*0_!Tx%@W(i24J1M4Mz%0igN2CKVO!i((B^WL64V+Sb*Q;UN%LLdTJ&myR{-e> z*9DT`)BM3*jn=Mlu-)sMsseZ%9S4da?UMLox#Hq(5vu}td=)#2=bQ#~;)lc-P@i(h zIkNN`Rm+OhS3N(nG2)Ev^VzfFkKqkwb==XGVf|}lPW2IxQi6YoCe}Q#oQMyftx~#} zWfg@3lQ9Umwd&LyJt{{-5zAn0{7Opo)l(JARMgITdR2s0ytjUN=Mk}v$BWtbI1e9# zD|OgaPApHwm~dYt65VFJZtd5Jzb$uVbLFKwRx2vX zw;K)pe%p0cuD{s2J2>!tu z%s_5btz_4Q!9JM(cr*3s_TrBE@zq$?bq$01%J;B7?t7Hy2AJPRtB2a5l~`v~bE7Gw zw>ho=y^y~)e)0Ng7|Q`j!6Kwh%&BV(hkXX|dNNSp7qOZgMMR)s%SfkIjC!ziGxzNq z1l%B>8|mR0VOX`Tq7KceLH$e)aa7B&@LT6zkKiIi4>VQ8`h`!r>^!*1&=&^-XlfUT z>AbdFb+g66&Ug{|a#!`MkSj^cY~%OuGESAnX)V_QF-jbUOhQ9Aly0Q@bsvoK$fhF( z?E=7lI9gvrnE^YKP%Q0RMQzrBbB_w&*($KNnZ|SHZ;uVxwT=C;XhJSTc@}|RW)_}k z;U|mf7lo`k%DHpu^;3(q_473nfLT-kCM+@Vx83vnofv|Rcsv?U&TDu zYkN~+uqLtS!)4nE_Rw#k3*B=+gw5f?uG}HoJdt$c@WZ{hpUe#shW$+@-0EV{k9j5U zWT2rrPKe_=iLZqljn}I?YW7O;<17-y@PDEtI6RINf$ZxbYxm)yjw2FIki!&xNFN~- zLF}KPj(()=8WVkhHCf^y0AO`_el{tgf`9}>{09+^|AC0j!C#1A-4lfTwtqrj;dGW= z7`3}hYYexQNHay5{39!yTz}qmInILtMuAQ*m-g8AG{%-C_}e^uyPZ??jso!wglwBl zBidhoKTn93X=q$~eWh7Vfay9A@0I)I*}PND+f;Xk0Zi0Uc2k!RJp}uQi%e`C6mWY; zrl`3XQ}8Y;L&Q}#o^&md8lXyAadMrgeBy&$X$^5O8)Z*%d4W>+Rf^$}s|I^2lX6Xf zTjtJ!&r5y+6q#-w#s|9qTSl|H+Nb2SGPwJ}SQKa7){7MTnrEsVh$aJDnyM0e7bqY1 z&2e#7Mv=NJ!QrM44vkX$hHDSj3n(Fx*MzRfSbYK;Ed(RS#Qf0Z)_~z2`B94W^@=%@ zzDJ_l_fOK-RG;YTsBWW7hQ+TL$Ike zv3g>)DeLXQSO9d8p{qEy72NUH4psbMJ>tt1OCt`C3(r{1r7NoCH_R6MJ)n30Mfq2; zw%i^E3x7;05q!zy$-Sy|zXOvk-Gu(%t7H;>UPoafi$NShE`%9p#Khf+=)eDn%+9}Y zU&dX#2+1cCyPLIgXihZ6CqI`5%f|9%D0MR5i8StyY7TyVR7PyU`I*l>VM^?W%p?F~ zBnVSDJkph#z%uj!0s`{!0n*e-W`PX5WvFoafC~cBJoOJ0$ztp%K++ww<7S-*KvgAO z^QMLd(#mKiax}N1eN%nq^KXJ|h=g+L^$0K2FCP!H!=^_{&}&e2`LW9SGW*P=pl*5^ zg&Qe{FKs`~WWh{zv>G(sm6N!b53R4ShkWa9f3Sma3X59GE@*FHrQmJ{m{F<=xV5X& zF=UQt^%Rt@^wTmW0T~nusmqcg@3OA4ciuIss5)oWj`E^j%R4WbMOz^6wr@R|6E)nX=mO^fqB#+ zf>PxyEczFc&J(005<^-Ej5Xb}JhN_V%G z1MJ4OxO+HGL@8nN7^VGI|3w1Y)?&BG1{n37(~JMgOzth>ncwtCA0yplqYd5XJ8?^w-wpr61xS-8=NmTcQRg}GIXDPNBFukm!S#DI|FT8uJpuhrkmV z7y*lGUv&;|tWnvm!wg9l$-=$PglWz(MtS5UnYLsvyTuB&{%l9cnr7LfHowyxRrs7NMGCa*f$$zQ=%9fUODXL-AhcI)Qd1`&-$wV84Ua)^dGPaV9@k)OO0Wy^zn$pZq^vg2V zUqc%&f*!R^n)&D)J}PYrkSU*qd!d*4w|l?u|13;!8tkPt6VE(gV*f&wL621c^p|z6 z*SZ{UJCOX9Yp5-jfep}H3VIn8zW1EfR+%LRKYZ?it`(j2XR{ir_L{$A(rJffgx-u5 zO|diVnmnY>icR*C2PRL{Kk5_p!gkc)Ya4O8No(d9g#MgsOwdI?+wBYsU?!z_TMmvh z9m@}Q?Y3=pr`idvQ1Y+uM}dU1vMjiXP+asnYufYq)qLjqF$)+&iOKI_>8U)3W4p-7 z&t;1&dKoa{fB?UszZo-8;3KmliWWS2-Q*Ernt9O~+|e6HMRlv++#3373336S+?A~~ z`1J$4X-4H56jnTRhmH&a1SAypKb&y?hZFs(b!P0bOXwFwk_S$OWyR<_W{(7d)e&sV z4R?7pJi9E$NGbErt0H4pMO>a!_|@e5$3yq%$fC&di2^pAd$K9+2zF%HFHz2H{10FK zSPN{Ov8YH##7$mzqscMsS{m zn4K*IU6AxLdE`L~H6@-eso4=q7^B?8NYfD?1+Hfhwh9~c^@eO~YZ=WuK#`?stA(sq z11_Sax`YpkS~AL#DO(b+wU*=(JeN5R5lRrocdRGd$^WN}j6?HsNpyg`B8y>}5S8oT zqj2ZU2MK&GGTC;q<1P>mp1`PAk8)#zbPRa#8z->DKT_&?i3w{~ zs9O&mmG`_!R5FF)xR}=|O?H z(Ie-t5(Ji_L^w)=V3Qm9Ogx_7g(26A0Pg9#FX%4Fjre3lFGC(GlKX+mm*y@~te50Q z&=b?BkG0?MVUe;0>ks3wc-`PQdrk}*tapg}P9^55f3YSrH&JL3g28g_TyH~uBIf;n zn1$y*9U>RM&Ws-VkortSe;IibfKEDCeg;VWl&TG!abooQ+%3}}mCrjq7yQDaxaO2W zo4ZbedA3A#d5n#cOnP_)S@=>S5h#uswBoMg*Rw<$Yp7(V)@pOQ9QC<6dZvzz^~wrvLzHPS87BN)*NM_SQA;p#u=zG62W|;rDe?O zI7yfqNkswCTtrra}8%AOc3;tZFm1 z&NV_>H(FX8bDJJ7U*soZhTgM8VmBFbLMytq^gpgF^Z~2JD;NviQ`g7T8zUKZKLmyP zAcV5JED!hFwa!iq&W*B=0bwgS9Y(}AmPU4DW5i^K?_WV2{4Dyco6Ew0DtC@5tFVaB zIk7?Mx9S@kyR6zVMLWyDCpxU~?}I?&B`Gqx+SyI!aau1}UvT+lX0**u#W5wabTYEy z%9Ut|>*L;$Z91$tO3RbsbT7qVm$V{!(Snk*BEaQAmlLfuQcq(5--1;aWR4mxgC6`6 ziF|cTq6`h~j9hZV?4F=iJ@kbsgcqZ^NWC*w%(nb-pEb zL31-g{!nEAaJS;~4)#eOU}WG5h@U)=MaygYlq}7)y zFeu=s(}~*ndzj$-pbK8KTV1V8_v!7^OMJAxxAtfrI@1>h(@kWDEO=gyE9MC2hhVgl z$3OOEUdL!6LD!7aaWmD>Sf>@I1faAgS$tU_Vp2+uPkHQD7)j+&ULf;&uJ`|NXlZje z#tRTmF!GhjMqUqMVZxo;q-uo>rfPA|0z$vKeL4C9-F+sZ+rY1YCGTo|B22w00RLr0 zwZ8}>7YYq30(=B~^b&9FnN185nSqp3b;9YqAjL|B-!azRw}|;tjPoD} zA77BCcd;pZ+y6jDZm+t{T{>YZEW>fpu#w`xgna7=h((#r0$s<7c@^}12UC@k2&nS} z$>~RC$1=Eo=^{Z@mGmy7WEy0PS>~4HAF;UnD7R82YZ7XzIV_^TprmvCRdLOG`C(QG z#s}C!)j+`Y!yD1 zvB2;lxXapKBzgwAYSuaDFc|sQ5}dOD%&~Ql{|DKC4SX+iLGlr8>=%+>rf<+qBL+*L zFiEx|KW;xiX1nCwCEVn0BXl4dRp3u#6ip2+tB2A`@9w{}aQ;aPU^Snr6fa3x#l9%E zKbd>#;UhV-zFUYk@>@rP=n9WwAvT!-n|_3M_CcNDk0Kt)AM>60sw@0sR1Vi~XBXK& z{|XLnPXM6hui!{VG0_>pXi0SNLhzKeM|XGn)Ek^(i=^Z*-SJO&Yk#h523BALgATQUl}I|)#NoNnT2*B zgjTCuZ`Ew?GF5geA*Y-?p9W_0_#K}Ux2$?@CX|dQpfDyWEd9L_-sVrq4Z__-SB`5= zc&F~9f;pG|Jm~skg;woCf?WiqyD{na@x&h;uoF_90`)y_k_Gu)8fx&1`yDb0tGNZ7 zCXK2GbkS|hb%ThjrC~n22h|r$Bf^`uIo3OqnSenk8(+#aY$vc5N%CtzL9c_PEm63= zNFcMYREZ5#lXOz#sjio>n)iOxgw`EM0NP=ZBN)tnyF-@_F^TaG|M2)jw6Q1$JG||& z6A?Jrgb4?^Z#Zjf#QW+4wS&BI3%m~xQTzaHf;Zgr6aRdw6};#*|R zgT?tn&d88X$^e{N)}&3O6LwL6hWb(WI>UVYaoIdPXN%Kl>H}9F%;k`6zS6zmojS}Lh{P&Z`%Z(Kw$~yDbZy+)Pp;T0l6P*!IF15Rc zg5SD5DUIHbY^|B3X{@A?Y&QMG(brEBxq)C`g}+Vg_$gd7IwyG0Lo3i^gW@@&>G+yn zV%}yC|2DZP`S;-f5zUCFY_;|ckBwoUHgwuuF~^1E_a4Z)f=ui)D@|6L3$&A+-UZwZ zUKO?S?3Y5NnKeU=dXg-^q@PT{Z`okA$eZ~&_7e^47l-sYB{DhtW()NG$z`)Km$2Z- z8SaAL|4foCqQ@ZAghpNjen*8J#0EGpQ9mZ-=<_e%buQhO$D;Qp(se@xSZ>8}?#{@=3wE*HsIN@Hrab@=)-U0PzHVR$+_b1*7M77cpy@$6z#q=w4*AZfG zX%}d)UKivD!ldm$ZK0(kk$sV5pL|J6Y2BVMe3Ej_JiMatl6R zNgpB~k^Y(Mzdv%CdMt&oVN>4vXzxFH%mViBxk@Gq008alvY64wc9_;Yt)2~F%jF}z zT$}Kkx_Wfd1iBeZq{&LEYqX{tFMAhZPfSeINd-!r{ErJhI=$8>aeJKYLu^>_AxR{= zjVqC-d5460>m=D?VoDT5Y?rU#iP{I0CO<*RSHe}gze!5WPC1m?VlNwEjFG+sQTY?0 zn3}fVOC(2zN*oySPZ+ z1xZ!0ZMT7<)(9!iXk&~-7?o&t`m0kV>xg5iC!R8;peM`_{-GV|V1zHJ)_(-A+j4zs!a6DkO?XjwTC;Sp5irCj^j#%CJpWY%3hU%B$~^G$P{) zDY{xiuv{_xRL5W*s~Vx~Ol+_CC59&QX>fIUc|n&`Yxq1oN3!;t(OLjBuz{;AHY#{C z|A&~_MAJ`oEO;46SGQJ&`*Z0kzVe*{_RGLtK$FT}ZVu$4@m==1-@b{y&La?0 zvxj|Q|7s8cyhcEiIC=H%PZVkncRXv53=vPa zDR`ksI5Q8{zPa)~#w${jPtY1DjFXXd+R7)2T>o7|&k#)DUfJg@wAU)%)L3rq`Co|) z_Aj9!CvFg(m)wQnJmzD&=AJA|uAHl4);!}KVvk}$kI_U9wLq_yDT?#@I#?VPvqv@s zE*Q!x^OH|gg?}+E@aLj^+4~ZU(+CZGAWGJ02YdYe6laM|8mXh_GT_(Tr>9zHrRzOA zYn#%C2?w8%WQ6r7-*k5&oF4o1R1?jHuLbctA)Bd)E&>{uyyLh*j6AkObpaIa z9>eBSK%-OCXo>pKX1^Y98RQ&e5(8Zof%_q6yYe|kn!lp7*s^r+pXb{f#o zjT*Hk-BuWwtBMC4!GFzSXsAJ{29RnblgC+#v#jm1k+7L!chXZ}&1PMuT5aN(h)?4W zJJPMK$CW-}=a_uzCMvxuOk_MAIZs&S81z|#)>uwEHL-0eUUPf`gl-sL>to959WT`+ zy#I8Q>r~q*(|8c`cCy0_QD}jh$#B&zB);;*m}nu;Q-BV~=oH$xiSQ`?znsR=_ba7Q z1<}6D>tT4+F_8fS91O<24hh+Je4&N&FF_MFIM2uF=+HhKQoRIRx|gq`aP5(SMiLC| zj__t5xA12;#o>Che7n52=UTy>Q&CjF94Nvwwwi z%UiBC7ua)h@}?nwNnJoK0@JFdI7U;3MX?&qsvrgF14IeB&>KZLY(x1`QzBIF>00te zGEfXYH*ljpRn2Fc0bdc%W4~^`OC<(?a7>E`f&G9^Pml-2XnKk|1BKNW@$@wPwA~B{ z|Lzb}EH*IUGvWofUsigw{l5e<*m~CGY3GuZ&>9F}9X0Odd7C-AriZ)z-hxso&kREv z<29j9``s_d@LSublpbAREeWOl8nn|s5dSNlNRz4riSqdK?4(c*bhIq9!Xr#}6jLf= zFzv~dekT3?XMR?+)7EFXW+~Iu742oXlG;e^Id8UzX(W=Uy1q0$NtR>NRN~~0C zt0aU0nM$NFo8gpdkOs8SddI(aXR^$%f_)1^`5{xDTFeq554-n(GG?bQiX3wBd-)WU zFd`F=VR|0`i^QDaGvgJ(W`*GZVmJg4(DpJ>u-fZ5L*wnhWVbM{F!u0Au>%Kyh0nNw z6u&WJ3uC+PYWuu;WFh7M-kn+0*GT$2Q~X*j10f*@q0DXEH%(c8%cWQw5oVXOO&WKn z51*iN6c7X^ZdYEBBdut1M4Z;C_s%`Xo{&D9=Atm5=7>__I{pkSerk&4t@f&eE8*0b zGdtyVv)`jaZm(0rEJJ%guoi2I)o;UTNO&MYcX!gHG9bW7O0_*109I`2sFdz?1Jdoe zxmx2y9kV*GO_6P{krgz7Vf0`-$%;78nHfh#_?pQ>0tXM(|P zU_v-9SZkm-mm7$|mtN%hSiX*q1PKICA0UY$Rl3Sx;efmk?^jEFw&K*lMYkHhaSJ0P znMLuolg?FGW9m|C%2Rh&7gsKsMa8!EzC7nerM44`mz^P$XS92yrmykLV6cbEMy+d5 zpCX6oAC{&P0l>-HzrpZle1n+y(19u%0g!S+rp>NAbGOG2*B)kRnFiIp+v4+JByI={ z4v@h=$_DcHW%lHJz35h{$gpxj_Xc&b5)&WD(vS1^HSD5sNf}iLw4I;B*Dn`kx``*U zpdxvwEL7(cwo;FytwGAXq*GOiOQk|=4x}ncz_)D&rt%pQkdK5a?6(j>itM{i;Vz-F zJ^{p1D9GF>#uFDM+mK~!t3~=MS4HmF6$uBN=^w^|1e(4 zik+Ol(&>?1x+4W$84!tG+Kh(DUZ8c?k3?Cs zuuy26`aDT#Jh~xkl(=L-!6vBZi4&PEJw9N_?hb&nN!HY@=gkgYyDfUO=?lp{uBy@UIyD_5T_xZVxA<$~ys$U|F$j#F& zo;W`}E$)*qi(tjzzyVSfRgC3x+iOc9(SYK7jTRWyhyOV@eSJE~Mon_rm51(ej1a98 zQRyZ0uqju?HOYk{qtp&zbh^mEXZHcytwo63AT)7;xE6(ya?pkY3a&Z^be$l|*%w*b zMmpmiOMbE?Ub@GpD+s?Vk9W%CzsAk=0A#Ia$+zpRgU=I&K)UTEFJypC3)q0Q&F&=r zL`3(gLneug2cV7TL2TpXD5SoXoaA9SwC$x^*$dfg_4dG8(DB7xkH%@v`(il$D8PF9 zn0HBZK5=TIlWX9YP~v{VB=zjDdb`PPO76w|5=-EzN|+UDDSZGc(v&nmik4vGoOI$4HYBq4=^&f7lk|g>f~xN$#w>V-M4ae z&HvOvNq~RBpisxZU{E3c-vr`suDlZ*Xl5NGs;SXt{h(R%?Cddx{NDzm{0w-x3PY~S z=!W7IBlIoPlixs)P(#dMK)Yfih*Cu!rdc$-aSQWy?BUK#G19%8;cL+s>Ju1xKfNAc z8^2Xk6Gs42y z#`vT%3G7?*DxK99j!FI=;z3)>xt)@l3B00n(}pKnfkt>ltX=VEencUAIJ=>V*K7SZ zKXMj{gW5swv%dVid0$mkvF+V|l9D&MPCfj=vKwf}mVS7aGETx_yP|yqHBdR-5S1ka zLTP%3D(nCzp)!=xCmtH7tiMqt|B*>AvvBp(OzBSJ9oe!@A61TMsF>vG3k~1kO89}Dehhahzh;p4Ee<>t4 z5SVJ)A2UM20!C9$SU4Zelz+>$ap1V)@$}R|{ zhhrkV;W+D%#I7piQILN@LnK)SsuhMjhnU?H^fJ}p1p7bj_CEujB-cce-v|mjXY0j> z2MGd_j`SB8Kvw2|jf1+r<7eaGm)HD({FF=1$qosjzDT>&E5F$LY=;ky={#kpX0-V3 zQ>Tz)CJL*9a>yGu!}IWr&+5ZHLF)Z;9iTCT5~qfKom8QhlFjq{WXgkGG_I|C)T~UA zSH#A3V*J^7pO@dx*zvTXFsE3=wf^{BCS$UiCI_@JX*s6g*P&ym2>sF{GiBhK<&!{< znpCPoT0uP@YFzo^RDP$+{9e8)@~McV*_p~i-={Ut6^xRrk#dW@Jy(%3l6>;DBSlx6 zs3a227LOGw*!3}(A7J9CqZM&`A^eAk4<71Lij8z}T3T6{snWmIjpdOihcsrLdcPa6 zdjV6d-f43J5iq_Q%01Q|ks_>J<(laz9L32gA(7@4^;zHH2#@?uLR={6Y8L#MGf9JU zT2;WX?)_Gzl=;hrT7FK`Zx_f~>O^fT5r4=P4 z!4TYxo-gSQAGLsSS;~^?g?objvl(!CJ_?BYu7klu+V-U^xG<;gw4i?ah?@{ehIja| z*8fp~Ag_JZjzQRH<=84KkEp{K+0KgLevwrpfLM==W|IirMMkNYkWK&+p>t=waC+IK&=jv1LV>XK1~C;92Dqs zOg#F{51#k#Hy!hmWSvscmEdixXiY%KZI+WNXu*#k?yVwCGSEzoky?+2We|XUt|YNH(7DQ&KF>Q?~fW#twF-{ z?vJikuUseY)_n;{Zs$OULF|%nJ@P|Jk~`xPnY8{K9ZA3bI!0)!DJ}tnMZ6!+V){IT zv;RySkd@`X9(C()-yZsRz(v1I>Bj2!TPo!kgM|Nm*^)Cx1~t}+ucS>W~4 zlA$3+!1KC55rJU%gkN8g^uoWrnaqXhT&t`IneWkh@$CNR( zu{rzBhNwu|Qo&)W!w@H;7Mtqvbum?=MG5p)i~wY+3w_>m&ga3H$q3E#&=?~#3|jJ?f)$NiYOs3v9dA4PV&di3(|JZ*ew&3zg|rxI+J-gKk| ziSJ-d0~N$zu;C^Ae952K!THbHK~$pvBVH9z!zcftrN(2&`?BeOv0}9h+-X2VBVQ86 z3bb_Mww#HH*V!f#$LMA*>8NH48N!CFE@eHwqZHfe6No#ao(o&zsW6*nbu+`=s@v}S z^1EdHEQtjTM68BQ9e1(#Gwq)EOuOy05tLvnAXu(6>`Aw%C0(F_s2VB5*Yv0%E9K_W z%MAF9)ZFGsNxvbg6yyrECE!n1C>)zD(QYw$MV35PV#?7Gl&imvOwT743eVksRg;tW zfpP2Ck0u%%9OMa>*T8ge&qNEOn7Y)+Ou{Txb2NF6HBU-Z?#3S{T>v+#MXV^3cD6fRnH~xlpki7r`;gM^+ z@cP)#4hbFHJl7&&4hdHL(#1M@&dzNN^&K}L+>(vbS3zP-~&D;=yJT1u5{ASLJ^TwBG*=}=Pc%j~XyW7kw zr9nL!c7K4BP1}yy=K{fHT8f}P@vFlte0`>3YIlqSmYh%Fb!46|2B1xewc=o~4`U! zwcTVVkN5nQ=Ocqs2XhbFBIcvf7lR+~_8eKy-xy^Q6ZJ6d_WD>acJzR+%tEqv)t)h_ zgyPhPtXDr#=-H!WQYMwue^iu9m5IP z2xWFOry})*)xp$h$*6x;_^~qhpM+Xv)_{2Iax2wX@A!GiAb`6$Pw(5I2_;aZ<*xoLg3ZrRPX%c zx+)pBEPvKST0F3ROfDJk=a2a@c`Oz9k@zl_>ura%HT2#oK+|uf+BLnWKg|@-F}Z4#(o)a2;0Er3`TZ{ zA8x5+tF_^bddyj{fL73br~G6|sk?xI20JgnQY9EZTvX0;M740tqQ{>?!32y5XFL7X z*lAeEyA)P;wWtmbcT3)y{8MGiYDHzo?Q3My^vXi4}fY08# zX%}tGBF5>GdKK}e+MJPEjfayGAM>nS)w(Pt?lz{#UEU$l|4ijRTb`KI4Tqp6#^y;d zSO(UHdznuf7K8uye}Ufy0O~tt|0gj6UI}AJWYEx66{;%l?AJRl)>tUD2Qt;gz%lkHIEB6JLBt=er9q_qke5CzMlDFjbgB}}u|=hURXs}@>3a5lja-`sapCKhw>MfZ2E`2?CDuM+K0 z-zpX!LdAg=;9B04liM*@e}8{ie`YNI!%^p=r5StvKzT6uFs_`AfrzQgz+i4f{sg_}z^nP$b1ee< z^1VEb8@ZI$upv;(qC<==uKVux2rQi}GxA)7>>c3J9vs%jIv9lJTgc(hU*KHul9-~= zeuVNI#DGg_SZ;4+N16C-Lhqg~>|Hy@>Ld~ftXGi0N^ig_$b=;EA|V*3a2gqM#6Z;) z6N#Ci!V%*!*I?JLK%-zxocW-<*cC85;&e!Vu_=x*v0SwJCKMh~FhC9=dlEW~pNk^W zgfywIoPacSudDZob~KFoTgs1)*VBE@4rQRre89&P^!?ByQj=W=7Z_|?hsI#wCv?dF zyWpc;=)jo3Mu<@L#Y!8$%u+wM**KN~*wHDEtWQ?;sUz`~&Qx8ZzUGiT&heS;nR&h^ zr@M@_B~#BO*@qrK;85!*_r!UAI`D50|JKkvV_jnNt-#V@?&9dJ>rUmghlZz(ka>wx ztfWODs==5ded)1skE5F=C2eW2Xxn(vO7RAh97u-`B@#q|!EuJIDiAJ)5o+|R*bsc! zav{xLSN>TI(%>#O$#8}%s`d!6!dD%=NRcgF7)}m8r!&veoWij8D8R7~t zT$*e?#*$TKu8EIiG-S`%bP0E>(GDPm`D(NQXaB$dyC^ z4$N$lD}zq7JaKe-rzb{jgMdRFSjg*oM6&z5Q@@itYz={fc%V9l6j1lz*L$9%2Evn~Zo@P6RUB9{dXzu{a$40=j%GbKnXzr9 zryXt0E5Ssx1!#7?MU}_}TCP`5Lj#qPxTWzq_^_+Y@*?PrL4rOQkoR$<$2Ej~p#o9` zh%?lkCC-L$U>atfdFZ4bi>zHkR^=39yGT2D$w=yv~t$Vw_*{rh#A0+$5j;FnJ z(6G3Q%9XoauIulP-kCqfbvC!OF{zysEU_jr;zRBv*$Q#MZhnQM|8I;5h$hnf9AkR^ zH^%IrTgBI!X~7{$)B4*RYO>d>*#JL_L#-x~R*oPH&|;gUVP{$NWCTH0vm;EzzZODj z`tKN%{QtEOv!#y=Zc&-`D~j!!49eB!3|k}#CdFR&-PX;Q9X^Tl7pS0ncPgpWyvF z+Vy=__*)#JWev{Ny*y&orGn-9{4({q|-vm!)&9v(jg_N866?#09I;SnF}H&!44~>?NDrWemLO+V(?n zQR4~dw>e3u=H`c;EHEc&p?>^aV~SuWCOO^ZZ-0K9Zj;~+6D9wvWv-?ll;8s>s00Ea zf(jybCtykuIYQv@eX1XWMVcZ)1b+c9*AR3&F96v`#ygwb_iNChi8!U>KWi;%H4h zbkMDJSw!5ZJ*xwgRcS?l@cfku#hy`#gMs1%6wW!4L03?@IIJ8YVrdj*=Q0aDMzK7} z)S77E@9ra>>rF7cA&ST?TbGjRQ3RjHVS0MvuW_(zu`VY4^*QX`hbb6P8Q==sS)FWu zqoWw8NYYLFT*;iAKXtx-Wse73WYqp55)Y;NE2$?!oZ$$Do!GB^1H5jpW56#B;osu5lH*yXxEKq+r*?dub5I z{CQI~@Mch56B-B!NjK5UnLe$p;AS z2{TW287a{GZvb-*{UJX?B#x9B&Ye44(Q|}%f5d<+xL;DgfxMwXWr2ny`x|?BHJG@A z8lfR#FP7(*$bP}+D%*I+X0z)(Fm|XHf%DomD174CW7j~4&_RTZYs0are2fYV)<+y; zG~hFSZT@eU+53-tk_Z0VWrp?!&k3YmkW&+MHb+n|D%{lHojGb4WW8;2q ze|j|bW53_E0Z~fG*B7z9+{j^}`ix&CN+DzEQX8UxKCdl4N4jv`=Mt61*7%n4&K0Mj z2^&7xrIp12RAju6>xRUbxW8F|T9ZFw*(rVx&^RFJ^Px$$M66CoKD#27h)2GDt&9EH z1@%ji0*-NfVn2JIi)iTf{qySru(mlBz9D8F|4&<29S}v=z1gL^yAhFMAJJt#zL)4(^-d_CMG$ zh*)SO3ltu_eUk~eNIDid(PV^vY%=$@He{NOkVU*p-chh=C9K0=Ff$-lBk zKN`f_4c9Ce4-$E)aoDk$Nb;KjYZ%8-npf@ShU>~jQ0K4Rcp=olzEFyzMeuH~2TIhK z(;d$pF?=PZNo|sGh^dunXR4x`2G5^~k`WKl8;yEUmV`GP*lf#eQly4wcuM5xg&t*J zb*si+GG|~rj(J|_*?WtB_J9n}qtF`vX@z>1yY%3f z9_pGKcFn=ZHj_4}e@kZ{Q;s@_-Cfqp4ljAy)bhnoAichzOGTtFdBBeXe{m!z#W%fT zi)*B`e*~>?5l$5ie=a`4KSZ$ZPA?(HmpapcTmFg^)G5$WGlejTz)m^zohrbrq^3|RH?%cg9h3wx#7Av zc-@8arG~FDIp+aMrj{mMtR*Hd2~GgB(MB zt9eI?(Xg#rU9UJw#W@a%+VlzZ8yGIIu(UjnJT`7g+8$H<{hal)e?>k$GOShH~=-K}MAZ&Sf506yp86O3 z6?&n4a~ZZGXE~@vKwf7M9B(3NsXARxwcIoJbNJrS(eL@W>YawP`*+1(cHBgZaKV35 zCn$3kXs4X^2($k*n2_f-5DHw#xKjuH#AuU2gNOt|O(0H_>4z&KRQM%wtLNPC%$fH3 zif@)TxNR9<6pWO37qp|xJEQ9E?P7cF($&yNHuyk9?rXmvSB+noVF=Necgq6zCbMWp zxLxK2?2@y6?%*7+7ODZ=e%@Y|+&-20$xFSL9Xp|AHSJ@b9(c83vRmBaHM6gPWE|9u zC~@4I(&MngWrl2y0`C6MAV=4#dW*ch%1$x;z36m-y4fTTqGw*|rWcjw&m0K9HEEdl+_3K5o9`|crwb7e=n=7?gvfl}B2Imcfsp-5istnbiv%y28a~&-_Gk1_1~Q+$(Y<4` zwW}fdtP&=MALkm{w`&2d3u9=d+MQuP>kDfUi376GwE)ONRFl2dl)Z)x9E>U;u#^09 zuuh9D6o?-09vI2kl)mn{Ltp-yn1DG$cZs+>@~hkX_{gBzlbH4Dgsv!0lO%`WcnXPN z?C0V+qUXN`rWI_vhX4t%xaM||!=CrW?;fDQkoY@ial`LCC)9@f3M$o5gS!lB7vKFW zCiX*eKLUBT*5a+<21AeU9I<}1l@Ue{lYf<6nYFDY?4djFMs>nW(0jIQ7JM>zQYV1& zXuelPBfwHfr{l}B4B9EWA|3^zmq|-|!JXP@l44uSrIhbc3PU~fz8XrPT48005t&QJ zUSO;)<2~}%r{-#4#<+-A#rpz^V}CAJnZJlKQzxn}Nt=}mvu;A~p(l&bC2tCR8*tW5 zLkZxstL?iqMvpRX!4vf2|Rvtn`i-Kaq zh7gidL4<{n!NSXz+Jo}Xm!5UZG<395eY2udLz5Q3-^onjlQrY=$n@+uDO(~}5oeU8 zUm`h6xL%kiXXrJS&5N^Oe$9G=msN(btB?@|AFOaZ0s#umUCjsUaXoc=cWQ zB@s;)c^K(Q;sdIUwz$gyH5k=SHzB#0CiirmIG1=7*%R5?Ak;Yjul zrmH9?A-!4RyJw}jpGqSAZW_(MKBpAz$&8yxQ}Tgb2mdo2yhkG3RJFgcf0Xl))jfJG zHuiH`ZC=U~V%m`expSmIAs6g^-<)MCH^q6?Jbmaz_p;K~Ig1`6_2LGG4MzF+2uq8M zu#Up#XC~=WUyUh?xQ7`nVy5E*$!xIpSN1Cej9Gr@Q7b3~1Th!J)N z7H5hRRp7G*H=|Z^74@N~)?06Tf{!ArFbQ8QJb}kVmludOVjg_zvOac?cK5BsUHwvO zVzY9$5_1s+OWeC5jxt8JX3xu1$*ozvbnZc@UHXF$$No3XxO_6FFv0epPscb}sR?z& z?^~TBh2+(BOK+)gL1)U{bCf731NeUjrSSh79n5D%?Au1Z>zMpJo{=D^tbhag4YS3& z3zf_oY^?DVkJzatE`x)+Pc3s@?XyKZCkQ(h2udU1oZm6|dk>WNdSFwD~qqCtb zJiS7iTTw5dZLP(}fVX&e^fzfYPLIszU7G2}mj%CgB|dEf?!|^tdL}VLjSG@oDmNP$ zPb#}b1~HEg$e^Z~VN zuLgc0^#swddj`fYa_lUN6!~p7i>h=NAf0_OwYr+bp*)M-@0Qla1u@+JOqoWPoiL0FJQzz6+T3LH*ocTl37 zYf@iqX@=6VNv)W-{oce|5U>>${_Cu&=So9uMFE8pOhP zB#DJ?-A>C)kU4K=w0_<$Wx8HElHcF2VSeBDY`+VLAt%q{EQ9qqJXPz4b|?&-ewlK( zD7BEXHA5`!0xlq{>bUJ8tTZ!);#eSWTP1z~nng}g@bs}wIU8jlpalR%k#YxWLh34dJJjic1JegGjWSay6E+N_o~mO+CVLr%H*t0$%jk ztW*D@oCM~tcvz6~z2%jhHxHO6Ki=+)@-cZtyp=FF*0WP6k`4VDV!`}FD?W1Pq{H^z z1mTdkWs0sw=mj}7kB|^%8u4uE7d@&ol(p_>1M!O9XdD%gurjsyxYsw0CXX$4x$D|q z*g<+qPfDLG3I$rJ6NGY5-mT-meY(fhOvApPepBE4?4apZ81emTeF-5SA$f3;h}UQWcw3_tHhx;YOYY3l+n=p1N@z%8iPRvWGodv~na zH2o4fIiPNaNYPs?qf@kyQar8jYSOMtR!O?Z8{KfGQGU9>rOVjjB!t}@Rba%gYwFgJ z*D>yq_NV7bF!OR$Q}I7u&)5Nnh2vp<&Z8sug!chJ68a7Wutz|NAg^7rc4RsYbs9-h zQ0@O2gi`kVuh%ngi}K%E1rQIjrjJf5>;_cIB3VgK7Jr^Ud6xO%5t_>>pqzjkniKHi zzWw#!QaNFp$9h|K>Ru1QgSniuPHwS9i^7R#8fINZS=p&Xm}@_7vCZu)kgmK+ctE2U z(ZIbSm$qqvkSCifpguap!kuX-Ov5D_ZQJnz$<5n$h_fsoPA zK*TQJlRz1y%c>QZDw>TY?>i*KraU~~7HUi;yvh^d$l@js5k3i2Y;|=W%Q(Bfp^Hy) z@cmVLe(p=@`;frCQbN!tW4>?xk0BS9A%cMPU8*p(IQTK)+)~WuhF)^^7_HHLFJdD1 zZS^0kKyu$2Jjoq6UPF^23Wn6K$V+v zM3oyAAiF&Oj<#CzHbYikNVTU75LSszEsBz@(NAF2%9*Sk^D|Lc2o=i1+Y$Z45`6d+BO(ldU0wITdM;R{q>X_DF(5L+HCU zwrRRbeO{lXa#+|yy5H&4yoXV3zb&h(v?80NddP1tldu6_qkXA+AH=?0rI{Ae@Vc$~|{%V0<84 zRy2^mRZT9Hfbu}LjGTFROt;3vhp$YiRkl8g_}dQm3fhS#z3{~GK!j;K9vOo*lA(~R*>J*aa^w~si~*f>a!>Z=x& z`z^`@Ju)jTn`v3)L#SoZB2Ui;v!gikcxq_}f; zc?UR@tnkax7Tna~Ic*;jGsf(bQy3*y4D2k27Xkc?&fA(Q?#r0!b9)-~aTf*8A+M?HD-JoA-1yfmWJ4 zDW2Ghw#2EZ|EFQ39iuGP3P^cO*s#lENmK0S6?$0XXm`iF5= zU5$hLaWphr3`|6*dA`2E-M95RXtL!kA4qO#pG81wwp{_y5z ztYb0`#HmiNZKR-4Kbm`W>+R$mCF>pK_io|06NHoJJU8!^UZB(ii97x;ak4668w!Ex ztOpZWT?M)B2i|m-^V#K_uG`0s7^uQC!TW8YxOnzuqA+qd3Nk^sSh2Ycm}?AHd}MyN zy{PPa(iiE~&uw0)ZKeM*FGZeP=k1J+f^B%Is<37jr6&;4RaAJo^c8*pkLg*MdRGFH zQBd5%u?$^YOOUjPq~H^zhtzz1n=sJ{FP|5fv>I=ul}k)QQ~5UvfXTlN$-CKBzq5Ux;L%|G^b&XiLp z*%g~8xU>nA?5Sff|Ybtp1RpAzt?M6SUTQZ(5|yc=K*EU68nD zQFqxstj9u#)^#)86+#$!*fb46uYD`4=`9+dZo`n%uHj*!%^T;hK5i#Z7iYTs&Au;A zspizEIk>Yh*^j3G{syqbXUL6Eh}j_XzcVa#OGm#7W5bMV)!QhEopkNa@PQ!It2;9b z{Z1%|aNkRPgx2wutX9>)1sjjo2e~VqN!W8Mf{1$E9gqScPQ+X--5D4KB?}!nDv&O( zWSx6(CZGfcH<0r;=jg%y>85E`vAc;Ue~Eh&qiaN;APyD(vvTVl$gVsIyCI(eFYREv z%pn0@^=Y=L6Y3X@@iY-FL(Ny@1<;+UJUNIA;ms6@;n{fZaYc>erLSjy4hyHhOr_pM zL5vE`8DKM*AUXPQ{c==D7}1tA_T^d&OIM{xkX+ukb0|-J1&)| zik;#c^p;bP5`$?sdK;_9e2<*M6fFl4gT9vPfUVDJN4Bkai)vH=u7^pr8B%A(rj6^L?G~SvFbnvOH%_~ z)Rr3}rVAYq(2KDMpVSK%pDkyCC8|-@^g8eqpOH#Dsz>#|X%H!ZBM!29?cA_tJ{LxL zx+A!7q6JM<+mxv2nF)TQr@7*y)-HWDE)t%0)K{H@$Ur!;^}||-xnk{duHb+i$(gs3 zZs4L3+nelA_}{xM(e<~G+r#2>U~)iX&EuWn*q5kV4|bJ-|AO1puHpl`J#IIWo)md@ zKei@+4Ob8%WjW>2z-x8FCYw z4QH+SMqCMf=NE$lgxpq~=iR!@c-LF>?(_98EM>01vYk7BCqki}cS`P3GQXgAY}JAE zx+FY#36DSTGoL`c!@&Sj|dLn7IfD%KQD{Bj{#IF=P|A%haXq zX+0yapT&&u;;g765!kv4v%_;l|XTgTS>+*!|urp*kQG z6ubIn7BCA4VxZLplu=qlzfc+o%?!xyimpRVm6aqiH3-8Un5Xa7+HP)8LdRy10M;*ESKRUaVOiD{N@lJ`UTE@;NsZUMhRf@oPyu!c zesj8Iqz~9*N#g@afv=ypE@=X<^us){1A?_4Yfn~x$hrHGxzUlv@k3Xi=5`Xgwa*4~ zASGFnQR;!|*w1Q4KT(DRjF}W9pCog1$k|}3&d4$T_|VN6eYZAelP>VXx(AWk@j(3O zl!(sfya#wWavi&w8=i9R9LDwB7)AXOHwIDsYdPQl@((Q*lHm-%EiLk=ZQII5IUk{z zeIr>F*{`;DZvg)L2P$dM(&01aGnHU1#+(nLT<=pK?+a;DIMXGchxuifF9iO293gXj z0h7p#@u9g{E%YMUPxpHo=?c33kH+!~<$e6*jta7R1vaqf)64%>0IRA2OJe_9WEJ+K z1}sZ=RZtTJg$nqKy!w%0PBt(nhdI=O$?2{tEM8}I2w$>_5Ui_md)HatbuU@p5v;3X zYu8ysMwcv+I)HUmVCy=|%?x1Cz#w&CBD$+GN`P?us_Vd~JgemW1PWLOqOE_c@BnM( z|7P8_y<}n4Bl>k!edQV}&GC{2lw%>MyQ+k7y{+JI1S^^8Av!Fx9_ZV@)eipWtOXI5 z?ad?FyUKgN-d@e)%l3fEy)e!OpuMZy=j+Vncz{U@^G2|)vRbdRLZ4oqwWs7wu zb=H%#*2l)|GDiI_vGbOV(`!>q^CXomE(U$$EoeT?rPiv)CJwE1PIx zyYGSPyV9dwXDv1-KX0dni8TSND?QS6mTm{)jLC96=&%O>llDqta-BH?vu^@Z!rGdE zzFo-@uCtyGTwVc2Gr;;c!u&sD?A1szXn_KzgJ4|+7q7Qf^ZAmMf?)ke(CFIu_nZb; zw6LXS;5z@qi+_z(^W(BDmKLC`|M1~nWA)*|mRrCSFgFD4$^~}4W1P}R8sHTJW}kok zA=ha(@(3C?-PMlxI>T8R+0d<4Fh3YW7YU*fpv?&h1`(jc3jxSsByC^;aJL^4SRepd z2<%Zim=0Fh1{MKRha$l*1Yih50lf_d>M?gSL=_ zTR@RbB!T+izX)O5NCIsy&@adi%%B&n2afoTG`1j&(Ypvh2P5nQ3xi|#ke6YH08jRj zw2D5k2x{U12qt*~qT|um0)cr^$WSm)uz-Frqg?GXu3y)|5%MuB_XA_>YTOR@f4Nz>fhi05%5Wpd)^>!4d|*{2&q-(E#`+j0hi$4%-+2p70AC zwk`1F+y_Vy!K7VNAuc>JaIA$i~FTx!M(Cz5I2$BcT?ZyFm_tSq`cmtR!5GI|B%O2fG`wZNH z=}egIB=EHLUjYx%^fSNlU7bI;X$gLWG5qC5{7<};ZeB&Z0P7_hWmlfk@i9e;oi6d$0CIt`;T z>%bY6c6m$Vt8G$~^~LzWxPa>Tjez(8RaGhM%gBzEx!R(Gd*3ex6HSGz66t>ko+$6Brid^%f z`c5N3Tmxe|&ZNDAxr~yRsf@)tj^$LsckIX=0XUt#Cwat7Zw>jzQls5g`z>0QqVeMQ z)u$1L%TXj)QyRE;VO=W8y_?|>Lrl9_@63*vvzX>On4#;+JEo23XWI=C(Uqqi*RQav zH9yP@2W5DpYbw9UZFwI)@XG&@@TBd15T3IoqBmeD$D}QQlBtgiz?r!VnVCGu=%~eo zBdZm^7@*j7kn(P*4{TBjh~SW%oH5|K)R(z8jv#PbeExGJ`nDoxuUYnKP@595|ESmptorc7~q)ULTxBepaZ-hF~Wi^-ybg8USJcej+LwYtWK^6>V6 zH}>=BFQZp{tPCs~1GQO6YMAg}l~y7N;6Gmhdp+zQK7{2+8ilUm7Uf|{+05=x6D(Ax z58NETO=u7A*oyBPwb%IEM&=P!p7?PekC6$zZEXo<>bv*1G9*oetS{RV^vq zYdSs(xphR#QZ0?(_axAoz+fhPkN?^)*DlU=a%jh6e++dc!=EK-tpDf9cs@#}+%kiA zVK&BTFb>9Udj@PY4699^4g5Xl*!%01Y+(G`trJ^pARC-1LU)reI-{$X$~ns7wk19l ze!Xi6S7D9I3_msRq=tI_)Q!PDE#}8eLU?Jjw_9`bKb#9w>}L-7PPFHTUB1rcCFkXx z7~T)bC8Qr;P+Vu5bJVTQJit*@xukenXp0nV8ceIw)b>2kFI{mxsi=lXwcCzm1}` z2u_MlK1J(9J*ah6jJr^T3(}R3ppa{t{-zE}&+a+No+fDXPna})zo0URS! zSPeBkD7d{XKQ>MWeNGy*UKGfQaP~NOD7$a^L-6A5kl05*b|wRjSB5c=po+Qba8N(w zI5+UTI=zyqOk|*>8IC^Wj4->p-!dALs!T*CxEXF2;NRwwnr6=X z98-#L0Hbl-uG@DJ;y2H9LVaPb%#+M8s^`fK&wLc@L6p13JXG6!S{myArZSgSrF;^X zW?8YuMc#T!*COyiJXb$z)@*(^(Adx&F*lcy+pN*qIebQ)2Wzk3+=ordE*7m;uJ@f~%gh%ESpQo+UB+c(g2O!z-u|L_Tg3#Wt= zD=rItcx1JsQhfWfPwRE*Xkg_k)Byh%W9aYpt3Quo=C8PNyp{WGNZA2B-WLcDb{M?s zoKWSzeK8nes>q;L%yqjr|@~tyyZMpWqYqCpPn_w7VDut7a(3c0Lr_m2PQV{v^o-V?o{Ye#8*Qho1Q!dg z2rV4aeB*O@l#H})bQAbFyp^w{A-uJc^}SU8xLbSfGZiBgnc6v0tu7gC)Oe$B+O*_q zR_VZ@kAr9UK!fl7i)~Rq1fGwp*JCvAa~BZOV6WC>%`?6Oi#%(co5R;$(hBs@vU(bH zoZl6d^w^NSnUwl*=T^4p>}js0Wl~YS<1tPBGIG0^_<$6eA8Y>?^LfnpY@OYK`GX{s*;Wy{^06LQWON3q<$XWre!zr_=6`e9X zcsK|^;P=764Zc#7ns)hC*01#u6LDs)@2G;lC%mz>z7z)sJm! zL#Li76QX4Voj?upZ8q+06@NHYjnKAh{R&p?f(kC3g_iBwlPjcsJ4_l~SY6ilq~Se3 zRz?;T8le{z&PYp#ff^AhZdcuTLB3WF8d@L#>a{bvWDA{eb)y*#psnQZk!KH*7Er-glj5FS#<#bs!rk(VF!Ge|?fc48{r8mySLWC3jI);&kA~i4*`}>gBemdTh3J+#UHw%!8OTJ~cl(CDXRQ5uLI+EWKjJT*n79oItrjPY=ylNc{5kw7xk)qS z;?^U2piu=z**Mt>j`*@k$OcK6uE8#mfjB(yYm>b*t(f7CA!nnr*HF~MUD~w8ie28r zSYc2X&>R{Nq&G`SXghVozS-ywmyBe}Z5)H++hODlMWLkCQeUMSfIpEQ6cK@^mab&) z1y6Gw&=dt-caT%Y)Ht{o41PZTLRixG(MdaXpJ2V;6+=2O~rDn3sMsu0O&W zs&2CV&=C0XNBQ52k$*tg-x?=sa%*H|2;z9*fIoVMEtN-ggtVgV2hkJebM5vR{oNuO zJIz1$G3I;}6Mt06%ta3~i2nf+go0lNnF?yg=LZ_*rXuHTM?9DT{ypADNSg%s?mZDa zA>~pMPR7;?&EL6~DTfIh{ff5D0z=0FkNbH%Uc=WD0^SWd%WqKDqJ5~cw_Yw^dv6jg z13XJ7idVOfpN`WNvb4zI?4{mdzITjaT6c{gS|!lRo!G$*79qxr_W!AEH0Z{1Jj0$Q zQ3w3XL@QS>w@R;g8ormqCLwRR|5q<^7daZDl&A%B<>o?_F@MAoGrAuy6**!-Ltnh? zX#6f`Bdj5M5DXOs7v3y;xS}YDYvsPX6KcPd0@C|f87Us7(2a%{sjIsmfQLQ`f_`Zc znfHjhxiuqhJuH5!6IH(sW(6)h~iG<9~$RQi2JRfsq%E8;)oTmkLh*~$N<%YB2d zfj~vcM=vG)iem96HWIY#XQO|plYI?tfRb(wtbc`b1$2IQ_%CW7d=2z}sAsFK_k#D` zt0|=<&>h}K$Et`n78FqS;8Dj%(Sp7a>VtX+Ndc>5UF>5wp*4^6?xL=Vf`D+ze?kDSdedAHs-jzJV}L?dywHKQ|Ol~I<=*24fh1YP3zFIR>ca-C!x4e zw5_V`S*h6BR9~W(6u{FzN=AooWRp`D_&X^pONO(ktu3;(IzzQ*fxZ%9GiIkG^BeX? z{+A_@GZkRPpY^UZU;c?P{flwwo3Z2x9q0`)rRI|hR^1ZgGFL(!mof);=wF z=sDp?SjVc9A zp2S{gbZw8$1ttmu%3EE+{v$KHc>6 zQ&bsP!{^1W1KUYFgYnODEdKn70sp^o=zsbD-;<60T{EKzFy5t5+hd?H5MjbFt4R_)AXgaMm( z`quU+#-iu?uitkn%h#OzuP1qgKgpBf-y8?!K0sGZl0icux?Bbsq{Bc!OoLV_C;+9X zOjh*XWtN8HALlw>VFk(8dWubLmbnvJnzl7Vx!>>AI8SOHH7&n`m2bwcg26YteH@lE z<#&H7UdZ6$B`fEP@Kn6|T~yb|Y{QfSW1NdiG_tgm*0Rd4&2N5B7?ln8lm^%#Ae1nj z&NWzL1jd&I7;^v68tafNi7*7vyoX;^Yf)-!iWef9V@JI0HVRYp?-1>N;WL^=byS#)Gf|foUmBX&40pD0EF#LOQM%o-^uY<7U!1Mx$IWwA11$2S3zYyQZv*A{(|i-!sG%M zF7`y&4{}+FKb#WpO0Smv!G%j2Dyy|WbdMJ={_V7D(yd^<4LP(MC3VvTviu<0(vjjr z>6oW!nwl564w4_b#bJQ{sAw$A%2g!Ht37J{PyGo#;aGGlfER_zC~|vxK%B1icantf z7c%87>|TAF*Niap$m@@JcsC^X@DLD>j}TA)JYzqgb&#XKDHGj-sGOofrB<5nu|%iZ z3o4;^Zfg1J+>Y6n*z7(e8f{~G_-ssYEuBGf~ zg8@ElTbr9(`*wi+SgusdC*6oJ)sA+tuaG`{`(YLCv*z^)= z)wNwptjzjU?lIls3YnZ_>vqD(qv>CKXzbzrIQ0^)p_7=`5$!+S#UJ~U4Ncmf%hLZ2 zP*S(Wj9_yRYJG39&&>>oeA+NN4dj@%?z7NB2%b!sJoSu{18Mc}f&U7g+1zj~ERT@RU)FU^rqs z7ER4QdYoVW=w^V5%~9Iwv$8FY^^06;`sKIw>2-MvS&}xf`ohec06Uo@(XTtCP_;o_ zAM9Q;$4xc)kgVaVo7zjV*|p>qX(pI!-qC7IHOVpGIBcKkdz=`aW3;2~<~&B?-xS`# zf|}^Sd)3j`_v_Ocz|G;*K?(QmZlFizXF9AFtO&90Zy8q1M_A)tHlo6DUIgn2ETa)S zZ{K-ZpN=bp*^X6phuN}~iziMG;nKeD5ztEY3X5UV^$K&aK6NtdB7Sk9XkTT?kgsEt zz;%9hv)-S(*SI0vRL;D9ceYuOwzkdMo!Nhi4Ln@xa(eKSb&3_mjI0KmjM0%KnwDImXOoN9iy^?D688=m0JSsEwp)#?d$JpN4tc!EMD$x6NM__z6T zeP(DO4c2KI+FPxo>B4ok{M~L|ZPv`OQ+zd5+z185)4OJ##xlIaki2t%JhJ%6Oo9FZ0g!{8n#}~X)pe> z;?<$b^$3~I3}~BbjvS(aywA-hndxTa12{E}e$eiwy)pT`8#(Ymqq|pL(YhrbuaY7s z`evx+?rCdpB&CvlpX>_-r>6515zCQ7n4egvVhx#U9`!XXRqIkJ#Ao9H@(WI?O`abS zY5D#kYsCXJb8YzyO=>{|E?7Gcd(D9;$`s=ek>{-+w|EOb( zq~%iGwAjnO+m0!ZKlUb$!NORAtmhBq;KE>-4)=>SJ~^HqHE5;M{4b=a1Oky_-4rZd zEXwga1Hn%YrT$Y2h#Uzgk<46+PH0UKkgYZq6MA9_=Wdd5HX(oAdCk?Iwi`(a0uQ0temJm&>TO2S|V@sbhc^L)|+K1`gT)R93@VSU== zyX~L-DeQmUA2G8ztZ2U9b?B`#k zWulfvXY8LO?snu03744)i4Sl-*7@*dyNxY5j3ZlRMnL zXUD=O-CNBR8fO8Xk?+&-JBdUUcG%GGrYLh9WS)xI3eKl}0#bGRH#!sBvn1ujtll7y z#Lii$k#@}+Xsyjq!X)}RJs0AT(6_o5Hd6rd4Z>dg@C(Ykpl5|97MrJaVo%dan5tIDNa}Q%TPQ z4b$uGri84|GWZV1d@6uHD9l}X2w%%7OZ-VWFY|2|X7!{$ zWhu+$eZ*Ccx{7C?+^Am1!#P)fvZKcKRDJYZ{W;1U__Nyn+FJ(5{&N~6& z9~o6lK4l(f7kg!&zq)qowfxZg>mIw|5262m9@F1Vc24K$9qAT6Slh$DsgdrzZpl?2 zu7@pW)zDaQ|3<(+1($(7m3}1z5p{dcpMQe9d4y>cLGNg3&(Be(ny(dZ@Mlp>R{?WRfcuDNoLi^4=R<0v zo`X=~Q}cGkUr(7c5g0>yChjxuwT_;*`m^%L4E4Ktw6r!Yf2}g_Es05w^uq~izGO;2 z5>u3X_AOWWC_UvrDU&ZPfy}kc8w1$eU?O==rwgayfL3^&Nk0!Z zmXXeI(XYh~rj!h=loQRjynLUyFk7N5ocX($P$&0b>%Pwwj*tsl+Lzp+99>8}CJA^w zdtf2_#wPZ$&jBwu3pby)XfG#~{xzuN+zt9UP30UL-;8iR6POxR0Us<0NlzV!K0Ot= zGB1`1*WBGda0_OAC6P_P_4s4#f7AT50Qkh0JD)4<^58F>BbN4ktS4~OV-iTMU;M2n zgGb9rmyu6!o`pBd)k8K4M5+>>u?IBGt5rrs9uFnV2E%0vQVP)uP1SooHwxKpN2)JB z64GJYuD6nc6R5j{EusKe~kYqSK9-FnKf3PEPPZ}Gq0+n$P0gCC*1tRTJ zQl)zGbHU*_8(+7<{;LX$@}d@((&@KZUvLEjaowo5tqWR`Y0*105o zRxHntBCMnOt#dRz9PQRk~| zN1i2+qlF3N!-dBz{@K!ns|A1LoVm3s9!;xxvPS)!c;N)|P>y9TX^H3;GXE*WFT7Mk zL9B(^U+|!IE*ik5H}o7CL_K&e3kvX9s(jbR`hhHNFGFTF2tQJhSkItR#n@XlS#NSH zBk6T3-9bs=ucEU%vY*=-d(&mp407?Wddv1si+t}mkX@-#zZcT9y&8BFQGF<|xc6x9 zFe-R?SBTX1s`GUfIevnfYKY#Kwa2fxk1B26E&5>AeBOX+lpfATMv~rG{&cC#SyA#G z8TMud(kz&_V0__V8Pcz!fjbV%i*z))@luOlMQe9tD%%-_PqG&m2?sZXuhPYG~yD-SAilP~sRk)v{CPKpTc3K7~0J8XU371!SOWFwsd??Qk=l{Q^g z*Ya54Rdd;^^0f4zj)34zEtb0B>ng(N|#ENZZE8G z%lP~TmY%BU)XkFOf>-x@l#CV!v`R*LtXPb-l_pzdW7nE=NQYsoa<;b^OX7-~yMDU! zH=26nbOo8ePp>{ZW}PtW+>J#Ohp|lboAiFv)xeD}bGq<9dTV_ZG=X?*h9PU1XVs7m zB+D%I?p71c^@?z2`aC*kyS08lm_38!XjjLD<#>}lKY?7pD zcqOOu%XV(kbwB~(1y1KI@d_nqfQJx>yzy$j9M%$CME8nQ<6?%zmlE7W@EqCuS1G70jf1V|J3Q^KQ&wuzLoxM8xSCKwd<=R`Dwi49rjHAcpk?ar)3H~;|KL&dTqV2YHoOVDTT{rtw|x857OAb@P=?(Ppm4_A0d}_#Y6zM zRFYrDgWRg^%iD=zExby*uS4EH`p&YofkAQf9A39`8457gV!q1A#r(Y=)nI3px%TMn zw7qzk7`B~Ox%0a4O=xMZI)3eD<750@C(nCQHMHhSB*h@HU0`hF90=`AE4+E6Uv=jO z=abWF$A$+W*ss#G@3G>UxRP70 z)Wd?4(>w%t^uq%maa}%v+r7%W3axnKqzLdVh&y^CSz1E3wq}) zLABLwZt~;p(C2cmm(%1S`q1r+h&r>v*p}EjOvpMjt($g!oSTpb9Pk}Tp+kQAw1EOa zQbJ~PTvK&^T$mN`Ym`2`6bk467(vSI7-I_);ci)Z9y!$LcSAiU=`nYI~Qg~0co7T z^4+>BX(}p&DP(Shc%rFvWIL^w)FLSAg1;X0LvaC(L*^u_4cDb(Z^R}V*8fEHMry+g*RP0zVRqI8y*ZkM7W0J|iX?^gueqtuv)P8_o)jG1t z{s+N$oK-~mCKsX3{g88*Q;b~K*?sv_sQn8hJ=!(Q*gjeGp~$i`=lm7g#z^0!rA^v$ z`K^ssp|)t|E)0j4D?qdP>!e_v{q3pyr@d~Wts)td>| z!4pqMzHDYhYeYgy*$JW*_4T7$fqk7rm~0oNc2E?E93@3c%It=lmTQ^GKs^P)oiHr(rS#(ZE&3JC zH19EDgT>K@VD_(;+>q8C<;zcW24@k>L$NeiG!8%^ZvOi_tGJ9%n8_}~)HkrpDPp3& z;0XRccx$9w{N1C)P*JXniYf*~o=5`d*U(=29?QR^2YaYT0$G*<8zgw)!n(gh3iyqU z*hm{b%61c{DqMFXHO+b8-s(jLXq|LN6oV^Wd>_Bm%Y!$p0<9f}vpC49(-PY)ni zJ~86BpUiv=>GKnN_PwnmX*Zi!4llagx;X&hR(m6=+K zU)LmH+1R{<2kS0tJXRW`vQieW$p8h=q03!i1_tq{81Q|+ZuWj zFoLVo_(J;oy4PGWuE39KM+U+=#~3&ACy2olFd^pYw7d_pVv*cFqxT$K6Nl%^$C>3a zqdQdFy`1@-xv;W|Xd~iJ$LW=V+;s-}NpDOpw_Qt1`%;P`gbKF(fC`gkuAeoa69ZQ? zn?Cr|N}frpi{3{6UYd$AGgwjTRIh#hjF(E;G>!y@_8znrM}&j@n;(Fsxu#&lM444R&cTu)$o(=UbxdVMurPO4UXO6H8kfgK0{tEh9d#g~-9Qp>9Ep@oP(kt~P zJUH)Ez|y_Pi49go9|Bi6$aIBz#!#c@30bL`@Eyd0-e~l(*s;Oy(T8w_wR3k>M|FOG z5dnj-DtBD@Ep-h}4QRsNMU?KMMKA$8x*ewnlJ8l&a)L`;DzI*WK>{T60sI-$h%g}$ zj4ZqRF1vXw5hQSWL31m?Y74;mfb{UO6ZX+C0<4Jvlz6%*=4T||*+%tSe_Fvg^dxZL zXU9K@1_xEJ{P}fMS+p&Zdvm2Pa}&;9WMe_G`9u z*83 z;_sK^Y|2N85gus)DB@TtyC)XE+c@qr5bVLVh?w!VjehG%y{7P&{S+Z|@augIzX%o2ev6re<~vIqT+%*4pcg7$?1w+HrSEQPha~(2fFkxRnzX+F z7=W)!vjUy8p`P$hOL^9_66b@ywQ>q%amQ>&i+%OecX{EH!Pzo^Rf(UD;Edjxv}CNv z+f51%^t%ixd#RT_BCHcdcVw2UAyi-vyE@)Nwga!htAzYW`;s)a&+W;Cmdf5Ux0hRg zYTeEwKhAl%Is6HK>|;R-IOzQJ8w^UWLLL;INMIS#`5vd`XAwUY1AhBb_Gs6ZI%6YS zJ`ZIE!^B@n<993^eZVl`-s|xg(-sR|m9=E*UcVOD($7tZ3MHD_i_lecdfrih?^uQ^ zXp|+i9`VO6Z{iM}pDEdQYJzXOhLq;wfo%}io0jiK+`ky_)R7GJ_?@j$UFE3hUO&CF zDyBXW7RA~Egprn}_+m}%=jb&>VqavYk?0-ma}^7d;_{M&C#dF?z5oV<;u%7E?==Ha0*Yu zAV<}t!i_z1AO&*(H;cXjy@g&W)LvqOzWAe{)wcuyQF{=jTu`4MdWOOF$r_r*_8Ga2 zZ`~mp>vlWyg54XJRooF-BQegy1*#L#z|(_#WP-?g7-+_TE+^j zwV`6){hyMt01qCky%wuWfAfRI<9*cY$IHpqWR0sqo;XP?14$Xdk?O?W^6g)?jsl;4 zFE4GNNv^EP`Z{}SY&RBRAUOA|As;(ZssrN3#K$=<7M9Z3p2*=UhVVDMb6lVr(n~+@uzGwXS#KE8d<^n#<0H0Racx$%Q zLstDq+!b%eZ4*GPfPYqCKp|(@VkI^5@*7 ztlZKR`vMo-9kOaf!nTyOH|~0QzD@p!ws0CSQE|bDf}13;s|trK-U2pD9iOq+SJ$9i z*#4noa^@5VE)3k9vTD2vSPjoy0!JAR++f95b^Ky_-<@@$@l?kZG|;95A0!uuOp*vV z<;muo`VO8Gb}08muk`N%uwNzz(QoZX;YPA6~Lx<==0&8Bl!UrAz+o*SI}6C zBbm%r%loWE7=i+PmkoKb7>VOQij>=FWbl43=W_80=zLiP%~)HmveHh_-6F0&!SFPG zOcTVF2VcL=K#U8+=^EW4p)1D{17HAOVvN9!KT*8;Ftkt^o*WBYmY0D9c${j61w3nU5Bs6>87?78q+pLM_p9IhzW<~|G_mWEU)Ke4nj z^*vs)5|(lC2k&vNOEh%%mP)-#5dmEAJaRXXK}r@>s=mR@%m~bKT^nJ$q3jUMx;tMl z*xf7maADwkFIV{O>Lf3)UqrzzH}Xk+y=N9R83=Hu{DgNXmvdqs3H!x@_MrS5rcRzH z!il~v7x?#NL<>C8(;X!pgh{Lc4fVbe%vqGu1SJISl&jJ!QK$5PS#0JL;QBm^B-VKq zAq_zieTZi7VaVa(*6PA%7CYZGMN)7dYZbwew+XA73By9>Wb<1>J7BY6lT~xIdB9 ztHqgI^5sfq7%4ewIn&G)oAGcdDz3XYl`ON;JS@Sybx zKN$eXCPPCm?2-`sbCLvIIYa_6tfGAX3d5|Hoxm80|8>VSn8e>DL^!1TAy~KQw5%C$fHDO z;%91`P!pxK+@jMLW$~?wx)&DayIUz1UnFq(k!51^jl@l5iDAQtdjtn3ct@q;jF5>- z<5&HQVK_r%QO28@Pu1TyM|Y8&(t0C$v#KBW)tpNdq|LiQ7Q`sGYmI0-Qv5Qd`TzyY>}t)#lvWDP7zu@|51O)UGh|UqSqy+lKRR;$YOg z5^yGWlZfD~k42->;BqyCAxx+Onp%IW=TpSEwY{0tJp1%lBbA>`Zp=(%~$z}Brt$f~dJ>R}Pr9+mW};UFMf zKn7}HkJ7Q7W5xE$sD9M{okpcVF8@-Lt3=(L)^we>>t!UzJa(b^qu2CrC`80} zOeb8mqYc~MiJR+6Q#%oslq#T)Yq0pIfd!(R^TdyyI-{83;W_dmmXjyMZH|6q>KU(@ zUdSBFbvKBA|B*QE@lbAELBsG!uyu_I*wc;WNacODl_41ge@Z67O|?8DAG<+{DStC7dpczujuxvhBb*5ySBY zc5tm)!)mZ>f)%cG}S!ddy_ z!@E#e2{lgc-p_SX24d2LLFS^q?v>vkEOr(9MBjkwyU2$Ji2;h)D|pwerW4r{KRzwW z=`o@lm!lPeI5-8EGCs$afT4_-kMat-z{29#I^Sxec z)0fprZqnFr7>E?*t0!QeS~t`ZiH31$q8SXmqP4+yY6%l`B1|l#fJ%(PKDrQ{82@Pc zqNVL8<*8sW3CBE9(MJBqH&?uL&Ov^!PJwTG?ua~+9pCfLoYkKa0b z4S0J&{#Kp@fyzs1jq-qtpr=GH*E%ENa#NjBo5zZ;I7=QEmSBTcF5})~cwVQa(A|Tv zioCb|P5=ma6NIpzfBObmln2iZ8Vq z0~IRz1aoW&GJ8x=<24x%%d4+)gPn_+wMg<3N+JQtU8j+X_@H%5*T~82 zq6Y!+Pn9NN(sPJ?gjmQKGlssQd*110U1O@Yp8BTK%L zc!aRA^q6^15YwLx@kJY`b;WerHyf-kwQ>126f`Bb=eK$(?GW7u3drq!BXeR|3lm3E zZU%+vLysVlqn{1Lvafl&sX{2jv!ZtUI8MHQTc-B#MgU%iS@siNn_4qFj;>_^mqUqd zyw#9Ryw$hgv4~PR`T`D6nEI;7;|TF`1nmK6`WB&(K{<#g<^|uB`q3PywZszzg4HXR z_}va4y!(3&O!{$?S(1EIkVv&iq$g>lR#gM70$vLd->*U zN(I~4p+cBnone@EhD6=b+XM>7Y-}m|nD-Pp5;A^qxbyfD zC`9LT?7V4kN~#8@Btn4i&&^R#d*t7nqiFHRRQ3qwn164Ms@4e!L_+?#I{HR+x#c4* zB$Y~>4GgK>9l-JNG5vL#k>651w`dJDjfg*nZBn6l6aDG_)h1PEpT^u&wGtD{X%f+0 z_4T!Zw~B{pZK@WG|5Titl@TfQ&2?5>gTVLnFQm_o(WQzVNO5ZR=^c4NB|b{`9C$eF~O zq>EtWMUFHKjKL{kvd12BaLfIW-s3KjNtLo{$M%9{K+{Khp@)2Un)*R5RP{*h8um5J z>*SQ>KEB5H7TdbTU&s4!+KEO|>!N>i0j%*G$=xL+>`PDyOP4H!sz2@WAM)}KagXq{ z%aY4>zg0~4Gx|i{%-Zfr%H{Vckl(@K-LTBhmL#urd!0M(7*E|Yg|D~zDw8KYEPY;3fTXQ?Lc+g;NO-Oj0w_^lJsc&%5RW-&99{MF zEW52!CxN^m>9MZ!{!M@LZU03ytYS=Gl>(3Zl#UNlLWkcYO0?dY3S1J<&(X&5((ET)htybpwvurs0%<4n%ed2V9dRMUI#o`E4L^b+csYF`%u2u**h!9vZZ{&Bf$?Kp zFh0Vk(#>I3v3nQlEk}Sr>QG4Sr1iy$0Y+7wPM)S@jZ@S&X*o=JR}>W<_9Lw+7S*D^ z9a|M*BOJFu<9mW0GjcwuO!rx~cd1_$V4d&=1`^OEp$shxWiuL~RvCxv=e#uLk|qSbb7eJj)x&5snIeJ5 za77VYWP6AC6{~>JXtBb0hJ?OIdOXp;(N8&iaX8&dhhsm|FIWIB^9bMUOXfr#coLhj zw9jHpWinNSbiRPw^wOciG`Z`wLUpj0Bq*Cai`Ng`{4&;Wh+r&1DckE2e}1>vK+;kDMn5-)3jHAVI%EtaUWA>i$rpBMyE|vBtU# zk+hc%PMbWXxUlsT`~h*clxlU~XZ&9P2lVT~pe&1i1`XN>W^;Z8I!Got>WkX!*Sb?# zu+$@tI;T@+bh|{nH|00i2JWmb+k_B`(O-3>iH@6m*=PyhEkww}1B7iqdtM!#PTC~x zGoHK(RT-?LO5*6w$rbume#I)MBMTWNae!mC{FbqL;p0PTOq#%0Ts?eV{o-L$3~S-r zE{WRlHgP&?8Ei!@YsTejjVrb^2a!nJ3={yQoX87cNlP0*D8v~6Izip2Z6{PtjUZ(xtdq2Zk|#qN z6-DZ()_}Ma>$h_stGdJQeM@E&tMkL~xLGMr5YC;YD=Siz7=9I{Eg3I>hQ^Pt z4X@VK`V33K?`>55GG2#7VviR~x&W6cN&>J?PymaOV5bRqat6j_c-G&PbVjPqIEPD5 zn=$MEY{nJ^T*$LStHr}G6`_QeQ!9Fl$rLIjY_*BLC8L1IJA!%Sa586&uP<(0V)cy} zt&uc~0!^=nP`zh7AF734wea9<<3fI8BPcDlo&ayg*1(&wn&!{6IpeVa_}vEAZ{}Qi z0eJoV;aO%FGOq|dDY89K{&dbt-~tuV^5&^?egt>UyXLVG?b3x;K`tF}R**4anln}4 zR~tUuG+V~yx}!R0^o6rKje}op5ICH;zI9Fd(>TvT^sRRP^7>t5hx6VA+>U|^l*u=6 z<7~a+6Z+aD1Q;qScJq;cji9A%VAJ5_fi4~hNG@`HmRdlU&+J0wnI>!ga0@O_DK$C2 z)m0fH7@csfx``{b} z-Q7roG*W*19KGNBd9N>jd_VM>vzRq&dhJ*SJUTE zfK^=_j+K%DcxqTtK=&dx)vv+IgH>Z-MVhW1(YU4+!-Os>6=us{>Z$HN4F*4wHoO^I zBwj^S25}4S$U{qM@H>bOH5D~1FZ?$@)Yy&j1g)Ds}s8`N&eMWI^l;M(Pf zySnFGS3|hPuU2x?yWT4H5~^M(?wps~IUeOS8VDsE7=WeYFWMJpR|0(I!ngJ;gv~rD z_f~Efw+ncMf8R#EK9kz7_r3YmAaK3>YuaR<7C$uCRU)AA<&{_yZumoC!>>EheLeiW zyBz5jOy7(zZc#A;FTLG1lzZ~hq~vi5Jca|-y}vr$-RSr;wKVG)>R6g!(+lm!b>3&pFkzstFG{jvSv+Ljf?}AKF=f{9`ToVI*jsqrWdCm*A3C6iGwV?K~#qB%-t6<>|bI#_p7 zPkh##*xP5^C&}^7d@>PI{8E`lTrU&jwg1yzv#Fv`@Yhk+aKD8BodQAqOo?nN&J%2r zCAyN=i`Z;xbViK|=-!#eSbMc{x)MdDHN~z$Kir>66Q3dI<;s=`Vgf`$?k?i432EaM z`7Je1fpuElzWcaeV4*RVrDBz2aWHNT#<^?Hy0O$(bWVtC}9LXX9*5}pUyV`o(W2r2* zZC!UCUpeaZeQ5BXBFBB_89Z6Z5sn#d-7P@a_$KsRsI-A=uUY5KH*`tM4>AmEoP{Xx zyg6}`^zXx7^N4752W{Tv3`!-NZ&qlPTnB4wR1E1PqtP@+y|paa-uJ3+CN9JAYFN-& zCaFt)i8pvyi{Vu;1HLNe5%O>rW@tGUuzxwd@Gcx_x3;RV_^^VYu5PxKG`|6q+(pry zw4Ef$8s7MJ3#4Gg%p1s#DMNpj5$fWB{?%T!!N0l3?5W0#$LEvl^JJTd$Lh~NB(Ixm zQ(c#Dni)%*&hADU#qN?->OVg`$>~*TpN_1Z+DC(i34=MC^YlGEOo2>AcaX0*ItNTfS?1XA}CL9x; zUjJJF=6O!Y35;rA%@>zp;7Ppb5A39NCjynI$Dn3RlJ5>W`sHVnUB~AfnAH3 z{DDs~3pezTL$q&?)K8ZkTDVUe*B>R*Ta009vY~GFEHU*f`g1spw=lM}Po8K709AjM zgkW~)b&{Gg@K6aO;O|2vv^dPy#f9qAx9sY=4T8jdZ>M=I>KWW7AALs^-o(X;Eg-t! z^RIgDw478o@(v;ky4nYoJcsmiFyK&+@KIgMj`hqV1nT~p^OH-w-x)S`aDR_|frn6# zJ(L1@Pzi!t(P>HVt1{MQ{tOPEikbaVqoJenJk|$0J@ZHH1-W*Qb%I${er_*nmmc~$ z^zKaqc&t=sFU?t59DF~larnk4(GD>)|JE8>_$N|@mHdSz3x{gp$91}nb#uwuk`#Lm z3MtpU%1x{|L3;qE402(zvMn);>(Z8=_r1V~>7c@!)SVZv#c9D+KSn#bzU0ZSreb}} zYMh9%yH}__eEnmvV8>S(@5XS#fa**4a)NR~%i{dy3l@9>I&`0=FK(9->atYN2j6SF zVXMxqhf~P4Mw|6Yv9uPV8ZZO(oVs9U#}zz@Z|nqa;NTwL{D__GZr?QgMRU_p`z|B) z@g)tIb^kWgveEY*{NuGASER!AtAZ?&HL{V!Mm6uAkE-PCV6lAuiS3OQRPRiL*7L5@ zPva3pXqNX(vMs?3K@^O?(vDv(GL7WU^T_v72X8i{uTHPO!cS*PdjG8?b>pjF({@OQ zUE^&&GeY4@9-5_i9EV=f1>gy0PPnJS@Kx_iLM-cbR1BQ;cVHu3a>B5nD_`olx73(s zOW1Z3V&CBVsVV2F2lQZk-hMeS75&X;q}fciRfLBGBCmO+-Pt#e@Qj#z4_A5xf_j78 zy_aK6$OFUK3eR^*m{DOUE-Niol<7LrPj0r$=`CI=vs>rdoORhSkJR=Vi6`(mQm&PV z<-YVNe5n*EEp>kvZ)OAnLnLe_&yKwdttiU~l2V-LY6g5$ex}~U%6j+%-3D%=oihYcVm6Rq@a=$}8^$B^n}-XxBX~Z85N+Q52aaNgFbd*P$#Iv7CTYU5d!H6t9Tf5v`*aojK+OBi zZJfvH6+49A3!vq>!t46I8PM{4A$tAZ3P^CSuuo?4{5SxeyS3cG$8*)ia}fl-zT3EF z`Ta}FqQionaYlGhHRs~@nU!F~mNVD$G6~$>*_qtWe7rTZpX+&7=iZ#yEOM&y;2V7z z+;TCUh$@n*c+x5gQWti7CtqT>k`u6CLrIy=S=Y2;;O9vf%FsHZnoc~WXnsyM&sg}d zM47&ywL+1eXf6CAZrH}gHP)^K%y<68F0CY63M1R^EBXbsW%K<9oI!{8MSkR#Dzj|m z$ptkdVBTi7&!2N2vDszS8x5Z2^*CqJj};^L^0M2Mw)nwBrPyb_)XihVWPF*Ma1LNVtaU}zuREC!0IFW&SQBsh9`huRodKUj6WYf{SZ4d(B;Ig;y( zZvX1zdm78Vw>|y>{CKe1?$39-zI#57-crcY{&0D^s5*P)d3~~*{oC*KKDDzjyU5y! zyL7SQ`J_GfRPkbaDGDrRx#Ou|^=Ha+*15xtUpz|}73K+g`jr0dTQ4)427;sBxWG`Q z>x~tcNbdCaQ{%Jh)T=WaI%r2*x!Bu#x#S>D4Fnr;b79*@7Y?Xjx(O1X4!|*YQ{y+! z@ii3^a1Tru{i=M?F7N>O*7r%k;T+EQj$|0F+uhO2rTmZ0(|rr9EslqYE}64ejwJ05 zix(61+z7$v@5i!=Sr7{Fx#{BL2V{)QT(Jm0N{O49xnL16ExvrlyzVqvatl8{lZ5_>yNifO^7!Y~bK)PG2yJ z;QfYOe3wRNA>u_~7s5!;@TS`6Qos7s#fAk8JG=IiC_6lnyxUS3)@tpyJ~}gos7i|N zMC9pws7g=vIp3yg4F4=GALl`J5!9?i$OBWLimcM2Vn`;!L#aoFnV5&?at>1?bGl_x za;ymgqC^0qFiiL}J)*r<_HkB)CH#m3BMFj-8?W}^=Rp7eUK@9I%({MhHk1tP2njla4XTo!k19}3B69Lq%mGB7c z$jT@WoD1l<@o!IUUL~URzho()%jGbu(@{@6A<>@qd)t_DnTLH?I)Z4WRs>5@IfCT% z?qL6P+s2a1J3vRXxZ+wvT<6oVyusSHsaPe~=H}8U$-{9H-P_$oi!%h0wvh~8f)`hk z;>T~&3I|kE1P-PTK}leN^d42q;6hOikoQ|$X)?3AGDE(xFmi8<3iHcd52QQxfoIL^ z2b`>EwBBoQ8s1)Y2R5<{xEBYl(?Z@N*C1~rqc>+myZaT*7U7yoUxz&Ptkl5$%fv^M zrXs6c@{@UfPksySRq68{8Qg`!akadiCx4Yr_6<27p&Bqv`4~8iTu{l7?o#ae;rD!m z-N8bHh(H;1#1f(t8w8sKGP-H(oy!%QY_d12q--n(M&KDPjZ)n15bq52LrehL+g z@b^IppcNcE+q#xPuXVDYxh6I?muy@z?6Yd!cCXruWUqd`A3$Y&FsEV<7doWO-a8I2AZ8E^B4^igWl6@AP0a4%FHk zy4v1Ue1aLajnHoL59KqQ)g7$x(3sTw+}ysRd*o`~>jOUX4WgLW`#3(WKRwN(+576M zMUNtK=W-w6sdaYq560{h--R8>a;^nsWHGM6C%JI1k}i9{^p+{L)yrGf?=6A!=L+Q( zFM2_(b@C^6lgakY_43^Hd#(1(%iNdfnV}v&7Z%H)SO-g&`I{-mL!sCNhw$K<-EW{nnpob=&{6_c-_#U?Y^aq`vb zgcq<`C-2lJLDO+NR{bMoK0Hl4Mi%?*&C;r=@$sL(2aZ=ze&v6gV_>(Kek4%oDZeRb zP`4zw#NFA$>+#{2;(E-<^35xR=a7hz5d}t`Z(8{dZ ziohvbf*^2!a?`t&m<^REmKe6P5T*GA$h=TvGu;0vVo@#WoVJyUg~4b`(#MM-a07Vg z&tkrL56{N%JYF0#z$A0E|6-`orpU;T@_s^O=h4;f@MiL(Jzs-7e*NAAsI^Mo(SDMD z(ak))0+21-daS)6rlEds1myok9@x-3K!OTR@+U^x73{GX@@C35H9vcvQ+|Pg!_=B? znHxzfAO9dT+3Ckc(!3xKE{e?D+&b;^qj-&PO7a?bPoRUtzarHx&_j^+D zSm7_c!~Vj~i;PYlJQ;4tk~e|wb7avPuION7+9usDDM(X;grGBDEfm$5y@c3Z-8`H6 z(`D#Ta@Nj*`|Iw0&+&4=*M|$qR^q*yrfq1@b`oz{fh`44#9N=2?aQX0O=8wEppVTLr9mt!1fia!nZn?>c*MsZDf`P!h_S#q zboklIj4^VlL959}uSEy${NYduQba~`!nOL{g6~32zrGYddspCR(`wIei;Cw?{$>9p z^q$sZhKO6r6XoE(lLc1FFD<EDNrr|ellGa{O;n;>b6ze-&s?!^+%q$q?4zMh>!?lZ z4jSw~BOL|PcV#oa$0APFmqMkNS^OA!e^El6nQDCuhYEZ~NfDXLS6HV00w+SiBeR$v zP!jky;J?K1|DpQ-3;^`&{*(UnKMPIo{9z~H^IyLHPXPFTjpRfy8?JE@*`x*t4G|H$ zZp9Vhy8JBITyyLpO@ty zY#WP#1*?XU%!zSW_5rQhxr)uhuLDL;?FG>#*<&#O=U}LFIcGh?kBP4ki}ZqC4T8uG zmfo#R%vnebJo`K8)vd=nCuJz}ul|wZUjY0+5B=vzXjkKmPAkg~mA_`1{l`rIKY&nY zu0F6%$H`Ga#EBQHmCmqZ%ycdkng^g}D6|bg6Hw?BfcBx#gJX>PQzroe&giFUrpeDp z(Bb7x-~G@kfawbqoecZLtMT#MsnHlGvsH{byORK7?IT@pgRmF7X`->}As1+k3?;1} zej7hm!fGl|6pTIp>7K6=k?Cf>Xb-%s)|A6eoP>#Hh!P1w>Z9u^RtCtM1)fm_QP!?q zKNkKD25pB7+9^qfEi1*N4#rxCD?bmobiB>>Qpu&Q5hbL+;{t{iFT#M~JIC8q5zJhT zLoTbOKr^e~uW*q$KcWsI<`6IZ&U*V)-Xaiq;DC~L zuA(+lr%eN9YV0MH1PJ6ZHm|c=!bbbX72|GKyNEYU5JHGyvdBU7du9c(XyXbLRicwo zLf+yTbAp93_Waw@EaNF)sh}a1DF9K$8j5)J2XW*N;s+?=t4|O_FnL5FG4p%Lu||Y& zopG*L+(`$Ypt3O4!U9Aq>LIvmUox6@3n1v^vLA?t9T1tOfC&NJ0gvkS>^9qq>#0eXrYUhS3?&If#QBohe`n3uQIje z`Ha~a7+g)P3QPmfuW*6U^&P=phPZEkc#*{D=w1wWq8=Tw)ee(2k9=Abp9OzCZhKb- zx|?tAO_c)Q|EdK4zS`Rj%{#tcSTVTY94>V3CF64(a=6o*Jjz*&Zjv;0xE@nCZEh!- z#fz@PAsdu_)e>6qV*O{U!HXqv$QW$&+4CStK_IT<)pRNbLdNJr*{q1D>huy(bCe}b z#yBNynrMl|@<@6=Sw~H|$b*6;3ByGv2|jP9*&#-|5Cj&oseI>}#~?DNekwm@)}Ut` z{mB^;z0?q5yLX9X!5*;an|KC^AA;4uEikiY;#SHa46b>me<4jR$QXTuH4SQGClS=A zwB*JB-BfH?Sd&)+bGnKp=0yPN_uWu~K8y%Npkbvyw0B7q~ghHMAVpwJBuhU)(V*v@G@qJpsyMB0JRvw;t zV6J0IE-jd01K9?T%X#_jK@QYnkVz1(KG7;;1M6yX=M_Ul_2XXiv4Z#sgsndQf7lXU zhj{e6;!uZQ6r+&!UkifWzK?nX>l;SA7Iga_>jPnhd_M7Qv{E zWPmQ(h{Jq#Q%ch@Igdr>M5e_5$_0g%A-M%2VN>rP2?46@q=!G-UP8Tgl~Llz$bR)W zN0(W_Q5BL(z~Zy^`Cii}sk+SHXq(%dM`)Y7C=Ub19DXltTsR0@1;Q^M<))+UpX6ez z&zHNBT(Zqc?lh7J4K^_G+3p=H$Lt+zToZdwo*Um$ppEu8Jp0~nekSf+UOaSsG$4&Z zLPLwJU`D&+W`h``g8huHq(*lq%m#MEnW8~`%CcdE7d(wYQb0$$9wkNvCpzQiA)>UFjYn1mC!=3QuPC}>JQWXF;Xb6teU^a4-#%yUb;z0yfSZUc zhj_}5H)~+(WE?_&Ya6WFWI!DFoFk}s&Y|g%=)J36zdbJ3BGarL1OY=GfQ(F?E^tH4 z!M5YZuUume>e(7u#lr@VQVzaAARMN89A1OtaaE*L-^s<7?69*YoBhFrxw};b{d*@E zdS~)fbikk~bkM50p#RhbeMj#D#cNzo!1Y;OVxAi#D)%kBkaEN0TOcYAEW7A~04OYX zSmOuDtP7Nj=_RIF3-BL~?HFA6#GR0MN?mhvTeffQNSXj1q5&Q5SBo)jME5>`{ zpL4t(x0VC?(7c!Hkl9M`ns9fl^v^!mL*sajRkz&Qip)HSA)}^oef6@DUYuH4cX_dN zEf*y|LPtkBY{dW$-#kq1VgifjBgHL+nBkf z!E4j7ZuJ=gy(9{iae280b&IfousQpq3iYR&hdp-gfHIjDtZ7{IY*8IcH#@&sA7F%+ zmO~Y2X+&4i(7V=&Lh-T!TT>4zC)aFvc3^ae#4JTZar5!fv|V%?z?>(PxdSl3umOZ& zK>G^^-J@N-uFSW|4B`6+D+W;{sfIQ9B+B5-#z!Jaz-IueU$8X+%K}2TZ;ZmR;LYL6wMG*r;Gvu9(yKgXL}y_KJAEi*zIo4 z?*D>y-2XKi4E}dG`d={lUoaB@S4|Ollo_%bkBI?KCg6#uXw)DH+_a@Y$>_(>V~Xhr zCKQ{Bq^rR1gDSokTUhju^AjrS!9f0+Tl_6qinf9X`uF`_Y|VF2uak9RZ~=c^$_tfe z2A#Cgyuga0R_0$>jEvpW6BzjxzJJ;f32fAh)kWa{D@V-S)tEiscvi5oc`@gC-o{ zCuW2=)Qz3%mc~>5fTx1J|Ep2CR4Sa%wHvVSkg=2YRLb>L{>)RStmn^)s??Zu+;B-e zjn`@))S9fu)t#1t-%V=0#Aj+oj%i_aT8LR3QanDUpR~)r0^HiZ&;Ey{r>T>2NPlkq z*9J{T+awB?@rdV!%|5=kKrRAcxivuLu0WQ9u4A(WDBtFL4Hb@5ysI8qx;|pz>=3bs z0>~w9EJ+g?udX)i-Ju(bQ|&gZ3t+#x?RkhW_j34=K+^HK25R?;k}zkn}D#m0~HSiw4c^_TC;r8;F3f{>T7k#VGwVA42Kr^Y%oecslS; zeh9_?pq=jsEcLw9bwRTb5Etse`^_A}Es$WA-U6)a;kIlw!pn@3af7zL+YDhp%re08 zA3wb0=l|=6O{?>N{E(i{ep@#j@M@^{J!F#VbHf7L%<09+;qFU-0KkIRBZTZ<_wjhW z0AV`fix<2Xbo7Q)OaM+G@h8yo95oIZ@{fd{|4$46LGs@qNVp`%#e%?htyUXF0aC~# z)#`ds4?A4{9+^0~DDk`W!W@0oz;Oj z!VvI54Wi;r#-4BCrQ81n8a9*U@W28I6UdSUB=)?2z`x{fd{Lg!RRr@axIn@>w_bo> z%o!qHJmCINzxdZf{%4338ma#qMBYU9_(-sqg_lR|HdNOiPy zg;|FD+3y+EfVF&~k%G7JasAKLKzi_muu#C`0@E0?LS)EMyZqzL-o;M)XjWT*&+QTn z?_(9e=uuCRrJ(_ty@sp06T7&;@7sgP$%dNPRiU<9@ROSOgyyHnAATB6CIbgh=g=Uh zOA{TF5y1cbxcgJ<_lTuHqvXZOk_BiT&H|5uea&0oXlWlU%u8xytu>^Wopi!cM+0ywxJrwO^>D$0)v zjjgnXX}I3)dp&o2SwI7>`>9$fHfgOO_oq`bC(tR`OYy_LEkQ{M?51KwIgR5H8KhJ4 zmZQx$q*F2%&?$Mb8R(SEFTyB6bvPo~rs5Ko{{OQt6#b!(fU{rE|}9BCppy*9G9$v^b}E8Z4C z&k>lEGV3Y60dU@(>GOKrgQD^R5#+pkf~MQ@+@=Yhh{VG_cipefo|2G##4;au`R~iv z+$dYevN8Hjg+$V%kgBfwPa4ga9yRD&AMNac^X|JVjwdk7mt;o1=m~Jtq*B25ol=+P zf}MDc++d#SUjpS`)acdJF<36o%$HQZfzgttGW(NdzA0qG&ViSrmz#Wjo8H%Y!t?Ve zItYa*3c}iQ}%lB<1TXseK+f|(N;mDa7b|&@p#=B4o_NB7lT;vx-_rRxA z{x%y=O44@-WW@-oeDC+xh?rOmR@(li9WGa6B9vDB&E(aUz8dnSPeF;J)eTr+B~!ou zaQ?$*lER#RhuQ136poIkcYJz`0;I5(9o~c5BvnR!HItVGT%$$WF#F=g#sUKVDZMd2 zo)WFfXqauT~?PUAY1l^)|ITl})*F7WcL( zeig)lvQueFvX964kB(wB$|ICuX)n~UJU2vYk9ewg#s2$ZG;jr-!6k6-M`nH0Ug{Uq zW?Zb86HOqZwiW1zA9Dpudt{OO}_<%j+IZT7)70W;`J647$ zZM~(275Aff&n7saEiH|QcASVasZKChnvb_((0i4bP^Q5Nx1Km?( zVAE9203tKwPh_H}Mo3<)CPgoxb?86rV8(DXJgVP0StV z`lCKAP1CrBCi7EvUf(trVLD#pd$Hz9Fh+<%81O9`$2HvKucKI*23iBSpa4kW$-T?R zd9XnW+#|8)EF$HlxIjev&H9hqQ2g^TIu;8yPrC>8*#&ZhOgLS(p8kPeT%MRhUcF65 z#YBO;Q|fe+>JN#L)k$O20mgBd>hFXn=U<+3bOsr!kQ@#>Zt?q+UycZCy_=j%$EaIt zYlwT8lr=b04h&%jto(BI9`2wa0F{NGi9*w7!(xGwRy~@YbQk~dcDD>FY~?8 zf6<22G%p4ezlG4ICl^^7^SZTG3QTplqvC!GOS&k+PfH;c7sxo@#+0XX-XHLD%+zQ_ zH|&r=&?R-l;3sXxtO$0O+shOP`UW(A>qbi$+jU-%p?fzcR~U%$47Bxrj#z<>$O?>O z0ngU0AW+E7|I;W_$XzxpwN|tJ*<{xpXMX4n{Fdm|S8TDv;DN>GZ^R7$qb$xZK^G0E zJdtRaaDz!XQ+Y$7JZMXp584PdqR%~E!9vsuxtYz#S{hnHQB6)FWocnIu|F5H4`Yzr zSDuk=kAaa?$2VE+kQU%ppIvhGZb5r3=eVD;;q}Yub5I#qjRz>^0|C2&cv$@|8P!7` z=LyyR92u2=ci4y8^W1o(9t`Ki(##iZsH>bNR%7ajp%J#}3`lBU13%{z%No6$@2xG> zK0^&oW9TX7nNeh_s6!E`mrtR(f0`JdfL(*06$}*fC$tx00jJ$RV?y?*)VG<>;J_KG ztBybg1mt8N%qiL8T#T)hbIE7*+BSF920`p7QyfzPa(SRy^bW00n9{tYj53t!+x4=) zXW#83qwU3D9cIY@+v(FNuP!x;H2)azS37(L;9y_jr#c(2nAOIP>-5p=8M*@W!i^f5-h%Mw)O(Uicsy?Ou=5%d2Z3@Ljd4l>xkBn3@NN%N8_^0Y z71*XeZnBtNGP!X#KNp4*{#eT8LfWdjzlN4YKJg8%!*)c^k>cEUZ7yK|9NEI}^_6zX z!~S>KcnlHR_;0M>@-_dC^Os&Sv2~dsRhH;Za!Lxs1N8RNNloS}+%W1di(K<1UcOr) zqO<(lnP`PJN>6|u{;dX9IzGpTdmAk0(pU)LrWR7B$s`+2$dV*U&0X(~oVSi&76KK= zvuH>jBE9Ev&atqIRC!h!;4hwn7>8?Ew@>m&xjkO#b*@ay_ELA4kdr6wG;t2Z*=oI+ z*fC2-L0&S6SZk*_YeD{x>UO`RBZv2_I3bR~7f&^i-xM-XtE%14$dT*k-LdI2x-KqP zMoW4KZ3v(J+!Ay$i10wLT`aLqSIJgf9dE*reSKWR%l8z_m57nY1m+((m-{@CU$k8? zHL+A{Tr@yTq^zdQS!g9To|K!GODN$QfrrDyprc${XeB zRFF|hGATW~3&3xYCQ=|jB z&0X9lPkyCB%ZL7c3 z@G7oDaKYZH_6yH7QJAwFyd_LbE*xTk4X(9%r~=7s;?k zaA`6LV)R}Sg=jM-#i2{u)!IG4n3#77cAse296gnfv~@~bOda+ik1}{>QbDwRO`3$o z)EoPKMoY+%{Dky-6FL9$Y@9Z2oJsBlrZ9QjwK@UizI5)v>10$lRXV5-}yu&S*2p ztJ-WNGsrHWWTEoY>ZfI!rnU6mY`nah?2Ru9vopGPWV~`Gc;eX38s#W;^fj}67NK#jbB6sawC2^hhOxqp#+=c z2@o0^X^O3F@FUJWG3M@$yFNAw^!0E>@dPgH-oACIP=I-S(t`6XOQo?6%^V%ZS9a@` zK#4B2G)U$N%Bb5}uV8f^iqd53@$r`@j=aISRliF-Y!?`D(CHrLwPP&#+xvukb>A~4 zq0*h;ix8EBCK8(wcs^X9|G5%Or2SkC=4LUx|FypziEd~uOuGV9Z##v%96@oBn^qsQQ-U7a7&`5Zn3+F z&#Mc*d!(arJFh4+3q9b@s_8UFtj2;9YlxmYO<9^VkD((<0~`49!Fl721+0p-<#-fd z{ZG11oj)60PsMMq7fD9xG0(BY+l4g4T*+<4RbOvPHl_~>?~*Ml?~;fP3@ zgCg&A=HLr~x96?P^HwxzQ^x{_&NJ&+i!M{@nib>nU!1SHm91uCB;S(;zvf2TUky!r!4&?4>?$S-QWPNwB3f%pW{lGoSz)Rp(MY<#^mT`+@gnamkH~m(<(>B-+S0@$~4N8Y^FF>CT zyhs`^gu}#IX=rRx~6XB3|mS;lnbl#R!8u^F^+l+1fpgOCo(;~h3*j+m?3+_kW6ur4s1^_jZb zz~A{XI+s>dYN@7thn;)Px+nr&Vq;pi6*tCN7LQ%YxbOsDGM*NH>CP*Zh}F@*DE_iL z9-btCTuhW$+qjz}6--SQ?2|dwK0QWlb+LPS#x8U;gsBtZ5#&QWcSJeF;tL{Sr@!89 zG<~EdtGkC`81B>pXl!Xz8cX`2G?2}LFNzE4*h<)#d~iN@``cU(vnK~&a679`Xr-4n z^1l9+rj+=}ly+E!xVf>wN~(A^&C$fID?}WAo0imbB2Q*C0t+AS%~(Niu3Rt;Gm{K& zy+&%InkjChnwA^GM#P<(xXWh`#MFI^b(IUPnm$_5K8NeXAux zB5Dk>&zLQwfyZScnvyo&Xt@S2bR|k8YYk+Fsd$)82c^N1dY5Dmyr-YX-1pb}AodZ# zT&GFAZ}}IUbMZEXTXEH{lJNkJ4pxO--!<1}Uii{ZIkQ4eXRdhs+od9+34ep{oxO>Y z%#EXYeQAOqBtDaI8Hq}$`&>CYHlB7T(N7LC@g2`gMOL82h8G#mg6pJ%0yyy==owG* ze!Tj?CLgINrGXFpyv3yGe|V~t{7I_v{&Y_|l)#WY7wV9`$we#;IDkWfN`~EwJx3wN za3JA6e9>}xuytmResOsMzP}Cd>$(4){-d;qmnBU%Kx~I7as)SpN3-h#>#!YuVNXx- zw8Rc_GXb@>wpJ7HXelK3j%+syq6ecGT>UC<2XN7gp@5+jplWlO`liH1#qmn(LtjkKO|P%TM9 z%Bm1+bsogz{93s%*L@rl?xU=^%0YT##l(i`r&;P0aODS!itB~%d38$12$9Sq3(mTD z=JS*=XM*Dw zYn>%FoH2n!PpFPlmB0?ozPYkX4kMphV&sP>=_x!@wO>H9&AUqD8xN5K5-QnQxUJ$m zQ=K2dUgyioZM0L={iJEzc+PcGDqpCk?liGB4IzQ!SzL%`$y-Zbr-fI5*K6`<%jjH8 zL+)m!Y-21qk@JR0rDba@cd9d#;8D#J%8yH^#YZ^O!S46|7Y2@gKG1LuwJ~w_DiLZ* zWg}Zl2Nx-6XRvT(ee<(Eg+19N0xNcNclE)pfvLq^!n>m z51Fl){QHsCHkLcoxxZ1OTCk?XM203YcM6*R zIb8dPr95%)HhBk04kWcSpj%@rx*g3s^?zC_U~3=%pIZbNR?$al;hAIhVoB-XiAvev zy-T)K#xr&wk55$7@qSw37PjPHOX0GO^owsmk)@M%w||i1Imk(}uD}c+=sYlpjf?(K z<40dInIrEePe{H} z3{C7=f24cZCafe@tXQiBs{DJ&*g@y_ykc_WF-j*~efW)Y5CQX2h%;RoZT<4Vg=8}OiIm>MZM+b+lJYs{|6iB`a{dVe+*WRUogN7%ngj#b&JR?g^#WnQhn1Lr& zJgfqOc{fbLQsJvoHPw`D50An(h}H1wM69oPI!fpTRPeH67=L!eYJ5l;`T!;(TeoyB z_qna27LYZk5vKJ1d=a?TTtoe0u?nJc@@Q^FLkEUA%>Bz(^WCZYQ0qmr3HY3C!j|SL z$!NP(z=^t5{9rd`U(kuQWtNN-qnX?=sijwAXJC{}?>>Xuno8C`ZjG(w93sUEOfT}3 zR_?EPiR>LkbFG8wy#~fW^)@*yc6WBbX5xE&o=d>56FOIKgLN?H>Xb6{lecj;0Azjh zQEq0{b=M4Z<*Stbd-y2#O;7DEqN%-!OT9YNHSKW5)iTE4#eP%MC12+V{qYaR@e?v)lzyeZ|<1 zt;H&ge{dGq3iteX{#x}Qn%@?3?IXl*E$!SWljV2huAd}LAL)R@CzCYAT5(Jk; zRwI~(zmSl-r)R9luVcPduI1skiNc(fnW2cN#IjugQPonZLFo*`iTO>x&4qXwUiLF+ zqKHos9OAF0x6;CgLj{sVL<)~e?C0*}mKh1D6j)T+V1GTTo{P`2`CC#Mc=Pe<5Hdrt z^K7^So%BFR+Z#22PqQiiq^}oDHjP3_zPB;@Nw3NxUEuyOrIqx`O8>%CreaOy1BF~f zWrBtabs$_d#OY(cinB^tK~jVLeM748(>Z7sq~g-~pf8TMjd+kt(xJ5>J&q-XM=Ceo zyxX5Z(vi<2t^@x*|CJ1lIAy{dgdZ@Ln_a|^3v4>&xO-oK&+p^TSm5K#kQ5PzM?K_N zjsu6ZDU8hXqLoMvg+a$e8WqdwJ2Ns?88b5_lYLnGmWAy1n@U(}l`|^Ja8hkZn(w>k zVF1$@A%$1)UrjE4bHKmBANj;(rqlGoG>NrsT^RhGIRZga7yo7)^w_iwrUEWJBv8W; zYMB+{awUX`kOFEkUEXJC4aB|m_WlB*atlF=bvJ-L3^mY?GRxSDS_L|M3UAhzuFf zpG(yFBe1zZ03`32$9%08r>jxj5-v#J* zLwD&-ZJA+pWtBX}+i{>7a1NA;tW7QRNF0q!v|NurxIcHJv|Bc&J3j7@`O-|Y+m@gg zA;lX9!_XU!-Wrv((%d9TZMQtqi%-N{1xPK=br0el)vfg1Ol4#f^CupN=4H3ddpsSY z+0WB=3*pt)-}jHxK&O%?HO)K7SmRJbWXScu1C!@6)n+`5^)FZjtG50P=3JQHxu4(j3+O#U|t{ ztWGpPY4nMN0}`RN*sqA6@Cx|0F|{K`##KMxtAA`^bq2n|%D4n?pgeHL2<~}!{;H|7 zpWk>M?njCo`gQKh(--Uv{dNWyzJYx(dj)%DGrrW+#|4w`w|?ad%UkX}CyVvV7T7!O zpV(HL2HrISFF3~g`XhQ%c#v=5{G<)cWa9gj)2^L)$b#|BX+Fs;0j1fRG+EtU5*tM~ zgg|et51`lnIu`}+;g7Z=W&!TuKTfA3 z(ii7_GTn|xfqM-(8=j;aRW*-ip%^1ZJ(_NYiw8zzTh!swD32|vhEwa<_y?$EuTk>a zutTSG)5$v%|i$lge(G*Y2u%EtV?>ihqWV`0eraiei`Xq;ZKY(QtAgs#KXi;kwbFo#?@y-7cODt0s|TMFX}AIVNK`= zzfus^Vuh6lZ8=J>InELXdR12CCW{^9;_c4z#JonHN2wN`ZT@l&MZ=6(8$ zPT7*y6141;(vrF;J#|uoR~qH}R4+BBrQFJ7WAlzpl$Udiz1rpUnQt*Xk8%8^zx&OF z=2$hOcgl*r*eYp8S5enIiN>APQD1gB!!7l{G6hfPpj&nQ1TA7*Z{gTO@IwH6)K1wd z)M-_X@9NX*oGR)KO55j?5w`0dag|!-+kG#aP`eiG#P3yvC5R{3LqS^zC#3nIR$=e7 z!UDad34**eiw4qD7|z9f!a@kbf_cJ1gG4`YD+IWMM@>(6Xus7;f5e**=j;|?>=p$J zP@{C#zEn^t;u#5bAMDQ0%9jZ-lZn}q0Zzi`5nQ*k8x%Jn@r~ebX1>{%Ni&m9*^~0l-`hfHmM5notxx}PgMRAn(%#NJug$S@GW7pO z|EtYXT1;Qg%LjPX0PJgOd3I_!7ivZ1k3nA3Zd|0X97!7(5);&aY#JvMrirRLdCJ4d zpdkM*DnVs=NYP$)zlt-Mmx5HtP)YGWC&)_!6X5>`S7#X&N3gDI+}+&??(Xgcg1eJI zaCaEo-Q6V+++BjZ48h&q1Htbk+2`!D?hn@VG~G4bGu2h~+4DB#|DUe{?NUv|!D-Tox+35UKS^0?sv4r)|J>yV@(qj9R8UpZ z)9jD(5RLymn0OF2tLJ@nUj(e7;zut80+H#kO$8{fr-t=6_at@@=KqJlip!!E1hO|; zvHWa|v)IL}B^aLI4zXGRY&OZsQWw)RA+*KrI$yMP4`;0Be2&R&;}+-o2U|?9kZfSM zo+dq2iA|_$EVry8FxSResqpDg7nSV6dMA$KkV=$Xnx zWV#S1#Xxcm@s<6&k@cTcXSWdh)j_5AFZq7Of$TQCKqV$60<*6rYW`=)IE> zB!*^+ATIXi0_fk;so1-n28DEP#OlxF51JK}<3Mx7<{-sb>bNPJuJVm}a-s{DuJrgX zOL0x3)Q4r?1gdKh!934A!IQ^{xyh~y5NkLax(d(CT*?f@8s3HQlQT4TOh}@g9OliQ z{=ra>VT{qjCVOiefouLWS#yO5LJhOq67Wb*fxxhU+_ip4+L&xO5Z|g3M23wu`}o9Y zXPb7-wY{?Xrc#8=MKu48ld|6b7`Ur(%_OwYoHr397*P~F@Jajmri0&i-?Sx+0)E0P z>Erh_Y#t>2OZq>sVXJRo7a$CyS6}1Z*>3qbE?72kj7ELZ3QT?CcUQV>0b1XZP z2jD-Wf*QO89x>juJyab6eElG3yNxE`v35u-3vt{D6V4>3Xn4Lanp*ie3r3FfufcJ)7lGm*xtf@+GMD9wZ)cn(U&;n5Lo8A zvGk+4{o!e;52)Ka-W^t!qAk1GoEcXwLVR<7{;OhTA?@nq%j*qsivf@%zy)_M_J=gC z*FuVMRbn%Ak4wH0g$JVeAx4N2hw&<5sf|Uvn|fq<@+Z0yRq2v!c@W)Bo?at#&)=lT z+CgR~v-`I}&|P6n)mnxKGrNVT@$T%8l8Cc(dWe(=d}$NfZ3H>e6nRhi^sq4x`AqdG zwXtG^+#AIT^YUJv^2h=~cmC9ba`B9l%1%AZ;#;6lI8JJoanLD>B|A?_=(#%yb}Dz@H^`$Gf}-i_a}&`YlVo4b3fs-#vc~l?aJhv z`x~!KmM)wTwxP7R`Dm?qC+(Eg+!#-5lM!6-dR} z_B5Qm7(zDCX2LlD&Yt*zoE;7M8lBc;iV6$fG5=Gz<(v6gD6b@-I@#%(matr}C{42b zV9efl>W<|V@_&gT}(Mneb{AS$bvj6 zRL?z^B87cmJ^Z~>vg2M`BHm3`)zrc-n?1lZbYyui{1)1f|&XM#igt|S&41qH>R zf%3N8@~+9@oROxNiU3MXwgCJO;L?Ljm-aqV98dE{PaK4YY5{16}P-Um5wOg?CeeY%6_eeGoTSoPIP#pV$6J(jBT zdNNjEi4BAE%7R)|bml6s+zOH_Z&3|DU8#e9LREg18yumZQ#Po%LTgIaUCymjd5^7y z65yd|)s{0ROzq28VA10`wNc8w@K8~zlGRzR+0wNgcR%=9Yz`vDpFKA)5DjGxj=cpd z86zMvaJBjGMBb^lFdjm2R~w6y1}YNwTMhv0 zFc0x*ttglKb%;B?P^oq_F-EGigfGYYJF33#4)v}9uBLln2{2}G}si4JQ3{R z1x5*Of_#`da~p*3P#XokWti6m`nM&8-sd753LEE%MrgGa%x150P7b^FHY73uKbx2P_1U z69`jW&^#uJ@i)Z&A8N2d9Ed#Sf0^<`%D5Sk1ooF2+|ua%t+C>XS0Gk`afi2Q5~AX1 z)7?f^bSJSInxxjE+tcfpLo$=s_6pojY+eNMXpdoa>UP@zz}wPxqxg3P6~H>Sx~Dcl4(Z62!P5J0>(FRx&=U9*7!v{quUr_#d+GZCl4 zCKkqY5(+6e(Pe%6wq$rSl}n!4GB5s8ir$59nfMWeWORS_8%jO{SBcbIO8SFjd}{>Z z@joMak`_V#WtsQ83%6b$y8lZ~Sp^%}Bf9l{!XJhEOnEH)E|+d8#tA^L4$uOqzcj}e z?vF&))IJiLjKVqZ&pjHdgA%t47m&>NnjLWb+*T)_!WJ1sXr{fo>Kk8*bxRULMguje z@N{OEA;S9DgSeC%sHWy<^@|l07Z})eH6cO=uwlL$;{G;E2FPWHYW)TQr$9hPyFvvJ z%6tc&0@(nqbAMtIhaCVj)B*t2&mW_Z*ar}b+)opv%sYg?wS2RIyhO~^8nkY=KmWyw zJm*O?Rph~E=%*D{qi;hf%O0pEV(#hcwHMkq-!Wl^3#rCr4knNYVaU>`I9HSw7S+QT zo+y>h>oOX%4kt4ZejcOY1a}h1FOjc70^#I8@Q$pbPeukSOQ0AB&I#~EB7?o%E0x9M z2;jTMiih0q-(&YL<$>WN=s>z)knzDa1pnU=t@7VoByALO1_}0DlnVAEy_KW0P#V3<4@6RS3-60`%J>-~@O?`TPFJSR5Oq{;8DiPO!UZa^ zB_ctGchjkRGUubZRlWgV=s-zWIby1h@r~nq&A6j4v(MlSrPDDG2(B032B;9gz_w{X z4=xB9_m8cst_Nc9V*O*r3HgsA7sgxZYBaH^H7Put;n8SAXD=%y*?`udb$w`bm=Tc} zv21VM&d(_09cCJZJk^cyuAzVOpRGSQtJrhA>^}F?_Q?|J9yTU(O&BmG z;ARs-AvH}om`vEAhh}1T7V-n)1q}PMV$`v@uD&%FY|tq=!&Z#3#un;mtElXTniSY= z$7jVDzZlm04q5}_X$@5&uTRC#8ZEvrF}YxC)I6_;k6OWES*sv8I~C(;*jzVOl@y+0 z+z2PagC5^4+dh08qa*DCMRT~>PYuLw$wBs@p0@VdJg9892at0tcvIl;(H<#Ye zNY;GCaZqUacaC{O>_n;p(>=xXRo=HQP!4pLRMAo2##D8WN0SS`r{?#Pg45~xWCZ+A zIE^6YH+s{k1D2v%>yR9O6fjsa$vm?EC;M4^8(6~953)fX{5MG)mI$G3lukIm84K%T zL{AT}whILWrw@3qsr7)Tp>MVTueaZWR_zm4KCubJK~2dusps%>Q8s&>dlLv4$3`31 zl*bYc7QX3+D%ywhf((tNnG$0nQg#U8P+!;&3ENpd_JD}1ys<-6xo#{yWBru4s}S@O z#*1{$33(T7Us&mz_3L5+Mlt3>1uBAxJwNda@q1goe1s5f=;8*{-=H_P!hnxCz|}ID zx*AEHiFsU}K^E(xlC6pO{`tC)tc!li z!e=B$3-)*)JcS_Bm?gFqcbIE-$dK4=8=9;8YxM3#)a-chKu{CXy4DHlf7iXq+RIKW zqG&JJ@}y|mRiY!%>VpR`#6&weX!KJ-=gE$M?7ho|`r@YMvhn0i{i<9u3$HJ@sLT(C zx8uKmI}su0=DjuMhUMPqrWp+nM?IbnJ#;O+j?dioU!+wp^1pU>3JOh3ivY0l$=@{k zu3c_lH-G!^<&YvTJnncG^_5@UHaVDU^Iz#6j1O+rP-6dH7khT)w9KPlvHf`Jb&k*u zNSe_W$Ate#&6zaQ8S2HoQyA!TzPA#wrk}>eRGZ2GUqy|jK%4N1zCcl&5Z;!$F=@t7 zye$}o>uw>g89hWJ6g{X23Ao;iRjEFBcl@}mT~UZ8v-sX=jPNd@>`owbBFd~Juk4E4wuo+sKjn#!1d`Ju~H>h78O z>qohGw+UH-AJoZEA&T&F$0T>$lx0z5YoU&0E6sb~O6MR*<=f0+AzI|U7kIQC_yjU* z@{?f~)~BAAv&A?iXf$1Bdg@~lDLD+fhK?+u58FOd5&sBASHQ#c}9sYTEu?0w|7ULn9i1r!W!`tlMM(o9#6yyjY+1kIU4h#zYxl1ey;1jH4UJG zkb_RF;|Qqdt~4;P9Mo*xfH!A}*Cz}6uw%K<2|+aJ_uGYbL}HqDrI{#1mwn=SK$yTP zivW+3Rm_+^dm^4)#yFt29%@4WCm=veR)-ReGM+4+BA&b!-LVB?xnPzgfG9u$7y%UJ z@HaiC{k*Ucmcv*XxhPtc@*9i_i^&b;Hb@|h55dIqBb=P8v4$c;B69oaS{^dc}(6RNr_<*ExuR#6p-CxTU8C&Wkp3g1Mk)pNQhKWA-c0e@WdE9$DbUxoRl`12d9Ry4l8+0Va&H7qSfKq8o^aZam( zG%fOR{!M6X{~)OUS6PP_CH@0?L8hk0X@9BJ%5Z}tktzEBdR6-T2L?VB4Jq;5+Ii?5TO@xi7GaMTF%L|Rm4;yE5db20Xwn=AM2`d#We9m(gxrC_=!UHidbUAdlfGQ!lU*E@7vWBfC#8-CVP8Z zR@onb7}bs{2Rb@4E~<)b8Pg-^%d%(@EJ*ByRoAe(z9<4eLP=F^&ii8WC~J;F78u@d zpb|=j;bsvpngAhZH6zy{xt+he{z&VX#lJR)A%20Dd{^VH4!VUN{*KPHdUw&NO*P1? zFwB`nBI5URRau-_KsND*6`Ib^PGPulv0uWs6T`i(sQCZt2qeed`s^Ow#)1!$I3Ff_ z%yKl@Vj;caf;3@?mLOwsMqS}JIYmE!WS2g6gOWVJ`lO9!hQ4p_!@@1WW#p!u$(!aU zZz0)8etCC<>FEHYo5t)Q$+JJ{zF>{;v-=JcQ}U3cXRT~@{Yn-1;e9F!D&hq?DPx13 zCQ$J8mzS@XOhiXovk=X%HpAhv-4f*h ziFVH08p>6SPo$uh7(=1sQ@xj^i&v#65g#+D&<1FZz1OS4>eh)87tzsu`a}qU z?gPFO8%QzJ6%laft`;~uPp}V;H}y?X?Dp~-;{m!Q7sL)pcq3{4ahNa`7`+#*D(dGA zGXUXIR0<6K_v%6?Bx61FaRooufeL8XsDkF3B7qfo*me~}C<-5KL@cPD$cO-GGu0w} zI}MjNbvL@Jm-3WDvaZfBieIf8+ea^9vOm_gpygX7<+*}UCM)}skCi98-tu3-8Wnr}_-4;Uc^Q0Pe0q|&ybeGHWOBMBymY5Y1;%9Iz-G6S_aAU^X(6b-A>v_e>v?pQ zXSZsOp<(ZzBQ$NHI*OOuW|W#MLH8C$^WcvGS!Ou!rHZdgP~?JFIkQXmBqti-xt>os zMQ8V0$XBg(%Y4e^Rp~sK@I=nY3%I4^%RRY=fd-Vlr~#03IWtxI$+Jic>lIq<9oFfE z%d%ETXc}lw%jEKk`|Yk9R{XY1>w=4c;L{JOpnLr*_EDZtsF;Y_kG9buUzjP1#MqrwS-`~VVa1Vp z=K(q1;1J(QAg;mWl9Jl-I^1pBE8ShT{PALm*W#IfPbm0%sIQlJf1cdB1SW}s3c(_c zMu@Tx(We4zlP(Our8p;qwTi{B^pLATxZ1!Qqru&L*Hs8CTgwM}b6$l=%3UQ9>gy0; zRPMpFWW+-$w2Aqn7}48aq4BZJ9z%B}8v$6+9*4!=fBBx-pBVjjQCXROX$O*R8#IF6 z2bazc#-NYnlqDm7Ck0n&ypR}I*KX;0J^SEz=3O05e~tX=#oK)?)aIsRXsA?X?b1r3 zIsR~)H~O4JnLWC{xP49`A{5!i;n_B(d=bRK_tvdHT{C)o7^l3a_!bG+a`5qa!_8qH z24*FAdP*_K;=$=PXiTx(3PEmpOGn@eN_}(H+uLXlD1+%M)Y1^stul;EIT?I!SDi~dWx~SC`8HhB+>QGF4;JkdSkL^V~(f&PY^PJ3c2mAikBd|D!o#CUHEJY()f{O}>4!tcSUSd1bhb2MRQns5}{VJOOtV zTf|QuKAFoIo_*7YDoW{1QB3d%0nv7V4HAp=r4xbj(uw`QMV;_su0{d3 zL+e&8Nkus>PX1JDRwN%$D1YqLx+Zm)3^B_n<9)0D_uI5nd-bLdL`FP$ZlTCblugQh z;-8dN<)z{M%$smEYRhJ9!DS>) z+9?s)T3JxOuTCNn@oEgZ`;BPW3NsAfXMf$ib_|M*9D0qXJNXw>U^Z%4@wl(^uhs(+ z7u4#^usd}SbyT5^_J^w66K6ZYQ$iF3SzHvx80Oh0N|3{}YdnWk6V4Sh%Tp!m1L?zi zHf{`TmtxznjhK(Yow%-%#1&V0h)GeVb{ITANHHx~Wk$@|N(fA|yY2SeFmhx`D$wUW zbikuslC@#8w0hajNhxJal5(fSyJ!GJWny{rGn|vJ$gfUOAxaN(&m>B9hFuKh7zl`3 z6T2Lks&XSct0FxX920UU0F*jQ3CB*OkGY5NPboXk4sL)$Wm$r!q*YE?n(K1|et5e; z-WbZjYuh_QCfu07ygjFaqmv-oU>7V)5?yffNG*D?4HumLIMPA#2+A|)StLN)c*rWb zGs?}+5JxIKnj@HL`?*g>U+sK$&px5r9G0Q&A4cPxsl=%zxU5* z7j54h&krP_I?&JxJ+fq15e>Xrq-)y{AhYtanUXl=<2L`0 zh*{BvieY)t@7W$#m4iL}hL55O-?4yj|f(ihNegTfqS$9Pu7k7kdpZ^mIUyiadfaMW0_G$j)^G(V&H47b z+aU`;3Ha}$RGF@45AuVAyd&J8(rzJcg_AL*KQpbd*e4g3qRLf>0`E87W6nc_EU3cg zTaIo`+yn(0EOJh+A02q5I)K%hzJTW(Z-7gr(gonR^MltsK*$4{=D}wU@EDM^`p%!b zVaOjwx;Z^E`bziI@!H?gGrQd?(rKl$9d$Zi@yr_;*?&aZo|^?HzQM^Cwxf2N#IUENni#f zkR%8vfG3bApeL{;&`@Afs8MiGI8z`}C{Qp^SW^&E=uybC?HFh*H|JKdwfTR39?@8_6Zj{4W=$wn{cyQn7)EMzOHJt{-|@-_n{XR7)$YuMnJ`=xd0o;M z!=H4mW1-(|x`ouaN(0e8g?>vEJH5F{)HGS^jv*2xxHOtVE7a%aK;yt4L_Tj0cs#m2lZ>}(Jx&1I;Dr& z=pf2sjR1Ikl_L=2Fu_*-?tC&`;RuNQi5?Ld1zHOkQ|Rvue1)8^q7g5$y#@CaU#{8JmjaSP!qJs; z$UBl7Cn|KvQnHXOa&(JTk9-ENDvWdDho3qGr?ex`p}RzJ7OzTwYhDMaWOJe8o)t-t zYo?}3&w0|AZB=|^%1KWc`(0()=uPA4KNW-^phRP;t^F!D+Hg;U(QO_iLYb&8U=8H- z@Fo0fFuj2cCP23Os@*CXUUy!jyXe|5ckC$nc|tuQb~bAmZ=;NlIMk+Deau;9bfr_H*)Tis>&`$ zzv||Xf=KZ{wv*V+N-juC_!~$O4J+mtWIKg`Y$p*;%u;hmEIk$Y=MyQ4zErM02Q4yef^4U*dY5ONKcX)=&?R6N zn)BTKNwncfgQnb+7a5bdYDCpqCa4q8cj4oRbDbksH1#j3?U--9sC{u?IAy8}TIA2y zhbZx4vSAG!4|G9_XhN{~>TAmYB}c{9YlHXV*;E3Q13=_jszcY7+kR($*ceLGt+8-S z5naS3DEs8(cSw{0JR64gFQMiMBhprrnLA^q@Enl1OE}nuEJAB%Jg%IwpJ20>BiI!a zj~gWsuJj)T&zzjpJ)|%KPu^%IAM|+62vv(S>Dc0Z|GI|w*dHB*Cw$-M}}S< z#NfIlD&`XgwBHK1x~$!D^Vs3vvxi$p33CWJB*-2uAkrJ5nClifI|4D%T{1^$b6Vux zHOM7&zP!t!2k>W~qd-R-N{Hw;tZM{E%d@|>7#`{UX8AvJN!qCsD9jsTG`I^3HG{?xQhtj-lEA5mU}9aqbdFRe4k=QSt%s&HT_uRVAnzOraD&flSq!z;gy5%M9^ZI z(bVY#cD33&ui)Ynuq(ZN3aA6P=@i&>jTJe)9e?>`qgquYG*+4P0V#yR^ zX#3&Z;Ruq{g-nISg+hg6;*jeyK*hMPrHL(W^^UVS^ZmvId{hSJRFr!4Hq?~X1j$wK ze1vg$Qqdz1BY~QgvP=7>(p1IvQ45vfm2@VOYV~c&tJy@WKiQiJ(Dy4XO$BVVXXkOS zvt*qS?%LYFqi%EPrlB_(KEOH=(uF$^9Z{%9WOi!fn z!`E<)^08uIej&zh!^H^v08tNt0jU$@43UW?3tH&cga5HpYy!@VL%hi}^0W=q6c?r6 z&JC=6zEs!14!Oh-T|-kQ+?g};%?2ZRi~z!eDYOjDCDRhLLDolMUaU?N5zw-}!q?Vb z+nWs2K`Fpok*Pq|YyWI&B#?W{0E|wDGO7u);@21=+Kv$MXeUB9tr~@!oSjgKy=}+g;q&97p!B)*_9?JRYL(_rT0&+ zL?=d6>oJOnh4#1%Q1>-;)#}N6N$V)Qev~<3#ZV+x;v^5iV5cY;iI$NzSA~^bONdh& zu2?8V@idcd)rgCr4Y|QrGyJ`0!Plab*BN88L?d2WZk!`qn3m_b;wRl0^m+kmc5Z5a z>k0S#|Mbbml+}iZ=Q{`l8$Gl%O^_!^pXATLn1u3<1?Ux(6D9xISfOiFVMV&$V5V3b z==eq8WBVUjbsvQcRrTcG1gnQ@-qT%Qe7$i}Zhs^n)K8(g`R>(bj%6=)Aie(f>(M5c zAyhpqPUIS&VE`Vv-Cp-UQT;Sbi^hk=v&t!$OP4tD%uH28J0FAmZc-L6j|N#|b$A?P zN@Xuv2)KdRj1v;`h|vvIpWKd@>Z9vOx}(*$)x{X3Hzo5kxCy#ghRTtk311;aMWi1D zr)}=sIcOr6ip@XnuTG7$VHkOirWDU<2s8qFuXP7j8hK!3)0clX(Ko(dNoN5ncMedx z7`IOVaFAmK2Mt@9wq&t8S*UzC9H1$6ek;{`0LU7g%I`*QkzTJmEWmMA`;4~GLjBfP zdMq34p7!Ky7eZ}B#^vdUMJ>eW$k_X>lL|sEVN?)ihv6#?hHu?nSyN&Uqs2P?=Yhj?`)=A)zjKZ@m_1JeS7ogE+4cL8A*}AK=AzEjevzXw^4k#ESp<(ca1s znEBo!3l0tkgOKGHCh!xK17rI)@{r~X3yupw`;XX~>rdg_m|e6e-YFY3QQ+HiHL_fM zI<1wY4>72#Ig3o}_|;h5(MPAWkFv#>Moad)l4rTb0(<~OldSczT+rWLDV==Ka5h;) z{It&+mzU&0afX6AzUpl2!(eSgP@JJyZ?;#d97HP;p3GcYfYXGEuaLtS#svJK6(yM1 z*=^5!rfc(<@%b*f8%rfUKM~-kH@e_v6S*l~mcDGWioRF@9hp*DA^@cd!WD^B5!x0$&v?wE)+5gi#ITsO{<`zhUS-hKFl*ma}(; ze>dp+%uSZWvvW&9jesX|yk;;>aXxoMBSCUZ6+_egO-sDUz{Zaq>cI#Ne!m3(58eoc z(D!k%%K((UFUSAStHJXxYy~pY{wEJ3hf1lHnnE2|VdYz1;hF}@1^yScvReUM)zaRc*9m!k+r2#k zZOZOe=0UpaNL6%>w&$hcX8l&oan#mSw;<^tMw(`s#PA1M^zP*%^2(3E+)cnA{l1%ZN zz`!SNo5R$(7puQcn6OP_ZU#BPdx|??&>}jhA=v}<(%r8`a;HJ%A*Z0s-$AWE((5ib z$q?B(vnv>=iL}HAkLKcQTp0)Wv4;)6;VPl-!dG#NAL|E-K8O3exx*6?Q9nE={`p8R(W!qdrm!iMMi zHAeSU4pplNX#U>sUzXiB3!1$!(+1auoEWd(uSFcRg^4tx3`1P!jxd0{eX^Ez^yMwo zZ*TRn2Y7tbE`z#7QW45Ow!?l7qmBpF2`s{GqoXx4IPUstq3w83Vma3Vj)OxJRYOy`HH#MZIu zj?Pm7`A2y>&x=+%5?2|dyuI2O|B#@BCnJN{gSBC!UwYZ20~+B#%G+@Pic`7vK%;o* zKR~w0cV?s3uYr7ia@p_XMN zvV9=WvMx6S|23FYm1r&NofhkEDBS?h1ENUoicGgp;w$-swK>42WKrYCn&V(gudC6o zX&l>hOyjq*N*~BYL^~~Nt7iMxCTEiA2F_7S{w^dxjxZK+JHn9!aeE^(DOWG7Sc%!7 zCSGKc*01D{mI;Xto+d_E0{7Rfl{_(GQx8*wT)KF{7Vy~$ECIZ-bAqLhRHH#z?{G9h zXgjou7Z?YiS9sd&_f@K6;4@-N4k364Bs^x0;C>xE7+74I2`M-^KwTjYq`}>-bpjCW zhGiX1^cUCE&{BC&t!nqpj$!LV7@BwEj;MHhh$SXTprAgc*dZU(qkuC*52J=?&F<);`c3ZR%rI0lmQp_Vr38}n2Od^%K>`ZPh$2f*BfmRa} z^38QnZ@mHD3pIz#s>7N_Jral3$mmMG^Q!|CxYe_V*6UE5=V}F{==<>a))P#_g~G27=MjOR6YX_6`I3 z^=k?Vz>kYe(E&F&8V?i+5&K=EM%{K{PnGW_h zhyVh9xB(K34gU$yD+)%4aIA$1QGn)DqmFadv8slF_OT23eLE_T%PtCpA+zCY6ej|AdkP%()*_yJ78mM z^B_N?zz7QBc`66ZQq>{$J~uYF+^WZ+nGrk=giRGX2G;KgUcPAA*o69ma0 zaL}D*6&UO7q9TCG4|E9slU_{RDi-%g)>fc|2b5k6(>s#^!L@MDHx$YRa&T1Sy4R{P zFagR#dc0yj*8GVMH}l38;-{*+9F4@Edh@CqAP(hWt;%mKQ$`#xHKFx)cpwPIiV<{yP31C2S!Q9r zhXLw+2B_cy;h%ZP8Ze>Gz?j=g*hwS7xJX#9k@49zQG}K9sgOr)2qyK3uB zTp+PjP*>X0$zMWjK_>cE*b)K=KE$oI1i8u*Y#hlO_EpCrr`7Iw&hp@8ZQ>jPF?qAs z$Fv#^o1E)4PE*L2Wpw2B@zWVCp%sg_o8(lErZGKA9qYpr@xmHBVgrBCw~{%dNSGq- z(rJS1Fhe_wdui`&8VecU5^q2;)+TM;x{@(6b4}hkoL0`PlJAH8jX*#idDaZf7`^oQ zi|13z?JYEF!cqrwg>_k$8&~t#c=(t2ZI;|D3^z2N!%DKSF{GiTxH1*q!P%Fa>+gbo zraoHYIHJSESi&<(J zTMQD`2jCt{*WRIjR_XrfVejH<)Y&6_L%JV8j4)a}nj+dX8Y5aYnmyVn8X;Ofnm)Q2 z@0_&)yLkM|1Tng#4C4do`!LyYPfP74*ajwsOp48i2&N7Zo>|QNF!F@qyLn0Ug6rU_ zNK<R_-E>>j2NQ^-!3s0e5 zsnOJ}2o%nXG3%`$=2*pAYJBguhJ~$ALgRuk+WnpV?8*#W?MfWw;L$v4mu$@|2wqgw zDl|+vdTt5Zz@uK6Z7)<^?39GHn>{~!?KoD-qUktTqwf8*icyubsyH`a&!shg|0{Iy z>PvY{AppfM6BKU_1%fl&6AOY90j4Y(w0hd-NlIv5CUEgvnuUNTWbbiC+ej8Z@i2o=`1<41%*i((`u^TaSEJs#I0_t~x zkWsIRzpjWs55s*eGIY80Ca1Q|zm1M-2G)?vch2GJiaf3Y z;^M^)f_4)*YTAMWJrCUVf1IO2BaPQ=AvW96lHm38yFa3R*=>-+nRk-CF8j7d5Q_Gt zc1NK-<-$dlZ2A6o)Q0b#X;UbHF)uPfwtASi9X?VB3)1yQMru59Wdw#_s~FIQ^o-f- zWY;HsA4+y_y}ki~zoQ<5hSsx~Pz@p=bOtKkC|hcX415l#EW2kr-`RNi=B zY@oS(cZ+)cMa*r`1?V{Le=W^=EseX+GCbq)?cBT@^#hhYf6P1Q@$KHc8}tLFJ%2O; zz3JM#bLu$;9cllN)xB!}FBt<2Vw#5d|qhF>=~OjLFci#79}hF2DHF=4%YE z?YDZTQ6HQ1l~RQxOhntMI%THD<@agEM*TO}Jj6`pq`q}N1HF#m?pjJ)6kyr~YgJa< zIfHxW>X+ggVon|H)=v6qLp&?N55PLpZsOM{V|+XN zYF;oY^Ux5}NO#EslQ{aMI{) zQDE=lA+|Z$?IG*vAociG>%HoJ_CmR9$@WoOuk=~u*J$jcOUr)4dg`?Mu1}p=_nPga zRm=YAdTLq=C91pk6JRp-(XC~_V?FiKUC$46nq$j;*?MXo=*_b2qif6l<84?Lb340j z``jW!8N1+0#x1Fr*H4lu+ud5*n1IrHzMsOJpVk#ycuY^e;$D22d-QVV_oK2D%K3nr zKl$>ogTwy{(H%78$g$|-1N-aq(m~qDI_hQ)LS8%D;$%&V$Tag1-S&X)I!fD$>#7j$;WGh5+xF{M=sTXOv}!?c z3qZA^;hK0_*`*tk2W*ar|0JqN8wfbw3a|>>ynAjK-*&gSS&!TFbu(&Jakr=sX||{j zI52_qwRJabC}XiN7@juI`s)2b&+^}&k?5Nu_wL!0IotbzV)M+sVt3G4hE3>F-l+S` zYsQNMa4^H?DaYGm*3CI|nuoX<7Z7#Wfr)CbA;^uq*4dF#N4)2P?&%ZHah90P%od00 z6uM5`{fn>MGpKf9(Cl{9tx{>jJPA?%jmSycR#`us$KN8Qx2*7DFxTi&_f-3dBz{k$dA z^#d^;^~dfqYbysAHFv~gyD)=O>A7{3RTWwH;raF3G&^B%TnL}tv@l_CF2K1^PiK~_ zyMRqY{Dsoj4WaKz{f8=Hwm5U^4WV`88x81u*(LqV3e@Z8wZtJV4?fHL58g2W5AB@*1Z^~{5H`Sw+ltPq!$QqPt@dp~E$ftr;eU(W${3M7Gcd;x8$xm*0X z6vpBXiwDc;q6~mbOFuW_@kRE*dd7b@L5=h?kBfua6F@k=NIY2ov*XWUpv~K!D83iH zs=seBE|U^2n9Do<+~hgQ-_4jmrz%kXyWEzN3-14X9Fyxqr5K9)-)8I-)@_SBh?{j} z-2r;K9Gsv-Iv5%Lv_V_kVXe!NjeN7M-2V3yG8d36B-{lRPA>l3U55dWXk#sFNT%4~CCr_TNFJqFqege{Kmd)tXeF`r*VJBaaVtXjZ-wE^FF zi-b{CI$hJ;)CG{1JK27vuCMw(t$hXfe9G&nY}h3O=aGcuA%mt_ITX8f)^hVB;uLZJ zdN?fRd$BSV7xc6?m_rIXIc>21=s5G@^PoR`Pbz^VI}&m4`3aC$ltdVxjA?u80(A4( z2sgA7HC1Yy4tgS5U-RF~w#0z-8w`7HQtdUg?6cIi*sc|{F`@r{`0xB0>{_B>>c|1QtP9Wv3q(3Yh5 zGW6&&6mYSJl7~CHg}gpSOiELo*O4Y5tkg*&NnjsNVt-_J;gRbh6t2F3X0S2yx^^w- z=qJr@A1-V!Dz4mk?%d)M_Q1g31uiE9y1LA~qD8{^r9U6{$k*NlKKh@Xn}qRO|90|s zgUboea-+`qNZk2IxVwir&)$qzEo zukh8cKv?FIhwPeWoeY;_vd|G z=ft^ZX6-|kZ7;5=6b^8;kDKiwO51YsKgAnjCVAcJNXMn`?64#-0Jyu2%{u{^`Gol7GD)5RW%kM4ffley zf<&uyPSi^eKZGUu%Mz9SPe7#@$KAG1tiC^dEQu7x@J&4tc(I8<+w41yzHk|J_KF9y z1P@}VQg$bdY{4DOzj`q5M3fEw^~RSOB&?fA34rvWYaQoVdkdnE2NPbHt-!Ds&YfFZ(8OG*veS2PZ%{w5JT}G-?{1EQ30Bb7}Vu z=xQIkOCZ(Hd?!Kbq0(z&S0sht%kh&73r9Bx{ou+4d;uSJ_#Q#1%`2(WLZOW3ZhQ)3 zJksMx%E{Ouw1^yv2WsnT_g(VGiSqjcyG6^Gxg=B1wu+4SR5f@QKf?Kj@z`;NbUbc} zHsWaqyB+`S;~V04r-Jq@2%=6&3XRU}HPI)0T1A#iTa}6}N|&vqIMm3~yb3;hpA$`F zTb&N{K5MXb;~ilBc;Euxy3xCh#=Aginj^Qwx8dA8eNIXWT|uMdP^T%p8TchZ<>2f= zXW5}cWl_h_=5nZ`BtMDR@a0xU3&;Up51bVO*#Zf=mNdM6W%uUXX37x{eA`#)+f9Os zm2$4(6GmzSPX)E{(Z%Hhb36lQ{f|-by=&s#u>8Rd3}X$1dIRVPQVe(yqPPL`CDq|M1pkd=*FJZaKYC+Z_o4|i@1yj89C((Jltl_Wr!L5hBE03aq zFh{{wHSa4RA*qEYfBiU-rJzqhsLG-*5?>XNX&L<8uqDS}pIoHNPGWY#2K6`C9mNV- zfOWs608SJR7PS8(oQeqJTp{~LDuhoL?mk@N|LN-gHvkanfk6SJfmLW1A2hiFP@LjG zA37%p2qi9LAndrLVZq*k;@LXwPAL#N6wy}IU~i@1vRHorYYfgRLP};p%F!4Y;rf%_ ziK&e72-sl~fFMoydW!+>!qdi2QY|b1wmb%K#Q}K-JID!K52CFUQK!+0S5Zn3V6Ew* zk1BFp@~ZmzxS#7BqP;Uz2`%ea5M^rukmDCR0_BovhIt714t}F{hvP|%@jD{6vN8BL zk?|;86(QGep^iSO3oRJzuJ00k!QJq%m@%rKM5ah#N4Dzlp(X|N4m?H6Ttx*yi@uJ4 zKwZxG+}0m-;?sod7r&GIGtB!PD?dHBcakh+n7Yssibyoh1ESmTUi`TL-ZO#3m0y;8 z3tx_(^wvvZ)WIE6B)D2AIB`f4Y?NO{Q>vhjphuNZM(9N)6cxHx8Flawa#%zbz-hj{ zjJ~UcVz~yNI2V0M02$zJM*k$DTEr0*+3rg8i+9~&G2nziwUhVZ%|T>m2YG`N4IIWF zR`lp3#gZ$M-FOI!e-hCmjovzbeA7T0UJfR1&rqmAYIwVx@O<7S&Ex&{P{=hvHY6t^T?!d|P6$Upyx;D9Zit zc143eq=sTax2vHn;XxuaN)1IT1zI?@YX&+0!9^SK>7&^kL?j@f7sC5PYAhr97N>#O z-wsE%77(j6`(cm&>`)d~!amk-_F;@b-ErYRTLSFEDMcZCL_szJU$|p%IelFk?5C*Q z9>aF!4D^?KtWWlA6BPTZqaybmgy!|*GidhgVK@eVkjn%`A|K-V&#?WH)T(3)k#2~1 zc+L9NHP0@M^|u$0?;R_|{3fy_amy_lgKcf!_c>2!1k) zsHG-Oh8C)&+YqocB4XB}zx6yW!xkG;rXvGWP(dy3K9f zA<4P9n2TvX57`z;NQcWqp*bT4uX&T>j`cV6oioTB2H~GuNQGGkIuI}u3w^yX3)M|z~8jRyw6JRz#MydB1zU^ zmP4}gKR@5*k~8}$iRQhDDuSSeHGSKG@~zGD%joTzHvwJx`fH=3S7-Dp7q>>QR#kdU z6r;Jk-R4^{nA=d<^4k2jVvMI9me&><8xPoATlOmZRBwuYdoi(sq-x(psN~~TuJ3L3 z{Ty||pVY@TA7!e<=u;_HEoOYRz4}voib6kmGobtXFt%#?W1Q!&_n}a2>3Vv9cM@aW z65G-*CGX`s8>6)I*%#cO{~CC-IK6*CBFAczb^#M4x%53qQ(|M~Q>5j$4+4E)#o7|b zx{Fe_Sk=q@g&lK?vI|$AeGZ*b_EddRE4SGbI7ioUxr+S`e_2%wzM_x$5c>Mq5T_@=(fV${`GM)L!Ic zur9d+rEhQdDATCOz4#E`p(XBSp98(?S(RKdDpZom^HvfSl3%(?Mn)-0AI1!C`gKvA zmdKj9T3S|mM!o<3FOKxeBYOJn*uB`K*HF)9F*U7DrRK^9?(U)a3g`oy|NG-zGaOsn z0Wq`l6`2FKyo{)=>^J*=9H}t~vc){hVQf57Ga}fO;+B_Eg*;VuOxS*9iA4lS>NU*tm&2hoD9|v;U;K4cPk8WEv z+(XVZZ9n`Sq2F^#+~DcFjdx&!-08KnO|@~bDRadj!T6w@0hy*Q+iDE|UvAjy=Xa5O zYb)#@)tLeHDY=P1Hn*=YSy`r^^`fz|7X&ufQWS$k-@J`GuHu$ZSNPUAs0?pc z^bLfJ#@vCYc~H0gpubg)pXOG7tkwpE0>}AXN%F0r;mva6pd8Hh!jW2l@NM{&E69qg zjTFu;fQO^9Pu`FAVtOsX_zy!khbuA1DdK|y@VAYYtiTA)Bf%}Nr?_xe-W_Lzmt^p8NZ4^oCVicvDi}q{`VB4q0h`^p|a{@ zyykKylR6ANkXY;`w7m2w^@;h137nw{_Z4XlpCy}bU>H#i43p0}vdOflOdahhqav^# z(zY%&nIQk6aZ3u5aDupMHF{!lUgbs;>4(O|H`5yzrrzOk2>`^DG zz6ky#eodqnk&`=mUSZ*ZKXlomDe>kZLN&+bqrTi>u>~14e)rnr#YdS))5fMUi42)K ztXzCkC06n;`(FvH z`5GoC5Z7m@I?v6|qV|e%IRLsX@_xbgg5a&QAF9do6uI0aCTU)K1r>Fui@rO@fMV}RC8$h5$mT|od&Iic}Q z-kClm<@)NnJjEb4kTTup#fRfWz?pe{b$^~B8aQk2Q4l}w5_)^>!$P22(~Y&fT!_8x zEb#a$-27NGg_CLXqwj_H$@9+)+#U_#22iv+ zO|PdQrdJMOAdr}X^P&we=}dk)pBiNXmm=9eCKx4=A+xvq9ajCfw4!}U$pYK!*!%VI zmt*WMVH(!F@F*dNOIU|Be|bUMS8IXz#kJOvJJLGA*NgkY=uMny$$O-36pzA}ameMb z*``YAQ6@}6LI8yg=H!fc)+Z@{Jt{TfhEM1LLlg@XCfC?Ag+$gB80DLVyM(zlb2SU( zqi2@q3or4%s*bS&F@S8sM^%4lA^X5sDuC(9ge^1wDcHDiB9+qCw6J*wi>y5sZsOAPy_IyTm;d z{A2{~zIOAGf0`v@4>Vk8-IT9bOD9##a@O7p* zggr34hzBr6o_`jOIP*?{uN7QYHV2|-{lX{!jmtRcbywoa3iWFp@!sQf*If@yCP0zb zGBm_07RwxuzZ4~1YBGNT>Z{_nEm2lNpgI%(5b$vI@`~+dEb!CCNIA;%hj+ZEm@=Q> zW?5^nZfg$b6Y#zQH`j6eq$dfb_luPf@0K7z8(A@N8zL(l40a*9%rh+S8Ze zu+_-(=O!|h5N-*?sa%5{BzEKQt9cGIjow5ZE-Y_)dLELg|K+-NewQ$K1?KW6sSCJE zKunn(&|%u_7{sqeKQ=)TLlw$tbSB0`JyEzAdhkW+u#&JXQhMdK)JA?t`cY_~EZ!#i-;p&mHfgABM*Z`OW@oj@!4R>yDH#*}E z_;?LN;NQq4*H2Ue5C;POMX(_li!6j;b}%L?K`0YryX&LD3#{EWT}}Z90ryztf{qN< zpiWffj#KEJ@&zlIQKn*16;r2B({ikrjDYEY`=wOR%fkt#{O5>D`rH*#Jr#!&#!vDq zzj9l)X>=Kv51v*H-pHy$iqs59MVnMxnpvQQmI7fa;>h0EgY$<=dd9bRrw8aqb~(Ni z&mDZ|Fxz1y;j)Y%n4xX%pcEmW>ER1NN#XWJTwYcGoo;5C&kklwWDz^Yr`LAs(7p+3 z3D*G~Sc=qbm`PN$;Wg68V^dA0c`nY!EkRR*>t^36z|Mq|K(+WxU40l#l5Wg-of5l! z^zC`D33!`-l5%kg(}k(r@TCXsY>Hx|fGN5&2>Kg+%?w4a4K$+zXa;f*TqBBqy}+Fj zwztS7hqD2MOQ4!OA6N!m-a)(*(sZyB?*3ma!z^?uqCn@Gq8R_lC-eW?ARRPi&fZ0E zmZ%4~LFngf3wl8lVTwkNRUa>%lqf5+DN1+AntTK@xSb-YH3bb623IfqI&6}QN??ix~2JFMd z-#F$SR`v}irVA1cx_E_hXB>GA6bkM+c%HFA)P)h@jSHcYm%|?CrO5=xN^@g{FOiv(~uDh^~Alyrv4hE_L79d>T zNnQ;G8wVpS1-M19@a)7S+5qzpsrK~m`{-{Ls54UQX@*R&u$BDg6hc;HPsbUB_evO+ zMc$Tcptz(abRz~t!iZjei5Ev(TB2B`kbs_odt+1Y$sNwXz{LoA=K9j%tIIIO6o4QU zQ$Qrzkc>a<;4YE#D%#u%b?OkZXZ*j6LVve_4+a(qI?$)$Y^UJ*C)OP%RKtSJf&4eZ zAU8yIeCbEvG+7W>@%I6T@q>+b@TtT43*Uv$Ji;;=!`1%P?P{Ml;E5V=IS zyJHR^r5Hkoc3sIGYo(ZaG`|f>^#Vd>SgNFv?Ht~b84yyyiNkpUT3rFRxWnwjs9eIR zkb<gju_$fYV!FMd|o7?4MBig@TOOu>syW^pC|LK zu>zVBcDfNvGvu|lINDdw#W=9VwWpZD4wbd{U`(mgR1)`|J)~&d&tFbEpbkLbn|+WE z?wAJH3?jKw!d_ZxWDB+xW`8dtP&PVd2Y!1uAN=<2_#VQS3Y7c`!kl*f3q#{Vui_jN z-MKE&WOuD9!iKjGHX8L99;<(jlyDI4YOb$2qq>S>xxgE_toGP0 zCCq*hwOrv{A<=z0zZEA}qFBglVOjrdN>jLsLvo%ui7mMG`-%Sm*+rT8?nUDsn|R-Dc_Gq3L8tGY{k?Mgc%r%alGLvdH(sk%HUnD=$VbE zA0{G}Gofm$SU=MrBt~(yCgktK7NKCZ=9OjU>xT>+P8~VGJ03HjydLShWmrrj&8C$b#<8|w7z(wS^jV&pjpIzN8N^*e7~)5go&&1&s*g3j{>$vx*wEl-}l4)qGEi&0BXuGC!NI6@{I05)Xs{XA@xu9YIqHxEu2*$HF`AHT(P zVzvW&%~>%e6f+TKXcTfyM+hb2RZdb3v~VD_3V~04{8i&$AnC@gRC^izCq1V zsZq{N#q*CVejF7^x8tFc;t$BNOa{#J@wlUZRpKU0Au?E`Q_$;}#yd~+g_8nVgGL#d#?UTQqTvMt}L(Oy>OxTRm=qX4~Cn9+NVecigQIpGVvS{%|?`+3gWD_WvN zAxZCf^Xt}e&558_i=!HAljpp>qbo}k2K1iKyl!O-iVAW2xjmY)F_E&dnzAvPQtmCW z-uQe#B5C4Oh0nnKJc@CQgd+BroZydNTZ}%=-^DqX$6h%Nyw1bum2$``9DcHq9F@h@ zsL?s>e`TgMg+8dC8M=e9H)vT;Gt<7ozIIpFeCClvn&l+J-O#6f{n-=7%V#Q_G}ru& zDqWp?DKV;XWEp!RCpK@=QLo6LgUV?xVF+FLVqyK!QF`6RuC%cWu2MJ+d%ZCB>Q}#fxm+1lm*{g7`DRIyD<$IF*UDWx#iFrXpNP;HFSn8=S*p?Dp!tti zRu@yeTvR2h&gknzaRucow@hfFV{=qSSIxZCqkd(2c}^^r-MBYCw*|hQe102Bs;_tM z_bMv(^oUtA%|DtA&6+g#S-)dcXtCeEdRWw`WFKdVT5M@okEdx%1@^6)$Aq5rOz2VX zLoT7W(63)n^xPkx)>xrDtFSq|z++vp?z<=t9*pX+*tK$WYoU-%cQ53>y)gYFDe_pa zdO2o=mCS<1HE__61MD+`2zA%;h(Sjhc>GAJz>-yFi{TtX{bWK+n zYOPMUd5b>gI<49ES!|j&Ks2`Ld*5e1e(^1@5dHLxyb6hyHs)LPTSn-wjxh9%XMhXVogz8&~9yWGoq?=iM8ln#yB~{+ehEtw>gqf=v=WLS_K=#`ni&) z;+zYPMDWPqYRNsK*D1?08@*KonyTMjeQXBqy?W6nD(O1&PNRJ+At}yv@Z331Q`4C- zqcufQPeBQfi8fc4WgE^rmfGE1VKGFrx{78 zHQ@lpJiRz36AhhVgY?3lt{Pa6{rdJT8Sre2fjvO zX6pft0pH33U_^d3fa~~c;KoN1*sMeS>Y&A4-CFHDL zypq_cMJ0nNtqPaJwYeWwBWE=imb6kIQ3=0t%kw`5mBi-M(`c4AZ1#TXC9Gqp;&m)o zE?_7XP%jQ&YRJ6B=R#W&(%T$al;kMjT{(Xy`^$_>Co|TO&mD{_jGa|!tLtLM76^KM z?%0^iTXtmVY{6&|yp>lTWVPI<`Eu1G%d3f5)QA3j(!$pe{rYds?pF0V#-ol5y>l3? z)p%LRbwlKa#Ao;3C{wGN91`L1xU6uU%ye&U=@NP6(R49$+UcuJqpX(PnlIh;JAIxM zlqd#MRB4>=@Dc~F7D`0PZkIc=<6iNVo^9@{OLCQ$)iN#>)nx70RP22A`g&VEo63Oy zdPG6#N1D!PfQ6;xXZJo6vMB`t{ZObVY4nRtzQ41>L7*zcxhlNgdqV{H+29J zs6AY+rqpFjw#X{n5;q@Zv*M2CtN2JW8Ew&z20nFc^9enHPpJNrsqpu>`Er{L`zJF* z*>n9Yq?>^F?o&bn2KGMo4HcL`1xPt3s!Uy8BR1GrIF?s&? zBI5~_-Kz!5DMrQY@(J%hkHy{wSj7yQknO(;0Clc9IeuR~aVc1`i8m>`Wst?xS3MDn zODAw(#re8Kv-=N0j|A|(ET<=y0(xTMLqEPb7@rZiA=2cNIO=8hX3Q5ZMo)7=JVjHd zSMK$NC7~qSFAfqyw-(-m(hPf5@_b$$v}z=}Dxj;9xI$LNIkLM75G=MK$JjehzKO`x zQUZ=Yemz**htC#owq)Qb?4vRfK8RqmKL!~S*wFtRe9syw^e*haWA#zU z7M6B51(;p93?P_ZjPbwI1{~Z;)cBXFFk^i7ssUV`<=<#%t!v|xoA3bPu#fu|EbXs? zN&D9Y8;Jw)Y(6zJ>O1g&N=fbnigyd`z+DPG8CZ*3_+Sf&3Q~@xc!DG9F0z29yTQzB z`w-z4zOIj@XqxxDTOhy)cOigqW-q>IAWR>|9rNFs=SA<~CxHeUAVKm<$3S^wz6BdL zxN7Q$g3iDajEl|DHo5P3^VUx4`iL(#j$Xcq9VhWlFS{rBP!Y!Z7~3@+sT%S=0|0@; zDd#$$^c&c}#Shs5&(C9_Y*XZKeZaS%cnVIy&C(=<$K6jhwgw~Ee1Yu>Uj)Bh>ol`qszx5RdY)( zW^QpbdfAzXPp;pM(&SX^c8CQ9LBO(tzgs)`{^VzUUL z){7i_V)_Bw#Y+8VqV0r;yyN!Cp3fwb{M=FUj+S@onCbN*({++(uCX>|ug*_A91<}9 zbj(9KhQIjEL2)BDrC5gt{qVgLnxViHm?;R>eU6-bzkbhEL13$hnCwEZV(cxxJ&e%A zY%KriLGJ)wa~t<%@qWCe1pY=j?`Jg&a(Z&HFN-M7nypmZ-kD+cXEASb7h@qaOGu99 zcTXFzj(sT=AYvZdc2`z}Mcz?)B~Kcx?1nysu{5q~81lEvw|PNs@T-rc&ytm630bIl zz&xK-YBJ|m{sB1#9;m#(tylRV3Vv-?{qUrG>;mSC*^9{Z)sO}FRix!bV3KT#+rZ7| z1WiP`#V^buey<_H>mQK2QFqCuFr?XO!c}^~^m+s0eHOaYrF>5P;(f|Zd&zQU5>rA> zh|DBTONMw?SiYhWgM+no2^9-qF;|WyNRm!~_{o0o7|BJ9ZQK;1nM^aUJTC#i8j=2b zjZKLl_%U?^ux%FN53frKg zj72G%nQP-qA?W}*aUUs7L|Ufvm#+%3N1~-_Fys8iH|t3gpk{L$EZfU%mUH~w{37Pl zLD^O7{Q2f`tt021ir1bw$JMRIkGZIctc2-FW(0~XhlwNsyyA(-a+2CE)AKn=WRxWI zQqUkbjk@<-B4{33RexuoRpiok*T30N8ZZ~cJaI~n=BtSGdGjVl>N;}y)^=d%CYGNq z&JO}5wV>xK1OW6H@w3RQW1fQ2vi0NFtu+e{od1LGk#-~_+ zkDCs)?2hxF`D2{z_k6Fj$oPj`lq!+l$~cAgUBixVX(%%N6|y`LnAT}pI|x8D1fp=Y zp>AmlP}6t6Q=({-+J#!JXcw8LVfS4}CNGPnnO_oek%)Ub-0gR@8NVmljX)(*7{TgT z?G3uif}W@F(9m~xze7%1Maw7mgBXr8d%c>n^|r%NBAv;ODg}pSg!q5vDkZ&^W;5?xa5eol&dtwl)t15M6mdtK;@PDdjJQ&JUO;fQfU3emBwvu2VQv`E zl@=&sWX4l{-q24PveZ8wOR2{p^Y*$c#aTnY)DUO0(`1Hzn$^Uq{#;%`lzQhWdV7l= z5K?3+(;%-%L9^VYod!^+&%ZN}iy(YE1ozY@0^gJJG=u)4pe@c(;3t6|%@pGX3V^bC z3wnHKfgyh(^-wf-b#f6GMAAr{bDUY{Wm($E$9C=EY33nXv~L4XJ)S)%HcOGSxj6O; ztBPSz!zB81S6g-rp6rlsqx*KDbtvZCuk@2(*3B-U7tut7fHUvNTmfsZGk|BGw(b$^ z1=6AJZothVPta>;YIa&_^xpe07BagUc<!z59p+^z=!iot(sVtzUO&ko*zN;Nl=-=d(Bx{}8>F;=af8JP4seI5z&yQI2}Z;lcESoD)Mut8?!trRRl#(IWVGa5iPfAJ|l(VHsJN zE)+W81Yi>D>eUvOhGKXNZ^h)?^t)jyrMuSyy~4p~jB6dsNEyEBSGC0GNlpL+oimGh ztn>|{L}`Qdiy3k%u_iEsxI`P36b9Y%gvozeV$lp!J!{Ec(PyHr6CNp}xO0&$_w zJHc~{gs-`#!Tkc*3xRV_)fZtP&Y(KLL7i|4HUVzU_naN_!||h@f-LgV0A}N|_E>RB zgkKVABIfaJ_h#t-9!E1^CBhfo)-XrVLSg}cFNmaFi}Y;diYG4zbloLPT+$_a9u^3; z?$ANwxqIgJwFG_~(KhWuVWwRO7Vty_!Ooj}NnB~cF`K#hWJv}N1OVgg01k6a zZ~*-Xa1f}RmA1S?dN`KIgVH#mx|jwCAOQ->8Au_9H3|9cLa#4C7A$oJo|4+6-#Rj-P~H%55k#sSBZpgB4#1juKG0Y z#_IIhzZee4kO$I4CK5H1xD%jq2~g;t<(>+-8`#|lGkR5JMS!frmcEhi_@@W(1GQ?3 z5~YN<7I3Cy^$M^}A!d#zW`0c5&w3MjY(2?M}k`1;j|9`n53V=Ay9N!=eZ(k(dA$IwHZW;@z^8`77j<6g5X0W+{ z3z%Z?=7~qQj163l&<%Zs!GmD*-~#xs^?@XIVbcDm;eX{9(wofkK#}0WNCm7V;weY~ zlnx&yT&`V@f7Al827zorZ4nFcfZWu82LRtDmJD}cW<#s0{>538CoZ`1j2^tYodCNt{msX-pxF^gDo2tO zVF5|zk<-h#!Sf+pQ4yQelb-lM@%0Nvz(=-z+~rOp;QoJ}TI3%~*^emj?+(G`2@?m2 z2qs1?F=V?-r$0t_27w|iI>zq!2AYSzj8$9-adl&rTUc5FBQJ*PS;2+{s8IL@P}la) z<1A<|NBd%&EfhW$3&P{JEvBV5)wR)y>QAnuEWvc z`}{A1&_9m;^I&1;HNNV&KMy?kl>SmfSU+|U!_n?9)%>G`@J#66PW`V-xKpgZ)b+m| zgm8Fe3$#C;Mfm?)1#mq7OSS&7g#Ys(yi*F|^$o%c974Wlh-m-2QvGvL{;8;7W|Vxv zEg&g%R6b_GCoQN?pfp6i|214ZK0A6lf{*)VX=JF%Rp@Fs0=C8`&ic^NP z9>gfU9%yu9dXdMo%AnElIe?W2UCLm(OrJarzqbo$H}b3GLO3>9ZT>m7{K!Zhts>+<68`1g8&w&i%Jj;SFo%Z(X18yX)bIa9xjN54s*u20sV^E%?{bzYXqg zbI2-~KCXY=9{+|so)eh_Uld2FNOogTL#B2so}*|4)OsqCtOr^nlL?uhsvlYC9nO zrIi0^5Yg%4zv?tXEeI#nf2+!G{PF7jZ|nC@Gk-VU@1r=v9K24$9ko-bzu><+`e#x8 z&ETgrVR(NXCXpM*%ak0zQ$HTDH=`&ESdj@E35Bpn&y)B2zK8=FekG4Kbr1 zB?P~{k#_{AB>3$YFL<{n;zT{T+C_ErJMa@-|+7Ds}I-$m_S!be}|znO~^6ba*Z zL06cNqaeJU!V%%C1ZR)y$NzE=`q%aF#w+o+vl9+Ir1hlmhiY66aPJak|8EDgA$a3O zO7eT-MM8H%HeQ4|NS7h`;#BnidJtAlT-A2pSU^bVxJ?URA-F96Qnvqn5LQkvgx9~7 z6NwzBocK!p1OES0{qW^OloKKFZ{_@3xBPRZAmm-%|5!g*IvM}A-{JZW-rD}BN}b=? z8vkBY@Q;XH&=w|Ca%+AXTjjOgxs56=e1_5{AW^7)ReTD3&vy1<-1lrl0?4ByqL8Pw z?tBS@m-@w%8u`bwU3H5>E$iX$*#d6DH-e0DZ;=6R%18rj6T)=weFRvP##^}V+E2d)-%kQo!AlH2y%Jf3ju z>L@h4|1)L^(k5aqx_+N}CLzWV8+tVYs?>9b>)MLt2t0||0ns{?*>%$j+cHiFRXXf`(-MwG3f-cSGB!iOH@4y z4@j>cx4PmVK9q1aS1^e0Z8iVZ`|L{t4tAApEKP-)+LOOi3WA2{$K@D3z#`$OY4@d{84v=S1 zy-^IS`8qwYd7tD$pE+|abzq~RT7Sj)WcuhiYlRh0YO!R9KKkPql~Y`K6C3r1UF;8C z5CNA-uF@Z>kz2_AJSq7?;fFyT%RJjy9wxxp{ z-+UL4=2PGO8f$}9aYkh(r9;V+u_;UD8bzVFhY7`4A2b6G6LMzqI}n(ha!7Ppd_2+9 zTdZQ>BTa?9wV#E9;>IE7er}CNccOK?c;{fC*`tIJjwWln+682XJ zv^S*kM=p%!dO3gg>&Iifa>C`5Z5CXueBi4wk9?% zj|)Xkb1y8OhwnFiuWCZA-O^1LuqEWHAAd(a>NyMDb7Q(M>F*C{ALI_SByIJI87AUg zeNys}b1-A@mg5E4Ca8tvd8f_ri70>NeL2F8{g=jEo97h#**V`dyD1CJSZ$}kPZFAh z0$Xp`RSkMXd&vtH(H~cr3{K@{ZCNQ?efdVeL`&lu%e{^!lSl`ByP9`Pujd=g4PN>m z91Kpo`<+CVb>cN`v9|={pp|h}M1>#o?4EnR6HMI8VPB*k_lfd!MZPk4hweu%U=-!Jtovo}`}j$9=f>n00|WdhOx)-E*vc)FqL-7* z+%xjIEH9nHO?CIP>+=##pBc>XBbkt$J{#C;@l}uW=DS|h^9!G>_zP5RQcHpl(sEc8 z7Pfqnv81)OD!kJ0ASy>y8hUxgLQZiFowkrJ9_8ICVs~OI{4M8kzJW55UcOe=qnv(* z&ns#xC`CjDzUC)WZ}jz{*6FGoWNz)fC2W17kvD@Q(DGQ}F#}7fTg+A*=9Z7Mk6AzH zzS-8f?-p%qgv|1-Z@l>fOUL=izZ{i zh)bMwp$L%hTDiBDyl|;>+3-+5O;*lK|8g%^amj0x%3c!QM(K&O6TH7c?qs-Q3(QTJ*cs<7I499(}r%27duHsQ! zB6ab_B6ZGVZ3=Off@55n)6i#uoWZ0A*G~(~s&j}}+=w4*%49Ephdq*$mQqbreNDF} zEa-uO7i&-YNVM?9qg*fUZ7eBdIZL1K5qKN%GNZAy-lT-^gU-?FDf*+S5o9yy=<7~; z7yCpHtNObf>_>T3vp)U~9m_nbD9=HaPGK?=wt$)E<61alDW8L>Iw*Y#QkgR~q?mnp zu=M%mA5V_a85+uJwN_h|wc9bz^K7k~bDx%v@~dDcORsns)?D%ZyU^rqACVx__e@V& zM;H?y$15|mo0$CcI!BTjhPwS;m6V$|h1YlrJ4~u)7<*dk$ze$a<0&N>JxmPAp+IX= zH7}mJVv`l2T$Q&(J_jp1*esz%*-!Jdsr$Dr1a4h?wvYMzLP?a$@`R_{Kyl36eZKQT zX;86&1F3bAb*oUY!}y&csbt{}I)$~<4h8pt`l= z%ak2zyd;NX-;;Jr?7JWoxxbxY;KfmwCsNf;<5SCr%nV|_O=Txazp!p9DuIqXc|`f$ zjQKNbDvj%&dxz!iI>QRL^<-}Fz3Y7Zbz=519~F&}v)45` zc8l%7^3&*zTea0GzO8c1*UQX)R6)|2Y2hz*3+MC|zdWC!b&n`sJn*S>WZ+?I$jYtz z;NoX^e8ZViA7y!FrZO|OqR-w^G$+DY6hj+@)FUch^aU?5?(W7}Xp9Z~sBr!LtEl^~ z-l$U-&plmlY@)sPD0a(Ct(M<b}#phen0iiv&#~0Y4#n0ozb5Xxk)(y9R zEoow`4?TURvDIA_HQkXqL6|+>#*}MLS4b}TxebF|o%`N(&Y|1($P7iO{+3Doyq%Z5 z_KJb8;r2C+)$7sr*Lz8BPA9aE&PX4rHLTi{m@1}Vpmk?I;QJ=DPUMple@n}CSw8wk z=fbZoYO?3)vz-fDTA&-UqV%I8=bRRuLKL0#th@3{ZJ#W1I1F`gYB195Q|&f8?9#w& zGgKOyY4zjjb)GlIEYbD{pTu1|_v_MtrjA>FnD)lS!{n9&$1# zb754I|44FX+uXL<&10p>JZGf})AyZiclvY-r4rY#A&t6Ve3UG^^>XB@BdI$2y~?q7(SokR(|}^ zc;<^Ojq=67?8s<^&T~C4OkSOvIU4yY&5X7B9{Gu@buF5@FC?7W_U|>PA~s1m#NJGO zJDMa)jkEVklZ3C5jSnk*Y5a^GAMdIe#ti>zY_8fWSzC3da?#|1B)8l?Ze!1; z^>tvon#+#5YHs^4&rP%?ZPO>}CniE80gblyuAU2pA2urYjowY~(H*TS9~rN*k#2h) zhtV$<>{7AKuQ&~1>Jnc~bH3ad_?9)APY~v;>~!rZ#V9lE<+~#=WEY=`Z52=d00K_ zw&5Fv8?|vSnEhntj0QTZ^1G-SOZ1_K+#}ZBFG$3|BeOeON?14PEA~xz<$m`K+%)yqjJkTIE-tQU`4QGSkp&Z6#eBQV@L%rQ0lu!e`0hGo-~km?(@ zV}jr9Q^FX9$U0us9^|0-_C4~=L+9jRUQ1K$rf;K4Go5S#7ogOvbH`i@hfOpx-}Z!@ zzg?@w?WUIdF!<=hA#3PK$62kU+@lZGL|(j2rDuDDN&9g}^z~7yt5RdOp2ygYnD?h_ zEt_g5++UJU*jo}Wip-+gf6nI3utG=PQN_fg>_!Rq<(ppO=EzG$7!nd*N^pZ-YfzFbk<^>Dt2?9otz`bo{fnT%>3j{uqJyeFGp42oJBT30(r z%M~9y5<6Z{dhY&<50P7qCoVrx7|FEbxaM1QNlCtaa!aX>*D(9Mbl7MkmA}5fQy|c<``d4zEfaXh%XL(B?x;_h> znQt^-yYc>AkYGi*1<_CIz}F}d@*@M;EmX%Sf)nJ8iOifhTyfgAg7PLf;Z4AaCRTX)D!juN5UksxeO)oqOY#RsSN-8 zRJrv-2*t4AOo=X8ZM456Xh=g5aj%`1Bd_#8jV&cV!x@6iBH_}MTpb(Nk>1$T#sqJ_ zVAXWSj>qIlb&=9g#I7EEGv_UGL(}GRlP(%X6V#;D_la`sHD*t6t*I4DQr9TshmGIA zsLdZNb+Gy(Y4M8&ls6&Ck@>3*^;&!Ou-Oqr4w+J;ZPEw`iLWxs;^dF$O~D}(+hYpgp@v3rYcz#441mxq;Z{G)%FPe<-)QM z@>8FzjeTWC61N!W`H9&KsA!!OrYEegALc>F{bVvqT!;TCZjt&hJ)Pp)5Lp&VekyeI z5UrC8>w@m}!!a3|+VxO<{gwzrcz~b)i7=f2D^+}Kw4zLSy%O1w zdEWQkw)gw<{S;>%$BKRJYhULKgCLDO$3(e}VDw<9(V#VXCT?}sM^zHQ3KJ4bOIXZP zofo2&OlCQ#Q(e%ZRdmbinb8>VD!uCB5G`))VLG8c30)7R6ycq89J+ePp!_G!WbP4( zkpZ+(^_lK^_*#jlHPOXu6>r@AXHv8*r{{RsYzkBDI_85<@hEx9H zkB$w#I~NK|>t3|ggwsn#Oi1Vy_zQzD(S+dwqxbDXI?5RI9j%MVu!fSyHjfM1Qjzv% z-4)n$a22v*IU|k_RYmNFSoz_HPuMXcLd=Qn@+`!*Q<3FrO%i^{?y?Q9XK{vJDiK3l zQd9E0Pw5nfwp?c9Z=OTvo4Z#gKUezbmR0kEI(AJ%}$=3(i6} zyhE#!r}05TTZo%0PTe(}ukcp$T=clK2ZIR3lgb+y;LA8W8OpfMuWR1VZGo9&-lT*VwZ9l`uYq9 z#kLshZh_^vxAy+eqQ#&{dOaMktdt3HNJrfkmBCjuUC$T;XNg~d6t*v>oSMim8zenB z@L1t9QSHV3QBOG7zu#>mO9{-|`^k90gpJ4lZk>GZK!Z42>dfu1K;l<`r2qbD!Twhb zsf+R|U&Zw`C9!H`Q?9E@(h%J>4mL4YyYcTUk&+964WmW)Wkn$y+fLe<+UZtZU@%^v zak%&craKjR2lqo}de;Y-jlHoz8n*LpWtDpHuEWvtTyr_~mG5*ST`zUIF`k*qvkf;7 zunVrI_PmRWrC}U{_=#~kD-Isom_j`sG0l67$6~+s=QGZ{(e1Ow_zN1}Ul)gWp-{Zg;+DtaxVFv@|SjSt`RNTDa%QBe6#? zYX^b2R^p-;{OEQ)QW?n22i?f?&~-|xk;W%AUb>X?Rq2NEqAS9W9W1ZSM2`Iwbm#sQ z8DGo;DcQ^*Vn1v#`A~XmB_YA3Ko|S$kZr#UZ9<^H+O=gJQS+Emaie2EC$(I~(Thyn$d$hKa)n)CKM5B%@UIhj1fkG?@!>a3JPdW0j+ZZF#|xeNfa}!F zQWbt!?&5D0&*G=$UnapRZAL!s)0VpsH!@I&PcgCU_4atugiT3i^wtx2;bfYZYoPJS z*tl4FTys3tGWIOp`H#}}3lg=WNjY!ePc*fdujVX74K0eRJ?CR&t?DROqwkIAQu#`!RG1T8O`Y8KgvZ_DpvGlRt zq3Hc%0^M%!j!$2xV+li>wW|zd>Qa2eUja5!6vfJ z62Itn*o^;X*zTTY5oPDe9z=0wZ`0~1)iiTt^>~WY@iE(~1;tujkekC9x6HCI@DP$y zIa)LDkG~l|m=wAfMUY~tAMOc{MW9gvJMyE7JBGfD*;ni*z ze*-kKJ)ay%@+wT2DP0wzHxIUfa|HAmhqiUCb?Y4>Z##X;pKn-pU8)q2Bxbk~{Sz;` zEBgj@E4WugvySlkJeNHK<>=N)R@6K5AKe={`|3HB>s*-O4|%!I{6E6pxys0$M+ZLY zvT?R|vdv{bdvi^Fb+{s(`kd97>I-lxOp^Exypk~h%}Bn95NO^|g4ml3yKs1JHs_#3&^ zF4r*!8tD+6vPEQ+ZFU-uaD4hg%L}tFpO?$-`Y}#1zG<6iz#oME%rVD_4iEj2;FRu^ zR{1x&3=sV zu8eNs8m{33h|Z8%4cC3VW;-&5?Qu&?M(34ce73aU&mmn?Vh#WnB+zSU)cu}{+Uxa{ zxW_Cf-WcFeeOg8^%)Wpj(Zl86Q(`0$*pI{e2uO*{Ie1aPV3$QVbz}pdKcDx5a+!z2 zi+nwCsAFiFLzXx2d9Np5Y(K?B75R3a%%`wz4VvpXR-GkFh2Xd}kO#Ou}kL3RxqUTpQu;>e-zc#H99y;kb>`_04LV0RYu z*kr-r5wc`_YDulk;E{lzX8}K9{jnWv)oxZD^GjXnmTs)hq$JI$5p>BeeuPxb!q0cx zx^se8aQ)`D@w!}tJqVvU%UQfvTtD4@65ku)HfeAN9*98*Ln9Q?;5z9Uf5RyC8ynb+ z05<*wjT24)8Yi4r&^X})ps_~^Kw|}qQR)&JOBC-F>1(A&uPK+g_3of67Js+<#PT@) zP+n)18~r5G;4ZefJh8aQy$DRk`{*Nwlb;lBgvM54@q6UJdmYwSdsL#)ldRE(=7$K_ zO43whKDHg0@RYFKg_2|NS*aXmq)ZA)F1*|nz9q3w^0J65>{-Z$plZoU^!Ua1&ue)q z4=CyMEwSi|(!*{*0?>H~KQi4*A~EcIJ%xT#0P%FHxdy)t9g)74@+_iIXO>v+dg9js zSIr)gq`J5d((u$zB2$JZChq0@bp#pXzKa1UNt(Kr*Zb&C$awL0%42DR7){1?|P-s%Ehok@Hu5aH{vY z-j2{QwitbH$=AHvZMsB6dV(>_niKbKyk?m)Pk18t!d_|0vyh{xAS*UCHD~P8Z74gD zw*;67g5$oKLqc@4X1%JZK}i=Ot50v6jxFc7szcn{Hk@ufCqnw=ZS;dT*b%Z%J}KL` zY*y~fN95ua4oH8t;~+C;!$(N3g3aNyNLRhq`}DRQCOC5LpIF)(ff!r~EjXPalBQ%a zzy}E@{ThTjWT~TJFp77{k&Jr$HR}{@n*Bv{Wyg8Lbs4A9w@7<~aI2G6h~(_c^uG&X zhYHR;^cHc1Si>Cku3aONQ&VLBE_@m=I(WE7j-IQcp>S7q*xn@zLKZ5K34({>1>_Rp ziO3y&whqzU&61EQ=2F>j{&jH9$7m1L&9GuPD<9wu&KCLDt})9i93(>=UpyANHO z@nWqmxaI#0_Di{XXYz(vd9BRoWsSjEpUgra51u)~+Kp{+-;))(a%fdsa%0^NTPRqS z^9W48r8Ij#iTJif5HevO&Y+C_kw;%O9_{u^p>&+v9dW_R54#t(a91{GiEoFM>?&s^QK<+xy@yS`+r3totU*l%axM8P0&e%C|?vH%0yJ4dtFiz4f4YclU!m_cNn| zDovZ)VkNwR>r%!7?EK+dKJzRrj25C#*-MesHJw>Va_S(F#rUSd=41Gind}JSs>Ux| zxVShvIUD6QS+T>2t1`EHy$S$X;03G_;)!%0e70uoAGcwaGXL3q@k^$ayjy&oxqtQx zTBuPnPkRC3>I#*UOsa2(WA`qJ%@|WRv#R_z5_b18gUK5wIAozFtHrNa-AM|CKC;0^ z{c1jLv%NG?L~F-@55TU8+$glfNiMT#A7L-{3nBJ(RhDYU=z>}|{ceGLCe^K2c9wpd zBr(Mo{b3{V{HVNG0C@?$%uD-aUU2@AmnZzWFY7G`N!b@vKG>??O6;4Z_@I!wxw9iR zWGWJGwzWygAC99lwE`bfOjVP=z_S=_(GPjE1Rq`4HW8wL&h@!Ci`dzpk+%$U4SVVv zYhbni28~67EjEtMbcBOuF=+}P2c1P>UEa1_YVEwQXTMx3VdK5rDYh7Xdl=Vu&70k{ z$_SsC(;sfvr_i5byfb6&#!{YAnw7YQEi5Q`m&4B5y9BPazyuZ+ZPxw5wu_>IPH9$y z0gPcBhlM5d1ppbOhPOmJdV4kI9Z9*Ih~J%2dgeLM2li+03Efnux;~@`Q?oyS zW<5cszC3}BnEK3R$fzvRM`Z~O=n~9V&Jq@&27$mx<{0j9=9}w-Ihq>u57b2)?tO_S z%WL!(h>YK-^?}72B=a=nt2uun^V%c|H8Gw$8p)*noD1zam%SBEi1$umbTUzFGwz+L z#0UhI#+Cz3jm^9}5M2VNZXojy;q}7)UGR8h@ZSr*sSXr;vm%X+sKJUiHpq*^1aiJf zk^c`FK_2)8H6=I(h@xx5WY#|`kC7!DsoJBvtoTf z0oD-c8-g^s>23zzlj$(bh0cn0o%jEMAKyhV^XXy)Cd`W~C@c92kvLQq1qNsvYA7s- zzI+tx=cDSi;f3bK@r6lg zS|D)0x%yvrKL`eqv9&*4kHK5CpIsnPA;{Fe0YC}3JA1WF@Y^G=zgX2t-`--JTMBq*cG6(XOhB6PT`xOXEE!4(9Q?y~M zw&h^NR7apm7FN^N2f~Xk%9t1E8;51hKm6{iHQ|13I8%BkEi1#4^SNI19r>bn|BB{F zkaPS?=Vdf=&3{G1@H?Deynhde_H%7ocr|oW7x8!#%nbMT`9CVwAkr;^P;Gez5_kV@ zMP=-;KIv?FYPJk)*mjlxe+077tG9NIw5Vhd>9FABRn+IUk>6OD`c?r}qcHRXHOS=jzpc)9wjKI=s>J8NE z5}&4q|G?)&PGj4q_~WMrJypMF*JD_}_bBde{SF&=LFRtgWr?Vp$QnX;eg6avC*J)B zME6h--9tgN2?bGK6h!v`h_(R`WhPw$AX>>4`cH_8G(oR>o9m_QoK`V6b)b0ZC=4^M z`UWS}0$~UP*E+uz<8hV0kb!o3Rj}MFYv*~t(ttyu_8Z&Oc~*J2^5&hU?LDjysWWU@b5*Jl!K=mf|W?Z9c!*He#cKO56c%GC432{muo zi07A!p=|JZ)-9&A&gddT<+02xMLWH_1)IEr04IUw z<-2aO)codRg4S%wFkb&~5os8yy8)^32YdCec)dVtVtF4g&kyUiNxiDP=_kMO>AYVC z)_)8#jevE08Dv$FMQd;@WH!BmGW@yTrsO}cd|Qxb-0#CBmZ9;NSl(LB3}7IdpSVWY zkgvFLW6h9tYqUa(ah~hlf-ObOeH;&`1h1zBz(5{`c&2&fL6L&W(y(D{^Gl%;jtpJM zS^Ywky-t{P{Cq7RnwtH$S)2oh0>e13(I$!77Uus%tl>Bxy1c!q2%El<{}?N%(Yofz zmVBs? zfhoMH4ou+@$aJtQOsR~8B?n4xE2rb@6R}E}=*YubqZeAozHU1Vsp;VFko7_hBlx9G z^D;QF$%mQ>i!;urjrIYwtxwspZVM3oZtEMZ9do9M2+<+qL95w2kT3BM@i(W!}wU2+lj8W%HpTz0gKh-meIzJuoF& zu_{7r4{QiFLL}~i$wXpu)&RbIrgEf*>8vl{m7?!eqqO}jup%uwH|q;<#WNdj}kaG!(Oz_y6EAK)8^p%XB%*3kb@iLk5bfqxxUT9#whG(8hBS&hih7>*F`^P3KeBwqcm!FVM#U=e`l~n z8;X+;MS6EJyds)Jg~K+9elJ>+T37?zkw4O^p?3Nf;lR&b;n!D$ivC4mdTW7Rw%dX) z#(4njIRvc(qnZ?1G5&?K(I_k_AsBh3qk&m1v3jMW^Poj!IZ%u0Xsuiu3P4ADaoFoW zChL`h)jq}CtYA0t0s^nc|CgYm{XB>?3p&^+Lo7DIkG`G5lQkA0rpqUUNmmS3XT_VO z?$m9{hC5BPJ$kiByvZD<^0I(x9$+!UouZ~R6@05G*BQ}UtNHX^iIZfk){ffK)4e--fcLU*t?Z9g)a-5us z99cH3pgJit=Fr(v%ki`RHlO}$pE9R;8}&LlU+Vn^+E+upE*-CQy3Ew+!7Yqw_32Ve z-D15kV11fXHr87T{q_b0Kqo+>)aAcI0kG~0fKEjUewbRDiWEJSzXb|_@f;X|uecQkh5)YSX`7EiR^8W& z)i%~sI?S*ywA_r-dwBa&Lqs7n)Ps?sz)Qo7^-eshMluWZFx5GU=O-Mwq_1eTwB2+# z7fRw`?>wala{!2H=@pc-vPA|laR6pS$nAlZ;jMV{gzNwv_x-2*W=FZBm-c_no$qRx zP3Yd(FA;anz$^&4i8J;;nkrR zd6ilTFoOTTvXe5Iyw7F+MBOu=jBNg$E%xT$sy2UBwZGBEW!3&g8}FWQ4rTKsbA$da zEmh&exVwfEClj+8!7xp?psU9syY&w2fr9vmwL>sB+^N?sPQ&Dp?&DQn7Gb&H)rM~9-B$RS<6g=MkECsoUtywMrNyQ)Su=(~2WqqPo%HumCxZ&5wi z<83qmKxl9ULM$tzhgTr1!DatWQ<5614%!WE2I}pPs`qkcfdM8rQ1FEbM`cN31Cp2Q z0RIG_+Rzu+YhHal-5Yf3=0^Ag;%yQ+RJtPEwt>IA30ZiYe(NOoyHbPvC?pB_XHWmL zwweB8ZHrZeEHJ-{j&$>lSaq_)8~NuZAl?)rRsD~t>U%X+$x&0a3N=;DDDtla!V+q# z0V`1Ai;LHswn=lU0-JL#|Z=q?c_aybZo zLoU4s1-XY6BlD@prPLyKJcl9G7%+~8KBS(2%9bAUh-V=%s-gNR2%1x{7(B?~xvud$ z+2?-3nWlmmB<2yg6);FdCnAzp3&HNh>Q2yOu&IAEa(8zJ5e1s)hJJl^N@ zji}*fLu=}A7ZnZL`@`>LIL>PQL-Y%Yki+qYA(DmVSMa-mg(?Fp0J=Pu=j)YTN2{oe zm079+Xvn77Qx{5kBDwm-j6y{g-VBY(svh+(Z1qE2%CitymOA;u)39c4@&}1#0JWR= zZuF@j^#F2z0*h-_9-vJMgVh*ddXy)60W=ZT&UNkbD@t#j?KcRUkJ+JXpI zzqF78%S6&&%S2>~o;Hg9fW4Rv*z(ypzT6Yw9Y?eSyTlrBx|^(@QbnD>Mb4m-uu>dD z^6O8SFG3{P;LRg!#C3_+n`-Y(TiYZ{g_Ncmg1yD(7#^J?A|AjmjyF5Cjy4WgEN{Vo z9+#DvwG$k^?B13jQWVMidAfsGJSz@NPJdi@@=ZNYr&E`}0TOg$Lne^fx85a-;#%^`NtjKDCTWH_s|xi zhzXwo{*UV%4^WvZJ0IPi;-Z$~{^H#%$lXU4txw!@gD_h%z7+Fq83dE{#+(j2nA@|> z7Hj;ZsK;+8CYD{;)G{0AxaaGr_JZmt?Oy#sf0&-4>CLIoVm?li)>Ymq3E8(yG!^R2 z*gV+qkDjHe4A-~s9o>sPO+vf)v@yka6c#>1b@Y8*%Vu}S+i&~~#}%(89Y>>VGX6!j z_)mWuk%bB>x2_qzos`hfN6lAHC6vPT+{7-k-;cBF^#q5n-1rW!ZtVgh8M1s`Z^vEM zkF=$(()_`LWT(&~y`6bX(@<WuZ z_p?}T6V3y^TBi0XHag%K510(qvP=)1WN*x#HLmL``vaESV>M9L+fy}UEP*=4sbtIV zB)(E+->)WZ|2#{vj41)B=iOuxX-8#p56yJZ-TQ0&o@~dL_`Qdv2Jzl$A5eJ|LFLiF zfXYJA*G6w}5GNaM+U%d9-E4gM1SDp!ygmQ&3CN!$no08NHqTxraiZ)piDnKmp|6!i z+sC#ikWYBqLlSP;j7PPmL_BTEX+S=AT+Fn{a$Lld!=KLN>wpa!Ou6m^?s5| zq#tmN;NZ$N;sd}n;)93qUg~&n+~zZWSG@f+evLkAz_$oL8}F_`{%q4O-wf?8!%Nrj z56aP=UAe{&)R&)+$Lcn(Zr3#6+WPf}v4Cq9Er4sOfNT9@f?a@X{UHgjYE2i^GwmBQ znKK+4ahaP+h1?9KSt;I<5sWSN%wWN4S_Upcm1&K+{)7zxtr2?;Nc9+X$N zbP{l^{rXD>z%k|~vwJc)fMcO!+O>dVp_h)C;n>c)*y6x9W?f`)T%+YZWW@}MDoA)u z;!T-Na>gF-SS88T>$ZL%;T=AL7)<>l;T7)xMPgRSuw_Wq(o4Ktc=#N5xrV{soAj7B z!^rlPP^j$`E2L|A?Gc?U` zUL%Z2+To5#gupQ+jXC(sOxBLh2&(q9x;dKmcXcmF+MnKE*{oTu=pMYa61r1)14xm? z8*dd!CB!y@x*fBjWp#U&u^nhu#&*Y}D%f(vk``I}3#GHQbH?n}v*VqeMXB@CoP}hq z2gBz9{6W4KD-jnafhT9bIuzvte!a~teSi2%?_<$!T%nbYXbI7Bcg<$O&$McM+sV;w zg5?=`j&3e_j_atUy^>^*o9g-HR3KPZ=fGKR&r4pFmFIXQKErIH?RAag8CCnvOUlr_ zbZa@Wn-W_Ha||?c_+DW;oh{YiM2RES-_r_P);_-`S1&yUGco-sS3k`EQ_lC5nG4Px zB0PLNxs#@(Z}X%>LyqiZjm6n_DD|^-0_97Get3AC1K&aY?v!4gvu_A`TzHznY;;GX zY={}ysm8)`OQ`b8m$nv$t8NN##uo5Y;tLPL<6o5WY%RRAbf^}yNXb~0)$;&0b4req zq!6;+YO(SpD>mAg{Q98JywgnhY|R2}6NI0H#N5^5{5#y~aL(7qTrd2Ow9hqM72-l9 zAk7NXfr~=|?ZZqSPFW?TtrRrc&}6Sf?RBTf z>rGFdiu1-8zym74gHAt>s+;QH<~vaytn4-7vyK?kpCf@S!H6D5ixT+i^Eu-TKXfTe z_qO|s&6HD3H+w7Vj}3z3!(M}KvhNZ6H85;f@5MN2cX#audVJUq=}v>L z?#mni?`DSMe*PiWk4+mjxnd_Z{3iv2>V}NARkt=*)$O|S##Ty4KJ|y%IPAM~wD*Uu z+^}>91X9ew!|S%}Zn8#{8`E@fMq4G|02?&mIc++UPz|{n8+@9;CkD~F$wsYJOFK|k ze|&m=W&OK;)_|=aWkeb->xkheT)$O20GlUbY+NyYYI4+Iff%co%(`tJXwa;t3%yp@ z!}YD@v7(3zdP%=x)7fMV#-KB#T}9e#U9Dw7`QXTlds(0G*v9!l8{h z)nX)hJiNCy%rQRj#HDx+hY85$ys&itDjq>*F(|X2vhR-RN%TwdrQ$?WMo0hyZ|Nk; zG6NkDdIf*86H8p97uI|4YrvM|EO0QY$ND< z@BRunAK@t$l>1;3xgf6OL3Db}nUbSlJcGPf99UXz0>;IK4}usrrZeNq7!zy7(mkc) zM3SDx_YH^x!82}n5OGm*d=$^9*`QYs702#0U@xWY7eD#_j6v_fgUH{(@!2ZRWx>U< zfv3dEa3d3!!8V*oql`ZB0>ccp4Y$!OPchPUdh!P}F*i~@_jbAFS57^MCf0Y3K5oTK zg=l&99Eka6&EjJzCG;KL$oQ}306_;J0K4%J-^sk#WDfc;;88A?Ey*TOaCVn8b z*plWVbul%jFfXmW&Bjync-UJf`Ab7?8rhm5oK^YNi-mq=k!Js;n5``Jz0C{vCp$j^ zYq+u&(n})!KnQe|eNYnpuyO#==G|0u?ZAh(gE=_pJ}Y@h`@3j+O6%pn%aLDc2Yzdu zY%N&bjtB<;lJ>nP$>^nKyF@OkMkbC#n;$+0YxAflp^qZ$IwsnIvvTPZ_)x7Ro&$F{ zC3E-gU*X5LW;1qG^OQzDap9o)2u`!GhrTQBtX&UQHzne1Ljjr0Z(!Wgy{Mf&Vdcik zD)62IC7|>b#Km&I+G3N&cz$^rFU02PE{q*Y@5rY1J)Hfm7%S5?Jq^ITbA|0e(dNAx zqYQp*FJn&ZHB<{K6BVZiy@SVlei>ZZRj0^% z1g=qfkT=kc3!D(8E9pAhh5aD`qkw(e7#`zAn@buX*T zQ(;cj(^}*eW3?7+Nf{x|^lyg$vt1zUTD4ezR;r@)%{Utk;C(PksvpP?1buJnCwJA= zjl?4ygy&Y^vz|mn?HM7c>2TH1_f5B3^j%qghgR_ljpIdl03Uph{0<8|Fdu zyYv{BJm-1Ia~UCx@SN)U9vFv>VR*dbfOtkF(CKz{@s2~{8Gsou^5Sot%tygBwxr_r z=asErZ)Zisl(xY*Y=t+10hn_!UR@^zFr--WUraanUol4`qx#U2DXETqc>Wbr{SX_3aa1;yl9C*_muGaO ztu>MjjIXbTibqt-iem%lj87hKX#a~?|Lg1i<2LxeT{kWE=eqg@K2cRIv~x_=@$TAn z`a#1h!2IRwzv0E!T?Q!hI{j4(zXOoKM5zaWOh|c9MyOU^&th=7TywAuP~3U|fBd9uP-uq_iK!Q!Qw;YDG5q0g#oBm@pQl8S}WX^os*;aY_v$k{#V!%B>kA z$a<^9x))BwW?L1qRNJX^kpuUb2CB!YU~EE1ANAVF#?6?lX_f~kD^)>%DpQdt$*;P z%C;zOS11|-j5hWwe4(@zuxz8GRhv=`%0EEmtw={!)nB$xwV3{(1obM zqNDBts0_GDA|_^yzW)sY{ZzVV>Kha$MdJWWs$LE>tnRC*;#R+T5F!1<=&9D|+5Z!d zslf334gcgn0J*$KipY~lA@9gtcw>oo6TwJ?Mqm|+YS8LOCINtdsDukjRhSR90qnzw zKzONwanTNLrm2lL6 zM-Y;r-GpnUtkZwO%|F>Z}TG?eA!N~9|M1fFYt5^9^%cZXVGV9yr>fC+tlW%kC(?V z__p^p{OUB8|YHl3|&O#D1KFGJ`}Wv9SK zx_-*r&4N4+NcCmMK}IxDZJx?1c`FXy!R-a1*Nl6?lsv8EpC~%O?KOggBtm4zS|V6V zo@5Kv@IwOrZ}Op#)K&2P)+p-Rw%0kgmjj8Xv+^{ry<~W!nIyX?BSXxotaG<8#XdN- z_>CYPdO-=^ZeA8xA&J7rJPus<{2}e_i#rR06^a$KxE=88H7w+nIO|^7L((kr3GZVy zd4r!G6A{jQM5^$|2r}be1ntz%cYiLa+M3dH1H-9mj~WK{$E4!QPax6vFpHhNiT=E-(*Sabp*l)^j z*?rIlWny$opeusz{|c@5Fp>d%ju+2FdG}fz3*aeT-1ilFp_;>rp?i<}u}1>m9Dtu8 zDA4&oC*wrb5=vXhT5pyni%3Mq$)g9mV>rXHO^$l!`KI0;mhIb~-S$aEKQr)?E5$J{ z!`*69#bN9rGEc_EElX&AEd!z;yViXhJdI11WG4JIxT+4#PL$algF?DL)Ju)sT8#qi zB*L7Dz+Fb40XqSI96lN4tN^onKkC*|ATc6j*XV9S&1XWrQgLy=p4_arlx=|PlgY{y z-G5VryIhUt(pL8%YJ0Tm&3(6HsMd#*M^rp=Uig!$N<2V_FA|7^fDp0Y09Gg?4v?f8 zPBsN7$Cm}`6BzIf;V=gd!&P?t=p#K4`auCd_#xS-1v^{KDo9^dY05#Ca}y)y@)}T$ z}-^XKngTExaMs>bYyTeZq&Wnufgr11+~`D92;57 ze9ZS%xLf>W*Jj;8H`ogtMVQIG(1yoC_l&@x*{tJDz-L7o()TM)V zKfOzNZ{nl#|9r%qxA{vvhk!I#wxk@CuBJpUgGnO9{F9xmsxTS~0A(g1jYKNp5w?>c z^S7!e&>TzImDD1L8=tC@|HvVY=A=F-KL5TCki8izR5_sLouOautKnc~`dlUBORxf2 z((|ydz;EHt;FBr-sm4vvbG06ZKQ;g3UOI`?4Ulv`u5w>H=yu#YRE2s-z{P0^h5#do zG6(dBhWgOIkH(!r$grYOiUt6Hj|7eXfsmw)tSpr1F9$$}!pwpCpsV}AKweP@N@PYu ze5OQWr#E+zJ^t@bC&StkTdzaMLr7Dh-GF}z{c>rGD&u8Mi2hX*U%UUTiMV+$2gu6# z^2XdU^~p_oeo8`67imq%Ci)*Q>5Wlo`r{?sT6STf$*(G41k%vW*Kj!YW%>K?>HHXD z(9f*__*V`DpP5vE*N+v_a}S7*)?1h)EJ;IISM)elY|psA>B(JDkgdr9*t@lT5c330Y~8=?xF3gmi}KgLB$3& zcPS=n*L+!P4RQ$Q76r(Tu9N|F36`5$${_eBDilW059xJJX{qTSpx(adO!UG)3H|t5 zXKeCtmCKg4N(EXPe%aIZK|QaZhoQP4cl$me#U+4rQ80gBEip@!`aBGr8jxw`3!z~F ziM%EQSSr4w6lBR>;3~-MSXz%>m!7cD2TYGIP=NXq5fqo?+I{cR}VrCTOr4yj9*zp9IBm0=GZ_G4u6;#?#xVbrFH>WR|^sV`2XS=lhsFnb(6TJJ@9C4E#jUCNJ7I8v{ zc2i(z`|zJF`Bz6D{^qa06GXq75<;IIjfeisDANpJOd#MtwA}rNmRk^sY-kiZTmNic zER=uL??v<^!f8-V_z1Lyo)&L$V!naS$#=ttAo-F|<17HO|3~wBz6bwdtZ)P~3mPSy z1mIj8)I`cd4G@|?1H>9d3BUk3;F~!BCJ0^|#?{R6o&{s0=0RbIozZ=mbTw`iYcZ6` zMmGGCZr?8HlL`8w==PlQleO&HLrk!)s?y~=NI1+RxEy?aL;w$7Qb-HBzAC~Af))#V5%h!gDCOL6j*-tEKhDj^~m(d6L1^anNQaaZ*}m(WM4f(wbs$h3sZmS?s? zA&D$Ft2M3@HDNKxeDQ(FZ&G@xKaAPQSR8k5o`^MEmO(qUQDa}2Oz=`20b;f1(`5>k`u~|ip+6Pr|1X)Yhv%Oa z`Ty-{@PEr2J}PenOX=Kc2`^C+99vo{VJ391Z4g`2Ous+$l6=(JttqdxF)M&SEYK=W zIlbja{t+qvmLUGY z7rr`;abo1J1M6GJtY3R`8m=yP-UaS|o5}B^if0H?dj#K+I-6=7VhB2NyV!U6zW=$8 zFZ*JZ^!(?yxs3;b7k1z0U*7=)XJf$80K6IjW4!&T#V>5hM{9!5dKcc%a?VLmOjLW$ zu_2ckaJ?ljZR~+FPH^R0ZKN0Fzl+D1slAh##qU&eZ#UdZidqk~8L77ZD9F>#Btp6| znq0(Y7iZQ}Usv94?Ywn;4PTV3m&%gAjf42%_qH$^UPSgP++kl(H<0P)7RC#THv*t= zhfgE-*Co#nwswlLTZ8tFKgKPn%kqrS3Ek3-;nx+s>&h{p*}38eD^yl>#eCybOxdp) z=5scvE1-Mt?+O!y7OsM+8F?KIP zQcb^pAb=7!W0`{bv8sZw`mvyN(x0oI6Q-as^|?MMQLjzTHAd2LU-x=BzGA?(k`H-5 z_NEt+u%|}_)+~M|)Drq;cMLE1X?Qf&5!&#G=EG_<5C%aCUJl8JMY}W1 zw-9|g9n1vOqSR;!#D`mR7r)}K!7f_f`F;O<)VNc0fsM%JK#RlcfTq?q;{)HNW}m!d zOY>Hn6O9%PUK92a(S40^tXD@xGT^Mqu-xWg;%vpq@50&E&#c5@W8dP}QQ|KjV*_Zm z!A1&=0d!GMvK1(7x6{6F8hm=2j2ojHZQwzHsrQx2IP~A zgj%Bn1QMQEAtAw)AJ=YHJ!nQYaV(KzWlyXWf&C1An`90_v{o$Pw%hQilQCVqA|KX_ zv?ki>+2svtKJz^~FgsdVoY>iUF%#3O|GI2s0{9Ho509g;!B49ijflq6XF)ov`@X^p zccAsv96Sf0Y7bax95vq#2?xQm?NrZe(n%69``GWw3dGL zH2Zo>(Im4X{?k#jaDIAF$@#g~Q4;&k^`rbBwDIs#hr3p-0T+S3R5bFdyV(ZEHClt2 zTlGqcd9%A;D!vBzPeQ2uJm0*?|LU(efBhH&Mi3KMck0~z;XgR}tTD}P>xj@zG|(a*Kq3>Yc$o)ty=qE+a6%;U!t z@B-&OoFRMD`ZWVZb@$T@tN0ruRkp29f2H2xW$~JC71WTq zxAGjP3fXl}K@z`qn%?d<$IHG===)rYc;sT;xk#@ zReiui`Q8)bz17dUy}O8}F$D2VG#0qmlaf1Fg$u{dMZd%v^j+v4mlUZk>cC?)&e_pa zC9^j(PFKH`Y$yz>NgA+-9C5rKpKJL#o_$wmQ4~!_Bdw+A7e@A}8b+$W)QI>I$7h|P zrx`E&EABdMQ@l%B=?g3Lg#K`#rz3;vj}fT0LaKLv7+BGR5MUgoyAq^1zdG;0E8bXb zFqy}&aYgbN&t^G$O=__YKASRpYVxAAjwUx)wpk|!gWO3F2Q#qX1sbO2`=^;NgKs1i zfVAREMV{)17TX>RlPAhcxjA%y$wd2^h~6AFYfXZ8qI3(BHYb=4dJk;CrVM6L(=%7o zD_46YR7FX^q@MCVqk%xStx&ZD3V(U+^CHftX(POP7G*q=My(n7INwsDa@fiyMH8onUxb|KDj(($ z9tC-Gl7!;j3XM|wKEb?%GgDbTg?a5>ah-_8^C$1gN)5?Ht=d}5L3+g)6~hk`YC$z& zx_N;&6HaC8lss-ui-sHFp*<|Nv@K>E9S-+@fR8b&xxBznx@CqB^6ZJrG{t8_YPvRd z&||7?OhUG&A*VJ=4e!HG;f2!ppK|*^jxsEx%HShDGyLgFPx3eN+K!JGd?J7|VZ~Ok z>DaI!)@jXMa-2`OUGo+!qiWzKBEUg%rBAuPUv=WN@lc3TwGD*SM4iXv2;L+rx%k38<(}?ZtKMyxLVFLXva+3e^2w#E!c^XW4r0RvI2Jc= zAw=0kNw7pz`ySFjP(>MxOi+3D8dDqAL#bSW83`SK3?1JelwFKHD-a8Yj-$ag0aPs= z%W`X}KlTb?z7ODJg~)q}$omV?qqk=KXe#LV7Y|u|?a#^Q(JvmntrkL4CV^*3m<}%k ze4hdbfe1k$kgpS;rIKf`5X{x#TMyKYDqN{bB4&NJppn3(mpfRSf5QLiveF z&(~9?r)35@+v~g2CeD6lalhv!=zLk+eq8V}E+lub#IqGle1{S3!Rc}rln-yC%BQF| ziH`mcH3 z9@snFBmQ4+&I>j?x8xf9R&%Yqzb?s!yVPv@C$o*oM@`G`5fRfIccjYm`Dc{->=@ZS zXHr3hkyzgsJ2r=g6&ArU)ng2dK5*qb^o((KRo_nD#GY|JzqSNPAY#PLe6KcSDAw|w zAz-tnmdy8;t-qlnHh*I^`~ZzOGMkjy9@<-VUj!7}aqI40yniq1(g&mSG`@ zALkt1W48}86lOQ3rY*Eryhz?{>B`+1OY<(gea_>RPoA-6#zd)v{u)1-=y<8hi{=Bn zb=_Q@-pTUUs=nBblKNX6Ju&a7nQfBX&L)l|m}chae%P<8*urw8kEahxIgC-72!EoJ&?ne-0@a{> zAD!{Ahx+BnVN3}Ze{X;%X?`yW4!S-SE994^=+E$ znS@{MkAp|)wXvwf@SD(#ocLjy``-dD41>}AUn(*%=IEx?yW4e4X&?Xi>WQCHM^ai^ z!V&hGc4*VsVS()(i5jFk@a!baZ zpWkJ{Vr&fk0y+A-h45nQd^MZuw1=@G9q;Ao_Nl4GUrj*C_}_F1Ip(3WlnQjj(vyea zkGz){F}EX#Gup9i@NG-)(g;7wr!|6UW~8Zg=}b_^b0nuZw8Ua1@o6J&+-{QI?^XKg zlnaln5id`QU$MAVC7*2*(}^#tFrQ;#g-LlT8Er6(?0vzOjtQR>kUTzFYTUu7Bh6nU z4B{A}bmmsMwuvh#Resx+EG#bmTh#3gSmcj;m}(>#SD$Fv zdrRbGSbf?)^YWxxoFh#B@$HE_8-qcd&f!v?cFOjeJVmb3^D^nr*-nZd?k@}BtbCrE z;n142Fi39#`?-X`IhZt@zoD(YbC#68)8=Y%-4m2TUw>0Ja$TM^%0;Q-TQdf-cMjWh zr7-+P@9C(UOxUEb$;kf$O+d20Rd+gC>Uzh{qQqT8R5pi8QT8loh8TS5`u-~lmj76v zrj>y8hqV;$13O5*!c-9CHE4<`{|Kdq>|+{pr+)w_+C@+%kx+pGod|zJY~)pvv)%fi zzwLu}H@5M78U}}tKH>b}^!FFv+k}CO#y$Wee9G@}l(@?TPt4&uClv+Advg@v; zuc|{F)t35gLm~N+a*1G&X6j5Vk`C)eULjsrGx&IQx^;pZXpjx&(o*I~f5y)C%{>5@ zaQ#X-th-G#F)?jKR?{RN_qhVhmlX>K}0$Fc<=WN`~rf{{Rx zyTGN9I*?H8$aw@G3+hw^i3SZ38&VpkVp&T;+R9KlYqN3(UeO?xIA6Vob4UZoWQhi? zWRkj1#*NmQS&CRdgPw_d9BE3U0vuuOhBKP$F8C=f)`|cPOj4c6yBOeEplI4z@(L^HmsV~fM-Ys#aPfTH6NOeGGbOk1CZ;=I!T$M?cB(Kpt=UM zfErt&ja|4o*2;RQSfAqASs|F>A!@izGZ}0u%WiGwQ zKPv7Twhhx5J2Iu)r5KS*=Egf$>9==r*r4_}m(G73YXPXi-H4HyQjfV`nH~o4c=mtU z`ctU)P}%t7=1X~0Bsq#nQ^GAKRi##xYPiNR=YveYCzESZ=j)q;VH|t}{U*}U@Aet(AeL#3mB)idi;(RB69BM_W$h>Rcr4icu3n$@!mwb;wlO$Wg9tfL zNZj9a@hpANk-Pi^oNSv1ud9-ei~^I)f+AtbRGlaFFiG3M-4FkQ;&3D{O^C_ ztl1dEZsI1c!CMPgcdl~|1ws{40P(kwRW(05wNdEEYy5_}$XmzvCh$ayq8 zaG^~3er+MPJ`NH46jbsCgqnu>Er>J~cQLUAS9K%;qXv=b-}vZl`Dn;i2#FYMI}~n; zKCxpBaEPAG&`!JD_Ub%9K;?g*s-}N1Pe*O{_P&Lvz`D{M1ap?3z(Dou`gSu_9l-|^ z{f9rL|EXH~?cY_n{Dz+W>JxvSl0YQAb^VA5kYjZ?J*^gho1piM#M+Ry1>g}73|m%@E!{IE$w3uX!!CpwVq#WeKb>_W+Q)N?3yFXe0m<4 z#^UMu*|t<&UHlD{La%zihqsFNc!N5ARB;-DG^zx~gbe`p$NQym_B^ zfeV71OF+(d@+hz#{;Ut#gpzYY!7mSa{czpn@&A*NycG%wwc>X;X#fDbz?bb$0vvzq zciKp{@AqD-|A)GqyC%+A20!9Fnsj^?25d9oHGtjS^MxfqHfn=JBXHs#pa1>-c2!9T z?UKOQ9hf`GOwzVg+V$GCYrpr;|MPV`68HAhcRcq~<|ucV5w_d+29A6CDRb31&wj`V ze`dJ@Yvj51r_6)xXa48(#~*(7{h5Ejx32#wGn~yP`GW($KeWe|pYtZRi#IpkbZpJ= z>-6@(pG<9Q;16wkHXa=uA0ECt7+a2;5q)p&&OT+1e|q~iBj&F2$J{QeM@J{e?=z=A z`_Adlv(uJ+i}C$@FgyMEfS#zQb!%+LpOtLCKXoQEL-VFJwcVL0dgF;TosEC-bNu7K zjbg_`Ax*FNyE!Deu}T@2bt@{x0XegZ9L`vk#iK zJw2!c>)3GXZBey)_J}R!<*$GEJc|X0zd1V09pNwjcX0GB{_?@t8fU@SnxUbDeVov` zImL09&R7@M)@aTq=D9d0Z@)y}$44%wh+!YbUpVRCl`e}-(U8Z+ zh&ye23L+so4-=en5MG5<=K94sT4EvL;Bm1)0uE)BLf9v&~T;ChVADd>u20ia#ZpH;E+*{7b>Nz84 z_Mm6AS127l7D~tX`{q$mENjFTLN4KC>fD1OJWl34&|ks*^sTb=iWHC^QkT5DW%@_+()nXyWO94v5!;h)_$}`qppu_ zclx%^Mpz6XNE#p^JUqH7?Iaypqg}&o;tUA61bgWqan6ZG;HpY#u1`Kr^TF{+d?A8e zia(zWzjmkWdKlREU4OI>WEy)eeqxxmw15dj1%$#d5TFhlgTjB2_+wmf0dWvS(b<$F z?nGNPbb@4>BxGpg-8HZlFvD)O0m{7&5fQHy#X6)y?tRk#3kIeeG{LeW-MuKe5^Q= z@ki&@$Y*`_oxy)J-f%vc#2>97Vw{K%EsiMXlG2z7`*n?>b?N#ths_2|t zZ4`sy_aSi)ouT?ITx{Z4Ew@3NYFReI5hWRjW*b;Por%5KbZ$T15Zz&IYaMpr372QMv>4%P zw^`fc!(8zHgEtIC7c-8-qDx-?KmICQFhl>WhgyG!ohj@edv+vc16<@E7)Ep$OeJ=h z8#9Iky|HK2vz8Hq=()mNcH%0&Xe#z$uS1(9FA26;1Ry}$J;MHc@EhmjAj3E}l8%{W z%YrDP38TrD?@xwPi{DUsctmOqgd9w<5#G_^VXeod9Im+2zt?^`Jo49^V zIeUMUH4XJ(=#A|IZ_+>Thtql1w?{X=bL-lJoPm@kH}3OASoFzobZNY0aaO56R+`<* zLi>_oQ2^x9wnnpIacKANfTxNj+`H^_nvZ{-VspK(K#17gq^A&te$}eRn-x9p&Vl3u zatZ+(a!>W_aWQ)ma}83A{KTkla(pSK;e?HP7{Feqbya>mFI3x{EbE?|2Fics+wFGM zDDP;7gLG5N!;}Znq^mmPgf+4|@%5l}k3T#3Vviu^*tsF}b@7+gGxL&Wf#{5)V=RAJ zhW5+zNPt$DFn;x{&F=&fQ<9LjVC1h0qmlOo+(^xy4ZQ*9R_HbOlzZ?U15q4;4e3M4 zfx94_9xI_+0eLhsi-}_ zxpBSJZd&awLrGArPODMv7K+7k zyWPENSLzpC+Q4qD+_`L&m`G46SIeDpd?Bvt)k^&{d)h1&Ol?6H8BbPhG=G0HoyP7Z zn7lHR?7^Tleu=klH?CU6au*c0P%5=BpLheXA7H889Oh0A4J_3!LuY17T~Y_id$!l* zQl$j~AAjB~bS@dmkk_W^YAOF(D0aHFLZ`?+iVQCQf$1!1Px1%)HviWIWb=QMdu5cN z*(#q`eqEzqh9Ko%JFo&MlxTmI|8Z5uRj0P3dtInrF-)+(&Tw^RhsIN-(YjG=XFK46 z_ccb-@5WP(Z8Y^9pSU$h>abO=HLlC+z<{33ySEd@9T`Wvi3=VOjaW$ofy^yWdVG+C z4N32ohnd=i9%mAyjOsYcc1LkHepiwaGaF+Mx(Qs4M6_;u_Q1J@kPYb??F+%R z-Zfq8iUsNt3lyJRp~zVAvqHO!OSGKTS91Il)1|2|Jm~&YF1_Mqx%j!ltbp=yD(P;C?$zfdc;F4%=q`-~g2a$SGvF!rGKxmc*;aw;(H z0B;&>6t&MSeTCyPjE}qa`IkoPbGun6@&Vumi8pUFrJ%fz0`C+5Y*@;$# zaTu*e^W4BPHSydGm+xw;Y{H*bx!Gv3A+*bd7N0?5&cGyF zKx~8dMjEf<-z)|T-w=_~kQl0|%Pqa-`c*BT&p`7LbOFtxHO}m3pk&O%yGybcE2+q2 zT&Ecq;iX|SiRp{u4!kdH1&uoTvU?vN3M_~5MJ1otHsF%uPe#^*+46K|7C#4L+-ps!?7nzY)w@+;W_tJ!Kv}{`A)Hz&o^6a zoR~je$@x#FgMQES(wkJ+PT6 zWwjCamTXgOS?l%;D9PNGqRv-DQSdtq^Fp^4%I<&7&MXjwjd|e`CI}FkgiyflNUIE| zp2gxSIM|ETaA-$Y0rF-;aIMNgV`XC+z4{<=?D3VOLxbZ4N3Vp*DzsZ;>1fI;Iyc~L zd_082XtruRXck|&fL~6+p?uyj35_xGTro~0Bq@eB`mn{{ggz&16w;9?>3YNI)$VKh zfmE-Sg?|_~Ti>Z+g7gsqX4cyYNQrHifHOR=K(zXPd*X*!FnOK+_~! zIj}D2RphHKSb#f5iX-2e8;l>iqu!LQqI!SKz)d}m-P#$YF9lZy0Sf;%uR4r3gRvvD z{BVNiOo-gI=g>`>t&Oq)`!29vYL#+)MN4PmS~)tilZ;nJ?&Rs+*FUh~Yu-O#>LZMQ=oredEW8Z32}|AMCPi!ZDjNE0IBST4Reqmh4by_x9Q0=zuAbzn{Q+R|n%AX8bw@#)RIGr$Yt zM_>f8;kyngkAZvrQ3!bBOV4-=hW_8gKfQy~pB?<2tA5E#8zK9>{UbPHW`q1sl|ZICt#P04oA3GmKUPNBTF5ta0oqW0tdcfsvWF?Z+QP zX4ycP(dRC*x?39^5QC3~_Ihh08i(7vm1R1`@z^Z{0{Td+b4FyvN=xI%?JQaiN(bma zhzba>l+qeLR@QI<6@YJ(ZykT`-YHQq=Z4zBR~+FpV(j6c+0b$Y;xZ&{!jEdgd;Ov3 z!P^~Pd=um>ni0*CMzW!nDfUS;3cSII7%dE5p&hT-9vXXD!1#%e6xG2$4Kf^96+ z>CWLzMmkw2Gjc{=v`g+V;!(srV0P^4-PSQY{eIvwalX>by?sA$QNe!^tO&Ub;ammQ zC!D&>_cKPq(0ceZ)j_e_Vbi`0ZEaQA75)hrwM4SFL!fu>W@BD>k485IvGlk^r!nf( z*@!!JW=Intt({N=crJu)LWzZhfw$_2%iA>Y_RJV$#Bacu?cS~|WYg{NUs7<|Iq7r< z4zT(11~%{3Vr9tBl@5QY@@o1{?4&wcZ24G)bZ}SoKHr5s7%jwqD>?7KBg*M8b;}ND z%? Z*fN=0@k0{edp#ujFF(hL6{mmZlZ3%zS63Rs%H(vnKhzd*=hI@>Fv3SZjY34 zP}a#$ZN%E*!!Vpn`_D#LNHPp;)hJ-5|3Z8E=lM0TV#F_H5;%X=#!r}LpcKs|T2*#% z@l3~TcDitN%PoA{J{=x?{P73)Nl*P8+4DZl@#7(P{#L=rC3}WUC(M@TjFBTGpRbyN z)O#=rUwflD0!qyd^vA!Loa&+$tnFK`>fX%G@0x{bD;G?VQbxvRNkRil;(Y8%1Hs6? zfjtwn>Mk#o2N8dzCdrC09nroHSIa^bp##|W1;W&`;@#V~Z%+0F;?u*QgTVBxpulu# zFx1(pf*ACykm2XKAAgVm`eLTy{E_EDT32V*oh=4B2aX&ts4AHy8pR4}iWkELgwW?n zeG98>AIZunUqcUZ%OrP+SMg*5ujHU!1+o3FkjG4}1;Bru5$Oz~8jH=2p3QG@TV_<0;4T?s$a=kNQi_a`+>&%c zM!_Ww1@M0xOv;Y(=DTFD+Mcv~npqX$2$k{5sJgA3%F~act@&rmY!>}StYQKSYYJlC zA*6%n&n8Umi}BZ{aPF;eGarc!c<|=piv_#N(?iup7X8ezYmQKWRvP{v1{wPUxutwMfQ8rzg}8yVuZ#nYZ< zR{9a{&;o9c?4M?2B>avc)52P^Wg>kVILCY!g2?`WimC_J>dx*^*hQ^Ec4mv6nbh07K!XldC_EMZRoBjr)CWy1A#Z+;wzQ+T4y4SrnNW5 zvLLRaFVk#KWXAdU5M*wPe;Sgl7ktM$fcJlYjtrgguMif9IOh1%cr+hej1j`1BMb4< zNNU%>bVmZYp{@(#q4VNq?n)x_@$E~srdyl}t_tZ8~k6HXDT{Oi0xFfyj0Vv+Gf(DGJIhhEwJ z`IOR#QywP#PDy0<#fa=bJ#GKN@7MK8kx$VymJnXB(&1F{h|z%6iGxx5C}W+NreA*+ zB%uAH6h987B&U!RkTvU;G?m!H=-!1Z5Tp(#YZX$-1tk|K>>nt@7PT-(K!`V8vv=8= zdM6Kdq;!FijHQtbc7LN;1?T|n_VVxpsB8k2LT#g-@Ll9^pts1BSSLDAb)$|n;?b(b z=A@yr-jL!(BIZWjg;Uo@HHDL&h%9grfK>ZmEKXl<5garF!xO zF;u19TX$RL~5QTG7XSCi;lWvXe3C_#1NpNmb%0;vKy*lXQlvJL*#WyE#*9yo+T1OWRq`cgw*mz?r( ztxH*p%BFk9*o4Y}G`}~F?Zdg&3vIu23kQ4?=KvM320Nrnz@R{mLV>E;55O~s2RFXY zJTT}Xi-V?zZ{iz94^QF`L0pp3%m(TBO`o(n#;+>l2_=6gpsG9#(hGm6WVWO>H$~5< zf00}gtB(8_$Ui%wXdn#Klod%A$T5^H!9EW*;#bHCM(&Tq2bj-^OG@L#s3$@lYm|Ch zn+jOnd>NTYJS2sDKJ8u71t336xge&qEV(~q0Xx3qcs27(FC4kwS#bS#b`~5J@=3@-dRto1POG1F_VQlHLGV!Yc_6B%S~ylJ@}mTJ5N> zRSj`wx_Vo?mc(hpx$71>okH=lh73#H&Tq|fJ}-BbyJd9>oeE2PgHkxocs_>TpF8;C z3}C||wE;c~EAAg8et<#U9#p?8! z>L+@w3>ox!#W8<1Db_Tsi?r9SvX`KMvVau5LwvnV_=T_-tO`r96R9a>f)vd-#`qt@ z;*h2VM39YWsUFZ?ke7!w3tmVi&z>x!0~bl2J~mPZhmA^>fQdg1oaN%rmkTx|y){*0 zh__uXm=J%SOSeuUx18?}&9n%%J;c4Mm zw;tOm+nawgxb265%PYflyt@bXeaFM5%-G{=$3@90_V}OBX!Y4@MAfMLGTMH)0{lud z(J>OcO$kQST7KIs6{mp%R#dAC(dHH90((VzH|0MonP*A^MU1q58TrKQUBAW5AQ==* zT1t6~1>VN`CU}-<|7#x$oRQ^aGW($`vpt^79(ERQK~;6lZQ-eT9RuWr?-v*(rS5#? zLzi!80v!R8myKuwC4bR0aAE*@Ocsfm){T%dfzs=fr@q!Ey~g?r(;p<7Q!aW0LBl84 zJ+QqZL&h|e6o*AmWsVEIBc&NNfuI9 zg0UNzoTeg1(=*Y20LL~KX(^=ZDCvX!L5W4iJ2kKH0$$<9w}JUglvVyW#s^XQySA!8 zEDI^o<#BPA+N^1#K&*=eW85TVz{IH@%#ni5U?Hrcv@z8us$nvW13^m2UtrNCGiHVBRMF2ztCp1r&L)skudD(=nHN?rDF`Bd&u zrjZF(PL}ItuXRVcUq961a{|f~QO}$FUDNixICAKar(|+&0E2O|E~Y4+B`1VaGVjl* z*mOenO-i>%1yW(ymzAeg3TC|~$c8z^7Wu94Y*KfkHj^OfTBZh-%Of+lh4@Frf{h_i z7Ix(i+*VP0xUO|e>}cJOO-;{CO?!r>*ENks@rmD$P1R8&O3QAtS%nN3Ldwjs-IR_z z-z?MSkAFV^Rn?`3v>cQTFHC+&$}JgqOX@6bJk3x&`>KUl(v0*bMy`)A|7ix7i{y>T z1?GV+P1;d%6;XLUD9p%3j!?XiS0j`U@Xc{?OO71Gwn4wN4}I1?6j=MXPxh zyUNbFl1C77OL13O6pbKaEx8q9V5rg`RIoHMk`ctvx(9*=G3Ii>JX6b~SVopgaqM-j za(|;aVF&vH0eNeS{K|c`JFB}dXwRcbkRgPD7gw2%H5J^s6EDl%pe8)(QmOwEp5!hqx(ow2dP%%711U7Px6a!a&|7v904Ry*`qA!jwhS$1((Td65V$p)5q&x9?62AFIKv^o!8VxGk$qo(g+MhvdNUc%%$zk0<)Sfo1J6P-huUvZ|In zRdXl1$=^U_KPsIG@o>h%)-_baMSqn7_)T1#vE@C3Z9}M>HcBmJZdSCXIv_z6E}@EP z&}7EybSbG7`wpfZ!j4Z`%0ZwB)tgKzO$8)? z$ipi<9O1Qk0}aLQ`7kKfdk1|Ow4pk3u`g33RWn+J!67ge>#gizddWvN>4$MWNM+^D zDcBPNr?;kTmr;MjO+gUA(z(jrKlo~zaO{IE|JeW*Px5acNvIy|QhTq51d<1-3hMr7H zP$~JlB?T+HC+&}1YB+qQP9R+F9nU@QwixtiD2*?<-Pyy$bBh zLp|oF6}0^Z<$tHSopI~(!KoGno+`QgwS})`sWBy2sqz<+i47~L@6N3kwUK`Fg!Iej zbB9;~=|{OeKA<&+&vzRJ526Y?B`|1hLTClkDsUAp0+JhGxY9+$i|5d(P`(mUM`=(- zZC9sAD28s$hh`QL<=Fy!aRv0&yH+GyXVPhOunSm{^!e5Y8X_t{83*mzee z#4JnkGk@_{_3D{97Zn^NV4)>90?`f%n}t49dz6ae@f=B?cz%zF^FfmD!R(Z&LH4dn z%|~RGc*K7X=)VQ`f%&Onuq?e7ART8}(x0=o;UPd9rq8|w#3K_#(?eY~P^H)0JFi@q zyPd0Mwfxw*Y?Z^Ge`%Qk@dD1UVIrk!3g6o z4(8JlTcF6?V(rZ;^KTe$79ana1)Sw+J0#LDR3fBd4}Xh;3=&f%WarZO8~;iNnm#4d zS`eGM2yv zWKGA3DUhGG+Im&SHiG8+FAK9j^5%41!09wQg&_K}&=tYhj+_`ZFpU`&VGz zy{zl`?A5q#RIh5~?pdMu`Kq~cQFQB-YlrMkT_fbp*73#}ty;s?`+i=jmb>lW+MO~& zs8?)$t#L)!{|c>(1qvi$O8M7jqt)rQ*J#Se&~4WX&Gu!ZlZ=VckLu^``#0UIx_|2P z)n?1-O~+XvCWWBBB%LL&zk9ux2dcu>vg&TgB8vXrL5i&x?#K22ic>oBZYgc|i-K0y zC8aOVDq8z8yC}g@?F3xIl5oE40;8q_aZHFTSETqwFi(y-q_W^Y+*x)qnq$ddcJOq! zXMOADWhuEF{gbk(KkcR`htGT0aDT~b8Sm-Pbn%RYx&=>%7o?C661Zn&$pE%@8;w`3 zuAg+QgOu`5AGF5g_#$iuP;+A|PDc{#c=?4GZyhhd@bqFDQ8s5$zJQWpxa1Z%Bd20T zi4%%{tOT&w@uxzN8!U_HQ0Ue|5=q-p;~a3CAS=-9Vfku#>Tm*S;{jS3r+**8*fT(+a9tZhWk-F%w2ObK%JDhbMk+R? zu(n+81U$02*&^9|I!nA<*nea#)x#Qh4}+?A^Tn?Aqz(q0&3VRfDZ^SeEOfQO9iKEz z)Xp+!FP<^d1l`3mAfjAGdL5gzOC@RE$#T|nMw%dHJrm@bGS()&tdv(a2AV3ZJYzvt z=xv@u64JCb8t!UU#x5ys5|LkOh|>?%Hk5Tq<4w^qt-UY*aVn;y#eZBO&OGA)tyD2@ zOib2OBdh^_sRrI!JchY?XH;~G!_*u`Se`TCoNWx)nmAcq81tn;CttN2k5&~TWomwnxWny{2)N`HSjnwBh#YtmIk*AkyL zgR4cT73}G=V5hRE0px!#CYA3`V7f@t_pCqHmuFNHN1USZS%19$am;Gsa^6#(_KnDW zBFH=Y;bj5hR-W3Z!3zs5iao?!P@Z+v(}m|}f!4Lb!5F)+xWg~^MF*asJ9*ZKlT|#= z0=r7v^(^3DEPv}ct|Eyz43tAwmP5iTFim8|k(i`&@a-fc_Yuo7TF(XudzghjPP#jIsmfq$6MoA>V!J0D{VR%j0&rljSVw)@d7btPa%ZsgvvdU6mA4^9by<(=+psWyG;(CvkXs) z1WR6qe`AvPoYi|mY}t3R7(~vkNfw_%Th?O3Rb5(L12z(cU}m#60=bDgbGK>BbC%&r z8tnfsY0Gm~?+F^_@3iGFq%CVW?LCog*#zP`lz%1WYP#Em|oignwg}Z~q9ByJP7Bb(AWU2aq z2qY-Xm+(O2Ysv{%m5yATII%c?*~Mv&?6U@D)&g(PEg4NV@QUBCCm!{?dTM$D)PHiQ znC^%8^h2ed9#>b!#3nROKCz3RWBPG1%QN7VCeP^J|HnJi>bxpk2OS=GiP zznh#uIXC2e9y{2i5i(uj6+s->BY)(7oT0W}500s}jdX2aJXJHxN6zKHJ}JA{JM#t) zuPLYU!L%uhLzYz%VudfeklQ!ks1;EdGq3-fy{?%vZGL3!^7#RZ6=y++M>_gG-AVY`;p#{3@?Y$!EnL>d_OCzzYYL4nzVh zuy4;^;}S*U5l|6gkWkl&8mT<(;%4fN7axFx2>Jt96$30;((tvANn!-$e^>P-Ey$%3 z96tZ?hkyXm1@l=u{0*F&8-Jwnb7!bh{RK6>B4y@iEV^!kDvw~u`~K3EC3cI50SRcW zaHC`0Um=OTJ$0>-tN?=55^s?tgVxAJen&+I`eZQ&J3DibEJcDA|60>c~39 zuf!L6NtX*UT8@!&rVnokDs4HT!haqr>#D6M(A107!!s&d*?W-Pb$?KfQGCYli^`#q z>d461Hpt%hU8I*#S-@QXHqQ1Oy+6(!z008n_QBD+_{+j*M2Mg&Kxt1%$)Zbqq@pL1 zTStB|D$DL5$(UGzCrfh+6k@)$8HW=N&YDcJhJl6eN4;t4`$5n2S`WS5zQk%u7fw1^ zAkX2b;~j{4`+`f>YJUZm!ALUC;pmC1563(lHJ>ynvW`-8J6>v9%iC%~pR{4MO3lbx zbjd5S>HR|oxvg-XDN$6x2t5tX=6@NhIpb;b)1}xPQcz``G z)PwrYzH|CB{hgh0f-TQqU{oBi?OriQ*D5-o6~>|06q)X%?rCZx(BP4PMZFr?R*IWwJugCUi=`zPoQ7sOaF`AixakB zT!vSYzTkP5=YKa3U-_eb`7>2HqGYF|6!-=>k>2s`e(-A|G%&)%R>eD^$NiDZ(y#~5 z4Lygi(5?JAX#&^9dOn}hZ|`nCp|Pg|Nk(6J?xSp6aBU+e$3RtmTAQ)cy*&BgK4T1< zpJ=_L*teO9iws`(?u}1`7BEQR}3i5)Nj1l z?ezO#ooz$i7|9gs3J=QTYHe{0RM`k1QJh)D$b#I6fUy&MM~68SY11-dM5g2X;0g*8 z;upb>+(jF7@k|6?bAsO<>6ekvyiUi4t=N2|a(CZIkjEzpC}+lSsFcZSB0_7S7HP=9 zx&$>%4}Y-fbrBT?lRA45!KRzSoXC!kbH}+i@rApt<=Uu1F@Rw|SALT_AK72?c~*`_ z*%JST@_-+IpN}Wm`*HsGaGyUt#$&cMlL^%4^4p58cyW|JI^35}Ffba{asH<@K0Bt* zBAo`{-bBGcLzFu@Il-eO=87~;TDl8)D0-G8gnyOJM9J|dBkRFfv+9?jGlLxkWyc4i z(iDZk0Dc5eF~z$l>=QwCowoC*4EOAunVLcMV2fXnY@f1l#2Z+H-qG=!0pm>zo#tVz zXc8Gzwp$ztI$SmWU9jY2$@(RAoh|zoYPS8T$x`m^z9_XWn{#zGb2Km#6<;m;#QE+X9tR!$DNFhjkM zA@xf-e*KE5qfY~mf}-!O=`9pqAo=^i_kVV|C}0|BHH)O{)!DMyatYM~#tvJK)cXrq z7i5uYxsGzlI#v(WX#tEL>6J39QCR9V7$+IU z?9TClJt1n2#$L-&lJ%La4dnji0CA=5MrK{do?vfaF2I-MKqZR~lWl=qrgHQIGk=6p zhkpG;ze*bv{U(HsB7b5eEqgE)-$kaBRql z$0wUNjx2QQdmmpjyLZlHj(viC2&I94`f&38C=GI-4v#*P<<-y8{(Yj74u8QtvkOE$a!?~CC6Z;Nu7PV~qD&FJwK_fR1x-Ve_xGuM<1y(Ro&zbdC$82HSTu|8f;Hklc?3HPa8lTIeN~_1% zyrwsxdwIODYP9D)*hv_&pdBoE?E9MaRR9J`bi$}gV~KxAe4&0N%%H;=nBdpv;~qYT z-JY89%B;ccKhMz&;|6U-fq!YLj~5?Eg!>@MAo+Q@x=mU=dc=78W<`|U!Nh}E+BkW+ zc$HF1oQ=HxUHo%xJ5o}bu|*-;L37>01M)?1t*(F7{=P4z+>H#_vul)jh5 zdzD>WdwrX6?m^^22M)+=F;!AwvBt9Nmc|8M$Xca(J4*{@Pmi+A;eXf5c`yHAA#{pAj)U$K*UOK2%Cu775sQY)M{7{b*YpmrSoKj!eO0fWy*)VAE;J)Z$-gU7NU`LGwa z-hI~chZra8gI@K`^QKpmp=Y}eTVi?zE^ffdkc0>I1)PEyF8AhxA>tI+VKX;}=lAW% zW*)cI`5l{I)0#Sr8ni8M0(VQkc&L?pH}pnqJEJK_3a;zHwSQbne=QWzrNUWZe#6MS zbt@4iz}u`kk~*G?$Xb;x7Y;En+=Cgq&656u`0e$IEg8WXGJ~#BNyrE)%#FMb04kM8 zY11MB!(=*Ksy6&YI7>;E*50tlKqLU3f_0N&sH8O;55l!(L8||aVNB*duz*=-vN42M zP}_611F;G2jem1H*MiQv7#rW5lx#_xj4r^otaWdJFze8&HBVD~Y*wuL=Mx9CA&H2O z;wiQN3h|GZGqr89qN?CHE&wR2HpaVX)$)yjknJH}9yDP_k??!+ThVY~!jLRT&RC9a`!jy)}3xBi^6mVC?g;JO}A5GuBo4@b>{(tVx=;qCrn;Tr#_kY~Mw0S$b|8w4Z ze?R==?)LVNR7wr)>VlgNiDYCv>s|e%rA>en+?I6P;g9@R$GOH-jev7~Autfz4K z9LT1%W|JUoEDR+8+)Nzez=B+pPm==@7u}fGbq)S39bi_H=1Au4jUdV`RbQ@O^EqMp zmwz0bo?gC}L*0z4P8i)L%xx+tMFrDneS2t43{DMa0vbk>b{Jk0RQtx{!BGCSAk5$j zDPKh_5(ou~Q`d66Q*I%VN4wlDmnxk~quwq5+G&+*FRAMv3dVLGsXFj%E_J81-$*60RbeP9a3 zvsR^k(fzG))#^5WsduZDV!7UC_MofIIkRmQS|9!&dtd*YHnMH|^Gj9!hko2wW#^Q^ z2Is?JD%8P1Voq$#1MEyrohnKO+2#fV7l9q0H~0SSZ|&XPl2D5eI|j99JonC=M1K-e ztJS@G_ugx-RV<%2KbW|gqu$kZv>`KZWV9S_MA$F$BdHGjJni>^MS4HC5hjZ0AI;O+ z3g7&w`sHZB2QOp~DASZNqTUK3rax^qV|FcdP`yIZZw{DeDL+OdeE42{4C};Y+LDjqk4>0&FDcqN%w@g>{R^b z8>6sNIiTBC%%xVIXq*C3QLM$DRu;otOe)lm@62Z%ACxO4W0C~@XMcP{bUa%3rBSJT zHCqt8vGK+5yZC{|Cl213T|_@PcyFL^D{6p!%o)!(Iy)#Ho}8AW?}Ou|Z&l;vt9*TB zP#(b&Equ7Uy9IX(A-EGcg)=Ry?JITy&e^UO90mW4OC$hbIMRZG3roABy9h zRq1$};zU-eQDcLYMfMYbO2pwQuxk%Ecp1DNoSNOgEgB!MztH$PD=8F>qsdc0iV1Xb z@~_&)e7k%b^4t}(Ekq7&dp66%db3$c?oTHBEgc?J8cD#l{h0pDlg3FRPmLTIp%F#G zky>%KvDy(e=n$(m@|f75r&eYbc#CSo(KXP1BcB@ifKqW!Lq5tKGQ$qe*%#ZF+`zCT%yntDo_kiAT~jN(7#_{ZZW@ZKEfQ zc+!m2-`|7LgDsjRSNFRxfFa>5-WhFLg*0Db%KVhAK+djs*0!3F)ox{yY$X3ymc+!_ z%WP8LnirRefz#tzQeV|UmFDt8&|hZpska+gYUzSn{eO?5Pt(;%9@kKt{&hfB|DtN0GoMoX|rZAO+y-U{3d;V-$1 zBYFERzdPG1k?0sYMPMF`!|GOm^BfkBpi^os4n(tSR^kPn%w2ml(+0VylG^n^IU#YI z`iyHcou%zRfJ5|Id2~zumu$j3H+e_N5XDiM2m_CUc;lXiRQ!?)CTsasM)#0_ux?EsBsO~VgC_64N$XW&%w20wO}LSL8S5> zojvblJCZ^=p*bv-gT_HS#wUB`QUwu$W|Wlv1gSA>|BPh74*BEa!&Za}^4Q>M;tVB@ zIpO*It_-tl18jI1Q~HY$1b0{svkgM?uaP!lIibS9YouvJko;zf_f^P=MKcZT6I*`q z(I10NJ00130^rX@py~OJ2pM_G#Y^~puNWiNgG_!AP2n&rjGC6mhzLGjAVv9S z2IxxWTl32Ud`1c1`*KFYTcP>6)24tbOoBm#vONN;H5#IU`8vtu_^aUEje^yd%k1wm z+r>NlDu4@ZC=PbM!H=1f7Q^zbKxJ|~lt+i#bdReg#jb2!ISo85UMbe7^0jO*IUUuO zf|cnbzo~6&$^LBCATYI9?T84oO@~NdWb=_+xzcTVwhqTzIq}U&y!al+TTwcLW2A@} zdgk8aQF*#KGMxMinc$LX7w(VQlP%VyS`(AbW}p@>kSul;l-E&{LG6h!jx$k{+(Yi_ zx6_X}&CdJ0<@HEoiTm{h$E_8C|09!PdjKpKU{+?tS&ktSB z6}E3NVZ1Z@Sd3{YFF#y`td^m!k!zw921J2HG3F}WV+yifbbD;SLT?WQRabnLy_}!$ z(7%e^ap$7vNq43uoJ9t+f@p4fCohysApzv&Fx#jT!-Qm3k^^6jD*K3B7*`^j%0Am* zq;DHdKSoMzG??YMylD9zR#Mrt&}B2*jQax&pwc7ZE_10Di+zZjnM$9HOD|iD@dHti zDV*Z_N5%_$+v*blL0WfB?_W)qzkIE*K2@O$#-{5o-7rSbC#`s!qL;g7$mhXEVF2jc z%2GxZoQ^+F9@9`-evED*JvQWfKepcl(Z_DA3T2yvxzS%6Z86af7PjF!^|plq?#v0; zu;XW#U+Pb3>U6JV%u0mYhKh{MyvSD}k^*pC6)Xihe`W?gV16)Vs{%~0xn_uS@gtcghRCZ-j#CV1=Dp@B{uBv{S{{-sz*AQ|^CHr8Kl29`Bt(e%xfMP=bc@?kH=7+N$dsuloP&;&f$h~dFm>(d9Rt4R0HD8Vd_^| zDqtr{`QoPz$e&nVll%%Xx)9gF628<@5S&=IN(2CcGwpdH#Le7Hl$^Y2*49Zo4unW{ zkTtz5SV7LRF}lC(dc)8hqYs^i^F)#jA)}&l^XJf7Gu6Ljby6f!zmoK6nRo-dicN(F z8)(72ZeN!i@t88Y`r@arngQK|n^JGb?Z(ELKXbwUSrKmy_SP2@CnlNR1*p2nc_?s6 z7p8yMAjbJ(XApG0;~eayP@v<$DHsEsIJGHC0Y~lbK*J-@jy@ zgyvH@6a|F*$nP=3JYHeGK(jvR&T>#3BuQ6{w=<8k%OgYP8ve7G!30uMR%IJod^Ofs zW^E6!8=!PDF}=zrRy%sW%I2sf1xE;5K*3h77;a)##D8hY@rYYcU&2QT!kGWwtrMFl zEd#Se1Lyi(+-|YjiD6sV789drq9$e zk4po&FzjO8C!^HN>VN7GMLj{-l=};Qdu%3=AG=c_0KGUd1?Vp4JxZldFwdtOfQc0z z2-cftybGLReMH1Mw#zH<1fu@V!yXZ0l_goaP0{~;B{8b60|p@Izsu*@G6lWBSQ~A z+Na{wK`(jTo{C-hR%o8+BKmJ+K{c_po*edPwyCZXv0G2!KDm^RTyE?_4tLt~UjLI1 z=>}%Z_fc6g>}8;>T>{Z}hmWx8M$#YK?3GE_ja0O6L%vta2G(d?LCp`&5mhahFV~T` zXVfxfdf1BfAVv|m%UN9dp zRPv%=w8o_@2$)}|l>RwT+p*v{+hieIg=|88=MJ4$E?1qh2zuQLBc|D;DV)31zrJCo zct~(oc+}vf$!?*(yEpfzgfB#(?hLZI2j7wyx~4*`r;K!k&m%ADc?wU?_oG@G#S|Z~ zvWN67(-{R2&(V>GD`jiCMp`p}S)dgO&_n07@vMdV@uCQ#KmIaZA&J!@?(obMC$;)Q zI@f~`Md<57=&9j_sVk8+kLEyDhEX1=AMDPCMB!C^r4U3yFlZ0f09t|BbM=imRCM9M z_3B!{7If2gxCCRzF5%mQ|2OF%<0GrU^pUIHT{-|{DJeWs88dRLK8Aras)d!T;8dgs zZ34BV#;*{db+izg>9U}gIHi%F0?oq#Y9`vQX=7m8-VEQxUclnQKH&OQE^6>!4j~2- zSBcm3pnp5|wXzhG&e}0QUu{Hfm_q7c=T93O38I(6Xr!Z&8)o?<4j=SkIZ@SMGk@t~ z8z2E_P1&rG!*qRrOcav${>xe#`6Gvi08t2J(ALfGx^n%PNmVCDtz-P@`wQC_%1wdU z*4+CvDfcLgi6p%|nN)okK5!J}+!uw`hpS*V z==_vQbs8cfpxRE;+upfd_OLjz#M8w?^Z6MtmOyN$=l@w&-?Ye;zfh|K}%p;I^e73Qx#uR|Qpmg1j=KdDJ)hHG@!+Uao;k6-MK15>bFVpG$w z!uMCCE%~E#k}zosVh^qvZ&&cq7be>0BS3XrdN;v8b0wvr3QhLda%|yrWOWHK0Hj-h zl>}zn-HW)Xw;3R(0q(i)ng~Bs)$3Ov+#-oiLKdHFLN~|hsK+K1`LP=25|0EY5x;-^ z`K~y=6F&6Hy+Tf(u&?vfMYlXIMicCz3?90<$S&mD|2C&4xJyQFhZ)8{{}{dV5a?+z z7Km6eCAXbqqC^*(>-D9Si44`VnM@l<7x{&+X{JTPfK_-wy11CD;?-;xUpF()^X=M*U4mqP{$Hzrhwwck63kH1! zrdI|tr`E+Vs2MJBzqj@;zpn0SA^yfhTT$keHIYg#PFA9A{u7#DTGPQ zDSk9E5ZMsJ2=ohsQxzi=6ah;H^WXnK#Nc_7#~2GYg7EU^PpKyz!AJcobZ^Ayl)QyD ziHp{gL(cAmXgS&r&A^OZ;J5{#Q?1Za#tr#1N!?13Q3yIfqvAy%9gu)aTY?3Ee+tSg zg0Mvjf=23OH$YHsM`^z>EmnbL_JE@_npWHv{8($5GLj|cV$tc!bMa7iN9IXuj(Y8_ z2729-hu~~v71*43(FUu6Dc&#Q-|w@CFK?{I`WXw@K#jg+-~q!i2xxHZCf;PB?dT&H9 zH&l1}qB^ggRzc=Koey|J%wYeFXG<<=@n??^rrJP51Mi}g>id!wRR;?-EkM^ugO{Yz zi&(<;=9OAKQ5!LzGxx+wL|b@al&yUe>=LPyJ9C5AA|pMAu{*u%`G3^=mtxW_AAcXF#*?X==V_zc9&J#)pHPI3=r5%yfjd8ouwzyb~3@D=q zRVhq8qh{>{kf64)ej!dBFIjM>GroZ=>3sud)%phOJ_fi!EKUZe)QY$rq>OqU*l)f` z;UIdffIq%3{T|RxG!ggKH{rM&PV7-i7u2=&=t4>!OzPvNOoxiDL!@S?JZ{%;q}pYWoh-fwKl2L<9N-?C5aD+a+9zQ7IN#hlA%^(6+ zDi>BcCF`>28Og&Gx6*LQZaUV`AscCeDKi#qtb3`|4m;(Tvpb+BAeO#w#j!Fup(Y>0 zs}#x&b&Pa`&qhaS;*r+C{h1@O{qE4ZGwrh_0|PiG^$q*6YgIju$T@QGS2Fso-`AwB zbhj#0^Jx>4N+>3fceXwlNQ?*8y}m_6_hMwa&rzrd$V}c_(`@xQ1&vTV^9`?7h(f=a zw<-U?&4>;5#lp`&?S7Muw`+Gr43i5uVZ?0&0|HI?T!_9X#+wVO)_`}Mp;eD9N`fPe zVgmUuZ-UaM0|Zrj+d+=Hjt5eLrKAPvP+qh#GId_AVNj&t_Be%d~b~hzYwU zbjIyCh+a6A&S9J_dN7vx5%YI?nLSTr6%&5}|85rF>y2pp2$VVkb|n*Pqw(Z{sIhD} z#&RNf{Tab2A&vX>_mvR%1QAp;MwjPaaA5YlhF)Fl2(BYXx_^Xd&xw4#EQiEJA#QPI zb&}v0i-Z!d{Q^bdbj2*KFnAE%aP-4+;>I_8-yuBbIk&%W)qY6gq9u(5(qs@wwmM3M zidgxhl}rJTlw_uF+3Ef(xjGWj<^?tkN*d_x=MGY`aB?XhJE%ew=o}+FVZ&^~G(bP@ zD9Dh1g!%i2)Mf0LBFD1zG@ODUt|3mAGFTQ02xB1HZBKKnqyWJfJ&&8=K6}#&gkN^z% zOXA7uQ1^K^Dw|GdAn>RCu&TWs|B@*lH( zv3_ipAr@xTM@UDwDOrAw6_!<`m6^N5>kx9q)3H$!Crl*x6|8zIsu~e;IUudc;sY9j z9-&rn4C>s-)77+ne7nWP`xnXE?Y@TCW+jm4kGY;Pv5X z1t}p|?w$7%p2S|kp#=|b0juemPSq7h>q=0~x)gGhR2GR$hBfC*%- zI@iEZ$a#v^Ov*z##Z0(U4p@6v++O)>(1!VghmPN3u%6LMg{d#Gks^ z%J{O16SE4Pr;fkH>7R6Q(z`dGoCrVZRSmSm{9V%zz(myT5r4(QdSUFKg@>gf`}3tq zF3rUxP6qa6`d8Qg1^jHL1f# zJg^a99U#|JhyI#cX5@LB#JmG&a=w`-9Cb~sw?atu{i4>f2QGJPK_QE*?RqokJ-Ht( z9XEQ3{1vd{SvYE)tT1cD4=;E0`82_`O)3I@2*@~iWe6>+#D=FLm5tjXhAA2o?$~6) z^OS~-&sa%M;Asi)>iA(&%ekOM)SsAjh5C1M;2ME(JpMRwuI{L_Z}uP|1C{fS7EwgZPHBg7_XS6aa+{>(w1Fx+h!*)7f@#% zKX%4^MDr&8YS_y1$jav`5VyLT_VVp{S%ai(pk5gwmPa z%A>>gV)c^Jgm96)$@sF-1;x}fQQ;DT)nCHOvVH-Z{RQN0Ok)E&;*GxSOm0m$ek=a(x;l2&C@5Vw) zTX~)ffHU|ZxtMp{_eTNhSy$QkfjZE&S6pjRi!eyG7`s^z#b=jpA2#+1oUZ$x1`%7M$01qh0&oYSzfFXen5W=p;W&7 z3iC|_y^xGZ_jHZjTq@2aU_Tn_;u_{8T<4#Qo}((KZrkC| z0FX)zyRlxda-Q9&WkGvJU(&ptTY-2r7Y2uo4qs$Df~$t z6yD%X*N8vu%`ndjzQsAL+c9r074Gl~fwN%$*FV7q{UeG@ z(WfQ8@~ybrZr!ebp;&eKUDL@hV4adNhMA+cTq`zoRmEB8zsu{UmSCINQEKkGssN>7 zb7=NttbVm(B^C9VeA@axAl*!<_0vg7#FhbK#tI|Nkwj?aK!Mva$$*ikc+g3aGwTH! zT2F!f97NFeAngQ{hv1ES+v6P@ I{C@aj1DP_59L?EONK0MMDzuDX!Rl zF0%c^NfS8GFxC*}VxqYa>z0XR)pgXer_9rH7Y-}AepxC(^pwq=`FYR6Cplc35(`cw zMIHq$Db7cHBF!Thfp$9D+q^MJZWdlole^&n`SAT4+Gl#z)3kwDv@jDB0&sQ`BDJ^q z*vmUZ1>-{3*~sg_w<7K@>iSn6^}V@>*W^f`9%BCYNc+=)j5mdRPGzbgl_CWx_kK7X zsjAC#ZF1j8r@x2(MW^or%3!51(|8E@oG;P@d@egJeP~fKiMb!R^#D5l#L0CsU%Hc5 zv)$ca5$*F*2#iquvPU7>J%9u9rf37_k|i#>((|q`m;y<`t}Fgf&y!C*4yWA@+vy(OR7`oL# z&UWn&YZMd&*VK1DZPlVjRu#+$sCH0V865$B)(_wKoz}@_gvhMXsdk#AIcnj!GjeJC_9441u}<$)0V@cayu4Yb!?!afP9+(R+4{LpS%>VJ zb9ntxu8KXzL0Yfrrn(S(n5Vx5i>R~iNonDDa4s!P z+4Pp0QWj|{CBXlVL-foP=t9$@H6i!4@&rVt7LE%#H(7Xm5~GnnIGu3Ng5+6`(L4B^ ztZQezz>1k?*2tw~;cX>VeqeFSR?5p||MrB_6K6q8Kqk)N4<(Yq!mX>5vCyY}4Sj_V zJ}>a$1sSqYO8#o>jO#rf0DNx(IS3RMzW8X=D?I_R3b#^bQ`9G0L;HiT((g~Zch`V~Miig^q! z%G)Mfg1kST0HO)|HcQ4q87=J=#U%WD*qk8JtRMAlU2G4S zje-`*Dz0g`#Oy79cD0@`gI~UdZ{<%HCy4^MzI5)Jr{Ktez>^2RZWnQ@-^P@Om%|(T zI+3mzbE-Y=!{lMu#@&F!_ipIsE2<0UT}5iXOwp;^bgOR{h|^_qx*kSO<<`78`l>3jej#u#h~m3BgehnwbIK zqrjS%zHGU`axkU;FqoAvK%>2-hpwF+YPX?wW}5EhQSCeGaDAhb5;enuU-!n}I?bao z2wkETCs?XwE>yC%_x(p>UcC%uoB9;(+xa(w{a70#{OfJTza{}md5*7;#=B%vqO)jd z!yt0K%3pB-Gi1*@(n2Xg#=?5vNZ59OKBuD?4mH%YT9e3qRut?il+(1kfSoH_;t!*@ zeFVc+9gBw0f;=FiaN~-UoEBZ@~Q}yj$i~WuE#m`@^KHfZIhso?v~lMaI{?`IVu!SvAPXgDQ5O$1U@wkXV-L~vfGWJvDBTKG)_&afV2-qa+O`;+ch{Vs#1A!Js2N_m7sUT z(2p{W1*zrs5!F*`077PL(|_9eb`h~rO!yg*PT-`K(zmR~y`9UjqVR+%;2mS!6CoPs z;*`X2$FQ?c&s-Rf0&>^ASU8F2BW_#IE+TghL8T;43!2>Hj5-^5{ei{6=VWL!Ao+k@ zO#c17__nReT%spQ0iUa$x#FQnU2-l{{sp36)y7^_Pc#laz-9PMjp|7j_8Y^1WTL-I z`_3oV#(X~aUW5;2@^r?Mx-fV3;eC=iqs8}Gco$WZwcS+fwj;Ji5k_~W42>kab zG*?nM@vuK@(dvZ&85{>RVEGfChcZCXuQYqV^;R|{nj-V>G?jI%yJY}fdPI~-EUByU z8%j0W+V$(~r6B9KXV_5g{txK!#$C|&%=IzS^2FuU3F5PVSr1QB%(>nGvZCNt6j$X7 zruxk_bxc$Axg^}TqZfhO zg;(qxw10cR194m4cHHKz)AVWiexaGh!sN(lf_ut?M&|gk;L9saO`_a%O)#qVdGJ&w z_nDE9_vo$e9}v?Y50`00^q}Aiki8)HKV5h9m{CB=~3yU9@-+m{Q~_ zwOC;M0@M?dIR}UgYr5fEk1|cd-;+=>AJ*8g??c)iQ|r+FGJ}#CwYV?UsCL%1y;9tE z{y5(Nx^^2PzgNTgHC|f}_CGp?;prCjsc_7pxci#d*)SfH-79yD`5G&txPiekftb6w z$houHreRy10YCQ3Qn$OsHJO{nH3VDa7kJ$xaOXJQ05OU;@J}|&leP!JZ^EJ~R*JU` z$0Xdp-0tHIn%u{u-HzCIzCD_48X#Q+;@f5b?=~y45LJ*r&hp)hwQaZ9S0?+RAkY_Pr}Q;*+f^NvA7*pAJ)3cT6T-Hh+~X-2`j2e5{fhy_&Og20eOl z=;7t^VH4f#>iKpS)N!lak$1yZki$*O3in>rab|5&Pc*J@aEoz{_)z=qUf$i(L_5ki z%B?I?Fq){k+;JFVc`#YWwQr$8g1z?>u+MRYI)_TTy)w8NUMRpTz!-ro?Z<3ZaJBVw z10x9?;pH*f=BsiRQz5q7<@&Xp0t!XMW*ZoLUpeDU_$#d@sc0vT4mmI4TB~YkLu}tD z&gdY_sE%hZ>o}5$UBRYQ9H?|C`B871e;)2;xw6f6N<(st2(wXr*(mX7Ea>O}_^~7V zTA#y7;EN=cH5+JM7*KGZ{;JLt505C zmY8Wr{Ahwy`zncO;`JLdvy3>7xRjTtJTBSh>{A%-2%W^0qy7X| z+l=1Iww;7L^SD^>?z)$NseA^UB|MkrgxoDDak(as`xB$%UyE81=k8;UDZo`lim;MIT1Zx_} z)a37!wAYjiSV{jH7*4{%(a8+bQ*<%~9^%E6*~k|jqHT^aw3sahd4R6i-%Z0A(qS+u zoYD|rdawpNY+M%#60o_Y0n&>q&g|!Ky>2M>6GOUDlJxqa1ieo3Oe1kFk>81i=qy`-G5KkcfOt`5Gp~c< z=t(x|qPu-7V|$Bnq~dSPh<*uMd{PT2G8Yl=rkDu&f~%ng*7CCn)AG?CI(`)FBGXsQ7i~$EqS8LRsd-3UCE|{R z8e#)Q>&{zt(g$CeB9j8<>0J`!^#xVD1Mkb}P-bOEQw6aC8={>Yg%9rNrEZzrCouFn z>|1qwuM}Q|ydVeQtFUMcLlqWl0|(k9X*nH2CIsJWWNBLfrx|l~YD;fgsoQ)VqWT|f zGs3p@1vxbhvK;EQ0#-yIT-Y_9_^rRq2b1$V8CoY9x2pCsjAYD(`Ot6Hv`878Gv5l3 zSoDz;Z5ne@>KLRtI#rwGR)lCsz!GYn4YUZ{O#I!V+@n+Zk9B;4V?(jTx9r6eht|FS z(pa#LK*Y5HFLa94J&d9s!-i^&&GJa?R|GVcmes^|E7B-d8O=951)zfvT(WT~@HjBk z-y?6CiPz+Himy^aA(7d9wM)J}H{YLMqNbX^*x zZT)+0i_zj*3Pz2YhwNOQCpq~Xo~-A;T555Xw!yf8IjEd33XWS}OTI`Z+Nw4ueQ7(1 zNFUfwDAJ`rjulp7CN|)xwQZPgHYZ+wmFh^@g?9lbUGy&$C;ILC$6-dPRi|u`a;y`y zfI^uE@mWE)#qDUwx;-D&`?vj1EF?p`ov6?Wx2%SZo1OOW5)G7a+%#RZfoJ^b_|a@r zgX!Z4Al)nQt2X3l?tGb52+v>cZ5ZW<@$1?!PQIUxG>7n(_ zP-PcdxeNbR+5Ds#Efj8eRQc)tVg-fi1eaUu0l6R(HAlGc*IYJzJG zO%lzn5N32bo^;3oW(?c~8e;vvwyRUky;enDEF$9RGG)PnRBbaEm|Zzm8qSXpDNtoT zFfAy?9QrM&Ma?0nzuTd_g2;|L7#FF1KSyFLd%tz zkSefDrCAn4NeK;N1b8yz-fGpAcd{le;0~_p=k*ozyiNyNcjRHiA6iJuso>#BTXN^f z?4kjFJ#U5%dTSC?(^@sl|R-Or5456`q&G){4x)yCq* zRvQLPT{qi9k=))&~y+kSxlgFiW84!}ZMQW_Okb)Yjk`a_Ti# z#rnPe?K`E#cf0y|f8`{`Qd_4DBa9mCTO~HD*jc4iC&cMWlnm63Pu<&10_v&4OHV8A zMcE=jUFRFYRMtk;<^f{C{S{v#Eu&mXMd7PrFXZ5*0nrAa$1L`Zv6Ob@lt!Bn%P7mO^iMgtOG}Uc@SfXu+)x4zkYg`#b_fUue zs)g67x#(v*Z3|m zwBZl+G*i=|Fn{BO36T(o@Z|}3n~SqrKeBNAbC^N*=p1A9PW?-;1Mm#~6QIIzTxmZ&YW5FT6F9;2pI_HHBk>zwcS$ZFn}sbR{9mWfFs17r2>EYCC?-xF zQ6Zyv?YF1|MoO>+HG%SBnW6@Xm*X5?9}})^%T-qY6+<*yjMB>Uni(0$r~*}=#F4am z`r(Y(V5*GbcaKkTvAz3a*8*GZ*UVsgWn9fcZwgY1IcUKgor)&&0kymK*l|+&{u{!d ziQG9q;RNNw_bDE^VB{&MM+J;y!pcEnPLAYHX@W7Br>dmyZ9pE`-dexRG&>xDx};y) zwfat4Jz`Xhr#Ca#maI6(u-T#nDQ*_Q0{6%B3BGI3j-QNdpht3NE6Yoxo>1*vqe9dvlRi`1YA2$zi%WTW!rhScz zZpUt#Y6dYt!Ewuk#CSo2fvLvntKlaRcYE%WZMr?wT*bKQ|_x;C2xJkRq(im}vouxlMos2Im1wYH*V11o! z66P|E$e0=jQ`0KwU)vDekNQtneFjChgAVChkp4X?&2>%;ebd#EKmLF?ufdHq3#b}^ ze`Sj~c$`HMI3xVwc{B)ASP=Z^(w-cii(C29qfbo1E^vLi+ z!zTM}GVA#6tS^cG=TqhdoVobXlPu;5NWs$88{ySo#ye>Ik)$=F@+j}nYOELHE>;KY z)&t1e16Ow2FMAryIEf3oDpee{(;5n)m=yHTTH7?qI5t$SF#}?9xg1%$HZ8DIqvC>b z%@IPWO<3wn@9u$kS4N3&uSCBd4Oz<1_2dM}tn>fP*5n8-JiwA=C zQzx)cTo@?w*d=Pn`&G}T6MtjY(wf=NHJaKsKH9}A^R?1xv-ziUG?kCy=I`J3E_;DO zt8Md!I1tKwMqt*I0lb~l4Gx#*7e`gFl8NFe6m=Cf(sH)x^Abe!E2rI=4wMLjO7@28 zy#qGN$bawbs;ON;`2_FTzQ4fOoX}AZF9RWsJ0Q=b(2G8j{JoUl!NI^jK0bwkKR(iv z^#9`@0ad;p-o7;=!=a*oe3Iz8KNUuhst#`|j;+>9T7SJ$F6Kp(<9Rt=LU_6@&m87W zOH;mGZacZYxV3aTHpRGd0@veSH|MW6L%8T8x+QJz`!8Jw-)|3{du!!ezN&UCzt$~h zV2>(M-cAT!Ma9i)C>D?u(Vd%|g$*E+XNWlB{^?cV4LZ`RXQ7gkQ@=P}`Cg!|KS3+i z%=>#V(iE>lZHJxHz%I*-LB#poi@rH}K`B6j(cM+)ct&4L;qp_?gf?#M8Sr3Q+s8?cOMx8CkCfchXk5NFt zB3~qj%kfrszK)L*Wr*fik#**j1V?+a!s(@znN6bZb zHI>|(mlnBRXt>s{3$YpsR8~`JfF@<@IYfwFXY?&%6N~@{?$@?|WstY8z6Pr=n=`jm zdZXFO2BA&TGBvB#j94qRW{D^$X1lpdyU-b(Dnk1rbj2Q$tO%y(CEk)ORHD?x%F?WU z;xbHl^(2x|Z!pT^=UP9&WArqGBUi5@ZNXU!jEM>dF$q5KWomM*7#q-2m_EqfVVdH5 zLE$Ly1&K8JU=Uznu~2baSa<;Ie`Kc9<7BN@Sr7v+A)ZMf*A2%ehmyF-k71mO{qhV%PW2*-%$y{6lz2I(!#h|_cC*A=WkLtkB~vHW%A#H^5H!k(_VgVX$wq^v|z)1P;4#4BK2I>6Y2O4f?BzzTV+>^L^B$ zNsWBwxyOO)onCxRKT}yO6Lz?#zM=Ts69eDVJo+k`1$fPL{4GEI#myEPk(bm`tMesf z2y?cei=Yr56%and>`VWM-Kv@svCRWZ^b4;Jep~)%*tZxL8@RUF-iIa@%;7yCzjz?C zmvKkM21Su?n*Z!)zp{`TAks6ds=c?Al$Jt5(xnHuH5O!^o|vaq|-&efyG77SrE z4PmhF-qF&#DSW=g6${}8i0w+&BT5kPre5x}dya8Gr5nYer9n3SfR9`9in6oYy$@|Tn^sjR^lgyh8(V5)IZdmr+@c}wr1d{t z?I0E6Rh-fQ9eN3DTtcSF`M=P2I|^~}l+o`Iw;(XEq&#X+IJ`mPk%r-CICR4LuVb?P z&oNgcS4lr3BK;i^>I3Uz^l;-&d8t+2#d_(?f3i{Fb3+@H=2Q6^Nh5Bs)f&@R*elRkWx^xAP?MwIK`a`e8!&)U7DbZiZrRv~ z(Mv{(*w~w4ZzvVKpP?`=?gn5&yqYyAj`x%;qw?bSq;BQA#VWLthK_)fz!kIv<*cgN zT@^pch4c`SiQkUn2-A=?B7>2qCTW&)^h zG8{EC9Aq{m1d1L1LGV6NN!>OgsBkoUXK1szC5SVYYyGHt2PV1|Mg_rn6=y%7pf!4+ z&ZJIX>Hb+JQd-Ok{5Kf>_ZFXY`rnAC3-tsJ>Wm%>6+Ho|>Ov^auamTu2)9~pb{gs- z5oe|Tqo3I`-0MrhlMj6_IK5D{w`LkRf97q;2*8y3sB^tMUR9Rcoa!}=sqcDzxjR3- zy9XB5U=9YnjE1IkI~}V80;470CFknpH$T*LHl03`sd%ZF#LVM>n&o35S5&ySS>@MV z@`hNkXIt7?r`}8xh794~xTU=c=K)Hwdk(a^>bLQUd-r9ElfV&XGd0C*U^yhQ{O?+yK*08uomd9xR$4{~rB|DRVL5 z_kk}e<#N0Y8nqL3R9rufBj>8y-pKs_-9 z-ok)DdadwkA!-#8m(kT(N))d%L@)GVQ3h&fi47fxd*jm9)*BoNnwFn{Dj#%6h!qTB z9#l9Q8b-)`*DTp>it#nLI2}b2j+QItL_Rdspp$Js{ZoO|;obc9KkH*t&oZb66FNWT zo9QlblFP-X3ad^PWsBu!jNB7IJmB9@lrrH5RUxUr%#*j2i1#5+dvfE-wB{dv5CbxXkkMxYNx7o}T+Y{mL`L>*nCDY)Y5^?KO#{ z^Yw0Z5qO`wV!qVvdVW3~Vg{ZbcRxYkUzK3u|0Ksd{;*D`Dt^f>H-TR?eBvZ?dQ&G4bDA4 z!?*P$G{SY5U#q3*^y_LQVdh#kj4+GRHkOix_RAoiM!`tNXhVd(VIM+3eUnZC`9Ce5 zXbKp+J;6xA;TQ-WJ5mX_JsKZEs^~mOyLiD!^kGF1kM#e2DDOk~|GBIol4$;chyjE> z7o6cMrs!QA(xEoNNM|3yOAyZnlwJG(0RHG*Ptu_m!N`YC0D@-&#;zS@&xK_8>VH6x zU?hqUAqj|wAJWbPcJC2&_=+rgSA=xvf55RUsiYf*Wb6iHZa%jU!)I6Kvm3V|YV-J| zw~rf*v=a!Sl#UUljinJoFObZ|lro~ZWcl`g+wtTfA%Kp!^zHgY@UZLIsV#8VFNAhU*MX;~R z{_nKDADG)fD99UA42%{YTnQ5*p9WS^5x|VjWg!)_6$}OWV2Xig;h~f;5%OtpB^5cM zb8Se)u08=@Ofg7WcsM0YjC>jzNkx_D-0DvYp-_+?rWiCWJdzS7K|ak_Nkxa~+<%`I zpMXE+=WK*WQ^KUkr;(IYjQ<>iOw3j|6cm6d22Tr*rG)vJJo!^nu|68ewILI``a}XT z#Sm%X@su#x=lz{!$19N#HltJ?`V&&IC8PwS4+E~^~tQ&Bt6V41;3(Nf$zk@~;aTQEl z*u&za-s_xS=&Ln9M!4P-4^OBQE;>K z-FT-c2M6mt$$MUGW9nx8P3F*s22us*U*3zCvvIW1rA`l>utT}4msKLSJ}O_ z&lNuAA=5;|bdGrvO2~|mk}cUQ zWoMMV_fGbF>lj4}kvL?_IQE{0>=B~O5;8(YRz^d7ub1QVe)snN_jmjG35D9WEzbF= z`I80xniP=l6N%gR39qwNe&6uP?N0J<(>`C`X^9}%jw%19qsR~Y;Ca*@m8ta$O?0qi z%DbiJm35+w2ITK`D-V1)=Rz613O;Fe#ddBpt$#uI#e(*#efyY9t=?sJlRHi* zpu;`MvdamdAhcWp=YwL&x@kQ|2~z^J$~kT_aVZxLpKzh(y(0yWL6MG=^(1((*|IiI zk}WZKG{YOaFX(O0M;Aw2`zuXU``go|QG#p=UDXm2PW;hfGVP1f!)fZ;yZ7+Y12F~4 zqYPBdWPA^_GJ@wSS#(29X@n#EAKaHfe)KDBLL#~EpVy4*j#Oq@tw@&}6Xe$0vz3h? zaxtWRH&$aF_QL3b$tWr}(a(!=|4iuGi;e4U-$`8~^I8KN+ori>cyn{Pd(PboHcVY5 zo1pNkZSOhPoAQmeHvh7R<(g-hTgmOHH}0&~o?)#9%$=MU$XzVEvbjm`S;fg%S%tfV z$?Eyq2%KV6xQVwT7rWESagV(D+LuM;)a%=XfjrZEUryhsmU%$ghQiA9wo~M=JZia? zGN)Zka|2rts`Hj91%H8@Ql7<`IHkEf|8ZfnfVZ_SOYanoOcuYejim0Xq;9U1cbD_} zU!SMm^)=tg4JNcF?1z&vS}=+SN@Pg0L|qd83v)s?twI_z)s)v_QNkN&*vxEWG-SGg zcz1@Z!-1Sq=E@wAqcDnhx+%yf$`fy=XSRo>WU|Q{@i9ULy}<8L31>g^uwDj!K1p_j zlEl3Bk`a-(qVuY8wJACM21!Pd>1UE)%NKU^YD=Vy{ERYRSsr~3=8Ps>l8;K`ZN2X) z&+F!*ll(^fBa?F8vXe^gYWW*WiQE$8X0O={C;e(iubHTx@OT6&q4g}*xrXj!s3=E? zRboC#e^r}KM zb}Nq}!+Q;izru$ClPQ`yF~8SnshVH9o64)5e1a|YrkS%Wq;K@)#}`<7zWt$3RJ+mg zOZj)UcfFgAsIMpUP0rl9+3&ek0fj2sdcW%S{Dn{~UyqqhTfWKdXCDLmm(VI~pqYWK z)|o=HR*ik&@V5MGT2vvfR9o0kad)D zS)ie|fRP*H-m}N0hWGku_qu$uRTiwS@x=Hf^z>*NTW@k3rF!M`&VJ=|I6W~D?-ijk zV@1ky$2*}Jd)0q~A8BCule^q2p}uE)A~_8#()Sis^TU0k%>OECSb6u_<-KRN9fkf+ zfuvN~jbobuYo^!czIOe>PBcn1%0tBqPS(ik!K9q98h-x1A{))>gh-n*f5)?JmChntxPzU-94%W zmt!=Nu4HkG7hSB^eNjM#9aS)WcP7Cyp?%wvr8{oYWF+43K)@4IL5Cku*TMAU!|L{3 z1r{B7?MH20Y?_#o$@_ za8HlDIc@WLl57rcNhweDVLZah=s38Pfh-akLfFB=`-W#aSU z+}l1cwawc#x5;YJOA6&w`yXFyH|OBy)$V}GMMOiSFzU#wJQ4uP5VwwNSvAQYg6jNK`7~sv8=kyD-Kh+?TZfmN zQsxH(a6 z=#-H$M=tWqVKJo?H8(KGrmvcBqNbVT-?Puo(f2AjUj?-DPx){J*`lzH88a(kFMlV; zhegK?B6BDxxpErnc{Sd-66O4Ecj#A;{%SIlh{60C+2+;I*ex89g07oWxkLrO@yo&< z*Rfaac)ewpTY44idJ#m=P^YFjB*9#TQfU)7WBKbNDvE;A<5ONNbX6UO2(2i3Evckr zZoVgWCc+7r_|A%*z%XRpCw&qBjG)!(9q!Q^_!IZq#tOF;edNr)jvy~mP`Wox8w8C; z=wkWkCiU~bTot!bE0}mxX&^?mZgJY7nkkHR#HlN{*dR)iP{ciopTa>13>*vETS-90 zI<<{O_$v#r|LKXP7fT^|^a-WPYbG&5o1m+gQ(f%46Ncu*!tP3)E$8 zet1FMwKo3S{txkYO9XRp#=%Yf1n`wcpi=NghB96^QID{%Z48LR3nzgM&K2Zu{%D53 z$KxjakJMv6^1%7GADlDFKb-yJ_OPWL5gU!5MD=w3>C@m*ePGUb7Fz!?9wZEA;|$H;AgbpO{!C)#NR~&joF)) z@jR1J0YwyD9`G8~sS)D$qJjGC(#v?($pHlvk38Tds#C+nHKKvq>`hB}+Q|WV6bc@2 zjOx@7alB~YZFcD;Jh|im3YJgZ*G*F3M zdJ*qpazG}eM@8VbMT2_NFg*RLKFT3nDE8}ou&>+O z(&zEOoOf;v?W<7_t|v*zR5l{T`CL(>XLNq0diu&;a5!k~3w!LT=KQsoPA$BGe#YS- zZL>|GhqcQc{PL=2*22^3kO zEAG6 zqT)9FtR5C|;7A1FS12e` z5ik_w{S6vAb_qN)Kx`m1+{BOE4w+rRco_CcVh-f+P5UG-ogfsPN+Y7z3=HPyh00e+ zatk~Jpn_dcvH&H{IEwplxbpl_`J<1DI&j#F%B%cKpESP}TAvDfsz)GUnq0q;qtEkD zMmZE)@wnyuNq=YvAFu3%3jOq!tq3PgIhbz%Jk)R=pxQ3^kaC4qT0kqHPkOlI(Q&ee z2|btt3&|)i17)Ha4_1W(MadZo_5|{1PaNi(V<+ChdYFgnP60FIzhxCn*T40@D&c${ z<>9)63x?HB1Q+GX;WB}L^oDX!+MG|SB?v8Q&UJ8Jp-slR?lix4aNeR#Y9I(LK3pc$ zOJlHlJss)YU10H{>}wqkgRps9akNqV|D8i-|6z?&^4vzx{5c>T$1k}^afKc_1h>v% z5=X`HC#s;w?YuwxQBZc!7WjB6%@5jMz2KIKeXKDyu;r%nDROeyOKg{V<6!lDPI39f z5Oo$0kFqksu1vXIrjdW@M#lcB^$g*nr6=uPyZ7LOtvpL=sz1HbnL1_t=bd%Hf9|Xe z8<`m1NXtVf_tM!{ku|GJh4Z}{6n*XQab73cNqmS9wN|`zWm{*vn$~N(@;BDEL)QQ0 z&pgeVE0lQ$Om&z>S1hKVT58DVD`WQra{ zb<5XDp?DJ*U36F^h8VGV5}tm|jxV0yzWbXXV4c~%N@&~VC${W?5!d&k5MK;W`WjD( z@{i~8?+pgvkxyJxytZriLw~M4O?iQvK|}uD!zwOst>JVn0EG>OTX80qsYGb-WlWA zbJPv(7OCs%+TYbbU21r=J!ul8x6*BNlUu0vL?-!aqwc~Ng`yN!Qy`yv`4CC%k=Jag zyRHqmA+prc^x_=FwQcnf=NNNLz*YvlF!Xwik;Gon z-jEjRdcxQg^_+*(nD>nW-@y;zB@gqjw?7%TzU_)nx}))#?Ut4hcMFDl$%J^7gQV`{ z%euUhb>`Wd_`26i$*hufC|f6=pPqEr&z!lO^#MCDbyGjmbsMa7!ud;R=RqfV>n`w{ z?eRR{b!Bc!>iMgS)`u}oGxMp|ZW(2N<(Txwpmevh^OVSF6!Iik-0$CsnTWmjL2Jq< z=0to!#AW41j`J5Xu_xC&G|0R$4eSzyM2y_s)@vLR_Z2#G3rx{wl_ejr1tLqa>PQVi z;>xFt{5?91mO9LDZ;eVkmm0-Kq~|>$eH(i#7h|rI<~O{pJom~{pEX_WN8FPli?*;1 zBN5bAqJEB%PLO307u9;6%I|c!XU*6)BP%VT*vwV16a&Q^hV_?=eW{VPU1RZM-ComT z#rzobhw!qG`7KJsMcqVRdhQxCMw$J0gob=g+$*oo9o#0d5~aqEqb4q1q9L1px;lXE z8dnazgPi;9!Iv94=8r|5S?zwiX3rz>`7$aF8M#`9VPz2z%ufui{c%sNLv9u2yTLnq z4(*8F!8WMd=+4*k6}@U%;p)de#)pqKk7%5k`gEdJH~UWQidC=u`<8f3-sgH7-c#$! z*9M40JBIjbhG)VFHjVh+wyQgK@zX!J>^)U{O0q1jl>cl$CAw2Le#mLkS*3Z2-NGG( zu@V~OpD@$rmK5?2>ZXKu=u&0JKTyZI^;#rwUB2d%HW(`6lsLMcGyAOljO@26kxsU6 zZ!Pkw7CTwLr)m}P-zz^~)Xm-OXc#-3LX?M<$+Zh=HBfXTvRvFY&5W%X(d~!#vgt}Hwxc-WM7^t@NO{KwIx(! zFJW{Rc{WYUIio4Tc(D`0?_WiihbY#;H{&lyf2>R-$!l8Bx3|AY9O_a!(3XbuWZ1iT zkW+(PZlw=O53)1!Dah(1!IN8Z-QiPnG7+U6y(IXZw?->fCH28mCXyxvvDp2zYUfj| zzXQDp^dDG`rty9+a1|d3r0|dr%eGKLDHOW>F49IZ$l|{@^Z6WqdAGdhRVVl74)+Op z*)|wKjSkOWGYnP!vmujQtu#B*H96H&vqhS%j3QFu_t|5w)R8HZKEFxmIQO8`H2h3a zT+$e$sW6pz)QD$Jm@Z<9Hn1RF&rU7otU;=$x~c3x3}TkT!%J%}UN2c&d6M@wEZiQ1?vbthR* zI%`lnz4wWz64;Eg! znrXt>sgsn`zJi_fHIhYhqkA#|H3eRH3bMpBT;sZlWfXg68+f#%F`_#nI=z)_V~iH@ z3Tr+&suRRty)Sr$I0&3Wl9(Hca(nGv3x5*#SwE_il_=Shn>PeGZa~h`99w%$#O)4K zutntRB-J@LQ)AUPHBPmCyYd?H`>m<_=Y_KQ^CN~j_xqII{pP7^{IRvssfJ#Y+FzgZ zIyf2Qa`7xak-<)5aCO!xgun^Z^F<{c87no?2e;0CGIy=M`H_{?%k#J2p!>4+>2$K% z-6TKXRmDxLzn0u5)8rw0xdDyq7t{?;=3W!nEPK&e&Fb3q+%!v@m*teOtB#@Z=W$Cz z1MjM_fSbhJn@ZhQb;*6o33Yo}1&mB-fp?!#{{gS-2Y_ngO-g7?peP0O^FE6+Pm-}B&-85e4IwekAvO7L5r zE;=$1kNeU$?td%jS$tG)EFoSrpJ~g(qnhm^s>h~C^=fxy+w|3~3oDXas|u1FyjR^U*;W)0|C-_I`n&r1#tjHA}&R!A6OXQya{O)GLVEy_0jc zgB=DNB0q7=SNp|73NH~**HG=jbA&LMALDUf&8ml#5=6}$XqZ$$FKL60>hd-Dx_wsQHwRT9=KvWL+0fTWcqd(noO5o=q zb#OSN0XbS5%xDO9>c8WXgQJ-<5R@^b2Lx#4G>}5#{ZO%CP>#F*NnsFqh@!*O5LEQd zw?-R`z}==Odfelu(>QDp!Y(=L-Yx(;;{kYa=-(5&G2k%TbbwJLi_evUJM!tJ2EFAPS4K8`*2!eQ+Yrqr2VeF213 z_@9ktkHKLiF9BAvI;UC(N;dqTo2j)JhuwiN{x`CVmjS|a^>~sMl{oALguT4?A)ppi zR{lThbhZtLO}|9&!14NU;!-9UL$Rss+NleJu{$GdoM`4efK_H9c;U;!=)i0Q9a`xs{3QBR7J}o%IyxX5!GKm5gd@==zyRMCg%Eml zP8Q-S{HGXB=nH{vQjdkOQAOk zfU~u1;EYrnC!EA^&N$!{GB`_24(L929sN27!A74VYV>v*q!NpQ!A||_aP3e)BQc2c z^u(1jUcw+zY!e&?j*~w=1~kz(F$ih6_$!>_ml)t!vk@n@A)(iV6Y{x07&qetUH$)3 z*s1?t3KlI;3Uui64WLwX_26#&`v+nE^H{KLg=%~QPT!3i6O@M#gfsQv#1JIddU2wz z1I)ym59)mB4bIZg2`rF*@NFzOImtiCaQ5MVu6z(FPd`r36ac~h7ANc>A@~jw^yvBm zgaBN407^&=E;fk1UWkx~myO`a>_P-B{XehNAAk5&jNh!9eFIw94%yR&Fq}e(TRw&^oL*lfuBE_ z121WVXW1Vgauji;2njfh3N2NN5J$l25a{M&1PeO76v2xKVLVd1K*5n0(3i^q!^3`L zeNqOPa*iV<$%Y_6FO(rT5JKEXCZTcwNbw%22uMluAE{YLDO^2LA{7W8M32ysiiFgF z$p1)4X-OQZDIo+tTA~t6V<>fGil_vDh0Kwfft0=Mp<+b~S0T6&U*(Sa!mB_fw-nF~ zRR}S7rxH3Ei=aTSc_K*AG}WM|{MH|qPtUu4w#Wu7$wr+kaSyYk-Bp=nsn? zWSO@4!;%YGzPbEi`2krx{`%W;8m(Fj=9&ok+d_g~s|6vX0P_iJbQBhG5i(qbXFr1w zHndV55X&(*kp;vFE_8Z5;$j>Y*sbGmb^}Nxq9LIN-;T!_PuBzEofkL(@;o}7h~mIK u#(@PVS8*b)Pb}_#ed;BkNWAy^YYO;M5B7g0)%D^4 delta 140633 zcmaI71yEhVvM!9fI|O%vyIX<>2@b*C-F4ya?gU66xCM82NRZ$V90CM)dmECRbMOD^ z{Z-Viy?ds6+UDz?wT6>m)Ye;+sv<-vWH%Vd#8N~;z{YM}3gfYT@&PvF?J!O32_mH^ zrkY<5r5hQhXo}|Ht}%WK{0d&?*+|fm<==eQ!>2f+`b9 z-OIuJ0Fq@DGly35AxGnh!KDZxSj6=n?kUnNE!I|Ky-jm;jFE8Dpk5~hwf&1ifd=i4 z<~QcSCM*Ga({7%}>)n%nr6!j3D&}}Sg7(O{)}a)N>tY1o4j9Ug>F^`v>k|Ml<{q5prjIf@YDrOu zDP^d`WP6TMzRisxi;BTxn36L~hMaEtG7r`q&|i`rKSPi6qnB3`Wqz;$(wm9#E5B$} z<3vhY#n5l5(&u3JHN?Ea+$r>gw+rO1xdSuBrjE2-_dG6FQpf)Mx}m|@7lD4LyV~&d zCvaOSVwLO1Q-U2TTizR)>%a6W@tfw1YF&7nKLZgnbsj2_mp=(4_pFm(YABtn9S+z& z{oB*kUS#+v1RmJ4Q1ua8&BWcI2(x6$bK8X8N1?^UGV zuA|eFPqqmolfvsS$uFbaTI78`UIC;(zrETsphPx88b^z0@FCT(z5B9@-#jtPBE@2F zr)8yLWz*pzV_#BT@xJ`x;YTcGzZfS%!ncsoy4t*bm4<%bhN4a<8}3Da%UsKxobK9- zgmfms)e)a#hogAgrH_7j5shYhlVrw=PfIkTbRJNt_s%L zuLZ{Ii97_t&TKtJlAl!~lPlok7HpEF1zgk~t$ST~!}m zlyEkLVIvCGO*9D|-#wRrwI>GfBH3>&L%{lA`MM{z0(Y)*qchMjk~sg3m8417BuVtH zz37>i3Eb)7Y6AzwZn7%Agn%Y z) z9+z=~(t~_Z@1&4)p#T%AD;G^BJFq)hDy^VofMlm>$9dHsbSEC?wNOnEg7;=>C3;o?Vk^X)9SHIJWNXNxr>r`QuSB@YKst zY3T;F^31jUFsO*9!kea309+un3dZ|OyS*?fNLs;=0E=xt6#t`oMFk_cvv1|3{PdkQ z!{99Mxk;k(;voxI9e7OP(oB=`1kn5tp^aAP5iUR4he}j(F+keIyhqb7Zz?t)WGf$O zBTG*}tFMPDA>6Lb4n0q@@jzCx-QtvzPMRhCETRS#Q1{N;jhKBi6bA2zSv#f?ky^4K|3k-wOKbm;U8yHNf9 zL;@4DX%Ru-aW}9v^qxywMDufvH5d;=)&h~^T}9z^CBppJTVNY;hq&u#0%9jZ0*p(K z1)}rD5FKnBJ0k326G0q~M}d~cp9E)^^?iuxC-qMYxLy~6lzIhXgKpHM_2;g==zAqU z-Wr@+$~bJj_nVl_VZqdfMyTza&11pz=0srcn*GFs*@{IS^WJ`F!=9YK2TJnu)-nX{ zb!;WPRRe9!Vg{h3{R8LcnK<<*l)7;@!}0SMJ>za!(3f!#WnI=@+_f1#W^fpCrEA$1 zBZJ}!*!)%)+3;4!E+!**%LqjX;Q-=Ncl0xnR5$stfjG1N{)OT(Z8_qchYyy}uaYGc z+JS*DS%`B__DmdM_Ut$@BsSzG!^z(??U~z?F5!VC9||Gum8ezR%`~>E^Wfk&koQ;@ z*tI`rF_NwGkZofy%mQ*h_0In^qjTW8wvbs$IBT$gu(8LS!RO*hFX344j5ti^jaU_= zR_rRLtH_w$GIhuw?wM#((IQwCKE;r;_~7V&^WDJbrs#T-8aMM5_IT*FWZ+r#jp9#l z>-Jkf+QBBC6w*lOkB- z)Kem=-?y`jUATx^yf!U^?kgsxxY^nZmuRFb=U9QW`;xwj3tLlSEEi2*sm+}!)~43U}j`hNW#n$XqhM^bNF zbXRhrA~gDFF5)x`Yr~i%``@%hMTRm&nrq~#3Xs}ilhwAN_PaRxMOsr8ugVGTf9&`9 zg9Dv0LM=6X64S-lxMerH_l>o>@lMG0kg=rRzMJUAek7hy_&*1T6=52?B$L2x&v|FS zXzr6jdUnWKI~`-1Dw>6?)Vx(GaI=_cS+BJP!~J(gq>+U5LuTUWK4J8B z7A>?iD@JW*OQ`@%m#uTyL9<_IKK()uVL*_dmzXTjuiGPwQ0?^tbWSB=IYddi;PX)i z`U{mf{N_#~GT*_9r+nNyYfp(dc)fdf5E}Hs3|bgTfhA?{huv#<`Q+&u7L>T{3h?_NGSq zzTrA0_$34hAgO#>D&S-4tw#_iR?QxWBxp&|_Z8vpJBmt%9+#|gn(^`e&mVZn*o}U` zyW>lVZqfuNT!psqri}qI>nSLrG2~ymumiJuq$qsCt|B!?3)UW1*5}UZD6l_<$WTtf zqlpw~$Kco6RESA;3!4lR2VpOyguscG=_1?!WlsPC#1&Y)`ah_&(p_VV8hkpHd_E_6+v2$^P~K< zO|CUAs8u+%dkDcA_7)-`E+f*q>D)S9zCeo<#z9I1L&+(gvFDm{+JUAeM{+hUYV#8* zRdJB>RK8TsT_=7{&c#kFVM2Ts)+fs3INJ~VQD*mSctV2w6FGv?fP|w`T!PA*W{bo5 zC*DjAD9A*=zwFA&ct{M8|KYPl2=WgWVM|C1Ncw~^DJPf5QiUb;kGq%-ukdO1g8+N{ zzr~f6d5{=j{|9%NKeXsy?gY8T!kES!N&Wz1bV?d%I%%p;nHhYB-in4d?&OI>1p0}; z35bB9!aebmm|2R79nDr5f$R^1?n(dFCaN}){EwN+%900j=#&(^bW+l<$(E<5(OZ(; zXw_EoH9TSsx8x#{-RRU-3a@|NVYNK3YIfqju7xcyEG;Ud1iyC(n$GVEH6$gEpp+mZ z#m(u`du>RyLbRdv2KV2b!orxjYKs5bT1?@30QXC)9RjEzd4Dp007KJu_nsAv&DM&R-#oLRzI%m^@?tD;r2 zzE5K$owKE^GSJE3q9tx#~L?6Xljd+wk2%=|`jdz!YH&aqnuB3KC%;?f zn6LJ%(x-T(`tkzP+9w}W)o;DwtchSnUp;cKvM!x3z2l;<`s>h37~f+B4Q?Ufa zzP&NpQiwNWuz9!eB?WhP5ZN<~BDr`nRbjJs{x2nnd-o=&wLRJ{6fhenm;0gH_4&rNK-bRV6FB}-rM`V|;{u46l+ za1VZ=HRbY;Cp2oAs%^V`;Z6WC!kgiw^d;@pmD;{TWc4WCFm?42N| zcW;al`e;}^de3}fm=HoY^rq%Mbh}om6aGroBSRhfgV;?3sX%Vi;|5?47h z4x>~Zr9LqmV0DY~lJ(ZI$Uq#oQTT7zV}u26I-z}rKX~*paKw2dfC%5T;K!fR>5_s5 zyR}I+a?TLM1GjNC(qjuqK0$(kJw1Uve|RS>qXdv*`RN5`!-fgh&3r58n6+XtoC#j& zEn5+y9h3TjZMJ&DBaCDq|G_Qzz?gbrJ7fWimeeV}uKGJ)wF3e=?5B!CtCAWE`uVo3 zM1J?L`X^~i`)4QO;L8@2Gq=aIUlp6{sWn*!gB&loEBxEur7HVb_iL<}CDG9P-^uE8 znlFkPVIBLO^1j|S=a$?GODhdN%+Iw+?>JoT%FcwK(Q``7&4Wa^NEZ0WqDS{el_%WC z3b!6(^);lLSYgP~K<5;E=y!ISm+CJQ{eae-8v6!1a>pN&hl^{^{Gf zF2W#-Oz)5>jcM!R!Hx@~I02o>BHu6D%Z?)pa8`$n46?bv;46=bH9{Q$B9my{CayP} zyfFc26e}#MVWycIc6#cG_!9k-g&*rI-D4D%e!g^Efs_2o4z}oM1c@8N3tSYvRT1wj zA!dM6nBPem`92LxBNQep zen$3_ZO*D3$xY+JqjkLJ zKZu3z9b{ai%xd0RzYa`|d?OO7qbhaAHb9bZO(ZOl#(?V^(2nTKf;+pLs&tB2P@$=K z?HB**TeK4Y)lY(`xB3LSPTLaD>A8>>ee6T{&Dv43fnCE2Cp6Jq)5ozTk7Nj1yd+To zg6^b`&A^x@OJ@HXM+8~uus|%}YAX%9d!j(}F z{wGNi)a+G(ut`c;qV&UPRmZ^sbvM4F#rH&{?4O+Dg3kOB7eucy2%bv?~U|@&()-*LLNL@9--@LyxiPCEq;Lb-CJ*n$^ z$IsX{o(4!WeU$=*cxSwcES4nbvQT zag!L_9s}9bM{MI99%m#cFq45uq&M;ziFfvJwO28|6jB!9iPo?@6{*gv0ba5wC`!XyTa(oz`+vUApNJnWqHm`OiV*`6MpV$f82JydG}J~cZ1 zC;QN!VDUvxv!~&O1cUd-_?x3av*fFn&0H0|@dxN(_C#UgylKkU?U6kt8_+*}?WJp9 zs?EH++6rji!_zx@a20LS!xZt11E*Y-F1W_4NIu%-3P?)f>8s?YYmeH9WtBo@^V{UN zz%H`S75^hZ-qmV(i&O!C^cWKp{4SD2Z|MRHdpaINq3AI94)xLb>{ecVV3x@~KgXPO z7`twAqdbR5GJicTl{jnHb&osnN7f?z7aD>vNAdD=_Yt#!_%A%0pAj<~_exxE`Z44k z|M3Oxd;c3uY>?yA(aj&D_``MVvzbi z@I4v*LJU%|;!FG^VKzR0j94ETvk$XdiupvC=Zhd2AQmV3MN;C*;nrlKf9pGn=LCEf z)Xecu5L0=<|4nYTw@~O8S|RyFvA;VQ_QJx>_jm1W-I%fhivLLZN51{P$wtqrHrpF# zj_#UF&@J_Z|J7@tpUZ8WM-3E(3=BGGYVrG)oBFQ#=|DgL|z4#Sx1Zs4nu^t#p6odJzoRksa`W z_FU^|o9sNM9R44Ef<5LF2Gc*mJ*snY)x=qA7oWyN7Hi5^^Arf5cc6TY;<4w2Uq?g0 z`7h!d9%Fy92v_3p#6wQ`ve$+!9{`1IvqH}uW|StMu#9KZ1ws8%gNA5sYp+Rf=}*8> zX^bcR9m+r{Mn^bjlD`)wDblzXy*mjn5l_bNV654Ab_iQT+7}uigZ8g}Y#ZEfUtB1^?GPE7!556Hz_h_L zT|4u<2Tc0y{QtN?b}f&XX@TMaoY7TwsY$v29gFr zOsJoPmb|k0f+NwQ(X>DgCNE;wwVrnZIrwISF6*07w(}cFKC~J9C2%Sj^#d< z{OcHnDx5SYuDX!Irl~8ufJxbyq6W~_=tO650)gikrB87N0zmB^Z;lB2#0r@ z3FcMCh8Bo$a`_<{|WwOTMnv_lUu}p z=qCT@#ArfOU;b?ML5qP(1oP=<=UA=o!>_S7R6p-^0OYo>l0aY1Grn1^u2<&lRsO+% zO=pR}5eCXe$sG`IABjM%{eF5Uotwgf0*|4%aT z|2w_tSRGX_)wjv3__m>s2yBL$Ncp}i*Rr3{FSu*n?hz+LTu&`?`3fv7;;rv^5VMzn z*||RR65h-17+c^e-0hlsP85%9E#1#R-YWSEgvC$cKj8cg&oxj!^8Lxa;4FCMpZjQh zTZYVnUiPA`hs3qxl^RLbe*V}A=lx9^fppd{Lxwv!N1o7Hg3*jMte;#OhrGEDpzJZx zvR**6A^5v1Y`}`Z8oFLkMWDE0AC=34BnMKt@)!ia9QDsIFK;dY`>dNLibtN7_d>W( z^xx>w_|`?m67s&}u+ZTe=b`hJ#mG*xWg?2gn%CRPj1yz^@^OXg@&0Z}2}HfjWxM_7 z+%@rPTXe}sru>7^E!yi?ZHcUGMBveh3T*g*ORnH^Ihk#r4rWi zOMNPB>M_en|LC6OxA>h@x& z*`|qv*~s6@{M%M*h>NeCUC$Jhi(02qSEl&CdmX zuR=(8pKF>r&at9Hfx7Mf%bv}NPsPt|{|nYLQ?u{#Dp4CO^el#7Ht59Qew3b0qA&+G zP=Ninl{hjP*8R`$yI8fXKg~dUDvj4?nin4lP%sNFDE{+N%0Y6<3!J< ztKLWJxuBNIh-BlvPBH#csz_Hg*~|V`jU;m;b$Xh}wXz)Rk$@FO;XPScKGv=>XQqX8 zU6v^?BVFdwol~+>yz%q;!{_nCuejJ6&hew?`PqBW>}}lJ7x~6aEej`o_Js{5qClm+ zDJrmGF%cRJ;zl&}?2rxSyken)3b(nHz{;8t{D_YE=Vm zlw#C|l{E+6b`iR(JJ{z93!^&U@mi5SHQu4@aWr%nZSZKjYtZuq5P$0|h~NA(WE!Id z3nr3jfE@#z1i0}fXBXat5mW;M98SzWW`ITIB={&)V7fl&Rg}?VMjzxTO|~J=)M7oN zXTyQ_=aEH)Y8IySJ#qeLE$v44w@$WRS^b;fUh4d@3FE&u;yUN+w>MMwvv=9>GbeI$ zQ3EK05$A}BR3qo_5`#TgYTgTz$lt~y54a@`8Oq%^jIeKC*IIQkB#We#rQd8scCVE1 zb-bQ<67_j3_Vo!Py6N={sb+1{clGX)Wlrm3S<+~va1br1q+<2c#Cki@4ZdPrqw%-` zg_!ucGQSlmpUJq4To&xWa zfY-(yx|PQoB}^T!M=M{SO_a@e@qLtPDH*GbI0N2i10}kk@hT05Xgjm2Dvc7tj*+>G~kIs_7S0| zR5^qnh3svyRz61x6C@a&nD7Df2kuBT?OXIZKG}Eg7at6|G46B48N#z`wh|sKUVD%f zP1%~0z*d&@ z`a!ItfHH&YL<-_fQSrBjTN9?N>@SM|(K4eCf4AY4Y|3v*fwEmo&%W(>$BRb}?1ojd zWW)v@Yyfc7Di-4{8a@AoV}_}Yco$s=XS6{0E4g-@%eQttZ;Md!MWNa4P7rlX=_ zj7L;JAWaMz=wd)Ys~vTEZ$!Esf`s|Nnklk0+l#qbX&x_RTcQb8JKnOQdul-wCj_P!l#A$6#tnX=mSFzH4g)Z{3VBs^!V1%A}?JHrq&!@Bd z*dcOBj~y|@zy(52VaZc2Mtgtcucvj2gN63{uTCZDpu}b|BZuf@OIU}5<}V87O{4>Z z56RLwyhd=UCxp^p)LDXW~ae`@NTh3 z$Bh*xN$LM8NGbFin+_a=b=a}OChtYMB?6@o(0b+p2t8M;*9ng320gnNx-}X( z)A2fs+Q`{Nkjz;7M@(%>YC9I9Bj>>ACHso}$$3P+){bs_t!~2vW60*0e&#|nswX6l zD-5`6IT$I%13MU5Cb;owN;9_FU;kZJ;#zCX z96Ot(N-IOxyr4;Cooi%3bZ}u5NJ)+gRm%<|H1@;4D&Y0y&*?6L@Ht4j1Yn)B!te zw{!$v5Tzp;RISU$%LhZzR=4jn+ad>djAmq%*dbLmh*Ff4+LEYRBIFdJUq_IwCZGXp z=!hgJR_&9~Rop^z|C!$j_|SIJVpMQkaHgKgEeBOwRFfFJ_JwXY#Yb4IRl1dP>zMKI z(#F)F;owXGmt%mOQxwU}GZpA$5l1eYMeHygz%9cajj25Ld@Z;(-L)Tn4#k?ar*rA4 z+}i2c);$~E7({uB0ad$E>aD{-0CCNfC?fC*@D2`Drh_k{ap#FoAPr$}8zHuhK!@`r z5st(xhLi3k2QAm*>m-6azEtLg5n>2(z z$770f3%N|Fom_}4{2r=Hw$lAa2|1QL(YPLZ-isxLR>MRZmFj6s@da^WaRH!OmAtop z=7RqD-zbSjCGb346espEK)>)xD94LF0v0cqKjK98xMn}28}bJtPDSJplq*E!)ykl3 zmA%d-CAhjddKjrt4;1ra1)aEloBj!w>L+qa^hnY)_#a1YYZ#0P=)LaL?(=SP4iNj$ zkv?qbv2kKT0iY6bnArByD^W@c?YTY-d{Hjz^aR=r6=ZuUDdQ7K)Am%o44JQ2de;t+ zaAFlxYcVF1;6Z_}(m*1tV#hl?NTIy!P#Nvo3(_mAD&51r(;E?mwHSs0nW(`K?_y6R z*os3siIU;^8zVZJ7}QJ{)>`qNkQNUH4iLW+Bi5EgSj89H^*2v_wGCxdB)Lf(b`oI* ztQgA~fR}dAm9#<#u&YGtuJ1SaD2?^9zZLv|beAsKf~8lS{03Dai%+Ai`sUrQw>?`d z!5qObWkS4ZLdUK|bQRdw&7xmx>&WjHM&K{SH%Y_Rtcw}$>gZ@meTRIn7op?5;>3>q z^$XRl6Bvz2e*UKJMtyNlrQ9CaJ~V*X(Z36>b=6%N-Wph#t@XXJExZ@<1RvzTO1XHj zIf?mGBa&p5PQ)M<(}A61feC6E4rN?8-VZ$J2i}Ud$M(I;%0aZCtV8Urd6lIE)9q~Q zAUC5G;oA=61dyuF^VURpjE)h+a$Jf41j2)g{wyz%)R3bP6m-t6a3v zzU`Kchzq7v!hxzi(>s{e+@kP)z!pU`6llp}vYRU|3${rlg}_UY(nqsKW8famM!A+5 zoxtmJ?_=-4DD?K%k%!&JM{lL7(FIkl>e?bDENiNtR>6tCh4BG;QJbr5dkQpv1Vf(8 zK$ANjaTE~B7$Uy^^qLaAlr(M3e-1(*+ujas=+6X6UUAeQUiW)KB}zI(l*2v}!WI zZGv=A+YdUce+*NUB9|0p$%L$<30uN?hBLhOm)Ije;~i9lK=3{d%o7C$c82R%0X^kF zIH=bMg4LE+l~Ts&0%4}WM>wrUU&AcOHE^p{SClG2atPdB$+@Pgdw16e$~iNXAZV;& zMCo28I1sLS8hdr41W4(E3KJm%e*g2J-12Kk;>*?Hn%JyAM z`yyiOl<{NFeqixS=5+D{LwQ#4{(}*39+_Mo45)N~@Uda-Hhj&KG~rc->mgz1Q}_YQ z33@$B%EM}sZPf%J+!GB1VSmeVUcyh4(58+?R4d zxwg{zKECbuSZOdu_)#{0*V0Mk3E0t03yfs^;Pu;$9PJGY|F*XZLmH7&-E8RV@aJ5S zoMY8H_gu!xuF_@pS$3i9IHE`+(i3`ZtKsFn(Vhcp7N0B6xyy1=7HEdxlFO$rsR|L| z{QT|1J#7-GG|d^hzd`TDf1LF#l+C{D_z}(n*L856U%991i_FXxQ2`XD-g)Lgx8c63 z)n#teq?sgzVsG=dT&!{xl(eIM=3eu_IoGuw^=whju9Fp>rCxptGR z(&-uKPUOxas-OK}EzZLoJx2&s)hxxORt^#kTa!Inhx}nXET>VKnrSf`-;JCmja-Q9 z1M1}hO)7sVv)slQ3ShP#RB03R?x0rLYmg)7V_KjEq|54GY=l!p>_oOxYiN{hafCg~ z03De6Ff7n!zdyJZgNn(6`?`DB-RJyDcpPFYUgUfy3$$F}?rx)SjxbR7S#_*YXXk_} zlrLM8_)hEucY^PV!u;FMg$Z??+I{gim=pd%H!`d-uI;0_DvQ?kIxhC5 zCDM@!-b75Zz3vD;diF@z^$xXYBWwIChlk!qjG$MEP3WN-LXSF8W{IQ+bB?xRJB}2O zP11hMHOXM6^r9LZ@l@ZxS}BBT+>B6zZ_HD|#nxw00pFV#!U0PRvG!h$T?zWWez&4f_-2^bikrj2#|q0bYsxg#MAt@Ddva+4~g|q|^A3 z0CVd^v^I8|lk+>*q@dDu#G{&d-Vf-R7_1BF+{aDxBPJ4s2Z1Lmb!_}e4QtdmroRpC z)wI6y^5pprYDt>bI@T)GWtZ!K4h9Sh_^MCh>Qj+xvUVc@y48r6Rl^e81Jpci+(jzs z&kqzprS2dgTX9Vflxoip9T;|(zXFI{FH@8^&jX&HO3>%L&rv+l{m%^S7Jby!9|zlE zP(@eU;aPv4JOtzN7tFQ%*-SQ?-&!m%tz)F@J?$*Zs=g=5{vqD>&8gKenBuotz+B#0Y_w6dL}!q_I zzXH;m9x26W?b_CJlxKjDr>$GRI-5w(ph^Xy2VcAmGR{$nAWn)HzZ4941H>E+<+&GiQuzsFz<2Bq1k8Y)mj=Oc$wnpIPb;1SFJgG)I zyIIwHdhHhgga$1n2-2t;Mjj;F+RQV!OQ{%f2L&b)blzjph>I3WM8RjD*~HT8Hg zA6R-mv+rV~?1Q{7k6;f{&Ja|nkx~%Ycnab`;z0yQ24HvDxN2JktVkX2S$Ma8@wWhW z1P@SXK!kw+U4tqihqnQx)renNG>o5V*zfHn$n3t)fBB8|0?1aeSjRwjWg;ySV*i9f?CE!{aK3-{P zgE(ckmSz@qj#7j{t$=j%Qc*ZLR&R50iWBkLqha6bZjNt@bamATR&ZhU_RCDi{J_6s0?G1v)3qtBmDZ5P|!Cj z#hbAea{9xGqyk{Y)#u7(JUc5s#p7b6L;wCQJPf7_rpvKsiNB@sRd^H(tL_N{=m=f3 zxc$=>Vc&wv@D(3hCggb?Zya@EWq8;U3~SDq=pDWRO3+TTK#-n?{8$%wIStu9KU*fa zLHFQ__^Kj{a?3rEQZSyiB4WeEk1=V8a#S+*x^DmY^bde{NHO-EQB1HA{pCRYm*6|r zI>Vl*(dm^1!BxG{+8Jb1OV*rX>xLEH!mVt@Gfjbfndy1{G|>FbBL!NA>C^0SMvFGEMC^D9Bi8pc2a zbzS@3_ly=OQ1+?1*0S@T)el0$I|IC0Jcl!A&p8zh&qi38Wr8uSd4ilQMM_i3js`>c zt(YZb$=q>$B)cNaM9Zsiw5HeLSGBltFYIs`(u=YC14gIU*=5V!Yj)>U4;5B{r_002 zwS7H3-~o8KLG)pWZ_5L3=0OvL;P~xEcNLlBs7qfq*J=Uf;Vsk zdxt`H#U)ohjC zD>XnDDn`YdH!+#C&>v5b><>Xu>}zP%NHpYkni-so{MrcJQp{{C54MMcD`&Jn)K0}T z^kBrQjsGo%NR!MJ!3$hlxc0hARI!DryiMTA!R#}RWDZ&q==r8f)#N^N|50q835|ka zo77ipWE_Q~FSm=%^fJ`8yY3fQb#k=x4p^VmiFd74oxvi^snGW%2WPfp>7V>WOF<9( z3Nnrbc7lF?&0B!ozgS<#$0jT=w~x{Xcalt!*XD}QIUQuF3@1U zKkke47F+`UoK~vy5+g(0Ij7%=1X)<4Xa>#e=wu!77ClHG*1$7y0McZEzUy+BGKQEx zaOx+LHS3KCIq3?^cm6{AGzZA=UjvFl|>%LMSKJs3-WGF3X5F)vdg!#nFh= zn~5jLS~kT-Xn2G?PwPk+FfjI1pa+5g;Q4c9YcXbl1uf)={(^{M6>|XIn2fxvq~g8$ zFLBiidmF+~ja~=KOlXyhW&Uw^N=lJe=o7s^p2p_bO>ewaust#RWpvEaV8|r$xA{^p zxO#+vG8(6-G9#Dq*E*3%xj}ssrLiO_ur{vsSlwi#(_B5Do#bS~wm!cfg#nt;Im@sX zXt#e(S%=$1>3h&CVTX6KkVOm;xCKoMbbk{kYjXeYT`6|R7lw}Q6xYFMVg#G99{UrE zy~T%p?E|OZ+@MUeG9oBp&Rw*udbqF;?xc#M3JU!7pzH*KEOsi%>4u`~o9)5lq*Ko> zE^&=T@kpd+LAT`J7WIa4?*WMJ65>bi!p9}loJ0DKf~Y7)Nm8Y+*d~rws{m^KVv=rY zp0l35Gt|nIrXYkn9WsgtBp`opmPS@>q#p2L$|59!V44+p+iOZ-I2_X?E@h43RoazC$kW9jryMpi)E<>w(Bft!Ic;{ zU~&gM?@Roq6M`u1!)agHTuHtYpZop$(2XG~+)ScN>rnXo+8yc0W1WjcFLX`YdB-*} zH>M+h>Vp(|G|BQETxHHDjPLs%j7hS@Dd}Oixf?gvY5=Nm`z!3hRVBBFsRrRbmdhS~ z^PxbD%vNrRiGFz6+~}P$id?Ch=AhaRPeo z;X>3o4KCZmx~pBc^sO{m_}hx;?7(DKA8LepVWAa}9nfEKv78V+zns9xp~nWfhh!t! zC4x|HIYh9Qz)R8k4P17Nb+?KGT!@jIgKl25!nl;yDbSs&=f|4a)$BViQ@3~Z-@J#A zKCz#B)8oOd`cYX0z1xnmAA06%+yu)_d6kiLK&oD&YCaTq@kBqLw#+#H=8TH{+XjM- zMVGP&y*Ganl34C6(kJ_o7oM#bp05X_vml<4ki32mW$1N z#+l?>5{A`4e@YHfveJ^$FHNed!s9WlT?qZtu3Va`4@X3=62&42zKj0^&%8>YWE40xRPGzO&Qoc&)caWgOX8aA`MBMXUl?rq<^nljG z$}4Oexel$PSlkSBHPpyH;a5*}CJPn6$blHeLFx0=(Dvm9nJFDekK9Cjlijj4`L%Qu z+xz=$8oD$!2~{o#wmqYE1wc9_s0MLQ=t(inSb_sUukZuZRc`C!5^jQ%bq%JtyK4|f zZBoZ$^BInhc(gIA!e6aRXEm*D-v-W>Dv1Q^s7albbdn@`xAYpfoj#nsJx*-$kgOnb zlObB_##!nWVQF0(<%D7Dfa#}pKyvh7YDeviKALAHIQ+7ft8%8CR3Fj_(A%iDwwz@gV~O9Q>j-7 z*OETrc2OPw?Q6197HtDW&_eWr4}%6Hqo z$~3sS6cakQ^JQ?`s2EfjU_SbalXn~vyKLa6S1Rj%=fIdxi=lhP8#QoM4|vT0=`_lNBfei#azCB`yJ;FUj=S3-zv6#uW1D1`&loL3pvqBV zF`Y&mFk2M}XOh)aU~V_(f;AlO&0=)n2VW-n=CTq=rxu4T4GA(+KQ5SmlrgZE&NDS3 zknOx`SmZcCnQ_ubcdQ;k=S!0apvh)|ZHA69D!@GcZ37Dyx0L&CnFX8Cka5 z`4d~z_kc~(CNaz|5r+W2WTYghL0yx){qE9vw&@lFvai}7P!N=_RFnL1AYgvt#gMR+ zS(zd`p|OsNOtU~zB|@LMp{U~2gv{4KFzwpoX%`G2{|KP0s%@fvWMEWbne-i1iefZ4}BIOjQIU+hM z>3rEY%UwEN4g5NROKa@k$uDE5rKJ-hC^@AG624L@Qs>!a3RR6bj~&RYk=7{Tg;ij| z1WcfAHn3sI?r(C*f6LZ6YZLwEu`;JS+hi%7Ul{JR-D5VnypvKPD)BvIg(Zwq2p>)* zPmM}pt<8*<5^K4Qa}{yrRD=-t-4_Z1cLLNhUiDob$VF1R8&R? ze1MhZ53VdmEI#83q7Q7|okqQrxzRdk~}1CP|nT5@VCDJLUS4Ip0rGxZhU!KH1ha z*zUaY6N%IJmd-?52w-I<__jn-4?qXf)VXB9-aBh;Yr(eu68}&wAcrgKWU(tkyCjID zHLKKFfSnD42@?j{2ibr0YW|j8F4D_BqeW*{K4^xKoJ(oQ{va>OTv5O-+Qqwo<>)Qf zMgSq95O4cbZRU#ahV;9&vIZBaxY3X_yD7aIstrTRATPkB1Y^2sJsxzsedEy~I?>Tcd zp#bj%)X`KEasT+e-o@T59sg6*KP+1G{wO|P9Of0->>c}Y@zK0pjCEruv)V&~s`;_w z&*d*4x3dv&H`s=7YMtXJ29#@$T%WKv>*2qMSgn$ZyLdw}R~fO^P{xwMm3|``7aMUu zt6ICx)4K|6vG5g*9EUBPaLC#WMBAT6bP$B!u?X;eqUf?jYG=ty+` z%7M$>9r1I)8@&0IFVRa=?U8%7AT)k@^5xeqc2sin5PT#ihA4$IS*DGAJD{b2Ls=8U z4PEI1$;<0c75lGGg|J7*AjnJ{ZsIDKjzGX_0IF^Cy5f~y^%1paFxHiW>q5nsSY%K- zl{8uprpKkTBI%?kbtd9?K}YkyMVem91GI*ITyjwL{{&r4_u)tXP!~2g_@P&POP`h3+`NeR!!WzUdus&;2_Pxu?`a9^-9|C1sfR{;#@ zuHR}Wcyjv$MoUZ8B>3~e#@GL5i)~&PhxaDic@~P|OpZ+&r@g89F>aL41?;o-} zQQyp_p)E>D1D92s*Q~ugysMla4$7xWxF?4u-YgZ9_Rhgi-Qk_JlXX47VMJvIEe}`= zz1#LBcvWS~*mlQFR*Mo)9m?Rn67P6#cI;Q(F!pHVwIa=eQXjfSl78J@pnq=$v`Gw~ z1mbxc9c(p1G(^hvJU&AIj}~>!Hk0N5u=bZxbu3TZFd7I1cYguXrRrk#9?!gSwhkk&7j6S6- zm&&7na!2Z!SR%G5h;>FtT zr^e&>w6L&ED)anS^p+&436`lhkD(qUgB23cCx%bNH9`>|O zf*h&PpXBYX?s8`w(+bb~`E4Xm*bNSGGCWj&9dzZ!NxqLcqLw*Le)-vO@$+=s>W1g! z($mW(Jxn-M9sf#=tl~Eb(OY8NZ=GQw$=psNadG}+GJOn55Z^R^QHMV>QxqvV$U~zN zlHGg-6#Y`*O|yM}*idoUx_rjf!sO*D0F!;<;=4s7O?1L8;;Qv2b_s3y4J+>Ae|9|^KOzQ5V}sDzP`8Jf)t(e2_n060bjN)-|=(emn!=ZvAH&cl(|3=rG< zr7m2HfrXq+i>{d^i+w!(*b@F}zUIIwaL)%a^hr$K+4Dp25ftM5A!#KWNQ>Kzns9}A zBbVTU1N9v=0HmRGXB>j8Ork1%aW^?$r9fgCtKPg5YTwzDuRev~J{(E7P1~EemUX#*&f1-r0=Gipn$R%{Ng5m+^6D=x zoOopg)5DvB|IJBiCU>E*7_p9h|Y{|HSPw_J)IJ0pDPTWRNXCiYD07-8#_k-* zRA*7|;zuY0Ok5l~u&tVEaW$x~)4Cqgi>#0kKKd9a_uSc!E9q11a8ON;GX31%`)D$bo$w9DVsDq>^IxWFEB#ah;d2*S;EzcxOf@3}VNgHT+bS`cz zaWFDGkWAqPUdmT_Avi&m7o{CxKfB}qn4#q;+7nFR#zRWuNcpD|um{7UVU3gZ1yDb0 zpaskPkq+qGJPpkt^@CM$sDKh>dbusRKeKJY{^j2NlEKN<4L#xunRG!9iHY#6@bW=~ z^35AeUx*}B21uMF{hYV&0O_i_F`)M`-jy?dP#-e5k%^(9(n~TGcJoV?te&jFuVYy1 zMj^@{*IN{}$kCMtbfMOw%2RZ``ZNV}jEP$9Z31cMLIcs@-8)r3gumduxclObDt)16 zKu<08ubfQ4zy9Iz$JRyt@eAvi%^SoZ&D@ctZFHkoqu*>BiC0CBXSCnb%x{=Fg| zd70P|2Lf?6`eJIu-XAlf+^VVYeZ=qir1ciU#jet|4%Usg%=y!dMGwelL#7>i;`t$a z6?VGxWR)?c>Q~MX@(&q9eDntbt2c5svAY2$!|_*K33*?%a1)kLlO1NSPH(Z@{b;O` zZSMp_gXMngF?GQ$0F-;}tit5*D;g>AJHA=Z#WrnE4Fjd-4(wC~$wGUOCaJX=v#*{- z)6_l)88nm%T{%a6jN83pPyNuUnSlIAbHC_(xe=p$$(O58){9tIsh|G#%5o~jwQ#1> zuVF$C$^~(p$LSVs#7^HrR)=r}^JuUAK;`hHl6OI=Td?>!2_R+tP6O6fu}j5s$cB#x zWq+F+59q!`@2j#uu5-eMfSSzUQ!7^yv%<{GS&P+I0aM^e4QoUa)RMI!>q)cSR5G7$ zN@bLA9X0a{9@a5YD3l`>QOw_!0zF4E4wd(ehO?LyRlpcMZjn5->FohTm!&4cwUyuL z&uJDc>YBmRtMUuwtw>AB(~kwUkkKePazWy-E#|KF-yp0+jm0G0xTHf)MFx!1S3f3RhdXt*6_%quX-*-P7#3{_m@*5&u); z&(^;2g(8Q49tKS@2R*SqN9?jsFqMm|xH#I%E893#)upV>)>{+?v_S@Nr~v1+fu{Td zM@=v97FAzbp*f4IJwhIfN%TLYvG;n{wcMX6Agg!+3pwYDz7OpQRBOsTH3@Uh0tDK` zIo14qggB26Kf4W>veh-gaLUh)zYYELQ2@#_j!oBB4&H>TQ{`hETk&!7+|ZQfeh0y7 z@{Fp|A2{56S{)|8$*o!iOmkJ}ZAjd@SzTY~$V8hATE1KsGso@iqV7m9m2ZQzN-G+{jzFsFwzt4VWJYRhu&-|^taDC+*zCLzTf86D~ zjKpztdv4J{EF^ZU?HyuWGO&We`Q-i)k*m!rgwNXE3Q>KlA&_PEDE`&0U8JN;#F!nMs;gzJ=-8DBca{_ti5=o0FoJne@mZ z6^s=WVCp~t=+`GxsZoO=z)bPts(Ou(xyI2}*7epNIV&pk&`3E2$XpX` zfrz%?Zu!z9d}Ea>LU^H!IQz1r-+E_}1vHuhQMyPHqB8#N@-jIW$MNY)3-K$a23#ll zOthCx8QV+oYH8WsD6l>^B=%g}@aHgTq&$5L7;8sF8||Ww@p>ye03iuVp0D5Jk-yYh zTXu;Er0fU@%wp_u92NWGiE+9(X1$pign&?!NaD+NaHL{@Gy^BW1w>p{+Z1D|e#~`JQ5h!NU=lJQ=}&5= z5?n{*$hqSZZ@o9UfS^HCW7Vizyu}$ff9oSC;dy;3*w$)G3il>9JgNat-S?rTo#s-g z6AjX+fexAiTWcc+2d9vCo&V6N7D z6Lr+^?&p9h#F2$&2M4HI7GJH8*o7d9rr+pkadb1eNo=zZ0B&^J@FIiR-}t1l3*pG) zy-H{M5MDIx00D|u3P_4jvaN!09lE;u z;f({su_V=kMh4nMkpdjIUIxZ5NUquK;oUXM%jeo+MP0(O;98;8wAP<~#l+cr&Mw-x zQ46^|b=Q*(qdO?v-Wfbj%xlDv!7C~3^1woC55Qc@q7Ai2eOlodvV1_9_2nD7SpES^ zO(x!nP!bQ+3X_|ITfAG7I2dP>TZ=CQa+g05*q@I1N@?;{Cn|5>65XCxqPXW%R35f0uI?`u;e?oT=H#8JVCFbO7E>(I zfF(e)qfUg(|60hW{3r@*AxRo#B0(MnlL1JCs@nFg35G*DM(w7@!{rCBJ;K3S0Su%i zQM2L~YfrhBsj0UH9EU91{%0tPD2FWfDc97?z;!BtiN3nUb-UOE6O=D?YpQO~1UI06 z#~}#D&{JMeDVNQngU=D@~LKdlgLjX*LdOj!R1t?lKm)l=lq=Ipm=g&7!s|J~K zOP5PZF9PQ7p?;nP*{Uqn4nj7R%fCY!obY4y_<*uKo zIhP6BdhZdHddmb!(~L`558(LM-lUEMs@~@kG^ytc1je(V2nCG#-X}#_ z@HWU}*B>U>c-o|`Efh4=AA+n@E3ffXaM8nlu&&*YzwB(4_Hm(rZ`s){jfk?b!0m^% zMv7!8Wi?IR>irfp+QL_V*s>!P>;2I&^N~CYgEc$=vhHc&bZOi6&P9JKsTj5qJTWV4 z5Q=WKhiIs0iHR`GMo2%LlgIqQr8TKomNjX*mUM^!9nO-h$k(xoJyV?3>l=6`gN%i4JlLv@dgFUjWn-nN_4%4mN%#ofD4V6#No#rT4Qy)4&Vqpt2 z?qLg4?p4Taw#F|6I4>X?AKPwM(}!CdHUS>V?DAB;ZBa7%2X)IYlpmY?PkAZhe8at14Y3|4&eI7;c`WoMy&?K+1?e_?K z4gRg~?^ABtZGxdDaL?=UD}iq3ecE3yTzR7o-7zxWc^@If{)1ra<7GTO^$WIe}#b&yr?>O%VpHdBsw5K zRn+xy_Ufd*ntj1ke(_yT1mEj@8V}HYkS{=m8rZO4%z%vjujl>}ulD~xi~hfuKt|5} zUnA%KYvlhw5CD4u4X2X#&ue-m_t7u`1+&k4stk`{D&b{MwfqT8sr?3(y@09re?Vow zU->{3#hd;B;c4nD9yOky7hfjWvCI|J@a*|<*rQ-mRTAI`P~ORJ`-9lt_6GX z&XXMme$d?F;oF0583$Y(aIK6wgKBe;JM^U&S+c)Ix4{Z&xNyHj7loH?nDJQc`mL~h53W424bcU|1p zY?_`R9s_;-8|~7sa_`2HR~;H=7f+e@;G=lF2Y2o(F>+Pxt>)asb zVwnVdFiy+?Gs?U&){TQ@Qak=-?EK3JfdpcF3s7QTwMS$3?-P)k39ry>%GQBF$`)VD zGS8+k2MMj?01NHk9T8`GWmoE2v6p5I#L~qNrQHi2PJZp7Nj3YtG3UmT8Rxth=Z2vv zP93P*KGm2UAm>7+zCy_&SSg~~kJ{3|g6SkVItSd@o37E$qbncvA9j^cBPk!c1uD3AoZf6kXY?m3wRB zK*9FcIb{^)mrGwu8#VDlL5Nv=MGVIx!yiMoK#)(BP*yKvIA1Y)Gr=$~Dr!Di=T{VB z+tmDOd!(L9U`NP%fZfLi9h6sj2Wk05lS{~8zaON%`W>1>_U$*MMj|{3FvQpC#pQif zdfv~_TW+;O%!_sxy>jLk4O+de$f8uj05zk*m0RQhN^Ls$_5$qxYBA3DuNHs0{!@+r zwGaTR^k)oI>Z3w_l&$@{*z7gviJEuyy+BFB3fv7x7jUhB96R-eugBS>wFgT=GolST ztC3j_C|&PzK)jyj|JFMC8;M~*rGH#a_%&OBz%Oa_bcVR<=->)` zOqvI*;x?a=^hW${U2%j!p1g^2LY^eVHnXFvFjx#|o$_ba1l$TnkK z>AOE@UO9a6>7icSjA2z^h-G#4$d}CS(PzOobla(l?|*&I}jaQMGQ+0U&kqFz(ccr=BKS)q@#AOF+~Q7VhRifWe}c z^TJU2cC!s4;|OYwW6LhDHJB2QU=WW^^14>-+FiS@4@c~*Ti|vy2&VS5rg414^OtS6 z*bxif@U$jq0<|Y!kI4htqLhxn7Fe`p3knMfQ2!7~j~cZrw)-}^5J_p9v@3?elv3>? zs4*?u*Tzy?b^%L&Tl>x+u3!es2w~=;pz7S9^F4|T+cY$1G7)t84OEifG{_{K980eX z@Y>Kg@`~EiaEIxjcQ~&uTb=LoCv78s6SHx%tMrdx6+=&$ZEJ&P972_zQNO#TZKM{> z%SpsS&uP%;6vzGWzO5EY!8Fu2bYl5h6>}PZ&aHRW*=;H)hML}o8fI0dgm$a*nPw8_ zgF^zxJ8Y9sRp;p`n*`h(;t#IcEmjFX-+QrW6Jk4RN4RQ*5zK3KFCR5B+b?|-+p@F* z_i2mk2gba%k-b4M>ihXHx{6n8ryloo1VnX;-;u@@HJ_c%T1QoYsFt%+HG9CMPbfKU zrI*)xon%t6Q!aAlet87A_TO=?;HXR= zuw{P9$T3rv*He!1eMUod^k(y~Gusq4?-$e^PaJLs!tR7k90D_%cM8i0(mMFjoeqhH z8$DdQI)wj`r&0fw0(40KD<=Dor1+1ditfB{L4=^9?Zue)5w(v-cuU0!H6Lzd@68nG zhk@%~+WXo~&x@X$tygpOx^L-Eyu!}14@2WC*csHc_PgK0O8Z_pn=g9QHo%0>ZUiNV8zP6&~u~qW7l?r|b-M_79X5PEiymn#fvZtf& zHNIzDs3h~EG6M;*6U(=>DSx-wfFm-r`K+hoJD4Hopf&*-SRO@W^nB^+D7J(O?ze(= zic@q2zCTFe`aanl>T(9Z1DL z|Lw_#eNa4YDb(d22ZL>Q)cjOqzI7W%25t5YV;;5NWwnLPJI&b@_%y$SXwSh!4X zA6#jd?i4(ZTg%s;G-ituz&Mfh#0K!57Jgy#&Z+0;S-M1w9^_$+*yc+DUy3-uM%Q4z zr8-OGTXOtMRu~avb3^rOhWlZ-4HMe%{3X|&UwJEyq63C=>RTJA>af0E>ELijyq5T*rK}9TGuIWXA!`jBfHE@gCF&be|T}eBW5Tqa| zC)x_rj5ZlEt*Q41i7ObxN@^p6G9@hdK3MB@=PFRD+%z91Z3KWkx^y|xae#C<>|pQ> z12@NfayAea1W|_Z=h8KBE=8@|U7Sqp=J`iJHaFycV=NDqgYhih^fKokh1 ze;fF(ssAgb2X68N+&Z%;;I;K@B-}0s0~ZCa;rNH7mcQY5Hqx;Q9+Ai$b1L}wnr+$l z39#QO=!kMR+rqx4(2kmayzhGhzW-Y2_HUt*^U_cYy5u|(ILMxF-CUhl!IKi8L4*{QS>ObcHC~&ndAmTSN zApSRWK#O1mW&4p^-UhvPuTSVUD39Z|w|>r8rGM1VXEM7_T;6upEfwf)ut|3au4Ln{ zf2ev%w8g!?Wj=sMYUbpV|I{>?=d15f1kS ze*)Nz_q@S=7O5bA_{C9x< zk5c=O{ExEclKFFg|6tW1+`>(VSO16eVY{&A`=5`1=f}efCzze<{xby2@s9!zm(Rv6 zX{G)^+^xfTePZH{48Zg4MK5SG$~~|d5*{V>m!bt|C07FSKg;~s{x0+TKenS#K`4j9 zma1tKEti%YZ7y*mSA}lRa3T~PwYZ%SWQpVmi9Pcv?4{w3C-+VZs~<#Jk*Q{EQp2)r zai}yEapC^{ZNrgjU`$``q*a`1c0YjRtJMx@SfFd;pxDQP$mYalEVoe>L8Jqnl?_lt zs@#;%uFbh5=Cx)Bggy*EMdwKFC~83E?75nZ2M; z+7&@Txowq$tibqfXkAgDfG4#?Tz+MmmPK;~$+;+dHX0<|0K!tmJlz z@*Ao2L*sdeOR|4O)OacIB%aH`@tj-Y8@`fg&%I&2)0)*Xl!;~5>HPTxP;&ddaUmY7 zJxFaG&%)PxGg!D%L{9i5olVV;3g;W<*@$rIWWc=7@c`T6*k=l_`3zkvi2MtztPF8> zgdAgZN|r`lC(v=hy!9YC5G*wBu z9aNabI`?I@U0k2p+)oG#0r;f&+W`0*pQiR99^I+0kRg|ZDXW%;>BOBG7CBMmJjXZx zAP9M*{LkXQ`1oUm03p<%*A?S!5cv@3+Glpcv7Z48sf_AAULm0oe0*US#5~?!u6rXw zreo9WN!|RIi>Hr7D~^<(zvzWT_!S0h&~uOTM7&1;^l`E2>n|NXSSWpcMD@f$iTS>3 z+;<3xw=S)2ylr^-qwx&|I@VA8w~uY8G7_5ZOx5-}RolTqrOuc6Q%SV?B|gO$`EyCU z`bUH`fyUPSaiNk0e7G-M*}c?e@aXjr4)Mr-J&cYYP}@G~7UgBBHY(PMOf;2C7ET3O zcF`=g=*WrUSzuch&nZ3;YH}`RW%}Q%*R%007~0i|Klf8Ig?v$9)=!H-FUlZ;E`}Nn z|LPo=E(00PZP{EsF|MJ4(NC@w5L}H_G>}NkDtzabhXFdBT6gCTr|Z=23c5xkl?t?5 zP>6rU5fpKvegrP&Z!yVwr$;O1f^F!Ep2Vmk zbAf)JAlDttF!s*V<98&qbsJ#^cH*vl9uTTYBJc8^9$^d)0&y;AU*72{4L&L7OlKzO z7;L+BnF@>uG6IPJ#+jQP4qj0t%7Q()_YuUl6#)0T5sH%^mGHPq#`kRUTyT`7CI{d3 zl?hHq1wgyKW~ zB(8CXS%DDvtt75+o>` zUvf#_$yPNTk5wABrKlW>a!j@QBj!Dhnr^574B3UMuG9GLDK9ERTd{Wd#${MOdiC7M z(qb|ji*b4|s?FqEiAM>GHK(HmA~Hk)Gcma(kI8|+521!Yi|@p&QEG%}><6^u!QobE z=j4iu#PSrYiry-NoCUh0ady-*ax@aXRlb%Evqc|sQv3yrvRbWejGk|3_1n1y70LMo23{te}_oJNSHin_EW&Rupysv z$xw-j6VCO^3ZWZ4ade49W!LB8G=gdBJ}Gt`?CQn6`~8?3;#IU_Yn<$)nB0SQaNvBQeMI>Z3TV zRYcb$c})liky_!rE%qtP*4>rk@IkA_Kac>OMj8&82K<@VfVNk}LD?#XJ*C$GXadE- zevuqE0Xp0-hcE^;M0+vA#$K8`_jcYM;LVL&($6~~rTfHs3Grbc=5zl6v}l~fZ+3zdv}hbFQFIuz8FnDx7>}SU zH2zuxg*TcoKp_2v;RA14AKUBJ#-puYxYxWzDieNf2L~@|a_7|9)WUG}DhmBHh1e7e z5v=l(&|UyE|5Kelw4DaDx$=C$A8tW zh6cj_0qv3g_bUwX$F}~=I3SE)L#o5e70{5YsPZ3E#8yncBr_&9ou180kUb$^5PP^^ zCi>b%05|h6A^)%g@A4P`Tw_GP5ADAi);I{4Wom>5hyLp9_~a+dP$PhB`t z4MDRhR;`loLhx)#&-ke5EJ(OFY*of2I-bX*qMrhp5;j`r>DtVps9-2&W_Mjs^9f! z#di_mgQimyOldL}&5YS+Z^LLrVUWI~wkr`AEOvyFLr)JCt#}IEE~hgMe}7>6UhU_s z`9~fH{VBBrf$Jv*tv5XdD-q!HCLERkY#Ji-JY&X*SmKtTuv^qmbT%59vd2oJI>V*m5eMZ6bv8DF!RQA-JC$4ec$I+s6Qem@{kk(hX# zM1=R|f082~qKsU*jO%mY{VtgVeRf1MK~UTjft%i5oi%e>*Wy!}iX9#xNLZ}v;@7XV zCBUYk%4d7ORS6bpR~^T0p|03e>}G;wT2hh~(DaJhAM!A}>WOo0=IuELmn#JUJXt-P z`rya3=t!V5n`VM(bg2PSgd+0i80IM#34xv+(5{;QRO&-4I5x23^) ziff#qc|qyK5Z}vr|D+j8dY!YuUFVI#xmQ+(Pe*^rCEgS0A^@SXxU*RhV7ReEXql@|BB@V?nLR0h|a z2G0D8#@Nxt#M?qZb$i#sI^I4f@%$J!7f&Il0_cobYn|*&w?54spSnKHz4S5e()8&x z9})d0ru3U_I1?XSsem|T@x}G7P5f@-hE|{U=d&hT%*Rbb7jv!`pE9gYTR}XF_w6m; z18dvi3tBOz_Go`6Bu~lTFX(H_b8V8nXi9N)ezKz+YtVcK5J}}{K-aX+Rt2rOPE`1@ zW3aBdCuXO)QB~F}9)G=7KXAFnSjt`eg)=zP$jO%Jv`rXfI%-aytR%&r8*471;*VQS z3A$k3?nxPe&6^s_!F93T{NxIAiYLWJYS{&a^i5iv($BB!(F)S*#3Sgy~FG?+rw)70GB|5$-2Fo9sD= z!}5t^=2U@Hq?m6bks-4*BaI*F**|^sjf^slG9$V%65HkT1}v9n*SlDrgt34%nbpAEX`<2Keks$oZmlZ|_0Zgj zGQub*KKL+KOpxhT8tV%%iR<;W<$vVHevy0+U(?k#N2m^%6?-&2X%KQ1vIJ=u>AKQW z`2C;G;*Yp6zxLyERsuU2{@8s)@P%7MH+T~y=!wfG; z8xrMN=*gtDd!(^xs}C(urh*7y-WSH6f;NCGg_M^PI~iFzOSy8gKB{Avy#R4&BQ$@Z z9%b5XM9#Le^+WsRWw<9qz2;U0>)DJRZ{o9amZd>?kxOSlpFbRig%%@vNo!f-ml;yS zUa5yvMIebj`3&Fm`Z=OkD#)wi)NpVL zz2wNI6z-Qx&F6G>ke!THtmIhlIS57yK^&6jJX1=Fjq)!H9$wrAM!OQAs#W`A+ zGddLa(b^aPI8g3+e^(s5qkM|WI7`}Sw2w1)541n{aqiiQgyWFlsbbMsoczoxTPyl*>R=7w2Uc|e)Sg3PjdV0@Be_;-L zxMl82d09kSE%u^sT|I8+bsLTHzSIhwbTa$SmzbVy}RVqWh$8OS6D>WTTpPtazRYat2^% zmD_ef&~LR0DM1)dl z#MpbRj8bJ5sp{$r0?R%ysQUt2R)R!jUhwy6Gp#=e_~|zezqengQkq_$WmM<9E=kfVdj$ncH@$AVo_>fi zUYrTj1iPRvY<+$1vrd?m?zM=t>$kju6Mw~B!ahPSV#6<|)cP2f=y`WJ(@EL@c-KJB zO0M>@UU2vz*KHVjjLFUn=j@1RIu}u5vp{e%I22hJ*i^VoX6N)iVFM%bJ_^uzhS(Pc zv0d!7N387UzEfMPem+U&m|QD9SU8Ihre3R?*8aMD{+|a~;eUFAf5rusj!^y(+YWJj#l|8y^P!bkMeTe?9Q3&}`4vFI68$CL{iz zTz?d@tGV?p`TZWIw&2z#IWj}dE^8Ubk|-|3;$+;e`}^sM6f8C7vdbWBLfwla1m*%$ zp$Ii;6nq}m@F@61+M*)7tX@@YR|Hz|iu4ia@J3;x zHcy$zv(zM}=33ZXOylFc*= zw^x-ULWYF>c|^de#g2H2GV@@mW;0f}N!G}g<@es`bGxAuRu%owhe(R(T6+KJ8G1;% z@f`ZDqZ~4-;@V3n)kD;#Cv(vqz!1izOWb$8K>3Mp31(Q<8gCL39aS2qkM6Bf_ zF?0fJj(raPFxd~pbhs@M^!x-VpbTAxL|>xy+=*U_(BLxdFOFeRO`R>1zvTc)cA;id zG7q-=pqfzVIks{w*^JkygJ2jq^9ekvO6sYLUqn_POy-a=6;KcX7{bkJ89i%v24v%8 zh<3kWAEWleMUoQ*d5+?xLPZfJY(qH(Cgy+)ZxzjCUj^==Bm)=k{^z-S3Hi>LkGK&; z4B=5_k{3l54&Wp|8Mi>4kib7g#`Ng08H7u0xN>P6^EVUosvW*c(z9CYAzn8Cn;mEg zaCV+!0=^fQEX@&R>Wgdfk*=s#V`#2Dn24~rupK|3u1n+Gy9vmWbqTen@hn?30%jRC zJkj%O>1+yTg4L3!UkuFe2B(rCUCWC}O%)3z&stiUm`DoB_vP}>nGGdDcTTm83i(rH z@>+2StJ)!QG_&aF_uagwGh-vf4W^Ky4M}W5zs8Y2oAhrYoVx z<;4BsEW$v0!&}UC+0CW1jFlboJu2(^-(sj4QUE@rEqzl1#q-Xm8@73E8BjPAW2@)l z^u$_#!kPcDjHZ@aLF;|5bRRhRep@WTI=@l}0Ti7oA9>mm69B_c%S6|HYg&fHnYmyD zislKlh_Q6{Y-7oy`EZByui%a`So%$!IQXk6x#!V;B-GppATDQSNMYgN?;79Iy16!z zc8?#D@fEvNK7{FXF_ZpSZ}e(%JiE;H73CjfGsha$VNA2H&cioyzuxJGQy0&Ut3J>{ z@CO{|jGA;A*VYlu>qKG&$rSYVnky9Y0Kg%;TDrz%)}>m{tEYe*x!&3wGTL+Iiqcwl0xGG0v#L=)+#Htf zNQEPj)+pdS(R4%4Kr3zeSHH7a+48;BM{T2vgRkl_DL+3a!=YPf?V^^ncHbMiPNKTS zSAvGZsi(1joH~#1Hn#wp`*^!f#ctUH`5%^!o2kDkVy#kZZAln}0q`Tx;mRXy>7~iz zR2|7M;ErP}+wdaBzn)ZqCprU>iO}fY4`1U5v-Rlu*hs*6=V|gX^kK1z+Uqm62}&Qj zV0hxa(q|oMP^Ql{cW|A-A*%qEiDK$g%+=aRfaXT8Vp0(T?@J)W!62jm2vZFXBQgfB zWH)1g(!>u&csx*+z+`a9BT@;Yb1RRCria6mgMVt22tQOwkQ$8PW~e4B1he?wYWLTH`bJF8p7ms;D(4nh*NpbUO2yMH4{^mG4Ns zLofz`9*WQ-JXuf@=|>q&4DXg2l+I{_3-UnX(JZDV}p2{c`<#HHdhB@ihmMGDsz_Ytg`?_W>~N zKYDT`;wabl#Nv@}BBm-ra!TAOR?m^^CuAZJwQmB|#I92s~62bKP_j@d#gb z^k;Lj9VnivI8umH<QHS)A(9O($H$5MK|G@gS<(Upy>e@&K*>PEo6uhuxoF z^A3TBNr-}J;XsJ`)t>_+B|Jkd=e()|DI!jVN2nP;ql1ee9R+ftxO9}oAfl$T zYfmk=s8)IauCkPSk@RXlE_%v%bQu8jppa$cJK~S0DGJ8JvZQlM=+oA#r2d+?)Y6pk}Vk3LPWlMtoe`Lx#ujwrKy zb`5cwsOkd=z5`({OBoDT?D{#f^%4*=`{Lp$rFrt7II0tdhQrTSaE@pIM7fOd2i;kd= zds?b&l-E5e;o#Np#-$3KdLVt8laU2jZmQdf)XamAa4Ka!yPH;2R@x3`o{C|f@npdH zPUjliT8|`l6|VKmuHMj&H`O=>{CUsr_Wt;lw}uq72IEBG-;8s23)E99Xp5dODdMw% z!DPY2hg0`AEpp1t<&j#;Zw3suAKIV!M?{AhK|dZ4cZo?CJw(_ewdQO!Xad6DVXJ!w zedFqyLKtad6yOc5{@F3ePIV>z@c`+2NL~{8w8wc$Y*EsPW1Pu!Cw&SP;Fqxu{K1b> zc#C$%U+j1c+Yrc9MuI}?(1NLHR@bsL4?#-vrSzTi%Q3cZN=+w0$LJJiU@(C`06m4H z=df1*lkz=D?AtJg9{Q@Dn>04S_lKZGZBFpG>Wyf;D*_)Zr{duJwc_HjA(k=u84&i_ z4MnhY8-|fn8v*_EjS)NTxRWi;2*+mx!+pPEc=Rq@>CIcJND6@mck4?ey9qkm6A|tY z5+`5E;xdY{W`(k9h#;$i#57U!r3GDn69o!M3P2gcNdLx%^tnV0B@BcD#CUxLc=Gh9 z6BR1_j#-*khpYl3>VHGjhU-xmsn#I>HG17g^3jssjsmrX{+H!B9o&o9^Z%UHv3P8| zC50NisV&_8RcLvK-SC6_O8>AB{n8>aFjB zv(?=4YEsAVnx}5tKk;-L8a7uy786|B6M`aDhaCp_%iFdb!h(fU7&XpUEEfj zOEKk9{8UXYd6_2^p2wbTvKHpRw{++_LdjUCpO#kBN(Vqoe9tuN>zeUh%i-Dn>gn7K0qC_l@v;+DRxOQLM1+2(PTJr3wy8_`L5RxWt>H(TcJN9bm$zfI3=iZinct>~O z9N#UQ%@IHxoO6Y-;}!qTDbqLy#- zGTq0zhnIOM9{Y@wA=M)-J~-ifPg!Mo*TR)?J`*L)31~6!J`9uPSsGz=Tc2G{-Yzk> zj&SY>G>PF4v7Xl(P^a1jR4dyCG+LDDQ6Lvimox)v%(gEAW=pL$T_-BtJ;#VZ%f1rU zf;Ua-NdZOrIY=fcM)*eocW6_fwFJWar30Al zGM|kBl};D^ls~Hn*ctLdK8FUlOMMlS!V9#J&&*?VNRK&|!vK25QSii3K`WEz%g8vI zto#9txErid9`Nf&y0I2hX~vOxD3gdQm*kOS1AQK3u8McMC%iHVX7FSGry7eIfcJs9 zCX)*0=AE&0^p3P2rgU*!+_Ok`EpFk!v<1vf*}pDVm6m4gn}4u7+qQQNhdDwTh$DD) zh%yC5CJw^>b`(H#oQ9}~i$vCu{1behluSaryWvV|On-LC^E7Fe=JC z5PyKyKZV91T!KpPvWdBQj%(9hr2ekv?FLzrQG+c9qOo|z?OgM5p|W^KRql*i=J87u#;D}Jwf z2<=vMrz(8NU!#TK<*|t<@>?NNF}(6n`0hc1#WnlWvxR5eQPy1~E(&bI*yLI=F9M|e zog4u5bU0P*M|FY>>f1_7>;o+pW$ynEUvC{%SIq1UTya4YVv2X`q_T#8F^IB0Q- zmg26(iWiEzYjG`3ad*B$+vh&_u6M2Pk1o=jy_1>ABs-bR{3f10m>y+X48tfFnNq`# z0PHH8Q~?l1(oRK|`j$X&T6Obd7FB6Ngim~CLl?aShns@u$JWkI@pwAx>mOeWsM4{n z{rV7dSM@sCg6JHkn(kT@gEVOBmx;&+I(sjkuIV}f6m>K!C++xfbb%mKwq?9(Non%h zkT4de1LHGz6C32({=yn+HkV6B5%lR^Qx5WS*-g*5b#rdrkfZ zO2}xq4K3$5OFP!FwT_ZFBSn=Ue^>V@UbFFrO_`x!L(h*~lo(u0g!M5S`|T{y`Z5y| z4*jT3N8Z;h=R8uih0LIr)2_pf*E_cP&m;=dO0iGQB%$oFACG>ad)*J+Iyj0!)mBQ@ z{QA(#75W+0*56!MRZl|V_6DZ$^^PsWP>B1^H*PwgN1Y3=vMUNkehYv>3_RTALe%)Z zLrR&{jY!EOVdrZ9g~!&xuboMy(j`1b=-~W1L`+~8@)s`F1}MGu5D2VFQj*oeul3 zI-doyM|C`M4k(sIH@c=4l3taEY53WSzPYb@UBxC^X7A_iza%UIDtwx_lBHNlu1;*y z2+h)@Az%u%?@WQbRDg0+J2Xg`-{)#*HJx&=tIJoHFN~JwPex)))+{U0)F@>Kz@wxa z1Pf!$&Gb1E6~Nis?Xx~Q$MX{fM$jS8(bj;>$~;RHhu&aG66(moWbqr0X>=7JWhKyR zohLb}a zvO1%M=1{4oYH5MGbYYr&3?-pMAZG#eEXC>}1UG_#A=^kiSwmRx7W4rW+&Q$H%#;r( zM^Vygg~fpdpLE4QW4&K70znN{&?LM$fGu>^$VOhV(R?%(Ii7t~s&jz@Di}4PL+bLA zj}dMVM#{%Y3~qCPl7u-0(Jx`uzVg9DfRs`$#^fE-Jfd^B0mJ^UuXcHrF-F*hdW`LX z{1@-;!Nd0NuCz|mUImP;_sj&MEGtq<1U_QzTG-R{yJIjOc5|KKhR)hhCkVJ2OxpZv zA4g3pMQL!rdgpt#eb}<=HOA|ZtjAcHR&=xDUE6?7em{MdILBF*c8g-kxd%V(e9Gi2 zV3gGGgE4(^;cXTA82R)0eR7-NI}c)Te$+ODGQ)&UhM38njyrofzNjA{!XeA~VYR;a z-E+<@AN@r8gWjH(cw`)nKpq)8ZMk7* zOc}}QDc7~I2Aj@<;=9$D2JOa&75QXj3wOaopX6EhcIT0jiq^d&#N(m3Zy1G)UPpBBe{I*Ix{xsUsw zWPDay(O+Xqms#6Z`rbx5<2S{~3INhDLRbjFCSagVA#gOx$w!ER)H%FgbbSkzT5RO^ za_aQB4GC5Z*)CV^7ww2XtT6d-G!x{Gu!KYhQ}z*t-LD(B|ITITCJd$o=6ylSMPCg& zl}s?AI;OWSH;%*F$;piienZ1=tR@Fp8!AQcV>;BO72hH@QnmczW$!GbG% z>FLC9;>nX$?Qo`D{Ss6nN0rt`g7YSf!cr#8b6>bhHDNkN4%qjJ0Wc$Nh`MboQSm1Udy@0ty}JBS2632)v(s`s?D6 zqFV5Zmz4N_ab?YIf+V!H8f|X0EAE}$M=;8b745AOOAbIM^N0X-RyRz~XwfV$DGu$s{R~<`jY8J7wcG*Ja@O|Z zw!6(4>`d=fmt~rR@vIo_aX=oowhbfhaGr!br5_8OGuV4A6vjiAqfPe85}>l`=9#Ql z2u*V~(5{x=x;GRvu)`HMEgZE(Oq5CX$nZ>MLM36*obTFyMP1_}xM5Fq7LSEn!)doU zp^aYi`hyC%O$Df}-FZ00x9e;okh?ki)CJ(QT-UmX{*gD;2$UxS!D)MkDy<<5!+lXn z8N8`s-pjr{SDc`2i=aERT3Z$Z?Z4NP7cwEoWmm<$G)n*t((AKGK0PKmRrC7&8g|aV z8dDLyDPh@{5h1oDB1^Pq=5qFLESb*=- z&NNpR?SA*0yFB!FAaMuVFnuR3O*x~itPUh*y(GLsqu>ctfu7Iw5jyA>6}Rm3-Mwp6 z@-=!HUYBs?`U)xqQm+Vs_#ebGDZlJOh%ZS_y?h*D#i$cDCySX2UMI%V_YDQ|$$ivF`el_!Jy2Y*+jtAczXI_43%pbFriTjBCb z2B~tP(i$31baUZ8$wo#tNBL)oWc5Srdmc0c!Pq>-k}vzHgqtJ8Yw5oc+R@lAlr{Q( z4Sez#u@&trZU5o6%S#G%(`zwJX4J05+pvOLGx13`tD$*E?*^hb7y6lyvVGei{0*vu z7ZIqA)7_xjI2MUl-9fWiZCj=u7xqnFDre1ZNUi*tpxICKlpT?LGH!XEk*Wty+OD6s zp6*Z!OWsIOm?T#vgh6^S`yorxG`&(h8fwwiscFXMO*ndyopeSt3{QLGUkiN1w*9%+ z&?+zk5hBKnFjT3IsH6>%SCSGA#No>jb{Ih7tX6QoUmj?6c;{Rg3{%o))o+BHfE1Mq zQ1Wqf((LSu3Xz?xh#$lDC`(XbPB4c__ImZ31~ZPmjAO+NTw#)OMpb9(Pw~`+=SeQY;wq*{^B_B<7E9?D8oA3@o3wl2UeH@o-3h{dZ>89kibi zyrC$hvd#}7R2<{qOf{QD$B*}_QnX>cK<)Am7y7J0c=1>*E($u7LEf^FJpW?OVMXj_ zK_qM^>aUw!C~%O(z6mK=$xF{&qzfBZ#DFaYdZ;nx7XlVw^>kDSz%;8y_t40hi{pH( z6~oBNk2ER#=rjP>ND`L!#$x8hjW8u-S8Z4J$|X(Dk=%n(>(^k`@g{cps?8capKsLy_C6-@t{&+}( zc_Bx|^QuOy)7|iXH?+3)cnb{s<^^vgXaVyhJpM*j{wxzqu;uQD>q9RQ$5*_Hup4zU zmL<*^yr6PR!u(mKtmmVU>}p&zqHU1Faar}R9$&51EbD7M%XUvY^%58~%@Hh@A;p%a zQ~XVOl1=MHp-0+rm1uHxXbfEz`})YLPl_6+{7E~q4RDN{7$INjnuM#2HC(`$W>e|6 z0Y!B71x~m#O-PVtESMO!J%?yemO4}vv*DqitP-6pzn-Y2&G3aoCkIq%2JL~8ym2kB zUMP8x?9J-GFK$Ric}K!nB_&|M;~}1OV?lnCQ9R*t(xaw8o2f1;-9ZAzbUqP(`^1C* zsH|SCFtdV9p9#OqtT48MOP?W_*H#JsRvV~9^irpB5G)`%4}F#mc_W_5?esgwYj@&G zJd?)hcSMW5b5TbHQ?u0%m9g)1(2dst%2%1jRMA#unhk)x;rd~1lgzl7$M3HyQ1B1{TzZGD;*?^tZENCc-jTbe-M zMYG?@^rviAzdT+RUkRNi%{4y?h!~BuJNT~IuC${Fi6XU!82!F{I6uF9Blz;D7Vz;_ z2eyBD^ahlFvF+y1rMnw-g8ES0H9prBZ?fNEo63eC+>SO1dU^DJ_%QF7&A4cN}2m)}Q6_A`b-HYKc%7mj? z+fW(^1|l_sq3s&PVc>+>L132e7||m2j7Y+TLWE*~B81|Hvc>eEj$bID#_$K=vO5k_lUX05T&R^Yx^wE_g5V_Vr)Q-Q9XF%@I2Vs9A z1a7wK$7c|B=nT)C^;mVNAELyaLbgfa(Ui`iR0;4wf4;n4!cwkwY5NtEGGFzbhXkZBdRmOX)7KC5;7^hv-k)zz%Icq8VUi)( z@Anlg`bt!Hxu0M+KLWS7Ok3-BZ-LE0gYADEf7?$2g0UGi-gCR~5nPJw1_!60!|Ta9 zg00nQB=LOWn2ui1azm_M}0 z(>-4usqo(P=Q*4^NWPG!{_ zQex?GWSmSBOSD6HjU%ZC$B`g|<48imaU_v|VI!WHDK|sORd|kEW&vwY_1jOu;5d@) zKXD|5F@e!7U#h0xt-}_T(;4oHB1qEeUhr<9okq)xg7C0Xugfn{h(Q=UzfCF)1ePMG zWI+kjjxe8_C^Yih8$IxNOxVNjg#JAPe!Uiq3@-3iqg(XreG0uD>}yt&PKD;LM_$fk$;%%JLg)Jp>kILlniI>ll4IcU#$$;jd$4sf}B3Njfc9#^VIJ;_<;}z27OXa#OYqB<`WX4-$|$K_Ozz3381PK3@@J?u}jHkARG~!{upM27gYptvW=ghDxC7H8jA0`xHjVB_521OfTHv4L z_36ppn2rgR!`)E&Cqc(IswoBk4?PF4AEI)+4IDIS~aaA>1m5jgtzPhpZ7$(=XybjCQBqh%sf;Orj#xR|o=JOPM4qy9m zlNlO`&)oH$H~0z(p6c%v($5`y5Y%gOp^0Pt6Td&fCSMjU1GS%SNClm9@=Q%I&Ee8r zeJyvsEIb)$@1?#5bD3b#5S*oz8q9n}0lhTr#jtaHp5?F59Od*~hg%z8YfnE)GD=SX z=lu8+%(bGpIbWTi@SduEgZmIiUg7=5SEF9beEv~kIc?`OK)x>M^~T7gtZGA5nvwvd zYRBYdPmDFn^j^H3p|=l)XRtCiQM0NsolL_88b?75(dV>)0LbI__NV-`1?-2D!2piB zxl`qhY4rZvtJ=g@C|j+0gfE*i7hZRXo>&^Q?3r^QTvWoIG*PevGPTw{572zxxlp#| znRrl!G}SgG3*;c3wIK?8I1mRM$6q1@%IbQYv1N_BKw`UVQI1BTfGDQN0i9>QJE)hE zrt&Th5n$NL4t~84Xvuo}V;6HQa5V1NXg}FCKCB5KceJL;5GcX}69*GCsFhFCslmE` zNrvj1tBUowmB5rP8I)|`l8y+hPEvq!yM1dL95xUUq0F{dcpnrvAc}Thbz%n6c=x{! zhhL5y^2ET=EWJ*UOwhXDzR`Zo0a2`_7?&>`f0|YL(9+`3&I$W5^&(3y?RH$qPl$8G zi(fS*C1rY_h_o{7=lRp4)%o)lf|bkN2hWxPl~1O}ibj>^i4W_FvF&Vg7q%|AU5hWwo|j7^&O$hLO(M@CQY;yKY*yFU{&R$UuVjE4I0u zM-y;rA@nkJ(shzam)5yDih?*zeMZpiwT;c><^Ep@^GMVJOQbX@%P_g|(uO|ow|Nyf z9$Y>Y*^i%8!T;=U$mCooS#!eCa|@!3V2s+2`H!mZGp#^o0-Q#^JRp^fFpfkHvH(UMvNRPN(SYMSkupb7 zX)=k|(lRA~*^rgXJz2RvRdC*kg%cHpv+PIScosfE3dA@~Y_oZ>H3Fcgxs!Rh6q-;N zDvp>u1#TP>S_ON=PhJqe?8yYLR`0RCY;;>7He`gL=_P8$DaPZrvtSBGa8rO zo$5d+Im7}e^~N3qA2Y14jxJ5BxsGK+0|gGr@xalUK;S4JUunxv2bK4RK$Z6th>dBo ztI6szND@>>x$bZPcy$PdKuxjte)CVs+_c}IFji?G%7)}1KyNJo5Q>?w`~zSi$iCq3 zX}6F<7y{uT}bv-UM2CBl^@H4#5iM&UfJe2e)wfkev! zz+b_UKvIMT2y+fmspLJ@ZUG1J1L@%9x+-=ix87jUhOO{=@s7-I?_tBa>;0u=1xwgi zUeUBy>Pg5cOm@U7H9p5}OisN?{xoR=APy>ve1LTfvnVN?4x-=C0W|s#>50p!*Y}_Q zR~y6f=OU_Ai6iz;mwth2e;zhLAt}&LFK8n{Kv*#RUE`}ykU-!x9e&w$VEA%UEI~?W zn2N>1pZDrY557FHfhE9^L)E>aryE1MWdJtz8DsK&!fnQbbL{A^d)=+o+8J7n?Su(u zF(EyqWXo+!V4MGUa-|3>Mx!DjokD{Ie4Bx*pG&+^!BZ-hOcvXak~W{s^|e~QpAdgb zhUGP@Po(*w#{@DwMQS^UaddxsUI&N!eLRTb8aXSuz~qZ9K3ctzl?1K)A+nw}YQ$&$ zsvQ5?QFpk7*i!6wWp|L?z24q5w4>>tKgn2K;igUum3-jFD?3e}8f(e8t8Kq$4pGR5 zol|*OK?wJlSY{lqJt%ZY@eKVUYA0WK#|SSS%k`^E@ck{w>=e-l_TobEn8tOIBU5E6 z;-gI4=ke5fZP{KUUTFcF@4B*hZ3)Z{gNIF*zS)He=S;abXIsy#B;NpNvW>u`Xv;>A zLHgzh%R###`qs>6TAe5^=#zy?A(lA>7s*{-pyK0KY5OC`RG}|MhfkVix6Gcbr)w+2@rm|R^J+l!!!n1^Q-KFu3H<@vf?hV23a~g6k!XJ_h7)_aONYJ)0|T(uc#lvq8k|=goz5Ix}2sEmLlXjekcrbNXn4qq+N+?YS z9tPUbf~IQ+-K;tGuotHViJ)@V>x%h4*kaHWXYO#h*~aBw@`y1|71yDl8V8TfvXWUG zZBKA^#3>NI?ST8j=46L0+#!HIvfL~MKTo~-Vc)Iy4ObAVz_d}DIe`%#&#j8|gkHL6$dxcb}~#_ zSh6pjz*u1Oa7`L)W&Hdihf(UWcX7gLHI`waxP9x!_oKh%#<2eU`d;wjdT+aR_DL;!GGKBd zXX4m7iAuByNqP0gk5|Bqy5$GI36}+z8JAU^ah-XcX`N-ANu5Q3qV{bHDMKRk+z6nP zn^SKcKatP!L&IVci`Wotgw=UH=_GoG2>#R4@+A_s?m02)^$l@+RtM@T9?TaN$$~JC*c|O`pB<=uaZ=^AON1C?X`n zZ&h)`dt`%3Q2aj?;?M`=Mo=J~SAQ?v!^${OG(h9w#b*)6VwS=LbgD-}fNoo{P{s4g zr7;0RGC1NLjo=>C<<$dev=U=!!Wh2=Ny-V(e0Fl;Cn&bxpBzZMo({hD?vQA*9YkvO zFl@HZlv6AaF8~%u7bq1-7AO?R7O0qunai0=nJb!0n9G~Xm@Au$n*+_I&6Uh0%@w2= zWPHnpNPgRJWu3g+G4Of|I#7TwHax4nY3Uit$A5owsC#+w1!SdG5TmcA8nB~|FQo=i z!TDKABvxh;D^^DK^2&`Zv|%#gFv;o7D)j-MngAOdOFokTs$nx-WJi7*1!EXSe&8Mt zI4_UzBv}Mi`1O2b!b3Z{(g!L5XfwNmF9G>!{OD0}AXj#(^aA2r5jkW_198*oU zpVTi-2K@5hs8d`Kb>VdpZsBebm*JNYC?ORxG_6qvaLLu`tDK|LV zL3YS%t1-zkn#Jc|AjOPhvgB$fn8qR1KqijXKO{u7wHiJfBkaM^hlV1BMSpFsci_-0 zL?q0@nqnXkUVHAAX8q<;>ok@}jIC9T1N+9qR1GFLhcdz!;oUT5gk&X66X~Q>GM=Q` z?zO2Q6T9pj^%NZkhE9K{r^4ejpxAA-g(pJ@9NU??Z2r|PoN4mU{BuS!w<(l{@ zWc@OB^9`)5ElQkUu07_#O=b&L0#>S)PP>$4L=2?&g*gkqm#c?7VR)72acur%mtJc>!nXz6v&*8BYD^itO^AdK zSKF723Iz6p!1nCiDF(*q(nN}hI^!T~(7W04piBcsag;}`ezCd8_z~C$j_|HGXfPYN z?-3%>y5qdY7<`g0nRP9Q!cA$|>Z8`=iiCL>O3%@X<7{NvggIt$7 zAaPq+Xnf~t^B^01shN*W8VnfuFPNpEyjK9F{e((WJIHWu8RSPE<>t^Ml z^W72U8#jKqxCpL|BD>2X?GH|(YdM4A`0MNtys`gI_|@4#vdpVLmhH zd<4gdf8D{HnQnIqCCV1m3X1Nci9Nm_WjjBQI5RV$fYDwF0W1ttPvgkosb5g1LnqT9 zbWLNERFci;$9=6$(PlfReC()Oa2=K)6Sk$6PEkg->B{Y5C9xxJJ9GYlWR^a!*jHu| zaHJkC+n=rqk6KKI9#4H2(ec28VMiBnR7xkY9=cW6(Z)C<6@HWv1^PC|l$n~`srm>9 zp^RJ|nmKhy6xq4YrIYV6mVDeC6xOi(QY=MqKT#ma1$c{o@g~`Q4pZp;;Q5+&An``~ z|2mSSJh`Na;q<->-GIy+X7x9pNM#K7MPO7hj!C@yM4M?meSOpdW3b?JT;N>v!Y+z_ zbL=us_6Agvtz7Kt$w$7^`Fogc_rng-Tq%eo%hvA$TT$hO+pJEO$8O8mnU$aaU7LuX zk8fDzg?>r*+4F{qXW6G>D;APfuVW!To)2wYp_dh=hXVI0Z!a3Z$Em{xH+sF{bFb;u z;@O+PQVXY-sFT2 zA$#T6BL~8zm~a1o0VhD@S^m3x+=<3mV$a z3W$tAOM1m(#AH-TgG<;IrJSyX%3Zc9;G6|LA$qbh$DtuP5dq}^Jz}$}{E$jWug8%E zh}Q#2gP41DmvCH}N_i=R<$LOv>r(CymX%egW<@fww?Xl8-W(|z))FXW98|dl_6Y;w zte{Qm z*c72?lUA1peA%Wc2EZ{DWn#?{)cKZv5-o@zSvwvs8f#%=W7UPwgF+0H64MqlrLYB` zQgGyEF>Sh-dDB*9v+}B_=rvzkoWUyswG-FF&a6V0-uI+cK8xJ3okSLmiK?rI#Ty?u z>vm!OgzpQC>0#( z&_{z979e`HHM>L_3kDLI{pP`T8hh9e*>Z}h9#f~N8~CUkM|YtKIEqa9NWY;uk6qfB zL7_TdYU1~6p7po@eQBbIa~+&ow+%@HqXW2EgL%9OG}NHfT7_cxc&k0f2@oDegnkfg zgfZcm;bR!jZv(L~L#?bG>5n1_m+a!6wGO+xYNz?BhpnRWgD26=+7(!C{*S+Qst(Xr z1{{(X1y7+1umU1CaIG9Xg)V$%D3#$qNlZUcc(09J=^WXYf)lo0DQq=_Aj90y?ZOIc zUi&s(rl^4kqyRq%-}!6wgA)$PBV+K{7t@bspEQ}gnT<;$2M3IoiD77~AT?!8U;|a` zh1|VO))N6}ShAyNeT@8oscu1v+chZ4YcYvRs9$6d+GqjB>b@it zcHo?0MiSp%$%R96q*{diR{y%slTUdemFZ0CZfePR`0i%ystLN&(%SHn$htZ~@dwH~ zXjJ!vi0rc;Q(ew&#;y(9?S&ieT<;neU?36TkX%BR;mg6!f=vG`@G!`b_@K~mRi&?G zSN7@6M+<*on?~G`tQSFR^^}NM*wWISH+{4GyZ-#cVXbA8udp(-{jabxsB@uqJp9jR z=Uk~~=A^br+P`JCZYh}kb^RWzmu+h6lQGaBCBdIp{yEDKT_eO^y8`{m4q$1FDVovf z$N5Ih73SB&-wb6X#tUdLRG5xW-m zuKM?ZrYyGmXn|l{nc7{Yd{q6pxSOn^==|0|y1y%*x47D*k5;@-dOoOb`xgF4=7M}2-o|t!c(l@O~BW)QqZ0+heDlUBp62`qd z#JqPyO&5eljhrhT@hR{(5sZnneAmxlZ>9!xcaIr;seql#4{xt9Gn`~$z+RCZSr}aY z&GyDe@{V;VyKW6Fi3*qwG&*(U=y&w-vtH(3lagO z@S5PPP3Hgyqa|<768k4pRi=OY?fYyIoLh zF1FMW`c;U$8g%dHl;sR!^)19SJNINwbA5>wIw6`FL55qI)2K|vT2LW?PfLAx`L=_k zE~{$z9o%rhMAm-uvl^Et5&iX$Jv5u<&btiKD~g+Ec?Ki;Z>?RFUrw^y z7ZI6T37z3)CbzYRSzG=YF>8Kt0ExQnnsN<^J~9PrMmff3gg?%Y5P z9fINKKAS&4E!_v_Kg@_nTZJkn#W01BCi9(Wg$$gQK{kc&Jj;nC9`Fha*^9gBArnB5 zf=^vLg9j34@5VlHC#&40Z>T zK>w>-<3<0kI~Y6A8t?BOy`t=Y+`(#rnpf=}iUH+GWs!J+{n1wSvgi;J%a?I215+s{$L4>g*~7YY^LvBJB}fR*vxh*qXJr6 zmmWewoOMDdXVJxc(a**&6Qj+lo?W?&rnw{gvRU?`sttNK;56f%ldWlq6S0D3XeJwk z-92(ns=+8R;>%SLozTHbadQ`#O-DZ0Q8a=Z>xreHvMwD@{!<4W)yT?gon6Maqlunl ziQ9FzKS}gNgBNwkX!ef4w|-+P>wpI4B0L&Oc$@bq;nb5zRbn|?z3-S$9j671XI(E6e{{0G~8@xY%hH5M&hirjHf^gq_ ziUNBYDbfEsnf*;JpY(qn(`5*0ewo)|*SdZiv=ptfWtfs0=Lb1LwZl7Z&a!2|6wANYOT!pYOS!PPi?YVV6o_N}-Hsew9B&G$TIO+*qH$C} z9Ea29=ptK1P=Np9XTZ300lx43_58Y~P-d;m^4)$Qe!cKrpD@wa%F#{DN9TL^TtNSp zWd-7C>o8}03|jCLF@wi-7xHaSz(l#_jIvA)$Y;RHj&Kr!U-YJz~RJJ-n=jnIn6nZ^AXnt3ENiL0#(@w1*S0_ z%`%3>P{>Ut7I?ELw^89^SRAm*2is#5h@IYti|Ez?r0@p%N^%_0VE6#B!uT@#Y@m#Y zi$>Fye%dALy_-q{vL;3BM|mY(SMb=0hpa9Qjbx^bBX(g_~X-im9J5xi@e zPYEo6Bu;T+frJBreM!NerjIAd_vFlL5t|`Ol2W=_hPjpArDgU${|g;&O^^pr9s*;n zcFO0zY9&OTC3>tCWfb~N-Gin`EjoU$snWcW^=v$48_+)>FsoJmGn4*IT=%i*_SU3r z+R}`ek_1Y^N@1CA4nIV96#=}9@tN#Yu80A>Ze!BsR}r*fupNl5WFU({{-hqpF2!}Y|xp4Rq zAPDS0OVBqGK?Meopr>tpBo?qlqoq?zljTb9OC9f)*KJH{BhY~^kQDG6g|E~J2$_0< zZ_HtXVji;s0H0IR7Rh*Zh-+{O=71I6-TYgj7k9mbG7MnV$%8KP8@X z#zIjC_=dxX&N(O~DUS;5Pys$H`KSKu27c~Do|7qIlmpm#CT*b*)f*@c_%@6sh^`f9-lrI`iZpb|R8K_dEwJe=$0 zxID3%EgKyMrAC?=KPt|lpu~@kDD9;wHotV_U!x$0>=8zqM(>&*X^c#Vyo-L{JLXYx zmfuBzoS;cce%%yG9eY=LQoQbUR};Ux?{87m;5Kz z!OkYQcoZ1+4fKO!;M}abwsI`dhG>e(6bM!num&n$A_|K8$OKz$5S-lKXaln);O)Sv z$Dw8=11w-5++yH#(Zg3KnocN;!|FaJ$o8y{7h*ySQVjayjT%o}WufNb9Ga|lV__dItZUEJ#2xBl#S`Q=tzz=~i*H^sSDxC$ag zl?M_J6w+;+Cuhq~{?-VRz3$lbNK?15^{LBR!&HBT^!|Ry*?-CA&EbQ8^x`+v;OR33 z!HO?~bsPD@D8GIWx}`Rd_ompssdymi+w_@jZ+)gL@=JGL5^jBz0tdXnQ*x5=AqP7Q zoeLFW1}>YX-CAHglB9j!hPmfQxjd%Qe`mon4PvtnRtr&!Rtr*#RQsqFs}`shp%$tZ zGl`c^DiagrHi@!;sqEHs{d@*O!g_u{en4FprgYXCwEWDM_fQid(x{~-we`(c3mcm# zJJ>|7M5?INQr;@Q^~aaZz~)-LEkqTImCu7e75SYrHUra;YMh)5fRSWBHyOJW`r(C3 zBfth6+JQP6=`8Q%Sd6R$FYAZ(NdvvI011E$ zKpY?qkOasUh!sc`NEFDJM-8CGTLN(s?M;8OOcu6Ss)#e~AS{^9=dOed>=;+`gbeH& zC+A1WEsK-w5*go{rtUAUgp8nespEVerSH+bD0=p2YjtxB3+ z5QHO8&tM+dm6eUxJCm4V_RsJ@gPoag1R}6yG%--2-fe;}HU)U2`V*Oh@GE0fErL$p zNIHuv_uN35Bd*e(%^w||S zs(R#wsKNm@k$_Hh93{cg&qcU$c$5)&HuR zPw$@T08JDK<%e~-hXII`7dP1sZsViu9X2>JwDTgSFR*!0G*Q%0BQC}?AuEkh3!J7A zs0xaQ$XbgjvtsiZAhBNOJ-GyQRp3Mm62dHWE)FlmL^cw{EVK;kBQXX=IYnikk`p%k zf|J=?7mYVI8ZQ&yyv`{xSurY%UAk74ix8Kim}jyVMO)&^kH7$XimeT_p3)o#eDhW9 zGfT{B$D}3Cfy*rNHD=$*iZkIjHnQU~9j2N2TA%h9BjkZy3FA#>n>xRw}D6M|j|jpLWgOFYeP}4@$fbO5{hpt@Doep6&aIPem#>=^{&x_rC4>QBOr| zH|cGQj`!Z}``iB0;3wCPdHovKE}#6T(I1pVk9nW!)-Esnr`aBq+K+jK+rNqlgBnh< zBR%HYY8=;QR=Mpo+Aq+_>=(VNi$OZm_c_*c>7NPBHG0rdr#=pwIG}J=ri{p%9$W=; z)yJevAm5}UE9{tc&+r&ZWb2j~No2pZu6@bYv;I!9?<#&_!_g#IY-^h`f$v^0YH~kC zTJ+)Ko8NY<$5QlVeelOox|=C~m-O~yVq|-n`&o(f@nb;`gxOKKHGON&DRdCrTi%gR z*9dkZ&DqR#cYFQ~@jTm4y*V(rb#>E|M#W0~f*wU#J`%}bxHU-+~68eN3`-rQs8 z-pzNzFWzCxPpgxkr;h!xSC%>ao)6l8iYz{r;}ZCyG)ci-A@P-zD(u&;q1Xk0pfau`N$VG%uUc&uAGzi=34Yhh_WZV&=J zJ55XL6e;Q4Uk#O_d~)A;49haA4|84Ov(q=rDYa9sM@QAVLD~w;{8V zIf%EIH3*j$hI(1Q5;2<9_9K)`G||53DAg|a?>}G2JI;mZTEWEL$8^pGi6zcEv>K}# zLQ@d!n)r>?dAAb2)%m{1@kUfbI;XGyUUe%-Pe?S=^S0#IH=FgHmHg-e_Slm&Lf5Eo>K#c*U}?fu{X z-eyF*c>q@oRV0Sf+}#Tkq~i(AEw8^HW9}cP{Vl%!n4e3rVpy9; zu}xYzUbj@dkv5}KM;?ab*%bTvSDL2hUfsB)ypVycinG#tA-Ba{N@=pn{L&_wvb<># z^aR|wNo@lVwc(^q`fi}BV2&`EvqQai0FiaY+uBpy_nx|o#C!Kfu#V=fSJp4(xMAs^Q&p(@mLn87|ilBoIT-{ut6I}A_vm6%D#)&6~QRPO! z&8TMQrxV9zU>{xNh{%faQi#(n?uz@x#yae+9^LMeRq@6Z5$6>X$CY5)e^P0547*`! zZiXBb0JnJHdienw%RSGJY-V@w5Dsu8^&nI-KDmS{xBQ1Zl9iQ!txW55`27~j`xa2H z;P>ubX)aI6MwkBnh`I5VVN!CsRdlKtUa3#KZoD2sDnH1j7#+h|9ryf?J+t^ksWW+{ zvUw?T=@zfQ>o<2l;AXA{6l7UvgIS*ZjVgEeuanh)t$&p#sB))&D@oS^0NLQ4ZQ3Zk z+j3i4z#W6Q{GiqS@}B&2A3Cic;0hkV)b9DeA!^Un|FPN6&)*IS6rJ>M2aDr|IPMnP z{(|C)SL%k>E!*RkPxgVA;)!nY1pmO5D*#$O;1A2zknjbN(%?qC47mcK)dTbF$pFw{ z*3e-Nw`ezS?mHk6#lh`OT**|f&9qaS}|MKCk)rlHc6_o{E|D-!dl=HmVa z`#P^p-5{@^_x<#LrI-i(Jea2Pmg!Gp6BjW}2UV}EJ~Q2SzDlb79a!zq@wVW>qhakI z`;Rm5G`Rf3@1M8-KKZIU&Me0JeJ7`0n6I+sQmtEK`(M=G@mC@-uiTP~j-B0czIKZ8 z%0WXv{9WgN1|T>qWls*0LEuWpfL*uwOwhOOAMZEFhK^GI5yS78|HuYB>T~F^;8xtd zWL`;hmP^qFLXv}C2bKN46Z0Q`W|zU#e`Gnc>wx{lw{`Co?SFci<#yiHum>;u`r?y> zU+iyq*}7MS0E-LU=-yQ(SnIan`~N)wo_@|x>)~LLWW!(a|84uvJPj_MYtP45E&{O$ zQ2o)3@2e^MKu89)-*@coYl*GvwbKovhq&2yq}c=Lv3D%lhuqnde~A9W`ad%NHuaZE z7g0VLQNGv4cK-^Av3Nr7nx>*_iIn0V`_|Ch}F zNZ`Nx{G-Avj+`W)oFx7~D)z5uzt|IG(iZR-kdpo7yZznXoy;ZEA5s1v$-Gwo6Y!-k z^?&H|Zo^DrQ-Gx5$dZ-*%gqUXTK4~R^g4)tL@%`G4Soj^JXEaXA%EuPeoDLoBpKYb z*TAEYbjr9QBmu%I8{?m)Gi6Z`k_hywbsCq!*#E|K4_@V+hDsX-LnXP89|I#1UF(Uh z1XvoPBCooe)rL%Xq;vk~=_mjA-!Tk-d;5PHq5GrcVC9JPcY1yORS}-nUrBl$aS%Gi z169YPQosPZtnyt8#6k+>jwAG8-^re9#eVz=wA6*`vrLD>W9%;Qgz3wC3e=7xEcn;g z#kQ6WZe$H*K4$GqXn*ZOkws&r?q`rD!CwV*<-aQgxYk%2+~u&w ztHShC`c+P%YyXj4!8rH*|3}(ahh_0?ZHuU&l!z!DqGHeu5-JJ;0*aKR2-2Z+j|zfH z3g{y(Al)Sm0uq9BgOqf4*SBY$2k>{!dEfJ1*Y^+Xnb~{Az1F(-no(v--^26WfBlDH zFsO41^jZX2M9Tj@0&bmu;^mx%E(IsRKKr97)Gb*o5@_AIsoSf+Y3nRPW85jUNr;gT z!iP3X!G*yg612j8R`VUTD9qLB6^nhDfT1xq|81RUm|5#M&UF=}0AXIZj!CrKzYKs+ zLI^_`ExV8&1nIwz;Jn)h3Sklivj27Tw{dV%?n8I?aQJT{c-z`{6Z9Mhme2Au`M89^ zWQs2MF-jCYfKnZ)T(l`dsbD*@2AhDL6xubg)$WJA!DSTed3qq=1%iOYBX{_|Hh{eV z9y-x9j{#yNN3aMC$4uK2)Nu|&5kJIoha5}BJ@*TF?tEy|)?Kiv#5FAJL~_FU4139+ zLK}i1qN)`a&chJs9a3}sKD&XrO`GT)%p!J&Z;V%fwg>_YgO=bsW_4iLVxg(GGu?AB zxT-;Pe>D-+BZ*SIh~9cHs-)c zaS=YyU##b|p#6q>5{y!~q7NVd&CotD`Lv$SXhU3PaSEiDhrVnafCkf}8eFf7$lgBW zE6mzN#8ORk1?={h+r%tXT3Lqm)9aJ;G8) zeUZaDec~@25GdT=CXuu_>YzKxg}WUXv3JhT(G5q+z9UOtwo3PvARt6jmPGZb!Q6^0 zhlzy;NhSi2HqKPdW9N3Bh$3Oy{2fVaj6~^PxazVCd|jAm!UCiw;I0#}zO=ijSMpfo zC|`N3Q}B;h5aq#+@IQ^ZJ4D98OBeL z1yQudV7f3XfE~{LRU?>RY2BCYyqurI!v@jKLNSqCg!|~7G(e6ZCE_cbii%gndWZ5- z#3DNmr)UZ)L3Ip?x7j@Cpq{7J~xz|8NIQe zohD8&AvNreiSG&XvOxcH%LD1H*&CE+uFW5v^r$~0@v&*DZMVijrX`Pe>R@^Tc@9C@GGMXz0VP`aIEV~57 zxSZ>kuQVK7Xfpjg#q^fry=8d@S11Rwyp)gY@4hlNh3JcdWO*%(n+!j0GYF2(8Mftx z#f&iXF;81}cztc6zR;fVaF_e`)g}(8JFD`&m5UYa`ki~`X|}qyUR!KU5V6E{124{x zvcA8(`87X@=viDIzL}r2cNssN4UhF26Er~nv557OGjCc3CwPBEr{&8x6B!#aACK?& zhj|mL(70LtC>dzna@mnWdB_c(a!+{sCgDrC-7a6lSmQ zaD64G!>51Kt(|Um?dIUC(i7D^TQs@v)wk;WvY*elah1qV82zTny&)O*BV|Evj46*2 zD(tV@C2oybU1zq}wiq6n!sdI|`=0;OV_X(#mk-Y`s=QHmue(gxH0$$9`1mMAh-UoD z$UCzky!o<2Kll<}L_|`|NYu5^m0Tztd3z?S=%SSF5EJ#%biTQ{T;$Bh7FSuuiDi-7 zKPr9o8_K5A=Nm{a={rb-plZvMLmDCQKW0&Qnphc7q1{euj+w^ZF6mb7o>ou!R4VJv z;$pN7tET(MZZZfC*$;pQ`kQ$?zt76Gxpwn!g^bCj@rcAk)p=>OE1*-2Y`dy6PNr)m!B_2*sd zcA@ovtk$H9(nUl(r(`F4f;Xq@)@yl(RZSKpdrC+rdhte`G`co9FJI)gwFoldhvVlxDb+1&92p zFJ%GMu)y6A8FOuvi`ox5UTgk)c`|gdQTJ_yer0MNT@y~6lNxQQkc|@zmYpM7vSP8@ zaAA2mYAZ6ha`zq4)Ry0D3QJ8u&JzcZ_&L{(^D9N)cVeeBt@oHKPoU;Vh1v0~a~)Y1 zpm$nn6)O%NdwW`!3mwfS*Up8LolsRP$yxuw*7>JLV0=n^=?B|}S7w~%PTwDr@+Tf< zwRuYh$Qs$NrH^xi&dJ*DVDmDkbpA0^5gdFLqzitou*FmmsQ$k1!B{Axt@1mqqAts} zY>Ep$>8Q>Tw#RngHncJ;cTnv&v_I!LOCLPEpBV@Q3V9kVxLGW~qO2%d{t%4)nacUF zv=Tfo;PsCSJ*erG*VdfOVe=eyGaf4wnl>aFL_pySmSQIy!SEBRzomi9;wvqGyqRZX zDo8Y9*_mfM|CnOrf|C$@Hl_=nMpKz(TXk*@Gp+B%-Sl8!3b1qCx`k*~`t!ND&OcL| zd)s%|0m6asQ7`bSma820P3yjgna!EO6TSuu-}7uggN05HV=A!6{%B!zm9BN(_rOW< za5q>0(RijJ_*~r)Ogm{CILZd>w)o{jO#gd0EeMWnlHB88*cCR_)?V|8sgBU1do;3G zJv-DCkawTrOrQWte3jNGrtw*`Z?$~B;M3UJC_g%XH|UO}i(m$ho%{uz=BYa(xJ4vl zBVkRC>WYV!oqg@~&b-Kk8twH?l$kj{%g^8T|Hz5`A~QDmhRErHBHH1;z&pREBZGtt z#y=RYw!UKXHC#RWdg@ic@O9&j_sxzG^dEvUW6!z1Y7G&ppu_(&Ck^S$46kUcH(R7g@Q~f(&`KN+ORv z(ZBaKsE#o0%1JVcGx55aI82hq+}!RM*6W^E4#3ARlKE=+M2l8AX6VKau@-}Jz!`i3 zRLrRHx7T+KN*jIe)pZ%4@Q`x>MyYtEQ8P&rxoI%Uy@t}#=$TqJLs>4~D2u$PrJu{i zt(VEj)Up#=!lj{iT|v2%^wY#%J>ws%Z_RJsIB5kE&O2V%JrN(ErKP7Fz=dBl+r;$> zm|CRu@DCf;MY%d%8|45&e1dnahORqWfim;k!F6?tr_$3znOg9|WPj8tQlzJeGf7@_ z)7Wc`p%#Rk45rW2F1w83{BdBAWIVU}?wLT@(mUIFMalHEM@%gw@S3og`R$wAX5k-| znT*fXX1y6BS=ceYbRMs#B69iZ_=>oWKzR$Q(k=Z;1&oXpk7{Kkmo`AFy~~)wL(U6! zSufLsNscYUPR2~`A(jI9+2 zIY7_?Gq2yMPN34!zo#=gT|=004Ts!5^d5gT7|JBtZdNrQryvRzY3|^)bBZH$qM{eF z**(_IV}|@5)H({m`0&|VU}!~2FgML*sY<|DRLqsvby|s`&4gD6=W(x_sI_mK2|qlH zL54R9Gv^-gSKI52MfBKLI}jzB`$lxUktfW^K&(bG2Iuid7dS{ESam27T`Y3RajOd> zbo&N_G}}5emGwUMyvj5kynL{^RUjCc101_3H)U+?tH58~ICZDymLhuSTfOZOC*XAn zAFPDsT|AClL`~>oF%XGfX#0Bwe3BZnGt)*(s~g?%I*`^kq>R`lpJ^Aa4bWWP*Qyo- zBDimUXx%^11i&IupL2wR;&!JpMX7J+Kn@PZ>bg;N#Om5RCbPzZ&<)x*Zm(J+v|E(R zZpL(Zt=;0uCIZfJ)R`6%Wn6_N2I}%!`$_{peXF?&(p`+)UNhp7h4TTWm$J-L*7gh ziWXT=fLt6S87yfqoxRz5gE0~$nK1FLY6(ySO5_fI^`Z7m7YKI8?apY5=Frl^9uR40 z8?6&WIs|ReKP_&b4mR^Jm99!Bz*j7(3b< zK0=bEZj?kGme0t82J^WA;47T2D* zSmY4FJNeA6TRfmfQc14jbaf&_bY3A5y2l;dplZ@`Eo|572O3Tm>0~kVw12F~rqIIa zLUbbujkXa^=zTG0BRHDi;E>%D;&7uLUU>xtjBZ?;rsDfQ6}sD+$dp-s|Gz#b+ub@L2o8F{S@t$aACmKpVUoDLs&D|HEYfGX#=k zar33t5}x1MEmIi!T&^Vo^C2f>4Gj42&ReGFh*BPC=jaDL)PdAF#5@?tIYCsD(C3AE zfAZca@;Slahy2wu^)2MRL*#Qp;ScM&Y{DAHX_{=u$h~TAnc9RkkJGTV*pBgg0eFj4 zGkfjiq8#KIL=s=X(b~+60q*Lhn@%#dBYR9CkvYf*6oC;IE#UziTXekHL?~M$tozWR zL1+|Uo-p0V6XuD3Mtd%~xGdm~kB`aQ=d&$4Tm;6%?S@!FY*o3$VE!T=2iTLc?*oVig3#ab?M8 z;mX$xGWSI(8DlY?My^upC}DCn6vb|W#h~U3QgH2-H6RfrgG0d>Ve~fRK19$Co*%LX zYz$!gb(uzjWyoE&Z;Jy%=wC9?Q_)nbK7)F0f_07v*6`O9MD73QNeIYvpr~EBS#!(U z+E*Rsx_iBpphD1_gSyDU$rbH?Jz0CF0Hm`P-4LCPwJ$uR{}7n@Ux#Z3OdZ%)aq==< zeghqs3Euq*DMF9`mmw}pqNRYGRl;ysA5LB(;4rvK!PGWk^e#8+cy0<#ADFH6(r3}R4k+ho zZ`N;*t4SrZQ|HLXYV4`y0n(A7Io&$n%htjCWv|ru#RS zTH!#TAvWYeeJ}+NgFH;J_;`d3$nL=`heiWVCUcOLm>n8DAKo=#kBjbe!K{Z(j>C_V zevWmS1cqCv^A;fnKK{!D*eJK>STw{)yHZMMeg)I6l%gbGU|l$k-l_gS&O-kx0a1Z8 zvMy8y;j97`*zgV)4r6ROXq=0Pt$jrg@{)g_QJ&zyL$DXY$Y8F66h)te69o1Py+6QL zVUhultfpUJF+l%3OK9z@ty0lal7U`Q9vu&FbP-6b6+tZAk;H~kgl*KgEPz4LF3m*{ zvEWyT)BkaZ>$2hfH|=--FPF6=@*jF_Y|>qUiH zGsj9nb(>>x3c;3Zc68mMf#H*Sv<6ZE9>QJ9;=W8IqlgeRtU7!!a=y-PrlVe1U~$26 zsBgi244gfS50LCh1ehQC4ZB%%-|`{2gs($2{Dyk?F1jb$0t+Hxpmau229{Vf^oXf= zH>y1jwz*mm%@W-=`zeodw#2$XH`-TyAS6kQ1rKLqbBQ)w*vW2fp|&b#4=-oc5-aH_ zUjG}ueth;LM}B_Ve|U!egY}Qde^mx=!J84eQ|$hO@c8R53LOb5W-$h;IYvWdX+b}J z@f_!wDVYnoC?ltETY~t<<-x+SDSll$i<-=VyA+9*=@%@iKHNNaJ2s&+rMkt(y(#2a z`@)5hK$hY6A<>t3!5>>O`E(2Rga)u2c~h2BU7xpe0YAAD`We!b-dB4x%sA_3o=d7O zWp~jBL1wQ-CY^^|1Qsc$y$ zoj$JhYjo*~f#zd!0mt%`1x@ix)&*P&Wi89@KIfR%oqtypytqp#n|DS`wdjTR1H#15 z{W0OL64iI3mU*B(4GzmQ6dRFguaeI?Xx>{+XnLBgye*S%z~DB*;o%~wG;AhcB9D_dNjvs{&mHpLOe z=Jc;25Yb5~;-_uUK35T-&P`M@F{Bs&?FP=}=Q$VkK7`FhlfL9|<59)vWmCe4&oWMZN?t;)XDJ05Bd_yx-kNJ(IFdt<*l?Ssg{`#atoc-md$_~qFHg?%7 zriDkS`_u%>6U;5Yc)6p>IcrsP2cMJurt)Dj`Y=8UDl7Nqsr8@uMTquKAgwpQZ2xdv^oB+jLjL7HKEV`}|{Bzq&7X1hcEsm;MQ zyL$E;lT);NJ$ugEbvc^QQjYudjL#@9ZQ64YW}S`J?2{_VM+ujp zoSh)nol%X=nWE*2qUDjI{mZJoZgSlx9+rL)bTB9 znzy}9(0rj_(;_mKFw3(YMCg3Gy#K*N-qrpyO!ScTlfey8*0BpZM*SdCuh(u z6k6+__6Zyg&Txev+pDJ_><5vEcl*F2=jdpB*#|9D0h}g{g^mxMsps zQKpLF=~xZD1@n4$vR2l{#w;g$X}@ZI9q0d)SyIV5C?Z?iHL{#K5A~^UTX4JQS}ftGegALOld4rY|(?I2PpX^-Z+aK_a0odDV}8iE#*h zDqnxV!d>*s0>v*F6>n@~mfEVQ>EbFCmT|w*4kZ_EL;C_!-$gyW|mnrbwhvg9T!z_Q~gS)p4{^p|#t|d7Xw9%!86(yDi1)yVcvmw5;|`Ofa|k z*Rig4S4g(Qy9tGm?1K300)E)Dbl};eyo2#t*Ute>Zup#$jRh=<)4Y8)GpAf{IH^~h zR>IK%n7VUSm$N$*BWP9EZ$`Ly=$sO8DP5 zN;~^{U(L$z<=-c|Y5JiSi_G>+(|m6AoDU1tDXJ~jlzHB24gT3-AX$r26jhez#3~s& zEL!ZqdCAd<$rvvm@f5w(4eR)go%Hslwxp!gnQu5#Uk^`> zp)T>x4om$8etm3E8uHexsu@ePs!G)!$(*i|R`M}fccQ-mnftf-;c3=iJNCWQ}{ z>>h70-LUg-tASUp*gddbx||q#-cW!hF@pD}cb}!zgqx;KR}0Xi5w}qY>#_H5>x3tN zY{MZ`>POpXCetoJS_?!cH#Z4q=~g(RJWp1?@#xJ@6GQKV!8@oRS$wLZ$2 zNJ<8~L(ccpbimST-K`^H8b?M^6imO^6aYBkCW2PD>iRxjAh|S6yOj|CQEAt@42!KTOiVz0CRUExUk$rqzGTUhJ zxv72HXhWVInw~k0o(}=U?GN1r34b6TBsf|Q2!se~kbXz2 zZ8wqFYRt*8XEWg#MKMF^n=bpBfTG>U!YjO*)Fp!*>iZ@_tRTM+#DU7(cSBLQR__Sn z23q|X`aqcGdiY4@OT;HoHDM!5e~md`9iF#9j}gB|GXJ`;^lGVXfwJBXfS$bj1cD1> zZt5_otCSc7S{9UdO7|f^QZ1Y;1Z2~^KmaD(4Yf6TXen?AkeI?b=2KOpx3N9&6h^2r z69{>*GzAju!%peQDmlkT6XJ12Ymije2_xUF@~2WT8twvnP*VG5^JOWJ)BH({H! zI{-_wdaH-w9kgVy015-KLaR(~2k5h4lE}VY&)(kMe)5q}^6o%n!^$$@>UNmFQ1VJr z!|F2OT5GI>28iR1n{a>2je#Y(mX#suh4_Z`tW6gm+8N@89p*mv@C=b$*!z|(?G>E! zU1(bXP=Jp1)qiY&Fp~f#a6TgrBQ%9s3kTuuD$aRKKEt_!0E@8kUm_chs;7Y1^iyN> zOcY{#h7klL2^i+Ux3ODx9OLF7X#q(>w2s@h9!neYVTAe04Ip~`v}0Ricf(GjkG!iU ziC7jlN-NNTRcToK+E`)ljMSO^rv@UH_9ZkGWD2rd9tL5_1qlKgcuW)!&*AYHrgDI# zLA%hvwu^`fiJ@><$BLji^-5t|^D>TjN>rFT@JDmImpspVTd)&-D#w2N<>TF*&C)5y zvy)YGjU%k%PI6K{b6t}SE>7>cx7EvIeE9yHAM@rBky&SB%3iI)jc6w?F1{s(KlJJa z7ZW#|u~F#YRK3#=wlF5~ayjhsZ|xAcJ_4>cY8+hGdqrG6P7t9L|4K`B3g3%&LHk2x zFd2aq0e+8)-umXmQysSjQ_OPm;@v<>c2DJ-Xldld&bu`1p4;d{Hxbt^E>oy;KALK~ zn?g64{RdcYA36GVP{=?dg=S&Pj7AgU0k5h|=Ct%1T@cOaP;%lccWC}POL0eU{9>Jy zUCdd6ISGFOUHHI&B?_#QtHKZcYIjvOKJxIOs`sx0CljthM(N4V5&m4PBS+K^527D= zyRChdpk_B#nZ!2RHowS9)~>PzRk~9Y69xBey``53YW8ve`btGl|59CBGxVc#ij@pn zlrv%z&5N}&kin)29CVT;Q5w(4vfR;b@5N94de!In5WYmSJhdv9V)I$yBLwi6Gs`bV zP~X$-qCtW;xr)T2x7b`4B_3J*YLpCG9Ot0$`x-BxtA9yai>%T2qI4TXTz5`u0Wkwue(EZg1a@{kyv~-p-gg?v>yRyjKT0X|Tja{kRmWU>lim4|LkaQ5~4rcuD`BUkrG&kCsaWe&GV1+fldd z_R9pV^IrY)*AVsPM=|P;ej7l%EQkhP9zAg&;tK~N;&a4Dt~c?w_7&Rk2|mS+aMZ?kG?-qHZp0xNzlJeAi?z%nAUjLm+Qe4?12cICnpTy z^d|sk=fy)fGb;{czp=i(Z@^U%w?p*TuO3b(sXd%tjZ7EEhbS$L2D~(#bII|IlBFr) z1}RIl3dMlCXJ_&JP8fy)-$vN%LO^mPXy>#_2Hgh#><*7%@P{T2!FP8%0G}}H=7A|X zln3D78bAULhpNU*FAA2z;6?z+^UhbYKA;A<7|ivcoYz^j-;2!e>s7{0(dL`Ua4tQu z=R?Gq#sgCdi4NR3x_e;B+1sZN@c!a@;N-~tGl#PoBM1AoA|)@ z!3*NR_kc`!I)g9maP}UNJoMfC4BnwP90$JFbg>+$Jid76!1vgSFZ(Lb8lOEdFhs-! zfr^ZWZt^=NRPr+JF!JdFaO6YGu`!wV`rDs_%nRT&KLGF)lgB>X7VNpb=d-d;c*IDD z&vFC2s2W_5Y%vBQQj<3mIj{$37oElc)X_h#TjX#hK85t@%UDNn=|5{FXM3D5%++TS zTaV5tVeY$4HrSdDBS3hm44DcSEq@X2z8|9kXX915vQMOH1q=5Y!PkgR>fKufMF%Dl zXt`<{66kiu$nwJBJ}HF`A-Ga!_59J^0gC*Y5Lg7taMmrc0@s~F?{oGj_YaCfHzSKv ztweJMw|go3!o}`U2Lm>{uH~9}g44Jq_Ta$HWYf}3ra8%#xSoQn=Ii5N{{%6Oa=&YJ znjX1FGu|mr!MrI+Hkee3|ExLb{K}2>Uyb4svq}>%jVi_?A|bTQg6MrY-zHq#&M_38 z5#uvTj?i^g@*pO(TB87mR>R!Jgo_lms;9+lFL|=H=c^iCl70sDtkKVZ*DP7`S?hPq zHx#oq@jgKbKB01&tq`(*pV-bet~)+$pjd{hM{v$-dpV28-OKCOe0|Fg(tQ0E&-rd> z+py`amIP^T^hEH8i@@A+IUg11!yY6&Ue1xXLgv6r%H7A&T<9qU<8mGm3U zzbzsf%2g-f%mC6E*d7`o6Es>~LJaa5b_-nUdI|INOPmxpds%JvGB`onXJHgoJfFuE z=redepS;)1Rdt5&w_F)+>UV6EY6AJ-N~E28|2bD;@9UOkcy+i?YTYe&puvG+;MEkq zRkIq`+&U<^BSdNhR?S@EjNZR6;4s$RUGi?&KajQ{8>&8-_m4%&p7U_dWlKbn54JsZ z743zq;gPss3_qLs0QW`D`BQ?=^PTpx*hy(s|)nk-8oL&N0l?eO& zp!NeOLM)nGipj4A&eUf6A!C%bxIYTE?)`a!b%*$1ve=~gU-BhSzi%+-xR$HZz^htj z2n4b_WP^VmPVtn+OI~pPRAIv`2r$qC8Nz?p@-J<_$N$o%)_ka~j)=+|5I4p|83F43 zjFZ?8&1E1PDJK*coFx)LqvB*Zkm*&7C5R!FfB=h$Pr!bfxdw+@Q5{HW37Lb*5tFtX z5!HXGewV(V2m%H{;bDI-x^?4VQRP!tB~XW8mjhs*W1yO30mTJ{2>5Z;HE91MN3!`D zZ4P~2atS^ZAL4H#q5{g0TbWD1fCXf>CI~jE?SKGC$oj{{J_k{HLAc{|fX53N9Or|B zbh5#ZY-Nv)&ck>>Fu&{r0%EQa?Mkfi3Wp^}9#qN_UM#kmV;OE0X}+v1$e7^p+c2!4 z>~pW_u>8^Z&vqH^E$4y5TTqHH@v@F)|TR_`V|A0|?$s!q(THLJ?7EOgi z=#t_Nkbp8DgJN0m3eUc5kai+-A# z|J`B?*i;y_sy|5Cy3^W=+#2qa@fI@HDK?yQBd__|6%<~yGq|P|x7Cr>Tk@mlg4Hy) zqi)$c{+vW+Tjm=rHx7euqwbdCy0)@VQ10zL3b2G_(#8?=r|+&Wy9pRDiP?hcZSRH) zwhpc#W{NW0SZ^l4fql3D{Lc}N6k3_}06LNKEeqLrZB9qss`*IzFD zCUrzQMAK4$?TN+6jMlq=UA*X^>@Mp774RnMwn&LKz68+YGXK7T;bAW+XEj8pT1fcC z0laMO0_A#_A$&9TYJPZKdONu=r`B)KXM-(g0;6?}!p{PbSKm4SP=O}5x8*e02!A!& zQD`CYSpz#HVjU#)Hxv#OPTuqAOp<6mz~P>sSU5u=48DWt;)Dcx48=K=Tkpwzd$$ib z<+m-AAsPT;um{g%mx8$ z|Na27&p1FjJPb~-F_6pn&`K=h!F(i7V6E`ZkNAbD%)`8cw_zj&{}C^L*ebLhMz0E7 zvtg>iq*oEhT(l*J8HmYlM7dS7G6Yfq-YvjJiR6@eGmP-X{R(*UFVhbb=g{GU)Or&4 zf3xFn521bX+4t-7|7tcU%I^;l7m=oG^6Nne4zR;m0VgHcPvKPm-~59Ps~scw|Bl^% z03$#mQx(H!m8Xpw)q9vhofZv-63g@o8CWCbXgdbqL{p2|G6H7?pih8%;7L39b49VB z;}!6n*RUIifj$G0xgXRElTX8ZpMxamL0d-pt`p&N7OsWCci}8+GH?z5mJ8%6fEl19 zdadu#WHmlBT5>lzXa;lOHjNW(@spj%0;Crm3DbqouW=UI>K~6@oL7z~N;4b7fLUpDvGlOOsE+W`RhjIth4RB8=AXtYn1gU~hKqlGk4=|Go zR3+=dUYi#U>enA8K)`Z{!;Fg(MF=2aunv>^TOg5D|+mc%{`GFCLh0JB{>b46beAxed4Y>$=)ZQ31FT1EviC zf%Un!$1;||YAWF;6`%tj{NxAkj(u}QBg$S)dD&yB!qxp2aL5G zX;nPuW#BA_J4ysYQ=}2LQw8Y{UnoUa0zAaf0@@r03b6lUOzX!5Jv4d-Lgh$KxNWxh zqcH_|nYm(e3$Pj7@WM0NDfZJ0b2otT+=U#eO&A31zru$w1QJw?MbN*R1g8gDHL?xE zMS?C&B(O$t@cYq{z1S z9}I@K*ngLc4nATybQl?ggW)9li-TeJF&z9)B>t=5L%DxPJV3%i`H-LHNtYq5zZx#& znnU>wkd81b;J{wx$X~8Q=I9~Br8~YHMhF+B?iK&hG&GICd~`6M6IL+>_$Yj^Xe~g1 zM>Mw9N$t)HGut_#Xm2u*sJB35vf=j99cC>E*;fBv?hsUtCcS#lan*sQ52J343t0ff z)`kMH?y>ynPV9FJ6-)@uZfh(yfaa*fM(N-y?6AUc*VYT)d!i}Ag{=$%%O1O^Ciqthh_7R$!!~~0d7~h?3YZA-WG9k7 zJdBIM5zZ*kQvHRKu#kb+I-DIgZs4{z=gk3t;NHrVEVK2gD-p<{WG7X5h*|?mhiuA!EB?#%|7{2}IszG7xk${=4HWWx0Cv6Co52Ti zq5q1z3e34ki5zk+;y#*l{{@Ky!T(h*n!z9>)v!eaxnki5aQ*9#jquY?Xf}qy<=QvD z>jmEkTEGuf058eH{}iztCIf?S8h<~i1w#}qUjb2QxytVIQr6$RG|$C|?rzXxw#fS& z;2SnevO#|U6olER;IR<_H-jVc>;~O6sM%*9SLK5#_kyaOVDcFl!(KlZgn@KIuTp6S{(=#!m+XjRckkja#O`0}y$4aK*q= zlev$Xk|DQEh_v$6f?%k=vAf0B0=}#b9=8|A(!=IzC0V&4ZC3a&6*67}k8Feoe+_&W z0=J1O;bDMu!Ba`_hzxl57(DmuH~~LggjMQ2gGzlJWx>NQBs+F0aA!4c(9mjti{zrI_P2gXUf~iRMpG^c31#}YuVIqQ{ zb^}>}2>Yw3 z{!7k4n1=NK0t3QCNK_A*2wn3?_xE3u@jt=K@UJNj9x4@X&1e>Hj28HmY|bVU?GokC zMq@q3K3Qn1d1({82HhBb4LUvK-|G!NarS2J`U*8uzssv5ln<(}O|VS%Whd^c-Kacv zo$OJM@fiiDHNuO&_u>=uFFo;0UJ505D6|!3tzJ|e8#HwBcuP%ObNyVN2X!X&U=ERM66P&M9=r6xe(2(jmAt(uI>lrBJrEC2cJ=gy4zMc_-)2AzXxyJ z;$kjN*wJJ8_VM`1Uxd_t=c*V@$+DQfjuKk2DY(!(emMJl2GiH+xqx2ZlhIZ5XBxG?^BNM7JfW&c969%Ay(JpJd&^6Z(-sAnRdGj>qt$ydi% z4?j*85TI%bxv-tSoAcBT>!nvYgSl__>Dzr0HZQLjZhm;674)qjRh{O8P`&tGQn^;; zuk67;Y6>PQS$E5VH}SYR@3Wnutx%|L3%ElTs+#xo17~U6_E{6BpNVTZB5#{`weIpe z?MPgIsHk++p0MI1t3oKF!o4DjCl|wUf0~_KaPck3aV>ZTr3w+LyzQl_qnD&txfyUP z%k_%8{_!S?NP;`6Z>>+y&j3LLB1OZiVD2L1SzTu{ooxY zI{t6dB7^Vt27gP~v@oG^SN`$BF!;FqO79KAV{yJ$RNg(Qs^1v>Wh?0P`)8%YNH=cV z=-XrTi?+4$SGyIwiy_tZlZ&3wCK8lwi&Qgtw|p|!=3-Q%J7PwE+uzie_BJ#sz}GG} zWQm7P%2%m&#s_?AElbqUYB7+h)woDW^+wC{5-GF5X$~hMQH76B3Lh9V*clO>uA?+8 zEs4LYcOpn4sd!rj{RtJgt%WI<-Al=F8r`tpMd>3r0oeJig#ha$TTY%*?fd@$+?5 zJx}DXra3O}mOl|!w&(56Yz?_GZ4*Vgx3Z27>F;J;dC%v#>!RBt_x)r+l3-mTRh`5t z|6N<2nXNJR0aXk3HMJWoA5{vx&f}6CEuDAc>>vx<;ARshuKLbcJ>qzTWixCivgi`` zwgk5bbl1Qrm+CpMq(+mpc7un6uV>`*JCQ#PmJ++2!H3XQeZL#_(?8B*&DCnmc*6WP z1Sf_97k4iV)YX?hzuC))Hr~9&*@~*ng*|U3! zzp(#M;}xg#eDboW+9GYD&iv$My{0_toTG$_>fCrf-NWI6z3)~>w((FGGO*YoRsnvs z(iKmJ?9?fi>jfO|x<_jbv?~LnglnQ+Yd)f3)9bHbI{hnNSfPXJ{pOA|Nm_9pQ{u#w ztYTt<@X@8PV^Wcl?t)Wi(;R%3Jn@!8o<5cZPC)mS%%)#rd0wMD z*Nn5$nwrI~Qzn~ar8k|UKd(}(NB|{ACPc7LXa>~>uRd6no+^8`EbsFpQPS0!#2)l2E1p zrkKTD+8&hk^~D{^ZjSu^=1)yKDLGG`KgntQUFsQ;=aBU?{*#t}(Sp@o8{7z;3%RVj z;f@;i%j>SW4t&1`%g?tGg|dE~qB=2{{9d@fsMn$-$08F;_UI|0Q>XQg5FR-)&52YJ zN+uruxK9A`_e?jz%Ya1gIJ*yAbbWa*kx((2wWZZbh_dQs8=vmCt7(RNP92vCvlJL8 zPUc>I-ca<-N2sXJgTq!w(&F(5?i$XOC!`;brz-M;ueX0gMcky6BmEjcTHEx>z|v`D zq1=+O%|(M#_b8pbfVh!1k3U#0Q9sk;iNA;=l_l_(Q#%}^grpm#z&AMEXJW*oJC8gql`M(2#VavwFsY=;)rbUu4&EiT?epYAU?pnMcE*mb!8FJa+H>F-v66(ozo{a_PefyzX zJhb&u54ofkL@c?P`KHrC6~1(Gi1XT-i`*V;Yu#A#$P5*x#DSvE_Fui)rF2~_FzVs^ zqf_IzYjC#aZo~;4Nz%O()&A+`p27Fd*X3@G!mE&iX(-ru)98ZgbT)#|>k=@YAiQ7t zNk=uPr94T*IIOR>_k5+25%%7j*m{)2i_e_Wx1Nm0({}xl|McLbFm~z8tz&!DeHFdw zjny34{L19opL<>#Sky9;9=A;NI$In?VRNjMN8t1i3fH0YUq2al@}dZu^u&8N?-`!C zBU{#c4@$#NVSLLdcTU`eOuPXV_v~rfOTwp@;(5(GlS3a$zqY+lltZ1XqkiMG(Yt zB8MAj5^4&3^!fA~_@mE93yQ&?8g z<8k9wk2nc+v_R0LeoWMTaSLi@%dFNWNpT};6U(f&CK>TO?^D!5p$v~^lzONiJDGk8 zQ5`Q!jForNCvy$0q_-My75qcdG4>g{r*k`jtS8$~lK=Sa`~1f}f?iznqvn*U@C&jy z751VuJ|!vpt9&!6^}TU?x`eEpQ6F&}L2}z0Z&k^aCrUOUuSsh7kH@M%zZTH2ekY85 zQcdz?sp#qLgig}wA2Jl}8q=qr_3E@NrR+T!f-$&RT)Z<2;yi6!d7so9l?La{2i%CR969YGDkaM=!4e?-J%Tj$iMo+YscJEC>zI#} z)U|?VQaLA$C%ki9Osb709XCkp?&wciZi@sdzA@F8Je_>?)!Uem+tOE~xr#h$Y{gpx zI&Mn~S&2T9Jt-}U&5=s>jO0su$ZO(4;$vq!0+>Ql(0{k6TEyFajA z9)(mSe!H`&VQ+jqm;T|KnWka;b#s=g_HD^8LKYVZ#)hPq>uSNDA$61wO%2V|HI(e; zZEo0|w^m|>M0Ra|?roiIo}Jv98dHB?kO+xxtuIeB>=8Dw$~K5BR*dH478Kd3JayK5 zZGN+5I%ScSbz?KNr_pkzZY8xRcq*2+tIrRz(r!?&Ij^vr!!wmTeMF~h2A9TUz%w#ndo&vQI9W&AiPx@dtH@nmm8ihfGKwgY3t!=V2Agr>mB}(& zDCz8*@!iGuE9J3QYReq2Jtj4a^gc~dF$JkZ&r-wha3}Fzz~As8vU(N!z^{x#pyO*v z1d6V=v1s~OJx9B%!I|g%3!R)*)9i{oe;SD2cUO;YWU@v1R2xB5b~7*3fm~6Tg%M*YIxA8KEA! zgynk0ch`iH61eriiXO0{j<1VZ=s88@qG3{_d2Er8frs+>?kjjROtp^-3MYE)qoGRO z0EOs3Kts|sQr?~yFSASiU*9$UdehQuD>F%^)c#HM&4A`x71T3)57ijq8PU1Qq&mCb zlu9qOU-fOt*mTq9B}~=6lQz0*=X_P^^R-3X3vGsSckAggW%*`$2VA`6Ax>~<})#v?O z+YD7wpeXK}%Nn@PCeup0A&L*8*$U;!wZ4U=-4v6zk1T~MyXE^NOC*_7mo^gDHl~+u z3YyO!7km38g+@vVOq!NSR6kSvPCow|LA&nS+0q}^KBYW$$^PkZOt7+S=!6kT74Es? z=>xf?-703Th87-U-J;rD2A(e~$0I)c$WJL9I4{KIr>u%i;qNYX<~lTWO#eO&g+x*^ zmRIfWma6;Ci#NW?sxD33cKR37zn$Q^OyqU3z5Qk7Fj(D9(U@!L+hbwU{JAkD!M#$a z`STI4pP~%!tZt)!XLEl^UunGe^qIOz@S?gjkykQ5&$pMA?O@8vBWwy)j4b#VOntGT zpUFy2e#Xcsi+?5}o!h_|%PSceH5Ge;>l?-<_}IwkruG<6Uz3lmje1#&bq-}y3*JZ} zrYSGTWj)&2iA8Y(7A#AkKP`xM%>f)MwzqXy?9x|?YMXg`wK3Y50u{U+UP52e*MNng zr*CS{p3rLg@FHyI@k#v$YcaA+P#HX+cbLd=Mg zEuf*mv50vuLx~Ts4X0@2vqh^yWFJWJiT>yrXpV+nQ79G;}_8Q+VhvT#vkL48w z?2wv@5zkv~3PHQ%k6lZ@U03kJQb$wQ$D3q;otEoGpz4seE29<#k>AGfd-jy7$&2`V zWj(fE@V|cI_i582*P1Q$^DavasXFmIP&O;q-1GxErRA?L3ts|#sz3AN7>~9TrZDDM zTRpY9CO-Vzit0;xJ@yZ=MLYFfx>4`~Q2RP8uM;Q7+4Un@l#d*_l5@HhOZ^zcVMs&G z&3E!yk++WkfjIM@sQR*pwd-*be1@dd+>SKfDpleHWe-tJ6Bn)(zr(+vRPerr-aqXf z;RTE5)YNxko={S9U07RQ8>i#ID(L+3$XwPe%I~dR-yIy{rQhN>#N`EEgaU-&ztt^I z+nKL5-5O4(dg@YNtyAnFd0~l*dkR`#@6@bfSe%d1rFW029De;M)9>e%#r2rGi6tlcm4l#p26OE^((+5+*qm;4{f-_7(Ze^_NHS0{Hl zYW!SF`27|5ezWCIU(5Xb;xh2gfTo>fYrec;j<(oweQ?!qqi2jY zI-KU7&FAU&NkcYAO}L4~d%{JWcNgaucHHF*gWgQOGg-a?t#6Nv_2d2ykCy6$VUQ>GHZD(<_5pn>}70fSqvxo zCuW7trJi8B#q%_tK!fDAIClQ4Ea!e&?g$wpLm@~gfd|W;@X3z;m3P9#Q}^oPzVZna zkr#jNTQB)^>=yQ1`@R6gyV-MO^WoZ2Kg|>9JwUWNwB3Ged@EdJd zLY^agFXNHcf#TQxr;fj(=lw1m-*`L7|5V0K~FDvnv=_rz$bW#c`lW7f!?SYJ{IG116ekU2ZP`YZH`C#1u8DvE>gRM_X= zB*$gt7vGi5LEA1=SH2GiJ^J1tBILL^U*6GbOAf4ZO*5j$L6gA|G{pwVnIE-i$!^ zdN8lMejE7_!BDI6ueU-<(t!BmGzkQyl zF+72e0bL%`{Y67A=ub*r)O7}3K0aP_RvRIwwn0!XfU6)p#)y#xuoEnodx!c~v@DQy zr^dNqosegHWW!C?Pj{>zltQi0CWNcbdoF4}bYj%nWGBvd+D8xHTHx7G9jwkR$zI;t zv+=K~i{QcCEbAVV_jgGV@!vI+pNL5xSLgnw&BU$xOb-pUJ3L^9OJr=8w=Ui-GwU*K zZ(=?<{1%(?rQ#55Oe}scQj^0wnL=r_?Cg-?r}WEgsmFTfv{_qY-uZjJfrF$@RAb_Y z7nErCa;8P_Q6!(evUZ{(()z{~ys7WNkv2csy{>@8nm<<*!t&{?dH+qaY&>zp20 z>)FkqoH274ZT1?!o#w~yZVH>X?M?UJu6>%ALLFEp_pECX_LV==brZAm8AaHcCu=`F zcv5Ipb(WXMz;iN6MwEZx%Q{Ph^h%nvRlknI%a$>b=PyCt^YS}OiFe8>W-*~zu4Nu{nL~4SbY#5Lmr*u;yriJj=)=RO~8qk)Q_GfrpjqnG{Ryc z$19|(ISJHRF~GpgW20V?R(S|t{?>aL#>57B#sco^l4H1Nr_l* zVLrGN`?n|@(;u1}u4lEDAbb!%NCd`8x+m?NCf=R~FIzk!0}kI_W>DR7&wD|GLW;G) zi$jWa?9(+?afZb(J+j%+aiEn4BS}23B~zN#+FY@uI-yVjp1^>@Z_(vTVM%x}3g~m0 zc9&LZ7R~dA)O8bje)Eg!A|XbMk1*d4`|8ua%V`ClG(D)oHYydOxy-Fu-!t*QcYr#i zU$!P^axcff+PZiEP^uw)SeN!BT6b`D-lw5c0q_i_N9vn#Ug{aFAsj~ud0#eB2Wz|pHj9W1UoV`-MT-8Jt`vhZS5~!azk{^ zNE|;&)ijfdd`0pCbwybE)9o+SnLI-*?&{B}JJ_2)8|i2tZ&{T!2L_A#2Pfwd%~(5- zNqFN7G245gBs6Av*%Nktg@M;-SkXRz1u89_()vP8E(Id7z})b1x-vO(m&O(6bl+0;t*ylPS7Hx(6%i67RDV3X*KtXB;evHs-G zPX=WZ4>?Ks)9;!q`bSlii{*CJ-11$olDyxyd7PPes1{5<_{CgNQ;o~^Se}<>1@9P6 zXp2B4r`)^EH$j9#t|DYf+-S&QopV+fTxdpNa)zIMT{X%(_x|zca~!Q=|8i$m?DlR` zZL?7A7dQi9+e#4`OE8U$%yqUPvLuRAM#Z6n+pI6;4)GZyKB0V((83M)GUM^)ju^qQ6dFAVbQ~I2TW^=_@2N-~8UB@6Q517bn$Z77%HY%-{P2%H(BR^{5PWcg^ualys+aJbWm=w*(!G^0GhjAY&#UGPn z%Z_>%ZP2|eCk}sC3%?lkX4vKr~=oI2|pZ-A~E1d#?v2MPwUSyZNELrOPR4_~yRpH77dKc>& zj_ypJ`LX*r<&0yiXH`rrVy`i8BJ(!BfZKQ>`n_eCQl6*wYjb<16KC$(a51#>(&PZaBBuL@JYlJtXYB-Bh=GLSJKu_4ij; zEoO04hvIv zTEcobK280+FPXy(w(c)4KKfthmy4>L&!&486!)(mpi3SF;unUhud2USS-Vb;lgqb@C9uBrWo`h6d^5d}}w&>}Hl-HBAj({DNa^`Sx3B>+93JGWnwz()qAb z((Mc_e%;3!Lg*)Z9|+;eSwsupq!zBf$5zXAh^~JgoY{e#8^v?}%-NM)Aw6ESJHsiV zZbnI07v_85ovrj@<6V2zBcqbV(uvzDlgcw<1ZZAvFL6A5w2S939Fy*XG!vU{3QcxE z&K&Le*6M_@!))S1SXTL7E5_B%h6Gshx+<(Sc;$G5dehS-I3f$p(sVWO; zCE66__{hR|e0NhocrfZUkJ&dG>BQD~uRz)ULm$y;bp9%%P`s&Mht04d?heD5Yeq<47(x-n~F4B-@WUq)|cZ;nY`)4&Zsu zpB&1QqOwfo%txvy)rv#~4xob1j6?YIspe;z`Qw(O`N`3eYB3tc>#rQEQ*>JtDke(Heu}W%kj-0> zMO=bkD4F~e?SGWV=Ns`7qePkt5=t}XzX-(h0=Qy-t5e*%L1{#WFPwNZ+fQ*Tf;phG zlwNbWjLF^NI8bqEdlN0v90gN=;Ui`oh{82BQlH+w-F3p|a^-F8w_+qwFzn&c-8hcu z6o>i@k~-86mPP6VzDrw$!md0dPJMPJb)T1%(mJaP_+{<0<%Rb#-%h*uwzDT6`1Y3s z{VCz5=xDqS_DVU0V9sxHT%~IGUBR7$ZUIu0{v%l zG5AG3*6ivHZNGF6MMD2a{3@xVGV86IXx^>k!+6Inw~2=2 zjEV1nHKtLv1Fn&(% zv|-PBpKU}lUu5T|Ep|2|>4Lm0+v4D1Y3HD@(&y00S$b{@kcfYSPqn-PpO;Z+)T1T23q`9qy%)HVNor11$pD?G>F9XidVAt0V&*Ay=1& z_A|K-Q3F)Z76+)V1O=!*NAFCMX(n%fgueS6UL890_Rb8utO?-}|0eE?Yl;PZo!t1J z&bI*`{hK)LoFH)PCF4`2N|hbb$tF`wK1=I}h{4Tt}&o}?sy z)pNqr*CS6+aPui}D0AyEeea(sH_tn%!qTu(9DmCT&6(JfK#(KX@<3w~w{DU8k8Hsj zQ2t%FTEqd}YOS}86FG?b#B;fn=JNcwO}rG0x*ww-B<}|m8R*Q#pI@p~Sf%JicP7sK z`1)e}U@u|JUr(?2TW|0I?z6kg{Nv%kb;TK`Uc%VkIf-rZzEi#1{iZ5UzCduFL=&Cy zGYS?aseVqk@Qfz93(LGd(8$^-s!ZSdFin)UuE;{uaO9D7@RW5YHtRg>Sov^mwN?DF zzJXB-XnqM^E?MZZgVVszgtc$aL9}YfxHU3UjJ7Y(^W)XqEb%{@ZJ8my$G0U5ouMv$ zt0Gk=CkRD8`oqnrkG3!elJN$ak@>j$9wFI#F&?nLSllHIT_#tTgA$l6xRNSz*Tok{ zJ@N?AgnH9t>fMRWs_zCg3*tdaUh@}?E7JLX7A+IiZIVxb<`mk^6zuQhiB@s20>!2n zn+}1>>7f3o?5xg#Onv&11Tbh9T!*_KJe{VL0KerisU}yK&MzU_p~Wd%IP?;z_|Z<{ z=D^miO^vA+)`s~LQf=q^(nd2g02S*PRH zILL1AK!O-P1rx(IQA%&dk{nd_*^sMei0094l^d<<8~itE9!dkGdDx6!1^AWF5;9a~ zKZcPN&KBQ!Gc1kLY{qB&`IterB9l!X>J_N~hXPhlX{)y)JuXAs9>=mBkg;cL>~7Pc zqq>{L>-~z*x<~Gkb&ds+1|MKXGb2{$3YmltE0RBuZTCFg;#GUHMUQmrnw^>Qst@px z!u-h&4S2*6E5rQvAvcd$eT+VA)=1XAS!@B_EM_+HQ2GI_WtqycjrDlqJgEd#Erxn3 z4csb;u?oy_WOAlPHsf9f;apiVZvOjsetQ|kzkUxSgvb$i045`T#nAPK{r@iERr@y- zu-w$x#Hkzjf1~7fP?4v1K6UcRnkd*iTE4nHCnJu{&k5kgVGs*@AfK8m3l)4OR5z*+ ze>9xN*60LixDBtE5qz`w5w@krWU07^K|E(&wlBw5LXS;cxT*2%$#5FQTBi6zhc(PU zn-@U45noS%U#fL6!QEx zI#tkpu{khiBeWSMR7fTywT&ZR8t?QW^NKN4D{0uZ#oq@bP%u4z`PVj z;{YvXMg-%K782TLGxB<`wwDP!Cu4(fz5*Mn_Othu;?FI8l=sOMt8a7lL`CZTt-FBU zzt=4&VYjac%Pg$S%2s%ox9Z-ni+y4(Tu7EHP#AOLc2^3+5^RYTS%BLO;v%5uV6J-u zdvyF*9aF-rt2Y)cLp)b}QyyC6_S0dDB||(h;hut<`N(B;{uW_X`E7}7sT z<uQhdSh^kTFr)pGR5)TZW_rUVW9}3nk5~3f}{Egxz|MsyoT5kH8hQ>b7S z1W07>*b=MC!bGiJr&o-4=jPc0)0;BQ3wRyK>(=_%Qlp?{j*%jO^;r8pMm_!PF0w`k z1C(XL@ASyxf}oW~sBT3!au5hjUZtKNwk1aRU4pmJ_YU?h+{>*R5ql5_2~2f#pUFXA ztz$85h}wf{erXg?c^Z`()ah+vEN{->?IWGqyh5GcBH=rI`a6r% z-)E+XTE+itay7|43hCDEaQ8Dzg2+i)0jm}|n5vkX8-Q%^hEbc?qop*qJ}0+|N|TO! z*hLb`exhD&y<0{0&QsuNAq{^y^7%5%$h;dzj zNekdrmZ*32m$)_;snI`GI*x@v9TLPFUS9OSD|z(l=+}7fnWm&K)FWs``1fIj$W+uP zWwA19Xe^VtI4ex8`9}WRJY^pb1?~Q}s!VeXTmL$$AaY_!8~ zmxO5_@uSVccpY7!mi0T2h_e$O5fez*0aKvb>J7Q(@RO$=mX_jqgy!NFz_po=h?`QK zoLIK>{0YCbd7c{o6UmEEh6j{>XlB4&j_DLIqM6 z*faH)E6o(%l!e~xNF@;C=U{$?Vd^Lo`QoyOA^kfu$%*e|phJbN*jU5V^I!B<3GU>5 z(AaaBck;-?x)H~xNO3H*9Q)Y^NEXG{v`wyhgAUgB1_;dyFquxFrEb1K5OPSVchO;YRkas5d_Px9@tf8TCrnpNf*njPc1gWuS3QnbS6->eUE_sEJbl7-(dw zh=Fr3hk08r_QrX;-XoGOz#89d4PKDmnYV#ghYd}%|77G7&=>HV$ENr+MiLHb7720002so>b)6s3FaQnW{DXm4*D+e!L6lz9 z_axrjoRijiQ9FHuL;hYmS8VJ=aB=VEC1V=a@~#DC^z zH94X0A0T(cjb0(Z$;p>sXdSzoWCQ>6B%Frqes;zF!PGW!+dF#$ZS{c8WCOF}H~k`P z#(&dqggNo6eU2rc7`TBDm}|ri`b)h%!O%EcVm6V?`(6emcTet{DkLBq(E0BMtp3&} zUO`=GI&;Y8!-v&@;JOAgKyddF)F zIRx|!az+C^^KX9OQ9}x-4)Ng}%mmxSz1f;8joga^OzwZ~)OOtdu~WMb?9@Jnh5GHe zq~fRp^UyWCTk!9_njQ3f*vWSqIlceM76l|*INc-nIxCGj@-L7kSFl!m*vu11nOe01 z^L08uFv{o3zC<9^PmFgsZ4_fDtrWNx;d>5drO~NiqILau%9yeMl&RMsSftj?T|ksx zfOXX0i8e5bZ+>|GjvkmZz`?+q|18_DNonyi@N5A#w_{)E%h*hjG%T3aaHOc8d zh1Md^ed+Q%tE?GC%|N0*GBi-{9L2()s`2JVvV9$-VlpVTXcMXD4T_8LTTOnVJn5dx zl1FA~^M(j1t?AT+J-}&44+f=91eRd#!5Xj%uzIQ%Our&wNw2IO;-*D2p$yQ zt+KkPHtopGreBw9!cy!DIkp*WO%3szy1c}J#;t2JuVOr7fPVmIqp{lvbRQ;Xs@lD3 z+H-WA3cPdEWTh8;PLJ~Rw42qM1IoA%DZpFv)rZaE)3dKI3&LHRQ^(XgvMfBC16);` zAvfND&(taad4|KkU2lh`{dlUx+%*5OKR1i`_Jd1eK!vj;D=7>qUJGrHzCzs#;Mxw1 z5%x|XJ?SBsHy&MA@Lea^yYFr>u5HjONWYDR*}h-fTNO2QPdT_yXCK@v^F5UvmaFvo z^5GRhc2iD^)Y-*}l5eKPslrv`i-hSP-exp{QmrYFkIb#31t%-(b^}f6Mv*n&P*Yt! z$Gz{;TRi3-xM=aWy-1M77qFP)rGc`xHn4Rz=*@dk^!XULZ- zI1te~?1%?9PVr8=^DB9@yU;cKiX+006P%^ajKehZ_(P#`sH)aghg=-c|J(;Rkf9k>t;p zpRHLia_1M5+vM0*EqSN%I52J}#5=dLWy(fVmBwNeDfMvG1Hf2T7 zr;TUVf?RTUJ%e3}cbVZXD{n=_c5AYr_m93ued_kZ3 zq&|&4)v+FfzTv}q=X8+!^X-|Se+SvD7N*h zE52k&jt{i`=qS0Toojm|I%s@@=yB|}dsC{Z)PApOv1AD0m+wbWjUOcKlqUv9x80FP zK^_+N+a0VNUUkBiP7km#8QC7}Kq8M;a@il$L5mY-I5iCKZq#bMp?a)Q-Jw#j3Ijxx z6Sr`c>~-fdYw_bxSVG+pm1o#0&r!~>HB95P=Uu+umTkT`o^5{AsCzw{61$S2p;U55 zXyME~qO{Szt*q2OaG7J}^uFk{A}iaBmO2by$xAU*figng5ngE@Sf9Z!%Q<7N7^G;3 zN9ZNt2v_GNHDhGsk-ch6ZvMD;3WN8v@L9MUXYm#BqSX>dOIS%n#|yXedm7&{4|vsB2bT|s%^8P{seDnV%!Z7p(6vce zUeOO5r@pY@w{-pdAPm+>GTHF8y{z_Bcp@t3SrJB zNWq&$tor|61l9>G(#&evJ3tLzk>xf7_LD#o0YO|U=~k{d z_2N~9Dih0_SR{J^1IyB(<+aIg%M6@xgJBjWsyZ!mFUOgmw;#IhUbI+QNNOFvIsA>m zDoV74>WdRbX?7WCEz)eY9l`qR~z{}U9`<4x#pzD>UwnVY)!^Zc`l3sWN zUvyZKQqrVxK%B0QhR`;PCp+c}(Xyz?r4p&i-M|qS+=8)YM3qYqkkeHF2iRM4!f@fN z;l2H$WMJNKt2HVQiwOM9Ttm~B155IW?pi)JKBk{j17Vt5+Jf90i|HZZ1y#t<4L>SJ zCboZz(_j)s>mOTRfs2O3%Zj1_%@rNLO67vY&K>s#J9mISl3a1_JZ*d~rj7$k?Q2v~ zk2evps(L7HTxwvGd`bs~J1$F*8!lk(!-3#}EyTMnQO}K)Z6)h_QR`GOR*_6=D{jDY z(tTZ@Qsu%rRNQb`c11%7Ee2!`-@GnBb;tcB@m^`XAvG|4hGI=599ePu0kG(V@Mr^gGvJ~iq-)$=v>BJr~3I)wWhWyRj%s7+t=-K`NVuIl~3a0 z=MhwCJCN*>g7cXeWnRz`{&E03eoKMIi+&iQyAjStUC{W?5sLk!kD%S{=) zKB?3ej!6*1z;dSZm>XlNe`>#e3z@;UTw(Wz>LoPimUVfA_b*|oi{6s7&S9{;8e4Wt znwB-chxh%M&^$)cQN-@7`w=}R$6M^_Q521%ib+oyqtY6;=dzEjb=lzpR?8qvMnQf) zI~KRN>Q^vXA4sV~GMS7b<|>*&1R&>ke0RpBiU-Z(AuHNyFVIRVxcSMyLGI(d6{`A*+RHoS;o|Q_>42SviV+nH8qtxfA`D=%DK2ZrGLvY==qc6E z&3(U|*9N@HIzLO;TQR?(khFI-F&`j8?$Yaa`?EWOaS0u+ZqnM}j#qoDV*qrVz->kl z_D8O*R6|cPsbaWUX1i3H#6RRpwRJ5)S#Ai3;zsJ^LiL}Ku)jhpL@aPOE46UD5%JEh zaa3A@SL7riqI5{r=?8zp5(^Js_3JCerb6Ouv*uSYyptyP5_eNK5#^zeO_syweGPy@ z(FGCv8kXW{Klj@2GXQOZwwj(%QQHk=u{8|tsCor;`|<^>mpx4~2^5+5rpVzijzpC2 z`)qT|WTF{~9TvFV|J%U7;}+7|IdLmk*6$dFXHOHJ-Ae0FXcFgbczxtU3fpB*jY)gYh-4YGaNp?pn)7SvL@P_%Vb`2#%;AbiWGW=D$ zR6s|M-gNZofJ~e_pdV>b<^!LVD`Mc@!Z&;?#Wmlt&EqOE+O1k;6e8%tRZ z2Xj5-{i1XL$G>#_zE?Excmw~ExeA0WF@*Wy@63N70ZzIB7@)2w+I9Mfuj!+K&k}eW zD*^i&1AnQIWYp1|3TKJKt#%(Ojtv*)i#>V%stXZ|fu$m?fzOEe-4&*)VuTAZgbMb* zSeIMq?{$mM!f|vGq+wvf6QGwv`2SV)-%0&P)s0MJ+(oiQ(QX>i^y$E7^iTyoeE|D7 z_aQZBZM{TymiUOQk3(Qd_e_f973yn@G zb;BLEukNVYpki)K1uT@6>u>!wxxo#FXXpAEic9#LnEzgG!W&*9L9=+sy0O^XbLtwG zilV_f*ku9GQb6*lEHX!RU4^*v+OPY6NJ7{H#ZCUuzYMTh$R0qP6GNC_fZzaY4JKCoW5~C&U5lyrpmn;_C;IUYvf)xxq z(N3njC*A-X5zUe4egH^C*V-D@*CQ86u5MAaKg7C8`i50J{*2$@?4N*#?E>cM-@|xJ zzZGNcqIUg-NH~@o5?ACn{^#ufog*NGe~^U%qXSueJJ&=2BWK9tx4E*@#(y_5WDPOYjp#rJlihJb1|zQZ^{u%@;Z+lCQ3}ZN^XR*32poU)@O-YWeB|e}gY5t*>Z#U>X;f zUu#UA!NZmbf9vLl+RKd!?Qrqq`3O@(Y43yk>PCV`zQWHqB~T)K?pUC$d$mkFW4JwN zgc0T~vVc;Z$C@Dj0gW>uX9%h_grYh^6#K-6f{vNJsIL?Bq@cAv-_9@AI*2;a%I~^s z_TpE!HlxM)V~lKc1*(AEq+jI9Ip_pa#9z=Bvwj4>{kp!#G$l736L|frKq4LH`J&Ki z{W-CZAKvp5Z}lJKXHoCI%`ZD9)nRoTP|do6dOHIYolu8*jEeYOZk2Wzvm%IZX?cf_ zCQ|yH^`rjC#Fp+bOQpC6BH2}dg15r0#Bt4y%!fihg2dP&p5KlFRsZ~qyH*|m`Z6h) z*7+6Gz|A*>X9Hp{aS{_W25~mQDnHcwIdzs%qm}OP+qdh3(jq#=P?SI>sljeWGNAY4 zB9WiKUJH(;v|m8FeVreMA?Cx*9;7i}MXFaoZ%=MVPGM%mFB;k{qMP@=!#CjKK+o_= z8hz4-)AA!Z@Jj1;#&_8~oov*W#j^}NmMW^7 zaRG2M0{F+fC|bjGd5TzmHg`rW7?>*C#21swUfbjf(0l78RIEkU_H z1oUOqU{<6!0l?vlh(2mx_4Ui2}fQe z0r#bDdCMXo_5whYn2@0BD~O1h2?>m?tYx+hnk{Ea3@$%?CUrBa0TAgR%ev`-bt*vb zqu+9G>hx_s*FCIyRJ;Ax44wP+=Hyu>r9c=^gK4-&A_fKkCNbeiRWd%N7L!s-|rGpc=)2nMnvyPY$6{*?kcOtTzj;U=gd+NW>@4qSoT4FS7@i zI?0Ol!Qq}%Enyg2#_H&(X`o|d3LwAb7vwHzx@yX%17z|R#q0EVh7ygBQrce1LU2IFUbLtJ`}*I zMPX-V;u^0;!6b~Eh}-o`#&`|Xx|cbpO-M7aUO98DlOrjpYMtxvuC(M>TB52zr_G>fi%NUY_9 z(WU$0?OCWTFlm4Gp9*1iUVMuEdw%VbB>;>qb7?JsP@zzjl0jV*7 zfTD*Zi)0<06f+csV#rJXL!VF5=hJm8@UnwB2J8rZBQF?=T1a9K-X3zu z2U_3myMQjx`e_(Ey6k?koWp7K!n$Y{`6I^63ha*GxO}O4fZo@l=8+>tB6Sl5yMZcm z8Gz~*_8ZKM??oCn-5Sh}R78H=GNfGmGvq%a@E=s7tOsw?Ve1(`0CXwe642}NOfmCd zb|mSr$1}&Zw2{=1>j0>MPR33Qe1$9RMqrQ;T>rZe`nUFIeK_MX2zwd`JHng>q6{nO z!q)rKzD>w`ph*KNO%?N(N^khFy^9*Ra-IbTWyWO|YD{dBF_YkcI`32l+9%U~pD4c} zqONaYW>yBk^WZRm=lEXwO0(cmB-Kksu}T=_Ze^@L2LyA`)sR@a4}Sc2`;NR!f&tp> zi{`{f|GhjwJi}6UIWdpAloSx>ArGv#RnO7n)5o>dm8oP<@%iZ+MardC_T@bt3((CA zF}51j&}qAI%|{oW#UjTsFTHCYjc@YJI^voVLc-k$D3?445O9)vpttJEe>dNM*V{*S z&k-4PkbCINIlp@x;Y9~wM)_5wf%ruS;e7BFevFh)@ZS=Rg3J#an32?N*hs;Z1bz4K z>*Db#Jpv~nh{b_dw%sx>a_-^*qK5QX96fN!!f%6C&}T#!5y=b?E;H;u$?{eHob|Ds`7M1zh|;?dVsh;N<{^-C1{>jj7eYc#_YX1R zGyfx;zoTLQ5zY872qOOPAPD`VgH}k5`!6!fhe^l)aPQBsj`#~I6GFb~f1lQo%uM&N zP!2@apP*3%VZ_oyv|ftqa{|7snc5LB637vi7*qCJnFnjE4voMd%+I&x0{|m|a6r*Y zjH!Iv1Mi;k#*&PBil}FV&=KwWeZn9|E;WN3)W0J!A82mE z{wp*X|A0pAZx;Q-$3!AC_ zT8Dzh)Rd7Zr^H|&M>ATfrED(3oC%;0!9S+s|EJMf|8Z|#U>aJ0CUtw@eScGv8UB|x zGBd3a`ju5vx1j@I8l)A)0^=XW&-GS6yzg&3ZzM#i;-3gc{3(w6f6rU2e-!8cpNnb# z2W9~PX1FM|xvI?8PXM=g435FG7NY-4C;92w-hm>j;xUqdu0u|#Zh(47muV|Y^2bvf zAtadraw+_?{XYL`@b@>Sj@$@-qX2&#`Tt!s?Ee`34?hpHmYtt(cv1dx_+Hxz>5uST z;cYbN^^0;!s3z=uH&3|cooSQT#m?|rxDsA-Zd3Df+F#%1?C_esYp=a(ew=?_LkwOY zhW_%s*gfI~_KrXHCTX8No1bgEgso5a*5lDUU1*SXsn6dgEkBboTX;ouTQ_9pSNu`t zKqJB9;l8aBp<69eN^DTE@c%Sg9gbcvgBcLdgph@)OWX zV6V!*c^=LlpUl=wHt*Az(hf4vzxtwhU0|8_GliLyZ9w;cn_&S8W2C{u0?#85~V%QhdF*mebE1@Dn| zWNTpcNj`E@1(tgcVQnV>CnDntD&OX%fWZ0W1vfjL-$A%A^A4?hAA`e?TOA5^jMb0Odhlz>~QCwUhH0CCMI(0CRbHS!G5!K`)}`pE#0rx0c>X#KeKZ_KCh&UfOH> z_6~Njvoz^Agxcan_if*A+T0E$-*lop^C8IkVwYq5gD0PEudm#DcyWU9&oFtPN)#^& z{R;wurfmig<{P(81pcY7F}QSCYdGT(NQ|Pu3D_9=Wj+KGS-zIcNXlfmEqQ&+DDh+6 z?S+E~9NczW4lojuzCRYOwU_r6goXE;8eT!Kj;}!ohZ#r|>fJdzx%wK+dk_%_rbl28 zqKklb^g9YdjT<---LEY6lq?zG;4k)UD)fH!@^T}3dil`v@XaHt=8^G^>5q}7Gkq@v zlXS($4wSj2%+x9+#l7l8#B1j~l0Bb`iD8SIJ@o7TvjyZckaC?VaMy=5qPl4Z_RTiM)M0Lb%XE01MhcdQy;wac=eRRGS}JaVtBf5eQ3UEy59S2 zYn}0`MxwNLdgtmS1n;G7PO{Yasc6Y*3S+Uxq|)ByqhxJ$*x0XM`Q9q=Cvlg~t?jWEfE@QAF#vq6rRGpri}9;P{r+PhHC$x{i5Z@3Y#2GObhVb8|wJ%S%me!U?f z)5~mGJ`#40U*^70<=VY{BKGDDr5%B<%PjrZN|WTtc-42cdExm_4@7f2>|a`_ zzKU{Qc-y!+D&|ZHK4l#he);x(Or!cO^Jq-yo|F^GuToy{Wj&DNY%1W{i* zLvRhU6gJwHPn*{k3Tf|%e=}N{enEn@C<<9D^EL5`%7PSbAXa!G3^1|JW3(tb&wfE!Nzkm}5PMF`GK*Ywc1a=jRHXWYn5=ZHf)5`IR#n5eNs|Y5R|{R8)OHNj`FXB9`9WB)x{2T67J_w2-Jg#5by}l$hNt%2rHeBi0!bVkFYahhir91*qT7 z^o#b;$pB&2mQ@hBD8v!bZEIKM4u|2N^rZ(gly{?P>?Stqm`k~3)M%w(%YtdQa-~s- zT&(Qa7J)ZWNauXOEcy^u_2HS~L;$$`13{t=LWXrJf$e#oZq`p2r9Y+k1F!*;3OI{f zZ;@M%lgF1|_A>}m2ZJiNmyXDfBwjT^hwdcNDV7N}G(^`wRJZK)aX&gLO0DwUm{_hr zEzq_yyS9eEu5vjtGgWO=4egGH!@`V2*crrcS~%)}gzQN^$cv&rtmy_Gvvl|Nmh8PN zO8S^U_Ub@YSQeUd{#l`%Kb>wZy_$So2`*TvJ1VV_E5=Z^>LW%4(XDizc@kdd&H&%f zpaLxn)68BvN3cEC2l)$Qx|1NM*j3|FXKdiIFIpV~S}Hl2I44ac=#`nRjTQ_ejU=G; z7;5o)66LR%^PVB1n8^bl#mCCTkNaDm`{SIb`;*kd4yFfsZ8;MIz+W>- zYUL0z6ObY5hp)d^NpIs$GxSuM&r;j6p?}Scn#+8<^Qkg(eiGs@KGuM~T5ZP6@Mz8v zyoftpR^jO1PQC36O?*%15+ddq(rFNR;R3O_)BBIMugt zq5?~liI2rOM+lAmFa}~M7J3pxJxWmh#I3sqicvq!MVQrx9V21|Ak6phq4_A#d@JZ? zO6=n>lv=raE+NRmJ>||JSR+yvCcCNJo)#MLyeZf+>Cb~X-e25U;u`f6S- z$-flF&MiO9_!380)LKR9l=r=+X3d=8!H+2z?nE`|?E&3i9;e?2D`3~(p3uU)2fl@@ zv=eaN*~$B^M72*tY}0({;`8zve=il(G!2h^)^%W4sdrl6T{ijBBX*yyt{{qN!4pN) zXleMdpiz5G_I}8mIq{{qxaWe|V5HQcartTqP4m-0p7I3=>63i&Q&lmCY-L20_U&7= zuzM|sb9zL3ZR$Tk-`JOISBg^^>fTzioo+V}6!lfd*|Ha;&;H=GH0{x1*a!)qVi`;q zvcTVeujhrn{J|*#q$3~LwJ&pSS1P{%4j&!0)%?+%LtBleBw&;z@llpLB8SWiEvHQh zG7F94C#l|OQsNSGw)#Fho^MxCAJqUo! zIdIl)+v0HQgx)9Gjg%Hy-oY$+!?DA|<|-EY)vGA;-C=v3R{B$tI(^ImH*S2a9RHdi z6|9#oW_8Dwgb!yMO$!d%W^G8x2X$QcgJTWcd1d>Umd<#!*acOHo_k|!^s5ZC2pVN~v#VkD|q5bfI*(lD02#x4ZzAe(&f)i90 z7KB2;Av9gU@2=>Bcf6_}w@7t#%oENo85EP~@oyKg6OdpE%&yfY8bu4})GLcoz-%W3 zbkaWU4!a06l+w=yp@83u<`D5>n<)%*(@PT!_bPZjQq;p^PT4 zYZX8~&2ifx%l~<<%mP_z`9z1;VSr%dJM3>Pg5@+BBK+hyT?M>UQHq4)KIF$tk8`*X zUS9soZ{kj;Wv}s{@EfAicC@9R(TQXryT2G)4xd})6TIE-HCJA2Rk zZo}XL?yq{ndxyZQkwc;fTwl5T`VqeI6b1OalGg8zCZ4ksQ;- zRi}N+K#xAk;lW&WW{i(Ytvru1|8r&%l`i#rCHN)1oF#;?}nO4&fe7 z_Rq>0-DZm;%EZd7p4RsRqD7y736u{E4#mO1AuKD(p>wv$PZc!!gj!-BgPF>`&~`V6 z#=2ZOP?1k%j%7u$u#Z!LGec&uT_Q^0y*4n`_Gm}oUM;Aj6iS1Ot@t%jnxl>71M+HlfMmIuyIXUoaL{nIZLl*f#R9$jkX}msd0yfuHQO43ZlOR-RE# zbLhY6#qji}xSBTMax)8rmB8FS62mif;`BTg(%xFhMQs~oK!yzCKpQZl)171L(zd-|# z>(V+&k)zGrNROb}2DE@0TcM3zxH;C!I;dEe;@L$ZnBpNSxK1+}Y%0rcfXFg9e=5fA zPGxb)3s>LKoxQj^UMV7DN-SQdEseYewQ3>8TXrwA5LT+0nDkIBW30lKV3r)Z6dP&{ zpGlsGrVkMF9EJ3^i*sQuE%RK)@Lctz7;~i6_htqJ)K6Tb#<=)(^V_b_4b;6$`<6OU zX@J9Jl+L2yd^7UYJSlCZv}{8Zf9p{B+HZZ1ncGuigWY6Hjf2|mn;`nhG&9@W>9j8W zwJW!if|GLu*Ts+~+chZmDhPEksop)}=*awbH7Q!LvNuU!EumdUZutxX@X1ebTfIr6 zEvHwsv6VB!t9{1RP3k`??&`MeZX1o2fu+PI67iB*HhxrTzBor)PUPxbB<+S#6I!n= zw=hhFXqq8`hh1E@vMPNDmmGwOOyijYhBifc3z9D}3-NL`N^n{Gt!l;-b~=}n_mzmW zXb*GTQ z26I-3&q0!zjF})p3%%v55dKo3m655k8VAp`5}1hco;hsY(`Z%dsJNpsDGNdHfN!nj z&FtK;V8OOAI8}oPIZ#O4-E{FRebAA+{sf*u494YbelZ2jnS6d4X%N*LE*P{P1LH3} z6=6pOF#c1IbYT4Nf8wmz7{qSkCa%F-3s-lpa}GH|8o=x9QyV&+>JwQO^f0wGJe=tu+ZTEJ*g(%0m!X4z? zZ^GoMx3u)4s$6?67vyEOCO@Jjv8^-uwo}1Gyg+je;_tKQ%rvT3V@xG(f$U-eAp!Cs zDC`k|shA)~1g2t?t^=l5k7rnig0BW3X%4_+;Up7;rOT7e0>JpI4$+MCFON4I4cp%&fwBK$6B>NV1-g@-;w zj|Ugv{4aUCnW_%pgNgpbpOXJnE&2BEGF*N`&wlj?e@{sulH9s}!UV{%KAxXei@%N0 zd&co|Y)=FN!@G7i_Q8waPG3&t^XFgjQ;q@o^sL|AA7PA_n9AqR$yxZ78t_QdU-t0E z2>2}>A{Tc1G9O#dFH3zeQRkC^F?7shmKQAp+R~LW7p3qC#AL0Gq9o}`0 zU(OECX;IaT$Grz{M32(VrpUjZk4LY6_w&nt ze;tp+gY5^7=YGl@=iX$5?e@Ka?~a0rZ(D<4Xxr2A=;-9loA*a! z%W*TJ@6Fulr_9OE@7`s^%ys^l*+uo}`1Itb%-Ju2bN0*htYzO}e7_t`&we?gC+cb4 z8r#WdB|GT*&SYw6-n4w%or=~Wbc~;qAOB@E{aCJ-{&F|{n0(b7dbaC)O+JnR z6Q_29X zZx531Dwn^ezN;^J*Ix3j+Dz~7YSueyPrQ5ksA=2&Q5{&vhFfoos@1bcY%#BYe#7Tk zEI{(j@tfQ+{@~xEH-qHW&>1ldL2Ave>RC zx=w!U^_^Vb8z&!|X2AwM>tSxj1t~mO&dBOHBWL=kXLV309X}OHC;0RBNl`3o#1=v> z;ly_yKoOoMvmWRJYt!;(Q(JVb-pEebjsD01{UwUSFr+XTh?0G4%|=sytfp+p*4uM$ zox7QD3wcVZw*&Xd>;2vCPrKMh-@3D(tkI|&VB4L(9k3A=BM6cPNC=Nl?vi$rj;ztH z;Wlvwgj|AyY`doF%r zn6|KhDMST?!Y~k^4jY4i!ja@-TyPCcz9qLQP^%i^ zpz&K1P*B6E*Z0`UIf1+(M|Qx_x$VvTJ{w)T>G{(drzGmR#qR0Yda#8^0acREIjBmp z)-=tHo)^6V8*06MX*|Rw+_rrapQ2_gX>D?>IFrdo7uG0XefFJyfuC$R8%&aqRuC~x z#D^9~lnY5|%!K`>#?ZQSbCttpgQ4^XC%Jbg$uZs3*dx$X-s)}gQFGQ4pnbjphbqmq zH;r}@OuKz0KHHDt#`2BZc5e0WXA_|qyX42%Ylgrjd*Jjz><8keCa%1IkriAQNjP3V z$c`L$#_;%}a9!H}^-t#8@J>II)T-FEetZNWRF4}E>vt(dRhYa^5tuvDKLLb*~ zAP!pPLaE!RSATz!KmFRObjoaLE-R%Z=xhF{QfmJ(vx1>Gs5k26r$V**)M_+3oEuS+ zfoQgY_5M^GO#PYtbW3!HwXJp7fhSy^;?iP-tKDX8Pu}Fh|Bl`=6rImF35zay{a^A` zv|xt*Sr4^;4m(rWKlbcc$_BW|KQN5wFqlg0FgIol33_ACs^={u2GMhcx$MMM0?}0L z!$F5OOI{Levj{+lwg-g$`S3T+$3cd1ZY3Qv%a#REL=#4ntss~TeT&~vdU!-?4TKy_ zu@TV!{myU<}>>cN=$>ca^f3?Pwk!|AoG3D%kan>}{qoFspkGx6$C>Z*)Y+#RW z1Lw}Q2RQ>NO>f-ii!kq#;l}B6=W`fN^@OH+vTCX)#;KZ4BVB8@JAlMsmUqJU>fSr3 zmJ97px7euH%f(KmQE!8ET-Qt8R^z-qLCUx5&@yGc(W4*j}SO*Sif-n|3K2jmn2Hsqe_`O|#%B<32V82O1&-{b^R zOv4Eq^)P^gPV2h-bWy0bIa$^{Hw~2kIz;ge^u-=Q%&~Jr=vOGMaNiwvJCAP=aB-fFk$@ad7Iw}B&MVxZNbQ2 z7e*uR3%HS*Jso-j&aKdE@F@@AI|iaS1RK(ak^^_|lC7mh6hOQIlq7AiD+i7%?#~$_ zfy?oo9trm*T$;Z%YKLONnDB0e<_I8(PknDBT3CqWN;aT+vLMd0EtdmjHzgQV5=q2= zb*m!pg*;vNOIwA9H*dn}mK{u>!Lp%o@G@gWyWpk18>#%@~eE<;IBtxl^^?G}o~a=YEVZddA;UE08It=ze4l$c0RDp$*$ za&jTA>(xsAGke-B6-;eG78y@gY&3s=H=V}r6_~s-lkCBuHGWODZ#S-6#c~%Ew@@mz zFrQ=tupeNl-oDA5zA>;=zYd+LEpH+v(UL>Btu@CrmLm=TcOzL z)(V{>`zSWJ{0FA9q&>+W>D&CD6OhgSP4AUahGwgLQTc6+ei?$4f9t>spirWJRsP#` z8CRX!lI~5Rdd)Dw{yN3gnH?HWl}77Ev7POJ3qI5sO}`sYIkwT%b8_O=Ag#kzxz@NT zuLA>mHt)es8Fy?P?ItdGKr~_{4Foc`Jn6|n5;mm0TO8)nF7!ClAT4g!0;Hw;l?HEd z$4>Z`@k^-PH9X@Q3Sh9(RHoj4ST$=3ExA#3W+G*h4`pY9IN7f0BsKwq4OGIA&DlX{ zUtgpiA;5w~kW<$qJWY=1qCqsO+NfXBQCfB|<01)eT)HK>JQ~09+4ZeBDPd%#NMUKa zxS~zBZ}if1>s1C|Gdj-L7L6GsVBGG|e|qkKYsMp4B)JIDi#ZR^=q=}eZ^BWXWZCX0 z?k4C;GGb<9>_In$%aMrIZBHLL*ATHGU88*=ywYhAHGU1EWflPeS%D}G*RmvM=f zv-(O-eqy>b^@RuB|B_3ucvUWbt}rX0eB8KZ_nDSslHFgHSxcgU$!68Ud6`Yk#2Zu_ zMaD1G%B@Rwq0~O(#;n|bR62}3sC_OLs<@mAj61-a1{+1~b4y?0xD1oyu6_Qs(fZtO z7K(fTxIvQ58%-(bvBxd2Dqsls5Vo5_{sC<`O zddv0eT0WnF<|FI^nni1zIm|%Gm`Qe*W-nG!k;%ADGcLkQ!)6lG7snlVU)Ty7b@XNT zAvqLS4wH{c_Jcit@+RaIBJhRdd#=eP(Oj^IyZ}-gE8*4 zCRBD`JfC$@DE&&(T7fGI3c;{9^Vy}357-sJKaS*UVu_ON-KB5qO-2NpSHG3d!C2#R z_`}KuQmvl^dR4h(a!9pOEE9`csTZr)r81Y)O6S}@JLqwLZATdlZ{v-7*Zt39#%MLF zhPA7{J%N`M(<2wE$M5l+`>Np71o?cYSj^{}EjCWfAFt&6C;lL10d8tB102`Q)N&;o zQhTLgvd)$39Z>sL1#5+ig)W5T@)k?yMtu)#W=dIY#JvUE6kFE1Jq1cKx23rA6;TxY z4#T|At%b6Gd$ThO1Yu*IyMze>geDObushN!!>MPnxC##TVl^Dv(N%!F=@4A2a?n`W zm`1NYNF94}<>=7hIKj~?WwHwG)>t~4@`}z4c$*v#Au*b*8V{N!S1#n2({L!CH%vlf zj67G26NyNQ;f+3Q$v2VD2^)oUWJid%OBQKH<@(Gq@lhwy2#+OP@@!M(j3)t6NsNx}9X3!>`!(WY0j;G+Q~aF6~w9t1ei8dq#?5--PmC?9!4!@CQOwsYrE-+nly zC&wor=r^>9{g&)Gj&Wm?!f8dqqz@Tb;2ah{>dJpvvZ1|e@51INH z;~zPOGAxTO18#zn`VZ+jXt0~iRYBS~DblQyKD^V-yY`>Z^nD40bqi@i#2m}T7iTno z60SEDJzId6C$|o)$w6D%tOaB$OE>|&d2j}JLHr1eAU1s0A>}b}uRjU_Z+z()kHOG? zP5jk6I{U@JpBerH{}3>!z`6f8gWuqN2Z-P&#y~PS-NTs>4)|GE2~L0h`KO7SoI z{QQ>M`WG-RsgH}0_j z?cK>To#A-w7Xkr&q}4eivSOvB@#Ah5tp=q7^dCe81XxOG4Ie9OxPS^Eu*tW74tK9l z6wJA$cJLKP_>35P_-i_}T!FX@Nt^Jan(#q?=y|aA-um8H3=sAJg-PfTo}f&-Ki#YB z`}!)`hcl1cV9zi-I`eE?JKI=|rF%vkBT}%7g*w|iyvax>3uQ*m$cuKt9Y#Efga^!? zUA?|59~L96cbLU|B>QEHN`h|&=q>TtCz zR1rFW{ZJrGJuBY7d-wMAP#``%`Z)|t&k71mmj*+fohpn$&k7lSp8N3!8K5twD$XBy z9;9`3YTesnpmX5J0fVZNS)x&_kfwM(TtJ9?p47Ln%Jz}0jPf<~5VuTnmw1&-Ch$rQ z>Qxxq{|b4`>p5|YB~)w0BLM$4 zv;9PDcKmF9i`z1zq6GKJ7(>?UeUnmTjO31_6EX@eXefYx-(XVqlsDfegVpY&-LuT9 z2uG-lS4P$CSS^sNLF6JCX(#0wGg`-5yLUTHgX z5y&iXH{>gSdKkH&9#YIFeuX4{C?w;fxz1PygFQ1wFI>9HN9Viu!`$z1?^MiZnaBwH z{fr`|bA~cL>Z~36n@Xm+T2o=&0XOmSUODPN&dQJ1|dV zZ_0}%GiyV4ML9KV2pI^y`Q~4#yw^GtX*{jHF_r~!6@8gzdm=N=Cx;+&Tl|k9*?J*x ztRr~;_h-n^nfwZ2frw*HK21jR!NnLM3_7w9KaHez4NP||kQ?f{C>}a5ZfCA^q7Dv4 z<8v8*%EM+wT;i)Q*5e_{5kNl&|DC%-3Zqa(`B zT7fWiI9aQZN-iw9KwwAl&3{%W1IsP(X78YO^NQ7-=qy{&|5vGaD@zWj=eJU z5PyrAhrgyyK5URO#gm+Qiu2Ewj6qFw2CwpT=Km=$~NWjvwe?*vqpr$Ksu0hP>_)aIt>`Q=}vm&B?gKL+y8PAD1(12ttu(gku1 zWlONngN^tVa)OcjBk=*|bK;Vg@nX~yp^i0LdRvwy%>X}|Ra=)|S`tR*5I4b0mOn!^XZl)aTG=uTonB|3kpy#-%l2GJh zB&#<)Col$LsUfAk0kD);5*|oA0Z1k9A@sG{QD3VX;>>jQwstLv(}r``Ep$4C;#Cb9 zmb#tao8^37?kac7>J&N^mi7jvaGddM48K2j@WmOxhDB-vq{NK zh*z!CkK)DZ^rLuWCP_AyrGFTNDo?MPtUtlX zhciMYhvZYLZ!* zkD2s#;ls)DcE)A5t4GuxfC`hHgTLB?fyGJl0&S` z#)g460_&dXiretCaI8Cz?Ue1!7~J;bz~z-;I^O*w`@Z90Q>N_kjpL%^6np$X&}e`4 z*=oeqsQfb8eYgVrN;B~>61zCSN75cB*k!tHL^Rw56q_K6 za))6LKmLCZD{`66YnD)G($vGPmIMv8Sm7* z#tV3b8{dZJGf`Ig-xwc6>F?UA0^hSE{<*$}Z`&V&qeQW8mN6V*jhcb;!v~sdsH+!u+%Ki4CmYfq%rigmpdO07J*C_F!(Wn83#sXky9pgvxK1Q=Wd!cUUxY__J$vyV)Pz+scR z6SbKHN!Kzps9YYIxh=v!A{J~6p|Y?mf8e%?+T%^FTVhA+VQgx8Zfe>yG`*>5G)hkV zVQi|78dF+!)6FVmzz|YqPVA<1e*K<#FA#DH!*U3MEOrMxLhP}OfE2wbZOF#lBt8g}fS}e1LC`i(7K! zAhr$qr9vDZC(N(gaqoI)_K2}1)7*bV1YwC1J8gcyP50!F@tp;Go^pE z?8Es6RX5>cGDUSptM7X#cN+|C8}2H5=Sm(!$Q{L9Wl=POh_&Qah=HL>e^9~F$Vf&I zL+b$u8pfE*0rx-`?}52tIcBuN#*l2eGxm0VMD|G3$_nC9Wm$6-?Miue2!)l{jr+`1 z1--F=$M48Vf~rGGZ($i(D#fwaxypa7=7b&W3k2kyE%Gb()&8vRp`bmFCqae~23}lc zI@VNh?@qidcY~Vns7t95G=#y=<-?1^%fqX~%C59Ak5BFsNgbqGkyk{Q=s(FX!pYgW zD02jmKxL1zq&uE$dJtYFuStkYk+O`USNcP`wW73XI3N^H?P=xz;NUrU`0jtDQc&A> zJcNIDnM&sc17sqPd7${~!SHWVDSjENny$;z{v} z{0oN6=AsMHAPvXS$-CqyQI#6Je4q02O%7!tmVNvF)bOzy%u2rq-Hh9^+T^KlaQucG z7@m%mA?@i@|39>>J%#Elqe)iPvZre9WHsO(3jGa(+%SlGITYPf%>QUJe+%X7B8 z=df)EmD5J4rOeHWwyy&cRN)e;mlg&70saGUGmh~7!Ho2W?B$R`iRB7kQt(d2B`4;J=4s1v} zvE+){ZBBB((AR()mgTCzpNHOC0qns&y41rYj>N+QE3Lr*&f-BVtJXJ8m6cY^D5LxZ zcjhaCe3xW`MY(@B#1u(|rLNCT4kM4R@Nk6J>J2m$`{%=;SnoabVbF%^*u}m`kyOoS z6$XdERIInMhv_9B*`y!F^&pj%d#7Me37p=UvRy{~5jO=v088g8cLQ-CpbWMVF)q^) z3Z80pr?t6uljGJ*iVkX_DI%7d)|~6MkL86#phzs~&Ov{G7fVtBnJKBFOK;d6wx`)` z)05kNi>pp2w%t1f&7?`pJ3Hyxu0|KTWCTcVUChO-?DR0T&4qnc)lh2mh&Pq$J@Q~O zHQg1{mC7Q(4;y|T3-b~1Z5etpDM6(a?3Wa*?4Gnga;f3)wR8f}a_@Qe@vvg&nz^M> ztn=p&r$2w4zWM3&-N}1dhVvz=b=Khzw-X8G44k6&8`fIPy{UOaRmjGvtRd)h$PcpoTszBLk$SS&Pc=(@wI;MYq`tbAH7xQ-7 zKaGFL*;nc1#J#X~o2)$|Zu0O%zh!mKm3=7wy;EYBri9%ivX_;0W#Woi?W4Kxn%VD) zud`ovtQ^n$yD7e=XDer%G|^K`_ox5!PsbYPCJ1)yI}>Y^BjMzKQ(D51pCiYDsbgrP zeVaacedb`LU*+?iVv*iwWBFi{U8xYWEX9A%Bwy95=jL2gaFBq7mfQ$LJ1lG#`A{8D zDvGBIBz@xfJz~xWX}$;3Go}VPxGpuHkXhmh|39Mt7u-kYr-s3@^j?5;l4VJM&fA8E z0Bx8)`xX$7O%P2Fb=5$XUi09ha#QYhuA9~JQ|GExj(+~Np`P+2Cv26Mt*j~QF`R$m zRDKsyl{`t!Teys@xB2jr%g_l&n0#?G^G9rfVslHhH>=FQVZ2##{O1;MmZ$BINW)Nx zkcK_{Jqa>QOqG(IOXF|yD;;S1oJ?zBZ0bDBk%cV6X%i`cZ5?JAi@O91j(~jBV(b0g z?!yX8so7NQKHLisG?|4*7TidZqm+O7VKubHbil;aONeNKkHg&5iDaT_38a_9m8p?Y ze@JNkpRPCdW}uUQW;Y|tAE%~3e%@;9RTKxm(RBf*)2t6c z^ktzdoLjMr6k0=-&_<(wQt%7hb8~R+9XrU7i-ZRM@kzXDod304>~u@zYPo+?hT}_0 zv-9iX=W^7H-Lh+8p5q2nDjWM}VBUkQ>$&x6+%&4!wQ~2oQ2cz|T)8N^^~$wFcBifp z@@DIJ>x@>d;p%xE|fs?kZu#P~<`i}u6Y?sb1%_4#VE<@Ee<7Klk9s4q!p3GCm!-pd13VQX1+H)Ih- z|KK3S)(iLJ27ksW9eH<@w);gvtLu`|muD5NeVJX9V5xQju3tR)04yJgKK}dV{&p4HUp@+u@$Ey4R*5pLV~wW z7GQXOF^xEzGcR92$uL}U3!IWuv7*E&#XnX8nD6*=A;=AuMRX{1Yc7c_+fm~jaGM}2 z(DZTfYI*K(LTTd>S{Z+*AH(Dg0YS7t=}TlalF?<^Z6>OR7M(V!ciCvkG$cybWo@$L z#=Gme3q*8HiW*s@B|##X4Ypp-1NnNO-;x<7wpk7WBOL`MR(~^8)Z^pQ>_vPPUPXO)0D`mOBBDY;HDBHou%DUMzoXvX<&$jk||I)w}s( zS9@9q1J34bF9mW>KsZE(k@4HLDq4BCq=Mw+6#*a9NTWh}2_v+Pnyn|HdLwarLV zq^vDLt|?<}(#uMDWn-XArIjrfWQE>l8ura*8O2GQ!i)!S9HXdaP7ql_F<+{p^!LGPWH-@{^ z0HUD&Yu%(NXMCyIYu$OiywNL-BBh&Z)*b7=-7T83lw^NOe>s|#E{tq^0@DmWTLD~C z5P5zdE5(ovK`s?SHeQMq9Ml$9+X@r?hO4k1_p~AK7gMApPa0_wH@9h+pt-94ILutC zWb@`04HNWDtvM!GTdR9g$X0|2&KL$cM!?oFlO!R(fGNkc0$UhzQs%y)87I!^Gm+{A zCeL6J-fw>~`whjub+$fH>3J>jX*0N5gj&I#ZUuWOiyA`y*J4un{)DEBW%{1==lb%D zYU+rWXnfWm@4p?hn!211l&5_oa-RzF-hO;pfVh=?8#Q=gp+&KWgbT`6M}4{QycK9& z8yt+W3yVAaa$j`dDY}!bMx3tV*$V6`ZP!-7zgU0PHm)M6I1H3SWi2=t`~#WZUv%fv zCA#f4FU7#LHPAIByRG_p*vj9BZ{ljFxUGg8@{2D?ke=Zax7FBJYT~zoZnhb31u{in zx*5!u_1)u$x1D5ahWB!^sTuxrq|=4Cm8|k(OWN3z-fautuo7Tl(XuFrghjQ)#jHhG zp_qTsoAvJzJD*?-R%+vs6fn%R$Q}!4Sp(jYZ(g;yx0ectI-zpU zB!wG+T!$D&6*_f5*nX44ZIB{mEzLidI(wV>+`w{mG2aaSLUd961^3q zrEQw6$_-@2Ze@Am0ziwkysj78?aF0+dCx0b{VPhWTAxOV^yv@f#n-l_ATNrPyF*;g zEPrq)Ze}B7*tUAk2$l=cM(ReF>fnD-iSR~SC)1~zqD;l6q|_``xtvXH6_7oMM?@wy zJ|*>1T%sJ^L=H=TE9A%0)}@s?^uqF|=6>HY34040a~&t;MTG$cccnDCUpKEvdHOKYIU+a8(3CKRUmOMWdCI0*5_g0nj2*5 zVaW_*hj`^-V>MPMnyZzwG=p$M#tRGi!l2 z=$4Eo8+gTU*b|TXT|G6u0cw9aR803{a{7@{PmilBV`5Vpr=QsQ=F_s6Tq)G{4CcOy z{qcn1KuLv1qu$z`pbD<~419_|m#ID%r?D4h*D`AlUhJ&QO;{R`Qn|5>Dpqv}>K93!2(g>NZ@QNS~>=A$RKTc6wuLs9e z+eW&!FP^HI6(HyGpP!Un9GrWD$Jdlo`N(g|;*e#PgjnIrKIHbzH)=%`#?0&gXK!le zOq(BByL^6tV#Qey;*rkN@aZ*b$Fr$@qXesGCC7)0kn;eyTi{Pv8<8DV!4p95tQH3f zn`ectPWTE)>}LxhdP{$@@+vPxRo2Lx4v_==*0DzeRVz>A#J?NBNaW7+&c1$QCW5eNyfwiJXxAspb+z&%{ZKBaMom!H4H3z zKkE5Q-w%4G*Lvvf_7zrBx^U9T0(p)`o$Nr=+m~FjRx5w72u6~54o6R9eK_XfsQD~| zBI_u{x8tRzwYaS&^jS8nR;d|VYg`&cwD>Z`ka6i!{jCaZ-2y=4G+%1D*4aHiq?9=> z14b!#9proo<-e@sW>ppN`6KN!mU13d0&r3Hrp~QqfWU^8A11(W_u|D1W9ZN0jVzv;@8ZPONu) zdl>$j3Jr`fu~o@V=y8AKvNY`Bb3@P3D|9P=PMg3@v7XN_>9==3o6y*o0!c?-dG6zE zTzG9GC&xfleOjBb)4e?V;BGO7%}=ymQtaE*#6^a$d-p~jb&Y!@(ZMr0o<(~63|O13 ze#C#Q8G729YHmfz|BL}8nfi?vyS@BASZCW%H%2mry2695eY0}bN#6!`uG$DVi zbS_FxFd12o#+p^X4xK6NC@4EV5S6AV3pp&bg@>R1dcJ z70LD~3rDhnHRv6myd5y!w9sk3Nfb>YgUW7;BSD9&#=j4ioGe+tq^`4N-$BiG7&lqU zy*(7A)}{POSf~>N6R6aDKVlkLZD)T7)uq(1)zM#x%9sip$*)@;d|L=(pkeLJq@tXv ztxETpSTi9E4RI8wHmTPGZNvceAp2|qYFCsmfYS|O8T9UCo}=kR7FRWBWz!+WZroU? zVjO6|Lo)n%q{v02JHg7yAs42o_c5e?Nyo2W5p@h`;Bip&z2)CQ;RTX^2z-BUmx}_X zfmX9fx?Y_vn=O}6Jz(sx_aFG{PTy?pHAQW zbo%b({fW6YaJqeH-zx1kPz+0IVuKu2bt_7P+^09kAIb6>Y_ zF_RL>GE&#TwJ~uf>_hT$jb0wVKRRJ=WzMR6zG;oT!f5IxKTdsq^&84%W8oTLcD|KtQT_QO9x_J z#41>CagIb2sLgKv(10u*Q;4C|6wk4k)GrvcZx@BY33lx=j~9$THX-UZM}v>YUpgSQyG)$ z!ZwT~g^HeTs83H0eX#+Ejp@uq+a*ipJRYrwGP{?gKJJqwC6yuIP(!yLaNugKV;sRw z%Z6v-XDtK%GjUt+;eG=bw=>V*uT>&P@4|83B&2jnWKqmq^lT@1WmfTMsd&FI4(k8Gk3VG6i0;n(tXnob!vd*zfwlzN1Yb;M zJut4qQu;jM+BTRnr96pTtnsVz%!WH1cpm5o$tBW<&0u=aX7`OFqyz-B9RPJz6D7v^!xS%T7z&vN_(JjS5kt=!_;@Af+*BGKt1(fsb_&a zioR6pN!`Nq7Ouch6TtawYB@4GjXHpu;-iRk2r}p)7M)ZQzuR)RZe>Jze zKU=no-7yoEP>K4*nGOX!BH@86H&HrsS+tH?Pf34DaVcoDFC|eA=x7iHpy&f=h2lqw zB1b}JV*1(X&rlCT>K>u)bf<@NWl#^N?4I<8Pz((`JHTO+p!DGkA(0<3xk~OCXJXb@ zRBDCGaz0;m+}YP8*ScCHATj)Hjv2*@h!C;vn403Rwm%E3kv&d!^jB|)P)Y6;<^J6Z7?3tJcoy{P?8Tk;khOv# z#>x7iSAFxm>D6TD*{;Kum|j6gIN(CAga_joT+W%K)SC^4h=OIJoVhvT3hzcXi|4A& z?%DjBpleLlY+K$0!90BNrVy2f-iU1{9H4*Timj@=7F^du;G(oGv}{Wj$PUxmVb7y? z>(;qUfwx)hO(p!z^R}p33~;xGTPRd*cUdANq|IHgl&2A#A@BSebt;XZqRJcV0H8wL zl$1A?j)ol5qBMl-&M5|GA%*AK8mc3xrt*?yq^8l89p^YRf-!KpT>XyUW#~@5ePQB2!Md=)>xKIichXTqdMZzDj zAWn0<1!`<}ynEYS)~Gl`YT2>vL$3(tW(maW36WgYYf7gjdjy61(k9mvY`6`705!4{ zKvNfmEGS zoJvaaVRbM~`+l_iulnb2784sH_6Cg-U01cV@IID=RBMPM$m;&y&rlyO~ipo5^(44`MxD zUws{a?Yo!X{xg`oc{_X8{mjnfN&_%)%}TpcuC}UYwRYumt5G?vwCk0|hqK0Mu~rI)-9%eY+3~)Yd9BQn zevYb&QqTModIY>-xy*aR174$OIwNT;(Dba?^ejFH(KSY0RfuJF`> zVNg75RBK1=FK6eC_SvUe`=nZ`)S5=L(Ru5G5jjbC6W?Kg&fZ~`kModL$XtNo!YpH|k ztxD-#)`+Gm)+>LX7xWOqI6`-0Cf-2?J%`rC&O91-%%JFwYZMQwrPE@`m^E{QWlR}# zNtTl~;wBr7RyMQ0Z-P3YN1CT+2aCQPJsGZ-UdZ8OaW6bXaDC==)a0l(&khdWyssNg znG+7ilX`Ti`}Q-rJu{@Had6uFRIO!mZx&Z=B3oqNXApk_w|GiHSnQ)zIqOpV@BC;v9;)iPMxcDw>tlPQXHB)=23wYkf45;{gaGEwV zRvHKTjXC3uho_k`PW4Xp3^UIdk{o|z>?#(Y-$%c%S^Rk1c()f-U*rnFl2?zsGh7S* zI?$8xy&->J50B(@3O|JF_0sG8cg6}mJZT-2>hB}^0XOt}vPNnUJ*MZa(L%aeFTHzb zNUOuz!C|vhtr}jDat#k0yft1^s+{Omvs`gz24 z$hOj#M)d@{n$d%JlkN#~+o^cXH)dg_azNEq%&mV`-e{a5Ubk3_ysadLxtUa`AK#eo zIyop;O2#7b`_C9dbUa#j)TmTGnl13Z*cdT97d_GV#=#r2i|B!aw?>XvMNP2xIpZD2 z=Lf~Z)3b8;dvLw|Pi^ER9x zHZ7=I=8UHs{Gsn(8^d-|q|ST$e&6^|+^GXVxqjAYg$GUxlL#@SM2Rt|>bfBlPA;gQ zvsv@?bmQQ}SoL_I(QIY+Uhlm(mXnl9##n#W{8er0tTn7_EjNwUHO>!weRFUoPuOj2 z+qS*Q#>N}lw(aDNHnweB8*FUbw!Oi|x%qwf`}f|euC6)Lb*5&jdwOb~e)=3F`YCnR zP0%*^i)GKG&d=pluFOx~=%u-zrL>V(i`gV?OO;$vN>K$%;fW}1GHy9P1k|%ehBpg3 zth@0IB7Gjjhgq_J?1*=NWn+UMhAk4d-sG8)$^7s)fFKL{RS^nSb| zs3o+;&@pEb`1ke1X05fB6b)?pb6H4)+;0^P#2u^DTy6}UC(OBg{Tz-_uCRsS>sAur zFaxFM!0x70jkS_uUrpKzu9f<&}Yf!nLXlt$L^o9z(kClhWMuPz$3W2X?1 z7hA~-4ZAFlhFyb0Qe(m4K}XhE#&7;cc~mNeEDBZC@Yd?zW03RI(0Ldp&&dGP3xFcj-+ zOZsKrv4v9Lx2(k8DzX2Rgna$FZ^0&TUj!RPrh(GfVLJ!x88IR)p{Y@;dT0}e{26Ni zuYu0eUQAE&wl)q*vSJK%W;vKpGQdyiS0)E-vtGhNbpL@W0+eDh=&v;VI) zx1T9gwi+XIs%R}C2a%>hC4z<>j`0;U{OIST!)`j{5!L#*f}g*RXoFCYL$Le;H+@0-d6cysRs~};v<2EGv zVd~^;M)cT_3nO!~&0_Gx{QiYG#dzS^@W@wmC}!SCtmRt>h)v&VzQ_3w@SmP3W;u6d zc_5s<_+0Z6#1W~spG6SirlJf*F4hjxP7*N@&jt3w#M%)M>=_;&~I|-&G-^B~0XN%INJ<0R`LFiPXeYaTu3za~JYxTVi_~&1YISDF0oPcrg zdh9qavf#w1oX~OvV}M**W$$`{eg5FtN3@m1xigO8E7FG0ItpQ5R%rYi;Z|OW5@Kt# z{b8Z~gQw(#xp7`Hr1J#aC?1(X!Mw#+tx6^EQ`!KwcQ2y~heXqrO(`R*+X27gIT=uP z&XP*%6eGS9r6EcMB#z$@haK%Hl`*7g%YK0MJF0Zq2qPOy!;Kxf+9o*@))&gYuteL% zi*R=-p*W5gBTsC1`YUQOC%?R$?A4oN$VKoxo9`<7f?;>4Y-LE1*oxw-h~rc^SWE7r z=5a>z1(ILf4B|D=+YXj4NU0wv$$x7<4SK)mp3^?TD6*Xk^es>z%3l{L=dB82f6=Sw z+$@a4A=?1>W1xfy3HM&u*UHh+s&w|1F~d*W<|okbE}1yjPe#piWe>PqT>dZiWGPY-5(;HrZOK!a37>*!)_sm&D=C2 zPUd~-kRx~*Lt&>9gx*#=g?WY(odL!c0opDco#zHKj;-Q7ch$h6W1NsX}(r1DUP@0po^JMo>-vO4N_%>WwA+@2@TRQ*>Gy$h>1(F7vsJuB)DWIg zA%|;3E&nxTjLqosVBN9_tC8M}z+p-C`86E98QvslBVh7S6u-ECBJ@zC|0xP| zm@@RY>Y5#M5iTCVf!hyA=(j}-jYKXV&Via#U>Pnq)!e{hIy3VHZdvYkpcn~&tiijHK3{oW24-Y# z^w9y3jZc&%1=zOhOo^s`)P-nv-c1z>^1KE{gX9C$FQtZ2mj+t{P{L0{kl4>xz)&Fq zAC@yv6hsR_T=^hC{ws(Bb2Khtddg|E<(BkqG0~-4lzfo36Y26OiDprd^HcPaC^9us z-hN?L3GGTN#sCif(gk3eTET3Z*%sf~>}(81Afe3hp+X2@W0V&{9J-M*E_J+n*Qkh7 zS@09#!J{w_<)zu;Gb<}Uymj*raHsF97abX%WKC9W5)5~`$&_ykR&P>VZ?h~)XCE7M zDu&_F)MkmkL)81$j5yxGbOHCF;rS(}z}pOw&VLyx2=!Xp?;UR-B4_}cw_6ecLzZwt zoO?F$7C06Smk0I6PL_?7I;dXCLhqhs0-}4BXknSQA8`2-!zZjdYwZXNNZLKW7x^b^ zs-~^&K0pd=1}x>N^e`1*kXMEqJ`T~_<#mvtf>L*{KXha%#Tx|2_HXH&6+y|N)M}8K zOMiWD1**Xb^*7im^t0D{#z~^rVxGU?GFHd~_vtpNI)kpyEoQ#YS!Vx%_@8%pe5`|} z_e|qt$9U^vIOdZ|n563g;6GDAB%>npC1SYdbarEjjSW9_URuo<1W6l+zGveTsVvhgs^a68$&aV&H{Spczw$nUmbHcGjh#dF6)AsSA{EN`P5202%8G3AjLmycYLID-z!D^ z`7~%RLCx!muLXL0qLH5(PC^II-r~3q;ln{%Jd6SDylbUC$s>ybd_44izQ0AYIei<{ zt^9u4_}T^!yml(t0sX9qIj5&D3}KJC=f?;QVcK+?=G#CPjd&Hu0J}=ozil%Qd5R2* zxs{8FGT8ygMIBtW(Bjqd9; z$)sg)OHW2u`|^>%IO4nsfv=YraqxRS{&=mCPG2b^FHJq=z#ixKvT4iT=^)cY*ga=z z@~IU~zEsv0jB}7VxQ>qXALJP&>>0NPiFHma9fW^6UI}~} zR9iqF7E+N9NZFk+A_dxV_x3#`!9^yZ)&j!h_ev}h=_9NC%~kb8I^+669i5S^tSn3H zO6yfo{sgNU0HbtY`braKBt%avnQ_6dNMux%$W})}(&>glDpuWw1560H#l2h(rN`~) zwga=1LzrffD6HnLKRj-r7|GdVJ-{hyS)a6+XVNkm6-)(w(3Bp{zCZ=AaTA!CQ_O7F zvg6o(`OxskhZCm9l=OtS)SyLC-0ynG668%u&|p{^0a=o@W>E3wM0ziR;~iaTs6gaf zdnL$LssEDD%c$l=oSS)h#}(ethRE0x-m-v}LT49@KARef3W%#9KvSa^{={`YBI|_^ z*4#E()kq}Hlrp8j-%F92LjOilt*Dea!A9Y8{Ke$5K7jfEC{m|sUc{_tjRv<92fxkkQz^uD%N;Q;Si@zXdrNVc5907s_Ko>#bNOu# zUKbABw(ZW^C^bUk)L9CJNaqLM2?3TLi+*P9K!bhCNlUuyjk^bb$oHDE5b1d>CHII9 zv)qgmV@3avGz#rHz-9I4y#nwckJ~3&eL(7C-3+IV#!#PLv6j5dbKg-j8#XOHQ=LY{ z28nyvhzn|U%F-G6@T!(QH*zryDPZCk1fts5feUCMDryl{PErt3eUHT8Dd2g-9tCX^ z2sf5QXI(wD4AY68*c)gF&)|$Zd88|nAyJ5y7Y-9(5LCPuKedt(A`-GmJZ=;!hV$Wv zS3lJlyl7PR=EkKiwKW#vJOp}|%?(j>Lh76mUz*l<1t%s_kfDzxu~oMpOOToz+e9Fs z1}Q=N7O`-m$_d%*!HI_;u>(`CK@bB4tgmnBlPvF2zSO^Ju)JWml;=R_9L8p20S8q9J22IqkwI%2RqH z?fu?Hn}Rf=Z@jRT6k~zB3SXGBqs&av>szk&0W zNMaNSIRrkAmPG%*<2E7;8^N`@w;C1qAm*ij9PkwMq*6fzI#;1p{t3W3MN0Sp{VdWXiH5 zn{KJJ%DZt{5<(H^1CKyGh=MvEwP<+>hItp07f!Coy2FMBNt$d}Xhjb9Td$_oCf~eA zQCAF0GSESY2y6fMCK^o3XgEd6vY~?rwfaASX{Np|$Xb?BzCmge{mWjK1#~&bVfohu zAFC2l!ryEmCg`)Jy!)oW#j}V3Bp8c7<$Chu*yFZc=RCYiOO_oi9PS%o*4E(XB7N>I z?W^^L)NZ|kNkN6ErCj6$y%)WBD8l1+d#qAFF-Kc>>mg6sAujsfSP}|1NmMbRXR8Dt z-Mt8C1B5d`ACUV3lM9U2etrsmDn!e)^<~E=4TPq~QITyyfiIeT%b!yqG->yWTNmKN z(Zrk~DL25VMLz*%bWwLz3v5y$tr&3o%A^i-2`8MK{a$R&!Tq0Z@5M&nASKbUpcXq# z%cRMwhDRc70pQwCDQRCP72TN<4}qgYCh<4y_LQk@}{5D26tFs+%E#pOAa&gpWwdo|=BI4%@a%8gW+ zUk^NkZZa9Ml_cu!Y8Zz}7{V84)@+MdS3jZj=rc_A#uNKCa)`QfWr?=Kf+1prW+{#t z7$#T>P>gBNqrFIaX5Y&`=;bBn414^k13-;}R63!sf2BGB0q5XBjP3U00Zy%$%Jfc! zz#-mbmq!(tXM!VaN{;G0~ z%Xeq64}U}x{N!G)&z^&Ow4ws;HzuV!=e5+P}b9%wI-9n#ZH)=q)kG=76C7Se@+{IGAUKl6II!|>^)(a%C2@E4W4Qyv6?32CJIT?|_14cYa#1>B zQbP=ZtNf}Ib1JU>(rbs0SVueyt|))}Vqj@6K&F9*X21c53-0Jn~vmKH;Q}xxL0sgLNRry@JGS~640@^V=K4n#nvE~uZJSV*qL))X+eM}B{i>| zE9jO&+osa#Ix$dDM!{u^8YWC-mM;B6>SguXc-4m-I6+L*q8QYc_Z9har zt4#AR?BAiFg%qMI)!Jm=MTx?R^8+^=RIcFn5=Udk<;Jr|kNS=OM`o_XnCDI+aHkp> z#AVF<>EF&U*SV0Ik7KVsOEQN5U7A;(P7PrDMBNI*&xR>UZ&u}1r#-J?_Z|C)?G65? z3=maN7V;zPZ0apzb6fxNa=Nnl`<<3N zudaNk54*KieM}nrEN#>zu~%bypd&X%7?=?IA})#PGtREX?HF!uaLw)v0Y_8f{H-y4 z{eXHs*ED8T#43?P0*x)(_V+~5K&wrfm>*QFzaO-F=`j{+(f>hZ8?KMls~R8sZ!X|KLnSm!dj>wbUR=B?=caETp{xG{7TfDQFjm z#+t+5B4gAtP9bH^4XUG&%wSx_aQhtpqi>TORb#A7djd)LI$-ojx1T#nNAw#CSM2yi zKX^CQqf_&hC`Hkf@JUYk1df2LOO0oh%Tn%zK1g|;lRuZZ+i@=g`VN3$^!Xz@w0`Ft z1};{|W?ZZSs?l+Ef~FN6_=MItTJW9^5a+Byjc8{Il%z=aRzP3uZQvI3M3X3R z{o&V(i^ht0_pDu(s|BCQr@#QsT#vwDx=pgKr#8KEJtW<53FH~*n94v+@r^3pQoXJoziy<-1wIA7Bdy#he4oH+G2qX7B;}E3xQatN;_E#{k zrw$MRmgM#y)A0dLz(tIq=%gk*Cj)_U`}!h`0#ZmJh`dX1T?Ioq;@~ z94Yl9Iv3C_!u~2$1j_dmi!B)PbiHy8cxFJS@ptFU3z-G4j2&R*i=GsyZ8X{;MO}%W zu_iuTzn2r5C@5Q-S3en^w+N1=G#wgqk{e@^Tf?(Swpl5q>0Z#GKF;JJ!M$cHrvw{X zOIdRUT~}NRaJ<(NEqb^y?MzxEajF>MR0hS1Lx}ABPE}(P)H+r(4Qu$tUHytk{4guF zAU6z~>>pJqGNU>OZSg)^U#)&R#AgiZHmn0rc-ekqSHi(OE1A%E6;a^JL9X@mY|kk~ z`9dP6)s0>cxdUlkrX8gbDGBmXbdE&zZGahTS&|@ zzd(T6_##RKO*E}Jxz!6jZ#`?rEy(bW@W3~q23D={VacxY9XvRy=k$*#s&i1?{xz!| zx3%=8fi;f2aHHZkd{^y05pT~H;FkmT#i4BA9md(BE05oD!E_~p+;_Xhmmu)x1>Tp# z^rRibpoG^SJUt-2(hXOzSmChX1zISwWVB{`h&jAXJ=?RUlU`E^fyhi zL(D5emrh3-l>WdWm^RqY_Z4ov5DbA|#emya?yfOepO8b=NyhBOK@@1o-=GYVobjTNLediUyl;~b3|VFlpWlz6&B!!Am*pmxFuqQepH}^Ygw}`FT$6L3 zSRq)RP$DS_FnqNYB`*jCL}>JcwSifCgNhIdMg z_Vv^nVWwHXB*h2gYk=A!*#XVcNZ0Izs@vGb4qM}rWu7w{-#h(@-Ay0;>bixY z6UKgUkM?;2pBlh6^m7>UgmQ~l$mb=M@`OEz6ld??VsCyw>RPd6f_mZC;>}&kzaE@5 zmdBKh`iH4)yu^N|PKl>&=Rsl9iX2#B=&ixnDhMy!d4kB}OexYup#V7uVLVIoXHyc; zyXSY+kucJ8Rp(Jxkt;}5WdrgpVQQd%;ct&$|qw|Y+$}O2AvP78J z>OtC@g`DF@L>8Vi8=!p_h@@#O7xj{C-KnhtO&bw3OV@6d%U9IQR76kEo=m1!1m$|q zcU}hDK#6126?9PUuSh*W*gj`+eNvEB2TZf9Y1So|!|sqDHvkbzFNa+m zWV!O5u$x@KqMszm$$=Xa`o)w5{$eVA(mCU8nvs3L?E21NT5Ho)YPG1{ERfH<3~o8Fx&~Ve&*b|KVogjJS|+A-lUe9`4eEmB^cIBvq8`zLmvs zj!ut^fKKXE1Ke(64~Ya7j(3BKyeHnBNfA`0HM?H<)C5A7#>TUFjXM0YP_M*!b$Rm` zv}C+8?Td2_Je@_we$)^D!>O&B~UGGUcVZ`b`h1nD>b3 zSWqUeNWoCH>=nrshNc>Ema7^)fQqn;J;>Av5x?5>45VwoGRl({kgQY4D`_-&lptR1 zd}+aPd(-A$-daqJn78|LB;h~N2Z~~74m8h}r-`wQ=*sK2A}`>5?!CSEewZI3yzSh-+)e#+b#NwR!f?TLJGmGC zckIlCOV(fFgz>m(x+$kny2tw=&rIkRHb{tr4Jtb`T)I3;G?gN6DD-$LoDU{PvdY@x9J=Z z>~$vF!xI2LN*n(jai0;S%wW^+G83hcAl4?;>S5Us3iIGG$uf0;J0KAcY;!+inMN$m zZwR7n_7UXNfz!SMC|~7Z`B_4o{Xb@3eqaRlUjzi}BPmawoFB78Fe1#_*XA z1EKA9;|43BvpV^07~^T4XQwqBL%4(~gU{VY#M z*_OPUl&xE*ZGOX5>MG;7N?S0J$yRby{w{JqLr_Qw2UwjYVJ}Hsbb8J+so|I0TiXb~ zSZhsN#^)p-nQs64vvv<92QNc667FPj0kr&0%LU30wHJqi3nSnK2|PJ0@%0BXcm3na z*_f!ne&tnQxq<8Jff<4632-FXzlmoID3*7HRjepu?wKCm`0Avl$jYEdKcxa*$_z%7n_T`LrgX^ffolw&yYs=&yi1E)cL zf^og|uyY;F87+9S+S)ndFwiJL5p^o5OjJjd_pag?as2V1btndXyZRu)n}04ErxMoA zI&zL^(${E7r<43k^d*)zmJ7o|jw3E}<=flc)hl8&v9C%lXNW!LLV z%{U{Q3x;c?8prml`T!qJu7xXf10W&kX=t=Me`?gpaVMVB@LqVjn$3N&c>HH)+6=eL zfv-wDqGH$ZCwnh0$3YDtYzOobFWlnuTI~>FA9bYQ9o#b8nHeN|;)M0(6flk)NiS|t zy*Je~ehJB)jV=BrQW^#I7C(VJR!v3+y@GWn~@7Quu6-XdV|WNrso6ED}9?Z zWO#0aT@#Czw@T)}o-tWjYw!GFQb+Ynm9kBrz6p2Dzj&c%V$NP`)W%s7?O(#LxS3mu7Qaq-*QJCZ~r_*qsmrn?BPd58vmVNbm^}gCg~BhXeMS3G+ow z|FN-DnLW8TLG!-934GZTcH%2?8HD3Pt%mZWC=X}qlm4|l7`#@>=NcPnehc_-J;?F$u7fQF;ljq4R>JS*NCfBr?#ja&dti;sc(uZYp@hzaxlNMvQWCEDDgmz z-6R!XzgUa|c&DPdTY?+QzHaJ_FCdW0_uJy4@jYxTgcH^tN+F$CbTumn>qn;{vLM}O z#ocn*JHvdPHhm^mSIegN+1L^ZGXfgjoYb6R3!0jN>D~v{zrBcY|0%C=6)9i=Yqj2i z*wVr!KdXz4Yx2!;mKf0k<0@P*IWHRQ{5qf61wJB*^VGACTf4*~FX-^HwW`jSh*j99 ztlO~*F`h6bPCM=$Ho`+^SvFYI4$<&Xz$8-8}3O~)6F6T_g=e!no)cY=MF%|$>P?S$?v9?TRW(&Kq z^46YE^Tv4oPz*m^3@sMSaJ!Mm>U$;WlMddKG^TX2V$?w2*UgQ~K}HT9HbCqtaKojo zkKf8+?4LNjrj%@=@*!L^_eZd(uknDOfzS5?r4YC71CGU^TKIPC+xKx^d*Wk`>s=gR zOjiUc_8b`LowgI~H(Z~za;hI{2R#3H1=p}j0D?NVd$xcbU*0th>0lX;*^8ObdxYW_ z2Vy7YGUOiG#;Fqq{~CKpv~YKa4|zUPC{If;b~6j;wKUfJ-M_1f)i!o`6O2Fot0Edo@{i@>h$@)n;-e2{VG&C7;Bf zbzHO5pbz49$u{bGulRq$O09BqaCfJwUkq7EKyR7Ty=5SSpYURWg#M1)lCVdtjH97a z;g{UHizZdBcar%h*Kr>C3K?Dr{FCG(eWynlxg2tvT$~84X_s4chyW9#2U_6Q8}fC@niU zP+QaJJ0?;YT|6fI)Z3Y^si7;p(pb*S7HO7!FnKxu-d@JgXiY+87)~?x?WH=4nmAS= zJ1^OtXxb{3BNGK3!5Q%iJt&lNc>&*yUgi?kE6#~FahT@^z5bGZfc`1`77!3CVu(gvL?6vF}e3l4&H+Da5V9fH_2g5GAf=Ljv)JsM}#R{y2 zMdgW2s_b#i`^3*yc=OZ{ry60K9J74_iiO|O6y9j@6;ov=x0v2$s;C4<^Wu^vrZWa9 z=x#-_e7;n=InGFh=1?pb`*?ST_5gpZfY;x9^eCVGeVhdO4_^WXFrLsld{NnKOEr#k z;6i^Fv8p{buefJIJ`RQ_XM5<3HQQTyT8&oa8DnJ4&N)pb|J$V4hX6V7^M2M4)jrZy z??rt7T77dji)%THmAeCe!8r+IKi8d>2i1~^&f6>dIXNP^hEZpZc1S0H`Y76Dp3iI3 zH${bP#L2l+wpd>nSmhfDTO&0K1F!ia>T6k~AFd)sXzgI{2^V-@(vVZoIswIx|c7-Rm5BPp@o5shEDOU_KU~B1v#$+|8gz zW|AoAZ_SFjK;>m+yh1LGe!HO%vGmP#r;~5xkWq92C^?d-d64>nN}RicLxbjdbwj zspjN^pjyBs!6dUg`?1%v-r9bB!A&?HHkpZAx)L@~L(%MSLslrN1C|?%Wy3rrrgoQS zD>1`P#6hoeI80Tg&SICEn&9+s21*pS zyj@d3<>$XxIWT%9(q^T7CqC~yT%X~nkzo5#c+E0d9mU+@WFdOFigh_*pszuUc``Ti zx-v)UuOOnnxsjtckEpH&9Sv~Lppa$E=BMrnT$e^DMqT5dmUAk&Rli1n1|3GVO(f$q z^N17kuH(&$jQpt1KF9;ADT%kHhw`Eq3MlX~x9L4qY9~;cssDDH>o@d%BuaRMYgS3T zn1m=7ntgU!#b91Q{qx&JCmrkC&)WMz)Ia!GC8aHGlU?B(Wa>Wt;{E2rWg(I)z4F!r zKR`X%9|Z^5ncvu2GDtiPtiA-p??L6_ALw^l^DP?>`jmdN2uTeiB`jHmcj9{foIfg5 z)!eJ6H!h$%mCOYm6VvE08H0bQ)_c?)Q#>53r`tL5nPg+2BH_gsu!q0-1wugait5im z@6vHyX#ke{`=}S*l}qaG+;@*?3eY-+4X`Z6Y_m&Da{04!b|yb<;LGK%l!B@n#Q*+% zhLAU&F}9Y*a*i+U3*bhp>E9YiMGv$5SLS&iqCkDd5q~u8RTReO{U{ywEAnS^SF8eh za&_NJ3LMX7vWZn8fgLk3`I$tgG_w#djAyuqXwWtexE=Et)mK`*=XWw|TEh?+Ivlr9 z-zur8IN9&?wCN!*Vjyze$-SIM>$R!@GcfUj71N6C{d^nx^`Wt7W<+(2;|z%0Ic6VmRLmEpcJWoXUb?}_>0{_Umzp*mr;k68~2_;+x2Di4}R)qbV5Lr4i1pmNQA2K4; zG}AjBD1T4!>eHtOhaYG<-Dz_Aehr$+<&zHJSBq`t(SYcB8_iRja9N$H;!8Xn9kKEx zn6?ic37RbIT*OGS@?<`$3KQfNw6gG5ABM}@va%3GI#%I9OPh(VkZg%&m=(*=uwV?W z`eIFqI$6_^;NTZXE7vGkG%{QnT|m$q7zjuVWLm($_d~G$XUv?PBzYK?Hy>_f#bPCtn;+lVced*|o zme*(tK+!Pvn1)QB_uqhHZ}`qwdF=*1xiVRowK@KR`ZN~V1u0Nu2?V^KJz<)Pn??RB z@f=QlTVp53q3|ZqNB*q_`af8)R3eLGHb@uu?xQkWnk9O;pL=n8uyuy z>Gy+n(73J#eh9C^)1VM30wl%^Odg_k;kv^_)GPrFkRnbR!_`4==uEP~xu;nBj(bOV zz-!?>=V$4+NMo@B+7YY+)Qw6hm<29rIKdM44_;J;!-3B|k;5zJSZR_g-m0u`=mxMQH zn)NzZEG%}}{3*}(4YH?!Zh(;iBRBpVk??OwBL5nEWu#=YOD?%wZ)DC|RwDUg#Th12 zlI29sIy{QGpmAfF~@N}ONl>N)X!^+r7={%a%NL5mnr=|8VKZQ8)7{$ z9o(QP`2$MgqQVsJbGYy~K)8cKrc;}pYMF7G3PFeLihWKUOO_>^!t#LTQ??EP8p6fe zsl#_6v`oC-6d1=up|v)&yIN5-LDPh!P}U%ETuYhFV3keVmJcb*C30g*oiij* znFzF@i9ZXWb=uWFd5603U46Vm)VymUFZk4yzvk3em_*okk9~DMqo;7NE#~b$Jd6^v zaXpj#!I{e+OlT<&*y({?y^YBIR2J!9dZnx5mBqmQJv<}Xca*sOL1c{;gFopSXdbH? z;s}eBAK4fNiL7Q(UY7ZJXzowvInVyOR$X`S%%|w&{UY%F9#9QE%qTO47Nd`Eux$u( zZ&UG@t+&M+293^$xk!8jn2Wv}e{BDbJoepY?9KgLHvEkSMwFwTsJO2zJ8ScweUqO%q4Z6|i(JntvX#mdE|vEYBa{KAq?AHVE24 zrNDufCNfBA0J}*2Z=;BlfFcW0@+ELMU7cmvbKK3>%vXmJUhs_ge}?1#RLN-K!ISxRB4zIi$kh@h+;|}z{^s&vlhR%*g#HCU+exlu_R`4`RPsNCuTj5A5&fJ z$*mVRhwfO)6dyCkU1c5$kX?fCHDdFh=Qk^@bt@Y>F2w2BZ;6D0f-lQmpEx39FXV0u z0)AgMf4Z->VJF<%+mdVKK8MW9n8$;qPLp!?iGkP^e>-IbnatMZSMQ@sRLbE*sSuX* zX(*-THLfor1xn0jM9iYXCRfqH#9pN!QA!s;#9p+l15RzH53DGPQn$54o7WSfiu~d- zO&8*QUvuxv4gZ1`x^=&*cY?Wj)5`5dOv?k#Xt*nSY5m6VCvPqNe$N`LT#wv46`o?Xw6K z)3uojSq%*bgDP6yLHtUz`pLxjZ2>=#$TWVGnc_CnB)Z9hNM;_1(J~OKq{oa~cVc-e z`0kp@9~Bh33Y3Hu>i-#xazhWzgE$dhwg<$(N?~vhoANWguRaA2SFRSPgRs(9WkIK( zSr_(ImC?39e&gz;??)-(*a=GCk3v!QU0-C!3^%a=yu;wug;=V|^wLbFy8NPD2AY@Z z8hMk}u^pv~ngy)b;xWT0*l7mPB+c6v;mh77nU#WNt^Pu5wc31j$^t2(xM7N*nUY~f zmA(7StPmpLmDt}O{vg7J#+fzzUguE~p>v#83gmWlr>U%N8+ED}5eJhv>lGHm^c9kk zYKTw;Dyw4Lk0-m-HV`hn)XfQkw8rg#HDf>(3@KTF5T{8$d>fU{)l&Sh54{0DB!oH< z;4PE+$!-A_hh4kPMBZK@VM3VyX3vsajTk)=Is%i}8pkDxM(g+9(0-YyDXxqGOf*&l z-k*GZ9^F@cy*|9H@#etN#14a^wmr||l|yngPL34T6b85s0@zTTB7^!Pr% zmKgxw9!jF$PwINU{_e&7z5mzK_4&GS^Xk+WJI9*(H)m+zj~l|e8u4kbZEd0`8yiPP z$Q5VD8h}Y>bs&Ka$q3$P1C(>IP;5_?Ln=Ase@7Uj31B?RB$9B4Qh@}t@#N6XheELg zqY2o*0QXZ!y)ART)CKT8_u6BrSYDc-~j0YZxiTsn0`DEWvr z-pmUjGZ(>qAm_w7s2z*B? zcyE+It4R>Ep_s#~QG$2`gggQuo&X_F0EmBpkbeM(XF$j^0OAD@@&bT(1%$i;Al?8W zZvY^~J0Rp80Pz6``2awC0zy6k5MO|hF8~GzgAzo&7-=us5C{MRfqDHG3h zS4kaLR46RW6UB9GtJmTlz~aSRg;c^RfsGU$Z#C)6yXLu7Ecc7`A2WhD5Y% zEX0DaA)wRD1G`nISy?9&16pv?B;LM2ey**oq0IDqdFm%AOYm9EP_U;hyh!= zJ9yqvP{MQ4y+>`XO)zHW>y&s{;w`fdkJ|NOr%=wP9=4Ox|(@}3cUT{qgcF( zi*zF^IKu><#W>u|GU6<2@kGMD9ZWVcJ?dxis!L+fc4cJBW_oP-i#}6T5qUj>D~B;E zyGTX!DkHFWTFZgPx*&!nV?)b)4Lr$w$-)A$<}}cK(7Kms(paey=O|kO}awPjU&cwZ* z27JM&-3~c5uw=LKwQn4v91mlB{4<7x10}`ntZ@LW>OgCBnr?3TFL0fxTC^U)bijEE zE5o5i-4GHo?ej?sE9eoxAJC-pxY}vZXt`p)6nx`f5$5y}c~s*b;VM@a>j5y1X58Lx zWH?A}b+|pT-`VXo*uTmOdu%GN#ro@c?PG85`&c~BF*o3t#JZd73)y;Jk+YS5{Gz_NNE|M>sjpMvRtz@ zDR>U4)3jB01iVSeRC6SLQsux%+08J5y#?d(RM%licdp;;YEtgGk2gAb8J#Z5$thFj1tKrH=R#id4R3mZbw~zE zkSIAmD`IgfYLlos8meKjj6VhqAw$3;Sx$gKK@A7rH3pzIE64VRf}swjQfCQ2Ds&~irRZz-(dr}N-p3Ww>KnyXj?M4w zP5P4)7VV?>281DdApsl)z7kQ;*qU(vpW4neo~kWu;G3 zsD#K+#GwocW!_GNN@O~Q(~)_K%#?X{WhO@xLh`PCPWRrf`{Dh)A6_4J>v`6HJ=0oy zEx+uuPpLrsXJgGLt%(c5`kC|FgD$OHPt@A$WSJ`MB1|VQtrxFD`NvuWNEh!9EceGb zX8R;MhD;au8I;%C$3LOamlH&Xs?Lm=KA#eM$m6FIrO-(mo?+|t(D5nmZMfEvLRNcD zdD-{IKaXHLiy}kbV%}(hKMru(Likmio`mAeRYfNouZOIE*r8PXeB#xihLe{iZ>6~i z91idDe-S`npl6<%E{goD7$m_G!WA!iY0tYG4j-DOoxFm$*psb}D_$(}kF0s;@$3dH z5O`wwV6teolghe~P_eS_ zJqy_v;AO4u*zfH6%~}Ha-I>ya;la;LKcY;%dv(F5a@{S1pMH|jqxDdy;T3SVBs#on zQ0Qzr_vySItzk}(MU+zBbK&po*bG=%#P3lgkQm>I^7Os$Jo#b!DF;I4I=N=sh@>Cx zsdOlWm!7&E{^5?b2t_wC(DVZw)^O+(ChPWN5^8V zrez6FiX!{#&s=w3us$3fmVfE_nc1s)d}+M6q|51%gkzv^*!+8onwPi@)B9cP@;2}9>>%RE?com&+bT&BZsS^-G3IGs zWTRi3j(tR8u(4OmT0Yn^OWnMMt7)b;7ycxR^*p;~ycpeIsx@LuBAG|uvxw@;e0-oi zlnb}~KmuznS>QEW5@t7Iv(d5SRVCH-D6@KPBVRQv%j61H_BpwvU z;h*2=@fUa1nHLDf;Ui(+voARCj?T|q%2imLeQhSR)4s|kAdO`$lV&xlq@%dT=9444 zwLVAPHNn+23z|=Tk_|*S%FcI+NIlQfOk0%oMjElDEyKe*#ePIx=@cJ1ZJou1+lUIw zw^`~a*QTo!bWkYpn{7*)-Viz;Pue*DT_^)KsdIDY=lU#? zsMWhi`m1mjj^uc>RyFNOV|{~H+Pv9uiC(3#DpTJ0q-SCW@Uqf+#_-5DdN4~36Qk%% zVymOFc82Yh4eyMfOtIq(VowNz7M|<3WE6bW#y$!3eNp-8xhgJ-P;`!ueD}u zQg3YYzW$L`hv>YU`|Cy}+v=|J3aYDEo4q1gb)=(F{nSH7>B1v6xVj||xV1La&3?tO zM(grMd*4&BXhd_ny!83!m||}qu8#Z2;DaMgj15OXZGT#Dq~r4&qHx~I`}0GxIU2p5 zN?b1T-?`ECWu7xy*(d%oy-9T3X<7UppQzD+QW1fh@N98;(PN+ z^DM`lr^|So%DbuxE7vY32e4({tYR+t@bT!PuRz5aj9&{>gYp1uVR^LdtQMUQ>Q7&Vck5pptaAnS$75*P8nGc)1 z7(FY#%`Y&VHe+6YTO(BT1$+&`*DqL0&q+F!pCyUB(f{-D)*XZC4aRxPvSY2^;XxHA<4jj z*O#FuW6eM<{m>=-A1~|*eA}|S&a2qE-n{11YvJ#EE$GAaaW$ghG`MyruPaJn*WX)E zwG*Ajr@DUBqb-J+X}{?QBwvPGc;Zzx+GD*%?d|>wr!VubisyxMzFt$z3pc&_ z<)$UqQQ4K7DbuEkH*Q{gLc+FA~*TUWo6|2@4!RKEkn!ea? z7r8!QCELQkvV^e(BOM$Y+WGGna;{2;4zZjbRF;AH4yCi{1e?4{^qP=w!9JU0(isfx zO^WavsHl}kZTG%Gy|ZqhQHnGAviTFskIR9Mker1X*8`~}hxIWO2qvKkFb%2-f7rRR zV4=ktjp*7W+Le9{bX6Ee3}t)JC}XVI^ed~CTdeo%TO8xDJF(($D4mgzvQDgMKH72@ zOER)v0PpiUX61O1T{6%_vAw-7=HD(7C2;EEqU7UiEwF9h*OSZeC z<_-ii=-H7mhd&~wlT2p8033p^9f-xvnlj1+iFCN$CpxICtOV2!5PL2KoAeRI^F3@I zlrTH=4y+#;N*X$>4Lo4QS-NA5OJxl}TRfWFG((#JeOuD=d`Iq1;C+x7WCA{BHxPS! z9`#ZTybwLoyo7;+g?e_o_rQ}lOCM?`@Yh(j(jM5TT`b=tXZK08OrQ%vy9oV&>WQXl zrvY8gM|TsjFF{^SsUAW-crB2rV`i?ilCa*w33kc+Fr)RrU=xW6nOyDKflKX8LEicC zMx$+C2=|F0#tHX{86F?#SNK}8NWNIhDC}`y$(JKv$X@?fqre26%Rd(WX<29dX6qlTu_V{Ty|@9zIeVI zEp2Y?05^9z^WWzGarFPy!v3Dk?@p5M6ED;bh*&SM7*mS>B9KdWqYxC+@ zNYdg7zuh{n(?dVvS^6*AO+v@_SJlIxZb3YZe&bZvk3r$I?><8DJXHm-t_Re}0QFOG zD?^uQbw5J)d8+bYCJ(5Z0qUdrfmMPmXy464w|J`X@H=;?m;vgg8d8G(pw*p+uJBZ4 z!x8RKJ_FQ4Ri*?P(Y~95jCrauVO@79g8}NMN>qaMX?5qIGdxu%h zK>KbMQsAjdgWtJ9I0mSb3Zn#_r`4T>M0u)G;RrVB*KFp)>J=`o&L7(=EeO;l zMKlcj%)5zh>_vt9B5Bo489ozzbZ;L>on*2G^(dg7OA;L%S^9cGu&q#SlG|=i&JN;2 zyAC%WSMWL0duF9z!xZ!hWV%A+pA`q&Y^-tf+o$R~h6ye&Q!OXJMucvthq!{978+IZ z2&RuZV;2d+-zg?xujx+&r%0_Si1#`&#Nq&)?-;w;2c{&_ zJ1q^}Azho^K8?afdrzf{15+B4=C8O>({z097qV@~bu;)QyzMf9wSX>_XahM0R`rV1 zx;wD|oRlG%qI(mq$Cef1nni4xg^vF9bd7%IXW+A zuq0eBnhd|5<+$#_MSXI;S=DP-08MC6ai~QtOppgP&C>WVpmh$6D2=07ITTEeIDhA_ zNK;7^m*B8MoqpvWP;sb7ExhukOw6HR%5rG78rM~Pc$d_V1=HzIu1_8}8s<9{urwrG z$@8bEJuV|maX5517fdK$0J@A4XRBQ)tAJv&c>1(3kaskykjo};)|3(@Qz?kmmhEE_ zdM##b!`##8{j=++f=76pS)1VpbouW0vuLc)~x(`e08IT^)zqQq) zPU_mUA7U-_)O69qVk2%DjMh|Usr3|z6Gw+CckiY)?>>FPd5+7z7s)w6&}*+K#m2E8 zG751qVDmC)cER?C*qrkTUQA8$*)#a@S;b66#^UVAt7{fzGDYPXSVCXd=#QaS9d-L| zEzU`C=tzC%_`dJyVAjx)CNoSIZQF%w;>iJNazwn5V#=jku~@o`qfHe%w1+JsLOCx< zj-_F03>3?EFpk8wU$$H@K)Z}iS zy5Zo)8tSRP?#qHr_`;7L6{;1D6;C%)jbe31vH}d3G^eBK1z78}i%Uz_N)t=-rb=D! z$rl&1)}`^>KR%p5cXm)jAit5+O?lQ6x7diMMdf1aY8g_hqupMkU2iKz2`U+R zA5$?KW?pV}-3DhXGPwUt?JIv7Kg)l@qCTL8K}xLt;+V#ImDC$yp|{$B+6lE6tx`O3 zLm5k@8IB%C?AX_h$20`ub{vot8#EX)x6ysR5!$p?yOi)&Au_~CjH_&JLu9Y3esR{o zx)HHi&Lmq`Y{=$Zn%@+@Y(rQ>i?vjg)x1l9B&!wCt&VGb>1K2fN2l2(>nOHi^v9H# zPoQaU^gvv~H%YO*#Rp&CG!ibz(4EI?9E!d4^2r^8+dt1@Ioiz*)oXi+nH-2~kBG~P zx%Hl1T*6JiG4CNCOgljSR;->&B+}#EY1aCxpGt5xG@8UnSpq^(pZj> z+Bq}#Mx}@N3mrL4dD^y5=3Z*riWr#$L`@%PVzh`EyWVjvb~Wp$Qij3srT$5N=NDni zsWmBCU#`nrDPTo#m`tXRVuz0z9Mda~Q7vZj{PJl3=5i{_E4A{Xg!Ye!#HU$AtHGmj zb-|<2R$`%p7)-y=w4DvZG`RWT9+uWkHrH8xQM9YL=Brb64*m6Yc-@?!?0%1wJw9dV zO;n6nyvtR5xm5D}%4*u5`|}4{`93}QP|RL5x=X8=-`E~oy?nCNCcXU0Ho~<|o+4NC znr|EuZ0@#2gSY>zaV~Qs=nhQy>nu+F49~4tSQ9#Lsdb&b!EWRw;hJQ{VXN2zkJ(cy zr6n%OwogNbE0je_X~tbOJvwQ24C8Ji@3~z?j%@bFYG^7q%m+-2@T3n&3!_Ffq)*j;A$=*>e`5-B)ig!9 z^yuo$z1rV}Q&HL4JAvu1^~ zcv8V5JF74}MqfWNzDmg*RbdKl@EI5C9q!!M!v80}QdHWns(Rlgx=CYuf-x{??7A@Z0Hy7*m@IHpiMp zOxql;1?l%oXue{F*<>Te$1x_AqX%7mEr)ri+zFGMB^sGdj&4;{Gc@?N2TpGf-ixqw zzv3wW_`W;o+Y-N|asSH;bVYPb+Zp;E9$1(Csw1giSbh#`p_BYUshIQWe5>>lpHk@` zwsnR_8;XzLvSL~+xlmg8Z18ZKHPbZbR7nLpNAk=yr*Djgilhg5O6rx$m-Tw1y4~NH z;By-mhE5z89drcjiV6DLaLr*;!6wg7CQGgs5I&u$r&;jEwN?8z{FESzPmR zvDC zWpNCSCs+2Oi6H}iDoJ=WV({r4jxJ?LiJ~I(r+XJG87f1=@A@|9DquJ#)VFMbKxJL24e6#u%)jpO&=EE7maW z+%q~+cUPjOESnD;PzYoe)1A4ZbZ(Y$U$r5r-QN!*Eglm7S^3FF^J}|C{8iRxY%XNa zdtJJ4clV;&i`=YwcjKdRnXM1tgLZePMe_r!PhlVaoM2c?uF7{<38XFB7Bs--Xqu)N zXGI#iK0czM?;xJY%X7)s(8+Jykno2V_ir(V}X(Z{yfwo>N|$&}_(K!L~i z#_|B=@*irK8JP-2DYri36DcqR(e8jCj(-vatvVBP%Oh%YbvoQCeBTN{Me8yAT<6% z3_qqABB6#JyPIHV0A{ymtD&G23U>54%*Lgjo?pfaL50Xx>O~rby7L?u!}#VWg@ZCY z5!{N!mr<}cC}v(fv;rPzh2~hcVwgG#Mwbe(AVCw&1rXZCe?p^bphKVA0ksDD5YR?)4~fRK+C_CDi|kILN5Sy zUbM5{kPd=u4{oI{e?+P1yv6N^?K7|%Ww@Qv3xQWWa{+|rgX%VV)u+G%eKsl7#3Ga@8TaH#~t1%%43KoK5!^x$g z_ds#g8Mk5)92D#wia{RZ8=;`M+M-*rbG#@f&h2P_WLyk{)yKS*pg)Kbtcdd=s$b=} zt48d$2jz&_x0Q92qOhqT5AK!h(UWfvK+r3dt@pq#c?vd)T{^-9t2cf zL~&_^2mbquDMDx^@ZVejvb3-IE6b4*N?%0PU$L>}!kpCOr4+SxE*L*kMiG*8VJ_~! zKl}2Z17o3_QuFy-Sc=-KmNG^@4;b*RqX;3WaPKWez_d`)A>uV48o5>w&Eo=4^PqaP z?*jFM1`6Yo4ZlFS33q^450Cqu^V$`@+WTgN;P0jS4 z((?xa=H&k8LHn)8B69~CzZm!5&pU&|;NJ(jMmHtHj|7lm!63p{2n!-7UV$YhH%bu@ zR8SqG2p6WQw4}Et6>&|=?YAbw3UH~exCkKv%ef@JkI~70k5xLeT#^r~i z8X+XL60GXaVH9B#733aL1c?}!jUyN?=Y{2KhB-JvA`vb_E>xr4afbZMt8m diff --git a/cd3_automation_toolkit/example/CD3-HubSpoke-template.xlsx b/cd3_automation_toolkit/example/CD3-HubSpoke-template.xlsx index 0e0f85a0cea700afc961c82f4e973801bd9e7d58..9b2c10983ccd3ae65fc1f8b8b6321b3d7d902b38 100644 GIT binary patch delta 33176 zcmZ6yWl$V!xGadn;O_43mJnQr;2PZB-5K271HmP@y9Br3?oJ>$1oxffJ9qEd{R74P zps1p&yPxiUD`Qb!Gf-+9kzggUCeZbh+mMJsHV(ToxUWBE-{3PPf6}!WbS@ZSv%A(4 z&0?7TUTBsYsf*r@t@~PkM9r1?E_9!%Nzh>nEjcd_rIxL8zt|SfnEv`J{XSIZ323?f zu<54tTAA{Bpuu)T^In}d*_-`(pHCWL1% z$jys1Y^<3Xe(@Xg_;y1#HK{Mx^-&-44vSx6Fbz!!$v6OjS6#^RfXXoZ0c z;&ov*eps{??Q}#Di?j)2e=$5~4rW>HV}xp9KRU5y(0Vflpijk}gpgrawl&tSda&gv zPFUd0`)k@1dmz3aUmB=yORmWV)nFEYaN{IjdvZf_A+`0@h4JMRx z(g>4$>)$A~d>v3;@c42om{I;Mwgjq)vbwR?ldfRF-DK`(HXGM4O)`($=L6?QLsrL< zb>~r@;93U(in^LH6wj0H#8>z{96go}rr}TrbxF;I`t_BW$HX*^&uhq|U3*y^ywI~Ei2eop?D z3DQdaZCM+l-=*^QB=?Qq{Q|%Y^v9kxjWv-VDhmku7_?s!s*%(yXQRFdBFjYPE;wUJ zBoo&T>b^k6x8mmo_02;Cp2i+-?W`ZEP8Ha>J$+X><7p~cOg|PZW@sW@$eCAzhb|NP z&4=BU?;88#36Ea<#BL1U?~rJb{Kl;f5gX{s!@bqARVwTAYx&verOehJME&A-S^s*@ zriQ<_H$dUgn`7|MeDk((W&6%D``hH%qY(9}OVYsC!=h!t>ubN|f)t4` z^28yA0-?$m(WwH$xIgX0MA>zu8xa1~zLBvC=3#h}X87he9s80w+?1>w(3BfqTx3ZQ zLuVtW+roA!5*McTfMy9>z zb3)0JT2`gx=+5gKF$gtnbOvsFZh3oDN^GD1a4>FuB+;?$9_WmZOl3q(p4Qhj-Xt61 zunC6ESd7%-BOOxN-<*BV<3%jOsPnZR{({>e7X(0HrwqI>h8#-bD$z~C8gOSG;l4BV zJb~wsR@FKv0|c#mfxe6l3W}O-$bV)pI(b?=8Su#8HV!YXuUx=%GGr%hpa?drN+Ta> zdB4&6WfF@O(|RFW${j{uCT*$flXj{dggxD4qg^x5FigGv4lG3Oj(4a;vjjvzjC5g% zgbmjll5Ky{ud;z!bjrh;#Tcm9FdEIL8G-a;uaPEooK7qb2c_i=Lvsz_R~VbfIYM`w zO<)b2VMU8pdJ2kW5EYJ1(w>NU2hmA+yg&}=!pxe|yMLSfqOUY+SV~V9zrTc5Zy!-$%exFW1AJSey}g6j?>8{(8(^53iUR^Y zu6r@L>y5Zoi6>K_4!9$fNfCNN%V{%QAwny--J7{wE2SioThvj!;;mggB+Ntl{-lW% zCqKlLQBpRW@kF$yE|60yYXnE|YN1dDnes#+BrcF=f(|R;X4cKPAqvFX5*7^Y4!E!T zf<~_*Vr@9td9UqNbvM7vM41@3GmSGPn96x{vT*cL2xwYWc0Q@Km08+(DmSrl24^z% z4Tk0lk|a5vn`pDL7DbD-rGRSkMPOX==-bHolfJWB?`M<6Cg(e9nq}|o=F@D@Ftv=Ftwoh{yR1w|hK*!= zG^E%rdt-&tg58fs(djCZe@Hw=wYWa7T-ldm06{LlAkaX3Bg>YEc?r_pkrKpUK9mxq z*zPQ)8@R4WM`o(k^lQtY!R%0Fz9(qMuxod(Mop_x${~c6#d{`5l5!n9iwLTo?f0Ck zC|y|JPYll`JqX>o7B6APSnpwwgA(?Q%7V9#q?3aYUXR4;Wx5@}z;#ESL;Arb;Yg|C z1ZwEvsUKI@YEQnMiG0T40U3P_p7P){qHI;5m4n(E4T;>=WbBi;%$ECxP@N3^1#b0o zl8)ah`L|h!@hMzCy1$WIt&wU9XLdU^NAf-++^(B`rGfH&=%bvDtudsdu6su;4ne>P z;M1(daAxpy-DX;bZ^IVycBso_HX)o52Gtl=>;=j7{(PUMq%3I+vF_b4WswtXl~efC z3Wwp(JjyX>yJPpm7xE}l;~Rv3$!pZ;i%npVuqMF19EUC_*Jf~Zn@-1x^I=6}J>?qj z50shX^%(&tKcIzucN)3s(UsW0HPROeue5E)Se56HZjJdR#zrXgs*B3Q6lpFA4K%*t ziye?nx;hDe;4qBX^CM66A>Xs1DF?I?A&|I^?kmJCe3KJDfz}2!G_j^5kW2GI&kB*% z@dYzrB6byOJ-Y+I1pX182||Zl9#P}j(b66O|2EoqxHepk%vUibb^eoGN9Jx-DJG$E zAs-(=a3anDRj&~dWL|Jd$l)Rea?yx19?EP`z^115DfTQtx4+WFcZjk0QnHoic}Z87 z1%0k&o1Yt55G5j7BLHIF);bK%yGLOEY=kz-UCnCD{M-D{Cd8i_;#Xs&kmw)m$$`E= zIx~;ieXMV+!Oyac?_o>p5+Qs^U0-iXQPL&=%`g3CE89m*=p5TG*80dopq2tW=&71x z*p(a~FC}E5ZWz3fDVBcN9hc8nSXUpi=t5^``>n8rvFPM?PThY3Ca4tZofD(KGqOtT z$h1q#2;4i)RsCimQ8?%;)1m6YIErV{gCN(J-OC{q9GQ^AJ(SyjSdqCTTDbHG3KNN5ZGb6jZ27>V-V0?K-8pD z4h5&b)#pMMGE?>GG6MqM9`j-`Q%};tO2sV?wWxemrO3WTKh=6j#JYw@t#GLZ6( z6&o1>LQX$9L4yFq&FX1q`%O(New7{Fzh?g3@G+a(J&q=#);N9ke69TW%9a=!*GbN< zA)x&2K29EiiGrdLf%EE$WRHN$|5GVk7r><0o=L6%hHA!HZ_HhNCs+6&m_ll?uGu`+ zUNSVkZ+Cd~P;sw|m#71`kHXN>E_7+qPTI-#QJdbJstX6iQpwz;Jl;E9Y23jRv;bL@ znL!K0V4~IWHOBwy!++z<(3WBKL$$z-4wH)Tpr>1JtV*zf!5=N#*t}s4wN*nW@5_i( zy9xQA%+<_T`9c^A;mETH=g>@VPkJAl;8@5b6AewSw)dS;{+rQ?uQ4P#pH8HR_VXI@unD9TnydSODe0HMa5K>{3Shla+}R2ADD#;p9*1GGs05+MI+d}Jirv}1g^9(GPLDMC3Soc$T6{xHDppY8X`DJau4r!#~M zCH9@Elc$8u&tQ%POTwq#g5(rbS&TW*Q?dHct{KCvK&>r|7&ML-;_)Cyzrcmurtk98 z8h9V%c7Uv0NdvdLq_cSvNc)?MUv%DnOR*GNkX)nl*TH@sK0y12-N&+#^3cwBBQg4q zj1N+m(eQlsuan8!YCx8yA?SKg+@sKIADge3^sL{TqEX*~=4tR6oW3$>=1>fAE)hr1 z=!(v01)<@W%C8(goHqf*+G#E_{>+^5`Qehq?eSzt?myy?$(NUj}lRgc;*&fIL4C_x=?js*u#K{T&#aU0c z9%%55zc6Yjch1=?C@?Je1WeGR)eh|CT z_ZoDvP|LH@a?qaP<3$YXgkQXO;NkT!^k9wz468j3tF%?%nZqvGG(Z27S09SJO$M-c zU_)m4@X?3=xkGZUi&q6Xa2Z>Q;${`ls~=*t8@L6J`MWeZfP|WjRX>A9)O^m9JmmZX z#d0)zls)352tfBci~#-IcU^Nlie*uJpQ|s|KIuQ0PC*b25!AgJ;u%K@#YjI$n3cFysC1Ku5=30Tl&`{SbU9T!9ttJ_!z;*hzY7VLHcORDx zlTb>(itx$s`Q3boYx2({z4pye%0WGo<8N5}y11WF9&1pb_vRckd@J$xsK$B|SRszs zTum}zW;B&E*ZvGqk>9R?L?%z67dETxqK$Mui@mZesUUK=xALkQpFx>l5(T$~8@&RbT1cb^Yc#4{Rg)N&yj)kDBu5$%afpuatT4rNyP2v{C< z@OQ)YpoFVd4I)VezL8lR(R;NIq-%`^AN590d%*}4r@yQfUX(XDF@#VfX7~+I1S3E| z)RO&UBEJ9BPVcYU`TnPN0}5i9nv!s+inj#OtDbcC{`%8 z<(w6*3;yfx4c5~Y>>9_-ecY7zk!dH|&1;D74?n(P<7*ACX7aS-;QT;{&c!7Y9#>pF zJySpk56ExA+5F&u3&+YXQ~!9( z&U9An{;t+_A!b!a68;Q3{L`5NsqIwB1OCUs@i)&5$0}5jy0lo=bdjjU-G+tcg|I53 z(q}oYp_!E)x(ja7H1T$>BNZehB=r0kkr_)|F? zH7)vd*Fu#IRG`OhZ|aV`fzE+xt}=V~cMKPR^xk_mxT>!>p=K>owZ8%XLou zrWiO@Vk(((4$)gTM->TcBx*n--d0-;gPhP`hCT+~yF88?BCza~G_SX?OZ6@h-)(;Q zSf8+Nj#|NYisel}Le&LNa~60>IoE`dRn3(zy^*1769%CB7`kf?OB2cbHV_dzO#npB zt^qm&VI&~|b>eAzDhFUi%T0W=|6IM1(OpIj!G0SRD7M^o8!dW)+sW!z7h&9|C;Io9EycW1)y);uNmveUtwV6qnNUWp#Mu}#_#qbu|Oz|B=+ z3XM&q4Dh)t!Us0{t}n>W$-}zkj(p>EoxP0Q$-1$6c~Ylk$k33ovx68ns(5UF`7|#6 z6Rzas$)SMaTIpJIhmcbS{RF+8;FZJ40l5` ztbbvFMHF3V**SxQfZ)ac$7CP=^Hjb6>0#;JDt_q~_3+4-RgFev z7PhOeL@$jG4@UlK-WJxAEKp)Lvbs7QxuN++Jn8c=)}SdJ&jw{}6(rCtFSpNx)vshz ztRdx;(4;6_kC3mV{YqJ}hA&!m!TVKbBEWn)R0_WS^8*E&G++;kN$hcI>Ay<4Vxwn$1me3&~pMibvA)za4(1KI?i-7E4?6N4_ z59lUu4(8hykB&+#Ua%)cGc@wU0GhnevZBqDo8kNKGeMY#ZPlJO+$lE*aYB`w-8$#7 z8|`pCSk#u9vqR6-hU1ZN*d8WxfuJF_rn)E}-zK7ik4T+SlneFDzymp_GAl*;Q$b|a zC6%5+3<22Hdvqk0`;2ZI(?bPrn)6-;`<4!S>X>8ny0ogBVT59d$X&0(*k32OCqhN4 ztRua<$vY0th**aXlne}&P9=9H)D1$1YkyqQxL7BP)}AiZ0} zR?9k<%~Dm;;7+_&!Zq}&pbb7X3J^aR3|1=jwKKTM8m!LHY5N7L|T3b zrk~p6ZA(hf#$VbA{m+JD4MU0rAykwzHTtxaKe^Zui!<+L{ErWp7b{IrYQ*p)zj{1~ z5uDsTDzd&|jY(~1V2?G9k?410$g&Fr`5MG>##EZfk6Ld;K;?!GDvnL%;!4}OH)Hlu zkaIWpq`EwRph(jc;~+ZfvfLh(A{qn{zwqc7-%HhUMySar@he0c*Z1P}ts@)#o{)0B zs(ciU9MU6~nja4Y>5O)rSw^AtGMKxEzed=t z-Q&bPu|sI#mAOw4OSgiZ{3}Q|wHO=_AO*)PV?Q8eckla4Wn8L86?Q$w`byU{Z9c-+ zY;)hyO0cwEu$Y1j2pXq$58Xio4uKWZcMgC3)An0BvmWdrQk*6O@2OJ9n>nu89yRG4 z45AI0|J*PhMGFo#aL3-V-pk7$H%)x$`6t#z;0YmP00zU6A{#f0K&WTueuw0Bu$#7< zl=h<}f)7aux{eWNGv8-BD!FnXHHx@h4cgmWN%kvAJX@eB0-v^kMRKOHtt zQ)W7W=xRo|VGE|1++y!p_#rt6#gQjnD4UIZCn)W(()5EYg2`vC>u?@ zH{PiUKgENveGW8wau~gIfSxl>G=f@BQuUQo4SOmTSZqi)eD?7K61Iw0%#&wUj-7cE ztB?Dlc8g)Q!lSa~Jpm0OQLu=}HS&SGj*0z=tk=w=>HIltc=W54g{WH2?2#mLdCS!z zWLL)=z*DC4*xYZ~x7!~dsEQvHB2xvXltIr6-mM^O+^Vw{6(Oxl!A7h#S*^iR9>YA) zvqY|wL6qN8I**+9;oVR$VzUI7ZcmNEzqrE~jn@@Y^m-y91ej@*!Ky z1sXd5xneT1;*a+jcW9N-@Sb;ZeGuyoF@k*yKYy04?kB#-u=$&!SnMC@Yhv&);{4171xO-c%HQ_@{qQVVxVostQXmSB8&G>7&ZbU`4m zjBp~2jTU(`GjKMYbGAPm7ojfKaH$^w{YP)LeT1N+_uBR^DQEUY&_iNM>-DIJ193?< zV7OM_{L{3T5XMR95Ogt}_rQ5j$xL96RR)V!dQ9r6v|&wU z*QJt@RpqRLeCy>K(FATATaPeAgM%|XGNK4}dPyHF1cV~mUj!#-`eTEZ0Yw1HN)5dk z`x*^FeX!-1BvxHxp0)*V$w3WGDDoI3kx8sr`arc>1 z{cO9G<}V^2QJ}v_Uea#PF;a#5C+yH#70UwXaGdY{N!9T-Y4A)$^ z<1Oi|7%Q`6YG4YH&`Ui70?x=KQ@#U$WoW0evfaf2z%zQSlucPkkSNmfyK?1PXr@67 zoehDZz|i(Vk*_6%p^gk^t02Q=JaHeSPj^Z|Xn-BX>ppb@9^;9R`U|v?P5T9zsQE${-b(d@luMnB)R z;to1Gq0VlV%X1L=Sj+#>S#6?0u*?$um08ArGMfX!95fAP3+V&v?5+0yS7$p?eb#2M z$%0hJPf?#SmaNetQY(uE;OV8J@W$i|QFIoR?jz#}r0M?QE1foG%j_S%RwYGf@uu#7 z9a7W9+!sAR!5jU~z`tUA1*fK?Ys@piDcS1Uo7h?_wCgdms9;c~>E{2*4N^|H>o$Kr^w`Zkz{(*U*p zo&-u=>w65^Q;*~km_PrRA*q!)z#yMjd$+^q_rkbujwGpqk0P(3c4%Sr!L_UA(|oTR z3QiBn|I*nps*fbYs)`5jCymFx4~X6*wr&AJ(RF0R3WvRh z!BR^16`2!xIRVMo!ZT_{q>!DRD}thVH)Zp*C)n+2nvvqps>UC_B>dh=2JK2X0ebNeTT1E>_^6lhyt{&YbS!IoH1T`7qw9^hg=IbPc?JVw~%XcuCQ_&285WLJ+g z*W4!C;%gwLGO<#f(dOywsafBCz8yxZNS=jnI9#VRw3G|HUu+&@=eC`q;R&?%f~M0c z2GKNKYF>!VSt~H1CAr~CE91&C68ai_Ic6ZX?!bu=W^_;Kti!{cu(77_Z@{ZMTA|JY z#}q=uYXqwGuu&@WeLuWaVyJb5&IpUGw1UsMfDGamC>UcRYm5?4-&a zO}g&N^R|2Y^M15JzlNEGOs$H$ep*W@>VuR9*oi8$8}!Khk;G+l#w>m$4nI-nCuf3` z-^C2(-okyr((;epKmqN1-==eElBzEJT#S0Y4WNwGMejTqzs2S3_KBM^y#ei>-;ve; z_q3pqMV?=pUBS()TVtk4?}tl~qwj4FLzZR`yV zaJ!YM739nglM|p`M*T{i9K_Xi5@6_)J`Inby1pFi2=Gy5B1nRX&IyRg`95pvS8c>0 zo10`e%j6i%5p?<ylKD!NfJ7Q>!y^NKTo|4yl5&`0I5#1a@@0$zAe&oT3B%C)m##5?G>uHzMb`JjW0TQHr{-!O;W^CKD1@={J_a} zIqkDGC8%kSrBjQEr7Sep8!IdOpz%(sK5~wF)C4FQEzqYMZ&Z4#&F){Ztp8`x9esl6 zFPd-!uq=~edx7O-_Z{E_0zM)YoIrT}O&~7#s%BjmL^h>4i;+oqd{rLIdt*Uw6HCt{QhfvGu0D@;a@5H7!Fue(Z_ zUIdP60F?t9NkHcld%PvGPF>Gz-^H=e;tI5KWkM|_+(zTDM4YNBN6ZP?*7}0+xq9-^ z#*7`$wg~t!?Eo2FqlAMK#BRFl@RU}nw*ik{v;*UKe+HUv&f`@*u_uKcree~KHjq!m zCnwRXFs|=Brv7jT(($LA?F|$`pWm{{f~N?pN_P?_(3IC$#))EdCYD^cmaqFM8SA-6 zWe_9p*t$#m=~#JnWHNhH+1kDQ+JA-hVzw_7N1gR4e42Qqav~YT9PVl9-xk3-(^v4vP`FWyXqp`$0zu_mdRWGi^hKk zZc9$sKjSn-KMUs&7c!rRMqjIgAUxlQiM0$cAJ%edp5Iu6OM1)6O*CP329m4??9u-e z1EUfxr0z#pJ}y%4Lzl76sE$v7<)#wSZC2`XMh@)?4?pnMyMut8hA$u^T51^&ZBVBE zYOh{BbCT${kD|)YY5jhje!io*hpPrT751ta?PZ9Oo&1CAyT8GhK+@!MH=_8g(zV47 z?`25TmL?_vsn!)BtrH8BMq*^&cH_x(jQL(>&H$8}aZLDLxF&j+pb=caXb zgcQtekm4yd6knISYw?2ZYtjDcoV1IPrkmrqSwQjX=qmc!(FKI>+MLVO1(;tJ@NLG&2tU2(nGJ5O-9ffGC&(&)qB zFxD|iJ&itAf;UFU=ocqQY=(it{U^5&%T*iu zjrk*d18bf;93q>p$X+*CWHYh-NiPdf7?vmzqInsnt&VYexf_)iQCd<8s`TEpGh(phw z#*0&>-v9Y#0Hysa=#5)|p^Hyo(heeID8I@FRvATJDE*(MnpRmnai zx{Wf@^L{>kf~|MAT}sIb;epUzO8s`_&gboPSG$)-&FmsWZGxsciiE=G!=*jN0-(f7 z>W%lCDE>F8Oku>90FYpm?>OdUHS=tL5?bFMrg1@5LBXhUiTBx#D;C-cPqhKBPwhHI zN2T~|=Tc*A01D4U8ZBJm!pHH$ebFh4v}yzSUJ93Pym1jtDIZ`iD81 z`zA)ji1dRn1O&wU`@b*WQa9{_M9@PGLN6iuSo0c)%2Z$gt3kGWI$&UqgWVqy=znU1 z&wmThfQ!^8GUlzwWC$xvaF5>7=u_HQ{=_d32M+M~nq+V?TtVfw_M)BKUueJ=dz9>~QTElYdlLSF+=hqD}*)sUAlwS?;+HB zb?A}v7n1605F`7<*M3g~qX=eHM?&ww3`%oWdpU!76dR}~ zXX$l|KFcjKacXNog$>}qS?S|Fn52M!-@-H>XdZgkU!?2{J{P;6?*b@M^w2whjZffm zg5ZW)K);U%k5EY+0*Qq0rU+B#9V6aaN^PMpka9E!ZQ32qZrM?0y@)3ZJwNFCYlhe8 z+7iid2B`|0dbxS;hxN{PjGN#=tFo9v2qZ!2vo*@i7N&c{vNDurK zYG;JwppW8t>ZDN40R!(STDs)q@G^vQ@sQj!e#qqT*ZU0Vmx1&W zKq+-;Ws4c>`K3y5Mz;u|U}urkc-(zY$Sx%t`a5r634hCl>~MLk2im~}d8X0fel$26xJvi1Q}jrzi2g8ds(2;(-H~dD zB}HihSWwRM`@TBB;%Lak_ zOg94dxqvUW;hvZdr_(-fdAIe8qlMaRC>#C>p=yDUW{@}l#F)}?#KE0U!4{e3fKe6V zso4)vi({qNk{DRoBpJSZfkqy&;t5VR>JYa@mBUq{i4kQu1;884eYTsD z?_?erWmaJ36tJTDoGyK`@el|iwid3fB2(zvOS5Uf;7t}qPY^|cS`4J_>XRxM*T$|D z!r976q*t=fMp_2tBR4|bX!-=%3674ph-Fo%Pdid=HlZ8pIT9-fgh{7CXu4!0EXR!v zIDNpRvf=3QmVLt;kZo4Rk<(Qiq1W3{NMLs&xLN(s1MQwUpsz@Meq^OGvJ^Q&N|Me& zdUOI4&;@n*=`@oUdl4hvXMDoL)yw6(@;QzWoh4ucWOz{Gb_@V=khEIlJ^0^V_5aDcS>*nv1B0B+;AC=Uk1-s^qpN}i zDkHhr{#*rikovc@yaM22RkS`9eAXBPCBuEfLP`7oab(_Kj=ZA=b7YYJTtqg&HYqkg zSGE8*c3OP{{p1YD!@2=aOnbtj$ia##p-spcJ=P*^hs}l zX|k$pC+{sCOp||0j(;?1#u5L=DpL;lkxb}EX+It-FA5CMaDi{7;G>{pf8L4Se%V}) z8WKiNM3Linyv#JxF2S3(s0h;rYL{_ahsq?;VS5P-a)n0;e~4rr?r#C1^{~G;=$okb=jDfJ zQ$s4-fe;gK29e9)tw}>#PY^6%sqe*`7ytp$m`pK50aE+t0{`|Jf5){76M5l@ z^UP;zh{KR4?yDW5?O!Ni(aEJ2G-5mu4j-=9xM*$Wn1$wmJNkux>)L<2ke0r!?hQpm zu-du-nbfawemDj@EP)wQQC2up5PXb?+i7?@oEd?!bk0mDm@95Ap_(qNo2dMsm z_%{r>`Uj@vf5Q;3+|d+H*TqZVP8KZR+sjwF|Arwj<4#!D*Efe(pGqoCymS7dDV7I> zSsf^-4ti=&7^&Qo^{GEiHT9A{_*sl6tz3PXTjWP;7^#y4pr{RTv3TFTojuu4)@Nhc z=+sP|9SH*O9r^IJz$bx1!3uFsWyaxA=YLmnSB!uug9vpsyUg_&VmDRv6t$D)ODtJX z?)U=ftA?z<*?dz+hRHtm59Q;T4WED!ED#KVso&JpU0A;8Oyb`Ij1$~i_Ors?LT5OE59p40kxyYu$aHlhHuj5F|?8d@b_5uf%0W2_)U6$YAr`_x;YY=w{q>U2Og_Ld{~3bNIF=HTiPP#+;-+_K`Wa6`>V z5**^Dnjr)k5(I=Q(_aouHk-l)CD0<2S`uhGlvw93{Y7ac7^NGH??3in=)RU_ER+w@ zUik>+?kPAZsvik*m9>^y2q98#negDi*0gZFuPrUmUkerk^%7L(Z4bKHe{D@}b!U-= z`l<*FHNxXs^IUsqU(gwq{*F_ZfHj`7_H4kYrzHIG)2{R`DX{=U-3$~_NRPtQXVcxp zp2*5OVBXK5gXmrQrAmh?DOE!J#d`Sur?vo&!W|+oE}Fa+v#9Gtz_ieJ$m52`0*1a4e0#Dei2e@BBJjbmD`P{mIsbVzfOZ?wgWWsYlXf z^bQ*-j2x?ATezI1#Sy4JNx@tRQ}%8gMZ1gPrJ1q7$pYzqXqS)hvw%s7uCw#@;P`ts zOVU28;ih-h>(98UY*= zHiFlMhTr-Xzx`sEhOZ==3 z)*$&PS?9FCCG;dxGex+{J=z?3oD(+Hr*nOO+~N2b2M;AA7{wz|D`hvuyaTvZ;8ne8 zR3C9xlo1v-4h=O3HCKOd!Vji4S+#+54Z_)G9L`mv=@2sZ;8W${^>5nWFWroRIXswO zs$gKPG9}7@-%(!Fjhu1&tV8$6PY|6X0q#WUwRf_3=|@@!Hf$28b(`NpYqgD@a@%{l zwqO7@2C{et)A>>eCt49k#MNoDN(*-cyo*Hc$56-Ufw8Hep}^01BeTZ5dV)3Z)>fi| ztoR*X4V`(A>|cr4%|lk7kP}AXR6SsMP4h*A59s2wkst|`0@i1n@bhw@u{(-w>|5Pq z;Q6T)?CS=5ZN2C99D6o?ar96)2chdQj}Ljr5+^t5Zs$a=vuJ(}Z7Y4!&8{Z5En_DV zD6z*1KQl9?=3T5Z@nBZ;>`69>WC4G}x_Ll+tQ#D$ebV{0P(g3|cJ%_=;0%7WiycB2BLm5|QhpPl$%PjB10~m^l zL~VD+JtjSem`N4ur5wNpA`>c^yf1&!AD&OFIs3uOEVV`r6t+w7GOP9F!N>`` z%xVT3h>#&{Pn$D;(y%Z)FzJJod^UT2YFhzWUgoo=PkFwl{;!ywV*FMRxk(>sC>L8m zW^)-y;yP3N(xKVd;bW%h{WkSNN56kx$~trbc2ljz-vsLMx0L}dGAB(jX$uC(-lvbJzMYN!jJt1ukUi8 zjr0{{K(ZH#%y_<`a7EbqNAJBr8HfUZEi7r);@G+Es_rX~)XbNmn* zJ%Q^?eK~)>-1$-1sXyQ9pay=2-(bLF)TJZ5|`FKz?tyuYBnugDvh8Tm& zon2#eQZ2e&Bu|AD$^>Z?`cH05qgl@~0SE|H%T9?@q0dVsR_!Vc_1%s#8ZUHsPN}SP1tXYz%2GlgT_9#{QMD)>Q++CB>S-sHIa(r!in(xlw{~rI9=@-tKBG?VT*6U#b`pZZ; zATTD6lk;{dL3;mtS0Mrvp;%}v*ET4zCfjH*k*f`IG8d4qw|ehdLdPlsds$iE*fW>& z;Wl$G5O(bSPw;A<1^rHZzb@@(QcD)p>&q3t4!I)HY+6ww3)6I@m23CYgOOK)b%o7P z3_NlbtCHO~D;ku%4Q<5TuehdKRUi#0B2cplaHGJX;!ZvTql{k?NZu(aC|+ISI8wfw zA}G_2SIHw7X^aA%%~wAv2>dszXnx*^k*$M{;&EvG;8rw(#SL0*R7rG$_9Alv)3w@V z^fs9Q-^NoaU2j>Ew#E?rL0$+Y9)PKzd9esvA>4+Sx({e|q&C(&{rBP8#aWYk(_>*f|iyT(M+|ve; z8|jsPwEmHJ&Em(1F?MBIF9h?4n~19D?_bpO6!}5Gv&i!vBnx=KOdn7Y_7+2(u?0hW zr+*X4`b~86(UOWi%L4$E1hD&7X*A!Q`yC`8JoSJXDR@#qDByQ$Kh*GNQG!e65|2$D zMHAiLaFns$Vcg7Vhi#WW#>th>);~F%EylsR6gq678twYeO%HcyG-Uo`Vr<|~xcZP8 zEMivvd4&WM3$(6o`WvUrkh00|0SL>!cjkBr!N?`x%^OTQf&Ab(N8A=(gs z&ZPq%RaO5TRsVHG;Oqe075&W)zHDL*2Lh-mW6I;CvPr6*z7YL=ydh`D1%71aQ-cCb zP$J;QxN@`2b(!+Zc-#}^`K^x64RdS-uJ z-xu~Rn})h3bW})j8zfzUmI**zCvMb=i~~p#Ng(y_T!P!ixCJ~K3s4jPZ!|VY7q-6M zpI;&Cd{y+Q5V@Ew6JwbH{o0(SvsU+i9+}1cdt^5HKab2_%r>n1HBbip^059sGGhz$ zSZ@QIXy*J~-Rrd>WQ+o@-5$WX)1Kg*+l$A{G=O7Q{Rsqxsy6yeJrkb8L@+XRLH*f> zGnX~_!c=Qp`09}$u-HFBnmaUK=l%}7Ru#`>o-jUNK5npY6h#F;-+=u2%~mf^+9^e@ z-u7eh+t|QsC@L;<~0x7z6bs#n^%EV1(~R_9S-86EeSUiJY+4 z&jvh^*aLl;?Tr>*^XjDbMb+!(wj8X4xau}NvToIP?2uKi)7uLh)Z!+hyUL(Ndp+Rm zdZ*lP55s4u3?m&I+e@w`&Ll08j9lt*g9aZ|DIsG>UdpHFr*Hdg(GU|Ji&hH^{CodT zSzjFx)fa6I4BgT#F?2W5-Q6MGNQ;Pq4BZ_LAfdD%E!{03-3@|>ASECm_1yvA&-eNG zXJ(yQbLP(F%(>_6z1F_!s7xx70b+CxSI9P=VSq4VG8)cR2*lh;I%l?md+`Ws?F18X zu`&OwG32&?FOF;@vhF=d^GObm@6%s}Q*p*3z;|EaNWg7X(XrJsh{ z<6rQ*b#c};OH(bbq^hzu%fu34Ii8zgd1p0?WM|Z@{NJ|ql-%_7l2rt;l?obBi8hl( z&r11B1rp8zW0+-7u-XZ3j1rEH4V3S4JoBh&8_C~xPlg&|n0M35j~~j)^i^$DbP*n^ zLQ>mC@fvp2XZ=Hd0^#!TO)!V)872g?xH!pVwFT=bgt$JTczj_+R1NI?O#^Una@|e zcwA#{nCNpzpG`BMMVyS9o8kyAf7rb&fM|1K|3th1kFdB2J*ABJd_Y}GZO^;EZ1F?; z*Z9M@PjNucO@Tz&vAcDmBbLl4MAbH1I3bt7X1drfosC^ zRT4xUJHdJrf{2Sb@=_)SPbiR4j0ACe`7MP~u}EWaZwE_~CZ-^&noQV0SZ+de2|@ka zDz}sS`1*a2ePP#iQNCvSBo-Cj<$Y$u2SB3ZhI6;{6S@~l|L>(Aem@#w1WX(|)heS0 zDUaR2jh<77nQ7a6`)SZv-|0Kh9R}f@Cstw8mEt%$X4M&1#hWZu|zUQg~2q@3_NehyfRW`uMuP(N+%T(n)$8{zc< zM#pO$%k31yBbILX6^Q1*CENJ?CuP^lldMYTkkDD%<2*KuE0O&iG+DARA8C6o%ww9H z&RxA(Mw4c<7j>7;WY&q{BSCp^_GV7zYk;DC@~fwK(Rw=PYi5RBLefxRl0!Q{GSVVE z#~&6vuFP9Jl!;3AJthwgTOoaliot2YhfO6*=i|V>>5mn|4r#ST^9_%23w%?)TTir? zhHr6G#P$kn7Q@wmnZ?`r%Ej{m`vh3sk%yePJ!6uX=8S(z(Xwv0s-;B~qyHVS>`Ot! zS>n@#k5N==XgM?^5P5zy_3e$^_fK02-(tx!Pkxu;#TDsD|43CL8h0kM@0@~!Oq!v3 z;P&C5)xaK6IC6iik}4V0Sl+gP(AV01gg1Z~&=%9(*tk!;=q|c`;lh1o?s!Y{)0e|r z8X-b66=9+6U8^`C7n}y$x#&oi0uCW8B^DYvz-HY!^607EmQZrIj^4`(Ab7q@u}&>b zRgumn+d4d6k)r~M5Or}d9n+o>Rj@A~?>^au4rrASw{9%?bZG8U?8VH-cWc&ARup4z zLb7KoYZ6Ox0Ry8;@mbVlS6~SbSSuxrkdVKLD`r}Z!n5W<%qYExZi@ghUayLiWcx~F ztLq$#H;$>?^pNENuhCwh6}z(KNF2cnLUIYWC-1kLLYg#$-hCEfKF2%nRU@nSPkxW5 zs>CkH0Jn9Rdr^0#C4|oWB;9qlJsO$u9ppzJlrFN}zdN^UuVgr3@7zXo{aEwsJYoT|fy$HY z*ui{ixha?ntp`8PW25)5oq8&FLFCh9@0UV;rm^Lbtb96;zkbJR*tdwgJbsygk3|^YUSBnNk+@@+A3g&9e~p^By%AJ>0cyQouu`=lw^1H%_otKf zvC`B{tHKMj$b~GWm||dQ=1up!&Q_-d=KpVA4SifnsmW$bzx~4ztUR7jb-?5>%nq51QI*NaHxkM$;Je~cW1_d=qSLt|R_lw^ zAhP4}c78OSDi8>=?_`opPp)OvOp^rA7 z?L~gKP^+@K9DEkt%``Ltrqh^h6?}EhviTB3Z)NDhCcvTr82){zQsjD6)|!G4)eYPQI82o zMz{=$2Cd&p*m_GzJ11UiV{=GGuqT{Mpx;8i)ph+4w&AQg7sm5xu=vi^wbuacYHB>u z@t?C>QvdYk-KfJxAL(tq84kP@B0AK#Ja`0H|Bn#gkF)!%iq1T20|1jAMgSH``#{78 z@|e-WoP^6cl>K*NR#FSt`X5B2s7Rm&7^C-|j+iQFplCg+P<7U| z46zi!xPaX(M zP1)7&X))JHCLTwYKL2?Om+O_mI4#^8<7#G0siRv z^&+#K2QMv~VsB~4C|*RhdO}P(;#hogRD{~xktmJM)vIqpKNqTCJ#YCmmg6IyUiiR& zAImP-kuzI1*er)H~nWbM6&`-am!>UjV^Al8G zM@#ar zxEGXaW03C3>ygZLC_~W$?XK{=jXatr!wa;mckHqB$mCYD!*af8$%A(!It#Peu z>Puk{H%aV734?nK?cN}~`L+7o#a()uIW~%VmRtN=w(r5wk6%os+mTP`bWN#6RW*B_ z6e?>~V4PepURwmwT05FfC{MRYGP;iK!KBnu-^=FRUFj@})dB@(_6q@_Vwj3km{b3g zbNd3wT}DqBmeKnzRUM_2WK)%&D{mk6e!u&jK5OTBmX+_o6JLh$mRzEfH?ec+9SlYf zg_Tad+sV1;p99;4)JjH;DB6KSoLytbrVnrT>8P}b0Hq?@)kH$yLHj2#(&S)qDkZ{G zznQD*E71|_L9#;V=~-@Pp5Za$I`W)0B(YwpYa=ZBqs@2nf$Ff&wJI8Cxol%On?Fe< zd-fAC4-u&>S9{wX#E->aOdY2e4B?b$3j-Q35+tFCs0AV>(zvJR`N^Vm7l@2`10=o2 zMoZKxfCel!lFyvbA+RV~F57-TLE>2EFu2iJp*=Opob(weCr0z~_dsKVu$%A(gfn$P z_z*;pB2?D$<+BkNPrG!P!1H(~&H(qz}bi~nI zKVD%zSFk)*(=<>C*Rn^XkY(Hj1E`*2SJwdqll4C8QF0ze0>R{)E5~P=FYU=-HeY-6 zCBsF|?y*W>>_QNxkFoWg3Sg3LHyM~HrmPfkWt>#+Kc@E^FeW^Sc8&K(VcWl|#}tkkB`3ZkrV3 zXshc2xO~550IsNR(R^pH=^2DLEdSk>8>Gv0EhI`pA1^)rgHI6s!w_4#&y-NJeL20g z_VKUjQef8zJ8-yV+Vi7_W)&?OW~VQ09WV51fqm{sP$`^(F`(E{=oAfSG}<)E#L$yZN`2ILZK9aDObJ@%S~MW0r=yj6g? ze1~=beI97CxzE}FL5H0WW-D)PSu=Wh0$h;Ka08k)`&>h0EPH^l`iS7EW#+W|su|W% zF2lI)92U(|8L>1)h)1O&+ZQI9@&fX~liUy?rkVgudk+~@!yLRXU<#b0Fx(Ftp|~jP zG6_q?{3rHT4~weB;Steu5QAY`47iHTFIpfW**4@m9l{Gy(a=~On2RD7+2byG^Y z%37qKFSCixl7n-p#S$f^_~FIK>3kGzg(9)WqPAkw2+ck|)#Q|j60q@zUgG|B)2oD} zQJ`s+_ev9+C5N*+K3M3jW1bi3Ej6hqHrN-kUKmhD&^Syl>iAKSm1vnsz@cV`Fvkfobi@Q{P04?~c?!{7u%$YzHy)1{|ir7heR< z-TUEd8@<;eF~cIiQXghg>e(M$6Xl*~Ok}>|o7zIl=rn>L zpVZ=xZtXFmQuDP{WfmYm(zy1V$SHGw*6?EX(S+F7aqn)%?`7|;aHlk~zf*ps^fK)e zI7!(3wY8L^0FL2G=fi1_*g)y47m1+kHXT}_6_MadmF7(g!Nq^f;)#k;Zq})$0~$K9 znYDhl@)>29U*~rsIrC-#N`c&Z%X@wn$dk1W<8EUUYsEoH>*8kquxZln0p%Pum34Pv zLx;y0ojW0g3=vfQ>+i+LXZk!K!j$1U$y(pKEpR#vSW!xoqhI;eEPZ$#JUtLwQH-9_ z@zVPI18GL>3g!p($I%_XS>A(&v1$noE8in2+5|Pc>lk}oOX8eqIOiCct!&+2JP-N! z-C?n4bcQC%L|zG^V1bf1-xAe)KoOqjxb(Vzrr*SKE3Jo;sXr?di# z47Bl+OSxoKY8M%?rx9OXkI%(tGzxizJ<=Xv)qb;2$+AJhAMlaC#ki34J$pIgHu+8{ z-OQX2r}H8fq5DrQw!0cz!J6Wfb;cEQpQqgK~Osku+lb75j?1uGD#4$aC;^`g*BvC{^ zfd&~Sp4|vqDpEMyuq**Shw*-C2<<>m)JWw#isg62r$YtNt;Nb$B7;AhQIh1$@G9uy zH;*QU9(JXk*~;aLs!+|&d!C|jZpmbc?)ENC4Cgte$`i3*)Y0~TiW+$>bdpR_ZuGk7 zE!Z-XUdZrsu#yoP6J9-_=xFLu(Qc7-?c-VxUqg9%6!%!pEoGrGkTHVK3nF#+n%BVO z(^Uq^=8rF1adFU&Q%yh}hfiRhFQ$;+SfV=gKw-V=MAk>i1rNb* z;%wSX?dnnir@a5bvXQ7#uxMVXMY`yOv(js@ng4Y-@v%4~rycim=j&o} zmxN%OPJPW7SPEo=E6=^)Q5FLq;}Lk&{bQN}U3CgB-YSWWtlk=Z`l|zj6AXW)sv1Vp z+ZeyxS%`7_1=QZ1%ojiR!IC}3yacG9^-<}0ZSWWR^^*AOXsIW5NDa5_DhAy!Ltj*s z3;FZx&)uSGUsAyH=SO-6ZD@_}-zg&0y!vGKbzR92`~6ue;|gdNOBe1|QAwz^(l%=E z(nD}N6z-eJ?ng4V%m4*cXH}d)j{r@as{J(`4Q|&UOH-V%Bg8`Df+bD*V4Yj8?IbSB zMRyDlLk8mPfvl!r>(!~`ecQACl2=i`w}43}K@UCzgbr?k6Osp<@#}o|!|1MJRetLK zSNE*v5ej^%7(uPzw3BZW-~)Y<4Aff)g!x%O>Y6|~HCl_9jSErUoBkNrx@Vzg4HMD= z)~YRVfN9St%8t8lwM`x6k^I6~VScLfImtmopJ4LYfjs&9?9-&D!2x62+-77oWWU?& zRLpcBdjo`SYXgrYr>h# zv_MC@1%{3arStR+871FNojPn<5qea0yM7om$@7!@8}n(88zH@LQ&J^eVDSk*j9e1f zyDH6c>P(sPbQPt(yi7AMGCvR1Fj9D#bt^{#!MluVNA(R5WAQUl1b;WQ#ED)(RS`*J zhmw`cJ?d*eNQzmqKO3NKZXQMs>G@8r5rq>>i?v@3&ams0`H7+-U#3nqZDX_j!%SbB z1~eFy_lb)qm)n}cM+v@yiF2azlM?PXv|o&L?Z<3@3YQ3(S^VLK36J04k0|fX=beJT zAr3MAN=6XNk6&`i>{z$M;F>yj{20F0nBJg$!Etr~wlXZ(-*YI_Pka|^IpQ{43SD?b zS@`lYWYi^O9bbDtj8PUZ+8sPeZiE(kB!nrQ{ZMiRHZz9OTZnchU$KUkL9>{~ov-OW z(r_6`86U=Pe)BH58C{E{pwO>V>jRg;MR{VSyur z_hQXoR(JzT*rByk_~7v20meoI4!AN-wuK2jIASizG>1f}_Fdp!;05zq`qcyo@k229 zR>vjbB{{)d_H!3a_uzWmN)*L?(;+5o%t{pblpKz;^c};jgIb46C(gb@uU8{l!q#%# zZ)evAY9zuvlo?u6y0-at4nfM-{^klqhlKX=6@=+i3J2|O41aS%od+{m;63*jzQDsDy(}t@O}q! zuz>Z&85v*xL-cmf z;D<90B|cy)AE@>NIXtZ}c;U+3U?RMy^Q$RSWFYba; z;J7TatdOJ~7Du*El5L~B(Ov#OTV!gGZ)4$poiwtS#1z-u}SA;waY88#1j0$B@X z@y`KQXEuJpxU;G<02#iaRtJ_VL1A-@h@RG5IYhHV^T{QN7PA*QqPwSq6ThQ(fQxJ< zQkf!mwN)iyT#zliK@zdi<4v&gF+KKdsk^)Yg6bCmWXBc#b6)25Bn{U{^COkR;1|cS znFUV@yj{Pb<;$xh9XxuvCA|e1m93_M^11G%{A6G6ySy>V%OJ!435o9WcJEm8<8LXr zTropFrq%#zSLN7%SH@eDK2YnRy86Yd&9J~d)9+P)2p5O2gIsAnj{bRhS4jIga;tNU)hNMGtSB4ZNh2>koM$EW!0LQ=D+0Fh=SQFS>_bV<2jEI6Uw% z)skcoQ+xJ@zJZw^+yMlR0@pP85F)%WxEZIB?vU~D=~AFKpsYMbTOI&<}3ZAo-<`OZ1Y30P$D zxkycl=OG$fvdnW}{NA|C6@1t8VnzRPIuUvkio(M!puAsQU-@Iu8XBIl!C2oVhXx)a z+1S#l8VWn4e5%iB-@^eKxyyFQLgtui6BCO+Y^#D3vb568^^6@!l)P$Y>^G<<=nK_p zv%L4d?Bo}!%q{QQ{g++a*bfSHCl2UR@YsJsZJ)4l685#Kgg;Km>J{vEbN2))6^T0D zRVsP~W<(jTU)M->?CMSTBEL0F^GY+E`{W)#tPA-iuJnET^B_lMr-U)1N)YhIy11H@;)@{lbF7~oBEZ5wtB*Zqhu_r_Px zbtEWp=7lPI7hdFPC|gz2t^IXC)xWVrAcaStWIeHO1*Q_VyQu`KDG1XGB&)$ZPht0- zC#6gr+B?rvv9F2V@~+?eQ9pQ67}>Ei~GH%5L| z+$=0T!l`)O282+Y934;fp503YfQclxo}K{+p(L{XWE&xVphWx>&}y#F*AR_?_bn2( z)FRtud+R^B9f|m(wFz2NoIPxOU7oVg1SL*T&O~4F*vi02m%z87H0^>kwCa2UDuh~Bi8qAVn!yk9ZbIOE>eaPsA^z%32@JjdR8YJA3l|+IEHO zIG}#pMFsCIo4?6Y7DWq`pXPYeOu$rD6hO(WM6ooBUAltwBmb2@;kmx&HqIUpJ|1yI z*dT|P#mGhP0t+xhYdAPuAmi`j%xP`uY%Swp>F5fJ#)X)wxh)MoXhHb|!Tpt8lyyDf zYH=ZDBP8!>6;TAYsaBb452|xElux+2R87d*-_j-Y)RWjqc~I1s%Qo8qYjS!`CiIq!>u?Sp2wEi_F>zfakEHsd1bupB1SOB z(`kfxW$zl7xn-YYj#J8b_2d4Zr;#+m+_H>e+da5hB)Rx9URDw6nB#Yi3Srxya4AW1 z>0}^YHW6`{k0spTuPab))C&A<8d?#+_EBJ4*mCyDI~c)xb$I6+_I50%9vVK z5qL6pO)jLl>@puAwh?uh#m!9q>59K26g?IB)>55HC&9f-F!8u@E;+(&Bf(0H_c7mFZSgW-0KO18jl{w@KncDOF%8#3IA8z{Qiza-YC#sD1Xl=`24`_K zx}8%cK?mu(j`>Y`%=^W@Wz-?3N}TRh-$l$%(hc4&d%w}`>?$!j-@enB9nwkOTzk<` zhwLg*x)*~-UV-vpoYb35aTb>J5T}aP;Kb`x4evU6e-un!lJI5G-f1tp6P&!}U6CQ2 z(s9#Njy;@Uh?eECu#Xo57&CKzIw25EH>Xa*X6;9LA-ZT@A5U&G9#`9`uuQ;Sbt(VU zG&Pq-L}_^;LQCz82%-girT^|)klS^4H(gtuKC92~Q~i%4{8LBarLP?!K0ZAbyCJ57 zt#2cmGPW&b6(h?B?b9C9qh3k%oOjdZdoeEMNWppYL#W5>Y3rz{;6Gd7I|M5?7V=Q_ z6$wtyM1JryYDCnL6nfFnXLZrYOgJms&xl5lo}$e}l;yKy!JnTlPw#)yuIhc!UEBB8 zjgXejITcEi?*Tun=h_#7e>A5Trcl}CYx>oo2aIWoH!W%gH8IswJU6rD@p#1*E|@x; zl+W&*00|0CZF+rC*`Z4~J94@H;Cm0R-E{W8)3T=kcJC)PT@&Q>au%a6^uCc;Ue!NU z^c$~|c@A_~0wq$Jd@+w$IfYriRg=&`0Y@<&WtOBso)&Q0JJf z``IDZ$*k7q%+{=o)@NYrZd&Vj>WymA4P~K?FExhsrZt2c2=fFR(n17zf!jcTL%j|{ zL?-^E&4#4p3Z%aLq>DJD23MrS^N%cbY9G@j1`Ib^3EByL>a!Bkr07-L6n7@I{}E{C zyleYI*VfrJ1v5lXw^5!VR;@KCFs64)r4u5DfY5wQdf7l~l1$p{LQ1Yk>Py=j+QSdN z#ZxMi#bZuXRc3Q@AEik)R#c{VZYH#=Bo-vn23oZh#%10STeG*A_yn zC>Hqw(^jT$I6LN&IK2nYJDpd+n-{Gi#8)TuF!D*Ig83j8v&x(bdrQ#SI+1>#X?hGf z7OC$y(#6hRqkK<%Dvgj&`0w_5NJ#4uc@s5c#U8wq<$I7U5h8=PA8pqa9D+=`!CjMx z2#!+=P$%d%XDl=65mfTdM{msA~7)*Xl|72`G zzbP5gv1Jq{9bUbW7S)F7B_PC^S3|vO|zj zF}U!k`8g9kU#IDIJ;hFskk-yO5)11f6J5@DZFv5UqVoil96WpD9YT2d<`i`lvT7%L zZYkDfR73i}-!T4APp#Q;9jn;&A>**U>i-zQR>s!&;9v0|`NVj&gI`DQ8LtU^3uW)^}f-C42 zpGRbU>xBBUWAk?ryO%xF0}I2~Y2{YWu)e&+{)#he2kYH$dcIAD=6SjE>N~ry7!fl~ zETg8R9}hIepRZR^9i1tU+KVJ=3R}47I3KFGoS;2_jYKXko5e?MPk&1j134w${V3S1 zWZB`A%&59-GBmf}`~CNuoraaOeSQAh3afI+<;Cf=?)9V7*cz)d?w+qvgGBtf1`>0Y z(ca`f1d}-k?d2=W;Rua4G*j`@IM%2`(>PBp;F>O%)xFWD>Zx!&3ofMAj|~m`=W_X! zE256^irua~zqWIaO)Su6gCTpa*Q38iJF5l*v+!O%O>ikSQuAy=zbO9VuFY{ESFkt5 zYA1COEp2K4xVGPe}Qg|xZ!Nf!vs4HKSF&$w>+KT@=L+|F96Fb-Yf}sx+j_6md z$mMK2EFQ~fG>?=>f*6VUEzo$L?6tj}nEg(iFQelgI!>&&NMy9=rKtzuFfF|NfQy&yS#?&Sj2Q~B1J1b>fcF0Csm71iHGlUm}qaO`hqD@bMs)Du& zFJf3QcPx7Z2KPiCU&>TO)nuJMQD7^X`K3IlR^rG0uC;Jc<}OXAlm%T^qop(rx<@T zwr1!RQQ3y;c4{<4)PVN)Bl?HMC<(T5@bIlGM<$%Fx4%p=^U&(Pk%++CrsYc%Gnv zSr$J`b?3W(j(YE#o(hTT@|FAab2$T~`&HjnJ9AEDWOhRCBgCFk)G4Gyr&Zaebwa<2 z4)29FlE&AgV*j*!NvN@*W1#xiuT11o6vZGbe%va*0TtF`ZVY#;JWXKzA)ABf{&E^}> z%ltV3CRLg4(jutTYW39$tW=a4C=ZzmWjP?MJ!5HAX#9|hti|uCJ1|=cCO-`_IAxxW zP#<>sDQmWO5)1K}V2`lB%s|HR3qP!FUb~u&u-`(!x^yip!`LlA8et9-Bf7mo>x=cF z_32azEZeE+DhwQkZ^uS$ek*`G(h!c6NYi6&@$U4C4=z6y7v`|Ya~x-na2KOyjM0(M z1;E{*Sf#>MR$2c9_h`;~E~Di63sR5n`sQQG?ByCx)oVz=LJZ1r@RIk#E~AFA`pV|R z?jWjB?b&wwwWo$1x|X-oa9PNx%C7hZ!dkggq+b{Xd*${J|5dAlem^g!B z%kaF|k?eSoHJ_bs;*U4dACkBICD<%yq(j8ApXa!v^QNRyjh6rRoB*N4?S+^=mXVc|3^A@JIyrN6@#*!taU0vs~p_so7F8JLrL3_LrNCVv%UZshZ1o<@cpYgrJ3 zj?Ee)yE!L;vnvwEmx#g2!C|JEflaH8+bN#51a!=GqRN(X^qp?pmxQnF)%WZ$_q4;s zir;6ib0IferPIA~Z64;5Za9JptxDL1` zWIbZO7SpN1r3wR@P73N>VO<={R0mw{-j^R&LmEl3Oy?$ z{upbZvA|v#u8l-EU;}HBFbCswGqiQmRAaGPY(tQZdp6FZFcxSsGq^?9uH60lbFh$k-iX z=?ijyrw(vqxSB*38=>K&-8(uDwRAuv3U zI5s87SpNEXF&4NpY&XyyVFEX|)^D{th@gnDPJ8)+i8~^tr$AVM%H8x)?s9j!3l4kn z6AW%x{u_`*F~l0sAaG-$t$^GvtUV-_oMG!KkXF%s0#$9MA)Yrc|| z804a9k)Jh?{g``r6Z{ijJt(d5lXU#m#n`Gp-A_w}=GH@8^DG0Ri5G|E%E`rciq+6K*-#2#T)~qfl zEWVyhbMMZHk`~$L7-%BBug?ni^hF40I2+HFIKMqka#epu=oeTeJ%E|WBoD7x*pLv8 zxfkuyARYKj*VC98jnt_#SIyrynJ0_Oc5R*ss}HR*kWuLkSJu0{r^20c)pS!+@@6!z zYIF+=MOY0dGeO?~zyUyesl;!flLtJSK9^M*64yzIiiE*$dv{*++Akh1lpN*y2^-OEdIf zP#?T9zfHIzhn?hlRVac}DAF*qRs#XFnF1sVL6E`>I|yy-<~idpm1gdp4z8m%Owb?2 zv-`5|WpDpFovGPv6_s5VSD9066F12Za${4sZ34|=W+3-_-sR=9@{8P+od@Lt+z;f`tvfr!UCMxP1o8k*XUXwT4y|wAZ&VpXKS0W-5@%oc2+d3-QZi;ZHs^fW!hO5qrPb{rJ zM5rKLf)(Jx9Xoi*(7v%bqnKJd*K_+NY#|O!dp-RQ=Te9w>Va$S84Lx@uL?39R}m^az%IVT#>6T!kzVl&^^2BErrPG(!%A3w0m|(LopG zK4R3KWU`ql#`^E(A!Pruhz#ynmoV1fn?C%@>N2}y zNzntWzxDdz;7I>|LEza}TYyCljim?SQv6rJo#_9t903*)bQIRt-^$$ovOpepEFuPg z^|$)*zpNR^9m^EP`dh*FU)E^o9V;Kk`ma1G-oLEH=sVUfjP5w=`E|z5t zD2(>kIrA@#9Oa%S34%w4%EJcrUqi#cT>b|zE)kS~75HEN)uaDQ`$l|EGl9|mmvs1_ zAJUJ9_cTCDj07!W1wQ$&RP*018Kv&I-(g+;73BR(^HjK}aRFbP;y3~cT{uAepo>v>=mRqZa%cw!h!1o#_6Ol{0thtm2MvFQ zM~Av{f>=PPlYg4(U<9nGKM0izKzP%49n(X1`G6U{eheNLD#{5$MU~HPXKS+}s#E0-`9va3Cl0f*j3hn0xJwkBYg(C2PBtZ}@1lYlnLoIlK_k?Kw zLF#G<=+G7(;D91^{xl)-0)#l-J46Q6;{}mZ{!K{#JNG8(AwZ=x5lEqhyg(n`rhneG z#|xYhUo!+Kyb%HzI>-Th4I@4f8OY!K4drrKWH6>LM{Iw9)18tSp7l4FcfW# z06V#0=n6mZF>y9`uaQGJ%@NR`oB}{oqU|5Lw*YVwlI@@$1VHSRe^a9W9ygj3aBRS2 z3dIlv5m5fklKsn*azRM;Xd{Gb34%Bf_?|%n1wpz94L-0(dgzrPFi1rG?t!)t0A&5| zK`{&r1>S=j7?=!(0WehO5r_+6G4vk1hXJd|dvN;*_`(01a`}4+bBcy?3xjAW{#$G! zz`;HE`!et>I0Nb?3=%`Y&4QK-gG3Q--raxx0}&7>PEY~DUH-<+#l_au>nW6m1Nib| z!XPq)w5sItsftDx$*lO=V5e%@`!vGk11p}2$_drVw z0QD{Rpb!RxJMO_H3`lj|15I%NDE2@D#X&jLq1~|3DWUv-`sF@5fOz|l0K_d+4Qr-gsSpdXR-2>pr z_~5&sxUfzJVJ}e7+`kY_4nl`=0t-HhyA?68`H%p{1N;A+guBO=wD;TqIpB@+boT&Q h8uB6V)5Cx<$b|s}rSU_cgC@#@2$8**0QCUe{{uYkt~mez delta 31649 zcmZU)V|ZN+)U_Miwr!)aZJUj4@7QMJ#))T8AQfYIgh0{}eQsA3DAHD*V%}@Q4z#Bzz+w&Rni6ry5;L7U-DOEVR|9md$RQ)$KP3GW0<&#bv7JN7Wmj(;vqx;AdPAI)ZSr+$7P=jR zW8}KkOryM}TQ~5QLwhIQuME4S^$N zW_l&Q%5hKvnCG9FyBsY5U+QRAgFdggDUCz%`w2`kK2=LHgoSQZYV#>=fQtJxRgLq9A&d7(F2=l%N(NkQmeOLzn*fmQkr|-*PP&=r?I>0B~w0r>gx|9 zcp*g9T*E$EGdR5VWLxMQV!bgXjD=(&_jMAS^r`P*&EPW%(86z<=5B1hm?O@f5!(M} zm#YGF0mfIh_z+ti$5%yqI7y6z!T)T#2`#AWwWnfrn6Gs;pu#&Jg*-zZh)O)Cq7Dsq99Lb*hSC zZZCwuHJ`=zG02I0$TYITX&RK?iXRwO(=cei+fK6>McFDyw|~wju)hiRGzfk#rU4^C z_5i`nONV>~8M(DFK(CJn&!r(0VX(zaCyyUm$Bn5D#HgH>#~ly0J|(d&uY3+|U8O z9fJ%-Jcg@P#!2~=I0?(H1B;O_x7K`v`20)t2jWt^O*9Gmn*Ig_k%e1aD5YwDF*YbW zx}8IP51_gM>|>)D^{{>aMr(XAq3)g5C{!M>KEv-6OicIxs}za*#;tXg*8pi1A*GfT-Ho< z;`BBMy4(dzc}&zM#yXLSnjcWCQMY(Q&11GG=m3g35&6g;P&fQXoRLRNWuPd878G^; zYZE$$VUQ^oXfd^8eJc}P3eMiP!}ReLyW$*m!pW>TW359F5$A?q8*We4?prI}b|f@= zq!DaNVIr8`82rTt!ldS1yh#P6UfF z&Lxvb*({L0!F!eV-U+9JKAR4vGh3tcs{%IXSAPiEa?R5G1jSEKCg{649x^+?K7hl! z_o^p|^U?2XC?ENGcb0)bU$5og@$DyimmbrjbtRT#r$-%9dYy8f4W%r$EtCv-&z^_4 zh}Olt*L>Zt`+)zA`nD`tQB4ub_gL<{RSQ6^9kT{{GlWgX2bRPq{%4`hqKj zTAq^21m@g$8|dj|9QyP!^buli@2mfA^&W1AZvTLq6*k7E1o3noCZWvT6P%m4@Ijx7 z#;*>trQa_(TC!6CZqzS0T5?_S2uQCQb16-FIl{Da*H5HvzU^&}{6=eEtNT5>x}*X+ zV=M}OnPeaVlehF6WA~&M0}0>kEqb8kS{+9wfKlZdn=YtSH-PL~e_RPF&+d7wuZgjj zb_DyD;OqD22LxQ{0me8UHc{6Cr2%B>G{;>qPCO@2k&vANucj75zg3uAX%2{ds63A4I<$AWlCbCXzlRewgYUYei)WG z!8QkCM-L15NQ%n<0dO?mpal-MszH+U*KiPY$IRUzoPCSo&j!EzIZHy!zi#jxxWDxa zn%G@a@VdRurBOgPu#E**DWjDKA}=TA28q!Atfo# z;6XrO4Kqk>z;FQ^OkVbOIjQUMYb+??SM>LUWZTs7u3%&X(FU?zo*IjTEzSg{s3R5j zSjvl@+hak2p`kOfr28u`z0Vi8?0_%7etGY&!Dv`UdI`FCO{z1U+J^_c>vyRg;K-fj zXjUHLesK=T!^#($M3%jhAM0=rRL(|7TjHV}4o}lp-LC+IFW0NmFjj;qb^k1#%{k1K z*5tWF=eLFq`5SBkGr_^n4xuD$5nP5-Gc) z1}zb9esb2TndLyY@|Yx^$}5Ga1k!t*Q<~j7Mgckht9-ymc)0s${bKqWL5(Zf;qenC zTwME(dln0D9SkRE5j8|k-`+QXJdljKM3kZUNH#swYure2b4%$GlE~j>6nwmz+dqT2 zhp98Dm0E52Icu5+U+&aJFLg&ICYKyQ84!DIy5&CO*pGZ@bKZ>Dp<=Vl^h1=47$;mS zr=@21TQ9ckcpv$Jj~`TRSM7UkE+Xffga$y|L9QJ@>^IXB`5683ZHILiQWOnjqT|^cnL=hvpuklT*8;U0QICHCSq%7 zf?Vc++P;&>hl{)1moT+%UWCAn;zqb}ceqx<_Pmw=ZfT4Z=@v!W^Hw4RWKT!!?zE&xzs|_E;GDHmJwcjka5iA!Y;#$i z8X!PGc3}V04(C7Zq-;j7v!H}s!TUoO`RaXa4-M(a%O7v0&Dqys>cmShjHjh4h@NzL zRu3tXpbP|GBvDRzS`^Rj-P7nEh0soZ%_!=-OB(z_N55t7`sc&-Vk)r+@q}*fSN!ke zAr2pdfcHio>6Up!vtdxtGS>y1c}pDIH5QR(YG1%ozbs=K2~@x$)|nxzs!o!X^YJS! zR;cH({OAHZg3fYIqv~9@aW1bIhHX^PoBN=zz#N1>6m{gQ!JEV${Qo`WJ*G=WG{ zn>{t=YP0eqYb30DJX{{imQ{1Zou^{38f8m$9JIOL)N{`pZ=RVb^_>5^l1VTQ{X>5Q z_zytgz;p=)1v>qYfkLH$Ian^cj9(8we$8%^MOoezGHklF%5Ks`%Xt!oCE-&@B>lkn zdS18mIpd<@%(GiSC)MypN+PjFEHndtU8t9b?>M`Gy?I~q*Jk}S6qg_hhb=B4-ry{N zN|J@;8lrTC)HUr9Nqmqfn8hhMux5Z4m95%8{g@w{#po*3fO4vUAQQIQg)Vv7EN z30VQ(hDPH-q7UMcHT*#m_wGisAH>oFLuwdm;?)F-oZ8otjw1E-Hub9yswhEN61IXb zbbw>j#qbAo(-K8L7;NpvUbF`l2uNkhcWP3AV_g;t#_%@ts;AY9A>610<=$i?zN>#5 z!|PpVI$2z5W2+(Oc+aaMd}LG%dxkV}vvbj}` z_&Ogc`6^zR6BKjF`mODLYSzik3gAdz%{q266U z)LJI~p^F9Pv7!;i!R-1*`-|&_VZglQ58)rN>!J=H$y(Aj*^A8qs8~^B97ESbUGPjJ z@ZXERd`b^Xf;lpfyiQ~2xOo5JU@PqfEW_l6c%@L4;IZa(gefJ z6XUWUNTzi$7DZ0uaR%@iV+Jtii4nr*q|SI7j|x7pL;ar4_l%e32>Omt4O&z&pWjNl z&AAS_J(HowLjbH-FwQj0&u!#jH(gCfw4oGmV+K`8dN3d$_Qd~2MoPRQ6d<+#zh#s5 zf|PVM*K2tNf^`vH4&}5TQN9+A;}N`Ep5!PpwQ^QyA9=sJ{oWKg8+?=9y!6 zyV!@G(u?mwNc^y@#CmTPWfod$;*E|i@mJtmyo1Z_5J{*?AWoMm@httlAt`*U5T$voeF!VUAp( zH+P;%#m2h0iz_&zPsw-h57=HowD>ZQulb>*yi0Ey?O=u~C$9iiGGuc4?twv^-oIXE8Q87w!#yz^si9e0lx4MzObA!E~`774JY*iR1VDVB*P1--8$D zqJ=3&ez6<~lyJ|Sj;Y9rE6_%&_#mm#i&qf+*V6aWBH(_BISq(fYjxt=aas6L5HV#) zeRRVwml9hH%=~+v?r*<-wze1t>1>mI^$*w!7nv5daXxi1t_%rekyLH(f@YLbGEB(u zYO^w%u0?Dz{-OO{atjQP!5lS(ObIRnkq@WpAn_F-SsuY1j5PdaLF~wLw*!GV#SztX z1F_{KDk(^1<-}AP#t@9^1|w6-D+Eb>yr?73L;N&<*MS=hWyZyNK*l2y!cM)M97-qJ zeTfYB8t??&G^?xz1!w#;P^|zB0@8-}-v((Rdd*UomlNmAVHh1&QY#5`bPk-k^ypGDVmVN(T=*%TY+)Gk#06iM4{35fMW4g zjL%HAm81c)rQVV`8f>ib$e@U0b7|%=YJwJC5l@iSFNHJ?5Rf7RSDL0$f+&LP$+_Ly zJ0vH+TJE;~X~1S4&j|ovIs{@@JlRtwMX1pCL{d6p$Vst2dY+t!?3ySATjLw6OS}c6uJ_^>P)DJ z@mwH9g4A(n!p(+c6CApnTZgt6mZR8ujv7hMrjyIA%5AHS!1(jiIw}?_=qJdtjFOue zlxO=-kp6l{)booc?4}|eMo2g!no{#2C=if4^#8=f`#+ZD|A>iU8~rE&gKVJk6wdvs zvU1%Je}ojvIcLoRRKx!a3w_y1l{YqyE#F|nikEMqjWF*a{eJw2pijgLq84D1VfPKblby+!^ z-MTH*d22;E=48aEK^F4lXe=X`j=TY74N4q<<~fPCEi=j_zD+@ZTFevz$5`pkUnOyy z$$A8?L`$wTMVM0Pd^Fmom99g*2ujd?Jucpj+s#0*etR>Z`n#Sqfa|Ga!EgH`nF01I z`AN^G%r_d!tX^2pK!6r-KP4AFk4D$kALQ2Cg?3!bJ&UA5exN^0BbXk9J7HNkw0nQ- z-B)5b4b;*Xdu!}Wt9&GzG#Yw;zG1vsIrJno?Q2$a>v;unkfIMrgo?;fzW@!Y!ju){B2~w6t&fSxG8!Rn# z106aV@ON$ck3pf3M$JebzJ0Bi-eZZa)XWkiSnTu>u{pWwys)pHbqg^{cg8 z^T3&*Fob?AJ9N(TYE&^t_zz;Y4FUnQWA`U{+?lnGNbzNI(d6i+dLIo15OD z9`uh>3Ec*M1#Ed&>tkV>4FLqbW!1hS%v>mRs7Uai;KNt=t1s*dF}_Y&T?WgFp^J=U zT&iPE=LM-&D*TRd?tVoqS7KcI!2|??yglE_wpe9u$pMk`i%)XP zRkEgGW|~7H26IX}H{Ob?K8ugjO0d3w7U~8iX&G%#tt815?&GPSuxp3I~Y-3nWZb{Q4O{!NOpO^=&u;s$G+awb1 zeh|#{W~_}A38XMpGsIKk<6d|5yH5p1k0D*w0U|L|&{fmUIR_yqXAAJo0p z4XY}6Y|zXcf$j8O68HfxrOp}vO1NSqD)F4-4rH3&6adZtTxSfD>x05>ZSZZM?Zog9 z_XE9c8HVg$j6eD)puO{BZ;>sdez1qmTs&#Fj>F%;xKTI!mg6A=(BvRAa9%)IGwSSnUHy@0d9s>JoVAP5Vwh~noH32h`s_@%-j-<{6jP!=-E_t}tmvk?^JBfn*r?p3*e>iwCzVOrCuozp zT{i?A;dFAX3la#(g8aXs!1iw_sQ1Tbv!HZqoeGg`gMXvoh!WM*&{BC+)wpOC;2WmU zWKp!YOldyty;?E;9vwPUIAn%!H5t3jeil(h6M|jJk)aXpgi{o#p?>&d&GLBU&ZAK{ zh^zRQ3@v?n0sj24$=%213)!LyF%CN@i~1KaXfwqsnz=uH5VL>+{sy=_3{_au9nA}J zf7RFnB#K`&QTrTdp<3k@+7+w>jWj%86O!{FtK=05wPg?%>X6@x1+u@J9Yd&$+*ym3 z@PPh|&)C=?poN1l5V)YP7_ANMsq>Pwa?-e#+Y!3A-gq&f>aR%F#iD{ZEU$g;dH>oR z3uB*o`ARGiVwnUmW!`{WQK59Chn?1|Ehf+INn)@cJNKwq%sj$sesOY&z{e=k#46(8n_Ye|KkNvd^ zBQMUG(3`OA#!GP-H&R&*Y(%}G#m2lh7us3aut15F&rn`)=WJfzJj*>3F5PNOG@k}5 zk)^`9dkcDRZ<9)VpP>%ljk2>bReO;>0HxLh#nj!Z}p5Cr7E zx=euy!~hJz7NekQR@G{58fpmqXK&=~n}n-+UgLAYrPW~~`_KsvvjO}<6T}aVl6Cs{ z1z7|sBmzn?}Pk7hB*&8*dCbUFD)pdGFU_ujjn6;E0!c-mlK;>Mi6UQoe{ z4bm}Hz%GPyUl#+@H$3q@9S8oT^=^te;V?iYH9R>Qsx4IBXi)hpEe=4{j^5i$FY=JH z<@>g}shLlf`7+SooLyK9rEY+j(%P6H|BK(_l`2_Gw#U9o!>I+`;aUh+#mxJU({wWZ z&1{v;poxQ;ciyi}PQYc9IQ7~KCpKJgST}%p9T|O2efQ5NOW(1LBv8EO>^QML0;kr~RL(|`knEUaY^O?6r18Od zhq}#0&lA{JauPgX4v!6CmZ8svrNxbymX!)%; zYG+%W+#So*H5tM$Xssgg{{ zfhOF-oi52og6Vnx^qZ-W^+@0fI~6zauLvZthLE9@b!5m7MSl`Ll&cK3GZNsm;}PUt zg->zMv-gMO?hZUYtq9#JaRg~H3HAdAuGnkvDxh$xkp2k=G#m?{90^m^O25!uRr#U+ z|8>RX%FU==!IRHZ^88b$C&e~@=wj14$5`V`W5oyENwW>&0e;)^SU5T(S;32)sJw#k zG5JeZ+coiP=k}DLV!~E-@$^S)u_)v81>fS_=<&2^TT~|cm72&~IfF4pifxjIZgK!L zRQP_R<`xKI86^jMI(H#xab3c(<(VOG_LO?-^BBY-Y7^%`Xk)twgf_M(Q=rjFd#mHM zv*Gr(<*(vpu|+9CN?_Z~ZLmO+C+kvF!(;$q?lJ}>d6YV6!_YvISH$8b8|#%80A5#q zU{5={+9z9E|0k~g8RRZu+#Fg5aPXwGVSpaFfP6#oaS)Mx#%x#z2g`R}B`TT9`yt(w z0g-Y~_h(v(HvZv|=-Fe#ruz||*%%$XKU&vm8)x)`2xozP6r`j3DkyuV$p~?cjb8BV zC4)g9G6H-`l2q2CeAC?pm2r+j(V7h(tM_Cdo76K69Cjic3CL@j>IrlKSgJ9ig!;?I zFyyLp!~(}W9&k5aH+qt8f^kQA6Ua-}i$}ZkIBxYyBG3)wlbz0=;hALw>RQ73ZAv z1Nyele-)PWVSqw5VyXj5D|v?K6QoHjvJ@Py)qH5?E6^PYq5a!;|3iMa9fA99WSjZ| zQ2$00OIiX8S5c}t`_iiLdUKA0UTr*KS0=-G0oY!JMWNLVi|(_u^B3|w;;SQ4tQ27$ z(5_eqo2MC;Zr0Ce+{6S9nn}B$B=>4YogzJz9W9fa!I%ArMV0LCnlL9Am>Nc>3;hgq zQ*TC$rX;|nI6Pk(S2XVvC!Z-Fxi+qNC8-R7r8w*A9y=+w8ct^=1-4QaajMlOuBrGS z!H}cv>S|u;69&*70gf&7tB_FiR;3^DzT?p530>*hue1jJP;#5%`GV_({xr9xpxt{@ zOu@Z&`b$EX>gcZzPNp>RBiTF@f)zU&io`yF2k;aoKZc24L20rL%y|wpf*vM}A3*D1 zJt_HlTNqam@9Df9M^qgF1tSZK`Jh8eUI_*$d|v*)g0YGB<8x@)dX2Mm`YRa8|1Frj z$3BJQRc0vrOw5GNXG%G(!QX*hD$&t|c-%}(g%VjqvQePPj zWPL4N7ppws|FOOrAnW6E{$3~=1hdya=Er_F{q1C4CH)@=<{YGuW!b}2>nP`9e|u>> zk7Hp=*W_i?_-Xkxgcy+33*Z)@>E?v|3xe6$^|iaQhZ;;EGZw^c03-BXjhg>h9~Bqh zr1fR4Ic}K@TP!6eW-ToGW>~?JZU2*KL-#>i4QW=!UlfeOhi;YZ4y=~iUJVjxJHUrz zQwQ?+G04ZLrn67aIiP!@U&lcgYkqC-m|OyW9OLz zd&WcybIwm-ka+BXl9DG+=^ex$`^}ii?vEVpbDYX@73;y}uxrV}QuiZ*2|92Yxg0`4 zX67@_lkcbV=I34X8NJ|s6wXHDeaNHN>6}z&$)TRDG`yk%*p0G_rNj*(0zh6>8Az5 z!KL&#PL=@y^9sd3(Q*GLy8m5g9ubHN_ra~i{Zi1l_p&DtW7y*X@@0ejO+F7aVNp>x zN@KK$&sR(SefhljA1;O!>hcR}7(SpbRtn<%rxzISPkCLqE~&%rLG&u~v|m)h@+^pj zq)4}JwHSX|9%>#J1T9mfxO8W<>1S2kOj{0O?;E|kF-vo7NTzGKnT3Zsm z3`90ZSo()}WuL^a<9zYE0``Y+lSHH99sDqZlwgNEa&Xskxd4MGXA7x0-y|) zXJ1v}pe;4sf_`3wmRNpUW#ZjxGL7E4^+p>WG~TfobJ{Ismbr|-ogFafF&|_YyL&dp z{g7yq>Hj`hN+&fpi7`2NLx)EK;A#N>lQJ99+3E2C)8C6~=aWWx?DD#bV7$nbm1zLq zz`lohfEE~6h)HSTLva6Uhk-}@39xhX-^@PrsPC1wjKegDKEO`s%+J;=guQ7;zg!niGol6WMt+zoKRs-|p*pd6Qn0sYY!Kpq0D69*3(M4E++&0Z&9TTDGmT@i(|0UO74FpIl}*` zE%=alNl0r3WczURKDpU5w=)HEzwZ96E$G-o-%-4OnA2hZ<`U}-sD&~+z?B=%!KysK z?Q{ysv&a`xP?EixjCVZ)E#Sai)A5xK>8mHqSa>?^ljB*X0RUU_ULX8#A%`4w;*BuU zI7r|!5>d6G>W?Pnlaeew%I7rR)^#Y8@IY?ZgbqDFLva=YthEv%K-F$RB3o!eyVaEs zWYT-=5I6Qpk175fay+#1(wEE=JEY;V25W0 zSX_X5(A)wVlAY!nrJ-X4|IV_YG!*jM z2v}E|*xXy=PI%DQ0*?H4yl-?Qq;Ec|?N!k6MMrdbS$=|}tFzja*=RPq8ers=6e##I z2m2-jNCuo&FeU_PD5m5?Ov_pLU1+tJp1++LBUVObGTNvi<}^5kt4SfY`N#88O%#Gw zc$5dAzu+#qMCS6_K(95ycu8p12;0#d1d&m-5SVfgN5nW?{=kF5;-tpCZv=PfhK_+o zKvl;I0B>@wvVnkeCu*i+1!^hkKL_gj-{Xhd1Or;_Z+bjw+P*{IP9`DT+ zquhTmdKc-@9K$mB>vsd%_^q0nI0MP0t?Wf?k2-T$>1~uZBs)U@SeA757@kkItrH$l zUbtKp;U&&FtUtfXO^0s8njBXqgXJ}^(Es&M-*=Jj*L6Kw%V=4l%Gy^ix}s((#fBug z=5oPO(I{_^?5hyBIdC3XGo3}^p|&x4t*@wJx4l(WaqQiHlTkD^9ll;;+x55ONI%{r z3{bFJ>}b4z|0o2^waLg5L23GgDQv@xLw!@q7<+7FIL?2%m7k&NiK4!-+y?ewCpJ2= z{3gVhtjd^w%#s0PG1qzXy*wc7Bn7UexpcdePrHN(gIu z0ybNpK*vPgC=CJUf3@1L2?qi)O_PE;hL=Ii^p`oR8zcamF2A~kPn73e3a&&b2+v9% z(dCTF(`5ntkwAB6d3#sks*lIo6rOl-%#sL_GoJH_%c-HN*BFK(?AkcxMZ8@e3Dml8 zbmA>WMOWKgDFhP3bCusqDxdHSIz%2l9k;8eWQDT9kGQ}>e^t-+ukEwRAn-ZKC{)M) z2nJB|l~A@gRXs-W+9<|+kx7S@nP*5+S1%XQK4rzRX+w_{qVY)n(TEs%NZF#?%NtpA zW0f2il%g(_ACF#ofJ)L@i1DBsQYhW{d&IwlV>5l`5ptR)h6%3+B0x<^?P{ClZ-Te6 zG!s_L%5q#cqKFA?L^^5xRAKQ-xB4K<0R)0Z|EQ(lzp9r8$?id8IP2SJ|8q+b&H0ks znhz^}&U8Yt*)Df=2fbMX2MX6!OE&3g`-g}*-z9aU#^&=4<;~9L>^MX9mcB@_l7N3> zGr;A8K3l6tt=87yX((sGJF>G{N)s9|5`OX0^_ii3?2U}-iT??WU_2~b!M z?G+T*wZrE_XTLJB?buY&&{iod*Zpe#=sfR_#^F!ro{Hr@w-rKlSNQw>Y;*;MH&sw z$W<&D;f9oDai*m)tlDZJ_j;9~0Fp^9nJDY>Z16=a52pki{E?oF5aLSl`_^UGqgXro zHF|+7)|uXnQl<>L2$3SmpODV!_WF?ULg;M2wA$Gz82li+oso_MyQ!V8(PexC@P6G> zxzxqi;UrAlL-qB8dJ%bw;TPTy?C0Iy<=u*P7&;LA875g*j@DX!ue)F)CLfXfQS5-q zk7w9a&@^Bx8(d03%t z$T^TfJXB+GvC_9(U1R;fa^Kk|8&Vx;z7(B=3q@xOcbx6sw_`1bbp(hs;zWcizR&DS&sAmxh<@)kvV|yglJOvbkd0gNs>ChJFKlBz(v=RAw>e64iuov(@n$PpL&XUICQSTCaenu)$zRSP@iC(OaNJcTPbW zBL)1gQ$vRBl%d_ffv{7w%TwTSjR%Th@7tP1kS4Hs&E+W&jc$w~VW*hjX3qm?^Xr=j z8MbqYrpd_{LXaD>rNy|k4Q=<}ArBK;gU05;S#%U`{+ZaJHe~tHAi)E5}k~3th>UoRkLkFq@0xc3OFrUE_vx ze0==ZzS`SE9JE&gO_UCQ46Uv7UlWz6QvDp`1a7BtvJQ|X+Ye7`t>48rNr3`he@rWp z8SM$lyyFE@UM3^J1j)5uog4koJpiLR?-b2)%y`oYr!*rCl1b^j7tchr|e}r zwMd&}ak<@~ad+zV4R3};L1gA}6%{$uG8ROQh{ZpwA%3#0+f~A|F9-6;8?^%uH*#D>6-PMWEN%jd_Wy@>YyZ8z6Z{hxZRDZj0Xj&Q% zg@S|DY4CUgE?yM+zq2bPU=9nwK?$Qf%htRlKQCApXVzzf#?FV)Y5nOx0!uw6E>RgSsG2eQ|9A5>X6Uq@iS8v{U ztA~t!u_souoE#Ij_o}MyekL9hyqMU#`YTt&ab#o6sCE_9=BFPNEz=rzu26E$Z!Ou{ zG?lY2JCz9Q3sY4S1LwV8j-iGelZ-QMh0?>Ryt!csbrQ* zLe4kkr#NWXraS3NTJ|k~_m`{U6#V2+U4EGu&8z61nwW#iI|*OQ8~ogoT=sP)fz@%p z!%y7llmjNYCYAJ`F|z^+mr|?uw+3H)EIH$8&EM7ydC#tFnarv} zKQg(jJ`?whp;{mHDsJg5Jv2iH-cJPqjh;n30xgf$B@0DqLc&}CR0y_0l#S$zOe36A z^oFDXriGc|`tid#|D~;HT<5yze73qa6zJe1)5!;kO(FRZo>CS0V~xk#m@j@9E=@He zU`o$h3zg@2!h;OXDR17S2oZ8H9Z(BYKQ%yc`;6*RJu*Qm&R23GxPlOJO+=|RUj4t> z-ud$=ZBs9cV1G&gVCCzQ`l8U#imlN~T64H=u*1e=V5s5hf}NKm;bpJaLqnUiIz#1^ zM0tEkok#CqC_>T0PU!uEN;WBAEw^Pev{?!yVUA>^i?mF2D%W^Jf@aI-F{C44aA@Md zGsI!%Oyg?vu`Lx7v22aq7Z~wwMWOm)Hv=2A$}grtGH-SOO9p{)Bpl`}Z$m0ED2bqu zLpAzCfqw`RS8DXTcGqnA`$(PPMKt&YZ!&R=osCw zk)S&-JhgS#6~U;emqczHM=NZXuMRRHEDPbE1yzb?l*~I0r2cjTd22Q_iubPR?OYWx zDU=8J`-U{NEWSd+mGm0QUITZ!3;w^I{{K4;|2wf^vmyVTUR@e2?*H%O@T(PGQqmGP zRP)%H=Z}U@=OraeodPYOA9W9xK`|M!Ep<`3Vt;#I_h{`K)z&>~R^^<&4#R(I_WpG6 zSA8*-onizNwP(}UU9TRPsZW-(0b2xI<7vVH-RQN}mDs$MqH8`y6-#^}N2>ZlJ7x7B z0R#<<;2X=I@yW}rVOEAJ@b}rO9HnJ49>|KS{ybdlrRLy~x#gkVUNn-)HHHr@b8cGw zJ=5ljxL<6ahOgy(aD@Ox{~d=z2_vm%Ikxp8WRQLZKk@kVG#TYzc+=nk{5|JvO&%TW zi`>Jc`iPE$m{K8OMQHb2%ISP@|-Lnse~ zGF1Dly2*FUM|Ee$~eG=V0doampj{womF|Hfa8A6lmX;T~v~dJYlNs>&)2U}65gl1FG3 zj2T;TVVA7=e)Wp*jie-cMiO=!XL8~$oAm58rM&xZVXhEgPfV7;sgCty_4n~n!pKiF z@3q8Ik`_Dd_$m3K*U4AUvm$k016B)uV=K3KI=56Bx`^SM%x`3THx`x!y?m6 zjcM_*a3NA5i#)i9SBOuz{N!%p*D+e(#6Kk3W?ZA`xd3~n^}xI~U-U<)52JVZ*Y zf=tJ49i|9rZy_f0JmS>N^#(hXct{ucXrCmnV{+x&03{SW8mi-SPkjV`1dNCQnAKpS zQl)2i(}n#q-&X+eZBT~gg>5aNSCX~IqFB9241{Cn?dl#o67e75gO;F}>vHXVtoj>0 zHNe8$z{zPP@0VKj#H>_~KpD+Sb=MoetH(l0%cGR+O)i@4BArCWIx`o*z1Nz&E6v5R zUui}bhAwL{cJ12h<*_`ZMv(an>PsXrT1rk{0{!SBiUtA?J}Sri z9I$F~3dn2HyLh-e0w{;upan?6v5sKLpddwVfle;b_^QNE6zUP7y@~iBUTgPI?hq3x zx`@){NV1tzcoFUu^UX2NBzNK$J3b8UyY*4|Q%<0K_~(0IaU)I}-;xz%nBn0q1NfDe zbb_h##P7aO5%4=xXL6TY$)A}kuY5WxhcF%2HKiVtL&0*|3wVD5>56Si-z6E~-_?$P ze)FgCb1n}OM_8n?LRICxeRe0Xb3kf{+@Iir4zuIp{kXa103M$c+QMm`Ngh1WFa&4=kIy%3n_ALPkU+)ET=jXE zEkd;oVSm~c>&^DbRK%Gg0SqU@SC(KjArdQP&_-xgqYlHX{7D$h<3^4X?2seHFHhEeZ*u4*G1)fPKZ5 z{huOpqB!Q6?Hy7FWf;12{LQhjfZcSc>JK78#lKn#099*Fk=>KRKsf5xA>W!J5&t<< zwhh5>FUMa%%kbXQ2Dq`&kv^`UhQn1kd_te>Dfw2NZW0h6+t6kyc)Q=er93=hIYLUv#=#E0Gk#$)@0kxck5*IoA> zHOGk%EE*5RSP2HN7c?`M#MpQAT?b5Sh$NK+$^*u6;tlTl0|H`QZf>1ocO0Dpo1D#? zTxh!x_z^g>XLocnbCKupmpNdb>8a3CE%JAO+rmwe`$VQJIQeWsxq*a)%jKrho(0;y zb>6?jCj*7$A7_#K%UODW!za>@Itm>IcqE~rRpnAq=|F6`&oe|85B%oIYVosYp8_c< zam5PNi>kF}#EYt$XsYnm@Y|gJ67E1iB)_Iw=ABPQLB3EP75ss<*lCV>qXlj!OB~S> zu~4<5>V^B*x0}F%C0x2V-eQsO)?*N}J^b}}ig17m2-fRzk03!B$y+FjN)ot13Y5_0 z@~_g1I7m7eIgL^>3Bik{lq%I^P;Y0+#LZ^tZV0&~HUNJ4at!G2E4R_va$?c^BJ-2A z>Ctxd<*%`2p+1(7+b{tQDb^2;sSstdHaa-O-$It|?4QStaZ%RTHp_IUX8n)Z- zq|pI<@+tYxItuA^-V_^)shgHd=E$en|1h5mqDQVU?LsJ-IKOgzNS$d+6%4l0DK(IZ zkQs+W@3$LVNSlk2bI^PlokI7O@P^Rtvo`DH-8x zr$Ld_uOp~t83Au~SXPZE6RM%<=utu!(FwMc%jFYY(Uoep60?Ya$2zztJB&_iprjss zR+k}{gfKZ=x+r`w@zCxYB24J)-CQ_!3 zuklNb;G#d4GGam2u(*@CoM(;^vvK%PD73m+C0Tz6)euo2eZkit_wXMHF^oMY^O&rU z!pGxRT;ha8?qutQM$8fcKsHrA<-owbH?Iwc0 zyT#T_Mp|dX<`OG;cu0YeqJ*=@D@`f0$6Bas2-q5Ws|)`O_Cs?--S$y8z|5ZP*J>;x zz(st=R4|Qil7lwd2=2US%OBCv3jqW*4cUQ|BxuB%USS4~0ke-<&0KtI-K~)MflK5~ zdAv!cYF6w%#%>s_%RMh8gK@knZl5 zZfR+d?vPUH8d^d+hE`IfJ0+x)Zlqi35=2t(GvM#z|Lg1K30`}@XU}2Wv(GtuU2C0N z!GyZR86mApD_)QdFK+vLQweWpe8Ni95eSS z%oZJw_M;S-hY#_22LmD&x`33)sKRQ|(Hv*0V_1lK(dBz3(~Ym4ts2twm@yrXpyNEM z>&c8J(e@{$!U2f&rD95B3!X5Sai^lAfeO2lH0A^!F}6Y;fr;3n3%gpI80HC~#-r-5 zAHDNGsUY6UMP@Frj$;ncMSBUv)y7XjLQkb4Jn;KGQEFkoIr8^ca12Zvoxt!Pz^EgV zJe3_NaBu~8o41hr4gKT==XKbIzTUiNgx{NxBy3C??Lq`6PTi*mC-bm#kL8R2Lfvlb zQO{;zDE_!oXPQ0`B+6Mym&lUc`M^`yT&5Y?1}9vW$FnglAO{4AmQY^QQR~Pn8C2tE zr^{nSkG}b)@ZO`vY)DA5*ewdx@|<_&OPyJ;9Yp=m070Z#JDB*Qw4r^ORi1|xw~!K1 zY8|bM)s1>+N(?=HE33v<5i3~d8%U#!4srJj!pdGM!?u`^)YM^>=X-o0xy7r0cuqQj zc6;C2P*F~R{>;CNJ9k9!BV(w`R8jS)3lEA~$`p?vMf|PuaN~jc?R#}Qg_eWg9O$wB zy$};`u}%ttfHFGKU43&bAV{SANZ;Sc!DH1R>erfUGpa7Phr+nmL2S3sbH?%0Sz}H; z_0ms2a53!36(ZKaK@ZAh`?f%UWAHtxtwTV7d(i-J*^$X62cAr(D7d0@$xm*#FQ-R%}-4qe| zQ2#EKz$3DAdJJT923_Q80z`@_5voX1lpc9pL<;AH6)vZl4~IV3AZACC2&d%)q9=0Z z*lSnVNE3`PxE3qBzLRmJ$UPK1Swtp54S?gus%p$$M44--H9S&;s55Ukr?)J4`LOC8|Ch5-+1ZUX;*_VeT= znA7ww8z%nfqnYj8gRnAP#rz5%EuGtDkJl)7YfFF0ZmVY?Tmns@U12M_F0`~D?^*Pgo$NUDp*LJ?l?a&>0#*?&zEzSb#(Zf-$dACnv{1)+dB zXb<=M$BuVaFHhgD%{Irp<5(g{rv$=BoEv$EZf07gAztHhd}&&^6UFa$VsS<7Q))Fx zVl$g*A2_mx&b~8xV7ByItB;7j$3&R@>xLY1HBq7>Ykk+3QW4!_XKghWfro5CALW#{ zq^1_y@MfH>H@+`f#`?U8Y^=kBmwJE-{NI5dxm9 zZwKxm;JjYBusFz~TiMx!RC5zKL)-~)Di?*e#0fD>39~dwH|6UV&2?zvX0g1t zb`~`|R~I&gzPX50xBKK~{M(pM=$ycJ4dM|frgKr9eEfC;)wgCl#Hu@Xs6n~VH%E1R z!HnOOjyu3jVQ{>Qd}t#Y?5AghdSxRT3q4-!E7>Gh=Bdg zX>@H!dqj4JX4FwK;DBCTJN!}l!_<4eE_LZ~bL}eQV|q9Om~+{i?DpN{N8L|HkWh{d zUALu+D+6KDygBLA4sRROi$F;cOW`?a(F&RG1`|3B8D>kj%lG536DM;xP-{%|#J+n! zAA+HbgNfbCw>1x>ydDL2Z=vwwY|fUwsx{e!&pND6$WvWI7nNGA3+kMg4)&zV=Y23^ zQdqefPJF}qkXzrEj-v15SZV;+PIO_0%E>j{#N&Vvzwrt3Q=R>#!ufMNnK5YvF}LnI zgO?(C3;iLj>isgVMT*Ni+_8q}4{ptz-RE3}jwu^`9>NDApjB7+zg?mNd=X;sN!%Za zq2yHXNRa=HTY69-Aq(Z^JUJ>Xxw>>D0~7uiw!}~q(g@qew#rtu@t6^@`R%9di1 zda5v>Q#}qartOJJ+)U-Z~HF~Qe5 zV{G&D!LDvC5EBhm{@i*&G|Uhdhyn{+>S^(P+PL)N8_?j%^g_GEzA>wq8Fwk%)RSMT z3-_N|40u7vHmbNaU#Mw_6oAOjjL-97bLf(hrz1mimOyD&>C4^|_qDcL0|jM=3nZOi z_>i!rPU>J@?PG!^XoF%RAH~!T=k9Sr^pC!-!T28(4~gCZ2IRDd+PytGwk4sOt}#Fo zFrKJloH&JaA@SBNAERW~c^?Z2ozbc-)$0i`H6qo%IvQNxS9okN)ywaORFd1&*kG$w zDrM(=AmC}Zc3kvI#t*^eeVQp1_Fly!C&;I61Y~Zw>LiE#es83AowJ%mzp&f1BPv(f zA!R1AaWCHH5S|r-y6po4je8#UyR%0i{+mp=2UEC z|8#pK7&*;>uVgU(TJ0jhh9SKP$m0qB5LB(%h@hI6hHDqbVcp8UJxaOPpM|^UW%ymb z@yQsT{#D)8jlK7njqNiyh4``g;F%G3VN2bqw@oo_5G3{y?Rlod<4MQ#1N38_2<`3( zp^>!pnnE#Z!Jk}iI*Rb4PxlGxDqa!WHFe)Ov5Sa|B{w1c{}?U4+!-zO{}?Tf@ZaoU zGh9^CFf+eyXnBE?Xz=FL{SvLg%;KOFGP(=H!ARo+V@ey@je~3-VA5~hA7)v3qK*D?0^@eyq7wac+t`B&o zyih@d=6uGUpYEm2nZsh)TX|ny#uNH#Qt8DsDp?WaNjq`X4f}QFmfWoD6gwnqLi+Bf zi`X;*p|ZX>vC&>K5fI?QMg*BMe<#MsKp(vE8}4184EzIBrFh#_3E*;_kLrG6-0y9t zXaEUbcNS(5*#O2!a#RF(oyL-yhKS5P=qcvE2yW;>uR* zim{F7tC|Rt<_T%tm!TW@avv;sh^B#*`VI+9XN>}k@)u7(M~#jrJacOVDycOqmyyMC>-rfv5{wa#5Avwkgz) zB+OnX_733yH4ECD%kx(>Q&))DFKnZYxD_lVzi753fA9Tuh2o(urGFaCJE&X$@!qjz z%;Fn}HqgH|rXYt5m}=J*WI&R8)e|x?&d}>rM)chD(p*mk+J_%!n7^15yaTek6VEcIhMg+$`D6^T9dSd~fDU&x4KU zbupw~=-ehrypT~kXDMOFuVpUOVy~OzEIqM zwR%zo$tvl{vBFydrVa_qINLZR<6J@eY##S;dt!6CXXY<-TzG&G5K9F2i<~dQl`8DK ze#w{;BN72=2Qf=6no4njPg>ET%Yw|*YRQ@}i83JaGgX?zrOmHQTd6Cm6SuM->xIgV zC)-sx_|X)cQ-m|4(r->gWT)0kNR^c}y}B`e|M1IX9k6~jFCAt`5--77l(T$|Bgdy@ zpMa`5v6<>U`56@3EQy4M72-Ly;C3pg_7vq=7PB9+)r*14hMQ2j(C8pH!{5flj~H~@ z-=D)lIGN7dleewRs?i+J)MniR>ldsivj=!@GJE^G@nQ_PNGkOulTK(J=j2%*+bbI2 zs^{pPSX?5F+BOH{IhRW75|WsVou!!b0H%#onf|uchxrZUU-}#u!icIO16Qr+etdd8yx)po<#egf0#Dc86V4y45xBSJsD%Rwu$K3c*UrcCtcN}JyX zC8|48pju-fE%G^Yc3^7QR96M2ISW@P=LBj6#eUc;f{9R=^Ld*A}Z%DO`@2;FwPrOG%?B_bM(_dZqh` zJ3Ej^59FEI#$gW|0%fD@WnDypiVUuayTc7wX^CP~x_JcWT$0?0WnKoJN|QQh-bekR zJau1yWJg8+H1k`QM3^1cffOYC$fsRRBJO)cO@doCFfVu_`5**`aHGYW5dYN20yT-e zZ2pY<=Aq3mb}U#+aDQL(sX~<#B_0SXPEtiP+H(zm2eQ+1zB@`0(wX@EircDH>O^TR zi~r^xNmOu=x@IR%dIi{FMP70%RFLZ_IW6{~g#z9mufgNpQs zd5+6y_ZIol`?Ivr)60vC+INlDHLfP<+D6*Ep~jTJCK%1uv_p8ie|8+tCX;GO7Ji-u zubUa_(((t0;1bGZ-pp%zB;=Hg-1?c!$Svj;8+wh3*(%g!Hb@v-WO(I^ukT~5=qi&2 zy3qV2PL#S>r?45mV2wTSmJ1gt%Akr8}@l93E_~o;e7eH5)XiOV2aR|O5VxyV3 z`WNSZX5QJf*FjMvL@4u(qm|BX3+;dt&&@6h2;kA`e~+)kR*z;?`To-F($ZxgXFfsg z3j_yIA;+q6(Gg-6hq|nb8!Mta*4-u8m56CGPtRzWGdgy3E!2y(BO|JGbTom}r@=F@ ze)4Ku=;UZpDC^xX%NwL6m6wsViD^|qd(?{ zLb9^h`y0k?yN6U0KdT2f`Tk_{pd>LZ=eO#de442k;AIsR{OL(LX&P=ZlbQI%QSxGz z!dU$NUemK8W#5_!Bug9QCIl^?5e!mcx6(Q$CwKO`j~{bpgd*56UvU&rCLq?B>V#K#qlE5vr@`hT;mJi(rY4q?GyD#IlZ%WAV zz72*(+4#j{dtwt0va0%7bf3MJ5EtfSk7C5qie>^IZdDHPyCYTG-2edbXX(Mm4*RlKOExwY9aSG z4@nm~-9oWu)y8kW(xT?$VRD z`fWs&Bc zi!+$?LJyVbIMvn75N6n(Mr$2OZ6o4YkTUNaQKXVdgnJ2X8TL2|sM_SP!R{R{wx?~$ zDYVDT_uU-{^Q~Za6+d0IVioW*%$^Gze#D^9Kz+}3KH#>SZK7;9 zoB99v#TvKuK%BTJNs-QRzd%4<8HbcJL+@E&&QK0 zPCHPNV$#B5(2>04zfvY8Fa0Qk+@O;NU<(|Yo3}bvr|KyFF8pL0=uen&wwU$p*W@MJ zOn+(isHmyvLum6IOxP4p zl;!(PEzdGn*CJ}&e7JuRqUw>C=gt!Km4OZs$S2=&T1Xpld|2$HWipDbeinKC@(Hdr zSt#PCq-|x@(G#B!Pis~&xdvBizN;cDDI)NjvO)yZ68pK-Ul{~^Q4bJYsHB3%C=k{4 zS+JGd;t2&cg54Q3Lby-`;SKYwo4)EV`Vn0pa4%mdC&no32vzmYd*`bwt=lMciZrr2 zf@t7TF#}G(3BaW)1BtY`3m9N3(naiRCZCxbgx<=N;+U})--k`Kan7?k1WcuW&;yHb~ zX2a8P#4GwWv&wHhKR4v}vRAyig}7PO$1m`oeD^=#h(5IwSKD}=s0JC$T=}ua`q}C07=oTmv{mm8L0M;xoV~^_KeDl< zBw1wQuS4^}6U(Ys9LqFHHc4LJ`Yl|tbwgs8TTi>C5hUu`Of%$bKaRH~xtNBoNSS$q zKu&RKJ$m*|oh|iebBl#4KB)6KJZkyZ^Unnz$cxy$F+pfg8S2Wt1?B*dyV0280$L_T zsM^B$yaV-*29ZMsoyq!fK9C+uV88tN!eO}xzfa#Ri;1<1{&+(n0qIyyCNWt#)O{0hb8&up zaIi4>Zi_R{MZ*8~{O0NM&FS7x&NztyiH_d^*XIYPOtNjN#io*xAH+ca5>=;|bJ{cw`mAw?AW(ljPCL zxLHNqH*(1$g>QFalN0BGW!%gnFww_@s2{-^?MAT=NbTDy<(Z_SB=Xqs)?;D}w zF(6_{on=G=`gkh!JddnlxZNPO6GId?;#0qBkLEI1Iv56(j z&H}5!@|eVeW>bOOV0m<6PP4keYLGlCF{4>>AU8-JnV8bdEwCD19+8;HOgoSpUj6|w zmKk4QHJm(%7|9GjkQ+`OPXCwf&Kqk;>W#sn?fW;@0jU=T%eMA!to>6VX9gp-%x|py zQjZPVZFh34eN*=hDs129So@@I8|2v9=U98EZraDbLwJ}gntYYCqM_N(qO2E3(SB@-a>_}Vw zoawZ*{{dgLxI1^i+(X<)(hSS2?w(&i7Dtx;!fE%TE*h}g<$t(Q(v=K3q@-%_;BV`s z0b!ePt-SKmc!#R7 zOd*wb*7>X>$n~IXE+B*&C%7LWM0B&446}WAQP_NtiP3R#GqgM*tBPDBN9q|fBU|gs zE=@s3Hcqs;F1GZl*8`C_{EqN8`%Tu4FRb@jtsTEw?dMoI>RavOSg{TA>UNPtkJ2nP z*sykm{W8JfNRz>#gYble9(>ijT-A5HwBEO{b|kajpSE(8uqwOYC7kQkjHEZCt<`7o zQb-`hBTL63W$mr`d{kwfRgIKUT@J0*N~vzv5XH7o@RrAqQEkif;~~uCL?Gfu-XF2u z->`91wb^g5cBHc2kHoLXoyPvH+*6PHyg*iznY-g7?<*AxY6!}6x{QR*UJLvNjc7xQ zEC%@)jLFwxWfnB?EKxhWFU_h0FT^nE5nsi8%G0i4qL59-NRkZ0_z4PjBqklC55a~v zYtB4*O}|ks)u-k>$5p~=-q_?A`hdEKTi0~siD<{?p46(rtm^8_$dB}*nJnhX#fZLV z^o#LTp>0!%ddCn?uh5heZH5ggnZ9N3J`Yz7!pKFsIL5@!c!~>=)>fjpL!sh0=duyF zYqGC@#gio-8}TKHKAxZ&^ipx`fseGn?FUB|hZB=k3nupK)6gzwAzLf<^x~~?M`EYT zrm0w*1dV0NUZ`3;K*IVK{pIbVq9c87imWcKzM>JmdCC)rN*9;nzI9fTH6kt>O12Um zIzv}AE=p*mY*$YjkxA(1P_INj$r?Ci5ZyO=+!5S-C9hFxJk7_!e9@ouy<1xOk%ZUe znuB+U7&s}e7jOvoT~cWmA(=R9y)Qy-hizoNs>#-LRC#GW*vUu4Zud4rLc0AsF7J>^*2VmdOe= z7IkcRR&4C8=Je&s)v?=j?30@BbW09T4hCptqGih0{0hj;F`zTJw{rO}H>%39uA*&1 zpLWyQ)v|JO7*ZzxqJFwXR7tzQ-vfWzJJ_a6=@3ff3MqF>q4xnfmdkpVE1Y>?6k=`J z96VH_G;wcu#IGX`ctD^B2964Ic>_Bd^ny9+Tg{e!t;t z*gc&h_yjQvh$B(~qZwT9r9*GlGk|C&Tk0a!)?)V%=bc-q%eY3;qteGS z7ZiTgu9z#_!E`7Q-z>FxPR~MrCUw$ma;UVHmRx327;BP!%CbNr3pxUq>mwInWfdhP z>-(asl%^{^z-|4mStH3S?dW;zI^kesl_=h`UkGtw(w%2@sj#IHEi?IHZ5rLzB?V~&-Fty! zktEDffng-!r@%G}66 zfV@FxYm`};HvD2*#iU=v` zersvPL?x>|qCipNf7X(3WKf^=h~QLy_;j-(RQwUM2Yrv?!;k^2B!@4>pLzSgMdKb8 zWElxWT2nr4P?FnBw<=C_QZYw9x2C3JFc2vYcEW!)%99eg&(-gvO)x!>VQU`LHlPe) zv3)%eH>DV~KUPAa@s6xai{Y7RvDA+eLP{Nh9i5?c_Z>DXA*So?6zr*CKH8`jzjNv)jsEI^)W}bqW_L!jU6zT7u@PqTnQ9hl5SpI!Ty+%2k&w$ zoL#a3x;}ZonyPQtI%De1JJlf{{QP_xl4WZ6@L1lJiT&UL-^DUqAmRYN0}~l3)`JVx zbCK~wIO#~aBbL_`nNJ@Fdo8y_WS9cENjAD|lmO9kHX6!;9-nfxf~!4W))@)KhjZdx z2VUeS>&T3&=X!8P<<#lZ=?ovzRyJbxT$9bgCnZO(DGAStd#*@YT?W;Yj7wLUAhgS; z^`i&0UFYjk#So(qsxo*^-chfPvDO?0gd1_DvnylWV$P}4h@U+&%Jbj4I3G!u_C1Jb zbnI4iy44X{5ghEol45YH9(!9&@Z5B*CZrO%@$sV%Od_i(dkM3ICTbY;tw(6=AW;dj z;S8!yh^_2wK3*tC`L%v)7=_bdEu;f0TM9(#e#*UzI-LoIfL8M8sX>Lh#*LcSgctK2}>`Hrc}5S~;`~ zd{h^EqlaB+b0cok7d^Ok+@A&a!MV$2R9@Q=i<$LoN#$5*`Zdv2_W^AZVH5
    Xpu;A`+bE&PdTG{E52&Dp`D#*Wd#Jf5;XXxfb5FtMwxL`w zCYt11%x5@5>ul0`G$|`g+aVHUHMLZ}DHR+3s*@!7DTrFA2sm4WXxdx;>9cm~wFrl` zKt0UKC;Hq&djwH&UcEP!V=FeH{OL>*N+WiP-@+!QQok%`Ol-mlY*%nj{@yz%&*hyF=SXYp9fjY=wf&mKsR3XmFB&)P)8u0_Pc_i-Lkr;9-X1V>2Nw$d@RV1`eXs zigqN#;U{Zv?go?dhYppB4zPY*d%5dXOb=(r0DDeB^9||Sla&iiIA1>}Kh1S)HM?gP z+$x8oiU5BCHV4jm-)E)qV)5r7m>y0TKe=nbl&V{Oy^l6)wCdA$@8mnJ>zgEbu$2o! zSfS6`!}G?RK2Oj;Yv5K;n=kLEOTUmPbQj?won~|kQbo%bmWGZD!H;4ie9P5o6*2xI zUoUbCpP5b9w6@DCY8)<~Sy~|S@P(Sg&Jl*U=mtjIOG*CeL!VrMX(b}{S$eB86-$I+ zi9&+ZF!Al3VrwlJTPc)^`SOoqgBbE4Ds_iQ%7-Nl@nE%>c7fc>|b1Oo{u;#GdOYwuX#cWzS8J%Rb~Rm?M)3}B`!TJ_fsk{%0Cor zy-<&5p^!@rjIb^Em1eS6Z%lsS1Cow!FTjqyO`L-GZgI>rF(&_g88)K|10&$2@$Oqw zP5A&>ESKG?3EdKWg0^%Md`ziK=@kV zkmZ$(=-gc1Dx_X~Z)?RT=}1t+-jqt4c^^+LeCY)KKrfC z!Xt^*qVX`fZ~r8F7j@!GgH&`Rc+%gR6FM0~XO}7Pjn3XhAgf$MW*VPB=W7Ck7mbEY z`5yxu_P%qgav&-=ji!)sK*KeB(uUN70)2Epa4v{(Up6<_ zqE%h=<+Eoha5|Uq9zW&+J|iA&z$8wSvHQmJN7HBJqmcI(%t6&@Z4YL3Uv`n%j^x6r zOJDad6};c<4n3BJ?x0mGk=rm#=&yhSUTQrH7RX7=i_C+S;*(N{K#I`BuApB~sV%gU z87HN{(Q}6fE%}i4Z&p=6>Nqixp%=vqC`H(xP%-<~oKkea64i89gVH+;>AYVfv zQ8z>IN~1zR{N#F`ZOjcJcc7m0Bev9Yexx>n0?vEuF?Q(nczlmZyCadH^m_90h*9yw z*UNd>g&m?A9pZxgO)C7E(YptVWzzcfpNo4jBa3t@V#Sa3ekDK31g6pWM?+O}?sld7 z#4NAcgj@YHk2(bBr(#7kYL}OV9_6nt9G*<8SE5jRyEB>32Q)z(>e#R(XG->`S6?R{ zoaX$<&{_mS6{EF@-3;7V^VOx_5d1Jp9I#@^4~|Uc&>gU1&exYFBEaEbFjpV={S%+2 z-pIh!=Eu0Ti(4FDS52{*h?#PuyQ~l|Md%A%*(;#VNR@TU9vzTFw5EnDqsC$dUMdhiIT#$S-z&`^i z^9(54?L_%+3&HurTmlBDxo|c+pR+uJsn;$e-hkFF)84Fk9I9rEurNP;U8*YFgE?ot zo((`Vmmp#7D9!Y`BuaRSDXJfXRV1L~qCp=APF|!hRsp_29|;hJABv)zb4v1k74M9D zBGeEC?`@UDI$UCYrBwrrbalCcqoI;1OBTY5%}#ls=eu$YJ{wik4JH=|u0bS}QS?)X+icf0P8UiQ8jWloN2yXW` z?L^$hVWH&k5DGqM(&yJY1-$v)rJ>$S?-rnDioiEWCXNL1<}clpNvM5#PvgbP!JuBX zx0HYV?dQ-3W<1l>LfKM}QwqJSbKtv@5DmR=AukbNs%Gao8@|~=R>4BEGP0$(xW0jp=X4>E<@&WMpD5(NJfoxjOm4 zDLE^o%)QXwRfp7rS0N^Dx@(yq56P2PVN|pY%0!EN=_eDrw*4FXbmkWxm_gHntNeQS z`_yn{-)r6L+2-V4&<2Y+n#A^GbQZAvW_}TmpON&-()*P^^M@x99@!ToNI@%I0Q zo%y`BU@^>~noHsFuC?m^PKP9HIB>}sx7Lw%y6+_}oZO3%LE*nV{KoX~so8lMU%(*; zQNvjVcNzmS*2>xNnZP1&;DY|}GMwpJJ2gR(CBTMDsbpx;qQ;a+|5NF@ty&`Wr&X6R zsESS2)JYTn#j}tF1uNtrXN;hlF5}ui<&n?jNI^rzpO$Z4gIoSnGTucFU^ijY1<<%g zPxsAPko|8}0MI`QAO-!=vdb836aerXSPzl^Oa0P3{oQ|S$ZMMo!Tf@Swd2MCC$nqK zMakl7P}$Tf<-`pV7X-$k^T#T*f30E$2w7_4@0|9Zs$=`~!IR_b8~oQ`W$ZQo{0rFs zuMyV%T98-!4-3@4I{$Cgo?oIt^)kpzFHixG6MUPQ?^+{o1>r>*nmBb2t9wf= zgB%h)wN^ng!mBIlRsiRC(9=CG9+*e<%FDJ7AsQF|3{vW6QyxF`f`7KKu9I6qh=(oN zehe--Nl8bzFNP=*Kh4bHOqlT zotuk$QTuJv_H(YUdNs$t2@(nsqTy z7JXbQ0s&vE@(D{jjpv+6$`sd_^S)9ET%IA^T8DZpY5Q#m%=6f^AJ8rnDmRDT^%Mwz zc2@6X*JfCtgnEx;f;h#dROo!g%i~Bk*vxM6HxDxJ)Jw-q*#r6wN zpfwetE8(>m!oYdK3mGg zlT)mv>v)rR)3Zh$b9Z;X?w6j0*BwTn$EGJ!$D?3wyXh-KT>&@r>2H#YMCR^^l^y;U zKSl{j6Ay+`o*o~Jp3eFf(IC)aSVjk%m$sdoeF`isp+-k`Q!L?^FYZr90Zzv;2R1hk z9*32`SIYhQY%6=tK5oMsb?`d2-2}U|AdiedFrHtsjTYIS4rW=O)OnDWF)j^zW=p*dJA79JMfmu< zzaEKe2c$nzHWLN%xzYcw9J<}CRRrl~Gy!-j1D-UQZxgd3L*b zbL<_Aw=tL%70{^x54 z%a8N#j9u23c8U)qXX@t^%|ssV4jgTcLEcw8-RqSn*H2l^#KwWE2&Osq+U#@szAV_# z0;$=lxGngfpQ41G0*>#i0{7U(=^>bFj;iYTO^Ss+2)_0I%-5J((0!* zs3@QkWFhdR1bo@(W|NA1q$szUvGp+O?aA?>?zGcQiK_a#?`L-}s1yrSSiK4m!FedM zw2bBWNs-flyAmmyO;ZWK%^o^)M0oue|Da;m2{km@@1kzmJqQQXMi8PcrjquZ%AUY( z?WKwA!*Jm&UV^>2B%nluqeR zDJdu22uQbdNOwy~Dcvce(jZC-0(;(|F4yzC-}~)-9QzMz9n3keYm9N8V~lfLH{SEc zdTun%?)iCH(!l*Ho4OVXs>LEJ2f=s;CdFZUCb*H$j!bY$g$_(5=p43Y0qqPI*B4(0 zRK7l6^szhzpvP!g$1pJsRdf8VrGzGye9(CvbZSm6G0eo|Ry}3W9V5Mrej8FVnCX0yD@l%Jbm zGxdC?I2c))Ki500bae<9I=C|Psexhosi${!S8$Y_XC3BTnRCFt<0}_+ z>)qZJ@hco;ib7rGNrMIZrSqPX2a@*-i<9M{o=*c3Q#V*Y*$6UACFdoGV=`pC^CQsn z;Xl^*1*-B+G9z_6Y}8-I*HCEi6cPlZV1FkFp2~&)7#4fqdo~!R$;x6yxj0{#(5FK{ zVl{w$+3pcxpVZQEIa+aT(#QJu!)(?xo)$!0+|3+r9s4pzDLJb*B8P)%?QGrqH8J^y zXgm0TZ+$fi0*8@~;ZDfRLp_}U-Us|0iUlSk9N5FG_;hucr zj^l(7ae<&)5&zjIFKYu#6AzLiHIk{ZSjW ziVs*8$xPf~WOuSBp%qU>w@Ah27m-;4LFfvB*uy|HX1^{ZAL>J`B|O6mwiQLgi&v|2 ze2s@^LDFNnSY5H>brie+e5j)-${dP}v)F28!bmSK4(nkl3sNsiXW42qiFtiophSMl zgT*pTiiNfei+baLCF7XRfIRqj&<3;TBsOiv0T`D{Wk1L|25m55$iurW;@dLNs?fZF ziM$%m^nkZwY?o;YPG?mUT#L>68X{V|w9vVRk~2Ft+Sg_TE3z^(#c<= zw!~O8?~iMcO%5uqO03Hlc+(>In`F3Vu6gl1#ZWGJ8Dxsyk^-(3- z9d>al9j);%ygwrLuf(G5?63L{0yo4vY$@KDxFyB7 zCsQuGN;7zgo^Beqw<)p;^HS<#!xMy7?SN2T-=GQb$JlY`*L%x{@Vu|3xQwC6nTG1@ zROr3^%HefBuYjS0(vs^L)9xZ$C%#u6_ZdNMHtWGvXP$#jFvlTfWNVc((7()ANrlM^ zgV~@&Z(!jq``i+zqdZ8kUFu~;5}bXc+d=$iXgQC-d7F&lHEk2psdLS>O_HLV{2cGW z&>p%sc~Og*rt#U*OZc%q?bDei@fqVV1wsRQggT!O5(9GEMEY4vD0E_2qjlTn!sy=k z&!l^d>85`@lshLeS159x1BgDb%=qBZF!^>#HXUt@W{@Gm9VhQe(I z7Ow`O6fM+k-+iMaWQ)atQooB-f?=SDYk$Rp|QH&9RV zww|6p#YX2zrHQa_CBy(=tUN46V0ofz)w>5Q=VXD92fVVi2fza~F7p@3xmk+tGHcPv zE?ko2j&S6*8IP?8kDW=;k8-xPi^?+xZGsKM3)PR#Y4%~EI}-Hd3WEe!A8mkB z9D1h&kH;1gIZzvP>FH{vV)FT38*h}3YB3+&4~!pAI2yfh9CjWaPWIZIQ3t`h8%ZTZ z(gSth_)_3wadlMh0#K*_D*$2eu@+3v3_{_-0O+z=+s45MdD=a90|vgP=26teu@So( zUpmV1kWrXSA{#Ae!Em4*k&$;#LxWNH6@~|B9Of^wC^xy%ydJ&1 z6CO*wX&oC^a7~08kzK?UOT9rCja`#Dx1CEtGbu3DkZAHM6Fx1e?v0PO)leEPu5Y?R zWfuF6#C!ShR87i0w8bIm_pg|*gY3>3s9$i!vVCGl5+>l1vJ4ge3MdJ;g|c$Df-jxp z^d7H^U9|)HXc(DVyYm_dU62yI=7=6B9$3p$DEh?v{^Y^ojZtIo!CU1*=$!4>J|c)} zRK~-hi5wH+@$JgXdJx&aC5NO=JR#Y$7nmr_w(4A*=F)@r;)P3(q@O4@O>$ZUE;h~V zu4Q#NTg@uGOEegag92=mp7l3nJC?plOeQ@}rBy(to@DCzUS$L)nnd31= zfxynW*+KRh1*72w^`(^TROF_DPRQiV`;Q8i_g>}lCu(|7%Fl@R5EQ+7F|3GKOeDi7 za?ghaS$O2(+$hn>x5Dc8W|}3VX7kECPY^aW{8`n$e*9)(A&gzJeqR8Bu#*kpazXvkF4Wn>OM}gH}GC+%7)hT!Lxb#h~<3?HxT*qe`x4`IG zWi(G7ATn>+BR14j!G3-2;zo!tYGh&}a*ruxZOY*3eze;CcgT!(nj!LbA^YZanXg_> zKf<8HTv*RVX#7%TuuEAR($a@l+uf@2hy56}>}{76wKV|4Y6)egzr7(h{y-H;L`HuJ zQLW30;xmKj<@UFP&vqp#Ybkqu?9ctB1my5yCK4zzxbh+f2~s}GN%CxT5y|j;+yZ}0 zBjVMXEJVj;Vb?lFM#P~vd5X=mAT7L%GYmYiibuys^svRQ{ixnTgCVxegmsenN!}WOSN~%g;_*Mel-tkGxtc1Ke!F8dqM#?whjPmL&gs54gzFe-2 zYVrauEf);#U|c$M&9-^jWiIKrbTPY@08AkzuhTd9Rem*Do54eJ5@F*BWgIE9;|GZ} zG1gRtZ{1~a=wlwS_0ubXu+pQ0u-fQYTJqG_gr2n0)8uiLdy0{oi47(P@8P(KDA<&+ z6sbqiq358ujA=L>nh5a**3v6&){Yj}vrzMBMjX|PBiH40_}%PhmvQ~rvGN0gfSN#SV)y;+-#sPCH%&}73@?-~?W6kUS`;IHG4!e)E@uNL2L!ngIjUSEq^vx6-&|eK zG%G1}a&Yfksgx$cwRb8Abw$90bEQNZqVNl{Q!##e%!31w3v z+bz9b#Lj?VW5A0`0id^dMX?^vMu^Kwgr3bG{wj5}0bDkcxRlJ5>G4Q5?*rH|Y7*(6A6575&uD3nUNaB-o+u~PIq+RgE|*^4-t+Tn*a z+1w!nJ*oODdu4Gkc5=0+<1(7gVVtt)g1O9}#iHM@wx*59WB0}ZWD}&huqRt7T!f8` zF``{$alry6E8!=)Utp4!Hb1UR3|6pIq{-^L3Z{=!t1y1WRM1WJZe@itkjs~0u8%T2 zqbRU`mWO20EqeoF(sy#B=?!rG{oBbxCSkgB8qPhF>rSy(}& zk6Bs)sb4ty;g0%Bd}U#DAojo=`11b(KNkW%Ju}O4Tys)CDbc4y8d9=PiJ|WlGS?Yb zQ`6AZh#U8dQp5ip6g_zXaqfUDJxQB$jc}hL@70KtWu)OEt}NC^IUw}!LMM&oqEQ}N zC@;vH6LcHt!FFWo?!ZvPEs^Vys_n3$t|AQV%lK0$JVNC>%5jv7dpwQ<1?k(4(B!Iy`CFAo8~ z5Cne#tI(taEN67+yM|Z;I#{(2DIpAhOw16vJ543uTP(iJiC_3D#fzCBDgLddsGgW& z$0p=ERk12D=ciMOLJPv8lE)0{cl=K5A7=Q?Z?KRBM3w=nA(6M0tXvISojC1*VAf<_ zu2z7T1NZuGDlXlRG6$!2nUO&$^A?_S3SNYNp_u zv~PXtBuRNG{B2CZwkE!;O6!~D^*P%gFbdAOQqIkzz3D0ll0#HIq=vDOQ5` zmoy6mzgG3r2Ml9gryA>BN$3KT3Lhr#UrL0YLWy*OOE%&BB2<7)no^0MUz!sA$;w7z zTv`OWIC1XW2peSqwl`t0{avj#z(KVskqlA?P$^@qUo>0s^eNT3P}6}qOuo8TQO_^G zgOPxibCL5Xu3s@;xIRhCicm|H`GKe&VW`_JTa6Qw_V|CZRTh^(s{|Ea3uJ3(eP0g> zdqJ*pPf-1{k^sY7AZ1ZG{a>5gtSL3x+1K{u-6@U9)D^!tV6u5dC}2`m`6#AO$xI`9 zGC1Gcm=XQSh(6OIq$SY_|5cQK<>hE;&S_VI0A{p$y0crfI`Qb`2c>Tx3A39CxvYZA zGfY8l4m4BPgTCI0jl|GlQa&*3hox9&ieUR1i+N=)KV|duh@M#3P3^%h6Ni6<6X@Ux>N}SNvE)p2zihgSoRypB9B49k{n@){DrrD3@m) zogF+`fUQ(e&mtR*n7!;}oCyZQEOXLX?^@mWEeU5`ZU>kBk`g;Mn3kyPM5yA856n|u zUFyn9Xd;0s5-dBF5fWIuN)0KqiqVt>U^4|PDl>1+WS;#NH;)Ca-^=j<$W?#~kzuB;S z8zMSUORqi@H7q$41=Vn&917-||93jDj#eM~+X)o_ToxanD7-cnQ?al4Ma+LS(eH=1 zyhNJ}4)R8tylbL0TNqLQOhvz>LPZn{_#mtqDa13Th+_q}j*YNk7nuC*7?^tp zpkoy1IlwQ^C?GPS9{lb3Qb5UpC_2(feeyKfxb)k#hiwO}8kB_vpe&pv1HTC_4sx-o zFgF%a)pQ@<@yl;r2;2%oTlZUG2yga_q?H-S_c1AMb)o458NrI#1T4Y+12ryb6>*!% zaGJ;I1&2_cp!zN5$~%PWT#p31;XO*uI{0U7-pb(Y$HARdqC|5tV=DSgLEHnm zHK&kE<5^d!RH8H zpW+f1ih{}4fHWE21N%z}afBe+cK9S?{&C7gf|wKgXzgfpuLss${v&im4yS_#nzU|9 zk-9ICuHefd?H5M_a+#1p5UVi(-R5NvEZ-|Zh^S!_T+_q6)p-c3W^MfhzeiPyn1v-o z%9y1kTnhAun0MJnp~P1bmhDOPKcNN#K}}qb&~Wrf8Jt?eAh?BbWg6e$0e`s$XET2q zSPhQtw~f9kq~1)!6GSX7R3)U@sti-GCYwZTVNAficG*`p>SgX+^?~Th)q5}cn6xl2 ztjXG4jA?rJU->6%R`@6X#L~eV4M9?a`Bxyfg8}9r1tk9t!2Ama^AB5;mlW%E=%GKG1+%40;6*)*a}Pc5u_ZY`{dz(O1iy?{UL za8SKXdFNM|GxLvP2;C@D`J zw^*sa1sbT&4Bf!${f`Vi+Ra&KtOQlr-Ly%EzGQ^e_*XZuK>WKKNZC|4uoNmqCX%sL zxLF|5RPXuUq>0%qmf&?L*1p34N(lNn7v+CuCY^F#71sZ1c9?}q!4`;#hVd$hJswZ# zne7={_P}I|f+U+KWXystv{93>spi0&eez3v23Rk53I|(zE7o0H@a38C@3n%M;Q-CI6Le4GXsUEKw`eNj&ejonO3o=_#YE{X z_alXH>)=&*O8q-Vru0z}Gw`oXi%U|cx6zpY5-byucx0)PY2&p1Dk@iFq>_xO(ZEYX zH_?VTf9scdu%ND1O-!=-qf{hu3CL3M82G_Ni-BARz)X{bWEwx1Y1qsx{HooUh}A%{fwym~qSvoR)?fIHmm(X_)xg=r!E# zTDsJqmhSeerQi4L0a*X`*39FqyW^K)G5H@93sY-v-andCj!p?Y`;kw;BU>AV{WT;> zb%(pa(r0N-sg-gELdLm zVm{%v=fx#|ww?|P&dUGQ<{bxIu$6+j9C;kGy&&+Ta3Sw zQC5N*Ohz~x$r0#vtUe`mF}<{OSlldp-ushzl3Tbsu3Z3WFuD!A>o=8JJB$(noW{vk zwgMG>PO?l>w&7vUEbuJg_IRrR*$zVyWrh?YuptKgZtbLy)?UQaQ^9raNBi$d5FB0i z50Dc>IexW0eaI+SpY$Jv2KZ+bysb3%o?tj{2K<@?L73LSN&}(i;O${g-WHTe8-@8@ zL(i?>fm2Txvj0bULYR6AJ4OWp^oOT{hfF$d#&;PhYGX*mm#8(b(yyf_KLI_|kYNWv zM%_OtsbmADB$$!%zcZ2^JmZk#8*hT8D?UZxefq1d-!=%w*LQ6_u;#8s5YLSSSNu}e z|G`rV2v22q^WFt;{nh<~Z}6VD0C$Z&Z3t$Tl;RjXvkQ!4MqYTh_1uFIT{HA4*d$DN z?_@PRBn=DjOCPaC;N+?pk3ipWB2J>rlBSx^k={*42p9$UrwPzD^dQIP94likD3o+u zjUSh6+;u+NKb>y_()qx~=UA8vAZF8*o}x6}xu!~7*M|9+n6aXjxCeypmuqUEYhaGw zp1;1$6JTl`$otQUp_TNn0lruFT;&_Sc4FwsC{kJ)GdRZotv%b4Lf?>8hsA)0bfESG z{>bY3f5G;z^0M30m0REQoP&>9nCOs6(PdVn=WFTs) zKzi3$8isPs+@ww#D97$TN&t^0z&mrxAdNkdrj#FS?D^m@+g%1*c>+0jIqbr9Ug2)k z`PKShZQid6BiSskW<%M~y*>YRy4WKobgcD%l`OzNnnk(yf72{YlZS}er_~VALV1ve z?lPqj2ab6X>B>HKU zw6ltau+kl5<<2cD0lBg}S`ynjg9l3uhM#@}b_)LkcBiNVq#t+=qvh65y_utjI}7&1Qj>^7iZu)NPy6sw@RcQFsv5 zB86B~y#=ZkXozZQSFDQyD`h|Bud|jh0SIcKh8BwB!6yI*ASp;|_$;nBuk~~Stdj(g z5y(;RNlOl_>{K4qWEc6(KgdDb0L!bwa5ml=b>5eJV5;A#7FmdDX~u2yijva*cPaT_ zk6Dt*D2_p~8O$Z_bT`2Uzk#pC)lgk24H1>*l3Bh_vW~FOJn<6UTuL5IF~5CNUB?vY zx_J*>8(4Z)yzme~0~J}6hMxUZkUE;6u5RIPI>K_8L0 zdg9;N)#|*D;n>jW``GX6Rg+IrtKC)kKDmgW_fNa83uZpwvi-czj+%V>!?{^mEO$Gq zwn?9OKj5HX$Ytn~UI!A`8Kf0^)aKq)G$ep0R@uQ%3a%f1k9t5Ua#s0hl(px@qkdNH zgU951rFsNTIer%&DoU#s9Ahf(w$pnuMn(8qcP3^ruDhml7(tqh? zgjhWPc|@Kk^H&S|@R|9&pa^rKm#{sp&-Y~W>;dR6N~>zXhF7!8k1WR(l~wN4rMZK( z_MtZ8+Gj#I_YypXu6xd;!OuAvc)U<$R>nUw4;prUT9q3e|GWrm@c0IY)=4hgqq6E# zLQ}Qb3#C>4C80X)1*w;@D*4fa>Z!iVH}BI*P-*VxSkm6tW`3YJef!BFm<<^vy2w_) zf(z_ql!Oco6ofF#FikI(%rhltg?OjG3<31+=K3Y$U;4(Wk-#!Hn_yU+tT91IU!hj@ zlmBysUR=WWXcY)3Ry4Cmhg*tFvO8@bF<$4IlG*1-Kf#@st4v_`eyQYi z!0medaJ27b!TaT1USV8RfsJ!T1DdHrjm@5SIT88C#p8RYg)v?s^&m^GAk= zDRy4hGkcb8t(pLfw$-~4UysWq#`}eY_!sx}MLVr{6O-07&|e3q>8wqK?oVy3yMCp1 zuT(+itm!HyTPmI=vo8gJ2+o=ZM=W!5-_msE*$1rFIkwG<`9J7hE0TU`&g^lk-JsY@ zOHDI!+S(nq@!;15KlM~x4hi7IB|J@F$1N^MNHS<^;n~TE2mzl9nH&n;Hy`VJ=~fG( zn8pX9cxkh*w^WE5_A7$&Pd;T7Ct`Q zIvo5mz$A$c7nOs}F_0xy1lQG1J~aYfcz<5FaI_C(xRq%@l~Z%)i?Kd14~214kLNpocgP(e+TsI|NMgZ{(EimdV8UZ_;5%CH9uqMmY`r{%RB0Xn$hJM!U)-0G#F6Qku{le6Mw}Tn8nF>o`qEs`yeNQx+JF$6)WvDNPO}U6y7*{dm!NpdwM4+6)SutC4{J6kZEKB^BLg-*9FQy>x+`M zs+3!Y+9P85vsnAPk9iQ&VGn%K#;UDt#-gO_Z3UoM(f`>`F`Werff^SEr5}cLuk}0n zsSF^a6PnI-8#u@dfCTn)J2p45OwilBFfXQ^5qB<(?u~`Xo4x!Avhk@D&3EAtuh9vj z$Tw*Lxj$|$KA z4{0tc0-<209sRSv9sz`+$UCRUa6-T4c`?~y%sRB*7biFoxwOV&vYp|`n|PNOmMx{8 z7eA1Cv`RU*Rr`*6N%Q*H6?OvUeBK$e{WBBLp}%pjQGov(235*fCzB)qgNz( z^YsSfiTL=@TgqLjdPjYOCHI!)p^@(*&;5QLo^=3(E3{HRB0sOIFu!*Cc3xKM`dwFT z8djc^6i%b<4a-8mep3`zay53Hjw9(XgHTx-Q3w;6pE5!q?fU(Gv?WP9ZIqQOp%hd0 zr>jMZLQjragoagypAuJ>Bl?%k&Mrh1=olXtyKeTX7;AW{ZEeil14qTB@;x1#x8@M& zCydJh^b%`HyC8{X9=1)Kubn3GJMEbb(D!0i8@l74kUWs=wWb~YCdt*_@=>Ij=TOAc z4>l^jB5CMSdfJ-n@r$2}6c34`8=&!HtaC1qD$(D!^no{Ma4l+qp=;ye`)(JMXw5c@ zpuv^rw?hrt113+b9KBpmn#+3*LFTzb9Dsw~FU$=-@8AqKhp=HF$`#%a00H{z;@V&p z`s2Lr`QoBH>W3M!cR+M!RML|^8ebkydhv>G+bJ8MkcPz4}j1_Qy)T;1NHkgI@8uxlGLUX)Ps4Q z?)T9Hr79q%>K=!`&65_OCdQ5;7b7^S0NHUl4aw&YChzyAYWd8up}ccU-f+6pH_K9Y z0m=t?T(iaghj*cOygM!ZwP5P61%W7XiMthl^KF2MfE!}E&M{GKiPMTqkg?k9Wb7Ct z0wK$q5{Th_c?17J@BiB7cSgkCW<(w~XoElm(bydP~X$>fcuI}M3kbqNFy)+qA2-_bGqkLU!0&ghe)J5}mJY`$rULLlJQ zXH1Zxw&gON!2P`*ik&pezp@e;j1F*@mI41xOBEeRCPVB-{tvr*z;HwCmQtbkx7mNT z@rL=g+1b^<&Bpy7%m!{z%@+MP2DE=Lfcp;&OnzfP`)>@a8^!`Bv<%5(yNo_GUss|5kbU&j}GYm&B(&-gxEe%k(hBYvzy4CtI` zV+GdI1uUFe?))qR=s=DGBl!|B=vtq>K4s$xB2u2XeW#WdJ1xVNz5ciP*%B~ZmP;r# z6(XWo_>m43rpg)@3yteF6>6Y?;HswjfIkHT-jd#1(1^MUqwuAwKHSwsfO~WNc|K>S zFRjrM`rgP&qqx1@=s>VgILh0`zZXAFN_AlDYrKXM)1Yf?fZ$-Y6gki+Ekw(}zN8iI za0MM$qH1r4527&k|G|YCph6QwKxAoFu#tP`p4zw5{S|_m3hhI+ZVu3ZRP3aZg;WQ- zKb}+Hd0zAPQy`=ZjnekJm>`2p^QH zC6v^H$2itnO*fl#xj1)R!=nu?ZST0(i(9{Oh|KAHp9-QiXo_gmVp2FuPk_zBmCue@~Qtv;?Vz2@hmFf--K5F&D(vv ze`m7Cuo+l2aKSA6_cmjVMS4E^epFvNsFb&#*}8A-kGvO@vfsu3D;>oi?iG}{3DPae z9a{J=l~6REp!~^Vz-s9ggUw?NesVnNhnD&}8ZNp&(qsNy2Cs@6$ZPNwu9aZp%>}Bn z`(IYv5)*H!mZ2}+$3?AfhBzgQq!r_=KKr}3XlS(uU;PmU?;sm3<2SDP%CYT zEa8?JbkkT&ehR5#MbAj68Pe=`6^0wm@cSAiM_N$cffqT4Zr7!9j4m;+tzc!IlZM}4 z!fDuKU;;NCdjP4&B-1$xAMur;`6JiYQQU^P2OA~PTO%37H-qn~ZL>;fr{y_r`-P~7 zzlfFxK(p`+eT4njo&ES{v~^~-WFw=}V&K=UI{tgHijqzjX2VDTh%6;|%@WIFdNvQ*R5WcG*~N>wfG9HW{yz9fl{5m5D&2 zVNP^1tJSgamFUatcD@{GoX8b@^06afO(7aNAE$1gaavNd|R+Xm&)4 zS_cDmrIt`>ti^my>hQ%T3r(eb8C8*`?>j}BoiEa=tNJb*OWgFFq2BCD;;Xmf^9jdKL->?SN zS*7}RI@478Nkn?g*T!~l+ay*m8WOS9&KML^{k$SQ=ke+)^EwANIxPHE0p!l(G&Y8B z0>~xxdQ#I`)aJGrrkdKIVZco%b5*C_7ll_4ry}Bi&qqziMta+&iGPAKaxe+mo5}+wGN- z-&Z>CE&$A=&?Jw+*R4r))4&I#Sm?j&0Wa9^dd>G>*H9*9Iz&Y(p&;S!$W`0hD;9!# z#4?jolBf+yHwJWbECnVgMamo1l-tV|&eeu&T4W@DhijT!R2M>R-Rtx4Y>7ZB0}qQ~I>A_XF;)I%b@r$}gxXeu;n5O-=IsS1y9Mw< zj)Tw>eZC%^f|qp;YK?Nxx#A16wT{jskEFV(%9slA=<+U;7H1_t=uh8yd9yedwy zRzq>`-!Ak(rCe?FxA64_0NjK!DhvGZg&$m>t#&&1`N=-~`Y5th1!eFk`;;`fBewL|2V?Am z5#ft2%+k+7GHT}#{CqIptq*7{3Jsjg8j5f_>2-1#!s0)A?p?`rMq0a;g5vA(gIPz2 zGq&XORMF;e{+Dk)ImxjaqaSSfzM0ZKME$Hk<9u^?;w6}Egjw8s#0!<;*aQ6no+$;o zxvdGh7y23+0GyV1utML+)4)j?5XHz1{g`R56@*5 z@Ramqz6;3`jib{%$+i#{UKle!IsUQh+nG6q=bcoI>zT1fn0%^?Wz^ffhWWIWksW6J_g}{%ONGjCs6;ciMmUOf6i++JH3a6{fS>1IHaM@^9#uzeA5YEf?;AbR zI1zcfVP}N4L(QVBCF8hhl-L`2trpZ>{Y)X_Bza@vc}%DjdqIQ9^F^ao>Co;A@Ec^> z?Gx*&+;j>as-fu>+Z|;#7Qr%BVS4!0JB*cd^mXAle>>*NdIR@$WG1_Uu1Ub8$;8t( zHJi9-yAWX7;`vYVTzhGC6XvIam=_;y=fZ^%vMN#$G2hmHWOpTb1`|j- zLIH(o(Hd$M-COqp>hLf^>skMgLuba~wU6>#hs*DQ6cKX58-%@bo){}yMX#;#d)y>s zoK0ez6k7r#6#g#+vOGOT1-d45WuV;7B^mhsAZT;#uU;tJ}TRWI7D5b0@pP6pkWty1rJrFK2*%2?c(&4|5pVP?ELvTV5< z8&u(h5KvL9IHwOpJ6-X^*bC)YuUvfkS+S|5>>#8~)p!zVAa}adnZ0b^NgUGOSFVW( zyW}*x=Y2DSgxF;X1w$3D1!w*IbPnHR9}j#fW;`8yfK=2{UD7Dku6ZZSYf%;@4bEs) z(cDpbRTz}nd%-Zmlga@wbZfK9kGt?A9{ZQb%%t|G!;qcAJdw2g(G{Uv=Zf-PALE$7 zHcO0djd~x?+8@So{{g%KxN|@(;g{AuTUr z$)Pk;si9!`l?no-;sM*CDTqVRl+Yw8^x%JB9EnmChoBz_ zr%W0w7G*$Q0H5UHHhBp%hFhkJ#}Gl!l{@-|8p$BH$HL^n<-vhjPfcHOfjh;}7#i{qAYMo^Iw4DlaO3wGj|adzRor^t%vN@#fxRKpI&(P48? z6-#!FUcmzgV7gf#T5^#dYMHXl<0VXlz;wm| zn_R#qhWi%AZi6w3w{w`@8ioVHBWnMHIQh>x0CvFvXrB+3dj*8IE1toW z3YbSp`g9iwC_Y|mksxc8U~ZwB25OXNiR8 zR%pCaq)@X2vvU|v&@s$7+2e?xMilO0_VL!NqRY9b%efdUxg^qbzjq9VIRw9zGF~O% zSWf~B8cZLV?QJw#O@af-mvaf4B_N2d+#_}_HQwkWm9C87lTYGU_!cNR(#I`V2*d|dy&8N z2>!WH?GXIcaVR<<_!ojJ6>eg@8z*ZuNfCGtO^L)CtvVhgzyzQ2Z3G$*DLGq!2?9_` zzw}tAr37KUp7p^{e+^>*lCgRf*dt>_{)PfyQ0H%>#^<*P^yw^&hUTm1l#fRI~y_%|4QiMGMh!?tZ@f?3Hu>W_RgX zfsjt6l|aH+n(qNyzHUM%XEm*74yX3Y(Vm?2k>!TD@r%relSfD9UTHV{m)C9gg`9w* zk4q6}k2o_&irxmnR*BU27p1rs&BAdvy%6BBI-lwgI4r8Pz-Z6480pUs>iPIFEU3mt zg+uQ{nu=u(X9#B4ea=N+(;J>9hUaS6TU&)nk332qA3=I%H`&*lNWL$aJtpa^G4$zsLEL9Zw zd-o_556C~Ad>?#^$G#`g(xZG+>8)#H$L!*eXf;r6K!IFw$<=ULd702U#VfNvvHV)e zGFhO;axAHZ*R_8pVzbGY_RLAA2w1vrs~L76)F!oVRuSoUB9cOa7J6kfOW>DgKUY}! z#VM;ZYgfRmMTZ-eXX^+0Mv+0>WROkldlDb>vFt$I{iL!Vn~xj(ffw0+(H1Y}#ls(F zww}VW^&Gi9hyB^L=$858{bcLL$e{du%=I9`^~301Wmy}x@v_;9NB2jn)AImIeJ87@ zb{|Fz6>yspy_Yfs1$f`+UFl+8Zl!z9);%IV5wvexX%gh=k%tpogM$9J?e%g}c`crM zv4O^68Cr>{+lXIw*|i7zS=r-sMBe*NKVCUAu}U^8JpJKzUa?ubX<{sN+&&?UF*TpI zMkrvTfST&B;ZKJL+dW}ob~qLe7(^qoNMaD1xbZx6@mR0WGu5$i-csb?b0zIeoWqlO zO`a|GrHSEHS14!k*XpD?p>N_Zm}1GSdehqcc=+@8o9hq;9z1UuTHT)at`3of(!~El zs!=g%{dzzptRz5qWi;|>)^ z5Y=0*P|yb0e~y1H-ZFSa$vykVv6}NqN9X&G5BwM15JQ$P0|kqA5g1{5zEr&UoOk+D z8rIYeAF+H^xycMcB9?V&$c?72+{x-Gq=P>NzO?={MbkKU zwr4edwh^>Hy0L-u3URMQ{^YwXNne1Q(izLg{n$B@KuOj3>u*{O9(wodfv>pmtgenk zwnaUe=nF%5){lQsC0;!17ILV{Pburrs=IzycYe~KzPn>@!(yv>?--x8Of%-gMiKAy zX?jJ`wL#fjjzEQ03NDARdTs;yGO}mU{>XC6iLU}(RD*-tLT*8VaIepRbGAu!V@R*T z`I{hW4@p8!tz0QK#AA^b20)KZ>ZUwQI%S1#?>^%@)J7PtE@T00LxibKo#~i+%t5O< zx*f}E*%S9KnruH?jHA${qbd4R6pi%d<}pH(30eV?0oJUs=X^6TN)6SvW$<4# zG@Ihdh3q(>>T)fUdc1EmmtXHb%wKw4pRUv~S<#S=pgN#gx42tB+_2$VvC_tLFJ%ue zM3jZum5W3xRO^O(bGjIyIb&&CIdyHCH2TU&L3PRluO2S(W@q|~CH_E5Q#TiMRv<6p zI}KJ5R!bGq+CXTW96Bk@Mp{0>f9(6?<933)sSXlTvS>d-FJaO>SN zyw|WH70XjSH{O;~!C*#I=56?O=exK8_in=mq1Iw$vW7zd!974p%ccQPTj^hY7%rHF z3@`esp>udYW>&K}@66vtVa68mD4xXsCzPDKTdIJtMx4fzu+#TArX?(&ukEW&Y%5^l zSW}u5Run=x`szx(^^S8Ck{qklcC_YYYP#`Nh_9paul};%UCRJux1xp{tI?i6Ozn~{s?NTybU4e=*zXY zh1xHV^1spM2z?NKSV%8N|I%F#S8$?ij<-ys!@B``FuGExv3{16l+DO9TsdpVA9aS> zNYW^{#8j-86Yzbvo#Ctz!n8z|)B4RDCZ=SF$ZlNW)zdz)-FtPk%G{FXvMQzNNI56j zJO2*=Q$Vc0S@%hx9+5!u%dc$;GDPhEheEmWLof&caXxm8U3&Dv+vZU2s45P|nF41f*jR zRJ;Y)Hb`%T-dp}=F<6+DXekYepmHZ%Nvt=o8pUD;l8>+pNEXd;WSN!9Fg zMJl~K&A0*s4~ub3kM?BXJhBy3O7Qi`gFF-{9p$2`^VMYJ1a>`J`4_mDTL$V2pRI4UyfWHl3LqrGbGr){8=x9u*T!?o0;{5Sf8ETxC(`9ll5j7_^eX{!3)$$D6aa~habaSm)sb5uf&i+-)>`l)XawJ=3MA~$4!$m7P zsO#3@gdhHW4zo7PE#yww*uo~4=I9p3C-!RY6g4UXE{lFKk%)}isAfST? z3Mf~he_-PeVWq+j$HKr+qXFR_tcHUpjlq@&Vv0otz{Tsp$ju1R$u*JX z5gUatXG@|~&{bf>7+_8IdE7EfK`ta9TQMBme@mtPQR0&q7&ofF3M$nmO~09`#!|_z zLICwhIZ%9-4tDr0JMr$=n!%!r${A*y^_i*w&E!?JZan&0E}r%Ks^Y~C_EvA^g)?FV z6AU4K>o|-s zf6MqHaS-0%k@4^LRhN<9&}T);J&x$?DWO4Q4)L>Ep)4A(??MH2pfzAbby>Ui&EVM$ zud0b&6qi!z-g1Z31HVAb-fMkr_5z}gp@~9{jE6ZrcS^QeIVRdBLZDhcV&xc4V8<`@ zKxX%Rq8?XYEIXS|6(x5+&PL8Q0UpS$^&?fem3}l%ri9lN)6YT2(_A}%wW4vc%*351}^oVgSs1U&kyH|zkZXt~ffAr&8 zl7ifYZ-x4F{0D^1kDg}Uf}qr5ZV}p}JsN2fXQtg)8rVs)EW(2A8NzHrBLY^lJ*s)I z2dE(W2YNUQo)-`_FmUfaX&QVRF^gHe!pPLy z_WgHSW?4s_3GR1nb>D1sI2e31wAXJoqH(mnZ?a5hxE{N8fN*?-;X_8te`+h0-JjlO z(Hf9@K?FxwKm#c(3^K;PL52n?lxLB7CujqgFqnNy?cnJE=PzyS;9s+$Inm%%Bybac z`V-#k4;=>v2e+;>)&_9efy^#+XOJ+{+u!b0CMLmCvI}<}ufdL;@aWF7alP5b2B&n# zkYj`j-eRH7cJAC{gq@FXf60&$5ABjgmiDYkMp!%c^uEptyCJzwQ_@L+hOqH8XRX7e>~zJK$z{`t}J-d zx1qlTV zMjw&fo{Q-ANEioUf1UW$g1a|9j64bh6YdxZNs56tRSKx_zZN)~6!|l-V#Ked5;zN# zvrx@ID4I*us_fw6sjk`VY+-GgTbNgVKFojm{yUiJyIzj;f1l_0dC2__e1G_=HA9>p zrs%WBh;UOZ)>TmyZlJWjc1CmfG^-l~AAeQZb;dPVZ?C;-e>yX(xN91!H+f*ffJnkU zP#_v;66fQIP!No)Tj(=^tL}@MZ}~)lb+TF%Olv>zn9M>H5yVi~*AOWot9^L?{^)pL zLx_avcNiNXt5IwOp)d?$tA$|@vYLp1ko*2S5hFsI`JpBdh(u^tXXd@74T1d?HHHrE@H8YMt(@I11NJYMDtdQ^pej^r$G>=PS5L_Zq zLOaR;?2=aO?O5uw%qmY_$fZ|$kG{#RJo}^>0g-O1b+3OAJ(@r#tDNs2ehv-H+^W_sO>ze}diL*974ckhZZ%9XqD+UV3zW zL!iG*EEdL%J156J%S4*qzwRiao@Xd1Y7m`ff45A!B6?P6^n43C()PU-O?#GEX{@+I z3;1?u|12XSKJ3_GTBu~+7)hUn7C3(~L8Rosa;PH;k*(XJW+`mW;%LPrGjOaSok7)_ z^1!7*9R>0haT|kBk^T-Way_Wx|B2x95Rg&q*arL(LX*M8SEbHLsoF9=^4OkXO@T>x zf2gM2)hi$KEQBppbxLJKdM;I%4J}^3YLHGg>Dn?@!yzEf{qT<7=&%hog() zyT+Aal&T-OD=ofjmdhDGTpWzVIi( z_Uz)MT{%Ab$d;;H@19iJr+jc!5w2DKe~7_DZMa%&g!E~<^6?{&JKQ`e8%a*`9y_YOv}z}vgz_szISyInmrkt?zcKD`TaQ+P zb*1ak@R{2c>IkgP00tGER;gPnHI>!DIps1_oz{^D>&7xxb>^BITU@q>sKe+ke>%GU zg^yq{W42@XPJPfs#mRfVMD)SQhf{gg_27V=7FZvbS0|-%qs5$-QC|64V+&ntViOdn zu4agy*@$XiqfKMJ_o&0NTw^pyR zOHOshPc_zmSf2RNb%TBLrIr8if5oW0|G@QjK@~soR3RpMdd#-1UZTbOaC*chikf!G zzzfCW_JqhpfrbK9!ZtN1XE>pLP3sKLGx#FmmW?ZtfL$$$qXEQ||&4_KomGM#8{}o+EJW%q=s3M(QH=}-eq>|>zb(5{h zS6wwbD!q_9L}B#orPZ;$iham#1?sSl9i#(jp0H)4%3vAUF-Kjq(m6i;$j&C!KX zIZ;umR2dQ!71c6}^CikJfwtIMiW(m`@%f|jsGz{LqTFb;RnU$KT|^OLB!QnLDM%@{ zD)X3#IQS1m_NDWXfUo~6JX@VbLnZxAE|f4@dT;S3RREW8#p z*in?KqINr<2){yaUu%8Qp-*quvKtp41kyigP! z7k^XYk9}=KCQ&zme@PVnzHZhke2Rz-DZX82icvq|4n$Kd!krlgS{ytgxL|)p*aA=P zLS&w!eWie`Hszio?`<&W<{c^ZvA6L(jaDYi5k-bw2>c!9)}tV8=!z|NX%63M$6d2` z(VBWEXHNv+ggqGx`X8Q(jb;@d6BvRl4?l#;CQvIiHtGrAf5k2hdW%hobrQs)*{Gx7 zK+>v7a|)oc-oit-QFqZPOgac5bbb_KhcT z6Y2*^Uw2%=sa}l9q>}K+CSo#w#S=P-PTHD-h}yH2;b+gkO8YSE=|d``_2CpPZn+o` z(3S}P?gfAlf7cKBEJXgw^pm>gK$lK88*GrdCmWpOY!IM%@xQYRVL3sAu5N#$7{y+8aUixha`x1R?O ze=31^4}G~jh(MJT*a?%vM@cb;8BzNDjsO)KQon-(pcYTsg&>kI+p z8RZ|5cTR^KipLM4#(0F}#v+M_bw~N-G?#*m6X_JRhXtHjUAM#=AT?(?@GxQ3ws&s$pT_6(= zW4jUci>+$Xxl=A2H4e6yQz_+jmq?s{mYcnIOepUu4AYh}0KrvIB^`+ ze-ySvg;K^NvN=;_T}b~TIpum2kvEZ~XiD)qFi=(K>>vTNA}ubqX0Q>PL~bf#f5dr! zfjcp0X)GZ1L`TOQr7{WbEIV_uw~vep!%Fr_-7XXd4Fojqb$@B=#Uf-E#Ugi>=|bzn z1Yt<8Ymet+cw9} zIQcA5ntOU>6*M$eQ4~Ce^Hov3)n-uQ90u_d_5knQ_uq*O*2_gA`So&9Jnwz*p&}#q zUXXneU{$HKRke!*+N#>6wArc#ELrxVQIJ8dUe1Q012HUl?L^o}gx;eJ@V@Mef2Sx@ z9ZT!6P!du@Nn$5#9@($Vwy%`{=Lb9~(RHEc953D-b}={y-6=e;^UB@6{*>CW_ok#8Xfi z`y?QHcPCzB2HBLCa^YZsf8Sz#6I^iuuUHQYoDq3vGy9Q)sWqO?o_23RJJucefwwxR z>U9hcFPvpSAo-H@A3U%a$ob}v*Y`Lk7Lk+~bbxXD*g^P%Lg5M{U_S%XE*S!6weAom zj0@X6N+WUrPXeQpLm&X(rK^N!q#1U?!#b5ffAHiy@}7lomP z&i9G*qGOY?(k66Ez4~1c&pWw`cam9hUdk-4WX!;pxD^${BXAFNIU)}i{LJq>@)*a$ z!X*_FMRMu+{=4@4e+Gf<2PC^prZubA4P_6v0Vl|akFsVwfk+!`Y3ZbzNbid+nNJw2 zR%u_M0>f0+hRRt@_XBaW-YE{b;Y;L1Qe}ECE|?6Ez(md3mfOc+gCdbZL#hN^Hri7@ZYLj=+r*aQG`DnBTxgJ?%JGMmC|Vlq63r+(qDs z3m5sp#i()Lf9L(#90xri`viq^M@~EoRx*xDT5ghg1fdRq6-^f>&zqQ2#A%puQK;%; zf;WOCO8;JQ*a%~!%9~`3{Ne+qHthozkQoE0?X679$!N7Fmx=~0v-sgGO=bq+N3a;c)|X`c!DF@mf@7U>T! zLI01je+9})#rRa&8Ur|4o;)k6VZsO@^Gz5){v*=CeF&14?2EsWQkcXH5OSbr*wO{Y z397oF^Tf}fH(yt`kCq9h2@2&qY#)$b1#bgEr$Ho}EJQ68(8D@5<%ik2;G>ob@L`<{ zp7g<*km|8>8VCr(9Cu`3sC;(!@`og_e@3JmfARkaXe0hVlq5Ze)?ROPyEAT2y{r9e+`QRagNFR%HLwS1aP-K=7{feomi-icC&f^uh$ z7o^_^4pz?;njE%(LMPV)58l2;qSU_oG!^6%`bBP9*f>)9RHDHcX?8V*U7)qemm72j ze=A8)kn-RUU_X0+7a!yT^u@ui2mbmX02FNz$ceVL_sethnbwMJC*-1_UXZ#bwzwcX zhmNpQtyS4(k>KU?|NW72C*4(ey*+Lb?# zXWgUvY|L(0ZtGJ|Syk$$1Pg^2((0vHf9XV7?qtp98)rx2YM5qSos4W*G{1LVyViT% zt9D&~?q0&5D*XMm<^STk1YD9JH<)IK*m-*-OMgCxrc$k-Anc$L_4~=Dgq_JVLT?Vaf~_Ek@QKV35csXgwD5`~EP+h#)nXWsg1_7W0SE z5Q&z{A0JautmU0+-hv#?K8(38mqyBlA3Fmn1N(J8o)XN$QfEPF0mbsSgzT0N4J8E! z%`b9zryZae)=EZNObxV$g$>Wte*vAX(&UMqEqtXoNcfVzkY@nBIT>5_=>I`2Fy!Q0 zd+jHfi2WkBN8gHbB1+kwgdqtjm3mAL|2bYRy!F}3?lXcfu|f#h+XWNFZE}P$Hc?2V zk_4+YnPmr0!1#7QD-5mWVO0G}@UmouOofte}6`nFhU6S zS^GhF9SCku0Q+G-Y7rOrgNa64l8^C@1kFGqw;$MR|ccII{O+JfSb!wt6WVldaQfEVAXN`3e=`(L48drZ{1_m=2BkWnWMAmTWuLZzf66rgi7!YlOK9OO%GYPn+@E-z3UfBhf4FW0U5RYUKU zOO-EI?Vg{$_=kO5*|gTHnw4QS(o;fa&(#`t+&4kqa-Oa7PkN=ha)RZn$`?Iqw#jI3 z?NRzpuilgMT3zoMzrYb0qF24HclG2QX|%4${;||S!s(Tb^`9wL0F16zH|1mK8O>7L zxNLQk2NVCOd2T!$fAy~5QB8evI%SQGcde=Odbb-onJg}1|NeDB{_5PkF2KGsxwY@I zz5{YLNHz@X+O3~V{~0FFy)3+!Cr}{24oFg9;b|8L;79VR@gsn2zRnOI{23i@XM3LhX>cKXCR=fAFV$DYVeBF?1{R`75>% zfn@BZ&>tp>2Y*9Yq;$ zg1N7_wHwdfgu-*;jGa07zaaKO0zr@zMq%ahZU{F}84C{07v{q{#wDS*SA4mJ7UXBUCG}ABl`j4-T1bi*_ZJjme zaDyZB3j3J|`*n{^ayLr8W~)_6;BB^ox$^1T3VJG;9?45qG9<50s3&gQ3dU@!)ktN| z)?bZXV$TxSF@@z>f2RL-Oi$u+CNnDA-B0j8DrRMCf1qnJEZg;yC^Op%Y`Vl}Gtev9 ztS!K%vRYfM#0tV~i!raq7;QE90Z78EXWk|WUbYzht8rfZx)TMyDLQvM%MPeWG5l|SDY|c0uahe!D7A?f>{5l zGqU^Sf4xuc+Ufvgi9-mMhK*n$-_-u;Cx6R{Hp0M0$efqMFhQKCZnp47PnRAl7seLu z<+G<{0osOhTv9o1vsmCqkXHug@WO^5`wGh+T~T4yvd!4YwZq)xASfTam##D+L&2Y9 zy`hB=g_|EpSVY6j>Q;mZ+!9P=c)iWKE|YT`f1W@B5)yA)fJhq4)YohYRK)~s335#q zXp>%6vJ)EvO=TvwSdbNBm2FT$n#MbT`{z=5CtdnfVcOa=eSKM4(s)xuKx>co-%bLQ zf3%n@c=0VR&`JsL#>iwnE`MY2+cAo4p|@0iZMbns+AkQJBWAP}C~{&xharg-1mTNO zv)~+|XNK0D;)qo{@XnQiOcB+x!*)Lp9u2ae|p-;93c^)XCZXWEI|{$)m2ZI%x?ucP|t&A zpFjo&%=@ZqoM4K()rgb%tF6FB7Ulnn4SXawpnt&|fFmbzNMwH}GkM7>Y`axXWH`45 zt718~2D&EGxm7>g(On#G2yQl&@!V>-A?5s<=S~cHJ@R&|v9F}fw}P&gB5egSe?gA4 z8BAXtWV^GuIa)6{!po@M?F=3HK_++;KaCDdR0EW>(1pZ9y{*CYsNugvIT$#>y(qfL z(lGba-D+O71;*kt9_ zcJ)YJw{_VatjF4(9%vhL^tftQOGyqSXqn=&q4WY;2EJmy)0{|BeQREVP1Z5)cp*O7 z2;@2#B?KG_sdpQvY_kk6vVZ(viC4B+y%$(i{)JmYC%J`#+NL?6Ydm-wgUh$MtNbTTG{HqTswN1NIy9UG6L*9xN z+)=FMRkLImwTotY&nsK~e;L`nAg)q2aGNHBWFCD~l!`D+L3pF&NKT4Cy&~w7AGnDn zc4i@)e4*Bo#cvP{DJ6VVOq{X^?&MGDMK0hQbW4KB4FaKT*b^DoE?dRMC7tScGvu8? z$;!jXO+6td^^Kp|R)<^@5B0RzSemj*mFX`%60L^vSfqoI_ID>Tf0OvKrav|bi8|IJ zWrP~d$1sHTQ#tI%gSCmgbo(M{9mPb|Ohl5w5@S0N1{JaXvs&FUA7Hi}fQaS4+t;+! zDepAEiZ|0VKQkSIkS}uMEi&C{B54QRG}?a(ERQg5@TaE8pHKx-(g~5^D$3C=2JNR- zAQy-DLG?{UXuv}xe_{d18%)Dba+nhnUS!XsYz;vbiJd)Ki8v_w-gNIEIUilL7X+7>AQa++eF?Sr!) zz29jbpELPz*Us zl>c$X9N9Ont?iYa!P7gcJaF5Dlg|+Je~f7q8E#zBw-^oYfj|dJU@>Yj5DzKJaC=3; z*q%6UYyb&KgjxufC46Pp8%cod5G^iLfatY%80_w zxk1Vfo+F#rshOe2>MDr8O2I zg++dyw&RSH33RD;N|kG@J96@2nUD#IKH@>Ve?v&Bfl>Y&d@IJ{r$&)yj!d!GumPe8 z2klf#qXJD^j(LyghXt6(2ANfzH#$6QK^BKQchl)Y54rw6^x%cv9V~L4! zdN^9v!D28BZm@Bz96|JZgzg}sXd*ZAHOs{r8+5g4Wc|Dd`D}am?Q(uoJXu8W&LhK0 zA$N=-hB-vUWw9B0*$9J_r#A!|PHg!0e~jBF1!0sz6#Z)n6H1))h?hD@;zrS@80GW_ zW!zI!PMP>)Mi~tywD2~WIGrHD?XD!zq=3rHSMhBQ*_lpsZ4e1i}!QYCD2`g(>vR1+6y)#cPrDW#Y{Cx}7Wi zS!8~Fw|l8x4dYU<>(?fTM^LnHmYleRB>YOd^5@)3t>>Dim`- z8Wxs$;wri#eXS5>%x;nE6jBM=e;CsiaSo{iNJTzrk;p>GaFNeHlk1{y!2qbfUEcOE6!-EMRMl4l6IICoA$uG+N_f+u zV@+(fz&}~Y@P%y2EHB?rf6fq5R4otVV>^a)8h0a$DVXZ>dnR0Im;>Z2l_%Js^rQA@ z#GBi=0CMX#&?95O|2{|feW(W-C#H+e>J?#BK@dyir~J1 z_l98aE=#yhB*tDVl9dviB5?B>QE`-@qR{p00HBcU8MG7R4dWaB{~-&UB3Wn&mVDVepW8$*!nTejH_*bz{K|9PNTSTjadN#2|k@1spd z7rOam%?A_sEr?RRe_j|aHa1hrGVsCyZHOY|6?#c@JvN19&&N$x)DO{sXBf)ijn7>? z&cnt)$O1!-kC`x|SU7WvzemC9kWbrpEAuTd(w>k-$i6r-d&xeiA-pKe;WCK8z)>E9 zrZSUuLTw*qUZVtkrKt^_sz=$(e8(@|0ulYX$k9AWYg9pge^O^`xlrJM97ut9H6@hm z_nOdY)fz#El-k5k@Jbm_#mEu>VVS^et!fo?w-&5udI>%H<6?`EI?;7o`>;tXTQR3T z_JYwzdf>?AgYr_O6NC})qZZy#i2nt(BM8X)VOVN2ql1e;x zJ{Rm+>iKIWzbVq*%wd_tSgZyLtR|m}qn2eN5E)Fen7b2$kBH{)|Su+Y)zWdwfWqALR+Y;z*~c(MXD$0Ctz1W|0M z|KS zf)-Fqs`HIXNN{@%!wMNNl@*ado10RpT0cN;#S92UdicZK``qC{fk_eRiyn_KN5#yn zAOHm04F#ZU+j>;4Ic2+LOX^?`n1rpPvWx1#f4jXTf8Xua<)XeI!Ltt-2G4a)p@i}| zP$u$M12K?%F0ldYnk-b1)jXF!{QkS}H_t8Z!!0Dktu#vwW|lF;)1J>+zNMsUxbaD{ z?V&joR!vgbAe_e$xAO2jkTybR({}9#{LpBl*#VEt%+f3nC0jJ*X^Gma1aF2y{s_1P!wr(h`c8-K2>3i>&92|WY7%fc81NviG`pW873LdMs8seDA#C9 zpcR$tOK~}wzX5xtYW}%YE#RM{=P_AkXG_(0@`nb^=@Q3A^sX9WGcrhQRoYk3f5G91 zv-29Y(T$&Njc@~N({^Ez{!O?8h(?#HM*2joq%pLu(EuhzA$7Ri;ZE3JWyI2vQu@u* z4e_|nhHw(I%WR(y|!NnOTm^)|bp;kAyUFX3jtV8oq z+YL93pEVt_V+}$aZh;f0b@$Ff)ln z@hH~u>b>uv6L01Z?`!*KQ@-fQ%ghQxIYVcC4h)dR(lQ**JZ7xnrX3`m%klsOls-9o z9%x~*EWEza3Q|{rZ_tAAR)VZE`2w$P@|5S-|D>glSxqtyIBo+kVU9W$1L9OPk1nAL zFX>ehJ41O3nZZl4<+2OCe;K zd>n6_82F$&yr0MhF(38$n4wVHly_jD4VM;|C%tLS;`>C5X z`@PiXQyRd;#gpyFD^@D|8d_1Q@SnO*ruJw0eWgA&Sp=Np^6-5Ie};RvQu*z8|FSlD z;c~B;0)OaBq;?Dv!4S<;8cJOPq2c~@hTb@~pOwnd{%@&kO?@gSXt;%3ad(?Kr69rW z7D=XFOs)lX4zZYfphej=aK++SMhK?+mJ6IWmE>VcNXFZwzq>>RLg3{mM`5L+(zNML#@Skm|GHu7ng3Yh8-ktb=C%ktO4RKaO#l3b}k0c z3C7%7?ClU!e~_+PXnNRY!2MT~F_joGaGaV_x)1BQw-l8md#8Ym~So2!Iz4$It zpm|Cl$5BZgo80)|-+%Yl_|KJOUfZa6Gh*y^P?xA-f1<`-7y+h|_)sq=qEIAL4tZYJ z0igDX6~@kGVp5dJnn(gs=|D0%jda*;-IIp{!mBN`3+s=o1|%FPdX|pmbDE2*nQ=Sr(!F3R2*DHvJJD1U z9a_4Qe*g()1#L0Wyl@@0CUoVTBUcvor(i6Q6N`{CXJ>;uB{Ve z@7!r10(o<7ln9BJN1Ig35XiO4q%Hpjvk(>q=9Zu)!AS`sFh*X)jTtD0kFI-BNGIg; ze-&SHX9)3~D8NGiBh#xPV`HvE_<**e{^a=P8AYe=a z0&|3uF)!f+UmNpoN_UXJIWFZ%iiSn5c*Tm8S;MXTYUWd<{hkxQE)~+B6Tf5H;!7&* zKcTGeTq;Iqgs0_WY#7GyYg;6}vZ2a`e}I>uV6Q0)*MZmgJnR_+bUsp-f75(e zw3UiAcHn!E9F0V|DASD8wZ3;PAII+*^v!PJOA>X3q-Uyh()xgFij4n^-E&_)ugOu+LngzLNhs)dE2oC z%`Z+@)cNoZQ4Pqaq#cu<;ggAf8i`Ni39cK6MfU)Nq)|RP@(TH8wz~ z&VfR6ZpN*FyabBG5hR*}e^%&Xjy|`XQnjRv=b2zptoDCG&tJY4WjlkShYDsrloqXv z#=PmQ(`>BV;txi~rmRFJy=ypjrx+%=gT>CJmOI@tHfe`f9BWM&%!1%ef>T=99zpF) zle?nIw6#Mpn>Mo33|d{RiC?YIYD4#UwJt<{RoC~>G4^Z;R;P=xe-N?7{v!n_YecD6 zFG)Z&-aPHL`1(wi?5%G!3!jK*=$|X=Ft(wPGkV|#6sqfhhCtCDDX}qA5}H;!Hje)- z{*xUNPDx6yk@h)#nb=90`mWZ$&a54iDO*WgB(zze_#;R%<|9C55X6v_s*rbxg;vmE z5XJeTW7RB5T}vwJfAka@BD@C2uQ@kyy1Evqg1|qf-ZI0%dfo4#q{M$*OMpR}+=$E& z=}=T;9vF$DSd$6BRO*GXK^OB7pB?qD`+;ZF1XkDsl51;*8@TID#2xln24RIwMSKjC zozTRABl&)txl#RhRDbce@v(%E5CyO?>78j&`MP^r8N(xwe+jo5CB(+?O0l)t<1qSe z_03r}Y-^uN7MuTObl8dlRZk7j&q>MyAH^E5Nm)0ZbCDM!zTxuip$d&ERai!7T2V(w zrPI^WZ}_9srcr<}Zhb8%0LU_k4J}k!)Po0`Z^Tr0-aW2quPYKcyc}{iW(D1v;@GyP z86Z1MVnadce*!Cdq;lX5TD}L4otVVSOj<(ID#+!N^c zQ|GgXMII5_UQy?xcNj$DxZjB+p;UAEzhD)Nt=Gre`^4B&k zSKgh`QubM;oq6E+6YZ5>%xEb4MDk-E82^}8egSW_ovDvwuZ-5X>vxB@cM3-@@=)ji zc>gb85jg$iw)@}>nv?VB@n?Hce||aR4EEV}e~eCn!}A)-(`NW7Gk6e#70<%6Wf2=MY;pPk2i%wuN7SPgGZ|rR14g|E0Il~vm!3xYT3hef@mpq zYZ3p(azGDaE7N~;pu!PAzU?wo2paDamyd)M!IVCtIiqr?bJTRfJ?wTMe?W)tkQGD_ zcSx1l8mt@<*4?v~J0tTpd!w-8SZRTakA-gQ+@Omj8>|tq_&mqEGsn9YI?PJKf6Z`&d(6+TUjFoQ=ckuH?EScxo!wBI z2i@jqi(hVw^7mlMl=+7xf4Jp7H@LGer%AgVoI>E@DDpB6)!_ z%%@X@HM1sbCb-wpnXm#D_6nLNn96b3%M=#NbY#e#7=j{Oa@!60l(V)`UHOFggQ zlRj7GMhJA5U;GjO`G)@#2^aB&%5<-r1Iu2!m6v;wQTELBgo*k&fA)us(zg=(uQ~jl z5)Q#GGY{64TQ2@d69jnmngW(5g%Y=BY$k-&{R0Nqg*=*t$;>^co=S;L|C zTfIB4bT(`Q?9fmsG3evx;}BMu=q~Ixp^pktmoS8Fb<-_sw7sh+u=!c?zdLbT1EGNZ zx@~2^*flVFPr>NQfA7;Orl|H5#Kq!&NO0t}it@`nXh7@Nu?VRsdc_8yYEG5B9UB|f zi|Q{$N^Y0(70yE5|C*_cV_lzeO0q!=XoMM^fE-6=l94p+!Efgup#RfAG6vW}#Hg*Z z(xP>KyEhm~^5=v8x-K{dknZwyd;Rqe9N$)eG*pwCARsq)~^OlEx_pt013 z34@Q}A`VNqW6$0(M;q>afawYdD#1+gqu4Yqd9ZUDeF^zcw-gs`(+_CCq;arQTH1pw zeQ;0mN#wCXa2tI#I@E@s6O&~rn^=Ca0)|^DmBQGo;*4IP)Ot>Krc-G^Of=IT9o|Tq z7-PAR8gBp0Z>a(wzCIRq>85CC32H5Anx!vm@ zJFAKG1xaUp;c4}NQt)haGJqN@&s#vS|y|<^z@RMBYPo6I+5pQh> zr8L@}$+$MpZ}w#(lp;^ak?N46N}k)oqxXjwaQGFJsLVzVZ3atr^oTC6fu*YEU8ASE za>t>iL9!ReLq;p&I0&<;KKIn8;(ey&j~Ahyf4S48V`X;C-^{}yF$nbuNS*4*$rKOl zqLCP!kaN&LXB+8ctiid%$e#Q6SK!%deuL>bZ6D(n?%k4tCbM#6I>{Vd`yf*^;)F?2 zI~_v?f>< zxMT4{fNnOOsA!LD2PWkr5iS)cmmF|fpve z>90`Lk^0r-B%n9tg6=?W8AoLxSHGowe}(KHQo9Ph+sG?{R*g3_NzAH%@zTJim1V&S zm)#)>1F*Y7szawY=7e7>yOrr4L!hVN9?=hRk23Qm2a4_0%=IKYvYr~Z?~&VCTun+F zjU*@Gt%dC(s}byq40lzV`CvM)l;~uMoO_ z_p5{hHU8rqaGt)et(cgu>G@h*g-83auC^&h8+zJlcr2BVhy+^>qM4-R7FI}*xe0D* z)rd>#+kmEi^dWCS-y5g%_;cJ+fBN9_j@)6^@wnp)bHn;;01!|rAPc9Zu^x$MDDz26 zqUZynj<}s*>a{wPsMl(t2!wIau_GR17_x*BJsciO9>#cw=!U$sP9l5|xqbTq;yy;v zlAhN#lVE^LNNvj@tjsG(^->E9ba6D7EIG-EpXasvgC>9%ohEN;2&*e)y=7P&OVlkq z%-|5*-GaLZcXxLU4#8apm*6@$fndQc!2$$_5Hz?;2n2VRZ*n;Id+$AO|6qEpT6_22 zRoz8DRoz`qU|+%wrUp>_rTSU@9bQvUUT7Gqt+tk?H_E^n`PA|A_r2t=In#%GO~Mwo z_7uS7WtvlwORYUp6E*a4+V!yE)DMEqghl7KC{le=q*KDOQBC+Inspy-j~9=<5E=q` zvQP1IMd%9EYBlAM3j1s59u^z4>u- z7D0c<2lE*y&WpIBH1GyVu6x$|t znNYcr28?Q6FsXaz-i#k6H2HdFboez`F}WK}n*f$;6%Z6i^kw&iXishLy57OI==9u3 zwoLCK?%uyuFW>lfbFaA$J+7h)c&1NLnc2H|m)U%Na7;A02BChx6JEj;p9$A1Q_$Mi zcSd{LTIZrIvM%W3PHV-Kx`Cc?7}X9~c+G+M4g5%_EY-7~K`G*?dx4!XBRi>Uhu|}Y zhefVI`1+_FuAZ}5yHm>8do6T8OZUGtD?KSTCbBSu1 z^V1d>SZgffv1kV?T&ryzu?03QOQ_V!WQ>KcB-DwHrX22AW6L2_c#?~+twWSBmO<-r9$DgtzQmpMfyxZ^|KC>eW3{dZ28rt zqI)DUE-0G*lk!L87&ai1BjIm}Wq+nc$!{LtfViHE28xt2qID>uV^&5DgJUI_-`*d8 zVRJhP9nPrunu{hX+cO84i^nfN0OfSQQUcSpp6+>*WB4f^KEc?3Ai_TePX>Dgm$svC zi<;A!872>CY7mPfH2M!Zz@&Ni&T5F7jYKVz6V)bar8z#gaWC|lBDJhWM+<)|kBkqZ z@R^RMuih6IC415q2i8zBqlc=;cg!j)=xd4^LNY5Ww8TpAgTI(KM-z8esoG&Y+8ElrxC!8_I?# zymJrz_b^!yY`?V4r-?X&-&SZImsoVUciN^N74nbG>yOo47{6G`*!r$4zCv~&rrRTIlxDG3E~nn_ z@1z1P6mcOFSFUvP1R=HlsXpL8mUUycW_$R~f8I{HzrE5^5oK4v_p+$)en*}!80Hb# z$a`19tV18Ks9Cn=O_DrU5tjOXR@EaMv`v zZsjtmRrg@(krd@x5z3V>Rfy_kk5lHG*<^u4sgV3aO!$L{l(~WC^k_<^68bWMS@BO% z?2MbDJ)c&RSb!ePZHHJ0o2-0@{W0j*4I%;E=zP=r#jPKepA-GjzFSMwym2)NjAVf@ zf~HdNbd=|LG?IIS{!rb3XOJ=6qUBK}oiPijGG_hAQ*>pnri63hz3`Skn_M?`DcfH0 z_MogOuWt>koET7Pf_~0Izb9~0tgJ@0`s((gh(9d#(|x3j{XVOl3AxogVr%l&je>AL z==65ZBx^-ZaYe~w`X|x^?0MbK!)9?zxvQ^9^W!b|!jxw!O%e!fV3TmaOdTsu((xbT zN~3U{TCK>ALLm8qqLDn5B#&*+hu4@PTFf~QpLwXtEHFho&Z z(!etrGcE;`#&DC2DZ48w=x_7=usL(ZWko#VLSRhb2rxCI8-7q5vzp0uSHXT_^J$sG z!|X94yCJCmtx?km555{49`LN{OSfH?LRWJI6&#v=@?Krb-uITIWQ*(BxLQm%+WPSF80)6P?mBN_3>k1W?zXW46Xec%n`y=Whn+v#X}oIg6k zqlE`C1A&wxDpVMKa;(kVbdx3HN|nxdubvPZYCIffGaGC?wXy+0rW9@MGoi1w`O}y` z>=y5RW}t(`w!QxJ7~zWT?O4qiSG{pm%u#Q>{YC1JiN`dO=aN#lwe`;D))}Sumh(bY z&n0sahrXJWaFyUZ3)f$dCWHcn-{dsr0Mc?5!C zV2fWo3#%Tgd2tFxH$~4lOqFeRUvGSB{aMUnr}&@8beeJ_!_dxGs_M(z8uPOfvH5~} zKP3n9^xYiU{^S};i);eclr+5U0)4(a?(sFuVe5zHUh`f1$ax~Z;UXvY8|C?%Vb{-FBdT;! zgO`2sB;HeCH#%;@9b3^sT7jk~ozT?nR`D|INX6ttW3vXMtcjDQ&f}juYOxWcYynjV zGAWFRd{?FGk`W46b)tEb;S3+Yl!JJ%Y37GiNT1_KX9`L+&JLxQ;SWxJBP%W+Ih@xD z-|md$?R;hbfpv{&j703Mwp4r~y(p~y?aVH~%fK%H{KF?e-)E8G!_-H2Pp=?p&1$r_ zQ*{rLkeU7KZPR)lqZX%w6>djETd5&F4MiTmYs=3^%PS|G?Zw0aG0SaYo{Z)zZqsY; z-;ZKO---{~RwTR@9!@8!i#`zA0&fqVu?o-dhKIqh8a?hQ$p{9`EwZlKN2 z@6nkI>!k?Q_EbiY5ajI*b?2@*L0q?snr=R z@D9wiep_Dh+3s`Wi4ev#795M+)K&Rv+tEjVQB9Q|GJ`W^akHD?2)v4#oc$_8qf1rw z%qHYgt|nET98hKvXPrnpmfR;?w66m;Kc?$K>BO=ZUDHv%fst8H7c^-LtQkMAhWf%K zY7dbWO}<^N#o$hl^sX&**XDZ^+imbNp6~{jRJ%5XR(;5<*U0q%wDcG-64J1y$COCr z8M#aXc^Et}y3jW!3=SoOCIYKX-y70v_+XCIbyA+TlXoAROikVq?*_CEg4fx}ug>hd z2q^><)V?fTfZ=9TfyJkU@;PXlA@zrsqKzH3+v-ZGiTi1Sx@QltboDvOR47KI1BGDY zclHq;cCX}p1%q?T66Lh9{djSwF9I&x+fEU$RUKe|WiyTYRJK+xFUZ5srAQIQ3`s*_jeXXOaZu9VTRVstTj6T%U`@x@$3wW@(m0& z=%i~Z1@9%%s}NERRgSErk0E?)D@0(hx_*?vHFC|}2Q9O(ya3$$-fm-EqYl*s60VV{ zp85dMscHJd(STs*Ps`WQ27~rW3T0XWbC_|Ge^y&Kd=s{t)=Z6!r>7An*oMB-3uuWp zwI?lKxxy_m*2x~CwUxKF(>ScR4iH(Zez$oXJo`0Y&N!cE$0{wl(*_@|5~FPf4&haZ zY5%-GygxJB8~2dAGKf+t}vQ$D&YmiT&^&<1OpH z!WyK{g%MO8R^oQ*B3(0!4`2i#%uj?u0E6l>PyG|tg0F(c^efrsfA-eexCR*Y;j8ws z2G^cX3PVNPlUcc&T=(vEb?>8&RTIZ+_H?_9Npu-Ge_vaZySu@tI6v-fEi7=TyxCbF z+4^~2xpmindb&Nl(0;e^Cdkvr(=FkX)fk&-o{>r5@-x8VWP4*UwGvD?SU~b8D{32Y zCCjup7A=f%2Oo9KWQ2H_Rh}Fhe%)-N>nyOu&2{clup6RK;(c8b{>Jg_!#9VFyN-dh zM8(JMUwoQl)Q!7AKHkCy-i)|kW2@GzjH1hW2MO`1#*fSpm8QRikH^rpSGa?tn-dj% zsZ-PAyN*qsv44N1?7RRQ*1gUDnl2nr|7^%IV}fnd5B<_rxAqOTQMrb1z2@R=eN%Iz zjfs4~WcdE)J9?9ZRD6nypgTSt5B~e;m5zcDe>sZ7H1B8Yyz<`mVWxR!8IyLN+dNiM zH?KLB_&scvr3WqO>Whcq*&CxpYHM<7+}vfPcM*$|lZDe-_+t)WB7o?|y&~wurWthV zKRW@rzKxa!2lDA>&eD-MPHeG7Yn5}e@_sBe+(Ul07TkqBG$*E9WAgO;@TA(Y_~@(J zAvn*-#2-naGqhzXd?#|LNnkM-hdP<+tp*Tr=K z-RiEV88MjG`E)w$23&7hH3Y21;P8;p405T2>C(NbrW<&v!4Q}a#8@JErE>^>evR!< zf{=FNMNn?Datj+dFb1^{$4ovl(+!xFt&FXsaW>7laGB{vV)5}4tUuPX;|--1b{ynf z(+C7-df#}%F;bEo2KN6@&ZNxcC?_Koqiu_sTKlkc{b5iY<>~csrZ>W;$Hh-;M^}Ym zf{)SE&g&&(9^iBlY}N{WzE7iS=LTT)MW%|~V{AiFI$p_7RY|X$$qR4lsXTfJ-*)XJ zXX?;;d%!Ud<5FDh;lq}XvfjBbOc-nqawy? z_3d_-egzHrRYq{6-s%iib~8D&_Ud@gOBt?**vAJ=5dT>6Vh%%1oN9UQcSh|lbUL|v zeQ*G8)!$68m(x;cYOjPTa}}F9f`Ma`RQ@YTjR%BLz!4I6fr@k7H~Iz()zZP(7Q3_U zapmJH<8RVHH)Socp{a%vrBPwAW=U)2P1Zhz)UT`L?X#N&AEC z!$ZJrgD2jYFBCs0Xtr5lVMlCgCN4kF+3~C_zTJ|ua#44f)LI*he}FGQBlE<3s`GT8>aZbh-TUP;Hc@#L8-Qe&4z59AUP8m95pf?ihwu zN$)rGHCUcBRTjaa)@<41Ba?o(Zxw4DHHTD1@x_0lDYfVvaO><@A91XraKo^gaIU|y|xp+6YCBJW(tQDyv0xv!E6i&h58 zPy||F*woG!g;fTYGXPiKNa+}tVcg@1W3BCmzWdbVvEnFWc}Evddb9-X3-$C=KwX)T zE9lIz4xQ7x*OQOpUq~~jxttU3f zvAs64isF%V<@D?rbuP2Pqa?_p*!{5HRREonq08CvTl*Kwp%fsI7Mnq@A@h7eB+H^L z<@WG)r_3O))aI60>_cNnaUf>U`mD80D!93+e`2`zAfl@AmrbAJbjLgbFJ6j*gxR4U z6YbG~p`B834LzkT&d)zE$7;;JoJp+E|1gu~rn{_!t#6gj0;;Cd<=yN=-A8wk1mb5g z(($hExJsxy>#ycQyseJ>DasSry6Y;6yv2T@Pch+sR_wj$I2*eN{`*hzBu!Z->5x8$jGWvh;!6eznR_vD&g) zcc$Y<)KAHg>N7NAM%*O+W|NMvSeNk$=;9xLD!wgC*4N=tzH;_eO(Tu2jFVJ){SLRp z_9J1qMuy;ppC2FLOz1VuG0?$I^-UOF*!m;KNcT@gfC#S2$XWGe2oXo zls|9*hv){%_Rfs_<8^|a8xj$h!c5L`9x5DWKxy|6#Px+Rh~c+Ro02J`%1RLMTFla- z=G5ZRMZWUA7x}%!JPTs3xYe6IG;0V4-poB68)5Y_aE^9`X7~GH9A_;AG~TiXzSQ z(;+(W-hIp$J5~|EaJo?YNw%(;MR-1S?|}-~!m~Da8JzcG-$j@Uzrl>gxC0e>B4q;f zig;a@_cjvPMUDGkV+>Ps2uj2jX1{AwF{w5#QEHU@DL};8T#E6@-g~hK9M=z-Ocg_0 zA&NJcUdk&4nl*kjcv8-_AF0O1N~&%z1D#!Qy4p$7gdM-!eCUFH^5gu||8!BjQ*lsyWQwIGEm;6vBw z9Q%hsDZ1_eCcv>Z3|d+&czB;-on+k$j#F2C$3h{*&rwe#oO`#he5Ye!A#fCfkGZks zA+mj)6fu;UT|j3b8-tkqS3hf8xo-lV+_#zo6uGookrDFGZ^`AxMU?1{1(5?0+BH0?%F6R76P1lVr^mr5KO` z(=!{3s}5c(-{c`hj&PeupaVui5_8d`d?iJreC_nSxZQ2Lv(Gu{1>g)0M}I~cScU0d z^%fh)D=Tk4#ig3{u~LGjG}Pp5;YTW?zYQ|C&eiceFcZN?mcN$bNWgmb|EImTA>giJxc9$ zvM7u@IE*rQ9A@3r2+^I=w{d?JJKLh^66bD|PyYV3E;(L#2_U8Q!68m)yQ817Oh@}C zYi19&$#|PS4-%0`$fvO4l3#OuuFN@(lV4bdpl{IWYR-d;XT;Fp*}dxWsmdrw^L;R;jOGc%iwaaSq$(zy588*g-`S`+F15 zxsG(@L%xHhTV-0c?OF4GcIasMLxEIg^ep%R(uWtS_4*jGZ^CvFnf>K zJKS=EgCY+dV?-*sRq(t5ft6(LytYW(8?J#UKW+}wcJjRz1ASL$8pRnUSLk4NN+tkf zidPP&7HO;)im2;X;z;4YWcCus{q23~9Z*m)m@>3U9>o0| zEN!3h{m$>p$*>ciZ6pgD+~&P9_ima1y}aoo>JUahsZ;vHkN7U<kEn-b+0xMq`P8fEKXbb}OIz$5R6ov0ntVM~R`)h4Y za#*pVOULaEF87PJFYHQi8#1QhRwt;(c)|GR(W#>*!a3BxC_-iAkDCtaOU4iDxSw!C z-^Hlq*BSa8@Q{%=3SA+qBJ(9d#3f_Gz`lA@5jDfZa^UYQ4JK#x3ZcN=$qS*9dg!?0 zfT@kE;{|T&(%Pnvkp{P4$X2hsY>xq&)m^78&m07k6SZEH%@{q09Z#RT#?%Cx=3R(k zb&yH3*{_>RR=MC%bMy+QMk3fvpAyN&%FLDiOvmoYq}ZSS81i3+m|hKv*qHum0SilF zAuVL19JDGOTX=b&A8ewQc(gU|_6j@!TrS3w%%&^|@2u5>xkMFc4V6}{IY&1=WnRme z2$f_-4u1Lb$3vNuwKv_$PPeebHN~Ia4i1i;rdy&~#AR4wGviYL7wYxo~n8~#h zZ*YWLRYvBjc4@gqJf-pT#;(REw;60CGE&YUNhKbLJn8rWpZsE$X}5V5_sHQ%9ry5*Qp?MH@p9=6OtlM>6Z8_MQy%pwDW3$r}7aC6O}3%Z+=3+SZ0K5jHf;SexvQNfC_hnI}nVDKH?2miH4nw{=;R5r9MkP-wqJ|#vzUV4xZj%aE z6&Vp(wAF*+fw!GE)sf~qW&IO;4kePgs7F$&#beR+h^4oWQa>R%xI;NN>#Zb71o!-% z9HL=CRKV}qIH`$GyfFs1A=E*8K3g+&wLFOezX&AA z0BHw)v-g3*Lh++2hNeZb*QdnQwKf_wX*F)So#QYpUqm zTvZ^F1gg#_rbba(WJ|ae5l+;ycmyP@V^!_Qmz!#-X*5Ys@fSb>TebRh@?Y!0D8q?omuSSOgjYCdi|}23Y~iX!+z^w-tqTugI)3qqOH^9 zFy%n>(?a5f)`ID=NTd~C^-uU0Cy78(j8plz-&0e~CjrQpDr)6?2s|S1j=}ah)+K$2 z!+-Q7qtSSSCHk>(7)2aU7)OZot*@;mJ&)KkkA8-~_4139;{kgl?goE?#6cGn!UG=^ zXRu@$)Fc=niS_V?VN8Cq*{!KCkr8@TR#(=tNY0y>Jla@TfP((A<+_Z)K6;BN32fX@Y+x6~V_a zY|35caSqlBa+Xw{^C!gIJ6ybKj&ub^6M{|Rq+|Ed002Ep000930QfkvS(-aqO4^#+ zy<_!patt?Cc3%FD`4wRZjB%A;miIXI&g@qFEx(MLMRXb9mvUV?bUM{hPbTT%UMVT> z=(iSb05?QZ*;=ECkHGH20vb0ZU?0XExdb|Z@LP8Jo&SIeLuS848B#} z86DkEEQ6q{7IbwAtvNrPKeXLm9+E$w{C@nobNx72rpm^*jl@=aos%dU6mWljc({L` zIBuG60=~UFye)Y+8?RmK5_+V6et5b++;2V}S0y(Q6%l>DIlJ|0Udeygm4@KB+UW~E ze+)W5(PMRbC$i#vW#@k0`or4Y0W4ZFQu2huma*{o{N!_*U@TN0E9-UojrC}upR`@? zcY-FTk$JvN@dR(O#&N36zT* zQi74TgD+$nK~W#Z>qvSIsTfKHRCSAJEXjW;C&D5Y$tJK>^cU3049Z1LDZ@zH5ez3n zDqXa(Iwejc#C((xcS>7U*dGyQtr+z9p}!=8jiPNb)yxD!hG9#wGUcEhsXS~cMy8nA zUGOld6fKkAY%y3KREnC(Zq^n&3@k;?q&LeBmIsz1W>T2>1rNiN!ev_c#OLvJm=c9`8sY}P%lCqIB*+xM!3b* zV-qmGn_n+X?LTlCw@3JstH?%Z+%~^nh}!r2sYi$m4SM?1FA+w@tZ@6HaTm(@oLj5xy))(j>+xG=W&?_g6(^(JE!@%n1=K?++v^1!>3o}U}NLmG7MBlC- z)RZC%eH`E{YR6*lycCcOK5VGunVz9wSB9 zFCH+(gbmdfGBTJSX4tl23azD_WCLY+v_<*6pJ~ zHO86|GJzNxYs=l3SaG@rvPbcykERr}I3|HZ!_wO_ZtI}mbDJBx-@yFS$7MZ}e`LSn z#*5ZJ#H?iqzfr@ezxmof=9NdonW9eXLyGi=`@YaVwvDZ7k|kyBR}prt{)eowXtK7f zm$Dni+J*yVhMl)!QoEkZYd){~Y{mMva7Pb=&n50#1L|D)D;L*dG%0H84$fP#d#Opl z<2D5#gG%1;O`4N<6Xj(zM8rJ3H$nq^i?#OGF1p5KeTw`OR?(^`bTIWoX1K_EWg_-s zFq_-m?|><;z%TwE$WY~$^xl7X5;UBp+o?OXn#1}M=hnlktTInDjI@NgP1Ka()??+Z z(lR}Y1cAKSNU1TRJ{Dt3heMoaupDFoTc$Eunle~2(OF*8SoTs`CQ@uQ2yH3wZ*4Z} zH5)hLZUGl?wj}s*K8EZ<{f+e7^5Yo>5w`0Q63Y_$^AIkf6Y4$?;xD{0*Zgcmog6&c zYQbmCKQv&$uSU`@_e;c)(B>e-+Hv3NK+DSUT^ee*wpObQNxX7LXh>ZDZ^dq~G!WQ+ zPI%u!XqZaa?nFo|N9a%0AJNA{^Nb~5ErrF9tfau~>@rT7Y9OaT^2xf`rJg9lX*wl? zz?G)F-aNZLN?QW9yeM1*1wjWzZgooy%Vpk&S>-ibe|$8jxkh>2hKX1blBH!UJ0b^w z^_uIb{_QgF(EKn9HZ2^mz26E&1oC67H`VaT4QD zCu{os6@%iuBFop%>kT}e0pqMV;#Y+JJA_N!{rbgj*kr2VL)e9feFTKfuw2QiQo@*p zQrwuSqT!NQN3qsDVd3zETO5taurvws;Rsl+uaNk$oWq9+l9L@(q#9_zDVs67nNs0O zR0_29cVfSksqSbwLc)m8Upq`36@N*YQeb3as4A{WX;7e{RnIKG;v5~$48c*PD#Kz3 zi?OYeLN=#LXXn_CK%nHr%nyf0L}ACG;9*O4%gEH~aYxIFme45H7moZ!B(##9p?6bA z(tQC+4V!!N3dgFHLKabV)xtk@9t5x0|RDKIqj)osj5mpHne>XdZ+_G&Dlx>`!n^Q6UjjneNR z3^IB}YOgc)=}<6DG`D6E^Sh49R5ij()mP3Y{%Jv@#3t&#fsyrC@JBBl3u>#A5=}vg zj$S5Pt{!}d6WaF&41e{oTIwb5=)9e7h(8M&PY=FJwWl_X0L&NlqJ~)}zk9T8^f~Ll z-UDV9IwdK+YaG`Kt+!F2pT1!nHzsU4Rul2ws3SYQRv5PtOjZ*xbJBD?QFOXM^3H%G z7Lm&1rm%VaOc@8h#NTh?YnM0wW}ix@v|>0if7JiyE@!W0_4-JM=egFR27G^eIivOX z<}$v~;+msx`~7!3o+4e*dGlB=VjrBJ1;DPF)s-k<>l5X4;taYa;>ZlTyBVPEenrI# zdAgYl!>#02eB)eCZ*abdTcP&-IaayzquX{D$HdekRXz>)@ZID1)p&RP_mDg+Kldc3 zN_}OwHsss#O&1N;W9gE^X(ns&+gJ&6n~ZN7dr1>m9zO-9!)y%=6&AcS8nb7jO$a-% zGqSaxJndQ7Kb4GBP1zwobimgzb27TFAW^=NCkUm(=P^U#bU5t%Fg5oFzgSY!C1Mg^ zdkIf}$wN&W%xYZrL@>*;-&SE^uO%f?nVFp?-9~XbTbcro`ED-hJ;SOd}V zJ>15(6w=nIZ$mz8Wm~WXCo*EuO4Fxav}7L@k@2A1RSrI=p&{lIrt{HaB6hsbl}=w$ zw=yj|sJ{{UCSc>&Pt@U}L8ll>uNmtzfiugr@0gBR0-jKwTKcZ`5xKig%4v^iyhFZC z0zO+{Q6Toss5#QiG^jpw7xy-f5p~bJkN5kbkkP$l?fb^OO9xrzirFiL@5&VcEQKBQ zw7UHPg^G<{l?{hQMefPs^m7zN4a^Eo^WsA6Z5kD^Q*^1(Nz(nTd9hKr5y*Mc)#!fm z2b@^NPhbrmPaXS;xoNsPx{hq^GBT?ut!~vekyyr}Wsdjo1Lgc5Q(Y^+HySXgSS+xA z`azDHuH+X_P4Aj^j7M+%n%A$tF!jT+{^=5pRo2O5RmBOFnyN;8#n*zjw<*d;1-m6lIba+dZ=p1~LjWWy3nui4k=1ikV3M>{gZcq$Vh5OzWZ6@9iGW&XVQ9E#y$1gcJ2xvg_75T zV8%!5ZrYFEJJnrpsPegowR6v=Xb2T&dem|1)I0puL+a!thik&8BN&fyKVLI;$hKCc z!>jYSX${X+(hy&U>RvL;M5~P2pGlb)07*f60*i#xZ3e$y#*#3bRW2_|#E}62=(yZ`u(+7ix zj2(4U&>P*+HOfi99c6qhVsU@GL9Skry}GX10poPuaz4Al+n3O_x4HeCG=HU$P3aLF zycmaY9=7a7-lN|#(OlPl(i=)Pt})kTv+l0SEka^Ix^z}Ar3lM z)KeD7F`neh#h$YHtrO%Vzy3bxOe$$ggRqAe#D6{#jM7VIicYzBsS6VvR zc+H*L6bLEdFx=QkQj#Qc?7D+85rdzLYvcA;)&uljiji?BP?6q4MK9bB0PG`7gpGPd zoFkl~Ft7Aw(9#v<9^pur!f5WtZ&VE#Ij7#OWph&NFWu*Q!a;8_XbMMhx)SxlC+lwf zZ??uFdm=Pw4%8R$aZ7V4vohT6BV~PfoPDTjJ zJj9vm`#3C6O0v9K;X|QjwnWKqFGynRi9z?rqqVTLoo%OOR`2AnPo$~q1YGDLN`yh#o*}oYg!9$B}6myH36)7 z5v+CkTM)+8FDEy|MQ|NVv{0I%t&V<<0Uk5cs1q=Rq4&~uc2hRIVlvwW!yEK%UB5?J zq|D9c5L$n52^cIuOGOt}$`Se%;qAm+f~jmfG+*rU2R|Wju`vk|?*a`ERrJG-Dpkd+ zM>sx~-JQC9+gVBLlUF)?9DgW+ooOF_!V8a4a#J0i-b9$&!WzPxMIe_g9k4c`PMJTZ znil@1=1?k+?=k;%*O|a951uIAxG8@{(;c}V;sTt)DEb_*)*FgbhWkZh<(8f!I<2on zfS1h0_)XDDZzmemX>d@7W z4G>Y1RFEh4i(wnLi7Ir9kkpBr=^VXdb}<@)Dgs?WNW=%X4^4Jd8guu8xT@2 zF^rl_F9Rc2+L9E7dKl}}A`#-L*N2fmnH|lf>DOPlpAdK%1hf2#3$(9$y5l+K*V8#aAdWbg!Ri8C)?)Fi#UfQ>Lo!unrt$v^DRKfMw;7q`d7yYyi-!qm?EW1hg zTkRw(tXgad+CCJD<3Q8rqzB@EYPq>K7f2rmCyhOdVFFpE2l10=-|%?gpaK9&CIA2d zbbR7}HV!<uUI%6?$|S2kYzBD4J~ z+kZER8H@}7U@`nxX8r}T0aZZiSfC9q?)m3^1$3m+2mik^0?0ZGh#7XS=fMwx!3wRt z+o2ab5msnRu47vM_KE2nY1+@yIAWV1wpg^1s>}UHwJ7@Yf}OB2_~k^mGpWU#GLD-iwR^nlLd< z8-QO1D%s%v?~&ypYMjvauA5unf&@dW132LLVz=%H4dpWnbXI2A3kCyv%KxA3r`L<% z66zRU+`bp(Ng9H|1;PQ22K+6+g$Qy%Pef)2OiMfTOcApC?-7B$FEa9876|02dIs9@r+0P*L)6x&ZI z1$Bb~L79fZfGBZ;kU_7e|1GrR0r9|KK?-<4>M;0_Q|J$fWDW)*{uW3KG2;bsgDB_! zMGa5{^9HiR3lf9bfzb1TD4>sb48{Gj0svqefdJ^G`hRV95KBIgI0&o`d~pSxz(R)n z;Dd%0uJJF0!w>Zyqxmng{)-Z{phye&Ptq8qf2X@@pv|oX?brX`u02H?2vIkI_SCR% zK&&7yk zAO^IZ|Id~Rc_jp5{by3rZxsfUX>`~plQppn9`1S&f{{r!z7trt*$o0Jd1Su#O z8T<=gLyV=MHLNo7QbIlggoAvM0x_a%kN%Ugla+`0TXPTde=>#)jsY=V{ZFR!<3Px% zEQlN;Dh+jrI|Xr(2C2ZrL%O6vsz8ke2!;$4u0l*@pipWXQU`@V#FGqJ=nv5yMD6cy zE-XY{9)u0aUj(8;x@4hlVA20CW&#Za2jOLcUcWSQAR=Hq;oq{?5K}@BGQ?R9+V-PF zFU&VN=oN|uQIiMJLY!rxMilZ;Us|MpOZ9>AWdGWcLG700p>{pc{`#*cunbf?!v*c8 z+9^Q)ceh4D`66KZD~MBoI`gA?Vb-Lf%+6nCf%=6>{L9o)L;w8K)#xfhL*;q>QYIn| Zf`{ZQLe);Rka0!O8+Z?T=)Di%{{xi^i`)PJ diff --git a/cd3_automation_toolkit/example/CD3-SingleVCN-template.xlsx b/cd3_automation_toolkit/example/CD3-SingleVCN-template.xlsx index 8259ce127cb00c93d043cf9b81b5e50014917ab5..3585c0e58dda11b435a7581140ee0ec4ee902dc2 100644 GIT binary patch delta 83415 zcmbTdWmufc(l&~FfB?bW-Cct_!QDN$J4}#3@Zjzm+}#Nf+}%TPcZY9)ti9j$p7Y~7 z=MUHPRF~gX)lc(GX)WSGEn-CrJfsY6E}a^oUK=RA zu;E*i=p~EidsUv68YUB5%2o3O(lMW+=Dl5yBAn*-hr1>_8UYPt?lxBq75>@c4_g{- zhi(G&#qE4odFK{nVKSraI;%zr(;VokfWwEgdIkoc6W+_mZ8#9ObrWZN(ZM>}pqW&< zp_6JryD`2O^SS?5tj>&1Bra{Jp_*(05>0fIUUTa;)%i* zs1rTZC$+tk>@vDeaV#bHKDdXm4ABfwO`l_clj(z$j%sWyylyo=Wnk_g=>6^qrj5r3 z*2n`DNB`+1KdQ@^akNa;t~hqiV~LvHd|Qj!bCazGs|UH|kVfs56nK29dQJOb#-_To zZ}SP$=nuQ?6^A&CMTEL8MtxsD#Wm$qsx($-oeRqcC)8n8^7MH^X?h}%i`N=fCt)=M z#!0?=TBFdbI;&Wp75mbv+57}UqCdFRg;>%Kzf{I2pKEPIDk(>p2N+T4kI}5*h7st> z7F)}8L$f5S{qATj8EF5yhRhWvoY+xDCD3xYWm@3|^YF|_181^!&YLd99yV~9P-S9? z$`av~nA4Fa`RD$q8nypmTANmf93G7WP<_4&PRc=dM259=!5@3Q>Z$`p0=HmEEFdBX z>C?`3M3_i&P7#0(V_a_fL>HOHep-@QD)Tf}8|acn*)+97Jv-s7q?TKpUna>{nm3cu z>#p>f?Kz+mVz_Rz+ija>#%^b@2obH{i8>GrIpTJ#L+~W|KsL>zv7;LumzB~#8j>)SOXQe@#k@O{a!Uxt zYfE7hbUV2f@2AC+#QmF%FJ00f@QuPuq9?_YP{XE7q0#K8WgC>w5bAY)EqTq1ixve0 z2KK%efBAjRab26)dyJwe0%&x~*%>ILyRE9;BNL>yeRa7zuqn!SG03?^i?lHBoNtz5gP)FJ($5==+SnwOaVLg3{FgO%1SH! zcK&*G&Yu#mKEa7QeUB#^iW~osLlvkyc=B^6Vx=P~R2~~C_vqtAp#&pcchWvU$6f$nL<5~k7*QQYYbWOU%CLo;&@h_GLf0a$vkz#Yt^zdlgt5?p!!|! z$w9w6q2#L<2{XtSA_N~beUQ6=L$0eT*Fz>kK!8ib`*d^>T0Z`h2~1GFB*6TvDc_)6 z(&PwnJ`6HO=)C}d*YunWM@0C>QpHnOqu*#4oh1taw*!UJ@zGS|48X7Lbgb(GURqCT}7&R!YTM~a~+*-W&`BkoYHuc9Z;WQwioav8L z9Yj1B#mN;K0KZKpxVo$bL9mF=(6F5Oc%+RvG8x^5-t8{mFH%vO3GLqvORzulnDO9H znPpgr`Tm|r_d6q9eekhjQrthyoi3)j6NKb829s@aBEK4ZkHt?fxvxswHes( zlhe3ZwLlsy>-}U>CWUh60RY_9vr3=Y;i>P+d({5Q>GZyh0m0z3Y60ICf9T1bobViw zVC7dZ%rdt&>a{J&3Xv#kR?)79&ig6RtfEy9oqu(Ost!B`Lu{^>izbSk7bm@w-Y1DX znls*#*dSYx0#B@StuxJG$RFo@c0Jks8o$tbc_-rH$52usoO?@2Zg4jyN%M{8HOiLM zhk^aOa>%-TL@3-+id~sCNV2qdUht^^J6v_hkA2iF`J^?z=y3t;V@1)7;h836S?_Af zNNW_pO5vnNI>JhBjnP^glLk1!{+R7g9) z(3=)B{6<>+=?{hSp>i_I{*)UJ2ZIjmpi6HtTUYdae^;d2IRXS{ngh&Ac@~BlAQt@8 z+g?Ss!;!Bi{t+V<*KNTFcJxP;J>6GhbmvIX7}YClJGJB^SLsjXf>uh7T{Ot^1L z>-%g8v=zL5B=eCc7+G#{i`HI%nteqe{2gaMX1;1^E!F}$_B*@2W+a>%LJ=&B z9G&s?*p%86^EU;McCEIT<%9Ok&WPNQ@j&YtO%UjhiUV8=T) zLQRRioYrLmBI(nEyF%$RgHOhX^@+U<@6gcFPxYgfIg$#v*9~_0B8g|p8sxO6(JnLP zGk^8KOQL1l1y_mAxq4o!)aUE$Fs9qcmJ_tS!|8}{-*Y;w?oL63M##LYgd6CGauD{R z=B6(fSr*R_%7X);uMi>m_yG_PLy(|O4V8s0%?3s*jk3N$Eo}l4r$G%~IHK5t`9Tx- zVL}lrlUzZtbkoedvF$V9g-hElCW!)0iSiP!3B9e;Q&{g%ls}94*DH$ z8IH)3poxFs^ISlIZ=a|?48b%4v6nLQx2{lXsQ3KTm?AenFXm}5eglYj?Glkvr;IwO ziXOxrwEuingih{Um$O40)4?PYSg%lojwm`{A8B?z6pFiOn@Dil%%*p4mgVf7+_4Og zH@qmr@%FKy5HM(X9C&Xgj*sg}Poc)b60#1W;^Sg*=9;7uR6rg7XI08(b4K(e)o9d?3H~JV_`}xH$3+utHBj1nprM zJ&Oh;cXW!0102)8@%vz`eAYuha#-bW^LD#gb0s*^U2OwgZ--u&vv+UxY#h6`^F;ve zo>-r5r%eSW9tk1|Rvwd&SDrnt4fxMp?)vO`PcCeIylytPlh_%au&-RNSDyhF^#Z&r z0uSu?&9^qq?%tjPIuAj+dmA{2i^HL(tGp3UrKC7?y>|I@XVQ;?8N)!-V`H1lQ`xnyO zGSQXO#{r(UXB)4z=T-4*C#+>Krf8dv8 zs!f{0YF?@@NU?<-z9rJ-u{&U0E%!pnrGG#Bf$73h>P+) zV5;_4y!7b5<(V|>VzKCn&wda4lS@eUBfx1gTO$2Fn1$DSw*6^{2&-RGP)ZSYH@|ko ztrx@pM-DoHGwEx9sEL+qu9ly9W4`=lR#L)5paqYPN=3^h1;l-~v49Kk{rZtP zI>s+H7iB_LHjA+WO+w5;@q4tgP}2`8Oel2lehE1^#b_xB4z{n|9S(&5QJDV)Qyuvq zRr590d*5!k7vBH##q!kDdo34;|1vxOjK>rFuOhrk6M*=Cd{R;px0?UI=Vf~Q;&}Ru z{ePt^TDCbqBC)*shU(PmGtmYW1tgUuS#C-)w;`Y};(vG(F;_|QU(bJ#xX_Hsm+*>K zp5gWk#GuiPDwgodo=$I5^%CgTJ|Mfdjr=|j{-kme`xd#rA3%-+n76>b#C7i*9*>_f z>3_BTKb5inC(i%kwOZhC{^^z0!%}kqlm1U8evsrZvc!*a`-c_8{JnS$O`zM zAp9S^>}hX#;BdG-|DS0b`8P;d{vC&*e<6~y`d^6re`N*y1LxoWx4c$OZ`mp~s3370 z_}e}5BN{6HrHuaHcEbPL&aVI13E0j5|IPcqSgSraeD)-wHttR-2;DFDDVw{|RCZfD z?J3mXC|2m~O~`4g>#57n#I#XIqhW6wLLUiV)Zd_EpKEx>Zqp1T*&>9VUa|_bN9+u9 z_z1MOO>y|(w7&ekPS$0-SjCWigszq*f&zns=I!aIf&c+Ihkc!eP9*HWS%~Pzh%8z! z)C3|Wtso2+eD-b8+=9dhB#?OTD2TzB-; z?^GK6xrGo&Z^x{4ww#qh>dfFAZ-(+Z=Xi@3Yt^F8iDiDBoXN$-7lBPUQiU|KK8c@$ zERmscjg4ozGM%=5*`VK27e}1?{L?D{nrdEZS9PFHkzZ=a%>dIW8C__o;1Or3;(hkL zhK=oq1;6iP(dx)eB8n;S23C?LE*7=DOF~Q@i6w1=9qqO!pw+hI{h*L4<}^0J)qIrd zV1UKwjb0ZKfG86IAzMe=cSOne_#okDW-`Cv29dUZ5%u?7t@6O4h#a<}43i_KvsNmr z9MCSIKFHN@Z^C1pf{S6!BeN#Hu-$3^gtlMakzf5f%JTH+ehHj$bR3%dcPjRotqoZbdCTi}uf^(^b)98yS= zOwM+}HtV=eF1z)3C#ywz#BQWVdu_7o#rxbTQkj)=xfoY`v*ecB$Q!r`-wVR-aAoN0 zNv6a6;~fsa*kp+Q1*Ws73Eo;97eM0qM^~3b=@^bQ$OP}bM0Q8B-gU$cpM$wv|4CME z{E6{vA4{i2y^m6|U4M2VVkye`yjS_XD$@Fb@8Kn&C;SmOs$@=>^x#*o##^^g@E;N=+u4-!8&*L5T7rT3gC*`6Ge6vlnBMK?7 z(Utf4NdcV^Bnq&UQlFlj&YzaGarIjLQJqEj#w#*4JsjR0A8?|?eaXJ~BT_Hjj#)#9 zSIFae;l_I*((PxlJHJ`60gzAz3z-O)U2;<8S*^_VPc0V#|jps zH!F@eN3a)I{<LR#6NNxYvSp{|075GuN<5N z7vy_4@9z;Mc_c5M0wAZEt4ZF7CP$mUG`X4oqa-5iRY`1H0*U4BuWv6HSC^;5D{j{I z+)yXWq+I5#k~O_(*^2ezRQMYlvxMHabgWvQmgG79*Q}*~%;Ks)C-H5WZj9(veMu5P z)WgxO%XHfi8=3}G^w3kIK7Qt})sTmCN7||z`ed1f%Wn1e3Cwpj@%!d)sWpo^*AH9JNmD8?ANXsaGiJMK(pwIOT4m;a^Zygfa~&9-7amIQ^1SMEo2U_e5j=px zCsx|R`1E6;e+4e*6I9PTv!7YJ6 zbH-M4(WAhd^W8UoHP6Fwi-+bd(fRiJ*CrFzcnxxIOev`1v>ECS6)5skpATld(*QN9 z(3&)_k!|HV-2zMd&<8|8Qm@8xf+U9Xnxo`f&{8X9N|Cr9Qiuh(ab9hiw^JKbS=HT%xh_lr+5XW%anO?ibqfr1L#GP$4 zdOY&Eh~F@Dxi#d<`45I8j%?+yv&^uGUdI@Q)#>u-Iz^M*P zxyLHEb9?gGeO%0!GFx`Gm^I73Yu*0mkedTV@4C9(Rc3pqv(_SAj`L=>IzIh;P=hR! zGq~4mc~xVldL%OUJPxbStk^*Ca>QZ4Rq!8EYJkedJ+>@9yrh|OXQ&?fmEt#ou~Boh zm&z>)C=h+~!EeM$aL)0i1k-vgmS-i4FNKOlU&Ei)>ZSMGpKEn*I=;WO zA2g?}d%mmJUQlqVdF?!5**a$V8W6t`ukOC|m%g;Ow12t={|@slVQ>r8phlxFZKd}3 z((B}FewfHxg+d;>Rj22Ny+r7$6(6~6tnmF?L&@aBVS7_?ulor`uOaNOxzvZlN>^%c zZeGQFWX1s0-xOoq(YzHenv*G@=T-lX*YfZ3e7W5i%rfIjmA4=~h48&JkEzBUz19i6 ze-yFY)4VC#Mh9F<0sa$~gYv&&(R!GsdHnF#5$@`C!&gU~u>sE4&bzaKlmyMEx)!jt z1=gVLKT+JXVbUNp{$!I(C9H$9+j;Yc)dE1BsVp0VN26GLb2J&qD6i1*-uQx1I{y}U zE!{jo-s(S~F>6Dw-hQb(?(kJ^+eah}ZoS>ozePTlRNnLE{0QABjGpbv9>CvdxyF5% zV9~{f)Uhz7GI@(CjRT4!F?nXiB@ zxSitJ{3OY8xz5CRDMfHLQSch9LiCXO$v5}2w7eE@ys`gr|C}rQEr_4J7M2|s7KZ@^ zr3CwBvNx58aGw?=$}qj$MU9mfLyn=}Ag&9)Z7 zKTsL8vaRtG!Fxr$`Ka{ZTdZ7+AUV7}9DKS`uHE?;j9(kvSUMlxUvZ%Yo;d}7TlRWt zgi%U*1Q3vZBjL2?tnDYKrie7Ea2)flzotzEpKRmQZXWwKvg)1*Q00)@`jl^p?xyvVl-pu_od z6JP%HcV4$@uSS*qrA$wp!}|R*iFSD=E?!MwBuQ(DPYw*yMmkD+$pk=tsx9Ha)SO(r z%d{J-xVMUuS&hnnlZG|D5NSJqUisG2ug|=;_odJHUL!R`DK#1&`B#z2<*|gP_$yAr zvWE_i-ljuR@3J+`yjY*>pFt~Nr)SKe#1s1#7-z@fyN%ag66~**EaqcNhO!x`_`{=3sEm`7$1IB z0*@Kny7>npN^g)2%f7Jc`7054P(YQ%dc`A4$V4^ZgV{ePg?_mU3bEG|rr@J-(AVi(9mq7e87JjxjmPDBjLT`i_0%)v7Z3Csa!$vTYD_e5#*AzQ z%MCHcjfnE>LdLAngnB51N9yEZbW7R}N3YOjxD@qr!xuzLGAu|kBwpxhOogI&9ZE!nReBVya}$t7&0wNZJiY>u43uPCkUWVa>nwa6YC{P-C2cU3tgzS4K$h{$o2@$ekYj)n=7Qp7a+=!1 zhpm$bz>s-0P~&!@*?0?gSUe>^?IJtv#eqRQAU&bHL=e^nz>`@t5I4T{T*kvd!6y8$f7G-W{o;A zfu)F$3!E5}!3(XJuOWwZ^6g9-1c2DR45|47%!p4`dPY_16nY-v{SLLaX6W?{12xTi z4`sa1(3iIbcbAd-Y~+J+8?Ki(I)YD0c{C^-6-*jsl+VyAw*^I)k?`!~gCEviRc>^! zo|4Eqm%4h58x#mTS+gK;ejhN;yEgyi&akv%R?Yc;K|zL>foUZX~ohcc*kny%xb6KTf!7sHUBq2q1}r2ZPV;u?3Yv+J$q+0KQF+_+YB z+40ogW3`F@xe51k3>U3J^QcM9Ne*+%32S~P;1YmZ&n+00x7=3}yIeY!b)mZQ zH3{x1Kh1@pTG7QsgON9!YQwg7@~OH_k^Mu{DhX{lQ{Kb7$u2H2J0u zgaU24hkz}8?^CNHw~WZFbH}5|jUXA&=U(L#4jHZGlJrL6rzYByl1`5PAveXAHV>e% z(U8r>BLEEh$jH>8t<1Vlx0Cj2Z*e_iIoyqgwL!I8oo;J;QpnK<&iq&IEbk+0Kd4IcUchokV$u%CIqF2S%}~DIeRIiRBPK}6 zpbk!+bE9^BvAt1}GuM4gpLWAwgv;-$R7uLhCi+2#eJsdfQC!SLGlzHBs8;%kTWjpP-pcFoqarwo>rTq0 zTYW27LoFhfu)9cxA_jmX##+c+3Lb%gn6xQ4O;?T|EDBZKf<8TwTlsFpY~j*pU8t zOor)2jeDkLHX?m{;x+gNw$4Il@bPVO4fr`KH^G!Z)JX7FUZd=4IQtO6m~&@~gqZ`f z49_8SecPoE2*u}U^s1U2H&`%W~v zlZs|zvCi3E5i(5jR#U+IXdYRrW`lH0ynbNJinA-1C<1TUEbVF1uYg`-a?Jcg%k;B! zP2hS8;su%vr?Lv*z+N0_BI_h%RE3HVqq}{n>Bbk6{=$Aq)<&hfX5ZR7o751{`{zZ& z$n2>oX-wj)a6JxDIMUYb2|)sZNLEfJ|SxJIKBwikufxu#WhvifvgYFv;Ub zGkfw6Sxl8Mfs*C79-U+)sW;fsl46W6y{->l$qD2rP_Ip3w!zabc*?YqpY9C zhU0r!ine59ViaIF0xlV_^R<2ZkSvTwWaNa5{7?`k1-)^~n<&r8z)|B~YyvntvTwq_ zc)Xj`63`1l{$lbsJpG?C#(r3G9<$+z(y|TDWof~(=D)bRJ-P!!yxmYuvr&ia$g0en z@>_g^>dS*analY28BAEpB!tRy);6p&zlSsB+|}XGQ9A0_@Ce^!=7I}{Rb-S|oJ}eN zm#Ga_d~u>_H~9=2A218#>Q^$C$$S%#9`PH5JqgZ~7gpC*N6D>Y!!LZ_kl7be{~S3^ z2KYHz-^L(}BYE}vn)4!C9tXazO7-VodT*(_I-q`&HxU_d{+dEl17yoW6aK zDbCEOkzJ#?24%EgIimtk&*IAjMb$I5)GFMXHTp(a&`*r+c0 ziFLq1$^E6#_q3VYC@EoS1{Db#!`*JxDCw8~pu}!gBrG4}VPMGDW2}m=vPZsHsdCKOKYm&kJiiJ$eR6B*>^)j~=Qx+j@X1N41V?+2O;Qli1mbgq``n`BP}jiQkd z_TR?t{!}>V6q}VCwvm) z#z`%GH=|JJb-0lY=N8B~aTmDE&@76pEtW->05i$71hT3BFz836r6 zh!hh}oUF`97s5F&7y}`+-?pTkTf*PMwU#l(^Rah8n0m)WsFV+>^|FrL7-2C#HMhC1 z+VII`C85Av&0mJ6uu{P%=*fJFlpPV8rk4R*BE7dj2}{u))il?h>#F1HBxTeV`_$Lo zum2i-$uHf1+;U!mj}%0uuMbGz^WBBi!>JmnSYedyvZez{D2V}rb>lP2%(}0&RG9ga6<6(xX#WN=v29&a?uk{5`11SI&ku8I)myprfOFKDV zb2g~e<>Ysn?jPZ7yF~tK3WqgkM!*s3M=rj87P?zy7L8Wqa*5kohcT%__@;-@BhP%@&-M-Dz)7Hf4Nz+7 z1P+Ra3`sk4nE-!axVE3ar`j}GAf6PMBhEao#yVDv;wGwyp>B>P(n5E$LLZs5V7LjP zZtK6CEj+uZPV_Ul7(a!`<_jAM;UNG|7kQnN@G(Tf1OSX15!92{ZTCN^z=(!BAI+@E z$Fi7$5d(Lz_0gd)RCU00*I;Ff{9n2n-+HX)NrUdjvrL$30n#;nqxYcb*aUfyIRbpjJJ; zo_|g%%P}CUT6NWNwb+9#^#?i0Q8fq2PHHZ3C5CLxWA-vc@CRS zIZZ=tozMT8K=i(%t=4_K=V+yMp7p9HN9E~ARciC*8kpo{LhO}nID?2-0fub?tc}0w5s}}<`9_<_`$$&9Ot-AlUpY=2H>zq+1 z0=)ZuzL*gDxm41h5%`d)wm6GP+xi18$mBQS>nx}c!u`1oiSx47M1?j;gjg)6IN6!H zn8vrJo$iwbRz#m6tkBICC_=myQp!{$vk=T>sb`HlUjpqFmNsX960 zZ)Oj4E8dxj`Zg$mZsR0gm~)(kJb)TT&%$@;Q}@nZ;8))UcQk+xLDH)ysxXlTZP;c$ z!hW+lsxSc!a4U7(9r}UgrLe(_G8D`kEmjf%A$j>6Ju-TSTbQ3>Dvnx&Bz_8T!1jhG zt$mw;5Xa0nT5hNmn^t6k_0ky$E09#zp|KRUd)aa#x`5i@1j~Uw93Tl$KHTdDCAdgF zt)ak-tivZC4`d7mSfI#s{4}}vGdN$y@iKWNJJJ$h6B#$+er4OkgQCt#HrzK^S%Q%R zF&v|Bw1kchu_5=9R3`BhI360m1_bXT=D=@mRzCt?s<~O@SWYgyzeU_!5iytMg3cc( zI8A)4Z%orYoG!rs41iDdmaH0ah1aQLGhwy&%=Aa{ASE@!%qv zUO5@19_}ho>2~ShmX}1SV!&;`iP3ss-wsupMXlV=`wonsf`V4ytd?xDMEh`ZLhhbE z@uEqkf+Mwd{soa2Gqk&Wo=G+4cJ)JIJlo_Dt!ipDjJuG47+uC)=TCI2`eSqd>|3sZ zV}ISDgm&Tgaw*Y75o^nfky8v@0q-ny&v(0)>)95$IEZ#y?=muh7Xd&(w$@(tDls)l z0k^-X!if#S=-dhm$h@|2_5-SbjM1%!xr)z_PcEAXUC*sIl{~(6h`EphFd-AnKw4~n z4qqeIHoicLUmOR@;5HFV(`V;#I zGw-27UoUTtn>roF5v~~|97hD_+U&TweZo75foFw^2u5|_^-ZrnWPDvYlX?cHUgxy= zJ+{9n@IZ_(6P+TTR{q}|7uW#*%V78kTqk7q3VU@ciq2kxdE7t}T=Zrs;M$iAxb`*# z@18LS#|aW8Z~ZT|{Ds<@f;*FHiChOsE5u$*W)9=eT1#>GTNC=!*Vp z@fB9TJ7E!D)NlgTtjHo-Mj*j>gm)YA?6M&a=HsNURRFOX-VH|!T< zP?o{?g>vc?n6xghUP^m#V3ly86Yj7gAo9PU^y}vCG9sT$ywIoCLkCO^bop^L)=t#W53puv`-(wJ`}M zO}#8NHyJ49R4Pr>;qQ*4V%O#GK0A~Kvy3``ia*pmo?Jjdi<|N#Kx(>F*~IuWclbLm zey?)tGj(1e%ir%2CdoFg#vGpRYwo}7${66=SRmRJ8=bue47qVDO|?gDb*Oh+JKA}E zEdviroFGJ8CV^hmIbI;13xua+Oh zZre0DuAJm@)N$55ZqVQoWVWQAq#U^S=|@D#qMMu6uRLa}g<=_bVM{;kmoo=7y6#es zY=Wc(u%QEf{np)##;zL{d`zCZ>`#TYHScGI-YEv2mUKTrA{Km}z!`E&_P^tpz{T8f z_Ca}GQ()_Zp6U%KvFv9B?+uP>O=-(9P;5SG(vIy!udU$MTjctb$xdRdXlaF+H1(S! zcSgOeW1@~N)L3gOc{|!M@uPgGi=wAV(Bh)|LUSh|7u`E=M!mcvTGObtuCPZauC7#r zg(PMn#aEM-J!#62_Xiuiu`gL|FP61}CBEc{Aeg~ocG?uSo(OsE4o$78J8eboj9Vt1 z#jwXbE(!9~3k~`&%^pZ&Z%m7{joVWHVzv5Ij8`&gwnywLe}SZa+g;8_RYhL+VY*Xn9oA>iU2IPC@)h(ac4oX3p+0zhyaN zSQd0O9Ug9%d?u``m1@oAe*8Vx*K53CfSI42(!|S?(bjT4gVDy}vS@!mO>XPl&-m5Q+JE%*A=htYEq`S|$W;06=Vvp%JEA1zr1$ zcIRDPN@a%xz?1reGW8E-g&*wE0o$oxW%5!)S&ZswHO1jNu=kOa10LU>;&EJH0S_Iy z?};feNnN7&f_~M)f56QhGa&Ji|taejK9mF3(aIG_QT zFh$-AV3ER0pCEYjOB zRxcUzfB|y;zGVdmW{uFvkh~bfpqfvx6X={^;3aEmx?#<%XU}*W^l8` z{+T=nnXSMOBmry#viEVsna2!K*C%X;sC3=0%0jA%xAfmrVflOtwn;?o*;gosnp1^v zS;_~KD4?ta^w&_4j1Jh*r}9i8F-#u8rZNN@39Dq<6MuwfAwJ1lvXh+C85kvblEQ4; z5-09qSp=xsmTE}1)=u#m77}4$b%*J>)oN7dbDhvRM$)FV?$&#OSI?S3fw|qF(QH5NFf(v4V`3 z-gPUxC?${;Y^d2uVVQN_jN^&9d8}0Fb98oVmi_()`MAxAcYS#BRa>2VR}UEaIXXh~8jXWPx`VZ(arqR zLmgNt8&O>*76alcP^eHv8cwKBi%bC_UDbifNf5gip}3S&qpNtGXt>zh##r)Y zpQoVE%@zsKRLr^+8Yo!xm6bUdTxk8Rh92|lI0muWMUktG$hQ3Gt?)ML<28o`w)g?&&)MKW=xj~ zf23Vl;B^^>bUUGrn?RTocfP%E6%dD#@3MmpR zyia=A>!AGr9@mR#uZn1o62u7h+zBw6aoJ0815R7^cHu;;VYoZelL zebTH;*yEZO3rZ!dD3%*0ne?5R%tUM;HTHY#PA+Sx+9V{Cw4$M+YA$JRZmzLPPcrRl zi`IG2a=T5+X$7YRTo#y~Xna#{4wnxN{}0-WlAUq?j(oEM{KN(os^r!=+nLP)@rjRPo5} zT24V+Wc15<+IFUrby4T_uFMYG&sIx)Y7c|D=wT;SxxWTO_Bxs{?;uq?G|1pquoDic z6XX^eRY{nHFkB);3h%yAs<7sG!f>GK_@^1RENLQ7nws)$P zdfnEaZG=9WG{cdb3zJ>9<(||NNuJJV{iHrD>T)Fvu7n%aDlbZUpdJLZP`y&)RUbe* zDUi3p_~CL9vI|D1lQ{>eDG3t~_zm`E>eq8KcUO1Q=9b;ho)XkvJp5Z5I?YC2i~ z&hKL1@_{TmH9=zo4MdGZl(b?rKg2L$b;WHslIib!v=c(+K<8b2Rq5r4i7+o>;YVou zuk4-_kB`89WITMkI_)bXO6%S!lDjI9bWF#RQpf{V|Yo zDpQ2vw##|f*d@Vcj5JuYGeAL!@Sz#?qTaz51%q-kghiS=xk2^mxn;GQ)vX&0;_GQt za`nAOI2eGqFS3eAE6>E`LxlPjiKT&_>#BVt-1?{Iwe|VtZg_1DDQEZPX+J$V*W>8- zV!YmETH(c5-LjJ=q_Dvhp6MVnUFL%=t3MbU3QLL_+qYWXA>3VM1X zLedWWulAS8lr?3Fpmf%;i-i^A17emqaqJ7)bA`;vJ*NDZYhOz|2rr4A>a+MM zNf>Xb%$FjBC5ONg=phxA26PmE$^5{~-5uqXgvqaQAnj3_)ZpS4*T*Q45F218#0E_pA!(afeeOj zg4r1kwjv&TNJZiOGdQtkvLp(&hg?bqIKWxP=S3QW;oiMBUsr>aX)pPG-0KgI!xQ>7 zZMqJf&|W)#I~U!|bu4XY>!!)EF1#g~qMoZbh+Zt{5aY1H3g6r+Z7Aau z*aV-SL05vHm9^jDGx`8HOfLgxUs&}5p z``JasOX-mu_V`kCqMRy0AbQ|wl9lB_RT&cN^jZ8q2~YdgMEZ|AH4grft6k9BNFC7> zB#!&Z-|NXCX{~d=2!P(O&62aI>NplJ340#1UVbDAfeYzHlch{nR90loF_#<-&ZEBwstbc>$>2Cc4pQ;pKtMz(fkD6mV`hwDT1Ews8X%MX$X8Lg zXI8o2NypnDRb?8nDv)G9Y(HMm{}>WruF%C6=;?LD*QdLpBZAe!oYz>Q3KPTxr!H#J zS^Nn1_)wW-OgR>)3`u3uqq;M|+N1?|sNj{p%ti`J0zsy36@oU32&J63=zti{;;n*P zImku%*^#p#epiS|r5z2R%pr}Klt9+a!Zyh2)&I2|q2$7_D_JoxMHmwI69nMBCVn^$ zfd@|U&4UY%LOF!wqm_IA@U(CC$FZJ`w&)Nm>B4(Ivj8Xz$aaV)rS`Ctb`43pqTF~M zR4@l+$2K~F$g^)_=(}}K3XE>(R96F~U+|RA_@&%d49W23F4FV?pW#gx^Ux`DOU70k z8p)9>TYF;MjBH!?2{akfKBZ52eExM6N}C6VzzLr#p`h<(qDqOl&80m_`zeOE`;;~% z$GkOcVaU&4(#i;|$A#tsiy@um{_Fi(Qg!uFxW9m6$Z@QCt$^?TVqf`8mkHlzo%Xo1 z9&!O8wo0-ADY4RL0NCSV`S}+f@++;;qV}C$>u`z>R>7w7>kPVy;0Jyl-XG2{2a)GT&pGroG4LxlI2I$J6aXQHfhfn}^YJ<@-QJyw0*Vc{e4!v`q>eRVvT#xF&4OJWk*9uxr~=lVP* z-(nuTRV6fQ`0$i?$)+zZMn*11%9i-}2@nf90Y^3auB)p)94np?4%mGe&9gaAtF8Oo z;oC~1_WtpcbI;uAE4t)C1gnk`lTVZY;BN=6T?`q9iNJ_myzc5q(f^ytC$+)eyBz z0sNwX9VSDQHYdsw5&97jkD@7QPL~xPP=_)=y|WaVUl(xtwa#x7epyGa8eT1IWkt{B zD~*FA#8Fz=rgdQdW$k2_CX%K;x{xnEUwo{bY~IEqGdS@E72&%iWLkD&T!tzPoR}Ws z*)5rGa)0Jism4!R5jkVObNddv6Q?plOaM}&_3xP^c@T*5Ajt%yP=pk9;WeYH6or0E z_xiS|8P^iR95RSz_OJu%T;Lt09FY zB74&pt%Hr#h<;aPUO$|Ux>Cy1wF|dJ*pz%x@!aaYukxc(t8xpi@FS{Shk)-)3 zBuWh0dIN)qd>8ef8Tz*KdJ(DpZ`ENg5am8motlI=#H3IdpOYO>T%v`hv8WP!GYvJh zGnf4>LA4TTN(W{Zyc&AckTriJfP{nta{}pLQ*He(clK~PG8-LXrWvxq!G7)U*>?pc zHDyFt`*5V_zk~>bKPqYx<2KdInd?+Ov%Ld{w-K3BCDg#Hv??lgX_h_Dq+usR`>d4j z&rXIrt$1=pFtK@(Q%E}PU6iNaSxMFtZb8{w$Sdu(Jp?!Np#VGDzUZT&FEK4dGz@8; zWVVt98HrO7Wk+&gmXheJT&mQCmWRVjf@;~iV>k$Qi@vPtkDYyBOb!c-Xrh3xr_gA| zIN(_N`N8kn^!R_jK9n+walvH0Q=6*6zjW^D!_Rfvr{3#AFyIqjWfo_5~ z%LO=2Jy@46CDr4$mnLj@7c9FbbJ+Ldd3;184nej?wtnA(kvoJM1MlEzdFef?YvEB# zFFlOB`3+8lEE`TCys&aiJz;1{mSLqxtNA`5+gevQ!^IkJb#Qmo7OgzZawYFXWu-($N=arU*+rtP?CeC@dykvnbv>Uq)$8?sea7$m`NQ3HU(f5D z>zv1VoO7M)M)ql#TV!w~gn#vlI4$V@{LX3n%b$~9XFj{7oPJbS`S7d0{r5ivx611T z@V4%$aLzEOJ)K!0p=Qhaa_sT_z9qbtmVEQk=jB^=ddV}^%T`PBJqnPry7HA;X*U~D z_|{K1`;YHpIUKr6i7au5D&>%yRxj5MM2KN@6-Wz?X~`E#Eyzzj&+^=3ez25buVUU4 zrE}~7nN@9pBDIa()Yk*M;L2S**pJ`O0N% z6U(^EC+giTw_W37N%J7Dyp}TIC574(747XoTnkO%?~kV7q6mxNJoM<^_=YGl_enk!nKnX@M8dLeo)vm3zd%)%Bt-Je!?&u_%aL||_F-o~WB zDwC6m@Ajt&KNAcbIsTDNT!TD?>t@99V=Tg)pLFA1;|(>{XPN8bDNaicDyRqCI&pCC zU%q0WshksE-1GCkY9erg2x$5Ac+XDnlcsw`HM8z0Pd|t#J4U)08P5F{)3UF`Lh{2% ze_r8xxJ_~Uy$E)mv-Rb4wI3aMsL18{ktb%9JF~aCYAD$)?>-m&;`oI_FZVPD(2*9g zU-7^rU9wxU)hlYZ?n)&R%6$krJEvo?v&%m5S)LeawWd3<&(C1n7_pDl>m8xnA9TCt zvHn$_m&r(5q1-K#-7PV&e)!w2*|EB)HVxAk2Jt+R3*TmO7A-yc>-)Ot9vJOUFHz;y z!jGkxUiM9L#@Fy%_MMp+SsAfkpPs2;&)S7Bt~;zP;|*-{;&^#=Oc1*?6Fh^?xdd9g zT$1sAWcFUlPiB=0&W^e7irM;76`LVTrZ~d-%y87+))b-@`O!Y+dlwqeEN^8264vUAH zD(~&r4&P=iJZp3=$uc@Sy|RsOCfsMNxL7*Alpz>7-*$$%^UYLSGTsOJA zQg5buUB7wVYxL%*7sE{kucN*@p1y2<^;s>1`B>lxyFgZ*X&bUI*~|O7A@lT7c09YO z9_QX>i@bf@_fN@MP=y(}Kj9#`@FPg1t@qfgtF7vuLA7aDO>W5DFzJ3qN0Wa00o4lA z4Y?=xg5RFrhky9;bZI=5^%e^dX~x z^G-~6-suRR5x7|Is%&-KkY1!;qELwGq+#QW%CZi>3RP;!Hm>S3Mxuun-2*Cm(|tq2 zPOp>RQ;|F+P2x+z`O@jmwEw8o?Oi1g@mYnP^#`!VM3WZB66N!e;wfLBs3&Ndq zZfWBkBx1eGmNFj}6|dgVA4s>2U9RZOYnd1?Z*q*QU5*{-;%F6LOReMWdD@s;;XEi& z;w!~4!MyfY(z1(N%lFAz`vciVR0C(Iln~^iOZrpUWMSm;4z=XAZ&v*D43bu^&D$Au z4({5MMrpOjH{g&w|C7JY-99S!`cwq#u{~pZ#whOx93v%jU{v9s%l5x|dcEbe$T^3@ z6-6h>mG{$LGv-Xu93r7y`{1bp)nA4hvV$bJUe<0Z>Q}ilG~&}?HgQ|p0zm=J+&z*c=WV_A(e_AM zE8o8JURsMX0XUWB^8U8J-6>qLKD6i{?r0_Z_Ux{Aq>sZMOoav5?9p?@j0Q(p7aHi_vDkvf%eXh#Gw$JgVpxzDcQMB1tM6#R95F7RSkJ(ABE zEw=tp;?6A%|FHhh&hJF5J5M1Zw4cs0vKT7PHZENmzSP#9EH}K*{_>+x!?5Ga5z4&# z#8YSsv;}B$Q{^?IviH)il$#zJlVKe*ECF!rRBJD0&|QCm-SfCDVmBQA?#T0(A*cJ)$RC}$NdMy**;DdeA=<;dcfYqr*-9a@SsB@t>26lI zRu7W}Gp}=Z>i0g~udq{rLxEO7T*2~=2#pp0F}`-g3v`v5HD4I*0)pS(1K%;FNM0s+ zI&H7+ev)WR+u?T74f^OxSF`Q61CQ?&J5x%jdox1w0$XoX>tWCH7Hp2^i73u;j3ug* zWj;vU5+6y~x{X0eJT{MS;xf|sz(|MwNu1Y~gf|}+lu4Afad?e5`Ru!O^1l4{bisO8 z`g=#;v#k{n>9~GQlpMZEdPJRbd5U$f^M_uy6I@~0C)rLUo$oge=nqIe7ejXFvct>c z#{Np;M-;*?zW=fnx7gVsr}6V{5O?{P@($HFs_=m`+3Z28(LNvV9e8(pMZHgDj7iD1 zC+l8mf+MGd7)_8*W#j%U35lMz7eDrTotfMsz&IpxC9n3IYKy#T15uE}(lsumb-@Z6zUoL9S%fAJ;{Jf5YtNqT%I)vzds$?c7+LWz+Mz*z)UhT;sIY^H}zk ze*L0+jn^qERl5ZY4#m?ONAW}{`q8$Y`59#SbJnf1saVhIh}$SmyC`Nb(6GIEyPHKq z&2#DOFD8l})(JlZ8Y6H0Y;?0T?GwpB-jRwnX1XdC-{5WJ(_PEYs5#r%{Ij*l!RB+O zYizNdpp~GfWrE7{39bt~-iVFCEwWi}-;Y&MIH523ZExc{In_n-kT+kBH1LWvJTEMv zd(l!;F#V{iD7mxDe>{gPH@4uCz{i^KscwpR!PQSicKMBsHJTny-kl!fW{FLY)Q~5N zt<^4q)8*p^(%pBZ>MMo1R#TEBf3{ioFIo3jbxH9$RcjT5WjM3)I5N6=aS~8}_c}JWYHXf(U`p5_cchQn z?FR8&S!NZNnhkEzTFb@cXN+GB&)VwM+Vi6E5(eWYp1t7@YMxBq_Z8u-ZryIt_>=YL zvsm+N${t-g=N^Cam7%FL&%j*f-PG+kzDs6}@ytArOGYYPXI@?TNt-S*v&!}&4q3DB z7_`eKU%Q@A!(PoRs-98zGpQt+W4O>&6j$KYeSfsKtU&I-%EVCD*Rhhmp|bBqmTODQ zvE;}zT3bU{{>X$dFk^1Jlw31jIV#BF+QXJ7T)w|U&5w>18xJl$itsp#wd zo?KE{iL!x4@{Ww4ff*`iHO)fjaA$VGH}_(S6`11tcNefFJ@xLp7h@=je6n4B>E`i3 zwZpu&Cy%0pt87kmwkt?7CZse(?Wxf`-d!jrpd))xJI74Elx(}6wU^byxud>v7PzhVPTiIX_H>s=Y6ZJd}XE1_;*p?N9Xsy?WA6O z$CX_2<4p;PiSitGE;1+0cgA93NOG`Xp6TJ?`?;MD7Qli6e1GPAB5`(Nd2Z;q)7N=l zhup;R;KTw(CvAm>F7gg-CFeT-ck{&8*t*6tYfk37%jAB~4jm6pE?^z9_8+4Tb96r2 z#i;Boc^#Xj0<(G#0v&S8oTwYRI2@f15#$gF;ei6lFtCTo!LHbb{EeaXBkBUR_^#@? z`X+x_Vu{hL7_ypPZHeoq2fNaS9wvli0$|v?nl`>T5)Lf5@8a>`^|&T9uNBz)+%b1! zm3dbzFl98W8aVI<7*vZ*K--Yo4ALR%Gb7_C^E(V9uN?$RVtpN)m9dFO ze-07lEzCAw^x|Kq!{=9D3u6QZkPM-7MdynO~ygejLJ!ZgszQ6Za z^li>WhE61VqB*OJYNpUIVM8B>b;Iw09TRw?zWj(FHU z2|sdY*<)?Qw#3>Y(&>Wa?zTeyxd&YxH7RJIkE91b9q6MvJ^V;1^F{GkLQr3pPz%rnB{gWRR+$xs>eUQM;{tN zWi`XXEh^6|>d@-sf)6yYK5n7)e`4Z1`c zvJlZDdV?;k5`{#{QuQ*>vRPo6jN&~}2TA8u{Ou9Ja96q4u5zLd6*C`Z=#>V^>Icb` zh63MAXe~JS=W^;45t&P)f=}D%L))pwpm2dGOA&kfz=;uiArIp79#5>8*p~dvmi(;8 z$rt$CiirYc>Tv~MmKpSVZW_lUX7MCxb@dBmUA>G*Y~ND8^;B>jRjVl*-p>s0XFVM} z5I7>Z7m*V}h|eQW##XvLyL-oO&)XbdRzop1+d`7K<!}VY zrS0VP+sV5o8OIH0y@>bTdV+UKm=l+HpWt5H*RkJoSHmqiWcHSvvnTLwjyC!I!Tk3L zE5&`TPt=A!PAp29d-8NGGR7*t9#K1iQ-2-rAA|7JQ&9Jlfc=a;|I1;AR3*iOL6S3~ zIRAy9K@!qwZ?JdRT%NXo}kIgnVaq`kH zJ{h9-q}9AYZ}L!4e*tO1S>EOMr94eRxXeuOJu+sl(W^y3bAc{8{k2MK)UnUm1qs1r zLY4D-mfr8hUx9W*D!Pp61D7U87_g}x9*06obcle*!J^+UdOV{q>C3Q}!YSY~KX5MX z0tSzbc&}aw#MBL(sG#3)9dL~R!p4Z;E%efpY1WfZzgH`NO0uv-QT9?O^S-g%AQZSb z>(*^+P59nql(#k4naSf3s>5+tO! zKJz7Lw}CvtZc@NZf~$aE7!p5E;4%r%Q4xM9(pk08%Na1}UUYL`|*?QE)N}r3LDUuFjW|-+hU-8myWHK|1GH^y(rcFg= zMh}doq?1^6*JYq3;|7%!!BflcDbW}Y+ZXl>e7)OKKXD)M77kPJ~<`OazNQ*#M#ME`}bYOz?&`kQ5k6rP9pMc5K7fZT`r=-2so``;)yGn{(2by zS0&T7hwD}ttC$_SZUcvt3kUWC@`4PL6-yX_UZ8-UBvhvj*U-sGN=_nni^bJ< z$sqe-0z+TNoDRy0ostzh2x)#|U}VFo$B+sbE`uI=9#6jcjPo8tS3p11c4$7Vma$_7UWlOyrsw5m9dW# zE^!VeowtFS61~Ja;pO*m81FxuryzR?$boZP_EO)R_kI*z?Rd*VT;`Jjm}ZsBx_$Ul zocSd$Py=KT!n}HX-wcT*I3Zer51hbB1bTVtDRb(tB6kW+@miZEY=tM&4ct>~KM>Fv zM}ifPNS5By;jf^JyvXres(=LmA7Wy6prkQ>lw z*pB@B2v#1;Spq1-Aeb0D|9K>k8|d`=dWjNnMq#eh+JKsiRlpf=5MdS$t|~;Tun`Gf z$71pS1BEInTLgF!e9yos#_u&LB6v za6m@}*<5QXJSY;}%kTYwLl6{d{1rLW`j&zJdWdodE`{s>eFm0oo@U_agS`bKVanzJ z^yT_5mSWm#ZC($O&;zev&^Jw$=nmLa1oRM8{$m7>)l-q`97ME{1{}bB@Ny+Gg@b4h z4`kh&L6XZLQA#R+t7u0-8r!p}b^sg<1Y?%&MtnYMv4h5)bNA~g)$x|Bi=dJ$? zY0c=7ahscOPFknPZ4@Ai{A=6&~wkx9tnN=V6%`ElHXnZA(t!eV)~xHlss%QJWKw0tQ<=XHF?=3mNaCkCCe z9=#DZ(lPH4PG6wgFL6kf_l8kqknV>=qE300PM+*>!2-Q=0(EPYZ&$WjMI{AknYoLo zP4LcmJ}C4^5akz_IqOoyF=c|!d{&U6f<#SsuT6PteQt6tTeA+?W?iDYp0%RJFXG~! zIvIE^v#i4?P>su*nOZ9Ot-a(WwY2)E3u-EZDXy;=Mq@b&xj*Y8wS9_x`KKOQ9z zraF2%7f#q+rM+(FdVLD$C@+8QQaW;=^Yz;+K|$tIK9S~5jo)`>MDlZYze36jz)Y+8 z*&yfZQ*$h19{3}Lszy46MnTSSP2)pq@ZIR&hAF80ODI$IkXkFIycy~idS2dI$6$L@ zT_uPeitE}@YZ1hIWQ;Q??m>Y_^Js!tk4$xjX!BXP7BSN4w59Hm35%22_i$3;uDM;A zb|?A-eIQEEA{tZP1vaV@g0Caj&IU==ez(?<>UE@R{2rYB_7Sz3OYFzjZ~M54JyTqk z)5L#&5cPB3s&`05#ii(u`P7`flqZp~j#OrO8Po*ur>3|*H5Sx3qsCwR-4Ljpdww>E z1RFx_UfGL$+;NivHRv;e=j9}C&WM%_*jv2Cb6sfUgL&PCG${{c@~P(KH!(q2iX&xOJ8&f zy1i_3j_FoAKXLYu^}L$SMDhC6Mmz@#ZK_~ad)>wmpM`N?yi3y4? z+cZc@PlDGS=?Bh-+Za{la?~84+nXFEox{SFXfnUgJ2N!8O@plTq=ku^_zqI=U=BVI zku0%tD{Pz)euI0|fJEJhdU~TaLptbZ?%Uh+KZJ zV*dV1s8Y>!5${Lmy@7-TouTAg4rv;=!d>(_J5<}{a|Us`fhjkTS|4gOh)u!bOdWTo6nqO4I(g#M!n$Hy<3!ot~Y z0@kMmQH-wBi9Vx~lRE_FM66GX`suTuFSRr3d#e)Uk{>$CAbOZluB@fWPQ<-JC9ncm z%4nMH-WlPsn=BAau2iV(tVGRs3caRNp6$E4=O#Tmaa3BNPmyG^b`S`=C=o*K4XrO9!Z_f3N_{1hYxw z4KDpAF7b&^h)qDSAk&*`T)s@wlrCR`jJ>EkTB>c2>HUb z#dCexbXXKDL^h0#t}zvTV7^~1gwiSWlz8Qrk+k1z2EtMm0%_le*a;9_R}tO>s|MS+ zNHvkccq7nF)jtK9Auyz$$dRn0B(xyA2ylRqI>ywHqmz4+CltP(82^02Pya~!eUvyR z6QeB7sKxd|S=rv5a2D{UyA56DCvUQ`0J@jAvEV{>(kma|>iWuB@*7$(m;!?CrX+cs zVB@_=R8ccH#*o32Y}op)#RGgY~a+~*Aa8*9&lC=&JrX+YS=!sM53Y)+s3#)0ES z_S-J}U|EoCJ??nmM3M9U3&PnGx+KkdJLYQdt0!HQa_=wc$)kQ*Kr~rLBrxKoNeLusKr#0|5D}O-($%cWOtQNXqdh_oxOUF_$J1swYAVcEO_cEvALz)4 z{P@Q^&g0dC)-^5z-FH5pXpwX_b;va>bVd}KMif(%90OEeTl7RNU5DW*@}Kw`-{ zF$?tt90TN8*ziBNg`%@yp9=UK2Z)C5by?$=z_1u74j0jys>nKu5HNvp!#oB@$NvkU zf8hC#5O}axN`PGO-hpA6DU6`yhJ%FGE$Rh$rK1+8u^wf4gl3VslMzW9dbXU+rkAXI zjuOU%Fo{;Qjpr~*BAZcC+2F3R2I?jVCRFnuB@m4G{~MA2QwfA%SKkc5X$z5flC~yS zcnbeMoELhK8Okqwml5+xpy#fTQz*20ME>&$5o{P*DOUNBJPX3OmzJdM>pvlJr>mMf z`D;Dsq!5BA82)p_csJAgI;@9~aIerIMmQ`!F!Ru$py`Hg3)Ag?C4qnpRWsU23hJa& zC@eZv^6(W_3saIdLbZ^TtOO+%bSu$aZ6}=2I5&>gl4pSv1ayAl;9P-2EZIjllYOJa z5rk1A{~>_@ga4Nz|ECfNtY!amPryOa)>B7L7DzZ#ompcUjlr3UHa^%89IxcyY{s1W zc)|&T6>{V6Fu|}QS!#6DXmf?0%>UKsk3C?8#KHq}4~q$`kelbmKdk!C5`cfdMB+i4 z873=PnE=Z9j}|{r1Pl*0j=m?q0eh6aQ6>~lp>i;{D}~%My&2FzKX3D9>{llMfDN(o zEshorXdL-wVL*k^Lv2$6L8bp!BLAln2n6jv*!4f&v$O#i zEs6M7g7=kYM24@n!(^-=A>eGK{iRfMcrX^(Z=JXbC$C4CH@~Aa!nR z#9-LW=YL=>EL7xw^HqoqfwcIySXIeG;|vel$9SFvH6qG{d6b2Mkp3XnfF`gecxHM_ z5l#s}kPUaFzMf#(ECrYlgc?4^IsgoG1hzPkZ?JzOi2wea@EAQ*$)^ErFsir$Mxv!> z!wi_ke?G>_5oQ^rA+!d775YhgF^KXm5rzDQ7@=Ei;8OD*tgUs@8^ z4aDwvBb%x}o?ybzg}wXc3ark+mXcsJ=u8QI!p`>}$iX|(zoY$k18;;Pe?;TILOW^@ zUXU(l9fd&ADKi0JGS&$$Z|Iu^--&K%H1AC7%XjXmoi;S$I)K zn3x!RJ)w^QFApL^82)1f8;1T3U1-@rwJHg__pYQenFSKw-+3CNYBb{G9hNjL~gVwR$tCoU+xQ$Em_Cc^_0xCsI4zfh~nHSRjXSl5uM3fZ-a66R-G zHmh~ED{KBeYaQ#w>wP24xYZTC`RPYf&5}0wNwLL(kf%NC{(aNKcUKTsPw<*sz$6WRDYPt3*B+I zf6*h@Jlnu9LZRDy2XCKFXXj_|<-Mr?a`^3NR?k!ND|f67sA@X5cZnX zSL-5D!87wIIctqybaf{XU*mk~buRfI^Qj)T7I8~+z0aoWe~2*~1kZeWHa+xgy6xHY z%9$S&k)H=5KOczv9Ci*c_y1LxRD4dqoH~Yd2#>J}jbvy%e zh3iVQX2y`Y*@N%y2ct*kBzQHb-X3f>JV&AOwn#1bb#2W>{Ckf4j8BNEgIdi)nNdp5 z2&a(CktUwFv)iR|w0ha)!J4^Mjz`O1tB14qNq@|us4>G)th+v(7r8uzbjP&TecItS z^lT}hcuRB1M?3@Wwn1FD`^m04>H8k#g*qu2y<&DFV!Smm#h*fwI>m7A$sUR_10Azx z_1+#G=iJV7+aSMYaq=L7>tyUH>Sb9_8j-D(t0uou;yQ#5rr#!HOpGIT5M}O4DrJ@T&B^ zvP(hE>M72d4<-_x$2Zv%@s<=ZPalZveoQ?%sr#N$@f^bG;= z`acXV*Dkn+=oH+8!i+)LPVD#p7>k;YF&Ne@T@|g!b`J$$;l=S<)Y?KZOJ~hI zNlD;9<12JrAci^v_QaggyD-kPp+>K%U2ns&f)|~h4yW@cqA_0%+%EujQSj4O4X1X= zoecq-UHmcrG^E*+;OqpM$W&T*HsYj};Wm0&d;lUe?2)m^}JEd7}Cueto=t7jxl z$GS^a4=CETj6ZJ~{|Qu9*H*!QP|Yf7T{YST7^07K3N~R8y18qz#DOkfvyHlWCfrkM#){+QqI9D63D0MctmqrgG>V;d zWQs{??)q80qL=RGsn57-k7&>T+@2zS09bA*UA5MEMR@Qea4F5S?J0fg5k25+>KxaK zgLm@_QenoB=9l!w8P;OUHeId0qb+2b1w2h2`kFFT!ChB!Mxoq~?9p~I%?>av)q>9+ z?IhD2;c0S^(nMygL%Rxk2P+*j&$ zG$l;5QnlOGVPLs}bs|2^q?@I{wX8m2ggL~6={233_vj#*<{9252Sz5({BhS$>D^ay z<_KGll4)A2zCcBhNY@cB$r_ zdgGkE!(#rx;T13M<~_U7_-3(-T~c|kJ~MTx$ELFQ+ZEyMkYb)C2i?8Bn;GDmIlSK} zMX+K;hBKpI^j*`}%iak;D_-eu70(Y`6{~e)x`x=IbA5I#Ge=jvpEfh^7Dkvuz+V7p zV`fNOy8;P3C-r&lo7o(RoJxhg!)ks8>E=OF@sLaE z+P4iKnL~2oeyn)()lZEShlCRp)>Y;AgyP>L1nuY>bR1kUOc4wn!J}X=&`*<?z3pnk}uP(^w!Jq}Q=Va3gj-hHjKHcnG!q)57`MtW{M4rJBB$^+$zi6N`WWamXG z2^_xf-0Dof)pWA+(#AW~fecar;O|=yb^rx)g)DDi0N-jJQ!)Xd*M{ok+B}D4d9Ep4I({ARNmkVIP8c&k4_AP^HplD?xmT`r3Y{|%l zIidl-QZ_wvh50HO@-=gqb$+qjJ-a!Bs++7%2XE=4Zn-=DfKrHIASd@0R@c3e_Ink%13X6H^8`D}o&)B(AIw}@ z-esl>`_4q47*t+pH8)-J8S@J^nqFdW*()sv_%D9hyV28rZH6te?Iv2$*b_6{ls5F*;MNJh*@GY0>SEAi#(u&Cw{31`CIyDQ8=}GiM61{Yc z%nsKCs(su2Nm`};m4-!EW6Xr%(}Q_Q917#Mn4J-5dvy(1j;r zOTd3OxjEi>_qXNo=yF!S{eBI0z40`=XddXq3aOWomVCeHwp+O&W;ZFqM%F|J{87!^ zhWW{n6aJI!%BBojZRs3tZ=ey$O5<8~NCH4ke z(D8@Ntv(Vwt20SA-)A-rCwkH8FYZ@vGExfvnTQ0jm_Kfz(NVUy)(#egx<@0xn=EBB zi2B2X`$7XpNH)jpV?KUt=C^}s!IG=zHm3(Bj{L&q@%~LLmMp8$H35dc){eT1?D^XO z9oWg5CQCDDGMIqH1I5TD9}M|oP;8T$PDk5o?c8*NidSyaw}s^6n`1BG%_a5&q?=`Wr{SgtX9t&*$DrWG%*xf)npKICh=c>as_SrIiBymIllh0(PKc* zBJ=dftU2{vAR{A#DS$cSwf+X>66C49DGM4{RzK=P9+H%XAO_2VK6E%gYE}=fWjGX@qvzJ=&t= zZ5)Ut5z||mmIZN|?q&)#n4a)Gu*vE12*?#;DO>)g1t9`VbIez2cGOX`G7KMS-@zIq z5iSJ&Mj>NT1YfD(d4_|FN_tm z+MiZ#K(3(+!Th*M!s91l{*rqg7HhC@w`0QvcjEa? z(_Yc^M)8$ur`%HzEX^+8;h(PzKuHQ_Q_0~rtl&6|#>MrtFsl@^kj;Xx8cna*N&8+) zfRBj8Xw*Svx^G@p2-I2fumu$3?Szm?ys8LgBb$6zuFkHKQ*ku}T^Iz&?frAiKxoq{ zJ$iSO4WW-$eN0Ptn1bZqK*bzGg`}nf4~XQlooP|(Su|x_O6*}t8M)FO6_nA5^>-$9 z@rb-0wm}u@+{ItcCF5q(e=}s|+Al+fO=o{YWX1fK(7z%wr-A$t9^J8}HX|iBH3R~V zziT_!=k*)ndh+g@h%*4}3`kM3p`j^Glm@j0rGv8lmqPsJ8;voCc0mweEQAE2I5q%2 zzM<(=7lm2T6qYD%);$iXO5h1HsXO+ueF`R9@R!a;l)Np309=E?$Lswv<$~-!VD$I~ zFBpw}ez|S45QgURMPt@ucFJS2tb3Rt6 z_IZi(CJMFV?|!}6$ekx3@@Qs<`|%;A$*js6cw6&|V}P$`X$(`r@9tu>_SSfL@A)!E z6PB8by3l@#=-d^NFqr5+(^X(O>3a#I0iYE-W|MLmFzRbheh7t>t@twub1nrJo>5+! zmgMt*TOf?mrL zpw0B}yj&?$s_m_D?4C(7E^)p!qf9+luy9%^*+|f#vd9-Cpf~Mj_vmNKZ5?s6pw0&0 ztoO??xi2G-fYj?wm_NwM<*Npz_&h$;x^8#If{>k$lb?Y31MlUr_+DYe{QHiy1Xa2q zN_~(qIm;0i3NFw%(a3F}&MEScVh_Lp;6ZQrY9173$+8i5HMqA+G-20K0=?iw+Zx(*1j8&J*~Owb090kw&j~(ld=(iDJjyX zC}w%(#XXS0=)8qoQOM*~SazwwsivVwU2|f_$$;7ins-N77u3H(z#dE6({s{*SiHu} zy{TT9`4A*xIZrkFJ;nHV(7l3V;mHD}J{Mrz*s-(;gWAM;f@R=rn~jig(v}iPSVtnl zVI}8vW9}`#>Lb@x9Xblisel}Cdl!YSbf`(1{Vm2W*^br z!=ab^nBJ+(wpoam);)$(B5pZm{L;waHW&jIc0I)D07JWk>BwLeygK~rl z1=paY{>Spaapj#lJLCYs1{m^p)&IIy$La+w7Hc-ZFhoN!9C8nw9%LpM4dDRnK3b&+#2pkwR9LVu+#RcGIg{@$ z`U_d|$wdjJz}gs#suGd&Ptpd&1_cj|_kGxWkb$g#hCI?Z4G%aCum!rEV8p`TWGVHr zR<MBo1(vgu|`{1yL20TMb1M zGt65}UeNhuz_RP)*FU5zSc;-13>rF+&}b|Uy1F$GM9Dr$lZ|rUL8iDBTo7m#JX1l| z5?2Q${>O{%UNFto;FDl|Bd4Rr1uZ@VfY}wXArnb z*$ykg$_LGSj}^hcTl_y%yje~Dgdt6&i4Z%`e1X^@unWNQ_5V#Vp=4v$o{a{5hTPo) zxRzsbsqeMEJo>%AGJ!RS4CFp+t`N#@SW?BF37Ct(5-nL~87T>FCF@f%T52 z7w{PC;-KAKwUg~XR2d&7H2y%1dzes|)J9&Kdmxb%*vFX{3GJvV!t8KW%hra4gI3=) zx+#nnB&7mONZpklsEVM*Ve^ET!X;h_#YwMd5Oixo;fERt#R^)A(Z%K(^6fUw zXHfgy=`5KymxG&CEa=_4!P$SQ%%3)hvK#bE@#ivzk9Cn9%d4uVQmcY9Kv^NLVKr~3dY9I;*Rs%P2 z`7aFq4|Z@`OS=AvB$N}*ph5DOhz zwf{td(188T;J+#UCk&v=$pvW-uYKUV6klpP;JJ*X_1>pc?GiS3f~CR|?TlbU5(^6g zyz)U2P$}l)&R4)rN)nAP=)EpuNng+j3rK$F-{;}g3nsnluR;!ou)*(!`__PuXF!9` z0lPMIFL;IQ`n~v+?U;ZdRjYS5j$(~PD~~hyL=gPdEOxXqf-*)h4%}PO`{3UdeQrz) zuKse>#~G3}4%9O zR`i1mu?L!UAbASlDU`=`lSGD>v}VTyT7VGjPKg2u?uDR`!N6XYo1RUi?M3537d~Nr z#l~>A4M;<{+a>Ii1q=gN1pfvXN@b|z(JAy3A2V>)V1Yp|YXq1;>0yO1A)w%+rRN`* z!qWj2B-9>=DVA|qsL;gtgHszH>;MEXhM*12zZ#0_1@-S=75@>}4T#a}B7|$>11*A; zgew6?7_>zEkMv^w*Ke`=(_Hi}g@yrM7O}e&>OOW?{2LPg(O|+I?N7agn^Y|L{AuIX z1JiZIR5(PQD3v2^}C)3%hLzE*)zt{F6VG_@aw_4BCFanA#~qg)LNJGKNZVa zVwyN}=JRlju*w_X?bYOKdS-&}BQg!+)6X4wvY0O*x9_xE+3m|g`D>GtU--V1{iG1; zyK{IkMwjC9H^a`wkNe2_E>K+lE>7K;w%_`$gJlU+Ow9? z`mUp8$mNfvQtmMyVD=zlt#I~PJU zy%o9Y)Ve2N_xbl%)~p7|UU-M=3ngETeq+;s4t&bYVE6Ko@Uz@NG9n(?cWV_yd-)YhNK zg)!?}wG=gWi&a-0>-jA3VAtqV&u5uS6_GGQ%v^0EKVN80wuoHZ7fG=9`71A%beYtaoqAl?)gM9@)igB+jQ(nz` zSS6*N>My469_ls~)z{v^vvaQsO@lwj*`0~6{mxS+y{n)FUrQ<%syQ;9-h(e~4ZQ(d zn&W8~PYor=(b~G#a10LnX?&Y+NhsFxe}Js`cGO=MeTaZ#Bq5I)r99UCsk~oT*U^K!?&OB-xhtfq$NUNGN;>i*K&^I(R7X?M`CW3 z=#%V38ezs`AI@d1NBQcOK8}6QYIE{&+@6r*r|D^Ik=Wb2s} zmy3rrvl_UhKh83=)hmMOUG&|f zhjqX0%eST4Z@)_q4AeC;eXiK09(y^ac<=T4O`_w&pCp$j)vRVs5ZO7VH zXL_2jKQe~?rLj?MOO0IP`$S!PNf&6lETXiwY*{fU#{P%oYcGfb|3aj9=lwjF{)w;O z?ZA&G3pmPwL!u=C_F)AEA182ox?7K>TkgG~rw}w#boku>)YkuQBcVv3;4gYhE8)~u&!jubzfdXOdg+T&gBp&qF4yldve3p;v^o$6U zdf@3Zv>3|uQ|Bm=k!}QO7$l_OJOldf{qFC3&e?zb;vbcd zv(|lIcU;%K)(rC~n;V>+#u|^<|B#qO)jR$?-MbpN%B*_(pIo*vob7 zega$R;PI0#ezGzNvv1ctPwXGW+9lT%9+=4enhFJfI(U)b8WxxBO{!3r_W3ERdhdCq zVm@yUKe+Hz^Kz&)vKu?*sq@Xj&vh!S!9=C2n??3TU!MAf zqL*XMeaC0c!s+uqJfh-@gW$`bDI*1v$LZjp+3EA{pqDrMr<*lUY-1{|8~qQP`{PTi zdY}erf6HX?8A0Sc!>>$%hXgnjTf6 z%X81PQ^cLG!hoxPm%l)AQsxJ0q;CobJFgB%g zSfxYA6jl5F$xrwoc^zDm6IVUb7>>BNX>?iOLYmTh?A{w_1D2@(D6FEW8I(8Z30~ zUA^Dpw&55*4=yaJ{^r}`V zgX{ct;NfQ7NY;%?2~Ok`7jk-1ze9t$aB^AuT%`qoY|c zuYDS`Turq1xyna$J_oL8sVNYz*=u4yInDR`B=C74@!k#V0V)zkzx9A=M!#eI2ha}j zi1bt6{zrIId6tS42ge05?;xZeJ*uU0>7(1ow&_W;Szq@SeP`GCIH0S_VA?2Q&ln3v zsCrUD%_oMF)!omEVxGWn?T`t1wtr7Pu~5D7xIFmzDTrtsz1;odB-E9@uYuS5T;^>Z z*21VeY2n*f$cIhz3S#dW+2tKMU-qA91p9(coj=Dc_d$ZBkAJB&cJpw2N8!~YCODQ% zZIA}Iw8mI=cl~7n5zSg91{m9VT%L6yKi@-7^HJHTcjpR)0g7y0#B*XCt%~SyYk-ch;PB zZv-(I=ipEv_I=b06m<{n71yT1Blad!&sMW1uH2(hsvPsBT23NQ*ad$f5@BUKB>!Z) z?6UpnDV`nGy$M^A=&Hs~w$tyTQuBSO(p1bHc>GyjMA^w>$06CpRq%?&lHS8h&B>G{ zt6#twKVt7fgo4zOP^ta1<~p5-(zn2m zeagqrlCS4~&|jT^L?gSw8l$W4+2eW@mTgGUiWx?~(E<;i4D@wO&SiAKlL*g8eT9H0 z)o5-gO!pyKO>wC9(e6d9^3TtQWRec~_~#~44pGva=>6BIv7=+FZzjeI0<<3xr)rF= z3vMRrUmZkV8E_Ug3N^*+bik^lTgTmbNUSN}+-TwFt5ioHf+;~TtDX7zPrlX|lSk~qQRdNGb7u>K`E%egS8K__wTh@Ui8pi8Hv*?~zV z%52##b|zTE2AO9K9J=%9{U%i{U9;+Fclj0(*E4l4!S^!S&mIpE8U&2!=Z^J8*;E## zRHgSXl`TAew;T-jCT*F7m;KWsf^>MeHus*HpKQyLZ?Ltq5^GZ6r_yz?kPgM%{czW` zFFm&6D23zPGDC*t^Ap}{@Fyvx4_87eKC7&ZePQT6>VFkorv#3s@8;B(^d@?$ip|Wx zdU|4+CGuIhZAg!HD@<*b$4OL#x%Fi*$D87%Y~BoOa*CVfY~D<3Gzjum0RdpL(?@NkSf=RV)JHowQ1gbR;9 zT&@Na@?#_*f0i6EF4fXs6H>%%v$P9oyjIweH2w6B8O_7;!y>xJa;6HVJqjF$a~f^$ zYB3x)C6z|%FDyik*h-1`@JQ;q9PyB}7)tl|b6ZkO%KR)qBq%Y!7P%vF`}2!uSnxqsHYCZ-*-$ zh;2qN&@@@a3BHc`!gY?5?&y9*E4B{`IgQoMc`V`6W9_2(`ZN|w0vVcqn*0DON41fWG22tb=~ zK(~maXf9;06+{K**Em1F!-*;P7fwrBNzK-JeSYAW@}d81zj$-UaNKUQFivvnRET*n z4FFck=snl-z;fYr$Dp2#Fv&}L4XbG4l=u6CqQd^}ZDq7UQZ8~nqSO2AP6w}VSO?u} zGekUepgC|0B=G_6tMg}naB|-Q_3@Bv!mgK!M~SZcaM-ugDJYn_=#4^CQ^M7G(SeY5ljjpatqh5gNPp z0_+iX8lOm%0okwj7eZn>T7*xvCi2mjC>EUQtn$A zB??dXrpMs~@$8trVeZMRjg3L!<$tx6zx$l;C?eDq)>VEUVO9?GR@zcIOBA#H*HEjG zeloh^(kR&|5b*l1&&v zc4vhjb+uh3Awb{1*sfn#z^v%jWx_<=FV+in6}I+rifGl-OBWV^Ei0n+*^W)yk67HcE!xR*H z%j_G&6ii=u4MBC9hSz<~q%den<R!j^EY?s!_RzpX4sa|*++~TPLdKV| zp^s9JONm5}y38dvB%)PVy8^P<17b2=9sjG%@92z!wTHvDM9t!N;DP*JWaBM3ohSf3 zetmQocn?MlWTSno{)SfMh6*~Wg@7drv;|rl4!usr4ZWo_R~fuzqY8O|Z0Cp}`%NI4 z$3EUfVz>xUQ;U$NME~ip5zOBd_W#OX0q~ix`bG~Lz8>u+sREhY_ZHzbvCUwhCF0?r z8PH2@Gb?&6j0MzoNumY>o|pR|Xsl~wwlLlNe>f*dMg778Q6S)`U3htKBg|beWf>#A zmSvD;(KFb}MH2<8_KSw5{`K%XoSBH)^Z<9x^0soseXN&1z%0(;^21u4)3?0q*9-9O zUY-3ikV-E5>;3@ue(kxmeRgk)PEJdUkdDD5LKY;b?tGW#t-9;eQps_ z!brBDAPYQ=?_kNO5d!aFEswMS6xQCqGt$*j^v)J*qV8|78NzE2mrf8Nn5ga_!41PA zKVno-mkM$3e*>^maQ#QB`DOc19-r@M^VBeGnwqco{vDgio4pMIt8WZmNE=u$>2Z0+ z`+!OlW+I#4T0+=mk&xvd~(uza1&C`J5UTqUH?jQ;2$z)@M@0GAj6D&r94=K*Wn zeXLZuajQ6hvhoIK(g&2O8>E{ed-w=(X1Jvca87vkv8=RptKk-wiwtGhaZr=Dei*T( z0OG-z=;JYYq&dRF8tQ7*Ib3BhvPrY~_7IjD?{aIPcdfML!8@sMs}n}{s9RyJiwd2q zK=5Ep)#G}|ThTU|fC;7JVRe-B+%H~u0&3u)Lx67dqq$2WLnV51meH2dz8@GbjO4mA zmHnA~-1{Ae!}oNR&&DTI0r5!xBObL@46ZVuf2d2a-e0)`Xl0K0YD1+~_}?%uiq2_<7Oi$M4}f&1rhE8v4P8g4gzZI$6W($6u%pgb+6-b z7ON|`U?p=E$iia{9Y`12h@O63k2i0rT1cF$R2VxY^i8UBn4)0PBSP8591m|^C7t_Umdmd8VOd!QvJ&`zWaWQ zUOZM=SF?}{9)ty(OpQ|OMA0%Sn~j$?56fJ%X9kZ(?Qd~nFL?5+dkEmF6skGPFle88 zIWMP`uzH#S@`1h}^wY{Lgr3Ahj!`?K0}aqiV1QJHRbYvg`X9Lr*sGn*MxWnwY?)yI z6mMWo5!_!Gte7cWophC>$9ssR0B|DBCYHj9{LB;WGF&e#S4QIzURTDlsT3UKMl30WItzogdLzf8yS{_JaZ# zi~t4Q((rp?US9OSk*Ys+2$L$SAz4*KwWD6(gaLNuDX(`M;W zw)nkR*O=@^3orp|rgf{^D1mZ^+rSn#TE*PXNX#xwAZC{hZv|rZRv_>+U+@0AK%}?2 zaTWuuJM~xVP64gk;4woW{&fS>tOj!Hl z&)d0|0bK3E530tCE+8f#)mh%|?Q)BEA^;8?_OJuTEJ=K;o2y|+eMY-m#_Fge;*^Th z*;SNHx9~p;{rZ0|^kmdO$0=OQkHCMF9s*PPK!8apGpFb9+k_JvU-z)nR9XgC)9hI< zQA8D#+JhR}4ZcJe(g361U0xj`VR>Eq3gp#^fRrpxplAzrl(bh}gdHWHMrm|Cy&M04 z)IR@PYFAifL%N;q(c2>Ys2CvVf1RG^tO-83PCWeQLzl}R-2@I@=<@+d0;m4&|1l_R zzy^g4*q~4c8x(#|`0L!jgs;N^jfILx-RdTjHy9_*2*zA5Wafq%8iJl#yknDa_h8kD zd-6Ci*UM9<&+4P_JfRTP{P@6Iwz`i1%sVv-fvHhU0dY=L!Cz`L@;5aC@{jhW;7*Nd z|3i&nVDHoj3=fl|A(kG4*8c}`{2y}U(4H_WHW|@(_1d!_GY5UTA@9*3rGKe#eR6W1ifi{g1L_8r*SD9jGic{<8Yii1CIq=3BoEeUZus~r$_7sq0eFU*Gr^a~ zbkFl4?p5~ub>DpB4o8gUji$4JS}+^COahK}FKUHHjD7)y_O%u*JdKA<3uC_Q(VI_G zyaN1OBWV?=!)cCyi^H{Oz}c}bA*uj4J7(5VrWtDJ`=)3tr z;R6;xznYrN`|&@{2&P=sxICl*s zNoPcB{-_FTP2gHX{;z8dYHe*Dn4|&M8gZ!=sIjSz{GGMK_OQx~Pw3ADDwFyPaH~P| zO56O+>W1AxPCeN4Fbhio%GVq8Vl^oIOVBrm1hugY=0rXkMqciYX3`R%&0FIqomv~DGt$mo!M$c_L?pU#ld7ErN6TH7ETxx>v``FSAvH z!)##rP&-X1`n$$ep{G(q@y9v8=&gJeV!(Tc+e7D4-8+5f!iP*1L&tTJwtk@{vxPGl zs$`Qfz{SPjalc=Kk$4M>TY0iyAMZaIHeE>)foLhHTHEuAk?Yxq9i& zIM>)&hY~qV7P~aIr<4XUUfa3{|o6MPmAXj3L+EL5!hSyTKTXM;L1s z9>vPDk)I}PgB|PLEIk60y&X^7uk<~x1)uS(15Wl$15VEB#Awdw{N!UaGosTa} zcJF*t^{F{86Ku#Qs+^p6ysGCJaJdqu9zeIBDSxr0c-SU7`*sbHe|MTcC)e|{Z@7)I z={5p*a^jko!?pjK*CaRQr|!vcpX%W&MzNGN8>*Epnw=n#3Q=?GzRHEV~P&L^qI$d|5fh(j&apWqH)!&9O|N3SCJ^) z5_PVlHD0#kvyvI7OyjDi4?Fnmn@=Orzdl(8h+3nTItgFJd%O<44j)Sq%pV$=)RxpV zo7DEDDJ8Zo#UU;gALiKK{K99i;@|?_hw@#TnMrR8iJndeo@_!#vE8Kub1U6aQ}Bhn zzEQ9*n)NTeZKdUDOak!M`OYG zM2V2L?IOZ#M`>>6RDQZwM6S%_iS`&oJRv;3H9R3Mz5>)C0u&%2=2SaPAW(bV#Xx{; zhTd@XG8+O-0EF(g2|{2^5CXAzBs4MbCK-Rh;yV%5_3_d1q$R?m-N=4RJ@&wv? z`m=pI{o3XF=Vp8NP=p)!bUl+L|EWoc3M-qkP8RKq>*!UI3xH#E3&5ew*v+iW_!kbM zcmIwfH(^Ceneh&XEAA}}2Mb9w0lI`Xn{Nv4l8`pZ-Y!QjO~G&O!kU7U?sys=-;UoT zw0+@!mE*YVx1+cWpYjVlN1Tw_2Cz=9V?YtMp}~b_?J(Dcrbkj&pq!++hDz$<*M@4yt?`qo*bp0RL$%b3^1@2a`x#ys~DEk64x+PyLZZq5_L^;6IM6AwBQE%MgD0}-s|yi(FP z-6I^p_?FfkfcwMg`=WzEOaVcM2>Yq1dr3E6Gr|wRdW?5Wu=w6nXG@X6Zwb3j@l+?2 zx68qEc6_8UAI0~8dcH*;4z_(RTC9Eluy$!ZtdVl^(ms5}X}1|HBaC}ZsNDPZr=Y58 zb+>|Fq}v^Mwq#iJt_cT>hCRud)F~OSEq}XzR3OwmHgV;a?HAYWL$&^OXkSd_^jr8x zDe*L5&Icm!2~VyxLnOwoWBx)=nwwG%{0KP8iC`r%#T3|(SdXv0a~>W1R*YVUq07^&TvSD4Q72ct8JmEgOuNsN>?I# zGxGSv?jIB6QGxHf%WSdm6b2;Gt2|Rn*EpHATy7y}uld6&rcg-tP1nlvfmR@9hS_VT zQ`}~Tb_37a@`beKb_!>VUEZVEVJQ|XX|w6N>_eGF3)aTX$>$Co^~RqA811l_%B12W zoWAfOe|$i=qRST+p1qb4GGq2HOWlGB10bSAqLtD$Q&@WWkliJTR%rN;+uz}==-Xj! zoiP1cbv)9)!Kgnh)OV^dH}oEOMgxi603Jgs_;JL8yhsRkE5_1wi$*ufg)a<0CSi=6 zVHYq43*c7|!`9>=u<9lyM8{?Li9xfW6Q#903=@c6TV8__V&KAwW=6Sgi^WXI_*qD4 z#tsYb*?=TaKDB{-$TuHGMT<+;_J6DliIX>^kT?4Y5c9oEG6o+1(GCtc9}8(xTW7OI zpe4L6l56dR-uPTzb_ePF`RJX?{z~)pud|iOPqQcAj=$YB*!N@d=CHSgxZSUNiP5`5 zrY|H3WO1x%vnW-ouYklv)!j8f?xqv5c=B-iorjm*I~qceAtn<&yu7VM!Y|U{$GQj_ z&XzR(pBTw>o`7v7yk2N5_Fx~!CT{XWvAdX%#B(#%$`XYpFmaee+<2LI-L)P(ZPiO93mNc z7~K!2R8qCE75!#mApk9`g#3@_XGBzV5gxH?AsoP1AR9@G4IJA246_H;zjhK}SOe4W zJ!pRy092|(cOj`-=YW_{<)nXf2;T#s`3ndOL1!n4e$J+2{$`BGmwO#zG%HS(NUI+* z4r_bd8AI9HZw*?F`?EMycUS#c*tLQ-;eY9^cp@l^$+YIAi%=fZ0~9*w3*&|e`@wwp zv%dY>38)GLWfgeX`OkTU{*_WMGpaa%6hxg=fj(WW$7_GL>{PUvMqXiyMIbP{0u*(3 zTXIl5>xvVi9oDsIj<=!lK&vRWyEdjRR(Iu^KQ1fX=LBhofmWv1jTFzu$)oA{klDuE zobOMNN28CE18=D_BHuRZ2@Y@_6;*bh}Q-P4IKQ`C9n1imkN57$J`xl zbqJcM7I&Z3#ha6}Gxe>cdf=@*?ETZN-_kOBMF*K)chur(4`hC~@&=lE`LV8x8bJER zrX{SfuEUBD6p3kvs_f9_i|z$akk8@$Cu=drCkGMQMmn`6Q@7u-op6_eEf#Re2wPVu z3xpcx<88 zt5h?H!kZvhLAwnim&)ii8f5+lNE|#Rn8}9>Yt+u#1rGi#Vhvvq-W#VPzOa7^$v|uK zC)b$10-@UVWfAr~q154I1jWMGY!UXFHBCS;SPWpMBD=Hy;$n-jNU1wg-qJxuf z$yXdD_5Rh+w_N#GLwBW>|5a9>{;90iom$r)Tv^O6{#TRKo>h})?wFj294$^?!9>OwEd7A-P7Ns!A8 z5Zg1Li^*X#g^Vp$C>sLM{p2cod|?qOZ(wzQ=U@=fQsh8Obvt?TA)kl^82O)!-IYC;iiS%IF!w=@5T z9>GvA6P!h2rypf|SMX5%{@k{lCj4hFoq?*~)$zyHr~xWW3zL6mc{DkwJ|og8TVrOw}AJRMX+F<*_;2n>NQ+A?Md{is@6CKEeI%V-5iXI zvh`C{u6Du5z+)~ap(e%+_V766(c^h+pFq z>@4*3KCJf&w1SH>NftkjhrRA+k$jWz!!TLvUGP`r1)r1p z){^Rm&HON;z&8~2)^sok-eV-JhT?J^G2yJc;6%cR?A z`@XtL*iVjaRAR}alPt&pPFC8N-&(7LS+lycW_`D8A3FiAm13tuPJ! zEk32zv+u1&T*mD!u&6wFFz~S)OFr_!Ld6jfO{6jyK4X-Tmo)>~KZEx=#zliE+VQ?N zz8$++-`(-rW{T&$)M-->en<%7u@*xJw~z!rA!P_hwoAc1U0ScPpCxFqy!cYNzS}4* z-(hg}siP!2IKpc-?eqH4Y5zwT4fs+!0&4st9BLox!=UF)Q=4$1%oYNK7%hpaG!`Yh zaAxfvz|M{&iApac{8wXBz(^25|NvH(*ZKpDlfOW7QH7q@~o; zw1$-dTf+^k;C&-djp=O7<5xBhcL-B` zRq?s5o6z4;*CE<5&=Io1y;GKl`4)}vXAz$N2ZmrM8l0LB4U!0m0Ixj8RvZKlK~<=* zV9ctQ3#);<4N$Di8)&c-#M* z72|(d`QIA>|J};&Zz~P|wUy-mo0UE)gv~l_JSj;=I8kMkMFO~tk>G3?l;ST4OiJL_ z7$c~8NwK<>aJu}|qE=E;!Wc{MSVWO`43tq2ec@KolhP3mI#rO>jJ0>}DV^P0GM)wD zGdvD0ex&yid8F()9A|Nc=<7YMKVf@$2k4N8+D8Y@zxw5;tx;WK|LGG=92uxMaw0Xn z8q-@$i3-$k);u^fhHUUlZfb*k5BTcj*oD5}{g53-(*)Ew2*GWFN=Q^&jNiu|Nq>X- zmsf*4YU+O6dzcbS$wQqe~P#ga|w|G{nv^xRJ758tHYDkKTF_ zncqab*x1x`#^e*W@S{ex`SN;af4)R~p~1`h;(N;BdJUCG!wu{DlQb{-4ANU|XDYp!Nx2O4NZUfv_GVm5|O*pE*k##{BQ7wbklheQ`L8rVqvY7{9L z7 zT89(%tBczSKzeoR)L36B~+z5-4WqXh*=0EepEcV$oqw-Mx4+4 z1S!KR@0M5oW69rFP`}%_*N-`_{@<_on+@>)7e@XMHo*VF{?ABAIi(3^p25{*r1yPM(?5~E zT?kZU=69eX?}-(BO!K#Sh|w~)jR9`k?zs=j^GpLc%%i3d?SYk4C<9)3P6VTA0V+v@ z5{gNWA3T53eNVksJT)%ri{zj8$b(T8#ChifEnf(O;)b^J{>YM~NV)irNa;H<?>3KE%CTbnHlIRS8A3bP)YOw%1m=;y_K0- zL^2p1)g!K_kCOzW#=&$6LU074=l+6v`!l>64|UmdP^rBXQh#u;8+ps04d9M=Z@E(z zFTSe{u3x->2U2zjddQU$EBXFD2@OmXBMIU97%W?9}WN0uu-8FJgutc>dlmz!8c(n_+LYSgoyA}SA70ncpuptPAVV@8v9bYYB|F+<4 zJz!$9n`Jw7cm*Ll1wEj2gI{B?z=g%^-k6g7Lwz_vcK@{#r1=Pl8Eg!?2TQ^TJTRdt z!6r08e*!%2D#-E$hyYvR@5Ktq`UQFd2|58u2u8t1MugfNMFtB8AYVtISPlz*YM-)i zphO6PH%7t%YD;6acqq>ADWjY7Zpui4;GcoKF>0+E5Qo}=VJ+_qnL7p1LrBj-I8Uwq zG*Qy;TKiiQDfc`CLW<*`j2bS34(nQTSkuC3EA;?1_AjO5O^)RyL^5@dvU(iuF>JQHLfp;v~jd=z{KC?h&q6ZivKrOX_RuIJt zP(3969JB#81FW^fIed;s)%#14l~GJ~T;YCLb}Grk1X-V#I`VhJ0Y!Q%$VxpCfBMbt zANx)3@BOCzCj_@ffOh*60_j^KQSM>+TMWu!UfsrE<{x9AeHVk@>4%71f@HxrJ;4p0 z$KO`kWon{h*w2Udz#sh_FVefiHuqP<7L9LQ4|{)f9v)WoMOK8FXf7_+Vc#78It&}4 z{6$5DMP(v(v$ZKcxG~iCGTra&YI?ce1PpBV>sP11`p`>p509Hc)_YKn{PWPA`R(nL zn6|(zjT7(>pU;{l9XvBazSdw*xTwZN=T8-ApJ=6zG)7ZZ9%>saE=#?9+0Z4o4u*=? zgHOoWk1t`<0`-+A(Zyw_U)-2L*!xWV5Jk`ZgZ1vPz59#GCe5BMR~O5z$MY4hk(ar} zcLB25d|Z&J--tnA(sS(^xQix83@6P;aXUs_9Q{b(Fc$MTJe2@*Fai=6l0=sO^lqF0 zp~Gc`c?X5q#eNtrZA zO{Yf`-s{eui=6f^$=X2D0L_W{9xmRffB&^uV%&JOb-sI?aDxERDS(fz!iPUYyw{o8 z)>VUp1aAzF`0niVp*X}91)iT^Y2yt$`{3S-)lsX#$e&JSatK35`;cZ7cuMf2q_GOD zP2DYo(Pa=lcE?~2LK1%1p5A24sWi{WjWfd{#$5S|iZxTPIfgC2iiPw&~nMP3d^E z(u42j;K=R9)&x5g$`1ZgZ+x@+;p@Rqr}0aTcP&qB*0niuMC;y%cyZorwD|5$aP1#0(ebDH5fhUNKjj9GIz5I62jcISZVWlaro*L<)MQ^E3I^7T>_f zT~f?QGkLq_o6`D*NQ{ri$m=1#(@g8eo3--NS;V|5lfQ&^m5{X;$amJBr+iR%2@jxM zI@q+S_6T1{-WD~G-g9ev(SF@eBRZ=?>-BTP62gTBpA5Q&^rOM^pbfsRST1w1^T;}c zprXS+0IL}9oTQp=tNIt!xNH}Rho8%eqS%XC)-9al`2crArrT$aS0>U|Uy9Z^&rZ0| zYZ!=wsuu=}Y8JpjMNK-Y+mfc+%-@bDRQHP(ANv=rgGALaVJZU|x!#W0uJNj8^!0MtuYKrS0TSDtv&@(-aIT z;5P_uax?BREloJ&__M}m!;L^#_8}~U@BN6+9&boKV+m+?B?*QfHq!{dJcR$;Z4n9V zB$AExI6Fc)n@W~xqg93_APV*pH93uNAGB<#cs5`c^#~Tn2$pvde#Ds>$VGYgj7Kc* zqe)cA(;qO$*2z@M#|OR;kY}{rgrWq1$+gNTv~WeAOQ)q1q1?-C!+b_F>SGKiDCM?0 zaR?tyuQi)o`ZllyFJBj5+pe`K1Nmv*z2afZSYx;uDVDfJ^z5csw)h>y*)HH!5+wOk zBrM^)m6?Oy0TN^^b7TxO1C4N;VLLNLjS}Cnj;n?3KV~Ew)=N{=ON(Qq5>2UrC-I*L z2)mMG5Yf@R!5_ZdF>WcImjxNnjiVm{ug-bk81~35Y+QeXF%a{WNf0ZKv%e7C?o~x3KbN`S7FL9RZ%?gzuT&p>4^gyMn$0ncJ?IF2m;%Uv z@q<@k_Hh;*Q-8fm?Fqa2Em**>OU16o|Jtn5Xkg0qY25#HL;BktCFU}*<}#z_GpS^o zn1B6-AO-U9q<-7;Nx~}tqJRZ2`pDSzHiO1)J%kGCrr<0+6Za`MV>RVp%>$9ZQY5C* z%;F)eC$Mn(2R_dJxf8o)tqFwF%?;9m1y6=jBAktThA&?NS;2yT$ZTQ{jLDZ5S5^=~YBH}al1ZmU@LoQUUx+f~SzWSbN`j0}PX8^KHI_a?$#JcutAd8DD18RF=) z=Eecii}0ItI5aT0$BCmz|6KS%fZ~C|jS-4O2=OS?Gi|AyYG066ftu>&VUSJN@tO8u z{`<9d*F2vL>Kw~1eUzDj@0`y`f8jot$tyo<=O{mH0CB66YDlk~TH)GTjjnTdP0vL0 z9ma^S(&m9p8GMQE*R-$qbbF=pUVp}lb=B@+K$;&i_>#FiB{};I``p9Hk^krGaFYd! zu)vA|bbcu5al#zW0-x7tlBf80jI@)pFH|d3#LVlIJfn^YSn-fC__2E|ykg#awp^%9 zJu4=952t08PIz3zV%s82GG@D)g&QvgET;x+<6T<7tuHv$*76Xz-jIoR%3+`ymGu_K z>x$(NIR`;p`!>gJPEn%+S({%i!rz-pL^_}p721$$j}358KPD^@KJ@V->BYZH&^+i0 zH$ZDcMPA+xD(OfX&Vu%napHb`Xmjo(cvO1vUfNQ!pFNkzk!K(p;mt0|&73_V4>ngO zNXbwH>_=!^rd?o{Csowdyv3C?oxXYf)yMt-O|biHfkUV^rAUAGo8(mkm*28&Nt&ec z#uE!S4BXaXheqziKqRU5bIWL1I=9@a8NVydHGRBvMbkPkg6z$c>;_iX$_MYURem9U zxJ2~89mhmQdji+yl)XmVLBEYDdCa0fY0Aav0Dku(>3pOFt`hDzR&*XIc7UE|0}lxf z{x!|_Fx1GOV3ei{sNsgi)4sXlcz#Lm2hF2D{YUAj9vo`Tn2E9UPM0s{`p3|x%G=Wh z3OBnz=d$!j*NqbsHLon=&h4%^$qUOivNmx?JxNu&npSIsinl(;Rt*#1hlb>C)gE(C zb%7hhFhh#U3T3v45{)sdI340%bEG2XqD~gkn z&Z$}yr;*rxtf$BIPS2d5jc>2d`LUTo2oto&XrI$?@dfdq3vmLU0JG4I`;;qBtEjyC z@>@E3nf%*`=@4zLWZSn^OV1c?;2&(fQCbDB8q=q!V=s(M<}H@D*(G_Pb>4#uZw-V$ z!BO89L_ovoUy6hV6&=%$jj?H#zwPKYhl2B`bLU(}<~!|ilNXnJV`GNqj@jxj zPVA6==nptrv)WS38Cn(Z%RIQWE)S#ymx8t$7ryiCBEsWfBlG8ZFovU?Y2FUPp4Ft88~a*F-Z-|G zQhs6Q?4#r-v zc)Q#k-r^|{6(@7&4xH03iB;#bE;4CtFym=d$MD7CSH{zt0B`^?6IEJVZFD0R2S*h` z82>eaOn&p+yM`BqOr{X*WJ>@1gKV&UA0Yt;jaFr#q`#`c6(@JEV<=uyH#7hFllMvT zkMT#wgbCEtlQi3UYL7Xq(8!6Q35fzi_6{NqGLPy*&XgQZ%MolbLsOsgE$NbnL_gcg z%UhdQFvh7tDm0po!k5fm9r%7vMPnCtB7pBee99FR$cyz38pI;qfEWC z&T^cWE`z-=ZnDm9uafy1l*B?+MF1}ra zfSIWXpB6UWe7rz@%kiB)tM|;rxnFX;B$?WygcAjYrt6wbPkCb3ti1Kqp6e^4VU@gO zi=U(wasSb~$E!6Jpz*}{);^gWFojQKkE7%ZDM@iqq3ISQu`hX7iqh%JM4}PIx3%3u zSoTpAG0}>n7fz<{jeeiqnOzHf#qfS+kttm&Mm;tK9mPuxu~7p>tC-Fxgh5rf(wXqj(~Z}_w?h+KaKe2K zwFMiDX$`ZGdCEt)wz&vWs2<{upjN+l`Q+`umf=?^Y}uKeRJdMkUAh$w(FzG)4t0?V zyTT_goOhnNkYbjlwcj&O2)6pzT_bL`meiNF82E$--QXt{;!rU8eHvEmWrV8Z)Y;=_ z32$an!|fvi)_y=HUVO0g;dqV6tYVY^BI}bnbc|GtH7jBmprML)Fft2R`jjq<8JJBH;# zKyPAzZVQD5wTSZ5!V%BIUJ2tL_^F!YYl~iwifNQ>%g8{itQFmb57tq^ZtdphLkRPM zRIH{PQfL?Bn?9wCtzZBsdQvowrId4PlaNZ825X7TAbLtKoW+=$YoLOYFegLfFNeDL z(f)-!`wmZse{$3L7cR~LPM`h^(>zH{jA*_F_kvNPu8AZGY>fw?`1J=xKUQ~IRXX%ayAYVw2l)9;t4^r zP}A1ty0->lHA@2U&?TkWCrhZAoA#DKNa5OX6@=r>_lmbhpD5RkFHlp36`Wz&gNGAx zJ@80I*n%%rsWpi~A{e(SJ-P{bqA*Bb=ZIU(d+RDeSNR;3QZ@ zsjskkoob~W1(E=G8#b&;VTLC&K7V`#ZS2r16mrSer$^1mCzd)>T;d|gqF1eF=RYw% z^5#4O0?9|ocy<{%-Z0lv`g`M5A*eLzaYnEQ95Ab;ifyuJqQF7eDWr-Lw6h%qlEO;U-@WT>yycVCx2#Eyqv7q7wJcjAIMyoq8`r%d;Wv=a;(xlz zmQy&ZfMt)q;B_#AQ|$Lv8DQvDdAHreH7H70waMK(J%W4wSW#-%`rS0jECAW_HwEsU zd{PV9LAwKBR~aPx@$i!FsUH@cO^*6A83Qp|Z!8MaheFa? zBZ>7~epIscM4Yl(sp+K-M#xX*Suh;ml9tmD{y7f-`ik zBYT=Ae+9LL1~8r*F}+DFAS^E-!y0oxQPm!Iv!XX(AI;3hDr1{QFUbWg!$?^#s0kUx z8A{;bv)11Y{@W9L+OSndNNKD|;ZBXzqdb$TpL&_hu~EAaJ9OCD=$j$$qSAmy-=7+n z9A8`U>6I;Dire?CcIA!l5_j*-qzy9(#fXVX0F<3c#tv4JcC>UuHXZH6=VAU6j$_Q zk$`9r7DB;Ut6lsiR6ir@pn{*?n5yASPKm7q&|CME*tfbf4&E80OB~Hz|8d@kZ1jeb zBd;y@VkT{*CAW4Ixh0#xLeC6#cZrTN+Up!cj!~x!#}ss>7i1}d#_rS2G=wb%_`Uvq zK>D`Z&ohS`{)F7g6f-ZzMP%F)`Q5UYy&uZ!oV;~i77vrm95f#6z!%ID9>YVft9*G2 z*ubYRQDFz@wNX6=!}v#It?jI%REsJ4{3QxC(7p1O@@YYVVdXa245D@@Xh3=6yI2Q- z$VyzpD_*c zsgp;Su-n{+=G1bo(F&15Td!Em!o_R=47noZcZfigr9{c#frbhDUFy}aA(AcW&S|o7 zxh1?CwBBv&-0O;Umq)dRg*QZYVOiTjk!Uf<2L@(OSL!m z&_%G0U?j6iUyJ#SZ1r8lMXqOA5C|Kd8zZyHa&Ec3hcQmhk zO)*Jhm%>*KLXoJ8e?sn{NQ-C({3Gp7GfKyxcl;bK58F~Klbmf`2-|2i-ndbVb&rYv zrU+y5-;`&*67y9xqrTlh)axIt@04%T>Dq##=eVor-&Ha)CLK7~W4y*eE$lY!wtqn< zkc_{1)_E9{YZkXANfcQ9L+@ns<3>Yahog&&xW$hiB?p$_%2*e5lk^Y^5TFASl4&K5 zUbv-R<`b@?jC^gFSV~19?5j`^s2TZ~o3Sv9AN9i8+94w|wb_F)7&4=XW!$X@kv-`~ zp_=>@-v!@RMFunRlGgwh<&#T@KxjF zMlUxju`hpINGL%yK9Knvg*61mBLQ-Z#1szgb+Zvd|P~iBspMv$1S8TcAhJFYv}cFOx8H zj;qJ^=o??O0HnV@r6XBc)%A4Xp61`6Fet@=-K^!VSR)1|fQg+A3=w^|-d;`?IrvtA zh3t&=uzoN-n4UA{VBPEKu{p}m>}m&~*3c=MGJU871QzVAI8>Abr?e>y%M9BI&$ zu-$wZ*n5lx^v~V%VL*YregAT|9Ur^;D~z0(bbmT$>0{u>e1!0{_S-*7F>pX1o-Wq~ z^4HzLpnsGwB51xkmQudZm#s`ZpYo4yA{R)2#q6Y>@PKM92y@obA`O#fJzG+sUBsc1 zxX~PLRCCAFN8h> z4o;Lpc<)tV>9xMchljS6i4N?h?2eZsui+HGjr2P45~#wq>)8jUon>b0+^#s(OAoD2juF zRCfCFR+2%gsJ_3a92|^OeH1OWQ`9g~E;hx`1A<3+6F}~UM3)G05lDmnqWt+e5}}8L zN!b+Spmu^nq4(H1#e=IN-U~5UP{%p@*C@YbW1HWK{`0Q}i(QRzk76Nv+>GwCJ~4Ae zq#~in4^IF6L3dwbJa-3jR0d`ye z{DqT!mNy>KYDd={gxC3p7P#@1f$4EeR$J#rMg3IgoO%oYEz5AYo6v04J)gv z3-2Gg{!t|RCHZO}eMv-`Goh|A9A)%H9{@bj*}TmDx~w`6T|?xpTn{`TRjfl%sy#6E~O zjo!&zgaP@$e#D=N zW_pB@iSfmi@kzEtJdx6c!P+K7u{Ym5)W6IN{abF?V-dm3-E!Zgh@~N z??wM9dZiBV^(*@O=q+;;O$@nMW_r(F`2BJ6}WBy}$DpAO%kJy`k*_A=lnOVH4G|3&rdPKLOam*-+xlyjo2bsA9Wyn;~-QG2bye4(~1572ZM--i97XRdd%PZYE zIx|jCnWw*XNtI{A#i&n!uaC^#IR4HUoXaKRu5FBUx;E%YNVPXW;MD24kxmp>d#BXQ zc$6zm& zU59N`j9fVvaFFGIMU0&hwcs54)zIfddsg)nPq~|_n**pHnMW0>#c0k=HaAY+dbWSA z^LoN1E>NuFFF3LI6D4M&W_1dZl%L;Z+nu-e&k8s&IUVrQ64?Gqe~NTHld!pbON1_qpFMP#tL}Gg?=W#s}I+tg~2!f>bEIEdxta4PaFej~1 zn;C9=pC9IA5gq2=OltEdu;Y)V zWJ3`O*to<2MWi`VV)i$WRoH?(s~@jJ6IXe^vDG%SX1A$G^G_V6IxyAO7ru<&sSu@v zob72Pa6LzMgHUkDjcXD*oa}1w^ar*ol#QlnD@!~csMl{Kyb&l$IubzIocI~$u;Uzj zL*A_z)+XY}IpwKeFAtPI$yJi29l@o_VM&`6E-Tspb?20nNrtXbw{EC~dREF5i_I@ z3AS3OI~;Mu#q#vDlu2_3?T3M4T42lN!(dX@iJBo>^!-4VU~?D?rb`wd@>%;UK&ruW zUd3|?K<;?h11*KSV__WfCsDaDq_)hIE5ldsWslXUOqJ2U0PF1y|LT{|7`wsgm!xMa zmt=?1HTlYPpaz-&MLLzv453CXafXx)K%T|%mE{{J&tCV}ULSLrY`u=1K-Mvn)>-gh_k@OAkl{eya}t{O z8h72RGbwqyu!uBx%t>`+^R&(|^^5T+vNj-O4*|=_%;E9Kk2L3;>*sfqtR`la{HuVdQp za9*J*0gDSE&%m;tAi)f~gb^yxE*k7P{7ZH#$4o+n4Dt0nztBr!mJYZsCTy(n6HA9T zOR0JbdHU4SZ4Dmihh9zW2ZOe~Tc49Nb@!ts;}xK*J-x`ioETt4I!<~Z zjl(LO!Vq9vnfoZdqr_qteggo|RV6+5NOR5Z8qzDpF3>Kp^BXQqWmMlcnAg)t;(M=K zdy%KaML>K|z1`Ua-{T=F*9KjXLR>jZ`{5rghIc~xId(d@Fgeip{I%B1cl$MR0Gydb zyr>K80YA@F!YpPQ&MlCUG7x7&3b5#VGDyX$>VzD@lFxxu3QQLb(ai@yfJfp8>ZvUt zn~I^iiRPA3pdUV6L0c#%J@75-(<=ymG3g)`j1(toly!rVf6wVP9u`yibHr~EH~XDi z+?9s$t0|kAM=i`C)1sorrV|nT_W7*qLYcp^FMyK;-yh|L!OZcP%Z~-EPiLq}t6<%f z6VA$0OA&9pxb?X5{Okra{{UD1l$xywSvaFmieDt^U5nQu)0;OCcq8alOK;Ctq|}aU zvet%k9jo!aE%d`kJ6a5?)q-cV^{aHwyLa#c zYu!R|_h*D?tcp*j&rj`~#>$<(^UV$fp2_3u@K%FahAPu@cKj9&fumC@9_ppM9$Pl@ zYI;@J6A5OrSaArHl&*_+ff6e7?|22o(-0Yg=zRgL59luFKW4cL2S% zuK3F1K`KPi;{uKT{js^c*buLcI(KP1g#b_4%r_e*Z*QS)K@CKost@pFuoi~9U?8n20*tGVO;QMc}|J2Uqh((UGMgtfa|cLV~$U#Q(uLPj||q8 zGYrl9v><0#KP>a8&lS$cAmdZgMFv?jvyhf#bEps|*O8;X!Ygd5UrrAX33o$}>_6Vq zMrT_dh=Z;L#2%8l!15*)ZSs$@vusrdFT2^2P5dJdxqH#@sX-JBr@#m^gu!uS<6V%@ zuE!`Nw?|m(y3z0iiPf(^D#_aIT~g{s8$Dg3K)3jivRzJ==_t#}o&d+}rV@u!NZdky zD*!JGJoOa8FiBq@>}f<+z%YCS=>qIbUE2ET#$h4=e>vCqfCsv4ykeqks5A9W^cPIH z)SP?R4nhS1TMcGt`!+$#^#{(9G6s>R-oL)7Ua4|{sxE{lmOixdCbJ{t-YGBL8oV8_ zpALUpG%mJ$YntCz4xk|oI_7U$D1G(LkcWFRoQV9hU5W0UkNFb!e=add-IBRcc~0dc z8Wh6-M4C?|5Gg%ZujVwqqqAd*B5?^wF&XXfnk1vwFH#JG&$@?TU zH&Jx>=e|Pyda|%Uejiw7Oya{Nd$HbRgD4IyMS6NKIzlpY@IxIH$-!A!86SF#^Z8ue zh_wVDhFJuRYl401In~D%GF1AQq|zVQ$hboQ6^(VT8lzq()Q9a#@M~Q&Pb*`S1y@%0E$r zrcSu6YrTcMthUH`93h^5ba%r1g21i>Eaf_CZ~!Xp938TtWm7wvDSuWs8#yrfgZAs+ z^)M$djtTx~3{f@wLe<@t%~wbzugNy8z*h~9rO8^Dz1&iblqLRTCU-v1D8lbw2({PbA*uGG}6Yt0D7 zFyKPh;O1_Q!L+f7?rQ&Obm}>_(vYFjchLME_mVZ9(^>BPktW(ZrW=xWi@=L$RMYE- z-(g5AMxq=8Go&(gv^0qRtIK*HaFL{OvBch!RcHQ%@uA<9i~}bi93KKnRJdx3$8ZS0G6h$=O^u6d{MX*8;&~X# zMS^NW?W8OB6J(^WZz|CdG#r7J&I6&c|}tYpi>PI?Oap zxHg98jIy!Qfqi$f1k=0*k;s~Sc zZ_M9U$#>he4gwqA>ZyW)X@b05Cwc`evrzqy>kXcVk!1-f3tm>n`#!fkZa;iUAGTr8 z+8}@vEiuAh!7OUZfnvZ-Y(H@4vS4Nx31ZUR_tME}fdJ%SL!S8O zo0@+QES&ESaZFCN-`ZfA{h~0bNBo=m>7L%k>|#IXtE3p9HQ3-SYrojl)8nRwG&bk} z4b^_MGKP(_fx?FFaXg#hzH8S#MzKRCqy7-?9GCya%M@!jkOf!iICa zR)vW2C)~X4aTTN}H}(=a4h%UYC@U=^i`t2EeT>i=1}?gFrgX;L=B&JlorWdY@T;ir zr6NHQic^C}em&P!JfRI5*3KH)!{$ByIcXKcvumsjbr&BjHfhLc7~P_-mB*i19J5^}n+AZT#8F=eN{VnZIvzTRb4z47;#D zqRy;p_>NHQ)_3g5O_>{&jYo5H_mnsGN~=}w|BT=@Z#MJ1DG7V?2{+$Vf<`=&RK zw+n{HbJ%R}YcGsvh1&K!iX@r*7b1m6m)0eicd3iq|Ku_(v$}Y_ddEsoKEYkC(jhqXL`ED$Ut)6{>J3B!#wuvVa_D?xV4LqiO>#vLX2%JTg zqEslh>)C_=8FlBw3EV=#JV}@jk5Ie;#G=C=^)~`n!*CUn;0XlQk1>`pG^M_I7qOO_ zg;RBhsI6(j4aS%yyF~O0+?n`SCa;ykdJ2iyY7*LEP_iAlwZ=j`%;f7nHi!nnEhhoj zOIn|(YD=n!64HXxrcn)2mtWc9>2l9)w19UU$Uo|9u5!I>H!}UuCXyfr+cSZHC9TY* ziPf0Imc022nx!P(mTuKFQriB^2d2Ctcs0U!cM}F}dS!4_O!m8XO;THuh#i}Azg6oh zK_QmY-ei2h>Q(sG&gYVL1&*oH76b0tvbG4W>_suNYf3YzB9CEhlW$>b5&wW(8EGbm zKkR+Y7Q7cQCs8Y4Dt#|)&FB%JF_Aa(cj9N=eWw4=$c*tviwt%?N6X{K)5w8gezxAB z){<+~wPP?QQv}G#~J1 z>>7`SGor*ka3xYc%S|Ep$y(jV=S(=$LKv8T>u6#)4dg&vK?+5P3iKxz(?27mHIC_OkC) za+zlBxXkci%EsF6l@a0&`IirrcS-4xjEaVmt(rRamSqp+kuV_E<@!`x>Tok9gza(0 zr7}7tG*nHJUIjw9nbm!wm& z%1B>Jh0W8O8ZpF!+iTPCbf%MILQ%4`hR>!kQn%1k9BNZWG;e3$#tYP=p6qIhye615 zF0b9`gB#f+sdFw$kgHrV6t5So(uC0@x;Q3bH*f`BUMc#0PW=}Eqfr>*;gD*MX~_gT$Glm#>*N;+6_E|eNKM@da2kMJi4PBqah46Vmf8Q7=Ie_Uc@og z1zt?_F}fYH=(!|N26MVfc_s^qiudy|-z3Dx5`h_LM^HmAC&ko1UlOmZ;OEc=vWqo` zsE`bpIyGSdd>#TW%|s38RRb?X3{h>gl{6RO7TTYcQ0n*lE4t!;Nu$*;^B3-p=#p{; zX-ixi_$ zg-E|*f|VyO?4;`1{(8i5h0 z+9SP52myn=6(X7(EW}5E%K4$WQsY^f&du9XYqbg8Vxh&^4izIaPC|x$+&~!n_6KuX zI7NcZuRsy%o`~nkXgMf|PW5gdA!50VvH)|1klBbSHNZR+2I-wM|NQ4Ils|`bG z;1m#0k?Y2H*KE_CgqD?#X`HOB6F5Bviq1xJKeQS>AuZ8FTn=(8*xQT6 zN3CC`cXhJaX!5r&tGAF?*clCg zNpbvNSiZ2jE+7PnCrBesNXI{DZ+1Evmz`Lpfu401^)wo^!e_Xv~(^EnaE|Y z%ijxIOsns2+P<68T^gFH3U2Q`kEgh9g0$S%RKe&_h%M`BWPgu?{RK3nY*uxu-Zs_s zB$Al7({o5DhOZkC25-2(U95?`xY`1ME%P%@T_=s{cir~EH+#L7M5eZL(d({{RkAk~ z+>(-4YT_yrCc>1_$T)DUDB4~7-vz#iPQSD7yw<)&>?q)l7;lila<2(QumGUcXQ#f` z%;7om7nKIM`+Tqigo5wI>Q8mM4rlvE|LBIlon;=SV6qB~ncEBZ+uQ|GUZVk|fqZ7g z*Iu2&uLCjS(*ukN-ZWG9Nj`7I2f()Lm@k>?6mVmE3;%r>aKa*U z!vm6!O5*KG(e)LVmm9SDN(QfE0t5@4iO6BNaN!%i#S~6h=;7*LTW2~gL{FSV$^O0> zH`K|G$`gjTddWDMb9Dr_tp>c`tWK1Ttn=5Ci9O6d#Ww{-tfsZIAi{CH*wEn2Pu|0L z_d5zBXEY@K>tXM_IMB6MIKxSRnL?}j`|q>{7jVqh{uD5D2)MTD4uF@*ydAcD&OpBmTj_ z$PwSx)Xah#`++;3N80_(){#<#3FkL~q2lfmRG7tQU$F|&;dx=`cC2pS%%ZT+)cy1bd)5`YNy)) z>i=4=pFyJIR3*-mv%>>Zg{@S=%RZHr-JWj@2OHcYq;u&@MS(FK# z?G4JC>+32`tW^p(vo0k%+kMHg>e zW&&ccpsXn(yK_TFt8hY;q8(wISLN;+ZN`#1SS{s8ii^0!l18tzBOvO8VTN8)h4k)0 zCD+(-C7mNEaTl9V#z=xuY;G9>v82S$%k5_WSr`Zkt!Eoh5PAOhGNFA*Vd(xFx)qP4 zm^RF{f#uqO(=ZHCtodS|>iB9n3_$ouFa^ppPIMB;4%M_nBI*cfW~u;IVF@xR#)&SN zbKx8Dd8$6k9akypAS1tGf+iDCBs7pFSqchK7wyI~U#r8fkbRsOCzbCc?OxETzy8NOirU*6N(B8nPi7HR_w7(dh1B6{UqOMLmW;*s*2E zbkzf@`!-qw`Yt)IZLyZlCrel4WJDD}O`sKZIJBz}vz;cC3#N)xTu>*agbWl>OuYu| z3$_;Kg2BT<9Dphmv^JE3QG-Eb=Tx<&ZB>F%sUk*E2{x81xJ{D%&UYa=b&(nh^gbO{ z_4IxUq={kCt+N4N3RnJSk<-<{*y1X?U`9CMd||8=rH#9SU+S+-_yLcAgk8p2I%MOl zm5@vx{}uZH*7}cQ2>}6##0VHMZZ)a{`_~_S!=Z=?CCrfG4jdw;PntGj5vyPvdM37Bu~-b^ZN^lvf(}1dO_ghwX(hY$^a4T2HkmD_u^yDo6``G z9J!jI=xquRoDi$x^Ag%%XLuQPHPV;Yqldz9N3R%<|Y*? zj!OoS_ALg3`4fdlV(sGQ&lfwsVg;U9*%i5u)9n*%wuK>*5gx59ari@Q0X_hw3k;;h z`TSdtU$}zlY?nsi&;DVvB8Tj6e+_cLj}S@+Skl5$FqAYtVZBC%aq&PT;q7YA>Pw>t z&_Wh@7lPM0a&1}==PvZYM;ny=gQw!(4jN=JDDs%1r$Xm=LVC9l&O@a)n_HFiwq_Z2 z&Mh+YS7W5LX)Lnr+Q|&{1*$8u!*tvW_csDL=I{v&ijusrLSC7|5eDtS*^lLAp1P!p1)UI+oy9msspTEZf`f!-+6qWrsI?vmUke{-0#(V` zZa>DK6z@{4^wA(Rqy?^r0b?-b7#S%LnMi7m5+?Br+tPHd#^{it*aLogB&Pgc5^*Y~QSJP_4I3 zVD0#jG6Jo?QPS#Xzz6`@vW`bmE}_p*AH)z>{1oR5MODyKw%b8n`zQ-gqd7_pikM1q z66$^R-(5{xCK623uNpx(os%)6UfEvpf}f870YLl9O`7A5;6G91CzqFrrK6#Vv}Z%W z`^yorBO~DR{ne0&k+J*R>+5dgzO2sBVB6s9X5x9G=j&tU`vI`{T_1H;1M**H4NLPUoB-PPx3@2>5w`M1+!Yz#_?!x&Oht zT;5Iu{9HgH0!d_G5%kDh@WE-H^TU7PEneU?q2x2L$Y*4(>)>?T+3kj_-IL&duqUvH zcVsT-;B?yA?S!k{m0*h-cugSb2?YEHuQ@nfc6PhqYIi5t;sH7kO11)v1PRi;!gT*@ z8+LX(;A(d!*x~{@5J++Yi||M0Vh>LL2YV3c^8#xLC0Bq&wj*;b2dC@KZdY9G|AnDO z=61R82qc3KteglCfkl1JY+S(qg6%E@`rN=;0!e@-u!wGCF6H2K+}Z7j>mLs35&?5T zGLW=)GFE?Y*7l2Kk`LD)7lBSOEQxAhG>ID*8iPQ=iK(vu0ve4#!U?616apHBK)~s5 zZvi+o5&?(PY%eJ|Gy=g-r~2LkFlaaeN~icX1uh)Xf}gpr;{st&gs^2?PXLj8$s7@yb3A>OP?U2G7~`gtSvq8B4uxhB zoa0;Jo)6lHT?}BE69Gx%bx)o)Y44-z3y^lv-|R>lRQ4Z>8ui$#(Ad?zRo}BxsUtUq zz1?C79I~J0!x6I;q)Ij5pplmFi-ynNuRVP~66tFYE{-RpOxgrSQ%eyY_=?fj03dRG zCVEuX54>PrsI{_JOCR;G>|E*-E3Ph+#*$sfX{Z!{T|$iwzeLCIkBOC zP>BCN6f4qGa)*=0cRRs|ui>L*0vMvI2dr1Nn#q-u9YT&-NHof9(%aL_0@NWIV|tSw zvB}rV#}`!#T@m>VmSH%Mwi4n;4Bn;6s}1K7EEW$f7ky3Dqy%ho=(yXol>eTUS4glV ze~H$l#|9ZoPW_dTuauaIMq|2yxA9=H31YSZGTGodF4AsNTlrwbq;DD!016j_B;+k6 zYLJ1MC~=t!z)T5X<{yeWjFBJtR*Q??i-iyr|B$ z-3So_qdCH7Av~pYQ@UMQl?(5^yFR%odpoKy`+xG0c7`$h>Aq-20X)5xqC5pJwHTI^ zcKGoh%Dfy2f^I(G6mOKUd)&_r8Ttj?1(F3`<+86|Du|c|B2)Dv;XWwWomYftwibqX z9L1G7QpiDQK9^Gp=HK@v`MYCzJ2Y#?KemNK^3OO#Vm`mocmDXH4uU~nfxz4VEyxeM zerbT4XxIs*yG36k50JZ*&K8Ii>kc1(i*BL`4G43`C>fD>-(imU0+WX^OWqnIWymPM zc3L)a!txbV-cE-7zPaw;E%SAj3AuxpS}#=-;rrOHj(w(SqY0!!1x|?c^A0@@d=h?1 z;9M&4=tsfKCA=X`-0N?R@7HcQKGN+Oy_XP{mq}hF2u;$CB=8IGd*n9mm59>Tsx=2el6Tq`1Q5{DRXP^CLIqEITD}JFZc_M(yt)unp=* z-ZSy@O>TW#<97|`L7c6e(s1?QeCq^x`494^vE5lvJ5=Sddm`{v9%Q|Ongj+83{E-E2_?d88LV7E|uO8 zt(M~w5WD|uN*yl6p{mG=F4y9CjuNc(;aL`;t5holsJW-EOQ;H!hY?X9X_*FyFQSN? z{hIA7wvG^{SB@($CSEBu`Amip$8P^y*%s`SoHWfM&z!2^2fgYjN~Po}s5B00jp>DF z5+rrW*-p9SU&6AOE4nU6Fx%Oi3?r#LLZY%}Lx!PTB{5uVgz0W&Gbd?t!l_&&fHy#3 zQZ6e7AgnNUcP=&%jiLV1COY%V@WxdoBhW0E9!!QgqCRai4XD1PE&YbOk96YW%Q>@S zM&bDdErUwh(yT)U?y#E;tc-S#(3Xi*GCEgPYno6*+Z%08{Z*E}Rb``yhmW42zFc0% zW3?d$2N?}s^5(F(f`dz+iRzlR6uj@yvbaqEKp9>TqXEi|Sm`bbjbu_w)>i29QS{$p zGneTo!te{nXlg#nCLhpRF+?iyfi|a?Ee7+CD^c;4!8oOGHzwiq)hci!wNT@Q#Rcw< z{F>d~XB#AU!n7^KXh}eu7AvyLP(sk>0aZnq)ewa~8+vkKha$_wIp_OFgdW-JsWVNGD4V(2lzw;;x4ppJ5f5B|-FJU`p;OI0r zY@o3qghZ+wg*5`7v4DYpvq`pqJk#rd*_>IOIW21?cbO0}z|y8yXvv$^C^{ZrsZ}D4 zxTCvB*B)E4d13O&X%^Ph$`3KApwM5(4H@LGWWiaCvh8hj~dS zU^dMnQ>M_HLS~Io!obM}9r4nl|5nc3h|J}QjUr=H*YZj$(#1S(~Mq$vVZQU8&~yI0ZQRS@_s6ftisJW0X9bo zZ%h;phP$tA|31u;1m&WrnrM;-X`#4~ts3sdV5Czruf{G~0SKu&2OCK<@gy_z5Zfug z_BwNN5o~5Amjy^V2zj!r9@btQvv2hvRsU_Viu-*VeG31~o6U2`H6#} zqrXwI9D!Zoy+p>mOgD#FR%-KCp7Fc|llor;EifdNl_W|g zxsk)<_`kqygocPn&wut_H37oE=;IMVST*>cnaV3FKmN9P1lezOtKRS90PCv)TcBv! zv)zUKMCwEoj;e$AYckYF4s<*8ex7lCX?M_D%3Dmo0f^?b4MDhUwXf`G`5&Nm{spjs zc}@ySxhZB=&L*Y@|ErKCdwMjL*uQq?pj?5$;9RRciXla#4;y6YPt)b@9DA$C3ZJJ` znx$&64DqRWL|Q)!Y{u3m@r?1wP=O8*x;_7PV&fV8eh4}e*Pbsrkn_wln)1@pgx9q< zhC?+9FtF^%!;TVT4iuw7;_a5B0Li8;3GOaffMe0xE+E}~!iOk~RC&?RTnAwQQzrO< zS1*x9V{Y%>Wp57w{m-F5!j}K|g;EFcw43#x-@5JtGf!&bY!ittng2O_MZzgy=o%sp z{KNFXLn^t^1238TtvgV{YC5>08JR0O9YAA#bsDRNFPrSLUHXG__fVoVxyAX;_}|#y z8R_^=xzwuT>#M0!2f-@CZ0%w8&w+2(h+MAVFrS&WQM>84LaxI#mr?!<%2AWA(sS-v>I zMg_e*i2$`lb(O9Jn!=FgTHa%-<O?%{NiwXjUesNehRBz(^@n^rUCLZO(hv$THxZFr@ZE!H%9R3|^ zjX%K=W`DV!-qK)Wx;R`KD~%t`0cC%=mfqB0VLE9uf$s6I?*5lXQEokq4EwAyn2V}O zjg!>Qv7O8jO45wZ-(VQ;WocyU_?)F<_vrrho<6!ds!XY%>XWpd1!NHb#E9bk2r|z! zCKBbIz*EP!&G)>4=~Kk;;0=W0yW=-F$LEccpJ7)5ayk$HNv|27r6F@}z2PtDsYl$W zzdsdr>z8@Cue|!Zmv_GSVk`vSQ?zU87oTz}m^+j(odeaJOTzkP(D(4Cil+{LV2#gM zW)81WcWjpLu&cWI6o~-RH@a)rAGN+u$3|-^Rv%bSJ<4r1b&QRZ7BJYl&1L@LAbeJ)gTE>)wdgVb)vs~XI ztV8(H9wjyl5<5B@PKb*rEEBO09><0+X%ieKrlmx^5^#+Pwz^h;LZ=^xjRnlg`c9+* z8r1pIc77n%Sa-8@)=N;7_4$OVHvkFbFcHb0qd*!P`olX7%79tyht_7A#8;6hCQ&hi z-bgz)K_W;KP(1r=VLbfT*U;{jhJ4P#7ET@fC1OlCQbfXYnXg}>he0F}FS^pm8g~q= z=t7trEZr&F`Rg!%Ci@5bpp->>iu(4%;9Th%4KP>Mp@~?&4Y|^ugp4_E`@xrfClI|2 zI0Z9GREKmJr9qvs7fm*8m(XHfR#c5BJp5XDB{NWI`^Dk)*&d~FHc`B;LTeN?eJz<50h8(Dd2C@K3wpKKcwb2i(WS%$d##ls^^Az8HxsNFT#66aWF_B3vhOw|HmRl>v zrv(Pd>u6~2w2TeBfThG{q(I6oxYm(~UbS9bem%0CT{^QemSlo)Ns|`!b?v1c%?uT$ zUYnk9m@t+e};(8yKwtQS@&zXN6f(ElIVU>t6EA)Wx)k zQfD%kvgt~ro3$-*m7oKAZKYGKEWWIkbtyHVb39yMA zk;vqY*O8iAXHQm^S190;sb|f%j;n0(s3}d8iEsL+A$^uMYQPu}IMUjB5Y9Qm6puUb z$x;*m@}i|)9U~03nvkR!@d66Pc04PG>)uFm^29l7d77-5G&)P1HyJ>6@;q zc{kz7R31Fbmp`arp?i+4m67QQsy`+xADvT`=SmC`u{S9lu2U+AS9i;{M2cI=Y4B&O zQ^~1V7wQ&NddO(}E55_c8CLuwA*C3rM2GnAwV-5+&7(G+keIE8 zdn=rnD&_LZ3Uke(JYwKDhpG&b=NT%`jzw=aZ9XfpI>V!VQ>J1ivIqaX^|knv<=9u?;HqWa}Ut>=JR3VcM0I(T|dxX~BRRl3N z2{-|gsku}_AtwY1>e=l*HtE~Am0iZ)uiAh=*{ zh{Ax#Hc()&3?m#N+A0MVH!O)YHmz}qOGK-f(WWlZs!d}{YPAW9ROxwhCOE!+dh`3A z|GDqn`|iE-;U@2`gGoBS=_il&VCFgqk?%xdWStU%>j}&Yawp~2P88z87)6s97sIv_ z>mX77na(h(kYHRELq;Jru*5ZIk(JJnmIi6>9JiQl&1CbrmXL43{e=)JuYbbwH3IXK znE1$a%05lmVcunnTe)tVb2!%*V~W6Fu0J%Gy@a|bleN}QS96PbMbx70fuk*3C&bAy zTHBD7Z3oC^l2hZauO(aW|7`X6YZ1ixJkGkf2?MQE@YHI~n`s4$wA&eMDlBewgR`{N z7pIhf0dHF&TxPbjC8(Gzv0V%ci>bD$b^Ti+^g^V@XltwJ#-$|?itWWTzE=)2+$*N> zOdx*Nisqq5gtBdbY`W&I82dalY@mvBQ&^utV2v5ayqA4v#|4G>~$k~Sy3 zk!{&!l+*nc!#2t>Jqo+AyfsURp*+y^<_El325Ddy63YuA7~{(!G(vqDXdg}ERe9Q5 z*nB-ci?8%WYdJlO1|!a{1T)SuNUZi`>P-pE}1>C z0g5R<<0Ko*mbPeIWrK0%kr(83OA-9SI`*^RE^@-XW{G{xasnEvsjX zc&nPaxtl$ zb8jt#nbZSM2|~2fj`HI6dj*GUAyo$K#k4wzk8mGV(tcMQqBU00$B5mtq@#{znCUw# zucr@IKT+Z9!whrl38H>fVZPjXl*I!_r4AR=)8n=smxj^L$G-bG8|K+5EBO?|tW)IP zXQzoY^NgxQ<5N5BQfX%y($CV&%Wk0X`SYxFHPB}1KK!B``rQg44A1XCzb@m|28c3` z{Jl#d0$(r$-NCSpFhfDiqKka(4{X^8(`D9uu4ix~6?g3+L&lc`O9mJ^Rk$oW zAr+!=ZX@kD%do5w=0m;$cx+Hc;c5kRINV5+;DL`v%5aeHF>Y{>Z`hy3mQiGT<{(?e zXpb$u2@*kPa8opPG(mzKZA4cSOjB;6!3lGfbGVc)GBq3noiGkBIjI8X*Fz^#)`3-!cD0RAF1#pgP})-%7qN{?IIoewNT>N4^(A5 zT5`Y#vs5KMM^%C_zZHy_m;;{We!PYLeC99nin$x{M{2ew*GpcEwB{b>c`1igC1r(| z61btOsmtnyOMs><*AUdn`4Qr`M(L`jovYev9`Th_o!ys8FTA)HovU>hug W!~)NguoO_Au?-Bq$!lpbiT?oRj=_ll delta 83268 zcmbTcWmFw&(=Cd-1h-&8g1fuBdvJHxga92pxDy;g@C0{v2tk88!QI`@0%lZnT*Bhmv4@(<8%kE&)p8xeJYroAs@4gyh=1_ z2WlaE&jDREppjUr*qS1geyO~v%>rkF6I&hFe>kaSWE8%-!-X2g0z3K^wnG<*L-;Oo z4=+{c_abBlQj=+Z*LMbYi3=XvE z42%Qp-Cfct=u2#E*ON zeYBt{=*R%$L38IQyM(@75>M4-3dNu5eW)O0)g7?7J#dxK@PmpPr^(z~2}$~k=*8GN z^ZXf&Ez!*P4Vdrs(5gFczflVn2hb8aF2-0!$S;jsU-rlCmiO_x(M}pW*$jTjX|nFF z%)T0RGTG2o8(tp%6KJ>eNjb1Tu-ujZO0Cc)R3)L2fM+Q%VZEc=*nRb8SjZ-`eXT&_ z^@S-w-+V>%vzY@P=X*mD$Mu9zVg^p-NHF59FEJ#irU`#SFuXf}4Yo^5cCnO8z_Nwq zh|+^vnz&F-^o^G`Lp|}UhjIcC)<(+0^=I(LiuJhF{o?BmlL{fgiIz80K*+g&LqE1%{!sM8qxX~o~}s zyN@a9+&3(4r9Z;^!>1DRemWk~_^~{KqfST_du?giTq3Bvlb*Y4+juPLeXh77=%GIe zWZw6|4xFxbnKAxOG`Ji7wd*nE;rGQ<%wczFScj?Q%bNdT3C6JDC;8l#4~L=kg61PS z>rFEOoF=d7c(6m-b+f2$7)eZNKq*DSgf%|}0f7zj;r z-4}!=f#7p^Yae_)ww%~u^ER1hh21+t8t6=VYa!L0YD4nQzC^j+qRXZws6F=WfxL~p zW$}KE0vrR|AQq3CK1{S?+?RxX9R#}E zo4n56y_UE4EPSw80gIP&HG=wPh*$Z0)FfsX*fj{l_N~`pF*A-Zn8q&c7xNz2Yu>1X zvKutZ_Tg3FCI}F=Ob@C5z?&G`M}JR1^Gyn$nHMe{v$xBV8jr~F6IvKV)E9#{?5h6# zDt_E0$ULiZL7KwxDdvB?zxLw!=-vWNv9iOE;%T70H2bs*6 zh{E7S$v>x%{;UP`L;Z0?bIfs_Or*R<_=KgsvGXJuWAz53AsE={Zj-NvlDg*%I>nZ1 zXXFPEt%KfxIj>4&9X3%-=hdp^v~aS^uv*usi=Z5{O55n1!x6lPDCYE%>$99h-a zGNviaYl>TjX|>(WpxV#GjNBrj7fs5r`urPHwAAdqG5#v2;|53i^q|nVA;R`S zZ>(%8hviaYFC;Kd6ipED-Z-Kl5EH$!QU7?cXDZB6-b8^zq(s_JP)e(mRKCy}#Q>Yx z^0Oo1qY+=rg-f0&_Ao@rpd@6s)0Th;9;VU9J|E-){>8+@ssB(d@um^xp`O zuOEnh6NAi>SO_*xCZmeswI*mAmQ7JqnofWl3Ynpy#n>{-!<)XOVGLF_#!;hcVZPLN z$<2jV_nXBUCe&olUF1pPS8}A=jrnw_4uN2*1~1jte+FLyHN}@Q^;R519UQ_|7aXqb zcux@=Wu{(hB47|5po>y2L!LlEca-CmYGd9f=_53|d5yh$TkW5-89xmjVq zf?D2BxuIHh2}YN!#dn{O|88{(R`*^WVR(IJ&-2C?`y6V(Q=+dKbdBJadHP ze%#L%(^amE0gsWuv(1D6gL)8eA~65?RV)28>?Ilkfb2dEqfL%BJ8d94iq{qLoQ@I^HnlxnXNhKr^Dv8jPLpDw_!hs!1!}sW1pgoSEsZ%K`j~t)7p!t@ zPYzS5yBHK#4%Ha>K-Dx)TXX#-Ok@Qo1Bg;MlwH0~;Uvk>R5+A5PM??;vcdEQKNs{C z;_H2t6&(PVp_BuM7Gm)JUR3DIH=#%-zQEweKi3KSkaU^WF!Qssh4+y9sMrj5P2o7S zcUzPd?U$Gl+N)w-uJFc2Cg){3= zPbDg)wUt0}1m!xhnKyfl&5ai0RW&H9%+{XwM|RU-?gOg%HkpKru3Uy-6H)3)3LMb{ zC#t`lK2Yok++fnEgE{(A;DZ;Hi2+x2T`J6Q6Iw-RhVNqGh&A8QKo$(B;0d`U()1LJ zfPP6x`~}7yf?!QADB6!mx9NX*nWXC+#upMF6;%X__TY1z1>Rfj57%nC`RAAL7@)>w z`NwI2WCewWK}Qr`-i~%II+wjapWPH%w|!cxNGz>sd`vbXxAHbiTHX zaOvJN;DEWCSMcd@+)N-7ApGEHE2~gquF(_#sdhb6*tbOZz@ydN_~CT>K4L;ytk6V( zmn;s|%*{=|lQ}I5srD_F4Ig=!yrVlYWZ0P|ZyxPIo= z{5|5A7)%IEWL-QCpM69yut_~IFxsAsw;yVI6^R!&gQE@)1qLk^($CKdR+hBtp6Hdn3RLb@s&doW^*4BD&x5we~ z+RUhZj?xEGGHz-q>7wDPOom76*AIs`$M+5Tf{HwMy?NVq`VKX#OWmz;_ShdaB9S_M zoPJFz?AtSV(gQqh_XY%v>|0;8_^T#F>pd-j{9x<#^jU{iKK+y0+K)X;i)S3AoQ>CC zlLRFeMUYmaKauB@h%X-B|Ke={xCM?L55IkE2)Fme?IH!2meLEe#apuRf)h09cg0(P zVE!x$5gXlrJ>$GL!=fiqEA)?ljhum8X-nCVfp*4m9iO*+%Y)b72mmMq_oZzz!?!5J zE)o=YDUls*)BaqG|BlBpe-@rx`prg4!dWFcR!yYAN|}84z6&p-W!C`Mhz?)NA)zP? za2?aO;9CuAA6E{G;)#t(!^|O1h_=_hJ$Ou$r}Oib7W(U4NR0%O2;L{9fS?i!$VhRr zLwB@^kl^)63(Kg$Z|CJH;c6j}Kl4jNx-gE31R3UQO8yp_TACs!HKoJIko(_+s;WXr zba4NqvYq8{>+&Mp|M!Bu_0DH{Ucdiw<}vP%{EtMD(-i>Ozcm#WlGW_}-}@%{wAEh$ z$p0k&f6djGr>818F!k;({(VDL^l^NgUwjVwsJuL3Ibb6BAJs_iO{4u!<>P3L2^Lfu z8QEGNB8}IjLlZ2hH8S$9c1|%@QA@RbKJyt^9A9_k)4c!n!rbckI2x}z)C;jsyt;Ko z5(=}#{!h05XEKg|dHye7j{Q^~Kae%piE|ezgKef6MI!5q$APaGW9`#hbjy z>B@h(uh}=H_K++m`=^?`I2|GyK~TqeR@(lfX(a?yng?0B^?}aoM86VJK_9Yp z>myFSUn&!&JVV|ka>!kyevwO5+#?|^VXS;_USv{fWgTlWVY}*+>R!l+c_Js4n2h(S zG|B%a?%DP)aZYQ)|6*+bm62xDgv3b~ibY^xj=0%lSLQ@dU^@>(Pzy56 zaRzl?d8T9=3j@=s*4ZD9?y{vo5as2vaFX3IlN&++4h05w3jfb( z=tjl?0qmprkzfWnbUT5+`8@NwA%S?81GjuHc(&`uL5qK(RfSJ`#;N0bRR3L-LI#X< zsrPeyX&e$z+&7fg$c>h;x46tgCnb$}G$}Rc3xDFxkCSEn3*W0u^$W$ElFR+vy89KM zSOhcXLM>Crc8|IN!6i%OoR#f+34h!iy(+M*6)7?6H0l)~8E>y#BYusIg<+hB6C}K8 zMcU;&+u9yMK!(rY{88{LJ;FQMLh-LQ6qRnI;l;)C_Ru!p%e2A|EVfT^uWpeS!7807 z`@o@R(Dr%XR|-;Tfy#Cu8Pd&2J*0-kiwI5f4$R@0zh!;rx6m^YLyK@VPqu!Z`SaxaDzbsuh@e zyzdu&eC+@7_UqEa?X3ZDw|^fc_;_(%S~z%^|Hu|~+8Xch2wW3m+?;eiawr-Aw_kwA z)`z*vrIvfWK_Va9*1MZihy3=(bGDm8liPLJ`+kpO;BK}msy7q3=`9s}Je$j%nH$~9 zN8I`BneDrkZb?o9exFlcr||hH}neFc$ zY)GA^9_&L~!09u+M2(bWX_`(|byB`N9_2uZh7x~cKKq&T-SPSLVxSxT<`>4On_)LS z{(NcgNWWx)a>wamsMkH={?Dm4i99D zLOjt#rggD9Yd%~#W;c;OWKxCF(LVxXrese??6sKk0bhH%B$qf%J?Jm&Zc@SZtgDXg zb*Q{-+iPqQC{f#cA6q#ZN^qi8;+Q@(fUWo0LH&*sNghJq;@ z2q{=#)E`Mxg;qiKk#Io*lqTz{E^cLv>lpWMgz6R7w?2}!XgTBLRQ5#fv3$sw>=cguFx=aY z__<~sto>fS9>G9HEXuX`(iusn3=dGraB?_}sqddfP^7Pk5h^RP(G?_SETHg4icw@y zEhIJBjc%Xd&+=twSZXQJ^8;TDdt(ZqFmnkiJw|d5R~?d$L>-WoB*&kEnwiV?JO!ot z#a6Q??a>%zHtNsLX7qyA{Kouj=*2qUAI8pR@|+ByD~NqaL&kea=gp`(Ig)_(w?0pI z^S|Xa&%YD>DDh8aGuh=&g&~a2HS5l@DY;tx3tJEWpEzG8M|1xtj@3&X*VR#?Zh=MO z95S2jpCHK^30DIHdq1b0K)MxA{>WXC7#Utbwi6NrJuzBIX7W<#;rdT)9+vFLg17kC zYO=it43~>s8t@?6B5mXF`1iRfi2tR0CifXw=;-AvpUw9CXP&>L@p8Jq4v`U3zR@4r zKa(OMc02f1t_~vFGG-Cr}7>LeKCRZGnWXnl^!O;PfS-69J=3XNMuer z6GuE@z;reL)|2tX@|G8y#D3mTp(>l%Uj}$03{F(cpK+TVnEfKM`t>h{QqzAh=vd^N z#grJnxB#GL<8c1N+BbL4nv`5fH`|G4jchuQ{w2<2+&*)P%`9r3@|m8%T^!fZ1gA1| zrEx3W8M|~>!>IYUFT@420+q%u2=HOubto4m$u9ezxn6b@d7G)_{Oq(hX_sE55mluD zJd5MTab*x%Aa6|zB)KuJ?{h5M*+kd6vCowE4=iDWUMN3xNJnm*Odj)vpdzykhoEP4 zegpaRMAkd;`h46G7)rew&$D6vfc^8Y6p3~=viX~ZzATl3?@SjxF<2sey=MAMt{Y%K z)9snf{pM+d83~^+4=maKP1f^zK_HDyM3GJ88KTUFjr+q38w2zbTOkskUzDQ${bD(q zQDl$%X$}=k0u)el1m-__XQTZMDg3rX#49Y!|H--0JEVKmeB( zJk<`H!q)b2Z{w2YN0w5(^;%IzyU{tH?K!PYiIrWSi&K=o3)B+zQ^&48#mwrnG=m`; z@NQ`~f!zz^ufsh2u|po_SsBG3)rPGnwXRk^tBEJ#cSCWU#BNBV`ZNA4R^Y3}bIq;- z1o>{No8#0x^x2WXi=;Ljs{g5=8iaAeGjHNA#_L_8k58+hU`(rcj>oDxu8+7e(`2dh%V#LH-?FzYE*8X_u!)?tkPb_R6Cs1Cb7Z zSQqA9{E<(+Y6wc=T?!j8%x3+fO)AS_i3onlY>>)YrZ74z>`neow9LoT=zFXeSl(f+ zo_VeRkZp0H`BKLa{liZ3L+DG7pwnjzo)IDN7}Q*SFI2seM)Ih5)&dV`oPh3^I_6hO z^|wm@PRvO1KN(y=8NU7>GQnVEUb*_Z;$;;&Y|)%&j3i&WA^%E`lSMP_qrZ-_z5J^=j^(y z8G9uY%j}Qwz&hEfouQRG{}gEdIsLlutldrEh<+(Ca6Q%m`K4PI%{4Rn^@D$fvNLBK zN6+-Py`^?Fs_6;3Q=hP-o*@Z;Tr_@}-Ri^YLEu7WPV(hk@VoGGcoF!M;X;O1>fh_F zf3FkJ)@|p%&41hUVes@frOxv?xnGYt!uyYu@;~P0KdBNV%H@=dTBg6`ru266q z^d|F&%l=K*aV%CJTM3xOhtz3E;&E%kQz5Wt9Avqi=$h|Wc8{ZI#?{*UFxZXSAa9$` z*T-ym>wfRFDPi8wG25-IYS1PIsXDE_d2vh7F+b{s4|>?Oqm*=1-sgkYn{mn`Yxggf z>N79jzsK&O*$oPt_w#%VNZ|wmxp~Vbsh2hX%vEv=q&)HSf@GDMb*ed?p@F4+nz#SB zUQ|u2UpZy*&*65haQS8J<8xn=l;bms1^(vmKUng;h}39Pz2J99CP1p12M7JJY>9PA7aC;P?Z&EP<2G{eH6A^M7(B z7c;!%8sqoo$GW-EdMiH@Q(F7<_!6G2FuvM(MAi#h7U>_8E6C*WUWy7GJsnJbiP-Xm zns*e4f7UY7H!6M|r+*H(j6EsE7b%5jpV@Z5?DOr9?<&aX{|!?~@z3#Y))!f2`a&p` z%y44(-{?~e^D!I|f9v0#$@_b<*WN{+O3D5ceE_iSdwzO=PWBXb?xdWr*DN8Ig*Bfo zOr)DFOxg>CF2Ax1-!5{lz*RUmwMjg)zm~Q*6?$u)B(s^FeA7%1Lc(9>Ho8n&EM zYc745nCV{B!-JR~E6q47&6sqiuQeWq?zKnLjH}@J>>dGfCooSs`|Ax%c&7GZv-{0x z`Y~rfP0_(Gp4bd;_-^zw!AtPM!^HhTl=V}_OY)|`U6pnmj5S>CuovL4B(khWiZiT= zGh~8qDI>={|Magr$Ko!ApH)=~>;uI3bBHIq`hVCXpX{Y)+SoqbmPt_GfOIGWttRvG z4sHWa)=p`M1%~Z~iql+=z5(`>C=PkvZE@c1=CXn>U+7#Xj@M~zVknw*ni70yZO%@n zQuETE%Fx%+8rer2Hatr(WFq{NBHmu&_qY$e|LeTb^S;Ee_4~A7<@--gA@1zAdcPl{ ziY^>j-qlD5&PRrx5yY7R{bxFHfvYx%=LB)*!i5io@!p}!S6#>Klwocsxl>7WnyG;K z@zn~%e$i>;$sO_dX6DY+Qt6W+a%p1K1Nzz`@j!}d`oQ|6G5d~KZ9TJSa*1&oWDZzT zU-mG&vPgvb=GyqZ3-kgXPznQz41iWclL}pKAI+#GthG$wo$hbGHm}9$x|BO&%=Ju! z8Bp-|bedn5ur@prt}U?7Pp(cbp(1F99);Z=3O(=dJtMlEyRY=veVze05D_a!FR8D2 zP+SWZ^a)PRi(gs2y?cS9uL6%mkXXI~M1Kx8f=8T6pK%(zv!tYU!KETodF~8@Uh5u|F0q zR0Ks*=@|y8mL$&b>6C6Q$zdIya=UsC-8oXbdO@50VR)4bG7@rENKqSROV2 z7q{^#kKsI#%Xj5S2Y9FMUe{O=pB?0N57jYe%a#sS^?2NMNVA5J|tEY@4AU939-&5p;7DA?iVQBhgd zuB9qfqO5YylE~JBi7QWQn(NeKOoTf7^E~a##r{6c@urJnM%!sM zHj4W}#}t3JTTZOzB@2{+9v!Me!4DtSMN%R-Sq6Q}KlQ>&h@RxKo}#7rp9A@+s^_>HO~XA2|rsOlTwShRF5C|JnN`rN zsnI<8H20Jxk3L2e-h(){0xYJFY=ANK-YLF)-O|S;Irh`TDVu@h5HPN&jHps(3kK*v z(`{KNWH~sU+gBxm`)Q$@n|6ruGv2L1Hd={~gG_o|Mx|A45jrl{V7OPpptqs zchSHH)ifR-Ann~Z<1}eUK4n&vc-U#b9LjErdAgYJuKWhQ*vaH#_6A)jgiBu?H8rGLYkOoLk>tv9X2qh zA{-o6Fm4)yl`(o)#b2z)-j48j+Zzn|tdV|rPhrR#)@#Qdr=;YjSF=9JijY!R^2m@F z{1x0`^Y>U@L>~jdw9f{snW<4q)$^%SoCbEjX{?6Ga0Ddh%VbECTe*_(U6 z{T=Q$O#uu$Lje(si5nYxRiZWl7sDS}eSDU3TfRoxuv5o7+@G-49JOIL25Zm%_?!Pi zn6^L(=V$u>x2ZU=+t!4<`35br0Lmz6>^1JkI-<}Kx!ecfDGgpSeHLy0%rMy)PhHLT zNnynPpCu`v%Tuh#Dbz5AncPgMuJYp`B&R$~CBJhCUmu$|vZigc)%Bb=`J0ErJ*A0b zV}45GVwjdAE5cRd7)uG??iElHva2u}NNQVzFqRYm)ydQ8*%=f%u?aDsD=p2`necN3 z&_BeacdTtRm1x&7$wo&4u{=JNOYvH#PBt#lFeq-(&4XJUX})yI_Bi=xK#wUUZr!+^E2WB2Hi7crMYU39QSxq zmUBG3c^yL0q&yu2!&nR9B0|KO9W7TP)3E(Vp@=+_{CKwAC(e5-YMF9L%q< z9K%KQNixaB8D3oJigm;=W+s0IC8RX+j&k^gRri>~u`#el&PGWEv@@lTPaPMmT!(68IuRJzrDYD}xrM-96v9gqh& zwz@cR@U9T4!3C!1wz^-SIyF*-pic47o9r9&Fnw>KQ;S*SLPwIcpgPH?ZPTThysD)o zp4|^qR-i!c7kzSkA|@wjNO6GSCGNxz%hNCzjF?w~Z}hSi?bm#o%@qf_KM<{;CIVWYQ%$QEAv$H{S_32_c(xfSvC^g0TDrpC}$!1IFoRJt07qj@a;dyO#ZnEd^MN&Qd%IoN42A~w@>qh=$~ZotpbOO>r2*1QQF zbP}s-wJj`R>gj`L;5A5;&fwXo4D{P>==lh0pHQSUoLZ_@hvuqTjyWFuIq%s~e3yY= zl26U1YTdSA0lNyjI7F8FHo!K&8=~@U_hi}f8j~=bIahIlTPFtv^qRvA=h6;GJ8Xos z00`D#6pq&wI5A{0a0bbm0aZ#+LrwI@ryaBz>->Ax2yycu_mEP3Dlt0Q7v&9#El+3X zJhy~d%^(bk&H78db=AO2U-cyO6FcKiUzer~MXoz+uqCasr26tK%Q_- zku2QhMi|6ojm~qK`-Tyh<4DAB!1ia`6+O9_J2fwB>DUk*2$y90fN;z@O4#$hYtG?K z@>M|3+FM-8c5{Lu397ANzE`$#+3?DrGh?6#;_8kI2v&cpK`w|yII$@ss5k!7-16W{ zf?9nopCWQM&jxSqV!uj`%W0*8jgL`jm^1`zQl768$w3HcZVDzH5bxTL2GZN6LdCU> zB*DQv?*bq&;nU%(yYS!Pns35rjSz6B*Wdg+^Q#T|!3r9lnhV`~Z6QW`%mk4qPt~NX{5x-v?Wg1e+r#;V?2iVgDwd$w* zrJ{MGeYeB9+0kpSC@kH{YnK#6DNETfK4+>QrR4Hm$aWxUT#i!p_f4>%VN+_*(ZXy1 z;PU1o@3F#~e;a|KVWU(A4f&@1wkpP-!Aj8J_RDRwYZST#5;%Y{c>YzK>VC_$j z;IT)@8J=%Q4OXRW2km#dtPnj*xdT5V&^`u_Qgr-8>Di8y&#mS0sWF$4jnb#RY^ZFp z?5pwlIT*}{DO1w2jOlMMg+A!UACPf_BT0@hpujy~aVa817R8X8kIrvy8@GAz^SHGx z0oA6b1b3Ozj+Sx({-6XPb9B>2+uhHOF0L;3ZC$Q+xgdypEGbmMJ*M2adEAbStNfi9 zDO|9uX_M^@Z_^-9FOnfobEZvs*eJ)_nFf7tW4c-6h(w72iz_jVBSX+Z^W(OQ8iI7N zec!^4a^x#>2ujd4ks${Rj>ZCH#xlHok^j?1<6n;d=-8^i`Y0DJYU2DFY3$hT;Sld( zSd2Rfw0##I<-y@@e>j26J)$NeL`Y+=xgIZ(9xa@S20+g_>W@ULLNf_{~plYI3}T;P(dIJKR4XhFvFK8*&Y{7d_hK z9|e3IzIQ48f%Bl)`&!QPx}eUuda-HBqCticbj+xiPASa5U+(6X@Usml zd+mN*m|}~nvE%g?{qCLB)ccfen&$bbFuHC2nWWqE(bQ^6ln$otb=A4h3C~K-=LA;# zrJj}U2nuxujF-DZWb5bQ?xV5}8s#_qRJH@DE$HE(?KY8Ct(wwt?`Jgx43U|&dkNXh zZbP|m>`|mDkEweeqm4FN56x0@8BNkYo;2zwHdwU`H=iKGZ^*r6N?_#g5A8iB z$y}dLw~p(-8lms$fBD!Y$~vYwMQ2hmc}fDzMnB(Tn#>2fK-L|SQo@-Z9yt~(u+!&Eniy_^-lFyFXgn$#PI-wo zH!{Z#F1*dN-!naP$N{#}sy4J5+d@-8hSOm8-H1 z%2qP-V}qKyzc$Sk^YM~HnQiv<8yMt*E6lAncJfm*TYQK6;QND{s!dZ8!ql~At@iz- zOXr|JcB`j8i{4={R=*O_y>dW;casvT87IGrX&X9DpJ^L#Q=~U=@-^4o?sgp2sRVuN zVVF)!eRZZEt}=p1*=#tvo1xUw;amCr%$RGt_}!?DPlMyB-JtuBJe()v!`rRrAZ`xD z%_l11C8Hn@c3DqFnDqnsGHy=Nt!AzCEF3w{_M9m@zh-0A&;MXq9NVYdPJcrz@B=^` zA0mYpJ~|&_H{f@J@Rw!+Q5xpv)m`$cQHCif?&&Q7L+A2E$x>R3(k{iWcEw`Z@-J7i z`UkPot57{s6wVaTB9(S%M$B_Ns@EIhMg?WXP4X13e0k$As91~>g*T(_$qag41C4Ec zW>uEMQuM~2f7a#7H$Q#gnTJc68QK=1e~Z-7sU9Xas7tAJ9}U>fALeZw69k4ErSQxC;MMAuMi<1OPkDMaM#DSQ%I?hN*^l1NUE5 z_QL*0l?#9V#|Wyj)?0snSx3ipSiZfSUX3K>`ja^D_^gpy%<*xk>B zf4djvsfXWw_N_9ic5egelc#W;8~r#KuKM zNQ>TFG;ZMZ!NepM>T=kp8@QfsSev%jy(+mV-~rrL zb@)J?Bv&%H>C2hd;;ir(Q=o}ZM5HTpvx8?RG zg5nSF|76#r)bb@;So$5jacg8t?|~8Ee<(0I-zFv05(&9~flV#Kc#y0mwcOTQ^4i|9?WN}cM>dEHeF)4)aEu0Y|$IZ@$P*nH0 z*(uvx3~uoG&W1-z7nd8Es)P+kYn#+V$XX9l&R|!U2|4V)rhGM?oj$HVy?VaSS8UHz zC~i>5J_*_mlUk+p*5%3+)#ku(xSaL!`y6aJYvzpc6y%DwSnbvDngaGH@=ZryN88^D z))9)xILBqWwtN2(c zsP6*-tb@ZyQ;meaDPF&1ekHogFsTseHa9o?&Wfa_TBbRh=YD0nwtSyb;T#=* zW=qqlhSV}L@xIe1gVgFHlvNF?+<+->l-2F#gC+e4sPS5)Is4O-xJ%I~VqwIL_@ARg zP#-vyKgBw}dcYHEHD!U*CQei)Jz8oL_w1;rkCPhe>? z%7#^mz$nJVir>db=vgN1iX==+DPWvI$}?Hih;()i`6asCwbm~qQ6~*wUeY=^-&0^P*@^v@C7o^QT}3Q6SgT^Gx^G|HKR4D zl+7l)Ze1V< zC!d+ydDTvUl5rs~BUXlSn~R9o>yTjUq7}6XXonWL$S62lI3Ev-4~;vd9gI6JXau$ zsr*w+9zPpq@PK|)u*z)b#_^Ke|Gtp>{F@P zROj{d4pT|8nDhCeSe5sXm^E~Tgw-pll{XZ=j;7z>B%G)6Q}DLRt)eg)R8<8=%`Px8 z>g7b4VzemRt^Celm23}^1oz`u@n+7Q_`ESOSG(Y;B1~$<0CAqLKdE8(mE{-cq?I>d zZswAEG}5@f`ZNuDbQgLnr4{t^`X|X>V6Iaq*x-v)hq9rWdsbG+;<(c2RO2OcpqjKDLA#;R?q2{TSK^OT} zL66dveg<3$MCdX#&|vazj3k9qn_eqP+z(&$}t| zC&0p(mZM6tpEG}h1uNn7H7SqKq7WB%Q;RuzScaLfu~dw?Y$nI=m{ftXw?5!UAVyn9 zeI4nBO!z(VGKFF$qyd5GT zQimY}S1Y2&qWi`)&cR(0@D1)Zl1{MKly*HL`Q9-W@lM3lV}khgjYZmKT5fc%RBqdb zh6^NQgKG$;?B^!>hR!tfF9#|NT$SW=KdzTKavL4WsdU0NfLZ8Pn|PnDb#Q`+x*eZL?&q=53h$R9u6fXCO7 zXE?VfQ_N@#E&chf(Q>DAecb&}p$Cmo^)>dRfy&ifbk6%-dgBCl^=01ZF0H`LV$BIT zpM-TVcG_E7B04jKD^;r6Fg0G!Zdcz#2BkfSVsfZ{K_}lAs2$gpO^tz3QCDB+>2QsV zq+y@?KHkx_G$Id{Y z&%;rW($`t>`hpBKzP$;I}jZVE#2x7c*cQOT`ye{n{ zu;@@J@xBuR3OJZ4uSEVB0Rf=*mfCJi`c}G%17vt{G7X|-NacMJp*b6!^-F(O)pq)b2_B|>yK1D-75f0s= z#Ig8u0eHPea9Z(3P@D+wiIrE~^QZXxAXAg*3fMC+FiDd;EV3plh zgtmsj;-K?}wGGh}iyymE)KIyyQ?4jJ~Bo7|DZQAO5s8+OhDGs09D{#|dL7Pp+nz1d`F(av2u{f&qr^jHeaI9A0&(lxG9m;pFmbA90>1qD2nhqEsp&w+Ppg2H zR`gTPgHirL4s*2&DQF!(^;P9HxN*O%eF+LCv>yY}WrCWij>rNI9~oO6 z)fL52=8f6>-Jp!0Dn<2t@~h}?DW`VVAL1ngYNTq3q_evo| z{T4-cNx-KZn_*Xa7q}^oALh75D+-}k)?l%|$Jtu)Ngu8=F>XEoaT8`gKY3N;NBD!)5SWBp&cNSgZPTqzo9YbXc(sZyi zvIXb|zJJ_<{mc8hyIq>~iB?>(^RbgNs$x1$Eh~2U%KZENr-8NQAF}f-b{z98cu?R3 zT(3S8k?&)1pqou*3GEfQ?&F0(tn)Cu;{U}b=lxc~?-LdwTo(*^vYX!T4eLR+`M5?H zi0n<@PAl3AsW*Q#C83OIcWuJ@2#`Lf^OQoD9~2|QKrY3Z#&8TNWb?;`xy6~1W&ycKdF6Du}xAtRDH1BkWu^ps?6u53JborxN(3V6((^Bg*~ z5*+IFy5aX`HcoxJS@PfHj@VS4I_^jun||cUSk&(cCSF36`u$MXZvS|+@9^k2PppqM z*>IYsZ(&g2MQw`N-{^tA^W|HIpl8Vx3eRAaetvzaWfVKTa|+fO`PY^J7<7CYOY*Ny z$UyaZXdHsGD66KRYFXr*7$Jc!I%h<)h zTY@%0NqR-cLH=5>1_M8)+jw{*JVaq{E)9VH4e#YjMOrPYV=2L<43)!8(Z0zjHLDCo zO%V?zE(70pu2Z%cn}CjPz>Ko>qtDt1cgE~j(kn-f9}Y+NIu}+9926D{=L{;75@&s% zF8pvy{d`*lBSP8CMPC{|K3BXvU#2uL+$u$yJdBhEtLGs3Xr(!THi5d>X zGRwo8w*^E)%>NmS9j{TbUd|hn*)(~z!&>WuOzQp>C|3L_Mp7u0NbXS!Eo#=Cg5&2u z^@AC0oD~D!R!VDcHr19k`vigcJKoio2W-Hbcc-pfC6Tqg7k{m#%FnXjC= zhwVhT?_}l|Q?mEvLFvlotH`SdH3MlCEaZ!-HzD4^k)uh`L{s!BXLM9eZ|NT2<01Q- zJBUpuvWdOJN$elw>Tf8Dt<|Xo;2MneL}KESx3k=mm5@*)!Abl2bYtjt@jYTrZSg@V z8d9>0WfQ-|)suH`sA_0y##OmNSGe$QBI?-!7Czbc4)U^-Sozkm z?nOe_5YkYw2&U3;V)+#^E8{w05T#@Pu>#)22e#z=GeM3IYDVXS0;O94D1Y$a3$I#R+ z-D`gHi~8P6)wL=5#r+zrV%*sf${__JYGl@QY?Jh?-eak?HKrHYL;QHT3y zo17_AliJ)RlX8cY*-m2cw(GuBF25h6xn!st0VOet-x$XGVG)bVH$5LnQTXfy|F{=dEV3o- zMQQ!^03)YAF6?JHCYdT|T5EG{pW#0Dnx~v7@)uZ&&R){X&nHG9aeh#V-$PBI@H}~Vq*bja*VTgzX_uaIU1eZM3yqc( zJf|afj7P`mk5PlLH>*2+H!q3ATo>Mg_-#40VFEK^J~yz^!I4vI5_zxiMf%?A3o;CS zKa^}wP%gCH5^U!U-zSmz>0KZ@`D>pvc|X!#|+D(2XYf>5c>9ca?J#(n1GviCqW z`TM&TY$q=jz1zF<=|zUV7d!yWVhOI-*RDVLW7dHCvl~irsmCEVV7XmJNR;LL!-5X_>wjgba zZCCbQM!vnL5^Va$EvOww=TNBSG1XW3_|6Yo8NuhWX44C_5hJ7d3Fj29Uv+1SkF{5i zbX>C%%D19Qac!F~pP6Va_oTMTm_b~bbywPAOBW2V8e=Ay`UFNKOf$TYN&$~?l++l* zzk4i*S)Puy7h+ZrPwdAZu*)3N+K+rYdViF8`zO^j)v5q|4&_%t<7TAe^GM0H-13YV z)#~f6Hv(^X-w3aLQtMOeR{N&*S?#M@k6ICF)o(l;+y`6JRZ`8jwPaUkOmhZ$FwrE@ zh;pm**gZ(UpRS#*m9G16I(0|+32s};n`#<~IY(jfK8JB0owd^(EkI&1yhpbd{ zVyR>)W8X6zqUK2IJ-Xu*7ySr*KVB*v+~=6wHrsOr%CyrPWfj`1Oh zPNl8F`F-UXMv{GZ)Z+)7$6<)uf z@+L@VZ&ihRqObo4i}P6%pZ07$F?8v6&8(9CH=pVtuWhcqtC5ME>Dywb9q%8*?%Wq` zc1nwvRe?&L;%C!q^G`eVZ5wuXnKpQDF2N!GAJu)j_&B0v~#Z zi20KFvik1xd&)P+rs0dp1*3|LZQlxfR45MFYu+*m$JSU}rFCvCdqEbOZN{O9 z+`h4^>D1#rj=`G^Ss!b$%Y1QpVDe(rZItJMaCDsnm&j`_Zk`5-gPj&H7qz!2`__wF zC7R)Ht!Ux=FWF`yibJ7lXO3*cP$+aX9-Ue26 zeCapQ7q_Bj&r@Ju(R^dpN*i?Ez(Kv%g8Qc9kL1Yosgb_I+xX3CGPN07cBx-f7waY8 zv?+j|(AX@Erkjxwv(|IqXSd&a$aj@B8PtRUqP}eWFub1z=MeW*wu-=_4)p+6a^V?NGTmwQ#} zSG~KzH@99NhMXt+cFNK@7+nes__=APaHPrIGy~*H6Qf#V!DoR)$Fo|d@=v0#v9tbg zD*qYktCqcOfw;d2^pqOy2e0M4eHc9}nA8kEE7`9P(8S_{AfiTkSUg5xajkuxq5bCt199 zZFAbeRvzAMe%E&mC1hUPL-ukra@XwXxxG(PzV>c9#=0s)9vUAR$zrq3g*$_)(d$-Q zXMw~ypN`Pw?+%z2L;hesgFTjxFUqf;cdv>y84=Nbs#d9MYuM17HW_4@6~`IQldx>S z5$hd|L2_Aja62*+!!(heocQ6Wx<&tDog0l(w)(|!&%bH~EWf|8Ds;e$`Vum4dALP6 zrE=nJ^(YhjxtCn(57NKtdER(hyFH3s>Xa0%l(2`H$1acg?Wv90gY=Kx=pUb;8pd)c z&QVGA4ZNFw_A9t7Qc2`>o9T-X*O)^GoQ|3XJY&n+bSf!M<||L;?FHHRfCkxZ47@6J zvJnRN*k#GQGFdGueGNji6AnA4^Rt3Q^aw?v1$`eL<>_4&K&_D3E! z2My+V%D;Md03W(3NkqGjvE#{Zq3dUsr`Yye|IuxC;jC}k#fP3M$4XmRQZFC9{FwWa zm7cPfj8iG*n#YlZrx9eUli8W>F%|UGw_kQ2HsP_AmkHx6@}G#7)f2HLOU$AI|KZhD zr>!gO!lxLLjW3gv8+|%HZLy8!q%8BD*N<(w_KQ66^s+Gdm{ipzuXyCd(37H9H|7}g z{cby2zdBmfZKk-HE%}1&L`n1`YWu~BwJn+N_LI49*&3A>34Vp-VX|`Yn|S=%r5;>H zE*DYJ@N@g#I(U#x@K?<1hJw6W-s0(E4~8S6pYff_w!s~DzvLgS^4F?&##@65AZSZvHyrD9&48^AkEH|s9A*oWugQdIE{_RE^#0ZX&Uat!$I_2)an@ixl? zns}SJWRu07)$rCe{!IJuLBzEhyE=f(CM}39VedQ4E!TtpP`|{avj8(weZY1u(`=&K zxp`oUITR@x!tRMhY?gnt)z2fM3|DS5wd0$M$rm&=wGhNxZed*0WZ9u`XbMyBkBf<2 zk*l5$4x12g{DhtD!_=#;$Z3KPY1r8@OuaiUCU8X#J0{>*h(%_LG4U<4PafK@VVD@wV-1+Cv`^z;K-aqG; z9#MT7Q}6It7a8DB`O<70eSgNwp+_U;epbb760Lq->uL`5xEw8iO8r%VI{td=!>tdO zJ1_QeFH+4P`*}fJJx;@G*59eAvI;k<;gtFV=l-1E7n9-3--oNbkYv>P8hdwKu8&F7 zEJZteto_@o8v;t-$;BP2CUqBvZDM1C^T97{Fq_GaVt5}_IFXCYS!DJF zefH?7EVL`oD)?!%WR}^N&>^Tf@y5jJc0q@c?WeZsX}fYe|H)j&8JuxBRW7^u_~+I1 zw&@w;a?V`#Lh#{p+w_WYd6cxZz+H>J*#gb8#>;lv%cUiyOU#Z|Cg&X~Ix37Te{!f& zG{jVLtz;w5`I(PBXzggMy(3UK_Tt@KdU$62*!-4(AwG-D5zF18xlYU6quk{)!OR8X z2Mf+=c@_8X#ZNz|sN)Y8(j1e*wH{*+mhGnBZKUzWgp$`g*!vB&Rdl6%UY^T%0aed@ zeUI?UeiLz;v+1~dA8TU7#WgPAV_whnYZZC$+%fvTgs5E?#tnR~wdA2%dk|51q9R4$ zdP;SFY+(>xC!TV6V;|QC$2Qko9tVHw3e+r7{#>10`bH%%F+pv$C|ASD z>5646Lj=Sz_)f<$sSd`n!>vqZ+uvs9;=hjnp`)OwA!&{E!$pireQ1+xxk&h0+C1%= zN~?>U+`U{HVHhzM;jpDevW4Q4_$!llZIVmlG47H}v+?$iPa=bRF%B-(vEZlb)YStg z#={a9yI3X^bPUPQJ9>(UmC{*t6gQWC(7dI*o|!Txl_536P1VG@@?Z4`+Ki$B3QHA z*ey}f^I-+f1tt?1DTTj4(X_mKacJ3B`h3&)4x7!N&l&}JgSqds>F<^82ngn#?R|2J@k?B zxkcuCK1nu$*S5O1-K$CCiz9v@fY&w-uXrc;>pJ$dHN#c5nZDyzKXq6;jPyH0WuX6S zME~-H2Zm`r$hdrb?g2t99j7XDb+c_31&3im!tZUZkHB=f{ecxP@F3RK`Z&SuZ$tYv z9y-Lu-NM>y;D?O$0PjQ<^pUcAXgs9914L2GQGO8sBD`y8+>h`80J1Sez&Iz@hY;u8 zx;*=NNmubLLZhjP#88v0wiQpVOb zfoE)9KkLZcp|KLyZA{6L@3W2^60^<9(v1G2SlM98^s>R()_wj>p@`eHVm1f$xrPbzc zOy?lSSezA2s;$;Adu}G#Tz381oP^_eYL%Ds*7m)W?N1Jd=!KJ4R^M$|dR(*G{yvnM zd@lQuu=t)~b82f01FyKXMi_DiT6yJ;8? zCXY?79;j@8(h#Cos2NvXTNRqzN2Y0XX+;ElsG;o0VMIdf&%2Y!3e{o?uZKs)()+|6 zFq&ae7PzD;V1c(C{k24Sbk;?0c6;>frM86x`<&vH zLrI-a(g_=DM=52-fL*Y;gWjhTX0&vku7K>6SS>%5pMzw&gQS49t38b<_Q|DikdYq7 zE7{~issfT;?c6^wxZ*NC=~Y-Y<#0FCrljP>438g1G94o+U|TZt#}e&}Le{s1Wbxv) z^Ntf@6O)+BD*`OI6QFuC=Dbg~C_agFWa1T<-Yv*Nd6MwZX^Wy$q!H86Ev|Z7T#Xm^ zESy{ZLbg)^AXT%<5ZYBEik-r}6x*g>#ERGzMdTKM>{dM*y7qQ-)i`3OL~3I#daNBn zc*O&aSG~O0TIXU}#80+*OIC>o4wCPlb_V{q|L36*Q!n||S?Blkg~cV8XPvh#LEojT zcXH%rdqAnhZ{lhMbceP`x@O@};S8<;e*cU!&p0`n2Z z4PnZ&N&zVWP7oeVP^+6lE2Rn`<(uB=MzZEe zG%_GT8ud$HJ`&6UYZJ~>y9(<(vE4nQ%SBID-+^NHuA0BVOj_h}Oj@%5?9wq_&C8+2 z6z*2Y8JU(+$o|uo3BM_*EnB*yf>2TMIYQE*7`q18@CCXYcs-W;kfmEl-co1y8e@6ok zw$Z<%i3i(!V5w-?N!UJ8Y{1_Bi1@9U4pCp`#HF>c(e2?&d%{bpnjE|pto*AT0u_46 z6{?4JG#9EusCsrU715;-W4<2VgA;osfRQd#1sQ;LnpjfHoe~Z^fy>vs3A4y5Qn=_wvJ_KqlMzt*V(70}5`o`d9P&}Kw&2PpmtFAy3Ixd%gn3S*O5(+W9xgy0huAk0VT z2(|~oCO_4*GeD6LQ)P86l?uv7AdnNR>L5plJAmY{SPQ#Jvyc%@e+>gIf2VSKCY?ASG#CZm>CF`Q#)zaEzEr%nhNh;9d^47;dM>iFaypG z)b?jvA7%#9dMHSO1Smj9n_fa8TV}v@xuMm8b=n6C2jKxhu%VDQ39T#IhYJbcQOdOQP54f?)vh<;yGogMzX{*{(-T`e z!>)zlX0hkJ=fID8v3Fn<7yJ$q8(fP-)x2bcT$)sR5*)Ci#F!xd5Cr7k6RFA7Ohi`BD)VAtx~^Ax&zMQAk5V4c^UIPQ7@_mQxr9xHoscQ`6$o0`(zC zFEmKBIIs~eBjA@(-vE>zHqQgVHN&O`Cm_iR30I(xrXK$eEZn|Rt;3noPdg)#IE=4Y<{&v3gZa9F!?=5rpnjFktM}ZS zsrXUuJOsOzi(JAW*;!}I-502h2rxGcEUprt11+y+Htbkr3XyhKc>}Bgiav5aBxAT#^HQ*vSqDhOm>} zBkwrA{J3VJC{Tz4@U04*TR-8MIrDCYzLuCEWHn3`cH?If77gGiAfWO;jsDAMZ^2|Z zs-J;K#rI4(E6q9|K!H!igheukpmF)k%`^acbDgz)i7~whdr5Lx7MRYPlzwXfF@vbghU3894BK8{Cu2j9~A_8eIIDyb0^7;1;!mGJ9bkEPz+zC1hjIw-6)a~ zbjW&e%VIRRE|@WTd=hhVhJ`?L8ju(Ol!0NP(GxR;mxI8h<77tz&zvOVLwMLg_TG}K zU7&+KpeZ0qpg!QX0nag<2oNCa9&3yI(}1BP1KDkt#PiRcw~5z0Q#`uQOUBOG8I5a=f?fLyAorK& zjx%I*fnsOLb_L!!Ll#Na6No=U=8wSJAWrZPDvnwz4s>bhvh53uDd8&DR1NNcg!^JD zMkA8>4!EJ&g=qptfEkCiE_f$_VIC7hOeLyOQj3)gP;m?{5zY$Go!dkacz`W4go|gr z8zATl&>dnQl2BD4{YKjJ9rrN zwOj;mr2_~E2l92nJy7@@nGZK$^P^d3!g&gUjbgq-Kz4414%dYqiJ)Z7gXHi=085r9 z6o0&fE>hQvXmBqQ9HUa$N3WA&U*3>Xc0e=%2&WxY$TgGF=G;p&e z%_I004&?M$qeA%FQr`#`-%~tLxVEx7m=L~Zk0daQ<5o@ZGvhOX3gLJwIkDCFJiC?t z`Y|D-;O^l3f(HKkh~|wffR8^cib}aX>E8elM2_@=h~USTC)`Zxr7$&RSRW~!sZ8p}o@Mv9fV*!FB zOT{ZlP8@DNAEw=z!aX)*iMjny%J%TGBdwjvisZ$fZr9cf1}y%uf>`!Sy~22h!Z7+d}}x8l>8Uz%4fJ*?HANsTm5aEeWLmw1b0$DSS^3c&R#=dM*R za84D7Vv_p>DpTCAkF2D9I%=^rb;S~~p9epA$g8X0ov(RE@70tcJC>uNU%=FMnHs^b zDP%iZi;paIuV8I)`$d=1?-nMDhjA^$Os)mw%iqs+R1Uur?e5;5TJCVse?gdhM9$!tV4wk-HAhKkE(*;mRF^uOb?l2!Y3D zdEwo2axYAp7H)se%{j%>*;csPbw;~Cw;PjLLY5hxg8#S@{@~8!ykPf%z#>W$Z#J>V zw09oc-kHK9L9`l}qVk@X3U{`v-eFR8_{E*|YdY)KfxxACljJ}wMc?CZCpetX6o^(i z3ZIn!ZP5c2k>U}AGfVAp(IM)zU$h#ZTPk1b+Bnjt{bE$j3qDjmnd7N8<#nb&EIKqC zOOev{=FmjeuZ~0;mu91im)0Wg)^JlM*O|_#v&lN&c=8ODNc&&vKIS_U)@@0j_G={k zeAkV4Zwb~Oe@n|E4yVSbT1HBu5d#oKIe#Uz8pw5~0CykbsDyq3KIp@~Ws3WTVGh1Q zO}Xek<{?`B^H2ah)ebg>`INso1R~2-n?mFL^Uy?GSp=7KzIcRR=Nn`7FSx!O;m-^| z999rdtD*TladCOTW|_=KZR*P*DwrGg6&zwQrgm#e9=cQKfSWnFphHw5?yf`!V2G~# ze7=GR-4<1cH$>>1&WORM9l-FHv_-fZ0L|GA z;~5xp!u1qU*ahqBJv^Q-`q4?`l4@5H0G%it@|(9$eYv;PlqRlWbfs)H|SW}{b@`tMHpe#_}r5pm-hFYnB8+zjwW99)9}-zULTM+czCLdVs_f5{ zD-p)!e;>{~HGkF4@zJg|{(wTn$e?rRw$@79!L?(QnK1#CYni7uT?6*C)5wf>k@>qw z8MKT(34Zz|I>J{dt!1;ob0^sp`cr$_e{RXtcZe;#d~2(~<)^a6N%1_v%BD(Z-|+G( z>hhO&#ps;_35QADA{Y4P40o`!-`bHGkBKG!A(eIN=ruZHxzLu;XTiwRuLR4x1fD;a zm1MKjNuxI2MFIQ{SLpDxAEY~;Zyf#8R7;>eW?R_W;rr*?4>BGHfmRtd70XTCud4wm zpLGj9@&{@~ZJ)q5H|R~K{nq}>cxT`(AWM!}1Yuokar^a$r|9EgDVu_Qc*9G+zxeAX zm6gg79p(0zgJFeyt7`Kx_qg=4_&@~g#=EHfH3Ss%vOaMd*Hb7UscJL=mpuqszJ9D! z0kbUE(QiMwCYSB4WAG0c&s!DH&nM6 zdIx_k0fE|8=^*U~FTlM>P~~>DnA2g559`XMF4I1&Gi9Bb8U4Cl?Ue+Wt_ZsOlf|98 z6zn;lwwwOpjqO3ayxh80_nps{vA_totNmmtzxk~md&JNO-TkP)f@8JyYa|6X;9k|} z*Az~;(nSh91}pMQK~>=6?P~42DJSykYLNT})0pPW+En_JURb|QvWSV|N1!HPtEkuI?Zc*72B3vWG z9!#3oo=KpG=$Gt3OEbIN^jmsWhL}*Tpbs|7{-DCp2<$FmT^mvfXf=Bxf8Nmtci8!m ziV4_5^7UtAtN~n{^kcBJyMweR41ID@lGxI_8r7z+==A z=og7`lw+V{o!ehS-opIgYzlq0z=iyoJ#l3$3&Iml!<}2_I&}CtHitrAG=7tP+CCt#WXNv7 zA5t)}`!Gm@CC$SKK6JYCp;ai< z{`6ttfgDN-6ZOR5{9EX$L9hxbcZU9Bd>1YZs>KeH87k_=Eb=dbLKXVo(hyUg8b!iGp+krmw>bR}A#o^rBzN4~!I4Y|kgJpww1K*n_T38!g&?9_{gpRC4-WIL*sl&SdB#3Ca#bBRzznK^yQjf-sAc!VKQs;5&u{ z0u4g28UAsa;0_))5u`I8`bE!JQZRp;B}lF-i83%elrp54A!SIj2r>G<2l`*7;T8W< z7vc9q-Eh^LM#!yRSt7afkk~^E{~?7LDQGPpXG(|yLPtkS%AM%(4Y)G~2cWa)TM`Kv zNC${7;imgHq+!1jromCL0q~y?L}i2Em;nDCaQ+Z$|0jSqAPn?`7K)!&n9p;4+t2YZ z!11F56IxN77Eon$*FQW&J(1=i$8Fb3PS_3k0E&R1$0BOyKi%^GbO-V;as5AWLOe21 zaoBE4!tFZ?6@MvOsZyF=q=<+Nt+U8a7Aj&h5Qm^CM^6QqvcfAi0X2BZ6d@e0;0^&} zhu48#k`Z`hOrzZh`Al30*beOyI-EosQV0lqo%!FlluJ>gEbx%f_{qWvuIy{nH-N<% zUb7&meB}inB{Yb7z-j0M*GjUbjqaxJg|AGI*XvKsbu@v6bxF8DSPOfY@FEGW3V+}9 z+w}Zb7ENTSXJ#N}LJWgjoX^xzAPd^O>$oEs<)?F-Hc*jc;gNX$l7Y=!Yc+leheg2u+G(O>Y^{)?jtW0F!--#P zTfr|5nPBl|I}pcJZ%53W`l==(wmK!ghV#+LpBFD4TVclFP4Fw@-s1Sl9_)lRXCb|2 z{@iyeZ}&o6)-n$N_>M-t6~1uQp&7r_ghT9Yd*+aWx$h(5A=(qKQs){+VrN|wX2+H7 zCQj!guf?*iFl)T`POd9a9r90@9a3H%J?)5jU66G}Q{#O~a$U3PP%x4(JEpumej3LW zZCQ33&q>{ok7vu^Gn)*;dU{E|(|jA}QTF*>py-v}#wP^>X;MmY>`mdVgx!$5WrC zW}MCJecM%@81JBthIXV(L8kUxJ})MG`oliyIog!BABW8~8Xb5wYl;Mlm;Da&MJ>NP zIL6~O^hlAXx)Qf~{AE+Vy5h=9>g9lj#78`l6IGG7EhE}~p3N2as@7dz3P^NS?U^e1Gj#YQY`#lArNhUQmwSzom&*-j+d z_BXFk_c@naisjuIh;pBvy1djI>0oz5Ecax%<||H)vcQOnYBdMT_@(8WVR#wLfwFnO zg@Ly6YlR7i78xcUk+1dP@fa`fk-Q~?gyvaZ-m6ogC*O|D32|0x;apF)-oHU5mz94t zIlZb<3D>D+q3K_Z42Hes%Ev0rO0J+wgK%2hA|WRKU6D5-m6h+ z7F#|T5zG`WF`4c;MPFjVS!Ug9ULaT9@Z9xR!Go@d#SEkGD~R{6lJUiHO6qKBb^K+f zZ=**RDz6d--jt5{x%kGRR~?9O=!$;_;w#NX|6}skoxZr3KwCqeTwUIfm5%ZgydrD3 z(ZXx1kL+>pT&1(-HIGNWxzqpY;tJ=1k)S)@)$^Ry^PMvsybYFRMX4vJS5}T8mP3>V zWK`9M+8-l_GM>5)>>tm1ss6Rcd?$Wh+3SIo=J$bJ@X41Rb295Ymy@tl*%;yE$bgB( zI|YoYHxjHJk~_T;;=ZjcUM*faX?f?e_QYUfN7NfkT~%vkVSf6Mu+XE0lR8>KAsO}u z>k|YYSt~xWHftKcajoQ6Vux%}$BMQ4+MLI7A6oL%wt`Pn zfa4P8vqK&_x?@b=EY4Q7=Hn$KJ-#7ox!&URleFg_S*v6V3xlv@7J%=xvW^zDTxl*w z_cSZr*SX+3i~~$abLGEGv!W(G5<09q#$hnVK?))_uHDh%N{)3UVJB%Be?TK?r|Rom zZ!wjH4r0(I$j29jr-5_jN7j}wPF;|`bodi|XoXsCLRkm8FVr{9iuo?fnzS%L0KdqY z404f6>ZpV^b2-<+F*X=mMcnF3y35>f*9UZ^`f~IH< zqKa9MYUQ1!Ucu;kP6_QDp|FksbL(dIUAj|yI8WQUQtK{B@dYXmAw zQoTB7NX4?l?mJtqv2t6|fRLFeRg<0AhoJ$>^two-nTIJmETQUlwPi!{1Hl}9T#xTa z%cBCu#?`f3BTITswIjDEvm~s#wkK?(Zgdb)5o2Z-#xR}<_l{vK^vVeH{tW(jT`k?? zrCCxo5M^1CqSco+T0$x9owSne!r*~d|0wcoI7i8;oKPQ4)Qq@t{ratkp^x0cQdJ2*G~ayJlSO86mA%7Hbt7|&^r7@eV1iQ@ba*mei}V^Rbwm}7%$ z_FXdM!)na<8Hm$2#ECL9th)#$p%wjR!pd#>mJ7eJZEmEzcrYh_wP%duQiH1~>yJ#08lc3p*`o8VyCF8ks!| zFpML|e4>I&Q+g5yZp@QQCy3JkW>ncRX(OiT%g&$<|1u$0Vs5dT6TZ8JnIUNnjbUVI z@c8tIAc7^AUVkVEJ}l{U>dlcy0VwT?WPyv3xxBcTo+*u*dXquhltD(|uk)(iG`r{o zpD5UvPd)b#F`duQjlIu1eeo`sW#!uQ;PcBWxtDfec+b-em)-0fhGiSAve$e-3D|G0tKJ0lFN zPlc5FZZ0m|^3zqCuh1(E`vw$SNC=a^;tA;bc=?pS12Ty@9dC&o<`%r)KXLd6c$dP1@s@Kk|z`}#32k=O6_Du;Ic=e<<7z}Iq z2yv|{AEuHg+5t^6tyVy=iH_&VPY}BRD{#DpIV6!tZ-4_jVIk5P5w?6&0Tge@Tr}TV z6zO}Ya3*}NC9JbMY}o>-1|`hL*ACd*kvj|@5CfdT+Z@D;*t$9lE3JP*GpK&v$Q%Nr zMjH)9k>qWK(zbs9*Q_6cU`enIXahwgqzgoFt!o36M}@5G06jtqSry1a6Bp2qQ?H)J z75%VVr#Q$4PI#4o{NW6tb27sE!2Y?v=8m zukZ4T@SRJ{_&&MR@ww!jouru*`YLMM4b-*`ayy&hPUsO2JG*Iw1nO{d|1eB@1p zKX2v?yE1Ryak(ZgblKxfJ!E5D0sn97Hr-ucH!kk&xU_JN&t{Kh-A(p6FLJzyAGOY{ z^wzz+4to+h?Y&uL-=;BB$!<~C(mPgJTUWyVJxTAJWOi(}axB?G#bi$Gi!;1xc2+p8 zrb>#W=<}MpzgPPlm5XOfNVh|fEM1po(aN!h+b4Nm*}uKLZT~Ed#scr-=koz&qLoQ@ zY}qBKfpix$1@nZOXH3N-VaJne=-}i78aoQvx{!e*J-TuJF;5wVC=`B@sp!`Z4}i$d zo<1E};&Zfe={R4--t_M^SKb~7|3d303j9{z|E4xu0q2bQk*ez$`y6FX!vz|RLeX!B z-YVNYr9azx+AIp){8^yt`U$zYT{bYu11lFKLwOJFuG5n7>vupHC;=XvuNP?iqR&h0 z=WUQxsy!y^a#X)cpsp5ddLCgx6GpR3#PxE5|8`!7$uk=7p~)W~zfed#f;bc%4q=r= z-YQD__1{x}8aEgOT=>5%q8*OTruw`pCI?;i?2@Z{($uav(pLYYp^N<(HtY&x?)#?9 z*aHO;lG9`H4P267YU!{zou7%qdoNmbY?yoqIpvScSj7^GBol>!>`i($IN{2qhJD4m z_72~AKcGP7e7|-$nv7Ca|MLDh8UzGCbi`&4Atdj!CA5Cgrz}SU)REZpEk}8eBC)3| zD*$*iK3jN?Lhn53e*Mv*HL!qME-G~)w+_<59q1Zs|JwEE?+$G|Z+?S5XLC7}(>T=? zK6sesaFRS-&16vu4U)nn>Bl>eJ>|pujt|;9M^lB`$ZP;kZ|>whDyua7CgL^k2@My3 zEy2G?>}E>Yx>rIvfNwh!BLGe?+vxKO1s8xZ2!pKo5mP-GzZihe8U3m>UNm0d|7J7r zf1PpN{~(f!`hUSl^8beEH~)E58~ztv*Zr@~nQlD4;`cN007JBbpQ~zMihWk0wn)>XMXeV!LZ@~tow$4OY(L9kKZUro<2ya5ukdnTJ%tfgcwH(dcN@-6qE_JuCXCH>Zp2pc7j>%;s=rbYg7hF(86( z+Y|O28+Q8~m9s?Q4nD@7uVNb>7Y&W2?q)v*xbRaKn0I7BH1 zy0j!n78lMsWELLFQB>&qj?eq~Yu=I~xiMWxichx<>5ltO z8>8ar5?90?nxOO!vr^T+N<8O%Sr^AgbX^0sY9FyYHJt<(fVz4-*!|#$0g14#y4i(7!b5`k065orvuBUnqOb^|-#8-$(8P1qD_?Qk3_f>2^6GHe;~@n)%-9Jb?VWs3>^y z#`Sf&T<9fr6?nqMrEcQ4gwUO(3*|k`CK8Us`Vsm^3^qznc@0q8psS2L7W2I3-A>(b zYpNHGy2m7pcewgG&)2kXJEScS7(LrpCB!fJNI{aOo7Sdl=6r+4q#@VW8y$c=l%~at z3}DNhpIE!vO;mSu;ufGUY9<;W*P8^|p;mm|;@myQ`IQGTE%uCAo*)CtHYmDDT^SVeC?ZAA$#bAV_{OLaWJI{}M-~uHKmb zIDYSEPVef=&ecGcEyp#g*+rG!YrOxmCGhqKq)=3ue0Gio$mf?W)ROtJ@$%CnTzPAu zI@_7DXqtxV9e^n9m9l}KhD{V2Tb_vW03Ccn&f&7$<`2pPs-L9s{%;`#eC!F>54SDm z!AYvOnJe_??mz3b`=f3g~=Q#AM*AZjjHNmfcxOpOU9vtoj8=k}p$y!3EepCb zG~Ea!Z-9Z6O|rb!*doPFHU?F_dC0JYa7$uJXn`D>e@mU}GANKJDar?i8&M9&p0MAD zM7L(6ke_I}p@=lfM$vY+Ja`tBBTM&nhb|)``*wJMOW61n+PT%YKY)4&oyaWl8P$gz zvr|yQb?L0zryJ<)u+{-p-tI01t|bS;AcbXYziyT|8p1pjJW=x)65Q%*)ik^eWg#KG!CWUIL#` zi5XPt4*J;d25fVt1vkP6P=GKls$s`Re(DZR^6ow_Ey(vKqP_lXBh}EFRe+SGaPb)h ze@jD`Jql?)=5QA>91SY-JOl`fQC#&tjk8c#ZeOVagf+X$E@i{&VQK*HvTAUm4a#() z7LSF^+vn(k(3cteO-LG@_>m7MO7n>mSpCDW2d!LG%{WJXQiO_DUIYSq58PtYZVdnd z6)qN1egHy29=aT6%LC|T*txtVx~E04qhKU?hf1Aya6Yru7MzcE3IJl5@fOg8gspt% z8tmyt7`mZrrwI9tVP`$?#R<9vj>9Z)JFjBpr_Ih@zicHlnr64m73(v*3^ z%nRLJQ$uu(Rjk~>2`GRNJF*m>WrRW!Org1e1c28nm;fPa$bx&Q)=~dYLwMfg!2)jq ziVg#Vowtr}G$?A5FBBiU{BR>m-`|J=>x#C;Ikd#P5!fQc@qaUf z0#C`umIvEb07_6I8)_PD#XphZH(n4c0XgcvPXowKyc0qggOiHHAtH&vfVqIc zBp>A6Z7Ylj44lyagfQ0O`qzg-(rC6D^MCe-5Kg{-a0nEHkQC%KDT@F0VMZ$nOVTBX zXyFZk_dAilfQ5F(UlIIIAEGUSUX3>-4rM4o;r?0!D0>J>$loi2is3&k{mV*J-wfc1 zyP)ZfHA@ZnZ$%2rNd$?f-YB5W*??=l!U%!H)h-*&qX)!TlI$ z7=hORX;Fx3_t%nykOieJ_D}o&Cx9zA1Z3@KNEm0mwEGe zr4IUr1*Hh>N)xmzPx|YmZFF%ZX+6&?*)%m&mGZd1s+H&rp8HC_k%K4kL_|=(;Klj7l=5F6A}D|UaVczhfxp~m2xLQBp1_9xOQqnw z2O*XpZF$%(zqR~d+T}kl%Kx$wylK#OqwOV2hrkn77F>sj{RQuz1or-|RR2w-D8bER zl<0x{TTH!Qls8!B;Xgx-kl5{bD4KUW~x| z5&QvICeONP38SI~-tJIKRqNshJy7bLT=+dW^koWoKwqXh(UWlFWr~mt${iR4d}(su zhjeZTbLfVYz+ec6BI<@9CD!Q82cU9-B0>y7kIse7U0i@z`cn;UP7g={t17A z4*y5>1AlMWjI51#i?2J6W|vO zz~4(NrTP5FmQ6c%{2`%}=(d>RxMh1#>+biGaYopJh$nAG?P_x?x<8ipU)}L7`{b}- zLfXm1GR~;Cd#_MT`QCkg$5a1;hdH|{lYsOerQ(Xy6T|)SywpA6 zppn1t$%!g;o7x z`cpm1+U=3-mxSHs_cF2wS(Ro?1kbcax!mGTvp2oATi&>!e5J-OHRqw6pV2!p9vnj6 z%KK*T{F_*&K7ojjK!cxw`~GUCQWnV9Gn4L&U$V85QRb>fHeBPZ&fR*zHa9!eQM z_X}sfF-S5kzma5#zh5Tz;7+hv{Uh$#?yp?Qp4s2*a}25(jXiHZ^1iM9hWw9T>hIZp zWf{KtC_2L~DbowCuCd5{4Tfpe;JNX10b0hg)7UcZfa$RWT=d7K zl1oDu5YHTD{~HU}wdxPVqGVAzbvCAA8zYbbFsEoJIY;s9&n19rTDBjk1G^ogx^gd!iSYBe{0Qgb@ zUp(N8`3KMPa{CTx(=AUm59U5A3H#KhqBXYEDX->UiZix}T?y})D!XWU)km*vZ~K1T zt%~ZB@jgmjJt5%h*YVT84&KV`1z#WH!^{OKidro%4@F4QzT*$soS6x}v|N`p7}b$+ zYGdg@;|us_*gdlf^urd5+GBszHViNFy$yJt3=Bt{a&n6axhQx3`P{N(}=q2%{K4j`gk%P z8xBQ-O=mnAUz!Ly1WlfMaZBg4Ut;LZRLg2a3BP6i|MoMgmO1j847-0@m9bJ^NM>~$ zS=?5H(dEv}$>wM6jkzbO^B3F&sk4_Zhq$-nxG@X81uBp4`qz9fA2efhy*9yi&6TxW z`DV3jX}TA8sLQoxt{676Y`ItZdkvPazIq|jYveKXs=eO(hTOvx^(Z23XfJn8mU&x*S{azUH${WD?A(|u%* zAYWUM={~BEx43I6Plvhbg}Ue{<2cfywj>vI`-mB(#qMm|_jn~9X=!|BbTJS+I^ttw zb49gjbhM_5E2G}f=tG5Q#l+15Bfs%;eijOBvY9*?2FFgTg{#QEj%n!kR_??tUp|G8 zo>^=Y5PwwG6Uga}KW{U&*!}6sxTe_JYH?AJUpyY))|YFd)0{i!xon*+rfEEo7HkqT zFwnN-Eso)_xN?kUY9VI)|091ZVN8<^klU z2ZCS5btgDGtEzw05w|hw?K*O$NTyu1V)!%`v(ld%&S!HyHANG@*3Cny#p6_@9`mlq zXg-FX`qRjrd(BIeb4zhtV=4Hxf$DI4-fd2NYH)6>?K%1aB&<=PyYE|hl!<13Z~^|Y z20rudNaYAE_mS@ep(gI4d_ ztq#@ykG8jri?Zw2hG$4=rIC{EZiWUC5D;mkJ4Fy==s`N9!4V_{X^;@4r9-5To#s zisV}|w6xmu(`(&Y*SD~%)uq)qV%X~9&xj5Q%W?gRF4*bn_^y`UfTPnMtGD_vymg!_ zm+R4^N5+&>sPtq{O*O})W9~)1Z_)$)=i&F6=69`gNqENnZyU0HzJI#=QG6|Nq2r_S ziD3f}zwfw@&ac+$qFvMHYc#bqdQB(cxgu3KxY3GnHQ{-rgIUsntDy!fq8+mLS{RoV zF~yz)6U_IMRH!_VS!z3RPOZ0#R5>_br>6G380Jdv}V7O z)9A9%?7S7m7FT7e*}lCzWPeEAqg%sIzoJKVal#rRX7Q!fPI&I;2HJA%A#t=G_(w}# z9xU!}cBVUiApR`jnRkxO275ab*HdhCBbBDWJ(v{cFG|V+Fsk)=JH`;LrEu~DF1VnOjZz1PnkI%E7D);B1tp<*h z51Ydx6epHFHQ|b0nVi*Z@!c)%%KiR~S+N-^&w8@qF<7dKg5bQwr&T9=F=_8zF*C3v z#jBz7|IRMYOhKp9G}g(;lg6|ib&#=>adVilxV?LCpTxdBLvL7meXg+muP)(z2;NtT z{lal152jy_f41$Kk0mw9b7*YDd@%O;SU=Jv>+3Imo?s-YcJXzFSj+8dXIkQehX>O$ z*j>|^ZZCR>NA#DJdU1gore}||4!SS)Kh1Y_lM|2EGkKkNF2SQEDeLo$Vj9RBd~@0K zR^Cqza}|ud*n8bLY*JhVd2_;{c+f27EbSlQVcrO*-NI^uKlH&iZls_n_ypY$PxH9* zAfvk_FAwkAveqVVZT%6iog_@Z;WkgMCCpv8Q2xojwpM#j@=#df92?c{gbeqPmRxIS zM)C`w_4W)p-EA7233%V98YY<*Zfj$|gUOU+Fup$XY?qk7s3Yin!HnaENsA7aRMDHm_b;FKl zu+kD=dqine?$x|VEeNZ`L$a^L?wp#_sC0NJuR7Wot(wd8iA*X{utOj_L?NKEYw|Uf z0**gM-;i2Xq~UI;ohQkX{|SiXF)Wz&sWQpYd49K&DRJfpsa(d3m{xvqx2acz6gi6{ z`7ZcWIktvF-*e8nRjzgp;(lHDrM1J%S!|yx!@HKV_xN#8bqLni@4R8v&&_a`PbS!&2Z! z`UA%CS9>q_2kPfl?Uah0<#g-SUt>o!;=SmPG~bg1T*<3umsTyy-KCIO@A1c?6F-+4o0gQw4V%`&f7gBJ@qxK_{VD&w zXRki^!DiJ`NZVV+?^R;FAHucz3d5Ov!96VLr0AQT9c?+vW!Cb}%!xaqs3kOwqY5dj zQaL}KY}iI$$X+t3*}Nf)y%nSREu@vt#z6HmdN4jgvBgaL&sToU7q|MC-)QrqJ~Hk1 z!3;}OUL;r-b%`DIy{%hl8J<>SQCEEO6?I2QK(_f$0_UBY2rz*55qc)&1vh8Q(Q*R0VPE&a@J=lI}~J^r1lD1@P`$iIZg{cVEqS zq1lQ2%qep3D^{Yh2}>-Lh;*Z1&mW&YM#3bS5N5MC_Z)guYHc*#D!bT6<#|gYE^{x7 zmw84bKB7fj>p3B=eUHpyr0eu9rPh(rW$Eb8zQ;tmXgeWM9~;eFN1amY{qzJ$%1=E| z6MB-rnLFIyhs{1nFnZZko9TY-`XpW2JV6!n=hA|@)%rxbd6r5v zb~!58}EF!4_f?*}~hDm`3+(U(yqh$hu-tpT7CjR0T#sgE2`h(=}Q}$pxLR zxi?4)ThTskOe1Cu4lHNd!g(UU74+d0#jQ_iy1UB)L$J5E!kkv(WDB&9kvoBd8Cmw@ z$bwE{H*M&S@ix6#+juCX%~}C%f3U`J2Saealy-e62B~co*6`sr_2ny~`(p~V@MP zyA0oxxQ)qhP_Av99Upz4M@U}s8^KPLZyUNq#%=1Mf`nV4cxMidn0KfT4CPA7LI+;o znF_B?e+m7_p-3Qs>>l#zIZ=%qy-fj$C-B%~{jm7Rk43}Tu-Qh~KvqQpT5q}t*Wnvk zq}mlGyz)*K790#BgO{m%4Z`gv?Dn^1!c|;;Y`xj*n?%`D6=t ziuzs4$(~xHzqJ`68~$0b@G#|nDtx#shk%mwkd zV|?rUz%WdqAvuhV!gVtO_?gddy8C>sjl9L&4Zq$p#4;pN-Kfhbxg- zxq$?f5Om!JNoj&>Y699yTV<$Gszq*1EP>Vw(Cwp@3@P>Cn1Q*Wsn!Urfsg zfMzTYIic>UI$L|p58_X_2jSb(8`9Y>DNwj}&M>B~Mb)X`4^SQ^%`1H^3Jf2$3L4D7 znthohbm|9vy_^NPT`$}0MZe8ZsEZ+vRU2PoLtAT49H#Ns((#qAE7J_+iK*z z^#fbYCQuWsIg$O9R?LUIdr|ce<9BVCitym&R*1^M++4Gq9-$uH`dvlx2WCx>9f@^+ zs3=wGv7%(XEZ_CCsqaNSwStX9_3QQam$P2sHie0*h&+`YWlq76SQ@UhgeA#Xpz@6vwcZM zDQ4WSNBzXwb80-?l-*Ya9gy6aD9m}-`8!(1<8gNB&Dou#J@!hDd9JooM|E2v=R4l( zoD=m8vP17_fI1m|xhVG!{0M*74W@&2_CUOog%qar;-YspC$19iY8Jcara$ z)z=SWwUt#;&tgCyNY=JaVq2fK&n>(ss*ocdefuLHg{nb za!Ntn*<#;_M53q!?Ep{PyXNZCt!CBLHkaRrx>~fCp7Ej2@<5!Suy=J^u|%y2u|)U~ z>nC}nwdMlkkIHNv9n9WAtO+t8i(TQSnXyETX%4PTWO^^LzQ{t4j4%gMX~F{_SW4HW)HnxVmw!&75ZKl~?6!26R z3@Bn*7{+dj3TQWwjx9JyUi;J&*ulaA_3uFP;t!DA;K)@E=0U_1+n>h$)&yCRSPz8G z_{4#BGbAsy&8!$SvF9*arAg}lutW&-Z!F=CUm{=C_Iq{7i22lXC#c2R_x9KancN2tumUbOi@h=9viH)T1fx_MA2LL)=?x|Ko z&KD{Btb|*cO2RAP#)Duo;J3{j!1b;AHQ@%d`21SVRj+%4p|!@(CF%?7IQ89u_QHNE z>9RmsK?G&0@1fG;Q6|%)DRapQ3U7vJe}cd21T%}cS_IYo3jlgZHqh0bV>0|9@U^HK z712RT=v(>>$l7neWuYxL13~b}uV8A}>UTt=Wg!~v0aWd1$TBbBWqQ2)jOF9uN)>TsvI* zH-|F;hxZBJu5>Um*18CSYYC!?NQv+2!4@~W<)Lx0MAaE$t~$H#L9=9W(!h8EG0EP5 z`kJcqS*70TI_05-an|eqL|Fmt6W5sD3^5g6`^{67agMRBA=!T+dOZTs>+QAS0N0Uc zQO_Yjq#k+oaiv~1OpE1?T}79*i^i?pm|fcEk@o|uUJYosT>|)+MD&`&55N$e*oSid zIi4OmJyrmTVK7k730!I(ehsHd)#Gv9)^@E`@cizLs7cyZ5`ZH~2poC8ZSm1dp%j54 zEf7G3&0$z;V`KFeA!rQJ{T0(djjF!zL>(l(i{0G>5v^!39B789J-4k!a?h=_HgJ^5`Rvr-mES7u2VwsSVBn-pH@TjlghcE;Jtl>WU&iXt| zVL)@OAz-^vKCYb`0yoM>4p2T)(3UWwRv7{|K>4hx@|Gcy zB!uj2G!SM$WO>)3REwNQT-N~617OuG3n$DBwF$BY?t){tfmvYxc2viUIRA!1eOdn& zh5m?D?y?)q{hjeWAmc&MELs9KR*v4b@H?rxi@(15L7(IiZjo6&DpI?9u7CI8R!U+O zUjx6z+iUq208LXNoQn)3U`sHF4FmYazZe=uOUZT_nVQdlMr zJsdrQ4H=etc!Xp>lm+;*Her6~jl<@DK^TA91wj~p1Od%Du_9EV_Q8-*d3fSLMH6H_ zoUx_ONlfO624RB~h5p52suL6-Ns2|M;78t1-plzxneG2&lC5BL?>{`dKhs}d9}xC? zm~R9D>MkG%+;i&~R$J?8SIdK-u4e6dfFPLTA$Nwh)NO?kWhI3D)&uqCM|W@ZKntJ; znjnj9;g2&B^>T1$NX?`ky}c3KLp(j`Oq2!izeDF%%WT+od8gJZ^$x8Y z{-1~%wLxgOvaqo26cs<-?Z72g`JfIhfd9)b~k$L zM6aDCRUqQupL|mOaE2+2e@*7*IQLJQ{C)7zh6n5*X!5t#u0d$+(H_V$BznNX4s($5 zi;)?V6A#Sz--P&VA8Z#*fX&H$og{*Hk~SGv}l9<&=}jYvVo^%<$L>uj%Nr^I0q7zrM`UthIeLca>mr0#Kg8MHH7 z8U(fVB@wft?dqm>XgDO3zx{I=Q361v0Rk%L6g#v4s9Z2?fFrpBmoRg{gzos`&b^F# z*h0OAi1jA&odB$U%EIo)7$sc3Tj` zoTVxL66&`T)1Q-bd-iY5Im)$bLuo!G*AJS#zIC{Rk-YKUkmGISj;ryqx2q0Rr)mx8 zCsF~}N(RJ=d`Hz4E?#1mz*{0?wyKOpBnvH4U1AaJjZ{%~U4=OyxiV4c@UZfi0B60( z9r`6!;HB0i5pWR&xu;bN?RotzL)#3wh2LQ_-(6--!zTv=w-F#@8Om zPsg#Fsk;$s{?O}dBcE8r*cnbX)$ycWm+7x6839!?`md_=0jQGEO_f&uQ6-Omt`80&BT5-|MQodvb9FF zq)UuJa}v(d)+8Zt0}=Pv4Mb?-sMhZr2>MkABp5wYiV6=W|64>?F4I@A09~noxPiD2 z+(6KYoF`x3K;+2|d8r(jke`{DnbSKYJhW@j!YISvFsl+dJ;sYp_r3VFa3p=Sd-&5E za<$+2EXNazZvehB8cBg`CwH>_=~?52UOQtY(!7uR#Y$@gmn4M)gP@j7d&X-gSY6d; zh3SV51;E|kslxU{6p1)R+!?27Jnz7$Npx?{?JQU7*1{rVD~o1bXlHN#`HN^n{j@AP ztbz!qi!|UgKFRH6(JX9f@e)x@2w5giGlH3uj%F(Yinu8BxHxAVWI|YBUhzeY9J>Bl#lj+>*-?Q|DN57c=`V-q2I{%R@ z?U?feC#*%Hl~2Fi&FXY(?)y^0-1qD29Nl2+7pW@O*Ev@1)&v&rrn?8unRDM8)3&g= z)(xYuzVz%JX=Cx$(-0{~}kygIx=LjETftfkJCE8 zeI%GK_GQQYuz|Y$Ldf81M;Z3R;7V2D2h!Urhqtvu^-le6?>%0scvY$7+Zx#!n zoHtcgO7>z=R!H{3*UiPo#19XKy=TMvb3CRxt7~sv-0OGfpGaD%xFC(zI41>;D?n4) zrj5Sjy_SecE2%0mD?vW5I)lzhFFebK>$9VIIGMS6$MrcBegp$=G8Wr5-{M>w5@Vhu z`jfV$0=3VhgI^b`1~XSvF@S7f%qDgU`a$RC-HL z)MR>#{g3iT8?`J?d@(=h7fuqYdW}W__X(;SU#YxPS;XpewuRs86kqe}>lVGIXgB=I zGBb(7VlV+KbTi1)DgM9&33})``py49-Ms^{ZM%k34pSy<6Ngq^W)q-UL3{F+I=m+t!Zn(E%G>R64UgS zB%d)+4R<%$A!j97^)MJh$FT=hJn4Rq&~ZE()fE`()ulA+)oQZp#*f@E;r#UNsNdi3 zc^0Cw%)}^T=He*Mq8ehNGmy8oD=#X~Z!0ev%&RCYsyvWV#ax{lNo)zaC}RT>H05Hh z{2UVw3_;7y5IkB0hTzenWwL723zsa$Afcqw_7E6M+~@LWxX$>qx2NXk_{YWrmtNey zKljdauTo&%=X?7V?SPWpJseJ43l&Utg{`EtBsF|Q#4+6MtTe26Ek}Vc zrh@(!#` z`YdHTm8cl97*tc&saH4UhzoVl=Q;tX!(w2vi99~`i;&ax>n}p1oU(<-1G;K&T2>QZ zQ{%cj8(}5Q++X?`TY8Za$2R2CHy%&E>SNeFyXqvZ=R6lCG`q^)-R3dngUg_;kZeRc zwY=8Eng-j!=J=HDLdY+#o;HDcca=zJdTFX|nF6D3nYo6SYIVK)SXdEGVW5`QX$q$( zEISqs--Pe@nOZu1f^Ijc@sa^5z^rpEY8s{P#3EG3s|dWjzRceDS28184%s=JY$gIvM0zt?}m zBP{M5#WdsLJhdr9c#tYgHU0~AI(83BkU^(oNlbi_is{UM`xbG+s`Dx8+fkT}Sd?$` z3g?;_ZUS>O0gT&RyhQuSHd}s6b=QztYi7LiC_CLoB+Li?v98 z$@wq>P;RTv8FC&er=Oq~QVi_u<*24vAc4lTS=mOC46 zmQ$ZRiR^$atwnqN<$e0yC((sOZDO3KXQm%I1tj&qxf@(O8;lD4d|%_arC8r^{I+x4 z{5#6);9(I~h~#~~??U2Ag|3v)83rS}@m~1Su8*to#b?TV<7J-t&YA?ner+KZHAbOk z7L>i-H?Yjp#~kWGQMkfwJLk-2mO^azL)f&}R6TFyrhO3W0IM#gckQF!#?0e$%%Z*} z4Wa+;TqA&+@>1!Pt}M)J)OG@^4u{6LbW(tK(I8@!3L}b3 z==?rL@yh>AXHBwfc&DNrZu~Kj9$gnTpq)xgdYfUNb6ul13q`!oPJiH`?=p6Nn8%Ut z)z2Y$^!cY#hQy0Zt`U!($)?aC*ydxW{R>HI$*cW^(dRymGkw-V^AtZ%KYaH2b$YaZ zeCc|5D9J_cf~=As;gm@kxI-?>dl9Uy3KW&T@|hzF34F#6Uq@QsYK&<7RVrsjvw(mWSCNY-U4iZ4_uRf z8eX28F-HWCO|jaR+DV4!qdzOpcIY>piv=>wuNQVhna=T_@~G+}i*jlr9~>d@r7qs? zjL(e17ixxp2Z4LgX0%QkMGuNxG{U3mv0YU}u!t7A=MyFvtx5nyk2UIdGb3QFp7cd$ zUF32^v)_#Y2D(}Sr>oR*p?d7@08b&BrgOz3+-<XkV!v4AJNaZ>ZS>uUN@ZUA(zAPTn^wF9R=}HC(k703&*~(^hKfZmMTl@ZSOs<2Ku+GbR}c? zi@QN{ascenIu%^U#i_qFRVyI5m8V!Fqm2zyabr0~--R2~?AZfdfe>@WUTLh#REj`> zkR=%bbmK?I-O|@X+5ql=+pK^oV2-bbWjLsyHvq*0Fz2RoW63gU2-cSaVWzn@;fIJo z5OX->YHjm8nh%qfXD3k0C9ist3YcEuJ7W|H0KBtJY<@w+5kQOEzqD6Ja1m-34ao%H z1LdFi6qdb`5j16%Qo7=VfHl}=ca(EnGBPIs$-uh8L3fH`5d@w-l1bsyD_{XGhzQ^-aJW@$7w&^HmDLtJz8!%8)3D__0*(>lB_MtA*XeV66@OUU z0^eN&e(Ukh3YZWkfPR%WWNu*8+boU;d>f5RP}QavjF?fLl9Px?(O^yECOPx}2;y%! zyGFd(r2{+M9S`AXEIVALk1N18^XXZldx}L!QOksjV!Cw!&2Wvh>^@S6=$-63|o{*G<(9Fw^2k zwch6OcuHWT&<)g#UbQ9%jOun)YamF*p_~-~!M>{|gl%F`S}wwg-m5_6#eh=4ggLHj z0Zc3eSeMqh2>lmsLh$)-*qN0j51o06K(d zX!mA*vsyw7%S}`Z)&AF20$vx6s8Yz1KR%G8o3L0rt}W@ldc6jG-zF=}`Qyq0=bD*8 z_KL{_?{)JfT=)8Q^RZrY4iADmKIa~i-ppQmb;gR5(m$9AktFx~zrM9HiLcLXeeL8j zrn++3`!<*$RWPUJ^1Gvk|LQ317JxOYS8#5+Aos=xxak_016I!ZdmKh6u=VA&pB9T? zIkB>*xYb!WHrXw?HuH$HlX$WTHMJs-KJd!_VeF8`w0{ z<_oALY(ig_FE8KK(|*0`aiCIaZ_{yNb3{X15k8=4-TvjiCL=ks&e?fu^YA#AV6OP( z(tb~8x&utgmSa;NCpJ__*dp$>$Y^oKte2Z>c~`9K~DgLPhTt(((u=B+#?wkAaxkm6+eZ zM>1(Xe%NftgLIFbZ5Uj}J1EAw>Gx4^QT$;)n9dj`r`wToYvNp`Z6QW0BX9ETPH6-1 z_>2;rNhWPjV}So1HT9g(>xF8AYaekH9um#n7e{|Z$i{9Sg~RyV~w&OQWCmKDUQ;X7b&B+)!xq<7QI(&;7)Qx!L43b`bq?M;zs2r; z((7f3+}F#xWA?hrc`0vC3kZl7BM-?0LmvZPa=g8^CioPvRzP;WZj3e8CyUgC@HQygcNVP2z?Ih9#KAM`F8 z24ib@`Luq;jM+bU zX}oD5ekzP|M%uTf+5@-jkR2nv;1kuRatzoyHv#_CK0&FOOszJ7jC8JkX)eZM z9g<^n)w8gTA>9cM;fpk8v!6aB?7%lK$CMS=pMcok#$5Y`{$~*rNL=OCJP|14R1Vu6 ziIvfUdej#QlOWEjTUDwzuuUGz&yrxsl#%}95=dKFVcZT#1xm)X84&EFPg>SPb5kah zy; z6*r^4XaeKS0Y+0p6*9AOD7N8?a(TRW=7S&;18J|@v*v&DHh+`1Rco2k5)kO=yz1zC z;P)*mc5`XN=U}+ZvM3p9tmJ-H1o%2?;5KE2c?+2;&3zOH0h$Il#v<0_qb5cIS}wNh zn2h<-{2I7v)=E0Uvk@p;5^kC=;(uiBh$UuCNfFfNRb49w2YXOBnIfkFu4QYij zo8<2mqC)g2q7TmDCMRGb#S08X1b6(BF~aU&SN)&f-&Fm2KQt3Z8BbFgi%`&C1^@qd zJJ|oFcXWvCU@yF86-O7V`qv`f)X=3V;Sp%3@)G5Gm__xnR{hFsK-?u6;-L~|h$6y( z?(Zra4OAPzka|SW0!0O#K47HxPFlSW-J&vdT`!z$J;}rgVUqlLe4hLE5hqt#db*)e z%AnA=Dap|GKN#Tht**FhF~aT zlUhCqvrG;eJflV#l&Msq9IiQ5rE%`a0Q8IOi#BX6n@(`i?_~sjX~E&Un4sI-nyh|b ztX~{I-e$_+*0g<%E!C^mj=+`w33Q}vJJ6B0ytN-dz{9$vel_D{f#b0>NNPVs0Sw!7)FYDm8i=jJ zXz`HfQIj?SuY1z%#+XYK2VRV! z?2A1~h~qVxS?v8Lvn$_-`l5S&;TV(SGXMwDU#g*H9P6b{*oc687%iHV6>K`6H4_o= zegvjXbk_fxWt^}Cuh9srPqL8j76I+Q(h~R&90kL<&%wlSt3xn51x(xeHh@~U5LEOI z72rHF1m!t{*cdHr;H9TvBJ==m8eTb&9USiv%s_Ew{Q~XpsPvCrH4sKoGOT3G29ZoA z17E$tz}V*Y(=RwAwF1DF@DLosW#Nn6N&=yj^3W^m;c~K!6`X4C-MFoFk*Vig8Db{F|7+L8A>njV(KN(@fy2mcXvt;Jl<5 z-H#xEq6q#1;ozhvDz{L5K+9N3)UA8%s_1G)+FLxzUzk8AQ@=>%0XwxD7LjSl9XB0M z;nV{36I|sK{NR2EqE#`jvwgg+i=gPA+q%~~{35NZeN7XqG9 zXCNs5i+qj+E4f zhv~Cd@|O$8lF@j>i`{si8-A^?#P>w3u3E!MtnohQG=6?T{cCf36)#mIFHXFE@|_h;qu53cB0q%;AFjr$++HoZ)N|bkt#sKSbRd7g*P$*pzUwA&>TI7 zXUL@vdD>sqg4}-gY4T{=|D_TDkpMypRzg(^WkBM-UT6FILd6d>f~|!(dyp3p@o6G7 zC!FF6%nTFMWJ4$opvBdSi-W@vQv5C}LW=*E8K9M5JECCL-Z*d`S-}J_=r(yRA3lHj zY%o8-wY-$|QtGmpyu?`Ie0A5jq1NYYV`Y1()jIv~klg6ha%tTVf_d+PQolYr^D3l1 z`s`qFv2`;YcJ^~|Tz>$y$$@4Qw(B=(#)O<_Fjk(a4zf7A_@sGKX_Gg0f|H0}t8TZ? zfxkb9yU-y<=%;WtR}$==8I z-d~3t_kBNTG@Y0e3`7nF0M6%pSKSP`YhH9FXVDvNrO#&o*Bw!e!TMO(Kx!$r;4|D<2uxM;rSA3S)8=-Jw>O*jX1{Ym$2ULE zMwfeg8wjL-!52<+b9}+NJ=o4Z5^(lF=>6A~0mnH?gN7^Di`ZZK)Dzzwj$w=EJ3AQ^ z1sjjbe7;0Tzi4Y;Kku5I>3MFm7JU~xxZQrLaGXE7%ATJ+oTm8lSL@CJC-18<>J*aW zkB|FO*Q*s|-;wgGjvrf3CE*s;i%j$m3SP?fGN48I_2lMGeq->oFFA3*shP(3gmb|c zap+(ixwbrLJ0m3?l~DqBns$V@U?RnUFX0+kNPL(jp%sf|F81#4Hi3u2k?z4bjkb10 zn#a;X`p;I!^kMi%k)F3FJioX$95J1aJ)>G-{>cvUI8$`{F@Ayxm` zCH>U-pHC8aZwlQp**ue58hdo`DNVoT>1GXnez8urQaQv|pk~fnAUr6{u<$Ng)qKh1 z(XYZgxPCn#6nfgoTLZA4TgEyQmDBf3BIsE{>7P7Fd+IQjePH!PzvxS`ikA2*HL1)# z7BwVHL9#$3i6P~eNX!dkj_>{0;<7ZxU6ARA2a(tV4?V{Ee3Pnv2El8QP9-6ZN7NfhF|bhWkN}M0Yi%& zv#`>{cp!jP6G>-{SAh%klqRuj7ggQ3i&*j4|EW3fsSIqbE$l?OyHjeb4N@66L_0VH zu`5QPH?nTqV@CI!Lp-M`s~)SVl+0#E&1O=gm0&r*^6W7`Hc{4M4`AWP%46F2x^bC| zJ7)QD#BHD=KCOPcT9&e|)sEwkpgCAHS84%QU%FG1=y%kf)wOD4B0=-ap}NJWC;n73nZ(tyaA{BQ8g9OvFIP;hY?VSeiNjx?%47J% za~&+;moJm~zic+OW93j=sPNxy$au5ky&X059ktG#0X(|TEXNDDm57wcfZe@-6z58L z2EhAqk;Dz>Too7&SYqbffQ&yj`TS0A9y;M>sHSo}-y4C*Cv$0L$p_qrFCngEe*SXV z`x`MU)*4MEvu-bd1?qm)t-MYlmRq=&+%nR5JEeq($e2O9h%^x@?80sFkl0zC+3$KA z>L2=SOEi{poOKB9;6B`Ilub^5^zyI~h&>LejdJQ)%~Kz1cq1N?0PxU^(z3?AhF$mt z9#SIqq*58=uoZ+VIC8cGPq~d`0XBz&?;ugL@{vHPYMDJZ%&4Oc6U3m8_ZIFSc1Lt& zk+k<4Ie49#4O3d9Ifsl|z+S+W?jRLoM~_|i2M|wRIvg1vi58iwIQocR&XGB_}wuvn>E@Ve;-RkM@m@o#+_v~f+BSoLz92I)_@JO2zk3!t3; zbt)^J9Q9@pN$Sx#(s)E%{uiQK-?-~B(5p%M>2dCoI zW<_y|mPBvJqS~31tWuBi$J-y@wwn&{Z!rvnt67qvoRlBbgLxm{RhL~lwZeC>8d@Fd zoScdh_z^8>L6-+JVe}cNaSS<$jXV;z{V6*d>#E(w=;mqc#w*(zmg;7`dwBNFSMWu2 zKJ^?Wx_?D4rr_?~%J{Eza{}iF+!c*&cSP+kYN!{fNm;CS_{N-u-QwUQNFyk${34z^ zwmcY(UGdas_LAb7M7| zB_-&&QmWspa$7Qa8(b-+U~ruG)zi>rjwIwnhZy2{J(|>FY&*2@1PcwjN)AkIF5QlMp2F%kI&XhxtL< zcV9?Q@<6UaF)6)&=B%eJJt|IMaAgm6q(YH0TVlY}F7P&k2DX>$zsR}IPcjcm_A*eL z4J1WwyB~<}(HD?l6Xk#cmlS$KLLUl}`)_E)i8Wc6%)r>Ec@LLrkOq)OWY3-Sr36Wo zbEC;Xx9%N;Qs*dlTydW6e0F{pugCGCMrjIV`{hriab%@k+laH$dk-GMl0g#0 zPWQ?p*JjRU(N`IJTj)>TWu$l-5$AvAx#hoz7Qva!NrU%jsr!`u%r>~tlh&eF0Ikg{ zGhfuP0lNz3Ol=}-YR^udc^*1cm`U8t#>LUM*G>DTVnWT{Zr)nE+f}<;tYd&zk0}HD z)~3arh=%MHoi0mV#`~WKSiB+-$me?BA8|b&7>b5yhr&IPROsJXIa$!4Gme`EVY3~K z5ZcOxz5HqTyzX{{CQZ7QjUq$7wjvsp{DBup`kBQ&7}E)>(JRlrs7CqA*F;7=Z5qss zAO&nW_lz@0hr|*(ko5dhhVE zrRAQz+<|S|$~Gkdsz4_@+ z)SlM%GF-kW25jKRmx7&IW(eQWjG^G2JDr|KOHP1c18U+7`ifHGI*(-;XG^)wTR5tB z*AL(JQ!v>kk`C84`d z?z*GGVXshwM_&||#io2%6tql{>Q^kkV9_spjh{?jV&)LLkAPtUIJc63=<7yu{Hm|5B8#*!bJrv5)1vC8%stdrGu}%KYOOA}HHusmoFS%J&n1SKGNn5S zSY>?14X2H#nWts$Z*H5)^7LK!<@-8|4QzLT!a=s~Jdw|T~%?K_m)GR1Rr zSob`ZSS-4ai8O}A+hUUaiJtazDsG-t5w7nOZP--vr%-H?5k|s8f+oxyU;n{Q)B5hf zD{W`8=nO(}=VN4Y^9K!Cgp!xc+!5(`f;bFZr74Xj{ywfKMm;}TKO8K=nN<_iD9pG* zFWO$Sa%OHXsg~}SN@r%TogphP$m%yM2$Q){Q^kn6#~;MzzPC8kRh3*gMFAC3zDaJ_ zynwCt-Ae^42xwkRzsvF0p8O)CPEU}QHR+z5emm7<^0-88ijymw{m>>`lzYeJDl$W`g-RSFWNKi}vtSA+m0JZC{a9g_p>^}046#lrB$7Wd*=jKk z57y6EjRj<0VbkY_#;n!JP&4yjx)Bv9EG~0A+MtSQ6DRHFFa4Y-cgg75U8*!vHQ=mX zZ6GCbho9`W)suk&eF?>Uz3yfS#rLv878Brj@D+C9l~DB$&(mCiv*s{Zx*H2L@GT6f z`tDxt@{eWBlUvwEvqauB1>SxF)3+6bUOlu&rgL;SP?3_M{{rtqb(;!M@$EQQbJ<;U zz0$Fup*dwDU)KkLDb+|GN*W5YOhDcIPVI-QP8D=bxa+^;2uBTuneNitTc%w-orU{q|MLM zA$L24JU4KgOaAQk{ZUV}8~SQ`Qi27BiuohD;2@2<7Q$yRKv=lO#HPhI&Ii&ikbcCz@AI+d8>b}VmE@rmtvC|eK;+lrMZQ<=z~;<2P|?*vPK}8dvNhCjg~0Z2&0wfh;_J(27f2;mt<0+ zFona6yG18!XD1matJ;EnMjneqRK|q0x-rdGF~Z)ZR*)Z< zo}08Mf|`-!3{eW+LDj&};gLtjwd9XKfXZCpb16T4`~Q*kj=`A)UAu6cOl;dWC&nGy zwrwZ(#F^N(ZQGdGb|$txU!Lc!uj-ul>_2T6xyySuBa_Ui7nM$al?WGJ!-7gBRP zCLuEnOZE-)jWnO|5N%;rRg*7{bg)b%;(*zjcI;>nCP$NBgnoU09dN1Qb15~&hL1_5 z7TS!T;5&+ctJ%pbzNfxzT^$Juqne@+++g8-MqEhS8;;=wCfZ;|9Yh+X!m5)iH%}oC zBmT-jEm9i4BKz>%6yiLZ1{iQm`18B<87@z6bkNf+@(Mts{NNfw0r~0rtM4_FO&(a& zRI-Me!zh&ZGWGzIa1CP2F0aC*WDhQ;RIw3Gi6F;v|ERxmgG*Q0u^=>wb-Yd;KW$BD zr_3H$=H>LftD&qquH0VBxa!MR5)gJry3STNa^J4JMk z(`-{zW~X-^W>Y^*#;4Shn=a!bA==VMPp=c7+V3R=dE~k6gnc}xGEB^p89rgZYVwUj z7{vDPZVT2M#j$NKzStnAk_n@(T=SyTKuPdZ^ZU>BV#W%1{Ffl+JNWD21&TT?%FqugCOC97gS? zW{&|scUY^b^bRq7%{Pp*HRWG>UjX4ezB%>LKc6Ub2tL2xQyqOYcfPtb8B{ zn9)D8;mVj5pO76YStNkmmjrTVYRHF)r>zheIe|sc*z^blOS1n>h<&F$5s8gm{&^<) zi}aGH0+dL~_bY525273RdPNibV`Ui^r3fzTYEtC@K3HlFoBBXyc=#n2mRofvT@7Ru z4b5ZwiLLM^U8yaO{m}yrqOU@9QHUhkdaGrSRnPRV+< zwmr&D>oRKD#{!b~rbG%f_gUrxlKAh*ubS} zDnCyLuZbrGq2Pdf`5oBYI7r=CWhh~@#p1GH6vBjo0Z}#u=Lh(${k~4IV$*v2<4@3! zy)a3mo#64=Z9GIUYGGnO3RV1}=x#q$})`77xR=bjXa^J2oLDfitl-7!jJsVB+9;QdLn zjW;`>iv4Bh?y*ut~|`rE@@VnwW!mjNs0ZVVV(3tJ0=X)M~rs9_MI< zgGOR*#+`%r>R zu3XwfA2Ns{X>T_mkB~o|(u@Sn0A}yV&a1GRL3lr7^$|#Yvu-^js=6+ckzCAm0FXLm zk8WBTU0ZzeZbQyubYnk&ujm*b6lRl4u?dd?ps_#YHnhzD7LtoqPkR#P4HIxj543{E zsEG{SdE=&Zi>kwWg-n7hz~hn?%XSvZLH+Zg%7))6+2@Cte#z6hwg zAu0IKQ376b(o3);t~DL8tSgDrn-)nq5M^vlfOdGqB-9_cDTh@Q#lY=WZM0uADUrDS zvP}b$>v6B52?UwEWoZZQiSeTCKqWbc%7(9dQ3z0#b!43O!LOUASMg*t+y5J(%g)>9 zI%!%I@KrMX$A{os5u%OPhvsP)MzT4-Vc*=+O$&@u-{SYRrtlvt#vsrxB$QJ{!u4`&wiIoiqsyybEy}W%ok zIsm3$i+xKuuq_mKwU;)SV_>}@Q%wznaVq^F53s539%7gqeR^{Vh56ed@988NAnbZ| zIDsRLP)&Ez)1XI?#O& z642W#?#R(qI#^Llc6h=b@-`0m{J8k2Q*u~FLS#ZzP{?=$>SnFPo=-Kty}mEpAFPl2 z^OH4=Y2}gO-PIc!-q622s+Uv2tk&?Nq||i({DYyH1NGpke81X#~10f_z^jy1&!f=fa|MqhCIrAu}J&2Q;%NoN)1 z`z{O3-jw*Tg@5ttk!T-XU)EfA(7pQHQH_H90@4TUSUv8=W18mcKy8-3i5;7^KZ+6Y zOVJhU-in`lo*~E{!{7t~Klr6x;a#lKmq7?3aIitZd)e-uk;z zZ?gYR)P1!i?{$29dhBmD4g5UA=#AztrPA1+C;)kufBid=TdKck))u*1`l$BqnO)NucOqzTbGyRttK;3 z%WXIih39x7-B|53t{{B>QoqfhTeqMUX7RIpVs|zs?kaI4>YiKffiA8v7gySvw^?*! ztgR$ZDi=tQcheEDA9f&Tu^0BnwVBr>8aEbDQ}pQUe8;fJjatJa_%4uijdjkS}p zv7J-EcHNa!s4mO(fapq)Iui&IWlYG#d|0iG9hha9)1M^NE=>q4XMtCI(Bb8xhyX4E zVz?((nrsc#qy{bqd?ap3Noigtau;Ees5RmF4&H6}{Zm*UA!Pz73!hOijFrrAin{v1 zA=u0a2N;7->5$Wpb%w~0HxF*OgVtLQDFVo9ro1ufRM$!z;DnZ+;2*)NI>^HPr8E%p zKY5nIa~`d@ZkX5pm!jjo=|op7g@fu49<*wt-eF+Z6g@$88>Y1}qq>RZyujYt0TK|k z?L2~%c(C%aprH9%r&Es)>Sik`x~Lxrf^91yd!>}WHhs!E$bv}3kgrIO&4}U`@&`=K zXRB#cXE~xlfGVImu;rwNUAY5FI;nToyghNf|{2!ypCj=;6|6iCP&?bCZ=AkXhxY{g%j2uXI6b=kv%+w zAO$w{KkdXzUYuDif_0&xKNsB=EaW&E z0}noaGs#BY*TYQ0er-m6qS~R9{??VzPGbz2R{aM{WN)q}JWpUOb`ip~uOyd@Or?RJ=2B4sGJaP#yS+daaXn)E=KC-7K3CaJPASnmW z9}Ep*@{dQzyt~))QYKgLN5f#Qfqt)7JCI(kkmB^Of#H-vx#!;0U(4CS)eynQJ68!L z19btQrkta};8dsjj3ta+^tD9#XEO=jskjqV0Yb^G7|INT@G{5h!er z)44Vd{U)2&ed@X`4iir`EB^2ZYa-S`4Sp|na7@FNz^|;}I8{>X;?9j&i(*qJK37bo zI8~>t%e!&mgm_k&tCah@KW?G-9?mAa`#xJj0OW8(BSB;PP2N1t#9_5#k9o4{m&ted zd?MF2XszV@s46Cv2Ij@O@T1ruXkgV6u{uRGQO}fE=d}LMTAz!QJHlq7-s|5wTrZ8} z`;AtUjaIVkePRvUgS4>9{oNfYJbQiNS-+FAsa1{a_5#|>i#(;X{l`$bi)yHi7(?Yo zhRJRC;k_v9HsjV2$NTInpCp|(kMQuP-9o@rt+jcL%KFpL9t>R^H)K`+5&#$8afbxp zOC>4xjhDXm`rDVC`MLjrL@%Sv6R$Whcn5P}S>pW&R1aQuCW!K0c^)5ei!2RWS2cBx zA2J(4fJef9><^lSu|;hv0g3=uh(O#ILx=QW-q@P_tj=k+JUi+C`P9parH~;N9NYz^ zz2hVLOy(8VG$n+^XI={J?E(+J(qZ3}kKLusZ(0%Kz_G=n;I_Gg*;xn+rzMC97hfi5 z(~YpkZK72M8L@||cOOGM+NEeBQM=4UEOoYD88iAF<2l2t8t%p%Rm&Sr)x)pik`vX5 z00Ifh^-dbzF`c;wS0VdX*W#h4nUlDBiAR$9Gce_QIJgMos^r!_4nY0hx4%nIOtt>& zpI#nP!`(FHV~HTMF0CV53A7hB9_vAgP~>^sTz?PYEF6VR&f&;B_EvS(W-m>T96hYj z(;Dxr%PXz`(A|oya=INZ6H96j!-IH4dji@r%XcQ@a%j>$FYwR{ib|B-2*mkA`P7{K zzvb-Ge*RQ0*t9CF3I}fB3kX@Ea*#S%(TLYjnI9wI9b}jw2mD#caJc2Z^?1=JCe4_- zNw7lfwu#5@n~*XAH9Q+KO6@|AeRQ!=|Eq3)zgl*$QMz;wvT+)S*$>NZ?~I`%gU1Pnr|mht-EfzwD5US5g!EfIJ6e z1(4`1*D&dM_j>-g{5DVp`cKCstdMJQv)2iGHYVJ8!Bb@cJ7jY)-}zD6xM5E<0ii>p zgN@EulhYxVd=@CnD%b3w?UzXSgTW-Bo7>;4N&HvjPt+NH4C|c#Z1ml}VN}Eumywb@ zAi_?=f9l-eqTQW!f<@T|_WQ;UgkUE#1}ZW8FDOCbFZ0%M#%D{6-GrDhgcx5Ik)#WK zI-hL{d><1#<%=DfcS_mFy~F>F=Py(B3sCo`IwM?eUmo~2VaX)IjEXD4Dn=#`0=7A5 zL%$aV(T%Dp=&_vay1Z6sAVp#s1#mG;fW(ZsGC|>$n0-&EUAY6Nyh_Yty=AwO;JG$! zNpv(F~Rcyfqf-b#!GT$(ns+w5D}%85;b=djzc zj|`C-7~aOy4DpHC?KoK^{TZC~n(5v;d-${92KfbHOKJN1(?5FE-DwWS3~)~2W3z5x z4owenjb6F&eUxl#&1hq?&nm-44^rX&5;OZiXQ0M`k7`-;AJlez2vyxmwN&J_i}`b3gMM-rLM z18H@jYs$SBvHV2G1ql6Ls>|dBJ}CEuf`FQNxM6A~Hg7#8nQTPICgX-GF`N%ggEyMA zM8G&fQ@PWLN`z@TcCq#|UAD&GDrXbal$>{{56!n-x6^G!57VXm0rO^;v2+4#SXF|d z{bY(O!4L-@v%;1t-BLnlWA5j{9$33+&T zd^G9AsSaFeQgZY6X&x**pD%-+Ji&yC(m?I(H`urj377GtMEsXEA$Pyor}E74NZdyy zKzurlw4h*xm>9cpgUjmZIq(uX&fWn|O%oT{XIr@JB&onGnxrm`p*ppkZBte_vo
  1. pq)}>l!B$&+0I2I+ zso!NwG_1zcysJbXl0=Wb-_B(7mh4n!y33xwgVK;&c;q~BKDb6rc&PE{8_xsDuK=O& zc>bqUgSQ$L2s`~dPHN!J9~to(QtZ~==lGI}nSYRVf%IDO7{?Z`8XCUKKHu&Mk~N5X zk-C|x{WxKXred9-YPx$uK6Py~2)Mg^{t$7N<~=1|9qqx>1As2}et#Di9r#0<>}Zcp zHZLg#qO|rNaINC4yo@xy_)ES_te(0iXc%bcFk^zNhC7FBA~wO!9_Uc*Au*54ev1v` z&MPD~_LuZP$c-nC*=CVWT3?Y0|){?_wA=J zKKm>kFpYJ|jq6LH&E|$I@V|d;i+XH7iAz0anz-)#(y;5TmN1iyiCi=ovBxFAX?iP+ zo0S~W9sOcZHQ|iUd#P(xbEIy@kWodYpnaxB^v)-z&cbuTn~nPpF&H2?R3+O|A!;VW zPCR_+LKoHVbBhUY3_kS;1tchcZwe$_mxebzG{I>4IX3hgS@mYvA#}b#&b~SO5gx1< zc`sny8#+$TJjGS)AO%;fY8axRoa86mem1v)rzBTAwJl-JxA%tsL)W94>NsAeOg`56 znPg?mwGmM}vHCZCGJ~PpdCqsJQem8QcnvUMN3qz1b8MR>M`h zum;+RP|K3HB=xy>ADC;&EkEX#m3vu9{`)%-)VbRJz4YG;${U~T+GOc}M>ggBZ8@9e z2hB1;{x*M(<_)=D$CC~mT}GTHj~1QChxN*|;`RZ%-|kakye>(UV9S|kSlO#5hJ2Wc zT>632GA-P+-vRlij2Ym$xKbaoqul0f+Wc>*H$It%Boy3|e}J9)lc7I};+R*I0}m3r zAHtpm#;7{Oe|fDsMm`R02DT26D02qoN1TVBcsp6ehKT5`yTGyVJ`rQ&Cd0VIbESC7 zznmjMrQK4NZ9)u5ILnCOGAs2btuy>-)V6>~IcN4b0pn>*%g2(|R?vH58fsI^^bvkH zq66KmeLLDZ#s>!eLyJwpTPO*9CU*OGF8y~YCWiK9?f0LElZC1EVSwGg1ECNMtDy1Cn#MLfLE>fx`%PF z-JE2S9qMNw3WVMxT?5w;n9LC${-fDLHQYmBFa}*B;AqJx*5B3938V^)=R-%5!0qjq zpT7XlCUlz_xq$6fSi`!YXZZ)Cx{MO>NQ*dP5DzTKJSPe6mpQ(M=T- zy))BYX|=n#;y_W*U9A|i{#})@$a&%-JcEnWw?d%I%My)(!4)>l8r8|Ja%GQP;jPl=nIN&_5)W#tvQbkSiQa&IasBXOWji_X$Fw=5 zFe?T+t9SbrCMQnMFpImF=kOA~eiwJp7@F^GJ~Y;Eo&%MmerVDvr%K>o~I(TOfV774(%dKzHW2$jx^46n~_|6%U|M~9)$=NKfutyHBL?bU3f z4M~Z&E$qbKh*U*`JB2s|(()I6>*C?xw0y131|#3Gb07V6Up5EF4d$EPW3PyzL6@75 zJ6#x8!)8bdWCE)@>vwiE{~LRw7_L617bc)lcg~fSdu>QMQL{Y^ql1C0O*${@T`@jI zFzxUDLJ14@3c3?Y-d{#O&6L1v(I3 zETsU2uGmq_hj4RnSv}+U7~i6kW&}F1n9IW(C~GcE5l%oCK{_^orWH#)i}`*ix;(!6 z`D_?hAi%~Y1@{*q`DCs+QO0{TbKqn9I>V__0d+E6sFvApcphJlPfcHxN_ZMP^=vZA zeB9nJy5k+h6c?4S6w3&1!x}{R)B_BI&erI#mgb7{KPG*-LlsRStfz$i9OusFE$78q zNqGFa&ijreWh|*X<7riLj>~CDzxHV2X^9o4Bwj-C?+d#Np8J|ILiYVFE zL*Jwl+#ZI$sm%3QBmy!Y_iMdiWR)p+=dPxPZPbC;+u=ymf@}+0J^JQ~) zV1lxOh4I;KKl^4(`Kdbi4->v;c3E?3b>jDjeZG@p9h1q&fQ_b!MH_=49R?~z#8Anq zXLhV-`HDw;h?U(w&SQBV_f3}P~|Hq=2Rl{pNhZonsij>uFK61 zv^-p+4k52~z(3`7MI2T|Gf@G)Bo}6(I~PbFmJ9?x`u@w$Nx# zZ)>L$PX&=s^~!NyGj zJAA9s26W=NySbN9MD0ib`sn-xSr&!f8)_eB4_IAB;Qe@+(rR$g#rWr%>8}U$XjZUg zj!IFl1xbqQ(nCG4IBO}frc!1B;Sbj8#7)RLuDH`;F*X!SGnR}_TKYhHfEez~8q7#N zXVqEHk?1{yI~!yC@|t3K-B9~9rT@uY#S!MJ+W5f;E3>pj#5=n-Q$T02NURRCT!gBd zNPg|Lk6(8QMD1#|0QVGqA5?$!P;w>+ymfRJ&1Lnl`N}p>H)^O(-`-ee;oKu*Xd0uC z;a5_K@QTCJ?c`MusN~XIPvM@N3k)idsl5|s_C1J_oe}!Wao_NAg0iIrbS5;zYF{TH z%;ZvpohaAz8f6>teO%#gFjM^*Y?v^J)Sz^BY4>^XVfTq}PRP9T!SFYy4( z4)@p0hKHdFAj38kvQ5=WM74$f(yNYU4d0a}QR%0z7RrtXm0PTvs)^;n{)}@hQpO9< zwPB`)f%$47%a~ZW7aDI=dshYKaY)HW3|I)dy~W)oLsQsm({;DL1OTT zx74u8FeCKYeGV!ndO*w&rsJ`cid3>RiU86lvj#_Xm{#&{CX4mHzgmF415NE3i(YmpA6=J_pYL&H(xinWE~abSgDbY z^dRsKo~nF$Nz@;fgq&Y4yGAyTs z_sQXXFih9X$(6Z#cI-+qw6}lIRGHJOlj0a7@G~|Hs2+GQHh78`~=r>?)k)v8^5_1ZX5FUo8Ew*c-k9;Yia8A;9(M~g0pU8b0g2?N z&N7O=^xJK<%GqlbBmxF=Xy?e)j-qP~|M1@tqf6A5ipRDt_#|B;FG~mOs=b!n+7h`W z;5pBNzDyq~ zk2~+FLXMKcXvhnYnR3-DIeMs-W9`dmuJhuyB|Sg$0smOH85ql46_h5Ol#8ye>h@#E z=&dh(eCGraLg#|6W;W9k=bGeS>n?#uROL^j6t?3odbdHQ&W8e?WNc@7wVfvObD5dK z-7>CHwbYmRh*vzrq}-mhxl|*F~w2wJOhiHV@_NaL6`V>6EI!kPX~tbD7Z))~r;l4z04Y)$WS!6!a2qkxnq?57S%{3>G5@y= z!De2oEkD@+Y)&z#i?RR2&ni#(ccSWQSj=k`RDiDUIJe8xsqw|yDjwJwE+sj?&N`Za z)$dD82sf}t?=IY?C)VyrmD8i~wege``;c9_KVXhv;P{_FII-W&Az3||mMGfKbwk=? zUF7x4Y5rL-6EYAIH%FjXEo6eBviSLHC~?cSdVz;QMXv~;u{X)RxTU(!uFUcEAE%)4SnubjWSJMm$a zE{<{!&fygld^`ovInv~NkIuihSYPj0^|6lDzEt0#5hma6&L0lmjTzj5V*EKdJ)ay4 zz8U%fRfMKa7xLd%E)||YH0ez1gSgmMcVa|1-)nq%-Tzt*3h-8K%KF)|)?2~IQk02U zITkQ6c*#r7MvApU((X9p1v+EwYRTf0 z)Pvve97}fif6@1z;z?Nzijr-!2{K5RA(ihaplO%b+Flsbro7Z;4vha=_qVA?}^qg<4O_z^K6> zsC~_kN?j+4l$s(1BZy}mr_SAk1T(~4KKLTzbJuS`<}q`kGcNd%s+E2Y_Gd`b$_hs(UA<>zijm&J)M@<%_NUim%n4%r?y_F zp6mGFrDHwE6ZUR@oEQM3DeK?q?pu7`US}ReS9*2mw=DK`-KSrS((z*?|UYy$gePS4`9S%wID)X(s%jk`MRsF zFzCm+PVVa#NHXsJoa8_mROf8*E^*C6$H4i!2UE)@jV%gf_)JMX`;OC|w#x(9_YOl$+Mr;f9CetG{>s zWo1Oz=_m}7C>txk%YK;W`x--)5VLKWyLxy<->9dRK$0p>pdouHyE3q)k+#m$qr;(T zDefC(g!=Qz{!&!>&O(o>WGihHvAiO};$({TJ2G>`M;G5vC_p&kN&E*5CXWJ(li|4{ zXX8F;X*wa+5A0$qU{YKG0;)3fe0&DepAKE|5^Y9X+ELS2i-+&*uT5Ybc#yw+%g{hl zPiDaIf!R8-+v3il*WibOFfP57ds$R%E=0U%q~iM}x=Dy`LWw$H1=6w^N7v z+?<+i-_NJJ*W*-$?`WepS7$&$-|n}G=YMZZz@6`-kq`bKFLx8iTy`Nd20MCwA5WLh zK%e)g^Y>UHf4|qa;~oEhH|@e-UmK|g20hJ!y&ngcD?7cup0BUxqew(OpKqs^Q;&~> z8wML-8au$}uc=fI4Z)8^{|@i_iO$N-%u24@b^Dra_t~2d-(PpJb{;^!T%fP3pgN%x{6KZc) zbpD?agam-tm;wojxx&Je|4}=l^K(ZK;scOk3ZNzCf(lRil^%Afz5lDeA^<$c6!=KY zbr+s&E4f}%cX*(0@d6|MN6#xUmtA-=t>k)4-Qj}1#S?Lb5BSG!XpHmy_J}Fak(jG4 zJXuz9J*Vz)L*M!tVNU>P{r}Y?O0Ear3l91gcZ5AYfGef|Phu{*@Z`U0Tzo)Kp`{}_ zLQFxw5<7PUl*HUF^?#Ko>q@Sd)W8mRbUogP8UnydOo5HWTyx>K9z9;vQxl7o56?RX zf#>^Y(L!{xG5_yc+?_487iTbEW};I-U?iGu+HL^^7I_0T>o~TUuWT1S6>DI1W?u*xkP+1};8!HL zF7|E#2o^*ec3%hxBbX!Tuls+~pS;)CS-tn4(~rC}*Z95n@6(sOwbxla_pj4`d1J5f zd+wj7w|E_{v%2perijLH!0h9TXXbX6qGaAq> zr$U-&s_gmI6$4~m@}wbe4n$lH6rICi6Q*T~T$158(Me*->*xV=fCzX0d^M@c5TaMD zTk=#G)(YeNjzZ&jM+szAq{KTHY9{I-LldTx*s+Xg%OoQe z!H=Sv^krfL4-$DXAhPxh+IHJ49+m(XYIJy4B`T^P%7VrkF$>xG{h&g^cI*&&(*s0! zTw4U~xW;!tVF|{g6SEzxDMQALkD?&nGwSi#r`)D#x4DFQzj#egl6+_a-7x2R2UbU-xpHO7Gf4lRMW(218|n2qAJ`AE4Iq4xhmG9 z|0C)}~!TTowOS+v^uB-7ZmYKT7=~8kUvknnU(nI6~HjcbEQ+;jhT1B?ucY|t#$U(zMVcY#T<;Qib3YCtU*9A&*m=v*6 z%4Lp_Kq+0ywi|^B>!R}E@7)vDy9eb%o$U`B$z{?C+jGB^hLx8b%eXMb+?{MCWTb4ECvgyb9E$Qu_)ml6e zX7wZG>`p>H9!b^%$S!=Zo_t28E~7v*AUbiU9KlR)#VoS&lk{T}Mvsm(otss!a$|#= zmH+I@Q}Tx@S{^om98x9*5P}RCsOkbe zTxos{rtD}F%8tN-q9{2Q7syLVe#ZMl+40{znYLn`L#hB zEDL3nT-=KcblTFbr^IO^wTW%FEBxra@#sV)DsgctM1wxl#|@5)pTMRD13)WW!Ts!k z7;Os%lbwiGgl_|17mghWq|1gTkj)6i9zwkhkNCpjY6dHXpl+B=*H|O?#g^-uVii%} zWX&rC)IkO#2>LdQTdpr5p$r!T7P=ZdYLu+4|0JIh18vSMh2U=d2^IfG9WAd;n}U@R zlCDxzIg(HLUsFBq-#O|dWKq3=v+$M5-(Q;S*>`0E~zrBqu1hCw(=L*rH^jtz4$1%f&SM0-nRF@C0$>pb`v9kB*g z!W)%rb%}a3A5&QLnI-OD8uX=)tf(xQMhm4R3LZ_0EPHbTC}7U)k3$6Ldc_HHyBy1% z-nQhg29NAxhqEYQ?LgH^>7^KwsjVar;{siJYAs{CG+A~c}JL32CDaGyKJPxRU$ zZ2!M**inCMtSFo7u=ue{@I+;0HF_w%$2{?dVRWEFGcbuw)J9U(M#Uq-U8^}ZZ@Y1N zLBWZm;Eo8qwe5|R5=}3X(_Kd-G=^E2b|-Gd$ss>&9(|rbX|xJq>qj$2ax#?l_fSQ~ zZu_L|!^$)R=i;cEZqmA>Leblo{GB5g;!=MoFVAISPA!{+#}O}?8yTbZ2W1sX12$pWC7+Drb)xdK%YG0?w#z$-D6=x|kNjBp`L@3xHNW@KFhCt9r zM4it3dYutEu#wZGxh8s;mqn98uZ5s_2h6~U+eMrLBWbysGzj$4-1>|nXe|*mPtqQH z=FwLg|B(K0G#5f&sBjg&;XCK(rqr`kMJ;m7(KeV`+$%pnk%0r7MgHy=xr11_{kpNr zm3Hl%U_yT33O3PmjN(meh(}tJiE2$(DR((LW#IfN%8xkcfw#140aBuNf2gGNu_BVhEPHA+j`VokmE$@r71RTTAyj} zW*-rkM3CY6;U!looUwLz@7r!Ktfqz^%H43ll2G>3S#ie22ZT*6>9`0y2Hy?_7xie> zsOT3sx*X9!^i54Z9MqzH_i~PrNY!rZ9PIOC%Lo+}j>q=d#^Ow#r9ua0AaA6z za=qBa-AQ&~ZCD*3jnIf#rr=u11U{X)B7D0%SV0zem;@4{&roP$9Ro~nPY=nTC`40lt(TPK7+6~bcLbvXokorMeE(iiWP2G{ zjjp4#Ezn{zThH>yNnFHub%BBmBv-+YusTzc-}41fM1~m+U9#j;}EJp?tzg z&<;w)#agsGG9E@E3=6bpW8vE6Q~Dm6)fCBtAmtJEhETibfVV3K$0I1@b&eJEewKrP zqbQv%anh`0Q@A8v9xacT%!zAW z6-po^s&T$T7_L~fKk&Zv)x@P6h7w&?#LxEA^ZW&PsI+mwgNxRQc1UndSgH1Xt^@m- z=*GwUOU#t77CY9!Kltbktj!-@JlFA)It-l-zwPU7)QJ6&$6xC(HQG9m&diDK^i-PQ zFdC{=9ru@J*>Mva;)(ku`&wsE3*%z^wxtT5+B0Vb$b~C|LkQ}qJhi*@tcHLlvjE&f z4dx+`$JQN?5)@Z!c&JV-P?eO;G$cT~W4mam8y*@>3lA4P>aeJ|aZ0Rc+jqve=)QTf z5ezp~VO#Wsr?;aS$9IHYwk@8}vQYdPlF>~E3C26sX%C?(HSA8?P|g0>Rx*7%eq3XU z%$XsiI}4x4Ts0=fI!M<5LGA$#xf5rvJedrP$e}A=6N%1<2I2klb2U3e-YP$RCfU`n z7%mkLr3Yn?myjqeGP$J5y`t^PR6@N2SeIzbI251#aV3pKsliOf%X0=f?KV0nLoSuz;DnD%tz!Ece%U{rx;`11&Pn6SCvR48^ z65FoR{2V|#R*cyvW97wr{j~zIn;XUVnj3v_BcI}vAMV;87hyXb>JIzhCdvzdjWLfH zgczg3gr}g%6>61HwIvVYB{-L-bSCKwt%+)KAT!e8E(-|S;xUCN)?yABvW;%C%HOpm z$wcg*jxbMl4ujkg;st1J##F>oA-V&t0S;2}V~BKiMP_twAU~HwzP_i46~iC&H&)gm zyy8^4&@^IF-tl#)h8DCfy7Ir%r4T0Icop!M?xQB8@^)epHC)-S+MVwD%Gy5Yb;@J@ zA4z=fOfILoYXw9S(yEVG#WGD&a?UIBk2Pozot*i~)_%JiO=e9tsgzPm$3ei9MHNXj z1t~Sxh3XRg;(JxPa~krC2^%uH;r34&J3z5zp&*4{YZ9otyVWz@U!_lE3?oxmKN>rg zBFi?x;_6=2sZ*H8bNX`MMXw5M6#_bLCa_d#5aEI*YR+!VMAV(H0>X=mgNSlZ)OXaV zN_`r+kXXYQ)e4mioQcSylAl1^DvIcEwahjeoa_1G%XNT+q>5EpZyB2sP3D<#!9q>> z!$xjGs02h0NlF3qcv2`eO>5H+{CfWzg_gL8&f6r-{^3==ZjqK#g-BjPE1ObM_nlzG zPf9H8D2;&GM#;w$Po*W`}{_Kv{ob zWq$limGL^0`K_4YO%-T*VR}wbrb-+wHhr3o(V9IBPE?Q+( zasMoLGX6()z}{ChJ1G3k-%+7E0}8#o9u2j?UMMJWvGfeOy2WnkbZ^n>RCe}${o$Oo zd}N2^=M3?P1y_v35|!D8p8;)qr4*QIng+qPbaaEih&B7+MIjOBh83n%qSA9!j!IvDzoQ;Mb-bx;rx`&QZmFeXr-DV|A63wSa=4|*1L zPspJ=T#J-sf!@DvtIj1vz?jSx|MLV-s_D6j9>Bmbdy!UxorD@}xH--`w=i{!Qa^vp zs|2F5DGvK3rb1U!v%>Neu}ZUlfvq`kGme`fJX+uKC?1?^-sg z`Jwtpy1aX-ZGYHNnZQpT*vt~C3@-<=m(mxz_nS?L=;AZ?VNi_pU7FUut`CzhRd0@%m#sotSAQp(7*8h6+9c`a#7w0#`KhaM)NV5D|^%lK<3m%N^oARsdcp#RH`mioUaFi&tMuvPj0%98();WhpvCn{<{rkW># zBjdv$lQsB!d*6-F{&&qd`v0|B^!%;|7AR9Z1r7q@1Oozs^M5uEl>9D z^|m1M%{BVX^?#$LE&q!${tt=;N^aKp`&+>{|2Im};TwgQTI2QIF5uN#y%r=0$S}hH zMxA>9m+R)63(x8I;pKN!XOM~i2j!JY>4D@9$3ViTbZR z{2y5^{XcSITsmZG%Xf#QlK6n*f(aG;7og(v4Ztb?ubkoY-FBj0syaeg5D)t^i#Php~CKV+(S%J;`LFa`Y0`lfNG{ogdm zfBs9;;tP%esV$-{aF{y#ErJ~^{#X6~b#eYNOHhoC@tZVO-RN~dkC#4R}MVw<6jiq~~B*xM+kV$bIEq7+35l_bWT?q^$@m&yyZ(GFNXWaU>G zcwtx7)dR09%EER?xUMx5Y_m9NF};FKZpg%XCz!OQqec@KThy`bgcDYaN0;MlJD7tm zSSym#qhmaqE|%dNE~+9egOv*zq)bZ1l*!7x3^1D*HnbDuu3-3O1$kfXphq#BC5+hW z0)twB7u&%u3bUm}!}1O&5!M`rzjA~DKj@&`C1zG4a{4um!SDo4mv=&;YR4U&@S<4E z$K#!_QhRu;-lR}6;@)Ye6|YI>=YyPL{ri+J9ArQVU!w#w77qPit8Q2rlb5p046&hj zIA$35c?58Uo7-wa1oRlA= z5;)9?sfz;e2t%EOk)skc40pjA5&DQ{mQ7Hg++mjHMGyE17It=ts z`G1_0O0{U1=9%Yv$+mlj;nobx0!Wcs@qg`@m$5e*L2MT;);}V_dZ%%=SRO_VDjsC`wwK;rriliwDZoEf}O9@y{Io zuO!E$J|7vrO$9vF15aYa2gRx9(?Ho% zZ{4}ArS|RGmRfvfH)LRmpL+dhIv(;vE;jmU^*$W+gH6@r-+ri62l1rPy@G`W1H8|LeW2ufKh+vJ$f&c{{RSyXX^j} diff --git a/cd3_automation_toolkit/setUpOCI.properties b/cd3_automation_toolkit/setUpOCI.properties index 3015657bf..f5ae7405a 100644 --- a/cd3_automation_toolkit/setUpOCI.properties +++ b/cd3_automation_toolkit/setUpOCI.properties @@ -2,7 +2,7 @@ #Input variables required to run setUpOCI script -#path to output directory where terraform files will be generated. eg /cd3user/tenancies//terraform_files +#path to output directory where terraform files will be generated. eg. /cd3user/tenancies//terraform_files outdir= #prefix for output terraform files eg like demo diff --git a/cd3_automation_toolkit/setUpOCI.py b/cd3_automation_toolkit/setUpOCI.py index b104c926b..1fcb4919f 100644 --- a/cd3_automation_toolkit/setUpOCI.py +++ b/cd3_automation_toolkit/setUpOCI.py @@ -388,7 +388,7 @@ def export_network(prim_options=[]): # Update modified path list regions_path = export_regions.copy() regions_path.append("global") - service_dirs = [service_dir_network, service_dir_nsg, service_dir_vlan,'rpc'] + service_dirs = [service_dir_network, service_dir_seclist, service_dir_nsg, service_dir_vlan,'rpc'] update_path_list(regions_path=regions_path, service_dirs=service_dirs) def export_networking(inputfile, outdir,config, signer, ct, export_regions): @@ -404,6 +404,7 @@ def export_networking(inputfile, outdir,config, signer, ct, export_regions): options = [ Option(None, Network.create_terraform_dhcp_options, 'Processing DHCP Tab'), + Option(None, Network.modify_terraform_secrules, 'Processing SecRulesinOCI Tab'), Option(None, Network.modify_terraform_routerules, 'Processing RouteRulesinOCI Tab'), Option(None, Network.modify_terraform_drg_routerules, 'Processing DRGRouteRulesinOCI Tab'), ] @@ -423,16 +424,9 @@ def export_networking(inputfile, outdir,config, signer, ct, export_regions): options = [ Option(None, Network.create_terraform_nsg, 'Processing NSGs Tab'), ] execute_options(options, inputfile, outdir, service_dir_nsg, prefix, ct) - - options = [Option(None, Network.create_terraform_seclist, 'Processing SecRulesinOCI Tab'), ] - execute_options(options, inputfile, outdir, service_dir_seclist, prefix, ct, non_gf_tenancy) - - print( - "\n\nExecute tf_import_commands_network_*_nonGF.sh script created under each region directory to synch TF with OCI Network objects\n") - for service in [service_dir_network, service_dir_vlan, service_dir_nsg, service_dir_seclist]: - if service not in service_dirs: - service_dirs.append(service) - + print("\n\nExecute tf_import_commands_network_*_nonGF.sh script created under each region directory to synch TF with OCI Network objects\n") + for service in [service_dir_network,service_dir_vlan,service_dir_nsg]: + service_dirs.append(service_dir_network) if service_dir_network not in service_dirs else service_dirs def export_major_objects(inputfile, outdir, config, signer, ct, export_regions): compartments = ct.get_compartment_map(var_file,'VCN Major Objects') @@ -466,11 +460,11 @@ def export_dhcp(inputfile, outdir,config,signer,ct,export_regions): def export_secrules(inputfile, outdir,config,signer,ct,export_regions): compartments = ct.get_compartment_map(var_file,'SecRulesInOCI') - Network.export_seclist(inputfile, outdir, service_dir_seclist, config, signer, ct, export_compartments=compartments, export_regions=export_regions, _tf_import_cmd=True) + Network.export_seclist(inputfile, outdir, service_dir_network, config, signer, ct, export_compartments=compartments, export_regions=export_regions, _tf_import_cmd=True) options = [ Option(None, Network.modify_terraform_secrules, 'Processing SecRulesinOCI Tab'), ] - execute_options(options, inputfile, outdir,service_dir_seclist, prefix, ct, non_gf_tenancy) + execute_options(options, inputfile, outdir,service_dir_network, prefix, ct, non_gf_tenancy) print("\n\nExecute tf_import_commands_network_secrules_nonGF.sh script created under each region directory to synch TF with OCI Network objects\n") def export_routerules(inputfile, outdir,config,signer,ct,export_regions): @@ -883,9 +877,9 @@ def export_modify_security_rules(inputfile, outdir, service_dir, prefix, ct, non options1 = [] options1.append(option) if (option.name == 'Export Security Rules (From OCI into SecRulesinOCI sheet)'): - execute_options(options1, inputfile, outdir, service_dir_seclist, config, signer, ct, non_gf_tenancy=non_gf_tenancy) + execute_options(options1, inputfile, outdir, service_dir_network, config, signer, ct, non_gf_tenancy=non_gf_tenancy) elif (option.name == 'Add/Modify/Delete Security Rules (Reads SecRulesinOCI sheet)'): - execute_options(options1, inputfile, outdir, service_dir_seclist, prefix, ct, non_gf_tenancy) + execute_options(options1, inputfile, outdir, service_dir_network, prefix, ct, non_gf_tenancy) def export_security_rules(inputfile, outdir, service_dir, config, signer, ct, non_gf_tenancy): @@ -1226,7 +1220,7 @@ def create_cis_features(prim_options=[]): execute_options(options, outdir, prefix, config_file_path) def run_utility(prim_options=[]): - options = [Option('CIS Compliance Checking Script', initiate_cis_scan, 'CIS Compliance Check Script'), + options = [Option('CIS Compliance Check Script', initiate_cis_scan, 'CIS Compliance Check Script'), Option('ShowOCI Report', run_showoci, 'ShowOCI Report') ] if prim_options: @@ -1715,7 +1709,7 @@ def create_firewall(inputfile, outdir, service_dir, prefix, ct,sub_options=[]): Option('Software-Defined Data Centers - OCVS', create_sddc, 'Processing SDDC Tabs'), Option('CIS Compliance Features', create_cis_features, 'CIS Compliance Features'), Option('CD3 Services', cd3_services, 'CD3 Services'), - Option('Utility Services (Not Maintained By CD3)', run_utility,'Utility Services') + Option('3rd Party Services', run_utility,'3rd Party Services') ] export_regions = ct.all_regions diff --git a/cd3_automation_toolkit/setUpOCI_jenkins.py b/cd3_automation_toolkit/setUpOCI_jenkins.py deleted file mode 100644 index 55cc36fd7..000000000 --- a/cd3_automation_toolkit/setUpOCI_jenkins.py +++ /dev/null @@ -1,1172 +0,0 @@ -import argparse -import configparser -import Database -import Identity -import Compute -import ManagementServices -import DeveloperServices -import Security -import cd3Validator -import Storage -import Network -import SDDC -import Governance -from commonTools import * -from collections import namedtuple -import requests -import subprocess -import datetime,glob,os - - -def show_options(options, quit=False, menu=False, extra=None, index=0): - # Just add whitespace between number and option. It just makes it look better - number_offset = len(str(len(options))) + 1 - # Iterate over options. Print number and option - for i, option in enumerate(options, index): - print(f'{str(i)+".":<{number_offset}} {option.name}') - if quit: - print(f'{"q"+".":<{number_offset}} Press q to quit') - if menu: - print(f'{"m"+".":<{number_offset}} Press m to go back to Main Menu') - if extra: - print(extra) - user_input = input('Enter your choice (specify comma separated to choose multiple choices): ') - user_input = user_input.split(',') - if 'q' in user_input or 'm' in user_input: - return user_input - # Subtract one to account for zero-indexing. The options start at 1 - # #return [options[int(choice)-1] for choice in user_input] - try: - return [options[int(choice)-index] for choice in user_input] - except IndexError as ie: - print("\nInvalid Option.....Exiting!!") - exit(1) - except ValueError as ie: - print("\nInvalid Input.....Try again!!\n") - options = show_options(inputs, quit=True, index=index) - return options - - -def execute_options(options, *args, **kwargs): - global menu, quit - if 'm' in options or 'q' in options: - menu = 'm' in options - quit = 'q' in options - else: - for option in options: - with section(option.text): - option.callback(*args, **kwargs) - -def get_region_list(rm): - if rm == False: - input_region_names = ct.reg_filter - else: - input_region_names = ct.orm_reg_filter - input_region_names = list(map(lambda x: x.strip(), input_region_names.split(','))) if input_region_names else None - remove_regions = [] - region_list_fetch = [] - #validate input regions - if (input_region_names is not None): - for x in range(0, len(input_region_names)): - if (input_region_names[x].lower() not in ct.all_regions and input_region_names[x].lower()!='global'): - print("Input region: " + input_region_names[x] + " is not subscribed to OCI Tenancy") - remove_regions.append(input_region_names[x]) - - input_region_names = [x.lower() for x in input_region_names if x not in remove_regions] - if (len(input_region_names) == 0): - print("None of the input regions specified are subscribed to OCI..Exiting!!!") - exit(1) - else: - print("\nFetching for Regions... " + str(input_region_names)) - region_list_fetch = input_region_names - else: - print("Fetching for all Regions OCI tenancy is subscribed to...") - region_list_fetch = ct.all_regions - # include global dir for RM stack upload - if rm == True: - region_list_fetch.append('global') - return region_list_fetch - -def update_path_list(regions_path=[],service_dirs=[]): - # Update modified path list - for current_dir in service_dirs: - for reg in regions_path: - path_value = ((outdir + "/" + reg + "/" + current_dir).rstrip('/')).replace("//","/") - items = glob.glob(path_value + "/*") - files = [f for f in items if - (os.path.isfile(f) and (datetime.datetime.fromtimestamp(os.path.getmtime(f)) >= exec_start_time))] - if files: - if path_value not in updated_paths: - updated_paths.append(path_value) - for script_file in files: - if script_file.endswith(".sh") and script_file not in import_scripts: - import_scripts.append(script_file) - -def fetch_compartments(outdir, outdir_struct, ct): - var_files={} - var_data = {} - home_region = ct.home_region - print("outdir specified should contain region directories and then variables_.tf file inside the region directories eg /cd3user/tenancies//terraform_files") - print("Verifying out directory and Taking backup of existing variables files...Please wait...") - print("\nFetching Compartment Info...Please wait...") - ct.get_network_compartment_ids(config['tenancy'], "root", config, signer) - ct.all_regions.append('global') - print("\nWriting to variables files...") - home_region_services = ['identity', 'tagging', 'budget'] - for region in ct.all_regions: - # for global directory - if region == 'global': - file = f'{outdir}/{region}/rpc/variables_{region}.tf' - var_files[region] = file - try: - # Read variables file data - with open(file, 'r') as f: - var_data[region] = f.read() - except FileNotFoundError as e: - print(f'\nVariables file not found in - {region}.......') - print("Continuing") - - # Fetch variables file inside region directories - single outdir - elif len(outdir_struct) == 0: - file = f'{outdir}/{region}/variables_{region}.tf' - var_files[region]=file - try: - # Read variables file data - with open(file, 'r') as f: - var_data[region] = f.read() - except FileNotFoundError as e: - print(f'\nVariables file not found in - {region}.......') - print("Continuing") - - # Fetch variables file inside service directories - separate outdir - else: - for k, v in outdir_struct.items(): - if ((k not in home_region_services) or ((k in home_region_services) and region == home_region)) and v != '': - file = f'{outdir}/{region}/{v}/variables_{region}.tf' - var_files[region + "-" + v] = file - try: - # Read variables file data - with open(file, 'r') as f: - var_data[region + "-" + v] = f.read() - except FileNotFoundError as e: - print(f'\nVariables file not found in - {region}/{v}/.......') - print("Continuing") - - compocidsStr = '' - for k,v in ct.ntk_compartment_ids.items(): - k = commonTools.check_tf_variable(k) - v = "\"" + v + "\"" - compocidsStr = "\t" + k + " = " + v + "\n" + compocidsStr - compocidsStr = "\n" + compocidsStr - finalCompStr = "#START_compartment_ocids#" + compocidsStr + "\t#compartment_ocids_END#" - for k, v in var_data.items(): - var_data[k] = re.sub('#START_compartment_ocids#.*?#compartment_ocids_END#', finalCompStr, - var_data[k], flags=re.DOTALL) - # Write variables file data - with open(var_files[k], "w") as f: - # Backup the existing Routes tf file - file = var_files[k] - shutil.copy(file, file + "_backup") - f.write(var_data[k]) - print("\nCompartment info written to all variables files under outdir...\n") - # update fetchcompinfo.safe - fetch_comp_file = f'{outdir}/fetchcompinfo.safe' - with open(fetch_comp_file, 'w+') as f: - f.write('run_fetch_script=0') - f.close() - ct.all_regions = ct.all_regions[:-1] - -################## Validate Function ######################### -def validate_cd3(options=[]): - choices = [] - choice_items = [] - for opt in options: - choice_items = [] - if opt in ['Validate Compartments','Validate Groups','Validate Policies','Validate Tags','Validate Networks','Validate DNS','Validate Instances','Validate Block Volumes','Validate FSS','Validate Buckets']: - if opt == "Validate Networks": - opt = "Validate Network(VCNs, SubnetsVLANs, DHCP, DRGs)" - choice_items.append(opt) - choices.append(choice_items) - cd3Validator.validate_cd3(choices,inputfile, var_file, prefix, outdir, ct) # config, signer, ct) - print("Exiting CD3 Validation...") - -################## Export Identity ########################## -def export_identityOptions(options=[]): - service_dirs = [] - for opt in options: - if opt == "Export Compartments/Groups/Policies": - export_compartmentPoliciesGroups(inputfile, outdir, service_dir_identity, config,signer, ct) - service_dirs = [service_dir_identity] - elif opt == "Export Users": - export_users(inputfile, outdir, service_dir_identity, config,signer, ct) - service_dirs = [service_dir_identity] - elif opt == "Export Network Sources": - export_networkSources(inputfile, outdir, service_dir_identity, config,signer, ct) - service_dirs = [service_dir_identity] - # Update modified path list - update_path_list(regions_path=[ct.home_region], service_dirs=service_dirs) - - -def export_compartmentPoliciesGroups(inputfile, outdir, service_dir, config, signer, ct): - compartments = ct.get_compartment_map(var_file, 'Identity Objects') - Identity.export_identity(inputfile, outdir, service_dir, config, signer, ct, export_compartments=compartments) - create_identity(options=['Add/Modify/Delete Compartments','Add/Modify/Delete Groups','Add/Modify/Delete Policies']) - print("\n\nExecute tf_import_commands_identity_nonGF.sh script created under home region directory to synch TF with OCI Identity objects\n") - - -def export_users(inputfile, outdir, service_dir, config,signer, ct): - Identity.Users.export_users(inputfile, outdir, service_dir, config, signer, ct) - create_identity(options=['Add/Modify/Delete Users']) - print("\n\nExecute tf_import_commands_users_nonGF.sh script created under home region directory to synch TF with OCI Identity objects\n") - - -def export_networkSources(inputfile, outdir, service_dir, config, signer, ct): - compartments = ct.get_compartment_map(var_file, 'Identity Objects') - Identity.NetworkSources.export_networkSources(inputfile, outdir, service_dir, config, signer, ct) - create_identity(options=['Add/Modify/Delete Network Sources']) - print("\n\nExecute tf_import_commands_networkSources_nonGF.sh script created under home region directory to synch TF with OCI Identity objects\n") - - -def export_tags(options=[]): - compartments = ct.get_compartment_map(var_file, 'Tagging Objects') - Governance.export_tags_nongreenfield(inputfile, outdir, service_dir_tagging, config, signer, ct, export_compartments=compartments) - create_tags() - print("\n\nExecute tf_import_commands_tags_nonGF.sh script created under home region directory to synch TF with OCI Tags\n") - # Update modified path list - update_path_list(regions_path=[ct.home_region], service_dirs=[service_dir_tagging]) - - -def export_network(options=[]): - service_dirs = [] - for opt in options: - if opt == "Export all Network Components": - export_networking(inputfile, outdir, outdir_struct, config, signer, ct, export_regions) - service_dirs = [service_dir_network, service_dir_nsg, service_dir_vlan] - if opt == "Export Network components for VCNs/DRGs/DRGRouteRulesinOCI Tabs": - export_major_objects(inputfile, outdir, service_dir_network, config, signer, ct, export_regions) - service_dirs.append(service_dir_network) if service_dir_network not in service_dirs else service_dirs - if opt == "Export Network components for DHCP Tab": - export_dhcp(inputfile, outdir, service_dir_network, config, signer, ct, export_regions) - service_dirs.append(service_dir_network) if service_dir_network not in service_dirs else service_dirs - if opt == "Export Network components for SecRulesinOCI Tab": - export_secrules(inputfile, outdir, service_dir_network, config, signer, ct, export_regions) - service_dirs.append(service_dir_network) if service_dir_network not in service_dirs else service_dirs - if opt == "Export Network components for RouteRulesinOCI Tab": - export_routerules(inputfile, outdir, service_dir_network, config, signer, ct, export_regions) - service_dirs.append(service_dir_network) if service_dir_network not in service_dirs else service_dirs - if opt == "Export Network components for SubnetsVLANs Tab": - export_subnets_vlans(inputfile, outdir, outdir_struct, config, signer, ct, export_regions) - service_dirs.append(service_dir_vlan) if service_dir_vlan not in service_dirs else service_dirs - service_dirs.append(service_dir_network) if service_dir_network not in service_dirs else service_dirs - if opt == "Export Network components for NSGs Tab": - export_nsg(inputfile, outdir, service_dir_nsg, config, signer, ct, export_regions) - service_dirs.append(service_dir_nsg) if service_dir_nsg not in service_dirs else service_dirs - - print("=====================================================================================================================") - print("NOTE: Make sure to execute tf_import_commands_network_major-objects_nonGF.sh before executing the other scripts.") - print("=====================================================================================================================") - - # Update modified path list - regions_path = export_regions.copy() - regions_path.append("global") - service_dirs.append("rpc") - update_path_list(regions_path=regions_path, service_dirs=service_dirs) - - -def export_networking(inputfile, outdir, service_dir,config, signer, ct, export_regions): - compartments = ct.get_compartment_map(var_file,'Network Objects') - Network.export_networking(inputfile, outdir, service_dir,config, signer, ct, export_compartments=compartments, export_regions=export_regions) - Network.create_major_objects(inputfile, outdir, service_dir_network, prefix, ct, non_gf_tenancy) - Network.create_rpc_resource(inputfile, outdir, service_dir_network, prefix, auth_mechanism, config_file_path, ct, non_gf_tenancy) - Network.create_terraform_dhcp_options(inputfile, outdir, service_dir_network, prefix, ct, non_gf_tenancy) - Network.modify_terraform_secrules(inputfile, outdir, service_dir_network, prefix, ct, non_gf_tenancy) - Network.modify_terraform_routerules(inputfile, outdir, service_dir_network, prefix, ct, non_gf_tenancy) - Network.modify_terraform_drg_routerules(inputfile, outdir, service_dir_network, prefix, ct, non_gf_tenancy) - Network.create_terraform_drg_route(inputfile, outdir, service_dir_network, prefix, ct, non_gf_tenancy, - network_connectivity_in_setupoci='', modify_network=False) - Network.create_terraform_subnet_vlan(inputfile, outdir, service_dir, prefix, ct, non_gf_tenancy, network_vlan_in_setupoci='network') - Network.create_terraform_subnet_vlan(inputfile, outdir, service_dir, prefix, ct, non_gf_tenancy, network_vlan_in_setupoci='vlan') - Network.create_terraform_nsg(inputfile, outdir, service_dir_nsg, prefix, ct) - - print("\n\nExecute tf_import_commands_network_*_nonGF.sh script created under each region directory to synch TF with OCI Network objects\n") - - -def export_major_objects(inputfile, outdir, service_dir_network, config, signer, ct, export_regions): - compartments = ct.get_compartment_map(var_file,'VCN Major Objects') - Network.export_major_objects(inputfile, outdir, service_dir_network, config, signer, ct, export_compartments=compartments, export_regions=export_regions) - Network.export_drg_routetable(inputfile, outdir, service_dir_network, config, signer, ct, export_compartments=compartments, export_regions=export_regions, _tf_import_cmd=True) - Network.create_major_objects(inputfile, outdir,service_dir_network, prefix, ct, non_gf_tenancy) - Network.create_rpc_resource(inputfile, outdir, service_dir_network, prefix, auth_mechanism, config_file_path, ct, non_gf_tenancy) - Network.create_terraform_drg_route(inputfile, outdir, service_dir_network, prefix, ct, non_gf_tenancy,network_connectivity_in_setupoci='', modify_network=False) - print("\n\nExecute tf_import_commands_network_major-objects_nonGF.sh and tf_import_commands_network_drg_routerules_nonGF.sh scripts created under each region directory to synch TF with OCI Network objects\n") - - -def export_dhcp(inputfile, outdir, service_dir_network,config,signer,ct,export_regions): - compartments = ct.get_compartment_map(var_file,'DHCP') - Network.export_dhcp(inputfile, outdir, service_dir_network,config, signer, ct, export_compartments=compartments, export_regions=export_regions) - Network.create_terraform_dhcp_options(inputfile, outdir, service_dir_network,prefix, ct, non_gf_tenancy, ct) - print("\n\nExecute tf_import_commands_network_dhcp_nonGF.sh script created under each region directory to synch TF with OCI Network objects\n") - - -def export_secrules(inputfile, outdir, service_dir_network,config,signer,ct,export_regions): - compartments = ct.get_compartment_map(var_file,'SecRulesInOCI') - Network.export_seclist(inputfile, outdir, service_dir_network, config, signer, ct, export_compartments=compartments, export_regions=export_regions, _tf_import_cmd=True) - Network.modify_terraform_secrules(inputfile, outdir,service_dir_network, prefix, ct, non_gf_tenancy) - print("\n\nExecute tf_import_commands_network_secrules_nonGF.sh script created under each region directory to synch TF with OCI Network objects\n") - - -def export_routerules(inputfile, outdir, service_dir_network,config,signer,ct,export_regions): - compartments = ct.get_compartment_map(var_file,'RouteRulesInOCI') - Network.export_routetable(inputfile, outdir, service_dir_network, config, signer, ct, export_compartments=compartments, export_regions=export_regions, _tf_import_cmd=True) - Network.modify_terraform_routerules(inputfile, outdir, service_dir_network,prefix, ct, non_gf_tenancy) - print("\n\nExecute tf_import_commands_network_routerules_nonGF.sh script created under each region directory to synch TF with OCI Network objects\n") - - -def export_subnets_vlans(inputfile, outdir, service_dir,config,signer,ct,export_regions): - compartments = ct.get_compartment_map(var_file,'Subnets') - Network.export_subnets_vlans(inputfile, outdir, service_dir,config, signer, ct, export_compartments=compartments, export_regions=export_regions) - Network.create_terraform_subnet_vlan(inputfile, outdir, service_dir, prefix, ct, non_gf_tenancy, network_vlan_in_setupoci='network') - Network.create_terraform_subnet_vlan(inputfile, outdir, service_dir, prefix, ct, non_gf_tenancy, network_vlan_in_setupoci='vlan') - print("\n\nExecute tf_import_commands_network_subnets_nonGF.sh script created under each region directory to synch TF with OCI Network objects") - print("\nExecute tf_import_commands_network_vlans_nonGF.sh script created under each region directory to synch TF with OCI Network objects\n") - - -def export_nsg(inputfile, outdir, service_dir_nsg,config,signer,ct,export_regions): - compartments = ct.get_compartment_map(var_file,'NSGs') - Network.export_nsg(inputfile, outdir,service_dir_nsg, config,signer,ct, export_compartments=compartments, export_regions=export_regions, _tf_import_cmd=True) - Network.create_terraform_nsg(inputfile, outdir, service_dir_nsg,prefix, ct) - print("\n\nExecute tf_import_commands_network_nsg_nonGF.sh script created under each region directory to synch TF with OCI Network objects\n") - - -def export_compute(options=[]): - for opt in options: - if opt == "Export Dedicated VM Hosts": - export_dedicatedvmhosts(inputfile, outdir, config, signer, ct, export_regions) - if opt == "Export Instances (excludes instances launched by OKE)": - export_instances(inputfile, outdir, config, signer, ct, export_regions) - - -def export_dedicatedvmhosts(inputfile, outdir, config, signer, ct, export_regions): - compartments = ct.get_compartment_map(var_file,'Dedicated VM Hosts') - Compute.export_dedicatedvmhosts(inputfile, outdir, service_dir_dedicated_vm_host, config, signer, ct, export_compartments=compartments, export_regions=export_regions) - create_dedicatedvmhosts(inputfile, outdir, service_dir_dedicated_vm_host, prefix, ct) - print("\n\nExecute tf_import_commands_dedicatedvmhosts_nonGF.sh script created under each region directory to synch TF with OCI Dedicated VM Hosts\n") - # Update modified path list - update_path_list(regions_path=export_regions, service_dirs=[service_dir_dedicated_vm_host]) - - -def export_instances(inputfile, outdir,config,signer, ct, export_regions): - compartments = ct.get_compartment_map(var_file,'Instances') - display_name_str = ct.ins_pattern_filter if ct.ins_pattern_filter else None - ad_name_str = ct.ins_ad_filter if ct.ins_ad_filter else None - display_names = list(map(lambda x: x.strip(), display_name_str.split(','))) if display_name_str else None - ad_names = list(map(lambda x: x.strip(), ad_name_str.split(','))) if ad_name_str else None - Compute.export_instances(inputfile, outdir, service_dir_instance,config,signer,ct, export_compartments=compartments, export_regions=export_regions, display_names = display_names, ad_names = ad_names) - create_instances(inputfile, outdir, service_dir_instance,prefix, ct) - print("\n\nExecute tf_import_commands_instances_nonGF.sh script created under each region directory to synch TF with OCI Instances\n") - # Update modified path list - update_path_list(regions_path=export_regions, service_dirs=[service_dir_instance]) - - -def export_storage(options=[]): - for opt in options: - if opt == "Export Block Volumes/Block Backup Policy": - export_block_volumes(inputfile, outdir, config, signer, ct, export_regions) - if opt == "Export File Systems": - export_fss(inputfile, outdir, config, signer, ct, export_regions) - if opt == "Export Object Storage Buckets": - export_buckets(inputfile, outdir, config, signer, ct, export_regions) - - -def export_block_volumes(inputfile, outdir,config,signer,ct, export_regions): - compartments = ct.get_compartment_map(var_file,'Block Volumes') - display_name_str = ct.bv_pattern_filter if ct.bv_pattern_filter else None - ad_name_str = ct.bv_ad_filter if ct.bv_ad_filter else None - display_names = list(map(lambda x: x.strip(), display_name_str.split(','))) if display_name_str else None - ad_names = list(map(lambda x: x.strip(), ad_name_str.split(','))) if ad_name_str else None - Storage.export_blockvolumes(inputfile, outdir, service_dir_block_volume, config,signer,ct, export_compartments=compartments, export_regions=export_regions, display_names = display_names, ad_names = ad_names) - Storage.create_terraform_block_volumes(inputfile, outdir, service_dir_block_volume, prefix, ct) - print("\n\nExecute tf_import_commands_blockvolumes_nonGF.sh script created under each region directory to synch TF with OCI Block Volume Objects\n") - # Update modified path list - update_path_list(regions_path=export_regions, service_dirs=[service_dir_block_volume]) - - -def export_fss(inputfile, outdir,config, signer, ct, export_regions): - compartments = ct.get_compartment_map(var_file,'FSS objects') - Storage.export_fss(inputfile, outdir, service_dir_fss, config,signer,ct, export_compartments=compartments, export_regions=export_regions) - Storage.create_terraform_fss(inputfile, outdir, service_dir_fss, prefix, ct) - print("\n\nExecute tf_import_commands_fss_nonGF.sh script created under each region directory to synch TF with OCI FSS objects\n") - # Update modified path list - update_path_list(regions_path=export_regions, service_dirs=[service_dir_fss]) - - -def export_buckets(inputfile, outdir, config, signer, ct, export_regions): - compartments = ct.get_compartment_map(var_file, 'Buckets') - Storage.export_buckets(inputfile, outdir, service_dir_object_storage, config,signer,ct, export_compartments=compartments, export_regions=export_regions) - Storage.create_terraform_oss(inputfile, outdir, service_dir_object_storage, prefix, ct) - print("\n\nExecute tf_import_commands_buckets_nonGF.sh script created under each region directory to synch TF with OCI Object Storage Buckets\n") - # Update modified path list - update_path_list(regions_path=export_regions, service_dirs=[service_dir_object_storage]) - - -def export_loadbalancer(options=[]): - for opt in options: - if opt == "Export Load Balancers": - export_lbr(inputfile, outdir, config, signer, ct, export_regions) - if opt == "Export Network Load Balancers": - export_nlb(inputfile, outdir, config, signer, ct, export_regions) - - -def export_lbr(inputfile, outdir,config, signer, ct, export_regions): - compartments = ct.get_compartment_map(var_file,'LBR objects') - Network.export_lbr(inputfile, outdir, service_dir_loadbalancer, config,signer,ct, export_compartments=compartments, export_regions=export_regions) - create_lb(inputfile, outdir,service_dir_loadbalancer, prefix, ct) - print("\n\nExecute tf_import_commands_lbr_nonGF.sh script created under each region directory to synch TF with OCI LBR objects\n") - # Update modified path list - update_path_list(regions_path=export_regions, service_dirs=[service_dir_loadbalancer]) - - -def export_nlb(inputfile, outdir,config,signer, ct, export_regions): - compartments = ct.get_compartment_map(var_file,'NLB objects') - Network.export_nlb(inputfile, outdir, service_dir_networkloadbalancer, config,signer,ct, export_compartments=compartments, export_regions=export_regions) - create_nlb(inputfile, outdir,service_dir_networkloadbalancer, prefix, ct) - print("\n\nExecute tf_import_commands_nlb_nonGF.sh script created under each region directory to synch TF with OCI NLB objects\n") - # Update modified path list - update_path_list(regions_path=export_regions, service_dirs=[service_dir_networkloadbalancer]) - - -def export_databases(options=[]): - for opt in options: - if opt == "Export Virtual Machine or Bare Metal DB Systems": - export_dbsystems_vm_bm(inputfile, outdir, config, signer, ct, export_regions) - if opt == "Export EXA Infra and EXA VMClusters": - export_exa_infra_vmclusters(inputfile, outdir, config, signer, ct, export_regions) - if opt == 'Export ADBs': - export_adbs(inputfile, outdir, config, signer, ct, export_regions) - - -def export_dbsystems_vm_bm(inputfile, outdir,config,signer, ct,export_regions): - compartments = ct.get_compartment_map(var_file,'VM and BM DB Systems') - Database.export_dbsystems_vm_bm(inputfile, outdir, service_dir_dbsystem_vm_bm, config,signer,ct, export_compartments=compartments, export_regions= export_regions) - Database.create_terraform_dbsystems_vm_bm(inputfile, outdir, service_dir_dbsystem_vm_bm, prefix, ct) - print("\n\nExecute tf_import_commands_dbsystems-vm-bm_nonGF.sh script created under each region directory to synch TF with DBSystems\n") - # Update modified path list - update_path_list(regions_path=export_regions, service_dirs=[service_dir_dbsystem_vm_bm]) - - -def export_exa_infra_vmclusters(inputfile, outdir,config, signer, ct, export_regions): - compartments = ct.get_compartment_map(var_file,'EXA Infra and EXA VMClusters') - Database.export_exa_infra(inputfile, outdir, service_dir_database_exacs, config,signer,ct, export_compartments=compartments, export_regions= export_regions) - Database.export_exa_vmclusters(inputfile, outdir, service_dir_database_exacs, config,signer,ct, export_compartments=compartments, export_regions= export_regions) - create_exa_infra_vmclusters(inputfile, outdir, service_dir_database_exacs, prefix,ct) - print("\n\nExecute tf_import_commands_exa-infra_nonGF.sh and tf_import_commands_exa-vmclusters_nonGF.sh scripts created under each region directory to synch TF with Exa-Infra and Exa-VMClusters\n") - # Update modified path list - update_path_list(regions_path=export_regions, service_dirs=[service_dir_database_exacs]) - - -def export_adbs(inputfile, outdir,config, signer, ct, export_regions): - compartments = ct.get_compartment_map(var_file,'ADBs') - Database.export_adbs(inputfile, outdir, service_dir_adb, config,signer,ct, export_compartments=compartments, export_regions= export_regions) - Database.create_terraform_adb(inputfile, outdir, service_dir_adb, prefix, ct) - print("\n\nExecute tf_import_commands_adb_nonGF.sh script created under each region directory to synch TF with OCI ADBs\n") - # Update modified path list - update_path_list(regions_path=export_regions, service_dirs=[service_dir_adb]) - - -def export_management_services(options=[]): - service_dirs = [] - for opt in options: - if opt == "Export Notifications": - export_notifications(inputfile, outdir, service_dir_managementservices, config, signer, ct, export_regions) - service_dirs = [service_dir_managementservices] - if opt == "Export Events": - export_events(inputfile, outdir, service_dir_managementservices, config, signer, ct, export_regions) - service_dirs = [service_dir_managementservices] - if opt == "Export Alarms": - export_alarms(inputfile, outdir, service_dir_managementservices, config, signer, ct, export_regions) - service_dirs = [service_dir_managementservices] - if opt == "Export Service Connectors": - export_service_connectors(inputfile, outdir, service_dir_managementservices, config, signer, ct, export_regions) - service_dirs = [service_dir_managementservices] - # Update modified path list - update_path_list(regions_path=export_regions, service_dirs=[service_dir_managementservices]) - - -def export_notifications(inputfile, outdir, service_dir, config, signer, ct, export_regions): - compartments = ct.get_compartment_map(var_file,'Notifications') - ManagementServices.export_notifications(inputfile, outdir, service_dir, config,signer,ct, export_compartments=compartments, export_regions=export_regions) - ManagementServices.create_terraform_notifications(inputfile, outdir, service_dir, prefix, ct) - print("\n\nExecute tf_import_commands_notifications_nonGF.sh script created under each region directory to synch TF with OCI Notifications\n") - - -def export_events(inputfile, outdir, service_dir, config, signer, ct, export_regions): - compartments = ct.get_compartment_map(var_file,'Events') - ManagementServices.export_events(inputfile, outdir, service_dir, config,signer,ct, export_compartments=compartments, export_regions=export_regions) - ManagementServices.create_terraform_events(inputfile, outdir, service_dir, prefix, ct) - print("\n\nExecute tf_import_commands_events_nonGF.sh script created under each region directory to synch TF with OCI Events\n") - - -def export_alarms(inputfile, outdir, service_dir, config, signer, ct, export_regions): - compartments = ct.get_compartment_map(var_file,'Alarms') - ManagementServices.export_alarms(inputfile, outdir, service_dir, config,signer,ct, export_compartments=compartments, export_regions=export_regions) - ManagementServices.create_terraform_alarms(inputfile, outdir,service_dir, prefix, ct) - print("\n\nExecute tf_import_commands_alarms_nonGF.sh script created under each region directory to synch TF with OCI Alarms\n") - - -def export_service_connectors(inputfile, outdir, service_dir, config, signer, ct, export_regions): - compartments = ct.get_compartment_map(var_file,'Service Connectors') - ManagementServices.export_service_connectors(inputfile, outdir, service_dir, config,signer,ct, export_compartments=compartments, export_regions=export_regions) - ManagementServices.create_service_connectors(inputfile, outdir, service_dir, prefix, ct) - print("\n\nExecute tf_import_commands_serviceconnectors_nonGF.sh script created under each region directory to synch TF with OCI Service Connectors\n") - - -def export_developer_services(options=[]): - for opt in options: - if opt == "Export OKE cluster and Nodepools": - export_oke(inputfile, outdir, config, signer, ct, export_regions) - - -def export_oke(inputfile, outdir, config,signer, ct, export_regions): - compartments = ct.get_compartment_map(var_file,'OKE') - DeveloperServices.export_oke(inputfile, outdir, service_dir_oke,config,signer,ct, export_compartments=compartments, export_regions=export_regions) - DeveloperServices.create_terraform_oke(inputfile, outdir, service_dir_oke,prefix, ct) - print("\n\nExecute tf_import_commands_oke_nonGF.sh script created under each region directory to synch TF with OKE\n") - # Update modified path list - update_path_list(regions_path=export_regions, service_dirs=[service_dir_oke]) - - -def export_sddc(): - compartments = ct.get_compartment_map(var_file,'SDDCs') - SDDC.export_sddc(inputfile, outdir, service_dir_sddc,config,signer,ct, export_compartments=compartments, export_regions=export_regions) - SDDC.create_terraform_sddc(inputfile, outdir, service_dir_sddc, prefix, ct) - print("\n\nExecute tf_import_commands_sddcs_nonGF.sh script created under each region directory to synch TF with SDDC\n") - # Update modified path list - update_path_list(regions_path=export_regions, service_dirs=[service_dir_sddc]) - - -def export_dns(options=[]): - service_dirs = [] - for opt in options: - if opt == "Export DNS Views/Zones/Records": - export_dns_views_zones_rrsets(inputfile, outdir, service_dir_dns, config, signer, ct, export_regions) - service_dirs = [service_dir_dns] - if opt == "Export DNS Resolvers": - export_dns_resolvers(inputfile, outdir, service_dir_dns, config, signer, ct, export_regions) - service_dirs = [service_dir_dns] - # Update modified path list - update_path_list(regions_path=export_regions, service_dirs=service_dirs) - - -def export_dns_views_zones_rrsets(inputfile, outdir, service_dir, config, signer, ct, export_regions): - compartments = ct.get_compartment_map(var_file, 'DNS Views ,attached zones and rrsets') - dns_filter = None - if ct.default_dns: - if ct.default_dns.lower() == "false": - dns_filter = "n" - if ct.default_dns.lower() == "true": - dns_filter = "y" - - dns_filter = dns_filter if dns_filter else None - Network.export_dns_views_zones_rrsets(inputfile, outdir, service_dir, config, signer, ct, dns_filter=dns_filter, export_compartments=compartments, export_regions=export_regions) - create_terraform_dns(inputfile, outdir, service_dir, prefix, ct) - -def export_dns_resolvers(inputfile, outdir, service_dir, config, signer, ct, export_regions): - compartments = ct.get_compartment_map(var_file, 'DNS Resolvers') - Network.export_dns_resolvers(inputfile, outdir, service_dir, config, signer, ct, export_compartments=compartments, export_regions=export_regions) - Network.create_terraform_dns_resolvers(inputfile, outdir, service_dir, prefix, ct) - - -def cd3_services(options=[]): - for opt in options: - if opt == 'Fetch Compartments OCIDs to variables file': - fetch_compartments(outdir, outdir_struct, ct) - if opt == 'Fetch Protocols to OCI_Protocols': - fetch_protocols(outdir, outdir_struct, ct) - - -def fetch_protocols(outdir, outdir_struct, ct): - cd3service.fetch_protocols() - -################## Create Functions ########################## -def create_identity(options=[]): - service_dirs = [] - for opt in options: - if opt == 'Add/Modify/Delete Compartments': - Identity.create_terraform_compartments(inputfile, outdir,service_dir_identity, prefix, ct) - service_dirs = [service_dir_identity] - if opt == 'Add/Modify/Delete Groups': - Identity.create_terraform_groups(inputfile, outdir,service_dir_identity, prefix, ct) - service_dirs = [service_dir_identity] - if opt == 'Add/Modify/Delete Policies': - Identity.create_terraform_policies(inputfile, outdir,service_dir_identity, prefix, ct) - service_dirs = [service_dir_identity] - if opt == 'Add/Modify/Delete Users': - Identity.Users.create_terraform_users(inputfile, outdir,service_dir_identity, prefix, ct) - service_dirs = [service_dir_identity] - if opt == 'Add/Modify/Delete Network Sources': - Identity.NetworkSources.create_terraform_networkSources(inputfile, outdir,service_dir_identity, prefix, ct) - service_dirs = [service_dir_identity] - # Update modified path list - update_path_list(regions_path=[ct.home_region], service_dirs=[service_dir_identity]) - - -def create_tags(): - Governance.create_terraform_tags(inputfile, outdir, service_dir_tagging, prefix, ct) - # Update modified path list - update_path_list(regions_path=[ct.home_region], service_dirs=[service_dir_tagging]) - - -def create_network(options=[], sub_options=[]): - service_dirs = [] - for opt in options: - if opt == 'Create Network': - Network.create_all_tf_objects(inputfile, outdir, outdir_struct, prefix, ct, non_gf_tenancy=non_gf_tenancy) - service_dirs = [service_dir_network, service_dir_nsg, service_dir_vlan] - if opt == 'Modify Network': - modify_terraform_network(inputfile, outdir, outdir_struct, prefix, ct, non_gf_tenancy=non_gf_tenancy) - service_dirs.append(service_dir_network) if service_dir_network not in service_dirs else service_dirs - if opt == 'Security Rules': - export_modify_security_rules(sub_options, inputfile, outdir, service_dir_network, prefix, ct, non_gf_tenancy=non_gf_tenancy) - service_dirs.append(service_dir_network) if service_dir_network not in service_dirs else service_dirs - if opt == 'Route Rules': - export_modify_route_rules(sub_options, inputfile, outdir, service_dir_network, prefix, ct, non_gf_tenancy=non_gf_tenancy) - service_dirs.append(service_dir_network) if service_dir_network not in service_dirs else service_dirs - if opt == 'DRG Route Rules': - export_modify_drg_route_rules(sub_options, inputfile, outdir, service_dir_network, prefix, ct, non_gf_tenancy=non_gf_tenancy) - service_dirs.append(service_dir_network) if service_dir_network not in service_dirs else service_dirs - if opt == 'Network Security Groups': - export_modify_nsgs(sub_options, inputfile, outdir, service_dir_nsg, prefix, ct, non_gf_tenancy=non_gf_tenancy) - service_dirs.append(service_dir_nsg) if service_dir_nsg not in service_dirs else service_dirs - if opt == 'Add/Modify/Delete VLANs': - create_vlans(inputfile, outdir, outdir_struct, prefix, ct, non_gf_tenancy=non_gf_tenancy) - service_dirs.append(service_dir_vlan) if service_dir_vlan not in service_dirs else service_dirs - service_dirs.append(service_dir_network) if service_dir_network not in service_dirs else service_dirs - if opt == 'Customer Connectivity': - create_drg_connectivity(inputfile, outdir, service_dir_network, prefix, ct, non_gf_tenancy=non_gf_tenancy) - service_dirs.append(service_dir_network) if service_dir_network not in service_dirs else service_dirs - # Update modified path list - regions_path = subscribed_regions.copy() - regions_path.append("global") - service_dirs.append("rpc") - update_path_list(regions_path=regions_path, service_dirs=service_dirs) - - -def modify_terraform_network(inputfile, outdir, service_dir, prefix, ct, non_gf_tenancy): - Network.create_all_tf_objects(inputfile, outdir, service_dir, prefix, ct, non_gf_tenancy=non_gf_tenancy, modify_network=True, ) - -def export_modify_security_rules(sub_options,inputfile, outdir, service_dir, prefix, ct, non_gf_tenancy): - for opt in sub_options: - if opt == 'Export Security Rules (From OCI into SecRulesinOCI sheet)': - export_security_rules(inputfile, outdir, service_dir, config, signer, ct, non_gf_tenancy=non_gf_tenancy) - if opt == 'Add/Modify/Delete Security Rules (Reads SecRulesinOCI sheet)': - Network.modify_terraform_secrules(inputfile, outdir, service_dir, prefix, ct, non_gf_tenancy) - -def export_security_rules(inputfile, outdir, service_dir, config, signer, ct, non_gf_tenancy): - compartments = ct.get_compartment_map(var_file, 'OCI Security Rules') - Network.export_seclist(inputfile, outdir, service_dir, config, signer, ct, export_compartments=compartments, export_regions= export_regions, _tf_import_cmd=False) - -def export_modify_route_rules(sub_options,inputfile, outdir, service_dir, prefix, ct, non_gf_tenancy): - execute_all = False - for opt in sub_options: - if opt == 'Export Route Rules (From OCI into RouteRulesinOCI sheet)': - export_route_rules(inputfile, outdir, service_dir, config, signer, ct, non_gf_tenancy=non_gf_tenancy) - if opt == 'Add/Modify/Delete Route Rules (Reads RouteRulesinOCI sheet)': - Network.modify_terraform_routerules(inputfile, outdir, service_dir, prefix, ct, non_gf_tenancy) - - -def export_route_rules(inputfile, outdir, service_dir, config, signer, ct, non_gf_tenancy): - compartments = ct.get_compartment_map(var_file, 'OCI Route Rules') - Network.export_routetable(inputfile, outdir, service_dir, config, signer, ct, export_compartments=compartments, export_regions= export_regions, _tf_import_cmd=False) - -def export_modify_drg_route_rules(sub_options, inputfile, outdir, service_dir, prefix, ct, non_gf_tenancy): - execute_all = False - for opt in sub_options: - if opt == 'Export DRG Route Rules (From OCI into DRGRouteRulesinOCI sheet)': - export_drg_route_rules(inputfile, outdir, service_dir, config, signer, ct, non_gf_tenancy=non_gf_tenancy) - if opt == 'Add/Modify/Delete DRG Route Rules (Reads DRGRouteRulesinOCI sheet)': - Network.modify_terraform_drg_routerules(inputfile, outdir, service_dir, prefix, ct, non_gf_tenancy) - - -def export_drg_route_rules(inputfile, outdir, service_dir, config, signer, ct, non_gf_tenancy): - compartments = ct.get_compartment_map(var_file,'OCI DRG Route Rules') - Network.export_drg_routetable(inputfile, outdir, service_dir, config, signer, ct, export_compartments=compartments, export_regions= export_regions, _tf_import_cmd=False) - - -def export_modify_nsgs(sub_options, inputfile, outdir, service_dir, prefix, ct, non_gf_tenancy): - execute_all = False - for opt in sub_options: - if opt == 'Export NSGs (From OCI into NSGs sheet)': - export_nsgs(inputfile, outdir, service_dir, prefix, ct) - if opt == 'Add/Modify/Delete NSGs (Reads NSGs sheet)': - Network.create_terraform_nsg(inputfile, outdir, service_dir, prefix, ct) - -def export_nsgs(inputfile, outdir, service_dir, prefix, ct): - compartments = ct.get_compartment_map(var_file,'OCI NSGs') - Network.export_nsg(inputfile, outdir, service_dir, config, signer, ct, export_compartments=compartments, export_regions= export_regions, _tf_import_cmd=False) - -def create_vlans(inputfile, outdir, service_dir, prefix,ct, non_gf_tenancy, network_vlan_in_setupoci='vlan'): - Network.create_terraform_subnet_vlan(inputfile, outdir, service_dir, prefix, ct, non_gf_tenancy=non_gf_tenancy, network_vlan_in_setupoci='vlan',modify_network=True) - Network.create_terraform_route(inputfile, outdir, service_dir_network, prefix, ct, non_gf_tenancy=non_gf_tenancy, network_vlan_in_setupoci='vlan',modify_network=True) - -def create_drg_connectivity(inputfile, outdir, service_dir, prefix, ct, non_gf_tenancy,network_vlan_in_setupoci='vlan'): - execute_all = False - create_rpc( inputfile, outdir, service_dir, service_dir, prefix, auth_mechanism, config_file_path, ct, non_gf_tenancy=non_gf_tenancy) - -def create_rpc(inputfile, outdir, service_dir, service_dir_network, prefix, auth_mechanism, config_file_path, ct, non_gf_tenancy): - Network.create_rpc_resource(inputfile, outdir, service_dir, prefix, auth_mechanism, config_file_path, ct, non_gf_tenancy=non_gf_tenancy) - Network.create_terraform_drg_route(inputfile, outdir, service_dir_network, prefix, non_gf_tenancy=non_gf_tenancy, ct=ct, network_connectivity_in_setupoci='connectivity', modify_network=True) - -def create_compute(options=[]): - service_dirs = [] - for opt in options: - if opt == 'Add/Modify/Delete Dedicated VM Hosts': - create_dedicatedvmhosts(inputfile, outdir, service_dir_dedicated_vm_host,prefix, ct) - service_dirs.append(service_dir_dedicated_vm_host) if service_dir_dedicated_vm_host not in service_dirs else service_dirs - - if opt == 'Add/Modify/Delete Instances/Boot Backup Policy': - create_instances(inputfile, outdir, service_dir_instance,prefix, ct) - service_dirs.append(service_dir_instance) if service_dir_instance not in service_dirs else service_dirs - # Update modified path list - update_path_list(regions_path=subscribed_regions, service_dirs=service_dirs) - - -def create_instances(inputfile, outdir, service_dir,prefix,ct): - Compute.create_terraform_instances(inputfile, outdir, service_dir, prefix, ct) - - -def create_dedicatedvmhosts(inputfile, outdir, service_dir, prefix,ct): - Compute.create_terraform_dedicatedhosts(inputfile, outdir, service_dir,prefix, ct) - - -def create_storage(options=[]): - service_dirs = [] - for opt in options: - if opt == 'Add/Modify/Delete Block Volumes/Block Backup Policy': - Storage.create_terraform_block_volumes(inputfile, outdir, service_dir_block_volume, prefix, ct) - service_dirs.append(service_dir_block_volume) if service_dir_block_volume not in service_dirs else service_dirs - if opt == 'Add/Modify/Delete File Systems': - Storage.create_terraform_fss(inputfile, outdir, service_dir_fss, prefix, ct) - service_dirs.append(service_dir_fss) if service_dir_fss not in service_dirs else service_dirs - if opt == 'Add/Modify/Delete Object Storage Buckets': - Storage.create_terraform_oss( inputfile, outdir, service_dir_object_storage, prefix, ct) - service_dirs.append(service_dir_object_storage) if service_dir_object_storage not in service_dirs else service_dirs - #Option('Enable Object Storage Buckets Write Logs', create_cis_oss_logs, '') - # Update modified path list - update_path_list(regions_path=subscribed_regions, service_dirs=service_dirs) - - -def create_loadbalancer(options=[]): - service_dirs = [] - for opt in options: - if opt == 'Add/Modify/Delete Load Balancers': - create_lb(inputfile, outdir,service_dir_loadbalancer, prefix, ct) - service_dirs.append(service_dir_loadbalancer) if service_dir_loadbalancer not in service_dirs else service_dirs - if opt == 'Add/Modify/Delete Network Load Balancers': - create_nlb(inputfile, outdir,service_dir_networkloadbalancer, prefix, ct) - service_dirs.append(service_dir_networkloadbalancer) if service_dir_networkloadbalancer not in service_dirs else service_dirs - #Option('Enable LBaaS Logs', enable_lb_logs, 'LBaaS Logs') - # Update modified path list - update_path_list(regions_path=subscribed_regions, service_dirs=service_dirs) - - -def create_lb(inputfile, outdir,service_dir, prefix, ct): - Network.create_terraform_lbr_hostname_certs(inputfile, outdir, service_dir, prefix, ct) - Network.create_backendset_backendservers(inputfile, outdir, service_dir, prefix, ct) - Network.create_listener(inputfile, outdir, service_dir, prefix, ct) - Network.create_path_route_set(inputfile, outdir, service_dir, prefix, ct) - Network.create_ruleset(inputfile, outdir, service_dir, prefix, ct) - - -def create_nlb(inputfile, outdir,service_dir, prefix, ct): - Network.create_terraform_nlb_listener(inputfile, outdir, service_dir, prefix, ct) - Network.create_nlb_backendset_backendservers(inputfile, outdir, service_dir, prefix, ct) - - -def create_databases(options=[]): - service_dirs = [] - for opt in options: - if opt == 'Add/Modify/Delete Virtual Machine or Bare Metal DB Systems': - Database.create_terraform_dbsystems_vm_bm(inputfile, outdir, service_dir_dbsystem_vm_bm, prefix, ct) - service_dirs.append(service_dir_dbsystem_vm_bm) if service_dir_dbsystem_vm_bm not in service_dirs else service_dirs - if opt == 'Add/Modify/Delete EXA Infra and EXA VM Clusters': - create_exa_infra_vmclusters(inputfile, outdir,service_dir_database_exacs, prefix,ct) - service_dirs.append(service_dir_database_exacs) if service_dir_database_exacs not in service_dirs else service_dirs - if opt == 'Add/Modify/Delete ADBs': - Database.create_terraform_adb(inputfile, outdir, service_dir_adb, prefix, ct) - service_dirs.append(service_dir_adb) if service_dir_adb not in service_dirs else service_dirs - # Update modified path list - update_path_list(regions_path=subscribed_regions, service_dirs=service_dirs) - -def create_exa_infra_vmclusters(inputfile, outdir,service_dir, prefix,ct): - Database.create_terraform_exa_infra(inputfile, outdir, service_dir, prefix, ct) - Database.create_terraform_exa_vmclusters(inputfile, outdir, service_dir, prefix, ct) - -def create_management_services(options=[]): - service_dirs = [] - for opt in options: - if opt == "Add/Modify/Delete Notifications": - ManagementServices.create_terraform_notifications(inputfile, outdir, service_dir_managementservices, prefix, ct) - service_dirs = [service_dir_managementservices] - if opt == "Add/Modify/Delete Events": - ManagementServices.create_terraform_events(inputfile, outdir, service_dir_managementservices, prefix, ct) - service_dirs = [service_dir_managementservices] - if opt == "Add/Modify/Delete Alarms": - ManagementServices.create_terraform_alarms(inputfile, outdir, service_dir_managementservices, prefix, ct) - service_dirs = [service_dir_managementservices] - if opt == "Add/Modify/Delete ServiceConnectors": - ManagementServices.create_service_connectors(inputfile, outdir, service_dir_managementservices, prefix, ct) - service_dirs = [service_dir_managementservices] - - # Update modified path list - update_path_list(regions_path=subscribed_regions, service_dirs=[service_dir_managementservices]) - - -def create_developer_services(options=[]): - for opt in options: - if opt == "Upload current terraform files/state to Resource Manager": - create_rm_stack(inputfile, outdir, prefix, auth_mechanism, config_file_path,ct) - if opt == "Add/Modify/Delete OKE Cluster and Nodepools": - create_oke(inputfile, outdir, prefix, auth_mechanism, config_file_path,ct) - - -def create_rm_stack(inputfile, outdir, prefix, auth_mechanism, config_file, ct): - regions = get_region_list(rm = True) - DeveloperServices.create_resource_manager(outdir,var_file, outdir_struct, prefix, auth_mechanism, config_file, ct, regions) - -def create_oke(inputfile, outdir, prefix, auth_mechanism, config_file, ct): - DeveloperServices.create_terraform_oke(inputfile, outdir, service_dir_oke, prefix, ct) - # Update modified path list - update_path_list(regions_path=subscribed_regions, service_dirs=[service_dir_oke]) - - -def create_sddc(): - SDDC.create_terraform_sddc(inputfile, outdir, service_dir_sddc, prefix, ct) - # Update modified path list - update_path_list(regions_path=subscribed_regions, service_dirs=[service_dir_sddc]) - - -def create_dns(options=[]): - service_dirs = [] - for opt in options: - if opt == 'Add/Modify/Delete DNS Views/Zones/Records': - create_terraform_dns(inputfile, outdir, service_dir_dns, prefix, ct) - service_dirs = [service_dir_dns] - if opt == 'Add/Modify/Delete DNS Resolvers': - Network.create_terraform_dns_resolvers(inputfile, outdir, service_dir_dns, prefix, ct) - service_dirs = [service_dir_dns] - # Update modified path list - update_path_list(regions_path=subscribed_regions, service_dirs=service_dirs) - - -def create_terraform_dns(inputfile, outdir, service_dir, prefix, ct): - Network.create_terraform_dns_views(inputfile, outdir, service_dir, prefix, ct) - Network.create_terraform_dns_zones(inputfile, outdir, service_dir, prefix, ct) - Network.create_terraform_dns_rrsets(inputfile, outdir, service_dir, prefix, ct) - -def create_logging(options=[]): - service_dirs = [] - for opt in options: - if opt == 'Enable VCN Flow Logs': - ManagementServices.enable_cis_vcnflow_logging(inputfile, outdir, service_dir_network, prefix, ct) - service_dirs.append(service_dir_network) if service_dir_network not in service_dirs else service_dirs - if opt == 'Enable LBaaS Logs': - ManagementServices.enable_load_balancer_logging(inputfile, outdir, service_dir_loadbalancer, prefix, ct) - service_dirs.append(service_dir_loadbalancer) if service_dir_loadbalancer not in service_dirs else service_dirs - if opt == 'Enable Object Storage Buckets Write Logs': - ManagementServices.enable_cis_oss_logging(inputfile, outdir, service_dir_object_storage, prefix, ct) - service_dirs.append(service_dir_object_storage) if service_dir_object_storage not in service_dirs else service_dirs - - # Update modified path list - update_path_list(regions_path=subscribed_regions, service_dirs=service_dirs) - - -def create_cis_features(options=[], sub_options=[]): - service_dirs = [] - for opt in options: - if opt == 'CIS Compliance Checking Script': - initiate_cis_scan(sub_options,outdir, prefix, config_file_path) - if opt == "Create Key/Vault": - Security.create_cis_keyvault(outdir, service_dir_kms, service_dir_identity, prefix, ct, ct.vault_region, - ct.vault_comp) - service_dir = ct.vault_region+"/"+service_dir_identity - service_dirs.append(service_dir) if service_dir not in service_dirs else service_dirs - if opt == "Create Default Budget": - Governance.create_cis_budget(outdir, service_dir_budget, prefix, ct, ct.budget_amount, ct.budget_threshold) - service_dir = ct.home_region + "/" + service_dir_budget - service_dirs.append(service_dir) if service_dir not in service_dirs else service_dirs - if opt == "Enable Cloud Guard": - Security.enable_cis_cloudguard(outdir, service_dir_cloud_guard, prefix, ct, ct.cg_region) - service_dir = ct.cg_region + "/" + service_dir_cloud_guard - service_dirs.append(service_dir) if service_dir not in service_dirs else service_dirs - - # Update modified path list - update_path_list(regions_path=[""], service_dirs=service_dirs) - - -def initiate_cis_scan(sub_options,outdir, prefix, config_file): - for opt in sub_options: - if opt == "CD3 Image already contains the latest CIS compliance checking script available at the time of cd3 image release. Download latest only if new version of the script is available": - start_cis_download(outdir, prefix, config_file) - if opt == "Execute compliance checking script": - start_cis_scan(outdir, prefix, config_file) - -def start_cis_download(outdir, prefix, config_file): - print("Downloading the script file as 'cis_reports.py' at location "+os.getcwd()) - resp = requests.get("https://raw.githubusercontent.com/oracle-quickstart/oci-cis-landingzone-quickstart/main/scripts/cis_reports.py") - resp_contents = resp.text - with open("cis_reports.py", "w", encoding="utf-8") as fd: - fd.write(resp_contents) - print("Download complete!!") - -def start_cis_scan(outdir, prefix, config_file): - cmd = "python cis_reports.py" - #user_input = input("Enter command to execute the script. Press Enter to execute {} : ".format(cmd)) - #if user_input!='': - # cmd = "{}".format(user_input) - split = str.split(cmd) - - dirname = prefix + "_cis_report" - resource = "cis_report" - out_rep = outdir + '/'+ dirname - #config = "--config "+ config - commonTools.backup_file(outdir, resource, dirname) - - if not os.path.exists(out_rep): - os.makedirs(out_rep) - else: - commonTools.backup_file(outdir, resource, out_rep) - - out = ["-c", config_file, '--report-directory', out_rep] - cmd = cmd +" "+ out[0] + " "+out[1] + " "+ out[2] + " " +out[3] - split.extend(out) - print("Executing: "+cmd) - print("Scan started!") - execute(split, config_file) - -def execute(command,config_file): - export_cmd_windows = "set OCI_CONFIG_HOME="+config_file - export_cmd_linux = "export OCI_CONFIG_HOME=" + config_file - export_cmd = "" - if "linux" in sys.platform: - export_cmd = export_cmd_linux - elif "win" in sys.platform: - export_cmd = export_cmd_windows - - if export_cmd == "": - print("Failed to get OS details. Exiting!!") - exit(1) - - split_export_cmd = str.split(export_cmd) - #subprocess.Popen(split_export_cmd, stdout=subprocess.PIPE,bufsize=1) - popen = subprocess.Popen(command, stdout=subprocess.PIPE,bufsize=1) - lines_iterator = iter(popen.stdout.readline, b"") - while popen.poll() is None: - for line in lines_iterator: - nline = line.rstrip() - print(nline.decode("latin"), end="\r\n", flush=True)# yield line - - -#Execution starts here -parser = argparse.ArgumentParser(description='Sets Up OCI via TF') -parser.add_argument('propsfile', help="Full Path of properties file containing input variables. eg setUpOCI.properties") -parser.add_argument('--main_options', default="") -parser.add_argument('--sub_options', default="") -parser.add_argument('--sub_child_options', default="") -parser.add_argument('--add_filter', default=None) -args = parser.parse_args() -setUpOCI_props = configparser.RawConfigParser() -setUpOCI_props.read(args.propsfile) -main_options = args.main_options.split(",") -sub_options = args.sub_options.split(",") -sub_child_options = args.sub_child_options.split(",") - -#Read Config file Variables -try: - workflow_type = setUpOCI_props.get('Default', 'workflow_type').strip().lower() - - if (workflow_type == 'export_resources'): - non_gf_tenancy = True - else: - non_gf_tenancy = False - - inputfile = setUpOCI_props.get('Default','cd3file').strip() - outdir = setUpOCI_props.get('Default', 'outdir').strip() - prefix = setUpOCI_props.get('Default', 'prefix').strip() - auth_mechanism = setUpOCI_props.get('Default', 'auth_mechanism').strip().lower() - config_file_path = setUpOCI_props.get('Default', 'config_file').strip() or DEFAULT_LOCATION - - if not outdir: - exit_menu('input outdir location cannot be left blank. Exiting... ') - elif not prefix: - exit_menu('input prefix value cannot be left blank. Exiting... ') - elif not inputfile: - exit_menu('input cd3file location cannot be left blank. Exiting... ') - elif '.xls' not in inputfile: - exit_menu('valid formats for input cd3file are either .xls or .xlsx') -except Exception as e: - exit_menu(str(e) + ". Check input properties file and try again. Exiting... ") - -try: - outdir_structure = setUpOCI_props.get('Default', 'outdir_structure_file').strip() -except Exception as e: - outdir_structure = '' - -# Pre-work -if not os.path.exists(outdir): - os.makedirs(outdir) - -if (outdir_structure == '' or outdir_structure == "\n"): - outdir_struct = {} -else: - if os.path.isfile(outdir_structure): - outdir_config = configparser.RawConfigParser() - outdir_config.read(outdir_structure) - outdir_struct = dict(outdir_config.items("Default")) - else: - print("Invalid outdir_structure_file. Please provide correct file path. Exiting... ") - exit(1) - -## Authenticate Params -ct=None -ct = commonTools() -config,signer = ct.authenticate(auth_mechanism, config_file_path) - -# Set Export filters -export_filters = args.add_filter.split("@") if args.add_filter else [] -ct.get_export_filters(export_filters) - -## Fetch OCI_regions -cd3service = cd3Services() -cd3service.fetch_regions(config,signer) - -## Check if fetch compartments script needs to be run -run_fetch_script = 0 - -## Fetch Subscribed Regions -subscribed_regions = ct.get_subscribedregions(config,signer) -home_region = ct.home_region - -# Set service directories as per outdir_structure file -# If single outdir, get service names from /cd3user/oci_tools/cd3_automation_toolkit/user-scripts/.outdir_structure_file.properties -if len(outdir_struct.items())==0: - single_outdir_config = configparser.RawConfigParser() - single_outdir_config.read("/cd3user/oci_tools/cd3_automation_toolkit/user-scripts/.outdir_structure_file.properties") - for item,val in single_outdir_config.items("Default"): - varname = "service_dir_" + str(item.replace("-", "_")).strip() - exec(varname + "= \"\"") -# If multiple outdir, get service names from -else: - for key,value in outdir_struct.items(): - varname = "service_dir_"+str(key.replace("-","_")).strip() - exec(varname + "= value") - -var_file = (f'{outdir}/{home_region}/{service_dir_identity}/variables_{home_region}.tf').replace('//','/') - -try: - # read variables file - with open(var_file, 'r') as f: - var_data = f.read() - f.close() -except FileNotFoundError as e: - exit_menu(f'\nVariables file not found in home region - {home_region}.......Exiting!!!\n') - -## Check for the fetch compartment status -fetchcompinfo_data = "run_fetch_script=0" -try: - # read fetchcompinfo.safe - fetch_comp_file = f'{outdir}/fetchcompinfo.safe' - with open(fetch_comp_file, 'r') as f: - fetchcompinfo_data = f.read() - f.close() -except FileNotFoundError as e: - fetchcompinfo_data = "run_fetch_script=1" -if "# compartment ocids" in var_data or "run_fetch_script=1" in fetchcompinfo_data: - run_fetch_script = 1 - -if (run_fetch_script == 1): - print("Script to Fetch Compartments OCIDs to variables file has not been executed. Running it now.") - fetch_compartments(outdir,outdir_struct, ct) -else: - print("Make sure to execute the script for 'Fetch Compartments OCIDs to variables file' under 'CD3 Services' menu option at-least once before you continue!") -global updated_paths -global import_scripts -updated_paths = [] -import_scripts = [] -exec_start_time = datetime.datetime.now() - - -## Menu Options -if non_gf_tenancy: - print("\nworkflow_type set to export_resources. Export existing OCI objects and Synch with TF state") - print("We recommend to not have any existing tfvars/tfstate files for export out directory") - export_regions = get_region_list(rm=False) - for option in main_options: - if option == 'Export Identity': - export_identityOptions(options=sub_options) - if option == 'Export Tags': - export_tags(options=sub_options) - if option == 'Export Network': - export_network(options=sub_options) - if option == 'Export DNS Management': - export_dns(options=sub_options) - if option == 'Export Compute': - export_compute(options=sub_options) - if option == 'Export Storage': - export_storage(options=sub_options) - if option == 'Export Databases': - export_databases(options=sub_options) - if option == 'Export Load Balancers': - export_loadbalancer(options=sub_options) - if option == 'Export Management Services': - export_management_services(options=sub_options) - if option == 'Export Developer Services': - export_developer_services(options=sub_options) - if option == 'Export Software-Defined Data Centers - OCVS': - export_sddc() - if option == 'CD3 Services': - cd3_services(options=sub_options) -else: - export_regions = ct.all_regions - for option in main_options: - if option == 'Validate CD3': - validate_cd3(options=sub_options) - if option == 'Identity': - create_identity(options=sub_options) - if option == 'Tags': - create_tags() - if option == 'Network': - create_network(options=sub_options, sub_options=sub_child_options) - if option == 'DNS Management': - create_dns(options=sub_options) - if option == 'Compute': - create_compute(options=sub_options) - if option == 'Storage': - create_storage(options=sub_options) - if option == 'Database': - create_databases(options=sub_options) - if option == 'Load Balancers': - create_loadbalancer(options=sub_options) - if option == 'Management Services': - create_management_services(options=sub_options) - if option == 'Developer Services': - create_developer_services(options=sub_options) - if option == 'Logging Services': - create_logging(options=sub_options) - if option == 'Software-Defined Data Centers - OCVS': - create_sddc() - if option == 'CIS Compliance Features': - create_cis_features(options=sub_options,sub_options=sub_child_options) - if option == 'CD3 Services': - cd3_services(options=sub_options) - -# write updated paths to a file -updated_paths_file = f'{outdir}/updated_paths.safe' -with open(updated_paths_file, 'w+') as f: - for item in updated_paths: - f.write(str(item).replace('//','/')+"\n") -f.close() -import_scripts_file = f'{outdir}/import_scripts.safe' -with open(import_scripts_file, 'w+') as f: - for item in import_scripts: - f.write(str(item).replace('//','/')+"\n") -f.close() diff --git a/cd3_automation_toolkit/user-scripts/createTenancyConfig.py b/cd3_automation_toolkit/user-scripts/createTenancyConfig.py index 8a0359604..8d0c5d219 100644 --- a/cd3_automation_toolkit/user-scripts/createTenancyConfig.py +++ b/cd3_automation_toolkit/user-scripts/createTenancyConfig.py @@ -206,7 +206,7 @@ def update_devops_config(prefix,git_config_file, repo_ssh_url,files_in_repo,dir_ # Clean repo config if exists and initiate git repo subprocess.run(['git', 'init'], cwd=devops_dir,stdout=DEVNULL) f = open(devops_dir + ".gitignore", "w") - git_ignore_file_data = ".DS_Store\n*tfstate*\n*terraform*\ntfplan.out\ntfplan.json\n*backup*\ntf_import_commands*\n*cis_report*\n*.safe\n*stacks.zip\n*cd3Validator*" + git_ignore_file_data = ".DS_Store\n*tfstate*\n*terraform*\ntfplan.out\ntfplan.json\n*backup*\ntf_import_commands*\n*cis_report*\n*showoci_report*\n*.safe\n*stacks.zip\n*cd3Validator*" f.write(git_ignore_file_data) f.close() # Cleanup existing "origin" remote and create required one diff --git a/cd3_automation_toolkit/user-scripts/outdir_structure_file.properties b/cd3_automation_toolkit/user-scripts/outdir_structure_file.properties index 39c9ff852..e29e65b0a 100644 --- a/cd3_automation_toolkit/user-scripts/outdir_structure_file.properties +++ b/cd3_automation_toolkit/user-scripts/outdir_structure_file.properties @@ -15,7 +15,6 @@ loadbalancer=loadbalancer networkloadbalancer=loadbalancer vlan=vlan nsg=nsg -seclist=seclist # Same Directory must be specified for Instances and Block Volumes. instance=compute block-volume = compute diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/network/subnet/main.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/network/subnet/main.tf index ef146bfe0..513c8eebd 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/network/subnet/main.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/network/subnet/main.tf @@ -23,5 +23,6 @@ resource "oci_core_subnet" "subnet" { prohibit_internet_ingress = var.prohibit_internet_ingress prohibit_public_ip_on_vnic = var.prohibit_public_ip_on_vnic route_table_id = var.route_table_id - security_list_ids = flatten([for seclist in var.security_list_ids : [for sl in seclist : sl if length(regexall("ocid1.securitylist.oc*", sl)) > 0 ]]) -} + security_list_ids = var.security_list_ids != [] ? [for sl in var.security_list_ids : (length(regexall("ocid1.securitylist.oc1*", sl)) > 0 ? sl : (sl == "" ? var.vcn_default_security_list_id : var.custom_security_list_id[sl]["seclist_tf_id"]))] : [] + +} \ No newline at end of file diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/network/subnet/variables.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/network/subnet/variables.tf index 2d471a901..6c6ef0d55 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/network/subnet/variables.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/network/subnet/variables.tf @@ -7,6 +7,8 @@ variable "vcn_default_security_list_id" {} +variable "custom_security_list_id" {} + variable "tenancy_ocid" { type = string default = null diff --git a/cd3_automation_toolkit/user-scripts/terraform/network.tf b/cd3_automation_toolkit/user-scripts/terraform/network.tf index 915f25b1a..aea32134d 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/network.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/network.tf @@ -371,6 +371,58 @@ output "dhcp_options_id" { } */ +############################ +# Module Block - Network +# Create Default Security Lists +############################ + +module "default-security-lists" { + source = "./modules/network/default-sec-list" + for_each = (var.default_seclists != null || var.default_seclists != {}) ? var.default_seclists : {} + + #Required + manage_default_resource_id = length(regexall("ocid1.vcn.oc*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_security_list_id"] + + key_name = each.key + defined_tags = each.value.defined_tags + display_name = each.value.display_name != null ? each.value.display_name : null + freeform_tags = each.value.freeform_tags + seclist_details = var.default_seclists +} + +/* +output "default_seclist_id_map" { + value = [ for k,v in merge(module.default-security-lists.*...) : v.default_seclist_id ] +} +*/ + +############################ +# Module Block - Network +# Create Custom Security Lists +############################ + +module "security-lists" { + source = "./modules/network/sec-list" + for_each = (var.seclists != null || var.seclists != {}) ? var.seclists : {} + + #Required + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + + vcn_id = length(regexall("ocid1.vcn.oc*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] + + key_name = each.key + defined_tags = each.value.defined_tags + display_name = each.value.display_name != null ? each.value.display_name : null + freeform_tags = each.value.freeform_tags + seclist_details = var.seclists +} + +/* +output "seclist_id_map" { + value = [ for k,v in merge(module.security-lists.*...) : v.seclist_id ] +} +*/ + ############################ # Module Block - Network # Create Default Route Tables @@ -542,46 +594,6 @@ output "drg_route_distribution_statements_id_map" { } */ - -############################# -# Data/Local Block - Network -# Subnets -############################## - -# Format : "vcn_name@dns_label@sec_list" => "vcn_name@dns_label@comp_name" -data "oci_core_security_lists" "security_lists" { - for_each = local.filtered_seclist_map - compartment_id = var.compartment_ocids[split("@", each.value)[2]] - #fetch vcn id based on vcn name - vcn_id = merge(module.vcns.*...)[split("@", each.value)[0]]["vcn_tf_id"] - display_name = length(each.key) > 2 ? trimprefix(trimprefix(split("@", each.key)[2], split("@", each.value)[0]), "_") : "Default Security List for ${split("@", each.value)[0]}" -} - -locals { - filtered_subnet_security_list_ids = { - for subnet_key, subnet_value in var.subnets : - # map for each subnet_key includes the compartment_id and a list of filtered security list IDs - "${subnet_value.vcn_id}@${subnet_value.dns_label}" => { - compartment_id = subnet_value.compartment_id, - security_list_ids = [for sec_id in subnet_value.security_list_ids : sec_id] - } - } - - #input to datasource for SL - filtered_seclist_map = merge(flatten([ - for subnet_key, subnet_value in local.filtered_subnet_security_list_ids : { - for seclist in subnet_value.security_list_ids : "${subnet_key}@${seclist}" => "${subnet_key}@${subnet_value.compartment_id}" - } - ])...) - - #Datasource output - security_lists_map = { - for key, data in data.oci_core_security_lists.security_lists : - # Check if data.security_lists is not empty and select the appropriate key-value pair - (endswith(key, "@") ? split("@", key)[0] : split("@", key)[2]) => (length(data.security_lists) > 0 ? data.security_lists[0].id : data.display_name)... - } -} - ############################# # Module Block - Network # Create Subnets @@ -591,7 +603,7 @@ module "subnets" { source = "./modules/network/subnet" for_each = (var.subnets != null || var.subnets != {}) ? var.subnets : {} - depends_on = [module.vcns] + depends_on = [module.vcns, module.security-lists] #Required tenancy_ocid = var.tenancy_ocid @@ -610,18 +622,15 @@ module "subnets" { availability_domain = each.value.availability_domain != "" && each.value.availability_domain != null ? data.oci_identity_availability_domains.availability_domains.availability_domains[each.value.availability_domain].name : "" dhcp_options_id = each.value.dhcp_options_id == null || each.value.dhcp_options_id == "" ? merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_dhcp_id"] : (length(regexall("ocid1.dhcpoptions.oc*", each.value.dhcp_options_id)) > 0 ? each.value.dhcp_options_id : merge(module.custom-dhcps.*...)[each.value.dhcp_options_id]["custom_dhcp_tf_id"]) route_table_id = each.value.route_table_id == null || each.value.route_table_id == "" ? merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_route_table_id"] : (length(regexall("ocid1.routetable.oc*", each.value.route_table_id)) > 0 ? each.value.route_table_id : merge(module.route-tables.*...)[each.value.route_table_id]["route_table_ids"]) + security_list_ids = length(each.value.security_list_ids) == 0 ? [merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_security_list_id"]] : each.value.security_list_ids vcn_default_security_list_id = merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_security_list_id"] - security_list_ids = length(each.value.security_list_ids) != 0 ? [for sl in each.value.security_list_ids : lookup(local.security_lists_map, sl != "" ? sl : each.value.vcn_id, [])] : [] - + custom_security_list_id = merge(module.security-lists.*...) } /* output "subnet_id_map" { value = [ for k,v in merge(module.subnets.*...) : v.subnet_id ] } -output "security_lists_output" { - value = data.oci_core_security_lists.security_lists -} */ ############################# diff --git a/cd3_automation_toolkit/user-scripts/terraform/seclist.tf b/cd3_automation_toolkit/user-scripts/terraform/seclist.tf deleted file mode 100644 index 65801ccb8..000000000 --- a/cd3_automation_toolkit/user-scripts/terraform/seclist.tf +++ /dev/null @@ -1,60 +0,0 @@ -############################ -# Module Block - Network -# Create Default Security Lists -############################ - -module "default-security-lists" { - source = "./modules/network/default-sec-list" - for_each = (var.default_seclists != null || var.default_seclists != {}) ? var.default_seclists : {} - - #Required - manage_default_resource_id = length(regexall("ocid1.vcn.oc*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_security_list_id"] - - key_name = each.key - defined_tags = each.value.defined_tags - display_name = each.value.display_name != null ? each.value.display_name : null - freeform_tags = each.value.freeform_tags - seclist_details = var.default_seclists -} - -/* -output "default_seclist_id_map" { - value = [ for k,v in merge(module.default-security-lists.*...) : v.default_seclist_id ] -} -*/ - - -############################ -# Module Block - Network -# Create Custom Security Lists -############################ - -data "oci_core_vcns" "oci_vcns_sec_lists" { - # depends_on = [module.vcns] # Uncomment to create Network and NSGs together - for_each = var.nsgs != null ? var.nsgs : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null - display_name = each.value.vcn_name -} - - -module "security-lists" { - source = "./modules/network/sec-list" - for_each = (var.seclists != null || var.seclists != {}) ? var.seclists : {} - - #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null - - vcn_id = length(regexall("ocid1.vcn.oc*", each.value.vcn_id)) > 0 ? each.value.vcn_id : flatten(data.oci_core_vcns.oci_vcns_sec_lists[each.key].virtual_networks.*.id)[0] - - key_name = each.key - defined_tags = each.value.defined_tags - display_name = each.value.display_name != null ? each.value.display_name : null - freeform_tags = each.value.freeform_tags - seclist_details = var.seclists -} - -/* -output "seclist_id_map" { - value = [ for k,v in merge(module.security-lists.*...) : v.seclist_id ] -} -*/ diff --git a/jenkins_install/scriptler/scripts/AdditionalFilters.groovy b/jenkins_install/scriptler/scripts/AdditionalFilters.groovy index 17df866e8..d64b726ea 100644 --- a/jenkins_install/scriptler/scripts/AdditionalFilters.groovy +++ b/jenkins_install/scriptler/scripts/AdditionalFilters.groovy @@ -11,26 +11,24 @@ for(item in string_list2.split(",")){ comp_options = comp_options+"" } -html_to_be_rendered = "" +html_to_be_rendered = "
    " if(Workflow.toLowerCase().contains("export")){ html_to_be_rendered = """ ${html_to_be_rendered} - + - - - - -
    (Leave empty to fetch from all regions)
    - - + + + + + - - - - -
    + + + + + """ } for (item in SubOptions.split(",")) { @@ -42,13 +40,12 @@ for (item in SubOptions.split(",")) { - + - - - + + """ } if (item.equals("Export Firewall Policy")) { @@ -57,9 +54,9 @@ for (item in SubOptions.split(",")) { - + - + """ } if (item.equals("Clone Firewall Policy")) { @@ -67,31 +64,30 @@ for (item in SubOptions.split(",")) { ${html_to_be_rendered} - - - + + + - - - + + + - + - - - - + + + - + """ } if (item.equals("Delete Firewall Policy")) { @@ -101,17 +97,17 @@ for (item in SubOptions.split(",")) { - + - + - + """ } if (item.equals("Export Block Volumes/Block Backup Policy")) { @@ -123,13 +119,12 @@ for (item in SubOptions.split(",")) { - + - - - + + """ } @@ -142,10 +137,9 @@ for (item in SubOptions.split(",")) { - + """ } if (item.equals('Upload current terraform files/state to Resource Manager')){ @@ -156,16 +150,14 @@ for (item in SubOptions.split(",")) { - - - - + + - + """ } @@ -177,13 +169,13 @@ for (item in SubOptions.split(",")) { - + - + """ } if (item.equals('Create Default Budget')){ @@ -194,13 +186,13 @@ for (item in SubOptions.split(",")) { - + - + """ } @@ -209,10 +201,10 @@ for (item in SubOptions.split(",")) { ${html_to_be_rendered} - + - + """ } @@ -230,11 +222,11 @@ for (item in SubChildOptions.split(",")) { - + """ } break } -html_to_be_rendered = "${html_to_be_rendered}


    		(eg AD1,AD2,AD3)
    (eg AD1,AD2,AD3)


    		(Leave empty if you need tool to generate the policy names)
    (Leave empty if you need tool to generate the policy names)



    		(eg AD1,AD2,AD3)
    (eg AD1,AD2,AD3)
    -



    " +html_to_be_rendered = "${html_to_be_rendered} " return html_to_be_rendered diff --git a/jenkins_install/scriptler/scripts/MainOptions.groovy b/jenkins_install/scriptler/scripts/MainOptions.groovy index b5d6f0f84..0abb16e34 100644 --- a/jenkins_install/scriptler/scripts/MainOptions.groovy +++ b/jenkins_install/scriptler/scripts/MainOptions.groovy @@ -16,7 +16,7 @@ return[ "Software-Defined Data Centers - OCVS", "CIS Compliance Features", "CD3 Services", -"Utility Services (Not Maintained By CD3)" +"3rd Party Services" ] } else if(Workflow.toLowerCase().contains("export")) { diff --git a/jenkins_install/scriptler/scripts/SubChildOptions.groovy b/jenkins_install/scriptler/scripts/SubChildOptions.groovy index 20f167787..d86bb2d04 100644 --- a/jenkins_install/scriptler/scripts/SubChildOptions.groovy +++ b/jenkins_install/scriptler/scripts/SubChildOptions.groovy @@ -21,7 +21,7 @@ for (item in SubOptions.split(",")) { if (item.equals("Network Security Groups")){ final_list += nsg } - if (item.equals("CIS Compliance Checking Script")){ + if (item.equals("CIS Compliance Check Script")){ final_list += cis } if (item.equals("ShowOCI Report")){ diff --git a/jenkins_install/scriptler/scripts/SubOptions.groovy b/jenkins_install/scriptler/scripts/SubOptions.groovy index 137bdecbc..172703321 100644 --- a/jenkins_install/scriptler/scripts/SubOptions.groovy +++ b/jenkins_install/scriptler/scripts/SubOptions.groovy @@ -12,7 +12,7 @@ List developer_services = ["DEVELOPER SERVICES:disabled","Add/Modify/Dele List logging_services = ["LOGGING SERVICES:disabled","Enable VCN Flow Logs", "Enable LBaaS Logs", "Enable Object Storage Buckets Write Logs"] List cis = ["CIS:disabled","Create Key/Vault", "Create Default Budget", "Enable Cloud Guard"] List cd3_services = ["CD3 SERVICES:disabled","Fetch Compartments OCIDs to variables file", "Fetch Protocols to OCI_Protocols"] -List utility_services = ["UTILITY SERVICES:disabled","CIS Compliance Checking Script", "ShowOCI Report"] +List utility_services = ["3rd Party Services:disabled","CIS Compliance Check Script", "ShowOCI Report"] List ex_identity = ["IDENTITY:disabled","Export Compartments/Groups/Policies", "Export Users", "Export Network Sources"] List ex_network = ["NETWORK:disabled","Export all Network Components", "Export Network components for VCNs/DRGs/DRGRouteRulesinOCI Tabs", "Export Network components for DHCP Tab", "Export Network components for SecRulesinOCI Tab", "Export Network components for RouteRulesinOCI Tab", "Export Network components for SubnetsVLANs Tab", "Export Network components for NSGs Tab"] @@ -69,7 +69,7 @@ final_list += cis if (item.equals("CD3 Services")){ final_list += cd3_services } -if (item.equals("Utility Services (Not Maintained By CD3)")){ +if (item.equals("3rd Party Services")){ final_list += utility_services } if (item.equals("Export Identity")){ diff --git a/jenkins_install/scriptler/scripts/ValidateParams.groovy b/jenkins_install/scriptler/scripts/ValidateParams.groovy index 92736d575..eaaf4d950 100644 --- a/jenkins_install/scriptler/scripts/ValidateParams.groovy +++ b/jenkins_install/scriptler/scripts/ValidateParams.groovy @@ -15,7 +15,7 @@ def validate_params(Workflow,MainOptions,SubOptions,SubChildOptions,AdditionalFi "Logging Services":["Enable VCN Flow Logs", "Enable LBaaS Logs", "Enable Object Storage Buckets Write Logs"], "CIS Compliance Features":["Create Key/Vault", "Create Default Budget", "Enable Cloud Guard"], "CD3 Services":["Fetch Compartments OCIDs to variables file", "Fetch Protocols to OCI_Protocols"], - "Utility Services (Not Maintained By CD3)":["CIS Compliance Checking Script", "ShowOCI Report"] + "3rd Party Services:["CIS Compliance Check Script", "ShowOCI Report"] ] def non_gf_options_map = [ "Export Identity":["Export Compartments/Groups/Policies", "Export Users", "Export Network Sources"], diff --git a/jenkins_install/setUpOCI_config.xml b/jenkins_install/setUpOCI_config.xml index b4544b185..b6435444f 100644 --- a/jenkins_install/setUpOCI_config.xml +++ b/jenkins_install/setUpOCI_config.xml @@ -304,8 +304,9 @@ pipeline { set +x if [[ -n "$Excel_Template_FILENAME" ]];then size=$(wc --bytes < "$Excel_Template") - if [[ ( $size -gt 300000 ) || ( $Excel_Template_FILENAME != *.xlsx ) ]]; then - echo "Failed" + if [[ ( $size -gt 1000000 ) || ( $Excel_Template_FILENAME != *.xlsx ) ]]; then + set -x + echo "Excel File Validation Failed" fi fi ''' , returnStdout: true).trim() diff --git a/jenkins_install/tf-apply.groovy b/jenkins_install/tf-apply.groovy index 0ed43ee6b..cc14a8455 100644 --- a/jenkins_install/tf-apply.groovy +++ b/jenkins_install/tf-apply.groovy @@ -6,7 +6,7 @@ pipeline { ansiColor('xterm') } stages { - stage('Read Jenkins Properties File and Set Environment Variables') { + stage('Set Environment Variables') { steps { script { def fileContent = readFile "${JENKINS_HOME}/jenkins.properties" diff --git a/jenkins_install/tf-destroy.groovy b/jenkins_install/tf-destroy.groovy index c43f848fc..a1269679e 100644 --- a/jenkins_install/tf-destroy.groovy +++ b/jenkins_install/tf-destroy.groovy @@ -7,7 +7,7 @@ pipeline { ansiColor('xterm') } stages { - stage('Read Jenkins Properties File and Set Environment Variables') { + stage('Set Environment Variables') { steps { script { def fileContent = readFile "${JENKINS_HOME}/jenkins.properties" From b4ad83f5a853b903e2599638d85dfa2a283c29a9 Mon Sep 17 00:00:00 2001 From: Suruchi Date: Mon, 22 Apr 2024 08:59:23 +0530 Subject: [PATCH 05/26] Automation Toolkit Release v2024.2.2 --- cd3_automation_toolkit/setUpOCI.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cd3_automation_toolkit/setUpOCI.py b/cd3_automation_toolkit/setUpOCI.py index 1fcb4919f..89c8ebb5e 100644 --- a/cd3_automation_toolkit/setUpOCI.py +++ b/cd3_automation_toolkit/setUpOCI.py @@ -388,7 +388,7 @@ def export_network(prim_options=[]): # Update modified path list regions_path = export_regions.copy() regions_path.append("global") - service_dirs = [service_dir_network, service_dir_seclist, service_dir_nsg, service_dir_vlan,'rpc'] + service_dirs = [service_dir_network, service_dir_nsg, service_dir_vlan,'rpc'] update_path_list(regions_path=regions_path, service_dirs=service_dirs) def export_networking(inputfile, outdir,config, signer, ct, export_regions): @@ -855,7 +855,7 @@ def create_network(execute_all=False,prim_options=[]): # Update modified path list regions_path = export_regions.copy() regions_path.append("global") - service_dirs = [service_dir_network,service_dir_seclist,service_dir_nsg, service_dir_vlan, 'rpc'] + service_dirs = [service_dir_network,service_dir_nsg, service_dir_vlan, 'rpc'] update_path_list(regions_path=regions_path, service_dirs=service_dirs) def modify_terraform_network(inputfile, outdir, service_dir, prefix, ct, non_gf_tenancy): From 95ff594358ff08de1288ab4d51e7ee5f0c364793 Mon Sep 17 00:00:00 2001 From: Suruchi Date: Mon, 22 Apr 2024 09:00:04 +0530 Subject: [PATCH 06/26] Automation Toolkit Release v2024.2.2 --- .../Network/BaseNetwork/create_all_tf_objects.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/cd3_automation_toolkit/Network/BaseNetwork/create_all_tf_objects.py b/cd3_automation_toolkit/Network/BaseNetwork/create_all_tf_objects.py index d2dcfac09..f79a04dc9 100644 --- a/cd3_automation_toolkit/Network/BaseNetwork/create_all_tf_objects.py +++ b/cd3_automation_toolkit/Network/BaseNetwork/create_all_tf_objects.py @@ -25,10 +25,8 @@ def create_all_tf_objects(inputfile, outdir, service_dir,prefix, ct, non_gf_tena os.makedirs(outdir) if len(service_dir) != 0: service_dir_network = service_dir['network'] - service_dir_seclist = service_dir['seclist'] else: service_dir_network = "" - service_dir_seclist = "" with section('Process VCNs Tab and DRGs Tab'): create_major_objects(inputfile, outdir, service_dir_network, prefix, ct, non_gf_tenancy, modify_network) create_terraform_defaults(inputfile, outdir, service_dir_network, prefix, ct, non_gf_tenancy, modify_network) From aadfe5727f922f184fb2468cf9dbc713c85943f2 Mon Sep 17 00:00:00 2001 From: Suruchi Date: Mon, 22 Apr 2024 09:00:46 +0530 Subject: [PATCH 07/26] Add files via upload --- jenkins_install/scriptler/scripts/SubOptions.groovy | 1 - jenkins_install/scriptler/scripts/ValidateParams.groovy | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/jenkins_install/scriptler/scripts/SubOptions.groovy b/jenkins_install/scriptler/scripts/SubOptions.groovy index 172703321..b7ca9ea99 100644 --- a/jenkins_install/scriptler/scripts/SubOptions.groovy +++ b/jenkins_install/scriptler/scripts/SubOptions.groovy @@ -13,7 +13,6 @@ List logging_services = ["LOGGING SERVICES:disabled","Enable VCN Flow Log List cis = ["CIS:disabled","Create Key/Vault", "Create Default Budget", "Enable Cloud Guard"] List cd3_services = ["CD3 SERVICES:disabled","Fetch Compartments OCIDs to variables file", "Fetch Protocols to OCI_Protocols"] List utility_services = ["3rd Party Services:disabled","CIS Compliance Check Script", "ShowOCI Report"] - List ex_identity = ["IDENTITY:disabled","Export Compartments/Groups/Policies", "Export Users", "Export Network Sources"] List ex_network = ["NETWORK:disabled","Export all Network Components", "Export Network components for VCNs/DRGs/DRGRouteRulesinOCI Tabs", "Export Network components for DHCP Tab", "Export Network components for SecRulesinOCI Tab", "Export Network components for RouteRulesinOCI Tab", "Export Network components for SubnetsVLANs Tab", "Export Network components for NSGs Tab"] List ex_firewall = ["OCI FIREWALL:disabled","Export Firewall Policy", "Export Firewall"] diff --git a/jenkins_install/scriptler/scripts/ValidateParams.groovy b/jenkins_install/scriptler/scripts/ValidateParams.groovy index eaaf4d950..196416905 100644 --- a/jenkins_install/scriptler/scripts/ValidateParams.groovy +++ b/jenkins_install/scriptler/scripts/ValidateParams.groovy @@ -15,7 +15,7 @@ def validate_params(Workflow,MainOptions,SubOptions,SubChildOptions,AdditionalFi "Logging Services":["Enable VCN Flow Logs", "Enable LBaaS Logs", "Enable Object Storage Buckets Write Logs"], "CIS Compliance Features":["Create Key/Vault", "Create Default Budget", "Enable Cloud Guard"], "CD3 Services":["Fetch Compartments OCIDs to variables file", "Fetch Protocols to OCI_Protocols"], - "3rd Party Services:["CIS Compliance Check Script", "ShowOCI Report"] + "3rd Party Services":["CIS Compliance Check Script", "ShowOCI Report"] ] def non_gf_options_map = [ "Export Identity":["Export Compartments/Groups/Policies", "Export Users", "Export Network Sources"], From 2b67f63a27bfb8118df7ad07974be396c85e7648 Mon Sep 17 00:00:00 2001 From: bhlohumi Date: Mon, 22 Apr 2024 12:09:11 +0530 Subject: [PATCH 08/26] Automation Toolkit Release v2024.2.2 --- cd3_automation_toolkit/setUpOCI.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cd3_automation_toolkit/setUpOCI.py b/cd3_automation_toolkit/setUpOCI.py index 89c8ebb5e..658f67be3 100644 --- a/cd3_automation_toolkit/setUpOCI.py +++ b/cd3_automation_toolkit/setUpOCI.py @@ -135,7 +135,7 @@ def execute_options(options, *args, **kwargs): for option in options: if option.name == "Execute All": continue - if option.name in ['Security Rules', 'Route Rules', 'DRG Route Rules', 'Network Security Groups','Customer Connectivity','CIS Compliance Check Script'] and devops: + if option.name in ['Security Rules', 'Route Rules', 'DRG Route Rules', 'Network Security Groups','Customer Connectivity'] and devops: with section(option.text): option.callback(*args, **kwargs,sub_options=sub_child_options) else: From fb12f08e8e447d48a7b9632301be0390bb0759ea Mon Sep 17 00:00:00 2001 From: bhlohumi Date: Mon, 22 Apr 2024 13:16:13 +0530 Subject: [PATCH 09/26] Automation Toolkit Release v2024.2.2 --- cd3_automation_toolkit/user-scripts/createTenancyConfig.py | 1 + 1 file changed, 1 insertion(+) diff --git a/cd3_automation_toolkit/user-scripts/createTenancyConfig.py b/cd3_automation_toolkit/user-scripts/createTenancyConfig.py index 8d0c5d219..db2db6101 100644 --- a/cd3_automation_toolkit/user-scripts/createTenancyConfig.py +++ b/cd3_automation_toolkit/user-scripts/createTenancyConfig.py @@ -255,6 +255,7 @@ def update_devops_config(prefix,git_config_file, repo_ssh_url,files_in_repo,dir_ subprocess.run(['git', 'config','--global','user.email',devops_user], cwd=devops_dir) subprocess.run(['git', 'config', '--global', 'user.name', devops_user], cwd=devops_dir) + subprocess.run(['git', 'config', '--global', 'init.defaultBranch', "main"], cwd=devops_dir) commit_id='None' try: subprocess.run(['git', 'commit', '-m','Initial commit from createTenancyConfig.py'], cwd=devops_dir,stdout=DEVNULL) From 15bbdd6bece77da98a0c4b254a952899ff118805 Mon Sep 17 00:00:00 2001 From: Suruchi Date: Mon, 22 Apr 2024 14:02:43 +0530 Subject: [PATCH 10/26] Automation Toolkit Release v2024.2.2 --- cd3_automation_toolkit/cd3Validator.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cd3_automation_toolkit/cd3Validator.py b/cd3_automation_toolkit/cd3Validator.py index 84def4aa1..e569bd1a7 100644 --- a/cd3_automation_toolkit/cd3Validator.py +++ b/cd3_automation_toolkit/cd3Validator.py @@ -1411,7 +1411,7 @@ def validate_buckets(filename, comp_ids): buckets_invalid_check = True #Check for valid destination region for enabling the replication policy - if columnname == 'Replication Policy': + if columnname == 'Replication Policy' and columnvalue != "nan": columnvalue = columnvalue.split("::") if len(columnvalue) == 3: replication_policy_name = columnvalue[0] From 47e884caa9afc72bf14f4e185657240218ae37de Mon Sep 17 00:00:00 2001 From: bhlohumi Date: Mon, 22 Apr 2024 15:01:29 +0530 Subject: [PATCH 11/26] Automation Toolkit Release v2024.2.2 --- cd3_automation_toolkit/setUpOCI.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/cd3_automation_toolkit/setUpOCI.py b/cd3_automation_toolkit/setUpOCI.py index 658f67be3..2dc62316f 100644 --- a/cd3_automation_toolkit/setUpOCI.py +++ b/cd3_automation_toolkit/setUpOCI.py @@ -1327,6 +1327,8 @@ def get_latest_showoci(outdir, prefix,config_file): def execute_showoci(outdir, prefix, config_file_path): + if not os.path.isfile("/cd3user/oci_tools/oci-python-sdk/examples/showoci/showoci.py"): + get_latest_showoci(outdir, prefix, config_file=config_file_path) cmd = "python /cd3user/oci_tools/oci-python-sdk/examples/showoci/showoci.py -a" split = str.split(cmd) dirname = prefix + "_showoci_report" @@ -1345,6 +1347,9 @@ def execute_showoci(outdir, prefix, config_file_path): split.extend(out) print("Executing: " + cmd) execute(split, config_file_path) + print("\n##############################") + print("ShowOCI report is available at : "+out_rep) + print("\n##############################") def run_showoci(outdir, prefix, config_file,sub_options=[]): From 69941c747b7fa4b56f86661a9c12913b67b73733 Mon Sep 17 00:00:00 2001 From: bhlohumi Date: Mon, 22 Apr 2024 20:51:54 +0530 Subject: [PATCH 12/26] Automation Toolkit Release v2024.2.2 --- jenkins_install/tf-apply.groovy | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/jenkins_install/tf-apply.groovy b/jenkins_install/tf-apply.groovy index cc14a8455..87bf8b50b 100644 --- a/jenkins_install/tf-apply.groovy +++ b/jenkins_install/tf-apply.groovy @@ -45,26 +45,26 @@ pipeline { // Assuming the job name format is /job//job/job_name def regionName = parts[1] def serviceName = parts[2] - // Set environment variables for reuse in subsequent stages env.Region = regionName env.Service = serviceName - - sh "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform init -upgrade" - - // Run Terraform plan and capture the output - terraformPlanOutput = sh(script: "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform plan -out=tfplan.out", returnStdout: true).trim() - } else { + } else { // Assuming the job name format is /job/job_name def regionName = parts[1] - + def serviceName = '' + if (regionName == 'global') { + serviceName = 'rpc' + } // Set environment variables for reuse in subsequent stages env.Region = regionName - sh "cd \"${WORKSPACE}/${env.Region}\" && terraform init -upgrade" + env.Service = serviceName + } + + def final_path = "${WORKSPACE}/${env.Region}/${env.Service}" + sh "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform init -upgrade" + // Run Terraform plan and capture the output + terraformPlanOutput = sh(script: "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform plan -out=tfplan.out", returnStdout: true).trim() - // Run Terraform plan and capture the output - terraformPlanOutput = sh(script: "cd \"${WORKSPACE}/${env.Region}\" && terraform plan -out=tfplan.out", returnStdout: true).trim() - } // Check if the plan contains any changes if (terraformPlanOutput.contains('No changes.')) { From 599deb460e1bd2879db97d06f1274d08a4af7fb9 Mon Sep 17 00:00:00 2001 From: bhlohumi Date: Mon, 22 Apr 2024 23:48:43 +0530 Subject: [PATCH 13/26] Automation Toolkit Release v2024.2.2 --- jenkins_install/tf-apply.groovy | 1 - jenkins_install/tf-destroy.groovy | 21 ++++++++++----------- 2 files changed, 10 insertions(+), 12 deletions(-) diff --git a/jenkins_install/tf-apply.groovy b/jenkins_install/tf-apply.groovy index 87bf8b50b..e7e3a2c9a 100644 --- a/jenkins_install/tf-apply.groovy +++ b/jenkins_install/tf-apply.groovy @@ -60,7 +60,6 @@ pipeline { env.Service = serviceName } - def final_path = "${WORKSPACE}/${env.Region}/${env.Service}" sh "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform init -upgrade" // Run Terraform plan and capture the output terraformPlanOutput = sh(script: "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform plan -out=tfplan.out", returnStdout: true).trim() diff --git a/jenkins_install/tf-destroy.groovy b/jenkins_install/tf-destroy.groovy index a1269679e..6844e1c8a 100644 --- a/jenkins_install/tf-destroy.groovy +++ b/jenkins_install/tf-destroy.groovy @@ -49,22 +49,21 @@ pipeline { env.Region = regionName env.Service = serviceName - sh "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform init -upgrade" - //sh "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform plan -destroy" - - // Run Terraform plan - terraformPlanOutput = sh(script: "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform plan -destroy", returnStdout: true).trim() - } else { + } else { // Assuming job name format is /job/job_name def regionName = parts[1] + def serviceName = '' + if (regionName == 'global') { + serviceName = 'rpc' + } // Set environment variables for reuse env.Region = regionName + env.Service = serviceName - sh "cd \"${WORKSPACE}/${env.Region}\" && terraform init -upgrade" - - // Run Terraform plan - terraformPlanOutput = sh(script: "cd \"${WORKSPACE}/${env.Region}\" && terraform plan -destroy", returnStdout: true).trim() - } + } + sh "cd \"${WORKSPACE}/${env.Region}\" && terraform init -upgrade" + // Run Terraform plan + terraformPlanOutput = sh(script: "cd \"${WORKSPACE}/${env.Region}\" && terraform plan -destroy", returnStdout: true).trim() // Check if the plan contains any changes if (terraformPlanOutput.contains('No changes.')) { From 3953af53b293252895565651e052585ff5e899da Mon Sep 17 00:00:00 2001 From: bhlohumi Date: Mon, 22 Apr 2024 23:57:45 +0530 Subject: [PATCH 14/26] Automation Toolkit Release v2024.2.2 --- cd3_automation_toolkit/user-scripts/createTenancyConfig.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cd3_automation_toolkit/user-scripts/createTenancyConfig.py b/cd3_automation_toolkit/user-scripts/createTenancyConfig.py index db2db6101..386e35d77 100644 --- a/cd3_automation_toolkit/user-scripts/createTenancyConfig.py +++ b/cd3_automation_toolkit/user-scripts/createTenancyConfig.py @@ -581,7 +581,7 @@ def create_bucket(config, signer): cred_name = prefix+"-automation-toolkit-csk" # Get user ocid for DevOps User Name - if "ocid1.user.oc1" not in remote_state_user: + if "ocid1.user.oc" not in remote_state_user: if '@' in remote_state_user: remote_state_user = remote_state_user.rsplit("@",1)[0] @@ -933,7 +933,7 @@ def create_bucket(config, signer): git_config_file = config_files + "/" + prefix + "_git_config" #Get Username from $user_ocid if $oci_devops_git_user is left empty - if "ocid1.user.oc1" in devops_user: + if "ocid1.user.oc" in devops_user: identity_client = oci.identity.IdentityClient(config=new_config, retry_strategy=oci.retry.DEFAULT_RETRY_STRATEGY, signer=signer) From dc4409122cc7687a6035196aabfeddc854598994 Mon Sep 17 00:00:00 2001 From: bhlohumi Date: Tue, 23 Apr 2024 00:37:55 +0530 Subject: [PATCH 15/26] Automation Toolkit Release v2024.2.2 --- jenkins_install/tf-apply.groovy | 97 ++++++++----------------------- jenkins_install/tf-destroy.groovy | 95 ++++++------------------------ 2 files changed, 42 insertions(+), 150 deletions(-) diff --git a/jenkins_install/tf-apply.groovy b/jenkins_install/tf-apply.groovy index e7e3a2c9a..ee352678c 100644 --- a/jenkins_install/tf-apply.groovy +++ b/jenkins_install/tf-apply.groovy @@ -1,5 +1,4 @@ def tf_plan = "Changes" - pipeline { agent any options { @@ -12,7 +11,6 @@ pipeline { def fileContent = readFile "${JENKINS_HOME}/jenkins.properties" // Split file content into lines def lines = fileContent.readLines() - // Process each line to extract variable name and value def variables = [:] lines.each { line -> @@ -21,9 +19,23 @@ pipeline { variables[parts[0].trim()] = parts[1].trim() } } - def variableOds = variables['outdir_structure'].toString().replaceAll("\\[|\\]", '').replaceAll('"', '') env.out_str = "${variableOds}" + def jobName = env.JOB_NAME + def parts = jobName.split('/') + if (env.out_str == 'Multiple_Outdir') { + // Assuming the job name format is /job//job/job_name + env.Region = parts[1] + env.Service = parts[2] + } + else { + // Assuming the job name format is /job/job_name + env.Region = parts[1] + env.Service = '' + if (env.Region == 'global') { + env.Service = 'rpc' + } + } } } } @@ -38,33 +50,9 @@ pipeline { steps { catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { script { - def jobName = env.JOB_NAME - def parts = jobName.split('/') - - if (env.out_str == 'Multiple_Outdir') { - // Assuming the job name format is /job//job/job_name - def regionName = parts[1] - def serviceName = parts[2] - // Set environment variables for reuse in subsequent stages - env.Region = regionName - env.Service = serviceName - } else { - // Assuming the job name format is /job/job_name - def regionName = parts[1] - def serviceName = '' - if (regionName == 'global') { - serviceName = 'rpc' - } - // Set environment variables for reuse in subsequent stages - env.Region = regionName - env.Service = serviceName - } - sh "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform init -upgrade" // Run Terraform plan and capture the output terraformPlanOutput = sh(script: "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform plan -out=tfplan.out", returnStdout: true).trim() - - // Check if the plan contains any changes if (terraformPlanOutput.contains('No changes.')) { echo 'No changes in Terraform plan. Skipping further stages.' @@ -92,18 +80,10 @@ pipeline { steps { catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { script { - if (env.out_str == 'Multiple_Outdir') { - // Run Terraform show and capture the output - sh "set +x && cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform show -json tfplan.out > tfplan.json" - // Run OPA eval - opaOutput = sh(script: "opa eval -f pretty -b /cd3user/oci_tools/cd3_automation_toolkit/user-scripts/OPA/ -i \"${WORKSPACE}/${env.Region}/${env.Service}/tfplan.json\" data.terraform.deny", returnStdout: true).trim() - } else { - // Run Terraform show and capture the output - sh "set +x && cd \"${WORKSPACE}/${env.Region}\" && terraform show -json tfplan.out > tfplan.json" - // Run OPA eval - opaOutput = sh(script: "opa eval -f pretty -b /cd3user/oci_tools/cd3_automation_toolkit/user-scripts/OPA/ -i \"${WORKSPACE}/${env.Region}/tfplan.json\" data.terraform.deny", returnStdout: true).trim() - } - + // Run Terraform show and capture the output + sh "set +x && cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform show -json tfplan.out > tfplan.json" + // Run OPA eval + opaOutput = sh(script: "opa eval -f pretty -b /cd3user/oci_tools/cd3_automation_toolkit/user-scripts/OPA/ -i \"${WORKSPACE}/${env.Region}/${env.Service}/tfplan.json\" data.terraform.deny", returnStdout: true).trim() if (opaOutput == '[]') { echo "No OPA rules are violated. Proceeding with the next stage." } else { @@ -152,11 +132,8 @@ pipeline { steps { catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { script { - if (env.out_str == 'Multiple_Outdir') { - sh "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform apply --auto-approve tfplan.out" - } else { - sh "cd \"${WORKSPACE}/${env.Region}\" && terraform apply --auto-approve tfplan.out" - } + sh "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform apply --auto-approve tfplan.out" + } } } @@ -174,7 +151,6 @@ pipeline { steps { catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { script { - if (env.out_str == 'Multiple_Outdir') { try { sh ''' set +x @@ -184,9 +160,7 @@ pipeline { repo_name=${GIT_URL##*/} cd ${WORKSPACE}/../${BUILD_NUMBER}/${repo_name} git checkout main - reg=`echo ${JOB_NAME}| cut -d "/" -f2` - service=`echo ${JOB_NAME}| cut -d "/" -f3` - copy_path=${reg}/${service} + copy_path=${env.Region}/${env.Service} cp -r ${WORKSPACE}/${copy_path}/* ${copy_path}/ git add ${copy_path}* ''' @@ -201,39 +175,14 @@ pipeline { sh ''' set +x repo_name=${GIT_URL##*/} - reg=`echo ${JOB_NAME}| cut -d "/" -f2` - service=`echo ${JOB_NAME}| cut -d "/" -f3` cd ${WORKSPACE}/../${BUILD_NUMBER}/${repo_name} git_status=`git status --porcelain` if [[ $git_status ]]; then - git commit -m "commit for terraform-apply build - ${BUILD_NUMBER} for "${reg}"/"${service} + git commit -m "commit for terraform-apply build - ${BUILD_NUMBER} for "${env.Region}"/"${env.Service} else echo "Nothing to commit" fi ''' - } else { - try { - sh ''' - mkdir -p ${WORKSPACE}/../${BUILD_NUMBER} - cd ${WORKSPACE}/../${BUILD_NUMBER} - git clone ${GIT_URL} - repo_name=${GIT_URL##*/} - cd ${WORKSPACE}/../${BUILD_NUMBER}/${repo_name} - git checkout main - reg=`echo ${JOB_NAME}| cut -d "/" -f2` - copy_path=${reg} - cp -r ${WORKSPACE}/${copy_path}/* ${copy_path}/ - git add ${copy_path}* - ''' - } catch(Exception e1) { - println(e1) - sh ''' - cd ${WORKSPACE}/.. - rm -rf ${WORKSPACE}/../${BUILD_NUMBER} - exit 1 - ''' - } - } } } } diff --git a/jenkins_install/tf-destroy.groovy b/jenkins_install/tf-destroy.groovy index 6844e1c8a..0b0c7cd8f 100644 --- a/jenkins_install/tf-destroy.groovy +++ b/jenkins_install/tf-destroy.groovy @@ -25,6 +25,21 @@ pipeline { def variableOds = variables['outdir_structure'].toString().replaceAll("\\[|\\]", '').replaceAll('"', '') env.out_str = "${variableOds}" + def jobName = env.JOB_NAME + def parts = jobName.split('/') + if (env.out_str == 'Multiple_Outdir') { + // Assuming the job name format is /job//job/job_name + env.Region = parts[1] + env.Service = parts[2] + } + else { + // Assuming the job name format is /job/job_name + env.Region = parts[1] + env.Service = '' + if (env.Region == 'global') { + env.Service = 'rpc' + } + } } } } @@ -37,33 +52,10 @@ pipeline { steps { catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { script { - def jobName = env.JOB_NAME - def parts = jobName.split('/') - - if (env.out_str == 'Multiple_Outdir') { - // Assuming the job name format is /job//job/job_name - def regionName = parts[1] - def serviceName = parts[2] - - // Set environment variables for reuse in subsequent stages - env.Region = regionName - env.Service = serviceName - - } else { - // Assuming job name format is /job/job_name - def regionName = parts[1] - def serviceName = '' - if (regionName == 'global') { - serviceName = 'rpc' - } - // Set environment variables for reuse - env.Region = regionName - env.Service = serviceName - } - sh "cd \"${WORKSPACE}/${env.Region}\" && terraform init -upgrade" + sh "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform init -upgrade" // Run Terraform plan - terraformPlanOutput = sh(script: "cd \"${WORKSPACE}/${env.Region}\" && terraform plan -destroy", returnStdout: true).trim() + terraformPlanOutput = sh(script: "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform plan -destroy", returnStdout: true).trim() // Check if the plan contains any changes if (terraformPlanOutput.contains('No changes.')) { @@ -107,12 +99,8 @@ pipeline { steps { catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { script { - if (env.out_str == 'Multiple_Outdir') { - sh "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform destroy --auto-approve" - } else { - sh "cd \"${WORKSPACE}/${env.Region}\" && terraform destroy --auto-approve" - } - } + sh "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform destroy --auto-approve" + } } } } @@ -129,18 +117,15 @@ pipeline { steps { catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { script { - if (env.out_str == 'Multiple_Outdir') { def buildDir = "${WORKSPACE}/${BUILD_NUMBER}" // Create directory with build number sh "mkdir -p ${buildDir}" - // Commit changes to the main branch dir(buildDir) { sh """ git clone ${GIT_URL} cd \$(ls -d */|head -n 1) git checkout main - ls -lrtha cd "${env.Region}/${env.Service}" git pull --no-edit origin main rm -f *.tfvars @@ -170,48 +155,6 @@ pipeline { } } } - } else { - def buildDir = "${WORKSPACE}/${BUILD_NUMBER}" - // Create a directory with the build number - sh "mkdir -p ${buildDir}" - - // Commit the changes to the main branch - dir(buildDir) { - sh """ - git clone ${GIT_URL} - cd \$(ls -d */|head -n 1) - git checkout main - cd "${env.Region}" - git pull --no-edit origin main - rm -f *.tfvars - git rm *.tfvars - git status - git add --all . - """ - - def git_status = false - while (!git_status) { - // Execute the git commands using shell - def gitResult = sh(script: """ - cd "\$(ls -d */|head -n 1)" - cd "${env.Region}" - ls -lrtha - git fetch origin main - git merge origin/main - git commit -m "commit for terraform-destroy build - ${BUILD_NUMBER} for "${env.Region} - - git push --porcelain origin main - """, returnStatus: true) - - if (gitResult == 0) { - git_status = true - } else { - echo "Git operation failed, retrying...." - sleep 3 // 3 seconds before retrying - } - } - } - } } } } From e856ac4f9c5e064ff3bf06061c4c27e13c963af2 Mon Sep 17 00:00:00 2001 From: bhlohumi Date: Tue, 23 Apr 2024 12:24:44 +0530 Subject: [PATCH 16/26] Automation Toolkit Release v2024.2.2 --- cd3_automation_toolkit/cd3Validator.py | 27 +++++++++-- jenkins_install/tf-apply.groovy | 66 +++++++++++++++++++++++++- 2 files changed, 87 insertions(+), 6 deletions(-) diff --git a/cd3_automation_toolkit/cd3Validator.py b/cd3_automation_toolkit/cd3Validator.py index e569bd1a7..43c08f456 100644 --- a/cd3_automation_toolkit/cd3Validator.py +++ b/cd3_automation_toolkit/cd3Validator.py @@ -1386,14 +1386,17 @@ def validate_buckets(filename, comp_ids): if columnvalue.lower() not in ['standard','archive']: log(f'ROW {i + 3} : Value of "Storage Tier" can be only either "Standard" or "Archive".') buckets_invalid_check = True - + elif columnvalue.lower() == 'archive': + auto_tiering_index = dfcolumns.index('Auto Tiering') + if auto_tiering_index != -1 and str(dfbuckets.loc[i, 'Auto Tiering']).strip().lower() == 'enabled': + log(f'ROW {i + 3} : Auto Tiering cannot be "Enabled" when Storage Tier is "Archive".') + buckets_invalid_check = True if columnname == 'Auto Tiering': if columnvalue.lower() not in ['enabled','disabled']: log(f'ROW {i + 3} : Value of "Auto Tiering" can be only either "Enabled" or "Disabled".') buckets_invalid_check = True - if columnname == 'Object Versioning': if columnvalue.lower() not in ['enabled','disabled']: log(f'ROW {i + 3} : Value of "Object Versioning" can be only either "Enabled" or "Disabled".') @@ -1410,7 +1413,7 @@ def validate_buckets(filename, comp_ids): log(f'ROW {i + 3} : Value of "Visibility" can be only either "Private" or "Public".') buckets_invalid_check = True - #Check for valid destination region for enabling the replication policy + # Check for valid destination region for enabling the replication policy if columnname == 'Replication Policy' and columnvalue != "nan": columnvalue = columnvalue.split("::") if len(columnvalue) == 3: @@ -1430,6 +1433,8 @@ def validate_buckets(filename, comp_ids): log(f'ROW {i + 3} : The replication policy format is incorrect.') buckets_invalid_check = True + # Get the current time + current_time = datetime.datetime.utcnow() #Check for the retention policy details if columnname == 'Retention Rules': rule_values = columnvalue.split("\n") @@ -1481,6 +1486,21 @@ def validate_buckets(filename, comp_ids): log(f'ROW {i + 3} : "time_rule_locked" of retention rule is not in valid format. It should be in the format "dd-mm-yyyy".') buckets_invalid_check = True continue + # Parse the time_rule_locked into a datetime object + try: + time_rule_locked_datetime = datetime.datetime.strptime(time_rule_locked, "%Y-%m-%dT%H:%M:%SZ") + except ValueError: + log(f'ROW {i + 3} : "time_rule_locked" of retention rule is not in valid format. It should be in the format "YYYY-MM-DDThh:mm:ssZ".') + buckets_invalid_check = True + continue + + # Calculate the difference between current time and time_rule_locked + time_difference = time_rule_locked_datetime - current_time + + # Check if the difference is less than 14 days + if time_difference.days < 14: + log(f'ROW {i + 3} : "time_rule_locked" of retention rule must be more than 14 days from the current time.') + buckets_invalid_check = True # Check for the Lifecycle Policy Details if lifecycle_input == True: @@ -1494,7 +1514,6 @@ def validate_buckets(filename, comp_ids): 'multipart-uploads::Abort' ] - # Check if "Lifecycle Target and Action" is empty if columnname == 'Lifecycle Target and Action': if columnvalue != 'nan' and columnvalue not in valid_options: diff --git a/jenkins_install/tf-apply.groovy b/jenkins_install/tf-apply.groovy index ee352678c..b41421483 100644 --- a/jenkins_install/tf-apply.groovy +++ b/jenkins_install/tf-apply.groovy @@ -151,6 +151,7 @@ pipeline { steps { catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { script { + if (env.out_str == 'Multiple_Outdir') { try { sh ''' set +x @@ -160,7 +161,9 @@ pipeline { repo_name=${GIT_URL##*/} cd ${WORKSPACE}/../${BUILD_NUMBER}/${repo_name} git checkout main - copy_path=${env.Region}/${env.Service} + reg=`echo ${JOB_NAME}| cut -d "/" -f2` + service=`echo ${JOB_NAME}| cut -d "/" -f3` + copy_path=${reg}/${service} cp -r ${WORKSPACE}/${copy_path}/* ${copy_path}/ git add ${copy_path}* ''' @@ -175,14 +178,73 @@ pipeline { sh ''' set +x repo_name=${GIT_URL##*/} + reg=`echo ${JOB_NAME}| cut -d "/" -f2` + service=`echo ${JOB_NAME}| cut -d "/" -f3` cd ${WORKSPACE}/../${BUILD_NUMBER}/${repo_name} git_status=`git status --porcelain` if [[ $git_status ]]; then - git commit -m "commit for terraform-apply build - ${BUILD_NUMBER} for "${env.Region}"/"${env.Service} + git commit -m "commit for terraform-apply build - ${BUILD_NUMBER} for "${reg}"/"${service} else echo "Nothing to commit" fi ''' + status = sh(script: ''' + set +x + repo_name=${GIT_URL##*/} + cd ${WORKSPACE}/../${BUILD_NUMBER}/${repo_name} + git pull --no-edit origin main + git push --porcelain origin main + ''', returnStatus: true) + + while (status != 0){ + println("Trying again ...") + status = sh(script: ''' + set +x + repo_name=${GIT_URL##*/} + cd ${WORKSPACE}/../${BUILD_NUMBER}/${repo_name} + git pull --no-edit origin main + set -x + git push --porcelain origin main + ''', returnStatus: true) + } + sh ''' + set +x + rm -rf ${WORKSPACE}/../${BUILD_NUMBER} + ''' + + } else { + try { + sh ''' + mkdir -p ${WORKSPACE}/../${BUILD_NUMBER} + cd ${WORKSPACE}/../${BUILD_NUMBER} + git clone ${GIT_URL} + repo_name=${GIT_URL##*/} + cd ${WORKSPACE}/../${BUILD_NUMBER}/${repo_name} + git checkout main + reg=`echo ${JOB_NAME}| cut -d "/" -f2` + copy_path=${reg} + cp -r ${WORKSPACE}/${copy_path}/* ${copy_path}/ + git add ${copy_path}* + git_status=`git status --porcelain` + if [[ $git_status ]]; then + git commit -m "commit for terraform-apply build - ${BUILD_NUMBER} for "${reg}"/"${service} + git push origin main + else + echo "Nothing to commit" + fi + cd ${WORKSPACE}/.. + rm -rf ${WORKSPACE}/../${BUILD_NUMBER} + ''' + } catch(Exception e1) { + println(e1) + sh ''' + cd ${WORKSPACE}/.. + rm -rf ${WORKSPACE}/../${BUILD_NUMBER} + exit 1 + ''' + } + + } } } } From b6186c0dd364505ba652b3b062725bf155298e51 Mon Sep 17 00:00:00 2001 From: bhlohumi Date: Tue, 23 Apr 2024 12:26:41 +0530 Subject: [PATCH 17/26] Automation Toolkit Release v2024.2.2 --- .../Governance/Tagging/create_terraform_tags.py | 12 ++++++------ .../Governance/Tagging/export_tags_nonGreenField.py | 5 ++++- .../Tagging/templates/tags-defaults-template | 2 +- 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/cd3_automation_toolkit/Governance/Tagging/create_terraform_tags.py b/cd3_automation_toolkit/Governance/Tagging/create_terraform_tags.py index 0c7eea34f..c2a16a46a 100644 --- a/cd3_automation_toolkit/Governance/Tagging/create_terraform_tags.py +++ b/cd3_automation_toolkit/Governance/Tagging/create_terraform_tags.py @@ -216,23 +216,23 @@ def create_terraform_tags(inputfile, outdir, service_dir, prefix, ct): if default_value != "" and str(default_value).lower() != "nan": if '$' in default_value and default_value.count('$') == 1: default_value = str(default_value).strip().replace('$','$$') - #is_required = 'false' #Uncomment this line if needed - columnvalue = key_tf_name+"="+default_compartment+"="+default_value#+"="+is_required #Uncomment this if needed + is_required = 'false' #Uncomment this line if needed + columnvalue = key_tf_name+"="+default_compartment+"="+default_value+"="+is_required #Uncomment this if needed if columnvalue not in default_tags: default_tags.append(columnvalue) else: if default_value == '' or default_value.strip().lower() == 'nan': if str(df.loc[i,'Validator']).strip() != '' and str(df.loc[i,'Validator']).strip().lower() != 'nan' and str(df.loc[i,'Validator']).strip() != []: - #is_required_updated = 'true' #Uncomment this if needed + is_required_updated = 'true' #Uncomment this if needed default_value = values_list[0] - columnvalue = key_tf_name+"="+default_compartment+"="+default_value#+"="+is_required_updated #Uncomment this if needed + columnvalue = key_tf_name+"="+default_compartment+"="+default_value+"="+is_required_updated #Uncomment this if needed if columnvalue not in default_tags: default_tags.append(columnvalue) else: if str(df.loc[i, 'Validator']).strip() == '' or str(df.loc[i, 'Validator']).strip().lower() == 'nan': - #is_required_updated = 'true' #Uncomment this if needed + is_required_updated = 'true' #Uncomment this if needed default_value = '-' - columnvalue = key_tf_name+"="+default_compartment+"="+default_value#+"="+is_required_updated #Uncomment this if needed + columnvalue = key_tf_name+"="+default_compartment+"="+default_value+"="+is_required_updated #Uncomment this if needed if columnvalue not in default_tags: default_tags.append(columnvalue) diff --git a/cd3_automation_toolkit/Governance/Tagging/export_tags_nonGreenField.py b/cd3_automation_toolkit/Governance/Tagging/export_tags_nonGreenField.py index 8c79a4439..9d4a9e500 100644 --- a/cd3_automation_toolkit/Governance/Tagging/export_tags_nonGreenField.py +++ b/cd3_automation_toolkit/Governance/Tagging/export_tags_nonGreenField.py @@ -149,7 +149,10 @@ def export_tags_nongreenfield(inputfile, outdir, service_dir, config, signer, ct if tag_defaults.data != []: for tag_default in tag_defaults.data: if tag_default.tag_definition_name != '(deleted tag definition)': - add_values_in_dict(tag_default_comps_map, tag_default.tag_definition_id+"="+tag_default.tag_definition_name, [ntk_compartment_name+"="+tag_default.value]) + my_val=tag_default.value + if tag_default.is_required==True: + my_val="" + add_values_in_dict(tag_default_comps_map, tag_default.tag_definition_id+"="+tag_default.tag_definition_name, [ntk_compartment_name+"="+my_val]) defaultcomp_to_tagid_map.update({ commonTools.check_tf_variable(str(tag_default.tag_definition_name).replace('\\','\\\\'))+"-"+commonTools.check_tf_variable(ntk_compartment_name) : tag_default.id }) comp_ocid_done = [] diff --git a/cd3_automation_toolkit/Governance/Tagging/templates/tags-defaults-template b/cd3_automation_toolkit/Governance/Tagging/templates/tags-defaults-template index 6fe837dab..3e7bc73ea 100644 --- a/cd3_automation_toolkit/Governance/Tagging/templates/tags-defaults-template +++ b/cd3_automation_toolkit/Governance/Tagging/templates/tags-defaults-template @@ -22,7 +22,7 @@ tag_defaults = { compartment_id = "{{ tags.split('=')[1] }}" value = "{{ tags.split('=')[2] }}" - {# is_required = {{ tags.split('=')[3] }} #} {# Uncomment this line if needed #} + is_required = {{ tags.split('=')[3] }} #} }, {% endfor %} From 5f766f8dded95f01dcf5bd40455c525366c9bf22 Mon Sep 17 00:00:00 2001 From: bhlohumi Date: Tue, 23 Apr 2024 15:24:04 +0530 Subject: [PATCH 18/26] Automation Toolkit Release v2024.2.2 --- Dockerfile | 2 +- OCIWorkVMStack/scripts/installToolkit.sh | 2 +- cd3_automation_toolkit/setUpOCI.py | 14 +++++++++----- .../scriptler/scripts/AdditionalFilters.groovy | 2 +- 4 files changed, 12 insertions(+), 8 deletions(-) diff --git a/Dockerfile b/Dockerfile index 06471e52f..b877c4260 100644 --- a/Dockerfile +++ b/Dockerfile @@ -69,4 +69,4 @@ COPY --chown=cd3user:cd3user jenkins_install/plugins.txt ${REF}/plugins.txt RUN sudo java -jar ${JENKINS_INSTALL}/jenkins-plugin-manager.jar --war ${JENKINS_INSTALL}/jenkins.war --verbose -f ${REF}/plugins.txt && \ sudo chown -R cd3user:cd3user ${JENKINS_INSTALL} && \ - sudo chmod +x ${JENKINS_INSTALL}/jenkins.sh \ No newline at end of file + sudo chmod +x ${JENKINS_INSTALL}/jenkins.sh diff --git a/OCIWorkVMStack/scripts/installToolkit.sh b/OCIWorkVMStack/scripts/installToolkit.sh index 0ebd4fb85..eb33b876b 100644 --- a/OCIWorkVMStack/scripts/installToolkit.sh +++ b/OCIWorkVMStack/scripts/installToolkit.sh @@ -67,7 +67,7 @@ echo "********************************************************" >> $logfile 2>&1 echo "########################################################" >> $logfile 2>&1 echo "Downloading CD3 Automation Toolkit Code from Github " >> $logfile 2>&1 echo "########################################################" >> $logfile 2>&1 -sudo git clone https://github.com/oracle-devrel/cd3-automation-toolkit.git -b develop $toolkit_dir >> $logfile 2>&1 +sudo git clone https://github.com/oracle-devrel/cd3-automation-toolkit.git -b develop $toolkit_dir >> $logfile 2>&1 stop_exec sudo ls -la /tmp/githubCode >> $logfile 2>&1 echo "Downloading CD3 Automation Toolkit Code from Github completed successfully" >> $logfile 2>&1 diff --git a/cd3_automation_toolkit/setUpOCI.py b/cd3_automation_toolkit/setUpOCI.py index 2dc62316f..2b20c3ec6 100644 --- a/cd3_automation_toolkit/setUpOCI.py +++ b/cd3_automation_toolkit/setUpOCI.py @@ -1330,6 +1330,12 @@ def execute_showoci(outdir, prefix, config_file_path): if not os.path.isfile("/cd3user/oci_tools/oci-python-sdk/examples/showoci/showoci.py"): get_latest_showoci(outdir, prefix, config_file=config_file_path) cmd = "python /cd3user/oci_tools/oci-python-sdk/examples/showoci/showoci.py -a" + if auth_mechanism == "instance_principal": + cmd += " -ip" + elif auth_mechanism == "session_token": + cmd += " -is" + else: + cmd += " -cf "+config_file_path split = str.split(cmd) dirname = prefix + "_showoci_report" resource = "showoci_report" @@ -1342,14 +1348,12 @@ def execute_showoci(outdir, prefix, config_file_path): else: commonTools.backup_file(outdir, resource, out_rep) out_file = out_rep+"/"+prefix - out = ["-cf", config_file_path, '-csv', out_file] - cmd = cmd + " " + out[0] + " " + out[1] + " " + out[2] + " " + out[3] + out = ['-csv', out_file] + cmd = cmd + " " + out[0] + " " + out[1] split.extend(out) print("Executing: " + cmd) execute(split, config_file_path) - print("\n##############################") - print("ShowOCI report is available at : "+out_rep) - print("\n##############################") + def run_showoci(outdir, prefix, config_file,sub_options=[]): diff --git a/jenkins_install/scriptler/scripts/AdditionalFilters.groovy b/jenkins_install/scriptler/scripts/AdditionalFilters.groovy index d64b726ea..db01fc1a8 100644 --- a/jenkins_install/scriptler/scripts/AdditionalFilters.groovy +++ b/jenkins_install/scriptler/scripts/AdditionalFilters.groovy @@ -19,7 +19,7 @@ html_to_be_rendered = """ - + From 90015a9599086713d938be2bf1df33deba443855 Mon Sep 17 00:00:00 2001 From: Suruchi Date: Tue, 23 Apr 2024 15:47:03 +0530 Subject: [PATCH 19/26] Automation Toolkit Release v2024.2.2 --- jenkins_install/tf-apply.groovy | 1 + 1 file changed, 1 insertion(+) diff --git a/jenkins_install/tf-apply.groovy b/jenkins_install/tf-apply.groovy index b41421483..ecbbf36cf 100644 --- a/jenkins_install/tf-apply.groovy +++ b/jenkins_install/tf-apply.groovy @@ -202,6 +202,7 @@ pipeline { set +x repo_name=${GIT_URL##*/} cd ${WORKSPACE}/../${BUILD_NUMBER}/${repo_name} + git config pull.rebase true git pull --no-edit origin main set -x git push --porcelain origin main From 61292d62451121a1fbf342368bf6fd26b5cbf525 Mon Sep 17 00:00:00 2001 From: bhlohumi Date: Tue, 23 Apr 2024 17:13:21 +0530 Subject: [PATCH 20/26] Automation Toolkit Release v2024.2.2 --- cd3_automation_toolkit/setUpOCI.py | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/cd3_automation_toolkit/setUpOCI.py b/cd3_automation_toolkit/setUpOCI.py index 2b20c3ec6..102eee940 100644 --- a/cd3_automation_toolkit/setUpOCI.py +++ b/cd3_automation_toolkit/setUpOCI.py @@ -1289,6 +1289,12 @@ def start_cis_download(outdir, prefix, config_file): def start_cis_scan(outdir, prefix, config_file): cmd = "python cis_reports.py" + if auth_mechanism == "instance_principal": + cmd += " -ip" + elif auth_mechanism == "session_token": + cmd += " -st" + else: + cmd += " -c "+config_file if not devops: user_input = input("Enter command to execute the script. Press Enter to execute {} : ".format(cmd)) if user_input!='': @@ -1306,8 +1312,8 @@ def start_cis_scan(outdir, prefix, config_file): else: commonTools.backup_file(outdir, resource, out_rep) - out = ["-c", config_file, '--report-directory', out_rep] - cmd = cmd +" "+ out[0] + " "+out[1] + " "+ out[2] + " " +out[3] + out = ['--report-directory', out_rep] + cmd = cmd +" "+ out[0] + " "+out[1] split.extend(out) print("Executing: "+cmd) print("Scan started!") From 69037cd026ec814793b50aa016b0bec6e804f5ed Mon Sep 17 00:00:00 2001 From: bhlohumi Date: Wed, 24 Apr 2024 21:41:57 +0530 Subject: [PATCH 21/26] Automation Toolkit Release v2024.2.2 --- ...port_events_notifications_nonGreenField.py | 19 +-- .../Monitoring/create_terraform_alarms.py | 2 +- .../Monitoring/templates/alarms-template | 6 + cd3_automation_toolkit/cd3Validator.py | 119 +++++++++--------- cd3_automation_toolkit/setUpOCI.py | 1 - .../user-scripts/createTenancyConfig.py | 19 ++- .../user-scripts/tenancyconfig.properties | 9 +- 7 files changed, 97 insertions(+), 78 deletions(-) diff --git a/cd3_automation_toolkit/ManagementServices/EventsAndNotifications/export_events_notifications_nonGreenField.py b/cd3_automation_toolkit/ManagementServices/EventsAndNotifications/export_events_notifications_nonGreenField.py index e409ed891..f8ee99793 100644 --- a/cd3_automation_toolkit/ManagementServices/EventsAndNotifications/export_events_notifications_nonGreenField.py +++ b/cd3_automation_toolkit/ManagementServices/EventsAndNotifications/export_events_notifications_nonGreenField.py @@ -118,15 +118,16 @@ def print_events(values_for_column_events, region, ntk_compartment_name, event, data = str(condition["data"]) else: data = "{}" - for val in condition["eventType"]: - if "oraclecloud" in val: - service = val.split("com.oraclecloud.")[1] - elif "oracle" in val: - service = val.split("com.oracle.")[1] - event_prod = service.split('.', 1)[0] - event_res = service.split('.', 1)[1] - if ( action_name != "" ): - events_rows(values_for_column_events, region, ntk_compartment_name, event_name, event_desc, action_type, action_is_enabled, action_description, event_prod, event_res,data, event_is_enabled, action_name, event, event_info) + if "eventType" in condition: + for val in condition["eventType"]: + if "oraclecloud" in val: + service = val.split("com.oraclecloud.")[1] + elif "oracle" in val: + service = val.split("com.oracle.")[1] + event_prod = service.split('.', 1)[0] + event_res = service.split('.', 1)[1] + if ( action_name != "" ): + events_rows(values_for_column_events, region, ntk_compartment_name, event_name, event_desc, action_type, action_is_enabled, action_description, event_prod, event_res,data, event_is_enabled, action_name, event, event_info) if ( i > 0 and action_name != ""): events_rows(values_for_column_events, region, ntk_compartment_name, event_name, event_desc, action_type, action_is_enabled, action_description, event_prod, event_res,data, event_is_enabled, action_name, event, event_info) i = i + 1 diff --git a/cd3_automation_toolkit/ManagementServices/Monitoring/create_terraform_alarms.py b/cd3_automation_toolkit/ManagementServices/Monitoring/create_terraform_alarms.py index 66496d6dc..aa1ce0cbf 100644 --- a/cd3_automation_toolkit/ManagementServices/Monitoring/create_terraform_alarms.py +++ b/cd3_automation_toolkit/ManagementServices/Monitoring/create_terraform_alarms.py @@ -161,7 +161,7 @@ def create_terraform_alarms(inputfile, outdir, service_dir, prefix, ct): # Write all info to TF string - tfStr[region]=tfStr[region][:-1] +alarms_template.render(tempStr) + tfStr[region]=tfStr[region][:-2] +alarms_template.render(tempStr) # Write to output for reg in ct.all_regions: diff --git a/cd3_automation_toolkit/ManagementServices/Monitoring/templates/alarms-template b/cd3_automation_toolkit/ManagementServices/Monitoring/templates/alarms-template index 6070aa289..3e0823d91 100644 --- a/cd3_automation_toolkit/ManagementServices/Monitoring/templates/alarms-template +++ b/cd3_automation_toolkit/ManagementServices/Monitoring/templates/alarms-template @@ -22,7 +22,13 @@ alarms = { query = "{{ query }}" severity = "{{ severity }}" {% if body and body != "" %} + {% if '\n' not in body %} body = "{{ body }}" + {% else %} + body = <<-EOF + {{ body }} + EOF + {% endif %} {% endif %} {% if message_format and message_format != "" %} diff --git a/cd3_automation_toolkit/cd3Validator.py b/cd3_automation_toolkit/cd3Validator.py index 43c08f456..ec7231603 100644 --- a/cd3_automation_toolkit/cd3Validator.py +++ b/cd3_automation_toolkit/cd3Validator.py @@ -1397,9 +1397,10 @@ def validate_buckets(filename, comp_ids): log(f'ROW {i + 3} : Value of "Auto Tiering" can be only either "Enabled" or "Disabled".') buckets_invalid_check = True + # Check for the Object Versioning column if columnname == 'Object Versioning': - if columnvalue.lower() not in ['enabled','disabled']: - log(f'ROW {i + 3} : Value of "Object Versioning" can be only either "Enabled" or "Disabled".') + if columnvalue.lower() not in ['enabled', 'disabled']: + log(f'ROW {i + 3} : Value of "Object Versioning" can only be "Enabled" or "Disabled".') buckets_invalid_check = True if columnname == 'Emit Object Events': @@ -1438,69 +1439,74 @@ def validate_buckets(filename, comp_ids): #Check for the retention policy details if columnname == 'Retention Rules': rule_values = columnvalue.split("\n") - retention_rules = [] - for rule in rule_values: - rule_components = rule.split("::") - if len(rule_components) >= 1: - retention_rule_display_name = rule_components[0] - time_unit = None - time_amount = None - time_rule_locked = None - - if len(rule_components) >= 2: - if rule_components[1].lower() == 'indefinite': - time_amount = None - else: - time_amount = rule_components[1] - if not time_amount.isdigit(): - log(f'ROW {i + 3} : "time_amount" of retention rule is not in valid format. It should be an "integer" or "indefinite".') - buckets_invalid_check = True - continue + if rule_values and str(dfbuckets.loc[i, 'Object Versioning']).strip().lower() == 'enabled': + log(f'ROW {i + 3} : Retention policy cannot be created when Object Versioning is enabled.') + buckets_invalid_check = True + + elif rule_values and str(dfbuckets.loc[i, 'Object Versioning']).strip().lower() == 'disabled': + retention_rules = [] + for rule in rule_values: + rule_components = rule.split("::") + if len(rule_components) >= 1: + retention_rule_display_name = rule_components[0] + time_unit = None + time_amount = None + time_rule_locked = None + + if len(rule_components) >= 2: + if rule_components[1].lower() == 'indefinite': + time_amount = None else: - time_amount = int(time_amount) + time_amount = rule_components[1] + if not time_amount.isdigit(): + log(f'ROW {i + 3} : "time_amount" of retention rule is not in valid format. It should be an "integer" or "indefinite".') + buckets_invalid_check = True + continue + else: + time_amount = int(time_amount) - if len(rule_components) >= 3: - time_unit = rule_components[2].upper() - if time_unit not in ('DAYS', 'YEARS'): - log(f'ROW {i + 3} : "time_unit" of retention rule is not in valid format. It should be either DAYS or YEARS.') - buckets_invalid_check = True - else: - # If time_unit is valid, set the flag to True for processing time_rule_locked - process_time_rule_locked = True - - if len(rule_components) == 4 and process_time_rule_locked: - time_rule_locked = rule_components[3] - if time_rule_locked.endswith(".000Z"): - time_rule_locked = time_rule_locked[:-5] + "Z" - elif not re.match(r"\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}Z|\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.\d{3}Z",time_rule_locked): - # Convert from "dd-mm-yyyy" to "YYYY-MM-DDThh:mm:ssZ" format - if re.match(r"\d{2}-\d{2}-\d{4}", time_rule_locked): - try: - datetime_obj = datetime.datetime.strptime(time_rule_locked, "%d-%m-%Y") - time_rule_locked = datetime_obj.strftime("%Y-%m-%dT%H:%M:%SZ") - except ValueError: + if len(rule_components) >= 3: + time_unit = rule_components[2].upper() + if time_unit not in ('DAYS', 'YEARS'): + log(f'ROW {i + 3} : "time_unit" of retention rule is not in valid format. It should be either DAYS or YEARS.') + buckets_invalid_check = True + else: + # If time_unit is valid, set the flag to True for processing time_rule_locked + process_time_rule_locked = True + + if len(rule_components) == 4 and process_time_rule_locked: + time_rule_locked = rule_components[3] + if time_rule_locked.endswith(".000Z"): + time_rule_locked = time_rule_locked[:-5] + "Z" + elif not re.match(r"\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}Z|\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.\d{3}Z",time_rule_locked): + # Convert from "dd-mm-yyyy" to "YYYY-MM-DDThh:mm:ssZ" format + if re.match(r"\d{2}-\d{2}-\d{4}", time_rule_locked): + try: + datetime_obj = datetime.datetime.strptime(time_rule_locked, "%d-%m-%Y") + time_rule_locked = datetime_obj.strftime("%Y-%m-%dT%H:%M:%SZ") + except ValueError: + log(f'ROW {i + 3} : "time_rule_locked" of retention rule is not in valid format. It should be in the format "dd-mm-yyyy".') + buckets_invalid_check = True + continue + else: log(f'ROW {i + 3} : "time_rule_locked" of retention rule is not in valid format. It should be in the format "dd-mm-yyyy".') buckets_invalid_check = True continue - else: - log(f'ROW {i + 3} : "time_rule_locked" of retention rule is not in valid format. It should be in the format "dd-mm-yyyy".') + # Parse the time_rule_locked into a datetime object + try: + time_rule_locked_datetime = datetime.datetime.strptime(time_rule_locked, "%Y-%m-%dT%H:%M:%SZ") + except ValueError: + log(f'ROW {i + 3} : "time_rule_locked" of retention rule is not in valid format. It should be in the format "YYYY-MM-DDThh:mm:ssZ".') buckets_invalid_check = True continue - # Parse the time_rule_locked into a datetime object - try: - time_rule_locked_datetime = datetime.datetime.strptime(time_rule_locked, "%Y-%m-%dT%H:%M:%SZ") - except ValueError: - log(f'ROW {i + 3} : "time_rule_locked" of retention rule is not in valid format. It should be in the format "YYYY-MM-DDThh:mm:ssZ".') - buckets_invalid_check = True - continue - # Calculate the difference between current time and time_rule_locked - time_difference = time_rule_locked_datetime - current_time + # Calculate the difference between current time and time_rule_locked + time_difference = time_rule_locked_datetime - current_time - # Check if the difference is less than 14 days - if time_difference.days < 14: - log(f'ROW {i + 3} : "time_rule_locked" of retention rule must be more than 14 days from the current time.') - buckets_invalid_check = True + # Check if the difference is less than 14 days + if time_difference.days < 14: + log(f'ROW {i + 3} : "time_rule_locked" of retention rule must be more than 14 days from the current time.') + buckets_invalid_check = True # Check for the Lifecycle Policy Details if lifecycle_input == True: @@ -1545,6 +1551,7 @@ def validate_buckets(filename, comp_ids): if time_unit not in ['days','years']: log(f'ROW {i + 3} : Invalid time amount. "Lifecycle Rule Period" must be "DAYS" or "YEARS".') buckets_invalid_check = True + else: log(f'ROW {i + 3} : Invalid format for "Lifecycle Rule Period" ') buckets_invalid_check = True diff --git a/cd3_automation_toolkit/setUpOCI.py b/cd3_automation_toolkit/setUpOCI.py index 102eee940..d19040938 100644 --- a/cd3_automation_toolkit/setUpOCI.py +++ b/cd3_automation_toolkit/setUpOCI.py @@ -1300,7 +1300,6 @@ def start_cis_scan(outdir, prefix, config_file): if user_input!='': cmd = "{}".format(user_input) split = str.split(cmd) - dirname = prefix + "_cis_report" resource = "cis_report" out_rep = outdir + '/'+ dirname diff --git a/cd3_automation_toolkit/user-scripts/createTenancyConfig.py b/cd3_automation_toolkit/user-scripts/createTenancyConfig.py index 386e35d77..4c5456be6 100644 --- a/cd3_automation_toolkit/user-scripts/createTenancyConfig.py +++ b/cd3_automation_toolkit/user-scripts/createTenancyConfig.py @@ -148,10 +148,10 @@ def create_devops_resources(config,signer): def update_devops_config(prefix,git_config_file, repo_ssh_url,files_in_repo,dir_values,devops_user,devops_user_key,devops_dir,ct): # create git config file file = open(git_config_file, "w") - file.write("Host devops.scmservice.*.oci.oraclecloud.com\n " - "StrictHostKeyChecking no\n " - "User "+str(devops_user)+"\n " - "IdentityFile "+str(devops_user_key)+"\n") + file.write("Host devops.scmservice.*.oci"+cloud_domain+"\n " + "StrictHostKeyChecking no\n " + "User " + str(devops_user) + "\n " + "IdentityFile " + str(devops_user_key) + "\n") file.close() @@ -205,6 +205,8 @@ def update_devops_config(prefix,git_config_file, repo_ssh_url,files_in_repo,dir_ cfg = yaml.dump(cfg, stream=yaml_file, default_flow_style=False, sort_keys=False) # Clean repo config if exists and initiate git repo subprocess.run(['git', 'init'], cwd=devops_dir,stdout=DEVNULL) + subprocess.run(['git', 'config', '--global', 'init.defaultBranch', "main"], cwd=devops_dir) + subprocess.run(['git', 'config', '--global', 'safe.directory', devops_dir], cwd=devops_dir) f = open(devops_dir + ".gitignore", "w") git_ignore_file_data = ".DS_Store\n*tfstate*\n*terraform*\ntfplan.out\ntfplan.json\n*backup*\ntf_import_commands*\n*cis_report*\n*showoci_report*\n*.safe\n*stacks.zip\n*cd3Validator*" f.write(git_ignore_file_data) @@ -255,7 +257,6 @@ def update_devops_config(prefix,git_config_file, repo_ssh_url,files_in_repo,dir_ subprocess.run(['git', 'config','--global','user.email',devops_user], cwd=devops_dir) subprocess.run(['git', 'config', '--global', 'user.name', devops_user], cwd=devops_dir) - subprocess.run(['git', 'config', '--global', 'init.defaultBranch', "main"], cwd=devops_dir) commit_id='None' try: subprocess.run(['git', 'commit', '-m','Initial commit from createTenancyConfig.py'], cwd=devops_dir,stdout=DEVNULL) @@ -349,11 +350,17 @@ def create_bucket(config, signer): user='' _key_path='' fingerprint='' + cloud_domain='' tenancy = config.get('Default', 'tenancy_ocid').strip() if tenancy == "" or tenancy == "\n": print("Tenancy ID cannot be left empty...Exiting !!") exit(1) + if ("ocid1.tenancy.oc1" in tenancy): + cloud_domain=".oraclecloud.com" + else: + cloud_domain=".oraclegovcloud.com" + auth_mechanism = config.get('Default', 'auth_mechanism').strip().lower() if auth_mechanism == "" or auth_mechanism == "\n" or (auth_mechanism!='api_key' and auth_mechanism!='session_token' and auth_mechanism!='instance_principal'): @@ -673,7 +680,7 @@ def create_bucket(config, signer): elif line.__contains__("region = "): global_backend_file_data += " region = \"" + bucket_region + "\"\n" elif line.__contains__("endpoint = "): - global_backend_file_data += " endpoint = \"https://" + namespace + ".compat.objectstorage." + bucket_region + ".oraclecloud.com\"\n" + global_backend_file_data += " endpoint = \"https://" + namespace + ".compat.objectstorage." + bucket_region + cloud_domain + "\"\n" elif line.__contains__("shared_credentials_file = "): global_backend_file_data += " shared_credentials_file = \"" + s3_credential_file_path + "\"\n" else: diff --git a/cd3_automation_toolkit/user-scripts/tenancyconfig.properties b/cd3_automation_toolkit/user-scripts/tenancyconfig.properties index f41aedecb..d5283792f 100644 --- a/cd3_automation_toolkit/user-scripts/tenancyconfig.properties +++ b/cd3_automation_toolkit/user-scripts/tenancyconfig.properties @@ -74,15 +74,14 @@ use_oci_devops_git=no # in ${region}. oci_devops_git_repo_name= -# User Details to perform GIT operations in OCI Devops GIT Repo; Mandatory when using $(auth_mechanism) as instance_principal +# User Details to perform GIT operations in OCI Devops GIT Repo and Remote Terraform State Management; Mandatory when using $(auth_mechanism) as instance_principal # or session_token -# Format: /@ eg oracleidentitycloudservice/devopsuser@oracle.com@ocitenant +# Customer Secret Key will be created for this user for S3 credentials of the bucket. # When left empty, it will be fetched from $(user_ocid) for $(auth_mechanism) as api_key. -# Customer Secret Key will also be configured for this user for S3 credentials of the bucket when $(auth_mechanism) is -# instance_principal or session_token +# Format: /@ eg oracleidentitycloudservice/devopsuser@oracle.com@ocitenant oci_devops_git_user= + # When left empty, same key file from $(key_path) used for $(auth_mechanism) as api_key will be copied to # /cd3user/tenancies// and used for GIT Operations. -# Make sure the api key file permissions are rw(600) for cd3user oci_devops_git_key= From 319bb483f906f6b4b4be78f10bd15d7d30908076 Mon Sep 17 00:00:00 2001 From: bhlohumi Date: Mon, 29 Apr 2024 09:51:18 +0530 Subject: [PATCH 22/26] Automation Toolkit Release v2024.2.2 --- .../Tagging/templates/tags-defaults-template | 2 +- .../export_network_nonGreenField.py | 17 ++++++++------- cd3_automation_toolkit/OCI_Regions | 1 - .../templates/blockvolumes-template | 2 +- cd3_automation_toolkit/setUpOCI.py | 1 + .../user-scripts/createTenancyConfig.py | 21 +++++++++++++++++-- .../user-scripts/terraform/loadbalancer.tf | 2 +- .../terraform/networkloadbalancer.tf | 1 + .../user-scripts/terraform/sddc.tf | 6 +++--- jenkins_install/tf-apply.groovy | 3 +++ jenkins_install/tf-destroy.groovy | 1 - 11 files changed, 39 insertions(+), 18 deletions(-) diff --git a/cd3_automation_toolkit/Governance/Tagging/templates/tags-defaults-template b/cd3_automation_toolkit/Governance/Tagging/templates/tags-defaults-template index 3e7bc73ea..524068db5 100644 --- a/cd3_automation_toolkit/Governance/Tagging/templates/tags-defaults-template +++ b/cd3_automation_toolkit/Governance/Tagging/templates/tags-defaults-template @@ -22,7 +22,7 @@ tag_defaults = { compartment_id = "{{ tags.split('=')[1] }}" value = "{{ tags.split('=')[2] }}" - is_required = {{ tags.split('=')[3] }} #} + is_required = {{ tags.split('=')[3] }} }, {% endfor %} diff --git a/cd3_automation_toolkit/Network/BaseNetwork/export_network_nonGreenField.py b/cd3_automation_toolkit/Network/BaseNetwork/export_network_nonGreenField.py index 45ab59960..ff633e3dc 100644 --- a/cd3_automation_toolkit/Network/BaseNetwork/export_network_nonGreenField.py +++ b/cd3_automation_toolkit/Network/BaseNetwork/export_network_nonGreenField.py @@ -300,8 +300,8 @@ def get_rpc_resources(source_region, SOURCE_RPC_LIST, dest_rpc_dict, rpc_source_ dest_drg_rt_name = "" drg_rt_import_dist_name = "" dest_drg_rt_import_dist_name = "" - source_rpc_comp_name = "" - dest_rpc_comp_name = "" + source_drg_comp_name = "" + dest_drg_comp_name = "" dest_rpc_display_name = "" dest_import_rt_statements = None import_rt_statements = None @@ -330,12 +330,13 @@ def get_comp_details(comp_data): # Check peering is alive if source_rpc_peer_id is not None and new_rpc.peering_status == "PEERED": - source_rpc_comp_name = get_comp_details(new_rpc.compartment_id) source_rpc_display_name = new_rpc.display_name source_rpc_drg_id = new_rpc.drg_id dest_rpc_id = new_rpc.peer_id dest_region = new_rpc.peer_region_name.split("-")[1] source_rpc_drg_name = getattr(rpc_source_client.get_drg(drg_id=source_rpc_drg_id).data, 'display_name') + source_drg_comp_name = get_comp_details( + getattr(rpc_source_client.get_drg(drg_id=source_rpc_drg_id).data, 'compartment_id')) rpc_tf_name = commonTools.check_tf_variable(new_rpc.display_name) # Fetch source attach list id @@ -377,7 +378,7 @@ def get_comp_details(comp_data): remote_peering_connection_id=source_rpc_peer_id) dest_rpc_drg_id = dest_rpc.drg_id dest_rpc_drg_name = getattr(client.get_drg(drg_id=dest_rpc_drg_id).data, 'display_name') - dest_rpc_comp_name = get_comp_details(dest_rpc.compartment_id) + dest_drg_comp_name = get_comp_details(getattr(client.get_drg(drg_id=dest_rpc_drg_id).data, 'compartment_id')) dest_rpc_display_name = dest_rpc.display_name dest_drg_rpc_attachment_list = client.list_drg_attachments( compartment_id=dest_rpc_comp_id, attachment_type="REMOTE_PEERING_CONNECTION", @@ -412,11 +413,11 @@ def get_comp_details(comp_data): if col_header == 'Region': values_for_column[col_header].append(source_region) elif col_header == 'Attached To': - # Format is RPC::region::dest_rpc_comp_name::dest_rpc_drg_name + # Format is RPC::region::dest_rpc_drg_name attach_to = "RPC::" + dest_region.lower() + "::" + dest_rpc_drg_name values_for_column[col_header].append(attach_to) elif col_header == 'Compartment Name': - values_for_column[col_header].append(source_rpc_comp_name) + values_for_column[col_header].append(source_drg_comp_name) elif col_header == 'RPC Display Name': values_for_column[col_header].append(source_rpc_display_name) elif col_header == 'DRG Name': @@ -461,11 +462,11 @@ def get_comp_details(comp_data): if col_header == 'Region': values_for_column[col_header].append(dest_region.capitalize()) elif col_header == 'Attached To': - # Format is RPC::region::dest_rpc_comp_name::dest_rpc_drg_name + # Format is RPC::region::source_rpc_drg_name attach_to = "RPC::" + source_region.lower() + "::" + source_rpc_drg_name values_for_column[col_header].append(attach_to) elif col_header == 'Compartment Name': - values_for_column[col_header].append(dest_rpc_comp_name) + values_for_column[col_header].append(dest_drg_comp_name) elif col_header == 'RPC Display Name': values_for_column[col_header].append(dest_rpc_display_name) elif col_header == 'DRG Name': diff --git a/cd3_automation_toolkit/OCI_Regions b/cd3_automation_toolkit/OCI_Regions index 4e245dce9..5e23efe50 100644 --- a/cd3_automation_toolkit/OCI_Regions +++ b/cd3_automation_toolkit/OCI_Regions @@ -1,5 +1,4 @@ #Region:Region_Key -saltlake:us-saltlake-2 amsterdam:eu-amsterdam-1 stockholm:eu-stockholm-1 abudhabi:me-abudhabi-1 diff --git a/cd3_automation_toolkit/Storage/BlockVolume/templates/blockvolumes-template b/cd3_automation_toolkit/Storage/BlockVolume/templates/blockvolumes-template index a255bb0d9..152cd6805 100644 --- a/cd3_automation_toolkit/Storage/BlockVolume/templates/blockvolumes-template +++ b/cd3_automation_toolkit/Storage/BlockVolume/templates/blockvolumes-template @@ -71,7 +71,7 @@ blockvolumes = { {% endif %} {% if is_pv_encryption_in_transit_enabled %} - is_pv_encryption_in_transit_enabled = "{{ is_pv_encryption_in_transit_enabled }}" + is_pv_encryption_in_transit_enabled = {{ is_pv_encryption_in_transit_enabled }} {% endif %} {% if is_shareable %} diff --git a/cd3_automation_toolkit/setUpOCI.py b/cd3_automation_toolkit/setUpOCI.py index d19040938..f4ca48fad 100644 --- a/cd3_automation_toolkit/setUpOCI.py +++ b/cd3_automation_toolkit/setUpOCI.py @@ -1262,6 +1262,7 @@ def enable_cis_cloudguard(*args,**kwargs): region = input("Enter Reporting Region for Cloud Guard eg london: ") else: region = ct.cg_region + region = region.lower() options = [Option(None, Security.enable_cis_cloudguard, 'Enabling Cloud Guard')] execute_options(options, outdir, service_dir_cloud_guard, prefix, ct, region) # Update modified path list diff --git a/cd3_automation_toolkit/user-scripts/createTenancyConfig.py b/cd3_automation_toolkit/user-scripts/createTenancyConfig.py index 4c5456be6..bf3d08fbd 100644 --- a/cd3_automation_toolkit/user-scripts/createTenancyConfig.py +++ b/cd3_automation_toolkit/user-scripts/createTenancyConfig.py @@ -839,9 +839,26 @@ def create_bucket(config, signer): rewrite_backend.write(new_backend_data) rewrite_backend.close() - # Manage multiple outdir + # Manage single and multiple outdir if (outdir_structure_file == '' or outdir_structure_file == "\n"): - pass + #remove depends_on for single outdir + region_dir = terraform_files + "/" + region + "/" + single_outdir_config = configparser.RawConfigParser() + single_outdir_config.read("/cd3user/oci_tools/cd3_automation_toolkit/user-scripts/.outdir_structure_file.properties") + keys = [] + for key, val in single_outdir_config.items("Default"): + keys.append(key) + for file in os.listdir(region_dir): + name=file.removesuffix(".tf") + if name in keys: + file=region_dir+"/"+file + with open(file, 'r+') as tf_file: + module_data = tf_file.read().rstrip() + module_data = module_data.replace("# depends_on", "depends_on") + tf_file.close() + f = open(file, "w+") + f.write(module_data) + f.close() else: region_dir = terraform_files + "/" + region + "/" for service, service_dir in outdir_config.items("Default"): diff --git a/cd3_automation_toolkit/user-scripts/terraform/loadbalancer.tf b/cd3_automation_toolkit/user-scripts/terraform/loadbalancer.tf index 0235ba8d9..6abc408a2 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/loadbalancer.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/loadbalancer.tf @@ -36,7 +36,7 @@ locals { } module "load-balancers" { - # depends_on = [module.vcns, module.subnets] # Uncomment to execute Networking and Load Balancer together + # depends_on = [module.vcns, module.subnets] # Uncomment to execute Networking and Load Balancer together source = "./modules/loadbalancer/lb-load-balancer" for_each = var.load_balancers != null ? var.load_balancers : {} diff --git a/cd3_automation_toolkit/user-scripts/terraform/networkloadbalancer.tf b/cd3_automation_toolkit/user-scripts/terraform/networkloadbalancer.tf index 6e8264d4f..293f3ea9f 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/networkloadbalancer.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/networkloadbalancer.tf @@ -72,6 +72,7 @@ module "nlb-backend-sets" { module "nlb-backends" { source = "./modules/networkloadbalancer/nlb-backend" + # depends_on = [module.instances] # Uncomment to create Network and NLBs together for_each = var.nlb_backends != null ? var.nlb_backends : {} backend_set_name = merge(module.nlb-backend-sets.*...)[each.value.backend_set_name]["nlb_backend_set_tf_name"] network_load_balancer_id = length(regexall("ocid1.loadbalancer.oc*", each.value.network_load_balancer_id)) > 0 ? each.value.network_load_balancer_id : merge(module.network-load-balancers.*...)[each.value.network_load_balancer_id]["network_load_balancer_tf_id"] diff --git a/cd3_automation_toolkit/user-scripts/terraform/sddc.tf b/cd3_automation_toolkit/user-scripts/terraform/sddc.tf index 57aebd2db..a0ac66449 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/sddc.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/sddc.tf @@ -52,14 +52,14 @@ data "oci_core_volumes" "ds_volumes" { data "oci_core_vcns" "oci_vcns_sddc" { - # depends_on = [module.vcns] # Uncomment to create Network and Instances together + # depends_on = [module.vcns] # Uncomment to create Network and SDDC together for_each = var.sddcs != null ? var.sddcs : {} compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.vcn_name } data "oci_core_subnets" "oci_subnets_sddc" { - # depends_on = [module.subnets] # Uncomment to create Network and Instances together + # depends_on = [module.subnets] # Uncomment to create Network and SDDC together for_each = var.sddcs != null ? var.sddcs : {} compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.provisioning_subnet_id @@ -76,7 +76,7 @@ data "oci_core_vlans" "sddc_vlan_id" { module "sddcs" { - #depends_on = [module.vlans] + # depends_on = [module.vlans] # Uncomment to create Network and SDDC together source = "./modules/sddc" for_each = var.sddcs != null ? var.sddcs : {} compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null diff --git a/jenkins_install/tf-apply.groovy b/jenkins_install/tf-apply.groovy index ecbbf36cf..e180317bb 100644 --- a/jenkins_install/tf-apply.groovy +++ b/jenkins_install/tf-apply.groovy @@ -216,6 +216,7 @@ pipeline { } else { try { sh ''' + set +x mkdir -p ${WORKSPACE}/../${BUILD_NUMBER} cd ${WORKSPACE}/../${BUILD_NUMBER} git clone ${GIT_URL} @@ -229,6 +230,8 @@ pipeline { git_status=`git status --porcelain` if [[ $git_status ]]; then git commit -m "commit for terraform-apply build - ${BUILD_NUMBER} for "${reg}"/"${service} + git config pull.rebase true + git pull --no-edit origin main git push origin main else echo "Nothing to commit" diff --git a/jenkins_install/tf-destroy.groovy b/jenkins_install/tf-destroy.groovy index 0b0c7cd8f..aa0ab8afa 100644 --- a/jenkins_install/tf-destroy.groovy +++ b/jenkins_install/tf-destroy.groovy @@ -129,7 +129,6 @@ pipeline { cd "${env.Region}/${env.Service}" git pull --no-edit origin main rm -f *.tfvars - git rm *.tfvars git status git add --all . """ From eaec7aee64bc5ee1a230d99fdce8d0ad1806fb93 Mon Sep 17 00:00:00 2001 From: bhlohumi Date: Tue, 30 Apr 2024 11:08:34 +0530 Subject: [PATCH 23/26] Automation Toolkit Release v2024.2.2 --- cd3_automation_toolkit/Release-Notes | 3 ++- cd3_automation_toolkit/user-scripts/terraform/fss.tf | 2 +- cd3_automation_toolkit/user-scripts/terraform/loadbalancer.tf | 2 +- .../user-scripts/terraform/networkloadbalancer.tf | 1 + 4 files changed, 5 insertions(+), 3 deletions(-) diff --git a/cd3_automation_toolkit/Release-Notes b/cd3_automation_toolkit/Release-Notes index 273235842..d800612e4 100644 --- a/cd3_automation_toolkit/Release-Notes +++ b/cd3_automation_toolkit/Release-Notes @@ -7,7 +7,8 @@ Apr 30, 2024 3. Dropdowns for Region and Compartment while running setUpOCI using Jenkins. 4. Fix Image OCIDs for OCI Work VM deployment using RM stack. 5. Option to execute 3rd Party Services from CD3 - Show OCI along with CIS Compliance Check script -5. Upgrade of existing terraform modules - identity, buckets, LBaaS, NLBs, +6. Upgrade of existing terraform modules - identity, buckets, LBaaS, NLBs (without DNS health check as of now). +7. Enhance CD3 Validator for OCI Buckets. ------------------------------------- CD3 Automation Toolkit Tag v2024.2.0 diff --git a/cd3_automation_toolkit/user-scripts/terraform/fss.tf b/cd3_automation_toolkit/user-scripts/terraform/fss.tf index 8ff897116..5c5fb81f3 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/fss.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/fss.tf @@ -21,7 +21,7 @@ data "oci_core_vcns" "oci_vcns_fss" { } module "mts" { - # depends_on = [module.vcns, module.subnets] # Uncomment to execute Networking and Mount Target together + # depends_on = [module.vcns, module.subnets,module.nsgs]] # Uncomment to execute Networking and Mount Target together #Required source = "./modules/storage/file-storage/mount-target" for_each = (var.mount_targets != null || var.mount_targets != {}) ? var.mount_targets : {} diff --git a/cd3_automation_toolkit/user-scripts/terraform/loadbalancer.tf b/cd3_automation_toolkit/user-scripts/terraform/loadbalancer.tf index 6abc408a2..bfb50901d 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/loadbalancer.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/loadbalancer.tf @@ -36,7 +36,7 @@ locals { } module "load-balancers" { - # depends_on = [module.vcns, module.subnets] # Uncomment to execute Networking and Load Balancer together + # depends_on = [module.vcns, module.subnets,module.nsgs] # Uncomment to execute Networking and Load Balancer together source = "./modules/loadbalancer/lb-load-balancer" for_each = var.load_balancers != null ? var.load_balancers : {} diff --git a/cd3_automation_toolkit/user-scripts/terraform/networkloadbalancer.tf b/cd3_automation_toolkit/user-scripts/terraform/networkloadbalancer.tf index 293f3ea9f..cdbe7eb59 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/networkloadbalancer.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/networkloadbalancer.tf @@ -21,6 +21,7 @@ data "oci_core_vcns" "oci_vcns_nlb" { } module "network-load-balancers" { + # depends_on = [module.nsgs] # Uncomment to create NSG and NLBs together source = "./modules/networkloadbalancer/nlb" for_each = var.network_load_balancers != null ? var.network_load_balancers : {} network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null From d0daf0d85e067f64e9fe0fc839acd23d9d6fe5e5 Mon Sep 17 00:00:00 2001 From: bhlohumi Date: Tue, 30 Apr 2024 11:44:36 +0530 Subject: [PATCH 24/26] Automation Toolkit Release v2024.2.2 --- cd3_automation_toolkit/Release-Notes | 6 ++++++ cd3_automation_toolkit/user-scripts/terraform/adb.tf | 2 +- .../user-scripts/terraform/database-exacs.tf | 2 +- .../user-scripts/terraform/dbsystem-vm-bm.tf | 2 +- cd3_automation_toolkit/user-scripts/terraform/dns.tf | 1 + cd3_automation_toolkit/user-scripts/terraform/fss.tf | 2 +- cd3_automation_toolkit/user-scripts/terraform/instance.tf | 1 + 7 files changed, 12 insertions(+), 4 deletions(-) diff --git a/cd3_automation_toolkit/Release-Notes b/cd3_automation_toolkit/Release-Notes index d800612e4..db36292da 100644 --- a/cd3_automation_toolkit/Release-Notes +++ b/cd3_automation_toolkit/Release-Notes @@ -10,6 +10,12 @@ Apr 30, 2024 6. Upgrade of existing terraform modules - identity, buckets, LBaaS, NLBs (without DNS health check as of now). 7. Enhance CD3 Validator for OCI Buckets. +------------------------------------ +CD3 Automation Toolkit Tag v2024.2.1 +Apr 4, 2024 +------------------------------------- +1. Quick bug fix for OCI RM stack directly in github. + ------------------------------------- CD3 Automation Toolkit Tag v2024.2.0 Mar 22, 2024 diff --git a/cd3_automation_toolkit/user-scripts/terraform/adb.tf b/cd3_automation_toolkit/user-scripts/terraform/adb.tf index 4de7e4bd0..ead0d5a95 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/adb.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/adb.tf @@ -24,7 +24,7 @@ data "oci_core_vcns" "oci_vcns_adb" { module "adb" { source = "./modules/database/adb" for_each = var.adb != null ? var.adb : {} - # depends_on = [module.vcns, module.subnets] + # depends_on = [module.nsgs] admin_password = each.value.admin_password character_set = each.value.character_set compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null diff --git a/cd3_automation_toolkit/user-scripts/terraform/database-exacs.tf b/cd3_automation_toolkit/user-scripts/terraform/database-exacs.tf index 7dfc1583d..25a12d6b8 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/database-exacs.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/database-exacs.tf @@ -57,7 +57,7 @@ module "exa-infra" { ############################################ module "exa-vmclusters" { - depends_on = [module.exa-infra] + depends_on = [module.exa-infra, module.nsgs] source = "./modules/database/exa-vmcluster" for_each = var.exa_vmclusters != null ? var.exa_vmclusters : {} diff --git a/cd3_automation_toolkit/user-scripts/terraform/dbsystem-vm-bm.tf b/cd3_automation_toolkit/user-scripts/terraform/dbsystem-vm-bm.tf index 499c6c635..8cffe73e2 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/dbsystem-vm-bm.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/dbsystem-vm-bm.tf @@ -21,7 +21,7 @@ data "oci_core_vcns" "oci_dbsystems_vcns" { module "dbsystems-vm-bm" { source = "./modules/database/dbsystem-vm-bm" - + # depends_on = [module.nsgs] # Uncomment to create NSG and DB Systems together for_each = var.dbsystems_vm_bm != null ? var.dbsystems_vm_bm : {} availability_domain = each.value.availability_domain != "" && each.value.availability_domain != null ? data.oci_identity_availability_domains.availability_domains.availability_domains[each.value.availability_domain].name : "" compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null diff --git a/cd3_automation_toolkit/user-scripts/terraform/dns.tf b/cd3_automation_toolkit/user-scripts/terraform/dns.tf index 0e0a82a4a..4175ac5fd 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/dns.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/dns.tf @@ -89,6 +89,7 @@ data "oci_dns_views" "resolver_views_data" { ### Module ### module "dns-resolvers" { source = "./modules/network/dns/dns_resolver" + # depends_on = [module.nsgs] # Uncomment to create NSG and DNS Resolvers together for_each = var.resolvers != null ? var.resolvers : {} target_resolver_id = data.oci_core_vcn_dns_resolver_association.resolver_vcn_dns_resolver_association[each.key].*.dns_resolver_id[0] resolver_scope = "PRIVATE" diff --git a/cd3_automation_toolkit/user-scripts/terraform/fss.tf b/cd3_automation_toolkit/user-scripts/terraform/fss.tf index 5c5fb81f3..65d54a225 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/fss.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/fss.tf @@ -21,7 +21,7 @@ data "oci_core_vcns" "oci_vcns_fss" { } module "mts" { - # depends_on = [module.vcns, module.subnets,module.nsgs]] # Uncomment to execute Networking and Mount Target together + # depends_on = [module.nsgs]] # Uncomment to execute NSG and Mount Target together #Required source = "./modules/storage/file-storage/mount-target" for_each = (var.mount_targets != null || var.mount_targets != {}) ? var.mount_targets : {} diff --git a/cd3_automation_toolkit/user-scripts/terraform/instance.tf b/cd3_automation_toolkit/user-scripts/terraform/instance.tf index ebf18f6b1..10b191ea0 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/instance.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/instance.tf @@ -22,6 +22,7 @@ data "oci_core_vcns" "oci_vcns" { module "instances" { source = "./modules/compute/instance" + # depends_on = [module.nsgs] # Uncomment to create NSG and Instances together for_each = var.instances != null ? var.instances : {} availability_domain = each.value.availability_domain != "" && each.value.availability_domain != null ? data.oci_identity_availability_domains.availability_domains.availability_domains[each.value.availability_domain].name : "" compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null From a1c4af2a4b99d787cb3574b570e801e9229b9fba Mon Sep 17 00:00:00 2001 From: bhlohumi Date: Tue, 30 Apr 2024 11:47:29 +0530 Subject: [PATCH 25/26] Automation Toolkit Release v2024.2.2 --- OCIWorkVMStack/installToolkit.sh | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/OCIWorkVMStack/installToolkit.sh b/OCIWorkVMStack/installToolkit.sh index 0ebd4fb85..38d148f7a 100644 --- a/OCIWorkVMStack/installToolkit.sh +++ b/OCIWorkVMStack/installToolkit.sh @@ -67,7 +67,7 @@ echo "********************************************************" >> $logfile 2>&1 echo "########################################################" >> $logfile 2>&1 echo "Downloading CD3 Automation Toolkit Code from Github " >> $logfile 2>&1 echo "########################################################" >> $logfile 2>&1 -sudo git clone https://github.com/oracle-devrel/cd3-automation-toolkit.git -b develop $toolkit_dir >> $logfile 2>&1 +sudo git clone https://github.com/oracle-devrel/cd3-automation-toolkit.git $toolkit_dir >> $logfile 2>&1 stop_exec sudo ls -la /tmp/githubCode >> $logfile 2>&1 echo "Downloading CD3 Automation Toolkit Code from Github completed successfully" >> $logfile 2>&1 diff --git a/README.md b/README.md index d43c50b5d..00679df88 100755 --- a/README.md +++ b/README.md @@ -20,7 +20,7 @@ Additionally, the toolkit also supports seamless resource management using OCI D 🚀 Click the below button to quickly launch CD3 toolkit container in Oracle Cloud and start managing your Infra as Code.
    -[![Deploy_To_OCI](https://oci-resourcemanager-plugin.plugins.oci.oraclecloud.com/latest/deploy-to-oracle-cloud.svg)](https://cloud.oracle.com/resourcemanager/stacks/create?zipUrl=https://github.com/oracle-devrel/cd3-automation-toolkit/archive/refs/heads/develop.zip) +[![Deploy_To_OCI](https://oci-resourcemanager-plugin.plugins.oci.oraclecloud.com/latest/deploy-to-oracle-cloud.svg)](https://cloud.oracle.com/resourcemanager/stacks/create?zipUrl=https://github.com/oracle-devrel/cd3-automation-toolkit/archive/refs/heads/main.zip)
    From 0f1b22c423a1633ac07315b1bd8f5f6b0e4975f0 Mon Sep 17 00:00:00 2001 From: bhlohumi Date: Tue, 30 Apr 2024 11:49:30 +0530 Subject: [PATCH 26/26] Automation Toolkit Release v2024.2.2 --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 00679df88..b519a6110 100755 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@
    - [What's New](https://github.com/oracle-devrel/cd3-automation-toolkit/releases/tag/v2024.2.1)   â€¢   [Excel Templates](https://oracle-devrel.github.io/cd3-automation-toolkit/excel-templates)   â€¢    [CD3 Docs](https://oracle-devrel.github.io/cd3-automation-toolkit/)   â€¢   [Watch & Learn](https://www.youtube.com/playlist?list=PLPIzp-E1msrbJ3WawXVhzimQnLw5iafcp)   â€¢  [Blogs & Tutorials](https://oracle-devrel.github.io/cd3-automation-toolkit/tutorials/)   â€¢  [OCI CD3-Livelabs](https://apexapps.oracle.com/pls/apex/f?p=133:180:112501098061930::::wid:3724) + [What's New](https://github.com/oracle-devrel/cd3-automation-toolkit/releases/tag/v2024.2.2)   â€¢   [Excel Templates](https://oracle-devrel.github.io/cd3-automation-toolkit/excel-templates)   â€¢    [CD3 Docs](https://oracle-devrel.github.io/cd3-automation-toolkit/)   â€¢   [Watch & Learn](https://www.youtube.com/playlist?list=PLPIzp-E1msrbJ3WawXVhzimQnLw5iafcp)   â€¢  [Blogs & Tutorials](https://oracle-devrel.github.io/cd3-automation-toolkit/tutorials/)   â€¢  [OCI CD3-Livelabs](https://apexapps.oracle.com/pls/apex/f?p=133:180:112501098061930::::wid:3724)

Qy+j zG`NWY?hLmN0d=FRo(_*d^9>3{&mMUr|3#T#R^!|<_v(Cq3-b)fqtBB5k^C1e7R=zrnzWuk3z3OMHFM^LKYrqLF}P;Vo>y1)8cP_QtM!B z{BGg)LHKM;?KQ>&0rW}pZDB}yeJ)Fv|HI5^deuO@*qpsi*TZK#2w@m$J<|CLMbhV7 zZ|%dDOHn9XT*H+Ui)1y8S36x(9l=r}ybPzVoku(fr8_5sSFRDy&_GCMq*fKW$vgpk z_$`$J!aPOkV*-nIO_)}}3KWmIWKLRi}wOPD4Mu|V*cn*xF7^>0reF`KrFSN zTyrCc4o$mP62yLb!;adqpfUDSV8hBb6$`#2(yt?AYfj z$4!^6#4a76FX>e$fnt!?u1RA?NXmy4wUa8csBj8KTxYW?pFg{F2c^59?Fla0H?cXK z2cn+tRSJmAAIO4eUM#zQ+d}P*cr4Au`o+x5ZnuRhUe=s{wz^{~A|O`Sn<|Xr@-(+2 z3KMd>nCH~K@(Mnhq6DiLPC|0%_v$Cz=xWNm56%a_d%S*|0)ZjugGqQ?l)QP`Kvj4+ zIJ3r#3}BB0VyfKDh2Oh^&>_?BoB1ofJFEemA|{M2py7wszeMOb5pU&jdtP*)D}qnW z*}S#sIod{Nnqx)a7gU|6i=dQ8jPO=}IBcG1+r1U_NW+X=Crh_J7*uaIUh|=?Kb@gW z;Ml?eqYtGjh>=-2jbrSiuqs!>K3wAbXOUzg&-#QZ$YtrArRp5x5?F1+E0$hp;C+4* zINXOWk2kRv=Y3q!E_{}Gv1ITILPm{X$Op{VbrA9Glt?YqFAfru!iUMjb5ya1Nd)=T z_8Gt~37|1FU{Odn7kcpC!Pk)iN-frq-9TtTlbkl+fCo_nZ~vatKnOG zs?bcz(8435!e*?`!Chu0v%@svy%O-CHgO67XZ8)A(Vp+IHtdaBmbp@LhmSd81=V);J?(vs5|Nd zjQU$a?q8}Q{*D5(1JvJ=U;k1~*>{u@jQX#36aK$cYSA5)0Hgj^<@uK~Ex)5?VbtF` zE&o!VY5|G>O2GjpB>P(s<6la<{f@GRQU6s#p#7IZ?YpDOVAS6P^?xbe(L3rCM*U6K z{g<+szoQ;;0@UBs%YUiJ^*bsEM*WvTNAxd6xOYc=hEabrss5!@zTZ(;Tmbbq9p+z3 z`}U5~g;9SKDE_6ez)&fGfaY)kAO2ql{J$6i1`H#BZo)?UYjge=OTfFwSh)f0|FN$A z^A&O;y~kd_u)j9Ke@6=vy~mni*k4oGzgU6v9hS-iP=8G||56WC?gx|9fJcO?@&I4U zzgCNXS$(a0HWoJIe*t&Ce=$UZdu*Bq%mvc7y%%J>fUtgkFDzlg)bn2a@&n$viWkfR zN^ZMvIe~SD_e0GEz@$)dJ}^Hhdf;Bf!$kbxy;z5dl%ad^XaXJ$D!~tok}-VWA~6ZH zJbVPkhLTRfV?#0c!Kk1&Blmr?{J={KMqz>s$|?Zn1HB)Ei6@|n@%zS6SYz$Py`UBZ z#NZ@UPY^5t@}7sL34(<|*I%KNf?!E7jtU5xs|g~7atnd^z=W!IiXIvx1ZDw~s{QGk zhV@aYgP=I0@DHI3!eCPJzoFiL7hJk0Am~RPU|PKt26KQ{^!~i6T^P&{-qio2upa>< zZW;Vh<}kJQ^pC26sYAm*>Vr85_QVw6a88Wwnn zDFWsNUzz^tQxFCEZp=W?DjN_PG(!}OP5xg<5-{cb?}_e(6$q-q0mg?eh=K{o|3er>pK@st6& z?ON`|5KOpyxEIv2fbeL)7alNi`SD&1!h~NhOwdEA<$%vUk8qJ>(hfC&)uX@CcO!2N$*tZ&Ky diff --git a/cd3_automation_toolkit/example/CD3-SingleVCN-template.xlsx b/cd3_automation_toolkit/example/CD3-SingleVCN-template.xlsx index b60fe4d973ea19c2a8f8c6d8b1726bc63937b9e7..8259ce127cb00c93d043cf9b81b5e50014917ab5 100644 GIT binary patch delta 34070 zcmZ6yV?f;x+&A2^ZR51OtX0dlmu=gf?6x}DZq>4FE}P5CwtLS0yRPTC@8?Z*e!cyi z?}xvuQq+nD)arI580-vbD)EFKBnIFm67*CE&Y%&fEiRILH1m@-#n2gYCw@lVIG|1i!;=FewlBjCc{`0)X*(ZR}I)k zCRJfg9mTX!)81`?H_wf$4m^FkYGP&l7zj~Q@L)HuE^=5NyNdipkn5N!yps8~5Z)~!F0M%EP^GFE4N z;LqWLH%(|~j~AGsvvuuEvE1YP0sVXB{-6VbWdmCi-=g3Pc|EBB{@u@+lJ>9*1FSdA zql^4XrXEQGRhLE7U|P>8K`3DT%lhHiLsDxwEgfFFxt|iUbc*QR>>t*(8+u#P<)3@7 zKU-i_k7x?$gepQ9NF3MWEo0?3=B)2W6OL;}_}my4jGb)8y$ai{2kP=4W}Hm+bk!!e zCO1RvHUgAGM?-5|1s>E&ZK70?+K4`HgeLvztuc1rd72cm$?4fG(I5uinKE@ekPdfn zA>jRNE#rEe7fQ~?tD6c(dJZIm;?^_~ND4=A2jW5;Gf>@a6cMo<;5ecVqE#jTt|2Yp zW5`xd&ht=C0!DXJu<>k;KUwi!bnUlX{mu}m>wVP2e+gf90^G}=hBd|6NoHt|@&xcA zuB8nMZwj>4jOkZA_L=}|g`61pa=r*TkM8M%dgRYVz25y6%~pouT5o>JT+hBPU zey_+u*CvmvOMhJCcVC%n>ifp_x-+Ae(K@Y0EozmfQdfCjq_5*3d+R={r1RRkevtK! z5R8yP!WVEkp;5jyg{MwJ3wpG)?5Gq}KFTUOwr#tV^t)Bu7W4q>FXX(Az>Qt+^qVnH zCmXy>{yO$p^ax5Z6>~V=nABnEOxX=Suf&=(43IDC^g54f5j3CD`P04}!fkTw)E_)Z zH%8Qxx!uuTQtWNfd2bK#4tN6{Wih%kkNlb%-?bP}G@ps^8jDJGJr#r@hvavlu@8To z-AeAYp-KC^&FKfsmhMZXv5*?bup!s7uT*Za=(p(%>jBZ6$=k?VR-85}z<=Ucc=Xl3 zm)x-P8#Vrg+|l7x3PqFn{PEL6A&`N~ z9=^NccjMlH4I=)W=j`zv>E6^_q zM53Il5p;neLEZF>N&GSJ*dQ7=utkT>%sAFy3Abug%x~#^WGAaWX!qJx-(!tQz!*Z8R;*k0DuyQ9?NHNaUWk z(=HV^sr_J=3ykI==_xh>lO~XdD>Rmln4tY{7Qf9%s{@ z=3sw2AZHRy&9;h|#ulwI^E4*h;db2P2YnPB!H*)vK`1ukae1sFO(~kfbdi?fVjJ5^ zkqh&4K!8=9MWJs#Eu5}x>F0PZb!8ePbly;qA-Ue0k#P@M=j=DlH={LX3{0cr;_h!L zH%kD9!{9)aT+bl~!^~kSJvbbc1T&=`vL?#0FFN7-Hja2}hq0hS$no}aK!X$tuw~s2 zU=Wiirel@2#Ht{S7@nVCFnYUhkQ3aW1{N*1@dL?eHAFbP^k%CU3)$`^P9j6Ao6VH= zP1mukBSP%FP%!QPa7sxfE|TZT>j#IBd!Ya^MRqx*wlf#WBlQ)6B{1XLVIwoH2?5z5 z^I{9{)!EK|dl%G1VxkW=>OOZTrowDB?bLXrN))3+RSZh0HNU&Qe}c>D9PUl>G2-vM zb14?ZorJ6$mxLN{I`|?&z%JkF%RjZ_OE_K*6J4CS(Z&;}*oOA&eD7@cP0h9$uDb_l zhi0v{xj%2u`#Y?+wB4S;>VAOlzC2O`3Q;G6EW`bb3<_9e&P~Lq>Z(C?c;{P>arB?vl=@R zcFF`5t>V@A`4BEu!xu&E*YtccwOrAUQ-!h?#$CkmTRZt;7Wux+Tae;hh-$^dK*mjD z@u82dJtEwQj0tgC-2>qh(DcHtAC)Nbqq*oM!G9>{vkNPh1VO^wW9*)}=XsrikjBj9 zl~EDLD6pRE1PQ)mzaGjZo>TKbC&WUIznS7*oG1=`9UiZxNiaH%&)i6AjW2lY5};#yznG+Udr>gO)9-m@9MK|N;;MdpMO|M@5;M3RIi^n^K8j{p@mR_z2tw@foO7SC5RMpB3sG!p}YU9KB-UM!}i zx{`C4hV5kW&cpbqTCyVz^#`dfqL`QOK%kDN@y?PZDoyt~v-1zAoo$H#y?jweRvkYK z;KN5!j<}MDEYw(F^y1-Cvn7Th-rEZ9Eq%IyA`M}s3-nS+Cx&4`t3({D%nkQj5|eNj z>+5I8*4*9hSyCiVg(Ugs!0Ty&`1!D@#~y)rU#iD8N)CyuJ8?_K-IJIp{NYt1iYT$I z-|;U2dnezgTyMHj5#r-t1TZP7;M}FZ)vGvOeSfsum~}t``kVNe3)VaKq(!SV-;Ika zM`=uX(YCKKG(M(8i)`a%e^)q{-Fi&tCePMXIG4H1nqL#L!S?%bE9fW0KZKqe7XqKH zR0xj|Y2f)PDwI+n^o@l-H2i(@G3gYFF~=HqZDpnO6-pls_tQ&z3?9SF!N=O3d+b>4 z9Wh^51nH12AW%;p>RVMsv+WYmwZVAGDO!bFN4#~PJ3XdVg{C9OF1+F-vE7gPp90_2m zu5&bhWa9VlWpEg8{+GEQh8lw5yG-{te+kb5)p#s7oqm&VqtX+Jy$*fkN8$fODE3fd zj=og@62{h7V~w~_?ji4`DW24CK}XvP?DO3$BqdT%{v!z5p66jpDVwpZk7-@dp!Ul}2IyHWQuhHZk5u}IEn{5M5KsDA27uU}@SbIf+fOvn0f>4r$g2sk`g@6a;!XWAr zaQUBt|FNK#;*796Risd-+|cxrynfZ{aJ=#J97F-==kBi&Dyw zMa=;P3FB|~ytxbVaxnx21CZw~>n=PoWT<80RlQ$J+XxeAd!$@-xodUiANIdL=JpSN zUf?XB&nmghsD3cIdYtvF8Xv3-b%ck{s<>QfIi>x^WPmhaTL^5*4^ArLisJR;{JCTw zYbcLi%2h0_(jPT~N`^q?f+otG0*a;?_mFWtgJ;b*Lw#9oSX*J2zw~j8N*lN5+tjxE zP!m_->hK{de!E~_{RfIpecXMZX-q+IAakgJH!9X%6(!wBY@_!fCHau#>G6At@& zLgjTAl4$KxgeLG1?II|jtWNAITb#N2Cb&93{LwjWT7ir6jZZdui;?LtU~0=&sYr{9 zHoBZpE_$du{mb5C%*6ZF2+z$(bXp9Fj_-5@*RZffkFqH~?{W(vjk10Z4b#sc4QlCH zwxLT?;`?6`A_)(@6uhC^OyN9rp0MWGClwD7&Y8JIXZTSsT)_ zpvA9D-R*~t{nU4;{k%&9WNj9P?stdfX3jO1X2aO8wR*>&63oz`pwA1n-oItG?LzC!SoVJ6;tW0 zK9W2O7aGZ1WjGRaSC(wo!U&;S^o8*vZg*8w3({Sd>|MGz`~F}T6iEC@NX#NXBYWB& zH6`2*P_eR;WK>@Q`k<;*`XhFg$v|GoIYgZeK?efDwf7=x4KxJAbpk6D1yILfg#~+P zgXWa)tN-MHv=o+D3B7iGr~2%t$w8+GabosW>@uqjzo9T_03akPAYtk4ePX_DDEMTG zZ&9M8vlkGkMp((D>%{RpLUwGo|^0u9Wa%F*tB5( zL)rA}C^cu^$`z?QVG(u11+Z)}e%V^V1}x+f`<+Oo>Aigca<>A=^Bh5!76a~}`#bpQ z_5$2(?uw=Kz>muUJkq!3O(>}#9iehDnv?KwW5Du_+iwPWO_E(dasso1+^vjmW|Fms zTLwiHmWmi_Tln1r{A;%-Gc}3C*uvwN^WHednHRlg*lgvIeG$q8V0==h(IJh|BfQI> znc1uohLegc<`2?Xn2a=9go%LhAnM5La5jqQl!rsI?8%qR_QS`qnRyX687ia% zn2KSR+WaP*Z++4TIrX&Hg^W^}I9SBv7Sko=FvyV%$TRJw7g%YZusnLn9;hGIb@{2d zrx}X4?00Y|WA)J6fjeX4xNJZPSY96|3%Kto-9=>2+_4&SjuCH7C3Z;nNR^u7M6Jgs zUN!L19FeLZxxw*s>-X4bHzaAyueYLH6@u9Cz&eESvUu?h)%Z_GBsw-RlQs;@PH`NA5Tqe&*nh^BJt+LtOUbl@6DWbzbx zZnMH7TuHcsag@5=nu0ye^! zi50!e-m{7(J@@-2v~ruDV1dd_0Ik>P_=qqorfbczyGnd*X!~~~5!%o64`LUwG~D)Y zg9)2z(o8lxAC}3CJLLuMU2>+_54qmMS&X(B?gs5XFqa(oQG{Lt*%?~9w>^4i*vCjy zv`@U$H#d47#=67Y;mw6@!+-9h=`-o&w3p4##9h_d7Ky-qMv{p)H1)JVB=)=}&gL1N zrJd|0AK6sHdi>`eu_{}BX7TtFwAzN1S4tGq@U=xq>Z&RehcD>+1nqe zy1EFxw1ct=V>w>2RnF2+EuOmPx*y&XHbWxlj(~2u$6HAz&JsX=b7q!HAa5{jU6hET z`=%^#kh`P+=ROyzh-WlXujN8Cq6d$?EZqGqj`sHKIaK8{J;Kt6gTEWD2PJH!Y7j}1 z^c$JQA+1+ye~Q*f@L^B%lovE#QOe6|!FgF7I=wysF)Mew;SCM~BA4_Zsd4{DYHE5_ zE9Cf{2DN`VEws_Sq9&V>kCo4ZW^}?m7MrOC8_si%@%h}Rr!hSh-$m+AMfY{P0a}(I ziF)*UXpM>oPBF$`PFt*9ReLzycUCbpB{{ZUI8so105JM%`@V4qTGlnhqN9EgwP0A| zY04O=`4g)&CgDv3{Jf-PQ;-_mWsbF)g;9=5K0k;+;Z>e`a*<|aPP#R9+_1Z?b=`rP z#g~9T%?5Y5DsgtwUHm}h8kKhH&%LF68emMVbEpuAO*LS_oS{I}XiafWHI6SS38e_x ze6u~6L!zsX^(pww07aXXf&68o)*VHcrP-k2Yn|Wmr)Y7tLIi0mHWF^& zL7xW&H;SpW5od|5MoxC0Wwgktd)LFrn&v8AW@wq^@pRgj+TVM5e@<4?+2|f zdu-={hHxo2th*_s2zNnaWF=_6+@j@%lAFJSk_8}a(NaN{H*?%*Wqvw2Jj0uUb>&JE zFbD@Y`M^b32#Bo|$3#d%AkRN+je<`U_HWH2!LREH{nEqeV)*JL@_Z_I1!dnGoQRDv zhDz;VmF9uxZrM^&0fUeRCeN8ZXMN?Q-)lu2bcyngkg=G%BNpZU`C_`L9879DRBJic|p*363e;d5A$uF6g+Fl^CLg_fx_G{^fmL&7D! ziCpW^2p!N_m_JC;r?SzP7bU{-R=A{pwc-v)*PILTSB)A(wgvqbr72xM%^*;%{SXyf z5+cx0h%epfySyMXD-YvDCM`$s+4>>mA{LhW^evQzE>%MUX93E*Yu1;*|LDgTGpbp$ z7mw+>OU7Q^FWks*B`6t(to64!Pi95@@jRlC~UCCDN zThp)|!Z}j5<^)n})k%HJ1+Fr_7$Btksqg&gA}QJqK^Sw%F2go0C%f5b>h{ysl$Bvw z5WJy;O7kL;yzKW10oON`?*OMb9`i0}i8!A|lOuCC*2E;J%MI#sO?7-B|P|J|>I06jS1 z@4p-v`ac}lFD->YSzcCYd2g?NyT8JNS`%SnodKhE`wPH_R?RQy@pH^(FsvQ9O)Ak46mZU%{l1?}VVq zMHgM483)LTapKPzpfO|W2G|?L?a7AHf0HPWr~T%(}*Mbg*t4^ zpAq5x#PtSTEcn=JlYu3Zq4%Qak&IzkFsz}NN^>7lc99R6$B-+YX(Ok`NM20tmm|X; z9jL}r7(6$!_9r6Eh%BuXVOh7v5yH9>35@b=+fOZ6AUGNL{=6U#%D()yVN^O__lRJY z@0(j;h47dW!XR_yJIjF_NEqW>(~%v&KDOs83Rsyhoj=dn;3-i35{5Dy?fF0NjkQ>% zE%BWRLe%9O2ty+x0%eQFp&%ff;1hDA2!SmBeBbJ~Rq}sI3;iCU(Z$ksK&wH|uFd0T zS-4Hm5Np&2yy1_^^B(5`S;5$)QMkP5CT|Yrn--6bN=#lb$A#0>@xnl* z_dlkCF!x(3J#9D=Z{WXuDPQl>Ig9<>3fqkZu+*Fxe6BPci-g7YFqsVm4l*~?MEUqO z5bb?NYLB9vuVs|plXEJyQlvc*KvrE;=`O(FgIT#pM`F59?Xof5SKy#N>!Gu6YO@E# z9HG}FSKJK27l}n~dlkg~ImSKyQmFcAxMw?I%fT5DYu|yAj;`FP_|61S_ho9s`-|B7*u;Mu(qivablwU1Tv!?gG;cl*L~TT<|pV)I*hBA6-AFt=1a&~ z*=x~HGqB0iV-hd`a#hsy7t~$QnkRae`bj5TG7fQR?Orn)6ppyE7T7kJT9{E!1B^@} zLR$;TX17&!G4Ngzt35yG%=s=pjhcQ@*q=4cHqz^Baxj0#*)8rNRLzVfWhmRB;t4E9 z3$>ttG16v)@X0rAZa>iSkJ#x%;~x2BS>v)^qDmUvj<>BWN%1Y%F-%8x1PJiV^6qK+K7Gnw16Logu8hm`K>LfCKjYlio>BsLAI5rvP-y-m)Xa z({&B?CIP;0qKw--4dakyPiG_<&?Rw=(-ND3{qNlGOFQMH-)e>b659%K0(oyllU!2% z@4biHXLFFTDWje2N=fqmLqCfDSKwRyXW9;S&VAeud7QkJ6{oc<9OZkUbRoC)P@1F} z5K#N!XH(uG$B!bsk&iJ2vl%h`QntO}uA}UJIJQ6s@T>gNV;g6oIYiQr%+K6ZN4Ji4_87Q@eE}uV# z!o5h=uK)POYx+2;Xh3tGHkQ#9*LHxIia|SLhc=aYE4_FWpkE9~FLEKS)Z7x+LbSwe zVv)M0A2N`-t9N972_Xw28yk1n{oJZ#y-&&?JUg7WiDFUN6!++66la6W?ExJ2L|S`j z1WuRah6O+8ZLEM{26DePFv7}J&mALL20o0k@p0D*0tBehpI!zjU( z9!WzJP^u_u5LBSvEPYFD@0&}<36E%VACn~Fn47CQ^t%-#io0G<454)oKsDH@)uhCU z3xTu}o7oWUPb7Hm&qd4yIH0#7r1jS0ol_45goteu-j@`-5&D0g9$$TzYd@evf7hyt zclIpu-av=rE$@Cc4)+JXL)M*I(Lf`z!pct>gOepluD@VPsd9mW0cNV{Ib^V4`{mTX z8$JpI1XiPms;U08Pbw~5X+2$L{aAy@Qp!Y(I5;zKDJr zOH+IJb6-Ca%Qk01OUXUK+ofaMSEE9d3K#8P=@t)ZHogsh@AfXqN6KV8++d-UwH3@d z)NpR&zKJuR&3{F>4#ZYbpX;tzd44M487ERwe*!Bde{u0xov?=VK8k1&7JsVc((MK- zX>8`wz^7Yb;s%qSOT?{FWka)0J*IBZQCYO1UiMO~WlK-?2D0KF)Hi+|qers zkfv@&`g3e<~luMa6|~px3fRoUTAcJOwgK0%#gPQa)y{`kGj~&q!!g0^?BEA$urL(2d~$?D2--un5x> zDFyByod-!U^F@nErMJmzT$Y^d>_hFy3J@^AE*FL$NP(1}(io+OAZttz`tlMZZ^%BA z_Z!*!pTM*IT$m8el#OhhR9Q(Tle+UVJ~FEI6KzR#0k47 zuP}eWr&rCOPf48`AE;u>|h`e#RIXIc)1q!k)*~ReL1%Nb+J`+Ur%%}^%*9#B|6@Wg07zwu3C6+YV#%u$z z9nu-X$q>dk6a@&9AuYWt$NX-=^W)8_w+JA?9~n=%Dh&@frEqe7F6tJnR)jlw&D#}# zwnago-@@o}7EFH2${AU|5x3CM33awBT%Lo_N1H@gi4Hp~ zH%GLI28drciHz?hs_7%tQG%@#u&rfhh2dVg%^slh`$|I|c)6$bNmDM+~)mCWNqh?XTz;c-v8v7~? zu_K2|+P7T??nMLsoX{^`tk-EKKPOukV0jN1m!c3P6u2t;oj69eWa@m=cL`#LmZ1|K zV{U%QfaCVRQHAVFJnm@!Bs`YCj8i>#SN!=w(gNSRA%cR5gUDRa^Sa2L$IydFmDbDJ zryV9ojFq>6T%0<{wRaFOX|?w;Xh%JglW*?qbE>#jdOw|fZuQ+3x8Do>t~rvp3Ol*5?i+^VOzHw ziDt|Nrb3S^bVwaya&#Rjk%A$wp$ceYnlxlK~9V1cUt>3hGbIiOJc5Le@lTRzWEYfY4ui4oABXYecyqc&c?4^+qf-O~$MBlxBD2;C3}_%Xd`V?o8G1rrqpwGF z#MW&%F@p5&iS0FbnBz9!lU0XTakvb~5TPmkLc9vjDPW>h=6XB5Rbl`-Urq^&th9p9 z*rn-2El>=Qy9zya?j880d+OP&ZJ-QMnOQe}8H7Z~)dn7FyaNb9Vd-7)n%(jA{y+mM z(=Uz#R9aUGwYKCghclxEC5SIHM}x?WPO2Qyq-(C6Z`-%O?nmnMs~DNc)G9b?r?ix! zcqKGA8oQNQ47#PR#BrIOF^e9F!;jT@$QeG!Z({~?Y~Vg%Y5B+gMgea9*rai3kf zEkZrpM4*h-MQ`65yTxVe^7%GtdIQ`(yCbba;O;!l;iNC!LVsmeUKVI)_SDDOm@%;% z8s{HQ;E|C+?rrUJIJyaq{!J=|xpXVvSgudj0*)yZS{8fMP!Rt&rI=jL{`7|XVPuBZ zW$eVV9OOr=&=U}>;zPWIDtT6E>tZv3DE?82Y44!Qm&Z zEyX$__^2`vfS{wZ17fm&%$WLB8nMdcfb3=%9HUu-PToTi{j%Oa)MbP{Lm?Q6XG3Hl zLqG&1*S37tXi-?wuR^>z-)8pyj9RaTmq65@ zjH)sbe!UYt8(vU8jRY=oiu(aFEZZomNtO%LZ*T4RyWk=xBWj^+i`xGWtl-#sR|aX~ zdOFHqN5D$G{-`A z!?Y`)cU%VUK-`U?minqlml?53X+jAngqeljZ5!Ywhfj!6oayA}-zI0*={K!>3g@mL zK=jv?avx2o1MauWV?3JwFl0tWK4dqRa){@Ip}LUp>ADM1G^}QixtH@IMCKeRG6v|a z;T>e=(K{$GmL#iqmrsA0Q|JS02u>n|**yA|ukj{}^=TBnxf)y_rRTv>*RLRr7;tq{ zL#>dn{6R4pZ>N4(nr%#yCtH4Jy$+KcQxm`Nv8L)^dguyqhLd3#382D z9S@r7$3>BfPSZICrJ}A97)@3vz%+xv$7QNj)!*yrJ-ooJs-6T1S!*8CYgILOsC$%3 zodHc(gVkAM(mz`1rhrhfwiJW;EhM~S6o9oUFbWT;PvLQ7=wKR^0aHr0ul6PN00kD;QO#=YK)$trbw>sB`GAAkQ7HJ z2HOd_ArzpE7lcLvZ5t5aU#S572J1&@s2I7X9h)B@lNxd@srhur z=9qrwnj)c9Rns(qqE7Xmbh^+kU6P#;2-D)- zhC}cBz(ErUG&tov&0>xew?I*F%sQ`@40hEIL-$_HLsCR4DTN?ThKqQs7nZjNqxux< zg2fmD=n!o@PrEVqgXi?hH1d@M9gV((BDElV{IaB~rl|OtNHO3aN#VH1pbNqrcu_Yr z(N8IvwWWo8J=QKkv>F&tZ@1|VZn9W6q?zQ_b*pzJ*g8Uto&)34f4iWE_Oc?%XvC{8 zAqaT~xtkScK4711%berTC|Gh`J=zkE?{#?1p!vN10G$4Dx|{RKG#+MiR`y2v; ziabn;u~r4*~d8Z=Z#!oa9@INK?`|~$>5qkBq z8Oq_2)90-7euLC?J=4(aW-gKW|1^IUSo3!LZL@88UvakX zAA^$56?gmCd{6ktpuoV-SA>!j%g;^j;~z4Yvz_C7mC9#6(Om$VBvHJBz~F%hc{GU zA9K%SvDFUnE?)LVqBNM#6XHiadk@2eZe!fzEL&$>WprE9=>ul-T@7%~QWOR5zDwNd z{=&cKSpAAgK)sQV7j;mYm>Lk)lODY>|Hy#XCV(uxS&p_`=&SGCM}BL6wd4iP{t*nL z3mqMpLz4A<1)5$VWEyb^x6~njo=_|4NMi!yj0jP(GPpyk^Y!5ya4;8b`eOBv z_MhdwR)+H$ubPinu^>;|;Yv^dADOew6n|Cc3E9!1m#-(p5c19`WUt}Y|3G+1xh()c zz2uYIjU~2jiaF=nn(;zGKjFxPFQbOCHN*K~=i%u`^TgOBu@2wU1c^n=@kr>Y*HR@KoK;YZbm`Y4ck)F8D{3T>g za}V0_{kaBQkw@{?8YQ`Fad&KkpF)HYO3EB`**?kIoQy2cdaG(3bJj+I!2zIy8Ezy3 zz#;j93FbWL+2FU1%g1ePFqunF~e_8&|<`2b#^EhT{2SnI9+G_lwW z$&0K2#_XVE3#-rLOY`NvM|Pp1Hi7yo#PBZhwciuL2)r59;g@&mR7+tFAVy`NrrJwm zTt4v6a8y29MVuD|>0_*3{IgCNZ$xOl36Dby~C4;=~8 z0N`s)FGGg+umy7})&VAFXmtx^gQI~%R3NECAd%qRBw^COC50{2-`;7!rq$u}mIY%NLA3(%guW?tY@xm%mfcgmB|!>4+N>tTrW3MkP;r<#TWq+PvvnP ziTw>P*&lHl3!YUR1$`FHRVRgX4(NYJ(b6R+hm#_d`~HE$51Ab9ntZod3X46E_Yyk} z>QCP;TR<^4EH5G4h|=iu6UIigCPdw62^KUWSr<(;DIx@fI4u}C1VFZbdB2+8_Y4+v z->SLyfEUtkz!tfTbD4LPH(EuRzitl64q(A3b7g|sYW{t_p(g+v!6_Vb0pFd!js5QG zjq=xKDBZYOg9uNIayLCalK!dY!T$GgfM_6BA-xnGL!*dh@$~D{Yug{KG7CS$G3WrL zL!8g}F1ljz#c;rn5vYIS)i2Cx!1D^y`7bk)15#TcF#>9*Oo^Zi#CdomPFT@1_sm*2 zX~iJ*Vp!#J0PMptl%VzZj|ccX!gJS$Jb5a_AB;z3?JH5SVS+x9-Y2P<>WKWtADsgtU~vxhm!1vM%6UgI(x zb{9K9%j&SKern*kG!A_m9On#-IAzN2C-OPgd!O|&d)&Y&4Bn}_dso#%n7=s_V; z{TWqvjft&8(!8IcT11=r*IT`Eo+Z~{MEsu!ArYa<+5vRc3f+01kfLd zc+ewA0jD@zm}U#PLMJ7zrv#CZe?EUg7x=|5=SL$E6o5kl-wz8&bJLsNvmWPIOK5|I z%-;{}vtqcDqTJM!gf?b4wuv4gLXOD#Tm@5eR)GQwwUJ<&IN*3JkM9ZF;f~sj<>RwG zp)I|pT(_W9d7toGJe!p??HDD14{kF%HZ1wJcPIPmI{QkrMc;nyFjlxR54)=JwX&3r zs7ZU9x&f+clt&tixs;^7nDC3`N^XMnfH-C-Tu2xVO$gFu4WIbalyP4kn$ zMr3O*5H!pAL3S-pE`q4HwGMdcyybRPo`NK+nWO%Lqc)e(a)3laCHw#wxzgy^x#>CIp4T>!jTc=qJOiLQw0(HUzcXn5 z+7t%}RA;XBdcEsLftqg{Qw5($@Y?LZ4g;M@z_U&8iGd2Fn6SoLmsKMZ#-ngRg{pn( zWT?oaBGyDPrG%E2P2o}C`=J6Z2&EH5OD2qA>JJ%&(!DIcWnT#Aefg;e)|Ajpbi{#t zYhyqDk6E%wkelC^M#zsnhs}`jQz+a7tEiYyTOU7gyaLfos?vcFb&@R~U=aMi-p&35 z8<3p@FxHK!IEyJuh8D{dlzgTmY;B=fSf9x@s%%+eIH0Qt9*RF&+qq z_SdRhwAM(?g8z!Z2Aq$|LEzxGOuVi1;@;st;qTf*XBHg%_JY?Qr&p&L1Hy-rb$|ZG zDDt6A3uk*ywoA#f)|3r9Ozm0>Ou)Z$53G!=z4|-y<$f#BZVfp3wFqk=?aN!R>3PU9 z_8HOf`8eI42VOJk)UXH2*Rr~Tj)q?CdlT0_49IZwX7kfYfX2zVDrQ{gh1Mn6ijYY- zeN`UJdtwEFd;h6G8=?;`zTY0bp3HOy6K~}vugSzki);22dpR9*Wq<~Fm}$4VheF96 zAjb0%-Ig0)<|D*+=~fHKZ? z$7MWg^T%du$w%r_w>(=Sd`y{y0F~fk%q?^y{?P)|%} zXA<5=Nngt`BK7&$z+X8WP1m+Djw4W&xz)?BbtkL`yIH326KpY|6ubriMvlE+X{Mkl ze8K?ZgYQ6W2i`X%s=wYnGD-sj<6Vbd>|)uO0=S5(rQU9$-Rr&3W)ZnS*lOQ<}Z zb_%NNKUYJR>hNx|g#0F7iYvEdYypr$rwJ-;ow{oeBE zvGzD#TG>wX5eIL)S5kP_r#vrzciesJ{lTAm#81&`Cb19`Mdx8s?vZ=+JK3Hj1=;*J z*3-an38t5(=XithQfwJpS0Ql{ z_fkC#t&oA}&o)OYmh!thMuH!Pd}!^*87gyDo&Bnc>z?hX09rszM@pJR^rI}mi}6FW zBtpWd)EOPticjlFVFFQN2uQ#wcwrNqWsr>wK(Ub^^6s_W_syP&`*k zmp=nRDsJ=8eQcsjSD3M?|5ZRN4wL}QG2fzY z3tfQhhVy3n`WPcjhzH<*ypC3FKcrorqIw5z(h1Nq9Rc4EZq|hO7;-e_lv7P+S#3f2 z`9Zx~vp-u}zC*Y>TQ8cV2pMH9hfI{&3+7Irh2OT5$p?RV`-#a@rvdphDVKZ{M9coi zHL{CdZbIa11q;emCx&L?W)lj+aa@t?@Cjpx8+;_Ob5?d}wYJfngu&*zLqdp~)C@Il zrV>NQEhDg>1yxhWs^n;b0GSAdFAMSr<3pd!PB*o(sTHfl#^iCNw)Rv2(xCk`BeNy6 z+!<^PL0+XGmFd;=oL(S`mSv35PdVa-WFiho8YhOut6&KT3hq*Bcog`&r3%$O=M(z? zJV4840F(3}esRC_$_5`5h?2&?hWZyim-X(~a&ZAfG$|YfCN52##bOMlG!r!>Y|;Sw zb$mx#VYWe~B2@<_DNksS$$!5viO-U(BAEmS@$K_9tE#GBE$TRbdBGuSi)eq@1uKhW zqJQ70fA2~B|0+OfE@H8->Uw!+zsrVfhW_SJrFQ=cKwb)p8ds`_*sRC54R);L?=)I@ znw7CiZr`NQjrwhhWt1IUUUr_n+4_dRYNynza86#P5xq1&Js5eZc{{jg>OhCA?0Q<* z)xnGQx$CN60ZYObtLv1tRgeU4xj16?>TiT=5qD^RiAaOX>|T+LKBWxsDoeU1c(=ih z;_vJaScesRXa)KmoS=4&HXcH^43UqXRBiFM0UWq))JVt0$$S=5`86foM-%2SGYTHH zQ~zE4*@5Q~)wjNWFJ3%obVO2%`{36kW|Xcqfm?_?`P=telxR>4q(&orM#~W3G(9?) z)&-oVS0cpp|ISAU)W4|nKWElw^2=#In4g*1uKVl#!Q12y6Xhj#-)NN4e_TJh%B*o_ zjbjm4CU2pCMLfVr!7F_HIFvKIt+SVXf%by^V)u3T{h7jt_rVRk9uQD)NE)#i$!*umg2In`ca*v%dzHn z4*^2?6RA$(K8-y-hrm}Pwp&;s#AQHI|)k=1mjvFHxko>2};0 zlWhA{m(Xigd$uEh=+@cTr@-AN;#5~+%}gRVfS=ay!W0E&?>+s)PI^P6B?wv&BqAf z-Jfp_)vD6e5rLWw2sa9>D(>Xd(8~D5f#mJt0-}}0j>Bc!i2_osc;%b|k;W+CVSMGI z0w0&~k12%w#^>KLGBr?9oDR*rZiT~G9Ke-&m3TKOFES^Q5)ZYD=uI*{?%z*IG(Dvt zZH+;=z1;7QpI;e=Aw}Sdk6&n}Hvvk(lO&xF%xcrmBE23^nywVl8`8%rOquB~W4Wm1x&jH{Bee(I4_2<6{GV!PbUMV-bJinNx@}u|VtS zqP=lS4=F7w_OUB;49wgTK*v4-1{h8X#W+BM*db&NA+~6vi7NLj0AIsHzE7b*oVeEn zl0eMrn*DtuN0Zc7HuqSckVih7xzc<4RjJPiOE4=J(w%K-1cnf8+^ImOQP#VO#c6wJ zcI~tDg;ati;ap^}XL{_r_tg^N#RG@`FOo{E!&}>hLCoQYVoC%@QBpX6 zF_{wQ0R;=5_xv9-Xsn??1OR1B**A$Sl8UFVM1SAZkh5bCD0}m%LXnPBBH+NdbhFKI zneiEmR%twje1CZ3Pd73pv5{Rk(7=A6W%SqeePP+KsjF%D zyRo-H(&cL!N2qDXjars+5J%!m;sQqTK5*C=H%U~p1*nOFcoZUyYX@k;*4Fy+e#$ss z7CtIOE@Vl?Sf)a~HYV$=*3kK*Wf_~-t$u6P(8>KeBGGC>J|K1ZV)om*PXndjFBfZY zx~H2t&||Fy;aD>}aaTe|uLVAJMEct80USo{2+X>HSI|=ktlR2Okf>@S&p^O*cs2vU z@ZdQ>)`uo5P8j%fl(Zd|6AbB+sNQlzu(k=>@{+j7$mr zg7!jv4}0%+og*4%*yo$wS7w1V6=WvGXRkzPZLbk6-NS*z&SW%i)6-l5&HsT z`4kQeq)Wo@Psh;4$U?7tZ3>M;YfdfB$PVQmk6{{+WXUio8Pjqz2yPg+lGr2wu@?Lx5F}y%BIPV$k~OLRt*$f^bOCd@M9}wRihFuCriA_c#Ze~ z9byc#Boamk{;giZ(TR=%lz*r{i=4ieyt#Y&r7?ziH{-(zm6T*(6?o%gH^HG&YWpZ| z({9rQkKQkp>Q+XN`Jxgbb)DZX6GpU=J>QdXNItO*wfx2!wP{x+^b@V|ywH2{K&*$c z(XOrUE}&EBx6;G!G3qTGas^n=B9(+=w9Y088)bm+KDjy7vAP6s#TGreonvm9=yOTD zzA~Uho{pLrVS)L-m+xK`X>ed3!(Y&iu($|#P(%(LP}fo0@a%s#-P8CrP8Amh%{i|B zR-E!)^W-eOh}tLh&&iU4GM1AT&!U&6ZlM`RM}#1~rKriv-+*AK2KHP26cB6=5?+Zb ze8q#AA@6tS2A*gsv=#zVjWUA2Q3Up1VGEh+OM&0|gW$@H(ae!(W~C|l6JA7w5+_Kf zoC&#t^gQJv0j;xa9xk;p6qAz(*pNm9kE?Nj?XEh+V^uo>6hCc~#o(-%o?W znx}0`d-&?-$#8~mtDj&QVjC*JkVYt0k4YR`NYOYzyS|yXuI?OoQLOllm<{zM4yIUz zSfFlpj7XzCa{Q~eMnMh-^I6#a4teR(O02x)T74|wjg^nz@uu~=KC2XxCiS?<;3t!s zpfm-9nw0_*oa1kGl%F55SxGm#I?Ake5i?igm+@;NEQD5M>R!zZ%3LZU-Oq0yW35^c zcSI+d*R~v2k~{e+COl7kGE&yR320s*53KJ1bXa;l+&jGSy=cY zi3c(ohbb>6r4+5NE!%n^Mhsh<6^efZIL0OD&4=9v!k_7Qrne=J12Cr1oOPI4ydAHd z+;P|@=v3^u$%r~KCy8jzpG?V_)$dldwhE*5=WTcCr@&(^@T$Sa$jLXh9vb5d`5aAc zzLDM@*pS_fCCxg$EW?c}(UjOrl_wl`B(>?90*6i-BfDYuVWHGOpV{;GmPp{_b!tw| z@xC1_!+gpaJHfF=gNqHUbP<%#}a$TD#3KG3*hG&;tEGU$VE!NKTys!k*CI_ zTYIrWzk@HiM^hm2#W~G1-3J5joc+}sb{)Q2-@>PjJaCkVez_s8{MzWvEOYQ| zua3le`~+D0|7HnmFt4?dP#HZcdEI~&nF$_bEFJb=Nr%?|9h2C&Qo29A#f{Dop0_<@ ztV^I=!n?M$P&zp|CVhCN%7BrqjHlMOo`gjwBY>Ci8Rr+=dS%q-V4W87o9ilf&2?MJ z(%_V8^QX<6u{ngfV#BH$6sI{{YcP^U9<}_%IT!84{tS`7z?Q=-GqVbSmym0}xvS5m z!Aq?UC0w^tw@R>mQi@$km}e{5dp=QMnhFrESzp86_>DSzuR;+FSHboY_{N@^j~Io) z(bU9SIDq5%tG=x8(Hq*^pB_fnB)7ltF3;l!Yf$d>ks)K0BLcadiXU5I6#b-F zdV8|~xp1Y_?MDA8Sw2bR-7s2B#4bWZnW=&MWVl}XQ))qOPv=>w^%-*>1(>R246`YaTTq8AnM1bXkM@>>g-7W)SA!S4l z1C8r`^3ybm&j(`SOO|(%lRiOkf~GyM1tqW?Cv61?B5&{m)sry0d1=J6POHQyFKjGn-pU&S@oDB0kJ(xN-Oqbz}F9ORS8giV>oT7pwdA#zs*a!?r_D z^wmDmberT?I;4w_vHwnTR-AWYFvblNm+HQ~I4qkBST(N;m%^TLB6ZUx2LzIwBDkI_!`^?6@^L1$V!7J=Ek+_%x4x>bL| zNiDnCB`{uiH^}wc0G-&#%-L$zC3A%err{YntT6&wL2LdoJ`D^^sR%4&JRKHDWd9oq z`7a+sfh&}NEA_7Q`PWNsucc9d7WO1A!wJ=K4!l(NTCz+9n?T$#X0+*i!JoZmx2<$M znNxeGxW_WxoR0JZ>nuPuzM21S8l31={$96&Ono(^^0(jZ?RUqL;Q}MH6>Lu4`W}Z( zzDc^Omu&bolHfKRjO*$t87?G~VU{W~T3v!?r7E_W8-VB8B^&;J`%@l7aj>^y!+@UD zhmI@X8uPfpp{XiS`A8HHclZCa?yQ@G>6Q34K>^1s6Qz2f6U*nQ9ls z4;^pBMEagGJ%JJQ^y$X6eqbU#${NL_!%ds*023E@RsIq&=iS!4#-p{k=$wIS{-hri zP;s}j)$>&`yDQR8g=<=h1Qg-bCX>6>i^sp$yM}Dy*hIJV$<{md#!y`glVe%k1j&gG zKQl)khsYbvW>6SC^KValzT>i)mdW#WG; zBhic1m2)VcMiHG;WqO2QpG^=IXPmw#KxiQ^*;*&dJR258skz2#5X6U#phQ!~el4g% z3Ijt-@Xz3VNXz`+Vmm4I-gA9|vwJ;53&YO8)-pA;%$bck)oW(&+L3AnU%%#>WReX! zf4bQ@Kf7k^wWSP1O-wAHQIniq?O$c2ch^|MXeop6<_Tjzp_VCRIu+PrfO|HM>Te$9>Lu>dxHcJMpqi z>L3oAR&e8OU`tvEg<`)&gi=4tb3QgmTIT5}6bfR}SSe7wL?$ExY0v))n1j}-a{yJ*{nQ4cG z(ix0a;%nvU=G?i7HPxx6xM0qKNUPY6v7II*?hZ!B3;N!X_N&;|60!>Zz!e1h*Z`7z zyak}N4p@x#2U*+tk$->IK~S{mwN41BHNw=LLA^7E3vsJyg>JReCVR4U%BEfx(;;=$DU^!oyi`Eqc8Jhd!#4+Wc}l>>$h3@ z85oJI?_Ua1GGs7eQCF=XOcSw2wQ?JX?y=Bp7r$yA^;O_Gc)Swd3107>x%&7hRXADV zb;U37r|&!hjRJA$V2AaKrq8gFx+b4h+c@)8CO>jfL>bj*n|Lklf)9>1;F@G_5C(~IpNtFATi>68o6F4}%I*Fp2prTW27Utt9oNrDg-@R8vGjX;dq zNd2kq*8WDfi4!FBV z7rdA;vmxZLZzBZv2iYLj(tiBnW?Mkv))=u+J6)0|h$*;G!0s0kS1_ss7Wz_f#8cup ztcqm1D*IEM|5VMLIEjcjjzSLfETGYgbG3IXU(R2~+Yq09mt$uwa2R~Kx+#1x-wc2PlNH~T}unoDvpB4vpm}COc1S}ZAmqsfr%It zK)s8N-#gJ*Zgs&5>U>qJXn>pkIM>v>Nvm#CITp+jbLJP896d(3cqXL*0KV409Cd75$u8|zp;_t583&fBT* z*bMnhN#2Qvf>}aTuar>WfOT-R%F6fMfwnjO^%*B~M=NU{Me1yT!f$_9F5p!Y)epOL z15%+o6qJ^&(6PAgLv}OX@LCSd`nxEC#O;O9G6j;t&huuR>hMR$HTJ-j|`hQa98P2$-%6aIQX9$ zF9i9ltRz=D;HRLt@Y<~9-E)z9n;ok;Ck`{W7Ch<6{$teyZ!6?-O~5Y7Tg zo}y=_Kv9IN2`$`L+9fV1#W&|hWLa+sXtwBmE|PAKrbjPWsCdoy_DQxK~)>NnUV{>=82m?KsXrwoNU%-Z? znWVo<3Gjy=NA}|vRv1v$aPo&I)WFpj~&eF4ec8Ve-Pi@x*Fh1 zdy}12^TztyrK$J>ORu)V^uc}+EiJe9RJ1i{K-OLA=$zd7To&XA z0nZ5JjV;|0lbMFE1hQhfy{(y_;TjMZ{(c$bGI(fbdf>|clIUeYeBTx%1(*wESZ`+q z4aE7S#xTB}WTcG#`h_$gR{j1cipPO`Ld<}B`&<3_rEnZ1quJV5%U0$|gvbqck=~pa zC(A|F2i8fWp^(Rl1&{X|Iz$GC8QBRHXPyR?jkKCIwQOdJv(C8p@F6g;&Je!L*Pls4 zOy2(1I~>>~F8j^e=7)+#jI|;7&HGBnm>GRCy{kRUF%isKSAj?*a(TFcjYv;xKHp_) z$gV1jOz3zdC?P6#Ox45#?f2yzBfvO zscY-&X4wV41%rtboUP>)kqtALg1d8l=lC!=U%JX1a#6Dxi1_J`zRd;Y<{BHJ9I!l1 zdeXLt|orZ&SDOXalUYk7GW6++h7?B2SP$oD!OWk0^*T| z&_Y?%U?4v957+#@^n=Bit0@6=clNwL|~~jOOFfir10x>$buI&VT@swx|Ld~A z8LrbQoX}%Vm$}OD!6~isA=)i!|K?%tNK$ovZE~b|81mvIHmk^?$lG}prBFr%;ozyq z22jCBs+tDE3wHjQa?G~UcXg{*kV%Sp436&ecI{k#`J}bzYS9?+gjy9!mT}Ly{(!mE zIODBGAEbUzUHu|pJv`{A(RS5jrxq4LCzm)uYS^%$a#xl!}cDZ(y z&!5-xVo}>LgAlbDNtSAZN^GdU?}H&|83k8gXRPmvT@{y+bZp^F8Ho-2VXDu5-^~{C zdiU`m3#nbIWlSvIu$3ZK=)&SBPA@hDVX~@kW0#bu@Waj>l3ZPDHwd2mUXU$`-P_PmF_#V%k+(Sy%`*SpaPMX&K>+~ zm$%P+pNTWmgJZ^Bf+IXsW>4*}pJ;s)90`vC{woj`&`7JPxy`}BChV;Xop?+OaqX|K z0@QG=$U_l7C2u(>NBhbevoSY;(9a;{FY&T8G{lFeKbtTx-V9P(gz%DO6Ln<#Bue170jz? zm&N|eYBX>a!NtR)(&QzonF6zjKf%MOcnJ60AZ|A-)5t&6W zLCpJ~P$B!0kT>;fd^>^)X<=CZoEQB(#veCnd2y zNdd%oNnuG*u(`-Z?GgVon^0$-1NHVMUyl#*4({Kpp4_@p$YIr^jc53w#JgiVAtvQr z%41O(W~l1v^$KLj?E3tT+l})-3yV1V1=1PYpDOzRXn}J{{=VsEoL%$za>v|t`(!QBI|M(zd$ERgQ zG%&+`j7EI_UnxsB3=uH=*j-~o`&NFTi+Xq-75w_MOXAY1&o%C~X|ce*m^+&hYn=y& zDs`#=LF?ww6C!Rf*m{7WIn>R6Ghwg!?JzQ6xPI?@Z= zWV$HGW-rywVRp0=l3uX+dP}+EA|)VW|HXbb1613K0E#(kH147qDaJ2SsvJd8f7VEP z$~{k3wq9;=EP5ec(MB~h$PpK^hbjB6%m-fRY4JKsMkZMcH4b}(&nHQ75rjP{`PJos z-pU=L&XFjHPLPWS#*O+7Qp02!91bPI>zD8FU?AIraAaW5Y=ihk8Tar5(7G71M@QL8 z7Gq`WVSj>*doTSr*nyUyawC!iD@oko^`#PiN^gSQfZQ(^QF}Y3A3UCWv|oL>yT05W z27`YepFx&HJ6cF@Uk03QeA+zkxViqa32tq<+;%z1&H1qS^5)m^#U@0xBjEOMe+Mk~ zvhDKA`Q0U$W2p^%aT<92`}oTyzf;(#$&yjP^{=1jVE?OMyI1j4fdLnnn@fRrhfU(Q zxAPDallD5Xj_b9b(@PyMeJ?I{`?09nZ!Wig4xgQUnm3t;(^&$a-ws23bi}Tw0-OC# zzO3T1`sq58pF6(D)2JMBY1O#=hvsqh(=8@HPka%6gJ)SLu(_KC|kkR7im*!rgKxy#h-h5ubJ%9%pC;os&y zbbwF`h_d6$O!tjjbLyTy z!A#BG_(noeA1I`!aP)n!LvVdg$;^EG89~84@q&!w|tY5_g8du*12+zB;)Z zxe+=z$m%$`895UgJs|Hmxf=N?^zk68{p4cghfw?hdHc!v$af)^gRHibvyrbtst4q4 zCnqDrLL3KKt!GDk;yj7j7&pTneD8QiXI*=RZ7A|YZ3Z}v$FONc4`uU~amD-JfB|K? z$s?(!puYC(WB*7)J!Z@LRvc6#7#c1D*^+9QM@prNUEUmdVOA|P#;I|XAg%RKTDb0J zEqsL$Lo6XR=7VmHjG3Z}3D{R$r}gdPvSftKj}9Jb>rK$tE+bp$CxR6FIMGt+MZ8%R zaY$ZP8*#7%yfTmZ-O(0p;qu2!S1-I^*-$Hxgw2Nhvi{*3&!j<9-Rrl5t}>`lOhG$eLS6!mmf z1~Y#P8wpFZ)G}d#GEP!YF_fy<#O>|Ess{42C!avFL14u1>C~ecb>z<&{op~Vcr`uZ zdMqk-gZSdZdhOO;h&Avzcm!!Y%Xh;8{F_>c8Mtp-VVT!cqNYputuc}q6iRrOV+c__ zG_M2w+9Ntv5dE3515u+n%w7bRqG<|yH6{#znxCXS6Jhi6y*<^O-nm`GL0fP0AvjR= z8jnBsd=I9L8CLYdK(_Zh``}j9?7oulP05tsp^N0ToL^v8L(!KAJCwAYV_B6%EF~W> zulR{}>JF{8qAGK@U388M2Z?x(lEKcJKAs-R@nxTscu%fjiWlX*c4J7VkA zUhFmxspVO2joi4Z+1S#INuC-G(|P>H-wTajgu>wifi#PFsld4pW~?I|a&|IaA-My3 zWh5~;m^B-TLMbzxxCi$rGU}FuzYeYho~e2)LuZ!a6;G~bnq5>?t-a7QumLt4MF?6l~p_5_o|cLBzz*+IVj(_36185LnA3HKK(z?rN(@ ze~dG2U`rZx??g_Qy{0`PHJ3VyKbD(*x-$V*L2>Pq2uNav{j5Ib)(@jM`&{XcU=?rq zrLW-R>`Us}WR-+&3H!b}Da4`9tT+}Wy&;XL2)O6DwlXxJ5h;fZpQzb3mS1#LT#0%w zVvkEh>SK!%q;sghdKa|z4VWgzq_>n4;`@{p{jz>FmdhZ=Whp2#--<~34gRSn#b;wC zu-vN?GOiMRRb)2t7#*D>#RMM0sWf<|G#LHwnp26RCH%XgoA{U?aAo~)X=lDN_2&_a zOP+Hj+@&M^^jDHpg43yIki#KkPE+EoOM;aixBBc71v^)|h25mgb!@aK_o~__d(&kn zMqEEwt4!f*9L@0e6d&_^!^cc|=1%EKykNC-SeyL1rYF6f-cJPaKlTs@{_rA>`RriF zP*+JLLR?HHsidUSP7mDkaW&j=6GEpSq1W;<2}KrBXh~w`FVzM z)UZ)vCEqp8Z1d$mpbOOKAEYTI#_AXqWodB8)sezSsXAfECXDu30rrJmx4!n;q}7>sPSa0^{?^i77RR^IP!DWbuRVFTZb@>;y|YUM!Lbd!EgD5Z#a zDUakXLD7Oe{27bImkM1^d2eMW4e-P^4$8Ox}Ak zPsWXynUwu8)_l#WqY9L0S}n2+HB5DM<+(5%HpE()lq!`h7@Kwr1a?>j>cZ}D)X>Y2 zrwqmE41TJa-jtyd1iVk&hF~~h<lJfQ%Hy+V|&@m=Aj*{6%+d#jWtIy z7=J-mm;|?Q)%*REzG$sB`yArkRNE*`%_nC~V>Lx@o_;N`(9dw5!*5n*w&*-%mqY~$ zQ-;GcH!8n(>C90I*IHn5ct2(2`li#ZQ^h76=`^1bxrTqeyKDiIy~K1b%HyXm>_EanDz2#95qE>ZXu|*Hp|5rVplC1zKqL z>`g0z6fkNq->G_*aezkNOp70V8!By})Ne5ioN&9=Yk6G5z*A%VGxrRxv)rm~R?Bbe z_$&n`%$Tjf!X6x#(UcLE_oV<&yP-->?n(FT6v!2h5q1PO?&b=ZQItB^xXlh?^lk9s zZkDIw1Kq6@Qpa#7G(Lg8&}*?}44327)8H--SvuY@bY=_|*F@r}2rP%5C<`nWF0o}+ z=Dz+p1j{pr&Wvc#u{{-R`q+a`j%((~iUp{vit;%JhGPSqG(GjwLsC>;-hGSW#s2B zT<#l;pb-b7I`eSxFAJ*!cV;F{ZY@NkkGDG9={)FipUrgx5qs{*G=3M?TF^#}!7RZ~ z{b2l@-P5mG&g;@(jgCJ45}eG_EN#olxJeJ(u{zu5;okEu?xU4A)~;LA`*R+M5rMrQ z&WtfIZv>6}RoItnm(Ve9x((4rfEIT{|B>Y}4siDqGBe*I6F-Mh660;6g*lIK%(kip z$Lc)EkAwA_=oEh6n~VmyJZ;fRMQpalXqtaz<$dyOnmAP(C?siB`B8qF)s=T{YcM`? zsK7A|obYjozD!)~=xGU@<({h8{A>=7z^P_djk?E8`$l>0MAlhZMol2K2Op_3{=!y+ zI;;x>b_R|K%(!Q+f#;!Jl(SVJLE`GJOyoA899h>*6Yyp><#QL~sQw`cOK`Uk34g$P z{DSHh@oWhkAynL7cY!Dx7E?1(Dvnkp*%f?Ja$(`ohRlGkBoW|vR?+R`SN%%YHN7v!{W2 z>yTLcU{)(P*6nQtiuG8;25nLxUb9)tgSqAXlXtcyq@H~$anV+j?D;ugDa@WHn@bpO zzY3GL!kCVzE~hBk=?B8~r;gszX(0(8P1m)VM9WjMIeJ7{mK>){4I{&2Sb|e>{H$gTl1l4!=;XezsQW1bQ6R(@ZT-UB-KwA-GpVfu_C|;4YxSM>&o|f zvs72`o;4Pa91U)Mu*Bxed}cU?p3GT3AjSQOwHltz2ZXSc;H)u}8kNKPepVtjGZseZ zv*1j2n2KFq#%QXiX%QNP45uAuMTn9rJvz0x7VKTxxNj+|-3+cwHfQfi%)Z`NAY#zr zq!oI)gD~RN|LGYk9Hj$nnoFpe>`k$xzH1E~l2FEetgEA?A)!V_Hu<*7h@&)-l(kph zq^`WMPj^+avaY(bIs&!h9J63I-lkgIDlNAV*~P1A_~qOf;fvhZy+f5W|GY@gu7oJZ zUU0ZK>ZzBckThzXb<`*L0Y*Y}dgk0`4T@ThbRj|%yDALsG@aoeVrpGz%?t$I1%-Tn zY6)MY#~Ie+7+Y(Xx9mvs2D57<$~x6O0%7TykhI=HTxmQbrnkMci+th$CaY7S73(F8 z;J2__V3gRgea64!=I$XYg0P0CQ$G?KoC70P*W-O>eg9*m1l|HfR*L@9yWirGij$P= z2mWkS{T6Ry4Sj$7N{xZQ>l9&c4v%fa*?cNl1+6opBE?#HW%uccvk!RiEqr+z_5sWD zwN|wb5C(bm&5*PyO*uSO`RAUK6~*L5Ct9q#%yfHS9B5g4n{Jq$q>F3|#OMPWQeeT} z-gf7#Kh$rq3Ct`}1DKsO3vC<4iYhv^hPRQ=b|1fgIrXBHSd)TPfCCPq03)7X%f#14 zn2fu0n@_n{x)$}`7xxM`rp%aGIV|2ZPODTiljKWuVX>fNIel#8^EZvmBnJ~kKj)-n zj*wCkAh|*bm-tUKX)kYFX}C?ozzdqK;J_$osh?uF=(s z_V!pb)%WU{bha?xQrHS#vfQrphL=Vu|w zQzbh{74=SEw^yd@ww11*S( zVPRmL8#uqialnEt$t=?9L8&57@w1rP!`8jg>gDC~jqcj)TE1dR4=C=7oPT)=vD~#V zk~T5To??;ZrD1~WtxK@aEr5JyFwO&{EAVBt!Q^$zW6h22pBv?y>JKgJV0Y;onG#YI zn+C_b{FBZ1e#6>tB)wJ3)3Z0=q59w*kFiGOh~+CYfIAId&M?hc!6bf@7^x!HC0lq= z`y30KToU04(*dV4)9tulW!;s>+XJPPy3-1j3>EJZ$F7KtccOw%QQs8HXTETu{ay0g z>FRJnHnwQTyBC%qW0|?3v$b9tvQ*p8@+sN8p)=}f2Sy7!edK)ojDmCBWKlfj7Y+AF zWAYjFJ3>TX$y_U6SSkF4BFQw5O|L+oj`_Fw2ChoZ=FJN@NxwGRPTaVbnkZ1u28TO( zW*;#`r+@JF%$U$qAjDfGQ9Ett0LvX=Bp>DCHC zKM!i6c7ov2>(W*>)fMKpr}9lkNk}yF@~am4M`9nOYR_S@;|#sz`&6F`H;Y?&z1m^ z48q_6p#JPD@HcA27C;dKI}IQ}oS;aq|BA-{jZ|}iBB5pE3CRDe#*OheYTNG~^$Uvn zuZHsfhkEhq9wp)lp#D_J{kt#5@cU~^2t|Or_5`l&zZ$5Le2mD`qE*sf!f0VJ{WQy06+Xd9B@4E9*oESAPx{B z3|w;J3w(&XKZp}_hwxxD0R|irE@b5;h#Z3S62uFKj`v{bK@A-I2cryX5E4KQH8?WD zhep)^pplyB!PvopLxq$DfLP$@i6KF+fZh&pftDL+3k%6Zi*z7x0te}X0f8F4WDmwI z0f5yD06q=~3?hY7B7bNW0s|Oz3WysRB!+QE3kT!t$l>An!qLhDlII1&hl~SYP!O=> z;$(p%c=$TB65y~Q6oDXAxZ2c*P687it_&NZm-z3orZng=HMn*N^y#Mx;JVWv zjAub0GK&BB7ysW}-=FdD)x`vXIA9|n>LI{qoe2UiG%D}me3q<#KMX=P-2dL2xcmnI zd-lHoIyYJGt+m7fb*#2nDgjO_xEULqTj5e=@^=!<9e6C0ET7Kz5+;wK|Af6o?KY8U~CL zo2Cb2xdsjqk{JeKf!&3;g@YI%yJ5g!bLo6I`YarP`gA`ShphlKD;yXEx4jQ7d(gv( z0}lqc8#pW%0UXBs{Lqpf0US;pelYeUK!oJ?$w)jH7|mc980>$C`TcYDD1Sd|8DUM}kD)bbmmyBSFG&C)<#D=ri%b!yAaa2Hq{}_`yhq8q~iYjBTh< zc=2F}MFB?971Yp#W4e22+=&8yR2;A%Na7V76GSE)gq;=+LWh_}gD^qW@F0j=G)M!~ zgb0F&H^9+Cwxa=bC-Og*XbfOUqW@zhL#;lndy5XT9Rqyt!#EI>tYpYF*L)V__wO5Fo8_z{wq)_f51A z^mxD;7yJjH6A!>OrT?)?pjM0OKh`=|qYwRA3Tfl(*4arRgMpU5Hzh`7fPqXuNRmoF5E!yMNDmZvTJY56%?|(1SB@djL|W0KfM}_Xk7N d34{iny8h?>9eVt8Yo=2`1c>KefF}U+{{VW7%!2>` delta 32572 zcmZ6xV{}~&*fbnljcqoz8{2joHFnZCIk9cqXw1g8ZJUk#o%ViSeSgl%&X26Db!N}Z zH8WL>NPo(ZYTDr;z50;CB@%kzX#ur}avP^~N zz0Qp5iPAQ->Ot7r22G6!*9JU;5f}eD8ngpz&`w*+IwSHy(N;kYelKUIttNR}^8ak) zX+NfwxmFsSUvKOqhRfca0s&NYy7I94RQ~T+J$K zVb#~-zF>weH+fqcI@6U{+i8QdWA**dzK8Xj{6=`A=DL;>Ax*XRO(k`w^Li@x(Spho ztD9j4r-7Y|ZfY|-7eQ<9+8(n?| z(UmzU+QhN-na@jnE`$BeebF4x1)G*QrXqGUhgutos~zGxty~vbG$|dXSB^|f>@agV zOsO>swcyxS)+4w`-ugBmVk|@(+SL^b4IWeuS#q2orHr36Z%2T|vD12iXJ2<8{NLvk ztJe{qTJG>B4N?XY#`NRV+$ z?6amS6^}ajs*63A09P9zA2e?i3%qKl*~6pLayRw65ov5Dg!QDwx~~eLp&(Ohy%$UX zo^@rni_kK%?{k2?G`2{0$6(d=PN?{U7u+mQ@yu5^dO>~QhZPzS5a+d|*JFRpi|e4BpivD)LYZVM0KXwF(oK%tT|F!OXsx&RO% z^i2+9h%~?^XU3x>3@E&-a;4XSIJ6y33}g2()ahhEyZ=(}n!bnHz?>5HvO#@djRIBn zlk)KWcN{5Y^B=p?NYWp}=fuv+_z49?Kis-OgX!S-^nFI=Wf2)s@IJp^*al%1{qwxGX zZ}SZjHkGp`nIIW*WiRDFm(D}($> zs{%CmD?;MIOjzD3(Z%>4WPJ&p+#cX&lVm@8D6jOoZ;Z~a)B`Iz$BnZ@`NeV z*$6T!mLi1Nj>A!TK*H#(EHH+mKtTmfCQ~)P3@n-d!S*AjP9{!oE4Ns#C>`%0@iZc# zv&EU`PJ1lG6|SML_S;t12N%k3hw|reM}!ap{K170-e*T~n6x6!PnpZ5A&p-WY~il< zyC$!stosPLPdsA{VO$}`o&7$xdfST$A76Vwq3b3XL}%AfE@(LD^7*YD-|Hn`TH`YC z=4o{*ZN1J7)86JAHg&X!E8LH9QRip-+!HU+4vA3dY&MU-b_Tn557B;ePZztb0x*B~z-x zT59mQ>Mk_AtZbh9`5SA+KzNm)DiRk+0|deJixuoCS`KI0zkN+Fg+npegA)XaHUq%f z4^Ix1Q(7k*xJUZil)A+F8m|h0MO#2iT~f~-)o5;25s>qj^fO4Vcg|pCd~PIEMI|OE zH2V1M&ZhbQ3AOVPXu>YLcbh$3Xc*LoTr~reYjdV_8T*3sjX~O(a`X|ELD8f@5bz^> z9E?HT*;*Kj&bgqQ1vU***Xvj|7gf{@41=`Iyuk7A4-`CTcY$B2743Wml#^R zbr;!es=LowYk6N2cJ@|sCPkn1d+P;OsHe{rOhKnUfPb-GV1v45MEc(oCGgi~U=ttC zGvf6ES+H!cb7{F$sy*ib0HmvDojr@==a7r{l*6Cp5AP+c;2JkA+nDAD(@#FM*k>7z zp1DI<>ua;lTXI~m@qD!9Ek^iks&TaCO-A?}yDRiHzY%yc>%GiGNwjQ41p}-uSv1n< zgLD+x`P0HaYHYq1mFQ=CGU2x-1EO^a>NoafA3XCoQFCKgdMPsi2qPt|%^MMZP)fpg zcfHTX?#1~{--3JcEZFwk!g@bDKeTA@3Xo&Xpryn>j_G_L_i3x47Jq4|ByaFrObXBy}~<=*o`uhhxeTM@43vMo4BN*W*}}+Uj&EiZHYPDM3mg>O+=Njg zhr5d2hh{Sa1Qr)~x=4mb?q9{B;H=ckIOZn#Cjk2GUb6vSI@fq>tgm@N@RPcUy^VGZ z;pz?klOj6@`n3~Xy6C7~*Iv$E-{Gc~+CgvH9lbQduPP6rR&$TxOFwVGce#T>g2+X$ z14+d~CEt3_h``$LAsl^oVENvlr>d<94W3n5cNQ1rFNm(&n(cRveza@uNN~oT%_DZ@>l~^`m9Yt0X~{j_DWz) zias6hrct*agQdd|Z6HwgQWYx*?ci+5i~dY-FGnLx-n^kUy6`{i7n7TNgo6y%ZI2Zt zflHyr3)E|N{hrERu;F`?+9>Y*X|oLCGOSWUn}c$(<-BYRvJmq_F`6S5?~if90fso> zu5};N9hHWNNDUeI|LqEaM_WOE@fn%yNeU?bEVZBR-fI);Cs5@GeTk8C!*$bT3%ypF zAnui*2%v5+HA2}b@D~bHkj=?*Bq8br4|(pE;^)ZB9|eT&k*?Vfo}O0bWl&?9G4>c1 zG2p9Na7>N2%`7Gj3gS^CR_STT)-Tv8roa2m@GZP_j2-&stc@sOU$#5;mw+Qj^Q#Oj zjEAFf2`1%aef_w+Uh4U?ai5`ZWk(l7Dox9|yq3 z;AUf;nXnd}!GscgMSD*Wd&Qk50tTn`9~Az z3WLb1&kVr%&F&64?oklU#1Ea^Y53Sa?XNPMmvDDyM}t{p5_q%8g>m$>)3kHPhR@G) zyVMK%OOZIxFjWkSHnJ(NoyF{EqMm>{WBN)}WmuzajSH_08u3wma$F*4p;P!?9X1rl zpU5KW7$xUYvjGNGIK<)X{k{ObTlpLd|IGk2(F^1(nWAHm+5<$+YJPNX|HG-@>R;<@ zaxYb|(M~hb`LH*SGmCS&M#;I*l3rsM$*$!E_9}mAE<)cu|?IOFs4L<$iAeK_L zgQC65jY6NJI}fobZTIpvN*AUI_>Qb&tje(s))~G1ATCT6uR;_P5H=1!$0cdg2I|4V zSq@Er|GheZ>$GS2=I+`b3-#SU64{Rn2e+5Re+!e}G~C4=^*f8BFNGS5y~3 z!1Q3lAW|2W&x&7cu>D;7Ux1;UX>i@@fhAWiq%McRH$MCPa5~>x+0*CPq*@X$Z4xAh zi5t=>mY(?qe|P46q7Y|BXCt#(nv8Yajp&gH_~cll>0o9*S_Buif>YI5JHW|;cPq} z7fd)O%q;Y%zwjzHfeuYF59H^f{zE>twOBRlydb#Y8LxPF!Or)k{l;MLusXBQKpRJG z1!VXs_4em8&Lq45ML5WrOFu@z0+$Z+^%%~M2;bKw12(QOqq{2gaT zu~u7Z=M#B!XjdkAZB885O$xazQC%pVes2lD{2MJ~rv3M%5_h#+s(41Sz$4ZrfiB3c zw20cJ<~`{$xvpy{4iXduJFYXlK2{>KfI9>}VTK`a`xB3ckO%eo>mbXI(AhFX)4krdC6h)a)-~y~k9EGv!-s}Nu%<{NH@N#uao^1! z+)6DTM_G}nChSqeFz+I&1ev>Ve|*^Rrx}~j*}!R61Rp((Bl_rjzt!-4?cl^X!UWA@ z=KfV_!zzqW(NajMNN;CQq^hk9fUowDkgedRZYO{_Lx zKk9-weQ93!qZqXc$2^|jKSA{h`67^J1VW@WI5jB>G+O;vkT$a^>*chGOXhu11=z2{W?+ETht_xZ{ z#D9@AOJ8jCLPZK2VCy>_YJ;bJ2R~R~9fqvaj-CRyzxe$SA+BTjWTy6s9#pmM)_p?l zCWYKcKy}pPg&Q(Q?bAjF@KGDmU~ox-gdKk&90|XL=R`=yRE9UwfL3A0?hP%p4?*^b z&i3MS@rfXoPGI_J;=-gpLK36Dabi%?j$~9FVOn567NrNDGNK1_9vdQfPU3*O{wU`G z+u!5ra8G|}f}m>$RjWZ6@tIoGVZw39=^76`764$rf^nc`d~PNKyZK!o`cCH8^Mi=eMl-h`KSL5@YpRy`=*69pk8b8i| zUy*w&q7<&@bF=S!zUE|Rw)nIT^SJG;!Yu5E27ZBa>r*937m4=ySe{I#W=iIOtWxW9 zaz23Su>R(wnUnM_J=_To1c;7uAUYxu|Dr<`@IUZ?7q|z_Pq|N7XuOoTPc}| z2i!k&sMRL?|Ii`VBUK(#;xd?M4O)xUSfha~=4Y~UIZZA1$bSARj5_Kc5v+i)^=z|MimadEA+-fSbb2gg90`cZ(fy2BjPZ&3~qtw_;NT}RG&cY zc*l8~gCn{dY>r7`+v53=H_?V--)pPkclaavTY|L&Y9Oc8mS7izK*sOK?)yFcvI3oD zKLrSwKC4MxGl;_}kQLOSZnFIkZxCDWIiIOD6eymsT0!J;`SU;e*Gl5cvW_z zQJC!WlRS(ru#Gif3FFg^upN}>!`>9jQW4EVf82TfLXp^+^Z(@m+OJ;|+B;Jwz*qWU z>|J9Q@L4abGzkf((_frl1qA|xHL20-Dvdlv3>C1R%x*Z52!Je66BGJ-FU@tGuBRbw?iH* z5`MJ}H0D*f*#&5v$L{wxeSdQACRH=nKwzRqlz!M`7+Px%P_XA&x`W$E7Xc_5uT|`7 zE!azfutso)loE}k!~%GPi-`(C>+sGCySYY9Ye)3rmlRP))v=qkWd33%;+f|iQr}=yeD>!D zvf(f~5Hq^qQ>9PdB!IY;;qa-N{Vbr!v^t(xGlt{8N4=PVCAUzdi?TNB@_kNQYQY@W zjD4MMAD^L$_x2WcYrMO?mAMXRU52*B=ajx!kI=A31MRs^XXV89duC-?>}S4)XM+<5^bh6R3D;rnZJm0lyUQk!h>Gc(x~;OyH81!1JDRz)U~FCN9DRli^nLz zvc-<13&b2`fGW1Mhp{3K`t8BwaCdx>ciRjj#S^70Vd`m|gui>dkcITJ|5I^SUt;#U z$z)Zg8!3LDEXLokc3Aj*k2Z}Xg~a43eTJd1;e#W^1UK4%4{29$VJX+?6HBZlC-Q@cIy~TnJbpWm^J8 zAaDp1nDj{iYtgI!V`J&I(2hjmz8I?g3>wu_ySKN&57F#*u*`r|z2D$JC=+zY4?- z`K#)}5vV||Km{VOGb~cpR)z=Uc*w|>aMO24asU-5Qu3?zI+`O;fz*-=-qdP4_Ny*P z(mCga--|J`a4h~)poa~h0)ZNl;TkIZRiI~&wXbrVhCW6T?{|sWQhI`{4UBaOp3woSl>_I*}CE(_@O0s6L#?2of>h2w$8vOqw{=M`|O5HqN$F z+mUv2Ben-^TWV={zIGo+V@D4}kRa{4Gs)~Sh3N_)3(tarIaCrOM_uzaRqZXiYzdCXH++D)W7GIZ52Ef-@IjYV={qVJcccvGEOB1VOT zn8c@Uxq&2h#aS}9ml~f>+s0CkV^0G&e} z==M`F?OHxLELkUuV?pY5egvH*4|`w78sUS#TGh?$ci|^0lZ%9yp}rP?J%Tjb8J$Fstzl$tR$?)*ll!0z7q6EaJa6)*rlx^pH1;q z7Z%cyJv6otAugm1mS1X<8l9^_rAaC3j`Ru;w-&js&@vppWFdSgx0iUQPXiL9qzoGt ziX!4 zp8SFpKg=+Rr}K9D`A%}CM&c0iUP%i6L;hRsxrNZN2gd19NMJ#SN3<8WZR6&vpP6g| zagQ)!FP69o01@F3$Jtj`;IUh-bcK;})e%1D=er8#uiidCvjX3EB1_j3-N7-7bXhGA zP6VHYAplkE@6kL6Pmv&#fip5qKZ=OO-FZ)xw!y$0m3UY+Q`VFAL8(8f6xV- z0_^NIyVmp*zon4@)kDNW*{h*xH89Umf}somt2!X#7EeoG7Np}1BUi*dVHr!;%M~84 zsI0UbY*c%lrJS|nOaAY}{Sm|rT2xpjMr5s7V z#)mImbkgbDS#2VO(`NZJaGmqYcK=c#tISjtIcftkZm4p5_OP_WQ&?&2vGGZcTL%MR z2cXJ#XMgq4kuq6v7~o%di!zatIBb%!np*J^O-+xF<;T$A?e5HCLWAXqa0Vl6I=;Xm* z-PHo8e#@1f;I_j5R?Lvo!i7&SXwdkuK_81y*}eGL*0tzkxO0X@-=beQXi=7_%PY=!hNn-ywx zMaI*+o~$Fp&1hR#h`+RPl8Yr`o1LPQ?cR*Fq4(t{Xg#}QFAVHKS5H49BnXIqyeBC@ zF6N)9NqQlo+X_nnp%D#SD5ssbVN_d)sdvCP`Z82zgQ>XixmhbEO#T%@w100o-OQA) zT8odsBxtjRLwErv+8>2XpEW7MBVmVVOQQfsd~lYhB&pmzIA(pj?$Qie@(oMCD_6>t_xfd1)%Y|jI*CDeQuq1B)s1+6-7!cN+D2nt5;Es1RJ1a zP33N*fHFaANdiy_A9Q9Lu?3z^&A(0i6RkmNF_UT}kOw5|?tZG!$}M5cdxugc<^=?Q zN4RQ%-&Pkknpa=#TAMk#vBxr6H_J`huc4v_Oy_X>_8 z3Z&p4CrFWZC7rs?sqq#!Ama=yxL!dFIAYXia0DfAQ6rg%KoF2PNx@Dy=si0s+4f{j zC8HW@RMu&}fin~)#@2T@4D=hnioW4?M3@x`zC~*Jlm1>llaBkLq}C;BE7O8+&*`W? zt@mRpqMlfa(hybQwZqQx6A%_5XVC+$-XS>q_SB0AJ|JxB#~4rsxBH)~fsjDnyj0kM zGHGH}A7Mb$5WIr6`Qu}t(`Ak+swZt_doJA~%hU$u_uvMzjKqR$y2pht@v8=pCLtND zseruaNguBNw$=BYXkfYEcl6Skls43IG;_zR;^={P^RL%P_S`Ia~RI%ZUoBzb~q%7a$=}DpG-PgZz#~fu8DcbiF zD0k5SuPs?jY^|Ym|An?M+~43Mau%<)s{YCyMWBeFxpg${(P|{h7;Ro^lrt@^CQYN# zc#lFoSrfZIhESnpeE&@*fSMA|i^RkfK_sPUe^=`^05$5jU}R}pz?%()&e|M0QGm+$ zIWUK@S^(xSRwt97;c>ewW4~sCZLCUPMN1+J68sdvwi=pYZ(Zf39Sf=$^dL+eN1i+1 zD6~)qp=Z6{3z(dxBi)jGz^hC5ZD?jzx}|^B+(rFWyO=Q(Xf440lft?lTIf9T4f)4@ zNX8kXel;8{?|Fr=cp~?QWPJ)m!u{8~DFvG7heN_=mvzgIM|eg9H1M8qZTl_k;SWOW zdDdZ&){ZN`jOqICh^s8L-_BlA=yV}Nz$e8?q+LokemZ`kpCy;KV8O%eI@!Y_aZLh; z9S=qVMlkg?_}TzWU`4P;vPmvRqI@fq~0c!)_?XQ14!+NO4NIPXwdTEUqF> z-s^2{@8d)i=ryZOvWuM`*yki4(0{tUS71pVdda0jCR?F2;-?8eLFzC3CBfm!5)K=0 zfynUs@>ls%1U&wp*$G>A!0>-)i|XR9^hJ^s!NQdltIxbN$-Um3W203Xj9ZsTv0nhT zR$x(Rw1dLC&8)ozT#tCG3FXU$7<)C#*1+bd2PGSHQ|dM_o`xPLto`DCR?=$~=qPP# z7~b@~?1d~SWpq>p*~7q8(c53>rl1+Q)1%kNU5di+LwC0?04b(y$m0S|nuUV1WGR zrT+sM%V;m&zy2u7%>FN6#Q$%=WCQ)t@d_i9O&Uf_+cSlX#=om6Je&ZRlYt>$EWMvb z?lO47?gj9qHLQ0b2v(6N^5@UJlqM2Ae4ZEy@-IC5zkvDv4=@jI56zM095Jj4htOvY zr+e2p2t1`K(|#St$M0&gcGP*)LaN#j1&0GHO*h&hfPnCe z{KZH@RU|9`nClL0rJMuIUlOGMkXOvf+R>Naeq8qqBZ6C3Z#bsoB|&}rII*F#0Q z8{NJgEj80+N7o5g>*D2|A|w#^hAzn-JTRKbVNlNCn}#+d28=-n7lZ8qz8A!|f)!d_%j+<1u-h^vU{p@+-tB*fG;OE9UC+sV z0|SqxyZezoIX_JX)A$J7589Q>QcFvy@4)t_(?c^C)@WXCybnx=m2j81e~HSK9E)Oj zqoB}g7Kpri-UNfV*WH??EB)a%`+Kb-`J6IWAPJ(Qr1iAdz!^I zBu2-SG8b2UK0KWd6&-&cV0n0{1!Osqk-wZa6utuMu7+tlG@_Z#D!H8%p( ztqJ#MglR&iP>7sbbm0Ixf5_fXHo*^TBj{tQ0_dMVFW$cR1IU)|zRFDhcwRv;Sg=h` z+kmNM-DP)!C63C+pfL5ozkki7W^;dY%0D~%b~1|efOTSBlkcST4lrtE*n#K)9kuX# zOzN~Y)yI?&!uS9DIMi@>5?yJUC-&3h72kVn$PMq-4Pa+vAq*`gCVAt@OuL0O4vXO+ zT=nXsy$k-@VH6ySU#Fpcy{Q^vNiwYk4-~FmU>!*=8Px?%GOYxB7K#517R;f8FhUON z7~=01sKVbZLeXSeFXO);N8y!1*W>Tu9W^WoT&C@LAOLOWs^Sgp`0bbS5c3>uKM&M0 zx#%m8yNks7!whpMI2&P{S!dvh&x!u;e&hPDVE8}TAL&+t6IWP`5qD|Drm7n9(x5}A z7=B5UmgYa#gCr?gQG?1fxcE6Cd+3U(fThnC8sHs!d!e>4ZwVZe}b-LH2Yf;w8BFC z?s&M{Nl>T21D7dA8|tAWjL1GWnKRjN*qrotlK5mzk@s?gMoWuK1R$(pN<2g%szGbb zDCX=i!|~-08AGHc+Zpq&WKfKEb;-SipTuo&e*;p&SV@CWTV4Fl^{hJW0EZKNvOKfi zp8-rl=Ta}DfN>B{)u-Bc|3c#+e!3T8>-8QWtZvc9lIN*1m2E z6n9JN4y}YRq77R&z<)JXncx-14#5z%4)PmmERnuSEqm2-UmqrE`cpH-ivo6HjfjFL ziM`GzFy@!&AmX>I{07aF#^xB>!FLM9Qv>5BwyI9tlz8n&Y8r)aBrq5f!F1V<3xkPB zm4;9!GVP9xiHzM_kNJUIzg8#<0qeP05cLRjMi2>1Wq(hue{+a`Cs%-~cv zqk7eggUdKdrGc!CSwiV4;A$CIZ!mWWF6=g6i4af=Q6kvYvlC>m-Dz02Z?GIGmZSsB~r=K(2sef{CxwW(+D-A!X#Tj_x?;>5uF*WoH=GjoH>Z zAK=7NOPbG+2!mM>PAd_!NIzg2k*7bII!pukw(5y_xo=>LRJu+p)BO&rQb$IiQ1rZNt{m&9 zP!>t*5s1*5$n0nEI0H%pzX@T~k}qulRKxqjIi(aC*$4xA1OGwaG28YiG3Z4N_vnl6 z=21*g{S&aS{QLy@`%#&6Rqs{-4FRX^D%5Zf3jzX04WtrDnw6vCM4w)h4rnV0hqi6zZVhVFpeP_}Xg(b-P9}Tgngr z8Y0q|B-P?}KFZ^xn0Mk*gJAf3*1m6NapFT zN%tZGxoH|Mq4}}0bS0Xvg7|Jd6OF;73eyvFwTa>QaH+5USb-i`kXtZ5P8!9XJ}Of7 z<%P*382p9b01Jl!+$ZwlbAw%Az63ygX1-ILF;T~I^*Q2!hdcw*M0p;+kM9s3x z?z)W=th28CR&#pK*gpf50z$MTsxy@a^XWr#U3ys()@KlUc{{5Z8%v!Zn{8eHGxg_~?{dYhdgxC(VMTe0 zD(!vpM);C3HYqZyGCk*FT)>R8U3yOiRC04YKj9Cw z4hNe+OL);;2(k7b<>(hpf&%(ERPg9HGHdZ1F4grKqz%U$1`bu`9HOhB79c*FI zg?lh~K^LHmRuSD?qe24=IW;;4isv$u^~v!vDW!rbFz8QVTM7FV)hMt5%GQkTR-U1U zh>a*+Wn#c7YaKI})V=MNTxvW4F-QKFhy6V2csjsJlk}V%xI58EWZiM;j?|6-qV3yD z)W4O68V3~1rE#YmAS@-d&d)jHlNuq-aAFG(NV^T0)X7NBLZo>D$>B{!hi7ov;@pY# z!|#LqXbXbQL4<|G7Upd7L+nhACbyTNLh`m;Fh}y^XY{ql!7DIKf_7q$(f!wvMPb<| zfb?7kvo2xBJ@Ye#8gGL-@*{VfZPjl%H{=Ba)F&8~R&g1i*Q4S!oVS+8c1iVR0dpqO zv(GipdIX*JwN=2S&VuV-a%%xDbx^c3+ptqDyGbH}3FfKL&`d#d$mSLc%^@0_hoYw-b>^oM$2R)E!trs#6R9OLc0hrtPaG$FI#7CVoJwONvugrxU{}p6LV5 z`R}F50~oMb2~oag<@cs~U_hi}%A#D1rK??&r$_@(z`rkin{G5BxAGUo5j9MO@V|!B zgQaB;Cb`X2d7wT~su|TK2~X-5d~e%sbYT-3+J;aHG3L)xp7&k8iO-M$7t7AAIP#{z zSV@|G#8H5~pM=}|;$@UlywWxHZx^`!B#88jeXF?(A^9)Wb$%*g^C6;p?zs5!fA!D- zNVzT6<`ZIeeMxp^^3=8bxvv%e5qMz*hPg(OX@C&1*8IS@TFHup)}-eien9i$tC8an z>Oax;Wg2->{$=pdM~0?T*~qLB;){;^Wg*}47Qe_UN@#jgq;{U$ON#L~!w3YP!>X&N zHSxZj#AdQ|@5BRz>@+Y2_`(rQ`RJk(04LT5X>>2PME&Ismb-_M*LQ3fzYTHbit|6i zY>==b7Ct6cxpjeoH6H$bYJs;{`|Hap8Fo7&Ptg|j2gyNv9`oXG8uIY1!F^$zI|h1B z>q8@KverMq{pL7OD&ZsFT7X=I+9D@iV`GB8nHkK1#hbZPmyis)_#ch^QBx z+q&?d{{9o;%+xj8Rl$0=esm}}))KsH7dQ|Q*029j8S6hPOZvZRy;iEQEEE`j^#v4d zyK;-1r9ox`_OLVpxQ&L-&b`2d!u))7itZ5dtLHyXna>wxbnR4mQK}2QR6_fn`MY0J z7F>2dpE_~nyrs;=>xdtn@}ox zD)nSV%~DkCRBr~GRzr^ADQN|=h0oTQ)cw&xX1&-IvEhi1DB2BCR{eP<8sWbX+qE*% zA!JvwKJxw7$`{K4FDM#@HQp?Nc-?&s>0e1o89dwN2y62U7300IW9JT2HPfF3qy<*QT4f?<(O1ILn(vMWc3^D;)q*^uvnRPXn_8 zuJ4Vv4eF;eqgNyuFkm=JFt#HP<8}!5g4TsK@azrD=jAwUjH^1VWZ%kmQ^wB-`u(P#;Lwej;THmpKMuwhK~x=4y z>Gi;zJ&w{$E_cc4={BFYz>*As!KRJ^PZ5QkHH!L`qw$zYOuq=|J}uQ@+YdtUO=|-+ zmMFcL0!ceDIQ`Wvj)H4tkQ7#c*-8R#kJ{`QN5ldW+9DN4JWD2O)GWW!SIZBoAG_}l zE*4)oqY#$R!0QS{E++q`Og@T>&F)Bt8JEwmoTd_SF|*iY0it?}jp3KiuegE-F8_tx z>Q0U49#beEJQg3zGlF;qRI;X3qnJY6r*bAow7L_v_wYx(+k`tbTo87eWd~69Rq_6N zSN@xKCvE{N@c)(Y%A-=T1%)cgRZPEd*lhfd>YHW=|4VqEg91ghzU(9EJU(Y%O=|IH znndXXD&I?lj{YXR|Ffjp)3Ck%FX27uDC25|0WPT=fJ>^NJVT6> zc>qND0pfY0w2US2Jqapa$i)06xd;sLEU3%O?Iniq=n>SC{cj`&km5O;0?hSQ;GZ+3 z8%%ShT;S!EI|Le7i%sA|t4f2s?-e7-$Fg0bW}S8VS`|#>ad<4A2CrqHaJqc*$RX!O zOJ|`3k$z_~#&jX1kO23(f8IC^hxz8;0Aejr^1v+>P2BG|42Azar8*}L$Nvm_nL?m* zh%py8z-;F{e;)vr;JJO5s*<-XLphQU`~y242S-5NmvA~HVnAHby#Mk+w<@ClwWxCULV$;i$DfDgvjL&>$%6U3=Jn+$d(p_{ z9!-jnLJw7FKORq*Wx_gyVF1e^Klpj9B&r~shKb?QSh31*+GSGr>o=71T(Qk*|Hrr` zFy4g|5076C-v+r8gydN`E(cFhseOh(OO9F&b-9UgR!=j9JbXACvV?>r+SjVfsU%euv5*LL}i^EP~PmJGYket0H zl>T!Da?yXC0lO+@`^o|E2pSqdbzhAwCT_IWjGmM&c%684Ju6W4)MGZ~Gcb3K{%X8R z2g6pC3cP{nt+u6Tk^sa|whIi?RYrx!g84}KOtRoYZUG*_vJ*S8KSur@LByKI9;gGB zM!5jJ8+Bd|p`&ToeBi7?sL0&UXw1rXl7Qw9!~_shswRIS#YHmDOY&u*vkd!%xg;hUlKOY@rnje%FO>|W!*Cd@R)({*2CE_?hrBAegNw7xk8-#LnujD9X$KY$3R2+gYwsA2r%VJzt{M{9 z6^jSrwt5fs6Jk6;8&R?pDQyxrSjmwu`Q-RT5ZKTrshp z$H7JJBOmUukbv@;3MTba$|1IJW>mzbAZrfpkDEViz%4m}6`cB+`2G_$osTAPOTKPZ z-HjG)#|tB#S>7SFPzIrk$KLGn^H`1gEA9Y@_+`LS3fM{gG9l0C zOrRqe_G*=FN)U_w>@NY{Dfcpbc{FtIoy~w7OD)OcnkhIOrNbw*iO!TvjY&wk9-uK&`lpIgse;l%=A9vgDSQiyEmvs zM_d~5IFDw$(gFP{>FbCgTlXIku^FSF5H5XzCIdH0nn+~8Rw^vU?+h2hP)xcPNLaKk zFfLms^rV8fSwFS!zhv4IfQ93t7%0Htc7dj45gT|8ziWYM^b;o%L%G1%jlaQNe?UO2 z$;_^i?~I|5W0A4AlL>6)``*Yix^{#&Fc!ED^2|D8qLy@)X($(X+iv0{$b2GG zfwKtn1)u>WM~aJGHvi&A+0;4YMp;QXng2&Wbyjx~r`IQxPhBPL)*~e^MffwOUisqZNa~Gm-XhM|DDFa`T#FHinNGeMTzR-M2mteSsf*t?YVki% zsekF%n)0VzQmIQj3{mo%&6D%I=5+O>YEw!+TQUm@L31bF0D66a+ivrcrhN)HPas|L2eAimdMPwMLb{9JGUHkLDk1 zic#R=!}mTUWmBUD=TT;OX_AvZ^HJPRKXYDR>2tfDs1AU3=cXO5Wm%dC>IyAj8l0&V zcwj6FV4v} zz5OaEiA%TnWxyo?OeTjm3NK7F^v`u6N&?h;k;(U#E4Ms{Ma(TjE9!tIMGkszy>obenE)5nMz*t{s@8Xe5y%{i?6E$IYxP0=9?2yQ9EM3ru=|TX=`pe5x7+C6#m~~5F`pcBC^Z5Tuf0@bIB7o_y zhSHV221tZyZHV>qVYP~`nLR^u3r7^;m}tQz^Wrd+;o8b9@P z<;LH@onliOJ&l8YLy@^GJS2ZWLCo3XmAZuS<1eUd2-qrG^9%13)0Rj` zm6(J8z(sWHq(8N1oUJD65YC)%POA82yG)SkQNJ)2hNlLy0+|TuX{k{C*xYmAVpP4=D z?6db;>sixoa#N;}L29Kl7dXh6+s{Kap-H8LN3Tr0-g)i0~pu%;me{T;*Me>xSagYyXqlIWV2j@Ek znc*?pLi@3bnK$-5Jh?htV7T7NWuO-GmsxG306u%2D&Z6*Y{w;c+6^ex*eP*pF zE?^%y84_%Pj`yTZ48*~S=+r`sh=tBAravIPP_RGAmSh_os8sN~NX}q+we^dNI1OfG z3qN#-Lt!a_F5K$yBcC6lX7xuQxxwi>56SyhSzGNFEOO$Q!<@v}(m4eBLNg95icLb8 zhlDEppI6(wa(iANUQ33iO*0K)_ECp>az|Ij{DcG@iM?~j@Ag2cygRby?#$z88&ux@ z&HE<8$?-*DE(W50LUvU8-dW2=< zxWjbXmj-)U2stpJSybsk_0c*O(;99|T~?h8AmY2=A@7Hx=zrI1lp)-E9BJag5v_XW zC9K%N=}jK3F>pI%tK*pLIFgvFm6FT%!!HQsmxY>5)_gkIN&l49Rb7(vxNW0oCJc6} zdIa|m$K!dzUj#hpE%)K0zSPq+=dtIN!6i2b?Y4^$_tsT%cdoS=hR~&lEdPo!?+2vV&t1D*X zPmUiIYus|2fO1j>rD#!gY7l!W@B33X%Temn7%eQ;Tyu?>ccqmfQN^^c1y8Jzd8yzd z;@D%#IZ?iLRu|vVeeG~@NC5Xa1bsbNGpm%?n2vxJrQ!H+@JbhM2Fe7!zP zzYeM8*Y6l|iI10le_bR{ODS|`xHxfH?*95TNrQw%y-Uq?4N<5}7@|X-IG6UuWg8}& zgMqQ66fXjUsV=V@qQ>>fkVX?AD17n`Q7Gl>*NJ6zTDZhXdik>O2{pihTCIOz$Rz>{ zIp`ff0lRwBD(;R0brv#ZCO76k5vDrff+iVd+Pht*nrbgUaTfZW-bL||AFQC!`+|&? z-uqqHjJIgFUVrVh!2&{oE#>SU1o!Rt@->GX$WzDX2oy}A-;p%f+uO0)b7057P({qg z@3!Z|HJPc#r1|WSssY9}#%DgVi0Cr{JjJNN; zLkRB!l!6~ZhNI#?6G=W3L0#*Z!g9On>nbbH@}H~`i`%(s#|VrH?rY3q0J3|3wY5Bv zbUDge+$f6dVVxyNA&XG2U|Y`Fb2U`^80a|^I~d;4iY2QyLPp~`%xIB2Ou^$KjXa@& z{8_2~pq+ssHyqdaQ+m>`#m7MtXo0d!)$QXS1vC!qUn(*tp(nL2BB8=^!=tuYC^NhP_VJcP_Z9^G!;fS4o)R(YU zkxI3L@YRSQk>nHiv*RP_t*EX`lZ%Blfs{SghArO*>IvjKPP(&fE7 zwl`JXF-{&r^DaQM`p~VExc5;E{WUwXR5N9xI7`R#+4g_jv5Mt=Rn&Lx*c-qdyEg&f z6s(9{Jv+*pn1dL`#a7S9o%a>T^;ct2-s5fDE#ZY^<@Kxu)WsZkeKta7W9QfRN~E_}OSYc|jMstn zj{uGPOBByK$hGygW=+~yg$+Y3;T3ujd{&NjZy{H7?(H%E#MXJ!pw~=jK_ujpK|&>M zYN_e(G>Za%Eaa+ZN%4ACZ~H&T^$ZDTR1L{s2G zW-;u{sD%Ts_80JcoZB~fL|!l-1nlxQRC!@_fmIK-mVnFw=E@CxfSWQ2W8GuK+b}8g zG1yRPC-#bb1K6n=E*aAFEbeu^FNj@a_-_;me0Yl7uRF0_2QOh8%%}2ZqBgvLE$nf7 zAuDqB3J7&Og#;K9f3Ie}j3l`M)wW^7>LZ}7l(=^7Py!Yu1PjeVf(7E44;!s-Ktu?C zR&z__`CNP_rUQ;t;gg?}FV)}MEEAW%GqFyC)j65>v0H-4d1Hxv{-|etX1pFq#W5vm za<&U9b`Dy`muxgH#vWyqo^R`rXj5B&G`H4g1YWu_b>oh)&$LgaD*Pk> zW@e9o%F2e44us$Ev+gh^c{}cpjO*}%cyZAXJ&oA4Z{Yp|Pj1pkMEVrP#vniBW*(x; zjat=TOu00-E1a5ZmJ^b(@tfjBkzcOi_S6iy8&|%g&~mi=n3;G=hjFqhT$keW6f!pS z=FyE1pAyTc#mpy-GtHuQ9%%?D<%|mTN`g+OYH^rTc zzjlonHi#VUtSJl!D76DKivM7i&?p{QL`cFs@KXsmEV1?=$X=gRrrmUl^rCe8_NJX? zqSra2xPB6|$=0&;T<`OQjLOi{Sbn^mqKE7q zjM%2^q91U)d)YC}`y+X&B43D#=ZxJ|T^4pgXNRDwEQHvyuH(v%ML=LMp$_T)Cj(>r zJ_AGRpA3wB{P&yKwCA55GcZKdG&tkLX}<@m3!v2)zKY1(22u|1GB6Y_FdDOlqw^C4 zArU3VaA|(nNs;U=uW0ALRb)YykGRCr&Z#n~(ZGl;wYM8U3dW3)!F>vbd|V6jFp1em zvyChRT+Gv1fkTY?A@6lM{in(i=x7+o^N%`jNEkvb%5i=Hbm20IaldD#9W1`1{SMj< zkD`$>qi`9U9cH@tqAP3(EjBxN&-5S^`l9wWA*jc12>~kKGpzuj@D#}+C9w^}VMg;iTf7Z(}Uk+MRG5kPi*;0obAmXHzT_n#~np9kum*u-wFG zd_C4v;p{Ll-;@5a4Lns?LP$Jzu*Ph$byG@#-E0}zGPMS*Ma>9x+QqzwExWRMSe8n= zljypTL3IDt+DpQ=XPP=+86|ilR9cy6T~zFz9iJchRfq;~SM^y@F=b{y8{b&F&rdF< zYg(Rx&r;q*-;J1L%ay4lV=Ka3&D1|NraPVbm}vX%mF(znOkk%DetUWbJ*r%d?}Ucx zkQ=Pq`-6mvg}ep%1?V~Z-c6cJzM-6T{ZlG>X}2E^-;{DWb4t{`b#Ez21S9bwgzo+s z_+AEb=f$IsGqipweuii>0nwZ!q*#j$gBf31!_Q5fc)n;vkohSh*QP#%7ZVx;^v%74 zEc$bPawGVX<4hrgY;DmEwU{?@+Bb$j715UQ-ELcS5W~^?1I)sAb^7SGuVFSjv1O0m zJVR5?x;@v5ottlo4V_1Y zuUMlE>L&Kk>ss}shdD&%o%&(yWLT)Vk!aD7k;k*}-NWHhj#qX*NAX~_`Se%U6KS9# z>|{kUzvhmV+Qm?Fn=>SJKvy8yKv#49Vc7KS`PkZyjM0b<9cm5}jM{wf(Yre!W$7Apu4e`OOD#Gu4)WBqJ zi___V50~<%eiGKo5?Ou#=Y(~F_N*&Y^2>(Kpk2ItGr8o=YXXp1;ht4M)hCvx;AoTe5Bl8;kMdZJ|$P!Ue*;bSHi(6*7JlF^y@w~EtwuN;USsF zjAq>&41Q*O>?l~D_oSB1Wiw;dh^EQp2U#^yI_^M%UIeY6Gu!Ncw2Y}vl_~0Ls$$F(iloG`?lqqim|+5Y@qOzM4*uGjfO~RI0p9%BZo_CdA#DclgwOf`Dl7W+?6(X z$h|$0B5AZlz1=eynxg<$>Dlz_4aBqlE5g-c8DpMT>|)~kX82@gqSv=qxL1bu-Gw$i zrK*?q%Otjfca)(qE`SM**zM6`5`*I`K<=;fdcbeQQXa$L<5ulgJCr--{13D#h{kC{ za$PU;fw>=cWE$JnL1MU`l^EQ|*C9Znb_YgaQt;22X3PRc_8_)6xH9te+PofNa#p`K zjI?T?u7c_CC_7`zD}cpe#;Jhf@#QRtm)>MNT7qq_&#TAT4@VpvG)J8+qU9d=bh@@t z1|ob5dzYwoA1F^qn00=`UP}`Uy9bYo)E&-k47jnVFdz1v559E3HvY$o2lA~KsBNhp zmmo85%~jo1cltvh^VsKI05Yxz<=_R}Zyat&qCX5E4S71euwtDCFH(w=+Y~W-ed!$< zpkRVT09hQmaZ)wR($WP(M?1?QoBGA2Wh6irhfYTBR5B}?gn|w2J4}dakIqC<9&Tsr z$ElzOwTOf!8BQSjr<6_EC`l(?KyLK4cqxH}W)@{E74P}yx5NjZZ04+_@s4rQDXqV3 z`!Y%*z2kDI<2zMeK}l`0*D3ni5YULlOY>8J9^f@nv%YBY!@J)#B%=6(GX>`hL{R9c zvO$~Nw;}Aj7z94ckW&~oAo`bdU}@Mz1k9ZiBQTY#s*_PrzKhEu`Z(9v=JQS8#^ZRe zhF{^vIG6EI&sPg74PoIM6sZdGm~^(4zwkdgbM{P*r_%O%#i5XG)~184i}jKl8~aA6ZE;Ji34!l;d9DjhRM7*7 z(J-e6)1kbqhPG}{<1r1bS?Utb6Lfeq5qDR5Iw$sJ6i)C};}H=d^(w#h(Xk*g@ao3u zc8ju889;aX^ijmrZlIQJ4+2wb8UbquLM4jm(gk6{!02#3n8|vM2r{)4D zuluJBc*ppr4tjyu)2x=5Q1| zAG^5>f5}rh^?v`&{z)(KbzH?&yJee*_9Ch>A53Cto;<_*oq3V=6<9|uHr~nx%InG} zco6whf#b~yg~~#Oo07peYd^MdipM;p0$5Uf219yA7a>JZYNwc><-Jun3=qxIspHA~Hcs6^dz@;fF5kqk{mB11bXWHtC zyrv$Son!e2E==R_C$UJQ=`n~EMtIw{?;xxKS9F){{8>w>@I$fhh$M}$ai%M_i4bME zu#K@^48S6dL94LeVRGEOw^!03@67bDQ*pc=V+x!QSKZf<8sng>iJ%vn-wW8&8XzUw zt+zHsA2_pkH%x*NIM-I`BNF698?V30&i_SQ0^fp@Pvy~DC>hccb4}n}!`^}bDhywU zwd2;5Zua=fl7wt}wfn-a<&Of3uW0Bhy2k~UY-yUx+(XJl20QuWHSJi^+OlrbD2S7yrAMECGA#LNC#IDigRGM+ zKWUHl>&Q$fCH^b_TvFo@3;qgxl3*E7aEQEWa`I8DGAkc>xWK=-=uQbLS)K=ZmyL&=_C8 zr#WS>7)E3Ep|j;~zj9CUW&8H#O5wudP3&*l6lyKBY@YAePd=J490pw%KL)9b30Gb* zT|VEiCPCeR1_izziS`w;ubTTEYVjQ)Z;6B2HKj~%Ur}a?Nq?Qbfq4~@b8Vl4QF|cC z(_*%1-ALxiCs%mh>;!G|5*!$&hL`|*h~E+v%>grGm^8eP`tp_&Y5!R&)sm&d#h|02otMboz`?*| zAlz3J8Z3lEf+#pF-_`%)ysBIlK|$PZMINw7!lF&!9heSd8WER0TiCe1I{Gj< zHj!upBPb@mEjQ&kPY}U3xq_6gEEgf5{ikH{Us-PFax+rMi)ixD(L_Lxvrwk29wu8Lkisr0jNHv7IF z_tKjk=4L*>4z*;O5C ziaI7b&k0Nyyae}_;r9u!jOqVd28QyfQ_`^A#$4iXM>TV_3C=fX8nbxii#@VlcU)v< zqsY=&ni~gm&fJp`S*{fVfHU21h1-=N%H+y0t)~dNnNUnh(CV3v<7o&^&ukn1(BFf# zoy+Z`3*vnfG`3ddUiOW+G6%8CE>FPH>BF#;QwXHRyvNqUA1apjD5?AK4Fjw06duPB zvV>+L{y|BXnAo=WyMVU>5%Xgel}{8xr5(f4uCvpSOZlJUSH$jtvl8fIn|5^UJckVD zKA3hR@R9hcT@~b}mHVy#GgriXzewI6G5Acdyd>T*a7*=q!vvTs*cJ$Yoaj7LKO;!K z=3Rx5E(Cx93vi~_jvWLA@v1^8mSoe<7uSAE^K7dc2fx>M z5j5rVvcv;JM+nMxjAd4H_~mpgeSO4~lvt8zyy(W3 ztJRhkU%wNBfq97U#py|Z*TIKx;hF;mBEFZqBjYVC^`5umBQ1ij8ZQoyHn$y=-nYDd z?dNhRG9bcw^J`n=7Ba#{ktqyG78ZVeaZwz3aMF_&9xVd7xmh3o1o1sTzgpewdEb0} zb5*T!b2NR%rX(^wun&P;FQ4rXD79PzfUBc#>*JbGsK=+4Dp*#(>(!2r`wpyg%?{D5 z`meoRoLt-vw_J4lyS5b{kyCi6`b}t@^<4g5Z1VA3C!cG8gz)SwR{KmO6;)#G8Lcyw z9<>2s8eVTlun=z)IanGiDi^6|C~$e>UftjUo)w7NBa=Rh%Ju0PYFgfyb8_A1{YMR! z_K31m1`9hLv}S{lFu~kFIbkXg5;~aGvAi`K4ha=Z>lo8Y z1&4$TCU-FP|0T0%BFW>cpj24f*IWM2}os3T&WpiHM>l+#GJ?!Vayw+Dr zqibPP#oP%m($1I*Irp{ejOQw&l;@w>60=z*V^f?f@+ONP=nJjJyhiUY4%*{@pk-I; zWg?aF;TB-8iElI}tY?S1Z8cN5ea=|Eket5~N0u$N#fDt__91mjwstlYU~+6pwf$5} z{?Ug39)=Ik5HIQjY9DUrc$ckH@~Tm8FC#h3qm8AuMC3hita8?a-+X^vqszz zqxn16Wg}I?>}?*pqzG7D2+24Qf@z6Pp)*Oz_ax)}WBnqD?3j_Hpjt+W*n*sfpq9e$ z$2KrFsqGS@v4$#mveU$hpWlgRMas2~z#vF8gS7CuEk)XOHR~gv?+r1*>lb>X7`(ty zgYr3!JXtACeZhfnRUP4aQh=9o7K-(QqJx;hzu`s2XH(5?(Hiy5L$D>&AS6eMJSP*R z^Kx((C*-lm@o5uWw5Y$CkSWsF-%0_WnJi3S_ew@mmjE|akOrqXZiRx~nL<|lB-i#w zAv@$JGObvZkQIk@<5NazCEHUhu6$1GnP=98PXU(&mkBrOTZOrzPhx?^D$6-45@{;A z@hYGQ6_cR6j?Xy8&!ohrb0L%|Dxe+}laDGLDS0nGW0}`RL?ACwa5_DCo9tq(cFU)YGJARE)By(zI+~xXd5WeKirsscySE^2o(g_S=7&o^ zxNhTf`h?%7w!+IBtH*uG;7sJSIyG0VmS22Hp`YMA95j~4S0p+!8EoM!KjDo~2W3I~;)$T>Q)KsbR_0sM<^3pCh5HiG=#H;J$wI2=F z`bxyvWe@8XMuec=9!`yH~r$W<6f`N zU-(bLPX;kMS?HQQkV{=!SLhHP`B>(E%XZrn)^4VZobM3Ic!Tc=3CZarhJRNz`DIcw zHd|;?t zeqSfm9RallD!ix>abKREqmE0mo42Gp%KSo8dJw;#(L9D;nqNJuY<&E;?XfO%g^UuV z=7k{Mc}Ky!q1g?#kQ3=y-cvdOQH8+$SmU|3d!%nj$(oo{Bg(#D|6rTjy1*BB@-DBZ z$4i_4iad6`*7f}0LtAv2u&*VvdOar5==?B>2g|pfV!XHCLL&!1y9d43{`nd16+$?_ zhKE^OHu(v8nmLJz>=dlW7#f+MlF(|GW>Yf5YBGwnPxi?c-xNe5EJZHJ*p*YzRs%cz zEI_rN%=9|72~93V_eq}DyC{EaE4=*gWMsG}Y0nv4Y&^aSKIeHsMyJv@GxS=mMK*z> z)|RV!1J8pE-#JC-UJ$>5@gtm=%R8 z*XZENxwxW^m14@W{E{&Xs2Qb?mUhs zsl4l^803uaIx{4yp+PVUF;fq96cpUuv=zoiH9(S^6lcV)7DfEt%0Q+*KSt%v&?OO2 zJn%BEKj_Iw>RLvw$EPqMSzA}ru_h_6QK{*g{Fq~2<>Fl_ugIjf$0S1@+AQ>C8fv@! zFxess3C57GRgpDb7@Q@c&MT>5A6*`UTiywedW&14$*blXqhxXNe<)sa z!m93Y!9>zb$qkl5bLZ-FDwG@?e2u;$q8R8N{X@bPZrn~G;W2j{b4roPW4y2&d1JpQ z#Hr#9|Cu$*->e4I;@V$Mk9gdqVv^`bi&bk(WJYfwzZ6^(!VzfXOWgYS7!}PDp7U~) zc9rrys`)rX)rf0%?)Is}@Mlw!s(N74MjQJKagIsDo^DP;eKlTlmsT>7e1fyNB}S-? z-EBthD~+-D$UUnzBG+KeCtEj99K%1d8FLI(TN>3Om~J5B|lr6xoAN6+bu&RTGs&)^h5%!Ngc`lP+ zUCCaKazMFWXoTd3&6U3sFcJ&e4NA_96ZP!__g)IF#51=L^LD3f?^@F+%f>Cn zt^{wf;#EpzUu!E~QGO^9Za(#kt0N?~>O zP84z+ub-CslrIHYx@mB&d@Q70h0sgN`sh90BJXF}*=)_{9}4y2pV3Ow^Kj&XbBI&R z(QsJcbe{Aj(%T)=df}5jzB>f7H@#P^znjEOZl{;5XFg1iHIGLSZo%#ZROUcIf;r0hrv$z!ROSF!#HTllh2& zVcx|SFb@rRUgVNnk}tmCv&!0ZA3q!WQRvETGL7Yay|NiZ&7 zeqRLduU6nXC?Cc`6}U-e4QD@Z$ib?DI&UqfD};duosi-*jA8{w#@c&&1{srGR?twA z5^~2Pv>rZI+uukBcY7Wq` zR1EB`!kP$AW-x>7$ymQ6lTT=`E&7TvQ6I}-X20WmH@0^CYlu5^eF+>qNi?dLS$R(* zON=I8XEpeMe$d;5s-C+`;@CbTFC3`L*BdIMk;|ACd%me{$t7QkpGTNlXtLF^Q|+)C zrsQM3HVEmnLDtwKsj)~sQQ+Fw3csn;`&ju%_?TjQ$_HYOc}>@Fnz<-(Yg88C(h+jw z^2%pmC-LUVt4f@=Sl1tF@7vl+n=H-;A?7yRlLy)3rqe!eu@DY-#iJG_&I62YW}?(CmKK-&~zK&75R%>9rngITy@_H!V@Rt*LCX zSQ~61SrR1S8owPEB%$Hqw|_ZfS*PNdJAYx3LvFp5X1cUt8(ecc07N z!%x3W-ekh#VVW-r1BBEmhg+VpD9aZ+ip;NXPv>ta%pd*s&$uOX%J@;? zC#3J59KMpx>dky_RgHF78>=F;49-(P3mC;X!5WBOIekHhK7{l3>&l0Lm0vt>f=M$e zr09rSA#tR7PSV8Vc)pbC`Xpzn4MFe;3-ctO72{?k#BE0UzGeU|EK1Yv4}-pI&H$*P!m%2Luf;5o?3IgV^;wXePg zoeW6EaYc;En=!YA-Xx9XsQ!377iYUmn@jf!8#3SfJI}F}B4@1mamZ-MFoz`SbfA^C zrRtz?w*7+kCzcQAK&klpG5doAB{ahP=dr`8ZMn3e)uwU3>OZr_u1gBAs?lRpgyj{i zI6z;rG}2Dsd|_PmH?6pg;Mb6o?ut;AQ>ZVxN#ahW?IdvMUCW~sd9JQOp&gI?Nk?3# zniW!0{5-GGQYI)t?eQ0K-D0+)P#M{u=gNr&pJMWvm2L;gqSLzy%nwQ|VvUEJ1E$m( zE!UmGE|w*P$eXA#-n98$==dugYB$n!eAuy?2lGWrYSNHWOuiWmV3e{*ObN1H5>R&$ z3RPD!9>si{P=P6_l0VWhS+)FB@&(nL@jEq00Aqrp`K#(=(v(`^2AxM--@B8>?B>(y z2*Q)CpBW*W9w)rt|Hf%4cKxC+yGQoxLHH1uU{@WBjwb)&U`t-jsQ9QbE#A5QHM3of zEJ+7zJ)=K^B#F3*VG3ixT!36?kZ@A_NWx`=Td&oJiR%5J8#D#E(bEiN`ova!_$LAoE>*{dM+xWhWPYetzinkiP^pgJ$g{ z%84?oH0ezWZ z6T?qiseU*-4se(%*oSH8s;=O~pcjx~r<%c{Vqj*D--4$!ap zcupw!;~9&Vx(&TD8YauP?T_iCeKu$VHQa_x@I(l4?g?pdWQ{!dCOueL$?|U`keoDi zyL{`Wgt#LhVhbdT1Fi07_SsKSr?hctvl9nlHs2j`69u&HIJtt8!R^C;@YQ z|GuOJ1NN_ersy7E9e1!lZ|(TIH$%k-7>XwV`}3lPzhSl-4=~`}4FuqS%kty>4O7y4 zfF<6+{w>80kV{Ga+#vA3QIiMQv?quV{HLb(->_1PdszIfB_fpG3xo~+Q``A(D5CvC zk5*nlkN+0f#rPZM>h%CCzk~f-N%jAMP5C{*&hB7;%4+`In|{y(OxPQM{i&?@H|$;5 z11$Is_NPwX-!N9_JuKcY1rf^S3*7CWN@#yW&)z@ui01?J_-}D5+`nNt1rIQtJJ_Fs zM}NZxOQ1%+AVO%45Ae|bl$QA$c2)BL+q{GQDJSwbjKBE-#_kKi{#1AP8+O!v2V(;N z;k5sa$QpX+sQIp=KP2V9VF{D>uz2=a1SsljVA%d}PXC7PEigG+_eA4 z+=gC1z`otV{$wlteG98W4=`MR0QM(i-z(E5%LHJO1L^wpKcL0bHE(IMb8VCYIMR4Izq2KQ`nHUcm{5K#@xLnK! z!Te4r#Ci}E2>>i=5C|K}KnRBo-3b7p!j)n_w4nw9zzUo@K^atw3kOvpg(HQQ0a{Qa z-h-4B1PE>T|1_!IN!N$-w7|{?*wkLKS>gQ&&b*daL`4- z3ZOC}AXd;p>U~#_pv_speP)CJy&t9hqgn|8uJ$bbABpQ7AYEkqBfY(ot~24FpY!0T zAI2v?9~d9o5MX>@vL41~ARi9pp{=mspEeLE`@RQKsCOvn860BH!?k}41(AUN#PI*V zX5`$YFwk>2!2+mM7>I@JPe}J~U`5eC4?QmounTZGG$0&A1HHHtvML`0<#0ftuDugp z!WA|=D9c;n5TNSez*7!xhrs(~bn1fAlZ6T*f?9D+(kC$GZYex;yG^K3vi7DB$uIcOC?#Xh1MKco6dMgw3M| z;qp${I=K_5p~^9UVD}pu5Cc+!bG>{}I>3Suptmu=wV&NQXp~|B*bNNSKNh40LI8oF zZNK53B%uJXn^?eD-XT6{po(!IHV_)>y+jSoivzL3;i5x-#(@OjRxzMB@gOC*VeGpj zCG<@^(4{>7oj?H{z7wVh9)v+spkKNK;NwLpA2iMhKr=kkgW!-1H22&!6LLLha1(*% zWRVBK_)dV4dk`w_gwU4{0z?Nm5h)2ckwD{4LkVR!2f;%%?=;U0?=*N&`xFo^l+7IU z&$qoj3G@g~$LK$8_nja^fo|)J|D)E20$;mxlmBSy?=(VY|Iy$l0~(0=e>A|YaKhDD z{72Jwr`fgqkA@}%&`4YVtC51sviVoQg{C`!&>p^Brzya-Ufces?YHy)+OT3lk3d}Z X|2!pjS70EZsUU1bK}X=7I57VoyIT~S diff --git a/cd3_automation_toolkit/setUpOCI.py b/cd3_automation_toolkit/setUpOCI.py index f693ae338..b104c926b 100644 --- a/cd3_automation_toolkit/setUpOCI.py +++ b/cd3_automation_toolkit/setUpOCI.py @@ -135,7 +135,7 @@ def execute_options(options, *args, **kwargs): for option in options: if option.name == "Execute All": continue - if option.name in ['Security Rules', 'Route Rules', 'DRG Route Rules', 'Network Security Groups','Customer Connectivity','CIS Compliance Checking Script'] and devops: + if option.name in ['Security Rules', 'Route Rules', 'DRG Route Rules', 'Network Security Groups','Customer Connectivity','CIS Compliance Check Script'] and devops: with section(option.text): option.callback(*args, **kwargs,sub_options=sub_child_options) else: @@ -188,7 +188,13 @@ def update_path_list(regions_path=[],service_dirs=[]): for current_dir in service_dirs: for reg in regions_path: path_value = ((outdir + "/" + reg + "/" + current_dir).rstrip('/')).replace("//","/") - items = glob.glob(path_value + "/*") + all_items = glob.glob(path_value + "/*") + items = [] + for f in all_items: + actual_file = f.split("/")[-1] + if actual_file.startswith("variables") or actual_file.endswith(".tf_backup"): + continue + items.append(f) files = [f for f in items if (os.path.isfile(f) and (datetime.datetime.fromtimestamp(os.path.getmtime(f)) >= exec_start_time))] if files: @@ -249,10 +255,19 @@ def fetch_compartments(outdir, outdir_struct, ct): print("Continuing") compocidsStr = '' + compartments_file_data = "" + comp_done = [] for k,v in ct.ntk_compartment_ids.items(): + if v not in comp_done: + compartments_file_data += k + "\n" + comp_done.append(v) k = commonTools.check_tf_variable(k) v = "\"" + v + "\"" compocidsStr = "\t" + k + " = " + v + "\n" + compocidsStr + + f = open(outdir + "/../.config_files/compartments_file", "w+") + f.write(compartments_file_data[:-1]) + f.close() compocidsStr = "\n" + compocidsStr finalCompStr = "#START_compartment_ocids#" + compocidsStr + "\t#compartment_ocids_END#" for k, v in var_data.items(): @@ -266,7 +281,7 @@ def fetch_compartments(outdir, outdir_struct, ct): f.write(var_data[k]) print("\nCompartment info written to all variables files under outdir...\n") # update fetchcompinfo.safe - fetch_comp_file = f'{outdir}/fetchcompinfo.safe' + fetch_comp_file = f'{outdir}/.safe/fetchcompinfo.safe' with open(fetch_comp_file, 'w+') as f: f.write('run_fetch_script=0') f.close() @@ -389,7 +404,6 @@ def export_networking(inputfile, outdir,config, signer, ct, export_regions): options = [ Option(None, Network.create_terraform_dhcp_options, 'Processing DHCP Tab'), - Option(None, Network.modify_terraform_secrules, 'Processing SecRulesinOCI Tab'), Option(None, Network.modify_terraform_routerules, 'Processing RouteRulesinOCI Tab'), Option(None, Network.modify_terraform_drg_routerules, 'Processing DRGRouteRulesinOCI Tab'), ] @@ -409,9 +423,16 @@ def export_networking(inputfile, outdir,config, signer, ct, export_regions): options = [ Option(None, Network.create_terraform_nsg, 'Processing NSGs Tab'), ] execute_options(options, inputfile, outdir, service_dir_nsg, prefix, ct) - print("\n\nExecute tf_import_commands_network_*_nonGF.sh script created under each region directory to synch TF with OCI Network objects\n") - for service in [service_dir_network,service_dir_vlan,service_dir_nsg]: - service_dirs.append(service_dir_network) if service_dir_network not in service_dirs else service_dirs + + options = [Option(None, Network.create_terraform_seclist, 'Processing SecRulesinOCI Tab'), ] + execute_options(options, inputfile, outdir, service_dir_seclist, prefix, ct, non_gf_tenancy) + + print( + "\n\nExecute tf_import_commands_network_*_nonGF.sh script created under each region directory to synch TF with OCI Network objects\n") + for service in [service_dir_network, service_dir_vlan, service_dir_nsg, service_dir_seclist]: + if service not in service_dirs: + service_dirs.append(service) + def export_major_objects(inputfile, outdir, config, signer, ct, export_regions): compartments = ct.get_compartment_map(var_file,'VCN Major Objects') @@ -445,11 +466,11 @@ def export_dhcp(inputfile, outdir,config,signer,ct,export_regions): def export_secrules(inputfile, outdir,config,signer,ct,export_regions): compartments = ct.get_compartment_map(var_file,'SecRulesInOCI') - Network.export_seclist(inputfile, outdir, service_dir_network, config, signer, ct, export_compartments=compartments, export_regions=export_regions, _tf_import_cmd=True) + Network.export_seclist(inputfile, outdir, service_dir_seclist, config, signer, ct, export_compartments=compartments, export_regions=export_regions, _tf_import_cmd=True) options = [ Option(None, Network.modify_terraform_secrules, 'Processing SecRulesinOCI Tab'), ] - execute_options(options, inputfile, outdir,service_dir_network, prefix, ct, non_gf_tenancy) + execute_options(options, inputfile, outdir,service_dir_seclist, prefix, ct, non_gf_tenancy) print("\n\nExecute tf_import_commands_network_secrules_nonGF.sh script created under each region directory to synch TF with OCI Network objects\n") def export_routerules(inputfile, outdir,config,signer,ct,export_regions): @@ -840,7 +861,7 @@ def create_network(execute_all=False,prim_options=[]): # Update modified path list regions_path = export_regions.copy() regions_path.append("global") - service_dirs = [service_dir_network, service_dir_nsg, service_dir_vlan, 'rpc'] + service_dirs = [service_dir_network,service_dir_seclist,service_dir_nsg, service_dir_vlan, 'rpc'] update_path_list(regions_path=regions_path, service_dirs=service_dirs) def modify_terraform_network(inputfile, outdir, service_dir, prefix, ct, non_gf_tenancy): @@ -862,9 +883,9 @@ def export_modify_security_rules(inputfile, outdir, service_dir, prefix, ct, non options1 = [] options1.append(option) if (option.name == 'Export Security Rules (From OCI into SecRulesinOCI sheet)'): - execute_options(options1, inputfile, outdir, service_dir_network, config, signer, ct, non_gf_tenancy=non_gf_tenancy) + execute_options(options1, inputfile, outdir, service_dir_seclist, config, signer, ct, non_gf_tenancy=non_gf_tenancy) elif (option.name == 'Add/Modify/Delete Security Rules (Reads SecRulesinOCI sheet)'): - execute_options(options1, inputfile, outdir, service_dir_network, prefix, ct, non_gf_tenancy) + execute_options(options1, inputfile, outdir, service_dir_seclist, prefix, ct, non_gf_tenancy) def export_security_rules(inputfile, outdir, service_dir, config, signer, ct, non_gf_tenancy): @@ -1194,8 +1215,7 @@ def create_cis_oss_logs(inputfile, outdir, prefix, ct): def create_cis_features(prim_options=[]): - options = [Option('CIS Compliance Checking Script', initiate_cis_scan, 'CIS Compliance Checking'), - Option("Create Key/Vault", create_cis_keyvault, 'Creating CIS Key/Vault and enable Logging for write events to bucket'), + options = [Option("Create Key/Vault", create_cis_keyvault, 'Creating CIS Key/Vault and enable Logging for write events to bucket'), Option("Create Default Budget",create_cis_budget,'Create Default Budget'), Option("Enable Cloud Guard", enable_cis_cloudguard, 'Enable Cloud Guard'),] @@ -1205,6 +1225,18 @@ def create_cis_features(prim_options=[]): options = show_options(options, quit=True, menu=True, index=1) execute_options(options, outdir, prefix, config_file_path) +def run_utility(prim_options=[]): + options = [Option('CIS Compliance Checking Script', initiate_cis_scan, 'CIS Compliance Check Script'), + Option('ShowOCI Report', run_showoci, 'ShowOCI Report') + ] + if prim_options: + options = match_options(options, prim_options) + execute_options(options, outdir, prefix, config_file_path,sub_options=sub_child_options) + + else: + options = show_options(options, quit=True, menu=True, index=1) + execute_options(options, outdir, prefix, config_file_path) + def create_cis_keyvault(*args,**kwargs): if not devops: region_name = input("Enter region name eg ashburn where you want to create Key/Vault: ") @@ -1244,8 +1276,8 @@ def enable_cis_cloudguard(*args,**kwargs): def initiate_cis_scan(outdir, prefix, config_file,sub_options=[]): options = [ - Option("Download latest compliance checking script", start_cis_download, 'Download CIS script'), - Option("Execute compliance checking script", start_cis_scan, 'Execute CIS script'), + Option("Download latest compliance checking script", start_cis_download, 'Downloading CIS Script'), + Option("Execute compliance checking script", start_cis_scan, 'Executing CIS Script'), ] if sub_options: options = match_options(options, sub_options) @@ -1287,6 +1319,51 @@ def start_cis_scan(outdir, prefix, config_file): print("Scan started!") execute(split, config_file) +def get_latest_showoci(outdir, prefix,config_file): + print("Getting latest showoci report script") + if (os.path.isdir("/tmp/oci-python-sdk")): + shutil.rmtree("/tmp/oci-python-sdk") + cmd = "git clone https://github.com/oracle/oci-python-sdk /tmp/oci-python-sdk" + split = str.split(cmd) + execute(split,config_file) + if (os.path.isdir("/cd3user/oci_tools/oci-python-sdk")): + shutil.rmtree("/cd3user/oci_tools/oci-python-sdk") + shutil.move("/tmp/oci-python-sdk", "/cd3user/oci_tools/oci-python-sdk") + print("Download complete!!") + + +def execute_showoci(outdir, prefix, config_file_path): + cmd = "python /cd3user/oci_tools/oci-python-sdk/examples/showoci/showoci.py -a" + split = str.split(cmd) + dirname = prefix + "_showoci_report" + resource = "showoci_report" + out_rep = outdir + '/' + dirname + # config = "--config "+ config + commonTools.backup_file(outdir, resource, dirname) + + if not os.path.exists(out_rep): + os.makedirs(out_rep) + else: + commonTools.backup_file(outdir, resource, out_rep) + out_file = out_rep+"/"+prefix + out = ["-cf", config_file_path, '-csv', out_file] + cmd = cmd + " " + out[0] + " " + out[1] + " " + out[2] + " " + out[3] + split.extend(out) + print("Executing: " + cmd) + execute(split, config_file_path) + + +def run_showoci(outdir, prefix, config_file,sub_options=[]): + options = [ + Option("Download Latest ShowOCI Script", get_latest_showoci, 'Downloading ShowOCI Script'), + Option("Execute ShowOCI Script", execute_showoci, 'Executing ShowOCI Script'), + ] + if sub_options: + options = match_options(options, sub_options) + else: + options = show_options(options, quit=True, menu=True, index=1) + execute_options(options, outdir, prefix, config_file) + def execute(command,config_file): export_cmd_windows = "set OCI_CONFIG_HOME="+config_file export_cmd_linux = "export OCI_CONFIG_HOME=" + config_file @@ -1543,6 +1620,9 @@ def create_firewall(inputfile, outdir, service_dir, prefix, ct,sub_options=[]): subscribed_regions = ct.get_subscribedregions(config,signer) home_region = ct.home_region +## Fetch Region ADs +ct.get_region_ad_dict(config,signer) + # Set service directories as per outdir_structure file # If single outdir, get service names from /cd3user/oci_tools/cd3_automation_toolkit/user-scripts/.outdir_structure_file.properties if len(outdir_struct.items())==0: @@ -1571,7 +1651,7 @@ def create_firewall(inputfile, outdir, service_dir, prefix, ct,sub_options=[]): fetchcompinfo_data = "run_fetch_script=0" try: # read fetchcompinfo.safe - fetch_comp_file = f'{outdir}/fetchcompinfo.safe' + fetch_comp_file = f'{outdir}/.safe/fetchcompinfo.safe' with open(fetch_comp_file, 'r') as f: fetchcompinfo_data = f.read() f.close() @@ -1634,7 +1714,8 @@ def create_firewall(inputfile, outdir, service_dir, prefix, ct,sub_options=[]): Option('Logging Services', create_logging, 'Logging Services'), Option('Software-Defined Data Centers - OCVS', create_sddc, 'Processing SDDC Tabs'), Option('CIS Compliance Features', create_cis_features, 'CIS Compliance Features'), - Option('CD3 Services', cd3_services, 'CD3 Services') + Option('CD3 Services', cd3_services, 'CD3 Services'), + Option('Utility Services (Not Maintained By CD3)', run_utility,'Utility Services') ] export_regions = ct.all_regions @@ -1661,12 +1742,12 @@ def create_firewall(inputfile, outdir, service_dir, prefix, ct,sub_options=[]): if menu: break # write updated paths to a file -updated_paths_file = f'{outdir}/updated_paths.safe' +updated_paths_file = f'{outdir}/.safe/updated_paths.safe' with open(updated_paths_file, 'w+') as f: for item in updated_paths: f.write(str(item).replace('//', '/') + "\n") f.close() -import_scripts_file = f'{outdir}/import_scripts.safe' +import_scripts_file = f'{outdir}/.safe/import_scripts.safe' with open(import_scripts_file, 'w+') as f: for item in import_scripts: f.write(str(item).replace('//', '/') + "\n") diff --git a/cd3_automation_toolkit/shell_script.sh b/cd3_automation_toolkit/shell_script.sh index f1dd087f7..cb7fa43c6 100644 --- a/cd3_automation_toolkit/shell_script.sh +++ b/cd3_automation_toolkit/shell_script.sh @@ -1,43 +1,51 @@ #!/bin/bash -#Create Required Directories -mkdir ~/.oci - -sudo yum-config-manager --enable ol7_developer_EPEL -sudo yum-config-manager --enable ol7_developer - -sudo yum -y install scl-utils -sudo yum -y install centos-release-scl - -sudo yum -y install rh-python38 - - -echo "source scl_source enable rh-python38" >> /cd3user/.bashrc -source /cd3user/.bashrc -python -m pip install --user --upgrade pip -#non needed -#python -m pip install --user oci==2.110.1 -python -m pip install --user oci-cli==3.37.0 -python -m pip install --user pycryptodomex==3.10.1 -python -m pip install --user regex==2022.10.31 -python -m pip install --user pandas==1.1.5 -python -m pip install --user openpyxl==3.0.7 -python -m pip install --user xlrd==1.2.0 -python -m pip install --user xlsxwriter==1.3.7 -python -m pip install --user wget==3.2 -python -m pip install --user requests==2.28.2 -python -m pip install --user netaddr==0.8.0 -python -m pip install --user cfgparse==1.3 -python -m pip install --user ipaddress==1.0.23 -python -m pip install --user Jinja2==3.1.2 -python -m pip install --user simplejson==3.18.3 -python -m pip install --user GitPython==3.1.40 -python -m pip install --user PyYAML==6.0.1 -echo "export PYTHONPATH=${PYTHONPATH}:/root/.local/lib/python3.8/site-packages/:/cd3user/.local/lib/python3.8/site-packages/:/opt/rh/rh-python38/root/usr/lib/python3.8/site-packages/" >> /cd3user/.bashrc -echo "PATH=$PATH:/cd3user/.local/bin" >> /cd3user/.bashrc -source /cd3user/.bashrc - - -yes | sudo rpm -iUvh https://yum.oracle.com/repo/OracleLinux/OL7/developer/x86_64/getPackage/terraform-1.3.0-1.el7.x86_64.rpm +# Create Required Directories +mkdir -p ~/.oci + +# Enable EPEL and Developer repositories +sudo dnf install -y oracle-epel-release-el9 +sudo dnf install -y oraclelinux-release-el9 +sudo dnf install -y procps-ng + +# Upgrade pip +sudo dnf install python-pip -y +#sudo ln -s /usr/bin/pip3 /usr/bin/pip + +# Install required Python packages +pip install --user oci-cli==3.39.0 +pip install --user pycryptodomex==3.10.1 +pip install --user regex==2022.10.31 +pip install --user pandas==1.1.5 +pip install --user openpyxl==3.0.7 +pip install --user xlrd==1.2.0 +pip install --user xlsxwriter==1.3.7 +pip install --user wget==3.2 +pip install --user requests==2.28.2 +pip install --user netaddr==0.8.0 +pip install --user cfgparse==1.3 +pip install --user ipaddress==1.0.23 +pip install --user Jinja2==3.1.2 +pip install --user simplejson==3.18.3 +pip install --user GitPython==3.1.40 +pip install --user PyYAML==6.0.1 + +# Add Python3 site-packages to PYTHONPATH +echo "export PYTHONPATH=\${PYTHONPATH}:/root/.local/lib/python3.9/site-packages/:/cd3user/.local/lib/python3.9/site-packages/" >> /cd3user/.bashrc + +# Add Python binaries to PATH +echo "PATH=\$PATH:/cd3user/.local/bin" >> /cd3user/.bashrc + + +# Download and install Terraform +#sudo dnf install -y https://yum.oracle.com/repo/OracleLinux/OL9/developer/x86_64/getPackage/terraform-1.3.6-1.el9.x86_64.rpm +sudo dnf install -y wget +sudo dnf install -y unzip +sudo wget https://releases.hashicorp.com/terraform/1.3.6/terraform_1.3.6_linux_amd64.zip +unzip terraform_1.3.6_linux_amd64.zip +sudo mv terraform /usr/local/sbin/ +sudo rm terraform_1.3.6_linux_amd64.zip + +# Download and install OPA curl -L -o opa https://openpolicyagent.org/downloads/v0.55.0/opa_linux_amd64_static -sudo chmod +x opa && sudo mv opa /usr/local/sbin/ \ No newline at end of file +sudo chmod +x opa && sudo mv opa /usr/local/sbin/ diff --git a/cd3_automation_toolkit/user-scripts/createTenancyConfig.py b/cd3_automation_toolkit/user-scripts/createTenancyConfig.py index 6d62cca7c..8a0359604 100644 --- a/cd3_automation_toolkit/user-scripts/createTenancyConfig.py +++ b/cd3_automation_toolkit/user-scripts/createTenancyConfig.py @@ -26,7 +26,6 @@ from commonTools import * from copy import deepcopy from subprocess import DEVNULL - global topic_name global project_name global repo_name @@ -157,16 +156,16 @@ def update_devops_config(prefix,git_config_file, repo_ssh_url,files_in_repo,dir_ file.close() # copy to cd3user home dir - if not os.path.exists("/cd3user/.ssh"): - os.makedirs("/cd3user/.ssh") - shutil.copyfile(git_config_file,'/cd3user/.ssh/config') + user_ssh_dir = os.path.expanduser("~") + "/.ssh" + if not os.path.exists(user_ssh_dir): + os.makedirs(user_ssh_dir) + shutil.copyfile(git_config_file, user_ssh_dir + '/config') # change permissions of private key file and config file for GIT os.chmod(devops_user_key, 0o600) - os.chmod('/cd3user/.ssh/config', 0o600) + os.chmod(user_ssh_dir + '/config', 0o600) os.chmod(git_config_file, 0o600) - ''' # create symlink for Git Config file for SSH operations. src = git_config_file @@ -303,11 +302,13 @@ def create_bucket(config, signer): user_dir = "/cd3user" safe_file = user_dir + "/tenancies/createTenancyConfig.safe" auto_keys_dir = user_dir + "/tenancies/keys" -toolkit_dir = user_dir +"/oci_tools/cd3_automation_toolkit" +toolkit_dir = os.path.dirname(os.path.abspath(__file__))+"/.." +#toolkit_dir = user_dir +"/oci_tools/cd3_automation_toolkit" modules_dir = toolkit_dir + "/user-scripts/terraform" variables_example_file = modules_dir + "/variables_example.tf" setupoci_props_toolkit_file_path = toolkit_dir + "/setUpOCI.properties" -jenkins_dir = os.environ['JENKINS_INSTALL'] +if hasattr(os.environ,'JENKINS_INSTALL'): + jenkins_dir = os.environ['JENKINS_INSTALL'] prefix = config.get('Default', 'customer_name').strip() if prefix == "" or prefix == "\n": @@ -339,6 +340,7 @@ def create_bucket(config, signer): config_file_path = config_files + "/" + prefix + "_oci_config" terraform_files = customer_tenancy_dir + "/terraform_files/" +outdir_safe=terraform_files+"/.safe" setupoci_props_file_path = customer_tenancy_dir + "/" + prefix + "_setUpOCI.properties" # Read Config file Variables @@ -441,15 +443,18 @@ def create_bucket(config, signer): os.makedirs(customer_tenancy_dir) if not os.path.exists(config_files): os.makedirs(config_files) +if not os.path.exists(outdir_safe): + os.makedirs(outdir_safe) + dir_values = [] # Copy input properties file to customer_tenancy_dir -shutil.copy(args.propsfile,config_files+"/"+prefix+"_"+args.propsfile) +shutil.copy(args.propsfile,config_files+"/"+prefix+"_"+os.path.basename(args.propsfile)) # 1. Copy outdir_structure_file # Copy default outdir_structure_file -shutil.copy('/cd3user/oci_tools/cd3_automation_toolkit/user-scripts/outdir_structure_file.properties', '/cd3user/oci_tools/cd3_automation_toolkit/user-scripts/.outdir_structure_file.properties') +shutil.copy(toolkit_dir+'/user-scripts/outdir_structure_file.properties', toolkit_dir+'/user-scripts/.outdir_structure_file.properties') _outdir_structure_file = '' if (outdir_structure_file != '' and outdir_structure_file != "\n"): @@ -714,8 +719,10 @@ def create_bucket(config, signer): print("Creating Tenancy specific region directories, terraform provider , variables files.................") +regions_file_data = "" for region in ct.all_regions: + regions_file_data = regions_file_data+region.title()+"\n" # Rerunning createTenancy for any new region subscription. Process only new region directories else continue if os.path.exists(terraform_files+region): continue @@ -887,10 +894,26 @@ def create_bucket(config, signer): # 8. Remove terraform example variable file from outdir os.remove(terraform_files + "/" + region + "/variables_example.tf") - # 9. Update DevOps files and configurations if use_devops == 'yes': print("\nCreating Tenancy specific DevOps Items - Topic, Project and Repository.................") + # create subscribed regions file + f = open(customer_tenancy_dir + "/.config_files/regions_file", "w+") + f.write(regions_file_data[:-1]) + f.close() + # create all compartments_file + print("Fetching existing Compartments from Tenancy...") + ct.get_network_compartment_ids(config['tenancy'], "root", config, signer) + compartments_file_data = "" + comp_done = [] + for k, v in ct.ntk_compartment_ids.items(): + if v not in comp_done: + compartments_file_data += k + "\n" + comp_done.append(v) + + f = open(customer_tenancy_dir + "/.config_files/compartments_file", "w+") + f.write(compartments_file_data[:-1]) + f.close() if devops_repo == '' or devops_repo == "\n": topic_name = prefix + "-automation-toolkit-topic" diff --git a/cd3_automation_toolkit/user-scripts/outdir_structure_file.properties b/cd3_automation_toolkit/user-scripts/outdir_structure_file.properties index e29e65b0a..39c9ff852 100644 --- a/cd3_automation_toolkit/user-scripts/outdir_structure_file.properties +++ b/cd3_automation_toolkit/user-scripts/outdir_structure_file.properties @@ -15,6 +15,7 @@ loadbalancer=loadbalancer networkloadbalancer=loadbalancer vlan=vlan nsg=nsg +seclist=seclist # Same Directory must be specified for Instances and Block Volumes. instance=compute block-volume = compute diff --git a/cd3_automation_toolkit/user-scripts/terraform/firewall.tf b/cd3_automation_toolkit/user-scripts/terraform/firewall.tf index cee81ada4..30d348d36 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/firewall.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/firewall.tf @@ -1,167 +1,167 @@ data "oci_core_vcns" "firewall_vcns" { - for_each = var.firewalls != null ? var.firewalls : {} + for_each = var.firewalls != null ? var.firewalls : {} compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] - display_name = each.value.vcn_name + display_name = each.value.vcn_name } data "oci_core_subnets" "firewall_subnets" { - for_each = var.firewalls != null ? var.firewalls : {} + for_each = var.firewalls != null ? var.firewalls : {} compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] - display_name = each.value.subnet_id - vcn_id = data.oci_core_vcns.firewall_vcns[each.key].virtual_networks.*.id[0] + display_name = each.value.subnet_id + vcn_id = data.oci_core_vcns.firewall_vcns[each.key].virtual_networks.*.id[0] } module "firewalls" { - source = "./modules/security/firewall/firewall" - for_each = var.firewalls != null ? var.firewalls :{} - depends_on = [module.policies,module.address_lists, module.application_groups, module.applications, module.services, module.service_lists, module.url_lists,module.decryption_profiles, module.secrets,module.security_rules,module.decryption_rules] - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : var.compartment_ocids[each.value.compartment_id] - network_firewall_policy_id = length(regexall("ocid1.networkfirewallpolicy.oc1.*",each.value.network_firewall_policy_id)) > 0 ? each.value.network_firewall_policy_id : merge(module.policies.*...)[each.value.network_firewall_policy_id]["policy_tf_id"] - subnet_id = each.value.subnet_id != "" ? (length(regexall("ocid1.subnet.oc1*", each.value.subnet_id)) > 0 ? each.value.subnet_id : data.oci_core_subnets.firewall_subnets[each.key].subnets.*.id[0]) : null - display_name = each.value.display_name - ipv4address = each.value.ipv4address - ipv6address = each.value.ipv6address - availability_domain = each.value.availability_domain != "" && each.value.availability_domain != null ? data.oci_identity_availability_domains.availability_domains.availability_domains[each.value.availability_domain].name : "" - nsg_id = each.value.nsg_id - vcn_name = each.value.vcn_name - defined_tags = each.value.defined_tags - freeform_tags = each.value.freeform_tags + source = "./modules/security/firewall/firewall" + for_each = var.firewalls != null ? var.firewalls : {} + depends_on = [module.policies, module.address_lists, module.application_groups, module.applications, module.services, module.service_lists, module.url_lists, module.decryption_profiles, module.secrets, module.security_rules, module.decryption_rules] + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : var.compartment_ocids[each.value.compartment_id] + network_firewall_policy_id = length(regexall("ocid1.networkfirewallpolicy.oc1.*", each.value.network_firewall_policy_id)) > 0 ? each.value.network_firewall_policy_id : merge(module.policies.*...)[each.value.network_firewall_policy_id]["policy_tf_id"] + subnet_id = each.value.subnet_id != "" ? (length(regexall("ocid1.subnet.oc1*", each.value.subnet_id)) > 0 ? each.value.subnet_id : data.oci_core_subnets.firewall_subnets[each.key].subnets.*.id[0]) : null + display_name = each.value.display_name + ipv4address = each.value.ipv4address + ipv6address = each.value.ipv6address + availability_domain = each.value.availability_domain != "" && each.value.availability_domain != null ? data.oci_identity_availability_domains.availability_domains.availability_domains[each.value.availability_domain].name : "" + nsg_id = each.value.nsg_id + vcn_name = each.value.vcn_name + defined_tags = each.value.defined_tags + freeform_tags = each.value.freeform_tags } module "policies" { - source = "./modules/security/firewall/firewall-policy" - for_each = var.fw-policies != null ? var.fw-policies :{} + source = "./modules/security/firewall/firewall-policy" + for_each = var.fw-policies != null ? var.fw-policies : {} compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : var.compartment_ocids[each.value.compartment_id] display_name = each.value.display_name - defined_tags = each.value.defined_tags - freeform_tags = each.value.freeform_tags - } + defined_tags = each.value.defined_tags + freeform_tags = each.value.freeform_tags +} module "services" { - source = "./modules/security/firewall/service" - for_each = var.services != null ? var.services :{} - depends_on = [module.policies] - service_name = each.value.service_name - network_firewall_policy_id = length(regexall("ocid1.networkfirewallpolicy.oc1.*",each.value.network_firewall_policy_id)) > 0 ? each.value.network_firewall_policy_id : merge(module.policies.*...)[each.value.network_firewall_policy_id]["policy_tf_id"] - service_type = each.value.service_type - port_ranges = each.value.port_ranges + source = "./modules/security/firewall/service" + for_each = var.services != null ? var.services : {} + depends_on = [module.policies] + service_name = each.value.service_name + network_firewall_policy_id = length(regexall("ocid1.networkfirewallpolicy.oc1.*", each.value.network_firewall_policy_id)) > 0 ? each.value.network_firewall_policy_id : merge(module.policies.*...)[each.value.network_firewall_policy_id]["policy_tf_id"] + service_type = each.value.service_type + port_ranges = each.value.port_ranges } module "service_lists" { source = "./modules/security/firewall/service-list" for_each = var.service_lists != null ? var.service_lists : {} - depends_on = [module.services,module.policies] + depends_on = [module.services, module.policies] service_list_name = each.value.service_list_name network_firewall_policy_id = length(regexall("ocid1.networkfirewallpolicy.oc1.*", each.value.network_firewall_policy_id)) > 0 ? each.value.network_firewall_policy_id : merge(module.policies.*...)[each.value.network_firewall_policy_id]["policy_tf_id"] - services = each.value.services != null ? flatten(tolist([for sid in each.value.services : (length(regexall("ocid1.networkfirewallpolicy.oc1*", sid)) > 0 ? merge(module.services.*...)[sid]["service+_tf_id"] :[sid] )])) : null + services = each.value.services != null ? flatten(tolist([for sid in each.value.services : (length(regexall("ocid1.networkfirewallpolicy.oc1*", sid)) > 0 ? merge(module.services.*...)[sid]["service+_tf_id"] : [sid])])) : null } -module address_lists { +module "address_lists" { source = "./modules/security/firewall/address-list" for_each = var.address_lists != null ? var.address_lists : {} - depends_on = [module.policies] - address_list_name = each.value.address_list_name + depends_on = [module.policies] + address_list_name = each.value.address_list_name network_firewall_policy_id = length(regexall("ocid1.networkfirewallpolicy.oc1.*", each.value.network_firewall_policy_id)) > 0 ? each.value.network_firewall_policy_id : merge(module.policies.*...)[each.value.network_firewall_policy_id]["policy_tf_id"] - address_type = each.value.address_type - addresses = each.value.addresses + address_type = each.value.address_type + addresses = each.value.addresses } -module applications { +module "applications" { source = "./modules/security/firewall/application" for_each = var.applications != null ? var.applications : {} - depends_on = [module.policies] - icmp_type = each.value.icmp_type - app_list_name = each.value.app_list_name + depends_on = [module.policies] + icmp_type = each.value.icmp_type + app_list_name = each.value.app_list_name network_firewall_policy_id = length(regexall("ocid1.networkfirewallpolicy.oc1.*", each.value.network_firewall_policy_id)) > 0 ? each.value.network_firewall_policy_id : merge(module.policies.*...)[each.value.network_firewall_policy_id]["policy_tf_id"] - app_type = each.value.app_type - icmp_code = each.value.icmp_code + app_type = each.value.app_type + icmp_code = each.value.icmp_code } -module application_groups { +module "application_groups" { source = "./modules/security/firewall/application-group" for_each = var.application_groups != null ? var.application_groups : {} - depends_on = [module.policies,module.applications] - app_group_name = each.value.app_group_name + depends_on = [module.policies, module.applications] + app_group_name = each.value.app_group_name network_firewall_policy_id = length(regexall("ocid1.networkfirewallpolicy.oc1.*", each.value.network_firewall_policy_id)) > 0 ? each.value.network_firewall_policy_id : merge(module.policies.*...)[each.value.network_firewall_policy_id]["policy_tf_id"] - apps = each.value.apps != null ? flatten(tolist([for app in each.value.apps : (length(regexall("ocid1.networkfirewallpolicy.oc1*", app)) > 0 ? merge(module.applications.*...)[app]["application_tf_id"] :[app] )])) : null + apps = each.value.apps != null ? flatten(tolist([for app in each.value.apps : (length(regexall("ocid1.networkfirewallpolicy.oc1*", app)) > 0 ? merge(module.applications.*...)[app]["application_tf_id"] : [app])])) : null } -module url_lists { +module "url_lists" { source = "./modules/security/firewall/url-list" for_each = var.url_lists != null ? var.url_lists : {} - depends_on = [module.policies] - urllist_name = each.value.urllist_name - network_firewall_policy_id = length(regexall("ocid1.networkfirewallpolicy.oc1.*",each.value.network_firewall_policy_id)) > 0 ? each.value.network_firewall_policy_id : merge(module.policies.*...)[each.value.network_firewall_policy_id]["policy_tf_id"] + depends_on = [module.policies] + urllist_name = each.value.urllist_name + network_firewall_policy_id = length(regexall("ocid1.networkfirewallpolicy.oc1.*", each.value.network_firewall_policy_id)) > 0 ? each.value.network_firewall_policy_id : merge(module.policies.*...)[each.value.network_firewall_policy_id]["policy_tf_id"] #key_name = each.key urls_details = each.value.urls } -module security_rules { +module "security_rules" { source = "./modules/security/firewall/security-rules" for_each = var.security_rules != null ? var.security_rules : {} - depends_on = [module.policies, module.address_lists, module.application_groups, module.applications, module.services, module.service_lists, module.url_lists] - action = each.value.action - rule_name = each.value.rule_name - network_firewall_policy_id = length(regexall("ocid1.networkfirewallpolicy.oc1.*",each.value.network_firewall_policy_id)) > 0 ? each.value.network_firewall_policy_id : merge(module.policies.*...)[each.value.network_firewall_policy_id]["policy_tf_id"] - application = each.value.condition[0].application != null ? each.value.condition[0].application : [] - url = each.value.condition[0].url != null ? each.value.condition[0].url : [] - service = each.value.condition[0].service != null ? each.value.condition[0].service : [] - source_address = each.value.condition[0].source_address != null ? each.value.condition[0].source_address : [] - destination_address = each.value.condition[0].destination_address != null ? each.value.condition[0].destination_address : [] + depends_on = [module.policies, module.address_lists, module.application_groups, module.applications, module.services, module.service_lists, module.url_lists] + action = each.value.action + rule_name = each.value.rule_name + network_firewall_policy_id = length(regexall("ocid1.networkfirewallpolicy.oc1.*", each.value.network_firewall_policy_id)) > 0 ? each.value.network_firewall_policy_id : merge(module.policies.*...)[each.value.network_firewall_policy_id]["policy_tf_id"] + application = each.value.condition[0].application != null ? each.value.condition[0].application : [] + url = each.value.condition[0].url != null ? each.value.condition[0].url : [] + service = each.value.condition[0].service != null ? each.value.condition[0].service : [] + source_address = each.value.condition[0].source_address != null ? each.value.condition[0].source_address : [] + destination_address = each.value.condition[0].destination_address != null ? each.value.condition[0].destination_address : [] /*application = each.value.condition != null ? each.value.condition.application : [] url = each.value.condition != null ? each.value.condition.url : [] service = each.value.condition != null ? each.value.condition.service : [] source_address = each.value.condition != null ? each.value.condition.source_address : [] destination_address = each.value.condition != null ? each.value.condition.destination_address : []*/ - inspection = each.value.inspection - after_rule = each.value.after_rule + inspection = each.value.inspection + after_rule = each.value.after_rule before_rule = each.value.before_rule } -module secrets { - source = "./modules/security/firewall/secret" - for_each = var.secrets != null || var.secrets != {} ? var.secrets : {} - depends_on = [module.policies] - secret_name = each.value.secret_name - network_firewall_policy_id = length(regexall("ocid1.networkfirewallpolicy.oc1.*",each.value.network_firewall_policy_id)) > 0 ? each.value.network_firewall_policy_id : merge(module.policies.*...)[each.value.network_firewall_policy_id]["policy_tf_id"] - secret_source = each.value.secret_source - secret_type = each.value.secret_type - vault_secret_id = each.value.vault_secret_id - vault_name = each.value.vault_name - compartment_id = each.value.vault_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.vault_compartment_id)) > 0 ? each.value.vault_compartment_id : var.compartment_ocids[each.value.vault_compartment_id]) : var.compartment_ocids[each.value.vault_compartment_id] - version_number = each.value.version_number +module "secrets" { + source = "./modules/security/firewall/secret" + for_each = var.secrets != null || var.secrets != {} ? var.secrets : {} + depends_on = [module.policies] + secret_name = each.value.secret_name + network_firewall_policy_id = length(regexall("ocid1.networkfirewallpolicy.oc1.*", each.value.network_firewall_policy_id)) > 0 ? each.value.network_firewall_policy_id : merge(module.policies.*...)[each.value.network_firewall_policy_id]["policy_tf_id"] + secret_source = each.value.secret_source + secret_type = each.value.secret_type + vault_secret_id = each.value.vault_secret_id + vault_name = each.value.vault_name + compartment_id = each.value.vault_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.vault_compartment_id)) > 0 ? each.value.vault_compartment_id : var.compartment_ocids[each.value.vault_compartment_id]) : var.compartment_ocids[each.value.vault_compartment_id] + version_number = each.value.version_number } -module decryption_profiles { - source = "./modules/security/firewall/decryption-profile" - for_each = var.decryption_profiles != null || var.decryption_profiles != {} ? var.decryption_profiles : {} - depends_on = [module.policies, module.secrets] - profile_name = each.value.profile_name - network_firewall_policy_id = length(regexall("ocid1.networkfirewallpolicy.oc1.*",each.value.network_firewall_policy_id)) > 0 ? each.value.network_firewall_policy_id : merge(module.policies.*...)[each.value.network_firewall_policy_id]["policy_tf_id"] - profile_type = each.value.profile_type +module "decryption_profiles" { + source = "./modules/security/firewall/decryption-profile" + for_each = var.decryption_profiles != null || var.decryption_profiles != {} ? var.decryption_profiles : {} + depends_on = [module.policies, module.secrets] + profile_name = each.value.profile_name + network_firewall_policy_id = length(regexall("ocid1.networkfirewallpolicy.oc1.*", each.value.network_firewall_policy_id)) > 0 ? each.value.network_firewall_policy_id : merge(module.policies.*...)[each.value.network_firewall_policy_id]["policy_tf_id"] + profile_type = each.value.profile_type are_certificate_extensions_restricted = each.value.are_certificate_extensions_restricted - is_auto_include_alt_name = each.value.is_auto_include_alt_name - is_expired_certificate_blocked = each.value.is_expired_certificate_blocked - is_out_of_capacity_blocked =each.value.is_out_of_capacity_blocked - is_revocation_status_timeout_blocked = each.value.is_revocation_status_timeout_blocked - is_unknown_revocation_status_blocked = each.value.is_unknown_revocation_status_blocked - is_unsupported_cipher_blocked = each.value.is_unsupported_cipher_blocked - is_unsupported_version_blocked = each.value.is_unsupported_version_blocked - is_untrusted_issuer_blocked = each.value.is_untrusted_issuer_blocked + is_auto_include_alt_name = each.value.is_auto_include_alt_name + is_expired_certificate_blocked = each.value.is_expired_certificate_blocked + is_out_of_capacity_blocked = each.value.is_out_of_capacity_blocked + is_revocation_status_timeout_blocked = each.value.is_revocation_status_timeout_blocked + is_unknown_revocation_status_blocked = each.value.is_unknown_revocation_status_blocked + is_unsupported_cipher_blocked = each.value.is_unsupported_cipher_blocked + is_unsupported_version_blocked = each.value.is_unsupported_version_blocked + is_untrusted_issuer_blocked = each.value.is_untrusted_issuer_blocked } -module decryption_rules { +module "decryption_rules" { source = "./modules/security/firewall/decryption-rules" for_each = var.decryption_rules != null ? var.decryption_rules : {} - depends_on = [module.policies, module.decryption_profiles, module.secrets, module.address_lists] - action = each.value.action - rule_name = each.value.rule_name - network_firewall_policy_id = length(regexall("ocid1.networkfirewallpolicy.oc1.*",each.value.network_firewall_policy_id)) > 0 ? each.value.network_firewall_policy_id : merge(module.policies.*...)[each.value.network_firewall_policy_id]["policy_tf_id"] - source_address = each.value.condition[0].source_address != null ? each.value.condition[0].source_address : [] - destination_address = each.value.condition[0].destination_address != null ? each.value.condition[0].destination_address : [] - after_rule = each.value.after_rule - before_rule = each.value.before_rule - decryption_profile = each.value.decryption_profile - secret = each.value.secret + depends_on = [module.policies, module.decryption_profiles, module.secrets, module.address_lists] + action = each.value.action + rule_name = each.value.rule_name + network_firewall_policy_id = length(regexall("ocid1.networkfirewallpolicy.oc1.*", each.value.network_firewall_policy_id)) > 0 ? each.value.network_firewall_policy_id : merge(module.policies.*...)[each.value.network_firewall_policy_id]["policy_tf_id"] + source_address = each.value.condition[0].source_address != null ? each.value.condition[0].source_address : [] + destination_address = each.value.condition[0].destination_address != null ? each.value.condition[0].destination_address : [] + after_rule = each.value.after_rule + before_rule = each.value.before_rule + decryption_profile = each.value.decryption_profile + secret = each.value.secret } diff --git a/cd3_automation_toolkit/user-scripts/terraform/identity.tf b/cd3_automation_toolkit/user-scripts/terraform/identity.tf index d810b0cf1..64320e6ea 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/identity.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/identity.tf @@ -249,7 +249,7 @@ module "iam-users" { # network_compartment = virtual_source.network_compartment_id.0 # } # ] - #]) +#]) #} #data "oci_core_vcns" "oci_vcns_networksource" { @@ -260,21 +260,21 @@ module "iam-users" { #} module "iam-network-sources" { - source = "./modules/identity/iam-network-sources" - for_each = var.networkSources - name = each.value.name - description = each.value.description - tenancy_ocid = var.tenancy_ocid + source = "./modules/identity/iam-network-sources" + for_each = var.networkSources + name = each.value.name + description = each.value.description + tenancy_ocid = var.tenancy_ocid #Optional - public_source_list = each.value.public_source_list != null ? each.value.public_source_list : null + public_source_list = each.value.public_source_list != null ? each.value.public_source_list : null #virtual_source_list = each.value.virtual_source_list != null ? each.value.virtual_source_list : null - virtual_source_list = { for k,v in each.value.virtual_source_list != null ? each.value.virtual_source_list : [] : k => - { - #vcn_id = data.oci_core_vcns.oci_vcns_networksource[v.vcn_name.0].virtual_networks.*.id[0] - ip_ranges = v.ip_ranges - }} + virtual_source_list = { for k, v in each.value.virtual_source_list != null ? each.value.virtual_source_list : [] : k => + { + #vcn_id = data.oci_core_vcns.oci_vcns_networksource[v.vcn_name.0].virtual_networks.*.id[0] + ip_ranges = v.ip_ranges + } } #vcn_comp_map = each.value.vcn_comp_map != null ? each.value.vcn_comp_map : null - defined_tags = try (each.value.defined_tags, null) - freeform_tags = try (each.value.freeform_tags, null) + defined_tags = try(each.value.defined_tags, null) + freeform_tags = try(each.value.freeform_tags, null) } \ No newline at end of file diff --git a/cd3_automation_toolkit/user-scripts/terraform/instance.tf b/cd3_automation_toolkit/user-scripts/terraform/instance.tf index 26ed1f4e3..c12ed71a2 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/instance.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/instance.tf @@ -48,33 +48,33 @@ module "instances" { capacity_reservation_id = each.value.capacity_reservation_id != null ? lookup(var.capacity_reservation_ocids, each.value.capacity_reservation_id, null) : null create_is_pv_encryption_in_transit_enabled = each.value.create_is_pv_encryption_in_transit_enabled - boot_tf_policy = each.value.backup_policy != null ? each.value.backup_policy : null - policy_tf_compartment_id = each.value.policy_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.policy_compartment_id)) > 0 ? each.value.policy_compartment_id : var.compartment_ocids[each.value.policy_compartment_id]) : null - remote_execute = each.value.remote_execute != null ? each.value.remote_execute : null - bastion_ip = each.value.bastion_ip != null ? each.value.bastion_ip : null - cloud_init_script = each.value.cloud_init_script != null ? each.value.cloud_init_script : null - launch_options = each.value.launch_options - plugins_details = each.value.plugins_details - platform_config = each.value.platform_config != null ? each.value.platform_config : null + boot_tf_policy = each.value.backup_policy != null ? each.value.backup_policy : null + policy_tf_compartment_id = each.value.policy_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.policy_compartment_id)) > 0 ? each.value.policy_compartment_id : var.compartment_ocids[each.value.policy_compartment_id]) : null + remote_execute = each.value.remote_execute != null ? each.value.remote_execute : null + bastion_ip = each.value.bastion_ip != null ? each.value.bastion_ip : null + cloud_init_script = each.value.cloud_init_script != null ? each.value.cloud_init_script : null + launch_options = each.value.launch_options + plugins_details = each.value.plugins_details + platform_config = each.value.platform_config != null ? each.value.platform_config : null is_live_migration_preferred = each.value.is_live_migration_preferred # extended_metadata = each.value.extended_metadata - skip_source_dest_check = each.value.skip_source_dest_check != null ? each.value.skip_source_dest_check : null + skip_source_dest_check = each.value.skip_source_dest_check != null ? each.value.skip_source_dest_check : null baseline_ocpu_utilization = each.value.baseline_ocpu_utilization # preemptible_instance_config = each.value.preemptible_instance_config - all_plugins_disabled = each.value.all_plugins_disabled - is_management_disabled = each.value.is_management_disabled - is_monitoring_disabled = each.value.is_monitoring_disabled - recovery_action = each.value.recovery_action + all_plugins_disabled = each.value.all_plugins_disabled + is_management_disabled = each.value.is_management_disabled + is_monitoring_disabled = each.value.is_monitoring_disabled + recovery_action = each.value.recovery_action are_legacy_imds_endpoints_disabled = each.value.are_legacy_imds_endpoints_disabled - ipxe_script = each.value.ipxe_script - preserve_boot_volume = each.value.preserve_boot_volume - assign_private_dns_record = each.value.assign_private_dns_record - vlan_id = each.value.vlan_id - kms_key_id = each.value.kms_key_id + ipxe_script = each.value.ipxe_script + preserve_boot_volume = each.value.preserve_boot_volume + assign_private_dns_record = each.value.assign_private_dns_record + vlan_id = each.value.vlan_id + kms_key_id = each.value.kms_key_id # VNIC Details - vnic_defined_tags = each.value.vnic_defined_tags + vnic_defined_tags = each.value.vnic_defined_tags vnic_freeform_tags = each.value.vnic_freeform_tags - vnic_display_name = each.value.vnic_display_name + vnic_display_name = each.value.vnic_display_name } diff --git a/cd3_automation_toolkit/user-scripts/terraform/loadbalancer.tf b/cd3_automation_toolkit/user-scripts/terraform/loadbalancer.tf index 76cae0391..41e228e24 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/loadbalancer.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/loadbalancer.tf @@ -130,6 +130,7 @@ module "backend-sets" { #Optional interval_ms = each.value.interval_ms + is_force_plain_text = each.value.is_force_plain_text port = each.value.port response_body_regex = each.value.response_body_regex retries = each.value.retries diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/loadbalancer/lb-backend-set/main.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/loadbalancer/lb-backend-set/main.tf index ef7af776e..8e1d91c9b 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/loadbalancer/lb-backend-set/main.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/loadbalancer/lb-backend-set/main.tf @@ -13,6 +13,7 @@ resource "oci_load_balancer_backend_set" "backend_set" { #Optional interval_ms = var.interval_ms + is_force_plain_text = var.is_force_plain_text port = var.port response_body_regex = var.response_body_regex retries = var.retries diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/loadbalancer/lb-backend-set/variables.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/loadbalancer/lb-backend-set/variables.tf index 34fad60c9..b4e3b1135 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/loadbalancer/lb-backend-set/variables.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/loadbalancer/lb-backend-set/variables.tf @@ -17,6 +17,11 @@ variable "interval_ms" { default = 10000 # Default as per hashicorp terraform } +variable "is_force_plain_text" { + type = string + description = "Specifies if health checks should always be done using plain text instead of depending on whether or not the associated backend set is using SSL." +} + variable "port" { type = number description = "The backend server port against which to run the health check." diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/network/subnet/main.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/network/subnet/main.tf index 513c8eebd..4d2f19be1 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/network/subnet/main.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/network/subnet/main.tf @@ -23,6 +23,5 @@ resource "oci_core_subnet" "subnet" { prohibit_internet_ingress = var.prohibit_internet_ingress prohibit_public_ip_on_vnic = var.prohibit_public_ip_on_vnic route_table_id = var.route_table_id - security_list_ids = var.security_list_ids != [] ? [for sl in var.security_list_ids : (length(regexall("ocid1.securitylist.oc1*", sl)) > 0 ? sl : (sl == "" ? var.vcn_default_security_list_id : var.custom_security_list_id[sl]["seclist_tf_id"]))] : [] - -} \ No newline at end of file + security_list_ids = flatten([for seclist in var.security_list_ids : [for sl in seclist : sl if length(regexall("ocid1.securitylist.oc1*", sl)) > 0 ]]) +} diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/network/subnet/variables.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/network/subnet/variables.tf index 6c6ef0d55..2d471a901 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/network/subnet/variables.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/network/subnet/variables.tf @@ -7,8 +7,6 @@ variable "vcn_default_security_list_id" {} -variable "custom_security_list_id" {} - variable "tenancy_ocid" { type = string default = null diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb-backend/main.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb-backend/main.tf index 20a50861c..c8dc6c1a8 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb-backend/main.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb-backend/main.tf @@ -14,6 +14,7 @@ resource "oci_network_load_balancer_backend" "backend" { #Optional ip_address = var.ip_address != "" ? (length(regexall("IP:", var.ip_address)) > 0 ? split("IP:", var.ip_address)[1] : data.oci_core_instance.nlb_instance_ip[0].private_ip) : null is_drain = var.is_drain + is_backup = var.is_backup is_offline = var.is_offline name = length(regexall("IP:", var.ip_address)) > 0 ? join(":", [split("IP:", var.ip_address)[1], var.port]) : join(":", [merge(local.nlb_private_ip_ocid.private_ocids.*...)[merge(local.nlb_instance_vnic_ocid.vnic_ocids.*...)[merge(local.nlb_instance_ocid.ocid.*...)[split("NAME:", var.ip_address)[1]][0]][0]][0], var.port]) target_id = length(regexall("IP:*", var.ip_address)) == 0 ? merge(local.nlb_private_ip_ocid.private_ocids.*...)[merge(local.nlb_instance_vnic_ocid.vnic_ocids.*...)[merge(local.nlb_instance_ocid.ocid.*...)[split("NAME:", var.ip_address)[1]][0]][0]][0] : null diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb-backend/variables.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb-backend/variables.tf index 3b5fd81f8..e56315b5b 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb-backend/variables.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb-backend/variables.tf @@ -43,6 +43,12 @@ variable "is_drain" { default = false # Default value as per hashicorp terraform } +variable "is_backup" { + type = bool + description = "Whether the load balancer should treat this server as a backup unit." + default = false # Default value as per hashicorp terraform +} + variable "is_offline" { type = bool description = "Whether the load balancer should treat this server as offline. Offline servers receive no incoming traffic." diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb-backendset/main.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb-backendset/main.tf index 5b1be7eb3..1ed3bcc7d 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb-backendset/main.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb-backendset/main.tf @@ -15,7 +15,9 @@ resource "oci_network_load_balancer_backend_set" "backend_set" { #Optional interval_in_millis = var.interval_in_millis port = var.port + request_data = var.request_data response_body_regex = var.response_body_regex + response_data = var.response_data retries = var.retries return_code = var.return_code timeout_in_millis = var.timeout_in_millis diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb-backendset/variables.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb-backendset/variables.tf index be8179a34..7bf29d5df 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb-backendset/variables.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb-backendset/variables.tf @@ -23,12 +23,24 @@ variable "port" { default = null } +variable "request_data" { + type = string + description = "Base64 encoded pattern to be sent as UDP or TCP health check probe.r" + default = null +} + variable "response_body_regex" { type = string description = "A regular expression for parsing the response body from the backend server" default = null } +variable "response_data" { + type = string + description = "Base64 encoded pattern to be validated as UDP or TCP health check probe response." + default = null +} + variable "retries" { type = number description = " The number of retries to attempt before a backend server is considered unhealthy" diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb/main.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb/main.tf index 9646a8bca..ed808f378 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb/main.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb/main.tf @@ -12,6 +12,7 @@ resource "oci_network_load_balancer_network_load_balancer" "network_load_balance display_name = var.display_name subnet_id = var.subnet_id is_preserve_source_destination = var.is_preserve_source_destination + is_symmetric_hash_enabled = var.is_symmetric_hash_enabled is_private = var.is_private network_security_group_ids = var.network_security_group_ids != null ? (local.nsg_ids == [] ? ["INVALID NSG Name"] : local.nsg_ids) : null nlb_ip_version = var.nlb_ip_version diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb/variables.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb/variables.tf index 175608ad9..217076b3d 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb/variables.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb/variables.tf @@ -37,6 +37,11 @@ variable "is_private" { default = true } +variable "is_symmetric_hash_enabled" { + type = bool + +} + variable "network_security_group_ids" { type = list(any) description = "NSGs to place the load balancer in" diff --git a/cd3_automation_toolkit/user-scripts/terraform/network.tf b/cd3_automation_toolkit/user-scripts/terraform/network.tf index 0456317ca..51a5e2e57 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/network.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/network.tf @@ -371,58 +371,6 @@ output "dhcp_options_id" { } */ -############################ -# Module Block - Network -# Create Default Security Lists -############################ - -module "default-security-lists" { - source = "./modules/network/default-sec-list" - for_each = (var.default_seclists != null || var.default_seclists != {}) ? var.default_seclists : {} - - #Required - manage_default_resource_id = length(regexall("ocid1.vcn.oc1*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_security_list_id"] - - key_name = each.key - defined_tags = each.value.defined_tags - display_name = each.value.display_name != null ? each.value.display_name : null - freeform_tags = each.value.freeform_tags - seclist_details = var.default_seclists -} - -/* -output "default_seclist_id_map" { - value = [ for k,v in merge(module.default-security-lists.*...) : v.default_seclist_id ] -} -*/ - -############################ -# Module Block - Network -# Create Custom Security Lists -############################ - -module "security-lists" { - source = "./modules/network/sec-list" - for_each = (var.seclists != null || var.seclists != {}) ? var.seclists : {} - - #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null - - vcn_id = length(regexall("ocid1.vcn.oc1*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] - - key_name = each.key - defined_tags = each.value.defined_tags - display_name = each.value.display_name != null ? each.value.display_name : null - freeform_tags = each.value.freeform_tags - seclist_details = var.seclists -} - -/* -output "seclist_id_map" { - value = [ for k,v in merge(module.security-lists.*...) : v.seclist_id ] -} -*/ - ############################ # Module Block - Network # Create Default Route Tables @@ -594,6 +542,46 @@ output "drg_route_distribution_statements_id_map" { } */ + +############################# +# Data/Local Block - Network +# Subnets +############################## + +# Format : "vcn_name@dns_label@sec_list" => "vcn_name@dns_label@comp_name" +data "oci_core_security_lists" "security_lists" { + for_each = local.filtered_seclist_map + compartment_id = var.compartment_ocids[split("@", each.value)[2]] + #fetch vcn id based on vcn name + vcn_id = merge(module.vcns.*...)[split("@", each.value)[0]]["vcn_tf_id"] + display_name = length(each.key) > 2 ? trimprefix(trimprefix(split("@", each.key)[2], split("@", each.value)[0]), "_") : "Default Security List for ${split("@", each.value)[0]}" +} + +locals { + filtered_subnet_security_list_ids = { + for subnet_key, subnet_value in var.subnets : + # map for each subnet_key includes the compartment_id and a list of filtered security list IDs + "${subnet_value.vcn_id}@${subnet_value.dns_label}" => { + compartment_id = subnet_value.compartment_id, + security_list_ids = [for sec_id in subnet_value.security_list_ids : sec_id] + } + } + + #input to datasource for SL + filtered_seclist_map = merge(flatten([ + for subnet_key, subnet_value in local.filtered_subnet_security_list_ids : { + for seclist in subnet_value.security_list_ids : "${subnet_key}@${seclist}" => "${subnet_key}@${subnet_value.compartment_id}" + } + ])...) + + #Datasource output + security_lists_map = { + for key, data in data.oci_core_security_lists.security_lists : + # Check if data.security_lists is not empty and select the appropriate key-value pair + (endswith(key, "@") ? split("@", key)[0] : split("@", key)[2]) => (length(data.security_lists) > 0 ? data.security_lists[0].id : data.display_name)... + } +} + ############################# # Module Block - Network # Create Subnets @@ -603,7 +591,7 @@ module "subnets" { source = "./modules/network/subnet" for_each = (var.subnets != null || var.subnets != {}) ? var.subnets : {} - depends_on = [module.vcns, module.security-lists] + depends_on = [module.vcns] #Required tenancy_ocid = var.tenancy_ocid @@ -622,15 +610,18 @@ module "subnets" { availability_domain = each.value.availability_domain != "" && each.value.availability_domain != null ? data.oci_identity_availability_domains.availability_domains.availability_domains[each.value.availability_domain].name : "" dhcp_options_id = each.value.dhcp_options_id == null || each.value.dhcp_options_id == "" ? merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_dhcp_id"] : (length(regexall("ocid1.dhcpoptions.oc1*", each.value.dhcp_options_id)) > 0 ? each.value.dhcp_options_id : merge(module.custom-dhcps.*...)[each.value.dhcp_options_id]["custom_dhcp_tf_id"]) route_table_id = each.value.route_table_id == null || each.value.route_table_id == "" ? merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_route_table_id"] : (length(regexall("ocid1.routetable.oc1*", each.value.route_table_id)) > 0 ? each.value.route_table_id : merge(module.route-tables.*...)[each.value.route_table_id]["route_table_ids"]) - security_list_ids = length(each.value.security_list_ids) == 0 ? [merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_security_list_id"]] : each.value.security_list_ids vcn_default_security_list_id = merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_security_list_id"] - custom_security_list_id = merge(module.security-lists.*...) + security_list_ids = length(each.value.security_list_ids) != 0 ? [for sl in each.value.security_list_ids : lookup(local.security_lists_map, sl != "" ? sl : each.value.vcn_id, [])] : [] + } /* output "subnet_id_map" { value = [ for k,v in merge(module.subnets.*...) : v.subnet_id ] } +output "security_lists_output" { + value = data.oci_core_security_lists.security_lists +} */ ############################# diff --git a/cd3_automation_toolkit/user-scripts/terraform/networkloadbalancer.tf b/cd3_automation_toolkit/user-scripts/terraform/networkloadbalancer.tf index 5dbf7e1e6..90b03cf39 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/networkloadbalancer.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/networkloadbalancer.tf @@ -28,6 +28,7 @@ module "network-load-balancers" { display_name = each.value.display_name subnet_id = each.value.subnet_id != "" ? (length(regexall("ocid1.subnet.oc1*", each.value.subnet_id)) > 0 ? each.value.subnet_id : data.oci_core_subnets.oci_subnets_nlb[each.key].subnets.*.id[0]) : null is_preserve_source_destination = each.value.is_preserve_source_destination + is_symmetric_hash_enabled = each.value.is_symmetric_hash_enabled is_private = each.value.is_private network_security_group_ids = each.value.nsg_ids nlb_ip_version = each.value.nlb_ip_version @@ -60,7 +61,9 @@ module "nlb-backend-sets" { protocol = each.value.protocol interval_in_millis = each.value.interval_in_millis port = each.value.port + request_data = each.value.request_data response_body_regex = each.value.response_body_regex + response_data = each.value.response_data retries = each.value.retries return_code = each.value.return_code timeout_in_millis = each.value.timeout_in_millis @@ -79,6 +82,7 @@ module "nlb-backends" { is_drain = each.value.is_drain != "" ? each.value.is_drain : "false" + is_backup = each.value.is_backup != "" ? each.value.is_backup : "false" is_offline = each.value.is_offline != "" ? each.value.is_offline : "false" weight = each.value.weight != "" ? each.value.weight : "1" diff --git a/cd3_automation_toolkit/user-scripts/terraform/object-storage.tf b/cd3_automation_toolkit/user-scripts/terraform/object-storage.tf index d2a794390..fd75bdd96 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/object-storage.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/object-storage.tf @@ -51,7 +51,7 @@ module "oss-buckets" { auto_tiering = each.value.auto_tiering != "" ? each.value.auto_tiering : null # Defaults to 'Disabled' as per hashicorp terraform defined_tags = each.value.defined_tags != {} ? each.value.defined_tags : {} freeform_tags = each.value.freeform_tags != {} ? each.value.freeform_tags : {} - kms_key_id = each.value.kms_key_id != "" ? each.value.kms_key_id : null + kms_key_id = each.value.kms_key_id != "" ? each.value.kms_key_id : null #metadata = each.value.metadata != {} ? each.value.metadata : {} object_events_enabled = each.value.object_events_enabled != "" ? each.value.object_events_enabled : null # Defaults to 'false' as per hashicorp terraform storage_tier = each.value.storage_tier != "" ? each.value.storage_tier : null # Defaults to 'Standard' as per hashicorp terraform diff --git a/cd3_automation_toolkit/user-scripts/terraform/provider.tf b/cd3_automation_toolkit/user-scripts/terraform/provider.tf index fed8d4788..3fe96d1bf 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/provider.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/provider.tf @@ -19,7 +19,7 @@ terraform { oci = { source = "oracle/oci" #version = ">= 4.0.0" - version = "5.31.0" + version = "5.35.0" } } } diff --git a/cd3_automation_toolkit/user-scripts/terraform/sddc.tf b/cd3_automation_toolkit/user-scripts/terraform/sddc.tf index 8ffeffb78..d2d538f1f 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/sddc.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/sddc.tf @@ -14,39 +14,39 @@ locals { } ]]) - ds_vols = flatten([ for key, val in var.sddcs : [ - for item in concat(local.mgmt_vols[val.display_name],local.wkld_vols[val.display_name]): { - volume_display_name = item.volume_display_name - volume_compartment_id = item.volume_compartment_id - } + ds_vols = flatten([for key, val in var.sddcs : [ + for item in concat(local.mgmt_vols[val.display_name], local.wkld_vols[val.display_name]) : { + volume_display_name = item.volume_display_name + volume_compartment_id = item.volume_compartment_id + } ]]) mgmt_vols = { for key, val in var.sddcs : - val.display_name => try([for item in val.management_datastore: { - volume_compartment_id = try(split("@", item)[0],null) - volume_display_name = try(split("@", item)[1],null) - }],[])} + val.display_name => try([for item in val.management_datastore : { + volume_compartment_id = try(split("@", item)[0], null) + volume_display_name = try(split("@", item)[1], null) + }], []) } wkld_vols = { for key, val in var.sddcs : - val.display_name => try([ for item in val.workload_datastore: - { - volume_compartment_id = try(split("@", item)[0],null) - volume_display_name = try(split("@", item)[1],null) - }] ,[])} + val.display_name => try([for item in val.workload_datastore : + { + volume_compartment_id = try(split("@", item)[0], null) + volume_display_name = try(split("@", item)[1], null) + }], []) } - management_datastores = { for key,val in var.sddcs : key => (val.management_datastore != null ? [for value in val.management_datastore: data.oci_core_volumes.ds_volumes[split("@", value)[1]].volumes.*.id[0]] : []) + management_datastores = { for key, val in var.sddcs : key => (val.management_datastore != null ? [for value in val.management_datastore : data.oci_core_volumes.ds_volumes[split("@", value)[1]].volumes.*.id[0]] : []) } - workload_datastores = {for key,val in var.sddcs: key => (val.workload_datastore != null ? [for value in val.workload_datastore: data.oci_core_volumes.ds_volumes[split("@", value)[1]].volumes.*.id[0]] : []) - } - } + workload_datastores = { for key, val in var.sddcs : key => (val.workload_datastore != null ? [for value in val.workload_datastore : data.oci_core_volumes.ds_volumes[split("@", value)[1]].volumes.*.id[0]] : []) + } +} data "oci_core_volumes" "ds_volumes" { - for_each = {for value in local.ds_vols : value.volume_display_name => value.volume_compartment_id if value.volume_display_name != null } - compartment_id = each.value != null ? (length(regexall("ocid1.compartment.oc1*", each.value)) > 0 ? each.value : var.compartment_ocids[each.value]) : var.compartment_ocids[each.value] - display_name = each.key - state = "AVAILABLE" + for_each = { for value in local.ds_vols : value.volume_display_name => value.volume_compartment_id if value.volume_display_name != null } + compartment_id = each.value != null ? (length(regexall("ocid1.compartment.oc1*", each.value)) > 0 ? each.value : var.compartment_ocids[each.value]) : var.compartment_ocids[each.value] + display_name = each.key + state = "AVAILABLE" } @@ -68,7 +68,7 @@ data "oci_core_subnets" "oci_subnets_sddc" { data "oci_core_vlans" "sddc_vlan_id" { #Required - for_each = { for vlan in local.vlan_config : vlan.display_name => vlan if vlan.display_name != null} + for_each = { for vlan in local.vlan_config : vlan.display_name => vlan if vlan.display_name != null } compartment_id = each.value.compartment_id display_name = each.key vcn_id = each.value.vcn_id diff --git a/cd3_automation_toolkit/user-scripts/terraform/seclist.tf b/cd3_automation_toolkit/user-scripts/terraform/seclist.tf new file mode 100644 index 000000000..ebb0d7498 --- /dev/null +++ b/cd3_automation_toolkit/user-scripts/terraform/seclist.tf @@ -0,0 +1,60 @@ +############################ +# Module Block - Network +# Create Default Security Lists +############################ + +module "default-security-lists" { + source = "./modules/network/default-sec-list" + for_each = (var.default_seclists != null || var.default_seclists != {}) ? var.default_seclists : {} + + #Required + manage_default_resource_id = length(regexall("ocid1.vcn.oc1*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_security_list_id"] + + key_name = each.key + defined_tags = each.value.defined_tags + display_name = each.value.display_name != null ? each.value.display_name : null + freeform_tags = each.value.freeform_tags + seclist_details = var.default_seclists +} + +/* +output "default_seclist_id_map" { + value = [ for k,v in merge(module.default-security-lists.*...) : v.default_seclist_id ] +} +*/ + + +############################ +# Module Block - Network +# Create Custom Security Lists +############################ + +data "oci_core_vcns" "oci_vcns_sec_lists" { + # depends_on = [module.vcns] # Uncomment to create Network and NSGs together + for_each = var.nsgs != null ? var.nsgs : {} + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null + display_name = each.value.vcn_name +} + + +module "security-lists" { + source = "./modules/network/sec-list" + for_each = (var.seclists != null || var.seclists != {}) ? var.seclists : {} + + #Required + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + + vcn_id = length(regexall("ocid1.vcn.oc1*", each.value.vcn_id)) > 0 ? each.value.vcn_id : flatten(data.oci_core_vcns.oci_vcns_sec_lists[each.key].virtual_networks.*.id)[0] + + key_name = each.key + defined_tags = each.value.defined_tags + display_name = each.value.display_name != null ? each.value.display_name : null + freeform_tags = each.value.freeform_tags + seclist_details = var.seclists +} + +/* +output "seclist_id_map" { + value = [ for k,v in merge(module.security-lists.*...) : v.seclist_id ] +} +*/ diff --git a/cd3_automation_toolkit/user-scripts/terraform/variables_example.tf b/cd3_automation_toolkit/user-scripts/terraform/variables_example.tf index e5a009cf9..a4007bb15 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/variables_example.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/variables_example.tf @@ -609,73 +609,73 @@ variable "data_drg_route_table_distributions" { #################### variable "zones" { -type = map(object({ -compartment_id = string -display_name = string -view_compartment_id = optional(string) -view_id = optional(string) -zone_type = optional(string) -scope = optional(string) -freeform_tags = optional(map(any)) -defined_tags = optional(map(any)) -})) -default = {} + type = map(object({ + compartment_id = string + display_name = string + view_compartment_id = optional(string) + view_id = optional(string) + zone_type = optional(string) + scope = optional(string) + freeform_tags = optional(map(any)) + defined_tags = optional(map(any)) + })) + default = {} } variable "views" { -type = map(object({ -compartment_id = string -display_name = string -scope = optional(string) -freeform_tags = optional(map(any)) -defined_tags = optional(map(any)) -})) + type = map(object({ + compartment_id = string + display_name = string + scope = optional(string) + freeform_tags = optional(map(any)) + defined_tags = optional(map(any)) + })) default = {} } variable "rrsets" { -type = map(object({ -compartment_id = optional(string) -view_compartment_id = optional(string) -view_id = optional(string) -zone_id = string -domain = string -rtype = string -ttl = number -rdata = optional(list(string)) -scope = optional(string) -})) -default = {} + type = map(object({ + compartment_id = optional(string) + view_compartment_id = optional(string) + view_id = optional(string) + zone_id = string + domain = string + rtype = string + ttl = number + rdata = optional(list(string)) + scope = optional(string) + })) + default = {} } variable "resolvers" { -type = map(object({ -network_compartment_id= string -vcn_name = string -display_name = optional(string) -views = optional(map(object({ - view_id = optional(string) - view_compartment_id = optional(string) -}))) -resolver_rules = optional(map(object({ - client_address_conditions = optional(list(any)) - destination_addresses = optional(list(any)) - qname_cover_conditions = optional(list(any)) - source_endpoint_name = optional(string) -}))) -endpoint_names = optional(map(object({ - is_forwarding = optional(bool) - is_listening = optional(bool) - name = optional(string) - subnet_name = optional(string) - forwarding_address = optional(string) - listening_address = optional(string) - nsg_ids = optional(list(string)) -}))) -freeform_tags = optional(map(any)) -defined_tags = optional(map(any)) -})) -default = {} + type = map(object({ + network_compartment_id = string + vcn_name = string + display_name = optional(string) + views = optional(map(object({ + view_id = optional(string) + view_compartment_id = optional(string) + }))) + resolver_rules = optional(map(object({ + client_address_conditions = optional(list(any)) + destination_addresses = optional(list(any)) + qname_cover_conditions = optional(list(any)) + source_endpoint_name = optional(string) + }))) + endpoint_names = optional(map(object({ + is_forwarding = optional(bool) + is_listening = optional(bool) + name = optional(string) + subnet_name = optional(string) + forwarding_address = optional(string) + listening_address = optional(string) + nsg_ids = optional(list(string)) + }))) + freeform_tags = optional(map(any)) + defined_tags = optional(map(any)) + })) + default = {} } @@ -765,32 +765,32 @@ variable "instances" { policy_compartment_id = optional(string) network_type = optional(string) #extended_metadata = optional(string) - skip_source_dest_check = optional(bool) - baseline_ocpu_utilization = optional(string) + skip_source_dest_check = optional(bool) + baseline_ocpu_utilization = optional(string) #preemptible_instance_config = optional(string) - all_plugins_disabled = optional(bool) - is_management_disabled = optional(bool) - is_monitoring_disabled = optional(bool) - assign_private_dns_record = optional(string) - plugins_details = optional(map(any)) - is_live_migration_preferred = optional(bool) - recovery_action = optional(string) - are_legacy_imds_endpoints_disabled = optional(bool) - boot_volume_type = optional(string) - firmware = optional(string) - is_consistent_volume_naming_enabled = optional(bool) - remote_data_volume_type = optional(string) - platform_config = optional(list(map(any))) - launch_options = optional(list(map(any))) - ipxe_script = optional(string) - preserve_boot_volume = optional(bool) - vlan_id = optional(string) - kms_key_id = optional(string) - vnic_display_name = optional(string) - vnic_defined_tags = optional(map(any)) - vnic_freeform_tags = optional(map(any)) - defined_tags = optional(map(any)) - freeform_tags = optional(map(any)) + all_plugins_disabled = optional(bool) + is_management_disabled = optional(bool) + is_monitoring_disabled = optional(bool) + assign_private_dns_record = optional(string) + plugins_details = optional(map(any)) + is_live_migration_preferred = optional(bool) + recovery_action = optional(string) + are_legacy_imds_endpoints_disabled = optional(bool) + boot_volume_type = optional(string) + firmware = optional(string) + is_consistent_volume_naming_enabled = optional(bool) + remote_data_volume_type = optional(string) + platform_config = optional(list(map(any))) + launch_options = optional(list(map(any))) + ipxe_script = optional(string) + preserve_boot_volume = optional(bool) + vlan_id = optional(string) + kms_key_id = optional(string) + vnic_display_name = optional(string) + vnic_defined_tags = optional(map(any)) + vnic_freeform_tags = optional(map(any)) + defined_tags = optional(map(any)) + freeform_tags = optional(map(any)) })) default = {} } @@ -979,6 +979,7 @@ variable "backend_sets" { policy = string protocol = optional(string) interval_ms = optional(string) + is_force_plain_text = optional(string) port = optional(string) response_body_regex = optional(string) retries = optional(string) @@ -1172,6 +1173,7 @@ variable "network_load_balancers" { is_private = optional(bool) reserved_ips_id = string is_preserve_source_destination = optional(bool) + is_symmetric_hash_enabled = optional(bool) nlb_ip_version = optional(string) nsg_ids = optional(list(string)) defined_tags = optional(map(any)) @@ -1200,7 +1202,9 @@ variable "nlb_backend_sets" { return_code = optional(number) interval_in_millis = optional(number) port = optional(number) + request_data = optional(string) response_body_regex = optional(string) + response_data = optional(string) retries = optional(number) timeout_in_millis = optional(number) url_path = optional(string) @@ -1218,6 +1222,7 @@ variable "nlb_backends" { ip_address = string instance_compartment = string is_drain = optional(bool) + is_backup = optional(bool) is_offline = optional(bool) weight = optional(number) target_id = optional(string) @@ -1659,34 +1664,34 @@ variable "capacity_reservation_ocids" { ####### Firewall as a Service ####### ##################################### variable "firewalls" { - type = map(object({ - compartment_id = string - network_compartment_id = string + type = map(object({ + compartment_id = string + network_compartment_id = string network_firewall_policy_id = string - subnet_id = string - vcn_name = string - display_name = string - ipv4address = optional(string) - nsg_id = optional(list(string)) - ipv6address = optional(string) - availability_domain = optional(string) - defined_tags = optional(map(any)) - freeform_tags = optional(map(any)) + subnet_id = string + vcn_name = string + display_name = string + ipv4address = optional(string) + nsg_id = optional(list(string)) + ipv6address = optional(string) + availability_domain = optional(string) + defined_tags = optional(map(any)) + freeform_tags = optional(map(any)) })) default = {} } variable "fw-policies" { - type = map(object({ + type = map(object({ compartment_id = optional(string) display_name = optional(string) - defined_tags = optional(map(any)) - freeform_tags = optional(map(any)) + defined_tags = optional(map(any)) + freeform_tags = optional(map(any)) })) default = {} } variable "services" { - type = map(object({ + type = map(object({ service_name = string service_type = string network_firewall_policy_id = string @@ -1698,18 +1703,18 @@ variable "services" { default = {} } variable "url_lists" { - type = map(object({ + type = map(object({ urllist_name = string network_firewall_policy_id = string urls = list(object({ pattern = string - type = string + type = string })) })) default = {} } variable "service_lists" { - type = map(object({ + type = map(object({ service_list_name = string network_firewall_policy_id = string services = list(string) @@ -1718,40 +1723,40 @@ variable "service_lists" { } variable "address_lists" { - type = map(object({ + type = map(object({ address_list_name = string network_firewall_policy_id = string - address_type = string - addresses = list(string) + address_type = string + addresses = list(string) })) default = {} } variable "applications" { - type = map(object({ - app_list_name = string + type = map(object({ + app_list_name = string network_firewall_policy_id = string - app_type = string - icmp_type = number - icmp_code = optional(number) + app_type = string + icmp_type = number + icmp_code = optional(number) })) default = {} } variable "application_groups" { - type = map(object({ - app_group_name = string + type = map(object({ + app_group_name = string network_firewall_policy_id = string - apps = list(string) + apps = list(string) })) default = {} } variable "security_rules" { - type = map(object({ - action = string - rule_name = string + type = map(object({ + action = string + rule_name = string network_firewall_policy_id = string condition = optional(list(object({ application = optional(list(string)) @@ -1760,8 +1765,8 @@ variable "security_rules" { source_address = optional(list(string)) url = optional(list(string)) }))) - inspection = optional(string) - after_rule = optional(string) + inspection = optional(string) + after_rule = optional(string) before_rule = optional(string) })) @@ -1769,33 +1774,33 @@ variable "security_rules" { } variable "secrets" { - type = map(object({ - secret_name = string + type = map(object({ + secret_name = string network_firewall_policy_id = string - secret_source = string - secret_type = string - vault_secret_id = string - version_number = number - vault_name = string - vault_compartment_id = string + secret_source = string + secret_type = string + vault_secret_id = string + version_number = number + vault_name = string + vault_compartment_id = string })) default = {} } variable "decryption_profiles" { - type = map(object({ - profile_name = string - profile_type = string - network_firewall_policy_id = string + type = map(object({ + profile_name = string + profile_type = string + network_firewall_policy_id = string are_certificate_extensions_restricted = optional(bool) - is_auto_include_alt_name = optional(bool) - is_expired_certificate_blocked = optional(bool) - is_out_of_capacity_blocked = optional(bool) - is_revocation_status_timeout_blocked = optional(bool) - is_unknown_revocation_status_blocked = optional(bool) - is_unsupported_cipher_blocked = optional(bool) - is_unsupported_version_blocked = optional(bool) - is_untrusted_issuer_blocked = optional(bool) + is_auto_include_alt_name = optional(bool) + is_expired_certificate_blocked = optional(bool) + is_out_of_capacity_blocked = optional(bool) + is_revocation_status_timeout_blocked = optional(bool) + is_unknown_revocation_status_blocked = optional(bool) + is_unsupported_cipher_blocked = optional(bool) + is_unsupported_version_blocked = optional(bool) + is_untrusted_issuer_blocked = optional(bool) })) default = {} } @@ -1805,7 +1810,7 @@ variable "decryption_rules" { action = string rule_name = string network_firewall_policy_id = string - condition = optional(list(object({ + condition = optional(list(object({ destination_address = optional(list(string)) diff --git a/jenkins_install/init/01_jenkins-config.groovy b/jenkins_install/init/01_jenkins-config.groovy index 6fd5e42c0..540a178e5 100644 --- a/jenkins_install/init/01_jenkins-config.groovy +++ b/jenkins_install/init/01_jenkins-config.groovy @@ -1,10 +1,9 @@ -import com.cloudbees.hudson.plugins.folder.* -//import org.jenkinsci.plugins.workflow.job.WorkflowJob import jenkins.model.Jenkins +import com.cloudbees.hudson.plugins.folder.* + Jenkins jenkins = Jenkins.instance def JENKINS_HOME = System.getenv("JENKINS_HOME") - File file = new File("$JENKINS_HOME/jenkins.properties") file.withReader { reader -> while ((line = reader.readLine()) != null) { @@ -21,223 +20,72 @@ file.withReader { reader -> services = Eval.me(line.split("=")[1]) } } - } + } + def tfApplyJobName = "terraform-apply" def tfDestroyJobName = "terraform-destroy" -for (os in outdir_structure) { - - def ost = jenkins.getItem("terraform_files") - if (ost == null) { - ost = jenkins.createProject(Folder.class,"terraform_files") - - def global = ost.getItem("global") - if (global == null) { - global = ost.createProject(Folder.class, "global") - - def rpc = global.getItem("rpc") - if (rpc == null) { - rpc = global.createProject(Folder.class, "rpc") - - def tfGlobRpcXml = -"""\ - +// Function to create job XML +def createJobXml(scriptPath, gitUrl) { + return """ + false - multiOutput.groovy - false - - - - ${git_url} - - - - - develop - - - 2 - false - Default - + ${scriptPath} + false + + + + ${gitUrl} + + + + + develop + + + 2 + false + Default + - -""" + + """ +} - def tfGlobRpcDestroyXml = -"""\ - - - - false - - multiOutput-tf-destroy.groovy - false - - - - ${git_url} - - - - - develop - - - 2 - false - Default - - - -""" - def tfGlobRpcXmlStream = new ByteArrayInputStream(tfGlobRpcXml.getBytes()) - job1 = rpc.createProjectFromXML(tfApplyJobName, tfGlobRpcXmlStream) - def tfGlobRpcDestroyXmlStream = new ByteArrayInputStream(tfGlobRpcDestroyXml.getBytes()) - job2 = rpc.createProjectFromXML(tfDestroyJobName, tfGlobRpcDestroyXmlStream) - - } -} - - for (reg in regions) { - def folder = ost.getItem(reg) - if (folder == null) { - folder = ost.createProject(Folder.class, reg) - if (os == "Single_Outdir"){ - def tfApplyXml = -"""\ - - - - false - - singleOutput.groovy - false - - - - ${git_url} - - - - - develop - - - 2 - false - Default - - - -""" +// Function to create Jenkins job +def createJob(parent, jobName, xml) { + def jobXmlStream = new ByteArrayInputStream(xml.getBytes()) + parent.createProjectFromXML(jobName, jobXmlStream) +} - def tfDestroyXml = -"""\ - - - - false - - singleOutput-tf-destroy.groovy - false - - - - ${git_url} - - - - - develop - - - 2 - false - Default - - - -""" +// Create jobs for each configuration +jenkins.with { + Folder ost = getItem("terraform_files") ?: createProject(Folder.class, "terraform_files") - def tfApplyxmlStream = new ByteArrayInputStream(tfApplyXml.getBytes()) - job1 = folder.createProjectFromXML(tfApplyJobName, tfApplyxmlStream) - def tfDestroyxmlStream = new ByteArrayInputStream(tfDestroyXml.getBytes()) - job2 = folder.createProjectFromXML(tfDestroyJobName, tfDestroyxmlStream) + for (os in outdir_structure) { + Folder global = ost.getItem("global") ?: ost.createProject(Folder.class, "global") + Folder rpc = global.getItem("rpc") ?: global.createProject(Folder.class, "rpc") - } - if (os == "Multiple_Outdir"){ - for (svc in services) { - def svobjt = folder.getItem(svc) - if (svobjt == null) { - svobjt = folder.createProject(Folder.class, svc) - def tfApplyXml = -"""\ - - - - false - - multiOutput.groovy - false - - - - ${git_url} - - - - - develop - - - 2 - false - Default - - - -""" + createJob(rpc, tfApplyJobName, createJobXml('tf-apply.groovy', git_url)) + createJob(rpc, tfDestroyJobName, createJobXml('tf-destroy.groovy', git_url)) + for (reg in regions) { + Folder folder = ost.getItem(reg) ?: ost.createProject(Folder.class, reg) - def tfDestroyXml = -"""\ - - - - false - - multiOutput-tf-destroy.groovy - false - - - - ${git_url} - - - - - develop - - - 2 - false - Default - - - -""" - def tfApplyxmlStream = new ByteArrayInputStream(tfApplyXml.getBytes()) - job1 = svobjt.createProjectFromXML(tfApplyJobName, tfApplyxmlStream) - def tfDestroyxmlStream = new ByteArrayInputStream(tfDestroyXml.getBytes()) - job2 = svobjt.createProjectFromXML(tfDestroyJobName, tfDestroyxmlStream) - } - } - } - } + if (os == "Single_Outdir") { + createJob(folder, tfApplyJobName, createJobXml('tf-apply.groovy', git_url)) + createJob(folder, tfDestroyJobName, createJobXml('tf-destroy.groovy', git_url)) } - } -} \ No newline at end of file + if (os == "Multiple_Outdir" && services) { + for (svc in services) { + Folder svcFolder = folder.getItem(svc) ?: folder.createProject(Folder.class, svc) + createJob(svcFolder, tfApplyJobName, createJobXml('tf-apply.groovy', git_url)) + createJob(svcFolder, tfDestroyJobName, createJobXml('tf-destroy.groovy', git_url)) + } + } + } +} +} diff --git a/jenkins_install/init/02_jenkins-view.groovy b/jenkins_install/init/02_jenkins-view.groovy index b7976c30b..edec49a67 100644 --- a/jenkins_install/init/02_jenkins-view.groovy +++ b/jenkins_install/init/02_jenkins-view.groovy @@ -1,55 +1,54 @@ - import jenkins.model.Jenkins - - def parentPath = "terraform_files" - def jenkinsInstance = Jenkins.getInstance() - - def findRegionFolders(jenkinsInstance, parentPath) { - def parent = jenkinsInstance.getItemByFullName(parentPath) - - if (parent != null && parent instanceof hudson.model.ViewGroup) { - return parent.items.findAll { it instanceof hudson.model.ViewGroup } - } else { - println("Parent folder not found: $parentPath") - return [] - } - } - - def addJobsToView(view, folder) { - folder.items.each { item -> - if (item instanceof hudson.model.Job) { - // println("Processing job: ${item.fullName}") - view.add(item) - } else if (item instanceof hudson.model.ViewGroup) { - // Recursively add jobs from subfolders - addJobsToView(view, item) - } - } - } - - def processRegionFolder(jenkinsInstance, regionFolder) { - def viewName = "${regionFolder.name}" - def view = jenkinsInstance.getView(viewName) - - if (view == null) { - // Create the view if it doesn't exist - view = new hudson.model.ListView(viewName, jenkinsInstance) - jenkinsInstance.addView(view) - } - - addJobsToView(view, regionFolder) - - // Set the "Recurse in folders" option - view.setRecurse(true) - - // Save the view configuration - view.save() - - println("View '$viewName' created successfully.") - } - - def regionFolders = findRegionFolders(jenkinsInstance, parentPath) - regionFolders.each { regionFolder -> - processRegionFolder(jenkinsInstance, regionFolder) - } - - println("Processing completed for all region folders.") +import jenkins.model.Jenkins + +def createRegionViews() { + def jenkinsInstance = Jenkins.getInstance() + if (jenkinsInstance == null) { + println("Jenkins instance not available.") + return + } + + def parentPath = "terraform_files" + def parent = jenkinsInstance.getItemByFullName(parentPath) + + if (parent != null && parent instanceof hudson.model.ViewGroup) { + parent.items.each { regionFolder -> + def viewName = regionFolder.name + def view = jenkinsInstance.getView(viewName) + + if (view == null) { + view = new hudson.model.ListView(viewName, jenkinsInstance) + jenkinsInstance.addView(view) + } + + // Clear the view to remove any existing jobs + view.items.clear() + + // Add jobs to the view + addJobsToView(view, regionFolder) + + // Set the "Recurse in folders" option + view.setRecurse(true) + + // Save the view configuration + view.save() + + println("View '$viewName' created successfully.") + } + } else { + println("Parent folder not found: $parentPath") + } +} + +def addJobsToView(hudson.model.ListView view, hudson.model.ViewGroup folder) { + folder.items.each { item -> + if (item instanceof hudson.model.Job) { + view.add(item) + } else if (item instanceof hudson.model.ViewGroup) { + // Recursively add jobs from sub-folders + addJobsToView(view, item) + } + } +} + +// function to create region views +createRegionViews() \ No newline at end of file diff --git a/jenkins_install/jcasc.yaml b/jenkins_install/jcasc.yaml index e81028cda..a7f8290dc 100644 --- a/jenkins_install/jcasc.yaml +++ b/jenkins_install/jcasc.yaml @@ -42,6 +42,11 @@ security: usageStatisticsEnabled: true globalJobDslSecurityConfiguration: useScriptSecurity: false + scriptApproval: + approvedSignatures: + - "method groovy.lang.GroovyObject invokeMethod java.lang.String java.lang.Object" + - "new java.io.File java.lang.String" + - "staticMethod org.codehaus.groovy.runtime.ResourceGroovyMethods readLines java.io.File" unclassified: buildDiscarders: configuredBuildDiscarders: diff --git a/jenkins_install/jenkins.sh b/jenkins_install/jenkins.sh index 13c726857..93b4c79fb 100644 --- a/jenkins_install/jenkins.sh +++ b/jenkins_install/jenkins.sh @@ -5,8 +5,10 @@ # Check if JENKINS_HOME exists if [ ! -d "$JENKINS_HOME" ]; then # If it doesn't exist, create it - mkdir -p "$JENKINS_HOME" - echo "Directory created: $JENKINS_HOME" + #mkdir -p "$JENKINS_HOME" + #echo "Directory created: $JENKINS_HOME" + echo "Jenkins should be configured only if Devops parameter is set during tenancy configuration for the toolkit" + exit fi # Copy Required files to JENKINS_HOME diff --git a/jenkins_install/multiOutput-tf-destroy.groovy b/jenkins_install/multiOutput-tf-destroy.groovy deleted file mode 100644 index a69ebb04e..000000000 --- a/jenkins_install/multiOutput-tf-destroy.groovy +++ /dev/null @@ -1,154 +0,0 @@ -/* Set the various stages of the build */ -def tf_plan = "Changes" -pipeline { - agent any - options { - ansiColor('xterm') - } - stages { - stage('Terraform Destroy Plan') { - when { - expression { return env.GIT_BRANCH == 'origin/develop';} - } - - steps { - catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { - script { - def jobName = env.JOB_NAME - def parts = jobName.split('/') - - // Assuming the job name format is /job//job/job_name - def regionName = parts[1] - def serviceName = parts[2] - - // Set environment variables for reuse in subsequent stages - env.Region = regionName - env.Service = serviceName - - sh "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform init -upgrade" - //sh "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform plan -destroy" - - - // Run Terraform plan - def terraformPlanOutput = sh(script: "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform plan -destroy", returnStdout: true).trim() - - // Check if the plan contains any changes - if (terraformPlanOutput.contains('No changes.')) { - echo 'No changes in Terraform plan. Skipping further stages.' - tf_plan = "No Changes" - } else { - // If there are changes, proceed with applying the plan - echo "Proceeding with destroy. \n${terraformPlanOutput}" - - } - - } - } - } - } - - /** Approval for Terraform Apply **/ - stage('Get Approval') { - when { - allOf{ - expression {return env.GIT_BRANCH == 'origin/develop'; } - expression {return tf_plan == "Changes" } - expression {return currentBuild.result != "FAILURE" } - } - } - input { - message "Do you want to perform terraform destroy?" - - } - steps { - echo "Approval for the Destroy Granted!" - } - } - - stage('Terraform Destroy') { - when { - allOf{ - expression {return env.GIT_BRANCH == 'origin/develop'; } - expression {return tf_plan == "Changes" } - expression {return currentBuild.result != "FAILURE" } - } - } - - steps { - catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { - script { - sh "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform destroy --auto-approve" - } - } - } - } - - - /** Main branch commit to keep changes in Sync **/ - stage('Commit To Main') { - when { - allOf { - expression { return env.GIT_BRANCH == 'origin/develop'; } - expression { return tf_plan == "Changes" } - expression { return currentBuild.result != "FAILURE" } - } - } - steps { - catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { - script { - def buildDir = "${WORKSPACE}/${BUILD_NUMBER}" - // Create directory with build number - sh "mkdir -p ${buildDir}" - - // Commit changes to the main branch - dir(buildDir) { - sh """ - git clone ${GIT_URL} - cd \$(ls -d */|head -n 1) - git checkout main - ls -lrtha - cd "${env.Region}/${env.Service}" - git pull --no-edit origin main - rm -f *.tfvars - git rm *.tfvars - git status - git add --all . - """ - - def git_status = false - while (!git_status) { - // Execute the git commands using shell - def gitResult = sh(script: """ - cd "\$(ls -d */|head -n 1)" - cd "${env.Region}/${env.Service}" - git fetch origin main - git merge origin/main - git commit -m "commit for terraform-destroy build - ${BUILD_NUMBER} for "${env.Region}"/"${env.Service} - - git push --porcelain origin main - """, returnStatus: true) - - if (gitResult == 0) { - git_status = true - } else { - echo "Git operation failed, retrying...." - sleep 3 // 3 seconds before retrying - } - } - - - } - } - } - } - - post { - always { - // Delete the build directory and the temporary directory - deleteDir() - } - } - } - - } -} diff --git a/jenkins_install/multiOutput.groovy b/jenkins_install/multiOutput.groovy deleted file mode 100644 index 6695f59ca..000000000 --- a/jenkins_install/multiOutput.groovy +++ /dev/null @@ -1,198 +0,0 @@ -def tf_plan = "Changes" -pipeline { - agent any - options { - ansiColor('xterm') - } - stages { - stage('Terraform Plan') { - when { - expression { - return env.GIT_BRANCH == 'origin/develop'; - } - } - - steps { - catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { - script { - def jobName = env.JOB_NAME - def parts = jobName.split('/') - - // Assuming the job name format is /job//job/job_name - def regionName = parts[1] - def serviceName = parts[2] - - - // Set environment variables for reuse in subsequent stages - env.Region = regionName - env.Service = serviceName - - //dir("${WORKSPACE}/${env.Region}/${env.Service}") { - // sh 'terraform init -upgrade' - //} - sh "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform init -upgrade" - - // Run Terraform plan and capture the output - def terraformPlanOutput = sh(script: "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform plan -out=tfplan.out", returnStdout: true).trim() - - // Check if the plan contains any changes - if (terraformPlanOutput.contains('No changes.')) { - echo 'No changes in Terraform plan. Skipping further stages.' - tf_plan = "No Changes" - } else { - // If there are changes, proceed with applying the plan - echo "Changes detected in Terraform plan. Proceeding with apply. \n${terraformPlanOutput}" - - } - } - } - } - } - - /** OPA Stage **/ - stage('OPA') { - when { - allOf{ - expression { return env.GIT_BRANCH == 'origin/develop'} - expression { return tf_plan == "Changes" } - expression {return currentBuild.result != "ABORTED" } - expression {return currentBuild.result != "FAILURE" } - } - } - - steps { - catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { - script { - // Run Terraform show and capture the output - sh "set +x && cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform show -json tfplan.out > tfplan.json" - // Run OPA eval - def opaOutput = sh(script: "opa eval -f pretty -b /cd3user/oci_tools/cd3_automation_toolkit/user-scripts/OPA/ -i \"${WORKSPACE}/${env.Region}/${env.Service}/tfplan.json\" data.terraform.deny",returnStdout: true).trim() - - if (opaOutput == '[]') { - echo "No OPA rules are violated. Proceeding with the next stage." - } - else { - echo "OPA Output:\n${opaOutput}" - unstable(message:"OPA Rules are violated.") - } - } - } - } - } - - stage('Get Approval') { - when { - allOf{ - expression { return env.GIT_BRANCH == 'origin/develop'} - expression {return tf_plan == "Changes"} - expression {return currentBuild.result != "ABORTED" } - expression {return currentBuild.result != "FAILURE" } - } - } - - options { - timeout(time: 1440, unit: 'MINUTES') // 24 hours timeout - } - - steps { - script { - input message: "Do you want to apply the plan?" - echo "Approval for the Apply Granted!" - } - } - } - stage('Terraform Apply') { - when { - allOf{ - expression { return env.GIT_BRANCH == 'origin/develop'} - expression {return tf_plan == "Changes"} - expression {return currentBuild.result != "ABORTED" } - expression {return currentBuild.result != "FAILURE" } - } - } - - steps { - catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { - script { - sh "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform apply --auto-approve tfplan.out" - } - } - } - } - stage('Git Commit to main') { - when { - allOf{ - expression {return currentBuild.result != "ABORTED" } - expression {return currentBuild.result != "FAILURE" } - } - } - steps { - catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { - script { - try { - sh ''' - set +x - mkdir -p ${WORKSPACE}/../${BUILD_NUMBER} - cd ${WORKSPACE}/../${BUILD_NUMBER} - git clone ${GIT_URL} - repo_name=${GIT_URL##*/} - cd ${WORKSPACE}/../${BUILD_NUMBER}/${repo_name} - git checkout main - reg=`echo ${JOB_NAME}| cut -d "/" -f2` - service=`echo ${JOB_NAME}| cut -d "/" -f3` - copy_path=${reg}/${service} - cp -r ${WORKSPACE}/${copy_path}/* ${copy_path}/ - git add ${copy_path}* - ''' - } catch(Exception e1) { - println(e1) - sh ''' - set +x - rm -rf ${WORKSPACE}/../${BUILD_NUMBER} - exit 1 - ''' - - } - sh ''' - set +x - repo_name=${GIT_URL##*/} - reg=`echo ${JOB_NAME}| cut -d "/" -f2` - service=`echo ${JOB_NAME}| cut -d "/" -f3` - cd ${WORKSPACE}/../${BUILD_NUMBER}/${repo_name} - git_status=`git status --porcelain` - if [[ $git_status ]];then - git commit -m "commit for terraform-apply build - ${BUILD_NUMBER} for "${reg}"/"${service} - else - echo "Nothing to commit" - fi - ''' - status = sh(script: ''' - set +x - repo_name=${GIT_URL##*/} - cd ${WORKSPACE}/../${BUILD_NUMBER}/${repo_name} - git pull --no-edit origin main - git push --porcelain origin main - ''', returnStatus: true) - - while (status != 0){ - println("Trying again ...") - status = sh(script: ''' - set +x - repo_name=${GIT_URL##*/} - cd ${WORKSPACE}/../${BUILD_NUMBER}/${repo_name} - git pull --no-edit origin main - set -x - git push --porcelain origin main - ''', returnStatus: true) - } - sh ''' - set +x - rm -rf ${WORKSPACE}/../${BUILD_NUMBER} - ''' - - } - } - } - } - } -} diff --git a/jenkins_install/plugins.txt b/jenkins_install/plugins.txt index 0a86d1e07..0f5e258a8 100644 --- a/jenkins_install/plugins.txt +++ b/jenkins_install/plugins.txt @@ -1,23 +1,22 @@ plain-credentials:143.v1b_df8b_d3b_e48 snakeyaml-api:2.2-111.vc6598e30cc65 -workflow-step-api:639.v6eca_cd8c04a_a_ -pipeline-build-step:516.v8ee60a_81c5b_9 -pipeline-input-step:477.v339683a_8d55e +workflow-step-api:657.v03b_e8115821b_ +pipeline-build-step:540.vb_e8849e1a_b_d8 +pipeline-input-step:491.vb_07d21da_1a_fb_ pipeline-stage-view:2.34 job-dsl:1.87 -credentials-binding:642.v737c34dea_6c2 +credentials-binding:657.v2b_19db_7d6e6d docker-workflow:572.v950f58993843 -scm-api:676.v886669a_199a_a_ -configuration-as-code:1700.v6f448841296e -config-file-provider:959.vcff671a_4518b_ +scm-api:689.v237b_6d3a_ef7f +configuration-as-code:1775.v810dc950b_514 +config-file-provider:968.ve1ca_eb_913f8c git:5.2.1 -credentials:1309.v8835d63eb_d8a_ -build-timeout:1.31 -script-security:1281.v22fb_899df1a_e +credentials:1319.v7eb_51b_3a_c97b_ +build-timeout:1.32 +script-security:1326.vdb_c154de8669 rebuild:330.v645b_7df10e2a_ uno-choice:2.8.1 file-parameters:316.va_83a_1221db_a_7 -scriptler:334.v29792d5a_c058 -ansicolor:0.6.2 -pipeline-graph-view:205.vb_8e3a_b_51f12e - +scriptler:348.v5d461e205da_a_ +ansicolor:1.0.4 +pipeline-graph-view:223.vf9249decdfcd diff --git a/jenkins_install/scriptler/scripts/AdditionalFilters.groovy b/jenkins_install/scriptler/scripts/AdditionalFilters.groovy index 3ae60f0bc..17df866e8 100644 --- a/jenkins_install/scriptler/scripts/AdditionalFilters.groovy +++ b/jenkins_install/scriptler/scripts/AdditionalFilters.groovy @@ -1,125 +1,117 @@ -html_to_be_rendered = "" +def reg_list = new File("/cd3user/tenancies/${customer_prefix}/.config_files/regions_file") as String[] +def string_list = reg_list.join(", ") +reg_options = "" +for(item in string_list.split(",")){ + reg_options = reg_options+"" +} +def comp_list = new File("/cd3user/tenancies/${customer_prefix}/.config_files/compartments_file") as String[] +def string_list2 = comp_list.join(", ") +comp_options = "" +for(item in string_list2.split(",")){ + comp_options = comp_options+"" +} +html_to_be_rendered = "
" if(Workflow.toLowerCase().contains("export")){ html_to_be_rendered = """ ${html_to_be_rendered} - - - - - - - - - - - - - - + + + + + +

(Leave empty for all subscribed regions)

(Leave empty to fetch from all compartments)(Leave empty to fetch from all regions)
+ + + + + + - +
""" } for (item in SubOptions.split(",")) { if (item.equals("Export Instances (excludes instances launched by OKE)")) { html_to_be_rendered = """ ${html_to_be_rendered} - - - + + - - - - + + + + - + - - - - + """ } if (item.equals("Export Firewall Policy")) { html_to_be_rendered = """ ${html_to_be_rendered} - - - + + - - - + + + """ } if (item.equals("Clone Firewall Policy")) { html_to_be_rendered = """ ${html_to_be_rendered} - - - - - - - - - - + + + + + + + + + - - + + - - - - - - - + + + + + + + """ } if (item.equals("Delete Firewall Policy")) { html_to_be_rendered = """ ${html_to_be_rendered} - - - - - - - - - - + + + + + + + + + - + - - """ } if (item.equals("Export Block Volumes/Block Backup Policy")) { @@ -161,18 +153,18 @@ for (item in SubOptions.split(",")) { ${html_to_be_rendered} - - - - - + + + + + - - - - + + + + """ } @@ -180,28 +172,23 @@ for (item in SubOptions.split(",")) { if (item.equals('Create Key/Vault')){ html_to_be_rendered = """ ${html_to_be_rendered} - - - - - - + + + + - - - - + + + + """ } - if (item.equals('Create Default Budget')){ html_to_be_rendered = """ ${html_to_be_rendered} - - @@ -220,15 +207,12 @@ for (item in SubOptions.split(",")) { if (item.equals('Enable Cloud Guard')){ html_to_be_rendered = """ ${html_to_be_rendered} - - - - - - - - - + + + + + + """ } @@ -241,20 +225,16 @@ for (item in SubChildOptions.split(",")) { ${html_to_be_rendered} - - - - - - + + + + + """ - } break } - html_to_be_rendered = "${html_to_be_rendered}
-
-

-
-
(eg AD1,AD2,AD3)
-
-





(Leave empty if you need tool to generate the policy names)
- - -





(Leave empty for all subscribed regions)







(Leave empty to fetch from all compartments)
" - -return html_to_be_rendered \ No newline at end of file +return html_to_be_rendered diff --git a/jenkins_install/scriptler/scripts/MainOptions.groovy b/jenkins_install/scriptler/scripts/MainOptions.groovy index e3fe882fe..b5d6f0f84 100644 --- a/jenkins_install/scriptler/scripts/MainOptions.groovy +++ b/jenkins_install/scriptler/scripts/MainOptions.groovy @@ -15,7 +15,8 @@ return[ "Logging Services", "Software-Defined Data Centers - OCVS", "CIS Compliance Features", -"CD3 Services" +"CD3 Services", +"Utility Services (Not Maintained By CD3)" ] } else if(Workflow.toLowerCase().contains("export")) { diff --git a/jenkins_install/scriptler/scripts/SubChildOptions.groovy b/jenkins_install/scriptler/scripts/SubChildOptions.groovy index 8c5fd0377..20f167787 100644 --- a/jenkins_install/scriptler/scripts/SubChildOptions.groovy +++ b/jenkins_install/scriptler/scripts/SubChildOptions.groovy @@ -1,9 +1,10 @@ List sec_rules = ["SECURITY RULES:disabled","Export Security Rules (From OCI into SecRulesinOCI sheet)", "Add/Modify/Delete Security Rules (Reads SecRulesinOCI sheet)"] List route_rules = ["ROUTE RULES:disabled","Export Route Rules (From OCI into RouteRulesinOCI sheet)", "Add/Modify/Delete Route Rules (Reads RouteRulesinOCI sheet)"] -List firewall_policy = ["FIREWALL POLICY:disabled","Add/Modify/Delete Policy", "Add/Modify/Delete Service","Add/Modify/Delete Service-list","Add/Modify/Delete Application","Add/Modify/Delete Application-list","Add/Modify/Delete Address-list","Add/Modify/Delete Url-list","Add/Modify/Delete Security rules","Add/Modify/Delete Mapped Secrets","Add/Modify/Delete Decryption Rules","Add/Modify/Delete Decryption Profile"] +List firewall_policy = ["FIREWALL POLICY:disabled","Add/Modify Policy", "Add/Modify Service","Add/Modify Service-list","Add/Modify Application","Add/Modify Application-list","Add/Modify Address-list","Add/Modify Url-list","Add/Modify Security rules","Add/Modify Mapped Secrets","Add/Modify Decryption Rules","Add/Modify Decryption Profile"] List drg_route_rules = ["DRG ROUTE RULES:disabled","Export DRG Route Rules (From OCI into DRGRouteRulesinOCI sheet)", "Add/Modify/Delete DRG Route Rules (Reads DRGRouteRulesinOCI sheet)"] List nsg = ["NSGs:disabled","Export NSGs (From OCI into NSGs sheet)", "Add/Modify/Delete NSGs (Reads NSGs sheet)"] List cis = ["CIS:disabled","Download latest compliance checking script", "Execute compliance checking script"] +List showoci = ["SHOW OCI:disabled","Download Latest ShowOCI Script", "Execute ShowOCI Script"] List customer_connectivity = ["Connectivity:disabled","Create Remote Peering Connections"] List final_list = [] @@ -22,6 +23,9 @@ for (item in SubOptions.split(",")) { } if (item.equals("CIS Compliance Checking Script")){ final_list += cis + } + if (item.equals("ShowOCI Report")){ + final_list += showoci } if (item.equals("Add/Modify/Delete Firewall Policy")){ final_list += firewall_policy diff --git a/jenkins_install/scriptler/scripts/SubOptions.groovy b/jenkins_install/scriptler/scripts/SubOptions.groovy index 911185cc7..137bdecbc 100644 --- a/jenkins_install/scriptler/scripts/SubOptions.groovy +++ b/jenkins_install/scriptler/scripts/SubOptions.groovy @@ -10,8 +10,9 @@ List load_balancers = ["LOAD BALANCERS:disabled","Add/Modify/Delete Load List management_services = ["MANAGEMENT SERVICES:disabled","Add/Modify/Delete Notifications", "Add/Modify/Delete Events", "Add/Modify/Delete Alarms", "Add/Modify/Delete ServiceConnectors"] List developer_services = ["DEVELOPER SERVICES:disabled","Add/Modify/Delete OKE Cluster and Nodepools"] List logging_services = ["LOGGING SERVICES:disabled","Enable VCN Flow Logs", "Enable LBaaS Logs", "Enable Object Storage Buckets Write Logs"] -List cis = ["CIS:disabled","CIS Compliance Checking Script", "Create Key/Vault", "Create Default Budget", "Enable Cloud Guard"] +List cis = ["CIS:disabled","Create Key/Vault", "Create Default Budget", "Enable Cloud Guard"] List cd3_services = ["CD3 SERVICES:disabled","Fetch Compartments OCIDs to variables file", "Fetch Protocols to OCI_Protocols"] +List utility_services = ["UTILITY SERVICES:disabled","CIS Compliance Checking Script", "ShowOCI Report"] List ex_identity = ["IDENTITY:disabled","Export Compartments/Groups/Policies", "Export Users", "Export Network Sources"] List ex_network = ["NETWORK:disabled","Export all Network Components", "Export Network components for VCNs/DRGs/DRGRouteRulesinOCI Tabs", "Export Network components for DHCP Tab", "Export Network components for SecRulesinOCI Tab", "Export Network components for RouteRulesinOCI Tab", "Export Network components for SubnetsVLANs Tab", "Export Network components for NSGs Tab"] @@ -68,6 +69,9 @@ final_list += cis if (item.equals("CD3 Services")){ final_list += cd3_services } +if (item.equals("Utility Services (Not Maintained By CD3)")){ +final_list += utility_services +} if (item.equals("Export Identity")){ final_list += ex_identity } diff --git a/jenkins_install/scriptler/scripts/ValidateParams.groovy b/jenkins_install/scriptler/scripts/ValidateParams.groovy index 562deb0f6..92736d575 100644 --- a/jenkins_install/scriptler/scripts/ValidateParams.groovy +++ b/jenkins_install/scriptler/scripts/ValidateParams.groovy @@ -13,8 +13,9 @@ def validate_params(Workflow,MainOptions,SubOptions,SubChildOptions,AdditionalFi "Management Services":["Add/Modify/Delete Notifications", "Add/Modify/Delete Events", "Add/Modify/Delete Alarms", "Add/Modify/Delete ServiceConnectors"], "Developer Services":["Upload current terraform files/state to Resource Manager", "Add/Modify/Delete OKE Cluster and Nodepools"], "Logging Services":["Enable VCN Flow Logs", "Enable LBaaS Logs", "Enable Object Storage Buckets Write Logs"], - "CIS Compliance Features":["CIS Compliance Checking Script", "Create Key/Vault", "Create Default Budget", "Enable Cloud Guard"], - "CD3 Services":["Fetch Compartments OCIDs to variables file", "Fetch Protocols to OCI_Protocols"] + "CIS Compliance Features":["Create Key/Vault", "Create Default Budget", "Enable Cloud Guard"], + "CD3 Services":["Fetch Compartments OCIDs to variables file", "Fetch Protocols to OCI_Protocols"], + "Utility Services (Not Maintained By CD3)":["CIS Compliance Checking Script", "ShowOCI Report"] ] def non_gf_options_map = [ "Export Identity":["Export Compartments/Groups/Policies", "Export Users", "Export Network Sources"], diff --git a/jenkins_install/setUpOCI_config.xml b/jenkins_install/setUpOCI_config.xml index a5cb450cc..b4544b185 100644 --- a/jenkins_install/setUpOCI_config.xml +++ b/jenkins_install/setUpOCI_config.xml @@ -353,7 +353,7 @@ pipeline { if [ -e "$cd3_file" ]; then cp "$cd3_file" "$cd3_backup" fi - mv "$Excel_Template" "$cd3_file" + cp "$Excel_Template" "$cd3_file" sed -i "s|cd3file=.*|cd3file=${cd3_file}|g" $prop_file fi ''' @@ -392,6 +392,24 @@ pipeline { python setUpOCI.py --devops True --main_options "${MainOptions}" --sub_options "${SubOptions}" --sub_child_options "${SubChildOptions}" --add_filter "${AdditionalFilters}" $prop_file ''' + script { + // For latest CD3 XL file. + def latestXL = sh(returnStdout: true, script: ''' + set +x + ls -t /cd3user/tenancies/${customer_prefix}/*.xl* | head -n 1 + ''').trim() + + + echo "XL is ${latestXL}" + sh "rm -f *.xl*" + sh "cp '${latestXL}' ." + + } + } + } + post { + success { + archiveArtifacts '*.xl*' } } } @@ -408,7 +426,7 @@ pipeline { steps { catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { script { - def data = readFile(file: "/cd3user/tenancies/${customer_prefix}/terraform_files/import_scripts.safe") + def data = readFile(file: "/cd3user/tenancies/${customer_prefix}/terraform_files/.safe/import_scripts.safe") def lines = data.readLines() for (line in lines) { script_full_path = (line.replace('//','/')).split("/") @@ -464,7 +482,7 @@ pipeline { catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { script { def jobs = [] - def data = readFile(file: "/cd3user/tenancies/${customer_prefix}/terraform_files/updated_paths.safe") + def data = readFile(file: "/cd3user/tenancies/${customer_prefix}/terraform_files/.safe/updated_paths.safe") def lines = data.readLines() if (lines.size() == 0) { println("No terraform configuration file generated") @@ -484,6 +502,7 @@ pipeline { } } } + } true diff --git a/jenkins_install/singleOutput-tf-destroy.groovy b/jenkins_install/singleOutput-tf-destroy.groovy deleted file mode 100644 index 53ae54627..000000000 --- a/jenkins_install/singleOutput-tf-destroy.groovy +++ /dev/null @@ -1,149 +0,0 @@ -/* Set the various stages of the build */ -def tf_plan = "Changes" -pipeline { - agent any - options { - ansiColor('xterm') - } - environment { - CI = 'true' - } - stages { - stage('Terraform Destroy Plan') { - when { - expression { return env.GIT_BRANCH == 'origin/develop'; } - } - - steps { - catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { - script { - def jobName = env.JOB_NAME - def parts = jobName.split('/') - - // Assuming job name format is /job/job_name - def regionName = parts[1] - // Set environment variables for reuse - env.Region = regionName - - sh "cd \"${WORKSPACE}/${env.Region}\" && terraform init -upgrade" - - // Run Terraform plan - def terraformPlanOutput = sh(script: "cd \"${WORKSPACE}/${env.Region}\" && terraform plan -destroy", returnStdout: true).trim() - - // Check if the plan contains any changes - if (terraformPlanOutput.contains('No changes.')) { - echo 'No changes in Terraform plan. Skipping further stages.' - tf_plan = "No Changes" - } else { - // If there are changes, proceed with applying the plan - echo "Proceeding with apply. \n${terraformPlanOutput}" - - } - } - } - } - } - - stage('Get Approval') { - when { - allOf{ - expression { return env.GIT_BRANCH == 'origin/develop';} - expression { return tf_plan == "Changes" } - expression {return currentBuild.result != "FAILURE" } - } - } - input { - message "Do you want to perform terraform destroy?" - } - steps { - echo "Approval for the Terraform Destroy Granted!" - } - } - - stage('Terraform Destroy') { - when { - allOf{ - expression {return env.GIT_BRANCH == 'origin/develop';} - expression { return tf_plan == "Changes" } - expression {return currentBuild.result != "FAILURE" } - } - } - - steps { - catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { - script { - sh "cd \"${WORKSPACE}/${env.Region}\" && terraform destroy --auto-approve" - } - } - } - } - - - /** Main branch commit to keep changes in Sync **/ - stage('Commit To Main') { - when { - allOf { - expression { return env.GIT_BRANCH == 'origin/develop'; } - expression { return tf_plan == "Changes" } - expression { return currentBuild.result != "FAILURE" } - } - } - steps { - catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { - script { - def buildDir = "${WORKSPACE}/${BUILD_NUMBER}" - // Create a directory with the build number - sh "mkdir -p ${buildDir}" - - // Commit the changes to the main branch - dir(buildDir) { - sh """ - git clone ${GIT_URL} - cd \$(ls -d */|head -n 1) - git checkout main - cd "${env.Region}" - git pull --no-edit origin main - rm -f *.tfvars - git rm *.tfvars - git status - git add --all . - """ - - def git_status = false - while (!git_status) { - // Execute the git commands using shell - def gitResult = sh(script: """ - cd "\$(ls -d */|head -n 1)" - cd "${env.Region}" - ls -lrtha - git fetch origin main - git merge origin/main - git commit -m "commit for terraform-destroy build - ${BUILD_NUMBER} for "${env.Region} - - git push --porcelain origin main - """, returnStatus: true) - - if (gitResult == 0) { - git_status = true - } else { - echo "Git operation failed, retrying...." - sleep 3 // 3 seconds before retrying - } - } - - } - } - } - } - - post { - always { - // Delete the build directory and the temporary directory - deleteDir() - } - } - } - - - } -} diff --git a/jenkins_install/singleOutput.groovy b/jenkins_install/singleOutput.groovy deleted file mode 100644 index d68e7998a..000000000 --- a/jenkins_install/singleOutput.groovy +++ /dev/null @@ -1,165 +0,0 @@ -/* Set the various stages of the build */ -def tf_plan = "Changes" -pipeline { - agent any - options { - ansiColor('xterm') - } - stages { - stage('Terraform Plan') { - when { - expression { - return env.GIT_BRANCH == 'origin/develop'; - } - } - - steps { - catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { - script { - def jobName = env.JOB_NAME - def parts = jobName.split('/') - - // Assuming the job name format is /job/job_name - def regionName = parts[1] - - // Set environment variables for reuse in subsequent stages - env.Region = regionName - sh "cd \"${WORKSPACE}/${env.Region}\" && terraform init -upgrade" - - // Run Terraform plan and capture the output - def terraformPlanOutput = sh(script: "cd \"${WORKSPACE}/${env.Region}\" && terraform plan -out=tfplan.out", returnStdout: true).trim() - - // Check if the plan contains any changes - if (terraformPlanOutput.contains('No changes.')) { - echo 'No changes in Terraform plan. Skipping further stages.' - tf_plan = "No Changes" - } else { - // If there are changes, proceed with applying the plan - echo "Changes detected in Terraform plan. Proceeding with apply. \n${terraformPlanOutput}" - - } - } - } - } - } - /** OPA Stage **/ - stage('OPA') { - when { - allOf{ - expression { return env.GIT_BRANCH == 'origin/develop'} - expression { return tf_plan == "Changes" } - expression {return currentBuild.result != "ABORTED" } - expression {return currentBuild.result != "FAILURE" } - } - } - - steps { - catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { - script { - // Run Terraform show and capture the output - sh "set +x && cd \"${WORKSPACE}/${env.Region}\" && terraform show -json tfplan.out > tfplan.json" - // Run OPA eval - def opaOutput = sh(script: "opa eval -f pretty -b /cd3user/oci_tools/cd3_automation_toolkit/user-scripts/OPA/ -i \"${WORKSPACE}/${env.Region}/tfplan.json\" data.terraform.deny",returnStdout: true).trim() - - if (opaOutput == '[]') { - echo "No OPA rules are violated. Proceeding with the next stage." - } - else { - echo "OPA Output:\n${opaOutput}" - unstable(message:"OPA Rules are violated.") - } - } - } - } - } - - stage('Get Approval') { - when { - allOf{ - expression { return env.GIT_BRANCH == 'origin/develop'} - expression {return tf_plan == "Changes"} - expression {return currentBuild.result != "ABORTED" } - expression {return currentBuild.result != "FAILURE" } - } - } - - options { - timeout(time: 1440, unit: 'MINUTES') // 24hours - } - - steps { - script { - input message: "Do you want to apply the plan?" - echo "Approval for the Apply Granted!" - } - } - } - - stage('Terraform Apply') { - when { - allOf{ - expression { return env.GIT_BRANCH == 'origin/develop'} - expression {return tf_plan == "Changes"} - expression {return currentBuild.result != "ABORTED" } - expression {return currentBuild.result != "FAILURE" } - } - } - - steps { - catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { - script { - sh "cd \"${WORKSPACE}/${env.Region}\" && terraform apply --auto-approve tfplan.out" - } - } - } - } - stage('Git commit to main') { - when { - allOf{ - expression {return currentBuild.result != "ABORTED" } - expression {return currentBuild.result != "FAILURE" } - } - } - steps { - catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { - script { - try { - sh ''' - mkdir -p ${WORKSPACE}/../${BUILD_NUMBER} - cd ${WORKSPACE}/../${BUILD_NUMBER} - git clone ${GIT_URL} - repo_name=${GIT_URL##*/} - cd ${WORKSPACE}/../${BUILD_NUMBER}/${repo_name} - git checkout main - reg=`echo ${JOB_NAME}| cut -d "/" -f2` - copy_path=${reg} - cp -r ${WORKSPACE}/${copy_path}/* ${copy_path}/ - git add ${copy_path}* - git_status=`git status --porcelain` - if [[ $git_status ]];then - git commit -m "commit for terraform-apply build - ${BUILD_NUMBER} for "${reg} - git push origin main - else - echo "Nothing to commit" - fi - cd ${WORKSPACE}/.. - rm -rf ${WORKSPACE}/../${BUILD_NUMBER} - ''' - - } catch(Exception e1) { - println(e1) - sh ''' - cd ${WORKSPACE}/.. - rm -rf ${WORKSPACE}/../${BUILD_NUMBER} - exit 1 - ''' - - } - - } - } - } - } - } -} - diff --git a/jenkins_install/tf-apply.groovy b/jenkins_install/tf-apply.groovy new file mode 100644 index 000000000..0ed43ee6b --- /dev/null +++ b/jenkins_install/tf-apply.groovy @@ -0,0 +1,243 @@ +def tf_plan = "Changes" + +pipeline { + agent any + options { + ansiColor('xterm') + } + stages { + stage('Read Jenkins Properties File and Set Environment Variables') { + steps { + script { + def fileContent = readFile "${JENKINS_HOME}/jenkins.properties" + // Split file content into lines + def lines = fileContent.readLines() + + // Process each line to extract variable name and value + def variables = [:] + lines.each { line -> + def parts = line.split('=') + if (parts.size() == 2) { + variables[parts[0].trim()] = parts[1].trim() + } + } + + def variableOds = variables['outdir_structure'].toString().replaceAll("\\[|\\]", '').replaceAll('"', '') + env.out_str = "${variableOds}" + } + } + } + + stage('Terraform Plan') { + when { + expression { + return env.GIT_BRANCH == 'origin/develop'; + } + } + + steps { + catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { + script { + def jobName = env.JOB_NAME + def parts = jobName.split('/') + + if (env.out_str == 'Multiple_Outdir') { + // Assuming the job name format is /job//job/job_name + def regionName = parts[1] + def serviceName = parts[2] + + // Set environment variables for reuse in subsequent stages + env.Region = regionName + env.Service = serviceName + + sh "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform init -upgrade" + + // Run Terraform plan and capture the output + terraformPlanOutput = sh(script: "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform plan -out=tfplan.out", returnStdout: true).trim() + } else { + // Assuming the job name format is /job/job_name + def regionName = parts[1] + + // Set environment variables for reuse in subsequent stages + env.Region = regionName + sh "cd \"${WORKSPACE}/${env.Region}\" && terraform init -upgrade" + + // Run Terraform plan and capture the output + terraformPlanOutput = sh(script: "cd \"${WORKSPACE}/${env.Region}\" && terraform plan -out=tfplan.out", returnStdout: true).trim() + } + + // Check if the plan contains any changes + if (terraformPlanOutput.contains('No changes.')) { + echo 'No changes in Terraform plan. Skipping further stages.' + tf_plan = "No Changes" + } else { + // If there are changes, proceed with applying the plan + echo "Changes detected in Terraform plan. Proceeding with apply. \n${terraformPlanOutput}" + } + } + } + } + } + + // OPA Stage + stage('OPA') { + when { + allOf{ + expression { return env.GIT_BRANCH == 'origin/develop' } + expression { return tf_plan == "Changes" } + expression { return currentBuild.result != "ABORTED" } + expression { return currentBuild.result != "FAILURE" } + } + } + + steps { + catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { + script { + if (env.out_str == 'Multiple_Outdir') { + // Run Terraform show and capture the output + sh "set +x && cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform show -json tfplan.out > tfplan.json" + // Run OPA eval + opaOutput = sh(script: "opa eval -f pretty -b /cd3user/oci_tools/cd3_automation_toolkit/user-scripts/OPA/ -i \"${WORKSPACE}/${env.Region}/${env.Service}/tfplan.json\" data.terraform.deny", returnStdout: true).trim() + } else { + // Run Terraform show and capture the output + sh "set +x && cd \"${WORKSPACE}/${env.Region}\" && terraform show -json tfplan.out > tfplan.json" + // Run OPA eval + opaOutput = sh(script: "opa eval -f pretty -b /cd3user/oci_tools/cd3_automation_toolkit/user-scripts/OPA/ -i \"${WORKSPACE}/${env.Region}/tfplan.json\" data.terraform.deny", returnStdout: true).trim() + } + + if (opaOutput == '[]') { + echo "No OPA rules are violated. Proceeding with the next stage." + } else { + echo "OPA Output:\n${opaOutput}" + unstable(message: "OPA Rules are violated.") + } + } + } + } + } + + // Get Approval + stage('Get Approval') { + when { + allOf{ + expression { return env.GIT_BRANCH == 'origin/develop' } + expression { return tf_plan == "Changes" } + expression { return currentBuild.result != "ABORTED" } + expression { return currentBuild.result != "FAILURE" } + } + } + + options { + timeout(time: 1440, unit: 'MINUTES') // 24 hours timeout + } + + steps { + script { + input message: "Do you want to apply the plan?" + echo "Approval for the Apply Granted!" + } + } + } + + // Terraform Apply + stage('Terraform Apply') { + when { + allOf{ + expression { return env.GIT_BRANCH == 'origin/develop' } + expression { return tf_plan == "Changes" } + expression { return currentBuild.result != "ABORTED" } + expression { return currentBuild.result != "FAILURE" } + } + } + + steps { + catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { + script { + if (env.out_str == 'Multiple_Outdir') { + sh "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform apply --auto-approve tfplan.out" + } else { + sh "cd \"${WORKSPACE}/${env.Region}\" && terraform apply --auto-approve tfplan.out" + } + } + } + } + } + + // Git Commit to main + stage('Git Commit to main') { + when { + allOf{ + expression { return currentBuild.result != "ABORTED" } + expression { return currentBuild.result != "FAILURE" } + } + } + + steps { + catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { + script { + if (env.out_str == 'Multiple_Outdir') { + try { + sh ''' + set +x + mkdir -p ${WORKSPACE}/../${BUILD_NUMBER} + cd ${WORKSPACE}/../${BUILD_NUMBER} + git clone ${GIT_URL} + repo_name=${GIT_URL##*/} + cd ${WORKSPACE}/../${BUILD_NUMBER}/${repo_name} + git checkout main + reg=`echo ${JOB_NAME}| cut -d "/" -f2` + service=`echo ${JOB_NAME}| cut -d "/" -f3` + copy_path=${reg}/${service} + cp -r ${WORKSPACE}/${copy_path}/* ${copy_path}/ + git add ${copy_path}* + ''' + } catch(Exception e1) { + println(e1) + sh ''' + set +x + rm -rf ${WORKSPACE}/../${BUILD_NUMBER} + exit 1 + ''' + } + sh ''' + set +x + repo_name=${GIT_URL##*/} + reg=`echo ${JOB_NAME}| cut -d "/" -f2` + service=`echo ${JOB_NAME}| cut -d "/" -f3` + cd ${WORKSPACE}/../${BUILD_NUMBER}/${repo_name} + git_status=`git status --porcelain` + if [[ $git_status ]]; then + git commit -m "commit for terraform-apply build - ${BUILD_NUMBER} for "${reg}"/"${service} + else + echo "Nothing to commit" + fi + ''' + } else { + try { + sh ''' + mkdir -p ${WORKSPACE}/../${BUILD_NUMBER} + cd ${WORKSPACE}/../${BUILD_NUMBER} + git clone ${GIT_URL} + repo_name=${GIT_URL##*/} + cd ${WORKSPACE}/../${BUILD_NUMBER}/${repo_name} + git checkout main + reg=`echo ${JOB_NAME}| cut -d "/" -f2` + copy_path=${reg} + cp -r ${WORKSPACE}/${copy_path}/* ${copy_path}/ + git add ${copy_path}* + ''' + } catch(Exception e1) { + println(e1) + sh ''' + cd ${WORKSPACE}/.. + rm -rf ${WORKSPACE}/../${BUILD_NUMBER} + exit 1 + ''' + } + } + } + } + } + } + } +} diff --git a/jenkins_install/tf-destroy.groovy b/jenkins_install/tf-destroy.groovy new file mode 100644 index 000000000..c43f848fc --- /dev/null +++ b/jenkins_install/tf-destroy.groovy @@ -0,0 +1,228 @@ +/* Set the various stages of the build */ +def tf_plan = "Changes" + +pipeline { + agent any + options { + ansiColor('xterm') + } + stages { + stage('Read Jenkins Properties File and Set Environment Variables') { + steps { + script { + def fileContent = readFile "${JENKINS_HOME}/jenkins.properties" + // Split file content into lines + def lines = fileContent.readLines() + + // Process each line to extract variable name and value + def variables = [:] + lines.each { line -> + def parts = line.split('=') + if (parts.size() == 2) { + variables[parts[0].trim()] = parts[1].trim() + } + } + + def variableOds = variables['outdir_structure'].toString().replaceAll("\\[|\\]", '').replaceAll('"', '') + env.out_str = "${variableOds}" + } + } + } + + stage('Terraform Destroy Plan') { + when { + expression { return env.GIT_BRANCH == 'origin/develop';} + } + + steps { + catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { + script { + def jobName = env.JOB_NAME + def parts = jobName.split('/') + + if (env.out_str == 'Multiple_Outdir') { + // Assuming the job name format is /job//job/job_name + def regionName = parts[1] + def serviceName = parts[2] + + // Set environment variables for reuse in subsequent stages + env.Region = regionName + env.Service = serviceName + + sh "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform init -upgrade" + //sh "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform plan -destroy" + + // Run Terraform plan + terraformPlanOutput = sh(script: "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform plan -destroy", returnStdout: true).trim() + } else { + // Assuming job name format is /job/job_name + def regionName = parts[1] + // Set environment variables for reuse + env.Region = regionName + + sh "cd \"${WORKSPACE}/${env.Region}\" && terraform init -upgrade" + + // Run Terraform plan + terraformPlanOutput = sh(script: "cd \"${WORKSPACE}/${env.Region}\" && terraform plan -destroy", returnStdout: true).trim() + } + + // Check if the plan contains any changes + if (terraformPlanOutput.contains('No changes.')) { + echo 'No changes in Terraform plan. Skipping further stages.' + tf_plan = "No Changes" + } else { + // If there are changes, proceed with applying the plan + echo "Proceeding with destroy. \n${terraformPlanOutput}" + } + } + } + } + } + + /** Approval for Terraform Apply **/ + stage('Get Approval') { + when { + allOf { + expression {return env.GIT_BRANCH == 'origin/develop'; } + expression {return tf_plan == "Changes" } + expression {return currentBuild.result != "FAILURE" } + } + } + input { + message "Do you want to perform terraform destroy?" + } + steps { + echo "Approval for the Destroy Granted!" + } + } + + stage('Terraform Destroy') { + when { + allOf { + expression {return env.GIT_BRANCH == 'origin/develop'; } + expression {return tf_plan == "Changes" } + expression {return currentBuild.result != "FAILURE" } + } + } + + steps { + catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { + script { + if (env.out_str == 'Multiple_Outdir') { + sh "cd \"${WORKSPACE}/${env.Region}/${env.Service}\" && terraform destroy --auto-approve" + } else { + sh "cd \"${WORKSPACE}/${env.Region}\" && terraform destroy --auto-approve" + } + } + } + } + } + + /** Main branch commit to keep changes in Sync **/ + stage('Commit To Main') { + when { + allOf { + expression { return env.GIT_BRANCH == 'origin/develop'; } + expression { return tf_plan == "Changes" } + expression { return currentBuild.result != "FAILURE" } + } + } + steps { + catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { + script { + if (env.out_str == 'Multiple_Outdir') { + def buildDir = "${WORKSPACE}/${BUILD_NUMBER}" + // Create directory with build number + sh "mkdir -p ${buildDir}" + + // Commit changes to the main branch + dir(buildDir) { + sh """ + git clone ${GIT_URL} + cd \$(ls -d */|head -n 1) + git checkout main + ls -lrtha + cd "${env.Region}/${env.Service}" + git pull --no-edit origin main + rm -f *.tfvars + git rm *.tfvars + git status + git add --all . + """ + + def git_status = false + while (!git_status) { + // Execute the git commands using shell + def gitResult = sh(script: """ + cd "\$(ls -d */|head -n 1)" + cd "${env.Region}/${env.Service}" + git fetch origin main + git merge origin/main + git commit -m "commit for terraform-destroy build - ${BUILD_NUMBER} for "${env.Region}"/"${env.Service} + + git push --porcelain origin main + """, returnStatus: true) + + if (gitResult == 0) { + git_status = true + } else { + echo "Git operation failed, retrying...." + sleep 3 // 3 seconds before retrying + } + } + } + } else { + def buildDir = "${WORKSPACE}/${BUILD_NUMBER}" + // Create a directory with the build number + sh "mkdir -p ${buildDir}" + + // Commit the changes to the main branch + dir(buildDir) { + sh """ + git clone ${GIT_URL} + cd \$(ls -d */|head -n 1) + git checkout main + cd "${env.Region}" + git pull --no-edit origin main + rm -f *.tfvars + git rm *.tfvars + git status + git add --all . + """ + + def git_status = false + while (!git_status) { + // Execute the git commands using shell + def gitResult = sh(script: """ + cd "\$(ls -d */|head -n 1)" + cd "${env.Region}" + ls -lrtha + git fetch origin main + git merge origin/main + git commit -m "commit for terraform-destroy build - ${BUILD_NUMBER} for "${env.Region} + + git push --porcelain origin main + """, returnStatus: true) + + if (gitResult == 0) { + git_status = true + } else { + echo "Git operation failed, retrying...." + sleep 3 // 3 seconds before retrying + } + } + } + } + } + } + } + + post { + always { + // Delete the build directory and the temporary directory + deleteDir() + } + } + } + } +} From 86ab16fb62836350c066bc9017c2bfc603b12897 Mon Sep 17 00:00:00 2001 From: Suruchi Date: Thu, 18 Apr 2024 23:54:20 +0530 Subject: [PATCH 02/26] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 00679df88..d43c50b5d 100755 --- a/README.md +++ b/README.md @@ -20,7 +20,7 @@ Additionally, the toolkit also supports seamless resource management using OCI D 🚀 Click the below button to quickly launch CD3 toolkit container in Oracle Cloud and start managing your Infra as Code.
-[![Deploy_To_OCI](https://oci-resourcemanager-plugin.plugins.oci.oraclecloud.com/latest/deploy-to-oracle-cloud.svg)](https://cloud.oracle.com/resourcemanager/stacks/create?zipUrl=https://github.com/oracle-devrel/cd3-automation-toolkit/archive/refs/heads/main.zip) +[![Deploy_To_OCI](https://oci-resourcemanager-plugin.plugins.oci.oraclecloud.com/latest/deploy-to-oracle-cloud.svg)](https://cloud.oracle.com/resourcemanager/stacks/create?zipUrl=https://github.com/oracle-devrel/cd3-automation-toolkit/archive/refs/heads/develop.zip)
From ec8bbb7ac991161044e0dabd6f273651789b130b Mon Sep 17 00:00:00 2001 From: bhlohumi Date: Fri, 19 Apr 2024 00:11:00 +0530 Subject: [PATCH 03/26] Automation Toolkit Release v2024.2.1 --- .../create_terraform_compartments.py | 2 +- .../export_network_nonGreenField.py | 2 +- .../templates/rpc-root-terraform-template | 4 +- cd3_automation_toolkit/Release-Notes | 5 +- .../user-scripts/terraform/adb.tf | 10 +- .../user-scripts/terraform/block-volume.tf | 8 +- .../user-scripts/terraform/budget.tf | 6 +- .../user-scripts/terraform/cloud-guard.tf | 6 +- .../user-scripts/terraform/database-exacs.tf | 22 ++--- .../user-scripts/terraform/dbsystem-vm-bm.tf | 10 +- .../terraform/dedicated-vm-host.tf | 2 +- .../user-scripts/terraform/dns.tf | 34 +++---- .../user-scripts/terraform/firewall.tf | 16 +-- .../user-scripts/terraform/fss.tf | 20 ++-- .../user-scripts/terraform/identity.tf | 16 +-- .../user-scripts/terraform/instance.tf | 16 +-- .../user-scripts/terraform/kms.tf | 4 +- .../user-scripts/terraform/loadbalancer.tf | 40 ++++---- .../terraform/managementservices.tf | 16 +-- .../modules/compute/instance/data.tf | 16 +-- .../modules/compute/instance/main.tf | 10 +- .../terraform/modules/database/adb/data.tf | 2 +- .../modules/database/dbsystem-vm-bm/data.tf | 2 +- .../modules/database/exa-vmcluster/data.tf | 4 +- .../modules/identity/iam-user/main.tf | 2 +- .../loadbalancer/lb-load-balancer/data.tf | 2 +- .../loadbalancer/lb-load-balancer/main.tf | 2 +- .../modules/managementservices/alarm/main.tf | 1 + .../modules/managementservices/event/main.tf | 2 +- .../network/default-route-table/main.tf | 18 ++-- .../drg-route-distribution-statement/main.tf | 2 +- .../modules/network/route-table/main.tf | 18 ++-- .../terraform/modules/network/subnet/main.tf | 2 +- .../terraform/modules/network/vlan/data.tf | 2 +- .../modules/networkloadbalancer/nlb/data.tf | 2 +- .../terraform/modules/oke/cluster/data.tf | 2 +- .../terraform/modules/oke/cluster/main.tf | 2 +- .../terraform/modules/oke/nodepool/data.tf | 4 +- .../security/firewall/address-list/data.tf | 2 +- .../firewall/application-group/data.tf | 2 +- .../security/firewall/application/data.tf | 2 +- .../firewall/decryption-profile/data.tf | 2 +- .../firewall/decryption-rules/data.tf | 2 +- .../security/firewall/firewall/data.tf | 2 +- .../security/firewall/security-rules/data.tf | 2 +- .../security/firewall/service-list/data.tf | 2 +- .../modules/security/firewall/service/data.tf | 2 +- .../security/firewall/url-list/data.tf | 2 +- .../modules/storage/block-volume/main.tf | 2 +- .../storage/file-storage/mount-target/data.tf | 2 +- .../user-scripts/terraform/network.tf | 98 +++++++++---------- .../terraform/networkloadbalancer.tf | 26 ++--- .../user-scripts/terraform/nsg.tf | 6 +- .../user-scripts/terraform/object-storage.tf | 10 +- .../user-scripts/terraform/oke.tf | 28 +++--- .../user-scripts/terraform/sddc.tf | 34 +++---- .../user-scripts/terraform/seclist.tf | 8 +- .../user-scripts/terraform/tagging.tf | 8 +- .../user-scripts/terraform/vlan.tf | 12 +-- 59 files changed, 295 insertions(+), 293 deletions(-) diff --git a/cd3_automation_toolkit/Identity/Compartments/create_terraform_compartments.py b/cd3_automation_toolkit/Identity/Compartments/create_terraform_compartments.py index dc9fd35e2..1a89d0cab 100644 --- a/cd3_automation_toolkit/Identity/Compartments/create_terraform_compartments.py +++ b/cd3_automation_toolkit/Identity/Compartments/create_terraform_compartments.py @@ -243,7 +243,7 @@ def travel(parent, keys, values, c): oname[reg].close() print(outfile[reg] + " for Compartments has been created for region " + reg) - fetch_comp_file = f'{outdir}/fetchcompinfo.safe' + fetch_comp_file = f'{outdir}/.safe/fetchcompinfo.safe' with open(fetch_comp_file, 'w') as f: f.write('run_fetch_script=1') f.close() diff --git a/cd3_automation_toolkit/Network/BaseNetwork/export_network_nonGreenField.py b/cd3_automation_toolkit/Network/BaseNetwork/export_network_nonGreenField.py index 14803911f..9688c6a71 100644 --- a/cd3_automation_toolkit/Network/BaseNetwork/export_network_nonGreenField.py +++ b/cd3_automation_toolkit/Network/BaseNetwork/export_network_nonGreenField.py @@ -407,7 +407,7 @@ def get_comp_details(comp_data): importCommands_rpc["global"].write( "\nterraform import \"module.rpcs[\\\"" + rpc_tf_name + f"\\\"].oci_core_remote_peering_connection.{source_region.lower()}_{region.lower()}_accepter_rpc[\\\"region\\\"]\" " + str( dest_rpc_id)) - + importCommands_rpc["global"].write("\nterraform plan") for col_header in values_for_column: if col_header == 'Region': values_for_column[col_header].append(source_region) diff --git a/cd3_automation_toolkit/Network/Global/templates/rpc-root-terraform-template b/cd3_automation_toolkit/Network/Global/templates/rpc-root-terraform-template index c83516c58..0f45d6ff8 100644 --- a/cd3_automation_toolkit/Network/Global/templates/rpc-root-terraform-template +++ b/cd3_automation_toolkit/Network/Global/templates/rpc-root-terraform-template @@ -8,8 +8,8 @@ module "rpcs" { source = "../modules/rpc" for_each = var.drg_other_attachments - requester_compartment_id = each.value.requester_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.requester_compartment_id)) > 0 ? each.value.requester_compartment_id : var.compartment_ocids[each.value.requester_compartment_id]) : null - accepter_compartment_id = each.value.accepter_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.accepter_compartment_id)) > 0 ? each.value.accepter_compartment_id : var.compartment_ocids[each.value.accepter_compartment_id]) : null + requester_compartment_id = each.value.requester_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.requester_compartment_id)) > 0 ? each.value.requester_compartment_id : var.compartment_ocids[each.value.requester_compartment_id]) : null + accepter_compartment_id = each.value.accepter_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.accepter_compartment_id)) > 0 ? each.value.accepter_compartment_id : var.compartment_ocids[each.value.accepter_compartment_id]) : null display_name = each.value.display_name #Requester diff --git a/cd3_automation_toolkit/Release-Notes b/cd3_automation_toolkit/Release-Notes index ee3499bb4..29e249446 100644 --- a/cd3_automation_toolkit/Release-Notes +++ b/cd3_automation_toolkit/Release-Notes @@ -5,8 +5,9 @@ Apr 30, 2024 1. Download latest Excel Sheet using Jenkins. 2. Docker Image upgrade to OL9 and upgrade of other softwares also. 3. Dropdowns for Region and Compartment while running setUpOCI using Jenkins. -4. Fix Image OCIDs for OCI Work VM deployment using RM stack. -5. Review of existing terraform modules. +4. Take out Security List from Network stack. +5. Fix Image OCIDs for OCI Work VM deployment using RM stack. +6. Review of existing terraform modules. ------------------------------------- CD3 Automation Toolkit Tag v2024.2.0 diff --git a/cd3_automation_toolkit/user-scripts/terraform/adb.tf b/cd3_automation_toolkit/user-scripts/terraform/adb.tf index 0b02ae7d8..4de7e4bd0 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/adb.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/adb.tf @@ -8,7 +8,7 @@ data "oci_core_subnets" "oci_subnets_adb" { # depends_on = [module.subnets] # Uncomment to create Network and FSS together #for_each = var.adb != null ? var.adb : {} for_each = { for k, v in var.adb : k => v if v.vcn_name != null } - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.subnet_id vcn_id = data.oci_core_vcns.oci_vcns_adb[each.key].virtual_networks.*.id[0] } @@ -17,7 +17,7 @@ data "oci_core_vcns" "oci_vcns_adb" { # depends_on = [module.vcns] # Uncomment to create Network and FSS together #for_each = var.adb != null ? var.adb : {} for_each = { for k, v in var.adb : k => v if v.vcn_name != null } - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.vcn_name } @@ -27,7 +27,7 @@ module "adb" { # depends_on = [module.vcns, module.subnets] admin_password = each.value.admin_password character_set = each.value.character_set - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null cpu_core_count = each.value.cpu_core_count database_edition = each.value.database_edition data_storage_size_in_tbs = each.value.data_storage_size_in_tbs @@ -39,10 +39,10 @@ module "adb" { license_model = each.value.license_model ncharacter_set = each.value.ncharacter_set customer_contacts = each.value.customer_contacts - network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null + network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null network_security_group_ids = each.value.nsg_ids freeform_tags = each.value.freeform_tags - subnet_id = each.value.subnet_id != null ? (length(regexall("ocid1.subnet.oc1*", each.value.subnet_id)) > 0 ? each.value.subnet_id : data.oci_core_subnets.oci_subnets_adb[each.key].subnets.*.id[0]) : null + subnet_id = each.value.subnet_id != null ? (length(regexall("ocid1.subnet.oc*", each.value.subnet_id)) > 0 ? each.value.subnet_id : data.oci_core_subnets.oci_subnets_adb[each.key].subnets.*.id[0]) : null vcn_name = each.value.vcn_name != null ? each.value.vcn_name : null whitelisted_ips = each.value.whitelisted_ips diff --git a/cd3_automation_toolkit/user-scripts/terraform/block-volume.tf b/cd3_automation_toolkit/user-scripts/terraform/block-volume.tf index 687da5401..aae80e87f 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/block-volume.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/block-volume.tf @@ -8,7 +8,7 @@ data "oci_core_instances" "instance" { depends_on = [module.instances] for_each = var.blockvolumes != null ? var.blockvolumes : {} - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null display_name = one(each.value.attach_to_instance) state = "RUNNING" } @@ -18,10 +18,10 @@ module "block-volumes" { source = "./modules/storage/block-volume" for_each = var.blockvolumes != null ? var.blockvolumes : {} attachment_type = each.value.attachment_type - attach_to_instance = each.value.attach_to_instance != null ? length(regexall("ocid1.instance.oc1*", each.value.attach_to_instance)) > 0 ? each.value.attach_to_instance : merge(module.instances.*...)[each.value.attach_to_instance]["instance_tf_id"] : null + attach_to_instance = each.value.attach_to_instance != null ? length(regexall("ocid1.instance.oc*", each.value.attach_to_instance)) > 0 ? each.value.attach_to_instance : merge(module.instances.*...)[each.value.attach_to_instance]["instance_tf_id"] : null #attach_to_instance = length(each.value.attach_to_instance) > 0 ? [data.oci_core_instances.instance[each.value.display_name].instances[0].id] : [] availability_domain = each.value.availability_domain != "" && each.value.availability_domain != null ? data.oci_identity_availability_domains.availability_domains.availability_domains[each.value.availability_domain].name : null - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null vpus_per_gb = each.value.vpus_per_gb != null ? each.value.vpus_per_gb : null device = each.value.device defined_tags = each.value.defined_tags @@ -31,7 +31,7 @@ module "block-volumes" { kms_key_id = each.value.kms_key_id size_in_gbs = each.value.size_in_gbs != null ? each.value.size_in_gbs : null block_tf_policy = each.value.backup_policy != null ? each.value.backup_policy : null - policy_tf_compartment_id = each.value.policy_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.policy_compartment_id)) > 0 ? each.value.policy_compartment_id : var.compartment_ocids[each.value.policy_compartment_id]) : null + policy_tf_compartment_id = each.value.policy_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.policy_compartment_id)) > 0 ? each.value.policy_compartment_id : var.compartment_ocids[each.value.policy_compartment_id]) : null #Volume Attachment Optional Params diff --git a/cd3_automation_toolkit/user-scripts/terraform/budget.tf b/cd3_automation_toolkit/user-scripts/terraform/budget.tf index d6d83c0e0..9a3da67a2 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/budget.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/budget.tf @@ -11,7 +11,7 @@ module "budgets" { #Required amount = each.value.amount - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : var.tenancy_ocid + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : var.tenancy_ocid reset_period = each.value.reset_period != null ? each.value.reset_period : "MONTHLY" #Optional @@ -21,7 +21,7 @@ module "budgets" { defined_tags = each.value.defined_tags freeform_tags = each.value.freeform_tags processing_period_type = each.value.processing_period_type - #target_compartment_id = each.value.target_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.target_compartment_id)) > 0 ? each.value.target_compartment_id : var.compartment_ocids[each.value.target_compartment_id]) : null + #target_compartment_id = each.value.target_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.target_compartment_id)) > 0 ? each.value.target_compartment_id : var.compartment_ocids[each.value.target_compartment_id]) : null target_type = each.value.target_type targets = each.value.targets != null ? [var.compartment_ocids[flatten([for targets in each.value.targets : targets])[0]]] : [] @@ -32,7 +32,7 @@ module "budget-alert-rules" { for_each = var.budget_alert_rules != null ? var.budget_alert_rules : {} #Required - budget_id = each.value.budget_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.budget_id)) > 0 ? each.value.budget_id : merge(module.budgets.*...)[each.value.budget_id]["budget_tf_id"]) : null + budget_id = each.value.budget_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.budget_id)) > 0 ? each.value.budget_id : merge(module.budgets.*...)[each.value.budget_id]["budget_tf_id"]) : null threshold = each.value.threshold threshold_type = each.value.threshold_type type = each.value.type diff --git a/cd3_automation_toolkit/user-scripts/terraform/cloud-guard.tf b/cd3_automation_toolkit/user-scripts/terraform/cloud-guard.tf index 8f9a368f3..352a087c7 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/cloud-guard.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/cloud-guard.tf @@ -10,7 +10,7 @@ module "cloud-guard-configurations" { for_each = var.cloud_guard_configs != null ? var.cloud_guard_configs : {} #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : var.tenancy_ocid + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : var.tenancy_ocid reporting_region = each.value.reporting_region status = each.value.status @@ -25,9 +25,9 @@ module "cloud-guard-targets" { depends_on = [module.cloud-guard-configurations] #Required tenancy_ocid = var.tenancy_ocid - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : var.tenancy_ocid + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : var.tenancy_ocid display_name = each.value.display_name - target_resource_id = each.value.target_resource_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.target_resource_id)) > 0 ? each.value.target_resource_id : var.compartment_ocids[each.value.target_resource_id]) : each.value.target_resource_id + target_resource_id = each.value.target_resource_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.target_resource_id)) > 0 ? each.value.target_resource_id : var.compartment_ocids[each.value.target_resource_id]) : each.value.target_resource_id target_resource_type = each.value.target_resource_type != null ? each.value.target_resource_type : "COMPARTMENT" prefix = each.value.prefix diff --git a/cd3_automation_toolkit/user-scripts/terraform/database-exacs.tf b/cd3_automation_toolkit/user-scripts/terraform/database-exacs.tf index 0c2f381ec..7dfc1583d 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/database-exacs.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/database-exacs.tf @@ -8,7 +8,7 @@ data "oci_core_subnets" "oci_exacs_subnets" { # depends_on = [module.subnets] # Uncomment to create Network and Instances together for_each = var.exa_vmclusters != null ? var.exa_vmclusters : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.cluster_subnet_id vcn_id = data.oci_core_vcns.oci_exacs_vcns[each.key].virtual_networks.*.id[0] } @@ -16,7 +16,7 @@ data "oci_core_subnets" "oci_exacs_subnets" { data "oci_core_subnets" "oci_exacs_backup_subnets" { # depends_on = [module.subnets] # Uncomment to create Network and Instances together for_each = var.exa_vmclusters != null ? var.exa_vmclusters : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.backup_subnet_id vcn_id = data.oci_core_vcns.oci_exacs_vcns[each.key].virtual_networks.*.id[0] } @@ -24,7 +24,7 @@ data "oci_core_subnets" "oci_exacs_backup_subnets" { data "oci_core_vcns" "oci_exacs_vcns" { # depends_on = [module.vcns] # Uncomment to create Network and Instances together for_each = var.exa_vmclusters != null ? var.exa_vmclusters : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.vcn_name } @@ -32,7 +32,7 @@ module "exa-infra" { source = "./modules/database/exa-infra" for_each = var.exa_infra != null ? var.exa_infra : {} availability_domain = each.value.availability_domain != "" && each.value.availability_domain != null ? data.oci_identity_availability_domains.availability_domains.availability_domains[each.value.availability_domain].name : "" - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null display_name = each.value.display_name shape = each.value.shape compute_count = each.value.compute_count @@ -61,19 +61,19 @@ module "exa-vmclusters" { source = "./modules/database/exa-vmcluster" for_each = var.exa_vmclusters != null ? var.exa_vmclusters : {} - backup_subnet_id = each.value.backup_subnet_id != "" ? (length(regexall("ocid1.subnet.oc1*", each.value.backup_subnet_id)) > 0 ? each.value.backup_subnet_id : data.oci_core_subnets.oci_exacs_backup_subnets[each.key].subnets.*.id[0]) : null - exadata_infrastructure_id = length(regexall("ocid1.cloudexadatainfrastructure.oc1*", each.value.exadata_infrastructure_id)) > 0 ? each.value.exadata_infrastructure_id : merge(module.exa-infra.*...)[each.value.exadata_infrastructure_id].exainfra_tf_id + backup_subnet_id = each.value.backup_subnet_id != "" ? (length(regexall("ocid1.subnet.oc*", each.value.backup_subnet_id)) > 0 ? each.value.backup_subnet_id : data.oci_core_subnets.oci_exacs_backup_subnets[each.key].subnets.*.id[0]) : null + exadata_infrastructure_id = length(regexall("ocid1.cloudexadatainfrastructure.oc*", each.value.exadata_infrastructure_id)) > 0 ? each.value.exadata_infrastructure_id : merge(module.exa-infra.*...)[each.value.exadata_infrastructure_id].exainfra_tf_id cpu_core_count = each.value.cpu_core_count display_name = each.value.display_name - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null gi_version = each.value.gi_version hostname = each.value.hostname #ssh_public_keys = length(regexall("ssh-rsa*",each.value.ssh_public_key)) > 0 ? each.value.ssh_public_key : var.ssh_public_key ssh_public_keys = lookup(var.exacs_ssh_keys, each.value.ssh_public_keys, var.exacs_ssh_keys["ssh_public_key"]) - // cluster_subnet_id = length(regexall("ocid1.subnet.oc1*", each.value.cluster_subnet_id)) > 0 ? each.value.cluster_subnet_id : merge(module.subnets.*...)[each.value.cluster_subnet_id]["subnet_tf_id"] - network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null + // cluster_subnet_id = length(regexall("ocid1.subnet.oc*", each.value.cluster_subnet_id)) > 0 ? each.value.cluster_subnet_id : merge(module.subnets.*...)[each.value.cluster_subnet_id]["subnet_tf_id"] + network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null vcn_names = [each.value.vcn_name] - cluster_subnet_id = each.value.cluster_subnet_id != "" ? (length(regexall("ocid1.subnet.oc1*", each.value.cluster_subnet_id)) > 0 ? each.value.cluster_subnet_id : data.oci_core_subnets.oci_exacs_subnets[each.key].subnets.*.id[0]) : null + cluster_subnet_id = each.value.cluster_subnet_id != "" ? (length(regexall("ocid1.subnet.oc*", each.value.cluster_subnet_id)) > 0 ? each.value.cluster_subnet_id : data.oci_core_subnets.oci_exacs_subnets[each.key].subnets.*.id[0]) : null backup_network_nsg_ids = each.value.backup_network_nsg_ids != null ? each.value.backup_network_nsg_ids : [] cluster_name = each.value.cluster_name data_storage_percentage = each.value.data_storage_percentage @@ -87,7 +87,7 @@ module "exa-vmclusters" { is_local_backup_enabled = each.value.is_local_backup_enabled is_sparse_diskgroup_enabled = each.value.is_sparse_diskgroup_enabled license_model = each.value.license_model - // nsg_ids = each.value.nsg_ids != null ? [for nsg in each.value.nsg_ids : length(regexall("ocid1.networksecuritygroup.oc1*", nsg)) > 0 ? nsg : merge(module.nsgs.*...)[nsg]["nsg_tf_id"]] : null + // nsg_ids = each.value.nsg_ids != null ? [for nsg in each.value.nsg_ids : length(regexall("ocid1.networksecuritygroup.oc*", nsg)) > 0 ? nsg : merge(module.nsgs.*...)[nsg]["nsg_tf_id"]] : null nsg_ids = each.value.nsg_ids != null ? each.value.nsg_ids : [] ocpu_count = each.value.ocpu_count scan_listener_port_tcp = each.value.scan_listener_port_tcp diff --git a/cd3_automation_toolkit/user-scripts/terraform/dbsystem-vm-bm.tf b/cd3_automation_toolkit/user-scripts/terraform/dbsystem-vm-bm.tf index 1573c85e7..499c6c635 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/dbsystem-vm-bm.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/dbsystem-vm-bm.tf @@ -7,7 +7,7 @@ data "oci_core_subnets" "oci_dbsystems_subnets" { # depends_on = [module.subnets] # Uncomment to create Network and Instances together for_each = var.dbsystems_vm_bm != null ? var.dbsystems_vm_bm : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.subnet_id vcn_id = data.oci_core_vcns.oci_dbsystems_vcns[each.key].virtual_networks.*.id[0] } @@ -15,7 +15,7 @@ data "oci_core_subnets" "oci_dbsystems_subnets" { data "oci_core_vcns" "oci_dbsystems_vcns" { # depends_on = [module.vcns] # Uncomment to create Network and Instances together for_each = var.dbsystems_vm_bm != null ? var.dbsystems_vm_bm : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.vcn_name } @@ -24,7 +24,7 @@ module "dbsystems-vm-bm" { for_each = var.dbsystems_vm_bm != null ? var.dbsystems_vm_bm : {} availability_domain = each.value.availability_domain != "" && each.value.availability_domain != null ? data.oci_identity_availability_domains.availability_domains.availability_domains[each.value.availability_domain].name : "" - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null hostname = each.value.hostname display_name = each.value.display_name db_version = each.value.db_version @@ -32,9 +32,9 @@ module "dbsystems-vm-bm" { shape = each.value.shape #ssh_public_key = length(regexall("ssh-rsa*",each.value.ssh_public_key)) > 0 ? each.value.ssh_public_key : var.ssh_public_key ssh_public_keys = lookup(var.dbsystem_ssh_keys, each.value.ssh_public_keys, var.dbsystem_ssh_keys["ssh_public_key"]) - network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null + network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null vcn_names = [each.value.vcn_name] - subnet_id = each.value.subnet_id != "" ? (length(regexall("ocid1.subnet.oc1*", each.value.subnet_id)) > 0 ? each.value.subnet_id : data.oci_core_subnets.oci_dbsystems_subnets[each.key].subnets.*.id[0]) : null + subnet_id = each.value.subnet_id != "" ? (length(regexall("ocid1.subnet.oc*", each.value.subnet_id)) > 0 ? each.value.subnet_id : data.oci_core_subnets.oci_dbsystems_subnets[each.key].subnets.*.id[0]) : null node_count = each.value.node_count nsg_ids = each.value.nsg_ids != null ? each.value.nsg_ids : [] diff --git a/cd3_automation_toolkit/user-scripts/terraform/dedicated-vm-host.tf b/cd3_automation_toolkit/user-scripts/terraform/dedicated-vm-host.tf index 4e88ac0ae..74eb287de 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/dedicated-vm-host.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/dedicated-vm-host.tf @@ -10,7 +10,7 @@ module "dedicated-hosts" { for_each = var.dedicated_hosts != null ? var.dedicated_hosts : {} availability_domain = each.value.availability_domain != null ? data.oci_identity_availability_domains.availability_domains.availability_domains[each.value.availability_domain].name : null - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null defined_tags = each.value.defined_tags freeform_tags = each.value.freeform_tags vm_host_shape = each.value.vm_host_shape diff --git a/cd3_automation_toolkit/user-scripts/terraform/dns.tf b/cd3_automation_toolkit/user-scripts/terraform/dns.tf index caa513c18..0e0a82a4a 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/dns.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/dns.tf @@ -11,7 +11,7 @@ data "oci_core_vcn_dns_resolver_association" "resolver_vcn_dns_resolver_associat data "oci_core_vcns" "resolver_oci_vcns" { # depends_on = [module.vcns] # Uncomment to create resolver and vcn together for_each = var.resolvers != null ? var.resolvers : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.vcn_name } @@ -35,7 +35,7 @@ locals { data "oci_core_subnets" "resolver_oci_subnets" { # depends_on = [module.subnets] # Uncomment to create resolver and subnets together for_each = { for sn in local.subnets : "${sn.endpoint_name}_${sn.subnet_name}" => sn } - compartment_id = length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.subnet_name vcn_id = data.oci_core_vcns.resolver_oci_vcns[each.value.resolver_key].virtual_networks.*.id[0] } @@ -58,7 +58,7 @@ locals { } data "oci_core_network_security_groups" "resolver_network_security_groups" { for_each = { for nsg in local.nsgs : "${nsg.endpoint_name}_${nsg.nsg_name}" => nsg } - compartment_id = length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.nsg_name vcn_id = data.oci_core_vcns.resolver_oci_vcns[each.value.resolver_key].virtual_networks.*.id[0] } @@ -79,7 +79,7 @@ locals { data "oci_dns_views" "resolver_views_data" { #Required for_each = { for rv in local.resolver_views : "${rv.view_key}" => rv } - compartment_id = length(regexall("ocid1.compartment.oc1*", each.value.view_compartment)) > 0 ? each.value.view_compartment : var.compartment_ocids[each.value.view_compartment] + compartment_id = length(regexall("ocid1.compartment.oc*", each.value.view_compartment)) > 0 ? each.value.view_compartment : var.compartment_ocids[each.value.view_compartment] scope = "PRIVATE" #Optional display_name = each.value.view_name @@ -95,7 +95,7 @@ module "dns-resolvers" { resolver_display_name = each.value.display_name != null ? each.value.display_name : null views = each.value.views != null ? { for v_key, view in each.value.views : v_key => { - view_id = length(regexall("ocid1.dnsview.oc1*", view.view_id)) > 0 ? view.view_id : try(data.oci_dns_views.resolver_views_data["${v_key}"].views.*.id[0], module.dns-views[view.view_id]["dns_view_id"]) + view_id = length(regexall("ocid1.dnsview.oc*", view.view_id)) > 0 ? view.view_id : try(data.oci_dns_views.resolver_views_data["${v_key}"].views.*.id[0], module.dns-views[view.view_id]["dns_view_id"]) } } : null @@ -108,14 +108,14 @@ module "dns-resolvers" { listening = endpoint.is_listening name = endpoint.name #resolver_id = oci_dns_resolver.test_resolver.id - subnet_id = length(regexall("ocid1.subnet.oc1*", endpoint.subnet_name)) > 0 ? endpoint.subnet_name : data.oci_core_subnets.resolver_oci_subnets["${endpoint.name}_${endpoint.subnet_name}"].subnets.*.id[0] + subnet_id = length(regexall("ocid1.subnet.oc*", endpoint.subnet_name)) > 0 ? endpoint.subnet_name : data.oci_core_subnets.resolver_oci_subnets["${endpoint.name}_${endpoint.subnet_name}"].subnets.*.id[0] scope = "PRIVATE" #Optional endpoint_type = "VNIC" forwarding_address = endpoint.forwarding_address listening_address = endpoint.listening_address - nsg_ids = endpoint.nsg_ids != null ? flatten(tolist([for nsg in endpoint.nsg_ids : (length(regexall("ocid1.networksecuritygroup.oc1*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.resolver_network_security_groups["${endpoint.name}_${nsg}"].network_security_groups[*].id)])) : null + nsg_ids = endpoint.nsg_ids != null ? flatten(tolist([for nsg in endpoint.nsg_ids : (length(regexall("ocid1.networksecuritygroup.oc*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.resolver_network_security_groups["${endpoint.name}_${nsg}"].network_security_groups[*].id)])) : null } } : null @@ -128,7 +128,7 @@ module "dns-resolvers" { data "oci_dns_views" "rrset_views_data" { #Required for_each = var.rrsets - compartment_id = each.value.view_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.view_compartment_id)) > 0 ? each.value.view_compartment_id : var.compartment_ocids[each.value.view_compartment_id]) : null + compartment_id = each.value.view_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.view_compartment_id)) > 0 ? each.value.view_compartment_id : var.compartment_ocids[each.value.view_compartment_id]) : null scope = "PRIVATE" #Optional @@ -138,13 +138,13 @@ data "oci_dns_views" "rrset_views_data" { data "oci_dns_zones" "rrset_zones_data" { for_each = { for k, v in var.rrsets : k => v if try(data.oci_dns_views.rrset_views_data[k].views.*.id[0], 0) != 0 } - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null #Optional name = each.value.zone_id scope = "PRIVATE" state = "ACTIVE" - view_id = length(regexall("ocid1.dnsview.oc1*", each.value.view_id)) > 0 ? each.value.view_id : try(data.oci_dns_views.rrset_views_data[each.key].views.*.id[0], module.dns-views[each.value.view_id]["dns_view_id"]) + view_id = length(regexall("ocid1.dnsview.oc*", each.value.view_id)) > 0 ? each.value.view_id : try(data.oci_dns_views.rrset_views_data[each.key].views.*.id[0], module.dns-views[each.value.view_id]["dns_view_id"]) } module "dns-rrsets" { @@ -152,12 +152,12 @@ module "dns-rrsets" { for_each = var.rrsets != null ? var.rrsets : {} depends_on = [module.dns-views, module.dns-zones] rrset_zone = try(data.oci_dns_zones.rrset_zones_data[each.key].zones.*.id[0], module.dns-zones[join("_", [each.value.view_id, replace(each.value.zone_id, ".", "_")])]["dns_zone_id"]) - #rrset_view_id = each.value.view_id != "" ? (length(regexall("ocid1.dnsview.oc1*", each.value.view_id)) > 0 ? each.value.view_id : data.oci_dns_views.rrset_views_data[each.key].views.*.id[0]) : null - rrset_view_id = length(regexall("ocid1.dnsview.oc1*", each.value.view_id)) > 0 ? each.value.view_id : try(data.oci_dns_views.rrset_views_data[each.key].views.*.id[0], module.dns-views[each.value.view_id]["dns_view_id"]) + #rrset_view_id = each.value.view_id != "" ? (length(regexall("ocid1.dnsview.oc*", each.value.view_id)) > 0 ? each.value.view_id : data.oci_dns_views.rrset_views_data[each.key].views.*.id[0]) : null + rrset_view_id = length(regexall("ocid1.dnsview.oc*", each.value.view_id)) > 0 ? each.value.view_id : try(data.oci_dns_views.rrset_views_data[each.key].views.*.id[0], module.dns-views[each.value.view_id]["dns_view_id"]) rrset_domain = each.value.domain rrset_rtype = each.value.rtype rrset_ttl = each.value.ttl - #rrset_compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + #rrset_compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null rrset_rdata = each.value.rdata rrset_scope = "PRIVATE" @@ -176,7 +176,7 @@ module "dns-rrsets" { data "oci_dns_views" "zone_views_data" { #Required for_each = { for k, v in var.zones : k => v if v.view_id != null } - compartment_id = length(regexall("ocid1.compartment.oc1*", each.value.view_compartment_id)) > 0 ? each.value.view_compartment_id : var.compartment_ocids[each.value.view_compartment_id] + compartment_id = length(regexall("ocid1.compartment.oc*", each.value.view_compartment_id)) > 0 ? each.value.view_compartment_id : var.compartment_ocids[each.value.view_compartment_id] scope = "PRIVATE" display_name = each.value.view_id state = "ACTIVE" @@ -186,14 +186,14 @@ module "dns-zones" { source = "./modules/network/dns/zone" depends_on = [module.dns-views] for_each = { for k, v in var.zones : k => v if var.zones != null } - zone_compartment_id = length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id] + zone_compartment_id = length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id] zone_name = each.value.display_name zone_type = "PRIMARY" zone_defined_tags = try(each.value.defined_tags, null) zone_freeform_tags = try(each.value.freeform_tags, null) #external_masters = each.value.external_masters != null ? each.value.external_masters : {} zone_scope = "PRIVATE" - view_id = length(regexall("ocid1.dnsview.oc1*", each.value.view_id)) > 0 ? each.value.view_id : try(data.oci_dns_views.zone_views_data[each.key].views.*.id[0], module.dns-views[each.value.view_id]["dns_view_id"]) + view_id = length(regexall("ocid1.dnsview.oc*", each.value.view_id)) > 0 ? each.value.view_id : try(data.oci_dns_views.zone_views_data[each.key].views.*.id[0], module.dns-views[each.value.view_id]["dns_view_id"]) } ################# @@ -203,7 +203,7 @@ module "dns-zones" { module "dns-views" { source = "./modules/network/dns/view" for_each = var.views != null ? var.views : {} - view_compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + view_compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null view_display_name = each.value.display_name view_scope = try((each.value.scope != null ? (each.value.scope == "PRIVATE" ? each.value.scope : null) : null), null) view_defined_tags = try(each.value.defined_tags, null) diff --git a/cd3_automation_toolkit/user-scripts/terraform/firewall.tf b/cd3_automation_toolkit/user-scripts/terraform/firewall.tf index 30d348d36..21e8d44d5 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/firewall.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/firewall.tf @@ -1,11 +1,11 @@ data "oci_core_vcns" "firewall_vcns" { for_each = var.firewalls != null ? var.firewalls : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.vcn_name } data "oci_core_subnets" "firewall_subnets" { for_each = var.firewalls != null ? var.firewalls : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.subnet_id vcn_id = data.oci_core_vcns.firewall_vcns[each.key].virtual_networks.*.id[0] } @@ -14,9 +14,9 @@ module "firewalls" { source = "./modules/security/firewall/firewall" for_each = var.firewalls != null ? var.firewalls : {} depends_on = [module.policies, module.address_lists, module.application_groups, module.applications, module.services, module.service_lists, module.url_lists, module.decryption_profiles, module.secrets, module.security_rules, module.decryption_rules] - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : var.compartment_ocids[each.value.compartment_id] + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : var.compartment_ocids[each.value.compartment_id] network_firewall_policy_id = length(regexall("ocid1.networkfirewallpolicy.oc1.*", each.value.network_firewall_policy_id)) > 0 ? each.value.network_firewall_policy_id : merge(module.policies.*...)[each.value.network_firewall_policy_id]["policy_tf_id"] - subnet_id = each.value.subnet_id != "" ? (length(regexall("ocid1.subnet.oc1*", each.value.subnet_id)) > 0 ? each.value.subnet_id : data.oci_core_subnets.firewall_subnets[each.key].subnets.*.id[0]) : null + subnet_id = each.value.subnet_id != "" ? (length(regexall("ocid1.subnet.oc*", each.value.subnet_id)) > 0 ? each.value.subnet_id : data.oci_core_subnets.firewall_subnets[each.key].subnets.*.id[0]) : null display_name = each.value.display_name ipv4address = each.value.ipv4address ipv6address = each.value.ipv6address @@ -31,7 +31,7 @@ module "firewalls" { module "policies" { source = "./modules/security/firewall/firewall-policy" for_each = var.fw-policies != null ? var.fw-policies : {} - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : var.compartment_ocids[each.value.compartment_id] + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : var.compartment_ocids[each.value.compartment_id] display_name = each.value.display_name defined_tags = each.value.defined_tags freeform_tags = each.value.freeform_tags @@ -53,7 +53,7 @@ module "service_lists" { depends_on = [module.services, module.policies] service_list_name = each.value.service_list_name network_firewall_policy_id = length(regexall("ocid1.networkfirewallpolicy.oc1.*", each.value.network_firewall_policy_id)) > 0 ? each.value.network_firewall_policy_id : merge(module.policies.*...)[each.value.network_firewall_policy_id]["policy_tf_id"] - services = each.value.services != null ? flatten(tolist([for sid in each.value.services : (length(regexall("ocid1.networkfirewallpolicy.oc1*", sid)) > 0 ? merge(module.services.*...)[sid]["service+_tf_id"] : [sid])])) : null + services = each.value.services != null ? flatten(tolist([for sid in each.value.services : (length(regexall("ocid1.networkfirewallpolicy.oc*", sid)) > 0 ? merge(module.services.*...)[sid]["service+_tf_id"] : [sid])])) : null } module "address_lists" { @@ -83,7 +83,7 @@ module "application_groups" { depends_on = [module.policies, module.applications] app_group_name = each.value.app_group_name network_firewall_policy_id = length(regexall("ocid1.networkfirewallpolicy.oc1.*", each.value.network_firewall_policy_id)) > 0 ? each.value.network_firewall_policy_id : merge(module.policies.*...)[each.value.network_firewall_policy_id]["policy_tf_id"] - apps = each.value.apps != null ? flatten(tolist([for app in each.value.apps : (length(regexall("ocid1.networkfirewallpolicy.oc1*", app)) > 0 ? merge(module.applications.*...)[app]["application_tf_id"] : [app])])) : null + apps = each.value.apps != null ? flatten(tolist([for app in each.value.apps : (length(regexall("ocid1.networkfirewallpolicy.oc*", app)) > 0 ? merge(module.applications.*...)[app]["application_tf_id"] : [app])])) : null } module "url_lists" { @@ -128,7 +128,7 @@ module "secrets" { secret_type = each.value.secret_type vault_secret_id = each.value.vault_secret_id vault_name = each.value.vault_name - compartment_id = each.value.vault_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.vault_compartment_id)) > 0 ? each.value.vault_compartment_id : var.compartment_ocids[each.value.vault_compartment_id]) : var.compartment_ocids[each.value.vault_compartment_id] + compartment_id = each.value.vault_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.vault_compartment_id)) > 0 ? each.value.vault_compartment_id : var.compartment_ocids[each.value.vault_compartment_id]) : var.compartment_ocids[each.value.vault_compartment_id] version_number = each.value.version_number } diff --git a/cd3_automation_toolkit/user-scripts/terraform/fss.tf b/cd3_automation_toolkit/user-scripts/terraform/fss.tf index eee47fe20..8ff897116 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/fss.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/fss.tf @@ -8,7 +8,7 @@ data "oci_core_subnets" "oci_subnets_fss" { # depends_on = [module.subnets] # Uncomment to create Network and FSS together for_each = var.mount_targets != null ? var.mount_targets : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.subnet_id vcn_id = data.oci_core_vcns.oci_vcns_fss[each.key].virtual_networks.*.id[0] } @@ -16,7 +16,7 @@ data "oci_core_subnets" "oci_subnets_fss" { data "oci_core_vcns" "oci_vcns_fss" { # depends_on = [module.vcns] # Uncomment to create Network and FSS together for_each = var.mount_targets != null ? var.mount_targets : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.vcn_name } @@ -27,9 +27,9 @@ module "mts" { for_each = (var.mount_targets != null || var.mount_targets != {}) ? var.mount_targets : {} #Required availability_domain = each.value.availability_domain != null && each.value.availability_domain != null ? data.oci_identity_availability_domains.availability_domains.availability_domains[each.value.availability_domain].name : null - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null - network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] - subnet_id = length(regexall("ocid1.subnet.oc1*", each.value.subnet_id)) > 0 ? each.value.subnet_id : data.oci_core_subnets.oci_subnets_fss[each.key].subnets.*.id[0] + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + subnet_id = length(regexall("ocid1.subnet.oc*", each.value.subnet_id)) > 0 ? each.value.subnet_id : data.oci_core_subnets.oci_subnets_fss[each.key].subnets.*.id[0] vcn_names = [each.value.vcn_name] #Optional @@ -38,8 +38,8 @@ module "mts" { freeform_tags = each.value.freeform_tags hostname_label = each.value.hostname_label ip_address = each.value.ip_address - #nsg_ids = [for nsg in each.value.nsg_ids : length(regexall("ocid1.networksecuritygroup.oc1*",nsg)) > 0 ? nsg : merge(module.nsgs.*...)[nsg]["nsg_tf_id"]] - #nsg_ids = each.value.nsg_ids == [] ? null : ([for nsg in each.value.nsg_ids : (length(regexall("ocid1.networksecuritygroup.oc1*",nsg)) > 0 ? nsg : data.oci_core_network_security_groups.network_security_groups[nsg].network_security_groups[*].id)]) + #nsg_ids = [for nsg in each.value.nsg_ids : length(regexall("ocid1.networksecuritygroup.oc*",nsg)) > 0 ? nsg : merge(module.nsgs.*...)[nsg]["nsg_tf_id"]] + #nsg_ids = each.value.nsg_ids == [] ? null : ([for nsg in each.value.nsg_ids : (length(regexall("ocid1.networksecuritygroup.oc*",nsg)) > 0 ? nsg : data.oci_core_network_security_groups.network_security_groups[nsg].network_security_groups[*].id)]) network_security_group_ids = each.value.nsg_ids } @@ -51,7 +51,7 @@ module "fss" { #Required availability_domain = each.value.availability_domain != null && each.value.availability_domain != null ? data.oci_identity_availability_domains.availability_domains.availability_domains[each.value.availability_domain].name : null - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null #Optional defined_tags = each.value.defined_tags @@ -67,8 +67,8 @@ module "fss-export-options" { for_each = (var.nfs_export_options != null || var.nfs_export_options != {}) ? var.nfs_export_options : {} #Required - export_set_id = length(regexall("ocid1.mounttarget.oc1*", each.value.export_set_id)) > 0 ? each.value.export_set_id : merge(module.mts.*...)[each.value.export_set_id]["mt_exp_set_id"] - file_system_id = length(regexall("ocid1.filesystem.oc1*", each.value.file_system_id)) > 0 ? each.value.file_system_id : merge(module.fss.*...)[each.value.file_system_id]["fss_tf_id"] + export_set_id = length(regexall("ocid1.mounttarget.oc*", each.value.export_set_id)) > 0 ? each.value.export_set_id : merge(module.mts.*...)[each.value.export_set_id]["mt_exp_set_id"] + file_system_id = length(regexall("ocid1.filesystem.oc*", each.value.file_system_id)) > 0 ? each.value.file_system_id : merge(module.fss.*...)[each.value.file_system_id]["fss_tf_id"] export_path = each.value.path nfs_export_options = var.nfs_export_options key_name = each.key diff --git a/cd3_automation_toolkit/user-scripts/terraform/identity.tf b/cd3_automation_toolkit/user-scripts/terraform/identity.tf index 64320e6ea..a83c307e9 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/identity.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/identity.tf @@ -11,7 +11,7 @@ module "iam-compartments" { # insert the 4 required variables here tenancy_ocid = var.tenancy_ocid - compartment_id = each.value.parent_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.parent_compartment_id)) > 0 ? each.value.parent_compartment_id : try(var.compartment_ocids[each.value.parent_compartment_id], zipmap(data.oci_identity_compartments.compartments.compartments.*.name, data.oci_identity_compartments.compartments.compartments.*.id)[each.value.parent_compartment_id])) : var.tenancy_ocid + compartment_id = each.value.parent_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.parent_compartment_id)) > 0 ? each.value.parent_compartment_id : try(var.compartment_ocids[each.value.parent_compartment_id], zipmap(data.oci_identity_compartments.compartments.compartments.*.name, data.oci_identity_compartments.compartments.compartments.*.id)[each.value.parent_compartment_id])) : var.tenancy_ocid compartment_name = each.value.name compartment_description = each.value.description enable_delete = each.value.enable_delete @@ -28,7 +28,7 @@ module "sub-compartments-level1" { depends_on = [module.iam-compartments] # insert the 4 required variables here tenancy_ocid = var.tenancy_ocid - compartment_id = length(regexall("ocid1.compartment.oc1*", each.value.parent_compartment_id)) > 0 ? each.value.parent_compartment_id : try(merge(module.iam-compartments.*...)[each.value.parent_compartment_id]["compartment_tf_id"], var.compartment_ocids[each.value.parent_compartment_id], zipmap(data.oci_identity_compartments.compartments.compartments.*.name, data.oci_identity_compartments.compartments.compartments.*.id)[each.value.parent_compartment_id]) + compartment_id = length(regexall("ocid1.compartment.oc*", each.value.parent_compartment_id)) > 0 ? each.value.parent_compartment_id : try(merge(module.iam-compartments.*...)[each.value.parent_compartment_id]["compartment_tf_id"], var.compartment_ocids[each.value.parent_compartment_id], zipmap(data.oci_identity_compartments.compartments.compartments.*.name, data.oci_identity_compartments.compartments.compartments.*.id)[each.value.parent_compartment_id]) compartment_name = each.value.name compartment_description = each.value.description enable_delete = each.value.enable_delete @@ -45,7 +45,7 @@ module "sub-compartments-level2" { depends_on = [module.sub-compartments-level1] # insert the 4 required variables here tenancy_ocid = var.tenancy_ocid - compartment_id = length(regexall("ocid1.compartment.oc1*", each.value.parent_compartment_id)) > 0 ? each.value.parent_compartment_id : try(merge(module.sub-compartments-level1.*...)[each.value.parent_compartment_id]["compartment_tf_id"], var.compartment_ocids[each.value.parent_compartment_id], zipmap(data.oci_identity_compartments.compartments.compartments.*.name, data.oci_identity_compartments.compartments.compartments.*.id)[each.value.parent_compartment_id]) + compartment_id = length(regexall("ocid1.compartment.oc*", each.value.parent_compartment_id)) > 0 ? each.value.parent_compartment_id : try(merge(module.sub-compartments-level1.*...)[each.value.parent_compartment_id]["compartment_tf_id"], var.compartment_ocids[each.value.parent_compartment_id], zipmap(data.oci_identity_compartments.compartments.compartments.*.name, data.oci_identity_compartments.compartments.compartments.*.id)[each.value.parent_compartment_id]) compartment_name = each.value.name compartment_description = each.value.description @@ -63,7 +63,7 @@ module "sub-compartments-level3" { depends_on = [module.sub-compartments-level2] # insert the 4 required variables here tenancy_ocid = var.tenancy_ocid - compartment_id = length(regexall("ocid1.compartment.oc1*", each.value.parent_compartment_id)) > 0 ? each.value.parent_compartment_id : try(merge(module.sub-compartments-level2.*...)[each.value.parent_compartment_id]["compartment_tf_id"], var.compartment_ocids[each.value.parent_compartment_id], zipmap(data.oci_identity_compartments.compartments.compartments.*.name, data.oci_identity_compartments.compartments.compartments.*.id)[each.value.parent_compartment_id]) + compartment_id = length(regexall("ocid1.compartment.oc*", each.value.parent_compartment_id)) > 0 ? each.value.parent_compartment_id : try(merge(module.sub-compartments-level2.*...)[each.value.parent_compartment_id]["compartment_tf_id"], var.compartment_ocids[each.value.parent_compartment_id], zipmap(data.oci_identity_compartments.compartments.compartments.*.name, data.oci_identity_compartments.compartments.compartments.*.id)[each.value.parent_compartment_id]) compartment_name = each.value.name compartment_description = each.value.description enable_delete = each.value.enable_delete @@ -80,7 +80,7 @@ module "sub-compartments-level4" { depends_on = [module.sub-compartments-level3] # insert the 4 required variables here tenancy_ocid = var.tenancy_ocid - compartment_id = length(regexall("ocid1.compartment.oc1*", each.value.parent_compartment_id)) > 0 ? each.value.parent_compartment_id : try(merge(module.sub-compartments-level3.*...)[each.value.parent_compartment_id]["compartment_tf_id"], var.compartment_ocids[each.value.parent_compartment_id], zipmap(data.oci_identity_compartments.compartments.compartments.*.name, data.oci_identity_compartments.compartments.compartments.*.id)[each.value.parent_compartment_id]) + compartment_id = length(regexall("ocid1.compartment.oc*", each.value.parent_compartment_id)) > 0 ? each.value.parent_compartment_id : try(merge(module.sub-compartments-level3.*...)[each.value.parent_compartment_id]["compartment_tf_id"], var.compartment_ocids[each.value.parent_compartment_id], zipmap(data.oci_identity_compartments.compartments.compartments.*.name, data.oci_identity_compartments.compartments.compartments.*.id)[each.value.parent_compartment_id]) compartment_name = each.value.name compartment_description = each.value.description enable_delete = each.value.enable_delete @@ -97,7 +97,7 @@ module "sub-compartments-level5" { depends_on = [module.sub-compartments-level4] # insert the 4 required variables here tenancy_ocid = var.tenancy_ocid - compartment_id = length(regexall("ocid1.compartment.oc1*", each.value.parent_compartment_id)) > 0 ? each.value.parent_compartment_id : try(merge(module.sub-compartments-level4.*...)[each.value.parent_compartment_id]["compartment_tf_id"], var.compartment_ocids[each.value.parent_compartment_id], zipmap(data.oci_identity_compartments.compartments.compartments.*.name, data.oci_identity_compartments.compartments.compartments.*.id)[each.value.parent_compartment_id]) + compartment_id = length(regexall("ocid1.compartment.oc*", each.value.parent_compartment_id)) > 0 ? each.value.parent_compartment_id : try(merge(module.sub-compartments-level4.*...)[each.value.parent_compartment_id]["compartment_tf_id"], var.compartment_ocids[each.value.parent_compartment_id], zipmap(data.oci_identity_compartments.compartments.compartments.*.name, data.oci_identity_compartments.compartments.compartments.*.id)[each.value.parent_compartment_id]) compartment_name = each.value.name compartment_description = each.value.description enable_delete = each.value.enable_delete @@ -194,7 +194,7 @@ module "iam-policies" { depends_on = [module.iam-groups] tenancy_ocid = var.tenancy_ocid policy_name = each.value.name - policy_compartment_id = each.value.compartment_id != "root" ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : var.tenancy_ocid + policy_compartment_id = each.value.compartment_id != "root" ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : var.tenancy_ocid policy_description = each.value.policy_description policy_statements = each.value.policy_statements @@ -223,7 +223,7 @@ module "iam-users" { user_description = each.value.description user_email = each.value.email group_membership = each.value.group_membership != null ? each.value.group_membership : null - #group_membership = each.value.group_membership != null ? length(regexall("ocid1.groupmembership.oc1*", each.value.group_membership.0)) > 0 ? each.value.group_membership.0 : merge(module.iam-groups.*...)[each.value.group_membership.0]["group_tf_id"] : null + #group_membership = each.value.group_membership != null ? length(regexall("ocid1.groupmembership.oc*", each.value.group_membership.0)) > 0 ? each.value.group_membership.0 : merge(module.iam-groups.*...)[each.value.group_membership.0]["group_tf_id"] : null tenancy_ocid = var.tenancy_ocid disable_capabilities = each.value.disable_capabilities != null ? each.value.disable_capabilities : null diff --git a/cd3_automation_toolkit/user-scripts/terraform/instance.tf b/cd3_automation_toolkit/user-scripts/terraform/instance.tf index c12ed71a2..ebf18f6b1 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/instance.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/instance.tf @@ -8,7 +8,7 @@ data "oci_core_subnets" "oci_subnets" { # depends_on = [module.subnets] # Uncomment to create Network and Instances together for_each = var.instances != null ? var.instances : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.subnet_id vcn_id = data.oci_core_vcns.oci_vcns[each.key].virtual_networks.*.id[0] } @@ -16,7 +16,7 @@ data "oci_core_subnets" "oci_subnets" { data "oci_core_vcns" "oci_vcns" { # depends_on = [module.vcns] # Uncomment to create Network and Instances together for_each = var.instances != null ? var.instances : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.vcn_name } @@ -24,8 +24,8 @@ module "instances" { source = "./modules/compute/instance" for_each = var.instances != null ? var.instances : {} availability_domain = each.value.availability_domain != "" && each.value.availability_domain != null ? data.oci_identity_availability_domains.availability_domains.availability_domains[each.value.availability_domain].name : "" - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null - network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null vcn_names = [each.value.vcn_name] dedicated_vm_host_name = each.value.dedicated_vm_host_id != null ? each.value.dedicated_vm_host_id : null shape = each.value.shape @@ -36,20 +36,20 @@ module "instances" { fault_domain = each.value.fault_domain freeform_tags = each.value.freeform_tags source_type = each.value.source_type - source_image_id = length(regexall("ocid1.image.oc1*", each.value.source_id)) > 0 || length(regexall("ocid1.bootvolume.oc1*", each.value.source_id)) > 0 ? each.value.source_id : lookup(var.instance_source_ocids, each.value.source_id, null) - subnet_id = each.value.subnet_id != "" ? (length(regexall("ocid1.subnet.oc1*", each.value.subnet_id)) > 0 ? each.value.subnet_id : data.oci_core_subnets.oci_subnets[each.key].subnets.*.id[0]) : null + source_image_id = length(regexall("ocid1.image.oc*", each.value.source_id)) > 0 || length(regexall("ocid1.bootvolume.oc*", each.value.source_id)) > 0 ? each.value.source_id : lookup(var.instance_source_ocids, each.value.source_id, null) + subnet_id = each.value.subnet_id != "" ? (length(regexall("ocid1.subnet.oc*", each.value.subnet_id)) > 0 ? each.value.subnet_id : data.oci_core_subnets.oci_subnets[each.key].subnets.*.id[0]) : null assign_public_ip = each.value.assign_public_ip ssh_public_keys = each.value.ssh_authorized_keys != null ? (length(regexall("ssh-rsa*", each.value.ssh_authorized_keys)) > 0 ? each.value.ssh_authorized_keys : lookup(var.instance_ssh_keys, each.value.ssh_authorized_keys, null)) : null hostname_label = each.value.hostname_label nsg_ids = each.value.nsg_ids - #nsg_ids = each.value.nsg_ids != [] ? [for nsg in each.value.nsg_ids : length(regexall("ocid1.networksecuritygroup.oc1*",nsg)) > 0 ? nsg : merge(module.nsgs.*...)[nsg]["nsg_tf_id"]] : [] + #nsg_ids = each.value.nsg_ids != [] ? [for nsg in each.value.nsg_ids : length(regexall("ocid1.networksecuritygroup.oc*",nsg)) > 0 ? nsg : merge(module.nsgs.*...)[nsg]["nsg_tf_id"]] : [] boot_volume_size_in_gbs = each.value.boot_volume_size_in_gbs != null ? each.value.boot_volume_size_in_gbs : null memory_in_gbs = each.value.memory_in_gbs != null ? each.value.memory_in_gbs : null capacity_reservation_id = each.value.capacity_reservation_id != null ? lookup(var.capacity_reservation_ocids, each.value.capacity_reservation_id, null) : null create_is_pv_encryption_in_transit_enabled = each.value.create_is_pv_encryption_in_transit_enabled boot_tf_policy = each.value.backup_policy != null ? each.value.backup_policy : null - policy_tf_compartment_id = each.value.policy_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.policy_compartment_id)) > 0 ? each.value.policy_compartment_id : var.compartment_ocids[each.value.policy_compartment_id]) : null + policy_tf_compartment_id = each.value.policy_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.policy_compartment_id)) > 0 ? each.value.policy_compartment_id : var.compartment_ocids[each.value.policy_compartment_id]) : null remote_execute = each.value.remote_execute != null ? each.value.remote_execute : null bastion_ip = each.value.bastion_ip != null ? each.value.bastion_ip : null cloud_init_script = each.value.cloud_init_script != null ? each.value.cloud_init_script : null diff --git a/cd3_automation_toolkit/user-scripts/terraform/kms.tf b/cd3_automation_toolkit/user-scripts/terraform/kms.tf index e34b43377..55b55897e 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/kms.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/kms.tf @@ -10,7 +10,7 @@ module "vaults" { for_each = var.vaults != null ? var.vaults : {} #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null #Optional defined_tags = each.value.defined_tags @@ -24,7 +24,7 @@ module "keys" { for_each = var.keys != null ? var.keys : {} #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null #Optional defined_tags = each.value.defined_tags diff --git a/cd3_automation_toolkit/user-scripts/terraform/loadbalancer.tf b/cd3_automation_toolkit/user-scripts/terraform/loadbalancer.tf index 41e228e24..0235ba8d9 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/loadbalancer.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/loadbalancer.tf @@ -9,7 +9,7 @@ data "oci_certificates_management_certificates" "certificates_backendsets" { for_each = var.backend_sets != null ? var.backend_sets : {} #Optional - compartment_id = each.value.instance_compartment != null ? (length(regexall("ocid1.compartment.oc1*", each.value.instance_compartment)) > 0 ? each.value.instance_compartment : var.compartment_ocids[each.value.instance_compartment]) : var.tenancy_ocid + compartment_id = each.value.instance_compartment != null ? (length(regexall("ocid1.compartment.oc*", each.value.instance_compartment)) > 0 ? each.value.instance_compartment : var.compartment_ocids[each.value.instance_compartment]) : var.tenancy_ocid name = each.value.certificate_name state = "AVAILABLE" } @@ -20,7 +20,7 @@ data "oci_core_instances" "instances" { for_each = var.backends != null ? var.backends : {} state = "RUNNING" #Required - compartment_id = each.value.instance_compartment != null && each.value.instance_compartment != "" ? (length(regexall("ocid1.compartment.oc1*", each.value.instance_compartment)) > 0 ? each.value.instance_compartment : var.compartment_ocids[each.value.instance_compartment]) : var.tenancy_ocid + compartment_id = each.value.instance_compartment != null && each.value.instance_compartment != "" ? (length(regexall("ocid1.compartment.oc*", each.value.instance_compartment)) > 0 ? each.value.instance_compartment : var.compartment_ocids[each.value.instance_compartment]) : var.tenancy_ocid } data "oci_core_instance" "instance_ip" { @@ -41,14 +41,14 @@ module "load-balancers" { for_each = var.load_balancers != null ? var.load_balancers : {} #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null vcn_names = [each.value.vcn_name] display_name = each.value.display_name shape = each.value.shape != null ? each.value.shape : "100Mbps" # Default value as per OCI - #subnet_ids = flatten(tolist([for subnet in each.value.subnet_names : (length(regexall("ocid1.subnet.oc1*", subnet)) > 0 ? [subnet] : data.oci_core_subnets.oci_subnets_lbs[subnet].subnets[*].id)])) + #subnet_ids = flatten(tolist([for subnet in each.value.subnet_names : (length(regexall("ocid1.subnet.oc*", subnet)) > 0 ? [subnet] : data.oci_core_subnets.oci_subnets_lbs[subnet].subnets[*].id)])) subnet_ids = each.value.subnet_ids - network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null + network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null #Optional defined_tags = each.value.defined_tags @@ -58,7 +58,7 @@ module "load-balancers" { network_security_group_ids = each.value.nsg_ids key_name = each.key load_balancers = var.load_balancers - reserved_ips_id = each.value.reserved_ips_id != null ? (lower(each.value.reserved_ips_id) != "n" ? (length(regexall("ocid1.publicip.oc1*", each.value.reserved_ips_id)) > 0 ? [each.value.reserved_ips_id] : [merge(module.lbr-reserved-ips.*...)[join("-", [each.key, "reserved", "ip"])].reserved_ip_tf_id]) : []) : [] + reserved_ips_id = each.value.reserved_ips_id != null ? (lower(each.value.reserved_ips_id) != "n" ? (length(regexall("ocid1.publicip.oc*", each.value.reserved_ips_id)) > 0 ? [each.value.reserved_ips_id] : [merge(module.lbr-reserved-ips.*...)[join("-", [each.key, "reserved", "ip"])].reserved_ip_tf_id]) : []) : [] } /* @@ -73,7 +73,7 @@ module "hostnames" { #Required hostname = each.value.hostname - load_balancer_id = length(regexall("ocid1.loadbalancer.oc1*", each.value.load_balancer_id)) > 0 ? each.value.load_balancer_id : merge(module.load-balancers.*...)[each.value.load_balancer_id]["load_balancer_tf_id"] + load_balancer_id = length(regexall("ocid1.loadbalancer.oc*", each.value.load_balancer_id)) > 0 ? each.value.load_balancer_id : merge(module.load-balancers.*...)[each.value.load_balancer_id]["load_balancer_tf_id"] name = each.value.name } @@ -89,7 +89,7 @@ module "certificates" { #Required certificate_name = each.value.certificate_name - load_balancer_id = length(regexall("ocid1.loadbalancer.oc1*", each.value.load_balancer_id)) > 0 ? each.value.load_balancer_id : merge(module.load-balancers.*...)[each.value.load_balancer_id]["load_balancer_tf_id"] + load_balancer_id = length(regexall("ocid1.loadbalancer.oc*", each.value.load_balancer_id)) > 0 ? each.value.load_balancer_id : merge(module.load-balancers.*...)[each.value.load_balancer_id]["load_balancer_tf_id"] #Optional ca_certificate = each.value.ca_certificate != null ? file(each.value.ca_certificate) : null @@ -111,7 +111,7 @@ module "cipher-suites" { #Required ciphers = each.value.ciphers name = each.value.name - load_balancer_id = length(regexall("ocid1.loadbalancer.oc1*", each.value.load_balancer_id)) > 0 ? each.value.load_balancer_id : merge(module.load-balancers.*...)[each.value.load_balancer_id]["load_balancer_tf_id"] + load_balancer_id = length(regexall("ocid1.loadbalancer.oc*", each.value.load_balancer_id)) > 0 ? each.value.load_balancer_id : merge(module.load-balancers.*...)[each.value.load_balancer_id]["load_balancer_tf_id"] } @@ -138,7 +138,7 @@ module "backend-sets" { timeout_in_millis = each.value.timeout_in_millis url_path = each.value.url_path - load_balancer_id = length(regexall("ocid1.loadbalancer.oc1*", each.value.load_balancer_id)) > 0 ? each.value.load_balancer_id : merge(module.load-balancers.*...)[each.value.load_balancer_id]["load_balancer_tf_id"] + load_balancer_id = length(regexall("ocid1.loadbalancer.oc*", each.value.load_balancer_id)) > 0 ? each.value.load_balancer_id : merge(module.load-balancers.*...)[each.value.load_balancer_id]["load_balancer_tf_id"] name = each.value.name policy = each.value.policy backend_sets = var.backend_sets @@ -162,7 +162,7 @@ module "backends" { #Required backendset_name = merge(module.backend-sets.*...)[each.value.backendset_name].backend_set_tf_name ip_address = each.value.ip_address != "" ? (length(regexall("IP:", each.value.ip_address)) > 0 ? split("IP:", each.value.ip_address)[1] : data.oci_core_instance.instance_ip[each.key].private_ip) : null - load_balancer_id = length(regexall("ocid1.loadbalancer.oc1*", each.value.load_balancer_id)) > 0 ? each.value.load_balancer_id : merge(module.load-balancers.*...)[each.value.load_balancer_id]["load_balancer_tf_id"] + load_balancer_id = length(regexall("ocid1.loadbalancer.oc*", each.value.load_balancer_id)) > 0 ? each.value.load_balancer_id : merge(module.load-balancers.*...)[each.value.load_balancer_id]["load_balancer_tf_id"] port = each.value.port #Optional @@ -184,7 +184,7 @@ module "listeners" { #Required default_backend_set_name = merge(module.backend-sets.*...)[each.value.default_backend_set_name].backend_set_tf_name - load_balancer_id = length(regexall("ocid1.loadbalancer.oc1*", each.value.load_balancer_id)) > 0 ? each.value.load_balancer_id : merge(module.load-balancers.*...)[each.value.load_balancer_id]["load_balancer_tf_id"] + load_balancer_id = length(regexall("ocid1.loadbalancer.oc*", each.value.load_balancer_id)) > 0 ? each.value.load_balancer_id : merge(module.load-balancers.*...)[each.value.load_balancer_id]["load_balancer_tf_id"] name = each.value.name port = each.value.port protocol = each.value.protocol @@ -212,7 +212,7 @@ module "path-route-sets" { for_each = var.path_route_sets != null ? var.path_route_sets : {} #Required - load_balancer_id = length(regexall("ocid1.loadbalancer.oc1*", each.value.load_balancer_id)) > 0 ? each.value.load_balancer_id : merge(module.load-balancers.*...)[each.value.load_balancer_id]["load_balancer_tf_id"] + load_balancer_id = length(regexall("ocid1.loadbalancer.oc*", each.value.load_balancer_id)) > 0 ? each.value.load_balancer_id : merge(module.load-balancers.*...)[each.value.load_balancer_id]["load_balancer_tf_id"] name = each.value.name #Optional @@ -231,7 +231,7 @@ module "rule-sets" { for_each = var.rule_sets != null ? var.rule_sets : {} #Required - load_balancer_id = length(regexall("ocid1.loadbalancer.oc1*", each.value.load_balancer_id)) > 0 ? each.value.load_balancer_id : merge(module.load-balancers.*...)[each.value.load_balancer_id]["load_balancer_tf_id"] + load_balancer_id = length(regexall("ocid1.loadbalancer.oc*", each.value.load_balancer_id)) > 0 ? each.value.load_balancer_id : merge(module.load-balancers.*...)[each.value.load_balancer_id]["load_balancer_tf_id"] name = each.value.name #Optional @@ -256,7 +256,7 @@ module "loadbalancer-log-groups" { # Log Groups #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null display_name = each.value.display_name @@ -279,9 +279,9 @@ module "loadbalancer-logs" { # Logs #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null display_name = each.value.display_name - log_group_id = length(regexall("ocid1.loggroup.oc1*", each.value.log_group_id)) > 0 ? each.value.log_group_id : merge(module.loadbalancer-log-groups.*...)[each.value.log_group_id]["log_group_tf_id"] + log_group_id = length(regexall("ocid1.loggroup.oc*", each.value.log_group_id)) > 0 ? each.value.log_group_id : merge(module.loadbalancer-log-groups.*...)[each.value.log_group_id]["log_group_tf_id"] log_type = each.value.log_type #Required @@ -316,7 +316,7 @@ module "lbr-reserved-ips" { for_each = var.lbr_reserved_ips != null && var.lbr_reserved_ips != {} ? var.lbr_reserved_ips : {} #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null lifetime = each.value.lifetime #Optional @@ -324,8 +324,8 @@ module "lbr-reserved-ips" { display_name = each.value.display_name freeform_tags = each.value.freeform_tags private_ip_id = each.value.private_ip_id - #private_ip_id = each.value.private_ip_id != null ? (length(regexall("ocid1.privateip.oc1*", each.value.private_ip_id)) > 0 ? each.value.private_ip_id : (length(regexall("\\.", each.value.private_ip_id)) == 3 ? local.private_ip_id[0][each.value.private_ip_id] : merge(module.private-ips.*...)[each.value.private_ip_id].private_ip_tf_id)) : null - #public_ip_pool_id = each.value.public_ip_pool_id != null ? (length(regexall("ocid1.publicippool.oc1*", each.value.public_ip_pool_id)) > 0 ? each.value.public_ip_pool_id : merge(module.public-ip-pools.*...)[each.value.public_ip_pool_id].public_ip_pool_tf_id) : null + #private_ip_id = each.value.private_ip_id != null ? (length(regexall("ocid1.privateip.oc*", each.value.private_ip_id)) > 0 ? each.value.private_ip_id : (length(regexall("\\.", each.value.private_ip_id)) == 3 ? local.private_ip_id[0][each.value.private_ip_id] : merge(module.private-ips.*...)[each.value.private_ip_id].private_ip_tf_id)) : null + #public_ip_pool_id = each.value.public_ip_pool_id != null ? (length(regexall("ocid1.publicippool.oc*", each.value.public_ip_pool_id)) > 0 ? each.value.public_ip_pool_id : merge(module.public-ip-pools.*...)[each.value.public_ip_pool_id].public_ip_pool_tf_id) : null } /* diff --git a/cd3_automation_toolkit/user-scripts/terraform/managementservices.tf b/cd3_automation_toolkit/user-scripts/terraform/managementservices.tf index 906cba28c..a7d0f1d57 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/managementservices.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/managementservices.tf @@ -12,10 +12,10 @@ module "alarms" { for_each = var.alarms != null ? var.alarms : {} alarm_name = each.value.alarm_name - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null - destinations = [for tn in each.value.destinations : (length(regexall("ocid1.onstopic.oc1*", tn)) > 0 ? tn : merge(module.notifications-topics.*...)[tn]["topic_tf_id"])] + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + destinations = [for tn in each.value.destinations : (length(regexall("ocid1.onstopic.oc*", tn)) > 0 ? tn : merge(module.notifications-topics.*...)[tn]["topic_tf_id"])] is_enabled = each.value.is_enabled - metric_compartment_id = each.value.metric_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.metric_compartment_id)) > 0 ? each.value.metric_compartment_id : var.compartment_ocids[each.value.metric_compartment_id]) : null + metric_compartment_id = each.value.metric_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.metric_compartment_id)) > 0 ? each.value.metric_compartment_id : var.compartment_ocids[each.value.metric_compartment_id]) : null namespace = each.value.namespace query = each.value.query severity = each.value.severity @@ -46,7 +46,7 @@ module "events" { for_each = var.events != null ? var.events : {} event_name = each.value.event_name - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null is_enabled = each.value.is_enabled description = each.value.description condition = each.value.condition @@ -74,7 +74,7 @@ module "notifications-topics" { source = "./modules/managementservices/notification-topic" for_each = var.notifications_topics != null ? var.notifications_topics : {} - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null description = each.value.description topic_name = each.value.topic_name @@ -88,10 +88,10 @@ module "notifications-subscriptions" { for_each = var.notifications_subscriptions != null ? var.notifications_subscriptions : {} depends_on = [module.notifications-topics] - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null endpoint = each.value.endpoint protocol = each.value.protocol - topic_id = length(regexall("ocid1.onstopic.oc1*", each.value.topic_id)) > 0 ? each.value.topic_id : merge(module.notifications-topics.*...)[each.value.topic_id]["topic_tf_id"] + topic_id = length(regexall("ocid1.onstopic.oc*", each.value.topic_id)) > 0 ? each.value.topic_id : merge(module.notifications-topics.*...)[each.value.topic_id]["topic_tf_id"] #Optional defined_tags = each.value.defined_tags freeform_tags = each.value.freeform_tags @@ -113,7 +113,7 @@ module "service-connectors" { for_each = var.service_connectors - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null logs_compartment_id = var.tenancy_ocid source_monitoring_details = each.value.source_details.source_kind == "monitoring" ? { for k, v in each.value.source_details.source_monitoring_details : lookup(var.compartment_ocids, k, "not_found") => v } : {} target_monitoring_details = each.value.target_details.target_kind == "monitoring" ? { for k, v in each.value.target_details.target_monitoring_details : lookup(var.compartment_ocids, k, "not_found") => v } : {} diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/compute/instance/data.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/compute/instance/data.tf index 9c500ff42..1c6f63a29 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/compute/instance/data.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/compute/instance/data.tf @@ -6,7 +6,7 @@ ############################# locals { - nsg_ids = var.nsg_ids != null ? flatten(tolist([for nsg in var.nsg_ids : (length(regexall("ocid1.networksecuritygroup.oc1*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups[nsg].network_security_groups[*].id)])) : null + nsg_ids = var.nsg_ids != null ? flatten(tolist([for nsg in var.nsg_ids : (length(regexall("ocid1.networksecuritygroup.oc*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups[nsg].network_security_groups[*].id)])) : null ADs = [ for ad in data.oci_identity_availability_domains.ads.availability_domains : ad.name @@ -105,7 +105,7 @@ data "oci_core_volume_backup_policies" "boot_vol_custom_policy" { ################################ data "oci_marketplace_listing_package_agreements" "listing_package_agreements" { - count = length(regexall("ocid1.image.oc1*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc1*", var.source_image_id)) > 0 || var.source_image_id == null ? 0 : 1 + count = length(regexall("ocid1.image.oc*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc*", var.source_image_id)) > 0 || var.source_image_id == null ? 0 : 1 #Required listing_id = data.oci_marketplace_listing.listing.0.id package_version = data.oci_marketplace_listing.listing.0.default_package_version @@ -115,7 +115,7 @@ data "oci_marketplace_listing_package_agreements" "listing_package_agreements" { } data "oci_marketplace_listing_package" "listing_package" { - count = length(regexall("ocid1.image.oc1*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc1*", var.source_image_id)) > 0 || var.source_image_id == null ? 0 : 1 + count = length(regexall("ocid1.image.oc*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc*", var.source_image_id)) > 0 || var.source_image_id == null ? 0 : 1 #Required listing_id = data.oci_marketplace_listing.listing.0.id package_version = data.oci_marketplace_listing.listing.0.default_package_version @@ -125,7 +125,7 @@ data "oci_marketplace_listing_package" "listing_package" { } data "oci_marketplace_listing_packages" "listing_packages" { - count = length(regexall("ocid1.image.oc1*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc1*", var.source_image_id)) > 0 || var.source_image_id == null ? 0 : 1 + count = length(regexall("ocid1.image.oc*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc*", var.source_image_id)) > 0 || var.source_image_id == null ? 0 : 1 #Required listing_id = data.oci_marketplace_listing.listing.0.id @@ -134,25 +134,25 @@ data "oci_marketplace_listing_packages" "listing_packages" { } data "oci_marketplace_listings" "listings" { - count = length(regexall("ocid1.image.oc1*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc1*", var.source_image_id)) > 0 || var.source_image_id == null ? 0 : 1 + count = length(regexall("ocid1.image.oc*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc*", var.source_image_id)) > 0 || var.source_image_id == null ? 0 : 1 name = [var.source_image_id] #is_featured = true # Comment this line for GovCloud compartment_id = var.compartment_id } data "oci_marketplace_listing" "listing" { - count = length(regexall("ocid1.image.oc1*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc1*", var.source_image_id)) > 0 || var.source_image_id == null ? 0 : 1 + count = length(regexall("ocid1.image.oc*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc*", var.source_image_id)) > 0 || var.source_image_id == null ? 0 : 1 listing_id = data.oci_marketplace_listings.listings.0.listings[0].id compartment_id = var.compartment_id } data "oci_core_app_catalog_listing_resource_versions" "app_catalog_listing_resource_versions" { - count = length(regexall("ocid1.image.oc1*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc1*", var.source_image_id)) > 0 || var.source_image_id == null ? 0 : 1 + count = length(regexall("ocid1.image.oc*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc*", var.source_image_id)) > 0 || var.source_image_id == null ? 0 : 1 listing_id = data.oci_marketplace_listing_package.listing_package.0.app_catalog_listing_id } data "oci_core_app_catalog_listing_resource_version" "catalog_listing" { - count = length(regexall("ocid1.image.oc1*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc1*", var.source_image_id)) > 0 || var.source_image_id == null ? 0 : 1 + count = length(regexall("ocid1.image.oc*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc*", var.source_image_id)) > 0 || var.source_image_id == null ? 0 : 1 listing_id = data.oci_marketplace_listing_package.listing_package.0.app_catalog_listing_id resource_version = data.oci_marketplace_listing_package.listing_package.0.app_catalog_listing_resource_version } diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/compute/instance/main.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/compute/instance/main.tf index 2b908637d..683be11a2 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/compute/instance/main.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/compute/instance/main.tf @@ -116,7 +116,7 @@ resource "oci_core_instance" "instance" { } source_details { - source_id = length(regexall("ocid1.image.oc1*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc1*", var.source_image_id)) > 0 || var.source_image_id == null ? var.source_image_id : data.oci_core_app_catalog_listing_resource_version.catalog_listing.0.listing_resource_id + source_id = length(regexall("ocid1.image.oc*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc*", var.source_image_id)) > 0 || var.source_image_id == null ? var.source_image_id : data.oci_core_app_catalog_listing_resource_version.catalog_listing.0.listing_resource_id source_type = var.source_type #Optional #boot_volume_size_in_gbs = var.boot_volume_size_in_gbs @@ -229,7 +229,7 @@ resource "oci_core_volume_backup_policy_assignment" "volume_backup_policy_assign ################################ resource "oci_marketplace_accepted_agreement" "accepted_agreement" { - count = length(regexall("ocid1.image.oc1*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc1*", var.source_image_id)) > 0 || var.source_image_id == null ? 0 : 1 + count = length(regexall("ocid1.image.oc*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc*", var.source_image_id)) > 0 || var.source_image_id == null ? 0 : 1 #Required agreement_id = oci_marketplace_listing_package_agreement.listing_package_agreement.0.agreement_id compartment_id = var.compartment_id @@ -239,7 +239,7 @@ resource "oci_marketplace_accepted_agreement" "accepted_agreement" { } resource "oci_marketplace_listing_package_agreement" "listing_package_agreement" { - count = length(regexall("ocid1.image.oc1*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc1*", var.source_image_id)) > 0 || var.source_image_id == null ? 0 : 1 + count = length(regexall("ocid1.image.oc*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc*", var.source_image_id)) > 0 || var.source_image_id == null ? 0 : 1 #Required agreement_id = data.oci_marketplace_listing_package_agreements.listing_package_agreements.0.agreements[0].id listing_id = data.oci_marketplace_listing.listing.0.id @@ -248,7 +248,7 @@ resource "oci_marketplace_listing_package_agreement" "listing_package_agreement" #------ Get Image Agreement resource "oci_core_app_catalog_listing_resource_version_agreement" "mp_image_agreement" { - count = length(regexall("ocid1.image.oc1*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc1*", var.source_image_id)) > 0 || var.source_image_id == null ? 0 : 1 + count = length(regexall("ocid1.image.oc*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc*", var.source_image_id)) > 0 || var.source_image_id == null ? 0 : 1 listing_id = data.oci_marketplace_listing_package.listing_package.0.app_catalog_listing_id #listing_resource_version = data.oci_marketplace_listing_package.listing_package.0.app_catalog_listing_resource_version listing_resource_version = data.oci_core_app_catalog_listing_resource_versions.app_catalog_listing_resource_versions.0.app_catalog_listing_resource_versions[0].listing_resource_version @@ -258,7 +258,7 @@ resource "oci_core_app_catalog_listing_resource_version_agreement" "mp_image_agr # ------ Accept Terms and Subscribe to the image, placing the image in a particular compartment resource "oci_core_app_catalog_subscription" "mp_image_subscription" { - count = length(regexall("ocid1.image.oc1*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc1*", var.source_image_id)) > 0 || var.source_image_id == null ? 0 : 1 + count = length(regexall("ocid1.image.oc*", var.source_image_id)) > 0 || length(regexall("ocid1.bootvolume.oc*", var.source_image_id)) > 0 || var.source_image_id == null ? 0 : 1 compartment_id = var.compartment_id eula_link = oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement[0].eula_link listing_id = oci_core_app_catalog_listing_resource_version_agreement.mp_image_agreement[0].listing_id diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/database/adb/data.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/database/adb/data.tf index bed07b08a..4d1cf1f93 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/database/adb/data.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/database/adb/data.tf @@ -6,7 +6,7 @@ ############################# locals { - nsg_ids = flatten(tolist([for nsg in var.network_security_group_ids : (length(regexall("ocid1.networksecuritygroup.oc1*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups_adb[nsg].network_security_groups[*].id)])) + nsg_ids = flatten(tolist([for nsg in var.network_security_group_ids : (length(regexall("ocid1.networksecuritygroup.oc*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups_adb[nsg].network_security_groups[*].id)])) } data "oci_core_vcns" "oci_vcns_adb" { diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/database/dbsystem-vm-bm/data.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/database/dbsystem-vm-bm/data.tf index b4091bc19..ad18dc09d 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/database/dbsystem-vm-bm/data.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/database/dbsystem-vm-bm/data.tf @@ -6,7 +6,7 @@ ############################# locals { - nsg_ids = var.nsg_ids != null ? flatten(tolist([for nsg in var.nsg_ids : (length(regexall("ocid1.networksecuritygroup.oc1*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups_dbsystems[nsg].network_security_groups[*].id)])) : null + nsg_ids = var.nsg_ids != null ? flatten(tolist([for nsg in var.nsg_ids : (length(regexall("ocid1.networksecuritygroup.oc*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups_dbsystems[nsg].network_security_groups[*].id)])) : null } data "oci_core_vcns" "oci_vcns_dbsystems" { diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/database/exa-vmcluster/data.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/database/exa-vmcluster/data.tf index ea24831dc..9a8582bdf 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/database/exa-vmcluster/data.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/database/exa-vmcluster/data.tf @@ -6,8 +6,8 @@ ############################# locals { - nsg_ids = var.nsg_ids != null ? flatten(tolist([for nsg in var.nsg_ids : (length(regexall("ocid1.networksecuritygroup.oc1*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups_db_exacs[nsg].network_security_groups[*].id)])) : null - backup_nsg_ids = var.backup_network_nsg_ids != null ? flatten(tolist([for nsg in var.backup_network_nsg_ids : (length(regexall("ocid1.networksecuritygroup.oc1*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups_backup_db_exacs[nsg].network_security_groups[*].id)])) : null + nsg_ids = var.nsg_ids != null ? flatten(tolist([for nsg in var.nsg_ids : (length(regexall("ocid1.networksecuritygroup.oc*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups_db_exacs[nsg].network_security_groups[*].id)])) : null + backup_nsg_ids = var.backup_network_nsg_ids != null ? flatten(tolist([for nsg in var.backup_network_nsg_ids : (length(regexall("ocid1.networksecuritygroup.oc*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups_backup_db_exacs[nsg].network_security_groups[*].id)])) : null db_servers = flatten(toset([for server in data.oci_database_db_servers.all_db_servers : server.db_servers[*].id ])) } diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/identity/iam-user/main.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/identity/iam-user/main.tf index 9e3f146bc..2ab4abf88 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/identity/iam-user/main.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/identity/iam-user/main.tf @@ -23,7 +23,7 @@ resource "oci_identity_user_group_membership" "user_group_membership" { count = var.group_membership != null ? length(var.group_membership) : 0 depends_on = [oci_identity_user.user] user_id = oci_identity_user.user.id - group_id = length(regexall("ocid1.group.oc1*", var.group_membership[count.index])) > 0 ? var.group_membership[count.index] : data.oci_identity_groups.iam_groups.groups[index(data.oci_identity_groups.iam_groups.groups.*.name, var.group_membership[count.index])].id + group_id = length(regexall("ocid1.group.oc*", var.group_membership[count.index])) > 0 ? var.group_membership[count.index] : data.oci_identity_groups.iam_groups.groups[index(data.oci_identity_groups.iam_groups.groups.*.name, var.group_membership[count.index])].id } resource "oci_identity_user_capabilities_management" "user_capabilities_management" { diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/loadbalancer/lb-load-balancer/data.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/loadbalancer/lb-load-balancer/data.tf index 46a2001e9..943ba1534 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/loadbalancer/lb-load-balancer/data.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/loadbalancer/lb-load-balancer/data.tf @@ -6,7 +6,7 @@ ############################# locals { - nsg_ids = var.network_security_group_ids != null ? flatten(tolist([for nsg in var.network_security_group_ids : (length(regexall("ocid1.networksecuritygroup.oc1*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups[nsg].network_security_groups[*].id)])) : null + nsg_ids = var.network_security_group_ids != null ? flatten(tolist([for nsg in var.network_security_group_ids : (length(regexall("ocid1.networksecuritygroup.oc*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups[nsg].network_security_groups[*].id)])) : null } data "oci_core_network_security_groups" "network_security_groups" { diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/loadbalancer/lb-load-balancer/main.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/loadbalancer/lb-load-balancer/main.tf index 7f442e00d..5e8e09f23 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/loadbalancer/lb-load-balancer/main.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/loadbalancer/lb-load-balancer/main.tf @@ -11,7 +11,7 @@ resource "oci_load_balancer_load_balancer" "load_balancer" { display_name = var.display_name shape = var.shape #subnet_ids = var.subnet_ids - subnet_ids = flatten(tolist([for subnet in var.subnet_ids : (length(regexall("ocid1.subnet.oc1*", subnet)) > 0 ? [subnet] : data.oci_core_subnets.oci_subnets_lbs[subnet].subnets[*].id)])) + subnet_ids = flatten(tolist([for subnet in var.subnet_ids : (length(regexall("ocid1.subnet.oc*", subnet)) > 0 ? [subnet] : data.oci_core_subnets.oci_subnets_lbs[subnet].subnets[*].id)])) #Optional diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/managementservices/alarm/main.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/managementservices/alarm/main.tf index ee7c6742b..a63151473 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/managementservices/alarm/main.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/managementservices/alarm/main.tf @@ -17,6 +17,7 @@ resource "oci_monitoring_alarm" "alarm" { query = var.query severity = var.severity body = var.body + message_format = var.message_format #metric_compartment_id_in_subtree = var.alarm_metric_compartment_id_in_subtree pending_duration = var.trigger_delay_minutes diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/managementservices/event/main.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/managementservices/event/main.tf index b042490f9..819a42661 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/managementservices/event/main.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/managementservices/event/main.tf @@ -26,7 +26,7 @@ resource "oci_events_rule" "event" { description = actions.value.description != "" ? actions.value.description : null function_id = actions.value.function_id stream_id = actions.value.stream_id - topic_id = (actions.value.topic_id != "" && actions.value.topic_id != null) ? (length(regexall("ocid1.onstopic.oc1*", actions.value.topic_id)) > 0 ? actions.value.topic_id : var.topic_name[actions.value.topic_id]["topic_tf_id"]) : null + topic_id = (actions.value.topic_id != "" && actions.value.topic_id != null) ? (length(regexall("ocid1.onstopic.oc*", actions.value.topic_id)) > 0 ? actions.value.topic_id : var.topic_name[actions.value.topic_id]["topic_tf_id"]) : null } } } diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/network/default-route-table/main.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/network/default-route-table/main.tf index c12f672f4..e5de53947 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/network/default-route-table/main.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/network/default-route-table/main.tf @@ -25,7 +25,7 @@ resource "oci_core_default_route_table" "default_route_table" { content { #Required - network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.privateip.oc1*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : "" + network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.privateip.oc*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : "" #Optional description = route_rules.value["description"] @@ -40,7 +40,7 @@ resource "oci_core_default_route_table" "default_route_table" { content { #Required - network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.localpeeringgateway.oc1*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : try(var.hub_lpg_id[route_rules.value["network_entity_id"]]["lpg_tf_id"], var.spoke_lpg_id[route_rules.value["network_entity_id"]]["lpg_tf_id"], var.exported_lpg_id[route_rules.value["network_entity_id"]]["lpg_tf_id"], var.drg_id[route_rules.value["network_entity_id"]]["drg_tf_id"]) + network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.localpeeringgateway.oc*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : try(var.hub_lpg_id[route_rules.value["network_entity_id"]]["lpg_tf_id"], var.spoke_lpg_id[route_rules.value["network_entity_id"]]["lpg_tf_id"], var.exported_lpg_id[route_rules.value["network_entity_id"]]["lpg_tf_id"], var.drg_id[route_rules.value["network_entity_id"]]["drg_tf_id"]) #Optional description = route_rules.value["description"] @@ -55,7 +55,7 @@ resource "oci_core_default_route_table" "default_route_table" { content { #Required - network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.internetgateway.oc1*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : var.igw_id[route_rules.value["network_entity_id"]]["igw_tf_id"] + network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.internetgateway.oc*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : var.igw_id[route_rules.value["network_entity_id"]]["igw_tf_id"] #Optional description = route_rules.value["description"] @@ -70,10 +70,10 @@ resource "oci_core_default_route_table" "default_route_table" { content { #Required - network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.drg.oc1*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : var.drg_id[route_rules.value["network_entity_id"]]["drg_tf_id"] + network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.drg.oc*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : var.drg_id[route_rules.value["network_entity_id"]]["drg_tf_id"] - #length(regexall("ocid1.drg.oc1*", route_rules.value["network_entity_id"])) > 0 ? route_rules.value["network_entity_id"] : null + #length(regexall("ocid1.drg.oc*", route_rules.value["network_entity_id"])) > 0 ? route_rules.value["network_entity_id"] : null #Optional description = route_rules.value["description"] @@ -88,10 +88,10 @@ resource "oci_core_default_route_table" "default_route_table" { content { #Required - network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.natgateway.oc1*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : var.ngw_id[route_rules.value["network_entity_id"]]["ngw_tf_id"] + network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.natgateway.oc*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : var.ngw_id[route_rules.value["network_entity_id"]]["ngw_tf_id"] - #length(regexall("ocid1.drg.oc1*", route_rules.value["network_entity_id"])) > 0 ? route_rules.value["network_entity_id"] : null + #length(regexall("ocid1.drg.oc*", route_rules.value["network_entity_id"])) > 0 ? route_rules.value["network_entity_id"] : null #Optional description = route_rules.value["description"] @@ -106,10 +106,10 @@ resource "oci_core_default_route_table" "default_route_table" { content { #Required - network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.servicegateway.oc1*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : var.sgw_id[route_rules.value["network_entity_id"]]["sgw_tf_id"] + network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.servicegateway.oc*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : var.sgw_id[route_rules.value["network_entity_id"]]["sgw_tf_id"] - #length(regexall("ocid1.drg.oc1*", route_rules.value["network_entity_id"])) > 0 ? route_rules.value["network_entity_id"] : null + #length(regexall("ocid1.drg.oc*", route_rules.value["network_entity_id"])) > 0 ? route_rules.value["network_entity_id"] : null #Optional description = route_rules.value["description"] diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/network/drg-route-distribution-statement/main.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/network/drg-route-distribution-statement/main.tf index 4e0401e6c..6b2d20198 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/network/drg-route-distribution-statement/main.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/network/drg-route-distribution-statement/main.tf @@ -21,7 +21,7 @@ resource "oci_core_drg_route_distribution_statement" "drg_route_distribution_sta #Optional attachment_type = match_criteria.value.attachment_type - drg_attachment_id = match_criteria.value.drg_attachment_id != "" && match_criteria.value.drg_attachment_id != null ? (length(regexall("ocid1.drgattachment.oc1*", match_criteria.value.drg_attachment_id)) > 0 ? match_criteria.value.drg_attachment_id : var.drg_attachment_ids[match_criteria.value.drg_attachment_id]["drg_attachment_tf_id"]) : "" + drg_attachment_id = match_criteria.value.drg_attachment_id != "" && match_criteria.value.drg_attachment_id != null ? (length(regexall("ocid1.drgattachment.oc*", match_criteria.value.drg_attachment_id)) > 0 ? match_criteria.value.drg_attachment_id : var.drg_attachment_ids[match_criteria.value.drg_attachment_id]["drg_attachment_tf_id"]) : "" } } } \ No newline at end of file diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/network/route-table/main.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/network/route-table/main.tf index 7929aad31..9f089ad47 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/network/route-table/main.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/network/route-table/main.tf @@ -26,7 +26,7 @@ resource "oci_core_route_table" "route_table" { content { #Required - network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.privateip.oc1*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : "" + network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.privateip.oc*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : "" #Optional description = route_rules.value["description"] != "" ? route_rules.value["description"] : null @@ -41,7 +41,7 @@ resource "oci_core_route_table" "route_table" { content { #Required - network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.localpeeringgateway.oc1*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : try(var.hub_lpg_id[route_rules.value["network_entity_id"]]["lpg_tf_id"], var.spoke_lpg_id[route_rules.value["network_entity_id"]]["lpg_tf_id"], var.peer_lpg_id[route_rules.value["network_entity_id"]]["lpg_tf_id"], var.none_lpg_id[route_rules.value["network_entity_id"]]["lpg_tf_id"], var.exported_lpg_id[route_rules.value["network_entity_id"]]["lpg_tf_id"], var.drg_id[route_rules.value["network_entity_id"]]["drg_tf_id"]) + network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.localpeeringgateway.oc*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : try(var.hub_lpg_id[route_rules.value["network_entity_id"]]["lpg_tf_id"], var.spoke_lpg_id[route_rules.value["network_entity_id"]]["lpg_tf_id"], var.peer_lpg_id[route_rules.value["network_entity_id"]]["lpg_tf_id"], var.none_lpg_id[route_rules.value["network_entity_id"]]["lpg_tf_id"], var.exported_lpg_id[route_rules.value["network_entity_id"]]["lpg_tf_id"], var.drg_id[route_rules.value["network_entity_id"]]["drg_tf_id"]) #Optional description = route_rules.value["description"] != "" ? route_rules.value["description"] : null @@ -56,7 +56,7 @@ resource "oci_core_route_table" "route_table" { content { #Required - network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.internetgateway.oc1*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : var.igw_id[route_rules.value["network_entity_id"]]["igw_tf_id"] + network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.internetgateway.oc*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : var.igw_id[route_rules.value["network_entity_id"]]["igw_tf_id"] #Optional description = route_rules.value["description"] != "" ? route_rules.value["description"] : null @@ -71,10 +71,10 @@ resource "oci_core_route_table" "route_table" { content { #Required - network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.drg.oc1*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : var.drg_id[route_rules.value["network_entity_id"]]["drg_tf_id"] + network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.drg.oc*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : var.drg_id[route_rules.value["network_entity_id"]]["drg_tf_id"] - #length(regexall("ocid1.drg.oc1*", route_rules.value["network_entity_id"])) > 0 ? route_rules.value["network_entity_id"] : null + #length(regexall("ocid1.drg.oc*", route_rules.value["network_entity_id"])) > 0 ? route_rules.value["network_entity_id"] : null #Optional description = route_rules.value["description"] != "" ? route_rules.value["description"] : null @@ -89,10 +89,10 @@ resource "oci_core_route_table" "route_table" { content { #Required - network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.natgateway.oc1*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : var.ngw_id[route_rules.value["network_entity_id"]]["ngw_tf_id"] + network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.natgateway.oc*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : var.ngw_id[route_rules.value["network_entity_id"]]["ngw_tf_id"] - #length(regexall("ocid1.drg.oc1*", route_rules.value["network_entity_id"])) > 0 ? route_rules.value["network_entity_id"] : null + #length(regexall("ocid1.drg.oc*", route_rules.value["network_entity_id"])) > 0 ? route_rules.value["network_entity_id"] : null #Optional description = route_rules.value["description"] != "" ? route_rules.value["description"] : null @@ -107,10 +107,10 @@ resource "oci_core_route_table" "route_table" { content { #Required - network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.servicegateway.oc1*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : var.sgw_id[route_rules.value["network_entity_id"]]["sgw_tf_id"] + network_entity_id = (route_rules.value["network_entity_id"] != null && length(regexall("ocid1.servicegateway.oc*", route_rules.value["network_entity_id"])) > 0) ? route_rules.value["network_entity_id"] : var.sgw_id[route_rules.value["network_entity_id"]]["sgw_tf_id"] - #length(regexall("ocid1.drg.oc1*", route_rules.value["network_entity_id"])) > 0 ? route_rules.value["network_entity_id"] : null + #length(regexall("ocid1.drg.oc*", route_rules.value["network_entity_id"])) > 0 ? route_rules.value["network_entity_id"] : null #Optional description = route_rules.value["description"] != "" ? route_rules.value["description"] : null diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/network/subnet/main.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/network/subnet/main.tf index 4d2f19be1..ef146bfe0 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/network/subnet/main.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/network/subnet/main.tf @@ -23,5 +23,5 @@ resource "oci_core_subnet" "subnet" { prohibit_internet_ingress = var.prohibit_internet_ingress prohibit_public_ip_on_vnic = var.prohibit_public_ip_on_vnic route_table_id = var.route_table_id - security_list_ids = flatten([for seclist in var.security_list_ids : [for sl in seclist : sl if length(regexall("ocid1.securitylist.oc1*", sl)) > 0 ]]) + security_list_ids = flatten([for seclist in var.security_list_ids : [for sl in seclist : sl if length(regexall("ocid1.securitylist.oc*", sl)) > 0 ]]) } diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/network/vlan/data.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/network/vlan/data.tf index 912b4869a..74b845e1f 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/network/vlan/data.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/network/vlan/data.tf @@ -6,7 +6,7 @@ ############################# locals { - nsg_ids = var.nsg_ids != null ? flatten(tolist([for nsg in var.nsg_ids : (length(regexall("ocid1.networksecuritygroup.oc1*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups[nsg].network_security_groups[*].id)])) : null + nsg_ids = var.nsg_ids != null ? flatten(tolist([for nsg in var.nsg_ids : (length(regexall("ocid1.networksecuritygroup.oc*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups[nsg].network_security_groups[*].id)])) : null } data "oci_core_network_security_groups" "network_security_groups" { diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb/data.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb/data.tf index a7eebc7ac..70810e523 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb/data.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/networkloadbalancer/nlb/data.tf @@ -6,7 +6,7 @@ ####################################### locals { - nsg_ids = var.network_security_group_ids != null ? flatten(tolist([for nsg in var.network_security_group_ids : (length(regexall("ocid1.networksecuritygroup.oc1*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups[nsg].network_security_groups[*].id)])) : null + nsg_ids = var.network_security_group_ids != null ? flatten(tolist([for nsg in var.network_security_group_ids : (length(regexall("ocid1.networksecuritygroup.oc*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups[nsg].network_security_groups[*].id)])) : null } data "oci_core_network_security_groups" "network_security_groups" { diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/oke/cluster/data.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/oke/cluster/data.tf index a68298abd..781f3c69e 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/oke/cluster/data.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/oke/cluster/data.tf @@ -6,7 +6,7 @@ ############################# locals { - endpoint_nsg_ids = var.nsg_ids != null ? flatten(tolist([for nsg in var.nsg_ids : (length(regexall("ocid1.networksecuritygroup.oc1*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups[nsg].network_security_groups[*].id)])) : null + endpoint_nsg_ids = var.nsg_ids != null ? flatten(tolist([for nsg in var.nsg_ids : (length(regexall("ocid1.networksecuritygroup.oc*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups[nsg].network_security_groups[*].id)])) : null } data "oci_core_network_security_groups" "network_security_groups" { diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/oke/cluster/main.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/oke/cluster/main.tf index a84804028..610fb4e8e 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/oke/cluster/main.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/oke/cluster/main.tf @@ -36,7 +36,7 @@ resource "oci_containerengine_cluster" "cluster" { pods_cidr = var.pods_cidr services_cidr = var.services_cidr } - service_lb_subnet_ids = flatten(tolist([for subnet in var.service_lb_subnet_ids : (length(regexall("ocid1.subnet.oc1*", subnet)) > 0 ? [subnet] : data.oci_core_subnets.oci_subnets_cluster_lbs[subnet].subnets[*].id)])) + service_lb_subnet_ids = flatten(tolist([for subnet in var.service_lb_subnet_ids : (length(regexall("ocid1.subnet.oc*", subnet)) > 0 ? [subnet] : data.oci_core_subnets.oci_subnets_cluster_lbs[subnet].subnets[*].id)])) } lifecycle { diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/oke/nodepool/data.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/oke/nodepool/data.tf index 4f532b41e..738bddd9e 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/oke/nodepool/data.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/oke/nodepool/data.tf @@ -6,8 +6,8 @@ ############################# locals { - nodepool_nsg_ids = var.worker_nsg_ids != null ? flatten(tolist([for nsg in var.worker_nsg_ids : (length(regexall("ocid1.networksecuritygroup.oc1*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups_workers[nsg].network_security_groups[*].id)])) : null - pod_nsg_ids = var.pod_nsg_ids != null ? flatten(tolist([for nsg in var.pod_nsg_ids : (length(regexall("ocid1.networksecuritygroup.oc1*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups_pods[nsg].network_security_groups[*].id)])) : null + nodepool_nsg_ids = var.worker_nsg_ids != null ? flatten(tolist([for nsg in var.worker_nsg_ids : (length(regexall("ocid1.networksecuritygroup.oc*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups_workers[nsg].network_security_groups[*].id)])) : null + pod_nsg_ids = var.pod_nsg_ids != null ? flatten(tolist([for nsg in var.pod_nsg_ids : (length(regexall("ocid1.networksecuritygroup.oc*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups_pods[nsg].network_security_groups[*].id)])) : null } data "oci_identity_availability_domains" "ads" { diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/address-list/data.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/address-list/data.tf index 07b270bd3..12fa5c62d 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/address-list/data.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/address-list/data.tf @@ -3,6 +3,6 @@ } data "oci_network_firewall_network_firewall_policies" "fw-policy" { - compartment_id = var.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", var.compartment_id)) > 0 ? var.compartment_id : var.compartment_ocids[var.compartment_id]) : var.compartment_ocids[var.compartment_id] + compartment_id = var.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", var.compartment_id)) > 0 ? var.compartment_id : var.compartment_ocids[var.compartment_id]) : var.compartment_ocids[var.compartment_id] display_name = var.network_firewall_policy_id */ \ No newline at end of file diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/application-group/data.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/application-group/data.tf index 07b270bd3..12fa5c62d 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/application-group/data.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/application-group/data.tf @@ -3,6 +3,6 @@ } data "oci_network_firewall_network_firewall_policies" "fw-policy" { - compartment_id = var.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", var.compartment_id)) > 0 ? var.compartment_id : var.compartment_ocids[var.compartment_id]) : var.compartment_ocids[var.compartment_id] + compartment_id = var.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", var.compartment_id)) > 0 ? var.compartment_id : var.compartment_ocids[var.compartment_id]) : var.compartment_ocids[var.compartment_id] display_name = var.network_firewall_policy_id */ \ No newline at end of file diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/application/data.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/application/data.tf index 07b270bd3..12fa5c62d 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/application/data.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/application/data.tf @@ -3,6 +3,6 @@ } data "oci_network_firewall_network_firewall_policies" "fw-policy" { - compartment_id = var.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", var.compartment_id)) > 0 ? var.compartment_id : var.compartment_ocids[var.compartment_id]) : var.compartment_ocids[var.compartment_id] + compartment_id = var.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", var.compartment_id)) > 0 ? var.compartment_id : var.compartment_ocids[var.compartment_id]) : var.compartment_ocids[var.compartment_id] display_name = var.network_firewall_policy_id */ \ No newline at end of file diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/decryption-profile/data.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/decryption-profile/data.tf index 07b270bd3..12fa5c62d 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/decryption-profile/data.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/decryption-profile/data.tf @@ -3,6 +3,6 @@ } data "oci_network_firewall_network_firewall_policies" "fw-policy" { - compartment_id = var.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", var.compartment_id)) > 0 ? var.compartment_id : var.compartment_ocids[var.compartment_id]) : var.compartment_ocids[var.compartment_id] + compartment_id = var.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", var.compartment_id)) > 0 ? var.compartment_id : var.compartment_ocids[var.compartment_id]) : var.compartment_ocids[var.compartment_id] display_name = var.network_firewall_policy_id */ \ No newline at end of file diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/decryption-rules/data.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/decryption-rules/data.tf index 07b270bd3..12fa5c62d 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/decryption-rules/data.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/decryption-rules/data.tf @@ -3,6 +3,6 @@ } data "oci_network_firewall_network_firewall_policies" "fw-policy" { - compartment_id = var.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", var.compartment_id)) > 0 ? var.compartment_id : var.compartment_ocids[var.compartment_id]) : var.compartment_ocids[var.compartment_id] + compartment_id = var.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", var.compartment_id)) > 0 ? var.compartment_id : var.compartment_ocids[var.compartment_id]) : var.compartment_ocids[var.compartment_id] display_name = var.network_firewall_policy_id */ \ No newline at end of file diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/firewall/data.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/firewall/data.tf index 442286b0a..68978ed4b 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/firewall/data.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/firewall/data.tf @@ -12,7 +12,7 @@ data "oci_core_network_security_groups" "network_security_groups" { locals { - nsg_id = var.nsg_id != null ? flatten(tolist([for nsg in var.nsg_id : (length(regexall("ocid1.networksecuritygroup.oc1*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups[nsg].network_security_groups[*].id) ])) : null + nsg_id = var.nsg_id != null ? flatten(tolist([for nsg in var.nsg_id : (length(regexall("ocid1.networksecuritygroup.oc*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups[nsg].network_security_groups[*].id) ])) : null } diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/security-rules/data.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/security-rules/data.tf index 07b270bd3..12fa5c62d 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/security-rules/data.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/security-rules/data.tf @@ -3,6 +3,6 @@ } data "oci_network_firewall_network_firewall_policies" "fw-policy" { - compartment_id = var.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", var.compartment_id)) > 0 ? var.compartment_id : var.compartment_ocids[var.compartment_id]) : var.compartment_ocids[var.compartment_id] + compartment_id = var.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", var.compartment_id)) > 0 ? var.compartment_id : var.compartment_ocids[var.compartment_id]) : var.compartment_ocids[var.compartment_id] display_name = var.network_firewall_policy_id */ \ No newline at end of file diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/service-list/data.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/service-list/data.tf index e9c38d5be..a68341946 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/service-list/data.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/service-list/data.tf @@ -1,6 +1,6 @@ /* locals { - services = var.services != null ? flatten(tolist([for sid in var.services : (length(regexall("ocid1.networkfirewallpolicy.oc1*", sid)) > 0 ? [sid] : data.oci_network_firewall_network_firewall_policy_services.fw-services[sid].*.name)])) : null + services = var.services != null ? flatten(tolist([for sid in var.services : (length(regexall("ocid1.networkfirewallpolicy.oc*", sid)) > 0 ? [sid] : data.oci_network_firewall_network_firewall_policy_services.fw-services[sid].*.name)])) : null } data "oci_network_firewall_network_firewall_policy_services" "fw-services" { diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/service/data.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/service/data.tf index 07b270bd3..12fa5c62d 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/service/data.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/service/data.tf @@ -3,6 +3,6 @@ } data "oci_network_firewall_network_firewall_policies" "fw-policy" { - compartment_id = var.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", var.compartment_id)) > 0 ? var.compartment_id : var.compartment_ocids[var.compartment_id]) : var.compartment_ocids[var.compartment_id] + compartment_id = var.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", var.compartment_id)) > 0 ? var.compartment_id : var.compartment_ocids[var.compartment_id]) : var.compartment_ocids[var.compartment_id] display_name = var.network_firewall_policy_id */ \ No newline at end of file diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/url-list/data.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/url-list/data.tf index 07b270bd3..12fa5c62d 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/url-list/data.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/security/firewall/url-list/data.tf @@ -3,6 +3,6 @@ } data "oci_network_firewall_network_firewall_policies" "fw-policy" { - compartment_id = var.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", var.compartment_id)) > 0 ? var.compartment_id : var.compartment_ocids[var.compartment_id]) : var.compartment_ocids[var.compartment_id] + compartment_id = var.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", var.compartment_id)) > 0 ? var.compartment_id : var.compartment_ocids[var.compartment_id]) : var.compartment_ocids[var.compartment_id] display_name = var.network_firewall_policy_id */ \ No newline at end of file diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/storage/block-volume/main.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/storage/block-volume/main.tf index fa8b01c8a..1620c536f 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/storage/block-volume/main.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/storage/block-volume/main.tf @@ -48,7 +48,7 @@ resource "oci_core_volume_attachment" "block_vol_instance_attachment" { #################################### locals { - #existing_volume_id = length(data.oci_core_volumes.all_volumes[0].volumes) > 0 ? length(regexall("ocid1.volume.oc1*", data.oci_core_volumes.all_volumes[0].volumes[0].id)) > 0 ? data.oci_core_volumes.all_volumes[0].volumes[0].id : "" : "" + #existing_volume_id = length(data.oci_core_volumes.all_volumes[0].volumes) > 0 ? length(regexall("ocid1.volume.oc*", data.oci_core_volumes.all_volumes[0].volumes[0].id)) > 0 ? data.oci_core_volumes.all_volumes[0].volumes[0].id : "" : "" policy_tf_compartment_id = var.policy_tf_compartment_id != null ? var.policy_tf_compartment_id : null current_policy_id = var.block_tf_policy != null ? (lower(var.block_tf_policy) == "gold" || lower(var.block_tf_policy) == "silver" || lower(var.block_tf_policy) == "bronze" ? data.oci_core_volume_backup_policies.block_vol_backup_policy[0].volume_backup_policies.0.id : data.oci_core_volume_backup_policies.block_vol_custom_policy[0].volume_backup_policies.0.id) : "" } diff --git a/cd3_automation_toolkit/user-scripts/terraform/modules/storage/file-storage/mount-target/data.tf b/cd3_automation_toolkit/user-scripts/terraform/modules/storage/file-storage/mount-target/data.tf index 691dc87a9..97d467587 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/modules/storage/file-storage/mount-target/data.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/modules/storage/file-storage/mount-target/data.tf @@ -6,7 +6,7 @@ ############################# locals { - nsg_ids = var.network_security_group_ids != null ? flatten(tolist([for nsg in var.network_security_group_ids : (length(regexall("ocid1.networksecuritygroup.oc1*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups_mt[nsg].network_security_groups[*].id)])) : null + nsg_ids = var.network_security_group_ids != null ? flatten(tolist([for nsg in var.network_security_group_ids : (length(regexall("ocid1.networksecuritygroup.oc*", nsg)) > 0 ? [nsg] : data.oci_core_network_security_groups.network_security_groups_mt[nsg].network_security_groups[*].id)])) : null } data "oci_core_network_security_groups" "network_security_groups_mt" { diff --git a/cd3_automation_toolkit/user-scripts/terraform/network.tf b/cd3_automation_toolkit/user-scripts/terraform/network.tf index 51a5e2e57..915f25b1a 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/network.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/network.tf @@ -9,7 +9,7 @@ data "oci_core_drg_route_tables" "drg_route_tables" { for_each = (var.data_drg_route_tables != null || var.data_drg_route_tables != {}) ? var.data_drg_route_tables : {} #Required - drg_id = length(regexall("ocid1.drg.oc1*", each.value.drg_id)) > 0 ? each.value.drg_id : merge(module.drgs.*...)[each.value.drg_id]["drg_tf_id"] + drg_id = length(regexall("ocid1.drg.oc*", each.value.drg_id)) > 0 ? each.value.drg_id : merge(module.drgs.*...)[each.value.drg_id]["drg_tf_id"] filter { name = "display_name" values = [each.value.values] @@ -22,7 +22,7 @@ data "oci_core_drg_route_distributions" "drg_route_distributions" { for_each = (var.data_drg_route_table_distributions != null || var.data_drg_route_table_distributions != {}) ? var.data_drg_route_table_distributions : {} #Required - drg_id = length(regexall("ocid1.drg.oc1*", each.value.drg_id)) > 0 ? each.value.drg_id : merge(module.drgs.*...)[each.value.drg_id]["drg_tf_id"] + drg_id = length(regexall("ocid1.drg.oc*", each.value.drg_id)) > 0 ? each.value.drg_id : merge(module.drgs.*...)[each.value.drg_id]["drg_tf_id"] filter { name = "display_name" values = [each.value.values] @@ -40,8 +40,8 @@ module "vcns" { for_each = var.vcns != null ? var.vcns : {} #Required - #compartment_id = length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : try(zipmap(data.oci_identity_compartments.compartments.compartments.*.name, data.oci_identity_compartments.compartments.compartments.*.id)[each.value.compartment_id], var.compartment_ocids[each.value.compartment_id]) - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + #compartment_id = length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : try(zipmap(data.oci_identity_compartments.compartments.compartments.*.name, data.oci_identity_compartments.compartments.compartments.*.id)[each.value.compartment_id], var.compartment_ocids[each.value.compartment_id]) + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null #Optional cidr_blocks = each.value.cidr_blocks @@ -74,15 +74,15 @@ module "igws" { depends_on = [module.vcns] #,module.route-tables] #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null - vcn_id = length(regexall("ocid1.vcn.oc1*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + vcn_id = length(regexall("ocid1.vcn.oc*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] #Optional enabled = each.value.enable_igw # Defaults to true by terraform hashicorp defined_tags = each.value.defined_tags display_name = each.value.igw_name != null ? each.value.igw_name : null freeform_tags = each.value.freeform_tags - #route_table_id = each.value.route_table_id == null || each.value.route_table_id == "" ? merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_route_table_id"] : (length(regexall("ocid1.routetable.oc1*", each.value.route_table_id)) > 0 ? each.value.route_table_id : merge(module.route-tables.*...)[each.value.route_table_id]["route_table_ids"]) + #route_table_id = each.value.route_table_id == null || each.value.route_table_id == "" ? merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_route_table_id"] : (length(regexall("ocid1.routetable.oc*", each.value.route_table_id)) > 0 ? each.value.route_table_id : merge(module.route-tables.*...)[each.value.route_table_id]["route_table_ids"]) } @@ -104,8 +104,8 @@ module "ngws" { depends_on = [module.vcns] #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null - vcn_id = length(regexall("ocid1.vcn.oc1*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + vcn_id = length(regexall("ocid1.vcn.oc*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] #Optional block_traffic = each.value.block_traffic # Defaults to false by terraform hashicorp @@ -133,12 +133,12 @@ module "hub-lpgs" { depends_on = [module.vcns, module.spoke-lpgs, module.none-lpgs, module.exported-lpgs, module.peer-lpgs] #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null - vcn_id = length(regexall("ocid1.vcn.oc1*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + vcn_id = length(regexall("ocid1.vcn.oc*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] #Optional peer_id = each.value.peer_id != "" ? (length(regexall("##peer_id*", each.value.peer_id)) > 0 ? null : try(merge(module.spoke-lpgs.*...)[each.value.peer_id]["lpg_tf_id"], merge(module.exported-lpgs.*...)[each.value.peer_id]["lpg_tf_id"], merge(module.peer-lpgs.*...)[each.value.peer_id]["lpg_tf_id"], merge(module.none-lpgs.*...)[each.value.peer_id]["lpg_tf_id"])) : null - #route_table_id = length(regexall("ocid1.routetable.oc1*", each.value.route_table_id)) > 0 ? each.value.route_table_id : merge(module.route-tables.*...)[each.value.route_table_id]["route_table_ids"] + #route_table_id = length(regexall("ocid1.routetable.oc*", each.value.route_table_id)) > 0 ? each.value.route_table_id : merge(module.route-tables.*...)[each.value.route_table_id]["route_table_ids"] defined_tags = each.value.defined_tags display_name = each.value.lpg_name != null ? each.value.lpg_name : null freeform_tags = each.value.freeform_tags @@ -151,12 +151,12 @@ module "spoke-lpgs" { depends_on = [module.vcns] #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null - vcn_id = length(regexall("ocid1.vcn.oc1*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + vcn_id = length(regexall("ocid1.vcn.oc*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] #Optional peer_id = (each.value.peer_id != "" && each.value.peer_id != null) ? (length(regexall("##peer_id*", each.value.peer_id)) > 0 ? null : each.value.peer_id) : null - #route_table_id = length(regexall("ocid1.routetable.oc1*", each.value.route_table_id)) > 0 ? each.value.route_table_id : merge(module.route-tables.*...)[each.value.route_table_id]["route_table_ids"] + #route_table_id = length(regexall("ocid1.routetable.oc*", each.value.route_table_id)) > 0 ? each.value.route_table_id : merge(module.route-tables.*...)[each.value.route_table_id]["route_table_ids"] defined_tags = each.value.defined_tags display_name = each.value.lpg_name != null ? each.value.lpg_name : null freeform_tags = each.value.freeform_tags @@ -169,12 +169,12 @@ module "peer-lpgs" { depends_on = [module.vcns, module.none-lpgs] #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null - vcn_id = length(regexall("ocid1.vcn.oc1*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + vcn_id = length(regexall("ocid1.vcn.oc*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] #Optional peer_id = each.value.peer_id != "" ? (length(regexall("##peer_id*", each.value.peer_id)) > 0 ? null : try(merge(module.spoke-lpgs.*...)[each.value.peer_id]["lpg_tf_id"], merge(module.exported-lpgs.*...)[each.value.peer_id]["lpg_tf_id"], merge(module.none-lpgs.*...)[each.value.peer_id]["lpg_tf_id"])) : null - #route_table_id = length(regexall("ocid1.routetable.oc1*", each.value.route_table_id)) > 0 ? each.value.route_table_id : merge(module.route-tables.*...)[each.value.route_table_id]["route_table_ids"] + #route_table_id = length(regexall("ocid1.routetable.oc*", each.value.route_table_id)) > 0 ? each.value.route_table_id : merge(module.route-tables.*...)[each.value.route_table_id]["route_table_ids"] defined_tags = each.value.defined_tags display_name = each.value.lpg_name != null ? each.value.lpg_name : null freeform_tags = each.value.freeform_tags @@ -187,12 +187,12 @@ module "none-lpgs" { depends_on = [module.vcns] #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null - vcn_id = length(regexall("ocid1.vcn.oc1*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + vcn_id = length(regexall("ocid1.vcn.oc*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] #Optional peer_id = (each.value.peer_id != "" && each.value.peer_id != null) ? (length(regexall("##peer_id*", each.value.peer_id)) > 0 ? null : each.value.peer_id) : null - #route_table_id = length(regexall("ocid1.routetable.oc1*", each.value.route_table_id)) > 0 ? each.value.route_table_id : merge(module.route-tables.*...)[each.value.route_table_id]["route_table_ids"] + #route_table_id = length(regexall("ocid1.routetable.oc*", each.value.route_table_id)) > 0 ? each.value.route_table_id : merge(module.route-tables.*...)[each.value.route_table_id]["route_table_ids"] defined_tags = each.value.defined_tags display_name = each.value.lpg_name != null ? each.value.lpg_name : null freeform_tags = each.value.freeform_tags @@ -205,12 +205,12 @@ module "exported-lpgs" { depends_on = [module.vcns] #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null - vcn_id = length(regexall("ocid1.vcn.oc1*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + vcn_id = length(regexall("ocid1.vcn.oc*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] #Optional peer_id = (each.value.peer_id != "" && each.value.peer_id != null) ? (length(regexall("##peer_id*", each.value.peer_id)) > 0 ? null : each.value.peer_id) : null - #route_table_id = length(regexall("ocid1.routetable.oc1*", each.value.route_table_id)) > 0 ? each.value.route_table_id : merge(module.route-tables.*...)[each.value.route_table_id]["route_table_ids"] + #route_table_id = length(regexall("ocid1.routetable.oc*", each.value.route_table_id)) > 0 ? each.value.route_table_id : merge(module.route-tables.*...)[each.value.route_table_id]["route_table_ids"] defined_tags = each.value.defined_tags display_name = each.value.lpg_name != null ? each.value.lpg_name : null freeform_tags = each.value.freeform_tags @@ -248,15 +248,15 @@ module "sgws" { for_each = (var.sgws != null || var.sgws != {}) ? var.sgws : {} #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null - vcn_id = length(regexall("ocid1.vcn.oc1*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + vcn_id = length(regexall("ocid1.vcn.oc*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] #Optional defined_tags = each.value.defined_tags display_name = each.value.sgw_name != null ? each.value.sgw_name : null freeform_tags = each.value.freeform_tags service = each.value.service != "" ? (contains(split("-", each.value.service), "all") == true ? "all" : "objectstorage") : "all" - #route_table_id = length(regexall("ocid1.routetable.oc1*", each.value.route_table_id)) > 0 ? each.value.route_table_id : ((each.value.route_table_id != "" && each.value.route_table_id != null) ? (length(regexall(".Default-Route-Table-for*", each.value.route_table_id)) > 0 ? merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_route_table_id"] : merge(module.route-tables.*...)[each.value.route_table_id]["route_table_ids"]) : null) + #route_table_id = length(regexall("ocid1.routetable.oc*", each.value.route_table_id)) > 0 ? each.value.route_table_id : ((each.value.route_table_id != "" && each.value.route_table_id != null) ? (length(regexall(".Default-Route-Table-for*", each.value.route_table_id)) > 0 ? merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_route_table_id"] : merge(module.route-tables.*...)[each.value.route_table_id]["route_table_ids"]) : null) } /* @@ -276,7 +276,7 @@ module "drgs" { for_each = (var.drgs != null || var.drgs != {}) ? var.drgs : {} #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null #Optional defined_tags = each.value.defined_tags @@ -293,8 +293,8 @@ module "drg-attachments" { drg_display_name = each.value.display_name defined_tags = each.value.defined_tags freeform_tags = each.value.freeform_tags - drg_id = length(regexall("ocid1.drg.oc1*", each.value.drg_id)) > 0 ? each.value.drg_id : ((each.value.drg_id != "" && each.value.drg_id != null) ? merge(module.drgs.*...)[each.value.drg_id]["drg_tf_id"] : each.value.drg_id) - drg_route_table_id = length(regexall("ocid1.drgroutetable.oc1*", each.value.drg_route_table_id)) > 0 ? each.value.drg_route_table_id : ((each.value.drg_route_table_id != "" && each.value.drg_route_table_id != null) ? merge(module.drg-route-tables.*...)[each.value.drg_route_table_id]["drg_route_table_tf_id"] : null) + drg_id = length(regexall("ocid1.drg.oc*", each.value.drg_id)) > 0 ? each.value.drg_id : ((each.value.drg_id != "" && each.value.drg_id != null) ? merge(module.drgs.*...)[each.value.drg_id]["drg_tf_id"] : each.value.drg_id) + drg_route_table_id = length(regexall("ocid1.drgroutetable.oc*", each.value.drg_route_table_id)) > 0 ? each.value.drg_route_table_id : ((each.value.drg_route_table_id != "" && each.value.drg_route_table_id != null) ? merge(module.drg-route-tables.*...)[each.value.drg_route_table_id]["drg_route_table_tf_id"] : null) vcns_tf_id = merge(module.vcns.*...) route_table_tf_id = merge(module.route-tables.*...) default_route_table_tf_id = merge(module.default-route-tables.*...) @@ -324,7 +324,7 @@ module "default-dhcps" { for_each = (var.default_dhcps != null || var.default_dhcps != {}) ? var.default_dhcps : {} #Required - manage_default_resource_id = length(regexall("ocid1.dhcpoptions.oc1*", each.value.manage_default_resource_id)) > 0 ? each.value.manage_default_resource_id : merge(module.vcns.*...)[each.value.manage_default_resource_id]["vcn_default_dhcp_id"] + manage_default_resource_id = length(regexall("ocid1.dhcpoptions.oc*", each.value.manage_default_resource_id)) > 0 ? each.value.manage_default_resource_id : merge(module.vcns.*...)[each.value.manage_default_resource_id]["vcn_default_dhcp_id"] server_type = each.value.server_type custom_dns_servers = each.value.custom_dns_servers search_domain_names = each.value.search_domain != null ? each.value.search_domain.names : [] @@ -351,8 +351,8 @@ module "custom-dhcps" { for_each = (var.custom_dhcps != null || var.custom_dhcps != {}) ? var.custom_dhcps : {} #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null - vcn_id = length(regexall("ocid1.vcn.oc1*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + vcn_id = length(regexall("ocid1.vcn.oc*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] server_type = each.value.server_type custom_dns_servers = each.value.custom_dns_servers != null ? each.value.custom_dns_servers : [] @@ -381,7 +381,7 @@ module "default-route-tables" { for_each = (var.default_route_tables != null || var.default_route_tables != {}) ? var.default_route_tables : {} #Required - manage_default_resource_id = length(regexall("ocid1.vcn.oc1*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_route_table_id"] + manage_default_resource_id = length(regexall("ocid1.vcn.oc*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_route_table_id"] #Optional defined_tags = each.value.defined_tags @@ -414,8 +414,8 @@ module "route-tables" { for_each = (var.route_tables != null || var.route_tables != {}) ? var.route_tables : {} #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null - vcn_id = length(regexall("ocid1.vcn.oc1*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + vcn_id = length(regexall("ocid1.vcn.oc*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] #Optional defined_tags = each.value.defined_tags @@ -450,13 +450,13 @@ module "drg-route-tables" { for_each = (var.drg_route_tables != null || var.drg_route_tables != {}) ? var.drg_route_tables : {} #Required - drg_id = each.value.drg_id != null && each.value.drg_id != "" ? (length(regexall("ocid1.drg.oc1*", each.value.drg_id)) > 0 ? each.value.drg_id : merge(module.drgs.*...)[each.value.drg_id]["drg_tf_id"]) : null + drg_id = each.value.drg_id != null && each.value.drg_id != "" ? (length(regexall("ocid1.drg.oc*", each.value.drg_id)) > 0 ? each.value.drg_id : merge(module.drgs.*...)[each.value.drg_id]["drg_tf_id"]) : null #Optional defined_tags = each.value.defined_tags == {} ? null : each.value.defined_tags freeform_tags = each.value.freeform_tags == {} ? null : each.value.freeform_tags display_name = each.value.display_name != null ? each.value.display_name : null - import_drg_route_distribution_id = each.value.import_drg_route_distribution_id != null && each.value.import_drg_route_distribution_id != "" ? (length(regexall("ocid1.drgroutedistribution.oc1*", each.value.import_drg_route_distribution_id)) > 0 ? each.value.import_drg_route_distribution_id : (length(regexall(".Autogenerated-Import-Route-Distribution-for*", each.value.import_drg_route_distribution_id)) > 0 ? data.oci_core_drg_route_distributions.drg_route_distributions[each.value.import_drg_route_distribution_id].drg_route_distributions[0].id : merge(module.drg-route-distributions.*...)[each.value.import_drg_route_distribution_id]["drg_route_distribution_tf_id"])) : null + import_drg_route_distribution_id = each.value.import_drg_route_distribution_id != null && each.value.import_drg_route_distribution_id != "" ? (length(regexall("ocid1.drgroutedistribution.oc*", each.value.import_drg_route_distribution_id)) > 0 ? each.value.import_drg_route_distribution_id : (length(regexall(".Autogenerated-Import-Route-Distribution-for*", each.value.import_drg_route_distribution_id)) > 0 ? data.oci_core_drg_route_distributions.drg_route_distributions[each.value.import_drg_route_distribution_id].drg_route_distributions[0].id : merge(module.drg-route-distributions.*...)[each.value.import_drg_route_distribution_id]["drg_route_distribution_tf_id"])) : null is_ecmp_enabled = each.value.is_ecmp_enabled != null ? each.value.is_ecmp_enabled : null } @@ -478,10 +478,10 @@ module "drg-route-rules" { for_each = (var.drg_route_rules != null || var.drg_route_rules != {}) ? var.drg_route_rules : {} #Required - drg_route_table_id = length(regexall("ocid1.drgroutetable.oc1*", each.value.drg_route_table_id)) > 0 ? each.value.drg_route_table_id : ((each.value.drg_route_table_id != "" && each.value.drg_route_table_id != null) ? (length(regexall(".Autogenerated-Drg-Route-Table-for*", each.value.drg_route_table_id)) > 0 ? data.oci_core_drg_route_tables.drg_route_tables[each.value.drg_route_table_id].drg_route_tables[0].id : merge(module.drg-route-tables.*...)[each.value.drg_route_table_id]["drg_route_table_tf_id"]) : null) + drg_route_table_id = length(regexall("ocid1.drgroutetable.oc*", each.value.drg_route_table_id)) > 0 ? each.value.drg_route_table_id : ((each.value.drg_route_table_id != "" && each.value.drg_route_table_id != null) ? (length(regexall(".Autogenerated-Drg-Route-Table-for*", each.value.drg_route_table_id)) > 0 ? data.oci_core_drg_route_tables.drg_route_tables[each.value.drg_route_table_id].drg_route_tables[0].id : merge(module.drg-route-tables.*...)[each.value.drg_route_table_id]["drg_route_table_tf_id"]) : null) destination = each.value.destination destination_type = each.value.destination_type - next_hop_drg_attachment_id = length(regexall("ocid1.drgattachment.oc1*", each.value.next_hop_drg_attachment_id)) > 0 ? each.value.next_hop_drg_attachment_id : (each.value.next_hop_drg_attachment_id != "" && each.value.next_hop_drg_attachment_id != null ? merge(module.drg-attachments.*...)[each.value.next_hop_drg_attachment_id]["drg_attachment_tf_id"] : null) + next_hop_drg_attachment_id = length(regexall("ocid1.drgattachment.oc*", each.value.next_hop_drg_attachment_id)) > 0 ? each.value.next_hop_drg_attachment_id : (each.value.next_hop_drg_attachment_id != "" && each.value.next_hop_drg_attachment_id != null ? merge(module.drg-attachments.*...)[each.value.next_hop_drg_attachment_id]["drg_attachment_tf_id"] : null) } @@ -504,7 +504,7 @@ module "drg-route-distributions" { #Required distribution_type = each.value.distribution_type - drg_id = each.value.drg_id != null && each.value.drg_id != "" ? (length(regexall("ocid1.drg.oc1*", each.value.drg_id)) > 0 ? each.value.drg_id : merge(module.drgs.*...)[each.value.drg_id]["drg_tf_id"]) : null + drg_id = each.value.drg_id != null && each.value.drg_id != "" ? (length(regexall("ocid1.drg.oc*", each.value.drg_id)) > 0 ? each.value.drg_id : merge(module.drgs.*...)[each.value.drg_id]["drg_tf_id"]) : null #Optional defined_tags = each.value.defined_tags @@ -529,7 +529,7 @@ module "drg-route-distribution-statements" { #Required key_name = each.key - drg_route_distribution_id = each.value.drg_route_distribution_id != null && each.value.drg_route_distribution_id != "" ? (length(regexall("ocid1.drgroutedistribution.oc1*", each.value.drg_route_distribution_id)) > 0 ? each.value.drg_route_distribution_id : (length(regexall(".Autogenerated-Import-Route-Distribution-for*", each.value.drg_route_distribution_id)) > 0 ? data.oci_core_drg_route_distributions.drg_route_distributions[each.value.drg_route_distribution_id].drg_route_distributions[0].id : merge(module.drg-route-distributions.*...)[each.value.drg_route_distribution_id]["drg_route_distribution_tf_id"])) : null + drg_route_distribution_id = each.value.drg_route_distribution_id != null && each.value.drg_route_distribution_id != "" ? (length(regexall("ocid1.drgroutedistribution.oc*", each.value.drg_route_distribution_id)) > 0 ? each.value.drg_route_distribution_id : (length(regexall(".Autogenerated-Import-Route-Distribution-for*", each.value.drg_route_distribution_id)) > 0 ? data.oci_core_drg_route_distributions.drg_route_distributions[each.value.drg_route_distribution_id].drg_route_distributions[0].id : merge(module.drg-route-distributions.*...)[each.value.drg_route_distribution_id]["drg_route_distribution_tf_id"])) : null priority = each.value.priority action = each.value.action drg_attachment_ids = merge(module.drg-attachments.*...) @@ -595,8 +595,8 @@ module "subnets" { #Required tenancy_ocid = var.tenancy_ocid - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null - vcn_id = length(regexall("ocid1.vcn.oc1*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + vcn_id = length(regexall("ocid1.vcn.oc*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_tf_id"] cidr_block = each.value.cidr_block #Optional @@ -608,8 +608,8 @@ module "subnets" { prohibit_internet_ingress = each.value.prohibit_internet_ingress prohibit_public_ip_on_vnic = each.value.prohibit_public_ip_on_vnic availability_domain = each.value.availability_domain != "" && each.value.availability_domain != null ? data.oci_identity_availability_domains.availability_domains.availability_domains[each.value.availability_domain].name : "" - dhcp_options_id = each.value.dhcp_options_id == null || each.value.dhcp_options_id == "" ? merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_dhcp_id"] : (length(regexall("ocid1.dhcpoptions.oc1*", each.value.dhcp_options_id)) > 0 ? each.value.dhcp_options_id : merge(module.custom-dhcps.*...)[each.value.dhcp_options_id]["custom_dhcp_tf_id"]) - route_table_id = each.value.route_table_id == null || each.value.route_table_id == "" ? merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_route_table_id"] : (length(regexall("ocid1.routetable.oc1*", each.value.route_table_id)) > 0 ? each.value.route_table_id : merge(module.route-tables.*...)[each.value.route_table_id]["route_table_ids"]) + dhcp_options_id = each.value.dhcp_options_id == null || each.value.dhcp_options_id == "" ? merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_dhcp_id"] : (length(regexall("ocid1.dhcpoptions.oc*", each.value.dhcp_options_id)) > 0 ? each.value.dhcp_options_id : merge(module.custom-dhcps.*...)[each.value.dhcp_options_id]["custom_dhcp_tf_id"]) + route_table_id = each.value.route_table_id == null || each.value.route_table_id == "" ? merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_route_table_id"] : (length(regexall("ocid1.routetable.oc*", each.value.route_table_id)) > 0 ? each.value.route_table_id : merge(module.route-tables.*...)[each.value.route_table_id]["route_table_ids"]) vcn_default_security_list_id = merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_security_list_id"] security_list_ids = length(each.value.security_list_ids) != 0 ? [for sl in each.value.security_list_ids : lookup(local.security_lists_map, sl != "" ? sl : each.value.vcn_id, [])] : [] @@ -635,7 +635,7 @@ module "vcn-log-groups" { # Log Groups #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null display_name = each.value.display_name @@ -658,9 +658,9 @@ module "vcn-logs" { # Logs #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null display_name = each.value.display_name - log_group_id = length(regexall("ocid1.loggroup.oc1*", each.value.log_group_id)) > 0 ? each.value.log_group_id : merge(module.vcn-log-groups.*...)[each.value.log_group_id]["log_group_tf_id"] + log_group_id = length(regexall("ocid1.loggroup.oc*", each.value.log_group_id)) > 0 ? each.value.log_group_id : merge(module.vcn-log-groups.*...)[each.value.log_group_id]["log_group_tf_id"] log_type = each.value.log_type #Required diff --git a/cd3_automation_toolkit/user-scripts/terraform/networkloadbalancer.tf b/cd3_automation_toolkit/user-scripts/terraform/networkloadbalancer.tf index 90b03cf39..6e8264d4f 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/networkloadbalancer.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/networkloadbalancer.tf @@ -8,7 +8,7 @@ data "oci_core_subnets" "oci_subnets_nlb" { # depends_on = [module.subnets] # Uncomment to create Network and NLBs together for_each = var.network_load_balancers != null ? var.network_load_balancers : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.subnet_id vcn_id = data.oci_core_vcns.oci_vcns_nlb[each.key].virtual_networks.*.id[0] } @@ -16,17 +16,17 @@ data "oci_core_subnets" "oci_subnets_nlb" { data "oci_core_vcns" "oci_vcns_nlb" { # depends_on = [module.vcns] # Uncomment to create Network and NLBs together for_each = var.network_load_balancers != null ? var.network_load_balancers : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.vcn_name } module "network-load-balancers" { source = "./modules/networkloadbalancer/nlb" for_each = var.network_load_balancers != null ? var.network_load_balancers : {} - network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null display_name = each.value.display_name - subnet_id = each.value.subnet_id != "" ? (length(regexall("ocid1.subnet.oc1*", each.value.subnet_id)) > 0 ? each.value.subnet_id : data.oci_core_subnets.oci_subnets_nlb[each.key].subnets.*.id[0]) : null + subnet_id = each.value.subnet_id != "" ? (length(regexall("ocid1.subnet.oc*", each.value.subnet_id)) > 0 ? each.value.subnet_id : data.oci_core_subnets.oci_subnets_nlb[each.key].subnets.*.id[0]) : null is_preserve_source_destination = each.value.is_preserve_source_destination is_symmetric_hash_enabled = each.value.is_symmetric_hash_enabled is_private = each.value.is_private @@ -35,7 +35,7 @@ module "network-load-balancers" { vcn_name = each.value.vcn_name defined_tags = each.value.defined_tags freeform_tags = each.value.freeform_tags - reserved_ips_id = each.value.reserved_ips_id != "" && lower(each.value.reserved_ips_id) != "n" ? (length(regexall("ocid1.publicip.oc1*", each.value.reserved_ips_id)) > 0 ? [each.value.reserved_ips_id] : [merge(module.nlb-reserved-ips.*...)[join("-", [each.key, "reserved", "ip"])].reserved_ip_tf_id]) : [] + reserved_ips_id = each.value.reserved_ips_id != "" && lower(each.value.reserved_ips_id) != "n" ? (length(regexall("ocid1.publicip.oc*", each.value.reserved_ips_id)) > 0 ? [each.value.reserved_ips_id] : [merge(module.nlb-reserved-ips.*...)[join("-", [each.key, "reserved", "ip"])].reserved_ip_tf_id]) : [] } module "nlb-listeners" { @@ -43,7 +43,7 @@ module "nlb-listeners" { for_each = var.nlb_listeners != null ? var.nlb_listeners : {} name = each.value.name default_backend_set_name = merge(module.nlb-backend-sets.*...)[each.value.default_backend_set_name].nlb_backend_set_tf_name - network_load_balancer_id = length(regexall("ocid1.networkloadbalancer.oc1*", each.value.network_load_balancer_id)) > 0 ? each.value.network_load_balancer_id : merge(module.network-load-balancers.*...)[each.value.network_load_balancer_id]["network_load_balancer_tf_id"] + network_load_balancer_id = length(regexall("ocid1.networkloadbalancer.oc*", each.value.network_load_balancer_id)) > 0 ? each.value.network_load_balancer_id : merge(module.network-load-balancers.*...)[each.value.network_load_balancer_id]["network_load_balancer_tf_id"] port = each.value.port protocol = each.value.protocol ip_version = each.value.ip_version @@ -53,7 +53,7 @@ module "nlb-backend-sets" { source = "./modules/networkloadbalancer/nlb-backendset" for_each = var.nlb_backend_sets != null ? var.nlb_backend_sets : {} name = each.value.name - network_load_balancer_id = length(regexall("ocid1.networkloadbalancer.oc1*", each.value.network_load_balancer_id)) > 0 ? each.value.network_load_balancer_id : merge(module.network-load-balancers.*...)[each.value.network_load_balancer_id]["network_load_balancer_tf_id"] + network_load_balancer_id = length(regexall("ocid1.networkloadbalancer.oc*", each.value.network_load_balancer_id)) > 0 ? each.value.network_load_balancer_id : merge(module.network-load-balancers.*...)[each.value.network_load_balancer_id]["network_load_balancer_tf_id"] policy = each.value.policy ip_version = each.value.ip_version is_preserve_source = each.value.is_preserve_source @@ -74,10 +74,10 @@ module "nlb-backends" { source = "./modules/networkloadbalancer/nlb-backend" for_each = var.nlb_backends != null ? var.nlb_backends : {} backend_set_name = merge(module.nlb-backend-sets.*...)[each.value.backend_set_name]["nlb_backend_set_tf_name"] - network_load_balancer_id = length(regexall("ocid1.loadbalancer.oc1*", each.value.network_load_balancer_id)) > 0 ? each.value.network_load_balancer_id : merge(module.network-load-balancers.*...)[each.value.network_load_balancer_id]["network_load_balancer_tf_id"] + network_load_balancer_id = length(regexall("ocid1.loadbalancer.oc*", each.value.network_load_balancer_id)) > 0 ? each.value.network_load_balancer_id : merge(module.network-load-balancers.*...)[each.value.network_load_balancer_id]["network_load_balancer_tf_id"] port = each.value.port ip_address = each.value.ip_address - instance_compartment = each.value.instance_compartment != "" ? (length(regexall("ocid1.compartment.oc1*", each.value.instance_compartment)) > 0 ? each.value.instance_compartment : var.compartment_ocids[each.value.instance_compartment]) : var.tenancy_ocid + instance_compartment = each.value.instance_compartment != "" ? (length(regexall("ocid1.compartment.oc*", each.value.instance_compartment)) > 0 ? each.value.instance_compartment : var.compartment_ocids[each.value.instance_compartment]) : var.tenancy_ocid #ip_address = each.value.ip_address != "" ? (length(regexall("IP:", each.value.ip_address)) > 0 ? split("IP:", each.value.ip_address)[1] : data.oci_core_instance.nlb_instance_ip[each.key].private_ip) : (length(regexall("NAME:", each.value.ip_address)) > 0 ? split("NAME:", each.value.ip_address)[1] : data.oci_core_instance.nlb_instance[each.key].private_ip) : null @@ -103,14 +103,14 @@ module "nlb-reserved-ips" { for_each = var.nlb_reserved_ips != null && var.nlb_reserved_ips != {} ? var.nlb_reserved_ips : {} #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null lifetime = each.value.lifetime #Optional defined_tags = each.value.defined_tags display_name = each.value.display_name freeform_tags = each.value.freeform_tags - #private_ip_id = each.value.private_ip_id != "" ? (length(regexall("ocid1.privateip.oc1*", each.value.private_ip_id)) > 0 ? each.value.private_ip_id : (length(regexall("\\.", each.value.private_ip_id)) == 3 ? local.private_ip_id[0][each.value.private_ip_id] : merge(module.private-ips.*...)[each.value.private_ip_id].private_ip_tf_id)) : null - #public_ip_pool_id = each.value.public_ip_pool_id != "" ? (length(regexall("ocid1.publicippool.oc1*", each.value.public_ip_pool_id)) > 0 ? each.value.public_ip_pool_id : merge(module.public-ip-pools.*...)[each.value.public_ip_pool_id].public_ip_pool_tf_id) : null + #private_ip_id = each.value.private_ip_id != "" ? (length(regexall("ocid1.privateip.oc*", each.value.private_ip_id)) > 0 ? each.value.private_ip_id : (length(regexall("\\.", each.value.private_ip_id)) == 3 ? local.private_ip_id[0][each.value.private_ip_id] : merge(module.private-ips.*...)[each.value.private_ip_id].private_ip_tf_id)) : null + #public_ip_pool_id = each.value.public_ip_pool_id != "" ? (length(regexall("ocid1.publicippool.oc*", each.value.public_ip_pool_id)) > 0 ? each.value.public_ip_pool_id : merge(module.public-ip-pools.*...)[each.value.public_ip_pool_id].public_ip_pool_tf_id) : null } diff --git a/cd3_automation_toolkit/user-scripts/terraform/nsg.tf b/cd3_automation_toolkit/user-scripts/terraform/nsg.tf index 1618314ed..41bf93cc0 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/nsg.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/nsg.tf @@ -6,7 +6,7 @@ data "oci_core_vcns" "oci_vcns_nsgs" { # depends_on = [module.vcns] # Uncomment to create Network and NSGs together for_each = var.nsgs != null ? var.nsgs : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null display_name = each.value.vcn_name } @@ -17,7 +17,7 @@ module "nsgs" { for_each = (var.nsgs != null || var.nsgs != {}) ? var.nsgs : {} #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null vcn_id = flatten(data.oci_core_vcns.oci_vcns_nsgs[each.key].virtual_networks.*.id)[0] defined_tags = each.value.defined_tags display_name = each.value.display_name @@ -36,7 +36,7 @@ module "nsg-rules" { depends_on = [module.nsgs] #Required - nsg_id = length(regexall("ocid1.networksecuritygroup.oc1*", each.value.nsg_id)) > 0 ? each.value.nsg_id : merge(module.nsgs.*...)[each.value.nsg_id]["nsg_tf_id"] + nsg_id = length(regexall("ocid1.networksecuritygroup.oc*", each.value.nsg_id)) > 0 ? each.value.nsg_id : merge(module.nsgs.*...)[each.value.nsg_id]["nsg_tf_id"] direction = (each.value.direction == "" && each.value.direction == null) ? "INGRESS" : each.value.direction protocol = each.value.protocol diff --git a/cd3_automation_toolkit/user-scripts/terraform/object-storage.tf b/cd3_automation_toolkit/user-scripts/terraform/object-storage.tf index fd75bdd96..fcac22999 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/object-storage.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/object-storage.tf @@ -16,7 +16,7 @@ module "oss-policies" { tenancy_ocid = var.tenancy_ocid policy_name = each.value.name - policy_compartment_id = each.value.compartment_id != "root" ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : var.tenancy_ocid + policy_compartment_id = each.value.compartment_id != "root" ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : var.tenancy_ocid policy_description = each.value.policy_description policy_statements = each.value.policy_statements @@ -42,7 +42,7 @@ module "oss-buckets" { for_each = var.buckets != null ? var.buckets : {} #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null name = each.value.name namespace = data.oci_objectstorage_namespace.bucket_namespace.namespace @@ -83,7 +83,7 @@ module "oss-log-groups" { # Log Groups #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null display_name = each.value.display_name @@ -106,9 +106,9 @@ module "oss-logs" { # Logs #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null display_name = each.value.display_name - log_group_id = length(regexall("ocid1.loggroup.oc1*", each.value.log_group_id)) > 0 ? each.value.log_group_id : merge(module.oss-log-groups.*...)[each.value.log_group_id]["log_group_tf_id"] + log_group_id = length(regexall("ocid1.loggroup.oc*", each.value.log_group_id)) > 0 ? each.value.log_group_id : merge(module.oss-log-groups.*...)[each.value.log_group_id]["log_group_tf_id"] log_type = each.value.log_type #Required diff --git a/cd3_automation_toolkit/user-scripts/terraform/oke.tf b/cd3_automation_toolkit/user-scripts/terraform/oke.tf index 2ce4ebf85..1ad3fd48f 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/oke.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/oke.tf @@ -9,7 +9,7 @@ data "oci_core_subnets" "oci_subnets_endpoint" { # depends_on = [module.subnets] # Uncomment to create Network and OKE together for_each = var.clusters != null ? var.clusters : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.endpoint_subnet_id vcn_id = data.oci_core_vcns.oci_vcns_cluster[each.key].virtual_networks.*.id[0] } @@ -18,7 +18,7 @@ data "oci_core_subnets" "oci_subnets_endpoint" { data "oci_core_subnets" "oci_subnets_worker" { # depends_on = [module.subnets] # Uncomment to create Network and OKE together for_each = var.nodepools != null ? var.nodepools : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.subnet_id vcn_id = data.oci_core_vcns.oci_vcns_nodepool[each.key].virtual_networks.*.id[0] } @@ -26,7 +26,7 @@ data "oci_core_subnets" "oci_subnets_worker" { data "oci_core_subnets" "oci_subnets_pod" { # depends_on = [module.subnets] # Uncomment to create Network and OKE together for_each = var.nodepools != null ? var.nodepools : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.pod_subnet_ids vcn_id = data.oci_core_vcns.oci_vcns_nodepool[each.key].virtual_networks.*.id[0] } @@ -34,14 +34,14 @@ data "oci_core_subnets" "oci_subnets_pod" { data "oci_core_vcns" "oci_vcns_cluster" { # depends_on = [module.vcns] # Uncomment to create Network and OKE together for_each = var.clusters != null ? var.clusters : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.vcn_name } data "oci_core_vcns" "oci_vcns_nodepool" { # depends_on = [module.vcns] # Uncomment to create Network and OKE together for_each = var.nodepools != null ? var.nodepools : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.vcn_name } @@ -49,8 +49,8 @@ module "clusters" { source = "./modules/oke/cluster" for_each = var.clusters display_name = each.value.display_name - compartment_id = length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id] - network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.compartment_id] + compartment_id = length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id] + network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.compartment_id] vcn_names = [each.value.vcn_name] kubernetes_version = each.value.kubernetes_version is_kubernetes_dashboard_enabled = each.value.is_kubernetes_dashboard_enabled @@ -58,7 +58,7 @@ module "clusters" { cni_type = each.value.cni_type is_public_ip_enabled = each.value.is_public_ip_enabled nsg_ids = each.value.nsg_ids - endpoint_subnet_id = length(regexall("ocid1.subnet.oc1*", each.value.endpoint_subnet_id)) > 0 ? each.value.endpoint_subnet_id : data.oci_core_subnets.oci_subnets_endpoint[each.key].subnets.*.id[0] + endpoint_subnet_id = length(regexall("ocid1.subnet.oc*", each.value.endpoint_subnet_id)) > 0 ? each.value.endpoint_subnet_id : data.oci_core_subnets.oci_subnets_endpoint[each.key].subnets.*.id[0] is_pod_security_policy_enabled = each.value.is_pod_security_policy_enabled pods_cidr = each.value.pods_cidr services_cidr = each.value.services_cidr @@ -74,24 +74,24 @@ module "nodepools" { tenancy_ocid = var.tenancy_ocid display_name = each.value.display_name availability_domain = each.value.availability_domain - cluster_name = length(regexall("ocid1.cluster.oc1*", each.value.cluster_name)) > 0 ? each.value.cluster_name : merge(module.clusters.*...)[each.value.cluster_name]["cluster_tf_id"] - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null - network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null + cluster_name = length(regexall("ocid1.cluster.oc*", each.value.cluster_name)) > 0 ? each.value.cluster_name : merge(module.clusters.*...)[each.value.cluster_name]["cluster_tf_id"] + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null vcn_names = [each.value.vcn_name] node_shape = each.value.node_shape initial_node_labels = each.value.initial_node_labels kubernetes_version = each.value.kubernetes_version - subnet_id = length(regexall("ocid1.subnet.oc1*", each.value.subnet_id)) > 0 ? each.value.subnet_id : data.oci_core_subnets.oci_subnets_worker[each.key].subnets.*.id[0] + subnet_id = length(regexall("ocid1.subnet.oc*", each.value.subnet_id)) > 0 ? each.value.subnet_id : data.oci_core_subnets.oci_subnets_worker[each.key].subnets.*.id[0] size = each.value.size is_pv_encryption_in_transit_enabled = each.value.is_pv_encryption_in_transit_enabled cni_type = each.value.cni_type max_pods_per_node = each.value.max_pods_per_node pod_nsg_ids = each.value.pod_nsg_ids - pod_subnet_ids = each.value.pod_subnet_ids != null ? (length(regexall("ocid1.subnet.oc1*", each.value.pod_subnet_ids)) > 0 ? each.value.pod_subnet_ids : data.oci_core_subnets.oci_subnets_pod[each.key].subnets.*.id[0]) : null + pod_subnet_ids = each.value.pod_subnet_ids != null ? (length(regexall("ocid1.subnet.oc*", each.value.pod_subnet_ids)) > 0 ? each.value.pod_subnet_ids : data.oci_core_subnets.oci_subnets_pod[each.key].subnets.*.id[0]) : null worker_nsg_ids = each.value.worker_nsg_ids memory_in_gbs = each.value.memory_in_gbs ocpus = each.value.ocpus - image_id = length(regexall("ocid1.image.oc1*", each.value.image_id)) > 0 ? each.value.image_id : var.oke_source_ocids[each.value.image_id] + image_id = length(regexall("ocid1.image.oc*", each.value.image_id)) > 0 ? each.value.image_id : var.oke_source_ocids[each.value.image_id] source_type = each.value.source_type boot_volume_size_in_gbs = each.value.boot_volume_size_in_gbs ssh_public_key = each.value.ssh_public_key != null ? (length(regexall("ssh-rsa*", each.value.ssh_public_key)) > 0 ? each.value.ssh_public_key : lookup(var.oke_ssh_keys, each.value.ssh_public_key, null)) : null diff --git a/cd3_automation_toolkit/user-scripts/terraform/sddc.tf b/cd3_automation_toolkit/user-scripts/terraform/sddc.tf index d2d538f1f..57aebd2db 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/sddc.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/sddc.tf @@ -8,7 +8,7 @@ locals { vlan_config = flatten([for index in local.vlan_ids : [ for key, val in var.sddcs : { #(index) = lookup(val, index, 0) - compartment_id = val.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", val.network_compartment_id)) > 0 ? val.network_compartment_id : var.compartment_ocids[val.network_compartment_id]) : null + compartment_id = val.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", val.network_compartment_id)) > 0 ? val.network_compartment_id : var.compartment_ocids[val.network_compartment_id]) : null display_name = lookup(val, index, 0) vcn_id = data.oci_core_vcns.oci_vcns_sddc[key].virtual_networks.*.id[0] } @@ -44,7 +44,7 @@ locals { data "oci_core_volumes" "ds_volumes" { for_each = { for value in local.ds_vols : value.volume_display_name => value.volume_compartment_id if value.volume_display_name != null } - compartment_id = each.value != null ? (length(regexall("ocid1.compartment.oc1*", each.value)) > 0 ? each.value : var.compartment_ocids[each.value]) : var.compartment_ocids[each.value] + compartment_id = each.value != null ? (length(regexall("ocid1.compartment.oc*", each.value)) > 0 ? each.value : var.compartment_ocids[each.value]) : var.compartment_ocids[each.value] display_name = each.key state = "AVAILABLE" @@ -54,14 +54,14 @@ data "oci_core_volumes" "ds_volumes" { data "oci_core_vcns" "oci_vcns_sddc" { # depends_on = [module.vcns] # Uncomment to create Network and Instances together for_each = var.sddcs != null ? var.sddcs : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.vcn_name } data "oci_core_subnets" "oci_subnets_sddc" { # depends_on = [module.subnets] # Uncomment to create Network and Instances together for_each = var.sddcs != null ? var.sddcs : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.provisioning_subnet_id vcn_id = data.oci_core_vcns.oci_vcns_sddc[each.key].virtual_networks.*.id[0] } @@ -79,20 +79,20 @@ module "sddcs" { #depends_on = [module.vlans] source = "./modules/sddc" for_each = var.sddcs != null ? var.sddcs : {} - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null - network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null compute_availability_domain = each.value.availability_domain == "multi-AD" ? each.value.availability_domain : (each.value.availability_domain != "" && each.value.availability_domain != null) ? data.oci_identity_availability_domains.availability_domains.availability_domains[each.value.availability_domain].name : "" esxi_hosts_count = each.value.esxi_hosts_count != "" ? each.value.esxi_hosts_count : null - nsx_edge_uplink1vlan_id = each.value.nsx_edge_uplink1vlan_id != null ? (length(regexall("ocid1.vlan.oc1*", each.value.nsx_edge_uplink1vlan_id)) > 0 ? each.value.nsx_edge_uplink1vlan_id : data.oci_core_vlans.sddc_vlan_id[each.value.nsx_edge_uplink1vlan_id].vlans[0].id) : null - nsx_edge_uplink2vlan_id = each.value.nsx_edge_uplink2vlan_id != null ? (length(regexall("ocid1.vlan.oc1*", each.value.nsx_edge_uplink2vlan_id)) > 0 ? each.value.nsx_edge_uplink2vlan_id : data.oci_core_vlans.sddc_vlan_id[each.value.nsx_edge_uplink2vlan_id].vlans[0].id) : null - nsx_edge_vtep_vlan_id = each.value.nsx_edge_vtep_vlan_id != null ? (length(regexall("ocid1.vlan.oc1*", each.value.nsx_edge_vtep_vlan_id)) > 0 ? each.value.nsx_edge_vtep_vlan_id : data.oci_core_vlans.sddc_vlan_id[each.value.nsx_edge_vtep_vlan_id].vlans[0].id) : null - nsx_vtep_vlan_id = each.value.nsx_vtep_vlan_id != null ? (length(regexall("ocid1.vlan.oc1*", each.value.nsx_vtep_vlan_id)) > 0 ? each.value.nsx_vtep_vlan_id : data.oci_core_vlans.sddc_vlan_id[each.value.nsx_vtep_vlan_id].vlans[0].id) : null - provisioning_subnet_id = each.value.provisioning_subnet_id != "" ? (length(regexall("ocid1.subnet.oc1*", each.value.provisioning_subnet_id)) > 0 ? each.value.provisioning_subnet_id : data.oci_core_subnets.oci_subnets_sddc[each.key].subnets.*.id[0]) : null + nsx_edge_uplink1vlan_id = each.value.nsx_edge_uplink1vlan_id != null ? (length(regexall("ocid1.vlan.oc*", each.value.nsx_edge_uplink1vlan_id)) > 0 ? each.value.nsx_edge_uplink1vlan_id : data.oci_core_vlans.sddc_vlan_id[each.value.nsx_edge_uplink1vlan_id].vlans[0].id) : null + nsx_edge_uplink2vlan_id = each.value.nsx_edge_uplink2vlan_id != null ? (length(regexall("ocid1.vlan.oc*", each.value.nsx_edge_uplink2vlan_id)) > 0 ? each.value.nsx_edge_uplink2vlan_id : data.oci_core_vlans.sddc_vlan_id[each.value.nsx_edge_uplink2vlan_id].vlans[0].id) : null + nsx_edge_vtep_vlan_id = each.value.nsx_edge_vtep_vlan_id != null ? (length(regexall("ocid1.vlan.oc*", each.value.nsx_edge_vtep_vlan_id)) > 0 ? each.value.nsx_edge_vtep_vlan_id : data.oci_core_vlans.sddc_vlan_id[each.value.nsx_edge_vtep_vlan_id].vlans[0].id) : null + nsx_vtep_vlan_id = each.value.nsx_vtep_vlan_id != null ? (length(regexall("ocid1.vlan.oc*", each.value.nsx_vtep_vlan_id)) > 0 ? each.value.nsx_vtep_vlan_id : data.oci_core_vlans.sddc_vlan_id[each.value.nsx_vtep_vlan_id].vlans[0].id) : null + provisioning_subnet_id = each.value.provisioning_subnet_id != "" ? (length(regexall("ocid1.subnet.oc*", each.value.provisioning_subnet_id)) > 0 ? each.value.provisioning_subnet_id : data.oci_core_subnets.oci_subnets_sddc[each.key].subnets.*.id[0]) : null ssh_authorized_keys = each.value.ssh_authorized_keys != null ? (length(regexall("ssh-rsa*", each.value.ssh_authorized_keys)) > 0 ? each.value.ssh_authorized_keys : lookup(var.sddc_ssh_keys, each.value.ssh_authorized_keys, null)) : null - vmotion_vlan_id = each.value.vmotion_vlan_id != null ? (length(regexall("ocid1.vlan.oc1*", each.value.vmotion_vlan_id)) > 0 ? each.value.vmotion_vlan_id : data.oci_core_vlans.sddc_vlan_id[each.value.vmotion_vlan_id].vlans[0].id) : null + vmotion_vlan_id = each.value.vmotion_vlan_id != null ? (length(regexall("ocid1.vlan.oc*", each.value.vmotion_vlan_id)) > 0 ? each.value.vmotion_vlan_id : data.oci_core_vlans.sddc_vlan_id[each.value.vmotion_vlan_id].vlans[0].id) : null vmware_software_version = each.value.vmware_software_version != "" ? each.value.vmware_software_version : null - vsan_vlan_id = each.value.vsan_vlan_id != null ? (length(regexall("ocid1.vlan.oc1*", each.value.vsan_vlan_id)) > 0 ? each.value.vsan_vlan_id : data.oci_core_vlans.sddc_vlan_id[each.value.vsan_vlan_id].vlans[0].id) : null - vsphere_vlan_id = each.value.vsphere_vlan_id != null ? (length(regexall("ocid1.vlan.oc1*", each.value.vsphere_vlan_id)) > 0 ? each.value.vsphere_vlan_id : data.oci_core_vlans.sddc_vlan_id[each.value.vsphere_vlan_id].vlans[0].id) : null + vsan_vlan_id = each.value.vsan_vlan_id != null ? (length(regexall("ocid1.vlan.oc*", each.value.vsan_vlan_id)) > 0 ? each.value.vsan_vlan_id : data.oci_core_vlans.sddc_vlan_id[each.value.vsan_vlan_id].vlans[0].id) : null + vsphere_vlan_id = each.value.vsphere_vlan_id != null ? (length(regexall("ocid1.vlan.oc*", each.value.vsphere_vlan_id)) > 0 ? each.value.vsphere_vlan_id : data.oci_core_vlans.sddc_vlan_id[each.value.vsphere_vlan_id].vlans[0].id) : null #Optional initial_host_ocpu_count = each.value.initial_host_ocpu_count != "" ? each.value.initial_host_ocpu_count : null initial_host_shape_name = each.value.initial_host_shape_name != "" ? each.value.initial_host_shape_name : null @@ -101,15 +101,15 @@ module "sddcs" { defined_tags = each.value.defined_tags != {} ? each.value.defined_tags : {} freeform_tags = each.value.freeform_tags != {} ? each.value.freeform_tags : {} hcx_action = each.value.hcx_action != "" ? each.value.hcx_action : null - hcx_vlan_id = each.value.hcx_vlan_id != null ? (length(regexall("ocid1.vlan.oc1*", each.value.hcx_vlan_id)) > 0 ? each.value.hcx_vlan_id : data.oci_core_vlans.sddc_vlan_id[each.value.hcx_vlan_id].vlans[0].id) : null + hcx_vlan_id = each.value.hcx_vlan_id != null ? (length(regexall("ocid1.vlan.oc*", each.value.hcx_vlan_id)) > 0 ? each.value.hcx_vlan_id : data.oci_core_vlans.sddc_vlan_id[each.value.hcx_vlan_id].vlans[0].id) : null initial_sku = each.value.initial_sku != "" ? each.value.initial_sku : null instance_display_name_prefix = each.value.instance_display_name_prefix != "" ? each.value.instance_display_name_prefix : null is_hcx_enabled = each.value.is_hcx_enabled != "" ? each.value.is_hcx_enabled : null is_shielded_instance_enabled = each.value.is_shielded_instance_enabled != "" ? each.value.is_shielded_instance_enabled : null is_single_host_sddc = each.value.is_single_host_sddc != "" ? each.value.is_single_host_sddc : null - provisioning_vlan_id = each.value.provisioning_vlan_id != null ? (length(regexall("ocid1.vlan.oc1*", each.value.provisioning_vlan_id)) > 0 ? each.value.provisioning_vlan_id : data.oci_core_vlans.sddc_vlan_id[each.value.provisioning_vlan_id].vlans[0].id) : null + provisioning_vlan_id = each.value.provisioning_vlan_id != null ? (length(regexall("ocid1.vlan.oc*", each.value.provisioning_vlan_id)) > 0 ? each.value.provisioning_vlan_id : data.oci_core_vlans.sddc_vlan_id[each.value.provisioning_vlan_id].vlans[0].id) : null refresh_hcx_license_status = each.value.refresh_hcx_license_status != "" ? each.value.refresh_hcx_license_status : null - replication_vlan_id = each.value.replication_vlan_id != null ? (length(regexall("ocid1.vlan.oc1*", each.value.replication_vlan_id)) > 0 ? each.value.replication_vlan_id : data.oci_core_vlans.sddc_vlan_id[each.value.replication_vlan_id].vlans[0].id) : null + replication_vlan_id = each.value.replication_vlan_id != null ? (length(regexall("ocid1.vlan.oc*", each.value.replication_vlan_id)) > 0 ? each.value.replication_vlan_id : data.oci_core_vlans.sddc_vlan_id[each.value.replication_vlan_id].vlans[0].id) : null reserving_hcx_on_premise_license_keys = each.value.reserving_hcx_on_premise_license_keys != "" ? each.value.reserving_hcx_on_premise_license_keys : null workload_network_cidr = each.value.workload_network_cidr != "" ? each.value.workload_network_cidr : null management_datastore = local.management_datastores[each.key] != null ? local.management_datastores[each.key] : [] diff --git a/cd3_automation_toolkit/user-scripts/terraform/seclist.tf b/cd3_automation_toolkit/user-scripts/terraform/seclist.tf index ebb0d7498..65801ccb8 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/seclist.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/seclist.tf @@ -8,7 +8,7 @@ module "default-security-lists" { for_each = (var.default_seclists != null || var.default_seclists != {}) ? var.default_seclists : {} #Required - manage_default_resource_id = length(regexall("ocid1.vcn.oc1*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_security_list_id"] + manage_default_resource_id = length(regexall("ocid1.vcn.oc*", each.value.vcn_id)) > 0 ? each.value.vcn_id : merge(module.vcns.*...)[each.value.vcn_id]["vcn_default_security_list_id"] key_name = each.key defined_tags = each.value.defined_tags @@ -32,7 +32,7 @@ output "default_seclist_id_map" { data "oci_core_vcns" "oci_vcns_sec_lists" { # depends_on = [module.vcns] # Uncomment to create Network and NSGs together for_each = var.nsgs != null ? var.nsgs : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null display_name = each.value.vcn_name } @@ -42,9 +42,9 @@ module "security-lists" { for_each = (var.seclists != null || var.seclists != {}) ? var.seclists : {} #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null - vcn_id = length(regexall("ocid1.vcn.oc1*", each.value.vcn_id)) > 0 ? each.value.vcn_id : flatten(data.oci_core_vcns.oci_vcns_sec_lists[each.key].virtual_networks.*.id)[0] + vcn_id = length(regexall("ocid1.vcn.oc*", each.value.vcn_id)) > 0 ? each.value.vcn_id : flatten(data.oci_core_vcns.oci_vcns_sec_lists[each.key].virtual_networks.*.id)[0] key_name = each.key defined_tags = each.value.defined_tags diff --git a/cd3_automation_toolkit/user-scripts/terraform/tagging.tf b/cd3_automation_toolkit/user-scripts/terraform/tagging.tf index 9fde70ffc..6e5008092 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/tagging.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/tagging.tf @@ -10,7 +10,7 @@ module "tag-namespaces" { for_each = (var.tag_namespaces != null || var.tag_namespaces != {}) ? var.tag_namespaces : {} #Required - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null description = each.value.description != "" ? each.value.description : each.value.name name = each.value.name @@ -26,7 +26,7 @@ module "tag-keys" { for_each = (var.tag_keys != null || var.tag_keys != {}) ? var.tag_keys : {} #Required - tag_namespace_id = length(regexall("ocid1.tagnamespace.oc1*", each.value.tag_namespace_id)) > 0 ? each.value.tag_namespace_id : merge(module.tag-namespaces.*...)[each.value.tag_namespace_id]["namespace_tf_id"] + tag_namespace_id = length(regexall("ocid1.tagnamespace.oc*", each.value.tag_namespace_id)) > 0 ? each.value.tag_namespace_id : merge(module.tag-namespaces.*...)[each.value.tag_namespace_id]["namespace_tf_id"] description = each.value.description != "" ? each.value.description : each.value.name name = each.value.name @@ -44,8 +44,8 @@ module "tag-defaults" { for_each = (var.tag_defaults != null || var.tag_defaults != {}) ? var.tag_defaults : {} #Required - compartment_id = length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : try(zipmap(data.oci_identity_compartments.compartments.compartments.*.name, data.oci_identity_compartments.compartments.compartments.*.id)[each.value.compartment_id], var.compartment_ocids[each.value.compartment_id]) - tag_definition_id = length(regexall("ocid1.tagdefinition.oc1*", each.value.tag_definition_id)) > 0 ? each.value.tag_definition_id : merge(module.tag-keys.*...)[each.value.tag_definition_id]["tag_key_tf_id"] + compartment_id = length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : try(zipmap(data.oci_identity_compartments.compartments.compartments.*.name, data.oci_identity_compartments.compartments.compartments.*.id)[each.value.compartment_id], var.compartment_ocids[each.value.compartment_id]) + tag_definition_id = length(regexall("ocid1.tagdefinition.oc*", each.value.tag_definition_id)) > 0 ? each.value.tag_definition_id : merge(module.tag-keys.*...)[each.value.tag_definition_id]["tag_key_tf_id"] value = each.value.value #Optional diff --git a/cd3_automation_toolkit/user-scripts/terraform/vlan.tf b/cd3_automation_toolkit/user-scripts/terraform/vlan.tf index 0fea1784d..ec9f98c7f 100644 --- a/cd3_automation_toolkit/user-scripts/terraform/vlan.tf +++ b/cd3_automation_toolkit/user-scripts/terraform/vlan.tf @@ -6,14 +6,14 @@ data "oci_core_route_tables" "oci_route_tables_vlans" { # depends_on = [module.route-tables] #Uncomment this if using single outdir for Network and VLANs for_each = var.vlans != null ? var.vlans : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : var.compartment_ocids[each.value.network_compartment_id] display_name = each.value.route_table_name vcn_id = data.oci_core_vcns.oci_vcns_vlans[each.key].virtual_networks.*.id[0] } data "oci_core_vcns" "oci_vcns_vlans" { for_each = var.vlans != null ? var.vlans : {} - compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null + compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null display_name = each.value.vcn_name } @@ -21,14 +21,14 @@ module "vlans" { source = "./modules/network/vlan" for_each = var.vlans != null ? var.vlans : {} - compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null - network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc1*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null + compartment_id = each.value.compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.compartment_id)) > 0 ? each.value.compartment_id : var.compartment_ocids[each.value.compartment_id]) : null + network_compartment_id = each.value.network_compartment_id != null ? (length(regexall("ocid1.compartment.oc*", each.value.network_compartment_id)) > 0 ? each.value.network_compartment_id : var.compartment_ocids[each.value.network_compartment_id]) : null cidr_block = each.value.cidr_block != "" ? each.value.cidr_block : null vcn_id = flatten(data.oci_core_vcns.oci_vcns_vlans[each.key].virtual_networks.*.id)[0] display_name = each.value.display_name != "" ? each.value.display_name : null nsg_ids = each.value.nsg_ids - route_table_id = each.value.route_table_name != null ? (length(regexall("ocid1.routeteable.oc1*", each.value.route_table_name)) > 0 ? each.value.route_table_name : data.oci_core_route_tables.oci_route_tables_vlans[each.key].route_tables.*.id[0]) : null - #route_table_id = each.value.route_table_name != null ? (length(regexall("ocid1.routeteable.oc1*", each.value.route_table_name)) > 0 ? each.value.route_table_name : try(data.oci_core_route_tables.oci_route_tables_vlans[each.key].route_tables.*.id[0], module.route-tables["${each.value.vcn_name}_${each.value.route_table_name}"]["route_table_ids"])): null + route_table_id = each.value.route_table_name != null ? (length(regexall("ocid1.routeteable.oc*", each.value.route_table_name)) > 0 ? each.value.route_table_name : data.oci_core_route_tables.oci_route_tables_vlans[each.key].route_tables.*.id[0]) : null + #route_table_id = each.value.route_table_name != null ? (length(regexall("ocid1.routeteable.oc*", each.value.route_table_name)) > 0 ? each.value.route_table_name : try(data.oci_core_route_tables.oci_route_tables_vlans[each.key].route_tables.*.id[0], module.route-tables["${each.value.vcn_name}_${each.value.route_table_name}"]["route_table_ids"])): null vlan_tag = each.value.vlan_tag != "" ? each.value.vlan_tag : null availability_domain = each.value.availability_domain != "" && each.value.availability_domain != null ? data.oci_identity_availability_domains.availability_domains.availability_domains[each.value.availability_domain].name : "" defined_tags = each.value.defined_tags From 36b3228b079dc0d967985dbd7175a29821caff80 Mon Sep 17 00:00:00 2001 From: bhlohumi Date: Fri, 19 Apr 2024 19:26:02 +0530 Subject: [PATCH 04/26] Automation Toolkit Release v2024.2.2 --- .../BaseNetwork/create_all_tf_objects.py | 2 +- .../export_network_nonGreenField.py | 4 +- cd3_automation_toolkit/Release-Notes | 10 +- .../Firewall/templates/policy-template | 45 - .../example/CD3-Blank-template.xlsx | Bin 186454 -> 186322 bytes .../example/CD3-HubSpoke-template.xlsx | Bin 216189 -> 216078 bytes .../example/CD3-SingleVCN-template.xlsx | Bin 236205 -> 236268 bytes cd3_automation_toolkit/setUpOCI.properties | 2 +- cd3_automation_toolkit/setUpOCI.py | 28 +- cd3_automation_toolkit/setUpOCI_jenkins.py | 1172 ----------------- .../user-scripts/createTenancyConfig.py | 2 +- .../outdir_structure_file.properties | 1 - .../terraform/modules/network/subnet/main.tf | 5 +- .../modules/network/subnet/variables.tf | 2 + .../user-scripts/terraform/network.tf | 101 +- .../user-scripts/terraform/seclist.tf | 60 - .../scripts/AdditionalFilters.groovy | 100 +- .../scriptler/scripts/MainOptions.groovy | 2 +- .../scriptler/scripts/SubChildOptions.groovy | 2 +- .../scriptler/scripts/SubOptions.groovy | 4 +- .../scriptler/scripts/ValidateParams.groovy | 2 +- jenkins_install/setUpOCI_config.xml | 5 +- jenkins_install/tf-apply.groovy | 2 +- jenkins_install/tf-destroy.groovy | 2 +- 24 files changed, 136 insertions(+), 1417 deletions(-) delete mode 100644 cd3_automation_toolkit/Security/Firewall/templates/policy-template delete mode 100644 cd3_automation_toolkit/setUpOCI_jenkins.py delete mode 100644 cd3_automation_toolkit/user-scripts/terraform/seclist.tf diff --git a/cd3_automation_toolkit/Network/BaseNetwork/create_all_tf_objects.py b/cd3_automation_toolkit/Network/BaseNetwork/create_all_tf_objects.py index 5dc39a41a..d2dcfac09 100644 --- a/cd3_automation_toolkit/Network/BaseNetwork/create_all_tf_objects.py +++ b/cd3_automation_toolkit/Network/BaseNetwork/create_all_tf_objects.py @@ -45,7 +45,7 @@ def create_all_tf_objects(inputfile, outdir, service_dir,prefix, ct, non_gf_tena # Create Workflow if non_gf_tenancy == False: with section('Process Subnets for Seclists creation'): - create_terraform_seclist(inputfile, outdir, service_dir_seclist, prefix, ct, modify_network) + create_terraform_seclist(inputfile, outdir, service_dir_network, prefix, ct, modify_network) with section('Process Subnets for Subnets creation'): create_terraform_subnet_vlan(inputfile, outdir, service_dir, prefix, ct, non_gf_tenancy, network_vlan_in_setupoci,modify_network) diff --git a/cd3_automation_toolkit/Network/BaseNetwork/export_network_nonGreenField.py b/cd3_automation_toolkit/Network/BaseNetwork/export_network_nonGreenField.py index 9688c6a71..45ab59960 100644 --- a/cd3_automation_toolkit/Network/BaseNetwork/export_network_nonGreenField.py +++ b/cd3_automation_toolkit/Network/BaseNetwork/export_network_nonGreenField.py @@ -1097,11 +1097,9 @@ def export_networking(inputfile, outdir, service_dir, config, signer, ct, export if len(service_dir) != 0: service_dir_network = service_dir['network'] service_dir_nsg = service_dir['nsg'] - service_dir_seclist = service_dir['seclist'] else: service_dir_network = "" service_dir_nsg = "" - service_dir_seclist = "" # Fetch Major Objects export_major_objects(inputfile, outdir, service_dir_network, config=config, signer=signer, ct=ct, export_compartments=export_compartments, export_regions=export_regions) @@ -1113,7 +1111,7 @@ def export_networking(inputfile, outdir, service_dir, config, signer, ct, export export_subnets_vlans(inputfile, outdir, service_dir, config=config, signer=signer, ct=ct, export_compartments=export_compartments, export_regions=export_regions) # Fetch RouteRules and SecRules - export_seclist(inputfile, outdir, service_dir_seclist, config=config, signer=signer, ct=ct, export_compartments=export_compartments, export_regions=export_regions,_tf_import_cmd=True) + export_seclist(inputfile, outdir, service_dir_network, config=config, signer=signer, ct=ct, export_compartments=export_compartments, export_regions=export_regions,_tf_import_cmd=True) export_routetable(inputfile, outdir, service_dir_network, config1=config, signer1=signer, ct=ct, export_compartments=export_compartments, export_regions=export_regions, _tf_import_cmd=True) diff --git a/cd3_automation_toolkit/Release-Notes b/cd3_automation_toolkit/Release-Notes index 29e249446..273235842 100644 --- a/cd3_automation_toolkit/Release-Notes +++ b/cd3_automation_toolkit/Release-Notes @@ -1,13 +1,13 @@ ------------------------------------- -CD3 Automation Toolkit Tag v2024.2.1 +CD3 Automation Toolkit Tag v2024.2.2 Apr 30, 2024 ------------------------------------- -1. Download latest Excel Sheet using Jenkins. +1. Download excel sheet after create and export workflow using Jenkins. 2. Docker Image upgrade to OL9 and upgrade of other softwares also. 3. Dropdowns for Region and Compartment while running setUpOCI using Jenkins. -4. Take out Security List from Network stack. -5. Fix Image OCIDs for OCI Work VM deployment using RM stack. -6. Review of existing terraform modules. +4. Fix Image OCIDs for OCI Work VM deployment using RM stack. +5. Option to execute 3rd Party Services from CD3 - Show OCI along with CIS Compliance Check script +5. Upgrade of existing terraform modules - identity, buckets, LBaaS, NLBs, ------------------------------------- CD3 Automation Toolkit Tag v2024.2.0 diff --git a/cd3_automation_toolkit/Security/Firewall/templates/policy-template b/cd3_automation_toolkit/Security/Firewall/templates/policy-template deleted file mode 100644 index 3a101264a..000000000 --- a/cd3_automation_toolkit/Security/Firewall/templates/policy-template +++ /dev/null @@ -1,45 +0,0 @@ -{% if count == 0 %} - -fw-policies = { - ##Add New firewall policy for {{ region|lower }} here## -} -{% else %} - {% if policy_name != "" and policy_name != "nan" and policy_name != null %} - {{ policy_tf_name }} = { - compartment_id = "{{ compartment_tf_name }}" - display_name = "{{ policy_name }}" - - - {# ##Do not modify below this line## #} - {# #} - {# ###Section for adding Defined and Freeform Tags### #} - {% if defined_tags and defined_tags != 'nan' and defined_tags != '' and defined_tags != [['nan']] %} - {% if defined_tags[0] %} - defined_tags = { - {% for tags in defined_tags %} - {% if not loop.last %} - "{{ tags[0] }}"= "{{ tags[1] }}" , - {% else %} - "{{ tags[0] }}"= "{{ tags[1] }}" - {% endif %} - {% endfor %} - } - {% endif %} - {% endif %} - {% if freeform_tags and freeform_tags != 'nan' and freeform_tags != '' and freeform_tags != [['nan']] %} - {% if freeform_tags[0] %} - freeform_tags = { - {% for tags in freeform_tags %} - {% if not loop.last %} - "{{ tags[0] }}"="{{ tags[1] }}", - {% else %} - "{{ tags[0] }}"="{{ tags[1] }}" - {% endif %} - {% endfor %} - } - {% endif %} - {% endif %} - {# ###Section for adding Defined and Freeform Tags ends here### #} - }, - {% endif %} -{% endif %} diff --git a/cd3_automation_toolkit/example/CD3-Blank-template.xlsx b/cd3_automation_toolkit/example/CD3-Blank-template.xlsx index f966c207871fa8f5d3fe59f92dce374e14ca81b9..049cf621a2cda7a13de5c81b0f8f8c31d8b7a927 100644 GIT binary patch delta 58767 zcmb@tWk6Kx7e1;WAgxHJ3R2SDNQ%-S-Hjk2om*O39Hbio5d`UO>6VrT>CU0Kdj|FB z?|RD^Qqd4*v{d)oW*Cg~?(y_>%kTi4#fR&3%1d@k<1)21hxuvn> zFmRiwn*G?&YJ?f`Q}t}7;73iVMW<6L;pY2WKjdGi30|l;PaMR|Oq=R15};FZ?=XM< zvFujbi|;Tv zjqA0On@iOUEaeL{E%Qc@WpXJ(vu>6u<(E8gaZl$Qt>gS0qnE4`5r#kXMScIImUAI) z?=xOs@VsSPSe(70pue!MTA3@N8y@w(+`QXPj_N4qm(RNStLJxA-&Y#7Z1f)Ly%`bm zZB+civoQ`luQ|TkUdx6`z#S@?(Nch1r0vRz?pg7bsf0$*S-Bt3Q3Ne|qN*=ktez4au28HO|?pJnpxBuh{s*Rc7}& z;%KoBI?|_U4nic%Xh^any)_*|lDp9p-y@iX2H=+e+&#GYUW+T@J(_{0gURlh zQ+w)D19yp^fjoH)+vQ7SRQBcYV%!D%Rdzo%FOiZ^wO;YRxs;2^o9icdfk^w%bEte;HO2hUX`YXS`!bLD zitc=QqzhOpu6GHn6bjcqB7Sw;a+O!(>Fi14BI|xocY0BRbm1;5e7wcCdyxKll%(~v zmSpKN(Wm@}MKP95>xgj!q?NAwDuA`6w&s&*4LiZ~;cQBi9@}(|k9!WiZ^CL{a7y^c zoBOeNtcxQ6R_blrDY<5>h3pKsbqgv6xd+@ire1%L5X}@ z&6xkwb+fE$LqNW~@#)lAC=J5SxRaLs4kseUu*>G*3D#_jLuHOSs#QxYMU!v$MigSmk@#mvfXQiAXkmr#pOcHCz%mf{;k{8`2vVAk2}m zaZw$9`r(#hAM7MA67F|mu)VFDE&LX)mD0CR1Z3RsVZx9Jq99}bswe4<0%07GkR?UO z45F=_Q;0%m#lQ@@KXd8G$g%Xg{4QG1U1u_X=lCwjcN2p$sNp0r4&ChcaFcqL8KNSW zeal!?Xjoa0Sn31CTTiwoZ-3@b!LjT*kUQ7!w+(L zp`WB!bmqGc>kC{I(HI9*v&^Ns=VC%nb(nAZ#?2w`mt!tCXh_QxCj=Q~N#lqF)KnHR z@Xe><7iUT1u2MC0VkW5QR1$cNe}?gZrM-Lrh+@> z%a^RZ*%9(SvoS!Yu%(1f>z)E?{*%+|}7Ru*r z?L$2+$j++S4-{zR&4kO!?#Mmwjk>Flbn9TxSiT?;RpsM>2Byb$OA_?ma?X zm6(nf+=%8?NxteP6=)vCi+tm+fo_5c@&U6z;*WQ!U-#?3`R>~qB z74LNX;?)gUGY}j{dDB08;*uD8Vha)UN-4(9-;$mQrY|dWSCTTjk%EWw<4Lx^A6LKY zoSKlxmF9e%z5!c*(1RpY4^t^K#F-rGji(xM%ouz^{2wW?g#@WeynC@xhY^zQgN9~r z{kV?I&ry_TGIh`X(&;E`n8w z2ZPN+0%27jWD-V_K(U3zd0VR*nLGM1btyrTr3aX@xHk(J0{2l1Xm5>~KYDNnxy0v= ze#Qsi8`XKHHe(7(Kj*x!cs&#&!>Yaa2Qd8?lRGTt0z~s8YZ#G;(RmZlIFR?s@XQ&a zX4Ko|0rTDw1VvhW=e$TH#;`D-O{9mECnOl+l4xawZ`?)^CH8QblR=DNP7bQ@o%W&GtKT^8Arm>K zk8PFqcqHQ&kslCL^fv!((9XaM*1MNp40Lq+8J9eav){Q7XSH(q>#9|&=RbSA7$o*D z3VjIdFWOel2Z}}|-?6&mB=AtXdTr>yp4Mn*@Dl+6+l`6k1i#!^yzPg$gzY`;X)7*_ zT3P4%h~}&rY;RQAA0nFbQZ}`%6Gh(icpCc|g@SOLR}7WeLfmVfGpzH5=FlglAXQF! zM01S{wy!j5&quJlZbcHP_oAenv$%S)OAA=N10w3RK3g={Wl}di^^dFEXp^{}W zYxjYA9;<5YKA2ramkAHk0Eg~8nyg<08iyjjq9>@l7dCOQckb>}*tu44`#aW6a}6Tc>vCwQVH1{O(}i| z@zFG%nbON|YQDno}=!iT@ zvKc4KxBFPAQle|>R6CbQyMx}#8kiWYZ^aOR_wV@dQ3dLo$!aHRU7rcmlaT8*|7T7R z*07(KZ17fu6z84aP@&Xpm*lLgDx%mQuLU#QI1~Y#Y#mZ^XiD#&OZld#KqnZ_Cw<%0 z_KA(DXprchJ^I+lKV0pV^C^S=0a3>@k>^UN7CUlC`QzSHl)M0))HC`AnA15;oYn9C z)BjLmO7lMS=g0exa{M@4vWZ7GB;Q9S;(nz1@D6!fL;u_^RODF2z(fD8|EeT*)+W!T`i^4_o`>}7i5K>7IFUmUzHYpJ#j|2nQ z=2))zY`-UL_n$XVLS;{!Nb#6=@pm}?U^vIy>;K~bO5tgnv$H^*eI4(u8Hf0N7LTG> zuB*CtcAdZTx3?Zk1oQuuzC|x)0>qdKQb39#q1Ba-zMhYcUV#3%0A0EO-Le2Zq(E5P zGpYQpm)n<37LV6q_BW%Iuj}3ClFiF)CHHr@0X?wdNRmnr| zL&in(D>P&<-S$5UU{mbF|AqSd;YjOZQ}1Ha$YRs-{=Ypu@BX_0iT_d|=$~x=dWc%L4u+);V+wq*n83;EsWkeB zea`=;82%R)1c96$RS-q^>eAWy>Si%Jg$M##L7R(K(fF9@6*Tujsp zdt99>kPFpZ?w>@A9uF6^9Um?SPF>D5j{>!Io@bsOXP0OD6Yozp_fm9D7I&^@&epqx zFY6itv9IXPmJ8}HH|sYS4}tYAio28NMV`ldtLuvsSBrZW!omWrz&y7u;?>EbN_dLU z<;mh;TY<2sys+p*V1%#~lEr;8 zAjKK^MKV4pu~S5BD&UBicnfe6xWed28+(M+@`xmG{(OIV@0OAXF(8FPG%CK<;=6si z>jI^5?06~o4(St&x$Wj1JObI zYx5+WLnaMDxBGY>y&c}!$$p$RN}qm|d-#N23UT%RLcCP1{r~)2^z1;ZN%P$&9Dp-j zj^ma^m&MLj#OPV7w(wIlg-0*Nlgw{_kB)1k7rs2LKedeig!4C)GrCFK z^yfow`3CNMWMuDB;$am3@ae8&`U5E~Q{*gLgSYgGlxyN*@5;J2Waj$syhxWE3JSRY zDlRUesrJEV@vu+#xG_b3uod(97mKL`5i8OV`+QvFDi)MhFAx0B=aE&V;2+#9x#$W( ztyBmWHI3%qa?`Tq*QY`kh_U|@fq~jvV$6HkUq>bU98A6Zl5&98~;l;mCr= zf1nPTpynYdF)?*_nk4^K94ba=+@?m;;Nfd)Y-I=&4JB8%RbTSN@0?3a)=WtE`NCZv zwAH*f((Pm|Se*1=HA@*!ek361e(Z*&3|0zL#Ek(GNJCGe1*X#XCzbDe?_g@Rgq@oP zpCK-^oIHQS$|2Z4_O6U+n3U1qqGl<-H(8T13)dHHbCtgN837XT=yFeJ}u>dN@E^6qK zl1$IwnREX{9%cwMX5MlEGfRILYtWMGLywihxUC;X2(;-Tfk|UJgL+i0sq%O??gz~B z_OG-d+EGX$Mf!?I@v-={I}~Y6MMH?%TH~6Zkb8h2H#qis-Sr$#Yi}eEZ^dW)9s_7?4$9OKi^M6 z0r)!Nrj*FoxQdg=+=zNFk##Pd&0rTdkJ%ExTjO3LSEK8_M4q{DUV{NVxUAz|qG03d zy+q-;@Fxa^_;497ZlZXj25zF{T=-LiNCLPl2RBi=u>&_zb}n4bz>W|uBf?8mYUIUB zRGABZVW3C^mjOX|i5iVLc!^qb;o1hQ#BkvWUZQ>@5q_fKT$xeYM=JE~)s7t_4s>b) zU1EDIQyKL5!AhNT8^6+8_BMukiP$TT5AnvbvfyUuvj7a8h8Ln)#=VW!mV}-2Lh4tsoam-9 z7~3;1lHV%g>yeoB@Q%GA5!1lEz1|g%#4Z{D-R6toT-I;xNY&#P#83jkyA(oW8o%-s zEs=JABI4lwAe-b%#4pC`hI}1F0P?ROzALmhy)Xqs$Zq^8s^)Y?%8>aIplu!2SEudz zsyfHOj&ACK89zu_t&XEA+!$K)z~c*xG$Fo8j}Or+-=(ag93=Lo0K*~7011s^{nqK! z${eegjZRCXp$z26OY{#lD%QJSh#P>(`4B~jJqRgUqEA=kjn$4l%CC2#PpAqucfe{n zCdCK|^wwa>aDbN!4;WA<3m)LR_EP-I%j-bH4J^19$(?I2p$ln*9li#NBMh;-0_N8A z37RY!ZnUk3`sz`fYIno7MC>)W9(mBV9_y>GFo5x{`gZsa>>aJ^hgcdM`Vj4ku`Z!B zi`H4-cehh;aFfA8yb@zYxZMn-=V`DkynzK%sxOJC7>d$#-6k|qSetw{dtQhaxpc=P zQKF;f@}k`1`XI{~8!3ugL~E&w!mfK85<)X}I4WnNjBYx4r=|VDb#@DZzX0zlhEl=+ z@w?3*!aBnk%PN7J5e%aY5_{S09$5fp>36qz{Nm2CW%zTFj}gt)E>7O%x~2%7qGcUxS4* z>N=8EI>k^GSS0xmi3|MT&E${GeQONt-eO0W#OJcJ$5R}G)u5F{u{}Mn64ES1EyHxl zRpCj~Ht(ci3>&n8#Z{cCU2#Jtl1;@|G;PoyYU3p(4zWcW|BzF1` zLv8$k7L=-3Bz8XZ9@(d`qM9p)e!tF5o$)%iyIQzLWh@K;j0mqmHCS@z_${}Yu9I8% zm0XVmYce`Kxs0k`ope$R-MYpiWWL6V)WtQby{^;zFQ`d^mUiZAsHdQzUd}vZA zD&O*!6(dBRnjNG&VSEBPGPo1mLJiLeuctKT%4%{wt(0A~tKx%v=mU`b49WtVNjcf-Ow+Pr8ps6x7$&)RZolFEd{u7C&Pfy@`f~ zqsl@~a^nWH`}$5V#<7NQ^Af_u{R~Vj({BC|c}5B~R#!z}n{Z%L%9hUgpkSRNxt^DY z+t{fWANle^&)mtA`$CP6D($7a;|#*2;hH>R~?F_YZmMb z1>T`j{V{QA%N?0Vb2{ItwLFwl1OFBa$rz#IJ`(K4T}Sm`x=RigL@vtT(J@bLMcD`` zU`TP?HAxqRU0bnfmq>$0s%NrRRScrHmD7W0@8P8b;Jw)G3G1@L$LW;)Qay(J!?sJJ zndWfht|V~-dRiFvcfRTY9-dF` zW&g>vcw<;+>wkmY?3gSZz4K2@Yn;wYLXgS<<1LOjE!ibqNaeWk7T1?)Yrg3;9cx#; zON^rG?g9!S-~bVhX3duoB#mq?hg{63np{Ab4`k0qJ9yk`nEClEf<@& zFsl5PvV;AMsW6JU-zomPc}1DhlZDcMg@&fFRqhbv>Qcem%hZ_jr{D}?F%`$;)nZi&6pBi-M=lawD8~Oag3w<2QH9x~|6JXIxrgZUQv&UKUo&yKo16EI^KK>n zof?k7SDe363)U!8@j+2V_@`956SuJQ(Es6Jtu-L<_4(h1ywIwP-G+FPzbA5X{iqGm z9eF^U{67lXOZU0x_x%?mJjD9~un;RU&A?2~3o8O%Vc@?3F4KlmxK7dh?jo#X8;9o2l>9gUo+W!}8W-b# z`dTCq_mnH;kcH(9t(OxX`-*G{fn^6(XU^hBdzVKv7NZn{#~`vfR=k9|IEI9!7`_# ze}mf|FPhwcYi+V9Zui@~D92skkIZyjNjq6x`>$Q%&(P<7k>BBw`oBZ#7?bhNn8)Vd zRkFs^x54x;TdKO)|6N4(1zUUFTcF!NUV){_b;)jacg%k>?#lXKOA}DEYty{o3c2u8 z{;OvP5VK!X|9h6Bz4p4j{&r#PI{v!Ygq&RbQO$VMUvsNvT~_l|`hPe!Y2|7V^Dj*+ z$M>4*p8OTFDTue|pY-PMz7?4WFF;-hKL8A215NOM4m9)s3^d3#J(qvjR`hX#k>GOh zzbriRdef8>`WH4J@u5EZGYBXh>PtAJSZYKa`ND zfNwL17|H-`Hyv)QsQ2~9(0k0ZG6x@rE+zd~Q3JWO23$0m>yK!w+a_H1N{S|ciThJU zyouv`s+n=h`ZcQF@>aW=NUezozH~e9F}=$<-a2%l8N{mIwTC&R!54$WyzB^2aGxT6 zR=zqo6J zoMv1?do+x!2G9cbQDZDN%eYB3Rg_Gar4aka073cFqmVR7q*W80MNwmzu$xAwYce>qbVtbsnhgMKArC0nH!_5*KDG zs$`PE5S?U_(SeV#!_n)ldt)Ue%S4Xpie|))pB0yh9g7Cg%LX+1D{r5-nhkIe(%?C& zDrVz3>MGLUJDLulzZ@7Js_dhWcUtJqkP}>+%#agW+sKd;c54*oTNfzMlNi)b^cmun zN&@_bG^COOhFqnX-%6P|FCV7K_}bMe(vUi~DrS>9_A1hl)#{TaNhFO1vN5)FNF?bD ztx6>64Z#9D@G*2Kd#y{+S%PbZ<4CW#jN{0rXm-z$Z@@9doY+4-rZ2RW*o{wg=#r2c zC>xh%T~c7D@dpnYF@ag*<*tX%i6nrP)!Rn2gG!-~hH6wbZHr?J#nbGVjyg1ITs>*Q zpN!Kw#zZk8Ym*z9ga)7DAe$bZ%qC@4SfgK|ulNZq%-u{3CK}Df`s~q9Y7r7V@r|%J z?a^xL`q*v`mf`@ ztn`ZP*$t-Hrc>1MrZ<;`yk&jUc9r#1^^f#Jm4>=kzZrvv7aYBqG+74NOUxeJz82iA z4Dq3wLoA*FJ(r<{A@RJP0i#ee(?`ofkFDad$x<~9iiM4+GEC(jTOFB&nt`^D1vdK5 z{qeZIw7W<_?nV-40eD>Q+^rHXmr9z}-MKTu4=%jJaycSbLwNda4`fNRSc&v<;s#^v zVp~h{8DxtW?PJPIBBPVTg-Yl$7&+}vx9%1%8+B)z%IOIgd6~T&@zkBl3Qgl6lE^X8 zl(0AJRDa%+s5&qir%CW3OM}G?tf{k@M9y^lQZH_tY9|LZz~;~9oP`iVlOn76U0iyF zrWqHFQSz~gW~3b?p4Xr4i@A<`yy?X9;bW8d2-c|Na6S%-1zOOtD1|+=!~FTeT!tB`io`Gz`%>Hnak)L|Qi) z^^}?i(B{lc{ZjG+;RmrGS$|e*W%lfESxtns7KtP{HdQUg7}*`Pa+re}-zE*&qQQs7 zZ!23$nD}H9WU{kY=R^oQrD)i*nY-9td|Q$0Nvvb;Qi*h2u!u)WS4$xd+dpvdOS2|i z2P>%dCa%ihTehj(3__VMw<%=hFs*wjtS|+j&JgC5ft^`X!RRz+YT`bmgIsrPHdlb` zrV?i)oAl;Nef04C>Y_ajdX?e;xF00|tpkiQ|<(GNK&z5D4Etbe-`uX$XMcLQwog#FF8#PCqqH@K zczOPL&*ebwjF%)37az(#%;Jfi?OHNot_+qicu=6E$XZUe`0c@|LY5+->)Pt4X0y%} z@R@3-fTktJXFF^4oCU`d_*3PVY@bz{4?g68np$A&HEY+F=1COn6g{J zc5(NQAy0&aR%4E@9WMHq%KF79Mk-%nZlU_7Ne}-DSi^{=-_gg6U^Z2tvTnAV>^OSez4c8qV8 z1;_@NGzS|De>GK)VAy)ny*8?&Iu>gMQ5**iOes3Xta=i`75vdL?NvP4S2!HcD|unN zF(WorE%t11(aA_!kt_$`ksrlQU&Y*5D3g`62EbqV8!Mq(D2Mfb|3**MJXeqEn5XI( z2cuD?;KesP|DI+}Ne4^a+y>Jtiz&whQ^yT3y}|TcRT@T+Dm|2KtpQ+qV*;;hn7+vt ziyf`iS(TJ$Q(^!g*ylmF?1dJ}t)7-k4%E6f%Ec^4AZu9%L~}o|VNVnGe2D`FJK6+X zjAY8~ta(miQEaAN1v$eyVr?OcbHrIMIKn!{Y(d`JfyHwh_Y?{N>!M@LR;PVk@$T!2 zI~6ZcXY_Ddu`!USV&n#JHoF<`G76%b6>@Lh-r5S48RRR(#%wuqqvd+fyeu=W+UdNf_a5pN@ zqZ`x@T|aUdvdfh5Wv$ZM*Ysz@G@WuuFnzWGt{-Vu!-+w~HifKA!tyV!Uqs`gi}K55 ziy6VZP5asit>vGRiOrSroyA2PGL)OjnE~~O(QKAR1=uEW+|sHR7y$4eNa_;IGkSO_S@NLbSolW064(+1laf%Vq5IsNVbu z;kbOQ*ug+jnaBFX$ji8B1us550!T#33I<2(m-PzP9{j!t#|1R<`ZrnPz3dSEB=&Bz zu2d;|^+egu%LfWEfEbK_-AiIjzRhLd^Ob!3&YFv7ol_>3S>vW*CWi8-(cH@v_|4bj zs0F-P>*gwe*KI!Cm;&rWH$3d$7wX`?^4Mz+0C+JLQ?771;!i{>e=xNE!Obq6#U6GK zp5JFQl}p>v^oL!8cQxHEp4aNSiqW!sxsEc$h80vBrH5VF!$*78#cFj;z^B(Y=Xt!D zKh8BT!v`kJ>PH{D-~Rm#V6qtI0&WYWm2m_&Yp9Tj&b=(S{(fLi3$A%w5(#6mPmE#n zw$TFt3Kc&d6ayw3SPf$+&HG zyVMHTCXg*`o*_-A?xMX!34E=cfQyiJkQM=ajaQ<-=8-mOejX9#fOT`qZd z?9R(^+G$?DvBP1 zKN<5W>cisy4f;|!gD1qOc|5`$7p0dD7fM@KY`fb6_oxn*#?T#n8k5#e%^rgZJf0b6 z!;Kj2wsZ&UEej?N!Tg0Jh}LNVz8rt0{u0;B4h-VxIw``S|B3=W;r%Z>%FnPh2M-^H z_6EG@k;4MtP$VS!$EL#)h6aE&GL7(&Nulfhl~;hIT}|9k{tUCQ!ue?jOA^rl_$!Ap zW|D(kp|&I4tKAhIn|EByN!l8q&J*>Y*PamM?WN1mGRN-u&=t@ZtoGP^=e$C@Pr@g7>2i)ClekrS$b5BtCNuK`CkH^hza5+QB;qjZk=)~-*{Gf#kmPn}snTdJGHChwQk^~TsZ;0K;HX}` z$4Rs>aCW{A{z12;9O_N9#ewEM{989}459w|08djD2tU97;fA0!n&q{s1IjV_(Ld8Jw+-@NZ=A^%+70>OM{)q7QB zQpH(lWbf4qSiBOVd}lup$Z!^gVTdMGuRuIw-?>COV;}AxsVW(K zgQO_=ouQ~U*F7cTCM!9UcEhj91K)J?Na)H^I0L8z8>_Ij(Cnm7+z+RF?qi@-w-Im$ zdyP58x>uAweb7joz4P2Vp=9^@w-3(?aI2ISKdgLuQGi>iw6IG1u<%3O)WS^P3373< z62?t50;9T5a$wr+XxC}aD?1|qF*Mr*FUpG|{B`}q{Xm$NK{Wjaag=Bi^2v}CD0 zhDQUG2YjNW5Z3WG9}zn6sSab`=9m$X$zSZcD>&TfxJyOzE^&Dwh@E%UK^s{xski+* z5s}P@th;jUjEMcIO^c_ycX8ZYKQonIfj%NCag@rPIn;g2vdH)wIh5_+ZN??uaa0uD zZu0zjN5n^&f>LU!Jn^B_7Ul9y14E~qGBq;&J2>q#G-o%9In=Okq6L3{jK~P4E%GaE zQ*~nmK%E|IoL;&X<0-@0fPq1F^|pOHTG65O(ay2g0#d$ZW_;dD`o`_i7-#vrBFS|x z2rzT~9u!zBiPK3Wd#o(EF%7MbJ^VUttkLmvrz0wQ4WV04fvUnvY~g!j!I0V}*$*?y9^DXGUJ-u1mzh@WjY$IN4N^I?nbv zqFBKyNkf>SZ%FgYDsrT~sTHTR6qWZeNi0}OpL#RtStQ+J60Rf!g2YhvV-q6N;dV3A zh!pc_PBo%{(0AtIBrQc$^w9(U@p0lCH)Ozn(@>~Q6eC}bfK*Iil8pcW_9V|L{p+7U z2So5ncOA+Zx;|8_>58@&z3GWyo+YVqE=P09p<>wCj3e)AE$dAjvA?{bBvv0!Blz8& zBg5;vjS%4M3|*YsjG4&gPVqWl&Xu>}9$Xq;uAjNwalITg;hm^C-Re5e_B?r6K2>vi z9MPxebv_YTy?q7nR=EO)1vyh*HRoORGgF?IF3@Iyy^Y+WO1J&O`u?i}HMiAAPJLE+p>_L&`^OhSqD2Cp|J+ zYh03Mf?0uT0`Rwnb4FcRm!L1Zk510Db6J_0TEmEo-7on71tX^9h?5NBVnAp~-mv>% z-tjUozvTqbTNz)@sym*n=yevv-kMtI%C21XtUlkZo{)D2#%oR;pqmptjq zEy0WMD%8SSIh(!5_i$LlplD$2DE03+5=|IKS`Mh(npVoE}%E6J@;6DAk%dUAR zzDompUZ*DJ1mFFs?&WG%0X@8B{`0DnbC2c}?sA4#r#pwaFOn|}EAxUYcaa<~Xyl@~ zv`EN2x@bm1GimO9}NDrCy^efbVBu*qCvFbrGtb`zSR;Yk}l4aYe zCq?*aEi;RD-psanJrpS*I zy?(E4bPR%Z=v{(euou45nFIxI&p04%uc)NJKy$;7bc3did zTr}Pr$qnn}WmcW&eLOB0-kE~1fw!@WN44j|5G zZG=U%IEZS%%3sVk=qDgy6lBWYoz^J6mtQDeOk~=hnk?WtrJi>1ZO$c3N-Tr8eP6nS1G7q1#;4P= z9fwiY*BYOaV`AcwW<0WjZgNd%UcZOGD^TEAAKM)djf9DHSS8KN%HdWfq5W1iG3FM; z4(vo}{?tLy2-N&QGOq~*Nt%a*0Eq9Rg!qs@>bzg&O0P&L^*S+Loap}Pu@x2hWBzSmE z$u*k{Fqd`vKmE;ME>)6gwguoW4+UH|;aDxp9UKyQJi z%Y+AEp4AnF#o|yvm^SB*Xv0(uCH7GI`NEjj5)@Vw_7DS?Qw?Wb)+4i!hs;!68q$NQ z{H^9Azf$i3t!N~4jkySLgF7GuVZ(W_uB70)j;ez>_a7R(7OAy{#kqpaD%va`T$8cE zL@R^HOa=mNV^%#4HSIZa0;3mE3%W}zhsgZ68Xax0VWREz2xub88qb-C4Crb&!KlaI z4hr27KQYSdim95{HFaxphjbtvQWt@RN$qO6jd^7~duYOK$%0uE!C=N%%e@i|+I!f{ zJ~D+1TS1{LA}yQzv~jfgD&*k`o4l?mybVdN8dzm@`Onicp~(H_$s-?@&VZd)M8VX`Qcg}0fV_bNk8H=3BKLP`=6NzEZyE2)~E99V^ z?ua%wAdcEn&(O%Q_?q}2fioJpg?}7e7#y@yg_6aRgZjK;T$T)&!OlgCdHxm(RYqZ^ zVOfo@1FS~WiE+1$VdT2OH{L=r0^@Am2$?0w9tgk)qq&^ZZa}Fx`Zg?vfxH2C-$jgp zHvMsh1qYhy<1f)59uyggZ@kOpsHfSce?thF1@k<*3-s;oi{QCpB9K_hfjKML({k1i zmwmr5JwOH9-9?lxPdk-AKGE}X#KZrDu%9fU78~ZUA%SZF90!GJ4Zzo8*3+EVa z((#Ru!>&^?IPFWd$et_np60NjJxB|gNe71#BwiqsR}6f2z+~g_L4~UUzx1x%-T2!S zCW?nyP6xt?Oi|@htpV;u$lo$I4Xjq{$Xbz2Q_N|Syt96&<;wHim{CVp7r}zG>I%I+ zE(!r%F=t@MkJDlQNwwm7jYq!jv_LZWyDYBiV$gXYv6<5WR@&pk$If==+x?jIN4b_O zXbvDR?!Z?slm={lvFW{zw8pc0+s4;KzI2*PvI>F=vtPid!4-)?>`)ZKop(*ya`Zo% z?>AwZ+w$-^0L|Tj`Tp5KdK-245$K;~9)|&d3zMeWrCAe3WHQUW`#t>QuuiNP6V%I> zz_uftI=@6V>W?|}4206A3aPg_K~Jz%4AH3p|2_C0GQl?4$coR8>(vbs%w6QSngL90 zC7iP=wX7WYUtv7w^(&&kgK7FJY!iLF3FhTo1n&h*1|Pq+_?prG)7|gI3Cn~=3-($_ z+L#Bk2dMyJ%oxFvgNe%Hem9f?(EQy|uVM?>s)Qyy+usp_Wt@7}^LvV+33rL>xOb3C z-3!2Xw@?X;?^QE@*6W|g)u}tqh}&ZDJ$}|>KC)Bm&Hbq-PXtb#9{4hO7Woga0I=>9 zRmT^ZzqsZV0!A@S0+Z=v{g!3GB7?Kp5=`Nm&DDQocADwnc;cP*ce#|r8Y&bfU!ULN zXNmX=9k7w7gUg_L2BXfE0lr({im->9UhMIl!0AVG-sV%iR!@wv+QuSMj9zg4l)_?H zbw9fxt~x?gqSmIYFwHV7yc%h?{YGKm3WpO;>UBNcs&o2#bz7UEi3C-Qq%t)1W@X8|B=Y#- zg4Lg=`$ufKQW;2PXl=ADc}QO3W0^*kmvAOx(xIa$e|DcbK%A4F%>E$Q{CRq4gx$KC0_cg8tn;L%c%s9v?3o>p@U>dmmtwF^s3GaJ20_k8}bpISlA zWt`fHclv+iPyZOPwG(|}Q|)F0*X-F`6STr4pb>X29B>b(@f)q(L_whTD=$Cn25~Mx zoLAt}TO1X+&_Y;>RJR-|a-A#SX!H5g^Ki6?YBwMP4kx>{CTk5daH!06u7qnXo&J^l=@qyryV@-qZueztjqDXFH!Umb&DyQCS~vtpbuP3724P#Uz6Py= z8x&WaPUXX4zvO$>Tf#g|?pC=~YXY#ep*8u_1u(q^oq}BMJh<)5`WhKruOu(mIqN!w z$+IfAK24Z~bAA4F3EbkMAlLZ|+yZ4|?G?;I9GcxxjI*r;FSDIat=*TodA~Qkj)%Ra z0U`GgG)ITEMv0l^Zm;O5ZR-GVEmxh|r(iQ4Q9np^2m1myIC4BZf*YKU4xhmd%=Ojk zAD6)}_{N6$$6y%d25L42aEL&ii|K2Tp_+{$Toj^nad|B=VzwNZMYvU9RGku&8lf}l zxzS8qH|5|u6%Dk_dSdGFGGtH48e-18-ihM$@P+htL9@CNu98bWLxl3?+`Yc<5(}C8 ztJ(PX-FsaVV56WkO5iTST;s;9-Fy=D+SXR^19vlLqC6c6%C^zD*A#JYc9gI0dQJ^l z{+!2iUY=viO6afW03$S@B4D3xady^?e*3K@50IjSjHNk0%s+!;tuQ}38?3b*1WG9u zW@G7eYw7am&OJk6Sm)E@@O(qmw!L7mE>uW`fHZo+)t-R($_2xzNrhr_ESs9P(T59`#W z%i(1Otjfeche>|IJM~U&`yE_KLbp}|u0-y7NL~q3ivKyB04mi5zF~4bWU361zLzeN z;6Y@Q>=0x{_92f(+*jy?Ex9QZbs$x-E;QTLLX=}Aig|%fJN^!)=3*D%f)+z9?yLJt zXI5^a>sn&{+iJA-mz5*TD)G*~{NtaNZtDvV;8QheUyWH~ji={}gVL7FR?7Qh7dC&; zDQm<6tzOs+EN^n{R6T;7wtt_d29ddkU(Gs7gLMREFDHH-XR#)KpU8ioQb(td-^6D5lhWr_M3ery5FnmRa@1eF|!MymWJ)xNcD|Zrk$s$HnWala*cKx-(yz zyg8C22i>~zq|qI4FXzg+sW(ICKQ?oEU{)=5x!5260M!&boDR8x8RV%w69Io1CC3UD zU(H5$#lg>RpSf(i9)YArM48&-y3>LO-_v?s6Ag?pwnCYtq#oZnuN6?*MwCmvwV2>s zFPksJoP3SCylq5EDw6|~!U-&2g=}5vw-05-3jb2^3b9-pRx=RS7IM!E2lpDiW;s=B z8m0!as%jA;?@12P^t=cA5BM#7bwBuVg-Fn|+bhxKFl>;m)~+NKi#V`#^8btI?L3;b zf*}qVK+pD}pm3m&QufnF02Y>z39-}mWXMV5WC-*<6>OZHmKPP_RkKUh? zt}}_$516NTmdUH@rq75qkTv}3dV^p?429}kK>#A2w)V&f@KtIuDTuaJKuecW)42aU3Zt_}(PD$TnA?}^CaPS6===@v&$r7UvqQwi&VH5% z@&p@mad--j&V@-TD&`x&8WBe>ZVI3 zkFHRmis(rEIKPi5bpTPe!R@CgwJV63b`(k}Y!KE!A~CZR^!uha0edW_r&U?JS+!`W zVJ|T6awHDFBcx|y-F}uj@0#`Anzk;-n51*9@+6>$I~zAcbR`{M)K`OeqP4yNiUbJ{ zyu2mlV!B`a?yWxpfVY0UqFH71wA#1SQE~W1eqZ*?N+N6HL#Pf}k{+f+ghU{p5xr^T ziQVC9Zb=FS=I%&}6g~Uo6~PFR`vJq2RJ7%wUkxW6(fV1$j4ip|>kmg9^*`eist+#T z9Vdm}p}Rvw$tGePEEUv_5y|@yT|D}2-W?6fA`#<|_I%k23jJ22hd44nO?JZ)3q^9F zgeBpac*K-ex9=$FKUxi>GZH28>%8@tj>r5t?L!$lREdDjP=%^AHkv3Z6@0(<0iEv^ zo>V^;y@_okOPe}{nfAu1{M(HNk?MqpFV?H14!bLLAO|7aXm_$qjUvGA*kVHFhKP!h z!%h%@H48i05|+|~NvU*dF>xhv$+w|*YXgy@+)5wuy>JBHd!09Vi8!TC zi?d1xUnPYj^oF(vHJo(kT+jj|KCi3lia#c{J2R_BAs!WHC87wMiSf>o+t4i!^o=Vn zBbsj7$o(WwUK)7EO6YVy^Q>fo><+YilK}GN-8m9-f$XnGy!}={zd*rc3utOU_&cYHKSlpf+Z& zB%_ERJPXTY&bwtdSOzpXx7q z)%uJ|T!iD>6NYah9(t`0uG*+ePN*@KLW|dz>Im$W{C<9WnDXvJkVGMM@S5ol2|$?O zp`Mgl;17>>mB6f%cVDo2_8zE_#V?B`&;4jwkI481ePv@} zAXc;|mms^HU)ML!ww~o#@l&>_W>O_q@eU^I9dx@pGaVNv(Y<>C#^voKF&+EVtBWn6 zKIU(|)!+Ia%h9_wC%J{x*u@Fhy#K#Qd+WHWx~*-P4FXC_H%NDPBi+)W5=wVBYyk=B z-gL-Dy1NCWq?B%?yBh@Fy}|oF=RW8Cz0dRgzJC^L%{50|;~Ha5cC4+hKR_1}gdY;f z7jgiO<@JVNps;&GGmIRA0sj*Nt^xy*=O|s{SY(dopQF&hAf8tliyru`r8wWDj;k@A z{cT&0x+E!XJAn`==X_RpZ%iQL85!LcLF&bz3+NUN#n6E)JzH zmbj0$keW4RGB3`}hE{NcoL(#xEEi-f7rBZx9=n(y^z581mWn=>h9H)jKUPIUK_9zv z>3&_O>B+w<=wiH{v=^#n0>n~DjZjHcQc24kf3iFZZR947%9StIjQN+XF2n(~ppR`?Hb3+AH|m#guPi4OWlUm;qrkGetH zM?e4!%>6wK^bjArXxBlG(Q}W}QDqMD0w5_H!m~9(inQrZktSQi0K59GT-S!Ycz7i-k@K z+JefWktA=gykGDP6fDl}JAO}@1d)ADQ)w;To<9Lu&NTAJHN1I>i{P@jS#VHob{EQj zDx+|TD^Cx1fs0@(EDH=4*W+{}e~tl9g%ArP=VvVDNDd#ZM#~b&MMKRbSMpQ@C6{%E z^F__8#41^Yu2Cn>gx-6bsd4a19->L(t3o*`O1`2Zka|zAM5J#>Q;?=)j5-(l=Wn@!tG#)) zg~!FV+Hmb&Uaw!|^wVnU6$+L|C}5b4g!3oyvm-6R5)s<>!)gNJPgbRIyBU{^K2|2 z=~v~Ka@cB0C5>k$Dd*#6J$#=u!#QUyVwG+Vnq1!*7D~QS?cfe_8g98D)|n$U!D+F# z`B;ejaRpnd*|ZS*?2DLat7y0*Hi5!UtXAPVynsW1E$Cp88BJa^m3f25AEk!=$HdIM zkQ~aaqnuK)YjcpGRW5aneF5*MX$xfqAbPCk%MmUGDjaSBv!tCD{9~TX_-)$OtR6PQ za$IHkf!BjtyNbOu)6vec+Z(sG-{R-QLlg2p3SWWgVy*A$3lhE*Azh0sKQsBM+8Ol~ zNNoQ5j**5wNlUuK1|>PpX|QZIle+3-CC%v09b#^Koa71K(i3a-n7V|Ic}grJG(e&@ zcHIdorW6QQ$EB8!EH{QoavM2NKwiR~Lvhci4LJoR+(C^{VxDnJI zwj8wf+N{w3%M!8NlD_*Pzwott{b3CLFKfHv*z70T-f(_>?oYqL^a-q;lDESHNuO0n zoyRG$V1xi-d-zhp$yP1F$orlwApm!$T=v6+U@?^Ff&hH4Nz;}}j0@B>L`#07nOsbxX`6m%shcCYwDS^1AJO9R_08k z&o#9`>aoD)N!jnd#ri2{i@qz(1IJay^Jr$O(c|hF+w3n+NKAY2a=%T=+KaN4sT!Kf zpB789aN-bQmaenYyHD$iQ=5@=8hLz+S=_ zREpPxda_^GM6HOgQ zV%0PPucV53MDF0y_aPQWNs-S1IV5O|{8iZVY`;BHEK}Gt#uw{P6-1{#A~Abr<$dhM zX*88j;(vRnG(;Bz|87_=reu~`7V>~tFw2L4h~oUz)yCPB5vmW8L>&X??bEem5^vv3v9+? z!!DXaP^#6lYGd(dtK65_p(vf*_vKTfJ^XS%aJ1TsbG+QRIYFSvih+w2%8X&ogSS`Q;wi3Blggp2IF`Q!xmL=nYItObmYU~vG z``*Sq7DsbInjxE|VDaDzSREc@LJ$7uU5u^L@pGvK53fiLMa;wa z_?_Gc2jt$E1@l?#lGMuNj=dEi$GlJ$q)@Ir70AH&WYT|Qv7(uM5B$Xn15@?05Ced8 zmJ)^40s-dD=lqr8q0i+EZL-`sX_!|r^SJ^_4Oy#tMObEu z3UYV!JI9H*2X?^dSUZuvKgXFqm+aPpAOK@R0vKho%lIT%yLD@JF7PimaMeU(?qCG4{x3B%D8NKK=RZ zb5)SF=ERSr_goVilc0q7ab_z*>oDgA>btkbab=iOqmfCfl%L%jE5BlQetO=+`(5W< zWK5i4s`pYbBgsqo6B-eIN-D+q;{o%fhp)u z1w#TgB9>bZ`iZ3SlMuP7zfl2MzkOnxzm4YIw%;VQH5gNgl8X&g#f85+JI;MWq-Z98 z{XBj2ccHDNBERWX!WKLAonlpg0jRm{mg0-|ju!T$0kDHABF?GQf)xSzcYRVv7(1#~ zRZ{GttdlqLo1FEcI_|I9?_Y2S8gpt!<5Ik!u#pr9aelt_VnoLHLoY_mbBgzpH2!?U z7bzkkX4=d4Z&V`R(}0gF;*4@}fb}{p+N}t9VWkumTMU>*=W`T1++{0OaR{5nszYrr zU0Ej8HJndXHBUTN+LV}sc$1d2v~v71FheOBnO{~YX(zr^gC&znjTh4th&T3o?Jdlt z(Y6^9ef-*|GR4w=d^xSw-!?7?Q`J$!3wYvTR61RCTl*0f$j9S>VN8Jo`|-jGKBhum z6bVP!qUlBe)qjdp^fuJRkt?|PYfR`O_8MaCgSFQ0}V6bR0%{ z2^1z~eBuk&|y_+fUsbI4RpCb0!g zT;8&~%F-WJfgi#F$uJ!7U>IYBUgBtYas@H155<6Km`ZqK#9q>9iBz`P=^Q>kY&_Td zSv}z{+>C0y6G4gisS=kly1f?`+YJ01)JT}xgp_LdPqkCB)FuF@NN9GgBgv>;d^5Up)(rc0Z7%SjJ^esayNY}_wFWNSYQZ(Y+=5;h?h$An7#%PXy$yc z3H$Tzz}%_r$N)B8ONncJX^w}iJ#S675an0ARb?|l+OPr)g<9>Rp7OHujKIHDIJhM7W8@;rnXgMZ>1zv2HpYEOme#Z9$9-C#!(@${3E z{SJG=>Id*gMOe3#=vcM`F6!J``a#(~?p*#C&&a5Rn0u)#Xqe@mY1C2VMkZI&P_qr7 z()%$_X<^#gBH?8f5G@gcRU~yPgl( ziJv1r?8IA}AUpBPzGr`S;z4#@4uH==U(lw%XSxuD>$qg`yeMiqkYENz3HS>OH6L>1 zH_8`qmh$H)-BzbOY3NmR)2C1B0t{ePQ}$w_=k8SIr^fCKHFSuD>;XZ_$FA%swQX-Y zq`ZC2)Sl@AoUGB=85FPEztPft1mI%-N`%jrap7Qq;v3b7JF4Q3i< z8g?2m4aX0|ul%XRQk3Td7AnS)=-NK1nhz4qnrrwwtkAIpld`9FvCCf4$}d+BlS$(- zBM%xH<5k6NvlNP!WVbnnVxqHI)>^1EW28Sd1y$43VvS6dlB2&JI@{v`8xNc(=I1^Q z2a_DRrV+_`sbO9xqkY82ABth9Z?02LeaQ_sWA|$~swECDeE5qJ#}_+|ZWR()SSt8f zfG(iVuNd-Q8IM@4n5)>i7@An5`Uu{1>%AKgrfP2v0f77t$76*X@_>*mYUoEx@vCqb z4B!BJajr}GKxrW1^~kN!iN!iC&1kn~PMP)QwybDP_U#tg1t(FXr=zHLzUc3O`$ILz zw@TmLcaT`vs@&HbG=eM=^Rmn4cjn9V{S6v^xSnDDo*~_0I3?*v< z6lq$V{V}e4h)&~t%W?ZtlR+CelL@h*a#K~}%)L;RzTAO}O#BT-9}XV|1_kZWKmRLR zSl9;BxZ@iSfOVYpZ$aSw@G$z`R@3p#w6L$6ZK~`&&vBmQ_SLxR_Qhh3ThofSTb6-q z^3h(~?r^GN`Xb3D>+BCVnd>u!%`LCfn?8{5&8@-3An(Q2T%gp79e0X|KypgZh$<-_R1={0q6A*aioKZC!F!xOy`iD4bnU1kp zbifUi(WK6QJlj0|{b;`Iq1x`V>s*ZbOSeXG zzitVD+TJNRWrwX1x<{WTmq&};121d_LRFe^wX2qK7HSJjyC6Y?>pFB<9i7-a;aIz&f8u8O~Mkl9=iD z9?IFC9D8)*Z-1$fm4 zT2ISqH^l?Sv8Is_&@Il+TYe1vyeJcwD|G5oV(7>obfhS1&1I74sFLKMglkup*~@{P z7;^Ocbq5qfx+O~M518ENj%>ppj*`>jBzti+spd+-V-iHl3E-xN*=8B@k9=*N8F?ue9{fq`R?@Q@)v48Npc5rq~qiGciX(&Qm zko30gN0&pLWw+a&VW2nzxsc9Nbg7SW2W>L_w=9{2j7!-`Y!>F=#6dN8rrRc8OYh8< z-v`%zmm;qnmfH2*nc$iiLhk)FjNQu#NRd$E7Va-WPxM8&T{|V(jYfU|W#=QxNl1~< z9}V3e>d?5~rVjRNeRMB>LD~;r#=C67C@nPg93B3X+yT&10g*M6@bz*w8~cOJ40pO$ ziiCs(CROyLNH|a(BB^hWUX??mznHcT3-0IwUqoQDlJ17}aCG*!Q80xEQ*?uu#>VEK zGOkpt9s;imj^;!By908MbUfW#o-+(q{62(upHfnPWN0UZ%}3L6f5a-)>}_cs8T_*6 z5g0*IBvPoYl)-a%I&Y|bE1sK`Y#0uRPo>k=(Iy4U590v#LR5O#fFEZZ5YY!PJ;<*aJm=~CjKX2T#|;tsZEd8A zkj%x!F}d3@jQ8)lgpDDgLWdD_=K_M<1-8~#~3jR*spH7QTFrO3rdl#zx)HnJ&IWm#)gCVs^YmhT6fC~7>qX(a5nNu?r zm=thW7tJdk0_rR%xUqh8(;U2C1+l`>3xPXc9QUumJAdNZF$nbufDmXJAOuwjE#yBMYaqa@LzyJYd^2>D z*~lx_a)OrsoqSmEz;Aou$=O0vR-wtF2bso&biUidGZzRY1@BLWys{g4C0b5w^A&K) zcsuSx&z$W-JU2*GK@9qKA63HAq3++8(gz6r!w&Gl(A%o3Th(Dm(7@l;(Rq**K#=m` zAzCd!;n?z_G>N8tIEB;zlnRe=pW#vcH3+4`KZAf~;h%OM<4IkVI(t*-ex=s`2$`}H zaNev+91872fukO4{K-e$!zrZJ-6$VDdL+d^%}7xGh1HGpcXE}#VN3l>xPSfPweYwT zv_K(*93EE}MugOwTL1dSLlh7m$hk4^7R(&XN2y%6a+bb03cnD^RE4mPma8$! zy!nJ6;yd|Hx{8G}*{J)56Cs32t>JT5U}=-+1ks`jC>ZxZ#?L5~#~a*#Vmg_TT^qJ8 zhSc2s*wlkl5GHXyBKOctA6$B9O z(ew9|T^*42Lo*TAg4AMXLGt9ka#Cid{YROx{&4AEVSoQSJrBf!VgV_$zx{(I=b@@= zKt_lFY=p;aP(K7{kyHr6brC7h;t*T61y_jkJU0H!`6+Vfz3iBVVO#5HC8)~YIWu0K z-Y-&H6?@zQbDWL3U0IbAk0EGX$O`b=aj1M&fIYMhjT7bw{`=MssDAQ3Zp`(P! zH@ia!(+^x2@NqRuL;-LhLGL^)9cG|KBmf173>okY;h`0!gD{XG1Fw()Nbpb)T|wf| z>t-YX5(pjz!2Can;t02D9Bs!XLkn=1I?aY=JhB0Mdf|kcFYehU;Myz~M$2fa>_L2thh~I|B3`YQ(^NuVDc3qgD~Ga&a_> zDri?E2HBuO+$})`AU=aCff#Zu2W6rHa6ktr094Q!DuDNy#6yXGCr1PcK_`2oLSp@2 z3bP18+JB)rl+}MSDm+CV{D*L8JiXb_@-haSK6)fUNy+_}^8^KuFFm3Hgax5Z-zEog zwBUAbT_b}ET%y}P+pV#qyKr?ih5R!W$qSZguA2ByY{vZPh&Eq}D9s@v0^9aaawZHH<;jZ@Q zj!K))@5`(Co8g1SJ2Fri24EZh!2Fg_y)NT9U;z%OD{^&7mg#eRq^)$?@F@}0(-if3 zOXgw(?_wnCAeZ$ZH*-!wv<2kr%6j`-|GKN?wBKth^B~t?UZJfO@(qY6AxOTC;$#^+#jZw9D7!%Eba~Co@jZ< zMZf~73P8Tbu{~4vQBF~lSFoW&bl2=`UTNCcKF=g~5+y~&wHaiZM^t{ML~@7v2JN1o zV*Vzce!G?X8y7&4s7uZAlu5jen`GXCX(`ty&Q~p%>~S zQ5nm#%D3~wMy_w$Rz_aS&FdxRL<-u+&KxtB>!$Mz(a#1jb!ifSH2{*KNS*OH@HAQ_4N>gM6|p7V_CHuo&diU1%}F6o`_MA!+NtZy)vU8v_XwY_lnPZcBLV zW~}%%7>Qg1fDDO7>{VUG?-Ur5UP=BcQWKDconW6We3eki-j^xYntN-jB>zU~yIh}E zE-F2Lp+^2d9>DkI7}#Fcqh9ng6^utjl$03wwGL?gAL zoqmpg27!pstp3xkdw~@+qL`&u!(R zj`PnjHCB6Ns~o}cjL;x@&7YsS4{W&1sJ4Bb_c~5(Ux7#s$+kT)Uch%Gk}rK=KjMDQ z-1nZ|2d=I`3GfvjUh|rf&AHB39pDWIjGZ-i3|e}<^#fjKSu2)iEL03&{9I6OmoLsF za2Ans&%E#b@H|m|$FW%}0m)AW(wb}Wca&{pFfrsiqZf;i-|BeoeRZ^Uk|*kWzi4oG zc{aE{$hvrc(=XbJet$iCH-9MF);cZPe6_Z7?|pxCv#8Q`e{{hrni1wpbYFGP22|k( z-jv;Yf8lNWy=Z#BwzGJ*V$fc9V9<8^p3dvSZk9Jw)Q1GL9}#wcHfVIe4l?Sv@VmeA zxVOFE+7lH8dfvD&cyfiIRrd0Rks7NS;RGBk|y{j^(4a2OGZJ{sF1fFKq(sP2q3k`EjY6o*&(8D?~Q%r4le+i`h{kT&w7 z`_qbw3i`^+AgrOA4Xgl9b~4bXoraY|Rh%o+7!l?qscminLMilvQwt*o!l8ivE5$Zy z6^TKPqr)tO{%IXxhgJzSm*x5PU}!Pn+448(!A|KCrV1X}5+-guu>RKpx|yvD#=1l> z&ke`8w{ujYV2zx%Rn^7y8^ab^OJlqVf3$6KRlU@bVY~!guxlyLB5zG&H{Esqc?m?` zwG>P0{!VCMtkLs5KT*2ZFz4hKbl^!ePNziXMzhC2qbBgW<`mYd3hi1}09~)5 zTJMT4&uLJq59bBt4nH~h5r?SW zQtYwY*I8GZf{-cXExL((>TtPqSi<_W*#*Cqxb;kJ;su}b;-*rC^rCNG(Xxg5>e1^m zOVZfm%Lqod3Z@g3{lQKR(zeNOpH?pH84-BB?~Yw=>Z8{#OVn=a6`i9NuU#W`!OHr6 zs;61N;d+@O*+nCMB`LCn0mN^#7l~t92EJ*kWGt2Y2_lD*NsK{M-Hx?hXQg>b%mJ$t z2nE_#5GK5Fy|ElP(X#1%d9rp=Q;aA4wf)mD^N zhMCsZP8t7()fb_~B!{YTyb`D4E>*iSyN?6FhQuD}x7_fr-_9&gncGZy`4rR#-K|Z9 zq!RV3W#sK73_MSe$#$V$rsJA>=5?!T{-)OvdnEG;^l8Z5C$IL(9LHvi$R{N)3L57MeT9(tT>x(bjcE?aF>zE zt-MT(0gFm8W6j5akDaPRc`WPGzfhP_p;j(1j`G?M=cB)PP8CEIjU6lQ*lU7m7M-<@ zKu=B$_8*Hz7=0oEs~;31 zV)98S#E3mDP+yd(JCLdKr9m1C)_hZoE@kx?PNq4hP2W6(Rf4k@RQ}(h zpTxf8kVR`yTt-12n}a+F{i8-S;fR=?EaKLS3>i;In1(OhbT;#cRHHjzX3~6N3IQ6m zb8`SPLO$R>>qIgT#e^856i){PK+44bm3E6vk$Fxi)DGqx$g0dPC|#B8C50@C963Ez zz-n|q)sU>%AgY?!zd$8j_5jPos-(oRDeBr)A2>{!CI2kxP`Uvzuw&Ls(|pBxjzMWu ze|32s!^UDv@a!5WB2ljB66`-ylcQO!DwS8zOMvv5tX5lMBm5czQ~XZ`gWu3N1i@O` zLLM^zl0g>Lf}9x~aEdWZDIDuPlJ67*^;xfE}A>B}f0d zp=?PqV59Z!_g3kaUj^u{i)h%NSHNxa31J z$#|b1by@52Au;cY$9uaEHzS+y9LvL_C z&=QS+(q`rPHJSV}vZ1o<^e=M3;qh@SoDBgcp3f%In;g3RHDVdmlq_YL3nnK9)mGxp80>h(Ijpwh|6sK&1&z8H?6ali8M&_*!u# z@ztW$$j_)}e2#19%XbTgIE!`52yzq)*B#@Op7WiZ(Pl1(%+X@eGuy+Y_EA~ol(R08 zji++Y>1n9J@$oT^BPKMwgHsJeW=yiw1r+1pps`p1H5I~<@IkT>#S>Iy6v5K$|0H|EyV)obu?p4|#q8&QsU{gJ_l%y}1f1ra z+^59py5CKJtR`0|%U$rI1{^sS7sU1cB$#W|yA!rEvZ%qL8%{_)S&>uQi%0849QmkF z?U;V%dI39cuCC3EML_HPsO(OFuNRoW3Hb4i>_1iWoc)(-qCJDozco|hK{QwWT;P7x z?Aiv^9L$qTK!)=3o!1Ns#N)MlA!T2WV%ydcwEsk8>^~3z5{_6`o1p%Mh;Ci3@`L(M zf7J7otaBYCO6(f6wDHxne&O0-U9tW_;6>QiFd~-1F4G$*2~LWSR#TJyE(c1U<9e@d zmsUZZ01nlNBUDq^mKC;;t@^3NJ;2Mvwp*W)YAO`Qnb5~YgsSl#hvON?;QJNe)|o}d zjJA5pnKlZ~rmgS;;D}%UH-Hn7sQy8P-{P+Kpo~!X)q4lCPGd|6Ll%DSj0(AA>5mkX zWr^7Q$nqq#kUN1ROiH7qlKO|k!1o)r|LyS@*WVsHv*&SmSo2&bbu$=aN~YA=(w^j% zabZnEBjy!WDZ$|H{C^J~A3R=AGJ0 zc{u`l+P9{TqXXyU|4D1>YQ(>DNYL`NK=I4;COlzLv|O}>tCyc>Cgl0gbKCmA5?j8; zq`j}YV_^BKR)BvO%Pzd*Kdb%4pfu|bw#D+V{wDK!8Bn{qSnL1cEZ0unIp05;6PR&J zn&F>CZG8&+zm9&#)Emi|H5&Po>_fW)Li^qSUggukKCY&gubC=UoA9z~MDqRDP4v`ucCbNavZ@4LH`oj!s?u;Vb*D_`g*i^yiILmFeci9rxnBE zp+jD=w0teugx}8G78;D3=jzud_oc$I$^IM8|8HnU%V7X57UpyDE}P@ev_G8<0|w*L zxuU9lk;dAXJpZ{=M3;hz3jV#b^qru1{i{q*Ve>d*Oy4_5V+cX$360+EGhY3uXdfpe zdZt!}{5D?5Z*Bei+ViLo_#eFr`JXD2p=tX&^7KvkeP>qtjNLD~r?BG&8-_mrzH0tA ziz=<1|0bp>K{})?O{X`XJd~wws{*Y(t$-i!8ZlJm#F)3g5-YzAr}uwm5!S!4=*a_% zXn*KDl1RW$@aMC+E#+TA(@IslPqv3Y{8zgFE89SUztZirKfJZ!(=w_-GYWA#LbI2u zmuoQ>tDfg=2GISL8|+4(ZHg4_VU`!||E%?2N}~pU$6SNPzjG0#i#_&yx2-4plC-bx zGgd7iKmv7LVb3n||K}3_7m}o@9x^K?HIVxGXXIm|0zgRlSm36A4Y;$x|HnQGc}u=A z2I-#*HpHV&Z{XvC-D4`0%MM+c{?p5~)=?;$ms-CNZ;SuA!w7Vyo`-Da|9#_<5}}-B z^k?7lp7UUsU=fK6*NsOJvbVTmN&lL@`DEK*OcYuGw5~KxrhoOQj9ZUMQ_gCY==mSGbV%!cSt17f)88GB zynkxY#9A@!TPJx>nm8VeoXv)nX5P)8<~dYisk`hjXKd&Pq{l+`p~uQ`B(*CBp3zO7 zpu`{g)gMpEYCQ;P1)B;*`npf%_DesDzN#$5q;lI~nfGhiMB8jKQ&}-Ks~eLt6dK;! z$F;=<6&F6~n{Vv5S#AN=D-{EUb}Z6%cM}C(e}jnIE=3yk70O4?l{C$<65pHFp5Q6P zaLhfG-{7BkOD~r|-Z1ahz*&vw7IaGXB5b2?e#L=&Mm_g4tStv!E-k*-Tp6@Y zvk_MHv6>0w6_BS{j_Ud5uIAO<9C@&}wes&yR1MD_wE5heQ(hjg^l#iFg81$Mkw`I5 zXD<68FQ#SjKfIWxWeM^m8wAq=_n0*3{SBPr_jd2oeQ@J`KGl?pO7F+5=+xEOl*nOfYGrDI%;Lq& zrkCQfb<+Lr%7=`sW*)!R4q7t`u7dF}$42tWwhyj4guy0+e`!EIx5UJTPZ%g}XN2*M zX$KpjB~ToL(=2y)5Gd7~yFbrPh#8jK;o zH1i`AJ^TU0^5TX3A&c^=z;B6&>_o&DL>E8^`5&*6cGjb?e zJrh&Y9fq{ypT`~OABKhl#-EY?b!LJ0XPTMR!!&lC^iD&w2NfFlyG#%-Vm`A?=|Vzr zu}#pcu6qD)>~l+?3^WfWWV;WJGTsC`(etYjZs7FX*EztYU-b9d4kD$eFA$}r)eJAtjGE)&wb`F3cC@*nd13{S4F9@(ZzE?`ENeN?EA<~QB$ff$&kB!j4swn zZ!jI&@ZNV%`Fyiw0wMVVsMI1c9Sp*6I`%1D<3n!V&EdI{v8&Ha{_ecLX~AD?-W7pZ zsn3kKNuGyVxu|jwt-1*zp{|xIZ+cRv^kYhuV&81V*Yv^Mt@Ye6L;$4c3!nj-%73a~ z468UZe!TT=j`dL}{?t}utTa;Pq63d5);bID)l?e1K~PV6@hy4-Idb9oa(Zo29X zAg)4OY$HWeLRbBBj(_nG6vaN?iZ3KkPLptmB?s7Vk1?z`O8}>RkWv*u^B2Uy@%J!w z#6Z9jF)*~QtVKxy1|}O576u#g^)z>DRwr{KM-yXpXGaTLGba{z8|z&kE2mlMk^POh z!r#I4t#&1w%%3V(Q<-|a(d}aKPim>CXZI2kw1d9XZ+13Ng4X zx;0#yo#3jk-Ln^&74^RReRenJIOm__uE6`vD^nDxiJ>rgbum)fr(mZq#2ODoN;_6D zYOn(uWP6D21+QhEZ-q9`RIIyR>&>Ilv{pSut-D}abd^v&Sx4?i-?-$zJzO+hYLd>o zt1CKu+nDdRH(h$d@58T}%*LI!F__kuj{i~1e3S^TWMK?-dF&!FEZA=L7zeK=vVytB zw1u^h)6Ox+MeknYbPvc%vY7FuKP8WhH_-)H8;@EWU*nm&=vGU7fR4Km(Xv=&18fVB z%j2% +3v9v*>r+d`g+-?~al^Ua@kHyTX5_8PJj{<+p*y!*p%@BLE9(tHPtzT#XW zZ-r^gG>3U(_Fj{#yTNOOY~HdazvdI&Mi02zW7^5j`#<%5e8ClE+P>7es=o@VKXv);-Jh)c-faD&TVY_A{Ozw+HPLU2co&XxdYpSX^@6yqPGR)GHl4@{ zm};-<1&->jAB4lZsKSED{L!q{;Od%J$;wjmt<{ND7{Z;r+x;Ug&ZUX1%NpLz8EPDK)Ocr#8+l>q<3WToLlRr8I-xGn06vuez9eMr^tW z)||5k%lBX<@q#83Md+2?6H?)+s8p}hTh?^Mgf4@OY|eQSP!Pq(G_4$~ z-aKtc$Xg5&kChOjff?mUQ%b1XDJdI{fP#&`0cxy$#W+O4a4dm+; zKjQ?%9b|2c=s(v4GK5Iy$_4=LoT8sq^+M0d%DRM9- zb8A~O-C%bvZI;lUJi)0-ZC1;TTxKI zHEWsSwjy@hf%IV+X01rG#lS~+YY;&*l#D%NJMDvu)IiEKzK;&^`7qH1ZNh|@f!y|> zaOXQ=^xgI>6OG3B=sc`no}37g$M?Ovqk0YAH<8VR?H!(&=1*p1{p9RSm#3BWx)`@9mGTFB!%h3svn zDBognsg=9#G_gIv(yWlZO2c*ds*jZ)k6Mfh0nKO>hQ!V^u)Y4VN zT-)m`bW2~B#0FI8;?ti@%)KiuKvM_S9OKOSgKF& z*V8k76Zgc{iOXCyqDbIOf{_yA_8AfFpuvDigh3G7Z7<6%@14WKht-5kw#NMGp_&W{ z1ts1cW;-`lLIX#$&mH3Em89qdUge9j6ZK~kXLfo`ea?<ropODHo z>M_ocUCVzKr^ub1zdNj$y=U9hwDg1{R~V^t^C~8^1l>fpMn@sgn>SC9Y>w0{jyj6Tggp{X+=W+A)< z#P2JG8JfS9yIJiR8SZX=Szwqd6=wO>LIUf#vrpKI;-L3M_%A)0{EXOy#V`bh#=wN* z>4xl8`vZyDg}OGWLoe1n`PhAqy$9J}6#%K2^F9|fCj9bjKIIPJA^l+-b!T4;8bOP1 zU7XizG^OVEE&$Raq`%OTZ2Ods6BdO#_>_pMcCP&cQy53In z!VmBO0EHuWgL-gx#D+lN%h@spOATcSkse~1!|ksco)o#JsPn1o3tJzpop6`1*z;w} zCXKr6WuB(sT5j%QJw{@ zI5_!fd#BQVk!p;$Y4Av)#GI+6Sth7Q)RsuFck*j2rx(d^(O z48C6sz#QdvwiDQWvzAHx`|YybVd~cgBK&{=Sl$+_6j#;~-$PWrLXe`@c@-~+i85fNz0)M3yCJ1hYK zUAQ<__N4pp_U}8!e62(o*9J%QWuHXHG;qZQayAd8r&EcZoW#E20e@7U_@ZVJ(6hx} zt!O^LSf-ybQ0--f>{O^n0Nd{v@Qd)+lix^8xiXi8*@@sqc(Te}J3fcRz&`f|K3_0W{00Y{3Bh;n?aTkb`wov?)Eo`9OhJv# zuau6P7po=g4!ba~X^n7YwZV}yOs)(JqlKbXw{0qyif zfG5Y}OIGK*zP!9eo9>6KYgQ67SnvepX(9YWvKu{~&eSgrO$`d+ONkvkMm;Cb4}b5z zAt0scFDSoASV;I~`^v$|MNl%y1F0eQiGwlvudD>mG~RJ`EKPQ#MvxaDz^R;ig&RPr17!_n%3tB>*!HL>D#vguTkUi$3(e^(*fYKDr(+!ee!VUnW_} z%n|Dm7Wa!R7N+wLrTgNbV$Vle>w|WQogGdjmBb1c{&EMwkfICoD=He;to5~3DK8#3 zjKDB6+G^FOlU{sJvSiXOWdS~yV4@nVuF!o+AHVHF9(cVa6fC$Df2)_6Q;xu>Tzp#g zDCg%IuOL6DTZ$%1ED{!vZchGx098P$ztC0M!(w}Q@C>@jfl&9ph;E51X%7S3b;xzJ zhbSj?3(=n5>YLkF_Tmx=RGVqHe~Ny06@D1oR&&a@TjN&;XB#o$E=0g#(+A!y@^ z5<(%y^Z+`%X4OgM!b3rIaLqm#qn634EWe9Svz8ft^uR&x`=T_3DW)_>lMbqZane0f zrH+l#zp6gUjn!~dS!hik@FN_Kg zO@)KXhqL~h=cX5`qBmNV|2&Gm;jKpFP(76&p^e$;QLpy$#T%`ws;%Kst@l=M92G?G zIe4MfhtjCGv=-8%z1o{M+MrcCN7X^CsqsP7>K#0A^jdpOt0Lw*9KC+4HBL>iw};w0&d!f2)pl1SQNZ=u$EMcN%?<{^FzcEFet)ypqUOhV(6pF+ zl%ZSB8r6Q|qt-7}s76Mck0|Ta4qiRiI{N3z!RyAkHa6<=u-U3>i=4^^KR31aN7pw# zbkWwH`OrOh{b5jh^*ZvzuOzlA(q}vs@Q1#AsSR7JLY?>e?F;QgQPQgnutVwmERirV zh#@6Pv_VzZHJQ-5pnrZw@O64ValuhbTlKi!9}EwkzkL2yTTW6cX=B-0t!jNY>m=5^ z*1G=rQ5Doxm2~59oz|`PCVBm}wml41EznlS@QkJ?wj+IlplH|}R7{Iu*f&WCT&23s z`yZNvGi~lrshaQFm!gcmNE?Rp!5icI&uKAYgG%>|iRk2_6Mw%~XEW&>U39cQ`PeXh z9bG+5zYrJWZEstdHdcuTwN-&K^kW~qyqzPh8>vurqc+V^)~WShzI~(3O)7!adoXPD z49%pzH$6hvwLU{tB!W%%%OtFAfc|mah-GJyUHj4u|0S(NqG-s;}}g zJe0nH`QH9%NI@WZ?X{f`yROdB0V)#Hwvw5GHwKn^wybZ4Yczc zZsklB8_F0luX2A7N4V-M18K3IX+nOKc5BSPUmUcwLh#*iq5>)dafUaabDRfyMdNKs z+2lZn@UaO*VQAkCx_}7I)7O|FU#p>|^HZiNzcqQ| z%s@h=$s4f1Yt5)>`bF(}>4Mf@Po-4#Jy)j&CG1tY)}!ZUYIDU#p1!@l99xdo8I$=U zeShu52XyRmsq-?Q-GO`B8e7^r_}QLLEsc=B1!^Vz``Y$w42YMWOQ=mO(;!MuH>bUv z8yemXtQ$)k5x908>&nxv+ul;EcW^g#b%Ob!cXOvbKlCstp?3MgagmroyZq0k?@YAb zNGdq`?v*`z7tnHrv=WwCC`=SslnOlBA%CL09dh2wC?yU&B2G05V^D>ONAeeDgxm{j zoT2#&0aK__1bBG`X7n%Y#sEzj*&!EJegX{&GUZZM^VF;>Mw1s{6DUZwi;OLII{_4R zMAFIjvS!Oum||OK0%sb>6f@Q4D~O5W;Y1wwManmvBa}A~>tDtP-BI^htnUzlM}L8f zQJjp-5>v=y+($7_vd<}q2m*uf$I!L|Z-$7(4e>)@bd;DNszKFHSRtsrqCk2UQY9h) zs?j-bAFomfusoW2$hc;Ue=mVr4`L>>sTki;JmuWt;41TL>8$GLvlH4Zzn3tflM~Xxie_LIIV8It!E?m zn2SEr6i9r*4Hoir2|7tE?Q|_IWU-@^6m5KrrgVTt^`qzC%sgF*YPg(OrGK(SqC$jy zO>i=&Y*#_Le!47>1*?z1H;G_FQyouJ$`ZW7puJ7kvR0~@%+^Y`F&2YxcWcc$k+PXA zxI-CAwca{&t~5OgJqQkLa}P=~U>GtkeQWDPizkeX8PfVVo-3SJQY*&fuOYi6K?S!> z=Ni~jAg;EMD|fLLAtO$GqfA=Z$=5XDLowz`F@>37}t$0)fu%%XU)^IZN%iObgst5inZFYLw}mI!jz-VbAjrd zkEW}%jan`4)u&{+c8J?v%qy;Vz}d0xRhF!Kl@{whIz-+_lG|u~keRY5R}>u){)Tv( zcXH)$W-wEdjIJLr0*4;Z{!7{cW4U$wh z(&i{O8}p2Gz;{u28=ah1VRosrQ5Q7{cfJ78`By#p6)&sXl(#v(Cn1oNbSJ1aJyHDi zzH?84TiaV;pM@3$7WRashXQ=<`IPIrSx@bRIpDb8!f^kEWD?(p+@RdSF*6fBp)wNF zDs!AN$mWJ4l7Co!k)U2>8r#(teRfRR%6^eyK%nMS$jvL)urAl=}gM)qP8rP~f2+ICdPqqtV7w|`#(h(}1* zQq-n>=8R2c#T)T^TlSqpkcpZX7G^M8fI5o^FX(g_$$xj994a#@8pB8)f9;l2>oZ5H z0LPtXCE^jIxR${+PfCEIf{RbwoC#*Cyf6^C(F~W?5E}?MHkn6R-LWcg8V7?6$8<|Z z%e8zmC0)W~o1jYP(8ylmDKfg8NxWFN@#2Yp+f$B=JS515ZLd%!khqB9)Ne$Lu z5JES-@;yeD7=B3BgYb_9@=+dn*v5Qks^o1h4( z@8HN>v$M$bcl;2UX80lUh?{QBo3*U)pxr26GkrBa+||T7w)G1P*1(KYJL&-7PRpDT zlq`rU@urBW1p_!K*y&OvMCSbo2+<6=SM>gl@Sf zT7S%G9MLK!;yreScsRs^^^(MG0y$U#?IyUuDi&lF*&&IONna&25kWw%Y*%@h5c5Lt zFovSTzaLVV2RA<^NoKE9Tm%jazz3+o*TmJ%DzGATFY)D7v9_a1sTkN3pkv`{ zWzC4tGYuCKcB1=~TWbdj6)mQHP_Ky!rV9_LycOn#baY5G3G7s0R0a16o0Os4j) zpjTVpW5Qh}G%M<31~oANwTJVlF@H{zN*7f41^teo6`Z@E>C;0RpewG))G(S=c$V8@ zj%h^fB?b%`%z^ym`%GP9s+xwJBHEU&0}vs_qncmP{m>9C3&!NlEl)zM)34{IZ@b~7 zRq1pZtx@-)(Qj3LO+SxQ(g+&I2$4*{;6Pd5I&~M`%$eNnSCVsY%fv!_-+y%PcH)ls zhv_(7cLb*V<)|ImlQhm{@ylC7;ltCSGG0!vt+5t{b$d`cJS=HJ-E<(E37 zw`TcM=khXrckLQut;a-NdAEC3a6LvSR{9AlnwTr&qRkZ|KZhaYiym5Bd$#L*PQU7B z8we1f`nAZtpFO1ZhUSa*U4Nw?YFWg`tpl%@H=2xVTT@_b(-pJ{CJTlo{dNZi6K%3t zzD~tNl#yV}_w`sa%l#LUk89%0@)p)|rr!?qo`ryM{Q(>oZ?3(W)-#pG0+5?@{j_ye z0fE<+qC}o*%~5hceI2Xr`1pD`rUhawi&l@Z&?P{nTwUq%4Rvn1{eR(_MvL2U&mpAu zhF6Wi3}C(?B?0EYrE6Hf0lb^rZwPKD=^GO5A4NY;^%t3LGrZ1p+n2snlW%dq?dcJo zahI9OXk_sXn~KoxO+{$y#tO%Vl0=VfDK)<^de;2TxMtI9r`MAOW(;hpt{#hEA|hxT z!YT~06dIKZ7AkGN>3>N>d3}tE2Nxvrvl<_?=g8lYE;$8281QrGH`-1Pg_)1wHEV$# zX@<;f`aRX<4e>YhIG%3069j3Hk|X)@_0N-UTEEo_Y5cX`ihplye2#0~dMmY`eXHi^ z9PJ}FKsi_U4W%W9(h*38QoU!RfFNeKNEbKe0E|iyylC9Qh@^d^DpW@a!`S`o-C8dG zYT~YAeZbgFN^pKhW=Z=J8pD#4OG$}@D(#ZA|agfW{<=sSNGlI(?4E_u; z&9pi*3luM=Lx0wv3C>iVNDa#or1=X4|0_f;CptgN2xhZyY&|`rj-lPz(m%uMkkD>i&JHr(DE zhj~Q@UBW>J&Xo%{k94IgcCH+O$4sa0e9gfG_mURrN)C-l!d{@@1ygBCm@qCDoAB5&7n!W&YEWf#JhHGi7pF>}Iy;i*Gk>VF}PzWiUnoFUh( zbxGi0VvTBa>O?vvQ|qe523N;~un<#G93;}@LJ>j9tus}E#*cV<_3DT_tDr2kD@0qq z_O$S({WquE*$uYg{H)&ls;OJfe#U(I#Zoe;l-*{g#Yy(OX5^?DE_yCbv zNK#VSOp^HGSpEs{p=;iSL9Q6_Rv}C?K7YCcwH_hM1?*Zli>He?f3uve;sRHTEHzoaTeCB zMA2gZ@11tv@$nSwZF>M3MV|Wi&qRh0c}3TM3v}v=`jt3d<5j@XFyc5roey5uJ%5UR zpm2^IGS2Q*BFhxFb>~>92$OKda?2dcq9p#)=5P5}e9;_S>(prYxjTcMW5uMq2WnsN z^Fm0(tj1(F2<-4#>}^LxO~ihoD19$|Z@zjUiYq}~O+#HgOz<<4>4nS|Drvao-boRJ z$AA1G5`ZM5Kfvxq>MEf#ff@uv!GGt2ndEG6sfZe^$R#9)gCRKmTc1tyCB!fZsIOon z#LC%;P*_Y;g5DCZ0FIzOLXH4JsS^dfitY*l0t(3 zWtpXjC}uyPoH_Pq3aS=`dI!W;gy2?()r9_BzyxK|d`c*e@ATwysdWMwqeTcKvJRkt zIkR!T!ipgd%9(QmSk>vrT_n2MMP{2_fZ}#rJqpBv4S-%xJ4()I9;0UQY9o$J=o-Mk z{~Iyp^rh67698xT0+^c#1b+vrN8bzRZrcuX2x~~N&1R*Ey-^IvlC z_bC285kXJ0U^OS6iQR9|_p3<&W<=t^j>liPwvC`gMM;nvcz5qX}mD?`U6IABCK>@56Z7E zNIBKruht7oWIm2DMtEhE54 zIF~AbBGCO|a7x&<$iYBjH_ISp^PFizAtF~4lP*GGO0bm6jh@_3*##q*8;#yfI2QA> zwSxmW!UL?lCP_xP0+C98mFEPu>xbP2auQ>*tq!5dj-r{YHvgo6l3U z9)a%!(c!3AL?8nc5C*bzE5Yl2Q+46l2g8L^$3q2`l7^n;uE0}5%>MAW67e> z8cXnE0#3)qOg@ye;h2c?t+9b3KYvD*^2T!opC7bSMUt~PgH&>6EbxZ7pl<*p*+BUs zlO@PB3evpsfco{_nz9}PmxTUMdVhM@WSD0%yoTgkLx8Bv6O6)5Ok^pg_HUu68K&3iM#$iGWlCzlGbU_vYIkE$S(1i=5C5rdw6Tl zAsxX6d-oqPcay}9Vkk3*6m2?vce2W+zNtY?7qJQO+DWO;1g~siqi76)aDNO|2Ph;% zbeZpV&KJn&NUlLbyTnL~ljy`}k1m~kS{uekH zkRM5HHJ}4V#qq}l$MRzooPSAnWDIVi58>uVXs4A8EI_Oh=~jsI;$v5!+#%4sEWxH; ziVF(>&Q}Khq~ND|qw@h0N+4e;HEIb2wLB#lT>LQ}FD$P+SET%o@)K;%0Jh4zB&SYv z?yx^A0v%2oMNUG{!(r5p15)sj5eiOzI9hX@6Y4%2-8es{CM3 z`K;1i1*i?2Y!pZo)fL=0iv_R@o5Np6r~U4E?-`%upes;1Jic$x=zm`{YmHH&lH73wudDNU zbPPY~CMzxJ&!U`sg>JH8W$0k4Z(>~if|JvCGsBc|kX7=G=@~=~e{(Ks@%GUaRh%N5mo%-#N ze|`BpZ-;VYdw=o~BdQ0TWJ=g4>Rr+44vDP8z2cnbuv%JRtES&ppyyy;5<4izGFuyA z(IiV_+}GL?1wW5iVyihn0=F_5|IuQ~|N95=HbJ6XbA zFy%H#w?+}Hld~oJI)0sWooj!Z!I_f3Df#5%$&qOVK)c)q7gNgxcbZWIj+r8Z{W zn1GIB3MPoaTl&aBkvD0TFdQV@@3GD%n;UuF!!l_I>1(pj(pS0rw2QRwq%RJKt@TTr z9sG}Y6j+ZC1+*Acq!vyx6dBmZXwE>Z%9*&liGRaXg)#b$0vpNKuV%9 z?VL`4yd-yV9BYmkV3J{$OtlQXE+T4=LT`yrH|BKDUFU+DJDRFJ-?_z{mB+?>!B9@v zT6S!v@_a0s9A;C)X=jum^(PbE|BeettRjyJhJ>`nm zb_H#8^2$Z}P2zXLavv!`VF+)029ZpdmUy5(Uqhm0A1P6Z2qchnv*{w#)SUn=lu=@& z4UC`31O*%r7^QujfEYu0O%gPqg>?c;1rCGsXw6 z@PFTnfkXCd{805h_cx?J%Gr3gfdgfFH@rp zZ;x_OJQ0*X5tM%sW6PgLDS!Ajk?CRiqIVvEQN$Og)f^sGkR%=i)E_C?d&}oM;CnSC@&5sZL2$qUGO}DH-AfYAORSH-8Rs0n}c+R3>9p ztS*rrkq4Z>#N~W1gbx@IK0r1xzLu|T?kV#8Ya`ENgoVm=E_S12r9^^56!$S$S@Q1$ z_S~T)rXaj2zC(B`SbLZ!V&=@j;`0zu*6&d_k~!%P!S?ay%>n&+bM*GbH_Gw2feYk6 z;iRiYDQEMyi<3!vz4_ToX+d5cEjqXg=_hj@oeH z>7CfqUD5Kaseh*>6e~Q9%D)>0hhz> zAnQaFs}h?l5)Oa5mM@j#p#Y$7!DjR2Ig$OV@%zFF{yfK@Z*;OQ+gJL^`43z*t9;8N zX+S%8mOBM1KQ5q1iAuzWkdh4M?4*IT=-YBvoZ8c81aJ>Oc@)q(r_3!;a8TlbpjfF# zW~|9Gj(>+;EXOl&AFpe~WcCF}l4JPe7RY*vQd>tu@H(xwDDG^QRIriXSF%ehMwlR` z>xhy@M%=2{p_MYuNk0H7j*W5>dyICSfrnP+5mIJ3Yl^QYlSlmFApNGOC`tJZ%Q8$T zlzE#8wO3)gHq?MiI!Y>@J1fx%7M%-Ld5K|PnSYb|5U~?bNKjC;B}*i~I3}w9Y+{3o3Ih|F+GVR^&{JX?Tf;WdRvA4) zwtsv?Vqw#wz{>ooKm{Y9H( zt*SHk7;EV$`Lp=6)$ziBfO!lfS9FNUov$^qxFwSzCItLy^~_c}Tt?)hqK!S~>|8%i zx0zT7-pk~Xlg`-u5H+5sHGUALTXQ!AL!aDoYu_U(%kbLs360jQ2l>iIyc!?wYJaG) zTR*^Tbk96AAQRUtw6REWjSVM^7?gQ^2KEMtoX~c4!-*&oZzi#-#1twC5wCBFd5uun zETA8YXF~~TX?rrO!a40cQ^X^M36>x8L|(5(L}WQKkSQ|b4mdf0Ib?q(QqH>K;3W}n z`__au8_vBa&8P}VBQdv?+2Y#T>wh4?!-r9~7Tr&5b(tOA3zaD-2mmw=f=`}5%@1bE{*DjeB_OdlJTgZ!yUJ#8bQh$4TZm#TE z%<;%*okSXP<=L3ZB}02q_1A7ozzt%%_>Q?Z{r~J;ZBrV_8vVXi`yaaaqHZZFx>?t) zP#1wD)T-eEx=Gcoq9!ov+#pa47~M+U-+s?|y5|KLUQC2(v!*H=S7wHpp6;igm-C$C zcCtpTTQ^wom{a|6vm*4*Zht$?74_E*0LIM8!3m34x?Ca;EwW?*wc2FbAxeMg#sMV4 zpstDLK?iE}zG$CDQ0w@?)+HTcrFFX+1cRX;-T-x|;V`so2_x;G(5JZ~LmE5soRZ3} z%eYEZV8?|{gd=f5Q-s~GO8VGYQOww+xdnS432m7osSwn_4+w1*O@C4F#`JozTr;K@ecvk1LHUVV`K!g5$d# zXt9gfH*h7FX9`hd{eJa)Ri5^c!>`Gd&l}}hwN|N@ zo8?laQF(vfEPrU!%4g+fwOo7izIIkPFP0NriX0&Q9=NP<5q<@<-?z*8V&!$lF zbZUy@g_S2!Qfzpjkr&OU1y*l$d)YXh#E>^6%0&nWSZWV6#(!YPe6eF$T15fR#e!xr zfQH<~P-JU848{mW2*jhxDftdqz9Q2Bbp+E$2;4288hI|&I2BP36nxLwEjk?#3Ssa2 zsxBHu{9; zUgeTu^=k8^*MEN4;)lC~>TJTm?;-%PyU}}Xl@EK|@1K7{iGu2(#p(rIaJa}o9nszP zrQ1E`YESvl*k+dVp5vM=Y36K$N3^RpjwWU9?5P!pq^sYeoHeJ_y~Ch3djc;edw3K> ztUHnD7eEBLZFM#1-KsriR&m_d@XUXY&|>Hg_OnNa3xChf<#;*{jGh0^>0Iq+_g~Ha z?nCq4hle~HN6xM-MYlyM%l+)Z!K;}!b!0AkbR<7nE`J_OAG|?xaUMPXYzNuHIadgtZU0qx2^?;lTk(=BNRo*s{NL}R&4?+stWk>p zGbS7#sm6bc)aFYY%Z!HMmt4Vo_xic#3jUcDfp5!54D;7%1t{_bd~6sa{Yq`8VNsWIf{;{ zqRiplOa4p_VrS~qh00wS$@-1wcG#!t8B*u*o3er-KO;j&40CGTKjDN7GLN^;uyvz= zw0~?3I}f@FW0H{U6~^?1sQ8Tw{z$vr9+ir)X`WACgImJ0HcrD;jE5quBiak-V_z(Z^(0uUWoGju_~2z&dzo|;*V0B0X-3~pskE- zgQ#ba>gS6CG#4`CLixi((lB+=(~JMDqaF zYoEC>|0;?$v@p%F+SffzZGZH8cwJ55{7L)2vE|2i=S1 zbm=3@+K#zxW<_UJZsym(TMo}0cK}Vhm9b3G?Ii99YjO{g*Oh+j+G~hO_v#>HOwCuv z7Ch3Xoy4|9l{xjU+}1-2TZ55?;)u;{3|XN+!|x6^#_-1U0$PxK`G03b7ZVPjq5dE- zFrqhYFW~bDL7!qHlXAfPtMz9BT41scS~ixj?9ntd3O;O7DztP<<-C02y5BpKjQTAA z<*+mAGYjNzzl6SMUVs1TzvvAh+cb(ATCkk^O(`-H zY3PolPQm;tFNi><(!Julr+;3M-qsW|b2B96BeN5mm}%{P70`(|q$&Fp_=hBG2~#6# zb76!4878c;z|WsJVV0kdAdn%~r1NK=?-v`3C{1Kr(!%Uyuzzyp`xZnxxE{b61B=-8 zccbYhee_FwC`DGZwx<*3?30OUThDe3q!hQt;vAt4z}i84N}K;<6x)jDMy;yV zZF0eDwX|BbsDFPw6vfKsKxB*f+1Rh!gX{1l5SVY)UHBKVURm7{OCsQ*b1j8+To_b8 z!!IsG+;VUhN%Zb-{rpp!X!Xi1S$0*a_Eu@CFNk=9q~p^_3vUgPn-MVfR2$+4^U{RQl#pd5db2G+!}a&$urqCim^L;E`vF-T(}(M1!0nqqwWEUCv|z7oLc z{fjc(yq4wtz3g5#m)+alKiZa`59H?;+OE#)42VH{gN04sR_85{`CdCSOA^{Db)w&= zOBJNcwVk$4ncsYiX4AeBUwww-Ge76M?i>o0h^X-LEL%5d z+idwD`=;aGYx2TC$-$F?cEVvg1=VZyM}NM~lV^$o-D_5SRlNjUy)}4{coWrd2yZxK z1q(pzX=%3DWydYbTtRCMubo+fq0aVedN{xtfY`j2DFgX*WVgub`Q^qVp4u68_15nY zZ67wcX2Y~XTBDt()RsM2K~nXnHWVT^X3tn;OYW63>HzM6jDlUOQ46!#GgM!0P=6Mb zW>fxZfUVjI=Ld*3&37M21=wuogq-npq>UAJq1VeYM-u60e zFp$-~4%%w)!^xo6{X407WSV~bNw|`W&|pGan`y(C?3Z5zHCY#dvOoaM-~p-%e|ShJ z4BTPTYv`Ulc@Fc^;7yxmrsekTCmBi+H(9U;uX4Z$cc%L7r1noBB#!$NwSP=M++Gnp zxb2|4$U#LL%r?cg^a2qk1cmm_U^`arp6he9@H|tPGN;MP!8fdNyi4HrZ?R$R@{BY< zY0gz`QzVMh%2(Q3F-)Ih!zb1zHhwym!*Bw!3mysmMC$HV_>a~$nlpe3)z0V|O%j)* zPS+hcpS%vmM(c#>!+51>#D7EY60pV5ZI^S=kW3)rGZYeH7dDdbeM9y2qiH5~*o(;J z)QC1|aMt}KOL&z}VL(hP1Y=e}hmsiwo}4W|`NgC8TPP29&5Zy|ru(_{s6nP2ZK3Tp zU3KOk^h@w{^Ox9aG-4#6gI2PK&7ZoYdDOGGNrX_d;5RG7W&t{a=znd7uw2vd=rfPD zFg3O^>+Nb(>IV342@2W($&8-YGMJ(U0}Q~1S&qR`Gdwz0B}e$1Bw1~M)x|yjSt$e0 zc@NF>Yg##r6!=!R>sCn-fEFZlESNX8v8HE6s`nI159-Xj9_YSq6fqzHG;rIi_d)U- zS`L*xTp<|*Y%oNg;eU>Wwz$I^ybW(KP`!vuE#OhXwE8$m+x1zyYUN-TRvmDfRZGuAe`m6gzVv>56@8_7Np2DotLgF?}WK4zW%&m;!BT z5pi)!PlR3LQeuUv$^!5=)0Ji({p0! z+VT4CwH##L;?q*l5NZ>EA@G0PVnaVtjT7}hb+ivY^0y~w;nOI(SzG-qc+C19i@X0P zF2`mpYUEb`uke!{9n^>YBMIa*b2ic^o$LAfXRoiO?l&@t?4oCntFQs$iJZQUgC8eD zzP{nNb6F;v;D2YeC_xJCJ1~ z;iqY!eG&=<=pH4CJILkXy5a9cZb`1t-54@wi`I4qJAXQfa@Ok(Z*W1R+(4Dgf~cl! zm*lReli$2Ar+o*GE_^*1h&x^j0)Pm>&}|tbHHigHbMtxQVbkm&B*h-tV(CDUN(7iv zQXDjTz0PNEXi?oetpaqu28mo|B6ieWZZCJp=7;cJ?9xND=WP{Og~Qr0sa~ch>;e#E zOb@82K7Y_beFMUDbiy{@UzTg9g^%el-uDJ}jS?g!DowOYH7nKTd7)9cET7X{ZFH_uz&MJF?cWml{qS!SETkERr7>`w_$g2H1fHo@myn z-eyblVB|iU80(^jf11<}E#cuxNINiNFhx zOfQC9SY{oQ^kJ+hX(UegdDT)_P)e1of%54b)zZ|em?Yw3D5d@cDvt9_Fe?72FMLGh zd-(?wTbfK5cOkZ|7)>p+NJJW}kLdOCynh0HD8rE6dC01XkZq_#HeL3^1_R8mTt27? z`lh)-CpO>zSw`4wimV|mq^Y#FKr@TOmM~*0tN#`|y-^!ufpMz~qsOA1|0!@Htgqg? ztr6<$Eq?zF%>Pi+DQa2~*%)H9?%2?oBG6lnKEww|W&qw))qGBJx?GJ_|b=ZytJ|0tIXTlzQq zWVSI>D5xLY63J867RRo(XG%*MOQ@~ZW&y2^NTTl6Z`@923&eiBdE`;sBVisE1rwt= zHA96Ysn~1$fYnNtnOeH%Cy>%i34bK5n{MEf2BtN=zEsZjXa_uvi^>9F&A=Y>K>R4f zC(IwT%L^qg>grklM*8HT$_NJgV5j8%n0;_=!D&Ch5BOKNE6Gd?j#^p}rO@$vY9viv zIusaqchsGcSPfe{j7OJ*=A`}6gRW$U7DXLl!9?ws5Tq<*6h*OypYU0L%74@+>>z;L zp;=q{#qbgJRl{?~y#;hEAWmKSA&tl83!WjIIxLScDFK{T;C}><>)jDqtSPwSS5jSSB#`&hB+AY*`TV97;*-bpDblpNniiqn$_b-WnO zHxh$;mJqB9uORj>pF`yt6?DCboIY#}dvP-#Kyzj5ePe?qzdN-GZ~Z4(8I+h}T|egK9d>h2vLsX&ci zGr4mzb8m*3tJZBUTPavmKfQ({f;@AVm4Pmepyy~4B2PU`TbIYWDP=n_*S-Xip8zus zPx^KlROG!#C{=oX=h`S;0U7ud38wn}`~Cn&TPQFvAa^1m3B#RWSWVEuLU>X#HAl%E zrI;%i^4L&x8S1aUp5+K)S$o0CoJ)`;k+}q268T8bcy@*+t3$;vDBjskV?_M@;Rm+{ z?g5Do3bDrjzySjQ0HFn!(EkA$x3c^J3<3eem%si2P91t%PJnNc)8!Dx(;NI3*AbV; zc7@twqZD-%bhNmaD*pkT1vGNBP|&x_{{cb*f5IRTgs(z4fb>sN8z9kA<248p^`WgP zSoQWot+iO<({5(JOlGn~pOrFP7{N%_-a$uU41vCiM%%4e+nvHRgFxQ2Y3qI4)xr$S z*^MawTn_4T8YBoFaVBJOd~&6wYAhD563B>j=3D1ZVQz;#Xe;*&XPBU#5hO=wH$iAr zGRlR*7fLl(kS#McO8iED^EsBn1kdtCKj{KU>?36WNqmF{kkm)2kPF^S(7Pl0e((ji zzXAgE9|=$TJgrRu003aOydnZ30e?|T!!Q(u-v$3e$$Oi0n_~-Y2P%7VAgrSJ7LvOy z*rXxJ?E3FbyRB9fAuqY-H=9WXWn5nYgi4@h&gRSysxLj?-7cQ{Q_{O$E%mHYESuZ)~Z`qqS* zE^)_f!O!C0J~=rUo2E&cX&)oxPx0I4Y1@w)OWo~?11d7XDYw9UZHsPx)1ImfkBZ#_ zE9U$r?0P3b+_z<2dr(wW7{B*}1qB}q&Tb>SC8+2K2&iC^2124Ci4f{wLg6DTwHX?; z1XR`sNefB3>W4WXM9P|ukSQw5OL@5<;A0WVRLB%dCs;+aNwe?Xvxr>wpS{1|`F+3h zednBe=g#cxIn_O%W;}DAGUwS6yVL&9_YEFxmvGPT`ND)O{~3E%FIemTt#NW#hpWqp zfX|0hiW5gT~%z6o@N&oit;Gi^4~ zHtXOgTO9K77oOO40s_?qwd>cfbL6OCm~37 z=ThZEC7wG;p|343(}&SH>*wvHp~oY|P@f`DsI`~fttOHxaDZxR6seprxd_}~U$oAg zuEeuN;Kiq-xd=SeE#1>wTb(%Wy{SAm@|C0lo_~t$O}1(Ox{&>0vhS}lCkrZ_ zvqpydPk~$(RuS|&hlLabA=^ZQ8-l^R>sLN4!;e^v5SIZBrT%JM7 zxS>*IOFAi47$>N_3g%T=+j3lxvs9I}Q|$HlY3emBR_0wyUWNf)*D`hHOcnkocP^6>jTAi@;SZh25rwoyH`lLuy zjgNTtHI5}Jcoj-;1lLjSZAdK_I!Ug9x%o|J2v)C(Q3y%d!AnIP*sIZj%Z%S9wI+lY{E$#$Mi^`iuzyAcdB{JFKa`1+vWZYZ}&3dq~e zz?(IH1GEV$cNK%D6sz9ZF`QkyhWB+I6roY%YUataANco$^jH?D;&~`HLRu^y2 z@>H04Ijzgy&yFr8@Hh7sGV)xZ zbLbss@!K8s_23T$WAR=+%z&T?tl!WJ)NhRkZn!|?tx1f$C6LQ~8Srf&&@qjHGy$xh z!GQPMR0XB!#;-w#MyfS_rqD1J(;7+D^9}=T0(c&b4owgVnh-{6n~2;V%D^oFaN!L2 zTqLkHQUI=~y$GIG+J%6Va$pqxN=;T@MOl#hB|=?G0Cz^i7}Q*%Z7q^xMDzyM3vKPO z7L>D;@^rpTf;p=#RDhnSIDxYN(n1+7Q_Slc3$njL=z!LOl7A$5>=lyR?&)>NBdSoK zzB?dhG-j`f=2M-EAGN?Z49}s7TVx`W#2)~24$`OuK zttb;2ENiBP8+gc~DHTv+ey@|hH)8Ttaw^aRh93q`+<2AJ8T^w))p(U+f{s{FK{Vy- q*+PT6|EQ4S2mDj~um#3r*)cM^-$J>27qBUqehm~hQNPd<;{FF@irwA- delta 58704 zcmb@tby!qy^e-wXARwZEbc#~a4H6Q9k`mJ0-CbK+8XOt~0VSjvIz^eO7(e+V7x#E5;ly!7O=;c_ZP%HVl%1$q1D8NI$_2#`27?Ap{gU0*h673Dd?c0wNo zm_(zsq|1?o9e7#tnd+1yqbFKQ%=qv+;?JU5+bsH~q%?OqWT;(uA>HYVTod17Gb?4S zO0E(X6lP7={&AS1!c>p4t&4Rr@^w4Yma$p#Ozg_o2iky03ROimo)ueY7L47Nd6XWWjZ|S!#7X5QnfbD+aiw)QA#c8HC$tvD zv9y|J+3Wp;K{Hp&k1?0~Cc5|5wsS7Oy4XG`_FK$^I%yp%KO#w1QP$Mt7rqg=_?es9 zW!a78iDgvt0v)~;Hy4m#vww48Dls7JAhc-Yc<4!dB}wTgf6Tf@0wkUhZ^5`=HW$~W z>uZ=|hwb0c3Efaq{V!Vb&AED(x0}OF0*z;M?hQ?g-F%IKAu?nP%UvnHz5{(`~%aLW;5}bAQ@ZH}#pZ?UL6l`^$GgHGN+WcJxHKTdeX; z*vCit(??>cf*8pp_l3npkbIgpd~*gm&QQcKZ-m<3NPxe&f#u9si4lHVQA-bu(15 zg1ATHM>dIjj;K=>2gCpedwQ@}KW|`{mkA30(eB5@?V_sPBJ4}Ni#OYH_a?$#5>12y z`1NiySV>*o(ezbQgTW6zIX}MrxI3Mu3U6X;XYg+Eio-)J;68INW$U=*6UM5M9|G)i zT)NkR&Op!cu{##hv zC4#?zO+{^=a9BDpV*sR?@=-;IOiHpV{qiH7lmIC1b&TH_tB$mt6)HW#yE3L z4F80grBU2~CP;?n29yl5EL@O$;#l9{jmSPq)I*mEkNQYJx)=FoEi2nYA1AG85290M zJk89oWL^TN5W4e$XR(-Uw`#?sZ7*x_i5-o{(F4D{u8aKqxM%VCN*U#-C!0;JI7W53 zp$1DgRFZM*ocPPAcaHTOUjM_;YaMTKMO~I3Hp@-m$VtoihVha$7ZBdFANzsBH$$8T zn62>LFUJY z9k=sj<<^(ip*J`l^lDw!^*|K$LMw5eiy7Q*G7|VvE6tjiX!D|JgV3}?s%7Wv)q0~xz~%QI}v!L=is@zn<=e+EepTY`5|-Ie92Y*pWgzdVq#yaS^t z6p@Jr1ytXNfiEqo!<6I=v8XR7nqR-?dJX?E@l%{ zql4U2U%}kH&Y_t4jwIq^pYI>7q?T?d`$_X?-L;X@_{pw>`(oQ4N5(f?iWQxgruo54 z?v3f)SJOZmo}ID}dWrqY!)xuv3CN`7?7B~V?-D65a$Zv|qNfY|$_1*AJV5sCygJNK zn25`v9)wR>_&?5r-N_Bh>7ww|yh*_K$oR$}C6cu^=}O%BEh75HyQif?B6(eLWt!g@ zl9K4VzRccu8Wfd7&yQWEKX-;DTCL7P+}m4o^FLpAzZ7^h zko3e6cQP@PD75!Ra?TGKQt6b`=a`%66cv3+wM$Yy+TY4$9`>=@tG&S`2kMpB{g12P zKx#rC@x4V??p$fZd+ETBoBIZq#2e4e7k7r5re@S^v~U*nyzYRtf+dYu`1a&s?Q!|2 zNRcsvdnkINus0IP;5Tco`)Ac?ZKE?a?Ao6W_iHAW>mK|(r1}m&yqT(*&lT|S_$RA)vBm4Oy%)}DQ-S@!UUce7A+ZJ+lehVi!9%;?^0 zI`?qKo^*+dl9*{9#}WL{b(|pRCcRb8`kupAHOPs3`>n-ipM|)e-S6gysL0&6ccc4J zH7IaCqG(Wpc8|nGN!p>bIn~(R9m%p119gw?g>0KqAU)fp)v1q~9_a=IW$o8n%om;X z1m51!%Q6qRMj}hGmeMgA75A=L0@k+D?^er8Mk0@U<9p4PX{JJtw;1lzPaItDzyZ~o|G?gcz|w;2FQSJ?G`5 zK3ketf9W%FG?n{{ffK=My>zNyC2yXShtl;tRs_#}& z+?ZC}_(R#gSYx~-79e=<%Oy#|liZxToVt*(chjv$`oDh49_plZ)yGSJg-rX1->yg}$77V91WP+_zoJobfY|s0EbnEk zMX{~&nntm)r}oC480t^^+#a4tUcueiE@`gD35oQ`Z!Y;87? z(o8pzsPL$|!saj8&##ZeDzzfUsZODft zh-0!eN5Tnj#T_$3-Qa})YhqffWWm&uuC2ah$=4#JIMD%vS`W5o`O|dAY=v521*k!U zU#O6tKkIplOrfJGOy-t6^y!X2?*mHoyqae-EtqpT*X5zaga&tlZ#)2~xCqb%8d`d$ zHm2$yq)lTjkFZ|FYQcqq0lp4_iVi`%4#BVv0lqF!eZp@| zeYUSLZhyQ$yo}74b5*Cb9f&+B+3m+YHTsT!GJ+(Nl48A?8JBY;50-av{+^l&DIt3Z z$T`}K{uS_8wbu65{pq2%D^DwOjOgNaI)a1m_`06b!)g?NWr3(+M!sU!1Ck zrBeTe`nZR$jPDQO{x2Wya?t)qvt&o3KiPrQ;gjSB{tr(d95;et>08VFrWWcJ=W^OV z1e$>U6Oct~pY-hPU~BW@I+T+_1Q}!FJhssV=i0TF*H`N+ zk%|i$cov%AYfZ^du)uRevSUHN&G&=Mo2EXKE;cpOdm&TuhKvcEi}))JJSk!6I)JCU zyJeqkpRSPi<>40gw6Jh&Fm~~!*Tp=S&%qj%&-qXND&TngK)2X-+J|Dg@$%xV(#WUo z%v9CK{p@n<{9us+(4A=szKlKJ8_~TyoIczIP7W5MZrb>a3VHq9KiJ*4bohCZP9e9G zejG9K3Gm^Ihvh^8K0o(&)}s1hQT>Or^Vo_a#Lv)(ggZ8Oy@lE+wwKc#@`0~)5iFy9 z*yFr}!X&oYjWmj!in2!eF(&uh9R^=iW%vgLou-rZ3X3_=xrB(>ceZ8lUY^wm_$o&O zsNY1|xMDnZX6k$drp}*hmuXXA?|d_9j6>%D)t<^2QZzL|W} zy~(Vj3#+D!SwH3IU*_%N4bm!6NLibv$)Vu_5gbEqx0>t3n?vbZmQsU?lR`OHT3p8|bg zil}l3u>vizU%9b~Iz~=lE)G|w9On)5uI^8G%(oOCT8O_jyZJ3X=`B4eai-MZYyN>d z@0mCpm8yBf<8tph6J}C9(=<`Zv2%INpg_GUE*4!rVNz*|z6QBPLv(Mj6Q{})^FIfk zl@sKdZ)j-IwB)99fNQvr+cdO{v==dv>AZdJi3nG3;_JE(8E04Cd|g~ad71q?G*1`M zQfd(5OLLE>HpqlIGb!I}i9NX{(uDc_Wc?eLn#j5ngMOSe@`U=tHf2O0(zpY zFyT=`dT4k_-Y*J41*P3;b$U1SKi+jlL|J00Oy+ZMQx+4^m3U`e2M5Dky1#{a<@F_#8Zccc8M{sxM|-45CKIPWik` z$;2~$+bN2_Dmd?oDoLYhU7G$&k5}BIxRfB=^g<9MdVZ{LyQ!mT4+R>KLdIK^Apipv zgo(izcyBzqFr^im=k9TN+askyf9FEc%euZ9k8w)hqbIv835$UwGFpE}M{OaKQ7slF ztZc-JAtfoZY!;sg-#8|$Oiuxy@v9Cr&&nj`YY@apE%qt%SHGv~C3K!}YkdY1W{AE* z{82Ng?M|Co2I{4M4Z3cu7Q4uV9`sZln2LP|2h1y*l|ujqBf-4{H*=+YH5vYB#j6S` z{q35lux!@if4Z*w8Z-|={^z>fN-k>V?514w%q?`em>E*^qX+1DC|P4Od1~^0>a3Ph zte7tCaV0k~fME^!Q0PNmZNI&Ty!w6|G!qImjA?!c#yx&~mVPiAURyt0+6gvV#@Z{H zyC0O6*V}K8cH%A_;`8m?_Ciy|>CkE&lZ~G(gviy`7 zcys(93=^dcj0{&Ypwy4!5pRW`%X?HF`s67iIzHtv<;sA@84MPe)8V72S0p6`3;Hi3nZbxi4-*;;)G4%QFt2j_nKW<+3HxZeF5&%bZ{l5ZsI?bcdY~ zUvfCrpNPwUDZ4Dsk=4+YPNMHu5dFV`ct(t&Uj4P3FL8%6QR~N7n{@vV%2+^aHSsM> zW1?Y(RAbO_v52FG5rOpQRoX-a?ttQZCg?4h1?sF>*8LO8+!cCl6EDJRn@i{{@w>m1 zaPq{-GJWq&^^a+7`K0yq0jBHQnov5BOd727_H;%H!&*-{8PFh@u&IL)Ib$W&yAiz^ zgz5hJJFKjjCb75S^kLOAMIG31_308<29wI;|aZO(hh~>gGA-w|+2EW^kGIZz3Rhtw<;BC?O1V*sJj@;v$ALoC&?t_3%JVe>=z*2{ZM;x zIG`VqYyiA7C>+_Z4V3SKl!5BC;b+w30dPy!OhUr|eT8Ah#25*9Cgpcq-KcM24wZtH zk7TVWA)D4IY5iW}(Ht(6NeBe!Q<-pMn&9Cir$oZ7pJoz9Tv@X{M+D7E4WVnJ(FZAr zX%YZx!BgXX7#br5kL0EJeB4!;qm~%%s{;bf-F`8FvJ+ZQ@wmZ$CbG%kmC;#lF0j5q zhlDj@*-UqqR+9~1TI=bcab$-WDB}jT#&EehOjOFoKHVv4EO005zDYaPwC3bJOh+rj z9J#*nm=7P;a#FVB%sT&;PC`Imja1!{w%z(j{COws6b!beCn2owFx$)n62ey$a6Gx8 zS&y9`RS@$6&oJYv#rH9;TC9cF+Cc}l7$jztsH4*8pdZo0r)+W}`a8bNVAQ>$j<6VbQ8n?U9YePOn+hZ(@A7pVKEY4VZG)IWi!9RN(x#kx01?H z2$yduIW~I=F33D^Bv(SK2&~xD3&>HjhUnVz_0_!YyyrvXu)yk(mE?B5ZL&_>`h)AL zUcCBZSH$X+V2j5>)Si0m7qKc7!mX|fcFfIrq;ojGX3N52yYX}5XV>L5=yUcFB#b=$ zrXq5ZYuAptuP*FjoU6!4KOxLK&jGhc+z8y3vIE!`eWIi78kv_Ua!`?eMaZciea*f&ss@dOsHx zV1f~{Op;HPdbM9~^`hO~-}e@w?KX-=hTpe!-$cvX&azFzY1i%qvg8ajCD*mxM$T5<7R zc;3_P{#S9t1(^Irw>d*ko!sM)w?Srq3u}8$9m*yiRFeFS-dS@tLX4ku;|dyqY(j+5 zv&d-06jBjLhkFlxZ}xb?)}^!Yu(a`xtawr`a0h-PzaGkW^pPz@@E;#Fs_D-eImK}m zXc*vE*MnE0y)8NoCPFXPx&9Iw^fq|(_%{4w$+w@}MIy4!jOIe{UwDk3&I#A+FbBkA zLondiMZtH8j>VgRgPto@@@sYl@ZKAdi-zZzjFs%_Ts|M)zMUYR8S-Du%Q_@n?Xq2L zw2!fK{?pzZa=*PU@NYQ$Q5Wpt2MbGBf9c(RyS!WB->~%QE%Bd-0vTP!ih-I$V{-Dt zwWwljvpMD8nHt15)OL~m&tL_U9v>3_8&ktl?}RBkPjdHL8pr(32}^dKlf&v z$K_p2TV3fQE(t#mT1=y>;&@;FVgc89*_K1Qk0_!`0Q@@%Hl4{RTz30P_De*>-?4Z^ z=-EcLg@vHXuYP*8Ei$g-xUS=X-TT!%^-8CZ$1do9g+|qN9?#5%jm^_O`j9v7Pr;3U z;1En39<5{ksTgqZ${?P}lk8~y#vd76l!2?IL!fiC3^;uevk2h?y?U!6HpukA+J)x zP$#cc_H%c0OAC*CrSw;#%6@1n$bWn5ikI5{B=zKP%8y#6%=kL{{yi@>BO6g@Dt}jq zZCR&Em|TtHHBBb@e*@|{dEutlNBK7)Z6F*1)RbU|rUE6V|Att#9}b3Ck|OA@1aT1{ z2hw&r(nS7=r0ih3gZY0IHU1kfTubg>kwe#P%)e#rieI~+EMUp7YNByw!0eJ0kb|!v1h0Z7){=s0@&8AK z`UC_@jsD6RToYs6ZU#vIOzdVw(#{tLkh;Jhw516}xyYs`f)`RW0CwPC{W}~haWk<0 z*ZiP9yXcOZypUvb-hYkIF8Tbz=R9)Ro{@p&CL)vMh+JC!E^_+a|Zc_YD$Tp)+|HBY!HR{BN zeqrqUux&>n} zkOLjAelfVhVH&+-QLIV55--@oiqe*f>`%{{sB%}vw;9i^Gw74%iA1gOEUQcgYt9Qj z43zAv4{7dzu{HWAr!EzPL}WubP?r#H0DdG`-K+;bynU}ZjN5{T;rPcw52M0}Z7`Rz zp`gn#4g4*YbGAYbv2&3EEs1mGfOPGEEK{r0(*a7Odt6Md9#3VZOHCADipB3$h1ZRUvp;1w^ET&lg!8xNI)>{+hxh9AdLyT}%nM}6ajwc_$#Jb}Wyx`S0L|R| znEV93)5na-sPpeLdl^>CGkYJce#z`*^bldB^2*Tg&&Ny?)ZHZ4I3Sq?AeI=vmY%U5MIeptF7u^L56Q+T(dl}c2A6Xrm zh8qobn+Nt>gztp6)#wKXpC>hye9pc{gl*1#U$Le9v&mLl^|PK-6*uoKlfjrq;S&2e z8g}oyXvC3?AuXIV^N+Y3PuOq65{KhHm{)pj?#6R}`vw~b<_3(*KbXi(3mP1Hh1U#r zudGQ9Z^`u3_T`Vqvc=M5(Q(P-n{CPvN#`ZO7?K|=tz~}W#FT&+)h3s2NE0@ZbRQ;_ z)Fz(&VyRbIZ)XAeTsqkd{oE)~G^5q*gUlm#8%2(s7uoj;*Pg?yPV0R>$n3ENeS;|k zFBy`8eszBUhMPh}vgWBIDi&S-jGc*6SRkH@p%M5nL#B?c@f$Bsz?f5T2(m)MdA}&$ z*9m?0VL0T{ZOGk(wi>F~nwIycpQhoI9U#KrFpDv))q^#-<1iocp@Cd=47i9 z!)G~(TJ!Yz!xA-R+8ivFobcJI5{IAWm_t^8eNI7vn_@&OMoas~>e-=$lVGMt#z_oi zHUhHHC;O{PS@vmZk*tGQhJs)TF<6y&!jHi^X?_}BYqP>>5Q-hGXFG%$?dJs1!;h%S zU~p?GJW$1bkn1*tSQhN$$}MX z$zpXGaceCtmo?6ZwCrFBk%YX)(r;EagzBsA za!oqk7x!Jf%|E!84<9SeYiZ?;3VR%k_t7aq?6Zlpw`Mt`hKa2|Cc#wglY>=;d-BZj zV{|CKa$-=+3z9h>%Mf{k&!mzhEh9w0upc?sGXuKt$A(g}5^)xZjqF3^CIqM``M`buy2SF~o*e<}M zw@QA!latI>xP4++1$Ej#sVb}~G!)P4OjN{DqT4eojQNnv7pMW0yHrMPLPLS2%E;0@ znk*$Q8Q&gjGDBssN%cOOrYf7PKeoiZ9~ zlPj}%lV4_o(8kNkNc$?9vQAd-=892iwhI-GoULm3w!#?UBvEix*Qa(9B=hFQC27qE z>jZeDc;g$ogDIp!4kt!xrwj~^f9as^};cR;cm&h*Hs!$z8N}|bRO$r z!N&17o@K}wvdgK#=@wxgUjUYQy_t~BirqvFq#JnTD@anxJ<#P%w$4AT=K?oJX**3; z6d14UBX(4Ej+{?xg=Q*c06a~atVG#1HcK$gHX}|beDjgO)~zSOEC7mT!YHS6>!?)IATFG7m>gTmx7$gvDb_Pw*Vx5{Or7%fJ4;od@ zTrLZ}?t;L}*;t{y?J3h{VYviux~R_A*7Fl3pIgXbrtr%6mH|QN_hXt z->IukWRGIh^WNKypu&mypPEOmXR17N|s zWZM$p1qa%UVr#A{ZZkY#R9+J#8)V!Psy|d>q87#2_`!5`eJEXNzC%{xjb)-}l8TW4 zsGTA6NJDiodz9JJn-1m`e)q^}aJJSgwHiLV$x#Dy;2Yut_oOz*;keO$RS-Dsb!@0w z965398z$O*DJHh-2jGl{+fSxN@&iTSt6IX}r4tAt<6 z@#ZVJieJ*f6o(Hg%`02sEc;2=vaynDNLR07DhyK$UmWgUS+AN>G_hVk$dHlF2vf;% z0>$f~SX^HtbY~KL*@?52$96U0S;ba$^4em-LXZo^z(`;3OeF(+g@YcrNl(j0iet@5 zBz#iB&xct9*{xe{g6$A3tcsAmJz?~q`roRYn^debza2<)fG8}&Z#ve5nnfUKVBEuj zHRgwXa7y2uhY6m4nJq96uf5s{F{|+RW`eBv*5=VxGvTrg`!{Xyy$NK0Alw3*gOL(n zRx~9G?L4gi3^0Lj?Y3^ulaP6g6jZ~7`lSkx<=wUEJUzAJPiMLk?il_6FC5?Butw@| z@4<2hkk6iAq=6ZZHNNemYytrt$O>gq9ACSCMR6Fm>2sv9$GEY~L z7rLDuw}{((Vs3i|JWmeV`B;q=^_nQ(hFwFu#R=K%oQP$b0ya2)T?Tjq-X1l$!>hy^ zbcQa^eAB;;I-k!Mihyz|M)(b?Kd!GPZvVHhiK&I`9f zQ6}}9&Ns^@t5jAw1p$U$`E4I|D|SW_l}2bQZZlv~L^MoIB1%@=H&Qe>%UG>l5UY=I z;4yUR2*3G;_BAH*1%9@?2fuE&uk9XW=oHUU{k~D}{KN;>58MTKFE+y<=<^AN&Tt2K zG$^vj;ej*-@4;S;t>6tDWEYqSzm9aVZr;cv+nXraafm4A_5dbOZ(Ab}erMmQb@$F4 z$+rR@UtOK+=TiPS@0w=wI9)&TFvkA<4ItDL|3BM!347i!3o$yajeA$$5wPHE-XQC> z)y;|z3Z%X4V|OrAJwX9@J^xPEohn+YAPz4rfYGoY0i_^mon_3$G8N{=028u;$Nrt} zepm)~h&{F`(T2l^4jPUGtVh$MWeVGFJ@u86aMMs8)m6qUtPHyfRXP}52Ojty>!pu1 z$MeO?h>w`tc#*A;`mnsKiXuq`{sL?Q7ojonQ$6tejH}3P(>yCRdKevV4gjhVHiIh< zgg_<{Wg=-EhrfT-IZ5DFy(=50#3;)kbm*s`7hMuNE}&X3`{)7$d>&VC0CLFsMtpfZtVtKMMX6pT2kn*n_M1 zK{%8Ws@PFPnm*5|C-=)<*>zzIO&HAPc56nMcbZIl&vZ$KD+I5 z0v2!;HDx-6@0d8c1a+gWsS9Z664RHCFo@v`HrHZnVmM3xJl&s?rMiVy*N)8-DrEJz zd&6X2fsSZ#K_{g8d7x@$QTc&X#-ojT#RaJks-fC>yH0qpFH+N+J6p?M*P-Q#w~#PU zHR%N8z^pqk5LqXbR3M{3e<(R110%FswAhpzLy1L-ZyAioy)r95;ZdKya9vY*^p&;N z#U{=)EZp$Du+_-K;nMjAPwS7cY^h@A>A2Fd39=+cLgo*fVZ+`^zI%AoN6odz>KJkl z-Q(Zi3ZPm?n> zS_!{JvzFbEH?{SS@4RZRvEkEbw;j%LV8C_=)&sK_iXs8DzMaZk zblksr6eD&6-NiecGHKc&l(Hr&6)hlS6p3|*U8F^p5{OzygL0{2BVp9ve#y=R<}PxT zJJeLo2pMn-4YFCxV{WQo?I5c_0*K=d^3~S$_U3q-LN=tZ>DCN7C@*#R# z9_3uPpUg}NrAXn`Q*`Ht6?Ej7PV`VI2}PTj`*Um01G(tGeQ=2WZ05oqRT$yY{y>{u z=TkF#WRS3V_4PB)_Y}}HO$BsJ>!Pl*5#nptWVn$aJBdV4T;l>{z}k`I`Doy!lvMh= z&@s1K&G~8PKhvwge>i{Xq~6P2+<4A@X|CHiX3bM9bg{OV zKyk4%yII%7BFR&H0RR?N6fBpA>8`Hn!c*SDQ39tQt%|0+)>-!VE~IRE2(0%kE`){p zf`NMe>0zE?px$HeWWME{uE4D^8y#WNpNj)Au9A{I&Q1&G12MW3WIyek7S@8Pm*q__ zd(LCd&xHHljZ6QS7Q*rfxR@M>nFcjl24dE-sCgtMFWj7f1$ppKFQ)~TzNq@N;&s>} z6Iz06qo{ME=#lE-Id=Mm{dn=wx$*R7(`SN)ri*b|K7boAMN81S#Ru>$Bp7r!ZL@EE zNn|Ih?=K##sT@x*^(^k?ZXn%T3udb`1&TeM?2AP3xxFoJO?22!I*#yo>#&WlYXBso~t|sH!Jl-gUZuQfs7ZZDT@R7~nbT z>KPi@0(LVRC(rhDf%B#0neNthvf-CM z-)l=>&DNO`NVDJ<8agYJ%t@99oIVn8u(^g2AnBXVW&EV*`*N=9bCF+vw)TBT$rcth zugltFz3PcRSZia_n7QNJVMb=M$57^ZKo>c z*g%H~5VDQ#tjQ?Z67@ADjbiIiMC5w;Hm~Y($+dexbSxeNYn$U;7YvPJ{TD)kSUw)Z zv+}cHCjU?IXiAe&2j-$%Zb1f<9IE;T2G^u(8R87q6d?8Y@P~XDecKKj$K{wIgrd zRmi0k0dO99=&1|3YnmSL*}}X{wa4M8)A2_|`S}=Vy8~*6br^ygZ z)l_Tt=oA4kkI^)(TjDbvOwFuYa^YUDhj?1~$*$A~5IJpNVbv;_*6sg=8s(9oQ-6OG z1`p}{!ta;UCWxmsIde&Gg(+w&={-b1$UMA75%Cpr8h|k0GH*IU2?{$n72G&#gabF_ zOhaa^Nr9{L`4qz7sC@bq%xWc^>&#eS_1GUHxXt6jNup^1n}L+r@)Sn2aSE65Uph%> zUcURBQMx4jc3@LD*UqfqQr?vF8tT2<5l=rkNpR@BnC(}?kTK;%g^N&{og^R#5k4ro zg?bNlqvpUf^!*Z-4qz`V^b;c(74|8=9*4%=WSqw#YOvCQ@2{jchns=E^` z+5FxaW9;O;8r6xWs~?%|?kDWnl#U7L=@eE9c&4f5SDX$R?lsRZS{$Lts}*zeFW0MC zKQ31D6j)YyyQkkd*31`dIh@UWnz>RMG8m~^$YiS4G~6XT{Q$T$j?B|+x!FVWMjU$Y zHWtkrf{2I7J*>f~xSe%vI6WqbBK{t`3(kgtOOHs2Wggg)N^_<>gX<+k{?_ws#{td7 z{EujL1mn%PV-R{2(wv@>^Zk0nZb<5xqi1$ztXTE_j04{|e`v6wGZa%vmvds(s)qyp zR<;Rd=EP6j-FMl`MECA3H4L8{uv<<^#)DF)R>F+YDQ37;Jew%AK|AwlfQe_F zxHRlqZ8sz#>7hn4>I>7f`aU@LD~Y{@IFpe0Y^2y^T3ar-lXoKm?xpIW;kBWq&itQOZ`{sT!sNb z>3HrjqgpTMXykP`RiN;$cquMu8-f9dj0AV09MqPAalRw@auZ9KemAnL?j2ZoClIKC z=Lb1kGS~PxJbLYi5@x(u^#$tyGo8$JTZ%4q&<3;BY}k(2&3F_}y)8;mwuSYsQotQc zJ>w?^hvg(A4Z&ba2Ur+?W&&!?vpV0Agvo+t&TXNx)QbJ7caPf4hPNAh6A}?ZVrXgw zSo{tFcLW^*!mO z7=~^f8emO2Y{zmr`8)P@EgvTE$S+UiISLhJc)IuQ5cAWi$m_)FRN{HnR1Li|s5+5v zlI<_lX)A8Zdyp*q0M6dEZ*caC`G+h-n1`6)c4jn-?|v&6hY~II>)m&^)yNzbcQD%q zF23Z$e$#g_@FY40jB?|k!0^vlTdXJzdU$PhM zki7z4@Y8{tJ%=vvE~vi0o4m0BFO$u4YR+Hvj+HR0tU{3BQN%CGJ82VVi~?8eZsSC- zJJ9^aJ4i#gr0yrQdu!$|Y7MbWtckD(K6BDdmcjwTFl$rw&spY8B0h-h$W@AC!rnQx z6Za6y`Y+xZEhy!ro9c{*;%AGjL~^WnKH@veYy7-lv8e{ZTzzW=r?OL77*D}N4L4gbh6t00DH2B0*FvaW zLBu(aM_X+xKswd)(Dirfv_Wmjef&+1*j|~>RB3^}r%3RAh_TGif^5FVW5GNXjF81{ z@?^==HSnnQ-tiV)ap{?|fit(e{naM$ecjs(?s2M|Xqv>$e+Mcj8Q}0~1xZG@Kyv_J5!TF@9b)(RL&$#!GIaiZ-vy}#<{fw}x zlzYj=tXo_^#0a*;5HpUgeTLtI1J1%LA*Y=>PU&(0*$<}j^%AYek#I>jX zv;`R{Xk$Qx#`2=$!S2#Zs;6^rFqaeBGHFr9BY0_xb!)=rfnb{#rMlW;s&HNeBbF=3 zPPxidF8CInN(b9`MdT{XEu*W|EL6A)QUe-d1pePF?Rxzy$~I~L(M+&{YkC56@HqhB z_NTbPsOc*1E#OSRk3i=k2mmfS{?S&FVK|XNW}uma+=8z{+PY)!O!y8#Fz1)ZtwjUe z5qszxkzDS@?jR=Einr@?|Bxve6(ljiAYw@11e?YLI|d;1uq@$&<61C)Qi0g;{)pbGE}L4yU)3j(r%^GXIEzsJK14NL#4JLs=B1(?a>QTR&#VMG9C4}UE{ zw9m+4IKY*xspoe`Py7FLG({FMu+uWh!ABYJj3;gXO!0JhKe+37awk2pvVD&-5Zn9Q zgwyiZkpFp%64*onQWHLEpfwb}^F^#puukCAu^9FW1jOKr9?rFYiM7S@Tcjx?UA{kc z4Yb%||1BdyL&TUINcf9L@x;w)Cqip8*>k+5?ITn1z3 zCfhxRMA!hhT>d<@I7%5P7@&RHMKpZLzG?Vr6DxjE&u$phfX7}rHoi5|-^0RNoS_Ns zY0Dob&WEdON5Vf@DFk)IU4iX@r%ssf)1nsN@14|4*1z6dc@N=VX|^F!hxY?Z$j7!$N~I>j3&CvE-3eoIsFRQKfp_+?Nw(B+Vwym7g{-+ES$|ED1IpnKG<%x-=3>qIIC*_CO0p5q3lz-^j<={k*; zR&*rmjnzp@bRIgkgnK7rL#JcJ%yKu)tW>vjEqOgp=cXJdn`x${>Y;_Ra{;f0T@HpT zgTio;J;sMT#}S$~s$2S&)x1=-VG&b~0#x;z*1~sKsp=aFO+lO=wyImU@Tc#ZwHu<~ zDbi5AYte3K0T6Kbt_S#42)KzM&j|#agQ~3q!k|mLp$nnJ?RvnCP&%0yIt7&)gI`Iw z9!MZW{F6hEClPkes#|8#)gmF!Z~g#}&IpK6?S>o#gr~M@(?|u}QS#8xmJ28Y0$$lT zADn8#^=2YRhQ^2BDAmi(2R;bBO%Lq`eT40)j_Q^g0?t^wf#WKLnW>Q>&tZhcsq;bh zl?9;PV2QAJtfy+L3Ad;fmQ9Oun?_VQVr@0T5{rQLhEq|#YY`Wqm3pVYwrHw$*v?+` z$yTk$7DB6MZB@_$-V1c3$u+PoaD(#V{HkIuxPDX7R1-q~dfkb3DMHj-G}Vj{Vb*zI zYQozoxW0PSh7jS_dEg>M+MuW%AtLcq4?`uObRz@C&+Bh^uh(uG3Kz_d%O;FiyWg4` z*^UcdbgFw^Fspextt`ma?wkA1DJS>6CWwmjw{|Ws7I}W17PP|c)xvFe(a4c)EUDEK z1C}3ws#}4Uyy=R!Zx`k4np6kv(J#)-c!y6HYqtE1b+EG&jH_zlN|mQaLj#zOe6F4Y zGsTNjcSh`lK9G`X$uE-GV=XIv{Ujn?@3E};8A}Qj+OG+M!YxBmQjXSqo>s2ZrYL(j z*7RdUPS!iCleS=a#E+UfAP=I6KWERkwWMq)DpT^n-M*PTC{t-JW07jwmig@f5`fyg&Z+9{yVJ;*#yI zk~tuhI`XSJ5K7d=Q`870NWBLHR64rT|FC%K;fS5ND5n{OWxfZ(98;L}<{-eVpH{a` zshX3DnDc7_u!F}e`x^D_uCYL%G;XFyz88`F>^D&7(J!3|bI)HAreBi%+Jq~khE32Y z4A|NeBsMYNm8VUW??~aC<%_wQ?@HO+l8@7BKx#LRThBOmC4tP}te-^H zsS1Ff8YWQz#4*!zY$m%FtKJ43;_Gr%=OSeu}jtAV$E%4pU<&_2L?K-O5BW}!r*bF_V z7~UpJb*ct}ibblth-`~=9_zI5FpL&mERDa@Yz)sqF!Hpb9&5sZ&k@c}P5B{Io0@<< zdgGaQnp3Em)qW(gyu62&?j+TVIK4Ts{{Hf{R|<DRtC#D3u3sj-D=F)prkdNNv00J`ch}5ZT9R3XCTNT_ryeI$vh{Wwt zu2#w}JUaL$VY0nmrS%yk^yDr#@V}A$--;Bpnz5v0;DP^aXk1?Imt5V?{nFf=BXj+^ zCfrTKCiiwN+_PQ#*6&l_uM=>`Zsd<}`p;?k&uQ!TsejD|#Djan4LSv`=-_#?`nuaM zid3T=@3t_U4cWc(3+p;L*{gDO)t#F3scAT2xpwW^;xR$vXwh_B*~(TSnoL zkGdI+)8efjyL^t3b7P;|X{sm}p`R^NmFA^GQ9x~Ay7N%VfQMG{L+K+ZzdsogiY7g} zJ`z+bAOsmmSf3qzw2YF?KwnqA{x!Oyr^|xRA^HQkapC?dA!Yt5Zzglu7bWK&!Gx-{ zC*}Jt^@^k{>1qsAmOblaB2>6yZRR&;f4md+5Hp_$9-QWw2)-5eoWBnz?b(fIx1J$C z!+3`J?Dn(L2Wovn1W&q=FM9c^Nmr7W*fxfu``=~X6=7;o5B&1NJ|yYQlh!?%hm$Y7 zlsdU%hwS&TjGaqcbMMsV2KMV+41MRm5Nu$%28j;7!0;>cY^MY(gN6yOOv1Y=@UJzh zUh5$P#%l{dBAwbpUC=DoGC$^PrOP)B@EQ6&-K^v12S`H6!)`mbDRgnhOgP z&lL*CD4SGYvJ`L}{!pKYVI0XucehkzA3h4coDpbTVA!zq>Ez;ZT{)-Pc}zs5NXaf? z9{|@{Z?G(Evz3_I42j4ro=1BMq{Z+Qu%*aR>I3>Q{ zp?v>I3c2zzO{@s7nO_{q5n1c z#gjS`QKSu<5R_LUbt(5>uGKs{=&lij9ENRS;QI{}M1k4cVIg>d9&wBecnr=Zo9SDu z)WnF(2EBg&I{Xe1HM__IF{99qTQPk1F~#Fw7u->&E)y{d>$n{wct4o?Zc$sdG zRgqNDN1LI0ugY#dJdC5t2%x0-VDO3~GqpdRi-r`%fhP941G`21zNxHb&Nx3AN-9wd zuJ2xw(y78l0m`D2x9M}fm@Sq9I<$3DSw3u^-XI5$M(77pyAjvHpRd$UQ*dj7bKE(N zZUvD&TM^oDLHlxUeTo7pjy^-NnUZ(E4lRj^LnaXImXt<$mfwVZovnORavWW)>g~DJ z+yF!?mI8orXU#`#tg(4{XmMvPD;?W4)#L7&l%Ki_G&EG7AK98(OEis-x*Q!JM2%6n zo{q5c)!_D+RD`X0gZQfxC;JsS=O5r?QW6_b;?Gew zvdl+cmZ9ID4rorbcbS|xGKi<*EA6NfQK7-N7J86XOH|r%sI(wf%g@;pEaPkzk3G8D zFF@filyN`Rl($q(2mdRCGL8sfNf^Wx7gc`qbCC{o#{(W_3zOI^)M4yUH%rd zy1Vu+HibKc@&BRhD+A)#mUV*%4;mbT69NQx3zESJ1h?Sst`i_ga35R;cL;7FL4$kn zAVGt>zZppO-shbA?mO?#On3EKRrOVURja#cdW3DB_tOUl5(EeE1n;fhddZl&i&bf@ zhWD+y#~vRVNQ!cFh`i_!^`eV!UXpK-Sg4mx=ayn&F~JoVL+f}&(&4JqOWX=;8_mre zyB+`t_A?9iRS)*(I+uU$PHq$XuTrQ`jF^6CPXJAC3T2tnT{HN@U$((9wP~@t@kGGF zoh_BSUhx=eiBW2?D(csVA1!)A7oJ+~=Evmgj(gJ9QAjCK%dt_*I8bL4Bs81pX2>tp zr2R_uH$we~{92N;#2AxGDu&WL=9xwe)rEM?s>CzmTib}5VuXK6-6ZaaBDxbM{HUd( zIeMdByzY(m%GPYown6VUEVP&|0)&920*$01R&gel@pdeD$oSv(VN3jN3BR0P`Rjpt zvSuyq-?rl2vSSAl$bnIh{>7A9%dNo_)-S$)KsyL2WA{2$H-kq-f3W}C{4iR#p(WNo zq2li)Phu}>g7lcIm{R|?Pi}jC@ci~49Xu{((e?|)lkPjbFV&VHPZ$)DyUU&iNR2i< z)F?`lB`lC2z&79*Ry+is6~M-@s3uB~bd|;YWzOZylb`TYdKb-AP^5yw#-?TXrPvgD z6=5<@W2$g!Uxa)A=3=t4f`V405DB6ON(+J>d%pKx&{5@vuAUFQqfm>=m`z5T(Nx|1 z$Nryw)jSp|!?DscmBXeO-Xl1zU9aGyJ;SN$NOOTV^reaXG4R3gF|fVwS4B`LXrfR6 zr8pqzVW_2XKXqtwus2$gqz$AFb`8LtOX)BDl|rdIy5iW1ag&v7 zV*Q$2pO?g#(#ETPOi?n9_fjsh#tXja3?Bota;~MzGpOH0c)7Ha5TA&huQ;hZF4a;P zYeuq)c@!<8L_ruu0)PR-E5Q^x8*sd8;wEzEnUc|s^G5~U)x)YhsbSkQ5sqodheCM;8SKGWQS>PPUZsO&XWAW2 zD@^Q<)H8V3vb49=vuRSWKp70bm$;A0UwJ%2!DC2%m3`eTsZ4ASLl9C>cg9JvSf)K9 z8-%3%t|+QX&aIDXa-5|YIXd*k$&YxyiD=4VGcoaxa%Vl*3KNq*B^GRn{LWkinIonY zDC48>UUt*c8@!6--Q<0S@&gv~7vQHCZ*&l=x>!iqNCWWDX{_eD2ie+MnI($6Zo&jqM#H#O`OVBfE!VrT`EgJ(`LAk;Mc|f1math8~=(sG*gVVZ#}5yM1Q8$ar#^J{~%Nso2`N z($V(m`hh@RN$+vvov8Uf$KD~E4$7_k=+_T;sT_z?S;M?5MXarMVT!xU60;`Ca11pSf>Xdw=^d+O@0mWv` zF7&D=@36TO0Y`EXLO(ij>=n+Dd{BHi(wvXA7%sx!{qjoMmvuoEGLSTJlTgHK? zdiW$5hRyMb;m`tNix)R1fk7WPSn(X}p&HB?6(veKXi3o_*|>n67Rzk#l~UyMBSGbk zaN&2XQ8edpu4sNp&L8|m=O`=W$_fJgB~rKV#!Ab}GdXvI1zWmsIl4%rvwDTnGns9E zI>!OMqcRz70_2dwBjLU0DP@;6m8t1};qUYZ@qjq={31rdXUb2mhK7XyKIe^#)3Wsw zc@l7kGEGiVp{A`Zd`~yTyggHirLtIx4-!~+>2z5#03NXC&N%NPw6Oq zJ-%KSrx6$Xx5#6qZ^c5ciS|XWfL#qkVZW+NLXN0`z~bmQ?^&DV6FuN^bN^wek!nyi zea{wy!bxJ(iGWEDac)N);Jfa-h3wD$ab}s~LhN{il-N{kuc$?h!g|E9Mm*$*N1e&3 z9AqNTOT=}rzW4pzF95lVr%XxQp&Lc{x=t&GGRjke^bt~iOP+kpwhgf~9JVzwdp^W~!)8#Q(*i>TT! zUl$f=2P0O2Vm)kBTywfj`Iu_k=M(dC zmz_O61;x$^jL8O0yYo0QFGn+KZCS$IfmdP#-eUoy#ZwvI)UC_pWzr!}2$89#2PMIV zB1rBAIG?MorOG%k(u~9&vq=%s;%K}EhxE__DV@b@vCJu}LVJWLgMvw@9FlRCpD!p^ zQRJe=G*TG$H1054nDNu%m+gPe{HpG&A%vO?&kI9y7SEX({4USWq<%k$Yxv1Ynuo*r zH3mHSCj^rA>oi0MrNwC&c}f4Tr1pRe9wUPF3k z^IbU1{5I`PH z=Qr#lo|Wc0YDtGMzS{#EMG!?pflR?DGMZr56=POr`DJGhlY2Yy*5YBl;<5 zalW2bW&f66YfA_b&PW#9mGmDIN+=eq;doG z0)D~8t@sg8Yjjqhc(qc+jq4Ub3b)le%O*Z8DRdz^G7|avs2p+nncNZm;L6MTRN)#K z|0LPIg%xF0?Fnmt^PuMXD(^fRat$A$)6u#qy^c>TV;^HL`&{Epq&%K;tn?b_N5v_N z^X9c%V2p(jYxtHwTdxsm0|xr00}2^v2A!ldgT;eCVQo^3N`Qj^eHUsygBK2AeGv;q7K^smb%j6o5v!ZOSpYv9B!5^gYO=&a zsS{KQ0U(ova4}qLfiY-!f7CRAjf!GDz($2i8F5xBL{Tw0(qc->MI4kgQRnOoz8&3Q zcBeJ}i#juJM~Xh@t0^5k1siam7R$GFBa(wX%9 zO0cXuQpmUxkG~v#<|jhlI@e?dXh+c{`agkp|8SA>qAr8!=AiBpu6nSB8wN#9gN?}% z!sq}rXwE?7jgZS@<~luCAT^i!6I@C>*birx2+@_&!YFw1=1o_8=zeY{K9_jgt7ZZ@ z{8AS3nriME@fsd2UX|PLQ3v~9yK|k6KSegp|CSE^^&z!TL0M-3_2%>viT4U$wD7V! zLz_5vNcEUM#}5_%}J9 zLa9F%uZqVHN9vf%0(@C?%wI|Cs3l{^?6(^sF!;u&VJVT+*9{ad!4uesE+7VK#b6WI zNJwYqb20?jtPm@~Zj#$bA-mt)WA_{Yf&ZBA1S5i9?HTH$pi>)#=-v;~T_IkQO83WhVA1>8# zjbq|9NOTAF25AgZc`vE>&5y=${CK-Z1(3y#6m-%T$Ch_aFj?1At~3@rFQib?p3>#G zGqo?jELTb|N(^Sm;9U#gIwwMs{;%Agm=f=v{7eP$|hoi zgQT~C2|d_Ws?5q907&&$jx3AWbsh z3F_(o{+GT?=-Ie?AEEVD{zylUWMJcwbo+}#eKIN#g_yuwEs#6p6nZBO7V(wrUXxQo zU9m~UjWG^$b{~JdbPr0RF<M$6TF!b~sls zG8f;^S7SjPdpyekY%#-a?PSA^_70_LA_C`&9wrG!(L})mP^jUmU}NAk;27Rpy|?oH z_5PPH$$OIg4%HfR;?ExugZDEWT*(WC5Mmu5Adn@tzE!Dx;FdZNq@sJ~a4w4}jof{v zt@Evbf_pf3qJsK_;4C^Si}_~@wMw+)$ELtfw0StAiDeW|wFgf&xxlNNqX`AMkHf&E z2d=5aQl3g|5u?6QuwQwV5I|>>=1qz_Fgrx&M-{Gzeh1T^q`G#A;|~fTS7%@mHVQ@x z-YCu}*dD|l{2q)RvL2Wod+AHc*)z{Gr0R<~L>Sb;#$0?($Qwg4X`m0H5>!(z=)u9< z#QH520J|n?+nj*ky*x5A5@m_i!dt7dim7hK15fjTb3;}eTfH~hS-1O`w_j!E*Cs-5 zP+h?df;THZo4R=#>4B{-<*scW$UZ+`%}&VdTY7?vhixHqoG(k!bz0=xs#!$6FMs*i zitU(hVA49>u-%NPJXZtGWI)C!TveAkaV}IBE`Py?p96GCRoh;K!@|nB$KGDK!~BYM zyXFT1*Vltik996?ev!5D*U7Cmjom3zo?LIyJJ;Gq9@)62?qMAFF|)S{4rXvCUEW}> zvdj*z>+1T_vzUl?}T;1I5rr7R|HF&q=doGUarB^E~j?Y5w@$>eK1v8Vc@-_+f zj16rail$f3`a9W2t^Ycu5F>dIyWRm0Hw8@VkQzSvL%(>*I^U?e0TcI_1zqzUR_olW z<5!yW)~|vt*nX1Jxh5`^?caj?oiOKi^}CwBTydGSBJG~J5!zjC7Ea&TvNE5$CG7`% z{Sg=m!qVeGE30oVIlmL`N3m_|{At|z6vLm9nT4^{jzHVqUE=^U?xe1nzvTRjzFp@K zHprzMyoEYe#Yx*gBH6=&M#~Q&KZe;8ALu;^scIRq^Ini2Sy z{H}$S(WV}_oZl8+re~|_Hk+67dm`x`edBMRT$^(?pguut&Rx_XS1(5}?n3v48UEU| zW`|mVy6ekG_Is>=UFX+(i2Wf*Wo}UTt>GF6pRbnnp)uex>4e*(&x3k93zUV%iM*@C zZJD%_gHd;8 zVzFE?PBuAEG|Q9sZ5@(JYx6#VNM@iCRr0>=GVWz#{sk@b@6np4%OX5cny0YsH@>)s zq$OTK2Cd*MV05Di3;qYVLd#P>QJyHs4$=M2mxmoP=nhxPVkODm;T}=(V%B$-&6`4o zbAI*Ph+KD&Lio;};yH*THCdDEYBB54OLH@D!T_QhJ-jRtQK4})92p91Y@p;;@&LXY zJ({e?BEbGfJDJ;ym8NUPFO+Wd*s?$(c{!bG4Ft?iKPfRP=K&K!0bF!i^ziZd$J;+D zJN7OkGw%G}invugAq#mNy8w(#xY7~gRQ)2xsy{jmU`ol|SHE<<89x{DyjVPeJMgYu z{^H-Vua4-}f^~;b*t7qRT>zJew&m`C1-aSF;#Xjh-&b%}bR)4ozW^>7#10T*=xV7_ zcK?z)1yuU@;GLL20;;ZUN1tk#TLl#v3U=(m-FO0qt`KK!hnT*>y-mRb#mq!VTKY_s z1#q83o%QBwTF!dM3PHbHJ&lhU5Gu7t%%Cgq{b{6eAP6X-PJk&9CiS(jun9}G%dmIp zM0uqN3n3gyW~CB%yzfEvHreoE3F1Acmi>MbbL+wvlopy`C7(sl}sh+0jQ|c`Cm-Uz}p!b(0!T^(L>-)d>MgfWbTC&b} zicq#52yS<4aD^zoaTG-3(F_1O07wzLz^#O+@f|w9uZ_|wN`la6)XoAj>3sT2HX56` znNitvKnBY{b$Rqa5)BojSJfk-?+KW1ka225c+ne#eqkOKLLZ#WO(D;uXSE@g==fnTR&6)elz48`YFk02W3n3P(rhms; zlZ)60V&$GE|0AmPdsOES0KOKQK-j_6b02Z=uH^a0ZfJbGsf?onGCUp}-?I6T;q^iW zj|DRZy$YITXzBbh*J$#f=pl*%@uIXX)=tl%R4_{Lt`bdupaM$|hz}ly1bB}<7X9$; zgM+#T$VhCiRCL6vg}*cYzir-o^=AOI-rb>gp!NRSj0Ge=`S*m=JWV?jcD8-*u}-QO zFPiSU05{Qsyww796; zo}3KwXEUobFFek`=ZAv2(@{or|AXgmLyaa!S2^jB*xa2@Qz$?f4ym>)E3O`82%E1Y zzfmYWY(6k19e5v&Ef&BZDU>q*iUP{P|G|zXS6k>-!`p+y+=Pedr6xBHnfOEFecuP} zBlxcY+Lio%?-3+35boSt0sarcItz~zP5&!yT)$HR3GZH=N6|X8kRilPFV6SCfYc;J zJaixIdp8dqqy7^A8w}{Ie<(Flf$+Ze4G{9hLDDm4s>an*bf59vYDQw{LCDGj6jl8r zz4a@xiccM`$amvGT#F`U@gt@DL==(DJGhRlV<3HIPI$zCGBo zv;wg_h9LqLL%4MoK8M7|w#Zwo8$ z?L(Mk3904#;6QpVR}T;pvilUrqgOpJA6mKhaRiq^q74lgbZrtI_&XkSe5xn9CD3I7 z5|6@&zlKa#LS2HioDwJ{mD$VxPKoYN*>7Dv&FMPR6c4E5L{%~W7=tnkA_Yw$!cf3L z5P=})@q`Re(|;U;lq44}V;B+yXmt>S_8-Ggf?h)Y z;SvGrq7~>FGGssXG2~wn?=w*eihvFnd<=t(c;7p^Ky6UL9b^RVy#`^V>4%nEb-~+{ zmktVg3`71Ob4efOBK{dVO_B1uO<>FLM1h8pVQ`5c3)ac6uKOVmrtcAmQBiS%{2#+m z{ku*?KDB#FLq4I54tL_}DSKeFBpb8(N0mh07Ck z?Duse^I}N^g7d){^zi=e-!4KMrP6A&LQ^ zACy=mR#9Tm>gWLsJUA67DQWSS|4QuNLE-2y?4T<&7-W8E>z-)Nw$`P)xKzyc(BkQH3{H?8NsQ`kP#t<7o|qB~T~0a>xR zxq2QdsDZelQuKZfgxH6FMnLEXa(DtmMFK_L{4n6gI%g`w=j#06sOcq z3w1Q7wC4@;qeq0H_m}^5JyA4y5&S$nfWi>AKrh$=N9bON)fkUFy)?62I2Z6N8M_*$k$&(!&@c1Ry{5qoW&p+V?03{{t4W!wnrAxS< z7urj`qaEm_wvon5IyR6-RpLUCGnbO4Qr0w=qV9TA39d;nSd1zOx9zb{_(VgqZL|yM z-Lg>te3|*_Yv*?SOAR=+aP;~ZwXRqU<|howBL1h(r*MxRg+U)tBdn{IfKi79>NO2V z9fb9e^O5LjOc}nOFD$z%`PD~lk;0M_PG~B5_C}ZQqUHw~yS#V5Knmf6=@j>RwhvHQ zTyt@bskn1nLDf~oJG$SaN&{Qv`Km^4$BVe_pONy*mXu#!vXx62spcHBN&6*HNn!Oq z(V&c>s(J;vogChS7|lelF22u6w7zOGf5f7d1J6gqBIFH&97l8Y4~>y!xt;f(BFCQVCme zCMpIqmx;mLco!g*awSM(UwQz?U>;76)cbP_(O1gxlT=DmNnwoPn!?$>n*y~+S@ZBa zKT}7+Po+_A+V!bFrU_~`_BxZ&v4MQ;`krgYQ8%z4CMlRG_~bzA_jT=3Fz?`C@IaJu zFbZlK*sF11>T56-1A?oGtd#i{og9GSAUEX2)Ilyo67DevRji+bqeYz5@VVcMr~T$q zG`Z~^YDNv|z(!66XK!;c=>`^SDTeyz{L4;kO=riBITtti$LMuEaxk9}5FE2h%>3%Y zm0`T#fDW_jFGz8D0&vGx?c z9x8X8?QYU*y&XCuZ@crpyCMhP9j@eV)Ex-V0x`$pzSiAc4n1wW`gx~1%L4f^4)Qyc zHt)O39dfbho3_$DA>bt+vmn9KyY2a}r@J8iFK51Y7w(>IH^;jf8Nw}BTOsNF*+?3n z*h9&T-#mb(-gXvafFWZyWW4WLASV|AC)1KTh@jBAd!~Dng;3cwYe ztfAvun$>_7$lKtTESy^^!LLvJkZi7t(A8}1ejrv9Dec+)kgO;gwR93we_Kj6G5fTh z^+oYQ@fnMqzq(4{8LeFo${k2fDd55JadAt`c9}?SwKm>sH+hlIVm4iuCPX0uw4!ZN06=ttQrJ zRl_|HlylbJ*xHy_M`>! z?bICh=L5W5L(L4as0JXMTD00)NQJ*SezT)x$qd-hrVF{fF-|OWKIw8$J-d8|n`k)} z)MnljvXnLC*v?^c1AI=J_l~IA;0@*_fDc{s&53SC#$16n0kbXWP4VLLJCeGUc0k#i z4CRCae%(Hs-IHk}!lo6-eO=8Qmw=~cM0H=6oE8>NG|SD2>U}1@!bM!$lZd$$2$CGh@d0*I76bIM_H;%vBu?E6 zG=x@5CW!4T5;6ysE8kSBQ1P)^aFL&Mzi-$`y9$ff2vz;~ja5y*OtwWYx5gCnx#4TI zRq`?N2|xKRzlCDZfz|j%@z>Cra^jk*Z< zM)i9~7+4-;+Y)E|IAToAL%C$6ZhoU^+&VAQOY8WQ4ndWaVkyjhTR|kip`LByL9G&q#7@3bcW(Y6+(q>_d10x?Y)W0O{)UnG#ds1$@fGTUHCGE(v7DR&MZ7}psoWj z7$|ZpPj^&-Yc3KC(XgmR6r8Il<`hg||KmwX;5KR(#b>W}9P`&G;hp7nB#FzboG5b;p%>ed<)0lbq(0%&s=oFz*!ncr_mhDMr2Z#yVC+AflextS>*go%j~5-Z$BBye-Vwu`XaD;cs8gL@=$^LMhfbY z_?=C8D-UM~nVQ9~Upmp;FRmRoTyhXsVNO`7eZf&^F=8kHWM005Km?1yC{(cDcoZYp z_fr(csF>gTWAT~jFG<(>Svf=+D&)uJUx3DnsH+F6PwxQ}$-i>8E0kSp~&XeHB!O<`0 zyu7Xekd6g;Mks>^n3{hnCff2SS_N#&2{nT&E^JjSPl+_%9R+!+?>>7ps~a7}C^BH|)w0Tbs1 zAfH`Jo{=97<-)+mKEao#Gi_7c^It&m&0%;zjvw~G68C4i6VfU>`Nr-m`qX=0{Tq+@ z>>?85qLh>*zeyn!Qj^jhN+K2yf>8@8C%}w_&uYLCgt?TINdZ~WR$E)6jgs~u`zSfPe zduewmIcnjfYPh=|wu+#wM`r&wKHxn-xQH}<$F6@x_}=g+=>3>WU_hWm=!N;DTzm^- ztofP+X4i8gY@_6E)!o@K0qzfaqa}NHCHsl(M*!XAiHrTuyar0Iq@@TM=@K_gge>5Yx3Oj5!0{M9B?Y3*;zt-B77#`T0SAUk4};-yP74uJ`dNGGuwb6 z(%z1_i?@jDvz)!9l3{0WvR;{LAL@jEi%o{fuel_4T>xGot&S9WA&oOQodZmmA`DKd zWq-l(LbG3io$QCbG24LlPP=-5te@=BcO_5HWF5o7Tn+0hpMci+BS0U}-$#oih4poR z05v!+F4{p!^tn{`$7>El<)PGrS49BMO=$}NQz6v}_}PHu)l@~AewO}-flu;5PXHtw zTr*9-!?8OxJNC=NjCr6w)DM65$by1pfQQR4!Yy^>M5<|Xng3ZXI4mv}MM;WJel?$P z)_E=LsggvIlp0V;%tDH^kPaQ9t155@4HZ2U|7fgaRtb{LF)Js7aFrhF9*#)4Vupc~ zizioVdn}EUAQ^TW$4vIqW}=>^(c!c)`>HS-S!n+SV%XS^7W9b_IdBo_R4?D z9n3or*=*BA!um8O3iyvQ8w-;Y{C5^|5X;GZ{X;^@r(^NGhSek89IDS^DMp)5`ICgb za}TQG8cNICh^jMaJ<;Q%n+>aP8=tNROCdAR7=u&aMoEv_Q?d+{@WnF!lZ7a-U(?ZM z34u@&LO56|sYW|$^!33H=i%I@yd(i&AB{$9|(P;`(r3y;}~|T@oBvYiybw~z-6J}AXY54lJqwKZy`lI zm}*n}-$F_>YIO|zhYIjB(nt&GzV0VpmJE5s+*~QO3W}h2Esym4^#wY)R^ z-V-$1i84*MBjan{g(`h zCqv8skC$`7x<4fE>L;LHo)=}_I`{pB9SR*d`oCj88Vl3Sgm&6L#DoC9R|#aXOa29A z=!D+-JMaHJ=RH*;$baSB*a-r>A1Z;S99ZoYEB`~%3HAgNcQ3!!C&8Fb5qR|BUzQpG zU-Z8({~W|=B7e6fy5aal#uFq zh-Bm-G?K{@bo-)bHUE!#1VRh)ujBx&x|E5^Wb>vs;E9T(q@v7Qr6AYEe7=_~XOM#Q zN$#wJ72YuYZ;1X6m1{S=D_Xu?%NT*Zkfn4Hj8l)5CUO&cd1YReVFGN!Ip2o?a)mCU ztiJkxG&iTenj3k_L4P!3Z1;UMDe-AXuMhJ}7OzRCHZcv_e7c=Og`a;|Z1Eyn--r0F zwvmV6AzTgk#|r&-TLS*+OXoO3*K(u3PcIw}yrLO#dO7i3U%tSnjrEKzTU2$rIo`_? zj*M+dEJ|_S=mK)alJ0~IE~?xdUzj%}y4!41`;p%o+B zy76gB=yX(9G)C14zg3(0RiCAE?&_8{vyiwYNkyT7%3snFMF_n+t-WbkrSa|i|MDyT8D-m#vKzGk4E>DjKrlkXmyW89rcsxTF;x-71aEu2pUw4@d|O7qD> zr+D=|Oxe+!QWzq_;J=;n+4N>C+ddh~-{hEHw9)>mQc{HQafj?Kee#--M!02OfhF|f zWLLjB)qBDFZfCZRd+mu0>&Q!m_bKJ#v|j~ zI^+Hl>r+gt5Xvj$9k_Y)!|Jmtn@sH|C__9^0ZyyF>kfr8lja)y2cI=ij{TJ|d6a9A zEozyEkv@i^g!?Jd)}o7=ulkz$m@k9Y9153B6rW3)G7y?7#=bZe+hiMLka6c+Uq9s3 z+EQiA4P~s6Y1BGxv7F}f2PSfAGN5V~qPpA~B@ zX;W6ha7C5l?+sR1{HXx}LLA?!w)?6equi*ll9j|)xInp9LDdx$0g@VIUK(UBJg8AY zl3Bw~QCxXYF-5Z8P#hzCAsvME&w4{}jE^YVUnQ?UtVICN>Ztl{0jT{!duxF-=Nan; z9sH^`{6KZa9;gu#q*r-rJOMAp0Z9t|6 zb!(u$rfLj`&EI2H3BsU5Qt=RTAiCI11KQ2*U3xg|TsG*xPi%(jU-~vwwfoKY=`ZgX zSqb92D{5XoHsB&c@h|;7Y4Qt2a8k8P;5+?_c#Dy(_xMAZ0qtIo`nJNiQW5#J2>O9R zQ*#>n5Az^sp!1a1x6)n;O;)`8E`_G5NBGVZ)jzG{owHSV8WWm}5|bt=$N(xj7En+7 zq5o&g<$en?O!WhF7`FceFPcj&RE1 z-q9+|(|gqM-W7EaBx@zV{9EpkqwBR-<%$97fy`vH?C0rxWt9rHoO4lvB1 zMhBQD*xps|^j{*I;$$fk$U@Y~&dz~Q9bxD}#||*$7BvbEFVHYXr^Qe3n1$S}UOeGb z98*s5uwXdIG5KG_W6^>INp&tJi-{OJq65tg@pV7RWo{Ab(i~w@5D{hr-trLE33|X# z!2$!Hz$j&3Kh6fYOBcT%J>9b;W^-M~5br0R;V-T}y+pGtkF*W?y6NmXV?9OQcH1w+ zB}Qb@z1VbScymJi_1DfP!b5|^8#&`T;N`{MiQOFe!ggmTCSmQichk>?`D(&%JpC4S zB_QEC<2RE>LpvU=ZMZGkj6`ah9OYi#!6?9Vp^mzJRjs8y{acAqMmG||pL`5RfYRF7 znMdsC3SuJN6U%&`;4@2Avjp;q_GbOe4x!BGdPT4DN$!@rT!xW<4KN-Va;EKgwxLVIg9Brc%78`=mvk5E;0A zi6;7seq5n-j|xOq`HP8K|Ct^=5x+E8pLz##VC6%+XO=8+i2F9f=nD^4ldxF?1MUQX zDI=3Z7S|+HjVDt*#+In~turLNT6&Tw|gtG4Ox`l5Kg;b%P!>p_A|@R<}V)g2L$#Lh)Dnj@a_g!4@N^FW zr-SaeP#3wH!rOF$Y^zmnh=*L#6sDKonttI(ZRK{PJu@KC%#yQ3`{cup-ch*6^fZ!t zb|3HQNtykN6IDZs2-AgC)s#=|g#_R4wE0>E2PSLeg-c4eZ3>8O3M|j2+V-s68~C-| z>P~GIYj5V6xzf1ib`?LB%6KM})(_#E0k!h>3>`1CCilN2Go75JPF!Vod-n2ViOqJm zW93{0=(Hx*TiY58Tvi(oJBZD??(Ao^qP?4H}SZyrfWg0v@)^{3G)!3$-a~02IRwU zbqr#e17L2N#g!Hk=xxko`phJdc&mG~#i0z; z%H&2oI{R(c-}M616FZ`kw$<5MSiO3h=QB1R4*#&E`dK!aTdX7I8Rl-FiVzGJCIKUiyF=Jx znD{D9d`|~|I%Vxt48V)i1#%~}GRU9Dr65z&zd232`I-C3eILDVW~;oI5M!vr^Ga7+ zz14mpqO^C%;n}K6x;GWA)~qPH=a#I~{!Lk#?$k*VZMMQ=vol`XOxf*Y0#n;}i zK$|(NHcQiYLnb{_AiMG<-bmLgQt@J?yiUOopD`BQ3j0C440iT9EgWZ#5&92!@S((u zqf&`PWYMs28Zb`{e_{FoW!9C}r}Pp-KgNCE#kC4e+6>vEDP^cjsaZ19-g9mmxGb31 z#;BZGpYL)T=C^Ss*StBeS+bV4q9a=R`V&=Q-5 zs=T-E?^3HVe`G^ip~nOBj^wjfO(c0tIbG}YXXyhf$-+V8M754GV3LjjMqf_5`_U43 zl5C4ks-?k}r)1q%kfb(T7DRbS4O4~@%MFsElx31QT``Y2VXwBK9hkd$|2@n33T)Ec zZCRakhQ-lj7{tBsHh=Rix`hwYmH^%f@sn+2cs#`d^lGUL%8J;$Cr*JBTgKgZb=@;F zOU(OeG6q|6eW3AV;Lj3qlcx*uicUBrZX2HLqBzlMjbtBqP_3G|4g?g#BbJ0{Cts&x zYRc+H1k>AC;iZA7#<+;Sw|{YjBQAnZyCPyPFH2SUa%8_|by-Ma*NbJ%BzrTOH*oyO z`|)!%ROf`p7XHTXywHQcm=S<#ND=3_2 zop&j|(q-J?w#ci^mV@ zqxITLC1peJ)imIO#F3+B9v{i6==MRBJtES8QzUUpna`NC^3m%N8&LL|=IB`EtAZD@ zhduk(MmxXKkIj5%TXq=+w)30;)sHCT#O0k5Xyk}F`REFpU&gq{P*^|x)Gwa5ERExC zCMO#CdTHw*P@u!qN5u|a#z;6a$dCM|5xA(N>t$^Bd{8JHi z%U)Fj3Mra0e9xy%c4q9AuQ+fTEYG%xkbiL?<wJfCNFpPI=e=M4Xm zm6so$edLn~q$i?Ra+ymzBlqw>`|49#hWY3d^=$K$>7*hf+51aBA)|0(6<4WF*WC5j(IA7lQ!<*z?W8&h?h^p5Ca={_sV7^*LB8FGLC5K^hueM z{huZ7ItRTo(vi7Y{W5B7D3tZKQYuG6P-JEp03UCw2>dYdtTqHIu}+H~u^JUVdqq~R z{y5<)(%YU?rH9&K{$vDZUWXmB-MNXrfue8pO*Hq4;byx}f5qMZ@)hzq4g z->RMY@ES(Vn470WhQp*w;%J)n8usTK!(sNK%Y4=mR|7CM1@fiEm>>}1Nw5Nh`ypSs?SA-I#ResU?g}L^5_mgo(mQO55k#vDz zmhnOP;~#e~^jE5HZoUzF9~bShTe<{v@{e3p5d_8(~jlIc_V_Lo~ zTncT_BvN_DsDAQD9%Qj@?veN58HuaRUy$Yh+`4X#gtly7!Z^HEyZgchfTqo7xhgO% z;>kR^ME{YVf3B;tKI+tTr&cun4XGWP&MxhYlK_SNhFUP*%0ketdfJlJ8BgOCPvgwo zZVOP9;g%KcE#WtIP9r2?l;F8GM$rnYoEV*=-5vWg7V+AQr2@&+S5%Z@GxZo#&3aG6 zbNZs2EIXyA`H*?S=NiIY60S zDbV>~Bx&HocEIu|KI$SBDMOb!ndT7!j};&Ax3=>@2g9!oj0OWQE{UTMHLQVp6U^ zAtKG~IZ2L45I4xYXxREfB!l8=Vr6WhWsO~~m6Dgg?Xb=(aNj*TroDU?e3=_d! z(W@B1KS+nNru~M$9{aO5pkMHsuDMbh2-Aj}CwKnF$Ijhh#a$6a_hLa?cFC0OL`d=$ zmhfBL-KLK$y7nlSij85HwPFP+S;hsW9QNL*A69oF?kek>i7z`T*xT#5s&yStcS0t_ z1%kt}z>v2{>ULLL-h7U)^2$x}yz==m3QM4lRmHWWEukrt+BkZ~F8O76eTPnu7l^R_ zHP5@bG9J5<{u;++9Hn@a6fKKErV7Eqov7OfJE0P#b<0 zKe@8k5i!w7xo(Iz)}FoP-HPg|cnb_|li}UlWBBPr(kQ8Uv=z(Hvzd?!ppB$T$^OsQLgqcX&f_0a9lo;& zWPZALoQAs6_ zAOZ+Eg12%DPfD(-+TmrsMcgwl4I3rh1ryN6Ost=V%y+Q;{{ZT-x0O@yi zA3V`+E+c%5fqa*8kBNQJ3{13KH=g63dSNXX%5_iy`GN_YdU^^-Y&*CNd|r}h>VgUs zKgR`p2saj~9r>KjPa*c$3;$;waEOwUqsG(@?t?}(Y~Ko1`FJfGA&ny^AlY33rVY8O zjqKS%ymoOfhsLwlIefA-wRgK03tIImm!bixoAcPhLTV;Q%ZXfJt2eF$@AdDz9nY6f zLf6ann&*I>3G=olCU`oSr@00?0RC)hxCCX^Zr+1yp2)J}CyCQ)TkjdgfZ8MV3-SET zJltv#UyL|$PSf{w7=9t*aZgodo{G8kv){osQvCC?aa^1Rs_(HyhhAqFwJ5))eYtcI#BESN2<`@}vFMRCf5#7Y z4Fg8NlDfhp@Ufj`K6;*=*aakQUka-~<^7@jfz1Y2zxCHUT+KQ=S|xfIfgd88Yn~^Q zTXrLG+UxEezFu53k=lNHR1-Phzai$^9AwsJtB;hLF%QpI%K55B=^F&){Rk95wsP-Q z3X4sA-Tau3er1o$HHiE)L!uvv=gI!_v^NdxGoFaL#tH?sNN-~6V+ZMhBE{ajIqa_l zE46}8k7I&##W8n!nf1V{S>p|1*L1zM2br*$_zh#&!|`$cGz9+sD6kY${|8V&ufH`R z*T#biLLsva2I+vT|5@68CgL(p0G@=WmO)!Z;-+Zrz zjT=zDPsQN_NO;X_lB%W0g6d$JeSb7YEtgYSeH%-&mf8L25kc>3<9R-ODiX z?=PGww_1vwor-fI#CWJP{Lt#|?Y}hEoezh##%nzU7teKTC#}(04Pk$V z7e8 z4~{CL_v{^L{h>CREp3GKXutmYwYF%--NWNyy`|wn)EiwqaQI4lO}*Jp2BAe**ON-^ zRkE%%KpbXv?5KL*YaMDB8>;-=&>owt{_CLCMhLJrgLo{O3GG$QW;}d7fV_D~-8Quj z@eoxEdbLrj)-_hEeSfO!Oq(>1hEV(VVWU~kepqU9wKYT?25~xQHs9+bNWNHGF+6A9 zXk2mlQlBDv;PBNOZE$LXz1i2^adv)KJMQ!}5CxRiKeV)oZgsH;hF#Yh@|(30wLZj) zrp4@|4%2ehJRUSZX!AmqYGt(jh`N4#@8xrCqJOUKy=tCoYk#APN3C{4JLFV1{JEvQ zKPq4Q&_zdk=6!GP)%#)n<*UdNpHOU7rSEvE;17NCLR+?WjVABan*;4bQPZytaYO0& zED0$d z)S1^tH#k2$27h!_Eju`r)4A2&B+FlE*TXOwfp$7ZXS79e9qAhcRioChW;zU`fr&z( zl=?a!yl)N9w7o;MYQJk=iaPotZ5hsouZ{0Nr^AQ~DmybKpp%Pk{9YZ+q$kJf-mBx* zsWx+5QLi^NBFGhuV-3%V%g;czw7KLONt^WVN9Do3f!1>Qu-7;BcCbGJ){n*#NK}25 zm*KJW4S$UH_M0IEfyA}fZa&<)Iz|VeNKC~IBwbhomKi}WXZxo|1|#EBt@(n0ez^sM z>jUpeLUNL}+4P>xPpr>a(X~H?K+#-Kuqp;>%A=v+{S6@RKu~w)%egp)eesX)u(DNtGCx6)U2N9k~c7iE&2KhB$8ckJ%i;^vu z4#(QHkV$Y*<|!d4Q#cmF1tI%kW;G(OrV7C;V{FfU{2`r=Llvd7aHyhm@(opF$eK`A z&eG`ClKL{gS&6NSPSkE*eKT2yFHwVK&F38FfmzXT zn^L(8Og*J>qq6g7O6oy05Wv0Kh*n_l%Ml2?)-0+Jl(3`BVDlH=%z%oSpv7yWVxaVF zY2*TwEnmgRURP@Zzt--86^!a^tpsigt(w*jrBe_zL*UBbmn&n46$lxYB^XMcy& zSLSotzD!gL&X*;MQ116@H{ovHUL#g{^6o2u^hFx6O`ppCY$5j8FXKq9&c>c zw~>3y#T;o2B);Gl2YI>#oFtBRwwE@t*ilM~4n9U>Isl{k!Siotp3X!yT~4f0TOv^* z!oDVu%qiPdknNv}1+rib5cnoN*f3Pb)0napt}tM4v%Rd;YAUmp+J8-m#Q@yh*s~6# zYz7PNQif7(w$7YujgP_%0t4GTgAxoFii|7Y+PKl;4I^WQv^kFV3g?y7saR~x{UdpL`r5vM-V!0@PX-j|b*(j~3|;w3~-%4mj6u$()QuM!mr0IF#D z*m;3#EfD9Rr#Lk}On?0$^4qxC*1+i=Rsh(Ga1!NymY6&CP;+1c?4^nq#)>zHTQF3t zc{5rQ#<$_ksNpeXx8pvy*CB*aZXBtOs69Swot|w1CQs728V@VZYS#{F(+X3LI?shy z=X^X((l%jEmXA-aet=~nsXAXnJZ(N*|)`FFM(wpPj2e)r6#yr8;MgZ{Ak_36&5sO3*sP& zbt7($VzaT&hzEQdg}0I9l!V!3WT!mcqGZ}2)A~(KtBsE3MlL;N)HD3#`7uHb*quN2@8O6zX9R?Gr=Uj4Y)zI3o$bnJfSKQ z(<*hGQpgqtBa%>lk)U2>8r#+meSS#VN`H}KK%iz+Dbl5|Cekmz_2T54dF-Dm%=5*% ztVBr~h=216KUQ}_VTjDu{TA6yR{x^I0HP zfa6Z{BJqe(T*=^CBql&X!Nn3cXM&k3D-1|(w12~;HpGSp9IMQutnN4!kj8-^!!g|w z(Q+l9OhuzfX@;O+imd=SG-Vsm(ktvFJJ93be*FP+bAcsH!o1hA* z?|)#(T+y@0^mqIasb=^gvWT0S7EN1LdQ@*zteu{$4^K6rj&1w`gElbd)Q-9XaJOyF z2ud16m3ULc(1HPs6l`=UlSk&m2>{Uyx#Sa-;d+gsrnV@bH~J5wdjA3c-=+W8-21gQ zEE#N2K51Pv$D{LpyZJCWLwH{F^M{`NNq={()jn#|hnRwUVV{y-#iU7iV8v84YTZ3q zf#nf6ZptO^U4;5af$PNjdO#CW&6OjwZwe2bk6Mte} z$UTf*(P7^YDa?b1AA=;bRVuCmh6UUQXuvmw)y^!i0(Gx&aS|=Uc-jfxyAkVMf;l2w zU>mCZVY5y~*g?NeZcGZ)QJXFmk3#uwJ@sWkLSX$v5)}hjcz8Z2Gp3p;!yLt2e1uC+ zvMt?o=;Bsz<&Zy!~5rfBK|E9Z_1qI~R4@1La;4@ZdJ z1rwtF0KRyRX;TfnQMCrAuuYCwA8wE*oh zI~KN9=8VXDrs;yhPIQ}cdqtp7(PG*M^;_s*y6}+7Tlu|hY?AUd&9)=|BG{GL9Yb(1 zlWF{k>($2hnEb9%oE6P6J2kNbY9I2bF;0_e7gYHf^Nyeu$X(#{=^@RbEAGiOFxpjk zmd9d_X+-QL77Q88;rYq!On*~j>YA3EBHEU&11Ca?M>W5o_r59G7L>{BN1k@E&c2?9 zzP>>*&G@;|v?$4YgpIupvNN{8L(BK;Uo#gtAIcW22)n^OM6wL<->Sr7N#fTZz za3Oy7Zjjf?4lus!>_csfvc2eGeal--g6>#TL~dm}=ui+A@H_S94z4t9vw;+AQWgP{ zBOjBmBNPgk~nO`q$UKi<=LaTo456i2w`Rby~8 z<^~xGF#lJ!ht&o^b>G||xSM1fq{csvexB+tGBq>2&eZI4U#ii!c;0q&{E&FcOm(!f z_=a^=7=QP=DvWh)hnI$$)QoMYHNP-=*8I-6XVYt^HS zA@8r==6E@|wWTdfqaZ4}b>!#>J7gXcQ~~0aeSZ$32d-T#YWl!!Y>Q*7o znG~!SPT=sU4bk27IG%2~6NCVh3QcBX(mzkWX|<^p()w$&6*p~uihJGIl*Z4Vd*;}0 z?IYI&3MK7E(#}W8t|b1wKC@A{Ib)|~tDAE$kTS$lH1EJ;YTu|Tm7?0Pc0YS}mW#g{ zxqs{09|=-#^_5SWxtkok`$&8Rt#(RnT&!48X|Rrx@RD>8Ww?>ZINK@Q96%R<82mdR z=Hx0*m$QIK&jgvwEs;R{Gd@Z2fQJ4IxHzfF&l4ZVEVr*F|1OZG@(IoM`RD$IS@(-_ ze-|6Z zrMcsJe%jrK;v<0?Mgmi@I7HfPuJBmM1LTinT?)6^QbJ{Jh7|IVfG1FF#JDCwm!j+v zQxzOF74~a^LK93ZCAc+s zt|w1<)YtxmVZO{Qf_b<|*W_nFsUF7;yU0gABU39}jaR0dGCKpVk`P6Bt}XIL_I2SV zH%F9mwBEmWL127ib8`bN|n2Nlr@*%x~0lZ-#RXB?$qxgfOzCIdE1 zFq*yv&$xN6ab0Pjs$!mNvf$_8EBu(F_t*3#{!FPu7YhGG9DVga5Yg}vSK<|go{{rT zv)dqd0r3&0uLy?>rj7}D+D=7z2+%kvEdfkq(NROqoikO0#*eZ<=-m-AYkx^;YLj@0 zV(tC^R;=USpD+E)PvlDLc#_ommbC?4Uzys#&sb7#-) zi>H0kal{SDwDSXViFgnroVc|2(^?YPIQvYfpqm0~`83@@{*(K;=+}|sd9FZ(EB9)F zCNuvSobUH4MErdc?}JS;|9{ugl=*!~lb7_ie@X4a9%IKK3{iUV&Fy!kZ;K{Fify=( zgak{!Ir>!O=3tr*OiQPTfL-__+=p)X76x>8go=urHx}LD3mwHR3MgtI!jHD?3V`<}up{3dmuP(mS#e0yQLj^nqtKE1|9{R!=iPt)U&oqP z7BI_CoP{;3ki+T!d#klOI+_9-cn6L~k){6KGm&Eerb-5NhuEhiu>fTdh))5>S{pp* zbBuyR5C&pvDOh-mw2eEpNHfJ_-8vE~emP8XC~yW3Q4xQ&{aZZ}pS1^(iXoZQX!&_M zgRLW#r(p+)Bar<8M1LaAnL)x#V296QYdbt_Bj4L7qR02<$pcZ;GWu#6`r>7RotacG zq_&XoMUV;ZB?-dgKmHIAK%&v`JeT<<;GGGtLAWURESO0|Fqb%48nA*clL%o3=%cSK zn-+_RVH40?K}U#1-io}i7z7WqC0@cgg60U32NVNI35FDQKz~TmEF?gGq zi*--~%A5^QtWkE4g#!`K16sPcqNS&<=`GeJ%E-~0^hqciaV#NzHze_RQumg(KmLFq zG-(ikNDnn&%E5s$pb)keWn{EJ5oC`jHM)RRrT9Q4tfu(q5;iEOWP$@7CPM{v;9)qd zyC@(JBT~hof`2ozL_X;OptNt{R(1Me8)+1`kvDN0PI24qK85*12SBf<8>L_%;?c0u z!4HV8{3j5M=u2rXCvcqI37~E!CpftG`(8k;Z96QWTSF?BL2m4w3}DM5txMp0Y?~Vk zr)Ulq)ggrv5BL&EEN-!LIkTY*CBnjx>PX|5o`|`wCVxkyQ1WEV*vQx*TwZ*#q?;9h zw_Hjt!m(I;FU8~ruI!?WATAdXBUhmW^LSRly(IyRiOzv*&TW#n+^yowF5qN97Srm_ zv@wO52Hul-&6e4?&x}ljy++_F(aqP~KG{CqKHF~L#>``qtM?D?11Xl{u%&SnEGnFe zU5Rpl34d$?h<(_iRubV+Azg#y4@}D0XDL`Mw!=Gju%{ zn0Hg624l=h+H9V74U83@%gsv9G~oC*%%G7QCzDI+4l_rPt1=E0L}jF$7RqMWu^^lV zlz*5nr6g2>9-aPxG|yz;wkHU+rWpBHLIG8j5Y-mg2a2lC(bQ#LaR}L|Suc>^w(&#dZlozI1e?;l^wJa^wFVMMuEe^4m0N(7u7iT~|5WH-( zS}7j#XeZXGu53^UoLl$X_y_7c1TnFQz<=(03>>pZPAJ=%!hKWW0TphEw*sc>$U!X1 z%fq6?r2?&$nkjx~reE2E4pE(>Wq@arg-}?%7B)1(iud&xh=rJQZlct}aE+8WWvro# zrTXIeIzY169WLOux!cD_?Sj1^oRtDPK5QWvojFq_@ym!Y6n>Eql;U>-`g%?>jepJr zLg<;Bm0J*uFpFIjoW||Q1Yrqk$k44{!0o2qOxs9ix6Z!Q;@76(eBca^Ouj2SFQCll z$@cqWV?m5HlGkAOl3JCN>5%WKOxaul`@18_Q4zshi|0sEynw4U{J8j _hAG$MO6 z+dk;r!p12*&0|hL;fn5F0AVmdQh#d2-$`6BLh}||DxEg2ermKOg8@R|n-XI2@)B^U z+lgvW7BIa?^+A>y)>Fu*sGsB+`t3+kJHWM!;YPwJSa1{p?+>e8O0Pu*1|qw81}U5O zOa}}R<8U#!d63S5BQJU~KNSznDQ#FR&ee_#8<9UiVl_$Q4VNfo$ro8ppnto5+-x8> zF*aKwgr+BocCxzs(*_5!t||~nvP(p{kT|@tP>wL5rHQeT7yA27WmC|X zT8PZIL(yVBKhF?XqzfSqA%B4F5#%=mr>OFHM3+V*Ih;}vNNj}SbiVKJKh^%OmVkXn znFb^(Rgf*G@Fze#Rvq?E4VvJuBMorMZCInw@`#BiCG$EAaXB0#Ybv#WAI2vMvn?n2M)VsjihP=zA)fRFTezkwcuH3ly2`h##;q*TK`gxyucz>an`d*P-wvZPYGchK$pj{IR7 z5l+85Cc~USjYr6#L_p>KBeXcV7Cw_Iugr%8)Bim*`D-|&t-_+^wPgyByX+~|-4v_# z_|;xOID$3$?mwdLCW;-!Q0DGZv`+f&dZAq))8&spv|Pj{z<+8dsXha|vigmpF$BUf zm>r;y4AEn}+c_7I(veJqsevEP%mJ=B}H_?ai@FS1nL4OZ z@}Ux&DnA%dK1njw0KEZ|4Zy>3U%{=jSlCmt(qw>h3h3e_Bag2f&V-{v)o3kAjjyZ@ zGLVlzh`?FwFz5=gW^C1)~nF4y+{B@4Zqb@W5Hogqs*p&g=*9}+D_ltl4x(ag?8ionfhg_qnPON zal2Q4kH|YDmE*#0bM&D%ct0LC>*s^k=-2V-pm*MX#*!R(1xmKe?S{?4MXTN%r#dMd zM(`>-Uqr+3citq?fc?8LCtpC?*PIO9nd+-3S3g5?`ethQ6W_K;^duY=nA0Amir;J? zX@Bsqt7uU0(gX+&T;2hbqaqttYCeJ0sBOwC%U~6fpxgooG=+$OABb#^jqTe9PCP9hbVb0dE7yx zNt(uZu2+==PlfOcxA2mN7+a*sp7h|@x_=kNxQh$N{uu23hVT=W?yNw$0BCH|Gd(B# zj^T}`vO%jjS=L|65ZI!Tn-Z;IZs{iI<-AlvCT3%gE8sgjVDG2m4hvbh`Dy_0%yDy@ zv6Cgt1yde_G;5TBIyqait>a%bn{-a~xXfG$HOSncQ5)5An>64t5azm!Ojm%W1b^SO zn&^N+T;jbqAQ>33G3j*fuKjTaGez;Xq%Ex{pUI#;A*ODcW&NupM<~|zc+4H+Po`*$ zydZLnL;rj7XT;{;xe7^R6v!cr(v-p$sF*a5QSK7UiF*Pm2(RYcZfmEl4sH!#2Qb&H$^*nYg@(!%&5>_Z0Y?W1vGcGRe$@wbB8@E z#l~VKQ9NOS8-RZ&uFt$jaIBhgfz))1_U__z{+}Gr& z;OoUCiZ%djT2O5eqBa4KM1N46$_X!aM2sI*Y6p3Bz^^Rg8)S$ULp0Mm0K41!sPG67 zVj~$8;veY7$rVaCUK$d{j#_ou|n!X$Y1~QjmNJh?<~0wyoJ9Xwea`X#*H@15gMT{4CEXTmSwxf; zly;QW8pWVM6d#t)rBF1hOL2}6$Lyt{?}<02+Yh%ng@qK0BQCLj-go9#OB>F2*HN95 z2?s|^E+-Zin3--8Q^ zd>}5D2Gi0ifTeN{gatMFz9CNBJfRyZUh~JeiX;VpnYB zHIfMKB=%o#h@nIJYy5ERd+xuG{-|Ky|8QL}W3 z6#Pi;+ZHFoAz#(oqHiHv-AW=}P>nbQhZz2}(g}=6IwdE@LCMu+B4g@P0+nd_cV$Y3 zIDwkVz{`U}TmX$1FO|ty6{<^wZB+z6fr-ocUdTUSO#T6Kh;do5uDS1#=U*Cm9(!1* zT<2mtN`F>LAUH6aCCd>#YJ`aSGMIw##e z&^}(j-lIRS58oV6D$j2g0r%HK^2*VVHQo@b!BL>M9Hnt%A@KxwyNgZ*ct-9N_Vr5h zpmH*^KT!j~G_fx|q7va@Vr(XJO?Z>VG9X$8N`KLTaO~eBq5=2dvr>^Fq2lznFw6-4 z#vx5Wz<^GLqqqv+pkar&l|LtD^$9})HhIfDg_G5eaOQBURf$fJv5-+Tkv0``Mcxpy zTEKI0s)CY`d}=J6smD|rZPva=fNb+QV!V(#9GFB3*}PcEx!^=RwL+XKa;#9HuhKOK zXMeX>Z;dHUX{$f()<&(1X3=(X9x`xsJ(pXbL1qV+E}7Q!Y=S3Nb?=v#wvSvqpbZyr z*v7s9Q;V$vfF6k)%>qC1s7)7^-ibZk7H!X(ien4NtP}LEuLp zf4-7rUA3?Elk*omHA%kZu~eY#Ju4goRU8vg#6+dyLnxs;kh9YY(z0(;W)HaF+S6y` z;2wVTD4=ytnOmaZpwt6Fxz>o(Sd(WQ54%`i&VYTq$`O;=7fzBK!yk`8_EVPJItGH* zX}v{pXR|bejr_h6U0NZ+1TkC(M}H|nSrLV* z#6Cpm1QZe!lx>NUO9@Usl7bNSP@dBH{djiiV|(YCr!S3BP@H{T^n?jdtbYXlYbjWZ zr(AtX*BE34w&L4FS7r1FNwSE6ClCFq)!rJ8oH!U;o1q-CqIQBeDovTu7lqrF?4JWxPYldxJIN-42 zaEj%a6-%}$rjvrT(wsUm>Y9B%%c?W>7<1{U(LS-D9?(j>FnGW`g@4&D5@HHxYfT+) ziDZZk0lQiwx04Q&5!tBdVvjL9SH97oN=@}AyECQuDW&W-gD0pVj*NN z<6BPdvE?A%ybNo6P=85Ht$PLaA=7eG&!ckV(QSW7G+L?P+oeVvy&vgnAkP;*KyuJM z_0oV;Lf!Dj0>?EBoCso2>-yBZITktQ?LG{gs2%cVl2s+7P>GrNhfAWZ6)N)$^rm<= zjFHx{r({>y(#}h&cx0Jic9T2u!dXB>W>J95kQrCN$pOrv4xK40apmX%4 z!{0Dnd~^`?HFyWGQU|>ZJv?~xXqti2AtLNe*9V+BqsZtK{zI&v+kt>Oj?92&MZb^lle1 z$W3OWrKb$nptFw`=L%^MuZQR8_5tAy)Vg(n72BNapBp8ifA(5w&ZysS0WfAv4o+Ca z(&Z6(XptogsMTf@Qc?Iz7Y-m026aso54upR_eJ|Of`3}a8(SB2h^5x;Di931UX&L! z9ENr+p{HFW`ZQN$NMlEyQ&QRWxUUiw*lD2?;YeIk6k+$Pk~(%~6t`^B+=9K2gtknQ zR0wL|2ZT0@rYLx0dcIh$nPpQCTMbQo`qZOsfrCXA$B&Q7{mlwrvfqy$q&+?gUF-_{ zJ@RIvwtq6%1Q_?@M&n9YCmNOD_+AHE>>~CJT*-A=VHa7Oz!mF)M=?AT+|I4cmM+Yx z^>0R?!vs~H_K?HNY!xf@V)e3Gsudf>LaAQ5s5FWn>eXVo*tjfK-(FP9xk|p6;98_C zFEXc8b2Z1{MI!yrDdTP$n(}NCB~PcOIGtE|5`QJddKaDMcbDBTr9i!@qCu zTz^5_di3ko-hqR9^*1NSKOZ0beEd`9btV~BuXfJ*t;s9?xIes{PZ;=@2tb0mrIfv= zWJ>PFV*fbSNnkvjb&yv?>Vm7l4i^{ctpE$ z<0w+*%AQ(sNUHiRidl15-MgsZcAYbLF@MhSNer>>MxtK;5oC7N&9L892aK$u-M8?_ ze~(dO=nW5@ljEgFXEHn-4P(c@cRM$S&f)9%*FHAaK0fBrXgNQ(6x|l3EDxQdqt|n9 z>cpJ(V)1pZt^Vw9~F3V(TlK9HPeZUgBrch<}x-4^C9< zNl(^p+g^uts%=B+JbhDEFywDZ*Ac^WSzUpZiYci*SN-MF=RL9M0B!i2? zLaO{xy-;1%m~Cwk-8(<1Aj}>cWZ*OWX0s%|k}WwKqbOLj^#(Jur+<;ZBGM=7FmU$G zBFf?12WJ^7Be|-8$&95>0Y=ClBX3PAh^2VY_4Pn@s|qT%o{VU%zh=*S*i#Di47%$8 zg$r(z;$pjsV&BGKL>3Z>F6rl$*z$>PS-c8udf+Wsgw{9$;vg%XMV#6I+ulV?4onqI ztg)*&Lxc$6lxgBzmwzCXQ~7+=Yva@OTmnBy^9!oYWJuc8jZV_o53}iO?7=Y5F(nab zSPP)m{y14|yE-)?@UVd{of9}&t`@=;3kK||)H4YB0Ny10dTzkzV|F;IBb#e7K-IT- zMfn@@9HSPZcz>!2g}ril?<4*wwG+@2@eJC^$TEn02C06&x_>}(Au=wMKWrk`H?86El3O z1daNT8wyo3W|v;T1Mh$I+#$w6*}ZRr0oc59Y+8OgI9PdgR=k*4*6B+bRu3#wh1|!Q z_+=l9xoT}${#CTw(84sQ>QL7-wNUTT?r93=Pul;D zP5;i&b6eo5z+WtHF}?$wHIVgAbS;+KqmL|eJLa~T8SSXd+{?gQ4v(C608P1-u}snJ zB(4Y>au1R%v3~2?Ylunr>P^O!ny=nlu%%5aiEWc=>wmm`<25HuEDc5)iaoZlFl3GX z46hw7jNy&x3A7~m^7q(X%s708`h*u80c0iRC@`Vxtimj+{&KVPn-f2R3-hrQ5&xS;WSqJg4a`a z3ubG*D_aQTD`-CiltV_^sxxDhm24`+($F18o`UgJo)8GgV_*?`{(dyvq>g@tA0^3(()M(=IoVvRCHrhM{WZgr z*mpHB52cujvCeKMK>hz_<*$qRHXclydAquGkixGjXRu_axqe-^r>i>6ZpE~%=Q{?6 zEPnymU~-O72Vm_WKBdk7DUxmZicza-_8OemDnK(Y6Pe|@8{So9SL6@66*2=Qn0n4*vxQR+W7u>ec-m=PbJ)_<~k2C5VG%&}9}{eX~BBJ3l|gpTlr9 zz?g32>h)ayeHj%bjrzyS;_0c(`3SI{*rs$@E9M*Zt4gJaQ!Z(YBJPVi%eafxQh()L zBY%OT@~rS)dgOJfTEEJjH}a)w{;E`8(7sgAmWQ;4dN3b_-5k~(juQg&8Z4kY-M|7^>5sf+tV(M`opM`J2Z6Bq4XU24KKPOtPw+uKM(bR>m%k8? z$un9`M;rU4h$O?dM@ATk3o)wG`gxa zhwZ^=6G}tKIC}Tc9YpG`$?NYy;c{e%-1JQ#G!#$kVNODj(CA+J(gbQKZGXtRh=e5f zvax`$ZV=0nMKoC^O=6{>8FnI<<4+1ZDN^3s#f*-88g2>!8ee_A^@xyEMiIv_^aDZQ zwSzB;4V%2K1QKzkO6mrT7PUzSRwe%7b*702X{s{jJuM_B~+H>1-^KbUm}kV|02${ zKkmSYG42O3KuI&gqW!058*Xg{% zPKGxR*mes-tO&IVWW#{$=D;peQ;0Dt$!$M@Zv6owY}0#G&}(vqZhy1~|KgrT_ja%` zg>SuDh~A$402Dp+T=nje*OwR|g5{2XE8Ahf(BXgtiy@alXX186Z_JtCZ&3iyBQ0pP zG6E#m@j-er5O56*c)+A5b^%5m#-qm!4nCSrR}xSb2$5|2VKb;i;{Z1vo`rUYY8mpD z_I&?#59d=WzZfC&m4CB_$BqHxMHRep2yXf)9T~3tkj5$VzqALzO=0Lzk6Kp%05zjs zjNozGcjRr?IgI#2`s%Ljs_V;&12z{hy2PRw@HeW^KvO?S_qf6`0A0NouvLs~2N; z_FOu1X1dtbp+LuQNFoY6;C>OZ5qe0fWwM?oe1QDyK|;$Nrr#(5LNFW_R9!O>Uqh89&GINlb{RsGq)7CJ_sx z_=E}Dl~0OW55fEJHU*Z=P_g8u`AuPhkU6$G()s=`iL`3gb-OO>vQSMLTFWT3Mb1ta z=571xeSaUNOZt8#Mjv*(?(h^H$?UY`fJO1bX=?T$%}HP&GYCu!w2>%HU{SzEj;WwE z(+H-r^w}5EoL3UR=JoI|F=wLSg^^ZGq>NqRb=j$za(btD8_gbAKkZJ``21&St zW;$@!Zw|)32EuL$+Q@5^e06yZK8ogWBKu9CZGWJw>yq|AV5vw;l-VvjZqZ(asaFw& zL+ygVdA0rn>XlHEtvSC4iRgkIX9z?L0TntK#a~_0X@sB`Bn1Z^1P>5yED9FG9&+7qzR1$*_9g&m z$(?G3j{sL3ONg(A`VzKyfcugA0er~RIe!}zEzo07Cx@XsRqp^KgTz3s-2sFRAI^sT z-XBTqFb@@So`m2$50Q27RvDg^SwhTZwPc%8NRt|0(|M>xhd(@Gts4R2;Lp{hTk;&{ zrD1nv*oszLyPu>hMZI{*8obU93qahn;@(sxXB7(WPcS`x1d@*<>Dj4hwhPC{On(re zIweRkgu}7kg|mgnnZ%SiOlA(Qu)+Q=K)ka_sQ7i6Jl|=KRc%vb7pJA|wYM^hCJf7k zV*M8a3sLU_qFDVz>aHsU=Ns$IIY#@kGyV)*>GinN^M>xHc893c8hJQiyjBQ-u5Gx7 z-lZyX_^Y&GIm3Fx4; ztYM3XE<>_<6gL=|ZRGq$Y1GIK1|%L=3ph^UD;8$oSv)~g&hR7wz z7po4S#mS8w_M^BU1}_R4}*=SERTb0-6#(Z^Y`Qh{z>YLJe(P zkqNH>=tnSqt^Eh9|J1v)ntuLBGoXyBryA!-$S*8TP$yMveAE9ax`fkL0g=>b`B2yV>=!6jqMKm*7LwGlr6LlJfNPJ!^M@oOe`PCEBanJ$!SGtr8KHT4TM9D5k)hp04kaR5EXJ0BzY z)NNg!>!uWK&lIM(ffE5U3@_?_>s5^2o-bs4{bWi@RRQTb6emoY_m5@)$9pI+&>(k7 z(8(pL#)Z3yD?`I-kL~lg06{dAZWN) zL!-^2{1+6?ry3%X`47JUw~g%qi4Fvg4|Bh_8vFq(0s*p@M*aa#9l9+iz&FY1atPz; z4gQPkh|6QULhZ3piaH89THKeh{sEi{uRbU8(E|VgC%j5R!TyKTCixHUtgt6CrlZ5HcEqW0&L(((k4u2=-`}AFt+Rf zHMNmfNZ%}#sj2gSSF^{OvJbikJR@X$d}}I-v69)mve9Kr+4Qro8sAb_prh4LH@G`OYA(Q*|%k)lNl+_ z^;|^l!*%=aOuH!c|LG3Q*nFqGr%?RxAK5ebBKBdD?yNk�j<}nvtRJTrS02Z4 z?{gzRp$^1nGv1DLHwR>9nHx&8h#?2&n;%=A_*6!`bJ2HP&?objn{iyVrO@}iDDxR3^Cb6kVF4rula_ptlh5;D7Q}}zIG6`A<(90v><(LwTRNBLrjBeJ zcYh<3)lr$tvNK)|m?0B0jFxprF_}$1%7R?RZ{SguhcBufE%Q6bWNWD`Ci@4yJ<7yZ zLfO7JCQC(`LLSp{DG_Di6NR!i(wq;j=3DRjM~Vo49b|CkxY04G>9{$`%>{{4_2!@I z0(34K>zvGTM4+G9uB@}G$kFQ{hsv|eT#ROAWWwY#3-LO$Ta$&UE7fe^p#bE{)}D#_ zHJHR^Oh3{2PJM<+`=WQuZT+LRm^>8E4 zQ3_A zvZSG!aYR)F(?Q+9{Gy96NX-oja#B--L*~%9+WsQ8qH}^Ui0CGhNs4h&8w=Cqo(g=A zv9qw?9uZYBc9LFVPr{3_lPg{u{gM)2o91-H1$=_?ink^{6Nhk}$wMiSpYp}oX z-rFpcIg!~K@Pm(bP_>L4)!)GdV=>QcdNqiN|f%jfA_3bK*ZEK)S@E0jx@kDFj zl_W}!I~P5)@YokM*1_mMjOc$^4QTaPSnrN0LfLiFtH&;vipZZ$;7o$6ant`o%pjYB z-jabu4MNid2J0yVN*Lr&SZ_m)*J1$6T7*z3gAfW^Kifj7)?CL8Nu9$!V&br1lH-N-9M_|}7Ev-bdV5>k(o(&fo4*Xl7#m=^7u$Y)3Yx6EODoaKKmU>z28K!lpNzt)Ill!l!-oWMUtkPXcrQss>%L# zY<)v3metUC21Vz=vE-{$E~G`M76`$V0YPQJKce+dT$nc9!w$U3Y&!R RD>yC1xWvc(@f(&A_dj$ubyolY diff --git a/cd3_automation_toolkit/example/CD3-HubSpoke-template.xlsx b/cd3_automation_toolkit/example/CD3-HubSpoke-template.xlsx index 9b2c10983ccd3ae65fc1f8b8b6321b3d7d902b38..c51453b122eddc743f876885985373e82132fcb5 100644 GIT binary patch delta 88748 zcmb5VWmHye*EUKwf`D{)cQ;6PgLJnb(&eHXM7o=cl1^!)q`ON%KpLcbU#QRhy!Zb0 zH^zSdI2`Ld&pGFD95dEhtm`2KH6{hMsty^p!)24sDEf$BKl@e-PpVgXdLW z{>kEi+{4Vi@1qiX{>`!TQ0w6Q9Jh+Z3Z>}G7gxv3yW;l?Mjt$l_!F~x(Co+B$_KLx zZG)RYRtrZ%Z!hL{{KreR0>zasN4SORIyMcP6>1VBveQ~1+>gBvr z=$A|al(TOy@K?PY&7UBxx1`G)%mq%$8B1#PUkM2Ci`*nyTi}s-R;_5~)XR7BmA;A` zj{b(2?Y|7@eHwpL!XOua30JesM|NuPbN*}@z3I!ug+6iLd|NR5=gO#o<4=c}xUb&5 zI1knCwkN3lK7fFe_|4s+Y@-qqR{|vuf^eR#r|9GA*OO%B_A9_N#2>-OP=ccis+`b~ zDlMs$K=r5pM=1C6@v{tV0jzS zp}A}XQ?mJ3pyRHhpR|r;;S)Cd6R6*%b6CPB!iP^bicz|w0PW@Z_`V)8Dbb)@fh$tP z@g|~lqWdC6s+-pgZbS{rAEnep3cB#bPb<)1fFT2tVBL_zvzaS${3iEuO;EkpJU=z> zRFl$!r$E-N$-Xqkqy*O~`C8C$eX?e7cAm5J`<>rP`NA!k5d(L- z0RuJY;+K~RG9xU-te1JQQ52z~I=8a~H5mRackLw$eFCdh4{B$^WR@V_w4lokwX;WF zSsen#&N`)$=1bm}rdQaH@b#*sQQ^BcS^*Y_Lj@_KkbRUVgt~s!KNM(_w_&R7G1;TJ zh*rGCzD}4YdA^SzeVsh}URF8wjk~%U3b4zcb;Ex_NZT||Hppm~s6mLUKyClc_)S>> z!mmRSU#%O7O)LuHW+=_H5ZYYn`+`fxg+wg69J@JIqi{P#nWm?yj~w^H?bX6L1+-A4 zXl@XASxK;W5dFVw4KS->pfhQS#2D>fB@xO+5RQj#U(7?l;IBDXQ9JiA4@oiBGzFsQ z9L62I&tPQlC{58B3>9B)EA7|R4m8K6ZG_Ke`uMRW`?C@uuDrBUO)|EP;COgio#^>N zV9zK^8H43)oxEGTBSFf#?!ao~&7(b4EivWw`4M$C#x{Z!b5VbulGxHEI*3ZGtAGHK z1JmB2s{J!4Fcgvt;)j*NS=%cOOcmhv_@_>2#rIt@EJfs{8U&xlNH5z6R?aEgFnyZq78Hj1s(xOJd)sTTIMFiZwV>$&Q`g9z_jg zTvxSHsq7XAo0W#8y!Avib=cwxlTDZ-1t}T^rjUX!i2vXU+u^Ge6LjZ81^j-pQh1`y zT8^@_Fs9fi>$oVw^;xdIjTjQ(FmzHtrOESzjf+}WXrQ9zHQ%9+Ow`V{b>}KXWvTfk zX|BQ{$?LLiwM&7)ESQ!wguJUpwxVmmjExb}E)=*Y^-)tuDoiTax?U?w)Z?X74udvS@?i#FKnLD*9=9oG-V zI9NHWetx&Gu(TSY6t5xBwnbIni@lS}qOSbp{y{$*#p3JgAb&U2YxxHG*(18fW4oGZ zdUKu#luvBVo%)>|51H^aDBo}h8hm8azkjlov2ym9wa-(HfaWI7<@EzLC&K%`v3z^Q zxp!*Jhkw!JXQuiwa%YYOPs_OS_B~r9ja!la(Ub<$s>`815u;JA;EY@X^DIi7luz$r zSU|;W{wYX1em{61A3;Q5*txs^H8sym>+e6PA_wG*GVW zAIMc`1Pov{%(ozq*ErJ_1S5m$0Y-p&KK!UZ)lmF60yFKEj;DUSs`zubD%g%)IS(YGFQZ z5LQj}V!+#T+B&~;cfm}8=5B@`f=s7Sl+(IgU`-~MZ1s9#!P8J2nH_-yXt$Xek(eY#ajKPV{ypwJ@^z3!SJnkUyv=iHIO z>x8C09r{SaAvZgc{7f|0(EU-Tvvw3dceT5Vu~3L|u8IC*wF-}b5yhS~p^8%aPfW`F zchuM~1Z7*|sk6Vk;4N#b-SMJx#Z=yG(*O5y`WQ=tE$iS8}Y>r7Z zrZDjwFJfmSBlsT*0v1SX>rE<%=(j~kq5*m~yk0m!;U?ZJ8;&P8{BmTzn6O7f%P+|O zwnQ}Hz0W@1os723z3brC13!Ax)A&rQ@~!88@FEx903qOe!=o%)KsS!3oZLg*GPJAS zNhNi5?(2CF2e7s$!V_Z}cPnnJNR=^^@I6ZR`ZkBV!lHc65#=Y* z+4%yo-l2O0ugK{qR3^3~#VFPQX`JyQ?4IMLbJwaHm#cN3hpuhn+#YDSMYHJAn%&H~ zcj6?zqH^5C3i8|sLNQs=R7=9=*%!yqi#o&8*u+&3wPHq_HZL2;)OPPt;~_7xkT?cE zM_{5rKqwd{li5Py)tX{IKtbxq8{_c+s9uBHO66L5LR(`+4O3{}tMvAAQ-ta!U-Nle zmxtPJXX>(aki>ml-Ge1*+gw^^)Jk{E-fct=BHs zBgBXen$|EMx^Am58#-mb_4LQ>A%m2aQIu?mLX#x=e_35GwHn^#Zw@i1q=BWAr7B1t z&HGVk#M^zA|9H+2`p?yE{!Q35l#m^1s|6VLtoLfMaT?;yfX&gw6IHqn40OETj{;Jv zk{}m#bzBri=(tZASOt`cu@1IKLH@y_>~Zk{2?ZFFii)|cRai1oe~*{Y;lg1<56CDX zsm003@NflpcfKdZ8;})~Q$ySZf&6$MGp|3B{%3oQ&3&Z1JXU5!K9Sg8g8Pe>ui!{ypzyZxefm?uI|e#`W)z{--rij7}}Zf5dApDWRDCFB7Y zeygzi_Rq^Qm_;m*N`VLK??#=73v1vrRkI z^|$>v`2o?DQm_O@F}Ai=OKAb7O{S{D^VjTpygUwp(M!gg-1ALu!7GM%*qcMHAAIR1 z%CxbCvy@pb216%y3k`36avARZy4wdmBG>AXGDE@61t*cu)y9w;KmoC$b=%|R_qB$B zFNcJS6^Hi@11G1=eK(GlNs^t9zBg->4oT2pta7_g_lZL6mKE2RBJbv>AWhJw9CpkR za~EXBXB-Nd4|76VXeUIcCx4?$FBQJ{W*+7N#5J*P^Mv1MkK%IVeP*`kA4?U-kKQc7 zK8ICKV!d{lYLXNM^ps|7i$mqU8=cs;&LVRO# z(_cXt*V?eQDjQ3>w;FHFU42~`o?mKel?y?M{C$Mv>Hcue=xMLx;o@+I)N1{BTtK=>mAfdg>oj^ya_6 z?iTs*cp7R{G1AUF@}Vg&rkDmlY&Bde4`UoHEpjPH=D~{k$Lob1whynZQWB_&v>VPi~v2_u`deX@f-^Hzob*Mu$>c#$tebyGet3e;j1IS9`?);K;EAG zQE%8kR%xRNxLOi2<6fCm+R&kZCYI#+?^Ye79rj@hrYRM&m{~l3Elyn>cGE0*W;7X! z^2ZXJH+`~bYi%ni8xUxYCM~2EJKa}`7~7QSB_)zUV_%jjyyjX#UY&RgL&t>}F?MyZ z_vqW6DOj?_gf2W4S6HN zu^+x`3r>{ukdnIt;SR|k*sR6)RpuZrB)S7^cXz38Mq?;c5ozUkxSggn5AUO?GJhyZ z5UDD2G8QLgp%M$kNKoa_uB5cSo!tF}zbKfOWv!#aBt#(OMi?$9s@lxv?bv+odyk6w z;inz+^vmB?Qy1c@H)S-SBG{vuyeC)UhZ(6~>T#PN@M0wT<(;=FEO@R_8pT61RYEm? zimzkh1BjjGzohncf$iNH&K}>CHH|!knfo%qi=Cj$lyDDYo(NX*%WyU6hB%;0cPY_q^7Sd_#{~=^-O?>_j z8{Tg-Gm|CxBf|myzo-CYlRrcrTTI7r+WtdBM{w0|QQ|XHV2RP3!nwwXGekS09%7(^nN6QNIDNgCBcSp-Z#}nPx>hS&!P1mydjz- z!p|^RuJ|pkfDujk%%_jE;m>+rtPih|{?RM7@6AfGERJhIB>6KJGwi1UaEe&{U?o%a z6sA8>M-)^1xqim;`nMcn+f&$RT&{8~SsDF^#b#x{wc-GXjDMrDz(;d+pAep4dFlF_ zz;~#FjY^kb839q%og{GVkZ4DW1a3J%cVmyE4qS4hs82@p!n!P-7FX4kGOy zr_#@MCH`C*ezH8^InMIh-sVEgjc28&cyo(3uh2RwFU<{G1|35UmkJsmCg0XLQ=Gbr z+<8{o)T32sPSxEkbxj^z4w8VgS1IrG%@q!^@9fPdmv#>53wtg`TE-;%^abbVywB{j zUYV24zvx+^|1I=*xE_bm!?UZLvjyJr7J$D@t<9hKGP+tT2!rjHD27%fIL!kRSeHE_K}qe*agBQ@x%1r*)|vHV*nr(=E4Oa>H*f zU^6R^4sQdgkGq|X_YyyRlh5wcdTu|YoY~O7yHDOYlkj1paP(hgGjHx-|K|U7UCUhE zT)MKJ$eaOzrs+44AMPU_H7#02`lO~OBsU2irHmsEjjnkBhDt_F+v=fLAu8pc{$=vz zMz8c}3x;1t{-(j+(gtRob9(f1zjf3AAkGD+qKuX#V5`_4`axYsYZV^D8%WObsULXWfD2mh<4Q?ri?eN zi#KH5ZL2B9p}L;e^kU06pJm)#`9(0cElOaSa-NrY9w2+1IOCPR$pM>R2@@#$ZY1tI zQ^%$K3r?dDS=L2a))W|{HyFcS<38B7eevI$4FC*#{dt;EW8I4F&d}`NdrlImx{9Gj z+WEiYDhJpl!4Mo@Aa-%;j`(*#a47^#C3SJXRUR?!OgI@z2lv@#<=Z3)MU0Z19HBUMKxR&=16^0!Q^T+g;V~oVc8J!iD z9Sn<4sxyzZB(l|5+2hDoXPPVy>sH@FO5{WqOB9|GCEJSU9gr`~cs2Jb-|)AmD`4Ag z$g?cRh$BV~ysy8p!oJ8;XaUMbj|a~Hm29BY=;`{Di+U(=)BWPwKAtj%n?!-7p~ zbJG86iMy|$eu9_0DH6Z@xX(pAG_&O%d}Cnom@3&uJ92D$*0OO=0%+`Hm(Gb)%;_*{ zN3CgYx^G<@2z~HX+<@dJ9!mW2ltcZbQTyoB)n`^s+Ri-DXZD5sz5=NO<_v)#ehcXo zPzeW0HJ+M`&1&@5eYHK;5?9^puhKV>$#L{Ae6>FSZI2%|kxtflh(L>v76m$q!>n7I zDVdDgPDTOi^ok?C07sVi``N}CQ0X}uiHW+Ik*4*}8ihpPDW!1HSqqb*ZmdO~ZrS7J zp|rs%nzqGTuU1i&&4}%tHTco!jTV=iMuS1c<}bBdzNGC6J0icBn2<-dE$U8k70+Ol z&5&-jNu2K1Rm>;ql&Fr+T=qgPozSD{zOSVqJ%;T1unAab14*#mQz`6^mV)Kk7nwCB z;}66pp3!t$jw!Pt3ql+-_hoJ~`!2Lg#v$qz*uvt@RqdYKnyq8-5BC{&qpCc8qZ%iU z3Wz{=-LT{449i5@Nog0)z_5o}Yr8l1t7gC_mB7ks?~(`fuEPYwhoDmUYb(QdGuNPz z?FFxkM@xDKpks`l$6*ZXq{GLw$zV@|hrqTXi2;HyhU^<^LVxX~9h`w2;Mx!T)vxnH#a%ZRv@RuNYWRRS&0L`Jo_+k02pG4rCF z7k4A?CR^IGx8<(a9!`zTY_ADGyrT2`Tafr=JA2o_zG1W@3n;DwPdV3bU(2!7wPQ&3 zZRrgUD5Jw94W@QroBkGTM}w2ELiBEPc9sH41IBy`lE-1B07hR**r z1+bjvnI;je+zumDa2Y3hzEhfXecP{UFUI{WOKYF12zaU?lRw4Lv2{U$G6D8x#j;yuSx#-Y18;VsXO&S4n7t-DZh zIkuO>lUT2%yALXMB(_8)9K;R0W<7M_VY?icB+odZFrLzMHa=MQq7~;zyj`;*N_h~p zME*HwV;D;@#ott4Rsla&6-7PK=@T>>>^j8T3vs{!-^Z0!41Kt9Vh02u3KTESI77@? zPrewIwtg{tbqxx84u)42GjKeG5T?8Cg~R5Iv!Achiz4SP-hm6opuS)-`xfGqprE0j zyQ|jh7z!=9rWb_9$5READeH3Pr>ne@$btvVsj4USY^sPM7a_8h&dFo%lBt=xP-xor zkKRY%dgxa!Y;b%+1fmBNSQWf7pS=69vt<=o!M)}ddku^0q{;BiAv0XbTEQ*AWOBdZ zI&1wx!7Bhy$!o6h8sy>Me}QjgwSj>jpKP3R&TrI@^NDxaIwXG8)rdzDiLz~HQjA2z zj|&koI$VZTVW;xuCO}@6_f&{7KF%1t>*BDLPKtE5?THZ>Eg<@zu}MUioh zA15pIJBp7upq~&v1RowB^*4{Yn3yp?j;Hv*baNtFejJme%(%9V1Do!)!I(u|N?IroD$Jp0iU(9#FMbhy{CZA9ZQ#)JUg=<;Xa%NUxv+zB{$`xugmP z_rcJE&-c0P+F&Rd$Cns`Zvb3@Ij&%MLFV};W@^lzFxHw4zc?iYq<;gE-|BoQ^12U!jN}K|g;XoeYn2 zd5tV-8f>Pey5Brl+n@s0d(4lv^s7|~NHbYhgIyKEms&(~tRpMUCh2O>#KHo&A}94^ zQ>`gRIdQVpT=pJxgD_+%A7fWtySb@ge>g5Qhx@cfng*cZ$NL!TID)0^294+u8lTBb z_mK3A$M3b5I(KzFM<&rMUZg0JU`+6_V_Dr+CIgWcyt8o}a-ogHhCrlFQyXZLFFPT@IJ zND-fDZ0@%1$Bj1@%o|V-1LSqp(+%r6PQipLvnpt#)}mTbVAWZmbZv*CQ%jJ6-TGYW z+!4B(5vBsRIhZ}T(wK!R^~lmhYbXjS0XHZs46{5tAeaDO>aHf)_?q#Q6xeQ;$8=Ny z$yZ&9?*%iT`V=dym^hj3O_pvPF>smli_X@}SyS9z_kNZ0>;B=9k5?&ytsF{cY@D3f zc^*)S`o;=O4Rx2G@{F9HE4vtyrJ&;1X3dN|xJw`vrgqJ05(^)*$QZn1QF`7YzSuZq zitzJNKb^C2HXp0EAGKC4+ZUt|n-|N0bK1OenB~9M9U+w#plx0piG*>gB1I3Vu__>w zRH%5ZfcN0afvr84Ieex1YG=0*i=vOX*)L3#c*C>rt|l`ak=ne%ZZo~3t%8jJao)HB z8T8#}r&>De_gKu?Dcq_GapE%-SZZk)80NgQU1!epD&knvQvHj~%Ad;5?mIRnP5 z-HG4wAT#2S-QK`cr{}V*qkxGRu3ZTR_v|MtDE#5)yMia4Lj32h{*?MXq>qvZ7v%c= zog$cIU&jvA@5VD1o)Mwv!4hc>0EX61j+~mhkwAH zMjP5^&W8))dzZyJH|WV@zy*J;4hE3*4oMIUU^w11es?@Y1^#(J*`1ujWm~@|dJfn`9bn<)(|w6BL3+^9}sz^&}5t?Mb37M>$x_8N=>3jOlU zCKzQ@XkU=vbC{3Er~-b}J6+FrKE76!uCi$9ZV)UKl22AT;FOzJsrFj2da`Pc2}%6+ zwb`*KCrD_v%c4LK{=_v6nso&7!3gNxOn8m3EHzhz$i`X#_t! zzVA3;GG^U%l{!cmDF%C64vS>mL$yKA zp0%4K)s2TU`AzCA%xK?~3lS;ld*`qf z@RQKc{S6uV2EE795kw%K%X$dI9?DekFfR)MMlQ*I;oO#j5s_JBE($pPVq&5b_X-2343>+6xUzJrNUVqBj6~NabkL+WDQP8JZcUW(q zg;Btr#iQ=(Yhq$V=;L`A&ua2KvUjjCs4I}AuA+y=F4uskO~|5_GVtzQng`)&iGI+lzbC&D~P7UxPu=e}Cf15E&Z`-ww( zrqZrdA)OQP;k(XyABQWStT?0Je@oMCooh#)s{Z^Yt=WsSCaf8G8W zM0&j!2?Q9kBErQRpT(*{PR}En86oz0VCdIU&I=Z{-t}1uSkb_AX`^9*-z$J$U98=! zy9x;tdI(7wfzLd9(<4@Ia8?mV_qh-i18)eFtvWLdg>DF$*A8IIf|+AP6kcS15g0fyWFr*}8)A6{F8B-%fZY_o?N-zn^geLRp zm4}2XDgtQi;HyIxR5GlevG3%--u$V$`fPnS+By4Q2E9fZ%jbFvhA>-qq07_?-T+4I zPX$KoyMf-l_7k0;QWEsqzM)W}(u75{fZ(Q~E(h}?!l7Q`~F z&&R8tk9YOit#q)AAVP_O-PzNC-F@+cM*MGp9`Q42n@|D9X7%$*V94)n;4o1B5$6y2 zU8_F{xwRq{z{|QdaJD-WUu~c1D|@C7jGu;Cx6gKD9b&!R+zo6*+oq*#=ARu{2LVW+ zwS3>!k39X*({^cpvog}KEO>6?_l;H(7C|NW4I5r_{`VFS}}`W8$B&qr>Omxyldhhau*%ZspG zeT~6miUB+~4Sdq12;A+_hm_Y1BwC1W-sb&0hUh1F;QVNWO@g6WbKBv6cP2ALm*voA zw8UotdXMPOI)WEOB)=}H#?t3wEg}+s8`cy7Y+xgmiPKFv*`OrYXovLn( zSx>Oxip0C;iU2cPWw*2$as$9GGF%USwb&JZ9zh$%wA&*p^#<1l19Y^nq-N7i=EV-zQRANyW# z7E54_-(en@1yp3VQ;mZYoT-ML5kk;$LmJ1AmT|rRm%x`d0BQH2zw>Wch+L&@7l z-z?@~FKMdTHH>~MXmDent5h{ti##m=X6@s_#?#)`Fxie!4Dwl$em1X**WHZ#R)FnW zID7Ev*)v)l*fVGPYq$X2=QY1SYxc3=HR{H*)8s-vPEviZYOzB3$^~4GT)0NJAvy-t zpA4#&n2c4lgRr>vyg|-2qUA~8?7bx@W06vz_u%oB?gn>LmhuINr95oq`}PLsl_#&R zI4~$|aAae#x@QG!RgsG%kN@K%L_BCu!C$#I~49GleX8)){0X!E!E`#=??TqJSWU|V=p zrd%=`BbM?YrhK7d!eA732w*S~5PbQzyiL!ge>4m(3=5T%4qsfK(~tbozz&{of)X`S ziY0HsoON@s$M#khxv7l9jF5Da*Do*Db!1X3um}lsDoj6#9~W{FLCFz=p1eTBQDCNY2VnAM+--6uwHg`S z21oQOvvGmJd0p(qZyC_;wy# zK|1OV2-Eu(L#8amj-p%ochS+f+UrD2>ri7Jl2KU5bSAUvN=!;Wb|6#d$0Y>SEz-!y zY+vYm2~Q(w08S}_E&v&v4s0U1&5Y_Qy`07YqsE$f7FlBPjQ5dTX$OKr zIy4GvD6P$?>MEg}hJEzxhn!VH*;W%J!Lc0em>Rvvbb}8d$F&DoQ(bD~ABeJ$^gBzQ z;l+$53}3`G@XriL)a|cqX@grztU_2UzVFknjqcvJ?KBjwIx($?qo~9j(W&v}_`Me` zWLvth<*eYeOxJ&1LQt!}yoy4f#n8cbIhg!NqWT0`yP_@)jg-+EOydR*0db4}=lfY{ zZScoOb`Be&=s}gHHxQ5_#tJYp1W~7f@}vRWcNAn_DO37_TBL`$6^fWo5=CtSG1kmQX}pVTu?g&h}0D#QHA9=F9Li4uhrRt$q@FoJYkh)S$;F@p32 znB@{nNSA*dJ1jYCMLFsPS8&Q@QiO@YZMN8~Ofx75{u;mT3R)KC_*ZAnOAWUPvF2X; z$|&}*1WeixOPxtkm6ib5h)z2+(77@F*J6|ppF!xYx@NgUU+NkPXCgL1ZZJFiH`W#T zdd%s@JO-Ar@4f`;C+FHZL-q2GM)@bv1Gs_I-mHc2>Mx}%Sg*K(N%#B2XMZU18A!(r zG)Fy+nPVP+22e1l-DB;3^<-9Lh_=P=x)`zG1yXasDP9`Op@GPw2EX4|(gjiLeM?)W zn=}{7Fr)^&l+sBTm)ohDE?i{147?6rCsR7-G6t(5SWqRX(I%?c=5mU^agSh31IUx# zWUSB`_*IriQI9hc^0lEbpon3xVZubbqeP%^-~ofe!NW%2!RzZ>P9Rp0#QeGxE$-36 zCLF#%F1gRov z?WT!amj{2Y_uaBT{C-=jtM3Mdbh-38Ehm?`p#cctU$$Lm&n`vY(ViMa-~^M+1Y+uMmJAE#Yke;|x`{?ZW&zL9KFVL9C|(^3d34D8N$ z;&VOfrb!!*p-G@Bv+5x#INs%?a5)*th~Bp(jq;13Tdv1}o9ftnTV&rS@v6RCXf0zv z;=U8L7S3Kjt?LseOu(X`N?4LZW=2o~@+%lhETa|;*`x^lV*Fef!m1rYJD1@L4aAK) zzwt}_4cAW@MmvN7R7nUp`@ zF}k3c$uhsLXTbO>OOwMZrDsDe!(rX&L}c&9e`|?~0@W_)osj$Rt&?t^jFld-QSOK> zxF{h@%~S4>ZlvIPDVTHpkRD;T!+GqpCoV10FDOaT4><@3%aN&XP)>Y6pqlBg=`3Bl`EzDCUysDJ0kxi(VBM*sVj_ z+P!%#RQQHIKX?6p{Smqr!E7H2$tP9Cb`Tl@!V)3=v>3k@#}W>#>5G78O~sobh`ZAh zsPRpgrPK*dp;@t1-H$asNxzQrsZY(iTux0WRU54MPGnX0_DCxo^P|q*pj~ha%De1% z2plJM19hUbhK-eUIw#rJ1YeIAR1HU)!>&jSJ0;z`u+W~r)4qs)KkBqe{5#I}U15}F2kPj|-&;fxa$ViTP@$vFK8S8wUOvFX#t zO~yUVppa2OQTGm>U^$IzC48M2&$&J2`uN6n7X7AzOxL9IU?TN#9l7?<8V(Z4-pNP( zCpdwtu%EFe=P*FS))Lx&g#yaRTkRvOva456k#~xJQ5;Hpi`gnS9 za)ucOs@~t+t><8;rU}=7SO_a&kvu?pgGqo=(m}E)>T9PW$^s8i|j+Yo(z?(e9VB_&~u-jv&`<4^11mUoP)aW(HX4X^NE1$jYV^V@F5C`4!QAx=_V( zSo2VXS6xLtOma;a)?5K`i}Ls^HY+eAW!PzR=LzJJXqoy{DCBLu-J&lI1ngh(E%1h9 z#B%k=Hu{HHeDho$MVD#VaUyp_$9R!^NPahSzWh>{EY-Vh2=&t&HX*f7XEM&{ZSuS! zM_QNJpZ1s7-D;Z=-y>EcMK*B?6@FXhL1SNW5Ffuyipb!Yf!VSnz6#O)Q95mp$wzQW zC}B|}DFL$htiY3M9@6N3L;_Lk;gAZ2WS>zOANK+R0!Q(8qH;OaLIKAPOWat!MpWZP zuW0dyY8YE&pgx~wQzn_o|3daCX@S$3BA0DBJd~cnu*q_!=8zOd!F2$dTPerd@;no3 zi^f`3&dl#x+jzb2Z?6V6J+Y)|l-C;2l((N&ue>J)c6QE+*W~l#TaJ~-j5_oWkDfj& z!rjpj+aIq2_wF^`&A^fnuHLbMNHcFsS=+r~3!8>ujM8w2Al}`_$R-i|%*@9oUV%2d zDl}9}IR3W^$@XbgHiIC%^lkfQ(4C)hM6HX*{_z8nTKFgse`ipP`12}3EPN00@xD7#(I z$@XbS)f8hiX&j&ofxRCW4SY=-Y|w#~HTlvb4Z(UEnn($jb6E78gNu;Wxwq3;8`W%8 z+znC`mK z??oua^h0$VEAuO?*eqyKm#q}9nHJ}U0~enr1g&$91kr&kUNo45=v*ZQ*dEWE5CSuD zS_I5olU51bO*;uDOv``_f`VyrMhor`+fRDmEXB=shhe%@sKapC@@FIbFKD4s*!@Zv z%{aOo;4K5_W_&zG4ZYkd+6ZU7p;J|shy3^2PZBope8_W9#$ePTt5-F@qWu?0R!nq5oLF_+WiX|8$~xZs^Td zdIh&P+j7$5r9F-dP$7g}R0#S*?L>%uVSpRsv;CxU_}-HAN3hN}7nHPNCi59)pZG=1 zD7;o)t-+VXE>Lg`Q1=Ot3Kn<_SFa;!+|>sFqukax!Q*Yjs3%mEmXG<$H}|)ai2fbvmN1 z#2yLJZsOMSBBVS!f>+lF7Zs-BZ44nX$F`hUtr-NwYrSeOyuZ^m#=dGjQ4G+=?ArA9 z%dR&)xhC%XjlB$vz36IQpSJ3|G;qxB{2ef9DY|sgI2Y;X&}iJ#8-!V}c#ye_z`y*? z$)1RXXrwxTz-`UEDZVR@VAn>7R$oaIRzy%=&`o^5JxXM;Rk*f zENc+G__6zb3?VZN9`ZY?f>X%|LDeuhQB96j9^5L2E$dbeLRNu)jI<1F)m_VflC`}#~&%{ zmuNZmmVX8*amZrMi)0tvO&j2wDl=M;_bBu$+8zJ*lAh?ShPg>8XQakWgP!j_jkEIw zi}egbJ;xtPBCU(M8hpY^oIDoN)b3^mf)v%cN9H-Lre392EVy)oVAJ1oGcC9bfnKH0 z+SAW#)RdS`^>N%do;OPdCVqC1b36XgULEg6qkL~F%ZkWlXu1_XRuuq5nB5O>X^w8- z5-@N?pR#EMOI13;sxH*1q^t8hVM2c>*{Hf4Xyr;B(!T1_L2D_L4>pl((p06?2lWt^ zY*px+ykUg!`oNjp;(N;%J+{=p(*N^^)77rvqS@89z?YvJUYARng1jHweV;Zf?^=Go zJ$F2xT_ipR?6ckbu8kjo$kkRpfd>sh`06`DbwX~Jlve8`!PpNg#g(63pTkFDT&zag zg{CvP0$#q!7j&9M7&J#U^z6YH`fe^bg-hb4X`R4@l=rzhb_idHVi4bp-F>13$MZE2 zHHKB#BHAdrm{SNXLWi7c*)Yp5zjgYoQ!pg~6?%N@EWdm=`!U&pwr@;R%-0r~q}xZ` zg0pGV_GvXXeIUN{ig}k25CJ#Sd_t|wLRtv-tsY3rUbnWySbYE#p$Lxf*mxx)2gmcC zL0jXFTiQJpLxDXg&Iu2hzR&IrEEOJMPf?6*J%>6P$OD;yj9%KdPa|eJVYe~#m&De9 z_)(z}s4ya9C>}tH7y|!VL69zNP~ESHo$^-%kIPir3*=v?}>vdS0vh+W+v%z3`y{QEGgesc(1+rX_;xd@5}dbXKp6V3`U1n zG;XiN1kObikAjC9Sa^$AloNLU^4 zrBCFRfG+P(2bC=?blEq(vT7h!9A+r(qHx_(-Zz8vN^v!QO$rQQ1%wcZWd7Q%aA2EH z{wNIt{J@JDfK!qn3OFWDfvMbNNi3oaoI8?G*YN@uDLqNShsul>dz#|K+C;R)TOrT} zGRNnk0F#^SAq&|Bp@B_^Xc@XS5!5S;fGx(?IT1Lvo2fpCW}#(zU+-RsS@j+wOUdY{ zQJTn_^tw{;BbLGM_Q?m!6~QBZ3bM$dG?8D}4Ad`w`602JL%$UMO*c7XkQQ0iESbtn zs6>pfOLSQ$VCC`qjx-uWt{U%F@Uf%Ds|sYgUq|H0m$VmVglq-QySSpc5fV^J;3rLy zp{nN~ZwcX<*o9j)X`t1FSm<1zz6&dJMbHQmwLs7~jpE6&VcAf>Dw+kqCMfU`g+_Ac z!oK(l3jv{w_WR}r!OsE;a0ny?-`n(_KuD^ja9h`4KeY#&n6HG^%R8-HUIq?p`lmDA zS;mNrwqw{6F!uUh?~+U%gU8#OTYQGxSwoQq_Y?Q zBYsiDSN3g!upZNjss{3w0&!+!p^QJqU7yZ_7N#yX)S9jTOaPG0)BLp5PP||3D-){^X645n+*fmY~L>&&roY) z0~Mi=u>0}vXTkIxz4%QZWQZaZaQGsC6f49r`2S(-t>d!jzJ6gZQbIsVN;;)Oy1S7s zN$Ku}p}SLBy1S%BKvGfxNfD$&y5S7q{fp;)-t#$sT*I2#d$09fx%VXY5E3JK{Mw|Y zl;u!kfeA_z=d)!eJi=*#(?2_QBSXtAN~IA)m6&bTy2a0!dnE-1wbCbq01Z6g*MW^Rqog#s$Wd*0Zm>QML% zb~PnAiD-JuHIDC=rg(|uoQm`oS1-M`OXZPyH*2K%nXwKxYzzukep_87x^6E*@BXy= z^ZhBBp*zIc3JS6+YJq^ZSRL5kAT8kbG-P_u9>xM^v=|sa7;j+Zh<4GoENd$tl+8v_ zcad&h9ez2~ex%@?YS&nyv>3+8YO4OyCFtg+B&^AXg+cD_DofjRXR&TW$lY8Ih@#Xr^Hq!srB@bQzuTKgKVw&q`|&-iCJBhmc&f-`EJ;mY9Ql+Yc<}w3**7## zDctf9a>$vCrKxp_ho2U}CvmC8>pLL{$1xd8QFl412cpZm$`NqPm>sEnyFzY{QdRCc zV#WMwy8@}xh*5_|T%S$zI|tuX|0(hi1C#MA&=8#jxa35judO5Ku*aZM$vu8dxg<@l zGT_hfJB;FF%DdG7SCZ%Z!d?dqKF)g6a4l&RM-YgV5t`dlYT8efgw^@PJE8X@>XZ{& z`Pws1_~tCd^TnUlgOjukwD3kVkB-~Vu?OWTS$&s=YULU+Ygnn9m1q4-jeiifYY}T9 z6vPLmwQ_v`H2GAZaPZxj4!_vqy3GkDFu4@k;{=5$ifX2Yn&kThE;3u>9llxo zmk~DkJf=ADxM;Rl7-lL#0pbQwQ7q{NifPDHJf;qufUs1K(Hn;%GlD+G7oqCHC9Avd zFQy@1w{p;b&d9#;dpCi6l1CfcI8N@7Su()O@(KxK9Agu^CRM>Ek)}4U_7%Yf0>+pl zA;&9`9|J}%D#^xkintHDY8@L+3hhc%VTY=LTt%3UilEcJi%>kVy} z7zX?dbAnMw+j&}!2=De8=8qBk+`3f4?or0TiTfKRYTU$m8uYgDGT7XtH?Q1T*LwLs z+#BqVnk}TtnhinM6c1kE{nIQ-i9h)R{zd<=K+0lEU9?)4Md78UNko?3!$erz_zpEL zO`X(++lnGo=TQvv^L09J6_Ldp@Gm3}KvJ2$m41d~F+q6O?M3JlGi6Oev{YRT7gHYn zNA8xVjwDK(qf+~()il85eTDf+ZF6g z9K_q0zHv%tl-9R0b=9M*|E-zQ4U?fOum2-)%wUk1t=@F3byr@f7@@JI317V`!i%_< z5#Z_dmqaCL+=6)-Mk=NCn$6l%ruR*G`eX4*6#H~FGSAt|p=ro#7v_EV;`-j2TV3a67$w)e`M8Ip+5J~xPAQ6qpURnv;XXzenfGVp(HxXLr zS7AFX(vTo9Jvf4EeDI!)#Y>##Y~t*)@8=G=FaWQ`WF}QI@j5;G@YB8OqK$Jus`iO` z7r7Mnb4Oka<=Y{Uez$3VdCczpML$dG9w!lq^Ou+Yw&fqu(q9Wv$UsVQZki_izoNl{grmy?=jlAy4vqK;h6PNwW9_L`+rUraZ zkXR;-d1c^#poMMQ+4-mU>R|TuPC;U2q|zRRdp)mDv;HU0guqUZ&33iHOG%QbUCOg< zbCq>yf-2C2QJ*QyuH(9c<;YzxcRO+&!cHPX#qd;xC#Z)$?>whMJL^zVAbX3e)0}d= zGY+emf&@oLqk7mU&*Zt3pYsKL{+M^liZrn#e16)y%Ls6?{foNj*Tic6jd1uowX`;8$Hkdp(Epq#Tb`Z7WU!xde?(+m0276faDa8Wb5$eOR!u zp}>20?E@!1i7qUOyElmgJ_KnjZvTOkO|UW{xLuDpsK2Bxe3gF1+H1a%NJ8H2oTe^3 zk?yN_msSe{@_YQ>hG#`@X)(6cQYAA!itxnSsOGyzGTt%jP)}c71XrHrB`OZKe{-=t zT{*Zp|LqTvkyd4Vrs%Z(#)f$Btps-rb=Kvb+_6Aidj<(K;!bbF%=ptMPw*)orW2?S z9^jI~W|j%_%Yn8~v#&q2cTTP(nNK@%&sYnpb+W4Ck_X4iZDkT>6R}DT3y%I4;7RPNdsC%|$<7;O&cc;Ia1OS3!yc^ZJ zleL2@f%XOK#;O`C2W9o4-a?&K?N({891oya{2*25IHsUEvi#`5jd+|{_j_mvtzpAUL`%rcH$DyV?1F`w8xi(3nh%GDA?;y*n)AnH{PN>?ZAkrHtL%Kxc~K`$ zQ7I>LStT`t&#RV9Y$_EEsgmYb(Zz37*Hy(UUoDOgs)}J`zEyq8-BD#>D>2zB<<8l< zt~&R-9MxWVF#Q*Ww^_)VFH)iGiNB^PM|aza>`GnRn8B@Sb_&@-4Tu zSqfJ@$%31DEL<)LoFNIyFOnRLwJ4&7X-=127I$4q=y5dY8Z`KW*fE47;7d)_uqS>* zCp)AuV%41FnWzYIk1#=xh%l8bzQDJtiN$VicS9wS338EIa*4zISV>8S;mZ`S@{$#p zm+KL?(v+{so_3k zQ(&NVqP)6UAAqN39#5hfPv)*9NlwoAWqR3m@5at09Nq#`G68uYo?swBn3P1985^Z< zJ0we)_f4K)n$e?|&=C&8?JYS8Ltgckgy%~I8%ag4N|D5&RlTnaUa=3h01OA=qk{jl z0jCgbFjL9^(j@=IgjrVyS)p4XuA%oL(8ej^`81$e zv{wEf<_T3F=I<5ma{kK=N;OdT8O&mfbS6Ead6`!(489sW|tC^8XEOT(j+96JP+( zp->8cK*3%{l#P6<+bKqchJ+?umx%xq1c~+m#O?`$?t>g9{zXs;uiO!Dy26Xp*2>e0 zgcB@q22;+`Iap5K6vifnA8YwvJMq^mBnm$BLl1RFh}E3qVSVi@O_Rj(>bJ_PVil#5 zTqU`JFR{o?UWE`DG$MAvOqj~g7OCukRBvvzQ4q)8HNX2nESfN3`axFY5A&RshE1Tw z2b!6utcYio`V2TNW{~7-YEjiRha!5-qxBp$4h-1Q0w=c8d4UFKV0$SB%Ou-%sQ=|33cInu{NaJa} zEt&@txPhFz0tPt~O-ST`Kb5^XbezTzR@E{&( zrOUf4@^=Z$kWu;o%sfg2(H_rl6c8Gt{E~(-9vW(*o@OxpL4 z`o)+EUN(;odgvSlq@-t0TRE~e)!)!A1*ZFeONkzhfK1JiiCw{bi)bf@TsY78Rtx^f|r~u9bi^k)lC+q2z4eJTnOzf&!;Ri!xcq=jC^80#BYi zxx0JV^wj0o4S}~SgHYiE5uZFkr%8A|fR{qV01XRdsOZ?HGhupX*WdYG6MmBaOf0P= zSC)HfTzdN5w2w1P^;7CD+d$#XnGW<9$y792X|JdQzOxkqPj^?Eh@VNc^hOQBoRNy3 zXek{Pchxtpn!b{Y`LWjznv>9W2&-3)FI?WV{?;sg;r(+S#`n!87B`OLThTZZcwMEJ zgJe}dfg$@ zC2{m@PLdV!TdD6uo16x`P()} zoOD;>HwRN;!RWLM+o921y4-S+mI?q9IZG_O6A_U45JGAzgD}cN_p7VW7Dk4fX^x?R zGt4W@GI)2$0$*~?i9DX(sn`4oI-8vE2a;0A4rA#o+oMMaAuhPk)5O? z(F|YFzvBHaW$d&AlZi=eFMj=0*!mAmjuQ{Jh5a2RT7cw*6P^W|?_wVLqm9 zi+*x>OBp>Bhocz*nNmLNBvz}9D%JnxAuPU$=;|LBHuPb71VUInNq*`lEV3BjoO zOJG+w`m&QpkE^0cdGtVJ+I$xvQm7hD=pH44%{K?y^_x1cZf)&2_fQ$}9BsXdmKI*T z(nG}ks?;$#(Mj<7cJWLF({*nD#>P``e9tn?VHWF{IL9wA7#&Z_j4lU|dIn4RtKPqD zW>9ruwt3`L+J0J640@W38A*<)a7kb?x|Wm~eNI#$3xYL8;`CTEk>2)}Q+S_^WeQH& z#-f(m_%l>CH9X_v%hNX6D5Z0XW82S`d@383M`BTpAAb@FZ_Xr!gil!6tj=XX;uHyE zg99;P8^=Onlz(0@kAt6KXr>gUI^EGw&c&dXH2V^-);LDC^6||VE{ZN}&1x;rKUN47 zUEKwNt2D5wjG8olb%q4R6KSGIB51QrIb#gQUoPR2=4&O6_}&a^y52Z0PKkeer!}%O zXW68kGvS!HSZHD>qI4FRTP=?&3va;k`HI~C_+sqI1TWI9Et19x zRVXP3`?I`?`;ufx#|dC0rjjyYSQ5suNa*_s`U{4CLifXhvV>uOYV_3Vd4D?UJ7;xQ zMW?2Zdb({P*b&FOD-&(N^0`> z3RQF{eKxt>xh|-k@0o7BYt06RCq{TZ$E1)aYYxsxAqj~)!)z<5=INJ7z$)%zyByOy zTXcRjMh6O-i5K}u@bx6$@5RByKPAWNk57JzYN%!9ROxp6Ob1RqQQSp4@b))2b3nke*o%p0utP9L?e<|QQ{K8WO51jko;cp?eO)bG2?1_mKrPC*tReY_V4^Hi-o=gNE*3yRVHoj!Z)V+2wgsK^Za^el>J^0#md&(HY=ZS&S6X!MM zM&5=hA}r!q{ldf#{x*;2d{^eMEwJ8Br|TjLVHee2?n?!gK_s^&El`|W->(7JJ96zm zpbo?Lt{La(f+Gbh%*(fwLk?&hM5WGwYJsN1Y*m0Uw=W=FR$%WpVhbY;oQU9 zJ=Xt7bgN&*kj#|Bv{DIQP7%w4?@o@kcfp>h6#G7eJt?jL3V%?-EG_KKjI0pTJakkF zIa?ELMe)MN`ke4UL50^4G2m0->n<3`jJ1eh$4AxL!(0>8XSu6&?tkVKzXhRFe&LqrP-B^AXNwGS!0 z43i4EUetOy$C1*~uDPJ3EQ*^;py*dDszOrwj7?2vvLYeh`RksmTtxJKRcm3AwS>+A z+s%G3`^k&sjFZz)_5?**B2eHEE3j z5@th+=|m+pQqRFep~8L?#XV1BieHcA`HF2(B*;SiZzge&69z9? zxHMsCT(cxU0GY|zWVIY7l8n5)QLo?%cPz;X&bMcN(#io}4rjnItlpS5&QfI1hl_jI zAnB2dA)(3DYXA3}7~EyW&M`uatimxtH!WjgUfGw~8B@OYfpUB5%c?CzggR0o@RGy) zQNbZ`OuSYU4!>o%q$bp#m9sorQ*eu)SuCEEGA4YmU_wxh6Q1$XisG_mncN^@$-}^O zVRWb>83j4_JwS^41i{puA(cX#E}L`^?RO}mC`B%!BKVXI;!$pB*xl!2 zlZ1786ME2q!>k~h7!Wi84}(xs=vxY@*}pmze~Pu<3$`&t^FdG zTvxI4>@}`?q*ml?BzI&>q(|gsBwS>0qRq#=XkZ$hT+54^E9#tJl`DkC;NtwsD*nMhpbt6fU6 zD~~d-P1*RsrW{>@M>ifX_13eip@RDO;k&CR+L+`Mbty| zQWQ=!SX5l}izuaNp{R-InkcqtvZ$KqlqkDsqo|AMsc52MPitu!hbjrTPqCd|RewK! zCcxx%Nz3nfepKGiQ(~t~}tC9bmc&RXCy)fTlhqT^UAvx)Ta-)*b80=i( zj<%iK>kw(GUQGFsJ|jLd!!G}yo&vq-^_4>5$fW@F&>$101kKcklV~EOJ905NPyQ(5 z+lsEB*b$|-A&KwP)$}7?tWA;zn$lGHO#>;agYaE28Zxzrq3ku(R{h%IJmObqn+eul z-)m*6lcWbmg!NT&8AJqBSanGa6$iMS2&N~)(?j=!M;C~_X||WCWR&yAthT@e%T6xz?ZB#MoF0)Zj&6h<-yojS7HT?G+Yf4YXO)D zmE0AdszI2G{GuUh@jr1-%b(#cq5pXPV=44DfjXDPD_P0VtT?#8%|iTi1yP#x9pZM^ z0BrvEQLI?o-!>4~Tu)^Urr$Ge`v*o?Bl?=K&puig_xR1ky`82Bz|eS$s@i_FeL^Pn zG2j7?yF0-L)F2zuxz7iDE?JiA3 z?+|Lc6Ad~XG;4-+ z8YnJj7n8^hKXF0gSsDUKOHyiR$x51F_X#As@ZyZ-YpO)qJx4idgfa%zFgFsGcn--= zUKM7K^;R1ps{*!SEuVFgz{Eqn&=?{aSinpP&I?>0w_{*qK0i}>Q{VgWa*W_3D z%%sZ+GCb_03EYBeFE2Qq=@h}+yg}^q6O`nN=+xP-Sbhg72s6HWA@kW|C~Sl6cR9wz zIW_-E{Z*tH>NY*dc4FlB&&$y%y(e`ezgVFWquX`0eLzoc5k7d5VhtJ^Sgk%|Cp<+l zwRV`Y8rsPm$5iw+3#JxjlfWba?~Iaak!X>HKetA+e!h!F5vufe<H$tk#s-lwm|Q8gJ*j9`tPk;BzOYGG@k@8bwC614&yN@z5; z`F@Dk4Nd?|b6AiIhSXdNk#1w7yUMJsZMT-s5=qLKysxYu4E?5;!I&ItfH6r^xdMaJ zh*Yw|sbr5Pp_~Bi_;Hg`rVou2jG7&mB{8$7j?ozSQai_}TEe+q_cDe_t(=P-V%g)8 z;|GP-*0;G=ZP&B6B6{>6_o?3SZ6u7CVD4DSiO1I``>R>-;7j%+qkCVP41pq`aP6`4 zlatIWw8M6-Twr#sK2E&X6sNU^E^C}ErL4=Jajm9qUVcMUKIpqDh)8Ul!j`(L1AGEs z#&XyegNDtM9>AomYunp`f|Mr|9S8wFW-`yIVDqOAs5dKFo{?Z_(i=cYHP@ktI( z*}C}pf^O=8??wtTw&pUpR0#2Y89F0PWLWPZzY~xX-zF!%ENWrE)+!<2tW340jS;ob z2(xPaO)f_2T<)}#@V$fIe94t+fY|n}-dW=&e(mW9wMpocFh6oZC1Ouvcw$_lSOQ5% zK8zBi#E(r-i+CYX!(5$6>WbKQUO&x+yA8K4(?v06$JTd zOu-n>d%|Yw1P*Oqlw7wTxNCta3h`N}4Cyaw8?V}kNZoFgN+s%b_EHscoS#y#KC4gr;EXDX*?>Sd1WGdF4 zbjdFn$+`ihI3IR>V52v=Mu5zzSoDk|;dpI}8HKYAcA{%@QGYJSpJyO6jU2vYRiy)J zwKY#vX(N3ufz+<|<(q{*n$6i>g3g7dCMg0)4K$pu-|@%|aU(Hg1`0Me7PISl$^t2b z3h+L-I$CGU=JmYTxpBR_UI7*_kJ=?B^O|(8r|W=@kJnYMgANx0D`U2IH@|)p-ML-% zW#74-IuM-STxPT1RUAv$ZlZ!8ZU(>k9L?{s4HTX3G`Zg1+-30s2XjY&Zhv}blEi-J z)tvKn-!zfkMeF40M#WHe+ed=C=__STVBK};cKT|+<7STj^h~>ap4a2*bPT>vL?Jqa zpO?_XgZFs+V63lCB%1)$8{GMEFt*+&q6hA{^B#Xc7@O`BSps)Fd5;$k#?Jag1PD-X z+<1>C55`9OL^{D8aLlvV^Mm0qX&_iCM+*~=Gltti0hVxEtboqBz` z&Jc1f?JsyZ&7p3CESy3c)Kpa4)FEJRg3j3eDW9`IIlmD<%dpZ^$XFlttk`9bkh5zT zf5X`EpFVF&vyL{>Duv3u%87NC{DmLh%M8lasK9)RNxn;+=W>Sw<6!-jz201$OVuC; z_N>lkk&U(yT<;@~fY>OPm}QI!{mPeCkZ;Cx_Sqi+Lxv9tHAOzr+1J zmgJrjahh?AVKCpIZ=J|;@7wgD!dj=?%?G$R9!_d+_)J?a+-GVLDXR+@ZP>KeSuQ|QER_bd-|sJM8W^E z`*LT|z^5ZX+}nlm2ct>oqU%_d>sVPlpO4qwSisd8`dSwwRngwkwq6SzG*L$X@-5c! zPfCHsPB<;sv-5_68)>hno5s>@P14N) z*12gTfK}TJU={Ga{(61+yY;N>aM=dCp;ggU?tDP_s`Ub;*0m1zmm9~DP}Tn0RS4ny z*OZi%u7&GDAZadv*6U`~;0}M~ge?3jTfNObRz2Hv2fleYa2>w+GsA$fpPf%E?G9Wj zL+5T5k@1+z`|YZQBE})7E1ApXU-HvI=NAU`RstR3lg>geJ~;GC!%Wj>K}X#iIz7ma z^s5&JHnyKv8iYu-)54HIreSRx+qp4_%wvsFD=AN%kvUCfNJ`duijod=TeUql7tL4_-iDSy-!prKf z!Y$f>vMX(>E4)=*?A{dHzS_hBq?Inp$@P;9=EOoWHp)H8juC==lF=0KS-Az83CUu>7on$(2bseP+DdZDP~%Ja8dR?D2!qYzynuD&zv ztv~`V;5^wjCk23qM?;;OirkwL_E2VwQ}6ppkSt^>yPASv=IHWU9k=#mK`qjQoLuD> zGXL@!0cB}TOrDKDz~K7Yiu9l^*yjN{MTP5&zr$s;_8I=Fo^sBGySW$N(i#hj%6fiJ z0yrNzxP=~l-Uz|H)RVZ`Z5ER+Jr zxYB$qqC&u_yJT1h49axKH@B9s++V?%?s)YAjQOu@Ch!bfglY}P_)#aYIBG`EGUgC= z58&2=FEa|}__kdr6?TsJc3n&|iWexqtqaXfTMBy<))T>>aHVq;F4lUczsZK*9Ys2E z@8{-0LAO(8v%^rb19H6y*#uH%O!Joug|2vuM@8l??B8VPMWi#_)nb}WgU8H#I_BnU z?)uPDzT!|T)DLvmW_}M)c5=XocgWp65z?{=*R{c`+&y*|W91-uO*NbSV#~4K5o5v; zWc_X3Y=bg?L-d~W_=KF~WLTqnY;k&SNqVq1&qDXc7C=e9EqZk%yuH4$O-a53b~N*e z9@(q?8Z{g;J}cMVlL@r{y2K4@rAccwpZR#?4(<%J(#*CZZ1RksI!i#=hQrz7sqGz~ zgrV39qbq=x`nJAtKuLah&#L{o&LZ3OJor`QX?)3bx$$*5$&IkaX;Y1s$#tyE#lZY5 zz$_d7>*)Bloa9c}sXM6nTzc$0#_rJveu+*Fk}j&*b)imF@jecc0jk+Gp)}j@EL*(2 zy<_j^a!Y|K*=B&Q*$sj9QlL{d$ftrM_aHsEmj}pP@qm`U zC=nPxJ;CGO2Q78QL2`4?+Z%|6vlB*qQ$HGTNkIQIknID==Y}6g?q{IN2eWkefloBE zpUiPOCix=y?SzHjfa=vRhRWLsE8P#7!XHPH?>@=w92r2CmwXm}x*l{%u=|rOa_Qno z`p6OY%l>hr?*=^5VLYF zWP2U`MqkJWf$5JxHOh)Bzry92B-Vq$`!Ab8&~ZeV)<@CU_gR8 z{zo%A>S4fZ5Y*{?;JnFRx&0TJM}%;1gom1u(#i;-2FCwd6RdRqgZiuYy}pmJ@eg(0 zHpUG`=?Un-M>~)02Rsh`uOY`5|H63b1$y|=THYOC42s<+>q9mI_vC%_MEO+T+XXBx z(f_6tuqwd(&r*MM9at#9+VK}97|Yp=v-eqY$ae29qLAZeF@c%;14ps^O&jp|54c$b z^g4=oys~~gHe59Ku17S2F|)XzdmrZ7Y+fB^B9CZzt#XM#7iu2|JbOq-O@aU5@?T_1 zH523oF!m5YV15Y9{O=?v@;>lpa*3?|+8p#m@V{c_|4RX=#8;%BuH}6DQ5&yye0PSP z95q35Zvu9oEy0IQjb7kGLJoM^`G=Pf`a3X*nE+a1j}Eh;C8Yii943JEeg`a8B%l=+ z^*|0O+{_RP;9+WdJh~?2Q~i&L?kmQlvHow=|A3$OFGc=Mt+*nxAA2c+skG&It^1%} zI{ZZ!cBgiA&U(asx`6?Bh6LJNzRL6Ou=OB*0QB-b(siM1fk!0&C2MRQ3`h2dG~YPu z`p22y*3Z8NJmb?-c?cfR{r7ffP>=xqM+EP!;{|$R{74L}OGZ9>2N$_7!JfeVq=3)I zuUDT3q5*T?Bd>2g!sQ{u?;G}rcK+7U9s4_diL3jncAp9^53>Jn)P1aWD?R>K z3jM#D??cWrg_ae9m%_seLA>7(0DrSI?*Yj}X8sTAzRK_Xzd-so^#3<-57?gFPXPDW z{}*tifcuQ70LlRk-(^?yec* z{yFc}_^o+gBl<{u?81EP9+wkq>)?F;I60?gr)b@59qo$kn38g4t6@)PRg1vpJ12+RE^2OeI_3;Od!73~|lMQu2s z+s#?G*F9VC(Z=&i=i8VrvD~SY!}S8vx?RIqk$Kv8CRA1XcCQ3WDO`$6M@~zPmk!eM ztaLLzeH0WcDOrp}H^;Y)#fjHU%#k6}dapO_xuJ3QIV-})kKLK0lC`9NM#0^vF=q{t zwy27+*#I;4-EOjZa;4r<7fLHK6^zau-^gg7=B9Yg+L8KymdGh9Phc`_v$)W~#bT13 zgiE^3Fr@Y~Oy+)z_Y7x2uzO*TLu_^$IZ#`!NfGBjD#QZ;MY{pOBou02^Rg z!}&bwPsR7AF$Gf>V{T~4#Sx0AdHmwgk-<1oOnC3uy3E4Ik@L93ks_0EDwwq1)pwai zjHBf7iMztlG##IX@)940_G6IlI-Jqw%>9?vJWAc5PCD+dL+_b-g4v~g^l%Zz$XjZs)@KUkgk0C=PpQi^IdOJQlD56_k*5umK2 z@+YJX3n%o7UoMkB->}w`&PA8(`Owrlqg!-VdGRwXrt$(A!j%q!3O=41==6Ul4Dl)XCrrxA%_H%jQq$Y{8^f@Gp!f}c+RfQh3aWfffur9;ys ztz{8y(JYUvqmeQ+ZFx-|M)xDfeYdP|D7c_@dNNhfgtLU_( zd#b^{b(i24a282k7Oy0@rL6SwEm=TkT(H`puqJ&KRrHrivRpieJHhwwMXE8lrpa!jjKb04Uj60DWDUrP29uXnu=tA`$EWCi(}V5!kG|9#*=ejig^aUHFGb=8x&F%c?WdOI4#z%*V@iv63P;?*?cz45yVG2 zD{sUVdvy_6QQwpw=y-SMj8SeZGJ~nDY(=jz)P$0Jl-#2!v#2!l%5A7`D!d8Gs=}SN zXDYag!C373k939nmZ}d^i~%F4-IVFfKR>z>A_w=pjta%NCjUpzfZ5p&+duDx;19;2W4QcRSF(=BmIF+2_dcUwi@n zQox@&_!Efrj66m-gh3VhQ)j5{h8bvL{d#U4)%dG_Jgw~?RQyqF|0&*~f!qSN;HDD+VtlDDN1_`yk>GGC)iivda zG~WpdTAn7T0VvE6KB&xPk}00m zS&n~n|M1z!MS_WEK$8qY9F-O~Uxq3g3o0v)RNepyScxw5&w5$W78m2>y8`+MSrL(l zSo6+%ieAfqh61%2dW@4vOJ)Z`tQIB(zAxQBY~Hl|4s!Gqkv4SQWD1_exo4;JOXCtG|MRk!75LG##tXtY^H(P4A_w16{>veyOwbbU^bh3tBV4e8T3?LswByS z*=Zjd*GBS`A|87Mb)}p+LY@H)DP!1hE2MCyL0x7Bu{}S_nQ$J2V!@>-Ft;A1{^yar z2UR}n*Mlh52+Cq=zViRm`9GULfRDhj;2yOL>RNmRTKyOQzng)3?H}8l>y%IbyWCeTh75`u;-4X+7vxrQwB7xf!;{AUBLT0i!S+;QQUb|SDS)Hs zu<_b+ptDKR1(E;10~+H>;>tA2JRf^*eCApl6bR*N@hA;le70I>C!ZyqJx$R69$!iv@XqbO_mDwY08maV}P_H;d9vbcOpHr+qlj>WQIcf7jV1+pF;s0k^e$1M{jnB0XKBo>@ei-ZGR+7 zW)z-q@-wY0#jLz@I4C?3q|{pVo%A5bpm(?^oPWcQH%>Ms!ez1jKFf|b9M=;Lh(^5KH0O&C!*2dI=|PP_j~C{_25!H3aAMGV z;BFrfNc;-C)Ii;kw0t|>xb^&{x#|^KwTCQ50|s7=hl=uRyjqX9eHJUvRm&t?cGjPt z)Dh0wzsnde7c&eA!-)DLl~I<-J|o z&MsfwTYUV)lVclhN6o+qc`<#JLBEq@%BEj3DJGrmOBQ`UGy*M_q}Y5>vm;N^))< zT5&ql7#+dP%8b&@epx?#6aw5FPKI<^Cr9kFI|5>7CVA6!3rTM72Zuk0)Ym6%JG1w1 z=X%ola+-eymdh=)0xqU?oO<$|OfPqS|K8}No#PtjinO|88c!2|GrhP0|H=2C+oPf@ z+oBSggK9$%FCo-z9K zOe@%KG2Q)683i~v5a*ts>h?}sTsj#D#AiWhk4`7?9pC~ zj4x&o@|=yRJ*$bV|2TE;`8Vg9D$I2g>&ww?uj9+MySC3r4m#NZ_DuymEoPTf8}$Ne zS5z=~Ht#9Fz+{2{jdBFitkRT$BGjN-p1{_ui9fLF;=-kUB5M=Rb7RC2w+nuQzLx0j zV$YTJT%hyre0ej)?HcIQL1F2t!eXvw&&4Tcz>$o;#8 zwta6hxVO92@^$WzLPRe1x=4kHM@l9;^~cG}5D}o|+I)kKdohrqdF026VueX*^elIv z81p3d0{F%*kYL9L1*LVH?8HIh$-uqtbUiVsi&2R=C+0L4)w$FZjl&}4zYUcTq5}n-% z)mEtM_Hya&8Inn?knngDd&`tSdl|EK*^QxszKz3gPLCX2M1A~4s~R>Qyi?si_tZ)M zFdLrEe-4cB@5jnUJp(YmsArZcxiRhyg*4GyYm*GlObj6vu0|+OlUwJF6{8*CoiB%~kQXQh8I8f9SxET9*28#9V9feBWDldfhE{_aM%57ti=>&rG@a z55JzwAu^(BAzJ$n)lL@X#?}^$wyd7u3x}gc7vK=@LXEqlQ++%GNc#I-epte7yyhkO z#Q%xcEZX7g;@lyU_IB`5Vh~cJSD$%FlRo-~^~TGe6LjI1EUH6~L`->hczRZ?>Yaty zhdiv>m-Q3U4{x_bB-D35ESZ^Ug-U%NHqG6hlMJG-i9Qjs%#mw3_V20VWi_s|bYnAL zd<=+wGb_`5D-W00yNKmy_B?YhPwb_cE}9&e+B5asQTZV0=sOdoS84w8Ea%JVBl(sg zT2GVMP5xd(cH=raqHN!y=XSZ329!5^sucI?)Rpw$9F@uS-m!vZ2Q7yc26tzdINIuk z6lTh0gdN5A$p_a`>c=Ck%2;qEre_UP8 zc)$KSeu5?9$7Ln%&cf$)ouFu* zH)LReeYiA*bFIf5K!H5iaaZ%f`b1Zx9 zap_q=@m4&<8i&3@wKO^S3!nd)%6@-Ge{*Zz30u;$S>yMu^_!g^QE6G}le#_vdFjR~ z1R2C;2NR!Pk*HYTQn<~E$(#s$9&<2H(=*;arX5NQA9%H|l+vF%#&&a_Cn}I`LehV} z0;6*X46Bt-XCmMCLJ}`X9t#PZRXN0sI8FBX_hB@?02vPX~#>tS4(%xyj9mVWI2UZ3Ixxw&6^^dQTlKw6HHxOWk4P)|2{#m>ysM?1s3n zN2^xk1NwPnE-z1$c}ygG7U2Clr(6GZycC9J^tUgP3zqfDW5P9jB<1;z$=;?>_v!3E zs@NZ$OX}8n9=2n{I`&R<6D|%Km6DKQ>0kfxS`7ZzWUz>IL-)g;~qurhTQU=h1MBfGN;CZsedJQwNxe^|GcJKVC1X zXWey8*=+Rc&D5=9)@rejZoK!EE(AA$mlx(URc`E2LN_|;1FUBiOdiu~BBL6V{Q?5oC#Sj_>kL#| zpb@A*BM6ZaIyu6oDI+sV+2rLWTckBzbMcP(KE!_>B|HGEOAHs0t4*hU#IB*}l`zwV~xN zv|3m-SlIb|fTGaJb%zOLV%F>x_eEvtQ1gx+<_ysljBlww8G-di`wtNLHsR^v4`EDPe z-n0o>((yC*xb=Nh*t2M;;x>z%IMWhCu~%5uw49=RXm;Y@w+_h|HPMeM%(4RTmtV2R zgvR&C#~W?b=S|VWZ4)0~m+eh7mKVP(E&nr0)LpTE43hoO&m@o+A7fm-ODT_+@m8TX zkDZTc^*ou-l86Zs9J??}?l6HG4um^HrYq3GZCQ4MKQU(nZ~YCNP!j}BICce`g6OyV zi9q1YOuyVuNc5-s2{l3B^1pyHA%HXe1kS|t3%LAWz#$RWjyCng^nfoRr9=sKCNqYN zOshm+FhpL9eXOGs<&d|0pjWPLK}aOFtY01tm1J(w6=!*d`L+0m4e|}c{QGJ8yX%i( z&_LA>bpDn3UtD$PM!uc$ye@9;yJ<5S7&X-qdp*V^fo0QNthtw>;RXcamp~-P{jkrA z@LBtJ^yL#I!PV_>ReoeZ$WZe{mI*%ACX;w0(n+)KfC*V#IZTUQVs1Xv_7476=9cE^ zrp;(&#)8=)^Kg0L&l+`5d1OV{G-@QBX5Ezh7^MWJ$_wU<&_pWJWo67h1`RvKeun$2 zQ-X(ST*XZVR%m21^iFun8{!%B zpgSqH2(7#P*0Z=}!w*IL9FVkuOvuR0oR{F0K^Vk(VzZGOUB%67b0YaX9oi}0%se4ltK?b{F@8dlsNq|wrL* z2Kcgp8j7d6RwT|KH)+3~6OO0(IY^`rxWR11Tf;eiVTV`nnqY3;=4qf8$DqW78N-$! zGuw64d|`6V%tguEPjlkmo#>vUw=Br?`i68LP_%QUn&g*lu{|V{ij93o#DYJSj<3d- zLXwPh_Y1VL*<-jQ>Qhp3{R`Q``fiUJ12xUNTQsN~at&T3367`RMTdm&ZsUi^cL97# zz{x+D^&aUW%=VK4u_cMe@dL|5k7G1T`?69m%P8FPf=}A1v0EJlTh>|1y0+{g#rt+k z&uu5dWi5kG#DBsbUX9K{hu0CQ$_pvPd2{aa^}HzpJ^lv6zmtJ_U||sBO(@8I5=Ls! z;|Pc2LOc{&Ok*50Xn-cosCaz!kY*byOSyJyw7c;YtdVKs4nkl3l7^*33Eec};Q7lQU0L^rJ5-Z2BdFUgQLYexgEB88B zsBT$z-}7HtqkXWV%8bK~k4OJExivCCawn0`Fy39zCn1P7SJsM+HCGOnG-JcJai<}`~iPZ4g1hq%`i}0C&VnI z7xA?&=qViRjGYbTlnR_4svluoe*5xa;??m3@m-9Mm0XQr$U)&D`Y)1{xu~RUrb`NP zQIrwbzr3Y%*UYGSqpVXhpggN4RCr_BAc8$+h%VPq`_s7THK+NrmQ#@e0oTrzM3a*P zl!Jp?)d@zV6>Ul=(C(!r02d15Ah1TeDNTiDQQ2M36%o$ivm#JuZB?NRO1azeyS-M?3`X|Ft?PflGZ{{djg9OC;&@JYd@KNW{ z^F2XN<3lxYt2Cn+@YO$silDhp2;>^=N_`yNMwK+~ITGO`6G?I9XM1#s~p z?t;^Tq0c|SHb$fA2ylL~o!H!!dF#dx;6HkuZ;md7Zg+I}e)*Ew4xOSBRmu+${yy^T z7T#0#KHp{Kca`m$g`~@)CnB|w*9@vj5Q$$YuRgJ;yi1deqnoH9u{|+GKa@FCK#1Q* zwBWT|Oq-s|qH!hRc(lSvTVmTAkH4c`nFIjCT^SMX%E6PT_A!~mB@~71itfu{X#XSm zuRAF%DF03Vo&(}yuh+#_?4JkO-!QI$5Vzmj=8@!qCKyOvA3naXod%xRf10Hb?)UZ- zNSd}b@koN)d#D|sBx1#>nzq-PI$l%uFiqeF_HrP{_bgD#^93}Ozmn#zW!SGrx3H-i z(B^Y!(=j{T%p51iwd_smvu0B-t^0M#ds0dFc{)rstfCg zWF{wY4w#BHGI&3D+$yxXUQ}|Q1JJVlo@J2#Fo|`5BWHEO_(LN97EHh@F!F^)NMu#E zgYvy{O(HF-OcwF%aoBU+1jj!hE}Jg@ou&VTnE3rqi2oD9X#nHyL9f;w-cWW`5z$a~ z{Ih`P0!hv3_@I8xv9rPiCR@#7UEaPSkKT!NdzCSs$K#k!u1S@H<2oXc6zVgCHBeZm zsZHK36`dgQ#jT=FWC~Kp_4LwUzjuNv8J4Q)VSqK!z5gJiZ^Qs9HDP-19+;aDils59 zWI*0MOXdx5b35Ej9q(>4pJm-Sw$`d3C?oRt9B;w7NNpE8Mn24PhFx+< zaAug&T_&TZs=GwPJOp&3(mk$nLdQaLX{&hhYl1cQ{)=^VvW98M3joVK=3MH9fA^!_ z>EC{=O%B!jN}vE%8~3St*Z+{@LQs;GppNlqM$mC@v$XM~e2cVk-dsTJb(pEw!&_-N zd^K13D9)v8_QBuzh|P5r=lR{?o@F`}_ zbO}YfW$I0e!lav^>TvEBo4GO;iU;-;d#{jObh{RCshjN#I25AqT51_S^bSfJH{*T7 z#!Y8eha=&b~4z>}U6EY6g76o-eO2mJPj@$W9(FtxBsB^DHzvxYb zehx}7`5R-2ECOR_@!$e~@u2F2#@w(_=D0({f}e6!&GR_h_ko({K&|C1)wJhrp0~JL z_dD4N_XGMy(gisn`7q-Ngd-(I@+;c~tiVg3ccYq%!IO&E#RHI&H4Vil!TXC2<3Uwb zf(jT>{ef?G5yUsQNWz9+6ZTTjNfeCkBAO|GU+BL?A^=v)KMRU!jJvYX?m#{j=)f5G zl4gEM`mza>N-+yduyooje7=ir;rmA;vi&Cw=P6)I%pBw45cA62Z| z?<~160Oyk*Y)?ut@iI%g?-);J@JT=Fg_IfNc~GBwUS&rKV*8C7a%J52QaGfygd+@ z3{}oAU<@EIe5eq=lVm}C^W@_7oTnPZM5@7WUx~(Z0;yMSw{yOLUsi5yp{*FAwpMJxS+|&H_ zx3tJY=fYXjaO;fK1 zi$Zg1%0e*DlhfJq=qZ8K&+O0i_xjff4sHBte#`Z7`O>K&EVTfEH*_6{6K$kS#^lgb zpmDqtaf+cPUCiG=R`?xo=!k%OieSX1052Ybk$6y*_sDIl7+_|PPH29MvZO3GkK1?j zEPPPX|(ut4U0AcQ*zf%%G%2*0%_Tk|`Alrv1i_m>BG=I3)w%&342fso;Mv;kL{ z0X;rthh}u6QfN>jY8Vik;Wfq~eYAMUHbLHhB1`{?Oz96~ zXi7h&M8ho(hDj;`vn`8&@%xY~O+W;Q#^*Mab3AbnRUL3u)|m%gX#K`k&#zLK7}{_> zdiSsLCEf$i9h0ga3oKup(&TuBRZ*d0^A1Y2Zy$eU%qgt=ovc1ND2jz9HI^Ud|N z{*#hs+DUf*10?|jC&yY)Rks-nD5H?ZZQ;mu`mhah1D@khA*SF{0nJO37LdSJLIG>`Vz?I3gnJShkaw#TQKcz`&97zqeLxpuN2{ovd$qhT5X(_b(Qn+kG0HREB@qi;wbU%U^#pKqG zKPi&>tnycxqHo~QIZO67nYC;hQcwMkM!8DX2CijE#NLcL8$s+ z+i0_sLSA5Z1AJ*~nb3l)6$xgr#f;gnrxK1)w1X$+pW1KyjA|@z1N0da)x-imvxQT} zgf*HKvta@Z^#dEpS=#<)>7_xCEqdaYxY{U!G;(4>RV}wpjADw&$ODz)6M-3HF`LN{ z+X3)$Sq02)z@vr;yZ{tOIRp`52qMB>D_}BUV*Z`cD$K@^#mdo>tlb?S1hvzi`k#K9 zF}<+tfLu$&2f~~x|H^R^)X*%uN?fKbegq75VrZ3t9z47tSy zQG?wF42|9LV7Z=uqyZdq+NvHyX(+n_=IGF$)U4V-^68KnlZd3#_!bTW`xL_)25hR- zWAe%qq_pwFs6Aksr|n7VBc<)+bOHItQp*&P&40(-kP!*Wa zFieM`T4a(5=Z?cvHY^O?I%(xIf_tu-9iWqvV5s0RxbT8h#R&UnJ;DP@BrU~t4pC4d zRiU6&L5aMQe_Bu?*}1tyA899ac?bWUv^n)%JEQMn7r=FI=Qq-0_DryCjZ?GSD(;1m4mMpUSk-IW{tl%j~A$3cexWKTlA05d341P(cMn+ZZaYqX4?jCj$24&w>6joOVd@9+SSN=y{0DdP1WiT-$ zfQbR8gXX_n339dbS4Q9XJEKb}LZ`6r8~V>8jKB$zX-5_ucHyRp)U zhE@DDL=V*QKroSCW%IPBi25=R_*r1$k;qWZJ@_O38prc)YyWp0rT}^`Umj$sYv(0b zU|o5wJElRDmd*qX?pL$q)$-teeMv*UeD`KkH^$ z<=~ldhO#4Kqvl_I#+^N|%{Wlzbk%0$oknB@KIO!gbTI#2oeKW7x-_IV!7juG%M`FB z)6ZLIPW1zQeA4CsZx zz9QLLj);|02FAEY13cb(Vs#CyE^+*2%Lt<9bHQWAVE2NayIGcrduLrd5)?G33iyr15f1cCU2H>$JSw zcyhnmDY>3SU_L+j7%j@+2;&kp+W~b4BxFb(__=FDRv}MRi67Lz zi%Vi@u&z9o$pC1lU`vvCVA{Sq@SsB<3Ww2q!ZJPC=JGb^6t1!P$dBogDA;_Xi7$$^ zr7D2>`E$}z1jiTA(gw$e>UsJMyjkdlyd&TR-_aqFrONmGS*1J$FfDItXtZnM21Y|; zo2As!sXx|Ha>J!{3wk?Q27D!--@y1jLd?Jkr1=2POdcZKWtl;Y3c9OPD@o@scQI(C zP^6J^@F7kEh;h(c@gS%Ln~wSl%x?T8z3EX-xtm|ufAkwj;L@KQMByeBZ zUflb5T~+qUrip8sX%ek#xM^kPJ?|YJvBFk(`&aZSn(EZ4>to)h9hPT-R zDRuf)?^~n9Vw0`y{f`wpX>y6jMSD5$vK^+k{WmosAF)*>_ka|YN%X`x^_s-EOmbq@ zEg`(kC&OSuRh@)At^M7dQk@+5_#sgic-!COQFGHy^}q$M!~qryHql4V8lV#2k#h0+ zb@G`rD{!sx8+$Z)jphS|;|2YG?yDkM?xk~sE=%>2vh&Tiwe{ep;D(7+;5&Ew4&bJG zYTeVhCP^|``Oa1E&qSK)PJrLkZS&T_gjeh z6*S_k)lkQ=dQLF^Hm5?+poA~41}-`vE5RtHUsmJ}S25=0ucNgKN}nC>3Ffb6D*bFI zT7DMk9_~-&r)pN#tOgcjLhZ?o_*t9H_xqd$J4BfyUiR=;*H{pY^jh7b^e%3TXom-@b)nk)I;(WN8nN%ft} z)lZ+~)1kAo$=)Wswl{rQr!A@a0tT#Cy-K<=^bF+>4dGXlDDo_B35TA={PKO-3%Dc7Et!_UG5U2iXWoJYrv&-EK zxgQ$3YdO-Jk@OrSzX}c50llcRGfW-oMF%FlGSqIsv(=P7G*5$47AbL4m!Pa;y*IM_ znbBqi)2T=`NUn7KL>VoRTq@-tx%geu>*7f=o7e!>*vC_TCz0QFKzObor1z)i5`f)eorxBQD`N>(vr%VL z>SEhJRLE$r$Cs~8*Wc3W&d`59p}V8Cm7%|Fx~fvX4?e_p=6$+8oG;8~^>*_mtB{4N z7|D71$3^;F$;+edQ)ha>|Ms#@n#;vYyMu3ghjEvZzL%Se=hq+&myHRhM=r+(DfWf_ z7TW=9KfX!<_m*Zk(ny@2WuK3L0z%U04QJtZ0SiQam!MyzFMsvzpeW_BRZ_Megw|Ei9VYK5mOzJMLLY+%ZhqeRWYI#*!epdPgeYDdTOa zd}BgVee#aOwRc}RNmYgGRoJhiXhOAQ%`67+J6!3-2%!WiaLCCYa0h7m&6* z3q6a9EOLGt(+7^!P()++K^USS-$GB2z2*E|Mt|(&BQufU9~xDt3Uot0*vdP%5J2+% zhbm>5xg<-i3&clp~ojow=G%bvV#!`Q7JO}%-ix(?Tf~6QH^C1V}4YPcr63= zf8#L1RRkv0Ju_{umdiOoOtnz3O+7a80`;KI?(gLYd`YhMP0lfHqaVj0R2y{Hi)EX- zqWMMyYK=wH9b4dN3@ITZ)F(AR0y1k$gWvLXOsc1Q`~i84?UaY~11f!*I;nHpfH(4T zsu_r#=iAZ%_s@1>LMNuRiiAD=gEiK=FBc%F3KOc_6JH^d;1onrbZgZm!i{5hSTb#J zFKgoo1-wSG{G^99vEUo)Zm*&FHB9$qClR@N6BEaaWB8C z$`)aDHF62k>XM1!a7ZsKEJ?wCTN0qci<-8h9NVxQlN*7Bz1*#R`lHpBE~+KCK64Me z(PmA8qSav+>+!EXfwHy5t_O_Y*JhQ|DBT*e9lb zXQ!DGU-d(uWVy5X5LGOazY_4+?Kjx5KFxh4?tikqRCWXuF1LTaJn0WR&XrmO#7v%? zy-aniJS-`k#M|k6gH-maD5>OP1HH`rn3&85T7)_{~Tq8V}H7rG6S~_+@@?9MteVoC-9(yzw;VMpo@4R;sSBd|9 z#Bo`A%uVavH-Bb30V;OICyw#N_+4`WQII-yfB6}VJ>%7mKqitH6Hd^e#?&;Y^)ku= zX!fW)RAZ8dM2IyQ$IPZNu6#6uadkU@-z6z{J;v7Y(bfG*0%`R!2u}^ycO{ro7s$(1 zsShbI8&cDZ)dz}QC&ssS)F`u(N9>QqkowMUbgS*pr90e#>sEhH4XY1Cc=`7j{eRtO zE3fS@Upm(afZWhIN_gy&T zW)xkN{v^~!p84UJ#Q?0s{SS`)zUP1Q7T|wnnFtVPgCy0`Ld^yr7>Tab_*ddcA5$_G zuAnZ@wN=LtBdTVrplsf+IJf2HGDP?=5itV%9NNIP(p+x&BY@=*0nAKA6qTbve)u2v z{BPa@{O>JO=1&y8H+lF4Ylk~FM}r3ci8FKeo55|Ny|$t2Yst+w2s&(r+ZzdmsTra5 zw;qmX`>1I!aR7ohj}G+!jL+>{L8xe&=ACt#gAvL%Gjz|HgceKJ!RP;LeV~#@H~YqM z$CiYBUe6;^L~~Pq($2KEMC>rDL_W#RIJg8UDWilpZw|{9HXiX}sv}&-b4x@s!gi_& zLlgOqpr(01J<*zcA&CLF!`i(`R~WHonF~G)CEgC!4FuRTBNl7{7xehKpx)JjQ}Q9m zvye2BWVNRiM+$hYS|bt4^3{EU;W*M|5jdzdF}yc9ve}Gwqx3zBb4ZfItz+y7$pZ99 z$S`cF&DFF;6B_2O^X;lh+~gpdqMBjgK&octz?&87&MI-scf28IRGdRZ=IlHMOgBOD zSINX*KOfvz<{k`Jo^%*&NRD;{t)u<0p(4QX0y(JUk%JK@2q4pulX6}ZMBVFPggk$S zFqe>NnIYdzjztHfx3kj-b6L;h%udrYgyZx#)IU_yZh<#EtFA!oeXxP7szOSdkSx~G z{x!IX+6t5K8Pf>hW?TLCu=#P!@cu!zx1(^Crzc{D>^NNCzb|#XVFB)ULht{+q4%>5 zx}Z6Q=XGy4xFehZZ$N1{#KeMiS36dK#&l|^uyoi)xS-Y%-C_G0As`=OG5-^S*ws$M zBO8|&9RnTPgW_-o@aCtxqf6w6`W$`^B499^836$d95nOO2r5|5C;T=R?N6KhwT0N< zEA3+a(V86J{B zG}ly$_RGp22d{E3e;llS+L+3@w|E=)rbB(aipC>J7A?q?gv)BjAwn5ljZ@o|CeH0< zy2ObF%%tXjGpt@eo2E2(&{hQ)%q33ZLUrOvA!M_g{)7f3cgBsZ>|vL{Q#$h%co= zBnu3NRl$CWX&QvHngkUQRN52l*Kb&Rgdo`rjfKAJ2^bIW5jz4|5B>t4(SwMGf3Ei5 zivj^7mfTwYhMiDRQ-s6NdjxkA&(M?>5kaQ7b+z2_ z#LZuH2mjakr?1;{B@=$fAIX0ZHv&Oi01@WdNLSJP7jxDAVlLW$Fqi2!bN{)_P(x+S zY2}&xfUm-{@h=Noqw}rl-Y5>+WPfN!u=4C(O{ljxGh zO(|v9dp-!U@?=HmfRSE-Dq(U8W-_QbEvt?}C6+Z6 zx7Zt7Un0%l7F_2@0tbg#e$Ly34SV*sp`&hrhoj2*-DFOg2DqqLB0^vtH2|IvJr?wh zJCRYGqm(mj;LRHxl~^Xspv-$xwhWND-}?-3K9hBG067qH->vm4BWc*-riv+%PQC>@ zkDUEs%VDUd_m^$`9?Aw)enjq!t(=LMLHd^ z=`}BV&l@yEx$gul1MaJl#e$I{{H}=6Vx4Cwb_+D5dK&zdV;$X-8n^^h3wrW8ld~P; zCXk9}Q=0RoHsUwFx{uMklxDAALF#z<==CJk>*x+p8sRv3P2XD2Z)mV^)OZs6ZSq@buX+;a)fv8?)U~j*CLjiM^uV1RcT|*j7=F5!$DU7I z%blc;OF$USu$PUdnJg&Dv3TB4BWj;qFiPdy7<26SeA4jIRsM;5QSn9d^s+6xOSwmb zP(kW0#P*&ER#3Rq3Z|RpBj-!{iGmEVbbf(Gvc^w0Efg@J~FMkf0;wpB61Fsx4tL`E{mxWK)RPiNC z&il|cJd$@%x?wX9dzgqK8{$LEMNO@RSi=HW@eM?~Cc)9HYOrC&G7aF{L+sOMoEtMrAss#>dPHf3P&1p z8o6m)sPDgpH z3M*F&4*!NjKd1Lti&raeB38CCdbic5ede(3z1U6E%9xzx7&WJggGDybkg^z4`VBt) zwKas;Xm`O^=k>tpI{?pa~b#YvIc2yL@r8sv$ z$Fa>DlHa+S3-!95!lTsYJLf|a^B)Xuv$(o6@OE0gYIflnezamb^mEE91YuPF~exoQ1}7$^6Ottefc2(VS=4@4H*f zy_Z-`X9Xn>EQ<9k6Ba;hu1 zAm!&z7gs#fv$_8rKefvNB^KxIeI1flxJXFiQ1Cm7DI58FkXMiaN9TDVQplw;E1H5a zMa1z_6&R$ zblle2(wwl*jV%;m*rnI_CatnuyK1JrGjFpfzDiI*6*A&8RZ26Fu$+7OSx)^2RFDo@^D?k;CQG5;@AL5eJSnyk$cr~+m z?9mPGXkdSR<4~Q}PA*p4Y9L`1b$VgIH+6FYbxTjm4Seu{^YQYse{=JX5AUXy4u`&- zO-y}SZ+{3=XMLRs@0mDXd}ks-@ucZw_sH&WLNfXFhYvLu^<057oqp|e$to%B8O($C?*w+v&v%^j@sG6$SyR4 zyQ;kIB_5`njrqldD)1FlOFfyRTY`jkodnl*w>c!$zI4+sxS@$>*lPbZtDyyz`QV~J>_<(+ z_`Yin0_hSXsBXHokZ*h&4zI<%*i!K0Hs?D@2*sgP$X;v{g5nl5IqqlyVd{0={KH{k z)FSBD^k9MO)*Zn2FHI-HW;TLQaWV4&xv=39_(oa>z9?pw$V({Ns7vwJ;bCvgJEGfI z0R*|W3hNB?v`!yMMU5jcvgc11fhZv5C9+tV!3Q`z(tDoCi+J>z2($j%=iW_6&Ui0_jGj(e#Eq0cJ1KXjS^C}mbRZapios(Kc+oe+7 z#ZPFFi*nTK)GjoCOu8}`7v*pgWu94>ZK*C>Z^Z?dI#UIf7OTu?0nzFgq9`g7xwhG7 zAHJ8aL)26y^q7PWBaQDK&3EiAsB}C=$)DyRnZZ+eh3zhJY4;S>j2{U(L5UM(QtEsg zN6Z5UJbWl61$Dw+@4}UB65MZ_2I?@Rvc7;q*zz>iN!gImxAA0=>7m8a$fS=fZnCdL z%Ck#P=G&=Qs0I@3mfm8j^;_wUhKr!Dabx=6)(mv0MbNc4i-VSuvi@2HtkHUFp*-BA=>I3Z^$EZh=dl+pP`JqJ+4AEiY?6y{4gi;&LFuHevA8)CG|Bp= z;ey3yf|iwif8ja7qPYZl8~L{tg8EL{IlLP3fIZNHFVU|itVI8NclDNvFl_e@a;$~t zeZn`u-Pt3r5WuT}M0*)Ki-+5W0Znqd&2qFYax>9>T032|b_k2Lg0w;9BBaxVqlNo6SRy1IkfQn2(hi__7Jv>U(-BA z8Ku1+;fHfIOMa(uK72<^#h<4{tkoX)+U*}!NtxIARP>d&`U=52cZ@s+V(2T`YmdTq zW=luVNgWiqm62Bo?v2o}GHfgE7UzaYO>#$@EbQ@3J;W|y?ly{D)1T&G+x6#7>SjidUklwr zf!}M8@zh7zi$9yDwr$K)xz7Oi)MwhO+S_5nLSUH=qFXR$M>wqqc zrLHsVjT&z^xvYnd(zaNqCJZ7o0{^|sT$IfYIgnH+y|gJgVqAZjun^%jS>z3ZQhCXr zPP-q_)HCiHX7wL1t{hP;y+r^=#FVGL&t4VYZzHFmc-rz~q34Me5TBANEiwW|ED)KH zrka0C|3T+lOm$-3}q`<6%g9UT4e_NhCzU7x;b#uhZWq)%sxsw+77t0Q~hUxre*{jX4{b5-? zoW5|eaxvjtf_{WKkkDBtPZ#Ua_Z~&J_9zuhQE6T};LKKQbp&t|7lOO~&_^ru%BsiL z*8TdT|8d#fAK;@yFE6jYt{wa?O_j!iVdM!KY<~?NsYoj%B#G33ZDd+t+jCXv+2>=? z;vbkMM>*`rbiw!@I&kgO1Q{VaR2a*nWZ$;S^9zL{G$!U77W;J) ztrGl;!TeeY3E=l*dj0rrD%HpQVfYK`Os3!PN7r-8p7d|+fnv?4S%C0XCv{8P-*^vF$1)0EdzNVxacA zihn;Hnp}T+jG}MI#lY${&M?w%=&`|^Her6^BInE$gT0CExRA?obXS- zE|kcq4fH0-N_25vLF4y)I6-GkZT|SH#DkX)c|x)3j;C;hFIoq@n;q+VtH<_e-+hr` ziQc=Igg5V~Z#`J1t5^J*CzLMoqc>e5X}xQZT8}l*;WTmX)u&nD31F)&E_%E}8W9(R zGp+NaQiuZYe4?E5tOovq)1++K$6t8nxX-TIi4<@1l&r5PoAB$fhvHGP*khaH_az>K z%0IfwN%u#(f(!JI!d0K9b(el#3S<&jS=YC{G?@u(^6jzd^l zaG<73jPMzd&aq-hTL%tz$?o2S9`|pZ- z=p}MZuA#11UXS*uPVZYndo`(hgJu-=p5Zv$5QxU*VIsiLbQ5B!_FSzn zM5z$CQ+JaxOGL(3i)3oY#o3a!9ej!xs@p2Q;has5=c1AdvHGKiWO`Y5>o+Fp z(91_U#P;jYKLc{zf`araQ%7+cchug82`wuW2jOj&{;&$(JstSuO(2H6P$b3nap}5t z77ukf7Fuefs7BP>S5DNYV>1p_hGL~fR;6ZK+Y2YF3)HC%FHI(%ExyWD$A5cRN^ikj zwP@mk;Y2Uo)!F1gvHqabmSB&VEOzEv4YTKMo6PT%Z6%&SZL)4pxnS*1?K_Br9efb8 ztLmn6{!&FxQ!?3`jME3w!#dX<7c;LbR-ZgjFnW}8wmo>!!)HhGp}hB2Eqt)A_Mw@Z zL|tAORxx^!EweX?@CN1{>WT09@S%;XFWM+-gHEy!*#t(rbV~#H^sD3kZSF3n4gE{6 zGDES7Ylg=Wz#6x!oxz!6hy-;_Hv5}`BM9$#Qx~d5v6dibyKe1|`QVeodaZ3;_+-`; z2ge5P1MM>X%*?{8G6wQ-BkYD2b$(}+*#Ow_0Hh;=C6-bS)%G4-QYz9 z*^)i}{kAz))eRvR#@}AGqc$j{GEXNch!bo8c2f_#0fCEJIw}*7)v71uT(@$_R*++7 zV>fQ69lVA)4|-94>l@fAjP=0OY+h*I>77E!=N5^}=HX6hGM#-$6kt2QH@bHV0=SS9 zj?f<)YKUCaP6`azcC$6mqD?$^{`!tvJ`SrobTBw~y8GSd&%%`_Jw6mU?S5l9YF|ax z!z6NIX@JFGWVzwBT2bxe(4|@U*P@GdvyGA3K>ikjh0F;4H&7+$;}4R#PpxttoM|N8 z#aqWTa0Mp2E#$au!(NERxNV9gBGXZy72nss<@`F^XR5BH{c#z*Jf*c>cLHUz$yV1V zTeo!DucY30y~usoLlf=eLbYP8x%b95=W6vE!p(r|(ryEN%cmnB(?G)NR(2X$nlpvs zN+C|)rHUv;67T^jYhJgf?p=E~Hi2vK6^R%;ndmq%Jn*_>p3lipHL+`~O|Lf8^7`%L zSyv;u(_1M0HCuDV_us_E>)Vs5x)8cQtR%i!UOlC`9=vA4J%7Fzy)XOtv0V7szzs4McrV5Ae9DDIn!h+YliT3CTHbZF@gl+c@@5e#@8zx-fh_na^&_W{7hS~* zfuAWTJ~7V5OMYZ-^3_U7VIAx2qn7S?7-#}_x!LC!;mGnxq{CO?G4kRA!)ZJ8d)1y< z?@g!~6$2E%4<17xm?Y1KEphL2Qa?j#_=uwEp#=oR6wXAujFm?CK3AIYw=3J&CwKR4 z`GBT{^@;||{xo4@3U34x`O(IV8iR6V-3Z^IYnaCosywvBnEPWKIhOT$U_)l? zl!XzocG*01%GbKtxW0TTM8`ho&=%P@#_qUH$NXBTa{Yr{-KmHs+iCluTjg~oeD01i zlGesSf)gNP@2@j&R1u}tJcs&PkTaQ}FJB1h964pnOvkXFUN{o8gjB>w2_hxV@HVy*42DZt+3SP6}L+?_;E5w0piF`(8-n zsZ=pT=4JK*XFlGp+F{+%Hq}K9{{4%3Ty!94fjE0>`PPf3t&h*X@eG}z&tnhAQC1G` zX!yS9c3k8zg7Y-3EIv}4Sf100wVFIECs?3kai1*}GEALvHff)LYg$3p zY~{ozYJ2ngu3kdHV!U=^q_y33#+ zuvv|nslWl4(_OiB_}Wm8^cEyEMZK z4{C#yORs!hEq|#o1)?Z!U9kHse8;HWpH*2)qJe6&x>>5Sq3L*odaKO%g+{e=#x9h` z7u=YCwaZ$Uu?LMWWwVaU$z#9ZwoxzAiWWKZ}pocvM?(#QW_FNGbk6;xY_89QI=R?oI~YcQ%7s34V2Qr=kL-qgqsP?wpZ- zHzj)#17EnlH_=(Me6!ULr@l8}@EO7tH<*s>d%e=Cq$9C3SD|oi za<$n7J?qrK@Pc#_$?Ji^1h-o4wW}R}a54?E$qD9p?TkHc>a}u}_~u%(T)(JP`SY(* zVt0DJkR#bLW74LBD=u28g1c_*Pi}huk!K&Y>Y9bB9~58>#)Q^pJ^uma+@=Q8*)5mF zbWZ)jI`he3uPCe-mMgVP@V%<+VirH8My}#OzEErFw2XWm)s0ZDl(=MS0W+U}JK#M^ z&7c&zYtK;ihYhM|=SmQH=MLFy;3;faq+(^1B>M30bC|U`ej#_vaEqFp+oNl2lOr}? zQG?U@XjB0Dy!#Nlu#65gFw1WtD zOtGi|xV#-0ySX5AYR$s(h+!ej*^)RFbQKyghE$V%9=FWWunP&qR-l7_bE&mIO1$zy z<3{~gVWr-r>6@KuER}pKgisH(h~l$!u)`nONpQpF3>IBf&M4!o&r}6yrp~H!70}me z@vPt16)#t?_xNI-c_YR!!4NVl4IvBJ_V5R`gW5CBV3Iimc5hNu?5iHQyjwOKv2XPa z#`nF^mCt5Z7Bg_Z=P|~AEF(qYV7&20#=qMaUB-SxpS4i#aYE-#i40nEh@bTeWzm3r z7b&PitpQ`IOU9)%gJ&naqGx(hY^L(Pr4FeFeuJ33*ZSJ*g-jhI6NMZZ4|9I*m~6Fj zOtejmK&5oR%7IR3$FKB2X8Of|UV5K15FwLIr;|B>Ap&)KXsGyqSY4BZ1eJ(~W%wTH z@#>3dXT#{$tvht3LNTjW;r)lKb#Cs4KhMey`t#uEkV^7}Bl-(%Vt=VXR$qnOT&u!$ z8mGSFoWe5!*0ncmi@tcjNX;8x97sFnVo{gCC0U& zLIfx5UNx$_r8F{s)Q=lU3UVL575d%r9}qTw4-ESn45blsi!i>sqmeQ3X2z9c;5kW_ zMVPQ1OPEa<#K0PEKs9&n02RdlKo94@^8$hf2JWX%h5=s^;nx9V=znee>uT@hXBYp> z@lWuF0i7OPQ}P-71=~?T1RpfUW`3VBUcb)C@wGXg^g=uHQ% zu+BHKTHI4`7Nd9u%=F9l_KlHQ)lp}{^BtSr7sC!4gJVN${bCr67t8x1({zI4@wzq; zwvRA;$QW6F<56Yzr>_stg)+VT>3+<_B)m#q!SJKZhl>pl_67WI;7ID?k{2|#NNgW zAFBl&e64byzaD!~ju`(b-+BKT6HYGz54{4ZxkhIGXWWr+!VacR-@U#!#t1Ls!c!7P zUvbOyKuXn&x@QlJl071SZGZ6*$?ds_Zij?_aS+ytPaU{>h_g83;vliCUFcIC;8bHal5bTjrMLm7n+XpWeQKslFfN zNdNbFj-UJ7|3Lb~SDYE*^e{!AJ4S??VzI7^qHqPJ^`$qO!>3u_ApH2N&aN}A!FqXr z?N!s8ImOqep?Z-ECJKlo+ye!nfhKW2o(KiO$hn3-6SV5KXh_Q^3apbg7QwW3LyyTU zL=j;Og^(S`v|p10Y$E0M@a83X>)@isZm1WM$V&4(hmST_$M#G;YZ;oV;+!Jn*N2W zq0!wzP=}w4T_bOVZ4aU*i~FO|4bZ9}U?7IVPvQpxM0m@O4x^9q66E1eOX3!P3kMiC zay)?NBDb7a+Au<`eSnA$iA~5v@c@30tU)L4>H7D%<0~-;;soH&xRNu{8}>D6d`Lz9 z+MYtf7x;yqK%{wG5rg0mffIVA4}jOC6??fS^-1P2PhQBSAN3x6kyCl{$*@8u-PY?~ z|0I4iflt;s>%XE+2lJv$IOk`7W8!sT3tog}`b50Oy*D?$+c2Y=c?S6yk=?}=EW3#j z01cZUSTI?LxiiBK5{#k#tk;ijUqvqSE0G~y&t^+7eS0xGgv<(eLk6?E3p?Ch@@>YS zc<%2Sg7FDi+gPNISElh^xpbu=&|fANOXJ2@C&xa?EHu4;ol!(R&rnc*)G#{D>oVzD z@UudrCoSkm+xJpD?MdcQW5riAfiFk)PckCn!z<4nXHapbJaB1PM}fRW+{Q3eq+Eezt_NNGKM{N$0y2sn+kjs} zWHPw?%IqAOm6r99$M%eWY6?ukLpAMgwfr&9LfBGO$1EYzvsq?7kW^_kT1UUCsH380 zwT_P7AGeuXFzOoC*IF|VM;Fa^jSI^%D<8QlExv1-r?u|637-eehf!rgS817F&O0CX zbsdIP9~sDhEXHum!h4j?A9>v2=26Ki*I1m8a;1q6jy|w%%GLT33FawXURJWMWL>QTClnQTRDEgHjyehD z7n*Wxvhr`8S{;64+~Kyqm+9(k~C zOk<_WTytZS%hnKob-?bdQ>}jC7%WH3Rt(?iH=3w8de5hbJ~;Yttj>Bh++fEA*2nq9 zky&cAnA0-K%U^43qH9eof@as%EYUN=sP=WSXw3H>b(og(YN=EG%I1YC!?k7=kRA;9i zIy=O{#&^+v--^8Z>F{b)Qf=D3>dY2#ShIiN*O6<>w$ zT5TP)gF+WkgcwU8vm}Kn#U9H%CL#|0Lz6wr3|xB;4zc|?@+L4oZ#qSEDb}+Rm;+vS z@aheJgM{GMNGO~kB94XEf(CmLrK)IL&nLpKFxWL(U#ifjw`;~3zWQ$8?;^h(RMs$Q zzu6_vV)+1|7+ay1cgfCI;9g8>?RD@YS7d6tKyQIC1FObCq2VF#69t>$Ul$F8h{7;r zged%oTHeUvP?gi4`;-@oqT}LkO8l{FjL0N^>MAse!rzz8TA2?Ku_48`>kM(xPqYGy zAr|4z3Pm%XF9_RKADfO|o@ikq{Oq3&v47(8c zJIbv`LE6w2n{0Cq-)YZZvv<*&dM9U31mJ`{84LO!?TU>?6>Sq3f~=w+L1hD|nT?Hq zdct?HLxbL8Lt>qTv1m5xDBO@VYs#2HsI0eW({0q`E5`|`p_NY*@KjRLSLDJX7E8NvfoNOwIwrnCLlQW*s$zrFiiNvBkn;E|M zL{ls*iTOzNc4dI1U) zJ*hm)qxVOjWRU_-{FZs}@TV3?aMxGM!w6JKft@foe3aBPRjt?a;3}cx!-R-`Qs{Va zmDDe49_=<-o5A=Gwd+`wriXYfdWrr_oY|;>X60g4DIMWM8qV4sX;v}%R=-y9+NX4s zuxN#xe$f^ar(3sJdI9ihvM;rs4*@fwXsOz;oMMuIm4$QJ7%^f}YBLog9p1Wwrqp?C z1S#Dj?L@*5w2+p~wF9V>)DF?fzZMaHoGi}xO(saO z*B2SFJ0kVPn$H15UJ5*%E;9yzeHyO}p|8uualF=L=*rUSy2M^5wE>w;UAs;I_g8OW zolVSt^ju@}69Q{7eqjX|tgqrwV5b#C;2Ffd>mXn`sT@;JlS*8oE4-a90}68kWWpRfaXKfQe; zGFYz`iR9O-Me)4%;fI=x+&f|RMS#_%($>{36KLydSJGzd8n9&9%SK@axq2xZg$@K- z>fDL2kqEs<8Q`UV?2D%;)8s@?XezRxC)CAr(NkK~aIRQ)%ZXcNF_(j4O&7VAcdRJ^}#p742^QTLvOoB&bbYmE;q!HeUqPenWQH78* z?uh)la9rbgWnu|(8CD`UtXdkmFsbFMnH-a9btxLvwyT+c6xCW5!IGgpMm8RQV6(Ji zl(JN9EOG)f2z8!!MNLe}$cH;ZgjKba65pz2$VJIUJOsxxba;lN64E#DlsDu%rh+)y z*XR5Ub7rc|EAuPcWs}h#v&YM+57)QrIe+q>-yts_I=mG zqRd$Fr8_|`YF7LYNbLJ;HsV?Zei^;I6FI#7GO7}Z!amBm{BvUmo@B{ z`W=aQrB|b1m?&~DF;8J-?30k~eLe9SGsvdAk_!ia6Z{hMo8XEQdc_8q;Ec#So7r7B zm^$O>?EdvlXvew1d*G$^seT@#%?oE4Fi29e{w}~113BL$zS85Eo`|Hxpbd=E$2P*B z6be@u0m}?bugMTNYjlS&A;(L3G$31YVyj`?NlA`y{=>KvLJ=wW9r8d5oug45kKAnx zK#xg(`85mQ!}NfpynEz79ZC>>!u%V${~$KF^l2gpA$;<60^4h3NS~X5kF#UQc-{-Q zB0-M^-kg-C-{$bT4;Eo)q4T{bz3AActh5Q;Qm?WLdh1oBN;QWrPqq? z!6Rr7bU7jq7yQg`0`eHg#KI*N5=C<9dHbe+J-#PGkyM%Pi!&wzBruC+ zZO89pvq6!_pdnQP4)S1*Sl}A{bKS*v*b@y5hQGo~##h)8kn&#zTb+pX-{ySgjX@ZH z`XcPfoTq^yuG@g3v*Uoa2x$mVb$KSQSk5D)`A~aXsbx~1m0Bk0S*cCS(?n^17%!$x zTGT`ge$M)xyElxFf`pSSF|;!%9r_`cxc2STjkee@GOY%a87}q;B}d@K3E2GQ5zKF3 zqn@^%%OjV_RZ5bl7S1AQ#F>x$-~wxZocDQuHpfO!$UZ^g+>sN{ft8Hsla`xg9$}~h zP(|Cv&I=~?6mc46TokJNnBa|IiPFE-Y&N18sq!XOBftEBsZINU1!BgLdAO-s6_ zSG;LLCXS;Va<@U*5whM(d#5~Vpe^M&K&S$WF-^rWqFQJw5_(2!${DBW88reYb%hF| zJ?|LhT1+n+;lWV>-HmC@7)|6U^e8`GTK+tkE8RN9WuhGwJUyCHB=u2Cq0WJ( zUM({v*=CeF&45 z?25mVQkcXH5OUyW*wlr_3A(zl^Tf}fH(yt`kCq9h2^!@)Y#)$b1$P5MCnS)?)aANvAT2y{r9e+`R^mwGEpN!kT9PNz zH!C}SXag$KJ5lOTaPG|Ug7h2V#_HKZlfx!Z=;V5MgSRh{D7Ek3PX+sgevz9NHjb1& zm3T15nq5p`7wByAB6=>}U6I z&|IQXl)SSZAZRxibWN@tPfPSt$AaCRiF zhH2LI$;ehk^E;=t%WAKC(XLk?y65nxihh4>$zNQTfI|}I1~V)XJ8y?%=?|ySRO%HJ zL>+XZewl1a*qJ;)4*qaaX|vui3id!LS$UqQemM?yKIZ<2d)ZYEY}*o)sw{qHak#RP zo+NweOzw)uyP_U{OHPT`3Pt8O0p!^GsALs5akv#H{SAv0RE#H>F6lE^3Md@tsA zC7J>wNDXG$gAe<~{Qd$(;^p#(hg1}6dE?vHV287JW3J03Od0yIJ&=Of@AL7LU=~(7 z3rhK|9HTy)AvNef95>hJlm>m9dyj*zevzuK$1fODs z5It{~k0@@FBaE?$Ln4(Vo?4Sxc5n}h@Ak98&{{>KA}jHhB`a)tm4@FM;$tBaljhoS zw*cO6y>9$}b72W1gkYbIcf#vHy!HgJce{%gadAH$(P&HZG2W5j8A#;zj@?GGaTY!) zPaWaHjfLb%8xQV!LU5jUOp$;idppJz`m}Xh@qt)KO1NGn=2yS6X!<450ZLgEm|#D? zB6XOekYJYlnv8Iiq1b^o;L7quHr*TSzBLy}*F(yG2!#_vi0z6W1LW7>R0ovIEW328 z(z?^AhcFGMJVVP#Nid|BsB8e(p1Rr4>FK#a!_4owK}shx=H|2U==)M0`0SH9vi`ZfpqlAAjI*oDgr z)JFe*2lvZmtA5d__DW{?%SF2<(-*(n#gR>G{aCXStVViT$n3gW7x9lx@fiuw%6_`eWf2?lhazg+OvLxBQiv<)q1sCOw@eb%?=VyKiatZ zE5!j^ISxImX|}ENRyP@$_(#oC>+Ya`cL9%T>XY*+Yb?C)Ougqj-O$NoaS;2r z&kOQ*@9KF0_Pxoqdy|z8$k{O2Fsy60zB1)COrCpLcrQ<&Kz<&Oq`<<}E(pf+O$FSW zNuHGrpt&Vt^;{f7f8@_QJn3R5h+GP63t!5?RZL<~3N3XuEpr^9w3wg<- z50d9+)DxHOk%!qyPw*-J>UQI+GtN+nrCme{_$3m92rU z`C!?upG2A2R$$X5KAVAl^qI8<*wm-iRx|MkphINLVf_2FdNv{NrIOxuz$9f z7eDUAfp7Yr(L>w(C8vk?d~Z1pUmTO|o-}%-w|LZWfY0}=S;j8{ON}#uEH*Q;wwIEf zgy>&!##{?PC@;km^QjQT{7=1qk=rNleR9{<2OvvCA)Fe9!BW0y{8J`>%ZWC^z(&ZN zSHmztoTzWM^hQsY9%?7X74GG;`&9wjhGSe&Ic_sqc#j~j49ww$4MFx9rhjong;~os zxRGmzy~#$VS00T<71f$rAQ#3VEkR8ylg-2&4D(ZUuG zlQr7g08P}_Yzb8N2-*_lnopojdU^CYu`$rp$HW#B@`zYv8bE|%~O$h7-qv{Z=;1#_IT$*@Jt?}$$~QbOL>Q7KIkiw+HM9yVdS+bB`?t>Q>9)HJTBIRa;^YO;=T#}nzvMj+RrC=uXDNd3BL$~M#RB>Ttzk#uF7*?WRT(G`6@V^Ib*=8D^BnJK;Nn5s=y(fri|DrAbLfW#< zv+!x8WfO?&P!>gl`?{HyEhZtAuB<%?|Her|O?>XB$Q zlE)%{9gMQRuOc&vlr{aiNl5gu9w{T#Xg-D^tW4#w8xPhd^3v^!q;(V%)vyss22+gX zL>N@W`p+75$G(Hvb_gPt|8CbX9#45^09L%2VaUvM2tvNhjknBnXNaU7bkb=3DX=`k zxWS*AB7Z^^NJ%F|f~!T2c7e1^tw1gg@r^2fO+*OcAri3wbd@^pwy8^U-CjSwgR2@#Nrh$8#Z78Q}*MfwaXLBPZ>&OQD4nf??p66r6)a1g81 z7>N^y*uFA@&D%GP`Do@&5p|y;E#gZ9aR%%WB0U+1FF@NmIsgM48wxiNIAfQNETs+k z^pio`SD-#ZXj`NJ$Qhb-cK1$x4*sBjaeU6?^BMd_0Fc#Vh$x1iGw(A7!eY)oXR`ab z!{g)Qqr;Df`yUVA7d{lIt$&JiQ}W}oJ#w#n*Vrj}gZrPTa?fuQO+G=;|1pM9WVG>- zz6CbC2Lc@`fd$qAkpL;maC$|-*qwNO41t6sLM?>L623Y?j_mTvaNcqJ&-?j*Pe`EW z2RT~5&*a3lA4Y3^4MaV*fUztpCQ?nLrFZx`bY~9bfRWLb!<;D&3u#OjG|N8H)n*@| zOFuC|h}msNleP@KXb-OPg##W3+H6;URW&rfSgod7MuSYsr_r`Yo;l)q&k)+aTP|lo zy+xo@=|iak7NJ~<#UvO}{tR7zCfBI$%lyhgqBu&QlaLJ~dSX)kNELy$N8!q)o*Aia zLbtu@1mvX8Lwwf}+6Ea{Mih3=4^wvV{2A>ULWB>d9?ovqhRtWZNi3C)+KwWpBjSm% zjOwn#Ke^V7_oEB=9*ZGMb1Xs%i~Krm&l_nI=u+*JD%Y5IhRikcS;eJpdFXkYA zf9e{oq?l40gux(LJnFlAu5ie6@toGpX0uxFwJxijy2+vlujVHC?y#`Lh+TagC2deq zp}5wEA~(n$&&4BOA7X2NOu{8gOB8gFqeQ>OB8y$TilIGaDJ4fV*`KM8{3lf7EQ;m% zjNhz74N|N_n#e-#y*k)fVxn9%!j^TgM25i)7mk%9h<=aA9YhpO~GJ~&>OLtkpaI3;&f58u&fO8rDDAj zw`?*&I=Q|G9o|7uWeOg!@aTxut?RCA>fvqXi>;6PjPnM6>Il~BCQHnvNL{#AtN|@J zO=!I}{Fb$#7Qsc=0YE`B$xu8Nx`D;Bej=O|v(mK}EQW{xz`c$)K|`A9ZHxpmB1EyW zH->@y1h_}D?sQ`aiUwkv<$$D@VzAD`r{9`U1Wa{tQtU%F!7ehy%-Zo(^y>vmV7S>z z9M~r!v>}OqP-o~V@lV(gR&CQanNjIPhie$(yN&l<+!JqOAS5GKBN!!&C>C&%BBW3_ z5oA1+hQCrqo_2*SgQ~=d*;Cd*58+9HXjValDrgl4Lubh1Me-QRjX^0?%&7~hS3vnD zq-id1ftV}EgN`hwDUHg=Acc&^KAzZM2T~wjOo`-w%3c%TRh$uC`Ke803NFe~B``|> zglU3w`>|GGcWc2~3@@Qai5HuU)Pb(sTEZr|S=pY-D5wz2r-$}g-6&5bI-#SNj4N|P zL0FgElA4Vom3-&{J>mke7DO*VK7@#ci@2L@qRl)*NTHZ^V;f9TBQQOBwjqD44W@#s zH1KGD1K$|ajjx<>x&PJ1%mh#h=c6cBEB@0Y1V@IqK|U9*SA4>z;BKjv2-?}p!QZ*IP&lHf&#*qGWl zev7QhZ>&0sFQ_Q_g-2J~nvl5rNeGRrd)K&sW>cX(F)~vktf#Q=9LT02tCApX{K`oH zxY;|01B*;ipT^)PPP*1bZJQk-BYp|e9P<_32%=b0`Q`cn?GmOxjJF`I?-YB7jgZ@n zT~5Gm6RtHCl#C*gM(d-L+`k?-c>cXb<&mb6)I~^NsftBN^S4y{FsTf230kSXsBp%A zw##zS%S>%Tp{f#JsJ(1{0hQakb}jj?`uA(2Wn0Ef0;M@Yo==4We-za5;PsfVB}uGHu_z!w-WN znr-lfA}~!ytY{0hyJgXa_CgVPdqYjKy4;I)I@MQ)60@jZglF^rMZ)~IZ=#ZaSR!2Y zBj`uJgYkF#9-{0BRj1nGRJH(ziBpP{@s#WRn9XBF?6aU)gt8QBT;vOmt@3VEcn~k8 zQ%}jqvEAOjVc!=Ln>Mixip7RK>klb&*8o?RNC?14VUJ_HD}EzAJ$^5m9y0ue zW*_EKiPIqSkJO-&XI#Ersgx5of*`u*Wv01Dkx_@pdjj(S9mTk8 zd?i~mr0Tt%VeznIA?QX9AV#y1{fz|5HChr_b*S}bTuvqzV8^WFAIwSt{~SDw$#y1d z@`TbBjp-cQM)a;jvAIwgx617c*wa8b$M)-@P1X9S=o)=t8R505^`PN{WZAm*$y3r$61=w7AUJ^hPqk6vc_Kn@MZ#)OG^T%93AY8Lqf z139sj4XVJhsdcTZ-zn&N zc$;V%RL8Ka3|m!2iZ~U-CANf2;KXl9ybQ%EXqlJz%;^=qb@$ro-}hn48A|wdLti%P zN~2@4p*H)}uZj?ZC$ABvL|?We#K}s@^%5GPy845xN@%mS?HO@G>`IgH(6lz$q^Y2!PQk zpKGja^2OqBRkLHM9p|P4X8a+$U@r#2!H~gwb}sZ1U=7VHO+-jMKa0hR`5Wsiaa6Cu zQ6fV};Kdk;9Vt=}%AM!6&WRI~&!DGHT#@rT5HB?Nt4QNArD;%n*^<<6U5!L(Lg_ z`>am9oN)MyywvQTWd1*U*V^2+k!3$`s`4LtIa?)ZiliQP5{DVHMlai{NU~Ovok`VH zu^HH8Zp10Zk%1=o0zqC!|`ow|{!`^Q-(Okwvv|z-7^`CF&8)9C4CbnpFOR z4z+vi1J@WK>EAg#J&@*{dw>vC*YC682I(oF`9j2h>FXDAVMTBU_Yb4x+>&(%KL^M| zfcdhg+h8D_LcGfkRIC&?HyULR&L4!MaZq<{fFQL65}xm}+R@WfCjtqLdm} z8EupZyQHjwBf9QA53nV53i8tMR@AgEZ{xy-W?C@d zIJCwgkPiL!9s6*cq|kov^>1a@K$9J5DYCwNQMIvLza4jJpEKo!y|y#dkq<_zkXl%O z{??TSNHD64iizCHFqGPBO)-CDZ@uVj)$RmLh+X+B6e5u(tmO~iidZ4)28~x? z>A)$Fq!mL7xG#57PRH(*eVTGy&OLu#0p5=8j{>tH}j<*+7EASEemUu?EBpkUe#nvOuojO%fUd z=QDSCugbh8*gJ~~Rak9>4oZx~D`HIQRZy5k+)-`!8deCK0&`2CC!#Azv(B%$_C0ccK6f0gO!VhV+fO`vE7LOE6aGz?B5B^WyxDQ=-*n@2c&$ zJph}4EI9xI#v~wMBdqj!2`6}}&$}+uK^*6#lqV?~`eDhA6?12W8^zVk^F!3pLi$VM zH^rCulK6doiQoK5{)n=^b*UJCoe`dtkBQtcx?h`DXz2Qq4^=h|Xt}*_MDgmdQo9F9 z(;YL-F$f`p;=E{APqQRPgDar9)h8)lkDpJjG~uhWPe4DQjQf6!C(@3d1x@y=sdys- zvXZjOY@Rq@kjEJynSPX?ccLUOTG6IzW;%$5pzNK%U2cADIjr*TdKp97R{6W0-!8CmIHfn0Lpx$ zzd}@{Q9Gzjkvqs~8ZE06&@T2(#|_=A(NDDhr9XdnaUuJ0nf)>7-yPFTco(=X8Q`U^ zpN8jPi5y)gFrzXxM-X@mIS|ijgl{DdWzP@y9&9nbY!9?h0L&qON>^($%yaN13y`qdNg1n+MPgYZx0r`kXr74WKplQU`csoG$8?o25&ly zSz>!QwNqtC$|_fQ1kP+$YD9O?>S9guYNf3YYhm`Ko7H72ZP;2Dct3#76K+ znSRnaG5U7R&72Zs91O4Al+34cJ7vPw6k7G5ZmKB`DBNm_f>PE^Y%cOb#5bJ3+gG7s zr3$Nma7}CK;GlAHQu!T!lv+0o5aKOqDF0-O zp>SEhSg+lt7J`NxGks)P+bOrrtmvxRnRuD>FGn3fOf9ZDBPpHC!rUEUMead<45iz}FZM=2LJYFajyunk!c9`tup`+UdLM9qbgY}0^Ev+cN7<8uLxq}gf%puNf%7YUO>B&0 zEJ%w&K(P@mn9#Z`hZ+ zY!OhB{CyaDM7K^C0vM474&4WT=0QWj)P)ejZGw#q{zEL~<3dTDz6LNmho_f^=V#|f z7l)0*gQLr%kEe~pe_Wm)o*XvL4$t3xJU`hz-9ID)qY;fPw6!97#3`jgDafK`j!?r) z^(8CB00E{kjMI11<=t0Zu!HtYNSRh&9TF~AsXADF{U+6W0{(vTeD<(^$-_h2DeHXn z7M*Au_Xm+A^2`5(R4_uJ?dqG?Gk?9a!=K~8)bBqy?Q7`E{W$sBug$ezzvi!T|RbNjzL-cIhKgOrP;YBUwNfv%W^N3(hXY_C6ICJ)xiWj#sWpSpvaM}H% zu(pXufc@s`i4EQXHqH9n+tR+%_O1f&!SVz35(9W8wCOXZ`2wzgHbG=%w9!)P$3p&% z?SLA@1oE*kb+D(xAwa&JDpLr$5}lNfq$`3ceRy+*{8N@A)MI{r^ZKXPTR*-2VdqC_YtGsYwZ7-K zh8r~Fo5K9vpI|cov<+^B+Xj1_J??U+teJrJ68n5aylzw-uCcqB#6{8&m`Yxt4DoH>(~(1WQgGwsi|=oLIvWharXr$G!n4$Knl5`i zs|=_h-< zS6*MGP#pFpS|rQFJ~bltRCfhQ?^qwD0wRH%w*b1MEC5b(gpelcG+oPD3T3z5yLBq3 zgASyKn+hd=27UZ&9KsS4-KE_Y_)$UX5{8hiZrL^3(Ot!k&Cinm-Acw92n7swG|GUn zYhd<{g3y&4P%5UZb`;3Pl7EPE(?=3_mV9ve#Hi$YEG5Doya$8l+|C# z3TcT-vBX)Z7+f)xaj5H4R#7&H0F87;ry$3%m}E?UO}qE|$7AsSG?9#fq8WVDc2ym_ z>?LqJz5Y;=Kgas(hTs^`bXTO>>uAgEP zpTrt}8w9seXQNAQ2odHP_2uU)VAz#XDUG};TJ#dB)(es|&Cf3&)MlcY^61b;(r!T1 z>pLQV8@(~TUS24)QF<6>V9y`nZ>)0l=gw*(J^5|cJf14XU3hkLR2C4`H7(R6&})kB zYFiy{k{3G!IWP|Z@QE2l&8wl-j5&w*%Y)W`s=~?DAA*hyvAobVLTJ{IkC}tlqNZST z4sHTc)ziP?d6M7oU$vU-bYKr}^qm_?S)pF1`%BSNLNJVgUZ{_4)a&e`HasyZnUT(3 zishR6ir8aZuw2@wvPXHyW9Q0k+vQY&OYPbL3@T|x9peh`2ZOE_5hXO~2MO9jwSG^3 zCOo0{kZ59~nx-pd`h2asR#trIds4!5b>wf_8{@*Wp4ABT5<>G*YM?liISb+MrGM!G zVQ=V5c`)t^#36C#q=l7TA#ZI8A6p!r$+|YrZ{ji`N|CYQO0`H)rO2@G;KTkI6n+II zDv2$Ng276(dW4tPz*1G~w%Jp@+;JFxwLx+gCrd^%;$&@9;iRASmznxlyw8Mk@?4!~ z_Dt!dXaM`oJRA~($QXg@R2wG)9EvuL)Zzr4gFzD+PbX&&ewp7Mq`d`J_DJ^iA}#TS z+hlr9%g5M-dyit^@vIy>ox}!T9E*vDpD<2pryYrx$@(O)<0Q23bn7P^_X$OR97+pF zsOmWu_o7Dp^e7hz*^cr1#HmcZP09$)x>z(xXxU)L=#uKmAaX5DE#QG07z7^D<1*E8 zm_R@z__9wPN3wlZiKehaxCi%qd?CtcqRRqzEP4pw&889+<&mR>NxDe5OXcw`2R$uv zY|D2;zO$61viXU;Kb*PB)5lqVM$8V~_uNuOS<&qIbtbwC)kgLxr zu8{a46IJMqxu^tMJqc*im{kGeWr0mg%Yv28{Q(LCkh?;vLs!aYxL-@Vl~II-SUN)| zhV~TPBjzFQQ7m72p+vKqxt{by)~0du4!NEA*`&14NZJUeuN|9V$+j$i%oZn>deq;X zXq89CT1b)+C_SSA;AiZR8@c?y#DVhRlwA5Va=m&SVOmg^u z@Nq3F*MI-r5jaRar>(Tr*IK>|RFB^O2BQ1-zll3=!GC-NoF{O#6cf`mJr{T*B<^{% z3+d`85{^2O;O!GgSGc6=C#2qmHPZqR#W3&4wRi#IiZ)RmUJjPVuujz)iFFg)zOCCzZBpdf>`Dzd5D1!MUSnfHHX z^++O|%}JZn5z`^Hl0RUQiFuCg6kdlVCb`=%VxaOGL!P6Vg6KhpZN* zRj{Ktb`5;LFX5|y;dEkn8i`JJ6~9djRN6Prn&QzibgHSTf?NyzkeZ}(EmR+T^gQbO z6$2WVa%G-FjIUUTVp@F8s+x$^fE0utEAObt;}tJH75p;rK0U?Y5cU8Pz$So%=p=+d@^bC&V$XCjsBil89JPve%jciyp!A>=BH&&ab z0E=b|Rco>%l$p^qTfzYH8G-rS?#;k7Dio5ztgnw{opo4SO}F+#g1fuBTXA>y;##zL zu>!?Xid*rfcyTN4?oix|wiK7*?tE!^zVn{PjO@t0R6g%L_vlEg=4G2UcoOb4rk8xaRy0AaJZefJzCuU9&fJwXk%9 zRgUAQKKu>S7U@jl`pWnLFK!%6YS0I~{2tbtLEt~v_~6f#=dG*IoIs<+={S?3O!TQ? zcRU|O4-eEH#P@oUNv%bEzW(Tqs1-zp5^$A;kA>7m0zI>-e23v{iF$X%)X8zW6Rp^B zay_h5+$iUP$L8gciNx9MRlB03`D{5yn`d&qUicP7w7=%^#OkTD4Lbk)smxF8-5tf# zx?l!#>$LOqZ@~j*7Sg9X<*i1;GB}u(NEmsn$V*QU+;%s!9fHPw@=WISJQl5h@RGwN zs@TvO9y27~(-tjJplCnT#%FlQxRmK-MbahtkDmo3vn6{*X&o1-sSfBLQSHxftp$4O zQekAYXPV7JdI>TG>OI`Sl80?r1DKd(;qN1boXUzZ*C}L3#K)|)tL4Y?u{tA<@U>zU zej(Evm7KZ>-IF4jC0cPAe!)hlZ*>S)<32{d_ig;C)zX1LQqgAL%pQ}deaP27^?Zi-h9TL*D_&C|sw3tgvjEp6_@9lEL!#gIh7vV*({F0W$qTZlsm8EGF z3xHrl>aN+>gy$L+sdKZDj-Q;zyIXa@6oSS*5q24UxQ|XI3TB8RF1tUE7NAhN6Kv+T z^la}rZ8^O=4Lim19FaopI*vW07^&$sk_igcZOm#dF;Z>50!Su%Vqzgrwha2zrZ`TB zr-kWRdcJ}2D${S2zfuf5mtMy*Gzhb2&a>hwD}H;`pHn20;SW7^rAtRPbp#-yKupO$ z6y*(vCb3HCqPFQRRi+5b#;B(Dta8Z;U)R@mtC=HTGy7=xGv_I#T7wRS{%5wYDH z%FOXlclUu(n0F5!UuwWoGEqNjGADwEhn!BOwU)3%ubP( zbq?6n3LRjB5ER!m7^!#rJsGVSW+y$o7s`gqTuM)|_UKBSRCA=l6=FT1s>v`!gNVAS z^SoN|Q}5P#Zf2qL!NV0%g5F?dQKOaIh|yL=@8|mqpvmB;5r{rTwJ6$N(l4Vd*$UEd zrz~|Pdl!r_l60fVulC5pNiu=?H>Oe6QPm0#Q;EUFWrdV?w>%99i(>Cc&5Dhav&1ik z(&bY3Z0>VDs=Y4|!e|MYkc^V>*$U|mpr1a%%Jj0wZT3Eqn(3)!PTUPYx=AT+l7N(G ze25{S+_m&>LV-zOZ~NHsMUFCgf?hm%zVwlx*NQSf^{<%5C5uOg+79j3nxgxy-$ zx^3yp*8I2+vr1J0r_P1QnW(R52OR)h(%zZ6d8B4mwF|2-oM#PyUfCmHMiht&t%f zM#@I#BYmkR-1vfJ9PGavcB{vzUZMpo+&{?Fe}TmOsv4T&NFtD9bT?W*|ypKiXF;`C8KkB|A2wN1r{$_S)oE^9-we{8p&-u>sOk z{tt!4yN-{}$meuLv@mzmWO5lDG+^NGMmwIaez(2r!rDg#z0q}jrA)Jg`S)Z$O)a99 z9{cVcqGTm|d{hF_m780?*3t)9rP+A+LW!VoK&j)maP?tP#~TN3v+$e@e^ z(@nXo7Q}l^S30e}lx>eUE;-R3$9h#ZA?}|7G`JbN?G3#sl7GmkoG1OlwF3T4tTr3J z@mh`VoUSf+^J^9ozs_oHtTH7%2dcGus~35fdi5x<_IDp2DlT?12?opDBfc={K6D4I z%iR{>r@E&nn3IKM=zPY5@?kwbTdC$;~CaX z7fPpv>QZx7Ya`LA(Q=Ynf6&sGN0tdBr=)MeU10h-hakT1K#{?tKf?faSlv~0#1j{Q zrPkM(J9vL=C{YAArp-Hq8MM9cJ4g9?FD*Jdkr=k}1R;Dix1A#xiL8G#TiG98grceT zJIx`h2nJ$Zu%vQm?F+}+3ZTjnIUb)TAnW!&X=lV;oB!B9kM6H&>kI7goLg~c2)EcC8Emd)%+uMmw!#7Nn zLOHpkL~m;pU`KDRxKVaRvF>p#exq=H7&g%Y@u;=wfE|bUKVTSxw}MPH*ZJXOUFK`g-W~l8Z&AB-}(|@51+$oXwq24g6H@&4BAJ@QcA!qgsEPd#$V~H+{V=kjI z`gtj_z1#hA7ESawvZGJ=t+a_SEqL4w7B`h;{9S3t!NTt$-m=Q)Y41!TN4(m5)y!|N^3huG00RPfO#t2_JRsN~Vl>hgkIsqf zUTf6iVUCl(xD&HKKX)}Of`JIE`fO7`4_&6%GjT3 zcunIUdf?PeSZFwb-IQ?$+JW*!bnefImZ{>m6E59yPAp#=5RcBIBUM_*wVc zX$!icrh-cblg8Uxz>ZNz3fNwaTkyb)cJsj$IG)ag6XLRgYG0sFL*dmes1RGPRmytNwf@P^6C!byfVQPd^|jHMFZDc0O zEBu$@YkGGOc?xqwoBPwV$(zl>AC^4uSw~=@=5)9F$-sIMR{5R5duAh#ojE(RN-MyKyE7RJ@fPw+cc;2sI6!+Ju}5+xcwq%W>ksq3YfO5OIbz-#8MbOe=X4UVo|8<`DoS_jJ`~hXwzM`JlNL<&m-gAUSkv&zbO*czs*!3P5 z{8Rmro|zeeSmpi5PSSOfWrNUF|d4+hY#I0P)p36wvW@Ea=2H{>u^E;TcTYJM2yH4kSWeL5O6bu>@|E8^zf zfJMuM?cP?rClkn#UR2P0n%aR5?H9N)pzvObm7WQb4SR>)!U?QuZv`v}L1(s6_lgyY zoLH%G>`ZTLtRK_gAeWK^2t%yfkpgt15>B_8iE{FP=~g7qJtjF+eWfM6!KrxF+6%#p zek6w=jylS}dpvv+=pNbBcckI$%_(^s4Hk-WEDX%0sHAf&p*`Ye%F=6cc(|y5M`nB! zsrqn|NmZ|4mj#2TPbpe#^ObLk_d)N$HH^0l1BL6a^Nf)c z_L|q-vb;`j=n3sjb~%`Zt?`~jac(o}5coTB!Q{1r)lpa{w~ZXwLY7u?>y>LX3^`JS z8S`-P2HR{A`}IMOKozCdr)+FC;BRm+hxv~ln_m|S>5dDG1&8}hs9PzAoP5DbXD*gy zab!CRNoy0C*&$Z1ex4^q!x_-O?M`X8WAn;Gc{FWUAn(Ln;?Ig;1>3Awtlut_C zn0Y#~oCN8kf~Yv$0HO^QHkwKL;dTNc)Y_|z%#ZX`t@d-IBbbt( zKb?dl=A<;culqgb@Nr3rN8@)=SQt~fgqJifWZ$Xca*;`?yOH4@Vh5QPf_8`|iTqd1 z=888)elw*@dT_P-b+89`FkADyDbezB&QIBz*m;?#G;dO4WS-`$!ciO>DUMUm`<xR!(VR2 z{{^8^0=kFr&aP)OmD<}PHcL$pK+2#t>rI_#0fIYLMMk@mS?QErU(3V+%3jdR(2EW9 zVUfMZ??JvZp71}m*rG7dUDFsPZME`c*qe$b%M<(hsB1nN>zPYaset(|qh;~ZI0W1C z(T2-siv+>@L?yn4tM$Gad5g$tGWqJFNx@q+`}k!okv?$-IHx)6Qq-Wg%BYJ~zoGl; z+yCrky?Z@Z8-OM4_W`=>qz*8NcTp;=ZGBm%(a$XHz)Ok4;i5-|A$!dyV=@O06vIQ! zkPu%aA3AlHpv{c^H381072Q@!VpH{(*B6T?5I%zmA;d2R@z`j_AzN0WZlkmr=YaAS z9<>LM4-7vzlEaRD#fR66f= zNReZFgs*PLBR2x;-U`|4nrN-WMsaB#a;FMlT;$?ugcmGN3F^RrW0T%1(I;xm*EnWH zpN>L}*VfJovh zjzc1`IN2~5NeS&n^-N~3oJNL|g=7@TcC7fioI1vP--OteS>G<>hVFN^Vtk~D{_sFS zS#f4)xt*fQd{pn|j4C9R*6dZVyLWQb=Lver9tO_0ajerbwtGHy-}CINWz#ezq1^^Q zD(~;P@bJr2DXF_}xt_k5Nfn*MTa>Q)ZBp`9Gi7apZ%AzRs#9d1>blU%sz~@g-p2ee z9e)eFuUnd*3&G!-v?=KSJ~N^FBtx7N+(gq8ixoM?|t#68(}sq_Bty5}Pb7v#Q(G3u=(ak`dM5}$k9 z`smq$H?1x3z;_5DQ zP2P4hfCpc?5T}q$zhBV3izm<-exkb625Z#h3XPXLxeYyna`pgu+(G zKO^w&lxXx|SIcR0ao4+Oo^9`|?L*;|N}qHa7`&ejzk59q)-i3+Q)sUmk4FZ^F8qzZ<$T6ggTu`P*WdZa2fjN zlsrD!P5bsI9}2w}4cg<=pBS_YUu*bWZ>QcoCqi@6h%?5Wq~1JQ+<$sUM;K#?1zn3o4>N%LTiq5u5ubJLpN>nIAhDcOrQ>wc@-bsLPQ6+8STZwYts zyGVC$<&^1B?!Z{VZIPdAmPZ#STO4OQDAfV+PmtCe152S;npDwJqS?ZC!wb_xj2lkH z?ycDf=}w-wXYUhLS454ZX+2tPWaSMftCBe~D!Ffy`*Cv(j5*;kBJs(6V#4lNG1|Iw zm(ez?IW?$VaCJRot(OT?gi!jG-rUTC>8QB(G;o-vKcsmg%bC4?XLXT0z53?e3~LGJd8_#I>Em0&I*1w``mMW&5wa}Tm8M_JJ)wCS4N)LOGp7KZ`U zf|jLoAGMaD0w1{T5s|&r)L)=Hju8{<`V+IMkWor%vut<9#YVNEIo4fz>VwsL+DRM^ zp{At{32Y6@O}uo&xEG4;=h#3GGq6a{nf#;g{R+`zY31enwJ(v|-<-H(O*Fk;UHgvK z{}PC4BPugvX*_bP`8~}{o>UY%b&3qjt)_Xx_!Zj~31L_i;x3=+G%6{OwC)Eaijs6zC=5Onm4VJIsLr9B6 zpm?*6l52e49{3&nV|r{^@3@QvWgCF3ukF^5e<-7e^tS1>RHJlZIKil()`!z6tyi>^ za2(S1ZRP&VRg`@iEry`^a(3_!cfH<4NvzQ_O@bcYz_55$a+v8nVK%{Kt~GdNOctAm z)BEXFiX+ch4s?EGtG*%#JG&TS{b>!(Rr2fa7Or>Z!M2fyT608P!K70>^r$fABPaQg zZy7k=Q%b}b{xqm>@;MU79nRm*Q%X>pi&b1!TntG+S+8{E1Y?Ypt^>gxwBgzj;xD6E zRIjhb%bmyuOFYoK8TC`8om}?~^)y(bS+na6f4A7`Np2#wJV$~CuXp2YS#Y7J8|UXEt;)An@d*rb#yH@YH)L( z3#0e_Ap35BtU=t151)^~_TDTp--TMR4w9BBN@>IBn@faxpY}e1QtT!JgeWQrXsVXb zvCxz)LqAjFDC{xQ)q4`gvh&$UD(p$>35A9(Oj)344bsz_yl&fM^~1N18a68FG}N*E zz7@dbCxhSlgYxm9r~xp;l^)haG3D);jk(hQa^MwlU^ASJ+8xCtc-_a#3XG%Ywm~KR zc3W`oY=LQU`U{!ss>hC1wVaHy-{DHw9s*G&#Q{xta~y4$kV_R&t)%R$@%@Tkwqc2p z=tjb-3Elk=GlT$nvbW(8UFTuPJ}VOnx$aM4PQTBtW>C5e#38k25{5Y4e{YZ6)r z7Bhj)+N7~m&kJ6GTQ_o^E-wdFi}B~1%yCy(FP|-=_5?gUL12!7cnvX{Kpa?Pa_9zd z<xE zUscH@#uD3%EAd*QJ9d0$j?+bs_oamdcZ)e))`gWD96-WfVMf$;hJN4WHoSDfH(;|F z3B?E6!7Ub0Q+Y5iN}CR2E7pBhGSo>fOH5-KNVeqD#HF5W$3s%|;1%8IV~f{L2e;B_ z+KkBMFv{@lOvP(N)p~z(FrY5}w1p0J7Kn6x92$!9jmmYea+3+!KJLI4;~g8j)=A#` zFUN_>2;FaL99|5{<&a|kep5-5fO#p6AjtHc!>2>UGi*RR{bX{fH${=JS5qOVEH=3E z;@!8`&SVkLW&dK*85!2n45W-6|@)l`db=iYl-G+c^eN)g{G2saZ~e_B(RN3LvoVafA3@Z4#zcg z3Kf?`-H9VZXxk#4(`G48-n0fq$Qp{=IR>`H&GZ$=^?>OZ*-Ob7pN=En_d>O(_{Aus>~Hta#msDZ>D$Or^~%}5)G$4?^ji@}Z}TNC;uba9|6 zy3-XE7W{-UC?BvvD0S$6iN5WjR|5x%WDu_|Qu7$0uK(gjy5pwM7wGeO@uio~Wgt^D zw^2n2{CSw>19z&4fu_fLdieln`pU14M)YEldJb(ACpLL}LQ?iI$3^^$HI2k1+PKG< zb07fH?FfuP_GmP!YlF5~)_>Zpn-j1J2qObwbpf(~WeVZL&ueA?gED;5nR2@hwQz$Q zKeb(1SJb1drjt}`qKKKODX5qkNC4SE7$6})HRB(E4xZr9jsD*q@m3=^}K>ESxH#fC8D0apA^jj z6_|4W93e8guSztmx3X^%vZn(eEul)u6lP|(l=u*x@T7NVuGxd zz&v@0M&)BVf?21O>0Gn~s6dpC*6v+lQNdaQ&wS2VB*hD-nfr82XVpq4(~=TEHVp=U1-XHCtY6N z>DCN|U|x}=MWle1f8ofQz;GhCl`IkBBZz+#kPJNROgf0w zN^&fY>3-#A|FZ_OPNSg^_HM@cEB;P97H%81geFjt@N%UkI%8<0Jp6s^-mZ^~7)?z{ zu~*0a-O}`E2f3MPM*z6pC_n3aY1+Vc*ilx8*i%5m?YYC_u-)6UThFKao5$Td=r8x4 zcx*+f+0UmN^&|4bEb?29D>HD`n<3Qk3a?U*H*drP+S~m7uTQTJ9xn=y#L2UUIiBtx zPY)i;?$0)_mgXopVz08yIz+_U{e7E%e4PthdSm@z_Rb4~pTnyZBWoykc66>~maoh? zbI4h@;qs+W)^GI_^MxN2M+0H*ggH3U9v0zh zsFM*?LR>Nop*y{p8Gnsd;U7^aGO*&H+qdR zSnyy9KoDn?GpExVn2Qum$C=P60L(>EolM5G( z$EnpR0Fw(Fjm0U|c@4+~MWb8`CU4vgET(+Jx?U4Jek!Vb#ky2uHSQ*=e8DEWwOw{#whNm%JVkkwYB9!gBD_bR#!OGahAFd6y?zXaHiQ? z5H=kAq)yNPZ-oj#mW}?1`9UV0*?6|b1+D73FWQ-D3M1?NnQ^)`-&#kiOv_G~x`J-Y zEn2m@;~wv4#7 zC)(Jp(|z5eGkYvO%KtuUr)~=oJYTS&`MYL_%wAWDPi$aIt#K~ah48n>%PZLG|abo7^<*LzPpO`SazJVFwptnb_ zHB}LMn%_)raz*%^)Xh7?N>}_Se-y^aq4(=Q*$QqXmW!re=&`ixM18S!#_uvYZOloe zf`EWhbUu#9qq+C#=GR-A;EK#zKa8SYLx^nRn^B&)b|D=~>PN)xH8|igTux-7K^me( z*b7=;gkmh%W0c;Xr0DH?DuU+2j0}#`8^LAq>6K)fnSrEk-POVjtZ&`BPq`UbcZXh7 z!*hQ~uY~(twf?DUFuAHCsVX_K$~U3PJibaku8MVBAL%u#Sd>Q~7MOP540rW|AZ|7c z!3fgQu&k{BzEJ>Ci#`#FJdrOi(Gms`%VV^xXO%XsDiTRbpH`P}PjPTjz_2x^%bN@BW!40st7}zX4XCt7Di}V_V8F@lzv9! zLdf|lqn&tM$$-N`3m+CUkfUu8Ey0c=IKnMANNTN%pHb zFL0Kym^U;!2E$SnaEZ_id(S7H+*9Kib+fzo_dC ztrroUe1xDvvI(3xuO!71@s+kRp;4)uIs0?4dBXg#0K+gUtvuq7QfB2Gkb z1Q$muVm#6bt=)Som`|_@Bg(YtbaKhZnbP!majMdHW9B@Y-Fy@1-ol(UQpjxlCJ8g`ueSt{k91fIX(eX5O1vE?yX5?%d#(S5?~M= zAQG&t;U28PI9qQPvc`zvx?Mp$(I(Y9ygeP|8s9bO=6G&SR`soh@x+MDl#3MB z3nYn&nAFigw+vEjAl7a<{WdYARJQ7uM`k`6r`!A}o$Ee%-tN6Sv!>zT4eKQ5?YeOL zMOdwdWm6Mu`nA>}Jh3SX;>(84+l|tw+q|bef%D3NZpcA2r@?{IUx43XPUH5tq{c*= z>dJVbJlk^y_!sVyd zX{S@1lA8uLIFiTce3t@yFlbhsL+7c3>Rehr1_m`+UjxOFdF) zW+SVw>@uG=G0?4;zHs%<^o5J%rSxIs=5V+pB8+P5#17ZJPL>;pTPAp+D&=AFZ6*pP zD0T3#CyB8-Nn61xio)hXnxigzITyvQ*g(4R68A%w7Kwd~!ES{f-&CpPxuRjRl$er1 z2xp@7S@owaH!_0q_a-+2Z$@=z0Kg0;(+OB-J(VU^7Dd5gD1C=7A6NHBjQXW@3J5P5~^ z;f z4@wbjS)BE>;RxNPL`z>;We)7(Zj9g+tP$Ig)2S;*h6Zf%a}5L^^KyRW(R^rbWpuAv zoCRYF(V-3COj>IMduRywdATufs??kwOA4H_%H}&}L*#ORvw6{Z zIB9#hqA9o+Y0}AUGmT2qiT1viN+dPRnDB#p(kms|YrvbLuO)LnT2zKIgKEiIK^tz^ zq2~cz0z!1>22Be^QlA(132$+gQ&4VsBfym}N^r#(E7GmtiZ^D4XReDJsi89FKAgSv6VT#U+D+P!HyjTzdy`^j%c5{`%K6NtHn(&aX9wYF~V? z;$pQ-`-&wqY@yw9kd#V4%Ugrt^5q4%Jf!q3zJo9vyqn*bRq4k+AloZNkAtr*i;qm1i;;Ba}o5 z#TP}Kbw@K|OxlTbnGi!K?>CAQm`I#?=T(VIwRvQxQ7_2U23-^rVIEl!x0qdXekWLs zKSxV?&|)jB9>3YEp1K`RtzPxL_aGl>)O_SM)wf`F{OS)x>;ZP%IcFo@Y&4blVQBWG z5l&d3f!(&RHOMnsL=vz?CM~aX0%hZN7yIj}jnBzT)sk?DjV3ZurR*Qo< z4#(f#7oNR$gR6uiyXP(U2|r0a(PI^+>oS z{JYBol)%Lm7o>Oa74GVYT(!B&zMaeP9xX2EuhIshhF7(JB%=kQh`S)u6~_c=;5&ouu87C1IBA&4tMC@Jz7iJ%ioRxd+PfCUs>T|J3J9qvdCjLRpJttT{fE@-0&78|`YKi01zU#L+y`z)SoD2)i{ z>@=rFQGqkMIPTZv$iRFSA{3L=^isZ)20gq2?p!nI@ThMd=gak_#QwK!nDaMdLM$EQ6_~-s&pf&iyd`})ch%so2(2ncu(7X(@Dse8W zggu4T^+xF+Hb<}tBkGnFpGt%Yn;hIeY4L+y%pZ35Cx)bZ&bYv@dsHk&} zBkJJ_lk+ZJ@gC0lx1E&{ebdp%DEtSictxB?7R0u-OA)X#32>G3hy?d4hJ>}F zgfFmQ6Bt=Pbi-{4`8TFG#d5l#=S|Rn#m@C6e^z7})tW3~n0Mxc?Sb|R#DH%fcDD1P zswi?>oe!RRy`NyrATZM~cu31kBWJ2G0Klt;)Knlf4A@M$hZDDN1+GJS&^OKFXje2*^Kt{2`VKx3 z<`TDoJOjuW4cFnZ&SVBrW&#P2z8Lx%iGvCNsF(r(gwQj#|MTI-PlU0-gVaJ-nZnJ5 ze4?I%j4^>ENiWOrP!j0@fCDs`e-#L4_*+1N8H7h7{6KaVga`msLf@JFw_8n!3p0oX zHoY~30g}ZG!UrPj{Vg^EEk=5|BprGH4*>At{<~Pc>0cE#3smKoqG3M-0sw5F7a;mi zz|ho!HB?0cF=YW^k~+Hjz1)HNs>J`dYSAtc#-0RH$M{E;o}ZY24ge6S{#$k90-0oi zM(V|jfANVG8fZ5d>Kq@!&I%0ye}MS@I~)LT2rc^GA+&`2RlS9(;M9KWX@7*oLX*I6 zQGd;?e+q9erb3rz0|39I|6MpH;jaqB2376%)y+>rYe+)(Z&hp7UzO4y)ooPiSSPfW zsnBoizXRzl`m2hEsz^j_$Q_NLsuApet6CskY#>(B%Mc8NU}OLQo9W*IwR)%d4s0wyySd0q-hNggf-~L*^{waHaH8D+&0sy>Z`FB~- zslTeTKdM~l06Yn_(zPW2RwexSs}kaXsy?=v8U;XAd*uICZEXHk1^!XxDh=Y&L!&MG zKhdTf{#AYZqbhhUy?Y0(IhoMEeO+GsRbg;~IAIte5}Y78APNFRk`sgv$>aoa0O_#) z03KumYJqKKd7A=xgr5nWQwmaJv2>|eddi?L3Z6g0y_K6#+iX({*WQW!}|Nq?VdyQvj5}GjZ z5LIqy^Pi0rGDwHE;}8F*9h>VvYd`*R3E9Y*mWE1JdH#K29@A&pEK~-|625H%IfABu z<&Mv0(ib33V2kH7SiXR|%I3D12g(5esvm*>szaUMv+U6i8eQcJXmpBNIyfEBHX~y9 z@5>%`KWk6^_}>_VnDc>1AYwcqUf}NdGsOLY!-;2D`vYf_&mc4fg8~uf1u+A!r=Bh1 z(@+bs5C{`OG6RDNLE{A>10SZJ^X7S>MS-(_fE2>Q2jYQ2fV|=ZX#!E_o^9h$8xU*$ z8L0T70w#zqKS%;*4g%o^QIhy;u!~1p0|25mKmhb1{a+sg$P_0l$(#L?N2?8lV2#5NL+AxTBxL^?nfmvSC8G`y(!~vJn(l%i zb`Yw`Kc(6QLA)R=(|-t42>o1!LxivXq3S`5ojKh4G>ak10;o{ihwZxj+sEpML_tV zEIS}XlO2Q$SrP%^k^N`v;@`EJbNs8rgHVft*nvYH5KT!C9mGo%`Y5V-Kf~xBnDTuF z8Zjs=`ai?FKVTmC4C8;mF6a-?LTJUIO~^Im8GQc0b@($(h=cG+{=SQcHhq0d008rU z-8^U#0wV#UA^D%~3J?Im`Y!<)L|g(S2Fy-}fF(d8z}W2PtBdCV;UL=*AZ8dG2(~0h z6ow0;Aqmm})|EZyk4QqJ6Rdg$YAGnR)joswA84=t1GJFQKOous49Cq-pA6E_Hm%V5 zZ1IwYW)F8f!^j_)>Ust$87M6DJcH*SFdle@;Xkl4^ato5RI<=-d20lsDGL$?HH`rw zR2U!%NVzPC15_{xgqUvv$srn3(98b$ABCjN0x{A4Q+x8+e-vtRQ2qM+Ka}~0-Yot@ zhks~x<1f)XyTL#HFE=Si|42W|L#3rR|Ikk;0oh<7lS&{Q2-*@56~dtif`ibDLIaUj z01*R|(f?PTI0iKDIY=T9CiH*z|9{Ad{;236e+3H)P@ks6&ladV9$+rXGerJ@P10xB z`~&3V&mf@$g_ji1koE`4DF1)~5QX~L*g_3Lh8QVB?~6Unv*oKYRMt=X3p~6ez4q+L_e??^lS|&~KK&~|;i2NPwdVdwo;V9zgcYZgG1LfJ_=0zSl(7=i~ zmCic2QVXU9$bGp_w!fjRviZdZ(a{x<4I(2GRFpBv85kx`ny>Z~J+JsvMtF zRaXw6d+vf`?+~+}8L&08^oBTUN@`8kEX8b? zh#*E=3UHJc`4}Vu=@=qUic~b7+Kk=!?K*M(~Py!8cBNjt*%O!dT*nLjiTVT(n!`0-kETqE1A z2^e4Qz8OID+a#HyJazkuf+y?C%d_0LTqNhSK67JoTWs%7d+T>pb9ca@LAbWoMdjE5 zWEx#IoZc@U+dr_4Z<*bAe8#wLl{E78*mJ@_nbI9vv})|~O6jzolp+&F8`{KHB39ED zAIT+-`rSlIl2J{*2<1=f8y2Z#8A>2&L1=l}{7W*Ehnk%emU_{Pn<5UXXTNW6Mf6R= ztHZrMw;2)Ph&-OI6|@}BX~e+wis;Zpz~sg^{~iVQqN0AdZVFRR8qSJXYb>jAt(d&Q zpOT8cq#B%yZ(h-gmVRo`IA_u*z3j%yuoPfJarL6~Tl^J{deUU0Gm^-*a93S9SKm-) zPtTTJnRBGgf}A)z*dbZRIpia#R z&i>YC6k=ZYR(8d6+1sP+)yhGeqiMqxnVvnkt0g+@6EjBqsG+{;5=9TET@ZZoRG1Dw zd5_w!rSXSsK9oG{YG2!4ZTwn=Kx8Bkb-aIMrDlzY9+?;F z*JiQ!9i0ZQ%Jt!vc1XnvuuX-h=+fJO?A!R!+dB|+v4~Ss3&+Zm|1QAeqyvYi#)LPLSC+xwekY3M$6rPiQ&Trs z@P7F6X_As!^>xq(J{@%GKy%&?NU@WYshed8V+$5MP`NL^#!MQ&*#LM>z6JIle~7f> z0`Z+VsOv9jkA<6=Hn9w{#F#61w6Jk@P(9bODQmgb_*!iJ##6PPgDWVN`CE5LmM~eI z(}9^TJA2+oiKb5_sT{Ou#V2T!Lp*9{gj5J9oXqw5L?a(SIx$+^;`;qQN+}Rm$Zq>9gCa6M$4Sc~WA$ea-69=JW8eOKcnOco?2u$=U$T%f)k^U_ zJB$weuaD?@t$B)aR)x!q}{vQo>X#Ekz7n zC#6YfELB>5Uz6!@n$=k^h?=n9G`Uw`Bvz_q62r?8+z`b{xpwb=2&@?I^qeRynq2r5 z`#y_&BV_gDWdR6#p`A$qM$|Vv4bdTtK><#5Aq=;J<*W-E-yLlNwT=6g6SbOiZ98wx zpr%e!{MlI8%`;vAFi8m-@!&F{{-Q*$0JGd59JZpx{O#3IhC(`0MLfiTTg`-|Q+k=e z3L7aQm8+2ZJ*CY&xt3@u*tsE$?*{2?!90Zy#`p3Y^=M?JF#~P&14@1{(zAE`T25s!&h8kepGDs+5*7^kK#s0+3QIu^~@6okJhD82ZCfbGxP z&)IFi`lihndOPfOI+TCGU3mYkT|l6y7P3RhGlsw{yYBuK20dr4%h}fp2`2=uoDS6Zl&=sN1cen99;CpdzV2z zH;lO9*o)HM24st0=6KfDX9BYyp2sd=`HJv}o@Pc5VSa__8JgF7o<(=d$PSg(tc~+- zC~^*FA)^_Y1@aM*1xk-n5#{xbleGgf;(dSJ=6r7j8h`1C)WLUWAWDX%R z(e6u5n3~rg0xffoh&f#(TwaHn_N3M-;nC9iz3uFU9dkb)OuZ*i1=^3;jV813>F^a zzi`vpgKp%QA3~=WUIp{VwWgdFp(hR@H{5nw%&u&+U~#V8+8UyXH0Bb(j#Tcz&u02~ zsi28~0XTx-5w=eFRTueV++)EshLAD(P8&Q?Tn5F}J@@a(Lo`Y?Z(~0eGPA#0m1&Ze zd4AzEQNG1SrnK>`SceWE!Z4PmuvsK#1-~5;A4!jL8M{(_`aJdAbt)D9X#XLHdRa zTi1#~q$Y<+x;2cbVr2~e@<-s7ABhoSnz9GQ@Dzpp0d}~sakem*$|uFcvQRTmcVvAq z^OPruX{PD|xzd4 z1*KpJ6`#XESZjuV2Lo*oZ$iWmu$?6gW$2cldwJ|qTe`X-nK+I1pKqPAp-dRyn*z8?gQ9*4-4ZD%L^UZI4)aW0D77Jtzu|D zW8Tr`6;SK-9J-O|MJ0`mpmtGWAj?SDGS^u6GVc6uUeUCK&6K9ccxh<_nPg;{sTN)F z={WAb5oJ=G6&eZt=Ubj>B92Q-&g zE-x+ho3SxbOvJA|O1k1;S9NttG*-B{*mS%++D|bKwkRP1`C?pgf6NsXJ3v*0GE#5V zV&XI;nu?i75fWkhWt33V;^bubdEvW`54)`3#s6-PQ(QA@(aYU(CEG{(>kxo=-1$KF zJkb0%ZkgXA#WEHL}}O1{P%!jn#8?-Z2zB4qeSb3eFo|Nr*EeJI1ji?#`F&xLZ;o1@x-H(5@~XKFj_jO4laC7{wmAql4QEU*Nu6oUY08K z(>0^El3}T2<*!**VL=ojfE4;%w#A}D{U1Kuy28o+A!A%ok*wNO8p3mY1qltnSDyCd zAh%mX8y^_6#I|t** zEi=zRCw1>BL=H_BpV0Y58%rPkP5y|wx^&qr_M<{Xo`mzidE<5KO8s}dmXGm1>B4-X zpqNH!TF}QG?|EQhyg3;cQB!d-4d1`xMF+?q@uHH60db1+1yKS9n|mq!|3cXCZwt16 zOJU$&QkeN~wjK}re=(*0Kik^RL4a-x&Be!)^Abb!F1c@I)9xx7O@U}b;ocQVxsnpF6 z#kcVKec5R<*|t^+e->*UTG1$|L&~v{>Eq-?02_z z@o=>oodxDG^1nO*w>{h`-+=+Iv4@ANftNSy?~U$nM!^0L^Ye$m?f#9CdfM{v!vyK( zgPQ-{$V2jI62*O^*X8{H0KUC>I0N5b4O9YJwVl!XNsdNIxMVFn$LokgTdp)Ai_r7Mt?DlrO8pls2 zoP#ZM$0m$TsKGOw&AY+c>|+31rrAgS2G1}ysRn^={PpqN@{wcU<&D!DJWDN>qRhn; zVsD|l%d+Ao)~_S%WhVlnfS`y5?qzbp43C$$4EK)|Da`kEFMOVla}L$p{NPc{JhUtI z%891Tr#JbX=bqI6Jepf^={DLEep}2tW>v1_qu#W)uIUzkU_vTfzb>K9TNi77*5ng0 ze*D4wewWrLimZteU}sQ3A9P?mvi+M(;d4^q3$JOZ=`$ELTO4}j#-tZs``f+e2Osxe zDCu)hlF49l>G#(d8fK0!{z6}ricyQtzVu?~-gM42jlsx6B&x_$yG_r8ciiH8JhFS! z%KhwCWLbqjV{M?;i2ui~FmxX5ws-xg?;!9kqk~ zfqnL>Gtf3=HttVET#;-(qZ9E1tn}FOeCB_nXjPc?TBco&hheLP@s5eFWfKHM%y)Y- zX;hIJZI=g{GK}8;dZxVF^ZF59wy+QX`BMnZ#}17Y7N<6B7h@kDgBQ2rv)vPf;0hf6 z%xTN-rj(J(M6>g>G-=`cT|R|OIu}PJ;cF7p^YH}izhrqE_Wu(_!|?C`wL$kQh-LvE z)}q8r0{-Vw5aBZVaeQ{qQ~m3z{`8h5_>U)th`IgU)PlX+*Mga+PYmH57>&wm^>jc8 zDs;AJbQ=#K`>HJUM7*-qy+wD_Bc$&<7<&y0P31Hf{ZGNIx=JuCYrn0+QTbuBH}xi? z?zJ?~mP@-6779OE$o&v#{*(_3Vk({OuMt>8mU>4<&r9_;AnEeE~uI~j|&56~Y z7#%nzFnJ^%8H5n1Tdx>2VIzXhy&PKZPkL?~F?tp9YpI3P| zZdT($bL=AO)3SNWN~~X6U~_`moGoCLtQ(Or3Te@ac< z>Rjs&4yCn92Y>cE*E2Q9{9rqT`ocHF`Cxyj&+PzRhL(sny^^*H`zwFe4f7o&)Xl-m znt2x~%=4~D&L{Wvd{G>;@Bi}N=qvZ|3M}~-_wb(JAKV!|ju|8O?@2P0PhbBL9plzu zX3!tad|fA7otV_~b1F~c1C*6*1l=8IU5eAHHHe{;n%;zBP9>VLCkYLjBA5S6cvEeo zTxauFxBh4^R@638r7>Q^pa^9xPM;wT{dhm!{)6R?io=gs?@5}YzU8$~DUoQrth2i2 z`G=|vyNthz^_?5?nLC**EH~P%hy<89X|ra(TDHs>l&Z61abCU@`IW^iU%Okc1d)|` z!*rv;NL|2R2&_rBCn0~lv`zEPb2rZZW&BRtw@=jOpOn9;&Dbsb)r3&zX+QZW;klC$ z(m##y#&F(#q|WcJJL?fqKj6Pc!V@Sse|lfGup`?a5Oa~w7ETKpHu+n;hE68wpCH=q zM>B2(96z!UKG*2kWaTaN7v#bAm&&mTXGp&q^}1g>&~N#*u_>TlXubV6Oo1#$t+&+? zB^$2gQCx59a8&SYfftJ(EBbG24O{gUmzu7;9OFgoWC*M_rE)Kv%az{in+-O8cW}0G zs~3S3r$CU8-`K;q43R(Q)uqQwP&JFVKlS`;!-~U@is-++ZoGE;@31tqn5W#{Nt<&}T+r zJ?AIh0M%>5%)M8TQS>;EBXUpeyZ-^IQ-jO)A2+ph|KYP=sm}awOmZWM5r1N8n`U1K z&5rEfiC-H}8VasOn9#?Z~>QwMO3_>TnT-;7j37D&ORy@x2jM_7epRjL*ze|bn= zi57hq)hq`aRY8`Kz@^^~zaNc2Slo8k3S0j4^C27mK?8j6-_c|K_3dp1IhdtSwDwD` zSKw7!HQ>y9CCd0+^jQtqsPb65f*s5O&6ITtaq_Bg=j>va7k}W{ zn#bg&fuO%uG+0n1hZ0=ccPRH8P>BahbO5mNTD3NoQKR)*wLZ4LR)|sHap&^nsz=DB zXi=A_X33xEj@n9F4&@G;=WcM&;@3+Kf#%;gyJr_9TJIhjwn3BU95me}=Ald!y?f?g z!*6gRvd{}Q+K7~?1b6jx)HSc0N2-demy@Y)LS?I*b+|uXu%;WUTQ5VTw##nEtekaf zySsZ2BVN+P-TeJbd3!_ZSg+}}(fhk1m)WtI5YTr^;QU>yDFPp3jt3LuT#yX_ZXd2_ zo-1x%E6r;B7EvzDq^3X|ONP0REM9R;PK=&q^0CqZWgZtqfQgg?r#-$GNL=^?uk#ip zfK7BsEH4H%PAca#vnF!PLx_~V>RO)Ix8?%enk^#?cej~0Jv#h7!x~3mG>U_Cp*KLEq9%^%7eIj?#S#79wAL`Oq5Pi&2jq2N9zhhGWi z!mt$B=5>5N9R!tH?CHPMFq*J(#m>5N4*zBxhPY-JBuPlp zxPb$!1Qd-KH!*k5_?kA56OSsmogXeGaaThp#l|slc0d zrcFoAYB&K&eu4zBF}v=(hmqrL`b{eJ>>`aER+v|D?65-xMEk*Vn3}b_%U_8LX7!g7 z({`>8O}z+-kLHrMU^-plQ_6+X4BN|PagB^afeF&G`8Fmo<19f?!^kgU9{QPfP9|IGtB%$#vfJJ=%BzZq4q0C#Hkj)`2GAUuY{`rThB}(;(y3w2 zQ(#Y`rn@Mu89s`BQoxd!tZ2hup;g2Q6b#-lUX*PD1;3dNl$Ehocok^UYVxvsN3eaV zP*xVy`Kj-xi%B^Cmw5xO&nxwus>q?TK;`VYiw$z2^cVT~MB~u-B{vU2NwkH^Y5U`p zzTh5ndcuN}-P>iFhD!z8z{iTbTgKyc0vn#Z$p}-jR&WnA8TTQpG#r`vx#slwalLg3 zj{~y4wyU5oVfGu+Fi8bU}_`uMU_uXaU`K;RQ8#aB7Z6zB)saM+p+D=0~r1>&GhNcxdg zHiaF}bK`z81|A{1@U5dlAQN)NCygezKOXjG`*?yIH|2>CnhiBv2f)tC6c-}gs->zN zQ;K^e?lEM`FE~0p2I@=gi<{G33_SFr9iVOAf&od!^vj@uSB%N4c^-?dieF(NlcQkZ z7b6e7Oa~~#$g1fwHYQ9B)G2$|w4M4JKs=bXQ%LGpw^qo8a0&TyiM~TKO#z-e6Rxtk zg6YKyWNf){ric+#d4u*k`0@1ouE*l+brfA16Lf zgzMBwGlzS0a8tpg1aV-QHP}VNLr>8GLUvznO?ejC8TClvg@Jk*(0=DVl$jhRYptLJ zIe+)OYcP;+`AbSsu;+(U8KLIbn=|5%-Dofd9UCP4T-){dA9rVc*Lqf6{ioTc63`); zHmg>c5;yyX0m-ykwJY@6d+OeaK)y=FX!!Xv0Ehfk-%mbrv_DZNjG=tBZEe4ak6)9JV%h8FMx~WYc!KvZ=toai4jTdKy zfbY%q1jlmQ{qIf+QNXJdqq&8b#{{L?Aho%+@$1cw@ol@^%L1=}>Rt4BQ@a@_=VVGa z?)0heO(tn^FuyD9g-J!0Bsn_}BV|QE3f@B`succW(hk5l=Ab7|3q&NI?{45pIxT-< z5XXBMCo5HP+s_Skh4(m1KN3mOz=R8R!>D&Z*DLw#2*V_Oc1?b+efpDe>euJNWNc&_ z6We>)eDa(b8>K?HpH(6YNo1SElPh-`T7@`eQ6eGvRv?I-O|7*-nG^4(C5*QIjrWst zoYwvt_%ZxfJIH+VPJ9yLdPP|F3c1LtA9`g1BV`vnry`xrO9I%j%t#dzAeH|6*_;-{ z!KU>%-cRQV+H^myrg-~wxHWpk?-FLF_-GSnhYNYemmpZb8Ga>+0V?mEZ{9G-9bggU)Dd5|~kgeO7ohWNx$ zEMF*oyIxwt8{VeGx<;sb?g(w(#z#=>Y#+$tfqlKYirlPe~5_w04StCH3szc z1b(NB5qaFK(d6653T*K-&@LxHNHwVM8R~V}r9v6Pj!vSA#c5b&Z zD#p-k-tj+z$+CV+Hb_;6F=d3O+>dxO7;qd$zmUVZjS*@?_611ly>hHwQqY1-Bx(Fz zY|J6NfS8Sy^JYHWEhi$T{orI7#0e$u42D6U(Q&(Tc*U}p_DPvRX@=x!c<+0<1PBYP z$Xh<23O!uFJXqzD4m#Bl# zO9bA-DKJ;{r>CB^vfqeKxbc*|!k_Yc4o|mNjloW{F8Ho;g7lpY#?}M#>k;vDprCXE zs?!GJ^_|i45QYVx%I4GW-m4FJNtNN~6M`Owhjc!|6Pn&%rwMd~Hmy)y!G_mOiT!Ah zI~O6aucm(W&TZ!Jw#;qj)>F4wy4J@HfT8!7#16Fa0p%OCi7PkqgM^DS1+DG;_a9le zh4s>I&c-Y2=`p`S8u!7jW|;_hwlbw+e88`@FV66U{-Qw3hN$DnHhGvMBL4Ju`I~Or zRxivE$gP!k?c;{=b6oGQM$=r0;*U3fSK|$)XC5ju$^3qFglpRftxYD=NO z{31JaA+<$6ktd!EJWeTN#SY|)-E~V{yKzcL8$X@A;zf|pPd$R;bH=iKfo!;_X!nw| zYm=bPS(_f?CztmEC#OQ-&~OUe8n*pU%E$iMd%4}YLbTwiJ=@M@>dmVjK= z6Cq6i$psDB(9dJ;&j#|p8zOskuMs*t0s3RYCM%-&`b@;J&=(L78wfKNd8Z0oURVVg ziFLD3>f^BfyiPBW`Pl7*v2xJ^unq$o_c1`p;`|N**~6g4zKD|=D(vgE`qS8i?NV9L zu$?e%E;<$V!vZZKzhxi|yY!&^@)u4L(j2gLC+(4opbMJ8?yfs4ob;_ryfG_~iX3mP zm>g`eJEvEEKX9##6u_{E%e@+*>WwD-lbAZXmAu?gXTeecJ{>4y8msBQg|F%12n zCtZ#8f<$}Q4ebK!!gT68d22`QT96Jqkp)zBbDuf7JolSR1J60Ul>Y8HQ)}&_4NyI@jH&LC^hWP{zQ;F?}MwV=Mak zHp3-pMiuF=db)|a7N7k541A7cxU@H*Zrrui?lznV$c?+DY}G7cvkqYWIU^o7aK)pt z4up&lZwx|iyDr?TlAlCp0GAe;!c`Da{OV z@XZT8r$X|-kQ9eJWC)V2@{%v68$!gomV+M*dr!G)#U zw9h!U9p(n|QzU%)DF+n;Mz-V_Gh{zKKND5HN`#wkHqk}Sn%_@%!G;`5qh4v#5N}); zzfy{f5_sGe`&fmtfYVUiN-esa-8JMg7(*N>a2Z__3-S=g7-w&AX7wFG)E-L*p>m*I zBAlc5sz4znTt|ItihWEX&lARaUGy^i8#z!<{EA!Yx*D;AXwpVs5G7%vbYSEpb-b}% zJ+U?$geJ3k7qg}52B5C7C zQ1*-`TSL6*TD?AF5DwI8{ft(4ZEjW-TO=VO2o8#%O zSa2kz-R_W&iKwQdM4|tRKiy;o5*`L)k)y8pQnkoFTnukE5xkphPr@aG`~F!dI&K@jS!(uHKX#}+;j0_-eo z6K5~dVd5W#n#BG~5F|~H2{5bQaC&(*AJ&#-CYQLpk3jDjla6))a?pL&s2O zsr0+LHA_{i-*cyJSL+3qtb15u>AHLDcsCtG9T?k)(=iP-fuU`vrfBwN7il~zTZ88( z72hog7%SPdteP+gEDt|`hl(KAxn;WdOw+9AGwef4^lN;DNWtr-=Y2Cu1Nryqc5}Mp zZ=HS2dkNSHNM8(5!5}I5QO}+O#j$TdBV2ntwN&roA#rn1({1Mi%+UBRCtn83X}K}9kP{fa z_;MNiel1#vRkG z+D#kKNn@u54M8VwKtUe;Se!)%()h!tyn@^wZDfl`LGG-H&dR5wHxHo?43K*+j=$Gz z93}f7T9+t1_prEH9cNSI-kBp)h0V9s@`|uq-uYglldhUHTVsxd_mumfZ8Maj_=yYfnJyK;zKi?5iC|DF7yV0&)d4hWV zys|`4Kf8e*(trwxK!y=}L#Jfu@pES$@$6g1A9a%{G91mi`tqg-Ik}3vJ=N?Kw2ZeG zQip2TY)u05ruH&pW%qr6=J&gWKDvv>Y9EjDrjje$<8;m18j8BzKmAB8=jJLd<QJ zVf;WxYDT&-st=vI+ZDZ90RM3nQ z%BFdME}PDD+?m$v<%ndBBg^Zk&`*7kxY!_Zk$|V&hhd5cSW|uwn~Brc3xxhi<&O+7 z_;G)_=?K2R)_S!J!mf`Y1|`19Y5fl3!J(A)9es_Xz`?k8I$ zP7Cy4oQ-D^d;4fk2@L)UU4FEM1;Z3Izn1!ECv_03@A{O4d^+Alzw(#cdzFV5EBDG4 z+vb%y2la+f`#=pP!kz*-$8i7bboDM}wfllz4M!ck3~5bqJ!}j+7vBSAf_hP)O2u-r;D2t-i8`ghUH4-HdGY)xiXuV7z=BgEjLQ?V0^VLw#V2c=ub zg-U)V7_;X}cD69(y~~4Nm`vfsz_K9~Q|)WA+|KS$hoA7IcxHnx+vzPCMUt2%q_eFIEgk7`&5dMnajj$#ad-+XY4P zwh&8{G4aFgoYh!V6GZc8zpc3Ik%}liib`|}uxg=}3J*yD?J^bOGyFbzr(kbQomtE^ z6obW!$SzD_3ts{jP#|vtuwcsq;7Xk%sh{V8F$$&v4P7X2D%=FV36ebU>9wHqCjAW_w(MPZS< zp^JTohmz{mm!!jm&(+t{m_7r9ir)Y+V8Zt94S9F`nClT=7KS@n!&a3iA%>6*Q@*|& z3)3?#rt12s!!pyoirj>5W~NCs+q^pG*PNpTx>ofmQMGef8g>LmA3KjN?8@2%GNVN7 zz7&g~x+zT^Pj| zJcsCY9hRq7l?1l=en$eif+XRmj!s*Yj#6IyrUQ8ryYkoRJZ{ti)BQd!WQ+2%c+F{C zL9f1({VG5+NW*39akfOO)94@s&}M^}gpIqudsRI-A#y=!bwhzn#8(Tf632@^OqHQ(s-ixmII2clcBS)1`uOgSDAyFJMj$|>xG|nRlVAKlusLZ_^ zF(6XR(Ghs-O;iDblkHN#V*D0M86mKU^qH%ruS&u*-UMw>al1pqRot^l6-k*Nf$7M4 zLi~=!B6VSDXqNn}esee8EPTNRDv;Jp`!Y@(#rHcht&&L3O2Jk~8Bq}WN{2?UDoWI8 zs)SRs9jiHiciYcbr4Jo`oWi>5zm)3WWbt?o;v_)vf&pD#y@U}{K|0(BpU;e$zcIpV zZKp~QmWSBa`K{yZubkH^>ASNqN*FGSAgr^?Kwxqx7}Wm&*#u=)3{OlOjq5|95XhzpKDO%Ly$oeVjOvlSk``j zbQ(Zni#}tWhE2tQMC%p{8$$anL=Gp8T>~2{Np(YwSBKd>$1;@5sXg5#HQUU=jqXD{ ze9pdG*RE-G%djAvY_MxBPJb<@rklG$&ug=|&pqed2{Qmy9CFR6n1&n|UR~U~DWaNI zu2JC#-mhqr4l+n@^69d9B=xp=54wrZ_Dz#9xre z`2(^y1sy#J^MV4Z_SSS42HwVrWV^q1&w>sH*vAN@#0z!oc7|r|b$oBnJKcmX#d?#& z$64BZsAAcpKVVeV2|MC5Y}}+)!Xe2ausc^e@hlieI!p4ia}w+UD$Y-8jwZ)lgZar^ zfa@8%&M%2mk@?bzF}&mZ$WV!m_ddmS8t7BL1V~onFTk9KG?MB+SHgO(+nLOfPY{M* zs0y0SV+SRBYWLWyi{aYh9~JIRLJb;V=@ih>XC`yFRY|;=34{~KDpssY(>IRe(Q|*# zvJhIoSUh>&HFMJ41&mBrB{CkdjlsaWM=xzsh(Oi;v_^o2hXTk;Hf#57HediNNzYk) z6H&8f68vG+b?Le2bAOE+)ir6ha0$ZsVe+-v)lCL0MYHMN2|Fuu1tpxX*R|N{M&UEh zYUue0&4XgY#i`Xk6G=&Zu@dF}dg5swk&?O_n`|RM-=Q!7lJyN5eHn8P6HyD4iB71a zq4kr(Hqwwa+ zNJw$SAcOSRb~;sAy!9yBukBxiCGjR2N(~ZbRHYM&F-n({AGdgfJ>1^L6uN{~4U<;B z7!u1=ipmipl3M?DYQt*o)`UF%RY#_98#@g?K49 z8{!4?ib%T4YOyW_soB2!WJ^ck`kzwYP+N6o1{EnZeCVr-__R$QKX`OLd`SXmO=R3(a>-7q&hVcMCK7V-aDdKr+s~(Gje{ z7W;Eh!!rC<+nDpt)l+7O%0^Al>$+}USlKblaYTt6eCu=SN!&d)HZeW_p5X*IylLIq znmDofahN|gw%Ay>$&tn3aRF$>b=-eMZ1gx3y-hyIJOJD=rFL6)rL7n|G!sNiL80Lc zW3g9B44(nfk2h=m{l^!z@oUY*&nr16MxEIVs(37HddAc9;pLN94S3Z|4YT5~o<-Xn)sX)@Ih3^B%AEnmv!aSdC1(-~-Lw`;CBK__r;B4|nPd z<2^VUB!Fkjo<+h5pr}n4qU)D_R566#6yW2#{6t3;;KQZOvQp*0TjBFgG+aWdHQ_lU zR8wrqb;-W_`udIdNMg9`Z39<_f?AeNu>fq=S5>qw9To(`T`5i)aJfF`Q5#BkySX|F zeW-w*;Bdu>;VP}ZK$w>yzLKb)*Q&;`^5-tR^b9~Eo)F=vB^2QeV@RVv6?MMZ2cBo6 zUl2vok*x(_CPp+}+F9{nBMqh^bVBx^@{FTccx8;c>}I*s2fD?g=#6s*C5C*#CC|89 z=SXirxBP*!IoVUxy&@64QkuVF2W$RXnq6g`j3rZahly6~AH!~gZ$+*CF=|!|*lSf4^>8THTipIiEv6HqB z2~i#2)uAJultH*yHwJW3&r3tTBi~gJ{%*Df(C^r95Y!LV(AKR3Nf=Odz#nILPD-Oz z1}U(tJ`vZ{ z%7o9e_3TBvqWJ@AoOuIro>tTk`|LCwy9SI%kSI@^iRn(86_7l*O=;B^hAr@G{0XZ2 z51FNZH=_jmV_LIfet4qbF~&^~7xNPo|H>!$ZZ`(6Ou;NjK<^M-m%o+@CeT~5F?tv- z4lY%d01pIbSLYJ~{U(@+jgT-8srjx9)@A&)0!9y^BiEsw!=Vc5BF=pDj&B{5ej9fD z58zDXIm+-ndmXu=>R4p+MP0pH9-nZp4LIxkw90cwV;Y|ClI|HIT-p7GA*o`7gX>to0-#Ou&hFl?6D`^ zp!K5)u{ky+ukSKkuIDHapNpfeE!e3dX+P(}4bj=-bExY~P}XJ2=dwFZ&);B$1WR8c zl)~GX^WQNtl1LgteTe}KS8gf>QDga=j*}htsr&6Ie){T&J7Qfwx4~hP6^SO8!$7%J z+)p8u*=Un*dPUkylL2y>J7V?HZj{+nhIed}F&Jij%q|I~u-KWqVszi#vL#f>;Ode} zse0z$QNuBl{n}}_eAk=g>~?b|ciey)MY3;DU;D^^v+K;rTB!x8dtLfs^QYvg|b_=)W;n$cP##wifa2*WI)dslDGdq{x^h>tSek&^~q*7i!e$`E8NLkfgS3K ziIw{FURP(&F`44K9rN$w5&44hsEO=4O{Uwa`E>F`@+^rC+PbxMCQMev#>M6~yR!G; zh6ZCR3a<_1+`;{K-AX(AFOEObb=7CpJ?g4u?PnnK*t7boq#E9*b0K_INnTkS=&s96gp->D$(_)wx6 z`^6T{q6DE}L8pxK_Vqdeq2U^11cA>dQO(E@{mCtjV%x3$!Tfdn->J3)I9eaPDfFoV zf1;>j`G3j{jVAd0ZbR|MGnUJ_3AtS!lRS6g z1}mF(llgXdzFlG>s|9O0v5j>t*u-{dJTyN&KQKQozntO9v8pLOJLJWE22IHwuk-~E zU9ve6>b@jv5n*<5U>vpr3%4}yQc5YJ`iqcHSZqH_dU?o-*(V$^pCOBiuD6-9mTPPP zFNBNpJiT%7l$B9(x0xu_u;aY?g_ro$d?d(e+2NNDC)eTb;P|&&k6yR~y<>0OJCJHw zY~fy~^~Awc4w0@euu}w|41}PJlveI=&l=QAyEm%DZ^o&QXzLcgm|b92ZqY;vtBb|* z(&OoscZAY-`@S*r7s=NqH_wdPyt_L|pfL%arlpMWye4n!)uh_+0JG|x4D$y|2l&`e znwjPnaxOY|icw&rer;XB;xiNOUtXUnuQR!6$E769Eym1lIbR3!XgxW72tYH8ce^Jo zxwp0zZ7JVn5qPDd5ZHT6kQ!*=QNon&O=hvrOp$kEI7@a~8a!Glq?&wLAqb4+M<@X^ zrtcT;anwe}Vl9#CFar3fRM@Eqham;#mEDl}OOMd;OA}iQm})EC`6dt>KM_wyTTNiC z2|pubGRW1rR4sooD7fz%mugK_{@%HG6h8To#X{#N?-*g$aS3ZO92;Dibt)AqsuvkQ zF&u^aFF;F5Za$ts)AGJahawWDeE5s9B2NGJ6O9QcRlZmp28%)Enjr-ylUBd0_AtDX zaSTfE;y4Z2oH4a_#Lue~P({fxkn52Heq$9O1w4uAoLZM~+*S=06X&&C!pQ*6LQv6AQaDEAuZ!W|I$atZ%pNz+eGF3APF4xe`;g zZOw{5=8GhTY7+}1>scL~tF)8r9x&cizN}CQ*_z7caY7XP5=}}KtV$6_nQ)_0E4EG# z8cxQn7o&T9sep*@eUw9P%Or3Q)j+n#2cx1iUF$VF%M>M*b|gwa%T}V2=;+%ogVhNg zsEuz9FII*W5ewDjg=J0W^4{N35ta3Ghs7>bfedWX`}4vs(S9h%>**g~-uz}jXldhH zhN|@qQiOs3_G2MqvUWJc9tP0E2n1nCHjcYOC*sqJp@jW5L@18Dq#_J2YHoysNu;{x zEo9*5=I_*Gv&ho$dv;vmm&4wLM{`z0oNp8mt-APrrk)c=d9v|BVyS{=Y&=cq6B2vY zD`qN^p)%M`Yyz_$8?-U}GtjuG+zC}~gM~BKtMvax+*`(F)ph&AbV_$O(kC{?7_s&J~Ps*tMIac(23x`~DO{8Ln(xyB}B3%)rP5NxE8tP$IIA+c`oS(kAUAt$m z-stS_YUbW3Q4CKemBm>7(9artNV8C?V3O2g4I0fXaDmVTik6wy1f+1oHo0(2m ztv1g}aXciCSxO+{5~4(V)JO)-{oE0!B4g;M0S2N?0HL2%WJ#{7?7#>7PaGzRr0PYH z@#5yabTKL=_^=07BXk6>b=U?W7!;%l#LcCWUPL+kp!=O?hYzdhIYejGEU@J|E`C>L zdWdplZ_|wQrBB7ZBgzP(MlwbV8bp?FqyP37|3zSM=~PNbO^S#7W5pMy!xd_Cy+V};m59!8I#u*N2Wi@rC?hV)FN!rPlMilOfn&Nh%E9Lq$}=IXXh>P=rKm{-{y* zIdX&ole|$~l7v$H6Q5t_sN$d!1|xC}+9gX{b7bsi4EzKk&;-Ye4P@py6L;v78zL6Q zH@w|4g6Ap=m4E-1Qw%m*j&myJi|B%M!f*E?+Oz)8Os^%C3-o#{gqu{0`lAO+opN5j z79I6o`uxKDWx~9wPO`m>`5#@!KPtl4k+tcP>jGTSI)}4Stu)b+AX+!|zS$Bf2F|AT zc4E;{jnD1xpPFwvy+k^f^@(jehOQj46-m44dIHM1xPQ`;GmBdD4KHS^r zkN@Jr;Dw${&e$AZ?bCe-_t4TOT)$?xgjb8Q}}xqRl=ks!50nzn^cjfQMyawQWui#YH^ zGXdDAa}IfnHL=#DF?vT>J^`xRX=|#DFfo+tfr1QpxNUw067{e#l(^oB=BXEBnl$>7 z9!!@kJosCF>eSlcpWGy95$7P^gBq65VgE@3WCtR$sQ&`_9dR?Fd>7+T)LTj~eieeDhOU9=*_qiFDxN?&qM2JoGt1Q(B zTz$I%+O*Q6KBItT;`g@`{l^4_OA4!dWI;6v2p|%x&K#OT`B^*vL1?h*nDY*n9qk}& zpKZamkNmSRaa}ZF>Ma)@V~ghmLEf}roFD*a_*pxBg*A7A=k)ch%Vj93q?7ZyKNdy)X3mT z8nED36{ru833TqqZ8M0K$AWr2wuy`g+jk_o9nk#xvv%rNWk%LJI6l-C*-k2)>8u`y zOfVM;^e$Yg{W3lH-CUfgHb}Rbc$tVKPg58%5uipQ`*YI1A>}J~*vcuvj&uI4;HULP zN7dLY}Z5x2$Oe$VQetADgj)Vva-CQW~(w%9fw(|5I= zf(*w*uhGUOIi4xe6wv5OvLl%1wfn>~{!~+vK>-cxuSaziIzgXG;GjebOe${NE>M_Vw<^Me_ibWHmY8l zoSoiVUY=I4|JXmay>si2Y5$TwA2WNuc36~p;7?|l4eEUm0g;uYKGEitbi)xjjRsSb^Nzt9}YTeJuNsvK6AsK67%aSGhfngL`eqXi3bv( z=;PI-&RS8{4Qnq9U(+7icD!o9^TwlOVszMxh{o}Tmx>d@shb{2yK8wzU#zt}t6^BF zJF6j9q5IKGwGxv=IkM44YyD26rK8+a_G@%2f9R^j$Pr$dyUy4;?@?ckLg%in-mGz*|L~Ha3=b&^?+DWvx80Mn@ z&Ff9*(j0)+*5;&TTHylulVv@Hn{^B|$tgkY$yUC^W#`;4lxt8tXRReVhQFe0_TC}v zkmLR$C&eVkh=(&-xmWdxdOOSdW;@so9oZQj4KWr$4iv=ZNP1_slCFRM6|u^wKneLj zyDZ%2`X^nI&X!;$@W<2e#lM7Aqb?MecQK!N8tzNuQylYd$FDR~lc}bbIV}*4C{UM` zW1+o!Wc*PapWQpp!1tMxT)~A}8L2>4J~(m1wDi&K)Wo7~|3At>;0i6mq943cS;_*R z-zNQs6!vx{kSkeejjN!FrD*boY!epxsq5+;Y886>nZHBw-f8s0WToyv* zVumOD51R?HkG<|&pPF#7q4*EXcLe>L$wrw0a@|P@UWydkkGIcX^Fzn=7fPU^D|mqQG>5wiA^9Q$9$we3+s|WEX{(ccsou?MLUfQ=%S$YxJ`P7J# zJwAyvko0B+C3Rz|*okPS@_`QX`48%xR6MS7U$eq-Xhg3od_O1kZYw3j{IZY}We}?? zz&GcF{l3P87!vw) zA$q>`pm+(Rr1d~15lETwXf9lB}F)OR%jHH%QNdk%dV?-NYwX+cBL>1^1`TDv0T zN6>R}bdqw?8ZxSu<2F;XBh}_=C?V^d;555L9nLteGL5PU?LlwTLVS>~9P9kF zP8q=^a2&s@Lh21`UMC(uM*FVS5|Md##vYpmF=r zXio&pdz5^a+h9BwaL7i~whQ&bble~FdCa+}o*Bs3Wkp%`j}2B2fHa51K}3rDJdE`H zr(lp}ng!y38u91^U&PGN=d)qhupVw&72gK&qmy6sbppF6A}}I*D}vWF<~K>ILmo(d zIX(||H2Pd0H81o)^w||>(CS!=lHQ%E(?&UH~9GJDI{0mL>URTX4Pptkj7+Zqh+1TpkjF%+no z0P40b>AYcG>?&cL)vP!=6^BgZIZ*D4TBvg^pFn$|f#C-6^fHYxC#sb?bYlZ2VkLnP znPdnp*Gz=D=%F5GK1?cG_HXaxAMtwR>s4`H>nr!u8T?d=WpgGtU*P)&?UB}Fs7!sh zW8FU+-cL%B0%9lK*@JoC26ZgBpT>Kc8aVfx24NjUa**&WSV?pnX~O9Tv5Y#-mU2!G6cla69o8@sBPf5Ac}qu?CK=H zPME_We+BshCaAO5uL%2$!s_9DrbAeZ3+OUb@IXl_e6pQ16U^*NPZSeoTD zdBn0hXdgW_OgjfDSsPy%i`K*>OpgW&VyndvNn|MW!B6Pai8bwFG!1sPUw{{f+-HTh z?TIB{6>Sc;w_P?SF+dN!=~Gv>n_Cge_0leeFM@6%!chACDpO#q`r;n zFWj}yTcpVIr3-T-Va?SjDqc!4@xDn+r2w(v*^?Y z-WJ)(sVlPIpz#^*{fac^{R6t=ytW~!?74K6g0@uDg>*zIC!Q$8fv@8$uLi1kRvy2K z{koj#tZkF?S`8|*HjER$5N&o6vsKG)LzktDEfm#+lCus!rY!m{y&dsj=|&*v?()@6 zfiSNexs7>Y@5NrJyrJW=%lONg3OWkaLq&mnZX1>VbQlU| z!ZL{ zbQcZE%r4gI7i0wAkGM<1+*(a2*gNhPFB)|aRSdVTE_{Utoz zS*tAPMH9tYZ|Y~Nt~eo$^RE{1yl?kh%0#wnnA-Qlpv)u}yU8p8T^M8YqSU1ivOqBp zXf?uZ^UyG2?mH1RM4iCtQ+f_T;OCctt?vWvWpkhkXj`EMDCwjWMHbX4{0`bZ$WgNh zN^GV@-1tb*WtNv#nnVf<>Qbj6*4I;!z> z?v?!MY~Z23#qWCXHh0emdutgXxi|BROYzX>U_sO9W=^^Xp-swjkm;3B)UrdDCKj#W zmeK^F0ztA16OJ~+S9KHXph7|gl;nEt1q135vVM&$!nd$&n)B<7_O*4q#MycW=T?nm zkH(cO$!xi7>nyd&qPX>UwopH_93==~!_Cd!@aZrBTMYxZQW1iGB*JtHjd@9lE3{06 zEJP^~mC7NUPob;8fb149U!%WY_JG;=XiLM$YI8Y8F7IFS!e1bwS*5E$*RmQa&4{4q zHH8{S!GcFbySVCf#^j_&kWL9Q4bvw*M2>dCI49v$H77PNNfLs9 zdkeUUBPFs(Plx4A$VLN|%s_gE0hVuP>M%WR=#dLB%oZ5Pd>{lJA#t0N)MhdfM33Cw zMo+|F$;X@s-xBu29{jvXgc)D#9*^mVAEUVz0zxu6ei-9R_Y5MVb|Xlw3=0xKhH^q1 zL=Gq(oE781zMmsp&{R8+IyO)c<%Q_|sNe&@eAA!7JWa*FcvF2szPx8N#Pgi-pD#U{ zs*W}O-`_#Q%y!+stGVyjfCk~6o%Fc~uNc*76noEHN6dslNmAq?jKire<(BxHPEd3- zX!c$HD0FbtY?#7U4WW}!CuhLW2(y8X(wKGIqqa7vxigr|Tff`;Vr{;tswJrS)RL?C z5KLp)CX^Oy!4YA}U@Lu6xC0YOMa%gHiBB#TR;pZ*veAU5y697qohwKYk&%yDx_l!| zZBX8fl~XeifnL@ZSBUMp|gRaV>fC;wFdU0*nOmxdF2BJc4Ccb_^I&+Tz|K~;l@G@ zyx$N-BBzOsn8%Qr;2e^>JSZdhsrrMP1;caHj>-sX!v3O^h5_w1ED#FWyQ$rc}Lrdv=hxspY|L=LY8K_8$lx+~1SkngbU1e@~sQrhv2mGOD~;J4qK zyJO=+yu9x!<8QZa@gSoO4dh}B$=UC?IK;7}Pl;WM=fw}OW#Op*iwQ^0N^s18=o>3? z=n9Tl5Moem0cle#FIg7cdEy_Uw-G^ zG(8a@hJB_?4Nd-&X_ThM?BnJeNrF6L)qu~E>J+6YQ$?n}cTe9sAZjp1`JrJ~)Qus? zYE&kSph3~V>P89#djlO9r9&lZ!*i8k&HK_$HVL$cFT`jxe?Mn6gmt!Xv2OjPk zT8qkrT)Vx|p2K{E2J$4e~RlO}JcUMqAlT7LUj( z;XxvyLFyj)$T1exj)pZZ1CsR=A7SOj6S-i+-)`p;3+iaFx9R4ULL}G>G4!49_A|)# zd?|NPtjsDOOfPLOXZTbaP#*Xh)m&rXoN$04>_J;oZ2x6o=?mvi@`OZ1!dQ~tc&4xL zw$(o*8HTNkp(j`46m-jLit(2hLWkoO<^~vKQ`^b|8yRW(8Q6fg7c^hO zPpY}7;!&K+f7vz70QDMf$v<4}T<*0@F|}#*F5_9OhEc0-)BM7)#<0fPLEpjL!Pvnf zKqtT?z#za%MNh>{#Yn}{LD#|5!O+2)N1w->$C$@bjlifZwOLUQ{(YU><=#d~b>{}^ zI^Lc*@mn@{C8JJm}L>XjIWk1*s z8>(fML9aQ-N0x9A83qg8wRA_XROODMW~TBWp`#hn7_GKsyhkE}`zROjV#b$n=)M6C zPnD9WUyn&qGe6r37dgUq5dU^GEMFd`}Ns3C{8fIyX3Upp2ulF_mn6um0t%wLPO= zc9M32VuEIZYT_jaIR`ZdCh7E71(lC)bzrSUFf`1yH?0er+f&x()z5RFI0bWLL3q7V z46I0<4CEF(W9;ALF)cz?vANCKX{xEJJ1`y+?hPSh3KQ`OODU?ge)Nlc$)VZ(TwBmX z9fdgaLfogqiJQM%YcPXkrj;d1w@_$C*W|F(LEMjocVsn|^L#K!*~)z^guq^iTA~Ds zPQsd=WhiJ!hJ?N~RnS;?c#|&G>X&*mse+{l3`D;A%$ag4(~sPdbmWzZP9L!(6RW48 zT6BBEv8@M^aS#{jEv2%U8MNbSr35r3QSY)a=oePwapL?+b>oVm2S0o~{jyp9CI_CB zQgL7rs{)vw)h=w~DUPVyeGqF9WbN!&(rAF}3?qv~4P6Zz4}zwDzyE&U1cxTJRJr_N zmI&@nG%_Li1I=;d2>N16oSMGQZVQsiD4xQ$4uNLe~H7H-N(dGfO8^B`ro zjj#&l@!88S)ELksh_Q(!G}v-&kp={EZOmTVqDV7g)a%iHG}ZGyy>f`Z)a&y^v+q~p zUY2OFZzi^)z6ZTZc^7NUvUz>kWaqoGeaZoQmi(KYYn3Y}{C$sTvZy8r0m1gGSQNn| z2)Umn!&dLIZH3#^ztO>~IY~!E2bZjt75&zJ?}=Eji&fTg`|TlR%F*{Rjz1FSO(;eQ z#r$d*24c4U!dHycDah*G{=Sm8;R{m~thGOrxhcZqMQ;-6=~;a--w^<3xX!k9f`XI4Gmf{IkFer zCmC7TD4$QB7s#j2gBX9I8fFzuCtfRBD_JXED~(OHK)yh^Kp~G_7{(#Vmj|WlEvDpm zs#*Ifv~fYQn>?Oi9!R<3doo|1SkiO05Rd!T@3GAF^ukt`SXgq~0z>nwYmg>&wmd zCZdyw4dk`ucGVVS#cA$z`ANM!2(WOhKXN7!5|{7QIR>>Y}bpzRy%I z7}#jl<0(W7Str#S1i*+|0JFL)Ft5YL(!}D#zKX@~hwI1fN0o)5h6Tk#4g_F}4zi4s zel|-}=fC2y7P2&JUba;1kSF-=EN5Dr!9`AjQ9D8Nij$mzQ`W0MW-G(&W}}D71Kau= zEMpv;e!bd5{m+Ch-LF(uA~sYX3LnoS!kg&*7NW`}TT~O;xgBK-2pst~Kg8LcF1_g` zh;2z>kH(f9B(lzd0x^R~#2id>mnA1IH$zh@>`9X@7ZpeQY`B?*(f1Ft$#83#Fd zEj3T0XyG$UcKifcW4b2=4QorRko~fz{BRcv@=HR>i5N(j{%wz(n6XTRjGSkZH9|?h z4I-B8U=j)4CN+(n^{D(rGHO1xR)P?7TOqS~2DL1liwECow7M}|qB4hyi;kK{#%{B= zRbhNVi$#5fAZ7`$Y&}R$zz(1KI^n0Rd3Rgjx0*>E)avZFyjbMezaWtRi2@3|5|s7CXX`z81^#RZ!$a+C8^Z>uc<1`u?N!`!l^(_(v1PTB1@SwXC zMj$LTNpUq3W01osp?y`5JQep&tQfs=JG=T3ttQ~ni~uP`_e;&7%ompo}c26!`ujL~mkJ!*(!S!Ju~M zqgnuplsBdw%Z_Awgf+UH!=4iTiDwo>lH<-GNQ}y|7RhTW6;M^B2*QKkM-oCiqnYmF_R#tiB`DW)2{}&t!ogV7m{KB*E})BsVS4p{f=u!z_@) zn5T@V$R>^>(XEr&c;D|VUmJVy6zS7q)tO;E7azoDfJxa08P&Qg$$79+Z#Sl+>R8y0 zCcFNkSrpro64bglTgwLztu$rb{e!x#>0Kl=s$+ngQ!~$;$LBRAjy&1{F$TV*N{E|7 zx;X6Ht;+%geP?*}D`)v;5B5ICE1m{EV#u%1a6Q{^f?y~bj>#bBfb*y+=mRlReo#Wb z1bLs_odNG}3;Nvbw|PF^uY*=@&z5B-^BWBBXKO(1jrWxuDVwLD-rUv4yYE9Hk0<9b zB2Op#o4m(&7b5nLdOI;I6J-AP_aaYkiT%!Jo|F#e9YIf5Pd=yj-yKJvyeS+XHA&m9 zMjU5P$c#YWHjk7R^BY(|r@vh8jgAz}K?W<{cSc8TXP1r*b9W8eP2T612f1j`p;^Re zeqMs-=U%__*K=cHLWTKAZ-JYd_1w{z&~{$Z+f%RKW$U?>zztAy>Giv1J@+Uk)E}rh z@%ml7o|_Ha05un0zfa1L65sjRueM_!eev6z13rpSYSMCBcfp$GK?2%emU)O@`(nk@ zl1yOcALeTuTPJ9igIs`hLU^1V*Ej|pL4u$qJ`&3wtmK(!d`|&(HX!j7) z&n9>0XUyH}F<);f!)*O!gTm1R*_N8SE`y>4(#J;DAF>A)S6zOahKbf!>+SVa2Zl+G zOtme)R&}jBzjxH6igxmC1!V1aqmlU%lo60Mrue$&|&_?6@*fIczE)%LFC}aRb|f3mP_81!`kw9KL#70Yoz@J(8V~3n;)#l!~OO2=uSRk zi)XX)@byr&kGF7J@B;o%FV5AdlilgNr9$DQVcdn)VV2caf$+*DS$nPPO2=HD)nV?* zM~nK(0pK$BXyFfWlYVnC3K$Cc4WcXbK=k*WVrg{3Qedn zot3pOsO1Kv$k^~w>-u(}`;n)2PX_x+q|$4hyi#~{4$UPMaTLuZ*dTrg>gPSV)*K3l zf&ZeA$Y9O^+pJNGvQhHRWy*Q?_slQICuiMO^Zve3MSFq!_iVcDsU}~Jkhep}Tfzvo zboAqhu`-;qRzFiR1*1uOcSTp_AFf*w6=QaO1e^F_D5nk zj6J0{-GiR^hu$C1RU-QWO;(5CHP#~4{D$^!v-;x~d>+1CoZE64`xqFeTuCNREuY*} z9Ts5a7YsDS9-_`=VeB}_Emst@Kzryg>>L7I3R+&dH^c)~78J`BB`vd~21=fu-?))? zKn{w_6=o|WRX@a=^(I^O;8~hdfrKE-Nuh>`ap5S^wtWVNg4;(iQ$zsbR$QCA|zsA+m z<+S^&X+y0=Bg4U@)*o9XWIh@6bj>5UFigk3F`=mNv@ShV8%&M2Ou9%4#k3 z2(P+2ysYgb${^ZxO?J2{UrZJJI(k*RnChJ8k*<;rZ*NqIc;P+fPdv44xAN)T(4oD! zA8D-!>(n;I-afDFH^uR9in5^2@JsKpdwtXFxR7+XgR>lAH2dv7F~4XQhvxeswHyO@ zpzP+x!L{#^OhTXgZI0kLE!vQWCYsXtfTHYRc>OHAbrb!&ChNxf$!(k;OCP2(tU!jJ zN5@ALWk&(lD%ttD>9KiOV9qiMJQRvA7q-Om93qMw2rm!Z(DFfL>9OTl2cyUp+4+^} zu~p!PH+=jpL)<(ZWYV@gC|I747ZH1w)Q3e@heamqBirG?%~6rn5pBVdstFBYvMh?=lsr?D*#I^AkUtZ z8oJmDy4d7e>5A?48zQ0@px)R!D*jGHIWeG%uA?L?FUqXvBmYZIUW!+A3)y%8m!L^D z|Lsx6AEV~@9g~Ytd1OreXb~Q>#V^)9g_W0J1MiK){j2mF{IXWN*g=4|3Px#eI|J`? ztg=JPvlY&RU~j;@bwpBr!y}&t<=JPM+=IpcZ8AJ+J|`)Hy6gIHL&wBF4gE+tp8G6h z0Zuj{IzL4fs+T%K@i`A8V;V=ptyg5d?d;;-l@igO(`;+iLc8h2d;l4nEM5Qz?Ya$D zzJ@*{BNw4tSi$Q@Oa6x|mq=fm4_KEY0f5a0ywu&9_}RbW)3WoQ6|DD;eHH_*7qs$^ zZn+s`^Dp+ne=rvFR{_Gl)<4?63e0<3Y;U`UWS8D4{Y;Q#pwFYu ztj1t|t%U!80wV9$xqK z?FfV_*wtq_qda*j2&|BFpp%k3cVK*-+57?foMZk$Si$q_Oo|BbfI(KsCE$|vSmB1> z@ZbVJ(ur-{2V)5^Dj+O|uG~ULIsa5}h%{XLj&lPsb7xTdBk11v<0zgz*rC9L5UO~- z9(&>X(Z7n~IW+dRflsLY%jJKP&)xqv2HbH6PxKs8|6kb$AjK-gahAo}eR9*zb_gg3b2A&3MpH8{3~4$1bd zp1=ZuLO71eV@gNNw^P$jdSs3Fsz*dJ+WWAI|4G4iO+uMxKXb|Gl7$ z2=BA?DE6WNClUNf-HyWzDO`}+kSX%7An{XdxFCr@XKenKSDb$$<_c}(_Z@hm{XE)D zyWkv4mXS}E@r)E*g!f;D{!Y>UPSVfm;eL(yVGRr90~*qw72nSLIb z{__-!F4FjKPk*Oye<$z)U{vCM4fEldM~Wplk&*#GfHeFkIj3d=Q`Pf?A!z1rm`|qv ztV`^Tca*==bJhj&+pC5aUPw2{lz3i9Zp%HeF?{~bXMjj)k;dl)OX2VIZ>Re;!iP0* zHcqhwXGyR~=G)FcIcet%_hIdMU;={-$W;F%PRDUHhkpzpmGUG2Db|qB59ta?1&nna zBYJQ`AO%m*_iG;KL5>~Q4>xBi%2{o`mn%=u4Gw~kRWL{-OOChLz`LX0z+3JJ8pOmP zIf0`t9Drl)f*pff@l;^N?DJ{Uubqi{Q|m-#SiZY2E+0vuFq2tV8>Ovx2e?8YyJr;X zpq{DV%ntE1C5r}p9{pKc41=e&VGbG?QAC%ZW)r3ms{|XP`1Yx5wLOJQ){A6p6T5`W zn|VHuW3D37H{ubW