diff --git a/.github/workflows/k8-infra-ci.yaml b/.github/workflows/k8-infra-ci.yaml index 340ed005..462959d0 100644 --- a/.github/workflows/k8-infra-ci.yaml +++ b/.github/workflows/k8-infra-ci.yaml @@ -104,7 +104,7 @@ jobs: cd ${{ env.KUBERNETES_INFRA_DIR }} # Running temporary exit code 0 till all the issues are fixed datree config set offline local - datree test resc_helm_template.yaml --only-k8s-files --no-record --verbose --only-k8s-files --policy-config datree-policies.yaml || exit 0 + datree test resc_helm_template.yaml --only-k8s-files --no-record --verbose --policy-config datree-policies.yaml release-charts: name: Release Charts diff --git a/components/resc-backend/src/resc_backend/resc_web_service/api.py b/components/resc-backend/src/resc_backend/resc_web_service/api.py index 4f271b6a..c8aded04 100644 --- a/components/resc-backend/src/resc_backend/resc_web_service/api.py +++ b/components/resc-backend/src/resc_backend/resc_web_service/api.py @@ -116,7 +116,7 @@ def generate_logger_config(log_file_path, debug=True): description="RESC API helps you to perform several operations upon findings " "obtained from multiple source code repositories.", version=get_package_version(), - openapi_tags=tags_metadata, dependencies=AUTH) + openapi_tags=tags_metadata) if env_variables[ENABLE_CORS].lower() in ["true"]: origins = env_variables[CORS_ALLOWED_DOMAINS].split(', ') @@ -129,15 +129,15 @@ def generate_logger_config(log_file_path, debug=True): ) app.include_router(health.router, prefix=RWS_VERSION_PREFIX) -app.include_router(common.router, prefix=RWS_VERSION_PREFIX) -app.include_router(rules.router, prefix=RWS_VERSION_PREFIX) -app.include_router(rule_packs.router, prefix=RWS_VERSION_PREFIX) -app.include_router(findings.router, prefix=RWS_VERSION_PREFIX) -app.include_router(detailed_findings.router, prefix=RWS_VERSION_PREFIX) -app.include_router(repositories.router, prefix=RWS_VERSION_PREFIX) -app.include_router(scans.router, prefix=RWS_VERSION_PREFIX) -app.include_router(vcs_instances.router, prefix=RWS_VERSION_PREFIX) -app.include_router(metrics.router, prefix=RWS_VERSION_PREFIX) +app.include_router(common.router, prefix=RWS_VERSION_PREFIX, dependencies=AUTH) +app.include_router(rules.router, prefix=RWS_VERSION_PREFIX, dependencies=AUTH) +app.include_router(rule_packs.router, prefix=RWS_VERSION_PREFIX, dependencies=AUTH) +app.include_router(findings.router, prefix=RWS_VERSION_PREFIX, dependencies=AUTH) +app.include_router(detailed_findings.router, prefix=RWS_VERSION_PREFIX, dependencies=AUTH) +app.include_router(repositories.router, prefix=RWS_VERSION_PREFIX, dependencies=AUTH) +app.include_router(scans.router, prefix=RWS_VERSION_PREFIX, dependencies=AUTH) +app.include_router(vcs_instances.router, prefix=RWS_VERSION_PREFIX, dependencies=AUTH) +app.include_router(metrics.router, prefix=RWS_VERSION_PREFIX, dependencies=AUTH) # Apply the security headers to the app in the form of middleware app.middleware("http")(add_security_headers) diff --git a/components/resc-vcs-scanner/src/vcs_scanner/secret_scanners/celery_worker.py b/components/resc-vcs-scanner/src/vcs_scanner/secret_scanners/celery_worker.py index f517fa6a..890b5262 100644 --- a/components/resc-vcs-scanner/src/vcs_scanner/secret_scanners/celery_worker.py +++ b/components/resc-vcs-scanner/src/vcs_scanner/secret_scanners/celery_worker.py @@ -1,4 +1,4 @@ -# pylint: disable=E1101 +# pylint: disable=E1101,W0603 # Standard Library import json import os @@ -46,22 +46,29 @@ rws_url = f"http://{env_variables[RESC_API_NO_AUTH_SERVICE_HOST]}:{env_variables[RESC_API_NO_AUTH_SERVICE_PORT]}" rws_writer: RESTAPIWriter = RESTAPIWriter(rws_url=rws_url) -vcs_instances_list = load_vcs_instances(env_variables[VCS_INSTANCES_FILE_PATH]) -vcs_instances = rws_writer.write_vcs_instances(vcs_instances_list) - -downloaded_rule_pack_version = rws_writer.download_rule_pack() +VCS_INSTANCES_LIST = None +VCS_INSTANCES = None +DOWNLOADED_RULE_PACK_VERSION = None @app.task(name="scan_repository", Queue=rabbitmq_queue) def scan_repository(repository): - active_rule_pack_version = rws_writer.check_active_rule_pack_version(rule_pack_version=downloaded_rule_pack_version) + global VCS_INSTANCES_LIST, VCS_INSTANCES, DOWNLOADED_RULE_PACK_VERSION + if not VCS_INSTANCES_LIST: + VCS_INSTANCES_LIST = load_vcs_instances(env_variables[VCS_INSTANCES_FILE_PATH]) + if not VCS_INSTANCES: + VCS_INSTANCES = rws_writer.write_vcs_instances(VCS_INSTANCES_LIST) + if not DOWNLOADED_RULE_PACK_VERSION: + DOWNLOADED_RULE_PACK_VERSION = rws_writer.download_rule_pack() + + active_rule_pack_version = rws_writer.check_active_rule_pack_version(rule_pack_version=DOWNLOADED_RULE_PACK_VERSION) repository_runtime = RepositoryRuntime(**json.loads(repository)) logger.info(f"Received repository to scan via the queue '{rabbitmq_queue}' => " f"{repository_runtime.project_key}/{repository_runtime.repository_name}") try: - vcs_instance = vcs_instances[repository_runtime.vcs_instance_name] + vcs_instance = VCS_INSTANCES[repository_runtime.vcs_instance_name] repository = Repository(project_key=repository_runtime.project_key, repository_id=repository_runtime.repository_id, diff --git a/deployment/kubernetes/RESC-SECRETS-RULE.toml b/deployment/kubernetes/RESC-SECRETS-RULE.toml new file mode 100644 index 00000000..bd67318c --- /dev/null +++ b/deployment/kubernetes/RESC-SECRETS-RULE.toml @@ -0,0 +1,2766 @@ +# This file has been auto-generated. Do not edit manually. +# If you would like to contribute new rules, please use +# cmd/generate/config/main.go and follow the contributing guidelines +# at https://github.com/zricethezav/gitleaks/blob/master/CONTRIBUTING.md + +# This is the default gitleaks configuration file. +# Rules and allowlists are defined within this file. +# Rules instruct gitleaks on what should be considered a secret. +# Allowlists instruct gitleaks on what is allowed, i.e. not a secret. + +title = "gitleaks config" + +[allowlist] +description = "global allow lists" +paths = [ + '''gitleaks.toml''', + '''(.*?)(jpg|gif|doc|docx|zip|xls|pdf|bin|svg|socket)$''', + '''(go.mod|go.sum)$''', + '''node_modules''', + '''vendor''', +] + +[[rules]] +description = "Adafruit API Key" +id = "adafruit-api-key" +regex = '''(?i)(?:adafruit)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "adafruit", +] + +[[rules]] +description = "Adobe Client ID (OAuth Web)" +id = "adobe-client-id" +regex = '''(?i)(?:adobe)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "adobe", +] + +[[rules]] +description = "Adobe Client Secret" +id = "adobe-client-secret" +regex = '''(?i)\b((p8e-)(?i)[a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = [ + "p8e-", +] + +[[rules]] +description = "Age secret key" +id = "age secret key" +regex = '''AGE-SECRET-KEY-1[QPZRY9X8GF2TVDW0S3JN54KHCE6MUA7L]{58}''' +keywords = [ + "age-secret-key-1", +] + +[[rules]] +description = "Airtable API Key" +id = "airtable-api-key" +regex = '''(?i)(?:airtable)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{17})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "airtable", +] + +[[rules]] +description = "Algolia API Key" +id = "algolia-api-key" +regex = '''(?i)(?:algolia)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = [ + "algolia", +] + +[[rules]] +description = "Alibaba AccessKey ID" +id = "alibaba-access-key-id" +regex = '''(?i)\b((LTAI)(?i)[a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = [ + "ltai", +] + +[[rules]] +description = "Alibaba Secret Key" +id = "alibaba-secret-key" +regex = '''(?i)(?:alibaba)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "alibaba", +] + +[[rules]] +description = "Asana Client ID" +id = "asana-client-id" +regex = '''(?i)(?:asana)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "asana", +] + +[[rules]] +description = "Asana Client Secret" +id = "asana-client-secret" +regex = '''(?i)(?:asana)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "asana", +] + +[[rules]] +description = "Atlassian API token" +id = "atlassian-api-token" +regex = '''(?i)(?:atlassian|confluence|jira)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "atlassian","confluence","jira", +] + +[[rules]] +description = "AWS" +id = "aws-access-token" +regex = '''(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}''' +keywords = [ + "akia","agpa","aida","aroa","aipa","anpa","anva","asia", +] + +[[rules]] +description = "Beamer API token" +id = "beamer-api-token" +regex = '''(?i)(?:beamer)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(b_[a-z0-9=_\-]{44})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "beamer", +] + +[[rules]] +description = "Bitbucket Client ID" +id = "bitbucket-client-id" +regex = '''(?i)(?:bitbucket)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "bitbucket", +] + +[[rules]] +description = "Bitbucket Client Secret" +id = "bitbucket-client-secret" +regex = '''(?i)(?:bitbucket)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "bitbucket", +] + +[[rules]] +description = "Bittrex Access Key" +id = "bittrex-access-key" +regex = '''(?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "bittrex", +] + +[[rules]] +description = "Bittrex Secret Key" +id = "bittrex-secret-key" +regex = '''(?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "bittrex", +] + +[[rules]] +description = "Clojars API token" +id = "clojars-api-token" +regex = '''(?i)(CLOJARS_)[a-z0-9]{60}''' +keywords = [ + "clojars", +] + +[[rules]] +description = "Codecov Access Token" +id = "codecov-access-token" +regex = '''(?i)(?:codecov)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "codecov", +] + +[[rules]] +description = "Coinbase Access Token" +id = "coinbase-access-token" +regex = '''(?i)(?:coinbase)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "coinbase", +] + +[[rules]] +description = "Confluent Access Token" +id = "confluent-access-token" +regex = '''(?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "confluent", +] + +[[rules]] +description = "Confluent Secret Key" +id = "confluent-secret-key" +regex = '''(?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "confluent", +] + +[[rules]] +description = "Contentful delivery API token" +id = "contentful-delivery-api-token" +regex = '''(?i)(?:contentful)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{43})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "contentful", +] + +[[rules]] +description = "Databricks API token" +id = "databricks-api-token" +regex = '''(?i)\b(dapi[a-h0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = [ + "dapi", +] + +[[rules]] +description = "Datadog Access Token" +id = "datadog-access-token" +regex = '''(?i)(?:datadog)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "datadog", +] + +[[rules]] +description = "DigitalOcean OAuth Access Token" +id = "digitalocean-access-token" +regex = '''(?i)\b(doo_v1_[a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "doo_v1_", +] + +[[rules]] +description = "DigitalOcean Personal Access Token" +id = "digitalocean-pat" +regex = '''(?i)\b(dop_v1_[a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "dop_v1_", +] + +[[rules]] +description = "DigitalOcean OAuth Refresh Token" +id = "digitalocean-refresh-token" +regex = '''(?i)\b(dor_v1_[a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "dor_v1_", +] + +[[rules]] +description = "Discord API key" +id = "discord-api-token" +regex = '''(?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "discord", +] + +[[rules]] +description = "Discord client ID" +id = "discord-client-id" +regex = '''(?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9]{18})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "discord", +] + +[[rules]] +description = "Discord client secret" +id = "discord-client-secret" +regex = '''(?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "discord", +] + +[[rules]] +description = "Doppler API token" +id = "doppler-api-token" +regex = '''(dp\.pt\.)(?i)[a-z0-9]{43}''' +keywords = [ + "doppler", +] + +[[rules]] +description = "Droneci Access Token" +id = "droneci-access-token" +regex = '''(?i)(?:droneci)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "droneci", +] + +[[rules]] +description = "Dropbox API secret" +id = "dropbox-api-token" +regex = '''(?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{15})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "dropbox", +] + +[[rules]] +description = "Dropbox long lived API token" +id = "dropbox-long-lived-api-token" +regex = '''(?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{11}(AAAAAAAAAA)[a-z0-9\-_=]{43})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = [ + "dropbox", +] + +[[rules]] +description = "Dropbox short lived API token" +id = "dropbox-short-lived-api-token" +regex = '''(?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(sl\.[a-z0-9\-=_]{135})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = [ + "dropbox", +] + +[[rules]] +description = "Duffel API token" +id = "duffel-api-token" +regex = '''duffel_(test|live)_(?i)[a-z0-9_\-=]{43}''' +keywords = [ + "duffel", +] + +[[rules]] +description = "Dynatrace API token" +id = "dynatrace-api-token" +regex = '''dt0c01\.(?i)[a-z0-9]{24}\.[a-z0-9]{64}''' +keywords = [ + "dynatrace", +] + +[[rules]] +description = "EasyPost API token" +id = "easypost-api-token" +regex = '''EZAK(?i)[a-z0-9]{54}''' +keywords = [ + "ezak", +] + +[[rules]] +description = "EasyPost test API token" +id = "easypost-test-api-token" +regex = '''EZTK(?i)[a-z0-9]{54}''' +keywords = [ + "eztk", +] + +[[rules]] +description = "Etsy Access Token" +id = "etsy-access-token" +regex = '''(?i)(?:etsy)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "etsy", +] + +[[rules]] +description = "Facebook" +id = "facebook" +regex = '''(?i)(?:facebook)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "facebook", +] + +[[rules]] +description = "Fastly API key" +id = "fastly-api-token" +regex = '''(?i)(?:fastly)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "fastly", +] + +[[rules]] +description = "Finicity API token" +id = "finicity-api-token" +regex = '''(?i)(?:finicity)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "finicity", +] + +[[rules]] +description = "Finicity Client Secret" +id = "finicity-client-secret" +regex = '''(?i)(?:finicity)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "finicity", +] + +[[rules]] +description = "Finnhub Access Token" +id = "finnhub-access-token" +regex = '''(?i)(?:finnhub)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "finnhub", +] + +[[rules]] +description = "Flickr Access Token" +id = "flickr-access-token" +regex = '''(?i)(?:flickr)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "flickr", +] + +[[rules]] +description = "Flutterwave Encryption Key" +id = "flutterwave-encryption-key" +regex = '''FLWSECK_TEST-(?i)[a-h0-9]{12}''' +keywords = [ + "flwseck_test", +] + +[[rules]] +description = "Finicity Public Key" +id = "flutterwave-public-key" +regex = '''FLWPUBK_TEST-(?i)[a-h0-9]{32}-X''' +keywords = [ + "flwpubk_test", +] + +[[rules]] +description = "Flutterwave Secret Key" +id = "flutterwave-secret-key" +regex = '''FLWSECK_TEST-(?i)[a-h0-9]{32}-X''' +keywords = [ + "flwseck_test", +] + +[[rules]] +description = "Frame.io API token" +id = "frameio-api-token" +regex = '''fio-u-(?i)[a-z0-9\-_=]{64}''' +keywords = [ + "fio-u-", +] + +[[rules]] +description = "Freshbooks Access Token" +id = "freshbooks-access-token" +regex = '''(?i)(?:freshbooks)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "freshbooks", +] + +[[rules]] +description = "GCP API key" +id = "gcp-api-key" +regex = '''(?i)\b(AIza[0-9A-Za-z\\-_]{35})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "aiza", +] + +[[rules]] +description = "Generic API Key" +id = "generic-api-key" +regex = '''(?i)(?:key|api|token|secret|client|passwd|password|auth|access)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-z\-_.=]{10,150})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +entropy = 3.5 +keywords = [ + "key","api","token","secret","client","passwd","password","auth","access", +] +[rules.allowlist] +paths = [ + '''Database.refactorlog''' +] +stopwords= [ + "client", + "endpoint", + "vpn", + "_ec2_", + "aws_", + "authorize", + "author", + "define", + "config", + "credential", + "setting", + "sample", + "xxxxxx", + "000000", + "buffer", + "delete", + "aaaaaa", + "fewfwef", + "getenv", + "env_", + "system", + "example", + "ecdsa", + "sha256", + "sha1", + "sha2", + "md5", + "alert", + "wizard", + "target", + "onboard", + "welcome", + "page", + "exploit", + "experiment", + "expire", + "rabbitmq", + "scraper", + "widget", + "music", + "dns_", + "dns-", + "yahoo", + "want", + "json", + "action", + "script", + "fix_", + "fix-", + "develop", + "compas", + "stripe", + "service", + "master", + "metric", + "tech", + "gitignore", + "rich", + "open", + "stack", + "irc_", + "irc-", + "sublime", + "kohana", + "has_", + "has-", + "fabric", + "wordpres", + "role", + "osx_", + "osx-", + "boost", + "addres", + "queue", + "working", + "sandbox", + "internet", + "print", + "vision", + "tracking", + "being", + "generator", + "traffic", + "world", + "pull", + "rust", + "watcher", + "small", + "auth", + "full", + "hash", + "more", + "install", + "auto", + "complete", + "learn", + "paper", + "installer", + "research", + "acces", + "last", + "binding", + "spine", + "into", + "chat", + "algorithm", + "resource", + "uploader", + "video", + "maker", + "next", + "proc", + "lock", + "robot", + "snake", + "patch", + "matrix", + "drill", + "terminal", + "term", + "stuff", + "genetic", + "generic", + "identity", + "audit", + "pattern", + "audio", + "web_", + "web-", + "crud", + "problem", + "statu", + "cms-", + "cms_", + "arch", + "coffee", + "workflow", + "changelog", + "another", + "uiview", + "content", + "kitchen", + "gnu_", + "gnu-", + "gnu.", + "conf", + "couchdb", + "client", + "opencv", + "rendering", + "update", + "concept", + "varnish", + "gui_", + "gui-", + "gui.", + "version", + "shared", + "extra", + "product", + "still", + "not_", + "not-", + "not.", + "drop", + "ring", + "png_", + "png-", + "png.", + "actively", + "import", + "output", + "backup", + "start", + "embedded", + "registry", + "pool", + "semantic", + "instagram", + "bash", + "system", + "ninja", + "drupal", + "jquery", + "polyfill", + "physic", + "league", + "guide", + "pack", + "synopsi", + "sketch", + "injection", + "svg_", + "svg-", + "svg.", + "friendly", + "wave", + "convert", + "manage", + "camera", + "link", + "slide", + "timer", + "wrapper", + "gallery", + "url_", + "url-", + "url.", + "todomvc", + "requirej", + "party", + "http", + "payment", + "async", + "library", + "home", + "coco", + "gaia", + "display", + "universal", + "func", + "metadata", + "hipchat", + "under", + "room", + "config", + "personal", + "realtime", + "resume", + "database", + "testing", + "tiny", + "basic", + "forum", + "meetup", + "yet_", + "yet-", + "yet.", + "cento", + "dead", + "fluentd", + "editor", + "utilitie", + "run_", + "run-", + "run.", + "box_", + "box-", + "box.", + "bot_", + "bot-", + "bot.", + "making", + "sample", + "group", + "monitor", + "ajax", + "parallel", + "cassandra", + "ultimate", + "site", + "get_", + "get-", + "get.", + "gen_", + "gen-", + "gen.", + "gem_", + "gem-", + "gem.", + "extended", + "image", + "knife", + "asset", + "nested", + "zero", + "plugin", + "bracket", + "mule", + "mozilla", + "number", + "act_", + "act-", + "act.", + "map_", + "map-", + "map.", + "micro", + "debug", + "openshift", + "chart", + "expres", + "backend", + "task", + "source", + "translate", + "jbos", + "composer", + "sqlite", + "profile", + "mustache", + "mqtt", + "yeoman", + "have", + "builder", + "smart", + "like", + "oauth", + "school", + "guideline", + "captcha", + "filter", + "bitcoin", + "bridge", + "color", + "toolbox", + "discovery", + "new_", + "new-", + "new.", + "dashboard", + "when", + "setting", + "level", + "post", + "standard", + "port", + "platform", + "yui_", + "yui-", + "yui.", + "grunt", + "animation", + "haskell", + "icon", + "latex", + "cheat", + "lua_", + "lua-", + "lua.", + "gulp", + "case", + "author", + "without", + "simulator", + "wifi", + "directory", + "lisp", + "list", + "flat", + "adventure", + "story", + "storm", + "gpu_", + "gpu-", + "gpu.", + "store", + "caching", + "attention", + "solr", + "logger", + "demo", + "shortener", + "hadoop", + "finder", + "phone", + "pipeline", + "range", + "textmate", + "showcase", + "app_", + "app-", + "app.", + "idiomatic", + "edit", + "our_", + "our-", + "our.", + "out_", + "out-", + "out.", + "sentiment", + "linked", + "why_", + "why-", + "why.", + "local", + "cube", + "gmail", + "job_", + "job-", + "job.", + "rpc_", + "rpc-", + "rpc.", + "contest", + "tcp_", + "tcp-", + "tcp.", + "usage", + "buildout", + "weather", + "transfer", + "automated", + "sphinx", + "issue", + "sas_", + "sas-", + "sas.", + "parallax", + "jasmine", + "addon", + "machine", + "solution", + "dsl_", + "dsl-", + "dsl.", + "episode", + "menu", + "theme", + "best", + "adapter", + "debugger", + "chrome", + "tutorial", + "life", + "step", + "people", + "joomla", + "paypal", + "developer", + "solver", + "team", + "current", + "love", + "visual", + "date", + "data", + "canva", + "container", + "future", + "xml_", + "xml-", + "xml.", + "twig", + "nagio", + "spatial", + "original", + "sync", + "archived", + "refinery", + "science", + "mapping", + "gitlab", + "play", + "ext_", + "ext-", + "ext.", + "session", + "impact", + "set_", + "set-", + "set.", + "see_", + "see-", + "see.", + "migration", + "commit", + "community", + "shopify", + "what'", + "cucumber", + "statamic", + "mysql", + "location", + "tower", + "line", + "code", + "amqp", + "hello", + "send", + "index", + "high", + "notebook", + "alloy", + "python", + "field", + "document", + "soap", + "edition", + "email", + "php_", + "php-", + "php.", + "command", + "transport", + "official", + "upload", + "study", + "secure", + "angularj", + "akka", + "scalable", + "package", + "request", + "con_", + "con-", + "con.", + "flexible", + "security", + "comment", + "module", + "flask", + "graph", + "flash", + "apache", + "change", + "window", + "space", + "lambda", + "sheet", + "bookmark", + "carousel", + "friend", + "objective", + "jekyll", + "bootstrap", + "first", + "article", + "gwt_", + "gwt-", + "gwt.", + "classic", + "media", + "websocket", + "touch", + "desktop", + "real", + "read", + "recorder", + "moved", + "storage", + "validator", + "add-on", + "pusher", + "scs_", + "scs-", + "scs.", + "inline", + "asp_", + "asp-", + "asp.", + "timeline", + "base", + "encoding", + "ffmpeg", + "kindle", + "tinymce", + "pretty", + "jpa_", + "jpa-", + "jpa.", + "used", + "user", + "required", + "webhook", + "download", + "resque", + "espresso", + "cloud", + "mongo", + "benchmark", + "pure", + "cakephp", + "modx", + "mode", + "reactive", + "fuel", + "written", + "flickr", + "mail", + "brunch", + "meteor", + "dynamic", + "neo_", + "neo-", + "neo.", + "new_", + "new-", + "new.", + "net_", + "net-", + "net.", + "typo", + "type", + "keyboard", + "erlang", + "adobe", + "logging", + "ckeditor", + "message", + "iso_", + "iso-", + "iso.", + "hook", + "ldap", + "folder", + "reference", + "railscast", + "www_", + "www-", + "www.", + "tracker", + "azure", + "fork", + "form", + "digital", + "exporter", + "skin", + "string", + "template", + "designer", + "gollum", + "fluent", + "entity", + "language", + "alfred", + "summary", + "wiki", + "kernel", + "calendar", + "plupload", + "symfony", + "foundry", + "remote", + "talk", + "search", + "dev_", + "dev-", + "dev.", + "del_", + "del-", + "del.", + "token", + "idea", + "sencha", + "selector", + "interface", + "create", + "fun_", + "fun-", + "fun.", + "groovy", + "query", + "grail", + "red_", + "red-", + "red.", + "laravel", + "monkey", + "slack", + "supported", + "instant", + "value", + "center", + "latest", + "work", + "but_", + "but-", + "but.", + "bug_", + "bug-", + "bug.", + "virtual", + "tweet", + "statsd", + "studio", + "path", + "real-time", + "frontend", + "notifier", + "coding", + "tool", + "firmware", + "flow", + "random", + "mediawiki", + "bosh", + "been", + "beer", + "lightbox", + "theory", + "origin", + "redmine", + "hub_", + "hub-", + "hub.", + "require", + "pro_", + "pro-", + "pro.", + "ant_", + "ant-", + "ant.", + "any_", + "any-", + "any.", + "recipe", + "closure", + "mapper", + "event", + "todo", + "model", + "redi", + "provider", + "rvm_", + "rvm-", + "rvm.", + "program", + "memcached", + "rail", + "silex", + "foreman", + "activity", + "license", + "strategy", + "batch", + "streaming", + "fast", + "use_", + "use-", + "use.", + "usb_", + "usb-", + "usb.", + "impres", + "academy", + "slider", + "please", + "layer", + "cros", + "now_", + "now-", + "now.", + "miner", + "extension", + "own_", + "own-", + "own.", + "app_", + "app-", + "app.", + "debian", + "symphony", + "example", + "feature", + "serie", + "tree", + "project", + "runner", + "entry", + "leetcode", + "layout", + "webrtc", + "logic", + "login", + "worker", + "toolkit", + "mocha", + "support", + "back", + "inside", + "device", + "jenkin", + "contact", + "fake", + "awesome", + "ocaml", + "bit_", + "bit-", + "bit.", + "drive", + "screen", + "prototype", + "gist", + "binary", + "nosql", + "rest", + "overview", + "dart", + "dark", + "emac", + "mongoid", + "solarized", + "homepage", + "emulator", + "commander", + "django", + "yandex", + "gradle", + "xcode", + "writer", + "crm_", + "crm-", + "crm.", + "jade", + "startup", + "error", + "using", + "format", + "name", + "spring", + "parser", + "scratch", + "magic", + "try_", + "try-", + "try.", + "rack", + "directive", + "challenge", + "slim", + "counter", + "element", + "chosen", + "doc_", + "doc-", + "doc.", + "meta", + "should", + "button", + "packet", + "stream", + "hardware", + "android", + "infinite", + "password", + "software", + "ghost", + "xamarin", + "spec", + "chef", + "interview", + "hubot", + "mvc_", + "mvc-", + "mvc.", + "exercise", + "leaflet", + "launcher", + "air_", + "air-", + "air.", + "photo", + "board", + "boxen", + "way_", + "way-", + "way.", + "computing", + "welcome", + "notepad", + "portfolio", + "cat_", + "cat-", + "cat.", + "can_", + "can-", + "can.", + "magento", + "yaml", + "domain", + "card", + "yii_", + "yii-", + "yii.", + "checker", + "browser", + "upgrade", + "only", + "progres", + "aura", + "ruby_", + "ruby-", + "ruby.", + "polymer", + "util", + "lite", + "hackathon", + "rule", + "log_", + "log-", + "log.", + "opengl", + "stanford", + "skeleton", + "history", + "inspector", + "help", + "soon", + "selenium", + "lab_", + "lab-", + "lab.", + "scheme", + "schema", + "look", + "ready", + "leveldb", + "docker", + "game", + "minimal", + "logstash", + "messaging", + "within", + "heroku", + "mongodb", + "kata", + "suite", + "picker", + "win_", + "win-", + "win.", + "wip_", + "wip-", + "wip.", + "panel", + "started", + "starter", + "front-end", + "detector", + "deploy", + "editing", + "based", + "admin", + "capture", + "spree", + "page", + "bundle", + "goal", + "rpg_", + "rpg-", + "rpg.", + "setup", + "side", + "mean", + "reader", + "cookbook", + "mini", + "modern", + "seed", + "dom_", + "dom-", + "dom.", + "doc_", + "doc-", + "doc.", + "dot_", + "dot-", + "dot.", + "syntax", + "sugar", + "loader", + "website", + "make", + "kit_", + "kit-", + "kit.", + "protocol", + "human", + "daemon", + "golang", + "manager", + "countdown", + "connector", + "swagger", + "map_", + "map-", + "map.", + "mac_", + "mac-", + "mac.", + "man_", + "man-", + "man.", + "orm_", + "orm-", + "orm.", + "org_", + "org-", + "org.", + "little", + "zsh_", + "zsh-", + "zsh.", + "shop", + "show", + "workshop", + "money", + "grid", + "server", + "octopres", + "svn_", + "svn-", + "svn.", + "ember", + "embed", + "general", + "file", + "important", + "dropbox", + "portable", + "public", + "docpad", + "fish", + "sbt_", + "sbt-", + "sbt.", + "done", + "para", + "network", + "common", + "readme", + "popup", + "simple", + "purpose", + "mirror", + "single", + "cordova", + "exchange", + "object", + "design", + "gateway", + "account", + "lamp", + "intellij", + "math", + "mit_", + "mit-", + "mit.", + "control", + "enhanced", + "emitter", + "multi", + "add_", + "add-", + "add.", + "about", + "socket", + "preview", + "vagrant", + "cli_", + "cli-", + "cli.", + "powerful", + "top_", + "top-", + "top.", + "radio", + "watch", + "fluid", + "amazon", + "report", + "couchbase", + "automatic", + "detection", + "sprite", + "pyramid", + "portal", + "advanced", + "plu_", + "plu-", + "plu.", + "runtime", + "git_", + "git-", + "git.", + "uri_", + "uri-", + "uri.", + "haml", + "node", + "sql_", + "sql-", + "sql.", + "cool", + "core", + "obsolete", + "handler", + "iphone", + "extractor", + "array", + "copy", + "nlp_", + "nlp-", + "nlp.", + "reveal", + "pop_", + "pop-", + "pop.", + "engine", + "parse", + "check", + "html", + "nest", + "all_", + "all-", + "all.", + "chinese", + "buildpack", + "what", + "tag_", + "tag-", + "tag.", + "proxy", + "style", + "cookie", + "feed", + "restful", + "compiler", + "creating", + "prelude", + "context", + "java", + "rspec", + "mock", + "backbone", + "light", + "spotify", + "flex", + "related", + "shell", + "which", + "clas", + "webapp", + "swift", + "ansible", + "unity", + "console", + "tumblr", + "export", + "campfire", + "conway'", + "made", + "riak", + "hero", + "here", + "unix", + "unit", + "glas", + "smtp", + "how_", + "how-", + "how.", + "hot_", + "hot-", + "hot.", + "debug", + "release", + "diff", + "player", + "easy", + "right", + "old_", + "old-", + "old.", + "animate", + "time", + "push", + "explorer", + "course", + "training", + "nette", + "router", + "draft", + "structure", + "note", + "salt", + "where", + "spark", + "trello", + "power", + "method", + "social", + "via_", + "via-", + "via.", + "vim_", + "vim-", + "vim.", + "select", + "webkit", + "github", + "ftp_", + "ftp-", + "ftp.", + "creator", + "mongoose", + "led_", + "led-", + "led.", + "movie", + "currently", + "pdf_", + "pdf-", + "pdf.", + "load", + "markdown", + "phalcon", + "input", + "custom", + "atom", + "oracle", + "phonegap", + "ubuntu", + "great", + "rdf_", + "rdf-", + "rdf.", + "popcorn", + "firefox", + "zip_", + "zip-", + "zip.", + "cuda", + "dotfile", + "static", + "openwrt", + "viewer", + "powered", + "graphic", + "les_", + "les-", + "les.", + "doe_", + "doe-", + "doe.", + "maven", + "word", + "eclipse", + "lab_", + "lab-", + "lab.", + "hacking", + "steam", + "analytic", + "option", + "abstract", + "archive", + "reality", + "switcher", + "club", + "write", + "kafka", + "arduino", + "angular", + "online", + "title", + "don't", + "contao", + "notice", + "analyzer", + "learning", + "zend", + "external", + "staging", + "busines", + "tdd_", + "tdd-", + "tdd.", + "scanner", + "building", + "snippet", + "modular", + "bower", + "stm_", + "stm-", + "stm.", + "lib_", + "lib-", + "lib.", + "alpha", + "mobile", + "clean", + "linux", + "nginx", + "manifest", + "some", + "raspberry", + "gnome", + "ide_", + "ide-", + "ide.", + "block", + "statistic", + "info", + "drag", + "youtube", + "koan", + "facebook", + "paperclip", + "art_", + "art-", + "art.", + "quality", + "tab_", + "tab-", + "tab.", + "need", + "dojo", + "shield", + "computer", + "stat", + "state", + "twitter", + "utility", + "converter", + "hosting", + "devise", + "liferay", + "updated", + "force", + "tip_", + "tip-", + "tip.", + "behavior", + "active", + "call", + "answer", + "deck", + "better", + "principle", + "ches", + "bar_", + "bar-", + "bar.", + "reddit", + "three", + "haxe", + "just", + "plug-in", + "agile", + "manual", + "tetri", + "super", + "beta", + "parsing", + "doctrine", + "minecraft", + "useful", + "perl", + "sharing", + "agent", + "switch", + "view", + "dash", + "channel", + "repo", + "pebble", + "profiler", + "warning", + "cluster", + "running", + "markup", + "evented", + "mod_", + "mod-", + "mod.", + "share", + "csv_", + "csv-", + "csv.", + "response", + "good", + "house", + "connect", + "built", + "build", + "find", + "ipython", + "webgl", + "big_", + "big-", + "big.", + "google", + "scala", + "sdl_", + "sdl-", + "sdl.", + "sdk_", + "sdk-", + "sdk.", + "native", + "day_", + "day-", + "day.", + "puppet", + "text", + "routing", + "helper", + "linkedin", + "crawler", + "host", + "guard", + "merchant", + "poker", + "over", + "writing", + "free", + "classe", + "component", + "craft", + "nodej", + "phoenix", + "longer", + "quick", + "lazy", + "memory", + "clone", + "hacker", + "middleman", + "factory", + "motion", + "multiple", + "tornado", + "hack", + "ssh_", + "ssh-", + "ssh.", + "review", + "vimrc", + "driver", + "driven", + "blog", + "particle", + "table", + "intro", + "importer", + "thrift", + "xmpp", + "framework", + "refresh", + "react", + "font", + "librarie", + "variou", + "formatter", + "analysi", + "karma", + "scroll", + "tut_", + "tut-", + "tut.", + "apple", + "tag_", + "tag-", + "tag.", + "tab_", + "tab-", + "tab.", + "category", + "ionic", + "cache", + "homebrew", + "reverse", + "english", + "getting", + "shipping", + "clojure", + "boot", + "book", + "branch", + "combination", + "combo", +] +[[rules]] +description = "GitHub App Token" +id = "github-app-token" +regex = '''(ghu|ghs)_[0-9a-zA-Z]{36}''' +keywords = [ + "ghu_","ghs_", +] + +[[rules]] +description = "GitHub Fine-Grained Personal Access Token" +id = "github-fine-grained-pat" +regex = '''github_pat_[0-9a-zA-Z_]{82}''' +keywords = [ + "github_pat_", +] + +[[rules]] +description = "GitHub OAuth Access Token" +id = "github-oauth" +regex = '''gho_[0-9a-zA-Z]{36}''' +keywords = [ + "gho_", +] + +[[rules]] +description = "GitHub Personal Access Token" +id = "github-pat" +regex = '''ghp_[0-9a-zA-Z]{36}''' +keywords = [ + "ghp_", +] + +[[rules]] +description = "GitHub Refresh Token" +id = "github-refresh-token" +regex = '''ghr_[0-9a-zA-Z]{36}''' +keywords = [ + "ghr_", +] + +[[rules]] +description = "GitLab Personal Access Token" +id = "gitlab-pat" +regex = '''glpat-[0-9a-zA-Z\-\_]{20}''' +keywords = [ + "glpat-", +] + +[[rules]] +description = "Gitter Access Token" +id = "gitter-access-token" +regex = '''(?i)(?:gitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "gitter", +] + +[[rules]] +description = "GoCardless API token" +id = "gocardless-api-token" +regex = '''(?i)(?:gocardless)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(live_(?i)[a-z0-9\-_=]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "live_","gocardless", +] + +[[rules]] +description = "Grafana api key (or Grafana cloud api key)" +id = "grafana-api-key" +regex = '''(?i)\b(eyJrIjoi[A-Za-z0-9]{70,400}={0,2})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "eyjrijoi", +] + +[[rules]] +description = "Grafana cloud api token" +id = "grafana-cloud-api-token" +regex = '''(?i)\b(glc_[A-Za-z0-9+/]{32,400}={0,2})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "glc_", +] + +[[rules]] +description = "Grafana service account token" +id = "grafana-service-account-token" +regex = '''(?i)\b(glsa_[A-Za-z0-9]{32}_[A-Fa-f0-9]{8})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "glsa_", +] + +[[rules]] +description = "HashiCorp Terraform user/org API token" +id = "hashicorp-tf-api-token" +regex = '''(?i)[a-z0-9]{14}\.atlasv1\.[a-z0-9\-_=]{60,70}''' +keywords = [ + "atlasv1", +] + +[[rules]] +description = "Heroku API Key" +id = "heroku-api-key" +regex = '''(?i)(?:heroku)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "heroku", +] + +[[rules]] +description = "HubSpot API Token" +id = "hubspot-api-key" +regex = '''(?i)(?:hubspot)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "hubspot", +] + +[[rules]] +description = "Intercom API Token" +id = "intercom-api-key" +regex = '''(?i)(?:intercom)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{60})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "intercom", +] + +[[rules]] +description = "JSON Web Token" +id = "jwt" +regex = '''(?i)\b(ey[0-9a-z]{30,34}\.ey[0-9a-z-\/_]{30,500}\.[0-9a-zA-Z-\/_]{10,200}={0,2})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = [ + "ey", +] + +[[rules]] +description = "Kraken Access Token" +id = "kraken-access-token" +regex = '''(?i)(?:kraken)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9\/=_\+\-]{80,90})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "kraken", +] + +[[rules]] +description = "Kucoin Access Token" +id = "kucoin-access-token" +regex = '''(?i)(?:kucoin)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "kucoin", +] + +[[rules]] +description = "Kucoin Secret Key" +id = "kucoin-secret-key" +regex = '''(?i)(?:kucoin)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "kucoin", +] + +[[rules]] +description = "Launchdarkly Access Token" +id = "launchdarkly-access-token" +regex = '''(?i)(?:launchdarkly)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "launchdarkly", +] + +[[rules]] +description = "Linear API Token" +id = "linear-api-key" +regex = '''lin_api_(?i)[a-z0-9]{40}''' +keywords = [ + "lin_api_", +] + +[[rules]] +description = "Linear Client Secret" +id = "linear-client-secret" +regex = '''(?i)(?:linear)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "linear", +] + +[[rules]] +description = "LinkedIn Client ID" +id = "linkedin-client-id" +regex = '''(?i)(?:linkedin|linked-in)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{14})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "linkedin","linked-in", +] + +[[rules]] +description = "LinkedIn Client secret" +id = "linkedin-client-secret" +regex = '''(?i)(?:linkedin|linked-in)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "linkedin","linked-in", +] + +[[rules]] +description = "Lob API Key" +id = "lob-api-key" +regex = '''(?i)(?:lob)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}((live|test)_[a-f0-9]{35})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "test_","live_", +] + +[[rules]] +description = "Lob Publishable API Key" +id = "lob-pub-api-key" +regex = '''(?i)(?:lob)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}((test|live)_pub_[a-f0-9]{31})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "test_pub","live_pub","_pub", +] + +[[rules]] +description = "Mailchimp API key" +id = "mailchimp-api-key" +regex = '''(?i)(?:mailchimp)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32}-us20)(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "mailchimp", +] + +[[rules]] +description = "Mailgun private API token" +id = "mailgun-private-api-token" +regex = '''(?i)(?:mailgun)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(key-[a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "mailgun", +] + +[[rules]] +description = "Mailgun public validation key" +id = "mailgun-pub-key" +regex = '''(?i)(?:mailgun)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(pubkey-[a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "mailgun", +] + +[[rules]] +description = "Mailgun webhook signing key" +id = "mailgun-signing-key" +regex = '''(?i)(?:mailgun)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-h0-9]{32}-[a-h0-9]{8}-[a-h0-9]{8})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "mailgun", +] + +[[rules]] +description = "MapBox API token" +id = "mapbox-api-token" +regex = '''(?i)(?:mapbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(pk\.[a-z0-9]{60}\.[a-z0-9]{22})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "mapbox", +] + +[[rules]] +description = "Mattermost Access Token" +id = "mattermost-access-token" +regex = '''(?i)(?:mattermost)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{26})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "mattermost", +] + +[[rules]] +description = "MessageBird API token" +id = "messagebird-api-token" +regex = '''(?i)(?:messagebird|message-bird|message_bird)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{25})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "messagebird","message-bird","message_bird", +] + +[[rules]] +description = "MessageBird client ID" +id = "messagebird-client-id" +regex = '''(?i)(?:messagebird|message-bird|message_bird)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "messagebird","message-bird","message_bird", +] + +[[rules]] +description = "Microsoft Teams Webhook" +id = "microsoft-teams-webhook" +regex = '''https:\/\/[a-z0-9]+\.webhook\.office\.com\/webhookb2\/[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}@[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}\/IncomingWebhook\/[a-z0-9]{32}\/[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}''' +keywords = [ + "webhook.office.com","webhookb2","incomingwebhook", +] + +[[rules]] +description = "Netlify Access Token" +id = "netlify-access-token" +regex = '''(?i)(?:netlify)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{40,46})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "netlify", +] + +[[rules]] +description = "New Relic ingest browser API token" +id = "new-relic-browser-api-token" +regex = '''(?i)(?:new-relic|newrelic|new_relic)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(NRJS-[a-f0-9]{19})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "nrjs-", +] + +[[rules]] +description = "New Relic user API ID" +id = "new-relic-user-api-id" +regex = '''(?i)(?:new-relic|newrelic|new_relic)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "new-relic","newrelic","new_relic", +] + +[[rules]] +description = "New Relic user API Key" +id = "new-relic-user-api-key" +regex = '''(?i)(?:new-relic|newrelic|new_relic)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(NRAK-[a-z0-9]{27})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "nrak", +] + +[[rules]] +description = "npm access token" +id = "npm-access-token" +regex = '''(?i)\b(npm_[a-z0-9]{36})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "npm_", +] + +[[rules]] +description = "Nytimes Access Token" +id = "nytimes-access-token" +regex = '''(?i)(?:nytimes|new-york-times,|newyorktimes)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "nytimes","new-york-times","newyorktimes", +] + +[[rules]] +description = "Okta Access Token" +id = "okta-access-token" +regex = '''(?i)(?:okta)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{42})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "okta", +] + +[[rules]] +description = "Plaid API Token" +id = "plaid-api-token" +regex = '''(?i)(?:plaid)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(access-(?:sandbox|development|production)-[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "plaid", +] + +[[rules]] +description = "Plaid Client ID" +id = "plaid-client-id" +regex = '''(?i)(?:plaid)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "plaid", +] + +[[rules]] +description = "Plaid Secret key" +id = "plaid-secret-key" +regex = '''(?i)(?:plaid)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "plaid", +] + +[[rules]] +description = "PlanetScale API token" +id = "planetscale-api-token" +regex = '''(?i)\b(pscale_tkn_(?i)[a-z0-9=\-_\.]{32,64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "pscale_tkn_", +] + +[[rules]] +description = "PlanetScale OAuth token" +id = "planetscale-oauth-token" +regex = '''(?i)\b(pscale_oauth_(?i)[a-z0-9=\-_\.]{32,64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "pscale_oauth_", +] + +[[rules]] +description = "PlanetScale password" +id = "planetscale-password" +regex = '''(?i)\b(pscale_pw_(?i)[a-z0-9=\-_\.]{32,64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "pscale_pw_", +] + +[[rules]] +description = "Postman API token" +id = "postman-api-token" +regex = '''(?i)\b(PMAK-(?i)[a-f0-9]{24}\-[a-f0-9]{34})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "pmak-", +] + +[[rules]] +description = "Prefect API token" +id = "prefect-api-token" +regex = '''(?i)\b(pnu_[a-z0-9]{36})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "pnu_", +] + +[[rules]] +description = "Private Key" +id = "private-key" +regex = '''(?i)-----BEGIN[ A-Z0-9_-]{0,100}PRIVATE KEY( BLOCK)?-----[\s\S-]*KEY----''' +keywords = [ + "-----begin", +] + +[[rules]] +description = "Pulumi API token" +id = "pulumi-api-token" +regex = '''(?i)\b(pul-[a-f0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "pul-", +] + +[[rules]] +description = "PyPI upload token" +id = "pypi-upload-token" +regex = '''pypi-AgEIcHlwaS5vcmc[A-Za-z0-9\-_]{50,1000}''' +keywords = [ + "pypi-ageichlwas5vcmc", +] + +[[rules]] +description = "RapidAPI Access Token" +id = "rapidapi-access-token" +regex = '''(?i)(?:rapidapi)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{50})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "rapidapi", +] + +[[rules]] +description = "Readme API token" +id = "readme-api-token" +regex = '''(?i)\b(rdme_[a-z0-9]{70})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "rdme_", +] + +[[rules]] +description = "Rubygem API token" +id = "rubygems-api-token" +regex = '''(?i)\b(rubygems_[a-f0-9]{48})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "rubygems_", +] + +[[rules]] +description = "Sendbird Access ID" +id = "sendbird-access-id" +regex = '''(?i)(?:sendbird)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "sendbird", +] + +[[rules]] +description = "Sendbird Access Token" +id = "sendbird-access-token" +regex = '''(?i)(?:sendbird)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "sendbird", +] + +[[rules]] +description = "SendGrid API token" +id = "sendgrid-api-token" +regex = '''(?i)\b(SG\.(?i)[a-z0-9=_\-\.]{66})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "sg.", +] + +[[rules]] +description = "Sendinblue API token" +id = "sendinblue-api-token" +regex = '''(?i)\b(xkeysib-[a-f0-9]{64}\-(?i)[a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "xkeysib-", +] + +[[rules]] +description = "Sentry Access Token" +id = "sentry-access-token" +regex = '''(?i)(?:sentry)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "sentry", +] + +[[rules]] +description = "Shippo API token" +id = "shippo-api-token" +regex = '''(?i)\b(shippo_(live|test)_[a-f0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "shippo_", +] + +[[rules]] +description = "Shopify access token" +id = "shopify-access-token" +regex = '''shpat_[a-fA-F0-9]{32}''' +keywords = [ + "shpat_", +] + +[[rules]] +description = "Shopify custom access token" +id = "shopify-custom-access-token" +regex = '''shpca_[a-fA-F0-9]{32}''' +keywords = [ + "shpca_", +] + +[[rules]] +description = "Shopify private app access token" +id = "shopify-private-app-access-token" +regex = '''shppa_[a-fA-F0-9]{32}''' +keywords = [ + "shppa_", +] + +[[rules]] +description = "Shopify shared secret" +id = "shopify-shared-secret" +regex = '''shpss_[a-fA-F0-9]{32}''' +keywords = [ + "shpss_", +] + +[[rules]] +description = "Sidekiq Secret" +id = "sidekiq-secret" +regex = '''(?i)(?:BUNDLE_ENTERPRISE__CONTRIBSYS__COM|BUNDLE_GEMS__CONTRIBSYS__COM)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{8}:[a-f0-9]{8})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "bundle_enterprise__contribsys__com","bundle_gems__contribsys__com", +] + +[[rules]] +description = "Sidekiq Sensitive URL" +id = "sidekiq-sensitive-url" +regex = '''(?i)\b(http(?:s??):\/\/)([a-f0-9]{8}:[a-f0-9]{8})@(?:gems.contribsys.com|enterprise.contribsys.com)(?:[\/|\#|\?|:]|$)''' +secretGroup = 2 +keywords = [ + "gems.contribsys.com","enterprise.contribsys.com", +] + +[[rules]] +description = "Slack token" +id = "slack-access-token" +regex = '''xox[baprs]-([0-9a-zA-Z]{10,48})''' +keywords = [ + "xoxb","xoxa","xoxp","xoxr","xoxs", +] + +[[rules]] +description = "Slack Webhook" +id = "slack-web-hook" +regex = '''https:\/\/hooks.slack.com\/(services|workflows)\/[A-Za-z0-9+\/]{44,46}''' +keywords = [ + "hooks.slack.com", +] + +[[rules]] +description = "Square Access Token" +id = "square-access-token" +regex = '''(?i)\b(sq0atp-[0-9A-Za-z\-_]{22})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = [ + "sq0atp-", +] + +[[rules]] +description = "Squarespace Access Token" +id = "squarespace-access-token" +regex = '''(?i)(?:squarespace)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "squarespace", +] + +[[rules]] +description = "Stripe" +id = "stripe-access-token" +regex = '''(?i)(sk|pk)_(test|live)_[0-9a-z]{10,32}''' +keywords = [ + "sk_test","pk_test","sk_live","pk_live", +] + +[[rules]] +description = "SumoLogic Access ID" +id = "sumologic-access-id" +regex = '''(?i)(?:sumo)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{14})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "sumo", +] + +[[rules]] +description = "SumoLogic Access Token" +id = "sumologic-access-token" +regex = '''(?i)(?:sumo)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "sumo", +] + +[[rules]] +description = "Telegram Bot API Token" +id = "telegram-bot-api-token" +regex = '''(?i)(?:^|[^0-9])([0-9]{5,16}:A[a-zA-Z0-9_\-]{34})(?:$|[^a-zA-Z0-9_\-])''' +secretGroup = 1 +keywords = [ + "telegram","api","bot","token","url", +] + +[[rules]] +description = "Travis CI Access Token" +id = "travisci-access-token" +regex = '''(?i)(?:travis)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{22})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "travis", +] + +[[rules]] +description = "Twilio API Key" +id = "twilio-api-key" +regex = '''SK[0-9a-fA-F]{32}''' +keywords = [ + "twilio", +] + +[[rules]] +description = "Twitch API token" +id = "twitch-api-token" +regex = '''(?i)(?:twitch)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "twitch", +] + +[[rules]] +description = "Twitter Access Secret" +id = "twitter-access-secret" +regex = '''(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{45})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "twitter", +] + +[[rules]] +description = "Twitter Access Token" +id = "twitter-access-token" +regex = '''(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9]{15,25}-[a-zA-Z0-9]{20,40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "twitter", +] + +[[rules]] +description = "Twitter API Key" +id = "twitter-api-key" +regex = '''(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{25})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "twitter", +] + +[[rules]] +description = "Twitter API Secret" +id = "twitter-api-secret" +regex = '''(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{50})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "twitter", +] + +[[rules]] +description = "Twitter Bearer Token" +id = "twitter-bearer-token" +regex = '''(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(A{22}[a-zA-Z0-9%]{80,100})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "twitter", +] + +[[rules]] +description = "Typeform API token" +id = "typeform-api-token" +regex = '''(?i)(?:typeform)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(tfp_[a-z0-9\-_\.=]{59})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "tfp_", +] + +[[rules]] +description = "Vault Batch Token" +id = "vault-batch-token" +regex = '''(?i)\b(hvb\.[a-z0-9_-]{138,212})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = [ + "hvb", +] + +[[rules]] +description = "Vault Service Token" +id = "vault-service-token" +regex = '''(?i)\b(hvs\.[a-z0-9_-]{90,100})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +keywords = [ + "hvs", +] + +[[rules]] +description = "Yandex Access Token" +id = "yandex-access-token" +regex = '''(?i)(?:yandex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(t1\.[A-Z0-9a-z_-]+[=]{0,2}\.[A-Z0-9a-z_-]{86}[=]{0,2})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "yandex", +] + +[[rules]] +description = "Yandex API Key" +id = "yandex-api-key" +regex = '''(?i)(?:yandex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(AQVN[A-Za-z0-9_\-]{35,38})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "yandex", +] + +[[rules]] +description = "Yandex AWS Access Token" +id = "yandex-aws-access-token" +regex = '''(?i)(?:yandex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(YC[a-zA-Z0-9_\-]{38})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "yandex", +] + +[[rules]] +description = "Zendesk Secret Key" +id = "zendesk-secret-key" +regex = '''(?i)(?:zendesk)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)''' +secretGroup = 1 +keywords = [ + "zendesk", +] + diff --git a/deployment/kubernetes/charts/resc-database-init/templates/database_job.yaml b/deployment/kubernetes/charts/resc-database-init/templates/database_job.yaml index e9edb6d9..1913ebe4 100644 --- a/deployment/kubernetes/charts/resc-database-init/templates/database_job.yaml +++ b/deployment/kubernetes/charts/resc-database-init/templates/database_job.yaml @@ -3,6 +3,9 @@ kind: Job metadata: name: {{ .Values.global.appName }}-db-init namespace: {{ .Values.global.namespace }} + annotations: + datree.skip/CONTAINERS_MISSING_LIVENESSPROBE_KEY: irrelevant for this short lived container, skipping. + datree.skip/CONTAINERS_MISSING_READINESSPROBE_KEY: irrelevant for this short lived container, skipping. spec: ttlSecondsAfterFinished: 600 template: diff --git a/deployment/kubernetes/charts/resc-database/templates/database_deployment.yaml b/deployment/kubernetes/charts/resc-database/templates/database_deployment.yaml index 8c58158d..ee2833c2 100644 --- a/deployment/kubernetes/charts/resc-database/templates/database_deployment.yaml +++ b/deployment/kubernetes/charts/resc-database/templates/database_deployment.yaml @@ -62,10 +62,17 @@ spec: runAsUser: 10001 seccompProfile: type: RuntimeDefault + livenessProbe: + tcpSocket: + port: {{ .Values.database.port }} + initialDelaySeconds: 20 + periodSeconds: 60 + timeoutSeconds: 10 readinessProbe: - initialDelaySeconds: 15 - periodSeconds: 300 tcpSocket: port: {{ .Values.database.port }} + initialDelaySeconds: 20 + periodSeconds: 60 + timeoutSeconds: 10 automountServiceAccountToken: false {{ end }} \ No newline at end of file diff --git a/deployment/kubernetes/charts/resc-frontend/templates/frontend_deployment.yaml b/deployment/kubernetes/charts/resc-frontend/templates/frontend_deployment.yaml index 8de8fbbe..ca8fae8e 100644 --- a/deployment/kubernetes/charts/resc-frontend/templates/frontend_deployment.yaml +++ b/deployment/kubernetes/charts/resc-frontend/templates/frontend_deployment.yaml @@ -52,6 +52,20 @@ spec: type: RuntimeDefault runAsNonRoot: true runAsUser: 101 + livenessProbe: + httpGet: + port: {{ .Values.port }} + path: /login + initialDelaySeconds: 20 + periodSeconds: 60 + timeoutSeconds: 10 + readinessProbe: + httpGet: + port: {{ .Values.port }} + path: /healthz + initialDelaySeconds: 20 + periodSeconds: 60 + timeoutSeconds: 10 {{ if .Values.global.imagePullSecret }} imagePullSecrets: - name: {{ .Values.global.imagePullSecret }} diff --git a/deployment/kubernetes/charts/resc-rabbitmq/templates/rabbitmq_job.yaml b/deployment/kubernetes/charts/resc-rabbitmq/templates/rabbitmq_job.yaml index c56b49bb..26351f97 100644 --- a/deployment/kubernetes/charts/resc-rabbitmq/templates/rabbitmq_job.yaml +++ b/deployment/kubernetes/charts/resc-rabbitmq/templates/rabbitmq_job.yaml @@ -3,6 +3,9 @@ kind: Job metadata: name: {{ .Values.global.appName }}-mq-init namespace: {{ .Values.global.namespace }} + annotations: + datree.skip/CONTAINERS_MISSING_LIVENESSPROBE_KEY: irrelevant for this short lived container, skipping. + datree.skip/CONTAINERS_MISSING_READINESSPROBE_KEY: irrelevant for this short lived container, skipping. spec: ttlSecondsAfterFinished: 600 template: diff --git a/deployment/kubernetes/charts/resc-rabbitmq/templates/rabbitmq_statefulset.yaml b/deployment/kubernetes/charts/resc-rabbitmq/templates/rabbitmq_statefulset.yaml index 5812c33c..4c3bc250 100644 --- a/deployment/kubernetes/charts/resc-rabbitmq/templates/rabbitmq_statefulset.yaml +++ b/deployment/kubernetes/charts/resc-rabbitmq/templates/rabbitmq_statefulset.yaml @@ -98,17 +98,18 @@ spec: type: RuntimeDefault runAsNonRoot: true runAsUser: 10001 - {{ if eq .Values.useKubernetesSecret "true"}} + livenessProbe: + exec: + command: [ "rabbitmq-diagnostics", "status" ] + initialDelaySeconds: 60 + periodSeconds: 60 + timeoutSeconds: 15 readinessProbe: - initialDelaySeconds: 15 - periodSeconds: 300 - httpGet: - path: /api/health/checks/alarms - port: {{ .Values.rabbitMQ.config.mgmtPort}} - httpHeaders: - - name: Authorization - value: Basic {{ printf "%s:%s" .Values.rabbitMQ.config.admin_username .Values.rabbitMQ.config.admin_password | b64enc }} - {{ end }} + exec: + command: [ "rabbitmq-diagnostics", "ping" ] + initialDelaySeconds: 20 + periodSeconds: 60 + timeoutSeconds: 10 {{ if .Values.global.imagePullSecret_proxy }} imagePullSecrets: - name: {{ .Values.global.imagePullSecret_proxy }} diff --git a/deployment/kubernetes/charts/resc-redis/templates/redis_deployement.yaml b/deployment/kubernetes/charts/resc-redis/templates/redis_deployement.yaml index 4a890bf7..4ac8a323 100644 --- a/deployment/kubernetes/charts/resc-redis/templates/redis_deployement.yaml +++ b/deployment/kubernetes/charts/resc-redis/templates/redis_deployement.yaml @@ -62,6 +62,21 @@ spec: {{- nindent 8 .}} {{- end }} {{- end }} + readinessProbe: + tcpSocket: + port: {{ .Values.redis.config.port }} + initialDelaySeconds: 20 + periodSeconds: 60 + timeoutSeconds: 10 + livenessProbe: + exec: + command: + - sh + - -c + - "{{ .Values.preStartUpCommand }} output=$(redis-cli -p $RESC_REDIS_SERVICE_PORT -a $REDIS_PASSWORD ping); if [ \"$output\" = \"PONG\" ]; then exit 0; else exit 1; fi" + initialDelaySeconds: 20 + periodSeconds: 60 + timeoutSeconds: 10 volumes: - name: data emptyDir: {} @@ -76,6 +91,4 @@ spec: {{- with include "resc.redisAdditionalVolumes" .}} {{- nindent 8 .}} {{- end }} - {{- end }} - - \ No newline at end of file + {{- end }} \ No newline at end of file diff --git a/deployment/kubernetes/charts/resc-redis/values.yaml b/deployment/kubernetes/charts/resc-redis/values.yaml index c0879867..051524fe 100644 --- a/deployment/kubernetes/charts/resc-redis/values.yaml +++ b/deployment/kubernetes/charts/resc-redis/values.yaml @@ -14,6 +14,7 @@ redis: config: port: 6379 password: + exposeToHostPort: useKubernetesSecret: "true" preStartUpCommand: "" additionalLabels: \ No newline at end of file diff --git a/deployment/kubernetes/charts/resc-rules-init/templates/rules_job.yaml b/deployment/kubernetes/charts/resc-rules-init/templates/rules_job.yaml index 61bd95b9..89780a9c 100644 --- a/deployment/kubernetes/charts/resc-rules-init/templates/rules_job.yaml +++ b/deployment/kubernetes/charts/resc-rules-init/templates/rules_job.yaml @@ -6,6 +6,8 @@ metadata: annotations: "helm.sh/hook": post-install,post-upgrade "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + datree.skip/CONTAINERS_MISSING_LIVENESSPROBE_KEY: irrelevant for this short lived container, skipping. + datree.skip/CONTAINERS_MISSING_READINESSPROBE_KEY: irrelevant for this short lived container, skipping. spec: ttlSecondsAfterFinished: 600 template: diff --git a/deployment/kubernetes/charts/resc-vcs-scanner-secrets/templates/vcs_scanner_secrets_deployment.yaml b/deployment/kubernetes/charts/resc-vcs-scanner-secrets/templates/vcs_scanner_secrets_deployment.yaml index bcb6f844..a4495163 100644 --- a/deployment/kubernetes/charts/resc-vcs-scanner-secrets/templates/vcs_scanner_secrets_deployment.yaml +++ b/deployment/kubernetes/charts/resc-vcs-scanner-secrets/templates/vcs_scanner_secrets_deployment.yaml @@ -77,6 +77,24 @@ spec: type: RuntimeDefault runAsNonRoot: true runAsUser: 10001 + readinessProbe: + exec: + command: + - sh + - -c + - "{{ .Values.preStartUpCommand }} celery -A vcs_scanner.secret_scanners.celery_worker inspect ping -d celery@$HOSTNAME | grep -q 'pong' && exit 0 || exit 1" + initialDelaySeconds: 30 + periodSeconds: 60 + timeoutSeconds: 120 + livenessProbe: + exec: + command: + - sh + - -c + - "{{ .Values.preStartUpCommand }} celery -A vcs_scanner.secret_scanners.celery_worker inspect ping -d celery@$HOSTNAME | grep -q 'pong' && exit 0 || exit 1" + initialDelaySeconds: 60 + periodSeconds: 60 + timeoutSeconds: 120 volumes: - name: config-volume configMap: diff --git a/deployment/kubernetes/charts/resc-vcs-scraper-projects/templates/vcs_scraper_projects_cron_job.yaml b/deployment/kubernetes/charts/resc-vcs-scraper-projects/templates/vcs_scraper_projects_cron_job.yaml index 296558ff..cd1c6c45 100644 --- a/deployment/kubernetes/charts/resc-vcs-scraper-projects/templates/vcs_scraper_projects_cron_job.yaml +++ b/deployment/kubernetes/charts/resc-vcs-scraper-projects/templates/vcs_scraper_projects_cron_job.yaml @@ -3,6 +3,9 @@ kind: CronJob metadata: name: {{ .Values.global.appName }}-vcs-scraper-projects namespace: {{ .Values.global.namespace }} + annotations: + datree.skip/CONTAINERS_MISSING_LIVENESSPROBE_KEY: irrelevant for this short lived container, skipping. + datree.skip/CONTAINERS_MISSING_READINESSPROBE_KEY: irrelevant for this short lived container, skipping. spec: suspend: {{ .Values.suspend }} schedule: "{{ .Values.config.schedule }}" diff --git a/deployment/kubernetes/charts/resc-vcs-scraper-repositories/templates/vcs_scraper_repositories_deployment.yaml b/deployment/kubernetes/charts/resc-vcs-scraper-repositories/templates/vcs_scraper_repositories_deployment.yaml index 5f033182..2bdaaaec 100644 --- a/deployment/kubernetes/charts/resc-vcs-scraper-repositories/templates/vcs_scraper_repositories_deployment.yaml +++ b/deployment/kubernetes/charts/resc-vcs-scraper-repositories/templates/vcs_scraper_repositories_deployment.yaml @@ -83,6 +83,24 @@ spec: type: RuntimeDefault runAsNonRoot: true runAsUser: 10001 + readinessProbe: + exec: + command: + - sh + - -c + - "{{ .Values.preStartUpCommand }} celery -A vcs_scraper.repository_collector.common inspect ping -d celery@$HOSTNAME | grep -q 'pong' && exit 0 || exit 1" + initialDelaySeconds: 60 + periodSeconds: 60 + timeoutSeconds: 120 + livenessProbe: + exec: + command: + - sh + - -c + - "{{ .Values.preStartUpCommand }} celery -A vcs_scraper.repository_collector.common inspect ping -d celery@$HOSTNAME | grep -q 'pong' && exit 0 || exit 1" + initialDelaySeconds: 60 + periodSeconds: 60 + timeoutSeconds: 120 volumes: - name: config-volume configMap: diff --git a/deployment/kubernetes/resc_helm_template.yaml b/deployment/kubernetes/resc_helm_template.yaml new file mode 100644 index 00000000..fcc35848 --- /dev/null +++ b/deployment/kubernetes/resc_helm_template.yaml @@ -0,0 +1,1611 @@ +--- +# Source: resc/charts/resc-database-init/templates/database_secret.yaml +apiVersion: v1 +kind: Secret +metadata: + name: resc-database-init-secret + namespace: resc + labels: + app: resc +data: + + DB_CONNECTION_STRING: "bXNzcWwrcHlvZGJjOi8ve01TU1FMX1VTRVJOQU1FfTp7TVNTUUxfUEFTU1dPUkR9QHtNU1NRTF9EQl9IT1NUfTp7TVNTUUxfREJfUE9SVH0ve01TU1FMX1NDSEVNQX0/ZHJpdmVyPXtNU1NRTF9PREJDX0RSSVZFUn0mRW5jcnlwdD15ZXMmVHJ1c3RTZXJ2ZXJDZXJ0aWZpY2F0ZT15ZXM=" + + + MSSQL_PASSWORD: "SDNsbDBXMHJsZEAyMDIz" +--- +# Source: resc/charts/resc-database/templates/database_secret.yaml +apiVersion: v1 +kind: Secret +metadata: + name: resc-database-secret + namespace: resc + labels: + app: resc +data: + + + SA_PASSWORD: "SDNsbDBXMHJsZEAyMDIz" +--- +# Source: resc/charts/resc-rabbitmq/templates/rabbitmq_admin_secret.yaml +apiVersion: v1 +kind: Secret +metadata: + name: resc-rabbitmq-admin-secret + namespace: resc + labels: + app: resc +data: + + RABBITMQ_DEFAULT_USER: "YWRtaW4=" + + + RABBITMQ_DEFAULT_PASS: "WTB1clN0cjBuZ1Bhc3N3b3Jk" +--- +# Source: resc/charts/resc-rabbitmq/templates/rabbitmq_user_secret.yaml +apiVersion: v1 +kind: Secret +metadata: + name: resc-rabbitmq-user-secret + namespace: resc + labels: + app: resc +data: + + RABBITMQ_QUEUES_USERNAME: "cXVldWVfdXNlcg==" + + + RABBITMQ_QUEUES_PASSWORD: "WTB1clN0cjBuZ1Bhc3N3b3Jk" + + + RABBITMQ_USERNAME: "cXVldWVfdXNlcg==" + + + RABBITMQ_PASSWORD: "WTB1clN0cjBuZ1Bhc3N3b3Jk" +--- +# Source: resc/charts/resc-redis/templates/redis_secret.yaml +apiVersion: v1 +kind: Secret +metadata: + name: resc-redis-secret + namespace: resc + labels: + app: resc +type: Opaque +data: + + REDIS_PASSWORD: aGVsbG93b3JsZA== +--- +# Source: resc/charts/resc-vcs-instances/templates/vcs_instances_secret.yaml +apiVersion: v1 +kind: Secret +metadata: + name: resc-vcs-instances-secret + namespace: resc + labels: + app: resc +data: + + AZURE_DEVOPS_USERNAME: "TkE=" + + + AZURE_DEVOPS_TOKEN: "aDJzbjVsYjRqdHFqa3ZteG82YW1jbG13cnJqeXRjMzU3cW1ycmtseW90czV4M3dneHR0YQ==" +--- +# Source: resc/charts/resc-web-service/templates/web_service_secret.yaml +apiVersion: v1 +kind: Secret +metadata: + name: resc-web-service-secret + namespace: resc + labels: + app: resc +data: + + DB_CONNECTION_STRING: "bXNzcWwrcHlvZGJjOi8ve01TU1FMX1VTRVJOQU1FfTp7TVNTUUxfUEFTU1dPUkR9QHtNU1NRTF9EQl9IT1NUfTp7TVNTUUxfREJfUE9SVH0ve01TU1FMX1NDSEVNQX0/ZHJpdmVyPXtNU1NRTF9PREJDX0RSSVZFUn0mRW5jcnlwdD15ZXMmVHJ1c3RTZXJ2ZXJDZXJ0aWZpY2F0ZT15ZXM=" + + + MSSQL_PASSWORD: "SDNsbDBXMHJsZEAyMDIz" + + + REDIS_PASSWORD: "aGVsbG93b3JsZA==" +--- +# Source: resc/charts/resc-database-init/templates/database_configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: resc-database-init-config + namespace: resc + labels: + app: resc +data: + + MSSQL_SCHEMA: master + + + MSSQL_DB_PORT: "1433" + + + MSSQL_USERNAME: sa + + + MSSQL_ODBC_DRIVER: ODBC Driver 18 for SQL Server + + + + MSSQL_DSN: rescdb + + odbc.ini: | + [rescdb] + Driver = ODBC Driver 18 for SQL Server + Server = tcp:,1433 + Authentication = ActiveDirectoryMsi +--- +# Source: resc/charts/resc-database/templates/database_configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: resc-database-config + namespace: resc + labels: + app: resc +data: + ACCEPT_EULA: "Y" +--- +# Source: resc/charts/resc-frontend/templates/frontend_configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: resc-frontend-config + namespace: resc + labels: + app: resc +data: + + VUE_APP_AUTHENTICATION_REQUIRED: "false" + + + VUE_APP_RESC_WEB_SERVICE_URL: http://localhost:30800/resc + + + VUE_APP_SSO_REDIRECT_URI: http://localhost:30000/callback + + + VUE_APP_SSO_ID_TOKEN_ISSUER_URL: https://security-ifs-test.connect.abnamro.com:9031 + + + VUE_APP_SSO_AUTHORIZATION_URL: https://security-ifs-test.connect.abnamro.com:9031/as/authorization.oauth2 + + + VUE_APP_SSO_TOKEN_ENDPOINT_URL: https://security-ifs-test.connect.abnamro.com:9031/as/token.oauth2 + + + VUE_APP_SSO_ID_TOKEN_JWKS_URL: https://security-ifs-test.connect.abnamro.com:9031/pf/JWKS + + + VUE_APP_SSO_ACCESS_TOKEN_JWKS_URL: https://security-ifs-test.connect.abnamro.com:9031/ext/employeeoidc/jwks + + + + + VUE_APP_SSO_LOGIN_PAGE_MESSAGE: Please use the Login button +--- +# Source: resc/charts/resc-rabbitmq/templates/rabbitmq_configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: resc-rabbitmq-config + namespace: resc + labels: + app: resc +data: + + RABBITMQ_DEFAULT_VHOST: "resc-rabbitmq" + + rabbitmq.conf: | + consumer_timeout = 7200000 +--- +# Source: resc/charts/resc-redis/templates/redis_configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: resc-redis-config + namespace: resc + labels: + app: resc +data: + redis-config: | + maxmemory 6gb + maxmemory-policy allkeys-lru + protected-mode yes +--- +# Source: resc/charts/resc-rules-init/templates/rules_configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: resc-rules-config + namespace: resc + labels: + app: resc +data: + + RULE_PACK_VERSION: 1.0.3 + + + RESC-SECRETS-RULE.toml: + IyBUaGlzIGZpbGUgaGFzIGJlZW4gYXV0by1nZW5lcmF0ZWQuIERvIG5vdCBlZGl0IG1hbnVhbGx5LgojIElmIHlvdSB3b3VsZCBsaWtlIHRvIGNvbnRyaWJ1dGUgbmV3IHJ1bGVzLCBwbGVhc2UgdXNlIAojIGNtZC9nZW5lcmF0ZS9jb25maWcvbWFpbi5nbyBhbmQgZm9sbG93IHRoZSBjb250cmlidXRpbmcgZ3VpZGVsaW5lcwojIGF0IGh0dHBzOi8vZ2l0aHViLmNvbS96cmljZXRoZXphdi9naXRsZWFrcy9ibG9iL21hc3Rlci9DT05UUklCVVRJTkcubWQKCiMgVGhpcyBpcyB0aGUgZGVmYXVsdCBnaXRsZWFrcyBjb25maWd1cmF0aW9uIGZpbGUuCiMgUnVsZXMgYW5kIGFsbG93bGlzdHMgYXJlIGRlZmluZWQgd2l0aGluIHRoaXMgZmlsZS4KIyBSdWxlcyBpbnN0cnVjdCBnaXRsZWFrcyBvbiB3aGF0IHNob3VsZCBiZSBjb25zaWRlcmVkIGEgc2VjcmV0LgojIEFsbG93bGlzdHMgaW5zdHJ1Y3QgZ2l0bGVha3Mgb24gd2hhdCBpcyBhbGxvd2VkLCBpLmUuIG5vdCBhIHNlY3JldC4KCnRpdGxlID0gImdpdGxlYWtzIGNvbmZpZyIKClthbGxvd2xpc3RdCmRlc2NyaXB0aW9uID0gImdsb2JhbCBhbGxvdyBsaXN0cyIKcGF0aHMgPSBbCiAgICAnJydnaXRsZWFrcy50b21sJycnLAogICAgJycnKC4qPykoanBnfGdpZnxkb2N8ZG9jeHx6aXB8eGxzfHBkZnxiaW58c3ZnfHNvY2tldCkkJycnLAogICAgJycnKGdvLm1vZHxnby5zdW0pJCcnJywKICAgICcnJ25vZGVfbW9kdWxlcycnJywKICAgICcnJ3ZlbmRvcicnJywKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkFkYWZydWl0IEFQSSBLZXkiCmlkID0gImFkYWZydWl0LWFwaS1rZXkiCnJlZ2V4ID0gJycnKD9pKSg/OmFkYWZydWl0KSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oW2EtejAtOV8tXXszMn0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAiYWRhZnJ1aXQiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiQWRvYmUgQ2xpZW50IElEIChPQXV0aCBXZWIpIgppZCA9ICJhZG9iZS1jbGllbnQtaWQiCnJlZ2V4ID0gJycnKD9pKSg/OmFkb2JlKSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oW2EtZjAtOV17MzJ9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgImFkb2JlIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkFkb2JlIENsaWVudCBTZWNyZXQiCmlkID0gImFkb2JlLWNsaWVudC1zZWNyZXQiCnJlZ2V4ID0gJycnKD9pKVxiKChwOGUtKSg/aSlbYS16MC05XXszMn0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwprZXl3b3JkcyA9IFsKICAgICJwOGUtIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkFnZSBzZWNyZXQga2V5IgppZCA9ICJhZ2Ugc2VjcmV0IGtleSIKcmVnZXggPSAnJydBR0UtU0VDUkVULUtFWS0xW1FQWlJZOVg4R0YyVFZEVzBTM0pONTRLSENFNk1VQTdMXXs1OH0nJycKa2V5d29yZHMgPSBbCiAgICAiYWdlLXNlY3JldC1rZXktMSIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJBaXJ0YWJsZSBBUEkgS2V5IgppZCA9ICJhaXJ0YWJsZS1hcGkta2V5IgpyZWdleCA9ICcnJyg/aSkoPzphaXJ0YWJsZSkoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KFthLXowLTldezE3fSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJhaXJ0YWJsZSIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJBbGdvbGlhIEFQSSBLZXkiCmlkID0gImFsZ29saWEtYXBpLWtleSIKcmVnZXggPSAnJycoP2kpKD86YWxnb2xpYSkoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KFthLXowLTldezMyfSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCmtleXdvcmRzID0gWwogICAgImFsZ29saWEiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiQWxpYmFiYSBBY2Nlc3NLZXkgSUQiCmlkID0gImFsaWJhYmEtYWNjZXNzLWtleS1pZCIKcmVnZXggPSAnJycoP2kpXGIoKExUQUkpKD9pKVthLXowLTldezIwfSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCmtleXdvcmRzID0gWwogICAgImx0YWkiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiQWxpYmFiYSBTZWNyZXQgS2V5IgppZCA9ICJhbGliYWJhLXNlY3JldC1rZXkiCnJlZ2V4ID0gJycnKD9pKSg/OmFsaWJhYmEpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS16MC05XXszMH0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAiYWxpYmFiYSIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJBc2FuYSBDbGllbnQgSUQiCmlkID0gImFzYW5hLWNsaWVudC1pZCIKcmVnZXggPSAnJycoP2kpKD86YXNhbmEpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbMC05XXsxNn0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAiYXNhbmEiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiQXNhbmEgQ2xpZW50IFNlY3JldCIKaWQgPSAiYXNhbmEtY2xpZW50LXNlY3JldCIKcmVnZXggPSAnJycoP2kpKD86YXNhbmEpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS16MC05XXszMn0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAiYXNhbmEiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiQXRsYXNzaWFuIEFQSSB0b2tlbiIKaWQgPSAiYXRsYXNzaWFuLWFwaS10b2tlbiIKcmVnZXggPSAnJycoP2kpKD86YXRsYXNzaWFufGNvbmZsdWVuY2V8amlyYSkoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KFthLXowLTldezI0fSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJhdGxhc3NpYW4iLCJjb25mbHVlbmNlIiwiamlyYSIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJBV1MiCmlkID0gImF3cy1hY2Nlc3MtdG9rZW4iCnJlZ2V4ID0gJycnKEEzVFtBLVowLTldfEFLSUF8QUdQQXxBSURBfEFST0F8QUlQQXxBTlBBfEFOVkF8QVNJQSlbQS1aMC05XXsxNn0nJycKa2V5d29yZHMgPSBbCiAgICAiYWtpYSIsImFncGEiLCJhaWRhIiwiYXJvYSIsImFpcGEiLCJhbnBhIiwiYW52YSIsImFzaWEiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiQmVhbWVyIEFQSSB0b2tlbiIKaWQgPSAiYmVhbWVyLWFwaS10b2tlbiIKcmVnZXggPSAnJycoP2kpKD86YmVhbWVyKSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oYl9bYS16MC05PV9cLV17NDR9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgImJlYW1lciIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJCaXRidWNrZXQgQ2xpZW50IElEIgppZCA9ICJiaXRidWNrZXQtY2xpZW50LWlkIgpyZWdleCA9ICcnJyg/aSkoPzpiaXRidWNrZXQpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS16MC05XXszMn0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAiYml0YnVja2V0IiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkJpdGJ1Y2tldCBDbGllbnQgU2VjcmV0IgppZCA9ICJiaXRidWNrZXQtY2xpZW50LXNlY3JldCIKcmVnZXggPSAnJycoP2kpKD86Yml0YnVja2V0KSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oW2EtejAtOT1fXC1dezY0fSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJiaXRidWNrZXQiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiQml0dHJleCBBY2Nlc3MgS2V5IgppZCA9ICJiaXR0cmV4LWFjY2Vzcy1rZXkiCnJlZ2V4ID0gJycnKD9pKSg/OmJpdHRyZXgpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS16MC05XXszMn0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAiYml0dHJleCIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJCaXR0cmV4IFNlY3JldCBLZXkiCmlkID0gImJpdHRyZXgtc2VjcmV0LWtleSIKcmVnZXggPSAnJycoP2kpKD86Yml0dHJleCkoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KFthLXowLTldezMyfSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJiaXR0cmV4IiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkNsb2phcnMgQVBJIHRva2VuIgppZCA9ICJjbG9qYXJzLWFwaS10b2tlbiIKcmVnZXggPSAnJycoP2kpKENMT0pBUlNfKVthLXowLTldezYwfScnJwprZXl3b3JkcyA9IFsKICAgICJjbG9qYXJzIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkNvZGVjb3YgQWNjZXNzIFRva2VuIgppZCA9ICJjb2RlY292LWFjY2Vzcy10b2tlbiIKcmVnZXggPSAnJycoP2kpKD86Y29kZWNvdikoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KFthLXowLTldezMyfSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJjb2RlY292IiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkNvaW5iYXNlIEFjY2VzcyBUb2tlbiIKaWQgPSAiY29pbmJhc2UtYWNjZXNzLXRva2VuIgpyZWdleCA9ICcnJyg/aSkoPzpjb2luYmFzZSkoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KFthLXowLTlfLV17NjR9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgImNvaW5iYXNlIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkNvbmZsdWVudCBBY2Nlc3MgVG9rZW4iCmlkID0gImNvbmZsdWVudC1hY2Nlc3MtdG9rZW4iCnJlZ2V4ID0gJycnKD9pKSg/OmNvbmZsdWVudCkoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KFthLXowLTldezE2fSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJjb25mbHVlbnQiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiQ29uZmx1ZW50IFNlY3JldCBLZXkiCmlkID0gImNvbmZsdWVudC1zZWNyZXQta2V5IgpyZWdleCA9ICcnJyg/aSkoPzpjb25mbHVlbnQpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS16MC05XXs2NH0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAiY29uZmx1ZW50IiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkNvbnRlbnRmdWwgZGVsaXZlcnkgQVBJIHRva2VuIgppZCA9ICJjb250ZW50ZnVsLWRlbGl2ZXJ5LWFwaS10b2tlbiIKcmVnZXggPSAnJycoP2kpKD86Y29udGVudGZ1bCkoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KFthLXowLTk9X1wtXXs0M30pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAiY29udGVudGZ1bCIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJEYXRhYnJpY2tzIEFQSSB0b2tlbiIKaWQgPSAiZGF0YWJyaWNrcy1hcGktdG9rZW4iCnJlZ2V4ID0gJycnKD9pKVxiKGRhcGlbYS1oMC05XXszMn0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwprZXl3b3JkcyA9IFsKICAgICJkYXBpIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkRhdGFkb2cgQWNjZXNzIFRva2VuIgppZCA9ICJkYXRhZG9nLWFjY2Vzcy10b2tlbiIKcmVnZXggPSAnJycoP2kpKD86ZGF0YWRvZykoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KFthLXowLTldezQwfSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJkYXRhZG9nIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkRpZ2l0YWxPY2VhbiBPQXV0aCBBY2Nlc3MgVG9rZW4iCmlkID0gImRpZ2l0YWxvY2Vhbi1hY2Nlc3MtdG9rZW4iCnJlZ2V4ID0gJycnKD9pKVxiKGRvb192MV9bYS1mMC05XXs2NH0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAiZG9vX3YxXyIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJEaWdpdGFsT2NlYW4gUGVyc29uYWwgQWNjZXNzIFRva2VuIgppZCA9ICJkaWdpdGFsb2NlYW4tcGF0IgpyZWdleCA9ICcnJyg/aSlcYihkb3BfdjFfW2EtZjAtOV17NjR9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgImRvcF92MV8iLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiRGlnaXRhbE9jZWFuIE9BdXRoIFJlZnJlc2ggVG9rZW4iCmlkID0gImRpZ2l0YWxvY2Vhbi1yZWZyZXNoLXRva2VuIgpyZWdleCA9ICcnJyg/aSlcYihkb3JfdjFfW2EtZjAtOV17NjR9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgImRvcl92MV8iLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiRGlzY29yZCBBUEkga2V5IgppZCA9ICJkaXNjb3JkLWFwaS10b2tlbiIKcmVnZXggPSAnJycoP2kpKD86ZGlzY29yZCkoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KFthLWYwLTldezY0fSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJkaXNjb3JkIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkRpc2NvcmQgY2xpZW50IElEIgppZCA9ICJkaXNjb3JkLWNsaWVudC1pZCIKcmVnZXggPSAnJycoP2kpKD86ZGlzY29yZCkoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KFswLTldezE4fSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJkaXNjb3JkIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkRpc2NvcmQgY2xpZW50IHNlY3JldCIKaWQgPSAiZGlzY29yZC1jbGllbnQtc2VjcmV0IgpyZWdleCA9ICcnJyg/aSkoPzpkaXNjb3JkKSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oW2EtejAtOT1fXC1dezMyfSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJkaXNjb3JkIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkRvcHBsZXIgQVBJIHRva2VuIgppZCA9ICJkb3BwbGVyLWFwaS10b2tlbiIKcmVnZXggPSAnJycoZHBcLnB0XC4pKD9pKVthLXowLTldezQzfScnJwprZXl3b3JkcyA9IFsKICAgICJkb3BwbGVyIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkRyb25lY2kgQWNjZXNzIFRva2VuIgppZCA9ICJkcm9uZWNpLWFjY2Vzcy10b2tlbiIKcmVnZXggPSAnJycoP2kpKD86ZHJvbmVjaSkoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KFthLXowLTldezMyfSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJkcm9uZWNpIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkRyb3Bib3ggQVBJIHNlY3JldCIKaWQgPSAiZHJvcGJveC1hcGktdG9rZW4iCnJlZ2V4ID0gJycnKD9pKSg/OmRyb3Bib3gpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS16MC05XXsxNX0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAiZHJvcGJveCIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJEcm9wYm94IGxvbmcgbGl2ZWQgQVBJIHRva2VuIgppZCA9ICJkcm9wYm94LWxvbmctbGl2ZWQtYXBpLXRva2VuIgpyZWdleCA9ICcnJyg/aSkoPzpkcm9wYm94KSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oW2EtejAtOV17MTF9KEFBQUFBQUFBQUEpW2EtejAtOVwtXz1dezQzfSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCmtleXdvcmRzID0gWwogICAgImRyb3Bib3giLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiRHJvcGJveCBzaG9ydCBsaXZlZCBBUEkgdG9rZW4iCmlkID0gImRyb3Bib3gtc2hvcnQtbGl2ZWQtYXBpLXRva2VuIgpyZWdleCA9ICcnJyg/aSkoPzpkcm9wYm94KSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oc2xcLlthLXowLTlcLT1fXXsxMzV9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKa2V5d29yZHMgPSBbCiAgICAiZHJvcGJveCIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJEdWZmZWwgQVBJIHRva2VuIgppZCA9ICJkdWZmZWwtYXBpLXRva2VuIgpyZWdleCA9ICcnJ2R1ZmZlbF8odGVzdHxsaXZlKV8oP2kpW2EtejAtOV9cLT1dezQzfScnJwprZXl3b3JkcyA9IFsKICAgICJkdWZmZWwiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiRHluYXRyYWNlIEFQSSB0b2tlbiIKaWQgPSAiZHluYXRyYWNlLWFwaS10b2tlbiIKcmVnZXggPSAnJydkdDBjMDFcLig/aSlbYS16MC05XXsyNH1cLlthLXowLTldezY0fScnJwprZXl3b3JkcyA9IFsKICAgICJkeW5hdHJhY2UiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiRWFzeVBvc3QgQVBJIHRva2VuIgppZCA9ICJlYXN5cG9zdC1hcGktdG9rZW4iCnJlZ2V4ID0gJycnRVpBSyg/aSlbYS16MC05XXs1NH0nJycKa2V5d29yZHMgPSBbCiAgICAiZXphayIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJFYXN5UG9zdCB0ZXN0IEFQSSB0b2tlbiIKaWQgPSAiZWFzeXBvc3QtdGVzdC1hcGktdG9rZW4iCnJlZ2V4ID0gJycnRVpUSyg/aSlbYS16MC05XXs1NH0nJycKa2V5d29yZHMgPSBbCiAgICAiZXp0ayIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJFdHN5IEFjY2VzcyBUb2tlbiIKaWQgPSAiZXRzeS1hY2Nlc3MtdG9rZW4iCnJlZ2V4ID0gJycnKD9pKSg/OmV0c3kpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS16MC05XXsyNH0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAiZXRzeSIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJGYWNlYm9vayIKaWQgPSAiZmFjZWJvb2siCnJlZ2V4ID0gJycnKD9pKSg/OmZhY2Vib29rKSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oW2EtZjAtOV17MzJ9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgImZhY2Vib29rIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkZhc3RseSBBUEkga2V5IgppZCA9ICJmYXN0bHktYXBpLXRva2VuIgpyZWdleCA9ICcnJyg/aSkoPzpmYXN0bHkpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS16MC05PV9cLV17MzJ9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgImZhc3RseSIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJGaW5pY2l0eSBBUEkgdG9rZW4iCmlkID0gImZpbmljaXR5LWFwaS10b2tlbiIKcmVnZXggPSAnJycoP2kpKD86ZmluaWNpdHkpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS1mMC05XXszMn0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAiZmluaWNpdHkiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiRmluaWNpdHkgQ2xpZW50IFNlY3JldCIKaWQgPSAiZmluaWNpdHktY2xpZW50LXNlY3JldCIKcmVnZXggPSAnJycoP2kpKD86ZmluaWNpdHkpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS16MC05XXsyMH0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAiZmluaWNpdHkiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiRmlubmh1YiBBY2Nlc3MgVG9rZW4iCmlkID0gImZpbm5odWItYWNjZXNzLXRva2VuIgpyZWdleCA9ICcnJyg/aSkoPzpmaW5uaHViKSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oW2EtejAtOV17MjB9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgImZpbm5odWIiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiRmxpY2tyIEFjY2VzcyBUb2tlbiIKaWQgPSAiZmxpY2tyLWFjY2Vzcy10b2tlbiIKcmVnZXggPSAnJycoP2kpKD86ZmxpY2tyKSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oW2EtejAtOV17MzJ9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgImZsaWNrciIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJGbHV0dGVyd2F2ZSBFbmNyeXB0aW9uIEtleSIKaWQgPSAiZmx1dHRlcndhdmUtZW5jcnlwdGlvbi1rZXkiCnJlZ2V4ID0gJycnRkxXU0VDS19URVNULSg/aSlbYS1oMC05XXsxMn0nJycKa2V5d29yZHMgPSBbCiAgICAiZmx3c2Vja190ZXN0IiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkZpbmljaXR5IFB1YmxpYyBLZXkiCmlkID0gImZsdXR0ZXJ3YXZlLXB1YmxpYy1rZXkiCnJlZ2V4ID0gJycnRkxXUFVCS19URVNULSg/aSlbYS1oMC05XXszMn0tWCcnJwprZXl3b3JkcyA9IFsKICAgICJmbHdwdWJrX3Rlc3QiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiRmx1dHRlcndhdmUgU2VjcmV0IEtleSIKaWQgPSAiZmx1dHRlcndhdmUtc2VjcmV0LWtleSIKcmVnZXggPSAnJydGTFdTRUNLX1RFU1QtKD9pKVthLWgwLTldezMyfS1YJycnCmtleXdvcmRzID0gWwogICAgImZsd3NlY2tfdGVzdCIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJGcmFtZS5pbyBBUEkgdG9rZW4iCmlkID0gImZyYW1laW8tYXBpLXRva2VuIgpyZWdleCA9ICcnJ2Zpby11LSg/aSlbYS16MC05XC1fPV17NjR9JycnCmtleXdvcmRzID0gWwogICAgImZpby11LSIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJGcmVzaGJvb2tzIEFjY2VzcyBUb2tlbiIKaWQgPSAiZnJlc2hib29rcy1hY2Nlc3MtdG9rZW4iCnJlZ2V4ID0gJycnKD9pKSg/OmZyZXNoYm9va3MpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS16MC05XXs2NH0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAiZnJlc2hib29rcyIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJHQ1AgQVBJIGtleSIKaWQgPSAiZ2NwLWFwaS1rZXkiCnJlZ2V4ID0gJycnKD9pKVxiKEFJemFbMC05QS1aYS16XFwtX117MzV9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgImFpemEiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiR2VuZXJpYyBBUEkgS2V5IgppZCA9ICJnZW5lcmljLWFwaS1rZXkiCnJlZ2V4ID0gJycnKD9pKSg/OmtleXxhcGl8dG9rZW58c2VjcmV0fGNsaWVudHxwYXNzd2R8cGFzc3dvcmR8YXV0aHxhY2Nlc3MpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbMC05YS16XC1fLj1dezEwLDE1MH0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKZW50cm9weSA9IDMuNQprZXl3b3JkcyA9IFsKICAgICJrZXkiLCJhcGkiLCJ0b2tlbiIsInNlY3JldCIsImNsaWVudCIsInBhc3N3ZCIsInBhc3N3b3JkIiwiYXV0aCIsImFjY2VzcyIsCl0KW3J1bGVzLmFsbG93bGlzdF0KcGF0aHMgPSBbCiAgJycnRGF0YWJhc2UucmVmYWN0b3Jsb2cnJycKXQpzdG9wd29yZHM9IFsKICAgICJjbGllbnQiLAogICAgImVuZHBvaW50IiwKICAgICJ2cG4iLAogICAgIl9lYzJfIiwKICAgICJhd3NfIiwKICAgICJhdXRob3JpemUiLAogICAgImF1dGhvciIsCiAgICAiZGVmaW5lIiwKICAgICJjb25maWciLAogICAgImNyZWRlbnRpYWwiLAogICAgInNldHRpbmciLAogICAgInNhbXBsZSIsCiAgICAieHh4eHh4IiwKICAgICIwMDAwMDAiLAogICAgImJ1ZmZlciIsCiAgICAiZGVsZXRlIiwKICAgICJhYWFhYWEiLAogICAgImZld2Z3ZWYiLAogICAgImdldGVudiIsCiAgICAiZW52XyIsCiAgICAic3lzdGVtIiwKICAgICJleGFtcGxlIiwKICAgICJlY2RzYSIsCiAgICAic2hhMjU2IiwKICAgICJzaGExIiwKICAgICJzaGEyIiwKICAgICJtZDUiLAogICAgImFsZXJ0IiwKICAgICJ3aXphcmQiLAogICAgInRhcmdldCIsCiAgICAib25ib2FyZCIsCiAgICAid2VsY29tZSIsCiAgICAicGFnZSIsCiAgICAiZXhwbG9pdCIsCiAgICAiZXhwZXJpbWVudCIsCiAgICAiZXhwaXJlIiwKICAgICJyYWJiaXRtcSIsCiAgICAic2NyYXBlciIsCiAgICAid2lkZ2V0IiwKICAgICJtdXNpYyIsCiAgICAiZG5zXyIsCiAgICAiZG5zLSIsCiAgICAieWFob28iLAogICAgIndhbnQiLAogICAgImpzb24iLAogICAgImFjdGlvbiIsCiAgICAic2NyaXB0IiwKICAgICJmaXhfIiwKICAgICJmaXgtIiwKICAgICJkZXZlbG9wIiwKICAgICJjb21wYXMiLAogICAgInN0cmlwZSIsCiAgICAic2VydmljZSIsCiAgICAibWFzdGVyIiwKICAgICJtZXRyaWMiLAogICAgInRlY2giLAogICAgImdpdGlnbm9yZSIsCiAgICAicmljaCIsCiAgICAib3BlbiIsCiAgICAic3RhY2siLAogICAgImlyY18iLAogICAgImlyYy0iLAogICAgInN1YmxpbWUiLAogICAgImtvaGFuYSIsCiAgICAiaGFzXyIsCiAgICAiaGFzLSIsCiAgICAiZmFicmljIiwKICAgICJ3b3JkcHJlcyIsCiAgICAicm9sZSIsCiAgICAib3N4XyIsCiAgICAib3N4LSIsCiAgICAiYm9vc3QiLAogICAgImFkZHJlcyIsCiAgICAicXVldWUiLAogICAgIndvcmtpbmciLAogICAgInNhbmRib3giLAogICAgImludGVybmV0IiwKICAgICJwcmludCIsCiAgICAidmlzaW9uIiwKICAgICJ0cmFja2luZyIsCiAgICAiYmVpbmciLAogICAgImdlbmVyYXRvciIsCiAgICAidHJhZmZpYyIsCiAgICAid29ybGQiLAogICAgInB1bGwiLAogICAgInJ1c3QiLAogICAgIndhdGNoZXIiLAogICAgInNtYWxsIiwKICAgICJhdXRoIiwKICAgICJmdWxsIiwKICAgICJoYXNoIiwKICAgICJtb3JlIiwKICAgICJpbnN0YWxsIiwKICAgICJhdXRvIiwKICAgICJjb21wbGV0ZSIsCiAgICAibGVhcm4iLAogICAgInBhcGVyIiwKICAgICJpbnN0YWxsZXIiLAogICAgInJlc2VhcmNoIiwKICAgICJhY2NlcyIsCiAgICAibGFzdCIsCiAgICAiYmluZGluZyIsCiAgICAic3BpbmUiLAogICAgImludG8iLAogICAgImNoYXQiLAogICAgImFsZ29yaXRobSIsCiAgICAicmVzb3VyY2UiLAogICAgInVwbG9hZGVyIiwKICAgICJ2aWRlbyIsCiAgICAibWFrZXIiLAogICAgIm5leHQiLAogICAgInByb2MiLAogICAgImxvY2siLAogICAgInJvYm90IiwKICAgICJzbmFrZSIsCiAgICAicGF0Y2giLAogICAgIm1hdHJpeCIsCiAgICAiZHJpbGwiLAogICAgInRlcm1pbmFsIiwKICAgICJ0ZXJtIiwKICAgICJzdHVmZiIsCiAgICAiZ2VuZXRpYyIsCiAgICAiZ2VuZXJpYyIsCiAgICAiaWRlbnRpdHkiLAogICAgImF1ZGl0IiwKICAgICJwYXR0ZXJuIiwKICAgICJhdWRpbyIsCiAgICAid2ViXyIsCiAgICAid2ViLSIsCiAgICAiY3J1ZCIsCiAgICAicHJvYmxlbSIsCiAgICAic3RhdHUiLAogICAgImNtcy0iLAogICAgImNtc18iLAogICAgImFyY2giLAogICAgImNvZmZlZSIsCiAgICAid29ya2Zsb3ciLAogICAgImNoYW5nZWxvZyIsCiAgICAiYW5vdGhlciIsCiAgICAidWl2aWV3IiwKICAgICJjb250ZW50IiwKICAgICJraXRjaGVuIiwKICAgICJnbnVfIiwKICAgICJnbnUtIiwKICAgICJnbnUuIiwKICAgICJjb25mIiwKICAgICJjb3VjaGRiIiwKICAgICJjbGllbnQiLAogICAgIm9wZW5jdiIsCiAgICAicmVuZGVyaW5nIiwKICAgICJ1cGRhdGUiLAogICAgImNvbmNlcHQiLAogICAgInZhcm5pc2giLAogICAgImd1aV8iLAogICAgImd1aS0iLAogICAgImd1aS4iLAogICAgInZlcnNpb24iLAogICAgInNoYXJlZCIsCiAgICAiZXh0cmEiLAogICAgInByb2R1Y3QiLAogICAgInN0aWxsIiwKICAgICJub3RfIiwKICAgICJub3QtIiwKICAgICJub3QuIiwKICAgICJkcm9wIiwKICAgICJyaW5nIiwKICAgICJwbmdfIiwKICAgICJwbmctIiwKICAgICJwbmcuIiwKICAgICJhY3RpdmVseSIsCiAgICAiaW1wb3J0IiwKICAgICJvdXRwdXQiLAogICAgImJhY2t1cCIsCiAgICAic3RhcnQiLAogICAgImVtYmVkZGVkIiwKICAgICJyZWdpc3RyeSIsCiAgICAicG9vbCIsCiAgICAic2VtYW50aWMiLAogICAgImluc3RhZ3JhbSIsCiAgICAiYmFzaCIsCiAgICAic3lzdGVtIiwKICAgICJuaW5qYSIsCiAgICAiZHJ1cGFsIiwKICAgICJqcXVlcnkiLAogICAgInBvbHlmaWxsIiwKICAgICJwaHlzaWMiLAogICAgImxlYWd1ZSIsCiAgICAiZ3VpZGUiLAogICAgInBhY2siLAogICAgInN5bm9wc2kiLAogICAgInNrZXRjaCIsCiAgICAiaW5qZWN0aW9uIiwKICAgICJzdmdfIiwKICAgICJzdmctIiwKICAgICJzdmcuIiwKICAgICJmcmllbmRseSIsCiAgICAid2F2ZSIsCiAgICAiY29udmVydCIsCiAgICAibWFuYWdlIiwKICAgICJjYW1lcmEiLAogICAgImxpbmsiLAogICAgInNsaWRlIiwKICAgICJ0aW1lciIsCiAgICAid3JhcHBlciIsCiAgICAiZ2FsbGVyeSIsCiAgICAidXJsXyIsCiAgICAidXJsLSIsCiAgICAidXJsLiIsCiAgICAidG9kb212YyIsCiAgICAicmVxdWlyZWoiLAogICAgInBhcnR5IiwKICAgICJodHRwIiwKICAgICJwYXltZW50IiwKICAgICJhc3luYyIsCiAgICAibGlicmFyeSIsCiAgICAiaG9tZSIsCiAgICAiY29jbyIsCiAgICAiZ2FpYSIsCiAgICAiZGlzcGxheSIsCiAgICAidW5pdmVyc2FsIiwKICAgICJmdW5jIiwKICAgICJtZXRhZGF0YSIsCiAgICAiaGlwY2hhdCIsCiAgICAidW5kZXIiLAogICAgInJvb20iLAogICAgImNvbmZpZyIsCiAgICAicGVyc29uYWwiLAogICAgInJlYWx0aW1lIiwKICAgICJyZXN1bWUiLAogICAgImRhdGFiYXNlIiwKICAgICJ0ZXN0aW5nIiwKICAgICJ0aW55IiwKICAgICJiYXNpYyIsCiAgICAiZm9ydW0iLAogICAgIm1lZXR1cCIsCiAgICAieWV0XyIsCiAgICAieWV0LSIsCiAgICAieWV0LiIsCiAgICAiY2VudG8iLAogICAgImRlYWQiLAogICAgImZsdWVudGQiLAogICAgImVkaXRvciIsCiAgICAidXRpbGl0aWUiLAogICAgInJ1bl8iLAogICAgInJ1bi0iLAogICAgInJ1bi4iLAogICAgImJveF8iLAogICAgImJveC0iLAogICAgImJveC4iLAogICAgImJvdF8iLAogICAgImJvdC0iLAogICAgImJvdC4iLAogICAgIm1ha2luZyIsCiAgICAic2FtcGxlIiwKICAgICJncm91cCIsCiAgICAibW9uaXRvciIsCiAgICAiYWpheCIsCiAgICAicGFyYWxsZWwiLAogICAgImNhc3NhbmRyYSIsCiAgICAidWx0aW1hdGUiLAogICAgInNpdGUiLAogICAgImdldF8iLAogICAgImdldC0iLAogICAgImdldC4iLAogICAgImdlbl8iLAogICAgImdlbi0iLAogICAgImdlbi4iLAogICAgImdlbV8iLAogICAgImdlbS0iLAogICAgImdlbS4iLAogICAgImV4dGVuZGVkIiwKICAgICJpbWFnZSIsCiAgICAia25pZmUiLAogICAgImFzc2V0IiwKICAgICJuZXN0ZWQiLAogICAgInplcm8iLAogICAgInBsdWdpbiIsCiAgICAiYnJhY2tldCIsCiAgICAibXVsZSIsCiAgICAibW96aWxsYSIsCiAgICAibnVtYmVyIiwKICAgICJhY3RfIiwKICAgICJhY3QtIiwKICAgICJhY3QuIiwKICAgICJtYXBfIiwKICAgICJtYXAtIiwKICAgICJtYXAuIiwKICAgICJtaWNybyIsCiAgICAiZGVidWciLAogICAgIm9wZW5zaGlmdCIsCiAgICAiY2hhcnQiLAogICAgImV4cHJlcyIsCiAgICAiYmFja2VuZCIsCiAgICAidGFzayIsCiAgICAic291cmNlIiwKICAgICJ0cmFuc2xhdGUiLAogICAgImpib3MiLAogICAgImNvbXBvc2VyIiwKICAgICJzcWxpdGUiLAogICAgInByb2ZpbGUiLAogICAgIm11c3RhY2hlIiwKICAgICJtcXR0IiwKICAgICJ5ZW9tYW4iLAogICAgImhhdmUiLAogICAgImJ1aWxkZXIiLAogICAgInNtYXJ0IiwKICAgICJsaWtlIiwKICAgICJvYXV0aCIsCiAgICAic2Nob29sIiwKICAgICJndWlkZWxpbmUiLAogICAgImNhcHRjaGEiLAogICAgImZpbHRlciIsCiAgICAiYml0Y29pbiIsCiAgICAiYnJpZGdlIiwKICAgICJjb2xvciIsCiAgICAidG9vbGJveCIsCiAgICAiZGlzY292ZXJ5IiwKICAgICJuZXdfIiwKICAgICJuZXctIiwKICAgICJuZXcuIiwKICAgICJkYXNoYm9hcmQiLAogICAgIndoZW4iLAogICAgInNldHRpbmciLAogICAgImxldmVsIiwKICAgICJwb3N0IiwKICAgICJzdGFuZGFyZCIsCiAgICAicG9ydCIsCiAgICAicGxhdGZvcm0iLAogICAgInl1aV8iLAogICAgInl1aS0iLAogICAgInl1aS4iLAogICAgImdydW50IiwKICAgICJhbmltYXRpb24iLAogICAgImhhc2tlbGwiLAogICAgImljb24iLAogICAgImxhdGV4IiwKICAgICJjaGVhdCIsCiAgICAibHVhXyIsCiAgICAibHVhLSIsCiAgICAibHVhLiIsCiAgICAiZ3VscCIsCiAgICAiY2FzZSIsCiAgICAiYXV0aG9yIiwKICAgICJ3aXRob3V0IiwKICAgICJzaW11bGF0b3IiLAogICAgIndpZmkiLAogICAgImRpcmVjdG9yeSIsCiAgICAibGlzcCIsCiAgICAibGlzdCIsCiAgICAiZmxhdCIsCiAgICAiYWR2ZW50dXJlIiwKICAgICJzdG9yeSIsCiAgICAic3Rvcm0iLAogICAgImdwdV8iLAogICAgImdwdS0iLAogICAgImdwdS4iLAogICAgInN0b3JlIiwKICAgICJjYWNoaW5nIiwKICAgICJhdHRlbnRpb24iLAogICAgInNvbHIiLAogICAgImxvZ2dlciIsCiAgICAiZGVtbyIsCiAgICAic2hvcnRlbmVyIiwKICAgICJoYWRvb3AiLAogICAgImZpbmRlciIsCiAgICAicGhvbmUiLAogICAgInBpcGVsaW5lIiwKICAgICJyYW5nZSIsCiAgICAidGV4dG1hdGUiLAogICAgInNob3djYXNlIiwKICAgICJhcHBfIiwKICAgICJhcHAtIiwKICAgICJhcHAuIiwKICAgICJpZGlvbWF0aWMiLAogICAgImVkaXQiLAogICAgIm91cl8iLAogICAgIm91ci0iLAogICAgIm91ci4iLAogICAgIm91dF8iLAogICAgIm91dC0iLAogICAgIm91dC4iLAogICAgInNlbnRpbWVudCIsCiAgICAibGlua2VkIiwKICAgICJ3aHlfIiwKICAgICJ3aHktIiwKICAgICJ3aHkuIiwKICAgICJsb2NhbCIsCiAgICAiY3ViZSIsCiAgICAiZ21haWwiLAogICAgImpvYl8iLAogICAgImpvYi0iLAogICAgImpvYi4iLAogICAgInJwY18iLAogICAgInJwYy0iLAogICAgInJwYy4iLAogICAgImNvbnRlc3QiLAogICAgInRjcF8iLAogICAgInRjcC0iLAogICAgInRjcC4iLAogICAgInVzYWdlIiwKICAgICJidWlsZG91dCIsCiAgICAid2VhdGhlciIsCiAgICAidHJhbnNmZXIiLAogICAgImF1dG9tYXRlZCIsCiAgICAic3BoaW54IiwKICAgICJpc3N1ZSIsCiAgICAic2FzXyIsCiAgICAic2FzLSIsCiAgICAic2FzLiIsCiAgICAicGFyYWxsYXgiLAogICAgImphc21pbmUiLAogICAgImFkZG9uIiwKICAgICJtYWNoaW5lIiwKICAgICJzb2x1dGlvbiIsCiAgICAiZHNsXyIsCiAgICAiZHNsLSIsCiAgICAiZHNsLiIsCiAgICAiZXBpc29kZSIsCiAgICAibWVudSIsCiAgICAidGhlbWUiLAogICAgImJlc3QiLAogICAgImFkYXB0ZXIiLAogICAgImRlYnVnZ2VyIiwKICAgICJjaHJvbWUiLAogICAgInR1dG9yaWFsIiwKICAgICJsaWZlIiwKICAgICJzdGVwIiwKICAgICJwZW9wbGUiLAogICAgImpvb21sYSIsCiAgICAicGF5cGFsIiwKICAgICJkZXZlbG9wZXIiLAogICAgInNvbHZlciIsCiAgICAidGVhbSIsCiAgICAiY3VycmVudCIsCiAgICAibG92ZSIsCiAgICAidmlzdWFsIiwKICAgICJkYXRlIiwKICAgICJkYXRhIiwKICAgICJjYW52YSIsCiAgICAiY29udGFpbmVyIiwKICAgICJmdXR1cmUiLAogICAgInhtbF8iLAogICAgInhtbC0iLAogICAgInhtbC4iLAogICAgInR3aWciLAogICAgIm5hZ2lvIiwKICAgICJzcGF0aWFsIiwKICAgICJvcmlnaW5hbCIsCiAgICAic3luYyIsCiAgICAiYXJjaGl2ZWQiLAogICAgInJlZmluZXJ5IiwKICAgICJzY2llbmNlIiwKICAgICJtYXBwaW5nIiwKICAgICJnaXRsYWIiLAogICAgInBsYXkiLAogICAgImV4dF8iLAogICAgImV4dC0iLAogICAgImV4dC4iLAogICAgInNlc3Npb24iLAogICAgImltcGFjdCIsCiAgICAic2V0XyIsCiAgICAic2V0LSIsCiAgICAic2V0LiIsCiAgICAic2VlXyIsCiAgICAic2VlLSIsCiAgICAic2VlLiIsCiAgICAibWlncmF0aW9uIiwKICAgICJjb21taXQiLAogICAgImNvbW11bml0eSIsCiAgICAic2hvcGlmeSIsCiAgICAid2hhdCciLAogICAgImN1Y3VtYmVyIiwKICAgICJzdGF0YW1pYyIsCiAgICAibXlzcWwiLAogICAgImxvY2F0aW9uIiwKICAgICJ0b3dlciIsCiAgICAibGluZSIsCiAgICAiY29kZSIsCiAgICAiYW1xcCIsCiAgICAiaGVsbG8iLAogICAgInNlbmQiLAogICAgImluZGV4IiwKICAgICJoaWdoIiwKICAgICJub3RlYm9vayIsCiAgICAiYWxsb3kiLAogICAgInB5dGhvbiIsCiAgICAiZmllbGQiLAogICAgImRvY3VtZW50IiwKICAgICJzb2FwIiwKICAgICJlZGl0aW9uIiwKICAgICJlbWFpbCIsCiAgICAicGhwXyIsCiAgICAicGhwLSIsCiAgICAicGhwLiIsCiAgICAiY29tbWFuZCIsCiAgICAidHJhbnNwb3J0IiwKICAgICJvZmZpY2lhbCIsCiAgICAidXBsb2FkIiwKICAgICJzdHVkeSIsCiAgICAic2VjdXJlIiwKICAgICJhbmd1bGFyaiIsCiAgICAiYWtrYSIsCiAgICAic2NhbGFibGUiLAogICAgInBhY2thZ2UiLAogICAgInJlcXVlc3QiLAogICAgImNvbl8iLAogICAgImNvbi0iLAogICAgImNvbi4iLAogICAgImZsZXhpYmxlIiwKICAgICJzZWN1cml0eSIsCiAgICAiY29tbWVudCIsCiAgICAibW9kdWxlIiwKICAgICJmbGFzayIsCiAgICAiZ3JhcGgiLAogICAgImZsYXNoIiwKICAgICJhcGFjaGUiLAogICAgImNoYW5nZSIsCiAgICAid2luZG93IiwKICAgICJzcGFjZSIsCiAgICAibGFtYmRhIiwKICAgICJzaGVldCIsCiAgICAiYm9va21hcmsiLAogICAgImNhcm91c2VsIiwKICAgICJmcmllbmQiLAogICAgIm9iamVjdGl2ZSIsCiAgICAiamVreWxsIiwKICAgICJib290c3RyYXAiLAogICAgImZpcnN0IiwKICAgICJhcnRpY2xlIiwKICAgICJnd3RfIiwKICAgICJnd3QtIiwKICAgICJnd3QuIiwKICAgICJjbGFzc2ljIiwKICAgICJtZWRpYSIsCiAgICAid2Vic29ja2V0IiwKICAgICJ0b3VjaCIsCiAgICAiZGVza3RvcCIsCiAgICAicmVhbCIsCiAgICAicmVhZCIsCiAgICAicmVjb3JkZXIiLAogICAgIm1vdmVkIiwKICAgICJzdG9yYWdlIiwKICAgICJ2YWxpZGF0b3IiLAogICAgImFkZC1vbiIsCiAgICAicHVzaGVyIiwKICAgICJzY3NfIiwKICAgICJzY3MtIiwKICAgICJzY3MuIiwKICAgICJpbmxpbmUiLAogICAgImFzcF8iLAogICAgImFzcC0iLAogICAgImFzcC4iLAogICAgInRpbWVsaW5lIiwKICAgICJiYXNlIiwKICAgICJlbmNvZGluZyIsCiAgICAiZmZtcGVnIiwKICAgICJraW5kbGUiLAogICAgInRpbnltY2UiLAogICAgInByZXR0eSIsCiAgICAianBhXyIsCiAgICAianBhLSIsCiAgICAianBhLiIsCiAgICAidXNlZCIsCiAgICAidXNlciIsCiAgICAicmVxdWlyZWQiLAogICAgIndlYmhvb2siLAogICAgImRvd25sb2FkIiwKICAgICJyZXNxdWUiLAogICAgImVzcHJlc3NvIiwKICAgICJjbG91ZCIsCiAgICAibW9uZ28iLAogICAgImJlbmNobWFyayIsCiAgICAicHVyZSIsCiAgICAiY2FrZXBocCIsCiAgICAibW9keCIsCiAgICAibW9kZSIsCiAgICAicmVhY3RpdmUiLAogICAgImZ1ZWwiLAogICAgIndyaXR0ZW4iLAogICAgImZsaWNrciIsCiAgICAibWFpbCIsCiAgICAiYnJ1bmNoIiwKICAgICJtZXRlb3IiLAogICAgImR5bmFtaWMiLAogICAgIm5lb18iLAogICAgIm5lby0iLAogICAgIm5lby4iLAogICAgIm5ld18iLAogICAgIm5ldy0iLAogICAgIm5ldy4iLAogICAgIm5ldF8iLAogICAgIm5ldC0iLAogICAgIm5ldC4iLAogICAgInR5cG8iLAogICAgInR5cGUiLAogICAgImtleWJvYXJkIiwKICAgICJlcmxhbmciLAogICAgImFkb2JlIiwKICAgICJsb2dnaW5nIiwKICAgICJja2VkaXRvciIsCiAgICAibWVzc2FnZSIsCiAgICAiaXNvXyIsCiAgICAiaXNvLSIsCiAgICAiaXNvLiIsCiAgICAiaG9vayIsCiAgICAibGRhcCIsCiAgICAiZm9sZGVyIiwKICAgICJyZWZlcmVuY2UiLAogICAgInJhaWxzY2FzdCIsCiAgICAid3d3XyIsCiAgICAid3d3LSIsCiAgICAid3d3LiIsCiAgICAidHJhY2tlciIsCiAgICAiYXp1cmUiLAogICAgImZvcmsiLAogICAgImZvcm0iLAogICAgImRpZ2l0YWwiLAogICAgImV4cG9ydGVyIiwKICAgICJza2luIiwKICAgICJzdHJpbmciLAogICAgInRlbXBsYXRlIiwKICAgICJkZXNpZ25lciIsCiAgICAiZ29sbHVtIiwKICAgICJmbHVlbnQiLAogICAgImVudGl0eSIsCiAgICAibGFuZ3VhZ2UiLAogICAgImFsZnJlZCIsCiAgICAic3VtbWFyeSIsCiAgICAid2lraSIsCiAgICAia2VybmVsIiwKICAgICJjYWxlbmRhciIsCiAgICAicGx1cGxvYWQiLAogICAgInN5bWZvbnkiLAogICAgImZvdW5kcnkiLAogICAgInJlbW90ZSIsCiAgICAidGFsayIsCiAgICAic2VhcmNoIiwKICAgICJkZXZfIiwKICAgICJkZXYtIiwKICAgICJkZXYuIiwKICAgICJkZWxfIiwKICAgICJkZWwtIiwKICAgICJkZWwuIiwKICAgICJ0b2tlbiIsCiAgICAiaWRlYSIsCiAgICAic2VuY2hhIiwKICAgICJzZWxlY3RvciIsCiAgICAiaW50ZXJmYWNlIiwKICAgICJjcmVhdGUiLAogICAgImZ1bl8iLAogICAgImZ1bi0iLAogICAgImZ1bi4iLAogICAgImdyb292eSIsCiAgICAicXVlcnkiLAogICAgImdyYWlsIiwKICAgICJyZWRfIiwKICAgICJyZWQtIiwKICAgICJyZWQuIiwKICAgICJsYXJhdmVsIiwKICAgICJtb25rZXkiLAogICAgInNsYWNrIiwKICAgICJzdXBwb3J0ZWQiLAogICAgImluc3RhbnQiLAogICAgInZhbHVlIiwKICAgICJjZW50ZXIiLAogICAgImxhdGVzdCIsCiAgICAid29yayIsCiAgICAiYnV0XyIsCiAgICAiYnV0LSIsCiAgICAiYnV0LiIsCiAgICAiYnVnXyIsCiAgICAiYnVnLSIsCiAgICAiYnVnLiIsCiAgICAidmlydHVhbCIsCiAgICAidHdlZXQiLAogICAgInN0YXRzZCIsCiAgICAic3R1ZGlvIiwKICAgICJwYXRoIiwKICAgICJyZWFsLXRpbWUiLAogICAgImZyb250ZW5kIiwKICAgICJub3RpZmllciIsCiAgICAiY29kaW5nIiwKICAgICJ0b29sIiwKICAgICJmaXJtd2FyZSIsCiAgICAiZmxvdyIsCiAgICAicmFuZG9tIiwKICAgICJtZWRpYXdpa2kiLAogICAgImJvc2giLAogICAgImJlZW4iLAogICAgImJlZXIiLAogICAgImxpZ2h0Ym94IiwKICAgICJ0aGVvcnkiLAogICAgIm9yaWdpbiIsCiAgICAicmVkbWluZSIsCiAgICAiaHViXyIsCiAgICAiaHViLSIsCiAgICAiaHViLiIsCiAgICAicmVxdWlyZSIsCiAgICAicHJvXyIsCiAgICAicHJvLSIsCiAgICAicHJvLiIsCiAgICAiYW50XyIsCiAgICAiYW50LSIsCiAgICAiYW50LiIsCiAgICAiYW55XyIsCiAgICAiYW55LSIsCiAgICAiYW55LiIsCiAgICAicmVjaXBlIiwKICAgICJjbG9zdXJlIiwKICAgICJtYXBwZXIiLAogICAgImV2ZW50IiwKICAgICJ0b2RvIiwKICAgICJtb2RlbCIsCiAgICAicmVkaSIsCiAgICAicHJvdmlkZXIiLAogICAgInJ2bV8iLAogICAgInJ2bS0iLAogICAgInJ2bS4iLAogICAgInByb2dyYW0iLAogICAgIm1lbWNhY2hlZCIsCiAgICAicmFpbCIsCiAgICAic2lsZXgiLAogICAgImZvcmVtYW4iLAogICAgImFjdGl2aXR5IiwKICAgICJsaWNlbnNlIiwKICAgICJzdHJhdGVneSIsCiAgICAiYmF0Y2giLAogICAgInN0cmVhbWluZyIsCiAgICAiZmFzdCIsCiAgICAidXNlXyIsCiAgICAidXNlLSIsCiAgICAidXNlLiIsCiAgICAidXNiXyIsCiAgICAidXNiLSIsCiAgICAidXNiLiIsCiAgICAiaW1wcmVzIiwKICAgICJhY2FkZW15IiwKICAgICJzbGlkZXIiLAogICAgInBsZWFzZSIsCiAgICAibGF5ZXIiLAogICAgImNyb3MiLAogICAgIm5vd18iLAogICAgIm5vdy0iLAogICAgIm5vdy4iLAogICAgIm1pbmVyIiwKICAgICJleHRlbnNpb24iLAogICAgIm93bl8iLAogICAgIm93bi0iLAogICAgIm93bi4iLAogICAgImFwcF8iLAogICAgImFwcC0iLAogICAgImFwcC4iLAogICAgImRlYmlhbiIsCiAgICAic3ltcGhvbnkiLAogICAgImV4YW1wbGUiLAogICAgImZlYXR1cmUiLAogICAgInNlcmllIiwKICAgICJ0cmVlIiwKICAgICJwcm9qZWN0IiwKICAgICJydW5uZXIiLAogICAgImVudHJ5IiwKICAgICJsZWV0Y29kZSIsCiAgICAibGF5b3V0IiwKICAgICJ3ZWJydGMiLAogICAgImxvZ2ljIiwKICAgICJsb2dpbiIsCiAgICAid29ya2VyIiwKICAgICJ0b29sa2l0IiwKICAgICJtb2NoYSIsCiAgICAic3VwcG9ydCIsCiAgICAiYmFjayIsCiAgICAiaW5zaWRlIiwKICAgICJkZXZpY2UiLAogICAgImplbmtpbiIsCiAgICAiY29udGFjdCIsCiAgICAiZmFrZSIsCiAgICAiYXdlc29tZSIsCiAgICAib2NhbWwiLAogICAgImJpdF8iLAogICAgImJpdC0iLAogICAgImJpdC4iLAogICAgImRyaXZlIiwKICAgICJzY3JlZW4iLAogICAgInByb3RvdHlwZSIsCiAgICAiZ2lzdCIsCiAgICAiYmluYXJ5IiwKICAgICJub3NxbCIsCiAgICAicmVzdCIsCiAgICAib3ZlcnZpZXciLAogICAgImRhcnQiLAogICAgImRhcmsiLAogICAgImVtYWMiLAogICAgIm1vbmdvaWQiLAogICAgInNvbGFyaXplZCIsCiAgICAiaG9tZXBhZ2UiLAogICAgImVtdWxhdG9yIiwKICAgICJjb21tYW5kZXIiLAogICAgImRqYW5nbyIsCiAgICAieWFuZGV4IiwKICAgICJncmFkbGUiLAogICAgInhjb2RlIiwKICAgICJ3cml0ZXIiLAogICAgImNybV8iLAogICAgImNybS0iLAogICAgImNybS4iLAogICAgImphZGUiLAogICAgInN0YXJ0dXAiLAogICAgImVycm9yIiwKICAgICJ1c2luZyIsCiAgICAiZm9ybWF0IiwKICAgICJuYW1lIiwKICAgICJzcHJpbmciLAogICAgInBhcnNlciIsCiAgICAic2NyYXRjaCIsCiAgICAibWFnaWMiLAogICAgInRyeV8iLAogICAgInRyeS0iLAogICAgInRyeS4iLAogICAgInJhY2siLAogICAgImRpcmVjdGl2ZSIsCiAgICAiY2hhbGxlbmdlIiwKICAgICJzbGltIiwKICAgICJjb3VudGVyIiwKICAgICJlbGVtZW50IiwKICAgICJjaG9zZW4iLAogICAgImRvY18iLAogICAgImRvYy0iLAogICAgImRvYy4iLAogICAgIm1ldGEiLAogICAgInNob3VsZCIsCiAgICAiYnV0dG9uIiwKICAgICJwYWNrZXQiLAogICAgInN0cmVhbSIsCiAgICAiaGFyZHdhcmUiLAogICAgImFuZHJvaWQiLAogICAgImluZmluaXRlIiwKICAgICJwYXNzd29yZCIsCiAgICAic29mdHdhcmUiLAogICAgImdob3N0IiwKICAgICJ4YW1hcmluIiwKICAgICJzcGVjIiwKICAgICJjaGVmIiwKICAgICJpbnRlcnZpZXciLAogICAgImh1Ym90IiwKICAgICJtdmNfIiwKICAgICJtdmMtIiwKICAgICJtdmMuIiwKICAgICJleGVyY2lzZSIsCiAgICAibGVhZmxldCIsCiAgICAibGF1bmNoZXIiLAogICAgImFpcl8iLAogICAgImFpci0iLAogICAgImFpci4iLAogICAgInBob3RvIiwKICAgICJib2FyZCIsCiAgICAiYm94ZW4iLAogICAgIndheV8iLAogICAgIndheS0iLAogICAgIndheS4iLAogICAgImNvbXB1dGluZyIsCiAgICAid2VsY29tZSIsCiAgICAibm90ZXBhZCIsCiAgICAicG9ydGZvbGlvIiwKICAgICJjYXRfIiwKICAgICJjYXQtIiwKICAgICJjYXQuIiwKICAgICJjYW5fIiwKICAgICJjYW4tIiwKICAgICJjYW4uIiwKICAgICJtYWdlbnRvIiwKICAgICJ5YW1sIiwKICAgICJkb21haW4iLAogICAgImNhcmQiLAogICAgInlpaV8iLAogICAgInlpaS0iLAogICAgInlpaS4iLAogICAgImNoZWNrZXIiLAogICAgImJyb3dzZXIiLAogICAgInVwZ3JhZGUiLAogICAgIm9ubHkiLAogICAgInByb2dyZXMiLAogICAgImF1cmEiLAogICAgInJ1YnlfIiwKICAgICJydWJ5LSIsCiAgICAicnVieS4iLAogICAgInBvbHltZXIiLAogICAgInV0aWwiLAogICAgImxpdGUiLAogICAgImhhY2thdGhvbiIsCiAgICAicnVsZSIsCiAgICAibG9nXyIsCiAgICAibG9nLSIsCiAgICAibG9nLiIsCiAgICAib3BlbmdsIiwKICAgICJzdGFuZm9yZCIsCiAgICAic2tlbGV0b24iLAogICAgImhpc3RvcnkiLAogICAgImluc3BlY3RvciIsCiAgICAiaGVscCIsCiAgICAic29vbiIsCiAgICAic2VsZW5pdW0iLAogICAgImxhYl8iLAogICAgImxhYi0iLAogICAgImxhYi4iLAogICAgInNjaGVtZSIsCiAgICAic2NoZW1hIiwKICAgICJsb29rIiwKICAgICJyZWFkeSIsCiAgICAibGV2ZWxkYiIsCiAgICAiZG9ja2VyIiwKICAgICJnYW1lIiwKICAgICJtaW5pbWFsIiwKICAgICJsb2dzdGFzaCIsCiAgICAibWVzc2FnaW5nIiwKICAgICJ3aXRoaW4iLAogICAgImhlcm9rdSIsCiAgICAibW9uZ29kYiIsCiAgICAia2F0YSIsCiAgICAic3VpdGUiLAogICAgInBpY2tlciIsCiAgICAid2luXyIsCiAgICAid2luLSIsCiAgICAid2luLiIsCiAgICAid2lwXyIsCiAgICAid2lwLSIsCiAgICAid2lwLiIsCiAgICAicGFuZWwiLAogICAgInN0YXJ0ZWQiLAogICAgInN0YXJ0ZXIiLAogICAgImZyb250LWVuZCIsCiAgICAiZGV0ZWN0b3IiLAogICAgImRlcGxveSIsCiAgICAiZWRpdGluZyIsCiAgICAiYmFzZWQiLAogICAgImFkbWluIiwKICAgICJjYXB0dXJlIiwKICAgICJzcHJlZSIsCiAgICAicGFnZSIsCiAgICAiYnVuZGxlIiwKICAgICJnb2FsIiwKICAgICJycGdfIiwKICAgICJycGctIiwKICAgICJycGcuIiwKICAgICJzZXR1cCIsCiAgICAic2lkZSIsCiAgICAibWVhbiIsCiAgICAicmVhZGVyIiwKICAgICJjb29rYm9vayIsCiAgICAibWluaSIsCiAgICAibW9kZXJuIiwKICAgICJzZWVkIiwKICAgICJkb21fIiwKICAgICJkb20tIiwKICAgICJkb20uIiwKICAgICJkb2NfIiwKICAgICJkb2MtIiwKICAgICJkb2MuIiwKICAgICJkb3RfIiwKICAgICJkb3QtIiwKICAgICJkb3QuIiwKICAgICJzeW50YXgiLAogICAgInN1Z2FyIiwKICAgICJsb2FkZXIiLAogICAgIndlYnNpdGUiLAogICAgIm1ha2UiLAogICAgImtpdF8iLAogICAgImtpdC0iLAogICAgImtpdC4iLAogICAgInByb3RvY29sIiwKICAgICJodW1hbiIsCiAgICAiZGFlbW9uIiwKICAgICJnb2xhbmciLAogICAgIm1hbmFnZXIiLAogICAgImNvdW50ZG93biIsCiAgICAiY29ubmVjdG9yIiwKICAgICJzd2FnZ2VyIiwKICAgICJtYXBfIiwKICAgICJtYXAtIiwKICAgICJtYXAuIiwKICAgICJtYWNfIiwKICAgICJtYWMtIiwKICAgICJtYWMuIiwKICAgICJtYW5fIiwKICAgICJtYW4tIiwKICAgICJtYW4uIiwKICAgICJvcm1fIiwKICAgICJvcm0tIiwKICAgICJvcm0uIiwKICAgICJvcmdfIiwKICAgICJvcmctIiwKICAgICJvcmcuIiwKICAgICJsaXR0bGUiLAogICAgInpzaF8iLAogICAgInpzaC0iLAogICAgInpzaC4iLAogICAgInNob3AiLAogICAgInNob3ciLAogICAgIndvcmtzaG9wIiwKICAgICJtb25leSIsCiAgICAiZ3JpZCIsCiAgICAic2VydmVyIiwKICAgICJvY3RvcHJlcyIsCiAgICAic3ZuXyIsCiAgICAic3ZuLSIsCiAgICAic3ZuLiIsCiAgICAiZW1iZXIiLAogICAgImVtYmVkIiwKICAgICJnZW5lcmFsIiwKICAgICJmaWxlIiwKICAgICJpbXBvcnRhbnQiLAogICAgImRyb3Bib3giLAogICAgInBvcnRhYmxlIiwKICAgICJwdWJsaWMiLAogICAgImRvY3BhZCIsCiAgICAiZmlzaCIsCiAgICAic2J0XyIsCiAgICAic2J0LSIsCiAgICAic2J0LiIsCiAgICAiZG9uZSIsCiAgICAicGFyYSIsCiAgICAibmV0d29yayIsCiAgICAiY29tbW9uIiwKICAgICJyZWFkbWUiLAogICAgInBvcHVwIiwKICAgICJzaW1wbGUiLAogICAgInB1cnBvc2UiLAogICAgIm1pcnJvciIsCiAgICAic2luZ2xlIiwKICAgICJjb3Jkb3ZhIiwKICAgICJleGNoYW5nZSIsCiAgICAib2JqZWN0IiwKICAgICJkZXNpZ24iLAogICAgImdhdGV3YXkiLAogICAgImFjY291bnQiLAogICAgImxhbXAiLAogICAgImludGVsbGlqIiwKICAgICJtYXRoIiwKICAgICJtaXRfIiwKICAgICJtaXQtIiwKICAgICJtaXQuIiwKICAgICJjb250cm9sIiwKICAgICJlbmhhbmNlZCIsCiAgICAiZW1pdHRlciIsCiAgICAibXVsdGkiLAogICAgImFkZF8iLAogICAgImFkZC0iLAogICAgImFkZC4iLAogICAgImFib3V0IiwKICAgICJzb2NrZXQiLAogICAgInByZXZpZXciLAogICAgInZhZ3JhbnQiLAogICAgImNsaV8iLAogICAgImNsaS0iLAogICAgImNsaS4iLAogICAgInBvd2VyZnVsIiwKICAgICJ0b3BfIiwKICAgICJ0b3AtIiwKICAgICJ0b3AuIiwKICAgICJyYWRpbyIsCiAgICAid2F0Y2giLAogICAgImZsdWlkIiwKICAgICJhbWF6b24iLAogICAgInJlcG9ydCIsCiAgICAiY291Y2hiYXNlIiwKICAgICJhdXRvbWF0aWMiLAogICAgImRldGVjdGlvbiIsCiAgICAic3ByaXRlIiwKICAgICJweXJhbWlkIiwKICAgICJwb3J0YWwiLAogICAgImFkdmFuY2VkIiwKICAgICJwbHVfIiwKICAgICJwbHUtIiwKICAgICJwbHUuIiwKICAgICJydW50aW1lIiwKICAgICJnaXRfIiwKICAgICJnaXQtIiwKICAgICJnaXQuIiwKICAgICJ1cmlfIiwKICAgICJ1cmktIiwKICAgICJ1cmkuIiwKICAgICJoYW1sIiwKICAgICJub2RlIiwKICAgICJzcWxfIiwKICAgICJzcWwtIiwKICAgICJzcWwuIiwKICAgICJjb29sIiwKICAgICJjb3JlIiwKICAgICJvYnNvbGV0ZSIsCiAgICAiaGFuZGxlciIsCiAgICAiaXBob25lIiwKICAgICJleHRyYWN0b3IiLAogICAgImFycmF5IiwKICAgICJjb3B5IiwKICAgICJubHBfIiwKICAgICJubHAtIiwKICAgICJubHAuIiwKICAgICJyZXZlYWwiLAogICAgInBvcF8iLAogICAgInBvcC0iLAogICAgInBvcC4iLAogICAgImVuZ2luZSIsCiAgICAicGFyc2UiLAogICAgImNoZWNrIiwKICAgICJodG1sIiwKICAgICJuZXN0IiwKICAgICJhbGxfIiwKICAgICJhbGwtIiwKICAgICJhbGwuIiwKICAgICJjaGluZXNlIiwKICAgICJidWlsZHBhY2siLAogICAgIndoYXQiLAogICAgInRhZ18iLAogICAgInRhZy0iLAogICAgInRhZy4iLAogICAgInByb3h5IiwKICAgICJzdHlsZSIsCiAgICAiY29va2llIiwKICAgICJmZWVkIiwKICAgICJyZXN0ZnVsIiwKICAgICJjb21waWxlciIsCiAgICAiY3JlYXRpbmciLAogICAgInByZWx1ZGUiLAogICAgImNvbnRleHQiLAogICAgImphdmEiLAogICAgInJzcGVjIiwKICAgICJtb2NrIiwKICAgICJiYWNrYm9uZSIsCiAgICAibGlnaHQiLAogICAgInNwb3RpZnkiLAogICAgImZsZXgiLAogICAgInJlbGF0ZWQiLAogICAgInNoZWxsIiwKICAgICJ3aGljaCIsCiAgICAiY2xhcyIsCiAgICAid2ViYXBwIiwKICAgICJzd2lmdCIsCiAgICAiYW5zaWJsZSIsCiAgICAidW5pdHkiLAogICAgImNvbnNvbGUiLAogICAgInR1bWJsciIsCiAgICAiZXhwb3J0IiwKICAgICJjYW1wZmlyZSIsCiAgICAiY29ud2F5JyIsCiAgICAibWFkZSIsCiAgICAicmlhayIsCiAgICAiaGVybyIsCiAgICAiaGVyZSIsCiAgICAidW5peCIsCiAgICAidW5pdCIsCiAgICAiZ2xhcyIsCiAgICAic210cCIsCiAgICAiaG93XyIsCiAgICAiaG93LSIsCiAgICAiaG93LiIsCiAgICAiaG90XyIsCiAgICAiaG90LSIsCiAgICAiaG90LiIsCiAgICAiZGVidWciLAogICAgInJlbGVhc2UiLAogICAgImRpZmYiLAogICAgInBsYXllciIsCiAgICAiZWFzeSIsCiAgICAicmlnaHQiLAogICAgIm9sZF8iLAogICAgIm9sZC0iLAogICAgIm9sZC4iLAogICAgImFuaW1hdGUiLAogICAgInRpbWUiLAogICAgInB1c2giLAogICAgImV4cGxvcmVyIiwKICAgICJjb3Vyc2UiLAogICAgInRyYWluaW5nIiwKICAgICJuZXR0ZSIsCiAgICAicm91dGVyIiwKICAgICJkcmFmdCIsCiAgICAic3RydWN0dXJlIiwKICAgICJub3RlIiwKICAgICJzYWx0IiwKICAgICJ3aGVyZSIsCiAgICAic3BhcmsiLAogICAgInRyZWxsbyIsCiAgICAicG93ZXIiLAogICAgIm1ldGhvZCIsCiAgICAic29jaWFsIiwKICAgICJ2aWFfIiwKICAgICJ2aWEtIiwKICAgICJ2aWEuIiwKICAgICJ2aW1fIiwKICAgICJ2aW0tIiwKICAgICJ2aW0uIiwKICAgICJzZWxlY3QiLAogICAgIndlYmtpdCIsCiAgICAiZ2l0aHViIiwKICAgICJmdHBfIiwKICAgICJmdHAtIiwKICAgICJmdHAuIiwKICAgICJjcmVhdG9yIiwKICAgICJtb25nb29zZSIsCiAgICAibGVkXyIsCiAgICAibGVkLSIsCiAgICAibGVkLiIsCiAgICAibW92aWUiLAogICAgImN1cnJlbnRseSIsCiAgICAicGRmXyIsCiAgICAicGRmLSIsCiAgICAicGRmLiIsCiAgICAibG9hZCIsCiAgICAibWFya2Rvd24iLAogICAgInBoYWxjb24iLAogICAgImlucHV0IiwKICAgICJjdXN0b20iLAogICAgImF0b20iLAogICAgIm9yYWNsZSIsCiAgICAicGhvbmVnYXAiLAogICAgInVidW50dSIsCiAgICAiZ3JlYXQiLAogICAgInJkZl8iLAogICAgInJkZi0iLAogICAgInJkZi4iLAogICAgInBvcGNvcm4iLAogICAgImZpcmVmb3giLAogICAgInppcF8iLAogICAgInppcC0iLAogICAgInppcC4iLAogICAgImN1ZGEiLAogICAgImRvdGZpbGUiLAogICAgInN0YXRpYyIsCiAgICAib3BlbndydCIsCiAgICAidmlld2VyIiwKICAgICJwb3dlcmVkIiwKICAgICJncmFwaGljIiwKICAgICJsZXNfIiwKICAgICJsZXMtIiwKICAgICJsZXMuIiwKICAgICJkb2VfIiwKICAgICJkb2UtIiwKICAgICJkb2UuIiwKICAgICJtYXZlbiIsCiAgICAid29yZCIsCiAgICAiZWNsaXBzZSIsCiAgICAibGFiXyIsCiAgICAibGFiLSIsCiAgICAibGFiLiIsCiAgICAiaGFja2luZyIsCiAgICAic3RlYW0iLAogICAgImFuYWx5dGljIiwKICAgICJvcHRpb24iLAogICAgImFic3RyYWN0IiwKICAgICJhcmNoaXZlIiwKICAgICJyZWFsaXR5IiwKICAgICJzd2l0Y2hlciIsCiAgICAiY2x1YiIsCiAgICAid3JpdGUiLAogICAgImthZmthIiwKICAgICJhcmR1aW5vIiwKICAgICJhbmd1bGFyIiwKICAgICJvbmxpbmUiLAogICAgInRpdGxlIiwKICAgICJkb24ndCIsCiAgICAiY29udGFvIiwKICAgICJub3RpY2UiLAogICAgImFuYWx5emVyIiwKICAgICJsZWFybmluZyIsCiAgICAiemVuZCIsCiAgICAiZXh0ZXJuYWwiLAogICAgInN0YWdpbmciLAogICAgImJ1c2luZXMiLAogICAgInRkZF8iLAogICAgInRkZC0iLAogICAgInRkZC4iLAogICAgInNjYW5uZXIiLAogICAgImJ1aWxkaW5nIiwKICAgICJzbmlwcGV0IiwKICAgICJtb2R1bGFyIiwKICAgICJib3dlciIsCiAgICAic3RtXyIsCiAgICAic3RtLSIsCiAgICAic3RtLiIsCiAgICAibGliXyIsCiAgICAibGliLSIsCiAgICAibGliLiIsCiAgICAiYWxwaGEiLAogICAgIm1vYmlsZSIsCiAgICAiY2xlYW4iLAogICAgImxpbnV4IiwKICAgICJuZ2lueCIsCiAgICAibWFuaWZlc3QiLAogICAgInNvbWUiLAogICAgInJhc3BiZXJyeSIsCiAgICAiZ25vbWUiLAogICAgImlkZV8iLAogICAgImlkZS0iLAogICAgImlkZS4iLAogICAgImJsb2NrIiwKICAgICJzdGF0aXN0aWMiLAogICAgImluZm8iLAogICAgImRyYWciLAogICAgInlvdXR1YmUiLAogICAgImtvYW4iLAogICAgImZhY2Vib29rIiwKICAgICJwYXBlcmNsaXAiLAogICAgImFydF8iLAogICAgImFydC0iLAogICAgImFydC4iLAogICAgInF1YWxpdHkiLAogICAgInRhYl8iLAogICAgInRhYi0iLAogICAgInRhYi4iLAogICAgIm5lZWQiLAogICAgImRvam8iLAogICAgInNoaWVsZCIsCiAgICAiY29tcHV0ZXIiLAogICAgInN0YXQiLAogICAgInN0YXRlIiwKICAgICJ0d2l0dGVyIiwKICAgICJ1dGlsaXR5IiwKICAgICJjb252ZXJ0ZXIiLAogICAgImhvc3RpbmciLAogICAgImRldmlzZSIsCiAgICAibGlmZXJheSIsCiAgICAidXBkYXRlZCIsCiAgICAiZm9yY2UiLAogICAgInRpcF8iLAogICAgInRpcC0iLAogICAgInRpcC4iLAogICAgImJlaGF2aW9yIiwKICAgICJhY3RpdmUiLAogICAgImNhbGwiLAogICAgImFuc3dlciIsCiAgICAiZGVjayIsCiAgICAiYmV0dGVyIiwKICAgICJwcmluY2lwbGUiLAogICAgImNoZXMiLAogICAgImJhcl8iLAogICAgImJhci0iLAogICAgImJhci4iLAogICAgInJlZGRpdCIsCiAgICAidGhyZWUiLAogICAgImhheGUiLAogICAgImp1c3QiLAogICAgInBsdWctaW4iLAogICAgImFnaWxlIiwKICAgICJtYW51YWwiLAogICAgInRldHJpIiwKICAgICJzdXBlciIsCiAgICAiYmV0YSIsCiAgICAicGFyc2luZyIsCiAgICAiZG9jdHJpbmUiLAogICAgIm1pbmVjcmFmdCIsCiAgICAidXNlZnVsIiwKICAgICJwZXJsIiwKICAgICJzaGFyaW5nIiwKICAgICJhZ2VudCIsCiAgICAic3dpdGNoIiwKICAgICJ2aWV3IiwKICAgICJkYXNoIiwKICAgICJjaGFubmVsIiwKICAgICJyZXBvIiwKICAgICJwZWJibGUiLAogICAgInByb2ZpbGVyIiwKICAgICJ3YXJuaW5nIiwKICAgICJjbHVzdGVyIiwKICAgICJydW5uaW5nIiwKICAgICJtYXJrdXAiLAogICAgImV2ZW50ZWQiLAogICAgIm1vZF8iLAogICAgIm1vZC0iLAogICAgIm1vZC4iLAogICAgInNoYXJlIiwKICAgICJjc3ZfIiwKICAgICJjc3YtIiwKICAgICJjc3YuIiwKICAgICJyZXNwb25zZSIsCiAgICAiZ29vZCIsCiAgICAiaG91c2UiLAogICAgImNvbm5lY3QiLAogICAgImJ1aWx0IiwKICAgICJidWlsZCIsCiAgICAiZmluZCIsCiAgICAiaXB5dGhvbiIsCiAgICAid2ViZ2wiLAogICAgImJpZ18iLAogICAgImJpZy0iLAogICAgImJpZy4iLAogICAgImdvb2dsZSIsCiAgICAic2NhbGEiLAogICAgInNkbF8iLAogICAgInNkbC0iLAogICAgInNkbC4iLAogICAgInNka18iLAogICAgInNkay0iLAogICAgInNkay4iLAogICAgIm5hdGl2ZSIsCiAgICAiZGF5XyIsCiAgICAiZGF5LSIsCiAgICAiZGF5LiIsCiAgICAicHVwcGV0IiwKICAgICJ0ZXh0IiwKICAgICJyb3V0aW5nIiwKICAgICJoZWxwZXIiLAogICAgImxpbmtlZGluIiwKICAgICJjcmF3bGVyIiwKICAgICJob3N0IiwKICAgICJndWFyZCIsCiAgICAibWVyY2hhbnQiLAogICAgInBva2VyIiwKICAgICJvdmVyIiwKICAgICJ3cml0aW5nIiwKICAgICJmcmVlIiwKICAgICJjbGFzc2UiLAogICAgImNvbXBvbmVudCIsCiAgICAiY3JhZnQiLAogICAgIm5vZGVqIiwKICAgICJwaG9lbml4IiwKICAgICJsb25nZXIiLAogICAgInF1aWNrIiwKICAgICJsYXp5IiwKICAgICJtZW1vcnkiLAogICAgImNsb25lIiwKICAgICJoYWNrZXIiLAogICAgIm1pZGRsZW1hbiIsCiAgICAiZmFjdG9yeSIsCiAgICAibW90aW9uIiwKICAgICJtdWx0aXBsZSIsCiAgICAidG9ybmFkbyIsCiAgICAiaGFjayIsCiAgICAic3NoXyIsCiAgICAic3NoLSIsCiAgICAic3NoLiIsCiAgICAicmV2aWV3IiwKICAgICJ2aW1yYyIsCiAgICAiZHJpdmVyIiwKICAgICJkcml2ZW4iLAogICAgImJsb2ciLAogICAgInBhcnRpY2xlIiwKICAgICJ0YWJsZSIsCiAgICAiaW50cm8iLAogICAgImltcG9ydGVyIiwKICAgICJ0aHJpZnQiLAogICAgInhtcHAiLAogICAgImZyYW1ld29yayIsCiAgICAicmVmcmVzaCIsCiAgICAicmVhY3QiLAogICAgImZvbnQiLAogICAgImxpYnJhcmllIiwKICAgICJ2YXJpb3UiLAogICAgImZvcm1hdHRlciIsCiAgICAiYW5hbHlzaSIsCiAgICAia2FybWEiLAogICAgInNjcm9sbCIsCiAgICAidHV0XyIsCiAgICAidHV0LSIsCiAgICAidHV0LiIsCiAgICAiYXBwbGUiLAogICAgInRhZ18iLAogICAgInRhZy0iLAogICAgInRhZy4iLAogICAgInRhYl8iLAogICAgInRhYi0iLAogICAgInRhYi4iLAogICAgImNhdGVnb3J5IiwKICAgICJpb25pYyIsCiAgICAiY2FjaGUiLAogICAgImhvbWVicmV3IiwKICAgICJyZXZlcnNlIiwKICAgICJlbmdsaXNoIiwKICAgICJnZXR0aW5nIiwKICAgICJzaGlwcGluZyIsCiAgICAiY2xvanVyZSIsCiAgICAiYm9vdCIsCiAgICAiYm9vayIsCiAgICAiYnJhbmNoIiwKICAgICJjb21iaW5hdGlvbiIsCiAgICAiY29tYm8iLApdCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJHaXRIdWIgQXBwIFRva2VuIgppZCA9ICJnaXRodWItYXBwLXRva2VuIgpyZWdleCA9ICcnJyhnaHV8Z2hzKV9bMC05YS16QS1aXXszNn0nJycKa2V5d29yZHMgPSBbCiAgICAiZ2h1XyIsImdoc18iLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiR2l0SHViIEZpbmUtR3JhaW5lZCBQZXJzb25hbCBBY2Nlc3MgVG9rZW4iCmlkID0gImdpdGh1Yi1maW5lLWdyYWluZWQtcGF0IgpyZWdleCA9ICcnJ2dpdGh1Yl9wYXRfWzAtOWEtekEtWl9dezgyfScnJwprZXl3b3JkcyA9IFsKICAgICJnaXRodWJfcGF0XyIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJHaXRIdWIgT0F1dGggQWNjZXNzIFRva2VuIgppZCA9ICJnaXRodWItb2F1dGgiCnJlZ2V4ID0gJycnZ2hvX1swLTlhLXpBLVpdezM2fScnJwprZXl3b3JkcyA9IFsKICAgICJnaG9fIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkdpdEh1YiBQZXJzb25hbCBBY2Nlc3MgVG9rZW4iCmlkID0gImdpdGh1Yi1wYXQiCnJlZ2V4ID0gJycnZ2hwX1swLTlhLXpBLVpdezM2fScnJwprZXl3b3JkcyA9IFsKICAgICJnaHBfIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkdpdEh1YiBSZWZyZXNoIFRva2VuIgppZCA9ICJnaXRodWItcmVmcmVzaC10b2tlbiIKcmVnZXggPSAnJydnaHJfWzAtOWEtekEtWl17MzZ9JycnCmtleXdvcmRzID0gWwogICAgImdocl8iLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiR2l0TGFiIFBlcnNvbmFsIEFjY2VzcyBUb2tlbiIKaWQgPSAiZ2l0bGFiLXBhdCIKcmVnZXggPSAnJydnbHBhdC1bMC05YS16QS1aXC1cX117MjB9JycnCmtleXdvcmRzID0gWwogICAgImdscGF0LSIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJHaXR0ZXIgQWNjZXNzIFRva2VuIgppZCA9ICJnaXR0ZXItYWNjZXNzLXRva2VuIgpyZWdleCA9ICcnJyg/aSkoPzpnaXR0ZXIpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS16MC05Xy1dezQwfSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJnaXR0ZXIiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiR29DYXJkbGVzcyBBUEkgdG9rZW4iCmlkID0gImdvY2FyZGxlc3MtYXBpLXRva2VuIgpyZWdleCA9ICcnJyg/aSkoPzpnb2NhcmRsZXNzKSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0obGl2ZV8oP2kpW2EtejAtOVwtXz1dezQwfSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJsaXZlXyIsImdvY2FyZGxlc3MiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiR3JhZmFuYSBhcGkga2V5IChvciBHcmFmYW5hIGNsb3VkIGFwaSBrZXkpIgppZCA9ICJncmFmYW5hLWFwaS1rZXkiCnJlZ2V4ID0gJycnKD9pKVxiKGV5SnJJam9pW0EtWmEtejAtOV17NzAsNDAwfT17MCwyfSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJleWpyaWpvaSIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJHcmFmYW5hIGNsb3VkIGFwaSB0b2tlbiIKaWQgPSAiZ3JhZmFuYS1jbG91ZC1hcGktdG9rZW4iCnJlZ2V4ID0gJycnKD9pKVxiKGdsY19bQS1aYS16MC05Ky9dezMyLDQwMH09ezAsMn0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAiZ2xjXyIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJHcmFmYW5hIHNlcnZpY2UgYWNjb3VudCB0b2tlbiIKaWQgPSAiZ3JhZmFuYS1zZXJ2aWNlLWFjY291bnQtdG9rZW4iCnJlZ2V4ID0gJycnKD9pKVxiKGdsc2FfW0EtWmEtejAtOV17MzJ9X1tBLUZhLWYwLTldezh9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgImdsc2FfIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkhhc2hpQ29ycCBUZXJyYWZvcm0gdXNlci9vcmcgQVBJIHRva2VuIgppZCA9ICJoYXNoaWNvcnAtdGYtYXBpLXRva2VuIgpyZWdleCA9ICcnJyg/aSlbYS16MC05XXsxNH1cLmF0bGFzdjFcLlthLXowLTlcLV89XXs2MCw3MH0nJycKa2V5d29yZHMgPSBbCiAgICAiYXRsYXN2MSIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJIZXJva3UgQVBJIEtleSIKaWQgPSAiaGVyb2t1LWFwaS1rZXkiCnJlZ2V4ID0gJycnKD9pKSg/Omhlcm9rdSkoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KFswLTlhLWZdezh9LVswLTlhLWZdezR9LVswLTlhLWZdezR9LVswLTlhLWZdezR9LVswLTlhLWZdezEyfSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJoZXJva3UiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiSHViU3BvdCBBUEkgVG9rZW4iCmlkID0gImh1YnNwb3QtYXBpLWtleSIKcmVnZXggPSAnJycoP2kpKD86aHVic3BvdCkoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KFswLTlBLUZdezh9LVswLTlBLUZdezR9LVswLTlBLUZdezR9LVswLTlBLUZdezR9LVswLTlBLUZdezEyfSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJodWJzcG90IiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkludGVyY29tIEFQSSBUb2tlbiIKaWQgPSAiaW50ZXJjb20tYXBpLWtleSIKcmVnZXggPSAnJycoP2kpKD86aW50ZXJjb20pKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS16MC05PV9cLV17NjB9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgImludGVyY29tIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkpTT04gV2ViIFRva2VuIgppZCA9ICJqd3QiCnJlZ2V4ID0gJycnKD9pKVxiKGV5WzAtOWEtel17MzAsMzR9XC5leVswLTlhLXotXC9fXXszMCw1MDB9XC5bMC05YS16QS1aLVwvX117MTAsMjAwfT17MCwyfSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCmtleXdvcmRzID0gWwogICAgImV5IiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIktyYWtlbiBBY2Nlc3MgVG9rZW4iCmlkID0gImtyYWtlbi1hY2Nlc3MtdG9rZW4iCnJlZ2V4ID0gJycnKD9pKSg/OmtyYWtlbikoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KFthLXowLTlcLz1fXCtcLV17ODAsOTB9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgImtyYWtlbiIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJLdWNvaW4gQWNjZXNzIFRva2VuIgppZCA9ICJrdWNvaW4tYWNjZXNzLXRva2VuIgpyZWdleCA9ICcnJyg/aSkoPzprdWNvaW4pKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS1mMC05XXsyNH0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAia3Vjb2luIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkt1Y29pbiBTZWNyZXQgS2V5IgppZCA9ICJrdWNvaW4tc2VjcmV0LWtleSIKcmVnZXggPSAnJycoP2kpKD86a3Vjb2luKSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oWzAtOWEtZl17OH0tWzAtOWEtZl17NH0tWzAtOWEtZl17NH0tWzAtOWEtZl17NH0tWzAtOWEtZl17MTJ9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgImt1Y29pbiIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJMYXVuY2hkYXJrbHkgQWNjZXNzIFRva2VuIgppZCA9ICJsYXVuY2hkYXJrbHktYWNjZXNzLXRva2VuIgpyZWdleCA9ICcnJyg/aSkoPzpsYXVuY2hkYXJrbHkpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS16MC05PV9cLV17NDB9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgImxhdW5jaGRhcmtseSIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJMaW5lYXIgQVBJIFRva2VuIgppZCA9ICJsaW5lYXItYXBpLWtleSIKcmVnZXggPSAnJydsaW5fYXBpXyg/aSlbYS16MC05XXs0MH0nJycKa2V5d29yZHMgPSBbCiAgICAibGluX2FwaV8iLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiTGluZWFyIENsaWVudCBTZWNyZXQiCmlkID0gImxpbmVhci1jbGllbnQtc2VjcmV0IgpyZWdleCA9ICcnJyg/aSkoPzpsaW5lYXIpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS1mMC05XXszMn0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAibGluZWFyIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkxpbmtlZEluIENsaWVudCBJRCIKaWQgPSAibGlua2VkaW4tY2xpZW50LWlkIgpyZWdleCA9ICcnJyg/aSkoPzpsaW5rZWRpbnxsaW5rZWQtaW4pKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS16MC05XXsxNH0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAibGlua2VkaW4iLCJsaW5rZWQtaW4iLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiTGlua2VkSW4gQ2xpZW50IHNlY3JldCIKaWQgPSAibGlua2VkaW4tY2xpZW50LXNlY3JldCIKcmVnZXggPSAnJycoP2kpKD86bGlua2VkaW58bGlua2VkLWluKSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oW2EtejAtOV17MTZ9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgImxpbmtlZGluIiwibGlua2VkLWluIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIkxvYiBBUEkgS2V5IgppZCA9ICJsb2ItYXBpLWtleSIKcmVnZXggPSAnJycoP2kpKD86bG9iKSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oKGxpdmV8dGVzdClfW2EtZjAtOV17MzV9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgInRlc3RfIiwibGl2ZV8iLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiTG9iIFB1Ymxpc2hhYmxlIEFQSSBLZXkiCmlkID0gImxvYi1wdWItYXBpLWtleSIKcmVnZXggPSAnJycoP2kpKD86bG9iKSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oKHRlc3R8bGl2ZSlfcHViX1thLWYwLTldezMxfSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJ0ZXN0X3B1YiIsImxpdmVfcHViIiwiX3B1YiIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJNYWlsY2hpbXAgQVBJIGtleSIKaWQgPSAibWFpbGNoaW1wLWFwaS1rZXkiCnJlZ2V4ID0gJycnKD9pKSg/Om1haWxjaGltcCkoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KFthLWYwLTldezMyfS11czIwKSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgIm1haWxjaGltcCIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJNYWlsZ3VuIHByaXZhdGUgQVBJIHRva2VuIgppZCA9ICJtYWlsZ3VuLXByaXZhdGUtYXBpLXRva2VuIgpyZWdleCA9ICcnJyg/aSkoPzptYWlsZ3VuKSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oa2V5LVthLWYwLTldezMyfSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJtYWlsZ3VuIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIk1haWxndW4gcHVibGljIHZhbGlkYXRpb24ga2V5IgppZCA9ICJtYWlsZ3VuLXB1Yi1rZXkiCnJlZ2V4ID0gJycnKD9pKSg/Om1haWxndW4pKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShwdWJrZXktW2EtZjAtOV17MzJ9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgIm1haWxndW4iLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiTWFpbGd1biB3ZWJob29rIHNpZ25pbmcga2V5IgppZCA9ICJtYWlsZ3VuLXNpZ25pbmcta2V5IgpyZWdleCA9ICcnJyg/aSkoPzptYWlsZ3VuKSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oW2EtaDAtOV17MzJ9LVthLWgwLTldezh9LVthLWgwLTldezh9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgIm1haWxndW4iLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiTWFwQm94IEFQSSB0b2tlbiIKaWQgPSAibWFwYm94LWFwaS10b2tlbiIKcmVnZXggPSAnJycoP2kpKD86bWFwYm94KSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0ocGtcLlthLXowLTldezYwfVwuW2EtejAtOV17MjJ9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgIm1hcGJveCIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJNYXR0ZXJtb3N0IEFjY2VzcyBUb2tlbiIKaWQgPSAibWF0dGVybW9zdC1hY2Nlc3MtdG9rZW4iCnJlZ2V4ID0gJycnKD9pKSg/Om1hdHRlcm1vc3QpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS16MC05XXsyNn0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAibWF0dGVybW9zdCIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJNZXNzYWdlQmlyZCBBUEkgdG9rZW4iCmlkID0gIm1lc3NhZ2ViaXJkLWFwaS10b2tlbiIKcmVnZXggPSAnJycoP2kpKD86bWVzc2FnZWJpcmR8bWVzc2FnZS1iaXJkfG1lc3NhZ2VfYmlyZCkoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KFthLXowLTldezI1fSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJtZXNzYWdlYmlyZCIsIm1lc3NhZ2UtYmlyZCIsIm1lc3NhZ2VfYmlyZCIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJNZXNzYWdlQmlyZCBjbGllbnQgSUQiCmlkID0gIm1lc3NhZ2ViaXJkLWNsaWVudC1pZCIKcmVnZXggPSAnJycoP2kpKD86bWVzc2FnZWJpcmR8bWVzc2FnZS1iaXJkfG1lc3NhZ2VfYmlyZCkoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KFswLTlhLWZdezh9LVswLTlhLWZdezR9LVswLTlhLWZdezR9LVswLTlhLWZdezR9LVswLTlhLWZdezEyfSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJtZXNzYWdlYmlyZCIsIm1lc3NhZ2UtYmlyZCIsIm1lc3NhZ2VfYmlyZCIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJNaWNyb3NvZnQgVGVhbXMgV2ViaG9vayIKaWQgPSAibWljcm9zb2Z0LXRlYW1zLXdlYmhvb2siCnJlZ2V4ID0gJycnaHR0cHM6XC9cL1thLXowLTldK1wud2ViaG9va1wub2ZmaWNlXC5jb21cL3dlYmhvb2tiMlwvW2EtejAtOV17OH0tKFthLXowLTldezR9LSl7M31bYS16MC05XXsxMn1AW2EtejAtOV17OH0tKFthLXowLTldezR9LSl7M31bYS16MC05XXsxMn1cL0luY29taW5nV2ViaG9va1wvW2EtejAtOV17MzJ9XC9bYS16MC05XXs4fS0oW2EtejAtOV17NH0tKXszfVthLXowLTldezEyfScnJwprZXl3b3JkcyA9IFsKICAgICJ3ZWJob29rLm9mZmljZS5jb20iLCJ3ZWJob29rYjIiLCJpbmNvbWluZ3dlYmhvb2siLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiTmV0bGlmeSBBY2Nlc3MgVG9rZW4iCmlkID0gIm5ldGxpZnktYWNjZXNzLXRva2VuIgpyZWdleCA9ICcnJyg/aSkoPzpuZXRsaWZ5KSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oW2EtejAtOT1fXC1dezQwLDQ2fSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJuZXRsaWZ5IiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIk5ldyBSZWxpYyBpbmdlc3QgYnJvd3NlciBBUEkgdG9rZW4iCmlkID0gIm5ldy1yZWxpYy1icm93c2VyLWFwaS10b2tlbiIKcmVnZXggPSAnJycoP2kpKD86bmV3LXJlbGljfG5ld3JlbGljfG5ld19yZWxpYykoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KE5SSlMtW2EtZjAtOV17MTl9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgIm5yanMtIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIk5ldyBSZWxpYyB1c2VyIEFQSSBJRCIKaWQgPSAibmV3LXJlbGljLXVzZXItYXBpLWlkIgpyZWdleCA9ICcnJyg/aSkoPzpuZXctcmVsaWN8bmV3cmVsaWN8bmV3X3JlbGljKSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oW2EtejAtOV17NjR9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgIm5ldy1yZWxpYyIsIm5ld3JlbGljIiwibmV3X3JlbGljIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIk5ldyBSZWxpYyB1c2VyIEFQSSBLZXkiCmlkID0gIm5ldy1yZWxpYy11c2VyLWFwaS1rZXkiCnJlZ2V4ID0gJycnKD9pKSg/Om5ldy1yZWxpY3xuZXdyZWxpY3xuZXdfcmVsaWMpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShOUkFLLVthLXowLTldezI3fSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJucmFrIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIm5wbSBhY2Nlc3MgdG9rZW4iCmlkID0gIm5wbS1hY2Nlc3MtdG9rZW4iCnJlZ2V4ID0gJycnKD9pKVxiKG5wbV9bYS16MC05XXszNn0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAibnBtXyIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJOeXRpbWVzIEFjY2VzcyBUb2tlbiIKaWQgPSAibnl0aW1lcy1hY2Nlc3MtdG9rZW4iCnJlZ2V4ID0gJycnKD9pKSg/Om55dGltZXN8bmV3LXlvcmstdGltZXMsfG5ld3lvcmt0aW1lcykoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KFthLXowLTk9X1wtXXszMn0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAibnl0aW1lcyIsIm5ldy15b3JrLXRpbWVzIiwibmV3eW9ya3RpbWVzIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIk9rdGEgQWNjZXNzIFRva2VuIgppZCA9ICJva3RhLWFjY2Vzcy10b2tlbiIKcmVnZXggPSAnJycoP2kpKD86b2t0YSkoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KFthLXowLTk9X1wtXXs0Mn0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAib2t0YSIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJQbGFpZCBBUEkgVG9rZW4iCmlkID0gInBsYWlkLWFwaS10b2tlbiIKcmVnZXggPSAnJycoP2kpKD86cGxhaWQpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShhY2Nlc3MtKD86c2FuZGJveHxkZXZlbG9wbWVudHxwcm9kdWN0aW9uKS1bMC05YS1mXXs4fS1bMC05YS1mXXs0fS1bMC05YS1mXXs0fS1bMC05YS1mXXs0fS1bMC05YS1mXXsxMn0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAicGxhaWQiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiUGxhaWQgQ2xpZW50IElEIgppZCA9ICJwbGFpZC1jbGllbnQtaWQiCnJlZ2V4ID0gJycnKD9pKSg/OnBsYWlkKSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oW2EtejAtOV17MjR9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgInBsYWlkIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIlBsYWlkIFNlY3JldCBrZXkiCmlkID0gInBsYWlkLXNlY3JldC1rZXkiCnJlZ2V4ID0gJycnKD9pKSg/OnBsYWlkKSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oW2EtejAtOV17MzB9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgInBsYWlkIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIlBsYW5ldFNjYWxlIEFQSSB0b2tlbiIKaWQgPSAicGxhbmV0c2NhbGUtYXBpLXRva2VuIgpyZWdleCA9ICcnJyg/aSlcYihwc2NhbGVfdGtuXyg/aSlbYS16MC05PVwtX1wuXXszMiw2NH0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAicHNjYWxlX3Rrbl8iLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiUGxhbmV0U2NhbGUgT0F1dGggdG9rZW4iCmlkID0gInBsYW5ldHNjYWxlLW9hdXRoLXRva2VuIgpyZWdleCA9ICcnJyg/aSlcYihwc2NhbGVfb2F1dGhfKD9pKVthLXowLTk9XC1fXC5dezMyLDY0fSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJwc2NhbGVfb2F1dGhfIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIlBsYW5ldFNjYWxlIHBhc3N3b3JkIgppZCA9ICJwbGFuZXRzY2FsZS1wYXNzd29yZCIKcmVnZXggPSAnJycoP2kpXGIocHNjYWxlX3B3Xyg/aSlbYS16MC05PVwtX1wuXXszMiw2NH0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAicHNjYWxlX3B3XyIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJQb3N0bWFuIEFQSSB0b2tlbiIKaWQgPSAicG9zdG1hbi1hcGktdG9rZW4iCnJlZ2V4ID0gJycnKD9pKVxiKFBNQUstKD9pKVthLWYwLTldezI0fVwtW2EtZjAtOV17MzR9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgInBtYWstIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIlByZWZlY3QgQVBJIHRva2VuIgppZCA9ICJwcmVmZWN0LWFwaS10b2tlbiIKcmVnZXggPSAnJycoP2kpXGIocG51X1thLXowLTldezM2fSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJwbnVfIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIlByaXZhdGUgS2V5IgppZCA9ICJwcml2YXRlLWtleSIKcmVnZXggPSAnJycoP2kpLS0tLS1CRUdJTlsgQS1aMC05Xy1dezAsMTAwfVBSSVZBVEUgS0VZKCBCTE9DSyk/LS0tLS1bXHNcUy1dKktFWS0tLS0nJycKa2V5d29yZHMgPSBbCiAgICAiLS0tLS1iZWdpbiIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJQdWx1bWkgQVBJIHRva2VuIgppZCA9ICJwdWx1bWktYXBpLXRva2VuIgpyZWdleCA9ICcnJyg/aSlcYihwdWwtW2EtZjAtOV17NDB9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgInB1bC0iLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiUHlQSSB1cGxvYWQgdG9rZW4iCmlkID0gInB5cGktdXBsb2FkLXRva2VuIgpyZWdleCA9ICcnJ3B5cGktQWdFSWNIbHdhUzV2Y21jW0EtWmEtejAtOVwtX117NTAsMTAwMH0nJycKa2V5d29yZHMgPSBbCiAgICAicHlwaS1hZ2VpY2hsd2FzNXZjbWMiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiUmFwaWRBUEkgQWNjZXNzIFRva2VuIgppZCA9ICJyYXBpZGFwaS1hY2Nlc3MtdG9rZW4iCnJlZ2V4ID0gJycnKD9pKSg/OnJhcGlkYXBpKSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oW2EtejAtOV8tXXs1MH0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAicmFwaWRhcGkiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiUmVhZG1lIEFQSSB0b2tlbiIKaWQgPSAicmVhZG1lLWFwaS10b2tlbiIKcmVnZXggPSAnJycoP2kpXGIocmRtZV9bYS16MC05XXs3MH0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAicmRtZV8iLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiUnVieWdlbSBBUEkgdG9rZW4iCmlkID0gInJ1YnlnZW1zLWFwaS10b2tlbiIKcmVnZXggPSAnJycoP2kpXGIocnVieWdlbXNfW2EtZjAtOV17NDh9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgInJ1YnlnZW1zXyIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJTZW5kYmlyZCBBY2Nlc3MgSUQiCmlkID0gInNlbmRiaXJkLWFjY2Vzcy1pZCIKcmVnZXggPSAnJycoP2kpKD86c2VuZGJpcmQpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbMC05YS1mXXs4fS1bMC05YS1mXXs0fS1bMC05YS1mXXs0fS1bMC05YS1mXXs0fS1bMC05YS1mXXsxMn0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAic2VuZGJpcmQiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiU2VuZGJpcmQgQWNjZXNzIFRva2VuIgppZCA9ICJzZW5kYmlyZC1hY2Nlc3MtdG9rZW4iCnJlZ2V4ID0gJycnKD9pKSg/OnNlbmRiaXJkKSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oW2EtZjAtOV17NDB9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgInNlbmRiaXJkIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIlNlbmRHcmlkIEFQSSB0b2tlbiIKaWQgPSAic2VuZGdyaWQtYXBpLXRva2VuIgpyZWdleCA9ICcnJyg/aSlcYihTR1wuKD9pKVthLXowLTk9X1wtXC5dezY2fSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJzZy4iLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiU2VuZGluYmx1ZSBBUEkgdG9rZW4iCmlkID0gInNlbmRpbmJsdWUtYXBpLXRva2VuIgpyZWdleCA9ICcnJyg/aSlcYih4a2V5c2liLVthLWYwLTldezY0fVwtKD9pKVthLXowLTldezE2fSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJ4a2V5c2liLSIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJTZW50cnkgQWNjZXNzIFRva2VuIgppZCA9ICJzZW50cnktYWNjZXNzLXRva2VuIgpyZWdleCA9ICcnJyg/aSkoPzpzZW50cnkpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS1mMC05XXs2NH0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAic2VudHJ5IiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIlNoaXBwbyBBUEkgdG9rZW4iCmlkID0gInNoaXBwby1hcGktdG9rZW4iCnJlZ2V4ID0gJycnKD9pKVxiKHNoaXBwb18obGl2ZXx0ZXN0KV9bYS1mMC05XXs0MH0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAic2hpcHBvXyIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJTaG9waWZ5IGFjY2VzcyB0b2tlbiIKaWQgPSAic2hvcGlmeS1hY2Nlc3MtdG9rZW4iCnJlZ2V4ID0gJycnc2hwYXRfW2EtZkEtRjAtOV17MzJ9JycnCmtleXdvcmRzID0gWwogICAgInNocGF0XyIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJTaG9waWZ5IGN1c3RvbSBhY2Nlc3MgdG9rZW4iCmlkID0gInNob3BpZnktY3VzdG9tLWFjY2Vzcy10b2tlbiIKcmVnZXggPSAnJydzaHBjYV9bYS1mQS1GMC05XXszMn0nJycKa2V5d29yZHMgPSBbCiAgICAic2hwY2FfIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIlNob3BpZnkgcHJpdmF0ZSBhcHAgYWNjZXNzIHRva2VuIgppZCA9ICJzaG9waWZ5LXByaXZhdGUtYXBwLWFjY2Vzcy10b2tlbiIKcmVnZXggPSAnJydzaHBwYV9bYS1mQS1GMC05XXszMn0nJycKa2V5d29yZHMgPSBbCiAgICAic2hwcGFfIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIlNob3BpZnkgc2hhcmVkIHNlY3JldCIKaWQgPSAic2hvcGlmeS1zaGFyZWQtc2VjcmV0IgpyZWdleCA9ICcnJ3NocHNzX1thLWZBLUYwLTldezMyfScnJwprZXl3b3JkcyA9IFsKICAgICJzaHBzc18iLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiU2lkZWtpcSBTZWNyZXQiCmlkID0gInNpZGVraXEtc2VjcmV0IgpyZWdleCA9ICcnJyg/aSkoPzpCVU5ETEVfRU5URVJQUklTRV9fQ09OVFJJQlNZU19fQ09NfEJVTkRMRV9HRU1TX19DT05UUklCU1lTX19DT00pKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS1mMC05XXs4fTpbYS1mMC05XXs4fSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJidW5kbGVfZW50ZXJwcmlzZV9fY29udHJpYnN5c19fY29tIiwiYnVuZGxlX2dlbXNfX2NvbnRyaWJzeXNfX2NvbSIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJTaWRla2lxIFNlbnNpdGl2ZSBVUkwiCmlkID0gInNpZGVraXEtc2Vuc2l0aXZlLXVybCIKcmVnZXggPSAnJycoP2kpXGIoaHR0cCg/OnM/Pyk6XC9cLykoW2EtZjAtOV17OH06W2EtZjAtOV17OH0pQCg/OmdlbXMuY29udHJpYnN5cy5jb218ZW50ZXJwcmlzZS5jb250cmlic3lzLmNvbSkoPzpbXC98XCN8XD98Ol18JCknJycKc2VjcmV0R3JvdXAgPSAyCmtleXdvcmRzID0gWwogICAgImdlbXMuY29udHJpYnN5cy5jb20iLCJlbnRlcnByaXNlLmNvbnRyaWJzeXMuY29tIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIlNsYWNrIHRva2VuIgppZCA9ICJzbGFjay1hY2Nlc3MtdG9rZW4iCnJlZ2V4ID0gJycneG94W2JhcHJzXS0oWzAtOWEtekEtWl17MTAsNDh9KScnJwprZXl3b3JkcyA9IFsKICAgICJ4b3hiIiwieG94YSIsInhveHAiLCJ4b3hyIiwieG94cyIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJTbGFjayBXZWJob29rIgppZCA9ICJzbGFjay13ZWItaG9vayIKcmVnZXggPSAnJydodHRwczpcL1wvaG9va3Muc2xhY2suY29tXC8oc2VydmljZXN8d29ya2Zsb3dzKVwvW0EtWmEtejAtOStcL117NDQsNDZ9JycnCmtleXdvcmRzID0gWwogICAgImhvb2tzLnNsYWNrLmNvbSIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJTcXVhcmUgQWNjZXNzIFRva2VuIgppZCA9ICJzcXVhcmUtYWNjZXNzLXRva2VuIgpyZWdleCA9ICcnJyg/aSlcYihzcTBhdHAtWzAtOUEtWmEtelwtX117MjJ9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKa2V5d29yZHMgPSBbCiAgICAic3EwYXRwLSIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJTcXVhcmVzcGFjZSBBY2Nlc3MgVG9rZW4iCmlkID0gInNxdWFyZXNwYWNlLWFjY2Vzcy10b2tlbiIKcmVnZXggPSAnJycoP2kpKD86c3F1YXJlc3BhY2UpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbMC05YS1mXXs4fS1bMC05YS1mXXs0fS1bMC05YS1mXXs0fS1bMC05YS1mXXs0fS1bMC05YS1mXXsxMn0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAic3F1YXJlc3BhY2UiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiU3RyaXBlIgppZCA9ICJzdHJpcGUtYWNjZXNzLXRva2VuIgpyZWdleCA9ICcnJyg/aSkoc2t8cGspXyh0ZXN0fGxpdmUpX1swLTlhLXpdezEwLDMyfScnJwprZXl3b3JkcyA9IFsKICAgICJza190ZXN0IiwicGtfdGVzdCIsInNrX2xpdmUiLCJwa19saXZlIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIlN1bW9Mb2dpYyBBY2Nlc3MgSUQiCmlkID0gInN1bW9sb2dpYy1hY2Nlc3MtaWQiCnJlZ2V4ID0gJycnKD9pKSg/OnN1bW8pKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS16MC05XXsxNH0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAic3VtbyIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJTdW1vTG9naWMgQWNjZXNzIFRva2VuIgppZCA9ICJzdW1vbG9naWMtYWNjZXNzLXRva2VuIgpyZWdleCA9ICcnJyg/aSkoPzpzdW1vKSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oW2EtejAtOV17NjR9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgInN1bW8iLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiVGVsZWdyYW0gQm90IEFQSSBUb2tlbiIKaWQgPSAidGVsZWdyYW0tYm90LWFwaS10b2tlbiIKcmVnZXggPSAnJycoP2kpKD86XnxbXjAtOV0pKFswLTldezUsMTZ9OkFbYS16QS1aMC05X1wtXXszNH0pKD86JHxbXmEtekEtWjAtOV9cLV0pJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJ0ZWxlZ3JhbSIsImFwaSIsImJvdCIsInRva2VuIiwidXJsIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIlRyYXZpcyBDSSBBY2Nlc3MgVG9rZW4iCmlkID0gInRyYXZpc2NpLWFjY2Vzcy10b2tlbiIKcmVnZXggPSAnJycoP2kpKD86dHJhdmlzKSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oW2EtejAtOV17MjJ9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgInRyYXZpcyIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJUd2lsaW8gQVBJIEtleSIKaWQgPSAidHdpbGlvLWFwaS1rZXkiCnJlZ2V4ID0gJycnU0tbMC05YS1mQS1GXXszMn0nJycKa2V5d29yZHMgPSBbCiAgICAidHdpbGlvIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIlR3aXRjaCBBUEkgdG9rZW4iCmlkID0gInR3aXRjaC1hcGktdG9rZW4iCnJlZ2V4ID0gJycnKD9pKSg/OnR3aXRjaCkoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KFthLXowLTldezMwfSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJ0d2l0Y2giLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiVHdpdHRlciBBY2Nlc3MgU2VjcmV0IgppZCA9ICJ0d2l0dGVyLWFjY2Vzcy1zZWNyZXQiCnJlZ2V4ID0gJycnKD9pKSg/OnR3aXR0ZXIpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS16MC05XXs0NX0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAidHdpdHRlciIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJUd2l0dGVyIEFjY2VzcyBUb2tlbiIKaWQgPSAidHdpdHRlci1hY2Nlc3MtdG9rZW4iCnJlZ2V4ID0gJycnKD9pKSg/OnR3aXR0ZXIpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbMC05XXsxNSwyNX0tW2EtekEtWjAtOV17MjAsNDB9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgInR3aXR0ZXIiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiVHdpdHRlciBBUEkgS2V5IgppZCA9ICJ0d2l0dGVyLWFwaS1rZXkiCnJlZ2V4ID0gJycnKD9pKSg/OnR3aXR0ZXIpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS16MC05XXsyNX0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAidHdpdHRlciIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJUd2l0dGVyIEFQSSBTZWNyZXQiCmlkID0gInR3aXR0ZXItYXBpLXNlY3JldCIKcmVnZXggPSAnJycoP2kpKD86dHdpdHRlcikoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KFthLXowLTldezUwfSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJ0d2l0dGVyIiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIlR3aXR0ZXIgQmVhcmVyIFRva2VuIgppZCA9ICJ0d2l0dGVyLWJlYXJlci10b2tlbiIKcmVnZXggPSAnJycoP2kpKD86dHdpdHRlcikoPzpbMC05YS16XC1fXHQgLl17MCwyMH0pKD86W1xzfCddfFtcc3wiXSl7MCwzfSg/Oj18Pnw6PXxcfFx8Onw8PXw9Pnw6KSg/Oid8XCJ8XHN8PXxceDYwKXswLDV9KEF7MjJ9W2EtekEtWjAtOSVdezgwLDEwMH0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAidHdpdHRlciIsCl0KCltbcnVsZXNdXQpkZXNjcmlwdGlvbiA9ICJUeXBlZm9ybSBBUEkgdG9rZW4iCmlkID0gInR5cGVmb3JtLWFwaS10b2tlbiIKcmVnZXggPSAnJycoP2kpKD86dHlwZWZvcm0pKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fSh0ZnBfW2EtejAtOVwtX1wuPV17NTl9KSg/OlsnfFwifFxufFxyfFxzfFx4NjB8O118JCknJycKc2VjcmV0R3JvdXAgPSAxCmtleXdvcmRzID0gWwogICAgInRmcF8iLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiVmF1bHQgQmF0Y2ggVG9rZW4iCmlkID0gInZhdWx0LWJhdGNoLXRva2VuIgpyZWdleCA9ICcnJyg/aSlcYihodmJcLlthLXowLTlfLV17MTM4LDIxMn0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwprZXl3b3JkcyA9IFsKICAgICJodmIiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiVmF1bHQgU2VydmljZSBUb2tlbiIKaWQgPSAidmF1bHQtc2VydmljZS10b2tlbiIKcmVnZXggPSAnJycoP2kpXGIoaHZzXC5bYS16MC05Xy1dezkwLDEwMH0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwprZXl3b3JkcyA9IFsKICAgICJodnMiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiWWFuZGV4IEFjY2VzcyBUb2tlbiIKaWQgPSAieWFuZGV4LWFjY2Vzcy10b2tlbiIKcmVnZXggPSAnJycoP2kpKD86eWFuZGV4KSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0odDFcLltBLVowLTlhLXpfLV0rWz1dezAsMn1cLltBLVowLTlhLXpfLV17ODZ9Wz1dezAsMn0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAieWFuZGV4IiwKXQoKW1tydWxlc11dCmRlc2NyaXB0aW9uID0gIllhbmRleCBBUEkgS2V5IgppZCA9ICJ5YW5kZXgtYXBpLWtleSIKcmVnZXggPSAnJycoP2kpKD86eWFuZGV4KSg/OlswLTlhLXpcLV9cdCAuXXswLDIwfSkoPzpbXHN8J118W1xzfCJdKXswLDN9KD86PXw+fDo9fFx8XHw6fDw9fD0+fDopKD86J3xcInxcc3w9fFx4NjApezAsNX0oQVFWTltBLVphLXowLTlfXC1dezM1LDM4fSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJ5YW5kZXgiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiWWFuZGV4IEFXUyBBY2Nlc3MgVG9rZW4iCmlkID0gInlhbmRleC1hd3MtYWNjZXNzLXRva2VuIgpyZWdleCA9ICcnJyg/aSkoPzp5YW5kZXgpKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShZQ1thLXpBLVowLTlfXC1dezM4fSkoPzpbJ3xcInxcbnxccnxcc3xceDYwfDtdfCQpJycnCnNlY3JldEdyb3VwID0gMQprZXl3b3JkcyA9IFsKICAgICJ5YW5kZXgiLApdCgpbW3J1bGVzXV0KZGVzY3JpcHRpb24gPSAiWmVuZGVzayBTZWNyZXQgS2V5IgppZCA9ICJ6ZW5kZXNrLXNlY3JldC1rZXkiCnJlZ2V4ID0gJycnKD9pKSg/OnplbmRlc2spKD86WzAtOWEtelwtX1x0IC5dezAsMjB9KSg/Oltcc3wnXXxbXHN8Il0pezAsM30oPzo9fD58Oj18XHxcfDp8PD18PT58OikoPzonfFwifFxzfD18XHg2MCl7MCw1fShbYS16MC05XXs0MH0pKD86Wyd8XCJ8XG58XHJ8XHN8XHg2MHw7XXwkKScnJwpzZWNyZXRHcm91cCA9IDEKa2V5d29yZHMgPSBbCiAgICAiemVuZGVzayIsCl0KCg== +--- +# Source: resc/charts/resc-vcs-instances/templates/vcs_instances_configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: resc-vcs-instances-config + namespace: resc + labels: + app: resc +data: + vcs_instances_config.json: | + { + + "AzureDevOps": { + "name": "AzureDevOps", + "exceptions": [], + "provider_type": "AZURE_DEVOPS", + "hostname": "dev.azure.com", + "port": "443", + "scheme": "https", + "username": "AZURE_DEVOPS_USERNAME", + "token": "AZURE_DEVOPS_TOKEN", + "scope": ["GRD0001045"], + "organization": "cbsp-abnamro" + } + } +--- +# Source: resc/charts/resc-vcs-scanner-secrets/templates/vcs_scanner_secrets_configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: resc-vcs-scanner-secrets-config + namespace: resc + labels: + app: resc +data: + + RABBITMQ_QUEUE: "repositories" + + + FORCE_BASE_SCAN: "false" + + + GITLEAKS_PATH: /vcs_scanner/gitleaks_config/seco-gitleaks-linux-amd64 + + + DEBUG_MODE: "0" + + + VCS_INSTANCES_FILE_PATH: "/tmp/vcs_instances_config.json" +--- +# Source: resc/charts/resc-vcs-scraper-projects/templates/vcs_scraper_projects_configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: resc-vcs-scraper-projects-config + namespace: resc + labels: + app: resc +data: + + DEBUG_MODE: "0" + + + VCS_INSTANCES_FILE_PATH: "/tmp/vcs_instances_config.json" +--- +# Source: resc/charts/resc-vcs-scraper-repositories/templates/vcs_scraper_repositories_configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: resc-vcs-scraper-repositories-config + namespace: resc + labels: + app: resc +data: + + DEBUG_MODE: "0" + + + VCS_INSTANCES_FILE_PATH: "/tmp/vcs_instances_config.json" +--- +# Source: resc/charts/resc-web-service-no-auth/templates/web_service_no_auth_configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: resc-web-service-config-no-auth + namespace: resc + labels: + app: resc +data: + + RESC_REDIS_CACHE_ENABLE: "true" + + + AUTHENTICATION_REQUIRED: "false" + + + MSSQL_SCHEMA: master + + + ENABLE_CORS: "false" + + + SSO_ACCESS_TOKEN_ISSUER_URL: notApplicable + + + SSO_ACCESS_TOKEN_JWKS_URL: notApplicable + + + SSO_JWT_SIGN_ALGORITHM: notApplicable + + + SSO_JWT_REQUIRED_CLAIMS: notApplicable + + + + SSO_JWT_CLAIM_KEY_AUTHORIZATION: notApplicable + + + SSO_JWT_CLAIM_VALUE_AUTHORIZATION: notApplicable + + + CORS_ALLOWED_DOMAINS: notApplicable + + + MSSQL_DB_PORT: "1433" + + + MSSQL_USERNAME: sa + + + MSSQL_ODBC_DRIVER: ODBC Driver 18 for SQL Server + + + + MSSQL_DSN: rescdb + + odbc.ini: | + [rescdb] + Driver = ODBC Driver 18 for SQL Server + Server = tcp:,1433 + Authentication = ActiveDirectoryMsi +--- +# Source: resc/charts/resc-web-service/templates/web_service_configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: resc-web-service-config + namespace: resc + labels: + app: resc +data: + + RESC_REDIS_CACHE_ENABLE: "true" + + + AUTHENTICATION_REQUIRED: "false" + + + MSSQL_SCHEMA: master + + + ENABLE_CORS: "true" + + + SSO_ACCESS_TOKEN_ISSUER_URL: https://vm00000617.nl.eu.abnamro.com:9032 + + + SSO_ACCESS_TOKEN_JWKS_URL: https://security-ifs-test.connect.abnamro.com:9031/ext/employeeoidc/jwks + + + + + + + + CORS_ALLOWED_DOMAINS: http://localhost:8080, http://localhost:30000 + + + MSSQL_DB_PORT: "1433" + + + MSSQL_USERNAME: sa + + + MSSQL_ODBC_DRIVER: ODBC Driver 18 for SQL Server + + + + MSSQL_DSN: rescdb + + odbc.ini: | + [rescdb] + Driver = ODBC Driver 18 for SQL Server + Server = tcp:,1433 + Authentication = ActiveDirectoryMsi +--- +# Source: resc/charts/resc-database/templates/database_persistent_volume.yaml +apiVersion: v1 +kind: PersistentVolume +metadata: + name: resc-database-pv-volume + namespace: resc + annotations: + pv.beta.kubernetes.io/gid: "999" + labels: + type: local +spec: + storageClassName: resc-sql-storage + capacity: + storage: 10Gi + accessModes: + - ReadWriteOnce + persistentVolumeReclaimPolicy: Retain + + hostPath: + path: /Users/amrityamrout/resc1/resc-db-storage +--- +# Source: resc/charts/resc-rabbitmq/templates/rabbitmq_persistent_volume.yaml +apiVersion: v1 +kind: PersistentVolume +metadata: + name: resc-mq-pv-volume + namespace: resc + annotations: + pv.beta.kubernetes.io/gid: "999" + labels: + type: local +spec: + storageClassName: resc-mq-storage + capacity: + storage: 10Gi + accessModes: + - ReadWriteMany + persistentVolumeReclaimPolicy: Retain + + + hostPath: + path: /Users/amrityamrout/resc1/resc-rabbitmq-storage +--- +# Source: resc/charts/resc-database/templates/database_persistent_volume_claim.yaml +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: resc-database-pv-volume-claim + namespace: resc +spec: + storageClassName: resc-sql-storage + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi +--- +# Source: resc/charts/resc-rabbitmq/templates/rabbitmq_persistent_volume_claim.yaml +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: resc-mq-pv-volume-claim + namespace: resc +spec: + storageClassName: resc-mq-storage + accessModes: + - ReadWriteMany + resources: + requests: + storage: 10Gi +--- +# Source: resc/charts/resc-database/templates/database_service.yaml +apiVersion: v1 +kind: Service +metadata: + name: resc-ms-database + namespace: resc + labels: + app: resc + tier: ms-database + annotations: + datree.skip/SERVICE_INCORRECT_TYPE_VALUE_NODEPORT: irrelevant as its only exposed for local environment and can be enabled/disabled from env specific values.yaml +spec: + + type: NodePort + + ports: + - port: 1433 + targetPort: 1433 + + nodePort: 30880 + + selector: + app: resc + tier: ms-database +--- +# Source: resc/charts/resc-frontend/templates/frontend_service.yaml +apiVersion: v1 +kind: Service +metadata: + name: resc-frontend + namespace: resc + labels: + app: resc + tier: frontend + annotations: + datree.skip/SERVICE_INCORRECT_TYPE_VALUE_NODEPORT: irrelevant as frontend needs to be exposed outside of the cluster +spec: + + type: NodePort + + ports: + - port: 8080 + targetPort: 8080 + + nodePort: 30000 + + selector: + app: resc + tier: frontend +--- +# Source: resc/charts/resc-rabbitmq/templates/rabbitmq_service.yaml +apiVersion: v1 +kind: Service +metadata: + name: resc-rabbitmq + namespace: resc + labels: + app: resc + tier: rabbitmq + annotations: + datree.skip/SERVICE_INCORRECT_TYPE_VALUE_NODEPORT: irrelevant as its only exposed for local environment and can be enabled/disabled from env specific values.yaml +spec: + + type: NodePort + + ports: + - port: 5672 + targetPort: 5672 + name: amqp + + nodePort: 30902 + + - port: 15672 + targetPort: 15672 + name: mgmt + + nodePort: 30901 + + selector: + app: resc + tier: rabbitmq +--- +# Source: resc/charts/resc-redis/templates/redis_service.yaml +apiVersion: v1 +kind: Service +metadata: + name: resc-redis + namespace: resc + labels: + app: resc + tier: redis + annotations: + datree.skip/SERVICE_INCORRECT_TYPE_VALUE_NODEPORT: irrelevant as its only exposed for local environment and can be enabled/disabled from env specific values.yaml +spec: + + type: NodePort + + ports: + - port: 6379 + targetPort: 6379 + name: redis + + nodePort: 32379 + + selector: + app: resc + tier: redis +--- +# Source: resc/charts/resc-web-service-no-auth/templates/web_service_no_auth_service.yaml +apiVersion: v1 +kind: Service +metadata: + name: resc-api-no-auth + namespace: resc + labels: + app: resc + tier: api-no-auth + annotations: + datree.skip/SERVICE_INCORRECT_TYPE_VALUE_NODEPORT: irrelevant as its only exposed for local environment and can be enabled/disabled from env specific values.yaml +spec: + + type: NodePort + + ports: + - port: 8000 + targetPort: 8000 + + nodePort: 30900 + + selector: + app: resc + tier: api-no-auth +--- +# Source: resc/charts/resc-web-service/templates/web_service_service.yaml +apiVersion: v1 +kind: Service +metadata: + name: resc-api + namespace: resc + labels: + app: resc + tier: api + annotations: + datree.skip/SERVICE_INCORRECT_TYPE_VALUE_NODEPORT: irrelevant as its only exposed for local environment and can be enabled/disabled from env specific values.yaml +spec: + + type: NodePort + + ports: + - port: 8000 + targetPort: 8000 + + nodePort: 30800 + + selector: + app: resc + tier: api +--- +# Source: resc/charts/resc-database/templates/database_deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: resc-db + namespace: resc +spec: + selector: + matchLabels: + app: resc + tier: ms-database + replicas: 1 + template: + metadata: + annotations: + container.apparmor.security.beta.kubernetes.io/resc-db: unconfined + labels: + app: resc + tier: ms-database + kubeaudit.io/allow-disabled-apparmor: "apparmor-needs-to-be-installed-on-host" + kubeaudit.io/allow-capability-net-bind-service: "required-by-sqlserver-to-bind-the-default-MSDTC-RPC-on-port-135" + kubeaudit.io/allow-read-only-root-filesystem-false: "required-to-write-database-files" + spec: + volumes: + - name: resc-database-pv-storage + persistentVolumeClaim: + claimName: resc-database-pv-volume-claim + containers: + - name: resc-db + image: mcr.microsoft.com/azure-sql-edge:1.0.7 + imagePullPolicy: IfNotPresent + resources: + requests: + cpu: 200m + memory: 500M + limits: + cpu: 2 + memory: 2G + env: + - name: GET_HOSTS_FROM + value: dns + envFrom: + - configMapRef: + name: resc-database-config + - secretRef: + name: resc-database-secret + volumeMounts: + - mountPath: "/var/opt/mssql/data" + name: resc-database-pv-storage + ports: + - containerPort: 1433 + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: false + privileged: false + capabilities: + drop: + - ALL + add: + - NET_BIND_SERVICE + runAsNonRoot: true + runAsUser: 10001 + seccompProfile: + type: RuntimeDefault + livenessProbe: + tcpSocket: + port: 1433 + initialDelaySeconds: 20 + periodSeconds: 60 + timeoutSeconds: 10 + readinessProbe: + tcpSocket: + port: 1433 + initialDelaySeconds: 20 + periodSeconds: 60 + timeoutSeconds: 10 + automountServiceAccountToken: false +--- +# Source: resc/charts/resc-frontend/templates/frontend_deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: resc-frontend + namespace: resc + annotations: + datree.skip/CONTAINERS_INCORRECT_RUNASUSER_VALUE_LOWUID: irrelevant for nginx docker image, skipping. +spec: + replicas: 1 + selector: + matchLabels: + app: resc + tier: frontend + template: + metadata: + annotations: + rollme: "B9um9" + container.apparmor.security.beta.kubernetes.io/resc-frontend: unconfined + labels: + app: resc + tier: frontend + kubeaudit.io/allow-disabled-apparmor: "apparmor-needs-to-be-installed-on-host" + kubeaudit.io/allow-read-only-root-filesystem-false: "required-to-write-log-files" + spec: + containers: + - name: resc-frontend + image: p-nexus-3.development.nl.eu.abnamro.com:18443/resc/resc-frontend:1.4.0 + imagePullPolicy: IfNotPresent + resources: + requests: + cpu: 100m + memory: 100M + limits: + cpu: 100m + memory: 100M + env: + - name: GET_HOSTS_FROM + value: dns + envFrom: + - configMapRef: + name: resc-frontend-config + ports: + - containerPort: 8080 + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: false + privileged: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + runAsNonRoot: true + runAsUser: 101 + livenessProbe: + httpGet: + port: 8080 + path: /login + initialDelaySeconds: 20 + periodSeconds: 60 + timeoutSeconds: 10 + readinessProbe: + httpGet: + port: 8080 + path: /healthz + initialDelaySeconds: 20 + periodSeconds: 60 + timeoutSeconds: 10 + + automountServiceAccountToken: false +--- +# Source: resc/charts/resc-redis/templates/redis_deployement.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: resc-redis + namespace: resc +spec: + selector: + matchLabels: + app: resc + tier: redis + replicas: 1 + template: + metadata: + labels: + + app: resc + tier: redis + annotations: + rollme: "pPLet" + spec: + + containers: + - name: resc-redis + image: redis:7.0.11-alpine + imagePullPolicy: IfNotPresent + command: ["sh", "-c"] + args: [" redis-server /redis-master/redis.conf --requirepass \"$REDIS_PASSWORD\""] + env: + - name: MASTER + value: "true" + envFrom: + + - secretRef: + name: resc-redis-secret + + ports: + - containerPort: 6379 + resources: + requests: + cpu: 250m + memory: 256Mi + limits: + cpu: 250m + memory: 256Mi + volumeMounts: + - mountPath: /redis-master-data + name: data + - mountPath: /redis-master + name: config + readinessProbe: + tcpSocket: + port: 6379 + initialDelaySeconds: 20 + periodSeconds: 60 + timeoutSeconds: 10 + livenessProbe: + exec: + command: + - sh + - -c + - "output=$(redis-cli -p $RESC_REDIS_SERVICE_PORT -a $REDIS_PASSWORD ping); if [ \"$output\" = \"PONG\" ]; then exit 0; else exit 1; fi" + initialDelaySeconds: 20 + periodSeconds: 60 + timeoutSeconds: 10 + volumes: + - name: data + emptyDir: {} + - name: config + configMap: + name: resc-redis-config + items: + - key: redis-config + path: redis.conf +--- +# Source: resc/charts/resc-vcs-scanner-secrets/templates/vcs_scanner_secrets_deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: resc-vcs-scanner-secrets + namespace: resc +spec: + replicas: 1 + selector: + matchLabels: + tier: resc-vcs-scanner-secrets + template: + metadata: + labels: + + tier: resc-vcs-scanner-secrets + kubeaudit.io/allow-disabled-apparmor: "apparmor-needs-to-be-installed-on-host" + kubeaudit.io/allow-read-only-root-filesystem-false: "required-to-write-log-files" + annotations: + rollme: "WDDj0" + container.apparmor.security.beta.kubernetes.io/resc--vcs-scanner-secrets: unconfined + spec: + + containers: + - name: resc--vcs-scanner-secrets + image: p-nexus-3.development.nl.eu.abnamro.com:18443/resc/resc-vcs-scanner:1.4.0 + imagePullPolicy: IfNotPresent + command: ["sh", "-c"] + args: [" celery -A vcs_scanner.secret_scanners.celery_worker worker --loglevel=INFO -E -Q repositories --concurrency=1 --prefetch-multiplier=1"] + resources: + requests: + cpu: 300m + memory: 300M + limits: + cpu: 750m + memory: 750M + envFrom: + - configMapRef: + name: resc-vcs-scanner-secrets-config + - configMapRef: + name: resc-rabbitmq-config + + - secretRef: + name: resc-vcs-instances-secret + - secretRef: + name: resc-rabbitmq-user-secret + + volumeMounts: + - name: config-volume + mountPath: /tmp/vcs_instances_config.json + subPath: vcs_instances_config.json + env: + - name: GET_HOSTS_FROM + value: dns + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: false + privileged: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + runAsNonRoot: true + runAsUser: 10001 + readinessProbe: + exec: + command: + - sh + - -c + - celery -A vcs_scanner.secret_scanners.celery_worker inspect ping -d celery@$HOSTNAME | grep -q "pong" && exit 0 || exit 1 + initialDelaySeconds: 30 + periodSeconds: 60 + timeoutSeconds: 120 + livenessProbe: + exec: + command: + - sh + - -c + - celery -A vcs_scanner.secret_scanners.celery_worker inspect ping -d celery@$HOSTNAME | grep -q "pong" && exit 0 || exit 1 + initialDelaySeconds: 60 + periodSeconds: 60 + timeoutSeconds: 120 + volumes: + - name: config-volume + configMap: + name: resc-vcs-instances-config + restartPolicy: Always + + + automountServiceAccountToken: false +--- +# Source: resc/charts/resc-vcs-scraper-repositories/templates/vcs_scraper_repositories_deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: resc-vcs-scraper-repositories + namespace: resc +spec: + selector: + matchLabels: + app: resc + tier: vcs-scraper-repositories + replicas: 1 + template: + metadata: + labels: + + app: resc + tier: vcs-scraper-repositories + kubeaudit.io/allow-disabled-apparmor: "apparmor-needs-to-be-installed-on-host" + kubeaudit.io/allow-read-only-root-filesystem-false: "required-to-write-log-files" + annotations: + rollme: "Q1sL2" + container.apparmor.security.beta.kubernetes.io/resc--vcs-scraper-repositories: unconfined + spec: + + containers: + - name: resc--vcs-scraper-repositories + image: p-nexus-3.development.nl.eu.abnamro.com:18443/resc/resc-vcs-scraper:1.4.0 + imagePullPolicy: IfNotPresent + command: ["sh", "-c"] + args: [ " celery -A vcs_scraper.repository_collector.common worker --loglevel=INFO -E -Q projects"] + resources: + requests: + cpu: 300m + memory: 300M + limits: + cpu: 750m + memory: 750M + envFrom: + - configMapRef: + name: resc-vcs-scraper-repositories-config + - configMapRef: + name: resc-rabbitmq-config + + - secretRef: + name: resc-vcs-instances-secret + - secretRef: + name: resc-rabbitmq-user-secret + + volumeMounts: + - name: config-volume + mountPath: /tmp/vcs_instances_config.json + subPath: vcs_instances_config.json + env: + - name: GET_HOSTS_FROM + value: dns + securityContext: + + allowPrivilegeEscalation: false + + readOnlyRootFilesystem: false + privileged: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + runAsNonRoot: true + runAsUser: 10001 + readinessProbe: + exec: + command: + - sh + - -c + - celery -A vcs_scraper.repository_collector.common inspect ping -d celery@$HOSTNAME | grep -q "pong" && exit 0 || exit 1 + initialDelaySeconds: 60 + periodSeconds: 60 + timeoutSeconds: 120 + livenessProbe: + exec: + command: + - sh + - -c + - celery -A vcs_scraper.repository_collector.common inspect ping -d celery@$HOSTNAME | grep -q "pong" && exit 0 || exit 1 + initialDelaySeconds: 60 + periodSeconds: 60 + timeoutSeconds: 120 + volumes: + - name: config-volume + configMap: + name: resc-vcs-instances-config + restartPolicy: Always + + + automountServiceAccountToken: false +--- +# Source: resc/charts/resc-web-service-no-auth/templates/web_service_no_auth_deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: resc-web-service-no-auth + namespace: resc +spec: + replicas: 1 + selector: + matchLabels: + app: resc + tier: api-no-auth + template: + metadata: + annotations: + rollme: "7Il4y" + container.apparmor.security.beta.kubernetes.io/resc-api: unconfined + labels: + + app: resc + tier: api-no-auth + kubeaudit.io/allow-disabled-apparmor: "apparmor-needs-to-be-installed-on-host" + kubeaudit.io/allow-read-only-root-filesystem-false: "required-to-write-log-files" + spec: + + containers: + - name: resc-api + image: p-nexus-3.development.nl.eu.abnamro.com:18443/resc/resc-backend:1.4.0 + imagePullPolicy: IfNotPresent + command: ["sh", "-c"] + args: ["export MSSQL_DB_HOST=$RESC_MS_DATABASE_SERVICE_HOST; cp /tmp/odbc.ini ~/.odbc.ini; uvicorn resc_backend.resc_web_service.api:app --workers 1 --host 0.0.0.0 --port 8000"] + resources: + requests: + cpu: 400m + memory: 400M + limits: + cpu: 750m + memory: 1G + env: + - name: GET_HOSTS_FROM + value: dns + envFrom: + - configMapRef: + name: resc-web-service-config-no-auth + - secretRef: + name: resc-web-service-secret + ports: + - containerPort: 8000 + volumeMounts: + - name: config-volume + mountPath: /tmp/odbc.ini + subPath: odbc.ini + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: false + privileged: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + runAsNonRoot: true + runAsUser: 10001 + livenessProbe: + httpGet: + path: /resc/v1/health + port: 8000 + initialDelaySeconds: 20 + periodSeconds: 300 + timeoutSeconds: 10 + readinessProbe: + httpGet: + path: /resc/v1/health + port: 8000 + initialDelaySeconds: 20 + periodSeconds: 300 + timeoutSeconds: 10 + volumes: + - name: config-volume + configMap: + name: resc-web-service-config-no-auth + + + automountServiceAccountToken: false +--- +# Source: resc/charts/resc-web-service/templates/web_service_deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: resc-web-service + namespace: resc +spec: + replicas: 1 + selector: + matchLabels: + app: resc + tier: api + template: + metadata: + annotations: + rollme: "Jq9D1" + container.apparmor.security.beta.kubernetes.io/resc-api: unconfined + labels: + + app: resc + tier: api + kubeaudit.io/allow-disabled-apparmor: "apparmor-needs-to-be-installed-on-host" + kubeaudit.io/allow-read-only-root-filesystem-false: "required-to-write-log-files" + spec: + + containers: + - name: resc-api + image: p-nexus-3.development.nl.eu.abnamro.com:18443/resc/resc-backend:1.4.0 + imagePullPolicy: IfNotPresent + command: ["sh", "-c"] + args: ["export MSSQL_DB_HOST=$RESC_MS_DATABASE_SERVICE_HOST; cp /tmp/odbc.ini ~/.odbc.ini; uvicorn resc_backend.resc_web_service.api:app --workers 1 --host 0.0.0.0 --port 8000"] + resources: + requests: + cpu: 400m + memory: 400M + limits: + cpu: 750m + memory: 1G + env: + - name: GET_HOSTS_FROM + value: dns + envFrom: + - configMapRef: + name: resc-web-service-config + - secretRef: + name: resc-web-service-secret + ports: + - containerPort: 8000 + volumeMounts: + - name: config-volume + mountPath: /tmp/odbc.ini + subPath: odbc.ini + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: false + privileged: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + runAsNonRoot: true + runAsUser: 10001 + livenessProbe: + httpGet: + path: /resc/v1/health + port: 8000 + initialDelaySeconds: 20 + periodSeconds: 300 + timeoutSeconds: 10 + readinessProbe: + httpGet: + path: /resc/v1/health + port: 8000 + initialDelaySeconds: 20 + periodSeconds: 300 + timeoutSeconds: 10 + volumes: + - name: config-volume + configMap: + name: resc-web-service-config + + + automountServiceAccountToken: false +--- +# Source: resc/charts/resc-rabbitmq/templates/rabbitmq_statefulset.yaml +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: resc-mq + namespace: resc +spec: + serviceName: "rabbitmq" + selector: + matchLabels: + app: resc + tier: rabbitmq + replicas: 1 + template: + metadata: + labels: + + app: resc + tier: rabbitmq + kubeaudit.io/allow-disabled-apparmor: "apparmor-needs-to-be-installed-on-host" + kubeaudit.io/allow-read-only-root-filesystem-false: "required-to-write-log-files" + kubeaudit.io/allow-capability-setgid: "required-by-raabitmq-to-set-group-identitys" + kubeaudit.io/allow-capability-setuid: "required-by-raabitmq-to-set-user-identity" + annotations: + rollme: "gg1pt" + container.apparmor.security.beta.kubernetes.io/resc-mq: unconfined + spec: + + volumes: + - name: resc-rabbitmq-config-volume + configMap: + name: resc-rabbitmq-config + - name: resc-mq-pv-storage + persistentVolumeClaim: + claimName: resc-mq-pv-volume-claim + + containers: + - name: resc-mq + image: rabbitmq:3.11.9-management-alpine + imagePullPolicy: IfNotPresent + command: ["sh", "-c"] + args: [" docker-entrypoint.sh rabbitmq-server"] + resources: + requests: + cpu: 400m + memory: 750M + limits: + cpu: 500m + memory: 900M + env: + - name: GET_HOSTS_FROM + value: dns + envFrom: + - configMapRef: + name: resc-rabbitmq-config + + - secretRef: + name: resc-rabbitmq-admin-secret + + ports: + - containerPort: 5672 + volumeMounts: + - name: resc-rabbitmq-config-volume + mountPath: /etc/rabbitmq/rabbitmq.conf + subPath: rabbitmq.conf + - mountPath: "/var/lib/rabbitmq/mnesia" + subPath: "var/lib/rabbitmq/mnesia" + name: resc-mq-pv-storage + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: false + privileged: false + capabilities: + drop: + - ALL + add: + - SETGID + - SETUID + seccompProfile: + type: RuntimeDefault + runAsNonRoot: true + runAsUser: 10001 + livenessProbe: + exec: + command: [ "rabbitmq-diagnostics", "status" ] + initialDelaySeconds: 60 + periodSeconds: 60 + timeoutSeconds: 15 + readinessProbe: + exec: + command: [ "rabbitmq-diagnostics", "ping" ] + initialDelaySeconds: 20 + periodSeconds: 60 + timeoutSeconds: 10 + + + automountServiceAccountToken: false +--- +# Source: resc/charts/resc-database-init/templates/database_job.yaml +apiVersion: batch/v1 +kind: Job +metadata: + name: resc-db-init + namespace: resc + annotations: + datree.skip/CONTAINERS_MISSING_LIVENESSPROBE_KEY: irrelevant for this short lived container, skipping. + datree.skip/CONTAINERS_MISSING_READINESSPROBE_KEY: irrelevant for this short lived container, skipping. +spec: + ttlSecondsAfterFinished: 600 + template: + metadata: + annotations: + container.apparmor.security.beta.kubernetes.io/resc-db-init: unconfined + labels: + + app: resc + tier: database + kubeaudit.io/allow-disabled-apparmor: "apparmor-needs-to-be-installed-on-host" + kubeaudit.io/allow-read-only-root-filesystem-false: "required-to-write-log-files" + spec: + + containers: + - name: resc-db-init + image: p-nexus-3.development.nl.eu.abnamro.com:18443/resc/resc-backend:1.4.0 + imagePullPolicy: IfNotPresent + command: ["sh", "-c"] + args: [ "export MSSQL_DB_HOST=$RESC_MS_DATABASE_SERVICE_HOST; cp /tmp/odbc.ini ~/.odbc.ini; alembic upgrade head "] + resources: + requests: + cpu: 100m + memory: 100M + limits: + cpu: 300m + memory: 500M + envFrom: + - configMapRef: + name: resc-database-init-config + - secretRef: + name: resc-database-init-secret + volumeMounts: + - name: config-volume + mountPath: /tmp/odbc.ini + subPath: odbc.ini + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: false + privileged: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + runAsNonRoot: true + runAsUser: 10001 + volumes: + - name: config-volume + configMap: + name: resc-database-init-config + restartPolicy: OnFailure + + automountServiceAccountToken: false + backoffLimit: 10 +--- +# Source: resc/charts/resc-rabbitmq/templates/rabbitmq_job.yaml +apiVersion: batch/v1 +kind: Job +metadata: + name: resc-mq-init + namespace: resc + annotations: + datree.skip/CONTAINERS_MISSING_LIVENESSPROBE_KEY: irrelevant for this short lived container, skipping. + datree.skip/CONTAINERS_MISSING_READINESSPROBE_KEY: irrelevant for this short lived container, skipping. +spec: + ttlSecondsAfterFinished: 600 + template: + metadata: + annotations: + container.apparmor.security.beta.kubernetes.io/resc-mq-init: unconfined + labels: + + kubeaudit.io/allow-disabled-apparmor: "apparmor-needs-to-be-installed-on-host" + kubeaudit.io/allow-read-only-root-filesystem-false: "required-to-write-log-files" + spec: + + containers: + - name: resc-mq-init + image: p-nexus-3.development.nl.eu.abnamro.com:18443/resc/resc-backend:1.4.0 + imagePullPolicy: IfNotPresent + command: ["sh", "-c"] + args: [" resc_initialize_rabbitmq_users"] + resources: + requests: + cpu: 100m + memory: 100M + limits: + cpu: 200m + memory: 200M + envFrom: + - configMapRef: + name: resc-rabbitmq-config + + - secretRef: + name: resc-rabbitmq-user-secret + - secretRef: + name: resc-rabbitmq-admin-secret + + + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: false + privileged: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + runAsNonRoot: true + runAsUser: 10001 + + restartPolicy: OnFailure + + + automountServiceAccountToken: false + + backoffLimit: 10 +--- +# Source: resc/charts/resc-vcs-scraper-projects/templates/vcs_scraper_projects_cron_job.yaml +apiVersion: batch/v1 +kind: CronJob +metadata: + name: resc-vcs-scraper-projects + namespace: resc + annotations: + datree.skip/CONTAINERS_MISSING_LIVENESSPROBE_KEY: irrelevant for this short lived container, skipping. + datree.skip/CONTAINERS_MISSING_READINESSPROBE_KEY: irrelevant for this short lived container, skipping. +spec: + suspend: false + schedule: "0 6 * * 6" + concurrencyPolicy: Forbid + startingDeadlineSeconds: 100 + successfulJobsHistoryLimit: 1 + failedJobsHistoryLimit: 1 + jobTemplate: + spec: + template: + metadata: + labels: + + kubeaudit.io/allow-disabled-apparmor: "apparmor-needs-to-be-installed-on-host" + kubeaudit.io/allow-read-only-root-filesystem-false: "required-to-write-log-files" + annotations: + spec: + + containers: + - name: resc-vcs-scraper-projects + image: p-nexus-3.development.nl.eu.abnamro.com:18443/resc/resc-vcs-scraper:1.4.0 + imagePullPolicy: IfNotPresent + command: ["sh", "-c"] + args: [ " collect_projects"] + resources: + requests: + cpu: 300m + memory: 300M + limits: + cpu: 500m + memory: 500M + envFrom: + - configMapRef: + name: resc-vcs-scraper-projects-config + - configMapRef: + name: resc-rabbitmq-config + + - secretRef: + name: resc-vcs-instances-secret + - secretRef: + name: resc-rabbitmq-user-secret + + volumeMounts: + - name: config-volume + mountPath: /tmp/vcs_instances_config.json + subPath: vcs_instances_config.json + env: + - name: GET_HOSTS_FROM + value: dns + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: false + privileged: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + runAsNonRoot: true + runAsUser: 10001 + volumes: + - name: config-volume + configMap: + name: resc-vcs-instances-config + restartPolicy: Never + + backoffLimit: 3 +--- +# Source: resc/charts/resc-rules-init/templates/rules_job.yaml +apiVersion: batch/v1 +kind: Job +metadata: + name: resc-rules-init + namespace: resc + annotations: + "helm.sh/hook": post-install,post-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + datree.skip/CONTAINERS_MISSING_LIVENESSPROBE_KEY: irrelevant for this short lived container, skipping. + datree.skip/CONTAINERS_MISSING_READINESSPROBE_KEY: irrelevant for this short lived container, skipping. +spec: + ttlSecondsAfterFinished: 600 + template: + metadata: + annotations: + container.apparmor.security.beta.kubernetes.io/resc-rules-init: unconfined + labels: + app: resc + tier: database + kubeaudit.io/allow-disabled-apparmor: "apparmor-needs-to-be-installed-on-host" + kubeaudit.io/allow-read-only-root-filesystem-false: "required-to-write-log-files" + spec: + + containers: + - name: resc-rules-init + image: p-nexus-3.development.nl.eu.abnamro.com:18443/resc/resc-backend:1.4.0 + imagePullPolicy: IfNotPresent + command: ["sh", "-c"] + args: [ "cat /tmp/RESC-SECRETS-RULE.toml | base64 -d > /resc_backend/RESC-SECRETS-RULE.toml; curl --retry 5 --retry-delay 1 -F 'rule_file=@/resc_backend/RESC-SECRETS-RULE.toml' http://$RESC_API_NO_AUTH_SERVICE_HOST:$RESC_API_SERVICE_PORT/resc/v1/rule-packs?version=$RULE_PACK_VERSION"] + resources: + requests: + cpu: 100m + memory: 100M + limits: + cpu: 300m + memory: 500M + envFrom: + - configMapRef: + name: resc-rules-config + volumeMounts: + - name: config-volume + mountPath: /tmp/ + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: false + privileged: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + runAsNonRoot: true + runAsUser: 10001 + volumes: + - name: config-volume + configMap: + name: resc-rules-config + restartPolicy: OnFailure + + + automountServiceAccountToken: false + + backoffLimit: 10 diff --git a/deployment/kubernetes/templates/web_service_deployment.tpl b/deployment/kubernetes/templates/web_service_deployment.tpl index 6989736d..1e1cc0bd 100644 --- a/deployment/kubernetes/templates/web_service_deployment.tpl +++ b/deployment/kubernetes/templates/web_service_deployment.tpl @@ -76,14 +76,20 @@ spec: type: RuntimeDefault runAsNonRoot: true runAsUser: 10001 - {{ if eq .Values.resc.authRequired "false" }} - readinessProbe: - initialDelaySeconds: 10 + livenessProbe: + httpGet: + path: /resc/v1/health + port: {{ .Values.port }} + initialDelaySeconds: 20 periodSeconds: 300 + timeoutSeconds: 10 + readinessProbe: httpGet: path: /resc/v1/health port: {{ .Values.port }} - {{ end }} + initialDelaySeconds: 20 + periodSeconds: 300 + timeoutSeconds: 10 volumes: - name: config-volume configMap: