From 4bf6fb66185dc42cc9ca15b905efe25637fb5416 Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Mon, 20 Jun 2022 20:12:20 -0400
Subject: [PATCH 01/96] Implement a feature to assist in generating various
 images

* use a flag to determine if we want an RC or not
* Convert rldict and sigdict to an AttributeDict to allow access via
  __getattr__
* add fedora_release variable to configs for controlling icicle
  templates
* build_image.py script to generate per-architecture XML files used by
  imagefactory
* refactor time to call utcnow() once
* add jinja types to development dependencies until we move past jinja
  2.x
* Generate TDL templates per architecture for each image variant on
  demand
* Generate imagefactory and copy commands to execute image build
* Refactor Kubernetes job template to be generic for all current jobs
---
 iso/empanadas/empanadas/common.py             |  45 +++++-
 iso/empanadas/empanadas/configs/el8.yaml      |   1 +
 iso/empanadas/empanadas/configs/el9-beta.yaml |   1 +
 iso/empanadas/empanadas/configs/el9.yaml      |   1 +
 iso/empanadas/empanadas/configs/el9lh.yaml    |   1 +
 .../empanadas/scripts/build_image.py          | 145 ++++++++++++++++++
 .../empanadas/scripts/launch_builds.py        |  20 ++-
 .../empanadas/templates/icicle/tdl.xml.tmpl   |  21 +++
 .../empanadas/templates/kube/Job.tmpl         |  15 +-
 iso/empanadas/pyproject.toml                  |   2 +
 10 files changed, 239 insertions(+), 13 deletions(-)
 create mode 100644 iso/empanadas/empanadas/scripts/build_image.py
 create mode 100644 iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl

diff --git a/iso/empanadas/empanadas/common.py b/iso/empanadas/empanadas/common.py
index c3619ce..edb2533 100644
--- a/iso/empanadas/empanadas/common.py
+++ b/iso/empanadas/empanadas/common.py
@@ -8,6 +8,24 @@ import yaml
 import logging
 import hashlib
 
+
+from collections import defaultdict
+from typing import Tuple
+
+# An implementation from the Fabric python library
+class AttributeDict(defaultdict):
+    def __init__(self):
+        super(AttributeDict, self).__init__(AttributeDict)
+
+    def __getattr__(self, key):
+        try:
+            return self[key]
+        except KeyError:
+            raise AttributeError(key)
+
+    def __setattr__(self, key, value):
+        self[key] = value
+
 # These are a bunch of colors we may use in terminal output
 class Color:
     RED = '\033[91m'
@@ -22,8 +40,8 @@ class Color:
     END = '\033[0m'
 
 # vars and additional checks
-rldict = {}
-sigdict = {}
+rldict = AttributeDict()
+sigdict = AttributeDict()
 config = {
     "rlmacro": rpm.expandMacro('%rhel'),
     "dist": 'el' + rpm.expandMacro('%rhel'),
@@ -77,3 +95,26 @@ for conf in glob.iglob(f"{_rootdir}/sig/*.yaml"):
 #rlvars = rldict[rlver]
 #rlvars = rldict[rlmacro]
 #COMPOSE_ISO_WORKDIR = COMPOSE_ROOT + "work/" + arch + "/" + date_stamp
+
+
+def valid_type_variant(_type: str, variant: str="") -> Tuple[bool, str]:
+    ALLOWED_TYPE_VARIANTS = {
+            "Container": ["Base", "Minimal"],
+            "GenericCloud": [],
+    }
+
+    if _type not in ALLOWED_TYPE_VARIANTS:
+        return False, f"Type is invalid: ({_type}, {variant})"
+    elif variant not in ALLOWED_TYPE_VARIANTS[_type]:
+        if variant.capitalize() in ALLOWED_TYPE_VARIANTS[_type]:
+            return False, f"Capitalization mismatch. Found: ({_type}, {variant}). Expected: ({_type}, {variant.capitalize()})"
+        return False, f"Type/Variant Combination is not allowed: ({_type}, {variant})"
+    return True, ""
+
+class Architecture(str):
+    @staticmethod
+    def New(architecture: str, version: int):
+        if architecture not in rldict[version]["allowed_arches"]:
+            print("Invalid architecture/version combo, skipping")
+            exit()
+        return Architecture(architecture)
diff --git a/iso/empanadas/empanadas/configs/el8.yaml b/iso/empanadas/empanadas/configs/el8.yaml
index eb80aff..8ce71c7 100644
--- a/iso/empanadas/empanadas/configs/el8.yaml
+++ b/iso/empanadas/empanadas/configs/el8.yaml
@@ -7,6 +7,7 @@
   minor: '6'
   profile: '8'
   bugurl: 'https://bugs.rockylinux.org'
+  fedora_release: 28
   allowed_arches:
     - x86_64
     - aarch64
diff --git a/iso/empanadas/empanadas/configs/el9-beta.yaml b/iso/empanadas/empanadas/configs/el9-beta.yaml
index 19d6cd5..116cc45 100644
--- a/iso/empanadas/empanadas/configs/el9-beta.yaml
+++ b/iso/empanadas/empanadas/configs/el9-beta.yaml
@@ -8,6 +8,7 @@
   profile: '9-beta'
   bugurl: 'https://bugs.rockylinux.org'
   checksum: 'sha256'
+  fedora_release: 34
   allowed_arches:
     - x86_64
     - aarch64
diff --git a/iso/empanadas/empanadas/configs/el9.yaml b/iso/empanadas/empanadas/configs/el9.yaml
index 88a978b..786c46a 100644
--- a/iso/empanadas/empanadas/configs/el9.yaml
+++ b/iso/empanadas/empanadas/configs/el9.yaml
@@ -6,6 +6,7 @@
   major: '9'
   minor: '0'
   profile: '9'
+  fedora_release: 34
   bugurl: 'https://bugs.rockylinux.org'
   checksum: 'sha256'
   allowed_arches:
diff --git a/iso/empanadas/empanadas/configs/el9lh.yaml b/iso/empanadas/empanadas/configs/el9lh.yaml
index 4176f66..ea833f7 100644
--- a/iso/empanadas/empanadas/configs/el9lh.yaml
+++ b/iso/empanadas/empanadas/configs/el9lh.yaml
@@ -8,6 +8,7 @@
   profile: '9-lookahead'
   bugurl: 'https://bugs.rockylinux.org'
   checksum: 'sha256'
+  fedora_release: 34
   allowed_arches:
     - x86_64
     - aarch64
diff --git a/iso/empanadas/empanadas/scripts/build_image.py b/iso/empanadas/empanadas/scripts/build_image.py
new file mode 100644
index 0000000..c9f7782
--- /dev/null
+++ b/iso/empanadas/empanadas/scripts/build_image.py
@@ -0,0 +1,145 @@
+# Builds an image given a version, type, variant, and architecture
+# Defaults to the running host's architecture
+
+import argparse
+import datetime
+import os
+import tempfile
+import pathlib
+
+from jinja2 import Environment, FileSystemLoader, Template
+from typing import List, Tuple
+
+from empanadas.common import Architecture, rldict, valid_type_variant
+from empanadas.common import _rootdir
+
+parser = argparse.ArgumentParser(description="ISO Compose")
+
+parser.add_argument('--version', type=str, help="Release Version (8.6, 9.1)", required=True)
+parser.add_argument('--rc', action='store_true', help="Release Candidate")
+parser.add_argument('--kickstartdir', action='store_true', help="Use the kickstart dir instead of the os dir for repositories")
+parser.add_argument('--debug', action='store_true', help="debug?")
+parser.add_argument('--type', type=str, help="Image type (container, genclo, azure, aws, vagrant)", required=True)
+parser.add_argument('--variant', type=str, help="", required=False)
+parser.add_argument('--release', type=str, help="Image release for subsequent builds with the same date stamp (rarely needed)", required=False)
+
+results = parser.parse_args()
+rlvars = rldict[results.version]
+major = rlvars["major"]
+
+STORAGE_DIR = pathlib.Path("/var/lib/imagefactory/storage")
+KICKSTART_PATH = pathlib.Path(os.environ.get("KICKSTART_PATH", "/kickstarts"))
+BUILDTIME = datetime.datetime.utcnow()
+
+
+def render_icicle_template(template: Template, architecture: Architecture) -> str:
+    handle, output = tempfile.mkstemp()
+    if not handle:
+        exit(3)
+    with os.fdopen(handle, "wb") as tmp:
+        _template = template.render(
+            architecture=architecture,
+            fedora_version=rlvars["fedora_release"],
+            iso8601date=BUILDTIME.strftime("%Y%m%d"),
+            installdir="kickstart" if results.kickstartdir else "os",
+            major=major,
+            release=results.release if results.release else 0,
+            size="10G",
+            type=results.type.capitalize(),
+            utcnow=BUILDTIME,
+            version_variant=rlvars["revision"] if not results.variant else f"{rlvars['revision']}-{results.variant.capitalize()}",
+        )
+        tmp.write(_template.encode())
+    return output
+
+
+def generate_kickstart_imagefactory_args(debug: bool = False) -> str:
+    type_variant = results.type if not results.variant else f"{results.type}-{results.variant}" # todo -cleanup
+    kickstart_path = pathlib.Path(f"{KICKSTART_PATH}/Rocky-{major}-{type_variant}.ks")
+
+    if not kickstart_path.is_file():
+        print(f"Kickstart file is not available: {kickstart_path}")
+        if not debug:
+            exit(2)
+
+    return f"--file-parameter install_script {kickstart_path}"
+
+def get_image_format(_type: str) -> str:
+    mapping = {
+            "Container": "docker"
+    }
+    return mapping[_type] if _type in mapping.keys() else ''
+
+def generate_imagefactory_commands(tdl_template: Template, architecture: Architecture) -> List[List[str]]:
+    template_path = render_icicle_template(tdl_template, architecture)
+    if not template_path:
+        exit(2)
+
+    args_mapping = {
+        "debug": "--debug" 
+    }
+
+    # only supports boolean flags right now?
+    args = [param for name, param in args_mapping.items() if getattr(results,name)]
+    package_args = []
+
+    kickstart_arg = generate_kickstart_imagefactory_args(True) # REMOVE DEBUG ARG
+
+    if results.type == "Container":
+        args += ["--parameter", "offline_icicle", "true"]
+        package_args += ["--parameter", "compress", "xz"]
+        tar_command = ["tar", "-Oxf", f"{STORAGE_DIR}/*.body" "./layer.tar"]
+
+    type_variant = results.type if not results.variant else f"{results.type}-{results.variant}" # todo -cleanup
+    outname = f"Rocky-{rlvars['major']}-{type_variant}.{BUILDTIME.strftime('%Y%m%d')}.{results.release if results.release else 0}.{architecture}"
+
+    outdir = pathlib.Path(f"/tmp/{outname}")
+
+    build_command = (f"imagefactory base_image {kickstart_arg} {' '.join(args)} {template_path}"
+                        f" | tee -a {outdir}/logs/base_image-{outname}.out"
+                        f" | tail -n4 > {outdir}/base.meta || exit 2" 
+            )
+
+
+    out_type = get_image_format(results.type)
+    package_command = ["imagefactory", "target_image", *args, template_path,
+                        "--id", "$(awk '$1==\"UUID\":{print $NF}'"+f" /tmp/{outname}/base.meta)",
+                        *package_args, 
+                        "--parameter", "repository", outname, out_type,
+                        "|", "tee", "-a", f"{outdir}/base_image-{outname}.out",
+                        "|", "tail", "-n4", ">", f"{outdir}/target.meta", "||", "exit", "3" 
+            ]
+
+    copy_command = (f"aws s3 cp --recursive {outdir}/ s3://resf-empanadas/buildimage-{ outname }/{ BUILDTIME.strftime('%s') }/"
+        )
+    commands = [build_command, package_command, copy_command]
+    return commands
+    
+def run():
+    result, error = valid_type_variant(results.type, results.variant)
+    if not result:
+        print(error)
+        exit(2)
+
+    file_loader = FileSystemLoader(f"{_rootdir}/templates")
+    tmplenv = Environment(loader=file_loader)
+    tdl_template = tmplenv.get_template('icicle/tdl.xml.tmpl')
+    job_template = tmplenv.get_template('kube/Job.tmpl')
+
+    for architecture in rlvars["allowed_arches"]:
+        architecture = Architecture.New(architecture, major)
+
+        commands = generate_imagefactory_commands(tdl_template, architecture)
+
+        print(job_template.render(
+            architecture=architecture,
+            backoffLimit=4,
+            buildTime=datetime.datetime.utcnow().strftime("%s"),
+            command=commands,
+            imageName="ghcr.io/neilhanlon/sig-core-toolkit:latest",
+            jobname="buildimage",
+            namespace="empanadas",
+            major=major,
+            restartPolicy="Never",
+        ))
+
diff --git a/iso/empanadas/empanadas/scripts/launch_builds.py b/iso/empanadas/empanadas/scripts/launch_builds.py
index f0f82f7..abd01a4 100755
--- a/iso/empanadas/empanadas/scripts/launch_builds.py
+++ b/iso/empanadas/empanadas/scripts/launch_builds.py
@@ -12,6 +12,7 @@ parser = argparse.ArgumentParser(description="ISO Compose")
 
 parser.add_argument('--release', type=str, help="Major Release Version", required=True)
 parser.add_argument('--env', type=str, help="environment", required=True)
+parser.add_argument('--rc', action='store_true', help="Release Candidate")
 results = parser.parse_args()
 rlvars = rldict[results.release]
 major = rlvars['major']
@@ -30,16 +31,25 @@ def run():
     elif results.env == "all":
         arches = EKSARCH+EXTARCH
 
-    command = ["build-iso", "--release", f"{results.release}", "--rc", "--isolation", "simple"]
+    command = ["build-iso", "--release", f"{results.release}", "--isolation", "simple"]
+    if results.rc:
+        command += ["--rc"]
+
+    buildstamp = datetime.datetime.utcnow()
 
     out = ""
-    for arch in arches:
+    for architecture in arches:
+        copy_command = (f"aws s3 cp --recursive --exclude=* --include=lorax* "
+                            f"/var/lib/mock/rocky-{ major }-$(uname -m)/root/builddir/ "
+                            f"s3://resf-empanadas/buildiso-{ major }-{ architecture }/{ buildstamp.strftime('%s') }/"
+        )
         out += job_template.render(
-            architecture=arch,
+            architecture=architecture,
             backoffLimit=4,
-            buildTime=datetime.datetime.utcnow().strftime("%s"),
-            command=command,
+            buildTime=buildstamp.strftime("%s"),
+            command=[command, copy_command],
             imageName="ghcr.io/neilhanlon/sig-core-toolkit:latest",
+            jobname="buildiso",
             namespace="empanadas",
             major=major,
             restartPolicy="Never",
diff --git a/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl b/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl
new file mode 100644
index 0000000..14e8dd8
--- /dev/null
+++ b/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl
@@ -0,0 +1,21 @@
+<template>
+  <name>Rocky-{{major}}-{{type}}-{{version_variant}}.{{iso8601date}}.{{release}}.{{architecture}}</name>
+        <os>
+            <name>Fedora</name>
+            <version>{{fedora_version}}</version>
+            <arch>{{architecture}}</arch>
+            <install type='url'>
+              <url>https://dl.rockylinux.org/stg/rocky/{{major}}/BaseOS/{{architecture}}/{{installdir}}/</url>
+            </install>
+        <icicle>
+                <extra_command>rpm -qa --qf '%{NAME},%{VERSION},%{RELEASE},%{ARCH},%{EPOCH},%{SIZE},%{SIGMD5},%{BUILDTIME}
+'</extra_command>
+            </icicle>
+        </os>
+        <description>Rocky-{{major}}-{{type}}-{{version_variant}}.{{iso8601date}}.{{release}}.{{architecture}} Generated on {{utcnow}}</description>
+    <disk>
+      <size>{{size}}</size>
+    </disk>
+</template>
+
+
diff --git a/iso/empanadas/empanadas/templates/kube/Job.tmpl b/iso/empanadas/empanadas/templates/kube/Job.tmpl
index bfcc20a..1ddf1f2 100644
--- a/iso/empanadas/empanadas/templates/kube/Job.tmpl
+++ b/iso/empanadas/empanadas/templates/kube/Job.tmpl
@@ -2,7 +2,7 @@
 apiVersion: batch/v1
 kind: Job
 metadata:
-  name: build-iso-{{ major }}-{{ architecture }}
+  name: {{ jobname }}-{{ major }}-{{ architecture }}
   namespace: {{ namespace }}
 spec:
   template:
@@ -11,15 +11,18 @@ spec:
         peridot.rockylinux.org/workflow-tolerates-arch: {{ architecture }}
     spec:
       containers:
-      - name: buildiso-{{ major }}-{{ architecture }}
+      - name: {{ jobname }}-{{ major }}-{{ architecture }}
         image: {{ imageName }}
         command: ["/bin/bash", "-c"]
         args:
           - |
-            {{ command | join(' ') }}
-            aws s3 cp --recursive --exclude=* --include=lorax* \
-            /var/lib/mock/rocky-{{ major }}-$(uname -m)/root/builddir/ \
-            "s3://resf-empanadas/buildiso-{{ major }}-{{ architecture }}/{{ buildTime }}/"
+{%- for c in command -%}
+{%- if c is string %}
+            {{ c }}
+{%- else %}
+            {{ ' '.join(c) }}
+{%- endif %}
+{%- endfor %}
         securityContext:
           runAsUser: 0
           runAsGroup: 0
diff --git a/iso/empanadas/pyproject.toml b/iso/empanadas/pyproject.toml
index a43a91d..35460be 100644
--- a/iso/empanadas/pyproject.toml
+++ b/iso/empanadas/pyproject.toml
@@ -19,6 +19,7 @@ kobo = "^0.24.1"
 
 [tool.poetry.dev-dependencies]
 pytest = "~5"
+types-Jinja2 = "^2.11.9" # Remove when upgrading past Jinja 2.x as type annotations are in-tree
 
 [tool.poetry.scripts]
 sync_from_peridot = "empanadas.scripts.sync_from_peridot:run"
@@ -28,6 +29,7 @@ build-iso = "empanadas.scripts.build_iso:run"
 build-iso-extra = "empanadas.scripts.build_iso_extra:run"
 pull-unpack-tree = "empanadas.scripts.pull_unpack_tree:run"
 launch-builds = "empanadas.scripts.launch_builds:run"
+build-image = "empanadas.scripts.build_image:run"
 
 [build-system]
 requires = ["poetry-core>=1.0.0"]

From e60f6524a22e03ee6799b2828d36656b1a7809be Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Mon, 20 Jun 2022 20:12:20 -0400
Subject: [PATCH 02/96] Implement a feature to assist in generating various
 images

* use a flag to determine if we want an RC or not
* Convert rldict and sigdict to an AttributeDict to allow access via
  __getattr__
* add fedora_release variable to configs for controlling icicle
  templates
* build_image.py script to generate per-architecture XML files used by
  imagefactory
* refactor time to call utcnow() once
* add jinja types to development dependencies until we move past jinja
  2.x
* Generate TDL templates per architecture for each image variant on
  demand
* Generate imagefactory and copy commands to execute image build
* Refactor Kubernetes job template to be generic for all current jobs
---
 iso/empanadas/empanadas/scripts/build_image.py | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/iso/empanadas/empanadas/scripts/build_image.py b/iso/empanadas/empanadas/scripts/build_image.py
index c9f7782..6222253 100644
--- a/iso/empanadas/empanadas/scripts/build_image.py
+++ b/iso/empanadas/empanadas/scripts/build_image.py
@@ -103,15 +103,14 @@ def generate_imagefactory_commands(tdl_template: Template, architecture: Archite
 
     out_type = get_image_format(results.type)
     package_command = ["imagefactory", "target_image", *args, template_path,
-                        "--id", "$(awk '$1==\"UUID\":{print $NF}'"+f" /tmp/{outname}/base.meta)",
+                        "--id", "$(awk '$1==\"UUID:\"{print $NF}'"+f" /tmp/{outname}/base.meta)",
                         *package_args, 
                         "--parameter", "repository", outname, out_type,
                         "|", "tee", "-a", f"{outdir}/base_image-{outname}.out",
                         "|", "tail", "-n4", ">", f"{outdir}/target.meta", "||", "exit", "3" 
             ]
 
-    copy_command = (f"aws s3 cp --recursive {outdir}/ s3://resf-empanadas/buildimage-{ outname }/{ BUILDTIME.strftime('%s') }/"
-        )
+    copy_command = (f"aws s3 cp --recursive {outdir}/* s3://resf-empanadas/buildimage-{ outname }/{ BUILDTIME.strftime('%s') }/")
     commands = [build_command, package_command, copy_command]
     return commands
     

From 79425e848e2232186ba4296cbea3031358c10096 Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Tue, 28 Jun 2022 09:29:49 -0400
Subject: [PATCH 03/96] Use devel branch for container, doc fixes

---
 iso/empanadas/Containerfile                      | 2 +-
 iso/empanadas/empanadas/scripts/launch_builds.py | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/iso/empanadas/Containerfile b/iso/empanadas/Containerfile
index c3c4ed9..3eb45c2 100644
--- a/iso/empanadas/Containerfile
+++ b/iso/empanadas/Containerfile
@@ -56,7 +56,7 @@ RUN rm -rf /etc/yum.repos.d/*.repo
 RUN useradd -o -d /var/peridot -u 1002 peridotbuilder && usermod -a -G mock peridotbuilder
 RUN chown peridotbuilder:mock /etc/yum.conf && chown -R peridotbuilder:mock /etc/dnf && chown -R peridotbuilder:mock /etc/rpm && chown -R peridotbuilder:mock /etc/yum.repos.d
 
-RUN pip install 'git+https://git.rockylinux.org/release-engineering/public/toolkit.git@feature/iso-kube#egg=empanadas&subdirectory=iso/empanadas'
+RUN pip install 'git+https://git.rockylinux.org/release-engineering/public/toolkit.git@devel#egg=empanadas&subdirectory=iso/empanadas'
 
 RUN pip install awscli
 
diff --git a/iso/empanadas/empanadas/scripts/launch_builds.py b/iso/empanadas/empanadas/scripts/launch_builds.py
index abd01a4..86ae1e8 100755
--- a/iso/empanadas/empanadas/scripts/launch_builds.py
+++ b/iso/empanadas/empanadas/scripts/launch_builds.py
@@ -8,11 +8,11 @@ from empanadas.common import _rootdir
 
 from jinja2 import Environment, FileSystemLoader
 
-parser = argparse.ArgumentParser(description="ISO Compose")
+parser = argparse.ArgumentParser(description="Generate Kubernetes Jobs to run lorax in mock and upload the result. Pipe into kubectl for the appropriate cluster")
 
-parser.add_argument('--release', type=str, help="Major Release Version", required=True)
-parser.add_argument('--env', type=str, help="environment", required=True)
-parser.add_argument('--rc', action='store_true', help="Release Candidate")
+parser.add_argument('--release', type=str, help="Major Release Version: (8|9)", required=True)
+parser.add_argument('--env', type=str, help="environment: one of (eks|ext|all). presently jobs are scheduled on different kubernetes clusters", required=True)
+parser.add_argument('--rc', action='store_true', help="Release Candidate, Beta, RLN")
 results = parser.parse_args()
 rlvars = rldict[results.release]
 major = rlvars['major']

From 0deaae0c65ee8dd1b162464ef3dc92e540b6a3a8 Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Tue, 28 Jun 2022 09:39:01 -0400
Subject: [PATCH 04/96] update github workflow to build image in the right
 namespace

---
 iso/empanadas/empanadas/scripts/build_image.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/iso/empanadas/empanadas/scripts/build_image.py b/iso/empanadas/empanadas/scripts/build_image.py
index 6222253..8a7f373 100644
--- a/iso/empanadas/empanadas/scripts/build_image.py
+++ b/iso/empanadas/empanadas/scripts/build_image.py
@@ -135,7 +135,7 @@ def run():
             backoffLimit=4,
             buildTime=datetime.datetime.utcnow().strftime("%s"),
             command=commands,
-            imageName="ghcr.io/neilhanlon/sig-core-toolkit:latest",
+            imageName="ghcr.io/rockylinux/sig-core-toolkit:latest",
             jobname="buildimage",
             namespace="empanadas",
             major=major,

From 710cb081349c793d7d88e962e628c677153fa3b1 Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Tue, 28 Jun 2022 10:04:23 -0400
Subject: [PATCH 05/96] update github workflow to build image in the right
 namespace

---
 iso/empanadas/empanadas/scripts/launch_builds.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/iso/empanadas/empanadas/scripts/launch_builds.py b/iso/empanadas/empanadas/scripts/launch_builds.py
index 86ae1e8..e693d7b 100755
--- a/iso/empanadas/empanadas/scripts/launch_builds.py
+++ b/iso/empanadas/empanadas/scripts/launch_builds.py
@@ -48,7 +48,7 @@ def run():
             backoffLimit=4,
             buildTime=buildstamp.strftime("%s"),
             command=[command, copy_command],
-            imageName="ghcr.io/neilhanlon/sig-core-toolkit:latest",
+            imageName="ghcr.io/rocky-linux/sig-core-toolkit:latest",
             jobname="buildiso",
             namespace="empanadas",
             major=major,

From 760967211baa57bfdbcbbe320dde5e71e207559b Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Tue, 28 Jun 2022 10:10:30 -0400
Subject: [PATCH 06/96] Update the image tag

---
 .github/workflows/mix-empanadas.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/mix-empanadas.yml b/.github/workflows/mix-empanadas.yml
index 2f408ca..ebae78d 100644
--- a/.github/workflows/mix-empanadas.yml
+++ b/.github/workflows/mix-empanadas.yml
@@ -3,7 +3,7 @@ name: Build empanada container images
 
 on:
   push:
-    branches: [ $default-branch ]
+    branches: [ $default-branch, "devel" ]
   pull_request:
     branches: [ $default-branch ]
   workflow_dispatch:
@@ -42,6 +42,6 @@ jobs:
           context: ./iso/empanadas
           file: ./iso/empanadas/Containerfile
           push: ${{ github.event_name != 'pull_request' }}
-          tags: ghcr.io/neilhanlon/sig-core-toolkit:latest
+          tags: ghcr.io/rocky-linux/sig-core-toolkit:latest
           cache-from: type=gha
           cache-to: type=gha,mode=max

From 7d7163a1567f06a40034075c361be0b1eaed2d29 Mon Sep 17 00:00:00 2001
From: nazunalika <label@rockylinux.org>
Date: Tue, 28 Jun 2022 07:49:23 -0700
Subject: [PATCH 07/96] prepping treeinfo outside

---
 iso/empanadas/empanadas/util/dnf_utils.py |  4 ++-
 iso/empanadas/empanadas/util/iso_utils.py | 15 ++++++---
 iso/empanadas/empanadas/util/shared.py    | 41 +++++++++++++++++++++++
 3 files changed, 55 insertions(+), 5 deletions(-)

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index a54b4ee..8291a8f 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -78,6 +78,7 @@ class RepoSync:
         self.compose_root = config['compose_root']
         self.compose_base = config['compose_root'] + "/" + major
         self.profile = rlvars['profile']
+        self.iso_map = rlvars['iso_map']
 
         # Relevant major version items
         self.shortname = config['shortname']
@@ -935,7 +936,8 @@ class RepoSync:
     def deploy_treeinfo(self, repo, sync_root, arch):
         """
         Deploys initial treeinfo files. These have the potential of being
-        overwritten by our ISO process, which is fine.
+        overwritten by our ISO process, which is fine. If there is a treeinfo
+        found, it will be skipped.
         """
         arches_to_tree = self.arches
         if arch:
diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index 5921df9..de93dac 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -450,7 +450,7 @@ class IsoBuild:
         for arch in arches_to_unpack:
             for variant in self.iso_map['images']:
                 self.log.info(
-                        'Configuring treeinfo for %s%s %s%s' % (Color.BOLD, arch, variant, Color.END)
+                        'Configuring treeinfo and discinfo for %s%s %s%s' % (Color.BOLD, arch, variant, Color.END)
                 )
 
                 self._treeinfo_wrapper(arch, variant)
@@ -741,12 +741,15 @@ class IsoBuild:
 
     def _treeinfo_wrapper(self, arch, variant):
         """
-        Ensure treeinfo is written correctly based on the variant passed. Each
-        .treeinfo file should be configured similarly but also differently from
-        the next.
+        Ensure treeinfo and discinfo is written correctly based on the variant
+        passed. Each file should be configured similarly but also differently
+        from the next. The Shared module does have a .treeinfo writer, but it
+        is for basic use. Eventually it'll be expanded to handle this scenario.
         """
         image = os.path.join(self.lorax_work_dir, arch, variant)
         treeinfo = os.path.join(image, '.treeinfo')
+        discinfo = os.path.join(image, '.discinfo')
+        mediarepo = os.path.join(image, 'media.repo')
         imagemap = self.iso_map['images'][variant]
         primary = imagemap['variant']
         repos = imagemap['repos']
@@ -827,6 +830,10 @@ class IsoBuild:
 
         # Set default variant
         ti.dump(treeinfo, main_variant=primary)
+        # Set discinfo
+        Shared.discinfo_write(self.timestamp, self.fullname, arch, discinfo)
+        # Set media.repo
+        Shared.media_repo_write(self.timestamp, self.fullname, mediarepo)
 
     # Next set of functions are loosely borrowed (in concept) from pungi. Some
     # stuff may be combined/mixed together, other things may be simplified or
diff --git a/iso/empanadas/empanadas/util/shared.py b/iso/empanadas/empanadas/util/shared.py
index d9bb357..e3b08c5 100644
--- a/iso/empanadas/empanadas/util/shared.py
+++ b/iso/empanadas/empanadas/util/shared.py
@@ -2,6 +2,7 @@
 
 import os
 import hashlib
+import productmd.treeinfo
 
 class Shared:
     """
@@ -44,6 +45,46 @@ class Shared:
                 checksum.hexdigest()
         )
 
+    @staticmethod
+    def treeinfo_new_write(
+            file_path,
+            distname,
+            shortname,
+            release,
+            arch,
+            time,
+            repo
+        ):
+        """
+        Writes really basic treeinfo, this is for single repository treeinfo
+        data. This is usually called in the case of a fresh run and each repo
+        needs one.
+        """
+        ti = productmd.treeinfo.TreeInfo()
+        ti.release.name = distname
+        ti.release.short = shortname
+        ti.release.version = release
+        ti.tree.arch = arch
+        ti.tree.build_timestamp = time
+        # Variants (aka repos)
+        variant = productmd.treeinfo.Variant(ti)
+        variant.id = repo
+        variant.uid = repo
+        variant.name = repo
+        variant.type = "variant"
+        variant.repository = "."
+        variant.packages = "Packages"
+        ti.variants.add(variant)
+        ti.dump(file_path)
+
+    @staticmethod
+    def treeinfo_modify_write():
+        """
+        Modifies a specific treeinfo with already available data. This is in
+        the case of modifying treeinfo for primary repos or images.
+        """
+
+
     @staticmethod
     def discinfo_write(timestamp, fullname, arch, file_path):
         """

From f65a331826077d26bc31bf93a2c486f988070ff3 Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Tue, 28 Jun 2022 11:19:54 -0400
Subject: [PATCH 08/96] remove jinja types

---
 iso/empanadas/pyproject.toml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/iso/empanadas/pyproject.toml b/iso/empanadas/pyproject.toml
index 35460be..fb25ee5 100644
--- a/iso/empanadas/pyproject.toml
+++ b/iso/empanadas/pyproject.toml
@@ -19,7 +19,6 @@ kobo = "^0.24.1"
 
 [tool.poetry.dev-dependencies]
 pytest = "~5"
-types-Jinja2 = "^2.11.9" # Remove when upgrading past Jinja 2.x as type annotations are in-tree
 
 [tool.poetry.scripts]
 sync_from_peridot = "empanadas.scripts.sync_from_peridot:run"

From f342046f2516fb682c263a90018efe9cb48ceeb1 Mon Sep 17 00:00:00 2001
From: nazunalika <label@rockylinux.org>
Date: Tue, 28 Jun 2022 10:08:17 -0700
Subject: [PATCH 09/96] test should use &&

---
 iso/empanadas/empanadas/templates/buildExtraImage.tmpl.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/iso/empanadas/empanadas/templates/buildExtraImage.tmpl.sh b/iso/empanadas/empanadas/templates/buildExtraImage.tmpl.sh
index ae9b5cf..fbac286 100644
--- a/iso/empanadas/empanadas/templates/buildExtraImage.tmpl.sh
+++ b/iso/empanadas/empanadas/templates/buildExtraImage.tmpl.sh
@@ -5,7 +5,7 @@ set -ex
 {{ lorax_pkg_cmd }}
 mkdir -p {{ compose_work_iso_dir }}/{{ arch }}
 cd  {{ compose_work_iso_dir }}/{{ arch }}
-test -f {{ isoname }} || { echo "!! ISO ALREDY EXISTS !!"; exit 1;  }
+test -f {{ isoname }} && { echo "ERROR: ISO ALREDY EXISTS!"; exit 1; }
 {% else %}
 cd /builddir
 

From 1a0439985117af086b109b42d57e1ec33b9ab5a6 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Tue, 28 Jun 2022 12:41:12 -0700
Subject: [PATCH 10/96] fix up readme, disable gitlab tests for now

---
 .gitlab-ci.yml => .disable.gitlab-ci.yml |  0
 README.md                                |  8 +++----
 iso/empanadas/README.md                  | 27 +++++++++++++++---------
 3 files changed, 20 insertions(+), 15 deletions(-)
 rename .gitlab-ci.yml => .disable.gitlab-ci.yml (100%)

diff --git a/.gitlab-ci.yml b/.disable.gitlab-ci.yml
similarity index 100%
rename from .gitlab-ci.yml
rename to .disable.gitlab-ci.yml
diff --git a/README.md b/README.md
index 9495108..1a88e0d 100644
--- a/README.md
+++ b/README.md
@@ -3,10 +3,8 @@ sig-core-toolkit
 
 Release Engineering toolkit for repeatable operations or functionality testing.
 
-Currently mirrored at our [github](https://github.com/rocky-linux),
-[Rocky Linux Git Service](https://git.rockylinux.org), and the
-[RESF Git Service](https://git.resf.org). Changes either occur at the Rocky
-Linux Git Service or RESF Git Service.
+Currently mirrored at our [github](https://github.com/rocky-linux), and the
+[RESF Git Service](https://git.resf.org). Changes will typically occur at GitHub.
 
 What does this have?
 --------------------
@@ -14,7 +12,7 @@ What does this have?
 * analyze -> Analysis utilities (such as download stats)
 * chat -> mattermost related utilities
 * func -> (mostly defunct) testing scripts and tools to test base functionality
-* iso -> ISO related utilities
+* iso -> ISO and Compose related utilities, primarily for Rocky Linux 9+
 * live -> Live image related utilities
 * mangle -> Manglers and other misc stuff
 * sync -> Sync tools, primarily for Rocky Linux 8
diff --git a/iso/empanadas/README.md b/iso/empanadas/README.md
index e414f5e..0c90442 100644
--- a/iso/empanadas/README.md
+++ b/iso/empanadas/README.md
@@ -22,18 +22,24 @@ There should be additional logging regardless, not just to stdout, but also to a
 
 ## scripts
 
-* sync-variant-pungi
-* sync-variant-peridot
-* sync-from-pungi
-* sync-from-peridot
-* sync-sig
-* build-all-iso
-* sign-repos-only
+```
+* sync_from_peridot    -> Syncs repositories from Peridot
+* sync_sig             -> Syncs SIG repositories from Peridot
+* build-iso            -> Builds initial ISO's using Lorax
+* build-iso-extra      -> Builds DVD's and other images based on Lorax data
+* launch-builds        -> Creates a kube config to run build-iso
+* build-image          -> Runs build-iso
+```
 
 ## wrappers
 
-* lorax-generators
-* sync-generators
+```
+* common               -> The starting point
+* iso_utils            -> Does work for ISO building and generation
+* dnf_utils            -> Does work for repo building and generation
+* check                -> Checks if the architecture/release combination are valid
+* shared               -> Shared utilities between all wrappers
+```
 
 ## rules
 
@@ -43,8 +49,9 @@ When making a script, you *must* import common. This is insanely bad practice,
 but we would prefer if we started out this way:
 
 ```
-from common import *
 import argparse
+from empanadas.common import *
+from empanadas.util import Checks
 ```
 
 Whatever is imported in common will effectively be imported in your scripts as

From 69317f388137ccd24ef9880fe48558fb039c7149 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Wed, 29 Jun 2022 20:36:59 -0700
Subject: [PATCH 11/96] make IPA tests runnable, lamp disabled for now

---
 func/ipa.sh                               | 59 +++++++++++++++++++++++
 func/stacks/ipa/00-ipa-pregame.sh         |  0
 func/stacks/ipa/10-install-ipa.sh         |  0
 func/stacks/ipa/11-configure-ipa.sh       |  0
 func/stacks/ipa/12-verify-ipa.sh          |  0
 func/stacks/ipa/20-ipa-user.sh            |  0
 func/stacks/ipa/21-ipa-service.sh         |  0
 func/stacks/ipa/22-ipa-dns.sh             |  0
 func/stacks/ipa/23-ipa-sudo.sh            |  0
 func/stacks/ipa/50-cleanup-ipa.sh         |  0
 func/stacks/lamp/00-install-lamp.sh       |  0
 func/stacks/lamp/01-verification.sh       |  0
 func/stacks/lamp/10-test-lamp.sh          |  0
 iso/empanadas/empanadas/util/dnf_utils.py | 10 ++++
 14 files changed, 69 insertions(+)
 create mode 100644 func/ipa.sh
 mode change 100644 => 100755 func/stacks/ipa/00-ipa-pregame.sh
 mode change 100644 => 100755 func/stacks/ipa/10-install-ipa.sh
 mode change 100644 => 100755 func/stacks/ipa/11-configure-ipa.sh
 mode change 100644 => 100755 func/stacks/ipa/12-verify-ipa.sh
 mode change 100644 => 100755 func/stacks/ipa/20-ipa-user.sh
 mode change 100644 => 100755 func/stacks/ipa/21-ipa-service.sh
 mode change 100644 => 100755 func/stacks/ipa/22-ipa-dns.sh
 mode change 100644 => 100755 func/stacks/ipa/23-ipa-sudo.sh
 mode change 100644 => 100755 func/stacks/ipa/50-cleanup-ipa.sh
 mode change 100755 => 100644 func/stacks/lamp/00-install-lamp.sh
 mode change 100755 => 100644 func/stacks/lamp/01-verification.sh
 mode change 100755 => 100644 func/stacks/lamp/10-test-lamp.sh

diff --git a/func/ipa.sh b/func/ipa.sh
new file mode 100644
index 0000000..19086c1
--- /dev/null
+++ b/func/ipa.sh
@@ -0,0 +1,59 @@
+#!/bin/bash
+# Release Engineering Core Functionality Testing
+# Louis Abel <label@rockylinux.org> @nazunalika
+
+################################################################################
+# Settings and variables
+
+# Exits on any non-zero exit status - Disabled for now.
+#set -e
+# Undefined variables will cause an exit
+set -u
+
+COMMON_EXPORTS='./common/exports.sh'
+COMMON_IMPORTS='./common/imports.sh'
+SELINUX=$(getenforce)
+
+# End
+################################################################################
+
+# shellcheck source=/dev/null disable=SC2015
+[ -f $COMMON_EXPORTS ] && source $COMMON_EXPORTS || { echo -e "\n[-] $(date): Variables cannot be sourced."; exit 1; }
+# shellcheck source=/dev/null disable=SC2015
+[ -f $COMMON_IMPORTS ] && source $COMMON_IMPORTS || { echo -e "\n[-] $(date): Functions cannot be sourced."; exit 1; }
+# Init log
+# shellcheck disable=SC2015
+[ -e "$LOGFILE" ] && m_recycleLog || touch "$LOGFILE"
+# SELinux check
+if [ "$SELINUX" != "Enforcing" ]; then
+  echo -e "\n[-] $(date): SELinux is not enforcing."
+  exit 1
+fi
+
+r_log "internal" "Starting Release Engineering Core Tests"
+
+################################################################################
+# Script Work
+
+# Skip tests in a list - some tests are already -x, so it won't be an issue
+if [ -e skip.list ]; then
+  r_log "internal" "Disabling tests"
+  # shellcheck disable=SC2162
+  grep -E "^${RL_VER}" skip.list | while read line; do
+    # shellcheck disable=SC2086
+    testFile="$(echo $line | cut -d '|' -f 2)"
+    r_log "internal" "SKIP ${testFile}"
+    chmod -x "${testFile}"
+  done
+  r_log "internal" "WARNING: Tests above were disabled."
+fi
+
+# TODO: should we let $1 judge what directory is ran?
+# TODO: get some stacks and lib in there
+
+#r_processor <(/usr/bin/find ./core -type f | sort -t'/')
+#r_processor <(/usr/bin/find ./lib -type f | sort -t'/')
+r_processor <(/usr/bin/find ./stacks/ipa -type f | sort -t'/')
+
+r_log "internal" "Core Tests completed"
+exit 0
diff --git a/func/stacks/ipa/00-ipa-pregame.sh b/func/stacks/ipa/00-ipa-pregame.sh
old mode 100644
new mode 100755
diff --git a/func/stacks/ipa/10-install-ipa.sh b/func/stacks/ipa/10-install-ipa.sh
old mode 100644
new mode 100755
diff --git a/func/stacks/ipa/11-configure-ipa.sh b/func/stacks/ipa/11-configure-ipa.sh
old mode 100644
new mode 100755
diff --git a/func/stacks/ipa/12-verify-ipa.sh b/func/stacks/ipa/12-verify-ipa.sh
old mode 100644
new mode 100755
diff --git a/func/stacks/ipa/20-ipa-user.sh b/func/stacks/ipa/20-ipa-user.sh
old mode 100644
new mode 100755
diff --git a/func/stacks/ipa/21-ipa-service.sh b/func/stacks/ipa/21-ipa-service.sh
old mode 100644
new mode 100755
diff --git a/func/stacks/ipa/22-ipa-dns.sh b/func/stacks/ipa/22-ipa-dns.sh
old mode 100644
new mode 100755
diff --git a/func/stacks/ipa/23-ipa-sudo.sh b/func/stacks/ipa/23-ipa-sudo.sh
old mode 100644
new mode 100755
diff --git a/func/stacks/ipa/50-cleanup-ipa.sh b/func/stacks/ipa/50-cleanup-ipa.sh
old mode 100644
new mode 100755
diff --git a/func/stacks/lamp/00-install-lamp.sh b/func/stacks/lamp/00-install-lamp.sh
old mode 100755
new mode 100644
diff --git a/func/stacks/lamp/01-verification.sh b/func/stacks/lamp/01-verification.sh
old mode 100755
new mode 100644
diff --git a/func/stacks/lamp/10-test-lamp.sh b/func/stacks/lamp/10-test-lamp.sh
old mode 100755
new mode 100644
diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 8291a8f..1c17c7b 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -947,6 +947,16 @@ class RepoSync:
         if repo and not self.fullrun:
             repos_to_tree = [repo]
 
+        # If a treeinfo or discinfo file exists, it should be skipped.
+
+    def run_compose_closeout(self):
+        """
+        Closes out a compose as file. This ensures kickstart repositories are
+        made, the treeinfo is modifed for the primary repository, syncs
+        work/isos to compose/isos, and combines all checksum files per arch
+        into a final CHECKSUM file.
+        """
+
 
 class SigRepoSync:
     """

From 2e384002556aee504f502e0fed4c646952b6a7cc Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Wed, 29 Jun 2022 20:39:13 -0700
Subject: [PATCH 12/96] expect is missing from install

---
 func/stacks/ipa/10-install-ipa.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/func/stacks/ipa/10-install-ipa.sh b/func/stacks/ipa/10-install-ipa.sh
index 0e5b029..901055e 100755
--- a/func/stacks/ipa/10-install-ipa.sh
+++ b/func/stacks/ipa/10-install-ipa.sh
@@ -11,4 +11,4 @@ if [ "$RL_VER" -eq 8 ]; then
   p_enableModule idm:DL1/{client,common,dns,server}
 fi
 
-p_installPackageNormal ipa-server ipa-server-dns
+p_installPackageNormal ipa-server ipa-server-dns expect

From 1acca22141b22ff9d3063b931ee8fb52155c1cc3 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Wed, 29 Jun 2022 20:45:58 -0700
Subject: [PATCH 13/96] make kinit as admin simpler

---
 func/stacks/ipa/20-ipa-user.sh    | 10 +---------
 func/stacks/ipa/21-ipa-service.sh | 10 +---------
 func/stacks/ipa/22-ipa-dns.sh     | 10 +---------
 func/stacks/ipa/23-ipa-sudo.sh    | 10 +---------
 4 files changed, 4 insertions(+), 36 deletions(-)

diff --git a/func/stacks/ipa/20-ipa-user.sh b/func/stacks/ipa/20-ipa-user.sh
index 9965a56..71be555 100755
--- a/func/stacks/ipa/20-ipa-user.sh
+++ b/func/stacks/ipa/20-ipa-user.sh
@@ -13,15 +13,7 @@ kdestroy &> /dev/null
 klist 2>&1 | grep -E "(No credentials|Credentials cache .* not found)" &> /dev/null
 r_checkExitStatus $?
 
-expect -f - <<EOF
-set send_human {.1 .3 1 .05 2}
-spawn kinit admin
-sleep 1
-expect "Password for admin@RLIPA.LOCAL:"
-send -h "b1U3OnyX!\r"
-sleep 5
-close
-EOF
+echo "b1U3OnyX!" | kinit admin@RLIPA.LOCAL
 
 klist | grep "admin@RLIPA.LOCAL" &> /dev/null
 r_checkExitStatus $?
diff --git a/func/stacks/ipa/21-ipa-service.sh b/func/stacks/ipa/21-ipa-service.sh
index db50dd1..408709b 100755
--- a/func/stacks/ipa/21-ipa-service.sh
+++ b/func/stacks/ipa/21-ipa-service.sh
@@ -13,15 +13,7 @@ kdestroy &> /dev/null
 klist 2>&1  | grep -E "(No credentials|Credentials cache .* not found)" &> /dev/null
 r_checkExitStatus $?
 
-expect -f - <<EOF
-set send_human {.1 .3 1 .05 2}
-spawn kinit admin
-sleep 1
-expect "Password for admin@RLIPA.LOCAL:"
-send -h "b1U3OnyX!\r"
-sleep 5
-close
-EOF
+echo "b1U3OnyX!" | kinit admin@RLIPA.LOCAL
 
 klist | grep "admin@RLIPA.LOCAL" &> /dev/null
 r_checkExitStatus $?
diff --git a/func/stacks/ipa/22-ipa-dns.sh b/func/stacks/ipa/22-ipa-dns.sh
index 4d74174..d9aa8e9 100755
--- a/func/stacks/ipa/22-ipa-dns.sh
+++ b/func/stacks/ipa/22-ipa-dns.sh
@@ -13,15 +13,7 @@ kdestroy &> /dev/null
 klist 2>&1  | grep -qE "(No credentials|Credentials cache .* not found)" &> /dev/null
 r_checkExitStatus $?
 
-expect -f - <<EOF
-set send_human {.1 .3 1 .05 2}
-spawn kinit admin
-sleep 1
-expect "Password for admin@RLIPA.LOCAL:"
-send -h "b1U3OnyX!\r"
-sleep 5
-close
-EOF
+echo "b1U3OnyX!" | kinit admin@RLIPA.LOCAL
 
 klist | grep "admin@RLIPA.LOCAL" &> /dev/null
 r_checkExitStatus $?
diff --git a/func/stacks/ipa/23-ipa-sudo.sh b/func/stacks/ipa/23-ipa-sudo.sh
index 68e50ac..983bd41 100755
--- a/func/stacks/ipa/23-ipa-sudo.sh
+++ b/func/stacks/ipa/23-ipa-sudo.sh
@@ -13,15 +13,7 @@ kdestroy &> /dev/null
 klist 2>&1  | grep -E "(No credentials|Credentials cache .* not found)" &> /dev/null
 r_checkExitStatus $?
 
-expect -f - <<EOF
-set send_human {.1 .3 1 .05 2}
-spawn kinit admin
-sleep 1
-expect "Password for admin@RLIPA.LOCAL:"
-send -h "b1U3OnyX!\r"
-sleep 5
-close
-EOF
+echo "b1U3OnyX!" | kinit admin@RLIPA.LOCAL
 
 klist | grep "admin@RLIPA.LOCAL" &> /dev/null
 r_checkExitStatus $?

From 1d710a6d42d3700cfb9981d0d9ca323b9c80f130 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Wed, 29 Jun 2022 21:27:50 -0700
Subject: [PATCH 14/96] fix up IPA portion

---
 func/stacks/ipa/20-ipa-user.sh    | 25 +++++++++++++++++--------
 func/stacks/ipa/21-ipa-service.sh |  8 ++++----
 func/stacks/ipa/22-ipa-dns.sh     |  6 +++---
 3 files changed, 24 insertions(+), 15 deletions(-)

diff --git a/func/stacks/ipa/20-ipa-user.sh b/func/stacks/ipa/20-ipa-user.sh
index 71be555..c0f5313 100755
--- a/func/stacks/ipa/20-ipa-user.sh
+++ b/func/stacks/ipa/20-ipa-user.sh
@@ -19,28 +19,37 @@ klist | grep "admin@RLIPA.LOCAL" &> /dev/null
 r_checkExitStatus $?
 
 r_log "ipa" "Test adding a user"
-userDetails="$(ipa user-add --first=test --last=user --random ipatestuser)"
-echo "$userDetails" | grep -q 'Added user "ipatestuser"'
-r_checkExitStatus $?
+ipa user-add --first=test --last=user --random ipatestuser > /tmp/ipatestuser
+grep -q 'Added user "ipatestuser"' /tmp/ipatestuser
 
-echo "$userDetails" | grep -q 'First name: test'
+ret_val=$?
+if [ "$ret_val" -ne 0 ]; then
+  r_log "ipa" "User was not created, this is considered fatal"
+  r_checkExitStatus 1
+  exit 1
+fi
+
+sed -i 's|^  ||g' /tmp/ipatestuser
+grep -q 'First name: test' /tmp/ipatestuser
 r_checkExitStatus $?
-echo "$userDetails" | grep -q 'Last name: user'
+grep -q 'Last name: user' /tmp/ipatestuser
 r_checkExitStatus $?
-echo "$userDetails" | grep -q 'Full name: test user'
+grep -q 'Full name: test user' /tmp/ipatestuser
 r_checkExitStatus $?
-echo "$userDetails" | grep -q 'Home directory: /home/ipatestuser'
+grep -q 'Home directory: /home/ipatestuser' /tmp/ipatestuser
 r_checkExitStatus $?
 
 r_log "ipa" "Changing password of the user"
 kdestroy &> /dev/null
+userPassword="$(awk '/Random password/ { print $3 }' /tmp/ipatestuser)"
+/bin/rm /tmp/ipatestuser
 
 expect -f -  <<EOF
 set send_human {.1 .3 1 .05 2}
 spawn kinit ipatestuser
 sleep 1
 expect "Password for ipatestuser@RLIPA.LOCAL: "
-send -h -- "$(echo "$userDetails" | awk '$0 ~ /Random password/ {print $3}')\r"
+send -h -- "$(echo "$userPassword")\r"
 sleep 1
 expect "Enter new password: "
 send -h -- "gr@YAm3thy5st!\r"
diff --git a/func/stacks/ipa/21-ipa-service.sh b/func/stacks/ipa/21-ipa-service.sh
index 408709b..c509ab6 100755
--- a/func/stacks/ipa/21-ipa-service.sh
+++ b/func/stacks/ipa/21-ipa-service.sh
@@ -19,15 +19,15 @@ klist | grep "admin@RLIPA.LOCAL" &> /dev/null
 r_checkExitStatus $?
 
 r_log "ipa" "Adding test service"
-ipa service-add testservice/rltest.rlipa.local &> /dev/null
+ipa service-add testservice/onyxtest.rlipa.local &> /dev/null
 r_checkExitStatus $?
 
 r_log "ipa" "Getting keytab for service"
-ipa-getkeytab -s rltest.rlipa.local -p testservice/rltest.rlipa.local -k /tmp/testservice.keytab &> /dev/null
+ipa-getkeytab -s onyxtest.rlipa.local -p testservice/onyxtest.rlipa.local -k /tmp/testservice.keytab &> /dev/null
 r_checkExitStatus $?
 
 r_log "ipa" "Getting a certificate for service"
-ipa-getcert request -K testservice/rltest.rlipa.local -D rltest.rlipa.local -f /etc/pki/tls/certs/testservice.crt -k /etc/pki/tls/private/testservice.key &> /dev/null
+ipa-getcert request -K testservice/onyxtest.rlipa.local -D onyxtest.rlipa.local -f /etc/pki/tls/certs/testservice.crt -k /etc/pki/tls/private/testservice.key &> /dev/null
 r_checkExitStatus $?
 
 while true; do
@@ -49,7 +49,7 @@ while ! stat /etc/pki/tls/certs/testservice.crt &> /dev/null; do
 done
 
 r_log "ipa" "Verifying keytab"
-klist -k /tmp/testservice.keytab | grep "testservice/rltest.rlipa.local" &> /dev/null
+klist -k /tmp/testservice.keytab | grep "testservice/onyxtest.rlipa.local" &> /dev/null
 r_checkExitStatus $?
 
 r_log "ipa" "Verifying key matches the certificate"
diff --git a/func/stacks/ipa/22-ipa-dns.sh b/func/stacks/ipa/22-ipa-dns.sh
index d9aa8e9..e0b507f 100755
--- a/func/stacks/ipa/22-ipa-dns.sh
+++ b/func/stacks/ipa/22-ipa-dns.sh
@@ -19,7 +19,7 @@ klist | grep "admin@RLIPA.LOCAL" &> /dev/null
 r_checkExitStatus $?
 
 r_log "ipa" "Adding testzone subdomain"
-ipa dnszone-add --name-server=rltest.rlipa.local. --admin-email=hostmaster.testzone.rlipa.local. testzone.rlipa.local &> /dev/null
+ipa dnszone-add --name-server=onyxtest.rlipa.local. --admin-email=hostmaster.testzone.rlipa.local. testzone.rlipa.local &> /dev/null
 r_checkExitStatus $?
 sleep 5
 
@@ -28,7 +28,7 @@ dig @localhost SOA testzone.rlipa.local | grep -q "status: NOERROR" &> /dev/null
 r_checkExitStatus $?
 
 r_log "ipa" "Adding a CNAME record to the primary domain"
-ipa dnsrecord-add rlipa.local testrecord --cname-hostname=rltest &> /dev/null
+ipa dnsrecord-add rlipa.local testrecord --cname-hostname=onyxtest &> /dev/null
 r_checkExitStatus $?
 sleep 5
 
@@ -37,7 +37,7 @@ dig @localhost CNAME testrecord.rlipa.local | grep -q "status: NOERROR" &> /dev/
 r_checkExitStatus $?
 
 r_log "ipa" "Adding a CNAME to subdomain"
-ipa dnsrecord-add testzone.rlipa.local testrecord --cname-hostname=rltest.rlipa.local. &> /dev/null
+ipa dnsrecord-add testzone.rlipa.local testrecord --cname-hostname=onyxtest.rlipa.local. &> /dev/null
 r_checkExitStatus $?
 sleep 5
 

From 4922e283d6962a781c9b78df2e32c7a591381fef Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Wed, 29 Jun 2022 21:49:12 -0700
Subject: [PATCH 15/96] add a sudo test

---
 func/stacks/ipa/23-ipa-sudo.sh | 46 +++++++++++++++++++++++++++++++---
 1 file changed, 43 insertions(+), 3 deletions(-)

diff --git a/func/stacks/ipa/23-ipa-sudo.sh b/func/stacks/ipa/23-ipa-sudo.sh
index 983bd41..a52c4ef 100755
--- a/func/stacks/ipa/23-ipa-sudo.sh
+++ b/func/stacks/ipa/23-ipa-sudo.sh
@@ -9,11 +9,51 @@ if [ "$IPAINSTALLED" -eq 1 ]; then
   r_checkExitStatus 1
 fi
 
-kdestroy &> /dev/null
-klist 2>&1  | grep -E "(No credentials|Credentials cache .* not found)" &> /dev/null
+kdestroy -A
+klist 2>&1 | grep -E "(No credentials|Credentials cache .* not found)"
 r_checkExitStatus $?
 
 echo "b1U3OnyX!" | kinit admin@RLIPA.LOCAL
 
-klist | grep "admin@RLIPA.LOCAL" &> /dev/null
+klist | grep -q "admin@RLIPA.LOCAL"
+r_checkExitStatus $?
+
+r_log "ipa" "Creating a test sudo rule"
+ipa sudorule-add testrule --desc="Test rule in IPA" --hostcat=all --cmdcat=all --runasusercat=all --runasgroupcat=all &> /dev/null
+r_checkExitStatus $?
+
+r_log "ipa" "Adding user to test sudo rule"
+ipa sudorule-add-user testrule --users="ipatestuser" &> /dev/null
+r_checkExitStatus $?
+
+r_log "ipa" "Verifying rule..."
+ipa sudorule-show testrule > /tmp/testrule
+grep -q 'Rule name: testrule' /tmp/testrule
+r_checkExitStatus $?
+grep -q 'Description: Test rule in IPA' /tmp/testrule
+r_checkExitStatus $?
+grep -q 'Enabled: TRUE' /tmp/testrule
+r_checkExitStatus $?
+grep -q 'Host category: all' /tmp/testrule
+r_checkExitStatus $?
+grep -q 'Command category: all' /tmp/testrule
+r_checkExitStatus $?
+grep -q 'RunAs User category: all' /tmp/testrule
+r_checkExitStatus $?
+grep -q 'RunAs Group category: all' /tmp/testrule
+r_checkExitStatus $?
+grep -q 'Users: ipatestuser' /tmp/testrule
+r_checkExitStatus $?
+
+m_serviceCycler sssd stop
+rm -rf /var/lib/sss/db/*
+m_serviceCycler sssd start
+
+sleep 5
+
+r_log "ipa" "Verifying sudo abilities"
+sudo -l -U ipatestuser > /tmp/sudooutput
+grep -q 'ipatestuser may run the following commands' /tmp/sudooutput
+r_checkExitStatus $?
+grep -q 'ALL) ALL' /tmp/sudooutput
 r_checkExitStatus $?

From 5a02fe5a25497ce12e2ace27af554e1692aaed24 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Thu, 30 Jun 2022 01:43:14 -0700
Subject: [PATCH 16/96] Resolve RLBT#0000132 discinfo and treeinfo

---
 iso/empanadas/empanadas/util/dnf_utils.py | 208 ++++++++++++++++++++++
 1 file changed, 208 insertions(+)

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 1c17c7b..8af3bac 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -74,11 +74,15 @@ class RepoSync:
         # Relevant config items
         self.major_version = major
         self.date_stamp = config['date_stamp']
+        self.timestamp = time.time()
         self.repo_base_url = config['repo_base_url']
         self.compose_root = config['compose_root']
         self.compose_base = config['compose_root'] + "/" + major
         self.profile = rlvars['profile']
         self.iso_map = rlvars['iso_map']
+        self.distname = config['distname']
+        self.fullname = rlvars['fullname']
+        self.shortname = config['shortname']
 
         # Relevant major version items
         self.shortname = config['shortname']
@@ -939,6 +943,11 @@ class RepoSync:
         overwritten by our ISO process, which is fine. If there is a treeinfo
         found, it will be skipped.
         """
+        self.log.info(
+                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
+                'Deploying treeinfo, discinfo, and media.repo'
+        )
+
         arches_to_tree = self.arches
         if arch:
             arches_to_tree = [arch]
@@ -948,6 +957,205 @@ class RepoSync:
             repos_to_tree = [repo]
 
         # If a treeinfo or discinfo file exists, it should be skipped.
+        for r in repos_to_tree:
+            entry_name_list = []
+            repo_name = r
+            arch_tree = arches_to_tree.copy()
+
+            if r in self.repo_renames:
+                repo_name = self.repo_renames[r]
+
+            # I feel it's necessary to make sure even i686 has .treeinfo and
+            # .discinfo, just for consistency.
+            if 'all' in r and 'x86_64' in arches_to_tree and self.multilib:
+                arch_tree.append('i686')
+
+            for a in arch_tree:
+                os_tree_path = os.path.join(
+                        sync_root,
+                        repo_name,
+                        a,
+                        'os/.treeinfo'
+                )
+
+                os_disc_path = os.path.join(
+                        sync_root,
+                        repo_name,
+                        a,
+                        'os/.discinfo'
+                )
+
+                os_media_path = os.path.join(
+                        sync_root,
+                        repo_name,
+                        a,
+                        'os/media.repo'
+                )
+
+                if not os.path.exists(os_tree_path):
+                    Shared.treeinfo_new_write(
+                            os_tree_path,
+                            self.distname,
+                            self.shortname,
+                            self.fullversion,
+                            a,
+                            self.timestamp,
+                            repo_name
+                    )
+                else:
+                    self.log.warn(
+                            '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
+                            repo_name + ' ' + a + 'os .treeinfo already exists'
+                    )
+
+                if not os.path.exists(os_disc_path):
+                    Shared.discinfo_write(
+                            self.timestamp,
+                            self.fullname,
+                            a,
+                            os_disc_path
+                    )
+                else:
+                    self.log.warn(
+                            '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
+                            repo_name + ' ' + a + 'os .discinfo already exists'
+                    )
+
+                if not os.path.exists(os_media_path):
+                    Shared.media_repo_write(
+                            self.timestamp,
+                            self.fullname,
+                            os_media_path
+                    )
+                else:
+                    self.log.warn(
+                            '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
+                            repo_name + ' ' + a + 'os media.repo already exists'
+                    )
+
+                if not self.ignore_debug:
+                    debug_tree_path = os.path.join(
+                            sync_root,
+                            repo_name,
+                            a,
+                            'debug/tree/.treeinfo'
+                    )
+
+                    debug_disc_path = os.path.join(
+                            sync_root,
+                            repo_name,
+                            a,
+                            'debug/tree/.discinfo'
+                    )
+
+                    debug_media_path = os.path.join(
+                            sync_root,
+                            repo_name,
+                            a,
+                            'debug/tree/media.repo'
+                    )
+
+                    if not os.path.exists(debug_tree_path):
+                        Shared.treeinfo_new_write(
+                                debug_tree_path,
+                                self.distname,
+                                self.shortname,
+                                self.fullversion,
+                                a,
+                                self.timestamp,
+                                repo_name
+                        )
+                    else:
+                        self.log.warn(
+                                '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
+                                r + ' ' + a + 'debug .treeinfo already exists'
+                        )
+
+                    if not os.path.exists(debug_disc_path):
+                        Shared.discinfo_write(
+                                self.timestamp,
+                                self.fullname,
+                                a,
+                                debug_disc_path
+                        )
+                    else:
+                        self.log.warn(
+                                '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
+                                r + ' ' + a + 'debug .discinfo already exists'
+                        )
+
+                    if not os.path.exists(debug_media_path):
+                        Shared.media_repo_write(
+                                self.timestamp,
+                                self.fullname,
+                                debug_media_path
+                        )
+                    else:
+                        self.log.warn(
+                                '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
+                                repo_name + ' ' + a + 'debug media.repo already exists'
+                        )
+
+
+            if not self.ignore_source:
+                source_tree_path = os.path.join(
+                        sync_root,
+                        repo_name,
+                        'source/tree/.treeinfo'
+                )
+
+                source_disc_path = os.path.join(
+                        sync_root,
+                        repo_name,
+                        'source/tree/.discinfo'
+                )
+
+                source_media_path = os.path.join(
+                        sync_root,
+                        repo_name,
+                        'source/tree/media.repo'
+                )
+
+                if not os.path.exists(source_tree_path):
+                    Shared.treeinfo_new_write(
+                            source_tree_path,
+                            self.distname,
+                            self.shortname,
+                            self.fullversion,
+                            'src',
+                            self.timestamp,
+                            repo_name
+                    )
+                else:
+                    self.log.warn(
+                            '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
+                            repo_name + ' source os .treeinfo already exists'
+                    )
+
+                if not os.path.exists(source_disc_path):
+                    Shared.discinfo_write(
+                            self.timestamp,
+                            self.fullname,
+                            'src',
+                            source_disc_path
+                    )
+                else:
+                    self.log.warn(
+                            '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
+                            repo_name + ' source .discinfo already exists'
+                    )
+
+                if not os.path.exists(source_media_path):
+                    Shared.media_repo_write(
+                            self.timestamp,
+                            self.fullname,
+                            source_media_path
+                    )
+                else:
+                    self.log.warn(
+                            '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
+                            repo_name + ' source media.repo already exists'
+                    )
 
     def run_compose_closeout(self):
         """

From 49b001e31da636c015568fcb1ac3d5a33a118b36 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Thu, 30 Jun 2022 01:45:08 -0700
Subject: [PATCH 17/96] Resolve RLBT#0000132 discinfo and treeinfo

---
 iso/empanadas/empanadas/scripts/sync_from_peridot.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/iso/empanadas/empanadas/scripts/sync_from_peridot.py b/iso/empanadas/empanadas/scripts/sync_from_peridot.py
index 1e40ed8..d025f65 100755
--- a/iso/empanadas/empanadas/scripts/sync_from_peridot.py
+++ b/iso/empanadas/empanadas/scripts/sync_from_peridot.py
@@ -22,6 +22,7 @@ parser.add_argument('--dry-run', action='store_true')
 parser.add_argument('--full-run', action='store_true')
 parser.add_argument('--no-fail', action='store_true')
 parser.add_argument('--refresh-extra-files', action='store_true')
+parser.add_argument('--refresh-treeinfo', action='store_true')
 # I am aware this is confusing, I want podman to be the default option
 parser.add_argument('--simple', action='store_false')
 parser.add_argument('--logger', type=str)
@@ -52,6 +53,7 @@ a = RepoSync(
         nofail=results.no_fail,
         logger=results.logger,
         refresh_extra_files=results.refresh_extra_files,
+        refresh_treeinfo=results.refresh_treeinfo,
 )
 
 def run():

From 2c3409de5158554ba4910674c8187c262f777b64 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Thu, 30 Jun 2022 03:06:29 -0700
Subject: [PATCH 18/96] treeinfo is not writing to paths

---
 iso/empanadas/empanadas/util/dnf_utils.py | 12 ++++++------
 iso/empanadas/empanadas/util/shared.py    |  4 ++--
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 8af3bac..58480db 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -1005,7 +1005,7 @@ class RepoSync:
                 else:
                     self.log.warn(
                             '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                            repo_name + ' ' + a + 'os .treeinfo already exists'
+                            repo_name + ' ' + a + ' os .treeinfo already exists'
                     )
 
                 if not os.path.exists(os_disc_path):
@@ -1018,7 +1018,7 @@ class RepoSync:
                 else:
                     self.log.warn(
                             '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                            repo_name + ' ' + a + 'os .discinfo already exists'
+                            repo_name + ' ' + a + ' os .discinfo already exists'
                     )
 
                 if not os.path.exists(os_media_path):
@@ -1030,7 +1030,7 @@ class RepoSync:
                 else:
                     self.log.warn(
                             '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                            repo_name + ' ' + a + 'os media.repo already exists'
+                            repo_name + ' ' + a + ' os media.repo already exists'
                     )
 
                 if not self.ignore_debug:
@@ -1068,7 +1068,7 @@ class RepoSync:
                     else:
                         self.log.warn(
                                 '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                                r + ' ' + a + 'debug .treeinfo already exists'
+                                r + ' ' + a + ' debug .treeinfo already exists'
                         )
 
                     if not os.path.exists(debug_disc_path):
@@ -1081,7 +1081,7 @@ class RepoSync:
                     else:
                         self.log.warn(
                                 '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                                r + ' ' + a + 'debug .discinfo already exists'
+                                r + ' ' + a + ' debug .discinfo already exists'
                         )
 
                     if not os.path.exists(debug_media_path):
@@ -1093,7 +1093,7 @@ class RepoSync:
                     else:
                         self.log.warn(
                                 '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                                repo_name + ' ' + a + 'debug media.repo already exists'
+                                repo_name + ' ' + a + ' debug media.repo already exists'
                         )
 
 
diff --git a/iso/empanadas/empanadas/util/shared.py b/iso/empanadas/empanadas/util/shared.py
index e3b08c5..2661356 100644
--- a/iso/empanadas/empanadas/util/shared.py
+++ b/iso/empanadas/empanadas/util/shared.py
@@ -72,8 +72,8 @@ class Shared:
         variant.uid = repo
         variant.name = repo
         variant.type = "variant"
-        variant.repository = "."
-        variant.packages = "Packages"
+        variant.paths.repository = "."
+        variant.paths.packages = "Packages"
         ti.variants.add(variant)
         ti.dump(file_path)
 

From 7f6f7babf5e66211885e353e68659b39663278c4 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Thu, 30 Jun 2022 13:14:27 -0700
Subject: [PATCH 19/96] Attempt to resolve RLBT#0000133

---
 iso/empanadas/empanadas/util/__init__.py  |  1 +
 iso/empanadas/empanadas/util/iso_utils.py | 44 ++++++++++++++++++++++-
 iso/empanadas/empanadas/util/shared.py    | 23 ++++++++++++
 3 files changed, 67 insertions(+), 1 deletion(-)

diff --git a/iso/empanadas/empanadas/util/__init__.py b/iso/empanadas/empanadas/util/__init__.py
index f107a54..828e595 100644
--- a/iso/empanadas/empanadas/util/__init__.py
+++ b/iso/empanadas/empanadas/util/__init__.py
@@ -8,6 +8,7 @@ from empanadas.util.check import (
 
 from empanadas.util.shared import (
         Shared,
+        ArchCheck,
 )
 
 from empanadas.util.dnf_utils import (
diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index de93dac..ef1e283 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -35,7 +35,7 @@ import productmd.treeinfo
 from jinja2 import Environment, FileSystemLoader
 
 from empanadas.common import Color, _rootdir
-from empanadas.util import Shared
+from empanadas.util import Shared, ArchCheck
 
 class IsoBuild:
     """
@@ -710,6 +710,48 @@ class IsoBuild:
         Syncs data from a non-disc set of images to the appropriate repo. Repo
         and image MUST match names for this to work.
         """
+        pathway = os.path.join(
+                self.compose_latest_sync,
+                repo,
+                arch,
+                'os'
+        )
+
+        src_to_image = os.path.join(
+                self.lorax_work_dir,
+                arch,
+                repo
+        )
+
+        if not force_unpack:
+            found_files = []
+            for y in ArchCheck.archfile[arch]:
+                imgpath = os.path.join(
+                        pathway,
+                        y
+                )
+                if os.path.exists(imgpath):
+                    found_files.append(y)
+
+            if os.path.exists(pathway + '/images/boot.iso'):
+                found_files.append('/images/boot.iso')
+
+            if len(found_files) > 0:
+                self.log.warn(
+                        '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
+                        'Images and data for ' + repo + ' and ' + arch + ' already exists.'
+                )
+                return
+
+        self.log.info(
+                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
+                'Copying images and data for ' + repo + ' ' + arch
+        )
+        try:
+            shutil.copytree(src_to_image, pathway, copy_function=shutil.copy2, dirs_exist_ok=True)
+        except:
+            self.log.error('%s already exists??' % repo)
+
 
     def run_boot_sync(self):
         """
diff --git a/iso/empanadas/empanadas/util/shared.py b/iso/empanadas/empanadas/util/shared.py
index 2661356..7524c2f 100644
--- a/iso/empanadas/empanadas/util/shared.py
+++ b/iso/empanadas/empanadas/util/shared.py
@@ -4,6 +4,29 @@ import os
 import hashlib
 import productmd.treeinfo
 
+class ArchCheck:
+    """
+    Arches and their files
+    """
+    archfile = {
+        'x86_64': [
+                'isolinux/vmlinuz',
+                'images/grub.conf',
+                'EFI/BOOT/BOOTX64.EFI'
+        ],
+        'aarch64':  [
+                'EFI/BOOT/BOOTAA64.EFI'
+        ],
+        'ppc64le': [
+                'ppc/bootinfo.txt',
+                'ppc/ppc64/vmlinuz'
+        ],
+        's390x': [
+                'generic.ins',
+                'images/generic.prm'
+        ]
+    }
+
 class Shared:
     """
     Quick utilities that may be commonly used

From 4bc377cd443cb5fbf52b9c533f5f078ead80258c Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Thu, 30 Jun 2022 15:38:50 -0700
Subject: [PATCH 20/96] Attempt to resolve RLBT#0000133

---
 iso/empanadas/empanadas/scripts/sync_from_peridot_test.py | 2 ++
 iso/empanadas/empanadas/templates/README.tmpl             | 6 ++++++
 iso/empanadas/empanadas/util/dnf_utils.py                 | 6 ++++--
 iso/empanadas/empanadas/util/iso_utils.py                 | 7 +++++++
 iso/empanadas/empanadas/util/shared.py                    | 3 ++-
 iso/empanadas/pyproject.toml                              | 4 ++--
 6 files changed, 23 insertions(+), 5 deletions(-)
 create mode 100644 iso/empanadas/empanadas/templates/README.tmpl

diff --git a/iso/empanadas/empanadas/scripts/sync_from_peridot_test.py b/iso/empanadas/empanadas/scripts/sync_from_peridot_test.py
index 5057753..7678f33 100755
--- a/iso/empanadas/empanadas/scripts/sync_from_peridot_test.py
+++ b/iso/empanadas/empanadas/scripts/sync_from_peridot_test.py
@@ -2,6 +2,7 @@
 
 import argparse
 
+import empanadas
 from empanadas.common import *
 from empanadas.util import Checks
 from empanadas.util import RepoSync
@@ -16,3 +17,4 @@ a = RepoSync(rlvars, config, major="9", repo="BaseOS", parallel=True, ignore_deb
 def run():
     print(rlvars.keys())
     print(rlvars)
+    print(empanadas.__version__)
diff --git a/iso/empanadas/empanadas/templates/README.tmpl b/iso/empanadas/empanadas/templates/README.tmpl
new file mode 100644
index 0000000..726ab3a
--- /dev/null
+++ b/iso/empanadas/empanadas/templates/README.tmpl
@@ -0,0 +1,6 @@
+These set of repositories (or "compose") is for {{ fullname }} and was generated
+using Empanadas {{ version }} from the SIG/Core Toolkit.
+
+As this is not a traditional compose, there will be things that you might be
+expecting and do not see, or not expecting and do see.. While we attempted to
+recreate a lot of those elements, it's not perfect.
diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 58480db..ba38234 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -930,7 +930,9 @@ class RepoSync:
                     e.strerror
             )
 
-        # Create metadata here?
+        # Create metadata here
+        # Create COMPOSE_ID here (this doesn't necessarily match anything, it's
+        # just an indicator)
 
         self.log.info(
                 '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
@@ -999,7 +1001,7 @@ class RepoSync:
                             self.shortname,
                             self.fullversion,
                             a,
-                            self.timestamp,
+                            int(self.timestamp),
                             repo_name
                     )
                 else:
diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index ef1e283..86399cc 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -723,6 +723,12 @@ class IsoBuild:
                 repo
         )
 
+        if not os.path.exists(pathway):
+            self.log.error(
+                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                    'Repo and Image variant do NOT match'
+            )
+
         if not force_unpack:
             found_files = []
             for y in ArchCheck.archfile[arch]:
@@ -747,6 +753,7 @@ class IsoBuild:
                 '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
                 'Copying images and data for ' + repo + ' ' + arch
         )
+
         try:
             shutil.copytree(src_to_image, pathway, copy_function=shutil.copy2, dirs_exist_ok=True)
         except:
diff --git a/iso/empanadas/empanadas/util/shared.py b/iso/empanadas/empanadas/util/shared.py
index 7524c2f..085fabb 100644
--- a/iso/empanadas/empanadas/util/shared.py
+++ b/iso/empanadas/empanadas/util/shared.py
@@ -117,7 +117,8 @@ class Shared:
             "%s" % timestamp,
             "%s" % fullname,
             "%s" % arch,
-            "ALL"
+            "ALL",
+            ""
         ]
 
         with open(file_path, "w+") as f:
diff --git a/iso/empanadas/pyproject.toml b/iso/empanadas/pyproject.toml
index fb25ee5..82ea835 100644
--- a/iso/empanadas/pyproject.toml
+++ b/iso/empanadas/pyproject.toml
@@ -1,8 +1,8 @@
 [tool.poetry]
 name = "empanadas"
-version = "0.1.0"
+version = "0.2.0"
 description = "hand crafted ISOs with love and spice"
-authors = ["Louis Abel <louis@rockylinux.org>", "Neil Hanlon <neil@rockylinux.org>"]
+authors = ["Louis Abel <label@rockylinux.org>", "Neil Hanlon <neil@rockylinux.org>"]
 
 [tool.poetry.dependencies]
 python = ">=3.7,<4"

From c1f1be93536a9ffd8c8e47b943adb52bc89dd8d4 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Fri, 1 Jul 2022 13:09:52 -0700
Subject: [PATCH 21/96] Remove hardcodes, add in metadata

* Remove hardcodes of "Rocky" to use "shortname" instead
* Add in metadata
---
 README.md                                 |  4 +-
 iso/empanadas/empanadas/sig/cloud.yaml    |  7 ++
 iso/empanadas/empanadas/util/dnf_utils.py | 95 ++++++++++++++++++++---
 iso/empanadas/empanadas/util/iso_utils.py |  5 +-
 iso/empanadas/empanadas/util/shared.py    | 32 ++++++++
 sync/sync-to-prod.sh                      | 10 +++
 sync/sync-to-staging.sh                   | 10 +++
 7 files changed, 149 insertions(+), 14 deletions(-)

diff --git a/README.md b/README.md
index 1a88e0d..21bc9ec 100644
--- a/README.md
+++ b/README.md
@@ -15,7 +15,7 @@ What does this have?
 * iso -> ISO and Compose related utilities, primarily for Rocky Linux 9+
 * live -> Live image related utilities
 * mangle -> Manglers and other misc stuff
-* sync -> Sync tools, primarily for Rocky Linux 8
+* sync -> Sync tools, primarily for Rocky Linux 8 and will eventually be deprecated
 
 How can I help?
 ---------------
@@ -26,7 +26,7 @@ when you make changes:
 * Have pre-commit installed
 * Have shellcheck installed
 * Shell Scripts: These must pass a shellcheck test!
-* Python scripts: Try your best to follow PEP8 guidelines
+* Python scripts: Try your best to follow PEP8 guidelines (even the best linters get things wrong)
 
 Your PR should be against the devel branch at all times. PR's against the main
 branch will be closed.
diff --git a/iso/empanadas/empanadas/sig/cloud.yaml b/iso/empanadas/empanadas/sig/cloud.yaml
index f30f94a..e7305c7 100644
--- a/iso/empanadas/empanadas/sig/cloud.yaml
+++ b/iso/empanadas/empanadas/sig/cloud.yaml
@@ -12,6 +12,13 @@ cloud:
         - x86_64
       project_id: ''
   '9':
+    cloud-kernel:
+      project_id: ''
+      allowed_arches:
+        - aarch64
+        - x86_64
+        - ppc64le
+        - s390x
     cloud-common:
       project_id: ''
       allowed_arches:
diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index ba38234..681e128 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -97,6 +97,12 @@ class RepoSync:
         self.extra_files = rlvars['extra_files']
         self.gpgkey = gpgkey
 
+        self.compose_id = '{}-{}-{}'.format(
+                config['shortname'],
+                rlvars['revision'],
+                config['date_stamp']
+        )
+
         # Templates
         file_loader = FileSystemLoader(f"{_rootdir}/templates")
         self.tmplenv = Environment(loader=file_loader)
@@ -119,7 +125,10 @@ class RepoSync:
         self.compose_latest_dir = os.path.join(
                 config['compose_root'],
                 major,
-                "latest-Rocky-{}".format(self.profile)
+                "latest-{}-{}".format(
+                    self.shortname,
+                    self.profile
+                )
         )
 
         self.compose_latest_sync = os.path.join(
@@ -224,7 +233,7 @@ class RepoSync:
         self.sync(self.repo, sync_root, work_root, log_root, global_work_root, self.arch)
 
         if self.fullrun:
-            self.deploy_extra_files(global_work_root)
+            self.deploy_extra_files(sync_root, global_work_root)
             self.deploy_treeinfo(self.repo, sync_root, self.arch)
             self.symlink_to_latest(generated_dir)
 
@@ -232,11 +241,13 @@ class RepoSync:
             self.repoclosure_work(sync_root, work_root, log_root)
 
         if self.refresh_extra_files and not self.fullrun:
-            self.deploy_extra_files(global_work_root)
+            self.deploy_extra_files(sync_root, global_work_root)
 
         if self.refresh_treeinfo and not self.fullrun:
             self.deploy_treeinfo(self.repo, sync_root, self.arch)
 
+        self.deploy_metadata(sync_root)
+
         self.log.info('Compose repo directory: %s' % sync_root)
         self.log.info('Compose logs: %s' % log_root)
         self.log.info('Compose completed.')
@@ -576,7 +587,11 @@ class RepoSync:
         """
         compose_base_dir = os.path.join(
                 self.compose_base,
-                "Rocky-{}-{}".format(self.fullversion, self.date_stamp)
+                "{}-{}-{}".format(
+                    self.shortname,
+                    self.fullversion,
+                    self.date_stamp
+                )
         )
         self.log.info('Creating compose directory %s' % compose_base_dir)
         if not os.path.exists(compose_base_dir):
@@ -872,7 +887,7 @@ class RepoSync:
             for issue in bad_exit_list:
                 self.log.error(issue)
 
-    def deploy_extra_files(self, global_work_root):
+    def deploy_extra_files(self, sync_root, global_work_root):
         """
         deploys extra files based on info of rlvars including a
         extra_files.json
@@ -880,20 +895,27 @@ class RepoSync:
         might also deploy COMPOSE_ID and maybe in the future a metadata dir with
         a bunch of compose-esque stuff.
         """
+        self.log.info(
+                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
+                'Deploying treeinfo, discinfo, and media.repo'
+        )
+
         cmd = self.git_cmd()
         tmpclone = '/tmp/clone'
         extra_files_dir = os.path.join(
                 global_work_root,
                 'extra-files'
         )
-        self.log.info(
-                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                'Deploying extra files to work directory ...'
+        metadata_dir = os.path.join(
+                sync_root,
+                "metadata"
         )
-
         if not os.path.exists(extra_files_dir):
             os.makedirs(extra_files_dir, exist_ok=True)
 
+        if not os.path.exists(metadata_dir):
+            os.makedirs(metadata_dir, exist_ok=True)
+
         clonecmd = '{} clone {} -b {} -q {}'.format(
                 cmd,
                 self.extra_files['git_repo'],
@@ -907,6 +929,11 @@ class RepoSync:
                 stderr=subprocess.DEVNULL
         )
 
+        self.log.info(
+                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
+                'Deploying extra files to work and metadata directories ...'
+        )
+
         # Copy files to work root
         for extra in self.extra_files['list']:
             src = '/tmp/clone/' + extra
@@ -915,6 +942,7 @@ class RepoSync:
             # exist on our mirrors.
             try:
                 shutil.copy2(src, extra_files_dir)
+                shutil.copy2(src, metadata_dir)
             except:
                 self.log.warn(
                         '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
@@ -930,15 +958,48 @@ class RepoSync:
                     e.strerror
             )
 
+    def deploy_metadata(self, sync_root):
+        """
+        Deploys metadata that defines information about the compose. Some data
+        will be close to how pungi produces it, but it won't be exact nor a
+        perfect replica.
+        """
+        self.log.info(
+                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
+                'Deploying metadata for this compose'
+        )
         # Create metadata here
         # Create COMPOSE_ID here (this doesn't necessarily match anything, it's
         # just an indicator)
+        metadata_dir = os.path.join(
+                sync_root,
+                "metadata"
+        )
+
+        # It should already exist from a full run or refresh. This is just in
+        # case and it doesn't hurt.
+        if not os.path.exists(metadata_dir):
+            os.makedirs(metadata_dir, exist_ok=True)
+
+        with open(metadata_dir + '/COMPOSE_ID') as f:
+            f.write(self.compose_id)
+            f.close()
+
+        Shared.write_metadata(
+                self.timestamp,
+                self.date_stamp,
+                self.fullname,
+                self.fullversion,
+                self.compose_id,
+                metadata_dir + 'metadata.json'
+        )
 
         self.log.info(
                 '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                'Extra files phase completed.'
+                'Metadata files phase completed.'
         )
 
+
     def deploy_treeinfo(self, repo, sync_root, arch):
         """
         Deploys initial treeinfo files. These have the potential of being
@@ -1181,6 +1242,7 @@ class SigRepoSync:
             major,
             repo=None,
             arch=None,
+            ignore_debug: bool = False,
             ignore_source: bool = False,
             repoclosure: bool = False,
             refresh_extra_files: bool = False,
@@ -1196,6 +1258,7 @@ class SigRepoSync:
         self.dryrun = dryrun
         self.fullrun = fullrun
         self.arch = arch
+        self.ignore_debug = ignore_debug
         self.ignore_source = ignore_source
         self.skip_all = skip_all
         self.hashed = hashed
@@ -1206,9 +1269,15 @@ class SigRepoSync:
         # Relevant config items
         self.major_version = major
         self.date_stamp = config['date_stamp']
+        self.timestamp = time.time()
         self.repo_base_url = config['repo_base_url']
         self.compose_root = config['compose_root']
         self.compose_base = config['compose_root'] + "/" + major
+        self.profile = rlvars['profile']
+        self.iso_map = rlvars['iso_map']
+        self.distname = config['distname']
+        self.fullname = rlvars['fullname']
+        self.shortname = config['shortname']
 
         # Relevant major version items
         self.sigvars = sigvars
@@ -1217,6 +1286,10 @@ class SigRepoSync:
         #self.project_id = sigvars['project_id']
         self.sigrepo = repo
 
+        # Templates
+        file_loader = FileSystemLoader(f"{_rootdir}/templates")
+        self.tmplenv = Environment(loader=file_loader)
+
         # each el can have its own designated container to run stuff in,
         # otherwise we'll just default to the default config.
         self.container = config['container']
@@ -1235,7 +1308,7 @@ class SigRepoSync:
         self.compose_latest_dir = os.path.join(
                 config['compose_root'],
                 major,
-                "latest-Rocky-{}-SIG".format(major)
+                "latest-{}-{}-SIG".format(self.shortname, major)
         )
 
         self.compose_latest_sync = os.path.join(
diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index 86399cc..d26a39a 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -135,7 +135,10 @@ class IsoBuild:
         self.compose_latest_dir = os.path.join(
                 config['compose_root'],
                 major,
-                "latest-Rocky-{}".format(self.profile)
+                "latest-{}-{}".format(
+                    self.shortname,
+                    self.profile
+                )
         )
 
         self.compose_latest_sync = os.path.join(
diff --git a/iso/empanadas/empanadas/util/shared.py b/iso/empanadas/empanadas/util/shared.py
index 085fabb..407be7a 100644
--- a/iso/empanadas/empanadas/util/shared.py
+++ b/iso/empanadas/empanadas/util/shared.py
@@ -1,6 +1,7 @@
 # These are shared utilities used
 
 import os
+import json
 import hashlib
 import productmd.treeinfo
 
@@ -107,6 +108,37 @@ class Shared:
         the case of modifying treeinfo for primary repos or images.
         """
 
+    @staticmethod
+    def write_metadata(
+            timestamp,
+            datestamp,
+            fullname,
+            release,
+            compose_id,
+            file_path
+    ):
+
+        metadata = {
+                "header": {
+                    "name": "empanadas",
+                    "version": "0.2.0",
+                    "type": "toolkit",
+                    "maintainer": "SIG/Core"
+                },
+                "payload": {
+                    "compose": {
+                        "date": datestamp,
+                        "id": compose_id,
+                        "fullname": fullname,
+                        "release": release,
+                        "timestamp": timestamp
+                    }
+                }
+        }
+
+        with open(file_path, "w+") as f:
+            json.dump(metadata, f)
+            f.close()
 
     @staticmethod
     def discinfo_write(timestamp, fullname, arch, file_path):
diff --git a/sync/sync-to-prod.sh b/sync/sync-to-prod.sh
index 76045c7..b48b74c 100644
--- a/sync/sync-to-prod.sh
+++ b/sync/sync-to-prod.sh
@@ -22,6 +22,16 @@ if [ $ret_val -eq "0" ]; then
   sudo -l && find ** -maxdepth 0 -type l | parallel --will-cite -j 18 sudo rsync -av --chown=10004:10005 --progress --relative --human-readable \
       {} "${TARGET}"
 
+  # Temporary until empanadas has this support
+  if [ -f "COMPOSE_ID" ]; then
+    cp COMPOSE_ID "${TARGET}"
+    chown 10004:10005 "${TARGET}/COMPOSE_ID"
+  fi
+
+  if [ -d "metadata" ]; then
+    rsync -av --chown=10004:10005 --progress --relative --human-readable metadata "${TARGET}"
+  fi
+
   # Full file list update
   cd "${PRODUCTION_ROOT}/${CATEGORY_STUB}/" || { echo "Failed to change directory"; exit 1; }
   # Hardlink everything except xml files
diff --git a/sync/sync-to-staging.sh b/sync/sync-to-staging.sh
index 1e764c8..d256fd5 100644
--- a/sync/sync-to-staging.sh
+++ b/sync/sync-to-staging.sh
@@ -25,4 +25,14 @@ if [ $ret_val -eq "0" ]; then
   # shellcheck disable=SC2035
   sudo -l && find **/* -maxdepth 0 -type d | parallel --will-cite -j 18 sudo rsync -av --chown=10004:10005 --progress --relative --human-readable \
       {} "${TARGET}"
+
+  # This is temporary until we implement rsync into empanadas
+  if [ -f "COMPOSE_ID" ]; then
+    cp COMPOSE_ID "${TARGET}"
+    chown 10004:10005 "${TARGET}/COMPOSE_ID"
+  fi
+
+  if [ -d "metadata" ]; then
+    rsync -av --chown=10004:10005 --progress --relative --human-readable metadata "${TARGET}"
+  fi
 fi

From e47ca962afadbfd858b604e7b6c6e2fa230d306f Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Fri, 1 Jul 2022 13:13:00 -0700
Subject: [PATCH 22/96] missing write function for compose_id

---
 iso/empanadas/empanadas/util/dnf_utils.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 681e128..c2243f1 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -981,7 +981,7 @@ class RepoSync:
         if not os.path.exists(metadata_dir):
             os.makedirs(metadata_dir, exist_ok=True)
 
-        with open(metadata_dir + '/COMPOSE_ID') as f:
+        with open(metadata_dir + '/COMPOSE_ID', "w+") as f:
             f.write(self.compose_id)
             f.close()
 

From 412a7ab089f65ef97533c6b9c5cd7d9924fd8ee7 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Fri, 1 Jul 2022 13:28:24 -0700
Subject: [PATCH 23/96] add json and yaml components

---
 iso/empanadas/empanadas/util/dnf_utils.py |  4 ++--
 iso/empanadas/empanadas/util/shared.py    | 11 ++++++++---
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index c2243f1..62bd540 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -988,10 +988,10 @@ class RepoSync:
         Shared.write_metadata(
                 self.timestamp,
                 self.date_stamp,
-                self.fullname,
+                self.distname,
                 self.fullversion,
                 self.compose_id,
-                metadata_dir + 'metadata.json'
+                metadata_dir + '/metadata'
         )
 
         self.log.info(
diff --git a/iso/empanadas/empanadas/util/shared.py b/iso/empanadas/empanadas/util/shared.py
index 407be7a..be3d33f 100644
--- a/iso/empanadas/empanadas/util/shared.py
+++ b/iso/empanadas/empanadas/util/shared.py
@@ -3,6 +3,7 @@
 import os
 import json
 import hashlib
+import yaml
 import productmd.treeinfo
 
 class ArchCheck:
@@ -136,9 +137,13 @@ class Shared:
                 }
         }
 
-        with open(file_path, "w+") as f:
-            json.dump(metadata, f)
-            f.close()
+        with open(file_path + ".json", "w+") as fp:
+            json.dump(metadata, fp, indent=4)
+            fp.close()
+
+        with open(file_path + ".yaml", "w+") as yp:
+            yaml.dump(metadata, yp)
+            yp.close()
 
     @staticmethod
     def discinfo_write(timestamp, fullname, arch, file_path):

From 2884bb0eaa74c1b037cbc045ce54ca31995fdc16 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Fri, 1 Jul 2022 14:16:14 -0700
Subject: [PATCH 24/96] Fix source and debuginfo portions

---
 iso/empanadas/empanadas/util/dnf_utils.py | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 62bd540..e2a6b0a 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -340,7 +340,7 @@ class RepoSync:
 
                 entry_name_list.append(entry_name)
 
-                if not self.ignore_debug:
+                if not self.ignore_debug and not a == 'source':
                     entry_name_list.append(debug_entry_name)
 
                 entry_point_sh = os.path.join(
@@ -444,7 +444,8 @@ class RepoSync:
                 os.chmod(debug_entry_point_sh, 0o755)
 
             # We ignoring sources?
-            if not self.ignore_source:
+            if (not self.ignore_source and not arch) or (
+                    not self.ignore_source and arch == 'source'):
                 source_entry_name = '{}-source'.format(r)
                 entry_name_list.append(source_entry_name)
 
@@ -1034,6 +1035,9 @@ class RepoSync:
                 arch_tree.append('i686')
 
             for a in arch_tree:
+                if a == 'source':
+                    continue
+
                 os_tree_path = os.path.join(
                         sync_root,
                         repo_name,
@@ -1096,7 +1100,7 @@ class RepoSync:
                             repo_name + ' ' + a + ' os media.repo already exists'
                     )
 
-                if not self.ignore_debug:
+                if not self.ignore_debug and not a == 'source':
                     debug_tree_path = os.path.join(
                             sync_root,
                             repo_name,
@@ -1160,7 +1164,7 @@ class RepoSync:
                         )
 
 
-            if not self.ignore_source:
+            if not self.ignore_source and not arch:
                 source_tree_path = os.path.join(
                         sync_root,
                         repo_name,

From c081f6f202eeeab5c7ab4440a72d7eba697f78c5 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Sun, 3 Jul 2022 00:19:13 -0700
Subject: [PATCH 25/96] test out parts of finalize

---
 iso/empanadas/empanadas/sig/cloud.yaml    |  11 +-
 iso/empanadas/empanadas/util/dnf_utils.py | 147 +++++++--------
 iso/empanadas/empanadas/util/iso_utils.py |  20 +-
 iso/empanadas/empanadas/util/shared.py    | 215 ++++++++++++++++++++++
 4 files changed, 294 insertions(+), 99 deletions(-)

diff --git a/iso/empanadas/empanadas/sig/cloud.yaml b/iso/empanadas/empanadas/sig/cloud.yaml
index e7305c7..e0ad17a 100644
--- a/iso/empanadas/empanadas/sig/cloud.yaml
+++ b/iso/empanadas/empanadas/sig/cloud.yaml
@@ -1,6 +1,7 @@
 ---
 cloud:
   '8':
+    profile: 'cloud'
     cloud-kernel:
       project_id: 'f91da90d-5bdb-4cf2-80ea-e07f8dae5a5c'
       allowed_arches:
@@ -10,7 +11,15 @@ cloud:
       allowed_arches:
         - aarch64
         - x86_64
-      project_id: ''
+      project_id: 'f91da90d-5bdb-4cf2-80ea-e07f8dae5a5c'
+    extra_files:
+      git_repo: 'https://git.rockylinux.org/staging/src/rocky-release-cloud.git'
+      git_raw_path: 'https://git.rockylinux.org/staging/src/rocky-release-cloud/-/raw/r8/'
+      branch: 'r8'
+      gpg:
+        stable: 'SOURCES/RPM-GPG-KEY-Rocky-SIG-Cloud'
+      list:
+        - 'SOURCES/RPM-GPG-KEY-Rocky-SIG-Cloud'
   '9':
     cloud-kernel:
       project_id: ''
diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index e2a6b0a..b275490 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -186,7 +186,13 @@ class RepoSync:
         # This should create the initial compose dir and set the path.
         # Otherwise, just use the latest link.
         if self.fullrun:
-            generated_dir = self.generate_compose_dirs()
+            generated_dir = Shared.generate_compose_dirs(
+                    self.compose_base,
+                    self.shortname,
+                    self.fullversion,
+                    self.date_stamp,
+                    self.log
+            )
             work_root = os.path.join(
                     generated_dir,
                     'work'
@@ -292,7 +298,7 @@ class RepoSync:
         Each container runs their own script
         wait till all is finished
         """
-        cmd = self.podman_cmd()
+        cmd = Shared.podman_cmd(self.log)
         contrunlist = []
         bad_exit_list = []
         self.log.info('Generating container entries')
@@ -582,24 +588,6 @@ class RepoSync:
                     'No issues detected.'
             )
 
-    def generate_compose_dirs(self) -> str:
-        """
-        Generate compose dirs for full runs
-        """
-        compose_base_dir = os.path.join(
-                self.compose_base,
-                "{}-{}-{}".format(
-                    self.shortname,
-                    self.fullversion,
-                    self.date_stamp
-                )
-        )
-        self.log.info('Creating compose directory %s' % compose_base_dir)
-        if not os.path.exists(compose_base_dir):
-            os.makedirs(compose_base_dir)
-
-        return compose_base_dir
-
     def symlink_to_latest(self, generated_dir):
         """
         Emulates pungi and symlinks latest-Rocky-X
@@ -628,7 +616,7 @@ class RepoSync:
         """
         fname = os.path.join(
                 dest_path,
-                "{}-config.repo".format(self.major_version)
+                "{}-{}-config.repo".format(self.shortname, self.major_version)
         )
         self.log.info('Generating the repo configuration: %s' % fname)
 
@@ -676,60 +664,6 @@ class RepoSync:
         config_file.close()
         return fname
 
-    def reposync_cmd(self) -> str:
-        """
-        This generates the reposync command. We don't support reposync by
-        itself and will raise an error.
-
-        :return: The path to the reposync command. If dnf exists, we'll use
-        that. Otherwise, fail immediately.
-        """
-        cmd = None
-        if os.path.exists("/usr/bin/dnf"):
-            cmd = "/usr/bin/dnf reposync"
-        else:
-            self.log.error('/usr/bin/dnf was not found. Good bye.')
-            raise SystemExit("/usr/bin/dnf was not found. \n\n/usr/bin/reposync "
-                    "is not sufficient and you are likely running on an el7 "
-                    "system or a grossly modified EL8+ system, " + Color.BOLD +
-                    "which tells us that you probably made changes to these tools "
-                    "expecting them to work and got to this point." + Color.END)
-        return cmd
-
-    def podman_cmd(self) -> str:
-        """
-        This generates the podman run command. This is in the case that we want
-        to do reposyncs in parallel as we cannot reasonably run multiple
-        instances of dnf reposync on a single system.
-        """
-        cmd = None
-        if os.path.exists("/usr/bin/podman"):
-            cmd = "/usr/bin/podman"
-        else:
-            self.log.error('/usr/bin/podman was not found. Good bye.')
-            raise SystemExit("\n\n/usr/bin/podman was not found.\n\nPlease "
-                    " ensure that you have installed the necessary packages on "
-                    " this system. " + Color.BOLD + "Note that docker is not "
-                    "supported." + Color.END
-            )
-        return cmd
-
-    def git_cmd(self) -> str:
-        """
-        This generates the git command. This is when we need to pull down extra
-        files or do work from a git repository.
-        """
-        cmd = None
-        if os.path.exists("/usr/bin/git"):
-            cmd = "/usr/bin/git"
-        else:
-            self.log.error('/usr/bin/git was not found. Good bye.')
-            raise SystemExit("\n\n/usr/bin/git was not found.\n\nPlease "
-                    " ensure that you have installed the necessary packages on "
-                    " this system. "
-            )
-        return cmd
-
     def repoclosure_work(self, sync_root, work_root, log_root):
         """
         This is where we run repoclosures, based on the configuration of each
@@ -740,7 +674,7 @@ class RepoSync:
         against itself. (This means BaseOS should be able to survive by
         itself.)
         """
-        cmd = self.podman_cmd()
+        cmd = Shared.podman_cmd(self.log)
         entries_dir = os.path.join(work_root, "entries")
         bad_exit_list = []
 
@@ -901,7 +835,7 @@ class RepoSync:
                 'Deploying treeinfo, discinfo, and media.repo'
         )
 
-        cmd = self.git_cmd()
+        cmd = Shared.git_cmd(self.log)
         tmpclone = '/tmp/clone'
         extra_files_dir = os.path.join(
                 global_work_root,
@@ -1231,7 +1165,57 @@ class RepoSync:
         work/isos to compose/isos, and combines all checksum files per arch
         into a final CHECKSUM file.
         """
+        # latest-X-Y should exist at all times for this to work.
+        work_root = os.path.join(
+                self.compose_latest_dir,
+                'work'
+        )
+        sync_root = self.compose_latest_sync
 
+        sync_iso_root = os.path.join(
+                sync_root,
+                'isos'
+        )
+
+        tmp_dir = os.path.join(
+                self.compose_root,
+                'partitions'
+        )
+
+        # Verify if the link even exists
+        if not os.path.exists(self.compose_latest_dir):
+            self.log.error('!! Latest compose link is broken does not exist: %s' % self.compose_latest_dir)
+            self.log.error('!! Please perform a full run if you have not done so.')
+            raise SystemExit()
+
+        log_root = os.path.join(
+                work_root,
+                "logs",
+                self.date_stamp
+        )
+
+        iso_root = os.path.join(
+                work_root,
+                "isos"
+        )
+
+        global_work_root = os.path.join(
+                work_root,
+                "global",
+        )
+
+        self.log.info(
+                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
+                'Starting to sync ISOs to compose'
+        )
+
+        iso_result = Shared.fpsync_method(iso_root, sync_iso_root, self.log, tmp_dir)
+
+        if not iso_result:
+            self.log.error(
+                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                    'Sync failed'
+            )
 
 class SigRepoSync:
     """
@@ -1278,6 +1262,7 @@ class SigRepoSync:
         self.compose_root = config['compose_root']
         self.compose_base = config['compose_root'] + "/" + major
         self.profile = rlvars['profile']
+        self.sigprofile = sigvars['profile']
         self.iso_map = rlvars['iso_map']
         self.distname = config['distname']
         self.fullname = rlvars['fullname']
@@ -1312,7 +1297,11 @@ class SigRepoSync:
         self.compose_latest_dir = os.path.join(
                 config['compose_root'],
                 major,
-                "latest-{}-{}-SIG".format(self.shortname, major)
+                "latest-{}-{}-SIG-{}".format(
+                    self.shortname,
+                    major,
+                    self.sigprofile
+                )
         )
 
         self.compose_latest_sync = os.path.join(
@@ -1345,7 +1334,7 @@ class SigRepoSync:
 
         self.log.info('sig reposync init')
         self.log.info(major)
-        #self.dnf_config = self.generate_conf()
+        #self.dnf_config = Shared.generate_conf()
 
     def run(self):
         """
diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index d26a39a..e402c4a 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -1156,7 +1156,7 @@ class IsoBuild:
         to the compose directories. It's the same as if you were doing a
         reposync of the repositories.
         """
-        cmd = self.podman_cmd()
+        cmd = Shared.podman_cmd(self.log)
         entries_dir = os.path.join(work_root, "entries")
         isos_dir = os.path.join(work_root, "isos")
         bad_exit_list = []
@@ -1766,24 +1766,6 @@ class IsoBuild:
         returned_cmd = ' '.join(cmd)
         return returned_cmd
 
-    def podman_cmd(self) -> str:
-        """
-        This generates the podman run command. This is in the case that we want
-        to do reposyncs in parallel as we cannot reasonably run multiple
-        instances of dnf reposync on a single system.
-        """
-        cmd = None
-        if os.path.exists("/usr/bin/podman"):
-            cmd = "/usr/bin/podman"
-        else:
-            self.log.error('/usr/bin/podman was not found. Good bye.')
-            raise SystemExit("\n\n/usr/bin/podman was not found.\n\nPlease "
-                    " ensure that you have installed the necessary packages on "
-                    " this system. " + Color.BOLD + "Note that docker is not "
-                    "supported." + Color.END
-            )
-        return cmd
-
 class LiveBuild:
     """
     This helps us build the live images for Rocky Linux.
diff --git a/iso/empanadas/empanadas/util/shared.py b/iso/empanadas/empanadas/util/shared.py
index be3d33f..c6b8eb8 100644
--- a/iso/empanadas/empanadas/util/shared.py
+++ b/iso/empanadas/empanadas/util/shared.py
@@ -3,8 +3,11 @@
 import os
 import json
 import hashlib
+import shlex
+import subprocess
 import yaml
 import productmd.treeinfo
+from empanadas.common import Color
 
 class ArchCheck:
     """
@@ -179,3 +182,215 @@ class Shared:
 
         with open(file_path, "w") as f:
             f.write("\n".join(data))
+
+    @staticmethod
+    def generate_compose_dirs(
+            compose_base,
+            shortname,
+            version,
+            date_stamp,
+            logger
+    ) -> str:
+        """
+        Generate compose dirs for full runs
+        """
+        compose_base_dir = os.path.join(
+                compose_base,
+                "{}-{}-{}".format(
+                    shortname,
+                    version,
+                    date_stamp
+                )
+        )
+        logger.info('Creating compose directory %s' % compose_base_dir)
+        if not os.path.exists(compose_base_dir):
+            os.makedirs(compose_base_dir)
+
+        return compose_base_dir
+
+    @staticmethod
+    def podman_cmd(logger) -> str:
+        """
+        This generates the podman run command. This is in the case that we want
+        to do reposyncs in parallel as we cannot reasonably run multiple
+        instances of dnf reposync on a single system.
+        """
+        cmd = None
+        if os.path.exists("/usr/bin/podman"):
+            cmd = "/usr/bin/podman"
+        else:
+            logger.error('/usr/bin/podman was not found. Good bye.')
+            raise SystemExit("\n\n/usr/bin/podman was not found.\n\nPlease "
+                    " ensure that you have installed the necessary packages on "
+                    " this system. " + Color.BOLD + "Note that docker is not "
+                    "supported." + Color.END
+            )
+        return cmd
+
+    @staticmethod
+    def reposync_cmd(logger) -> str:
+        """
+        This generates the reposync command. We don't support reposync by
+        itself and will raise an error.
+
+        :return: The path to the reposync command. If dnf exists, we'll use
+        that. Otherwise, fail immediately.
+        """
+        cmd = None
+        if os.path.exists("/usr/bin/dnf"):
+            cmd = "/usr/bin/dnf reposync"
+        else:
+            logger('/usr/bin/dnf was not found. Good bye.')
+            raise SystemExit("/usr/bin/dnf was not found. \n\n/usr/bin/reposync "
+                    "is not sufficient and you are likely running on an el7 "
+                    "system or a grossly modified EL8+ system, " + Color.BOLD +
+                    "which tells us that you probably made changes to these tools "
+                    "expecting them to work and got to this point." + Color.END)
+        return cmd
+
+    @staticmethod
+    def git_cmd(logger) -> str:
+        """
+        This generates the git command. This is when we need to pull down extra
+        files or do work from a git repository.
+        """
+        cmd = None
+        if os.path.exists("/usr/bin/git"):
+            cmd = "/usr/bin/git"
+        else:
+            logger.error('/usr/bin/git was not found. Good bye.')
+            raise SystemExit("\n\n/usr/bin/git was not found.\n\nPlease "
+                    " ensure that you have installed the necessary packages on "
+                    " this system. "
+            )
+        return cmd
+
+    @staticmethod
+    def generate_conf(data, logger, dest_path='/var/tmp') -> str:
+        """
+        Generates the necessary repo conf file for the operation. This repo
+        file should be temporary in nature. This will generate a repo file
+        with all repos by default. If a repo is chosen for sync, that will be
+        the only one synced.
+
+        :param dest_path: The destination where the temporary conf goes
+        :param repo: The repo object to create a file for
+        """
+        fname = os.path.join(
+                dest_path,
+                "{}-{}-config.repo".format(data.shortname, data.major_version)
+        )
+        data.log.info('Generating the repo configuration: %s' % fname)
+
+        if data.repo_base_url.startswith("/"):
+            logger.error("Local file syncs are not supported.")
+            raise SystemExit(Color.BOLD + "Local file syncs are not "
+                "supported." + Color.END)
+
+        prehashed = ''
+        if data.hashed:
+            prehashed = "hashed-"
+        # create dest_path
+        if not os.path.exists(dest_path):
+            os.makedirs(dest_path, exist_ok=True)
+        config_file = open(fname, "w+")
+        repolist = []
+        for repo in data.repos:
+
+            constructed_url = '{}/{}/repo/{}{}/$basearch'.format(
+                    data.repo_base_url,
+                    data.project_id,
+                    prehashed,
+                    repo,
+            )
+
+            constructed_url_src = '{}/{}/repo/{}{}/src'.format(
+                    data.repo_base_url,
+                    data.project_id,
+                    prehashed,
+                    repo,
+            )
+
+            repodata = {
+                    'name': repo,
+                    'baseurl': constructed_url,
+                    'srcbaseurl': constructed_url_src,
+                    'gpgkey': data.extra_files['git_raw_path'] + data.extra_files['gpg'][data.gpgkey]
+            }
+            repolist.append(repodata)
+
+        template = data.tmplenv.get_template('repoconfig.tmpl')
+        output = template.render(repos=repolist)
+        config_file.write(output)
+
+        config_file.close()
+        return fname
+
+    @staticmethod
+    def quick_sync(src, dest, logger, tmp_dir):
+        """
+        Does a quick sync from one place to another. This determines the method
+        in which will be used. We will look for fpsync and fall back to
+        parallel | rsync if that is also available. It will fail if parallel is
+        not available.
+
+        Return true or false on completion?
+        """
+
+    @staticmethod
+    def simple_sync(src, dest):
+        """
+        This is for simple syncs only, using rsync or copytree.
+        """
+
+    @staticmethod
+    def fpsync_method(src, dest, logger, tmp_dir):
+        """
+        Returns a list for the fpsync command
+        """
+        cmd = '/usr/bin/fpsync'
+        rsync_switches = '-av --numeric-ids --no-compress --chown=10004:10005'
+        if not os.path.exists(cmd):
+            logger.warn(
+                    '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
+                    'fpsync not found'
+            )
+            return False
+
+        os.makedirs(tmp_dir, exist_ok=True)
+
+        fpsync_cmd = '{} -o "{}" -n 18 -t {} {} {}'.format(
+                cmd,
+                rsync_switches,
+                tmp_dir,
+                src,
+                dest
+        )
+
+        process = subprocess.call(
+                shlex.split(fpsync_cmd),
+                stdout=subprocess.DEVNULL,
+                stderr=subprocess.DEVNULL,
+        )
+        if process != 0:
+            logger.error(
+                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                    'fpsync failed'
+            )
+            return False
+
+        if os.path.exists(dest):
+            return True
+        else:
+            logger.error(
+                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                    'Path synced does not seem to exist for some reason.'
+            )
+            return False
+
+    @staticmethod
+    def rsync_method(src, dest, logger, tmp_dir):
+        """
+        Returns a string for the rsync command plus parallel. Yes, this is a
+        hack.
+        """

From 462ea264b3c8fde4ed028b7df6ed000a958dff96 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Sun, 3 Jul 2022 00:22:00 -0700
Subject: [PATCH 26/96] add finalize script to mix

---
 .../empanadas/scripts/finalize_compose.py     | 35 +++++++++++++++++++
 iso/empanadas/pyproject.toml                  |  1 +
 2 files changed, 36 insertions(+)
 create mode 100755 iso/empanadas/empanadas/scripts/finalize_compose.py

diff --git a/iso/empanadas/empanadas/scripts/finalize_compose.py b/iso/empanadas/empanadas/scripts/finalize_compose.py
new file mode 100755
index 0000000..9cc8139
--- /dev/null
+++ b/iso/empanadas/empanadas/scripts/finalize_compose.py
@@ -0,0 +1,35 @@
+# This script can be called to do single syncs or full on syncs.
+
+import argparse
+
+from empanadas.common import *
+from empanadas.util import Checks
+from empanadas.util import RepoSync
+
+# Start up the parser baby
+parser = argparse.ArgumentParser(description="Peridot Sync and Compose")
+
+# All of our options
+parser.add_argument('--release', type=str, help="Major Release Version or major-type (eg 9-beta)", required=True)
+parser.add_argument('--arch', type=str, help="Architecture")
+parser.add_argument('--logger', type=str)
+
+# Parse them
+results = parser.parse_args()
+rlvars = rldict[results.release]
+major = rlvars['major']
+
+r = Checks(rlvars, config['arch'])
+r.check_valid_arch()
+
+# Send them and do whatever I guess
+a = RepoSync(
+        rlvars,
+        config,
+        major=major,
+        arch=results.arch,
+        logger=results.logger,
+)
+
+def run():
+    a.run_compose_closeout()
diff --git a/iso/empanadas/pyproject.toml b/iso/empanadas/pyproject.toml
index 82ea835..3f25a19 100644
--- a/iso/empanadas/pyproject.toml
+++ b/iso/empanadas/pyproject.toml
@@ -29,6 +29,7 @@ build-iso-extra = "empanadas.scripts.build_iso_extra:run"
 pull-unpack-tree = "empanadas.scripts.pull_unpack_tree:run"
 launch-builds = "empanadas.scripts.launch_builds:run"
 build-image = "empanadas.scripts.build_image:run"
+finalize_compose = "empanadas.scripts.finalize_compose:run"
 
 [build-system]
 requires = ["poetry-core>=1.0.0"]

From 957bf5ef3f80c86399cca7570f232262eb9fb4eb Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Sun, 3 Jul 2022 14:08:59 -0700
Subject: [PATCH 27/96] change comments briefly before merging changes

---
 iso/empanadas/empanadas/util/dnf_utils.py | 3 ++-
 iso/empanadas/empanadas/util/shared.py    | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index b275490..119933c 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -173,7 +173,8 @@ class RepoSync:
 
          * Dry runs only create initial directories and structure
          * Full runs sync everything from the top and setup structure,
-           including creating a symlink to latest-Rocky-X
+           including creating a symlink to latest-Rocky-X and creating the
+           kickstart directories
          * self.repo is ignored during full runs (noted in stdout)
          * self.arch being set will force only that arch to sync
         """
diff --git a/iso/empanadas/empanadas/util/shared.py b/iso/empanadas/empanadas/util/shared.py
index c6b8eb8..eca879d 100644
--- a/iso/empanadas/empanadas/util/shared.py
+++ b/iso/empanadas/empanadas/util/shared.py
@@ -86,7 +86,8 @@ class Shared:
         """
         Writes really basic treeinfo, this is for single repository treeinfo
         data. This is usually called in the case of a fresh run and each repo
-        needs one.
+        needs one. This basic info may be overwritten later either by lorax
+        data or a full run.
         """
         ti = productmd.treeinfo.TreeInfo()
         ti.release.name = distname

From 361c155481aa3b76b958cb57238fb0d28500325d Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Sun, 3 Jul 2022 22:27:08 -0400
Subject: [PATCH 28/96] Containerize and refactor image building

* Add new fedora container to run imagefactory
* Make architecture class from py attrs and make it raise exceptions
* Change build-image script to primarily invoke imagefactory directly. A
  second wrapper will be added to support running in kubernetes if
needed.
---
 iso/empanadas/Containerfile.imagefactory      |  68 +++
 iso/empanadas/empanadas/common.py             |  41 +-
 .../empanadas/scripts/build_image.py          | 413 ++++++++++++++----
 .../empanadas/templates/icicle/tdl.xml.tmpl   |   2 +-
 iso/empanadas/empanadas/util/imagebuild.py    |   0
 iso/empanadas/poetry.lock                     |  54 +--
 iso/empanadas/pyproject.toml                  |   1 +
 7 files changed, 441 insertions(+), 138 deletions(-)
 create mode 100644 iso/empanadas/Containerfile.imagefactory
 create mode 100644 iso/empanadas/empanadas/util/imagebuild.py

diff --git a/iso/empanadas/Containerfile.imagefactory b/iso/empanadas/Containerfile.imagefactory
new file mode 100644
index 0000000..c370ebd
--- /dev/null
+++ b/iso/empanadas/Containerfile.imagefactory
@@ -0,0 +1,68 @@
+FROM docker.io/fedora:36
+
+ADD images/get_arch /get_arch
+
+ENV TINI_VERSION v0.19.0
+RUN curl -o /tini -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-$(/get_arch)"
+RUN chmod +x /tini
+
+RUN dnf install -y \
+    bash \
+    bzip2 \
+    cpio \
+    diffutils \
+    findutils \
+    gawk \
+    gcc \
+    gcc-c++ \
+    git \
+    grep \
+    gzip \
+    info \
+    make \
+    patch \
+    python3 \
+    redhat-rpm-config \
+    rpm-build \
+    scl-utils-build \
+    sed \
+    shadow-utils \
+    tar \
+    unzip \
+    util-linux \
+    which \
+    xz \
+    dnf-plugins-core \
+    createrepo_c \
+    rpm-sign \
+    sudo \
+    mock \
+    python-pip \
+    imagefactory \
+    imagefactory-plugins*
+
+RUN sed -i -e 's/# memory = 1024/memory = 2048/' /etc/oz/oz.cfg
+
+RUN ssh-keygen -t rsa -q -f "$HOME/.ssh/id_rsa" -N ""
+RUN dnf clean all
+RUN rm -rf /etc/yum.repos.d/*.repo /get_arch
+# RUN useradd -o -d /var/peridot -u 1002 peridotbuilder && usermod -a -G mock peridotbuilder
+# RUN chown -R peridotbuilder:mock /etc/dnf && chown -R peridotbuilder:mock /etc/rpm && chown -R peridotbuilder:mock /etc/yum.repos.d && chown -R peridotbuilder:mock /var/lib/imagefactory/storage
+
+RUN pip install awscli
+
+ENV BRANCH r9
+RUN git clone https://git.rockylinux.org/rocky/kickstarts.git --branch $BRANCH /kickstarts
+RUN cp /kickstarts/Rocky-9-Container.ks /kickstarts/Rocky-9-Container-Base.ks
+RUN sed -i "s/\$basearch/$(uname -m)/" /kickstarts/Rocky-9-Container-Base.ks
+
+# devel only
+COPY . /empanadas
+RUN pip install -e /empanadas
+
+# prod
+#RUN pip install 'git+https://git.rockylinux.org/release-engineering/public/toolkit.git@devel#egg=empanadas&subdirectory=iso/empanadas'
+
+ENV LIBGUESTFS_BACKEND direct
+
+ENTRYPOINT ["/tini", "--"]
diff --git a/iso/empanadas/empanadas/common.py b/iso/empanadas/empanadas/common.py
index edb2533..796f472 100644
--- a/iso/empanadas/empanadas/common.py
+++ b/iso/empanadas/empanadas/common.py
@@ -97,24 +97,35 @@ for conf in glob.iglob(f"{_rootdir}/sig/*.yaml"):
 #COMPOSE_ISO_WORKDIR = COMPOSE_ROOT + "work/" + arch + "/" + date_stamp
 
 
-def valid_type_variant(_type: str, variant: str="") -> Tuple[bool, str]:
-    ALLOWED_TYPE_VARIANTS = {
-            "Container": ["Base", "Minimal"],
-            "GenericCloud": [],
-    }
-
+ALLOWED_TYPE_VARIANTS = {
+        "Azure": None,
+        "Container": ["Base", "Minimal"],
+        "EC2": None,
+        "GenericCloud": None,
+        "Vagrant": ["Libvirt", "VBox"]
+}
+def valid_type_variant(_type: str, variant: str="") -> bool:
     if _type not in ALLOWED_TYPE_VARIANTS:
-        return False, f"Type is invalid: ({_type}, {variant})"
-    elif variant not in ALLOWED_TYPE_VARIANTS[_type]:
+        raise Exception(f"Type is invalid: ({_type}, {variant})")
+    if ALLOWED_TYPE_VARIANTS[_type] == None:
+        if variant is not None:
+            raise Exception(f"{_type} Type expects no variant type.")
+        return True
+    if variant not in ALLOWED_TYPE_VARIANTS[_type]:
         if variant.capitalize() in ALLOWED_TYPE_VARIANTS[_type]:
-            return False, f"Capitalization mismatch. Found: ({_type}, {variant}). Expected: ({_type}, {variant.capitalize()})"
-        return False, f"Type/Variant Combination is not allowed: ({_type}, {variant})"
-    return True, ""
+            raise Exception(f"Capitalization mismatch. Found: ({_type}, {variant}). Expected: ({_type}, {variant.capitalize()})")
+        raise Exception(f"Type/Variant Combination is not allowed: ({_type}, {variant})")
+    return True
 
-class Architecture(str):
-    @staticmethod
-    def New(architecture: str, version: int):
+from attrs import define, field
+@define
+class Architecture:
+    name: str = field()
+    version: str = field()
+
+    @classmethod
+    def New(cls, architecture: str, version: int):
         if architecture not in rldict[version]["allowed_arches"]:
             print("Invalid architecture/version combo, skipping")
             exit()
-        return Architecture(architecture)
+        return cls(architecture, version)
diff --git a/iso/empanadas/empanadas/scripts/build_image.py b/iso/empanadas/empanadas/scripts/build_image.py
index 8a7f373..49e3b6e 100644
--- a/iso/empanadas/empanadas/scripts/build_image.py
+++ b/iso/empanadas/empanadas/scripts/build_image.py
@@ -3,12 +3,21 @@
 
 import argparse
 import datetime
+import json
+import logging
+import subprocess
+import sys
+import time
 import os
 import tempfile
 import pathlib
+import platform
+
+from botocore import args
+from attrs import define, Factory, field, asdict
 
 from jinja2 import Environment, FileSystemLoader, Template
-from typing import List, Tuple
+from typing import Callable, List, NoReturn, Optional, Tuple, IO, Union
 
 from empanadas.common import Architecture, rldict, valid_type_variant
 from empanadas.common import _rootdir
@@ -22,123 +31,337 @@ parser.add_argument('--debug', action='store_true', help="debug?")
 parser.add_argument('--type', type=str, help="Image type (container, genclo, azure, aws, vagrant)", required=True)
 parser.add_argument('--variant', type=str, help="", required=False)
 parser.add_argument('--release', type=str, help="Image release for subsequent builds with the same date stamp (rarely needed)", required=False)
+parser.add_argument('--kube', action='store_true', help="output as a K8s job(s)", required=False)
+
 
 results = parser.parse_args()
 rlvars = rldict[results.version]
 major = rlvars["major"]
 
+
+debug = results.debug
+
+log = logging.getLogger(__name__)
+log.setLevel(logging.INFO if not debug else logging.DEBUG)
+handler = logging.StreamHandler(sys.stdout)
+handler.setLevel(logging.INFO if not debug else logging.DEBUG)
+formatter = logging.Formatter(
+        '%(asctime)s :: %(name)s :: %(message)s',
+        '%Y-%m-%d %H:%M:%S'
+)
+handler.setFormatter(formatter)
+log.addHandler(handler)
+
 STORAGE_DIR = pathlib.Path("/var/lib/imagefactory/storage")
 KICKSTART_PATH = pathlib.Path(os.environ.get("KICKSTART_PATH", "/kickstarts"))
 BUILDTIME = datetime.datetime.utcnow()
 
+@define(kw_only=True)
+class ImageBuild:
+    architecture: Architecture = field()
+    base_uuid: Optional[str] = field(default="")
+    command_args: List[str] = field(factory=list)
+    common_args: List[str] = field(factory=list)
+    debug: bool = field(default=False)
+    image_type: str = field()
+    job_template: Optional[Template] = field(init=False)
+    kickstart_arg: List[str] = field(factory=list)
+    out_type: str = field(init=False)
+    outdir: pathlib.Path = field(init=False) 
+    outname: str = field(init=False)
+    package_args: List[str] = field(factory=list)
+    target_uuid: Optional[str] = field(default="")
+    tdl_path: pathlib.Path = field(init=False)
+    template: Template = field()
+    type_variant: str = field(init=False) 
+    stage_commands: Optional[List[List[Union[str,Callable]]]] = field(init=False)
+    variant: Optional[str] = field()
+    revision: Optional[int] = field()
+    metadata: pathlib.Path = field(init=False)
+    fedora_release: int = field()
 
-def render_icicle_template(template: Template, architecture: Architecture) -> str:
-    handle, output = tempfile.mkstemp()
-    if not handle:
-        exit(3)
-    with os.fdopen(handle, "wb") as tmp:
-        _template = template.render(
-            architecture=architecture,
-            fedora_version=rlvars["fedora_release"],
-            iso8601date=BUILDTIME.strftime("%Y%m%d"),
-            installdir="kickstart" if results.kickstartdir else "os",
-            major=major,
-            release=results.release if results.release else 0,
-            size="10G",
-            type=results.type.capitalize(),
-            utcnow=BUILDTIME,
-            version_variant=rlvars["revision"] if not results.variant else f"{rlvars['revision']}-{results.variant.capitalize()}",
-        )
-        tmp.write(_template.encode())
-    return output
-
-
-def generate_kickstart_imagefactory_args(debug: bool = False) -> str:
-    type_variant = results.type if not results.variant else f"{results.type}-{results.variant}" # todo -cleanup
-    kickstart_path = pathlib.Path(f"{KICKSTART_PATH}/Rocky-{major}-{type_variant}.ks")
-
-    if not kickstart_path.is_file():
-        print(f"Kickstart file is not available: {kickstart_path}")
-        if not debug:
+    def __attrs_post_init__(self):
+        self.tdl_path = self.render_icicle_template()
+        if not self.tdl_path:
             exit(2)
+        self.type_variant = self.type_variant_name()
+        self.outname = self.output_name()
+        self.outdir = pathlib.Path(f"/tmp/{self.outname}")
+        self.out_type = self.image_format()
+        self.command_args = self._command_args()
+        self.package_args = self._package_args()
+        self.common_args = self._common_args()
+        self.kickstart_arg = self.kickstart_imagefactory_args()
 
-    return f"--file-parameter install_script {kickstart_path}"
+        self.metadata = pathlib.Path(self.outdir, "metadata.json")
 
-def get_image_format(_type: str) -> str:
-    mapping = {
-            "Container": "docker"
-    }
-    return mapping[_type] if _type in mapping.keys() else ''
-
-def generate_imagefactory_commands(tdl_template: Template, architecture: Architecture) -> List[List[str]]:
-    template_path = render_icicle_template(tdl_template, architecture)
-    if not template_path:
-        exit(2)
-
-    args_mapping = {
-        "debug": "--debug" 
-    }
-
-    # only supports boolean flags right now?
-    args = [param for name, param in args_mapping.items() if getattr(results,name)]
-    package_args = []
-
-    kickstart_arg = generate_kickstart_imagefactory_args(True) # REMOVE DEBUG ARG
-
-    if results.type == "Container":
-        args += ["--parameter", "offline_icicle", "true"]
-        package_args += ["--parameter", "compress", "xz"]
-        tar_command = ["tar", "-Oxf", f"{STORAGE_DIR}/*.body" "./layer.tar"]
-
-    type_variant = results.type if not results.variant else f"{results.type}-{results.variant}" # todo -cleanup
-    outname = f"Rocky-{rlvars['major']}-{type_variant}.{BUILDTIME.strftime('%Y%m%d')}.{results.release if results.release else 0}.{architecture}"
-
-    outdir = pathlib.Path(f"/tmp/{outname}")
-
-    build_command = (f"imagefactory base_image {kickstart_arg} {' '.join(args)} {template_path}"
-                        f" | tee -a {outdir}/logs/base_image-{outname}.out"
-                        f" | tail -n4 > {outdir}/base.meta || exit 2" 
-            )
-
-
-    out_type = get_image_format(results.type)
-    package_command = ["imagefactory", "target_image", *args, template_path,
-                        "--id", "$(awk '$1==\"UUID:\"{print $NF}'"+f" /tmp/{outname}/base.meta)",
-                        *package_args, 
-                        "--parameter", "repository", outname, out_type,
-                        "|", "tee", "-a", f"{outdir}/base_image-{outname}.out",
-                        "|", "tail", "-n4", ">", f"{outdir}/target.meta", "||", "exit", "3" 
+        if self.image_type == "Container":
+            self.stage_commands = [
+                    ["tar", "-C", f"{self.outdir}", "--strip-components=1", "-x", "-f", lambda: f"{STORAGE_DIR}/{self.target_uuid}.body", "*/layer.tar"]
+            ]
+        if self.image_type == "GenericCloud":
+            self.stage_commands = [
+                    ["qemu-img", "convert", "-f", "raw", "-O", "qcow2", lambda: f"{STORAGE_DIR}/{self.target_uuid}.body", f"{self.outdir}/{self.outname}.qcow2"]
             ]
 
-    copy_command = (f"aws s3 cp --recursive {outdir}/* s3://resf-empanadas/buildimage-{ outname }/{ BUILDTIME.strftime('%s') }/")
-    commands = [build_command, package_command, copy_command]
-    return commands
+        try:
+            os.mkdir(self.outdir)
+        except FileExistsError as e:
+            log.info("Directory already exists for this release. If possible, previously executed steps may be skipped")
+        except Exception as e:
+            log.exception("Some other exception occured while creating the output directory", e)
+            return 0
+
+        if os.path.exists(self.metadata):
+            with open(self.metadata, "r") as f:
+                try:
+                    o = json.load(f)
+                    self.base_uuid = o['base_uuid']
+                    self.target_uuid = o['target_uuid']
+                except json.decoder.JSONDecodeError as e:
+                    log.exception("Couldn't decode metadata file", e)
+
+    def output_name(self):
+        return f"Rocky-{self.architecture.version}-{self.type_variant}.{BUILDTIME.strftime('%Y%m%d')}.{results.release if results.release else 0}.{self.architecture.name}"
     
+    def type_variant_name(self):
+        return self.image_type if not self.variant else f"{self.image_type}-{self.variant.capitalize()}"
+
+    def _command_args(self):
+        args_mapping = {
+            "debug": "--debug" 
+        }
+        return [param for name, param in args_mapping.items() if getattr(results,name)]
+
+    def _package_args(self) -> List[str]:
+        if results.type == "Container":
+            return ["--parameter", "compress", "xz"]
+        return [""]
+
+    def _common_args(self) -> List[str]:
+        args = []
+        if self.image_type == "Container":
+            args = ["--parameter", "offline_icicle", "true"]
+        if self.image_type == "GenericCloud":
+            args = ["--parameter", "generate_icicle", "false"]
+        return args
+
+    def image_format(self) -> str:
+        mapping = {
+                "Container": "docker"
+        }
+        return mapping[self.image_type] if self.image_type in mapping.keys() else ''
+
+    def kickstart_imagefactory_args(self) -> List[str]:
+        kickstart_path = pathlib.Path(f"{KICKSTART_PATH}/Rocky-{self.architecture.version}-{self.type_variant}.ks")
+
+        if not kickstart_path.is_file():
+            log.warn(f"Kickstart file is not available: {kickstart_path}")
+            if not debug:
+                log.warn("Exiting because debug mode is not enabled.")
+                exit(2)
+
+        return ["--file-parameter", "install_script", str(kickstart_path)]
+
+    def render_icicle_template(self) -> pathlib.Path:
+        handle, output = tempfile.mkstemp()
+        if not handle:
+            exit(3)
+        with os.fdopen(handle, "wb") as tmp:
+            _template = self.template.render(
+                architecture=self.architecture.name,
+                fedora_version=self.fedora_release,
+                iso8601date=BUILDTIME.strftime("%Y%m%d"),
+                installdir="kickstart" if results.kickstartdir else "os",
+                major=self.architecture.version,
+                release=results.release if results.release else 0,
+                size="10G",
+                type=self.image_type,
+                utcnow=BUILDTIME,
+                version_variant=self.revision if not self.variant else f"{self.revision}-{self.variant}",
+            )
+            tmp.write(_template.encode())
+            tmp.flush()
+        return pathlib.Path(output)
+
+    def build_command(self) -> List[str]:
+        build_command = ["imagefactory", *self.command_args, "base_image", *self.common_args, *self.kickstart_arg, self.tdl_path
+                            # "|", "tee", "-a", f"{outdir}/logs/base_image-{outname}.out",
+                            # "|", "tail", "-n4", ">", f"{outdir}/base.meta", "||", "exit", "2"
+                        ]
+        return build_command
+    def package_command(self) -> List[str]:
+        package_command = ["imagefactory", *self.command_args, "target_image", self.out_type, *self.common_args,
+                            "--id", f"{self.base_uuid}",
+                            *self.package_args, 
+                            "--parameter", "repository", self.outname,
+                            # "|", "tee", "-a", f"{outdir}/base_image-{outname}.out",
+                            # "|", "tail", "-n4", ">", f"{outdir}/target.meta", "||", "exit", "3" 
+                ]
+        return package_command
+
+    def copy_command(self) -> List[str]:
+
+        copy_command = ["aws", "s3", "cp", "--recursive", f"{self.outdir}/", f"s3://resf-empanadas/buildimage-{ self.outname }/{ BUILDTIME.strftime('%s') }/"]
+
+        return copy_command
+
+    def build(self) -> int:
+        if self.base_uuid:
+            return 0
+
+        ret, out, err, uuid = self.runCmd(self.build_command()) 
+        if ret > 0:
+            #error in build command
+            log.error("Problem during build.")
+        if not uuid:
+            log.error("Build UUID not found in stdout. Dumping stdout and stderr")
+            self.log_subprocess(ret, out, err)
+            return ret
+        self.base_uuid = uuid.rstrip()
+        self.save()
+        return ret
+
+    def package(self) -> int: 
+        # Some build types don't need to be packaged by imagefactory
+        if self.image_type == "GenericCloud":
+            self.target_uuid = self.base_uuid if hasattr(self, 'base_uuid') else ""
+
+        if self.target_uuid:
+            return 0
+
+        ret, out, err, uuid = self.runCmd(self.package_command())
+        if ret > 0:
+            log.error("Problem during packaging")
+        if not uuid:
+            log.error("Target Image UUID not found in stdout. Dumping stdout and stderr")
+            self.log_subprocess(ret, out, err)
+            return ret
+        self.target_uuid = uuid.rstrip()
+        self.save()
+        return ret
+
+    def stage(self) -> int:
+        """ Stage the artifacst from wherever they are (unpacking and converting if needed)"""
+        if not self.stage_commands:
+            return 0
+
+        returns = []
+        for command in self.stage_commands:
+            ret, out, err, _ = self.runCmd(command, search=False)
+            if ret > 0:
+                log.error("Problem during unpack.")
+                self.log_subprocess(ret, out, err)
+            returns.append(ret)
+
+        return all(ret > 0 for ret in returns)
+
+    def copy(self) -> int:
+        # move or unpack if necessary
+        if (stage := self.stage() > 0):
+            raise Exception(stage)
+
+        ret, out, err, _ = self.runCmd(self.copy_command(), search=False) 
+        if ret > 0:
+            #error in build command
+            log.error("Problem during build.")
+        return ret
+
+    def runCmd(self, command: List[Union[str, Callable]], search: bool = True) -> Tuple[int, Union[IO[bytes],None], Union[IO[bytes],None], Union[str,None]]:
+        prepared, _ = self.prepare_command(command)
+        log.info(f"Running command: {' '.join(prepared)}")
+
+        kwargs = {
+            "stderr": subprocess.PIPE,
+            "stdout": subprocess.PIPE
+        }
+        if debug: del kwargs["stderr"]
+
+        with subprocess.Popen(prepared,  **kwargs) as p:
+            uuid = None
+            if search:
+                for _, line in enumerate(p.stdout): # type: ignore
+                    ln = line.decode()
+                    if ln.startswith("UUID: "):
+                        uuid = ln.split(" ")[-1]
+                        log.debug(f"found uuid: {uuid}")
+            return p.wait(), p.stdout, p.stdin, uuid
+
+    def prepare_command(self, command_list: List[Union[str, Callable]]) -> Tuple[List[str],List[None]]:
+        """
+        Commands may be a callable, which should be a lambda to be evaluated at
+        preparation time with available locals. This can be used to, among
+        other things, perform lazy evaluations of f-strings which have values
+        not available at assignment time. e.g., filling in a second command
+        with a value extracted from the previous step or command.
+
+        """
+
+        r = []
+        return r, [r.append(c()) if (callable(c) and c.__name__ == '<lambda>') else r.append(str(c)) for c in command_list]
+
+    def log_subprocess(self, return_code: int, stdout: Union[IO[bytes], None], stderr: Union[IO[bytes], None]):
+        def log_lines(title, lines):
+            log.info(f"====={title}=====")
+            for _, line in lines:
+                log.info(line.decode())
+        log.info(f"Command return code: {return_code}")
+        log_lines("Command STDOUT", enumerate(stdout)) # type: ignore
+        log_lines("Command STDERR", enumerate(stderr)) # type: ignore
+
+    def render_kubernetes_job(self):
+        commands = [self.build_command(), self.package_command(), self.copy_command()]
+        if not self.job_template:
+            return None
+        template = self.job_template.render(
+                architecture=self.architecture.name,
+                backoffLimit=4,
+                buildTime=BUILDTIME.strftime("%s"),
+                command=commands,
+                imageName="ghcr.io/rockylinux/sig-core-toolkit:latest",
+                jobname="buildimage",
+                namespace="empanadas",
+                major=major,
+                restartPolicy="Never",
+            )
+        return template
+
+    def save(self):
+        with open(pathlib.Path(self.outdir, "metadata.json"), "w") as f:
+            o = { name: getattr(self, name) for name in ["base_uuid", "target_uuid"] }
+            log.debug(o)
+            json.dump(o, f)
+
 def run():
-    result, error = valid_type_variant(results.type, results.variant)
-    if not result:
-        print(error)
+    try:
+        valid_type_variant(results.type, results.variant)
+    except Exception as e:
+        log.exception(e)
         exit(2)
 
     file_loader = FileSystemLoader(f"{_rootdir}/templates")
     tmplenv = Environment(loader=file_loader)
     tdl_template = tmplenv.get_template('icicle/tdl.xml.tmpl')
-    job_template = tmplenv.get_template('kube/Job.tmpl')
 
-    for architecture in rlvars["allowed_arches"]:
-        architecture = Architecture.New(architecture, major)
+    arches = rlvars['allowed_arches'] if results.kube else [platform.uname().machine]
 
-        commands = generate_imagefactory_commands(tdl_template, architecture)
+    for architecture in arches:
+        IB = ImageBuild(
+                image_type=results.type, 
+                variant=results.variant,
+                architecture=Architecture.New(architecture, major),
+                template=tdl_template,
+                revision=rlvars['revision'],
+                fedora_release=rlvars['fedora_release'],
+                debug=True
+        )
+        if results.kube:
+            IB.job_template = tmplenv.get_template('kube/Job.tmpl')
+            #commands = IB.kube_commands()
+            print(IB.render_kubernetes_job())
+        else:
+            ret = IB.build()
+            ret = IB.package()
+            ret = IB.copy()
 
-        print(job_template.render(
-            architecture=architecture,
-            backoffLimit=4,
-            buildTime=datetime.datetime.utcnow().strftime("%s"),
-            command=commands,
-            imageName="ghcr.io/rockylinux/sig-core-toolkit:latest",
-            jobname="buildimage",
-            namespace="empanadas",
-            major=major,
-            restartPolicy="Never",
-        ))
 
diff --git a/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl b/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl
index 14e8dd8..5f0aa8b 100644
--- a/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl
+++ b/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl
@@ -5,7 +5,7 @@
             <version>{{fedora_version}}</version>
             <arch>{{architecture}}</arch>
             <install type='url'>
-              <url>https://dl.rockylinux.org/stg/rocky/{{major}}/BaseOS/{{architecture}}/{{installdir}}/</url>
+              <url>https://dl.rockylinux.org/stg/rocky/{{major}}/BaseOS/{{architecture}}/{{installdir}}</url>
             </install>
         <icicle>
                 <extra_command>rpm -qa --qf '%{NAME},%{VERSION},%{RELEASE},%{ARCH},%{EPOCH},%{SIZE},%{SIGMD5},%{BUILDTIME}
diff --git a/iso/empanadas/empanadas/util/imagebuild.py b/iso/empanadas/empanadas/util/imagebuild.py
new file mode 100644
index 0000000..e69de29
diff --git a/iso/empanadas/poetry.lock b/iso/empanadas/poetry.lock
index 35ab49d..7a23d84 100644
--- a/iso/empanadas/poetry.lock
+++ b/iso/empanadas/poetry.lock
@@ -10,7 +10,7 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*"
 name = "attrs"
 version = "21.4.0"
 description = "Classes Without Boilerplate"
-category = "dev"
+category = "main"
 optional = false
 python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*"
 
@@ -22,14 +22,14 @@ tests_no_zope = ["coverage[toml] (>=5.0.2)", "hypothesis", "pympler", "pytest (>
 
 [[package]]
 name = "boto3"
-version = "1.24.14"
+version = "1.24.22"
 description = "The AWS SDK for Python"
 category = "main"
 optional = false
 python-versions = ">= 3.7"
 
 [package.dependencies]
-botocore = ">=1.27.14,<1.28.0"
+botocore = ">=1.27.22,<1.28.0"
 jmespath = ">=0.7.1,<2.0.0"
 s3transfer = ">=0.6.0,<0.7.0"
 
@@ -38,7 +38,7 @@ crt = ["botocore[crt] (>=1.21.0,<2.0a0)"]
 
 [[package]]
 name = "botocore"
-version = "1.27.14"
+version = "1.27.22"
 description = "Low-level, data-driven core of boto 3."
 category = "main"
 optional = false
@@ -62,11 +62,11 @@ python-versions = ">=3.6"
 
 [[package]]
 name = "charset-normalizer"
-version = "2.0.12"
+version = "2.1.0"
 description = "The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet."
 category = "main"
 optional = false
-python-versions = ">=3.5.0"
+python-versions = ">=3.6.0"
 
 [package.extras]
 unicode_backport = ["unicodedata2"]
@@ -89,7 +89,7 @@ python-versions = ">=3.5"
 
 [[package]]
 name = "importlib-metadata"
-version = "4.11.4"
+version = "4.12.0"
 description = "Read metadata from Python packages"
 category = "dev"
 optional = false
@@ -102,7 +102,7 @@ zipp = ">=0.5"
 [package.extras]
 docs = ["sphinx", "jaraco.packaging (>=9)", "rst.linker (>=1.9)"]
 perf = ["ipython"]
-testing = ["pytest (>=6)", "pytest-checkdocs (>=2.4)", "pytest-flake8", "pytest-cov", "pytest-enabler (>=1.0.1)", "packaging", "pyfakefs", "flufl.flake8", "pytest-perf (>=0.9.2)", "pytest-black (>=0.3.7)", "pytest-mypy (>=0.9.1)", "importlib-resources (>=1.3)"]
+testing = ["pytest (>=6)", "pytest-checkdocs (>=2.4)", "pytest-flake8", "pytest-cov", "pytest-enabler (>=1.3)", "packaging", "pyfakefs", "flufl.flake8", "pytest-perf (>=0.9.2)", "pytest-black (>=0.3.7)", "pytest-mypy (>=0.9.1)", "importlib-resources (>=1.3)"]
 
 [[package]]
 name = "importlib-resources"
@@ -143,7 +143,7 @@ python-versions = ">=3.7"
 
 [[package]]
 name = "kobo"
-version = "0.24.1"
+version = "0.24.2"
 description = "A pile of python modules used by Red Hat release engineering to build their tools"
 category = "main"
 optional = false
@@ -267,7 +267,7 @@ python-versions = ">=3.6"
 
 [[package]]
 name = "requests"
-version = "2.28.0"
+version = "2.28.1"
 description = "Python HTTP for Humans."
 category = "main"
 optional = false
@@ -275,13 +275,13 @@ python-versions = ">=3.7, <4"
 
 [package.dependencies]
 certifi = ">=2017.4.17"
-charset-normalizer = ">=2.0.0,<2.1.0"
+charset-normalizer = ">=2,<3"
 idna = ">=2.5,<4"
 urllib3 = ">=1.21.1,<1.27"
 
 [package.extras]
 socks = ["PySocks (>=1.5.6,!=1.5.7)"]
-use_chardet_on_py3 = ["chardet (>=3.0.2,<5)"]
+use_chardet_on_py3 = ["chardet (>=3.0.2,<6)"]
 
 [[package]]
 name = "rpm-py-installer"
@@ -315,7 +315,7 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*"
 
 [[package]]
 name = "typing-extensions"
-version = "4.2.0"
+version = "4.3.0"
 description = "Backported and Experimental Type Hints for Python 3.7+"
 category = "dev"
 optional = false
@@ -365,7 +365,7 @@ testing = ["pytest (>=6)", "pytest-checkdocs (>=2.4)", "pytest-flake8", "pytest-
 [metadata]
 lock-version = "1.1"
 python-versions = ">=3.7,<4"
-content-hash = "ccd47ad1b0819968dbad34b68c3f9afd98bd657ee639f9037731fd2a0746bd16"
+content-hash = "42676fd0ceb350c8cd90246dc688cfcd404e14d22229052d0527fe342c135b95"
 
 [metadata.files]
 atomicwrites = [
@@ -377,20 +377,20 @@ attrs = [
     {file = "attrs-21.4.0.tar.gz", hash = "sha256:626ba8234211db98e869df76230a137c4c40a12d72445c45d5f5b716f076e2fd"},
 ]
 boto3 = [
-    {file = "boto3-1.24.14-py3-none-any.whl", hash = "sha256:490f5e88f5551b33ae3019a37412158b76426d63d1fb910968ade9b6a024e5fe"},
-    {file = "boto3-1.24.14.tar.gz", hash = "sha256:e284705da36faa668c715ae1f74ebbff4320dbfbe3a733df3a8ab076d1ed1226"},
+    {file = "boto3-1.24.22-py3-none-any.whl", hash = "sha256:c9a9f893561f64f5b81de197714ac4951251a328672a8dba28ad4c4a589c3adf"},
+    {file = "boto3-1.24.22.tar.gz", hash = "sha256:67d404c643091d4aa37fc485193289ad859f1f65f94d0fa544e13bdd1d4187c1"},
 ]
 botocore = [
-    {file = "botocore-1.27.14-py3-none-any.whl", hash = "sha256:df1e9b208ff93daac7c645b0b04fb6dccd7f20262eae24d87941727025cbeece"},
-    {file = "botocore-1.27.14.tar.gz", hash = "sha256:bb56fa77b8fa1ec367c2e16dee62d60000451aac5140dcce3ebddc167fd5c593"},
+    {file = "botocore-1.27.22-py3-none-any.whl", hash = "sha256:7145d9b7cae87999a9f074de700d02a1b3222ee7d1863aa631ff56c5fc868035"},
+    {file = "botocore-1.27.22.tar.gz", hash = "sha256:f57cb33446deef92e552b0be0e430d475c73cf64bc9e46cdb4783cdfe39cb6bb"},
 ]
 certifi = [
     {file = "certifi-2022.6.15-py3-none-any.whl", hash = "sha256:fe86415d55e84719d75f8b69414f6438ac3547d2078ab91b67e779ef69378412"},
     {file = "certifi-2022.6.15.tar.gz", hash = "sha256:84c85a9078b11105f04f3036a9482ae10e4621616db313fe045dd24743a0820d"},
 ]
 charset-normalizer = [
-    {file = "charset-normalizer-2.0.12.tar.gz", hash = "sha256:2857e29ff0d34db842cd7ca3230549d1a697f96ee6d3fb071cfa6c7393832597"},
-    {file = "charset_normalizer-2.0.12-py3-none-any.whl", hash = "sha256:6881edbebdb17b39b4eaaa821b438bf6eddffb4468cf344f09f89def34a8b1df"},
+    {file = "charset-normalizer-2.1.0.tar.gz", hash = "sha256:575e708016ff3a5e3681541cb9d79312c416835686d054a23accb873b254f413"},
+    {file = "charset_normalizer-2.1.0-py3-none-any.whl", hash = "sha256:5189b6f22b01957427f35b6a08d9a0bc45b46d3788ef5a92e978433c7a35f8a5"},
 ]
 colorama = [
     {file = "colorama-0.4.5-py2.py3-none-any.whl", hash = "sha256:854bf444933e37f5824ae7bfc1e98d5bce2ebe4160d46b5edf346a89358e99da"},
@@ -401,8 +401,8 @@ idna = [
     {file = "idna-3.3.tar.gz", hash = "sha256:9d643ff0a55b762d5cdb124b8eaa99c66322e2157b69160bc32796e824360e6d"},
 ]
 importlib-metadata = [
-    {file = "importlib_metadata-4.11.4-py3-none-any.whl", hash = "sha256:c58c8eb8a762858f49e18436ff552e83914778e50e9d2f1660535ffb364552ec"},
-    {file = "importlib_metadata-4.11.4.tar.gz", hash = "sha256:5d26852efe48c0a32b0509ffbc583fda1a2266545a78d104a6f4aff3db17d700"},
+    {file = "importlib_metadata-4.12.0-py3-none-any.whl", hash = "sha256:7401a975809ea1fdc658c3aa4f78cc2195a0e019c5cbc4c06122884e9ae80c23"},
+    {file = "importlib_metadata-4.12.0.tar.gz", hash = "sha256:637245b8bab2b6502fcbc752cc4b7a6f6243bb02b31c5c26156ad103d3d45670"},
 ]
 importlib-resources = [
     {file = "importlib_resources-5.8.0-py3-none-any.whl", hash = "sha256:7952325ffd516c05a8ad0858c74dff2c3343f136fe66a6002b2623dd1d43f223"},
@@ -417,7 +417,7 @@ jmespath = [
     {file = "jmespath-1.0.1.tar.gz", hash = "sha256:90261b206d6defd58fdd5e85f478bf633a2901798906be2ad389150c5c60edbe"},
 ]
 kobo = [
-    {file = "kobo-0.24.1.tar.gz", hash = "sha256:d5a30cc20c323f3e9d9b4b2e511650c4b98929b88859bd8cf57463876686e407"},
+    {file = "kobo-0.24.2.tar.gz", hash = "sha256:1b3c17260a93d933d2238884373fbf3485ecd417d930acf984285dc012410e2b"},
 ]
 markupsafe = [
     {file = "MarkupSafe-2.0.1-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:d8446c54dc28c01e5a2dbac5a25f071f6653e6e40f3a8818e8b45d790fe6ef53"},
@@ -558,8 +558,8 @@ pyyaml = [
     {file = "PyYAML-6.0.tar.gz", hash = "sha256:68fb519c14306fec9720a2a5b45bc9f0c8d1b9c72adf45c37baedfcd949c35a2"},
 ]
 requests = [
-    {file = "requests-2.28.0-py3-none-any.whl", hash = "sha256:bc7861137fbce630f17b03d3ad02ad0bf978c844f3536d0edda6499dafce2b6f"},
-    {file = "requests-2.28.0.tar.gz", hash = "sha256:d568723a7ebd25875d8d1eaf5dfa068cd2fc8194b2e483d7b1f7c81918dbec6b"},
+    {file = "requests-2.28.1-py3-none-any.whl", hash = "sha256:8fefa2a1a1365bf5520aac41836fbee479da67864514bdb821f31ce07ce65349"},
+    {file = "requests-2.28.1.tar.gz", hash = "sha256:7c5599b102feddaa661c826c56ab4fee28bfd17f5abca1ebbe3e7f19d7c97983"},
 ]
 rpm-py-installer = [
     {file = "rpm-py-installer-1.1.0.tar.gz", hash = "sha256:66e5f4f9247752ed386345642683103afaee50fb16928878a204bc12504b9bbe"},
@@ -573,8 +573,8 @@ six = [
     {file = "six-1.16.0.tar.gz", hash = "sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926"},
 ]
 typing-extensions = [
-    {file = "typing_extensions-4.2.0-py3-none-any.whl", hash = "sha256:6657594ee297170d19f67d55c05852a874e7eb634f4f753dbd667855e07c1708"},
-    {file = "typing_extensions-4.2.0.tar.gz", hash = "sha256:f1c24655a0da0d1b67f07e17a5e6b2a105894e6824b92096378bb3668ef02376"},
+    {file = "typing_extensions-4.3.0-py3-none-any.whl", hash = "sha256:25642c956049920a5aa49edcdd6ab1e06d7e5d467fc00e0506c44ac86fbfca02"},
+    {file = "typing_extensions-4.3.0.tar.gz", hash = "sha256:e6d2677a32f47fc7eb2795db1dd15c1f34eff616bcaf2cfb5e997f854fa1c4a6"},
 ]
 urllib3 = [
     {file = "urllib3-1.26.9-py2.py3-none-any.whl", hash = "sha256:44ece4d53fb1706f667c9bd1c648f5469a2ec925fcf3a776667042d645472c14"},
diff --git a/iso/empanadas/pyproject.toml b/iso/empanadas/pyproject.toml
index 3f25a19..b4fa53a 100644
--- a/iso/empanadas/pyproject.toml
+++ b/iso/empanadas/pyproject.toml
@@ -16,6 +16,7 @@ boto3 = "^1.24.12"
 xmltodict = "^0.13.0"
 requests = "^2.28.0"
 kobo = "^0.24.1"
+attrs = "^21.4.0"
 
 [tool.poetry.dev-dependencies]
 pytest = "~5"

From 3cf47dd85cf594985bf086be3ce98232034e707f Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Sun, 3 Jul 2022 22:48:12 -0400
Subject: [PATCH 29/96] remove final dependencies on results variable

* put logging code into runCmd method to reduce repeated code
---
 .../empanadas/scripts/build_image.py          | 64 ++++++++-----------
 1 file changed, 28 insertions(+), 36 deletions(-)

diff --git a/iso/empanadas/empanadas/scripts/build_image.py b/iso/empanadas/empanadas/scripts/build_image.py
index 49e3b6e..f03ec42 100644
--- a/iso/empanadas/empanadas/scripts/build_image.py
+++ b/iso/empanadas/empanadas/scripts/build_image.py
@@ -79,6 +79,7 @@ class ImageBuild:
     revision: Optional[int] = field()
     metadata: pathlib.Path = field(init=False)
     fedora_release: int = field()
+    release: int = field(default=0)
 
     def __attrs_post_init__(self):
         self.tdl_path = self.render_icicle_template()
@@ -122,7 +123,7 @@ class ImageBuild:
                     log.exception("Couldn't decode metadata file", e)
 
     def output_name(self):
-        return f"Rocky-{self.architecture.version}-{self.type_variant}.{BUILDTIME.strftime('%Y%m%d')}.{results.release if results.release else 0}.{self.architecture.name}"
+        return f"Rocky-{self.architecture.version}-{self.type_variant}.{BUILDTIME.strftime('%Y%m%d')}.{self.release}.{self.architecture.name}"
     
     def type_variant_name(self):
         return self.image_type if not self.variant else f"{self.image_type}-{self.variant.capitalize()}"
@@ -174,7 +175,7 @@ class ImageBuild:
                 iso8601date=BUILDTIME.strftime("%Y%m%d"),
                 installdir="kickstart" if results.kickstartdir else "os",
                 major=self.architecture.version,
-                release=results.release if results.release else 0,
+                release=self.release,
                 size="10G",
                 type=self.image_type,
                 utcnow=BUILDTIME,
@@ -211,15 +212,9 @@ class ImageBuild:
             return 0
 
         ret, out, err, uuid = self.runCmd(self.build_command()) 
-        if ret > 0:
-            #error in build command
-            log.error("Problem during build.")
-        if not uuid:
-            log.error("Build UUID not found in stdout. Dumping stdout and stderr")
-            self.log_subprocess(ret, out, err)
-            return ret
-        self.base_uuid = uuid.rstrip()
-        self.save()
+        if uuid:
+            self.base_uuid = uuid.rstrip()
+            self.save()
         return ret
 
     def package(self) -> int: 
@@ -231,14 +226,9 @@ class ImageBuild:
             return 0
 
         ret, out, err, uuid = self.runCmd(self.package_command())
-        if ret > 0:
-            log.error("Problem during packaging")
-        if not uuid:
-            log.error("Target Image UUID not found in stdout. Dumping stdout and stderr")
-            self.log_subprocess(ret, out, err)
-            return ret
-        self.target_uuid = uuid.rstrip()
-        self.save()
+        if uuid:
+            self.target_uuid = uuid.rstrip()
+            self.save()
         return ret
 
     def stage(self) -> int:
@@ -249,9 +239,6 @@ class ImageBuild:
         returns = []
         for command in self.stage_commands:
             ret, out, err, _ = self.runCmd(command, search=False)
-            if ret > 0:
-                log.error("Problem during unpack.")
-                self.log_subprocess(ret, out, err)
             returns.append(ret)
 
         return all(ret > 0 for ret in returns)
@@ -262,9 +249,6 @@ class ImageBuild:
             raise Exception(stage)
 
         ret, out, err, _ = self.runCmd(self.copy_command(), search=False) 
-        if ret > 0:
-            #error in build command
-            log.error("Problem during build.")
         return ret
 
     def runCmd(self, command: List[Union[str, Callable]], search: bool = True) -> Tuple[int, Union[IO[bytes],None], Union[IO[bytes],None], Union[str,None]]:
@@ -285,7 +269,15 @@ class ImageBuild:
                     if ln.startswith("UUID: "):
                         uuid = ln.split(" ")[-1]
                         log.debug(f"found uuid: {uuid}")
-            return p.wait(), p.stdout, p.stdin, uuid
+                
+            res = p.wait(), p.stdout, p.stdin, uuid
+            if res[0] > 0:
+                log.error(f"Problem while executing command: '{prepared}'")
+            if search and not res[3]:
+                log.error("UUID not found in stdout. Dumping stdout and stderr")
+                self.log_subprocess(res)
+
+            return res
 
     def prepare_command(self, command_list: List[Union[str, Callable]]) -> Tuple[List[str],List[None]]:
         """
@@ -300,14 +292,14 @@ class ImageBuild:
         r = []
         return r, [r.append(c()) if (callable(c) and c.__name__ == '<lambda>') else r.append(str(c)) for c in command_list]
 
-    def log_subprocess(self, return_code: int, stdout: Union[IO[bytes], None], stderr: Union[IO[bytes], None]):
+    def log_subprocess(self, result: Tuple[int, Union[IO[bytes], None], Union[IO[bytes], None], Union[str, None]]):
         def log_lines(title, lines):
             log.info(f"====={title}=====")
             for _, line in lines:
                 log.info(line.decode())
-        log.info(f"Command return code: {return_code}")
-        log_lines("Command STDOUT", enumerate(stdout)) # type: ignore
-        log_lines("Command STDERR", enumerate(stderr)) # type: ignore
+        log.info(f"Command return code: {result[0]}")
+        log_lines("Command STDOUT", enumerate(result[1])) # type: ignore
+        log_lines("Command STDERR", enumerate(result[2])) # type: ignore
 
     def render_kubernetes_job(self):
         commands = [self.build_command(), self.package_command(), self.copy_command()]
@@ -347,13 +339,14 @@ def run():
 
     for architecture in arches:
         IB = ImageBuild(
-                image_type=results.type, 
-                variant=results.variant,
                 architecture=Architecture.New(architecture, major),
-                template=tdl_template,
-                revision=rlvars['revision'],
+                debug=results.debug,
                 fedora_release=rlvars['fedora_release'],
-                debug=True
+                image_type=results.type, 
+                release=results.release if results.release else 0,
+                revision=rlvars['revision'],
+                template=tdl_template,
+                variant=results.variant,
         )
         if results.kube:
             IB.job_template = tmplenv.get_template('kube/Job.tmpl')
@@ -364,4 +357,3 @@ def run():
             ret = IB.package()
             ret = IB.copy()
 
-

From 77178e96578d50ef48a61f1258b83b303cb75428 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Sun, 3 Jul 2022 21:00:57 -0700
Subject: [PATCH 30/96] move treeinfo writing to Shared

---
 iso/empanadas/empanadas/util/dnf_utils.py |  90 ++++++++++++--
 iso/empanadas/empanadas/util/iso_utils.py | 134 +++++++++++---------
 iso/empanadas/empanadas/util/shared.py    | 145 +++++++++++++++++++---
 sync/.sync-to-prod.sh.swp                 | Bin 0 -> 12288 bytes
 4 files changed, 287 insertions(+), 82 deletions(-)
 create mode 100644 sync/.sync-to-prod.sh.swp

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 119933c..c7e9a79 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -242,6 +242,7 @@ class RepoSync:
         if self.fullrun:
             self.deploy_extra_files(sync_root, global_work_root)
             self.deploy_treeinfo(self.repo, sync_root, self.arch)
+            self.tweak_treeinfo(self.repo, sync_root, self.arch)
             self.symlink_to_latest(generated_dir)
 
         if self.repoclosure:
@@ -250,8 +251,11 @@ class RepoSync:
         if self.refresh_extra_files and not self.fullrun:
             self.deploy_extra_files(sync_root, global_work_root)
 
+        # This does NOT overwrite treeinfo files. This just ensures they exist
+        # and are configured correctly.
         if self.refresh_treeinfo and not self.fullrun:
             self.deploy_treeinfo(self.repo, sync_root, self.arch)
+            self.tweak_treeinfo(self.repo, sync_root, self.arch)
 
         self.deploy_metadata(sync_root)
 
@@ -450,6 +454,53 @@ class RepoSync:
                 os.chmod(entry_point_sh, 0o755)
                 os.chmod(debug_entry_point_sh, 0o755)
 
+                # During fullruns, a kickstart directory is made. Kickstart
+                # should not be updated nor touched during regular runs under
+                # any circumstances.
+                if self.fullrun:
+                    ks_entry_name = '{}-ks-{}'.format(r, a)
+                    entry_name_list.append(ks_entry_name)
+                    ks_point_sh = os.path.join(
+                            entries_dir,
+                            ks_entry_name
+                    )
+
+                    ks_sync_path = os.path.join(
+                            sync_root,
+                            repo_name,
+                            a,
+                            'kickstart'
+                    )
+
+                    ks_sync_cmd = ("/usr/bin/dnf reposync -c {}.{} --download-metadata "
+                            "--repoid={} -p {} --forcearch {} --norepopath "
+                            "--gpgcheck --assumeyes 2>&1").format(
+                            self.dnf_config,
+                            a,
+                            r,
+                            ks_sync_path,
+                            a
+                    )
+
+                    ks_sync_log = ("{}/{}-{}-ks.log").format(
+                            log_root,
+                            repo_name,
+                            a
+                    )
+
+                    ks_sync_template = self.tmplenv.get_template('reposync.tmpl')
+                    ks_sync_output = ks_sync_template.render(
+                            import_gpg_cmd=import_gpg_cmd,
+                            arch_force_cp=arch_force_cp,
+                            dnf_plugin_cmd=dnf_plugin_cmd,
+                            sync_cmd=ks_sync_cmd,
+                            sync_log=ks_sync_log
+                    )
+                    ks_entry_point_open = open(ks_point_sh, "w+")
+                    ks_entry_point_open.write(ks_sync_output)
+                    ks_entry_point_open.close()
+                    os.chmod(ks_point_sh, 0o755)
+
             # We ignoring sources?
             if (not self.ignore_source and not arch) or (
                     not self.ignore_source and arch == 'source'):
@@ -635,7 +686,6 @@ class RepoSync:
         config_file = open(fname, "w+")
         repolist = []
         for repo in self.repos:
-
             constructed_url = '{}/{}/repo/{}{}/$basearch'.format(
                     self.repo_base_url,
                     self.project_id,
@@ -1159,6 +1209,12 @@ class RepoSync:
                             repo_name + ' source media.repo already exists'
                     )
 
+    def tweak_treeinfo(self, repo, sync_root, arch):
+        """
+        This modifies treeinfo for the primary repository. If the repository is
+        listed in the iso_map as a non-disc, it will be considered for modification.
+        """
+
     def run_compose_closeout(self):
         """
         Closes out a compose as file. This ensures kickstart repositories are
@@ -1185,8 +1241,12 @@ class RepoSync:
 
         # Verify if the link even exists
         if not os.path.exists(self.compose_latest_dir):
-            self.log.error('!! Latest compose link is broken does not exist: %s' % self.compose_latest_dir)
-            self.log.error('!! Please perform a full run if you have not done so.')
+            self.log.error(
+                    '!! Latest compose link is broken does not exist: %s' % self.compose_latest_dir
+            )
+            self.log.error(
+                    '!! Please perform a full run if you have not done so.'
+            )
             raise SystemExit()
 
         log_root = os.path.join(
@@ -1210,12 +1270,28 @@ class RepoSync:
                 'Starting to sync ISOs to compose'
         )
 
-        iso_result = Shared.fpsync_method(iso_root, sync_iso_root, self.log, tmp_dir)
-
-        if not iso_result:
+        if os.path.exists('/usr/bin/fpsync'):
+            message, ret = Shared.fpsync_method(iso_root, sync_iso_root, tmp_dir)
+        elif os.path.exists('/usr/bin/parallel') and os.path.exists('/usr/bin/rsync'):
+            message, ret = Shared.rsync_method(iso_root, sync_iso_root)
+        else:
             self.log.error(
                     '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                    'Sync failed'
+                    'fpsync nor parallel + rsync were found on this system. ' +
+                    'There is also no built-in parallel rsync method at this ' +
+                    'time.'
+            )
+            raise SystemExit()
+
+        if ret != 0:
+            self.log.error(
+                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                    message
+            )
+        else:
+            self.log.info(
+                    '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
+                    message
             )
 
 class SigRepoSync:
diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index e402c4a..ee682c9 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -799,54 +799,76 @@ class IsoBuild:
         is for basic use. Eventually it'll be expanded to handle this scenario.
         """
         image = os.path.join(self.lorax_work_dir, arch, variant)
-        treeinfo = os.path.join(image, '.treeinfo')
-        discinfo = os.path.join(image, '.discinfo')
-        mediarepo = os.path.join(image, 'media.repo')
         imagemap = self.iso_map['images'][variant]
-        primary = imagemap['variant']
-        repos = imagemap['repos']
-        is_disc = False
+        data = {
+                'arch': arch,
+                'variant': variant,
+                'variant_path': image,
+                'checksum': self.checksum,
+                'distname': self.distname,
+                'fullname': self.fullname,
+                'shortname': self.shortname,
+                'release': self.release,
+                'timestamp': self.timestamp,
+        }
 
-        if imagemap['disc']:
-            is_disc = True
-            discnum = 1
+        try:
+            Shared.treeinfo_modify_write(data, imagemap)
+        except Exception as e:
+            self.log.error(
+                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                    'There was an error writing treeinfo.'
+            )
+            self.log.error(e)
+
+        #treeinfo = os.path.join(image, '.treeinfo')
+        #discinfo = os.path.join(image, '.discinfo')
+        #mediarepo = os.path.join(image, 'media.repo')
+        #imagemap = self.iso_map['images'][variant]
+        #primary = imagemap['variant']
+        #repos = imagemap['repos']
+        #is_disc = False
+
+        #if imagemap['disc']:
+        #    is_disc = True
+        #    discnum = 1
 
         # load up productmd
-        ti = productmd.treeinfo.TreeInfo()
-        ti.load(treeinfo)
+        #ti = productmd.treeinfo.TreeInfo()
+        #ti.load(treeinfo)
 
         # Set the name
-        ti.release.name = self.distname
-        ti.release.short = self.shortname
+        #ti.release.name = self.distname
+        #ti.release.short = self.shortname
         # Set the version (the initial lorax run does this, but we are setting
         # it just in case)
-        ti.release.version = self.release
+        #ti.release.version = self.release
         # Assign the present images into a var as a copy. For each platform,
         # clear out the present dictionary. For each item and path in the
         # assigned var, assign it back to the platform dictionary. If the path
         # is empty, continue. Do checksums afterwards.
-        plats = ti.images.images.copy()
-        for platform in ti.images.images:
-            ti.images.images[platform] = {}
-            for i, p in plats[platform].items():
-                if not p:
-                    continue
-                if 'boot.iso' in i and is_disc:
-                    continue
-                ti.images.images[platform][i] = p
-                ti.checksums.add(p, self.checksum, root_dir=image)
+        #plats = ti.images.images.copy()
+        #for platform in ti.images.images:
+        #    ti.images.images[platform] = {}
+        #    for i, p in plats[platform].items():
+        #        if not p:
+        #            continue
+        #        if 'boot.iso' in i and is_disc:
+        #            continue
+        #        ti.images.images[platform][i] = p
+        #        ti.checksums.add(p, self.checksum, root_dir=image)
 
         # stage2 checksums
-        if ti.stage2.mainimage:
-            ti.checksums.add(ti.stage2.mainimage, self.checksum, root_dir=image)
+        #if ti.stage2.mainimage:
+        #    ti.checksums.add(ti.stage2.mainimage, self.checksum, root_dir=image)
 
-        if ti.stage2.instimage:
-            ti.checksums.add(ti.stage2.instimage, self.checksum, root_dir=image)
+        #if ti.stage2.instimage:
+        #    ti.checksums.add(ti.stage2.instimage, self.checksum, root_dir=image)
 
         # If we are a disc, set the media section appropriately.
-        if is_disc:
-            ti.media.discnum = discnum
-            ti.media.totaldiscs = discnum
+        #if is_disc:
+        #    ti.media.discnum = discnum
+        #    ti.media.totaldiscs = discnum
 
         # Create variants
         # Note to self: There's a lot of legacy stuff running around for
@@ -854,38 +876,38 @@ class IsoBuild:
         # apparently. But there could be a chance it'll change. We may need to
         # put in a configuration to deal with it at some point.
         #ti.variants.variants.clear()
-        for y in repos:
-            if y in ti.variants.variants.keys():
-                vari = ti.variants.variants[y]
-            else:
-                vari = productmd.treeinfo.Variant(ti)
+        #for y in repos:
+        #    if y in ti.variants.variants.keys():
+        #        vari = ti.variants.variants[y]
+        #    else:
+        #        vari = productmd.treeinfo.Variant(ti)
 
-            vari.id = y
-            vari.uid = y
-            vari.name = y
-            vari.type = "variant"
-            if is_disc:
-                vari.paths.repository = y
-                vari.paths.packages = y + "/Packages"
-            else:
-                if y == primary:
-                    vari.paths.repository = "."
-                    vari.paths.packages = "Packages"
-                else:
-                    vari.paths.repository = "../../../" + y + "/" + arch + "/os"
-                    vari.paths.packages = "../../../" + y + "/" + arch + "/os/Packages"
+        #    vari.id = y
+        #    vari.uid = y
+        #    vari.name = y
+        #    vari.type = "variant"
+        #    if is_disc:
+        #        vari.paths.repository = y
+        #        vari.paths.packages = y + "/Packages"
+        #    else:
+        #        if y == primary:
+        #            vari.paths.repository = "."
+        #            vari.paths.packages = "Packages"
+        #        else:
+        #            vari.paths.repository = "../../../" + y + "/" + arch + "/os"
+        #            vari.paths.packages = "../../../" + y + "/" + arch + "/os/Packages"
 
-            if y not in ti.variants.variants.keys():
-                ti.variants.add(vari)
+        #    if y not in ti.variants.variants.keys():
+        #        ti.variants.add(vari)
 
-            del vari
+        #    del vari
 
         # Set default variant
-        ti.dump(treeinfo, main_variant=primary)
+        #ti.dump(treeinfo, main_variant=primary)
         # Set discinfo
-        Shared.discinfo_write(self.timestamp, self.fullname, arch, discinfo)
+        #Shared.discinfo_write(self.timestamp, self.fullname, arch, discinfo)
         # Set media.repo
-        Shared.media_repo_write(self.timestamp, self.fullname, mediarepo)
+        #Shared.media_repo_write(self.timestamp, self.fullname, mediarepo)
 
     # Next set of functions are loosely borrowed (in concept) from pungi. Some
     # stuff may be combined/mixed together, other things may be simplified or
diff --git a/iso/empanadas/empanadas/util/shared.py b/iso/empanadas/empanadas/util/shared.py
index eca879d..305316b 100644
--- a/iso/empanadas/empanadas/util/shared.py
+++ b/iso/empanadas/empanadas/util/shared.py
@@ -107,11 +107,115 @@ class Shared:
         ti.dump(file_path)
 
     @staticmethod
-    def treeinfo_modify_write():
+    def treeinfo_modify_write(data, imagemap):
         """
         Modifies a specific treeinfo with already available data. This is in
         the case of modifying treeinfo for primary repos or images.
         """
+        arch = data['arch']
+        variant = data['variant']
+        variant_path = data['variant_path']
+        checksum = data['checksum']
+        distname = data['distname']
+        fullname = data['fullname']
+        shortname = data['shortname']
+        release = data['release']
+        timestamp = data['timestamp']
+
+        os_or_ks = ''
+        if '/os/' in variant_path:
+            os_or_ks = 'os'
+        if '/kickstart/' in variant_path:
+            os_or_ks = 'kickstart'
+
+        image = os.path.join(variant_path)
+        treeinfo = os.path.join(image, '.treeinfo')
+        discinfo = os.path.join(image, '.discinfo')
+        mediarepo = os.path.join(image, 'media.repo')
+        #imagemap = self.iso_map['images'][variant]
+        primary = imagemap['variant']
+        repos = imagemap['repos']
+        is_disc = False
+
+        if imagemap['disc']:
+            is_disc = True
+            discnum = 1
+
+        # load up productmd
+        ti = productmd.treeinfo.TreeInfo()
+        ti.load(treeinfo)
+
+        # Set the name
+        ti.release.name = distname
+        ti.release.short = shortname
+        # Set the version (the initial lorax run does this, but we are setting
+        # it just in case)
+        ti.release.version = release
+        # Assign the present images into a var as a copy. For each platform,
+        # clear out the present dictionary. For each item and path in the
+        # assigned var, assign it back to the platform dictionary. If the path
+        # is empty, continue. Do checksums afterwards.
+        plats = ti.images.images.copy()
+        for platform in ti.images.images:
+            ti.images.images[platform] = {}
+            for i, p in plats[platform].items():
+                if not p:
+                    continue
+                if 'boot.iso' in i and is_disc:
+                    continue
+                ti.images.images[platform][i] = p
+                ti.checksums.add(p, checksum, root_dir=image)
+
+        # stage2 checksums
+        if ti.stage2.mainimage:
+            ti.checksums.add(ti.stage2.mainimage, checksum, root_dir=image)
+
+        if ti.stage2.instimage:
+            ti.checksums.add(ti.stage2.instimage, checksum, root_dir=image)
+
+        # If we are a disc, set the media section appropriately.
+        if is_disc:
+            ti.media.discnum = discnum
+            ti.media.totaldiscs = discnum
+
+        # Create variants
+        # Note to self: There's a lot of legacy stuff running around for
+        # Fedora, ELN, and RHEL in general. This is the general structure,
+        # apparently. But there could be a chance it'll change. We may need to
+        # put in a configuration to deal with it at some point.
+        #ti.variants.variants.clear()
+        for y in repos:
+            if y in ti.variants.variants.keys():
+                vari = ti.variants.variants[y]
+            else:
+                vari = productmd.treeinfo.Variant(ti)
+
+            vari.id = y
+            vari.uid = y
+            vari.name = y
+            vari.type = "variant"
+            if is_disc:
+                vari.paths.repository = y
+                vari.paths.packages = y + "/Packages"
+            else:
+                if y == primary:
+                    vari.paths.repository = "."
+                    vari.paths.packages = "Packages"
+                else:
+                    vari.paths.repository = "../../../" + y + "/" + arch + "/" + os_or_ks
+                    vari.paths.packages = "../../../" + y + "/" + arch + "/" + os_or_ks + "/Packages"
+
+            if y not in ti.variants.variants.keys():
+                ti.variants.add(vari)
+
+            del vari
+
+        # Set default variant
+        ti.dump(treeinfo, main_variant=primary)
+        # Set discinfo
+        Shared.discinfo_write(timestamp, fullname, arch, discinfo)
+        # Set media.repo
+        Shared.media_repo_write(timestamp, fullname, mediarepo)
 
     @staticmethod
     def write_metadata(
@@ -345,18 +449,16 @@ class Shared:
         """
 
     @staticmethod
-    def fpsync_method(src, dest, logger, tmp_dir):
+    def fpsync_method(src, dest, tmp_dir):
         """
         Returns a list for the fpsync command
         """
         cmd = '/usr/bin/fpsync'
         rsync_switches = '-av --numeric-ids --no-compress --chown=10004:10005'
         if not os.path.exists(cmd):
-            logger.warn(
-                    '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                    'fpsync not found'
-            )
-            return False
+            message = 'fpsync not found'
+            retval = 1
+            return message, retval
 
         os.makedirs(tmp_dir, exist_ok=True)
 
@@ -373,25 +475,30 @@ class Shared:
                 stdout=subprocess.DEVNULL,
                 stderr=subprocess.DEVNULL,
         )
+
         if process != 0:
-            logger.error(
-                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                    'fpsync failed'
-            )
-            return False
+            message = 'Syncing (fpsync) failed'
+            retval = process
+            return message, retval
 
         if os.path.exists(dest):
-            return True
+            message = 'Syncing (fpsync) succeeded'
+            retval = process
         else:
-            logger.error(
-                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                    'Path synced does not seem to exist for some reason.'
-            )
-            return False
+            message = 'Path synced does not seem to exist for some reason.'
+            retval = 1
+
+        return message, retval
 
     @staticmethod
-    def rsync_method(src, dest, logger, tmp_dir):
+    def rsync_method(src, dest):
         """
         Returns a string for the rsync command plus parallel. Yes, this is a
         hack.
         """
+        find_cmd = '/usr/bin/find'
+        parallel_cmd = '/usr/bin/parallel'
+        rsync_cmd = '/usr/bin/rsync'
+        switches = '-av --chown=10004:10005 --progress --relative --human-readable'
+
+        os.makedirs(dest, exist_ok=True)
diff --git a/sync/.sync-to-prod.sh.swp b/sync/.sync-to-prod.sh.swp
new file mode 100644
index 0000000000000000000000000000000000000000..75f3529bd37db6f81cb1f6cd48c5ac3accac90cb
GIT binary patch
literal 12288
zcmeI2L2nyH6vroAXbLSAd;nhUsDY@vYbPx#i9!{eG%-@*D0W(*rj5qCV|(lIt~;}v
z#7Yb&4jj2~Lwo=Zh%*uwRBq4{2e=_|feRNt0RLGhb(#<*QmI6xS?O=@&dz%?^PBfx
z5@qUz+vR1t;Z8DKml&I_epeq|{FLqFFEPpMLYnqdF3qFR<xx{e9XEU#`|a&mwcSW0
zPaA%eIrN%g;_0yI`LPmS634P_8hVkReK<+%bX6R<y7jcReX;~BfoCIdflW;o3&ux2
zcbVRJef`<oS!+wc60ig;0ZYIVummgtOTZF%p$H`15%w`={L=oci~HXrN51zT?UyBB
z30MM_fF)oFSOS)SC143y0+xU!U<tf{1bDz$@G@ib=P-Hv|Nr3c|G!^j><8!(^cD08
zB%lDAhf2^d7a98r`VsmXN}>DEMd-H+jC~LN{wiaSp>Lo!q4Urv^y@2(eG7d7b)h!&
z09uCrI?vdj&>zra=pnQO5p)jvd6cm)p_|YM^aykR9Qq7ef)*gNo)Tm)OTZGa1S|nd
zz!G>)1R5bD@>}tCM8!g(aBbRrUZ+MXWh0bAhB|rjkc6GA!BIFT*gMt?N0~SH>mGY~
zvJH`!YUSbVA(vh~j67cno(Sj3@b8`A4CBEzvpDm3gK0Ri3^Hp!pxoH*>RM%fy;Lh#
zRyNlvm0I5$+bzx278WaOA8uA_>+koy9PRDVE(w65+$|0;0VOfGnWK{wgi82Hta`Z_
z5<6i+#Tn{n{_}K4j4MH0VogDhT0)7dR8JH7Ak|42QHg6o+dN8)!&aza6*lPZU2+<y
zVYzp21|}kcNh6E`a%l+4Y#Z8JTm>?W+T`rexI3}o?sTL(F>cnpws5;##ftkm^vl!I
zK~J$IR1Y(Wnplc2x(UGs14v=!_I!Ee=@!B+8;r8ROS=Ig0lz&S1eP*qP08U~<TzQ-
z&K?e0$DBTGDxo!AD<OFjZVBAB(hiT%zyn^Ff;u9>UBV59+T7aWLM?+}xRZl`IC!6<
z1H!`z9M6=Y6R%WRUaeFYHp}w{YL*7Wrhgr+LAha%;do|8YNFGP6<0k<qa>7sM;>9`
z8oR2qSRtKu(FG@U&0s{k{Uc-OG>FNObmht*LMA52>F}KZyV{}xIZ3Z8NYWm4x#AMZ
z4p!Ttl#U-J;P!xuH!uc#{3qBqm|2!?2`T-S@Y_fmZT4ffTAD0OUB_E<ow^9u!y*vx
z*&>RE7KHn3K>;~pNBDy!@AgmczA>|>k$&UayYIT5*Bt-<5Xloq_0TawGE2!&(}Wf(
zj8iRp6SS>j<f$ntE;DckL{0A2h0jxzmMD${#SMy6mF1Pj2E?fh(1CQq6>3nEwnM}N
zBC92|OXY^CDn0n?v{Bf|=^lxyLCVaYscvR<X1Xvvg$&E`YfOn`bBiO=#6!vzh9S@P
zU(Al(WP>VGt<5c#R~Any$(if^*$eZ5f7Iq-jb<o=vxkb|*zVlw>cYzWX05V0Uta4o
zra{gZK=2k|M7(2e3%R#(0>0CUqZ~UiqOZMkwODw!Xg&()RUP;ln9&wjp^1Hs)4Wtg
lP1AI!@HSN3F}u?=n}Z)S=1hI+Ct)11{N?NiULBjo{sC&2w+sLP

literal 0
HcmV?d00001


From b9037585c7598439e61c4050a038b9cb8307f24c Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Sun, 3 Jul 2022 21:01:13 -0700
Subject: [PATCH 31/96] move treeinfo writing to Shared

---
 sync/.sync-to-prod.sh.swp | Bin 12288 -> 0 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 delete mode 100644 sync/.sync-to-prod.sh.swp

diff --git a/sync/.sync-to-prod.sh.swp b/sync/.sync-to-prod.sh.swp
deleted file mode 100644
index 75f3529bd37db6f81cb1f6cd48c5ac3accac90cb..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 12288
zcmeI2L2nyH6vroAXbLSAd;nhUsDY@vYbPx#i9!{eG%-@*D0W(*rj5qCV|(lIt~;}v
z#7Yb&4jj2~Lwo=Zh%*uwRBq4{2e=_|feRNt0RLGhb(#<*QmI6xS?O=@&dz%?^PBfx
z5@qUz+vR1t;Z8DKml&I_epeq|{FLqFFEPpMLYnqdF3qFR<xx{e9XEU#`|a&mwcSW0
zPaA%eIrN%g;_0yI`LPmS634P_8hVkReK<+%bX6R<y7jcReX;~BfoCIdflW;o3&ux2
zcbVRJef`<oS!+wc60ig;0ZYIVummgtOTZF%p$H`15%w`={L=oci~HXrN51zT?UyBB
z30MM_fF)oFSOS)SC143y0+xU!U<tf{1bDz$@G@ib=P-Hv|Nr3c|G!^j><8!(^cD08
zB%lDAhf2^d7a98r`VsmXN}>DEMd-H+jC~LN{wiaSp>Lo!q4Urv^y@2(eG7d7b)h!&
z09uCrI?vdj&>zra=pnQO5p)jvd6cm)p_|YM^aykR9Qq7ef)*gNo)Tm)OTZGa1S|nd
zz!G>)1R5bD@>}tCM8!g(aBbRrUZ+MXWh0bAhB|rjkc6GA!BIFT*gMt?N0~SH>mGY~
zvJH`!YUSbVA(vh~j67cno(Sj3@b8`A4CBEzvpDm3gK0Ri3^Hp!pxoH*>RM%fy;Lh#
zRyNlvm0I5$+bzx278WaOA8uA_>+koy9PRDVE(w65+$|0;0VOfGnWK{wgi82Hta`Z_
z5<6i+#Tn{n{_}K4j4MH0VogDhT0)7dR8JH7Ak|42QHg6o+dN8)!&aza6*lPZU2+<y
zVYzp21|}kcNh6E`a%l+4Y#Z8JTm>?W+T`rexI3}o?sTL(F>cnpws5;##ftkm^vl!I
zK~J$IR1Y(Wnplc2x(UGs14v=!_I!Ee=@!B+8;r8ROS=Ig0lz&S1eP*qP08U~<TzQ-
z&K?e0$DBTGDxo!AD<OFjZVBAB(hiT%zyn^Ff;u9>UBV59+T7aWLM?+}xRZl`IC!6<
z1H!`z9M6=Y6R%WRUaeFYHp}w{YL*7Wrhgr+LAha%;do|8YNFGP6<0k<qa>7sM;>9`
z8oR2qSRtKu(FG@U&0s{k{Uc-OG>FNObmht*LMA52>F}KZyV{}xIZ3Z8NYWm4x#AMZ
z4p!Ttl#U-J;P!xuH!uc#{3qBqm|2!?2`T-S@Y_fmZT4ffTAD0OUB_E<ow^9u!y*vx
z*&>RE7KHn3K>;~pNBDy!@AgmczA>|>k$&UayYIT5*Bt-<5Xloq_0TawGE2!&(}Wf(
zj8iRp6SS>j<f$ntE;DckL{0A2h0jxzmMD${#SMy6mF1Pj2E?fh(1CQq6>3nEwnM}N
zBC92|OXY^CDn0n?v{Bf|=^lxyLCVaYscvR<X1Xvvg$&E`YfOn`bBiO=#6!vzh9S@P
zU(Al(WP>VGt<5c#R~Any$(if^*$eZ5f7Iq-jb<o=vxkb|*zVlw>cYzWX05V0Uta4o
zra{gZK=2k|M7(2e3%R#(0>0CUqZ~UiqOZMkwODw!Xg&()RUP;ln9&wjp^1Hs)4Wtg
lP1AI!@HSN3F}u?=n}Z)S=1hI+Ct)11{N?NiULBjo{sC&2w+sLP


From 79682d0e98604411870f44eb29e007a6d71efec9 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Sun, 3 Jul 2022 21:14:33 -0700
Subject: [PATCH 32/96] os is missing from initial lorax variant

---
 iso/empanadas/empanadas/util/shared.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/iso/empanadas/empanadas/util/shared.py b/iso/empanadas/empanadas/util/shared.py
index 305316b..93aa986 100644
--- a/iso/empanadas/empanadas/util/shared.py
+++ b/iso/empanadas/empanadas/util/shared.py
@@ -123,7 +123,7 @@ class Shared:
         timestamp = data['timestamp']
 
         os_or_ks = ''
-        if '/os/' in variant_path:
+        if '/os/' in variant_path or not imagemap['disc']:
             os_or_ks = 'os'
         if '/kickstart/' in variant_path:
             os_or_ks = 'kickstart'

From f9166541f409cfab4255400d7cde575bb7f734d7 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Sun, 3 Jul 2022 23:27:49 -0700
Subject: [PATCH 33/96] add tweak treeinfo for dnf_utils

---
 iso/empanadas/empanadas/util/dnf_utils.py | 75 ++++++++++++++++++-
 iso/empanadas/empanadas/util/iso_utils.py | 88 -----------------------
 2 files changed, 73 insertions(+), 90 deletions(-)

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index c7e9a79..4332986 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -96,6 +96,7 @@ class RepoSync:
         self.repo = repo
         self.extra_files = rlvars['extra_files']
         self.gpgkey = gpgkey
+        self.checksum = rlvars['checksum']
 
         self.compose_id = '{}-{}-{}'.format(
                 config['shortname'],
@@ -251,8 +252,9 @@ class RepoSync:
         if self.refresh_extra_files and not self.fullrun:
             self.deploy_extra_files(sync_root, global_work_root)
 
-        # This does NOT overwrite treeinfo files. This just ensures they exist
-        # and are configured correctly.
+        # deploy_treeinfo does NOT overwrite any treeinfo files. However,
+        # tweak_treeinfo calls out to a method that does. This should not
+        # cause issues as the method is fairly static in nature.
         if self.refresh_treeinfo and not self.fullrun:
             self.deploy_treeinfo(self.repo, sync_root, self.arch)
             self.tweak_treeinfo(self.repo, sync_root, self.arch)
@@ -1214,6 +1216,75 @@ class RepoSync:
         This modifies treeinfo for the primary repository. If the repository is
         listed in the iso_map as a non-disc, it will be considered for modification.
         """
+        variants_to_tweak = []
+
+        arches_to_tree = self.arches
+        if arch:
+            arches_to_tree = [arch]
+
+        repos_to_tree = self.repos
+        if repo and not self.fullrun:
+            repos_to_tree = [repo]
+
+        for r in repos_to_tree:
+            entry_name_list = []
+            repo_name = r
+            arch_tree = arches_to_tree.copy()
+
+            if r in self.iso_map['images']:
+                variants_to_tweak.append(r)
+
+        for v in variants_to_tweak:
+            for a in arches_to_tree:
+                image = os.path.join(sync_root, v, a, 'os')
+                imagemap = self.iso_map['images'][v]
+                data = {
+                        'arch': a,
+                        'variant': v,
+                        'variant_path': image,
+                        'checksum': self.checksum,
+                        'distname': self.distname,
+                        'fullname': self.fullname,
+                        'shortname': self.shortname,
+                        'release': self.fullversion,
+                        'timestamp': self.timestamp,
+                }
+
+                try:
+                    Shared.treeinfo_modify_write(data, imagemap)
+                except Exception as e:
+                    self.log.error(
+                            '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                            'There was an error writing treeinfo.'
+                    )
+                    self.log.error(e)
+
+                if self.fullrun:
+                    ksimage = os.path.join(sync_root, v, a, 'kickstart')
+                    ksdata = {
+                            'arch': a,
+                            'variant': v,
+                            'variant_path': image,
+                            'checksum': self.checksum,
+                            'distname': self.distname,
+                            'fullname': self.fullname,
+                            'shortname': self.shortname,
+                            'release': self.fullversion,
+                            'timestamp': self.timestamp,
+                    }
+                    ksdata.clear()
+
+                    try:
+                        Shared.treeinfo_modify_write(ksdata, imagemap)
+                    except Exception as e:
+                        self.log.error(
+                                '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                                'There was an error writing treeinfo.'
+                        )
+                        self.log.error(e)
+
+                data.clear()
+                imagemap.clear()
 
     def run_compose_closeout(self):
         """
diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index ee682c9..c61e0fe 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -821,94 +821,6 @@ class IsoBuild:
             )
             self.log.error(e)
 
-        #treeinfo = os.path.join(image, '.treeinfo')
-        #discinfo = os.path.join(image, '.discinfo')
-        #mediarepo = os.path.join(image, 'media.repo')
-        #imagemap = self.iso_map['images'][variant]
-        #primary = imagemap['variant']
-        #repos = imagemap['repos']
-        #is_disc = False
-
-        #if imagemap['disc']:
-        #    is_disc = True
-        #    discnum = 1
-
-        # load up productmd
-        #ti = productmd.treeinfo.TreeInfo()
-        #ti.load(treeinfo)
-
-        # Set the name
-        #ti.release.name = self.distname
-        #ti.release.short = self.shortname
-        # Set the version (the initial lorax run does this, but we are setting
-        # it just in case)
-        #ti.release.version = self.release
-        # Assign the present images into a var as a copy. For each platform,
-        # clear out the present dictionary. For each item and path in the
-        # assigned var, assign it back to the platform dictionary. If the path
-        # is empty, continue. Do checksums afterwards.
-        #plats = ti.images.images.copy()
-        #for platform in ti.images.images:
-        #    ti.images.images[platform] = {}
-        #    for i, p in plats[platform].items():
-        #        if not p:
-        #            continue
-        #        if 'boot.iso' in i and is_disc:
-        #            continue
-        #        ti.images.images[platform][i] = p
-        #        ti.checksums.add(p, self.checksum, root_dir=image)
-
-        # stage2 checksums
-        #if ti.stage2.mainimage:
-        #    ti.checksums.add(ti.stage2.mainimage, self.checksum, root_dir=image)
-
-        #if ti.stage2.instimage:
-        #    ti.checksums.add(ti.stage2.instimage, self.checksum, root_dir=image)
-
-        # If we are a disc, set the media section appropriately.
-        #if is_disc:
-        #    ti.media.discnum = discnum
-        #    ti.media.totaldiscs = discnum
-
-        # Create variants
-        # Note to self: There's a lot of legacy stuff running around for
-        # Fedora, ELN, and RHEL in general. This is the general structure,
-        # apparently. But there could be a chance it'll change. We may need to
-        # put in a configuration to deal with it at some point.
-        #ti.variants.variants.clear()
-        #for y in repos:
-        #    if y in ti.variants.variants.keys():
-        #        vari = ti.variants.variants[y]
-        #    else:
-        #        vari = productmd.treeinfo.Variant(ti)
-
-        #    vari.id = y
-        #    vari.uid = y
-        #    vari.name = y
-        #    vari.type = "variant"
-        #    if is_disc:
-        #        vari.paths.repository = y
-        #        vari.paths.packages = y + "/Packages"
-        #    else:
-        #        if y == primary:
-        #            vari.paths.repository = "."
-        #            vari.paths.packages = "Packages"
-        #        else:
-        #            vari.paths.repository = "../../../" + y + "/" + arch + "/os"
-        #            vari.paths.packages = "../../../" + y + "/" + arch + "/os/Packages"
-
-        #    if y not in ti.variants.variants.keys():
-        #        ti.variants.add(vari)
-
-        #    del vari
-
-        # Set default variant
-        #ti.dump(treeinfo, main_variant=primary)
-        # Set discinfo
-        #Shared.discinfo_write(self.timestamp, self.fullname, arch, discinfo)
-        # Set media.repo
-        #Shared.media_repo_write(self.timestamp, self.fullname, mediarepo)
-
     # Next set of functions are loosely borrowed (in concept) from pungi. Some
     # stuff may be combined/mixed together, other things may be simplified or
     # reduced in nature.

From 93d6bae08c457c4d6c8c12be65f51782ba9f52d3 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Sun, 3 Jul 2022 23:35:03 -0700
Subject: [PATCH 34/96] missing logger

---
 iso/empanadas/empanadas/util/dnf_utils.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 4332986..3bd6af4 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -1236,6 +1236,10 @@ class RepoSync:
 
         for v in variants_to_tweak:
             for a in arches_to_tree:
+                self.log.info(
+                        '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
+                        'Tweaking treeinfo for ' + a + ' ' + v
+                )
                 image = os.path.join(sync_root, v, a, 'os')
                 imagemap = self.iso_map['images'][v]
                 data = {

From f308e87b15f306ab6f17f64b1e7e8295667f61da Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Sun, 3 Jul 2022 23:42:35 -0700
Subject: [PATCH 35/96] add more logging

---
 iso/empanadas/empanadas/util/dnf_utils.py | 4 ++--
 iso/empanadas/empanadas/util/iso_utils.py | 2 +-
 iso/empanadas/empanadas/util/shared.py    | 5 ++++-
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 3bd6af4..ab46555 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -1255,7 +1255,7 @@ class RepoSync:
                 }
 
                 try:
-                    Shared.treeinfo_modify_write(data, imagemap)
+                    Shared.treeinfo_modify_write(data, imagemap, self.log)
                 except Exception as e:
                     self.log.error(
                             '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
@@ -1279,7 +1279,7 @@ class RepoSync:
                     ksdata.clear()
 
                     try:
-                        Shared.treeinfo_modify_write(ksdata, imagemap)
+                        Shared.treeinfo_modify_write(ksdata, imagemap, self.log)
                     except Exception as e:
                         self.log.error(
                                 '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index c61e0fe..f571ba6 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -813,7 +813,7 @@ class IsoBuild:
         }
 
         try:
-            Shared.treeinfo_modify_write(data, imagemap)
+            Shared.treeinfo_modify_write(data, imagemap, self.log)
         except Exception as e:
             self.log.error(
                     '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
diff --git a/iso/empanadas/empanadas/util/shared.py b/iso/empanadas/empanadas/util/shared.py
index 93aa986..8993f1d 100644
--- a/iso/empanadas/empanadas/util/shared.py
+++ b/iso/empanadas/empanadas/util/shared.py
@@ -107,7 +107,7 @@ class Shared:
         ti.dump(file_path)
 
     @staticmethod
-    def treeinfo_modify_write(data, imagemap):
+    def treeinfo_modify_write(data, imagemap, logger):
         """
         Modifies a specific treeinfo with already available data. This is in
         the case of modifying treeinfo for primary repos or images.
@@ -211,10 +211,13 @@ class Shared:
             del vari
 
         # Set default variant
+        logger.info('Writing treeinfo')
         ti.dump(treeinfo, main_variant=primary)
         # Set discinfo
+        logger.info('Writing discinfo')
         Shared.discinfo_write(timestamp, fullname, arch, discinfo)
         # Set media.repo
+        logger.info('Writing media.repo')
         Shared.media_repo_write(timestamp, fullname, mediarepo)
 
     @staticmethod

From b78c4a774da7d0fbf0ccf06adeefdce6578406f0 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Sun, 3 Jul 2022 23:50:08 -0700
Subject: [PATCH 36/96] reverse for loops

---
 iso/empanadas/empanadas/util/dnf_utils.py | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index ab46555..a40045d 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -1234,8 +1234,8 @@ class RepoSync:
             if r in self.iso_map['images']:
                 variants_to_tweak.append(r)
 
-        for v in variants_to_tweak:
-            for a in arches_to_tree:
+        for a in arches_to_tree:
+            for v in variants_to_tweak:
                 self.log.info(
                         '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
                         'Tweaking treeinfo for ' + a + ' ' + v
@@ -1287,9 +1287,6 @@ class RepoSync:
                         )
                         self.log.error(e)
 
-                data.clear()
-                imagemap.clear()
-
     def run_compose_closeout(self):
         """
         Closes out a compose as file. This ensures kickstart repositories are

From d84a686102a36cd8e6be06ae8058e5a08145b9a7 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Mon, 4 Jul 2022 00:53:39 -0700
Subject: [PATCH 37/96] add live root logic before sign off

---
 iso/empanadas/empanadas/util/dnf_utils.py | 45 +++++++++++++++++++++--
 iso/empanadas/empanadas/util/shared.py    |  2 +
 2 files changed, 43 insertions(+), 4 deletions(-)

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index a40045d..8f74a8b 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -1234,6 +1234,13 @@ class RepoSync:
             if r in self.iso_map['images']:
                 variants_to_tweak.append(r)
 
+        if not len(variants_to_tweak) > 0:
+            self.log.info(
+                    '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
+                    'No treeinfo to tweak.'
+            )
+            return
+
         for a in arches_to_tree:
             for v in variants_to_tweak:
                 self.log.info(
@@ -1289,10 +1296,9 @@ class RepoSync:
 
     def run_compose_closeout(self):
         """
-        Closes out a compose as file. This ensures kickstart repositories are
-        made, the treeinfo is modifed for the primary repository, syncs
-        work/isos to compose/isos, and combines all checksum files per arch
-        into a final CHECKSUM file.
+        Closes out a compose. This ensures the ISO's are synced from work/isos
+        to compose/isos, checks for live media and syncs as well from work/live
+        to compose/live, deploys final metadata.
         """
         # latest-X-Y should exist at all times for this to work.
         work_root = os.path.join(
@@ -1332,6 +1338,11 @@ class RepoSync:
                 "isos"
         )
 
+        live_root = os.path.join(
+                work_root,
+                "live"
+        )
+
         global_work_root = os.path.join(
                 work_root,
                 "global",
@@ -1366,6 +1377,32 @@ class RepoSync:
                     message
             )
 
+        if os.path.exists(live_root):
+            self.log.info(
+                    '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
+                    'Starting to sync live images to compose'
+            )
+
+            if os.path.exists('/usr/bin/fpsync'):
+                message, ret = Shared.fpsync_method(iso_root, sync_iso_root, tmp_dir)
+            elif os.path.exists('/usr/bin/parallel') and os.path.exists('/usr/bin/rsync'):
+                message, ret = Shared.rsync_method(iso_root, sync_iso_root)
+
+            if ret != 0:
+                self.log.error(
+                        '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                        message
+                )
+            else:
+                self.log.info(
+                        '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
+                        message
+                )
+
+        # Combine all checksums here
+        # Deploy final metadata for a close out
+        self.deploy_metadata(sync_root)
+
 class SigRepoSync:
     """
     This helps us do reposync operations for SIG's. Do not use this for the
diff --git a/iso/empanadas/empanadas/util/shared.py b/iso/empanadas/empanadas/util/shared.py
index 8993f1d..bd9fe53 100644
--- a/iso/empanadas/empanadas/util/shared.py
+++ b/iso/empanadas/empanadas/util/shared.py
@@ -505,3 +505,5 @@ class Shared:
         switches = '-av --chown=10004:10005 --progress --relative --human-readable'
 
         os.makedirs(dest, exist_ok=True)
+
+        return 'Not available', 1

From 7365ca6b06bea78b4d1c5fed79ab80399ac352ea Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Mon, 4 Jul 2022 12:06:31 -0400
Subject: [PATCH 38/96] various cleanup of image build script

* reorder imports
* pass cli arguments directly into class for simplification and
  segregation
* reorder class variables
* Some error checking to ensure we're writing what we want to
* Allow copy(upload?) step to be skipped
* properly consume stdout and stderr from popen to avoid exception when
  FD is closed but trying to be read by the subprocess_log function
---
 .../empanadas/scripts/build_image.py          | 87 ++++++++++++-------
 1 file changed, 57 insertions(+), 30 deletions(-)

diff --git a/iso/empanadas/empanadas/scripts/build_image.py b/iso/empanadas/empanadas/scripts/build_image.py
index f03ec42..cc696b5 100644
--- a/iso/empanadas/empanadas/scripts/build_image.py
+++ b/iso/empanadas/empanadas/scripts/build_image.py
@@ -5,17 +5,16 @@ import argparse
 import datetime
 import json
 import logging
-import subprocess
-import sys
-import time
 import os
-import tempfile
 import pathlib
 import platform
+import subprocess
+import sys
+import tempfile
+import time
 
-from botocore import args
 from attrs import define, Factory, field, asdict
-
+from botocore import args
 from jinja2 import Environment, FileSystemLoader, Template
 from typing import Callable, List, NoReturn, Optional, Tuple, IO, Union
 
@@ -60,26 +59,27 @@ BUILDTIME = datetime.datetime.utcnow()
 class ImageBuild:
     architecture: Architecture = field()
     base_uuid: Optional[str] = field(default="")
+    cli_args: argparse.Namespace = field()
     command_args: List[str] = field(factory=list)
     common_args: List[str] = field(factory=list)
     debug: bool = field(default=False)
+    fedora_release: int = field()
     image_type: str = field()
     job_template: Optional[Template] = field(init=False)
     kickstart_arg: List[str] = field(factory=list)
+    metadata: pathlib.Path = field(init=False)
     out_type: str = field(init=False)
     outdir: pathlib.Path = field(init=False) 
     outname: str = field(init=False)
     package_args: List[str] = field(factory=list)
+    release: int = field(default=0)
+    revision: Optional[int] = field()
+    stage_commands: Optional[List[List[Union[str,Callable]]]] = field(init=False)
     target_uuid: Optional[str] = field(default="")
     tdl_path: pathlib.Path = field(init=False)
     template: Template = field()
     type_variant: str = field(init=False) 
-    stage_commands: Optional[List[List[Union[str,Callable]]]] = field(init=False)
     variant: Optional[str] = field()
-    revision: Optional[int] = field()
-    metadata: pathlib.Path = field(init=False)
-    fedora_release: int = field()
-    release: int = field(default=0)
 
     def __attrs_post_init__(self):
         self.tdl_path = self.render_icicle_template()
@@ -121,6 +121,8 @@ class ImageBuild:
                     self.target_uuid = o['target_uuid']
                 except json.decoder.JSONDecodeError as e:
                     log.exception("Couldn't decode metadata file", e)
+                finally:
+                    f.flush()
 
     def output_name(self):
         return f"Rocky-{self.architecture.version}-{self.type_variant}.{BUILDTIME.strftime('%Y%m%d')}.{self.release}.{self.architecture.name}"
@@ -132,10 +134,10 @@ class ImageBuild:
         args_mapping = {
             "debug": "--debug" 
         }
-        return [param for name, param in args_mapping.items() if getattr(results,name)]
+        return [param for name, param in args_mapping.items() if getattr(self.cli_args, name)]
 
     def _package_args(self) -> List[str]:
-        if results.type == "Container":
+        if self.image_type == "Container":
             return ["--parameter", "compress", "xz"]
         return [""]
 
@@ -143,7 +145,7 @@ class ImageBuild:
         args = []
         if self.image_type == "Container":
             args = ["--parameter", "offline_icicle", "true"]
-        if self.image_type == "GenericCloud":
+        if self.image_type in ["GenericCloud", "EC2"]:
             args = ["--parameter", "generate_icicle", "false"]
         return args
 
@@ -173,7 +175,7 @@ class ImageBuild:
                 architecture=self.architecture.name,
                 fedora_version=self.fedora_release,
                 iso8601date=BUILDTIME.strftime("%Y%m%d"),
-                installdir="kickstart" if results.kickstartdir else "os",
+                installdir="kickstart" if self.cli_args.kickstartdir else "os",
                 major=self.architecture.version,
                 release=self.release,
                 size="10G",
@@ -183,7 +185,11 @@ class ImageBuild:
             )
             tmp.write(_template.encode())
             tmp.flush()
-        return pathlib.Path(output)
+        output = pathlib.Path(output)
+        if not output.exists():
+            log.error("Failed to write TDL template")
+            raise Exception("Failed to write TDL template")
+        return output
 
     def build_command(self) -> List[str]:
         build_command = ["imagefactory", *self.command_args, "base_image", *self.common_args, *self.kickstart_arg, self.tdl_path
@@ -219,6 +225,7 @@ class ImageBuild:
 
     def package(self) -> int: 
         # Some build types don't need to be packaged by imagefactory
+        # @TODO remove business logic if possible
         if self.image_type == "GenericCloud":
             self.target_uuid = self.base_uuid if hasattr(self, 'base_uuid') else ""
 
@@ -243,15 +250,21 @@ class ImageBuild:
 
         return all(ret > 0 for ret in returns)
 
-    def copy(self) -> int:
+    def copy(self, skip=False) -> int:
         # move or unpack if necessary
+        log.info("Executing staging commands")
         if (stage := self.stage() > 0):
             raise Exception(stage)
 
-        ret, out, err, _ = self.runCmd(self.copy_command(), search=False) 
-        return ret
+        if not skip:
+            log.info("Copying files to output directory")
+            ret, out, err, _ = self.runCmd(self.copy_command(), search=False) 
+            return ret
 
-    def runCmd(self, command: List[Union[str, Callable]], search: bool = True) -> Tuple[int, Union[IO[bytes],None], Union[IO[bytes],None], Union[str,None]]:
+        log.info(f"Build complete! Output available in {self.outdir}/")
+        return 0
+
+    def runCmd(self, command: List[Union[str, Callable]], search: bool = True) -> Tuple[int, Union[bytes,None], Union[bytes,None], Union[str,None]]:
         prepared, _ = self.prepare_command(command)
         log.info(f"Running command: {' '.join(prepared)}")
 
@@ -263,6 +276,7 @@ class ImageBuild:
 
         with subprocess.Popen(prepared,  **kwargs) as p:
             uuid = None
+            # @TODO implement this as a callback?
             if search:
                 for _, line in enumerate(p.stdout): # type: ignore
                     ln = line.decode()
@@ -270,12 +284,14 @@ class ImageBuild:
                         uuid = ln.split(" ")[-1]
                         log.debug(f"found uuid: {uuid}")
                 
-            res = p.wait(), p.stdout, p.stdin, uuid
+            out, err = p.communicate()
+            res = p.wait(), out, err, uuid
+
             if res[0] > 0:
                 log.error(f"Problem while executing command: '{prepared}'")
             if search and not res[3]:
                 log.error("UUID not found in stdout. Dumping stdout and stderr")
-                self.log_subprocess(res)
+            self.log_subprocess(res)
 
             return res
 
@@ -292,14 +308,17 @@ class ImageBuild:
         r = []
         return r, [r.append(c()) if (callable(c) and c.__name__ == '<lambda>') else r.append(str(c)) for c in command_list]
 
-    def log_subprocess(self, result: Tuple[int, Union[IO[bytes], None], Union[IO[bytes], None], Union[str, None]]):
+    def log_subprocess(self, result: Tuple[int, Union[bytes, None], Union[bytes, None], Union[str, None]]):
         def log_lines(title, lines):
             log.info(f"====={title}=====")
-            for _, line in lines:
-                log.info(line.decode())
+            log.info(lines.decode())
         log.info(f"Command return code: {result[0]}")
-        log_lines("Command STDOUT", enumerate(result[1])) # type: ignore
-        log_lines("Command STDERR", enumerate(result[2])) # type: ignore
+        stdout = result[1]
+        stderr = result[2]
+        if stdout:
+            log_lines("Command STDOUT", stdout)
+        if stderr:
+            log_lines("Command STDERR", stderr)
 
     def render_kubernetes_job(self):
         commands = [self.build_command(), self.package_command(), self.copy_command()]
@@ -320,9 +339,16 @@ class ImageBuild:
 
     def save(self):
         with open(pathlib.Path(self.outdir, "metadata.json"), "w") as f:
-            o = { name: getattr(self, name) for name in ["base_uuid", "target_uuid"] }
-            log.debug(o)
-            json.dump(o, f)
+            try: 
+                o = { name: getattr(self, name) for name in ["base_uuid", "target_uuid"] }
+                log.debug(o)
+                json.dump(o, f)
+            except AttributeError as e:
+                log.error("Couldn't find attribute in object. Something is probably wrong", e)
+            except Exception as e:
+                log.exception(e)
+            finally:
+                f.flush()   
 
 def run():
     try:
@@ -340,6 +366,7 @@ def run():
     for architecture in arches:
         IB = ImageBuild(
                 architecture=Architecture.New(architecture, major),
+                cli_args=results,
                 debug=results.debug,
                 fedora_release=rlvars['fedora_release'],
                 image_type=results.type, 

From 04e7e1d1648ef7e2db8d3d8a2d12489289803844 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Mon, 4 Jul 2022 11:31:24 -0700
Subject: [PATCH 39/96] Bump to 0.2.0

* Add metadata with README information
* Bump to 0.2.0
* Move more functions into shared
---
 iso/empanadas/empanadas/__init__.py           |   2 +-
 iso/empanadas/empanadas/templates/README.tmpl |  25 ++-
 .../empanadas/templates/extraisobuild.tmpl.sh |   2 +
 .../empanadas/templates/isobuild.tmpl.sh      |   2 +
 iso/empanadas/empanadas/util/dnf_utils.py     |  12 ++
 iso/empanadas/empanadas/util/iso_utils.py     | 148 ++++--------------
 iso/empanadas/empanadas/util/shared.py        | 117 +++++++++++++-
 iso/empanadas/tests/test_empanadas.py         |   2 +-
 8 files changed, 187 insertions(+), 123 deletions(-)

diff --git a/iso/empanadas/empanadas/__init__.py b/iso/empanadas/empanadas/__init__.py
index b794fd4..7fd229a 100644
--- a/iso/empanadas/empanadas/__init__.py
+++ b/iso/empanadas/empanadas/__init__.py
@@ -1 +1 @@
-__version__ = '0.1.0'
+__version__ = '0.2.0'
diff --git a/iso/empanadas/empanadas/templates/README.tmpl b/iso/empanadas/empanadas/templates/README.tmpl
index 726ab3a..4e4828b 100644
--- a/iso/empanadas/empanadas/templates/README.tmpl
+++ b/iso/empanadas/empanadas/templates/README.tmpl
@@ -2,5 +2,26 @@ These set of repositories (or "compose") is for {{ fullname }} and was generated
 using Empanadas {{ version }} from the SIG/Core Toolkit.
 
 As this is not a traditional compose, there will be things that you might be
-expecting and do not see, or not expecting and do see.. While we attempted to
-recreate a lot of those elements, it's not perfect.
+expecting and do not see, or not expecting and do see. While we attempted to
+recreate a lot of those elements, it's not perfect. In the future, we do plan on
+having more metadata and providing a client libraries that can ingest this type
+of metadata that we produce for easy consumption.
+
+# Notes #
+
+## Checksums ##
+
+CHECKSUM Validation: https://github.com/rocky-linux/checksums
+
+Traditionally, we would to "sign" the checksum files with the current GPG key
+of a major release. However, due to how the new build system operates and for
+ensuring strong security within the build system as it pertains the signing
+keys, this is no longer possible. It was determined by SIG/Core or Release
+Engineering to instead provide verified signed commits using our keys with
+RESF/Rocky Linux email domain names to a proper git repository.
+
+With that being said, if you are looking for "verification" of the ISO
+checksums, it is highly recommended to visit the link above.
+
+These are *always* updated with new releases or new images. This includes
+live images as we release them.
diff --git a/iso/empanadas/empanadas/templates/extraisobuild.tmpl.sh b/iso/empanadas/empanadas/templates/extraisobuild.tmpl.sh
index 4d42901..df51333 100644
--- a/iso/empanadas/empanadas/templates/extraisobuild.tmpl.sh
+++ b/iso/empanadas/empanadas/templates/extraisobuild.tmpl.sh
@@ -3,6 +3,8 @@
 # under extreme circumstances should you be filling this out and running
 # manually.
 
+set -o pipefail
+
 # Vars
 MOCK_CFG="/var/tmp/lorax-{{ major }}.cfg"
 MOCK_ROOT="/var/lib/mock/{{ shortname|lower }}-{{ major }}-{{ arch }}"
diff --git a/iso/empanadas/empanadas/templates/isobuild.tmpl.sh b/iso/empanadas/empanadas/templates/isobuild.tmpl.sh
index 95184b6..28398e3 100644
--- a/iso/empanadas/empanadas/templates/isobuild.tmpl.sh
+++ b/iso/empanadas/empanadas/templates/isobuild.tmpl.sh
@@ -2,6 +2,8 @@
 # This is a template that is used to build ISO's for Rocky Linux. Only under
 # extreme circumstances should you be filling this out and running manually.
 
+set -o pipefail
+
 # Vars
 MOCK_CFG="/var/tmp/lorax-{{ major }}.cfg"
 MOCK_ROOT="/var/lib/mock/{{ shortname|lower }}-{{ major }}-{{ arch }}"
diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 8f74a8b..1f6ab3b 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -18,6 +18,7 @@ import json
 
 from jinja2 import Environment, FileSystemLoader
 
+import empanadas
 from empanadas.common import Color, _rootdir
 from empanadas.util import Shared
 
@@ -987,6 +988,17 @@ class RepoSync:
                 'Metadata files phase completed.'
         )
 
+        # Deploy README to metadata directory
+        readme_template = self.tmplenv.get_template('README.tmpl')
+        readme_output = readme_template.render(
+                fullname=self.fullname,
+                version=empanadas.__version__
+        )
+
+        with open(metadata_dir + '/README') as readme_file:
+            readme_file.write(readme_output)
+            readme_file.close()
+
 
     def deploy_treeinfo(self, repo, sync_root, arch):
         """
diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index f571ba6..a9a80fa 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -15,11 +15,11 @@ import tarfile
 import shutil
 
 # lazy person's s3 parser
-import requests
-import json
-import xmltodict
+#import requests
+#import json
+#import xmltodict
 # if we can access s3
-import boto3
+#import boto3
 # relative_path, compute_file_checksums
 import kobo.shortcuts
 from fnmatch import fnmatch
@@ -122,8 +122,8 @@ class IsoBuild:
         self.s3_bucket = config['bucket']
         self.s3_bucket_url = config['bucket_url']
 
-        if s3:
-            self.s3 = boto3.client('s3')
+        #if s3:
+        #    self.s3 = boto3.client('s3')
 
         # arch specific
         self.hfs_compat = hfs_compat
@@ -352,9 +352,21 @@ class IsoBuild:
                 'Determining the latest pulls...'
         )
         if self.s3:
-            latest_artifacts = self._s3_determine_latest()
+            latest_artifacts = Shared.s3_determine_latest(
+                    self.s3_bucket,
+                    self.release,
+                    self.arches,
+                    'tar.gz',
+                    self.log
+            )
         else:
-            latest_artifacts = self._reqs_determine_latest()
+            latest_artifacts = Shared.reqs_determine_latest(
+                    self.s3_bucket_url,
+                    self.release,
+                    self.arches,
+                    'tar.gz',
+                    self.log
+            )
 
         self.log.info(
                 '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
@@ -381,16 +393,20 @@ class IsoBuild:
                     'Downloading artifact for ' + Color.BOLD + arch + Color.END
             )
             if self.s3:
-                self._s3_download_artifacts(
+                Shared.s3_download_artifacts(
                         self.force_download,
+                        self.s3_bucket,
                         source_path,
-                        full_drop
+                        full_drop,
+                        self.log
                 )
             else:
-                self._reqs_download_artifacts(
+                Shared.reqs_download_artifacts(
                         self.force_download,
+                        self.s3_bucket_url,
                         source_path,
-                        full_drop
+                        full_drop,
+                        self.log
                 )
         self.log.info(
                 '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
@@ -464,111 +480,6 @@ class IsoBuild:
                     )
                     self._copy_nondisc_to_repo(self.force_unpack, arch, variant)
 
-
-    def _s3_determine_latest(self):
-        """
-        Using native s3, determine the latest artifacts and return a dict
-        """
-        temp = []
-        data = {}
-        try:
-            self.s3.list_objects(Bucket=self.s3_bucket)['Contents']
-        except:
-            self.log.error(
-                        '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                        'Cannot access s3 bucket.'
-            )
-            raise SystemExit()
-
-        for y in self.s3.list_objects(Bucket=self.s3_bucket)['Contents']:
-            if 'tar.gz' in y['Key'] and self.release in y['Key']:
-                temp.append(y['Key'])
-
-        for arch in self.arches:
-            temps = []
-            for y in temp:
-                if arch in y:
-                    temps.append(y)
-            temps.sort(reverse=True)
-            data[arch] = temps[0]
-
-        return data
-
-    def _s3_download_artifacts(self, force_download, source, dest):
-        """
-        Download the requested artifact(s) via s3
-        """
-        if os.path.exists(dest):
-            if not force_download:
-                self.log.warn(
-                        '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                        'Artifact at ' + dest + ' already exists'
-                )
-                return
-
-        self.log.info('Downloading ({}) to: {}'.format(source, dest))
-        try:
-            self.s3.download_file(
-                    Bucket=self.s3_bucket,
-                    Key=source,
-                    Filename=dest
-            )
-        except:
-            self.log.error('There was an issue downloading from %s' % self.s3_bucket)
-
-    def _reqs_determine_latest(self):
-        """
-        Using requests, determine the latest artifacts and return a list
-        """
-        temp = []
-        data = {}
-
-        try:
-            bucket_data = requests.get(self.s3_bucket_url)
-        except requests.exceptions.RequestException as e:
-            self.log.error('The s3 bucket http endpoint is inaccessible')
-            raise SystemExit(e)
-
-        resp = xmltodict.parse(bucket_data.content)
-
-        for y in resp['ListBucketResult']['Contents']:
-            if 'tar.gz' in y['Key'] and self.release in y['Key']:
-                temp.append(y['Key'])
-
-        for arch in self.arches:
-            temps = []
-            for y in temp:
-                if arch in y:
-                    temps.append(y)
-            temps.sort(reverse=True)
-            data[arch] = temps[0]
-
-        return data
-
-    def _reqs_download_artifacts(self, force_download, source, dest):
-        """
-        Download the requested artifact(s) via requests only
-        """
-        if os.path.exists(dest):
-            if not force_download:
-                self.log.warn(
-                        '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                        'Artifact at ' + dest + ' already exists'
-                )
-                return
-        unurl = self.s3_bucket_url + '/' + source
-
-        self.log.info('Downloading ({}) to: {}'.format(source, dest))
-        try:
-            with requests.get(unurl, allow_redirects=True) as r:
-                with open(dest, 'wb') as f:
-                    f.write(r.content)
-                    f.close()
-                r.close()
-        except requests.exceptions.RequestException as e:
-            self.log.error('There was a problem downloading the artifact')
-            raise SystemExit(e)
-
     def _unpack_artifacts(self, force_unpack, arch, tarball):
         """
         Unpack the requested artifacts(s)
@@ -729,7 +640,8 @@ class IsoBuild:
         if not os.path.exists(pathway):
             self.log.error(
                     '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                    'Repo and Image variant do NOT match'
+                    'Repo and Image variant either does NOT match or does ' +
+                    'NOT exist. Are you sure you have synced the repository?'
             )
 
         if not force_unpack:
diff --git a/iso/empanadas/empanadas/util/shared.py b/iso/empanadas/empanadas/util/shared.py
index bd9fe53..58525f8 100644
--- a/iso/empanadas/empanadas/util/shared.py
+++ b/iso/empanadas/empanadas/util/shared.py
@@ -6,7 +6,11 @@ import hashlib
 import shlex
 import subprocess
 import yaml
+import requests
+import boto3
+import xmltodict
 import productmd.treeinfo
+import empanadas
 from empanadas.common import Color
 
 class ArchCheck:
@@ -233,7 +237,7 @@ class Shared:
         metadata = {
                 "header": {
                     "name": "empanadas",
-                    "version": "0.2.0",
+                    "version": empanadas.__version__,
                     "type": "toolkit",
                     "maintainer": "SIG/Core"
                 },
@@ -507,3 +511,114 @@ class Shared:
         os.makedirs(dest, exist_ok=True)
 
         return 'Not available', 1
+
+    @staticmethod
+    def s3_determine_latest(s3_bucket, release, arches, filetype, logger):
+        """
+        Using native s3, determine the latest artifacts and return a dict
+        """
+        temp = []
+        data = {}
+        s3 = boto3.client('s3')
+
+        try:
+            s3.list_objects(Bucket=s3_bucket)['Contents']
+        except:
+            logger.error(
+                        '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                        'Cannot access s3 bucket.'
+            )
+            raise SystemExit()
+
+        for y in s3.list_objects(Bucket=s3_bucket)['Contents']:
+            if filetype in y['Key'] and release in y['Key']:
+                temp.append(y['Key'])
+
+        for arch in arches:
+            temps = []
+            for y in temp:
+                if arch in y:
+                    temps.append(y)
+            temps.sort(reverse=True)
+            data[arch] = temps[0]
+
+        return data
+
+    @staticmethod
+    def s3_download_artifacts(force_download, s3_bucket, source, dest, logger):
+        """
+        Download the requested artifact(s) via s3
+        """
+        s3 = boto3.client('s3')
+        if os.path.exists(dest):
+            if not force_download:
+                logger.warn(
+                        '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
+                        'Artifact at ' + dest + ' already exists'
+                )
+                return
+
+        logger.info('Downloading ({}) to: {}'.format(source, dest))
+        try:
+            s3.download_file(
+                    Bucket=s3_bucket,
+                    Key=source,
+                    Filename=dest
+            )
+        except:
+            logger.error('There was an issue downloading from %s' % s3_bucket)
+
+    @staticmethod
+    def reqs_determine_latest(s3_bucket_url, release, arches, filetype, logger):
+        """
+        Using requests, determine the latest artifacts and return a list
+        """
+        temp = []
+        data = {}
+
+        try:
+            bucket_data = requests.get(s3_bucket_url)
+        except requests.exceptions.RequestException as e:
+            logger.error('The s3 bucket http endpoint is inaccessible')
+            raise SystemExit(e)
+
+        resp = xmltodict.parse(bucket_data.content)
+
+        for y in resp['ListBucketResult']['Contents']:
+            if filetype in y['Key'] and release in y['Key']:
+                temp.append(y['Key'])
+
+        for arch in arches:
+            temps = []
+            for y in temp:
+                if arch in y:
+                    temps.append(y)
+            temps.sort(reverse=True)
+            data[arch] = temps[0]
+
+        return data
+
+    @staticmethod
+    def reqs_download_artifacts(force_download, s3_bucket_url, source, dest, logger):
+        """
+        Download the requested artifact(s) via requests only
+        """
+        if os.path.exists(dest):
+            if not force_download:
+                logger.warn(
+                        '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
+                        'Artifact at ' + dest + ' already exists'
+                )
+                return
+        unurl = s3_bucket_url + '/' + source
+
+        logger.info('Downloading ({}) to: {}'.format(source, dest))
+        try:
+            with requests.get(unurl, allow_redirects=True) as r:
+                with open(dest, 'wb') as f:
+                    f.write(r.content)
+                    f.close()
+                r.close()
+        except requests.exceptions.RequestException as e:
+            logger.error('There was a problem downloading the artifact')
+            raise SystemExit(e)
diff --git a/iso/empanadas/tests/test_empanadas.py b/iso/empanadas/tests/test_empanadas.py
index 4561768..195fc4b 100644
--- a/iso/empanadas/tests/test_empanadas.py
+++ b/iso/empanadas/tests/test_empanadas.py
@@ -2,4 +2,4 @@ from empanadas import __version__
 
 
 def test_version():
-    assert __version__ == '0.1.0'
+    assert __version__ == '0.2.0'

From 55abe763ef17c99c4a055484803d8992da1c0bab Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Mon, 4 Jul 2022 14:41:39 -0400
Subject: [PATCH 40/96] Refactor Architecture class and fix names for output
 files

---
 iso/empanadas/empanadas/common.py              | 11 +++++++----
 iso/empanadas/empanadas/scripts/build_image.py | 16 +++++++---------
 2 files changed, 14 insertions(+), 13 deletions(-)

diff --git a/iso/empanadas/empanadas/common.py b/iso/empanadas/empanadas/common.py
index 796f472..01e90b8 100644
--- a/iso/empanadas/empanadas/common.py
+++ b/iso/empanadas/empanadas/common.py
@@ -118,14 +118,17 @@ def valid_type_variant(_type: str, variant: str="") -> bool:
     return True
 
 from attrs import define, field
-@define
+@define(kw_only=True)
 class Architecture:
     name: str = field()
     version: str = field()
+    major: int = field(converter=int)
+    minor: int = field(converter=int)
 
     @classmethod
-    def New(cls, architecture: str, version: int):
-        if architecture not in rldict[version]["allowed_arches"]:
+    def from_version(cls, architecture: str, version: str):
+        major, minor = str.split(version, ".")
+        if architecture not in rldict[major]["allowed_arches"]:
             print("Invalid architecture/version combo, skipping")
             exit()
-        return cls(architecture, version)
+        return cls(name=architecture, version=version, major=major, minor=minor)
diff --git a/iso/empanadas/empanadas/scripts/build_image.py b/iso/empanadas/empanadas/scripts/build_image.py
index cc696b5..f13afe3 100644
--- a/iso/empanadas/empanadas/scripts/build_image.py
+++ b/iso/empanadas/empanadas/scripts/build_image.py
@@ -73,7 +73,6 @@ class ImageBuild:
     outname: str = field(init=False)
     package_args: List[str] = field(factory=list)
     release: int = field(default=0)
-    revision: Optional[int] = field()
     stage_commands: Optional[List[List[Union[str,Callable]]]] = field(init=False)
     target_uuid: Optional[str] = field(default="")
     tdl_path: pathlib.Path = field(init=False)
@@ -100,7 +99,7 @@ class ImageBuild:
             self.stage_commands = [
                     ["tar", "-C", f"{self.outdir}", "--strip-components=1", "-x", "-f", lambda: f"{STORAGE_DIR}/{self.target_uuid}.body", "*/layer.tar"]
             ]
-        if self.image_type == "GenericCloud":
+        if self.image_type in ["GenericCloud", "EC2"]:
             self.stage_commands = [
                     ["qemu-img", "convert", "-f", "raw", "-O", "qcow2", lambda: f"{STORAGE_DIR}/{self.target_uuid}.body", f"{self.outdir}/{self.outname}.qcow2"]
             ]
@@ -125,7 +124,7 @@ class ImageBuild:
                     f.flush()
 
     def output_name(self):
-        return f"Rocky-{self.architecture.version}-{self.type_variant}.{BUILDTIME.strftime('%Y%m%d')}.{self.release}.{self.architecture.name}"
+        return f"Rocky-{self.architecture.major}-{self.type_variant}-{self.architecture.version}-{BUILDTIME.strftime('%Y%m%d')}.{self.release}.{self.architecture.name}"
     
     def type_variant_name(self):
         return self.image_type if not self.variant else f"{self.image_type}-{self.variant.capitalize()}"
@@ -156,7 +155,7 @@ class ImageBuild:
         return mapping[self.image_type] if self.image_type in mapping.keys() else ''
 
     def kickstart_imagefactory_args(self) -> List[str]:
-        kickstart_path = pathlib.Path(f"{KICKSTART_PATH}/Rocky-{self.architecture.version}-{self.type_variant}.ks")
+        kickstart_path = pathlib.Path(f"{KICKSTART_PATH}/Rocky-{self.architecture.major}-{self.type_variant}.ks")
 
         if not kickstart_path.is_file():
             log.warn(f"Kickstart file is not available: {kickstart_path}")
@@ -176,12 +175,12 @@ class ImageBuild:
                 fedora_version=self.fedora_release,
                 iso8601date=BUILDTIME.strftime("%Y%m%d"),
                 installdir="kickstart" if self.cli_args.kickstartdir else "os",
-                major=self.architecture.version,
+                major=self.architecture.major,
                 release=self.release,
                 size="10G",
                 type=self.image_type,
                 utcnow=BUILDTIME,
-                version_variant=self.revision if not self.variant else f"{self.revision}-{self.variant}",
+                version_variant=self.architecture.version if not self.variant else f"{self.architecture.version}-{self.variant}",
             )
             tmp.write(_template.encode())
             tmp.flush()
@@ -226,7 +225,7 @@ class ImageBuild:
     def package(self) -> int: 
         # Some build types don't need to be packaged by imagefactory
         # @TODO remove business logic if possible
-        if self.image_type == "GenericCloud":
+        if self.image_type in ["GenericCloud", "EC2"]:
             self.target_uuid = self.base_uuid if hasattr(self, 'base_uuid') else ""
 
         if self.target_uuid:
@@ -365,13 +364,12 @@ def run():
 
     for architecture in arches:
         IB = ImageBuild(
-                architecture=Architecture.New(architecture, major),
+                architecture=Architecture.from_version(architecture, rlvars['revision']),
                 cli_args=results,
                 debug=results.debug,
                 fedora_release=rlvars['fedora_release'],
                 image_type=results.type, 
                 release=results.release if results.release else 0,
-                revision=rlvars['revision'],
                 template=tdl_template,
                 variant=results.variant,
         )

From 9536ab07438e4c69740838f27c5dffa748d06600 Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Mon, 4 Jul 2022 14:44:17 -0400
Subject: [PATCH 41/96] Update CI for both image types for now

---
 .github/workflows/imagefactory-image.yml | 47 ++++++++++++++++++++++++
 .github/workflows/mix-empanadas.yml      |  4 +-
 2 files changed, 49 insertions(+), 2 deletions(-)
 create mode 100644 .github/workflows/imagefactory-image.yml

diff --git a/.github/workflows/imagefactory-image.yml b/.github/workflows/imagefactory-image.yml
new file mode 100644
index 0000000..8934bb9
--- /dev/null
+++ b/.github/workflows/imagefactory-image.yml
@@ -0,0 +1,47 @@
+---
+name: Build empanada container images
+
+on:
+  push:
+    branches: [ $default-branch, "devel" ]
+  pull_request:
+    branches: [ $default-branch ]
+  workflow_dispatch:
+
+jobs:
+  buildx:
+    runs-on: 
+      - ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+      # https://github.com/docker/setup-buildx-action
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v1
+        with:
+          install: true
+
+      - name: Login to ghcr
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push
+        id: docker_build
+        uses: docker/build-push-action@v2
+        with:
+          builder: ${{ steps.buildx.outputs.name }}
+          platforms: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le
+          context: ./iso/empanadas
+          file: ./iso/empanadas/Containerfile.imagebuild
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ghcr.io/rocky-linux/empanadas-imagebuild:latest
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
diff --git a/.github/workflows/mix-empanadas.yml b/.github/workflows/mix-empanadas.yml
index ebae78d..7ee3791 100644
--- a/.github/workflows/mix-empanadas.yml
+++ b/.github/workflows/mix-empanadas.yml
@@ -40,8 +40,8 @@ jobs:
           builder: ${{ steps.buildx.outputs.name }}
           platforms: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le
           context: ./iso/empanadas
-          file: ./iso/empanadas/Containerfile
+          file: ./iso/empanadas/Containerfile.imagefactory
           push: ${{ github.event_name != 'pull_request' }}
-          tags: ghcr.io/rocky-linux/sig-core-toolkit:latest
+          tags: ghcr.io/rocky-linux/empanadas-imagefactory:latest
           cache-from: type=gha
           cache-to: type=gha,mode=max

From 843f412923fb567287a0e0951a2741db8b9458e0 Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Mon, 4 Jul 2022 14:47:26 -0400
Subject: [PATCH 42/96] Fix names for builds

---
 .github/workflows/imagefactory-image.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/imagefactory-image.yml b/.github/workflows/imagefactory-image.yml
index 8934bb9..7ee3791 100644
--- a/.github/workflows/imagefactory-image.yml
+++ b/.github/workflows/imagefactory-image.yml
@@ -40,8 +40,8 @@ jobs:
           builder: ${{ steps.buildx.outputs.name }}
           platforms: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le
           context: ./iso/empanadas
-          file: ./iso/empanadas/Containerfile.imagebuild
+          file: ./iso/empanadas/Containerfile.imagefactory
           push: ${{ github.event_name != 'pull_request' }}
-          tags: ghcr.io/rocky-linux/empanadas-imagebuild:latest
+          tags: ghcr.io/rocky-linux/empanadas-imagefactory:latest
           cache-from: type=gha
           cache-to: type=gha,mode=max

From 340a6a337715e4b70adf413df97967bfed88a5a3 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Mon, 4 Jul 2022 12:23:04 -0700
Subject: [PATCH 43/96] add checksum combine for close out

---
 iso/empanadas/empanadas/templates/README.tmpl | 11 ++++++-----
 iso/empanadas/empanadas/util/dnf_utils.py     | 11 +++++++++++
 2 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/iso/empanadas/empanadas/templates/README.tmpl b/iso/empanadas/empanadas/templates/README.tmpl
index 4e4828b..498653c 100644
--- a/iso/empanadas/empanadas/templates/README.tmpl
+++ b/iso/empanadas/empanadas/templates/README.tmpl
@@ -13,15 +13,16 @@ of metadata that we produce for easy consumption.
 
 CHECKSUM Validation: https://github.com/rocky-linux/checksums
 
-Traditionally, we would to "sign" the checksum files with the current GPG key
-of a major release. However, due to how the new build system operates and for
+Traditionally, we would "sign" the checksum files with the current GPG key of a
+major release. However, due to how the new build system operates and for
 ensuring strong security within the build system as it pertains the signing
 keys, this is no longer possible. It was determined by SIG/Core or Release
 Engineering to instead provide verified signed commits using our keys with
-RESF/Rocky Linux email domain names to a proper git repository.
+RESF/Rocky Linux email domain names to a proper git repository. Our signing keys
+are attached to our GitHub and RESF Git Service profiles.
 
-With that being said, if you are looking for "verification" of the ISO
-checksums, it is highly recommended to visit the link above.
+If you are looking for "verification" of the ISO checksums and were expecting a
+`CHECKSUM.sig`, it is highly recommended to visit the link above instead.
 
 These are *always* updated with new releases or new images. This includes
 live images as we release them.
diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 1f6ab3b..7e9c9df 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -14,6 +14,7 @@ import shutil
 import time
 import re
 import json
+import glob
 #import pipes
 
 from jinja2 import Environment, FileSystemLoader
@@ -1412,6 +1413,16 @@ class RepoSync:
                 )
 
         # Combine all checksums here
+        for arch in self.arches:
+            iso_arch_root = os.path.join(sync_iso_root, arch)
+            iso_arch_checksum = os.path.join(iso_arch_root, 'CHECKSUM')
+            with open(iso_arch_checksum, 'w+', encoding='utf-8') as fp:
+                for check in glob.iglob(iso_arch_root + '/*.CHECKSUM'):
+                    with open(check, 'r', encoding='utf-8') as sum:
+                        for line in sum:
+                            fp.write(line)
+                fp.close()
+
         # Deploy final metadata for a close out
         self.deploy_metadata(sync_root)
 

From b89ebe777a057cdd7220d2300a45fc176de6ff19 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Mon, 4 Jul 2022 12:36:15 -0700
Subject: [PATCH 44/96] Finish and resolve RLBT#0000134

---
 iso/empanadas/empanadas/util/dnf_utils.py | 21 +++++++++++++++++++--
 1 file changed, 19 insertions(+), 2 deletions(-)

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 7e9c9df..c7ced10 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -1356,6 +1356,11 @@ class RepoSync:
                 "live"
         )
 
+        sync_live_root = os.path.join(
+                sync_root,
+                'live'
+        )
+
         global_work_root = os.path.join(
                 work_root,
                 "global",
@@ -1397,9 +1402,9 @@ class RepoSync:
             )
 
             if os.path.exists('/usr/bin/fpsync'):
-                message, ret = Shared.fpsync_method(iso_root, sync_iso_root, tmp_dir)
+                message, ret = Shared.fpsync_method(live_root, sync_live_root, tmp_dir)
             elif os.path.exists('/usr/bin/parallel') and os.path.exists('/usr/bin/rsync'):
-                message, ret = Shared.rsync_method(iso_root, sync_iso_root)
+                message, ret = Shared.rsync_method(live_root, sync_live_root)
 
             if ret != 0:
                 self.log.error(
@@ -1421,8 +1426,20 @@ class RepoSync:
                     with open(check, 'r', encoding='utf-8') as sum:
                         for line in sum:
                             fp.write(line)
+                        sum.close()
                 fp.close()
 
+            if arch == 'x86_64' and os.path.exists(sync_live_root):
+                live_arch_root = os.path.join(sync_live_root, arch)
+                live_arch_checksum = os.path.join(live_arch_root, 'CHECKSUM')
+                with open(live_arch_checksum, 'w+', encoding='utf-8') as lp:
+                    for lcheck in glob.iglob(iso_arch_root + '/*.CHECKSUM'):
+                        with open(lcheck, 'r', encoding='utf-8') as sum:
+                            for line in sum:
+                                lp.write(line)
+                            sum.close()
+                    lp.close()
+
         # Deploy final metadata for a close out
         self.deploy_metadata(sync_root)
 

From 1c90edaa70df0f0d157ced136ac83180b6269dd5 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Mon, 4 Jul 2022 13:10:48 -0700
Subject: [PATCH 45/96] fix readme and bump to RC2

---
 iso/empanadas/empanadas/configs/el9.yaml  |  2 +-
 iso/empanadas/empanadas/util/dnf_utils.py |  2 +-
 sync/common_9                             |  2 +-
 sync/sync-to-staging-9.sh                 | 40 +++++++++++++++++++++++
 4 files changed, 43 insertions(+), 3 deletions(-)
 create mode 100644 sync/sync-to-staging-9.sh

diff --git a/iso/empanadas/empanadas/configs/el9.yaml b/iso/empanadas/empanadas/configs/el9.yaml
index 786c46a..e63cd6e 100644
--- a/iso/empanadas/empanadas/configs/el9.yaml
+++ b/iso/empanadas/empanadas/configs/el9.yaml
@@ -2,7 +2,7 @@
 '9':
   fullname: 'Rocky Linux 9.0'
   revision: '9.0'
-  rclvl: 'RC1'
+  rclvl: 'RC2'
   major: '9'
   minor: '0'
   profile: '9'
diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index c7ced10..336e782 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -996,7 +996,7 @@ class RepoSync:
                 version=empanadas.__version__
         )
 
-        with open(metadata_dir + '/README') as readme_file:
+        with open(metadata_dir + '/README', 'w+', encoding='utf-8') as readme_file:
             readme_file.write(readme_output)
             readme_file.close()
 
diff --git a/sync/common_9 b/sync/common_9
index 8b1cbb8..777ae46 100644
--- a/sync/common_9
+++ b/sync/common_9
@@ -9,7 +9,7 @@ MAJOR="${REVISION:0:1}"
 MINOR="${REVISION:2:1}"
 
 # comment or blank if needed
-APPEND_TO_DIR="-RC1"
+APPEND_TO_DIR="-RC2"
 
 STAGING_ROOT="/mnt/repos-staging"
 PRODUCTION_ROOT="/mnt/repos-production"
diff --git a/sync/sync-to-staging-9.sh b/sync/sync-to-staging-9.sh
new file mode 100644
index 0000000..ffcc6f1
--- /dev/null
+++ b/sync/sync-to-staging-9.sh
@@ -0,0 +1,40 @@
+#!/bin/bash
+
+# Source common variables
+# shellcheck disable=SC2046,1091,1090
+source "$(dirname "$0")/common"
+
+if [[ $# -eq 0 ]]; then
+  echo "You must specify a short name."
+  exit 1
+fi
+
+# Major Version (eg, 8)
+MAJ=${RLVER}
+# Short name (eg, NFV, extras, Rocky, gluster9)
+SHORT=${1}
+PROFILE=${2}
+
+cd "/mnt/compose/${MAJ}/latest-${SHORT}-${MAJ}${PROFILE}/compose" || { echo "Failed to change directory"; ret_val=1; exit 1; }
+ret_val=$?
+
+if [ $ret_val -eq "0" ]; then
+  TARGET="${STAGING_ROOT}/${CATEGORY_STUB}/${REV}"
+  mkdir -p "${TARGET}"
+  # disabling because none of our files should be starting with dashes. If they
+  # are something is *seriously* wrong here.
+  # shellcheck disable=SC2035
+  #sudo -l && find **/* -maxdepth 0 -type d | parallel --will-cite -j 18 sudo rsync -av --chown=10004:10005 --progress --relative --human-readable \
+  #    {} "${TARGET}"
+  sudo -l && fpsync -o '-av --numeric-ids --no-compress --chown=10004:10005' -n 18 -t /mnt/compose/partitions "/mnt/compose/${MAJ}/latest-${SHORT}-${MAJ}${PROFILE}/compose/" "${TARGET}/"
+
+  # This is temporary until we implement rsync into empanadas
+  #if [ -f "COMPOSE_ID" ]; then
+  #  cp COMPOSE_ID "${TARGET}"
+  #  chown 10004:10005 "${TARGET}/COMPOSE_ID"
+  #fi
+
+  #if [ -d "metadata" ]; then
+  #  rsync -av --chown=10004:10005 --progress --relative --human-readable metadata "${TARGET}"
+  #fi
+fi

From fe4daffb253804604a7fd902b57c579dc9778e29 Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Mon, 4 Jul 2022 16:22:12 -0400
Subject: [PATCH 46/96] Changes for oz/imagefactory config naming

---
 iso/empanadas/empanadas/scripts/build_image.py        | 1 +
 iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/iso/empanadas/empanadas/scripts/build_image.py b/iso/empanadas/empanadas/scripts/build_image.py
index f13afe3..e8b031c 100644
--- a/iso/empanadas/empanadas/scripts/build_image.py
+++ b/iso/empanadas/empanadas/scripts/build_image.py
@@ -176,6 +176,7 @@ class ImageBuild:
                 iso8601date=BUILDTIME.strftime("%Y%m%d"),
                 installdir="kickstart" if self.cli_args.kickstartdir else "os",
                 major=self.architecture.major,
+                minor=self.architecture.minor,
                 release=self.release,
                 size="10G",
                 type=self.image_type,
diff --git a/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl b/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl
index 5f0aa8b..73f99f7 100644
--- a/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl
+++ b/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl
@@ -1,8 +1,8 @@
 <template>
   <name>Rocky-{{major}}-{{type}}-{{version_variant}}.{{iso8601date}}.{{release}}.{{architecture}}</name>
         <os>
-            <name>Fedora</name>
-            <version>{{fedora_version}}</version>
+            <name>RHEL-{{major}}</name>
+            <version>{{minor}}</version>
             <arch>{{architecture}}</arch>
             <install type='url'>
               <url>https://dl.rockylinux.org/stg/rocky/{{major}}/BaseOS/{{architecture}}/{{installdir}}</url>

From 8954987365145acf002b6f511023ed805d8e6d79 Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Mon, 4 Jul 2022 17:55:46 -0400
Subject: [PATCH 47/96] Remove fedora_release var, no longer needed

---
 iso/empanadas/empanadas/configs/el8.yaml       | 1 -
 iso/empanadas/empanadas/configs/el9-beta.yaml  | 1 -
 iso/empanadas/empanadas/configs/el9.yaml       | 1 -
 iso/empanadas/empanadas/configs/el9lh.yaml     | 1 -
 iso/empanadas/empanadas/scripts/build_image.py | 3 ---
 5 files changed, 7 deletions(-)

diff --git a/iso/empanadas/empanadas/configs/el8.yaml b/iso/empanadas/empanadas/configs/el8.yaml
index 8ce71c7..eb80aff 100644
--- a/iso/empanadas/empanadas/configs/el8.yaml
+++ b/iso/empanadas/empanadas/configs/el8.yaml
@@ -7,7 +7,6 @@
   minor: '6'
   profile: '8'
   bugurl: 'https://bugs.rockylinux.org'
-  fedora_release: 28
   allowed_arches:
     - x86_64
     - aarch64
diff --git a/iso/empanadas/empanadas/configs/el9-beta.yaml b/iso/empanadas/empanadas/configs/el9-beta.yaml
index 116cc45..19d6cd5 100644
--- a/iso/empanadas/empanadas/configs/el9-beta.yaml
+++ b/iso/empanadas/empanadas/configs/el9-beta.yaml
@@ -8,7 +8,6 @@
   profile: '9-beta'
   bugurl: 'https://bugs.rockylinux.org'
   checksum: 'sha256'
-  fedora_release: 34
   allowed_arches:
     - x86_64
     - aarch64
diff --git a/iso/empanadas/empanadas/configs/el9.yaml b/iso/empanadas/empanadas/configs/el9.yaml
index e63cd6e..8280d50 100644
--- a/iso/empanadas/empanadas/configs/el9.yaml
+++ b/iso/empanadas/empanadas/configs/el9.yaml
@@ -6,7 +6,6 @@
   major: '9'
   minor: '0'
   profile: '9'
-  fedora_release: 34
   bugurl: 'https://bugs.rockylinux.org'
   checksum: 'sha256'
   allowed_arches:
diff --git a/iso/empanadas/empanadas/configs/el9lh.yaml b/iso/empanadas/empanadas/configs/el9lh.yaml
index ea833f7..4176f66 100644
--- a/iso/empanadas/empanadas/configs/el9lh.yaml
+++ b/iso/empanadas/empanadas/configs/el9lh.yaml
@@ -8,7 +8,6 @@
   profile: '9-lookahead'
   bugurl: 'https://bugs.rockylinux.org'
   checksum: 'sha256'
-  fedora_release: 34
   allowed_arches:
     - x86_64
     - aarch64
diff --git a/iso/empanadas/empanadas/scripts/build_image.py b/iso/empanadas/empanadas/scripts/build_image.py
index e8b031c..adbf501 100644
--- a/iso/empanadas/empanadas/scripts/build_image.py
+++ b/iso/empanadas/empanadas/scripts/build_image.py
@@ -63,7 +63,6 @@ class ImageBuild:
     command_args: List[str] = field(factory=list)
     common_args: List[str] = field(factory=list)
     debug: bool = field(default=False)
-    fedora_release: int = field()
     image_type: str = field()
     job_template: Optional[Template] = field(init=False)
     kickstart_arg: List[str] = field(factory=list)
@@ -172,7 +171,6 @@ class ImageBuild:
         with os.fdopen(handle, "wb") as tmp:
             _template = self.template.render(
                 architecture=self.architecture.name,
-                fedora_version=self.fedora_release,
                 iso8601date=BUILDTIME.strftime("%Y%m%d"),
                 installdir="kickstart" if self.cli_args.kickstartdir else "os",
                 major=self.architecture.major,
@@ -368,7 +366,6 @@ def run():
                 architecture=Architecture.from_version(architecture, rlvars['revision']),
                 cli_args=results,
                 debug=results.debug,
-                fedora_release=rlvars['fedora_release'],
                 image_type=results.type, 
                 release=results.release if results.release else 0,
                 template=tdl_template,

From 554937009eab49bc8166d680f0456cdc9e6d850d Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Mon, 4 Jul 2022 21:15:47 -0400
Subject: [PATCH 48/96] Fixup container files

---
 .github/workflows/mix-empanadas.yml      | 4 ++--
 iso/empanadas/Containerfile              | 2 +-
 iso/empanadas/Containerfile.imagefactory | 8 +++-----
 3 files changed, 6 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/mix-empanadas.yml b/.github/workflows/mix-empanadas.yml
index 7ee3791..ebae78d 100644
--- a/.github/workflows/mix-empanadas.yml
+++ b/.github/workflows/mix-empanadas.yml
@@ -40,8 +40,8 @@ jobs:
           builder: ${{ steps.buildx.outputs.name }}
           platforms: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le
           context: ./iso/empanadas
-          file: ./iso/empanadas/Containerfile.imagefactory
+          file: ./iso/empanadas/Containerfile
           push: ${{ github.event_name != 'pull_request' }}
-          tags: ghcr.io/rocky-linux/empanadas-imagefactory:latest
+          tags: ghcr.io/rocky-linux/sig-core-toolkit:latest
           cache-from: type=gha
           cache-to: type=gha,mode=max
diff --git a/iso/empanadas/Containerfile b/iso/empanadas/Containerfile
index 3eb45c2..86a67c5 100644
--- a/iso/empanadas/Containerfile
+++ b/iso/empanadas/Containerfile
@@ -56,7 +56,7 @@ RUN rm -rf /etc/yum.repos.d/*.repo
 RUN useradd -o -d /var/peridot -u 1002 peridotbuilder && usermod -a -G mock peridotbuilder
 RUN chown peridotbuilder:mock /etc/yum.conf && chown -R peridotbuilder:mock /etc/dnf && chown -R peridotbuilder:mock /etc/rpm && chown -R peridotbuilder:mock /etc/yum.repos.d
 
-RUN pip install 'git+https://git.rockylinux.org/release-engineering/public/toolkit.git@devel#egg=empanadas&subdirectory=iso/empanadas'
+RUN pip install 'git+https://git.resf.org/sig_core/toolkit.git@devel#egg=empanadas&subdirectory=iso/empanadas'
 
 RUN pip install awscli
 
diff --git a/iso/empanadas/Containerfile.imagefactory b/iso/empanadas/Containerfile.imagefactory
index c370ebd..a66ccb6 100644
--- a/iso/empanadas/Containerfile.imagefactory
+++ b/iso/empanadas/Containerfile.imagefactory
@@ -53,15 +53,13 @@ RUN pip install awscli
 
 ENV BRANCH r9
 RUN git clone https://git.rockylinux.org/rocky/kickstarts.git --branch $BRANCH /kickstarts
-RUN cp /kickstarts/Rocky-9-Container.ks /kickstarts/Rocky-9-Container-Base.ks
-RUN sed -i "s/\$basearch/$(uname -m)/" /kickstarts/Rocky-9-Container-Base.ks
 
 # devel only
-COPY . /empanadas
-RUN pip install -e /empanadas
+# COPY . /empanadas
+# RUN pip install -e /empanadas
 
 # prod
-#RUN pip install 'git+https://git.rockylinux.org/release-engineering/public/toolkit.git@devel#egg=empanadas&subdirectory=iso/empanadas'
+RUN pip install 'git+https://git.resf.org/sig_core/toolkit.git@devel#egg=empanadas&subdirectory=iso/empanadas'
 
 ENV LIBGUESTFS_BACKEND direct
 

From 138d1076f51765e5f4655954794a85f61e74b13e Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Mon, 4 Jul 2022 21:24:35 -0700
Subject: [PATCH 49/96] correct treeinfo for ks

---
 iso/empanadas/empanadas/util/dnf_utils.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 336e782..09f527c 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -1279,7 +1279,7 @@ class RepoSync:
                 except Exception as e:
                     self.log.error(
                             '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                            'There was an error writing treeinfo.'
+                            'There was an error writing os treeinfo.'
                     )
                     self.log.error(e)
 
@@ -1288,7 +1288,7 @@ class RepoSync:
                     ksdata = {
                             'arch': a,
                             'variant': v,
-                            'variant_path': image,
+                            'variant_path': ksimage,
                             'checksum': self.checksum,
                             'distname': self.distname,
                             'fullname': self.fullname,
@@ -1303,7 +1303,7 @@ class RepoSync:
                     except Exception as e:
                         self.log.error(
                                 '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                                'There was an error writing treeinfo.'
+                                'There was an error writing kickstart treeinfo.'
                         )
                         self.log.error(e)
 

From 3aa640ec453fbb8d12933948d531a9949c9cef58 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Tue, 5 Jul 2022 00:26:49 -0700
Subject: [PATCH 50/96] add generic exceptions

---
 iso/empanadas/empanadas/util/dnf_utils.py | 147 +++++++++++++---------
 1 file changed, 87 insertions(+), 60 deletions(-)

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 09f527c..ae3c638 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -1060,15 +1060,18 @@ class RepoSync:
                 )
 
                 if not os.path.exists(os_tree_path):
-                    Shared.treeinfo_new_write(
-                            os_tree_path,
-                            self.distname,
-                            self.shortname,
-                            self.fullversion,
-                            a,
-                            int(self.timestamp),
-                            repo_name
-                    )
+                    try:
+                        Shared.treeinfo_new_write(
+                                os_tree_path,
+                                self.distname,
+                                self.shortname,
+                                self.fullversion,
+                                a,
+                                int(self.timestamp),
+                                repo_name
+                        )
+                    except Exception as e:
+                        print(e)
                 else:
                     self.log.warn(
                             '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
@@ -1076,12 +1079,15 @@ class RepoSync:
                     )
 
                 if not os.path.exists(os_disc_path):
-                    Shared.discinfo_write(
-                            self.timestamp,
-                            self.fullname,
-                            a,
-                            os_disc_path
-                    )
+                    try:
+                        Shared.discinfo_write(
+                                self.timestamp,
+                                self.fullname,
+                                a,
+                                os_disc_path
+                        )
+                    except Exception as e:
+                        print(e)
                 else:
                     self.log.warn(
                             '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
@@ -1089,11 +1095,14 @@ class RepoSync:
                     )
 
                 if not os.path.exists(os_media_path):
-                    Shared.media_repo_write(
-                            self.timestamp,
-                            self.fullname,
-                            os_media_path
-                    )
+                    try:
+                        Shared.media_repo_write(
+                                self.timestamp,
+                                self.fullname,
+                                os_media_path
+                        )
+                    except Exception as e:
+                        print(e)
                 else:
                     self.log.warn(
                             '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
@@ -1123,15 +1132,18 @@ class RepoSync:
                     )
 
                     if not os.path.exists(debug_tree_path):
-                        Shared.treeinfo_new_write(
-                                debug_tree_path,
-                                self.distname,
-                                self.shortname,
-                                self.fullversion,
-                                a,
-                                self.timestamp,
-                                repo_name
-                        )
+                        try:
+                            Shared.treeinfo_new_write(
+                                    debug_tree_path,
+                                    self.distname,
+                                    self.shortname,
+                                    self.fullversion,
+                                    a,
+                                    self.timestamp,
+                                    repo_name
+                            )
+                        except Exception as e:
+                            print(e)
                     else:
                         self.log.warn(
                                 '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
@@ -1139,12 +1151,15 @@ class RepoSync:
                         )
 
                     if not os.path.exists(debug_disc_path):
-                        Shared.discinfo_write(
-                                self.timestamp,
-                                self.fullname,
-                                a,
-                                debug_disc_path
-                        )
+                        try:
+                            Shared.discinfo_write(
+                                    self.timestamp,
+                                    self.fullname,
+                                    a,
+                                    debug_disc_path
+                            )
+                        except Exception as e:
+                            print(e)
                     else:
                         self.log.warn(
                                 '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
@@ -1152,11 +1167,14 @@ class RepoSync:
                         )
 
                     if not os.path.exists(debug_media_path):
-                        Shared.media_repo_write(
-                                self.timestamp,
-                                self.fullname,
-                                debug_media_path
-                        )
+                        try:
+                            Shared.media_repo_write(
+                                    self.timestamp,
+                                    self.fullname,
+                                    debug_media_path
+                            )
+                        except Exception as e:
+                            print(e)
                     else:
                         self.log.warn(
                                 '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
@@ -1184,15 +1202,18 @@ class RepoSync:
                 )
 
                 if not os.path.exists(source_tree_path):
-                    Shared.treeinfo_new_write(
-                            source_tree_path,
-                            self.distname,
-                            self.shortname,
-                            self.fullversion,
-                            'src',
-                            self.timestamp,
-                            repo_name
-                    )
+                    try:
+                        Shared.treeinfo_new_write(
+                                source_tree_path,
+                                self.distname,
+                                self.shortname,
+                                self.fullversion,
+                                'src',
+                                self.timestamp,
+                                repo_name
+                        )
+                    except Exception as e:
+                        print(e)
                 else:
                     self.log.warn(
                             '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
@@ -1200,12 +1221,15 @@ class RepoSync:
                     )
 
                 if not os.path.exists(source_disc_path):
-                    Shared.discinfo_write(
-                            self.timestamp,
-                            self.fullname,
-                            'src',
-                            source_disc_path
-                    )
+                    try:
+                        Shared.discinfo_write(
+                                self.timestamp,
+                                self.fullname,
+                                'src',
+                                source_disc_path
+                        )
+                    except Exception as e:
+                        print(e)
                 else:
                     self.log.warn(
                             '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
@@ -1213,11 +1237,14 @@ class RepoSync:
                     )
 
                 if not os.path.exists(source_media_path):
-                    Shared.media_repo_write(
-                            self.timestamp,
-                            self.fullname,
-                            source_media_path
-                    )
+                    try:
+                        Shared.media_repo_write(
+                                self.timestamp,
+                                self.fullname,
+                                source_media_path
+                        )
+                    except Exception as e:
+                        print(e)
                 else:
                     self.log.warn(
                             '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +

From 1d5447b1fbde6dd22f8b90a408606e27a375caab Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Tue, 5 Jul 2022 00:50:02 -0700
Subject: [PATCH 51/96] use actual logging now

---
 iso/empanadas/empanadas/util/dnf_utils.py | 54 +++++++++++++++++++----
 1 file changed, 45 insertions(+), 9 deletions(-)

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index ae3c638..87f6254 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -1071,7 +1071,11 @@ class RepoSync:
                                 repo_name
                         )
                     except Exception as e:
-                        print(e)
+                        self.log.error(
+                                '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                                repo_name + ' ' + a + ' os .treeinfo could not be written'
+                        )
+                        self.log.error(e)
                 else:
                     self.log.warn(
                             '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
@@ -1087,7 +1091,11 @@ class RepoSync:
                                 os_disc_path
                         )
                     except Exception as e:
-                        print(e)
+                        self.log.error(
+                                '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                                repo_name + ' ' + a + ' os .discinfo could not be written'
+                        )
+                        self.log.error(e)
                 else:
                     self.log.warn(
                             '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
@@ -1102,7 +1110,11 @@ class RepoSync:
                                 os_media_path
                         )
                     except Exception as e:
-                        print(e)
+                        self.log.error(
+                                '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                                repo_name + ' ' + a + ' os media.repo could not be written'
+                        )
+                        self.log.error(e)
                 else:
                     self.log.warn(
                             '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
@@ -1143,7 +1155,11 @@ class RepoSync:
                                     repo_name
                             )
                         except Exception as e:
-                            print(e)
+                            self.log.error(
+                                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                                    repo_name + ' ' + a + ' debug .treeinfo could not be written'
+                            )
+                            self.log.error(e)
                     else:
                         self.log.warn(
                                 '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
@@ -1159,7 +1175,11 @@ class RepoSync:
                                     debug_disc_path
                             )
                         except Exception as e:
-                            print(e)
+                            self.log.error(
+                                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                                    repo_name + ' ' + a + ' debug .discinfo could not be written'
+                            )
+                            self.log.error(e)
                     else:
                         self.log.warn(
                                 '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
@@ -1174,7 +1194,11 @@ class RepoSync:
                                     debug_media_path
                             )
                         except Exception as e:
-                            print(e)
+                            self.log.error(
+                                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                                    repo_name + ' ' + a + ' debug media.repo could not be written'
+                            )
+                            self.log.error(e)
                     else:
                         self.log.warn(
                                 '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
@@ -1213,7 +1237,11 @@ class RepoSync:
                                 repo_name
                         )
                     except Exception as e:
-                        print(e)
+                        self.log.error(
+                                '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                                repo_name + ' source os .treeinfo could not be written'
+                        )
+                        self.log.error(e)
                 else:
                     self.log.warn(
                             '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
@@ -1229,7 +1257,11 @@ class RepoSync:
                                 source_disc_path
                         )
                     except Exception as e:
-                        print(e)
+                        self.log.error(
+                                '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                                repo_name + ' source os .discinfo could not be written'
+                        )
+                        self.log.error(e)
                 else:
                     self.log.warn(
                             '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
@@ -1244,7 +1276,11 @@ class RepoSync:
                                 source_media_path
                         )
                     except Exception as e:
-                        print(e)
+                        self.log.error(
+                                '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                                repo_name + ' source os media.repo could not be written'
+                        )
+                        self.log.error(e)
                 else:
                     self.log.warn(
                             '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +

From cf13fb0a0217ad2e78f511475a5d6e71e54a3a1c Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Tue, 5 Jul 2022 08:04:46 -0700
Subject: [PATCH 52/96] add missing ks treeinfo deploy

---
 iso/empanadas/empanadas/util/dnf_utils.py | 85 +++++++++++++++++++++++
 1 file changed, 85 insertions(+)

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 87f6254..7294ae2 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -1059,6 +1059,28 @@ class RepoSync:
                         'os/media.repo'
                 )
 
+                ks_tree_path = os.path.join(
+                        sync_root,
+                        repo_name,
+                        a,
+                        'kickstart/.treeinfo'
+                )
+
+                ks_disc_path = os.path.join(
+                        sync_root,
+                        repo_name,
+                        a,
+                        'kickstart/.discinfo'
+                )
+
+                ks_media_path = os.path.join(
+                        sync_root,
+                        repo_name,
+                        a,
+                        'kickstart/media.repo'
+                )
+
+
                 if not os.path.exists(os_tree_path):
                     try:
                         Shared.treeinfo_new_write(
@@ -1121,6 +1143,69 @@ class RepoSync:
                             repo_name + ' ' + a + ' os media.repo already exists'
                     )
 
+                # Kickstart part of the repos
+                if not os.path.exists(ks_tree_path):
+                    try:
+                        Shared.treeinfo_new_write(
+                                ks_tree_path,
+                                self.distname,
+                                self.shortname,
+                                self.fullversion,
+                                a,
+                                int(self.timestamp),
+                                repo_name
+                        )
+                    except Exception as e:
+                        self.log.error(
+                                '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                                repo_name + ' ' + a + ' kickstart .treeinfo could not be written'
+                        )
+                        self.log.error(e)
+                else:
+                    self.log.warn(
+                            '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
+                            repo_name + ' ' + a + ' kickstart .treeinfo already exists'
+                    )
+
+                if not os.path.exists(ks_disc_path):
+                    try:
+                        Shared.discinfo_write(
+                                self.timestamp,
+                                self.fullname,
+                                a,
+                                ks_disc_path
+                        )
+                    except Exception as e:
+                        self.log.error(
+                                '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                                repo_name + ' ' + a + ' kickstart .discinfo could not be written'
+                        )
+                        self.log.error(e)
+                else:
+                    self.log.warn(
+                            '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
+                            repo_name + ' ' + a + ' kickstart .discinfo already exists'
+                    )
+
+                if not os.path.exists(ks_media_path):
+                    try:
+                        Shared.media_repo_write(
+                                self.timestamp,
+                                self.fullname,
+                                ks_media_path
+                        )
+                    except Exception as e:
+                        self.log.error(
+                                '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                                repo_name + ' ' + a + ' kickstart media.repo could not be written'
+                        )
+                        self.log.error(e)
+                else:
+                    self.log.warn(
+                            '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
+                            repo_name + ' ' + a + ' kickstart media.repo already exists'
+                    )
+
                 if not self.ignore_debug and not a == 'source':
                     debug_tree_path = os.path.join(
                             sync_root,

From a7cf5db050f5dce1a6e7806b1a70fc505aa06eed Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Tue, 5 Jul 2022 08:43:57 -0700
Subject: [PATCH 53/96] fix up if statement

---
 iso/empanadas/empanadas/util/dnf_utils.py | 1 -
 iso/empanadas/empanadas/util/shared.py    | 4 ++--
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 7294ae2..d708b2d 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -1444,7 +1444,6 @@ class RepoSync:
                             'release': self.fullversion,
                             'timestamp': self.timestamp,
                     }
-                    ksdata.clear()
 
                     try:
                         Shared.treeinfo_modify_write(ksdata, imagemap, self.log)
diff --git a/iso/empanadas/empanadas/util/shared.py b/iso/empanadas/empanadas/util/shared.py
index 58525f8..77e6346 100644
--- a/iso/empanadas/empanadas/util/shared.py
+++ b/iso/empanadas/empanadas/util/shared.py
@@ -127,9 +127,9 @@ class Shared:
         timestamp = data['timestamp']
 
         os_or_ks = ''
-        if '/os/' in variant_path or not imagemap['disc']:
+        if '/os' in variant_path or not imagemap['disc']:
             os_or_ks = 'os'
-        if '/kickstart/' in variant_path:
+        if '/kickstart' in variant_path:
             os_or_ks = 'kickstart'
 
         image = os.path.join(variant_path)

From 6946b737fc5f887de453faee662c9f2f62fc8c24 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Tue, 5 Jul 2022 14:47:38 -0700
Subject: [PATCH 54/96] Simplify colors and start fleshing out cloud image
 pulls

---
 iso/empanadas/empanadas/common.py         |   4 +
 iso/empanadas/empanadas/configs/el9.yaml  |   3 +
 iso/empanadas/empanadas/util/dnf_utils.py | 233 +++++++---------------
 iso/empanadas/empanadas/util/iso_utils.py | 233 ++++++++++------------
 iso/empanadas/empanadas/util/shared.py    |   8 +-
 5 files changed, 183 insertions(+), 298 deletions(-)

diff --git a/iso/empanadas/empanadas/common.py b/iso/empanadas/empanadas/common.py
index 01e90b8..7073606 100644
--- a/iso/empanadas/empanadas/common.py
+++ b/iso/empanadas/empanadas/common.py
@@ -38,6 +38,10 @@ class Color:
     UNDERLINE = '\033[4m'
     BOLD = '\033[1m'
     END = '\033[0m'
+    INFO = '[' + BOLD + GREEN + 'INFO' + END + '] '
+    WARN = '[' + BOLD + YELLOW + 'WARN' + END + '] '
+    FAIL = '[' + BOLD + RED + 'FAIL' + END + '] '
+    STAT = '[' + BOLD + CYAN + 'STAT' + END + '] '
 
 # vars and additional checks
 rldict = AttributeDict()
diff --git a/iso/empanadas/empanadas/configs/el9.yaml b/iso/empanadas/empanadas/configs/el9.yaml
index 8280d50..e53f851 100644
--- a/iso/empanadas/empanadas/configs/el9.yaml
+++ b/iso/empanadas/empanadas/configs/el9.yaml
@@ -72,6 +72,9 @@
         - 'lorax-templates-rhel'
         - 'lorax-templates-generic'
         - 'xorriso'
+  cloudimages:
+    - EC2
+    - GenericCloud
   repoclosure_map:
     arches:
       x86_64: '--forcearch=x86_64 --arch=x86_64 --arch=athlon --arch=i686 --arch=i586 --arch=i486 --arch=i386 --arch=noarch'
diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index d708b2d..191fa16 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -235,10 +235,7 @@ class RepoSync:
             raise SystemExit()
 
         if self.fullrun and self.refresh_extra_files:
-            self.log.warn(
-                    '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                    'A full run implies extra files are also deployed.'
-            )
+            self.log.warn(Color.WARN + 'A full run implies extra files are also deployed.')
 
         self.sync(self.repo, sync_root, work_root, log_root, global_work_root, self.arch)
 
@@ -575,10 +572,7 @@ class RepoSync:
 
             join_all_pods = ' '.join(entry_name_list)
             time.sleep(3)
-            self.log.info(
-                    '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                    'Syncing ' + r + ' ...'
-            )
+            self.log.info(Color.INFO + 'Syncing ' + r + ' ...')
             pod_watcher = '{} wait {}'.format(
                     cmd,
                     join_all_pods
@@ -608,9 +602,7 @@ class RepoSync:
 
                 output, errors = podcheck.communicate()
                 if 'Exited (0)' not in output.decode():
-                    self.log.error(
-                            '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' + pod
-                    )
+                    self.log.error(Color.FAIL + pod)
                     bad_exit_list.append(pod)
 
             rmcmd = '{} rm {}'.format(
@@ -626,10 +618,7 @@ class RepoSync:
             )
 
             entry_name_list.clear()
-            self.log.info(
-                    '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                    'Syncing ' + r + ' completed'
-            )
+            self.log.info(Color.INFO + 'Syncing ' + r + ' completed')
 
         if len(bad_exit_list) > 0:
             self.log.error(
@@ -849,9 +838,7 @@ class RepoSync:
 
                 output, errors = podcheck.communicate()
                 if 'Exited (0)' not in output.decode():
-                    self.log.error(
-                            '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' + pod
-                    )
+                    self.log.error(Color.FAIL + pod)
                     bad_exit_list.append(pod)
 
             rmcmd = '{} rm {}'.format(
@@ -885,10 +872,7 @@ class RepoSync:
         might also deploy COMPOSE_ID and maybe in the future a metadata dir with
         a bunch of compose-esque stuff.
         """
-        self.log.info(
-                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                'Deploying treeinfo, discinfo, and media.repo'
-        )
+        self.log.info(Color.INFO + 'Deploying treeinfo, discinfo, and media.repo')
 
         cmd = Shared.git_cmd(self.log)
         tmpclone = '/tmp/clone'
@@ -919,10 +903,7 @@ class RepoSync:
                 stderr=subprocess.DEVNULL
         )
 
-        self.log.info(
-                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                'Deploying extra files to work and metadata directories ...'
-        )
+        self.log.info(Color.INFO + 'Deploying extra files to work and metadata directories ...')
 
         # Copy files to work root
         for extra in self.extra_files['list']:
@@ -934,18 +915,13 @@ class RepoSync:
                 shutil.copy2(src, extra_files_dir)
                 shutil.copy2(src, metadata_dir)
             except:
-                self.log.warn(
-                        '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                        'Extra file not copied: ' + src
-                )
+                self.log.warn(Color.WARN + 'Extra file not copied: ' + src)
 
         try:
             shutil.rmtree(tmpclone)
         except OSError as e:
-            self.log.error(
-                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                    'Directory ' + tmpclone + ' could not be removed: ' +
-                    e.strerror
+            self.log.error(Color.FAIL + 'Directory ' + tmpclone +
+                    ' could not be removed: ' + e.strerror
             )
 
     def deploy_metadata(self, sync_root):
@@ -954,10 +930,7 @@ class RepoSync:
         will be close to how pungi produces it, but it won't be exact nor a
         perfect replica.
         """
-        self.log.info(
-                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                'Deploying metadata for this compose'
-        )
+        self.log.info(Color.INFO + 'Deploying metadata for this compose')
         # Create metadata here
         # Create COMPOSE_ID here (this doesn't necessarily match anything, it's
         # just an indicator)
@@ -984,10 +957,7 @@ class RepoSync:
                 metadata_dir + '/metadata'
         )
 
-        self.log.info(
-                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                'Metadata files phase completed.'
-        )
+        self.log.info(Color.INFO + 'Metadata files phase completed.')
 
         # Deploy README to metadata directory
         readme_template = self.tmplenv.get_template('README.tmpl')
@@ -1007,10 +977,7 @@ class RepoSync:
         overwritten by our ISO process, which is fine. If there is a treeinfo
         found, it will be skipped.
         """
-        self.log.info(
-                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                'Deploying treeinfo, discinfo, and media.repo'
-        )
+        self.log.info(Color.INFO + 'Deploying treeinfo, discinfo, and media.repo')
 
         arches_to_tree = self.arches
         if arch:
@@ -1093,16 +1060,12 @@ class RepoSync:
                                 repo_name
                         )
                     except Exception as e:
-                        self.log.error(
-                                '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                                repo_name + ' ' + a + ' os .treeinfo could not be written'
+                        self.log.error(Color.FAIL + repo_name + ' ' +
+                                a + ' os .treeinfo could not be written'
                         )
                         self.log.error(e)
                 else:
-                    self.log.warn(
-                            '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                            repo_name + ' ' + a + ' os .treeinfo already exists'
-                    )
+                    self.log.warn(Color.WARN + repo_name + ' ' + a + ' os .treeinfo already exists')
 
                 if not os.path.exists(os_disc_path):
                     try:
@@ -1113,15 +1076,13 @@ class RepoSync:
                                 os_disc_path
                         )
                     except Exception as e:
-                        self.log.error(
-                                '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                                repo_name + ' ' + a + ' os .discinfo could not be written'
+                        self.log.error(Color.FAIL + repo_name + ' ' +
+                                a + ' os .discinfo could not be written'
                         )
                         self.log.error(e)
                 else:
-                    self.log.warn(
-                            '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                            repo_name + ' ' + a + ' os .discinfo already exists'
+                    self.log.warn(Color.WARN + repo_name + ' ' + a +
+                            ' os .discinfo already exists'
                     )
 
                 if not os.path.exists(os_media_path):
@@ -1132,15 +1093,13 @@ class RepoSync:
                                 os_media_path
                         )
                     except Exception as e:
-                        self.log.error(
-                                '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                                repo_name + ' ' + a + ' os media.repo could not be written'
+                        self.log.error(Color.FAIL + repo_name + ' ' + a +
+                                ' os media.repo could not be written'
                         )
                         self.log.error(e)
                 else:
-                    self.log.warn(
-                            '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                            repo_name + ' ' + a + ' os media.repo already exists'
+                    self.log.warn(Color.WARN + repo_name + ' ' + a +
+                            ' os media.repo already exists'
                     )
 
                 # Kickstart part of the repos
@@ -1156,15 +1115,13 @@ class RepoSync:
                                 repo_name
                         )
                     except Exception as e:
-                        self.log.error(
-                                '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                                repo_name + ' ' + a + ' kickstart .treeinfo could not be written'
+                        self.log.error(Color.FAIL + repo_name + ' ' + a +
+                                ' kickstart .treeinfo could not be written'
                         )
                         self.log.error(e)
                 else:
-                    self.log.warn(
-                            '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                            repo_name + ' ' + a + ' kickstart .treeinfo already exists'
+                    self.log.warn(Color.WARN + repo_name + ' ' + a +
+                            ' kickstart .treeinfo already exists'
                     )
 
                 if not os.path.exists(ks_disc_path):
@@ -1176,15 +1133,13 @@ class RepoSync:
                                 ks_disc_path
                         )
                     except Exception as e:
-                        self.log.error(
-                                '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                                repo_name + ' ' + a + ' kickstart .discinfo could not be written'
+                        self.log.error(Color.FAIL + repo_name + ' ' + a +
+                                ' kickstart .discinfo could not be written'
                         )
                         self.log.error(e)
                 else:
-                    self.log.warn(
-                            '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                            repo_name + ' ' + a + ' kickstart .discinfo already exists'
+                    self.log.warn(Color.FAIL + repo_name + ' ' + a +
+                            ' kickstart .discinfo already exists'
                     )
 
                 if not os.path.exists(ks_media_path):
@@ -1195,15 +1150,13 @@ class RepoSync:
                                 ks_media_path
                         )
                     except Exception as e:
-                        self.log.error(
-                                '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                                repo_name + ' ' + a + ' kickstart media.repo could not be written'
+                        self.log.error(Color.FAIL + repo_name + ' ' + a +
+                                ' kickstart media.repo could not be written'
                         )
                         self.log.error(e)
                 else:
-                    self.log.warn(
-                            '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                            repo_name + ' ' + a + ' kickstart media.repo already exists'
+                    self.log.warn(Color.WARN + repo_name + ' ' + a +
+                            ' kickstart media.repo already exists'
                     )
 
                 if not self.ignore_debug and not a == 'source':
@@ -1240,15 +1193,13 @@ class RepoSync:
                                     repo_name
                             )
                         except Exception as e:
-                            self.log.error(
-                                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                                    repo_name + ' ' + a + ' debug .treeinfo could not be written'
+                            self.log.error(Color.FAIL + repo_name + ' ' + a +
+                                    ' debug .treeinfo could not be written'
                             )
                             self.log.error(e)
                     else:
-                        self.log.warn(
-                                '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                                r + ' ' + a + ' debug .treeinfo already exists'
+                        self.log.warn(Color.WARN + r + ' ' + a +
+                                ' debug .treeinfo already exists'
                         )
 
                     if not os.path.exists(debug_disc_path):
@@ -1260,15 +1211,13 @@ class RepoSync:
                                     debug_disc_path
                             )
                         except Exception as e:
-                            self.log.error(
-                                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                                    repo_name + ' ' + a + ' debug .discinfo could not be written'
+                            self.log.error(Color.FAIL + repo_name + ' ' + a +
+                                    ' debug .discinfo could not be written'
                             )
                             self.log.error(e)
                     else:
-                        self.log.warn(
-                                '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                                r + ' ' + a + ' debug .discinfo already exists'
+                        self.log.warn(Color.WARN + r + ' ' + a +
+                                ' debug .discinfo already exists'
                         )
 
                     if not os.path.exists(debug_media_path):
@@ -1279,15 +1228,13 @@ class RepoSync:
                                     debug_media_path
                             )
                         except Exception as e:
-                            self.log.error(
-                                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                                    repo_name + ' ' + a + ' debug media.repo could not be written'
+                            self.log.error(Color.FAIL + repo_name + ' ' + a +
+                                    ' debug media.repo could not be written'
                             )
                             self.log.error(e)
                     else:
-                        self.log.warn(
-                                '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                                repo_name + ' ' + a + ' debug media.repo already exists'
+                        self.log.warn(Color.WARN + repo_name + ' ' + a +
+                                ' debug media.repo already exists'
                         )
 
 
@@ -1322,16 +1269,10 @@ class RepoSync:
                                 repo_name
                         )
                     except Exception as e:
-                        self.log.error(
-                                '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                                repo_name + ' source os .treeinfo could not be written'
-                        )
+                        self.log.error(Color.FAIL + repo_name + ' source os .treeinfo could not be written')
                         self.log.error(e)
                 else:
-                    self.log.warn(
-                            '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                            repo_name + ' source os .treeinfo already exists'
-                    )
+                    self.log.warn(Color.WARN + repo_name + ' source os .treeinfo already exists')
 
                 if not os.path.exists(source_disc_path):
                     try:
@@ -1342,16 +1283,10 @@ class RepoSync:
                                 source_disc_path
                         )
                     except Exception as e:
-                        self.log.error(
-                                '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                                repo_name + ' source os .discinfo could not be written'
-                        )
+                        self.log.error(Color.FAIL + repo_name + ' source os .discinfo could not be written')
                         self.log.error(e)
                 else:
-                    self.log.warn(
-                            '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                            repo_name + ' source .discinfo already exists'
-                    )
+                    self.log.warn(Color.WARN + repo_name + ' source .discinfo already exists')
 
                 if not os.path.exists(source_media_path):
                     try:
@@ -1361,16 +1296,10 @@ class RepoSync:
                                 source_media_path
                         )
                     except Exception as e:
-                        self.log.error(
-                                '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                                repo_name + ' source os media.repo could not be written'
-                        )
+                        self.log.error(Color.FAIL + repo_name + ' source os media.repo could not be written')
                         self.log.error(e)
                 else:
-                    self.log.warn(
-                            '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                            repo_name + ' source media.repo already exists'
-                    )
+                    self.log.warn(Color.WARN + repo_name + ' source media.repo already exists')
 
     def tweak_treeinfo(self, repo, sync_root, arch):
         """
@@ -1396,18 +1325,12 @@ class RepoSync:
                 variants_to_tweak.append(r)
 
         if not len(variants_to_tweak) > 0:
-            self.log.info(
-                    '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                    'No treeinfo to tweak.'
-            )
+            self.log.info(Color.INFO + 'No treeinfo to tweak.')
             return
 
         for a in arches_to_tree:
             for v in variants_to_tweak:
-                self.log.info(
-                        '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                        'Tweaking treeinfo for ' + a + ' ' + v
-                )
+                self.log.info(Color.INFO + 'Tweaking treeinfo for ' + a + ' ' + v)
                 image = os.path.join(sync_root, v, a, 'os')
                 imagemap = self.iso_map['images'][v]
                 data = {
@@ -1425,10 +1348,7 @@ class RepoSync:
                 try:
                     Shared.treeinfo_modify_write(data, imagemap, self.log)
                 except Exception as e:
-                    self.log.error(
-                            '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                            'There was an error writing os treeinfo.'
-                    )
+                    self.log.error(Color.FAIL + 'There was an error writing os treeinfo.')
                     self.log.error(e)
 
                 if self.fullrun:
@@ -1448,10 +1368,7 @@ class RepoSync:
                     try:
                         Shared.treeinfo_modify_write(ksdata, imagemap, self.log)
                     except Exception as e:
-                        self.log.error(
-                                '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                                'There was an error writing kickstart treeinfo.'
-                        )
+                        self.log.error(Color.FAIL + 'There was an error writing kickstart treeinfo.')
                         self.log.error(e)
 
     def run_compose_closeout(self):
@@ -1513,18 +1430,17 @@ class RepoSync:
                 "global",
         )
 
-        self.log.info(
-                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                'Starting to sync ISOs to compose'
-        )
+        self.log.info(Color.INFO + 'Starting to sync ISOs to compose')
 
         if os.path.exists('/usr/bin/fpsync'):
+            self.log.info(Color.INFO + 'Starting up fpsync')
             message, ret = Shared.fpsync_method(iso_root, sync_iso_root, tmp_dir)
         elif os.path.exists('/usr/bin/parallel') and os.path.exists('/usr/bin/rsync'):
+            self.log.info(Color.INFO + 'Starting up parallel | rsync')
             message, ret = Shared.rsync_method(iso_root, sync_iso_root)
         else:
             self.log.error(
-                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                    Color.FAIL +
                     'fpsync nor parallel + rsync were found on this system. ' +
                     'There is also no built-in parallel rsync method at this ' +
                     'time.'
@@ -1532,21 +1448,12 @@ class RepoSync:
             raise SystemExit()
 
         if ret != 0:
-            self.log.error(
-                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                    message
-            )
+            self.log.error(Color.FAIL + message)
         else:
-            self.log.info(
-                    '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                    message
-            )
+            self.log.info(Color.INFO + message)
 
         if os.path.exists(live_root):
-            self.log.info(
-                    '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                    'Starting to sync live images to compose'
-            )
+            self.log.info(Color.INFO + 'Starting to sync live images to compose')
 
             if os.path.exists('/usr/bin/fpsync'):
                 message, ret = Shared.fpsync_method(live_root, sync_live_root, tmp_dir)
@@ -1554,15 +1461,9 @@ class RepoSync:
                 message, ret = Shared.rsync_method(live_root, sync_live_root)
 
             if ret != 0:
-                self.log.error(
-                        '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                        message
-                )
+                self.log.error(Color.FAIL + message)
             else:
-                self.log.info(
-                        '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                        message
-                )
+                self.log.info(Color.INFO + message)
 
         # Combine all checksums here
         for arch in self.arches:
diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index a9a80fa..6c911b9 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -83,6 +83,7 @@ class IsoBuild:
         self.lorax_result_root = config['mock_work_root'] + "/" + "lorax"
         self.mock_isolation = isolation
         self.iso_map = rlvars['iso_map']
+        self.cloudimages = rlvars['cloudimages']
         self.release_candidate = rc
         self.s3 = s3
         self.force_unpack = force_unpack
@@ -156,6 +157,16 @@ class IsoBuild:
                 "work/isos"
         )
 
+        self.live_work_dir = os.path.join(
+                self.compose_latest_dir,
+                "work/live"
+        )
+
+        self.image_work_dir = os.path.join(
+                self.compose_latest_dir,
+                "work/images"
+        )
+
         self.lorax_work_dir = os.path.join(
                 self.compose_latest_dir,
                 "work/lorax"
@@ -347,16 +358,14 @@ class IsoBuild:
             unpack_single_arch = True
             arches_to_unpack = [self.arch]
 
-        self.log.info(
-                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                'Determining the latest pulls...'
-        )
+        self.log.info(Color.INFO + 'Determining the latest pulls...')
         if self.s3:
             latest_artifacts = Shared.s3_determine_latest(
                     self.s3_bucket,
                     self.release,
                     self.arches,
                     'tar.gz',
+                    'lorax',
                     self.log
             )
         else:
@@ -365,13 +374,11 @@ class IsoBuild:
                     self.release,
                     self.arches,
                     'tar.gz',
+                    'lorax',
                     self.log
             )
 
-        self.log.info(
-                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                'Downloading requested artifact(s)'
-        )
+        self.log.info(Color.INFO + 'Downloading requested artifact(s)')
         for arch in arches_to_unpack:
             lorax_arch_dir = os.path.join(
                 self.lorax_work_dir,
@@ -408,14 +415,8 @@ class IsoBuild:
                         full_drop,
                         self.log
                 )
-        self.log.info(
-                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                'Download phase completed'
-        )
-        self.log.info(
-                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                'Beginning unpack phase...'
-        )
+        self.log.info(Color.INFO + 'Download phase completed')
+        self.log.info(Color.INFO + 'Beginning unpack phase...')
 
         for arch in arches_to_unpack:
             tarname = 'lorax-{}-{}.tar.gz'.format(
@@ -430,22 +431,13 @@ class IsoBuild:
             )
 
             if not os.path.exists(tarball):
-                self.log.error(
-                        '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                        'Artifact does not exist: ' + tarball
-                )
+                self.log.error(Color.FAIL + 'Artifact does not exist: ' + tarball)
                 continue
 
             self._unpack_artifacts(self.force_unpack, arch, tarball)
 
-        self.log.info(
-                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                'Unpack phase completed'
-        )
-        self.log.info(
-                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                'Beginning image variant phase'
-        )
+        self.log.info(Color.INFO + 'Unpack phase completed')
+        self.log.info(Color.INFO + 'Beginning image variant phase')
 
         for arch in arches_to_unpack:
             self.log.info(
@@ -456,15 +448,9 @@ class IsoBuild:
 
             self._copy_boot_to_work(self.force_unpack, arch)
 
-        self.log.info(
-                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                'Image variant phase completed'
-        )
+        self.log.info(Color.INFO + 'Image variant phase completed')
 
-        self.log.info(
-                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                'Beginning treeinfo phase'
-        )
+        self.log.info(Color.INFO + 'Beginning treeinfo phase')
 
         for arch in arches_to_unpack:
             for variant in self.iso_map['images']:
@@ -488,10 +474,7 @@ class IsoBuild:
         if not force_unpack:
             file_check = os.path.join(unpack_dir, 'lorax/.treeinfo')
             if os.path.exists(file_check):
-                self.log.warn(
-                        '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                        'Artifact (' + arch + ') already unpacked'
-                )
+                self.log.warn(Color.WARN + 'Artifact (' + arch + ') already unpacked')
                 return
 
         self.log.info('Unpacking %s' % tarball)
@@ -515,10 +498,7 @@ class IsoBuild:
         )
 
         if not os.path.exists(os.path.join(src_to_image, '.treeinfo')):
-            self.log.error(
-                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                    'Lorax base image does not exist'
-            )
+            self.log.error(Color.FAIL + 'Lorax base image does not exist')
             return
 
         path_to_image = os.path.join(
@@ -530,10 +510,7 @@ class IsoBuild:
         if not force_unpack:
             file_check = os.path.join(path_to_image, '.treeinfo')
             if os.path.exists(file_check):
-                self.log.warn(
-                        '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                        'Lorax image for ' + image + ' already exists'
-                )
+                self.log.warn(Color.WARN + 'Lorax image for ' + image + ' already exists')
                 return
 
         self.log.info('Copying base lorax to %s directory...' % image)
@@ -595,10 +572,7 @@ class IsoBuild:
         if not force_unpack:
             file_check = isobootpath
             if os.path.exists(file_check):
-                self.log.warn(
-                        '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                        'Boot image (' + discname + ') already exists'
-                )
+                self.log.warn(Color.WARN + 'Boot image (' + discname + ') already exists')
                 return
 
         self.log.info('Copying %s boot iso to work directory...' % arch)
@@ -610,10 +584,7 @@ class IsoBuild:
         self.log.info('Creating checksum for %s boot iso...' % arch)
         checksum = Shared.get_checksum(isobootpath, self.checksum, self.log)
         if not checksum:
-            self.log.error(
-                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                    isobootpath + ' not found! Are you sure we copied it?'
-            )
+            self.log.error(Color.FAIL + isobootpath + ' not found! Are you sure we copied it?')
             return
         with open(isobootpath + '.CHECKSUM', "w+") as c:
             c.write(checksum)
@@ -638,8 +609,7 @@ class IsoBuild:
         )
 
         if not os.path.exists(pathway):
-            self.log.error(
-                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+            self.log.error(Color.FAIL +
                     'Repo and Image variant either does NOT match or does ' +
                     'NOT exist. Are you sure you have synced the repository?'
             )
@@ -658,16 +628,10 @@ class IsoBuild:
                 found_files.append('/images/boot.iso')
 
             if len(found_files) > 0:
-                self.log.warn(
-                        '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                        'Images and data for ' + repo + ' and ' + arch + ' already exists.'
-                )
+                self.log.warn(Color.WARN + 'Images and data for ' + repo + ' and ' + arch + ' already exists.')
                 return
 
-        self.log.info(
-                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                'Copying images and data for ' + repo + ' ' + arch
-        )
+        self.log.info(Color.INFO + 'Copying images and data for ' + repo + ' ' + arch)
 
         try:
             shutil.copytree(src_to_image, pathway, copy_function=shutil.copy2, dirs_exist_ok=True)
@@ -727,10 +691,7 @@ class IsoBuild:
         try:
             Shared.treeinfo_modify_write(data, imagemap, self.log)
         except Exception as e:
-            self.log.error(
-                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                    'There was an error writing treeinfo.'
-            )
+            self.log.error(Color.FAIL + 'There was an error writing treeinfo.')
             self.log.error(e)
 
     # Next set of functions are loosely borrowed (in concept) from pungi. Some
@@ -743,26 +704,17 @@ class IsoBuild:
         """
         sync_root = self.compose_latest_sync
 
-        self.log.info(
-                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                'Starting Extra ISOs phase'
-        )
+        self.log.info(Color.INFO + 'Starting Extra ISOs phase')
 
         if not os.path.exists(self.compose_base):
-            self.log.info(
-                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                    'The compose directory MUST be here. Cannot continue.'
-            )
+            self.log.info(Color.FAIL + 'The compose directory MUST be here. Cannot continue.')
             raise SystemExit()
 
         self._extra_iso_build_wrap()
 
         self.log.info('Compose repo directory: %s' % sync_root)
         self.log.info('ISO result directory: %s/$arch' % self.lorax_work_dir)
-        self.log.info(
-                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                'Extra ISO phase completed.'
-        )
+        self.log.info(Color.INFO + 'Extra ISO phase completed.')
 
     def _extra_iso_build_wrap(self):
         """
@@ -784,26 +736,17 @@ class IsoBuild:
 
         for y in images_to_build:
             if 'isoskip' in self.iso_map['images'][y] and self.iso_map['images'][y]['isoskip']:
-                self.log.info(
-                        '[' + Color.BOLD + Color.YELLOW + 'WARN' + Color.END + '] ' +
-                        'Skipping ' + y + ' image'
-                )
+                self.log.info(Color.WARN + 'Skipping ' + y + ' image')
                 continue
 
             for a in arches_to_build:
                 lorax_path = os.path.join(self.lorax_work_dir, a, 'lorax', '.treeinfo')
                 image_path = os.path.join(self.lorax_work_dir, a, y, '.treeinfo')
                 if not os.path.exists(image_path):
-                    self.log.error(
-                            '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                            'Lorax data not found for ' + y + '. Skipping.'
-                    )
+                    self.log.error(Color.FAIL + 'Lorax data not found for ' + y + '. Skipping.')
 
                     if not os.path.exists(lorax_path):
-                        self.log.error(
-                                '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                                'Lorax not found at all. This is considered fatal.'
-                        )
+                        self.log.error(Color.FAIL + 'Lorax not found at all. This is considered fatal.')
 
                     raise SystemExit()
 
@@ -819,10 +762,7 @@ class IsoBuild:
                 elif self.extra_iso_mode == 'podman':
                     continue
                 else:
-                    self.log.info(
-                            '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                            'Mode specified is not valid.'
-                    )
+                    self.log.info(Color.FAIL + 'Mode specified is not valid.')
                     raise SystemExit()
 
         if self.extra_iso_mode == 'podman':
@@ -1053,10 +993,7 @@ class IsoBuild:
 
             join_all_pods = ' '.join(entry_name_list)
             time.sleep(3)
-            self.log.info(
-                    '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                    'Building ' + i + ' ...'
-            )
+            self.log.info(Color.INFO + 'Building ' + i + ' ...')
             pod_watcher = '{} wait {}'.format(
                     cmd,
                     join_all_pods
@@ -1085,9 +1022,7 @@ class IsoBuild:
 
                 output, errors = podcheck.communicate()
                 if 'Exited (0)' not in output.decode():
-                    self.log.error(
-                            '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' + pod
-                    )
+                    self.log.error(Color.FAIL + pod)
                     bad_exit_list.append(pod)
 
             rmcmd = '{} rm {}'.format(
@@ -1106,34 +1041,21 @@ class IsoBuild:
             for p in checksum_list:
                 path = os.path.join(isos_dir, p)
                 if os.path.exists(path):
-                    self.log.info(
-                            '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                            'Performing checksum for ' + p
-                    )
+                    self.log.info(Color.INFO + 'Performing checksum for ' + p)
                     checksum = Shared.get_checksum(path, self.checksum, self.log)
                     if not checksum:
-                        self.log.error(
-                                '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
-                                path + ' not found! Are you sure it was built?'
-                        )
+                        self.log.error(Color.FAIL + path + ' not found! Are you sure it was built?')
                     with open(path + '.CHECKSUM', "w+") as c:
                         c.write(checksum)
                         c.close()
 
-            self.log.info(
-                    '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                    'Building ' + i + ' completed'
-            )
+            self.log.info(Color.INFO + 'Building ' + i + ' completed')
 
             if len(bad_exit_list) == 0:
-                self.log.info(
-                        '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                        'Copying ISOs over to compose directory...'
-                )
-                print()
+                self.log.info(Color.INFO + 'Copying ISOs over to compose directory...')
             else:
                 self.log.error(
-                        '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                        Color.FAIL +
                         'There were issues with the work done. As a result, ' +
                         'the ISOs will not be copied.'
                 )
@@ -1152,17 +1074,14 @@ class IsoBuild:
         lorax_base_dir = os.path.join(self.lorax_work_dir, arch)
         global_work_dir = os.path.join(self.compose_latest_dir, "work/global")
 
-        self.log.info(
-                '[' + Color.BOLD + Color.GREEN + 'INFO' + Color.END + '] ' +
-                'Generating graft points for extra iso: (' + arch + ') ' + iso
-        )
+        self.log.info(Color.INFO + 'Generating graft points for extra iso: (' + arch + ') ' + iso)
         files = {}
         # This is the data we need to actually boot
         lorax_for_var = os.path.join(lorax_base_dir, iso)
 
         if not os.path.exists(lorax_for_var + '/.treeinfo'):
             self.log.info(
-                    '[' + Color.BOLD + Color.RED + 'FAIL' + Color.END + '] ' +
+                    Color.FAIL +
                     '!! .treeinfo is missing, does this variant actually exist? !!'
             )
             return
@@ -1612,6 +1531,64 @@ class IsoBuild:
         returned_cmd = ' '.join(cmd)
         return returned_cmd
 
+    def run_pull_generic_images(self):
+        """
+        Pulls generic images built in peridot and places them where they need
+        to be. This relies on a list called "cloudimages" in the version
+        configuration.
+        """
+        unpack_single_arch = False
+        arches_to_unpack = self.arches
+        if self.arch:
+            unpack_single_arch = True
+            arches_to_unpack = [self.arch]
+
+        for imagename in self.cloudimages:
+            self.log.info(Color.INFO + 'Determining the latest images for ' + imagename + ' ...')
+
+            if self.s3:
+                latest_artifacts = Shared.s3_determine_latest(
+                        self.s3_bucket,
+                        self.release,
+                        self.arches,
+                        'qcow2',
+                        imagename,
+                        self.log
+                )
+
+            else:
+                latest_artifacts = Shared.reqs_determine_latest(
+                        self.s3_bucket_url,
+                        self.release,
+                        self.arches,
+                        'qcow2',
+                        imagename,
+                        self.log
+                )
+
+
+    def run_build_live_iso(self):
+        """
+        Builds DVD images based on the data created from the initial lorax on
+        each arch. This should NOT be called during the usual run() section.
+        """
+        sync_root = self.compose_latest_sync
+
+        self.log.info(Color.INFO + 'Starting Live ISOs phase')
+
+        self._live_iso_build_wrap()
+
+        self.log.info('Compose repo directory: %s' % sync_root)
+        self.log.info('ISO result directory: %s/$arch' % self.lorax_work_dir)
+        self.log.info(Color.INFO + 'Extra ISO phase completed.')
+
+    def _live_iso_build_wrap(self):
+        """
+        Prepare and actually build the live images. Based on arguments in self,
+        we'll either do it on mock in a loop or in podman, just like with the
+        extra iso phase.
+        """
+
 class LiveBuild:
     """
     This helps us build the live images for Rocky Linux.
diff --git a/iso/empanadas/empanadas/util/shared.py b/iso/empanadas/empanadas/util/shared.py
index 77e6346..453e33b 100644
--- a/iso/empanadas/empanadas/util/shared.py
+++ b/iso/empanadas/empanadas/util/shared.py
@@ -513,7 +513,7 @@ class Shared:
         return 'Not available', 1
 
     @staticmethod
-    def s3_determine_latest(s3_bucket, release, arches, filetype, logger):
+    def s3_determine_latest(s3_bucket, release, arches, filetype, name, logger):
         """
         Using native s3, determine the latest artifacts and return a dict
         """
@@ -531,7 +531,7 @@ class Shared:
             raise SystemExit()
 
         for y in s3.list_objects(Bucket=s3_bucket)['Contents']:
-            if filetype in y['Key'] and release in y['Key']:
+            if filetype in y['Key'] and release in y['Key'] and name in y['Key']:
                 temp.append(y['Key'])
 
         for arch in arches:
@@ -569,7 +569,7 @@ class Shared:
             logger.error('There was an issue downloading from %s' % s3_bucket)
 
     @staticmethod
-    def reqs_determine_latest(s3_bucket_url, release, arches, filetype, logger):
+    def reqs_determine_latest(s3_bucket_url, release, arches, filetype, name, logger):
         """
         Using requests, determine the latest artifacts and return a list
         """
@@ -585,7 +585,7 @@ class Shared:
         resp = xmltodict.parse(bucket_data.content)
 
         for y in resp['ListBucketResult']['Contents']:
-            if filetype in y['Key'] and release in y['Key']:
+            if filetype in y['Key'] and release in y['Key'] and name in y['Key']:
                 temp.append(y['Key'])
 
         for arch in arches:

From b54447571b540abcc8d2d3afe76443aceb06cc80 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Tue, 5 Jul 2022 20:42:41 -0700
Subject: [PATCH 55/96] Modify all Configs and add image puller

* Add livemap and imagemap to configs
* Add cloud image puller to iso_utils (part 1)
* Simplify color logging (potential prep for colorlog)
---
 iso/empanadas/empanadas/configs/el9-beta.yaml | 13 ++++++
 iso/empanadas/empanadas/configs/el9.yaml      | 10 +++++
 iso/empanadas/empanadas/configs/el9lh.yaml    | 13 ++++++
 .../empanadas/scripts/pull_cloud_image.py     | 33 +++++++++++++++
 iso/empanadas/empanadas/util/iso_utils.py     | 41 +++++++++++++++++++
 iso/empanadas/empanadas/util/shared.py        |  6 ++-
 iso/empanadas/pyproject.toml                  |  1 +
 7 files changed, 115 insertions(+), 2 deletions(-)
 create mode 100755 iso/empanadas/empanadas/scripts/pull_cloud_image.py

diff --git a/iso/empanadas/empanadas/configs/el9-beta.yaml b/iso/empanadas/empanadas/configs/el9-beta.yaml
index 19d6cd5..9d748eb 100644
--- a/iso/empanadas/empanadas/configs/el9-beta.yaml
+++ b/iso/empanadas/empanadas/configs/el9-beta.yaml
@@ -72,6 +72,19 @@
         - 'lorax-templates-rhel'
         - 'lorax-templates-generic'
         - 'xorriso'
+  cloudimages:
+    - EC2
+    - GenericCloud
+  livemap:
+    git_repo: 'https://git.resf.org/sig_core/kickstarts.git'
+    branch: 'r9'
+    ksentry:
+      - rocky-live-workstation.ks
+      - rocky-live-workstation-lite.ks
+      - rocky-live-xfce.ks
+      - rocky-live-kde.ks
+    allowed_arches:
+      - x86_64
   repoclosure_map:
     arches:
       x86_64: '--forcearch=x86_64 --arch=x86_64 --arch=athlon --arch=i686 --arch=i586 --arch=i486 --arch=i386 --arch=noarch'
diff --git a/iso/empanadas/empanadas/configs/el9.yaml b/iso/empanadas/empanadas/configs/el9.yaml
index e53f851..84d5198 100644
--- a/iso/empanadas/empanadas/configs/el9.yaml
+++ b/iso/empanadas/empanadas/configs/el9.yaml
@@ -75,6 +75,16 @@
   cloudimages:
     - EC2
     - GenericCloud
+  livemap:
+    git_repo: 'https://git.resf.org/sig_core/kickstarts.git'
+    branch: 'r9-beta'
+    ksentry:
+      - rocky-live-workstation.ks
+      - rocky-live-workstation-lite.ks
+      - rocky-live-xfce.ks
+      - rocky-live-kde.ks
+    allowed_arches:
+      - x86_64
   repoclosure_map:
     arches:
       x86_64: '--forcearch=x86_64 --arch=x86_64 --arch=athlon --arch=i686 --arch=i586 --arch=i486 --arch=i386 --arch=noarch'
diff --git a/iso/empanadas/empanadas/configs/el9lh.yaml b/iso/empanadas/empanadas/configs/el9lh.yaml
index 4176f66..14ceafb 100644
--- a/iso/empanadas/empanadas/configs/el9lh.yaml
+++ b/iso/empanadas/empanadas/configs/el9lh.yaml
@@ -72,6 +72,19 @@
         - 'lorax-templates-rhel'
         - 'lorax-templates-generic'
         - 'xorriso'
+  cloudimages:
+    - EC2
+    - GenericCloud
+  livemap:
+    git_repo: 'https://git.resf.org/sig_core/kickstarts.git'
+    branch: 'r9lh'
+    ksentry:
+      - rocky-live-workstation.ks
+      - rocky-live-workstation-lite.ks
+      - rocky-live-xfce.ks
+      - rocky-live-kde.ks
+    allowed_arches:
+      - x86_64
   repoclosure_map:
     arches:
       x86_64: '--forcearch=x86_64 --arch=x86_64 --arch=athlon --arch=i686 --arch=i586 --arch=i486 --arch=i386 --arch=noarch'
diff --git a/iso/empanadas/empanadas/scripts/pull_cloud_image.py b/iso/empanadas/empanadas/scripts/pull_cloud_image.py
new file mode 100755
index 0000000..4e175de
--- /dev/null
+++ b/iso/empanadas/empanadas/scripts/pull_cloud_image.py
@@ -0,0 +1,33 @@
+# builds ISO's
+
+import argparse
+
+from empanadas.common import *
+from empanadas.util import Checks
+from empanadas.util import IsoBuild
+
+parser = argparse.ArgumentParser(description="ISO Artifact Builder")
+
+parser.add_argument('--release', type=str, help="Major Release Version", required=True)
+parser.add_argument('--s3', action='store_true', help="Release Candidate")
+parser.add_argument('--arch', type=str, help="Architecture")
+parser.add_argument('--local-compose', action='store_true', help="Compose Directory is Here")
+parser.add_argument('--force-download', action='store_true', help="Force a download")
+parser.add_argument('--logger', type=str)
+results = parser.parse_args()
+rlvars = rldict[results.release]
+major = rlvars['major']
+
+a = IsoBuild(
+        rlvars,
+        config,
+        major=major,
+        s3=results.s3,
+        arch=results.arch,
+        force_download=results.force_download,
+        compose_dir_is_here=results.local_compose,
+        logger=results.logger,
+)
+
+def run():
+    a.run_pull_generic_images()
diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index 6c911b9..ff91d99 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -1566,6 +1566,47 @@ class IsoBuild:
                         self.log
                 )
 
+            if not len(latest_artifacts) > 0:
+                self.log.warn(Color.WARN + 'No images found.')
+                continue
+
+            self.log.info(Color.INFO + 'Downloading requested artifacts')
+            for arch in arches_to_unpack:
+                image_arch_dir = os.path.join(
+                        self.image_work_dir,
+                        arch
+                )
+
+                source_path = latest_artifacts[arch]
+                drop_name = source_path.split('/')[-1]
+                full_drop = '{}/{}'.format(
+                        image_arch_dir,
+                        drop_name
+                )
+
+                if not os.path.exists(image_arch_dir):
+                    os.makedirs(image_arch_dir, exist_ok=True)
+
+                self.log.info('Downloading artifact for ' + Color.BOLD + arch + Color.END)
+                if self.s3:
+                    Shared.s3_download_artifacts(
+                            self.force_download,
+                            self.s3_bucket,
+                            source_path,
+                            full_drop,
+                            self.log
+                    )
+                else:
+                    Shared.reqs_download_artifacts(
+                            self.force_download,
+                            self.s3_bucket_url,
+                            source_path,
+                            full_drop,
+                            self.log
+                    )
+
+        self.log.info(Color.INFO + 'Image download phase completed')
+
 
     def run_build_live_iso(self):
         """
diff --git a/iso/empanadas/empanadas/util/shared.py b/iso/empanadas/empanadas/util/shared.py
index 453e33b..191c4b4 100644
--- a/iso/empanadas/empanadas/util/shared.py
+++ b/iso/empanadas/empanadas/util/shared.py
@@ -540,7 +540,8 @@ class Shared:
                 if arch in y:
                     temps.append(y)
             temps.sort(reverse=True)
-            data[arch] = temps[0]
+            if len(temps) > 0:
+                data[arch] = temps[0]
 
         return data
 
@@ -594,7 +595,8 @@ class Shared:
                 if arch in y:
                     temps.append(y)
             temps.sort(reverse=True)
-            data[arch] = temps[0]
+            if len(temps) > 0:
+                data[arch] = temps[0]
 
         return data
 
diff --git a/iso/empanadas/pyproject.toml b/iso/empanadas/pyproject.toml
index b4fa53a..17cca04 100644
--- a/iso/empanadas/pyproject.toml
+++ b/iso/empanadas/pyproject.toml
@@ -31,6 +31,7 @@ pull-unpack-tree = "empanadas.scripts.pull_unpack_tree:run"
 launch-builds = "empanadas.scripts.launch_builds:run"
 build-image = "empanadas.scripts.build_image:run"
 finalize_compose = "empanadas.scripts.finalize_compose:run"
+pull-cloud-image = "empanadas.scripts.pull_cloud_image:run"
 
 [build-system]
 requires = ["poetry-core>=1.0.0"]

From 73f08780d957825b3e5d9cc6de758e8969a60646 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Wed, 6 Jul 2022 07:44:37 -0700
Subject: [PATCH 56/96] correct comments, fix livemap configs

---
 iso/empanadas/empanadas/configs/el9-beta.yaml | 10 +++---
 iso/empanadas/empanadas/configs/el9.yaml      | 10 +++---
 iso/empanadas/empanadas/configs/el9lh.yaml    |  8 ++---
 .../empanadas/scripts/build_iso_live.py       | 35 +++++++++++++++++++
 iso/empanadas/empanadas/util/iso_utils.py     |  8 +++--
 5 files changed, 54 insertions(+), 17 deletions(-)
 create mode 100755 iso/empanadas/empanadas/scripts/build_iso_live.py

diff --git a/iso/empanadas/empanadas/configs/el9-beta.yaml b/iso/empanadas/empanadas/configs/el9-beta.yaml
index 9d748eb..4233da6 100644
--- a/iso/empanadas/empanadas/configs/el9-beta.yaml
+++ b/iso/empanadas/empanadas/configs/el9-beta.yaml
@@ -77,12 +77,12 @@
     - GenericCloud
   livemap:
     git_repo: 'https://git.resf.org/sig_core/kickstarts.git'
-    branch: 'r9'
+    branch: 'r9-beta'
     ksentry:
-      - rocky-live-workstation.ks
-      - rocky-live-workstation-lite.ks
-      - rocky-live-xfce.ks
-      - rocky-live-kde.ks
+      Workstation: rocky-live-workstation.ks
+      Workstation-Lite: rocky-live-workstation-lite.ks
+      XFCE: rocky-live-xfce.ks
+      KDE: rocky-live-kde.ks
     allowed_arches:
       - x86_64
   repoclosure_map:
diff --git a/iso/empanadas/empanadas/configs/el9.yaml b/iso/empanadas/empanadas/configs/el9.yaml
index 84d5198..97e6e96 100644
--- a/iso/empanadas/empanadas/configs/el9.yaml
+++ b/iso/empanadas/empanadas/configs/el9.yaml
@@ -77,12 +77,12 @@
     - GenericCloud
   livemap:
     git_repo: 'https://git.resf.org/sig_core/kickstarts.git'
-    branch: 'r9-beta'
+    branch: 'r9'
     ksentry:
-      - rocky-live-workstation.ks
-      - rocky-live-workstation-lite.ks
-      - rocky-live-xfce.ks
-      - rocky-live-kde.ks
+      Workstation: rocky-live-workstation.ks
+      Workstation-Lite: rocky-live-workstation-lite.ks
+      XFCE: rocky-live-xfce.ks
+      KDE: rocky-live-kde.ks
     allowed_arches:
       - x86_64
   repoclosure_map:
diff --git a/iso/empanadas/empanadas/configs/el9lh.yaml b/iso/empanadas/empanadas/configs/el9lh.yaml
index 14ceafb..680d2d5 100644
--- a/iso/empanadas/empanadas/configs/el9lh.yaml
+++ b/iso/empanadas/empanadas/configs/el9lh.yaml
@@ -79,10 +79,10 @@
     git_repo: 'https://git.resf.org/sig_core/kickstarts.git'
     branch: 'r9lh'
     ksentry:
-      - rocky-live-workstation.ks
-      - rocky-live-workstation-lite.ks
-      - rocky-live-xfce.ks
-      - rocky-live-kde.ks
+      Workstation: rocky-live-workstation.ks
+      Workstation-Lite: rocky-live-workstation-lite.ks
+      XFCE: rocky-live-xfce.ks
+      KDE: rocky-live-kde.ks
     allowed_arches:
       - x86_64
   repoclosure_map:
diff --git a/iso/empanadas/empanadas/scripts/build_iso_live.py b/iso/empanadas/empanadas/scripts/build_iso_live.py
new file mode 100755
index 0000000..de979e5
--- /dev/null
+++ b/iso/empanadas/empanadas/scripts/build_iso_live.py
@@ -0,0 +1,35 @@
+# builds ISO's
+
+import argparse
+
+from empanadas.common import *
+from empanadas.util import Checks
+from empanadas.util import IsoBuild
+
+parser = argparse.ArgumentParser(description="Live ISO Compose")
+
+parser.add_argument('--release', type=str, help="Major Release Version or major-type (eg 9-beta)", required=True)
+parser.add_argument('--arch', type=str, help="Architecture")
+parser.add_argument('--isolation', type=str, help="Mock Isolation")
+parser.add_argument('--local-compose', action='store_true', help="Compose Directory is Here")
+parser.add_argument('--image', action='store_true', help="Compose Directory is Here")
+parser.add_argument('--logger', type=str)
+parser.add_argument('--live-iso-mode', type=str, default='local')
+results = parser.parse_args()
+rlvars = rldict[results.release]
+major = rlvars['major']
+
+a = IsoBuild(
+        rlvars,
+        config,
+        major=major,
+        arch=results.arch,
+        isolation=results.isolation,
+        extra_iso_mode=results.live_iso_mode,
+        image=results.image,
+        compose_dir_is_here=results.local_compose,
+        logger=results.logger
+)
+
+def run():
+    a.run_build_extra_iso()
diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index ff91d99..bdb6cac 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -42,9 +42,8 @@ class IsoBuild:
     This helps us build the generic ISO's for a Rocky Linux release. In
     particular, this is for the boot images.
 
-    While there is a function for building the DVD and live images, this not
-    the main design of this class. The other functions can be called on their
-    own to facilitate those particular builds.
+    There are functions to build the DVD (and potentially other) images. Each
+    particular build or process starts with "run" in their name.
     """
     def __init__(
             self,
@@ -83,6 +82,7 @@ class IsoBuild:
         self.lorax_result_root = config['mock_work_root'] + "/" + "lorax"
         self.mock_isolation = isolation
         self.iso_map = rlvars['iso_map']
+        self.livemap = rlvars['livemap']
         self.cloudimages = rlvars['cloudimages']
         self.release_candidate = rc
         self.s3 = s3
@@ -1617,6 +1617,8 @@ class IsoBuild:
 
         self.log.info(Color.INFO + 'Starting Live ISOs phase')
 
+        # Check that the arch we've assigned is valid...
+
         self._live_iso_build_wrap()
 
         self.log.info('Compose repo directory: %s' % sync_root)

From d482019ca5094bf324fe72d5ce2e1f1b79f9b329 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Wed, 6 Jul 2022 23:23:07 -0700
Subject: [PATCH 57/96] turn off all repos in container

---
 iso/empanadas/empanadas/configs/el8.yaml      |  95 +++++++--------
 iso/empanadas/empanadas/configs/el9-beta.yaml |   8 +-
 iso/empanadas/empanadas/configs/el9.yaml      |  10 +-
 iso/empanadas/empanadas/configs/el9lh.yaml    |   8 +-
 .../empanadas/templates/reposync.tmpl         |   1 +
 iso/empanadas/empanadas/util/iso_utils.py     | 108 +++++++++---------
 6 files changed, 127 insertions(+), 103 deletions(-)

diff --git a/iso/empanadas/empanadas/configs/el8.yaml b/iso/empanadas/empanadas/configs/el8.yaml
index eb80aff..b04ec82 100644
--- a/iso/empanadas/empanadas/configs/el8.yaml
+++ b/iso/empanadas/empanadas/configs/el8.yaml
@@ -44,64 +44,69 @@
   has_modules:
     - 'AppStream'
     - 'PowerTools'
-  iso_map:
-    hosts:
-      x86_64: ''
-      aarch64: ''
-      ppc64le: ''
-      s390x: ''
-    images:
-      - dvd1
-      - minimal
-      - boot
-    repos:
-      - 'BaseOS'
-      - 'AppStream'
-    variant: 'BaseOS'
-    lorax_removes:
-      - 'libreport-rhel-anaconda-bugzilla'
-    required_packages:
-      - 'lorax'
-      - 'genisoimage'
-      - 'isomd5sum'
-      - 'lorax-templates-rhel'
-      - 'lorax-templates-generic'
   structure:
     packages: 'os/Packages'
     repodata: 'os/repodata'
   iso_map:
     xorrisofs: False
     iso_level: False
-    hosts:
-      x86_64: ''
-      aarch64: ''
     images:
       dvd:
+        disc: True
+        variant: 'AppStream'
         repos:
           - 'BaseOS'
           - 'AppStream'
-    lorax_variants:
-      - dvd
-      - minimal
-      - BaseOS
-    repos:
-      - 'BaseOS'
-      - 'AppStream'
-    variant: 'BaseOS'
-    lorax_removes:
-      - 'libreport-rhel-anaconda-bugzilla'
-    required_pkgs:
-      - 'lorax'
-      - 'genisoimage'
-      - 'isomd5sum'
-      - 'lorax-templates-rhel'
-      - 'lorax-templates-generic'
+      minimal:
+        disc: True
+        isoskip: True
+        repos:
+          - 'minimal'
+        variant: 'minimal'
+      BaseOS:
+        disc: False
+        isoskip: True
+        variant: 'BaseOS'
+        repos:
+          - 'BaseOS'
+          - 'AppStream'
+    lorax:
+      repos:
+        - 'BaseOS'
+        - 'AppStream'
+      variant: 'BaseOS'
+      lorax_removes:
+        - 'libreport-rhel-anaconda-bugzilla'
+      required_pkgs:
+        - 'lorax'
+        - 'genisoimage'
+        - 'isomd5sum'
+        - 'lorax-templates-rhel'
+        - 'lorax-templates-generic'
+        - 'xorriso'
+  cloudimages:
+    images:
+      - EC2
+      - GenericCloud
+    formats:
+      - qcow2
+      - raw
+  livemap:
+    git_repo: 'https://git.resf.org/sig_core/kickstarts.git'
+    branch: 'r9'
+    ksentry:
+      Workstation: rocky-live-workstation.ks
+      Workstation-Lite: rocky-live-workstation-lite.ks
+      XFCE: rocky-live-xfce.ks
+      KDE: rocky-live-kde.ks
+    allowed_arches:
+      - x86_64
   repoclosure_map:
     arches:
-      x86_64: '--arch=x86_64 --arch=athlon --arch=i686 --arch=i586 --arch=i486 --arch=i386 --arch=noarch'
-      aarch64: '--arch=aarch64 --arch=noarch'
-      ppc64le: '--arch=ppc64le --arch=noarch'
-      s390x: '--arch=s390x --arch=noarch'
+      x86_64: '--forcearch=x86_64 --arch=x86_64 --arch=athlon --arch=i686 --arch=i586 --arch=i486 --arch=i386 --arch=noarch'
+      aarch64: '--forcearch=aarch64 --arch=aarch64 --arch=noarch'
+      ppc64le: '--forcearch=ppc64le --arch=ppc64le --arch=noarch'
+      s390x: '--forcearch=s390x --arch=s390x --arch=noarch'
     repos:
       BaseOS: []
       AppStream:
diff --git a/iso/empanadas/empanadas/configs/el9-beta.yaml b/iso/empanadas/empanadas/configs/el9-beta.yaml
index 4233da6..f503485 100644
--- a/iso/empanadas/empanadas/configs/el9-beta.yaml
+++ b/iso/empanadas/empanadas/configs/el9-beta.yaml
@@ -73,8 +73,12 @@
         - 'lorax-templates-generic'
         - 'xorriso'
   cloudimages:
-    - EC2
-    - GenericCloud
+    images:
+      - EC2
+      - GenericCloud
+    formats:
+      - qcow2
+      - raw
   livemap:
     git_repo: 'https://git.resf.org/sig_core/kickstarts.git'
     branch: 'r9-beta'
diff --git a/iso/empanadas/empanadas/configs/el9.yaml b/iso/empanadas/empanadas/configs/el9.yaml
index 97e6e96..b14dcc6 100644
--- a/iso/empanadas/empanadas/configs/el9.yaml
+++ b/iso/empanadas/empanadas/configs/el9.yaml
@@ -2,7 +2,7 @@
 '9':
   fullname: 'Rocky Linux 9.0'
   revision: '9.0'
-  rclvl: 'RC2'
+  rclvl: 'RC3'
   major: '9'
   minor: '0'
   profile: '9'
@@ -73,8 +73,12 @@
         - 'lorax-templates-generic'
         - 'xorriso'
   cloudimages:
-    - EC2
-    - GenericCloud
+    images:
+      - EC2
+      - GenericCloud
+    formats:
+      - qcow2
+      - raw
   livemap:
     git_repo: 'https://git.resf.org/sig_core/kickstarts.git'
     branch: 'r9'
diff --git a/iso/empanadas/empanadas/configs/el9lh.yaml b/iso/empanadas/empanadas/configs/el9lh.yaml
index 680d2d5..390da9e 100644
--- a/iso/empanadas/empanadas/configs/el9lh.yaml
+++ b/iso/empanadas/empanadas/configs/el9lh.yaml
@@ -73,8 +73,12 @@
         - 'lorax-templates-generic'
         - 'xorriso'
   cloudimages:
-    - EC2
-    - GenericCloud
+    images:
+      - EC2
+      - GenericCloud
+    formats:
+      - qcow2
+      - raw
   livemap:
     git_repo: 'https://git.resf.org/sig_core/kickstarts.git'
     branch: 'r9lh'
diff --git a/iso/empanadas/empanadas/templates/reposync.tmpl b/iso/empanadas/empanadas/templates/reposync.tmpl
index 22f71b4..195ab24 100644
--- a/iso/empanadas/empanadas/templates/reposync.tmpl
+++ b/iso/empanadas/empanadas/templates/reposync.tmpl
@@ -1,5 +1,6 @@
 #!/bin/bash
 set -o pipefail
+sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/*.repo
 {{ import_gpg_cmd }} | tee -a {{ sync_log }}
 {{ arch_force_cp }} | tee -a {{ sync_log }}
 {{ dnf_plugin_cmd }} | tee -a {{ sync_log }}
diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index bdb6cac..025381e 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -1543,68 +1543,74 @@ class IsoBuild:
             unpack_single_arch = True
             arches_to_unpack = [self.arch]
 
-        for imagename in self.cloudimages:
+        for imagename in self.cloudimages['images']:
             self.log.info(Color.INFO + 'Determining the latest images for ' + imagename + ' ...')
 
-            if self.s3:
-                latest_artifacts = Shared.s3_determine_latest(
-                        self.s3_bucket,
-                        self.release,
-                        self.arches,
-                        'qcow2',
-                        imagename,
-                        self.log
-                )
-
-            else:
-                latest_artifacts = Shared.reqs_determine_latest(
-                        self.s3_bucket_url,
-                        self.release,
-                        self.arches,
-                        'qcow2',
-                        imagename,
-                        self.log
-                )
-
-            if not len(latest_artifacts) > 0:
-                self.log.warn(Color.WARN + 'No images found.')
-                continue
-
-            self.log.info(Color.INFO + 'Downloading requested artifacts')
-            for arch in arches_to_unpack:
-                image_arch_dir = os.path.join(
-                        self.image_work_dir,
-                        arch
-                )
-
-                source_path = latest_artifacts[arch]
-                drop_name = source_path.split('/')[-1]
-                full_drop = '{}/{}'.format(
-                        image_arch_dir,
-                        drop_name
-                )
-
-                if not os.path.exists(image_arch_dir):
-                    os.makedirs(image_arch_dir, exist_ok=True)
-
-                self.log.info('Downloading artifact for ' + Color.BOLD + arch + Color.END)
+            for formattype in self.cloudimages['formats']:
                 if self.s3:
-                    Shared.s3_download_artifacts(
-                            self.force_download,
+                    latest_artifacts = Shared.s3_determine_latest(
                             self.s3_bucket,
-                            source_path,
-                            full_drop,
+                            self.release,
+                            self.arches,
+                            formattype,
+                            imagename,
                             self.log
                     )
+
                 else:
-                    Shared.reqs_download_artifacts(
-                            self.force_download,
+                    latest_artifacts = Shared.reqs_determine_latest(
                             self.s3_bucket_url,
-                            source_path,
-                            full_drop,
+                            self.release,
+                            self.arches,
+                            formattype,
+                            imagename,
                             self.log
                     )
 
+                if not len(latest_artifacts) > 0:
+                    self.log.warn(Color.WARN + 'No images found.')
+                    continue
+
+                self.log.info(Color.INFO + 'Attempting to download requested artifacts')
+                for arch in arches_to_unpack:
+                    image_arch_dir = os.path.join(
+                            self.image_work_dir,
+                            arch
+                    )
+
+                    if arch not in latest_artifacts.keys():
+                        self.log.warn(Color.WARN + 'Artifact for ' + imagename +
+                                ' ' + arch + ' (' + formattype + ') does not exist.')
+                        continue
+
+                    source_path = latest_artifacts[arch]
+                    drop_name = source_path.split('/')[-1]
+                    full_drop = '{}/{}'.format(
+                            image_arch_dir,
+                            drop_name
+                    )
+
+                    if not os.path.exists(image_arch_dir):
+                        os.makedirs(image_arch_dir, exist_ok=True)
+
+                    self.log.info('Downloading artifact for ' + Color.BOLD + arch + Color.END)
+                    if self.s3:
+                        Shared.s3_download_artifacts(
+                                self.force_download,
+                                self.s3_bucket,
+                                source_path,
+                                full_drop,
+                                self.log
+                        )
+                    else:
+                        Shared.reqs_download_artifacts(
+                                self.force_download,
+                                self.s3_bucket_url,
+                                source_path,
+                                full_drop,
+                                self.log
+                        )
+
         self.log.info(Color.INFO + 'Image download phase completed')
 
 

From 22184f30a4b66ad4439f2e9a6a293fe829040ff3 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Wed, 6 Jul 2022 23:29:02 -0700
Subject: [PATCH 58/96] put sed in right spot

---
 iso/empanadas/empanadas/templates/reposync.tmpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/iso/empanadas/empanadas/templates/reposync.tmpl b/iso/empanadas/empanadas/templates/reposync.tmpl
index 195ab24..5fb3740 100644
--- a/iso/empanadas/empanadas/templates/reposync.tmpl
+++ b/iso/empanadas/empanadas/templates/reposync.tmpl
@@ -1,9 +1,9 @@
 #!/bin/bash
 set -o pipefail
-sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/*.repo
 {{ import_gpg_cmd }} | tee -a {{ sync_log }}
 {{ arch_force_cp }} | tee -a {{ sync_log }}
 {{ dnf_plugin_cmd }} | tee -a {{ sync_log }}
+sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/*.repo
 {{ sync_cmd }} | tee -a {{ sync_log }}
 
 # {{ check_cmd }} | tee -a {{ sync_log }}

From e9e37384ae4ac5e436539bca1fb380705b97e2f4 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Wed, 6 Jul 2022 23:41:28 -0700
Subject: [PATCH 59/96] undo config name

---
 iso/empanadas/empanadas/templates/reposync-src.tmpl | 1 +
 iso/empanadas/empanadas/util/dnf_utils.py           | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/iso/empanadas/empanadas/templates/reposync-src.tmpl b/iso/empanadas/empanadas/templates/reposync-src.tmpl
index 88836a3..7f901a9 100644
--- a/iso/empanadas/empanadas/templates/reposync-src.tmpl
+++ b/iso/empanadas/empanadas/templates/reposync-src.tmpl
@@ -2,6 +2,7 @@
 set -o pipefail
 {{ import_gpg_cmd }} | tee -a {{ sync_log }}
 {{ dnf_plugin_cmd }} | tee -a {{ sync_log }}
+sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/*.repo
 {{ sync_cmd }} | tee -a {{ sync_log }}
 
 # {{ check_cmd  }} | tee -a {{ sync_log }}
diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 191fa16..20c2cbf 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -661,7 +661,7 @@ class RepoSync:
         """
         fname = os.path.join(
                 dest_path,
-                "{}-{}-config.repo".format(self.shortname, self.major_version)
+                "{}-config.repo".format(self.major_version)
         )
         self.log.info('Generating the repo configuration: %s' % fname)
 

From 8f9f2646b7011e00692882d936a2448073ad5595 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Wed, 6 Jul 2022 23:56:19 -0700
Subject: [PATCH 60/96] revert config and add repo name check

---
 iso/empanadas/empanadas/util/dnf_utils.py | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 20c2cbf..8b70430 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -100,6 +100,12 @@ class RepoSync:
         self.gpgkey = gpgkey
         self.checksum = rlvars['checksum']
 
+        # The repo name should be valid
+        if self.repo is not None:
+            if self.repo not in self.repos:
+                self.log.error(Color.FAIL + 'Invalid repository: ' + self.repo)
+                raise SystemExit()
+
         self.compose_id = '{}-{}-{}'.format(
                 config['shortname'],
                 rlvars['revision'],
@@ -661,7 +667,7 @@ class RepoSync:
         """
         fname = os.path.join(
                 dest_path,
-                "{}-config.repo".format(self.major_version)
+                "{}-{}-config.repo".format(self.shortname, self.major_version)
         )
         self.log.info('Generating the repo configuration: %s' % fname)
 

From 343fe053d951d0d9d81472904c627e88721f64aa Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Wed, 6 Jul 2022 23:57:38 -0700
Subject: [PATCH 61/96] logging wasn't ready

---
 iso/empanadas/empanadas/util/dnf_utils.py | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 8b70430..8bede72 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -100,12 +100,6 @@ class RepoSync:
         self.gpgkey = gpgkey
         self.checksum = rlvars['checksum']
 
-        # The repo name should be valid
-        if self.repo is not None:
-            if self.repo not in self.repos:
-                self.log.error(Color.FAIL + 'Invalid repository: ' + self.repo)
-                raise SystemExit()
-
         self.compose_id = '{}-{}-{}'.format(
                 config['shortname'],
                 rlvars['revision'],
@@ -172,6 +166,11 @@ class RepoSync:
         self.log.info(self.revision)
         self.dnf_config = self.generate_conf()
 
+        # The repo name should be valid
+        if self.repo is not None:
+            if self.repo not in self.repos:
+                self.log.error(Color.FAIL + 'Invalid repository: ' + self.repo)
+                raise SystemExit()
 
     def run(self):
         """

From 6880403c3811b330a3dd5edaad1940aa2434e3b0 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Thu, 7 Jul 2022 00:32:42 -0700
Subject: [PATCH 62/96] Revert back to RC2, there isn't an RC3

I really don't know why I switched it to RC3. Was it reflex? Was it my
inability to sleep? You be the judge.
---
 iso/empanadas/empanadas/configs/el9.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/iso/empanadas/empanadas/configs/el9.yaml b/iso/empanadas/empanadas/configs/el9.yaml
index b14dcc6..ed62bd2 100644
--- a/iso/empanadas/empanadas/configs/el9.yaml
+++ b/iso/empanadas/empanadas/configs/el9.yaml
@@ -2,7 +2,7 @@
 '9':
   fullname: 'Rocky Linux 9.0'
   revision: '9.0'
-  rclvl: 'RC3'
+  rclvl: 'RC2'
   major: '9'
   minor: '0'
   profile: '9'

From aaa89c74a47552f2a6d3c5ead1149587cda523ed Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Fri, 8 Jul 2022 01:43:30 -0700
Subject: [PATCH 63/96] begin live build configuration and move funcs to shared

---
 iso/empanadas/empanadas/configs/el8.yaml      |   5 +
 iso/empanadas/empanadas/configs/el9-beta.yaml |   5 +
 iso/empanadas/empanadas/configs/el9.yaml      |   5 +
 iso/empanadas/empanadas/configs/el9lh.yaml    |   5 +
 iso/empanadas/empanadas/configs/rln.yaml      |  28 +-
 .../empanadas/scripts/build_iso_live.py       |  12 +-
 .../empanadas/scripts/build_iso_live_test.py  |  34 ++
 .../templates/buildLiveImage.tmpl.sh          |  15 +
 iso/empanadas/empanadas/util/iso_utils.py     | 420 ++++++++----------
 iso/empanadas/empanadas/util/shared.py        | 253 ++++++++++-
 iso/empanadas/pyproject.toml                  |   1 +
 11 files changed, 534 insertions(+), 249 deletions(-)
 create mode 100755 iso/empanadas/empanadas/scripts/build_iso_live_test.py
 create mode 100644 iso/empanadas/empanadas/templates/buildLiveImage.tmpl.sh

diff --git a/iso/empanadas/empanadas/configs/el8.yaml b/iso/empanadas/empanadas/configs/el8.yaml
index b04ec82..85e7c0a 100644
--- a/iso/empanadas/empanadas/configs/el8.yaml
+++ b/iso/empanadas/empanadas/configs/el8.yaml
@@ -101,6 +101,11 @@
       KDE: rocky-live-kde.ks
     allowed_arches:
       - x86_64
+    required_pkgs:
+      - 'lorax-lmc-novirt'
+      - 'vim-minimal'
+      - 'pykickstart'
+      - 'git'
   repoclosure_map:
     arches:
       x86_64: '--forcearch=x86_64 --arch=x86_64 --arch=athlon --arch=i686 --arch=i586 --arch=i486 --arch=i386 --arch=noarch'
diff --git a/iso/empanadas/empanadas/configs/el9-beta.yaml b/iso/empanadas/empanadas/configs/el9-beta.yaml
index f503485..67b9b6d 100644
--- a/iso/empanadas/empanadas/configs/el9-beta.yaml
+++ b/iso/empanadas/empanadas/configs/el9-beta.yaml
@@ -89,6 +89,11 @@
       KDE: rocky-live-kde.ks
     allowed_arches:
       - x86_64
+    required_pkgs:
+      - 'lorax-lmc-novirt'
+      - 'vim-minimal'
+      - 'pykickstart'
+      - 'git'
   repoclosure_map:
     arches:
       x86_64: '--forcearch=x86_64 --arch=x86_64 --arch=athlon --arch=i686 --arch=i586 --arch=i486 --arch=i386 --arch=noarch'
diff --git a/iso/empanadas/empanadas/configs/el9.yaml b/iso/empanadas/empanadas/configs/el9.yaml
index ed62bd2..0e42697 100644
--- a/iso/empanadas/empanadas/configs/el9.yaml
+++ b/iso/empanadas/empanadas/configs/el9.yaml
@@ -89,6 +89,11 @@
       KDE: rocky-live-kde.ks
     allowed_arches:
       - x86_64
+    required_pkgs:
+      - 'lorax-lmc-novirt'
+      - 'vim-minimal'
+      - 'pykickstart'
+      - 'git'
   repoclosure_map:
     arches:
       x86_64: '--forcearch=x86_64 --arch=x86_64 --arch=athlon --arch=i686 --arch=i586 --arch=i486 --arch=i386 --arch=noarch'
diff --git a/iso/empanadas/empanadas/configs/el9lh.yaml b/iso/empanadas/empanadas/configs/el9lh.yaml
index 390da9e..817b033 100644
--- a/iso/empanadas/empanadas/configs/el9lh.yaml
+++ b/iso/empanadas/empanadas/configs/el9lh.yaml
@@ -89,6 +89,11 @@
       KDE: rocky-live-kde.ks
     allowed_arches:
       - x86_64
+    required_pkgs:
+      - 'lorax-lmc-novirt'
+      - 'vim-minimal'
+      - 'pykickstart'
+      - 'git'
   repoclosure_map:
     arches:
       x86_64: '--forcearch=x86_64 --arch=x86_64 --arch=athlon --arch=i686 --arch=i586 --arch=i486 --arch=i386 --arch=noarch'
diff --git a/iso/empanadas/empanadas/configs/rln.yaml b/iso/empanadas/empanadas/configs/rln.yaml
index 7544ce4..22b0578 100644
--- a/iso/empanadas/empanadas/configs/rln.yaml
+++ b/iso/empanadas/empanadas/configs/rln.yaml
@@ -40,18 +40,19 @@
     iso_level: False
     images:
       dvd:
-        discnum: '1'
+        disc: True
         variant: 'AppStream'
         repos:
           - 'BaseOS'
           - 'AppStream'
       minimal:
-        discnum: '1'
+        disc: True
         isoskip: True
         repos:
           - 'minimal'
         variant: 'minimal'
       BaseOS:
+        disc: False
         isoskip: True
         variant: 'BaseOS'
         repos:
@@ -66,10 +67,33 @@
         - 'libreport-rhel-anaconda-bugzilla'
       required_pkgs:
         - 'lorax'
+        - 'genisoimage'
         - 'isomd5sum'
         - 'lorax-templates-rhel'
         - 'lorax-templates-generic'
         - 'xorriso'
+  cloudimages:
+    images:
+      - EC2
+      - GenericCloud
+    formats:
+      - qcow2
+      - raw
+  livemap:
+    git_repo: 'https://git.resf.org/sig_core/kickstarts.git'
+    branch: 'rln'
+    ksentry:
+      Workstation: rocky-live-workstation.ks
+      Workstation-Lite: rocky-live-workstation-lite.ks
+      XFCE: rocky-live-xfce.ks
+      KDE: rocky-live-kde.ks
+    allowed_arches:
+      - x86_64
+    required_pkgs:
+      - 'lorax-lmc-novirt'
+      - 'vim-minimal'
+      - 'pykickstart'
+      - 'git'
   repoclosure_map:
     arches:
       x86_64: '--forcearch=x86_64 --arch=x86_64 --arch=athlon --arch=i686 --arch=i586 --arch=i486 --arch=i386 --arch=noarch'
diff --git a/iso/empanadas/empanadas/scripts/build_iso_live.py b/iso/empanadas/empanadas/scripts/build_iso_live.py
index de979e5..f06426e 100755
--- a/iso/empanadas/empanadas/scripts/build_iso_live.py
+++ b/iso/empanadas/empanadas/scripts/build_iso_live.py
@@ -4,32 +4,30 @@ import argparse
 
 from empanadas.common import *
 from empanadas.util import Checks
-from empanadas.util import IsoBuild
+from empanadas.util import LiveBuild
 
 parser = argparse.ArgumentParser(description="Live ISO Compose")
 
 parser.add_argument('--release', type=str, help="Major Release Version or major-type (eg 9-beta)", required=True)
-parser.add_argument('--arch', type=str, help="Architecture")
 parser.add_argument('--isolation', type=str, help="Mock Isolation")
 parser.add_argument('--local-compose', action='store_true', help="Compose Directory is Here")
-parser.add_argument('--image', action='store_true', help="Compose Directory is Here")
+parser.add_argument('--image', type=str, help="Granular choice in which live image is built")
 parser.add_argument('--logger', type=str)
 parser.add_argument('--live-iso-mode', type=str, default='local')
 results = parser.parse_args()
 rlvars = rldict[results.release]
 major = rlvars['major']
 
-a = IsoBuild(
+a = LiveBuild(
         rlvars,
         config,
         major=major,
-        arch=results.arch,
         isolation=results.isolation,
-        extra_iso_mode=results.live_iso_mode,
+        live_iso_mode=results.live_iso_mode,
         image=results.image,
         compose_dir_is_here=results.local_compose,
         logger=results.logger
 )
 
 def run():
-    a.run_build_extra_iso()
+    a.run_build_live_iso()
diff --git a/iso/empanadas/empanadas/scripts/build_iso_live_test.py b/iso/empanadas/empanadas/scripts/build_iso_live_test.py
new file mode 100755
index 0000000..7db3b53
--- /dev/null
+++ b/iso/empanadas/empanadas/scripts/build_iso_live_test.py
@@ -0,0 +1,34 @@
+# builds ISO's
+
+import argparse
+
+from empanadas.common import *
+from empanadas.util import Checks
+from empanadas.util import IsoBuild
+
+parser = argparse.ArgumentParser(description="Live ISO Compose")
+
+parser.add_argument('--release', type=str, help="Major Release Version or major-type (eg 9-beta)", required=True)
+parser.add_argument('--isolation', type=str, help="Mock Isolation")
+parser.add_argument('--local-compose', action='store_true', help="Compose Directory is Here")
+parser.add_argument('--image', action='store_true', help="Live image name")
+parser.add_argument('--logger', type=str)
+parser.add_argument('--live-iso-mode', type=str, default='local')
+results = parser.parse_args()
+rlvars = rldict[results.release]
+major = rlvars['major']
+
+a = LiveBuild(
+        rlvars,
+        config,
+        major=major,
+        isolation=results.isolation,
+        extra_iso_mode=results.live_iso_mode,
+        image=results.image,
+        compose_dir_is_here=results.local_compose,
+        logger=results.logger
+)
+
+def run():
+    print(a.livemap['ksentry'])
+    print(a.livemap['ksentry'].keys())
diff --git a/iso/empanadas/empanadas/templates/buildLiveImage.tmpl.sh b/iso/empanadas/empanadas/templates/buildLiveImage.tmpl.sh
new file mode 100644
index 0000000..045522a
--- /dev/null
+++ b/iso/empanadas/empanadas/templates/buildLiveImage.tmpl.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+set -ex
+
+{% if live_iso_mode == "podman" %}
+{{ live_pkg_cmd }}
+mkdir -p {{ compose_live_work_dir }}/{{ arch }}
+cd  {{ compose_live_work_dir }}/{{ arch }}
+test -f {{ isoname }} && { echo "ERROR: ISO ALREDY EXISTS!"; exit 1; }
+{% else %}
+cd /builddir
+
+{% endif %}
+
+{{ make_image }}
+
diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index 025381e..495ca0f 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -75,14 +75,13 @@ class IsoBuild:
         self.timestamp = time.time()
         self.compose_root = config['compose_root']
         self.compose_base = config['compose_root'] + "/" + major
-        self.iso_drop = config['compose_root'] + "/" + major + "/isos"
         self.current_arch = config['arch']
         self.required_pkgs = rlvars['iso_map']['lorax']['required_pkgs']
         self.mock_work_root = config['mock_work_root']
         self.lorax_result_root = config['mock_work_root'] + "/" + "lorax"
         self.mock_isolation = isolation
         self.iso_map = rlvars['iso_map']
-        self.livemap = rlvars['livemap']
+        #self.livemap = rlvars['livemap']
         self.cloudimages = rlvars['cloudimages']
         self.release_candidate = rc
         self.s3 = s3
@@ -885,10 +884,16 @@ class IsoBuild:
             xorriso_template_entry.close()
             opts['graft_points'] = xorriso_template_path
 
-        make_image = '{} {}'.format(self._get_make_image_cmd(opts), log_path_command)
-        isohybrid = self._get_isohybrid_cmd(opts)
-        implantmd5 = self._get_implantisomd5_cmd(opts)
-        make_manifest = self._get_manifest_cmd(opts)
+        make_image = '{} {}'.format(
+                Shared.get_make_image_cmd(
+                        opts,
+                        self.hfs_compat
+                ),
+                log_path_command
+        )
+        isohybrid = Shared.get_isohybrid_cmd(opts)
+        implantmd5 = Shared.get_implantisomd5_cmd(opts)
+        make_manifest = Shared.get_manifest_cmd(opts)
 
         iso_template_output = iso_template.render(
                 extra_iso_mode=self.extra_iso_mode,
@@ -919,7 +924,9 @@ class IsoBuild:
 
     def _extra_iso_local_run(self, arch, image, work_root):
         """
-        Runs the actual local process using mock
+        Runs the actual local process using mock. This is for running in
+        peridot or running on a machine that does not have podman, but does
+        have mock available.
         """
         entries_dir = os.path.join(work_root, "entries")
         extra_iso_cmd = '/bin/bash {}/extraisobuild-{}-{}.sh'.format(entries_dir, arch, image)
@@ -1308,229 +1315,6 @@ class IsoBuild:
         Gets a volume ID
         """
 
-    def _get_boot_options(self, arch, createfrom, efi=True, hfs_compat=False):
-        """
-        Gets boot options based on architecture, the iso commands are not
-        universal.
-        """
-        if arch in ("armhfp",):
-            result = []
-            return result
-
-        if arch in ("aarch64",):
-            result = [
-                    "-eltorito-alt-boot",
-                    "-e",
-                    "images/efiboot.img",
-                    "-no-emul-boot",
-            ]
-            return result
-
-        if arch in ("i386", "i686", "x86_64"):
-            result = [
-                    "-b",
-                    "isolinux/isolinux.bin",
-                    "-c",
-                    "isolinux/boot.cat",
-                    "-no-emul-boot",
-                    "-boot-load-size",
-                    "4",
-                    "-boot-info-table",
-            ]
-
-            # EFI args
-            if arch == "x86_64":
-                result.extend(
-                    [
-                        "-eltorito-alt-boot",
-                        "-e",
-                        "images/efiboot.img",
-                        "-no-emul-boot"
-                    ]
-                )
-            return result
-
-        # need to go double check if this is needed with stream 9
-        if arch == "ppc64le" and hfs_compat:
-            result = [
-                    "-part",
-                    "-hfs",
-                    "-r",
-                    "-l",
-                    "-sysid",
-                    "PPC",
-                    "-no-desktop",
-                    "-allow-multidot",
-                    "-chrp-boot",
-                    "-map",
-                    os.path.join(createfrom, "mapping"),
-                    "-hfs-bless",
-                    "/ppc/mac"
-            ]
-            return result
-
-        if arch == "ppc64le" and not hfs_compat:
-            result = [
-                    "-r",
-                    "-l",
-                    "-sysid",
-                    "PPC",
-                    "-chrp-boot",
-            ]
-            return result
-
-        if arch in ("s390x",):
-            result = [
-                    "-eltorito-boot",
-                    "images/cdboot.img",
-                    "-no-emul-boot",
-            ]
-            return result
-
-        raise ValueError("Architecture %s%s%s is NOT known" % (Color.BOLD, arch, Color.END))
-
-    # ALL COMMANDS #
-    def _get_mkisofs_cmd(
-            self,
-            iso,
-            appid=None,
-            volid=None,
-            volset=None,
-            exclude=None,
-            boot_args=None,
-            input_charset="utf-8",
-            grafts=None,
-            use_xorrisofs=False,
-            iso_level=None
-    ):
-        # I should hardcode this I think
-        #untranslated_filenames = True
-        translation_table = True
-        #joliet = True
-        #joliet_long = True
-        #rock = True
-        cmd = ["/usr/bin/xorrisofs" if use_xorrisofs else "/usr/bin/genisoimage"]
-        if not os.path.exists(cmd[0]):
-            self.log.error('%s was not found. Good bye.' % cmd[0])
-            raise SystemExit("\n\n" + cmd[0] + " was not found.\n\nPlease "
-                    " ensure that you have installed the necessary packages on "
-                    " this system. "
-            )
-
-        if iso_level:
-            cmd.extend(["-iso-level", str(iso_level)])
-
-        if appid:
-            cmd.extend(["-appid", appid])
-
-        #if untranslated_filenames:
-        cmd.append("-untranslated-filenames")
-
-        if volid:
-            cmd.extend(["-volid", volid])
-
-        #if joliet:
-        cmd.append("-J")
-
-        #if joliet_long:
-        cmd.append("-joliet-long")
-
-        if volset:
-            cmd.extend(["-volset", volset])
-
-        #if rock:
-        cmd.append("-rational-rock")
-
-        if not use_xorrisofs and translation_table:
-            cmd.append("-translation-table")
-
-        if input_charset:
-            cmd.extend(["-input-charset", input_charset])
-
-        if exclude:
-            for i in kobo.shortcuts.force_list(exclude):
-                cmd.extend(["-x", i])
-
-        if boot_args:
-            cmd.extend(boot_args)
-
-        cmd.extend(["-o", iso])
-
-        if grafts:
-            cmd.append("-graft-points")
-            cmd.extend(["-path-list", grafts])
-
-        return cmd
-
-    def _get_implantisomd5_cmd(self, opts):
-        """
-        Implants md5 into iso
-        """
-        cmd = ["/usr/bin/implantisomd5", "--supported-iso", opts['iso_name']]
-        returned_cmd = ' '.join(cmd)
-        return returned_cmd
-
-    def _get_manifest_cmd(self, opts):
-        """
-        Gets an ISO manifest
-        """
-        if opts['use_xorrisofs']:
-            return """/usr/bin/xorriso -dev %s --find |
-                tail -n+2 |
-                tr -d "'" |
-                cut -c2-  | sort >> %s.manifest""" % (
-                shlex.quote(opts['iso_name']),
-                shlex.quote(opts['iso_name']),
-            )
-        else:
-            return "/usr/bin/isoinfo -R -f -i %s | grep -v '/TRANS.TBL$' | sort >> %s.manifest" % (
-                shlex.quote(opts['iso_name']),
-                shlex.quote(opts['iso_name']),
-            )
-
-    def _get_isohybrid_cmd(self, opts):
-        cmd = []
-        if not opts['use_xorrisofs']:
-            if opts['arch'] == "x86_64":
-                cmd = ["/usr/bin/isohybrid"]
-                cmd.append("--uefi")
-                cmd.append(opts['iso_name'])
-            returned_cmd = ' '.join(cmd)
-        else:
-            returned_cmd = ''
-
-        return returned_cmd
-
-    def _get_make_image_cmd(self, opts):
-        """
-        Generates the command to actually make the image in the first place
-        """
-        isokwargs = {}
-        isokwargs["boot_args"] = self._get_boot_options(
-                opts['arch'],
-                os.path.join("$TEMPLATE", "config_files/ppc"),
-                hfs_compat=self.hfs_compat,
-        )
-
-        if opts['arch'] in ("ppc64", "ppc64le"):
-            isokwargs["input_charset"] = None
-
-        if opts['use_xorrisofs']:
-            cmd = ['/usr/bin/xorriso', '-dialog', 'on', '<', opts['graft_points']]
-        else:
-            cmd = self._get_mkisofs_cmd(
-                    opts['iso_name'],
-                    volid=opts['volid'],
-                    exclude=["./lost+found"],
-                    grafts=opts['graft_points'],
-                    use_xorrisofs=False,
-                    iso_level=opts['iso_level'],
-                    **isokwargs
-            )
-
-        returned_cmd = ' '.join(cmd)
-        return returned_cmd
-
     def run_pull_generic_images(self):
         """
         Pulls generic images built in peridot and places them where they need
@@ -1614,6 +1398,109 @@ class IsoBuild:
         self.log.info(Color.INFO + 'Image download phase completed')
 
 
+class LiveBuild:
+    """
+    This helps us build the live images for Rocky Linux. The mode is "simple"
+    by default when using mock.
+    """
+    def __init__(
+            self,
+            rlvars,
+            config,
+            major,
+            hfs_compat: bool = False,
+            force_download: bool = False,
+            isolation: str = 'simple',
+            live_iso_mode: str = 'local',
+            compose_dir_is_here: bool = False,
+            image=None,
+            logger=None
+    ):
+
+        self.image = image
+        self.fullname = rlvars['fullname']
+        self.distname = config['distname']
+        self.shortname = config['shortname']
+        self.current_arch = config['arch']
+        # Relevant config items
+        self.major_version = major
+        self.compose_dir_is_here = compose_dir_is_here
+        self.date_stamp = config['date_stamp']
+        self.timestamp = time.strftime("%Y%m%d", time.localtime())
+        self.compose_root = config['compose_root']
+        self.compose_base = config['compose_root'] + "/" + major
+        self.current_arch = config['arch']
+        self.livemap = rlvars['livemap']
+        self.required_pkgs = rlvars['livemap']['required_pkgs']
+        self.mock_work_root = config['mock_work_root']
+        self.live_result_root = config['mock_work_root'] + "/lmc"
+        self.mock_isolation = isolation
+        self.force_download = force_download
+        self.live_iso_mode = live_iso_mode
+        self.checksum = rlvars['checksum']
+        self.profile = rlvars['profile']
+
+        # Relevant major version items
+        self.arch = config['arch']
+        self.arches = rlvars['allowed_arches']
+        self.release = rlvars['revision']
+        self.minor_version = rlvars['minor']
+        self.revision = rlvars['revision'] + "-" + rlvars['rclvl']
+        self.rclvl = rlvars['rclvl']
+        self.repos = rlvars['iso_map']['lorax']['repos']
+        self.repo_base_url = config['repo_base_url']
+        self.project_id = rlvars['project_id']
+        self.structure = rlvars['structure']
+        self.bugurl = rlvars['bugurl']
+
+        self.container = config['container']
+        if 'container' in rlvars and len(rlvars['container']) > 0:
+            self.container = rlvars['container']
+
+        # Templates
+        file_loader = FileSystemLoader(f"{_rootdir}/templates")
+        self.tmplenv = Environment(loader=file_loader)
+
+        self.compose_latest_dir = os.path.join(
+                config['compose_root'],
+                major,
+                "latest-{}-{}".format(
+                    self.shortname,
+                    self.profile
+                )
+        )
+
+        self.compose_latest_sync = os.path.join(
+                self.compose_latest_dir,
+                "compose"
+        )
+
+        self.compose_log_dir = os.path.join(
+                self.compose_latest_dir,
+                "work/logs"
+        )
+
+        self.live_work_dir = os.path.join(
+                self.compose_latest_dir,
+                "work/live"
+        )
+
+        # This is temporary for now.
+        if logger is None:
+            self.log = logging.getLogger("iso")
+            self.log.setLevel(logging.INFO)
+            handler = logging.StreamHandler(sys.stdout)
+            handler.setLevel(logging.INFO)
+            formatter = logging.Formatter(
+                    '%(asctime)s :: %(name)s :: %(message)s',
+                    '%Y-%m-%d %H:%M:%S'
+            )
+            handler.setFormatter(formatter)
+            self.log.addHandler(handler)
+
+        self.log.info('live build init')
+        self.log.info(self.revision)
+
     def run_build_live_iso(self):
         """
         Builds DVD images based on the data created from the initial lorax on
@@ -1623,13 +1510,16 @@ class IsoBuild:
 
         self.log.info(Color.INFO + 'Starting Live ISOs phase')
 
-        # Check that the arch we've assigned is valid...
+        # Check that the arch we're assigned is valid...
+        if self.current_arch not in self.livemap['allowed_arches']:
+            self.log.error(Color.FAIL + 'Running an unsupported architecture.')
+            raise SystemExit()
 
         self._live_iso_build_wrap()
 
         self.log.info('Compose repo directory: %s' % sync_root)
-        self.log.info('ISO result directory: %s/$arch' % self.lorax_work_dir)
-        self.log.info(Color.INFO + 'Extra ISO phase completed.')
+        self.log.info('Live ISO result directory: %s/$arch' % self.live_work_dir)
+        self.log.info(Color.INFO + 'Live ISO phase completed.')
 
     def _live_iso_build_wrap(self):
         """
@@ -1637,8 +1527,64 @@ class IsoBuild:
         we'll either do it on mock in a loop or in podman, just like with the
         extra iso phase.
         """
+        work_root = os.path.join(
+                self.compose_latest_dir,
+                'work'
+        )
+
+        images_to_build = list(self.livemap['ksentry'].keys())
+        if self.image:
+            images_to_build = [self.image]
+
+        self.log.info(
+                Color.INFO + 'We are planning to build: ' +
+                ', '.join(images_to_build)
+        )
+
+    def _live_iso_local_config(self, image, work_root):
+        """
+        Live ISO build configuration - This generates both mock and podman
+        entries, regardless of which one is being used.
+        """
+        self.log.info('Generating Live ISO configuration and script')
+
+    def _live_iso_podman_run(self, arch, images, work_root):
+        """
+        Does all the image building in podman containers to parallelize the
+        process. This is a case where you can call this instead of looping mock
+        or not run in peridot. This gives the Release Engineer a little more
+        flexibility if they care enough.
+
+        This honestly assumes you are running this on a machine that has access
+        to the compose directories. It's the same as if you were doing a
+        reposync of the repositories.
+        """
+        cmd = Shared.podman_cmd(self.log)
+        entries_dir = os.path.join(work_root, "entries")
+        isos_dir = self.live_work_dir
+        bad_exit_list = []
+        checksum_list = []
+        for i in images:
+            entry_name_list = []
+            image_name = i
+
+    def _live_iso_local_run(self, arch, image, work_root):
+        """
+        Runs the actual local process using mock. This is for running in
+        peridot or running on a machine that does not have podman, but does
+        have mock available.
+        """
+        entries_dir = os.path.join(work_root, "entries")
+        live_iso_cmd = '/bin/bash {}/liveisobuild-{}-{}.sh'.format(entries_dir, arch, image)
+        self.log.info('Starting mock build...')
+        p = subprocess.call(shlex.split(live_iso_cmd))
+        if p != 0:
+            self.log.error('An error occured during execution.')
+            self.log.error('See the logs for more information.')
+            raise SystemExit()
+
+        self.log.warn(
+                Color.WARN +
+                'If you are looping images, your built image may get overwritten.'
+        )
 
-class LiveBuild:
-    """
-    This helps us build the live images for Rocky Linux.
-    """
diff --git a/iso/empanadas/empanadas/util/shared.py b/iso/empanadas/empanadas/util/shared.py
index 191c4b4..411e23e 100644
--- a/iso/empanadas/empanadas/util/shared.py
+++ b/iso/empanadas/empanadas/util/shared.py
@@ -11,6 +11,7 @@ import boto3
 import xmltodict
 import productmd.treeinfo
 import empanadas
+import kobo.shortcuts
 from empanadas.common import Color
 
 class ArchCheck:
@@ -331,7 +332,7 @@ class Shared:
         if os.path.exists("/usr/bin/podman"):
             cmd = "/usr/bin/podman"
         else:
-            logger.error('/usr/bin/podman was not found. Good bye.')
+            logger.error(Color.FAIL + '/usr/bin/podman was not found. Good bye.')
             raise SystemExit("\n\n/usr/bin/podman was not found.\n\nPlease "
                     " ensure that you have installed the necessary packages on "
                     " this system. " + Color.BOLD + "Note that docker is not "
@@ -352,7 +353,7 @@ class Shared:
         if os.path.exists("/usr/bin/dnf"):
             cmd = "/usr/bin/dnf reposync"
         else:
-            logger('/usr/bin/dnf was not found. Good bye.')
+            logger(Color.FAIL + '/usr/bin/dnf was not found. Good bye.')
             raise SystemExit("/usr/bin/dnf was not found. \n\n/usr/bin/reposync "
                     "is not sufficient and you are likely running on an el7 "
                     "system or a grossly modified EL8+ system, " + Color.BOLD +
@@ -370,13 +371,30 @@ class Shared:
         if os.path.exists("/usr/bin/git"):
             cmd = "/usr/bin/git"
         else:
-            logger.error('/usr/bin/git was not found. Good bye.')
+            logger.error(Color.FAIL + '/usr/bin/git was not found. Good bye.')
             raise SystemExit("\n\n/usr/bin/git was not found.\n\nPlease "
                     " ensure that you have installed the necessary packages on "
                     " this system. "
             )
         return cmd
 
+    @staticmethod
+    def mock_cmd(logger) -> str:
+        """
+        This generates the mock command. This is when we are building or
+        performing any kind of operation in mock.
+        """
+        cmd = None
+        if os.path.exists("/usr/bin/mock"):
+            cmd = "/usr/bin/mock"
+        else:
+            logger.error(Color.FAIL + '/usr/bin/mock was not found. Good bye.')
+            raise SystemExit("\n\n/usr/bin/mock was not found.\n\nPlease "
+                    " ensure that you have installed the necessary packages on "
+                    " this system. "
+            )
+        return cmd
+
     @staticmethod
     def generate_conf(data, logger, dest_path='/var/tmp') -> str:
         """
@@ -624,3 +642,232 @@ class Shared:
         except requests.exceptions.RequestException as e:
             logger.error('There was a problem downloading the artifact')
             raise SystemExit(e)
+
+    # ISO related
+    @staticmethod
+    def get_boot_options(arch, createfrom, efi=True, hfs_compat=False):
+        """
+        Gets boot options based on architecture, the iso commands are not
+        universal.
+        """
+        if arch in ("armhfp",):
+            result = []
+            return result
+
+        if arch in ("aarch64",):
+            result = [
+                    "-eltorito-alt-boot",
+                    "-e",
+                    "images/efiboot.img",
+                    "-no-emul-boot",
+            ]
+            return result
+
+        if arch in ("i386", "i686", "x86_64"):
+            result = [
+                    "-b",
+                    "isolinux/isolinux.bin",
+                    "-c",
+                    "isolinux/boot.cat",
+                    "-no-emul-boot",
+                    "-boot-load-size",
+                    "4",
+                    "-boot-info-table",
+            ]
+
+            # EFI args
+            if arch == "x86_64":
+                result.extend(
+                    [
+                        "-eltorito-alt-boot",
+                        "-e",
+                        "images/efiboot.img",
+                        "-no-emul-boot"
+                    ]
+                )
+            return result
+
+        # need to go double check if this is needed with stream 9
+        if arch == "ppc64le" and hfs_compat:
+            result = [
+                    "-part",
+                    "-hfs",
+                    "-r",
+                    "-l",
+                    "-sysid",
+                    "PPC",
+                    "-no-desktop",
+                    "-allow-multidot",
+                    "-chrp-boot",
+                    "-map",
+                    os.path.join(createfrom, "mapping"),
+                    "-hfs-bless",
+                    "/ppc/mac"
+            ]
+            return result
+
+        if arch == "ppc64le" and not hfs_compat:
+            result = [
+                    "-r",
+                    "-l",
+                    "-sysid",
+                    "PPC",
+                    "-chrp-boot",
+            ]
+            return result
+
+        if arch in ("s390x",):
+            result = [
+                    "-eltorito-boot",
+                    "images/cdboot.img",
+                    "-no-emul-boot",
+            ]
+            return result
+
+        raise ValueError("Architecture %s%s%s is NOT known" % (Color.BOLD, arch, Color.END))
+
+    @staticmethod
+    def get_mkisofs_cmd(
+            iso,
+            appid=None,
+            volid=None,
+            volset=None,
+            exclude=None,
+            boot_args=None,
+            input_charset="utf-8",
+            grafts=None,
+            use_xorrisofs=False,
+            iso_level=None,
+    ):
+        # I should hardcode this I think
+        #untranslated_filenames = True
+        translation_table = True
+        #joliet = True
+        #joliet_long = True
+        #rock = True
+        cmd = ["/usr/bin/xorrisofs" if use_xorrisofs else "/usr/bin/genisoimage"]
+        if not os.path.exists(cmd[0]):
+            #logger.error('%s was not found. Good bye.' % cmd[0])
+            raise SystemExit("\n\n" + cmd[0] + " was not found.\n\nPlease "
+                    " ensure that you have installed the necessary packages on "
+                    " this system. "
+            )
+
+        if iso_level:
+            cmd.extend(["-iso-level", str(iso_level)])
+
+        if appid:
+            cmd.extend(["-appid", appid])
+
+        #if untranslated_filenames:
+        cmd.append("-untranslated-filenames")
+
+        if volid:
+            cmd.extend(["-volid", volid])
+
+        #if joliet:
+        cmd.append("-J")
+
+        #if joliet_long:
+        cmd.append("-joliet-long")
+
+        if volset:
+            cmd.extend(["-volset", volset])
+
+        #if rock:
+        cmd.append("-rational-rock")
+
+        if not use_xorrisofs and translation_table:
+            cmd.append("-translation-table")
+
+        if input_charset:
+            cmd.extend(["-input-charset", input_charset])
+
+        if exclude:
+            for i in kobo.shortcuts.force_list(exclude):
+                cmd.extend(["-x", i])
+
+        if boot_args:
+            cmd.extend(boot_args)
+
+        cmd.extend(["-o", iso])
+
+        if grafts:
+            cmd.append("-graft-points")
+            cmd.extend(["-path-list", grafts])
+
+        return cmd
+
+    @staticmethod
+    def get_make_image_cmd(opts, hfs_compat):
+        """
+        Generates the command to actually make the image in the first place
+        """
+        isokwargs = {}
+        isokwargs["boot_args"] = Shared.get_boot_options(
+                opts['arch'],
+                os.path.join("$TEMPLATE", "config_files/ppc"),
+                hfs_compat=hfs_compat,
+        )
+
+        if opts['arch'] in ("ppc64", "ppc64le"):
+            isokwargs["input_charset"] = None
+
+        if opts['use_xorrisofs']:
+            cmd = ['/usr/bin/xorriso', '-dialog', 'on', '<', opts['graft_points']]
+        else:
+            cmd = Shared.get_mkisofs_cmd(
+                    opts['iso_name'],
+                    volid=opts['volid'],
+                    exclude=["./lost+found"],
+                    grafts=opts['graft_points'],
+                    use_xorrisofs=False,
+                    iso_level=opts['iso_level'],
+                    **isokwargs
+            )
+
+        returned_cmd = ' '.join(cmd)
+        return returned_cmd
+
+    @staticmethod
+    def get_isohybrid_cmd(opts):
+        cmd = []
+        if not opts['use_xorrisofs']:
+            if opts['arch'] == "x86_64":
+                cmd = ["/usr/bin/isohybrid"]
+                cmd.append("--uefi")
+                cmd.append(opts['iso_name'])
+            returned_cmd = ' '.join(cmd)
+        else:
+            returned_cmd = ''
+
+        return returned_cmd
+
+    @staticmethod
+    def get_implantisomd5_cmd(opts):
+        """
+        Implants md5 into iso
+        """
+        cmd = ["/usr/bin/implantisomd5", "--supported-iso", opts['iso_name']]
+        returned_cmd = ' '.join(cmd)
+        return returned_cmd
+
+    @staticmethod
+    def get_manifest_cmd(opts):
+        """
+        Gets an ISO manifest
+        """
+        if opts['use_xorrisofs']:
+            return """/usr/bin/xorriso -dev %s --find |
+                tail -n+2 |
+                tr -d "'" |
+                cut -c2-  | sort >> %s.manifest""" % (
+                shlex.quote(opts['iso_name']),
+                shlex.quote(opts['iso_name']),
+            )
+        else:
+            return "/usr/bin/isoinfo -R -f -i %s | grep -v '/TRANS.TBL$' | sort >> %s.manifest" % (
+                shlex.quote(opts['iso_name']),
+                shlex.quote(opts['iso_name']),
+            )
+
diff --git a/iso/empanadas/pyproject.toml b/iso/empanadas/pyproject.toml
index 17cca04..0376d8a 100644
--- a/iso/empanadas/pyproject.toml
+++ b/iso/empanadas/pyproject.toml
@@ -27,6 +27,7 @@ sync_from_peridot_test = "empanadas.scripts.sync_from_peridot_test:run"
 sync_sig = "empanadas.scripts.sync_sig:run"
 build-iso = "empanadas.scripts.build_iso:run"
 build-iso-extra = "empanadas.scripts.build_iso_extra:run"
+build-iso-live = "empanadas.scripts.build_iso_live:run"
 pull-unpack-tree = "empanadas.scripts.pull_unpack_tree:run"
 launch-builds = "empanadas.scripts.launch_builds:run"
 build-image = "empanadas.scripts.build_image:run"

From 4c426ca1e3328b696b28a42944f7450ba572b028 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Fri, 8 Jul 2022 02:22:58 -0700
Subject: [PATCH 64/96] add another temporary sync-to-X-X script

---
 iso/empanadas/empanadas/util/dnf_utils.py | 25 ++++++++++++++++++
 sync/sync-to-prod-9.sh                    | 32 +++++++++++++++++++++++
 2 files changed, 57 insertions(+)
 create mode 100644 sync/sync-to-prod-9.sh

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 8bede72..6a8acb3 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -1430,6 +1430,16 @@ class RepoSync:
                 'live'
         )
 
+        images_root = os.path.join(
+                work_root,
+                'images'
+        )
+
+        sync_images_root = os.path.join(
+                sync_root,
+                'images'
+        )
+
         global_work_root = os.path.join(
                 work_root,
                 "global",
@@ -1470,6 +1480,21 @@ class RepoSync:
             else:
                 self.log.info(Color.INFO + message)
 
+        # Sync the cloud images?
+
+        if os.path.exists(images_root):
+            self.log.info(Color.INFO + 'Starting to sync cloud images to compose')
+
+            if os.path.exists('/usr/bin/fpsync'):
+                message, ret = Shared.fpsync_method(images_root, sync_images_root, tmp_dir)
+            elif os.path.exists('/usr/bin/parallel') and os.path.exists('/usr/bin/rsync'):
+                message, ret = Shared.rsync_method(images_root, sync_images_root)
+
+            if ret != 0:
+                self.log.error(Color.FAIL + message)
+            else:
+                self.log.info(Color.INFO + message)
+
         # Combine all checksums here
         for arch in self.arches:
             iso_arch_root = os.path.join(sync_iso_root, arch)
diff --git a/sync/sync-to-prod-9.sh b/sync/sync-to-prod-9.sh
new file mode 100644
index 0000000..6eb70b8
--- /dev/null
+++ b/sync/sync-to-prod-9.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+# Syncs everything from staging to production
+
+# Source common variables
+# shellcheck disable=SC2046,1091,1090
+source "$(dirname "$0")/common"
+
+REV=${REVISION}${APPEND_TO_DIR}
+
+cd "${STAGING_ROOT}/${CATEGORY_STUB}/${REV}" || { echo "Failed to change directory"; ret_val=1; exit 1; }
+ret_val=$?
+
+if [ $ret_val -eq "0" ]; then
+  TARGET="${PRODUCTION_ROOT}/${CATEGORY_STUB}/${REV:0:3}"
+  mkdir -p "${TARGET}"
+  sudo -l && fpsync -o '-av --numeric-ids --no-compress --chown=10004:10005' -n 18 -t /mnt/compose/partitions "${STAGING_ROOT}/${CATEGORY_STUB}/${REV}/" "${TARGET}/"
+
+  # Full file list update
+  cd "${PRODUCTION_ROOT}/${CATEGORY_STUB}/" || { echo "Failed to change directory"; exit 1; }
+  # Hardlink everything except xml files
+  hardlink -x '.*\.xml.*' "${REVISION}"
+  find . > fullfilelist
+  if [[ -f /usr/local/bin/create-filelist ]]; then
+    # We're already here, but Justin Case wanted this
+    cd "${PRODUCTION_ROOT}/${CATEGORY_STUB}/" || { echo "Failed to change directory"; exit 1; }
+    /bin/cp fullfiletimelist-rocky fullfiletimelist-rocky-old
+    /usr/local/bin/create-filelist > fullfiletimelist-rocky
+    cp fullfiletimelist-rocky fullfiletimelist
+  fi
+  chown 10004:10005 fullfilelist fullfiletimelist-rocky fullfiletimelist
+fi
+

From a4ee9ecc02506c6c2595f6fd859507bc2c135220 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Fri, 8 Jul 2022 09:54:43 -0700
Subject: [PATCH 65/96] images should be pulled based on format and name

---
 iso/empanadas/README.md                       |  20 ++-
 iso/empanadas/empanadas/configs/el8.yaml      |   9 +-
 iso/empanadas/empanadas/configs/el9-beta.yaml |   9 +-
 iso/empanadas/empanadas/configs/el9.yaml      |   9 +-
 iso/empanadas/empanadas/configs/el9lh.yaml    |   9 +-
 iso/empanadas/empanadas/configs/rln.yaml      |   9 +-
 iso/empanadas/empanadas/util/.shared.py.swp   | Bin 0 -> 4096 bytes
 iso/empanadas/empanadas/util/iso_utils.py     | 130 ++++++++++--------
 8 files changed, 108 insertions(+), 87 deletions(-)
 create mode 100644 iso/empanadas/empanadas/util/.shared.py.swp

diff --git a/iso/empanadas/README.md b/iso/empanadas/README.md
index 0c90442..b7ec7ef 100644
--- a/iso/empanadas/README.md
+++ b/iso/empanadas/README.md
@@ -1,12 +1,21 @@
 # iso
 
-
 ## Setup / Install
 
 1. Install [Poetry](https://python-poetry.org/docs/)
 2. Setup: `poetry install`
+3. Install dependencies: `dnf install podman mock`
 3. Have fun
 
+## Reliance on podman and mock
+
+### Why podman?
+
+Podman is a requirement for performing reposyncs. This was done because it was found to be easier to spin up several podman containers than several mock chroots and it was faster than doing one at a time in a loop. Podman is also used to parallelize ISO builds.
+
+### Why mock?
+
+There are cases where running `mock` is the preferred go-to: For example, building lorax images. Since you cannot build a lorax image for an architecture your system does not support, trying to "parallelize" it was out of the question. Adding this support in was not only for local testing without podman, it was also done so it can be run in our peridot kube cluster for each architecture.
 
 ## Updating dependencies
 
@@ -16,9 +25,8 @@ Changes to the poetry.lock should be commited if dependencies are added or updat
 
 ## TODO
 
-Verbose mode should exist to output everything that's being called or ran.
-
-There should be additional logging regardless, not just to stdout, but also to a file.
+* Verbose mode should exist to output everything that's being called or ran.
+* There should be additional logging regardless, not just to stdout, but also to a file.
 
 ## scripts
 
@@ -27,6 +35,10 @@ There should be additional logging regardless, not just to stdout, but also to a
 * sync_sig             -> Syncs SIG repositories from Peridot
 * build-iso            -> Builds initial ISO's using Lorax
 * build-iso-extra      -> Builds DVD's and other images based on Lorax data
+* build-iso-live       -> Builds live images
+* pull-unpack-tree     -> Pulls the latest lorax data from an S3 bucket and configures treeinfo
+* pull-cloud-image     -> Pulls the latest cloud images from an S3 bucket
+* finalize_compose     -> Finalizes a compose with metadata and checksums, as well as copies images
 * launch-builds        -> Creates a kube config to run build-iso
 * build-image          -> Runs build-iso
 ```
diff --git a/iso/empanadas/empanadas/configs/el8.yaml b/iso/empanadas/empanadas/configs/el8.yaml
index 85e7c0a..3764f51 100644
--- a/iso/empanadas/empanadas/configs/el8.yaml
+++ b/iso/empanadas/empanadas/configs/el8.yaml
@@ -86,11 +86,10 @@
         - 'xorriso'
   cloudimages:
     images:
-      - EC2
-      - GenericCloud
-    formats:
-      - qcow2
-      - raw
+      EC2:
+        format: raw
+      GenericCloud:
+        format: qcow2
   livemap:
     git_repo: 'https://git.resf.org/sig_core/kickstarts.git'
     branch: 'r9'
diff --git a/iso/empanadas/empanadas/configs/el9-beta.yaml b/iso/empanadas/empanadas/configs/el9-beta.yaml
index 67b9b6d..b18186c 100644
--- a/iso/empanadas/empanadas/configs/el9-beta.yaml
+++ b/iso/empanadas/empanadas/configs/el9-beta.yaml
@@ -74,11 +74,10 @@
         - 'xorriso'
   cloudimages:
     images:
-      - EC2
-      - GenericCloud
-    formats:
-      - qcow2
-      - raw
+      EC2:
+        format: raw
+      GenericCloud:
+        format: qcow2
   livemap:
     git_repo: 'https://git.resf.org/sig_core/kickstarts.git'
     branch: 'r9-beta'
diff --git a/iso/empanadas/empanadas/configs/el9.yaml b/iso/empanadas/empanadas/configs/el9.yaml
index 0e42697..7d16f9b 100644
--- a/iso/empanadas/empanadas/configs/el9.yaml
+++ b/iso/empanadas/empanadas/configs/el9.yaml
@@ -74,11 +74,10 @@
         - 'xorriso'
   cloudimages:
     images:
-      - EC2
-      - GenericCloud
-    formats:
-      - qcow2
-      - raw
+      EC2:
+        format: raw
+      GenericCloud:
+        format: qcow2
   livemap:
     git_repo: 'https://git.resf.org/sig_core/kickstarts.git'
     branch: 'r9'
diff --git a/iso/empanadas/empanadas/configs/el9lh.yaml b/iso/empanadas/empanadas/configs/el9lh.yaml
index 817b033..e7500e4 100644
--- a/iso/empanadas/empanadas/configs/el9lh.yaml
+++ b/iso/empanadas/empanadas/configs/el9lh.yaml
@@ -74,11 +74,10 @@
         - 'xorriso'
   cloudimages:
     images:
-      - EC2
-      - GenericCloud
-    formats:
-      - qcow2
-      - raw
+      EC2:
+        format: raw
+      GenericCloud:
+        format: qcow2
   livemap:
     git_repo: 'https://git.resf.org/sig_core/kickstarts.git'
     branch: 'r9lh'
diff --git a/iso/empanadas/empanadas/configs/rln.yaml b/iso/empanadas/empanadas/configs/rln.yaml
index 22b0578..3df3104 100644
--- a/iso/empanadas/empanadas/configs/rln.yaml
+++ b/iso/empanadas/empanadas/configs/rln.yaml
@@ -74,11 +74,10 @@
         - 'xorriso'
   cloudimages:
     images:
-      - EC2
-      - GenericCloud
-    formats:
-      - qcow2
-      - raw
+      EC2:
+        format: raw
+      GenericCloud:
+        format: qcow2
   livemap:
     git_repo: 'https://git.resf.org/sig_core/kickstarts.git'
     branch: 'rln'
diff --git a/iso/empanadas/empanadas/util/.shared.py.swp b/iso/empanadas/empanadas/util/.shared.py.swp
new file mode 100644
index 0000000000000000000000000000000000000000..344c9d057297e69acd8ab9b75837c3ea792a3df9
GIT binary patch
literal 4096
zcmYc?2=nw+u+TGN00IF9hCi>5C&{RHF_^8AV#rBMO3eX@69C1Dd6{~NdFiP+#rbK;
zIr+)i<@rU~dU>fOs2c0Q2I{A0mgpB}rt2r?7p3Z#<mcyP0|hdR^Yv463lj4ZQxc1j
zSfwSIIr_yJiAAX?dIgoJ=8f`3Ltr!nhzx<!k~CclUIt?$Lj#ZwWhF%gVWChWHIFJA
g4S~@R7!85Z5Eu=C(GVC7fzc2c4S~@R7!Dx-0O|)YR{#J2

literal 0
HcmV?d00001

diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index 495ca0f..8455096 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -1329,71 +1329,85 @@ class IsoBuild:
 
         for imagename in self.cloudimages['images']:
             self.log.info(Color.INFO + 'Determining the latest images for ' + imagename + ' ...')
+            formattype = self.cloudimages['images'][imagename]['format']
 
-            for formattype in self.cloudimages['formats']:
-                if self.s3:
-                    latest_artifacts = Shared.s3_determine_latest(
-                            self.s3_bucket,
-                            self.release,
-                            self.arches,
-                            formattype,
-                            imagename,
-                            self.log
-                    )
+            if self.s3:
+                latest_artifacts = Shared.s3_determine_latest(
+                        self.s3_bucket,
+                        self.release,
+                        arches_to_unpack,
+                        formattype,
+                        imagename,
+                        self.log
+                )
 
-                else:
-                    latest_artifacts = Shared.reqs_determine_latest(
-                            self.s3_bucket_url,
-                            self.release,
-                            self.arches,
-                            formattype,
-                            imagename,
-                            self.log
-                    )
+            else:
+                latest_artifacts = Shared.reqs_determine_latest(
+                        self.s3_bucket_url,
+                        self.release,
+                        arches_to_unpack,
+                        formattype,
+                        imagename,
+                        self.log
+                )
 
-                if not len(latest_artifacts) > 0:
-                    self.log.warn(Color.WARN + 'No images found.')
+            if not len(latest_artifacts) > 0:
+                self.log.warn(Color.WARN + 'No images found.')
+                continue
+
+            self.log.info(Color.INFO + 'Attempting to download requested artifacts')
+            for arch in arches_to_unpack:
+                image_arch_dir = os.path.join(
+                        self.image_work_dir,
+                        arch
+                )
+
+                if arch not in latest_artifacts.keys():
+                    self.log.warn(Color.WARN + 'Artifact for ' + imagename +
+                            ' ' + arch + ' (' + formattype + ') does not exist.')
                     continue
 
-                self.log.info(Color.INFO + 'Attempting to download requested artifacts')
-                for arch in arches_to_unpack:
-                    image_arch_dir = os.path.join(
-                            self.image_work_dir,
-                            arch
+                source_path = latest_artifacts[arch]
+                drop_name = source_path.split('/')[-1]
+                full_drop = '{}/{}'.format(
+                        image_arch_dir,
+                        drop_name
+                )
+
+                checksum_drop = '{}/{}.CHECKSUM'.format(
+                        image_arch_dir,
+                        drop_name
+                )
+
+                if not os.path.exists(image_arch_dir):
+                    os.makedirs(image_arch_dir, exist_ok=True)
+
+                self.log.info('Downloading artifact for ' + Color.BOLD + arch + Color.END)
+                if self.s3:
+                    Shared.s3_download_artifacts(
+                            self.force_download,
+                            self.s3_bucket,
+                            source_path,
+                            full_drop,
+                            self.log
+                    )
+                else:
+                    Shared.reqs_download_artifacts(
+                            self.force_download,
+                            self.s3_bucket_url,
+                            source_path,
+                            full_drop,
+                            self.log
                     )
 
-                    if arch not in latest_artifacts.keys():
-                        self.log.warn(Color.WARN + 'Artifact for ' + imagename +
-                                ' ' + arch + ' (' + formattype + ') does not exist.')
-                        continue
-
-                    source_path = latest_artifacts[arch]
-                    drop_name = source_path.split('/')[-1]
-                    full_drop = '{}/{}'.format(
-                            image_arch_dir,
-                            drop_name
-                    )
-
-                    if not os.path.exists(image_arch_dir):
-                        os.makedirs(image_arch_dir, exist_ok=True)
-
-                    self.log.info('Downloading artifact for ' + Color.BOLD + arch + Color.END)
-                    if self.s3:
-                        Shared.s3_download_artifacts(
-                                self.force_download,
-                                self.s3_bucket,
-                                source_path,
-                                full_drop,
-                                self.log
-                        )
-                    else:
-                        Shared.reqs_download_artifacts(
-                                self.force_download,
-                                self.s3_bucket_url,
-                                source_path,
-                                full_drop,
-                                self.log
-                        )
+                self.log.info('Creating checksum ...')
+                checksum = Shared.get_checksum(full_drop, self.checksum, self.log)
+                if not checksum:
+                    self.log.error(Color.FAIL + full_drop + ' not found! Are you sure we copied it?')
+                    continue
+                with open(checksum_drop, 'w+') as c:
+                    c.write(checksum)
+                    c.close()
 
         self.log.info(Color.INFO + 'Image download phase completed')
 

From 9e9955a0de6bb03482a4986cf7fea1a4d6786eb0 Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Mon, 4 Jul 2022 21:18:39 -0400
Subject: [PATCH 66/96] Fix names for jobs

---
 .github/workflows/imagefactory-image.yml | 2 +-
 .github/workflows/mix-empanadas.yml      | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/imagefactory-image.yml b/.github/workflows/imagefactory-image.yml
index 7ee3791..59ee1d8 100644
--- a/.github/workflows/imagefactory-image.yml
+++ b/.github/workflows/imagefactory-image.yml
@@ -1,5 +1,5 @@
 ---
-name: Build empanada container images
+name: Build empanada images for imagefactory
 
 on:
   push:
diff --git a/.github/workflows/mix-empanadas.yml b/.github/workflows/mix-empanadas.yml
index ebae78d..9352219 100644
--- a/.github/workflows/mix-empanadas.yml
+++ b/.github/workflows/mix-empanadas.yml
@@ -1,5 +1,5 @@
 ---
-name: Build empanada container images
+name: Build empanada container images for lorax
 
 on:
   push:

From 767362acebeca22fbda2e7082726d5099d1a5908 Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Fri, 8 Jul 2022 13:26:07 -0400
Subject: [PATCH 67/96] Various image building changes

* Add UBI container specification
* Change ouput path to simplify copying operations
* Install patches for imagefactory and fixed version of oz for RHEL in
  container
    * Please ignore the RPM in this repo for now...
* Add conversion steps for Vagrant, EC2 images
* Fix KSes if they have a $basearch variable by subtitution
* Add usefbx variable to ensure we have an output for debugging
---
 iso/empanadas/Containerfile.imagefactory      |   8 +++-
 iso/empanadas/empanadas/common.py             |   2 +-
 .../empanadas/scripts/build_image.py          |  44 ++++++++++++++----
 .../empanadas/templates/icicle/tdl.xml.tmpl   |   3 +-
 iso/empanadas/imagefactory.patch              |  16 +++++++
 iso/empanadas/oz.rpm                          | Bin 0 -> 198376 bytes
 6 files changed, 60 insertions(+), 13 deletions(-)
 create mode 100644 iso/empanadas/imagefactory.patch
 create mode 100644 iso/empanadas/oz.rpm

diff --git a/iso/empanadas/Containerfile.imagefactory b/iso/empanadas/Containerfile.imagefactory
index a66ccb6..f4f91cb 100644
--- a/iso/empanadas/Containerfile.imagefactory
+++ b/iso/empanadas/Containerfile.imagefactory
@@ -43,6 +43,12 @@ RUN dnf install -y \
 
 RUN sed -i -e 's/# memory = 1024/memory = 2048/' /etc/oz/oz.cfg
 
+COPY imagefactory.patch /
+COPY oz.rpm /
+
+RUN dnf -y install /oz.rpm
+RUN (cd /usr/lib/python3.10/site-packages/; patch -p1 </imagefactory.patch)
+
 RUN ssh-keygen -t rsa -q -f "$HOME/.ssh/id_rsa" -N ""
 RUN dnf clean all
 RUN rm -rf /etc/yum.repos.d/*.repo /get_arch
@@ -52,7 +58,7 @@ RUN rm -rf /etc/yum.repos.d/*.repo /get_arch
 RUN pip install awscli
 
 ENV BRANCH r9
-RUN git clone https://git.rockylinux.org/rocky/kickstarts.git --branch $BRANCH /kickstarts
+RUN git clone https://git.resf.org/sig_core/kickstarts.git --branch $BRANCH /kickstarts
 
 # devel only
 # COPY . /empanadas
diff --git a/iso/empanadas/empanadas/common.py b/iso/empanadas/empanadas/common.py
index 7073606..fa7c806 100644
--- a/iso/empanadas/empanadas/common.py
+++ b/iso/empanadas/empanadas/common.py
@@ -103,7 +103,7 @@ for conf in glob.iglob(f"{_rootdir}/sig/*.yaml"):
 
 ALLOWED_TYPE_VARIANTS = {
         "Azure": None,
-        "Container": ["Base", "Minimal"],
+        "Container": ["Base", "Minimal", "UBI"],
         "EC2": None,
         "GenericCloud": None,
         "Vagrant": ["Libvirt", "VBox"]
diff --git a/iso/empanadas/empanadas/scripts/build_image.py b/iso/empanadas/empanadas/scripts/build_image.py
index adbf501..817e5f2 100644
--- a/iso/empanadas/empanadas/scripts/build_image.py
+++ b/iso/empanadas/empanadas/scripts/build_image.py
@@ -84,8 +84,7 @@ class ImageBuild:
         if not self.tdl_path:
             exit(2)
         self.type_variant = self.type_variant_name()
-        self.outname = self.output_name()
-        self.outdir = pathlib.Path(f"/tmp/{self.outname}")
+        self.outdir, self.outname = self.output_name()
         self.out_type = self.image_format()
         self.command_args = self._command_args()
         self.package_args = self._package_args()
@@ -94,14 +93,29 @@ class ImageBuild:
 
         self.metadata = pathlib.Path(self.outdir, "metadata.json")
 
-        if self.image_type == "Container":
+        # Yes, this is gross. I'll fix it later.
+        if self.image_type in ["Container"]:
             self.stage_commands = [
                     ["tar", "-C", f"{self.outdir}", "--strip-components=1", "-x", "-f", lambda: f"{STORAGE_DIR}/{self.target_uuid}.body", "*/layer.tar"]
             ]
-        if self.image_type in ["GenericCloud", "EC2"]:
+        if self.image_type in ["GenericCloud"]:
             self.stage_commands = [
                     ["qemu-img", "convert", "-f", "raw", "-O", "qcow2", lambda: f"{STORAGE_DIR}/{self.target_uuid}.body", f"{self.outdir}/{self.outname}.qcow2"]
             ]
+        if self.image_type in ["EC2"]:
+            self.stage_commands = [
+                    ["qemu-img", "convert", "-f", "raw", "-O", "qcow2", lambda: f"{STORAGE_DIR}/{self.target_uuid}.body", f"{self.outdir}/{self.outname}.qcow2"]
+            ]
+        if self.image_type in ["Vagrant"]:
+            _map = {
+                    "VBox": "vmdk",
+                    "Libvirt": "qcow2"
+                    }
+            output = f"{_map[self.variant]}" #type: ignore
+            self.stage_commands = [
+                    ["qemu-img", "convert", "-f", "raw", "-O", output, lambda: f"{STORAGE_DIR}/{self.target_uuid}.body", f"{self.outdir}/{self.outname}.{output}"]
+            ]
+
 
         try:
             os.mkdir(self.outdir)
@@ -122,11 +136,14 @@ class ImageBuild:
                 finally:
                     f.flush()
 
-    def output_name(self):
-        return f"Rocky-{self.architecture.major}-{self.type_variant}-{self.architecture.version}-{BUILDTIME.strftime('%Y%m%d')}.{self.release}.{self.architecture.name}"
+    def output_name(self) -> Tuple[pathlib.Path, str]:
+        directory = f"Rocky-{self.architecture.major}-{self.type_variant}-{self.architecture.version}-{BUILDTIME.strftime('%Y%m%d')}.{self.release}"
+        name = f"{directory}.{self.architecture.name}"
+        outdir = pathlib.Path(f"/tmp/", directory)
+        return outdir, name
     
     def type_variant_name(self):
-        return self.image_type if not self.variant else f"{self.image_type}-{self.variant.capitalize()}"
+        return self.image_type if not self.variant else f"{self.image_type}-{self.variant}"
 
     def _command_args(self):
         args_mapping = {
@@ -207,7 +224,9 @@ class ImageBuild:
 
     def copy_command(self) -> List[str]:
 
-        copy_command = ["aws", "s3", "cp", "--recursive", f"{self.outdir}/", f"s3://resf-empanadas/buildimage-{ self.outname }/{ BUILDTIME.strftime('%s') }/"]
+        copy_command = ["aws", "s3", "cp", "--recursive", f"{self.outdir}/", 
+                f"s3://resf-empanadas/buildimage-{self.architecture.version}-{self.architecture.name}/{ self.outname }/{ BUILDTIME.strftime('%s') }/"
+                ]
 
         return copy_command
 
@@ -215,6 +234,8 @@ class ImageBuild:
         if self.base_uuid:
             return 0
 
+        self.fix_ks()
+
         ret, out, err, uuid = self.runCmd(self.build_command()) 
         if uuid:
             self.base_uuid = uuid.rstrip()
@@ -238,11 +259,11 @@ class ImageBuild:
 
     def stage(self) -> int:
         """ Stage the artifacst from wherever they are (unpacking and converting if needed)"""
-        if not self.stage_commands:
+        if not hasattr(self,'stage_commands'):
             return 0
 
         returns = []
-        for command in self.stage_commands:
+        for command in self.stage_commands: #type: ignore
             ret, out, err, _ = self.runCmd(command, search=False)
             returns.append(ret)
 
@@ -318,6 +339,9 @@ class ImageBuild:
         if stderr:
             log_lines("Command STDERR", stderr)
 
+    def fix_ks(self):
+        self.runCmd(["sed", "-i", f"s,$basearch,{self.architecture.name},", self.kickstart_arg[-1]])
+
     def render_kubernetes_job(self):
         commands = [self.build_command(), self.package_command(), self.copy_command()]
         if not self.job_template:
diff --git a/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl b/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl
index 73f99f7..900c17d 100644
--- a/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl
+++ b/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl
@@ -7,10 +7,11 @@
             <install type='url'>
               <url>https://dl.rockylinux.org/stg/rocky/{{major}}/BaseOS/{{architecture}}/{{installdir}}</url>
             </install>
-        <icicle>
+            <icicle>
                 <extra_command>rpm -qa --qf '%{NAME},%{VERSION},%{RELEASE},%{ARCH},%{EPOCH},%{SIZE},%{SIGMD5},%{BUILDTIME}
 '</extra_command>
             </icicle>
+            <kernelparam>console=tty0 inst.usefbx</kernelparam>
         </os>
         <description>Rocky-{{major}}-{{type}}-{{version_variant}}.{{iso8601date}}.{{release}}.{{architecture}} Generated on {{utcnow}}</description>
     <disk>
diff --git a/iso/empanadas/imagefactory.patch b/iso/empanadas/imagefactory.patch
new file mode 100644
index 0000000..43254b8
--- /dev/null
+++ b/iso/empanadas/imagefactory.patch
@@ -0,0 +1,16 @@
+diff --git a/imagefactory_plugins/TinMan/TinMan.info b/imagefactory_plugins/TinMan/TinMan.info
+index bd61a02..00a8112 100644
+--- a/imagefactory_plugins/TinMan/TinMan.info
++++ b/imagefactory_plugins/TinMan/TinMan.info
+@@ -3,7 +3,10 @@
+     "targets": [ ["Fedora", null, null], ["RHEL-6", null, null], ["RHEL-5", null, null],
+                  ["Ubuntu", null, null], ["CentOS-6", null, null], ["CentOS-5", null, null],
+                  ["ScientificLinux-6", null, null], ["ScientificLinux-5", null, null], ["OpenSUSE", null, null],
+-                 [ "RHEL-7", null, null ], [ "CentOS-7", null, null ], [ "ScientificLinux-7", null, null ] ],
++                 [ "RHEL-7", null, null ], [ "CentOS-7", null, null ], [ "ScientificLinux-7", null, null ],
++                 [ "RHEL-8", null, null ], [ "CentOS-8", null, null ], [ "Rocky-8", null, null ],
++                 [ "RHEL-9", null, null ], [ "CentOS-9", null, null ], [ "Rocky-9", null, null ] 
++               ],
+     "description": "Plugin to support most Oz customize capable guest types",
+     "maintainer": {
+         "name": "Red Hat, Inc.",
diff --git a/iso/empanadas/oz.rpm b/iso/empanadas/oz.rpm
new file mode 100644
index 0000000000000000000000000000000000000000..83e5a53599437426c9e23f0d3633107f999d960d
GIT binary patch
literal 198376
zcmeEv2S60rwr!yxhzS*QYA~S^x+`>7t0*d{D2j*(W-9_plAvHj#DHQ>m=*J=C<e?C
zbIyu6=bRmN{Odr=h~u66?(_Zs-n$=Wmer@isZ*!+*=O&ycU3)I@$7Oz3V&wd{hhSV
zI-|1|3tCIlT7#COwK|$*0)wL!nl|t{##xmZj_m#OKQqeW#|`6FJuow^v!p1S_4wTg
zAio!3X@e6N!?F-S{;;oENi0dZPENVt11!yf5L5XHmN=e@0C0T4=U9^M@c@o5_yS9^
zJrSEVvOy;sWl<|?d6w5Q23gVbv|cuFtf;V@!ZD(%7qEt644i?{8dR00Wrb7qtYFYG
zdO^!ElEO)%POFz>+MqY+X<n=4aj<BRd0rK0Rj(8Df`k)N1>UxE;9YvS@8wDk`C?n{
z%9Vcmsgk-kWK;fMeh=jLKz<M8_dtFR<o7^+59Ieieh=jLKz<M8_dtFR<oCe;_dSr!
ziG2O~bpm<<oCZaG$D1^ysN{)Q)ffP;kvtSjvX2Z{0pySH9)u?$yh#C5`Jt&yI2p42
zk*QqNR3<!1VZhN;erhU<rt&i^39oX|R3<zNssD<p{1QvDo$wo^{&!fC?H^2KvLy9?
zHI+YOiS1@(Oyw`8vffnw!&JuglKM#1+50y$mB|XgY!{Z`c+APUKwVkHo66)|C|mY4
zm94SF{)OF4<sw+3zX;uweLU$0l$&c!WwHVLx6qi%C9uTyRyRy#(&s39PcW5ju|yj>
zxM4}!ORfvYcZkN4w67eN*gt^HS#MrGXBiNLWm#;mVA{URRIZp)?(AVIJ79_WJFmc!
z)X!sy`a7>Tm5o@U{?40B<@%;Fx$k6uB2(n}-%aHfSmO9DKz93D=9IhdHI+TFM15kS
zsT`2AT_V?mW6V3{Y?sJ(QtoQnPUL}HZ?~N7fwN8J?m6XtC$U7|niIJ~dt$$}N6snt
z55|(TS22~tOl8$njxv=)Oy$0&vZ-DDzuk`*tVg>Bx5JXOhwO*zNwCRTn)l1uJ`DS0
zZ;#C>kJxJ}$K{kqCt}%!qDoKBDUU&2q<y9LV~O^Ud1ETy!4mb4F<npTyC|dXWRv`s
zCiel`lijd1Yet3lr*imJEdHKf^$Hdvg~&LK5GHG4qJu+%ql1+wjT#=Q5n`glLxpHX
z)&#~VQPCQ2UrlgWRJ0Hh5=D9U*91pt1Wl9@tqE5(A=#CX1OHl$93C7N_>;=4O_d4J
z!Qo+1j+%bK(LtKf;IQCOAp|Fih>6yyk>R15=paQC6Qx8tLt6IE>Kqa-2_Zq@QPIxX
zzhpEqnA}9lX5vw=7VW(H(v-W>R|yG^2vx$OU2-lDEu(^>qa*6OxPV^{iV>Zq@K6^i
zL<kYWBqcgpaY2WL1c$}MQeojjq!dI2tC}tvJB^d7aZ#crY<3BjdqhSFPQg;J6rwl<
zDq)&#4M^j{tTh@<R8){tZzYbbb&A$tKaG>9p|vcpacZlvxBvTk8r9Oc$Vy+Au$Yh#
zYn4c7_Mh1jTvU4iW5Z@9MO8j#+5p`cJcOc}bcCp5o$XS}tTpsOt&0>@@(@(_TZ-zo
zlcFkah8(q{D1XRm!5h$3Kq*&>DhFAvRFR^rp}UJT0nmMgF}`iaQ`F?j6xHb+)aF2n
zs-FoFYei-Md1F06)hRhB;)LUX;%E!O?tM9^*c|5tirMC%2KaRX!?qmQ)<Am!8=RY<
z{(u}5u*XyaSbWYw(P<P#VAC`QrADIdfaQi9K-7u2Q&uH%P$(J01t^OCAP~`K1a5&j
z2wFu^1l4e@1m;;e2!Wm=Ab&Q)fa^IZahakB3QPjff7wg&dp0l@$oMPF(69dy<km&%
zI}Y6XD~LWPC|39<Sc-Lk&B2@{`TZAsz<pl*b5y<$St3AxRe;{8fVuh`3SeD<9>5u3
zKahfJN(9aU*slQeR)H}<3t$A=i2Ffwb+M^=QG9t$xg_pS$=JV##a!HT!2BWrc`#oC
zcmj@jQG7hkiERZtqi)TgAnU(@Y%AD>qNYQhtNUl)Rw@wprGP`uZ?pNhjwL9s!xHT;
zfc*-##_|Yo3Mh^B>jB7$*)zx*+GJG(V`UGP3}g$k@X!C6JRQ1d=+m74vVSi^`CtC;
zKY!%Eey*G&{@<VRKikq@KQ8B5|07r2<mr$9{c{P(-{XIC4-h-!Z;@HQrT9Jedd21`
zf4}XY{`O$Sy<XG*;qiNCbwOMH-O>3UUjIMszaQ>J{{DGo^S`q{h}?cV|K3>*a({nY
z_n%q*v$2Wo6p|-sJ*!jnI-Zd@t-vd^-pDHqE76=@&`U_K;CPlM=^3&j8jxL~6(ysV
zB%sg=Z)7Mf%L+yvqvJS{7bGM0)f<h9mQl4vqpUR`mqXw=fffuRrwF2vH|jZ^#IdT5
zWmJ_@bf|!#8CHkP7L{g<0?qNFk=06!EE%*$nnsp~B&h<gW%W9lX7!>Z2u7My41$E(
z1VN;9GSWj(7pEwKUPTKfosKptjDe9ktzKY^21aKPjXH@D^s<gO7$lZqwY13MdUOUw
zOBoCX)yT?v<ew-Ci(C>_i_{ZN7C1>3Wky9UT3nc-attS_iou}pj7&?4q~-KlPSsHq
zM=JuZM{86WR;C#(tEvokVT_CpX(*g3%ShSL<1&%+VqguDV9?8wAaRO{1Q<b8DZO52
zpaoXuC6<;9ijL;cL|!Y?GJ{+gJ&mTaf>zbaJfoFWMlf=;Xb@NqU7*#{tW2>wogm6A
zc4btF!);@DJ+Jb5mNV)FMW-_=23nLPqbRBdBQ5JhQKxbO%X6}<GYGs)DSAmFw^A}P
zimH`(iP4KjmBn2YWG((>&=;J<inPukGl~%nmN_Ho3Pm*toSvp|t0YCou?(*m7zhV#
z&`J;i9`d6@Mh;FZ>hwl~#NjTgysD$oJQ<RK4pj^~j-eQ>k!2)N5pbvucNw=0w~iC^
zMqGucqXmZ1Y0)5tLFXFuxc9jG2G*$6A$v&C@{}w?(pX8<qbrdrWaJrE5P44FRh&@J
zsSp@RkBgTX^c2ksI#QF2ZF-}?>jjz;AzzYe;Pk4h)2ez-<z!qYBjBQqoR$+9ox)0x
zP4u$@IfbC%#^}&h3S<`|OKEkSk>(*41|HG@VU~DSt2HnfK8k_kX^|Jvahz7tGqP;Z
z8gM@hoP_Krov2qOTBVFUBoRWP#jRnql0i_7T3W@~B!*EGqs*y_WQ6oUtkDHpS{8V$
z7Ys(DUeqfxPcb?{(6NvLBP3U*jTpZYFVZ504bG;pJo?JWp(6A?hwhXm5hBOw72G#8
zkEbwbIgw>?83v?hVGy8$B(y=t7$uR@i>e|>td12ij*T*;9fMxg8#ocSKxb5SJSA{~
zgaj=j#d<x@O0uG0fHQiXmeE4gX#<kgc=WOs605LAgQ%ATS}Pb-#$YhAJQRY;^AKPN
z8lwn0k)d^hR*QiJvCu2Hshk0qh5;!UMTO%HGR+%B3>H-{G9qq~mZFg$#$gaZ?9f)o
zGmBngIHM%1WNaf<OfeF1Vi|>pzF}wsM{_Jq6pkp+dWMn=jFA-?ftP5bR?%bd^3WGX
zy#Y#sqxHDqP%<=n26tPA45&z3V;DiEA(*IDPbn<PZWD|GghkOYxC)&fYE7#`j2UPs
zMK<ynDF#&_gAe^|K=K+|AQ))$4XdYER@AW=7Lrb(1(jt;FX%D)c}Wp@oJU4aXvyGJ
zL{ZQ3kS`;KkScPj1i3TlC`c4K#K`a%daM=+b&woUhLR-J8U>6#Xd`UEI23qZ#~LyC
zbppme#FaBbEwemECX}HLk_NrXaA-4z32uO3G}2ngJ?<y;DQ>EQG(-$QEu&xt;TY(C
z8v1~PR4Y)~P<|>WGP2QtOMpIOu#z`O1{y76I8MN2U|4cA4@E?J9rJ~R(IryoB~dlX
z20d~BwNR*926sWv8D!is(pNN62yt6!5u?wbRT#Y<;}#lJ(L%aqEelD65|<Uof+AwR
z!Jw5e4)i4DP*$No6-nixtsn^)1T<^p7=>sCosrjZP!KYuN~A@Ysc^>(0#pl8n~YY6
z3`_&7$}Gf-QIU(t3Xl~{HyCje%ju0Qs~6A*EQKjahpA4-(t;>qkcf(+kQ7G@a0aTA
z)}!0>1|t*=L=giRBY|Zg1$st+Zc$kZZN=~=-Gkw05TG=83=;z?#U!YMu0~_DI!GZ#
zv5W@d&dIzMGqIM{N$6h+7pUUO^w1~Jf-LI7Ace|>77?I?F*C?oXkslRLy&l#K}8>`
z3U<UaFKZQ<(&->Cq88(yfdGm$qzhvkN>W04rOK%oKa7rr?9)b0)?%X7LxU(#sTer8
zI38>k<{h1kK@8cGaoq;NAgjD28FWS&GZKgYFvOuT^pIo;idP`>FBFSTF|v9H!Y@}K
z@ie4{WSg>rUKEKC@sfb4mx1hQWg?bjLRCd1ltR#;xNym$Do8vm0)~;OU#@^LDk5iu
zMx#YN2Ysb-P$uYFnr69d1;U7!a%qeh++WO`dO=oYtxD7g)RsY|ez^jecLr!$1NvNV
z6p=kEVgy1BVFWX<Q+TKi73#*QLcL<<qa{h^F<LOqK><O^AW6Sk0qi~*W*Da$p(kK!
z!2*MRhIs{zhA9A62J`|W!`KsGzF`A~IH%LW<bojyjl%zG1v)LJFx*{SmI`^7MQC5x
z1;o0-^sQqJycR|lt;JYVFbf(5Nx~==U<6=_WN3-{FQ`BZxzZY;g)t=bFsE1nh7~I-
zya6^Oty6Jl44lkih>K7KXb-GD9(q>C!cb<=f?uov!;KXL&IqGIRAJLYtwJqo1zAAX
zV3Zgoouo$@7Csal(yK8#RLrp$;1CPgIKNzhs1q@jU~*wF!RayC6P2km>Uii{0Vc6l
zg1LgxAwZ*x&=WF)ly@1DBB(s9EiLuS6<|hY3_8@Ua2zp1SoAdJ60HJNC&M?<>Qx9L
zxpt!wb3U9COdBxMXik9UH*nN1SD?j=D;RKE*rVtJSm;oh66}4w5o#8O3g$xt1^|!2
zAtJ+{f!%DtjDW!-3r1FerTL2$u%e0-d6qR8WSJFUL&1{aF-yT@7vS)S@aVJ#7-*sq
z{+eD^VZCs?9-19<8fIE8^~)8&9M?%0c_QurCNK`>zlte=;aN<7ka~kG!sdX*Ph3R?
zQ=pc{rL&m5A(F6Xsb8)@fgc0|1RkcAh0h?tJT}7TV<isVOq>A)hN%c&4Q8|!?y(*=
zn^D1_!RW=b!BW3m0Sp2RZ!JtAIMA>`;9wJ93r|L<Mu@!*BM_btd`g{;Q?xW3VHgXT
zhp{7E9HU76as_Y%XjpnQjBQSaqKC?X@damuhu;RfAASWaPxJ$vFf<Di2^$B;z`8TQ
zcsEeLT!AF0m}TL{aX1wo=zx!ptAzgyl>;YMf{CgXbsVf|xR`<<!;IkJtHU0L)ukvr
z^~)7N@@WGM5(O6umtBUlg|1))XksG<B#+Su$H71>Oi|WpVLfqztia;Z>lhJ!B=yS`
zKn`*7u#+SO@`%1B)**a*MuxElZ<>K23(<gC1^p~Y#4I#QJY0A*MZwLYez^h$)Qloa
zaEL(%@ephYt`vA7FbZ&E1n3FQ07nEjo|Ac_1RDiZ0ZdhRpdfY>VxjzE1#n>`@CPgp
zHxIU=2xAE@Fc1I8zzJXhpeH5h3AiyvMukgfgpC4Q2_7s5?Sy&Zmn(o##=(JxcYwO#
zS7Sy}VBo^$2cHDvUx7HlBqZF42sgqApAtF(nu<7{qJpvTs};cPg9`=67~@-nzXz|1
zCf+;F2mPSMNf;<f&_g<KCpw%M^Eezk_#IG^P^8o^R{*1n(LvF}U&DygOPGd0_rM`A
z8gWZhJZ@&t!nq<A5$FII18~eSdlBA45;&bo{c;7Eni-no;AJux6b9I#@O$8E!PSSt
z(Gq79jv&;vo`&-bR!0X;2#km%!-oKkfoH~ku>u~72aYi2Czyg9p0UHjXrR~h;J`T8
ztl*izDd7n;!fwH@5p=L!2wMZ*lUQjS^~)6~2Cy_*8Nx_rXHc{t3u(9p@JYZe5qc3c
z3;aj8gM=c$6ve_j$DM*356{9#{c;5=oo)NbaE0MO!zET}Xd7ayVaV%oTBu@B2wF}H
zQWR%}v4BZh<?*Z@$SZg(zgz(*NxeweQw#_Yu<*4p_v$6WP^utNa2haDI?)K)3QQqL
z9892~KuDj!pF~S2bQD+zm{1DbW6Uh@yx?ZTq!C2)Bhhdo?k+E6>s;7ZFvy{9VTMA}
z3Oc<+859oWk;;Np1S=)tKvpH}4cJ=|GXP_R4G-gpNCo6j<zdl*w7{&$;9*4tTo&vX
za6E7|Kw`7FIpC8py9uB&bVNq=I#o*yI&jq>D+n_PG8I&yQKUiX(L6|yU#$Qm1_lmj
zEwJK75XdUnOjtIcfXEY<v=*1m@gO^ScpXH{^iZd;zC^IFEDKVfl0fiE68KR8dQY##
z4S~%Ht{RF7Y6(LWyn_ly1}X#08psT^7+M-eGbjp>v6QSg7#NiYa|b(GL|_5cNFW8#
z-9|8I5N~kRm{eGhE!aa3N(&YN;tDtg6u$A-D}b;f1b{mQP7?RsXoTsHIUQmOw^N40
z1%}RuaE1<~8Axdr!xwWM%u)j_t1$d2nEp_M7-rx>aFa0mgCT%M#?$~J4@Hn8psx@c
zAu1aj54=Zk9^ekZvvJ_}F(5ebvT*DOD~bsV@d_Sd1WzBq7M&#P!3sjA1(>;nurxqS
z!T-P>2Nwa>@7F5;Sq^KKh(0WR7HS<DUXLjb#3^iFC~hMdMF##4#2?o#fe6D40H%`x
zJ0cmurv0~90Fy|C>B+D#%b;|$paCJ-3}jOWIues2d`KE|7lJm5D&V%jR6}qH0~2(<
z#B<aySAe0Tk`Mw673d*&kOnY+xWR}LAkf2t%R~H$!<+$LMGK+Qvn)t?Ojs<;2`CFh
z81gIlH|PV#NUNBiVU>cv0)v8C5J4@Y1Oo&UAh-(92RZ`=u>iYCN8*wK$R-sOp9Gzw
z7ho*^Vg<jf)(P1UZL7eomM}tKYs0I++XOg;L_hGB0X--h385gcWxN1~A9fzNe+9uc
z7A_J;!S+Mw2bu!0HCUe__(K_7I_z;4(FRzGWa?(Ki4)8`aAsjD!FvMLjEEb^<@^fJ
z2e9)IZv)Q<f*zAE;u8Y+aYWe=;Gsc7Ve&y7heX$iyphl?h(QP)rf?EugRLup!$5$X
zhKmYT0LBo4f-qh%bt-}is|T-BfLh{oppg-gLhKwoALc&V2nrrd8-=hP$Oo7OAj9C;
zsyeg)^I$gn1PW3Mz5yWv)(FE0&NfR-C^(%Uh2Vc7q5(O`uK@nPg837Zy^OfG49bS#
z!7!?r+6}l5n2eCDATc5$4hoIH5Eyq5dx*UlcoI`&VCMa51&Hp#X9sx=s|nVg4&h0>
zDny5{AKYfd?cu)4B*rYm+(8&oKmebC^TNZHfz8Vqe!T_1d<pp#h!n#A@Gro}Apr;8
zB?dV{H3Fh0WG)eS1R4?C#bA^mHt@s{=_CmeAjC+Lg8|_><cz>5;o+~~f26L!dINz4
zH{OWQHsaifI113!gx0`-hqDT|*`Ozm2y_UNH1aF>ujm7~#)L5jX97MO9u-eaeyC^S
zRLCH=z;JPJLKKDr%Rtu3a2-J1&<fIxSc4YE_ODj}CLI(WsBAC?2-f1gIf$4;j1cc7
zVLb$(!LNZigI6T*IvCEpWCW`P#@Qh1D1?0(Lb1ZThT+d4)-FKzXPeg&<|V{OMPzj#
ziiIQ>1bdN9p{K!7kc<`(0gOt)I|ng^v?T~F*iB@6f!sqL4T5W+G~iLgZA9Q1s*y%o
z1`-1>RUzR3<Q}FPsIvb76~Kl^+yTj9u<`UrH^F;_a196vVOYYQhF(V^8Z12;o}HGM
zI<!tJB7TEV0j2;gI8g*oB}~LP6nPQ`61h-Bq-M~VWWlZ@&d$O6Mt%u;1vwSS#sS02
z!6iquhftlA5mPv5DCEO1@HlnIbRbb91VxBZ1~wdSJcLOP_ZrDgQ0p|_mV}f8EoNuz
zq!TH4qp~cJ`ACa|5lr5AnUaVUGa3;kc)>^*Q<2UE>I$R;NHv@WfkEWY&_<F(XMp<;
zQVTI6Nry-Ph+pIsfsK}6>%ylOK!wwYU!ii`PB8S~AdLn%I)VYd4_X5I1MED>5khzq
zMlz3V3X(VjZdJnEgm4>iqL5&P2rn1__~8ne5eei!h)-6Z{Zc0iaY`PM5k2NrEf2aI
zw6qbTiZMjOKoXLQAZjphNFE0|2Ei-{5IlPfHP|@l1Bfnq4;c)&R}!=zj4a$L!k&Z8
zLRlb8rV3d{Oc3l0BoT8Y_*XFS0z#ig3OQUP)ys&GB&>Xd3rUm;8WZVIpyNRINIYIx
zr6QmXex8+)QU|39_me~i7=#tkiLjtRn1P-GCxBqPB!bkJ;1)uevoMNr?`ZJKFbbgR
zAz|n=$P_X?um)TKg&-8+TX-b1AW;E|8bjM4f-+(Ch}R%lg99y&yQBp@i)01Zf1*~$
zAdW%03|U~{L`kR-eGJ>(2;PunCnESQ;1(N6oR`HLxm3g<;Q(+5&0{WB(0O{eGEf-k
z2@1J%p!$$CX+UlOVim~1(vw_BWcMIrl7YN|83APoVbFtPz#vDUSw})97(?JSD3J8<
z!Es4i<a8lvh?S5AiU=1v1;d3Tf$*?}NyZ!_;bmV42qF@ogAuD|aG{(;!L~*E7071v
z1MV`sEvPZl6ag0_G6*T-o^vEc3$hG$8YDKN3Gi-^^nq&@{v9en!YF8G1mlPf06PPj
z#aICii;z96IMDMXQwbC)0v4c{Xmkz>A_8{-ii$PJzupH(1wldp_;GMB=w@2VP7OkW
z8xr9lrBL25J4A>$JP6DdB(ns`Pf$)6avV}$DFina3~#U@m>ZDai1B1V@*d_&WPKn>
z5~_y>lZ$vLcq(K~5dsCdFf_ELR*U&4zk+{{KESj`<{t&gX$<1eu#ZUcHc~O*MnS#n
zkU)kMLIh-yaRGi$0jCdh3VEU+$dOi#bf90Y05N<*Ad-Ywq{AW212jF7t`y{9fu2^8
z(+0u<O~CL%7Aw*mkrfL178E#QpJ)h$93r@V-~cgy>Y?{Rdyrj`C1GTcVG31@d`skf
zV!lvei|bJrG8|wxk*r^20aIX*F(eT2mSM>wZxJU%>=zRuY$y=bgyg|IjkyTH9<Z^n
z-7#;WegwY3(W^+dMMex7fKa>$<{jJtrZF;bz#v1>gPq5J0(epx@hTX3Bzl41A}WIN
zMMXS?UX?IOf$2r|0i!2jqwLTsNu1<#Ib;JSEM%fV@ghR6kX%3{vtxlcfnNM~r~s5P
z<c`K{NYYLa9Y8by6D&9vIP=JiCL}WM7t)0=wW4E@Ta7#<7zQBd6{s}|@fsMr*q5a6
zAcG4z13HAGV0n{t2_%nzxIu<4vZKM(z&X=uk!^)Xo^ex=Qz2{Ne2XkeK!oKiD#*%1
z5+(=)a4xa|X*WpXMf3>|S%6tYS|(;-1RP<(al~UrqAH$&z~rd~>nIZk4+$BNw(O7%
zTn<>|BqBo+z7VRBk-m-Dmr#`$dl*QFz+g5t{12$$m+!)Ve+9pM8;PGtCQ4YB0&-!H
z)eaR&BA6JeSc~v7Vlm*EVA8Q9o`#%eM0G$dBdWmb83jfbOgNAO$k#y@E+$<FF-%~Y
z#ON_MBRL&9fLKaUp@_X9tAdzP@GD?O!eB6x)OS6iV9<+5?}zaP-T}FXs)W2$SjjYW
z2b2UJ^uUQ>rXoQE(gQPu2Ma+$NisztK?L@x5s?t2EunG9F(!{IAd-iuJqR!!Dcx`!
z5O0IJ#j`jd&0)77MI4FecoGEjJCeD{0Z`9cJeC9^3z2tR6;d@}B}*`&d8l2eG@KTd
z!um!a4Fd~F{}_RKGy$2MvXLAFjml$3tVTE$*F&D4zynGwj927{6aEAPjy#(}oCs)P
zgh7#~tEUiNM+8*N&W3?qu1A!PMhK83m?-e0$umAMk`XGF5dg=ahtd?`#laRr9z9Gk
z3Qrnf%%Nd=jxitvi1-sCzXlL=cuaug8Y0&R1}>gi;_-k6(%400oWiR>DkfZZWY-~j
z0D}#q6aF1Bm65SY(mr6@ArT)b5Fqm4{_zOofo6w(N1hTq5u)<p>f^yJ3Q;hSym*jA
zhX&%pF>#RRuOv)n=upfBc!-E}G9JJoa}JnDkoj;x(J=Tq2vJ}bG?L^O21X<V4xs=%
z=Kv)IA%f8ko|w40$e2X{9byYbhHHiYgsaDmM|ckDd5Ci(%E%euuE7Jv-Gq7)k-*16
zp+Tj>=fqPBuvL+23#%RyOdjQd*M(=n5a6T0U0^I2c{Bv<G`1m3j0=a?pofu<AfOEY
z2saP2Cz1yd>_^HP9tFXpBWQ#kEnuN~Vg8b&E)iK{gm}fin9xCNAQ2vc8$1#Kg-pCz
z11wA}tss8`J|jsq#A7WKo_*k8Zoor>w}uH3Puakm1&@N{WRj~7*&$pS?kXrW_<$ha
z;Y1-z0vs&jKr#hS7Jf6*SYWBc0|eE91|hQ$4`vA%33&7akFY?PiKm1>iXN6bd5{e9
zjsIXkQ1FM5WDmjs$xcuOFsl)2LH;}(Eo8{zrbBWNYewi31_eU43~UDC8^Yhg6G#e!
zWLew`q!bdS7e*B<YCK>7Dv@{wpnDJjCWe&?LK@9Lqe-R6H8kSE70f6)BZXNA84YkJ
z(Pkuv;bAaX9OS_<xPvUFNaU|WPr;)nDVoR_N5BGe3j_n>5+1NXvBbuJr;TR};o>2o
zhooF$))O!~F)HAlfq#ItgwPp0N0OV2yFu<XoNnZVaukGCi+Kz-pAnC<kf-91xd4g*
z&q=_sMoIy^K=e6AB$|z+W|&Ff3Ghe_9;!g@Jh*MR`Eaa}O^hcL;A<c{2N^<UF@_#2
zDr7)FO&Xw&P{3QLF*1;aLA-P1X~W{gGYtQq|KYtP`G5I6klzEp*aHP{JOTOp_WM_s
zIW_&wzmehL(Nz9F`F)Tt2l>MwUlrtQ!hB7buL<)t;eVMX{11Pf$vG-ga*m7$g{_A7
z3FrUi_dtFR{4ebRDLhOK4s;0bUx&OrI3g}OC_IdD23s8*6`j4-v?{lp?VnlTUpMlC
zaPl(NfAHt_ZClZw?SPjZTmJ|bF*wX6Du{B4iHgkrZ8|sgT_f?T-QcKjyev3S!JB)<
zzQK{vPO_kchKD)j?Bx`uME47i?ET}`-hD%VT-8SjjiExL!^81r<M0S2jJ(ZP3JJ#h
zgQHA6;UI{?b-wk=x1|%#oBe8J_1kU?Sw))i=Pt3KA-RQ6T8fN|hz|dAMR-_vba+^>
zl)ENU=|f(&97RE^qArJK;h_<cN>r30HxCX`+6tjcRGn|z$Qt+HK(c%8x^_Zjbg&T8
zQizoCKI7iLN}g?TA>l%HMNut<zDm1DMGcPq?$GSbo>85nqUAccSO3x%`iQI`M&XQi
zC1w9H&RS>I32)qS*5fOGWcjU3N}Mx`J+oKq49+-^68=zkwNs*%NKN~2-2SNWFipb<
zG1BzgEfBAH4k2%CZlrP2pkaJ=rB0gmN{AvvDW+A_H_6Fv0>p~EOFJL=eUL8$|4U_n
z@QC=%0(sYc_V+#uVQC4FIi)Z_zPo_;GgD-4DFze=@XqP%Z&na~zZ8IXI#YNbIaLNI
z3*f!lRC%BRfcKzNl>ofkoT>s;1*!oWzz(nnsslBEnkLl7l7Q$)f_f%6VM*X(0$!m=
z5#YVi+2F7wFqnXMPg4X9Ou)O@DT2l(G{KUfnF$_P65!q2+3>`YptT8Yuq5y{!3RqM
zUlaVWBp~m_Cg@}W-j_|jK|pl_$afU*{%@)$AOIpD0f;|S3ZMdkKoAfN^a6SVAwVdA
zcdJw3Km^bShy<blyn~yH0r~>{fLI_7=no741_FbC!N3q89vBKF0K<SpU^swxc2gsP
zQ9u$f8W;m417m@4z<6K+FcH8z)~U(B6ksZVcgj=KffQf{FcX*s;JxnD902bjr{)3k
zfdxP+un<@TEC!YUOMzv;a^N>$1+WrW1*8G1fi*xnuohSc;GN>s1_1Akr#1qcfX%=b
zU@Nc<*beLfb^^PA-M}6o6W9yv1NH+4fP=sx;4p9mI0_sCjsquvlfWt9G;jtu3!DSa
z0~dgcKo)QbxC~qYt^(J9>%a}*CU6V54cr0l0{4LXzyshR@CbMeJOQ2p&w%H^3*i5&
zKbst#WChX9#(&Uw`WJS~w#UBpsTqD0_yGk`CNTeh3=5p^-x;Jo3+3bAq7S|w8<x1I
z7^}G`jNktXtg-)(D1voG{|<1j!}~i+Y9JPHG8G{#Cc+7Mi$O~EikK*TbSJofb^$J~
z5{VD+n7%nfwwu10gP){iQXUa;#QAbo0t2yK4afIy#9$%JIU<f~uE^n$!k@pIg-0sc
zrAS3->g!H^wjl0i?vLiaZG<qm)RBL#5v1tw$T(8=A|J>hKiXiA;OuI#w;U<-&aO23
zcW~eA_1^HJef@kr$ll)lJz^y#f_&zO6x+A-@ajSL(B=MSa(}V8zqs6A`rKcJ++Td|
zFJsOxuk3{)w-mB3rGtC+3O_L>EINj4@(&J^!}~>%pFMiu6GPEGdgT0$h|BK!9zDKw
znv_E|IN=#H=kSPVC(=ymXB)|CQ}_P-n4fI?^O)=#@ps4lWryrzO}FhI9Qc#1<fxoG
z{PSb}x-IvJKSkkh4*mH~f7W3Vp1-T%C%cg2bA;{Z2mW;%Il?5BKR@Ir8*`2^$?rcp
z>L;6Xk0Y}FH^=?BnH-lpE`EO8Pd8^D_uUx!2Z#QHJ;>3yL+<B?{&aKham+us#_Xf=
zZp=M~{kvoGZp=M~`@3WEZp=MK|98ja-I#lf;qQ*gyD|3|{_l>-yD|3|<KG>VcVo^m
zUjOibyj!yO&e3)M;C}vfBRPg>#h)MW;}){FNqPSKfS+t6$9z+>KR@VaTgg$m8u{mk
z{d6-qF1$baUfn;qq@Qdg$B=K@nY20Q{9Qr+eZla3f&ac>%qirkcFYjjHJD1eJS93$
ziOEx9^OQ{OFx6seh^b_1iK%32im8;REp(o?(0STI=V=R_r!91zw$ORnLg#4<ou@5y
zp0?0=+QQ^%OP<5>9F^xFGT-HCHCd6T;bcXgwv!cknom~bxdO7{+ePF|j<{#vT4!3J
z`?exyhA^Enr(il=P632<&VBn<%)a?K1=Cr-SwnxG<-0YxN9Rl_ymRiUa#k4sY{<72
zKOADra|osvJUaOOnRC{FZvWO!)RVIg6#HM+fkDq%_ifTat4$Z2yC%1DzFT8z)OTx4
z7xLYjzt&^AQMvoj-+J@AH9yuv|D`>!bAM<v^Q}+5)x-X!W~?#QOs1^d&7@#zC;4e=
zAo*$PQ}WX!J>;iJklSY~*K7+Uw^#G5Gqo_!x^L(I{@8El{&SsabbNQDX^7;gTOw7a
zR_3n2x@<8tt-$@ty9eSidH0}y+yniQcMk+^^45{<Tzr2PgmUukfuWJN4(`W2xF7d`
zl;*8N|KlF$-Mo7ke%u2RoM(?8&-&v@aZc0y%;~NlPx<2+e>~xj=i`595JqsG_84=w
zo2I^Ry<{qqm&51WzCTx(q~gyNCZWh(p)<+SpDRq)WLjYoQ&R~|%yWjkwFR`x*_iW9
zQ|HJq;*@4js&JH|<q*>vs+o7YPM&RBQ0+aMxVQ13lvp7&A_SjQ#XF3H@fsFq>`H#e
z^7<Zn)>LA?+rpCH*`I4QZR8O}?i~d;_gh&-DD&HIgmsnJ=tw~hj{I@epSwYOi&1!=
zM)n@zBxV~Eg-1D^|2%C>w)aQwL2gU>1&7hSbB_4I_eM7bX1mnVHwQd-&9|$~UGalk
zp1a=Un|~`)D!xG*LB2ej{UZ)h>1afhshrM^4vnC2p}8xg!lS5O3jXP>M20DdLq|!t
z#IUHKaKwVMKS7)GFFr*3XIMPv7sA9Yf5z)wqJqH~L<mxEIO$QQo&R>1+$#UsUOjri
zgd$8uj~@TQdWqIB?HUy%L@F+Fxb&BD?)m@R1*^Vwd!F4xg)kRDhn0PWNEg!JKYx*W
zoV;m#Yd0i1+?AXfKUE>x2}P%Hv6mu6M`4Zfjf_Ac5dTLiQh2276evkfQTPTiE)N?b
zf+G}-lRv(7jDMBL$nZ#4d=eR7Lw1T%q?pLy=s2v8aCCC-(cHUz2hZl6diZ+#wQuI(
ziqq$;Z{g+Hv{^tvk0!pp9@xXXt*^!@DngN>T(h$pNYfGGcZpQwAR*eca6%u+Abn&f
zyfYh3#mAPV-cAvb;n8S&c%)NQbYwWbrTow95yHYq;5@q;jZ>(e)!^Ugm@vgPTX=&d
zR4zotg-JoEFgzy8DJBeKLw1T5M2zd)Gvfov$b>MRAM_12Na}ZGN{R>$r}`sZfWjkH
zIbTk8%DEyWLVzrC3JfDbpZvf49?0*3|MflavzQaPsGqI>F*fyIStjTF7VG+VU4H9V
z(zpMU@O}K`U;X``i4p!!y7nL2LayiAx_@+SWINeL<ex0b-?wAP?|(I}NMcq$g4FZ3
zf3T#p4Tw0ZiElGcPfaxJYpPv#il+v4W^hEbqvp>o8YLDsPPQpPQSFq-5Ys-{hkd^>
zppBOX9;XIIT}&uU+wUuZlMoRe8Lh|~-xk>Ir@O$KQB_TNqy`y|Fft^hIie6877>%D
zDvd*6|KJD>a{o-3kQ!Nt792I9LTv6z7$=SzH8MO@;}=F!8vpV~`kdSYqA$oFk=<|c
zKN9mJalCJ_yJGlV94G-GtWT8$N&%$-Tc8Y37AOal2Pyy+fl5GSpbAhGs0L^NJAnMz
z1J!{VKuw?)P#bUnNR#UV^#Dh}32+8n04<;cXn+A&fCKb^0pI~6P#<UjGz46MMnGf0
z4QK*11)2fwfCtbVXaTeYJb_j~YrqR=1GELafp&lo&>rvwIskq^N5CHl06GErfB#-R
z(D{GJ<&d%aJxH_2IR1X!|Lx!8od37a@!wrPxyJmzf1e&8^7P;Khsnb1dteeN02IW!
z!uj~G?E~CotC(ojiKob$mhk;*fqd&4FC4<_mhe>qyd;yn`-gnh0k2=hYXR}$6TF}p
zALPQvy7A6byxbP=;lsQ1@!@;&XC>lgMfhkgUPFYJ*pOE#<IPNXZ602%L*pH$c)1e!
zqAFe;NWK(=ZwBKPP~^j=cpD}@^oe&NtE3WQcvyb@`q>Rj8;1=pU#OsgFA7{rJk*?x
z4?4KA(xHHu@DV$|M0%X{VXic6k@Q-oiYK4H*?N;=RkuKDrKGAw`oH!5>gjOqt5?R6
zb(ZbTdz%NETSl-~U-fgC;=}JRGTcJi?Lh4=nUT52cXPLiL))HBIUSU0^P)iSuGaBc
z^6X<%o7}(Kr*ywB*NdOqWIy@i<;y)L_<J8e(RTW^4fDm_&Afb?#E<Vb<@2F{t(TUa
zv#$2Sp^Sgm^FyD$O<nZpR8qas%9!gj3l%z~-F24j*7v~j4ncIO85Zl7JC2$=vy^>n
zu|>@`^-t7zc-O~bMDhY*SiKR2k}mW%Y&^Bj@A-~7-5+o0nx*L#{yOC1@f}>bkG{bN
ze}8jenN8n}7=w>y>)4_RWm*Q=eOPfe%t_az<nHv)dRB=SeLfkQ3~M??=~PzfbT8t=
zfwYo$yZC>~`aSaOTJz3NhAb^yrp|{QyVAN(_;l3a{@q4vo1O4e>a1$#d$n!g*S>Kt
zgI8a&oVetUUES5KmM4|w#lyE=wsE9(GK~fn*br?$^K<RD*H+Z-(1tl}k@ooEowtii
zdd@r7xa6SK>-ui_a&6&#pF<uMxc0v9eDC$Ryw#!fcsjap;DCD@o>tvCHM5S^!)$*-
z>%<z>g`r7a0X-eHR=#OZ3b|%gV5}A!%5>_u*Kd8NQ|@(o(-n{1P4((!SAF`&Bhw<<
zon;r;eeBDPoHS+kxK^(sO7mGY(%4!7g@O)0d(w4I{W>9Q`((O!Z@IrGvv}$p|7Gc4
zw(k1mN)4G8o^g6n$t#Vc`Kzy6-P}Gon(63w=YB}?%ny^#WQn5&X<uIYe7xL%>4DoT
zKh#XODO#sqxc3#Gj7CB=hX?Lqr;mwC?8lDvD3rPRpse-QrXFhB>s8yY%JBsYPj_~?
zw!xyyiH*hjU3`2jMYm3R<@Y$=tpU@weuu*?SG8Ex?~ef)Q|nirTC5OLXkyQ@=9%_3
z_gW1fv?YE;tL0N}q$XZ{k^G9O)aAybOSMMS>y;I{(k{($&QXuSYp%@bFu3Z~O%>`p
z{C;n0m9texysEM-Ikd{!sArY#JzjgLYmnACz<0r}H9h&6hb{aACQrO^?4G!Lcgu*y
zPvVCy*yXrPyC%rF%)B|>7QWf?Kr<v_SNgIbwv5Hap&rAH<tr4boLr#mp(7uA^c}l6
z+3v_QpA*SNU7m~{7<01V)s_P*HhaJA!1X7M2aU1qGUd|tp2nBYZIcDvZl6EWwkYod
z(u&{zQg_g<tdQI1#0}Nr-tC`0`16eo&896p@oehjM>h{%>}EN%P`%Xo3ok2|3vRd9
z7_9pC9yH5oRzl;B<A>{tmJ$xr>2C*C-N0WH4=t+tDXvg)+n#a#GPs5BmJQi(Fk!D*
zA1j}r)%Tqi&)nO*-TE%Av)%>1alYia@adx&QD3|VnOV*`S-qUy(;eeZZuNSXJSX7l
zy0=Sgh7O$C_nI(dd$IN#(rPFBJ$9Sd&i{R*S;qPszka#>GUdwg5;l)xf@Hq(nFiC2
zIE9^hw7Np_ydiGs{pSv8bR+iB$A{fF_FEtNAoh85xoR2BCzQRrQ2$`JZCXk7UH^CO
zNA4dGGN6KmZ9BJ-mz_uKx2@QFlx;i8{P&A18#`OJbO|bM-6hd%*tj}wYs@EH=;-og
z<lD|>t><YxeDA$$e?hMHy6S=xZ9gAcoIsU7QMStdV^95-2lgI+y^8dt?1EL@5A|P{
z99C^XLXD;iyi0nz(~Ud2KU&;yVPYM*mn%Ey=#yl}zAF|vh~~+zHZ6-3DeNF8tbZM1
zoBUp!b>h;2VPzuZ8>Q<OEa^RFd0<rG+m3_X#yq`h%bOjwTT-@Oz!ML(*tnvj$|vlr
z(4H!=Ys%%;k28NC*f3ype1%;d_Qn@BD>bC4YX!I9h@|*U1HIYZJ)XZFmU!u)U#VO6
zY1@uR?i-|E%r=<0XrB8AyIY@MJiBKm4cN7{bhusJnoHB;R$Y3VHaJD`8R0)Ua%x&k
z<;?@qx^Fu6c>B6Ku`iz<D0X5~O4ib<W1V-EYOwuvX!rVo145>{Pi&Josp{!FQ!hE5
zsl1CnJLC_%VQ={BwO=aMTyylb&F~FZ!!j!RoR(j`<azfJsg~Oo1*gvUEgE=d)8YD^
zI(}ig_}Qe<)?1&R_jGcYawxdngx0H8Su9UDcX`9HWv*;ogN+ZS6bx#&FuBgB_fDgi
zj4D)eyj2nAP59W$kITMF@~C=ud$i}|v8O+c+0*?_mC?V|JtA7o8MCKPRKxiLr%d|j
z`zWjGkUBk%jO@2+=iN%lA^pQU)UVpm(Q2cmMN`ZE0}FI18nLwXh0aYc_OG%pMcR3;
z{gzfOY`cvQdbQTu&~2WN&p!W+8(fbxz8ZH;C-u8D>0ZG)cRY{Ig+?v$pwIgGY@Gh`
z)tG&cxW-pL1WuXUxACljy&rZO;L`VFR$#AsYt!nj>>ztoep3H*<>L<9XKjCDT)nFJ
zZ-1P>o&IsefN5u*En%v!tnyoj0-09xH@nMP2Zy?4lg(=t$V}hVp(|T{mi4ePMfQ1=
zF6py8$hq9qF~^i!x7>Vhc6Fr7%(k}hxYvH@%>ZrrveS!LR&K2>xKVhFwZ*V|%8Cvh
zoImTt4LzOf&N^m3r{Z(3uNhYLihX(SQ84*lf|=#QJ@dxWVNRzOyxMte*rB!~=YD<C
zV9IXK$1%a1LLXeMm$_i*3iGbIhz&Nv40}gyji6=A9DE$6B;C>2X`*C(N~hIt>n~h?
zW6{wQKJOFf_Z#>!>ye$?%_p};4?a5o)1A?i|L~ob#V^bp^YmVkpy;)03N}@5A8+Zi
z{mi<0`r@m59}L^{_K}CxIET@t243SD^s4%@<&9nQPnJp=78-YRO*@S=G2UXtTk-0(
z>Xl2{?AvEPd|2(UHjh>{T>m&d{dT9v4;>1&c$>EMSy<(9X-<_V6uIqLa7AclMt2`K
zvyMw|U%20C!V$BrnzB<OuHEPqcDu3W;yxQsw{*{x4mG^W*9a(HicXmjT=>*pzfa|+
zD%WQ_lvzAxYTLeJ=uaWf4$WWG$<MR?`Q*+m4DZG*EF)C9u;aqI%-}g6%Q_vI8FD3Q
z&Njo0$!W}~T318eUKENx;`i)HT36TE(Xa1cv<bPqW9#|1ji*d;s(Mf;w0rXC(p&Ft
zdEIB?@+t8XgnGBn)$iuorOPM(BaN!rnfLDc*)n>_>T8+jGrnfs8oBxF<yloyXIb<f
zaA)|9?(vuR+xVClDp)W<@naV_oM{}p-MZ+sF;)e}er{6CHLFHsK%ExXE<YJ-Z&~=f
zCUorDI_t8c`wpmi_vo9-tBTk3*iz%+>vpMLUyFOjxmtQoYFYBonAwlVr!4g8=y^J1
z`jlQaR*TZNwD7cTTj%l7y2H1$vPwy<Xj|jq<nB*W8cltf`TX6PEw`%-_ncKAM#=Ix
zr90U(U{pox3a9p-9HrM3pESL&TeqiuH^+4^W32li?2B<+SbBGBW?5L{zT3K&^Y5D(
z<~t|)_Z}5{4_l@*IoR-4?GaU<xzs%J`l$aR>Xqnz(|do~<}vS6<t~$Ijl92a{QKK>
zeJ;o^onAOw?AsGMEcI={4!-lWhjw_oS_d?1s*(0Ta~K%Z&gNij!;Ay_Yj%6aBz)|D
zyk0Z85?9Y&_*nIF?;{>J$97+;f85ot^tv7=d>#)vS893uOL1G+)^j`VUv9RvK(i;-
z&THd?tpgI;G%*u9mJ7YdUA~oA($?ojS)aKDo7f+|aN2CvuF;RT=*y-&i9FS^p{8ij
z;_1yA&Y;}Je4TW6>AR=C<1b6g-#LeG$f$je>TzV5z1O0G)?Fj$3dhWrC$JOW`Iox+
zXr_J7l7}p2xKAjOX@6*dm6_Ev_mHxi{2iOr>)FLt_cq4rcl~Ye%EE$^E3%3fDY<5p
z`_QJICAZ!zwRnyH>a(eo-OOe~Gt(-jOl{IBE#=mH$0Ixb(6RUL24Ck&_|1&_l6B30
zV#3Ti_fzY?pRnq9`q<L`0d=N+Idtjx^#NxawOC_0!tYFz^xHAVLh0#dZxRYShdtXJ
za6dDlu+_U6PAkIAUhkXSqh$&AQ;DzUtvIu94E^y$jV8{WU7tPbP}lEsjOEhHmZ5{2
zb|19o#KpdQrUXrjeKEm9+J17BW|Gxpt-0^yV>h0j&2T8)VBzO&PRCo{-Z-&aqr?Yy
zyjxAH;n}O#ZcF=#Eo+oYa<`v2!n|k^>q%CHc5jM&kT%S!xQ&-E)UL^}f`xY5ml|#{
z!n|1ViFH%GYK)Q}k2~^gmabH}WY3A40vj9b8b>k1tKZ-F`^n$@x*Xl|N$K?NX;ugm
zpZ2iTg4SBcp4M%A&Lnb^za-C0dt9aX*oQ9z{aZI#9o;u$Y30nvn%~|&d9bkhmii^O
z_j{v+jC;6l&icq{{c4VTwX=1=*4vdfq_uf+vVN<2ep9$UMYkvS?S9aw0e8paT+y#y
zDa&TGJ>oaARK&&S^Cn(W$FA_4#L{U+@7W)57_SMd)2Xia{nM>x+P+e{)!){+_WlpW
zQ%_wUJbA{GZtu5`t+>&D^xnOT{SGw`dsgeW-&bDf7WB01lwPlvI+v|%ojlq+f-dQ|
zK5l+|DZ5QY=NGqfZKthrt0`4FVMx#TW&OL)m=wG*(s`ES&?8F0mlam5E*CxWY9GJ1
zeh1@b?<>$O^JWL<imeL-EObk(b)>_Dg>{RVr`j18m3^F$DQFb0bHdizBZ3Cq5Z}aJ
zJhr{n=1A*eh2Ec=yYj-iPWS6ynU+;-mU7Ph>DS(&59`IJL`<<O_3(?+m<H8Kw6dLR
zSaHs7_~%ZJSsNYdrY>sP-=^SkKU=$*%N|6v$+)9GKJDVdJDof$JoRt1d~C`WtD3@;
znL9=o)w=l=aGNjeqAE-t+H#>?zyM}f@zv~nDz*I$537P#IzK(W^YyUd##`}RWsT>h
z*B1Bo?0IPQo34M-#@{OyNPJ;7Y{JJ;%@3c;G`Hx$UYC^Qrptr-hq~;s|1EWJLYe)a
zQPJc!=XcDl(SOofao(kZ)AuI!dcNZLoBAilY<s3p4cxq5Uo~UQtTChK535|G&DV;>
zI#lb$UyU3bv!#9KthVKcPU~|aN^||vr-xJD_8j!2ZiPx`E41uAs-D$wrMaI~v)GWp
z`ooop8k<%Hnt!^M6p`sV+1yxnYx`D{mh=h@?6$Sv3ac&3tc{(+e%p1iM$gUKHSYAX
zhm*>ewGSB3y>ooG=JOsu3qR+#eNgb8UQJ7U{jz9I)h$zpS}bWlG3g|~@}#k7nb7pF
z)l=s9*eAKK>Gid7`%+$;lhW5``n}ceZhEW#w*Kdm?b@oJm=Z^8cc>cErf&R8rsn1g
zm;2q{;l6xPp)u?H#R-m%TCe%X>J9JP&~D?p-UBXt(Jcv>mHFu59UBiF?`HcUKFO}u
zXu4Yv|L$qi)#ok@S&@AIkGSWz1NU1Lc38i$LEWk8V`e?l1e#m@)`DC6(r$~r=V?|b
z?Kd&L=DOv4xunBWnplQjKUpVk^Vg+wpC;`r&V5=mXLO+r3y<lyydJnxzj8xH)5oFw
zwT!Dl<%aL<xO#zgQ@Km8jR*U5d+L8-OM?}ibnjvt+OJHA4_HyLe~qPI*DZaqb<Em}
zGtWM1%e*<^zo})Nc1<cT333@S^4aCSJ9i8@9oFV;hd~8><cjk2q|vo9v*Zdz3i>Ao
zA1L#pUBR@Ti2+ZahQBYn+NL*cTc*gd;R{c7rHd^Y>aCf4e|u#2)t+2ht=4xJj_p>!
zwpIUz%jW%IpW1X@nCl;>`nH$Hw=X=PcfVZ&<LbX`Qrfo6_V!!jygE&JzOVQGd(U58
zKHT77g#;(ok!LS|D0ye**r7v*(&4Qibbo%Y@$H>M?A=e*4qS4^qn-K0Vg=&*)wEE~
znpO5}wLNIJxmQHXI<6h2G^^q|x^nju_gjt%vz*_sn%DdTan-FCb#LzEfA-DkrS%s$
z7=;DP%UXO~c|Sf=uwK2>GAknKy!j-H<RWY0hmP3X)c5A<vmMvy&uMCA6+OIorRUN^
z`X(tgx0Yz<qYu8ycXoAmt+R9g0BZI1Nw0U*IkF{f{^8P1Qp<YR^uDim7`);1$@fF5
zO!D&>X0CO1oVanLhf9K6-7;mY_gx4-bvx#1!?gWAN4kH>oVVdwwWa$b({J9}c;R+I
z`)Us=Z(mj2dSldu%Wfq%i3^vFcRu+lD8V~*RK4IYZ`Z%R^UnX#*^KCg(>j(I*0r#G
z`Pn{WG;y=0#wNrEMGnrIxTnNoi#sJN45_x}dDq!jJN;%}G<v|!k<$lNpIyA0Z%XO9
zL%nMGcno~&7aF&5h0FBxO<gb4VxGV847%~I(CRC-*4Mpo?s+St&7k+=B44^R2;@Sq
z7jf>XEH|Hbf0=E$gRYOu&qOFJ-kzH5M%k8{czR#c1?|fCZMQs|FuG+si*X6JCfI5$
zy_?uhjwssHF5awAVJkOVv&d0FmnrL;VN0!tUMso!*s|q`>eDg3R~bJqVb=BdqOqQJ
zvu^5@Zk1aP8dZ32@Z_XI_bQ&UvvS_{wDk)vx=-n5wl8&4nno3_Zrg3tnkOqSpZ9y$
zYVo1yjI5T;iffL|U3JH$nv>Gb@048ds_U|er#H{8>(FRH^U;*@=*zpzzDXJ8k+zRV
z_J}=xT0efZd&R<orhlbv4$bnOz57!4CSFzgHE7+YKxXkSOKU7X<~%dez1fwHP48B-
z7<r@8-KQ&hyIu(x>0hbUTifNIX0P^nuZuHou~<2&dcQg@W9Jy}oo`z7(n9|FZ%sd0
zO>ehlQLDSle6<%G1}6oSVWZzyK67B{sI|T9=nj{~TfNf4e?M|;cg-RfZf;ppeQWCB
zD97USR_w8C;dj$Djp-P6yP3`SW>@u>%wvn$GjE@mx#=3TSrI%!aX)G_^D7%_HezG<
zhl^Te&bXV>WU%MXOOey#pT#>SP8&O+&|yt#9sZg8GC|{3*LckPz!NL(z*R5f%LnWH
zDqOEPLOmnwFV?2eq$7vBJ<_ZSdTG73zFF{r#QsNPJwF6gZyZD4a+p5-Kvcc>Rm)nr
zO*`1|`st~uY?T9}@5#%~q^0Rbd*29@2HUr5eZ+EXNb5IAE@wBFoDk|>VD!7;?ql`y
zm$ixs>*8?hjo-@4<9{0%wIE>Y0IsX;-O9^<oB1ws`14+7^SX~eu*9p@mq`_al_a;B
zoBQbKBRkG#9bfO%F~jolsX;ewZ<oAUs`G-gi<%Z4w!Tz_Qiq;wE8_g%c&vY~hDl#O
zS@-``&uiGTS@l~=<9Da@-!gSnufhdFX1;21piN17fbEG6@#Q;49By5Df^fc3R{0St
zyH>qypHgCj#q#}*BTtW8>y%pW%bO+%ak{oydw2D3)~3(&+C?Uxp5UH!;7Q*d0cvR5
z;>Qd0f79X1#+~VrXU>*vIOBjtQpsr-$90;nZW><6#&-O;VQ*6=J$`*>pV;$w*^U-5
zJu8Kz9h}B`9=+c%DaxwK@a+%yZ7Yg>ePZ)RyPh{T)&HY;qoJ{5n%DMc&s=}BG{b3C
zl^)&?=;i4j!m1ZL_QBfftbVV>-1c)%9<JK1UD7@}qk_+Zz8fc`Htu+5Z0v}-^9;wW
z+TFHVbEaYcN>!}=K875vTR4%Q8y(c3Pw=EvL&o46qp!HzUuoo@Fm}c0>(3T<@)bKy
z>{@Yl&DZMmV~fuuXUzR=(Y@paRridUcavt8?6Y!yR<7K-c?%x3*s&{gO}Jcke)AQb
z-o`xa?6<+PmV<41OMdREffYww^P70Q`Ru7Je2%*oZ<A*8XnImtD!k1krxWh8Z**+F
z#e7nGoAYNrJkU8e{N28;$MxyT!i-(@c6Dj7a>4S;C-ysjb{c=$ab~lo?d>MqKNzCF
z<9g&&IN#!l`Pl~_eG8^&w^uoqa@6?f0=@rA^Z9$G?K5}Qlsw5hSFcgAW@6C3Ioc#k
zyL#S{4PN!NT2<2F?((;#UA}H?5E!zl@P{)GYudVRZT&RLLAPjFhB#z!nrm#^aRJAN
zkGs5hlp511;`fJ4<)jMLg3DdMACNI;TG8eyR;f1+$Q7?!9Cv>I=~CeAb6&#?Gb67C
zF0F0hv*PeJcT1zw<67+O@<&V6Pl}t-qniKClrIAg4k>-Jgmt*+zVtv+V%G+fFaD8S
zDt6-S3SYE?F72(eVA)phjET3WUt_b<<J}rYOl`6Bz(tR?igt?Ql-?R=u56X$GR?|Y
zd$qMg%&D?_7N}+KzjAiYc=pn{#h75ONlSM8x@{Se$(`*hG#FISrr;Ubta|_1?`AkA
zZui>qaM~jNcuzOF)84lg((VpUWZd`BOCDD}Wj=ZG#Z3_v#q!l!Z`e>^(AzVIwm7bt
zz3EHX*moUYrkAKadffSYecP-Mn)ZsWvO>2>>v(&fFu_hkrHq{8Qf079z37u3gCf7y
zZM8gpO)swCR<8;N+iP!fh5BnoT)w%YmB+)B#qVElI@PkR^^`A`6C&qGE#3Eg@Q9kT
zJhQibo2wxsYo?SQS*YIQcWIR}Zwl7uDw((0>z}w}P3yFaR-2lyIe0DX+QE_@A9ne6
zbcubxVz_%)M8cD0(<*%J*x*f1mzryOEO_){NdwK-CydX4Yul^!{g}DzT4vcdnkG_|
zUDuPYHeIjNr(XI$DeAxWZOW}yRh_!IMju-lGNkmLKiX$K3F_cfqvF{T0W;FWc-PL=
zU0+717v0V^<Nc<1wR9+=oE)|^>$mqiieGwMyGgAkb1KE`J63an@9xsYp1NNzxu{&D
zC-ihR%-cq-R;o=(QjxvB=ccy3@*>V6=^6L1YjMlvS-mbiEZx0|Z$p<YiB%u?>W&w-
zj;+-4dXz)qzH8fGZ~VUGr_%jWMl?@L>Kr+B(||_Ds@%K1<;L2L4T6S0igpysNTV+X
zpG<UZ+G?fUkaeSm+4n7YG^)$487&f8jE;5Bcr(%0EWAkxCi29gShnJ>c{BD$ylt_;
z<${&E!2N;8N+*lDLn1n+-5$(DH{2b1cj5R|<(3b)T6xLujk<0B^l{mu;9K5w>*`h3
zzRwghoT3)~Hd<eC$iQkw-<2ARndQDx-cKtnyV<GSpm&R79$D3^-r#~^{VjcB#hbO8
zmTBF1&+>9#nhxI-9do2d$F^Dh_V%fG)sV6vUAC#<&6KV-qQuL{O6DtiJm^xjZnu+#
zo4RYY?<~E$KJ2$_ZO2G`$SB+2cE`79`|L&e9sM$5x323oC72$Y(mbx{b#{Ar$rlav
ztr?r4K~`&DZL}NS#_oLCJB5~bohZ=uNrh8pi)zh%Gr4>no99)ko|_)Wp6yip`D!Ph
zRQo%HrtfB-PuNy_ee|HA)PxG>H}bJno0a}3cD&+W`|K!5d-lACW`VD*Zh_}hrEt{~
z%NEYs^QdT#*%Lp+Y5E*sV{3OkubyvMqxgVI17c>3$k<qM!qXv*Z!cxL9Xwp8Oxf0@
zBkb(P{=waJX^`4sBs=YE|MQ0;weJfLI(032Q))&3grONpAEL{beRk|d(U`71E8Pmc
zGt$Am_Jdd5M*2w}8~um0U09}~!;s_F3mf;Z?_xdaL?s7tqPOFR(vH)^o|IWN>r~aM
zbaKbHyBm&}YajKv(3!)wlUg~|<c}G)6tjNbu}sea<+rcj|HZM>0soKZGU8{(X3eqs
z?dkc+t`!2tl*xRv``Yd+=h_Z-O}RaIfBJUq_|F3_@AgX<M=t6bw1ZjUHAi!V*H7$O
zxX!}T&-={iIeEhvZffGTwpY>%%@}j|NX(0U)T}Xm8ZPO7GRE`k{sgt<bBl;3(>HJ0
z-Ee3`Lc?m2r84GxT5)(-dCRJwp0?<>{>a?mbf?hyl)2mWu8UoD6_aZCy*TXM-t}dJ
z!wC}-O2@sKQ2y)QCL{L_$~xEi-~h)dF(Xz+#q28)B%7~KUr2jyE_<rIU3j%B!{=VT
zZP-0&VfAH)1Jf^5-<#PWXh-sZ-Q|;$x;kIJVBV~G*50uJlWo?;be-!ocE$PqjdZaV
zOMJE-{xo=eo0>s`K94+psr)C)t797}t)@ux1A>_gUgDNTFJ?^;-7nA7Iv7UWeBPwJ
zI>o8T-u88hZLYNScKuHuYTTOSG49aEcUiyl?azIFG5G1+xvT3G^R~WdTTZTXwRhBm
z<e~EoJ}JVvE|p@6u4`UE<Mn9E{Ef34zboh0X2#)6+f}QZiO~_Wce<Vr?_^Oye}4Yi
zB3I70tXg92lmTUW*IKB?Rw#SCQN<VaX0<y|Hhk*PZO<&%#&0gExonr|*DRpU!}4pM
zUf|slYq$@2TX}Ysh1V)<D!^=5d93WysFo9wJH>agYF_xl!t^?UQ$}{~5ng+y?W`7K
z{R$s@xIf)GrS-G5p|5(x1t(PhaN%A$YdLWC)}wO8C&ODE(~Ww!y4>%LA6%kJmcF14
zTVOMIN<ptzVzY_O*VHaOw8GA~6FxQXEh@As*|m+mxn0KVmFD+nbvkU*zu((OHHz^a
z*Ec=3dC#0Zh0?2@^(fnMQLn4Q5p&zjb7kAxcd!p>we05a;dWWW`Yg8opsdeoC$(|&
zN?GMLDp5Wbvh3opCoOwex2YJ_K11%gUEEds%<99BCWW{i%rHA(QLjfi@5<%x?-*w`
zX8hD)>(VQ)7<SycrE%uHnwM5*s-D($<C{M#a%^RbQSX+{Ya<TWeZ+tJyZaN{m8)N(
zzeoFOdt={L?h_p-IG58+9Z;wNw|6)=-U|yQYKz@@eoR%%^w?8_e(x0S#5XHOkN1#D
zPgxw2m@u&SB;)6LGp~J3h^qIjRF`Fq?H%{XMVTYZ%3LkHqib#7ovjY8e%Gw)lO2T~
zEEw*wccbgWor@z}8@yQOFuB{u$i%fznip?gw1roN{Tahl`HivB`4!PkSN9q=a-_@K
zTE&{pdGGezqUP{7#WRjjx1BG{s}c3JvDT(wIkxcm?KfZ689b<k%kqIuwsw1Io;v36
zsP&nT+brqd>1pG-L1Kb)nsdQU&-T|l*U()%b=2xXiC5BXVlOz|z7bRC{p;EXub#Ku
z9Q{n5P<P$Mc@fbi?vB3_S!8=dx7mBo%y?R$TYHy8^S#ysih1nbC3Igo-+TC$<Ca}3
zawV=jpKIgQxb}rtCpwjy7;)a?&F8H?kzI{LtGK(~uQu_wa^1^Sj%&HKdAY-5wJU0l
zYkunE?w&0dZ0US{_2tUj-E?W)`Zq1pzEy`y=ZEaltIifrQnxH;J1w&eY~;Lqa|ixy
zsav|_KFbzWap-<^YTc|#t<sj-A1?lOW`#_nr0#0GI%%?vwonHps!HYVFY3;%YuUBt
z0VTCVP~CE^Yow>QY%_4?X2;gLH8+#?Kd%v%&^OYpRGVJb9uGqvAMCx#!l7)4TeTUU
zpUj(A=sb4;B{BBv>Ze`av)aG6>*TmwU7PmWUaIJ=(-HHR9CeMGVR`rD=J_*+yB{xg
z`t{7U2L|Z-Z5weYCf?)s6Ad2O4KP3D`SRWkuhjcBTCLXgabA<&{>nCI)$V$!S(Az|
zWqOu5mH44$bF0|7j^0a?7oV&c_Bds1(&RNqzjS^y=vrlCp8|asCnT(XySH+krS)&z
zk2o@@=Wer85ywu<`(o@Px*vJnWWl7z1qR-nzIWHSv&GIA@a@#b3*Qs0IaRi?XzEwL
zb&)M8C2h8MWTL_%>iGyKdOb^z{P?M9RsUW^&71X{KK5}&ZSN&Fx{lh=yykiHCU?fK
zE=sra`KViRr&3vmy7B7*<hHAZw(MoL?$OnLB~OI-x%52sd+YQiCk`!jufC{l(8c<<
z4t4E(_Ddn^?8JvpEJR1WT}|EM{jAf_*|pcaNWbCO(|pS&yYRv<%XM&B(yesxjKZ5I
zS3j-pTQJsga8mVt>o4C)-TvxRj~Ue}u5s%5evR9a#9=3krM}wG*stvW0W3h%zZulg
zz*hGf;_#icY&Fe5{SaupFZN_WRkx=BE)u~DvB~hxsLc8SH17m!MThjBXe)(>?09*}
z7Quh7)9`bu<-l(;Tk+u^{gYqmH7##y)=2y37sON>)5KtF!fGeE&}9ImQ~&aMLm9uL
zl8+?h&_&^PLSt((5IkA<Y+MtVGP+kf#>^ze*`$=AhAj))8fYLf1@$J3NJ%ARUq6)s
z+DJzDm<~}+OA?`wR+GU;%K-7%s3)WA15s@mi}+RfyHRw^GC~LBP~!>L%k<F~qR`Mp
zu{I!dr%s6SJz2%Cmh^&E#SZM#CvKtod7x}B)o=C@4*wVCT3l+|i0TTfV679xbYvKe
z{l7q)IJ%#peh!nONyx!9ua*o}`1_G%QO((U#(DXO(1dEHUoFsda9HW}fq$+X;z``h
zP8}y@7WqvZi@ac&<`Xi8<|lNwKkc)0RQ6B##@(NpULs-SO=^y{yvDDb?v!D@sjboo
za!Z^FH7ZWPJHx38uujVDl2f3O>^^9)s$C(;e*FsI7C%;cy!MLw)j!lcw+=&A?#zgS
zV<eM~P;sG8vD4*29`#SYxL6ii#uBBD7EL5$$ffo-5bD#kg5%IZPskTy)-(FzlJYI2
zq$UxXz&y}1OVvf5)=inrex-QdKhsH4w#{|I$DDNo009ac+^qnLt_-nhYCPWOSOj!)
zQN(BQE;A}h>@0^-0KNmU-gqeATQqh3AWnrR`!GoOzKSa5tdVfzn73XIXNJd-B*_Ch
z^;m#KgWn!!N#@2aJoxx|oHT=}f}=JrD=LvAqFJB5yw4&oaJNllKQSQ;k>&%+D=LZv
zS;niz5j<jQYY|nY`*fEJ=VpzUyYD;ezj4sXRGRVV<+}b49MF(4>fn#`XsJl%XnIs?
zx&e@JjGG!bJrPbcTnu#P$;Mu5f$USC{8G{B3+N`DtP6;lO?0o4r*)|=i=`~++jSNr
zUEtbAWUAE8soPQ$ES2oSR`*gg8dDuR0;f`oGmA^-PxgDL_?bwcL1BK>fg-~HXfzJc
zBS}ZX?1iIX^_#$rmB_gpI=M_Z23K*#l3WT1hUNr*RNzy>5*X<Iz&V=c{UVz1v%m4=
zMUq@;84M_d6mxj1sh)=Mwa_dk+RFzIHb<8xizhTAFEh%-{NXb>8T{|CBJcOhY-@8j
z$6j)6mwZ4wIn00!aBHxgOhCVysrGuC?=yK$3ugE!&xWZLLTUgAX+|VQ5_4)Qfn3#_
z#|;O}fllfGFv_LhSg{;^4%>}9sA()=s>N7mR4L>@m#BV$?vf@iD`p{TjV11FU5lg?
zN5+rf*k|LLacEW=G`vHMR1x-2Uy@3huWI353Dz#M%ock0q*OIEnd&irSA{EXwf*G>
z%@ACjIL3I67)dV9L=>0CUAxEI=6lu5S2O$V5UbKKUQhP#jf4<SWK|x-!XwU*9c|RT
zW+*@EkQL|VUh50o>aKIHUX+Ex1YMxQ94B{k!MjG1(BMZgKPoi;hru7IMqycKu}H>f
z8SBIrN&oIJj%9G2eff>K@Zn&mzahTc52!OIb2iXg$>7S_$U<AxtxfKrQ*U8TIMe6b
z{Vo?`Za2-cTIO|15fub$C_^D%Gp44AGRK9ydB(v8511IA2T|(W86rvWu+02cof@UU
zQ3(zXLN9;oP7z-o1Ukv{x!D%}3xe|GcMwO;S3A?)hizEvN|_+{l}_OV9#{IPrVL-K
z5iHPXK*V1Y&8)3L0*>(I6x!i2YplujJTA!e0Zr*`g=>{ddboxvJUotA8Hut-N9mkG
z6+~;B<};zd%6|BHZ5+y=rT+>@9)eOgvnp@6WE0=nk@6X;0Dm~(C(>VMLswKR5y@SN
zgi9|K7kotQ1Pob-6A`9fexTWo7?n^~t=Yp<AjmG-+7-P6#4p>42*ZfV2n$9dOFdj~
zpc%k=>EDTw_#V*c%Dl#!h0-D}Apj%%95N0t+7?-eX=?Cp8s6r)5<XA!<0N$22HJ7%
z5939{d||hh>F$DcN(kQhh7-iwFbD84n~w-WF?VVaJ^~thmklb8r~TG$i3S3HG1Cg=
zl8=0Z7ivh%p}cIq-1%_xX8IU1`3x`k17h2Cl6&|QmcoMW_+i@d5b0;`ylIW~Qou*7
zoU$biT>y|HAoXgx1tN_f<tj3Xb7^*?i%W5x_XeMWpP39#eDB<c4bH|Gw@uWtK^PO>
z)|ij5@2jvi_Qo5pw=cn*@M5-?WWm3PKlcO_(w@aq1W#M)^Il#6uJCHg+v-9iQ~-Qa
zLCGdu!j5BBaiz6E54Tbdv$vA@%D%NJa-R>6#eB@Ykvy7m?;Go(QkYX7jjyKD_@!QU
zVDAE|G<fk9U@7{pR6?Rui|2KU!m%9^q~qQpymh3rT;-k=_nDFfZ@dVkXf%iG84w|9
zD$6~Mf<E<(gBdnRX(J?=^h4tXcB0n0gH7<d6aUe9JW2b_@h)uB$=CgFaVwchbL$kL
zM^328w@G$={I3^oUv872L0|f0O4X9*$P33LkRGVK&(=OnFfRoE|DbUO5_C-`OsufZ
zkxfIFdTYp&fn1uY>P>XiTUO#g&NMr`46C(AR6e%`bHKeUrxE<=DEJ+1rK@~gL&eaN
z!2=RbK7?TDqzOy0T*`3#BDD5g$#0kgXc7sFZ~Q@7MG*P3C!?M~Ett*7A?Uwd>kA#z
zqYF?Hvj3ayP&O(K<YgJ(Y#R2vL7kINTP|QcO@V`jrQk2%W(HdTdPOp|7d=;_(N7<D
zSZyy{lZJO8i%53<T&4PPmI5FA9&-|TJu`bl>+T{#x?J*^CyLO>W+`-cGs<3i4-4kx
zs<x4nW)80xlepO_h4?d`ZGERz<OR7|xThSrmNimER?^fhfKd2!+rT}!o)5St&7|>X
zFu8zp(>+sftZwioaAO)uFslM}E>ac79=y}6kw)AZLt-TCE9xb1?A{=zUkKrC3iqfk
z85}r2J8<xf>hF``{-Pw}vn6b_UHd1rmFm`WT>j;?hp%I_#kD%4bimS3zipaoED~af
zLnwly3hjDc;?c&6ZVg~MMTyu`N5bVas56*bcjO7{jqmcn#>7-9Tj;VdbQT~i09Ih3
zaTCg}fE*H`-U61sSn^TlDLHaYkZfv3G+?tZ3>KkI)EbJEM<Rp>EqWOaEGz|z_ytJ;
zIrTm?*+g~cvtYdbk;F~U1u2>VH^?C__)&pHPaH$HSx0A)?T8GK=jK(|l!Y*J&aCv-
zhe&sAm2G<k>qV?1%;mnVnq}PyI~^&!Y8YSi=ZQoV!asv_15>3c7c)Hs15WcR^$Bc>
zf`|3eyg@hxn^$YZHnTF!9b9+1fa<?42q5dqeW0E781Ca##EOFDY`+^pG~y3C*d=<Q
zOR&fL42IRqwZP#i)3ztIULz}6i%H}g4no7CZB%0K+$ho*DZ$LgZG#(kTKd9I)(3sX
z<AWs@Y`V5BGY6P9AMnnxy&&z7-@J|F%ry44tO*4Bf#tLy^t;+49N+ybzGP4jI_%*J
z#}Uz=0e=ArNS@H`#V^vg6Y!cnSA#+IKYbalaJGusq5s{yW?k%-?pS}g7|n0Z=zh*v
zxnk}~bBZO>{*^Qw$sp0{CEf;nOT<xuUTac^F&TM=ib&*-^r`zBE<!CYt*i=Yb=~b8
zvN0O`S`4od+R?!mn@SriTy}=(agWO{@td5(s}9_rz@@Wc#2w!{u9*D#qfTG&Mg#HT
zQTpCFKvE@!*USl-5@>9Udw7z#NQPx2{`_+QSZ?G1>+S9}u{gT8N09c~hZLfVCzM>G
zgrK1%!qZe^FI6(GQrj}<^TOvIPMcJ5f>*3bXVWRXq2}%Ll{z(eK!FP+CPIOkO>I$>
zZ4@-CL2vJb^Pp~7s5n~b(tDrNU5gP1*bM<$pp6bAe+k<50#<d{q27QwO*KlNt)QN7
z7w-Z{SP_1-AuatMaKqZ;;FKw4`u)KJ-7$R|789cDtkv^gX}_4fi#+};OD0?(9DXOe
zIkDy_?2VspybnuR4ZvO)AhD-G?suM{(6Gxp>)97QhnYH#4X-(VPYD;KuxRpgQ1%Wf
zQp0xRM^;^-i=thtMMjTJeS)Ip^PLUzE~PoB6s>ad!hx@S0Wh0qXtHi1X<&@+OF(9o
z8aT1igh^SxWBXB<T}Y{Ouz>)+wNZWkw(2u!Iv-c@(S9aame*!eOGhZxXMGeTbfola
zvtCWT&?0Xwea|S|JD^+2X$}zpMkJ(M8WVhqbhJX<!ysa2%-m?7=v-2VHjqWQB#!m(
z>VMY0p;_(|EsM<P5J*iH%CS83$!_9sTkD_<4Lh4sf_zj_QYq|maE1a5a$<QB<Wg8I
z{z_3o>Lug?E)pr_qbP9&cWnxLxkj|U>fvezyJiXG)60qhDZAIQEdDwIrAoB9Jfdz6
z#XH4(TWAU-QH?6GW=JYdISnq{Rp$e8nFEmjm-R}-;NRO>HOb{W1yn@lD}?)ug=oat
zyj5j1)Bu#-vpGjGchKbsJ~#sR;bXwR&VsOz`WDls!=o_A`*hzt4?Y+a+STL~bjT=P
z%Y<qdJ0$O7AZ4-fLfd76hv5;jY*}l*Ch=1H9F^EPy`R>MdTl*zi^2nJFq}t2sJ(f)
zR5Dfxq~-2GN7J?-YL)K>K*Pgrps-pXASLp=>>kCD4RJ@k#VUb$YDY7AKo<Dg3-64A
z!#avC=Rt(A7xUaJd=clRH%99EYK{jL{l{4$L+UfU7<OXZpxO-qu~{r5_06R{_X!1x
zmkOE`e0*xuvJ_gitzPjxbQ_*CDf!;N;1-^lvTRi3KAy>3sY>eQth}JK6GEtAaWI2=
zo3l7`?aTlm<UQ3uWP%hxZ$7uwWkO91Anecsj>#J**q-I)|IS>hvDXE)%lI~_#~8ag
z=o#f0KZiryeGZu3EhTEBh}*yt5;l`@X{6p+sYgqO5Hz**BZeE@czMSaXD4<rqNQ~u
zFyY>O#a}IH>*y6o%F=xa;HtO`2O(Bgj>EPUv`IEsXCI8HwXlYJ{Xlly{I-#iT(;^I
zVM}p4jbMukCalXGW8f$Wh?X^+a0qeDKJ}WEn~-&--Z!f4iq*1+Q`@q8%O%OX=lPJ~
zy+SH6*oNZWiw1$wFmDfAfKC_x`OA$q8u<=nBs3Acc3>c?AKpY`oke_n)*KdPYByWd
z*zRq-^NzBRhf|u#3p@hDvtA%*d8h}C<hi^`*`QA!*XUO!-CYEsHMv`4f(<MYD$6wr
z&R&KgCZ;)>GA@1V)SxN-=+3<iJeye|=IMxozm!Bjvw_F`LDQ*L4X*yAO1pv_Ll_|e
z4nuo5)q=wBzwJtNUuy#Tu8f4$TIsN|hsytvaD<eoIHwI=LyRa2NI%6jL_2;H9_fZ{
z8lkEuh;Z?W^CmIYQT7e<>U{oEBkC<Ie;7HNcUz2f*4zca+K2|NwWhXFs_XOU#~a3)
zizX$1WPOxr77N|!^)$&?)WM<6k<UC=Y~RAuk1+{BG1?ZnrDvJSt)P)gCOv9Y4-mWh
zBJnQiaKvln?<%#ph!Ty%R$2QXKlkeKtMqVnj7WmPi&1DtR3HY`XQoqfdz{08rHbJA
z;)@1?Q_gWka<caN3l$;((KOk<Q#%;#08eB^@Su4j>cW*}7qb|k8xy7MPN;5roOBOr
z&`^6L=(%4|Sj}un-&`JH4^fXWa6)#JRn-z%e#VtEY3rJJ48co#u2?hH13pwZ{8U5a
z&>Lm^kX~=)aO`Fq*aIg6WDRq;N3N-h7u~fqc*<F1I=WP+zjsaidGWe2Ga*mO?jA))
zTH1O~{)-<oRG@>hMa)rzl4U;bkLWF-z-%a?VYXMKFm8!-!ocR5Vo$AV>(T6;!upA}
zl~W|z$fa6}@5KVjN45oVb}d35NC(mxDG*-74g$)#Jm%yYWb;b#3M1+QY;*$kzM`Sf
z36jY>h*<c(JXL4t-=lOsqYG;rEEMST3qzC?2(7q9w<^2xAHoPiF`&^FQF#`p-ZOG@
zl2@eQKiG~kXx7a$qS+wzUiGM_>BYCHo12q?)GhywDgZd>^om8AT%Kd3r3T#3($`1j
zY9>8dL5Bfp75g{VNs_8Z(Z+`eAk|%#Nt*@W=*Z;XPD}3l0_Cda9co5ep%8J(l#J-k
z3IRf`ZQONFYLr`aZ`LH=ZBfV3St9`ojcs>kqbFT+nca)H9NqrNZk2je5uB)0%+jJV
z(syi@Smj8ykT+d~DDoO|{>VKT>6Awum`*kJfY4f^>uhd8%k7cq-fVkyu#qB4*yS=?
zDbG(nImW|B{1ADu;D{<*AK8QUTgn`g=;!yYc_2fFi@V7G!A(_6j#5Fuv8QS*8s!m&
zMI#mmNPuz6!qVbLkEy6y@(9sR=}UW`-a?nAlQ3fxiE0V(>FD|-ALw#lO&U8Tmnvkd
z$pGNGv{WpD;1lM>K>Q4)$>}xLkg)%W&|s^+XFa;zorp&i{lO`!0FCW)fQ^<xZjA<_
z`awarpRVzGiSb;fK7POFBQHs8_I0=lxPjz($XV>eun1<!J}RQ48jop)3sf9*&*fam
zC;K6Fp+m6N-~!HL4tJkZjiG6h3F(lVXdB(oFr}*ell=_MOydF`Mq>@iuu<)N4=L|O
z)W++c2<%{08UA7A5vap1V(ye#r<rY~2U~&B=r_~N#!b)RdG>9WcT>av!la<vgO=}D
zt4j;eC30-f<r6=FQOXo0Z_haO{+a?P@NRhqu*C`$LBLgHzw7K9YS|#q*n%=HF^Tsq
zs*8qUcuOu(DHH)Xn?BM|ZM506Cca|(XMWd9#G?2I`bK0ip;!e?ALF9B)sL`>{UOWF
zaY6aPyx=NY$?)a4p8Dj}*<&&~hx4-5XsXx9JZ<*Bg8%}$LU~Ul(h0?9wqLY?JqSiw
zVsN$slP<XW*!tRZ;hXmjX(4>Vsra~TVt^zSR>ov<OEMc{hhS1il37wiB{7OyJ+qxf
z<g`P{V>6GUs1-DyM{v4FL{U7*5-MO5aeB<K2j;Ea2>(Oi18*+ofn^hJHm_EL{QBax
zZe*w?6eT?3ZONA&iLMk%@73+6M@IZqHGRX$vdkf0#Sue&dY@(9(~JgxM1AB%$5<HK
zt=&sy@ESjw$70X6?baVH!-u|n2Z^A;xYf~Uv-05meWtbOLrc4#ZWgYWf+n)7&e%Lu
z1Nx(+Ovn~UhL%@{@0qBvLjtD=LV>*~9<WYnKwtzsP*s7uKfpHO9X%>i>;Rh39Gm8@
zfJf|k&f!z@?5_1!93)(pRnPfEh+eX|HodmFHPROqx(q$xgA9mR<Y+L&l<1o6e+wQi
z8rvFrwCBi`XuS>MfsL!n4@IpgXy2svn;0(;m2c2wB|v4)M|z;$L-=m3I%;xygr(G^
z{UD5v6#(6kjqUsRiDZ{33}}s`fG#KB*Pg&TT9OL;<@0OgW~La4Cm#jN+vOkJXr_>$
zm|#rM>I=2&ZnmnHg)mr-<0*`g_S7IR5J&r#N!?0#Liz^h!|(V6zX^0-3ikZO>8sGj
zOAHK>Mlhbay_OK*Ls@m+ScrBYOl=V0*F#|XBkXKIyJRqlkQ%sXE|gf~yFTPAuoWD<
zxaUTB3-Pwta>pP5A|`Jji2{eQzD8O=AkjZ{-G2W3ucsdHgLc@C7zWkyt<xQ^5f_F8
z68pn5c!=^MT;td+5540DWLKOKD2*-GKzU5p!%o1Rsb686rjCpcc?m*8Qqem>;iHy^
za5=2JZl;>&pD%*ehc0doeiz@XDo$LBeK2`r?7GFkty~P;oo-wi(!v-yclyNewm)?L
z1@;(NZ0`{%sOQx~dvpxfdTF*)HlJ4B=<1dnPB^$`O;P4L><0dnr+=gI)T4h|*t=c6
zCElf_Tx=+-@}))1w;8d@x1O|CTVnPDQ0}>;F-~BaOpf?g#wfTE;%19$DupQ$4^)=Y
z)euuCZCo^YasT^-+?0&LtW-ZxG%b-Jz*)f6Isq5;8W{f2o>(PVVzhj`TjBfxg|@|s
z(O3d@AWQ5Pi<+lWcc(>`IN@n|3@`A8g&a$r2~Gf(m4*OMh%U{If<jWW9$wh|kGnVk
z0rs0g7f_}--!VdJ=MW3q_XZ=BN0qGrax^=FOtcee!Y0+a`iOUC_?AgwW8!6ROC>Qk
zaa2{TW)-|K>ceV#I0E%3EBpX8PfxaU1_xxZmuLN#ZRZr<nVtwP3<pjm&xiwJ0;16!
zuCSDhT`?$C9>T*X7(zn{wp}h_f?H|KG5c*Ab1(fZ2wxViv1d`O-~zna_LTl55danC
z&{$6>xmfz-a1$}n2&h(m&gUhrhh{{k2wQ>jN~CcNV#4vmk|cOTFI`fVNR+{uDUn}O
zO|UC$$12;*8ZqhBBDiKMh^N(g(2ij!SMwY=^Y98qhhUFT?r}`OV>X}Hsy2aL#D2z2
z+}CaDBF`7pZ9ym?3#Dmg*Y4W}CNuGFxbl$vPh60bsh@gfGb@v#Q!+af83dV8)XL5P
z<^9L(LfTG12yt-rNllHW>{(8yRICM$t26G54s8f)g!8e2X@>dj5|6}~q?KdP*0xp<
zVUa^^fm16WU6Qy?#^f~ipilB84R_H=`B)dTsQD%jbn&lGNe{mRZ9bJ0Ly%XFn3$&6
zo)?W+>bhsbloU}0#iT;YZY;P@baa~GmWk!1HzlPd+$52NhCyX<D;~WKqG?J;N~u&y
zP5x_OCjFx(aGQtui5#f*IJA)=Wq<b14kD{GW-vS(ZmGA3`fN$B1^Kx^)Ea*huTC^^
z#)2<MK||t6`hq_nlzOl1hk&g-7`h1}76JRMNrQ?9?^^mM@8%@buVTmHFVI(^n*?{d
z7~|M~Q~+yd!Mj{J{0wC@y4!qm`<Cmy6d$wg_XX6^=`i~$%^0B66Yp@*={$ad9a=1n
zaeZf^i#DhYhG$$fNMn@@>bu}X2ZJ<T{5)oOp~GqW6W@JP&|(58J`{QdNCc~jhB%;%
zP_iK8n!t)h!jIKy*j<T%Ict#-H=51I(69=6n-kp3mP}bouMzhpfX#wR;V<xHMZVp3
z8ThxNv&$^7ePMlwzT}`%6#|(~w=It<(I7ikH!E4!e0Rm0<bBZV?<fYHJ~TSK0;O?q
zO35#7sWz%lsjJ@zls}E-8*wN&(<}^t!+ht_oY7X6`CQf*f>>5@H1nrqYpt67`E@)K
z5%oI(sF@^qJ6b{4%RV(rC$0fn07f&5UfVK28XLprMfi%W4g!H9wcC@={~+!+wNZ;~
zQ`--={<)0N3UupVbRqG<<sR7m4&31#<Yru;WZ+9Td^#-S|9Hwv$d4=kBW@Bj@_$r2
zV^e~wOm|~A@go&tia@#(=HVht$=`Sl0Z-4XEjbNrAh%(-Zq!xI_p}xYm4eL9C-l&0
zh;b$P9~lICLv&g$`|^j?H=;J?J1lnxiIS?)K}cPkrpWV6YZhb~!bK1L|GOh`99wAL
z(1kg`v0zCJ6eD_w<KUTS{x?$H5PRNokF-u|AT_}X`jx=xZ9$EH`f$&Kb5w1Sm9z#4
z^EWxX7ynQpH+VgINZ@k!m&A{z)6XF$2_4LMApc<r0;_?I>uu0tUU*>FD=Dg@(0H@u
zra_6vG;WAvWQQB7Bi`L14nY5G=9c^x1+|5Vkto3Yeg{;#hOw$@4Y)}s2d+V2HOgGg
z4Z!3Z)VbW)&w9=aaP6le75UEd=_EOO*>Ipwj{}-FB^oosxs%MO&`|O%;^hh{u_f>=
ziu*(jO|mKl;f$RyY35*8XfyP%`v2EhVygHcXh=5D;}R}QRS%lhAXT;Eb-tblC1vro
z8h+$%IO7Um1A=MLV90%|9K;ArstRBV2t`Yhr3UegMK|wD{0l)zujp`OAApZyP!lj>
z1Bb5J#sueZ9p4`#`9#BRKNF2Wk4cj}@M+SM!nbeghIy27uTF~ozV5#5hl4|?EvzC}
zTbu}x5?@lvHHh^BMX`KTOkj>TF0k;Xg<lBudBpzlNkT{*Bmc8$45bG*koU1rr1Od+
zXEWw5zfBg+O}p&-LJYn8moVzRO8|}^cmteGP-oZDT8s=Qp={nAIwFCVrfL61-2#6c
zk$XgV!3f6<QJn*~conRyt^TK0(Hy`2xiw%`RCV=71kxyQT2P||g)4DvmiqP2{%cNr
zw!%#n(t{dPv`mi}QKcHIjdvdlkAf^<icwVyGYYI*QD_*AtPtqb=a@-w-Bqq<tmH@|
zNj!q<Qfn)RjzdL<#h?{e@HjL>a9&R8_#Bw%BS(oL=meac?hueCFVImHkessR08gei
zU3W8*TfE60DO)$SuEv^$YFrrh&$W<SDv?AYZU6ZMsYdZ@lmua+^BEz}KBnkqB$)oz
zbl<yaCZM=q*82K%n1&(EOybPNM{PKQI03i~J~h~pWH-C(QBUN=%$yPG<qV{!dHT~l
z`6-|LBu~2*n3xGmrSv3Py3!>5(|@#N^hcFTP6o{Y3q?eAVD(#mY8I(jpOMt-5{(>a
z%|(4Ij#N#$C9;cI(0AoAes>M89y|En%5AM$^}y<VRrPXmWrvjMKsYv(u5`dQ$!p29
ziYt2H1P(o=xOuhiNUE$3v6`$RAd!h4^KDzQufipb+6z^+H&oS2gDdoH#5Vz}r+2HT
zcdMs&tEYFXr+2HTcdP5WXnLB~tU>Mqk?}Q`ypv$p)1avCE%ANo$Lz3a#n~GPh=!xi
zjlPr%3&(t1iL+i8_}h^=YpIeR2~E(u)dZ~&fLAC})SA+sFySZ;f%%%ah|w!*wNF0%
z9y6w5An+vn-*zBJqGt|?8{~x0f$!wRUK+V5$e^HwA*T|<oiuJi!Wvj$j2wd7+*ZUQ
zjCRMlVQiz7n+cp<Ei)BRa$y)9UuZ9uGLa$m;^}2MVWl|RgT14+`)2lMoc+7lPTMTr
zmHcdtYT1=scI)<=Hw`6=&Q8^cTU|2lb?Z#hnsvO<cSx@gSQICK7u6z87%}`FT5_L+
zs!1*Pl;z%{8uuE3W5@OU@FfOh&UhNuyvXU@onVc5)wLw+Qj%$8Djk}qOAM6i5@;^e
zF6elaTIpRyw>7eED;#oWzY}uYg&&R-k<=?AGg43M{R!~a+hIZ>RKMO~nI!VBiw$8!
z`FgvO^hwfgMk-{|&`0HtF})l_6l*Gc2oZ@C;OW4H7XiVUic8$7hFngo94bmt)a{{y
zgYR-n*p;0F@UsEv3-ynvKo=4hO2_-c;`<3c?J$8wh;02IVhQQwTDD%n!zjePcVPAH
z%01dOp&7&aR$Ow*oH*57>J6kXi@clUU@)*ylnim!l>(`|25VBZI1HB~Ja~YcctAI3
zhA_$7gdrNN=EIfgH{5^~m3VHpO--vUJI%^po8~-D7*uj}ObjGX)`4Z$MOzZ*&-G*H
zGy*`TKlmP<ZVE41>(CKc45Mad%b_p}K$Sb~bcBr}(zZs%`<&5o@YIM9Cn(rK3t>@z
z{eWWJ+&S(;<tlBjz=4p%e;EleN_OVtBZ;d%l1>goG@Vs<-~K!Pv?m@#Vw<4~g#ef?
zx4p8>Rv&x9W9AYLCS3vwDi)e&1?;)y`*ETM*S~8=33V|Sa^I3?5_h2)>-=CEWE(~*
z6ZPJ~<bI$xT=&Tb2G2}$O^Qzsq;=vYRktOFA9M<IWWhLFFBHekQ8Eo(WSchzeAa*f
zZXx2IUD=U5oy@CHo<k?IZ}poqNt!#*yTtFL$tt%yigeR06u&0Tm9=_}G?&zVU$-99
zq-m>#%zIq)57H<U@$>(Vpw$=<3cZKZzx>-YT@zL=E_2y^X;?(Q-&a&XTqYHiv*Iye
z^EusEo`n7*@I|^}d>A|Xyk1K{bUrm~s$F&OQ|vnX>Gi^~Qj({(yC{H3KBZWiS2a*a
zJbL)aEqM2g7@|nKl?vCDdoHj`u3x=XNZHB=b_rP|OVpA(Qbo<d8&3n5mdibpE+(-J
zc<qXDw@YJ*3d-ANaN3N=Sc~xJ*CM;1TalFvlej}D5wi%84dJy9zez;jpGTMN!(>G}
zo8YGF35$gPhT;|i_o;Nx%_THj_6_ZLHK-p@#)@OtKl#_>p8JmCocfRHAB!TjI98kf
zQcQ`*{%E`@)vqC3Ma^iqpC_K0jMRKDAD08i{(VMFYSbiN%JqS<Wwcp4n^`h>D}VH7
z0OG){2zv;$Pc`RwznP`@B2b(iNB-6>kQp91D2AMLjk0@fiV6?_$TDKhiz~<9UW8q7
z$scx@uDQ*^NWFoFkD1W5IS-7in7!C-aA}mz<#crsZmA@VSd+T;V})x!656Q3@#}(j
zLy*_Eo3LB^E}zf;58}zC1Y4TNo+brMFb%7>lO_{rad8J}w$l_Gh$2v*0qtYwv!=PW
z;GY9YL^hodcAu1?M@|KcP1J@nNOGUChGmFOL|i2U--$-1mEn<YQdY4{d6hZZUXPuK
z(Lm-&@RGsU6i>c2lbt~$C%%?C5S7JVXP2v0>xQZ+6{+4tJT}G3sayY<pCYV<)B1;W
zs7XVeGDCoIpeg-Ierm>l{7qF&P5!y`znU}Q;|g+Z$qKi6;bN5otqm~@6b2p8PMej8
zS>8}nGQ=hbvz4pu{Et!~7-NTqQenO!$xdsC4v!M^Ew-A<<3*U*a!dvvK8WK_!P#i*
zw@bAyww9mch_dCU{znKH@6v&=kSI^>3nGha$Ah|uWN&U$R-i1k^foI}$5x_1I>#l`
zR+<Qz1{q}s5|}O~?%kOU?5H8b9lyH95bw!2Lg<3<x;_9NlVizWB3vs|t^9US$Pm7?
z*j|G(?5v@N3)8v<Wyv&|7rh228%8(0J_)*g@H<t?trJh8l}a;Aui%+3Ye%X<B)Zuu
zgqV9d65wv|Ye8M90rMmui)^%g&O9fKlZ%0N6FImXy?7r{Dh|YhxTOotOuz_&<yPoE
z#jdhF)KMYM+=@km45tjj{x==rw)U&xuR%>ANmNkC!0jfa?l;E9(hnsM=%74AT$NC`
zU;kSx9xBm-Pzm7Zm9Gi!^=>y^d4FXvsij5ZYXg&;fJOn1Xw@^=+j5cKUTOrI7A&@#
zbMpW+G+0P*^L`RgLy#pmpcN8oQ$#Pw-Dw7ka}a{~ZZJ<l3H+M2%)$o6X5gF<W2w*(
z5`7B5m|Z8k0LnN0P=}Ol^39NU<i9?upv!8{H@dER04#p+8C<$zSnQ{<6#W#4E`^~W
z)apTw0Mq_Vr~WwL3C#KfZu+1JI)osCNIjh8dWq-U%Pj(K+4eRPSnPR_OH;a#duQF%
zS2y}D)IsW%8nd~?UBb5<H;UTGhrnjUsvUMErakUy<f&Jkfv%<K-eT1u;v)c4tVOOk
zXeHLLwD2v6h+29j_zqZ1i}2ZSt^RDCKnHEkgR;#KSot15QMo_DmqtU6_ON)=rffl0
z&A;(xsvrCB==RAe26eE_M9Dr%=J_+DCe}nPTH&d~7!56X>f`4vdcY$q?a)iIWQmVR
zs&-a=1C34dzFZ8jAZRMm0=pu2uRC&-6_uI+=Mmt*&^TD%INYDfiyzClke{z93&%8V
z%AXAp@7*#oGtD0Yi&^M=?@Ax{yDKwjmG$f2>1ATqVu|JSX<u&<bmA(1p`2&b1zTg|
zou<qif$$q`uE5#!ocC6)O^lZN$CqT-fAe22W$2XqKfuwuG+tCQC`P5iu?QA-J|;s`
z*w=x>7j>SzYWBb_GH9d{A{tOt5`TU9W8t0B#3fYcSRBtb^Si12sQ+LL`Gy%GQe=oO
zg6!y~%DiLjSD?lbZM(3F&@?XH5~1TlQV$iWjaA1AIHw#FcqP5>Rd$yI1dJY@<y&xB
z$iM8Vpe5EMF4QtdK$iX%apB3sD)a$5OmUyW@+^(gYo+*(uhv;M{4p$wPtepL(%{Sd
z9+e`@Lm;K3?BQU@tm)_gH2v_#ll=DH%0#N4AE33k!|1Lf-9bcsl;BE3NwtahKP6^^
z=rAVHZgVn+lXdgZB+KELlCjS^3JTNN=7J?%Uf()!vV*1uG++B<_2@|Ul}M6{syIdR
z0{`htN^j_HCn+9F4$^sC-Gk?A1o6@d@>XE2HnM_7UtQqr+a&rQ0^YCIBBX&cFX`1<
zfCB}{KP34|YoEqZvFYbVfT-99LxQj7^A7qcE92KVS24Q3HQuGoMy$zB9Gj6Se;=E$
zG1XR_mRN6v3JS{*Y)!N&dp?tN1Y%p4K|)h}a>6fwTY2ZU_QAwcNE(belTWCfhEy2)
zWYT9_c{<2(dGYpbDNP@q9cSO@h|*R^sh)Ut-?3K?IG99$%Q2XTbQfZ4g>6fl&sOLM
zTM_)lZ$!9>E@U`80&0)C1W)bHl@JEy6~EXRA~{C+gXyI;xb(VO#8#R5+QqmFHcTYu
z7o=FfTrhLsI)4_O%k~3aS@_T>4qBGrdMltt+gMqv?p`P*NOKNL9yCP%4x9Vm)LL-N
zEj4=IV$#6z93I4V!#lw~bJ3LiEw(7j?uAMS<KtQCFlne#&;5-$8%^xLht5k{e4d-<
zv0SZE2Ts70q(Bp~ImC_qJb-A1cV!8KQel9Er*jb~JoK`{&vRR6larKfmrE=HzrHFg
znM>nnvk)f=03*LgSY$vvss})bCOkQ0zG){uxa*5*_bJD<uWInE+`TSh<GmX?>J4Z%
zI$Ka`c@yVyXpvitD9E&`S~};ieSl~MC3inL&S(fV&g0&!povPJh#iM_Wy}SZn=RG}
zTOCW)DywG5PtdcPAx4UkhUF-@QsjV(!4MdYRw85C6V!aj!56D}w_%T=q39hRN}|wh
zWYO<c_(8z9^6|C}7F%ZCqLM7`#dkFq;Q2`>giHHww`oJO?jZ9e;6>-0oK&*SMQ@iJ
z!1JrYyM<Gd)fx?@zW;FrOr%Rk3OHFs!V>}`ozTOA@=~iNZ>*zFssqe)^Xft9P)QN2
zIPsscWe^a``H=oz>s_DcgAruHL&3s4Pq<FpL~r3ifDLdEf6sDO2xh0N;n0TwM3yF#
zr*k&rem=jT*2W!uY@LH*&<32C)Cwn8C&ieH-O;eW_5|cgI``Ull4ifzQKT<O{GTrx
zz9aL%NOAvyPrRA%m0d0CCKc$)fV@@&$zw|ow)4vCGY-ie>#5Ir0_q84?-cdz_xg?w
zN0}W|fQRMMw#NAlOOT!}46M2ojZfsi3y#jF{)bn+l#(?r;%^8l%eh$~lz4CXsDB_p
z{g(v%?g`))Hgru}MJO^x6~*pyfj>!<$!0g(73j<BM*tMymBG;wT*48mWvDuqfTaJW
zCx;kn+WD6g98=CCvW1ET4J|o3D5x#;WtbMk&$Ps<m>-V@WbTr)O2r91S>iwpsvafH
zr-X(kqaU||4vmLp<YOaL(KNOBd77gbB2>-Nj+rmjsrQerUHb+_7FfCAyh;&SzKUG(
zA+%0!2ON44ja!n}_1x|e+PL*|oh=wUW098LxLSfFp?o*Z^(m6Rk^L-})h3>op)asr
z2GwJT@FzsV8VFgrwm6`^!Q6;PNU{za4FYCX6GQjHVy_usF@iXKcR<uNhb9sfJRL`q
zB5GN~t2Zg;?-+&$fQOgSTIGP6bs=D<iRy>)54<Z)Ky!w7=`mz-O0Q}gTXz&#!=Yes
z+dK5vdX4uuVh3tYh@sCcM@<Q|EE9!0xdT#Wg8jCy(@qRoZ;##Pu?-zuQ+*oj#riUz
zv0GM(KEU8Awc2Cw(QA_uYUjubW;sFVAgzq{WoaVeasQ&UaBdq*Z8p|kASDbd7s{3-
zWdiYY;xFmEjUF4EPU%&~Z<lvJsV8Mf(hwRAY|LD=+K@$7b`cm!)oIExXD&XAPJj+{
zv{}_Np5@8q`EO48ORlshnunF`{;R2iqGFDxIa^90MmLHiL%{lukr*2r>nN`^Q6|dd
z&%hP}nAwe^GkbJIZSAfO+S{0GE}%#zu%QE>!fs2(>G5|N@%)on6giEHbvc$P{O9>4
z&y5l&B?&1pM=Uo6ULh~8dT!Ku7tfpz9N_*7+h_^Zd<{ZZf;w`2X_BZ4Eh5C63CeTs
z%yyt&{KW7s=@a64BZ3G>By<T?0YDOE(%iMVw4kX~&bMTq*HU)!RJGis+xxB(fP-b_
zKjhj9y2o@}XX#K>(aoz)-Bu#p29M<;iDk>tDVBy3cwGQahZk!YsPPy^UzW})`N4Gp
zk#@td!cEekVZM?>o-oL(BhS9$y}=XlOWg|j-)3p^!%9&K;AtBrpFK)BXt*>L<5xD-
zKG-1(rr^_iw2v3m^i=;xkQK)$q}k;Tj1E44A<$at<$s2P2>WrQ)aR-mIlJ=PnR6{^
zyQ9dOSMg;7=_z{ON}VH}s6`&3ikHSwzawkxsL7}-qBYXM^|>1MARi6XP)I)CA?fjf
zpf(F}4XXPEaXX{taQU2^vs76UV9(kQz32#6>lW(lX;D12f7E?1-+1BIpT2rCSKR@1
zv!>BTA80`06I#MuSje;^qRcH)^cHRsD;^`s%)mgoo@X@&(wphA8MUKxM9<}==Gr1T
ztyT?JeO0nn8K)1y1upVrcycN6Yp7<*hV|-CSV%i;KbXC$BM~RQ^D`4>GUL|W-NVMU
zU^0RSry5i~2>)jariS^6BxMB@L+}2^C?PRWI33oatUL@)IZiljKq!pQ{ef1G!F%H8
zK}Q_v19!K}0JptqD>G8CaAV3S-2AGZdsTQr_C2wj2<4b1Rb=8CE?sQ=35|8@`nTOM
zi~RRDwOOrkhqD`0_@Rk%xbUYEqA^3NVX)$z|J+8pM#Hve*wx7Qg7b^A30?8}KuU84
z7q$={lw>EB;2HV4nJdgFZdbycbgnH@_e#@%)Xd>^C^IxfcMC}QpQ!S*E+R5r)l2tm
zM}Jc5ibx>#Nd#DV$+ZwbeB?Ochm-)<PDa~AIrdwohAyEA8^RtG%{%n4;*?Wu0*zE^
z*6lQ@2F?y#5QM5)?D9t7m|nzxDZx}{^CznV%!-6!(8<D8!b)`*d%x3rr0*zx(4jms
zAoqH!^~<pW(VIxt{d!}eP+m;`+KPleQJ&JJ?b0?DO+Wx=(mH?m0KtOF&)OQ*v68?$
zAUXL)D8`1Yqre!?=&M@5!TVRkAJoU_nY&iyAF=2+o4-x6Q3TW*6d!(Pv!Uw)j4x<a
zw{L)u;HG)_@Z*<FxG7GHK(_^0VZpz{-~O)?d84Pt)RB*X<_Jx(i1$G9cTYT$!9uPH
z5nvB2fd26=$r)2g=ENDG3=SNMo^HiQeqdu1j-aX~>ZjBmCk%&!#{gS)fvk>uAe+@}
zXO@1BU|0_V$ecj^Q-C+g>sp8Q0>F#~H?(sSwZ%4+<jLdtEZ0V!0rS5P03;`s9dK&~
zU8y~?oN5B8osG_*axK>y#m=Y^`VzhJ(;rE>FEFWZHm-U+CDHjK&+MN3nJWo^y_3@A
zIYo9CoeEh<Y^LlpP{=Jn_rwPSw>E`GpjnBX|CsBin*E~3IYfSz<?Yi}16w0UO%M8O
zzCbAk`xXW}^I@)p-Pn|T%A%5H`(-iUD?Mf7v_!4f4y*?rk6Wh(eLkf?TpaTC4{NJC
zXfPDxLxdzhv<n7~MLZ#71+QsX*-!x;Z^KMm5^gGvb{sA$V7tKgZFMy{@>~uTcP0V5
zbamsHz5c#Kt%zvdz8XLG;rmjN3jyq5fHupDCjn~oJFzx!WxgdxUA1S(ST$<1FjD({
zG)i187AtjuZ}E_K_m!uH7)Ba{2baWQHIxU=U2v9FMXm-68S<$_@#Epu<9b)?Lr#sU
z#BUa>!Ig_*HaRyp0^71?utpUhwri=hVSpnb!6wrI9o_H%RsM&x(Das2q@@V!>24kf
z;nepVBJo%7x@^>L(5}9sdoob0_>PczUqnILnG9o|QCKnIcC3_Mh%BH<YK3FVajcW%
zCoF|PbF5fHnpY6Bqs^U&etV{B)J=-{r;;JsB0}}ct%a$?ISeOs)ktEo<i1NBU$*SX
zFsa&#Dz0E_$wV8psoUL_EpbKoNP@<AZZeK>7b&^6+gjnYi7D2p_ESbmXPD+WW@wk}
z2`JR@GLiO)b9NsztDacL3}LBF$Y`=V)q2Ybk-1RfzVeH$mfFcJ>C+jPOl-!csq1Ac
z!39+DJ#<txv*@XRGsB&=dG&uCs!WiE4dP?I>^p8I@^tn?v!enQTUmyd?z7FcDid&*
zHxbbD@uDD_LAVy{>O1^vdn{IL=oJpf3oq3!$XUh{aaOtg&7hjnY4mTr?TBU2fNyd}
znU``NVrR@!V%IXp>b61=v5cl~3%F&)van8mlC}haxY9_vl3<QC@NZA)8rHUP@xOlk
zW?A?Hk?O1z&XnVG?h+HeTc;`(GJ7-cf>VWt$WH6Jy*lWcY#HP?7@bAS_)KVDoCEQm
zypR%hG7Jo-m~lGu#+3SJkX%#_<#QpFA-{av$}u1Knq)PAz%;QsdqT)a0CWIY+#{>L
z$(KlcUObRe?IV(Rp<Y3<xGbv>h0}f?f7vn1oI$j_9Aae27m92(Ic1az;0`8_2S)lk
zt~IJ`F=Qz(`lqN42?FjMtqg6onc)>ITE%)Ge;q)$a7=>(`W?MUljDQaK59C8)@)&L
zkn^*~INjeXK`Q+B3@YqG;XGW87<}UcGF!V>{+gpO{5YF2@UN!;c`*~wor5o~zt`r0
zBrO-3ngB;G{jd@}>_r4g__TO6l^gMl09~^qL3`+gA6sckO`BC;5JC5n63|IC)Bq&p
z#{V@XQNjREhINQ>48ndOcgZMF`+JdgJQA3z2igCKo0v@vM3V^Bsv-kZUHr1T7G8nt
zS-JuA@aj5?HViNpVR8Vr;<8va#es95tgN%=O;_j*x9~bh`q8s$G0#I_PL^2F7usR=
z`I&+DbHFAW{DzXAHE3d_>8Trs3veliGzw_acpm8QLRfH;orSXP8K`WV*o~Atuyyu+
zioz!s7=Uilc*`1k;T*(lU?;G>+0_e80h!(<cq<7~Qbig2;kv4W^Nd&a!SkdY1q2ty
zFLHMu5dKP$VIGYeCgh^K?f>MABHlSX+V$ziagg?Z1%BBQaR7lGRH(HfbM-P2!I<E5
zdwgW8<;~c`)TGRkY~OOWdOrKR7Dc8VfV6=~L)JQ+BZ^6Vz508?plOsU5lzd&8*>L|
z355RHo%mR;(w;eAMw|H4Tav(F{WWuTo%`%WF174TOgP~pG!pj|eoufb%8ra$yHWzo
z>5vL)7`8<v#4BK`k9%y1pIDyf6oVE2uwm`yaDdseHpl=%X%Ql@L7`2m#2z>g3+MYk
zj%b1!p@owzZBB6#h@iV|ll<I`L@EEX^M1Us8iGek<n0*94JyI-@@fvyC(7uyo7T_`
z;yUBN7R>Lp&;>D_3xw@XQ$q&M>V|~Mj0U5PPhOA%JotPAJO&aBumyS?n*1q|m;&G9
zxG~x-23w9s`wfjUBv%W0T8~H=MD<sYwhqu_55C_Gy98P0>$65RFq&S}i{b^{4Tn;1
zgPmvH!YaQe$GriCX@{{S8g#aT9`rs0uD;Zvu|dAP;d8iGBmG;_$#cd?!z27D6Hje*
zwe4|W>4u`+oYnd~>PYuH=R+T$9##92oJddr_JVt9D++sZNso~zs|uh03wGb1Ik_{2
z#1_2s`?zK~B)3OCTO5$p!E}lO5v_#>uyyAac-0w7a0Ln7Js=TdEszXv&K1+o22k+-
z&-ZuYbZP%}7**mH79@fEIQGMh^n0_qBHM&7){PyIx!w=hjS%_hA_9mKnMx4XkGoHO
zY^z$JS<HZM{IzrMtZ5#-5BS<f3(E0G0tFuj)35RwuHUvmPBtw;7yGd^v$R8wt-0Q#
zsbZx&fQ?l;H8`deQtq30gZEiW=K092?SN3u5xvHOUaeP0Kq0>#do)<Wed^#F)dYg5
zzZ^9${3m-8)DwYMpr#CSw!k(`5$?p2gp<k;E=zN{z<@wel6iu?CI*s8WR4>Je81<B
z?7*`|N;5W%{|L`AM<6Idu<^uvx+e0ux3Q*KWd#g=Q@yIm)1xO#MXmjt0)tj$Fw}79
zBOFUcN34<s?w(TCL|)@-=?U?`OMV0tV)#(XJD|^`3rr^x8Mx~=1Brlv$75c(K^3kV
zctc^&1<RJoj&^Y(Dr6M26QDy7q`j>xos>D8`F(#_AMkpl=+vMj28C%{cM-N^$=y#p
z=Hs5h;LoWl9!(NXKPM;CPCz-UEM#Hu4tT%#CA&qyIeig_e<mo)6UOUAg27*`E1mJ@
zr_W17+n0i(L!W#JB|xcDi<{yzVYf9czi5Dl&pL`sne8!fCr^x9FvPK0wKnW4<8<Ii
z!bej&BKKU?C2_4oAn--YpB)XkrlFtq2>;zLF2+*6MBG52v*U>aI*EmsrvgOY&+mJg
z-bjVAzlFY1^Y@ncvMmP?k|>B9^LqV>5FO=KQ5<fDn)aYXZUw>MYxyehJsc3q?8`5G
zcV5|!3aQi|$6|Z2#gSrme9bW<(Y@)=AL$S5L_R3*XN(PmX{!0A@*vzK&dR;<&Ukql
z5lL_{k}k(PU}oTzaI&W0@ec%!pKqV&ArmXwFJel5P?Ohv@e5Hq%~*^0uqvZ^E7)6c
zY9JzVK02ZEi$G!Fj-|OPTALJm1PaI%Y69mxqc1O`AzDF6^bFqOsIQRQnT!Gg?hs={
z1!@@3E7AyECJ&Hqw_W^Y;v|0WXszf|Af{hR1R%98^Py-&ew=x{e*RDXiW3v)4L2I-
zlzDdC<$(#dsfLF^I|%L0mf}BQeCz@GhF}>okj#|T1NNkxNoZ*Hag1_!Jmo|k5!&80
z$=FA9*K&4t1{N!3<K>cs?nEL003b&s5CVh&e*upHm1$9jLrUtFg@}wpOkmt$0Y+pX
zi23SzYi3+Eh4hor=62K}#n1r+Qn}T1{0XUB$h)%@&sjUi6b4olb+N!I0u^l?-9F9A
ztY*7xW>ABJg91OTO646D3~n#MAJs&^lij(x)$D_^4z%G<_UT@CBHXt(<7#!ao60y%
zlTQ}{rrxHU_B1MoRgK{*H4*5B6?9KbFMry|g$PW<RJrTXsh|B6(~YT|EKEQ=T&Q}s
zg}vpiiJJJa0^&B^9HjN3%b0b9zJnD8{myDtz&8He-Zt|&+IU&vB1^vQ<?7A64u)W7
z^-6dDsPh6JO}(olGAOz(ih5*9Th4d4NJh~0(57clfYl%mqBeDV*T2$tp89vXPR$;+
zIDe78mc9<e>Il@W*h-tL$?Kuwn1}>Cdf40w<nW;a<wsL|BMET{#YrI}F>Q}seh~iP
ztVxg64P1I0ed*Wuydjg3b<2^?m`<?r{$8@xJp2Ejj)R<gOs&`OwEN#Rd%~ydK4Dwy
z(fkzwl!AQ?8g%+-`%>^70ACNyG@veP&5&2C>An|Cbiw@fI=hLCi0R%Orr7W&Lodf}
zy6OH+|EJ|{<7p3K7a6kfGRf)8(@?^g;_96h-m{#~PRoLX8AFYFu^}VQzwPH^5twKy
zxNA30Liqoj-dSR%ryhKv@AFONOi<ot+j$b(oAH&%49MAaTd#~?giz)&qVMATfUbIz
zx(s1o2nZR`mQC8;r`F3KRnYe9Y(pecAJcloL0UNmw|8PZ&h8PwU0P@8owI)0<;+n$
zba~yv&DlD0Q3DPS5E2gHx2=~!@2A(O#T4hSSyFPv*lO`HB50``2>%j*dERVZH{6k^
z9QfJY=u_Bd8G2w&upY<IH9d8!as`)sfhsduoAFAsgKyffWZuzP2pvNEk;sfhrfFT*
zb<J5h68!P4BrtWZ_(mcd`xVTz8kOqz$U}d!aS!<b6{NWpRePpOY&(|}WB^A%xW6};
z>c3Uf+@*Z1oF?py6MO=3l+syI?yFQ9{+bN|`>p@H)u@`<9lajYYPe$tFjyvt2?~YD
z1m29jNCPd?a}Yd;AIJz5C{O?)0hq@Kxy>=bw5kbW4v!vNyBssEIw~yXEk)7i&mZui
zoz*CwM|lQPPLlL-u<282qT7@4^j$~8<cCdvzeF9vPbcI4FFF(;TJ7PRYezp47S4t#
zU+045zc+d$Nn|zE(57$gtahjT2=aZc-EQqXu&Lds-aym0@3&!GKW_4E{z*=`%rphO
z{k**!dju#ZEPK0pXUOm`>0BA4D}Bb;OW$?WV<!|IEEKf0(3DkgjL?D_-8f6q#tSl;
zsEXf38ST%jAg8Ra-?5&o6xQS0U2~j;A4Di-ILV6~Gm3@oL^}xHk*Mnki*)VALZG@X
zWGEcoL1*KRMj??zA`pn}HmV^W4-3}T0^x9E?v}Z(48+FPVp&x-Glzu+3CaG|--1O>
z;^*lZ9+Iu%Fv+9p7F-k-8ZeDRaYU@^ia4&Ts?;X2cDuN$&TB?AIwjVmkIk~$W1AR<
zvNbmS7)Q}^r(ps2FBZr*jq-0gwPug~KJRU>394ybjt3+{F}bemf<UT><qgZSzFO3%
zK{P#ppvJuVymdG`<_Z+N-wv7(=D(5%q_QLtNM%{oniXXG;^dv;vL=N~hH7fy!*N;j
z;s9X)<niA7bm6cT<$w@NkwIxHB&=J6vm+n14v<X(0W=bcs&GK^i$z{80+U@7jl-`q
zspJq=0YI-{KuIFe_KT6G;&-l6rJuBE!21~I>BXXV+`Hp=K?FNnIfOXvwtLUx*_b>Y
zPmBQj>?ig+@1ZDaTGv!fYnoP7Rdbrx-{|qLW87+|m}lC4-{&HG`f)%Yjw^$>bUYxF
zT3l;$b8A4&Ap;Z-7>7&)8Cmfz<^Z^?<|Lu0$}z`W+uG$R(P%X*O$B^P^|mad5J>KQ
zdct5ZDufIM1KY=x(14%rdW5Cn;&kKxNWcdb>lEuWHE1NUXTWgzZJauh)UDdSd<Ng~
zHtHB}tlrY$a72)*shTb>EE0iWbYtP0gSj=c-_VYWP-hI~*ST2W%sd!lm6fP;S$8d)
z0RVztvp@h43=Iqh0&zSd5%%2&grSB8)Pv80#X~}n5I_S%;Q}CofB*sl2m??612X`_
zDd|)l7XY(Xf{oU5Q<KTC?5F@IMljoqdZix?N;wNwywZl{qV%Vfqgct`+Nv2zkNc*$
zcXAy89qDPh^_fD909HO87r3!C&ldFGEU#D`Gwr!ku6UBIFQr=CyU_!3C9H_^2_&AI
ze_ls`NdD;RH~Tu(K>Cg`)yWi{;006TAUKQz31vVMs&~~kIbBp+wrt*yVjgKmR(1ZQ
zL>jXyYh5?2v;7ueXt2u8MBaAjB%F)YR==+#ZdGd)#^g68h5kQW1>kQgd{KQ1J6~W1
z+4Zlv>=(~EFsKoZ?t*WOm}2{Db^xB=JK?xgV+lQff79UN)-^fK9}@+)w0BEeSTSvv
zxtMlADyU5uPJFI0d8lj+?|_%qi@iM6#&Vcxq3&PR=&yuDIT98UAk%oZoiCA(hU{9$
zBCacs4Sym2Kd(xTl)`oyrjZSWK`)DOgp-|=bhB14li(8dPKp)q#V~t{k{`t6BUbI=
z19W>+^g6gMXnJVCyg*t^X}6a%eh4I~RAE3!jp?8uS9Y`YFV2YAY_Q*B+M~>6r<n3m
zAZ|KO7?Q?JJ&O^ts{@+O1U&<A%o}QYWnh}vcC^>SPN^_r5-oK>MJb%A3MU(`<VC9Z
zo7Zbi=;tBrR^pm^ZKWd7-0vAfLkxD0ayXWx*jCNLN)nC~71RfDIgS<fq`*1Te6BUK
zDygx>u^({bQ)y9eYwYW;HiPQVFTkS2xmZ0YN9U`}1NZ*&fwf=%z-}g$%}xaG6dP(U
z#&J#c$dw0P@%PHj2Gll^DSwR$Y4C}4Tie9t!t}r<ycGzXa2^6{vgECYQ`MPZc05A=
z+(r`+wiCGeD$KGV@HZb}kZ$LjNT4du^Dpaz2ON&OE#MTUpokLV?A=xAbnIN%3WUFw
zMiqPq`J(+9^JKK#Ku(a`6cqYsJiJlyM{Y+k3<QJVD<srtL#F>?3etJKsN=O_xKoH0
z$lSDJN9jN}lb%3lPOdinA=d3?5T%8(NI^nK{}ZINk1k$8ZLVGCw!<tA{tPPWj6&rM
zEzY&@Ycjq$b4sc*MpDihpUfO<9Do&fSCM9*7tPM$6kAO?fWv>OmGHvQbjxR|7fn3C
zN8tuO0o#ZfX3^0pV+hohBloO3*HF_L!6i?6&yfu9^^2t(^7$afCmy2k$q_y!W;(b&
zbvla+4Ht);1>}u}`>K^UIBpuEj5j^H;1>-LjO2Tlj^zBDxvUw?o6F_tw_+Q1f!*I1
z6q$rR&gX8NYqSFc%XpG}nGcL1UY|SNs8l>UCq{ZehmM+kcmB}TO!6^3y4`iw<0m|8
zf*dbu5<a1iE%h1@R{bQ*L#8W9K4cDei<zs@;>^jm#azF@`Jys`i@wDV!0ai<f>Om>
zoEhe2Q1})UtwViYec5wp>LqW>C>D1LiV9o;;{7kE83(z->XvSJuHNPWn-7aabw)r4
zi;p2Rsc^e80(z`F<IU0+C!X^pn6ciTG@YL>RipN!>%b)bdKruX%zrms&_DA+2)A;~
z;+}fcGn9X+puz$Y;_W$BtkDE1U;>!5iG#}Aiv-sIJWo&@L^n4S$gtBYo}~b9C|ZPC
zjb;17p5_bct0)>sY&tKXEl5`J2v3>FX4BC9^nj3rq=JTj`Wenmw-xAPhsU`9=g)=|
z1$%1)Ki3!dc__k4($#Nq3avod_uLogmSE_-u4A|}<QN3=aQfYSk(Ty4=%knJ0G%sB
z4AJWj#1Q(aMIM&b>u}*d(iR8U^$oqjkPnp8f$rc5m*KAx&kx!I&=}Uhc|t;x1JUCX
zHY+#CNw0`&v%Jm;xO~$^S9oxGrI)T?e&w*cdirKy&rKMZ#3=)Dz8>yS;j}=|Nz+Nc
zTn)720z-49am<2dKE;nEXrvLL*r^CECUBF;q>nSqOXP65LCuHlugO|W3(VAHg%kY<
zM~z7b0T2;WCQYJa?kz2QgSM#j08s)~Wc^3kfp}l?tvr(_rNV7_TXq)D2I}rAA0;q8
z*`cF|HA3aHa}(cwa49)ES6}3&9)8GjzrgK>EtC`=y`N3RmwBr|6;w?e9o7Do6YU*p
zLXb?=x60PUp&4O3eC<cp?!HLIZO6fww2}A{OR)X+p5SJ%zj4yv8H9qDTY`8PCpW7K
zt{Ys8Wth^EjS%%PF<cPB4gQ`-ru@O+@{h0zqL9upC{dE+V(L~u>4=sp0j>}Nf-0!U
z=cGxdlLj-9`y4%z8J|Pkw{2tsL>HNi^Zs=eid`q`G7O@nR72@WCgC}VdS!}&H)j=t
zg>~PrB$QpP2~7&AWup)8$m!weU{Ot`Z1a}CGeMAR{6)&3p$y9>){&1Qzf!!Q#y4vX
zKK>W~M}gKevt0ijLo1C4(RV!|YXh<ikoz*}E;jd=e!V3T0oPO6Ljms}vOxi;rhD5J
zueNkjJzx9N$y$!U4f<3<OFgJ?<#k+Z>0MP!U&r!v=9^-4$l-6?Zz#4HX0>8`(cRwP
z-fdeGXvV}CSFGUH&V^O3@*}n`H!KokFOiSeT7p=JHQ)G_yC&`RH!N&71LU${u4zWi
zd5M;He4OSu0WZ!-z?iPskN!UP-$%%_@t}r**ZXYh9k8tw2=6zhK7rUwJmItV83o?R
z;Di)J=myH5j;E+7)T5Do5Wu}<tYX4+%Q$&nG=xlS)Z1>Do!a-?AOj>HyCrs@s^lD`
z6H4UX=n^A<T&X9xr22@&atAzeA=)Dd21U>uHC0Uht1NO*Ub%2JSybIBTB79PfCFru
za|jPuc;nX^TnL(FooC4lI@1{J85t{@1B3o?AiTtwA0$+=1jX7$8;{zY;1B#zJwfJZ
zuF{~w?rQ7|=rTekGt`Sg=}63RiRoa`@M#24-CT|x(@8rGvcssX><0S}%ne7GP^_z6
z0g5BkhIUPFL+lY<d@d0`nWYBV3pkoevsmf2nf!4kV$K1N7Da^E0e4@+TSvZFfDW1a
z;Q`Ui+&|sn^<;sn1V0ZFFErTbMJT7kw1gj$n0+wFv1-%mCUuh=(WUG7g6Cej&9WpJ
zIY?fn^Md62`bT@}VR1efn*az>BdSz4ER9<sl8a%-k`c0iNJ)&hU<y*TOe9xSmZJ-l
zYeU`6<ni%{Y1N5GHkx^ek*`hNG*=GBoUQj!Od_=?qZ~~Eo|W?WEU^l6nA!UKT2y?-
zWB7Vvccqh_7XVhcW0X+3WT;&$I_<{Y$C);T&;CG^*1d53-*MsFm2}@=&j#;&fM9!5
zDA?Y)wW6fMVJg-kdNXXfwUNvo=$UI>3K6RhM8wDd>lk<W)oJ}S#Jj%1+tcyOuM3RV
zbWwOYy6YDJh2z|SdEzj0Qm`sKe;KN(TSjwMYPivifnP&tk)i*v5bFMhQX{xOA<DM=
zuaEHp;>||oj;vg>?(AqhRSQ@}Jq@$-Wp<h}R44`uo_~~Pcitz5$c)&konkSZ?jk?~
zF`{%*-gmlwRJ;<=kUXSuL?u6N<99^gRze5k@PQZf_>m)GUC^cph*2y~s9+^D+|=)2
zLLcGMH53mIT&Xo>p?TptT|7Xgg~Pqs!&TY5i^x6o4;0%U?mpn$=T<X8r}viRjE4|-
zF$eiLz~52Vf-Cb69#!`}=FUdi#2mc3jW#^)Q;*3d;H4QU9&wS5FBcLi8yAwgS6MRz
z-)`^n)NfO}dlwaxA7ls%O#Wn>5-~NEjyp%}#C2gajft3cHmV12C8sVIdN337E=B-A
zSh*6~DT@~dr4UtUtFGnUe`o<J2NNgeqXB3aJi?kaE-oIyyA=pJ-Hx@(;Z5fpe!-N6
z#X-j-18DGs4(W=hhxCa_O)>u0q&|x!ASsmDPu3x;RXqtX;|zGE=+IE*oFtHI=Le2X
z67`(`3iO|&_x0zzPb+f)H|CMpMG<TFXcijJ_C&QlHTN44wmw`(_z;E2%+M^(mU*BJ
zNR~>nQnrny<dYnUOYC_^0b?4onZM5?zpz+YNVl6|dPdJ7X<uphWVn~;Y8yUky)?=b
zQg#xP;TgD>MJyV0p|$Y6^tSZZ!fOe=pm;oD?Ms=(7Zk8jvJEMX0J;F?Uy;g(R%N7I
z`eBbPqOU5Q$7V#uc2#i-_#(c6yvq(+u2QEN@hZg*@J}Gy4+(UgKW47XC!kW@s<2cf
zA5ss5g1|o9D%C#5G>1Myn57bgk7m+6M3AYvFqEmZH&RnM_<U0>K{(YF{Zu5k`yk+h
z4|30fqDsu1sPcbRsTQa${~&GAQ<YUPgJEJO_Qzu8?=Bg$RSV1R_`@^xY>8!hr;cSF
zQ<yDXFL}t{>I}Bx5>jq$4?1bIj(coh7GsV|wA$(b?x^ykwq%xridZCYt5<g4at-Gv
zAq7Y<ytfZ;7k*7X^zrh?PrC`w%TAT!^`=}%s_T^hDH5^1KgLkkG+Uh_w?7e-P!FTB
zQcltM1X#*)qzJ~x+u|ifu%un(m#if4PCSAFr89xRN&s2vR?&Q#m*LhhL2X$ChW>JV
z57p_8MSzlZGMY#DGU@oWS)tiT1nB60bhb>3X1ql9d@zeqtyibp6=S+LJ_kZi1<&!p
zmOkdGcmd$Wfa?0!ij!xMIdnmPH+-nI$fb)&d?<o`9ipzDG-K)%i?k_RK(pO2j+|Rk
zuw8I>w?*6?=vt^bp@1=`I1f7(sWcfGF~PMvzHB>f;>RETn+HEA5d#X!cds7Qvi?i4
z@^Vn!Q)Vbi<8!hFMHOfkMWxc$tfQo;`e2F_mF+VXS{ebmqde5Hei;UNBe+h60?OJ*
zAtolpkD8RO$Vs`Dp41A0QkQN?DH=w7b>TDKI;$x%I|6aK^%s;y1__D-i`31-13cJu
zoleS^fZ}Oy*u58VPMwYA#*Y{wU>>0Ff9zXFvz|vS`<U?+>Ej-KWGs}t=T#+8d9`CG
zWqLGWM87ML5EiQ#<DL8L=9cl5?dspCPp32iIPC_c)@3!O-|2IKLq$K9JdCr3STz1P
za<slq;VMrzd(T%bQ#F8KQUV|Kx_H`w<MKHPA`p^0ucv&uk=>&y=%@2AJikh949owJ
za#felUyNMn4SqGH`C>))3iXd-HcO_O1#~>33%HIN16u3taUX@v0umoZ7Nbh6l#VJl
zRIe#wHW>Bg-e%V(enh1p)>D|3dRU>C9W)>X3I9t?M%ND}Wl{Fq_`9Oc?v$D7mo|)t
z-wvz%B5DYtcMzpY_SwB+#uQFqIl-H=ogj2XK*-a=#Y)@hktPDD;s}m0$Y;sa_4OW6
z2A!yw(Dhr311lo@N6tuwWA5g1V1=J@!7pnj&jPk3ga$SB&$<Khu0+`U3Dc-ZW8MVQ
z^oV);W-F+Ue*}}Tfea{_JRnuc<2gOMf--DOVQ8hNEZ{P=&xYiwew7aC7^XBwC?+cP
zMIO)&QeIUy+#dVg2_CAk1Fi(ZS{&u@GtT$Vi4ZW5CU}h;hZs(L8X%8~o>sa2yvkAT
zGvAC5z6Sa}5tIcz(4Syn*)4<eOnv+fs~evTWpi&Jj5BFkv<x`QISps~s4dlT12;o%
zjs(9l@}9MLIc!?U=&2Ln5|q-*s<q})G4~#o;oKSzf5(OKMbt5T#BFXsJWw5yr`I1i
zvgt!E5ceo=%@w)csv>0~{?$<j^FAp?eh?G_{+}WQZ=ChITyUfZEw4P8Bfx8e`~W`y
zhc~sQ84z9THL@U3WNxmur*?7wNTH4_GZ2+Fg|AnBFCk9VpFXjNI@ccU847f#$H30_
zjW2G3<H~&;xu2H@J|Ra!fgCxbGNwrL4aBx`gr*c6WSu~Y7`YA;$>EWrfVMZoHAXyI
zV%yoXC7x5hG1(3Od?SoNoilAy2v|h9b-nG^gp`<(LrGzGnw-NA0yvZ`7AfCu++`s$
zqo35i?mZwklssw!p5HcFZEs|)p2Jpv2bYU5%1#t=us?0rAt<c)Ze-o4H7xk|ZjRbk
zT85m=qLi8^R8wa&8J(2(xF_H|5uu0K&lB#`l0B3|lJmC>$-)rL*|?>z3FcshCd)lo
zlBSatFK~oV=L9eUCXB3WKIq)W4^dRyQqzT{*l<Og0Q{;zDCt3AG|3ex*N0j*;wNFW
zWmz<|&k&`G6lNNPmmK!R1e0rFNBf~&s9sjgrbjeC)pmG_#V@8(y=`Z!(TP5)EqtsU
zXg*`;9+tnNKMF@c^pnh<Hz5$$2q1r%?;Vq5g@-lvu+O0f5gstxP#9Rs#4)gNz{V4G
zdk@J!RO8Ob${Rtky)AxI<!3CO*(NeyFO(nncb>rCK!G{DC2G6j^Ex*@7fe-&nfk-W
zfbgGs55I{GyaqnB$m@>Xx^H*>2T4H3(9n{${tjA01%L8#FdRzk`g_7+2~=ZZ1;GZ3
zuyU?MI3A5_aR?w7&<8L~`Zy>#Qiv*U;h%`^E1f9O1&SYQX?~6cIQH21+F<ftWot+V
zdV);dmtftIAf*lqBasG)wDEHndVPSJnN@NbMZSU4hmX1XZblXv!bN_f#Kgg%Sy`TU
zNh+2a_d%P^C4;74)iOD0*pq-vD~1Y)4mDF7@Y4BD3Z1HkgiYj!F_ohd<6&BV8?&2R
z1*;QNKnmU=A0sDe{)wd+$sC-ieWbOMB1P3{s(hGN3GG+-JBQynYTg@`G;IiJTPVfO
zL{VQgIw9#b1<Fkpl*z@i)4y>j;Q??WFO%OWyFvncX=boHEpCXM{`eyZSE|FnWEiJ*
z5^u7mdxhI?PPr_lWfzHytLwxJ&k4}&5HQ=xhR^WTIKlFU!JUi|?Owka#&6%aHg2Fr
z1N6m?EQFYoS8CDo%z87zoQ2rXamlx@?vs#rnrV1x>&sI~KH$Hk;~(%thh{|HRv%ZO
z;9xTCRJ3>lh_)%+Tn(-h;CxRY7`7t~t~>)nVZ-z=Nd|RsP8~*)MnV_{lZNU0|8lH>
z=%Df*0T17i30tMjgKzLYa-Qq8kSO~ReeoF;_jC8Ic$qLZ?g7!fjJwsY1?NLu-^Znd
zZ|X*O`-vcxBJqbfh1h;|U){jVXHC%=)B$7#pVcg}J)?=&6}6+xBELg!+WY1D{$NA{
zpcD)eth7~~&7h-t2@`&84v>fp*z1Vz+mLOBy<}s=$f75CjGBt<$8^mnOgnQL!n?=0
z0zuJ<!`vNk>m0fH&8s4{2V^5!td8QnOM)83$Fwl@I4M9B>s-}!|8|yB^8+olSXJq}
zExPw*@hpnO_~#XF^zM+08WbD{4pb}}Ne1eqcLRp(8MqS=nmG57O3NEGXz#HX8W1xf
zcSjPe(Jg!z?{GnWglX>%4RC#R9H1d06VD`@2m1rmoqG`1Vp3MM_U={Kdc4*Aa>P~|
zM0#MOp_iZzER%%B1qx9CPE5F$q60>0DcKh7Xa!gc^T0-?W<PownQTF4Y0mcUUqgwg
zG~rs&4b8WsDndm&9zd5`f}QbN&yzhEuB2Z<6V{5_P9;z0H>6*_N9l*_X|vWzCx&Me
zRXQC&rsx^&KrYnF_==U?uvmFiRp%&x50ttjb+0ho`NgDTiV?pqN)@NFj|4jz<%zL3
zpF&AE0{9MQaoX>_k%<<e^f{b18zMLEg;3~IL4lk@b;X+{^U`h3*pr4R{${nH9C>)j
z9FH8mbB>`#<A#Ao%!^hGXkCid8<`?)$>U_Vz-A2s_Cw(OGW!JEU;+W-v76{byJ|b8
z%^L{GDZq}(&lC_$*;uM2i{cej{_vhwSA<4N%s+72xRNbsat%8{7(9hsWb|P1=%k0}
zxJRo-wJqW}2qHSB8%Ner3=}Q&IjM66u9vR?o168<fWeoeO$nQBsy{Ksso|nSthL_)
z03aI$5mlMy{jA2mD|PM3RiW#Sl<JOhg|)=P-YU99wC-+=hv;*7DmVbFRR9ERDCW+m
z{C;9;F;T!;1QaRY>y-_Ksdx-X{bwu>o0;2@VhH$htF0Es0|iF=@7*9L=c=ao1z%;S
zx(k70fK1F9wZJ*rp60_(qU%_Y8%4mwFMFZ;Mw0Ji3!M$%1@K~Z7xfB=%AUH=>s2<W
zC}OyE2)Oc>C=r+>Yz0y<Z%#rJm4VeKU6t9{j;{6|+J_6<y{`M|VoZum4Pt$*h-EDz
zgjcoCM6`ubSrmJ;x)NBf8Vnw^f+fpMsm7R6cybi-i?4Iec@Gd#i2i!FQukKW6YjI1
z;PSB>2GMT<fNSq5rbXkng}Fe$JxF;pjLIj7?f{#`2d#O~=6w)^LP{@B$=_3H2irs6
z(Ei6ESVQSP%!6Bcqr=+!C??Jc;rLi-!oRWVDeOP@z~*;r$jwq6WjAUe{;Dl8f^L?p
zlPb$wMmL(6id$Tn)I1fz3UvFZW^-B!B_+baYU@sc9l2h8M93=B0-cIB8%Yb2nX6?0
z%P>-p+&gO@I?<??p&^aGTo<GuXFI$n!fz-#4~aHCz|tbxOJyL6mB^2`s5Wm^mR={C
zFqNMZ@!pQ^4ebZ}UJxrN5O-$tPa6z>DjgKfc*zh_!$H&dE~<E(pN#m4ID!pGA?zeu
zXNxm(8fg7?_<Go)Q_7m)hF1E$8quvMxmX&I+v{X3Xpgof;BBhdY(>EgY*Nl4xzd41
zVi@zFD^h{>nt|c0T%kiwi6`<}D3s;hz=LjK!CZIhSmz!lEd5s-v`^3~j>1c_BY@w-
zwmc#=H}Q*7*}2C{Z6*i8VZ=xsPb7|gv=E17Eu;~rr+Dh}qCe0cgvuI~JdNN?j6ka(
z;|Pmzf6ktNL`%aC=vKs(<WC;A4t_Lsd934{Ivi@YE&gqD<QrrKv6KfW<e!IjG8iv9
zh%kd%<9|tM96V62NPF=}3`=Cx@etCFhconetOCj7zQUo&BM{aIpilHohDys>agj%T
z3??$680f^%&_~iRqvCkE6BhT*cMxi)+I13AV=_niHBa31{F&=UmBoNIce)lA5yWbE
z6WHW1lZ}#XOE(gHWPNrr`R>WMYxzE>O(Ksj!7v<J=Feyp>ci_Ys9lu@8tfy0wsx^9
z68)$ZOr^wIV9?)(g#t^lM=Cb!^^k34EQ93CM+U~}+(tS@F{0eKXnF7!yyh$*i@Bwg
zNrpH>(e|My2#IOAw}m}j00GbA%+wumQ@g-OXjTT{I7|NV0f34vBy3$KkL+X_)1-^I
zZDaS}!j5`6me|wAta#C3e^LTYg12np)B{P{9Xm-sMt>=Cm}ElGwYS3}TF&2#VCg1^
zo0RbqA6jlvpt%gnhe?V~hq=tlcf}r(B9}^KY`_A+58?RjB5v@5ehk5Yl-v2uNqbEo
zaaQW#WPL)n!RFF^<?UuTwY=mNxSy7m8HNeAtVSsXFgk}OU6Zs#Xc&?S<)?L6b4EZz
zcvq}hdSgeGAku2#Y!pkao!8{cTyJ*qZMQtyh|FSu(bcIBjd{$jqvnRwjcOI5t2M`Z
zRf+Z%e8lgO%4T8mqHwMFd`ifkZx9qWre`KM#2>pd1^F$iF(IjD0+)9`DGgw1IlTzT
zf0}1RKf?=iTl|{w&=wvW<umPX3JG_d2mrNj4y*fyKMEyp27B(J+F=n$9f^1*952WZ
zkc5CRbw@Zywb?G>0JjN<Q^tCokZAlNxl1c9K_w)k5gUXYhJZ|7DZH`vP|a|pqiae%
z7!JoMFh)Ewz6FSuH(TkVGBzsZ0$!MT3T8(H1DJ<-4Dcxw1kKh01I3P9IcC4<8cRm3
zcok{m9$AfkAP*%YKW_p2vx`@8#Y2J(m5|b9z~v4a^5CyE%@(wyZQth#^?TG(#PCl(
zwq8Uog<NkVzW}62cXfdK)_L%)x?EL_3-g*x;3)1)d9%L7bW@ZJSLKR08lq~*isd#z
zsPd}UAsJFK95Jx9F2cbL%u~Kp-2g_EsS}yz-h!{`)!VzxW*kI?CvH_@o#~GJDe6sY
zH%EAtTP?@<EK5=r|K!)At7M!Neg<N#SdV44adtr$5z!m$J_&ANN*E)o2vu@bQrfKh
zfH>{K0AP?yCa7KwSA(MLK3D%3aBuc6KcyJ7{9mlomS0B;RahrxDopIxhv!60z7Pw$
zP2LSEeWB6Ng~4z0>UY}M?qh$mv}ps!!ymt$tHadbkwKh-<wk5MS$rXD9)2G~96~Yg
zQfd!1M}+YJl4A`DBIC?VEq6nG+QyOqq3Ax<83XeW2^5+}Ay)L(5`$QEtF17*T-8|O
zS(7vx#0aEQzFY%ng?Y?a^sK&{kehQeTwrF&!>q32S2Xztm~V&dlk~RRYCaalh>6=N
z8I#**8J-SMNy617his8a>u^OGW0FnY`6E6i`=-B*cCfrD{aG{GnyHjhS%$T+v!XOP
z(X8>)a$<;f;1Tgsseka?B8{tb5RuRBoK<(lbdeZpnrU#~9keY#Z#vGt<()zsZ2Sa2
zR|Sywhtq|nLJL1Qv-2S3$IV7G&E8#W>vjP`?BWOO^BI_UdT)v6)Ck?OE(-AZs|o!n
zeAY~A6j$-&uWb5`$Q;0e@3N`Bs7Q812=#S#LzpE56Lw^0b!k6Tv3-t7DW~9j=c)j5
z|6)5UfrNLCYV=KaD#$D`d`X^KXXi46WyS$wmv_3<Kuljv4Kj?mBcj|w6Aqe#NrQDk
z;`??Q&a0@1GxX&cY12SiIIIGYl{fPjC}JR&wCu6PG{K@;Duhy7-Peqi52E3SJ*w;$
zJfom3ckJ8AMB{-8pUQ+<$Llz)lgJRb-#ud~SA%4OFCT~{<5ZsX9|4dYp2*9wUaxN+
zvC}fICdGwnk`HKnbJie%3U)eNNSI*`>}=UDA!VOJ3bch3Cd!a<V26YZ9&o(>kjS(1
zN}P#4ogOS;7ADIW{U2CSa>r$kvQmp7`pu<BzQtfx@ekTbaU>VMWLY=2IZ&syB=E_^
zJ5RF|re=kkj1i))D$l9e!fhK7I{9b<HPVDg+3K<}Ju;49%(M#PzLK^8KA8_C0ZcR6
zX<q#nj`PeU<O$uJlD0uV#`|6t3c#+{Me<^nPhgc>p7LvG&*eY^unJ)~U;_ctD*qEB
z|3T+y<z#8`I}1^(p5$e$PZoq0=<@<U0Q1}AGSjEMxRA8PtJW{6=E7o+wq}Q@&lZCg
zX)f7HW^bmtINO1cnQ0E+m~#i;&-1ltBq#5?V#3O=czwjOc%P=o^U1NQ52`C+enLsf
zI*;ke_6wbw{mecR{Ne2!jV>Tc8^~RNbRZVdkclZ!JDjZDWMrwhJG+k)1Q;|`uRR9#
zpkBx|fUvXm{N!l901cPNoUW@80JFwaM)pPVEv>%MRn=Vz?zLwxVD7JZJU4cquvgxI
z4qP2fBhISQQZ8xsd&W>HY3(BlMDXdi;nyuJr9rf3Bs2d*!MWCdj7Vxf@DYBylLp}0
zd{x9lWT*~7N`pVGB}P!NLKSw`rzole5(k)3JtL`2gpo&q<@XLY?@@Cb)j~wcUq-f)
zvez_`Z|m_FjP-*!<co-pc|Daa^I2&kv3{ltm?MMUfpRj3NHAr8))_27)Mxk{!Y|}7
z$#7m7^%~pie+u{M&eP+a_J4p1=eNX4NKH4%?p-at##-@E#bbFEk^6HH6&zh$$?TM(
z4rk{d(?yhsSW{_Il(!+laz-d&MnyR?s|!ZFA0#bg0Pfll_|zoE)B&@P=5c)0r;VuK
z6n&KgdFbLio8KvCG)I5&QnsO~AF;QorFN!Q>@on9BJFlP6E2Xy)A9V`SvvK?S2s)_
zZTcfYoYTvYt+8WAyA9zq`H^#ny1o1@T?_-?7`Z2=1ZoeZE|(`o(zJ_K)^8db3a#Y{
zkLVxbI5jZx;l)sei;7O;5pJfd950}*zZ5FOyb>cBUXN&P#T;_J!o*YSZD?nO-~mek
z6;WmKfw{(h_KRYUYjpW#cf@_)E@rW>)U+z1Mu=_FmY+;{Uz)k?&-{-eu`#Msvh3#f
z>*udbip>UItESDj=>SIzuDRz|r<Q(f8bLQJ0jpsP@;X*V2Kx6dC)KWzSOm21@;A?p
z{kEci@$7@haIARAww9g5+Oe#TI;iLTW)fFYd}E9NECv#Y)aT~#L!luhkIcD9K{f9I
z-+5x)?haOxRHlr2v9WMj$uXv1t=@gBSkvIo6`=FakD3CyH6}6fkGn)`DSwr;5Y?qI
z#wZrY1F~=L)YaGyf??~gjWfK+fyVwfi#yIPHw&FN8E~;U`3MXtI(<Ksqdgj#zexlZ
zNyeTK=e;cn@y4R5k0!b46HL=nEEu-|5Z<-t)6B9R8P_m8yb;L)9-S?DFpee1V~~h>
zFu|$dcIq4y18W$8@>eYP!Fg-&YC5sb7{D0d+srN@LLZ?}C>jXQF!J#mxRTh_6cW?y
zeHmCzMZKvs*l|104{O2=hXO2bQ{P|{aWg{IEUO-O?{#&d|Hndb#CS5*n9M}fcbE|2
zB8Z7WH%y0?5nm%nZ$y{kvtxKkp`Wl%tM-|zxvqW%?6d_#1jD5>WZ(Tf70Z(T_KShb
z!J{`ba@c~?AStWTig6^`7M*EO(0XPXTA(zshS#|EUdqa>lSZugbW%$@%FYhH9rxm5
zQs0OJQIEZG8Bh2pp#{lJBFzryW&Acr&51B&aT7F!JwE+SKjd6(yz41-6_wDyEpcnI
z8FEAD#3diw2QWx#mwC-sa=)QTlCQ051NQD>brqI~?4K+_R;_Lz%*usmp%{LyDKkC|
z>G>|{*=q^nBIV(4KYFKW?bo}Om@6umH^x8oE$AAd32zUSE02`(+^AwfFyWvyxc&BU
z5~p1n9mN-eu#f(@ztPu-FUg&u<hzfQoa+pOb0$DeVQx1wrOt*XY6UWx;g2>3<^~Fu
z5u<^^MItd!ShzU?#0^nOpZQuFC<;8&L9-siK=?d@w?I?^W@D%X5-h_dfdT}PL!jUc
z%{-v+x3dih!<ZBUf@@hwLj;lNghG_!g%6^$x<1blkE)ihETCoMgm7(&iIPt_okfS@
zualq|@?=hh0D4sv;RTh<{uL!HO7R<vdhK+}G!`*5iRhQaj#zK7x*rLFI~@aXQx_aU
z{RLcB1K>RXo}Q2jFwm1}+;rBw8PV`Byr@Jlj1=tBw!KVdg3gFKyR!s|f`vg<qD+x&
zA)_L#x`Xtz5-7B~>*rihKIO7lVrtog)i_(~nxW;u*XnNz_^(~VXAPEA?{_9sH+XcP
z$V8kf_SO;o*1DY6n|<+srvKn$jFc{`!&Fkz@umS5gVC2!Nh_2UA|Qu^{8iG&npi>A
zEn$yos|MAJELHG;1T!>7{4IzVTteNc6@W>=E2+P&)`6e0$07Hl>HRBE72>N*c&-|t
zrl&epp?Wy~t-HAG5I>=B-cPS40P_DQ-9Aa62-PC1=a(<6atBN6nFYEAMB{<oade;n
z9}uU|RxLj2@4t|$%lD2qaA@#>kt!@{#nBKXC>VINj5kRwz{w&$SMAQLt(Zja4U^#y
zX_+GkJV$Be${2J6M$S!y$P4AYtW5K7PquZ^!PK<XoShN5i<<LhAaC<>0k9FOy{})`
z*BCr^@%w?Ne_9kg#N^i5Us`uC-$p0pfC)Dm2<M@W2@JA?0m<gBj&+8)P9j2&1Kvz<
z#uiJFY!`U#y1d+>kInHu=B1h$-UT1!JdaN^5sfwl>Yk*Pmv2N#L(y~kJZ&xaJp|bV
zmSgoQ8b4rrn7;7vu?cT=#@a~_e$3W@ZL$BEJs4#VtW4W*%*zadco8O#mbx;cc7kpz
z_mNVng#RlJb@&Lq{)XfM?mDK2O&z#k?|`m0LQ5>(_t2JF?h={4I}`TsttF>?a%|R`
z^+SIsTkDD&3e=p=&=%%Jh+(xYIVlpF#W<LRt^1Wn&(1ISQyGwA(1AcDqY3J%jG97U
zu~|1rlkYt=zvJST1VQy?N#PiJy;iDXK>D0JsSz|TC?`qMhV`i+R&FIDS!zD#pyGel
z*mi}+rTj(<*$Z;2Q7uNKcNCVfF4Xj>{8O<2yD2Ho=k<yh2*#$5=NeK%*7f&3Mg3fo
zJwdzs{G|8TB25{P=3WutkTK865dJ<(<6U|2vv-g&>F$MqvWy1n9U)<ftpjv-p}Vl-
zVf_4eyDx=fYDtgJ-zCjgkM7eMCW#M6!^{Vh9v)<T_|HN^+)!%_X4GStJdn$l=w<q;
zw^dXJ1E8S|;=<rA_B{VrWm}K(gqE$g$<Q0g{ikeEfT`S6MJ&e~1Z*9rgvvAF_$mO{
zh(m5<q;Z~b5>+IcTaiB$3uALV(NYPUOLT~_iwu^aojh&jwo)OcRl2RvpJ%qg18wmt
zUfM)_#3JKcp!%^TBIItjsbdT}UQ(fifk^2E0kCvVGmIcPSn$+|{%vesHkqur33VKW
zTkoCsN+}!`Ez%7{bBOHI$>@s}Z>t{e6PwHpC>@r|hg8v?T&&}F+~v=8R(uS@Q?kP!
z#32C3Y5E6!=5shwjp94p&WSN-#(Z_&MI5OhlbrBjOQ5pLdLnRX_RbW`Ns^&-RK3h?
z`)Phv=KGJmrSWx%!k<ugwjdxyR+w#{)H9x^Cm(n>R7ixPC~j2fH^xA@SS=&akaUM1
z=-4MS2M(d|r*5uTOC5M;0G&p_t@wCV4ILuG#j{&W>zX(YM+F5{WKpESF^88#bxfu?
z)iLwk9R`uZietD2u>vrtn5iirA*nftk<G@@E#SOBW);wsrISMepeyB#BlazV_G;et
zNZ8QA2E4X-sn%tl;61J3qaM`bc6$4M88sTdQIh`EyJ-$Hu@|q;a%{eLv+bj2M+`<P
z(g%d!$1ObB!re<36+mCNvE7Ne@F23yHG6_#dYeE;OLeQ&%34g7ON7F48;*p>O~&~<
zFOE@TpvgzF1Zj#FTsYyXz*-5+w#|%VGJr0D>~pQbm_)7qU30kY9MZHYkXD)D(VKd?
zg{cF1VuZHIMe}#V#;$@RPj>DuO>*eZhrPmR74}H~8W9oSN=$6w9qv9hCs%2-8K~B^
zHlY{0p=`_~=K|FnFBY$vH!-CjH~qHyo)hD#zQT3~{C5)(v+}#v>Y|#h=@x&Bdz9C8
zFmS~FVl;5n5+)+gDH|u`gxz^pgStX0^!u2ZDIuSoIbc=qstXMT-yYo73fF}GiE1>#
zGRRk7j9>;t9wFR6#Vwzy2p(Tm*ZlBHqvKK-T+*WW!d99{X}h*RCEP=HXm0I&D@!j#
zflWN_s5t<+6C-^)4Ja}=MEAGh#Q!v$HQE%ozZ;A3`a}@2CYoXT2Uu?HUlM=ZG27Iw
z^j9`wvA_eV@4y_Or{!$g1>jxVAK@YG!QMxdB`HIGqY)28VXAUM!^gV!Da7(;h>YWv
z$JFDB=IN=QNZ07tA$!N>n9y^Jf{n_rQU|whEShZ?0e0}b<ihIch+XX4LD7Ik)0K`o
zvEYYUS_OL#-b}5A6LR2710@DHMi*Lk@mt_+=oGN16~myEYrF+*G^@CQNOkhk6MnFO
zoWd-C-Xi3BA|A!}QmKF(W#^%Ouc-n5JQk3TJm|hon^#V0Of=@E|M^e?qqdiu3Xplu
z%Yp+lJ2(rxsN$ZU&4s1v{43Bq<EgV+AdhuJrc%#P%lk~3Q29Rhn!Zkll*n8N>Ygd7
zgEZErw2)XG#@E_3un&ThJa2JzmWG8#<^m6+3yEi&$W6*fPuH{hW6b()m)kFZ`_vcz
z^nggUREeu@Cj?7}BQ>e(aQ^Aa`}JS+^}itg`;%3MeK4bEJPvp1YyN52NWJ}$)Nx;C
z`i{7_dLZ9fV%x{43W-@Ckc6y!jI&^~^^McDRk(LD`Z=WeU<$&6ZP!S0;@1_&u#b0N
zqy&cY0!V<#iG!s$L>aD8#S;FpoC#`pclO8l(|%+{9NRmF%y=j_@>{#lqH+f8HmFGF
z)(HFC_Qp@UQX~c*f2|$P&tE-XVBTZ|f4Sl&iLHk;JzqSvP!`P#E3KoZ($JHn<-G5X
zvuF-SN5&*?zH{W{HlnlwKcmIN`{qy)Qm4ubR$~#4pKWNb?AZm`;ZB8OX;=uPm!v_v
z8B~JAFo{E@0{1ktnM=u8XavmFZ@pa!>ICr+sjrh4t4*OFxxG^lcWAEejaEuhQTczE
zBVxq|r&No=5P;Aeu~}>QMxhOERSN^GZTFao@Y5>hD_}q89gZ_>y`}(>ZBB*#;yEL&
z>!Ns2e$9?-GvD;HJal#ffq*ma!c3cRYH4y&oehWUtQ3(<#~~@JMFnZCZ5Ba0-==W$
z@URbMI%9`(=YR3tmaO6wH^STKf`D`FEn=rJQFc--FPohdQ4&ePGtuWgG}{=Qr-XKt
z9UxG^IH1nBH_>(FCzBFO4mvp9d`GWYu9TZDj5|u+i~;%WPOX%daqQQj4LdgKrTNR!
zrzzEN8ncmg4q)G>Jc`1KjHEU;^XpZJ^4jvKAezdC@abvpGHb7`n2DQT@dgJHwh)de
zyt)IBpua@J)*`}aki1s_Zws)-3n&l`4X?wm2z&6yHFW65w&p&~;pKJtELCP0IY6mR
z9xNm4Auv^)cqYhh1%hOp0wUi>APdgM+MpJl#;9x^)A3csPFA?0$?Ra&9Kc877ymgv
zA5$MmrG^34E-2S{RxnSI_he-kk$h`HMLe+BsOBN<&1-c>5WD|b&?~#>km9+SZb2wy
z)ZcS8&N7`jhMy$T+&D8uvt-91YH9~sGg9TrH;BJ9<68k_yK`4f)K07=Sxp<<A)^pW
z5)k|%a@kEWeRYunMOH4&#6VV3!V85-BM*5A5bXB=qhY$hj6769l32837`yY1TlLr#
z{hi|?@xv;BI#y5Q8MLs%>cW?A$gJJ{S$8to;@|U0A)#jCWF-R(r#XoP=c|A-P(U`|
zRLoB>2oa0`#k-vOu*G7Vtdd=DA}`T)Hv!6nt%(_%#4Z!$n)G?o>7Ik4gsX04C%`K#
zT+EnQj}Pbbr@Ny5(uB+O##E>Ow(<{~tj&&+!-j(8=UNo@kzX-8#p(>#nQ0vV!6(^4
zGYMAt9_vQ=KX(H>(NCB!t2la3NlU%{0Td(kmkCn&Y^A}W`!zMd7<@Ux*StLlfYeBH
zH=uc5W?&5yp7d;&n@Uh-XJlO;Hz3l3o6S4imctvx_+t2AeKlAkb|VR(gF6gW5|9<*
zUp<XdJH04sfTPdD{t9Z0?20{$avjXrAuOp*Fe<i3A$nLO7ZpBf9CVl=0%o6xVFLzG
zh!T)BYj~B$8Xg@5=&~FN)*tc2vx&XfgsojkUw}`rDu!wDyt|$E%ep!Jd=drV3O}kU
z>qif<mflz??^{)^HSP+fGOZk)-Wo<dA$(h>yZLyViWOsYO&*iHMq-fMXg>WdE8U?1
z1g?h5LNhfAW09`{bo(4e=&lU%At_1uLJF1<9XhcI)w0y`=4+{vw$Ad3sgj)#NLDL_
zfUN8Qbev}$jqTuY?$RToG|mlG0@jxL)efFxayR5v6hnEuG_Kr7lYx9-uD+CGC3_4b
zOzh~ME-pbO91g~MAD0(_%-zykfwyCqfi1jfG|Xgi2mI(=!rXkRc&h>TDxHN{Q=>jR
z?dY6wWC^-5e*zUw+Tu=drh~Ue7L?#-F$Qyvr);N&P+&ya+XC0ZApELPi+9Tt0w!Fx
zzx!cHIO~%)PAK*deB2ULgnsgf0U%=%azMd%%1(T?>W9S5qaQmN6fCcmLeL@WUpSyn
zFgFHc2jB-lSJgJZPNn|LB;vXO<v=uOUQses$gKeeMpmaiFo}41)pB;^PyuBi1(5tc
zGg)p=PE*E3OlOmSy1{HDd#Yy0IUc&1L2C73=I*KMb<W7FK>7ra)sSCZO(9tB?7XJ4
z&c)1>S+PRJGuo!=zVw8k`!f?;09_D7JS_L+i{i%pktmbN+Hz-k-rNDkg6j?7|B{?k
ze?3f%w~RhsTYF;IXLu%^?X%N8ky!iD_(5`gu6wh%-nJf~-<8-aWiwcspEuxrwNW@}
z>##|WP;$Dk&o!HSnYj5LRBR(RL_F~-4e-FvU)l(FA9Vi8yOIO#WWk=0gpnP(3qJ$k
zA_dKq5`bcK$03e-U6G0O)Nt79&&!8gCdri%qVLU~B~WO4$>yMO>P#!Ihi9s1apk~s
zi0JDDf3U>zb{%nKQr&a`UNBRZClmP<iR9xZxsk4=_~fgsEcy}L3$uhqey@&?lQ0q&
zB-e0V<oL)}!O-}7dbyR`$<!oqs#oTQewF0)T!P|voZ#{Hmyoxv0d5Ietz7hWsFKXV
z90q{WGY6GNP*HjRhWNuGA6WVbwJ?~;zHS*_*oRNwMS6sG3EbNWHWIk4--A(uC)4PQ
zh_FoZ^KD=0q~MsU=LO;zA1~3kcCtF4;vT&AhRU?56|5Kao273UwKf6}OT7a6Q9Nk+
zQRi6t4lfOhj}J@Ipz4oV)tBN&hJ*d7+e5@}t_I_WvoxdzIB>ooZbQYEi#1Qe36`Fa
z@dyb9!=Cmuj*4g(w_BLP*%W53H^l_TnCJw++DIuflYvecuv>|{=b9z;hqZRVH&*pX
z(iH>(;fzbQ#==Cu^34NQR;1o-a}M`hD|8G-NM>9tOKYZV%st`G$zHg5yeAy6IT`O|
z%@^}DsE{PG?nK6tw9mr4TmlxDx6y-FUp%PzA1_Z97C#UQJ>HE0WRJQ1L2f^f{j};L
z&bGn=VFmyGR6Gr+q_e{Q>lmfM7*r9>I2R9+9tlV;C%E<pIKm(7`BVVMqew#;d;&GO
z2Yd;71DbjZL6zSqMhy#Vl&Hv}&nz)DI--`O6m$yQJ^_11JPq9d&j8N=4h?DB+vNu)
zKIvk4s-<e#Doet_i37abmqC~o!-|Sn8YqDk4v|@Tq+%KY;_wi>vyucOxbOalpcgne
z)X7CCE0IVf5{A{*;}1b1kw_$#1R{w<B9RD=L?RLU&@9KbL5M>j5Xh#Vt?)b5MzETK
z<L`3_1k!EZ9l&e04qF0_DWtkI4L%+bwD0ED$K&yMJSIh{!zYjtKsX!@hd)RxSTsZC
z$Q%<)Sw-M*I2;uvp>Q}H4(oC}AQ1^wIVy+4K`X72T;8~@D<NUJ+$V@af-YGx!27OZ
z+}WKA29H@uGRB_kstf{mdI$^*oQ52(A1Q9W4aME=zhYZqxbqCK2tUv~g9->Ui0Lz+
z?Dnq9w;oNDBx02E@BSP?UH<=w%Mb1Q-IY+Ys0+FSinF9>e7r{94M<gz1Dilhl6>2Z
zhdPAb;ANjct=2!-VxLGzl=9V7HMpC3oezX@*GBjrg6*uv6ceUU_7EPz$3>KkCJFjD
z$Z|9@?Y!@oIWEUFr=wa7%Q(ehE#x!EU5u37EI9GHARdm}MKB>D!p%G^bSz{X*VXv1
zP75MSQEXt2c?FFkzFt*mL~wusToNz<L<G646dE!KP-GmJ1UzDHe|ihon!eYlDCZlF
z>Ur$wrW|w`6*3T?U1nLVAfIdjGK?Q+4Ncev$0*A(3^L$BVuK^l2-AX^*}q)A)xJ+s
z-cP9tlhRsP?NZ)YDnM5RhDj-}b;x9}gU#O0Ex*)1g1*yn3*>|VzU6LPJn8(v^q+|B
zRJ)3ds+FHHr2Qi+j1h6%L~<H+=rZ8+lAkXGCi96p8|)L8i3cZfP&4vv@upK_Uxh4L
z2-?bj<8@iqoKz)=xOC}N^`Ictv?7~}l2ntTsyXMJb6VDQUDtJ84#(qRU5>}}ct9Z4
zoGvPg7ZHPz3RYaIo%}Hj3o%v?bDdQU!sRTcc|-VZgE*?HnlAqm;1L8fim|qnc9;bK
z-bymYyfcf)W3lH-2<>(~8_TEo(x(J8Xa&GuD1uKSIIWsTzlloM<1lwq2(QG{6A~b_
zWFFd~k3D~<@WGQOJ-liBj(4F61F$(^K;-b$S;hdO2AT;2Dxd_95}?T7Zo?ylP_+6J
zAdU#A1lm_|0t5-;KmZI34^71pc|;=4vq<;@G@*sYP{Wgg1%#wP8Gr_cLIfxbKr#Rb
zAP@in2+bfEOhGCcRSw+Z4W$8>xOmga0uOkkt}2b0`J&A*o<`kX7}Ay_hg>Hw2RXC?
zvwflg-~Urc+ORN(&Wt=s)d<C-hI5w~h5ZDd@NPdUN>oKJEBTXAWS@8mA?W<_7lTFx
zi-|L}Xv%?d#-Gz8YPcplQyj(tG(afx-SEC=>xGFb<?+f*ppy!Qy>eT=Yu+TKUY_C{
z^U_=kzMw()KYt!f!~Qy}cx$I)YF1pDsVOw8LMEhqrc{MS+AttuSCmKh$#_^OJj5=D
zK~9Lv7V~3=)ilsT(K`Wxr2^Bz20}_-lP<8u1-3{14V31M`T_ZB?SuGg6Cb7;boYGz
zX_Yx$2&>8LW=TmZMC&r;x-tEuU!9$gx*GBi?P`W!Cs<yrvcoCea8**=dOCjSxET8^
z<T~|ZGMPKnj+uO;WXwwQ-XgW)I;gW@ZebgCo?v7_=d+(jT#3I>p-V3UoYMt2N(Ton
z!5wDbIwyytSW}ph=63>aAn>d?nw2$X`wASO1oyhYIX!Sw2Hb5z_srmi*`sFW`k4*7
z;Go29liLNjzXa!~z>Pjvb8S2EA*NZ(kOs5SpbWFMi96XQ<nG&`f37?&=g}N@i-t4)
zzM1oGHt%g#d^U4_&E`U=W~}-&BeDUZ!UyVjj(-C4Fsh-bW83u_4pAGGrx|Jg-1Re;
z=)~H!{B%Nc-pM0$?UcvZXaHQ=d`$jg4<r_du8aSkYsHZzdItpe^0+xc3(AgSc*S~d
z$_loSmhFzS%@LJ}F)V%}#kHc8`v5*b!M|j)3x4uzidGUEkm$I~1>giRs@m<>ph-n>
z#>M^~xgaMwhCJ#rLcSJ9Z;e6ivlz*Y;Ofw#>o{KUQZa2}F0QGs#(~H?%-m+A3_f8Q
zOjbl)n%V4cj`P1~XOd4gA8)=ZjFlnld@yj(Z4}03qKWjNEfxNjU4mbG#xqQIRe#fH
z`Ag$)%vFq*v{fh(>=?!VCihP#c?AAb$qqaSaN*9pO&v+H$S|Qr0D#mV(IY$-IaYh7
zdQy~Ft)lfx9eeB^YBZpbr*qVddf4*=KO-xJK>)83VSi(n3`RiE^O5wK<^zymiZM07
zAm~CL$9u&-32!>UC-DGX!D^zM&}W(yXJO^rF?fm80`A2-j*-4z*<Hn`Kf2n=YtL<M
z$alK~eUZTpV`!J%{EB4eg|$_+8C?fHze1Tqc3~VdWoAluXsea)*w{GyDFi;R;tr-c
zY@<q!=}F0P(xqfG1$};D+BPPLXhQ2_F=|Nxu}Ydp@=)EVa4oi-e`UK2?+REMIXnT^
zpZacHP8SI@O~KvVN787c^)E_DvRx_wXE7sczz>O~RK9vu;HV^0AW;B3Vul(G;SEU~
zW=KK~ym+UW_|eYqj1Zf#Y%%6ldhl#y$RJ*H7bj;B<FXGj%)(0&1}5HGpu+|E{%>5&
zCCadLRq(*C@IR2TgbfyRz<Cr|okEQTMk}ybt*Lk;F0c-Xp*5Z19MtMmb9r&!5Fl7}
z*@5}@THCHr6j~n>LXi5Zef!i89Dt$1^xzRwW8T2Hsd$ER^u%bo2VU4Boamz?G1Ra^
zB94e;)~eI2V;5iE89Q4?9r2|bqt8-0;5KQ|6K)U)Z}N*1jt)UV62>1(VUYSOu5iG#
z2rQ4fkA?BqzMa-%>5Im5lU1f=uy(zy%F-SP(K(!ph?jWmu!oLA*nJ9C<0{jgyK$?T
z;4Q9X-KO2<==jfgY^oT<0(o8~t|N3YwmFjj73R{Pu)PAjfg?jJ{N0_74IPuq-Zh|P
z;*bXU>YmwC^<l(w>v6@;7JA<_QqdV=rCP6C^yZszac+x>_DXqCG4l?II1N%6zXI2h
zhCfI8aL?d~aeeUnd7Kw35^=6*x@D<sYJD(;;XE-HJiI9!(&NB7+gM9@cIl-#`4?>P
zJm(hgSwgma1DakYa##--Lmdu%xbSQQpFIv(kMpV&9yzR!IN%2G*^W5;Hua1)aCj`p
zDC^ju>GQF6rbd&YKt&HhDz$dBYSu#$FRw93aLOYfmf70=rx)O4(9lZT`eZSyoV3Bg
zFqi{nLtJQ<01=46C6*_0Qvs~N_2rl++^&Q^;Uam=?3>-3>q~4S>&>i=8f%&9yWgyN
z>IHMX!OUX@KNHkSv)60Cw!1~I0rG^Z`Gq2|+27~jLnI%70T`BJW6kjI4csRccH?Ie
zL0u8Q4tiEuj%mJjzPo+Iia>OrX~YfOLTUEC>}o91R5@FwBl09qOSm~Htm&@(3#s7m
zjO$N2MxkXeKG0?1*J~l+#Sesn!~)qzK=;EJfYW>7Ncl($sS+L+!GFJ}J-$3k5iPe+
zNmm)DE9Gjm0fjW4zW}G1I4ngnc2p0E(&=gkz?F}F7y6cUXCiJpy~^E3svM@=90UeM
zuh14BBYSQ}#X23qJn;Y|rzsUE?W~r=0<r~-ZgES#a(pR6`?%hHq!P#{+6u_;lzVLq
zaHeR~?y-9ZlI4@rtV$K1;J<yp2Rx4wytOw=Fdbzt;riu8K)D^oSNOPIA(3@S+Vyc3
z(&a}K(QU{9e#cAJ05DZ|HO@<%kcM!=yh9eEp?HCkSwMvRH&0NENl0}(?)V6aoxZng
z7PBGVd{(q7+zv$rkjbjyecZ#<MNe&6Jdi$bZ0D)FD!eegzWjRb#F3KKRC?pGB4R##
z3s^BAj>6Yc;JNh?x>;GOz=T<#Hy2^hXamF2h|u%o0M+9)Fxvw?M_yVOLaCt=YGDDQ
zSoIQ4s#FOQ#MOVAv?ZA4#l{D+<BCTlj7NT$gkm5pd4xEds2-`*?8+I<<(1P<nxA;o
zT)h19_(&_KJ=Qr6`{di@r~a6WljEU*#KS*m9`c8*X#dB<sgPv$zT%_2X{dz;PH<8+
zS9Mdxm0Situ>}H0oCFxe=bY}fvirn#TOYZfTb@7Zxv0=!G1cyXBQE}n$$4CwLY@UG
zlec@*(m#gREeE_gPl2g>pD6tTq=sn%jf0Dox4$+^O}f5UPnB08zh}}_p>GF0-4OFz
zev8!eYt+Z{++o6-@Vqq8t2=w??{Mzb6!^(gTg|6!InjmKs43ETD7qD8Y>n}Ckr#ZO
z<$9QI`qh|a8N_h-CkS1%#v(21tuzJV+IOy1I1I(z@e-JMAb#rA__D){_`t~NSKC!x
zNAN@~mNy@O&xjd=3!jbFh+Vh1n_O@#qR|~iFr&&X66#1dWI96Y^n+o>-tWUbdOi#c
z%t7*%KCaA@XIny~e;ve&wn_}~m_37bsVq_s?2_9)Ndz)xd>AYXl`BiOTzRVrDqgH9
z$jN5AF6q`Y<_sQ_S@w&FJoZ{(w^h!bI|qT7ln+Tp*4SVPyhdG<<m#Q1AF~kVTI}lw
ztg0?*f_z(DV?X{GKS%O#NZpk6Tpu&D^v^FPyDEDHQP1>}k1ZY!_MD|aO)s<NQgNhe
z-Ujp>kGAsK*t-(B={`Wcm$ZmW@Y|1}*K?uRrkluWao07xlZ9$ixe}yQ;2Xe%x3hza
z9!2+XtXsKJLncw6E#EsC<1Zyb!J>-aLz=?<O_mbeaCM+#z$R@t%nP-GMZ8YPdu5y0
zg)La>1t4F-jqdOepdOk?d1a1m(tQVGSc13eG&G9>H|ylQPze>i{^+-ZB}-;6W7)Ck
zOn;rv&qS;eMRBX7a~b0-NKOnPKEumOpO}U&B{%im<=+eBs^EynJ&9&)yykIW7mkA&
z((lM)W-p|4&?dmQPhNdli^^O8m^-$}H}YxO-a#7yA6gmgoFXD-h4<?1qy+tiFC#je
zSq60$&<=mMj>V^?;m64orSBJG2}E+JH^sMSoWDr61ugk;tVkl&C*-N6evaZt!7MTR
z&`XDdV06Ze2O7!TzT8ifz!RrFsUnGx4Wi2sY{0Ln%oTx_i!27gAqzz-WP~wylze6T
z0HA+mLUz&>7+80?Mk}B@{%Jy<wl8*$Q-d$=g(JwWEd#hH`p%7V$LS;m72#7o@%oC?
zKiF4_I@1M{l7PsM@KIMES_y`ul>=O!P-iOd*t1bH;1Pk3yIS`4shH;qWLb$P48twX
zhf<4I1GkCz&v}?Qc%h4FyeNhNAHf0(OL58^w?siVMhFJtlMhDr#15FxhI6YzW*5m?
z1ruZ&>g-qABlT6iA%R=!9t{gSI4HU{8!%VDw)8!LAR`*Qzd|H{hB*2c4OuX3*EK?~
z$7I8D`(y@K2VMh26r;(6?X=%OdwDu8+O?3SCY(f4C#96HE5Fuu;0H3($gBui2NOqb
zTfF1PFozbIx`*yx7Xc~HFu9dNVG&JTsd>VKQ`3w<bc+!41O7l19OAXc)l@>v8|+j1
zd@k{X9-;9i;$_KwacMbH^i1<&IR+iWhe{lpO)z0!51;&az}SMSGNLbt(eC(L6^2x^
zYUmJ(Jyxblz|3z|l&kcT?kV+#8q5-|rhrPe7vd=8Jm=ShAI%<%<px>2dN_mTUQYu!
zEdbb39d~YN@jPXmqC`&q>@Kd55-LMuUhuRYGF}w{uI6JdIf$YE$Gi!u=`ZLQscW`{
zB(6kVbb9Yq+CKS%DMI_E=1TFe^0vU8^SAc58@w>-%X4fUoB4hMQf72p%1yIEK~AyT
zz+EqlAmRFlAPVbMn=;m3qI_6NWkpw!YBtn%bX3>gcWZTn>dkZHzydiH(6pwjZC_fX
z02Y+X06VZ*--Y)_=xbF8lB6=<m1U2@P4z^FvKRVDL7&PcKw3S%2#qTA|6!RS%PnOk
znrxLVVzq`X_VuXRo+K1z0((pOy)KgUwLuc0wDsDnj&SPz7jX^{OPg(X=O2{zL+Ncb
zq$Y&A|F?=#9(S&Y+!jM_QD)fx-J8AayT)q_b2z*zzlIT5-C}RF`vAq(wcVXa+A?uK
z>3ir$d5Bm5D|P_P=*;9smIib$14v?&!b(6HAt=-Kh1_l@{Wx!Iw0e*kuS0pgG<l3{
zoeNAYK*1_pR4udtMQQE*IcoYs(t}OFE!!(eZ#cCmy<F|4`2g(iAu`NRa({w={Q6^T
zyHHB<oMv$2tQFv&P~zA8X*me`+7nNb>p-8i`{s$z3?lyqv%ta{R6}Hmbls#H$Qw1U
z?)pUY($h7iD_nt6x=-FVc?fe0dwVlCBO?}CI(T2zt*5tl{zK<47LKy@4w~F>v)2tu
z!(JE>EA@b$;aXesGK6jtgu&X%$~9~T9nf%oy6J5b!;v-SLH?&O5~{46x*io2<z3fN
zl$nz=C<H2rsuzxH(m4HQa*T)D39Ps(EW-d#iUb+$b)0JZ7~)L)YB*cIZF3#x(DRjM
zjUb-*AZ)##WjMFnr%?qxCJ{JP0n~-sQ<O;nJfrZwA#!2cWIzm4ru7uTP#L}|aY=X2
zqe_g2AG4L8=juoNHV8XE#omg9Eq*TbxnHwpAsJwtCZ8v~_m)T?UD5E>Xm8;vY6yQ5
z3v`9``#8vml+^rIs+&C;5!Yo!GG!k96x5b#qYuzPm5bJ#NpVF3#nu=q-Z_CDE^{An
zWGUnPb1)_ZiBY9)q`=f_86MH1gcg<JD|VBK9R(>p5Uy{LCsiU7x62%A4Pp?ObL?A+
z3TFlxZMJ_G&V7Ok^Z+@dAn^eUQ$WE47Wg-~0hmiU2H+6h&HZ*%^MK(l7gX*bLn`m6
zoS?WF+%el5ud!m7OHm4f!XauFG4uH~8;eu3_P4MHBcri=t|iV6D$1NzXl(~Q@n3Um
zHL6tuW-O_a&nR!e5WrH4^c)gk;Kt2_Ch7bkbf@eG$>4=;(Y+L~A^j2iy6k#A+eB}C
z`$yGUwcKGJZw^~JZe2f$2wE>`ar1qZtg+?+hS)*_E+|px%naMHIs>+LkvkLiS>O)u
zxJ|XwOvaRHzT|gnC0dID%z67z>Y&|YvBn{g<0lcNT6_D!0`PZZ2Ru}!fOCd@XtbC6
zeO*h0oJ+9?Wb8w+I0RvDjO}ISUVOy=qginQ<hRL#`{t*&>Flzz3c|N@#S=RH=5d#A
z_t;76M!_RyF1|pV`(;SO0pJ~XN;|Kgn_r9zBo^+I3J`YZcJTj4uNw)i>oQF^%ep7F
zMy9+*HZFgaGJApR0l$uBfkURc-1X!Lr{H3%hyEkL@6Sv_aRZR{hl3z@vVohJb@G>K
za(*kLbovucr&1)t?tkMmq2s<wvQ^kf$5q0H-QQ@2T_F0$W9XrL`*ii^^nC`CwZo>N
zp<w@LDC*9qNnhQ43vuszmo-JaJ0x{V?ND7|RAYG7j3myvipBT>m@88Zy_z`v44*2Q
z{77ykK*+7Hm3%}<x(MUjL`8$Dp0T!veEP5wvq#>N0~%(NEIO5x76YOP*wpylJ4ru0
zDr-h2eAFr`6o;gYHJD{%G$J;;1Pyvw9<gLAaXX0xOh*I{Pb!dRYLjpogAVJ8{>ZHf
z0~cgS3>h_d>qm9jr=Dc9V4h(;UbLs$2QrsN7(u*Y76RZg(;KTJDf0|LW^$KCEQ9uV
zJ_du8?F|-cPqAUil>8`n9aqn6+4#6pxQ(Rdg=psL`Lscq<2&3F&4|V%q_7%pfKLY%
zeFmu-tZUvmkWm4ISnjCTxmS{m-O&zO5D3u6<)|GJ<mZU=+^y%2dLLbuw|IszTa4DL
z%c3FYA*Z>b738rHeubtb6k+>(%4%cim6Vom%sU)m=eG-t^&@N2&Gt7ri{^NPDqH15
zx&@7_C$8l8A@J!wH=DM{YRkMLG3P<jE8q{bU<F#Cmr0{ZdKJ+vdEHQ-7d)ghPuNM>
zvf|#Y%{;b&sO|J))=6hx1KnsJ#s8#dAOKrTV55+Mx|xE-1g&(t%M3~dt|Aj4&6G5%
z8OSy{EStAjwpvk;Q4qW``2uQbD-+daF-eEgjuLP{wD__j4ueeYOeU_GbG2YHv0pS$
zcN59fQ6BX&`_${gtH81Nx~o<N(ZdG;obsHJJxiwS6Ey_}>q7GQvc!*_ld1^G4^RA~
zp67ceB7u8y=gK6?5Pyq_0>#Xj95Ixen?;ehl0ZxoB7usO1BS2GhE+ph9vHVMMr|nI
z6C;2P96Y-Ggv|Lns7)cLB6<UGMMX*>VEXL&7C?x0dy~zbnc~`|&UItA=EK7miED^x
z`Wi5;irdCb9xH8}BAG4QgZ8oRGZd+!LRGT`4gVKM$V7vx9aGywapE>y>eHdBY7O&I
z$uMGfm3V%*IwsGw8S<P5rcVC<Z}K8j8B9JAkLk{>8J+-0<GfJ;pqehEy8~fV%yFUG
zj@}}6Bdk&nIBa8MMd-1&W-kh^;nQ45HaZJb?KhekbreDHlEgBW$FwpACjt`)=drD=
zJfy%Ng;kOBK1q7%Mfbd?*x3?%&rAc{UJ$7hmDn&=2??L8<mP#gUBz&RQP55|N(IZx
z_uRhA09u{00{aQFLMI8Oc;v}sqlGX>RnjBzNxJB0R6uWweZBRS3>}W(H$NvkdoRGI
z+(&9imiq^r9~{EE66}dlz{*;rlgu}WlQ49RrvAK9N`u$o7hFZ_1_F+OI1L`BC=azI
zYN!=QMM+9YPIxw3PU#vf;P%50bZ$pJxBk>0eMRtqtQF~5un{1JQ2ChJo+FRC7i2IV
zgPb#TbyBOHsI}8Ec*2nCbf~X%bsv2FAze(?Afu6?qJcjRblpWYU)~8y>p=k(p$wD$
zEhL}va{ZMa=`1n!yhuGp3R7?Nf=&D!fVl<v!rc7q7a*FR2GM7h`;Xy{fS_3FjxBr;
zpaMw(0BB6qT!V@MYcWjFA<`~DBSZx=osF!_c5i{VaBT0&wt@+*Cyov08p0>CbE2y5
z;wZZsdpa%l0g5DD`@d*!A`!R^+$wZU>4zn71_jj;dpkXGi=NFF2F#(@otm$4y5edr
z2VUwRXFn)N*CZPk%85qlZ~l7{q-up1O8O<_Oo%m+Ek$Uba9|g97@a9(JHjH8n0BN!
zNRvH!HXJ83heEvb;6q?Qzqbh#J`p{LvPwjKrFS_uHojCC;ZRG1Xyc^|FE{dOb95r6
zJDHUCg5^AUFMn^u{)pyKkgfY9Q&z!3%2i25=`ynoFT3C(w{Q^~Ark*`>{fbupUurG
z`Lsp3bv)87haL9M$y+vXao>Y?8Uj!`RuKj@;gg07j3l6xW-4iok_=I+c!s+XiF}!B
zLA$dr4nb>SF6BKfKz2HQypLHaL=`+m2-;cbOgr{G)p6aG5U^QlvD4t&cyinZ3ZC{$
z1dHBlg^J12h9^~=?ZE+=a+b8WV20)HlEjZcI9c=R7S&L1XsXhKt#5akdAZ>=`I(en
zoJAhptDmNST(lt9m6*(LGLtE{KF_@6Tf6;XtlTshn*|mFwI;gX)MTbHTI^NurYr_#
ze{HGQ&!qSULRQW4QGiT_K)!Y(#@PSsYYN%nzJ$3<d-W*Ll1*d0VUi*P&*_gu6>#7>
zTJEeG$OMHiusL{IcDO(<+%pv#7A3b-!OJPyI6vQB_CA0m>aXOd-s9M=T+S0vX(H5~
zQ9#bA99L-FzrpyI9Z>{Ye`Hfl07XDyo(Q)4YLgruCxXr+O$5{dCW4h<i9ji`kKYVv
z=V*mfBDnHbEQyx@o{Pu}Lc<0_o>oF0f+*UDFc%n&5yWVRRJC%Y#izkU!IkoJ26+)l
ze;j#(fAO~z1x$n6mJ)I%3}SU+yu7kE!?+`XS7ej=M<$YELpxzm)*@7rK($WD>R}rp
zXuX{HIGM_F^3cDKY@FGTE6+l(4wS0$7=qsR<iHpLCwo+9-H~@-@YEe#L(qAO^zzma
zkdep?*lY+cXx<RGMq0IjN8FW*ZwE;KvgPUlEfCol&h}Cf1$uRv;v7FJ+Ru~b<HOi<
zv|q@V@~N}}wc#Nm9|uHaanC(dBS?muvnB$KXrjVhN38rw&#MV;qv`z5c``v~r3oI`
z%KvPcUPseS2n6Ge+D3cOZY=w-3JXob2{Z^-B!`~oE74v_ve!MbiV1t*;xqHUXuVZh
zQDy9vVwVF7x-MU(8Zq`6Kt$&-)r7q#5t_(Qqn_dCj(X<+04a&2U0inC<?#j^U;Ly(
z8e|5l26y<E*6DntW-zumY#Cs8(5%~0kO`Op?Z0yYZ^CghZ&Kb2BtDsC3bMoKTATC5
zP`ENH4=v#X48=ePs~Dg>G-2_;=D&q3P#*B!>>P@k>+Bl3n6bZL2P5$G2Z#xbphI+T
z+ZNGht)Pm)xp*xVLHv$+R0Q5102YSCc*XD%f#W4b&~21{dvPxa$Rgnl1l*UW5Q<=L
z9pA%Z(e&m3<S4j$B8Z74EOsL3_dKt1BCtHdR%#KP2Nj=a5kzr=$SeX2To#%vf`yn?
z#v-^5eFVIDu9b8gmH1^K#pVIG4vpzrw)VFo<{S8Nm;KP((nOo)w~7Ny;$5Vi=KD%~
zP;>N9Ats>WTEH8Fv-FJPV^Er>9eUC*oZQX==WUF;{4pCL;sX-Q-1V!alWEc%0p!yH
z1U9m`m6~at1+9|T-)&$|#+>-ViSy8>i!=8{g&$7}TREx_pq%s<aHdYYNzmMw|CAH&
zFh4wV8X#)oStbc>Re4jT<AzOQkM~Mv(!R&Lf@TQWj5#{v>~J<dz(Ka8p9`T+#u~vp
zXl1yG@P>Y-oQb!K198WxT5bdNY=p>#qXjs|>3@VU^U_S3@OGppj=lRg4r)-PH9{Od
z`b<?^)x|bKhKn4Y86WnkUjHJc@S4Kl^tGSHRpE8#OomklWP0u`$qb&VOd)t_RKJ)E
z02+oYZ2>nTIdDu?u~M>F7H3~FQ(qD$gWNXPEwaH%SDjmYyrtU#v48*Ynr`)T+GYZx
zwnjOif&Wc%O=ZG7$)s~1Q<$T!<4EPBaG8v2rC2ZrSZAFHs46!SSL4VX;Apv8!XKHa
z5+pL2W<36YQ%Lh?mPI%+Wt@O|*?0nL&2rYr&lY5k6ln2~WcOW|w{cQHrMA|>JhzS7
zf~DO~1gb`$Z_^SCix0;ny4@iZVZP4Fv@e7iW5_<ywlKMflF_v={oIOzDI~!2YkENQ
z3c_CjB>Hl|9^Bs;Re~fe=}x{xKZ4Ke8eO_iv<4zOjhYm&PS^ox!*B)<a}(vPY{Qxu
z%Io^R2ZsKLb-@@QHk)0aLVYyC@26jLnZrWdG{z)2wfcb-H=Ki>Kq`!P6aI^dbqhL0
zAhrXrbZgK7&@=`7GKt^pb}o7=-AZr&(%#b%mE(E-4jQ0*$4fIZ^2J0T7?KmWBbewf
zaG+pfh`zh~u||zL0<l@=0ADr^0{QyIwjz;L`tQf)3-(^?hjpSuk|x_g5)>xuG=<3!
zI<LjQ;nj`ExHiO0^N?A@xLt<~yYM}ffo8fO0^nFg9=pr*S)F7i(ojY)l5qgnHn<%4
zb`d}X{t0!PcljS(Clldk595J_;l37ye7=-d-2h#oZ|ndC&&Oiw@MP8gB0%`ZKd$13
zu<1yHn)xhMy_+;(^)>dbYC91@jb?-J9d8{Q9t<U@0J{a6CG}8YeSMo@f<!>pg7{kT
z#z%(WOY(}Ugj2WlU6+6-pM1|%%q$)&RIGgoP6dBt1jsCrhXW3A7$zArIgE(Ia*g1A
zbOP4W6QFr&6~|8#8JLn3KpmI@R)J;>fDG@jK~3Yz!MM@BUkpn!G_Ln-HdHt<E~^3c
zLzANoWW!j&)Abki{ZV!sxNbkX@vz>v>uwT=y1aOwc1M^DLXhY7yPU<{Hoq%yFW6i#
zpswbnMz<Bj@7c}K-lZRm?JR7up3`g>Bd4Fcv|ajs>0GW?kPQ~y*+ms<NtqBiL7gH3
zRV(SV&nSYFF5Km;J=(W={ia_&o-wXyZO2ix#HaON-u}b}sx0a6fDORMSdQdgj*1L;
zfCC)Y!``}UgH<zsr|&5=Rjy>;e^rq9KRL+XWdswUy0>bm1|}h@0}u7~MCbS+RpdF;
zmr|9!2I!|6r>GUOX!Yzjnswv4P9I=)#u5*Opyq49S}Q{?)!j1im~OBkv~)gzehcPS
zAc)64c?(+8UMPf$1gmNLKIfh|wRPCtsQOP8w;TK3A%W>D+6~G`&2p0jQDH&e&jDs`
z8X$Q&>wU)#P0B6$CI}vEnhJt9WsEEblym7HcB_3@E}UA=o*tU{w6d6oA_DqmV3Peh
zu&fq3Sb*0YnTe7+VL17`$8Kj3N9ny7O5V{Ya|8=Fr46(?I4b>h+%EvGejL6&W8}zF
z)&FU-avPl8HM7+)Xfgw=9V=u7S1ouX|Cfo$tWq&nUvLoO)%wuA-Zl&!|Gal>+JZSx
z*z<*R`NfEr4_*1_ALya7*&B#RhCp87nF0vMPQGT{W!#xNFjFE|v5h1MF@n>6O2!+*
zu!B+%O^OhRwN-`!FW|Z~dt<Br#Qj%A3IHhdP4k-P+j{~v%h4w-;741EH#n@uGz5Zg
zMj(Qo;Z;bWQ9Qt^wkWL*qBR=ZqRff)D66{;ycfR$$5IWmqK{wzpJnmNLEj@R5NJxV
znA$+L*L<P2U4|N+_s801gVRQ@?SdAH-N0h*V)2SsfY=3_xuOFw2C7`T4lV%v|2v=}
zt5qcnjgm{+XA)3~6?!BSw}dZ|)Qd2-PwG_kdvM^P5xdquzmF*SDPQF8JrTjBMH%|z
z%($f(@X{rnzQ=|DPwqWjHEM?IYQl_K=)oV$;t-@ismxDE>;76BKjcJH9jORO6PC_X
zyIO#N;tA!5zuPSN(hY=xJE<4@bKG{1|HD}ezm!5pm{Y7<h7W<5Y<3Y@!ZsP$(5+9n
z>-BPyY$CpHxK^2xjS?A}fJePz4<=i4YiCW3QaB#eJ?dK)fIL!XmyIetx6t-u&Yj58
z|G^DMjJu5$F&YN4$I%*hq?E%K%ju=EWS(TWx3XNSAk`5qiAtkMtv6=EqU2|787T*v
zpA)c9sf37;BBZ;VR7HZIy5|HPkDI6H#!lB)Nu5`+$c0lqLdUZ@j@jd1gV278?ZtXr
znku5YQo;3%!y+5$Ka!HUBUpV5ni)jL3tm3F<-<&@#6a~!w@ZkJr>z=zfum7lJ)D4?
zxUo34G$WMpC(vF(-2G~iO!(y?xL0U$@v|mx#LpI9XNq;NC*SS^93MYVJ8VA%fmi_H
zE0|?}6+_&}kJ_03qMLvJY7PRH7-PsFVr5VjgHL2ijYnGCrn%z=v&^CKw=j-VEYOYG
zY_NYkv?z#M!f3$;P0ug3Np*7Oi7jxmhT|^UI$OQfw(oWItw)=7HGo{TrOWO^9Xji{
z-2;(0u~jl~67iAzcu(H3Uo16+Vwau$7UA4MW6~aWw26f0fq!DGZ9Z1EHqo0yu-9H*
z-KC^AN4ky<(*8CNJYa%LJ3d98TD;>^EQ?x<L9hZJ4mCz|)Yy=uqRKP9ZM02^Ndc_k
z0E%W96fLlf>^2f&r&fhR5OSQ5!0IT!F7VoE#hDR(;DsQDA}FFVNCgu9DgEj2*kKwm
z0WASM0R-wc!IJB8b52s!yzIE6K8?98s8fHy-pNl0M1f#M$Ca~_jAnY$<|*UCoPnV;
z#44jw4fUyp33XjcbBc0!Pz?@L!*w0{rW&q0HZ;`eK}Ku#EIhBB{FwOb)WK!to2)w>
zbE?IqVhpP;OM8auR#&^)-8gSTYqz@9wK8tMxi`B4c@gqC@rCexA=%AEvb3GS<Yi~*
zrTJq{GmyxXxm<XK$blN$H#kkZ+SN}jlAH0cL?jfiz*F7?^^H3<xHS6ans<qJ%=vVi
zwMAkzB8+p~jSjOIMvSYm@SrJM$UGn;dPwLo=etCFSyq&G9kSLsZkAbDQ>-P!)P~Vh
z5u^Hy7jeOO^;T;s%2FTx6_qjW(j=D7^B|w8XdshL!r;4uJAtkxPw5fYXWu>Lpl2e7
z!vUqZpBB~6%i1eyG29%Ob8NkLj;pTCp>f%UX;)@p_v+>~*3#42*mkv*9U|W%7jF2`
zHyLVL=*Tk1)k_3L#moFLal16k%CMVl7ytwWYONKeT^R_M8&7rOPyfyCR8HIU3Gvx{
zbFIm9n)~WwtvGugoNulzYLwmEsJ@RLVfml{KiWcJk>t9B)GU{uoiV4^T;JLXs;<Lw
zSeL`HCoXMR0ph|uR`*t0rD>~;d91p34Vok+y~2k&N1(d&+P<wYOXS_Y+4(HnMBMd(
z1De~PFySF^`wWwuvNpA6o2c37r0#_9oBKEC)Bb+-*<*jb^$ZVo;@ktij{_`*p?m)s
ziiPqP3Pktt3JTOaIK0Gp0SX5=|F;itM|ZZz_7F<;4T2!`wGs$iBBd&!@-lwV5|*Yc
zvlM)gh)c$Dkv>R70=dXt<#O@94CdlhDi^Q&Brcc-2+HSaA{B_n0*T-d{wvI?F6+Wj
zu#Z`GC8}&}j_lej>*AtwBbtVI7omU<7K#GQMWT`UE(ySi<r2AIx(2mzQKkXXtxeqN
zXt9esYn?IQoSI%$lo#EY5FGS|bWsx2Nqaz@q}NsIoYPA?PZ%{7>POU;qsrI4Ry`|&
z;d8n>Vm5WpQm03#=kEh*9QVSRb}*S42Bs=qh`z(&BsKCz84J~f#d7*gk_gDT`R-?E
z7npkH<CvoTLy_w9F8_1>gpa<C;t@S6)H9M11ACC>*vjc%^cEmg^FYDWi0UdG#!?ij
z%_-EM=+R{;U*@Aoz#3gV^?gij?%_-LDu<{idemvV*wrd78!>%l%hCbZL+X6RYI20q
z-l+7yv#C9q%oqa+%w;0=%&`cDCfL&})v;^-^-MvkTkw`!#Ggt<Gr1}cBB@9p#ZsY6
zB9O`bEZrx0lm*@QeHjb{1Tz66mQF&EuyhpOCqV(fk0Q~iIt7r3vu93bjOtRGxNCyA
z*a2y@pV-8njXgWIGK{M(D|2iPY_lAgcDIQWIT2sS1(9W_dl}MvWBYj8dnarcami0o
zv=CAJIlGxlwBxYEJsdfx0+VG9(=6l_79DrC9jBcW-JH#tnj2k_OKZX=%jVM5mb);G
zvm_~Rn9DW|!`X##2P$2cKtdDIO?;k(qG|Yf6cQNeKFosz1Gzj<bPBo(1jHo+dKd^Z
z1({MLqxnYMLyY#xrjjJmvvb<X^5hmYZmiu6smvhh^MrL#HK$8bCQ}`Vrl=IQ8CLCT
zg8)NO01O%u&IIC6K%S&osOkgs;Rgp(h0Q_*#Bq=uE(8KW0Sv-$073!)!!Q6sLI_8a
z6mv>jHUoHIh>v99G>#Rd?NVO;4;NdJeur-DBDu1<r%74Ij_du#Z*-Uc2Ih+wH*#OC
z_YNXF1YQ9-)c#q)W3<By(_}^bN{UeFh<WFi+^YB^d22y1oml;MUwxD6a;Bd;N}peP
z^94*De6r*<%)Pu{0s{{}EYTvIRE4LL?h<LS)aw)}y|AumTR<0m_9-2rA6ug@`;aHX
zN2JdsW6PIsqL>qH$jW7PCHHO<er<WnaP^i$ZStTXO&?(C4DA41{q65RB%Xz1Ukco1
zD^^u<e3XXjr7p>3Y}~YYNX;-#baI<51{FnWo8{r4md}i`({gyCX#Yvkf@gzv+!N5;
zo1jrE|Bb%|ys^ZE$^?ea0Y-8_yYsxHHk-_Ha#)|CF|&>5jM*eC5Y1DC_$$;%qU_x8
z^ujn0{$T8!00*IU-x~J|G9|AVBA@hCY~Ab^WwVTG8hflmBESpNgG*aPEa;k%mWAdF
zkFxm%c`zAWZeXvJGfWQSl5=J@_&hwhgKrb~*I`WK4Bj6<U{D-?D9ceGBQS8Ol$^{E
zc-qGIiqxei9$ly)<-Az6qDn-U7fPzwvmlv94BWqvYUi_}c^YYjyD>m6qAsda;C2FN
zBEOFxMp^W02-#;Ti?+fBpDx!@jY)whNmLn1_r(Wfpm??z3h1bcFpZP|wr4s{$e!fW
zeSoe&R{1Ew7+E{-OaQ54O9|l3YR|T3lOv)4p5CGkDi;N>jzTNuRWVE!HywgeZH=Qv
zC8^p=K6Mv^6k+ovxi>FytA=%x8`Eu#I!gO8{!y2}5{}Af95)MgO^7eeidtY$$k@DD
zzHFmbkmhzV_)uzZ5Udq)mPk`Oy6Mk^r~|3BaKca^w=TEooDj&B&jV!n=M!R&So;TD
z6yI5K_LN(JijqS_DRW2TZ#d^#V2Rtoh*VR_m|~OYJ@!4Z3@o{7CR>IJkAGQEI^`#7
z3piVCWhSfJZ6X09Dx;Fp55M#Or?k?qubE8+x=Wb`(}-7GIG4FBe~kc!9UR)d0qf1q
zlI;PTT#k!L%u6VH1+=6*cBQCn_eB=cy!OBD>NL;%oy39ol)b;mloQmVr%?H_n=Z;}
zqVAPpa+30_GQ7G=bKGi8susYB7eoZR>H;2D1v+?5&)$-*FJ#sPD+yeqp`MUR+af(7
z;3QKh8fiEKpo1K>uTe;b_@{EXax~bX$g-~kn2SZC6%dXH`Ug5BAU|ZA%JZmq<&Zs(
zj#wwLw)p;{cCdXWPb>D+4n1mp9Jf`_8%~@+HlO{y(f&XC+Ao939{?lmy9r#SIX}Jg
zHLrW`<Hl82{E*!?PzSGss|GR<M;a@D^#Jj>;eR=fz$Cd=iuF9{&<c?RpN%W<6HqfV
zU@Q`Es@HX-okZ&snKoi*?BEsr04`wUWyt|Upp@*sKW(9LYpA3g4G=_g;u@O3oP*x~
zpth!h^09McSufU8CMiC`ZCJzeS|!{{3~p|mEAt?a@(?4{%@2!$@2PW^4tWq<nOc67
zEFZIFad1p&{$Z~$l~G0=MYSov1wdbZMD<Ku{Nz(fi)#sNEW<Tr8gW2*8K5-;e$vX3
zVnG_9jXoel*4hsy;)9a+NR0~d^kVV2^~Nc@r*m@7S1V;%RxIR(6zd_57e%FA(dC2P
znkyb74u|RN*Ah{kk|W1*_up^4>@c!m=`htBqe4a(WcxDm^ixdczE>ek>QYz{=QP|A
z@iZ~I71umfFJ&3nq{C^NMW?zJQ)n3^T15<Bl_n2Z*OsXu;?EDqb$|?^M^U}_Q?T-V
zwhLs}`{uyxxBQ~|mu^>5LVV2(|L;Xb173xX$TK4TnSr1Nq}Nn}QwgVq??`Y;2EdGU
zwg-xmF!lsK>t~l2Js6TEOMd7g{Zm>0EK+PN7QOxWYfGQ=<rR(@%}9WFd#Ec{);OVj
z{&smBmESz0eNe*G7WaiqU8)7kr7An|Mrh$``^@7ssx|zwdk^GJ6AeOPzQobQjYfmU
zvw2vmEIout4!d)u7*Ng~xo=LpwfAuB{zS`zfOC>W>c4m)BRi}Bg_dITQ7tP=-C-mF
z&=tkfv|Pi9cKxah@Jih7u_7wCc;<+8ehdG@Y=MflRVX1LTIlXMVUR9=<B>49H6g?T
z-Uw6{axgm<PE7(@$b55|`KmbpJO@%3jN-OWO_<#a>PK^KY<X+uNM-vqBO_aeM*(h}
z*R?C7?%uaeZc`rpFW72|Vvr&f9enT|aM*M(=Dd)-ZRGf|Es6g}E@8bnf^<sHx@Blb
z?06amAA#GWuCB?QZ0f~qO6B+>!*a-EVL&VCF|8^Q{rXLr9<1PM>EMxDcC*>3t+liG
zd}*tvGc8!)iW6dsc_=-nOhKR_zUG*n1o35(&{L`<#pLg=i2E=ErWCzVt|1RdA-Av%
zxu=0oyMfNEg*PDD4WF|g^HyrT(pVHq-p{mPcZ0C_p7Yo96xU4)xuA<s68Ngfsbe)h
z8*+!Xfq`veZKT*2X5vJI@V@}<DuI4A^O$CKtbWq;UQ$cU`O;Gff}4pOyB9ac5)u<+
z@jN^thKp`amIF=M7rKzpPCxF5{XM>tw4F`YeHR^}?kaJQlI8LFQA_p|M$q@G;HkAA
z_pp2>rhiM&#~d^NWM`J3?Y=$9#3>DmyPj1_Z;yH@`f*!qY4xz9W~vme9iAhlZL%x?
zzl4X1NOy6fJf4csfwvh>WqbKciKKEgwAG2z<U1tGvD4qq>fK;GBF(5WheJh}`}B><
zMQmS1oQnpLZmRceP*>-m+*TQl^x9tpHXxQ5Pb|!_%u;Ams3T(VR%*m7*Yu4caglp>
zcpMkFn|2zl8qUgF^kABN+p{tfwLt8W9cb~|i&F`uSI<ilfNF2nO4y7&6O{yh7f~t>
z%LaT>PBewh%|HlKKwVe-J&;W&)62Q1xpeLr8aK>}LkcS~b&K}JjnZU2R2U`YT(P~A
zaeRomhX4PKc9NsaO@TO$pYJaK3W5VJ<pV(5%E5)qs?zM+#S8DlkuinzefY>i{61z>
zA^#sXt}y=(8d2!K2gVl8?}Nw8vCo#@gH)_b;8e)`&++2}A8*Vv8$##SpE*l%kqDLh
zYh)s1mlJXi-n8Fn*76A<p-cnkcK}B+TK#Yn7V}=s+6S9YW?~+JUr0-2^&pR5>}Y+a
z7kB>d2`J&=JVp0BIUG(+c%((&0&MG#+Mc%In9^;WYT3>g1p5L?(mh<+hjWIm6pMQN
zWFM2v0Oj8>HvREsnvsske3gqlJeDKogXl!?=d!%`AV|hui5{%@`As^|n;_1unCepp
zOx_|eHv=H75yC*H0xK0TT^nc=lUFJPn<F!w0L9%9BD|t)n(DITgiO}r$Qxa=>=OnR
zq`|6P9)GEG5o9>!Zs{%Lb}z*sDm_!%Opph7Ka5Si0P~j@V@BY`=H%S1_Jcu8f-Y19
zfO5l!-K?OOSpr3BdZl(-tPI2<LN+zP1iGQE0DzTmJlpQ}pN%612f7I96DD1OPv${d
zOnK?Jf2`~^X)Q)dxM5*zW$ReaEET&#knl_uDr)#=*pSRZCY1*rgeoQG2=OC`unwdU
zU_*MbLpDTU(=S<r#<Gl~iR*sS>2P0t2%}2_=DB<MZP4v*7~LjEgB}{4ZjC;M2iU71
zpCc_cAIG3k;CbzdO7CMqLU!7@$roO91GupOC>@TX7)O6E6M!C$$r9;exK?PNK4sgj
zaL7jXq<sFJRsgHnX&#dd6}z}pl6%zS`j_a(?+>j^AueVaBQfI_&i)_3;}4n4#98<e
z>JCJK`EKXxae;Zb*rbi0HuTt}-(XV}%Zz?Q&v|&?EWTkJR}i$8B7KGbf-v?vC0#&L
zVZ6etEu1W7Y>_`VMzfMnX<)CjNz&oou7QD;87|0sg~sxM64=K_tUNc*(x4P`JmMlo
zUsUnHr6LY^+*@sNeX%;ap^HRQWbJ<XF(tmzjGrRXjiA;Iy<TrI#T3zC30wY`S@SuP
zGgDC7*-Mp58eHu*`F->U81L?bPG0xpVgo>|KD+Yq9kdqeN$UudE!liwS01OdKY(gb
zBUUW$zN?VD_xIn_iuh7g+S@B_r}MW;At(*WUoVoNWWK-1{d>pgV*9gLU5T=$>uHR#
zcT2MD9A_6Ny~*pqzUk`5xyKc@e;l3U3W=S7sW6EJYj(D%kfHPzXy|vC8nacj<1d`A
zqADSfSE=h?^AVRJLC&Sy3I0Bk;VWzervKTKpmh3_2RVqmX0!y@%a5P$wE*nw91DA3
zanm=-RQ7o?H-&+>D`|}deC;4`eUWMZWS|*hYA-_zBN1F^yy1T=jRqQ@b4H8`Npb)<
zgc>sCr2y5poOkAZ>il5-A_~CiD+|%zE3C?qFK7A~*XMh3{L06bET<jI;n{1R$q=4i
zad*3PjVmd4h<cWRfkd~Z%)G(qL`}{e#6W6k7NX}@_{)5=ZC_6~R$#B`_O=d)kg6Z~
znCwwXQcS@&rtDwU0nJ&@!=v%2z#osx8xuMEKUOV<uh*awP`z96*l4)fLj0&6qQm)M
zQ2;=m3cq#9a&9N?I?B=F^o$dKvkO3;jM>`CrUbKDr`zWyo}5y}8EKv`<x?h4%=1!W
zNHbpa->_R%=HDc@Ls}5$BchOiV}shFZ4$x>Db!qvkw)93RW^0ry)b5(Pw}$i<}dO9
zt7n!r2C4VK_YG`TPB5vnMo5`h1iKge6)1?CHY7F+YnuutP-_sK$tv#tud5Qrj`FAC
z(hrk(iX`B3gv7K)9IGNnlFL$sWy-njnc!p4TqjqS`T!NK7`XJN-p4?@R2uO}TXY9x
zfOpv160|`j=WkYt39Wo9=x|VVAE5#{r!2emx*;&J1CEx2meqq(S`rn4zhJKFQqVof
zoSDIVTM78;Er;d+eE~9{)82Ux;yEf9cWxd8PF}6oX*E3HviC}XMDl9%XHnq788~%>
zU1QX-8gDp*DO&<|*-nGaI%aMw?<fpK1V~31AT;f_p$o2ALeUT;To8+TPToYf-#uxN
zZm-t#C~^S!xm=bn3VmB~Z~4+?`1w~kC8S>2VE4#5p6FF>)UfXY1DR~U><x!w|Nb@x
z1-y5SXHWv3Jo#{Dm~Ye%pf%kl5ezBLWC|}CkC>}(XbK0xH!|eXfslkwnN@v;OOEV%
zZ4NewSRGhiM6F{8rj#X$k54Sho8;tm*1%`rUDjx+h-bdkCnH9Gj%B<{#Y-$QVLnft
zi{f74_>7{r$=FxQ^6B^;5+`C#o;sQWH@aO<PBt^jEEmnnrhm|BEG-m~Mjs0lm0ZvE
z1W^rcsg4F=uJD}#F&!~uK-`GelF*_B%LH(#Rf(0YCZMxOBs8279p~ShiIiHoz*#>A
z29zowi18@gCxor|4|!ErEK#Fryn3b23VT?=gGsM(JtCqUzo)(l>~wvei=hF!%x7R)
z+fx#%mjOdagTVVln)>URBwZa?>_O)nZ1W|RZ|Q!oGL|s%)8b!jaNmnAvJyF-y+o6U
zganHzK-EJIMFJO^-m~W4NtY5tf%D#^s&ZRa?6ngnJqlSy)=z5gEvzFTX0CwjX=;tB
zB&T@D7Q{<Arv2%!P6GD!1L30ocPQiCE@5zLu%`{V!`{K(91Z(5_j){C<{uYVcu+fd
z+&Hxq^aV{9IH<$n*5BlxiE6YS_2n?^p8PtI6TnN;ZkP=V)KxU<RaQfExC$iAx!C?=
zR1Hr(>ivnbc=SLXm#8=BN~N8N=~nYq6HJlqdIr!g0#H2vNUsd@eQo7ACA0!O3a%t*
zqti&T6WxCla2h8V9{7=TWxMY-2)x3(JV6amJ}OXC(Z6sZ7PJ=#SQ-WPy9==8=;%k%
zeO_CjeDGPY$+rj(fkX#v2U%M(z?(b7rthUl6(IWn_XBY<lPxnG5udI&3f~8YvlGqm
zvDlRh<h(-H<HbeC0cg66*&>BhD|v)Zvh$eqZ}J=sO1cbG`c15CKI@p+;<UI*RnA;)
zVG0qMVS5ZA6dh^<?uGEoZ&*1NGn~{PKu+R3{B1o&dC#rZ%tF83sqQ;ch|<dv20d;C
z|JfoDly&#0#1`ViIr85HRYvP&BOG6NhK>f3FHQ=XwRFz>T%8QML<o_i>dG&HD0jrM
z%)mL%j_00gGM{g?AQchZ?CxVt0}Gw2?dMe}v1UET6cox2zqSh+(GmRURGT5s%xd8g
z3d!!-X<VF6W!k(p(IJ+IOB_P?#hrII2@)GBF$KI(RE*Quq;SR;p479?_Glz9>@_G6
zdv${VwhCoSP``F3L#4_M)A{qGN%cSfD9^YCY5So_vI3f<h}w_S(P;Gb(*n)(v|f(N
z=(4Z-tXIK?C0RG6;|~LDrO8lY2Atpt07;<&5JmQX=B|CIr0)V~nh=2Sn*?yU<k3@&
zn(Wn(^}pGPc2N9}v9fv^x{@nC5>az%NT~{`-0aVYlvz!7eME}D9hi;ZT8&~(BUxAE
zgP2r5T>eHf+gl0-y%juoTt?R}&RRkpIpEv$;!eW0reL7fthVhjxkG0x;+bHVjRE$9
zbzsjp_8G?-O~nQ%Tem+-_|Au=lT@0<WGhTXi0Lp;giNPo`}bc8sMIA`$SCOT>NuK2
zETa{ehGMbJTR4?p;}uTxa1|{c%3tncJ|*FP5R%Q-x>XUFhFej=Xq1lxJ<;N!y}b7<
zkj@G?of%afww>mTPOa?gupiP&8-6*BhZGl|oECRGa@x#7RiOBWLd8k=<&Yy1t(XH1
zD@PMWr#;r7(}d%m)B58%r(y1EPNSKRIjwwGBI}>il)H19A5B2e&zxpm@7koCc7X5N
ze~ogQiltZ0lL$iD*lCO%?=<vh^?KxDl#5{k#vF1Jc$yw4X6QUr0m?OM=0YNNqxkPV
zFnD{cnUysSYYJtRnuMMq%#LO>p|)z~M5{kAPBY!lU?6@3D9W(gcyMV`>JnqVpyO5=
zMoT46$Q)Alp{+EF@yV%Y!oW{t6%!JA!6x&>ZZ!~oGcn?~WR_;}s8;yVc#{K1z+H^u
zE!zjOe?uJ*DtZ!9Qpb|5!!&|9$jsRUAC;NqEb!rBO&g4HZG?@ZHAp*VP9fw(EsfLC
zP$+l;{@K@_CtxNdkwRQbJ@1!ekB?$es2jT|7No<`)CE+rM^Y%<^20kA%&!0>)>*qA
z#Z_c<*=BM6L?M&%bY=KYJlRJ0&8pC`*$nn@qTL%-nG!85`p4wNtWLnooGDV%_4XLE
ze7?M%_1X0(_FJE#2HNFc^xj4nOR)nn$OqMdc4zBJRKrhQ)fv!?2|JTn?dXL@rEe?`
zXAfv_VfQ6U)TbY$K1G--zyeDBDaiztBw8(<9v(S*pCFftM2(vIIQLZ;TZ0Mu^0^tj
zh*F$^-~`ARh*#hgse^(@4=ej``l<gxrVAb>j8?;0i=|ya3UL%qt4zP>pqU2i&)h&(
ze<m!V+)M`p{d6E9^=A>yWFYQj$z)t-{ZLyi&Kj@U?1XKhm1Y)eTIQN3<p{|+xOkJ(
zQbq-U_I&9=x*wWn1ELeWb0@w{4gHtN561BI9orsX!UFaSd`u#>Bk|&bJtx47B+arU
z3Ly`T{ib80w5^6c&Y@e>Llr0IgG1+Db&=y1LeluK^gV|}e$pYsInOjB;@>XF5L4e8
ztVV;Wnsq|t&yunVT@yvtZQOA~siYmzL&SqWINu#tFqm4efpmXe(TD?p;`IIf!c0lh
z4BY(_aS|u;JIyQNOvxW+du2wI#th|6W9pgDN9eN|`ED6{+l&TLQOg4p+yjhe00t*~
zD8N#g2f)kOW<@Vk3(*(cZ3>Y^fV%Rz%^3v%AOb9gBskYq6b;M<Gi(5D0CE6t(WnW;
zAI@J+)g&X(X6}^Hm%06Ud}l~OYc>9<uVX3wrN8`i_se=t?Jwv5%;?OX($2c#jAgw)
zJ75@oRO8jm@hIH)lQx^qcYhfn%uoI_LKG=%94Q<E79xd@<5_r*W)oFunm1*W4fDJZ
z7mbR)+^{&zj0g9h{<3a9u5uojdbiV_d-X>-{_n5VYu)349LJy54_P%*Q<?2FE5oR3
zvMSl}&nO7Ko=v(1ul8iX-$+TmOM@)8|3%5UvE@vV?SX(<Qz`9#_c=4(p~gSr(%_+-
zikeJ37M*9UO3`kEuxhg#2UeX%scmYo-S>JiL26Fu)Rssvj=>Nd#Ds~AofK)^F^0rX
zR%<O3V<h9-ekP1(EWvEd00zPt@|WJx5kEk?H@+N{3&o*<BcNIU>1W2<ekNY8Kh*g$
z*j`pe#YtXHJ~qj!ng|h}L<s^;aKMp#M<fH)M(xB+ILfmdkVr^3G+kS*+hujzp)E<c
zb8!|2;jtGmhqqQD!-i>8v$l#0F~Xf;p|)(IpABRF?zgk6P8ZFzoh=K~=!JEZRaJ^g
zn0HaA!;q$(h6)P08cG+Gi-{P$Vwsf&ibO>vgjlR|t3D-33T+01060L$zflkrDy)g5
z@n9N8D4vFW&iZEMqZcJdD%4do8l2NP-g^UWShT&FnntmS3ZEJSwA!{r^etyCj?$O7
z^g|3^(Pqdoj!)+`pm|J8=TumA0Oqv*ML;8Bt*r-y^PRPejQ&T1zA5fIpQc11;d^BF
z_?i09jORWw6W8@>eLJ=1YI+zQ4NFI=Pac@S0Uo8x@D${B`|5)x0IumS<}s!!V*puR
zSuH#|xzPa%sTFEz9WSFr4whS=j@FzvBADUt-9j3+eL>9H88sTFv~t)-N8#N&-$KmD
zUNw;+&h_%9iM>xjEjqK%tvHWLMJhOJIvQx%#+P}^qKNlhd`0-^mYlB`SUU5-?tHG|
zn_*|M3GC>BT;sGx7FNUF<kdz8uP$C=O@lB7%HVApfUd2<q#(oO9o)_%py~b4w8O3W
z(PFOicKis|qPsN7s~0$h@uy5N=w7YUV7`(>lX1neThizmxv~rQ#9?G->`~&+pG7-E
zExgL$F=#Pcww2IKivn7^m|*g<yUP+KRCp)|b>Wi<*m1;WyvD@dd4=hC#W)p{Cok&4
zG^QHc)diw7pXP(-$U0XS7OiT4{Wcq&CQbDm)4&W2MOddc$~Nho8?@HDslT^B^}k~=
zM1y=B=&_+v!mb60Vo^{S)T7HFcjJVemT}A5IWykG@@6M`oIdoe2Ebq&xc~e|(8_2s
z(gxaP9Fc5B)7kU?runf56z?$kq3ECAwy=*)!Q{1&_JcA!Ls9<zTSYtA4xaIQ8$P(v
zO!XrI5Bt$Rhieq>HZjJonh(ywYU~F6j@3Vb8VHZ~U`5+lbyWrp9eZ?dJL4o}DA24O
zEj6*uACLL|vNaF*Ql5scdJDcI93t0CxKgP(opl{X_<G#V&c%`N-e!FqSaUpbKo5IJ
zhXWp<WmYQ25;)C8;YjXy8Q4}3j@2(R>wOd`?}WY}FBOW5be+5t`UrBep;$;$UpCg{
z)IWAW<(GjQAkQkJUj!9wY8lQiC%Z|?Du9O7SH?^7>g~QzrA;%@JlB9D(7Cv<2aw&;
z9`IOX)xjCVMjwN(bQc%3u=Dg2VMTNq5oanr8@RSbIiIJV$z`8)8A&2%2FcjvNOVO>
zh+Qxz@Vpr6&2Sr-bNO=JC@|sH0PxY_kH90IVzf#ex5PAzkY=~!(8hu)Vr;n`Sz3rr
zpKurg5VF@aX~{Y)SD4?e&Czq>4&7+ioiwp+=&Vs}$nEk$DVcw~WU+bnkJKOvm6Rr7
zPHb8~wvM2smfcY&0OUC`&1<o1i0Cel5Vw_en5w&ztNfQ%X{ghk64x~o_yv?%MJIF?
zVv2AufwqX{Q9k^kV3K|k9jv;py4@n)R2w9P&r$qB=wn|!nibKAHsDp}R!r(0y<l2!
zrzzh($jc^&K2g^w){VJBB?op$nj6qWa3M<c$~H^20RGSyZFOm^cdr@ce#%XXG3mL5
zKH6jJg~eZk$4;848q=ke=_w}Ca?VBr97;V$BP$>k9ACkKr|L$SGf5k^+mveg^n+Eq
z#og&V!m`yHd8-zTLamJ^WNU{pL9&G4zFBYFjUo5rYo=cRBIudS6ozI*r<r;PPj0j%
zT}aSSc?_pmnk6-vZsBX=hss<i#-_KeP@$7ghGAaqXO9jJFrq_mbucTlp(&<g2xF2E
zsfx!wjg7-ao80wyAO<1<_xa#WBU~0%t20y^VjNJ7JtIW~xUivxx<!A^K?@kng4XLM
zTL~b!^eKpT*0#YPv?3}FTVmoAhw36sJLak`TDF~Sb&<avK35kpw1ACu(Hvl#U_ZfZ
z4B#aX2l*FtjOfOA>^ET2fGyIONPJ#Wr99D?OSU|OOB_@yqiGNMfEn_eiPD!%AkWaa
z-Oz{>6)bqZrA;CA0eqcd<JMt0GK16<pNX>7-M?E8Nj>Gr`Y0$$s<&mrly+VEql_*8
zb6JUsAicJt4xH%jhx|0trYg=|$P*zmJm_|8!7>dB$8W?PEH6o!1yrsTB)4}g_012W
zqSZOvyiJTsK>q%%w4&HDBjH6FVtoT11M_>1wm_I*laMp5q&eP6<IWw7Ry>b?6qs6K
z{kxANO6_ZK#FsF~Xd-OHugOWh7mP2QRs>JIg}SAwn<y^bY(gib6+_~L0%E2$ZL#Mx
z6SPx-v)%`z11Jt^u^mW!xMu8xbTL#A?3xgz;IrPz#A^8F!qF))s|VlePQt3eXL=@J
z6@0EEUyen-&}}?8x_IaI6{}H^|1%=CfXn3-rR@43nq8kMO)f?J`)^pit178Q)ti#S
zX#Nm=G_87bIXce1dlpZCjj~bTmD9mtdefap-H|L^axT1`tmC0;qFiKc8!4=>X)8&M
zRnaqF(;oe~=sq&flo%?yvCBEoaqEfdzn_>Eb%5iK$W42Hy0;vd033-U#2p6ZF{4cV
ze;BA&q!+HmUUdIzS?E&o<jJK(KLaYiof(WY)N{_E>fhcSS3}GWTgcX<x>HC+qVVXz
zYD7>8>X*TvjHhx-Y~qh5tqk$7AZ{qODs-_4;XGgu^Nd-E8^rVvRai~fHpzpNvY3`q
z%3?4K(azobxX(7oEZBtwzEhL*E2~<ESex!Oa2gx{t6tM$MLLQk&S!O-&+yM<<bBED
zaJZvrRajvF2*YTXj9<jcLy{BLfV+eX-&*PHC>ej_dOn163dRk%bsK0-ktX%G4I*I*
zY&+feTD=KnbuaqjGV98oYBBq2W@Vk|XCjYc6YgwPv9xL&l>2}9``0b4E_ma&QPP^6
z#5qBGHEP#kmvo_EQ8p2q7x!f_8NKiiIrXay?8gp<6~c!dd7vH6yNet}-C@4%JaU<{
zSpyw?T;oM!!i35OBzoE>L<s`$OeXLrvhjRPUb;O18;Lk(za@8#H{mvUCD)9Bd#LEw
zP1-of#nNGHVyEY+A7vmjt7B2XkqH0g_Z6ow$KflD*Hz@}=o-{)NYIW*v4Tlwp=pj|
z4K{R;Ng9cIV4q1V^ZB-ouOooj8zI7KRYZbJJ`G2WAH0tOZ##zU6tl{msCxC`l+L15
zXxynf??o}UY7o)WHN$K!CK%S622n_XLlXt+fB4QC9;N(q$nWk?y;E=(xFeDf%;5}Q
z#ommQEU04S8@Skx4V{~9#8|Aq7|tsP*Y97yid)wKMZT2R_>}}szF7FH!rLVw8!Wn{
zBvlJ^Q_jU^tq0IGxil(LRapFBsdb@z<o<yW-wp6`bua!7WXwSn%6?6F5U%D<DX1!w
zy6_Dw;u*zacuiVUS`l&!4`{<bu%(NC2v5xngdd9-oEYBKNK{Ihfcge6<VR2H8oT-q
zw@_fYMqY`v{GBN%43Ed3fN<p76H+14oDq9Uh*J)zp?tDe@&=?DBPr#gVEDakz=c=~
zPPcKh*60pU0;-YR?l+}ZEyuBt*gHh4&vHQo-T2Z7)e0FV<F(rFP#AZU)4L#r%+l#>
z1`iEdRD7D~YAIK4?&UP@v30+qX+WPnAsk&<)U4FLT4Ark)vpqh44mEg-2FzXW;!%j
znk6go71_~YQYb|{u9r-np_CZiw4stCk#4+@r9)2*lLflkp=V_batKbvHP8&*!-20^
z9d*QAsJU4Uv1zHtSVbq~S%il}Lmyp}*w{<8F7DA9pLKideJ5L12Bqy))_<(Bg1oEK
zj>u<jl>P*iaRDlDAQmj3tj-SFLcbcrh$wQVfYpuc-vUcLDLOatH|%L9M%g#@*0*6#
z;dOW|uY+e`0aF1_0h_vc{>BmIXS3-dD7MemW{1?AaXc}bo?x(L4eFbXcfMb|Cfh<2
z3=#gAA`O9%awm5}33cf)`Y-jDT0HGe>WG5ELZRV49s`d;lSy!(hL>hCq-3nJms%7*
zl!-q(=Os<KEj&xdJUass?o=`$PUn5#PPhlooj@oSZo)SnI};7|o&i~0XF3qqu_m{F
z?nHvSY`V)qR5abC)SU4Tu>-{)U+~vtH!&Wkvrr2qb0;3=v%zq>+!2@V-pNNl*q&)}
zoI~kAqh8^S<BqVrj7H*SX1^Sx?MeFM?_JH(X(BE%9C@U&hh81A`A=FQ4*iHYGLAqb
z4iU^8+M<6-I>AOQP31Zx@t>kZM<5Lkha}V<TG;T&^x6H#fPq*DGKiA=(3x>TN+Jv-
zUtTIQJINw3tTke&_Hgz<_ah&CP&Ys%AZBQgL>M9vh=k$6cwm{fWh$Fa<KaHv1IPnW
z1DkIwLMv(|T1NR6su75G(bS1a;ro(_FFr*I!AVD8jDq4&qd`9f<@jS?&i<woT2W+F
zrBPJ-=)IJrEBxP}0}o|ZwqYTMiV8VYVP?^dnkqa}0J4dOCajD1Kr#KY2R$H*ZO{p`
z6yGGZ-(Oa9P$W!#4b4GI6(i7F#;47Sap~Ull_BNfHb>{r<jJ>^`Mu5@cit;MQ3Y!o
z;4tC8>G^Cru4b{;n#EH4P^}YNWJp+2q_pk*z=zxVclTCgQ3eQi=biK=U;gp)Q2d)}
z7#gyCuh}&w=ZgAX&rNJu6~`8eLTso7V)^PwU{OoJ+z>`UEyLH;e8kCGqUDAQL(L2C
z^YIgM9mwWICWo`(su#hzRIEBM#3AvP4v6D{5b@m+cvxgxAbEHgV2{Wt5z!q}cl_TE
zmj;}yhog>wI5y3D15NIaNP9FKXP*$YZeHyHwDYJ#&s~Bi>kb49b?|zd+G?MGqiwD)
zwBqnQC<ehET4XZ}GL;jx2n}2wKU^MPCC-&vD=P0(SG8`MW54ytcitn*UUve;S4AmQ
zl)|=3{seQ$lUVGOrPbCeN?$Bc{WFLM0Kmg#x{BxX@Ib=&7Lg2wiOp~Q^><Z0ssRs*
zHYkb0KXCV!ci+HRmQhs+9QCNv?Ve)>w8^MH#|ksa{Yi?7u)NPI#MyLTf-P`QRjL|I
zT!z$0hg*b61|E6qEA2XqSD_=lsXVk;zHLP>zNzYyG_ER6M-{ljuc?pFEY&~twg2*H
zDU9T=xR>F&F20$ae!NbCV~l$4=$<VdNvg67RIO~qVCau6gMll$0V2gu0bFkt6@hNL
z@7l)D1f!ZROHC8TBa23(Y-|=JyY)UqB5Bw{b(lh;_@GvUkT9=H+qM0(to6cX*9?A|
zcfYS5!?N`K-U-ELMy)YG99r&mgBRBS!_`SVj*|)Uu0X*qQU4>pxJ9Qx%r0OStwcR;
zlnEU`U6ZBCGxHo?%URZQMTj{IaiJ*}nfL?4i_K*yC+RQ2WyA}B-~L+O`al{^!L3vt
z5z?qVPi294S=u~Hi@R_vA4ao)b2SIvmPlUo`?u)QEV8~j6oEXv$=K+osdyG_!p&*f
z8J)2&EWWLqVV7TEWf7j(>|tfI#{*q7!grayi#Yer8^3|E$EET6PUaBAR?w^un5n}|
zbW$)qU>Y8gM@Fd%x{gxmW_2nb$i1k|Y`l$48<+ZX48QLYA@D!VaYC>}a4ZVUp1Cbg
zn@1Bk^85RdR~7VpI8UX%Q681o-(N*-wDZB(YmpZQP#eoE_*oHh5H@YM&rTENKd-%y
zN9!4sfmI%7gfZ;%Se<_wRlvbEMay#F01S`}s1&((t)meT5D1_FlRy9r7$}_!<?(PR
zPEr)b`T>-|$Hx*z)ng-hEFwi`Fa`)927m~002pA5Q2>fYX2b~rlNX2C6Je<f{R&p8
z3YMdNprX=DUw9tb1+ZK*JIYHAAFQ$g)lw0Q*XsW?oLVTXR*oIr?J+7F2#Ik1_$STB
zkLR9X<tkU$a#rQWFc|`@lL@G(jZh|Ni&x<uV^?T3hEWom+U7RWY6Rr?75A@7aZiS$
z2xBxrz^mVnL#RLL?9r{qtgrc&BCHoEcb8P)K0B}y`id-#FXRS{*JqytL^K%2?`nhI
zUV|nZ4tkf9gNmXC?SMC+KGr>eF_8z1IT{@sT;59*zzJllt#E@sx^W+y#+?wG0}fuS
z&jQXW*N7e9c+?nCX9zK|;5*8aaueaC%XqWT)@}4pAy9N<6kTs@x5iaP`4KhW{=U8r
z5>?aVmf;U?ma4JS6fDu!+p074*AGeV<bAk#ieKD72Z1(6s$Q#D;_&D4!qdRGjX_kX
zQOi@gkW4^TQ|(LYOoT>;yK0iK0)cwIfP4_O!riC<=>)1G&1~bW?eoiRRJ1$WrtqHx
zHud}ezJ<isIQ+4Ba%iW97e{YNiit!b1xdP9N9PbtvcVt6Jl5Qbv}M6TnN6C%++#rF
z1Q{1)XtEWD<4tM!$i#s(f;vLH%WxNs94Apx50LkjggZiIb^^P`287b=w_G=g_ot8a
z*|G#t%g(cxqP9Xmu?3!;7lne~a$xJCOiKWo8($3nVq$<8U-3OFGY#RajZObMt^b2g
z@Xry-VTw}(<}3FO?r{zs+8g~4f*)0wI6U;UQW0F@et%u{pWKG1v;?&7Q|yr|IUg5<
ztj%8#`1)~%q+OyA?x4CV$ypn<62n~8c!0jet(5mfECd^(X>EiI1YccxkG%L_RL>%l
zLy_NOok9vUsjrQ7gl~1sN{<np7ykNGA*>mv9&X42tNGWAL~Rbz`V9(JI9lpwBlZXN
za=GiklPEQR$5W`XS6$GDcU8jKd1Eq84Dd9vfD3bd$Y})9kf%b*cKm^dnpBasNAdCG
z5BRI+6HKD0AA--vqx1XU{CbiyR6B82R_E+Q{ml4ww^P%^6985M+Quh{wVDYDP!q!N
z=q_L(vEWg-Mjml;UK+~@iiAHP@*Q9HOn48a8k(kCqUlqd2+Db?A*ATSI9f=(|D1vT
zVDLyM0i?r4`8%GoU~ug{hm|ZelP}vSC-1>RLmD?=CG_6zRx+j+SbT<$DLbEbLUa3;
zDt&94%w_Fr;B2O%0F)tZ<}YM&Q{mN<Mfi0WBE4LSEg(j5J6BsF`NwJ!b?Tg339@xn
zZSY04Y<01Rtf-B|*N)Wvv{Blxi8T;z^`l@CvG2EhN=+nO`l+-IoS<ehEz=(Ox#Rv#
z7?_0a1Y)^DAQ_=2S)ZH8*6AUry##d=(ZL<y*B9iu<aLl$3YAGBxc7$VmJ`g+w)Lq1
zb7R0Z1&CCvQ-+A5Jbp__NpMm}u#{fGX1KiySrMRDA1zh=8&puNFdGr<;xYsK(?s}=
zXdzGf<WU5~=KpM_r{AL3t_YRdW*kNoBz|wC>KQfN!3#~9V_jGN-l)&HiP^AiY_(fu
z*4oKLg5hkN&Fsa3w@~oC;Bhv<@qe#ViF*271+mC$=TFWKlj5Il4OxG@9h^aMPsNHV
zcXj@r0-32TD7Kzw6gVxxs)$^5cHis^c`1Zw<o9)Duz9-1bEL-5iEX>Q9cBkqwI&wm
ztB3Ae;WpNW(tcP*jrsP2+p|e^#)A*|KqIP)vK-C^zkw9(`V$0;nx3x7EZU6vGUakh
z8+P4Q5wGrS`qbqpEDeKm15-|pPIa}})LoTs$wp<)fjhyML&ijbdixXc5r0cE`AvNN
zY2RZExg&SI7F{>lhM*$<I^7OXkXv!-&(p+>@mhik-?lhFjcDU!Vk+3isO{#zEB6N}
z^r{w7;C<BPAQBgAO^x=<UBXp)?<#&O6CRN)^tQYUmo!f*U!2p0ZrxP?sPB=2wJG`_
zH8RQ+`qXvachPl&E?j%-z0qS;hhw8t$xgVke%qrb4x&L1#7D@gbKo_I(z<<b+BRsi
zM)LW7<`NvbsNaLsLR51iTg7Ihk_d6XB3xK?+G*F4yvhS2`O(jyN<h}d^&Y#da3H)a
zUY)TDus6P6Vor(S-@U-~w)sC|PfTzbh?^Z02SO>zf`eb7LidURhxTU>!e_7uSSfp9
zhD@qr>kMK_*Hky`VpZj7w?$mVZwRQHk0KhK<AK!HFM^IPm2o^NoLve#;J70r*GX|g
z^3E|02OWyu8JdZU;<L0t)!|udC?O4+<vAX3a^vMppI_|~ptxzvqg~At`1#Exu7*O(
z!Xoej<}ZHEoPv)w8zakVClf#*{OGT?wg3Z8brOx<2bA~27A7MaWB^VUBN~3;c1Hkw
z@dpCGp9RB?Amn0!yC%$#zWjLxq~oJuw=-!{U{kcd%TGe{#(<xH3u1ZL&_!vTE4H9@
zFum~DIGab3YgLEbe!IwEFA0rm!Y~r)fliFzMPdpc0Fc*OLfQ^i`{bb-$n_oqFs2vb
zKML#L+FYf88o=#M$39l{xa*(q#SF#S501>GmKkl@`Ph{g_+jh$&L=gLmRpHUk?tPG
z9~zHyr<g7J=JL`~%9ypgVMyfH=sE{;<UtelbcD<(Uc5B8MVbC<#COAek^(Y)C02p)
zrYX@*(|+dWX>i0uV#tuRp|q~+Gwg(b+tp_i;s25K*<a~t>~!;5(XSiTNNF_OY*&z<
z5oC_L(1ZhmX!buf`6|W?M?eAgUW@Qo$@9C<Bghh}6tPOCkLU{71dfz%_%%MX#GL^~
zhga)aRRqR!YlAfr3N%2km;Y0+RfD1t^^M2|h>8ELUBR2Ww-oyd6sV^_i4v8{SMhYt
zH7W5&(hBoz$1gGbaUxaSK{r8shk_;z8ilKfiQSjM<id{(%~8!G4g`mLy7zHCO`lTj
zvz?T)MAd!{9|v3&f<-m*;ab$-`l(mcl*jKemDDFgB&4NSbtnN<g(Xmxf_fy`HoHrD
zAIUc@Rr^VR7dHgIzJxW05sk@M=3@eVapT6y;G@?y*7;5)*pnRZM8J?PV-M*w>!h#J
zIJ(SXw&Ta5Mx7r{C<i3Zd>E^<5%A}_<;{u7+c7g@B<m^%B|7&%3-~G3PMdFRR`z*I
zN)v`<ov@5@lz74(Up-;rO+)pd$wpnCr3HJrzQ)s0CciQDI9R+Y4*HQl*50nncRE?A
zCSg+*OR%|1Ca$2Krj80LwCJQr7G_DCZU_@=0nHC#nHj>AatOnrcYI<R{rulh3_>SC
z2SU-T*w$h@qg!2CAE3-XyuSAqEYVI_aQ;fVkj6Xs`4{<qUT<hyx0YjHzP=uTbZ%iv
zka^qb#5>pOHDR{zl)m#LWXD^B4YsZWi3AO+;0?&zJJa_(3d(@uCaNp}Am=a!Ere!$
zdiWcrIE23XOj%mttq=o-G5)K0+k0Qx-Yh|QEJ523Wl(gro1{g^k<{ouU`4cE_csTI
z|BW%y@4*7~by$CHYDrwTet^=TkxP3^+1eQ_bCPZad|XE`6N%b?p9t%*U%7{Zpa?AE
z8>RFc$cd6KT@fWMr8CtUqK$X7;iwvnoJyk*KfF^xBCtyWUmp52Rbr*rS2{V_&=F{!
zABFEhhq^gs)b4Z0OEktuep-Y>p_Sik6x;Eww|jyncdO=iT4DZ;IxX*ZEc-tJJAkU<
zv|?noDsq}ZYN31WWx*S{p5$H2Z=|@h6b(yK`bz}WmWL>u)ztzLq)$j45u=K(1V%0R
znEPVA=7RzN{3fmd`^9{x6&v|1_W%*cb`!It8X%&8fZFQN#0=wnV~Yy=AI4p`Gh~B}
zFM5#BrsTLqQWbMt>Po_h3MTU4Ia@x%`nF=^_a`>1!J5f#mI9fzzw^e3rPy$9cq`~t
zT=V-tY~CSPdRzgEn%YT$5rw2^H1!uaI%*iK384xwKCmL8SU1aSd#OBf-?LtR9_bAf
zu^W}}qv|P_YzXVS45nD+emJ2*3?8+pl!a`4aT1SLJi((&q3K|>yzre?ODpvAekiC&
z*!d+n%Thhl__=n}<B{w7?sDPQGL*rEG<R?`qoIJ2?B@?)ZDvzGO*)jY3&#tKYfw|<
zPM`uU=&%$TNU*Xf6&Zw)ulAs499%|WNOv?>v)vwP7O(CzLm>Y3y;|fI={;G>rrnel
z5_^XG?R3vYaj^tgi7BO?=q}EqRH+EuFwD_+lT9TIQK8fGg%70ESIIX@mRrJ<1-(=v
z?NceN)tbz)cRAhuAtxl7JS(}nR!!N~J&yFXcl?e`#hSi<XG*fLI+LignA=j1XThtU
zPZzzQQD*Y>br6f3IY}(AnR$&kePpD5t!fQWs%*55DZMzmk4+Ta?oytr)sRmNs}Emd
zM9g$+b2-vn!i*GSTvx*BZHxA1E-RvRw#n&lvI_$d_@a&7xBP|O(nQtv(KejVRY>R}
zoy?i;Xb5y{U{chZ9U6c|M~!m#Iat#-4yPRl<+2^R;y<_|r*-D)L@KzeYMJ`Z(Gvh*
z3E926msrPad!%+bt!K(P`5ITvxE(>ZGP#-YG7=Ia!%(Unq=QqbpB+kk5K83rn1NC=
z_fQ>HZ^IK)m}11Gc@XB(?qVZ=w2%e_F_Y1bCn@}7*5rVGO0({`{!)+Acm9@KT_GIW
z?~Q~`Y|>y9$fay(o=si5JKa6&-TZRCf>f-#>|n%V-wK^T>>+J6%@{Xi7(#wWrqK4;
zc7CoqdLwhEWn~c*0QMBT^(ZdI<OiGo3q32yAFwS>ol&TOukX!}a+)j8L<GTh+K~LY
znu!LiveB38I*$_NrpShEnjN_v5>&j}^Dd+`ag%9f2uRK)B(HYuP(OL=E)i4^zc%YG
zX3JK?o6Wg_5Y}F^a_5tNW>C7=za|+Yc-XxlLn7v;<ZQ{NjZh;-?wh+F9ejw68khv+
zZczwef$~8Kew7jACrhr_beYICf2@K73$dh6x0-OlV}^5?>yT<Y!oskx4HW0qR$udW
zD|H(KpFwJo@}E;wQQR#9&Qi39QPmL#EG5c&;^eKo#(FCnRo{jY`pZ;UeL@0tfEVNH
zragtO3yC0LYUD!F)_jn$p!~+!v`d|IRKVp_2^qj-lScqrbg{n$zPgq>e-+Kcwhr!u
zYi^M1iUV8Db=>{8=@PcbFs`eFZ=gZx;N=EMBr(@aHHI-?4H(yqbX*j7;h1~#>jPr~
zJ+Us>5AQ1fR9dru^(pi0L+7B^b<tkin%g<TYxA0cm_tKYFk8YE>Wj(dT{r;Lpd&Jq
z0#1K6*mg`OQ458@%aPPpzi(jM`^Dm7f)<#|w*zU|&MJo6sJ?X+6qrQ^5YOkBGVl@F
z;UigT@3%MRK#5+NF4L4MH&p6@G69Gau`zLIZVgFd5{KyzWiD4Q1QC(H&y99l)PdZ}
zgkrLUAzx6Egy2}_JP`lMaEnmP`=T0w8OrY5JXg>d$Vs_L(gQ5o!{_MxTVsWQhUDbk
z*LG;};@I4bw|l=cS5YJ+?l)OAnRE$T8}TG?sQWiQk{~h9$}?WSujP`LHxQ-qf>5jX
zhz=k<WegVsGl44cD-f`e?kyA(@(ZG>BnS!cYTey4Hov;q&`0m(y?j8K9nI@hp>jbk
zJvqx_b*F+sXetqN(X>u@wz4~Qo{{S2xQ3{Qj~dZCoq08xe{Y!KMjsE&1$5Jbc;!?T
zqRg#W|KOGXw6OTpdcZS@SpZ4sB`#In#`BkiC^SZ+pmjRG@%cZ^bVi><og0;w4iA(7
zrD4q{lnJNh{&OR|B|>?*s7#gZ%qcVBaY=3V%~@c34U=d@F2!MVbzsk!jNb6GZah8$
zf$>|=0PRj{)<j+*-M@t1aWvIq85;bXd$z-QplwUaf#f=ONhNVgCCF^O{+Li2_<w{J
zMj?#%uOrio3%QF1loQJ1rA!u30WS2ThUggBI5^m95d1a8ZOKocrfvO9=yyl$${nRf
zl9xUOdSUJZ&BJ*~4uEJE^q*ZFUBHM`1q+ygwbQMH$AdQo?g!293WJcs>E6fUuR0ly
z_-`7$$ZSrla!N2D^(xAxm3i_<*LM!(1>j&+UhRRLr<qaX4igQ&(jXAATMDRoLEbJA
z7xaiDtP{Q?m9O`20TJ+bw6Mfv^c9IS*mF4~v1f|6DRiCNftB0M+-~|^e9D@77_jy#
zGfyE)Nw~f)dEV<3ThHg?v*EmE4MqhEOQH&%AJCA+H@b%?PLr?7s(>At3YDf%(Y&a8
z?oM$mo5|Z1`i@0m1+=pu=~;Iwz4<o937D2D0y>Dqwv4?voiq%hp@gfd0g)BgG4VML
zBcVaBLg94NR3z7^MrR%9@Z(x=Dyt-17_Xz;?_;()WIDx=M4>!*S9j$Y2d_xOu(Beg
zT^Gn2b<YapS%d^N^X7?k5L0x*a}E7Xjs`RLM*3wd@Q9mrh<$ZfPXuoZVh4+w%Sdx5
ztq226t*Oll>Ug9kN9La22{|1Bf}A3IV2O{0HayB0S{4i|x73oSErSMnvlO~d+M_#J
zv7H8A)asIQk(08hO}l|jl2>WjS~F$;I8-b`Q%#W3b^ke9<4H@P_IdQ8h+QMzhON8J
z97RmS&aJOj6!TJ;Z^KIEd9zVZ>bCoXgV-h_&V&;)?6&~?xgX$-t)0HqulvLAhJ$+W
z21|&DS7;}V*f-7Hm==-df-Oyt=B{$sXWVcYBpE4~tz63<vE{?-Det1g<vc4m&L=`L
zrJX2zW;JUnnLjWN4Aty};i-46CEDMtE!^J0<(ngr%6)5L_=S}h*Fy?Q$|ReMB@xIz
z36K<}If{!>4joN@a&I5dS%EiknHD0e49Or!)Tewa=9Y}>dZsTWn>+Vuy0P84?4r?W
zY#Sd?&H_R6#8OJvWL5Jqi1ou?6WB;Z&I7s1lzH#=t7URrkfZn*VqLGanu{udik(ba
zZsKu|q>s>MLQKjX+}vW%TP1-*cM-4w1vS0dv=rD8Ra>MH7?~o3>}@~=L4}SF+m0Yr
zZ3g%VAeAev)yEmIf`)pJh9j}5OXiDfN@GuJ%HfZ`x(w<wg_@}W+NV!Dy0k?$d8>y{
zZS_~0y!GP%FF$TaTYS~Y2qZd(5K@S1M33Idpl_Bqi6@SAse4~ij{0-hvKkG_Baibv
zNqu0Gb@w``tzl`FN8*i_9-7Q2NB@XH7dZ>mB!Na`2|kUkc#!lV+XN@Y0t_`qvPM)b
zmxx<lEQXabfXXF3db*+7SA9Lyq!^O1-k>7w!;Dbw?3=zL;`&ADhPAWGGofk=jG&8X
z|3DcQ!Z>HAWpad3OT)!aSdGUU2xpm>Q+w1y@yZH+Caze2{{lEz9s7c`iREO)4>YBs
z@u_7S2+RrE@ka5Y5rMu?(nVaEE}OeWpXvdeoT;>nJ35)iI%0A?8U0pj4xCV$bpQQP
zL8ppw|8GY)pe^KL3eyk_nW>4&U<VC|7D3+(MX*tdJV_TQNA-pVp2|yfkQzdE2u+R(
zV%qrE0CL`;8`v<<H0R)i$>kyhgOA_RF_sFkTzDBxQ1YTs_~`ZS97D~UVoPOvfTD@>
zW*}%aR1$D&lmRz?-@T~yz`|`|CJxj~=Zpafw9vrwUU!s;z0maZhVLMusIJc!TAy4I
zau{rWbzGNH?25LO^1;cI875FDv!O%7Q4uPb-Sy7$6uHBlE;KA;hKQn2G1`&w+}TkJ
zhJ6zF@psVNfyVJSfMbq8^CH7X7L$YL(oF4<>}W8AWMV+V3%Ls)8H*Yu!cJ=dyhqtp
z-Z&dY<mQHh+_+YqZLZpyGK+TTn!tTw-)rzzMb?B)4dmxF(S556a1f5g>Q`h;Dan9I
za{7X5Z`i~^HUa3zjqM?obD#Apknr-4-GS(w>i3u*?C>anQZfo?!Y#Y0(8NO=5C*6z
z|EOD5u}xd(pEWwa$%$<PsBIa{1D3_|U>2e>`1JGN&8Lvik031lf3`3{#r9;WE#Ky-
z!HudT!VT9|;YLO~??7^`@b@hBpg<IO|KG?nLG0muMO<Ym33tCn{xRP{s0hYpm0mIk
z7rG58>q!76r9Mf5J<#!uWj)*zj#OX@0e2KmA3?wF+YN!LphyK=zOP7ba`4>WVUe8g
zFc#FKi#FH2XD1=!aL@{JIO-_0BB%cI?w#(<MwG8Pj^*yGrHw{~mCe3QPXwIUgt3HE
zfgcMqW%MPku*U;o=0S~9v<uO3J0^D1u}X5XNAgT2+ZGM6Il>KvB9W4>-LEYEkJ4gv
z&`LI#q!E^cAU;I|9a~>8>Xode^AaOHEz2j+5sv;;u^zmShQ$?|!tj=VbFX7?Gq48+
z$kZx8rjCaKgZx<8@bPC-gFja>goy0qSdr06dpd}k;JnapA;KO|2F_xbyFCu8%NphQ
z5)e{Qt`W_KR{szde1y_q;Jy9sU5UQad;DWDRau<~m@vP<;@P8uJIFhGy0{pqFr12;
zl!LA9{H|Ba%=GZRkz$MCw9jp}rcAFPaAbpgtlnno(v79?dCN$%cZpJC2yJ{O(k^k@
z+cZ8zr%agRyR^~kWkxSk7bnOivCqR>CrZn2Lm=03URP&R36eWPsUw}-SA@g)6=C8E
zQZTr1BuqNwgN|D8o@^!y{>Q?4pd`e@R|>^{$TmbXBFn|`H~_^JPMhcloqKAk-Av9?
zm<n8vMEN@-v=e?cy*XE5{ZuNLh?b@q&Y#&G*ml>~e(zR^2RwppZYpR%RF!(`<P3HT
zjUdhlh5k(B-}c#)o+z^UxG<X(Y67?+T3HkzA~30C(&uGLwejnz1&lt5Uwk=G$oE9u
zIKmlcryDe+YdyGV)r043PS76dE($<}x7JQi6&0N(i-lR1G=jkMNda>K)NBdlX#wto
zp}(ah(}H|n-r>!-)V_z(e*O)hDE1<QX#k(ck1ic*ia*}J9eA9(ZYN>{f{O?2f(v9R
z=HAYB(b?(y3OpwtJkyU-hE}k45lrY(%kyk*WcTK6*oAEkmFpQ|%!b`~6tbIhKaB5I
z8yTF<`;8djMMKht7aQdFu5Dx5_7W59eMC||Fuxhg>-3kYJlE<g?ahDHu54n?fP*|U
z0U;)Se=-WBCYBJ4J(l6il*_R(PeU%~IS0?jLuJpeKOqcsM#uw3Q)}*XZtxK`S@dc_
zwKW}9cw#fApPp+@po8DC9;>L*Ev=kl(Zv+^RHf$Om3jl)V)Y0q%wm+Bz;}=wyrGVq
zgM>ftuHty{VE=Jmq1yNm3S6Z&aQ~n6U{1_M9CtQK5EAVFCkP{i7oU9X2gZeF{C#X-
zBXdr7<htg6gb-2a>E;9{J5V94_W?(Dt7Mkds>g7TtSo=ykRhkmW9C+o6HiVILk8Wa
zmlI|gHR)3=F4x>M?)8d1V%lD9rAUe>D54QQ4A9?df-^O$y1Bby9E?l9c$VPbp13H3
zo1D=m^s<4S(~w%1V2C){li*wdlp_H3#pg}nLhC_UEOP&d4%_;#5`+)O9w?GJH&bFA
z<CCGFEvBRS(?I%XRV(ZoND2vhC=|$n8*LcaeWIu>nrM1g`9L|~52!Vbu747ap;P1F
zMAnfOZ5Azx338B0*h0;;g3MxyXc1>Y;$%>w(<wY7F<H)72CL3AGF5Bwac@U(mgxF@
za;^YV{U<7cY|W~S^fsEh;;TESX*NLxzhXo#YnH|7v!#!$UW2_--CyZOAQ?VV$Vt8p
zkYnd-@p2eucE>uv#Cz!Pb{i>)jrs~6g~m^lFWV@i8a$vPS*q&J!Ql6mW;Og46g<<u
z(u@T&*uu5~&&$gDZX<)MEld_QskMSv!c*2NUK%K-O|()IOpW0{GENG!HH&gm8rF(f
zl^PEB()rb5p_!?HDKv@97oK69Nda=vI>s@K86#FqUQvsLnP#{#5OwE6lpWt-A5O(c
z(it6bV+)ZexGOu8l%5oGzW5VKiBHPwSl71SUa5miNDVHo5|C0LvGJfAT*XFq1J>4F
z3_4WHZ+=E1{G6~f2W;2Uy^%u&JWMpc3eF*UqrEvMj(mpXQz&$3a65~Dc4nctcU=@7
z85Z&Zy#f(Ma(i0;9>@^Ipyc`#%rKW}9Mnh<-&Z<Hb|j-9=jG0h|M+Zmg#Pul^<hBl
zE0>n!^mT3tOOOq!{Tqub6Jw1Nwir=aTucbbQpJ|ESoMI+Nz&|J>$m=Osb&#^MKocG
zvOMl$E6^d0m;IDt953mOu)(x51IF)K3+}lP`AP))8lrPBiJ&f_J479+{&+PFC7*GV
z-y~aJzWgDr4Sa{13$RasVGB2jSUEH&;I{v`qC6PdgJ?}(EcLFfrb^4JW1)D7?vOav
zF9AYqF};hh$wdWRX}igsj!%qKqG{*yAng#r9<H!w<o6VqUGOEunh#Tq3HhW#NV#mO
z;zW7XO^CyObSiQKNATejob79d+9$}}@d4TiP)FJw&wF|X@5*E=4-b$S2zbfAm_hPR
z<vd>7%&P}M71@HgCv5@DzfiGKFcF1mRjr22P958M)#oLU=?~LJAkREO372AEE@LUV
z;YX*Esjbia(rC`Hs3vMlO$I$vCcU8R2`qxWinL-gf5AaZOfn?z3RCkA#v&aJt3`)r
zTAwnZMW`Yk03a}O7i%)6;htv;J0>xTDh5z%m{>vA`zQ)K@qKjNbVasK+G$NhoL;>=
z(xv`?G|2EaFn%f&99a^^W-y1AO<zIv0|fOR?nZY9H_v+xbDf~WWSo*YRzz-fnYCo@
zWvN?nVW7`768|1|!GEmfqmwvAb}+aRuyTYvN=6`k=Q7qJ@W)Ju!0go?air3Zo^n+}
zh<-IbiV;ombFQN6K<!w<6VRZ`rdLPHwaKJQ#fhD~81kZ1DN=*q)pz9&CO_4uN;DUW
z9n#1U3+64y3Z*b^@{q4qcB9po6c>`41K}FYoK_;O`I3<4@stMPAvPd&0!GYc*w}Aj
zj3U)baNy&jIf<tPrgB-$4HAqlg{M*m-D{6tz-c+E1}}?m9Ei5A!bAo$p)}$!YpO{3
z|6R7LN*gyRAUL#QjBMooLz*`?UfcoXGruVfEjx3`LVVQPRl3%ta8Qs|0(7nIPF6~h
z^ib6w($*YV?wW$RKP#<TyxRmAwmwUSsuP;b8`|`UW<4KE7?V%1eDII|)hG@N%#PZl
z7avDHY3|K_)Z#I%o}+y0K2ciutk&GINOF*u?DRbbp};xH!uIc*g4|%`=@=uwr*wm8
z@=bnow?Sy88TDgLTr5jJ@C|_THzWZL-7JG0EoA{&iSVW-3W9+bh8dfOH0&hQCH<&q
z;8ZOSb@IPxx}JEN4Z;6O+7tEsq$MmXuO;CY7QC~2)hsI$SV^oP!ijGxUPl0kSDqlX
z_4W+7qH^a}U}Ugfy-9_TsqZ}+><w5__tj{+di-e#SxJ9{7AdQ7Z9!Ag<!yB(<7gaW
zI4y1W9oe&bI?^T?OF<yMQ}UF)6k!T5a5>ZB-dv^T@)Othr~>DHOdh`I3?xr3C%NG{
zjASu9GVkxl+RW%YSb7{#p_{$fvIhB_zL^+pY*uWjO_^^Lcit;O`?=uP$0rW!PnTMQ
zPgbLym!&}C`17$`xSbj47e1^)1Hdd5nT}p0BQ}!h=r!`(ChpzkK~r5%Z_LGh&_KS*
zYLR*GFO+<yG-<xFZyG?4k5P-Qnf=Du9!+K7KRF4GNK9!J+!nAv4SaO$NuVC@h;}1v
zWCu5twg9Ewdu3C=8(<v&HYk&b{Ryb|lI~{{-Ni(6R)v<U%G4_40I8oUzTIZpKKF-&
zk2Sz@jj#9(D8bE?3oG4)h2IbUT1E*EO6IsU$15(D73b_iHqaxn2C;b90lUZo;6p6{
znnLh3y=)n?o8|X;rUdOh>iu>ji*bcJv#|osDfT|i4J9M;uO6$fxJR2%wfA|+0tySX
zm{nTm8D9~0{4r*kw+Pd$u$%!a09>hd39H!nG1zqi@na;UOxzs(SQ!hj6(z!O%GjHm
zf04;EIahhIjBbvmCQB2yu-tKey7dozI0<hT)5u6hFxkm0<HjtH!`@Aw2MJ8Fl_|1U
zaG?GS?zPCEdA8}_peUG$ji8g(eLm!l{7~mt<7x%dDf<A6O3BRsY}s%{4#ge@+{a%(
z_1~liPqWd{`0p4Pk|!aA_noVW)%n~~UE}XeI@q{#abpH}`gcSATmU0+YXP!_LF0{D
zkH*&@*AA{ay}mgW*l@xE;@aTAKod9%i-A3MV-P^VNW|d62zT-hOFx%SIY4O{GS9${
z30|UpSNkQYk)e}(M#$49-?+=B8@F_o&?M8>OaxfAU((;SkqYCi+nI+>ryJi1Zzy>k
zp+c8v>ZP7a3pSp<<(N<d07-n68D!Vp_J!Gm4M-c>nW4GyUm5sJ0l2da$5wDEN*a2w
zjvWvRUmJE-w7r`B{Y>wrq-GQjso-H*ChV5%=amXqnJZfSi)O(Yu6)UW{bfAY=mY6T
zvhV!X$wGlZvIdx}L`>mB3=`i$fd&WAKud!$yJmC_(hxUu-dRpfWYjk;$R|2H_Uel1
zbba{r&}&HN1xRX`2Ns+x3n;f60;rcNyf`rY<rcf-=SR)M*<c@rP9~wC02@WVkkOo`
zvP2o0+Ov5Ih;_8%QLH7&NXyzewob)j>=eN6HJcYxmO>i|)VdyAK1^)Q<zIv|E6?)7
zAS4+2)X#_Q5$2D$hQ%L5BL1gEZ_B%Ub>Z6EIt-%Izh$2+g^-D<v{(&BwlVw5bd<9o
zAwqx8r{@&Y@U!u#!}riaNLc<mT)O8ZH3lNAUcD}{!eoYF0C@fJf`A5`PSej*TKc;c
z$<5OY4l>H%Ezm50UE|fCjY=l^1*6p#lfZmnxsx$A;zgm*CE}=bCajD9YM&K|0l8cN
z94#i{#$(Mk&WuiY0ii9xs-<+SX^NA}SW@s<WME}=K=c5D{e8oO_JYE5RB4Lz#s-Ck
z1_68og8>zNA5P?(!=r@5>3Trb@FGbYUL-Z(sV#QL1njrY;l3R5CwT&ILmXEY-s9yk
z@N$Jki-q`}f`>V!Vq)O(Y!EsP9CR(7<+Ht_#D0JW!Y(AeKOnGM$XEcr2eN>)!SMqL
zqR3lsYf6{-5Q2e^2XrGLW;5~QFm7P%#>44ky*$`$W5kVk!{`;^hJsh(o80$FCA0Q9
zGqQ2FEWuK1u))|Z?Gx5b@KEq3{3!X6k90g>ZThfsolp7H){-@jeM~Mh%+(l@(y>3B
z$lC$Gy=7@n6$fhRUXG65teX<r{Hu}<4^^Gs1gZBjJwi|ZmH7L^gl@Yp26}#kpc5=(
zOk%PHcO#C5*x3vdHSqD|9?MFKIp+Awk{om?i&A4`Z}ur5fFgk%U-&0E@2qX75N9%o
zcF%9IOEBT`IxeXo@N6)kG&Vx3QpzD$EG5uAz_fwxDvfq4*j2nV8S<agh!J;Pg+>A!
zU<yJF@9m2dSiCr3G0b)DFK2Ko*<3*|Cb`2C%H$OC8IVEKUjg?A?0kmhT3J~Q_q>wV
zO9~J%Ep`<O`D+`m_(+CuTGZUVOqGs4y|o+x6@&boA2NC8?|<6)S;@TmC;ce!8spvL
z@!V{T_Z|@5%^Jhp^I_aHhH*cL?dFX!?*ABWG{zEn_kaL56wt>a#)rT6<GCl|;*W~-
z=#BKfG&=wo{s$F}Yw+Ko7_UIEq|pn5huYR#!I7=r0+aAH>89+rgSC&=rb^!^K0B^#
zy<R^3X|lik8<q^eq7%szVM*LiAZ0b_aj8I-R4)+D^w$73Hk~NYRB;ZJ0JL>XWozec
zYpoDQj^KeD6odl;$6c<S{p;*_7^Qw`mR<s<0Ez&O09Z`uS!I>S5+;w9l&SQZt2hU;
z-E~<!<y$=W`jfpB^<eF-a$~HsEI!rY1yWva3(Qlcwpp9^Ka<H=IBIEZI-JdOkeF!5
zuy_-iiw$QJ@h&!<&gMmMBsMH694eLtL%`U8Wq?wloLr!Q$wI)V5|E(;I4DgCwOrx(
zOis7a9nVLb@O)O|`G6oQ3ZJ;~e7FqHhhBI-6~n_2McZ=A4vNMcX{gc#p^aV?y_%vL
zNm#dEO(pQ)1E<2_J#aLy^Nyl#yx#JH*Ss>}dxd38v)?+_`z-#TUgchUUECXYQF*=Y
zJ>PFieUGAlK^{#xix#%Emzq3ZTfTy|nWED8wKhJqai{`-KwCM=&k<hREcQj3EYhQR
zB+3cGE%(o)%whylem^KrDTDNO^PotZ&sdmG?{}!?RRyuWvrfrh7t8BUmnFd7RALo9
zAKsg)|1lQg0c!0eJ<GNSMNa8qf+e{K>Q}B~KT_C*igdY<mM9m36K)4V6GpGC-IG;K
z8@tB1{im0c#83yj^LWB0SG%skjq80=x~(j&@s!e^@OLRM?%pc@EfjU4sfwZpr^H~D
zUxbm>KJi01UCs>>)*~i&c2(Ps>Bv@fALlj)r|m51aO%i4Pbq??JVv?7VtJIFbZ+uh
zl+O*PDlO?jH#^tNT*-%$Mc!#V4{8LDF!rD7Eb1AYZjG=fPjsRzrA|BSm60Ac<(^{m
zT)3E~8#}m5Ew{ClTu)Uq!%6eyt^X{;9BK|Rn|W!<tr^ax{Oa0nwO@(=sMOha9Z4Wa
z3R3_8016f)n9C=V!Jwy&K_6tnNr;z(m!mV0EDoWK0Td7d7=QyJ0e}o-1c4a<(<=%k
zC^^GFIr6BgTPb=Kl`YK|CvABN3Y>sNb&y|k3?e;dQ~I&`<3U5%R+-^B=j;_mR1%ld
zncKqcLZ|<ux3$bwga|sV25f*q!fDukFxHXxzJ^!x&I5`S6dgw3noY1Wjr7gw@{Pgo
zEkve;P&iUpQT#>r-u@7asPgd*g!284+Nsu*21X*E!?Fv7)5!;qr@yuc#}AY<sWKsZ
zf+w>c?w{!?+&N0)Xx*-Y<5fN~Iob`wRNj*^(4L)k<g5IYs+x>f;@Z;O|IpHnvA(_y
z#CIOW?dc|@IRX;^=ti|Rm239z-CT9?G@mx37HNtT@P_DVZ<DLe(ilPvg?1z(=P@JT
zS1)d6*h3pfpv6o8yQkrC!?O3L$cYI3uf${7H2=$e6;?G$r<O$(mcw-Ss$=KYLFB%|
zt!ykTKG6iJ&U#4Vt6xfVMskiH-!&;!GzPL}owJSxRzU9IwsHb$*cjV}d@+A@#Cc{r
zAycs()_Fg49@MNkio8=8%=+d?YrwxoZTbbC-QFeRWQf(CzWMCdrNqNl2t#U-LJ7xO
zdZ?C~(g%Nrqz{E#>|grw4ww#;KidGjcOBFe0VLx*BW+j6TPe?i=$V+npSl=TW_wW;
ztTNGo{Xh3NG5%d4pj-X=V5g#%9;ON)=U*Q!&;6L$E*a{E5z%{fUJzj>oI~b%cX+dY
zV>sGro#odD?pZkz@5JD>PUta6u7t*NbpFqi#qvgfnFO72MX&v%rkfx<5>C6#zfu7Z
z1o9nRp6W0r)%AEV#<I_tn)d^k97>xNv#b6OWZ1}E*>iC8S1M8Rqt-%O76vKW(fa-v
z?VAWLmq4JQafuP6_2dFjLq~SEsVZucTjrm_Usm{XB#xMNTfc#RoC?_Z(ShdUI+0wG
zonWMmb8ShObltGiY?`|g5QzgNuUyC&t{rF_$E#w0T+zh%m%cMNok-u$la5zUMF;BY
zX>qkp`_#3gvo>=P2Z5=hG6BVm#ZeJfV?&)LN~NqUk~o&#EjrOH@rB(W&_LRHt_6Qg
zb4mry_|KQcchJH@9%fMR_xdpw)~Tox(4JybLDFv^hbz}ams#j336KG)2Mrc1qx{nx
z_cYqiYg_WGd6vyR2zL{bVS>>X_6L777G@AvP~C0;AlpDv;*DFJE62t8%Jc2n90%$E
zh?04Og$z$q@@rKt^Ns^thyb(EhiSE4aC>HIiQ1Pk!9O@;FbY7}P#eN9yVyD%A-oz*
ziKTyc_dw^1d0H8GgS>BY8By(JxZDQo34~>VuI#>j?V}mhjkX<lj7fKc3Q%>)xnIaB
z`paTXVG-scge`-;pk2)>5RGKL)0*G$mI1vN9KUEQNLh-)6Y%ThvtBg;dq^GtBsr*Z
z@9d5hlr-5OI@eDJ5my>>gbWPyMFG~nHLoBUqapyT9aEhk6CY3txuozI3jg7OnNjBq
zT%CJBHA71U#&XUqynBb3H>o&3r`UOEBFZCF(nA%)%!6Srd8fKsU17T8&1ns9xhm6P
z?Ep7G$iL|u7LNO!nZs5wEh9l5EQ}AIS7gEiffHYg7D_1|HK8{=N{T{29cppxTp~jQ
zdbqDb#EEoVOAUyY`dM^0c8#-&`+Jn$*w)-9N1fx6RMAWcyZ8CaBuJz?GGy&?JAyCK
z%r6DtK^*-{7lfIne<dhCNJ0q(8II#VSJb6ew8J~)=2!!eej@L~&tY4@b%MX($H_+N
z%!%S<2uP$0PPy&55^Dp4TFXf>Wiy&zYpRVuBL?09YC(zqxb9*D-(yPRJg|{kUTp@O
zNeRiFB#j@v)8X{(v8roi$0oojl{c@fA$mSZ#<^hvi{>5o7iz9fK@LdA3I-Z<<O2hK
z#(fg)#6d8*7zo&;g|`}%GNOzyr_{p|81VOcI^wbE=+;;Z*9N6_-Fu~daMm9AF*@pv
zEphe*Dq6j^o!c+=1hxBii*cgqY?T3qhP!TFpwdl8N{+sxE^d2r7UFqMp_KS6C%Pzj
zwW$Ow;>uhxP11aq#3_XUD@m0GwZV^@nCVwXoQLwRnkxb4wqH$-!sUqDD~W`8y6j7|
z*Z2_mA?qNWnT)^C5X&ZIunvPS0cPv4o1)jjxL)~rybc)!iQIX900-|C(hbr~;<c^1
zjA$)3M+)Ht-3&6laSf;?^POf!WloXovxiJdEfB9D08Ug|vE8X2O$MK<P+gcx-C6}l
z%is3fyD=`2ch)-MHE&{?d8)Glz}Z!SO%GvE;Pm+W9<F3EUlq}yjyx-IK#6Am>i-~)
zGWgeU1(wMqnRJ&HzC7ibSGL?-#{Arn0SkQ8YijxZIu#KRexNicTC>@8q5=I|SrL2|
zSGKb#z%k6i!srecRvNX^$F2XB$n6vh6AAU{YW+fDg!(uF-@NOSC&;`=jr_RKhg?T7
z-h<d&<Sej?A?mwhX`gFBApOH$CUx#=#cgyS{yPqVFiJTE-4ljsL9URMfsObo@}f#M
z7YlGX_sUvX?if<DUG~-*V@O(6omJQ@lQ&{9WRiv$JCHri1TX9INv<9mg8p^tEwFY7
ze+~L#<WO6wBrCacO;7qf4DXwet_NRO63f-Co5()+nG=XF<wQ040}iYlMnrUeYcf9o
zTVbeVQ11{e^!&&DG98fUGPC47n4toV=Xq^^G`K<`i$tP&Jnpmi;hu3HAtJoEleld^
zQKZ4s+JcmBRLv&oq=#EUxkrKFI|3!Y0lf`&&gZ~hD7<13A`55oGWn=d38sPz2hbfi
z=;)#27@U!nB1k>8);pMHT3XvWyMtGghJ^zN7Z>8!RMMf%1tQ(S>72Br_$uDezb3@B
zhlQGqDRzn{a(oc>)5sLUrWzx)ioI#H13HNK1u4Go%u9B0OBMc9G`1fG3(K}gJB{-_
z6iiZS69QUjHrK`a2LUd3mu5B|XjUW?r)TC@rqm&nQbi_s;upL&w31D#I+J^9$C8Fh
z)T=FIeIcUCWVL{z!(DVETn3fN-%OhG%b+*tSr7-k3kJ(GbM`}73C)S;d~48-5b&(;
zNw|ezYRZ`_DsVm{3wTPJ#CkJD3BaFh%A{+}L1{M?&gf8LG`#VEp|hkUaSzl<0o@2<
zc|Dv-vf%nkjUhLLJ~_AzA|YdK3Qq$PusNHe6AuLD32n4zNcW&;Q=cTR8u+e5%GB^*
zNSgpXWxuAx4GMvv-{&~W;(9*-sh$(q^te7*xD}v_6%X`c!#;2YA(;YJIA?^&8#0oY
zh~fie9liSAc9`Mua-;5i4*W+BEfZ+`7t*B(jT;qpNu-JZdZ7~(pv?$G4=NBje3XoO
zVZs@*iCwip>sU&iH4A;x<kfK(tizu{8{&hOG6fTES~8!zpjXe(bomOZ=fsU*cjZ(&
z1@wDyU@R_AoZYMsIT`9qFpua*ixHPsrgj{A7!P+(PaR~K2ABO&0&QSw4eL3DwpNs?
zqhBZ30iFAB<f;-n*1$xy7M(VWG6fkd<vF}11@)j$AGor1fI#ip+0AJoD3y6(bHqB@
z8DN^QOB&huJUxiYdHF$&8Y#g4cJnKIBxGTYz9}s*CKzi|UJC}C42n4x9DpA(50Z%r
zw$>p~YQe=e7Y*B>7)&cf2wcgGK5NH5Z4FfWL(bM=q!7aFK@fBUHn+!<%*c|m7t>Yt
zL^+U%aeo*~0Uxutn!BULr@>3q23>mBds`*n3az#80H+8YSLiLSQMOfzIw$}JeFhKp
z3qs}n+?XHdALK2PP5AHC1}d70?gk-w^6}lAg;uo>`}OBt95$*6Li<D9LnvzfOX%U)
zvwtOh{F|kiDzO~ED%tXFYAA__H;%!=Z+0(?j9~g?L(Ba7&1`WSv8vF#IO{}~D?*>L
zpoe&!U6h7*U8*!tDhB@Wk6BgW7dHfeX&XDda-lO3vQ&sDdDmQs@r`T*Y1sd`#KqRV
z;Mp|@g+&n=f~_#zimw@)!HM;d_cWNMU*+F6NYP@704Zc@XR+jCSwr^q4Dk5K8}w1a
zGs3MTJA5W);x()#N7ysW1<AT=zd|UZ7yQ!jr0aC25{|4F)IIpDtl?N-LN)@Q#9C8N
z=k+X@D%Qzgxse_g$^!tcfMfk@Z>0;Pqisk0%rX(kIL^uXTyGz_B$^J_QVgK}(_Uro
z{#15)#M>7A3%9#+ADO1viwjom5;JvHyqb;A$-tu;O3N&Q;?As$+qAVp>dXG_L6P56
z-?I~>+A6VWd#vn=+_`<16#HQE);#xc1PWr|G7Uq`1)Id6v>Hp-v~WB`_iTB?CqcVL
zQe)ojORYlPj%wK_TmGj;96OBWrVrX(OlF1hC%dH1f;RPYTSz3@u#U;O0FpUo?^GG!
z-d1h)s-Um7*%SmeYSRR73~c2m+AT6`$DYa<Rf-r?AS{P04X*r;qXE%dhpXnAPHG-8
z@5XZP@35LTIyCW32R<#vjIH)cokEzoDiL6^l7yiGnS1c$NQK_@%$>8ZRL(efCmWES
zn$1@7eM{Kg#;yaT<Fn34$dBUQNHxzf{@w<YjN%a~`?pFkzIh5e>|+MXHQL1Z2ur6+
zXLB-NYGv7>Rvj3g;C<?pU{(j<xkf3XAh^U#PHbarWtT`?aBnz4T&1JZwr|zU1a+<%
z<uFNaroiC1In{FwegPF39Z(G-o-w$zvetZ*R@SBWv)Yc+tWBJ;Uaet=#-Z%ra{wbJ
zF(W+bP9}GZw_zW7K?LaTalQE}4YfBhk)?2LcI6K2g(6r6ep23?T$?axl$?|*s>46d
znZMu1Ng}ZiC-ASW>%8z&uT>ss%IUJo^`hI^D`=kxC{e;7>^PuzO8F%N5w+_{Fen12
z%B@5t`d$lgl$b;#50ZbvPySN<F!z%I4Jjr0GQ20Ys7?Ync)IZuOOz@+Wp^Soh90)<
z^(k(*sK}j6tTz1JNi(X<j-2!!^$d|fV^HZNh-xJ`%QgH<f<8_~{ATTP(jVx)qNH)m
zU&(K6E$IJjbawz_Kk$_+*BUH<vskgypHVQp!Vm2))wx;9KiCR8{&eru_l5nAcG%3C
z*3H>YMO0t62(2|*H1b7c>l!cp+4C%O>rP7_ZslJLf)p)f;cok4wf)gK^L;-3H08NV
zZ@%4ZjHJaFNn}APfSV5PBa@KQZ7IFRvXXyVqQDDVPto%^5Lu28D(534J2p`fz&knX
zX!mq3Vf7ZbyIcoEE)_lzlV~^Kl3aQ%8yh;Tjm5~2X+XHXdbAmZ6y~yKK=`yLnHCa4
zm;UF~qlG}OP&rPef{H-a5pgr1nvnV+74U=SmM0s5{j-cEhN@L~^?q!Oeih$kqgKI3
z2<Q1LG!D;RLh;LxHE6(3UEPiOoxY9MqlIaB(Tr94WvH7dAA>;PeF-JegGVMTX>|+4
zO(+a*d_!T*qgc5~_fTd<HkyphhThr-A)3&vp&{jTYUP+{%_E)NotA58Gs!GrI6K9}
z|KUJ?uK4J1*pzDkizNwY3{|gD6leipM{X$e91y;*Z)@2MAMz8(glTA1e}fPHj|&6v
zKZKKv>4`k>mcWaWe|^E53ucfY!bs*$T|-ZSAw`cmL?I{7+}|}ZP`Ee;wPK=J*mzma
zQrORf?V-4nB?N1I`o!#bUYY_LV5cp`x7s=fqNG>IiW!02=CFKJ2a0kl{!Tj@%SDc@
zO~J5Qv(!Z)SP}V&48SB{>85Sk2BCLyeu^DlU`oJot$6NxCj>Ds+8XF_`M+v_V~Qmk
zhIK#Kin3oa(h)Z$QCdEHF6Nw#XTZxfXAK7g62>anT{ON?qTDY|^5=sd#sC{{fV1QV
zT{h|Ry+y-PokAjZ=M_z?Kk1D%3+0VPW}=Wd@wtQ3-Y6qnC8WR-iaB(C=i652gw#Ds
zRNDQFx<*qM$~SHs@w_sGAl2q~<e5cgo3MrVFl~)jfOE1&P|h<c^3o!}87by{Mz1r1
zr@FGy+Vsc31XONAI}dfT_!l_Q?f?NZ`;@LC%FPQIeP_n0<BNqd#2C^+;`s!jlGp`|
z)5LI!j0kif;wLN2_l|MRG0boR?FiLTD7_Wv92Op+e>Y-83!Lo2L#Y8B_%nV~5aZmH
zR80Pp)Ne-}>@eIiHEW_(Een^^;_!~PaZ?k9L2AGvd31}}R5kptR)oS0mFQnVWd)Kw
z2&;bi?K2hUinilKfRYUi;xV(xU7>gH?Yd=#>i-aCe*y>67>$t(Ur6;!zu2@qr_+Rd
z;#tBLQ(9p@?_oQj#27PfD2e20s0sHGSS`DI!<t~$EjwwMa<JqjQ9Z?(ZVRj-aNPzm
zE^~;nIyCZS`9Ln$u%+1BP|Qp%IN{|QE6BZYjHHKPC%O6`EGR*_9CIGC*ijY@QL?RL
z@;Tdpe5`Kmf?@_(io#Ac>)Ns1hTiy`*Yv!sLYgY@VyJVgRaunD_Q8_9FO+f*k~)T+
zbck*_y%b|n(+3w7ph$}5USCOR7q~N>#6VuYFnqg(aeB=}qW2gKSCpCfEm!Ua`v?rl
zl4PqxT0oa<C{c`JYktToS{F1^UgpJM7!`EDzeggAEcQ&*wCn90S(rYgm15t>JlKJ-
z`vM``2{-b^y6#XV%0*C==@ULy5^8Tyy)%t#Ti}2hQq4n7Hqg*{C(i_^8p4>MJo!)w
zDAv9CZJL;g0G2STg~ml|LFUbh7N5{iICPg5Ncx18JK`Ww2q61t-@=L_xXhqVH3imm
zdX|<Zd1eq+VvBQ0i&o-XC$>9jCFL1;ld23UV}2-01vHCQ^pkpU>426~hT!(j#I9lc
z`PvCN9O*?OR~6h~KW`dS9e%A>E}QyHfi>4k*hF5dOUWg@u!n9^aCKhO>ZcBR@t|4?
z(9)CacS7*h4xtOnF<J@6Jh`9!V|lDbr2JyVZvWp()5t8~$4!*!+=!fe+I-LyK2d#A
zv4t{{m~v=P={!M%C!UFCzVe$>p)U4$IuaBUn%y6+04{(Z^Ib`DwJZ!U^Ln5v%0bi~
zh@P%a!H39~Ut=mQ`|E_?`<gFq(QylHzzXUJbXdRxYeE%w*Rk~Z`-!&6YGO;>m^5MZ
zHXDJMfD5-t$MUbN*(=x8Gdnn?aG$$ECn^*oBr3^RotjwWR`&p`L|K)&=&V*wI0IWQ
zW||7ys%TF5(hU}$V}ZZiOn;{LzF2aLm+)}1mcA~9Kse0Wn>V(e*!7tzkB@YE|K6)9
z4FZ`oYynhmN)&Qprap~}07nA47;{&zxAE{<&oSG|;36<LB+*(flyYMGjW4FbLV6X7
znm1=TECwN~7??JD74ehj3jL|F;wA9dicCdKjCVSh29dr4qnM?IV2^HUK#6_r8ilEW
zT$E_x-hH=G0e#tQNbu5CsHn6AXGV9-J@3w>*7n=v59(a;<A4#5ai!i_42wvuZ<js$
zBjzg<h9q17dP2UHY~4Q5&a27~XL<()KT-=MbA$b2SPWU>2hp9M_)?$O7+y*`>u879
z!V+XT;{(zCG(2x#Fo;-8LZBpZ3c$46V`II7U^mPtpS#J=1&er14+j4DE^U3jXLUca
zAk&w23l`JtesUGD?{}TcD!|+H7-xU@{OLIb1-i1eN3KkV22tfOq6#c`KISU=^bYqu
z6n;9pwXD1>A~+aG=Nr57)Y@#D+Mco$LY#Ud#Cj-SU`~%SDNYb_SS1PL+f-RC0mf72
za1CA{zlCL2=MqF<Du*_sc%d~9rYLmfn~8WLID|)0dKqF|PH855#5D?+#xWs30d1hJ
z!+Xs9<y-l$x4m=gT>Iv9`Z5A7gz6h|>Npf3=1_-5mv8zoZD03QYE<lB0~RqWPbk|y
zMrvY8jO4)QQDpF8i0pBl0HNAZ7x|&X5mH!k4rWmrN4eu0Ypt^uxnj%$PLdc^<F<&}
z;LjB3sKEYhAZ0JyphA8{3!_!OcR8zqtY!`!#m{%OgK|Ltrlka`E-r}_NA;IC_hEHO
zy_oMTmcC9k&!$++CF3osKIinQGZPD==oeC4`~b%M=u@n<*&a=Cf2NJ51W_7uwAm|~
zg!xZM?+r59HT0Vj7HmTNY%k$xP-i2d`U4Mt8pvLnND<Q|5_EMD<_mh7dv!gr7B0<4
zy%7_tg_{D0wOdDyguXGK6Du{U%-s*S(gl@<*9lo7im;~Wic=M;kAtODqBg`zdYTd&
zFu}Ph>e=5ETPQZ2J-Ud^G}$iUoXb%_0g$D-6T_LfSZ=07vzeULY9=XljV=to;f@0L
zs*PPMlF%@(C3^)AFs2mJd=0$Or=YJ{iuCegwcmHgz669k04ADIB`}NV0oWn{v}Og`
zJEeDOq@>DqEAzV9y~k2H-^gP7hmwj2J^@PrLjXbmkvW4K$n4}t<{x%vc5?<k%GIzB
zlZfMbRJ)dhV3%bp%ODeoL#;ee9c*i5*=0Spsu;wo7PSu+6}had5^$(2mL-r~XeW=z
zRTq^Dr=w3}&Y_ncqjzTReZnrX7xxm35li0)1){qLIy@c5$N90r?|aH`Kz{Btct+k9
zd;=Q&FdaqB6EkPT^Z8tGxE>v8YyCW~gbybkH@AHl)NYyHX=;e!#MUFD<5Pu4B@ZZg
zFh-8w?WN{#%5{iJ=F-pRjXQStP&jdWO%-Hwg8aAvPGkf{r63#$2B5A<!(d4wsw-kq
z9Z94nA};GOIXEzIPyoxa4V5VvvnY_I)MuK#AHC#Sw&OG^w|Qm?pAD2A!API)W?lUE
zRL+8cxYC7KBuSPz5|JzyVGTpdkc@~-6e&nSK{-hWP_S2@Qkq=Q&9e3QAKF;DuRJ#O
zjVZX7Lc&j~esVDDL`PZ86QDZ1o-L`9bG+AD7imNFAN?=3o85NltaPD_?9jPC+dL#T
zWz&JifD}?9qIXP5bq4@%F(6mo*WhU}^p1Y_CFuKo-Rx%VB@&cqqzJ>fqblzC@Ir==
zhDxrrGxRj5+;ZfUy#_~ylEUMKx+jaaxZt!M7fYYwjvmnEE^<Z>RUZqrqK6g^JVo?S
zN@A%SdZ-xjWQZPB5BKbc9$m?NcIc6Jj|MmNNE4oq3_YS2{HY5)mb9yp33a@ZSjw3(
zFntlx$m3;rVBLT8qhVKl#AQt}Z<-yR`y&W~1>NBM44_P+1|+C;u1zYbxAJ}))>_xQ
z){?r{FRx-|5Cnrm0xaFrahh$wO&N1!iY#@7gGljL#o|6_v4c4ePxpvA<8SgG4iVT!
zM#rQ_y&~l+#0LYVPv2y0#N}OSU508h(DmdjLB5A~#!{!1dL>j&k*E4poFT|o@SfcA
zrq$Y&TNNceqIOU_4`RKeE0Z6ZtP@XSKIwX=iO{4xbE<HkRVX64VOC$%vlH*mszMt!
z#|n1Qac?_&R72tnFf3!g9m1Jq$e0Y8)f(K`g%)81%b*ry%I_nX%i|%3hk2Gdg@*QY
zp*)IZm4Uu*YGGo+yukXKC74MM)X73ZO6wczvl6|sNLkL1UUPe@9lDo*#V`$p`$Te9
z#0r*|`t2Ec5r3ZEI!;gNLv1-6{0D)+|3jM075$GV_&59wbJ!A#yb8^w1;j4EIxjoa
zr;M&d>vz=8?(h<JquxlJF5}_@fuJ!2@SM@~q|jzinlOQWi!j16D4TvphFp{jb$yD6
zPb{^Fr=;xm$Fj6O1HdhP0Fol-+#lnS2_<mYH4LUrkUbXv7_jLO?u<!7|0nrIn&J@Q
z%Islb(yH*y5SX1`+8HS9ip`x>szCFxymc7sp4sN2EidG9A@Sa7@dp^{z$%W(?=8VO
zFQO{aLmORx7J8f&^s|5)ZxBvM`=2vA-u;og2o)&nGfof@E`tD62*b35%V`DX9q-BT
zFl7PsrGNRZM;5ZlnR#E6F0RnQc^K_GsK^|UQ%Kr4yoU)|Nro`|Z8A!NB#%rQ;R}P~
zFi9|pyqY1v43BEd)?N1-3Iw$XsTQv%gDf^rr-@>jVrM-y&RP6mr$V=j*g*)7e*`n`
zce)7o7<zZ-g<woU*eZpZtz98#SQBW&e6h}MD-<@-AR30yC=P@We(e2h!X1j|tPRal
z*KU-)6|#AV84-xfg3;;(RlCuH2^jggfUkWYbo&ca7QtD21wAnyiDhD(r+bdJ$^NM$
ztW6bvi-Q-&5{JPwfvzAZP~c&O%%5H9Q9^LylBl?v&1miuP*Z0rm~DrFkJpZ$-<HQQ
z{;Q9{^5?iZVY^6MEg$*6fyMfK+I=m~Gs{$k*uLM4qL<4eSy;g^2NK<AC#b3>jr;cX
zFh~Am_F-Q7EowSZO*BDy)*8v17jtd4-H*0gsrsfTIiJmPXknQZoqcJVo)7@&RsKJ#
z`oJ}=*&jA~lS+-7(B>*a5D&q#G$NX4vulC>WAIUNiQ9m>{2>#9Y*urBvGLQZI)l&7
zT}JUk@{a?JZ|w+H&`w4}k_`dg3YjpL-6ERefkNLGLmcerB_PbYG*b2u8ARHwICdB0
zr9u+*yvG3{mFb*}{T%2s60DUsm`8m4y0lI=*(y)zoR7DJF-~is$ooYSezi~_J>s%~
zci1V^cnT0jr9E62YMZMi2N#2<5%*aF!>i;3+8%gpDQYO^slkWvq;jssSQESkQbEcG
z8TW7!WT&CwqhW1n*lkPoz$`E-FYb*(9F5~y?W}-AG{SyS_a;DoGKeNN4vI|6?AV+j
z&u|EsTi)rI0Dy!&&oR}1Z6q!K)Lgt69CWi2()+?Io>&Kt%#+<km&-zc0swO991d#l
zgdmJBCe!r$x+4evebmF-(*iQ!6SJ(rK;KIuLcNhA?3_V&02V5-dhv!oJ^ujW6jD-+
z?|%c-H~;i>OhMK13lW)np%y8Xei)isqv~q7Gmb7t(wJIJztgDFGUMr_39_eH1B4y`
z(nlN}P{}rs&G!Mw^ij4Y*qVXA9i=}LM50|fu9=t&M{-K<CIs<DiFS9QuR9tn#1TSP
zAj8ZoxpazMi;+RX?)uWIsx4NkOeu(ViT?lI=9N*|BZ~_|oWp~7fW|Qtn#WsPz%e{A
z{X1GhO_*{#rm`9Vfk3DM^JF+-3_^@jh&Y9iF%#JXVt^EsVTq!Ykwg(f2ni$-kw_v5
zhD2zZ=3g@&_KQ$`(oA5=yO@ZwhJGb;l=YA3r%UN&V^6LDH(jpj4D_U7*)Ph{Ueb#;
z?tN&9$7(5isUQ4sXU22v81EhTGyo9lhV<<d^?cWxseqg_j$P*xU)@!ZIQ~pH<;L^H
zabqFFp55g6rE=C-HWN#ay0UL4a$@opTRP$u#7C_ug<OSWY>EH0wXvBaK+U2pev`DQ
z^KPN=jT7vnF0YXdp%Hd+688lC#g1rS@H%kQkZkjjIBi7UaSfoh6oV6fZ0^DsDn_nZ
z-H8nqXbI*(+ifGXr3y4+d}b0;%_LBUDvj!jWvPC)fKIPaG0PV(<UYVQoOm32+)HPb
zrn&e}jq8@~41yZ!04Z;2jV;6u_=sZtrIQw)ye4UsuB%W|L--`!Rd%0jsf>$Tl@EK*
zr2!?sm6CtnIqEh*lnR%Ly30O<7nTi1{%kq9BLvpiBorq8SLdo<)m|Rx_d#_K4XCN#
z@IXGMKxR1}=f_Yd5)hvrQC%7skWzmHlErs~X|m!{uGI|cvpkk{I7m2vaPvCmQpj3c
zn`2u`r-b<Q7snuzQD$qt9hupv`vmryr(o!d*p+M(-$&&fZo^a>;l7{Gg@!mZf}Kll
zhj~qMk5eTG<qpC7k^JDB0Z~<SMefmca{w+V+dg)H9dpDe8#ugC?rx9~4$pt%3igLn
zAr5cY+kF7l%pa})2e`Js8LjqOMyiwnxFWYzR`dP?rMc-;*Rm0C`A6U+J0He3&#m>%
z3@rvIKEh|C$5;e7u>DzIiaZBlw6Aa0A7`1*h&`j%`xJk!c>^bufTYUou`(AXjQ8}j
z1gYq71&PL1nG}$%B0O6TUT?awzX2nDT^#!c@?B=0bBXWpgZYv->|w|;)<Z{=`ZBXM
zv4GXtS{I7#05@e!3=}<}?F*Z4AsfKeV64Asi%xahFFqB+Ed&5^VKvy$453^$)EwVl
zW+=;GHCp5@X5Bbm);S&$+5TG{Ah;v(;_Uui8~FxwPd{Y>PiVdOD&*`R@D5SH9rZZ&
zYdAZAx;sD)Kz%qLdwcFPCz;JbCN1T##7?T${GjsIEK5WuyIJQOBo6>W#19vcSqIw?
zuBeT%RkbzGloGNMZo%T+3k}6%bXOf?``YgW|H3%1qdmZk+dhcVg}Y>_qLw;Vv#__#
zOzAQaFo2-2aBYSI0l^{ykO0$T$~W$9gMgkO<50$7BbO;?2S%g{;pRE5;&7&?zl4km
zV5VA*qDCC%Q&i?o;+2xvQZimwY=!EGjzb*EOE@Vj9y0qM0`{LDYZUr345#GPFnkKV
zNVesBoCFCnO|~-nM)4e<p@v00>0P9xFh0Ugk+?&z>?&X>XU(~cm9}<S`ImArZ$<HG
zabYNyqJjdzTDgr_DIszm8&}`USokt-_L38R=MmRIW={nJFpJ-!h*p?iHAh`-LqSUu
z;<a-GMagjhTV;dghQr4~825ogW-tJVMQC%t@xm8U!(mb&F)WqfEBgS!pl_&z2+vz|
zu|zg%nni&jr`)Wn%N!gS)#~d^RIigDIHjHN<9QfP89$dwLLq|isfhNwZXU~!tec#k
ztcaVnpwXN_t~Z0BYWV8OK3UfX*`$&<6w9>;VaXr`8d!L#fn;mF+2<YIiHKo-+YAVv
zl70<u&^fBf#$LtWMb?sv5*S#N>>GM=CpWOifRzh{V>~nF2VN+K^F#p*h?th+48CSg
zUQg+e4ZYlSivc|R0!>+8GdE;7Vr^k=F)lGKXCI3Q00IM@SZ#0HI1>KOUqSd&7i-H+
zufPG_?qbtyvNh0)gT(o;*A@XSQ4%i_sghJ&=hxpeBqiH%+Pf~0HhLM&%QG|243n+i
z^X0#1XCKZ_FK@4AXQyZH&-n?TT*x(l_44Fo!YAf&mN!!9zMJJDujPcX?B+ecJpI=>
zd-{&gxHqQ3f85H}JV+iM7u-DZLU<8Bz4_~Md3Ce6Vc9!=q~YW8YPDEi-h7U-f1KZ(
zT`$5TwyKrm_z_Qyh^FDD<Q|`s6<i3<myf&_E;*2K{!Zqicaj}R1ql+=ys~D)OQCGD
z<&ChFoO0!PE4F+s`NmjZZ)(*@m}Z@{$`mSx?JW->kZ9k*(#}t(+799_x2p5xaACMJ
z5V<s-Jb?qM<Xh9zi-bc6V{mKAUB7nnOE0zO1~!FPy5er@ylk1$&cnXr8wCX5qHD}X
zTA0;&&=H>3;z35RW`)`4#)yJ!3|~W|(Y%#~5?RDNWq@U?D@xJi(=6w2bE8XD{Wf8L
zN*`Q|4|*HFFRf|QBVH0jpUQXf_EUKc6k$ukZp;!ZWGVW_^SSi-+&tnZ%gYM5EK07W
zf{5itOD?}E=iPJ+1^MGnYNyuCsKf=t<$-a+Uvq?~3t<afD_$Dg3jYiJ=0Y?1wQGcq
zzNgZ0GN)VQO&9!LZeiC+8T<tbXUofr#h<s=r-Ti^SbR8V>4R(!sDi(3Ox4H-*#N3l
zZ=qfDLazI&qQsfrcYUaYAVVk(^1vxYf+z7cT(R;E%dT(uKUuc8;**!?Flnu^4th~|
zFMO)CP}LETpC(cEWG71zZG_cu!KJsa#<$b))ieky9kD`aN%kL*r5<agbE1-iiq}sb
zPkCo$Cv|~_-yn&>sTe2e%^TsI7A+VgyFT9ot)8$et5D!*m>NySYuR*z)>M<vz`sg;
za#)AYq<?X_Na>GmIk;p+Gvv?3x)XXklmJJK9I8b*kk(c?^j39HkW7pvIb;9|FQCHP
zUd~I=IC-oMU=cbGqUpgsreqV6o=o{<m40u5^OQW9{DrGPPv~$MEU0`ul@@6*UG!Lo
z<grPxN8euz7uqB}m*(4Q))F+KAZ5xjW2@u-CR~x7z9|x+K%_Jc2#4yL;C+KkxsGLk
z{^!@4Wx8Y^JK<~hnZ>fdE0pEG^7(_X^G2=d--EJ#u3D-dMx^{y#5^*Prv$#W8NSb$
zb9HCc1106xkwa8*XPua-T!BbumDG%VOcp+~-YSTGk!}BGKA$K0^xID2>HR~?)>ajj
zyrb&G6MVC_FInF84tFQ4#h9^V>*VFD*DSbump-;)13Q7M5vEn>a?#ucHpN@ykhPc+
zrIN+?P#g9iX<WQwAEU#cnG>bFgWED89$sgqB0yQl2*@Jf38ok;6&0tnjQt;8j$>^k
zOkzCe;T!Tq7-xgBT~<gVp;<^8Rcq+mfP%x+pf6*#W16@qJ=hr!w!}_s-K)k&;_y-J
zkjL*RjiWvdpg4O%^^&{DOlPbB-ej5>0JGbmZ5xw|NYHKXe5^tN?K#ax(VCt{WXVdD
z3on$r=dKeuSwZm^aG7ubE-;Tteh;pqdD?78I1UT#e?qbo5B-a+p^?Q96F6niI@anp
zHPY;Hbzp@6Y0zJQmTQ&Q^aP{(ORw;ZueT`#+82O=Y1QMw5DQ7l#(GH&uwOBPde&hL
zL8-SwtFCWG4K>yu=tmkHPoIwPpoNYj2n-(u`R(<BJPSDt4${jC^yUv%jWpz-ky>b{
zGS=~isyFl&+#$8SXi|tQD&Kv-*R;oK2)Zah5k=-=nEAQf`IVXlds`!V9k#%I|ET|;
zDh5KVrBM;cAraz0s0dRPQGaqB2<J6E+$oJ*0=4XkT2wV$PE_+k(Mnc{_0~)G)3@!g
zZ`#?h)brS+O@taH65*kZUwGIo(zu|2!>EdY4H<WRhgQV~Hr88c>>sSQxPJ%wA6B^#
zOhqzbQwJE3i<`d{g~W`4SAK*3<NKw>ylQ2jqC_2$0(PJr67&F!m$XAKAKA!EVX!7y
ze!M3moUw8W14y;;!<x;;9b3gcS<A1uh>nevM_d&8o(9g-y&jP=>UdOWIJpd!b1+Dr
zI?wl=r-Rub{)7JW!GA_L1|{3S9|}X#o(YBK-**ETw9A4Wp%Vwt5v8PRb*j>c8<!sY
zvFjud=sUJ|j5@$$*!`b#emZWkOcaG8d6Wa;6WT9*dgNavy-&OT%#<@!undZjQ@E3d
z?H}y{KJ{C;M(=3_y>(FxQP@2OkL$q?wp3ap&{d1G1rGPA+iB5__o0{28~4;Cq@+ZK
zVoeZ;aj6VP+qGnawt|aT2UzjR*lyO1!|rg0NhxMnCA~FG7<l1qH_RA1gyYC9HaKD9
zAa5J|4x45?W)GTl6;AEZ_qeU2A`yd=0Zm$Q=_s^20)_2bk89A{7|+ttIxzo}NcJi&
z(1-2gRxCQ&60Ab-2%-g0g(HIlBK-Sq#T7nz!p4Q{|Bm`l{VCP`9uQ<{OwH~{QpiRo
z&(=tA*v_GLijx>N`~>AlZedXhvjPhd4%;+C(qC!L&-v+xn<a6{U?y$XFHQh39w*3#
z+hHLY-^;Ip{{G=`A9bGIuHG-N*;x%!{DZ&=JV&!g{uXD$;pX?M#VVBn?%&vd0eP#u
z$Da~3I51*2YZm>BwdJH+V1Z7jm^714jct=4j|FDhBA_M8;*=saBo)W`^?NQ!$##-<
zwhIKYMUm&;d+w7iuHN&rKW4|*mse*W7k`}aLq7Rcmi)!R;lYGY?ES3leXy;%mlMW{
z%lG{B=;I07UFS0%tkw9(MUN#BR4KIH@YYtU-f(4nz_YBl?WDt7v*Lc^gKT-NwDbw~
z^7qrT^UK90E8g-w^iOB!SBtaL%P;(OsPv4Eyy364THY!bW_N8~N+`dcTpnL6;sJKm
zD9`aHM)k5nLOUs{?<wXB_L26&kf5ybJZ!pblrpzg-^$@Ioe@=~Xq(Wy6XjR2lD^=a
z#Iw%Xl@l#5h2cxddk<lPR4Q$6f^?m5fi#1~8F0!&WBXOZRp6DCo*NrjBOnpm1_)&U
zVE*h)NpcIuPHn)3MudItB0y*)7iH+7-tZ<`1*oV!pxUJ}agEuU|NB25xiA&a6i>N_
zU>h2acfj(Jw}2sC#H~<TEVbm%=)l^#uRwgxYU}p(fa=i%$ZCWs<AU$YQp&1Gj>}GF
z#nm}Qz~u9+<ga04tyXU)>^B*r8EK(+N&ni}HZR3U;-Blc>G5-YF^wLApR?MmlC|h{
z;By(uxxL3<QPwLsYEg3|6}CWWBe}d&KKLm=yXR}AH4)CeG+x2Z0VMfX?g^)0GaNoN
zm2l)D#lZuz;V1e8qfFj)S|pycQUESffDwOR<py%Slu=)>aC~<9Zt>go#SwAC-z`3z
zuzaA{A*w<)*p-&IQiH0i-T~e4N-q1=iX3eF(DgCO;vQmY*bknvC0I$Xp^B5QSaEU5
z|HX>MIiDOL!KHK7dEg=go`sxPWI!h5`6TT<-0qDLA)J8<KEHi2zMYP*rg5V(i7S|v
z_x=-mkq*3--cv^9<(ChZr@V8rlcqvetl`9{RI-zBOD()NqDAp4E>3nxYbNa6DH9Nq
zzOhKcM(S=r%`y1|{X`W4<3Sug;r_+xBD+7S<)M-jdhnl5aVN}X2my{5*@s0q5NfMD
z<>_8PGBJka-~j->14MAWoYz8o`54VlBRjW3_b3atW)s>ynexe1{@j4)DQPnK9pCn<
z7Q!b`Xc2<#lEx-Fk4>UHI{$9?Vr<4awcmzWN)!b}wW6*IcJ(;FiC1{1*HtPXbf~sk
z+cm{C(fbOX@*OKc{XbqBR+yT7>O^S#7nZ{Qrc#do%;&el%~8<ixv0%mOVPtB5yZnS
z_MZ9DN$}g);e5foZ#t)L$tgdNHAGc6&Wo8URjK7{B@JVrvV<?JcM4nol5PKLKA)$?
z!q7-0R=?i1Z0S_Bk~b8cSiza4J78tkdpsSoR<_oWtiyvBFIiOgCLeZU4LPMK8woR=
zLY51C)5=N-yoC>0Y;;Oi<D#+bPicMn#y%y5zc4Rqc>}d&W<0(wYDI*y=n)i)$R{er
z7^#RjWpZPQFH`5)EtpjCQ2ZVFi8w9>u&q}Jk=U#x*j7v6tx<wgYrx6m?c^pdYV=B4
z*idz1%U<b_3P(t=gCD;G8u=R9Hc!M*^pd*pOlO?{-z1tU0OxP1<!L)i0I}!gCRWK(
zQt4=^iBlrg2p3){|CM`803-#$UqNN!0lYvwHAmDcnl$ugq+>tO{+5#M_L#pl+Haf&
zqD`nN1L_#7-$bO|<C|C&BBc?(LRoH9+0Y7i@~>WDjW0LZgvve`AaWCnPAbND$qBF<
zF@kc|V~{|ox5B8d*CRq>*Mtu@_+jK2=|KuTwjfscw2@z5EJ(BH!>Ay=T%o)LmRX5%
za+3ohrO*~K#qpY=H|7@9Ay|w`*+iDWx94|~_Av}mmo|_^sd6#&{8Dc9%E^N1P7BO$
z4OQYD{V4w*0)rveQmcr?As58$DCkv{@U!Y*xNLB63z}*PVA%s$L^V{-rREu;wv{Wf
z+yv>Le_Iawrkrh+dYYR&iBO`XLbxyECmtt@+%CxA*s2m?gU5Z}AyqMfjqw%}`v;>f
zo=N3@80DfdE80V=l)~7Tt`AOB5<Lo9g*Ebz?}io&s+F-6<<gN#z?PK#0zD8DBoY=9
z*jSljW6gW_B;;D<?HD=3y&!i*%PPAz+G5sKX-+os4quXDW67gh6!V@M&ZDasE-RGr
zh)~Sr+sN5#BoCG6yUNp@aM=EX`tw15Mm!GJ#{bt82B$q?3iZG58nC?&vPbNs2K1<;
z<Y@J3W#VPg1kA_2!?lL@9rOLtlOE_1dwdMD|5M6O$0?TWTq}v6n11=_BmGt~ggood
zY&}B+%LoLYLY*>B|40wi)3AYR^qxl0YoE5k3b#|i(|GWMDV4_vWYyw$as1&VXFCnL
z={e?7z92`C8Xih9K_sT3GTyP5k_~9ME~hxah)=?{y>4uF`!h^-F~cYsoYk@6#k<|m
zW022{vum*y8*VX_YkbB@6EzC|2PCs%BsS@urgcOlZ16I&Nh2;@g|=6qI9;1@3|d-T
z-1}}@`5#!a6LGP8xIRtAqN6FnDHsnUS`bxv5;!ozzpqvr;j<=e9LWA>tM}oLDDHQN
zAW5TZwpWr$YMC`#!ohJm2kaC#F--WG%CWe`K`HhM3`DqWQxC~M0-c=jqYsy7R7(ai
zdAfdf2!gjilMIh|BTV1TVipgJ@=mm!mLAUu_vrfS{n-UOZXk|-5So622vGPn?uWy}
zFRK>gQ~}E0u>S&gyo5Fu6E$IDGVNPiZ`;Zde&1g)NDJ6TC9#ejwLNf*8i`W-)Q$sN
z$;s(Uup(E|))bfFl2PPe-<iFTOI<9xNl-NQgJFq#o9p+@tfb!X6fXbO9eg~wcy~Uy
zhJASUYn3kG`JeX>p20J9+ZA8=EKh}g##rzA6yBa(3|R0Oy5L^I@bx*2B|RIf0xoZR
zcE#(#^{cD1cf+&Gw`@2Stak>uUS_)FX}Y_=$2#s&T<KEH<gG9dfoF*un21aiycAs-
z%Q!W|GoC@tCwP|lnx|Z5P)-HJYK8+zH<g)yO5-@Fu^G9%^@F+xaGB8nqk%$vu4Ew+
zkXc@pxM#s<q7;ROQUMC+H{c`nr9MD|)WAt$wmTH4JPHS|g^mlEmr`YL&a+8{$L|?~
zbYMP}@e~p>V}wE*k*>|ZN{fQcc~+VeompswC<Hy3h|<iPi9~W37iwlqgMSO)Nh0Yy
zp0b?BH^v@ldLGk5U2hNd_9eeT&8@LiPDYj41oT3eV%9_NpjzItfwUa5YBs`s&=%z6
z+V>>Ke9B9h@;n!KB1)Z+Sy8mYoSmSxuVoesb0jUsBR*c7cL4Rw5?&<m@f|Oxkg1Xz
z)8RO+V<@ec0KV`-stSFbikTo)oKtWk7i2DgF@C#nAu~DSDNHJ%OLn4lH4`uw#tMOr
zQLUMq`9>tF;IMxHU;o<w)IVIY4I{hbf@b3D53k|u`VvwVqw~=nXoRxNe~BVzot`Qt
z(b&xI?jLmR#yzPOV?$I8eL>dtvY>clS?Cf*l}r;GTcn<gA5=Djv7j&|6<Cu%Js3`#
z)PuRIaCxfK4W#l${DRiO-1yUB#^9)Qk$TJk;3&g5KeqDiAAGXn9Yy9TjpGcZ-77!a
zYTufKLtiji&~eB62S<^AT@Ugio*w(n&6|42t6na0@p1<Zvr~`Js8+}KH0V)8lk0sW
zx3O0va(WykO@daP?(K6Fg)`A`QDZr@CS&z`V+o4|lxN*Uj1hSfpvM^aCZA%=Ck$as
zS9CZAR6FN8=<pI|6?q<?XYzA}b7u-Cl5Nnh>(bZ+NiP&c=~@<=ZeF`2S&ro(6<7^7
zt(}|~{bv5HTW68EwSXM!XVYt0iny$bI_uCDCory1p;V%#2)(+>b5&5{EQ?oLOpQuz
ztT|dhQDqrUp>V#sW`76>1iDjvHdwMn9a|zzHG%&MoVpnna}2hc97jpdGMkz%>^h``
zrd1fHw1Wv%hv+lG4bEcr<E#u5l%en@cs*Ew<0eYxT*=I+N>Gf?2td537T<T>TZSYw
zRY)`n=M{89W@Zzt*0!@m;8Bt&%uV+Iz1ND7AgWEw;_TeAM+c@A;(oUfJmI6%W51p1
zh|+JfEv~`EHHk(5H_23CooFh8A=+w3hs<h;*VqspMK&agMvO!nt8m`Jf~8=g%aA|#
z7ZETsv9*Q3UCkHZfvs02>7EsaFqB~+1;Mi}o}wJ-C@NJHZec_0%0{6L4_6AnT;ifc
z&9hYT#2l0tA}2qs53>$4U`~Rd1$l)fk0B6$K01-ZKR;Yp`l8Gs0`nI3;i0QICQEf}
zZQyupHPuPDQN4`PE%SClB#V$(qg0OQ?~5$T2zS96B3hz_UZQVc7d?ph#;dfnhpMVX
z$1y{Iq@7P&go{EZ3F=r^W!YFxs=`jAv-g%*`#G}qKS*5^7;Ay1tN~xv+)3je$qzTt
zH(2^+&BTY%_hE~^PipZnHu*-mNcCLla#9HWIqhO<pk=&5Y*P_tB7dnm=rrX4rAN&G
zs8LuZ)KP9L1(Q)YHLMlBN3n4D$!ir<0!^{7u~cXZg~R1SVPlzaSCO!-L^#|~BD4#H
z_2t1zM47m3^lldjxY)<3Kf}E@MEr7RB@A{VcX+UFrObG%N@)sb@}mg{O<cSHEoU<2
z1vz)%dawNsf_^M=!$Ue3u^dYZ>x``?lZl@Y6I`Cw!uS_JG!sw&1`dYM1tNf?GwYVa
zWqxxkk!=mS3yVU8TFXeZAp=$zm?EG?0)keLx56TBv#CjR+SWnUDirtxM37cmma33~
z_@=@3CD2AW5|vpr*Hl)`Ib}V;=UU@WxnrY*%J^1CS~r(w+_4+8>;}I3HK(pEbgC6@
zI{e>q6Jtx<gn`D>dUnH6RDekfi5MwLm2J;6=Nb}_&d%^@*laI>>Kc0Ju{YTF&al$J
znPXMVtWsDSU}-U*F05IwNi7t&r7HE99YF7KP34`j2tzqf!tymyab;>aUNVO?69j^4
z)I-^#IOQqF*0!XY^ER5x8yQ{RcEbX=Z6Z7t`vVjkwauYT;cKWH5r>3YqwY8IdV}CU
zoY@bE+1>RG3h03a{VK=A_q%7W&R(4l_JEHmFT#+#lk%@l2j|@v+xXtix*ypWQ;~LG
zJcQ|~msq0{#hk5e*@|FR%^>?czHB6ZwwCx|JMn+FO9C>?i`5%~Wy-h4UQhY&`#+TO
zS6uf{zHf!o*8YF!$XIBN;2=$O)bxPVu$C8=V%Wzfy~VDJ0_Kgs+vtUGw56lfW7z}f
z$ltNre!_<`w@59rWGy328b&ff@@VMjb47Jn(8SirY>|;QwM-eDWr3BHq13I}WjD4M
zPCdSbL*|-#uM34)(fDPBR@M;8ww}<p(=FzJP0SHufF}*MhBV-Nkj5dB##s&Z9$zh{
zqp&H4Y(}A4mvD>iT+zQ5SM(pk75%MT;V*{PwT5wwm569*XNv5>J0nL}p2CBgMYgF~
zd?;spGimfcStYlTMt?(}_~SXF|E-+SZ#9Ts-Iew*^rk<eiC)(wiku`0B(I9pOYTv#
zXG=J&WB-j6rcorXMiDKI`q3XpSk01Mjv`uHZ=~fU6Up&{T37el>)A-*R9z8uOK)p+
z{_YL!^W~n3g<Wmf0|a(7scdg%>Ek2MG)<R45#7=-&>y>i*mb-0hgHp)^yK~3Ips)z
z_u=6@rCWOw2lJ_L*S4$75U!xhT;q<1HlVD{_|LcXi(xiC8j{wctn%fKF?2o)?hZC~
zmH>CRmh4`wCH(BIWh=sdbXWPJRUp`#6Dy%XfY48FPx`3-|D#5j7wBQo3WpM2a{o~g
zX~!Z_#t5pIMihJ~y-aL$`OgaOb9c<{Uk+@(J7)h?IY6SL<d3Ev@UB`@5tuK^_}z^M
zES<JoymLG}J-dD>zLo|5MA2{*(Nrgd-(rPl>l<48ZJhgF&$hCD(+3njp_<)%LK~<I
z4h#reW~Sl9r3Ig(Rlb%%UUsN`rNRZRCbC%3rLKv5N0?>`eXB(i0n;hJiMq5U=wIO_
zTZ@JFsf@mnWYU5%OcgixBTN^skA^X;+^FF3MnmXA@2^L4*J=&$O>F4H=SS0F|86?8
zxz+W#^?2FQe-Vu;YFa$w3o`i#<D^)ayH<Zp3y$bJSB62K2==EVSf_yX_s;Q$!SvVn
zxBIC$y;}VK;cqv;f4rK$n!J4Z#Jf+t``hN-zue8cobu)|@ak{PK4Y9a4JbA+1jWA#
zbeXyRpZeCHnpUeK-B~BID&)lO|3s@#wE9Z4dOaAx$@%pqYyCW|v;G%go#kJQ*$3#9
ztjfFQ8k&A5W;Q-~KRms>Vy~tJn(@50JRAjX`1@qWWlGLDX8!@2FKbd2Hvl#`Gc#oG
zZ`-;R{m#FF@TUZ`<)$kzpf9gjnz^m<(j-XIVQ*~_&=Mu_RTA|`DvtBl?_83SY{%`^
z0Yzg=<l(*Np8JDN?mqCVf6v}8E*CdvcZ=Ebe0hGc;3s@?))oBai<6THpXjGqAscCg
zlQWg7w2~9XlG_jb^6cY+J%7t*+-Y6mKi<FLqTvzys1@lqQAl2kM&;7FW3F>9c&6+(
zu4=pq;J3eDUR~cVZ&~t|A2{Rl)%D%->hkt0KXq9(%T*=c@Y71I9+Yvj$2vX=SpQhu
zp5H9}26k5}%kfVfFp}@v#*aj0HBUuV$t-$s%yXk_F4$;s!nucSjV_F+vA*Fe$vcZp
zf{sdc*EnffVH}+Ze^g@~P^Zk5x+_Yq9M810ywQ%A;z81~9zrz$X#VJ$)G6I0j9qG2
z>q_AcG2>xe33pQ0iHfha`34--6yA_}r5Zsv47C6D&yNUA#v^Z24rf=|l@t;{STNCn
z1sEb8gsQ{}_(!yXK!JG7a%~P70qeaNII$E>>L1uHO{L6|5R(``mfT%ah$mlWDL;jq
zxhmdF*n8=`58**)yv2d|@Q71*`Ir1{`1&QknR4P(iYyw>GMS66a(pgbI@eG5m!x@t
zSS@qjNQEUZy^&l#D(mc&Up?`)sw(1~TiI9zZ+j5yLo9a=Cml5$VQeyCC`yWhjas;0
z=r4F>^0BQ%U^^NGU>`*5Y5yiSIM+()?F9?xSC{XW?>`|I!3}@6yjZZfA=x4-gV1$R
z$p=}1s=Lkrz2TW$bwxp8)}3oRFEqb~SnAh<r|1cugx4^|$k!~nx#fRj$?}>{ULb>|
zG1^$*RvUigV$P5Qk&xp_SbH+A^|}zIfeALgeL1|H4zH$up=ttGa4oL=E7l?-crC3(
zPW2G4_8w1>WwMn`hQwGSh~B8+C*h`*u(lC3YE*Kw*dnc*uxq0l2T9seBM(biwLR)K
zyNaI%5rf+U%Jvdz$o2}<tc~)iDEspEua6gA>n=kSh-%GzA{;{6--~@BN-HRN>a|Gh
zGu_7Ar`$Op6ACE=yq7NrWV*auMwtfsET}W0>UCyAeu!q%OO->*yReWgq1MV$RoO`#
zCWh4Ml>)$bfN-Xh^Bm<=K1V}PiG~MJb*NoBXA@do{JVi3rew+FcYN9@uwczm3J^kI
z399uXV-tTK?SI#QXmrH6)Zd3$NyJQ1Wy|w~-94{E#4A+PRaq?7Sd#0i(rd~;qW3i-
zWm}ej`oFwtSkmO|b1PhFzp{{?_n9*MS3Z9bW{&bZk0p5S8;WI_aAJRnequH?68x6B
z-=8pR%hsp|3d*lTty9^(u_7vsl*icTc*0lK8HJ^P%DQ_!pU>?ETC17cv=UFhJ=APv
zR947)$|5|$o|SpQ(zdhscEV~|YeQ$9ym<MFd2{dMW+T=(ClzTa;igfjMxwf}Wu^q)
zB8IHinaY*ShKG%2e@Jb^C-ylQ{FPae%lnux#JGQ*<cbJoJ|ZY;o=;S?L8(xjYGU{E
zFGG{uF6>m9t%Gfd697~|tG{ua^k8FD%q!rn(JDd<!_E-x5GF2iv~_y0p(@H&ovK_Y
za4x|1ar^<O=ZnXIfCpkoy*~G4-D)GiHys^DjknaGE1inaNPLHm%{G&%q!L%tyg`YS
zLoQ*ovY2h?6o@~A$;1PA!SQ}Rz~s_OQ*8!1c7^s|DH)gh{LL{e_`${dgqqT$4qE*#
zBK1gH`l{e5_4ufS>r$m9J>f?F*(p5Zt4(wv1BqZk*Xn7f*@oe4&`V5!ZN&)6S&Ol!
z4ntqtRRcn)*MyHS*nU77=s^lS_rQ0eu#kVcS(0TwhTcGWS)jZ*7FqG<#AXacN}&-l
z=y*-)^|=Le2p02Pbdd${asO7*K8GRd!UFOrR4#_uB$cCGF<CH(Rsy4DNtJlZKFa@n
zU@*jLY8AdX#DX|ZtyX0LKbj7P(-Ip;&`?VN%l2TQYM2~L%@I^v%R;O+PTJ$|pToX;
z&RC@ma}y^fN|aCtchC66_u#%=ki))J1;YA>+pa~bVp1IR<`erT)#mqv^52h~-kE~d
z&{IlbtP3|7BQl8|1*_Z|`Ny}V#hj|8FGaC*gc2~4vRj~gVw^<6;siESCf``&+MN?(
zt+IMh&i)mKWqRFI8Z)^H^L!&8@gW#Clsu|MKJTgFP#pp~91e{Mo-)dKC=_>xQ8_z}
zWZ!tcZ9GkJ{qmo*pZE4N;?aX_{(n~(f_A_a>VH3UphuS(d&W*^K+j4_RI615F0u+A
z9fnog;`+tAmf3D)$qw|09X|Ry$|2*Y!?evrmMK~fIS@ZS{o>YV_7&2(cqf_Ze3sEY
zn}85gn3MWj3ep4h)NNoIy{8fMlMTz@h1sg$VLbTBl<Mbh%i^3JvYiIq@ZIOqv#Y<?
z1d$kqN<Z$eB<s;|vkyAJRfG;3d)?6Nc4wFvVun%D8D05?=kK6>k3l|{Mz6(MY`Dfy
zUg58wG*P4Qe~;7@Y`imsX&s7$4_10MX~d-~+jv#;({(e9K`X5t>)NsM?|HJNIA1<Y
z7p7v-(v)BnoQD%Nh|28F?<YStD~#~b5;hEE|FhS-@Mom^Eh6ZoAvEKaB$JhlmaPzA
zKb-@1iW?&){7B_c+{RyYFc2y0sE5Q~qZSK(c5!>f#-DDEPCzWa_LGMk9ss-P+L_Pa
z{-Jynbz4b`?*Z}b)7^)w8+KmeAbue#`jy1N)KlDG`!9blY79~d$bQ5A11c#G?W;Fq
zH#Id`ZFAc;68?@~fzc;>PLkuaGk2FbopV#CQO~tAmVI}<G~<CtP{NrcSb~(S{Q7%#
z0g#krr%h)vjzj|c{_^Z<di!2p|93LGn%|yZUdmHBI&YWq<%`qPksR626H~fI<@rd6
z>HNLCI{*1X^iSnPHrD3&BURhjLNzAA<E@PEZKZ2GESJ)4U84(!H#nS`Tsu#3{>#<%
zhxu$Srr*l};g8oJZfDn5^H1`uN%IL^_|9MW;bQ*wX2x&D?aF|nlj<wQ7)sHsR3mF$
z)!ON@k*RSH(iCc`-BilkmB!hsZJ0|b|MT-DU+XUr(PpK^0Si^8vQo(dQ6k9}I*OxH
zQ2u@^Q=O?cZ{!gjU2H|FomrO0W1<HxwQD5KFSWE8KkBq8d(}wypDwQF^6015HR7VQ
z?Q$irJ7MN5%<*fP;I%ExXFRs$7}t}$O@r`}7{3EIq0-dQXO;IVBv4=FjulC5smF5B
zlHq=94J;uCSF&6!-BgGx+i1z=9XK|%WDf9DNz>x+4(ryDL`o*MSeTNZ2`K;1fBnqn
z%*|qL>SioS3fruLVVsr)v?IaPTA5re;2<{Y#?}v@cq}qo4~2j`R%)$@(@K?zrU$M~
z5)Ie*C=1~yrnes`GDp8olsu#0`feodoMsJLr|U^o+qFq`%8|FL4F}4v+4uD3*X(A;
z>0^2QS!@hs0TsxxQgu2>Y$P-}By{v(k_S8_{W<n@3PYG|EOe6`lLjfmUoMn0i9|pQ
zDS-8z^Ug*b+sem4)PY<pf*z8++~^wC*UyRKc?|-`XNpK*Q^l#mUO%+YAuR+>4fk36
z$<2e#w*tfyMMl{<tLxg<jy*rnLAsS~j~no}K~Uf}>pbw?LY`4x-!EDh{0FzhCvc6V
z_#l0dBQ<4Qs@Dc#v00J2sol$ysn~TSyyuV&CU2mid?@V(Io{{3s$hhwHe^vQFJKBA
z3R2Q@2y}^!R>?{(Ta9==C@DweAV^9{VC?bK*S}y2+_xLoI~8`cYnYAhusdS8VI$#~
zK}u{&k*q9K9a<}qXNfH{vxKdF)D4sL5866-uC_&Z)J3`f3S*909j(%!zle-a5U3~i
zGyYAJY>AkeWwO+e2GXLSNd0JB<Jh2GW}w76gM5xeVo@G4ryfvJsVq}u5k4F8C%V9E
z_A7#0KUTRaV|nwQ)(L%eTv#6TmSRhDUXvBxUSGYN{djkCPE|m@n_XUraA9buRG#H_
znd`OAVXE7<2K5qlUbM?4xy`l>wGMcK&ybbkd0!7m6Fl*+ITc=s>CIgJRZM3e<md(Z
zs}Fo%^N*U)??{1QkmHd*d)lAn%BSiQBDnDOW%qX6y&CgDQ+iuLwQ%+uoTVaJXy>T%
zhsWRUJ?1J@=`xLZM?!f$iEffB=So#*T)(*(7%dx#ceYM^30>+^*PUNVz1hwBLZ?RU
z)y+W}rzjCB->5B2Qg6x7zMAIN_x}XR1o4mtZs2-QC~RsnqtnPvFehm;X?&}XeFV(k
z;iE4A>X7{oU-4zWC;<-X+&A)FreetS7u#~jZMoM#B5JC{C}Z0hj;f$~iZsqG@(p$u
zwGKAb&*|#fjwM`G2If@1g4IM6x|e3)yd_nH0r}b6+1twtG~0+1WT8rvp?ZydP&ixY
zAvP#<qf*tVW1+G}*N5l>s-pW>xo&nCuSViS4b%oPQS)nvtn(_y;_#r6XC^TT;NnQ2
zz6{*OMOu^2cu==V1Czjrow;D`s7|N^5(*1nUOg%+$yn_6l9Gm8y{XNvEeIkKoM=*{
zKjpX;j5UUVvww$t8ETm?o#Wtm62Sx!K&wYoCL&VKYGzpJ#AI8#z@`Uxl7DEMLY@^W
zxraM|9|oOp@Nn1+OWhEF`rT%D+gBsGR(Z=6nc96cEumXf^{M<qzY@Fs%8;*MH)Gp+
zs6r{vf>`%ntX_-V=YK|#Ki$;>0}&X6dhm6<z0@xs?yJO%Mcw3oJN@SG<F3z3`8ADR
zJl*K!VWVxXRoPb30!6W8WcQ5V*dBfy+6F~K1wDv|;C_ly9|5|&yPN$m?!HkM7!z(G
z@WZ23X!TSPeeePdGqfdx3>o)eKrN8<9y1I9AU+ZD3)$IWYILQHDlPY<AVx2+>;xv!
zNHP+b+g7Tn@~}pow2V5DaDNbNIuAAxnE&qbyq_vb+W<ZpD<KM2TnCZMgSH;A)9nwJ
zEaZ?ugPGVA8VOFQL)V2VV?Ev*<b021y%EA-8}3nZ0MFPmbz)xt`#H)G<Id-FuRUhR
zS}QUE0-<h8LKA|(IO4KH&@gIvh2bo33@ZAt1cvx00A|b19|DzV1;1ek`;Ze0)Y(|^
zNJ?K>AbO>I3ku3}S};5d^JbE?0751c-@JGcHI+J7mBYlrjw`Kq3SC>9hMPF6zn7Q+
zWRv0QzPdrI9un{M$QD@@hV9@K_Pg(Qds)S_eVH8WE8LR<xGjT-gJ61s=s=Q3dG=W3
zygM0*m`Gjc>Kk8|BHen!c%Q(EH7!NL94%6e`UxDo#k8Dd=5Yx9Qr|;UHWgHx`+gLQ
zEJ@>YRtyRlG2<Nc3zAUBQeB2I{0SUR-3Ges4J1#@0kf-Fm;(Y70pNj|BanB#n5c3a
zX90@YU9y-9h-zURP0u@%iBR2aGRT*ARL<&FpJXa``jDFQQ#Z$vqfN_*PLIZNbQ}KP
z0&sJ&9Q}e%i~(c8A@|da;ltERTr!FmBj!i<-^CB54Ro&T^JGGgMT5vP-^ib^Ysh>?
zG3+!;4kX8td0)X(t`bw2{x9E_Vp?Y6V}+XHJ_$en+#_n_8+o!;^$7y)Bm~=uU$O~8
zgZoD;+5u_|?7On@{!}=(Lc>^-Q{HsLq)G2<rzRfrO%T&Ud<+~uiMBR4`kOA=S0^VY
zKA}aktu&rKtP8O~ur2jHN8lT3w~P9PNGgoyZ{#Uvf`URFA78xuR<OAD;c~4u;KMK<
zYSsqhp33h%o_{0ZLlIGT_pr3$f7&|#NqqDIe-ch*`hGA5@#|@3$e@Bfg0ju_3`Lty
z`S#{>h+q1;H=LXa{7^9_Kaq{6ky!5)qDa<EHLPtGR2sR+GJGWr&{Z!dJGj23F;y@w
z@)Km^$wohZfhgN+Z~CF=Wvr`<3Y~*Wi|-(WIcUd6Q;BaByyOdeyHqDsm{eiglA5K+
z5H7wlI#f)qV75*nGT8xk0ei-P1ln|+Z##4B2HNkMq(9F2n_)=mM=Lj#k!lyK&r+nG
z=T=-5*rZG!NCvPGFp<_`VYwRMb6C6WEONVJP}C_Tz%XJ$(dBuJX0)p9QNjv+8}wUh
zj^S!&9;DEr218hNcQcECx8Dmg<`4(Xjww<K^(1{9Z@9x#Zb2L(+p0XMC_M50{vc@&
z$&l&%0n*4<E>Yzw?i)PBjU!a9+7cm2y|t%L`M*yX76LXwtKj0W2Lz#}$KE=ME+dZV
zi27OrvSN=cq8cKHQgdWz=do0aZKK`s^L)g!eEKT&v~9vliW0>a!d)J(J-80-f)w_U
zhYc1z?%E2e+PFU6II+Jn+W3wy|8b|s$}H&&J*5=JIsfxctx}C11*w`%oZ(|=2|^rP
ziX!;r63`oEw?Ie3G@5=s!N|~6CT^_Z>=TP9zkK#%5DN5N(TZ*fW128?J~lE4)|I?&
z&CFxR!H-e^<H&eKDE~qfBWI_P><cf4!iy)iJ%3RCZiytwj!b0x=T#AK+7qf!|NEi>
z{V!xs{GRqKex_)pU(TR6J~n{1uF|kTTM5@L9LZ5OPmV@U3P0{J?GT2OeK`H%5^-O?
zrEZ$A^qtsj!f=?U<66^dh8K2I3>$4l?;ZaxqvIr54=T8a2Va>|5z#vl_DVk63F!Lo
zoJ;$gIv*2cL=P%?I9O=WZ*TncC3VRw{l3?A&2AUN1Q!cH$)>hBH$0v(W3OtvQ5&^o
z$e-hXMw)(O5-DNe=yzlut^2i?(`-$GxU>`Rcj4U{z{8-0wT)=2!4$l!$?!*23VRH!
z`>P!&QNU2C+gTNUSu79XcNY@8mi~iU?~*^KxE~lob`xVmXd&wA7Z)DX!@-QsL3S)L
zN3WwPyW%z&A>&p$OkDGe3weGyzouFe*#vZbbb8GD?}$M92Y!h(;XIBH^`oLSuETdv
z`TXwo{q>D_y8=UbsdD<^wSmZIN#1?=$FcyRn!@PciT?w3GjIQzAOJWyFJWS0H)A+t
zGG%IIW;Ho7GBjpmEp#n0E-_;{Zw(C!NIJt}e`x>!;{ZT&)?@%$0AvAV0&D?V0RmbA
z16l(FS_B1J1qNCN2nh;W2S)&817rk*0AvJZ3xfk%3}p;t1!M+f2MCP>1!M`F1zHUX
zWD5&r2Wk##4-g3g2?AsgWDH~tgaKL+WDaBxgaBF+WCBwFDG_=V=}uz<NM!&30%QXO
zWd&peWCer(g8^CwWd{gk2?z;f3=P^7dVrvyQAq?%AQDNCpq!K>$pbNsF~k_CkQ9+5
z?J6FUislR%stb@!i~x2p5g_1|gD-a}ReLOf3>Z@2fE@q~YJx2UCy+qC_>k)BM*wdi
z{}OOR`H}oPAc2tQ0?C@twq$2*Px8r&LjuiV@PW(e$d=xN1Zc%&W*84YeiakJOaO=;
z05#7+bA}&@{KT)^s0lW955#`<U4pX!c`i3a23a@_YkkNhk!*A0gG_y7HL$54><&&%
z5_wvz3M-Q*3!AnEZcTpE!zPb6Wt`Km*i$BlkXEe87ffkix}f|?x8;EWH|Z{$H7(8W
z+Szw9s(}d-6$0=Px^x4n_aO^FV(S3-g?LE-EQ9zoIART1ZkpYAg`OXvSr8If8rlH^
z1gF?&_=ArkXpB<dOpvXGQ{6zt&;g~%TnVUVr7G|!YHNxzkPZ-^0>u5?F%$VeN35?0
za1O7=T#4glsct6D-=TDcGdR=e7E4n8(XglM60<pzM>I@H!F|YCm?-DQhTJ~K8@J1q
z0j!f5yon6~*w9CmK)GSv$$!OXIN=?wf>2`#o_@}^0;G-rT5kLnNU$6?2kb#{M=3uz
ztgLCR*naeXP=Ch3-A$I)#>flhHi=p}C`oK2&@T0fs+85m)dNY|`}_g)z;A17YilDT
zqa|BPDRPV40a^iC0bc<~V7I-r-FBtiZSOj&=MwB2cimBC*l+(Fwd0O^sskW%sUIl+
zEpe|SV0c?6=Ws9XMRD}Lk>%Kpd*Kaxoh=%xc6SF}ZP>k9sc5MYwZ$5zTerg#tbN|*
z=y%JeX{)KvOvAKW!#3-}=CyUS%7fdNi&0u_C)7s|b_qHUwu7D1U^Cbe_Q^YWI14t>
zz8Ts=Tc%(q*f9h<Xv2W^f&DVD3v3s;3GCK@{j*sDc7VO|**!daXQu#cojvAkoQ=BK
zvMt6oY@c4+wZqnCZE&?!`%CQ+!qz1&OEL>+XFz)c+8xmTfLaolCN@wJ(=XRfQ_E>r
zkM1aLWMq_Y7#W2|U;oIN&q_m>PxSnq0Adq7uUe40Lq;CpaRu^3&T*Dg(#TVe#^ExQ
z9tGh%{V1lm;ve0aPMo8H5>I2d{gPuxb+M;rlnPhG?arFDGifzBBhI8IPKJ7q0v+|K
zKWcr9)8F`jOB5WaK3J;$!?##VRy(g|VAZbM(q=o9rRAhUslJkATpl7#hT&m?Xwdyx
zJ}(!uyAJ3!U8<%%ZIo7auW#yU(q<~CwN}+I?82~s6tE-Fe!;KYkO%zm+dqDQ1J9)o
zPk<l@!v($~XI5bN_?WmJzAjx4fQK)BE?Iy2k>phPkfFpW;EGU77PYw)H_p`|b)6}0
z)tRb|CpNLo)ub++wlz_;YYR6AF49id25$RpPv@P026ndloz?VCP0N(py4$s9t$y)h
zUsa%shE-c8Cks6Hj<mf2A4}}RZ|}NC&Vnc?NeB{YNX7d(v7M5*yj=#by(4!B{C~9X
z^!)9ydAH0Kaj&k{ed1=#!HVZS{3YwH#ud@-hVN-<U9H+QMdFa$aPC%5N^fV9%lf8I
zR>LOx)h~scFs;;5+~FpxqPprz!Nu2cukkRTNnHkGY9#TVkNt~>{e=%7CwLpHy-KN4
zs?pliX|xuFlThasw|ELe@bh&3Ji9g3aD`-Ftz*T(AY{oJpNZffN8+H34+J>syAr{R
z|B;-JB5$kC6gs8%>Te_JwAH12+97y;G_SUG#^$9)Y)Yw$_4(?mVWnR<^uqlsTjlLw
zwlAB(WuF3fA&Ayk8)p4OR3gW$1>lC~d`!dW>JD3m*&!8cr~n_Y$dr1WA1ZpCvjxJ}
zh0qw%k7A)3Bn{WIm|8CsqNs;=wgVL_X0t1mj+}i=u}A%g`cr>Cv((gTn`B{S-A^V)
zR)K%z)!Cyk0R`_mtHflH{d|H$piJREcu*zq*VTEicF-grG)V!FTjQ*k#HF~l7~b@T
zd0KE9?6&o!H_DwtR^LRe1(Qke+lPcW=!LKH(1ByXH)~q6THBf3?re3_=+@oQhFQ*|
z`7};bsR-)=g7*tEGDnZ`iD;%d{*oGr0MDY~)s$67tfFCHP@ZtG3`-qIwd)d>UKx^C
z2DjboxKH4^->xci7lGn9B+t8khWn6b{f3*z$)Cy+#(UL!c@+|9er9Tn!a>uC62}9z
zzngT!r2xh6v}LDfdfLopOxw5{EWcdgZk?>!3RHde=9ww2;qkp31`)$4wAaHohj(18
z+jJJT-bKaFwy6|fFP<*N@>FJ3i9!kYC==HS)B4oEsJBdmak0Gd4Z9iEX6smVOUm4&
zxnw1+pH&vlx9Oo+#v}^(?Ru-@Zh+hSJp=0h{LicSyu}^2RwQq8u_f+i;)*W4KHKtj
zQ+q_krutPn<%ou*9Y%@}8G>3p2k~@<HIPU4C)b&J@fu5Ot$DOTMnsSb?S>8^CJ#RL
zu(!I{SBT_ne4_78A!x+Q8upod2>7ffm7*)Iun|Kjhr;svQ6LDfJqN;l`1D|rv(e(<
z9|9VM0I2iDd_{yLNiysivtl4D7>vatBH?TjBI6ACBV%*vB#=QQM^Q)`M3f;!W<*3J
z5D^hck|Z4~1V;}>NLOOwxjfYZqCI(zDW1`2^9n2uL2w7ocG!>UfH?rHa|&C__W3h>
zJ`pKCeK{OkVez`N3WALqQQ+8w&*)f_kwrOw>I3A0K=a1l(cIES+8P;2Ti;0IhDAW8
zwRVIo5PUyts7JXltoz3Y0CdhE0};KWY|}fUt0`acTb_s<EgRyZ#xTJs7tqpRFP7KF
z(@%Ai7BdHC-5!{*My|z-X`cOY`c*|WR2&Wj+t_uS4QQuwRx$A1_gFa=@sr!}SUB9V
zTEw{{DOT)`X^daxkkBURi_uP~pn1&nt877IGX$=TIzlaEwH|pPcB7r^aVaWOr`-z|
z-F7G@@DPoZKivmxaGQj^Db>-ix27woLbm&dp45IfOpEPGp9}20Y={bWd-d}9z0L?q
z=}0gJsw74}$FdHk0*rN$#NRX8#4B4J$h`T}C;D^Za3L0O#n=ov(?A{D?pupfn;+Xv
zd!7d1vgXm3p*5%@xfYbkbSd)lo`XOkBmH^T1M##%^!@|-pSoa%9xY@ASw9)Ij3ilS
zN@>)Dw|jxh>90rI+Iau0kjIaf1X+RKxf8h=ZOa;9*;+|%jox^%aUa*CnVWZ(LUcaY
zVT_%>rSI?E%=3E))Gsq@t^5bCKN^O4M#5a?3bS%$1OwK&M0?~v;9K=fcdtT@Fs+3B
zoS9}#9Bwv)@w?$uykuaGj$bGI8}IcPW%M<nIFv?{^Nu#@fOzz6=<wNqBjyLBRq5y*
zShe`+CvW;L52rz(-BLEP^kK_?T24iMV29O%pfsN`?Y41;%GpPx9^b%%=94s^u1CzR
z_Oy@-)KB~9OnWoj%gbP_J7zrd=(a|C^_3~-Rn*{Ms!s%7RN#inT)kW89*Ba4<U?Gn
z4j-SLuS0Hk<G#mT$!BzAa|&Ax(e>ER|BTG;z#@h5G*^ZYDg~*?FD3;t(Y`@hWgMHI
zBAlFplej1sk1NC)YKTl+I)sd;Z%6l}7*U|!A#n%}5uLZcklZ=w8?!W{=l9Et$%k8b
z1%^;?p9SEA0Y5G8QEJm*$gJ9d5kXwer1<Vw0!recNPRYgSue_Q;9B%}3o=<)8@f95
z+|Q?6zZ7LP82E~EWk|GRS0>s?d0g!zHLiAu7xSe-UFK?C=;hT~g2y-P*Pn4Wutu{S
zYo2nwra~6o7tz3&zWWKjMhY;>zk3T{nQ3N(-2{W3aCu0U&;5xLD?a*^fcD_db)HeU
zM3ou58vBw^)KQI?z}ASE3btGku#^|4wX%3X@<Zi_yIVwH(K)?!<WN$fETtR1oA<^5
zMZT#Q%5CV!^`Z;##HQ7TNZM7)YB9+?eakvGmuDQR;)b?%qUCJu$Zck8XHnVOF%Z;{
zt#zboTy{ul;Ms98IE{hLaz_nRjM-ZIZwM6y(fkzPi;G=hWKMH4!~}6&t^xKrM&zwW
zI;E#xqsY9IUmJ#8JS*~>s`nC~l-fBFzW$k$)sW_~mvTN#KpyW3ePoxatT=G7%jj<?
zrBOhrrPeDLJc(fHdsnTr2u0hA*fv4p%s#BXE8~Q;oO!LNsfSi#&Wo>b^}iESx|?lm
zU*YJ7NH};;i!3*TXo;KTGA=PrkQ(<0y|R@`k5}xoJ%wp_I8Tarh}DiR<Kb(Sy=296
zcS`L&ad>#Kl(RWv&e|*QzNBB!()1OLr2~PHg`*!hEaHqbj|c8K;i_F#WtyvPwM1-g
zeEnoN1kT?~k6aME4Gj}pkX^{@IShLa$2Ux7T#=IF&^Hw`?|~d$*4Ev`_=cD9Efq1u
z^0Vl(<6Ah4cIdJ&Qj|(ISV*(|;;i#xucCNv#&8x@z@~}_KN!d&uq<G$2`5VFG?+im
zV^(Y~G2Q=U)NY0#0C`zqDinPX4l!mrR!h4V`)5EeHuN$X{#${xcNW{9{j_1Cd#YtY
zF=PjJsfUkqEzrW!tK@-`gpal!fevi@JD0-lfoa}3o=Vx?``rgdhLT}#x4ems+f>Nb
zXAR~y#)r2-!||)13#aO<VzhN-o9bC5MaG9zA=-!%8pxB-eN#mG7Kmi?Abjs!svrCG
zK*%TtVs5(-r8^PmrS^SheC;VhvrM*hRkM}T2EtH8@?U4`4Jr|Qjj3%?4H+lL5xlb$
z{v{Bet@INfJ#1Owx%;H%%EDBG<)v(gApkG!>O{h^Dh#v8GH+1Uy@q2qN*&?>J4^m=
zJU0uvWnBvvDjKfNJAy@shJRD9n*nsjC%QP{FW}f4a5)uJ*{v5y=D;L@=mKDJFSjEK
z|CWy=fW$o-ZwnHsV4Rg9qw#dwQPX981pl@lu5(|bp2A@oLWYDoRHC^OD##UE!D7x@
zoEo7fBFoEK8UP`@WjicOKJQN!9Ub&AqE+W2s!De8Sit7?DWV*b!viRFf6rpksIK;W
zx15H<yp!@^l4tvY&4yMLI~H7jkwd*_vu}nA(s>6+QW5m0El@JY(=65Zed2<`d^4zz
zfxlI*^2zE69(j1&nqsdeh32=<tC-i&aDb+Tgb{Ikx^Md&fuVMhD<49ucxS=S@7=dP
z93JXcU`5@^G4`>Sht^><4pGoA;F1nuVFFNznTb{V7MtKr2ZNuPd2Q9qasFa6wTUKr
zWxj|cN?P}g9)!X}Ae=c;B9Iz^^xhF4c!iGD<DQ^6)!DjSn0JKVLVruHrQOpCx^EXV
z)k8&d7nyz=_u|)wCh29Fxlm20I=6u7Z)1nR)?j(u(0AFHUh0_fiHUc!>;=^;tQ4Ju
zMF>iXaeEG8-q10!`whbKTmt%0QUibwwt`(+bs$*Rl^VBLX&_vKGPrCKfJL)F{d8Bx
zfOb^ugDR|<yd`3APM9!N$%-~4pdCXc7FjLTPHho_2Es#jz#8cj{K!4jP>AbyVR$zm
z9OJlG@h$h4ZOwv=Mfh2e=JF$2kfmFFE_vj;@>KC2Irly&hK+9Ijz(*SbrD9(1wt~A
z|F+~6r{z%YgGy`@-|lFe;aTq6)3r8?9m@d8%Gc-B{pU8W9U02(UBWT+kZc1-_f${T
z+o>~~Pjt6fewow3jqo}X6={=8K|0%Q8c)d-JoGq2;^ivNn*r(HG?YREa(D(ztyQ1B
zQ%vF^D(0`&5Ustu6|~gs(bB&A9E?Qz8#_uqL}W-GOAS%0vEwknZ;Frtcw*Uct&()j
zKfW||0TBrY8<Jd}pmP+&FxS61NaKo`K&Rr+K*(&!;3DL2EF>PzFfmD5H@RV0-8y$J
z%<DQw*0b9<j|El`Np3+iA0cZcN24m0M~1dcA&wNS#!o7jiSO|kTu^!TfhlXFWMERy
zN#t2_5Z;9-y(cNQROX}@LEkc|KvD?7@^2>eWQH6E+VNwBNyusAMS5$oT6U~Ln)KH?
z@IKtoJ?-f>?ThbiImHEJ?klcJ*Y9<5Lh*1LWegFckYroxcPK-+!-G3(eBUdi@3oHp
zg)Fi~$7~LW$guBmpX=D2QzE<iY)<!?I;UNK3-r4Z_o~>W-U=LQguFt#!shBU&ShQ8
z1%V<Xqz;BlImD}wmyTpk<gA_?R^164^d{F4PYUPyE&t<LZtgMqAy)i67pj+vL!4xD
zRfAGgA_Sf;w~tfG;sP|7oQJ>Mpuu{z?va!RqIJoj>{eP)?C?Mvb<y5(x1uv-4kwzI
zG0Q1DqITW@SBlZAdLBr%y#Z%uD~XhH<^|R_!ONtI=Kz|k)ovmXu3Fl|@??D?`rkxi
z6~*wLCM?p1BaT6v_C9HFcWPli(oce=mKS!QOvWad6uAV*ey3~B`JZ;Si>%b3enU-3
z<&RYDNB1*7z3j6KdEN&Ci-|PUZj?L8e7c~5{zEdvOzfe(+rrd@DC*7V^^iKl2mAp)
zgKs{FlFcj}d0n5x7~a7JOAc58)+@aXz|}zglz3SGn9fPZ4bCZH!Xucw!_16_v`i$f
z-&%m(OSiI+3?-e6#Q8I<Cw@?!^T#Tf8L2G4d)pn`CaO97;CZr;Kpof0f^WIA!Aa#m
zAt@MhA@e#1wQR~|V$vUR1CkfswoJ(!^aKJbH|;`MAedQg15W}aKJ?}O?$OIkfNeu>
zvaI?|BVONaZeiHA{ogV)x+2h(@J?p^06O3bN&&bHz0^#Cx7&hw`!<<K=W~&#K0Md|
zezmEY+1lFL+U~BbtgMJg8yN%=1Rn%l4AE1;!P+$UgNBC8da%3uLfdyk?gl4E$HmR9
zH`F=C+i>@X2P2a=AF=x)+bY%-<c%&pD(to+I9??{YJdm^5hJ4^FjbRMQklid%LTGH
z@tRTwG-E4P4)}SwC+2VKM+bBDP46JBm7x0q>qH%TPnQcVKP7)MT6Y_>IplFjAnMmt
z9Qt$U*P$PqR&V(wX5;WZGLz+CT}>#u%3%GNmlshQACWmnot%uwpba?B8KSfEBM#M*
zJV4$s5bOaNvIu%)6X?h)$dO+_Bg?=i+dwDpz(w|fnS&6MiO`ah@XAbBWhjVw3SO2{
zaTU8(T7!-t8WujGj(%T3OrRJz`mIiAFD}T2B86d+>QKUClVh^Lrclrjx2r_4pF+X>
z=k!D4jV9Bt5xT_DC0c97)tu01NxVFMEd9z<us8+H4I3^k*$jfw7uGXY^xXn)NF(Lq
zxMI91*tVt-i0BxF<!>!j8WeX=4r+s@P|Sng^EY0G$Nom<c4l7I_?~)Tde<U}j(tfb
z^@w#9S5q9?@Cq&Rw&|a0a~rk#*#6O!c_x0SB}xiN7xj5L44r~a;MbiVhPkzs6KzYf
zl}4AEKz%YTg!ev*+aU$H?R;)<a&$No#tu)9&ks)BH#j*uFm`x)d^+<dr*3_B(9n%e
z{b8k|w|X-hU!obr!^d;*iV$fbFl6`gLzQKa^%!qp0ZQSTnYd)d$6(#ZN}qY*YJoP0
zC0$w>^*>E=qt|`!uYUe2edg}uGIwq`-0-}jAk|-Saa4=5!ji8*lB+&X<S4xvy&4b$
zzHk@*$#@Hg@sO+$3k#2BfI9-lId0{}xoV45u1M9G5>X-8Ir%(J8K9l$jx##qu&q)U
zaR7nwV}#QKqyljY$tqkH*oriDX_krU-41u&sZE0eDpRNh{gzIUUj_X}W>bCkH%&CA
z74#}MtV_s<@#E7unM;cw+)_U!p|s2u#l9-K(#WEVoAatBw=yb&dCXz%vMPHSrMWDV
z%Y2h-u%rM5CIEpF4|tLQB8DJ<0BjKA1H~#=WN$Hpf~py`QpKgD#g&v9f!coFqz^hZ
ze5R1gdnGnCY)Bh3nG(0r+GvRsprb{V%T&}LGHrz&hWTJsPOR(_9C<)^9pCvOL{`a`
zbbq))?nr->Zjde8o-+pJOth^@s%iU+hjA?`K8va3+S*1cx8_<$nysdy%_FAar~Ci_
zI!^)wI+S>Fn&>*<??koJ#UdrTi;4b%N{RU$m&fr!L0TbqvN&F@kW#c4PwHFxnv{rQ
z3U3kcW5OI}yW9P_XL;6~r4p^7^Os&Aw}`b~(Nul=cA)e0tcMWQ?@1ZG_DbsM(n@b>
zry2A-9Z`<dOHb?eWnEdCh%aKh?SoFw8-^iFXg`7k*#x)m`TJ+|`|6|=^>iWpd3cq`
ztvz>y*3+G>wcA9GjIbX?!UJMR=%oY@7$Ca9CDPxPHPxB|#&Z*h(ePAQDF8Kr-ol>%
z<u_OnU4>$LBOK5vlMiKslEYho$P__Ut~knaXk8%o8-Rw0o?7uSehGJ|gR~r$F444%
z5*?SwRjQ1(*1C<<2TZpl{@a(K=N*G+3cb9iO6m_xc!Wqmlt5bNb6%8A*S9dCw~$8<
zMb*fuDYPn&VJv(?uoO)&mZvmQMsR|lJ!A|wo}?{GmbDCnxMS5i#NW$emW%OcvmLLV
zg7dZd-tD`(>KjtQR_iJ-O4iTnN^30Huf+Qv54{JJnN>Rf?tA~MzW2esx8HqG{Kn7v
z;n!bA55I4QJmnVmxKUfxbvvnt?d~vHp2eF!=3%_bk3O^5l_%m!?EXYNhn(3F`+tQ}
zMB{e1S9lkc?<jdwo1@!Al)O<J|8Nh5+b-b<^+V6=k9YU&|52j2VE2bV{F~q5S=@c2
zu>AJ%*Ma-nw>@O=h_M654HvGC5QqaYdFKl+d@dZ(p+iO+5){+|_o+@;;4eG}2l`@o
zPHMpk4zADcWPv8R@$xn}%$XxcK5JweGdMVdOu`|9--y9!uQ8;|@(;I3KHLdOdZ1v#
z2FJsHP@~2Uw*d_rGi1d0@qwX}ff;>5n|gRcRand6MTE5z3x`91hi3=G;U^Xhofcs2
zhTG8TlWL^J!P-j>PK%otH7;7n*f6nJA!F9aXl7(e9*co_aUsjwB%`&kq+(ozt-M@c
zi{+Iotx}C0NA2*=&^y16=5<Ik4%=)twbf~otpO;osO3ZaZL=|^<&m4?zK_3miI6M+
zQ~W4$qC)Uo7JqdRl}gQ{zS>8tJaSa`?8uSbEBm=lZ~K49ebvUn`zh1qW8m+`pT-j<
z*{u^r6cPft_|c5GaDx|Qmd~tfCGLV|83&GUr$+K(+jzD!2tbMs<||pta@%x_^0z3h
z4i>fb-+pM0zK6g6$J6fP?-wG1YVILvTF#t@V<lluvt8b5dP2RB442WtgLn)OZ-K+W
zVRCRBya#`|!EJDt8k`1~&EPV4OAP+QV?2C^!{9nO9Os6=aKT&fmJMgYd2rSWZt@-F
z3tXm?=~gkMYBZ9;_{xjBxC^}O$`1TI-O(8rrt+4|5;MXvm}{@RT)V~E<!Z0UO{%tP
z+@rWf9!e=Aaiew!J-ESdf8O?VmpM#7%40R;i5^RQc8YL{j5rImBdNeG{j#!wQG|;w
zCkWU|P3hvJfumKviWmBQ+(^f9q~W_;@4dlVF4{#V<F(3rccZr5GX7$G0}h${)yy6N
zNKP(Ik0@7#U=I-dJf<7Vnr3NNX%g1uspzpe&xfZwP6L_>qIZY*l#ps7lY#!gLeCX7
zn{a+ehD3==eJ{@|hdD?pqBc!+88&lta`Hy))Gk6x^`Vf|xvzEiK81qA9nDjYAY-!p
zDn}>h^C9Rxzv6AYjfe3$e!I3(5pwqm6<_;_t5y}EEorqTm2ROZ;Z$WalN3Q=)K`D}
zoy4fWNjVZvQG|wMMU?QM<OD>z=aBC5NBXTNpY5JbMsSU*O(j;7CZ0b66GA&g<%-9U
zlu3qBy^Jm?nb?A231cAa^IlA@Ayg#HwvO9aOsv|Zv|)Ce%2UOZEs;6|9ikEuQDD=j
ze|m=l5ho&=R3hjZg)Ge6we*!YxAl_SmE_Gku7V2E47a8|B&we1jkQ!wtf6XQ4Xk~&
zOjq7T(o@Sdu2#cVIhn84+*gU<(zF$9-#enEGiQ8@mw6Ze@+;mWB9hOWZ<ys%M?PoZ
z&djmEZ8@`huHe(`TZoO+C%US`+Jh;i(5nzsDGy(~6dVM`Etnc+ET!reOO>y6v3SD~
zX0J!q98s9i?J5c3?xGk%Uqa8j3%9t*{xUagbNZ7T@4Rn}C2o)VsQrT=Kzd+=0Sjnh
z0(qH_aX+e2wc4;+Ak6d!q0hQs?s6C5hJu7>-jZJ6!XGQxGqFF+G+C5op>$!KudY+4
zf^^)S|BSmm{AbYh4f+mr(1(anz=O;S{SeLAuwZhXt`$tC46i}5okE;ShIBMSR40)!
zhPO@_K12GJK4ol>suPX5X@VhZn&)t*i-oh!Dv-Ra5gF@rp|M)HjHzVdEll}jVOpKB
zRgI?!MyhHtJ}!l)>m_cfl&jSWlf<xgT46EKQ7kCJ8U;yJir2oH*93FV)2r^pBAHaQ
zF^fnjS|-Bd@ac@<TK@Wp_RXsOUbv`^xnBH&)m99)tsK&pSjGAZ#qrkAmbX>QO4@NF
z=@X!g1=P;F+cJQ`3;JxIpu2ztou$8#KC2OaBs|an8;{t)0db~INy-1)6$%bwz<mYy
z-p%dp@(9{M-Z%6o;TQT25pWyt4g^I>I5&A0(Y-yC|CaHd87bL~{|D+jBymCX)`;kc
z-7)Xt(){nnUufGPg@V87g_Pw<1FtD-)=3Z!gxAnCK~kU0u*j@dGw>KBlC0IJPF0N-
zsizQ2FtmEU(7q&<pPfV8<%bU$07e;j3(GjxV&DMaLP9YP>#;(YUR^4+gZsSTLJir0
zH@J=<E{Z@cu#f`>zrknNK-HkZT`*%t2~agI#ma~5;Zg1IQ0L|a2RlvT0&HQ!q8h2;
z<9E``z`T4lFEwtbixhpkr!0zo&$9)JZclo$#A?u~K095jM>x^aH5SRF8dFa;@kE6@
zC&?em13A3WxEgmimJm#%fCNb+h=GR(m{@|_LH;xA5!zZGQ!ag#9UwQ*XFDjM2SrIe
z5b1z-m=uN1<pdzW2}QEPY=vI?Z3z+0vb+nwZM=1S_B?!E2v5vVd6|}3Gs7gK#7p9o
zbV=PQ2&+5Gb0tN8L2_Xt%av@=_W~n76=6Y&(RBDO*H&mo{?zm$fOl;vv7{Y<Jh@P=
z6G<YeRA5sVg|AL74{NPs%CsbmMB}2>CZ5Y*a`S;Vk14hy(T+3Mg^b$igHjJmK=AAI
z@&EXSR8r+jzw$+PkfJwtar)gto~ThBhs6z5L-4zv)g9P`(gDhg782e3HXS2K^k~}~
z5f10CQ$O{&k87%osmt^WzhX5*s!WdRP~Et}{nbz!9(G|TcGxamBg;=ZPEEjkEX_l+
zWSFdzZ!(Ph$~$CLmgO&#8i>;r{X^|)C+b%%GnX^YI~j<Rm|b#f*C8|?J8IA<Z)#ds
zr~(j_us{VUAb|!vDL@h-m;kZDrKN!+GBDI<%%P#CUW0-*C@VgSDlqKfTwyRP&@SU`
zgY>Lxnn2WTADzz7xo!6W7~n$UNC^$%2ydO@yxEbC-@1_gBlO!EUb>GTH3B)w%V!G=
zSzuX5rjBP`X&TAalt`l9^qbka&1$S`7+HnvT_=d-C-wl$fyO=<o<`<rybHhbt{&ZM
zGtU5oe|~<L*H#ui?9_>&I@WwuKw+Rk4=Ti?XA|~?X4VPkvcYQ%$qas>cC35>S*+T&
zY*^~YjVv?rzd$5thZU(BSEdWb$GpvE$ttz{J{?Y}*1m4N1mJ*r6Z-XTUmSv-rl?N(
z8Y^4rHdDleWT&GULazFj(4~>)6;TpHn&)i|%s{%M;m|xwsRyK|e5VkCc^M*)ld6$v
z9J<^)HKno$ewXX+#&h`Az`|IuhMYJ<j0!pf+)l83KRyRtW(gjo|M4|MBI<fLiQ~H3
z<=_o(IVi%K%9d{q3kme@ehKgodC-GAkVl1}M(JaabFM)8<+>e97`#n99Mg7Vx;2I1
z@>8aKmm_Vq;m2uP<q0ozD2!PQ`sdQQU88^@J%9bX)y`fqXFQF+ESJ)BoU-O^L8at$
zeupD0Z{u4slnC)^U=d0$?^I@2iv@bU`cBn}g#_d)$9r&>#NAv^Gf}d1`6{6$#qi$L
zF9!#Cb35Ed%)mffdj8z6>D>LB3^mwz8$ZOt)A$%(h{wb5D?<9@XvI4K#l$RZ>Q?+X
z8X1B}pBB<BJ-JRCW*m31-OFQU+eV9-(Iguc0N#o|Dmv7+tY5A>CO~9=cxM=T{ywwY
z<K}*<`$M`Dh(d3}%v0?&euW43-9a%m$`Ian@9-XsbWmpAd78irUreW^(?x5saLH5_
zG3(CN60S=mEuX56kNI-v=dm<LtJbAku$H~HlD3-n!#Be20H}+;ieS^l!|+t-?v#`P
zsPt`h$t9ZsfT9BfQy3%`i^T%LSWGOK1_|Z^1f~p54(B9kJP-sa6oV*f5HZLY0suf@
zMqp-E6tIXhky8@vFR-`Wk+fC$dhvC3)+&F;r`*mn(4mk(7h2cZlcQG9M!(LqN7?G!
zo7GJy`5BLD_X@;fShL=$4OW=V4deyijc<7Ht(jhlW5Nd!g?0E;FSdYcAHL3iG$ai1
zDZaJgh7r~^EQO_I7MpJsAI(}XKJqd2sB0b{8DTRYpOQY_9g)bqh?w0k^sF?EFpM*@
zsUG-ed-FjK`*8gDO$mQh#$D0vaY!hnFS!<Va3vY_|86U023Z+!Tz85*K*k&|g0-a~
zrtqpEYbhOrsS=Vy7|e&$QGy~`m3yAWx5a#Be`FYv8w34<AC1^pBf&p3!O|fAD{q$*
z`C;uB_CiRwLgO!9Wf1uv20gi=)=Afg%D^{G>Jz=Ecv>xPSy`EWp?JfmVMn#IXc^If
z+vTQe^zT<tEbi*%=9{zaQqhE~KpD^B%IS#stYGeh{I?Nv++Gzpuc~+s;hPJ=<Ex{D
zrI7C3=9W$n&~018GTWUFn@|uXeBuXQJWjVNQQagw;S<B$8DMD<(UL$?lf{u<xrq^m
z<G!L;Z^Zbcem}a5s)Ktz9{E^hJlpnS^I$csWnX=P#p)!A@+)Pw@*V#EnmQ#PNE7-|
zCiOYj07#spesm`N_GoxsVg_pvqh19LB$kcv<$!Mrpx;j$oKp!t>e70_cZ5KBEsoA{
z#0TCBZJ-!}z_=Uj%Hdmw{U@ZLN6!Qi*(YU*+(TLT@z*TRYPAr3lIiAi$gy$Q9{1g_
z%JHYf&%1ro;{L*W;B;m$6x11bElWgWybLR=G2A!r?x!!P#|JPkoEcg~J*hT;Gzm`!
z)2#dFG+Ukpu(`8^sIK3HaI@JCdKmvgKI;ZlSRykv@;O)%SV*7fbtbQMr72)h|Lu@G
zg)Dv(SkRdVLV_Q_k%6IPN<zLq^^}p#lf2{IuA3A0EYFEmb%T7!VjN*o0}aht;XnW>
zkQc_!6r6KS!4z3Q$}S)arG)`C4U%RIc-IcM|A1m?PJvR#eD$qq^hHczF$h)}WLKSa
zc<E!WcS%7XDEEq2HWbAB<_;`5hb-gKnav~W<2@+cjPh!skn#psIs|}s>_X-NWGLr>
z8AShy$lUcySckAo1b?g2yj_HvAYUD%?2gIrOm8hYAf-c47=bkS#1`xR(uwg$&~chc
zxlDtO11s(cn;L&d_t(FdCCkdLNF)Kd3``1QnI`S|Uqi%tdAGXA2zKSesvu!p;Ezl|
z4j;^%L%W+piOq;-DDj=KId;S5l?N4{kV^j*3bhlVNIVkZtz>p534qjK#C`nEAHGp}
zgs=T5n|?+M%ENbt2Z3CNZ?<+IkMAppaTR?1k+rv~NsP;al@8}#OupAEYvO36CAjV=
zRgCh@%3NJ$5x(wk;7!PbS}+=)kC1>#=J)v?xgQUf&Rgz|3ie_1eXc~JUI{o9Y{+k{
z^L&Y@BP;5+Yb5*_oDe-?^VH<uy4LV{g{iMAP1D(f?jnCcK8lSiQMUsdeS!o?K~8d(
zYFPB}&Uc`X39Tr*9_dV^2^42SNQ)!^fZZt!Ada3PzVguVr>jSOW2NY+umlSw9qLDg
zb-mE!@eZpEB0)7ho%UCrevgZrITl{y(Nb>;TLnc@FLqCYyGY?t&A&i)5BpXbDFwAy
z7AqG$$RZ}@YpFS!4^7#P%^diU&KDEE^n8j;iE8KvC{`dubcrJ|2<VBvusWJqUv-Q>
z?v9gsMb}ws8q<@UZrumnc}^?jwhdglfoYcY2<l8YY-2jgoj~Ya$NYvnwHq7e=x^K=
zqscuWF^Mn<)d|*%P~sXio7`vP)+)3q#>qlV4~v!HG;_kDX&!pBcAe)SBmtuR-u5wO
z6fek>%E~<J#>N~pQtm1`vXye>RLCt|q7-wyQV_zRze8<<ePC>d>LoAy`sYpV(Zy2f
z&44<>Xb%mTeZM66gT^__ZOSX@)fBi#dM%cf`if=9Y~<}TM>>x})O6~+7_)>3v0B{w
zejppHAz^*dsLRiN;m>^>8@CV@=nWgt*n!nYn{EQEK_$VC<T$g<-wr$`%<o_(R!{}_
z?zuG_?bWvg?0O<+eX7*Y>nop%1>aquJ}?!zyqa*nlyG=Spofj~d=EFaHLZhfuZy(x
zU0LhJ`Y?1S?OS=_v5$30(jz2f(M##~_)&Lm`}*>cn%$d1C5Lyg#gjl3csQ}jNe;c#
z%kq2z9EDXm5)r|^Iq)O<$h<qMIS<9#*GZ_JcT1=^_wjeN4I#Ww)ya;>%Z&U?-`$!^
zW%!*ie#$qui;#{fD0dG}g$@54+PT`;-qidc_kiE5-?_S-+LDNYJb1!Nef`I&2cI@3
zcpUcmj?7wQcbqD=fXL^|jgzG(S@jcv)HTZ5d-B5bknZHQA7zm`>-B)R2a0<6=I#gZ
zpwYTD8(+tl*niKF9|y)ECBMe*q1Uhg*s5DfGI7rQ{R5G(5a8b_G#qC7HeE{Ze;wOP
z*_U_XOOLcj{@^|EH~yk(IzOkSW{jRO?muaMQ2FPZrl7+A&aib#jn!RWPmmHZz*zf)
zYMgpP93fDSQ5h<d46SZii8Y=jO>qfVMWe={c&e>}Gt6%_MG@&1Tbjd(asyR9P#ZF6
z)5eLPluk3?Jx*rIoHnDqVp2A-*l9E@qRu%+9d6J0QK=ue^CM;*4z9Hgk|q_GH|Mv0
zq#C}oN)fNpy!M;7?k(jhX+Cb0AicHUP*+4ti%iSF>K`cY|GTbEe;z@#%R2v`JbZhs
zo!&K!HoPuU)S^J6hhhB&c;~PJb%m!+1V*8$sIDxfVdwQ~ij;WSulj$XbIay8dj>)&
z0S7g-AJ4cit*aSgHbKY9q=Ker5RfSKQ%53^)ei!v2kG^uNKCc-#4YKVU%#ahrRni{
z;aHb8O8O~Q4Pi}C8F<&PK=bw3@7hj-`MU^p%8ap;iwbnzi0km90b@ti?=_sJ19@X5
z#L4ncaYexVSE_-2WE!<^yC@+j@6v5V3`X8tI#4o7Z6rM~I+kyR=<<O!Ph_In>T+wq
z^4r+21Iyf#1RH$@yN?>KUsJYcUFFnOoy{7Q`+@cy%D%sOej>(sX^*%FH__Lb$8&p_
z_3tzONC5_v?^Mczx@onGUP_*0w(S6#2QKq!wDmhr`Hqzq2*=yuoWW=Feo!px@pe44
zj=yVi@%uO3`GajQE|OC;ZF<PC^l|jN)DVgmg`t8MkQ8NG85X7A;)GQR)bB<q%Gw*b
z`z9iBg6~25jhasVTn`f+Kio{V#NgJUWS{i|K|?lw#eVSlrl~-f{k-I#Q^Jq-`}otl
zA6SWcKjk<CTQ%aZYQlkB`ji}gQ^lFJSihrssK}U@Qrm-}`I9*?TxOJs^${}tQ@&d;
zhU+tt(A5qyMs$`+WE$OD|G-eO=<&(V>@v;Si8))O?8K~kVSwaXO&%!R`*v-ds#5yx
zN{o(~QOnr-j^$mMHlXC^?>HUHs%Y)lIMbxEq6s2J3j|?{YiFoPP%~fIWjC3o+ae$>
z52!4?x_3mBs_*q>79U-XQBQozRe#bC^nP75k~@jF%g<9*#j4O8%&>M>k*wW{-`drM
zwj+^JiqGTzcw(G~x5yi-xRLd%#)E-sUzq(cbNaU5W)c|uRc0B;-zVlP`UA1eOn)k-
zaO|(d5_W&5z9}9S6SzBxv9?%{9RJ7%#v=c&%BJXP+D}#XeGFDw)2E)3n6YfPa=TDr
z6qRWkXPY&D6f>-Ef#<?oz%Gva5o1#tiV5!%hw^5{HURHN@(++tMlPiH?sd%%gHg@{
zxupO~K()WND@7y}!Ov;>0K<Al7B&XIajydhGG35T6IO&L@{3qE1@OD=g;?&Vympvf
z0)UjNWqod^&3?dzGAylVI#K}+PsM5-#n>`?rkxN2)&01?%Bc^Q;i>8-ad=M)Y({NH
zYBZD|d4?2}VfETu$hG8^^*5jVr*)J0mmx+j-4^#3eb>QN)?b-7*ubLq9}!2hAUyri
z^>AX#w}JL2mA#k|SkI<?CoNj;rB*1)FD#b4ou&|4vizIO6bS{gkRUGMXeLDaynv+O
z_ZIn7Au>i?@%pvxma3w1H+jGt+}EuBYGQKh??MmNBOk5tCTqh#z7Kcn%Rh~VlAd@U
zZk0QXyTor0Pj>A;q3_bX)E%ne#~4SQ4|lTW7rCPhLYGtv{a6FdL&2YtGUHEDM^k<u
z+O+$&ZDu<5#^~gSYP6&VC4hZ2=W1&<(8p&-Cs3{v`Zh|l9(;ZP&5g{hZ`-taG)jPm
zbUe&O6#PocabLXNN)k(8edaAzSo<|{*vvWK|8_L#b-6%2rP6mwt*o!5a8a~91oJAV
z(Q*3Yv2?hHPZ!j=Q@h@2f0izjcu&O;Z=FxOUjQ%T%=V(lj9~j9`qW_3XwpATSk6^#
zsggfHm}n2@+^-vp(x(qB(nEmM{G*$4vcbO!%OhDY{X+ra|A04hx09mpT@cg%cC77)
z&fKGZ_O^wQCHogQzDu7?htU|8<K$Dp?KyS1&5U*tG}3Mq{<kjI*l}%y48%9XHwB2+
zKtu8eS=WdWQ+mumr)RPvtmM^1JXf?ZPT3S|=gbhh4~c+0rWFxcQ8SUh^%pUHRjZ6W
zjn5@M3)K*-0Uq}<*AfYH>(iK%3rRVL8A?ZRH#8f(wa^_hdP^^?+9mFSwk|>!>yimR
zb@{;<rm&EGJ-~ziq9}c~BSlE0fw~e~j0~XO9K0*ZfZhNIGzR@4BXtMQRe~*KI6r)2
zGWx9NCaXmMc-)o#MLcC_@?YjLTcO>={~~m%!1X`xo&FDP5xPP$A_stGzZL*-UpWPE
ztx%!>%PQ^%c!#}^$26%<s~O=LtIT^wa|I8wTKfdncB^f{6vHFH4_sTtg^OZ^14Lmc
z^riWAd-ViBY?CZbfifiyIX1vK3DJd(BW2`jYVeL}G7a^x5U`k}0gDT$l$sZ?P8Iie
zFt!$oXwy3X1)zF>09qSPd|v(rEO~$~f7w6&nz+BU2n=v*$W;a^r+weyI)g*fB$4WW
z+@iehI;_MD`(g*p!yiV~77sWlb4!U6vpU35i*6C;LqWcTjEN1$qrWW<yMFyOhG!iA
zk;=z`9$Ahd{jb$)T&^RbUJxHA@bEFOLW<_6hSLPFCv|?)42?<Am#LC9q(EW0ZXm_;
zg?5>te2DF+W~z~n<#UohZ)etWGd_F+L`>>0e~8EooMh|M#`8O<a_qfhliNzx?P8hk
zM!h>9U1ANdKzz_Gd_UCBwAZAP*!*5Krj!m=ZUw$GtCCY4XR|c&VX8}g;9>x+_F3F7
zrmzC*|3x478|U6q@3<2e4NPQ1#67fH-SOizX#En3E(F{l?p>i+cT}z{qbBSbZPt_E
z{K%n2LPtQ+U+DUCQgx0?i&B_S85|Jd7CbfPdr|E=7w33#1~Uvy3|i=d`af~6jYPdo
zE~D40c4PX)0-ciV8Tvmio``Y)TyF0@<r>xki+f?<v7q52E)Zp)W4g8%@Q~AV=<aKN
z`}YCy2s&^SmmRVEM*nenTAp<b7?_tQ%mA>9;H4t}0b-0yvT*vc1VI#c_I(q>Gp3-F
zwjG=|(wXE*-IDFn5|9gmZ`^>0mH4nl=m+{ki=#4D@WCyBInaX&ePpUcMXpuUT};!3
z+Jzx=xe5^nHrxWE{@?sh&cG#=am$Apc!)2sLI4Mj4+2yUBs`eBXH7z~(pc_unU386
z#yl+b20nZ8u?+)S$H4V4s5j3XE|O_Twr{qyw%o#-GjRWT(I@Jc@%M2_RLk&Ys&q4D
zg{0@XT^@602)K0@oA9dxxk{Z8w#y55;x1lspDLNqbtw8bf@PNUv+-9#T*WY_N)aJ;
zE`Cmbb)HT?c|wIFFI9?th@z#Y!M~UIXQ*_F6@GSFrZc)V*rNK`SkS)zx0OZ#wa5*~
zG+1IZYks@76>EC8P3!EG{sK<G#50DJP%P>f*x>a)1w6-B<Zqxsz7BLC6}^l-*rxCp
z5v$;Zjj_s8R(~0@vVb4gT`yI<o0P;G@Q(Hl74*a?e<W3Bh3^a+xz#jSM;3<dM_l-+
z6omMtjCLw`!-<z8k+$>D)@k}INJrH_!-csPq)}+V-45*OANyuJ>o!tEMH&sjuO(bH
z^GNYAL!GF<BayaI(Up^|yg+_Ds}Lbspxn^+0?YG87L_ah+$8M?YB1?^SZUDz8ybh|
z{nLSQ{`Tl&KN4nB(!D<00_j76kQ#@4NwF{FyC@VExDL=vrgkQ9Cir`^D!yvqnH_2`
z<Ihg4ZlFPZ1VQNfET7sIvvJ(P4yX02RZNJFm#FflArZtzpq}bA7IBejPWfCx>DplM
zZfj}PakSno0xx)}=~$TB@tL!BA@L0hAAG90qZFe*a#)C35etC=6nm8whW*h|M+bW*
zMagh?=*Msq$sthF@gNCG_L6}cgNFcE=cFK;Ln~Nl%4l$*K2r?hO$T-vQme_K`fVi&
za_A#^CDov2VB8QiydEM$D>4Fn+`++?F{rTIGLGyVVj?}M#Fy5=;~$2~gTs<q^2(dd
z$-Oo~r#ts+1M>WfXjafn#R5}%<ta3s_>~NKQqM}<wlb#=$4!tn7xlCr-;vkD!5B}Z
z4Ic^a^Ljm0&H8pL%X%Q%LYU@ex{lj5f5SgQl|{=(S2zXh=V6@Y0AF59%)?v5%!p;M
z`try^MHmnVKX!|W1ia@xB!Nb_^yGc?|4BL#DgE(78DfVyA}S|%Qs6Bk?kKc5;iU+#
zg(zNpn<@u41&+B%K8)izd}^4G#C?m8Icr6twW9hD?r|=LuwPfCJh|BmHMiYo=#^Ib
z7<CBW6rO+QE;_VUA*uFER?rylX+?D|o`&Ri1lA(gaubM)i3)kUArH7S@7OS0f+F9}
zI4Ty>h=R5dR)wIJ(JV0{cIZ3w)8MjA5|F0(nbav4+K&KHnbKeJyj@&w1ArFhR0}RC
zYO@U>*aZFj&rhP175y(unFF4<tA9T@jm<-+``2+|$tpq3`Jz4vwtzB@xfjW=4lT-=
zd6fVspzh(tw>ikZ3lFxD^@GTHDZ`mxMnVtTb?z#q+M-Hso~4kxk|EG{CDq9PUImi8
z_e1*`yW)DCb`nH=_Kbt0q-u|wJSA({s`yM`jv_u=KSajlUaM*PECSlkJ--sLcwSm-
z+@c0QZt(*r1r!W4up~@o=CSUSlR9AvqR_ZqQBj-MpRkZI_OIQa_&qv;L(2uB*sN2k
z3*;%fv^4QLO*Uzn1WUFGrrhjc=@eNSlj9;>LAE_XyQ5+xA({RdPGdhtq4A8~nzzh|
zVF2;hljzyZY<GZW5E4iM{zhLcB*J#jlJ>+o2JJ(x^gH+MsTpd6?PBeX5}003^tCTy
zP|$<G?s?-$VeDQ8Z^s{awS)@dCEQ4!Pz4kw+(EGqnr3t>^Qk%)ankmH9`RUr>h8u^
zIYpfr37%R1^yB$G;1$&Zh(+<Y*LgV*K9x@vH)N7nA-<%*uY9Qlswu&=!i#9=WFgN0
z#GqnCqPH{U8vb=g?Lr}4b-h&m8YBy!exWs5>jc3@YK&5VP-3`xAt;6wi#4p*9<K}#
z^mhf;n#D(TF~HofH>|<N^vj(E=(#W!y5f~kOF5E2%w1=5Q)!tPJ}TtpD;C&dA9)de
zU&|uI&LZqH_QpZgBqlZ#G$DyRE>QGy(S=Fe>==>S<UMkr>C7Ix|5Yr9Zz&E5J48>J
zn6&;wrXv3D>sac?BZE~><^ku?VdZbm?QTxpX8Rc#eaK>2FHRo_@MxNk!=x9W<7#Zu
z3f(Ev6$cpM13lAU4-R7HX`=fKZ2PvWjPeLi=Ktz47HV#aL+jZN`c*8%O(~F924sib
zoI<1cG4bhmz@gkw?D;34{o4X~Od0o50pkN?dow8z|0WojK*}0|+iSe5fgLO4QeZh)
zH|*ft&~-K0O(4hSdZv4=pGh&I7Y-PMh6fYSt=O-lnc@FxZ`Cqml#k^h;15RRj@RjV
z4|Y5uuBWaecIVYl7=iwlL@a|g>08jG-WQn@E8N!u7rg!+%XFzy2kKgy?R@y@n!Hy$
zhVie&Y3rg-c3$sG-va-@(A9~d18JYw@^;790%slZn_5*ZXtUp{0p6Zx3HtXse{#!I
zTr9|QD;_5uBSnC+#O2D}VEg{HKB+MaBLsVc8_?p7mcQUOoTW*+NTzuD$kn^5!o7L3
zF{|y2YJD%rkEX}6gUA<<sdC#@47j@B5EVXEs-*-Ka&aSR!RtPm<{v=HuCI`J4<!9C
z_56f|cic_7zwv?K=0J=60z>6pv_l4Y$bnH2Q@JCpq|jYbaNQ^aX8<2<Pvv?`3JYA&
zTPVNz9!%_@xiVWDBA!$rYoaU&`+{iTX&+W<qEq{l&ly^jw8TjKNIYV^Y7ek}I9*aP
zY<SUcT$^bfs0)`T1%B6se|N<Zx{B6US7E;DhQ<3qtx9JX7PBWF8kAW!fKn^}gGD1N
z8p`|CkAv99ZH{Be(*ce)3>)lOh^T&wPfLCv0vjtJr3{Ok4e!h`0&?Kf9p+W!-=xk>
zlq{r1+Q2NlRgAIfju-|rDPyUy%4n~nn7u0+0>mda)<PA5(G8OSULZ=SfEagf19%E1
zM`2`VmXEYHi&P6&|A$`-D+fCT5EtBpmYEdjBcMJEIs=fZf$i;#t6B>bZ&+<s<Gn)^
zm(D+=g@T@?sfG2y0zBCj(7ta@A(JUUDJn0SRR&H;v&j7-FMe<7lKTOxBBX}Ji=j3t
z6-v~*ply``Zk(+g>m9PeF659_(Ag}|`tC$gznT<04gRhcQa2CkFUREoyD*g2=!L5E
z_v?lA!+06g<k%vA3~;d<5t3^J|IU7>H2)h|!c8YdM`X8~+=sy}7g026r;-F*xIwvl
zq%9>OP1(Z;zh&l*6FnbuZ7tHJ8$8<$v9U48nA>64BzAOADkk_CCSAH#xuxso^t$3R
zjdBz1ATB7U?!poX5DWFosG9kJDxcU68{0NLH<78XJ+}MpX(;<%sJKPT7cRFc<%8&A
z?Th3>>p6KfS^g{<*lpGg;L(|X9nOM29ZgCxxXZ|o<A&F4eBD29QH-n4E}^6tok`4B
zpNg13+0JHCCm$p+(t<Jv=^Q=L4{6|9+swux{s`Nbk%u(eg{5vTI#H)karx5zgd+71
zxs`tYU)?A-ksSET5^USD0aGas^SY4AC>m@rPEgqh7oCi+fbHb1m-BzPwu!H0-Gz``
z({{wm=1}+ZTu3hmX;7kg(DIZ0u9;9J+(Hjzg3VjKy(!TeqNKOwLcponTcUTFr!ry@
zr{8)?4Qj!EdVX|mC$&zTK4??C#%WT|r<i6^H~Ir4RMlWAuj6*R-mmRK)7T~5{8e*)
zY1eB4(<02(=@&3<$92E_mY>tH^D$5<J%1`$aKL(0t{r0Hd7r!pxW>r<Jj1q<YUa$&
zn-+Wz<PxF402TtHH5G^b0L}RQh(xtvwb-P4gf!Ug1m`f%0=XhNkwa~qhO}Db#+MHF
zVRo0aW)3UlEZ&}aT^7ZcXpJPrBdiiRn`F??*+7P<Gu=qJ>J~Xm-kv#8PM1(POMXy-
zD#*ZaGlscp?%*4`g4g1bZ1;qf4xxGI_7pVkP=)iw%DvA>$e|kdhufLt*R0hjgjW|*
zrgim;?TAp?KZ{9-6I37kfgoKfI3pbOfW>b1I%XsB@wo*6@+v+$)I5$i{X6t5CRzIk
z<>~~k>CII{KiZGar5p&gaFfV<W#8_@X&#_Sbf;m=`jaKAiY&QDF=e8y$V(-0l9}Cj
zd5mC7A&m=a3dz5`r||lhqC)s5ITflhRTUN-yH)tg$}7^bu<a#38gne9yI**VDKJ5z
z3Ez(e7I~2<ug-E$FfP>FKLmG38=GfdtG`R;iKDxVR0hLSYilB)Z;l~UJ`&<%y&Zv4
zLS6`r{`^LH;;z4n*VwXx1LD$$RUpCM@Z3B0cq9SB1Wrwr5wb?&nkJD7!7YKkmp^cM
z%%5V++9uCKAb%o0Sbkg7_=DxP+6DI42BR=;PI5&9xsZ4#ui`|Lsym&>Q4otE``yGH
z0f_y@y3|QRynN4zz<ehO_IehYP3UJtdVi)yMD9($&m6BNh7k7B*?SzZ*f$DseokR^
zTotY?g^;3|ZiTA}6nSgbD40`s1wX{@5Iyq1uI@ZbH+^4m8h-BEKJcRrvrHSXmIam=
zN#>Wc@0okTWo9u+#D0B4Da)iZd3?psXt1TV&|eq<DMtFsk&RQ%c=+kVNm-m*WyWDI
zP=-NmAXi-`c5n|oH*NC3)*8KD*@{E`$EFYHZ<X(3+@y7FuchWY!P(3eE_tRE{Da(R
zd)UISG>ERJ$UciHEYwgP_=@2qK}>f;p%<&0>Xl7};@T$mm);muz5ig`EF{Qoyexuu
zyIHFYN2WPYfHR4Rg+O8H1T7X38#;7wpbub&a1f0kL@OcX5UI07XT0~s3EI7WVBybW
z5@m$k`#YMp58T|i;nZx^MbpSMMKttWC*|ArMa-WziJ6q?ni@>b?CzXYM((WNUZyGb
zSU?i${0o<3C3rwI{3TxIfn5&FM88Z~-1l?sU4n=g3NVOO63dj)uuWKCad!s(l5-5t
zSpI=nIJk-APevGFPn<abBKC??&BBm|D_&t%v>^#hRE*OFB+d>%VD=61g>REO8s0m9
zCh6}Q3dHds*6lQA6Ako5PXb%@11&rCnrMuq_Fb`>rZ7hxYFZF9gD=Du3}!)XjVv3^
zj0iYyRCxFan@rR{q&(koLKNUCHsT0!!QDhPpo7{9elw0J#IMR}O}a_YO@Ez}3Xy!K
zQ3tZ+8Ck1v<g8&rK_2oAWVxIx=x73>xGK=4>cO{MW-tPDqSLm7pzKs;OU~10QyR}1
zjBasz$&O=yXp=*T;WJjHq21s7+T>rUI3EfuAYOSb`{h0Re(QrMr~NuZ>E82v`_#W#
z1knvomB(df4vYx78Y3z@I}~LO@B-T*QxHSuh-N|55+cL`kqGex23d$OO$<?s5O&FO
znJNGr;w-HL@(@E_G{8_WMVu>VEg=kMGipt*T>ceM^f1g`9rpNSXgk?bVz9~({4wG9
zYb;w|_hWzLcy<pQjph=U>5n8~s7h0nbEc#{wp;V9`%lUC)cgiLIg4dY&qz_|?aO>4
zn`%aFo_PE8qSPfOYT6$3&DyDuAb=8y>1>Zg`@m+;b)Q}6AgBdAJdK2#I4Dt9=+<Cn
zZmgCMPIc&#GrL@^3X=b5!p@CVMfxEyV35&9Y%FYibfhleWX3{l)s}~6tW0{HalC69
zBDBc6A*#J-uJ4D)``s>k6Ri^w&z)qfE5%(bN03J_BJ`_|t|~X<Ew%_0+g=~lI5Wt-
zx3=KtiUgC3b@3^%!?bAUicQUzjMz^z%Vn{*Xq*PJZ|Ka;{LJ)fr(q$Knrql_RL1vO
zqgOf^MX%_0OIz#hR&Th9-rF{aA9@l)Qi#R3HB2~-e$XrJ_cqm_*FRaGkssXcg~Kg2
z;gX;?2#+Lh9~VABQL#QyF?#@hvL*JTjeX!9(6Jy3U@l4@5M^z1D6w@B??Xi`yzQ?{
zxVL3DY>jMNH)51rqGy^_T?U_n5ZFT_)Psf*U|*2J3Cv)$&5*c)?GLlYZ-eBB*KGr(
zOz<B%J}0bf>{v|1FVLldsGi|^m5NR}<*z>I*9NY8cn%Ep2E&kauV(uae&E0UC(gyx
zPm>Kj!Q!L-(SISGjhe}V`uN@CA8_C%&d{dx4VDh78CGB(Y{WL+%#5OJJNJ6(;Nxb^
z!BWcB8S-EZpFkM_6A+tvr76w>EuBqVOV72zJI>eePNil%sfVrZp;;Cd`QydAU6tko
z;R`Tk=pNpm`ZoTg6{r}Zk$3*Y*S5flSg0Hoy&`6-n$c4h@%wZwBE*aaHYF1bhHR?o
z3LE)1+>H#k0kVL)^l970ler5IN4wGwx}&2eiTpQRa`Q0YpM)Qpg<adtqSS-_$;V2f
zNRx)C>P6`-iyNCf=K!(8<irWmU4h0h8!85HV_hy_V@;%#PVRx5@!t)U_Jp>sE)iV+
zE%J%YK1=^UbM|%}cJ|1k@2ncY41m*2^z7^Uq(Xn^=0!ud*v8_@BU+=)WSX=>rINKw
z=hb~Isxg!9?Q#WtH*BW&mJ_FwEATJQxH&yn=j?o3nL3O_g3DJfyD2Uw{LNp<y#_W%
zfL}0W0Pp;^Kj55Pn~U1a2#tu9`2+{Wg+bbWGPinD8pO5zty}SS`&I}xqkhfaU`*8-
zfrM7BB;n_CN83BfGq#F)dJ<(S=Xs6bNo#B$;3JmMG}!c;eiWJv@()4j6;To-eBC`I
z43P8aHMW(%IuB-~LH@PBAq|DE(JKR8&<5!?@oX|qZiT{ch-6P{<V*%riM|t3Hj32*
zz(!laKU0w&0YV{kDUX!i8}m@nX?+6JLA_nDy|q%Jpy;xc5{yY5#~zFxxSh%|5G_Xb
z${1w5tSj;Js-o7)8uR*g66YiOSl}uphHb5G^lXG-uY{%WXr4G;?-q<^3HkR0lDsT7
z`82;o_5?Z!da=HAT%j9a96%!kbI=w6vcAv@2J<Pl*oZjz2F-Qtbe2#b&>#S=nD|Yk
z8J={fAS3)UCr)<;Q$TYR@DxB`@w33NQZVD2Spp^r)r`IitFa`T5*4Gu&}veptY{oE
zOX%gvm`u{%Fa2_32J75P)VT1_b8_Z3`2S!Ggs-ku-N?H2flP!IDz6}m=*o-$vZewE
zv6wWraP#=nF04O8p2AfhBZk>g5)nCr%mpb_eXN@xuZv%*25|x;Y<xFC22@VlNyP@;
zkpJvPUAEqi^uR!^R3iqtVKQlk<kg3$CY>4pQa_vjV^Xr%Sm9J+-y};txOiYkh;&}m
z*eI&@C4LNQC6rvmV(}j#Oj?iOxB~82v{k3k1~;c69clZh^i5ZqpQoLlnwa?kx*(Xo
z9#9!m8>MnRo9HC{G>rKv)|L{crJgV*CT=T&IPmzNQh`$``j~^u9NmWLjlpKU(|Yn&
zAWJkhIBG3jrm;34bC_jF?k`aa7ORfSCuxp6&*We!S-5pvZ(IPWbXrXc(PM2Xp&q@h
z7%k9>1U-x`zQnCk{snLa7DTVH6Lf6uCIF;0`Ahi5N@HH8^#i!DAGq}?&5TWtGd2Nj
z^z3E0kqBgi&N`!w#4u!fNIN>Yh;q^Pc*ndvVb!G`Ld2#PBKyuij|O=EqZI<{u7JWx
zA+9+sAoP$IazPYI`)|E<5xO|Ll#6x?iW+|}TH-({YAyc8^I<EZKuHT$hG+Bjiefh?
z6>h3Dm6rg2)^3HTv`j8V@?V}&_s-cY_%BQ`QK89TX^)H%>lM`P<G(ALvey4=AB0x^
z|HObo9pn0#o(xR57sFv!NE84(eI_HCq@EW&0_$hn=&QxStG(&En6n5DCa&4>HjC>9
zA0oghaOO+pWpT`^Pme#Nl^QpqM{y;84D8Z%xxq7BN?S>MEB3SY-UXd|TT)%xGZB1u
zUkuIj9Vz?HUX!+y5sST}DBPZ(Nn(6NpNQu9T{<t6%U`Yfhu~^k8sD2dMK8-z>6Z%7
zLBml@(MDj}u}utv*-F6T1!C#B9v+71Xf``^h&at}vE-ifo8yZ99dm+GwcpVb5g;pl
zlkYjtFfj~htL0=gI)AVqj-V;jHV*7jgUAkK$D>#_ao0egc+ZDRA^S5iEZaCymkfqf
zLjVFbVH`Wr*i<eckDS=CpWbK$vnKKO)}bMk6yoXQPgr;bSL`Fg?L$3h>ugIfw6SO3
zvV4?-lu#e40tF@BsCr@R$kVX_Z{yvmwtn?{sTL?sNw`QL)i$Y*>yIYU&Rb$GkRTEu
zTE6oBfVH>uA@HibWay`P=x{Nw25Hu#4sJK5IavO+a9=v$)*%UWmxEK7Lrl=|a?qu+
zm0un$AuAN|-RF8A6mX;*T3xVN$^d?a$1Hj<|M~t+tO~}l4vWgo{L={1m>|-P4mml%
z%m5td%|Or~SE28b7oeMH(=5fbjVVza6e4_HM>)&<FGd+^tfsr|yc59F3FL`;gp6ev
z#CL8*bg{63+5OYV)d7&wZzM(1zXil|DO%b{!zr<eWXcW^V31@Y1lgZl#ge&sPrxqO
z$2m;TP2aAxKp(|y8*s|oB=aKhkC>f2(k(B<%nrn1STma|!$8P0B{5AH0jceX73bj*
z%x&ReVWz)Sm&kQmyPGi3iUz`=8qmxmDFaj~)XGt0IGVa4r$<|-P$*wI^I>vkl9oDY
zSvZnxh#)$bj+b_i!9oQlm3${0`ANuPCwkEsHvk7DR&Big2uE6Be$MF^&<XX(-3ZR>
z1;UZb2z63|Grd(<EQyI{Mj6FR4vwWWM9~l<kWWytYNS&%KM#k&v7Me4Ah{uI)n%Et
zq-s*-^loFkE6ON-OmIw{_Irj1QVB?gX!k@8X4t5_UZeUKhv3K`Qa%FO*YqwL+nV9H
zM<R(a(qM;(PO}0i2Ty@x!8;1K#%Z2ZeC%XieBfGthXhX*c8uUJo-yiEX?ISAAfnIF
zbtc8LL|ILT#7%uAPv8Rx(j*!+)=v*7s`n{Pa8MB<S@;{xUgJ@JkBxgrYGbh$Z{v~F
zxywg`p<p_g#6;=Mp6q9SUvjOPy?Y72;-@pMaMXD|I@9lnKA@^hJytWf{*72T(-bw{
z896weNWr&r3|ytgVw&-9%dIpTIC4WK*!YJB%1wEIyCP<#x>Ip$Vyb|TqDc^v`UEpd
z$W;&n*ZU!Wv3tvS*rT~%?Xo^?Ms@I-A6~#2?|%BWlR@22ANT1#@ll^l^RmDp)IQE{
ze#f@fu{x779(jXqm4rvASvtof+{d%t_H2F(%N_KvWZ`^VLWkZ1vObY@?jE--t@oYN
z$^jL`2ax%_@1$C>|Ikb7ksGQ$0a44`;_HkLu1RJwXxVe1uZHRu`Md03C1a+K^g0#c
z{ulYbykAYFSV+#XwxM9;O~R<Z?AtMK?KiOu`-n52$lTa{6Xv2Z6sBfTif_%Y^1V!3
z1x<tPqwqXW4MrXn`|KY{953$EsOF7&pQa=!Mc9hmvHkj&spWfb$khC3i!*1Jr5hE+
zzNXEv4tB4L5ZbVy(Jl|3nD+d!tf)3H{2)da$QrVfeMPZM;TY^OLed>=AlRD3;V`lO
zc347%RXAjA%=ip***!oqcD<u@*%RK-4r%w@Xy;=&gD#ho?xQjMb656;jdGOQ{mL1k
z2$|K5zNCh@j>h^C^zhKKC&Vt95nSqu-mUYo2qA-p{&)-t<r&fo2!1uNM@fhmX>!2*
zHuoTjN3dg}h6C?<P=~+unR3CW7^&&^DQ537rAvdlmI_i#{nj6cc?9?w%^p`p0}ee|
zv`H@J*2~(ae(hxhNj$>IgYw?!f-zuvM3{Fq>K<_cH>w`M<Ao9bdm}Y%o-GR#j*4YH
zGWkLA`i+B2gNNd2+aPFw)mM()ePoEQIb1FiN5~?X!5T03tA{R*YvZq{!%##~p27vV
zm9JBs{2vS^HofVCb81Q+0;0(V@xmc?^|BCUO}@5<=2c37tPoe6<LyjcxmdDyFb_gN
z#N&(--K|Hasp7(2=e2PJhWX+lP;R}mQAEH6(l}bLiSmmNCffIAxNE-hSZ6~LFy4lW
z87&7U)V^&+n~OkyKEFmi^3ITw>Aq;;wXz}C5yHp8CjmktYVo6Nr?Y0c3iz*EItnrP
z;1&z(XfD^bBkb&h)4l~xN>6hKF~hRT_5N8)ed2n(A<L|*6SL=nk<g5@u2S{@0tWD<
zuI6llgq>O=kN(&--O-GezszwDYaJTK&>S~`LTx3~U%pIEA*1;qi5zoYpdNAC|FQT*
z#YT6IP4Or}G~%fc<?r^usJ>(|pjnhl7ml7s$AMGw_*P3Se_CsCdTY<i1YA<-m2uZ%
zeHeJ88PafHH1916)-<=;P;!D<J6UGo1libfu<KV<ffd%G1j7M@PWBXJuGmPq9Swcj
zAPo&0)->RXt=w)n<N_Wg{L4@oHqM<RVcmGa{9N>6YqW_0mDauL2-oNtUTI%Q1p;Vi
zuf$j(7Yiepi5b*`q3r~dRc&uX)=R>(nkxtr!ZIIYq$U3(byXvDlq8D&yn~gHJTEFG
zSHe5-m@vgxu|7j<!}GRw%jiEFk+L@-taGVQ7+P_|@`xmpdk3`p0_vBcS5**bX2lIP
zeHaOd1Fhs+aD}@%0DpKWd;maZ0D>4y3@noxAjv;6W+FNu9jUyfBH_219=bgJLq7Yw
z2cvWq9_zpJxt>gAPqt>u?UmiVX{VG@%19e;1y==V1>N%>{=2i`BqiI{sPwM7I2o6X
z+d*3e{pI1QiKt%rs#m`L>;Q7tz3P>xwzIP{gNjC@(P%VU{;1gucs82_!QUj4$@q`y
zAJaaj`k#B&$KhkW_UE4=BefO~A@IVpfR_N2CUr3*69e<o0_O5!X|YzS6v{M}WC-$n
ziLBQmO*N3^q_dnDjIcC+{BWNi>esJu+;ex?5qBKGP`@054&OcZo<!}ddy(b6$1#4+
zul*h$7XBkrPB<K%px}uUPfS3NvUBE1WWnJ{ST2#tDIpFvB_c{mhT{iyHi%*mzub2o
zbsd-zxpf|Ho@4Kw%h5V#9qYQ(Tgsh))S>1fT`Z0sS`N%vYSJsQV2^+MpRMz?sr50M
zfCiHt4Fn8<3)jZ8L=T>+c*Fn=cT4XYq~30jaSD-&Ec-Y;032e}{{nJWBUOg)jUSha
zNU}k~DbA0%0rZv0VRfeg(0scYDf5q^|BS2-@<rdW|6&-`9BlQmfU97$VEO9I7Vi=a
z!yYH3nl;K*zW1F|T2b<!{>(r94#fyh#U6@uh!U1&=oB=6k0@PcBfRn9Hcn$tlutMB
zPNAYz(pg7~a*qqWt%|2!78P2VOBmXSguJM|Yezlw{3g&4*c;+bfpr-^%u9MQO(i*&
zjIiB*T<0BlW(Ya79ifwlQUE1uJs?|hwR<EZ;F{NPrTI`JdNzW{cr?J!9kTc~OYj9W
zn1KwOP_w{S!j+Au1u7I&*W8MjI%2>A)u-|DAuSGF8z<uooKOwqP?e-YH%YZ+KxJ7%
zHKKaC94B{5yDly(IPrE7!XO2nj^<mKYqvN*oNDvAsXlsUlOVaGJh+;uD)m`^^+h8U
zf9`>N$Uc4`C-rE>F!y@}a>w-XUEUDGaK>&JFuE1bI<YJsM0Lw-!^8!u13JI~3?z|*
zm!?pgWaC;}`_fb#9Z`kgyZ!yxEn{uX3<VXa<mw$jU40q)#(rHF!2wBlD=1RJd?eei
ziL)Mo3`kI5f+jpLL<e#>dO7iQ9u6y1=Cgd;>U${pC`AMhsi>m!WYYYSv|i5VcV44&
z&CQnd33La%5~w`iBY~PV25eI72Zd7*0b4WdSaf^(2*Bq>&zVq>BvDg*t!+T%z!X6L
zy--_^pF@R;S0E=i9PE}UEka}_u%_Z-X|Yx%C@Pfs@p%JxL(Z1?38^#65Q{=^O80V}
zu8E(YG=PfvH74pRAV1bY9tXUg73%4vt$?psnrrG)%S6Abr4PNIVhl=B+Br#!fI`Dv
zQ1+>vEw#a}u#dxjrzDlftyJUvLmh!SO@*g7=bRBX3V;!6?sxB8j(y27M=gQ4e=S<v
z?2#|XcK$0dUKkWk;6;`gUkUjNk5_d5FbI{XVP3h{-sDZ6{S;M+5-Ws}P(jaEz52-7
zcNi9+0M!M61O#ye0*vsIpy?<P>c7y$t@6SJkX}%t1w%3ahbpitF1`zxcWT_JD54U1
z>y1?L%~!7QDlD)ncrRpCi3UzrQgApPS_4&tRDt;}Ex&)4ullCv5uv7jC=s2$>D!1t
z&5;&Mjzu@RxRLX<bTcU{x02B?<4ek7roh(`OQ(YI+v#G3%vo`JU7>~4t#qoC4y8M}
zOU06wQm0&N2A&i!XXZ?uDg>z|P-%Hu;ADai5KTaYxo?A@PFI%BQHhxHkVuySN6zVu
zu}<HZB0PLgYrB2IHN$!Cc>|!2onG`h-jJHJyZ=1SNa(I6GzeAWm7}YFx^{VOfm9;u
zWX~~tHT2Bp=0Kfptij$XxC@v}+zRKmh07~E3yb-+Rzh1|q#|Dw6^iw#YW)_10a4O-
zk5^V-@ru{&Bd>iGJ<f|8RrEFlDASZ0no)^(@j|TaXNEEx_b|DovYaP02Y>u-U~g+d
z_-#A|$`pzOYSh{sGUc3ElyyT)Vu`y@wAYjRp*_PKEfq&`M`?a8dj0GWS25JVspat8
zuTdZ$7Zm5ni;EgwF;3yRiZxVMk)xRV-XD|fw+LD$SfV4#i5Xc7yFV;0mr{*d4GM@H
z1#ry_&@&_RieYiJkR!{+a2=AP_{uD~YxKcF04Y7>o~S!~!t;c=-8{%pJsYOt4c%PH
zrk^d8@gt_8Vsr&Vy?2U8lTlY=++%DAioCRW5DoHeuPXcIJwxlgXQ(=e%v(Q9X<_Rf
z)>(K_I4Lr;LlYvE_uKJ|CScgNp8)8f;&4Klz&=n=5+$n53i6-m$uyNgHkmG9jDU)9
zC>nJe=IpWv&bry6E!s;%1Pn)V42R>!4d{hLZAwBQuL21Yreb>fKSEIKA2%I&F6xX5
zMHT>&zjemtt>{NmO|@YNNf8$vIWjz&KxEkqsebCC*mcP(gk!xWBX$G`{(<Sc5XcYF
z4uU)<wu8Vr*V8Ae0|LFwz-w(6vkS6kZrCgGU_Z1c-mJPtUA-z<=+OL*OOE=5=gCa@
z&OTIE@QuyZ4Zi2~RxIp|-HzXB!w@@J(zDkd^j@nV4A95ymyC-GwITIo{KxP^{`t=z
ze;LhsotX99+sIFJgguTI_Lm>cN8?5Njf?xuFXET@VJ^xT%5o;{x|2*R=CW2rp9*L5
zlA^5Z=!#3FMH+;lBd&wFye^d%6HEF5tb;k)EzL?#B&w`SVI3;9M_6~JNGG!brJ3H$
z%S1Jq?i1v=hla#(A9Wh_hac>e3!Yf>RQS^1E!6<7Ej*djj7eYL>tjF;j_m%~z1f;D
z;n(x!7{{Xea<lagmkXSZN%XYNI8WwB@{!3Xe&5Hn*Dz7G5#~RN4*)D!vJ+c*+$-(P
zVS2)WT5Obe-omeRmK}Qw*EQYfhN2-MGuY@cXLQO7n+yf1GN}0)36T)6XXG1FqS_Gl
zuNW=1a(5WX+Ok`#bGM`J9^NZ4^zz9^)uIpmk2=GS4jf64c<)OWJeSczYuWsK<?+GQ
zrhdMf{t!@%U<4J81~e!^VS<TMOHZIgL_CX5L6}IctwXtce0_5{@b<3iVfU`duZ(M8
z&{N-vMQh&%*5?@G)e*v-8V#`lq=xBTaDCN>z1aWK`nLY1T--r)4xA@9gDRW7@pf-j
z(5)Z<!T3#r=)i}HL#Dw+alF_OIl;rCEE|QBaO`xPQ@D2aioT-9D@eG5r38>UVzB<^
zzxd?0K`~-`QtE+-+CLhi;9tXxOzja&`B7d9c*`|`D9O|xGCtWw+J-$g==H16U2DOH
zqZQr6w2oP3>b!DZ&^QVDe$Ow-bPU0c`?i-Bp<ccg^rx*5N1$;hy|6QPtetB|?pC|h
z4u@~&L-fM##v#PhkP7Ty%J+^F+wQY-_+#F>QPUHggTYv5dNJxxZt<;zB({QMVa*bA
zjGk-Xt48yRexT1+xizu=^(5uk-)>f?cBRv8BQ346jwmx%=V6`2*_QufQ(FR!GGShH
z?>#Q6`8K>J1;346AYUoE^n+_;Aty(s6GLN`2OJ6b1t-C_z))BiR)TfGORz7@1lxj}
zU|rY=mIXh-wlEYd3rAsBxQbQbDA*L1f<@se*b`I1o^TbciLHQ5_zJefQdkmW!H#$e
zD`F~ah_hfpT!rme3--fSSdOo-8}F>fSlEoWU@^|ZS|(mtr8X_c7}r<TUH5IT8TGdA
zt@q!+=@%+Eb(NBoEcRTS@4T{P;U3~DQ|W#~UcL7oM7<BST1^e#+UJAC7$i`w2KMyU
zj+VRt23bvLNo@&?O~0^HhJ1%-XXnRG=3W`1sZZNFv;6Gfa3|x7v$L}U+NkaDj4h|h
zqQZCwjpn6dVfJj=i)_j{Fx+FyPNKzVG@3Vdnr-r2+q7=bY}tZ_gK1pQaA=)hAh_Gv
zk{#NP?1wE+D)dSR#tRdSDK|AQkZ`rk?u%<n7;Lj5X0zGGR$!OK_Jt*xL}xzEpUqf*
zHk+kpv)M}3M9Km;6b3|ao`SfUrX9*L2X)j5A%;f4u=luqpbRuP5t2{d8AHlTb;h<M
zvrv25jggZh<ofXS@<K?9nc2&1HVdO5Sz5E5n$B!C+hNDE3Qgj~z&TYeU}TIJ7*48n
zI#DlU&nX6!?Vys$e#kVwV#Kc8^=PESv{dM?;VKt@^<jJ>qSDp^vjC<thZ_mShf(x5
zaSHg;)6)5+p^u8Q?UdJmZ&G3rUMc(0F0GTsWeWU&aG5M8Hrwgf<1Y)U`{ldfIc)JQ
z%>Fcsi|k7>*NmB5e<K^k5P!Z~&V=tDh$@^+M<$EOVpwI@DZ04HkTadAv^esm6^dL1
zGp#sZE&1{Xg2KWZ^UC%e-HZNuje1r0KIh|q`mA63mw%ZL`y(0--EuCM%VNi0*l|j>
zj!r)r3`^+&)+rgL@3i*Q*F6iI%NQQRF@2!dC<DHa-r<xNc{lw^oQC-IH3m;@C#T0y
zA&B=9(*+t&P%K9lmiC^e*6O0v-cs>cs;TUVS85jh#;W|H*<YK2D4ZO+ENRlA3>p3)
z_S7(P<vt>(0_z}*Hj~A4gjkQgM!~OJCOIwXz}{10$nw}w1PRTA@`<fY<z1H8(9Otx
z<!4!siA{B^@P$H0M@N>n*qlYUSVn{dAV70L=Oh6e^8l9&0=BgZJCETxI1XyXO&>RP
z86Wu!5{m;Ga6}MDIsla@mTv_kS#D3C7vca&s9bv~9estH++ut+76?%FYEy5Z0C>>l
zz#ZW0M>+qw(|=dVdAt3|FQeza&Qs3%WImm4+na73%^kW^H2Au5VkvSbz9Wt8!hvd}
zi4RA2_3gMW0z|AwksgR%3LxdkkPwq}NfVe#r%<OpX*1=4i3laeq?j~{Vi+2MUC0-P
z;O;j1+e@(acB?~!PLJ%R$iVdg!&9QR&O%iX03^oaX$KL9obPdm_;DFGJlW3?mBwM|
z)mYax$85BF+SY1{a2Jf4Br)<MhS|dgB(7bI7vV>4#1QOZ_|a;7>x>m}N3)6!ks+$x
zK0;H1qJ@QkQ5zb)xuHvitbH!OijG|}$eG=UiJ^9z(@*j5U;O3ymt@vTrAnn^2&TH|
zXl0RXH}8ma+9F4U_KWc{F{q87<9G6x-~4<1s$N?*)B{2BY;>28{p^RoC1#YuIO-fs
zhsj4TJ7@t*UtCfYyp(uSn$ePiKy{@proeEv2Ay+xwOA=E*;T}{Qsq)8)|3?w>OKM*
zPv*%Yc{=LcT<8&jMcu1j6TXxWB`>YG@)-x@=)`0=IWZia82%!fy(+f#Qi3vH25}QH
z#rTAJNDU2e0H<!Ye2w$*Cw*o-Pg|qbbLDG((HgaOAk!3z5a_A(bmm@>6OkO2>?n!l
z#C%wOZlUBPszh5vTFHnQ%7v@|tP_dq;Jh4p3{#%!i#nFp6zWXHQ+heZWDZ;Xf<eQu
zs#oQiRVHeCLddrS1bc}S@6Kmkw^9#uAA3|-Tscl%Y~l?29S!8;l4pKiG5BYL!kYp5
z<b#JN?H<kQ#6im%DsFWE*R!(eGAf`ttynNt;|}lP3p_hAj>4q~lzzj2$acd!<HE;X
z*BXl(0?^#(oG!#sg`NUADDlyo;K)uMlr<>>O8UA&8pF<YjM|^}x>3DV4f-&z;d)nX
zu5SKnt7r<SQYd^LCDA&oiWqT1V8^LEz9BI&E|G~!zjkHIvfGTS4PQV1t!qYG{FP0C
z&`qf~_qyRCoGU#X2Esu;eD!2hWoks3CR0iJQ3P?2-FKtj<Z{n#qI}$MBV7eIQiUuB
zP;7@4j55Ub2R?8D_rRe6HB<l!-LahC9z6(x3e*^DxwZGZM2H{+K~TL1fZ#*aX$K|x
zbjl_RrsCDU>+3vbp~JAW;OUK*$oRqd>GASOCv<yT1j66qpXg@E4jmsDRyU?l;Iwa<
z3W=tv1k3)}A@~n@hy*+O{qV{$=A9wt+dlf^t-2QV#IL9N)1MAuyaxaJXm{WQ4|bpf
zb+cdv>Su%bTfpbNkpmp4_y(m7o~XeA^q&FmGA%w_e5>yaBZjc3>0i`}>dcP<+tp~Y
zQmjmib6wpCul?s&C3!+k-xee6zo)?8`R^Ht3Cj4y#5rB2s2eG!Y8f7ZLsYVVBj1`w
zzLo$teZx+RVdKjYVt`YdAg$00YWR<^7eDu&nyc{AXLX(po|3im2!~s2b2qLJuL2q9
z^|SV{{lS)b0V$#z%!Ojg$J6+_VO=s@)ZxK7f3Y@aojk=eC;5vP>`V$yFajl#I06Wr
zDnkvP7%Zvvt#mxjU<;wLurg}nux=B9OO*m5#f*WzkVst@kP(37huX@|@6EbK4IzAT
zD+`OX!~#)KmjGoDr&OTFYD}p>SWp<40<52t`Z(VPqEJq)DJ{)n;xiqsQmB*XpNvd$
zhabl<Fw6?B$w$wG)v&)S_uB6$NPdbc1!Mn~4}RD0AL`4UTyIju`5DCF{MphIGp3$d
zK~;~8S32C3SzC{#cHaQdrG7JLr|Y-yRSZELob+^`PDC{4<;FPlYn@nxL$C;Ed{@_E
zZt{_e-C{M0gS9WcuBqQg{hLtE77x+d<rQIdkw1EpT6{Alg%vdw`1481MWG=TI(qVh
z4+97Q6pS;K<S2$<M|*nw8lsqCYo+TGi5cjnAa&I5C;n$Xw|cD6*~C9!S;@Ih@*@kP
zLHdnyDM&LE3N_h4q)y=vskR^){geLt-dj}G<hNL-UZtQ3rY2QdB_#za=QGVNIGH9B
z0m|}*5sRS>Yu+SQmoa!`Ny}q6M~sQ;`WS~hmNPmuf{<L;fd?9%nYOMbQGt+%Um2!c
z$h}__H7X)8R$M)9M?xtL*n|r~n<Hpfuov!eoC56{x%}2A|5oB+W)H~B3A58~)|x_g
z1KAQGO86|VJUA^>GBMm>pF!i}7Ks<cyiK)Rl|XQlgnTn2u-z0H2;#a)Q@mJ!jvQW<
zo|kU`Iy+u?)%ih3P3lp1I|l4{z*tXPegh_BxV9aha*tm#$AvD=*=Uo!qOgrAS43u9
zIB6FG?K~Egj!`p1hHDEAzY-tY$4XT^Reg1(+9?!1Po|ufB)<Dgt%x*uQWqI%PwIj<
zBb9x!&&ASWtyC%0X$6jdex~vhJ%3SAto|S132@bBI<(m-+Sqx|)=kZ=1;*_!B-_Sb
zG$)2dYu*~WJYEgXX%4Y#aWCtoMK(ZewCj5`#K2(HkgZibwz$l|R3EQ;q}1JV)tt0j
zXAn;>EOAmQ6`yLqs+ZZJ-hUs#Uy1t~#hkv_B5bb4ADfMeU(_&`$M<7?FzZkjK}&;z
zeu9KXmZvjjsU2;(!Q;ZRPvtz^HRA&s!_b=N)=4}s%#L|@c*@dc^O$S+!Mq)+e{OLp
zBf;J`1mxlQ_zX|BA5RiIK{Z;+lg6}E@HIoN#YXJ|%4n^p7M^dYv~9XJX(RxGpci9g
z5Eu}ML*kG~Fd&hHVFwSigUU-x#!I9zVJsR2i7^-rQ4GXE2!<F!3@{2Ag%o2|9RMQO
zd)Y(b`dFKwQ<QTB_e$DbTKT|tx%F#WtW9p@F0)J<v*R(NMnj5YwMktAdgtDSiM^?T
z`lQP4<GR{VT-;G#Js2;$%^DkMH0fScr8OFx7=7tZkRe&ee!0V{DD?`eUv+lFi~lYO
zE=_bVK8&F3sAMV@kCT{#{BZH9_9fDS7;M;2EC-p+7&>Z#YcDRTN&Zfp#lK(_kJQ%t
zrbrl|;zZ_vFIE%av7wrq7S*Oo5?}Kh<4f3Agc3kHht9#s;RjotFfGA-1)430lrOrl
z>9cfTa)6-hm0tu)8oS0xW0rRe=mL%?>Q3Nz-s6kvj6ze?ygSI!*GA1e{%d`h|ChC9
z&FuqK<%E0dF6n?|Q9n+<^4<m?)!XvD+&4oJnlP5?2Nlx$^U#JOcGGGGe-8X=-Riz=
z9b-TE*DBC$5Nk>pYeQaSu2=1kirEm=?Lk3J>D$6>iCM`md#MiFQbUg910H+|QS9VR
zui6rR0hXTAn_}bJA%R|ER$i=oRBt^3TIl-LFOoV6q{B_Y19{rLY?k$2<@7+3n%3ua
z%MD){^wZb-<@>3wxUKo%YfWdkF2pLqwbk(QUJoRWce&AqS4#Klwcu=@gKPe)Qh0{S
zSF^bgPm{0KbW`b)6PS583-J{`Qg~dX6-Hlrmgu-QzmI6A1=kbId|l>m&^~$Vs1C;I
z8(c}mly_qW)yem|QtJewzgdP#j|us1VPcG2_|hYtY!6ms^n$N1Nd+L?$HW!FuRX>;
z%&PJ2td3KN$U?X3!1QA}9)z<3r;{&e>jgu*oOGaGm_&u~9&yS2Z>Ak~Lqe}TLc6wW
zJpGf<`U6V7Y_W%?7Y?`)^|R)FScMS*<!Ww&CS)s)24w11XN<G>aRaip@XLQY5$G|p
zd0ZNe|4bOYacNliD7YK6a|GtgW}O9{GUfXBmHMV9fmHCHLIOBI8fu<t#DRkj)~F5c
zK0V6<7yz(WAaixB4LuJd>UlGWz#_E#79taEiKOJO)X0`bBVS0fL2p>|o{c`#5Vdv5
zGcp`@Aft{$x4`_}>~@yHHIz6hlm2BStN7v|g8BDi^H%fie1g#Bsr?L}W#7-ZsGS8g
zzXBRb1pL?9Lhx&cHR1fqPd9sAI^qJv`el<J8kN@VR|=qb2>L46ik=roDP~&wUY=nq
zi(NUvRSrnWu#VMH+wK|1xfV@tj-yWC9#`_T{TCa)fjp_!qJ4_i@eG98W_;1B*!yKr
zbGZu1YI(%jxLiR5pYjFSgY~d`g!NXd-t4|4*4a8XOTdU6Fp@a}(_=&EMM&*2#fy77
z0h~Q{Lv^WF?`3`Fsw8nqo^?>lq6)qB@;lf_=#q|+LwpnYsQHnI($b7zIjs;}+>BtH
zYjQxVjPLF}q>gS*YcDAAuTA4`zO6RU3R!Q6BR$I~Ki*4Q0rR6by|#rd%uZI~rp^I)
zgq)CP;Y)P^4jZh~b*Wa^mT(2yz(o~xsiXer08EZwMMmSx+6R}hC^Q5NvK={<`>fXx
zf5p~8YC1y_E^R(}L)9{QM0hgEz;zH4i9iUI;u)&fDgFbF32&CKV24;^7g8(tU9Mqa
z4Mx;59WxpwT<Y#VkC52+L-JQdZs{*OnjW6vCYAQG3dz!g%skK>^)fhGw=SU9Z@I@N
zz5b0xkZJ8%kEPmXJ461$Ja`eJRVNxBjUUIXpkJ@u=z9swD40mfmhyaZv%LhlGr_mT
z%`3EcDjCW4E?bvxg6tOlqS-<XZzcMxC^V?W1H1kz<d;R#5H7*>FWz9%1plR#Q~!lh
z{9o6IhIwZ)!WxDW_BH@s8N?mz2sPi1<h7o>^?}Rih6Uvun$LmL9qmfN`u{O>9vbTj
z5&{j?jCJJ5Hisw*vx}0PAS`n{)=CZ%L}m%d<5-`wPXIeW#J^$#BQn+~UshShwf9e1
z`f*0%%o_IQKZjvUr6EvGIm}J(83-JS02zSaTZ|kH;IhVrVUKoOjfqg`siXr7D<OkA
zMAb0*SFXtm**bCrKg$S0eAj}1FA0LTL?v`rW_+9viG&e$g`)vB4}0zvii5SNSXN&T
z8B%aP7|^~b$k@Da)G#SxlEzrOQ)*KDdZm_xrUh?LhVEJ$H@(J)NSI)_T=ba~I2sCx
z;H4g0d1=^X3n`E0`X*JRc_S~7-_3mscM8!QiW5-NO9?%dR3OH4(+=U=uUBE2_FYJl
zF23x&bH?T38D_kMWhF@o*evB*5JM&fC^4o9RHaA%6;5C}R^enjPXS}+i(gB);Mv0q
za^#T+5h+@O7$6%c8<om(yzs%|O{$CrwGf#KUqlag2gESpsOOAS0A3|V)XFO}QXRo$
zF%u>robpy~9X``(s7D@bs})mRC)_y!TW7|G)U${j6u}w3u!f3&`bn5-F<PE*juFg|
zJIlxe&+(R@JMp2tO7(~TOw+3luwdh(SE(LwwJee)z$g>eC}^(uBE;H+ui7|rBOY%c
zs4Gn`quR^=x$afU4F*yn*G-kRw=nf67oMUW|1S1;+SpIQ^-=XI{SK(zRN>&6jNj!|
zkfE%~AzXw6#EL@H9V#5^w_(Ncrqjc@U`mG-fv9@hVEx+^l{FGoRRGc)l5A}rR-yX&
zD%kB%FM4nymLXB&gdTeG=Mh21;hGj!A&^S}ZLX`vC{e^d?i3a+5go|`iS4Xkr2y=C
zzyOHZw5*lou@LL4J&+g;M<#ds)d&M2_jPPh(cVbUP8Q=dPt+)_+%B+J<?{j$Ld6Xx
zi8|n2rPvVhzc)f`#u|)_)_xLe;-R9JPANV09e+A3flaV`oX3Fb-sVw;^{Q~z$Lg?f
zFjm?h9$bsDy6UXH3MvZZJxskR1#ZBC#n34A4QAXKwdXV<*5YJ+adf|CjsrE<A9j}=
zi8aJ}&T;k)GYkt#I@#InOvfoJr^8kd2QOPr2%0RX0XjlZwVx!Cbwp|+k>NqG^FEOa
zyVebgn1$1dSn25r{&vJ#DtQv4ehCpZ{*i5_2p_)LXY&-ia|eFLr#KvFjacaoi>$q6
zBby=FAU6}5etzCemqGonD~O9svFO^XOszmlrX0}geHf$zUE97vhPYZn!%+M8q<B-t
z+mLM-NfjPCfrAE>XZ?0+P5E{KNk#f}k<v)oJNJWDOfR6Zn3Pnc&YZW%4TlgTC8>f>
zPIp4GuN(m0R;p_D@s2Wq5-NSFYDv|FC{HIW#zkL7Yk-*i#6|!Z5+?e@a?5yCm2wW=
zqMK^W4L?~jUqwK?s!&yXRUKxk_Yl>gkk5P6h`>MXt77mmdsucRX5RTvtOS5XhtE}~
z{lks+r*eK(EM7iIJ+S~1M$pa2>EXz5Ma^YHd%y+KT}7lvl&vAQHy`5u$^dMyjl4uP
z^;fkP^rhb9iQO|wdsCBGAYSUud&CrfBspp#K4OGMd!tI$Uqz&u{~-uiLA{Jw{|LWg
zJ4FoE6_kY2(FEiP=3&gtQmr7FrUhat$79Qr@_IakG^LLKR^nlRLM`wQ!p6XVc8!7G
z0|oqcb@?Acb~<}eEX(Yr7=lpO6k7(O`@R4pGwn4M1A*pU@@BD@)AywiDkLB(CK__f
zAW&$j8pX+k5WP1*BaG3#{hnvm2Jx`ho`pPQ<xnVyWKO}S6XNQ3o_Jk<7huVA0l&JD
z5a)gLmAp(mEhKiM3G==rF&8>XA;a0ss?Z5I_392GCLhAOe`}@^h))A)-57O+G|V<Y
zV+nFqjXBHN)}d^=E{?&IeaB0agAyq4q@0xOc`}b-cRXIe))-3luCaS$nb=df(oz=3
z!HuEcP2kwg7%cRQutoY83Hj7I|B;}0wKdeGgaCU_P#j|?FXS0BV})V{Mlk?SR8G_T
zZ698UFQBEGLZj??Qm}hw)JG`&I+h{_UH901t$KtDmm{TY(BYyCQmH8?^9XEN(aC)N
zfHX!ccn84#v>;5=EhRorXLzi4=x=yEd8yz510cI(5W!S;eV$@d8D!IVw{hktglq>1
z^)}o`k%Lm&=J1D<7cWT=pcIrZw#=sKiK?$Aq|v=4j@Bdb^1gsl^`^z80U5EO1)mX@
z{LvuhfG*DElNnFJs4c!GZzcF8ASo*m{wLyxS#0npy*5*ZQO2XzEA&O45X8VSr2WWY
zGFrPN3^CqvQigYh%mL$7b1F4vJLw*Bx~cEJs%4^@>s05rMrvf@0UDD1ps@fD%a91B
zAnYl_{%jw+ilu(6G=B(u%g-JTyTn4UEanzUi_n;o1M0FxShxbUg9zKWfO;UE6X+mH
zO3C3g0xpS-!b&Wf4)GLZGTbs_L&uLtK2>f=*mCNW<C6d$xG_aetJGcYRA3DXcRIGT
zQ)!FKWavtXrVQg(uuWYmrkH02_z_o!-`7;<<pBAo9IbdyEY7;_DTqlMV}@2e`)q<F
z)OE~Ry@_z+uwu0U%l^Yz9V1(AI;=4OHL8m&z;hs3sYI6}K*Qt(J%HwC71%DR4oF)g
zgX*zb99boE!9+$Iwu(%Q0v%ao@Gp<dabfWW5`>W4a1d(l!>t;$qMyDaRKqY{2N|b*
zqnt+-jI0nJjO%t%)vu8?CIw`!US!(sM?p6_qJcYnm7w)iUeIy>ngjns>4mq>OmLwK
z5t`&FZzfCu+RT|r2xcdKQVf!59#(So@yyOkkz9%`nc%U`SXDfyQ6Fb8Io~<_1^&>W
zqe$gJYCR`lHf_M9$l!1dF(jfvvb#*BOinYBB{CRcGi08>wj)IhBn53l%sL9{-hxW8
zl|t<gqa3hS7~-MwQ9xG;SJ18)qLCn$U<c3fv3TTQ#yjfVS6A3$li1VVIKxrfzZc|W
z?WpkUc6YuB`DRA}7iKipC|={@I!g7@*{dlLtxkH8{gP<Glgkx0r|GT}$qjwsoj^1W
zv;N<&`5ML;!6v*?)I|kb7~^|URZv0`845y-6QIx(%`d7dKPcHNLT8Op2M&;}{+*I(
zOoTCRrHDzgjWJP%g4?1(Z8|Y^h&c6Py;6wfq97Iq2SKo@+#z0)IVb@ad*>aTDoyc!
z8uWHWvML=FGQ9?*8CsZPjbR3>xMaWHPAIQPm@B^-1jidSDGn7J2*4eFp<><8Sf4#_
zzthJ65c%@3lp$W=qx@=CdsGoSuphl?Impx~$mTBYmCzI*F^1`Fn=QlR07xX`?gFhn
z7(U**m2ydT6rGUjjY6ddq(zo+*hMd_i&q!2G<NbR8IaoMp{n7O4%5Ix)B_0fB<a3R
ziFhA3&Yj1?tAR=@O##a?<QU%W^z35hiT0p~jg<%DD-*c^WKF4Kd4g8V63gEIT2H!x
zrq!pK4fG|Hwx1(gyTOeeu!e7i3!}ZZ{RY9t;P<O@LzA!Cd030c01!UesgppZ(ezyY
zR;M(@9~vO)RP#0n34Mj9nqdXX{~RP#AW#r)Q58>`lM`}zioBmDp={(dJfjPiA2Q`J
z9~>47_7^%?-jeCKEA6cvLX*jbA)y1yLG!wzp=h`2YnUsHg=iZCiUXza@VN{v)0@ec
zNM{C@Z?9;{w@;3fgOpvwYZ-giB-O0dr{Mp>Y6KA|zF23mkq#A{%rnm6QmJ$`47?=v
zwkdqqN7*tZgZuzZ1X11taklwp(deD5{B9e*p7PpI2d#sUrqj$G8y>mI?n($gqR8+j
z;Q7>US#3~1WXK$6j~qz3fgF`!tsUvd8rSnfg{v_bIah@-!%U-L89lIKXWYb;S?C=Y
zIXFxLT*Da{)e9C8OaPv(HBp%|yi`86szNtNkZgk{C;<5GVCPqvc@5KRvwcZ4tZcwX
z!Bc8?VW|Y!%aooyM7JbvwLT!k-H1=q<$@gyTpWU{+f9fa*XQGSW>|Z$dl6ikgPMTq
zz|8y%IG-OLx@lMIKBJQKwB=G$PtsiF&Z(I{S*z@6B$EAQlO@WrCP$kc+Ep(_oE%IS
z_T#eW0-oxModcHSc4_j63hxV@rw!rkLuKh?)Jx?q*&Mq#+Xuz9n=9Yx0J<gsQJ{I0
z6SLj~dSp0$ArgVC$gEZliX!>yUG-J}x}UjP4e}{uwkQ!3fCa3%nzGiYv5lX2TrKaL
zi$2fmAh|raU}tQ~l_Qe4<AV1Ut<uF0UzHhadl}d>B`WmLzrvf^6Nnt}*fi*i4;TNZ
zzWr3cz&kmp?_#l(2rKI2o;u>*$3-;%(l80jCP6tIy#c_sn6)#}!CaFs*HiROS<g8y
zLz(EenD?I-yw^K4F$dp*3<LWayHT5A$r`1=$RvjCxYb(}kl(BUVw<DwXr$kJcV9Nm
zM<BX?q4<k113md+4D)p`ZwY?rCxANHhxkJ=G%$d{s*${r^@cmoqHyUnQviPTfsiQh
zSlW9tVdJebfq<tWK(*pf7U-I?0NkI?OVly}<rlKCHMJ;FfFOG}>}64l-2Pf7BLZ{9
z#+^-W)faVsK=wm+YGFvnOAHqBNXH^$4Pn5cm~WckR_DWqbP1p?UF+r#9Q}7BZKVFG
z(m{IEZGPkJ6;qg<ccLK*85(wnvj@yfi)yM)Mq05`F%I<PrWgb#Fw_O{posAIVxY;?
zBZ6;zFm%NZ#wes$nY)O0sUQ)FLl$??vSZ3(_*zC~%~5lX4n9|mk!XC-3^dt%zykxV
z2Rf9PkOR@B`bwcbUpc0zbS#yE+K355W+Dke0QpP6enC0-FGQ=rRtsNhK)M$@6P7h2
z;E$*RsPS&jyGUgMbsBUqCzLV`>PXp(+;<Ttw-Rsg3z>S9p3zunw?_{YqwQhyaFdYQ
z1|maaHTQwTXZ8gh-R^gofM1BSR)l;3z_fTon~+PzL40eFzb_`QoWf<JrH%*|Ze?GC
zKq449+4e1vrU-g{A4_OuXwr4QV8b%p2Rf9Q7-tU3P<Q9FDca|v6p17Bx!#0@6w~v3
z#hU?XGZfPw@caQTWrO&E3Ct=e1!NUEKcRgW<UBzK60=<1*@qNI3gbBwk~#M`+c&4p
zX?o0oz;gc1m3DPAmk2b}9MmRJop|Qpnal$)B$8j|D{ZY0?f!h`?jA6~KpL4Vl~LS1
z2E2s`Ym82P!)EQ~6a;i;>fO8{PWL*z%N+L-trnQwYd6|tcH(w#nT6yPdShc6p`IFq
zWeNS^4dz1Y@ozM%#dzPg!EwmS3<;hXZ)G|Ef4p22t1tVPqeADJo58D@GGwp!QU<8#
z8rOZ#%p2Zb^jHk>`OI$a!Xjy61E4?HS(-_itfHT>8cQH68!{-QpOqiXepU?6I1*3|
zE<e(p#F+lz5cF2Z188g4E~-gZo|>N{&m+<sAFo=@EdNI|El6`-7OfvBWPK(*J?s4*
zF|DGj!|aKb_RI_kZ1tHPC^<B%g)De0jq;t<<gb0gW85_(zGi@lDNUFQl6Ekh=|qR|
zD}WS1nw~XuX@l%9DzU@4)Sf|4?<3p&MuW`0(%|lRWpxwCF8?D|nv0rlbfZQX5p|{K
zZZTN3$chFt$$>0k4_)BCRko22hGQ<O>%-w7O};cMTM+C9Ti?NY3!pMl>#7fZ_W#7C
zl$a<Idac*bO6fatV+F2t)V$H0L2bBbiDxf^mO=U$xXNJ0wU+2}1pFHjqMDHs%i>4?
zdQ8Xn$2wic^tl@0c&pMH`z;^qd?wvrpbZB&a)i)|j2)UfE_L7sF^z-BdZY*WNGeBZ
z*HP0D<4F7`r=xmtnXo?C+Wa%asT0uTIvpu=)AJklkolUkaO30`rV8DX6DxqKgw@sI
zj1%km4mKN(TzHc-66@OTNy5pkKmr`kR!<hX7&KhT!CV#$r^dBZQEM`qh(u_ex^>ls
z9Kn5$@}s$;52`oaw&HQ&p=^K=+v|pbJO`xKWn7OW$+T9Ck{D`6sAceH_7~a>457T#
zK^&P|^!)|r+)yYrHlwIfNEe*g;idQGGX7`zUf)?MV^ZFXO`9%uwnR@FaYDse@QT2*
zRz7kvv-Ws)j<S%fP=-g(rd0%y%O{sTllY12sqr8QJfYtS`L#U&Eq;|LX+lsw8p?l>
zdk>1u_~SjUKAm!4M?z|R<k06w4*~^zt^4X@$l%x|-s17S_&{x>Cxzcl^T;N{5+%Zp
ziY5sNG`6c5k1r#_nImLoHoYFZbOp>z96$X(7eNli2(E&j57_+q!xrhJTJ{3<4)O78
zVs`D;8FK+w$VrovV$K|oRO|J*C96(+59TK>jm4*^u=k+o9TSd1!Z{;6b}Hb7VS}4#
zFHXRp$|T&D#hJ}}P86gpGPs9y^h=vuk!vDIsX~X%?nmJS1y4pgnJS9Hh9J3jibW2e
z1|LV`2{Q0b90!Z+wH}0zF5>Z7IlwlcBz6GdKTe~B6?j>7bbJx-q*N8!kPPtADcjL&
zDJh%ndi*?8<=(;9U|OjB!9n3>Qzw!V<0bMTwJa{mgvmXr;)^h*>?3%=VY^eRAVz#=
z=t^+Ylx!LTm^VQ{VDR`T`|csLFa14wUr~$;jUEK~@_KqY@2j>l>`AkiPwboY(dMkX
zq4_f`cvd#j&Tn>;KL73RfvpARK)b#4R|@|<J;rRj2GrwUT=swvQ&DIfof=?6s{kLe
z=s;f%Xe<}(|99y~*$ui2L5Qf|feshlTgadc&Dz8<MCfTVG@qXw`C=>;Uh0m5%PucE
zK^OPOkLxJ_P$GL+c>xD>{Nn5|0n5r(WeNZi-UAqQJ868-Tyn>u_vRb=+P^uHq1C|a
zL9|Jxv#F7WR;?m3iWwhGQmm@P6S(mejUf4UaNI0(J~TxYtMKD4^dqe_Gs@&~gazqz
z;_If|FosX4n55;5&XNC)!#zCW%>j0mi~CFG5za0o^sJ~JlkQX22}+ePU!!uN)kDh#
z=tL$%OfxD94l<a!uyr_itD8=8bv%@))v>6iAZw5Az@9atJtUZ+aQlFK6gcv9G2P7l
zTjKXWMj1-P+`_88<0Ktzth^3wnky&LtM0jAI8E(UuQW1G7cSTky!&TEgHY!u22ank
zg6=V=?TkjtKob6(oR#H#yiTGv-g&0f1A8O#&yi*0&$=;W;yn}O%Hy=5nU)dXnffvE
zBzG@eFWUR6wTHNF*AaHCoq)4zEDXphpwYMurHBnu>{PQi9hPNWq3KjYEA0p7+Y!}f
zR+%EGYY@T6j~lij^z}#SjfG7PD#d;Tk|WRQb}4T(PP77H$v6`FXg5GS#;BNvUkV;5
zn4AHf<lDkT(MR^=Z$R#_+QYoXz_Bh=Osh$j69It2PS4>e%W^VxC$_Z;3$wha8NJ;P
zblKn2(WBjh`<R@3PhTaU;uB;Fng@e$EJZPeMWkRJ-&qf>Cc8OD8^Wfzmjq`<m6sy?
z_#~Y|&T759)?{xy8sqQpCXHxo>5$9WxD0N6IQAKkZl8OuVa>hAr88)>^6V{gu=X42
zKMsd+%vJ-h1hg6Z_K%4KxZh}{wMuTD{AgIfGL%u7e|&y(`#96=`2A0$i&Jiu1J_Yl
zIG@CH5NmQ(Yq;*O+~+|nAkJO={ot`%(3ELuia2Lpn)kpbLKGi~l*BOBBX8Y{5gDV0
zG_x5mH_$1BQ(j6jc_A$a&@8R1wX>O0ajemDSpO~Ln)^*5$jtHg{Wo=K;)%hf{Vmy@
z9VWIKV=;`^PoJY<#cpBAeE`xw!#pjvc;GPmeE1H4&0Oaxq<mL?M)ioYcTN>sQQUUu
z5rBvne{zLJRl3Mw9bM>a`w8Q|1Y@V{@gI^+(nC?}v_hKeW90yctO{|+&D`x7+Z$45
zab5XKwsUuO_zHwYoaXr-NL~l6n7R#0z@O&n!Vd<)s(^*CW0{2;)AxZ;dnfX2<$pv&
z1Kx#9LZS1rYFE!mUrlU}Le^D$HV`i)K8eZy<bqrBDzSkIL5I%8Y|=W)8xC;Lg}k&5
z1kfam#0kJ^S-c`sKnK9l_>bm(Y#WVtz0^P?X{3Zc1qxCqt(eplQPh;i_5Fsp>};3H
z0+++0A3-2Ra80NW;jvss__fFAFb$EvaAT6tMP@p3%tfz8LW|eEQ#i?_bNzOSH8|n=
zk7Ffv0S<3vt1%G#KPme@X>9(xfIpwzOsRXfs@2;Al_NA323VVa3Q29gqe}ieV10%C
zYG4B(0tX}osWeLY_n$QDXK5w%2d)zOpBMM!c6Z+V|8L!1RZ1R+0Saq7Pn9!C^))Ey
z+Fe^U0a%?i*3(@FODlolt7MW{OOoR5OLEB<JA#e(HNj{P)@<ox>4;GBiXzgnM<Tyj
zLxt_p*4#i+e8-XB0Y2@!p3Vhr@1+HOsiHlyA%?W=dm#B;#~Bb9ov~)qiPW;($bsaI
zTRlE5w@4<Rnj99O^HJQPP1eYM{)859^8K$3M0e-&1HU|DTkaoplL!QejE94ds%-m2
z2t~I4;kV7;K4`EGA~5&5iUbIcjR-8(13+dr)WNq=41f^aHf~+z4ZCh&X>4Qz8{b;Q
z58C*xi(7)6?ZU=s$w)Chnp`7!fP){*E*$kG$!SR0=pEEX8$KX4x=T<??F7^&@0Vb5
z8i}=dS0uZ&z&Q67^BQw5S)VuD9#F~KR1x&&`Wg1dX0g~NV$2HFn=s6B%NdBdk~t3<
zhwV$ayg%^-;?x(3sce$TMZ9y?D{{^Uwc_!`=&1LZ&U%tTzo`?qt#;<q;zv)=t9fXr
z4R~Q%JV7n|1Xf)`OxH?@1x!?)C1Du&nF{_!<PmN3q+EO%+S39KaUC|3@GFE!FP7vN
zFG9lwuY)I~-B}Yw>u}sYCs6p_(@4hYgv!^jD&T}?O`?Z^NOvFY@(C`!Q$l3mK7(@}
zp&THPZQJzHB+PDEBIB-s&)Jzf_+Z};kn_RTSf9nwKjJ9~&R-u~GB$TGnAGV<9DXpb
z00Qy>pc?xzCv0@P&_tBPI9O`$#=nC#>CyRBd|h`XwS(yG)K#;6P`|&(YX+l(-jX@B
zWgDP$>mv<p$^@1{5MWcLo=~FmzbZBYEVIYFF+$wO27f;7f!k*z^&fW04hh}ZfSQs_
z#nt74--c_nT!|Mr1-&^^LH_Kt17q+8#67X)l3Mzv%j#fRwE?gy55*6#d*kdYL%o`-
zioh2+VraDzutuL_t)V(wPueM1tX&QUK~jRA$_@>}<f7}ul;ryoZaGliWILF^@K{rL
zfQ37|)UhqXlyc*UO8#D+1~z|KYM5w_eErQB6y-`frP>dX7*9zc*OO%4+IdE^v1*!>
z(I4!wh&4OHWdMnyjIy!fN{hzXZbJRFOcSp7!Fv3`D6flEwR;?>{lx+!>CotFoGOdj
zG$^(gRYLt9!rw&!mr~{N6_ZNAa56$kU$cq=h-z4aJ7--j_ap?bhR)Tnc209xut13X
z8gd<7I5{lvU^AQ?2t-7m4O&APBQWQxfKd@o8^>*vUfuVtz(ibQ6t=|i!!g{5PYGME
zmiP<rdsQpfit4x>{ClD5+M$FXeNsRXG&JUGLD1_>ElS|#g3>l$KiQuxHWf0Hq8m^g
zt~7(tH4M!)IPEFk8uSZn{DYy{Gfe4NFHTgC8&=NtKRfjw#UIGtujYz@$;yB1X}S1T
zUnDY&?Q@WDXd~<7M&d82aiF>GnlyO;c}_@Vw=j|A$aw~lwo^AoL-hiOn{1Z}xu9`X
z68KT2VSaYCYI5|SK)xwwx+2XgNVA;y6Dsy5yVse~h7xj200$iYm7X*K9&g<sG3ZEt
zeWMS=8~ZNHd(&}rD~pF5Wh_YU8Y|QIz{&|7{$`9hFV1nt%9R+2C^mARl?9hImDm_m
z<6(>z$dI{y2(Lfpf+%zWq0YE~dNO;`7vhGJPE%U|MR%7*Bh&><r<Bf6Up0w0CUz$@
zS`y}wSj>yR6|~~YGZG*BI_tW>Kbd#v!<rGNVb!wLl&>^~-y^iUnEvGDx*6X$e~764
zvuyMon504LXri%l;1Wn<+n56dLST|ZwCj&$<8Gv9%|jQW$@&1;YrdU%>5^%bGGT5P
zfim`slp(+lVcA=T*mC+^YzV2LVvgXCr_r{XPAopTj?|ne@QM?vA9q%)&0IaA;Q$?M
zO7-%P$bY!M4BU~gGfd+TDuV;$@FbI%R=}u%G%PjG<c|;hHvxKw_XQsdxyJm1p)xY`
z_cS{owYl#lW(KOv2nU5>s@Vsl(AG!~M;SZPqtM>Z`i0SsPC~P~y+V5M?Al=<6LbSN
zAJoz`HowsHCYp%S%`KnBQNN6-y|yw>TJyA@>4R+Mu3BC@afo~9P`5oxQtSXIDybYy
ztqLsMFy}%@>Z23ke{!zn3!}x{`96`xoN9TRuKTFyjf!t${E+u?=$LY60EA#97J+v0
z{8PNHk_G}#>e}d#+gOI+IzIdt)AHd!=r6SWY+dBVlDV9$M<+6o64P}^PQl(|J7lyq
zfl?$WM}9t=6Ht#L#&_~hsDkv%2$#qDK_?GuH5@r*i0v$sDW<|#<2M^-om*_mwE#IP
zYuNT!D+(@jTempt)Opf|x0|JFi{U95uu(_v+3g<M?a?a7i(zGC$euy(VC`(M_H)hy
z0&p2^xe655yU9JT5J8V9NZ=gSvOn)B;jf&+r7k6?%csER!~lmN%VUxGrlIyc&cc0I
zenP;PyE0VXRC_j#wuf-Iw)RO=ic1E2)!x`~vLkC7RX-s~E2U<!B&yPW%wZagLRRi;
z?N_t%dbVy)rSJE>Y{c)!;+o<=0Rxr4-^VI@fIoFL%|=EM_@i|%p76aYQ1(-!_@kt5
z##4vo#U`Wv`z3=vg=%2I@LCUZ$k%K11O2xq<Q^?IH#tlZ5UWH~9itiKtra-RYW`t#
zz3IRmSP_a&yCCVqSg<S_55fBMtBi7~k*pY>F9i4f*LnaIpEf)UBl9q^mcxBfGk<6=
z1+x|yMU>xRG;0g(4kPmDV}~hu|H(12^rAzhH$AfBfB@^?E1+Khnkv={3dh_K+yOE{
zV^?t-!|q5KJSapQS%z9E+|m2pi0BBRM{5*}2ZGQ(7g@j%9z=zWum9YlNA~QUaZMJQ
z6@=_QJ?)ZKwr6WXJEAA_Sf(t=^|GqGGBZ?dn;TYVYPG3eu=zk&INLwiSKzk*xODnR
z`KcGc5_tR6jz!2MfuqsoFP@J;f}#mD(l(-pO_NZNh_3z$)==*}zZU)>_wn23t7q+Y
zdt7a<7vZvCw<l)u;!4G08amsK>8s(TaoI<UwOR+>7HXZQu;!2gxnDRwD>9OtpEX>T
z*J)#{0@A$5f(t~kj+KnAktEK>CZ%Lu_j1=p%%2WH+jVkGiOn_2EXW$x9+1>=?LQl{
z-Go_*7`hF!FWzRv*&FX*frF5Zxa16|9oFfO-@g8?GRI9S(z5eX73vGXLt1t*qoE(b
z_;F44e=Yvc^i~K25S`Q+nLPIp0<mga_9)bv!LKg}+ValEidh`;e94s5Re<a5K0*cm
z&!FZPK@wyB?9dfJOu9C)#weJ4vw*KSd57|Ha6?4(7&_4(!Fw#2?zxcH>xftuDRiW(
zHm}IGynpi*jbQlOEBIVSOfmR=IYmKbu&My)q8ZUu`ttA?T|I*X2Zx@)wG&;;|G>5Z
zhzLR#K6R-yYSt)D=n{dCYnzST0>^`#b^N)w7$LlW)=5=A7sYT_d!8F18rrh8nRLOn
zDnFm=y_8mr<Uf{4oUKBg3#knF3f;NAJ48?NWSV`Al~m2#a<R^lgeU9I8;REZPKNEN
zRgRa`Ky5@1{e7zKwT>F^Ux<l)4|tg9HOFG0U}7R~JQ5z*^2hwE7=7-)D`Ga7$SNY?
zt1xVn@EqG`LfJ@m`|a@`)hkN8VpY7-NE=xl=TGXJ6#y&#NkI*y+$_<IZfxy+%Y8$>
zG!jF*#FO11ti4;PtkZaI3h3;J+w?j%wt)lYCzm>IZDP8PaOURW*z@Pt2$GaFMsn9D
zU=v+J`OFZY^58mmHeihd=||Y(CzzJ~CH47mH3}vLmH74+KlThtSRxYHMA1`4XPT0$
zdU8zZ*Mds|zg0{#wl=>$WUPvGzby_qAbPfShKimA)wa64fLjE8hVo(+i%t;lKD2nU
zLT*TAI?AJQv#r~K!7^*YmT~@A(I4n{l8{0O9*{I}l*!)d6AI**24#+JlzF$TIPJs>
zE*vJO_k+oN<Ws~NxdZ~C0crXbxX|vQCANT4?@D8;(+eIm06t(2H0BL+Wk)HqkQPHT
zG^s^qKdh8z*wmU%%oEdV62-g$Y%7q)CNybScEa<N(Bhz(RrsSgnMELb4l&U8(cR7(
zR%O^Ts*m8Pi6bDeeQha9bsJKY>*;tuLB3e;U>_M+F@ik>$OuH&S)M=9$rJB;KK<5n
zhu8Dol;fxf`N2?>5cFJe)*quQT8(-G2%rq4C|vJ@(X*iH<8-SKh~n;A&l~q7gz(fn
zSFM57lgOkeHYt630PDGsyr~Ji_6=J2#!2H$e*_F%UI)x(0275-52Z0O=M@O}HM+??
z*SR0D2~-VnVRmsb@}N!3lX<@Ra-j7!e^VmVqK<dVl{0w)i|9#Y=y`it0z)yE3&Zz6
z=TX97pF?~Hw7`glp71+rN{e4*Cdog-V~Rcj?EQ-LJP{ZA<?1~5Hr?O>uze9dWg+QF
zJ-IO?T!?Z#+H%Cvt$ilt!T4a#n<*`&A2B5cr9{JLchp>+k>R^|xwyZ%F^wL|xF;~C
zrl{_5E^8LrPe_fZcyZo3YWjHCtDaBvsz3R6J-FNNYA@7=(oim(btKWu-mdeYUiZY5
zf0!J&b+&T|J+rC~q!Yn}PxtfDTE$U+a`0g`RWrG-Oj@)+iAN{LIU^TWIy2!c!NNrX
zx&Q2FKlDh~H&AFH(^3*3SNPg(+oTa@M~Vj!^`#&Gt+KxWn3@;->}G6c14g%9R8LA8
zPplPNSKb8SYfy#MVj(C(gGti*7bzvJ&mR6(Gs?bgLs%$gyVC#2(i>i1WBzHHsU8ox
zV8X!ls=sX5wc>|rPZ9@q6f~7=bk%L+vNoJZc-5=cIZQmmmhbt8&}yfr^b-oWw9Vgf
zCOT&K$13ZfXM&pw0_|NNQIM~!?$^%0hm2xkTAZ0~f_B*8iit&N%JijPHUQv#jEc$1
z!jFOQvAEgXgj|Z9d?LmEea2wHYJMPL#ZlvmTzAM+t{dtNpG9=4OuT}qkH<A<@Nuhz
zQ-8s`c9SL8PPZAz_n)LHICg+u8{09V<R5CL9CL|j=>v>rQB0(dVIB<ej>@@C9JS5R
ze5x@8W!Xyvu(T<{*p0^2v6O|>GL31^y#U6oZUP3yf5rDRT1B&74G-zm%OAzIx=dGQ
zM1iAe)uT_9jb_B>dK2Bz1k1t?bfJ_cCl@;gm1ZhsRr(uBlQOkndVGU!W36GvVhA%)
z`I$-MqbHA1_!P`9YA1z7F|r(cAvo873-EQr^<&J7Aw3XxRBWrvy9H~u;5KdTS5+Gy
zhUrk-dgH-llVUgwRW^-{D&NjLfjz+FKy}0~pr8kV(jnMmOGexm-f$x)qpa7B-@Ua1
z^Ck(==^k+DcESa1r+;qnS$WiA)YwVc+<At(nC6X@cfuP20_WuDjn#M(ml=`~E8^Ha
zfvGC%0yd!EAr8jo){etN8*t3v0?j1zH<ks#^0d5&{c1USEID`~<kOmUtkkk*O>nuA
z$VEI_`NRSV90F96y^q=AtBdyIi%KWG!erHbkqHr4tTFK^<e1(G^`7-}`gj3-3i1kb
zZ0<TR*^e3IULPVau9G*eT<nxfVyWyubj0M|GGsEVOalFt2PckvZifJc-PY58LEwQ;
z%s(C;5@y{DIg<4FjlSOlf8o56BLtXh^8pi!ZQ)Ifz_O=F*G0TxQL|x`a(!(v$j4hb
z`_aJuPd=Zx_6CYcOV|J#&?3`;AJQ>j+AR%J=SK4z%au}5ihv7&{7I4=l+`4MqHGLP
z!i>HPRVJYn*MKqbl{`+R{2_Uu-xuanW23Y6WjpiW9(G1r>%E-(ICx2FWZO4867z(@
zHa#f_bU7a@enD`KgJn}6PB!<S5>m7w?USJPQ}cLSIa?|!t6hra!X_8i8RAf-r~z_~
z4LXNT^`GpxH7H1skG2xNIRDfFC!NtZZ)!2J`kQN*yY8YA+Re`+W{uj_r{|Nfix;_)
zatzYH`iunGV$3vNWd;788n=9<LSl^(!!sx28TmPSstm!w+7#&|Lko%w!;y6<PuRmj
zw7SdvL0jzVRVqUtPkfi3Df7*MT``u;;%z^?kGCRn;l^O*Cp{8_eyR<9tm<d@x}}Rj
zVmzOe+z7W4A(8mdouiI5N_)h?t+#@dMMzf8n^0JS1ntN~4%U8LPE&JH-&Z>*uG<qt
zKyX8!U)f}$agjUvthcay(B#vOrx#=}owx#ii{`^+QF-^xL^@I&EaMW}Etc*y<fJdC
zxvdBe!xk8hi!=I!8FCIPv}Z!KxFet>bPpA?C3TA1xpNFOn?S;oFVESUzd(L5KAY$s
zBFo!p)$2LPXZwLpGo&aCnQmsR)I~Q*^0F1D3g^lkczH|-CPV@1se9zenqs{=A2@yK
zeJ@RNvQZCr;Am<imo6ed@+(?o{6`{DTTQofN^(%wAjig3LD6is9;*V?``c)_!^VK7
z+$1NxD$AqR*+A0=A+}6A{tR`F?A!S9!z~D5LX*I-hR*U2Si9mGGyY|(RGETN?II|s
zUn}cevHO%_=_wtj!J^Xk(HNRx0IhTEMlPB)5a3bY>)XI|wQ+r;B8e(N2eiz-NTBmb
zItx~36`KxuFgQg7^QT97y!&!4oC+spryE@~w>Py7?qW`k$^6!^_^U8bR8>;65KGVQ
z^Db8q_C`H2&H2s0#<9jvigSb$bDXF?oO5xJpy@du9};>aiz>CO6;#Offb)p*+#RDD
zGhlC35x^kQ0Le<aGGR(QRd6I3s?DL)Hy9$9KHiD45=<U=;!Sc-9o4<>OK;jpd5~42
zW>FY2(kf*HaH87MJ$P=J{Dj7EYo6mq=8q|31<$*1Yl$9~<SyDae)G<e#N{X3{-P~X
z$X-3rn>fvLt2aKJB<H00owmr`!p}%RP_uz_Etsd)?xn{FIZnwj6h0DB9*!>n$Q5(e
zQDQy3)>h8to6qJPxl_v-cY4$t)1*;n?aQ#Mvz%~``^ZWQSN<`CRAFLL39lsWI9oYd
zu(e{oY|ItQr@w#)N3?7d<Kuyp3S>trRK<>N$WRf{36XYdVRG&u{O~SkZJfIbQR|#5
zUDjlv=$)g49QmA-_LI-+d=PIrPQze9H~X9SR3m-3k>k)TeI`hIP@jwJQr6cdOXOfD
zM@Crbh2X5YuT?RJDZ?ohw`C6plqeCA6nswb?g=R2Jjy?H^cAG==-m$a-6W2bLr|hQ
z`IXqsM!ARq;W<wmJf1_QK<9Xtqd>MD-?{sG4%)5)K<$?22clpIJ%>zzoVUrvISCYy
zQ;csB1t%6#OZB(J98A%}m1BC2w8r>go)@LD;+!E^7_i!7w^Aak(Ev>y8zrYTaCs3T
zLu3vyF0`t1z8YJT9o?48fmy>-^g0;!?r&N5>vd|;W-!q098Xx{bC5A#*#_z?8zidP
zbIXAYV*c7ZP4g?0Wqbj}jIX-2+A5pkoC--&sm2S4?-EWVEt%E{i{`l!M2mzb4b2|#
zM$gB^KM`jYj~jtg(v-?f=8~4`lbDd_h3OP@*0m*}D_#1V8YY;bbOw1dkfT()#=~~A
zzEVMlL=uQEii3Oowl5}cBrciAw8Hj|PnL2%Lk9mh04bnyBMtG`sWNiB5jdXvk@C1I
z;+5lQ+An_uzPC91-I<Pe9a-BS@W)xXBrKd9g#ssemx3FOWoUL!JKQQDf4IcKIAiu;
z5CqxsI}<}(n{@oG=SfFxKmVd>^8aes-Q0+=?N-S+P(dptUPhht;q4!t9q`nAB`zNx
z;hKUUg~^@AwUIlSYfrin06$-}C%hhj<*U=RsYQD5v)<q#)eK7|(qx4DtOki@vyPOK
zbq+_JH(irD=Fr~LY5;dDc_wY(0ql6VE0}xl`6`@PjO%UkmH{*WOy04j?D>x=;&#O0
zBO@4LRa{{!-dE(qNl)pD(TuXo7c;$>_gEI!U{_UN00<?CB;2gbRU2*U*RcP%7$1;>
zC|!G*bjfulvr7rU<V;3>{4YAXG-q@|Yi@KAd%UAF1G}fL)(k~;lSDl3FglA`xBG8>
zYD8k4PKc9qO#GZB$0-SfPPRMjvdfRxVoi6rjr4!Ksf!vQ=%|j4ER_cyMNWpUcsbug
z>Cz}*Q{+0^c&UZ)%p7SeNErMF2F#oy^9rZ0S(uTtx8`+M0>q?rlbzm;G20}7nabow
z74;eOM%HO3dI8+|B-)Z>Do#Ub#+?XDGhOWn;x3=pvcxnm<odZR9fr|$Smm05R2Uce
zSkUFC=~E|bA^YGUoD%+%pz-q?;aBNVIL!sLUdWsm0u9o8aLNMWl#I{@2~^5nTGc>J
zIs@}e?!6w2!2OcfZbTlzzVT-jwYsCZ(z<d(9p)s0Gj&y4hev)4B9g@OM6+<+I-)Tz
zxs7S9L#D*K1OAuNyZF_GDB9flAGZ$6;&5`D>4-$3I-dxA81xbdFq((;TsnF!Cz8u-
z*#xAP!HFEit4P=idMZ{``5HDp0Q(I|TXK&cQl=fo*eeiJG_xi<+o%ETB;bg7BUY8_
zRuyHd<#bzbAWzu9NZrWijRW~X7clt;T*H%&U-ZdU1Ya-*SfnX!9ggL!NDR1f<@*h*
zbZu7CsXal%jVJa;f#bV<+%><wb(Jj@3eXtyhM(-SjUBD7MvGl^(i~M?-m~t{`X9No
zi^pl(Ue_JlqPA_nGT3_i{_*g&O5Q>nLg`_DiK6!k3zXjXW&zkDMS4!DeWge!-*>_>
z))!EgLE5W8^}0=VrYK9{g1j)w4x_gUp@&Lg4){JQ)ktMYj3*1f*`zVjG|iAhah<v-
zip5Z*F3xpquV@K_5?_EV1fbMzeY2AUhpVqqJr`gygspY0?#tj*0-w2-=%gK=(?Nr&
zBb-W6-OP{4!N^6@h}er7?(<qcNP&kkoo*FC+iqb06aV+_1Bu^7(7Q|ThZ!>a(!f74
z(aRG^(o+>vAwy8lrNKo0LqILj#x^t1&dvtC+wdCLI)tpLSXV3n<$?E?Bka-_>!|MM
zf>=)^8EbX;UWSB|BJ(<J?UCt&tY#@4v9uN#alzoC(`D;~K^49A=J@$_u;egtj;t-%
z-T$~if9uy4TOwR*YVrje61MJp*1X2x0$8ytfWd@{@MDeG$EB=nfJODU>CtK2K?<u}
zziQxOmrPLx^L3LVp`5X;ltQCsf2P%X6RcGWrw&8`UUJV$KT?Z<3k6{3T*;b`27f!%
z|7;A;V*qNAt)U3JVv|>W1rWnm=fQJ6@Mv`g^#o$)riJjQfwJWp4or*NEp0INTOywQ
z4IcwM8HNvA>`MKuGpBDJQpjpba_m+kJw)&0YIl8)*03Vobz661SX%b&)=btv4ZS`t
z>*I6IH9L;}%zw+0v<CR?FN!~_^CYn<Pz-o^j$Xg@O8-Gni_{hDj9v_jGF|<*G??^-
zsIE$shUc}Q4PEfXwq?~3aYXMlrldPK()3>T3;SeWYvDKNtywUFA+z(F@0B%)*Mons
zVOvJwQ(rwI6iAfB9h>->yw#RNbv=uqeSV6EMl`nm`YQLiNG1eF;q$Yh&^iPN6+l?2
zgUH66HS)4LB8xr7XgoV|U#s-Gee2aQVwdCJqCW1MsbDVNw6i|g!o<XNhOM1xoHHpG
zzkNuDyou78uAAtaE|~hp%#o76Y8AY<<Q99gJh6rW1y<H?O6q(0`c#SaZ0x>-v%4|t
zJ-cEBd1*IKrA`kSWh0PCqxv>vm~?2O4WL+EmQ`s1>XQ^udtkC(z}#-TO{~0(m|X>2
z`|ZB|N=qd>dC()WPny88lnV}U89?X;yqN4l<h=wl^r*P5Fx4AvRy*^{1{w$f483qu
zH?&-PJqHY-RO>Wd`)#k^^V)hhSN6KRSlvbD=uP0^j~M8Mc<Z_OcT8v@u>NDoQoRle
zpvaQ}`l+Uh<v*7;%i^d}?(ONoLI2Ko{?s=&_C~!EE7ve;;A99(=U(3mrqya8!7S>K
z%s96=t5bSzyTI@jG>!#Mk8Ok`J#H=w`*Owb{IYgQv3Jx@r=l#7(g=b9rm1S=w;9Q*
z9zWmjRRykC@Q~<4gjK(LBV(XR!G1$Zg|nIOYhN{GJ>!A4+O;F3ZImm~WmL=jt!oG7
z0$17RSS#8%r#1D>Q+K}<UMHX*-OR!o3G9sGiG#_2pTdRiHH@5unQXPYK-anhnXwK;
zAmrU1R1C<J2vklIblr$u*7|gUcF>R@q2jtQ@p=o6Kz~jc9OH0j?)-M-7&NnmqzD>Z
zpfUJsXDDOS&FoEqH=MdW<z^!jw0`U00H3Bua^$KGLytvIGJHs>eH^v>!D(lh2)&1k
zSMJgRr4Fh)xn3Yl3%NF^9Y;^E@Khp1kZ`Tjv08#N*>bM?$A>StLQtp9vO3wJB}UZX
zYekR9wea)PjAk6ez*eMsB~QDm-~o3j5Z*Q(t+ADIiPDB2VDRbiwj2t~YMOt;?0csr
zmnJt8o<Hs2&VG5IsH!$5?kw&lww-P#%GwcuD$*aYn6oHajpx~JEW!&vwM}jKpI!CO
zn0A-?grbft;_S7ODErT%(#t-4pbl>+Nr+}Kk9K+NJZ`W>F;;}@$e+#rAV1RDdpzvW
z9m|l)4=Mu5Jy4~-(Qg*|@mXM95z7|sNY#j8_1H;|9cfp5TJ`$YGt$BnK{j#W;Yfzl
z`t!6Bx@C3uNaB6Bh<vj_+kEk30v7)AqUVAn&QaW2Su6k$ZV4k`zbz+C-?VLKi+*E^
zKGj5wU`F;|@F`zA&D*i-6A7q6LDx(&{Tkg}ge}ol=H6wt<;;dY%%-l`>})l~*3#>?
zn~it+R50(*=x+1w3N!VtI@YXrGYFwlXH3`x2X4Gv=+3-8a*f_XuD0H>`^XYg|7>#c
zv?KM8LXpLxV&sQ`W1_hXX-kZ7D4=pD(h+0{10q_kEP8Mc1Ka|CoE_qd27NHv)5tjy
z2kXRR{UB)Fk;1?l379+AOpMVW-PvL$eo}+t)O<Px5C%Nr=`drI&R~inyemumQ-k$$
zjCVT}IF+nK;fQS)aeO*%e7uX0@y-rKTieCWHyBA?0d&pPcX!`@Mg|j_x95uWdmlDl
zm8o71YicQOitzEq*rl@JXg2N;84Szm%925~PA=@&*5>XsVD7dycOsjK1j%xq&kIYU
zwEdUDn4#z0y&%!MqSOJfAnu{Ml;HED8`QAmfaoi(c~%ZLs?{*LH6#ANY&eUGk0H;5
zEOI@|cv~F!zqr!7YH9w6zvhvgF)#CuQ(~2MDa0wf`_p+x;QeWkM}SI&wX5e)6LWeH
zMU8oBUtsZHIz&#jEU{#Q>r~ywLVK>G)9F6vQp2%Ep32RzR@?u<2(5@4TBe!{!^f+b
z@=8~)w6ex7B11S;9RMw36hwRM>L3$XAp~3NvK}jpKMLxUXCelQz_7l!6f<w+l0Pf#
zis6RKmjD`0{+AP<XzvH7`3DGxNkr5eqG_Q=xi$xE^d!dSbMlWjDWc`2t%|y1I{o2;
zXk4nQ!<0mrn<ZE8L<UH;WKpsLi>?=(STs)S6ve1B9mphFb$D5Z-|eZ0O+4X}14Ae&
zVYm6?=ADadJ?|ho3(6W#O@)FZ!a0<f#QFboQI(dM5)jml=n!SgxD0^w;&i2gd3a84
zQ8F&Qog=PbLiDHhLPkk5(`tw3JMnrj_sYWK9Mn-*N<tn3K?WyRcjoF1S)EQ8{~J2N
zU23h$F{dx1ttcd`_0XmJlHm(bnDVdkV#0jcwxh|d7CBh&1H{>$OgnW4i8J}`99rhP
z68(=Ak00|WN5+@sfr0Rh28Bc#H;_MIRM|TG53kXZ_Ym}p_Scg5PHe|t=Hojut>jXU
zb#ihxgPTx97IoTcnMTy6MRlFzi{EBfZNbxFq5&Lbf*^0z?l`gDUC~|+RC8;Id)G9*
z_m0qam1q?eE1R|lq_VVZswHPC!J5M(*$K^fC3$E$S5e2P1R8Z)f7VKFBNA`3vS!)T
zSk~Gm7(3rgZBXZ_AaIW~4S1#pkxx&WFll=KpVa(zAQ}(-Nw|n1jF~E!RW%U&_OCHe
z?;{-oACFrGuaY5PNj(Ju90aGR<+^BHqah4<@Fq6-Om&O)vm-uOmys~yWAWgZIuXG4
z91SPXxBbMQ^2GvA+w6KE;N=_aLE$5A^bOZRwD7!f2meN)O602{J`nhIH)L)8o|BKK
zDTUtr7#eFeEgu{WGjek}NF!RrMo7O<<%Z0}icgndp%ltCuYpId1rIzQp1R%dD&kAs
zVZYCdFr4DWORhBi-uWDsr_WFFvc8TT+r=wS3Bjv-{=&`^wPGML39pJymQbjF3>KwU
z;Qf~d!@EHf%DiB`z!u2JUM4zj2HPFbdMeCh);4<Y3GjElrajENCBBRA0S(k&)1it$
zKxBf#pp0OjXAb@}HQ<!lte}JhW*wEtBOO-~*Pfbq7UbT79%j%4dQ=l;URV=|&w}ai
z4#;W@G^0&X9unsw8j7iQSRr8o)xQ@`(<`bBJXgaaV^8b8Y0FLoSq=KxI5CuUpqk_Z
zBW5T1Cz<m$o<2cy(&k%68$aV&)2X==Fqt&sQ?$-@q4Pipw)*g_9#{~sid9s*b;zRK
zBXXn&@YVPt&SG0>mP&V<xySYJ_FV^vSN=?O*d?-q6_gwEUK>O(3INV3i|s{rV+Qk-
znS!yk+Bi}wPm~Lgulsd+Sv)~D#m6USk&;e&*ZWlj)A*jiGV`4&-uiGI43F0qQpSX-
zsmRI+ZdU@K2+)PS_oyh0?@e{Y;>*{H$97`==n;f~cL+T;Kg+@{XI%F1#7qTlKXdYP
zy@(ymt=|I|lMLi_S5*BNCp>G^g?JT>&GYL=kVy?<$qP7%X3CqP?nhs&p0V4&rac^4
z#fxK0_VN-0pip@l1a2_252=w&iukr`{IsRG1t667G&PxQmH7~@fENvfetE^C>H7Bg
zHeW4!x4ZsY!3nWv(6in3+ooofK<xqX?T+12yV$xwwooA>abV9$cBertvrJ-TZ)4g6
zhbsewkjllmig>^#fxe@|#nJ-7!N4L<3+Tz~rEXmpGC3s@c#Q3bPRtyHD~1`*G?9lB
zK`UG%fVK0NWN@M4Zqa{B&!PakrLK>s!rEL50E|372dLgAxktc27E&Lb3YVVJEwu!^
zwZbC_L!k)X-{59!o2)@>c61V{t^lU2R=&tv084i$6FHKH4t#wFP<eY}oW$>@^`5M}
zWLc017)-P)Ig#L8^6~q9*ss`Y3$W=?S+dQ^@Y@$@fkdf6R(q>>eWp6S=qRKI%k+&c
z7IR6kZ$CQvTI1$PTO`gaG$7J1L-0S&8wIQu0ZHtE&fkfh+I#qZaOL^ugh^K?JHlS2
znf1T5rM)M9%9jSeM>cJ|T-2=i?s)uh_}4URBf}G;utY5>r~Jx1vB3|SwXPX|mmGt|
zI5<=s2)dib&SGI|#s^~gA!gN7p>XfPIAx;%K-(M998_rKmYl7ebZ&U|@h>2Res}FJ
z{10T)VBuEna7hbc{U;y8$G0u%zY@QU!5hL^N(j(6_7Lg|Ml(0%`csCF2kNT7XUQi;
zps^uAt(SRgLKzZ$p5bdpuVn3{zv&h7@VB0)JeA=QHX<?k-Y9#H+gfnR1@ZDzr2uq5
zi@z+ctzK6UtXO*-w^0!<2`^SKw7QhZ6aVNpN$;)X5E!={$fRr#g6fCG-c4H7b`EzV
z&$Cnbl*~s3?3g|mrOk&!k8>i59t8}8TN~+lQTjU%fJ?9YuQ^=>?HarPGAd2xS|e9R
z<t2J9_mEBV=%=(iNQD-%#7<*PYfoS5wwFBs=7GA3)AM5fu*scP@EvzmM~4Uu!Oa~R
zS+P?|yK8265t3erf|!yg%|P1abj$^WV!88ci{_oSnw|$wlWzKbCaTkuobOLBB#VUc
zj-%d%sjXfeDb#WSwBD+7)_N(LwDs`9xZ4y+{&Gogy_hcB#GdlZ^wBpp^VOdA3{1w_
zs|60Ry}vYbtDM%3KHB7F%Izb2kvkL}K~)<X{=}`lhX3i5@6%!;SG7sCJBFI|KEv_?
z-HLpF*6xeues`V>T|=O%u-d8qr-Tr-$+x@&%IU6jgA}Q(sW6or_fz=0A(BiWvp4yO
z`cFQ4_0}fjnwH$nbM@a3RbI*+7)7Hhd;-E)qE=s0BLFiv$pO9+_}6SJ1qPs~u9TF2
zo}i1aL6FgUCBF$Z7O_mSmZxhS12Nd1eb(;XR?^kNgb#uCay-J7ot0u*bgdDwJ|_!K
zfMj8qX;>jy@3+Luim7&3GlURW`MnK^mdRb5aL_s3oMBg{af#5eNoYyyA+i=4m02)J
z=j*M1^kbs}8OY%4SxFcxQSI$Z&)3U`!QMe!AbVY%uie1=zjSiqW{<6>9_svwn$9On
zM6V%Hq4Kw){Y(zH`rI`OZqs1pXzlAE6bbf@g*ZD&IeJ|7M~~Q>#h&bt90~>PnH^Rt
zh-XiGh3jM<x(EXoLe$B9HRLMX*(h(aj`^vjj?g@ALDtq$rOU|_v?Dr}V0MfP6bABg
zwYI`HX#54kOsmav`a0YF%xD0W?*r@O*)WtI2~I_nLLs(F&(P<+o@g+;MV{OcGXIxQ
z?UkZ?de@)Z3AS9$cIyPs$8z<BO|w0JXs8wz_{x1--YG|>Gnb#16X89jPea+BTNc;y
zck7OQ+$2tfPUD*;ANq9ST^l%+aaV4aA}zNvs9OS!&rDD(n?zu_Xhh!omhTV*jrz~F
z+0xYR<()M$kc~HtoVGtKJe~*LjAG#<Ts1-UG`6wf)4(tpD~EsxUQK()--ucq2yE{F
zn}duTw*kcg-T_6lk8kHE;Xu#`fVX-)hy~*73-)dN`*ah{A=H(2$TTz!QAz<@ggVme
zJqLiVe?+%X=+j*erZK4A*K^xCJk`3L(&!c*C6)DbvRG!pF}B#^UIU3<_2oOOABjsu
zK;Eh&$ow{-@1MSip5cds;pTW|>b_sfxeUg+s5ys>b@;Ogvrbv8v5B>nP{*)(>y9zz
zw#4?PjF18)*=wKu_SloYk0|$~>08Get%|FT6AYeIQESHg^W5+4x!plkfA!Db;-kL#
zTb!^j^HDAT{H@ROPy3_3jlcS@pZczk`YhvL-JpIFkpATt;=R|K{QdkU@sGdef4_g?
z@7?92``cci)ktZ~Tu5igVmdN%deRs?FmQ-oSSl}WXm~OM%+VCt;6$BFteGOBMLm{A
z33H)K#|X?xQL`8{L@->;49S#2o4c_Ak7{7Fcxi#QV8L3zVq&xyas=aq*GmgnOAcII
zTptSxzOVH<A;3&sE|wNc%1TI0rBFN7Ja^*wX$sC0U6MsRx3!I%NF~I97k4?JM{QDa
zgPi)uRjMT12pXma*ocAQdR>(8PXIkLwUoKwBIZJc1;3-;&Id@7I4l<1>#xKgFgH~w
z!;4Fk6!<ffqPh(*HJqPO3!oEc67yqjCpRyX&Y?xwLd3=L^^7$_!Dmu8NwHjsAPSz=
zavfLG%38;y(@KtF2pZ8*pT}uOsv|Yi7&em}IZ_-mZrFIC1`QYT3>mq{^3--{Gg(Y0
zCk70h7dP6b2Bpz1W@KVuURr3F%d5r3(qgStDb#r~O(i*sAy}Hx(~(IZB9DHnp@+()
zN@}zjd78>oDO0-mwKr(=;M|aV2M$CoCOu3m)P^fO!$Tg!!%l;@ICk~c1aADOK>$zy
zfJ8>~VV&BZet0A8+fvq(661c0?P+<&R~X6O({SPg2<QBp7u4AYBB!#syLU2*Qg5j=
zv{By*`1VkIZQlbAF&bPu#~%4t9bss{^oF3itM)QBNdra$4Ce?U<(C>u$v94K-9Mb_
zthzWDuxDU$pM4E@^>-+VF?}fDySmt7uKUL+Fn-k(b3$^o<pLTrdH`bJ*wvz5QV{#Z
zBB1C4K<iYty03te5##jElbr*<pfk27n*woTfPl%9_*U+P#IOov`aVi#E~cU!vF+Hy
zr-wo8V*~)%-y=q$kEtShQxszgTo7A8_E;DOCh))shU^fa1GJt6)LZ}o3Bn;2z#_m+
z$e<A<b%hNv1pqJ-paU{Ij0?Ibq6zn~4mYUCAT+As4*|T-3@3>xQ9utOTtgD00#^73
zj(sgU<C6!TK}3)tpyVLL0kCS!0ZQ(N0u11VkPpxb&TT}90U+xTz=snW<*NZ8Vy0$k
zD$CUSz;yxuF=+5S<UDy{qBbHixc$lx$5;dmZV1#o1ppZJJGA&MUFV)c#BMqt=Q^ql
zJm}zZZZ`)U#=FEeb|o`CP9Nja$gV-6Zom={*))~3t2+1c__4zWzAub6Gh#EU>Pz7T
zWwRKsb;8)WJ$L6`kqdSq=gJJCV+fEPKUAo#s~^bkt&jRF|A+s5On&mOz8{0TpjQNW
zwd|aWrIqeLO>G@3ojF3SQm9miKsB}Ql+wUdlA{<J9f48QAI8s8!IlcgL^lxMY)hQm
zEVO1AUwC1+(87ZGT{&U2G1Xp_HGCMpUUzVencIhBZ(eF!9w)7NgXJdXSzfOn0?^e{
z7X;K6*O#)iSUg>+b_#Xo^hQ~dMPUl^t!IQ(7|D<HdN9_sogAH5P1pVq4~`KdMvNFa
zIXXHzIyyQ!v6xIIlgVVV*-R%Uo6%^rot*u1E!x|ie!4=>FNG3t6=94f|3U^FsX?VZ
zfrb{cq!NEkLDS}y7hCE(mN}*%K@rezPlPA!=pzuG8Eh>{HolHO;}gmGv5)fqW@J~H
zUw&0m3sRPaTH&-dML_E^=Tw>GA?GnA7M-{wrcO?=L-271ANHn9LDNG2v=#ccEFhx?
z?{xSs2!%?~Gz4Bb>3SPZN?WxlgnZf*Goy-|dKiO6Ly`R@nH&>A!zX!3W9hwYsgF%E
zm9pXFaq1C{wa>e(JT7vS9jc+X8Fj(@E||Ux;|E<JfA}}>JO0ucr_rwQNJPODB0q!m
z-{(8M?sj1BrqK!kVX5?w|DY|-`{925huOo60^zi$FD~wSA@n|J9kMfbJ6nz>JaoKu
zhyA!CcT3jYZly}4UJ6Ln@5<cZ#;U!+Yfks;b)>H*UV7w=^R&xwoPlxTNq3{@&o97w
z%-=m_no4pMIadPrynqQ!C}(F@+VK3a6<v4FUYvyECOkm{7cYYR(9S2ajTxxC#%Yju
zZelKKR2vzUd#OqDxiIk;G`Q;HWbb^&Q@rFkeABQTa3O;efM5a$DB{TtHl#;*uw<B#
zh6^bmfQ+H6JrF~QnXE+3nl2g%6chj>WdIx!2t(qKNF>MtH5UdS@St^mm^Iq`+(9qo
z!OeM~GE<j`I_62Cx9Tr<T|p*S(}=WA6?Ia41ET#?#P10@$dBb1wN9aEwEv?YDz%V#
zw7~BhNrt04lJE0VlBrH5lU7ozhM272u#Z4yqT${>-3Ud{C`&sXyD4;+kG=A0AdP7@
zhoSm7JoLd~mu&6w(`)T=`rK%W0s!{@Iw|63wu&Y|14jIGK8Q`E94mdG`Uc4dh)G;q
zHhd><d3`K>AKoVjKKjEtiq;rj`3-!meN^G)yNcVP%}^8p5=V;AMDa_J5fh7w+~q(}
zaRF6ijYlF7BP%MB0V}V3_8*4pDL_un+vW2__A8S`Zs{BV-%g`nL&x)ZPTpth)f@bC
z0ejvI6okbezC077Slxm1E1x?l43;0%>WuD(SonGig78QLN=H~4t`LfKyf*r5P^{p9
z6}GhM7YU$U1@y*;g5W8xO|1Mlqt}~53os;ol`;F-vW&7y;KW~DKhL3Vn;vn@7p-rZ
z;ByQsZ;Ym{ZsV4N-DU4xW)Kx+CdNohpv@%!n_1*+2vtf*G>C_Kf!>@uOHmwR_d3vj
zVCqZjXupTS#ySDa%|TzmaSn<3j0SRin#Po~rV6r6p8hlYu&xVdD$C{9&13JO@jGR;
zNckepCZ}mzn*4rPe40J`Tb%Awc`4GSpyN^Sr@LyB-_P*SV;e*MMxX%;Vre-KQ(?TT
z0;=sIaS=&O;nTVo;yF_S{CADBM(@oiZ_Pe3r7d2_2Ct2+IAT$<ePGm;nH{bs+c$?2
z>;O6Ms~(vTeg86_flx+hPFCvWnuws0!{er+F!y=tS~2aZD{nc$ReoVS5vd{$qIovK
zzi6%5s!hgXe}})}#p$9MF*=8f_9F7$nk*-ba@dyDj2LatR_884+jS&m?7;@mi!>d|
zrO$-r%oiyktim$diU;0bw0kfPFp}Pbi&i%5c67hkMG&@F``wpyt3plyA1V&0geb&c
zb$|Em_IN9^&b=&w)|13PQzf#zSrLwHxEAjYIIk8;6`XhRI##Fq7*ek(@&IjD{tEXS
zaBC*>x=1<v(bJhh4?`xlyXP^weuV_uIwpJWFNT{>es{zjX8TGNYi$1|{o5ySip7i=
z>PpA%YIZ^O!h!_`P4Z$$94D<zfqgNDiPzVlx!mBE#*0nUMJ{2H*0w!Okrg+ZPUNG;
zui@IQy>JcWT0Z?*j7-HS&9ZAS72Ck5)}Z5c2T`dcH&ED){jULD82KtFU%>;K8F3Rf
zqjA#~_Q?_?l+Vx_JTnH@W3n#0g=YL(!P~V!a<ynAOg5rl{8lkebP*IzU0os@f8uV8
zQf&k^IhQh|90=MyLyZ&_x6{AJB9AuG8A0u~2WAIOQLwL?u^q3&E6lFMy}CQe5YN&{
zdSN%m0TgC@xNWHS#Eev<GaA(|$Ckn30L_c+wcz|hAJ6T_uF5Oz>K2M1M-}Ul*>;CN
zl-?5zy(%0l8{Cm}u2^Ql6q*1?QcGmxF^jjxM?{|nLI-dR+0y}+(L^`&q?X0QR{*%0
zI!dQwJx^5$LwZ@%G2dt8LX1|X4a6>UjZF=om))q<nL!@Cx;bH5I-?Ksea;S=b@u3N
z!eosd450&u4tBz>m#sZyyv?U3N`7SQJp|=h{#Bc0xOqeL;Kz_%km^hOAW9i}Nm<e^
z>aJ|Dz@xY?Ax3k|G@Wk7l?&X-q%vRGn(LtS(@H+B-8x>VR9!uGhE_<r=hxG%`oE}e
zvei>Kf1R}K(($$uz^)(HSGM+(TawsmeD(D>7@G#;P{TkKTGEp$JINMYm2P?=ZP_c>
z3Z7$9L)x?o#;rb0t|&{R?X)u|*ldEwhjw()1FDb+6O%okV~v0V6Pa_fm*{G^YrK20
zA7Bv3d7B6&hxK|rCq7KI`VB3l^}7yy&FbmF>okh4Z*-6H=9V7jp_yp|_ADbA+1opg
zfXXOL>}*rP;dR7D+JKjc+S)vD7iqE4+PIO{nQC|H#)VCsj(6g`z?@zV&JDeX<S*#c
zspo?(I=*;bxlWMJ)c~W7{ii@H!bi#au2($U(C`4aS&_C0p2;M7#IP;xsmPsfm=`P`
zZRC!#CYIikD^EUy+zlZo(zZ@{T{K)wFpKg-4|0ZwZN|Vzd-v%kUyqWZNGqnYJwt|X
zHG;PC$rxA`2*-1aw9(EQ*>7*7PWtM;Jlb7toR))yAFWYnG$FkOIF#Iuk$r-FNwQ4p
zqYV!7sgPtSO`eHlyp*lJ+TT`S$q*kcp)1MGR@ma++f2%K_yNW5rcf+|4s)3TV-}^Z
zv+$s)C4yVWCNj9Jht59k3#q<yq`Z%oQCOWW<-Y1PHeW3(JH;usIE#o@eYEodX~9W3
z9%;ycLfTwoPg<V)P=O+?QjJODjq@a6H7yk+O&ezTrta@Jh8{vLIAyoY2+}>Cw0F#C
z3J@Iev=O5s)fbg!Y}l{LG@*yRY^;j!>S<S0d!^CY0y-0d%HbA)QKhqo!WPWgE*&bp
z4>b0BV{5Ehz5+3xJj*1XTJ<O)e6epqDoF0Wy2!pKA;dglXNE@N3lBT<ax~DozlK1-
z(k2fJC(mBJ`0Bc1_3>vI!L)g|!V^Gj{-P`efk1yrN0gX0im^!G(O-Sg`<7T79s`q$
zzW~sI{vy*tl*ftw;vGR5sz)op4i2`xv<Ql5c>UlW+yrF;f$?hJj4(U?^U~@oCq`-<
zlxJmSDBUP+=VLC0w8^9?ZQjsDm)B}jO@tp%xC|N!=JXaY+OoNpn|0F;I=?PlBpIV+
zu(?O^s@6@o!h(6FfN5?3H=GZ4_*}GhtoVvsXeiv3OJ#Bf*f<cWAeZD@nBIB_4I#BR
z-%^ODlokGpRt6ryBAjKYWzA>lCl2n=El!buyiDGKz0A?I<BHZP<LxdbTB~-5afTyO
z0HfV9E9CB?O~t&j;Vz$S+Yy)Tf{qa1c5fZUY+$Dv9vQoAqqbXoYf4d3!`q*&<)L{@
z1as>lQ5CZ35KhnO<D5$3qoHiu{T@ea*sknIo(><d10jjF{`U3c44?vN7Y-L(r&)j6
z2*{hqN^aqW<E_ICE*WuK2eMl~ar2~uT_VoD!4WCJv*PsFi3-jT#3Qv(GAgvnwg!x*
z;?q4#E^G$L>|yRliYmCbgSJ`l{26Id8Cmw3mKz<*!p#<mO8kS1w8z1VB<k3_<^w$|
zj}%yqv?4RreVlToSls=P=`^$>$^SU?%(1g$6n7SvWi@%t1TGPhF*>apOl?U-(lvEx
zHYmIh5Zbc+A3abSN<7VCavVx(!Kz^HbSKFqXp_G9vRZR(9l4+<=uF{0_7cc!zJxWZ
zUD2g@jlwq^4GQ$dU+l#Se2>mKOED07x2FSt{r#)`*~?$C3GzG3wqP!yqny;jiY2&U
z_^J^U?JMCp--JCehWz{QIyv+4s&_d=PStrlN#)GV3NF8-KafvB;wLE$JOHu7EzF&(
zR1u4JKvcW1(XcD~#BK~=v78W50I8KJ6D93IOkm?X*Ktrl;CU{PL*8p{=1QMeu;vK1
za+!_GJv>I6ld354UVV}zi8GPMB+X5NvGj@QvLq`cY{7h%)9t^68A=W-u*7>FG9IsY
zav~#GJ`Hy}EJt$|-35nvWv@pCNsY3GDttOo&Sxy(CP7sp8P@!fN7wEUieUnv0+vPN
zJNQ0`c8D!5-`%YXCuHngP<I<F&)BKyj*<R#X_pfK0l3q9{7{m~$ry{>Dj8ej2HSSk
zwPU+=TZp{dE&@-EUHX!iN*Fl8d6I7&yVa^p8R0OI<BfFl*v@)MMcTtQX-QDCGK7j!
z`*JErtAufc!ghUNp7^+&(dlq1da|{dV?9#1JSlaY>?HjGFF#kfF^2?VzCB&E!CWjN
zomF<QKBwl}#nQt!+|pKm)Dz-;@2QHAmN__pAJfE9N`t5`vJ*e14+Us7e0fY4WY8uI
z3!!d?zya+^z9P|0F&}5@VudI?jOXP4^Nn2HmvU(nWJ%D^Lp&BC9yCx`-ohBX?>>mi
zqiVz}zcvUjiSV)XcZu*Ay^w_Ml3J1Yv3GE;VMGkfvrP%|k%zhVm$&A7GdO({7IrA7
zaVc;t6f&Ees|c`q#jLizKx)Bs+*X`lo2wtjf&a{VJu3ksF!l<mXEs*{j9bNQq<Ipl
zU$@zcUSD(NqXPNEzsQ!*0EUq*amLkLRlqkc;6fg&`Q60XD%f(g&{(173W3K;F~e(Q
zG9_axc_L!89Bet)G?(|n7bRMyA$i`vJY{?c_L$uU!R!pp)utgC>f%iZ0a%iuWo`nH
zU?LS)INJ;+uVo0;%*+mHR;pQdn_b+j7H4D2SxOjpt20s|M7wH!3jnLYg&-xuWy2MR
z%Mlogt8S>qRn#sExUrrf%t^J%yA<ZPe8P-FTH5Bf8`Cp=nKwomq{>m_AhQlLH?YSy
zOk^GFFNU!=;Mr{Q+iu_$|E|+;jrHfy*!!FRc%=Gf^#R}hA0Ks9_laj~l~7A;K#gnX
z)Ir_ULEY3<<IeJ{gSx4kx~WrWyy{jL^_GZA9o3<3NgY<*0d+LLSDoraoz$gn>Q-Iq
zsBU$lPU=u6b*K(?Rj0a8Cv~_wkK>^i0v#lxVOf&mlXeHT^9@xN%!oS3ka_oH`t^P<
z<K_<X!H&E2Bk*m6DMosmk_`x64M36)Y{a+?bl6Zjw}3PqL;`n~oVf5p#5Q?22nei}
z$9O_|!UWJ`orncu@bqdkF0s<@u};_{5o?b`u|vl{GS-*KI;G)4aQVwpW`FJRH+FG^
zA;oom!u`IroFl%n_7R2umc0`$A{?uF5m5c^zXhyC1};8t4{dh_-s~(^Wg$vva`$w|
zp2K2J7~KKLJ|sZ0_NFB~(DKh3VtTieHk!nw#SD4Zv%OdZ+EQ!MHRQt*%J!^YAth}<
z%CgjB72!gHOIXQb!YaZ=p$5|uv4)Fsvy>n|B`)!a(5)Q>HVv~`O)xd9E>ro2lO7(D
za~AG50%MB!)cHkDrHWk3I&4M|p53fKsv8OpNzSkK24m{#>k`&mv6b}~53t>{PPV+f
zLsT3PGm^7#@BibZBH>tn*z}B-9XZ_NHK(`OxQms)hmdC@!;8tyU9Gpc#7fo=qTM0E
zW9kQQ*v3^}ye=h|<Dz!QK`beV%G;^AA+>1J78caxmr+y$+Xq)Jv^`d>PbHrWfgUB1
ziQBXvDQ{7o9uAB@Ta<vt<})1E^)gZsj!3RrpkIWm&s(gM?I!OI+$nrq(dirrq2NYo
zc6_ZnCxG`uCDI{=(X8LdrDILo*UTjCbtG@rAm9p5NUJSbSV?ksxIZdMKL(H2H-{rv
zq;L&&GDSiU(cyAz7lk<?1RV`kgqB}33hS-EK=Q<u=>=LVv7Xo-{HA%XAa;6++$bxa
zPO{i%TDLvrwZ^n4|D2DDYDmwR$G$wFPO9Bosm7PHKz%lF;SnqGG}O)Qw<PjtZEVBk
zcO~zLZx}Zu<MI+jL3N2hfBnOaa1wP3z&pC)SobMy@3#ZTgw{T(al;+3HpHaGhsmC|
zX-NYuP?a!bHGezc|7m{mrB^gzw2F<H2Y6@=%6Q>L6Oog`)ooC4<8-Ac*JN%Bk)ND0
zJxi8Mn^fky-_e#pru%`3>w70o>~C11hDWHU2_QGNy~=;Bk>Bo@A^UF2yFvV_`J_~@
zh7^X=gV}BlyalmNM2_kGZoz>UgeG<)0>))rn4T)c7`&4gKj%bzigLSqu6|Qqel>Ai
z=WLftS}0YqP=B>6WJgYx&KPNT!@p2Zc)5_q2i4%=o-3ny+QjrtI8yP_Yi|f&!bnU8
zCXictSbcfAW^)(Sqq#rvdGTLJEERQh2gCzPxNPDQ#T)D!>HI_YZW*9UT-i9tHlQKh
z_^CF6zCURJAS%;*_&q<$l`M^5F6jCGHGSyz>MDaKtIQuiJS0@ql0acpxyxL=266B3
zVv4EP(|}^>jUD1}H`{}$gRGjad@2i$1C@^?V|CG1IV>emT42O-UHKM5F@2&oGV&xk
zsxyIqXRC50Pb{-Cn0hTo>f5klX!Rp6H+l-ky-yEkieC_20v$810}u27!4?vlfOcZ-
zyM=FeU+Gs7$Xf~sruOG^Le142;hcuAY2E5<LSiZnPo`+IFqg(2S3P^;Jo=)|C0S$(
z!$$y*0O2QGz==z|EbYH$*-=eNIBSbYglE)|a1h?N-yyYP7|p=IAVL#%oX7FZ%!bdm
zM^Ne&vV~`Lq8Z7U8XiZ4s8|L+W`hFY>gq;|CK_C5U3SX9<dvhr6n1gvsn|99A%aOh
zp;OyU*#72<kVbX1ARzE}JZU;xMdbzjg8D*K5HPMDjbZ(%@BkyO&_deo5+wU+7%=i8
zNWtFE`BkaRC@k>lX}XMt_=P&lE>A@sUTn~RAOH;HbT!(<5tWje>|sm<o`(_l7?!%v
zd#SF`9}W+5vQj!f{an`K*Z0D^dR;+X$UKtWJw|w5ug1T?<I?XMhhF*zn22zs=}BNU
z34W#Qpv4%45YgrF*X_iS-vI{YPXTko#LE_=2i}U%GP8>pm(4&TQqxVi_euF{w~HOI
zaQVQx=uUW1SFbTwHX1!_D~sv?WK`29>*9+B;6KwZ>n~4Zi#UOza}OYiIl<W;A^i#P
zleAh&t^S|9a_eHfe`0xCB;YB_AC1kAWmf>UGqc)(1%OqXN31TC>xy%uVm1rxzQq5X
z>HsSRI^M>UfW-m@jK~Fw$VMZfaBiUJ5|NtGrLNr41#<sP7n+%lx~$o3>T>Fx>IwlZ
z2pFr&pVMQvzIADPh~E?~J-bAB3A8C|R|KuJUC6j$++~kf?sCwqr9wX4H4vEFT}!kn
zc!_Hb;iV_a#0xAMix-k!L0;B;9eMefb<9}w4M2J&aYP&+^YY<G^XeE&A+)UOWf6?*
z7CNt2uG$?6_BbQLGY8qW7j*HMGu^w_F!tSRJ%#mNvJ(iwM{z-7y9`ODv>gG_p6ru7
zo^C%N++B$ZP?i6ls4k!#sl``8xrYMXPsdl>_c0I(p+$Ddd{OL2XcXJojhQKZO{>MJ
zuZ=i`Ds**ufyc>YJoR!Q?z)RMtP+;hP`FTh9&cUg<tvp*YQL|ku&?n>O!#K6NY8ma
z_D^O_FOC>fNlz*2G#S6~ukhtCjXgWI*+J(fg~Pma`=yIYl6Z0S;DHcS#_g_`HGxmU
z_Ovt_+2?=Wt&;Qi=xcl!0{XOQ30aV69xjTPM@+0ob94!0dJex-zBBz!-b4$C<fj~!
z%<K#Kd4odS$JY(zFo6op1NKW26}B&MnunZNQ-LY_W;;A4MF(O&Axvj$>@Si-@-00{
z3ivATR18x50Y?4;gRBzvO?dyUn9<6!8#t^BQ{;?ta>Z};*6Cvey|J38Cu%bAcz2rH
zzl6`cnWB#kdlX$MjRWGi*A<`!(OzAT%WwNR3Y-zftBQ+bmKW-fC;T^C3|*KWHMJDK
z_knI{3UmuJI|+;w_6r$cA9u9nz7V-^9z7H7bfGp(UlgIKffCu!Yx>(0gPQoF-HFm^
zRIS?R6iJh;q<M?&81Nx7^e8l-SH{h$<z7Jd2QzujU1)=RJCy*{vlkPa9O{VjhIg_|
zGzvIXYb@Z{QvuVY#{RuZk4UrLtQgJAMO<f#hxF3ckVK3j*9z#E6|*g(gTI}|1fD=9
z${qL^Fd%vw?vj0UZ|J6AU>yVj+nQt`1Ofm82m&{q(=pgo1RN8wQsVHg@XEv5_CTTZ
zeeFKwOaGx79liL1YOC?q&+`GQVTL!6Jl8`I>K31jA`erLhMap0Ifreo>zune=Y?~)
z<@#b!yUi{5_zGrJy{HZKb~c(SAkOJ@3+dX{*f%GmQ%u|*)wXVH9I5D~wYHTx5W0o?
zB{#dh_ISnMUi*5vR=H>MTmQFwn*#oKz0?i2-E*ZKTt52=h_mN-YT{y!bg(9z19rM~
zBrf{^Z}iV=^0^e7(>NQqY=v+RcHM62fiY^h!(qm_yB-1g4Dm5m?UR>Vgt6_mNN%By
z7z=*InO`-CSEE@A{o8Ln=qH(nT$J-pl#6o~699Mq87lUq<oZorv8CoF?n7U0ulKs~
z%JOY3zK{0ssx#UH<KVS|!1@UOMoX!gCtk_s+)mCqtTSEAa+GtaEvof!cyoEBd5n9$
z*Nwuy4d0t_QgE{U0RTghlt`LmNGb#eP#PqyA-w@4{gK*u!B*pk29Gp`)P)%`Xh?f_
zyyw%}P7$qW#l(e~ET)qa0|w5E8=D&M8A(wZ7c(+3FfT1U%;nYMVri{ZDU&yq<Y+x+
zMY;N08axS}9a#`<#;r|yd2vAr_b?BhR8|JDLP{ITv1}p)=w|?)j~Y_=f{sPA_t(5t
zCnsa?qloo5FOKL+D(G_RX$PJts_*sN4FNi=>LodfI|M)8S-Gum6RL0jw&T__8XSB*
z0*c4-PpY3%!f_7Aei-MMo0XDV`EY|U3}#OxY{RhIu=_Bf0#R&$a#y{@HLo;P<V4`|
z5b9oa^1AisVyA2_B_<ZAIv<%Nh=Mx#4|xc4<`^Ck#Z&}(P+Hy<Dsf~PfGAdIY(3#v
z3J%D3eq85JZLa2j9?#)gPg>+$0JN8J_vrQjiYvVN4YH~|=jiF%qVRgK@vcYXe?00C
zP|r|z+g(B?+%e2z#1>m^v8U6k_THL3%4@&%`uP(DeUPIZUT_b5-Cld_^@`WNy3o^~
zQI?2G>uQU|zSo15lDa~t9M74#F=aXBOe>{@JLOoolQvzvG-Y8bO}VmE`J0%gc(D3%
zWRBc>%!RozXFWUSd<b)=18!q(40A8!T*%XV81e+<0VIn+Z~#%pzW*oUh`@9FeqS2)
zqKj|vO@vng2=El=q_AAbwdjn?o9f`@?2Q@viM<<?C;|BDMfYlRDOgA1pSa{jCvV@=
zNdUaAVx2yN^jz_PfK-v?DCO)FogTWLk;*wQ(nQTG5MF(<Pkq}};=%Sy<MWowVe_cc
zzDkjy7*Kdhs^S}`P4beEs$eM=iR!{lC|&po-HLTp!M42PEv>~a(-0VhsNqTjqk5~Y
zNRa;IJK8zEqjHO_l#6qro&qHmDC75s{X;G1?O!^<=>tLq|A2+A0qzeM2%n3uc(J87
zUL+a&?mxYXT^0H$xE8`cMG8+}@&l<b_@H^h;(a(T^VE}~bG9jtp#vVMc3ef-@vd*d
zcJS)(N@}@cp#v+T$g38(x1s{=of0Kq4bIbW)7&)9-C7YsaG;lP?BNxo@VqdmzK3T!
z^Z=l~HF4;f+`hcmZgIogV_ik>K8Sh*259sOu2tZkuY2V_^qRlWT>^HtC`iExKWqVK
z@Ei+1T2Yyzs#XdMw^HS!kB3jEQ@EUtUl0m+p7>8wvWVwO5(&@Q8pfhtL}o9h_w9qj
z`W_zdHMw3bmOvAATW?V@0iyy)Bg_ThZup{EAhPK77M1N3z2P*@>8iX`hLme&0tGeS
z?1T@aH_#JNlJbNts6Ok46YLaAQ1kydfHst%GQmax2{uWEgF~T~TQEV4Z4bg!uUiN-
zA3BELb^sfk&Bl3c1l5X_(R%i?76q=0&eV+3U<-&qiFXw1HKKe__#VHO`A9p}f!sA(
z^SAIV#;LFrot=ZAT0Twy0BT-+&;xCxUUWvbI2O^vQhI)%;ujJdqutve7KL-5+VH+^
z=XumGFV$P8J#Rlh8)!anSH9x)Yck7`SHA959{|&&(Ee|DM^$*h$l)G;UF7_%Zv#Tf
z>ExNFsr-1$6Q1)yK2ze}xgDiaskG!pIQCPY!Cyv^x8P=9@t)4lPet;NAMqBq;i^6Z
z@BAxG&NrXoGwy=#xVXr#^?vYV=m7(bp4rVzObZti2zu_J@B}76VFV%s;RiW5K?Phu
z0Lmpwk@TcOPe+X`_$UC4_hSJdJlKrZ5lY|_02Ro`qBgW07r<k0LGQiSGdzp(co#QC
zr-z!tQ{dQ^Wr>Y+kJqbx&aNF5B2>SXqdqmRFqGBrCS(5{m7s1m6>Aq%FUM1EV^=N!
z$)%eC4TD<Z9^Tqt*ek%LbS}5JNJi|lF^w(ge0sd*y4wro)dh%psL;lR-)c_><n^dr
z^DSu0vB_f#*nj?J)aAc!{`XKBj349MyuMBg*Z0uaOomY$V$89qadv5wXa(S<xKv|;
zpc;$bjvC~%&=rqcM3s6toZ}?PbmS3VZf?)$+0jr=N(py@jAv>Um<o$u*S0*X!+l=9
zek=F;Q#T8!NFhIgJ<&X9TanI*x(F<1^246Q$Q<ix_l7RY`H88d^MFba?i&@aL{OvR
z?m@p}_L6`2#DE3S_!D4rIh=Proz0t3$80a)!O*}n)d67E_hVE%0h{F6EMEFO;z$j$
z3}}+Lg4&g|z}I7ye0U*><0qcVV`cB}&bQpt=NLt`;v^<KK$<@E-D?#4?jxYZ-93~P
zijyT!?3%yF<H`OZ;}MEj6p5Lr)T~#kS<yfN3G-qQC=`iA0&!3z8W3rcR1f4N&5%wA
zMQK1rVH8av4m5@!WPkxM0D%C&$jqh+2)qq1wRFpa)1;yrXe-^-x288%DeKKsKihAQ
zf#%3nNkkRMnFU**ghCz({R$K_0LooG;&rrUJ(JyXiGf=#Tq}bdyA?g(<Mm#O=mOA2
z7*5z|-vv*0WjU9y(#`ppCs%|+h*<yx+K#90zIU_@u~u<)!-PX>fAi*_$0kNOiS1^l
z#%*Itbdg=mle+x&J!*m4(+V@{^G3tl&In6R&<)B|a`Q{O{=4?&1*aE!L5b!B7A!wa
z+sroG{x2hrI?^}Nsu_NY;6p|l2#?6JP<9kX$JAUNFYJP(D+5L_^~W>!zO68pJSM05
ztexzS*(oiVnKv;IR@F<6*U9wHoUf2IXXOZ0^2y@A(4BK~)MnzjZ>iUjUzr)R>()sq
z`oWtcp$1Rzl6h3N%BR&^9NV!{jr<wRD_N1Uc>foxe0YTO6$w9{!JZwX6H>H1w@{M#
z@!c+I%@zm>6^<9w7F6T2KOsBol^HrY$pLO>nOF1}1`;_Sn3q_HjxnhMMI*FU0=2!d
zy&DUWCY|{Vr{@?Hz%@0haz{z0S`7~&?3oQR=IH$HR9o?HJ10$?oAFKvxfE_PI0}^~
zvN}d_31S=^ALAbS+2&CD3Lwqugs|+veyuaOlk5_@#c^VU^_7W&3Yg&P3S<l~fF`2c
ziJF3&aVIxPk6_Y#+D@-;O^n;_cX9^U$tUI()Z4oYKBHIwSM-=&;#XL%D7Dge^;GEw
z|Mc2TEU)o+3_%|;pzrozjx7XXz%#ZY`9P4u`8+7&`3RRn&sv;NcWR!slA9b;Omkm*
zZ4OeAy-swX+fKIM64ha+^w*stJ*;S!^1V~ZY_<Ty?m%JiWUJ8dlqcId9D*BdJXQOn
z04(pW&f5db<>`0=l{2WcJWnjpNWUCT$(5dhHagKby46z=?smBA=}ZvYdp@LIbRtZQ
zLIy1nQ?7U_P!3=E=NfBc6GWz~;lPHCz4q9DV$*qJxb*Uj_gHZ}vaKhgNE}A)Mf4D&
z5il1iEFxM=YySnJc3d`Bz1LG-C48A4{N5Mh%mh`jUtOiepsgcwKYGetz1@zYoLv3V
z`X?8lvX>I$5I<#C7Hq_CPH`#&H)Eckg!SDLThX-yg>P^cRH9^7!veFLH&N+&%aLy8
zhR<y<CQ2)eYP{Of#IRiWNS65;*>5ut5G*uc+R^MPE*603tICJPR;#l){{QwAQJ-^j
z_kGy4I=%pGBlqVMT0mjLU``2TmrmCI)TL+$HC5<w>M7>=Abb+7WRDA#^pfeN9N{M6
z>`BBiW+)&)CJ-v>F@fN#lhVE;P<Re_rV0r2+Pk>N|4E&Q@}Dgkes%=2#D{zaorCwU
z;9mT>5=DfbR4n*5G|f#Rd&+?}xrOa#)NC9ZgPrqWMIWx+z&9DMl{KgJrST?rR}Oyc
z-2|m2QbE!DJ6X7k2ewof<-;!01L}GL*HCz~gAJFVb#hRMk^w`Mwi?Crg+0&G*o8s5
zQW8hhe|#k^{=UNx&xVPO`U9d3xc1nTbdZ3M1=$CZCR*p;>2X|-Ybi%mK)jbtsp1F7
zZm5WL98qOH_6jTIbi^9pU8tLJAf!mMJz=l(TF{WGfxM_j-yZ0xD^H54Oa($x_aMC#
zhbSt7kpQxLZs>SoN8gJ*A2PJ=S`u@2!S__e6c90b1F-3CBn%|fhs7hf%TiH5L{xRw
z=~Dpg?eY8h@X>I^l!=eE<NMVXA6_|FsMtUnT|OjWZ*DX*9tgLUdJm0WiaDNN%`Qj2
zdJB1FB_JMs66jCC#RRMFDM?`}&yE_3QsP%qe%kEi@D=Q3L($5)yKQ4tQi0%_94kiq
zJ(FC7c{wT@dsONQLm}?>wAGrb#&Wwdq(<IC6(a0~iWM{z`IrOkUk=r9#vnH^eMb}|
zk*ctkL=9a@l$?DiyW%h%3B(zyagCd(`<7LUy@ad<Xp|9eo}j3gwpz$zn|{e<Gq^Af
z>M{X7e;l@^YE8*IVcl+EJJRLwlrgdtc?OHp9uUzEWQjehFOOdC<=qeX13C!hpIm}1
zEG1DZc498V5+;>Ao8YJ#$x<>7Ro0Vw`%B23D)2Kf;AG@-#R7$o)}^3Kr@nK5@Invh
zLbLAyOsn`}TxPUc68Qz2kr2%3M76x3)7>k~%b4CyB8sSF5oLrSxM9M2=lQB*jlua(
zqLf<ZlJG?OheXDH=>;OaK+f>35%N$yYxd;p^h=TlDDac$Xe7Cb>Vz{1b0-%S{c-|{
zbr|=u<(nnJwh3G!x;3CJT0#;147(iY%Y&-&A94vJc0H%T*Kzg_R_;#i_mtc6ryY*O
zA9+CsXa)dj9a3W(dG#-@MaSC{)ss4%aK{{>RppB2nI~6Gww^s63S>$%rM1Na0D}sS
zd21MAzi|JT{-M?j1b_HA5o^7viBe>D(OrCL(5DRLRAR(HmcFWb78e%@qvUWJ?-Eb`
zIxM5hZd##yH*1TX8#&&Y0U)*ILKAVY%Hb@g+cVxoFNi2&@n4(_A|j^@nZ6Gg-^@i%
z`bUG@C7N@Q4hJ)V&FfE70<~r8AgKOZL5pJ?aTS=~GOSextJT{8>9nQG>3GKc{C|LT
z4_{~ksf|%Vd&}i9pXcYd5PWfv*9oB5{hl`@V+soRPiSa!@vC)Bs`ZdT;*Cm%8B}#b
zXEtYNRID_RD*imymV1oiDTWoK^noH{t*7O_GWxiwEY77+wr2n+MtT{un<pMG=mTA1
z-3d3!0q91>$H3100(!b#y-~Kr@XXVnE-t2Jvfs4ufu!IJLmE1TML3`U7pd4AS3QWY
zjskmBNiJx(dh9(0|H~s=oRV~}RHEHn_thHsL-(7b)1-C=)FtKEo!S^G-mkdVR)2oM
z?Y<{oQ8Jhem<6-c?hKY9Qm`0B6MMg5^rLMe6g2wjzFa+DsYAPHig6-&ko7=44W(ip
z{-RpF?oD*r9-c*@r0!fAzWcq=|9!tt5n<AMmTWJ=Jj)d~)GSUftn4?MEu;3m&(_aM
zs;e7YO4t_>3|P~@sEE7jcE>3F;HpqMqx=!q#i1G{jOOIZK3^xG&H1YVj2opPQ8@jw
zSB;#K$n;<wg*gnuk=Ma{Y*uabObV1ZGxoJq`Ygf`nLjbM)*up9V)Hg^U$k>OaD*F0
z5iE#PM@~_K2Ni%(0O50vW_%{92cLu>3C@>`qKbd3DF?Cf0vr#T{yTgcbv^bT(V#sE
zmR|XiY1yip%CF;_6@HxJxWb$n#XIN1&(SD<Es1NFq$dz%`^r{;C1z)gdZvvdM-Qn1
zmm4mH7rzN{`}%tFqHl6UOd^Q~gP{Q!`x?q9?ljGYcSiYREAqq{*46<XT~Vjf@niav
zf8w;%cOmP7;T<3<MJI0-Z|bNy=wM+GP~sq}1K2zd&IY2YoyYNC7gacgw<ryxz$}7K
zQXEuiAy6nwvYf12Y*w<svmsX8z>J-4kc82zFp-{;5!ymIkeam#Ylf#B|Jgqr-@#9#
z^-;}mG9Q}F4-av-x?#SYv~F0xwt2hx`~`6J>TgAJ!Z3kX6=D`+bRfQ}B_(Po+*3o@
z1<6&Bw~_3rngM~NABJarD|K^ke2S!s8)idQY<i6^gMxZHi;LLVENIOFl7w=1tHgl!
z&1TgaytmcOwqT{SLD84sLwtQis_?B}B<1=J6c<>@Y=zxnEE@hk!1?dUd454xA=5o4
z*!lz#uUIe!O1ju=E1Vw9s6+O^0`T~N0aACkK}E`)Wf_)~w-)l#OzkE>yy*2NzE3t#
zFoGY<!r6(CKyt<Q1$*chA=u`G`OZg(Zm5a(ZoqO)kSv(9&kz0!DEnA>?j$vWQ&KK)
zOj0^>No5@Xx)y(Wl7G73YSpl!En`1LyEhB0#Ux70A91e2mV;wj3!c_s`tLn5RECnO
z&5@FfLyXkt^G>fvkain=;yd=6sV=NeMQBL{M^z|C!)te5VaK>R0n0MH#~bS*VMC0-
zvH0<pT={{VlcFvdm64ucO<*G%{*o#aa#QugPIazmWYt?!tm-Ya8_~Upd-4|LF`b7@
ziqv!xuSssL>E_7ZOQonY!`s_W4JL^=gnUzFWKtE^&6z5ygHWI<`{Ojt=_Jb%D#`#s
z*3Ej~VD@KLz;guM?Z3>m+7;y$r4K#SB*5=vIiNXG*m`mt2h>8M)A>KEnfC;Z=-byo
z0h}Y6mDHSYI2}*|#YGS7kFqO0zTI5c>_J)hnsEL~=!;<adMcs3@g!FI%QMaXY|=5l
zd<Pown^8;Ra+S)K=2>>#!#Qpn5SAZD&R)jF_5w8$YY`9SJh>myoyn3LS-2xh=Ou(d
zNxT(03F_ukvYFG?gg~4xvr#WW^De_OPOjgKzq&-cZ2n=&P^$h}OBH80%|+4ZOvUgR
zU2w$ORBQy_)4x$IVigds0v07K36vi8Cc#C-ia}KLeGq-oh<9df83Rf&Z%bF|hq@<J
zK@>|aB&zBTk4}dp6(S9F3UuO(Ti@<}(`=ayF1%$>@hY(nNX%5F%jNi^14R|cxZ@JG
zQZhcU%BUy3vBZ@$tGNE@v+-f-B~khwuu7%n+zTMlfG@cfY5%E3rLUA`l!*ZVC{#1O
zDa|L)p;={eL>emXkawM))?&Mrx>O=7R5F#Djf)AZcrWC5oVUxXU>|zyRfOt}g6tHa
z8~*Tc6NQ6QvTaL&@b|@h58<4}7f4cDa)1A5;9I5++<TE+uY<ikbW8D8JAc8uPR@Rd
zDCN)mreY>ap1}AbcV2RIROqb*jpj3y8@o@M-1i4{XPN`<_NB*mTX6;bwk~Nc4O?VA
zp5`ylB|hQ?K%SmOphrK@rq}J7=4sI0fZOgT8Qt2dGY))Q-M1s>J3FP+%~QRSnF)~N
zf}D}69Q^4ZIY(~@%e%+j;lNc1fB3yBxF5Qo2V}?~+5>lyeEq%HCH88`8CL*<aji(V
zH)oaEBp8K?qp%lJ!__ak&*r_P8k8WCCU}Y=%?&yDLgLE@GEf{W9n9KV0tsQU=sLEJ
zglKu>^D5<)I4ev=1^sRpE-t35bjksv9)jnpIB^W^JV>r_ziKu8>Q;F*&|zqllR~Cs
zPFu*T3g4>uUM1x}=#8>f6Vj!s;~K^@f;N)+(>FHVqWP+{(S?jXk9_D)>g@;;JC)mE
zLJwpe$~0b$s&SGq+jtRS<vN5_M$@YLs4`oSY6VknIUbfNpU-rwFKnGE@-Gb`vyH4c
zNvSVFrksjHU@{8WS+PLoc1|p9m5iQLDA3!gu1~1va3U;wSvDVbU1y%-%~0dNdT8z#
z#wzF}t!GiLoV_u{Y@SHKn|sc-p6XtNG!|gq&Qs7~8Z9}1NWjpwOOs>x;rK~m<6OFE
zsd}$4l~5JBP|;QJ9ApJ7Hm*c8;D-y3$gowChS)Ye>;d}LIxW(l_*l;fB_^?iOzJ+i
zyH!#?le3jDJ?0J_C7SB6YocZxjHiv>itf+F6blp8;FPMKmg%WaA4dN3Kodr2lmqFy
zlY7S6TC{o*?bx_#HUwRKc?{=~WISw88Jq`!t~qs&mFgWC{duq43RfXGt!B@;3l12k
zvuZJ{q&^&f8qj(pz*bx$pP+3PvO*AujZHx*)JI$}2}$ewf0*$ez4`;q=*4PuG=L<k
zrGv_jw<WR1v`xCw))W^DbnU!eN5e*<wjx2(AbA}%Ah?3M5=Lx=*M&Y~!eXzJ^IxT+
zqqypI;sTpCV)3eG8~eJgQ!d5c58eY6VWnn6z<DZ4_AQ1Yw33f2@ok&Qsc{O(20s@=
z#?^?hGW}_DhUTI&S`E>>9(r>;699@&M;kS4R>LAh!{n1;VnSQy$vESQuqsgfbXeJm
za;%aVIyA~T!~Zr^+NOqg?3a9-nN;9k!rNA5anq5O1i@HutcVGuvzDfcm;`Zx)ef>7
zh<4>7Rjy-|`@w~_VcaWZ5fp=<($-1(>KqEau9aq<0<0e^w<a)S+0r;$Tq0V~UkKPq
zSiR&Mxrh_Pp`WRnN%C;iGlPhDsxsDu6|_{YHs%!sN@ukB^N8_QrB3_Ln6`%;^h;@0
zrQ`(}u&UfQ#vrcn_Wa6?f?WF%(kKyHbM*;WNJPZJR@<f5SAZNi8<h@&#TTgLH5$A3
z66by(XTPz(i?{O~BD9=&Q#IEEBL&G&i;m7)X2Ix9Iu|e^Hd&oV(k+~FyW9p|aW*rs
zm4>xcKD`=$Ti<F1wdSIrAU`rcyvl$*en`p9;5DkDF`N7KvMuAe6?81X8@;JVd?Cwu
z;P=X)BD=~_%&N{34!xOl5Be!C9eytC7P+v{th}yOWLbDt!A0@JD_`eB%@bcsTCy|&
z19f$iWaO);T$>8-dgpU6@vXiAiHK{Y0%||}4G(2{T3swHgAu2vJnh@O7rS0E56Whq
zs+pqsUE)2QfF|H1XG1@r8fO|i#@C>hBjp_O^&`aUUZ@i)?g)f3ZFtY|_CqQtEw8V}
zVMK=kiBH+1^YBH5TMa~I9N_O?l3CC3Fw~Zz*sCXysyv(kfo9a}p;uV8Q6nFRD*Y-2
zTUa5~3lq5>drr!(y`Cp^;-r=n98~!2h1-?`u)uZ_S&WiCHa1V!=9h~jZ+^-Z(DQ29
zf{#Aj*EpPcwUM@(PC=dC9Ayf7mFUZ+URjg2$-;8#354)o!U{mFAYJB+vH|Cv)%+96
z!PK<oL^(y`Zuj<8mz4-qcf)}#q~QOkW}KT*y{y|vUzlMgXbJQKu6DhKuNFO!Hm6_}
zA)oia*DHnPmYo@KHHl1j<3e^p@_nW>zuNbJvz)9IgQzxX71w<}BZH;wWZ0zu@NYri
z1dgW*b+e;h=ea{R9Mn`<tZ_F_l5W*6Xd-W3oZz!<Io@F%Iv=reU-HE2MuaNX{cTu_
zmEjt2C@2?|cER#nNkm%p-zd&FUjM^KHcXsBnDDfS+$B$S=OnB}rEoxQr&5&Vt4h1G
zUn~>vxJAO1T5v{}K{dQ7hsZD)Jq)49pzY{kye&VO2Poj{`*bPL2KRI*bK$`o-Dm=O
zvJRizD1LcBYsde?jou=`Xf01Lv-Hspa548Yrg{>b^h)ihwEX~AeQ<rsKzdJB*_`Uq
znE_!jae~wiC<HLO^{q-*w0L4|X9DJ{P~JjDpGp9wn@jzZ8g#|NE;~n2MNy09arx+V
z$K@fVgr)_bWUF%L5>MDO{!qE3Y~%n;7g;29$NdgGHIy|C&TOJvwovR|P+;3va3l#k
zR!KtT4D+HC&oxcoqSMo<pGi1hFWpa#i2a{C2U(D0I{chJjm!H4N{M2lDIofkm;NKT
zR+^2*5S<%y0lqyyGB#!-^&P(+s^wYM`#msb?A#bQ?`bM9rBtHDGRZIK%%egz_{VZ6
z2X1MuGkC|6V{s&{b|zWE1xl!zB2ZoR#G=QN<~TLy5O&$C-sTK6rb8->Y=oRdmV43p
zuMhvpfFi<~KiIukzHppS-^Ym?^jOFOAl98(%HY6_w8#@#G;^^<jg<^ZYoxlNjRkr<
zW(d~(!g9!3@Z1w`{D85^rTV=;@T#2_sYIwQiycf0U{!T9PgMyqa(U!UL?Dm2JENXH
zhy~}j5s?+0Y6?e)MkysG`~NL(FOu`QvF;T=H@n-!oWxN(m1#fy;#E|@xsIW+V0&Yo
z|NS8=_;wrpEO-vwLRpyaOEAkRiN2ha^iy>`t;5zaBrAREh=K)K7AoJUt9pU<d=C}d
zqmIN%&gVyWm2`+@$zSId$3y{f0gnDNzbKMQ0}MoxJ*BJSFkNN9O`J6Vxncz>Q0UqK
zqgi@FJjM#^Dyr(G<)nqgH*~tXMk0;v|8TH3**R}NCx<kfo@5MfOoU*Bo;COEZQD7D
zF!~_*D4jrK->>Ew$De7clbfkO)BaT}mizI^6j()P^sc#t#$Ss}`fynByOMxzD7uL^
z<lBnqRv|-_({q<_Yy!##p@QL@fSV{jpyJ&!YaIIbC!yAF+&J{#tCu(q{U2f*b7N-&
z6NHF6gg4z}IQMd4J0g(Bcf45v0UOth3j>t3sMs-T#1*W+uZD|RW>R=&<u^2Yjwy=o
zMUh?Wq-dYkgt7eQl4ZVBu2O<1l!l(0`-2&tTpIRA%3+b=dzTn4<}1o7+WFu^G&*AB
z#CuTmY1$ie7~?67l8nk;RV%O}W!_PEEITl6=+pBp)jjieQLZmV4`xpzbbsy}PD8Li
f769d>SSTxkval@X)5A6itEeYkRoV`Y(c%p_;;-pF

literal 0
HcmV?d00001


From 3cccd03d55a0910a34e02a5709de53938348f347 Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Fri, 8 Jul 2022 17:29:32 -0400
Subject: [PATCH 68/96] Build azure images, too

---
 iso/empanadas/.gitignore                      |  1 +
 iso/empanadas/Containerfile.imagefactory      |  8 +--
 .../empanadas/scripts/build_image.py          | 16 +++++-
 iso/empanadas/prep-azure.sh                   | 55 +++++++++++++++++++
 4 files changed, 74 insertions(+), 6 deletions(-)
 create mode 100755 iso/empanadas/prep-azure.sh

diff --git a/iso/empanadas/.gitignore b/iso/empanadas/.gitignore
index 961321b..6059633 100644
--- a/iso/empanadas/.gitignore
+++ b/iso/empanadas/.gitignore
@@ -2,3 +2,4 @@ __pycache__/
 *.py[cod]
 *$py.class
 *.so
+Containerfile*.devel
diff --git a/iso/empanadas/Containerfile.imagefactory b/iso/empanadas/Containerfile.imagefactory
index f4f91cb..aa34ac2 100644
--- a/iso/empanadas/Containerfile.imagefactory
+++ b/iso/empanadas/Containerfile.imagefactory
@@ -60,13 +60,11 @@ RUN pip install awscli
 ENV BRANCH r9
 RUN git clone https://git.resf.org/sig_core/kickstarts.git --branch $BRANCH /kickstarts
 
-# devel only
-# COPY . /empanadas
-# RUN pip install -e /empanadas
-
-# prod
 RUN pip install 'git+https://git.resf.org/sig_core/toolkit.git@devel#egg=empanadas&subdirectory=iso/empanadas'
 
 ENV LIBGUESTFS_BACKEND direct
 
+COPY prep-azure.sh /prep-azure.sh
+RUN chmod +x /prep-azure.sh
+
 ENTRYPOINT ["/tini", "--"]
diff --git a/iso/empanadas/empanadas/scripts/build_image.py b/iso/empanadas/empanadas/scripts/build_image.py
index 817e5f2..f6ab2b4 100644
--- a/iso/empanadas/empanadas/scripts/build_image.py
+++ b/iso/empanadas/empanadas/scripts/build_image.py
@@ -106,6 +106,13 @@ class ImageBuild:
             self.stage_commands = [
                     ["qemu-img", "convert", "-f", "raw", "-O", "qcow2", lambda: f"{STORAGE_DIR}/{self.target_uuid}.body", f"{self.outdir}/{self.outname}.qcow2"]
             ]
+        if self.image_type in ["Azure"]:
+            self.stage_commands = [
+                    ["/empanadas/prep-azure.sh", lambda: f"{STORAGE_DIR}/{self.target_uuid}.body", f"{STORAGE_DIR}"],
+                    ["cp", lambda: f"{STORAGE_DIR}/{self.target_uuid}.vhd", f"{self.outdir}/{self.outname}.vhd"]
+            ]
+            #         ["qemu-img", "resize", "-f", "raw", lambda: f"{STORAGE_DIR}/{self.target_uuid}.body", lambda: f"{self.rounded_size()}"],
+            #         ["qemu-img", "convert", "-f", "raw", "-o", "subformat=fixed,force_size" ,"-O", "vpc", lambda: f"{STORAGE_DIR}/{self.target_uuid}.body", f"{self.outdir}/{self.outname}.vhd"]
         if self.image_type in ["Vagrant"]:
             _map = {
                     "VBox": "vmdk",
@@ -136,6 +143,13 @@ class ImageBuild:
                 finally:
                     f.flush()
 
+    # def rounded_size(self) -> int:
+    #     # Azure images need to be rounded to the nearest 1MB boundary.
+    #     MB=1024*1024
+    #
+    #     raw_size = pathlib.Path(STORAGE_DIR},f"{self.target_uuid}.body").stat().st_size
+    #     rounded_size = raw
+
     def output_name(self) -> Tuple[pathlib.Path, str]:
         directory = f"Rocky-{self.architecture.major}-{self.type_variant}-{self.architecture.version}-{BUILDTIME.strftime('%Y%m%d')}.{self.release}"
         name = f"{directory}.{self.architecture.name}"
@@ -245,7 +259,7 @@ class ImageBuild:
     def package(self) -> int: 
         # Some build types don't need to be packaged by imagefactory
         # @TODO remove business logic if possible
-        if self.image_type in ["GenericCloud", "EC2"]:
+        if self.image_type in ["GenericCloud", "EC2", "Azure"]:
             self.target_uuid = self.base_uuid if hasattr(self, 'base_uuid') else ""
 
         if self.target_uuid:
diff --git a/iso/empanadas/prep-azure.sh b/iso/empanadas/prep-azure.sh
new file mode 100755
index 0000000..4f45658
--- /dev/null
+++ b/iso/empanadas/prep-azure.sh
@@ -0,0 +1,55 @@
+#!/bin/bash
+
+usage() {
+    cat << EOF
+$0: prep raw image for azure
+
+usage: $0 raw_image
+
+Description: Takes a raw image and calculates the closest whole-MegaByte,
+resizing a copy of the raw image, and returning the path to the resize 'vpc'
+image (a .vhd file to upload)
+
+Dumps VHD in \$PWD by default. Override with ``OUTDIR=/path/to/outdir``
+
+Don't try to compress it.
+EOF
+}
+
+log() {
+    local level="$1"; shift
+    local msg="$@"
+    local out=$([ "$level" == "error" ] && echo 2 || echo 1)
+    printf "[%s] %s: %s\n" "$(date '+%Y-%m-%d %H:%M:%S')" "${level}" "${msg}" >&${out}
+    if [[ "${level}" == "error" ]]; then
+      exit
+    fi
+}
+
+MB=$((1024*1024)) # for calculations - 1048576 bytes
+
+if ! command -v qemu-img 2>&1 >/dev/null; then 
+    log error "Need qemu-img.";
+    usage
+    exit
+fi
+
+rawdisk="$1"
+
+if [[ -z "$rawdisk" ]]; then
+  usage
+  log error "need path to a raw image to prep"
+fi
+
+outdir="${2:-${PWD}}"
+
+size=$(qemu-img info -f raw --output json "${rawdisk}" | gawk 'match($0, /"virtual-size": ([0-9]+),/, val) {print val[1]}')
+
+rounded_size=$(((($size+$MB-1)/$MB)*$MB)) # size (in bytes) + 1MB, less one, and rounded.
+
+outfilename=$(basename ${rawdisk//body/vhd})
+outfile="${outdir}/${outfilename}"
+qemu-img resize -f raw "${rawdisk}" "${rounded_size}" || log error "failed to resize"
+qemu-img convert -f raw -o subformat=fixed,force_size -O vpc "${rawdisk}" "${outfile}" || log error "failed to convert to VHD format"
+
+echo "${outfile}"

From 007f571224333c18a0e13d2212f1a957f28b986e Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Fri, 8 Jul 2022 17:31:30 -0400
Subject: [PATCH 69/96] Fix path to containerized azure prep script

---
 iso/empanadas/empanadas/scripts/build_image.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/iso/empanadas/empanadas/scripts/build_image.py b/iso/empanadas/empanadas/scripts/build_image.py
index f6ab2b4..2f4b846 100644
--- a/iso/empanadas/empanadas/scripts/build_image.py
+++ b/iso/empanadas/empanadas/scripts/build_image.py
@@ -108,7 +108,7 @@ class ImageBuild:
             ]
         if self.image_type in ["Azure"]:
             self.stage_commands = [
-                    ["/empanadas/prep-azure.sh", lambda: f"{STORAGE_DIR}/{self.target_uuid}.body", f"{STORAGE_DIR}"],
+                    ["/prep-azure.sh", lambda: f"{STORAGE_DIR}/{self.target_uuid}.body", f"{STORAGE_DIR}"],
                     ["cp", lambda: f"{STORAGE_DIR}/{self.target_uuid}.vhd", f"{self.outdir}/{self.outname}.vhd"]
             ]
             #         ["qemu-img", "resize", "-f", "raw", lambda: f"{STORAGE_DIR}/{self.target_uuid}.body", lambda: f"{self.rounded_size()}"],

From 5f2f3cae5b126d11a8c9992ca17f3df97ee93248 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Fri, 8 Jul 2022 14:33:07 -0700
Subject: [PATCH 70/96] properly loop live images

---
 iso/empanadas/empanadas/util/.shared.py.swp | Bin 4096 -> 0 bytes
 iso/empanadas/empanadas/util/dnf_utils.py   |  21 ++++++++++----------
 2 files changed, 11 insertions(+), 10 deletions(-)
 delete mode 100644 iso/empanadas/empanadas/util/.shared.py.swp

diff --git a/iso/empanadas/empanadas/util/.shared.py.swp b/iso/empanadas/empanadas/util/.shared.py.swp
deleted file mode 100644
index 344c9d057297e69acd8ab9b75837c3ea792a3df9..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 4096
zcmYc?2=nw+u+TGN00IF9hCi>5C&{RHF_^8AV#rBMO3eX@69C1Dd6{~NdFiP+#rbK;
zIr+)i<@rU~dU>fOs2c0Q2I{A0mgpB}rt2r?7p3Z#<mcyP0|hdR^Yv463lj4ZQxc1j
zSfwSIIr_yJiAAX?dIgoJ=8f`3Ltr!nhzx<!k~CclUIt?$Lj#ZwWhF%gVWChWHIFJA
g4S~@R7!85Z5Eu=C(GVC7fzc2c4S~@R7!Dx-0O|)YR{#J2

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 6a8acb3..c2f9a10 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -1499,17 +1499,18 @@ class RepoSync:
         for arch in self.arches:
             iso_arch_root = os.path.join(sync_iso_root, arch)
             iso_arch_checksum = os.path.join(iso_arch_root, 'CHECKSUM')
-            with open(iso_arch_checksum, 'w+', encoding='utf-8') as fp:
-                for check in glob.iglob(iso_arch_root + '/*.CHECKSUM'):
-                    with open(check, 'r', encoding='utf-8') as sum:
-                        for line in sum:
-                            fp.write(line)
-                        sum.close()
-                fp.close()
+            if os.path.exists(iso_arch_root):
+                with open(iso_arch_checksum, 'w+', encoding='utf-8') as fp:
+                    for check in glob.iglob(iso_arch_root + '/*.CHECKSUM'):
+                        with open(check, 'r', encoding='utf-8') as sum:
+                            for line in sum:
+                                fp.write(line)
+                            sum.close()
+                    fp.close()
 
-            if arch == 'x86_64' and os.path.exists(sync_live_root):
-                live_arch_root = os.path.join(sync_live_root, arch)
-                live_arch_checksum = os.path.join(live_arch_root, 'CHECKSUM')
+            live_arch_root = os.path.join(sync_live_root, arch)
+            live_arch_checksum = os.path.join(live_arch_root, 'CHECKSUM')
+            if os.path.exists(live_arch_root):
                 with open(live_arch_checksum, 'w+', encoding='utf-8') as lp:
                     for lcheck in glob.iglob(iso_arch_root + '/*.CHECKSUM'):
                         with open(lcheck, 'r', encoding='utf-8') as sum:

From 40b3af462dfbb956979f86d1dd73ade918d4492c Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Fri, 8 Jul 2022 14:41:06 -0700
Subject: [PATCH 71/96] add checksum combo for images

---
 iso/empanadas/empanadas/util/dnf_utils.py | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index c2f9a10..1fdad86 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -1445,6 +1445,7 @@ class RepoSync:
                 "global",
         )
 
+        # Standard ISOs
         self.log.info(Color.INFO + 'Starting to sync ISOs to compose')
 
         if os.path.exists('/usr/bin/fpsync'):
@@ -1467,6 +1468,7 @@ class RepoSync:
         else:
             self.log.info(Color.INFO + message)
 
+        # Live images
         if os.path.exists(live_root):
             self.log.info(Color.INFO + 'Starting to sync live images to compose')
 
@@ -1480,8 +1482,7 @@ class RepoSync:
             else:
                 self.log.info(Color.INFO + message)
 
-        # Sync the cloud images?
-
+        # Cloud images
         if os.path.exists(images_root):
             self.log.info(Color.INFO + 'Starting to sync cloud images to compose')
 
@@ -1512,13 +1513,24 @@ class RepoSync:
             live_arch_checksum = os.path.join(live_arch_root, 'CHECKSUM')
             if os.path.exists(live_arch_root):
                 with open(live_arch_checksum, 'w+', encoding='utf-8') as lp:
-                    for lcheck in glob.iglob(iso_arch_root + '/*.CHECKSUM'):
+                    for lcheck in glob.iglob(live_arch_root + '/*.CHECKSUM'):
                         with open(lcheck, 'r', encoding='utf-8') as sum:
                             for line in sum:
                                 lp.write(line)
                             sum.close()
                     lp.close()
 
+            images_arch_root = os.path.join(sync_images_root, arch)
+            images_arch_checksum = os.path.join(sync_images_root, arch)
+            if os.path.exists(images_arch_root):
+                with open(images_arch_checksum, 'w+', encoding='utf-8') as ip:
+                    for icheck in glob.iglob(images_arch_root + '/*.CHECKSUM'):
+                        with open(icheck, 'r', encoding='utf-8') as sum:
+                            for line in sum:
+                                ip.write(line)
+                            sum.close()
+                    ip.close()
+
         # Deploy final metadata for a close out
         self.deploy_metadata(sync_root)
 

From 193c3f9b731375125f293e8f4e3223fe9fc68004 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Fri, 8 Jul 2022 20:44:15 -0700
Subject: [PATCH 72/96] solve path join issue

---
 iso/empanadas/empanadas/templates/README.tmpl | 10 +++++++---
 iso/empanadas/empanadas/util/dnf_utils.py     |  2 +-
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/iso/empanadas/empanadas/templates/README.tmpl b/iso/empanadas/empanadas/templates/README.tmpl
index 498653c..eae1a2a 100644
--- a/iso/empanadas/empanadas/templates/README.tmpl
+++ b/iso/empanadas/empanadas/templates/README.tmpl
@@ -4,7 +4,7 @@ using Empanadas {{ version }} from the SIG/Core Toolkit.
 As this is not a traditional compose, there will be things that you might be
 expecting and do not see, or not expecting and do see. While we attempted to
 recreate a lot of those elements, it's not perfect. In the future, we do plan on
-having more metadata and providing a client libraries that can ingest this type
+having more metadata and providing client libraries that can ingest this type
 of metadata that we produce for easy consumption.
 
 # Notes #
@@ -24,5 +24,9 @@ are attached to our GitHub and RESF Git Service profiles.
 If you are looking for "verification" of the ISO checksums and were expecting a
 `CHECKSUM.sig`, it is highly recommended to visit the link above instead.
 
-These are *always* updated with new releases or new images. This includes
-live images as we release them.
+To verify our signature, click on "commits" and click the green "Verified"
+button where you will see a GPG key ID. You can then search for this ID at the
+any of the following:
+
+https://keys.openpgp.org/
+https://keyserver.ubuntu.com
diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 1fdad86..90e7215 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -1521,7 +1521,7 @@ class RepoSync:
                     lp.close()
 
             images_arch_root = os.path.join(sync_images_root, arch)
-            images_arch_checksum = os.path.join(sync_images_root, arch)
+            images_arch_checksum = os.path.join(sync_images_root, 'CHECKSUM')
             if os.path.exists(images_arch_root):
                 with open(images_arch_checksum, 'w+', encoding='utf-8') as ip:
                     for icheck in glob.iglob(images_arch_root + '/*.CHECKSUM'):

From 1f9468092453d9025fe57b570c615617f1904f0e Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Sun, 10 Jul 2022 21:56:52 -0400
Subject: [PATCH 73/96] compress genericcloud and vagrant images by default

* add azure support
* use download.r.o url
---
 iso/empanadas/Containerfile.imagefactory              | 2 +-
 iso/empanadas/empanadas/scripts/build_image.py        | 8 ++++----
 iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/iso/empanadas/Containerfile.imagefactory b/iso/empanadas/Containerfile.imagefactory
index aa34ac2..d6b4aca 100644
--- a/iso/empanadas/Containerfile.imagefactory
+++ b/iso/empanadas/Containerfile.imagefactory
@@ -57,7 +57,7 @@ RUN rm -rf /etc/yum.repos.d/*.repo /get_arch
 
 RUN pip install awscli
 
-ENV BRANCH r9
+ARG BRANCH r9
 RUN git clone https://git.resf.org/sig_core/kickstarts.git --branch $BRANCH /kickstarts
 
 RUN pip install 'git+https://git.resf.org/sig_core/toolkit.git@devel#egg=empanadas&subdirectory=iso/empanadas'
diff --git a/iso/empanadas/empanadas/scripts/build_image.py b/iso/empanadas/empanadas/scripts/build_image.py
index 2f4b846..b4a6c97 100644
--- a/iso/empanadas/empanadas/scripts/build_image.py
+++ b/iso/empanadas/empanadas/scripts/build_image.py
@@ -100,7 +100,7 @@ class ImageBuild:
             ]
         if self.image_type in ["GenericCloud"]:
             self.stage_commands = [
-                    ["qemu-img", "convert", "-f", "raw", "-O", "qcow2", lambda: f"{STORAGE_DIR}/{self.target_uuid}.body", f"{self.outdir}/{self.outname}.qcow2"]
+                    ["qemu-img", "convert", "-c", "-f", "raw", "-O", "qcow2", lambda: f"{STORAGE_DIR}/{self.target_uuid}.body", f"{self.outdir}/{self.outname}.qcow2"]
             ]
         if self.image_type in ["EC2"]:
             self.stage_commands = [
@@ -120,7 +120,7 @@ class ImageBuild:
                     }
             output = f"{_map[self.variant]}" #type: ignore
             self.stage_commands = [
-                    ["qemu-img", "convert", "-f", "raw", "-O", output, lambda: f"{STORAGE_DIR}/{self.target_uuid}.body", f"{self.outdir}/{self.outname}.{output}"]
+                    ["qemu-img", "convert", "-c", "-f", "raw", "-O", output, lambda: f"{STORAGE_DIR}/{self.target_uuid}.body", f"{self.outdir}/{self.outname}.{output}"]
             ]
 
 
@@ -174,7 +174,7 @@ class ImageBuild:
         args = []
         if self.image_type == "Container":
             args = ["--parameter", "offline_icicle", "true"]
-        if self.image_type in ["GenericCloud", "EC2"]:
+        if self.image_type in ["GenericCloud", "EC2", "Vagrant", "Azure"]:
             args = ["--parameter", "generate_icicle", "false"]
         return args
 
@@ -354,7 +354,7 @@ class ImageBuild:
             log_lines("Command STDERR", stderr)
 
     def fix_ks(self):
-        self.runCmd(["sed", "-i", f"s,$basearch,{self.architecture.name},", self.kickstart_arg[-1]])
+        self.runCmd(["sed", "-i", f"s,$basearch,{self.architecture.name},", self.kickstart_arg[-1]], search=False)
 
     def render_kubernetes_job(self):
         commands = [self.build_command(), self.package_command(), self.copy_command()]
diff --git a/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl b/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl
index 900c17d..cec6642 100644
--- a/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl
+++ b/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl
@@ -5,7 +5,7 @@
             <version>{{minor}}</version>
             <arch>{{architecture}}</arch>
             <install type='url'>
-              <url>https://dl.rockylinux.org/stg/rocky/{{major}}/BaseOS/{{architecture}}/{{installdir}}</url>
+              <url>https://download.rockylinux.org/pub/rocky/{{major}}/BaseOS/{{architecture}}/{{installdir}}</url>
             </install>
             <icicle>
                 <extra_command>rpm -qa --qf '%{NAME},%{VERSION},%{RELEASE},%{ARCH},%{EPOCH},%{SIZE},%{SIGMD5},%{BUILDTIME}

From 9568b0cbcbbb2891802347631cc912fee6eece5a Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Mon, 11 Jul 2022 01:06:26 -0700
Subject: [PATCH 74/96] add in live generation

---
 iso/empanadas/empanadas/configs/el8.yaml      |   4 +
 iso/empanadas/empanadas/configs/el9-beta.yaml |   4 +
 iso/empanadas/empanadas/configs/el9.yaml      |   4 +
 iso/empanadas/empanadas/configs/el9lh.yaml    |   4 +
 iso/empanadas/empanadas/scripts/build_iso.py  |   2 +
 .../empanadas/scripts/build_iso_extra.py      |   2 +
 .../empanadas/scripts/build_iso_live.py       |   2 +
 .../empanadas/scripts/launch_builds.py        |   2 +-
 .../scripts/sync_from_peridot_test.py         |   1 +
 .../templates/buildLiveImage.tmpl.sh          |  21 ++
 .../empanadas/templates/liveisobuild.tmpl.sh  |  58 ++++
 iso/empanadas/empanadas/util/iso_utils.py     | 325 ++++++++++++++++--
 iso/empanadas/empanadas/util/shared.py        |  44 +++
 13 files changed, 435 insertions(+), 38 deletions(-)
 create mode 100644 iso/empanadas/empanadas/templates/liveisobuild.tmpl.sh

diff --git a/iso/empanadas/empanadas/configs/el8.yaml b/iso/empanadas/empanadas/configs/el8.yaml
index 3764f51..eddf471 100644
--- a/iso/empanadas/empanadas/configs/el8.yaml
+++ b/iso/empanadas/empanadas/configs/el8.yaml
@@ -105,6 +105,10 @@
       - 'vim-minimal'
       - 'pykickstart'
       - 'git'
+  variantmap:
+    git_repo: 'https://git.rockylinux.org/rocky/pungi-rocky.git'
+    branch: 'r8'
+    git_raw_path: 'https://git.rockylinux.org/rocky/pungi-rocky/-/raw/r8/'
   repoclosure_map:
     arches:
       x86_64: '--forcearch=x86_64 --arch=x86_64 --arch=athlon --arch=i686 --arch=i586 --arch=i486 --arch=i386 --arch=noarch'
diff --git a/iso/empanadas/empanadas/configs/el9-beta.yaml b/iso/empanadas/empanadas/configs/el9-beta.yaml
index b18186c..7eefd49 100644
--- a/iso/empanadas/empanadas/configs/el9-beta.yaml
+++ b/iso/empanadas/empanadas/configs/el9-beta.yaml
@@ -93,6 +93,10 @@
       - 'vim-minimal'
       - 'pykickstart'
       - 'git'
+  variantmap:
+    git_repo: 'https://git.rockylinux.org/rocky/pungi-rocky.git'
+    branch: 'r9-beta'
+    git_raw_path: 'https://git.rockylinux.org/rocky/pungi-rocky/-/raw/r9-beta/'
   repoclosure_map:
     arches:
       x86_64: '--forcearch=x86_64 --arch=x86_64 --arch=athlon --arch=i686 --arch=i586 --arch=i486 --arch=i386 --arch=noarch'
diff --git a/iso/empanadas/empanadas/configs/el9.yaml b/iso/empanadas/empanadas/configs/el9.yaml
index 7d16f9b..163c69a 100644
--- a/iso/empanadas/empanadas/configs/el9.yaml
+++ b/iso/empanadas/empanadas/configs/el9.yaml
@@ -93,6 +93,10 @@
       - 'vim-minimal'
       - 'pykickstart'
       - 'git'
+  variantmap:
+    git_repo: 'https://git.rockylinux.org/rocky/pungi-rocky.git'
+    branch: 'r9'
+    git_raw_path: 'https://git.rockylinux.org/rocky/pungi-rocky/-/raw/r9/'
   repoclosure_map:
     arches:
       x86_64: '--forcearch=x86_64 --arch=x86_64 --arch=athlon --arch=i686 --arch=i586 --arch=i486 --arch=i386 --arch=noarch'
diff --git a/iso/empanadas/empanadas/configs/el9lh.yaml b/iso/empanadas/empanadas/configs/el9lh.yaml
index e7500e4..26c96cd 100644
--- a/iso/empanadas/empanadas/configs/el9lh.yaml
+++ b/iso/empanadas/empanadas/configs/el9lh.yaml
@@ -93,6 +93,10 @@
       - 'vim-minimal'
       - 'pykickstart'
       - 'git'
+  variantmap:
+    git_repo: 'https://git.rockylinux.org/rocky/pungi-rocky.git'
+    branch: 'r9lh'
+    git_raw_path: 'https://git.rockylinux.org/rocky/pungi-rocky/-/raw/r9lh/'
   repoclosure_map:
     arches:
       x86_64: '--forcearch=x86_64 --arch=x86_64 --arch=athlon --arch=i686 --arch=i586 --arch=i486 --arch=i386 --arch=noarch'
diff --git a/iso/empanadas/empanadas/scripts/build_iso.py b/iso/empanadas/empanadas/scripts/build_iso.py
index fbf1d06..6da2e4d 100755
--- a/iso/empanadas/empanadas/scripts/build_iso.py
+++ b/iso/empanadas/empanadas/scripts/build_iso.py
@@ -13,6 +13,7 @@ parser.add_argument('--isolation', type=str, help="mock isolation mode")
 parser.add_argument('--rc', action='store_true', help="Release Candidate, Beta, RLN")
 parser.add_argument('--local-compose', action='store_true', help="Compose Directory is Here")
 parser.add_argument('--logger', type=str)
+parser.add_argument('--hashed', action='store_true')
 results = parser.parse_args()
 rlvars = rldict[results.release]
 major = rlvars['major']
@@ -24,6 +25,7 @@ a = IsoBuild(
         rc=results.rc,
         isolation=results.isolation,
         compose_dir_is_here=results.local_compose,
+        hashed=results.hashed,
         logger=results.logger,
 )
 
diff --git a/iso/empanadas/empanadas/scripts/build_iso_extra.py b/iso/empanadas/empanadas/scripts/build_iso_extra.py
index 9fe9c05..b645747 100755
--- a/iso/empanadas/empanadas/scripts/build_iso_extra.py
+++ b/iso/empanadas/empanadas/scripts/build_iso_extra.py
@@ -16,6 +16,7 @@ parser.add_argument('--local-compose', action='store_true', help="Compose Direct
 parser.add_argument('--logger', type=str)
 parser.add_argument('--extra-iso', type=str, help="Granular choice in which iso is built")
 parser.add_argument('--extra-iso-mode', type=str, default='local')
+parser.add_argument('--hashed', action='store_true')
 results = parser.parse_args()
 rlvars = rldict[results.release]
 major = rlvars['major']
@@ -30,6 +31,7 @@ a = IsoBuild(
         extra_iso=results.extra_iso,
         extra_iso_mode=results.extra_iso_mode,
         compose_dir_is_here=results.local_compose,
+        hashed=results.hashed,
         logger=results.logger
 )
 
diff --git a/iso/empanadas/empanadas/scripts/build_iso_live.py b/iso/empanadas/empanadas/scripts/build_iso_live.py
index f06426e..b7a7d84 100755
--- a/iso/empanadas/empanadas/scripts/build_iso_live.py
+++ b/iso/empanadas/empanadas/scripts/build_iso_live.py
@@ -14,6 +14,7 @@ parser.add_argument('--local-compose', action='store_true', help="Compose Direct
 parser.add_argument('--image', type=str, help="Granular choice in which live image is built")
 parser.add_argument('--logger', type=str)
 parser.add_argument('--live-iso-mode', type=str, default='local')
+parser.add_argument('--hashed', action='store_true')
 results = parser.parse_args()
 rlvars = rldict[results.release]
 major = rlvars['major']
@@ -26,6 +27,7 @@ a = LiveBuild(
         live_iso_mode=results.live_iso_mode,
         image=results.image,
         compose_dir_is_here=results.local_compose,
+        hashed=results.hashed,
         logger=results.logger
 )
 
diff --git a/iso/empanadas/empanadas/scripts/launch_builds.py b/iso/empanadas/empanadas/scripts/launch_builds.py
index e693d7b..81dd457 100755
--- a/iso/empanadas/empanadas/scripts/launch_builds.py
+++ b/iso/empanadas/empanadas/scripts/launch_builds.py
@@ -31,7 +31,7 @@ def run():
     elif results.env == "all":
         arches = EKSARCH+EXTARCH
 
-    command = ["build-iso", "--release", f"{results.release}", "--isolation", "simple"]
+    command = ["build-iso", "--release", f"{results.release}", "--isolation", "simple", "--hashed"]
     if results.rc:
         command += ["--rc"]
 
diff --git a/iso/empanadas/empanadas/scripts/sync_from_peridot_test.py b/iso/empanadas/empanadas/scripts/sync_from_peridot_test.py
index 7678f33..5a3dbb1 100755
--- a/iso/empanadas/empanadas/scripts/sync_from_peridot_test.py
+++ b/iso/empanadas/empanadas/scripts/sync_from_peridot_test.py
@@ -18,3 +18,4 @@ def run():
     print(rlvars.keys())
     print(rlvars)
     print(empanadas.__version__)
+    print(a.hashed)
diff --git a/iso/empanadas/empanadas/templates/buildLiveImage.tmpl.sh b/iso/empanadas/empanadas/templates/buildLiveImage.tmpl.sh
index 045522a..841987a 100644
--- a/iso/empanadas/empanadas/templates/buildLiveImage.tmpl.sh
+++ b/iso/empanadas/empanadas/templates/buildLiveImage.tmpl.sh
@@ -6,10 +6,31 @@ set -ex
 mkdir -p {{ compose_live_work_dir }}/{{ arch }}
 cd  {{ compose_live_work_dir }}/{{ arch }}
 test -f {{ isoname }} && { echo "ERROR: ISO ALREDY EXISTS!"; exit 1; }
+
+major=$(grep loop /proc/devices | cut -c3)
+for index in 0 1 2 3 4 5; do
+  mknod /dev/loop$index $major $index
+done
 {% else %}
 cd /builddir
 
 {% endif %}
 
+{{ git_clone }}
+if [ -d "/builddir/ks/live/{{ major }}/peridot" ]; then
+  pushd /builddir/ks/live/{{ major }}/peridot || { echo "Could not change directory"; exit 1; }
+else
+  pushd /builddir/ks/live/{{ major }}/staging || { echo "Could not change directory"; exit 1; }
+fi
+ksflatten -c {{ ks_file }} -o /builddir/ks.cfg
+if [ $? -ne 0 ]; then
+  echo "Error flattening kickstart"
+  exit 1
+fi
+popd || { echo "Could not leave directory"; exit 1; }
+
 {{ make_image }}
 
+{% if live_iso_mode == "podman" %}
+cp /builddir/lmc/{{ isoname }} {{ compose_live_work_dir }}/{{ arch }}/{{ isoname }}
+{% endif %}
diff --git a/iso/empanadas/empanadas/templates/liveisobuild.tmpl.sh b/iso/empanadas/empanadas/templates/liveisobuild.tmpl.sh
new file mode 100644
index 0000000..656f3fc
--- /dev/null
+++ b/iso/empanadas/empanadas/templates/liveisobuild.tmpl.sh
@@ -0,0 +1,58 @@
+#!/bin/bash
+# This is a template that is used to build extra ISO's for Rocky Linux. Only
+# under extreme circumstances should you be filling this out and running
+# manually.
+
+set -o pipefail
+
+# Vars
+MOCK_CFG="/var/tmp/live-{{ major }}.cfg"
+MOCK_ROOT="/var/lib/mock/{{ shortname|lower }}-{{ major }}-{{ arch }}"
+MOCK_RESL="${MOCK_ROOT}/result"
+MOCK_CHRO="${MOCK_ROOT}/root"
+MOCK_LOG="${MOCK_RESL}/mock-output.log"
+IMAGE_SCR="{{ entries_dir }}/buildLiveImage-{{ arch }}-{{ image }}.sh"
+IMAGE_ISO="{{ isoname }}"
+ISOLATION="{{ isolation }}"
+BUILDDIR="{{ builddir }}"
+
+if [ -f "/usr/sbin/setenforce" ]; then
+  sudo setenforce 0
+fi
+
+# Init the container
+mock \
+  -r "${MOCK_CFG}" \
+  --isolation="${ISOLATION}" \
+  --enable-network \
+  --init
+
+init_ret_val=$?
+if [ $init_ret_val -ne 0 ]; then
+  echo "!! MOCK INIT FAILED !!"
+  exit 1
+fi
+
+mkdir -p "${MOCK_RESL}"
+cp "${IMAGE_SCR}" "${MOCK_CHRO}${IMAGE_SCR}"
+
+mock \
+  -r "${MOCK_CFG}" \
+  --shell \
+  --isolation="${ISOLATION}" \
+  --enable-network -- /bin/bash "${IMAGE_SCR}" | tee -a "${MOCK_LOG}"
+
+mock_ret_val=$?
+if [ $mock_ret_val -eq 0 ]; then
+  # Copy resulting data to /var/lib/mock/{{ shortname|lower }}-{{ major }}-{{ arch }}/result
+  mkdir -p "${MOCK_RESL}"
+  cp "${MOCK_CHRO}${BUILDDIR}/lmc/${IMAGE_ISO}" "${MOCK_RESL}"
+else
+  echo "!! EXTRA ISO RUN FAILED !!"
+  exit 1
+fi
+
+# Clean up?
+if [ -f "/usr/sbin/setenforce" ]; then
+  sudo setenforce 1
+fi
diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index 8455096..6c6bf04 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -60,6 +60,7 @@ class IsoBuild:
             extra_iso=None,
             extra_iso_mode: str = 'local',
             compose_dir_is_here: bool = False,
+            hashed: bool = False,
             image=None,
             logger=None
     ):
@@ -91,6 +92,7 @@ class IsoBuild:
         self.extra_iso_mode = extra_iso_mode
         self.checksum = rlvars['checksum']
         self.profile = rlvars['profile']
+        self.hashed = hashed
 
         # Relevant major version items
         self.arch = arch
@@ -185,7 +187,15 @@ class IsoBuild:
             self.log.addHandler(handler)
 
         self.log.info('iso build init')
-        self.repolist = self.build_repo_list()
+        self.repolist = Shared.build_repo_list(
+                self.repo_base_url,
+                self.repos,
+                self.project_id,
+                self.current_arch,
+                self.compose_latest_sync,
+                self.compose_dir_is_here,
+                self.hashed
+        )
         self.log.info(self.revision)
 
     def run(self):
@@ -208,36 +218,6 @@ class IsoBuild:
         )
         self.log.info('ISO Build completed.')
 
-    def build_repo_list(self):
-        """
-        Builds the repo dictionary
-        """
-        repolist = []
-        for name in self.repos:
-            if not self.compose_dir_is_here:
-                constructed_url = '{}/{}/repo/hashed-{}/{}'.format(
-                        self.repo_base_url,
-                        self.project_id,
-                        name,
-                        self.current_arch
-                )
-            else:
-                constructed_url = 'file://{}/{}/{}/os'.format(
-                        self.compose_latest_sync,
-                        name,
-                        self.current_arch
-                )
-
-
-            repodata = {
-                'name': name,
-                'url': constructed_url
-            }
-
-            repolist.append(repodata)
-
-        return repolist
-
     def iso_build(self):
         """
         This does the general ISO building for the current running
@@ -761,7 +741,7 @@ class IsoBuild:
                 elif self.extra_iso_mode == 'podman':
                     continue
                 else:
-                    self.log.info(Color.FAIL + 'Mode specified is not valid.')
+                    self.log.error(Color.FAIL + 'Mode specified is not valid.')
                     raise SystemExit()
 
         if self.extra_iso_mode == 'podman':
@@ -1409,6 +1389,22 @@ class IsoBuild:
                     c.write(checksum)
                     c.close()
 
+                self.log.info('Creating a symlink to latest image...')
+                latest_name = '{}/{}-{}-{}.latest.{}.{}'.format(
+                        image_arch_dir,
+                        self.shortname,
+                        self.major_version,
+                        imagename,
+                        arch,
+                        formattype
+                )
+                # For some reason python doesn't have a "yeah just change this
+                # link" part of the function
+                if os.path.exists(latest_name):
+                    os.remove(latest_name)
+
+                os.symlink(drop_name, latest_name)
+
         self.log.info(Color.INFO + 'Image download phase completed')
 
 
@@ -1427,6 +1423,7 @@ class LiveBuild:
             isolation: str = 'simple',
             live_iso_mode: str = 'local',
             compose_dir_is_here: bool = False,
+            hashed: bool = False,
             image=None,
             logger=None
     ):
@@ -1440,7 +1437,7 @@ class LiveBuild:
         self.major_version = major
         self.compose_dir_is_here = compose_dir_is_here
         self.date_stamp = config['date_stamp']
-        self.timestamp = time.strftime("%Y%m%d", time.localtime())
+        self.date = time.strftime("%Y%m%d", time.localtime())
         self.compose_root = config['compose_root']
         self.compose_base = config['compose_root'] + "/" + major
         self.current_arch = config['arch']
@@ -1453,6 +1450,7 @@ class LiveBuild:
         self.live_iso_mode = live_iso_mode
         self.checksum = rlvars['checksum']
         self.profile = rlvars['profile']
+        self.hashed = hashed
 
         # Relevant major version items
         self.arch = config['arch']
@@ -1461,6 +1459,7 @@ class LiveBuild:
         self.minor_version = rlvars['minor']
         self.revision = rlvars['revision'] + "-" + rlvars['rclvl']
         self.rclvl = rlvars['rclvl']
+        self.disttag = config['dist']
         self.repos = rlvars['iso_map']['lorax']['repos']
         self.repo_base_url = config['repo_base_url']
         self.project_id = rlvars['project_id']
@@ -1513,6 +1512,15 @@ class LiveBuild:
             self.log.addHandler(handler)
 
         self.log.info('live build init')
+        self.repolist = Shared.build_repo_list(
+                self.repo_base_url,
+                self.repos,
+                self.project_id,
+                self.current_arch,
+                self.compose_latest_sync,
+                self.compose_dir_is_here,
+                self.hashed
+        )
         self.log.info(self.revision)
 
     def run_build_live_iso(self):
@@ -1555,6 +1563,20 @@ class LiveBuild:
                 ', '.join(images_to_build)
         )
 
+        for i in images_to_build:
+            self._live_iso_local_config(i, work_root)
+
+            if self.live_iso_mode == 'local':
+                self._live_iso_local_run(self.current_arch, i, work_root)
+            elif self.live_iso_mode == 'podman':
+                continue
+            else:
+                self.log.error(Color.FAIL + 'Mode specified is not valid.')
+                raise SystemExit()
+
+        if self.live_iso_mode == 'podman':
+            self._live_iso_podman_run(self.current_arch, images_to_build, work_root)
+
     def _live_iso_local_config(self, image, work_root):
         """
         Live ISO build configuration - This generates both mock and podman
@@ -1562,6 +1584,128 @@ class LiveBuild:
         """
         self.log.info('Generating Live ISO configuration and script')
 
+        entries_dir = os.path.join(work_root, "entries")
+        mock_iso_template = self.tmplenv.get_template('isomock.tmpl.cfg')
+        mock_sh_template = self.tmplenv.get_template('liveisobuild.tmpl.sh')
+        iso_template = self.tmplenv.get_template('buildLiveImage.tmpl.sh')
+
+        mock_iso_path = '/var/tmp/live-{}.cfg'.format(self.major_version)
+        mock_sh_path = '{}/liveisobuild-{}-{}.sh'.format(
+                entries_dir,
+                self.current_arch,
+                image
+        )
+        iso_template_path = '{}/buildLiveImage-{}-{}.sh'.format(
+                entries_dir,
+                self.current_arch,
+                image
+        )
+
+        log_root = os.path.join(
+                work_root,
+                "logs",
+                self.date_stamp
+        )
+
+        ks_start = self.livemap['ksentry'][image]
+
+        if not os.path.exists(log_root):
+            os.makedirs(log_root, exist_ok=True)
+
+        log_path_command = '| tee -a {}/{}-{}.log'.format(
+                log_root,
+                self.current_arch,
+                image
+        )
+        required_pkgs = self.livemap['required_pkgs']
+
+        volid = '{}-{}-{}'.format(
+                self.shortname,
+                image,
+                self.release
+        )
+
+        isoname = '{}-{}-{}-{}-{}.iso'.format(
+                self.shortname,
+                image,
+                self.release,
+                self.current_arch,
+                self.date
+        )
+
+        live_pkg_cmd = '/usr/bin/dnf install {} -y {}'.format(
+                ' '.join(required_pkgs),
+                log_path_command
+        )
+
+        git_clone_cmd = '/usr/bin/git clone {} -b {} /builddir/ks {}'.format(
+                self.livemap['git_repo'],
+                self.livemap['branch'],
+                log_path_command
+        )
+
+        make_image_cmd = ('/usr/sbin/livemedia-creator --ks {} --no-virt '
+                '--resultdir /builddir/lmc --project="{}" --make-iso --volid {} '
+                '--iso-only --iso-name {} --releasever={} --nomacboot {}').format(
+                        '/builddir/ks.cfg',
+                        self.distname,
+                        volid,
+                        isoname,
+                        self.release,
+                        log_path_command
+        )
+
+        mock_iso_template_output = mock_iso_template.render(
+                arch=self.current_arch,
+                major=self.major_version,
+                fullname=self.fullname,
+                shortname=self.shortname,
+                required_pkgs=required_pkgs,
+                dist=self.disttag,
+                repos=self.repolist,
+                compose_dir_is_here=True,
+                user_agent='{{ user_agent }}',
+                compose_dir=self.compose_root,
+        )
+
+        mock_sh_template_output = mock_sh_template.render(
+                arch=self.current_arch,
+                major=self.major_version,
+                isolation=self.mock_isolation,
+                builddir=self.mock_work_root,
+                shortname=self.shortname,
+                isoname=isoname,
+                entries_dir=entries_dir,
+                image=image,
+        )
+
+        iso_template_output = iso_template.render(
+                live_iso_mode=self.live_iso_mode,
+                arch=self.current_arch,
+                compose_live_work_dir=self.live_work_dir,
+                make_image=make_image_cmd,
+                live_pkg_cmd=live_pkg_cmd,
+                isoname=isoname,
+                major=self.major_version,
+                git_clone=git_clone_cmd,
+                ks_file=ks_start,
+        )
+
+        with open(mock_iso_path, "w+") as mip:
+            mip.write(mock_iso_template_output)
+            mip.close()
+
+        with open(mock_sh_path, "w+") as msp:
+            msp.write(mock_sh_template_output)
+            msp.close()
+
+        with open(iso_template_path, "w+") as itp:
+            itp.write(iso_template_output)
+            itp.close()
+
+        os.chmod(mock_sh_path, 0o755)
+        os.chmod(iso_template_path, 0o755)
+
     def _live_iso_podman_run(self, arch, images, work_root):
         """
         Does all the image building in podman containers to parallelize the
@@ -1578,9 +1722,112 @@ class LiveBuild:
         isos_dir = self.live_work_dir
         bad_exit_list = []
         checksum_list = []
+        entry_name_list = []
         for i in images:
-            entry_name_list = []
             image_name = i
+            entry_name = 'buildLiveImage-{}-{}.sh'.format(arch, i)
+            entry_name_list.append(entry_name)
+
+            isoname = '{}/{}-{}-{}-{}-{}.iso'.format(
+                    arch,
+                    self.shortname,
+                    i,
+                    self.major_version,
+                    arch,
+                    self.date
+            )
+
+            checksum_list.append(isoname)
+
+        print(entry_name_list, cmd, entries_dir)
+        for pod in entry_name_list:
+            podman_cmd_entry = '{} run -d -it -v "{}:{}" -v "{}:{}" --name {} --entrypoint {}/{} {}'.format(
+                    cmd,
+                    self.compose_root,
+                    self.compose_root,
+                    entries_dir,
+                    entries_dir,
+                    pod,
+                    entries_dir,
+                    pod,
+                    self.container
+            )
+
+            process = subprocess.call(
+                    shlex.split(podman_cmd_entry),
+                    stdout=subprocess.DEVNULL,
+                    stderr=subprocess.DEVNULL
+            )
+
+        join_all_pods = ' '.join(entry_name_list)
+        time.sleep(3)
+        self.log.info(Color.INFO + 'Building requested live images ...')
+
+        pod_watcher = '{} wait {}'.format(
+                cmd,
+                join_all_pods
+        )
+
+        watch_man = subprocess.call(
+                shlex.split(pod_watcher),
+                stdout=subprocess.DEVNULL,
+                stderr=subprocess.DEVNULL
+        )
+
+        # After the above is done, we'll check each pod process for an exit
+        # code.
+        pattern = "Exited (0)"
+        for pod in entry_name_list:
+            checkcmd = '{} ps -f status=exited -f name={}'.format(
+                    cmd,
+                    pod
+            )
+            podcheck = subprocess.Popen(
+                    checkcmd,
+                    stdout=subprocess.PIPE,
+                    stderr=subprocess.PIPE,
+                    shell=True
+            )
+
+            output, errors = podcheck.communicate()
+            if 'Exited (0)' not in output.decode():
+                self.log.error(Color.FAIL + pod)
+                bad_exit_list.append(pod)
+
+        rmcmd = '{} rm {}'.format(
+                cmd,
+                join_all_pods
+        )
+
+        rmpod = subprocess.Popen(
+                rmcmd,
+                stdout=subprocess.DEVNULL,
+                stderr=subprocess.DEVNULL,
+                shell=True
+        )
+
+        entry_name_list.clear()
+        for p in checksum_list:
+            path = os.path.join(isos_dir, p)
+            if os.path.exists(path):
+                self.log.info(Color.INFO + 'Performing checksum for ' + p)
+                checksum = Shared.get_checksum(path, self.checksum, self.log)
+                if not checksum:
+                    self.log.error(Color.FAIL + path + ' not found! Are you sure it was built?')
+                with open(path + '.CHECKSUM', "w+") as c:
+                    c.write(checksum)
+                    c.close()
+
+        self.log.info(Color.INFO + 'Building live images completed')
+
+        if len(bad_exit_list) == 0:
+            self.log.info(Color.INFO + 'Copying ISOs over to compose directory...')
+        else:
+            self.log.error(
+                    Color.FAIL +
+                    'There were issues with the work done. As a result, ' +
+                    'the ISOs will not be copied.'
+            )
 
     def _live_iso_local_run(self, arch, image, work_root):
         """
@@ -1598,7 +1845,11 @@ class LiveBuild:
             raise SystemExit()
 
         self.log.warn(
-                Color.WARN +
-                'If you are looping images, your built image may get overwritten.'
+                Color.WARN + 'This is meant for builds done in peridot or ' +
+                'locally for an end user.'
+        )
+        self.log.warn(
+                Color.WARN +
+                'If you are looping images, your built image WILL get ' +
+                'overwritten.'
         )
-
diff --git a/iso/empanadas/empanadas/util/shared.py b/iso/empanadas/empanadas/util/shared.py
index 411e23e..50894e8 100644
--- a/iso/empanadas/empanadas/util/shared.py
+++ b/iso/empanadas/empanadas/util/shared.py
@@ -10,6 +10,7 @@ import requests
 import boto3
 import xmltodict
 import productmd.treeinfo
+import productmd.composeinfo
 import empanadas
 import kobo.shortcuts
 from empanadas.common import Color
@@ -871,3 +872,46 @@ class Shared:
                 shlex.quote(opts['iso_name']),
             )
 
+    @staticmethod
+    def build_repo_list(
+            repo_base_url,
+            repos,
+            project_id,
+            current_arch,
+            compose_latest_sync,
+            compose_dir_is_here: bool = False,
+            hashed: bool = False,
+        ):
+        """
+        Builds the repo dictionary
+        """
+        repolist = []
+        prehashed = ''
+        if hashed:
+            prehashed = 'hashed-'
+
+        for name in repos:
+            if not compose_dir_is_here:
+                constructed_url = '{}/{}/repo/{}{}/{}'.format(
+                        repo_base_url,
+                        project_id,
+                        prehashed,
+                        name,
+                        current_arch
+                )
+            else:
+                constructed_url = 'file://{}/{}/{}/os'.format(
+                        compose_latest_sync,
+                        name,
+                        current_arch
+                )
+
+
+            repodata = {
+                'name': name,
+                'url': constructed_url
+            }
+
+            repolist.append(repodata)
+
+        return repolist

From 30d1c317cdc5c61439526133b5809473558f26a7 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Mon, 11 Jul 2022 08:58:13 -0700
Subject: [PATCH 75/96] seems to work with selinux on

---
 .../empanadas/templates/liveisobuild.tmpl.sh         | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/iso/empanadas/empanadas/templates/liveisobuild.tmpl.sh b/iso/empanadas/empanadas/templates/liveisobuild.tmpl.sh
index 656f3fc..f5e48ec 100644
--- a/iso/empanadas/empanadas/templates/liveisobuild.tmpl.sh
+++ b/iso/empanadas/empanadas/templates/liveisobuild.tmpl.sh
@@ -16,9 +16,9 @@ IMAGE_ISO="{{ isoname }}"
 ISOLATION="{{ isolation }}"
 BUILDDIR="{{ builddir }}"
 
-if [ -f "/usr/sbin/setenforce" ]; then
-  sudo setenforce 0
-fi
+#if [ -f "/usr/sbin/setenforce" ]; then
+#  sudo setenforce 0
+#fi
 
 # Init the container
 mock \
@@ -53,6 +53,6 @@ else
 fi
 
 # Clean up?
-if [ -f "/usr/sbin/setenforce" ]; then
-  sudo setenforce 1
-fi
+#if [ -f "/usr/sbin/setenforce" ]; then
+#  sudo setenforce 1
+#fi

From 520db534be16c2c6befa5f0d66f41f8c1e34e39f Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Mon, 11 Jul 2022 15:12:41 -0700
Subject: [PATCH 76/96] add justcopyit for live images

---
 iso/empanadas/README.md                       |   2 +
 iso/empanadas/empanadas/.common.py.swp        | Bin 0 -> 16384 bytes
 .../empanadas/scripts/build_iso_live.py       |   2 +
 .../empanadas/scripts/generate_compose.py     |  72 ++++++++++++++++++
 iso/empanadas/empanadas/util/iso_utils.py     |  56 ++++++++++++--
 iso/empanadas/empanadas/util/shared.py        |   4 +
 iso/empanadas/pyproject.toml                  |   1 +
 7 files changed, 130 insertions(+), 7 deletions(-)
 create mode 100644 iso/empanadas/empanadas/.common.py.swp
 create mode 100755 iso/empanadas/empanadas/scripts/generate_compose.py

diff --git a/iso/empanadas/README.md b/iso/empanadas/README.md
index b7ec7ef..5058d5f 100644
--- a/iso/empanadas/README.md
+++ b/iso/empanadas/README.md
@@ -41,6 +41,8 @@ Changes to the poetry.lock should be commited if dependencies are added or updat
 * finalize_compose     -> Finalizes a compose with metadata and checksums, as well as copies images
 * launch-builds        -> Creates a kube config to run build-iso
 * build-image          -> Runs build-iso
+* generate_compose     -> Creates a compose directory right away and optionally links it as latest
+                          (You should only use this if you are running into errors with images)
 ```
 
 ## wrappers
diff --git a/iso/empanadas/empanadas/.common.py.swp b/iso/empanadas/empanadas/.common.py.swp
new file mode 100644
index 0000000000000000000000000000000000000000..15e89105dbe45c91f269931e98c09cfd2a34137b
GIT binary patch
literal 16384
zcmeHNO^h5z6>dWK3B-vZQN)d+&1z<o-5$rASn)^;Uhj^bQP#U=c5P#Jmr+em%}i&z
zyPB%%^-df^f+7w`5QPiEkpM+OfW$2akaB}dE)a4+5gY(<B9Vv$5=xW{e6PBDc4j?E
zlnXynxAe_)*L(Hq)mPP3^{Tpa{8IBgd&oQC;5zC!H=cW`^Trpx>3BbNosf4#Na^o!
zX&wh2kNYCjvge1=-@Pi;t``e4nenUEV67jRnhyFkUn)^EQii)o2(+w;DB&^hay@qE
z%P5kumkcLOl}{xDB?Iq=fz<ToA3EYJoVfouWjp46hTZkai|@xmsarBoGEg#5GEg#5
zGEg#5GEg#5GVp)SfJts~zJ@y7lGj7!{~tK?|H1tEQ~AF>B+nnqzmkEHfs%oefs%oe
zfs%oefs%oefs%oefs%oef&W1Uc-L|6hF@<{z>o9)BL08vPRIEZ@G|f#;OD^4fFA<S
z0AB~51fBr4fo0$fa3}D$I~?bCzzyJgzz_(5b>Jj$6u1-k>k-HK4e)E=8Q>{E0$&79
z1NQ<)fwymWoWB4s0WSbQ0Cs_sz^%Y5A9tMJ0xtkJfG2<ySOq=}{Oe<m^CIwFAOaSF
zyMfnkbDZaaCxI^mp9f}uqrg8u>Nvj#UId;4o&_EUwt;(qyMeoae|*GoUIl&xJP*V`
z9k>HH0=)iV$N2^D6mS{11l$h1{vmJ!oCDsz)p33T7(fFGI1Ste{2d!FuL4g4-v+(~
zXkZ(-54Z<-3!68u051dI0s6oUKyCVFv5|AA?=f6Kk1egPu3v7fv^TF@XtXaawVF$7
zn;TngGfcz|TU=yoG8T1*l<87D(1JDgeUX?z#?_v?2}KrY7Q}lz47znzy=F6CpJUhd
zxC(e|uFtx&4&_F1R>op!kYRe+b*C$O%o?-G?c7S$KGm5vY7Sy+**-10?kt=C9P8ji
zlDc!<mPDnwmv~>Hc(=~B+|{777bxS-A^D8lcXtld&WTv4z+Vn!+J!Dvc<w;jSUz!c
z;<Ahl50K5;KEt&j!{>uIh<Hf17tb`^oiQs*kEKeC>`djHEwXE9qGQYJ=P#^pG}_IL
z_4eiU)*~y;7DPpAYkhr_-N#(|zNY5ljw^pa3HG7Ojc9Abqr^F;LXf19RfXNaH(M%<
zxUb~SG|8S&NN+VRH8+~;Yc>yM-l{0E7icteWd~(c<}3Kk>_X&+dtn9H*ycc>Q(O(g
zkaYyp!nUm$h(IwVbRv8c><MZz)(b*G`-aD;eTu8Xc-&=y(X5Mh*yE(F*?=RD8K7su
zpjVkalm~qT{C82R88A-WB^6A3CFLPA68TV`P~<rq$`mBQ7FT^?Oc3`y)_S<HS~+Bq
z`s7*Bm5QT#Dz=esG(1!d4n%^-8aBDHhG*13gv^pTs`Mda;A%VGjxU4)U4uLcdc%<;
zDve`!!QdOWp3H~AE_fSiBciMr6q;MiUbqb_YwQQ6x-3Jfyff>oE7T&^KWLNlHyiV)
zy|N6AwH4<W-aprR@6y}n%eWWx(U4iksO;3Uwk$k}h3KN%k{Wf2ZPql*=P{KGg`By9
zIL9ek7vFhN_w&+(I%jprqtMg5C)%Op-70m6*=%sIEh!TbSIMzCR#BBXCSqT9LDr&c
zzh1$M&b94Db*G22NRz744`s&-=ocf>wYHMdbOUwWeq?s9M`gORRJ&%BNCl?QQ#YFD
zat2^f$%v8Gf!o<j^WX70YZzTS@Z2e?gjX}LbqIq_8!wkkl`phs->a%S`g{)KZKgI&
zd&C2ELV8oO^2S-n22r<@`n$rkQx#(9atFpFx?ZcH*xvl8C{HhVsh&qiH}fYv9`VOy
z%&%$>pY6G}6XaIN!emZ28y{V0qbhy8tE4lsm5Z;BjiP$t)bV{%%5Fw|%uN#i<O3lM
zu%p|tY@Ei(lMj%Ts|Yt^vi*lnwsTR`9f@3ni9?6nNTreOT2>J~K<9~hWXoycBgbJ;
zg>IlH1#C5l)BQpWf=APZ>x<Y(UB@&gcyy{ziD0fxgSu^La<$e;gRqNkT&O6K$aV(<
z%HakXrV+_{+Ot_aqS=$GU)#ICmMHls24Gzn!Ry%e@gnx68e*nMJ5*E@C?!=bNjvn$
z6sqs0rp9ZJGP)@Sc^Mx#AH@b8C6RjmKw22a1l331o2HzL3Qcq(m=Keid19e+Fz2Bv
zCWwRwYI}53b!V>3L^EA)=HZ$1GaHzftr(xD^3cj>XNxX~4uaeXS{%bl<Y90hV0x(*
za%x}5D<ZTrU=n#^A783=&(n-rt=KWOQYh!+DfHDlD(0^oP5Jo%i8p)67!`C<BUUhA
zR%e}T44NW1Mw6+w(<Vm`A?7jf`2*qaVs>S?Ha3?wk+HHx{^pa#@|C4Enlng7$(R!8
zaR*ZkWjVXlTs@qn)vzignv&!4Qj69K6NOx9(0Y>Wl5|R@=Gxiy!<o*t8V&0j38&;C
zPf^bH@r8x0<5A|WtyGbCf1Y@8ZKcs#ZLT#&>JQ|S+^-_TsfEJK>cs=)Q-$`*QtJ^*
zSE0XfGS{C-JyoP$xY)X|I%em=Tsx~+VdT__Jeg=6C6e!c$hFR9>U<K$vVj&YoORL|
z3q0AwD2<6<v#SD2k0DE;fQiot6$RAzGBrtxudS&i>Cz(XZS9I7*6`Wl$e~nPS-0C*
zP;qp%cDqVia|~*<qQ(jelcd!nUAnT>$EaU6Xqc!%J)5yfL)cJ&JtBrycn~Sr?82lf
zKJdk%M7oR`W}2BpSeG4kXxtN>CPGz5UeMbyXN}H!?Kalj1~r+GX6|LSb2-%%HZ!6p
zl&jF=X@~`bZ|ovrDW+L76cGk$EJm?Rv+DzzDbMl_A_bNV%>c=mgB4f!E<KYE6Pi%-
zd3Q5~g-n2k3uz53v53s2V?|;$oF@*r9>8Sr7|K44lEtH4p5&SsSBhj>^Az_qrWN<a
zP*yxkjcI=g>z>R61`qVEfl$Js`2TUl$Zr7@{}<=`e?}aC1Na8e0zLsejhOvGU<UXs
za4YZz;`2WMzXW~^JPB+8UjmxI5#W!A(Z3ID15JR+dXvg4uabe1fs%oefs%oefs%oe
zfs%oef&T~tStN!SFALKAP*-VhYmqj~0)v1BCl&|`vt9JX{C^I?=c7_B+Fv{b*eYMN
zzXu^985XovJ(-lKAU0LEnVl2abBm&wTCrD;t(}fUY_}UE6insEMr06M*W->ACrJ6(
zhIMCW%f-g7yehhFQWe_8jyC0`YusUk#MmP8bP~eJQN>&@FOK3yis;(8s0wQ4CQ2_3
zp)zjl6Cy_{=ClnkBZ2r3VHKrVa_WfH4T|jrBJ9%sHcTUQUqos~l6CJrwQ`4Sfg@{~
z0cyI#>3Og_)}D3eG-^jXTf0}=G7g7}n+j2X7N=4OJ|3Y$Z7%aTt4ZEbD2J^X)o%KE
zVC_<NJck{PsDteZ8$=hU6j>9!>p3A=rt4<w%RC7T&KV!eY({~OxbX)bJ1f)p9S$Eo
zoLABzl$a{_{K6!*`$i{~R64pGw%O<ab3%u<U8Wx3<%gzOM>xn_bk+CHW2>CKjT0o>
n^qUS|^J7+K4`8t!NxQr#tMHl832xD)C#yrpwRCKg9qs-byo?E<

literal 0
HcmV?d00001

diff --git a/iso/empanadas/empanadas/scripts/build_iso_live.py b/iso/empanadas/empanadas/scripts/build_iso_live.py
index b7a7d84..92cc100 100755
--- a/iso/empanadas/empanadas/scripts/build_iso_live.py
+++ b/iso/empanadas/empanadas/scripts/build_iso_live.py
@@ -15,6 +15,7 @@ parser.add_argument('--image', type=str, help="Granular choice in which live ima
 parser.add_argument('--logger', type=str)
 parser.add_argument('--live-iso-mode', type=str, default='local')
 parser.add_argument('--hashed', action='store_true')
+parser.add_argument('--just-copy-it', action='store_true', help="Just copy the images to the compose dir")
 results = parser.parse_args()
 rlvars = rldict[results.release]
 major = rlvars['major']
@@ -28,6 +29,7 @@ a = LiveBuild(
         image=results.image,
         compose_dir_is_here=results.local_compose,
         hashed=results.hashed,
+        justcopyit=results.just_copy_it,
         logger=results.logger
 )
 
diff --git a/iso/empanadas/empanadas/scripts/generate_compose.py b/iso/empanadas/empanadas/scripts/generate_compose.py
new file mode 100755
index 0000000..d2a50fe
--- /dev/null
+++ b/iso/empanadas/empanadas/scripts/generate_compose.py
@@ -0,0 +1,72 @@
+# This script can be called to do single syncs or full on syncs.
+
+import argparse
+import logging
+import sys
+
+from empanadas.common import *
+from empanadas.util import Checks
+from empanadas.util import RepoSync
+from empanadas.util import Shared
+
+# Start up the parser baby
+parser = argparse.ArgumentParser(description="Peridot Sync and Compose")
+
+# All of our options
+parser.add_argument('--release', type=str, help="Major Release Version or major-type (eg 9-beta)", required=True)
+parser.add_argument('--logger', type=str)
+
+# Parse them
+results = parser.parse_args()
+rlvars = rldict[results.release]
+major = rlvars['major']
+
+r = Checks(rlvars, config['arch'])
+r.check_valid_arch()
+
+# Send them and do whatever I guess
+def run():
+    if results.logger is None:
+        log = logging.getLogger("generate")
+        log.setLevel(logging.INFO)
+        handler = logging.StreamHandler(sys.stdout)
+        handler.setLevel(logging.INFO)
+        formatter = logging.Formatter(
+            '%(asctime)s :: %(name)s :: %(message)s',
+            '%Y-%m-%d %H:%M:%S'
+        )
+        handler.setFormatter(formatter)
+        log.addHandler(handler)
+    else:
+        log = results.logger
+
+    compose_base = config['compose_root'] + "/" + major
+    shortname = config['shortname']
+    version = rlvars['revision']
+    date_stamp = config['date_stamp']
+    profile = rlvars['profile']
+    logger = log
+
+    generated_dir = Shared.generate_compose_dirs(
+            compose_base,
+            shortname,
+            version,
+            date_stamp,
+            logger
+    )
+
+    if results.symlink:
+        compose_latest_dir = os.path.join(
+                config['compose_root'],
+                major,
+                "latest-{}-{}".format(
+                    shortname,
+                    profile,
+                )
+        )
+        if os.path.exists(compose_latest_dir):
+            os.remove(compose_latest_dir)
+
+        os.symlink(generated_dir, compose_latest_dir)
+
+    log.info('Generated compose dirs.')
diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index 6c6bf04..ccba2f9 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -1039,12 +1039,12 @@ class IsoBuild:
             self.log.info(Color.INFO + 'Building ' + i + ' completed')
 
             if len(bad_exit_list) == 0:
-                self.log.info(Color.INFO + 'Copying ISOs over to compose directory...')
+                self.log.info(Color.INFO + 'Images built successfully.')
             else:
                 self.log.error(
                         Color.FAIL +
                         'There were issues with the work done. As a result, ' +
-                        'the ISOs will not be copied.'
+                        'some/all ISOs may not exist.'
                 )
 
 
@@ -1425,10 +1425,12 @@ class LiveBuild:
             compose_dir_is_here: bool = False,
             hashed: bool = False,
             image=None,
+            justcopyit: bool = False,
             logger=None
     ):
 
         self.image = image
+        self.justcopyit = justcopyit
         self.fullname = rlvars['fullname']
         self.distname = config['distname']
         self.shortname = config['shortname']
@@ -1523,6 +1525,14 @@ class LiveBuild:
         )
         self.log.info(self.revision)
 
+        if not os.path.exists(self.compose_latest_dir):
+            self.log.warn(Color.WARN + 'A compose directory was not found ' +
+                    'here. If there is a failure, it may be due to it ' +
+                    'missing. You may want to generate a fake compose if ' +
+                    'you are simply making your own live images and you run ' +
+                    'into any errors beyond this point.'
+            )
+
     def run_build_live_iso(self):
         """
         Builds DVD images based on the data created from the initial lorax on
@@ -1575,7 +1585,10 @@ class LiveBuild:
                 raise SystemExit()
 
         if self.live_iso_mode == 'podman':
-            self._live_iso_podman_run(self.current_arch, images_to_build, work_root)
+            #self._live_iso_podman_run(self.current_arch, images_to_build, work_root)
+            self.log.error(Color.FAIL + 'At this time, live images cannot be ' +
+                    'built in podman.')
+            raise SystemExit()
 
     def _live_iso_local_config(self, image, work_root):
         """
@@ -1723,6 +1736,7 @@ class LiveBuild:
         bad_exit_list = []
         checksum_list = []
         entry_name_list = []
+        self.log.warn(Color.WARN + 'This mode does not work properly. It will fail.')
         for i in images:
             image_name = i
             entry_name = 'buildLiveImage-{}-{}.sh'.format(arch, i)
@@ -1821,12 +1835,12 @@ class LiveBuild:
         self.log.info(Color.INFO + 'Building live images completed')
 
         if len(bad_exit_list) == 0:
-            self.log.info(Color.INFO + 'Copying ISOs over to compose directory...')
+            self.log.info(Color.INFO + 'Live images completed successfully.')
         else:
             self.log.error(
                     Color.FAIL +
                     'There were issues with the work done. As a result, ' +
-                    'the ISOs will not be copied.'
+                    'some or all ISOs may not be copied later.'
             )
 
     def _live_iso_local_run(self, arch, image, work_root):
@@ -1836,6 +1850,19 @@ class LiveBuild:
         have mock available.
         """
         entries_dir = os.path.join(work_root, "entries")
+        live_dir_arch = os.path.join(self.live_work_dir, arch)
+        isoname = '{}-{}-{}-{}-{}.iso'.format(
+                self.shortname,
+                image,
+                self.release,
+                arch,
+                self.date
+        )
+        live_res_dir = '/var/lib/mock/{}-{}-{}/result'.format(
+                self.shortname,
+                self.major_version,
+                arch
+        )
         live_iso_cmd = '/bin/bash {}/liveisobuild-{}-{}.sh'.format(entries_dir, arch, image)
         self.log.info('Starting mock build...')
         p = subprocess.call(shlex.split(live_iso_cmd))
@@ -1850,6 +1877,21 @@ class LiveBuild:
         )
         self.log.warn(
                 Color.WARN +
-                'If you are looping images, your built image WILL get ' +
-                'overwritten.'
+                'If you are looping images, your built image may get ' +
+                'overwritten. Ensure you have justcopyit enabled to avoid this.'
         )
+
+        if self.justcopyit:
+            self.log.info(Color.INFO + 'Copying image to work directory')
+            source_path = os.path.join(live_res_dir, isoname)
+            dest_path = os.path.join(live_dir_arch, isoname)
+            os.makedirs(live_dir_arch, exist_ok=True)
+            shutil.copy2(source_path, dest_path)
+            self.log.info(Color.INFO + 'Generating checksum')
+            checksum = Shared.get_checksum(dest_path, self.checksum, self.log)
+            if not checksum:
+                self.log.error(Color.FAIL + dest_path + ' not found. Did we copy it?')
+                return
+            with open(dest_path + '.CHECKSUM', "w+") as c:
+                c.write(checksum)
+                c.close()
diff --git a/iso/empanadas/empanadas/util/shared.py b/iso/empanadas/empanadas/util/shared.py
index 50894e8..65c72c6 100644
--- a/iso/empanadas/empanadas/util/shared.py
+++ b/iso/empanadas/empanadas/util/shared.py
@@ -319,6 +319,10 @@ class Shared:
         logger.info('Creating compose directory %s' % compose_base_dir)
         if not os.path.exists(compose_base_dir):
             os.makedirs(compose_base_dir)
+            os.makedirs(compose_base_dir + '/work')
+            os.makedirs(compose_base_dir + '/work/entries')
+            os.makedirs(compose_base_dir + '/work/logs')
+            os.makedirs(compose_base_dir + '/compose')
 
         return compose_base_dir
 
diff --git a/iso/empanadas/pyproject.toml b/iso/empanadas/pyproject.toml
index 0376d8a..96b5288 100644
--- a/iso/empanadas/pyproject.toml
+++ b/iso/empanadas/pyproject.toml
@@ -33,6 +33,7 @@ launch-builds = "empanadas.scripts.launch_builds:run"
 build-image = "empanadas.scripts.build_image:run"
 finalize_compose = "empanadas.scripts.finalize_compose:run"
 pull-cloud-image = "empanadas.scripts.pull_cloud_image:run"
+generate_compose = "empanadas.scripts.generate_compose:run"
 
 [build-system]
 requires = ["poetry-core>=1.0.0"]

From a3c5d33ae80c74d61bb1cbb9ecb80fe59ed20d6c Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Mon, 11 Jul 2022 15:12:50 -0700
Subject: [PATCH 77/96] add justcopyit for live images

---
 iso/empanadas/empanadas/.common.py.swp | Bin 16384 -> 0 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 delete mode 100644 iso/empanadas/empanadas/.common.py.swp

diff --git a/iso/empanadas/empanadas/.common.py.swp b/iso/empanadas/empanadas/.common.py.swp
deleted file mode 100644
index 15e89105dbe45c91f269931e98c09cfd2a34137b..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 16384
zcmeHNO^h5z6>dWK3B-vZQN)d+&1z<o-5$rASn)^;Uhj^bQP#U=c5P#Jmr+em%}i&z
zyPB%%^-df^f+7w`5QPiEkpM+OfW$2akaB}dE)a4+5gY(<B9Vv$5=xW{e6PBDc4j?E
zlnXynxAe_)*L(Hq)mPP3^{Tpa{8IBgd&oQC;5zC!H=cW`^Trpx>3BbNosf4#Na^o!
zX&wh2kNYCjvge1=-@Pi;t``e4nenUEV67jRnhyFkUn)^EQii)o2(+w;DB&^hay@qE
z%P5kumkcLOl}{xDB?Iq=fz<ToA3EYJoVfouWjp46hTZkai|@xmsarBoGEg#5GEg#5
zGEg#5GEg#5GVp)SfJts~zJ@y7lGj7!{~tK?|H1tEQ~AF>B+nnqzmkEHfs%oefs%oe
zfs%oefs%oefs%oefs%oef&W1Uc-L|6hF@<{z>o9)BL08vPRIEZ@G|f#;OD^4fFA<S
z0AB~51fBr4fo0$fa3}D$I~?bCzzyJgzz_(5b>Jj$6u1-k>k-HK4e)E=8Q>{E0$&79
z1NQ<)fwymWoWB4s0WSbQ0Cs_sz^%Y5A9tMJ0xtkJfG2<ySOq=}{Oe<m^CIwFAOaSF
zyMfnkbDZaaCxI^mp9f}uqrg8u>Nvj#UId;4o&_EUwt;(qyMeoae|*GoUIl&xJP*V`
z9k>HH0=)iV$N2^D6mS{11l$h1{vmJ!oCDsz)p33T7(fFGI1Ste{2d!FuL4g4-v+(~
zXkZ(-54Z<-3!68u051dI0s6oUKyCVFv5|AA?=f6Kk1egPu3v7fv^TF@XtXaawVF$7
zn;TngGfcz|TU=yoG8T1*l<87D(1JDgeUX?z#?_v?2}KrY7Q}lz47znzy=F6CpJUhd
zxC(e|uFtx&4&_F1R>op!kYRe+b*C$O%o?-G?c7S$KGm5vY7Sy+**-10?kt=C9P8ji
zlDc!<mPDnwmv~>Hc(=~B+|{777bxS-A^D8lcXtld&WTv4z+Vn!+J!Dvc<w;jSUz!c
z;<Ahl50K5;KEt&j!{>uIh<Hf17tb`^oiQs*kEKeC>`djHEwXE9qGQYJ=P#^pG}_IL
z_4eiU)*~y;7DPpAYkhr_-N#(|zNY5ljw^pa3HG7Ojc9Abqr^F;LXf19RfXNaH(M%<
zxUb~SG|8S&NN+VRH8+~;Yc>yM-l{0E7icteWd~(c<}3Kk>_X&+dtn9H*ycc>Q(O(g
zkaYyp!nUm$h(IwVbRv8c><MZz)(b*G`-aD;eTu8Xc-&=y(X5Mh*yE(F*?=RD8K7su
zpjVkalm~qT{C82R88A-WB^6A3CFLPA68TV`P~<rq$`mBQ7FT^?Oc3`y)_S<HS~+Bq
z`s7*Bm5QT#Dz=esG(1!d4n%^-8aBDHhG*13gv^pTs`Mda;A%VGjxU4)U4uLcdc%<;
zDve`!!QdOWp3H~AE_fSiBciMr6q;MiUbqb_YwQQ6x-3Jfyff>oE7T&^KWLNlHyiV)
zy|N6AwH4<W-aprR@6y}n%eWWx(U4iksO;3Uwk$k}h3KN%k{Wf2ZPql*=P{KGg`By9
zIL9ek7vFhN_w&+(I%jprqtMg5C)%Op-70m6*=%sIEh!TbSIMzCR#BBXCSqT9LDr&c
zzh1$M&b94Db*G22NRz744`s&-=ocf>wYHMdbOUwWeq?s9M`gORRJ&%BNCl?QQ#YFD
zat2^f$%v8Gf!o<j^WX70YZzTS@Z2e?gjX}LbqIq_8!wkkl`phs->a%S`g{)KZKgI&
zd&C2ELV8oO^2S-n22r<@`n$rkQx#(9atFpFx?ZcH*xvl8C{HhVsh&qiH}fYv9`VOy
z%&%$>pY6G}6XaIN!emZ28y{V0qbhy8tE4lsm5Z;BjiP$t)bV{%%5Fw|%uN#i<O3lM
zu%p|tY@Ei(lMj%Ts|Yt^vi*lnwsTR`9f@3ni9?6nNTreOT2>J~K<9~hWXoycBgbJ;
zg>IlH1#C5l)BQpWf=APZ>x<Y(UB@&gcyy{ziD0fxgSu^La<$e;gRqNkT&O6K$aV(<
z%HakXrV+_{+Ot_aqS=$GU)#ICmMHls24Gzn!Ry%e@gnx68e*nMJ5*E@C?!=bNjvn$
z6sqs0rp9ZJGP)@Sc^Mx#AH@b8C6RjmKw22a1l331o2HzL3Qcq(m=Keid19e+Fz2Bv
zCWwRwYI}53b!V>3L^EA)=HZ$1GaHzftr(xD^3cj>XNxX~4uaeXS{%bl<Y90hV0x(*
za%x}5D<ZTrU=n#^A783=&(n-rt=KWOQYh!+DfHDlD(0^oP5Jo%i8p)67!`C<BUUhA
zR%e}T44NW1Mw6+w(<Vm`A?7jf`2*qaVs>S?Ha3?wk+HHx{^pa#@|C4Enlng7$(R!8
zaR*ZkWjVXlTs@qn)vzignv&!4Qj69K6NOx9(0Y>Wl5|R@=Gxiy!<o*t8V&0j38&;C
zPf^bH@r8x0<5A|WtyGbCf1Y@8ZKcs#ZLT#&>JQ|S+^-_TsfEJK>cs=)Q-$`*QtJ^*
zSE0XfGS{C-JyoP$xY)X|I%em=Tsx~+VdT__Jeg=6C6e!c$hFR9>U<K$vVj&YoORL|
z3q0AwD2<6<v#SD2k0DE;fQiot6$RAzGBrtxudS&i>Cz(XZS9I7*6`Wl$e~nPS-0C*
zP;qp%cDqVia|~*<qQ(jelcd!nUAnT>$EaU6Xqc!%J)5yfL)cJ&JtBrycn~Sr?82lf
zKJdk%M7oR`W}2BpSeG4kXxtN>CPGz5UeMbyXN}H!?Kalj1~r+GX6|LSb2-%%HZ!6p
zl&jF=X@~`bZ|ovrDW+L76cGk$EJm?Rv+DzzDbMl_A_bNV%>c=mgB4f!E<KYE6Pi%-
zd3Q5~g-n2k3uz53v53s2V?|;$oF@*r9>8Sr7|K44lEtH4p5&SsSBhj>^Az_qrWN<a
zP*yxkjcI=g>z>R61`qVEfl$Js`2TUl$Zr7@{}<=`e?}aC1Na8e0zLsejhOvGU<UXs
za4YZz;`2WMzXW~^JPB+8UjmxI5#W!A(Z3ID15JR+dXvg4uabe1fs%oefs%oefs%oe
zfs%oef&T~tStN!SFALKAP*-VhYmqj~0)v1BCl&|`vt9JX{C^I?=c7_B+Fv{b*eYMN
zzXu^985XovJ(-lKAU0LEnVl2abBm&wTCrD;t(}fUY_}UE6insEMr06M*W->ACrJ6(
zhIMCW%f-g7yehhFQWe_8jyC0`YusUk#MmP8bP~eJQN>&@FOK3yis;(8s0wQ4CQ2_3
zp)zjl6Cy_{=ClnkBZ2r3VHKrVa_WfH4T|jrBJ9%sHcTUQUqos~l6CJrwQ`4Sfg@{~
z0cyI#>3Og_)}D3eG-^jXTf0}=G7g7}n+j2X7N=4OJ|3Y$Z7%aTt4ZEbD2J^X)o%KE
zVC_<NJck{PsDteZ8$=hU6j>9!>p3A=rt4<w%RC7T&KV!eY({~OxbX)bJ1f)p9S$Eo
zoLABzl$a{_{K6!*`$i{~R64pGw%O<ab3%u<U8Wx3<%gzOM>xn_bk+CHW2>CKjT0o>
n^qUS|^J7+K4`8t!NxQr#tMHl832xD)C#yrpwRCKg9qs-byo?E<


From 9e4f89cf6de2f6513a1640e17a619c56563da84d Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Mon, 11 Jul 2022 15:33:33 -0700
Subject: [PATCH 78/96] should have used shortname for mock root

---
 iso/empanadas/empanadas/util/iso_utils.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index ccba2f9..fae8320 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -530,7 +530,7 @@ class IsoBuild:
             rclevel = '-' + self.rclvl
 
         discname = '{}-{}.{}{}-{}-{}.iso'.format(
-                self.shortname,
+                self.shortname.lower(),
                 self.major_version,
                 self.minor_version,
                 rclevel,

From cee688b2c2e25d9713b6bb9e98d44a71fb889e40 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Mon, 11 Jul 2022 15:54:03 -0700
Subject: [PATCH 79/96] should have used shortname for mock root

---
 iso/empanadas/empanadas/util/iso_utils.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index fae8320..2b9c3e8 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -530,7 +530,7 @@ class IsoBuild:
             rclevel = '-' + self.rclvl
 
         discname = '{}-{}.{}{}-{}-{}.iso'.format(
-                self.shortname.lower(),
+                self.shortname,
                 self.major_version,
                 self.minor_version,
                 rclevel,
@@ -1859,7 +1859,7 @@ class LiveBuild:
                 self.date
         )
         live_res_dir = '/var/lib/mock/{}-{}-{}/result'.format(
-                self.shortname,
+                self.shortname.lower(),
                 self.major_version,
                 arch
         )

From 1ba76a849ab98b0788e977ea53f565c3bda4b9b4 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Mon, 11 Jul 2022 16:01:19 -0700
Subject: [PATCH 80/96] force build

---
 iso/empanadas/empanadas/scripts/build_iso_live.py |  2 ++
 iso/empanadas/empanadas/util/iso_utils.py         | 12 ++++++++++++
 2 files changed, 14 insertions(+)

diff --git a/iso/empanadas/empanadas/scripts/build_iso_live.py b/iso/empanadas/empanadas/scripts/build_iso_live.py
index 92cc100..6b2e5fa 100755
--- a/iso/empanadas/empanadas/scripts/build_iso_live.py
+++ b/iso/empanadas/empanadas/scripts/build_iso_live.py
@@ -16,6 +16,7 @@ parser.add_argument('--logger', type=str)
 parser.add_argument('--live-iso-mode', type=str, default='local')
 parser.add_argument('--hashed', action='store_true')
 parser.add_argument('--just-copy-it', action='store_true', help="Just copy the images to the compose dir")
+parser.add_argument('--force-build', action='store_true', help="Just build and overwrite the images")
 results = parser.parse_args()
 rlvars = rldict[results.release]
 major = rlvars['major']
@@ -30,6 +31,7 @@ a = LiveBuild(
         compose_dir_is_here=results.local_compose,
         hashed=results.hashed,
         justcopyit=results.just_copy_it,
+        force_build=results.force_build,
         logger=results.logger
 )
 
diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index 2b9c3e8..86a80d8 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -1426,6 +1426,7 @@ class LiveBuild:
             hashed: bool = False,
             image=None,
             justcopyit: bool = False,
+            force_build: bool = False,
             logger=None
     ):
 
@@ -1449,6 +1450,7 @@ class LiveBuild:
         self.live_result_root = config['mock_work_root'] + "/lmc"
         self.mock_isolation = isolation
         self.force_download = force_download
+        self.force_build = force_build
         self.live_iso_mode = live_iso_mode
         self.checksum = rlvars['checksum']
         self.profile = rlvars['profile']
@@ -1863,6 +1865,16 @@ class LiveBuild:
                 self.major_version,
                 arch
         )
+
+        if self.justcopyit:
+            if os.path.exists(os.path.join(live_res_dir, isoname)):
+                self.log.warn(Color.WARN + 'Image already exists.')
+                if self.force_build:
+                    self.log.warn(Color.WARN + 'Building anyway.')
+                else:
+                    self.log.warn(Color.WARN + 'Skipping.')
+                    return
+
         live_iso_cmd = '/bin/bash {}/liveisobuild-{}-{}.sh'.format(entries_dir, arch, image)
         self.log.info('Starting mock build...')
         p = subprocess.call(shlex.split(live_iso_cmd))

From 76012c8549981c5030b47db8d0e34d4630ce8852 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Mon, 11 Jul 2022 16:53:20 -0700
Subject: [PATCH 81/96] looking at the wrong place

---
 iso/empanadas/empanadas/util/iso_utils.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index 86a80d8..ee9b2ad 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -1867,7 +1867,7 @@ class LiveBuild:
         )
 
         if self.justcopyit:
-            if os.path.exists(os.path.join(live_res_dir, isoname)):
+            if os.path.exists(os.path.join(live_dir_arch, isoname)):
                 self.log.warn(Color.WARN + 'Image already exists.')
                 if self.force_build:
                     self.log.warn(Color.WARN + 'Building anyway.')

From f10a172c17ba9da378180fa95819a3323a03be68 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Mon, 11 Jul 2022 17:32:47 -0700
Subject: [PATCH 82/96] make a correction on the readme

---
 README.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 21bc9ec..2b4f6cd 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,8 @@ sig-core-toolkit
 Release Engineering toolkit for repeatable operations or functionality testing.
 
 Currently mirrored at our [github](https://github.com/rocky-linux), and the
-[RESF Git Service](https://git.resf.org). Changes will typically occur at GitHub.
+[RESF Git Service](https://git.resf.org). Changes will typically occur at the
+RESF Git Service.
 
 What does this have?
 --------------------
@@ -12,7 +13,7 @@ What does this have?
 * analyze -> Analysis utilities (such as download stats)
 * chat -> mattermost related utilities
 * func -> (mostly defunct) testing scripts and tools to test base functionality
-* iso -> ISO and Compose related utilities, primarily for Rocky Linux 9+
+* iso -> ISO, Compose, and Sync related utilities, primarily for Rocky Linux 9+
 * live -> Live image related utilities
 * mangle -> Manglers and other misc stuff
 * sync -> Sync tools, primarily for Rocky Linux 8 and will eventually be deprecated

From 911f835bfb54961bc35cd096dd8597b4def15aa0 Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Sun, 10 Jul 2022 22:01:00 -0400
Subject: [PATCH 83/96] I hate this syntax, use a \n

---
 iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl b/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl
index cec6642..ad545f5 100644
--- a/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl
+++ b/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl
@@ -8,8 +8,7 @@
               <url>https://download.rockylinux.org/pub/rocky/{{major}}/BaseOS/{{architecture}}/{{installdir}}</url>
             </install>
             <icicle>
-                <extra_command>rpm -qa --qf '%{NAME},%{VERSION},%{RELEASE},%{ARCH},%{EPOCH},%{SIZE},%{SIGMD5},%{BUILDTIME}
-'</extra_command>
+                <extra_command>rpm -qa --qf '%{NAME},%{VERSION},%{RELEASE},%{ARCH},%{EPOCH},%{SIZE},%{SIGMD5},%{BUILDTIME}\n'</extra_command>
             </icicle>
             <kernelparam>console=tty0 inst.usefbx</kernelparam>
         </os>

From 6b236b7b5feafe3186751d40f3412a3a1cfb1a9a Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Mon, 11 Jul 2022 21:14:08 -0400
Subject: [PATCH 84/96] Add symlink parameter to resolve script runtime

---
 iso/empanadas/empanadas/scripts/generate_compose.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/iso/empanadas/empanadas/scripts/generate_compose.py b/iso/empanadas/empanadas/scripts/generate_compose.py
index d2a50fe..19b85a1 100755
--- a/iso/empanadas/empanadas/scripts/generate_compose.py
+++ b/iso/empanadas/empanadas/scripts/generate_compose.py
@@ -14,6 +14,7 @@ parser = argparse.ArgumentParser(description="Peridot Sync and Compose")
 
 # All of our options
 parser.add_argument('--release', type=str, help="Major Release Version or major-type (eg 9-beta)", required=True)
+parser.add_argument('--symlink', action='store_true', help="symlink")
 parser.add_argument('--logger', type=str)
 
 # Parse them

From 20bf0812dbb5860bf4a1c2bace920a85e9c702fa Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Mon, 11 Jul 2022 21:15:31 -0400
Subject: [PATCH 85/96] revert to stg url now that CDN is fixed. add in some
 additional metadata for builds and cleanup output for containers

---
 iso/empanadas/empanadas/scripts/build_image.py        | 6 +++++-
 iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl | 2 +-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/iso/empanadas/empanadas/scripts/build_image.py b/iso/empanadas/empanadas/scripts/build_image.py
index b4a6c97..508f99c 100644
--- a/iso/empanadas/empanadas/scripts/build_image.py
+++ b/iso/empanadas/empanadas/scripts/build_image.py
@@ -96,7 +96,8 @@ class ImageBuild:
         # Yes, this is gross. I'll fix it later.
         if self.image_type in ["Container"]:
             self.stage_commands = [
-                    ["tar", "-C", f"{self.outdir}", "--strip-components=1", "-x", "-f", lambda: f"{STORAGE_DIR}/{self.target_uuid}.body", "*/layer.tar"]
+                    ["tar", "-C", f"{self.outdir}", "--strip-components=1", "-x", "-f", lambda: f"{STORAGE_DIR}/{self.target_uuid}.body", "*/layer.tar"],
+                    ["xz",  f"{self.outdir}/layer.tar"]
             ]
         if self.image_type in ["GenericCloud"]:
             self.stage_commands = [
@@ -124,6 +125,9 @@ class ImageBuild:
             ]
 
 
+        if self.stage_commands:
+            self.stage_commands += ["cp", "-v",  lambda: f"{STORAGE_DIR}/{self.target_uuid}.meta", f"{self.outdir}/build.meta"]
+
         try:
             os.mkdir(self.outdir)
         except FileExistsError as e:
diff --git a/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl b/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl
index ad545f5..5ba9c6d 100644
--- a/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl
+++ b/iso/empanadas/empanadas/templates/icicle/tdl.xml.tmpl
@@ -5,7 +5,7 @@
             <version>{{minor}}</version>
             <arch>{{architecture}}</arch>
             <install type='url'>
-              <url>https://download.rockylinux.org/pub/rocky/{{major}}/BaseOS/{{architecture}}/{{installdir}}</url>
+              <url>https://download.rockylinux.org/stg/rocky/{{major}}/BaseOS/{{architecture}}/{{installdir}}</url>
             </install>
             <icicle>
                 <extra_command>rpm -qa --qf '%{NAME},%{VERSION},%{RELEASE},%{ARCH},%{EPOCH},%{SIZE},%{SIGMD5},%{BUILDTIME}\n'</extra_command>

From 3207fd4ad0a9b61c95396b8fb48c7cd013bbacc7 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Mon, 11 Jul 2022 19:26:13 -0700
Subject: [PATCH 86/96] project should contain image name

---
 iso/empanadas/empanadas/util/iso_utils.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index ee9b2ad..70846d5 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -1660,10 +1660,11 @@ class LiveBuild:
         )
 
         make_image_cmd = ('/usr/sbin/livemedia-creator --ks {} --no-virt '
-                '--resultdir /builddir/lmc --project="{}" --make-iso --volid {} '
+                '--resultdir /builddir/lmc --project="{} {}" --make-iso --volid {} '
                 '--iso-only --iso-name {} --releasever={} --nomacboot {}').format(
                         '/builddir/ks.cfg',
                         self.distname,
+                        image,
                         volid,
                         isoname,
                         self.release,

From 8017026bc8784a9d76ef21f58f39c0139453ceaf Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Tue, 12 Jul 2022 00:59:19 -0700
Subject: [PATCH 87/96] Add a final grep to log for "FAILED" (RLBT#0000138)

Add a final grep if exit code of reposync is 0. There are cases where
dnf reposync will say the sync succeeded despite not downloading a
package due to a failed mirror. It is a failure when a GPG key can't be
verified or some other unforeseen cirumstance... but not when a package
can't be downloaded because of "all mirrors tried"

Also added "time" to the fpsync commands for RL9 syncing.
---
 .../empanadas/templates/reposync-src.tmpl       | 17 +++++++++++++++++
 iso/empanadas/empanadas/templates/reposync.tmpl | 17 +++++++++++++++++
 sync/sync-to-prod-9.sh                          |  2 +-
 sync/sync-to-staging-9.sh                       |  2 +-
 4 files changed, 36 insertions(+), 2 deletions(-)

diff --git a/iso/empanadas/empanadas/templates/reposync-src.tmpl b/iso/empanadas/empanadas/templates/reposync-src.tmpl
index 7f901a9..3758643 100644
--- a/iso/empanadas/empanadas/templates/reposync-src.tmpl
+++ b/iso/empanadas/empanadas/templates/reposync-src.tmpl
@@ -5,4 +5,21 @@ set -o pipefail
 sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/*.repo
 {{ sync_cmd }} | tee -a {{ sync_log }}
 
+# Yes this is a bit hacky. Can't think of a better way to do this.
+ret_val=$?
+if [ "$ret_val" -ne 0 ]; then
+  echo "SYNCING FAILED" | tee -a {{ sync_log }}
+  exit 1
+fi
+
+if [ "$ret_val" -eq 0 ]; then
+  recs=$(grep '\[FAILED\]' {{ sync_log }})
+  if [[ -n "${recs}" ]]; then
+    echo "SOME PACKAGES DID NOT DOWNLOAD" | tee -a {{ sync_log }}
+    exit 1
+  else
+    exit 0
+  fi
+fi
+
 # {{ check_cmd  }} | tee -a {{ sync_log }}
diff --git a/iso/empanadas/empanadas/templates/reposync.tmpl b/iso/empanadas/empanadas/templates/reposync.tmpl
index 5fb3740..d2bf35e 100644
--- a/iso/empanadas/empanadas/templates/reposync.tmpl
+++ b/iso/empanadas/empanadas/templates/reposync.tmpl
@@ -6,4 +6,21 @@ set -o pipefail
 sed -i 's/enabled=1/enabled=0/g' /etc/yum.repos.d/*.repo
 {{ sync_cmd }} | tee -a {{ sync_log }}
 
+# Yes this is a bit hacky. Can't think of a better way to do this.
+ret_val=$?
+if [ "$ret_val" -ne 0 ]; then
+  echo "SYNCING FAILED" | tee -a {{ sync_log }}
+  exit 1
+fi
+
+if [ "$ret_val" -eq 0 ]; then
+  recs=$(grep '\[FAILED\]' {{ sync_log }})
+  if [[ -n "${recs}" ]]; then
+    echo "SOME PACKAGES DID NOT DOWNLOAD" | tee -a {{ sync_log }}
+    exit 1
+  else
+    exit 0
+  fi
+fi
+
 # {{ check_cmd }} | tee -a {{ sync_log }}
diff --git a/sync/sync-to-prod-9.sh b/sync/sync-to-prod-9.sh
index 6eb70b8..ab45c79 100644
--- a/sync/sync-to-prod-9.sh
+++ b/sync/sync-to-prod-9.sh
@@ -13,7 +13,7 @@ ret_val=$?
 if [ $ret_val -eq "0" ]; then
   TARGET="${PRODUCTION_ROOT}/${CATEGORY_STUB}/${REV:0:3}"
   mkdir -p "${TARGET}"
-  sudo -l && fpsync -o '-av --numeric-ids --no-compress --chown=10004:10005' -n 18 -t /mnt/compose/partitions "${STAGING_ROOT}/${CATEGORY_STUB}/${REV}/" "${TARGET}/"
+  sudo -l && time fpsync -o '-av --numeric-ids --no-compress --chown=10004:10005' -n 18 -t /mnt/compose/partitions "${STAGING_ROOT}/${CATEGORY_STUB}/${REV}/" "${TARGET}/"
 
   # Full file list update
   cd "${PRODUCTION_ROOT}/${CATEGORY_STUB}/" || { echo "Failed to change directory"; exit 1; }
diff --git a/sync/sync-to-staging-9.sh b/sync/sync-to-staging-9.sh
index ffcc6f1..4c18041 100644
--- a/sync/sync-to-staging-9.sh
+++ b/sync/sync-to-staging-9.sh
@@ -26,7 +26,7 @@ if [ $ret_val -eq "0" ]; then
   # shellcheck disable=SC2035
   #sudo -l && find **/* -maxdepth 0 -type d | parallel --will-cite -j 18 sudo rsync -av --chown=10004:10005 --progress --relative --human-readable \
   #    {} "${TARGET}"
-  sudo -l && fpsync -o '-av --numeric-ids --no-compress --chown=10004:10005' -n 18 -t /mnt/compose/partitions "/mnt/compose/${MAJ}/latest-${SHORT}-${MAJ}${PROFILE}/compose/" "${TARGET}/"
+  sudo -l && time fpsync -o '-av --numeric-ids --no-compress --chown=10004:10005' -n 18 -t /mnt/compose/partitions "/mnt/compose/${MAJ}/latest-${SHORT}-${MAJ}${PROFILE}/compose/" "${TARGET}/"
 
   # This is temporary until we implement rsync into empanadas
   #if [ -f "COMPOSE_ID" ]; then

From f1fbcff0eff0b716e84a729155d185671f7fe459 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Tue, 12 Jul 2022 01:57:25 -0700
Subject: [PATCH 88/96] Add pungi-like composeinfo metadata and modify readme

---
 iso/empanadas/empanadas/templates/README.tmpl | 23 ++++++-----
 iso/empanadas/empanadas/util/dnf_utils.py     | 11 +++++
 iso/empanadas/empanadas/util/shared.py        | 40 +++++++++++++++++++
 3 files changed, 64 insertions(+), 10 deletions(-)

diff --git a/iso/empanadas/empanadas/templates/README.tmpl b/iso/empanadas/empanadas/templates/README.tmpl
index eae1a2a..ea4ec00 100644
--- a/iso/empanadas/empanadas/templates/README.tmpl
+++ b/iso/empanadas/empanadas/templates/README.tmpl
@@ -1,25 +1,28 @@
 These set of repositories (or "compose") is for {{ fullname }} and was generated
 using Empanadas {{ version }} from the SIG/Core Toolkit.
 
-As this is not a traditional compose, there will be things that you might be
-expecting and do not see, or not expecting and do see. While we attempted to
-recreate a lot of those elements, it's not perfect. In the future, we do plan on
-having more metadata and providing client libraries that can ingest this type
-of metadata that we produce for easy consumption.
+As this is not a traditional compose (via pungi), there will be things that you
+might be expecting and do not see, or not expecting and do see. While we
+attempted to recreate a lot of those elements, it's not perfect and we don't
+expect that it ever will be. With that being said, in the future, we do plan on
+having more metadata and providing client libraries that can ingest this type of
+metadata that we produce for easy consumption, on top of extending what our
+metadata provides.
 
 # Notes #
 
 ## Checksums ##
 
 CHECKSUM Validation: https://github.com/rocky-linux/checksums
+                     https://git.resf.org/rocky-linux/checksums (mirror)
 
 Traditionally, we would "sign" the checksum files with the current GPG key of a
 major release. However, due to how the new build system operates and for
-ensuring strong security within the build system as it pertains the signing
-keys, this is no longer possible. It was determined by SIG/Core or Release
-Engineering to instead provide verified signed commits using our keys with
-RESF/Rocky Linux email domain names to a proper git repository. Our signing keys
-are attached to our GitHub and RESF Git Service profiles.
+ensuring strong security within the new build ecosystem as it pertains the
+signing keys, this is no longer a viable approach. It was determined by SIG/Core
+(or Release Engineering) to instead provide verified signed commits using our
+keys with RESF/Rocky Linux email domain names to a proper git repository. Our
+signing keys are attached to our GitHub and RESF Git Service profiles.
 
 If you are looking for "verification" of the ISO checksums and were expecting a
 `CHECKSUM.sig`, it is highly recommended to visit the link above instead.
diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 90e7215..096a691 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -962,6 +962,17 @@ class RepoSync:
                 metadata_dir + '/metadata'
         )
 
+        # TODO: Add in each repo and their corresponding arch.
+        productmd_date = self.date_stamp.split('.')[0]
+        Shared.composeinfo_write(
+                metadata_dir + '/composeinfo',
+                self.distname,
+                self.shortname,
+                self.fullversion,
+                'updates',
+                productmd_date
+        )
+
         self.log.info(Color.INFO + 'Metadata files phase completed.')
 
         # Deploy README to metadata directory
diff --git a/iso/empanadas/empanadas/util/shared.py b/iso/empanadas/empanadas/util/shared.py
index 65c72c6..d82d3d9 100644
--- a/iso/empanadas/empanadas/util/shared.py
+++ b/iso/empanadas/empanadas/util/shared.py
@@ -919,3 +919,43 @@ class Shared:
             repolist.append(repodata)
 
         return repolist
+
+    @staticmethod
+    def composeinfo_write(
+            file_path,
+            distname,
+            shortname,
+            release,
+            release_type,
+            datestamp,
+            arches: list = [],
+            repos: list = []
+        ):
+        """
+        Write compose info similar to pungi.
+
+        arches and repos may be better suited for a dictionary. that is a
+        future thing we will work on for 0.3.0.
+        """
+        cijson = file_path + '.json'
+        ciyaml = file_path + '.yaml'
+        ci = productmd.composeinfo.ComposeInfo()
+        ci.release.name = distname
+        ci.release.short = shortname
+        ci.release.version = release
+        ci.release.type = release_type
+
+        ci.compose.id = '{}-{}-{}'.format(shortname, release, datestamp)
+        ci.compose.type = "production"
+        ci.compose.date = datestamp
+        ci.compose.respin = 0
+
+        ci.dump(cijson)
+
+        with open(cijson, 'r') as cidump:
+            jsonData = json.load(cidump)
+            cidump.close()
+
+        with open(ciyaml, 'w+') as ymdump:
+            yaml.dump(jsonData, ymdump)
+            ymdump.close()

From 37714cabd61fa287e5784f55397e7f63c4b202cb Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Tue, 12 Jul 2022 18:30:59 -0700
Subject: [PATCH 89/96] force selinux for the temporary repo file

---
 .../empanadas/templates/reposync.tmpl         |  7 +++++++
 iso/empanadas/empanadas/util/dnf_utils.py     | 19 ++++++++++++++-----
 iso/empanadas/empanadas/util/shared.py        |  2 ++
 3 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/iso/empanadas/empanadas/templates/reposync.tmpl b/iso/empanadas/empanadas/templates/reposync.tmpl
index d2bf35e..0709b6f 100644
--- a/iso/empanadas/empanadas/templates/reposync.tmpl
+++ b/iso/empanadas/empanadas/templates/reposync.tmpl
@@ -19,8 +19,15 @@ if [ "$ret_val" -eq 0 ]; then
     echo "SOME PACKAGES DID NOT DOWNLOAD" | tee -a {{ sync_log }}
     exit 1
   else
+    # This is kind of a hack too.
+    #FOUND=$(grep -A20 'git\.rockylinux\.org' {{ sync_log }} | egrep -c '^\([0-9]+\/[0-9]+\)|\[SKIPPED\]|\.rpm')
+    #if [ "$FOUND" -eq "0" ]; then
+    #  echo "Repository is empty." | tee -a {{ sync_log }}
+    #  rm -rf {{ download_path }}
+    #fi
     exit 0
   fi
 fi
 
+
 # {{ check_cmd }} | tee -a {{ sync_log }}
diff --git a/iso/empanadas/empanadas/util/dnf_utils.py b/iso/empanadas/empanadas/util/dnf_utils.py
index 096a691..820f6db 100644
--- a/iso/empanadas/empanadas/util/dnf_utils.py
+++ b/iso/empanadas/empanadas/util/dnf_utils.py
@@ -164,7 +164,6 @@ class RepoSync:
 
         self.log.info('reposync init')
         self.log.info(self.revision)
-        self.dnf_config = self.generate_conf()
 
         # The repo name should be valid
         if self.repo is not None:
@@ -235,6 +234,9 @@ class RepoSync:
                 "global",
         )
 
+        #self.dnf_config = self.generate_conf(dest_path=global_work_root)
+        self.dnf_config = self.generate_conf()
+
         if self.dryrun:
             self.log.error('Dry Runs are not supported just yet. Sorry!')
             raise SystemExit()
@@ -436,7 +438,8 @@ class RepoSync:
                         arch_force_cp=arch_force_cp,
                         dnf_plugin_cmd=dnf_plugin_cmd,
                         sync_cmd=sync_cmd,
-                        sync_log=sync_log
+                        sync_log=sync_log,
+                        download_path=os_sync_path
                 )
 
                 debug_sync_template = self.tmplenv.get_template('reposync.tmpl')
@@ -445,7 +448,8 @@ class RepoSync:
                         arch_force_cp=arch_force_cp,
                         dnf_plugin_cmd=dnf_plugin_cmd,
                         sync_cmd=debug_sync_cmd,
-                        sync_log=debug_sync_log
+                        sync_log=debug_sync_log,
+                        download_path=debug_sync_path
                 )
 
                 entry_point_open = open(entry_point_sh, "w+")
@@ -555,7 +559,7 @@ class RepoSync:
 
             #print(entry_name_list)
             for pod in entry_name_list:
-                podman_cmd_entry = '{} run -d -it -v "{}:{}" -v "{}:{}" -v "{}:{}" --name {} --entrypoint {}/{} {}'.format(
+                podman_cmd_entry = '{} run -d -it -v "{}:{}" -v "{}:{}:z" -v "{}:{}" --name {} --entrypoint {}/{} {}'.format(
                         cmd,
                         self.compose_root,
                         self.compose_root,
@@ -668,6 +672,10 @@ class RepoSync:
                 dest_path,
                 "{}-{}-config.repo".format(self.shortname, self.major_version)
         )
+        pname = os.path.join(
+                '/var/tmp',
+                "{}-{}-config.repo".format(self.shortname, self.major_version)
+        )
         self.log.info('Generating the repo configuration: %s' % fname)
 
         if self.repo_base_url.startswith("/"):
@@ -711,6 +719,7 @@ class RepoSync:
         config_file.write(output)
 
         config_file.close()
+        #return (fname, pname)
         return fname
 
     def repoclosure_work(self, sync_root, work_root, log_root):
@@ -795,7 +804,7 @@ class RepoSync:
 
             self.log.info('Spawning pods for %s' % repo)
             for pod in repoclosure_entry_name_list:
-                podman_cmd_entry = '{} run -d -it -v "{}:{}" -v "{}:{}" -v "{}:{}" --name {} --entrypoint {}/{} {}'.format(
+                podman_cmd_entry = '{} run -d -it -v "{}:{}" -v "{}:{}:z" -v "{}:{}" --name {} --entrypoint {}/{} {}'.format(
                         cmd,
                         self.compose_root,
                         self.compose_root,
diff --git a/iso/empanadas/empanadas/util/shared.py b/iso/empanadas/empanadas/util/shared.py
index d82d3d9..8155090 100644
--- a/iso/empanadas/empanadas/util/shared.py
+++ b/iso/empanadas/empanadas/util/shared.py
@@ -518,6 +518,8 @@ class Shared:
             message = 'Path synced does not seem to exist for some reason.'
             retval = 1
 
+        #shutil.rmtree(tmp_dir)
+
         return message, retval
 
     @staticmethod

From 4a278cb091b26c7aaece353a4f8bcfe04b77e32a Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Wed, 13 Jul 2022 01:55:50 -0400
Subject: [PATCH 90/96] Run / source sync things from other directories

---
 mangle/validate_repos | 21 ++++++++++++++-------
 sync/common           |  2 +-
 sync/gen-torrents.sh  |  2 +-
 3 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/mangle/validate_repos b/mangle/validate_repos
index a845cff..d897cf5 100755
--- a/mangle/validate_repos
+++ b/mangle/validate_repos
@@ -1,11 +1,14 @@
 #!/usr/bin/env bash
 
+### 
+# Use RLVER=9 for rocky 9
+
 # Source mangle vars
 # shellcheck source=./common disable=SC1091,1090
-source "$(dirname "$0")/common"
+source "$(dirname "${BASH_SOURCE[0]}")/common"
 # Source sync / migrate vars for repository information
 # shellcheck source=../sync/common disable=SC1091,1090
-source "$(dirname "$0")/../sync/common"
+source "$(dirname "${BASH_SOURCE[0]}")/../sync/common"
 
 # How many 
 ARG1=${1}
@@ -30,12 +33,16 @@ cleanup_repo () {
         repo="${repo^^}"
     fi
 
-    # Everything has an 8 appended to it
-    repo="${repo}-8"
+    # Append the major version from sync/common to support 8 and 9
+    repo="${repo}-${MAJOR}"
     return 0
 }
 
-for repo in "${ALL_REPOS[@]}"; do 
+# Sort the array
+IFS=$'\n' sorted=($(sort <<<"${ALL_REPOS[*]}"))
+unset IFS
+
+for repo in "${sorted[@]}"; do 
 
     # Business logic must be done, sometimes...
     cleanup_repo "${repo}"
@@ -52,8 +59,8 @@ for repo in "${ALL_REPOS[@]}"; do
         result=$(curl -s "${MIRRORLIST_BASE}?repo=${repo}&arch=${arch}&time&country=global")
         print_result
 
-        # x86 and a64 have 'debug' types, as well
-        if [[ "${arch}" =~ ^(x86_|aarch)64$ ]]; then
+        # x86 and a64 have 'debug' types, as well ("arch" != "source")
+        if [[ "${arch}" =~ ^(x86_|aarch)64|(s390x|ppc64le)$ ]]; then
             result=$(curl -s "${MIRRORLIST_BASE}?repo=${repo}-debug&arch=${arch}&time&country=global")
             print_result
         fi
diff --git a/sync/common b/sync/common
index 0141d01..be3c832 100644
--- a/sync/common
+++ b/sync/common
@@ -32,7 +32,7 @@ ARCHES=(x86_64 aarch64)
 
 # Source Major common
 # Override: Not Allowed
-test -f "$(dirname "$0")/common_${RLVER}" && source "$(dirname "$0")/common_${RLVER}"
+test -f "$(dirname "${BASH_SOURCE[0]}")/common_${RLVER}" && source "$(dirname "${BASH_SOURCE[0]}")/common_${RLVER}"
 if [ "$?" -ne 0 ]; then
   echo "Could not source common_${RLVER}"
   exit 1
diff --git a/sync/gen-torrents.sh b/sync/gen-torrents.sh
index c80c90d..dc1486b 100755
--- a/sync/gen-torrents.sh
+++ b/sync/gen-torrents.sh
@@ -3,7 +3,7 @@
 
 # Source common variables
 # shellcheck disable=SC2046,1091,1090
-source "$(dirname "$0")/common"
+source "$(dirname "${BASH_SOURCE[0]}")/common"
 
 NAME=gen-torrents
 

From 9aada45f952e656f0c2e8887e8d74b0791fec65e Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Wed, 13 Jul 2022 02:00:16 -0400
Subject: [PATCH 91/96] Support checking a different path easily
 (LIST=debuglist  mangle/validate-repos, e.g.)

---
 mangle/common | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/mangle/common b/mangle/common
index c6c28e8..7b1d1a8 100644
--- a/mangle/common
+++ b/mangle/common
@@ -3,6 +3,7 @@
 # To be sourced by scripts as needed
 
 # The mirrorlist url
-MIRRORLIST_BASE="http://mirrors.rockylinux.org/mirrorlist"
+LIST=${LIST:-mirrorlist}
+MIRRORLIST_BASE="http://mirrors.rockylinux.org/${LIST}"
 
 MIRROR_DISPLAY_COUNT=1

From 813acedf84789a19a58bceb8f3c11ce831ac455f Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Wed, 13 Jul 2022 08:46:06 -0700
Subject: [PATCH 92/96] add additional file list operations for neil

---
 iso/empanadas/empanadas/configs/el8.yaml      |  1 +
 iso/empanadas/empanadas/configs/el9-beta.yaml |  1 +
 iso/empanadas/empanadas/configs/el9.yaml      |  1 +
 iso/empanadas/empanadas/configs/el9lh.yaml    |  1 +
 sync/sync-to-prod-9.sh                        | 12 +++++++++++-
 sync/sync-to-prod.sh                          | 12 +++++++++++-
 6 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/iso/empanadas/empanadas/configs/el8.yaml b/iso/empanadas/empanadas/configs/el8.yaml
index eddf471..1ece4b1 100644
--- a/iso/empanadas/empanadas/configs/el8.yaml
+++ b/iso/empanadas/empanadas/configs/el8.yaml
@@ -62,6 +62,7 @@
         isoskip: True
         repos:
           - 'minimal'
+          - 'BaseOS'
         variant: 'minimal'
       BaseOS:
         disc: False
diff --git a/iso/empanadas/empanadas/configs/el9-beta.yaml b/iso/empanadas/empanadas/configs/el9-beta.yaml
index 7eefd49..39719e1 100644
--- a/iso/empanadas/empanadas/configs/el9-beta.yaml
+++ b/iso/empanadas/empanadas/configs/el9-beta.yaml
@@ -50,6 +50,7 @@
         isoskip: True
         repos:
           - 'minimal'
+          - 'BaseOS'
         variant: 'minimal'
       BaseOS:
         disc: False
diff --git a/iso/empanadas/empanadas/configs/el9.yaml b/iso/empanadas/empanadas/configs/el9.yaml
index 163c69a..6ab9ccc 100644
--- a/iso/empanadas/empanadas/configs/el9.yaml
+++ b/iso/empanadas/empanadas/configs/el9.yaml
@@ -50,6 +50,7 @@
         isoskip: True
         repos:
           - 'minimal'
+          - 'BaseOS'
         variant: 'minimal'
       BaseOS:
         disc: False
diff --git a/iso/empanadas/empanadas/configs/el9lh.yaml b/iso/empanadas/empanadas/configs/el9lh.yaml
index 26c96cd..e817298 100644
--- a/iso/empanadas/empanadas/configs/el9lh.yaml
+++ b/iso/empanadas/empanadas/configs/el9lh.yaml
@@ -50,6 +50,7 @@
         isoskip: True
         repos:
           - 'minimal'
+          - 'BaseOS'
         variant: 'minimal'
       BaseOS:
         disc: False
diff --git a/sync/sync-to-prod-9.sh b/sync/sync-to-prod-9.sh
index ab45c79..54accd4 100644
--- a/sync/sync-to-prod-9.sh
+++ b/sync/sync-to-prod-9.sh
@@ -15,7 +15,17 @@ if [ $ret_val -eq "0" ]; then
   mkdir -p "${TARGET}"
   sudo -l && time fpsync -o '-av --numeric-ids --no-compress --chown=10004:10005' -n 18 -t /mnt/compose/partitions "${STAGING_ROOT}/${CATEGORY_STUB}/${REV}/" "${TARGET}/"
 
-  # Full file list update
+  # Full file list update for production root
+  cd "${PRODUCTION_ROOT}/" || echo { echo "Failed to change directory"; exit 1; }
+  find . > fullfilelist
+  if [[ -f /usr/local/bin/create-filelist ]]; then
+    # We're already here, but Justin Case wanted this
+    cd "${PRODUCTION_ROOT}/" || { echo "Failed to change directory"; exit 1; }
+    /bin/cp fullfiletimelist-rocky fullfiletimelist-rocky-old
+    /usr/local/bin/create-filelist > fullfiletimelist-rocky
+    cp fullfiletimelist-rocky fullfiletimelist
+  fi
+  # Full file list update for rocky linux itself
   cd "${PRODUCTION_ROOT}/${CATEGORY_STUB}/" || { echo "Failed to change directory"; exit 1; }
   # Hardlink everything except xml files
   hardlink -x '.*\.xml.*' "${REVISION}"
diff --git a/sync/sync-to-prod.sh b/sync/sync-to-prod.sh
index b48b74c..63b0048 100644
--- a/sync/sync-to-prod.sh
+++ b/sync/sync-to-prod.sh
@@ -32,7 +32,17 @@ if [ $ret_val -eq "0" ]; then
     rsync -av --chown=10004:10005 --progress --relative --human-readable metadata "${TARGET}"
   fi
 
-  # Full file list update
+  # Full file list update for production root
+  cd "${PRODUCTION_ROOT}/" || echo { echo "Failed to change directory"; exit 1; }
+  find . > fullfilelist
+  if [[ -f /usr/local/bin/create-filelist ]]; then
+    # We're already here, but Justin Case wanted this
+    cd "${PRODUCTION_ROOT}/" || { echo "Failed to change directory"; exit 1; }
+    /bin/cp fullfiletimelist-rocky fullfiletimelist-rocky-old
+    /usr/local/bin/create-filelist > fullfiletimelist-rocky
+    cp fullfiletimelist-rocky fullfiletimelist
+  fi
+  # Full file list update for rocky linux itself
   cd "${PRODUCTION_ROOT}/${CATEGORY_STUB}/" || { echo "Failed to change directory"; exit 1; }
   # Hardlink everything except xml files
   hardlink -x '.*\.xml.*' "${REVISION}"

From beebdaa105d1468724f8e7be5bd30f8b4fe1c96d Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Wed, 13 Jul 2022 20:01:23 -0700
Subject: [PATCH 93/96] fix up script

---
 iso/empanadas/empanadas/configs/el9.yaml      |  1 +
 .../empanadas/templates/minimal/9/aarch64     | 38 ++++++++++++++++++
 .../empanadas/templates/minimal/9/ppc64le     | 33 ++++++++++++++++
 .../empanadas/templates/minimal/9/s390x       | 29 ++++++++++++++
 .../empanadas/templates/minimal/9/x86_64      | 39 +++++++++++++++++++
 iso/empanadas/empanadas/util/iso_utils.py     | 15 +++++--
 sync/sync-to-prod-9.sh                        |  6 ++-
 7 files changed, 157 insertions(+), 4 deletions(-)
 create mode 100644 iso/empanadas/empanadas/templates/minimal/9/aarch64
 create mode 100644 iso/empanadas/empanadas/templates/minimal/9/ppc64le
 create mode 100644 iso/empanadas/empanadas/templates/minimal/9/s390x
 create mode 100644 iso/empanadas/empanadas/templates/minimal/9/x86_64

diff --git a/iso/empanadas/empanadas/configs/el9.yaml b/iso/empanadas/empanadas/configs/el9.yaml
index 6ab9ccc..f67f28c 100644
--- a/iso/empanadas/empanadas/configs/el9.yaml
+++ b/iso/empanadas/empanadas/configs/el9.yaml
@@ -52,6 +52,7 @@
           - 'minimal'
           - 'BaseOS'
         variant: 'minimal'
+        volname: 'dvd'
       BaseOS:
         disc: False
         isoskip: True
diff --git a/iso/empanadas/empanadas/templates/minimal/9/aarch64 b/iso/empanadas/empanadas/templates/minimal/9/aarch64
new file mode 100644
index 0000000..b5f2eae
--- /dev/null
+++ b/iso/empanadas/empanadas/templates/minimal/9/aarch64
@@ -0,0 +1,38 @@
+@minimal-environment
+@core
+@standard
+@base
+@guest-agents
+kernel
+lvm2
+bubblewrap
+efibootmgr
+efi-filesystem
+efivar-libs
+flashrom
+fwupd
+fwupd-plugin-flashrom
+gdisk
+glibc-langpack-en
+grub2
+grub2-efi-aa64
+langpacks-core-en
+langpacks-en
+libatasmart
+libblockdev
+libblockdev-crypto
+libblockdev-fs
+libblockdev-loop
+libblockdev-mdraid
+libblockdev-part
+libblockdev-swap
+libblockdev-utils
+libbytesize
+libgcab1
+libjcat
+libudisks2
+libxmlb
+mokutil
+shim-aa64
+udisks2
+volume_key-libs
diff --git a/iso/empanadas/empanadas/templates/minimal/9/ppc64le b/iso/empanadas/empanadas/templates/minimal/9/ppc64le
new file mode 100644
index 0000000..62fc6c9
--- /dev/null
+++ b/iso/empanadas/empanadas/templates/minimal/9/ppc64le
@@ -0,0 +1,33 @@
+@minimal-environment
+@core
+@standard
+@base
+@guest-agents
+kernel
+lvm2
+bubblewrap
+efi-filesystem
+flashrom
+fwupd
+fwupd-plugin-flashrom
+gdisk
+glibc-langpack-en
+grub2
+langpacks-core-en
+langpacks-en
+libatasmart
+libblockdev
+libblockdev-crypto
+libblockdev-fs
+libblockdev-loop
+libblockdev-mdraid
+libblockdev-part
+libblockdev-swap
+libblockdev-utils
+libbytesize
+libgcab1
+libjcat
+libudisks2
+libxmlb
+udisks2
+volume_key-libs
diff --git a/iso/empanadas/empanadas/templates/minimal/9/s390x b/iso/empanadas/empanadas/templates/minimal/9/s390x
new file mode 100644
index 0000000..8317cf1
--- /dev/null
+++ b/iso/empanadas/empanadas/templates/minimal/9/s390x
@@ -0,0 +1,29 @@
+@minimal-environment
+@core
+@standard
+@base
+kernel
+lvm2
+bubblewrap
+efi-filesystem
+fwupd
+gdisk
+glibc-langpack-en
+langpacks-core-en
+langpacks-en
+libatasmart
+libblockdev
+libblockdev-crypto
+libblockdev-fs
+libblockdev-loop
+libblockdev-mdraid
+libblockdev-part
+libblockdev-swap
+libblockdev-utils
+libbytesize
+libgcab1
+libjcat
+libudisks2
+libxmlb
+udisks2
+volume_key-libs
diff --git a/iso/empanadas/empanadas/templates/minimal/9/x86_64 b/iso/empanadas/empanadas/templates/minimal/9/x86_64
new file mode 100644
index 0000000..1d550a2
--- /dev/null
+++ b/iso/empanadas/empanadas/templates/minimal/9/x86_64
@@ -0,0 +1,39 @@
+@minimal-environment
+@core
+@standard
+@base
+@guest-agents
+kernel
+lvm2
+bubblewrap
+efibootmgr
+efi-filesystem
+efivar-libs
+flashrom
+fwupd
+fwupd-plugin-flashrom
+gdisk
+glibc-langpack-en
+grub2
+grub2-efi-x64
+langpacks-core-en
+langpacks-en
+libatasmart
+libblockdev
+libblockdev-crypto
+libblockdev-fs
+libblockdev-loop
+libblockdev-mdraid
+libblockdev-part
+libblockdev-swap
+libblockdev-utils
+libbytesize
+libgcab1
+libjcat
+libsmbios
+libudisks2
+libxmlb
+mokutil
+shim-x64
+udisks2
+volume_key-libs
diff --git a/iso/empanadas/empanadas/util/iso_utils.py b/iso/empanadas/empanadas/util/iso_utils.py
index 70846d5..a098791 100644
--- a/iso/empanadas/empanadas/util/iso_utils.py
+++ b/iso/empanadas/empanadas/util/iso_utils.py
@@ -718,6 +718,15 @@ class IsoBuild:
                 self.log.info(Color.WARN + 'Skipping ' + y + ' image')
                 continue
 
+            # Kind of hacky, but if we decide to have more than boot/dvd iso's,
+            # we need to make sure volname matches the initial lorax image,
+            # which the volid contains "dvd". AKA, file name doesn't always
+            # equate to volume ID
+            if 'volname' in self.iso_map['images'][y]:
+                volname = self.iso_map['images'][y]['volname']
+            else:
+                volname = y
+
             for a in arches_to_build:
                 lorax_path = os.path.join(self.lorax_work_dir, a, 'lorax', '.treeinfo')
                 image_path = os.path.join(self.lorax_work_dir, a, y, '.treeinfo')
@@ -734,7 +743,7 @@ class IsoBuild:
                         y,
                         self.iso_map['images'][y]['repos'],
                 )
-                self._extra_iso_local_config(a, y, grafts, work_root)
+                self._extra_iso_local_config(a, y, grafts, work_root, volname)
 
                 if self.extra_iso_mode == 'local':
                     self._extra_iso_local_run(a, y, work_root)
@@ -747,7 +756,7 @@ class IsoBuild:
         if self.extra_iso_mode == 'podman':
             self._extra_iso_podman_run(arches_to_build, images_to_build, work_root)
 
-    def _extra_iso_local_config(self, arch, image, grafts, work_root):
+    def _extra_iso_local_config(self, arch, image, grafts, work_root, volname):
         """
         Local ISO build configuration - This generates the configuration for
         both mock and podman entries
@@ -798,7 +807,7 @@ class IsoBuild:
                 self.minor_version,
                 rclevel,
                 arch,
-                image
+                volname
         )
 
         isoname = '{}-{}.{}{}-{}-{}.iso'.format(
diff --git a/sync/sync-to-prod-9.sh b/sync/sync-to-prod-9.sh
index 54accd4..22dd4af 100644
--- a/sync/sync-to-prod-9.sh
+++ b/sync/sync-to-prod-9.sh
@@ -13,10 +13,12 @@ ret_val=$?
 if [ $ret_val -eq "0" ]; then
   TARGET="${PRODUCTION_ROOT}/${CATEGORY_STUB}/${REV:0:3}"
   mkdir -p "${TARGET}"
+  echo "Syncing ${REVISION}"
   sudo -l && time fpsync -o '-av --numeric-ids --no-compress --chown=10004:10005' -n 18 -t /mnt/compose/partitions "${STAGING_ROOT}/${CATEGORY_STUB}/${REV}/" "${TARGET}/"
 
   # Full file list update for production root
-  cd "${PRODUCTION_ROOT}/" || echo { echo "Failed to change directory"; exit 1; }
+  cd "${PRODUCTION_ROOT}/" || { echo "Failed to change directory"; exit 1; }
+  echo "Getting a full file list for the root dir"
   find . > fullfilelist
   if [[ -f /usr/local/bin/create-filelist ]]; then
     # We're already here, but Justin Case wanted this
@@ -28,7 +30,9 @@ if [ $ret_val -eq "0" ]; then
   # Full file list update for rocky linux itself
   cd "${PRODUCTION_ROOT}/${CATEGORY_STUB}/" || { echo "Failed to change directory"; exit 1; }
   # Hardlink everything except xml files
+  echo "Hard linking"
   hardlink -x '.*\.xml.*' "${REVISION}"
+  echo "Getting a full file list for the rocky dir"
   find . > fullfilelist
   if [[ -f /usr/local/bin/create-filelist ]]; then
     # We're already here, but Justin Case wanted this

From ca47a82d99503fc9bff11a587257d4ed0ca1a4c2 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Wed, 13 Jul 2022 20:07:50 -0700
Subject: [PATCH 94/96] increase worker count

---
 sync/sync-to-prod-9.sh    | 2 +-
 sync/sync-to-staging-9.sh | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/sync/sync-to-prod-9.sh b/sync/sync-to-prod-9.sh
index 22dd4af..1c90de1 100644
--- a/sync/sync-to-prod-9.sh
+++ b/sync/sync-to-prod-9.sh
@@ -14,7 +14,7 @@ if [ $ret_val -eq "0" ]; then
   TARGET="${PRODUCTION_ROOT}/${CATEGORY_STUB}/${REV:0:3}"
   mkdir -p "${TARGET}"
   echo "Syncing ${REVISION}"
-  sudo -l && time fpsync -o '-av --numeric-ids --no-compress --chown=10004:10005' -n 18 -t /mnt/compose/partitions "${STAGING_ROOT}/${CATEGORY_STUB}/${REV}/" "${TARGET}/"
+  sudo -l && time fpsync -o '-av --numeric-ids --no-compress --chown=10004:10005' -n 24 -t /mnt/compose/partitions "${STAGING_ROOT}/${CATEGORY_STUB}/${REV}/" "${TARGET}/"
 
   # Full file list update for production root
   cd "${PRODUCTION_ROOT}/" || { echo "Failed to change directory"; exit 1; }
diff --git a/sync/sync-to-staging-9.sh b/sync/sync-to-staging-9.sh
index 4c18041..a5d59df 100644
--- a/sync/sync-to-staging-9.sh
+++ b/sync/sync-to-staging-9.sh
@@ -26,7 +26,7 @@ if [ $ret_val -eq "0" ]; then
   # shellcheck disable=SC2035
   #sudo -l && find **/* -maxdepth 0 -type d | parallel --will-cite -j 18 sudo rsync -av --chown=10004:10005 --progress --relative --human-readable \
   #    {} "${TARGET}"
-  sudo -l && time fpsync -o '-av --numeric-ids --no-compress --chown=10004:10005' -n 18 -t /mnt/compose/partitions "/mnt/compose/${MAJ}/latest-${SHORT}-${MAJ}${PROFILE}/compose/" "${TARGET}/"
+  sudo -l && time fpsync -o '-av --numeric-ids --no-compress --chown=10004:10005' -n 24 -t /mnt/compose/partitions "/mnt/compose/${MAJ}/latest-${SHORT}-${MAJ}${PROFILE}/compose/" "${TARGET}/"
 
   # This is temporary until we implement rsync into empanadas
   #if [ -f "COMPOSE_ID" ]; then

From 03d0c585aee677f59c3a9cbd8140ca5b7e585f57 Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Wed, 13 Jul 2022 19:18:43 -0400
Subject: [PATCH 95/96] add gitignore

* change capitalization for vbox
---
 .gitignore                                     | 1 +
 iso/empanadas/empanadas/common.py              | 2 +-
 iso/empanadas/empanadas/scripts/build_image.py | 6 +++---
 3 files changed, 5 insertions(+), 4 deletions(-)
 create mode 100644 .gitignore

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..6ff6e1d
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+.swp
diff --git a/iso/empanadas/empanadas/common.py b/iso/empanadas/empanadas/common.py
index fa7c806..ee32228 100644
--- a/iso/empanadas/empanadas/common.py
+++ b/iso/empanadas/empanadas/common.py
@@ -106,7 +106,7 @@ ALLOWED_TYPE_VARIANTS = {
         "Container": ["Base", "Minimal", "UBI"],
         "EC2": None,
         "GenericCloud": None,
-        "Vagrant": ["Libvirt", "VBox"]
+        "Vagrant": ["Libvirt", "Vbox"]
 }
 def valid_type_variant(_type: str, variant: str="") -> bool:
     if _type not in ALLOWED_TYPE_VARIANTS:
diff --git a/iso/empanadas/empanadas/scripts/build_image.py b/iso/empanadas/empanadas/scripts/build_image.py
index 508f99c..5085253 100644
--- a/iso/empanadas/empanadas/scripts/build_image.py
+++ b/iso/empanadas/empanadas/scripts/build_image.py
@@ -116,7 +116,7 @@ class ImageBuild:
             #         ["qemu-img", "convert", "-f", "raw", "-o", "subformat=fixed,force_size" ,"-O", "vpc", lambda: f"{STORAGE_DIR}/{self.target_uuid}.body", f"{self.outdir}/{self.outname}.vhd"]
         if self.image_type in ["Vagrant"]:
             _map = {
-                    "VBox": "vmdk",
+                    "Vbox": "vmdk",
                     "Libvirt": "qcow2"
                     }
             output = f"{_map[self.variant]}" #type: ignore
@@ -126,7 +126,7 @@ class ImageBuild:
 
 
         if self.stage_commands:
-            self.stage_commands += ["cp", "-v",  lambda: f"{STORAGE_DIR}/{self.target_uuid}.meta", f"{self.outdir}/build.meta"]
+            self.stage_commands.append(["cp", "-v",  lambda: f"{STORAGE_DIR}/{self.target_uuid}.meta", f"{self.outdir}/build.meta"])
 
         try:
             os.mkdir(self.outdir)
@@ -263,7 +263,7 @@ class ImageBuild:
     def package(self) -> int: 
         # Some build types don't need to be packaged by imagefactory
         # @TODO remove business logic if possible
-        if self.image_type in ["GenericCloud", "EC2", "Azure"]:
+        if self.image_type in ["GenericCloud", "EC2", "Azure", "Vagrant"]:
             self.target_uuid = self.base_uuid if hasattr(self, 'base_uuid') else ""
 
         if self.target_uuid:

From 929aa97e8b9fab817eb5a749499aac30c80b1725 Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Wed, 13 Jul 2022 23:34:08 -0400
Subject: [PATCH 96/96] bump to 0.3.0; release

---
 iso/empanadas/pyproject.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/iso/empanadas/pyproject.toml b/iso/empanadas/pyproject.toml
index 96b5288..20164a4 100644
--- a/iso/empanadas/pyproject.toml
+++ b/iso/empanadas/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "empanadas"
-version = "0.2.0"
+version = "0.3.0"
 description = "hand crafted ISOs with love and spice"
 authors = ["Louis Abel <label@rockylinux.org>", "Neil Hanlon <neil@rockylinux.org>"]