From 4fb4544cea4f9be4fad23bf6bbce764738472ea6 Mon Sep 17 00:00:00 2001
From: Nicholas openSUSE Software Engineer <nicholas.paolillo@suse.com>
Date: Wed, 18 Sep 2024 16:01:37 -0300
Subject: [PATCH] [release-v2.9] batch forward-ported charts from 2.8.8 release
 (#4466)

---
 .../elemental-crd-103.4.0+up1.6.4.tgz         |  Bin 0 -> 19637 bytes
 .../elemental/elemental-103.4.0+up1.6.4.tgz   |  Bin 0 -> 3979 bytes
 .../fleet-agent-103.1.8+up0.9.9.tgz           |  Bin 0 -> 3209 bytes
 .../fleet-crd/fleet-crd-103.1.8+up0.9.9.tgz   |  Bin 0 -> 49258 bytes
 assets/fleet/fleet-103.1.8+up0.9.9.tgz        |  Bin 0 -> 5339 bytes
 ...rvester-cloud-provider-103.0.3+up0.2.6.tgz |  Bin 0 -> 4520 bytes
 ...ncher-aks-operator-crd-103.5.0+up1.2.5.tgz |  Bin 0 -> 1246 bytes
 .../rancher-aks-operator-103.5.0+up1.2.5.tgz  |  Bin 0 -> 2049 bytes
 .../rancher-cis-benchmark-crd-5.4.0.tgz       |  Bin 0 -> 1463 bytes
 .../rancher-cis-benchmark-5.4.0.tgz           |  Bin 0 -> 7260 bytes
 ...ncher-eks-operator-crd-103.5.0+up1.3.5.tgz |  Bin 0 -> 1210 bytes
 .../rancher-eks-operator-103.5.0+up1.3.5.tgz  |  Bin 0 -> 2040 bytes
 ...ncher-gke-operator-crd-103.5.0+up1.2.5.tgz |  Bin 0 -> 1413 bytes
 .../rancher-gke-operator-103.5.0+up1.2.5.tgz  |  Bin 0 -> 2075 bytes
 .../rancher-webhook-103.0.10+up0.4.11.tgz     |  Bin 0 -> 2801 bytes
 ...tem-upgrade-controller-103.0.2+up0.6.1.tgz |  Bin 0 -> 2137 bytes
 .../elemental-crd/103.4.0+up1.6.4/Chart.yaml  |   11 +
 .../103.4.0+up1.6.4/templates/crds.yaml       | 3743 ++++++++
 .../validate-no-pending-deletions.yaml        |   17 +
 charts/elemental/103.4.0+up1.6.4/Chart.yaml   |   20 +
 charts/elemental/103.4.0+up1.6.4/README.md    |    5 +
 .../elemental/103.4.0+up1.6.4/app-readme.md   |    5 +
 .../elemental/103.4.0+up1.6.4/questions.yaml  |   27 +
 .../103.4.0+up1.6.4/templates/_helpers.tpl    |   17 +
 .../103.4.0+up1.6.4/templates/apiservice.yaml |    9 +
 .../103.4.0+up1.6.4/templates/capi_rbac.yaml  |   10 +
 .../templates/channel-dev.yaml                |   13 +
 .../103.4.0+up1.6.4/templates/channels.yaml   |   30 +
 .../templates/cluster_role.yaml               |  268 +
 .../templates/cluster_role_binding.yaml       |   13 +
 .../103.4.0+up1.6.4/templates/deployment.yaml |   50 +
 .../103.4.0+up1.6.4/templates/globalrole.yaml |   16 +
 .../103.4.0+up1.6.4/templates/metadata.yaml   |   10 +
 .../templates/serviceaccount.yaml             |    4 +
 .../templates/validate-install-crd.yaml       |   26 +
 charts/elemental/103.4.0+up1.6.4/values.yaml  |   43 +
 charts/fleet-agent/103.1.8+up0.9.9/Chart.yaml |   15 +
 charts/fleet-agent/103.1.8+up0.9.9/README.md  |    8 +
 .../103.1.8+up0.9.9/templates/_helpers.tpl    |   22 +
 .../103.1.8+up0.9.9/templates/configmap.yaml  |   13 +
 .../103.1.8+up0.9.9/templates/deployment.yaml |   51 +
 .../templates/network_policy_allow_all.yaml   |   15 +
 .../patch_default_serviceaccount.yaml         |   28 +
 .../103.1.8+up0.9.9/templates/rbac.yaml       |   28 +
 .../103.1.8+up0.9.9/templates/secret.yaml     |   10 +
 .../templates/serviceaccount.yaml             |    4 +
 .../103.1.8+up0.9.9/templates/validate.yaml   |   11 +
 .../fleet-agent/103.1.8+up0.9.9/values.yaml   |   67 +
 charts/fleet-crd/103.1.8+up0.9.9/Chart.yaml   |   13 +
 charts/fleet-crd/103.1.8+up0.9.9/README.md    |    5 +
 .../103.1.8+up0.9.9/templates/crds.yaml       | 5736 ++++++++++++
 .../templates/gitjobs-crds.yaml               | 7690 +++++++++++++++++
 charts/fleet-crd/103.1.8+up0.9.9/values.yaml  |    1 +
 charts/fleet/103.1.8+up0.9.9/Chart.yaml       |   22 +
 charts/fleet/103.1.8+up0.9.9/README.md        |   30 +
 .../103.1.8+up0.9.9/charts/gitjob/.helmignore |   23 +
 .../103.1.8+up0.9.9/charts/gitjob/Chart.yaml  |    5 +
 .../charts/gitjob/templates/_helpers.tpl      |    7 +
 .../charts/gitjob/templates/clusterrole.yaml  |   38 +
 .../gitjob/templates/clusterrolebinding.yaml  |   12 +
 .../charts/gitjob/templates/deployment.yaml   |   52 +
 .../charts/gitjob/templates/leases.yaml       |   23 +
 .../charts/gitjob/templates/service.yaml      |   12 +
 .../gitjob/templates/serviceaccount.yaml      |    4 +
 .../103.1.8+up0.9.9/charts/gitjob/values.yaml |   27 +
 .../103.1.8+up0.9.9/templates/_helpers.tpl    |   22 +
 .../103.1.8+up0.9.9/templates/configmap.yaml  |   26 +
 .../103.1.8+up0.9.9/templates/deployment.yaml |  102 +
 .../job_cleanup_clusterregistrations.yaml     |   40 +
 .../fleet/103.1.8+up0.9.9/templates/rbac.yaml |  114 +
 .../templates/serviceaccount.yaml             |   12 +
 charts/fleet/103.1.8+up0.9.9/values.yaml      |   87 +
 .../103.0.3+up0.2.6/.helmignore               |   23 +
 .../103.0.3+up0.2.6/Chart.lock                |    6 +
 .../103.0.3+up0.2.6/Chart.yaml                |   25 +
 .../charts/kube-vip/.helmignore               |   23 +
 .../charts/kube-vip/Chart.yaml                |    6 +
 .../charts/kube-vip/templates/_helpers.tpl    |   74 +
 .../charts/kube-vip/templates/daemonset.yaml  |   51 +
 .../charts/kube-vip/templates/rbac.yaml       |   36 +
 .../charts/kube-vip/values.yaml               |   79 +
 .../103.0.3+up0.2.6/ci/kind-values.yaml       |    3 +
 .../dependency_charts/kube-vip/.helmignore    |   23 +
 .../dependency_charts/kube-vip/Chart.yaml     |    6 +
 .../kube-vip/templates/_helpers.tpl           |   74 +
 .../kube-vip/templates/daemonset.yaml         |   51 +
 .../kube-vip/templates/rbac.yaml              |   36 +
 .../dependency_charts/kube-vip/values.yaml    |   79 +
 .../103.0.3+up0.2.6/questions.yml             |   11 +
 .../103.0.3+up0.2.6/templates/_helpers.tpl    |   69 +
 .../103.0.3+up0.2.6/templates/deployment.yaml |   57 +
 .../103.0.3+up0.2.6/templates/rbac.yaml       |   37 +
 .../103.0.3+up0.2.6/values.yaml               |  106 +
 .../103.5.0+up1.2.5/Chart.yaml                |   12 +
 .../103.5.0+up1.2.5/templates/crds.yaml       |  211 +
 .../103.5.0+up1.2.5/Chart.yaml                |   20 +
 .../103.5.0+up1.2.5/templates/NOTES.txt       |    4 +
 .../103.5.0+up1.2.5/templates/_helpers.tpl    |   25 +
 .../templates/clusterrole.yaml                |   15 +
 .../templates/clusterrolebinding.yaml         |   13 +
 .../103.5.0+up1.2.5/templates/deployment.yaml |   61 +
 .../templates/serviceaccount.yaml             |    5 +
 .../103.5.0+up1.2.5/values.yaml               |   23 +
 .../5.4.0/Chart.yaml                          |   10 +
 .../rancher-cis-benchmark-crd/5.4.0/README.md |    2 +
 .../5.4.0/templates/clusterscan.yaml          |  148 +
 .../5.4.0/templates/clusterscanbenchmark.yaml |   54 +
 .../5.4.0/templates/clusterscanprofile.yaml   |   36 +
 .../5.4.0/templates/clusterscanreport.yaml    |   39 +
 charts/rancher-cis-benchmark/5.4.0/Chart.yaml |   22 +
 charts/rancher-cis-benchmark/5.4.0/README.md  |    9 +
 .../rancher-cis-benchmark/5.4.0/app-readme.md |   55 +
 .../5.4.0/templates/_helpers.tpl              |   27 +
 .../5.4.0/templates/alertingrule.yaml         |   14 +
 .../5.4.0/templates/benchmark-aks-1.0.yaml    |    8 +
 .../5.4.0/templates/benchmark-cis-1.7.yaml    |    9 +
 .../5.4.0/templates/benchmark-cis-1.8.yaml    |    8 +
 .../5.4.0/templates/benchmark-eks-1.2.0.yaml  |    8 +
 .../5.4.0/templates/benchmark-gke-1.2.0.yaml  |    8 +
 .../benchmark-k3s-cis-1.7-hardened.yaml       |    9 +
 .../benchmark-k3s-cis-1.7-permissive.yaml     |    9 +
 .../benchmark-k3s-cis-1.8-hardened.yaml       |    8 +
 .../benchmark-k3s-cis-1.8-permissive.yaml     |    8 +
 .../benchmark-rke-cis-1.7-hardened.yaml       |    9 +
 .../benchmark-rke-cis-1.7-permissive.yaml     |    9 +
 .../benchmark-rke-cis-1.8-hardened.yaml       |    8 +
 .../benchmark-rke-cis-1.8-permissive.yaml     |    8 +
 .../benchmark-rke2-cis-1.7-hardened.yaml      |    9 +
 .../benchmark-rke2-cis-1.7-permissive.yaml    |    9 +
 .../benchmark-rke2-cis-1.8-hardened.yaml      |    8 +
 .../benchmark-rke2-cis-1.8-permissive.yaml    |    8 +
 .../5.4.0/templates/cis-roles.yaml            |   49 +
 .../5.4.0/templates/configmap.yaml            |   18 +
 .../5.4.0/templates/deployment.yaml           |   61 +
 .../templates/network_policy_allow_all.yaml   |   15 +
 .../patch_default_serviceaccount.yaml         |   29 +
 .../5.4.0/templates/psp.yaml                  |   59 +
 .../5.4.0/templates/rbac.yaml                 |  219 +
 .../5.4.0/templates/scanprofile-cis-1.7.yaml  |    9 +
 .../5.4.0/templates/scanprofile-cis-1.8.yaml  |    9 +
 .../scanprofile-k3s-cis-1.7-hardened.yml      |    9 +
 .../scanprofile-k3s-cis-1.7-permissive.yml    |    9 +
 .../scanprofile-k3s-cis-1.8-hardened.yml      |    9 +
 .../scanprofile-k3s-cis-1.8-permissive.yml    |    9 +
 .../scanprofile-rke-1.7-hardened.yaml         |    9 +
 .../scanprofile-rke-1.7-permissive.yaml       |    9 +
 .../scanprofile-rke-1.8-hardened.yaml         |    9 +
 .../scanprofile-rke-1.8-permissive.yaml       |    9 +
 .../scanprofile-rke2-cis-1.7-hardened.yml     |    9 +
 .../scanprofile-rke2-cis-1.7-permissive.yml   |    9 +
 .../scanprofile-rke2-cis-1.8-hardened.yml     |    9 +
 .../scanprofile-rke2-cis-1.8-permissive.yml   |    9 +
 .../5.4.0/templates/scanprofileaks.yml        |    9 +
 .../5.4.0/templates/scanprofileeks.yml        |    9 +
 .../5.4.0/templates/scanprofilegke.yml        |    9 +
 .../5.4.0/templates/serviceaccount.yaml       |   14 +
 .../5.4.0/templates/validate-install-crd.yaml |   17 +
 .../5.4.0/templates/validate-psp-install.yaml |    7 +
 .../rancher-cis-benchmark/5.4.0/values.yaml   |   55 +
 .../103.5.0+up1.3.5/Chart.yaml                |   12 +
 .../103.5.0+up1.3.5/templates/crds.yaml       |  226 +
 .../103.5.0+up1.3.5/Chart.yaml                |   20 +
 .../103.5.0+up1.3.5/templates/NOTES.txt       |    4 +
 .../103.5.0+up1.3.5/templates/_helpers.tpl    |   25 +
 .../templates/clusterrole.yaml                |   15 +
 .../templates/clusterrolebinding.yaml         |   13 +
 .../103.5.0+up1.3.5/templates/deployment.yaml |   61 +
 .../templates/serviceaccount.yaml             |    5 +
 .../103.5.0+up1.3.5/values.yaml               |   22 +
 .../103.5.0+up1.2.5/Chart.yaml                |   12 +
 .../103.5.0+up1.2.5/templates/crds.yaml       |  250 +
 .../103.5.0+up1.2.5/Chart.yaml                |   20 +
 .../103.5.0+up1.2.5/templates/NOTES.txt       |    4 +
 .../103.5.0+up1.2.5/templates/_helpers.tpl    |   25 +
 .../templates/clusterrole.yaml                |   15 +
 .../templates/clusterrolebinding.yaml         |   13 +
 .../103.5.0+up1.2.5/templates/deployment.yaml |   62 +
 .../templates/serviceaccount.yaml             |    5 +
 .../103.5.0+up1.2.5/values.yaml               |   23 +
 .../103.0.10+up0.4.11/Chart.yaml              |   14 +
 .../103.0.10+up0.4.11/templates/_helpers.tpl  |   22 +
 .../templates/deployment.yaml                 |   82 +
 .../103.0.10+up0.4.11/templates/rbac.yaml     |   12 +
 .../103.0.10+up0.4.11/templates/secret.yaml   |   11 +
 .../103.0.10+up0.4.11/templates/service.yaml  |   13 +
 .../templates/serviceaccount.yaml             |   11 +
 .../103.0.10+up0.4.11/templates/webhook.yaml  |    9 +
 .../103.0.10+up0.4.11/tests/README.md         |   16 +
 .../tests/deployment_test.yaml                |   73 +
 .../103.0.10+up0.4.11/tests/service_test.yaml |   18 +
 .../103.0.10+up0.4.11/values.yaml             |   30 +
 .../103.0.2+up0.6.1/Chart.yaml                |   18 +
 .../103.0.2+up0.6.1/templates/_helpers.tpl    |    9 +
 .../templates/clusterrolebinding.yaml         |   12 +
 .../103.0.2+up0.6.1/templates/configmap.yaml  |   16 +
 .../103.0.2+up0.6.1/templates/deployment.yaml |   69 +
 .../103.0.2+up0.6.1/templates/psp.yaml        |   51 +
 .../templates/serviceaccount.yaml             |    5 +
 .../103.0.2+up0.6.1/values.yaml               |   15 +
 index.yaml                                    |  330 +
 release.yaml                                  |   38 +-
 201 files changed, 22928 insertions(+), 9 deletions(-)
 create mode 100644 assets/elemental-crd/elemental-crd-103.4.0+up1.6.4.tgz
 create mode 100644 assets/elemental/elemental-103.4.0+up1.6.4.tgz
 create mode 100644 assets/fleet-agent/fleet-agent-103.1.8+up0.9.9.tgz
 create mode 100644 assets/fleet-crd/fleet-crd-103.1.8+up0.9.9.tgz
 create mode 100644 assets/fleet/fleet-103.1.8+up0.9.9.tgz
 create mode 100644 assets/harvester-cloud-provider/harvester-cloud-provider-103.0.3+up0.2.6.tgz
 create mode 100644 assets/rancher-aks-operator-crd/rancher-aks-operator-crd-103.5.0+up1.2.5.tgz
 create mode 100644 assets/rancher-aks-operator/rancher-aks-operator-103.5.0+up1.2.5.tgz
 create mode 100644 assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-5.4.0.tgz
 create mode 100644 assets/rancher-cis-benchmark/rancher-cis-benchmark-5.4.0.tgz
 create mode 100644 assets/rancher-eks-operator-crd/rancher-eks-operator-crd-103.5.0+up1.3.5.tgz
 create mode 100644 assets/rancher-eks-operator/rancher-eks-operator-103.5.0+up1.3.5.tgz
 create mode 100644 assets/rancher-gke-operator-crd/rancher-gke-operator-crd-103.5.0+up1.2.5.tgz
 create mode 100644 assets/rancher-gke-operator/rancher-gke-operator-103.5.0+up1.2.5.tgz
 create mode 100644 assets/rancher-webhook/rancher-webhook-103.0.10+up0.4.11.tgz
 create mode 100644 assets/system-upgrade-controller/system-upgrade-controller-103.0.2+up0.6.1.tgz
 create mode 100644 charts/elemental-crd/103.4.0+up1.6.4/Chart.yaml
 create mode 100644 charts/elemental-crd/103.4.0+up1.6.4/templates/crds.yaml
 create mode 100644 charts/elemental-crd/103.4.0+up1.6.4/templates/validate-no-pending-deletions.yaml
 create mode 100644 charts/elemental/103.4.0+up1.6.4/Chart.yaml
 create mode 100644 charts/elemental/103.4.0+up1.6.4/README.md
 create mode 100644 charts/elemental/103.4.0+up1.6.4/app-readme.md
 create mode 100644 charts/elemental/103.4.0+up1.6.4/questions.yaml
 create mode 100644 charts/elemental/103.4.0+up1.6.4/templates/_helpers.tpl
 create mode 100644 charts/elemental/103.4.0+up1.6.4/templates/apiservice.yaml
 create mode 100644 charts/elemental/103.4.0+up1.6.4/templates/capi_rbac.yaml
 create mode 100644 charts/elemental/103.4.0+up1.6.4/templates/channel-dev.yaml
 create mode 100644 charts/elemental/103.4.0+up1.6.4/templates/channels.yaml
 create mode 100644 charts/elemental/103.4.0+up1.6.4/templates/cluster_role.yaml
 create mode 100644 charts/elemental/103.4.0+up1.6.4/templates/cluster_role_binding.yaml
 create mode 100644 charts/elemental/103.4.0+up1.6.4/templates/deployment.yaml
 create mode 100644 charts/elemental/103.4.0+up1.6.4/templates/globalrole.yaml
 create mode 100644 charts/elemental/103.4.0+up1.6.4/templates/metadata.yaml
 create mode 100644 charts/elemental/103.4.0+up1.6.4/templates/serviceaccount.yaml
 create mode 100644 charts/elemental/103.4.0+up1.6.4/templates/validate-install-crd.yaml
 create mode 100644 charts/elemental/103.4.0+up1.6.4/values.yaml
 create mode 100644 charts/fleet-agent/103.1.8+up0.9.9/Chart.yaml
 create mode 100644 charts/fleet-agent/103.1.8+up0.9.9/README.md
 create mode 100644 charts/fleet-agent/103.1.8+up0.9.9/templates/_helpers.tpl
 create mode 100644 charts/fleet-agent/103.1.8+up0.9.9/templates/configmap.yaml
 create mode 100644 charts/fleet-agent/103.1.8+up0.9.9/templates/deployment.yaml
 create mode 100644 charts/fleet-agent/103.1.8+up0.9.9/templates/network_policy_allow_all.yaml
 create mode 100644 charts/fleet-agent/103.1.8+up0.9.9/templates/patch_default_serviceaccount.yaml
 create mode 100644 charts/fleet-agent/103.1.8+up0.9.9/templates/rbac.yaml
 create mode 100644 charts/fleet-agent/103.1.8+up0.9.9/templates/secret.yaml
 create mode 100644 charts/fleet-agent/103.1.8+up0.9.9/templates/serviceaccount.yaml
 create mode 100644 charts/fleet-agent/103.1.8+up0.9.9/templates/validate.yaml
 create mode 100644 charts/fleet-agent/103.1.8+up0.9.9/values.yaml
 create mode 100644 charts/fleet-crd/103.1.8+up0.9.9/Chart.yaml
 create mode 100644 charts/fleet-crd/103.1.8+up0.9.9/README.md
 create mode 100644 charts/fleet-crd/103.1.8+up0.9.9/templates/crds.yaml
 create mode 100644 charts/fleet-crd/103.1.8+up0.9.9/templates/gitjobs-crds.yaml
 create mode 100644 charts/fleet-crd/103.1.8+up0.9.9/values.yaml
 create mode 100644 charts/fleet/103.1.8+up0.9.9/Chart.yaml
 create mode 100644 charts/fleet/103.1.8+up0.9.9/README.md
 create mode 100644 charts/fleet/103.1.8+up0.9.9/charts/gitjob/.helmignore
 create mode 100644 charts/fleet/103.1.8+up0.9.9/charts/gitjob/Chart.yaml
 create mode 100644 charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/_helpers.tpl
 create mode 100644 charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/clusterrole.yaml
 create mode 100644 charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/clusterrolebinding.yaml
 create mode 100644 charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/deployment.yaml
 create mode 100644 charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/leases.yaml
 create mode 100644 charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/service.yaml
 create mode 100644 charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/serviceaccount.yaml
 create mode 100644 charts/fleet/103.1.8+up0.9.9/charts/gitjob/values.yaml
 create mode 100644 charts/fleet/103.1.8+up0.9.9/templates/_helpers.tpl
 create mode 100644 charts/fleet/103.1.8+up0.9.9/templates/configmap.yaml
 create mode 100644 charts/fleet/103.1.8+up0.9.9/templates/deployment.yaml
 create mode 100644 charts/fleet/103.1.8+up0.9.9/templates/job_cleanup_clusterregistrations.yaml
 create mode 100644 charts/fleet/103.1.8+up0.9.9/templates/rbac.yaml
 create mode 100644 charts/fleet/103.1.8+up0.9.9/templates/serviceaccount.yaml
 create mode 100644 charts/fleet/103.1.8+up0.9.9/values.yaml
 create mode 100644 charts/harvester-cloud-provider/103.0.3+up0.2.6/.helmignore
 create mode 100644 charts/harvester-cloud-provider/103.0.3+up0.2.6/Chart.lock
 create mode 100644 charts/harvester-cloud-provider/103.0.3+up0.2.6/Chart.yaml
 create mode 100644 charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/.helmignore
 create mode 100644 charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/Chart.yaml
 create mode 100644 charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/templates/_helpers.tpl
 create mode 100644 charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/templates/daemonset.yaml
 create mode 100644 charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/templates/rbac.yaml
 create mode 100644 charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/values.yaml
 create mode 100644 charts/harvester-cloud-provider/103.0.3+up0.2.6/ci/kind-values.yaml
 create mode 100644 charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/.helmignore
 create mode 100644 charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/Chart.yaml
 create mode 100644 charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/templates/_helpers.tpl
 create mode 100644 charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/templates/daemonset.yaml
 create mode 100644 charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/templates/rbac.yaml
 create mode 100644 charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/values.yaml
 create mode 100644 charts/harvester-cloud-provider/103.0.3+up0.2.6/questions.yml
 create mode 100644 charts/harvester-cloud-provider/103.0.3+up0.2.6/templates/_helpers.tpl
 create mode 100644 charts/harvester-cloud-provider/103.0.3+up0.2.6/templates/deployment.yaml
 create mode 100644 charts/harvester-cloud-provider/103.0.3+up0.2.6/templates/rbac.yaml
 create mode 100644 charts/harvester-cloud-provider/103.0.3+up0.2.6/values.yaml
 create mode 100644 charts/rancher-aks-operator-crd/103.5.0+up1.2.5/Chart.yaml
 create mode 100644 charts/rancher-aks-operator-crd/103.5.0+up1.2.5/templates/crds.yaml
 create mode 100644 charts/rancher-aks-operator/103.5.0+up1.2.5/Chart.yaml
 create mode 100644 charts/rancher-aks-operator/103.5.0+up1.2.5/templates/NOTES.txt
 create mode 100644 charts/rancher-aks-operator/103.5.0+up1.2.5/templates/_helpers.tpl
 create mode 100644 charts/rancher-aks-operator/103.5.0+up1.2.5/templates/clusterrole.yaml
 create mode 100644 charts/rancher-aks-operator/103.5.0+up1.2.5/templates/clusterrolebinding.yaml
 create mode 100644 charts/rancher-aks-operator/103.5.0+up1.2.5/templates/deployment.yaml
 create mode 100644 charts/rancher-aks-operator/103.5.0+up1.2.5/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-aks-operator/103.5.0+up1.2.5/values.yaml
 create mode 100644 charts/rancher-cis-benchmark-crd/5.4.0/Chart.yaml
 create mode 100644 charts/rancher-cis-benchmark-crd/5.4.0/README.md
 create mode 100644 charts/rancher-cis-benchmark-crd/5.4.0/templates/clusterscan.yaml
 create mode 100644 charts/rancher-cis-benchmark-crd/5.4.0/templates/clusterscanbenchmark.yaml
 create mode 100644 charts/rancher-cis-benchmark-crd/5.4.0/templates/clusterscanprofile.yaml
 create mode 100644 charts/rancher-cis-benchmark-crd/5.4.0/templates/clusterscanreport.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/Chart.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/README.md
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/app-readme.md
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/_helpers.tpl
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/alertingrule.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/benchmark-aks-1.0.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/benchmark-cis-1.7.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/benchmark-cis-1.8.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/benchmark-eks-1.2.0.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/benchmark-gke-1.2.0.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/benchmark-k3s-cis-1.7-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/benchmark-k3s-cis-1.7-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/benchmark-k3s-cis-1.8-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/benchmark-k3s-cis-1.8-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke-cis-1.7-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke-cis-1.7-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke-cis-1.8-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke-cis-1.8-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke2-cis-1.7-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke2-cis-1.7-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke2-cis-1.8-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke2-cis-1.8-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/cis-roles.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/configmap.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/deployment.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/network_policy_allow_all.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/patch_default_serviceaccount.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/psp.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/rbac.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-cis-1.7.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-cis-1.8.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-k3s-cis-1.7-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-k3s-cis-1.7-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-k3s-cis-1.8-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-k3s-cis-1.8-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke-1.7-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke-1.7-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke-1.8-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke-1.8-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke2-cis-1.7-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke2-cis-1.7-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke2-cis-1.8-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke2-cis-1.8-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/scanprofileaks.yml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/scanprofileeks.yml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/scanprofilegke.yml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-cis-benchmark/5.4.0/values.yaml
 create mode 100644 charts/rancher-eks-operator-crd/103.5.0+up1.3.5/Chart.yaml
 create mode 100644 charts/rancher-eks-operator-crd/103.5.0+up1.3.5/templates/crds.yaml
 create mode 100644 charts/rancher-eks-operator/103.5.0+up1.3.5/Chart.yaml
 create mode 100644 charts/rancher-eks-operator/103.5.0+up1.3.5/templates/NOTES.txt
 create mode 100644 charts/rancher-eks-operator/103.5.0+up1.3.5/templates/_helpers.tpl
 create mode 100644 charts/rancher-eks-operator/103.5.0+up1.3.5/templates/clusterrole.yaml
 create mode 100644 charts/rancher-eks-operator/103.5.0+up1.3.5/templates/clusterrolebinding.yaml
 create mode 100644 charts/rancher-eks-operator/103.5.0+up1.3.5/templates/deployment.yaml
 create mode 100644 charts/rancher-eks-operator/103.5.0+up1.3.5/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-eks-operator/103.5.0+up1.3.5/values.yaml
 create mode 100644 charts/rancher-gke-operator-crd/103.5.0+up1.2.5/Chart.yaml
 create mode 100644 charts/rancher-gke-operator-crd/103.5.0+up1.2.5/templates/crds.yaml
 create mode 100644 charts/rancher-gke-operator/103.5.0+up1.2.5/Chart.yaml
 create mode 100644 charts/rancher-gke-operator/103.5.0+up1.2.5/templates/NOTES.txt
 create mode 100644 charts/rancher-gke-operator/103.5.0+up1.2.5/templates/_helpers.tpl
 create mode 100644 charts/rancher-gke-operator/103.5.0+up1.2.5/templates/clusterrole.yaml
 create mode 100644 charts/rancher-gke-operator/103.5.0+up1.2.5/templates/clusterrolebinding.yaml
 create mode 100644 charts/rancher-gke-operator/103.5.0+up1.2.5/templates/deployment.yaml
 create mode 100644 charts/rancher-gke-operator/103.5.0+up1.2.5/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-gke-operator/103.5.0+up1.2.5/values.yaml
 create mode 100644 charts/rancher-webhook/103.0.10+up0.4.11/Chart.yaml
 create mode 100644 charts/rancher-webhook/103.0.10+up0.4.11/templates/_helpers.tpl
 create mode 100644 charts/rancher-webhook/103.0.10+up0.4.11/templates/deployment.yaml
 create mode 100644 charts/rancher-webhook/103.0.10+up0.4.11/templates/rbac.yaml
 create mode 100644 charts/rancher-webhook/103.0.10+up0.4.11/templates/secret.yaml
 create mode 100644 charts/rancher-webhook/103.0.10+up0.4.11/templates/service.yaml
 create mode 100644 charts/rancher-webhook/103.0.10+up0.4.11/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-webhook/103.0.10+up0.4.11/templates/webhook.yaml
 create mode 100644 charts/rancher-webhook/103.0.10+up0.4.11/tests/README.md
 create mode 100644 charts/rancher-webhook/103.0.10+up0.4.11/tests/deployment_test.yaml
 create mode 100644 charts/rancher-webhook/103.0.10+up0.4.11/tests/service_test.yaml
 create mode 100644 charts/rancher-webhook/103.0.10+up0.4.11/values.yaml
 create mode 100644 charts/system-upgrade-controller/103.0.2+up0.6.1/Chart.yaml
 create mode 100644 charts/system-upgrade-controller/103.0.2+up0.6.1/templates/_helpers.tpl
 create mode 100644 charts/system-upgrade-controller/103.0.2+up0.6.1/templates/clusterrolebinding.yaml
 create mode 100644 charts/system-upgrade-controller/103.0.2+up0.6.1/templates/configmap.yaml
 create mode 100644 charts/system-upgrade-controller/103.0.2+up0.6.1/templates/deployment.yaml
 create mode 100644 charts/system-upgrade-controller/103.0.2+up0.6.1/templates/psp.yaml
 create mode 100644 charts/system-upgrade-controller/103.0.2+up0.6.1/templates/serviceaccount.yaml
 create mode 100644 charts/system-upgrade-controller/103.0.2+up0.6.1/values.yaml

diff --git a/assets/elemental-crd/elemental-crd-103.4.0+up1.6.4.tgz b/assets/elemental-crd/elemental-crd-103.4.0+up1.6.4.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..e07c90d38864fd1aca73834f486e93698c41f656
GIT binary patch
literal 19637
zcma&NV|b-Yw*}g<)3I&aSV70Ola6gC9ox2T+qRvKZQIGs-rxD|IrraP&$HgDS!2}1
zueIh|HSohBQGWdM`J((mttY0yU?3*VCgsM-s?V&#V5rDyrlH8mCaa>tCar2|u4irN
zrX+8}D`sSA_2azr%>{@2mLo0uL)F&gt}_W~@>p+p<#>G^r`pJ*@#fdCLfz9{<GXZ<
zwQ-O#`#mtNS={88*H5r}gChI}mbeVKb53jvENF_H5~@=Hq&TD^Tc#+XjyHYZz%&}W
zG>@j<y5{EQr}GoV=c~=l%~S8EF88LVmCt#T-}wBU<k=S&d@t_aSIiB~qXG?yT2wTE
zwRWf9<?(O+C=(c}YVuS2JH!D*6}Ejx@sQMsF;EBXh=^fR6rn$3duTKeX4R|&_EKto
zu_zFc=MPcA77H135CxCCbI`G8Ye@*t4H^59fJ!ngP5zW$2`~}T9Sq!Txka2hmK72k
zTOn-YaSf=icy{o<wY<HTmog+VE!r+VI=&(imoI4MPP6mXk0bREU%}~Qj~AlX7Cp|q
zfb4YjCc&?SCq}v<Zk!k)>{CygfwX-&t~>U)8r?rJyc*|W?sq+Y(4l>}s}@TmRYPno
zk8PtAoN@cizTo{Zzba3>`&z93_^|!F%2%3(o1$n{2{`HA-`}lP!0#Ua5JgWI3_cd7
zLzUe^9(6#BC1%Qx=+lu6?PF9?n~z4d_q)$c(b`ue!jK33p+JUeoCeMFdBM)&W)t<a
zPb&lU`tdYOTggPTkTMOAJ!K>rz6&YHerQ~;Nc$Sfq3A~rg}BG5_d_>ro`ft9e8=9V
z?#r?62{IQ{R$RXrjkHxsNUCZWO*wTtnT2c@L7oj+jVe}@3LTYedHvGfTLNX1Pv{X}
zu3YAERnDlZh(kk8grc29%1$6O14TP2;XZaktRNVG&NEHLQlT)&-+;_=_Br%}uc;^b
znle}6W9IpVH4(bZP@K+oj)miyhBEyK3e5u55rSzqEw9UoUF02-upNt`sW#IURgXy{
z1|>a~c!0StD;wwQe!t<7Suk}5Jvh%gu1G0L;6OFNym`obsL=-U1pYiK?7@uysT9nP
zn6wrbd6&5WO^HZ=NuXe;6}-fI2=?ZrTdaVLI!88iMmI+5nkV!@q?1IDP=E+va=#4R
zBoy|mn7;`%PYSWu){o9EE*>{Py#ttYP?99%68WG4_$SuLqFu+1-|@x7&so7zDZI<e
zsZ#p^!d<g8=CY)A+qh#ERjrYY6s<Tz)wvgpa8m(PUxS)(X0D)61_Fe5me25-eW9f`
z)~8Y>zdE-Akn>@n@qBiQJS07sF{xTDu#b3=jkn}tlaa`QiUjq9x>GEj^;c6%1vcWo
zhIFVbV5z>{2*sl9Xo}nbN|HM>iNsCtuc=Ta_Y;-gt{=c*MW6@j5vZZ6)Huxdz{MnP
zxlp|yRf#&NoJ--`jT(y<dX04gHV6L1(ne;0;vau!!n+Mx)jk%QiGN5MIjCg>enMo(
z`I%N6apw!=XvJYjCl^5{OJp;@xvl(I%n}?<keNx{gjd4iP=)D}5c__@QOt>=Y0Ecm
zw+fn&+o+%`C3o8y4XK+IhKfoo_zk~$ut#axp&$#;i!%;`|79G7442QcW9AA^doq+M
zL@L7XWQq@|$IMivLzOROnk8m7vG4?@O$PxOok%ZVpYKcWy=G>12+(`;s{^D>1L#KV
zjc|`)Y2Bh~2;le~JW0(EAQBskBnMoj_Ca&Mb~wX)bg8A(XSW*6xI;1+;V#grnFmc}
z7SxPR)P6pp8zNQ-$j)%<z0S;}>&8aF5RfSGM>Fi5%)z@_?Sx>|z*-&2>m^EVA!FL1
z%|p*Gx24dBg*`r%u4K1y@1o6S*$7$Sh<394PJ@&eo(mGFfHhEx0O8=5(&K@i7xH5n
z!4y!l@i-VlIS@oB!upYax?Q@!17t6CyPpv`yypP^XQsyAo%)nJZIEQilT|RH)aOk7
zRL>L-2*x)VGJVZZL>ws}wj3-i#VIWThC$$18Ai!Ia-N2e`v~^4_<k;5H6t4smb+`~
z9$ov73wkHLHQ$B}u@oRtNDC_n{~42I@4eRXnW-gJN%yno8Px)-8Bf{(T`lI9Bf#A&
z)Xc9KiWC1L=WaH1+d-fJ0Q3qW4L&U@YDi}*wR<POVn94W&s>o=h)s034^j87@}!NK
z|KeUYik(W|E$!5JYBKqrMaz6^6~_GW#{m5(am>cHX;u1w#N)Z7dTjhdyp`JfC3*k+
z+CypAB)Hh!#>CtWV18cBcG!Oxi}?V#XzcC^@Dqr**HiIGn}(kjoi8M^H}MvYu@tRe
z+)C=qiuST=FSLl$q77kqQ#ftwW{0cI^hk-*Eu8{2Mrs4(Q<_yBIq)?IEEG>OjK2yl
z^Y!e|T~~#zzB-!g$ixHJt3MR_U`jQfWU&oqIQG}eio0DM(U1`Vfhn$NHuPA^>_Q0+
zr@879z^8q*&jcHavKyij{oJD^Fy}I$@C5_OuttfMI#HZs8^A=TR0$SiPBwt6Ez}wA
zw33i07`W4{js-LLdoP@&9|YQ4n<e-XIoR`1<0epeqf{^Dlc+!Ht|IJks+d<wi9^iY
z+$2KT<t6=Bixz%1-oHBg<Dtlu2{dkC3t0rV-BB~5@>fL&rB7U_K_~fL9sGIqt95rD
zl6c+>ip8dwgYN}}#~_$}S~~8eD66v|%vd(f>}M~0+N!b!`7?eMpA1%!AnB{IiBX0I
z-uMpHQhSqANLuWYKF<1D5`Oi@FR)~rqgfXb3dQNHri-6rrfJ2&rqvE6$K_r!X;%gU
zH60($3~~|xa0@|hbPnm-Jb7ih5**@4ur;|mZdOOWq$D19oC@ULJ)SvxhHT#geiN3m
zIYnBgzES2^M4_sOQ<PQkmS#mi)@qsyxdxQVlT{gu>bBWMzn(&nS2P&O9vYI!Py)t2
z(<}quR3eh4g}QJaH4N0TNJ+-_U<I{Xebd^kGSqF~G1r*nk52z6X_W=@(m1`s5Z&P8
zFArD1=a%dH*)Z)}bmt8_-xZG6d*1EQ@WmCNo08BX4suLkt@5$Uv7&wrj@vf%7LyB^
zb48%qmS`0IHMZAkIf$a~wxM#K5i4_LxhQFRM)b{P?MYf57}eU%!x!qPo~p6j)D=Na
zds0!B<_Qq$+O}2(R3>G;zIlW_kyJu5*yCP}OH|6TF%Y}0fHuY$isUXJ*Bg!v%twj{
zt}ZN9iljzE4NNFDG4Gt0DakaB+&~H?fQ%5lY#nChfWJ*CU7~?CDKfA^ldF;;(dZGO
z?$2>NhB?#D*(#!xtK={MngFcH82|PLAuDrdHlZlBQm%Ai?cMxvg+qRQ{DM}zuUyu|
z+Y<0$(kbeA=Fb^|-wcSj=<c%Rv+{0s0-U^eeFWlZ9JqSFGtf;x?(d<mZ7FwIZCw|@
z++JlsBe7eZ+kr@Ks7=~iM{Z4Y&OeXRc<vRW-P8zs%6~xC-HkQV^unRrTufw<q^OUo
z#i#@G4Ej~fu)#sxP^*+cV+XYqO_?g|I7*7m`U#=eMPe;2(lnXR7Uc~3>3Y7M+OcOR
zWo;0OlZ3d-8sp{vfNgt)v|vFJP!obatYE@|X?2tH%rkg<lRn#ScsATJ!?8bq<{A;Z
ziu8fSw)Io?*QmF{!Bqtb31pyf?U>mmAEO8ryV!wjQTH==%RhVst=)2l<zD2})gBWi
zo3YgQ#GJwS*t_3Y+qh~qvTCrTEZiwj>|213b8FzoP;yJt&+w}vAB>m^Q9_1^gnZfA
zHsF?tG~IDj)TsNx+xExXPBRGW1she)cO$shn5PN3)6a~;Lja+9egsNO{i57=W~8*`
z!q(e>gS0z(W@*t6(of`dIu=vnX0^z>oPonxOk@bj5wMJ7Dw=#PSTNelwtme#;0gx&
zWBJS&!yKs^?xw$Y7;&|1FE5{aOy52d9>KJ-bOB?nDb23c5c;?OcGGqo!+<)l%Q^6G
zBoa4?8C3DO+MO)}$H3%}X|7j$$)aW&5lpnQyUcoxsZHEYZWiJNP4lS?fT0Mc%(<dy
zulZT;k#RbObt1vY>48b>m@tIPzFo{RK6d%w7i>Rq0ehfZjcAAOU*DrAINc+w1Dp*6
zZm06-6j6meGNRPD_V>6DNr@`w>Xw!qOTZF@k)?AU3%FUkx9`_F8s<=q)h`Sn-JjuT
zyud3JJWm5*@t8py<C!g-PFO*xf75<w(V8~c8lxp@5)an4sxVk24r$7@j5-wC{cI~S
z<!n+BHJI47BeW2fp4QqNnK}^(S&SYQ{ppG2;Ep}EK>737o|jIPL&lD+NziYXGBOQA
zXL7-np}prFB~DO!1M-}<23#@Dmd!;<s9dU*h@PdIzg^!jBFjWwP!l7D(LK;??zR@W
zyRyaVz2-4r{sE7O)SlU?w57*E;e#|AEe)KVz1&5x`{UD;2agZ>G3?9pF-%hYzI11o
zZW2w_3SX{p!(&$YjM;!@*wWd$oHd{34NfJpw~SGZ6})^%L^_FhXjqh;F@&2^qgn%`
z?Wxnx(i!00<>~Txi_kfyUclX-W4kOVIzQ1s&Zxmwdcws4Aqw>8@PNWbek<f5WBhcR
z)=hh@)l))H?zOvPs>irwR?f<bzg&7EcV0EP$j-Jt$)M5vuHi(fRbPj2%>DZB?fb>-
zs~bb%Vv3bj39i(~T~w?Flft&<UCH3Dy4(zI$b6VO7BrQ#DsB@B?bb#`0Uz7`p>_gE
z({-s(?Gx1-BDhk?Xx09Z%SMLB*}G*v6gGsxgkF>KU$3INt81hnZjdG=J!wzZ+=UHD
zI*Yd;ODDA~Ez56C0?hf$iJ;DwPrxa+$P`|<uJym7SK!^p6F;ZNEy^f6bf$=9_BE@v
zlQs8-VXYMZ*2<<f=yQ#lG_EPgM2sq%)l^#GGY<r2nm<LAVBwlxo6+sK8)QUIwtFLc
zg!9swkF@KlHet){rqKtXO0pP)?rLFxRj{D>M%G!W_o&UJKs#3&kqgxAJ*Zz+6?3Y#
zZ4x4m)S?$uUbOK4kqp#f6?l5yHg?rUtW<%Cnp|U*k#RrKpdWf~@-mVNswn1|U;AX2
z?$m?$h+>io%*Z(+s3IwNoHU=J*45x1bA)hrqqEDiL1c(<bZNMBcsN`aP=)b~w7}A$
zxDrJ-<Xk<G3s8!lI!;li-f9Gq*HXK-XY{klAKe~b+9Pc}$nTagBOZF>h+@@AXH)tJ
zoL{7-4;5@y>S-wj>qJer!au+=1!xzDAUI}_?=iZqcch<lq^T4{6V^y~{>`rsQxy<R
zHq95|vpK~T?C%3Tz0#thJwKyf3~3rBzd-M0q&`J?h~CUPO&{>&a{uGrPw9m1@pqQp
zYpp_hD8Zr7ru>|w_guKV_7~i+w}rXl$`zPYet^><g8x8ryPb8cvXfFL=vLD98j^=*
z8R>JAD?e-(ZEy4U?7ypH--w@$<S(fISyvkOj<k_%)1RF?u9z(-Eo)M9S-K7#o7LS{
zq2LMv{B6?2c#F*@Od5Q$QnrNM$R4guq@&Gc5Iii<Z>k4bBIKqhzH!0TILih9W12%)
zkfec?r6V0qc?6{nrG-ob>@U16LIWJ`Q}CpV>1zDuSN4JCSJl>BsLP06U;l>|T$wXV
zmlJ~q!v8?G2FG$g2`BS-=N6~a+*XW^w#PCvcS0lktrCCSIe5Q6v7MN>3YM6>iU(5N
zu29t6{3+mGbE%z#yZo$8?{-gu9@D-s9H;fR2QQ1ad_$_}G*T0;cxg0=`r|QE8+@kf
zSrf>5j9@hp8(XA(R}W*^nqq_FYYj`Peb>PK%z}S|V}>wjAyZC%W5T^AGMO6BIijCN
zX7(4RMzSlWx$Q;R)@k~jfzQPl9BeIb4v|U4hC$3lSTSiCB>;Ria{lfw#xWgSllDr-
zP7}5N^<SHji!tdM*Q20~!Hlcvp7!SPNG$jEU9;<pF!bJrJB&JQ57=Jq6J|)4!f}R<
zig^P99ekbOT-Q$hEgpBcVQox(ejR*2h{Isq&OgjF^xPffAP%aR%QNe!)s+XzW~Ng9
zUTj@^yz9hhs_njQ)aeXLE``Z#8w<9b4i6FXf3jIQv3hhLFdEpWjD7UlsW+AK#({I}
z7`(u*I$Z<@2|km8u0V><9eN!x2a=sME<DTkZn$2w(Zh;+JE)r(GOki2+r>RSi8B9Q
zG1c1Od?F~mMfIWstN*sF(_<Oh0_}F#TbjJ%mA>I7WJ^DJOWAkvyI@(qVw`-!uxVfM
zN)PoSpMgueYPUCF{*);>QV##feSFu6QH}hFt=9G?zwc%HvU>dROuxLe{8B|YH~^7@
zow)0IdV;bwDj9kI0RXP@xa|V2dVYm%*_{MDJR`I)IZ9s*7WX7#Kck`S-QO|V4q{h+
z0wAhj2e12|30iI;u7z!l3;<A7&(CBnb7%S665Z8))EfYpD%cH~pQruXWBuQKPMujc
zxT^Kpnp_{|`QCO|cJ(j$_N}AdMClhm%dWI;yC<PmYptx%mHz#+RLk4}_l`vLPvJt1
zVtQfq>b2s&#P<0b*O>J7+g97c@u$8-*-?o8#J8J4+k+|(Cas&>N!tVDyIEVKd<{<e
zt;jm}_Mf8a#f!=L6?3Qa@+z(P$~no?!PM-JAIB-8W|ABe5Cf=uxvku%@2l(XqX#p`
zcgF%mGwF4l*@&tg@Y}e&{Ee>(3vX7pv^QAlXT!$!Od@6G?^{qtCD@YJ@-J7n@})(9
zZjj~#^INCqw!=_`%GpB?1?+;Agz`_ayiIvqMkqS6-a(R<lm^o0>{&PO_wTk@^Zbsd
zsS;MyRX85hmPWi{`lp<oI5wswI*YAs5YNV0i&cebqP(vs8QmxcyZ*=DYlXz{4jpJN
zFU5Y0miYLjLoWikT8zDvN40WyXf-q~x>w7&j))(@lzi@Rhx$yDnoD)?CE<#WIdo>K
zVMRds>^VapkFO)>RxY}M7x{$0dfraCx5{@ZKNgF3Gu3t8WKUXT#ZAh5#cNb2uimV#
zof?+`i<cvLTo@<TLt^YjNV3RGS@u;!0hF^2>mE=D3_g1$5bRwu#!3aMYL-Dc@}um)
z!8f&@18XBV%wEEv*-poGLHx)<)yKxV;z7)<+Y+&OeW>x6Q}J0k+TBn`sjZq^<!`^y
z0Q9g27@lvU7RDvx5d`ArcdlUUhn&E~B2^xcDLc_MZajULh(B&7N?vOTj_o*yhVcj(
z!)NzOk(gJ0{~<V=leF1apo)uf5MZ}&O1RDY)x3P9j0)0xplr992!*N4o;@}fSyS(d
zgSg`~@kcL~MYe~I;!KabqxuI3!xF-9-2F!UCpco43VcMg5m(_lb@;C@4-9<jsd$(+
z!n(9@_!CGg$7snpM&qAlRyOf$dbLZlDe(*S#v%cp*cWCDVk+-f=$DsaCI(pNL26BJ
zCMFWQtDR3l_ot6{{*GFlcu(tJA~p^`p^e`9@1|N`<$=VB1QuGpUKZ|rRJR}YJMn%f
z-N4KlcpgEWWLd|i^YT~mE%E*KoGeHCEjlwr>D2YC+ExvqAsXz>qKgvHTU$8r%MnAE
zoUQ<}dMLs4NoM0)X%`KBaAv)MK6NdbYRjF5+ugC+GqcK6N>B2Zv(9ZFbs|#9W;r9>
z=Z1Qb5$uXL{~mY<f;`9xx5P(WkZv;r{++6SLortcx%YVmXN5HXk}Y2bJj~pi9<qtH
z#Fg7^mnwc$;BG&aKOnNTiMG_kvgrGts>2QCc+@W5ygz?F_{@Gk8<EZL`IdwGM;0T4
z3OJduVvpnp9Ex6%`!cGQL|r#1M}QaY!>Sf*a%4C;w42KOFIi?<(8??HTC$U6r|p27
zwn3XaP2aSUhnKpclTh+JjT3|lj8oyYXnSiv<Q+Wy{@QQ{Ri46=XsOj$0Fd-N3I9*C
zVbkF8-E0*7zs&}VdzyKMU)TS)*}!(I0)L;43xt|8fNS3X&lC9+0Ta@F(#ye&z5uP(
zg@*o(FmQol53H)P#>zV<Wnq-k&6p9lC2D$RE&wV({Bbk_o6oRgg8H+@o<pSTpH5@l
z1p7i8L5L1Yam}`V8etC=;fGpvyk3EL2V2Ka2z*h~@+kkLDvIz?RxXBIl+p#Y)h0xN
zgE&eLxV}|C$v!Dt!NJ-8+iI*BID#=MYQEY@8kR^01>QoJ*=Wt{8oHlNq|SRzQ1pkw
z6{*!My3e$(AR$y^G0VYVIGI-2&-Ot*;7mmdm3F&zmB>=~y?NUl(nN>4bcnuA<N5I5
zKs#R5sjqB|Ut?~1fsAs<WP<C06#*JlVX$a3yp;pXiaFQ}@#|I0UZSR>hM12-^A7&L
z;zluoR3i{W2v4F>@`g;FRECWI(=52<*}Ef4%#B9BwZB^rgrWs%*?JT4X$BpU9L5#7
zcI`~q{CL?ou{$MMEpxGYFz`39vQjb@Rq-${|LxChWm^n)+0dKWv^YVw<My66DElx3
zC`&@>J`(S9P)_-If1K@jAxWg=<PwU(MF2}P+%DySMm|6lmyQB328ClB`P0DFx=XG`
z(c&w6QcVlXV?6FcJ5+BF&E97BMeSpf#Wis2C=rnK#!N&c4Sz&HPxFjg!e&3XGYU^W
zinMQPL85zO&;VvNhCS?xesNEkZ0%XnAhOYFI?W)L(v9cw(2Z4I!vj?49qemqg|ARF
zq!j^os)1ej{3@#QeDN-iUaLkLUj((uBd0S}KGNDp6KZh+BvmpITRWDP3XoA<l9Z_D
zRirU1Xyxs#o$b^^iKp3-9C6f({=FtrtEum|>8s%^5Jss?7K@Z;X!U&fu@1ZOa?lKL
z*^e7Qb~Jp9@AN7Wdi(R|Ydp-Ckvxu9MMPQDn7O9Gq2y#E2W!UvV#e>Vp(F59@6lYG
z`qkM=^5>vV)x~PpphZ)1OM2qC`_dSCJl%zsR*1)So3<Z2nN|vIY@fc2l3Rj4yoR)^
z!?_$Z_wBi*(+HA|J`Bw6n1(ttUZ1`sHqEc)CW-PV!#ilF*V~0_r61HS-Vr3DHDok{
z2fwv=t;nhvSdtqmG9efShYfoBp78?Omo&<&c?b1=<j$CGqlzX7i{r&BxLqEu1N|Kr
z$l)4OjFv-~9L3gS_odadx)))oj_3wqz+z$leYK+pg?~kNuvZiZaEB1X$V$BwP~_Vr
zd)ce$A>Paty`%%%pCO6y|D_EJC2C(!67&=UdrLPj06$dX{Ubho_il4e5Fn;M@+Jev
z$-%jwGs5iOJRNh){CQ*YPBa4>BEU=l9r+c}F)zGHqqm>ah>=mU-!(4+;NKkymcTvf
zT;VC-An~&4{bGBgOe(x&S8KAP@n!Dq1%vQ_kh($$^78NS*xnsSYIz2{gVJ?1g3<wO
zZ+ydlYQ397X?-Ig=r&`MEw0(@nu=UH{Zcn>$mPrTAr0r<zin>vEI6-Zt`C?$6DC>+
zs5`i>MV5BJBvJ0j@H1Z*!pLV1(d87aua%4?em4{+4##UDF=jzYsAbSZ%CQwE2XLOz
z;OBy-USBeM{!&OKbq#Hjx|YeXbkXZKV86!$jy4&l3)=wNvd(69g}2NZ_VP8?aK75w
zE?w*q`F`m|6H;-mW(^0-QXZj08t_-`_0ZiW-x~Z>UQgnBDo76OtP0Zd_enL|0*q13
zfUsJ6QQ#>ugNM#}8Vb-1zbuki+o3)5@ZG6{+SyWSTIFg}GtXnd@FDi?%re)gpm+_D
zcw6b3jD`uct7#%m2iYkxDf}$@dSsO@vODlk6=w|cd!IJn^i!~RCt#gdpY~ZW*jW%*
zU5Af@ubsM6-0=?=(z~BMS=AMMI4(~ldt2=u-r02@1g)EzMffDsZxUTz_8#4^SCrj9
zk&4?yuPEz(CNE#{U$&ZHeq<fo1;<SCvc-ue?%cKvho@Z)l>i!?YL}CIt4L4G!OZC%
zRid9G?brM<F1&<X>$Z~iXfihBf)#p(xQ!Um80+-#civGvQ@0Ilmsv&;O8m2w&z5%~
z&nt*ZvNR^!zMA_o4}kTpppg5^4VNiQAgAw>OmR-z&{f{lLIIxAReV*TW`!z#4M+uv
z1eFUCG2hcUR)2y@CCL~St~QvtF>P^bEl8wNVgZv%ObL}Z@B}#MAQiuPOW1DpkTg_Q
zc@PZ~&%wb#E1n3R+t-Dl&$$H`;)cCKW?kJk^kVwXiHPt^8mh+Lj=9EJKN8AkQ)xR#
zJz%ov;U6Pp6Ck}g4$WM-y_5ZNUNPheJ{0<XDFj}S<WT1DPBj|mK#hoe*3s!Of_17X
zWZuOJH<ukUtTZ2THW0QX3W5gV(=)J&ojLHnIu5`I^spUkG8Io^t4}-4p5o3Pp;xoe
z9c3StF9LRAih8>;Z3MMF<k-{0&YeFp4oLe*Ys6XO>fj)b?7fkVn@jnjqUq$;@tT(z
zs8N$m`-`|}MOHR4%SiO&5QKF)_}sg(yiGfejTobr($vL}{yAYKKh9QT7(4t@ZN34@
z5X}&?*6df;y4CtiAR-(VrxMla%{SD*ORMfF<H$x$Lvijt$I1MN09weyHVdyE^SGqG
zf}p$<ii2aQ7%vV+O=4ekOq=c0i6iZnrY9gHg`($8{isnd*s21mJL}R#K-qn6j3z}B
z&9p1gKrjo2!{<LVB4(1VgsUW~11f8c<CdMf1P;z8bb1BzzRI;H5kM??Eg@$l#m4N3
zKiW?P`xb~<Ev*4`PCxf9Y46-eC^IM5`h;J6wb@p5xqe#zv+5W_Sje<%0puqZ!al7#
zMd_u;@dG2D)lU))S|^qMAT!`XRobYM@R56{^R&-%Z;Lx~`}r4=ql4JM8asR1h#CBN
z8jO|s;ZYMX<g2itq(@?{tSi61Kf1kymi{ccZaG80E8J5ra<mRP#9t$OoiJ0~qCAu`
z`aLY}nVwf?swbqcesPED`((v{TT>~5r(c^?=1wn<OQaw++7?%=s}bm&s=v1NuTRqm
zU^?WReeUNGw<@1YVb^P18aRV=U|*gGJ>dAeTzz~zhOfTUst&0w$wE?{5p(&gA`j|i
zaEoZn&spm=tr4!CG6N-bvnQ|fCjhkTOm$W2RL?FZmROlGV`mx-<)F7{bv+d<AGpD3
z#OBg)O4zQu<4GE^=+q56s32Mm=2kIcLBk(ui>lvnNyLVD@hI8J?65q`y0rmH%iI%k
z(>H&A@YjP*O9Kn^h-O~_Bf2Msl{m#{+%2VX_EbM9xo?6I6fl~i5ePQP&(qIlL>~!J
z5)qI>qaSaC8zc)Dn$>TdRL(<TgO>qeptirvr%DgJhmqn8Z%91)?w14;tvNo3+Q@d!
zx+t-zD|d4^cmZqf*geTGgjvE3;^g9%`!HsK8E4zwhiC26o3=S>jI5R0Z6t_`s7a|c
zyd&;T!exC){0Wd26Lu4*ht;~`{@Dp+As|Q8PRs$HwGm1{?k6hrdKMR@qRFL(L>Xrs
znq^?zb-!_wpicEjaE0hhh$8wP2Pt6SXPR~x)7!8>?&9z(hdD}XvkRl16Orf2a-TgH
z<@ZldK37E+0jR)|;lquav?4c+&<4s8(m<E~sZ?<faee9Fjs6gT)@#S(bmesB6fh1-
zaDFgGH@yH>nh$LvrN~v@87EyaK{<vc5m&CoWywUi{}}_WdQ+;H^lM2-vEo>pKXIDi
z3TgKYYIpG|@8~nAkC*!UN^xD8q3_%2DA}dIgu?I|X@tc%P_PF*?&PVf4MJoE+2Zup
z^puRu#ae#VT<<2Z)Sp%rwh^i8De3N&bd@a_G9N$+mDBC8g&2pGX@~Pp3dLilT1!Pk
zmcdv-*|xzi63rc$+siOSLi7bb(?j(}REZm~SYx|~`&0LiOM_yPUDb*-#=S@8Jj$I`
zE>c93+OI%&6^p~i8gYcFS=1uvf}rjv#>hghi${{SEfFh7r_a%pI72lJc!WztN7$xJ
z%;dOJYSo)v?IkROv9O%^6`&;3DaprvoLU(cSe}M{kCkB1Ui$FVBkD9*{&!iU^fuvZ
zST6+}AjUg>J^aKwIUn~^XSNaw$`~@&a+)X&TQXPZkyvF5@;z(Vn;6B62TLwA;_n7+
zNl{s8d<K1bSafI(w<HZ$1reNJmr@<mFdL{4lgN)Jm`r{Yv=f1(s4S^oKUS8o^NMD)
zI^R|G3E(`W*FGO0>++O`+3WrBTK@e4c)nQCulwbYnuqi^AE)c<@`p_pfb;L0JAIb)
zo+*2K%GGX!#1AIMAJTc5+G3_R^`9H5YZEWOb@)7QC-<zKe3~WJat`38ya>jJI&w2x
z_^9u+Q-_Hxf&A37CU4;P9%r;)u}FU^X>Q6NS74huK%CltY~IQ3rQ>BQ<9}2-AsdoV
z;PvvL&ZxN?v1($zb`lKV$zKD&S@^H4kH?Fm(hF5~N){zK%yAE7?H4Y;aLY!198GI3
zUL-{Hl(-VAY^7sV4i>3uz5C0ulMTMtgP!2c_Na8xb*<0@)OxCc+|ZhYk!iqR1^o0O
zgt<*X(0!;2@Bxel*hnyvOn?q(T*LtM{kC08150JL4|E%7LP;e!()*z*;l7fXY_HH*
z(X@1?jfdqH2Z79+wj0<yRbl3G#SbE==x`3(m<OL%bn9BEYbE=&bWo&E6*QnEWX&bc
zJKCb4n4(Ro>t8jGDq^xR?BjL4HVZD1J%qanNU)6wK7KV0o@Om<Q`xlRmaAcv_iOmc
zi+g%I%aoqM>a;XBu4!z2$??p&@oEn%aggT%DxZW|)0PcG=Rq4#T|VP*6~7=?cvX85
zQ6cT6C8$Z#nu9Q9^?`Nn54e<c;=(e_+mKoqG$Nd`$8sTmVRuQrfvi{&y#I>r-%v}&
zP(oc<L;A1)hRT$)1bH}VXWzNwG`gFD$XFc4e&g5rL&AVYXlm%bwYG-6=!fD+R0QJE
znNdXVEY;8%26POoeq?%PNl2PmpEiwL$9TJXqrg9(!ooQdPJtZ*$3f?dxYw@9_jxgq
zj5iNEzi-{C6^6<4Tl!C@PSA!GUUA+EOEVMF9+ARJdx+ZH>O}%UhS5;zfJiNkDrH?Q
zSFxnQTMf|qV}{vr^P1#S){Oav4XcQDke|eJGO*bNE*}jODPl4U(R6;u(Zuw_eZ$hg
zYR3X_F~wy?LEE&Oo6glE%jut!CdW(ftZui9=SW=Xc>B^;DBtP{@<xKV9yXssmUe<c
z_2qK9ZW5wi$=0`Y>$~<pn5CEa!Lrz#KXz}bTEsRuU3P<7DbWrx169#EPEF&7Y!&W^
zk>rC!z^dF~C!<YFM;#o65Av*Mz>+DYA=A#sJg^jNH3<-&(F$L*VU@YKQ_j(Ti6=j1
zPa^2SZS(<wY!ow{?`0ymTOa1cqW*z9FhQoz!--h|SaWo0d&Nat@ETU$IdI>H)Kj4Q
z)szTmu3Dw8JvidpA+n#8wviO6>8{QU47OUQ)ZdtRP7-I}=ml!VT29Qac3}~ILB=Q4
zE9R|k1s;G+RxFLS9BL@~{<^p1jknqmla;+-Ax0#k=}VoEj>-Q`cS{+nq+j$2Ggi|>
z$!L~LIi603IAl<le$xWUy^v#kwc@z3KfQf#lvZjaH8`vB>aO}~xV6~Wiiuz__Iw*B
zauLMt$<Gym_?9*W7BvEen9$sEuPieX?;l0C3dghLycG$acGJSWo$2Df=e|wvpxJBl
zeSt`=uTu@&y$oueK+{5gYEa0|Qs3gZxsk%$r~~Of1M?|)5fN2pSbW!`ha91;J2BP<
zsK<4-t5%OMc^jYil1_hk17NRp#mY|erw?Q>qFsG}W2;#xT6Lg31oa4?a!PaW44c&2
zG^3t762XQ2W~amM5FOi^V(5~TZk<;&u)RCQ7KEtJ%^m8eEB>Q{!hI;{GCIT*HFU-@
zwaiya=WaKgXVk5O;Vppc3G3-XC%<dMd!l*MYF<;%w4qsL_C$oI{?z<@`~>e{$)eHT
z#;hP7)Fj6zk5WJ}uL@F6OxsQ<RVk&k$<yCA!@nc~!&s{i82}uZt4X#Nd(wOlZEmDB
zm?5TY#x5N~mRi)g8K+M6%qm?=G>U}lQ6HQH${rdpGCtjeeTAD&GzdE_{(iZDmBI3c
z<Rk}5yVL~3@FD3Q?Ki#wL(7h!*0!R~CvY$%D4~sFwleYSMCoYb;*S+ih#Zp^!40B_
zJ7_F6B%#d6@sfixG=YvwNAxyhKwuZMufbhk5V{xJ*}B6~-yknE+7q#oD>O>_ACzO0
zkvGr~x}98A+w1+$)uCl-8dyXW9zl~=%a1?E@R!mIEx&Vn_HIfJ_7DVo#`jRBgBgQT
z2{5gh<h5Ck7fcC&H`OKvW#(xZMMPrXG+IdDjdE&Ink{!^%4XWz+hsKd=24o#kUPes
zpxP~6cJ53jbg&qThm6gHC+d=<wl{Szk5$56`Z!}7GbLo1^*{=S>5V6ei;i)5^nG1`
zle^(4l0DxAgQ(EAmUd}g+uXk|#}SMfcQ^{tOg{wNZls9Xv+vS;A4y+>dW(-PUZO$}
zKi{A#hu0>`IQN$6J<(rhZ)Q#Za|A9ly@z2ZMw9T*)d~v<Kq;u^hVM+uzo$~^^P%bC
z<}*YY8r8?;V7`dut7LXG60p|!8%29vS?BBye;#FaGNG9Amp>T`)qL574Ehp^>JV(j
zkuCb9BCK&}-I=xjS~T--f_B#a?LQv;{!ymi%EImD@_PAPqG_@-z;?ftjl9$3c-;Bh
zjPs}c*Qc$?XA;p5y<~R1V3kz=Y+LOh6D$VQ3?ORHP%yB-;>wvY;4y-v@`D@ed;`pc
z+b;Lrv>|Om<4kP*{D3O<=i?d<LT51OV%<={*6Yd3TlN;f`_3La0NOrtM@I8EsQO1H
zw=~%Z=|QVh(q#?Hchgj!Yq-&l1W5$>RpS`cIY}Tu?K^IT>dV-ogD*fLODDcw9YN8V
zfALH)Zhz1~9r!^Nj+Qbh&Lbeov+U{l$w?p?!x8OnYm}fOBJ{B?yj;)dZ>&W?M4Z9t
zsG|CdF12qtI7G&Mf>JbFHBEgwOv;v*B|RR=I9^T|RA#0`qaFKJl9%mTk>W8N%0z-L
z^hamp1}(Q(3@4hMV8Mb(iG<<?u+yUuv=!1G?^DL4Ch$;W{uI=6c8vg#OvU@&dt(~g
zkwLlLW!7l8{%~6bcc5t0XD7Qx4ZSxLgXwTst_QFgCqLm?pC$KW6~qj}mzV6-Cu<fw
z%T848ot-a!l2Xt7thXy&Z@Rtfu|O-2qi6;mRvSYX4n7vyxt*`+nZIr4aU^?$tPqH+
z@P4NE3^~Y7jt?<=JZG#V5OYG0YerHWIHqSgFAHY$&)A9j2pCer9s3B>tQ3x^M!sH3
zGl&m`chimx0MDnlm+K4P*VSHhw^FyV#~2l=I|L;&k~Bs%q1a*6OZ{bvAs<DBJ*T>D
zX_RajA2VL{=c0u)dq4-gc=9~1Ltg-UfOpqixt-r)-&v1bXcee(7=vz8h!|^m&E7lE
zgr`^QRieKhLS;&;9()$pKBX<7qUJ$j!&eWZ(^#i%7{JHr%*e;aBkirvc&F9)hY)kh
zdT%i^KB{kdX;8*4ZY0;ug3=#cjT<li^>m9f7LUCz$&4km&SMxjrGVr>U;SOY4osXC
z0+192!xOA~2i{?(@@|B+1YWbb8e%cDEJ`XV3fZ2Yl<#Yp&#&;CK~MEG_Ys<KlR;sS
z3~ciyj@(V6K-O>fwu_wzxqTs{=^WnNWQ;%pabA+j^VZtm^>vCEFBxF#MJTYW=_;ya
zu4`M;sJhcS2VCjY!>+jnv$M~&SGSu-rwaMdB}<jYv~;udlKh2f<K5i&pl9<wIZWR?
zMSdMk-_*VK8U405esNJ*`IE2X<@0?1K(y^6`zMVo{lxFDl~;ZpuY1tC&JS%>OG8z2
zp>QVFLw!rROU$sbT;u0f*Q*dG+6<poHMWk@k1Me0bCoB1T39IeW%8=k7#Ee^_?s4T
zV&Jm2BX1(4s=dxMJO(mIlz5$DEFFD<*9Lzlfes`juu@L3$w?bh5yM9W0cj|ryBfMz
z+TnY=j&u{kRm%<k*XB$TdAbq}bMP3gt+AS~26$*%SETVgkn%Mesbkf?B$5T8tR7PG
zH4z#a!uxtC*J4f!^dBKiEC=SbZ19tr+1IWIM^J)aS_tz6g~V`LNR5iDpLv#WU47^b
zAt3_+jbJ0k-QL@UJ3=#(X)&B`l*AeL`#jghW7C?tAa!7}h6408lIkD=8;2=O3HGz8
zWc|K@wpg&HQbDYZE;$vgC1kJ^MSemW&{Xb4+LWRMYH(kvvE|uLd~?Rrb#LGm$tv09
zTE*-F5Q#l<L>XE;g>Vw8!7|)0!5>y6_CYm5VE1%=ZZ(l;YI*3>vR;6X?D_0${7z1<
zHTe%()d9?Sbj;Q9VU|cZ3`Wz278WR_5+T)u!S^x{Vn6_QA7<8Ez+*tt-DX_OR5>s*
zyf@C(ke>+~mhKcmfR69`6l*1bE%jK7tSz-su-b_gJ!K_F^kMO0R43}v9`T(+3Fk>G
z)yY4XgUrtAGSjNFgYE1v8~(noft;WGN+$Y??@K3k!&j%d!^LM3AS>TF4X%63yUz{R
zVp%yqijC?bG<^6#j(g>xQaDlpj918W$<xKAoZdQ0eIY?)5J6oq1Ym8|wIDn4yW5>p
zzqTe%pps785dy&K-Q-@r&UwtE##@cNqV&i~VYtAnyJMswomEo=PKQ~Xl(}X<5#O7j
z?#dMQ--yo^*RG8eUN}d#B(K(9E{OSUW86<-s=(wM%G7oc)V}2Y3E4&gx%I&mX6#^&
z48-iELLXpYCfj86J&($y+Tq?L$Xwtj-ouqly5dxgF*Kn>Jz*HQ-lF-U0aX?wI7XAa
z6UJ!6#V+gyIM?TyL@O2-f12TQ#nvC){^`Ao3OB|0_3&|nI8&0L?vGBIgplQOK|2^M
z{VAWFo2Up<3z=&96Qy(<yF-X0c0D(y&KT(2^$^euWv!jy0jDo4SKhJTC}vrwYRG&r
z<s2e=Yt&6+R1>{vU-a{c%z2J6+{_Tytn$db)rOzeFc1eeE7+FBVTG=S7@1<$aAj%6
zYowTjQ023k@-YGohk^+~Ww1#R2a$}mHlTKf4or3;w05|z|Lx`(@*<a(x63MLi&+YJ
zW|V4VNDlqnIE3oQEHm8Sj}Vw&TFwZ2Vu!PNX;d?##cVWY?CM`voHUy(SEAxvS(ibv
z9r)}Lw`Dl#n{!SJDH|u}vNV*AsGm3%@4*BiaUDf8-A$CtY>o3Wzk!wh%K5N#<+WE_
zG<i|&q8Szk%CZ7Y#s`ST&|*VP=x0^Ifo!hWEf|p~z*AWc!ky|P*^9gDn3{8+H&#`@
zxky6(u*`u>36j-<WHBvw8-Mj9=auz!@`RKPv3qigpZx)dZRKbEYW0y)NrxFJ%O29Y
zooctYqI)&3oCd3^mDQueb0-qd3n^X+-PTxGL)mGP3xB6ox%jcVRW`%PC{(S3`NZRu
zLZX^x1jc1Xi$3$EO?YfOp<3DzxCPWMHgu)CN|wzeypJe@rd76yD&$`Yt)fS)5kh%w
z3f9fJOm^y5&aI5Q$0%Umdq?7IjpI24X|l~~wB0sr>q)=jB89Z9OC43!(sB%<(YA8B
zf{dof1`#+H6`A88zP{4VpfG0;N~PU)aRLs$?i(Cic7}d=pGs(}ls9V;ycqkC_UG+#
zV$mPe%+l<Fz%f2JXQ~ssf1>a&tjL#(0A@;d^{&OiXzNcaItF<G7<hc%Q!@o!l*lVn
zgD!U1ym^Pn_J@o?gdnF|Vt?)8VV)(XOD+_86!(izFM}Anr}CiTMSaTkAR|9-tdgk0
z$op3Lgh`{xB0_N<r!{FmfmkQ0>xJXE<&-mx&nUcSUa61bsW$So;?@gRR#{RnLNUuM
zR~cp`t2jK*ufuycT(0#R7@`T~s%~POVw60TTxuq5Td!FV$8y47Zi5NpbFJ%*njRI!
z&5;z66y-dAKE=(++KjLaRK`CnbRB&DqTfAG`ZeNL?2255JfNO7TU1vnj6+&kc1euY
zr*HQ$#9*hE7?~0g1s4omZTNfB_vWQg5GnkHaa3WgDVw<!%zaa9cC0Rl_I&YXC}kAs
zAm{O-DW5Lw;Syk5Ch}%VofHGDka5c3*L#fuQl2_NJ1>Ow1v|zlyw`}%g|2_C7}u9m
zW%u5^Oy6dt?kg7%ETY0NVFMNSybo>`GBci;=q$6Et;jsSV|#4Or*SL=nHIUa1nMjc
zEQjiBKVU015r#wK#$IS9^3FV~yw^JZbkt5qs{2Ew_B$JU0OMwiN1`CFVz^?~p~$o8
z%xfpq{X>u~7QJCStSH|uYZ5F<d?y`M@Mgngm=NVR<RH4fy|TpjAb1mKfFI=vIS4@-
zunUv>EJ)FX5N6XDAm`Ea{Ut=neyS0a^W{^M^F;`&*7z5t|6k(w)Pnk(1d)OeHl2tN
z_8+LN2&>?bFJ%Eo@CNnUt0v`tB7TSZ$K!YKCvs@~e<J^Ds((9eL=wEIBq08;V_Ak<
zCCEV&6AZzd#{YPIyF(cGPC)0s30P!GLJqpnJ3#%LvBrOfp>HovN#C^A<o~AfU;cMx
z=Km?MgX+7k{@!(IiZ0_K*9d)IvrMW69|pRzhr^3-6g%S*&HmfQsy~qx5jq?QQD{9I
z{$~2SCbl97OGmjRm_y`Mh$im$k5NTP>x^5P&B>#j*wMpBuoW}~NN%7mz>738mRd_#
zgjn;6av!=OZXhsz=P<=P{EZ}0WJ|5hLZhI$s<d*WtTOch=NZh;*}!J^s7J*=`lGJc
zKZKVzH-xV&W}mV2Zc9ma=Umy+HJyf9yOiO&V6DkeQ}`IX2GfQ%s94S9(K4g6e(R@g
zn+Z;davys*5<P1nP*SF!;om2^0l0_|5Sak@iM(um?@awv8XbiCGT*Q8Y@D_d8PlqZ
zC3J-k$88j~D_=Qtktz(jr0t5lZO(T)6jlO8OPmzX`9lF73r|A_p9SlQ-Txd%xB{qd
z>iZQto0%JVY#!svBVVpP3`KYa8&mPJqID67Jv&gc59|ByW*tjI)>pO=N!DfyPS@&|
z?`G+(n;oU+O0*+#+pFIG%p<&&So;-nA*YBRzeY68OZ`UE!_C_(dq6kTxq#!-z4?zY
zgHh!lVTJ&}m|^j8Z93!LPn~w6&H)WMmZmbcCZCrM7~wCD&#aFg2K_zZ3Zs+;Ci*B(
zBWFn3l$!d250JL|w<JTrur!IVt#}-RnrR7v+a@e(oP<=Nsm=cRA3+8lFq&H!W{QHq
zec^8UY>F8V2UTP-5BoxmR$Z2|_zjYyz{Iy&!@<HLVfSn~U~+L6ftU07b>+8B7}+lZ
z@poQ5A;&u8E)31!7A!U=g@MeJWT!H4Cg(40Jt&+56iK9fo-@H6YB~fX1wAyx7%D98
z+`3)fF7F!uBIm><sL$ZD==h*gxzMf^bxiU^v1+#L-YP5HT~uWll91NsjdHmMJp1I<
zbkQx$6ZcJ7%6zjdyu8k-%-M%mddQ^aEqHK=(P1AV7dqQCec^ob>&Y=jrmU!$8vQx*
znGZFM+he;L87VOaAQ$gk^@^E!Baw+wW(}i%G#D{|IVpWBsd`~iVvQ+ehL<h}s<9XI
zeKFO5jS0=9KtmBl?r{9y0-)k%h4G*<OO!D4(K$#*VQ9pE7S`+!&gk<hmt&m6HYyX+
zzx{#0O|K|fBpXM$yvEOp{$j`bdbJz>H2D52Kg}JC-(B+lQo9k}nH<A<b8J+4q4MW<
z(p;0G$nki>^bBUoawn6B86Q*2#VUfZ+NOC2w+Jy@8LfE_Mr2O(<5kmD`u8;;w~?o3
zF3mgWMuWsk2qo3K1?2Hgf3C*o%`Wocy+^>7Zj%rxCHT^x3k31P6S64K<T|vGeZL$(
zbaqfL2_o3KuoMN-8Z{Lm7Tc-xCS<F#`i^ha1;VN6N6}xlC*L~`d7Q!PhEzFfnL<o-
zXqOkuY@p8ccncv^306@le)J|(=GJcS>wT8&A)dj6PKm|KM;FbnsoGGOum3-Si$OZj
zGK#6Y;h%fAma+h^+7Io6wMRHv_hp#n7T-ea3S-XZA)CWZvv<R!t{cU0*T1DRri#Wa
zY#MK~HDrk`xNKrF56K=H8L+|hlH{{C-F$N<HAo~dI}vdf!YQD>PrKC!gxmICvtULy
zgzmADgNnsm9CJ^k1TV1$4URt(`Spu_Wf;Y~j{psC;N%T=e*}?Ti3_q6{(w8V>gKaH
zOVrC9@^B8(AtND`+5znxXHhgxggT?8+i1v1M~9(V7#Mu8|4>_A2?)8#VEDl>X@-O>
z?{C}6zT(X_n~?yOXI%8ZI?ts5VbdmavKo1{eZPoMYzK$-@efLQ*Dr(>Z+=?6YbG}N
zfPaOaDLb5@tqsIWNa)1hN>5x_q6#HJvIM@k$5?ClOQe$0FgS4iA~Th*$dlcTQsEt#
zd9Ves5+y#zMR#ediYS^<Fqu^dOJ`c6JD%RW##Q0~!+{4o*E9X3f#?_*Ch&ed%?Tw&
z^SqW;ho1jcdpe}!<<O>RJ@J-t*Jw^Lq=@{e`xbYG(;Ou@1m+k9zyaoWb2#tHlZQ(I
zpLqy}#8Y&ka$+$d)0iKPKH5CcBx;DIK6~h}<cESAW^&^ec=9pczCqE-+o{;DPB?Ic
zB8N(xr-(N!lbFim+8pMNY1DN4)>3rhb<`&w5yA~QVLhBHgP6GeLMgMYg*U&UUl;ia
zmoFjzmVqRR+GwPk4GzGtX*t(I%b>V@-QHIqHHlS!OE<#|*O~xW=?Rk=zg6`9@T*zk
zdHO&|Q;7M#p!C(WLYj)*DAy!Dx27hsE#uilQJ=5yR-=k38gxSHlq+|#t58>$Z!b&1
ztUfp~iiZ%{yjV;f3gOhxlZJbhAp|e3Ub{M*cF17?o*2hOaW@DvsNv)2IC|1zS?v%w
z#1Z!PKy@Q1vBycnmySyxh}($LV9-F(tDcmIBypBgC#po{HjM`qVXlDxXlcdSS%b#a
z$``T?!OrgimRJt!C=X?P&p(`~-{6O;)#FY~5$x#$*CmCaT9XBll4N<HBu6??zLyNX
zin$*NpXMa~0WJ$4kp86+J}HcJE`U(%>zq;%hB<ZytV>cK{6rJu+Sh?@O>UF;cP}d}
z_rK=rx2px#^O!%B`#R>hhW}!%-+sP(_kEpLL!rZek?(z2-$bRP|5~3vUi`iz{%cZw
zBMmCw7OLTQsDGp1Llt3t=X4JH>$0%vKUsO>`C-`8FaA&F>yniY--Jsex_|jf)c;9Z
z?c2-LH=p(C|CI7irT_Y^{MUV)YGBMCGmez@(N4!B%tV#F=hl|Z!>3Xhae47--TbjU
zm*Oe*I=!|@0o7l?#W6jUB(~5{85)E^pfZHMielR+NF0IxPSpkfflG4({s&N^{UU|R
zK=^wc_v|>D7q}hq3EeU500yj*jkKq%stKCgS@FpyTP*aqpH@79+I@uuLLCCke_YuA
zMhaar7hNPebYL=0aYLj+Wd%xD11ko)I5mI02fQM}8qT(xf3|jq1U4_6y=oX&t+dK5
z;kb_sXGAQ3s>0L={)59NQ<)j&Zx;d~yV?kxbNRZiODYO1pwR^6Od4b<`HPz56FRh8
zaJM?<xm<dB4HjdAEK^xR-GX2~rpCMnv>a8iuPml!%!Y^1VUj$pm5ihU8mhdn_G=#Z
z?VC^-5THz`x9AQ9RsJuJilpKc2n9*SDG|ZFUFUl#@fISy3l~WxFhE(G^xwT$LH{v7
zzRgoCXE8NYB$Y;ZrhhT5Z$EwuI7lj<OhgX<BH#NWzll_m|Fyh*NF)jMl>apozYz`U
z@A%M6|Be0%dRPCQlXK8FNAo{f@%<Elg(^S&PxNozQtLP2i77dz<~!T6#D52Kns2_z
zH$Uyq|0(6W(trJysr);Pl?#fgvEoc@eCN{_3J<x(PB5w*vW30-1RuV2wqC`K(X{Lr
zkWIDYeldNf=U)CmJ?l1}{Yz;RA(36^08ZWw`z5CFPyXX9(-Q~hiJ>9ai*M98j>*dP
zbLS4==hKV!#!*}h255ye_%0tQ2|z|$FyU5$-s^Y!{J37l`srY>ZDp_puh!X)hE027
zv0B`oF~r|huV?H9X32`R1eQsvG=iq=-T$YKa}Q_2QR6t8a?fpr6d{@rvL7e6CWMmO
zT;{SAAvTTN8EUR&?ztr9mRs&-b6Hx1%5B1gg=*wBzuY2*9X;nf=bYy}PyfGvzt8h|
z-|zRsQ{EE5KyOS(EiU!s2#s=F+UXuak5Koj4;NxQuvZ+!+w~nkwzss5=|NtY&`z$O
z%k+63)9B`)EjZ}BWi00B`IG`LisyG};BcI6*uUt+@Xvzm+oefg>fc<Y^KBW#2vL4a
z0KNoUC+2-c7Y{7YlLDLu_Z6(t#PEaVXB@g8{xqz4Oa72DL3>nPALSNX3#V-%gDEEk
zBA*KPtueQ+iLAypIDzwISf-Kj_-YTk<ucyd1>D&jQU2F`dAPh2;)AWZSQ(Ya%dO;3
zE)u6_-g-mzWT+PGxz507Gwg*qd$%uADb_`xM~z*X1<jw3(!?38AF%i1iq=)0=GipK
zxa>9%#Xsml38A#z788MAE*$yd`cA)v2~jptem-ns$4ttXZmjYlwD~?=(K~fwDfd*)
zzL6dH>$zS55^a+QuY<Gn%?vWG_7g`CG?BX<s-k^7nq|;uD*}n_7_aq^sA6unneaA|
zW>m|i{!9^Wf}*H4Q3CU6qtmnsmaB=)cb3RG#WgIJJNP4JIoSO$CsQe!{QhkH2e|ao
zQTyk-Nz2JO4AIUAx(3Q^&hH?*GLNv07TI~XKyD&W`yss^$p^PYqdw;FPH0?LfiFJ3
z0r>{ob4znE^)P;Ez75?uC`8hAY3I~Z`ltBNFK)m7rZXoO(d6`aopYh;KPhEl`zShS
z1^{g!O}>z?69>g@KYuM8AycU88muuCnbfDwCt2Zg_=cqoz!roZm@{sSMRVY9`MsqJ
z+j+!F)IRhXRi0g%UR*Jd#z+@dUlej^EmBeZH2>xXKpC7#@-`C`3z1GsJ>Pur!Z-6j
z|1GTyfJjx4)LkN+dxf&vVq}`3EpeJE)@8<vPabCh<cA$S20kC!!+Ev9)-8czGWzqM
zQM_H=Mv=!?k(tPw4AVG2gt&j#52yXx{oLVL8~qgc>|<UlgL0tQ<&MBfbb(s(<ERJo
zB*GEdqj6l5<j-xqhjV*6*h#45*%_v!-EHhM!mJA9kxk(uC`oYqT@@HQc{2ZGqDMSI
zO7)$srEa$XTqS*u<=$X&9c|(ip=S{KUMyqy`Hi&e#Rt1$1W+FYx~CpG*0V+I`TJOA
ziS1#kpcSk~O&dC-b;8bk2YKk{JziP*aW#^X4hpobA0E20QQ3yZ*Rb?9(Y3H0q^IlM
zVb(%EGw{NwUW}%hvYK+l=t->j?cMP$|2zoWpQ}qqfWNXXTPz^$b_w@ueE6?1nj@r!
z6RWvJi&5iTZ43}A%8CUUXnpS`>m=suBaX^kmGTNuc{9h}Hk>PS#{a<QN3<m6wu2xE
zduC@S?WO>kR-n`P!}GxYDE;ol8EUh`n0gpI9rA%KzhXmGJbClOCwXbHOl_6bX5R;{
zBO_POaXrric2};g_k03x#c*1YmyLWopM?<rzB<b;D!&(*--^2o2ad>rMMJ$61;@~0
zM;w58#8ljq!l$7r*=Mhb759F}$yRAYJ>gz*W!ksyWURt?<tSlDd@f-%7&9<X^(yyD
z!O5YKoG!(>ko629PQG@C@MU+c!8W-QN8a*i99&<u>OrzS;OvKh&pb5quHW*5FQ`}F
zcExXxt?rdl<|oMH`EXSa<iFGhIYEA|Vfz2CJ_xEr3m%&h{u5g_Mh6|Rb&9smpV>Ne
zD|LH~Zf$qan=g-+u$V5@8K!6l`rfKQrGaRz71FUsWne{hA5G|p?Ouw4N8DVosG+VN
zEld~IyZ#-%NYpr>slM_n<$n#oT^A8>c|j$78^#;}c#aw{RhOlUy{nspV3C+VF&hbV
zRYbbhK!|B=+0y=$R;K~|GvI1~qI&w^Pf72ls-Iv5=eT*y`HkbnB_yxo2|+d^qh+ua
zakEF`RRtO@>a@TUo_<68S+PbTd4%lvyPlWLFHSJlIw5zZcvM{*j}<6QYLxD}ZR&}o
zv_nSxyF*nZ)mL6hd*WZ&ccGrZwBEr}>tln5uM|Et8{b)BP)v{ELPVWsK<>gm{8L;B
z=<ZrkYgVQO14I=Bt7KJq*g#(ak|FNUlJOQI*kbi3vg5m#Z#-Tav&XE}Hc3C7qOd=8
zuTK{@5UxQI@&&hSzEDrkI{@oDPnrAV4$)gmrEskHa7>4tldJ~^H&>vmlC|vv98-o_
zP=P23z_P#YFkakIwk|>k+IE|t8LI5}s6#r&mCs)P4b=$d!$tiWH9zg-*B6F>0L2nq
zX-H`N=ycz;g=7)=|57#ihtn6Wt|z86@%{|gyCWQfb)vrp3t07yGanhZ^Rhcrx&Geo
zU^g0BWl3r%QSU{Hw2W3>wm9{?>+G3qpgW)>honzSxNl9Bv|m{&xcm6uMgyJ(Boq{o
z8rK0U^;c1|bO=2gbLM>Pv84(J*JlIKIN(|XC1|kz!xINp8;hIFx9h9yZichr{qaa<
zB4s;dZiR6?!_bg4cX8p&T}vZ~y%(7_l{H%&>t{cl1<EhHz|*nW6RpPj_==Bo`lWrm
zrW?*w%G&Y%GYu(-%<{DNw6=-4oiOJ#V+k<AN34Xy+Q~@<#Tb{CAfHxmBI!>egV7-b
zLfCrcTkIPv^Js{z2<#=`Snrc-Jf}aGEgRF_Nn>fzvS#s35ik_p4s#+4?kj$o0~hV!
ztK8pwqxl@+-Tw*<^c0(16t}jH;&Z<bXP0F+*i}qS?%!XU{>Sw%{Y=&CA1bZA!+dyI
z)X?Pl(IbAshWEoI=#k-HBPI@pFhkqntOUd$6gaodi1Q60DalaA_G{L>S+PoO=Y%@`
zz|*JiH#t6tmGRicYJGk~d>dw6ouCd~aqgO=wW?HYSa7FD8NN55f_GN;kkr$AzxKiY
zHEjMN3r`=Igf9IMT;qu+w5%?^(X;EKseqFW75-IFhF3F6+!(oo=bOSkXruWyS>^@y
zl^5w0QvT{gRgsUsT<zueSQ=hg29}yL;+mX@5b5uie2?4`$=~z6dWT#0z-Luymh))g
zS4~3iMR!c@vr8t7Y=zEpT&9lYE^CZVr-yBBfOdn>X!K7C%PQYs55-;})E+IEN~dlL
z3E>UsEP>_8*-pfVl8$eLHpeaE#TG-e?d2wo9X-){<G5+;yKebtQ(NG*uK^kS6HEn7
zukuzcUTU+%RMA*ixN0TeVolFM2&K=BoOQJgPds)I1kgzPrG2k<eA(6YVL&r2=~QAQ
zdoT5tEN7r*eiUd>NG0o*Dgo6hWK@U4?3{<244hvRNOZsuOz(|+&jK6ef6|M^sRB0a
z0uNd3)-PDHohy=jHXs+2pkK8J)z`>!74!35EcvAqsk{%&L(~#oWX*j<Jo)X5T)pLD
zEZ@`<r;c#j^lSp!deV&($gSAaMwrL7)-&&e>6?X=49*>fh*Y97LB6k#xbq{<ptvwv
X)Z%Q=&3*Q7Lm8VGES$|Db%^7in?Xiq

literal 0
HcmV?d00001

diff --git a/assets/elemental/elemental-103.4.0+up1.6.4.tgz b/assets/elemental/elemental-103.4.0+up1.6.4.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..38dd4d678a40f2d184eb781ef642b266252f1b4e
GIT binary patch
literal 3979
zcmV;64|MP!iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PH>OZW}q0`Q1-Z=;RQ4FWr`8Th0neaM>ic8{AG}*xA7?1_OiY
zF15I!$PUStqxJaR4<!3rZCU<^>>R}T5sOV0tBR~*Rk6rHhBM@vu)TLvB6YYRGxp@3
zORv}K4G#|Nzr9|s{crzpzxSknFgzOcdc(oN{*zvRzke`z0=@f2q^o2~6Zxcf=ds$v
z{Un8OE;P|pa5eG(BBBWsNf;5W8HQBskxYw#a-|7lBPf?k5Xt!UjOb|E*(*Y+>4aiD
z0!er@McLUbrYdD*5pXiY5qv0sceeeSjWL*`R8;U0Jb&{V`r%+d>;=8&o$U=wm68ZY
z;3|U(d9_d)XPw=I8Udp```-CAMLDBd1=qBaVoqaJK{A&$p4D2+`(xCk-`P87Sd-R4
z_|lLHuV4`V`D&siG9(IfhE@cN6eZE3dlpnAQXIjIaFW;#ovrl3G>TZJG|E5=(LGIB
zs<cEhtI+R<!|=c(DgCvmnGZaYroT2D#Hb=kQ*Eotr2qvl;T;oM44;UmbA->Q@Jop<
zOoW7Y4l(#7VpO3=BLiltb*e^tdy<@o3DwhVoGFx%;2OCOBQYzOy;teM8KHcSiA3xf
z7}cT))jaW9eDx|Kd;8%**!#~cb<{kxT(4Uyy61#tsD8u-aGm}?8XUIu|3PoK)&H9)
zbVd?1njdGWUX<E;FD046(SB%Dl*Cjhs)byPz%LrisFXrt94spt-viJj8G&zQ!Thwt
z9A}Ij3r3^G2tH0e34JV48Fk|+#Q0-@$-2XtP8M!3&M1rV7UM=!!Z|WCs*`MAv0z3c
zDS~0x3&up^4DD{`8kQgpW|&Z=<swv>!fstsblWSSRv0$G`=0j{cs3iO1TlevkA@SB
zMnr)Y5M#>3!Yisq&^Miog8NPVZnWh01t^qrl-^VK)2YAF-rg&t^bCD({_9mrlsXqO
zelvQNN%m&+Diu<{F`yzbn-Nf$5=k`1z^Kv&n^+i)s6a@dDUdjps1z#DQ=;LVG6q~|
z$P|K}q8r)c;@Dx(9~^}}^WWaf7yVxK=g}bS5ABcs;6?w>=GRO2bNC`u^XNsGZ!{qj
z5n-N}Ffk@9H&HaR3kAUK<L_}oGNw=R2^oQJ8Ja1KL2$MJI_Yi+RJnEU6_fc7$%^jC
z$(SL;IL;CfnNBme(Ue=M{W5|HVG2Euix^LlVWfpL$Qg4*a@44rR)wbpGXM&UD}b-K
zC`=UB)RI;VGXnp^w~W}O2Vj--2z(36RpDfUksiS(aT-lA&KTZg^QrW|##zdUMzwb~
zMV6vep-%5*E4W7g_m29*mi|9H+}i(}DHj(3#5kcG!FMup7CRw1D`dil;PTQl4e12J
zU!9rY<gu{(x}~e=mP*R?1pNO{d;YBeAX8ZW@GE?f$4h^Eb&3iS&N9jFNCr?Iu`FK2
zrV#4*)<&smm(@(^YIqakZ$AHB@=sD~b`l!l{aAz7$^ZV6{0|5FTlwEe`AT^_g15&X
zPu+|+{Itp=th=uJo-tZtqDf^pU0gtT;(X8W6Pclr1eIcBS}2Sp>Q7gDq*a65UvERR
z)dnO$O7!$t;)H(3eEY1qZa<CJ^>|8`{6{3EXL3xUdvXS^mH%PCE&sjV{#O1sQR?Du
zr<`PZDkS~4wNS&aFO>^dc}`K}QI-?IutN*f93PU>K$=znjEs>fXRsGm{r4b;Op-)m
zLNo?i1Ww-=lUK_OeNSerkaCjJze<s%Y6QRe9T7GEcMD&l5}Az9Hv3avIY&7zD;}ER
zkF0dczw=sy80Yt*0j`Vx^!AtJe{guTmH$nYr|=K1wDolJX}3<UMx`lFfU5cE#Dz6R
zRZRBtUrvpq|1XTR@}2_K#*wz3wnQGI#MoHBdWujtXsz#Bn9&LdeC6Vt*MWh=2}<M<
zT7!E6gvYQmCCcsiwU~=Yk=wY7kV&WcybC*#;Mztme5&Tl!I>+%U0ya!pjE+prxINp
zI{ti`_j%{o*r6V?oYO(h-6A}cH^_~j2}9ID?p>5dlt{~nK^cNFW>SaaaCzAgi7Lk~
zLS9zXwFi*L^)sc#%&^_~61Q?Cw&f=*EA;=podsN@{|Ej3cKrWvcyzGU|C=Zm7w{~`
zNv^c4>o$4~z7KiO!|C8c%@kWi>vw1s(o(G^$x<E9ox|>NuWJ3HG;&RYwuijCPHr;i
z@^aMi&9KN0c7+!9p2GhirjSYu@H=&zav`6&e;&hl0e?d_%QxKx#KOkp?eRREQ$4kN
zag<4kTth*|Q_xeY;G8VnG((mqlEh|<)>6b-WH)J!=cQ#p_@Wb&Wki%kAV!87V?&Q5
zJVAIyd5qs*z_X&`=r!yxA--lQbXoPq#QNZ0F{wWIjmh!B_jg08ai$z&YlZ}VgB^=N
zIeu6yiO@MI;FB~Bo1y!hwqU&QcfmL0`Ma>gu>*)*JFR7HEs7ure&iay0+Tzf;u5B5
z7v_!1wcK8@me2W`-P#a8QR&?Oos)iM{P+8?0j}BqhX)4-ZU1lB-^PD8QtmbW^SmPr
z{Je<b)MGd{q~rTuJz!(&BEcs#nUPd^Mcl^KOC%cYpKepJe<rByzl<vPN17+31(2n2
z(c#=yt~ET)k?X66PS=N&iuhqjFaz%~ku(Q4!>r$3X`(ZAO9(ES|1iYo$5teYM7C-o
zSK)B;;U1LM8_ZTa___>pMxrU@ZGzTiQHND?<q(t`Q4^AGfP1&Z>q^FUj(;zsE>xaD
z@;I4Np|_GZSL1UhEb<taOPzUC{ApmenPp?W1EH)v{%DxdKx)HFBp*9Z$SqvtN5+{J
zb`Q#;N6MScGNsHReI(qd@VTQJvA+JQk;WO1*$T3kXuY1ou5^(u61Ap0xuuP9rH`^a
zka1tfl*jpCu41iuZXxl|KH85g*ZKcvIS20&2e>Z(<KVD${yXRmw(<YXl-v9Ne{l<A
z&15jMmQHYD8Wj?~Vn7dIIo_}`*DM>`)98^G<UR9zwztj|T-mu1B)zy;PCdK4^!~pp
zfiC%XR}HKl-$efBe!thg|2Z5SZsUI&DRucLX{stwe_yVG8|HgfS5z7a3i(wQD{rcH
zQ3BjK)!%DbVn#=#S0sxT%QWv=!^{-cfU*h>K!LB#OLMs*D9gS9AfH!&f}HSApU;j@
zKL77O%Maz9j2f}|^%qC0E3LfqwEew+|F<t+j@KArW&hLL04UPPYgMZ>rYlR=tNhv!
z_G8#;0+*M5v%4LknALX5eh8PBOCYNYVy#nE_gRw!{wPj4A$0fJ-<J1H>-ZCysQMf?
z)<?&*xywKewg<ud^<m?;ZM2H7rct@$)M{6xJy#tI6a!0av-bmW(V$gb#=AXU<t@Og
zajTl#4Zk4G7)$MnY)!z@K&=H_!c`3e<I^>=VwQnDi7y7IT?4CHweE&hUA6cpnK20A
z58#x?$Thrd0&lFbrP1oQ)2e3eJ8QQX@1ggvZMj?Nvj5zrsQWtoUBmwyw)4M+gTXfc
zcOzw;>ptU*GEI4L)wS_ZgI{F@zl~><yEwRzU|cre%OCjo)O_Eg*)+E||7us=(#dk;
z_CWQ%h(vcemJ2x}e6{O&#rgAE0lDXYdfto}nTm&=w0kUF@?T~VZ6^P-w|}(1l>a&0
z-v8N1xnWjXzA|p;5!N4jG3~mIwboNa#>mLC2EXFs1w3>22S%^U{#E<JG`YC2jg8T0
z?M`RK<UR9rz^&<0FJ1EA%%Zrv7PwCS`~5*n{*U^-?f$=!(s-7s5c5{-bUk5zXiB!_
zHl<7c=Y-LiXe^$63nCf+!1JH|-obwR{HMRY|GSyu(&G~iI}CZ1i@)k9$Opf6EaQW3
zbMAMcS0>y)BPms8r;cf)?Z&(+xqt5$mqqij$TIT5U(UwzZw{vjZ7jp95}ED*_De1>
zE5MgBwf-<CwOpbKawEfNEnxZe0UN`za2m-uHvzG9;o_=vmRkVrfVK{p(;_<OgI}dg
ztTTSTm6>siKRu{S!`$E`DSZLYA{m=S>{fG7nwT~s%!P)XXW=`Nk}+jeQ&i#G<BvI6
zD*PK!w&QNuF&_ZGWmIAe{z>uIyOZ|{h(wrCr6^BAIJP@0<m%U5-VsuwN`*ahHC-Sw
zMlg(VB4pXre6yE&?8neA-ixUR?drb`iDLXOLuDcPB&GOWBX?vpgx+5DILZCv_c)=P
z=Bw0)9s8b*<C!0JUC`g{Vqt+mlSvMi|IT^@C1xvtgZU!t5wH(`z=TkCE#3K3nTGb_
zQjo=^x<pfRNZfJ>r^sfZnl_%<^xJgdw+8%YO-t#j<xmAj?0QgBk+B%Y2s1Iq7__j<
zfa7_`ahBPjRdYeOyIkdZC|a&s68HD0(6;<ErLzA{KD>SZ%ZG3l-}@NX`G3Qu_n!v`
z+x(x+l&7_*?C0X$NqdLW23b7sOSzrESO{&5kW>NT9cl=w#1Rl22>g~m9g*K=l)vv(
z5Axa%_Swu>M5=tTV7IuX0GV>y3*k3|Pt`Y9!n=@?=qpJuk6X*o^WIG{`U)b`uHQ=1
zAQn+(KN}5Sfv>g~gIHL{wER?1Z21zDuU72s0_ApSF`3Ya5?03{$!Lsgjk6nWOzBqg
zPtr7yNa7jZw+^`W{AVfuXaDfva4Y|tC^h-_ylSnECFO~IceW5=v#On`yD-&-ZAy5Y
z%b#uW`4q$i#@3oe1IT=zQ>in;=)W;8Zy1H1_uoRo%o(o}A!k+$joz4w^XkD{qiJfU
zk<$$?U?LbZ&5V?nvUYQU-VGm`{|{X%`Tv%oa+kdC`w8%C<iCG(*uMXJ&_CG5e>PIe
zSs!@;%!#CA%y3jZ>=5SpHSfxYit>u`i8fPHKMp>2&-FLO_VX#^5UNBwm;B`yC%mK1
z=H)X3V<8yYb6zzS=VvM#7l@zH$p{QC9zf#Kiv2E7W~5rT{4{r&;wpWqBK5XUeYcr&
znqovJ3#+yoI2MmG*|)a{l|e$%6k|{kaw4fvun-w=bdF&DzeF%~66_ONB?QM+*ineE
zhW;Z|CM30^#;6Hp7+cLQv&b@O*HPi-Kxwln*oqZX1|LfXUN;?G?AIh|F~9Xv`qf<R
z;%LqfO_J4=bm9nKif*eZsnby;|5f<gq={ug`A~meoQWi{&#m#++Gsqf-;#t9bqDFa
lh4gm^$*)O6S@qDmW?QypTOL>WzW@LL|No~5Iw$~a006o}>_Gqk

literal 0
HcmV?d00001

diff --git a/assets/fleet-agent/fleet-agent-103.1.8+up0.9.9.tgz b/assets/fleet-agent/fleet-agent-103.1.8+up0.9.9.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..32cc3fa04af117e57c89d9c056fd452464410047
GIT binary patch
literal 3209
zcmV;440iJ$iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PI|CbK5wQ&S(CLF1ofd$(huPZ8^ibyDFdK>}AjKrfg@guCl2t
zM6@KVL4X5*@@O>r?^ggwiKJvJ$$0FUS@j270vbRA?0)b71T^A^CL&`LrgJ(W%EU90
z@n;Vz-EOx#I6QR!yWMX4f3G{}J?k9~j(gpMes^&6tlK*{7!004_hHT0EQK~iJ?sAB
zw%VQhod^*^8e*6fItc($VhESxI3>n#jG64Ds0<r1qzNb@(g~`KY7<5&iUdNV3Jf=@
z+!RBMrl>TNB7x`s`5(}W`v-A1>cYR<kKfym&o>qoBtxB(6cg}?k@s6Y(+0DRMWjxE
zGg17wF*iq*F{7iU*8VLMRNm^1+GWR^#`oh_rS1Lr9@7<aBpM^zg#>Eh7Lc6%t*UU^
z4@jObzjovA<L?8CI#nz;F6oUe3Gav?V^nZrYk&y;%*<bN4aC4zN;n2AwYn2ya-DQK
zsSRiym*!h*h}LLyhs&|l9cN6er{iGVxMf#+-GjInzxuZ#_eMRn!|vokrH=no!VA<7
zKLKpP|AWENaU1^!hrJ#CKZdZ3jL{;$MZ&NI!F>mb7R43jQZpmfYzhCJI!pi<GEQLX
zu_4%l>j^?$3^_~T!{s^15ts?W{}e-10u5?7dH)tPswpZ^g%C`PokkPhvO*geB4{))
zL50B{oc&0$oZ|}I&?m&H%#y+3;eo}|D_8M{%ku=nurkM1pJN6nQc015bMwlw)01zs
zF%I_N?FcxI3}BX<888D(1JSz3kb;>o-LCWc{K~3mHWo->I0FK=$T{2yc`M-bBwqF5
z^rY&-YczJU5~$&Jf@Xrs8RNzu^h6e%f>CzBPETN12+C2zNXg8p$s83iwg-N$e6CAn
zZKOh5qkvQjfvHn65=gKInd@U_TS$4K4XPNfRe`_+{KHoixeERPnWVT6Bf@o=YZOb3
zPmcp<<@Nd1J4rEtuwHcee99I;;h1To92xNsDKPTJkqW1KPKL;}Gm%pJ&(sPRxfIPB
zq~NpIHZTLC5QH?g98w@7Q;y+?q$UpbxT`n`_5emwCNLywWgD}D@b-1(B~^RY3aw?z
zh(WkzW)gVSx3BB2x8yDD;<xCG@&?=Qz6O_hu_8O0YD%Rrge{%2ETo&A*O)3aI`9L2
zS<AY(gGyEPRGcc<gZGZP0F`d=(g_h`A5BB#^412Y^O-_$)EZ{80EL9}ne%73oe<*^
zZAYnOVjM7GPzk~<-uPzjvSvx_yeHC2&!R5YcuF-qlHwI|OpR1Pgmn*&zQY<uvK}%N
zb1rArw*yy^qf*wQy*;>)6v4ZLE0s%XA2S<^%%k1j9$eyR1wuE=0JrRl%2am>jVc-!
zjAF-H6=`P{lcM9w2hcD!f%(GMd(O16Zenx6K4Ig0z3d3WcM5+fn8F6CI1)X0VR3lX
z;RHT@3an+R;eV`-1ppD;;4E>K#VMBs&6S)oiYjiJTnHwZVT7}vkOlxyLZP)RJo}*_
zJanlJXlm;g033}lH3?kEt8{|2;1~pBE{EQ4y_+UZ(|hS_9Fc;XGRS5wY5{8Fzj+!h
z6<ofbM0;_+7as)y#bGf{Jf`|D=Qu^4K=<L<cb)$k%yLc)>dxm0@*I_pP5uB>aQpiI
zu*Lt5jt7T3{`VL%pGQD(!~|Be^JnV)`Exm;%tDA3i@++f5yXG<iv%AK)jD@$AS{dJ
ziU~7<@K3rEep3Z#$wl=gT-k$yu6+*X^UllQe?5_1&9{tmM;pq{c^q<3=(w)K6TKf;
z6+gTA<oYyXB-~1M!zG~_QpdY2MJ+L+WF%5!y~f~Wr?jscWS1E^0IgN-`&43ESl`94
zSW;osl9pEx6|OMKCa)u0Yh*T>p-aT}HZ)OmwTn`#>8X8oCl4o^@jsPf#KsxPA7nFN
z3;uTxdxIAK5BkTu_5Y*D4HGnhQ}?{zk-WJn*$Xl>gc3t6jalC$ta7}&B=B?O*v#Dh
z1(?t4Ge*fi7mG4C^a)`ypBwoXEk#RnvDjbLW07Z7vRZ0|NjRTZrK-fmBCHCA_2p-n
zKux=zvsifIxA+&_+}s@ht2NR?0Kk^`?;jm^+wp(Y+r|H*NIl+3p6kxE7kEr~y;>*V
zj{-W!)UD{Nm7fcyjF@zCUhb^;a3p!&ED2D#Tv?{pjuqZ0zOe#;s(CBr-UzB?Axm1O
zs~V!x{)>}$XIJk}PS2J(CChrFWR}zt0Y(ftwQJ)>YMK6?m`Sp<J6`V6EOq_<Dm<Uh
zmwmm5XveTvtT4)zjaO^O#Ug2E8Zurio-bQle>hc6Dzl6TS|16g*3@c|e7E*o;jS$d
zMJ{nYCE|9CT1%hL;fF#RY}V#hvh^yL{Jxf^F)b7`vr{Py{%GnWPdJyi?-iRej$=I2
zDdEJwAoI)Rm8L>M|0?+GQcClNarA?pfL-X<)bgq>x?V*}ax!F`8HT#~_^Fb4GbMtP
z^Ydn}>T{MxHDxKDq^T@~S>MMhpI>tWWe!ZFyr6gS^%#Bz!30HN;1#Sd(pLLhabttb
zX@ZgeM>4)u`DbXi(CAoW-{}sE8w;JUFuK0_+GcZI_fC_`ri3(i`S_i#rwVbRFQl;U
z)N&%1^+BUbpx5noo9Ta6vdGJfnk7$-`;}~-{{<Sm)cu@G&eGXu7j*XTx3Ph3{QqFk
zZ_fYy-eG^Y|MMskMNxzEmrtIFaeVX2Z2>F^!G+Iy?|fndCn%@0$a#zXTjrGe`}6rS
z=BoDqaqA_34UB3!&n0bbB{MNrsLM@YmxApC@2}Uh9Lv<VzKr{P=0865i2t@^bNuI)
zye;`jId>61cYQquY~%mkqjvoF`@8sm9BIe@&_4N9%>P9WH$=K~kLpbw2>@EB$N<6#
z@+{Vq&P2+aFo9fZ6EUF;;e6kJEAp`-6xY=wiX06_KA6J<T%s=06p<p`harxn!pJ43
z3SGNP+-R;S>WhOfqhJcHLl}>87WAg>#2ehPy6^+y2Ej{7_`|Ou{OwKg^3_m{`h(;C
zcj*~o8BEx;;eEk*)r<9_EtNX^u9gb$F)SMh_aSu8+<s`HflVp9Wj{u_{X74AND3n}
zt8mpA^=o;9;_qQewHM*1)!I&twQVvI;r<uS6`y_`)?AJ1cFMd_^RfBz(h0Va<xPtB
z7&|2CjU0{6S;kBPz1_U|hm_6pzZ#PC;m!eWegAuO(0>2hKRDRU|BoT{x!*l?QkaQU
z>?a2hYiod0|339na=d?6usp#N)svJhr3!Azc?2Y9Zf#sL_2)02yYq%x7AnO?;uO`e
zmJorE;<8lyaCu&4g)hUVu1#puo3HEQe=$Ls7=K$&qhVRveku14t3KajNC2=t)L%2e
zx)}ZwQ{%?i*VLSXH}2uKR%&s1-YQ;Bx4)q+i=8~6Y{q|oeDI-WfNlFfM+f~j{ttTn
z9sWOtwBGktD0lC<(QrN=4h~VIOKN$Kx?h)UING{aNn6L4td0P$sk;oX(>nRRrdrQ$
zm2l^*?=En9V)ZK+wL!6EG8jr}>=@*~6S%x9{(sqyPgAzVf3Mq)|Ko!l|9c#1#s5aa
zaR2Myr|!W{eu-?3|0&^&5`z!J0Jg6G4%+8`2ff~I|MyX3K4&8k2<wdhi{94E=P)9S
z!*|sg-|Gp};O?C+FL9OIzDR)ycMoHAm*r0yh<0h^HCdNehnH}x885sYD5yW<x}iVo
zb*x`2d8*#5Te7J`wHMZPGE+A?Y-BJE<+TcTFxlUw+jm!EGN}!4c7uEdglkzRLt(w`
zr}oXA{Q6SI|I4$J*YD2aj6QH1+wi~FZ}0#0k9)^E{C^DD+bgfN`d<|IZ{!)c-vJ4N
zvni^X&y7ly0xEBXHVR4Byjr0O0YsEH?97B1_ZF!TEVX>Xy-TQWZ2IO>DU6bwyPKsJ
zWqnbm;hz?0iIDE5t44QqtadSMRZuT4=axvkZd@D$SB3~mxD-{(g|<ZtjsA+RNB5Cb
z-h#;A8Z$^67b;_TBNb#)Ay71gaSa*~KHgX6(|6TnI{!lpwVz=q&5P>ld#$=&#DO=M
z3Apq{flAbFGH9B=55vNMdlia$<5fouxsqc=vWys(63%CF5L_>x29;@H)%@jATP+Hs
v{N1@~bU#v=!YvLpGk8zeUc^uB(mUD7PIj`BFOdHa00960P+dO5089V?&*wmv

literal 0
HcmV?d00001

diff --git a/assets/fleet-crd/fleet-crd-103.1.8+up0.9.9.tgz b/assets/fleet-crd/fleet-crd-103.1.8+up0.9.9.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..5f2b5e96d71e0d2ef76d5e17f7dc6c6f6621ea5f
GIT binary patch
literal 49258
zcmZ6yV{j%>*R~x@>`ZLiwr$(CZ6^~OS2D3}+qUgwqATVk`R2Z#=l#@Gd(}c!cUAxB
zz1P{tB8-7X1NqPOO$|b8ETzI^DkaY$=grM-!m7b!rpj)uqsq;psG-3juW4sv>|o}t
zrtHWsWo~B=a@Aw&x!u~r8DQ|Cy07e;o}xN4u8>1<=j!ubp8UJK!JKhQLF3zAF_f5@
zwOlF$LTF;CHsIxZa2Lc;G-TgOqE+`$-UOio#%}xhsVxJ>)CXhY_1I3nB-haj@OLbC
zt4K0|;PZXr=PU4^xB2b=cv(mIId(+Z_w{~P#MtNcFaADSIASE^e|r}kFY@;+u0oel
zeIrb``CIe6FOVeBBxhCGF}}P66(**(BvyTjvchBR%Ai0(!EWe+AxNHVu>hEu9b4s#
z*M3gLv(~OJnw4Y$u%s<T@sq!fVKWG{C<97<*Fis}lJU{*dVT>|vs`K{PE^O*_+mzC
zF8p*F!<0uXN^upXJ8lT)bH2xm4@rDw9D2Qk9=iXY6}`1RI1&!ai6@`od_8V=OByW3
z)@G7fhA)!%52aF>4bN^QTjF`W1xcR%X<6;?@o_=T>M1!*4=&|Yqb^;MCeaZ2Eo6Cm
zVeyo|(}BB|HkQzvBbXcbP(?DPaBcfl^%*Fd5>g?G2O|3My^zAV_3<53SN0jmc#U~{
z4WMm2h9T8M$+b?;LYGT16V(D-&g`adE(;85TnEl9@)ZCoQlv(G`JwzizVD703H<Ly
z)@nY#k1r_`{@sJno+F#xK?vabY|u3QS9YeZPx-X5)BEo}!18Ws_v1!*k}a;HR3f6E
z*G}2YdC(-C(j=u(u8Mot<s|&C&<P#OTwO7hi|?P600|MIG~|%HZ~S>aM(aUEZxtzk
zn;&w3I-f2&OxjkTAQ4%H9JBY(uK8M4`%JED`tSv{_M%t=R9Lyx@fCH4n~Ut<AY@<S
zEr%KCIMevE6I*LUMQ@5^68F9%)<AU<U-_qZ>MUA$_kvSqO>YrS*DC~M4}=cS-p|n8
z%vmaW?^aln+~`<aV&3w;t5@<&KQb1)#`hyf!H+=Khh4`2*T;wjFW1MnyfbRm=-TyF
z&bod3Z>YP8>@l{9wa13fqUcq+5_CcF*~X<cOu+!}mG|Jph~iZPx>Fxow3vhV6t4k#
z4vqXGZMkI~G-)}O0$VZ|Z6-hZ(`0d;jp+$R+jJBgL8I|bYcd^VnZjZvfV2qfAZv*=
z1~W-I0^liw6hKDD@U7<VrJ&FTMT||iDMwqlRxP|do$!XbU|YEZ751lM!`g46sL{4f
zuMTEy^3zy@ACx!e8(%%d`v}}|ZMwnM9Gj-mO!S;S?e-vk_fWc^Uh%X+ilq{lHX*Sj
z(SptVW%@fKPb#i@rb)eru>-ARK{nH8^Vrrsnf+^52M1~9ec(*W4w3ns$Td5A#AAV&
zwWG2f(at)F;*=SH((p<f^O&QTMJi6ymP?Yf!({D+@=Ja6+dxIrq9b!|u%@c5ywhDq
zh($1h9k7UyH0>9OrX5#^zB?gHjD4`7qSiSUZR;5?Ng^K;dpRRb#zOyAI4@F}lDSiV
zEOxgNJ83n;9^*#50W<Rk&y#ncBXwk$`tVl2vNgLD+8(;aiz#?Z$MGO{eaV#`eR8T8
zA?ui{-$ReNjL~ESaDue)Ee603aplq*J7armMx&KC(#=B5J+3;i(95)IhgE7}@ux^V
zw}ntQJq+jM1fRl}i4tU^^HXACa~Dy|&X${Sq2s&ylvgmb=37MU9HglBwX_)uIdCLk
z`I@ik?iu`mgtbPTah=HU`B+<(;i}@lil-|b*V#_S`m(6V(vR`23MC<K6ET?M4VZ`~
zD~Ji>C)dH)Vm%^^vZiCLbF4X?ZQvWS)X%sEc}4BrS>aV_^d}Y@Jbxw@z0Hr+Qi96O
zrkntfQzwx~W3Y9Oss?g^lZf?)9;Z{nXuCCl<L+j*?v>LH(&{)&-;rbIo`q3JUpJp=
zp9Q$g08Bj2hS*KtTqje29g89kAzb&O5BT{7QRxw^CerDt*)XotDm}l)8i;Mzq-@uM
zA8%N%{AL@qdNw;JTO~Yha><hEXN)a@=&4@l9r_Pe@{1w^&g5~$s~ZOpx`0b?L@B=v
zF*a5p7igJnzFt$a<rw@m746+qV<)o=X~a?ZmBi}Ub5Kuw&5Kbrzyv0yIWhQmcVj|I
z>V=hkEyLA?s5ok;(XUR|yhv{w9KWv(Ust5n<+Oa_X2X##?gJUzn;|NhTCWP!cBT%q
z@~_}mt#7!f(6WrPovBKjT!>ZHuq6%7%e<CCiFFX@$(mD{Qa)9UX&#DHy(R=1Gl|=&
ztYRE9t<Ii=wk)uFg6bpNR!|ZRKU^<PyNd?>rd`#BT^u{so`cEg;)uXgq<)ZxGNW`9
z<l%>5y<Hu6gy=BF&q@fp?aGcn*fR+(2DUPo(|<+7o2**L0B6E@pestu>tYHz-$@jF
z41%G!ha|id86t*eW5Q;6J!cXm>@nwhOzzZde@}*7@yECTXRkPRi?K@7e@2<AYq8-S
ze%fJrsiwM)rzOpWH&2WEBMCz0!H`_s%*&avGR4nz^_rfMIaMu}*>~xlP~N!;qY29l
zwJCebTMe6_V)l#8H<eq^5+tQgsE<$oOwQINK7J4`V{cu6b2>)d_Wl(~2VHm7YDzfR
zi-`FMmq_u~uXc+<)G=Ne4=y*(9u)i|A;Ve5wQ1tp_(o0Z<C~28#Koy7FT|bGIF7T%
z%iuezU=E#`r5`~)XJ?(2&KQv}J-?eMU6*8mxkDc=eC;K<iHxG#(6HabZH7Z~OjmMb
zLEIzEWq5VeQ)CRpxV|5MAX~C)N~;L-PyZmHpVfZwz}IW5jQLR?7m{-BWaRHhSLYkF
zxbnngbDj;YUlg?{dlTdPJ1pfXo;M2;d4>nBOdX{e>Uns-jsOEI2nDVLSM{BvEMyLd
z*q*JOJ(S=`cUaz1=Q@Z<B~b7Jx<^|R=b|C-1ZLx}O)FW<kVL=$&##0A38FrQ$g;;E
zVyYa@V8{Y`hU+ORu~F;@5hxC?*ik#_7_kh7$$WpWU7rbjU-O{!tYs1A+bQ@t${e-^
zqAaH_A5klDyBiX@+uX1*BVp@<4R4P)ndGQ*!0;i5ZJt}X5_g~aQ%6@0Y$%xgG-~O_
zMz-r2IFMgJ2hXw3f|}ap`BZOaLQ&0vPxq6MsrM<*$6{$g4CaHwu04)Qj|hi)0_dO<
z_vV7lLD8$n^O65saZod>-cyCf1R9raC%LC+@Z@?r^>nh3dddXjXXP(CmYJol8Jlr!
z!e4A<$vqs&xrQ<h`qoctN=jtS+iXM|(&^E-eR2@lMW<>1cBIaT>qxuU&h3U7jC{|h
zXS@%4vbow^B<XzL^S@YI8hr_#M#Jo7b^Nz9Dhj)oPmB(n^ojOEGIvt+Zej6o3)o<I
zBcME<p}2j0KJI@E+&@;Y{LMY^$x%`yKA`tQiN#zh!Ld;6aJj0jZOY!D8(`eHyV`VB
zK^k@)>mjqh9qES?OtRj3*nS^@Im*k|zFLi)pl9=iUMA%T%((uLM;(eMX{`CxiFs`<
zY~@arswo13i8u7@73JoM7UGW6w#Q7ZCY(Y5(XkWnlp{&pI?s%V3$}#(yuG^4)QSM9
z?7@_{h$ykXV4=lCSm%keW!n^g#ZZNTLG{}r)fn>b1BYDezys$r0r^2Kdj#e5>jPWA
zzQ;EbF?_c^*dO}q{nitz58CHqg(9ZcG>hMO@W>SaOaradA<{-3JF;kYHN=b~YBSj(
zC}Wph%vbQAOJ3GSp30xD1Ro<iSeu@FReM$p?m$fVW!3?G>j0DwFVZRYqvfmdtS`Ie
zQid0`p0JDfG0svz>(XU`eQ(;|oX6UM#sV>?BN6RKZq3(y8gZrFzvo21%!km)^#h~;
z+*DM<q}4=+ReHC_TR4oYZkD0jG|6rxEgiQp-vU2`9L~oCI^Pxa+q!79pCJVr=VJ$s
z^yR2O3C-0!>bIc*#KT#)Ux|Ia)4?qK>3cz7<wCD*`91-6D+OHauhDR_@i~h`!IY6v
z?6Vt(oo3Mh`VCuZlG4HJpJ&&c`1Im>y$Kt-rx^vdL6#n*fykm9@~F;mf6+PRWC&OX
zmzw7-=+fdA1C2xQSwiydnmnvqO;pf!GX^137hg;f<`}0mr3Q&Rv3k;h-a5r(w2Kfa
z5^8Bz5utMnye#65T6Xaymdcz{bJgbu4Q~vHDkC-qh~+_X13eYH1NOq#60}`VGzA#X
zE_a6SCl#XTVY+G_7Kq+I5dflh)ulDJljaQvDrAcgb9#x~a}L8TZ)2W%ea0P`;0uOn
z-*}C##gCtG={1k<)NdD4{&>H**`d6iQ~v@9|6BnREcU+MngnOBzCSZQmd^S<uM}N@
zz`XA@Mxf6P;L>jxc3eE;{rhvPt*)+GbCU1y4irS*w{ICEc!3%SY*b$38{;F5TDhO}
z)Rk+$@Y=vPi*Rzlz&Q=^>Tpu^^%eInb&DhP<w;@hv8Z!krC0&@w#<)0@2&2UQ1@8C
zQm(<*S;If?(d(c%XD8v{4D3h_t5U%FkB}sd9B`g)joLaO;F_Fvcb4ddn%N<00uyOc
zCU@rc541Y%%~g_eXlPIR<%JlCp4l;FoL#ML4!Ye#$AIix<p46pauQl)807ZI?jyVo
zS}67Im!?aT0kcsyRo0AAZd#@U*Vg7=IlGPrTDcEqY?cSVEwmm{zltG(mu#FAlLt)c
z`X||WEG(7Q_KFVm?lq$gc2XYe|DBCq%P)kLjbvlRT92zzPXkUxI4EPtmVDi__`||1
zFAv&w249^3*xVs4JltplG5T!L*uDuB0j@3-+SBf&;&%FUr%6(Z>C$%s(TdY+mJAVB
zW=T;a6Gc`N=bVOtEw3~I_htj<ZF>RYm{*todb9hPBgZ_yw~?Yc!jUO)yx+%bRX+i)
z5MrlN$UnOki2|<}Pk{_nrsM&4hZ7lltxXdE`t9LgcHYttgzKjWmru+uw*=r@>2i(m
zzoC{<!_Ebu?HWE2>&?SQQ4-ip<5*uHCC>L`Gwl)sBOlF=m%B$fASJR4Wy+-Tg_CJ6
zd4jbOVU7D3Pk-?Ix+xMRy{h->y|V4vShCr)nc=W!SN!1Iuz3MyPz6g3npaum!_g$@
zq|!Y1R4hw``!E~>M@aN;zAAhoZ^?_5g{S>gHK$72513;<T`;wxgc4|3W`0H$fDhXG
z42_2{C!XAg1qVZ`nyAv$MQX$zRI>lf`h>7<&398LWQ!(MCqvnQZ8a+T@Kp1HS|b{L
z{qYveu&<11zKefkS=8&WHf@S2o`Y?v_h5M)A^wN^Dhmb0=O(RmR3nKcRELR|VNZbQ
z9Ni}F!V|n>T-axHETysuD3|!*K4!q0o&Y!VS@0#{TZ8MuPFZg0uC@+UFG0jp&~eiv
zdLM$%MX0{+C6k~LMY?w6lFR@;fpFA`i16dp$>^D@-H`KicX=nhPZqV`Rarw)tZhhz
zj5($MS911liN1HL-6IcbkeS>Rh6pd$VcVNmyZE!;9O6x?uy&RCc^a+89F`VpHmZH-
zV%lL<brQ&;V<tK@vogd?R#y(=faNt&K8P=UZLvNicgrVRb_eKu8TrYCaTDkyN)Csz
zTi0g$&wxM>jGf?^7DUrw|LZ-Y#rskSdaMHPc;<Hu+hTwm+^xDv)wMCKNP2@H@$=DP
z?~E*atfX3E^qKqayXSo5QHRNWgya=lv{+Jj$(KI6L4)&8hwhu!mIAgfJgmU4lYcMk
zbT;QySoCA)&lINmCb?m<NEWW@qV8Ymx-1i>H73Jc(pVcNi%qP^Fo)#{!D-%ax0~>H
z5@)%lKc78j;ltaXfIs{DoUNAuw=JKOz4K@b!G`39Xrm)pzFtg7z;d&FlrVTZF=2-e
z9Zu1JX#%kQqqko)7|a=z<dKj-mpH7%=cjwuKcinjuV|(Q4-RF!V%QH(%CcADp+v58
z*FfR!i28)XcdLMVhl^>+YXA<{Ubo=c@>SQskL$JNl4%-94UDBfrpK*|Bv8s_ap@a9
zl>;TsMyFC0L68~g`xw9Oy`(C-Z#sm_NeY7yN;$N{-esCgH=+;H&{$_kcJLR^)-+N}
zX)*E=r2G0deav}b2qy^G9tZ^QXqdjgD!<&6FaloqqmNwPwMTa^gM}5S-&AG3Qj-Ns
zjuolj+y(wm+;=wnpLp=U#qWiZ+JBL%j6gFrd7#Whp2|J%R%&veZe(fd-~VRn+NjC<
zUK;*SHQQch;#*4P{>67$Ui(%R<8La2p!tB}|KplwH||$)l$<J5bPy`q+@wMnwpv%U
zY&Nfy(!El{1x$tjjbBnB_LlyI_5i{(D7VRwyvF^q|1EmjPliwu;=lY)+$H&c9<Y~o
zNZhpV8>j-fFo~h;tud)eKr)Zrqi@@)WAHt7_DZ2t`_q<e0ejweB2Z;vTGf{?qwDz&
zQ0FJ>BpWq(Ec!LgIXCVS%Yf!HWA>fAv*+$0@$d5kEfM>A4H$@VSVn$1iSU<I|K;F>
z1TK}O;)cHY0E|hsV4bjnPqKeDA8f+9KW{|;l~uYO#R8}NY6rsg<q{1vE>2cHVNLL8
z=beTtY1LC$5M8<X^p{h6`L($8NxKa<+kEL0VAq=XcBvaQ?WOQ@#IJS16HCCEa41v~
z?93u%h$zQG3lVtxiPugIhIDq*MRiJ}XjNutbN=W)S}p*2BMH)KF)JDf$<m1Q1_LDP
z9KNmEy*}+A&t`5$ka>E9nQ$R)8FFpFZDBmDlaXdKVbnB7Vh(^)G=MZnq-nrU0r*k@
za3gdO?lP4!Y8c51sNURxMaC#ZWG~)%faX6Q-x(r)WM8T4{JV{KB<sLc?Y=Uvz~2Z?
zoi{+!`hCRj0#SnPtnqCFAWl@E4Qo=5G28C;XLpC4(&nCb3XJ}P{ym*cG*&;BT2g5<
zlK819Fa3>e*|)5N3h&Zq9&Ajnu?lS683kK1uaG@)LB~4buO&CCo@H9}>(`k9XEmJo
zmwS=};@2U>!w}zR>!W_(NDyzd@<Znq4C!jAq`N-!AVB1R#n|)mJ<{_|SBxt=<*_GS
zVYtb0dXknI61%ti+aVGN7la~S(V&As4hq2OB5nyeeL@Jck*T2#WyYO2Zav*P-S~DA
zK;99O1GC3NRg7Qt2fjN}LmAGw#biH0kK)Bti0ilqHe>b`cO`=4X3vYl-}pz38RglB
zV!O+PtK3qiO|-S^jc4<I6M>po*%}ItxX9?fCnkDqwk-Wae@8ehlKrC`C)nB6E{^D4
ziNVtbQ15m982pln_o<j&ad2FcC>HO&UpZ6=Ciu8(sm-Tz_s&wvAR3pDnRgqSFRl+g
zCZ2Ty2X;d6>&=KGo4?$iw5ep>cZNl3<F{d85!1>MXtiX_;+cm)acjQ)s=e<6f|d$L
zP({vjs>nqlfN@|APr2qN$Jt@<B(@Mibura_S@CC+KKHuk)ei!(64SrrDiKik#ffZx
zKDqczo3BU;8i5s1VeQ9Ew%dLVszd2)!LRO7tQ8%nM^NTgHP`3UEC;8|^7riiR~F#+
z997=P+*1mMhJRmA)Gs4vi`w{2+?)=H`YViUeoL4T?eCU*=#v6^fkxMY3fa{1?0B76
zjoEgK=wERo9ywOJr;}6}ST9TVE-U~G3(Xh2?k@}Ys61PS3|xvhAMF2Co^EnkO=359
z&q3fb7Jfi<n<9s*bP^|L0TW58l$&9oj!P0_Z|$gYI@BC6#r{Wl`qgnqW{9RE<&N5f
zo1R0}3sA<c>99yb*;25YwVZ#0|H-rTig}`7S0?#HV9nK`NoSn2yBY(qBErHDN%ddv
z964|dq|Mw8io|zeaTD!d@AX?~Dv16;@WYM~(;rN3dEtG-m$jra7J{dT&+;xO$0F*Z
zNxX5T4Yih88qeo6CueYD<H0IYz1XkmDf{KeGYtB55(2EVZnaeyNi!tL#vUvKHb{ae
z9N+lMMFox}kf_a`K6aC`e&~cTGt+9MBNuM{kL-WM4+q*NUwa4Q<V1Lmk|}V4;d$)z
z$L<ZTxB~!i<A)ty+Z*^JY^<(B`MK;1t;Ng1vP&!+p8mwyy_`DNPb74g9l9a*$RHv@
zp&<Sr+XGNq;N;GFUYHxq9cY_>&#-@}0IVMq`7q`5VG-tbq0S;uw{iWNvf4DrIScWL
z-oZbU;V{n$o$YR8(`a3iP>AtEZMesz@InGGW6emiiBSP1H^e%#^qTQUA{^_R55!0_
z5KTgMSjn-#{j?mciSXfYvFy;rWSiDQ6zMFzxA#BJAW6t6n*pk!67=N(KR1cfA~q2=
zM>1}?mVz1(Z|y$b8##IPeo)WMw7y1iZy2Y2rW~irwr9t!Z>J<G1@2m4txDro>Y=z^
zZqE-B=UIl4S7V~jPT;ppJ!Nj!h7ZD(44VjcT4Wa;jkaD7@$z<#$KUpDZi<yah?-4A
z;0-uRKGb})r&PbhBkFM+fsJ*_fy;yL7~e0B!f5VbGw>eGG*z{IHoOpZ9lhAD$&(l0
zS_3RW)*$~NA_`=iGZ(A65qK&O&cG^-fH4)p`(m&6{Zko*#khY|rnl&_xJam`=O~XT
z2>_8Fk;v=7y9cK0dG$={Xa|Lxv@5MrQU#^owiFdr0?wQ$sRNVm+uk^&-~O9TN&WsK
z`<7QbW*JD3i<t0F8nzT9$bN@}I2*{4if(2goUPYGSh*}Si^u!Dm3YN1Mv|iqC1+2P
z#IBo0X^9-!#(q$Pzw<OeBY2kZuQB?bnepv=n?XtBeg8Y>iu=^O0uKN75a?7VP(_O8
z%F2@;Z6j2MG;Wy`PR-6!rO{$GBgp<dnWr~s29elk)ba}D+U#!#8el8TMwXx9(7^qs
zx=Qi(v-Fr79-}rY+A5uS2|fFqLR?P_eu;!kI^66;rtP6}Q;nDxAVwl>$2@)=gt*ku
z2-IO4-$D#5707F&)-Bap@YFVAX3r^<=1<w7>S;YTws7@DdDjynThQ<XC7o2^kogQr
zB9tkXOJ0m+jEfJ@8~P=L*8{e*KPEQLF=IoqoYQSgOM_4}>6gM1)O>-ip}J$nc7mdo
zm`E3sW#*jCHV0B#z_AvCpfRM=!9|@*EuZp(%V;O8p?xMbJ+?HyPq#^<mMGFfi&2<`
zTV4>o?2j3t?aUuadqUSm(VjOt7}0;io$`EJT_!N!h|3HWn`+<p<*;XnxnoxciWl?h
ziFg~RR=rk9)*}W5`vgfu6OMk)FXg<867C%ddAJfJ8huAli443E_tJ0JaX@z!gzy4l
zVBl%Ey&yt(eiV3mFtlD8N-<AqV^nGWCQhsgUZ+IiZcY`_+r}B}<dOy0RfwxMl}9se
zhO5&fd(He>Ae}iII<*S4v!h(SU@|)}NOADdli>f|ZR4dIn;5DeZubNs%a_;{?2jmW
z4|CW52yYzAI4YaQ#?MaL!=er+L$tY|$}03P<|Y=%7LGRc=TXNEt;LI~=?)#E45}Pb
zRyNpETtU>G^jv3EYx(UbCXCl$v_sl0E^J1dppw5=ZWDR(?&OTNCh?IGg0*xnjNk(Z
ziF)=a>hxC-W&{7LlJ-I!b@;`nrjC27u1??nc+*3a0c;%>#SmkHecMe@g6cL>|L~fR
z@qA22@Y{V`l=zs5h){p24ELFbwDR~^6Y;YK5Btn*Rl>I2yIl-L!p9i0+|br4f{^ak
zdp0W9gl3={O?7O7wo6oNbBAT4yOl1E>XTtl5-;`c%&z4nyAW^LJPwZ9w2aeql3#<<
z%oMk}Y$A>F10JVatTsmLf!~&T?jh<S^z_seZg=`rMRa!gMv98xB$92^psaSIYn<1P
zbMbp3H)CgGj2H3)?*>Bg^~%8ba7@{z_Y8YF-Re5{EuX7dx+0RJq(SaE5)iD#z)Lv3
zTjnYM!c3V>vDxS|<y!&%>0^~ht#%PH*LJu8JkjX^Xh+cHF-r&>J@#XtY|nn`LaxK*
zhG~o)v=M{P5eRztbD~n?>!VwtlXFFcy#Z}_DI)0maDs!m_}5FYq}}YgzVFfb$}<Z7
zPVT#M%jXT<98I=s-t0U3Ml40|Qn6@7kq}QzmrZEZ*@P}^gfhekuQ$-$<GqgFePF#6
zRl?g*_L?>izj<_UJ5}TQwY{5sx>hu)yk?STX{zMe4AYB+#f|OA;yai+?L(D1w;UCE
zn+}Crq~0`|h0gjF4wUI`96ANF52nnr=FwM=f*V{<WZ+*hxM!r2>d4|e>(;^l!Y!o*
zElKeHNWjtg!C^*jL0ih6a=ep`DJFG)aTOxfdMGpXh44@6lCP=Ks`PX;Shr$+wZyix
zl<j@Gy!Z(Ai0fbxn`NvE@p3j0*wx6O9S>klKuU{C;OgtXIDx2rFs)(|-Ote{3i)dX
z`NXPimy_c6A_c}fyq4UPPGUkMCo16BcXD1{S?&?v_o_iN_cyKdg%H^!W^D@=J$Wql
zmW`gRKeWw;;>m+Iq@AM)@xKyRkImgJh{}6_9P-%Iy>qe?^rXnoUEf>`>WOH#0WwIh
zU8j>8k-Bq)m>Fl4K^J-sEz2EV48syn+4IGs=4PX@$uno`jFVcu4542Og9P`Vn6};`
zO4Ah;ha6ln2M(1Bu4Ut}b*ze6fRP9>5`8uFVJ{ET+8IH+*c&|Pugbq=ic<=IJ}~KY
z|2(PQuVi>~x4PIMu3k~U?FlY!>=DlNem+<R=4^a_Fus({1%7Pgo$l@le%Be^_%Hx2
zS)C%7<2z~+1HPZHFKMA*Gh*^ta#zScWafY{OCNwUEEUA~F#~RE+kQ=a#!k^OWQcMy
zTs>b^frY@dI;y$U+PKg7vy#%as}=jvVx0$rxGHt7nrFy-ewrLE)|~W;L|@pPUt84%
z#kMafY&P)`2nE{aE47kz7Q~f<r5fFC?=LrJ`FjOjHAK|Os^;VnT*092T1k3TBQqn#
z;V~i)H}STu%Ip>CO5z%Yor%spFY&g5B`wh2f?W(pPnHbm78*tj({|P=#y)+){(-Y8
z%6MUC*>{|+$Eif8YR+_b`1s(f$^3&zyZRHfZ)D<SyJ9};Wa6-YmE0L|w9=S<fhleK
zNw;Z<`7_4HL?-r|lS<obGDSs+K$xyxWHL?<t$JW4*S}=4Gf`S5kLYn0&a91?5d3;H
z%R&Pdy$<_%pXS6;#)#1=5Qxi4^u4`TjcDGbP{K*{eLmB68W{$@jifjd1b!S({rfBa
zNoBxrcuv-5@OwUomWV|%B(vHBtl&J5InXn>m-a3OQ?d7ND}JUy3zI5#<01KssLUZ!
z+K{Bl{yn}jsvudtS=a{Iwip&#Df^-g+n@!S#`BjFIZ!gAOOTEfOm>^F@@McfFW=AS
z2KB2yDti=561T0^q}!5|&p(YC8H0y`YmPFc@@M{8WW4!5ZX`Qc!M<II0~s-lQBM_D
z9>N%jS<nX)0XpIgBM1rF+l(baJD|;RBujk3@X$n^rJS*JSl|_uidblaBk-ZAleT*_
zOxvz+gK8@mxoU*0l?eYMO(_;_@m3n|vWGjvhOYjF^SVl7Kl2>JENBhFaMGQv!nE4T
zzGA{7Kc;2tSb1r>zbl<pPGSz#V&aVtaPDMh!5RT}Q{#f8KCerSB1OgC3*#HF#hx6%
zC<!j-In=3(R-Q&zrlFq01)E~OyYIv@(nS5LC4RgX)$9rMs#EW{7rtrA^u*<`%P+ZX
z{Sa7}%~x}D{IkRByJWJPoi=|jCj|yGGik$Zr8L?&#dMKuE5OII#x#dy81d>d1tu~U
zD-Z>4=9S{D*{n%mo%MJez4AboF>GPK-y-~9VQO*H{}^^Us0z##<i-ewKuGf%bzY&8
zUU=PC)1=rpw<=cZd@A|g?3+8$JVB8*=2$X3#cg9jI2KUz$=iMUrSS9&3?Wl9y_1X*
zao@PYWx_~7?DCdrK2PJmNh#xI_nh7T3Xs=d?Mzai*%p1%!%ABuiTvyc2V3SAsqd%H
zM^%G(P+}gBDuebUg+&fpridA(yuDGWD2JLXqf`3P$n+Q}q~}-8#Dy{U-e_QifG`SQ
z4a*JUYyR>S1<i`z7e{NWhQV5CzSPnw>c4N*QW$04PZYnhdzbq6;PE5|RnAf~Ol~Vr
z$Q8JC3VpHUaV17m^et7o{JD&3sZD0$SkjJB3L$`q&4MQb5aPl`NyeiuH|YzwuUgsT
zS5A6Sr>fw@?w)Y$TE^8KC;~}!;`>s%S1fQ!Mw2#iGn&4+WGiD={C)aRA6p`IwGk?a
zL!gTlY}$Cvkp!}utS!u)hVvwr2}{E*I;THtHq0Wg2`}zODZYR^`LlB$28fu~?c1zV
zFk-t_RYmaIB!(GDaVqnt_GQ<>h|YG%4+E<tl{hM$o~nXl$r`))WV1rBVX8b3sLpI?
z$3(=CkSyFO32A<EL%*jye}T+=_pMv|d%3x=oCBQa?)1eMAPaBs#P2s9mU6eWw|U!2
zV7hcoR?oy8P6I`X%EG`c6_N)+rX8l*-FTFw%Dh#akvaRsjy(*gqU$})L#C&2ERAT!
zBxq@@^$Hf4MdrrMOJOYXj{<RH>l-6ux@ru~<GUisZ|k88lL58o+k%L8=)rW^JYsdO
z*%ge`f~NvawGR6sJIx{6Di6N5V4NIcGOsl5-X|45x9{ocu?Ao>+w%zd7ZnkVhTCbP
zs$-bl5C5yPJlzWn8)#O9nsQBH96+C)(nk#crj#qwaENj}UF*kYmVImdyFb^1YzTQi
z5qb2<G9HNTS+L|Jh;55#Ak_fN#~AJ@rzFoF=xNniM@@wXF4(-ul$97ISMbl6s^~uk
ziyw+il}J@}MxmBoThM$n2Rw1@fi1?oT)cz+MMwR9<Dj7a<GVus<5=ZUqQM`Dp&)+~
zd4vBZCQ)0E;ax@IA>T&ELVgl=5eLPNf?z{|h#|s)iH(ASLM(05Ff!x7M{RG}g@J=7
zg$9EsDT4?f;Px9fnjmZURb5vFi8n!HG(nfHgQ3Gh!IK;bg^t(4xkr}xl+mL^)1c?H
zb%+KI`l7<qh<W_L*erM<wY*{?5<LzQ5;dc&F90d*f#By05(PB_pYn}O0`=6H2hAqG
z6|Ta4P422^2RE;5+w>M{R^y~evr$@lr9!LixzH&|e=6{1ver&XUs<A{pIW1!x2=-b
zSuHmIXOyy=tG_s`wR8Wi^{=Pq>Uu3uJ6>^k_}KEHqOKArwo1dW3gUXO=D397=wT9D
zp9SCF=j#&FlL`VxA8F2=*VNQ#DNQBEbTKIiG_AA&LoAq%xRZF$YkB}$bU3c$IVQP0
zio88Ws{_fz%!17B0~Fpk5@okBj8?SE_alz#q42U!cmy~=IBjdR>PDa*_xr~l(}U|W
zuIfBWtYP5DM2a+tgD|}ZkrKmIb;_Ua=%#Y<LnrkJ@*+!oU#}Oel^TbPL?;FXrj693
zdH$;5ocC6#e0uV;`eNeoObHw&I-PE&2kH&^Z+pnQpBD2RLr%1d*hMDJKPm}Y;{tiA
zC_NrwM){grOgY)E<&>ad^AVzD*A3Ut+k-&+(!k?5Zrl3M<s3ki;Mk?-xYg?TFBojp
z$<p!<NbU<(O;vAi6Kfc}TmT#8+ZutgW>;j+ASb;|PiX7Al4L)J*h*={`RyxJ%(m1@
z##<_6l5ADe3UfKssR5N}^6Jt5s{i7IMj2(Jp#EL=Ea|wc<;?$|>E)<k?s_p+F{NNX
z-IIvB;|&&saD#KZ3-=*VS8s>Hvt-c9|0C@_@39k#@{pXFrDaiy?`N~EXWyV)ex;)0
zV*TT}nnry6dRolzuy;F^%tBd&T(w0DT2t+Z5AZ<+42~(HTEw!t`xjzAYQrRMt>|FW
z?y<I$I4ymQmFMekBA~G*mq545Y*2>}{<H)s_<GYG2G)%ep%$m7lTNOC_oiAi4aNGL
z*C;$+7TbxmYA)M}NA~|Z(y9awDW!bYlji?2irT7(F0W4(;2+IMRr+2M3qgOx2S!61
zzYBWeEoa&w)sTU$%$MLRqax|lD>6%Tr7RTGOOK~_c&+kpEhUN6Pq1j1QwsDkY9OiQ
z%s6Q)>MMK>4}+q8C<zFc`f!bOWJcvO)nFRZ<w`8hf7V8Lx@<j+yZTD#O%}H(dh8ds
zbpEaXI{!?&yw6r~TiU;jfOU_&)C7q?!y8Mp$B_1QnhJzc&>g|h9-TaCr>R7qA};d%
zdv39FI=0GhbX6aTclbRg@W!Dd+4HzSnn>FWQ(ahYHMYiulCx89T{=Uui4ci3t!Ot6
zaFy253_@i5?4^NiuiH_uCpp>qNwOioafzq0f*PZ?-YSo7Oa^_{bip#dw_IBK;~=>n
z_3D~u3MCaW*&)t`uxJ%J25oFE4x?`z>KoG_(2wQPF+;>PY<mqM+a8TE{UJdsV~t?#
z$lTy&nG3Bj7u|^5`RJS~d?r6UTrdXmY;%w6|8N>O7njYji`o-AIFWvCQ?=Wn5L6a0
zOIKGj9c@1OzOBsvAV_+8@!8#+D(<&mld+an-{1|PqN`{CD&xJ#nog8(vdj)Wbm@yT
z$#Ignw?$RX4t00Ojw|W|7?xo9%TX}I+=5>va8hk|lpsENCMXR5MKoTJJ&<)A_-882
z>X>x`;4h4iMiytaHOyH|pwNQwk{|3oml~s0n=KaD&F)EMN!7w%>_;nJ`X;%~FTR-^
zmJK49W`Bsfeiij$IRnQP4Gr5jho9H0qc&({gfCPkXe_rsZ#{zhXp(v`f@Ya^d2T<d
zG&63@+nQ$HK+Gwqer2+exFXxaR|MmzsDF4W+rV_3ZUp5-*HB;F(s{tGAX{O+<1p+7
zU6X1T8n>Ku!REBon+rM<{76p&R@rpW-?eC=+HihKX@&UsVlCRmP}WUqUWbcYxr01u
zMs8m?#CiJ)w03sIfJ{93zGk9T-eM@*wvyu2mEjrp#EE;cr=Z3stmBYIybKymIzTRU
z3Ra6ZiFx21**0}vF;u7HmakbfALQr1aOyCbU2|;{>RYpOR*~AB9ur7%!*1RiE=J*-
zcpztpnELsaKWp|Z=)0{`eVI4+Si&Qt?IkE_5QZ4KLu?KHFSel!K6dZ-F@w4x2S)~9
zsbpS;bzXr2(Cit2w@oh&*8j*Qx7PX$pc3OVV&bMqJ|P*0>D4R&*d*Os!B3NP8)=~D
zmNj7~6HSHHj$Z@J$FqbLgTz7Urhe9v;R|gcwWx#jjjcmXKNvAmyE<C664Ns4GS_60
z0e8EJM3OZvF~Lof|Ci91OfMbX#X>z#>kmx-#b=Ix`5~T8Ms_-h%-7eAGf?qxU()J5
zQL@RD>F;=AvNT`oc)pM5k{O-&W{R0XB$z$$C5M4)>9><WzlHeOVpdlYm5F02%j4L0
zSx#N34WLwGZF-ny99koq6CoN#x*X4M9jyi_N0=~`@B(1q^jn<N|3SrF&mrxPXR88O
z&{Bvq-|C$A|7%>kw+_tTP^G;ludUM-U-;-3b^LWF9A1%;p@T)bIN@PMc>AKY(=BQu
zV;2JdAjd|qh)J%xdaL$?XGd(tX?ZMSOyIF`7P2YjDyj*KNuHSQ(?$5U7V-!!{&u46
zZbw;QMg0RN>yWK@cO{{h9q2dqgqt4Y4YFaFhJ>_L{Tyfo;PqL4JT9EVxc?u-0&ani
zg-`GqP(G8WoDTGTy#SnPE&xi<NLnF(bkKX~xp&{p5{mLfnjGHtg9tj<0RP*GI$I=2
zR{r0eD07L;Kfr?YKY&Hq7JQSnCt)W^Gsz(bDce-ov&eot9=2i@)gyY07)C+|$R3A*
zTh&$~tLHfV2~L=?D+?lgO(W^`88pJL=B?Ef^ofc_5qP|_V=xm_*8((7&;9*VHw7)+
z@k$#JzJlm#F>>sEL|iOjuc?w0ZUlY^*9k&4`i47&LlZVnIAmX>sn2W*emlG)yJ&gF
zEhRm4j-7CeS_D!Lk?NjtNY^vLzQr4TxFk6_|5Z8(L~o^!5IV((DE&j~spvE$pA&}k
z=@{GANYUFZUK9MjT=VZCXjcF>ad7xX$W#H|Ry+=UT#sb`12=aH-RV2Ew(ak#GD=F?
z+W&8(8hCm*uYmDOD~B&SJvQLsNi(MIkWvvNHsIr0(`}&l>pq5ZkMHYwBEyjH{av|R
zZ+JmEpogb`TT{p^{>PbK&NiO_^HSB9$=8jElg1$?W3Jy@O<(mOR~IAV7x_$}Q8wrF
zPn>yHC@hjTvt;vgtdexHVVGT)oj8aE2L&?t1Ze{MF<zsdrjH71^b0A{-?MDD{HZsr
zxF97F;wPss3lCyx?z#Qlfo3Ir5^tL~Rk}s7%U-b8j-s2Y2!n9f5^y*t&Di{gSsX{@
z4gqpaoF=RR?cHJ7iAH6m)2mTdjW*R7C7XeBHoeM+xo~g34OpaS-)cQ4+X~2Yd&`)v
z)DB+LhXvIPOoYK4+GYSsWHp%Lwa17g2vZ`;QyB0mRJDGb{7e<^YdXc%2s4j-Gq&BJ
zMNNNHn+K}or~z^7RwvUSU!_@a4TcCm2%buYePgKD6?_bvA+Uegv~3hR_L>L}gNb+1
zmnkh<HS5r0jx+J^o03umZ4}l}U3d-0h=sB9R-3pRPw*nr0>GTZ39@IUAEsO4P5x&<
zYVMuw=zW9op5XGHH4s9y{&eJt2y6N1&iGo0NZQp99)2beR*%<H=e%9!MK?-v^Ab0O
z;b;=!tTVn43Zk{&%~cWcA~S*dDqxm;0%C4HP|HU&o#Yp`5TjZSzSb*(kasN}jFe~#
zJV|pXrzi#;<JmYA4GC5}_F<S2E=EXqhcl?;uQ%I9P>C@uz6DkgQUWrQmcxz8r7g4H
zy$EYCg_d4X1jcg&{622WAf4@(HVFIfLF3!Oui7y`^-;489aCgd|ATG3pERAr!LL{R
z!Ne|3U$9dZ>G;Rp)77G3K~irDRL<ZLov$U|=i>N69iCaA{5`k4Ubp4&%7eIWyqVwA
z8DsV=eFmbkjy?Q=AZ43l-Ww$u)L7E3N`*H5=?h36NCE2=NcH?=o{gviBcZR2v^m7!
zRzSLLK;nlQBG=~4WGZE<df~#N+vpr}>S?lOSm_u3`q$LLQG(!S7u6|AL?u091TNZ^
zVoeK9=X>U;h2n3Ij*z((DSR34zL!1du4KfU=8t6FB4eNuli6q#`=S<aGf7CP)?Lxc
z<HLDrx=11LN-4XkgjpV!o1LQQz2Pb+>ejB#AU7T~Gq6IL1r$b$PoGFnNFyt>po~}e
z7XLNsZ1~=K(}?08oMre20y3kWj#CFr){`T??;9eEkv%rG8vqD<x-{OUUxlC)heW~J
zUhw%mxn1518axE-CP_<Ds=qU_kLTtWSlr65+;ZB%i#)YsxuyIh#lJhZPN47LTwlDs
zV);2B5o7sf9-(S9_C8V;)i8CzA8YLUlv&2n-cpJ;Xp9?;Q+`}QdUcI)Sl^MlSKL11
zYV$X7(4mn153}I&oDPKxVxUxF-@XP=HzoZKu>jA8k_80o=N{1VEm)J=jij@d_+&_^
zuppKAi{S)Pr7T+9g!@ddUJMfL8QBbvB{Z2@ST&y;XjsgaEiGXhb=u1KGj}BMEU!jt
zn(ah_QYUKAQhneqL)8z7G%dDrpN-h<cQ&R>mnFA2l6u$63$yZ$q=Mp0of9M1OWx%h
zvzi5p>^+7{Tket=bKc$+e#FDh*zJB&f5*l#6SQRrO{C{*0D%fm^XbgM<pEw^RlVv!
zkdmxm{@v+%_aJ%9f#GjaYT6T!RT^b+fJ#S$X1MNymnH~J8KtA?xl53OR_rm;z>WMT
z0vuh8R2qkn3ALF_{1>ah+uUn;AOxqw7)Md1its5lsgkJRL>$2PX#^2AedC<C8F9Z0
zjxN_7x(RJ~f;Lm}INvflL0T-OT&f(&0$1h?>?ec)SoVQmu7B)W*QLt)SMm<x4Itwd
zi;1Lzon}ZgA+|cUh;rfI&I@_N8}z9Pc<%QMcpC3j-KeIMkRfzR65Qk~0q&VUMz|cS
z^fTEcbQ!%}lNA^Gl)GZJ?9NS~n}TFez}k~?z{M8zT{;=4R)B}^X7DrK2n=@@8!zB?
zNl2MQ;Y!p`zhic$sY<(0kfvvyEL@0w`W9`ZH*A@?MwIReYv`{MFr);_w63G;8|L;<
zgy@{ZCG$$aw*}lS3Bor7u?4N?rR}I4v>7;yM#EBTm+JSffe5MgX&eDv2zte)#H~xJ
ze)LEE4hTQQC|c+&^v-zqxURc<E-MGOZh`AMvwQNOD2LyHF6+mB1#4Y3^H$#6^37Ky
zW0JIdy}CL->{U>j${C8atN!jLC1=W~^i@+(YKC4>s3tm0l9}B7SWb~K6J7|jWtU)s
zLBtaNgJ`zMoJ88PCKCULIHn^>1;y7>X}sC-M`;H$wPHbKKNa52eTjcuO=s*sIV@*p
zOlcG^pa_^*gjf}as3J!7qlCPuVykq_OnH6ZlU&6@f}t3peQ*~Msw;e$IvHi#b3MzH
zWdVQtbe9`=xGY4?=DSen7T*ucfKEMi#hwD+5hvn-Ky%MqORTT$On;1Ai0HN`MTuK_
zIb|l;l=ust!$#<paDylKx=Y@FMce*BPZcBH#3&Y|DVq%5TXDy2kjxpP2x<N0sOgMB
zx2Vnzj&JCdN-CCs>5uUxumyiPdM|S#^hn@fZ78W+az)$qhx3X#&_*Edew{H`vd0;7
zy)si44sGt=;F$kl8i`=7AB}I1dlgXE!f)-R-i89XeB!i<o4XSYhvH+rzH(p-L?#jf
z43AAhv&Nf9hu7__u}9xA#904&5n<1E9dR1HE2j>Uu3!DKo1Uj7ojCQjGT1^DjDHVG
z%cSavJ(a=L+6%P)qNavjy}jT$$R(7;QkF>m^42IZQ-#<_vf1rGsY)f%UJ-1d0^}LN
z(#%OYQ$G=ZY=F|VOE5>oOw?;m<c|7+9xVoQ>obo31mxareIP+vvwLnJVHT;|vU=X?
zht_!?;r>Z*|8K#+*OzRe_>Oy1qnDmt{%!WSk=+5h{DSLGyfTX{*CIc2#idc20H5c3
z4~>7d7#sh@ZxpzON-TTe_5ol3AA>R;8upmXp|MM6l^loNm7DQRVfK+7oe!F0+tun1
z@1ID^V+(#2hlLUojb>-z94fFZHT$HqGovl9H-~r#ey3Hd0W`^4NhC*sxFh>94~<vM
zyOw;qNuEH4*_E8cy@n`^=%g)XG}9#h<>Qr;7(pRWrhNBU(1_L>+d*rg0P&uKN701(
zaq3v!!VZSwg+SIB7JQ?mx;A!M7YM2dG4w^31viW<C#=3WhzSW~{elFetXEOWt?NBS
zwQnaOiY#{ic$V7B9-nz0KYVsf@fjjI?f&<zB1{Fe_mz8_l(=Apz>{6>YNXohK+(Bb
zCeMD=ChL#Ga~os;RjMWT)ZqYcDYkmB<5i5IMH=0{UNiDe%k&J+&~x}XpTp($T(9*j
zBrR|+Ai__!g8-QQk3YQ(;DppOTu~t;+IEt`9nD$*lYk6M;t>FbrhrNYF!LmrlE#*@
z`jx^b-@%*Z9k52iFM7~^MmivOu71(xwRq&Y<l(J7l>7{sNuIe)?bBx!A=RHRcJtN1
zRWu7rN4cXmtYKdUvQE)jJm*{$)7U&Yf>K_s7dmRi8t2x;!z?ZQWf-t4(q3Tw41h$q
z93o!L3HC`^+oKX44Q>p_rF+4&KWTe^#6)i92hxyv8J^>M!rOEKZ{k4>VHoFLtj{XE
zrqzBc2k?8-;5$$9Lr4rf$DO)Nt8XB_x2yWdNcrs<lYER0KO*e;4mtZpM(uAAd(@Sn
zJSG$TY{5j%;G7;P(CYqObo(xPD@_V7NcL5WVZ0{mtaq$W+FF};>NLH>6d8JS<q=o^
zkOtGGYPS=l?X%{^b66$E!jjCu1+W!^*JqWO6=kLKVVE{Y!DHs+&|o0jzg19n`52o;
zxG#u}kH8H{9mcr%&EMZHDb^Dg>uEdMhyZvM(Yrn}b%-q7vWb5Xz63hyZD|Z|63u)?
zwd$L!AZqS@*DnwrELa`sX%@tPfJ>%FjAh5+8kB#3lhU*Vtk?b+OTcf$C7i!wt%W_<
zDI9zb#Ekm|ii`cZ5`Fb9l(C>xy|%+xBon_*A8@JKBP0+X8o-mFYcE#4vQAZ{e5ZZ{
zZXhwL78hIEIi}RTQ`HqFDIXV|(V54>#Valur%zE7A`fO-Fe)aT6!Vau6h17tQV0mK
zdMC}(xsww{`!LPrA<YW0@{r(-OE7-dM8gzS8UiAIaN)%@yW%Zc+14?F{i!tw9%wJz
zA&nLp!$y-;i@~_yY=o3RL2xxEa<N*=Bo>ss!J=p5qj3zIcW4mitvyLn79J9Xi~7MM
z1wRj37<hyA!a7U~yyHeb`AM+HYEi<bzyfAKPl0l?qOjmCJvxrA&2LSG!Jqgu!bC>|
zm6IwpfFZ5PijP9A;b%w|X0ILPdSenkFzYp5kn~vN=w3}nsz`(FOM~vXHE$LyDLL@(
z!+;%!uaatO+~LfwZ94V&*Apk~6s8~ud1el1bnC+};Q@=`0Qsy^=9OhXa5nWeaSau;
z4gg~TvV>TR!g@{&l!eAj)9r)m;@1WZVErh{rWLiZv}fiP;x*$ME8v<}6!9yEGQ3#2
z3imeV-_cpB-0tf+2w4+sN2FAs4PrinEf}^+iJ}aH6jhLFif1!^1_xbX8h(m33C-I7
zWM<qjZQMY$CqU+u3&|A@m&Y;4ZncyU`ywE-$67m!=VV|2Xhhw0J-6Nm{7Qq}eE)xg
zI6j90-w)d~eY$%+Hrb^-0#S;)e5KO8r3pKz3ICZljr@Pjn-(CrY3Q<)LrZheqUEGT
zlhZAVh&W@GkBd>&uJB;!_<O!&VZ9@0&m5k$P_ai^LW^(SInuQbiLugXim~WoM0=Pp
z#*{2%-VSGq7GP4O#i;%g^B5}To+fRWeBG11m_%=4o{ZV-g)x%0WD_m{VmVBuIz*YB
z@)nQVpxJjA->XPL-b_i%xO+DKFG>faH|VEqMZ6+C?V#mS_-Z3z-h2uWm$2t8;La01
zW98HT4@viDm7!?2irhWx0pNN-aw9XW6I)8BePg1&%h%<zWf%@u3S*h?qpqG}j5XFo
zzTa@KV+1v2Qm(N^Eg=cR=~G36K^=)a-G>ejzi6T`o1cuP7FvIva7;pK$!0!*tqxyS
zXsUq3&Tav@{Ew;fbGdjKe}>a%`g$g*;LPioyS_SD=k)wxln<+4U+nkR-duBJ`1fD|
zI%*7^fC!4Z15{+W>BS<6+EBcC6ncx1UDO3Y8j&_iF513f(1FFgRz)f7z}LeE#0(!B
zKF;ysF@Lf3cKC?nGS>@lGEjDz;qc1Oa%Htl=3x<I;X;JcyIHdXuR}`HMrsmA(vWgw
z8ui<fsTe1IfI8=unvbVOBYPS!gK^&L<sQ31A!V>E=h1dX1U=^)aPhItMT$qqK%n#T
zH2#$ONsvL<Pwtn5pCVf@6PSyjE=krJebQlcp<?Cr)yo}iians{H-N2EQj7~fRaGkp
zLGB(gq%fIvFsUaf!ZRAo6`D7IB($*%A(GU@wib#g_BY@Njtlpc*4<-Gkb_M%uGWaN
zK8X4&q)@};*#F<CA);YB;eeZNQNwLiv0SZ|l-o?7vU@GRcEG{?J!TG`rh`kMHq=%|
zH9gA&N)eu0RAA-@q{g|Rv_glPtBcJ-zHgs?;Fylq#W8|;ZB)lkM=O&XF{)xwEig_q
zM(u`eREYSAYaJ@c7wFVr&ai~qjnnh?1_)nkz!+m=(GiPAcf-TfC1&D#!hT!PTl(XE
z%b-t5G>UAsXT`3nGIc86+&gk-m)fdOl*0#bcHt$uFraCZK*nf=#*iI_7jDH>D`Umi
z&PLC1uk28Bh6BA15N#+wQdfGYc@6c?%wVYfo!lH5(r<bWA6V23&=oiQQx#satN%8s
z2^yI{eg?hmdr(!8y57s(Ii_NQfL)cBW<&3Q@NLVjk(okbuYZ(K-l?@Z{eQ9bj?tAo
zU)*mpaVEBH+nCt4ZB6WC;)!jWCnq*0wr$&Xa`XE?cRlybebLqXtX*BJSFhTAR#$!Z
zXY;`&HZbz)-%73<`Q711NH^9|3_Z5fd#|kkk~K>389<Ho?mDv{p;tlYxS7(uL7)D>
z;F>RG4(@$uBt!;c%R7Y8aIi^@-Zhp-J<u{fW$o%mm#6e>wr^eKtO&%F&W~62Sv2$7
zg~JijJf%=>8k=C7&5w<+6gnK`Tu~p^MjXPF)!moy7R?a6;$pr<)bg>dAt@R<%B&M#
zDjnKnKupfizFj{`;-~x4W%7m{LDc!QP(qw?2>I4}#W}p(Moo_+UvxiRapZePgV@@2
zc14c+Hb+c~a4s7K-VKsevWeD;yFQ8Q>KkkdXiwqPKQrrdpyrGQm$K}X%X-kD=15Cq
zUaO9B{NG=1X|p?&e94d-FbZZv)&J}Ae|r1m>B}BDR?2zMY}oaxq+hFgt^RM6^;T3u
z71fX6(mMX}?`twCzlVQr<l8CtiSnTN^7@OL0N^Uh1MO@FabU}1-<%)r1=0sc4_fR5
z(C5LgklplLbJ)7W9jqpCDsq?u2*IWqoiMmZ)8ZP%yw9edz#Wxx+h*f-YVZ=|T(>he
zR*_*26(PoLm{aLyN6dS>(rOqf&Lb6mzWu=Va3qMc7^aU&)q+;{Z#)CF_b<C2G-2H~
z>-Mo$5Rp9xKS^Rj2nYzN^Io@f^HGz;NQ`tg4w?o=LbR_^P0YTuN8V+Fuy*j^-|oOq
z7{^22{vd2(5_<k}_51!rrA=X8xw`(cnqcX0v0$gRBB%a=HSaKN(%bmJ*yMjo2GAr+
zhldT+TNsaL!W<*k)M~$O^T5st_I(<@scxS-6vs_xLE)D8>Blc#%{FG@=Ktj0GoyU-
zh2Yas>a#mWaOQ>?nPmf$P@9YlmXa|75XzLm=!7f?eO=Vwelu{dF=>0q8AR&tJCfa+
z7#?32IVE!6WNi`o)pUeR`kf;)lSng#UW<vn{()zoV^avSGiU-LX4FHv$Tp=_BJEh7
zxEn|x{RhN*eWMaShV;OML@cmJ{M!E~!e}#;Zp|9aD-dw{PZv*e%hSdZk(z%wz-U53
z$Cyy|qepF_{6n`#0d#aKe*taVqr8%i!=s(Xr8{FNjV#IZys36D`ycZOMWQ{+3B^->
z=Cf$L0HU|_R=45GD4taJXWiaYmUVqrZo=2cUex60r{&{CuK&ZB<B#4=RSH0&5cb~1
z8s=n9#2>6cviFkF@(?gW6TVTR1bg3b3MHc^uIlC|?q;Vy#An;hRnwr|fw|MxCj1c1
z%-X;?CofDG+gOxJ{1Kwe+#P3lb&=ja43$Sldvy(S5c?wU23p;*(FhKN6#~r-9;m8}
zxAZ0jP4M-?{w4D5hhb+zc<uWh#VlNdRy4;U&TXLkS73ov4wHzj4qiyEIbbWW`wzlQ
zFpckm?1<~3N3jLK;8RVhT8ga5lm=5P3Q1)@?Ej?gC1)daf*jk~ynacyAcuub>{>&m
zOz$6B$Z}gNl2A`PCo~$d&Oo%Wts-lhl~s7x)1G2BrGfm}OLof?W=5Ie_*6(XNc|5T
za*job#S*Nq1H$h!zE|b~<mOUy&gzTiE5}aEVE(UhbY};%ub3nM%iA}ySNc#2>L_}<
zoP))zGfOfP+?ET#m<9aa9(h#MIub+wFlvOiN3J8*&8EyYIA%@3kvk$XJWBtY9;>1A
z&cn!@J6?%yGhU8~2}2ZtcIb9@1M5X`8Onu&!kOJpdxQ6mtYJpTsGd&s^?uGD3CoW(
z*&PCH2{leu5%o;{7o<@z4f%Bry8(oPXBn%aRT$B5KwUj3i4)g|s~E|6eVo`b*b?r?
zE{^=LC4I1Q@a}jIr$fu1w-FiS-#^HuCN50WfZEN|q+0R8<NsoQ0-g1<v@HaTvhAX(
zrWGt=4(ENYQ*IWtX$iTAiG3yyAA&KLvXhtrMEc`a(TyQEfw4BL7R4rGn<zt<8-U~m
zZr9IhR{RM;L5g_EJ7LywE#|pl_Qc6_VzFA`OHJ_I0BW5@4A6qt0VGq8;Bh{u+3=U7
zhb>dN3Bz_!61fu_H<FtC)lk0AZt|X~`6K;|gCgLI^~GV<s<oy$zM9PdCJ-+!beivh
zHJB0z=wEG{mMyVw(9ZzJ#8}sY9qOIq+d*D(TS$=DXVuKm&CCoiHKw?o3KIq@>_FpP
z;*A8qy@H6X!PKKBL7z)_n8UgynGu(B0%*``R4SEGWlM&FX~;?J`x&-Rh@@s~$>Kly
zm@oHc9fWOyJi>HAN#?@{e6ZB)YC&=S2(=rALt*A`iWi@ISX64Ukj0T$rDEKmBf*rO
zP_v=v$``E+QkcibDU(ht27qtqIGTcM?N%hhEfQKa;n&x@jZVP=RA+4gM0f2;v{unX
zRURW$89E{IF`2Hi!|q<|B%Bvw|I*djQ_!=Ov_9;_8G2D5DlrYCNVi}r-e>*FCp+VT
zew>dXm?ruyThXY>aV0CObqWef8IG0S?SEty!ZRExH59lrAD_gLHzXW!4LIA|xen#o
zE_m(Qo`j#0p90w8^8>jj%r83BEq-IEFAjxs4C}J+|5cvD;Va@>MT_r(6)dD`v;NgS
z|7O(`4>PjQ(C$9;;eB*R!YAZuT5%cUi@QV{mk)@%B1O&>lFR8olJaS?L&>GQNtfMq
zemEr)P}sfuuW{DM>_6gtw37vj-$T)FlfvH$<}VeP1xTcC3|O<lU4W9ZDFZ7(J~80l
zIilrfZ3l+;R`w)fLzj-3LPhRIga{y}REOX1Tfwf5Et@2aPgHE@!5BY!CXdbzB3vP~
z=TnocgkAf9{VJgn77WIGdn`K!CXu5*2~gv;QVY^ATbqyc3v>$W_+zou#*H;wHY4Zn
zQ@l@W6HZ;&`i$)%hb{i};bD$rxD9aSPQ`=4qL@Qv<^MI2<NT*U&l!r;Zj{ad0{v&>
zS~B%LIF3w!$z^+8K;5?Na$z%lPZ57>nO*QoZL~3;yQ4As6f(B=*5|<-E0g9r!@6=y
zEFn!wWa-LH1I)Jzoa+b=xK`|DS0u!vtKB>i+)RQQu4#Ab9Jp=BHv!lp+y%oJ4JtBV
z$G!c%l5sdf+qOYbFOM}cQiZzyZD?eU^L$*%n&Vq0YL$L_CQTR9$9X=ld`Hc*M`(G%
zr#k=l=v!?QpVz-8$pl2cpSj!jA?1_PZ}IgcV0Pmv>M#C4R)q*^K<Gn;c@tyR()yQQ
ztL6AGqMr^KdEsLZLL!scOs^hf+z|ZE<kmgD)<ja7%^S_fUNc?*^Ty)zZj-EzI?{b~
zH@nV5u#N6p#u#0F-nfxFufv<L$&&tQ@I_H}>no@#57heS77uDJ)2R77sutef=;rKj
z7?J^$E$APJC0>2nzU<_0E7-dIrcEDbU6EA9U*`9J&({uri?<D&>Aw%^%}x%$w=|BW
zcgO1LGTCr7KiYG!GDW=u3{m0*Y3w?KdvC5@Dta16(DSHz9$`@#-Qyw$b>iHdrxH23
zS50x$ZYBO^4nN4F9=OpBK(`eZ(APw#obh5RE-4OLC-fbTDWPST&)M|i$v8qeQ?AVH
zOATi7OL=?A#sUmy8~((QN#kJ5;REva?P+!<rFZNxlx7djT0{3!JYCp0&kpDPP){uD
z;1f@q(p?(l<{LuIT=&=Z07a&lGSn+G+R|=~X$kFGa)R?5SPolc7jlNt7ERk0bF17L
zA@;S1ntbj&l}!L2_{t;841C}7TAxc``{L`18&y?nrCmBauWUeJ_@yNeS$jI-h#u!C
ze$%La(=nDa$;v>HN0?vC74dM_M~G*ejz??GrCT>bo}JcK${XkjTX8G*`KJ-M%rfu`
zj}%myA$f)oaFi!Lu!3tth$pmsA3<x}e~Ft>BfDnkXQRi=Z*N0y5>vL;sCaxV@e@vC
z|2V@gCgy58p8Gp<N0Dud=T$o0z?5Ii-b?aFa$(G`dwkUbUb}MSHTV6WW_Dj6H1AX^
zCfiYO!pF8LJ!o+}iYh-xeIS>4G|4!UC|2(xq9Vt&fE6)X<YY`crPj$G)7n<(WfyeS
zORTu;Zh2fo!4cA|qq}Yq1Db7ya+25+XxvT=;b9d8&TNeNZ$GG0I^WI-zur3<+-Awj
zUG3`@?i)wc>ldO&)aO11M$}avjOrGi*GwzZZP{};R;(#>CQK_^V;L2iaMmbvqU{m^
zCDw@m^HNNj0WT<0xs6pL(t{c=qy@eo@EpIhToVyK4Y~&?;!MNzEdCj@_MY!lF-Lm<
zXZ2O;-@#|s>(VBkjI*et`E>5j+%kVf=qzUEJ&Ehh@Lt5vgx&Vcfi;Rjz7VU<*oO?R
z9P8^e+V)h$ZKwGh3U|GOTB)I;Fgf6mu}oNyXVW0rGI=#w!$*~i|JJ}x!b9WHX|xU@
zOk876j8<|stLz&HrXh)>``H~JcDU<sv)a=p@Agy(3dZ$&B9Qd7@&yoLsvNy=M5h@&
z%w)+LSK<kzOSX<h{QJIt;BmB%odwZ21%+}1y9n|Pn!xq4xag4i;l7*SGh>ek60-=q
znN>4GVcYQeC{#1EEx|XBCz;_No(y75`fIiW?F_^^B}8z=cp;&up;)ZIQ=h!Jd{3wV
z21hJ~!?O^(*49g^(AC==!Te14HZ!pB5i1efGC|Xp)q=hU4!LV<`^j17xPfiDSLiFf
z6%@5zb)5cSvOHkV^zBuQ_8Q)~_cCIurm9U(P$d^p3PJrAAyK%>hxwP&uh-*_8z@Qp
zF)&chk7+TJ??v#fM&3vNOP`^=YC4A}>ru}%I@HT!Y;1G?G^98D-ZKeU+@~0iBi9*7
zditdw8}+1lkmAe4mp|TTt`f521oJi^UJ93rc~-N1B-~FaAwlXGpH4t^OF`}DvN!Tj
z%Z5rJTWdKnkBHYZL96AQm?==g@%jPSyR&!~1f*b><1irwU*5SaumcFyL+vg2S3`Ba
zL>hZS>rqfH%#iJvGger(`S?!sDF}Vv%B1!dboWh?fVJOn%45%QS0W+av9J#m+TihU
zh<AhRn7`Pl`r8RQ@PDyVb+lu&;Qw->YG~)R<TZUK?Q5gN?J*@yvjtC#Cd!lJ2pkay
zv8zLt{m=OGZA4uy{J&m91;khwb^>g3yc8;2JY!vLSmBP1{G9>yA;O(sPhlAD;P7GB
z|7_5X5wQ@s>3qw#gRY<qLJKwS%SfHb9<I+!RTZ!Ee*``e!ts$HwGiy${^F*CZh?J;
zA>l>>Sw~;RwRSp(g*$~mgXh(J1@o5(yT5Fx274U;7%GG8akj|Vf+%S3qV)RR<~{Vw
z0X$Yp-!hVv??+{O>S6GXo(%!q)nJF*ugzS%ICtOA4%IWstsTqFPct=<R|N69M`c@L
zU#LRQx1;Wmd;H)-ey(en6K~<yuD7_6;CudjiN@7n0<}gMerw^_Iy>RmjOjwJt<34d
z_ivj7)eEiZ+cWP@d0z&@Kl<IP!Wz|UUY=1_atn3#Dfs@v<~ytx{uk=sVV?+~$dhZz
z_%Hg0O)Ig_FaP&42s=G8tvs>(j{VASXY7<ZE3t1ZllT9IXg)gm-`(WIb%_vsH&D6n
zslu=J!MpB#zTR51;1dYJZ;#3@irYfJw|e4_{mAb0#~m0aU=e-r4x3ZU`oIWdUoH&V
zFf4uP4xfl-^q9IkMdbu3#;*i2P!FGiU-*su6g>1%bC!aS(3dIrfH}2t9{M7T-wo+%
z@Dcltr(HA5l#LJY+x30!y<45@`@h%yHxIV$5~B_4kX@p_=L1|P+X}RJ!-zQ33Ut$&
zDJj-g<^OC7+@2hQ9Hwr{afhiq%JHiTxwNhS4bnM>*(o@OK6YP!ekei1JC#wwU-`(S
z+kW1el2mgZDia?7;v_=O*{6&(wX$L&TGZ$c=JKbXPN9EL@i>EPN^1F-&<$X;ILzZM
zaSp~0cVG^cogdfh#Sm{~lDe|~0i{#8m&yh}s^NX*rDOywijS-qFihs^b#;39-JHvP
z(ID#TgI3}og#B~md!J#(`W2#OemP^{_qcbG*{z$?<@4C8$HqNjeAQ_{<^Ja|VdJ+_
znW+ka>&6)Tlse+X@I>hVU>Rv(A3nB?J7(~Q_UD>JnmLEPHVb(IE=J+7Zr#7^H@>l-
z-+z!div$HfN!i70G60%<lt%?jvL6SG0RagEV!^zBc`kNShk^o9f3wg8vuGes;76X_
z6>_APT;&>HU(GPu2;zHE>C|``wS`df#xR3M-2~$;oQ#jK-nn8dEe<1HL~Ss^i2rPN
ziwQTSrP&Ln{u|h($4d3%PsQMNQtfO_0t`Rp(SO9NzI0a?Hh&L;_S050f=E*n3q4}#
zcje(tk=^_UsORdgdM5zJC^XWd`WeGi!28F)ov;^Bl6d-;)BmFdvgIbx#yg<4sfVQQ
z!&{Ub_rHp5x$Dcu7Gj8^pLb6JRKeZv6eZ`|RMdYVo;@XR40y@w!wwT`MwFTYT&r_(
zvUD+jQm~e!XE-~eL`r6hl0<4&FNC)+A2GJ`x1!%>SX8FRb6ZfAmZ2g=EBJwa!NkFD
zb@BK=BxMcO0w9&Cn&?m>g9Itrjs#iCTZUss*r#@p9NV{V9NuCB6MUgEvEmCiZ1?wd
z1Ket@@WKxsnIs4hZ`soxPGkoj5BcF3F@(vYUVSM7SlGuOTk7|XT+{L#d#X=$`xU}z
zZgnLAlK*2?I@jZcEz0j1O<%^0OdSvkbt?P&JYRSFdpw4Hc|KoH2`>4E>|tkHM@v8o
zSh0<^&eV?&@(ucHpB(-N8nJo{Drr-^YgByQeIQcu;ljKbINKZSPCAMp3*#}bq~~)I
zS#CZx(^iK4dRrfVwy9V$ntaw7X*9?F>l}wlo-$<apjy{Au?NyVxg#G{j5{TX0Q!^8
z`!{A1=NyC8cqx!^7@p;$P@_+eVCs$+AKwg}aI9Z>$pa^_QRxsRKDcz<tJRL5NKBwl
zaI&z2s|j&jB?Yz>d-dO=Q3_DYdjC3oR(KYjmm!>V=GH*c&604Dr&$hHt)nbXoJ^AA
z658x0jEiN|s%2ehkov(tDQ+~%Fs{czRJq7Vo!33Oa5s4a%Tv!+vX$hJQ#U$BqJ!oG
z&d`goVa6;~xWw|fzOg+RmWR0Fy!G(qWx3SMm>17Lw{(yJO(W{q$`vkY=qN1n=--{f
zH+`}b5gm@Y^{wFG@;RxYZk7jruiU=380{qM4>^Njco5(+l!DJKsagw!ZL{d;W$pX8
z@1WJSD%*!3Y4y>T-rN=eLxg+WJhBHh7%1kQ>s=>5*o)4r4rNiAL-D396<0kAo=Euy
z#)e+G@?&we<fy?EdhgjE*32Zwq7F3F9R<H7vZ{+q<+CO7&lD3Q<n;u=Z~Rme_UvZu
zWUek`^;jgaO+x-TQS>#7-BU04P`x0SPja~_+%|NK%dX6lW~i4SN?kcQlH0-7^I|7L
zlISC6BZRCjsupbK63_Ma`9e`h9lNfYO|dO-*!z}DUf32FRaItQBJsS!!t%G&Du0I6
zHD5}U74ATbiIEdaGHO9_p+jL4_ph%ddQjC(^Q8w0HYwellSy#G5(x+8VaH7aWdpzL
zELN9l^M}vx?LgX2T|INh1#jNp6^A4_?sW9-D%}{h(df|f-8-=Aq~qq&Ks_o&>gieB
zQ6ngn9BKmG6^h$82^oYC156=z^MCZn_ans3JTz0j&b$m2j{f$AB_5AICLkQOa&UuS
zx9%DwVdTUDkOP|T9j@FfQP&_8qR?-qQ&l9n)a8{kX3#T}O)VBe1y4{L#K+SuF0=J^
z_i~yzCmZH6xN<J|9P8-*de@SX`&R#zY+YQmR9dV5aAID97aCw-rkampZ&`W!Uh;t2
zi(!Q&C}i^+OAeDmDjS`{6HzlNA75vWh#9LmS}dL1lo%&XFg_BPS>VA-xl<>D<He?m
zUeK@k0W1FRS5nNxL^=N)y&xEz4yovoODr*u13eMWx~!VPue_NI;SrlVt@mOL@}iZ{
zG^yDp3~zvDOA1Kw<Ca;=1G5f;R?$~!1kDMtw)kao&*ay|=as)3{EuD-C~20dZKK}$
zGzl{X0tD0(ti@l9b|6_tJOj%rXsjRu0C90G@V3>@M#}E!xyNbtz_a3-KY!2DIv@io
zUw=Xur2fc9=C6f*<JIj<$$|9uFGGQh$A1VGYCasdZit^E;IP~=Mrz0Qo#0UGikDLj
zK8DQ|E6{b9ryK&$`#NI_cIja~C-R#IKyJB^OJRHG4qPi7ukw$N{mwBqangUVAh$Qe
zc_r;UH~X;?28im_#@VUwMrX6?|MZYt4ZAqg!NzLl3n!%kIDjDF7xXJK6N&b)jwbS6
zRzMU@mu0Awd#aMDqBxUO1$TIR$p4#H)7gm-BZ(AIt8Kn`I!%NzH=<}2``jz%JZ)?x
z7VO(LYG&-8#s7OCg-Q|_=k?7-Ge#bNxI1ktpA6-G*%*`(?&2S7{F$RHyGGRE<h`l|
zK*%bNLmGY5I@hrydR@Pk^cSG~B24^IkF*SHM0ep9`mZIV^$H6-NM+0M;ja%Qc=Yb1
zu{^sBM{eOo4|c)pQt|>-PJ)Bq$No&=2c4kc<yBhR9HAbF&VX5zl?{FV&bF&_$x})J
zclB(VwG~vKM4L|1KG6I^ndF<H#d_J@=Wr;pDpD9+FKdv6C|zptC?s1>%ktS=0EZIt
zhKa!%t5x#iH0Rx+BVugjY>Y>@^%EMksiL15IiX4uk{9uuD9;7D+?!i9o$AR!mE8+k
z+#ui1FHTLcLH{=`Z)K}-mB<JUO_yW(RAHNnwuy;jCbhF=k<PnI&i4k{%vsZN!Z!w3
zLw1wt<#OUDSJtHb1Ur>|S`wf6LzLhdqUc;>K8;wyJx)+9(8?X}$j^dgJ!UH>VYJ8~
z6Zc)jB=A+-lG1J-oL(wE{bxxc#nOS@uVfl!49*moiE&05CDSzzo(~q-e)!#|iyI*_
z6~53)381Hi?bJpIRcVOv&9+ZR34@1Le$b-N8J1RF!>|zVyI%YN3@>By;^hNm%lc1q
zb1>w8yr^OC0#&-VxD_kkn(gm|Yq+Pbn-=cYl=seLJ`ZUPx5`YtgGZIvz2GX8+Pv`i
zT5#qDLpC$z=(={RuRBu&ojwgFIG->JI|W_+G3Bk79G!foO6|00q}p53u08m{6+shU
z;ZSp{9K{L0^N><Y>Bi_G+OdeW9QoK7Noi-v%44anMhTJ(&7=kVZPP3VOKlqKCU5>-
zq3!vH&F3qNWIJ2P-qsGIdXo0Zemf2k2`|bE{WdI|RrA6rjvsdz=5uX7cGX6?rkIYQ
z=kG(P8vKdjv@B67?$J#;nTw+lI%^O$%0#4tNL0p5BfnvokVAP>C=p@N6UhOfZNozC
zMOoZ+3cv7-0`8&1(ytKKaXzm*mmUuuWd;=scgp&J8@RvPOOYeb;R|mLXCY<6UV<5I
z9MoiLcW@^~IT8=CtA?i;m%AGmaN$sUMod{-*`z{d_hrado<9GWxcF22>ExO@T_>2b
zQmd{f(ZizdS8J!@KknlB$%O4|i>EGp@T{hM=JAA64n(X+@Ot~asuS368DKUxTeo@)
z(_^i!8huiAg<NykGI`)sgxAmfswB)pM8CmUuzCi>$T(7)uR<TC(XF;JJtAQSzfNIO
z6op2&+(ckI$!T-;dc(tj2r%=R^A0|zk-g(MOnuMCxS=sJ$$!EL^>f^<#%&rKM{1P6
zOr{fn>WZr(b=cal+Nn1l$smJ4ZBUUC(8Hx0SFH<O6`w4_Tu0Ra;Tsc~Cj{Cehp~Aj
z@ZM(8i;z$J9g@R#v2gDVFvb_yC~2cYXNA7$1f4c3dyqCZ<D4xPF<i($<Z@`d49OqX
z8ztA|40YU|$^G&#kz$WE-d0s7(eUuXHXx}C?KaIJ`lBIxSPc&uu__xnD~=AF@~*Q!
z_NFtCh)<Kir9C*v(zUA=u$~M8YYdPEVpkvq(q!`#1oS)4cno!)NFQRzAnnJHFn0CL
z%tn%ffo><-O^w>kj@88p&4TI{EL5hHpLjB~Q|0nh=XIB0=B4PXh31>v5t{)&1)qvG
zM!aj^N-+p-6=mkmc@o{f;1Zg86fd!HKao>JLYg0hmVVgYbH0W)IxmxMLIA4-!*ffr
zy75phMfc)DPJrSf-{9t4&Oc!NoYQ3Xj9>!XtJjaVruycB{5;xf3qloxfyH3P=S7(h
z8GS_2OP?~aT<3d;tn5(u)fa^8mx~*W)<!>#I=!hZ|35;I_{*+WfBDNZhv-Ku#!|r7
z7>5?<MOtu0eY?40F8tRm^RWGUa$UQhW;U*e-nw^5<Bj61O6AXHrow_ozGuFU6f4C2
z)~%sWIVQY_*@{SkjPdv)6?!_OPwy%XaS|%u+7oh=@i(CCy!c!1+hmqA0QZykT&Ke4
zGRGH@$V_@h&2p-nQ8}VS^lx)BV|(7OdUWFwY6Y~6ZvOg^J;u^!0&yB_H36Sc0Cg{B
zg)A}W{}uVhMCDu>uwOh@9}UF~6Q}IcbCKuv2_2*txgUG9rj{|>Np7#(I$;I3yNvGm
zu7c7stLWBYo&Vi(v}-6gdfM_Fl39BkLSI7h(|Y{Xw~KB1qP0qG7h9!Jvt)h3+1;;u
z0CN!)Xcq&XYok><Mx5ulD*Z8JsdTYOR=+%a{GSv!KyU7(6sK)^+xxhb(CDj?F>l?{
z<gadAcpNqN>(ukU;9jAL|GgROL&0vqoM%R;sZ-%$Bb0afA~d)>-Abm#nS9ed*zdYA
zBEi7ebKjWl8h!UwKh09h49fF537akB4Yd~!Uam2Mk5!Cu4Zle>KUmUP^B?g}`E@^{
zImO$2m&qJ#JiWtL4d=Zzf7e{~VVURHVlTw%-RnnNw77ePK@zGWZM)y29=zI46r4q#
z=Mk7(+3maLI*?Mc`5awRlok6sZ*ZlzC;RxwC2tp_-E=~$?Wd53zc5a$Q|o)~E@bg}
zBc3&R55~|Lokc2$iYBJNtzm8ngk#29H53{6^G9|^7aVXJ_}-iWyR`@|w&F-6HYP|J
z4hA9Cf!5yHVV^cF<Ady|D6>zmdkn?ijS038YXiye^?f!1U1PpFseXZvc6zrf=Jv_H
z&{2JP$D0$pE-(n*`zqCFQ|dze{^3*h?yD%}JpN&yf3XrudwEO=2~0^fNid=wDs3*?
z+n@MQd3=y{SHs$MFCTNT4=ISzm4o5eYk<P$)N65?{|M~})S7Ca89IB-mL)^Rm)L%0
z6>2>0T*ULRylHZ<q}_GCG5kH~<F94*|JEc}SA1&{#_<eO%DzyxI;WbG&Qz)xQ0A|4
zD~_O=bAVn&FAUE}O#B$s1Y}+P6>33CL&<90ieAlMme9)4Yu$|NWx*bQuW^1n3&cBH
zAO*L8b%=Kgg+KYcY(v}Rhkk_fH?CPBHX|iEjlX)U3-~=TCux8wWztnBAZ0XEo=4P)
z$|uWA%d{m8VTKIWedC43qf{hAsvB64+M8Mgo;zD7_`8i&9j73AK~kekEol?Ur0`+;
zMgl$tc@43)t3ZaT?#eTguUa6dI(D^(;obhNJ7(t0BjstyUFluA!xh{Ia@*CehUn*T
zqZcYwFHsu|(<16$CQwSja2ZjKK;Xk!mzeza|CSZs5Byb$g=hlCx<S+WnUsL5YC`k!
zRy;OfUOW|)Ose@*?FNU?H4FQ0c-lOxS5xO!p@-@P?{(c;-7NFCc(&uJ>D9WM{5$4j
z6vO<wFdZYEJ^_1a^OwyB!JNP#)YtBoJt}C|a}b8ZSr&dA=oz%b++O%|Wa9lCjcH?O
z)j|exmLh(33kJrACGGwXLlt>qN$#h!SrL~rlZ@WjKP)1dX%G#ej@7+_`N45NU>vU^
z0J|vM;ag2Cqa3AUG!&eWMm}!K2=faBv{-crZJPkB)bAL@nQJ=EFSt-D!)>BopSo}p
zfwv8`eSl+QdMAXqji5tdTM=RA!xe&KB<xcB_s7&s>5HP$fZji7-ny~A$=#1FF?nlz
zUrap?{qycf>6tSyJ#l~^!8S|9K6FQPLD65W34v>%SAY*5)Q1Z}bH-58g1w14fe@>#
zButQ3sR&RFr2<ja&UE7ypLY045%`IKKHqmX?~UK%eLnLyUc=EOAOUm5C_Reir~Y*w
zYK4`H`(N%unMFvd1Wj)6?Ei$6Mm#;WoroSyBv+ey-<hMt-6qKNXr#^KgFRhsJ~v@R
z8He<FPPTpK^hE5XNCeh1(c_rHrQ<Oy-)dsA7F4#e8jz=NZr~4H;{w?4bxkFQk|5|D
z2<n!_p$1`{6P6pOKk63-O1d44cnAD1I8TNbfOKoKX4YE-zd_+{ZGF2ss_~iQoXsPy
zGl766L6GRT#YbDCt=H%(^iM^`Dse0gr<8$wg14pT^9^oeb2MaMr*F_R-LPLKIpK6b
zdvoLZUhT7FN9CKNgKJyUU|S=cO$LFk0gDSXkZ;IhN&(+Lv>~^}v166RdZHWsXY0jC
zZO`dG;g=6n<^;j~Jab`2?Nf%?p@FsE2fU%-7M~x8H3~Ov5=Qx5Mi%QYyloQi?Fz*V
z2g3>0KDXb5q>{+yU=yt#c}|cL8`2RZ{?e<0I`rVYHr)|L+l>F!`B2^8iH)%M6Q%k2
z0!oaKGb~QX*Sswn_i^_J2_2?yuAZf2OdY?0FlR++oi9`vI~JceAH;M(GQR%&{$U{2
zK)=z?@`%l-S-NwB4k6sq^Weo8qtums>6DHWLvoxv(j}0_ixj0@oqM3_ebzhFuMEXh
zTBX(66N&c^>?>M@Ut?!-_Umge`lQPrjX$Sh{wB4Rg)riz`e0tg*{u}DR{J8lAI^a%
zj-$0SC@b)ZhbS@qG<*Jx<*AKMQDuwqWv3<oj4p8=OI<|Bz&hH#$%3NPEvR&U1C49s
z@se{SdtS~zBoO}pn1ad*mj7c4qI4Zvy+=BstmVgdvgGSsZl06@_@yy$Clq&`E|&*c
zq^$;1{}gP2iX38~g9o=jEOv<4-a}2%U9I(y;ZH}qL9=7#q1e%h{EQXbpf~s18r8gy
z$m+y9XZd2&xI^TN#C5!c-q&W(#$3BTTv=FiLeuFB4$(Iz<}uu}=FTks)>YQmmY5NN
zjP2?YX?}1hfh)0x@u_N4o%vZa15<69PptnxJtd~|P&L>5F310=gE7|bS83Z_lWKEo
z_>>FplK|(u8nC_r?4`+DQnFi*z$diRi(69w-%2*a^ICV*TO2F=H{<nPlm$RpH~F6~
z_S64yvys~#PYUf~>JuH#A?w)LUbC)~mARf7mvVAJvPoyo&ys!x_36^S|Cgycx;R}R
z{2%gi-q-G2qF;-Nh-A;gQp1d_^qAqMB=L;<BGFg~@{yOzOT0lP%}vU4HI_Ag%5U}3
zlPg+fSn@S*kd8I8>7Of7A6GOfrwgK7>ss_KZeS1I0Jq90a97Ga17#O|MW49J8M!8J
z=Ja&BW}X}DbdU`BHtIWdnKf}_FZH`=`xHg$ahIc&)BKnS$TJ|(YOGQpCD|BtEfCc@
zu#$czJQOJ^Ab~r|0*&iX(f~O<6JPv(_49+FoNIiCSaQst_Q<ZBADD-Y)+ZWCkUyZO
z_xU=p?WLTsV1;stuYgK($zPY6-lPMgvL{PO+qXew<4@ldJ>2*;o&glCc~WrgV{`e=
z<*ztaqHuLs0&M7CbiZvEAKXKNLNSv|NM8Dq4*3-J_Af8-M6Wq3eT<i6KDwzb#1`ll
zE;4C291kg#H>Al5m_LO#DNu{;=0BC@KIx}EwZ#Z>X<@j#-3~{TOY3mlhWl+#8&o>Y
zTJzOQt=Afp*p4FL6$0D+ZQWZUHYK=^W<_EzeZHm!8R>A;vg}>`%5tXjFnOK_MwUA7
z>HABQ^wK}?zTT(4p4j{^{lBhKd0yWAKc1}OuN?pMJos@eN)qg=Yd|EhF1X=KrJuV3
zA#v;&n%#<DC)9s=0(YQ-UzRF_`ZAMT7eoP3W90|>5Z>9c%DoS|EHnnxdm<~|X9+HZ
zz5?Pu$82so`T33M3BZd_*FsC?+jQg;PLodX37#uo(-Wv$nPwGEl;~R(xJ0*v=-<|G
z;d4$1tsy(To~ZwjnIem3LY55ROK}sQ5G^)||2;vH;Z6&($>bTgDz#>#K@H^fvxqct
ze(rqJmlON(WRFyBUVX6GkqwYfIB>7LH>$Pjt!I~)jy9;G*fxRf8QT~cYZjfp4mNel
zx9M>EQu`b7*$hfG#ucWh|C`4qm(98BVedgz7nyF^7pc4(-C^uONhCMYd+@5NtBC#$
zJ>lK4FT&(w4dq}L>{u4Ck##wp^ja3mf=zs_AMK$1s{@WJa!&_k^Q3Jz5tV;M3aWk#
zOzUp6pxHaz{db~GNWsccVNC3qba^Ko7Ct)AmpTk<*l2hv3&9=adlzdj*YXlR{Q&f%
z<1NZ744Q0;y3f2PYTBny+IXRK1P$3=Y&FC$^&*U|<g47S%}-Xi|2S}rY~Q-3eQ`?+
zXWA<RQ)}u@xm&64qB%hjfoXW*3(A^#jh0e=hWvwed?z3MCijs*(I2`OZ$nfWB@%yP
zMs>MVOCU8T({q26V`9sz>#Mf_@$#^9fu&KhS}jQ2875<mjoN}12Y#lJ{|h{r<JIcu
zsNG(iVM!)CpH(x${vmnmMMaADVju3q><WA8qwkSIPEbu?@wqs8OT+DS>uplbQCZs5
z%-5nBs161J6iKkm-S~xkD7dB)Fe<9(&qx<MORTm*Oe2^I4zrHA2UiX)Dw$AZ+46g;
zJSh%bno+XJFI`S0KI=BBTL%RP7iPD9;%Wh1Vn$v6quKPJbykisWxtx*I};pgCf@G2
zbRg%mtF2J;&hwPYzDr&!l)>+tCrVvPo6!ii;#=}grADgsX*Va^vV*!f);$|8-!2e%
zd#+Lf3+_UoGUJrap6YsrLDZ8V8ia6Zqq=!U>Ywi4AEBBPrMJ-eC3>PdecQbvd$3<I
zg7`|MK~kN9ai)^<wZ5O^j^-HthiUJ(uf$wt?9x`ioR;@f(bz_*`YCniSNfj^nV?*I
z`|9ds@TfEG!c+m&E;S!}D2_)<?ivzKy?G9jjLFA3i9TbJ_d5HgA$oB4xKU%s_=+yZ
zATD+o@QbYkoN^Ta|If$S^ctGyoV5e5wvVoeohtLeT>0V|FOT-bCHWwR#=ML~ZyhvD
zv><h&ip#UY`&#=X?DwOw-$E^Dz^~lYFMw9zu{`EbPt*YN@BCFeNRoE??&3CR3QqTj
z%D^!#W;Owjm)C;~l-JGbh*S9D5Xgceu{am&lIV=Zcj+^H{&Fq!>~PmUvWzlysaCT}
zH{jqO<L_!+T`|kP%C{qJgr{~C3vswaG$plU@6~3KNXVJOct8Ct9Ay(*YvVdsKYY9H
zTI~kRTj`U=QXzufBQBgV#sQT0O?ZZBQhwENZHXnaPzznYA7x>;Ra2(a2+2jIQs9Up
zM6Cs`0|(xJPYEF{GSOaobtm9K3upxH_er2DaF^ZtRM|EU3AfwblMRwk&Mjn8F9Mv+
zm!Bs-NEzLo-Lz}{Q>$p1Xh&nECkng5BIJH39f0!55O9(<h@{v*^l0lCzcLixw_By#
zqGbWD#P_V@+uJ{1eaS;ljjf~-Kz%Ibl!Iz_U)|eBYzO+zbm&W%m*^Bxo5U-kKi<Tn
z!^8{M5eApOG&Twxs-e#47NzNAPhTTl1<J-=wa2^|p}Ray1wrH=ksQ+c@KyJx4z-PR
zfKkk;CYe8$kZ5^(15pkNAw=SJ{(>oe%GK?DaVnaG{od$auPP2=Dc|HT!V50L%}~9&
zd5gWwDboAF*2S*K8KyeK=n9<A?xtFCdweMXXya|69NPNlHl@&C>P`q4E)igyW%#44
z_Y`(zsB0ay;+U>i1?sQti=pix5G=?<c%P?OFmLc({wot2Mp$vOU1WWBem(HlRFGz+
z(8^;$aZ(VPhpo}WYBG>+<+t>zdUAEHuXg_&nyohu*PNdJOELf=?)rDMA>@kYsY6$s
z@bB2Z+I9NKSdmr74CE$%S(hv~svZ+kZn~;}dd}%UgB;yNr09FWjo2me2}gM*TKJ+#
z!H!cCyRJ&))fm~*zl;{MOaBsEy15)WvufAg1k?kE9Cd)odH9af%4U;D!=lXTLDXg$
z!^8dD>Uy|T8m|ZT66sg)IN*^RK8XCfRjV1RP(B>A+A3CT4##v1M+Sq_=<f;6EH%Uj
zGv+kC%jTpD+X5a{1oqWnen9@s(x`{j?0ei-%9-lGTQ?MSzMOhNC~GnaPTyo=$Xs)$
z<fk7^;5wvce2aa<+oDCS?(;9WgW}UJse76h1E&0iW(HL2<MpbY1AM+NA6Ft8eSHc>
z1HfCv72f;ov888i#_gLj|I6&=pfIb|&pq7tvYN=uYNLvY+X`@eWwk1Yhw#IkkZhHi
zRKXp7m@6p{1!KYv%Kz6a!2iz-XZKLpP2&$gM3{lxSh*7{JIgT1>C-dlR9<=M907+@
zvWj-mW7OM3V*IOVYaKm5{KB35W!jufwzC4VG?Y0i8Z<@a-*%Swo}H*mVH<75_!^$1
z7QBGlA^5M9_^DK=uTkfiTgzb)KHZ`02KzbfDy&Eb+D-i2!PT9iU3Brl+-lmV*enZ&
zmOJz++y8+xxi{c>H#6a9B(TKzto|xobEz)+8Wg}k?T%VpPd>AUe!DOhHWtp+imZO9
zSP`xZ-(KA9-#I|)Lk&feF^Gj{8}DaGJJ+yWKsX@qXkx3{xLhUFjU}Lz5|NzNO>^{n
zs|*hCM20cFAB}EyVd9hX8ou+LK$W+qc#?VkaD-pqww|4>C4Xe2hQY{4lk>{xIbGtO
zEtF~#^;PlS^tDQuTh3*mp%Kw&q+Ai3+W2kOt297ZeiZ%uXuqiSiqt&^x2dh?gleSv
z1bR5w4Cu}Ignz)~u2xTQa^%&ow=jm}LProq_;zYVqS@z2mEHxKXvT|H*V0U6hmtl{
z&#hvii5%8r@;4%`@~3gG2za=Z8g^dCnnx`?Mf$x67A$>{DqoJK?5Og4zZiDdU+64}
ztdl2_30TH-^5?rNzH-DIGi6<AW?g9voDU+ZW^%HnYh*v~zIpDX3rv%TM}`u3!Jvdj
zNr*|<Ka>K=%IR`1BH^M*yyOqImhC>y%Rj1GA7Y!W8kMR>;id)0HbSk{DquWw91+5O
zw8(BN)elG{(^7;!c=5Qcmn!;R+pY^Ih52g+X>(}14YaD(41g6v6|Kx<U|h=Q>dkb*
zXaGNMkD~VsMF(l7t#=ubizyzv#yGYEbOR;vZhnQg%dP%4K;Mb^hILmrH5l28j-{57
zj{H*e9!tol8VDkB5s!O^Y$cHTU65X53h~IQGt^dn1<x!JZya4+w)awKm`A1v<r{Yh
zMz84%Ys;fbs7>-sT7A0dsADx7u(12`0glNZ1ixD||LPT^wjP_J5f}-OI`bB}#a$%?
zZ)+&qgNsOUOmByb{k$Na9gyJ|RuHK6iH$ll!fZ^^MNDZN>?ob#%?wxu%)<o&7ZP1z
zHy$-(3~6A?6NY{bn6N#$V|Dk<K}f+p9n0M8^)b>L%t5WW<e->H-nz-MTvXuhD7QSw
zoy#QtAv=(<dCA)gedPITesvrl(WJ0;W*^%B9V#igGnNi1lGIN#x(mm-n48fRCb|*<
zLSHI{-b=&smnk^vE@`&;b15A9YrHhqEgG~sbEA^w`^L(UG0N;8+fT38>^rJ`b~Nr)
z1muaoI!1;UH;M}6aJzO@v-R{+^q$9$Af7OP+G4-0prlC=j0sw^e!zO9pHZCQBwA8!
zDu0Dv1Y{9eW`MNnWckgorM9~KTVj`SFkmE95KbAl45F;|xk+s%>nI%2Z8eukh~xh4
zsNLYoUtCp(m>T-|7)L>@Q^G8X56x6Oa;ee|+FUTBgZ-fsSAx6W?BJwKhaEN{dTbZ|
z4@~(6k)BZvSm{&$Dr1CB16VfXPyelSSGBhh11feTp6vGIAk5D*P(H9h=DRAYpf(@l
z<cQU=F4$g(c4`E?q9khUxjzEqbKThkA1-P4w)}g$Ie7&iq&Qw<UpfEVc!@dV=eCPl
zsD&z-LO3#PfwaK<TrvC4s#(SI=M0iV)nHF;0n)MrwE=w&aAaww2_Su$>k3bQ3r(U=
z;gn^AmGVjggn`dGQLC2tTwi8%_(gp|p>sgbv}I$B`K$)7QO|_i2i2liRdxC@N1mo?
zP<YCWAs1xlA&RwUyZyRuN7(@HN~o`KRtn={e270w2JdMFu;?-mWsW?V{c@k<{rO5z
zzR!gw8%=DK7M(oZP6uf))Aj~lJaL>*o`YUjVU*&DQjBZcRK20qL2u5|ykloTwS9D!
zX}qaGeB#QS)>d$ZNJm?XCzZe5qai$PQNunwk60`Uc`qL>rbKoZqeP@m=OhfBxjt3y
zgoUyBhbp511ml*Y{%7j#*ga98Qk~WK@<No7bF9}D;o7R5>N4*Jzm08#qNkZw(NDDt
z>xHz0IYqf|mOKuiG_j#|W0l(=!6lfUfCafc4)%gS2KGeBnN*z_r1QgC7Ci@W;UkjH
zcB_Z&w*R89o$T9zw|LvnW?{8md-1|cE75%Q*jnNHF!}6eb^y~9%rXe@8nJ>K8w`<)
zpFsw`c%@zBs!(gRw~<>-M16Ug6+)NHN}>&n+WvW{_F2xRC`6J>gCoc%7z12fIN_(4
znanNU-2R!*jVx`dhkD%jaDsCSDrYNn)IF3-%2Y*|)!I^C^wo*9FbKag8u#~JjX`)z
zgltp_Gr58B`c;?`#oQT$pI9)$vqr#UKrT<49i2s)`M`4k=#i^e?7N^4gH!rvXAC$n
zwPx07JY@v-Hd>iWYD9V!s2}wXf7nlgY?!yb4eX_q*%F70v|^pN|AefX8mxSK&xS&G
zcc|}gTk&fB^%H&^PsRuENsyshB~e>eyXi!mTeF~~vJ}{US6seK7F!0#rWaIekG}pY
z|KTFJs76_IocT;c)TYODY=cq=t0fE5Jpz9K845UDB(x3;^ZZ3`+4*nfUyZ?1g1PIn
z{@j#J7um||MqaMPZ$uUh8ga+&{F$_Bm-cKzxKn+(AfJ!3f>~>^vw|sJ#Kp6M#uN5<
zmeoFI5VM9_(gqILJ=s`WDv>t@)qob_<4(TKpirVk0YffErcRA@u~k(7<l&MdIninY
zxEny~hmSYPS@QT=k|k4{(J3fte`;ZMgqsGl1!}*ZK9Z>%w-xU41oGn2i)h%CD_q<_
zJak>~XM)ggPosM?GXrJ-q9qGrmv4IqQmN3jh9VeApf@y0$~#pMW3J$*zxdU7uCjw?
zqdkT~!k>QCsoMpeVs)mCx?Nh4gwd$Va|@VoRpvH`{&MJ)eS|<)1)oCqL+A=ls(j6o
z{wdcg7Yxp&Cx>n7j7SQ8)p1(Tv!&B=wt_IrEA_GzjU{;(sz|D#%(Mlur0&Z*-sUUt
z$15<G-`#)tp_*eS#6~h#uuM0#l{Q3^(GrFm{vAtyHSvnw;&)CI%iF626ZJ1{Khh`2
zYC6o~GA^xaaw)^jPCcj}EMPopN0upXT?8g3B!H=A&A+P*<hn|o$9T}Q^t*qhY^W!h
zp>;|IZu$8;Iyv1MkKzBUu%9;oZgwf!EB~&pUL4a&jC@#ljl94<9!;el91kHwF0J<=
zlouf}gDXwyq&mv2M8@!kdHia<7GY~6j%U)C8<M_PxCcA!W>Y_tws>e}o8$^_MppF4
zU`w}P-qHEGCV?JZFC*dK_l?J9C#@ZpDudj#J=hXw46Lgu_;+Mlnx368;6Ax)+qyw@
zO7>i8ID#G@*$rO$GL(C%p=Xoet7q_xfBuofU-KrehhLS^Jc`RA=y4_Sz&LR=->ut8
z?$}1;Aae<WS+kyDGo>s!S<TS>we$VzIL)r{((sqSd2dncFJR$_Na_z<MnZ3?stjAo
zR**7#Bj!-~a99ZER-4QE6M0KvF!6rWx{I*Fm)~8z#V{IRb|WyrR(2sLSvB!pMA1Qt
zAo4{*D8;t3*0%UH+))ve&mRUuxn!3SXfRbyr=UKZGDeqwd(()ba?g<%6}g05MdU|+
z{2qM$TZlZk)#xpw=w6gK_t>6r?ATzj^leC5N!dt39fHs8sh~=di1$K{lZ?^fuDh$f
zON%xh%(&ccmbYf1)U6(yd&iPR1;BZ{xWGxKG+KtE<oi79WbNnHUZh+W6PPFLcFx8{
zDP>=>-rM%2{yQD~$Q0&=8#%AJz*r${HNyw0UrOHoZek^+Fbq-Eb&uB6>cT!pPmkt9
z`jTiybn|sl%*`98?%+%-i$8eAhCD@{YurWTATj!MT_>M<pQSWGWHd@#1+&;4Gz|N<
zq%gi*wMRu5=onyFm!TO}yQy&1OPB?iFv-7T!3XZ<@Mr@!qRW7mql$<$`MnK@vERuO
zy142<Xx&xy<wr;zX|<da=~nF5#E!&Gt~<-5v3zDv|Ed;(%wgjA4Ph2vrw~)QR#v7@
zSKQTa)B>J(%<>HKEJZaFS!s4EL2bD-J^WfR%(SQ_@XvsudJVGmQ?-d>AqYU}hae|Q
zcefEUMPX5k#L*b_8S(FAzf#|jV5)Ze_5Eew4o|4M7-jBIUKbuAA){S><6z354<Q;H
za#gx$>2uLJ`;oyI_+>zQ^^V$PQ1ez;Pr(;$LQ^tvm+^z<M@r@E#B!!?>pMaRmlT<Q
z0$D=nnU`U8s6lGI?3vyUcYb)>8U4@U2*rn<Al97T=?+mD->Jo;>OYu-T5f*x%JK;>
z-JD@v7)W%-KA^(Y<*o_`1!W=((9J}*66hM_ciT#>KLLyji$&sn$SKzE7NEpXFX-kM
z)cpsHL2+cQnmNF!OY@`%KfUw|)i9@F;?ZbIl&j$(J9_p~;aiCfnKq9T9?s^=><VFp
z;*!rjhV~G}!2yFYPEooJFhAw44?^Imn`LJ8y1I64^jxO>yW7Og2925-)rfSrvC3WI
z8W8!Xn0;Glob*iw;17^$y}QfeJ%-{gF^hsS1GL}f;CJ^Y=7V6PkNe%h?wCPfJr&Jr
zkLeF{t*W=E$T@n2tK?f|eF*I6&#A5h8`<tWlS;1maI^}b+Y`^g;iQD@VL&h!hFRYN
ziz%7bOUe2PQfs%;T#24@d5i~mDz`~Mml~xN4sCr%KaaPHWPw*8T6gEP^FSpGV>*KP
zwuONV3uj%A!~NCb0fuRgb9ziAIfxQBfM2b?J&0WDxN4M}p@zPM2hDb-o`1zc#VMhN
zthp^|#X<C&SQ+1TpX%$Z4U>ao!orX<jXb@!o~f4r{li1j1V{Phie~CT?HZ9j?-mt*
zPDlQE&jzKGEx=z@A}yRJ(@7{{n{WVe$Uf}yE$%AtO62?WCa~Xy`0|MuO8uphZK8Bx
z{N&YdFB-9E(MmQVmt4fMI@>s5cZs7n&HeWgl$fyDPnQJu<VzV0BsrB_Ds0d^T2miK
z3|Y|LuN{4I_QMfYp|0v^22%;X0Y2jG5v*@FnV~v!M)L<_#f&Nl>DQMIeP(641HKGy
zft{lxjF}{*nSJ$({YUCU82T1)<^o@*-n?J#sddj_`E%O{PqBHNk~mghMzbV>+u*EL
zgygG|%a?4dWe>+;v%~YQRPa;j<0_NW!R_<ug7EWwsM-Jd4$<N3xm2**_b$xe_q)f}
z_2EVC=kp_?Ah?6q>!A3sli))bXZF(SR|{#tmLD(7F&!5_C3R~t^F(&a+yr|g*GKr@
zQv`6JhJyhlW%rkWtg%>6Q0c4x*&GeRr!OT?n6c7(t5Pt@3U%OYVT*$s^~_TTAC+Qt
zmK;Ha{7^OLFaj7CB39DhUdhO44es+mYtJpUNZ)oZ^ZEL4e)pna4xFLJ@FG~5l$q@I
zd3Es&@*EKyO9$t@dRa^D*5At7@M-7pT4>|!j4;FStBW&DzwEfT^_?j;z)b#N9kWI3
z9OE6qYvd+asD9h|aPEv0G~olkIN-2ar|{(kW{@u7sZR3>st&Ek9XnzNbsCWK9dmhq
z*xp^9O^g0Yb8P7<Jee3eyZU!hMWIqlzm!eR{%AnxQIZ9)ycjTjdO9jFZ*d1&`u;zq
zy>)QiP>`o<W@ct)rkI&IcFfGo%pCJI#uzii%*@OTF*7q`_9ip4JNv5M*1mdwNIE*I
zx>DJypSt_&K0T|p{KWm7+&WS=f^PMNmm=8}5?eSwoyrlhHDtZ<!PQTDpAq(I#r83A
zY2y32Un2c>8ZdYl!l-fISH$o#kiSDQ;GMGbXf6YY8CV|t`4Bh0AQwmJ<*5X0u=hLd
zcV_+NRuY=xE{-u>YJX*K{<{eql4c_>izIyG@WfXQ8NY>JjRO-6!A#gN7o3^>uGc1`
zz+SY|S_^ljmhumVPGN{0`sf}#6g?WhQtmQJh6j9$1@qTyI}Z)9b<@kH0Q6Yd+?#QB
zA*7s+m{oSDpLRI@bAB$u{_?sgoM~8O6|u2Hw)v}d8e{p@uc`j9QRk)E+D*c)jkv$P
z0s>$@VZL7@Y17X`&jp8*1*9)d4s_%xixGJYs0iK8>p0#^Im0`F6E=feQR%K(xRc)M
z;2$sDhJ-Uz>GQ|2H8^Bes%lmTc}XFayN2PcAgt&iL!m<*=ih2f`k+kMe%5@h!IYUB
zCsPvhsIU{$MB^0@Eu}Z$H&W6i%^FLhqs<%GKt<U1NdNxQ7i6c}m31<Ex%r@U<+Vq6
z|9SQsm&RU&xECFp%G*&xU02!7V#nmdq3F)h0im;o)$!%iU05DL=M=+av6woF>o|Km
zxpE=tBr!48s%FoS^=klOlDi}Ly)uW*=hC0Pb3xG0#tIPssk&D#^PP>fECTGX7j6>8
z;>j_tK^7#Ey>?Ffo*KsW`Q(J6Vm7|^k8uXjn{#r7%OU+{x9K<iIm3uw+RC;)ET2X>
z*2;Y#irhcSI@(iLn2e2FB$8`jread1@&m=h{_rgi668lSSj3(=f~sK6oBH!At-MZO
z5s^&Df5oVqq-`oVgF0IeW(gRwF9LBpQbru9s-|4Y|JA#_l#j=dIb{!iyW~jBqPY>l
zBJg>Ly&qvXN{{FLd_P6JwFi~%fhFj>#KKVnpUu)ds3n7)G_pwQ*&7Vb{H?>#iz#>z
z4!9oPorHp@{X83RJ#39qEo%55XtDjwxEH`m7-2l-bQh)kiG@zkIG|Ayv^{Boo~|$F
z$#~Sb?lSAV={ppN&7fc7*~>=Ilzqtg!z8i~@n$bsLXgfb%;9Dt+`pAkFx;*Ztvf^R
z;WTf)_B0=|-5WxLJ7`@Y2wE@Mb0&@JScKU1>v53U)|^Buv>vAK3^A=YspK@iNy&AH
zy{ypj9(~)kgL=9OGS^GfA`5T{)p@~hH$e{tX9V2U#7^4}CZPI4_C06A-nt$B_pdjR
z4}0H&=Ht{)YowCIiz(%_CJy6;_EL<HpYu=lnPaHCScv!q%?KIl%%uX%Y{BNwm;>tf
z9NcrpCl#st8;J`ZN)bu#1=sY7++a67{mj7h4ZQr!Aph>ef-H)vmG>KY#tCVRTalOO
ze_ywo%@mTy(PXq>#R{80QvhBWi0OT!Eqqhsai4YMx$QsS84sb}8O;TlKC$MvjEQa-
zi<jehu3u|Gs)@OQk1oKZFXa8<Iq*7b@q$xvR_|NhWAQ?u;yY&X(h%6qDWLlPQCZf_
z$q5}`<1OA?tZ%RwvaBify?a?x-{8mJVPUmz>hz|!;P`L~193kwK)#N09L)>SS3-;j
zzW=@3eueN}z%b8mbJ%<7@fh6bdHvXwEUt!=7^lAEAOV?O5PsEJX5z4lpEzH*?(_!<
zR;51T(F{iS<=l4!N}80EGX~=;Ua`VsEi#LvyfB6zvoF+uPlR{_Bd&}f!z(527XW%j
zN-281zcrh$R(b4mlp`16xZ5+u?`MsA()f@gC-OaaBR&mPh%Pc`Cw^(2I#pi$^N*XF
zh2OvJhy`>Z=bgTaYpSmd>=ldQvhTZM$DI?v!0<{t$Z`a7QzC4)$iv=?jX;M#(kW~t
zi2$>;$%D}d3tnZP@3{RT7B45<hR}VM7^bwwj3kM5?{6BH?tFjs+}Wi;Lt#F+${Zre
zCu&&gnmPFn8sp(<8TON5%;Sc}8}TF9)mU(uiR#Ps#j5F5A_c`#1Vt3rjth{QN9zW*
zbFDz-n%KW$%(3W8|L_M<pL#szuQvn>Go+>nVS39^yQ3yiIfFbPl?U9L9aTYHnko=d
z-wvlbCu>7QmhcABvTKe}@@K7^HTR$=kSJP`Dd7ms%IRz~^+9e=FU+bxkFa!_?__J@
zv^!S3Tlaz=OQ|9)1By1)AB%56=zY|@u!jp0eK*x51G!T=%hn^0Z+;MMs#k$kvsmwp
zW{#ES4!c6a!Z;1CR^p2|#Rv#wBsv(0z0qZrQ=`NPkpmsEbq1bD$mrOp_$x@ZqcR_c
zh!iz0M&)4PW9uwxHOw&AD#<m43V(v6ktN0Cu*iCkoH$0xsW~maI*u8Yah_Vm*_H?x
z`Whd0x*Mc~d9o}jbyYM2VR@ozQd1dI2KsA07Dz=cj%PM9crg@X2py;kCU4AA!~FT^
zX*Te#LfFK=!VSAK79Lb7ZPOd=3d@iLp38&*t56wfG(Y2Pe%6k(PKT_s45^prxivI9
zGW~gw5{=u*Yu+Ew{cCW6)&dZQkQn_1%bv+>-kAjTL8VUPTBUC6!8dv0oRpXn9(Xju
z?v)y~?vWY|7hRSb^-Zq818(E8g0k-FCBO;3>JTzgXpsQOyZlL!eswcBOx>r98)F)R
zPzv1)H5*-s4Y<PNN)CeM=)GhXs)h9#N$mrrMuM%rpBE%plZdP7Ol4Y;{KxAF-ux=F
zL9UUEyVr71eQFLi*+u~BSwO&w4kf73P?;~kMN}v>`4_uu9?mG>k~V`U--lQtJjf_m
zS&8)*t)^KKg+u`W9XvJlko8(!FtnG1*G=!1Na=yeGbnJS-VAEx#*D!rZu9lTDX%fD
z=P0w$8h;^gDc*!*IW!@EGx@F()<`MR-j?`#>4rTmXDUI*R79PSXpf(m#<^MmwP}eA
zKXk+Oepd<r?6Y*z`A)R;;6ct%v=L<Kr{SJtFAuv72`8faDXB&6I7)<(?fHziqA*UK
znfKsoOh)~H=Wt{gg$Ar54@6}mLJrw<e(P=y6>2+n72NWRYJv+ADg^-W%tu(}7lvs-
zu>1YONYMFvpr9=&jBZv9K44`j)#lfLnK2S>i;7Vu!^4Sh?DqT%-SXXuuQ~FIYgbRn
z9dFh+aLO7uLJX@?Is#r<1fI85?9ac%o!-B?c1@j;Y-~j0ZM5w5!Jal6ps|bLJ)Kq}
z{(%rp;7v!uCg2*(2V<532o-XOf;A)3V_C?x1g`63bm{Y|dTtlX$E9cQn|hbat>$KA
zE<C*5PZXNZwvWl-@lL6-Ntwxc`ETv38p6LiiMS?iw2kpYT3->V4oIB2BuhQTY|Wbb
zi^Lvt6uxp5!-2uF%Zf+wXzt-;$^?E}*2OqN69+NCh1`xw>8&xxy1h6&ACY&6j)e_c
zjKT>LRMaM*%iw{MZP5@DtNjkr*B>_8BzPfa(t@u-CZEO8U}^W^DSi8-cQ#%e&(UhL
z3daF;K?Pq3{|$`##%uMg3=*0=u2&kX@5m4T4U3x4YYLk43(E58bOcR81(gS^-h*XA
znl(AOIiG3=y0bfX>6yr$P(Qh~xeK)XMeXDc5{kbK?7ZF+(b_}9#_`Ed=B!#T@1PIN
zhZs=;Lg?wFWPfNTWuq#zViQUULtU8CQ1Wqin&`(ZVr03>FPX;Zx}5UEUs3f`dX*v3
z@QTG+P2=}^S8xBHqU&1~E{5tatx<eAI+NY>U#ffATwW{Sl6^Cf!x`<8>YP3cjqT@K
z`M|$LckR1&5F{cYpa*CLPa?#?)6^np2Vi6URogtRo2zX%ds_5cZM3_J`B^l#51c2$
z^cmFSx;llRup*=L;TFxnhpso)OPFKFHZY+fKmOL;;TH0qcqbu<f1(%fq$v_)W3|~j
zlQ~A|skZ8==RlXnLlnDzSIh?1QFg9yASoU{eScl-jOiJs0<Q$r&JX@#`s;dKonG#M
zU%J!W0qi~_+yU^ucia(Qww@0iIJYyqfv=^*=V4~|*AR!#B{Ryc_lr`+YT(d|P!}Ie
zjNW*Kqakax*x|LI3cgMBrYp7}G52Gf9-G~JF($aTdu!47G?{%=G<;;xFRn6?Cn55c
zMvMNLM(e;^P}cl0AszrJD0^5Fy<K3+3Eaf;&I(KgWi=25Wr6o1ru<Sq51hze7D-G9
z`PogD@q&z3Os7-6-L@RFYOI5(%u%w`0@H>mJ*&ejJ-qq<u2Rrw66)NTEp;m;s3j09
zNl3L41pcGKo~L$|?DDr1+PBC)zbHs1cv9kz7!t1yO-m4oN~nNAmueopS)9Xb#ZU^#
z$?M~qqx5iMQkhZ4SlV)t%Wq7eQNGfC4g$L36uXCRAweaEljx<|le<0m?3dC<{09u`
z<Y|&U@U;a8$vM?AqfZ=AH#8JDPl-fP?$(N*&{K6rHjXz)4Wj4la?Yo%()A8tF+S;W
z;%uPARsaECR>Jx@P+t64?0z`qkKUo!U?=k>VQake1+gjPG*YDgm6g1QtUwmi@%!)f
zxSSSIH*u)&G8Jf9jxgHfxcm}15-x)R3S{ogx|mgWMI=WAWYQFrH*S2YZ*cToJOh|(
z{l5DcpnfZ&C@nlj+!VEyjLRBP;{yb2js<;OTBq|bc)cZeU#pJhUnYodPke)vj$C-s
zfK!WsN=Nu`dbv};E9Jm*H?7f<JHo{iptJ%1OKt6_oNZ3SVdx7s-4y2G9G8oLYu*u;
z^X)dHJNl-UYjhZqLqonBN7oL5QR&1v7+3;_if>trJ7CV(_OE28(mO%;e!RwG$w|ER
zOhtv(_Nu&~^X&6%QvF}`=SG}T0lai!<9BaVz5N8-nIl~z_IhSHV2vKgw7ZW_ykiBx
zbSq1??w^vbc&dK*YLG#pxRlN%Ck(~n4Kj-4Mlq=UFJr9;Cpwtl9N7TT&}OpM$+r)#
zKW=VMJAQx^&+!GUS|q%XUR{N0reS|{o@ZLdMij`{HaWLnN;0pHX`g|HEnC+dt?Ukk
z*{jcIGi1!fMhkJBz~=gpc7sQreIAKnNNXhdgjMlzj*NFDqOudZZNl=lXKp-z+~@9~
za>})V7eB5XIzq!NH-?^6<;7q8Ubm-kpTVA5dGGD{JoS|%jf)F8l9BBO$1auDgq^Pi
zkg+hqsrMzC86{6bYyy=jYz4kjFFo!TSzCT^9vnA^e1!8T(Qrup0WZp!+e5K9xTjhl
zNZfdG&rt#o#(spU*=Y{K2B_{AGMZV|^6Gtmc)~UIWn86mt$H2{+6Y`f$Jya!?diKp
zu<2$!BAmxlTbaY8;pb*1K3y5a=o5s#;h72=uj|+LWLPi8C@-#aOV|Pbj&~&aV;EPh
z)#B^^IhM!01Nt8Ctq)Hx2v;7xAYx{r9Nn9}1Jv!|apGW2oW|?@;qhNTdm1^eN{<x|
z&^pR&JF2)-<Ot#=Z@tuTLH`<a&gA*S7T%s}t#BQErD4<#bOruI^O(=L^_AP1bHFz+
zbMA-0e&!q`xf{o=!ile1TXu=B8s9`n7wra?^YHA_7<bVcFrZg-r*IN?aQ|BD`d2Mx
z!hU;9+Ri`uY5$i2HFLqBJ8}HAk^$<Ezh-oq+7tymE*bU{ue;Q)FxhE=X(dp7QqEpz
zeyoZK%3?j!{OD&2jt49T#sh!?7!P=%(c%QER$7X0@;Old;sI{@&=R6Z!JprckAy7K
z%Wcbo&-B^N)9g4`X0x>S$c{BgBpixnH%)jcV_-SC8xl2M)EI}GSuDRqO1Ow|70X#;
zkxd7Qqb@2yRxvzU4Tyj~7K+)TMi{W6<aq0xAtdofrM~xX(!s*8D<16e%2Dv+tXhQ(
zm&p*+ztJmda)k4Cpp!<anDFzR^A_(&Nvk@`nS8fS_>w9oOh&A_rGt!(8r9;pVYp5E
z?GB<`qn_t_DCWx?uM#i(;zAMXwdlDeZ|M=e$*n-F2tOR`kYAxxes;#zpP+i%6+GPz
z@Jf`o2|$)N)7*I`$R1HKd7^xeRE8<CfjT|Y6Nf$mz3>AxJ~!OZ4=wOAs~R<A-e|pW
z9t0DUh$R=Wz68d3`YH2;EXtuTk_;5JvW|VEma(SS7+zSDm`@y0E1iyCTc*;2vs@xc
z5|am(PoyvCE1q{zG;NXZ64fB?jo?MLcSAQ42AZ05btsw8T}FCh;nqycl#Xm5a;G#~
zbCiyNU#XHiNWtvs9bG8k6u4lv1C6U6U#`;8FW~vI8D;L22hhX?s*^tS$))7N@em=l
zqH^^IARTwEMbp9VnHnW{qSv)$yM`7E(~}qQPFjSD)?)XqmPe-#a({E~{$VV!51iY~
zdElIadR|R$>~mqguxhKsqS!1h{8vX|;vNH~i+WS?(USrbWYbS#Y;o+>%3l*|KOZki
zC3G7ErMz6Hp9vKXu@@p0#mXH_%1IJf3dH-!Li*tD>naVht9=kzL+k9isukSXtgB<5
zU=_la5X~43g1^n`f@i?mQ?%ow&nC0cZ^M%?vWApQ;L}2XE5`ss$1eDTp5Z*kV|Pb4
zbJo<}a?p3gifRnE+F<{58#Kb@&sL|xx@0wiHaX87PRpvK#+;I3d;}$-*Lf9$uh2IE
zJ!;aKOSo(7EIc$8zA1VIm1-qVQU2-z>>3e%URW~HAZ!J~nn4L*GGb!|dST*PwtxeU
zm0gY>N_pbCD2DS+0_8~dDCj=s+SEp7W|<pk7(7|b(#AwZL}RDJU*i#^F?A~=G0Dt>
zD8$W10{45Cf=E<)aj7E9k>L^J7p@LDiTd}9a|ng_nGPTD#rA@0dTQM8`s-T1ejRez
zWt*5Xx5Dd3Lz6Ks(nDzKdDe&Zpmm@uRv=s4RS9Lgyz8$)B0sFMARtCfu{=%};vxBE
zC>IZf>Dm+~*&p4;WG2yX62U}PCpr2)HJ@)fg3D<1+@DXk&493m4}pNfvZCb&NPry4
zO;2d85JJEDv$yLq4b#A$`3(gL^5_Tyh1Lo_5GhE)9lw^+YCQcc0G!X17s(NkTnix!
z=Qwe*K$9g?gh&33EIF_h9QyXvxh`=@?v|Bhl?8&Vc@d3LEpu%J!8apOaa0wn{$<Z?
zEJ*x_0TqD$J41i@Eh=`Dalrh901t|}R1Xce9D@c0Of5`ER!3T_w=U?$#+23ALY6-T
zL^yR(Yx3htJ>OjK=hBa#E!ynS-YqI^LFM!Btk`T_Wo9gn4xxyZ0pY`4cMTC9Ina|h
zdVq+tFD+L>?k$C*VYj@xEahley{op8=yb$-v<{<AZ7RjF^f)O^%hODruut&PU6jGn
zbmr=eceZxMdS+}*kn)#<?ddQw{oO+hz?fT1`>d8Zl{`9Z<qWKCgT8D_VR{>uFD6wJ
z9E1UQ{>%AoALU#=hQJHwo}<WMHo7k!z)>XWg&K=@r~(z!ql%K)x}wXk(-oc;+ia4M
z^U9FZzJ3d}hAqv)bM$7D#m&fZl(nN28^xKWC26&XC#&#MPFD<mP=>THdX+^Gna_9x
zjqZmRGmR<62@M(CAu6uCCK>l&c_j`@ichbnvGC3Vrg=!d8T#o^6SGU31bVScqfc-u
zRU+=|^c*>%oaeI`-!-X#cQwE1Xv~xlY5^&JNbVwxIYsn=v_3CYPY7H0du3HPr7^Kj
zAL?2r_SUttuV|aM!l`}+m)ry4`OOfYs0dJbvZ~hWgf<%Xfq%-c?)Yl8Ess>oI8<p#
zHxqMc{7HcMwTeavA8<jZf!ib0cBM<$_^GOxD$0%v>&I6W+hyD^9#LsoM8b2Xx725f
zqOBl!b<F`ZKA`m_y+;odbB6P+PhDE)TWio0t97FImGCOm(Z@~JWCA5%214kYY`^O;
zdp<o~&FWNdAx+x36F-j*EC#oq9fn4Y{K1~Gp5*Lu7Rsz`%xqseJi{x!Z=u}jg1Y%S
zRteB`;)Zuc=o<e0uxgcim<8VfAwxz6E9tvRM+Kme&q!v|;Qu{}&tSyII4iaa_Zti$
zI3a}W2~jUN!89tPYYY81*8X>raC>%1?*U?m1$)8mkz>IE*r=205fR%UJKE*MTq#`{
zO(YlTKyn|;$H*GUJh&LfEZ?_&^n%lI*=x8yNf8Da(L)s4W%mj(hpQzh!hS`OCqksQ
z3uoo<pUT`^?b~D6z5!oYKe67cL|i&0l1Uwd-`l9(Bb5S2>@Nzag3xnG$`lM49YLOu
zEG*CpM$PXp#TCFNv?*JInc9^C1Hyom6=8VHE@b&rBY5vWg3b5XVM#nUY1@Z(c48xF
zqgn(?RWcVsplT^i@bfN!4f)$1*mZXALQ^5G3$5Q;sj4n`lN2O5euYsgBKP+z+Sj)j
zk=jmGEcRHxdSA_j6=?np<j<Zb6vW+c9|((6v^L$g@a3%y{wAm8%u;iL$zBwvrZlqo
zDj(fgDZom(v~=p}LNtRb@G1RFKKr=7|4nC*G}uI7vM425P*o4f#F7QA7LP$8^{2}-
z#qmBD)W@@dh{sdy9ip(3Zd`M}bL0siLt%3(!k>v39Qyruv#AFF$@2~fx^8DVVEQIR
zheBA@Y{b?+*#!T{C11`l!@0P&{e7zDqPP?B(l=UR_`>eEM+wiHOoDmf*vsVn-rI5C
zJxapk%I@0w#_%I?G2b+6LIGNUxQ}DUC7U9?49N|2%OtNFk{wYilb^j!!85h8dUxX4
z-M;Ylcqh|IrtgU4&*#&0*IL0W`qR?_zrqu55*&51vFCGDVH<kis7HG5J;&{bcra_m
z;Im}3qWg!)7%$c)@0>3O82|>`#|t~s@6COnlm4jOT2+~pG;vBk)lnrPh6R)|cHQJQ
zuSh6Pr|cb$)+Jbqd~9*D4@Y4^`7MP_L~p=Gg4L?%Qf7<?9j%4D0GT98bxDw`30yKL
zJHgkU9ZH$M!B8~A9RoirY<-RXBz;cmf)TUoJ{u96LSTG<H~4!(WsffUwm`FUnT?;0
zz`7`tb|^<40Buyca$ZvO0=opm&WVpHNjHeB4lx_PL}%qbM$Xt@?lp_NR&e27TvXw}
zZZc)pFAeF-shGS6L@W>7$pC76zkrJqf>keJyMYL+V_V$0-&O;*Yw!<s(GDN;B(*8y
zHbVfVAfF8mpTI7OuRZxD`{mqZU9`_RbZD~+n#IdiPif#KZoG@|QeZ6G3@E3hJ$RC9
zZ1V(6vm(WncIr$XO<tPq&6L;KGb$qf@eRCfhHGjd@pcU;Hdmfnmp`)rg{||$g*8u!
zjaLw%P;-#JW77$;*(lD)jvW3q+7`(95V_q??5O$9j4B`EFNpSE4c%}m8$i<p%S;&4
zmamYGpQ`pUxwd1@k9pRuz?rfekqUCTwwIvYY@8~3i<nPokm6_Ong+DCq`cp*Kstu6
z7=z2WcW@38o}OckT;mNu3}#WL`V!2dI*dF5?@y=_-zlPLD26#2*<iLwi@dMH4mfIZ
z5}K28+?`$MtaS*Xq9b&FL4H!2G{>8p;6Zm=WtwRF38t)RBe~EO+JrHop#gX}u{dGa
zb~Lcmyyh>_6ie%;9X48wJXjS%m`2xGlP|Yf|5WNoGir%avJ?M&=}_xe8_F7^cpN=d
zqSD&nyoh`SK?UG2b$i;WgS(LJ<nWl27iY=9xIEnlGs3!6XpF;i%^Q4SS_zHZqU3cS
zy2D^-QuP23&<>-ERD;#hAD#bm!c&Z5BG9|kihRD$JX2lZ9tjlqMyk~1%s#mi_GP7#
zD!wb|S`gegnfOk4+KRT}-VSaFxe3ELkP|jbFVUs9s`Q-Zd+aLM0q<mQ-EJjpw-<(Y
zcaTM+73B&_;2UO2Ug4LM9v*L>!g@)1bSl$JQS`-KIws(I&)Pt$wO;c9wCa!qU}#ky
zEC5&(hUG>I55AtscnoDaV1ibTCGm^Sq~^1cvl^J%WUG|E0RJO_F|DD`&+cU#%6&{m
z*5*}zxy{{9m4!-l(-8pkaEPxR@IAJr;(=rT%ukM-%;>o>l|;OM(M%}XktDw>xg?jf
zoTvJV(=_Dv%p^=Q&&ZXgyb!D6CmnbHX96QmdwWH~*GGqU>h{j6RiU@E!{Or%@X#Nj
z#~mIrN!=f>tgxizf`yL`=FR1hO81~>GcUe4y}I5)oIg?@EzM-fR!P5(u0RJY<aUN>
z841|^p==kxG1tj@-)`PAcz;}z0jUk#-hbLMu*F1$qA0p1AywIfRJ!_9$Wnduet5*9
z@Ol$PG(ehSCtba@xp{<7FVl!%@T&d$<&x>jx!nr>m!!U{{^!a{x-e!Zxel8QlC#&s
zCtXw#**^zgTbni;BB1^AR%=za*XmRFGeZrDR&A?5^ZE7ibUgYyVwwMQY7&L6t-$AU
zwMFi9fOSAn{(6~4zfOE^z{~x~?a=+r!_J0x|5n%g!|UPs;hNi-oa|{%IDvGTK^Voj
z>zSK{%Zj(kR0Q+bd-t{>`ghpr41xPi|DU%G=NccRvFwVw4@A~g`J?>Nu*`p6$(mt>
zYxkP>nT(#I%Hz-jV9hD8UVf9A@>1ClvwN!yX6j^>L7~lAp6%CQ0P25@Uj?)vVb@Sl
za%<v}Q|hEBThvV8An)jm^HvHK-HE}jn&Mei{h9+dtF2K%4&SfVLK{rUXxhs(fs5*}
zM__Z;38Dh)i|KzLRB#Z~4}ey*NC~Ps{D~!JFKu?H!F{eerNL3I_<sCou0NmGb*6Ln
zR^s91Qkk6+UDsKU)sO{-CfgPaPog4^ZaLDyE#5K}(N4KTm^mppC;O#%dD#H8Tb|4l
z#}N1e&f_@Os(Yxc+=Nzd2@Mc2$N&<b+l)HucEH?@{AGwX(eZ%r%itp3{XIO{5p5Vn
zO~s3F>*0c7Oo(JpVr1MpiYp+?!pX0v?f`6=VOOT_F^~E<Qq|@?n(~UMl;1){hX<>+
z!7CJ7i#r|xf=o2<P^~ngzt`2f!Kn@8^84Cp|8Iu?#DXG*R^wSOF$z2U7@ELV3rnPZ
z+x{AX$jo2?6QdnlPkhX)a-CmJDajHBq_HwEa?+;Ic5~A9vl3~|PK|gtpO>T_loInI
zrxIq3hZu-ItATZ)f6g*sEXZp^`PzntA8DrZXFYw^W0b}CaAq)X{2sXN75*@=C5ozg
zeJsu9r`5=tsOqt<(Frwy#eX#<!;uEC$Y?+C_`llx8UFnoE2(`$lC^TrJ5r=0NC|ck
z?7uCpkWt9MRyrcJJ7X@JDlLEg!Jd(j{s}i}<`0GD?M!5oI^jZSVmBFhn$~s~j-URa
z*~luhPIDPTO^cICLFy9uJrdaaiSx;Zg^)4A#pWxrY(GI&UhVUzI|)GyS_B8SJf6wS
z;oSg1t(z4mC0-rrtl9Ge;!CmS!E7q*di9*NJizEp53oVq)7^)_L&0bQo%6G>Ggiy<
ziITck!YC3kG*(OB_n*;(Om#CcquhLhe)(PN^~3SZ!nJQYS9C0;ZE#!sk=_qtpgx|%
zihyYG>N~LM#gTF4m)2aCIz&ko@Oe4A@oJkpxe<9Y17PpB*ffr>gs{=u6NW|$yEqW{
z4lc2yq-`V4P{8*b#f(+qFzqh1@=wJ)9^%>_xvcgLr2?LT?l1B7e64v)Z_aNI`xkTZ
z%XQce5nx{tvBC`SS-QOiLakW2J8J|W&g>@ze4U5mFJq6n7(HeWf+=0AdWVdEQAqi8
z9HDf~uz)giC~t=ip~4`-^Iru`VMmrhwZxFX7c!u$O~4H9q{Td17bEF+WUW1!T^=Gj
z4tw``-Yvm&6pIEgt1IcKdEGS;cFYI|W8*35Sbp2)71d#b&=?X@(Aqa?TS>nRH*d}6
zZ#eh`NXYnJewx=`Tf1zs!SK+79C^k<QWedHl=TAVGf3d7HYH*}aU2BGX&)Y2htx)M
z{`1S{V>*7}=`y%rK|Nk^qn%G)=U|tPV9QkZt@ji}N6wx1)LAPWe@6~GRP|Buf{RHg
z*_YWNZ%xVgE7?@wn!m&W?ta#R-5hp7pUeu-vEW)z<_xP-2ANAC-JmzzBqqk!_YT5*
zIB9-3sZ!Q$F)Y{Xg37xOiUOXUA&}J`R6RXs*-+Qs7CjNRVA#j?)(X({V>(sgN7lbU
zB&g3(k{yTtNF7uFp?n8sZu1;=RZ#cz-ILd+;PloJ<i9=X%!3y_&Nc8Ud8?1;u7Lv_
z;6r=SBW~Ym{ALASE53U2qQ}2}ig?(*LaqgF)IB|0#9V>hLIl^Oz~5xg$LrYa4PO3&
zZn*uR2=3X*zAYx`VCKP?+syWL^ZV?yG}S5qXk|ck<&$QG8GRaXpCi56B5iTS8Va1b
z57Yuz`gS~wi7!6z$7lPw2m^+$4+rG&^5(+)ZlXXQp9piTkuK@N@_p+!x4&rQ7c(!u
z$T^>>81&JKnYx=eVEM!GJGu<eZLVg)mq=OjcETcB7at<pm6wmEm22b`0Btfi@kh!P
z!|Ssa%{t49#pPH;FBidXQW5V2;&_B(?OFw1yW<bmn(5zAcKF1<>6=8bk-i^)hx667
z!84s4##4;1#B7HD3*^BF0=YrM2i!5xL0(`^kHlVG%`f{5{WpHI3P*;{c3_>K;BlW?
zy5#d2M}CnxR!ja%hnjt@E9?0^1U)WY#SG^ue<<-GYmhpo4BlWyTUi=XB1Xu{Tc8Mr
zJN>!u$sYO}i-qNuuWB%K?r;r^cy%i8{An7Y5eQrA5HhW8?+;~G&QvHb1VV=Gss8zm
zB}lju9LT+xjxgR~r5BtDJzxq-$X9tHgMiIMhr=IlD257;6HcF{7|e>{8bc$J+Rw2(
z!O#X^74~8GsJ*o~mdJEL9@hy(5F-)hZLl`IW{C+X4e~t*UWCVXwCff!YpJ#;S5i4U
zanCv!?#ylJJ=vFVI&gKu3b;)ah;Gf#?{>zGCch2Do3sT3mp9lwcRwYmYc2ZneJ8fb
z-Y-lt(Bc9&&uM7KyjO(bo2|6HtwlJmlAbYR)_!ku9t>C>J!f2(DAd7rOq~bMBo~$z
zBOz|XNS&Ku9JS2&m=SNregEv(y<^;{=P(4dw-4KMjbda$U;6)s;%Ojj@EHE0_+zwx
zDBiFg{G?dG29m3Hbl^}3)L<@DdJKS^73vsfp$6}q?-j=sWaiv6A3~D(W0ROkgwCQ|
zklvHg*~hJO1T(n(1}eb6n7Mj=3~$m2@A20LeWU`geY5EhZmx;pf#ebuG@1&rRXGH)
z)o<-_sf^QJsSMx3GO1)RVk^3wo5bSBVc)`0uYje$)1&k?8rO-%R21<Xa|0qX2E7dw
z4mE*Ft36=z#HLv*5YVKsX~h_L$efyB7~Xp^lD5X4WWZQ5r=N<(tr~s0Waf`0vZ;lR
z7@!9k8Xppe=rW87vb4{(iH6i|O2R(~CA}afd$nV)4iSo5a(k0SiAIEQUMfP~N)fmE
zfmuS2*H5q+l`t^inxzo&!Rb(s0!Ut;ODFs78)uY}G!l_Hn;0IMsSysDWBsLDYGDgg
zYBfPXil>*>Vuw1FvfpcI<YP}bpIPSpIfeBlXNZI-45Ht^nS3VNV)Vyzj~16MCgqaK
zR~kQa8AaCS<9mfbBa0!_5sGbcg}Mmla=S#i-*n-aByBXY*fP5lg}@RM&oU{30eW`x
zC)OL$QyNgCk<=4R3wG<ak39l(EWo#-4MXL6ab{21tf>7!pA7MH{T6DPBRP>NUhxEJ
z+1)eO&?QhTe#c14s?6I+&5c)<FcKElCZ^*Zyyr?g7;ab|br$h3(Yl2a0AZjK<(l?*
z31BfqiSn+@R3IPYS-ox-H&=G)GhK<&MbK!l1n{EHR^6lBTLR!D^(rhg6_s4rhQi&e
z`K9SEBOjwPVbjd@^bcln(b=}#2g1crDQP9l8G0eCYBEfvI)b(~vzfVB6|(fmN8r;s
z4At&SakC+CE|>n=r~M(R;Ori6!J(a1WEwZJ4easUISSU3qG{4MPS)-guK-sFtl%BO
zj+&P0TW9x|N_v6h{5h$7x|D!6G@j|}mmKNBDPDO}AFIiMS=uU((xVC0OD|?5m<1c^
zT~FK3TK}fhA3uD;>Jr57D~d(-%EiH!zQiC_6ADD|5^q?7gWyKuZ#1YENT{kjO};D?
zFYQ$i2V+th>zrsrt?rp3peJCdJu<%f?tNCe8-dId2M{}Vf{1qas}kAky)j^W^gAVr
zFwz?6ZF-kpD5Y`*s48su!)u_7nQuK03Hm~9Zy*)bjPXao4`uO}NWs8Zm~(dhKc*FV
zt!$wl!em<z`5iW2KB@|HE!k}TDn7_>X#>aU1VC7e*ygAVOmboopL<UpNu6*+SkZQB
z&k4O$2n4^T>Pc9MGX^ufgUgEa6su!%!45ya{zV8LDvdK~<J7tlu@Q9|NqR|<r=;>X
z$7%hxta0jg{bjv%9x+HE%~a4z$}_CzE7tJ*5#^vO)Q*XzYALTJqS{z!N9q7al2dZ1
zlF*|kU(&k&SKqPDl(N%dqUv7fw2zfNjT%9rAYz{wz4>?nr1uq*B&qk6JwyWHzZ$q9
zfKXLr70=}`<jvmXq~I{b$2{JFy9T!z!wKauq_J~6`7J4;1NY7M+4&ng*3DjeRnN3~
z1;iGNjSb@#%r7Eeat7c5C=S5A=MZ<Fb-)C7pL5qnoI~gVzL6K?5?mLm20B3MH_W*F
z6>=I$3j1PmrSsAQnI_ET5dQnikFE}9dK+~&LE`)WE=1EMwFv(|WGGfA3>oX17XO>!
zYe>xEB{t_DKmG+>Smoo`v(9Nt9CT~z*Zhk85)GDEF7`@^tTHd$c}h-LVrXw7!Nr43
z&0{~@GVoT$)|lo{U}_|cQY|RjL&BU-3qI!mN(KV|Vm%|x^fwvkYutMPwI~|7_aB|B
zYOl<&gu?yQA&l8W7lipNal!SNI1cgk1~!Ik^|cp){Ld<$vG8-=K3GK{#TrQoVrARx
zcD5hZ9NPE63-QE2LwMVW6K3XAc?Gvvb^MzAP3mjj{SQjs!S(!k;5RuNSBfMlFrH(S
zXdPdcxE~HhFL@}M!pVHj+rqbFfgEW!1-Je!-ILTU`F~RNjZddISRhrOvu7#Q%E#uX
zoDz5L`A5~)(Ubo>RTn)2fhXb_KwDPu8u(@JmoAEuj-!Kp?}+%m#1)zeK|qI-FG{L)
zsy2$$Qv$H7JWv}w1xm|{dL5ApoG+c$O^gzyO~6D6fH${hS8ddn?uVvf<+j>rMgsqw
zIvXjuwPQ$()5;=!HwD!Y<6+}JroOIRzT*tu<azNQGSq6T9z!+#^PdJ`|0h#FvKlj9
zmNwen90*uG72lBdT+l7BZz?g(FpCTH;V+oo1yU?=(OH*+V+GY<T8(GR<`Mf1lO(V*
z59G3&&cnMzmj6rvLbPO0ZsRNry#W>i<$j^JV5Q90f_mgD6Et8?gY(z*6GlXf&%tZg
z)6eGiYxvPHX>gBg>TmnzwYqp9A;kPjrA;;<9h_0IT5OUi*TgdIUAoeU*TkK(o!%ri
zjd2u4<+{ffFJ;+xq|cLSpe*#)q|2B&bDj<o)-#HY1gtu4BU!GlD^^KCy@~8X8~R0g
z^DlQQ`6YOwOwbG@o@FVhz7n<wi%0Mk;JF&%OQ_2un8~_Ut`sxu`UfDKqwiMPdG~Q0
z_lf*X=Ru);S0mG5>t{8z8NBdjYUc(;>d6EVGyd`&HgM9}k!%}rbZkNor*5mp9RY>R
zh@*P&;E>#%x|}?`B`H);;vY31FInOncR6x7Qsjnc`rfAW1HJ+2O({3^U)E%v%<Az^
z%&-6Qc;-9CROXaEP!3Pzo!`FRK!Ru#mlOAOK#l7?ilyuHzP>~F!?3$62!--qi=`_N
z-H4@gJNo)YZ92I!v$v!c6Yh23o=vU{{ohzuU_v{!XudjCm5soi_qAOs@Bn<d&XHOi
z#v8%A7&UVvUz>Eh7}Ffa57wLoYLiaZoV6;0NY)xs#xlx^&y(w`uv<kPxi`0$FCc){
z&DTi?s1NHWIOD&d{D;#JFfon3KS+E*DuWJa(=;vJCKh{NCsGkxouU>2(eQT*pqcZ*
zN^Ir4nfvf}`WCJN6F3DsN*>GMgmSOBr??XW={p96mHtU$;`Sz?P(b{jh7H0a?l8KM
zd}-N9bR8g9yO-nlL<5#n@u8V~+5&|y!STtvdYX?x-ji7&)PB?dXY(d<>Ce)e&89gi
z#oyWtiG~+~eh%tHWbOiTL{#od1bF^McmMd(Zu+=7QlB`-V6`bxPA4<Nn3$((g0-9f
z-LjFJZ2tT|8#d5SlKaCoVB*+CH)JwdKN>c1iJ2cFLp;rf&IPITr3ooX5LVebcWosV
zngg;-`b5!wHQ*yyryfHpMX@ImI4UJYZoof59Qe|X@J7I($;kL-$IbBd1Vba$4!Efi
z-IVJP7o$K>4J|<m=z@1QBJNOuM!<!aDodxns@H*EmznC=042p6I1o&!0De|-Wi|Ns
z)JA_31C5+1>WXJ|wp`gm%y0BSYv-@gnIb<DiMLK-Lg4-|#vB#p6zz4fbm$L8IzliZ
z8HSifq#QK6PYbV##}H5Y_I+>_jfvz*qqu@876a;1Va218Wj+=`Y?AYo&P%pf>ky`8
zm>rMtZ%(1<HNR%urYY$5*e}){GhkBTFcqXKFsX1adf<rM=n}WPVDvp0Z^oR)%|;q_
z??9nT&`8CmPr$i1m3dOLBOFI`m0t@zcklZOcE5m#zt{Lut>k;`GTWjyRWSD8ShzTQ
z!64i-m~;X0=RFU}0f?O2!-oCuC!bSQMck6fC4T2YuBTevTYf6h7<!W>Ms`7z)d_Z}
zru^2Fbf4|-CJr&GoH+m@TARQr9XWUJqUQw#fV>pb9)B#MamEpKOrlVG*a{-Ue7dxF
z=jIFyUM2uN8>OBtIY+`MRk|${Hnau?7{_q(37;expEDJ#y3W<WQ0SeF^e*0vUHhSx
z(-G!pgNDhhA!Lv+z#;o3v?#U=2PYCO{S^crLq3>kXb}WF5hU#`UKGrP3&-NMppiuu
zI`i-WIXcX$>b~Y%`r$cpR9LM-==daYTr4BoO|BsGk1ONUVpayyL<$Y>yp;X$X3BJW
z6L^s|q5{l#vScTN+z^+Mi7S@yr(P6T8(^ma@LGtfbW@f@Gfh4=p#RH^fs4g#sufAe
zR_x(+Oojq&+A%x*-S@hl#g@MNa`k0X%fob-cwb3=L{}p>>gkWuP3v&c8jdUjOhj<?
zT{RZ16%zbor~f}NKGk`ew!XCLBw)ZUjRj6!iT88)8}fuX%HviKBq_tC;ao>emU7_%
zn1>|+7rsN*n`Kzck4YQLRDq)BTvOWU)%P2|1L1s^RG3j%JDJ(j2ZEt}EaN0oFvO5l
zcBUwVug-`tM*3^~o@;#MBDFzIHW-tGBkDNiCb4w>b?NpSd08WM>80eTtSKVLZAHC4
z=;cYTtk{HI8~T4R5Ajcd3HN^HXGmx1NU2&a6v)dSj$00)b}~uuW>-o!_Y@4l^{X*d
z>Vk>}6$vIT1qcZzPPBFfxh0MBSJ(-@auA8?6Q$a_T3V%T_J;gE$?MS`z!k&81AyT&
z4@TVFw(%kPbjkuP60~j3uRtz-$O*Ti&7*5B#8qwJGJg<;KOkOedTTSZ6a2kB%8Qj^
zCz$F^iNQIXl$`EzUB+<!+4s%+1dh*MCjN`{?_7%xjePJu6T0l0x$Vx`#n+#6hTn`B
zN%m*F!E1wdcqKPbTS8ERO+=-!>puk$O?_i2)!F9lxl3tc_5|Ckbo)D?qiuF)FC8;S
zYYemcD_LIQ>U&Z8paYx~(h2NDO*WsFD1&5@Mj$RM_FrO2QQmLZ{d%6C2`i`Z>r5q&
zawA3PKSY#_AlLze&JelF{PMvpaXC*P`*WVl-n~f6cj#-b4!XOo9v4TdXv}gCe!Djk
z$f6=8sij#}y0x%+^>zP^jL))AC7L95&q;pyN5+fx-M|IQKyUUUH>jUNr7Sd|^1K|B
z9&gpY_&5VI++vDyplsSlngqCHPCT~3W`9+(mk0UPeG^fam#U|omC(rvYQBG(5u59<
zg}?p8nbIFYld%jYe4j&I`#F9S4UD<yrk=b0r+W|yxBRXRA^4YzqYxq`VtWC(_;Ft5
zAvX8D=CgF#LLzQa`h`4p4TL?KIF74O<6G@K+8Ak?3oJlf9L>eawB#EwguALAu5n`s
zEmRR|Md5c;2U!@41wjfev5VgZK{|@Ys@8@bIx7z3;!Jno-u(nNj`qqzc-qsJqQ<ZE
z)+DNinl&yB)JSSAN&N(9+oePSoq6A>l!EAgmo*8Hu;vGsLNK3C66*j$CrDKl4{)S@
zFXbWdLAnN4eZg~GUHpk~Nn+3H-V3?j-JOl%!eL-DvmX0+5;7`NW#b+Xn3r(3!Ow=F
zlG0c8ZJ|rYu{lF$Ys(8E{>CdZ+azOx3sj;f*z0N*aHOc&^b))4Hhj=#R`{!~{rxVQ
z^+wokQ0_oKa8fx63n%_Et_F$C4k|0`;sgB5myX{3Zx;8*(tiASH4QNpraRAklEVCN
z(&!<8C950pyYm$qZO2j;Tc@&Kww$WN2Y=&Pn#cacA@v#yelmcr&a)69N@Mecv}`Qj
z8nLKU(3Z&hnilx{j*SJhd{}i6+lHe68}}f47c0=M35<Kze*Wye$zGa6k|4r=+rw&#
zWB3I{FGhZhQvt)r;~+xZr9873b%w)z6_#1+u7<>_r<!y!|28w6V!+aRwgJCd*_8Fq
zmw2hAb$I#7ayitFn6#qhPUr(f<CuXJ85>a89D#aATXv3n^w%3f&Ak~u9QUHZM3FOR
z<|~$m+m?24uGG7B*Qa*CrdYVtF7;035iI`CTGSSqn(&ITWp5l3>{H5|W$Yn1@9fqr
z7#86k8sr!QNNeZPXoAo$Pu&5Jo!8bopE(&+v4TRkhN1EZ$Xh9<Ic=949v`KU=3F2u
zAy;qPnX`z2sw|#In8^#qI~)6mIOJqej=!Ltg65hXq*i7fs_2d(FwxLXgt>j1U3+?x
zFy}@nxrkK#O?Uuf)d_WFg9rz7yMnG_bOV=#^2*ID+A4R2l4+*;S+KCaw})p5;<PsS
z7nZSdhUAwyQq?XH)upq)B~5XYzv}+RJ&6gHJSWGTe_BEKZ$MlfU?NcD{KLi%{L2KH
z{i@YJAdYfTA}M@|Ev0VK`;jJ7bstl|K>){8aA7?}$=dnh<DV!?T#gG;WO%Kt;3ef$
z)Up;U7V`{JPbf?lBh2+<ebZw!5?>q4(c%&lg(0Jg+-QsYV!4<L&xJsj&4$2fVh%Ei
z;ih)nd%b`hLFy=VO<>P{J+7@W*B`-wvM}qQ8!SY$%wk!T=<6N3C%V_bbtz)Z=IC#_
zfEBir7M;E}w>EF&AA^K<nYFPy+%x!>&r6|{hHFC(hSq%^BS)8csl>VCc4|r73iF`r
z$7TApgHJ29#^4JzsfeC0dhlFgU%6&N7*4dA7aPaZpgid8E1>Iads5<0)LZu+?o7i~
z((;(`9YwiZ@nGvgH5HQ|deRYF?r8P!nyeiUbogM~_Ua-kYZg76HjU|ffGwb}@iu(c
z#mG+uF5!To7LL$*7E>)UhZVw~9Tl?&JfmcAqfQg0@W86+GW%8s&M&3d4R#dyu?$(k
zeOL_f{sY<HrwrKK-z?ek?Pk7|wt9v1n{-$2vy_OosUeV(l17p5A%&2jSD9`lbC25_
zhVab3yPx8lHP0a*117RX4v~oN4BCRH0DsjV)oYq{hsSIpG3IOTJ3okQFU;ul<uM1u
zF0hhD*Z(HN6#h`WPrzx&S&lae<uGm=QU~o+eliYQt+N0lhNSo(5Z4dSUYo@)@i~Z1
zu&@-o&?|5~NQlFZ7Y%0LyROxH)>SnOf0CMJYQ{1eM9$HQ?ntXcg4PZLtL0WAtnD9C
zuf17djXKg6#_%~ajzwCE<5iq3U!=-xW0+;U>dEZ<dn3cgHuGIulTe(Sy#&v1|9Cj%
zI%vg5ERcs+C0AVJ9c;?5DA~FnqTqba;B2|;l$Z?;1*EbuslrZ~qdog%DA$%Efj1bh
zn~pD$krE{-b9!kJ;#s;eSNQ%&5I6r4oTsQ8YTH@}eQC6Jv{)yr$fv#P(mWJoood92
zdK;c3Uh1*Afb`0}or85brTLmFDc+axi$NsvH+{=x^^vf+9<J0=GqJOJu0vYmSlL-S
zK2is060t1aw_c;vzzruY7IzOX61{U^rL4P;UaOdU^*HiCJ2VVC?5tNj8d<>Ag9)0b
zy4%e8=BWMGdcZL_#m~E5c?pXX1$FboRnjC{+F+@oV1=j82D-6^;KjAcfU*n0S)|C%
zh<rD>hA?-dC5(WVi{>N{01eN}#}l@Yrz5^OYal<Y*Zu2RdwsOhm13I8l?|{c{csXk
zZZ7rE4XjXK{j<d#;Q3ZUy!m;f6yX1Mi2UdEP$}SZXL2pzqd)i0z1VfJhddn#I^ddk
z(^cQ*&t4qFC#7eui?HM81KBg|u9;&OiEfu?-k;Yf3R5J0p6O82@oEW~8ORBBZi!Tw
z5BYQ<bY)Z&PELUHH&L<>+`S-O;o82#ixOu2^@=|PwJhTSm7!XnaVTh`GV%doG(V%f
zdjljH5H5E#lwtpT2x0%nQXlk70tXbZ*gZ<LJ|EqRCB?<i$VB`E$nRSqARvGKWZBb>
Jg4Do){10i0tl9to

literal 0
HcmV?d00001

diff --git a/assets/fleet/fleet-103.1.8+up0.9.9.tgz b/assets/fleet/fleet-103.1.8+up0.9.9.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..d310cd179ed103595a0cc8e068c84025d3ad95b5
GIT binary patch
literal 5339
zcmV<16eQ~(iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PKBxa~n63c>bPG(Ld^U<-{irA9^{gZ0@v@?Dei}>m)gQTU%QS
zIMXCyVSovMA<bxYpZyAtA!mj|Q7_Y%4UsBGgGZwQG`brNbaTKEb?azEqz<PfVc&d#
z)NZ%i`@6gL|Lu0W`v1=E&h9sz-Ti}3d#Bsp-}$E9>2?oxzk&9bK&F~9rHTBe{p7x?
zgZqsn!nx2yQ^8d)0EmbtObo+_Xw5LBqD3+-nv^R|80&#0mu4j6KO{s)quLe`N=*k8
z;~q%DqY=v5YWO)tNfYFnupTtD%&<{gaYW-7`JGj+vpzP*C>0gF2QPm719ZafPS|d?
z;Ro~Q_vX(RwM{umP^Bco9=Ob=8>5;kjY(}2p?bh5&py|drYIAtRdZHrdqR0ECaS)+
z6k{5rY7WP;2NBDZMyW!JL!sKZLs&W@omv=vmdg{+4PW{3cf&h|FOeZp*fi7Nmp33O
z{V4}E?gk`HXP@ox`|$f9#uRysJff(2K@%duW2$Y1A=M&PA#&1Z7zY3j@Q~_Hq8|WA
zOogIa$Y~D-lwq&c3R{t3KdR*`#i$}lQwQ(0!3f?FPKGF<32&(WkSZV=E+WD(ppmIH
z(mGYWmIoC239;m>6l&FCVklJ0&8iv?gW_;!)7EM4gq`r!zh|i%=GWev>qw6Oj|t0A
zeJKI3g8%PzclN6Me{W}R!~fTjXhMeAt87faf82fv05lo)VC*&pfNgS?F?J>xjix<#
zJ9sbjnM8$L2LTx(*Kb#XZQ6Pd1-=EZh0NI`NE}k7r4?VGM+j-wXEcJ3=cgbBHs>!{
zA0<bP3J%ZSf<ie)2}!0j^br(l7@@>q3r;?hBxN|~CFnB3NF=@e-Q69-7B6h`kLRa7
zXf#%1g9#vyM2s=m9hM_?bogNO-VT7_Km#VJo&wcC6%eJe1Y^)6s;ZDKPcKXrMTZ<?
z=ud&b1Q~;CE+!m~4#W9yjt=wD9HTbEi=%?c2=xf1MbfSmsFBE63|boGjt-%p@tC24
zffR|YCQ>wm=R<I^^M&%2l@<~WL~bMn$H-RF0!Xk0iDm6Z4ag@lgiDzrP!2ykKurta
zXGlbh+b|$Z`BE)uq+NdK=<f3L;+=@G2aRG=JGeuLGru^dAs@m(NEnF;h=E4#Myc{)
z8oHGl2#k<O-AAHb2S+1}t|@=ZHOjG7TsnJ+h5uJSV^fjAgm7&K$e5VS2qa4duTY5q
zm10B(Q!|590waB7Dh%k53yDXr;d!CSsjbj+vtYVC5}85UuELONgEtU~ATn);Oig(N
z6RJmky^b+uVrr*bX`(R<w&2fZktAw4HPcFfXGtHWZH-2>8%i_yNi-zI1q>w;4HGgo
z1JIHVjcg_yaBSe}5z!C}RQ!d8h-3<Z023k&9UXI_EoH|zAQ`ii+}X>!GIjiXo$y~W
z%<vc)nf9R5Z7VZgvpxT={sE~JpQnDq1Y7RYZQfq1^+Tpm8X5oNfBujXr6xkgKlXme
zB>S=VgIU-g4X8*Y2?2#Ekwjw*j4C^4u}BEz3WNlj0*PaZN}+NCn^4B=5X`vjE;l^~
zT%0)!I^Bb?ZT@S$+U~UHe;#zh&c6NVbhkU-o3B^ybALNj<7hj~$)AacupsCQq0OqN
zhK+iCs%Lf-1^`=dIYOA}t_9Tk2u5X(%o1S?gvS<33v@<_c}+)*C@}`gy|U(&VaKE$
zE{pw5EHxOwww`AZW<%Z48R6SN2abhVn3i$b;+z(=SfYj74&KkvYcwo`L%UJ!R*Pe!
z75bA3XqpsfCAMU5$+e1K2$u#8yH%A1Dma>&gN(5$%$C88bQ`EvhK&vAFlQ%bj!mDY
zBo-5{v_z83lz9u2atl_Cgbuw}^n*|sN!0$MZ)Ic;5@MPL04dQU<@j?jWTH=)Kc;DB
z<tun*d+a9Avx=$b=v(k!#OS$-U7l3LMsCm{H$1@9ILE<U=v~jGh*6$n5vi8hO3h(L
zV{CB|V^bkB99-~Lu(cJKtP7hXWDjm`4a8Hwk4zb8LJfa1GcTAC5D4E&{3W9jOG3+@
z+4jE+d@Xw*g}?v94&qEwA*r4oF`|?q0zU*J`-ERxGn_C;t2Nz3xKqjEMhar=XTzME
z+K*ElBkMssNTo>0kZ3$M*%zpd)KZt?(8`G%z}6Ogutycb;OOilq^T5xGJS+_CWSfc
zD9e~5!OV1FY-(xBGm$AawM3-I7-Pdl<rK`}Si}bYA)gxcfyOWvEK9ILeG%biclm>4
zylpAmD=*MTBY-l)y+%UmGonYqR+MIE2F+fu1-_piH1^x7VKQ7NN5wvDMVLYGpN=?t
z(9%iTvg6M4^)$sE98+n@V){WIS#A^r2_4FUv0+iX9Wf+4Oa1JAZRPlPklguCW0EqW
zQMIl{$WoLl)akPw1y|Ys+WS@e-|qhY{^tC*j&yU=G{Tp1%vI(qFN?3draEmv^Y%6{
z73l!NpPZ?{$)enlR4apK%~DCZ9zf&YRIBkQ0BAJ+{G&0)2YI~kcW`sldKvuHncT`c
zh*1${iiQzORw7y(ot0H;J1|uo&ve-ZX=FsrM96C<NNh9!b4oC0v}lBJ#+)e9BcZSe
zF?iYX_~nyq3!7Gw7J$1kHQ^eK=q{QXjaFa}k3HYkWZ+<ck<l66iwobs$#y3&BZwO(
zzhs0psxwoIhVtUu;ZW89=BCa9q_0i0oAi9C%Kx2ik&yHmje#rpf46hcuJHf8&Ovv>
z|JRX9w*F3VO?lh{r~JJmX^@~MG0~(qv*i05Ai=dXimVLsVn;bW_@_OU+yqV)Y}9i0
zMh_Y{H;|Lv9ik_M+uO!=4s32)d>DkAn_TS7A%t_&<n3**wuUCd`rhXTN{>fP<BBD-
zJdT1X(LtC2D3sK;I68C<`un@cBUos6bhv<W#b#CMu%^ZW1aDTWY3WOfEmqjB8a<f9
zSW)-(b_R8J4ma(6CP2fUkIQ(?YKFG3fEqx<Ec&wQrmS4soz0ikcctYP?f~EDL46Zf
zTy8S6sx0egR-xRkY!X@4xLm6MVLr7J?2m-FKF0`Y9ZfEl7ngfT^(gCqJU=~?IG~@)
zO)G`Bw+-9uc5}4*Ka#5QzhF#xHU(hS{oldD{omehx3iJ|>qtfUPtsJiW=g>Prr<tW
zfJ!myS!<@Z1=@XXABp%Y3(qe|n$|RjnI!iO3q6{|N-&l~0mu<C$rKUFQO;VLGt77n
zrs;?C{_x$&#o6J}$*ja5x?W3>^a_~(1Bxs@$3Z#Q=UeO84EZ_ZUg+@k>B-6E)!F%n
zv%@!smnT=pCx86-=IY|)^78HbHy2lzAFdAHoV>rhsN!Q}C;XBLjWfxAx1ADhZ)Y$n
zNBEj+mSXKPsz;|EFD_5cuTI|o*T<8O2I14gztv)QPw@G9ayfqPhNlLjKV4p)nYsJ#
zyAimv{l!xNy#H{I*8WE5VPnosvv(}S*~hE1v-1zHua4iIFCs8E#<sptw`V8kZ$BL0
zgD`WTp))Z*Y$B{Jz7CzE!^_K4Lw`SAz58&yuwe_&#FlpD-aNpIhnyc~h|$W~0qo(S
zQml!={l%=uB}}t~Q1Q`2V*z5#X=2vg-edB($kuFEH9h%R=0Zb3MJv46Do=T{8B=BQ
zo37S97O)6<u7$3EKCAdN3TZZN=3-8h;TTyVe}P!%cRves$`ls!6h@i7ViH{AXI+#7
z_73q((lKQ?#1j<}=I&4Y1=GByL=u1CY<ez)eoYxV>YH8f<|)l##fu;!l9E1URNF^*
zP)M;9X*s6}ho`4^&8@rid1v1e6q`07F?naRi=Gl#N7lvMd+?PSp#Jt~5p+3!0dI%3
zT9oHyMD2z1F?IKo_r|kX#K91Z7JnlNTV!uF7iREJ;FQP6HFVl@poIYhIWfsGjqosv
z%#6Ihi%nE+T5o{zh-L9ITW(mu;T0?z@QdJFadm*D8vleUtkO!9Zf%#~Rx)?5La%6e
zuf?udVFhvvdPVg%c~-OT`gnerT_~M1;o{2HFv1G2TFOFX#t+qd!3|reFaulkQK9TX
zr`>Ls^WR93rM{qm%02Y|>iO@J=wC(d686e#aK#r(k9s4z%KqEk>6Xub-EMnx|F@o0
z*&Fi<`f&N}ydkY-vsrp4-Zv+``Qh=;qQCsq=%6&~$SVM-cq9NcM#z#-janlit{Xi_
zh0?i4!nXU$(xD_VE>>^G$WUW5&5gA-Q)N+vXdg@TaUdi%ZMJ<gMFpQ7W*>bfb#L9v
zhtUVHdWnW8b*>G*$MLM_(X6A$BJSoXb*E;xetzYuiuAe+@yqq)g1YSQl^6Bp=T+by
zuYE07{;GW}*Z!7i{Bv5A!;)H5Ub&~L5)R7KWj;WkMAu?4IHd{IJ?K18cx}>?Q&s-U
zK8c>&4`hY>-`VSQtM7k0I|m#2zm8Ot;dbpwrbj~3U)|Hi>sQLTpXE2hUMUa^?_(8~
z8FL<DB&AjWS*FzV?qG8_H2We}iA+Z5YrJ^*A^;ep>=!Z?;8fh?9t*}ky{)vI*>08n
z^wOI+>8&0K)ZG|5h_ja#_W`zaX%_p))hfX}>V=Fx<uT<$mp`vjDXJi|pzA%1PX6cs
z--}!XLvLEo$A3p}0l*?rF2A72`kye;mKt5Ni;_aNyk+TG{LM{x?p!9r!lmk?=IE)L
zsE)uML{yOwGN$})a<XH6CaPEuIeaNPsG2Bht(#BVEBBa{f~|BJVK}CDFHX3oon1uw
z%kA+(FOOd3k|}!izW>eZt5yB4Ea#p_6I`MHwRbwz_uu>7-Oc;IwWQkjf0ey*4_5ss
z-uU?b3cK_-zXQK+a{K@M<nZ|2Ntnc6q>okh--Dg%``^xfcVquuOWN`gHvWVx0UHJ=
z2wV<Tg<u;hA`C;AmBcvrzjGekkYr5Ll;J#xiS>^A>xkGEw&{Na!OL8f1M(r|*qZ|-
zbJJtdEu8SU;N$0;l`s&40ZPaeN(G6qK6aK<fOo_%`=c6ok>E-bt|1YeYGK{M^+<|r
zIP#;;2Rjgvb)VxxgWznM!*td^>r!ebXB+yN2C9KDC16O$s60jlMszrW7>5#V2!I?r
zgUFaFI)~)30sKrN&89H%ljp7780Wp`zN=<F3ohOBS<9z2B0OK9`5eyO#SJ==Op1<}
ze>;44y6xz}g;Uvvzhp{_g#L=#Ak6$tAreX7pB(Z~26`kBLpaAFkugK1@&c!ZZd(`G
znNn(9A>%1035^J2Q_z{@)(u&Ua_452YzDOx8hdB-oDOCVpcVMEJW+6H7DA%RnBMja
zW9A0=C)0Gv5^Y;Tp-Ll<rVbU7#Z>2u??y;vh34Oy#&Kr7WP`xE7u(TzO#NmsYe|YT
zKg0E{r=q;N5{bpiIv5vX@0h7jS>H#!F+Cx~BFbz~CA&7JXXIKEMt`-lYbWLJv4~)T
zeML3?<J;W#*BMg^v2(r)z4t9zhh0-!1;HB|l)|jXz{Wa=1%IJoM8*hIhi<8MOvj%x
zrGdcF>Dw^y)8c%y?dXFb|1=mCn2;L{eCq-Z7&6fl0ey6l1SU9h*ta1Lj?RyrW3%Bt
ziOC%>{Oq?>_+2jue*XFA;Qu>}U2udr_D<{h!1E!y$I52pPTw$Xnm#sB4x-8H9MorS
z=S_Es<l-qgSNUdhLa3fc&T@aXX5Y^Pxd_z^`M&($H7f;RdiH2=tMvcQL8toux4pBo
zk^k#RD`I_hcFN(nj%F&j3$7qD4xdC{L7ylmos3YiaX?g13jH;%fc@G7-z1yr_WyH7
z16#5GJMF#w>i*xve_T^?OTH{p*DP$`JV;k(=P`juem`M*N_Xo4z%qa8QlJxSkhQ+w
zMb~dTtBXF}05u-rbD!|JOSqY=Cx=ccMM(MD)VfK}o$C1ib4LSNY5(n3?LP;*-HrWs
zE$Lq^{>Rsz&)-_Qd;b@n4m?2}T&4eY+Lis^ZSQn9`rlg8v))yEb<y8T8=a<fGwq%t
zHtbVjr?Zsqs9o_3bDVUZQ?tuzUt({t>tQYjmx_1^IHNbdn12qj_%$&|KBhna#OE1D
zFn`nWV4&4^R!ckaHC1CFr=>K}nJ=hx-FVsf+Vs0gPfPda|Ned07x4dR?^gA{ZfAdg
zWB*%A`Vy~y92qq|#XRSWA1`3$uY2sdx&D36!cPxW-t)lXgC6+(>5q5s|L2JYvSR;t
z4|W&yzs}x9|65CXWc-hOBR(kVhgT^YkMpc5v|jC4RoL`(4o!w_JjQvc=rnH>tEFK8
ze7TDQ&?xxyEbyc{f1UXg`BGN1={c)Ky;QX3QLJ*suXDz)^*e`hJQi3HlLeN?Wq~_l
zv%tOMv#bt60;>X%!2M#0RN*WJBzXj&n!qIWP-=pcELoq`OMRc%9I!M#M@_dT!~SH!
z5@&E%t71Q&H_aWz>%G=i_g3|cch#zP{U`OeK5z6@{QqwG?;ig@^(JtY{=eTjsM>$K
zdz<)QYe~=JvvNPfPmRCHa)X2;y=7*H=l4FzhwuzOCr>z~tbP6O-v3^;dLjc@wg0>O
zHTORo|If9gyWZok*85W-^LRnI4lvR>ZNAE53785!n14#4MI=}cE|1P~IZosd^_j0|
ztCo)wCGG!f&)2_Ny4U`HqBqd0{og*=tJ?qCo%Uw`uOmIqALnaHt4(_DRJZ@b5wgTZ
z=6;qwR_*`2h2MYP>+Wvs|7%HGa7MI7>3-kDExP-u#(qYb(Ul=3(KQ*O{b@ey%b>E<
z3Vu){WDJH(^qtL*^5Hf}WJJ?3+Fyq%<P#nTTflMXJQKc6ZA5U4-QoNHeHX$9=U!u5
z8k8VK`|~Uq2I29=)rA)Jr!bF1k_Zkz9bG_7r3%6!)h+w4Lq7=nzsi>VH_sRiTjrnq
zQ;m6R4yaF}>nyduMy!IDp_-(@%dk(bgO{OB%-=%NVes;Qf-U%oNGdV~Z;ww@5T;TX
t1wROBjHKnNOYtcP$0`yrw!Ze-Zqg=g(k9)N{x<*s|Nq4VACv%s003_5cU}Mh

literal 0
HcmV?d00001

diff --git a/assets/harvester-cloud-provider/harvester-cloud-provider-103.0.3+up0.2.6.tgz b/assets/harvester-cloud-provider/harvester-cloud-provider-103.0.3+up0.2.6.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..568bb8604b4ef81dbaefdaf6bd31076f8b0eaf71
GIT binary patch
literal 4520
zcmV;Z5m)XXiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PKBhliN13c0Ti0^lGw|#IY#qI=1S~TQ$e_?z$3tT^?^zTU)6q
zh-^v7kN^XKno-6+zx@;d-b7K?8Oz?7_+WELTpB>5(cO5^niH`=sZg~2kS9Sq7JNYi
z6rE>tB9yx%QTWw;ljnKfXfQDUd!ASQzdIO=zUmG}BX4*<9FDqQdEHTWIQR;@d$+tt
zN~9v<EAQTIRXg`zk_cm55k)zZV+X(|iiCXT`b4P^UCKK?3Pq<BgE0ug{5gu+Yyp*V
zNS19zA{@g%GOmJWnycVV%2l;RuagP37bqm<Yz*K0{~w_1_WG{Z_Tc~N$EW)7o7$qf
zH5n5h$6#uaOQ|rb&C2B%Ldufc+OIK+h$`9Mo+}-IRbqSYla$t;yM<JNArgt{0Bu@!
zwM7%!_IVU@hD;q=G?q#ri3*ZEx95%=64RfvH;bM_;<)%z=jb^B#>fI>K1Dfp+F<Fn
zb46nZKw!)zRa`8`Fr^`mI~}*<YpEeSdA0zhFKDbx%@^<w3?ndkV9Ld2Ho3;-4HtoF
zn6jxLQi;S@i9n}a41g06$`qjtMTx}X^Nyib%NWN%;y9$fSpiNyNL{b*dT#&wB(}r#
zsaNU8OFQI$$o=bkx3NS1d;R{p{O_MP^8Xa+m}Q=qSzcAwJ3vX$473=bGn8r!a!z`~
z(RebMOs9iE(0|%LANIWdbnxVfheL8cntH+0b8k594KeVC{ppjZ!+sB+;I#kL4|@IJ
zsZXBvCe92Q3ZnFO)arS?e%l+hz4Le7^YP$(><!&fzc(0;zW1JtJ+JjAUbhdGHm?5#
z2@{kLq5$q#|HJ;^yt@7e-BGjtPm#{xIZjCuDzFo7_T^1X;W}sVZcZgo2?YLq@#?4c
zl#7Tcg@F+cI>U4HLn06sL{KsbQG((yL5PWz7yxC8!;&Wg6h?7K6iU}|1e#q~KI4hj
zak`E}BQnErMF6D=SZ9k46enT$hKJN&j^X9>HCJy0N@U6bID>yKPzV}mn&t?m2~cDP
zH*+o#f^;OP{cQD=LN#(7(3x`$$uVs|<7`T2Z-|<Yq18d<8(}CIDwG{doo}+V(muUO
z!tfG(fl7|yKff9+C8KK$t(G%Q!f@@SBT+1<j~BjghRAg1qEO!TAd?`_|7qIO+(2x0
z2cWFz!`%l{{@omnzz069E2S$-B)TT=%PBCfK%xS|0`LVAg=VNkf{%gNil~HKLPH`c
zo0*EUF6DFXK)TcDt_hSp5k3}#{eqClgoNP|1o}LRkOiiB#X-jC)9Eswt-Q3MOK}L1
zED)6DQ=<9Q=S=#PC(=~y&$;fRW^+whB2l=OsYxg~P^Nn(QR?YuzWrY)2_j*@86aCw
z!C8b%Nw}eE4k6Xbwy8TO<uS;_pX=sdQARaGxOxDWJb{424Ph%iDHThY?X9xI#>0@`
zP&PBQhm`3oB={|n=6j?YVCbWiL@Xbh{tJw_={<s<h;RuLLCn}pwVM4+G1T9<X{Flk
zvFrrk$B9;cy(s-V!pN+<Ztuw}ns)K`1m(UZ9L58@#1MVOg)UO8ja8e>Q9RUKW9`s3
z;B<<<8pCUT>CZ7p%m82Gatyjg*Q~2tDy>$UFv_T+B&2^}-~jMgSIos2Ui_YrP^&0f
z(v6{|Ik&a5v9{nLR@(46Q-X)>I3x^f+9=og;uifx?W_`&Uq@}*mMYt^Tl-{&v*kct
zryMe!>akhsnTUCC!4$nHy#h14RABHt5tPl+f|Si(&KS>M+YV_R&y)dZLr5kVmghN3
z5mEm9#ceE5%FM@5q_lG+jw^$qWy4C&a+hDS$|t*XjVo_;^;`A{n-q_E$Y;wRH65!o
z%(+yC4rdnf2?<m8hzilRWPJ_k?)esHR4UE*t(N)fhly_YbuQ#G6<HTXrZ>i5Y-Fe2
zRm#k->8|C-19@_VOKz!DvQl-ynESD2ZH4(ZUB6LBR0z#E?X3I71C5nY4@}u?Umdxg
z8J~r%azW!O$`p#J@$sZ%tKSk4=POvh3ny20RI6`eF4P!WqrsqGl=f*L#?b2b(#eX8
z!c!8;w6t9Kb(QK0LL>nS!|=w~DHpRvuF}o)N}`_#y~2t*$jYMA!@jx<k6nniu52B?
zLlKo$#TopK3wZnEi>^~FkZtR;y%)a~?6$sAb1tb+(0fn{+Ix`jsnzVyHf^;3a_zix
zHODYUAzc+8XA17H{{~*)Tebgs-mvlioF?7fbsoWjMq{JdYa322WBeh~!{X0z439b=
zJ~%p;^Wru(8g|8KF#56Ur1{!fFQ*Klwb6*wg<H@rvKuwtwGKzUVS@X!bv~4>Ab78L
zOXkC<ZysrMnM|kj7Fz8Vq;+X4;ll^VlKaeBC?sz|8zD>3`jR=%&}xV2i0k}<wr-PO
z=@xXSBuvmJiA0b*LijP4J+}K(ieVr@o4Q7c#?<(t626@*&Coo5eW~+mD@g15-?`4q
zDWnGhwh}GE2xY02k=jrSZfF>4n>o=IvoT^c@hP?Yk91~s6{Ah3`QTQ~%xn-he&1&T
zLYdd|wdu_Ghy7=`pfMj7TZ#MDj+rf+(Yf;SK;mLSnVLfDud@AD*{alK8{MDZ>K|9Q
zur$4T4W&*}J+)?vQ+~0zj52-5G@D|@99R2R9(MbjIyB(D*4aYhBecG6LF=k@_#)#`
z#F-^o9ze1!U}>IX7`bw8&yL1$cc+c;FbVePvTKRjqkv46qMy=+-4eH@qjHgZdi1w-
zqa^oi-`&*|c@MuQT;VQ$$dt3ghpgIzb}f<CtFqUSSjphlca}1#2=i@Swd=2r&8vGu
zy+i4sPM5u2uWNUXZ+CaK5QOe`x$If3+YCo--~MjQztr9<xt*-Vx850>@hZ)Dm1V3I
z!q&9R4s2^p%9?fEX&qI85rEkrt%4ri+v@YD)=QdnnzV=hA7C8vWrXZlIM5FLzdsyy
zEBb%8ckVU%|0z<t-ChBMkT{l|Mc28eEEvP{eCnMD6$ywU<J5JZ!fvX&gL$oGC!{-^
z&ToX?P9YuUTl0Hhlm*BX3~W`$?P^-*PEU}`;gY2`6`U(4PNosL;=eS0iJuPa!n&4G
zbY*0_B9$NtXPLv5haqLNf5ib&n7KY8a{Dhv7KDb@_hcP57OwKPT)=_+KqV!*G)cz)
zmDB$aJ$Pb!0FVu=d0yM051%Mo)0|878r2OK*STlZc;|Ql@+mw+$FW4=BC?K4T|qX4
zTXt?;w!}N8tXudy;lqdV+Gj;(H7&j=9Z#+mDb6leOA;|#^PIQa<-^4vww*k#luQ*6
zh8t9flH*$I2rG1C?V210$@W9351Z>*sidS|6)$}rMT7;_PVV&ILveUEuC$@}zeyC9
z)_ZnLSTJ<Aw@Sr=he?F5G$XH#cckCiW8S^TIul$q88n6F_%OGGOP<?;s_OY!wR3f=
zvu23bTFX4pMHW)=KtDt)rE`rUSLLwd$hPcM)kuU5lc9x+nZ1<>ip_l9-R1svXkEa9
zgfxK4;XY8AXZlN_epho<mW!3yf1@FOt_t-Y`k$B(|6Vwt9r|Cd*Be#+zg~CP=zph3
zD?s2(?Ymsr)7MnLW47HBtBh5(*6=V%)SL_YhY>#R^%LvW$vXYaZdh-5h!4<Xk%X8Y
z=8~BHUGOB9WB8BWQh#+;_bvT4)uLqUF|@SIHxIZ#res!Nfns7a&rs>lH(Ep04<VK2
zMPigf{bbQO`YAS<Ocnc4Vp{J=MO0#l$SBKRtx;37x}`0ja}iKh9{Kv_4O?vP^I8|-
z*L%+O|4<fCHhT~ze=znHJjAy+)iq_~xTRkXz&Z;bZ8Rm5-_Tbn@7BtLLa{kU{oY3s
zd}^uq<)n@KzdOe;q6Tho-!^vP|A+ly7602GHs`-5NoVkeD22izNbP*X%^Vp_5*ljB
z2r==m$qZ$V{*_4_bD<>2Iffx<yU)5yD4RV7fgw?JfkwG5y(cVi&Vb>}h%Wdx7C5E1
z7+90xFW<TFPZlnLGgDHN1ThMOdUPH4`Q_E6;sTvBNY9*pes&1~71D8MRCUb1mVC#Z
z{2@B#-|WSF*3tiDf64{x6ctT~f1SkU>{~jITzL~akK75lb{@GZ($8Gbne*s>oiq5E
z2+9))FQ31VjvEWEMWy4?07=JY7yLKJT}Yn?*!gb|V;k4MPdi%pw;$jhz^?V*>s8nP
z`FXF`tp8J_HQ@ajyj0&vAPn%9N~KkjNuq!<YZhN86ST(lV=y>mb6)_%2+WCL7~0jX
zP%14uC^IU=9#DA_M3lL@>gL+c3Dd^)zxk5a!K%T*`+u)L9QB*^e~Q%X|IPk?==wi2
zG{mm;-#xFM|MvUCX8%7)+8zjC;C6Rh;m>dWRxS>2xm<5A27l^~H_4=9*8ic<@Ez-a
z;0>zle|SD<{QoCO9}oYXu}g#ZerUXRKC%tI`_F{$&ZqVB#dGH*?up;7c4-Z-ooDz&
z`0VvsBErZFgZ5;(dOne!fgA_w-q_83LEIH#`dNUsOP$&b(k=<43f?-6Ag~e4T_ff8
z1aFt*Kvr!leP|tk{%(Na4G{cKpYEss2LvO|ByRTx?9l)F-C-sEPjA#aZ}k6@q%GKQ
zGq;zx3;$EMHSKZA|GtpTrO=J7GH!b-ARDTX<}Iqk8VGxT)bw%9)FP$Vam?*CWN#a+
z{!t)Y^H>NaTBd-%=Yk*E!p#F1q%j6oaflf-(!@;&0)bMlpcK>CA@wjwb7teF#cCmt
zD>-&Seb+Fe$QJAPU_san;p^+i@byBQ7;Y6<xnh8PeO>$6bjy5S)Q`vAU8)m)&DK!L
z<xxp9+4}bBVCB_GpyuzZcG#-Ayh6(nAoR7kfHvI=eeIPS$iiei<4obL+EHI6_l8<G
z-6+^~XQ5uC)w1vYu<g@As!s(IKd_xoz1=mblJ2Mf?FS9tq5pNyM}w;Wx7Ta%UnfcT
z$A2HG|7`=zuDO{$Cce880Uc`VT5+?GL~#p5F2!`(Z(ugS!dtC%Ec6N{yo$okVdASe
z=@bfX(b5G#JVi~f1G8&!*)^o3sO;Lt*74|TAnns&wCfr1XcqfO80<PK3(WOK#Pvh2
zyYl)!M*bfP3EXA>kNW-U`TwYi|9hHL8~-<Ft&bM(cWZRt{elLbAkc5iMkH)Gjx}<P
zEU<R24eFR0=XGHU*Mk(+g(zGPP`DPJur@ehZD_)6feGtk55v8J4_}(-wG<`X%u&rz
z09iXakaM1df#wFg69l?H<|((w?i0lrKC3XsCZcMEJpJ;rV%eGxXE2rNp3?I?PY>~$
z{p*vMOlU|I&FpIu1cmSD^^12`7tde4e7*AK?Zq#v5tX3{seHPS%0)os)!@kMp^?j>
zly~J_4WkTqA1d*ZKVrz(+}_U_sT!{I?5J?1XKQ|vJY4Bn%FT6=LC+xL^{pL?i1`7S
zB7bdE(g$d$I)Yo;J2;H+N%sGZ`k&!VJsR%vzP|vm3;#Lj_Nw>4&d;0Q|2j$XiNYBd
z>94<R`K_f5Ked&!i7uY0fa7ZPgv<^br$6*$)hVMw8ko2PumUq}U8Zte3tfXF&%kD-
z;;z<tW_Ay4r3*;Evd~khgq8B?rnd9f89wz)e44cR{?|Q0-=%ao{=3`!{@;mGga7`r
z)86a<9``^G_y2SUy(a$ONmAqgY5YHp|EKZ)H2$B)|I_$?8voBm{qG*X2eU)}tGWNz
z9}XJ)$4OFi|F60K*WCYW?*BFS|C;-M&HcaT{$F$d@5@R@=>Pj&`YWYf{@?Zce*^El
z(f?19n)`pv{lDh^UvvMjx&PPP|7-65eR=5!{qNx4gV~|~)!hH<d;M;s|D7T=_y3yv
zf6e{B=KkMK`G1e!1KEZDT#x_V?T?!HKPO2|{O>P2{&$m_)TA#r{a*k80RR6vhALVB
Gq5uG33O4)z

literal 0
HcmV?d00001

diff --git a/assets/rancher-aks-operator-crd/rancher-aks-operator-crd-103.5.0+up1.2.5.tgz b/assets/rancher-aks-operator-crd/rancher-aks-operator-crd-103.5.0+up1.2.5.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..aef0d32ca3a5ccd1e12be847fc2ba2564b19d2f6
GIT binary patch
literal 1246
zcmV<41R?t$iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PI;!ZyPrg_F2Dz$n||CufGf3WVsEDq^S@kDbU-99Ix2rk_2Zc
zTPgbAi`|tRS6V5uO&Mt5xfmj6pNAaIJp6C~E2kK`P*B%-48SgQWl)F1DFp7#p)?22
zwJgiB^V8G%Z<b}Nf3x$G?BMA1{Ngw}yEv`<j?S~}_&{XOX5PUfF@%Hc*<7oW`;Qn{
z>lj!&OZ|=z5*UojdlHxp_Ov^c7+BwERDH3?l~%W@Rtjxjyx|b>O{<HA63K(azGxb|
zG$+Qg)!9*B7;WQSYp=&pYNqbJ*Z*&|RqmEry#pEq!frKy`&q1Id<VS#f`PQNeK9-k
zfcN)5k9x<wvyMWNL3^&72Jgn=x5ejT7>Ql^5y{0M@d|IW)pble-{G9yGh`>dvtIVU
z=o_w=TK|pp&scf`jC3f2qGt)g_WD0MJ;_d2>i^>W;_S8lU&0<HJ$Q|GjJEnkz2YaT
zif4AzDYRAnjXB;akwF1Nr5`JDBE%F;*`w)USbW#@&S*LBivrPiglOsm3X&!gW020?
z=$v{`(6<WikVjeJ<-tW?yFch`Ko)$>SO@RM!v=3y<JDc>!~mv+tnQ_$3;f|5P`CDz
zO`o=TG!WLm?Fium5{4OmwuN=K_7{ytQD5AEA?yf2(s}HQ4@>b=9U&G~Uo&+VA($OC
zRC0<XG(!-=d9;Jk^_P?JznUx3s#sYsN88vkOy8{CuQG@{y#&I~!K`)(VWTlHG1wQC
zoUe8ByqXem&^B*@bwPhcb?rZb&DV*A(2QkE^LJ^t67M)@2m$7+WBwWg4g)H*tig;?
z2IQ1MnWT^NA`7duN(rkhjRM~2yTqVl3^Oh9+9$<zvcPZ|w90X)RY-|FW%dK_jh3~V
zeRPqv&7a6Han2yvm0n$X7Z}w#=(ewlIKg0%k(RohaMtx%YM@GOKNAL<IJt}ibqNNn
z#4s*mTIhUW!OU4p`rU=1mfE-VZn1Bc)FoJgg&fs&twuagnsTMHnq5ep$rkz6g<@o4
zu9N2D61X`tqy%;fN6wkY>`t5a(#Bv0+Q38`&GSE;-Q>1~VW(N`FuO+~ZQd6flP=np
z-SE*2+A`+#?Qz}ERv?4OZY;sHrst#i+EcZ$67GgCFs%~qMow*9>U1pQ81fbodNj?J
zY$~;Vk&rpH=ZUoMYDpQK!uK%2Hg#zXl&bGeU`F2&m7PbGS`ggiPn5iIexE>F{y`MZ
z1vy3H`t4)mq3Y3mTgL6^N>ee`U-9kbp6jWh`c(Ptc}n}|n3Yw?_RL|C$8lnjudnvW
zw6(~de3PvzbNND({PgQ0Ph7OBeW9O@>zzt{d-FlhfN}8#l=Q5-fWER+o$*o*I_zuV
zmcZ{_bD2$vP0htV^#T%2M{#1be1}QT{ZyBBN<@adWvAP9gMWb+uU3tTgkeCWbNlR@
zX6x8yI&cK@p}D{94|z{ww;^)Gz>#)+VZ8xuV!&UK2-;5P&ycq%P+IAkfc&|>gSEUy
zJy|SUqqx>sKc1@x;KVLe0ejFACrb^xkMd$I#9x2E*#F92?bTlG)qW)VCjbEd|NZ(Q
IjQ}J70BSUV#sB~S

literal 0
HcmV?d00001

diff --git a/assets/rancher-aks-operator/rancher-aks-operator-103.5.0+up1.2.5.tgz b/assets/rancher-aks-operator/rancher-aks-operator-103.5.0+up1.2.5.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..11bda6baccd57c566c6b6c8c0650444f3f446f1e
GIT binary patch
literal 2049
zcmV+c2>$mUiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PH$#Z{x<%_nE(9Am@Rerbmi;v3(_a1zcay6iIBuzNS3{hr?<)
z61Q4$nVqG4s-pj1?2@8LnYLW#YPYE7i>T%7ym9B1)GXx*YM;%>R~c$%l<u7;Oq*cI
z=JM5-fG`ZhlhMfihGDq-+aC?XSN+k+=^#8l9gX_0!v67K7`}q=i*VlqIT@y3g}<8D
zu5$k+z|vG1W`s&9@&Gt9OsZ+XnK2Rrp?WMg$`>gaCS?R|$HnJ5emiG|C#?iHY9l5B
z<7#&+S|Z{Y(+E07=h$gQndM{j7pO_7G=lCQ-a<bZ41>@Q;rI6PclNT|x;15Uq>OQl
zpjh;2Ne1Vw$ciG6BF#Uy-px?Yg(1JfdVMR>Slv=PwpI%fBl**Xj)2XG%bW~quF{E^
zQov?Z!(Q}TiEOOi(0vfRDODc?4`{AYA|v#z1=^oq>o(#l!wBXqWmBAEYCM*SA2<9L
z1CM1{^|v1kf@3d6;#y?JEuF!)DCfX!B!P+2;0$5WMLLDE?{1(p1bK<Fk|oAu6!m&j
zVUm0ta5dkk-D?Q@fF7iB&5<I{e>AnqqWy3f90%cV^Q=(jrTy}`pf&z4n9PyBSOVA+
z|HIS%a5w&sPWy-W{~R!tYRqIA`i(?;1yBUXcQ|3WG}ky4Wb`tEPRH}uj4sP_VsXWs
zP0LLhGeyEEi`nXI7Rj(_1dGDQJnN-bT751^JD=VDP1W|A#j&t)g~|8YMveIVj3SsY
zN$7b;M{uEH1j)uIsR%YI21X>NsS904M{tdkZH%#rM5kzwY^aMBr(RB|{b?>@?4>G3
zpHL#VEPLM3k!P1~+=|i>tk#y|_ks+l3D|pJm`DwQQDBs`>LUEV#-DSck>I<E9k`rz
z@*A(ja%mTS`skFn(n4urmgkZYU9dTpDqw8s#+XU9wCV(2wu|YE^rYwC>i-7knPdj3
zcX9dto14IVHoxYK?eqV^aIoY5C#S=M|33?SP&p)Qf#vzKXDvavE>4BZ)0O*H>3+3>
zplA`!sv-c^YwumX0C=AWs`hTPKQ(jzM60=7IWHE@T~!3<*A)EEWZ;*DJ^ueGL7AbZ
zz+_J^1@`rS{o(PB|DT==jt~C-9I#sTzJ`UEM?h#`A|#q+hHvNAEIh#ozV5Bpp0`^0
z5aUFo2%Vxh_!Jk_!6#jo2OaR&YlkQ%5d2t_kVSd1=_^{xifUV?MQSF{`9JD)o<sm8
zVfCl8l?T)K&b4P1_x@URZku=nw?ax_aSWw$MP7F$g=_U(vZvR!9)U4Rbz3gi(z(sm
zw@S~XVle?%xwNQ2Ji$1ZMJ_jqBCJ#NoR#ZFb~k-jiqwb~I{7d|TNl+kR@*VVvOOyI
z+6A0UkediP7wV?uZ<jZI9zo}upK~TVyOwDcgUb4+kfB*ZZ9C=$rI$Y32iOaH;(zHF
zT1k9*JGig@J2~B{{|4dl@bnP>p95whjUy<_uWKc-G3U`^#sij{L}~F47lMM>8!9JN
zb2KbwhS~0~n9A&Qd-o3AbS}}28+~Az_>)$7X4{}{_hZ>eZYDYKQ<soyG*sSNpdP#B
zDVpwU=t@EEmuqAO?bR(aJh2yf7TcwdciA*%Zf!j8jOq4pFIiRGzX;DB8D{c3tShy?
z%=3S||Bpo)i*)*gFtE@6N28M+{~v^h`OovfqrLr3p!j2P9$Lb{<Kuvmc#RXgbK@)z
zNZ|q8jaIFphw|~?ksCJ&F1FmDUI>n7oU1%F|8l^3>8JGXgFXIVn>syx8obB<NBzOB
z|A)il!NLEZ1M2?IvW&K_{;qoT_hkAaPd&<iC_`>HYs{qJj3VfJ0Gp1Y7$3Vgh~K*z
zZm|F`!}?pfs%v30@&Go6wA@`2(SmFc+CvIpBcO$yVebk=%4Htk*9`^m3#1~AF*Wc8
z?zX^na>Z>h>I0k0c8p(OmzHg(*6UKZ#^CrK*%}SwKJn_UYpZm1ggwGhBg$U1g;)za
z65N?)Zwa;yx>u`vH?G&68jBs#c<yjjYVfn!9*hZ<d8Z$Sr`4*?(=+-Dp>C{ml^P~e
z)YZZA+Y?Cv#k&#cTAP-K^?~WhSFm2MR`AtEyV{GEz)=deFIZr`jvmG}Yzpgjw<*h2
zF6EVyf-fWZ^W;LAD~*IM9~OY=Vr!X=Zr{FtfA#6=`tolds$12pVYR9rWA!p;YxE|K
zn@19%d#PMpK7vH~-l*lMx4lKGvpH%!Mwr_}Ol}^&-3fM&NWt7H$Ry)fi!lo&^Ev+D
zwna4=EoC<jkA-$lz63#_Zc~h5yet^h8Rvu=NCE$(F=3Rrc@jZ_8iN{HzmV{XnIwW9
z8eYBPCXzkQ{H@eM=00`ULSauM$#3BKg$fN+%EtwZhbd}g@ntHP5g480UhTC~#xG1z
z*ECj0Y1cT7ox-noD2;RD48~C#OUL5a=fN2v6upsEsr=}K+akuIaV90k?!hGplicJQ
zLFtY8FK-?;Y&H`;W6w;_T3BiN&oFO6j_$hbBRCg*b@P~(LFoq-V+7$S44aa=9T)8k
zyhhA@>8j=ckA*$;f0@x)k<p*n1MKVn`@`M(zdr~^hx-3Hpz&4Lru5(GmUqkldp@LV
fsf1oyy8|5H00%h0eell!00960q!nd805AXmRk9Cf

literal 0
HcmV?d00001

diff --git a/assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-5.4.0.tgz b/assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-5.4.0.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..43e26fd44d1841e93f196c5448329b077f30e861
GIT binary patch
literal 1463
zcmV;o1xWfIiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PI@dliD^AzGwalP5O*uIDT|^yO6Y#wz=GJ*YtUj_dq#Y@<{7z
zm`?xqj%?py8yjOVkWSba21))_vcLUST3dtUOVnL1Om~iwF9Xm|U9P>i(<NwfRuK4C
z2b$};?r1QGe_hut{<_1yd(|6^#=Y@)<X*d1Zg1p{hgZx!)bTDB83KLf9_*{Qxc`ZP
zl!}0al4jCjj01tM77hm@A046Ia?~Uq1$q;fa;0?GQg|N934232!Z)QuBm`(e;5cEH
zZ7M_!q;%J;3}H}uiAEp6VAo#y>VK1~9SFr2)J7;dVb8sehlXnrQvCm;Gz7kH7%h=a
zXYUPrRJt6?>C`!*RfrP?Vdx7U-?h&3i{GI$aNN$hpJ!96j(@@+^nuX4<$h!cwc#N5
z(u3{s-*fxDUOxW&z3buV691>LY~(;F@Ef7D|BUnWv#}xg-0M6E=}p))GNghT8Wm}d
z@9|Mc5l29P1RfAr{Yc^`Lm1<5Vb&4dF(Gn0aG_Nc#zK(kOs<cGh_Tdb0(H+p#;u_r
zY4GzdI*b{vY+$CNJB+1a8Dn+RX+8I12!s0B%9&NFq=A%%1!h{n^WwFEf2V~c)Kle0
zflO!CWnYbwcR<Sta|{7R#__?>ERuGfcUnCPA8#Q@z+Uc3W+~~Av^x<MLt4m1r2`WM
z0qB)Oionm|K4e-NL4{yU4(V>)&<N-eM1D%YtQ#5unI{qEfbQ1~je!0JEptGBts5Ev
zNkun_+Ry#`<GfYGHoA7gPPy_R0yG3ce#L*3ch&%h$Q{F%=tVwymSIyRAH~AqTFLvg
zJx|8Xjtv(kn(H*&Q|8-Pu}he+fBsE|@FfQD(y2m}H+LVuT;J!K84I<|_9WIg@x`eY
ztgU=p;wTqb#csxA<ootPWTH508;i?AZ``-W@YNHymVF9k{k8BlE3l@KP+HBJsz_3~
zmjuEJ+9DRoqS>2#<D;h8ArswxFRX#}@mWq)5c)_Jp4JndE9E1|?O;}NB7G26GD6M2
zBBu%hm3A7gG+KcXvV=J(qhPbO%QEVlZO&-v+V&-P#iY|9-ZAuU@f+FDxG7=P{!w@T
z!ZjfmmTqlFHCHmp;Uz2-gh44e>!@p$`$2;=F|yU@D!%OyC$%A+`1>>TfbjUf0yM_%
zf{yA$BN!!*>!Xa_ZTpA^9MQv8DcUJ0Kx<eP`aEGmA66}AH`H3`Z3(AZbGLHt@SJFw
za5Qjw)qzskXSK`U@{G$*6K%?4aSz%iwwfnLtY1;0j;kb_=-aj;>E63#n%cy=-?k`s
z2G|e6Ci^}2WKW{x;p}o{d{W%+QhR*b=gLY-mv-bD&s_-lL9Jo^Z(S;FPzbE4|M$m(
zQK9~K-5-oE^}kctvFm@YglVx5`0fQW?k=eauAQE@G#Dax(rMjk^(?$s$;?#*3w=A3
zdIBMTkLIW)5}Ne+<&ZyB57-4BzSY2257+^o$4q*Cib=`k6NDQT(;WsL=q`RAwX@Ic
z=<m8(Rv=xg=jtu@=Tv@@w}>q|D<gcX_$A@k9{wSltA_bMOim-sUIW(T|K6~FUC96a
z@!<0Q|0H(o{GSr0#q6JbcUF@7UmUid`M)QDe+|_mh?PBYKA@o{h11${%GP4ao&~LX
z-D7)f*owC{w>x-O-kDq7xkI{<HPnBNp=$h9Se^clhQp%%kNTJIKTcxD*8hYsEz18a
z2CP#5)ZO`yeMfr7f3P^QA1IL>v&Nke?YH~Sw<p}kA0hs$^?&x^=KZG+PT(Evqwf3P
z-k@Lj{&zU&U+RA+v7fel?0UmyNgv}&(8Op7#Kgwuw2?uN%~w^Q)Si2V7rWTSE_Sgp
R`!4_h|NoFc10eu3003Lq=c@n!

literal 0
HcmV?d00001

diff --git a/assets/rancher-cis-benchmark/rancher-cis-benchmark-5.4.0.tgz b/assets/rancher-cis-benchmark/rancher-cis-benchmark-5.4.0.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..7efc795bb219a8d186f27312776f9e049a355504
GIT binary patch
literal 7260
zcmXAucQoA3*T+}y5hX+kAp{XUL|=pi(Fr1=_b4HHTfO%hz4u<CL|MH?527ws@7=O%
zKacP4nLp>uz3)5c%z2;Jy~7xZPYL>O0URJsV|fi;Q+Z_}B@Yon69H{rGfhEjJxviI
zRc&n{WgS}^V|z0XEp-P8d2?Gk(4h~~X-Rnc1m%UG{5q1Ym^qQp-N`W9{AFtxak#Uh
zukUIBO&?KV<y}aq%?CXKDZ&#szm7L#vWemN6}l(7)XB1m9V+&d6JSQa2YydI526b4
zFr~DM9l3tS?;y@<GVLMwQl|CBj22akweQ-tG6OfgXkI#^0<KlY@4%NasuP};mL)3%
z$D}K(!&6fWq?0Rh@Cx>Xh%m<AvGx`JT2F%TP4&s-L=v&^x?V(JdvAKmmVv&Gh_Pt2
zE2n9(;Nz;5aoedPAlc+w(VX8-)!0P~cS~Y*s4mKgv7BHQW)WEKE-pmimn2##IkIm5
zvh(7S8Zg9x(VV=UYt?1@HX@)5jOMvN^Vll*O+Z6VikB<a^Nv#1aVq6TW4-a5j2rK<
z8r8jl$6HyxBE_Z|jnE$>-jb=aML0R?jOJc%C_)1JCFY5k%hcp!c^A^IUgfCbGR@z1
zdNJH|oJdZ(_+yZV*Cla=Hk^yNFxpsuK3<Ht$gS6vU1G=y$z;+TEoWo8|Il+=xf92$
z?=9gNyHX7=xWpz&ZoT%6YE{QH+vJuaU^a=Wk5^A_bdB4U3n=&EWyT)&^V5FPt(Hea
zx`Y?%`TM#~Bahx$G`q=tI$A_1f`|3h0s$gyG{&NfJ=1z9xglPl8!1BFNiTfVsJ_Eg
zSKMnZcKdgzS<4QvWC>F{9>J)r1@7Su22<#q%x7<}p^rRq!Rv9d{+MFhyqo!Ykgq#5
z?TnfPTA2QZ+^g;Oq^&>6izY*vNYtni1RZ|(K{RB4^R*mX-r)<Td*>=Sw(P`%f@gT2
z6BZo^J1f4oY9~!57`f5``7@<zIXdP9lqdeeDUM@)VJE*_y(H%NynmzW!@qOA1Pwd8
zm;AHNE1gSXGqc|ZPMCe6?GYSL0*Ee`6s9iURd*%|G@l4#vc?95I)QSaqM(U2C>b+N
z{PPw(e}){D_}i|QY4SuSPiJ>hUvZ(m8L6K&MA-5c_===>Q@!hsFC|7^SeIW9WO`bK
zXhgdRu<MJtvc%D|Uj(^glDG32XWw%s)s-$9F=wcEFHoi>@RryRW6a{N{>`d)!skC9
z_<j2}N!^bAYYXlE6i!ZWX05&|f2`b}Yi*kC5OI7&W_^5_M6MDw6B^2FeXQz&MJ$n&
z5Qcm=1M%0i_l#YWV{Qo*la8_tA;b|k47+Qk(<#ro=<>!r?Xd!N*t^j}ayI@Ff2)C@
zLk7O0xMW(7DaIQtPg9Wi7_GfsnCzR9k2&^+@YPdWy4QOaUZdjE5Z_f@FQ5MUKz3Ev
z+Y)ORj^Vk8;hJeVLGQCSr@!9A9#?%Xm`sRxe5tG!v_GXmPf7Yl__4vRubMwOI=cza
zBHh_@t*_`$JE<gUU-<JsR5Wa_^MZy@+Q&PGON_<;Z@OB!A8}}sx{Jdt9S$l6`z%QV
z$I94@O}DPUwVNzik*I!_-_3LaHHVl)=&`>;viJGI3~O`ycgu`KWZ;-0oKs*oFP}js
z3_`J<A{*9mwVyG6!i}^AN=mV>HU+6|KszfJ4*fph^zwU%O_mtr;L{-X!it`%63mJX
zXaU->8_3DJQl$k9@qEzB9t5dM?=hK3A{!%9t&SR4G_j+@khf29dPc|RYsPmb?2a<n
z-&yS;Sbgeoj%pS=_Arm5qXn0ntvd`gV&}^7+Yfv1)Q<?ScJ$vhO%Aq%#4-ypMwaY8
zUWWWjs}KY$7-?9$P7lgRr_stBKt@!)RS@#V{q(g?_EO(f-zmC)35hDbX82?M7<6{8
zB|eZzr(@EiU<%*LD~Mb+?%FxqiXxjUhK%>Kto5a?ov}~KNqd@J7J$YorK4N>Y@=1I
z-;9klIZCIE*ySwpO50U6sMj@3TWkx5<;+rl7nW5e$-PQ}4ICYe?kzvkONGj@SaC5P
z5YzErd!>Z7ALz?&Eu?4DYQiY0>VW}O4Iy%Mzomgd&O=BuC2-YdSyB>xUlT~^I-?S~
z?5<*_4zu4$u`SNrv!*hCF%QRVb(WAk`r|ns#18?@FGEZ}3TtZhu|@2D*7h)F+4L2w
z=ImtT8TLVEz7J(R+31<CiHYIBwaBNM2phwmcrDc_^yAcQ;O7^;gV%plnSzL0fr0T8
z?leXxiTF9eMy5A260sxhcd2@55XKh`gg~U60e`&RGcyN!Z0&WZVJ2|pbw6Wq52bpQ
zFGiY1Ia_lmD~A^v`RSIw)AX4F8SR8a^-(}GFOKsYxdmnx<qZ3)<<;;dyZbh&gSOnO
zvzm{W%MCtjKw}V4U=QtvJZt=d8WgRk2P{5Wa-fj7=*489v$5+W+UFmuT?BB^fdG7m
zfgHgD@UKb9Q%I*ET6M+#pp5l=F#qZ-*1~=s#*C>O4a_j3V`FJi^D=Gykn$I!Tp%H`
zu4dT-IOI)t$2w3L1o$@pzgEeAS_K5veSjv>7U_Q{oLCYC{jPuFGt%50qy>CJ%y;`T
z03X-}J8%J)N&7Ryq8Fpe-J84JWl{~aYFKumkOtUiMbR$@S!*^Z>Uki>i*4)<!qo^y
z@i-UOfneNrfxyKxB!G5oJ_P<NNgCM$+&)4<8faS}i;sY|s|Ro1Kmjdoi+_M`dH3rO
zYBaPCge<-~<9VrTh=MFStOEbLM{>;T4^Ve^j@q>Qd8ws!$jKS>5y3-3DP%7o`d^Hy
z^3obK1OYU{Q0O+QMQZeXIG~dUO}jtIY3c=5;Sis)ZV1UkWhXtrTPh=1BN-aG#09dI
z1i+#PLQtS0*fj>Ij}gZQd<6iA#v(aDrwr1DLtB6wL}?l@|IVuqNT=`{z!Yb-3kFE2
zK|(nIW7bvr6;#j40b%$9W6k*T?FHa7lY)Si0Vj;9b3p9f7z#?Y_yX;=0nicE8tMf@
ze7>HpsfTt~cR`>!5kOnVj0M_|=*bz+aoA3Rd~|CrFi4NyQW-Z-=4x5T;Jzi`Ju68P
zVJ762ln)KMtO@vF?8&bx=3uo!L7(_Tj5?UA#JFUHqvALufYjPA`Q{Z5A#tnP^&D}3
z7JXM}3R@hz?K2rp!h1wwEXJZLllp3l%Rkz@X~Ugs&PL2vpAP1W?q6ref8FKuwu<LX
zDh}v(`C*pbsS`fY@_ppSg1(>an|63c1Jg5Qg`deEJ#TJDcZzy*UGupGA}&tUzMzdf
zYunK!O~xd4s+{+bd_v>}&|%-~j5dTW06L`oLW@!7bmUZt0!bvU-ZIv0i<$OLQHB~P
z8~ArhNsiCv378@-fBqGA3<0??=3|L^KJ7|v;?n>Yejp{9zrmyj=*?x~Tqlm)l)IrQ
z5A)$4U)-Se=PX@&Zk!C<&2izO<%)3GN4dciY0Go(JqnStv|RsYsKYrF&RN+$+?m)f
zxs*Nm%FXc0U&8IJW;H=I`d{M+8u=6#<r{HGwwJ5@4}im`Z(~>BiQ6}ZztrYd4{mo%
zR?(WG=O2rY(kQgv@*y9yDb~)6{fe<#x$>_e2y~Q4TeT*1`c(auL#n6vHp=9^MEj{Y
z1K(8>OQWm4-#<(OAd^FeCgP7-yT)3I?FOZLcH-@{>GZElFhnKxPLQ-MEs67(IT+LX
zUevv|l=%hX?#d%O@qit_+C!=XiJ?ydb8_KQGg%bj-PyCi&e;3n)Wuzx6w$M-KlGg<
zM?F(v*l2cyy#8}*@Y1Lb7^dF=Y{8EzBAXd&R`pR={4-kKzPB$5e=29kQ^Q3oy}co4
z^NOwvR(+48TCd$4VE2fNHpA<wLE+Z1a`cw4Zu2*Vm5;x#_V=&h{Rg8NH_ePN{Z44B
zrwj7zZe<MVG&Z5LH+&Jg-`Rm0EMmyO6N#x%t`Dj-x;a1UkFDW>=#>m?P97;GU?(ON
z;ux+qhjCWg?q5wbpYS+Hc6PXH@-2UM+!UZSbE<lsJks`{5P5TAFNt=(g-<-`MWCc9
z*5O~1-jWA53=q*+E=M>ERA5{-yMcYZf#Y8mm-{PAOQC76n|><ioZ?Ud8Jon4uLtpb
z*-{k`SQSM2AxtyR?QG*4_K0{#yv+zb@8y((GbMBU`FX-n=EJ1RN`gCT<L>cQ<Ez~K
zNt|am5iVQ5(?*XQf|~Vx!#*9Bp>k7NM`QZ~|LhUH<oZOID||JXFP|PY#1X3+KQk>4
zzRIjr(GvtLOSkovBtr&jAS}{dJ9mI`zW=8aNUVw?5*(X;0XxXs2=EnOO^Q||x^+0>
z66^IcG9TIvLqkRzA2HqhXdMT!(-9<{En)n?iKMRd?SzshrsC^d(_Gw6`+D1ahD0_J
z0^3D8qH=%mxDFQm9#Xe;G@Rd(lAyokF{4i|-FbL{x4t_5&IOcq3iN(5Xe+<Dr-5ah
zgIRn#iE|(s?oSEeyGh^3p7`gIDUr=bqjOC-KfZys^P|K`r#=9WkG~J$G>w^G)TcP5
zEJk~40SKe^v|KweX^K+mqJ&?5&7xX*tv$wnhc()(rxsu7MZ+_NZ{X*0(J~@*9!)7V
zR!NLpl*70L4+t8LI~l6IEM<X*(RhAm(M<ExelPY&4FGO)xX3vqXL0O*+#$17<L(=t
zuvMaHq1ZwV27LS{)=QNxEz>aczA(tGFXMFmR4_|J(9ZzQ3|KWz1EYiOx4#;lfcXV$
zKEU#(@(lPj8R#K!wZ>MVVF=ycCYY0Rv*-}hVo5|E2^pAtre*#4*MVQDqbZ!K8YgQC
z^ue7&g8Xp?!Y~{^5px&H%+y+d@##(4Iv8@hjPX>lp@vljlO9LdFC*;h5RvN%D5_OU
zXTD~7<nl&1X83Dc=N$(i@wv>tHwh)_H<OrHK!I%XtH*G5>5D%-EKwy~Ih`QyC%0$m
zoLlu+SYao|%4F7L89JWjc#?VcJl&$Gw!gX(ugNr+|IHW4x5Tgw68+$+_eZ*#nH$+J
z*;ePwlk#fIiy6-o`$aFr1>1<GNv!R{SnQXM7&$ID=&E+_zv|n(V>$&ne7B+$qw2--
z76GMAmC|F;tlSexm}7q%-DbmTEm55Lr>tvOfZn>;Ql`BNtZwwlXdD6PR(v+Gje-HN
z7*{qhEq36Rf#Uf!86$LI0ZU8db-u7pA00N-{Pg8K=rga;VkUluY<tx~snGkgir1#x
zsUmsW$E>~;hu`&hzIfmj@FZ1~d1@fbQ|_NG^=}@SFxq){v#gA#M%$IX76QvWp?=e5
z3nx6nbwRSOK7h(UiB`UM*FVybMOgZ?RZ$d5$cDJfb1_aYjqL+&<IbU8DB^3`Z}Sa&
z0rFDvu}96-VE?9%v9&^p;Q<c(c08lVEq+06rB<r^P`o7m6o-MTn$Qeq1GV57{?d9W
zj(5sNPt_)f3kK83#qrfD@yb1DxKByo<|0P*VRff#l|i{%SNmeyZ1_c<SI=_Rk_5tC
zL5D@oq5n4Y#2>XfX^;i?vdeQ@`0AYV3dC=SG8EcsjV01hSHp|qkP3SnwKZ0Smpv7~
z%UX14XcYY2|2mCa$zNPZMWu*Bh1Du%nI(jnD;se?i(5{`x!BT7a!b|!U9#K!q%A}N
zJhB~IO%jKUXM5y_1({z&D~hK~wv?xjB;7xeZeG*WGL0&vY4z@(o0pu9)DB*S4gKW{
zziEzIYtRf%ZulD=aJPcJ(#F_)zFgQ;w|w@L6*b>7SKpRgQ4%yUQ<J!LzXn}5S?GiV
zpANujFgI2_u_JL{M}6-G(lG<KxG$kvM4@64sUD*Z02`RAV)2;<dNw!1;fy=qKi?L_
z#ma13R1>bT^2e$Ci<b?C?@pr#dg7oP@&m2P)#!!FnSUV25~?*fm5ep0DAwttaX>=!
zRTeP62~>u<h6DQ76S|hu??5--h|9Gu%H)t=Cz}ux3?Rhr1teAx35`v^H@uqcJj)R~
z%;zSmwYn_pM~=<7BEYaV0Bko7R0Ur@z+TA(uoDfyf|~k)?0dlR0W`T99Z+C@0PKJQ
z?ivZu{n*Vz=r&w5QVzxVj8PC#6a1ik=;0Y2V->t0a9)w{2>eSIO1Fp$WS9d>7HG(_
zg#Gyg10s7M$Kqq6TvBl4+x)RJsP#3B>mCva=#}CE5CgiqjDHZ*hoD~wU>kL!S4ssK
zmf%>SfcK3|=n8%iSQNOKno`(9mAnKjB^pgpH#s&~QbqQXzrI7U7HI*xc93p30N+4E
z;fVznfCE>f8*2U<(<t0k@|Pdf@jn{01N|ET-agcO9Rw`C1!?VXYZBdv<yM_R9RS!N
z@UR~Pl$-)%ueuf+G0?-Z)eTEEN)@LtFy|d$P}2>OX#9w>becJ$Irv?aja<RMr7I>m
zjYalC&h8Cs+?FeWS(&yz@LUMw4dUc2)!NiUk`IZ3*LT`eLI{UzVD?>GALOO+QT7>_
z-yxq41<uyqfK){Bc<2QKiEtBi$*Owu?Y$wF*3ivYk8)+Qy#q_nuRgRYQ|QC&&=TQF
z0oY&(13c8~3EGk+S5p0F;i<Kk$&n9)psEXUvRl{!l)%8>wjcbr0l~5mA3%-4?@snz
zGQ0<G{J;K+%gTIQ<D2wHKup+=yAkT^lAWd>0iit)yX8d)ApUBm(UE_0YWS3C=gfZ*
zl``hg(4Po?>Dlh{<c!4<NodczDU+N-9Tfd|*;a_?X5;Qv6NFzg;gPY@ChSbo`XqRx
zSy4?0^X57C4VdutR>ZD?R<WcRdfFkS0_-Cm1YSSUdQ~>aRV^?$MTFwwGWneXmtAup
zd$RlP;N|V*{x%zd?DL;nx<XFti%*rqjtENm0tSPnXq<i|Wcp&a^O3z$xk;v+z4`l7
z(Q8J~rn%lLjYpN_mqWr_6Oczt!B}gGgh?E^MqUG@us+B`Yjp^`3{7MUrqMYyDf{dU
zM9N!j{dnY}xDcX;XC3`c2Ft30@dZ2c`_hCp3h$WdH$pE3-VBszk?89i7JYyhUyqb%
z2$0M-&y%x{>gM+;1qXPAEe5q#wV!#cU1-Ka1kn!MJieYk_Eg+1aDASjW0CzR!@-i0
zF=US3F3qwoiJy*6bKH35TJoIj;1vEyh=Wlcr?hMojirxEn{JLji$CaL9!HRg;V*ZY
z6cESD_<qPadGS`Y*Ka?JFevSff|_Z5*9+p~$KH~b7;KVv)o}4Z&VvBkZPlHb64mji
zf!3lKrCOHX#U`6>W$bD#FlDV8WXx>HmC{9XJhk=<Y*2~3wnQvwN;hLHh5^XQW~E^m
z;K^pmHg*EG$zw&N(%zK?ew4}yZ1x8;E)sYXAIhtqtp`@`_j8)vO~(<nOy@j(B~O3U
z-D5FiXc(1DxRpDTHnCIvA@RLF_xr41MeaZHJ6$fBz!;8_-FMzi6PrW-rnjb&c>PQX
zbFHNDrSfY``1JXcZtg5=ffF4{ZG5=JLGfgSIxuJWx9Y)?EWVuPCl0a9`vr%OA;r<j
zuo#wzO%u<kmiuavKSMlCD%16SfqoOeG8?zx#AyjwgVw#Fm4bTT-{#xUuh6_VDHdG_
zz?%$7NM@keKENQ7?`!8XF92>JE;EdckGcME9<V*kD99j|>enF39sge=%qHacLt(G}
z7Sx35<vqd^5m*sW(7(*`;@X3zMnQ?F-&Il1y(8u*aPqcFW?u^Ilh_?lWH2cUwCb%Y
zYa*d8#>l<%c&65gNFo>qKl?}PO|KC`zHMrz_ckfFK%F@FZ=m@VGDiL~G4k4)F(H-a
zdwgvP-l{ttW7u9LclN2NXW&RZU5$Wl3_K!*_Zc<Uxjo!csIXwj!cr(~MkmpLzQ<ds
zqpn)p(4eLNbN%jPtoLo^J;%!XwxWdw;<XWhnUj+$p5c00Yck0(6i+wkH@pYbX0cA0
z%Mi}-zL?uu(f$jrGM9F}1hDt^GaPqG?8L`cKR<XrrHsAu;xo`Ij1>7}qK?BovSPrz
zeR=juddE^sK`!E(Zr^|d2HkV=?WfpxHNO9Xri1GU!=Gzvv73q8#>SrnTqOkkGUCRh
zRBUih9O=l?1$OFrffvT<ssxx?8odjb357<ygm%U5({u%lIPO+j^81q^y8|X>=6S~h
z){fOt{(d6HilY;rKQ}r0Nox6W1t@oy^ax4VcoRa4nM1T+#0|^mKG_VF+gUB7Q6r8F
zXIGT$`YC+`()c2F&<1sjbD<K^T4eFngNg0YZ<@)m1~Gr-n#c9KwYUT?=Z5|UPwW3)
zkMF4`UCh7FlzFhTj5^M5OI~;u7~C9|TV}Z7A6`*;@V}<+RCSSH!9TtTNG@GV<g&e3
z@vX<j=nlC(9qrGUr>&E=?~Wm=-9r;qxW!x?rm43^h3Z=6M9J96KieT%ru`Jmvk)Me
ztT@>=B#(-m4efKEdne+mA$He)I~~Juua>{%b}c^}?d#b2laKe=bPDu$1>=U{thg|n
z!ZwKo?O%1wIssPN>Z~|-3jUs$xAZO>>5sHW-R6EE+4?K!&b&GWd?)5NZ!W<MYdT8h
z$rnW4rIJuHyh9xw@5c=@->8GyNua|HT&{oYG>)XFckK}puvG7f)RDIZluM^=)VJB-
z=P*3P5zkKZeu-O~aclWD*68>vAKggU3So=>Nq0cjv(q*&oa%BBPT1gHZ}pQFeFyc<
zQA8H~u(^AMq?jij@&BYWwL+^9D|zk}<;q9B_K20bJ8hlJM29&xhu#x|%`e6fo%6^<
zb5wC#9_PtPaQVXU#6-$D9pGsS=u^>h8IGNc>FvkPtP~@61m>-7%fr)s4f-_2sY9%s
z(V_6=S0-@p5yfWG^<Kf785iA_n2QDOMltBZSWrHLB}0f}vCS$$D@?^j(wEE2$gpgc
ziT|<imcXSkJK}F&7>y)%b&dXDYn+r+ZWN{qK9Au*jaotI@9T5c_O+gBVPc#S$Gf@E
z{g12)EC)Dvp^p_P+=#GI60)ibaYC|un<j)o80JU3&kcGo7K4wR&-yD>ee~{_k%{3k
zPeN5KRR6H$zRM*XkkxYx!n92Kz~7=ul#ajXk_qh^O?7DP=^jlTH(YylV<56>=x!yG
zRru(s2C;Wr7atpWSkiKVMb*^zvQYz=fhE=aNUsbH@vzdU6FxSJc>$>VdR!aqUfN(@
zeWa(tEZT6IQ8}wsW_8}PTw8#*)UKJMj)^UqHt*s1DQ695JkHv2|G_5Z9^Ps<Q5<hr
zj~p9mBe}YSnluRG<;gYhQHLsW%4Rrgjl#@GLxawL3Po5G)n51Hn3vops%Or4zDPOF
zA>By7J2R4?J&eYpj@wuCwe$L8HIHNe3fANi#eZZeyfQc%a;q#W8b-omL6hf)j>SwS
zx=IFrt&}VbTnc-5ueLquEooh!?d-$}RCx_>ix&<>EctvrOYp9|mwtSp670F~dd>B7
z=BuhRQ*vVJN!9uLF%ye+{H)i8FJCY8PyE?evt=Y^FBwYW$h#`E>gM)_Ux|1{5xh`f
z&BBT^Wx(;RAIUrhbVbQ~H<goOBPO4}eKVZ!#p2IQ_vb?Byj(Ot4Jad(T{v{#U{UUl
om-zSs$Nq`2Bw433AjMNdXH%N@VG1C9_(%kVcMZuwlo+7@1E7HDLjV8(

literal 0
HcmV?d00001

diff --git a/assets/rancher-eks-operator-crd/rancher-eks-operator-crd-103.5.0+up1.3.5.tgz b/assets/rancher-eks-operator-crd/rancher-eks-operator-crd-103.5.0+up1.3.5.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..41d009572651ec7d7e407d12e76b084f5023a25b
GIT binary patch
literal 1210
zcmV;r1V#HFiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PI;`QzJJF=XpPc=U&@{%@LrJx0`V7FxS$X3*}w$ij5nu?Mika
z*Xeif?4LkLb|H`@2Ml^)u)O+7TIsj4Ltx|tse@DQSce4OQb$s<Kb!#h?i@0`x2?o+
z93S=j#osuNSO3OG2k~C7e{}pYK0NLpAMM4xqqujlC*rM<H;}*{XfNIxYc;r6B4CX5
z;FUEzh=h>fLEE$|!F!EeW%nhLSC<Ntfv9SwcH2ZH37UcU;3?pT+ARh$WCs!lqFn6o
zoIPf>n=KE7Rwi86Y8_IhJa=w({d}cNVz0P%H=#yg?BovIM6p)!5jb^$#LAk1n0<`E
zxto7`-GlC7lpsq|&KFCczl_A6)#G9q*xT$IvJE8h1TU3QMNXp!FlRRi@j>^n8~+qs
ziM6Zu-`M{iGpE5L?@LN}D<ZhR|9gl1UVo+kkB@u3_x|67EEhdEh1VWU{vUUzzi{3>
zvtBe+CK)u=c$A@s1U%&Yu|g+8Oi*WCp6pZgT*q0h<a{8eh%OSM><^r>)PX&cwB}N!
z+{G#1c5uWFWo|De8(gt{Nm&}H@Je4le;Ex+d&9zBp>jG9=o+v>%M(lf?AB1H*e6S!
zGHK92>(53)I6_96;a_HI?3MXdp-y-pE<rO!La?+B2jXl&en})m)%68Zr%J)BS3=1N
zW>C5ygmq{>eLcN67~NUULGxzyYT<1ui!|Lz{k~ivgYVW12@^D4fgYhG^sBpsFhOe=
zYaEE2+1J#5o=3-?lu1{ViDIW=o=4uMSse3lbb3N+hV(?cV{0{nS<$M@S@M{y8@=zT
zX~ti0-e!Q)Fh(-ykr$oWqH%50RGIXA?$%2}2<0)WS$+`kUdRpI1tOTQ=!{M9x4h>c
z<7;!xmy#eW!eper*VN^P;oiEfjK{PXifWJ)Pj>)=^5cjnwN?0NoQ5};OX@-k0QFr|
zipn6x)0zfsGYn<egOQlG!1E$$7^7||LLneYiti`ruMZUL#vX0p)1zXu<G)e*hS-9U
zlk;jw+$xU`^=mGwu_!i%5u2r_8cBABHf!SeCj;I`6&t+S46b*;S(!3BK*_%!->iP-
zKF?8#$+UjdX%mX@pMdN~&id1e#~Qn)B~o5Y?&pxcQ7+@9Y&Hx=r8JHlKQOMkv8f6x
zj1BrX5{!Sd)fX7)q&hxtiE@v(4}50Y0Li&2AFS&zI(JF3@c_|~rzamE9H|+2{3IoE
zO-*cZT6AHom3(Hyqk?%~!9k5MZTX<e#eD>SHj?J$m1~<xW|V=HpFjF=`GfMyNHZlH
zW|=LL-1LcfY4O+7|E9#h1E*_<t3kmYeBe#5=`KO(K==nTL)z-QPthQO$K<SWNPfEU
z3=E{0{C?+@czW{e5En}~t9RvP*NPAZ{gtI@d3{{+ew*2H6X15K<Fzs9tD(A;Qa-mQ
zsIl&j<)wK(Q{)5av$B%gE4JFMSz9cAgh`fcv$vFU=F&<SFHW;Jd8_DH{QKX|esg`7
YcX^k0c?t4=00030|6vS-qW~rV06rL1EC2ui

literal 0
HcmV?d00001

diff --git a/assets/rancher-eks-operator/rancher-eks-operator-103.5.0+up1.3.5.tgz b/assets/rancher-eks-operator/rancher-eks-operator-103.5.0+up1.3.5.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..a64f6a433840cf301a8cd42a93d4a0b2c352dc57
GIT binary patch
literal 2040
zcmV<U2M72ciwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PGrTZ`;T*pZO~W@)d5cAw@lGr$kdAb%I`TceY`t*9M0mSS?55
zRx2)VXDP?k>Ax4dq$rZ6E!UUYEl%@A)N*!S+<B6kr946H<D7hzp=L(u{%OLr32xXz
zzW5RlhGBR-9=qQ#4BNkh@hE&T7$2Vu!=sb&$>>EmI2w)zFChFP+;>1uhUpjKFXq)&
z?*9Z>nkvJLP$@+o0B43tH48X1Mq(gTpXEmRA|=D5jG*hd_*}=Y7tHXalK@9;#8hBh
z?e0WNL>yxpLC@$Mdz~ore1iTGH3^kQaQLU!FbIaDAoN4{qrLoty*%vPnz98_#yCb$
zEc$dq1{a;kiXxCA%|CbE%}_6dA-}?Uc`eddT~jx<R!b2h`Lm^t0O!PIP6jns=~T=p
zz&X{hmxE3s8>=^T9|o^V)rY}7nroEE2z_gT?&sIJjkwA%f(1+23>TOhk7eSA4gclP
zV_8=H9R#D`$cvG<7MXENZ{Qo03*a`Az*K2)hOp=&ox!_rub?ypd5N-;CB|eF_4_kn
zl6(?ywb-cLZwPyj9;9;3ks{B3Fty5}gK!ia1>x`WtWf5;{qm`xGyX4`%#prW0@xA%
z!;`_V9siHQef)nCm`OEZvJCx3qP+qrg5z79vRs-=oCz}eCW2ni^Kee*<vFpqV!>wR
zCXJaQVU)$}bT*4**err&;bWfl(hIFV7o?rfZvUogd(Gll*to*vdu^jeeENnWm@-M|
z9UQ=!iV-B6prj(!s2CWLn58aq9UQ<VPPZY(<`JEuL9&r9R-F1dq4sCFh_Rol7=1#C
z+;Z%D2M3;Ax^gQ@N3dF3ir)z`pr&B&fng#w1V({T(rSzFTa7>ELL<Sq6+3V#>-cwG
ziRH2`{P@wc1TVBuT9}(t$%xL_0!tMzwsd36q`I-{1YXw0bT)e2^Y8S3gNsZugVaAe
zfB)_(FrUpYIb*y0e>iIU|MAIqxcC33fDbB%ge|c=VD_*j2$#jFaCy3N-zwd&RuB{|
z!kelHfc4sYTQ30KCxWWI+w4!x+&|T7VOLIzg;Q4*!RaLhznTpEys*RnKP4zL)D)QP
z@uk47{%<fkYWe@k@#uK(|4#v{RsU;PibVv32Bt!yxykVL!kUFA7{S;5_1g1RD<5K<
ziWH$&6bGN;qB{7b%krQH{(9{Y#T0@ciW0IYFE)KeXIW8g%d|+%6nej*e(zBPP!d*u
zdRuugjc;9hR&np|Md!AOM{q5q1Qy3oDpw?SS5vrF&t-dhY3mV~pj6l8axI_RWPPpl
zTq+h5aFt7o3d9qPb6F&FlPJPEMbBBeZe(}UceO~3c%hRIbF_6)y<@c<vn$)9a<5&$
z=@hw%pm(OOO8$0v<L43d-u;v_*=t*-Qw%B#phAXb4Ylo<8<d{=aPMI!?1=xRV`wGu
z@$KNQ`tSI-HUAriN8_V?{C^6Vi!_d)EWa+5#KxRQPZ$qaZW5)%zg!3k=C7!nR4vf3
zm>FifzhWxW>h|s&y6Ie^8#nsEGVvF!^33)@hld}_MshRBfgcYExkf|fttIM-Tb`jg
zd<lnAko)BtnL&GX%?wW*c8hpp($>Z4)^KhI&peC2JkLHEX7XFCOI{zpcu0M?|4&33
zi*)vgFtE%2$K&Ic{|^V@zW;j?c(AwM3KV}X&O=8Scz7I85-)LTcW&I~9w|J4+tI2s
z^iV$eCvxK^!Nry<)Jwtf4d*IP&3_!Qp8F~N_h5(r*Tzndp9b&n|M6hh_Wy8nJlgyJ
zQ$XGSS(ee()!$Z+{*FvvWUL4I4`s;hW{sH?oKXY=4`9<#6ysy}2Jt&L#4Q#8=2(9#
zS9L8oCl6qANXy+d5iQ6Dp&g_EHUe5`O?y`$QZDoOu5KuRpCJ`#jH!WFaJvPrlPhk6
zQ6Jbsc4PbuZCbXSTCYpt8k6HYWNS2xyTq%vuAS1=5q1bijVOE86=E&4B)B!s-V*GZ
zbgx!-Zd|W>H5M(=c<yjjYVfn!9*ilKd1nxYC)KLX(>L@tLfu&BDm6@`sH=nJcPEkp
zigzP$Xl+^^)_bNWU%`64TESNv?P@Pt0!Jy>zF>j%I=Ua%uo<k^hfP^7aw#vA6#OQF
zzfRATxzI@H@?im(F1ME1==RO~_ZOcoF3<n*p}JMg8dj_7F;*{gwnlH#xOyNFx|7P;
z`2$Fl?~OW+de>W|I-7&WV}yl0#N_7T+nr$dh!o7Vf=n`wwHUKhGGE~LZd+87(NcEf
z@K|W)<ToG))OCt6Ol};52IHJi11aF2G$xD^H%}r+P-9Rd>lYGUFq1^kN5iXE+(fd^
znZK1f$lRw6TPW;lB>4?IzfhrpO8KN<aX&?kEIv==O$0{gxKn$rl<^A_)HRJ2QhI2d
z#!lgvElQKzID>K2#?rAk_IYqd2t}7<RVqI^;kJmeXq-ujv3qa{!ZbIzMo@ZV{`0H*
z4V%qH-`F$Lw-#2K{x{59kfYl!`vA^GU)?;WWl;KF#TY?24#TFTZpT?S1FsQtpS!Br
z!$V<5{a<EuR%G-?_5i#3|G}tT{||<P{rvAqpz&4Lru1)h%kA?2jt}WNDxv4rZV!9d
W!yfi<7yLT_0RR7+E-w54FaQAH8uXq3

literal 0
HcmV?d00001

diff --git a/assets/rancher-gke-operator-crd/rancher-gke-operator-crd-103.5.0+up1.2.5.tgz b/assets/rancher-gke-operator-crd/rancher-gke-operator-crd-103.5.0+up1.2.5.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..0cf2a64f88b5b94ac393d1e0efffc7079478b19b
GIT binary patch
literal 1413
zcmV;01$z1)iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PI>_bK*7^&NaV6v$yXHF`ExM+-2ExC$nwJEZyz(K{^-}S<*-{
z3ESy^@5ll|h`)jjo$ln^WU%D(9G#EH$Hy@s=^RZrUSL;gG~kr!Qp3(ib1<&Af<&A(
zl_-j$>&wgRZxluQf1~S*=&XNvJ$N5o4X*l^XHoxZFo@1b)EK#jq}G8siyC9?AMQUQ
zAf<BPxRQ3*A%ubhq2e9|=LGh+I;UtHpK)YEvd)#<ZF9~T${~5@Op5Pvw@66PYM?kI
z;bPaWtivRCv$8`XxJ(~&S2dc1JKNpv`u_u$Og-4#-3A4M#jZDCdx{qs-vQ0Pp|M=a
zAz8lffY#fe{oecDRfnOahHIBy`t<ph{I<TGj8f}V@&&C*4aJW*<C14S?Nnecw+PWi
z@2VI5FVz9-RPisYe}{<{;Lx5^!)zlWD6jwi;QD&M{s-5Ci?{keh3qChXpWB#rT=An
zi=V77o@KwY;F1jsbG(zF0|pK}f9%l-A#)T-&(6=y`o6AKg45NIED&{vkWe4-0;x!?
zLqnCE@!0m_1wK`9$7-ZrUu;yWv+X;JLCG2~*!t=7?I`FQW%{xuEm8v_2P|8)b7kE9
zlcH|6kA^ia<5Ylod2fdhZP21w;#awl>Oua@Q7}6sGY}R#gjlLH4$1w7{8)#Ob=7A`
z-L(sr{QyPhm_RUr5T#MxjPJf(OrBl#puSig-&h-D<EAIc-{)n0j2p(bvDy`x3IS7r
zL*fbj#d5LUEa=Mc?@BrlW5sS#rz{1*Wt_K{5V!IUnkpp_WS%zX^e+n72M{3X!D=MB
z2W1xHEdN4U9HJ<!s_CCdUA{~2^zw4VnR&HSgKFyxmvO#opG9q|-F>39s1~Ka?{hju
zBhjI~5qb^>0_4XbRw@=aGRROm4q}4TplkCCJkiQHWG{7=*~RsZ5Q=6D7&5Kp(%Q?h
z4?@vJei~Q6R2+W?Yl2is24?jIWQ_SK*b<;Ya5zb)>smdq&=tdz_{Y;er)W<KcDiWT
zZ5)n?l3KjeH-dxBPxuCWyx0=Zrp0NI9|TNM<X8-hWo;3NacLn}dal%Owd~Gy%7&eC
zjN%THf6G=d239Xjjbkq3Nyz**gO>o84kbv6e`GI??JCb2tJGy}5VHGFL~S=&bi+6W
zWm6c<YSnuH#an6-K#&R=2*SA40#?O*(>`cPsniB5PGPd`hH@GS(uCX+CAm}PIQ3EZ
z{B5i<G)1>XE@{vb`p5oQsXR_DEQP8vfU0+wnz>k~+)C3VNLA+(B!S0!#c-rjnbQ&P
zYx6`HXG6ULZCtjdt+Li=$!l4Qu4ddWCj2{onl|^3*Y&&Kc`}mZ3B-6>$f9QFN$R#e
z2Uu9s##f)YBoE2DQ4$l&+NvX<b1qLDHwCGiPpH!6!6<DNUTN2{qE+;C4WbQVq8<18
z8WX64_y>2F^ZjqrGuC0+AUK;LEv=y-ukaeF?>R3E%o)U-4t@zDElteh8c>VxT1~M^
z#O&h%h|1QYmQB?RoPdNF6Kn`nC*^(5_yslaoB{B@$yH3`b$!*b0oIt-DkGA><5)2}
zQqnr(`QgYRktHvAuYf2?|7FqCr#+BTuO2-3(1tI;;j>RzEl&@^+r~Hm-AblaVZ^Jl
z>zOKF&<D-&Hgl5`3{y*jrj7Df?>@Hq>T57=dH85cM&yTU{jOw-Q-lI9TL&(+b-z;1
zfQ!`NuV^jAt&TYK9PF`A`{H8up_uLHwoVy;u$?REbn~rz>y5R~$X|b-?EgaE<W1h>
T$CrNs00960rk1=r04e|g9Yeeg

literal 0
HcmV?d00001

diff --git a/assets/rancher-gke-operator/rancher-gke-operator-103.5.0+up1.2.5.tgz b/assets/rancher-gke-operator/rancher-gke-operator-103.5.0+up1.2.5.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..b5f6b95472b613dcadc91376bea15f848648650b
GIT binary patch
literal 2075
zcmV+$2;}!4iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PGrnZ`-)Ff9q2`I5%XwRkG|jNhhoWy0o|(?k)+E?zZAk6g2fL
zai&EbALTT2{oMyrvTP|zoaM4)+xh(yg?fCy#P^fdEaNF^KbfMha@5Qy-9Jg0Ho-NU
z$rq0SVHk!-qmla?hGF~fU~~|^7>tgNhvDJz;b8b892^b@$1fm!6z*G~Aj9;F@E7xH
zEB8MFEX$N(MyQM;4}denq)GzLjFA`!)n|oKzR1WhDI@4QE<V@s>lrgV?Igfa8!-_W
z*SkB>QW3|PMbI<4z+NZHv>2m5M@>Ry5$ylzH4K8`K@j>O{Lw!C!9MPHZq3*XDQ6rb
zC>MRYCWEt1WJM83krkgi-{z=i!jNBMy}S}xtgfgVTdTQ<k^E$?BS@ymWkCitSJ^})
z6eLsJz@85}iL9*N(0v%Zs#G5acWACrA|v#z1-idq=QiRh#|UODV+qbMGak#uk1PK3
zp~v#P{&x@zgF`Py;#%a!ExmznQO<zdNCFe3!5PA$i!6a}zIz9iA;?RWl`J(Tr>Ngg
zgh`8Wz}0M}cE2I)9eR)|G)Ia&|K8MUiw?qr;4lb(U*x4S&+V5_1)cGK&SZh~XbE6T
z{11;02JQGiItq93|0y7mYRqI6`i(^U1W*RYw>V*iG#8i%GWt4#UeEKADV|m5#Nvt>
zOR7y8b49`^i`nUH7Rj(Af_dp<05Oh>B!UT(gq~-e_FSvaB`4>?>whz~er9njY?xv4
zy|zIlK6yhcDtmiys$vAm#we)_Jt_u9B$CVpvb{aHz{xt|*tDWEG)Ok^#fnqEAnOu^
zh_Rok7=1#C+;Z%DdwZT;x^yc_N3d90ir)(|peA77fng#u1V({T(khSeTa7;#LL<R<
zH9K$_?C5u1h2@ek{PfYY1kbflTA1q-$%szb3@a5dwsd36rMkB21YX|8bT+!@_wV$7
zgR@*RgVaAgd;jh-FrUpYIb+-We|Ru#`M-VM`TtYE2US4I=2)F5d%9ADi}F;sJYBnQ
zo$eP42+9`WO<e@Qa_PO@ECAl8g6h5N>`%?yKhbJtS5C@>6IT_%$pr<!nhgBBu*LsB
zr6_aM6qx+srNFlSZ*Xwf^8e$b!D#3IPXUWX|7)0wSp<XzCPJdQ&hhoknuVtr!Poue
z((@JzA7Y${453#R2cP1yI{2ik@}LL)a_JDo1cD#S60$5WR((ZhSy6AxwaCl_dcUE5
z??D7m64w9p*79H$-+1<{;@;oN&TSQs;7UjdERLa4uFT}Fh;Xf*OYij379cQ2sjjN!
zjRbD9^Oe$5saQ<FRUs`Z5Kl2KWSPB9st7kJdd|w5Ms_cKSA1*`FLm-^inb8i>{xBb
z?8^42+G`hZGC^)4=$)#|ioac6`FRArcRv?Q_S%-|6oaaYr<9>tG_5=42Bqgd+&kC`
zTjGD^7+OhucssbQ{yREq&Hsks;qYJ=|DOV;B8wxa%C8G0u`%b-W5xqkm{e);PZxrM
z=_{%xRWmd!W`^1Bubj%Xy1iS6Zn}`@#*IF(TzsQdk=w>+fB$3ENUkP1@Y6ma*J!AE
zHAg*m%L$tOm#{AdxxZW^GiaZ#nBl3zZV_)x+PXO17|w0sS>*BK^X!vhrnten;`Q;-
zL+btge=M?CWXS`<z&8IMjgDIWKMZ&CpQnL)d;5(*@#pe9bcBKX#{nhr0w;Fo%5CnD
z!UMP&tvW*w72|&(H*OMKZn;D~7aZSku8Pe3+X3sjztVpWw)p?Xoay1y;4S_?8jg<J
z`Tt;axby#~fKC5rc}{Cre_Mb0TQYr_vF_zRlq0vBHRe)qMiC4=fK^9Pj*s09;`eT9
zTP^@J?#9+#OER^7zdEGV?hO$w$OfS;qySa|T4;@T7a%e&i}<!~D1a}Ji7dv<z$>`f
z0&kKlUxQH}*i3d~e1SGC+fFT)m2izw@h!478pdtnZMLqR(rqGa5sn&B_OvU+T4+gd
zV}89R*frW-EN<PnT=q6tv_#{D!&RBV&t`ovCRF8}K^Pv_tGdYE&|e94W1XwaFp;6I
z50(#i-m8{S-jTq*wQY51@0g-|1<U1P0bkV<koAR2;3x&_ixyZeqq}hpOJKR&Z_09B
zNO`WL;MWoSWpb*_xkf^l7fWC|v1Mn^cNa9T7Ypd(;9kO)dRXEvU|_lIeXI##HeZ{1
zWvp-Czd!$UesT8q5A~~hc(K8%z7AS{#U_o*dlI2rshpnOgG6=n)Zsf__fVT`_8O-j
zX4Wgn4cON^!R`?mm@5UjWE?kw)?CSAhCjG%(T0qcvYW5RLc6GO4T3;jWf;Tw+A(M_
zE(kS{0{%&3$|!XMDuNU>1{-AkQo?g)(g^x!cztJ1B>SBCYpH|W{dQsvr9F)#zk%nM
zDl|~37?&*Wrl^s{XPLZ?z~}<EYOj?terbYDO=E?W?Hi}DQ}|_z(zr0rU>vovbS#ej
z9-I+E*>+i#s$a2iTNPO}&ZNZHeYg~1QkX&`D7`ZO+2!4a&8MPo?3w9X3oA|k9p){`
z(M^}V2j{X;ZywVsGW?)oj369^VN+7K<FuQB*9hXzT_*kC!j}5K%IK`j=nw1xw)Ovm
zgLeNv7##2Be@_C9Uv;fY|5mr$F8^=&AzepH{oLB^U<W(c!47VNe+2*l|Nohdr#b*I
F002$V3T6NR

literal 0
HcmV?d00001

diff --git a/assets/rancher-webhook/rancher-webhook-103.0.10+up0.4.11.tgz b/assets/rancher-webhook/rancher-webhook-103.0.10+up0.4.11.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..ba41e222cd46b34fe7947747254edfd7e10e0ae3
GIT binary patch
literal 2801
zcmV<N3J&!jiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PH($Z`(MN{j6UxaPH6#SIM&DIIVDdfY;6L6=>Wb3A%W&SY&Bw
zY;#MIDoHu(P4nL$kb1Es%W<~}obCh9msot68Ito#P9)*s0;PM4(}fV9y5j|r+FOyB
zy?8S4ecvAr2KKM-`^~>S-ygo{4Th)vlR@v~bnwFO4f@057vMh~3)>-8n#dRaqiHo4
z_YVQWxzI#Y!ByY@ghUf2=3Yp&X6RAT4N+=3qZkE{%S!981&t!)0d%xXvC}%_Q#wU=
ziBeI)19<s=KS0mxAA7#*!~dF}Z_Lk^ty4LPQ6(hA0J26`t(3;Nb+AwYFv`<ETYD3f
zG1bZ~N4>hGJQBC6b#$Q~HMaZS>zwPp_W;up84`uAVZPkFLeU(O(2oVuW#1u5Qhxg0
z!0Yv#2vsO)qHWtp!e~S^<?~S#Q)LGJl3{|GkZ_q{2fa#AIqek7HT3*r&-Z%%|D;Jy
z>ba%x0M7+Y`@bYCMfJ1}V3++rIqo&>|4Dyvu>bo28k0F1%P%nzifSQOrRC^0EeL=n
z^8l8))c~-wFH*)X1f$_9fOoTr&=(RFa_u;CCZ>etenm4&2Ou-uZ*fLarY~_$l{Q2>
z#%nBu(i7CTLVgNhMwmj!iNn}TL{6s6xFO?V9OnqMU??-!Wo@8dAmp4vgb5R?7`gV~
z3K14sCo1S#A0#<yRK`L_B2?W_@DLNNx++{?lrqZaE-q<k5O+19T)Tuv?wVTHQj3K|
zpnN8r3LgRd`kTW=gjdKg)ItVuckehyM{psjkW{b6j3_lBF#=JF&N)V)MU`DAX^ym8
z;~YUEq|Rq4xLwe2ku_-nsY1A2AP1RpPWgPp_M3qLycrCR4W<hsNsJn0ws9oY3*?%H
z*1y<&w7!}oRH0m=^c*w99KsQdM{RTJ;~``exdszEC=cGv0OLfjUX|^Fa}2YSyQPc)
z7aFEmMT(JU$(^Ulc1?-G;lM>6iYV*LaE(W~<Q&0>F>%YN(jaCqo@8tLO2!CZ*+$6E
zWV*83Fdji7#gaxC0p%shjA_GgXhbLDhZyo0jVGBDJhx(hB{c27#yDX_qw3x)kR>RU
zr;|szf*tnXKRxL;?Ei2$JUQ6^eZbwF3lYvJN9bgR`6kLN^Nq|+a|hh}d&dl<Gw?oU
z0YYZli)gpiq?gkYNx7au=f73A^GyhlDJ(xaYkrVN8^4|EiW<`GF)~G_G6W<^He=)h
zQxlQR6kKE3D~=#X<iaO3{;QgS7>i^>sUV+g8gMqlPzTVNh^x%k*i1<z2A}a2owLs=
zVV&*ksj#7P50mjw_iO76sDi2e{I~0W#V0*78r-4(gQ0)g(ErmxuYb`0eSi^=|1y3T
zf*(rVwBKJKHv|yTP=nQ&b;?STM0J-v=M&{o0B=iKabnaYBAS?Jp*;^(35KS(kl-vT
zjEN2x@2!4j4FIhg3Q&k>KCeR00IQ+ciUgow!$5A_>_&K{m%qQyyO)BcF_uW(d|}x@
zHzXx7g`q^fCSJ5mTE|z6O^uC)iLAuL>!Gzk*+#@$a5kdRJD@ydX|&Clc<=={<&lY!
zUT@{BiWIB?1}*+YV%9$53$$abF<J|wxA0lBy;W9+TUo7U39Xz~2b7EsA7C^T+@u94
zD*}OhxjywmKCZ4u=NA=OC>+AwT|rxE5-0cfosFqylhKdw&u-4g=MT=0!`RF7qBbn!
z(e?HFvzv<#m)DzU)>v#7u~v7JCBPT>oC=NQqSr_#qw}+?i_!S3iSj2Y;;QHa%qX(x
z5@+?+y#0dcMNq1*S6=azV{1yej;^7Fr_uZOAAUJ|do!L~Z7%fX-5vZPD2L9gP8+tD
zHHx*P&NJK$M`3p!2$VdyzrVXHMaxe1)|oZj-v=Arn#^lVv>VMDKh=!8vw^TN1ger@
zj#_O>s!fk8J6DSMh0Pl)B-&)9vR%fR>NL5KVv5yMHw1pJTSkDyN<gQ(K*IFmuTH(w
zQtnvJ>OCe;w^{N3UteEbRr_XyvQ*;rLZVs-76mZ$E8Pi7Dxxb41&>q!CuJ9-OXR53
zGqJsuuN`iwa7^bS<!z_B>7M{%Gd5Gbu8x!Lr`M{GF*nPRyKU1XlIR0xtD3KARhWkP
z4M{RV{Uhbk70M+Iu_i4TruM2saE*V~wmBpTnNmhIMOEK^5=Hd}7ba)dH$T3cyuG<P
zyZrdBVwpDhQyCMZFf{uxc|g?~>)5!JS>tTGu&Ef=X75@ZE8IO>{I@;+ms1ix%{}n0
z{C}`<|2ym*`-k{{A5e|y?TH&(BP9LHMnvAH*EXRn1N|{el}33f7#f|XeEt;yzZ4Af
zD1apNXDQO;0b&lo2CWixn6<eiiYa$gI{gDfWBS~D&Q(pnw{n!V=P!zPciv_8ROd~K
z)@|wXe;jPr|15KP3Jb7H|Bw48P5nRV9rS-M@OSe6t>H-RExYFw)*vKan1_#>a|(Sm
zLe^qKszJ!s*MGfAFn|vU`JAHjJ$Tc99z3M~)|5Vh0obYkLx1!B|8W1e7pS?-rXufl
z?GGqtalclkoNk^R4F<<H0M<m#QU9F`Gm%1zP_O{5$Jxb7J$<d;D7N1GJ@<ZpZ?IGU
zNft^y#tiI?|NX}MU*GQ^AL>8$0u7CCjiPs(0oQe#w&U9{xhjoJ2GA%=EDA_$(MGi_
zu5&fYOCdtSVTwTG1f>$3=&Z70x=M&rO){{|%jpE~JogDaFKpNU;>~mq{{LjK>HiP)
zzk7k&n_f{_nqO$QUjeKuQS$=SvEVa0PqX3MReW6;yJ0TAj_`S^A4m4N_xgK;P5oC|
zbuZ6GZ_m%XIC>HqJN^G@Q~w92!_$NQ?*p8pBVZyV3?f{DIep6KK)KQ~%_{U9=Yw^&
z&<o(FlrabwL~0nn1DSHTrFsFxzMvGBbB^=-@4rupS~y-ebJePA=csN-!E}}=`vF{|
z(gu?PGAD+vExgNU2+mfpMt5ZSB8=G~3uG}QES*yhGb)t^x7JpSElNM<R4>x07mB!R
zhPf%H+N`(!<;|&f3^lVKZoz(ih+1Tec<!@%3TW5=b?wiMUGd{$fF1gOd^$L8*8dE9
zhx)(0fJ&*xTnj5zJY^V|CGL${FvqcClJ!v?fLe%@MW9euDzLNs-KO)|e-&g|xl&kp
zgLVNwr&*17{e4v>7<vU8p8Z-EUi|9+X735?kJ@AP=JWrX;=aKU%g3s3poe_fcp*pL
zco}}E>SA5KVHoN-ZF`p{k<D9*Jxq!Psr4Ilc8AhG?!9@Q?JOyOFWYGt+T2bqwB6F`
zJ2FgHg;;v+n@80oW#6)UjhF1!)8$QeY{mZO136Xpk=<*a{Km-2WBkTS9&s{_wRlyY
zJrYGN$F}(bzwJEoQaTW_R=iL-nn#~ZPU73AW-PUy;dqo4FXe|f9)U=*(lH{@jA$NO
z?cF12{2PNCVyR+{x}<6~NBw^oDjk1_r#Suke(li4w&IYsx<}Yi`}imctsT=N*#5?1
zm@VZn`!R>@rEaA;tjo$PBOwp^|MvJVzx#cP;O{H)zmwyQ`fvaAaR0LxsK$TAD^Mf&
zt3CwoE%GbFk@YLlmeB5@Kq{O3<Z;wjF=tUf_wgR!00%h0R`_=S00960i{p<f07d`+
DHKK0S

literal 0
HcmV?d00001

diff --git a/assets/system-upgrade-controller/system-upgrade-controller-103.0.2+up0.6.1.tgz b/assets/system-upgrade-controller/system-upgrade-controller-103.0.2+up0.6.1.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..7d41e76d26a5eca5f8558b127e0b9095d75d2a0a
GIT binary patch
literal 2137
zcmV-f2&VTRiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PI?AZ{j-kpV#>m7JvOU((ERLhqg1(-jyiOUhbt70j)Gzt&m9$
z;H_i(+72^pZ@>F0Pe5o0l$mMw-sQXjl4Jjl?epk^S}F~`8Hkz09+)m?T5?K3mYZ`d
zwY9`PefN!I+qQjPuScJ@ZEt^8>bCu^Qa?XGyQrL3>u2xm%6YAJ{tnsS3Va9!N@MxX
z{${N0#r;7DGsZR6gfrzB2)S5e%4e2~wWeSZUUorhG9}<SNMh#BLFTf}iRS@xP)W-G
zO1Uf#!34|&NJThv(EGptgeq3GX4$5V{uX}y6n=f5JCtD`l)x@HD1K<hdYjA4m4hf@
z!Pnfk0;Es0GFM!G{X&?>zo=a9WXV~vtJcRv>Z(;Bv;+!Rff)+#pq++hU_tKF=@%6P
z3$gxbTa}tsH#|_TBtl0IuYrNY6p26zt^lp4LYgBVKR^P8C@g@YKzLY#3STnrfwGJ_
z4<(vwEtFF(&xoD}6U*g(y4-RitQ)!jRi02jDSNOm7gg(HIeD1w%tKA3i;_lo#P@k8
z{NC8N3yKHQ1?3p#j}UBieigfB*;e&0fv~M}t75#h{k=8q_Wuh^15n>10POMqcJ2IP
z+y9^27bpM!8Z@JPf@$LVHHGjSO3btcQyfq|fEiI*E*(@VMQ?=?F&jd_@Pvl3A$0qO
z5s$lzm8rSXrI4HWc$UmAL2yMh52xHR>>S4sj?j3vc7~CcaWy?))`W9oj>sX^{^!kp
zMZ4`^gD+?pILhNWPytd|S{&sH_S*l&R{mGDFHZU2>(Jw4`2$)I-$4pAni2|nDc~nR
z+!l8Z4*F1jdNPd1M-zE4B@9q0R++IEdxx=1+(QYOPfrmenIh{xjvldlNt2>nx3U^0
zBw>1rO8>9QrK2VQs$lh_w3Y{$_w4&y@B4oX9b*434U`5cIfV&f9$~YWWd-}}zkXKV
zvj1AuuAJ=uHE6T=kQ3}$IM8!0$-kqT(0cf&!ct~YF&+r>9Mp_eVZbR|#;RcWps|NF
z4x@0K<QHW5p$-jT8uDU6t|bpd0j`12GuRbMqLn80e8LPBO#TI~j*3__88rmCATBgq
zmj_HoNx;4;B<0C1HsAWJegqw4|C~+9%*W!$VqlN`S1T81TlQb6p4lh+e+}BYd`QeK
zI`A7Ta*TVY!kDp|7zGBD&NTcy9JO!8cm3-@qtzZaZ+oM`ZMWMVj9cx?yK4tMKCTjg
z9VJBzCczB-j*=_{m8O^~D52lcZvoeUo}LPEMn4bQjn?oGq|sag_S7a;wHW7@+skpI
zIqKZE$E|jw)$R1!<6*mb+baV6g-;r;CJSf*_9$U61edcc?kC&ck9^r^{(5_LHSTt9
zI-^3oOYA=I>9k9HqBAg`_M>!e8rSV{|E}8|_iwwM=I27BPFSY(14{dx5_h=?)|vLW
z?n_X>^nTc1?=IWTQ8$K<AX7J0ke6EM>1ji_q$sqa+R<8<jp*sg*~zByY^PBDLFc~H
zZC|%rg`3cqWI-s*z}sAZbYHr6-J?-ARiSa?YSbQ#uR6WX@aICn(Wsj!QDdq>UJ*vr
z{6+fI?>2hj`F1<K>v5+yY7g!k-QAddirIiuO4zK!G{^;}n{bsgKLhut45)uFIwbyk
zAShq@z>aJO?TP>OTJ>4{ub<aX@&7ewGyY>C)H>B~txo+VSwK<vR|4E{3I!Bg&1HOV
z=VR^8yLbXrrMHU7w3}V1^<82icB-_=)Ejb#L^CKy<DmaT3|vqO%O%nr;RPoi@+2lK
zzCBIW84{jO2_t&B24&oX#<QmgN%$=w61-L*37ZYwIe0<jNoS0&9=E@O8$@lOjgj%3
z!(>-SAbpj69hOAVHn+bD2}-5izHKtm11ud>3PYb{ph3m`v{DW)LR^5v;W45f*BzG2
z6E_j^uwuM*?=2-EVG8o7eK3>3z+Bjd+`s%}@!?jQVVP=WcOf}`Q&7wxXFcoP$lZ#f
zjWE|;(=~koGMj4$Rc!mUmgwWKpnj9JX--3ktk~uTaQiD!I@J@EDeQX()buFol48O@
zW&jSk4~Qx5G#r<4?x-yGWuV2wRvBqV!gZ4Epv}~JgAdr^N^(DYUM6zWqA$6h$<o2a
z-v-JyLOjRrqO8}rX&X7J^<3JJrUa;$D{JzukM-PH#Q-aI{{MJi<n-VF^9YfL{YLW#
z%DoDw8~h7S10QZe?N|A`4B9o7qT4Pa91+i72JM!&InvSE7X>5NZ(})fEb2M@oU3?z
zW@52h7QGbUpcau)R9ilS$jS)5(90H)4thLY?!SNz$^V5q_U139efNKMef$33uGrO6
z{{I?O*slu@KI!m>p=PsI5K)XNFDetzI4v3a+#7-$NTQc<40=)JkfzO;QvPLiS<+T6
zra1oRQ}ic;gaN!J7I;D^(IoXiCTceN<KgGw`11C4WW-LV2l@+_53A9UBkHs=zdQZr
z>bF>3)2trJfHl;ef}~=R0R;yQ!iNpEj0&1AVZqm3Zv!DHgoPBQQO85=V4SMBA(H<#
z<7-V+`cN`V(=?86;JoN^S14hGA|(x$w0W~~{br&O$zL(ze{+SI*#<{(nw1X9OzEja
zpQ70b#2MfM<Ya>_Q1FdgaZE2O-jeUv&ngDW>u*JH(JmZ@okenzEE>mIv~se=dfF^M
z^~(R$bV&TqD$2`Kfqnh|%2{nI{#R?2)BWG8P;UQkt8xCFuK(V8sV6$oiB5E)4f;<2
P00960H2ZIR05$*s%l0J@

literal 0
HcmV?d00001

diff --git a/charts/elemental-crd/103.4.0+up1.6.4/Chart.yaml b/charts/elemental-crd/103.4.0+up1.6.4/Chart.yaml
new file mode 100644
index 0000000000..b464241614
--- /dev/null
+++ b/charts/elemental-crd/103.4.0+up1.6.4/Chart.yaml
@@ -0,0 +1,11 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: cattle-elemental-system
+  catalog.cattle.io/release-name: elemental-operator-crds
+apiVersion: v2
+appVersion: 1.6.4
+description: A Helm chart for deploying Rancher Elemental Operator CRDs
+name: elemental-crd
+type: application
+version: 103.4.0+up1.6.4
diff --git a/charts/elemental-crd/103.4.0+up1.6.4/templates/crds.yaml b/charts/elemental-crd/103.4.0+up1.6.4/templates/crds.yaml
new file mode 100644
index 0000000000..10e014782f
--- /dev/null
+++ b/charts/elemental-crd/103.4.0+up1.6.4/templates/crds.yaml
@@ -0,0 +1,3743 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    app.kubernetes.io/instance: '{{ .Release.Name }}'
+    app.kubernetes.io/part-of: Elemental Operator
+    app.kubernetes.io/version: '{{ .Chart.Version }}'
+    controller-gen.kubebuilder.io/version: v0.14.0
+  labels:
+    cluster.x-k8s.io/provider: infrastructure-elemental
+    cluster.x-k8s.io/v1beta1: v1beta1
+    release-name: '{{ .Release.Name }}'
+  name: machineinventories.elemental.cattle.io
+spec:
+  group: elemental.cattle.io
+  names:
+    kind: MachineInventory
+    listKind: MachineInventoryList
+    plural: machineinventories
+    singular: machineinventory
+  scope: Namespaced
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              machineHash:
+                description: |-
+                  MachineHash the hash of the identifier used by the host to identify
+                  to the operator. This is used when the host authenticates without TPM.
+                  Both the authentication method and the identifier used to derive the hash
+                  depend upon the MachineRegistration spec.config.elemental.registration.auth value.
+                type: string
+              tpmHash:
+                description: |-
+                  TPMHash the hash of the TPM EK public key. This is used if you are
+                  using TPM2 to identifiy nodes.  You can obtain the TPM by
+                  running `rancherd get-tpm-hash` on the node. Or nodes can
+                  report their TPM hash by using the MachineRegister.
+                type: string
+            type: object
+          status:
+            properties:
+              conditions:
+                description: Conditions describe the state of the machine inventory
+                  object.
+                items:
+                  description: "Condition contains details for one aspect of the current
+                    state of this API Resource.\n---\nThis struct is intended for
+                    direct use as an array at the field path .status.conditions.  For
+                    example,\n\n\n\ttype FooStatus struct{\n\t    // Represents the
+                    observations of a foo's current state.\n\t    // Known .status.conditions.type
+                    are: \"Available\", \"Progressing\", and \"Degraded\"\n\t    //
+                    +patchMergeKey=type\n\t    // +patchStrategy=merge\n\t    // +listType=map\n\t
+                    \   // +listMapKey=type\n\t    Conditions []metav1.Condition `json:\"conditions,omitempty\"
+                    patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
+                    \   // other fields\n\t}"
+                  properties:
+                    lastTransitionTime:
+                      description: |-
+                        lastTransitionTime is the last time the condition transitioned from one status to another.
+                        This should be when the underlying condition changed.  If that is not known, then using the time when the API field changed is acceptable.
+                      format: date-time
+                      type: string
+                    message:
+                      description: |-
+                        message is a human readable message indicating details about the transition.
+                        This may be an empty string.
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      description: |-
+                        observedGeneration represents the .metadata.generation that the condition was set based upon.
+                        For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+                        with respect to the current state of the instance.
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      description: |-
+                        reason contains a programmatic identifier indicating the reason for the condition's last transition.
+                        Producers of specific condition types may define expected values and meanings for this field,
+                        and whether the values are considered a guaranteed API.
+                        The value should be a CamelCase string.
+                        This field may not be empty.
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      description: status of the condition, one of True, False, Unknown.
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      description: |-
+                        type of condition in CamelCase or in foo.example.com/CamelCase.
+                        ---
+                        Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
+                        useful (see .node.status.conditions), the ability to deconflict is important.
+                        The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+              plan:
+                description: PlanStatus reflect the status of the plan owned by the
+                  machine inventory object.
+                properties:
+                  checksum:
+                    description: Checksum checksum of the created plan.
+                    type: string
+                  secretRef:
+                    description: PlanSecretRef a reference to the created plan secret.
+                    properties:
+                      apiVersion:
+                        description: API version of the referent.
+                        type: string
+                      fieldPath:
+                        description: |-
+                          If referring to a piece of an object instead of an entire object, this string
+                          should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+                          For example, if the object reference is to a container within a pod, this would take on a value like:
+                          "spec.containers{name}" (where "name" refers to the name of the container that triggered
+                          the event) or if no container name is specified "spec.containers[2]" (container with
+                          index 2 in this pod). This syntax is chosen only to have some well-defined way of
+                          referencing a part of an object.
+                          TODO: this design is not final and this field is subject to change in the future.
+                        type: string
+                      kind:
+                        description: |-
+                          Kind of the referent.
+                          More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+                        type: string
+                      name:
+                        description: |-
+                          Name of the referent.
+                          More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                        type: string
+                      namespace:
+                        description: |-
+                          Namespace of the referent.
+                          More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+                        type: string
+                      resourceVersion:
+                        description: |-
+                          Specific resourceVersion to which this reference is made, if any.
+                          More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+                        type: string
+                      uid:
+                        description: |-
+                          UID of the referent.
+                          More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+                        type: string
+                    type: object
+                    x-kubernetes-map-type: atomic
+                  state:
+                    description: State reflect state of the plan that belongs to the
+                      machine inventory.
+                    enum:
+                    - Applied
+                    - Failed
+                    type: string
+                type: object
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    app.kubernetes.io/instance: '{{ .Release.Name }}'
+    app.kubernetes.io/part-of: Elemental Operator
+    app.kubernetes.io/version: '{{ .Chart.Version }}'
+    controller-gen.kubebuilder.io/version: v0.14.0
+  labels:
+    cluster.x-k8s.io/provider: infrastructure-elemental
+    cluster.x-k8s.io/v1beta1: v1beta1
+    release-name: '{{ .Release.Name }}'
+  name: machineinventoryselectors.elemental.cattle.io
+spec:
+  group: elemental.cattle.io
+  names:
+    kind: MachineInventorySelector
+    listKind: MachineInventorySelectorList
+    plural: machineinventoryselectors
+    singular: machineinventoryselector
+  scope: Namespaced
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              providerID:
+                description: |-
+                  ProviderID the identifier for the elemental instance.
+                  NOTE: Functionality not implemented yet.
+                type: string
+              selector:
+                description: Selector selector to choose elemental machines.
+                properties:
+                  matchExpressions:
+                    description: matchExpressions is a list of label selector requirements.
+                      The requirements are ANDed.
+                    items:
+                      description: |-
+                        A label selector requirement is a selector that contains values, a key, and an operator that
+                        relates the key and values.
+                      properties:
+                        key:
+                          description: key is the label key that the selector applies
+                            to.
+                          type: string
+                        operator:
+                          description: |-
+                            operator represents a key's relationship to a set of values.
+                            Valid operators are In, NotIn, Exists and DoesNotExist.
+                          type: string
+                        values:
+                          description: |-
+                            values is an array of string values. If the operator is In or NotIn,
+                            the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                            the values array must be empty. This array is replaced during a strategic
+                            merge patch.
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - key
+                      - operator
+                      type: object
+                    type: array
+                  matchLabels:
+                    additionalProperties:
+                      type: string
+                    description: |-
+                      matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                      map is equivalent to an element of matchExpressions, whose key field is "key", the
+                      operator is "In", and the values array contains only "value". The requirements are ANDed.
+                    type: object
+                type: object
+                x-kubernetes-map-type: atomic
+            type: object
+          status:
+            properties:
+              addresses:
+                description: Addresses represent machine addresses.
+                items:
+                  description: MachineAddress contains information for the node's
+                    address.
+                  properties:
+                    address:
+                      description: The machine address.
+                      type: string
+                    type:
+                      description: Machine address type, one of Hostname, ExternalIP,
+                        InternalIP, ExternalDNS or InternalDNS.
+                      type: string
+                  required:
+                  - address
+                  - type
+                  type: object
+                type: array
+              bootstrapPlanChecksum:
+                description: BootstrapPlanChecksum represent bootstrap plan checksum.
+                type: string
+              conditions:
+                description: Conditions describe the state of the machine selector
+                  object.
+                items:
+                  description: "Condition contains details for one aspect of the current
+                    state of this API Resource.\n---\nThis struct is intended for
+                    direct use as an array at the field path .status.conditions.  For
+                    example,\n\n\n\ttype FooStatus struct{\n\t    // Represents the
+                    observations of a foo's current state.\n\t    // Known .status.conditions.type
+                    are: \"Available\", \"Progressing\", and \"Degraded\"\n\t    //
+                    +patchMergeKey=type\n\t    // +patchStrategy=merge\n\t    // +listType=map\n\t
+                    \   // +listMapKey=type\n\t    Conditions []metav1.Condition `json:\"conditions,omitempty\"
+                    patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
+                    \   // other fields\n\t}"
+                  properties:
+                    lastTransitionTime:
+                      description: |-
+                        lastTransitionTime is the last time the condition transitioned from one status to another.
+                        This should be when the underlying condition changed.  If that is not known, then using the time when the API field changed is acceptable.
+                      format: date-time
+                      type: string
+                    message:
+                      description: |-
+                        message is a human readable message indicating details about the transition.
+                        This may be an empty string.
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      description: |-
+                        observedGeneration represents the .metadata.generation that the condition was set based upon.
+                        For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+                        with respect to the current state of the instance.
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      description: |-
+                        reason contains a programmatic identifier indicating the reason for the condition's last transition.
+                        Producers of specific condition types may define expected values and meanings for this field,
+                        and whether the values are considered a guaranteed API.
+                        The value should be a CamelCase string.
+                        This field may not be empty.
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      description: status of the condition, one of True, False, Unknown.
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      description: |-
+                        type of condition in CamelCase or in foo.example.com/CamelCase.
+                        ---
+                        Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
+                        useful (see .node.status.conditions), the ability to deconflict is important.
+                        The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+              machineInventoryRef:
+                description: MachineInventoryRef reference to the machine inventory
+                  that belongs to the selector.
+                properties:
+                  name:
+                    description: |-
+                      Name of the referent.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      TODO: Add other useful fields. apiVersion, kind, uid?
+                    type: string
+                type: object
+                x-kubernetes-map-type: atomic
+              ready:
+                type: boolean
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    app.kubernetes.io/instance: '{{ .Release.Name }}'
+    app.kubernetes.io/part-of: Elemental Operator
+    app.kubernetes.io/version: '{{ .Chart.Version }}'
+    controller-gen.kubebuilder.io/version: v0.14.0
+  labels:
+    cluster.x-k8s.io/provider: infrastructure-elemental
+    cluster.x-k8s.io/v1beta1: v1beta1
+    release-name: '{{ .Release.Name }}'
+  name: machineinventoryselectortemplates.elemental.cattle.io
+spec:
+  group: elemental.cattle.io
+  names:
+    kind: MachineInventorySelectorTemplate
+    listKind: MachineInventorySelectorTemplateList
+    plural: machineinventoryselectortemplates
+    singular: machineinventoryselectortemplate
+  scope: Namespaced
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              template:
+                description: Template machine inventory selector template.
+                properties:
+                  apiVersion:
+                    description: |-
+                      APIVersion defines the versioned schema of this representation of an object.
+                      Servers should convert recognized schemas to the latest internal value, and
+                      may reject unrecognized values.
+                      More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+                    type: string
+                  kind:
+                    description: |-
+                      Kind is a string value representing the REST resource this object represents.
+                      Servers may infer this from the endpoint the client submits requests to.
+                      Cannot be updated.
+                      In CamelCase.
+                      More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+                    type: string
+                  metadata:
+                    type: object
+                  spec:
+                    properties:
+                      providerID:
+                        description: |-
+                          ProviderID the identifier for the elemental instance.
+                          NOTE: Functionality not implemented yet.
+                        type: string
+                      selector:
+                        description: Selector selector to choose elemental machines.
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: |-
+                                A label selector requirement is a selector that contains values, a key, and an operator that
+                                relates the key and values.
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  type: string
+                                operator:
+                                  description: |-
+                                    operator represents a key's relationship to a set of values.
+                                    Valid operators are In, NotIn, Exists and DoesNotExist.
+                                  type: string
+                                values:
+                                  description: |-
+                                    values is an array of string values. If the operator is In or NotIn,
+                                    the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                                    the values array must be empty. This array is replaced during a strategic
+                                    merge patch.
+                                  items:
+                                    type: string
+                                  type: array
+                              required:
+                              - key
+                              - operator
+                              type: object
+                            type: array
+                          matchLabels:
+                            additionalProperties:
+                              type: string
+                            description: |-
+                              matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                              map is equivalent to an element of matchExpressions, whose key field is "key", the
+                              operator is "In", and the values array contains only "value". The requirements are ANDed.
+                            type: object
+                        type: object
+                        x-kubernetes-map-type: atomic
+                    type: object
+                  status:
+                    properties:
+                      addresses:
+                        description: Addresses represent machine addresses.
+                        items:
+                          description: MachineAddress contains information for the
+                            node's address.
+                          properties:
+                            address:
+                              description: The machine address.
+                              type: string
+                            type:
+                              description: Machine address type, one of Hostname,
+                                ExternalIP, InternalIP, ExternalDNS or InternalDNS.
+                              type: string
+                          required:
+                          - address
+                          - type
+                          type: object
+                        type: array
+                      bootstrapPlanChecksum:
+                        description: BootstrapPlanChecksum represent bootstrap plan
+                          checksum.
+                        type: string
+                      conditions:
+                        description: Conditions describe the state of the machine
+                          selector object.
+                        items:
+                          description: "Condition contains details for one aspect
+                            of the current state of this API Resource.\n---\nThis
+                            struct is intended for direct use as an array at the field
+                            path .status.conditions.  For example,\n\n\n\ttype FooStatus
+                            struct{\n\t    // Represents the observations of a foo's
+                            current state.\n\t    // Known .status.conditions.type
+                            are: \"Available\", \"Progressing\", and \"Degraded\"\n\t
+                            \   // +patchMergeKey=type\n\t    // +patchStrategy=merge\n\t
+                            \   // +listType=map\n\t    // +listMapKey=type\n\t    Conditions
+                            []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\"
+                            patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
+                            \   // other fields\n\t}"
+                          properties:
+                            lastTransitionTime:
+                              description: |-
+                                lastTransitionTime is the last time the condition transitioned from one status to another.
+                                This should be when the underlying condition changed.  If that is not known, then using the time when the API field changed is acceptable.
+                              format: date-time
+                              type: string
+                            message:
+                              description: |-
+                                message is a human readable message indicating details about the transition.
+                                This may be an empty string.
+                              maxLength: 32768
+                              type: string
+                            observedGeneration:
+                              description: |-
+                                observedGeneration represents the .metadata.generation that the condition was set based upon.
+                                For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+                                with respect to the current state of the instance.
+                              format: int64
+                              minimum: 0
+                              type: integer
+                            reason:
+                              description: |-
+                                reason contains a programmatic identifier indicating the reason for the condition's last transition.
+                                Producers of specific condition types may define expected values and meanings for this field,
+                                and whether the values are considered a guaranteed API.
+                                The value should be a CamelCase string.
+                                This field may not be empty.
+                              maxLength: 1024
+                              minLength: 1
+                              pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                              type: string
+                            status:
+                              description: status of the condition, one of True, False,
+                                Unknown.
+                              enum:
+                              - "True"
+                              - "False"
+                              - Unknown
+                              type: string
+                            type:
+                              description: |-
+                                type of condition in CamelCase or in foo.example.com/CamelCase.
+                                ---
+                                Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
+                                useful (see .node.status.conditions), the ability to deconflict is important.
+                                The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+                              maxLength: 316
+                              pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                              type: string
+                          required:
+                          - lastTransitionTime
+                          - message
+                          - reason
+                          - status
+                          - type
+                          type: object
+                        type: array
+                      machineInventoryRef:
+                        description: MachineInventoryRef reference to the machine
+                          inventory that belongs to the selector.
+                        properties:
+                          name:
+                            description: |-
+                              Name of the referent.
+                              More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                              TODO: Add other useful fields. apiVersion, kind, uid?
+                            type: string
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      ready:
+                        type: boolean
+                    type: object
+                type: object
+            required:
+            - template
+            type: object
+        type: object
+    served: true
+    storage: true
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    app.kubernetes.io/instance: '{{ .Release.Name }}'
+    app.kubernetes.io/part-of: Elemental Operator
+    app.kubernetes.io/version: '{{ .Chart.Version }}'
+    controller-gen.kubebuilder.io/version: v0.14.0
+  labels:
+    cluster.x-k8s.io/provider: infrastructure-elemental
+    cluster.x-k8s.io/v1beta1: v1beta1
+    release-name: '{{ .Release.Name }}'
+  name: machineregistrations.elemental.cattle.io
+spec:
+  group: elemental.cattle.io
+  names:
+    kind: MachineRegistration
+    listKind: MachineRegistrationList
+    plural: machineregistrations
+    singular: machineregistration
+  scope: Namespaced
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              config:
+                description: Config the cloud config that will be used to provision
+                  the node.
+                properties:
+                  cloud-config:
+                    x-kubernetes-preserve-unknown-fields: true
+                  elemental:
+                    properties:
+                      install:
+                        properties:
+                          config-dir:
+                            type: string
+                          config-urls:
+                            items:
+                              type: string
+                            type: array
+                          debug:
+                            type: boolean
+                          device:
+                            type: string
+                          device-selector:
+                            items:
+                              properties:
+                                key:
+                                  enum:
+                                  - Name
+                                  - Size
+                                  type: string
+                                operator:
+                                  enum:
+                                  - In
+                                  - NotIn
+                                  - Gt
+                                  - Lt
+                                  type: string
+                                values:
+                                  items:
+                                    type: string
+                                  type: array
+                              required:
+                              - key
+                              - operator
+                              type: object
+                            type: array
+                          disable-boot-entry:
+                            type: boolean
+                          eject-cd:
+                            type: boolean
+                          firmware:
+                            type: string
+                          iso:
+                            type: string
+                          no-format:
+                            type: boolean
+                          poweroff:
+                            type: boolean
+                          reboot:
+                            type: boolean
+                          snapshotter:
+                            default:
+                              type: loopdevice
+                            properties:
+                              type:
+                                default: loopdevice
+                                description: Type sets the snapshotter type a new
+                                  installation, available options are 'loopdevice'
+                                  and 'btrfs'
+                                type: string
+                            type: object
+                          system-uri:
+                            type: string
+                          tty:
+                            type: string
+                        type: object
+                      registration:
+                        properties:
+                          auth:
+                            default: tpm
+                            type: string
+                          ca-cert:
+                            type: string
+                          emulate-tpm:
+                            type: boolean
+                          emulated-tpm-seed:
+                            format: int64
+                            type: integer
+                          no-smbios:
+                            type: boolean
+                          no-toolkit:
+                            type: boolean
+                          url:
+                            type: string
+                        type: object
+                      reset:
+                        default:
+                          reboot: true
+                          reset-oem: true
+                          reset-persistent: true
+                        properties:
+                          config-urls:
+                            items:
+                              type: string
+                            type: array
+                          debug:
+                            type: boolean
+                          disable-boot-entry:
+                            type: boolean
+                          enabled:
+                            type: boolean
+                          poweroff:
+                            type: boolean
+                          reboot:
+                            default: true
+                            type: boolean
+                          reset-oem:
+                            default: true
+                            type: boolean
+                          reset-persistent:
+                            default: true
+                            type: boolean
+                          system-uri:
+                            type: string
+                        type: object
+                      system-agent:
+                        properties:
+                          secret-name:
+                            type: string
+                          secret-namespace:
+                            type: string
+                          token:
+                            type: string
+                          url:
+                            type: string
+                        type: object
+                    type: object
+                type: object
+              machineInventoryAnnotations:
+                additionalProperties:
+                  type: string
+                description: MachineInventoryAnnotations annotations to be added to
+                  the created MachineInventory object.
+                type: object
+              machineInventoryLabels:
+                additionalProperties:
+                  type: string
+                description: MachineInventoryLabels label to be added to the created
+                  MachineInventory object.
+                type: object
+              machineName:
+                type: string
+            type: object
+          status:
+            properties:
+              conditions:
+                description: Conditions describe the state of the machine registration
+                  object.
+                items:
+                  description: "Condition contains details for one aspect of the current
+                    state of this API Resource.\n---\nThis struct is intended for
+                    direct use as an array at the field path .status.conditions.  For
+                    example,\n\n\n\ttype FooStatus struct{\n\t    // Represents the
+                    observations of a foo's current state.\n\t    // Known .status.conditions.type
+                    are: \"Available\", \"Progressing\", and \"Degraded\"\n\t    //
+                    +patchMergeKey=type\n\t    // +patchStrategy=merge\n\t    // +listType=map\n\t
+                    \   // +listMapKey=type\n\t    Conditions []metav1.Condition `json:\"conditions,omitempty\"
+                    patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
+                    \   // other fields\n\t}"
+                  properties:
+                    lastTransitionTime:
+                      description: |-
+                        lastTransitionTime is the last time the condition transitioned from one status to another.
+                        This should be when the underlying condition changed.  If that is not known, then using the time when the API field changed is acceptable.
+                      format: date-time
+                      type: string
+                    message:
+                      description: |-
+                        message is a human readable message indicating details about the transition.
+                        This may be an empty string.
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      description: |-
+                        observedGeneration represents the .metadata.generation that the condition was set based upon.
+                        For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+                        with respect to the current state of the instance.
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      description: |-
+                        reason contains a programmatic identifier indicating the reason for the condition's last transition.
+                        Producers of specific condition types may define expected values and meanings for this field,
+                        and whether the values are considered a guaranteed API.
+                        The value should be a CamelCase string.
+                        This field may not be empty.
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      description: status of the condition, one of True, False, Unknown.
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      description: |-
+                        type of condition in CamelCase or in foo.example.com/CamelCase.
+                        ---
+                        Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
+                        useful (see .node.status.conditions), the ability to deconflict is important.
+                        The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+              registrationToken:
+                description: RegistrationToken a token for registering a machine.
+                type: string
+              registrationURL:
+                description: RegistrationURL is the URL for registering a new machine.
+                type: string
+              serviceAccountRef:
+                description: ServiceAccountRef a reference to the service account
+                  created by the machine registration.
+                properties:
+                  apiVersion:
+                    description: API version of the referent.
+                    type: string
+                  fieldPath:
+                    description: |-
+                      If referring to a piece of an object instead of an entire object, this string
+                      should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+                      For example, if the object reference is to a container within a pod, this would take on a value like:
+                      "spec.containers{name}" (where "name" refers to the name of the container that triggered
+                      the event) or if no container name is specified "spec.containers[2]" (container with
+                      index 2 in this pod). This syntax is chosen only to have some well-defined way of
+                      referencing a part of an object.
+                      TODO: this design is not final and this field is subject to change in the future.
+                    type: string
+                  kind:
+                    description: |-
+                      Kind of the referent.
+                      More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+                    type: string
+                  name:
+                    description: |-
+                      Name of the referent.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    type: string
+                  namespace:
+                    description: |-
+                      Namespace of the referent.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+                    type: string
+                  resourceVersion:
+                    description: |-
+                      Specific resourceVersion to which this reference is made, if any.
+                      More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+                    type: string
+                  uid:
+                    description: |-
+                      UID of the referent.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+                    type: string
+                type: object
+                x-kubernetes-map-type: atomic
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    app.kubernetes.io/instance: '{{ .Release.Name }}'
+    app.kubernetes.io/part-of: Elemental Operator
+    app.kubernetes.io/version: '{{ .Chart.Version }}'
+    controller-gen.kubebuilder.io/version: v0.14.0
+  labels:
+    cluster.x-k8s.io/provider: infrastructure-elemental
+    cluster.x-k8s.io/v1beta1: v1beta1
+    release-name: '{{ .Release.Name }}'
+  name: managedosimages.elemental.cattle.io
+spec:
+  group: elemental.cattle.io
+  names:
+    kind: ManagedOSImage
+    listKind: ManagedOSImageList
+    plural: managedosimages
+    singular: managedosimage
+  scope: Namespaced
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              cloudConfig:
+                x-kubernetes-preserve-unknown-fields: true
+              clusterRolloutStrategy:
+                description: RolloverStrategy controls the rollout of the bundle across
+                  clusters.
+                properties:
+                  autoPartitionSize:
+                    anyOf:
+                    - type: integer
+                    - type: string
+                    description: |-
+                      A number or percentage of how to automatically partition clusters if no
+                      specific partitioning strategy is configured.
+                      default: 25%
+                    nullable: true
+                    x-kubernetes-int-or-string: true
+                  maxUnavailable:
+                    anyOf:
+                    - type: integer
+                    - type: string
+                    description: |-
+                      A number or percentage of clusters that can be unavailable during an update
+                      of a bundle. This follows the same basic approach as a deployment rollout
+                      strategy. Once the number of clusters meets unavailable state update will be
+                      paused. Default value is 100% which doesn't take effect on update.
+                      default: 100%
+                    nullable: true
+                    x-kubernetes-int-or-string: true
+                  maxUnavailablePartitions:
+                    anyOf:
+                    - type: integer
+                    - type: string
+                    description: |-
+                      A number or percentage of cluster partitions that can be unavailable during
+                      an update of a bundle.
+                      default: 0
+                    nullable: true
+                    x-kubernetes-int-or-string: true
+                  partitions:
+                    description: |-
+                      A list of definitions of partitions.  If any target clusters do not match
+                      the configuration they are added to partitions at the end following the
+                      autoPartitionSize.
+                    items:
+                      description: Partition defines a separate rollout strategy for
+                        a set of clusters.
+                      properties:
+                        clusterGroup:
+                          description: A cluster group name to include in this partition
+                          type: string
+                        clusterGroupSelector:
+                          description: Selector matching cluster group labels to include
+                            in this partition
+                          properties:
+                            matchExpressions:
+                              description: matchExpressions is a list of label selector
+                                requirements. The requirements are ANDed.
+                              items:
+                                description: |-
+                                  A label selector requirement is a selector that contains values, a key, and an operator that
+                                  relates the key and values.
+                                properties:
+                                  key:
+                                    description: key is the label key that the selector
+                                      applies to.
+                                    type: string
+                                  operator:
+                                    description: |-
+                                      operator represents a key's relationship to a set of values.
+                                      Valid operators are In, NotIn, Exists and DoesNotExist.
+                                    type: string
+                                  values:
+                                    description: |-
+                                      values is an array of string values. If the operator is In or NotIn,
+                                      the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                                      the values array must be empty. This array is replaced during a strategic
+                                      merge patch.
+                                    items:
+                                      type: string
+                                    type: array
+                                required:
+                                - key
+                                - operator
+                                type: object
+                              type: array
+                            matchLabels:
+                              additionalProperties:
+                                type: string
+                              description: |-
+                                matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                                map is equivalent to an element of matchExpressions, whose key field is "key", the
+                                operator is "In", and the values array contains only "value". The requirements are ANDed.
+                              type: object
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        clusterName:
+                          description: ClusterName is the name of a cluster to include
+                            in this partition
+                          type: string
+                        clusterSelector:
+                          description: Selector matching cluster labels to include
+                            in this partition
+                          properties:
+                            matchExpressions:
+                              description: matchExpressions is a list of label selector
+                                requirements. The requirements are ANDed.
+                              items:
+                                description: |-
+                                  A label selector requirement is a selector that contains values, a key, and an operator that
+                                  relates the key and values.
+                                properties:
+                                  key:
+                                    description: key is the label key that the selector
+                                      applies to.
+                                    type: string
+                                  operator:
+                                    description: |-
+                                      operator represents a key's relationship to a set of values.
+                                      Valid operators are In, NotIn, Exists and DoesNotExist.
+                                    type: string
+                                  values:
+                                    description: |-
+                                      values is an array of string values. If the operator is In or NotIn,
+                                      the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                                      the values array must be empty. This array is replaced during a strategic
+                                      merge patch.
+                                    items:
+                                      type: string
+                                    type: array
+                                required:
+                                - key
+                                - operator
+                                type: object
+                              type: array
+                            matchLabels:
+                              additionalProperties:
+                                type: string
+                              description: |-
+                                matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                                map is equivalent to an element of matchExpressions, whose key field is "key", the
+                                operator is "In", and the values array contains only "value". The requirements are ANDed.
+                              type: object
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        maxUnavailable:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          description: |-
+                            A number or percentage of clusters that can be unavailable in this
+                            partition before this partition is treated as done.
+                            default: 10%
+                          x-kubernetes-int-or-string: true
+                        name:
+                          description: A user-friendly name given to the partition
+                            used for Display (optional).
+                          type: string
+                      type: object
+                    nullable: true
+                    type: array
+                type: object
+              clusterTargets:
+                items:
+                  description: |-
+                    BundleTarget declares clusters to deploy to. Fleet will merge the
+                    BundleDeploymentOptions from customizations into this struct.
+                  properties:
+                    clusterGroup:
+                      description: ClusterGroup to match a specific cluster group
+                        by name.
+                      nullable: true
+                      type: string
+                    clusterGroupSelector:
+                      description: ClusterGroupSelector is a selector to match cluster
+                        groups.
+                      nullable: true
+                      properties:
+                        matchExpressions:
+                          description: matchExpressions is a list of label selector
+                            requirements. The requirements are ANDed.
+                          items:
+                            description: |-
+                              A label selector requirement is a selector that contains values, a key, and an operator that
+                              relates the key and values.
+                            properties:
+                              key:
+                                description: key is the label key that the selector
+                                  applies to.
+                                type: string
+                              operator:
+                                description: |-
+                                  operator represents a key's relationship to a set of values.
+                                  Valid operators are In, NotIn, Exists and DoesNotExist.
+                                type: string
+                              values:
+                                description: |-
+                                  values is an array of string values. If the operator is In or NotIn,
+                                  the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                                  the values array must be empty. This array is replaced during a strategic
+                                  merge patch.
+                                items:
+                                  type: string
+                                type: array
+                            required:
+                            - key
+                            - operator
+                            type: object
+                          type: array
+                        matchLabels:
+                          additionalProperties:
+                            type: string
+                          description: |-
+                            matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                            map is equivalent to an element of matchExpressions, whose key field is "key", the
+                            operator is "In", and the values array contains only "value". The requirements are ANDed.
+                          type: object
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    clusterName:
+                      description: |-
+                        ClusterName to match a specific cluster by name that will be
+                        selected
+                      nullable: true
+                      type: string
+                    clusterSelector:
+                      description: |-
+                        ClusterSelector is a selector to match clusters. The structure is
+                        the standard metav1.LabelSelector format. If clusterGroupSelector or
+                        clusterGroup is specified, clusterSelector will be used only to
+                        further refine the selection after clusterGroupSelector and
+                        clusterGroup is evaluated.
+                      nullable: true
+                      properties:
+                        matchExpressions:
+                          description: matchExpressions is a list of label selector
+                            requirements. The requirements are ANDed.
+                          items:
+                            description: |-
+                              A label selector requirement is a selector that contains values, a key, and an operator that
+                              relates the key and values.
+                            properties:
+                              key:
+                                description: key is the label key that the selector
+                                  applies to.
+                                type: string
+                              operator:
+                                description: |-
+                                  operator represents a key's relationship to a set of values.
+                                  Valid operators are In, NotIn, Exists and DoesNotExist.
+                                type: string
+                              values:
+                                description: |-
+                                  values is an array of string values. If the operator is In or NotIn,
+                                  the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                                  the values array must be empty. This array is replaced during a strategic
+                                  merge patch.
+                                items:
+                                  type: string
+                                type: array
+                            required:
+                            - key
+                            - operator
+                            type: object
+                          type: array
+                        matchLabels:
+                          additionalProperties:
+                            type: string
+                          description: |-
+                            matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                            map is equivalent to an element of matchExpressions, whose key field is "key", the
+                            operator is "In", and the values array contains only "value". The requirements are ANDed.
+                          type: object
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    correctDrift:
+                      description: CorrectDrift specifies how drift correction should
+                        work.
+                      properties:
+                        enabled:
+                          description: Enabled correct drift if true.
+                          type: boolean
+                        force:
+                          description: Force helm rollback with --force option will
+                            be used if true. This will try to recreate all resources
+                            in the release.
+                          type: boolean
+                        keepFailHistory:
+                          description: KeepFailHistory keeps track of failed rollbacks
+                            in the helm history.
+                          type: boolean
+                      type: object
+                    defaultNamespace:
+                      description: |-
+                        DefaultNamespace is the namespace to use for resources that do not
+                        specify a namespace. This field is not used to enforce or lock down
+                        the deployment to a specific namespace.
+                      nullable: true
+                      type: string
+                    deleteCRDResources:
+                      description: DeleteCRDResources deletes CRDs. Warning! this
+                        will also delete all your Custom Resources.
+                      type: boolean
+                    diff:
+                      description: Diff can be used to ignore the modified state of
+                        objects which are amended at runtime.
+                      nullable: true
+                      properties:
+                        comparePatches:
+                          description: ComparePatches match a resource and remove
+                            fields from the check for modifications.
+                          items:
+                            description: ComparePatch matches a resource and removes
+                              fields from the check for modifications.
+                            properties:
+                              apiVersion:
+                                description: APIVersion is the apiVersion of the resource
+                                  to match.
+                                nullable: true
+                                type: string
+                              jsonPointers:
+                                description: JSONPointers ignore diffs at a certain
+                                  JSON path.
+                                items:
+                                  type: string
+                                nullable: true
+                                type: array
+                              kind:
+                                description: Kind is the kind of the resource to match.
+                                nullable: true
+                                type: string
+                              name:
+                                description: Name is the name of the resource to match.
+                                nullable: true
+                                type: string
+                              namespace:
+                                description: Namespace is the namespace of the resource
+                                  to match.
+                                nullable: true
+                                type: string
+                              operations:
+                                description: Operations remove a JSON path from the
+                                  resource.
+                                items:
+                                  description: Operation of a ComparePatch, usually
+                                    "remove".
+                                  properties:
+                                    op:
+                                      description: Op is usually "remove"
+                                      nullable: true
+                                      type: string
+                                    path:
+                                      description: Path is the JSON path to remove.
+                                      nullable: true
+                                      type: string
+                                    value:
+                                      description: Value is usually empty.
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                    doNotDeploy:
+                      description: DoNotDeploy if set to true, will not deploy to
+                        this target.
+                      type: boolean
+                    forceSyncGeneration:
+                      description: ForceSyncGeneration is used to force a redeployment
+                      format: int64
+                      type: integer
+                    helm:
+                      description: Helm options for the deployment, like the chart
+                        name, repo and values.
+                      nullable: true
+                      properties:
+                        atomic:
+                          description: Atomic sets the --atomic flag when Helm is
+                            performing an upgrade
+                          type: boolean
+                        chart:
+                          description: |-
+                            Chart can refer to any go-getter URL or OCI registry based helm
+                            chart URL. The chart will be downloaded.
+                          nullable: true
+                          type: string
+                        disableDNS:
+                          description: DisableDNS can be used to customize Helm's
+                            EnableDNS option, which Fleet sets to `true` by default.
+                          type: boolean
+                        disableDependencyUpdate:
+                          description: DisableDependencyUpdate allows skipping chart
+                            dependencies update
+                          type: boolean
+                        disablePreProcess:
+                          description: DisablePreProcess disables template processing
+                            in values
+                          type: boolean
+                        force:
+                          description: Force allows to override immutable resources.
+                            This could be dangerous.
+                          type: boolean
+                        maxHistory:
+                          description: MaxHistory limits the maximum number of revisions
+                            saved per release by Helm.
+                          type: integer
+                        releaseName:
+                          description: |-
+                            ReleaseName sets a custom release name to deploy the chart as. If
+                            not specified a release name will be generated by combining the
+                            invoking GitRepo.name + GitRepo.path.
+                          maxLength: 53
+                          nullable: true
+                          pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+                          type: string
+                        repo:
+                          description: Repo is the name of the HTTPS helm repo to
+                            download the chart from.
+                          nullable: true
+                          type: string
+                        skipSchemaValidation:
+                          description: SkipSchemaValidation allows skipping schema
+                            validation against the chart values
+                          type: boolean
+                        takeOwnership:
+                          description: TakeOwnership makes helm skip the check for
+                            its own annotations
+                          type: boolean
+                        timeoutSeconds:
+                          description: TimeoutSeconds is the time to wait for Helm
+                            operations.
+                          type: integer
+                        values:
+                          description: |-
+                            Values passed to Helm. It is possible to specify the keys and values
+                            as go template strings.
+                          nullable: true
+                          type: object
+                          x-kubernetes-preserve-unknown-fields: true
+                        valuesFiles:
+                          description: ValuesFiles is a list of files to load values
+                            from.
+                          items:
+                            type: string
+                          nullable: true
+                          type: array
+                        valuesFrom:
+                          description: ValuesFrom loads the values from configmaps
+                            and secrets.
+                          items:
+                            description: 'Define helm values that can come from configmap,
+                              secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439'
+                            properties:
+                              configMapKeyRef:
+                                description: The reference to a config map with release
+                                  values.
+                                nullable: true
+                                properties:
+                                  key:
+                                    nullable: true
+                                    type: string
+                                  name:
+                                    description: Name of a resource in the same namespace
+                                      as the referent.
+                                    nullable: true
+                                    type: string
+                                  namespace:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              secretKeyRef:
+                                description: The reference to a secret with release
+                                  values.
+                                nullable: true
+                                properties:
+                                  key:
+                                    nullable: true
+                                    type: string
+                                  name:
+                                    description: Name of a resource in the same namespace
+                                      as the referent.
+                                    nullable: true
+                                    type: string
+                                  namespace:
+                                    nullable: true
+                                    type: string
+                                type: object
+                            type: object
+                          nullable: true
+                          type: array
+                        version:
+                          description: Version of the chart to download
+                          nullable: true
+                          type: string
+                        waitForJobs:
+                          description: |-
+                            WaitForJobs if set and timeoutSeconds provided, will wait until all
+                            Jobs have been completed before marking the GitRepo as ready. It
+                            will wait for as long as timeoutSeconds
+                          type: boolean
+                      type: object
+                    ignore:
+                      description: IgnoreOptions can be used to ignore fields when
+                        monitoring the bundle.
+                      properties:
+                        conditions:
+                          description: Conditions is a list of conditions to be ignored
+                            when monitoring the Bundle.
+                          items:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                    keepResources:
+                      description: KeepResources can be used to keep the deployed
+                        resources when removing the bundle
+                      type: boolean
+                    kustomize:
+                      description: |-
+                        Kustomize options for the deployment, like the dir containing the
+                        kustomization.yaml file.
+                      nullable: true
+                      properties:
+                        dir:
+                          description: |-
+                            Dir points to a custom folder for kustomize resources. This folder must contain
+                            a kustomization.yaml file.
+                          nullable: true
+                          type: string
+                      type: object
+                    name:
+                      description: |-
+                        Name of target. This value is largely for display and logging. If
+                        not specified a default name of the format "target000" will be used
+                      type: string
+                    namespace:
+                      description: |-
+                        TargetNamespace if present will assign all resource to this
+                        namespace and if any cluster scoped resource exists the deployment
+                        will fail.
+                      nullable: true
+                      type: string
+                    namespaceAnnotations:
+                      additionalProperties:
+                        type: string
+                      description: NamespaceAnnotations are annotations that will
+                        be appended to the namespace created by Fleet.
+                      nullable: true
+                      type: object
+                    namespaceLabels:
+                      additionalProperties:
+                        type: string
+                      description: NamespaceLabels are labels that will be appended
+                        to the namespace created by Fleet.
+                      nullable: true
+                      type: object
+                    serviceAccount:
+                      description: ServiceAccount which will be used to perform this
+                        deployment.
+                      nullable: true
+                      type: string
+                    yaml:
+                      description: |-
+                        YAML options, if using raw YAML these are names that map to
+                        overlays/{name} files that will be used to replace or patch a resource.
+                      nullable: true
+                      properties:
+                        overlays:
+                          description: |-
+                            Overlays is a list of names that maps to folders in "overlays/".
+                            If you wish to customize the file ./subdir/resource.yaml then a file
+                            ./overlays/myoverlay/subdir/resource.yaml will replace the base
+                            file.
+                            A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.
+                          items:
+                            type: string
+                          nullable: true
+                          type: array
+                      type: object
+                  type: object
+                type: array
+              concurrency:
+                format: int64
+                type: integer
+              cordon:
+                type: boolean
+              drain:
+                default:
+                  deleteLocalData: true
+                  force: true
+                  ignoreDaemonSets: true
+                  skipWaitForDeleteTimeout: 60
+                description: DrainSpec encapsulates `kubectl drain` parameters minus
+                  node/pod selectors.
+                nullable: true
+                properties:
+                  deleteEmptydirData:
+                    type: boolean
+                  deleteLocalData:
+                    type: boolean
+                  disableEviction:
+                    type: boolean
+                  force:
+                    type: boolean
+                  gracePeriod:
+                    format: int32
+                    type: integer
+                  ignoreDaemonSets:
+                    type: boolean
+                  podSelector:
+                    description: |-
+                      A label selector is a label query over a set of resources. The result of matchLabels and
+                      matchExpressions are ANDed. An empty label selector matches all objects. A null
+                      label selector matches no objects.
+                    properties:
+                      matchExpressions:
+                        description: matchExpressions is a list of label selector
+                          requirements. The requirements are ANDed.
+                        items:
+                          description: |-
+                            A label selector requirement is a selector that contains values, a key, and an operator that
+                            relates the key and values.
+                          properties:
+                            key:
+                              description: key is the label key that the selector
+                                applies to.
+                              type: string
+                            operator:
+                              description: |-
+                                operator represents a key's relationship to a set of values.
+                                Valid operators are In, NotIn, Exists and DoesNotExist.
+                              type: string
+                            values:
+                              description: |-
+                                values is an array of string values. If the operator is In or NotIn,
+                                the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                                the values array must be empty. This array is replaced during a strategic
+                                merge patch.
+                              items:
+                                type: string
+                              type: array
+                          required:
+                          - key
+                          - operator
+                          type: object
+                        type: array
+                      matchLabels:
+                        additionalProperties:
+                          type: string
+                        description: |-
+                          matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                          map is equivalent to an element of matchExpressions, whose key field is "key", the
+                          operator is "In", and the values array contains only "value". The requirements are ANDed.
+                        type: object
+                    type: object
+                    x-kubernetes-map-type: atomic
+                  skipWaitForDeleteTimeout:
+                    type: integer
+                  timeout:
+                    description: |-
+                      A Duration represents the elapsed time between two instants
+                      as an int64 nanosecond count. The representation limits the
+                      largest representable duration to approximately 290 years.
+                    format: int64
+                    type: integer
+                type: object
+              managedOSVersionName:
+                type: string
+              nodeSelector:
+                description: |-
+                  A label selector is a label query over a set of resources. The result of matchLabels and
+                  matchExpressions are ANDed. An empty label selector matches all objects. A null
+                  label selector matches no objects.
+                properties:
+                  matchExpressions:
+                    description: matchExpressions is a list of label selector requirements.
+                      The requirements are ANDed.
+                    items:
+                      description: |-
+                        A label selector requirement is a selector that contains values, a key, and an operator that
+                        relates the key and values.
+                      properties:
+                        key:
+                          description: key is the label key that the selector applies
+                            to.
+                          type: string
+                        operator:
+                          description: |-
+                            operator represents a key's relationship to a set of values.
+                            Valid operators are In, NotIn, Exists and DoesNotExist.
+                          type: string
+                        values:
+                          description: |-
+                            values is an array of string values. If the operator is In or NotIn,
+                            the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                            the values array must be empty. This array is replaced during a strategic
+                            merge patch.
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - key
+                      - operator
+                      type: object
+                    type: array
+                  matchLabels:
+                    additionalProperties:
+                      type: string
+                    description: |-
+                      matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                      map is equivalent to an element of matchExpressions, whose key field is "key", the
+                      operator is "In", and the values array contains only "value". The requirements are ANDed.
+                    type: object
+                type: object
+                x-kubernetes-map-type: atomic
+              osImage:
+                type: string
+              prepare:
+                description: ContainerSpec is a simplified container template.
+                properties:
+                  args:
+                    items:
+                      type: string
+                    type: array
+                  command:
+                    items:
+                      type: string
+                    type: array
+                  envFrom:
+                    items:
+                      description: EnvFromSource represents the source of a set of
+                        ConfigMaps
+                      properties:
+                        configMapRef:
+                          description: The ConfigMap to select from
+                          properties:
+                            name:
+                              description: |-
+                                Name of the referent.
+                                More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?
+                              type: string
+                            optional:
+                              description: Specify whether the ConfigMap must be defined
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        prefix:
+                          description: An optional identifier to prepend to each key
+                            in the ConfigMap. Must be a C_IDENTIFIER.
+                          type: string
+                        secretRef:
+                          description: The Secret to select from
+                          properties:
+                            name:
+                              description: |-
+                                Name of the referent.
+                                More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?
+                              type: string
+                            optional:
+                              description: Specify whether the Secret must be defined
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      type: object
+                    type: array
+                  envs:
+                    items:
+                      description: EnvVar represents an environment variable present
+                        in a Container.
+                      properties:
+                        name:
+                          description: Name of the environment variable. Must be a
+                            C_IDENTIFIER.
+                          type: string
+                        value:
+                          description: |-
+                            Variable references $(VAR_NAME) are expanded
+                            using the previously defined environment variables in the container and
+                            any service environment variables. If a variable cannot be resolved,
+                            the reference in the input string will be unchanged. Double $$ are reduced
+                            to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
+                            "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+                            Escaped references will never be expanded, regardless of whether the variable
+                            exists or not.
+                            Defaults to "".
+                          type: string
+                        valueFrom:
+                          description: Source for the environment variable's value.
+                            Cannot be used if value is not empty.
+                          properties:
+                            configMapKeyRef:
+                              description: Selects a key of a ConfigMap.
+                              properties:
+                                key:
+                                  description: The key to select.
+                                  type: string
+                                name:
+                                  description: |-
+                                    Name of the referent.
+                                    More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind, uid?
+                                  type: string
+                                optional:
+                                  description: Specify whether the ConfigMap or its
+                                    key must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            fieldRef:
+                              description: |-
+                                Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
+                                spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
+                              properties:
+                                apiVersion:
+                                  description: Version of the schema the FieldPath
+                                    is written in terms of, defaults to "v1".
+                                  type: string
+                                fieldPath:
+                                  description: Path of the field to select in the
+                                    specified API version.
+                                  type: string
+                              required:
+                              - fieldPath
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            resourceFieldRef:
+                              description: |-
+                                Selects a resource of the container: only resources limits and requests
+                                (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
+                              properties:
+                                containerName:
+                                  description: 'Container name: required for volumes,
+                                    optional for env vars'
+                                  type: string
+                                divisor:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Specifies the output format of the
+                                    exposed resources, defaults to "1"
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                resource:
+                                  description: 'Required: resource to select'
+                                  type: string
+                              required:
+                              - resource
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secretKeyRef:
+                              description: Selects a key of a secret in the pod's
+                                namespace
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: |-
+                                    Name of the referent.
+                                    More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind, uid?
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  image:
+                    type: string
+                  securityContext:
+                    description: |-
+                      SecurityContext holds security configuration that will be applied to a container.
+                      Some fields are present in both SecurityContext and PodSecurityContext.  When both
+                      are set, the values in SecurityContext take precedence.
+                    properties:
+                      allowPrivilegeEscalation:
+                        description: |-
+                          AllowPrivilegeEscalation controls whether a process can gain more
+                          privileges than its parent process. This bool directly controls if
+                          the no_new_privs flag will be set on the container process.
+                          AllowPrivilegeEscalation is true always when the container is:
+                          1) run as Privileged
+                          2) has CAP_SYS_ADMIN
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      capabilities:
+                        description: |-
+                          The capabilities to add/drop when running containers.
+                          Defaults to the default set of capabilities granted by the container runtime.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          add:
+                            description: Added capabilities
+                            items:
+                              description: Capability represent POSIX capabilities
+                                type
+                              type: string
+                            type: array
+                          drop:
+                            description: Removed capabilities
+                            items:
+                              description: Capability represent POSIX capabilities
+                                type
+                              type: string
+                            type: array
+                        type: object
+                      privileged:
+                        description: |-
+                          Run container in privileged mode.
+                          Processes in privileged containers are essentially equivalent to root on the host.
+                          Defaults to false.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      procMount:
+                        description: |-
+                          procMount denotes the type of proc mount to use for the containers.
+                          The default is DefaultProcMount which uses the container runtime defaults for
+                          readonly paths and masked paths.
+                          This requires the ProcMountType feature flag to be enabled.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: string
+                      readOnlyRootFilesystem:
+                        description: |-
+                          Whether this container has a read-only root filesystem.
+                          Default is false.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      runAsGroup:
+                        description: |-
+                          The GID to run the entrypoint of the container process.
+                          Uses runtime default if unset.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        description: |-
+                          Indicates that the container must run as a non-root user.
+                          If true, the Kubelet will validate the image at runtime to ensure that it
+                          does not run as UID 0 (root) and fail to start the container if it does.
+                          If unset or false, no such validation will be performed.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                        type: boolean
+                      runAsUser:
+                        description: |-
+                          The UID to run the entrypoint of the container process.
+                          Defaults to user specified in image metadata if unspecified.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        format: int64
+                        type: integer
+                      seLinuxOptions:
+                        description: |-
+                          The SELinux context to be applied to the container.
+                          If unspecified, the container runtime will allocate a random SELinux context for each
+                          container.  May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          level:
+                            description: Level is SELinux level label that applies
+                              to the container.
+                            type: string
+                          role:
+                            description: Role is a SELinux role label that applies
+                              to the container.
+                            type: string
+                          type:
+                            description: Type is a SELinux type label that applies
+                              to the container.
+                            type: string
+                          user:
+                            description: User is a SELinux user label that applies
+                              to the container.
+                            type: string
+                        type: object
+                      seccompProfile:
+                        description: |-
+                          The seccomp options to use by this container. If seccomp options are
+                          provided at both the pod & container level, the container options
+                          override the pod options.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          localhostProfile:
+                            description: |-
+                              localhostProfile indicates a profile defined in a file on the node should be used.
+                              The profile must be preconfigured on the node to work.
+                              Must be a descending path, relative to the kubelet's configured seccomp profile location.
+                              Must be set if type is "Localhost". Must NOT be set for any other type.
+                            type: string
+                          type:
+                            description: |-
+                              type indicates which kind of seccomp profile will be applied.
+                              Valid options are:
+
+
+                              Localhost - a profile defined in a file on the node should be used.
+                              RuntimeDefault - the container runtime default profile should be used.
+                              Unconfined - no profile should be applied.
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      windowsOptions:
+                        description: |-
+                          The Windows specific settings applied to all containers.
+                          If unspecified, the options from the PodSecurityContext will be used.
+                          If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is linux.
+                        properties:
+                          gmsaCredentialSpec:
+                            description: |-
+                              GMSACredentialSpec is where the GMSA admission webhook
+                              (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
+                              GMSA credential spec named by the GMSACredentialSpecName field.
+                            type: string
+                          gmsaCredentialSpecName:
+                            description: GMSACredentialSpecName is the name of the
+                              GMSA credential spec to use.
+                            type: string
+                          hostProcess:
+                            description: |-
+                              HostProcess determines if a container should be run as a 'Host Process' container.
+                              All of a Pod's containers must have the same effective HostProcess value
+                              (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
+                              In addition, if HostProcess is true then HostNetwork must also be set to true.
+                            type: boolean
+                          runAsUserName:
+                            description: |-
+                              The UserName in Windows to run the entrypoint of the container process.
+                              Defaults to the user specified in image metadata if unspecified.
+                              May also be set in PodSecurityContext. If set in both SecurityContext and
+                              PodSecurityContext, the value specified in SecurityContext takes precedence.
+                            type: string
+                        type: object
+                    type: object
+                  volumes:
+                    items:
+                      properties:
+                        destination:
+                          type: string
+                        name:
+                          type: string
+                        source:
+                          type: string
+                      type: object
+                    type: array
+                type: object
+              upgradeContainer:
+                description: ContainerSpec is a simplified container template.
+                properties:
+                  args:
+                    items:
+                      type: string
+                    type: array
+                  command:
+                    items:
+                      type: string
+                    type: array
+                  envFrom:
+                    items:
+                      description: EnvFromSource represents the source of a set of
+                        ConfigMaps
+                      properties:
+                        configMapRef:
+                          description: The ConfigMap to select from
+                          properties:
+                            name:
+                              description: |-
+                                Name of the referent.
+                                More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?
+                              type: string
+                            optional:
+                              description: Specify whether the ConfigMap must be defined
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        prefix:
+                          description: An optional identifier to prepend to each key
+                            in the ConfigMap. Must be a C_IDENTIFIER.
+                          type: string
+                        secretRef:
+                          description: The Secret to select from
+                          properties:
+                            name:
+                              description: |-
+                                Name of the referent.
+                                More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?
+                              type: string
+                            optional:
+                              description: Specify whether the Secret must be defined
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      type: object
+                    type: array
+                  envs:
+                    items:
+                      description: EnvVar represents an environment variable present
+                        in a Container.
+                      properties:
+                        name:
+                          description: Name of the environment variable. Must be a
+                            C_IDENTIFIER.
+                          type: string
+                        value:
+                          description: |-
+                            Variable references $(VAR_NAME) are expanded
+                            using the previously defined environment variables in the container and
+                            any service environment variables. If a variable cannot be resolved,
+                            the reference in the input string will be unchanged. Double $$ are reduced
+                            to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
+                            "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+                            Escaped references will never be expanded, regardless of whether the variable
+                            exists or not.
+                            Defaults to "".
+                          type: string
+                        valueFrom:
+                          description: Source for the environment variable's value.
+                            Cannot be used if value is not empty.
+                          properties:
+                            configMapKeyRef:
+                              description: Selects a key of a ConfigMap.
+                              properties:
+                                key:
+                                  description: The key to select.
+                                  type: string
+                                name:
+                                  description: |-
+                                    Name of the referent.
+                                    More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind, uid?
+                                  type: string
+                                optional:
+                                  description: Specify whether the ConfigMap or its
+                                    key must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            fieldRef:
+                              description: |-
+                                Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
+                                spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
+                              properties:
+                                apiVersion:
+                                  description: Version of the schema the FieldPath
+                                    is written in terms of, defaults to "v1".
+                                  type: string
+                                fieldPath:
+                                  description: Path of the field to select in the
+                                    specified API version.
+                                  type: string
+                              required:
+                              - fieldPath
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            resourceFieldRef:
+                              description: |-
+                                Selects a resource of the container: only resources limits and requests
+                                (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
+                              properties:
+                                containerName:
+                                  description: 'Container name: required for volumes,
+                                    optional for env vars'
+                                  type: string
+                                divisor:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Specifies the output format of the
+                                    exposed resources, defaults to "1"
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                resource:
+                                  description: 'Required: resource to select'
+                                  type: string
+                              required:
+                              - resource
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secretKeyRef:
+                              description: Selects a key of a secret in the pod's
+                                namespace
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: |-
+                                    Name of the referent.
+                                    More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind, uid?
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  image:
+                    type: string
+                  securityContext:
+                    description: |-
+                      SecurityContext holds security configuration that will be applied to a container.
+                      Some fields are present in both SecurityContext and PodSecurityContext.  When both
+                      are set, the values in SecurityContext take precedence.
+                    properties:
+                      allowPrivilegeEscalation:
+                        description: |-
+                          AllowPrivilegeEscalation controls whether a process can gain more
+                          privileges than its parent process. This bool directly controls if
+                          the no_new_privs flag will be set on the container process.
+                          AllowPrivilegeEscalation is true always when the container is:
+                          1) run as Privileged
+                          2) has CAP_SYS_ADMIN
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      capabilities:
+                        description: |-
+                          The capabilities to add/drop when running containers.
+                          Defaults to the default set of capabilities granted by the container runtime.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          add:
+                            description: Added capabilities
+                            items:
+                              description: Capability represent POSIX capabilities
+                                type
+                              type: string
+                            type: array
+                          drop:
+                            description: Removed capabilities
+                            items:
+                              description: Capability represent POSIX capabilities
+                                type
+                              type: string
+                            type: array
+                        type: object
+                      privileged:
+                        description: |-
+                          Run container in privileged mode.
+                          Processes in privileged containers are essentially equivalent to root on the host.
+                          Defaults to false.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      procMount:
+                        description: |-
+                          procMount denotes the type of proc mount to use for the containers.
+                          The default is DefaultProcMount which uses the container runtime defaults for
+                          readonly paths and masked paths.
+                          This requires the ProcMountType feature flag to be enabled.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: string
+                      readOnlyRootFilesystem:
+                        description: |-
+                          Whether this container has a read-only root filesystem.
+                          Default is false.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      runAsGroup:
+                        description: |-
+                          The GID to run the entrypoint of the container process.
+                          Uses runtime default if unset.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        description: |-
+                          Indicates that the container must run as a non-root user.
+                          If true, the Kubelet will validate the image at runtime to ensure that it
+                          does not run as UID 0 (root) and fail to start the container if it does.
+                          If unset or false, no such validation will be performed.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                        type: boolean
+                      runAsUser:
+                        description: |-
+                          The UID to run the entrypoint of the container process.
+                          Defaults to user specified in image metadata if unspecified.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        format: int64
+                        type: integer
+                      seLinuxOptions:
+                        description: |-
+                          The SELinux context to be applied to the container.
+                          If unspecified, the container runtime will allocate a random SELinux context for each
+                          container.  May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          level:
+                            description: Level is SELinux level label that applies
+                              to the container.
+                            type: string
+                          role:
+                            description: Role is a SELinux role label that applies
+                              to the container.
+                            type: string
+                          type:
+                            description: Type is a SELinux type label that applies
+                              to the container.
+                            type: string
+                          user:
+                            description: User is a SELinux user label that applies
+                              to the container.
+                            type: string
+                        type: object
+                      seccompProfile:
+                        description: |-
+                          The seccomp options to use by this container. If seccomp options are
+                          provided at both the pod & container level, the container options
+                          override the pod options.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          localhostProfile:
+                            description: |-
+                              localhostProfile indicates a profile defined in a file on the node should be used.
+                              The profile must be preconfigured on the node to work.
+                              Must be a descending path, relative to the kubelet's configured seccomp profile location.
+                              Must be set if type is "Localhost". Must NOT be set for any other type.
+                            type: string
+                          type:
+                            description: |-
+                              type indicates which kind of seccomp profile will be applied.
+                              Valid options are:
+
+
+                              Localhost - a profile defined in a file on the node should be used.
+                              RuntimeDefault - the container runtime default profile should be used.
+                              Unconfined - no profile should be applied.
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      windowsOptions:
+                        description: |-
+                          The Windows specific settings applied to all containers.
+                          If unspecified, the options from the PodSecurityContext will be used.
+                          If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is linux.
+                        properties:
+                          gmsaCredentialSpec:
+                            description: |-
+                              GMSACredentialSpec is where the GMSA admission webhook
+                              (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
+                              GMSA credential spec named by the GMSACredentialSpecName field.
+                            type: string
+                          gmsaCredentialSpecName:
+                            description: GMSACredentialSpecName is the name of the
+                              GMSA credential spec to use.
+                            type: string
+                          hostProcess:
+                            description: |-
+                              HostProcess determines if a container should be run as a 'Host Process' container.
+                              All of a Pod's containers must have the same effective HostProcess value
+                              (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
+                              In addition, if HostProcess is true then HostNetwork must also be set to true.
+                            type: boolean
+                          runAsUserName:
+                            description: |-
+                              The UserName in Windows to run the entrypoint of the container process.
+                              Defaults to the user specified in image metadata if unspecified.
+                              May also be set in PodSecurityContext. If set in both SecurityContext and
+                              PodSecurityContext, the value specified in SecurityContext takes precedence.
+                            type: string
+                        type: object
+                    type: object
+                  volumes:
+                    items:
+                      properties:
+                        destination:
+                          type: string
+                        name:
+                          type: string
+                        source:
+                          type: string
+                      type: object
+                    type: array
+                type: object
+            required:
+            - drain
+            type: object
+          status:
+            properties:
+              conditions:
+                items:
+                  description: "Condition contains details for one aspect of the current
+                    state of this API Resource.\n---\nThis struct is intended for
+                    direct use as an array at the field path .status.conditions.  For
+                    example,\n\n\n\ttype FooStatus struct{\n\t    // Represents the
+                    observations of a foo's current state.\n\t    // Known .status.conditions.type
+                    are: \"Available\", \"Progressing\", and \"Degraded\"\n\t    //
+                    +patchMergeKey=type\n\t    // +patchStrategy=merge\n\t    // +listType=map\n\t
+                    \   // +listMapKey=type\n\t    Conditions []metav1.Condition `json:\"conditions,omitempty\"
+                    patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
+                    \   // other fields\n\t}"
+                  properties:
+                    lastTransitionTime:
+                      description: |-
+                        lastTransitionTime is the last time the condition transitioned from one status to another.
+                        This should be when the underlying condition changed.  If that is not known, then using the time when the API field changed is acceptable.
+                      format: date-time
+                      type: string
+                    message:
+                      description: |-
+                        message is a human readable message indicating details about the transition.
+                        This may be an empty string.
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      description: |-
+                        observedGeneration represents the .metadata.generation that the condition was set based upon.
+                        For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+                        with respect to the current state of the instance.
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      description: |-
+                        reason contains a programmatic identifier indicating the reason for the condition's last transition.
+                        Producers of specific condition types may define expected values and meanings for this field,
+                        and whether the values are considered a guaranteed API.
+                        The value should be a CamelCase string.
+                        This field may not be empty.
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      description: status of the condition, one of True, False, Unknown.
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      description: |-
+                        type of condition in CamelCase or in foo.example.com/CamelCase.
+                        ---
+                        Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
+                        useful (see .node.status.conditions), the ability to deconflict is important.
+                        The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    app.kubernetes.io/instance: '{{ .Release.Name }}'
+    app.kubernetes.io/part-of: Elemental Operator
+    app.kubernetes.io/version: '{{ .Chart.Version }}'
+    controller-gen.kubebuilder.io/version: v0.14.0
+  labels:
+    cluster.x-k8s.io/provider: infrastructure-elemental
+    cluster.x-k8s.io/v1beta1: v1beta1
+    release-name: '{{ .Release.Name }}'
+  name: managedosversionchannels.elemental.cattle.io
+spec:
+  group: elemental.cattle.io
+  names:
+    kind: ManagedOSVersionChannel
+    listKind: ManagedOSVersionChannelList
+    plural: managedosversionchannels
+    singular: managedosversionchannel
+  scope: Namespaced
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              deleteNoLongerInSyncVersions:
+                default: false
+                description: |-
+                  DeleteNoLongerInSyncVersions automatically deletes
+                  all no-longer-in-sync ManagedOSVersions that were created by this channel.
+                type: boolean
+              options:
+                x-kubernetes-preserve-unknown-fields: true
+              syncInterval:
+                default: 1h
+                type: string
+              type:
+                type: string
+              upgradeContainer:
+                description: ContainerSpec is a simplified container template.
+                properties:
+                  args:
+                    items:
+                      type: string
+                    type: array
+                  command:
+                    items:
+                      type: string
+                    type: array
+                  envFrom:
+                    items:
+                      description: EnvFromSource represents the source of a set of
+                        ConfigMaps
+                      properties:
+                        configMapRef:
+                          description: The ConfigMap to select from
+                          properties:
+                            name:
+                              description: |-
+                                Name of the referent.
+                                More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?
+                              type: string
+                            optional:
+                              description: Specify whether the ConfigMap must be defined
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        prefix:
+                          description: An optional identifier to prepend to each key
+                            in the ConfigMap. Must be a C_IDENTIFIER.
+                          type: string
+                        secretRef:
+                          description: The Secret to select from
+                          properties:
+                            name:
+                              description: |-
+                                Name of the referent.
+                                More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?
+                              type: string
+                            optional:
+                              description: Specify whether the Secret must be defined
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      type: object
+                    type: array
+                  envs:
+                    items:
+                      description: EnvVar represents an environment variable present
+                        in a Container.
+                      properties:
+                        name:
+                          description: Name of the environment variable. Must be a
+                            C_IDENTIFIER.
+                          type: string
+                        value:
+                          description: |-
+                            Variable references $(VAR_NAME) are expanded
+                            using the previously defined environment variables in the container and
+                            any service environment variables. If a variable cannot be resolved,
+                            the reference in the input string will be unchanged. Double $$ are reduced
+                            to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
+                            "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+                            Escaped references will never be expanded, regardless of whether the variable
+                            exists or not.
+                            Defaults to "".
+                          type: string
+                        valueFrom:
+                          description: Source for the environment variable's value.
+                            Cannot be used if value is not empty.
+                          properties:
+                            configMapKeyRef:
+                              description: Selects a key of a ConfigMap.
+                              properties:
+                                key:
+                                  description: The key to select.
+                                  type: string
+                                name:
+                                  description: |-
+                                    Name of the referent.
+                                    More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind, uid?
+                                  type: string
+                                optional:
+                                  description: Specify whether the ConfigMap or its
+                                    key must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            fieldRef:
+                              description: |-
+                                Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
+                                spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
+                              properties:
+                                apiVersion:
+                                  description: Version of the schema the FieldPath
+                                    is written in terms of, defaults to "v1".
+                                  type: string
+                                fieldPath:
+                                  description: Path of the field to select in the
+                                    specified API version.
+                                  type: string
+                              required:
+                              - fieldPath
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            resourceFieldRef:
+                              description: |-
+                                Selects a resource of the container: only resources limits and requests
+                                (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
+                              properties:
+                                containerName:
+                                  description: 'Container name: required for volumes,
+                                    optional for env vars'
+                                  type: string
+                                divisor:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Specifies the output format of the
+                                    exposed resources, defaults to "1"
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                resource:
+                                  description: 'Required: resource to select'
+                                  type: string
+                              required:
+                              - resource
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secretKeyRef:
+                              description: Selects a key of a secret in the pod's
+                                namespace
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: |-
+                                    Name of the referent.
+                                    More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind, uid?
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  image:
+                    type: string
+                  securityContext:
+                    description: |-
+                      SecurityContext holds security configuration that will be applied to a container.
+                      Some fields are present in both SecurityContext and PodSecurityContext.  When both
+                      are set, the values in SecurityContext take precedence.
+                    properties:
+                      allowPrivilegeEscalation:
+                        description: |-
+                          AllowPrivilegeEscalation controls whether a process can gain more
+                          privileges than its parent process. This bool directly controls if
+                          the no_new_privs flag will be set on the container process.
+                          AllowPrivilegeEscalation is true always when the container is:
+                          1) run as Privileged
+                          2) has CAP_SYS_ADMIN
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      capabilities:
+                        description: |-
+                          The capabilities to add/drop when running containers.
+                          Defaults to the default set of capabilities granted by the container runtime.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          add:
+                            description: Added capabilities
+                            items:
+                              description: Capability represent POSIX capabilities
+                                type
+                              type: string
+                            type: array
+                          drop:
+                            description: Removed capabilities
+                            items:
+                              description: Capability represent POSIX capabilities
+                                type
+                              type: string
+                            type: array
+                        type: object
+                      privileged:
+                        description: |-
+                          Run container in privileged mode.
+                          Processes in privileged containers are essentially equivalent to root on the host.
+                          Defaults to false.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      procMount:
+                        description: |-
+                          procMount denotes the type of proc mount to use for the containers.
+                          The default is DefaultProcMount which uses the container runtime defaults for
+                          readonly paths and masked paths.
+                          This requires the ProcMountType feature flag to be enabled.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: string
+                      readOnlyRootFilesystem:
+                        description: |-
+                          Whether this container has a read-only root filesystem.
+                          Default is false.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      runAsGroup:
+                        description: |-
+                          The GID to run the entrypoint of the container process.
+                          Uses runtime default if unset.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        description: |-
+                          Indicates that the container must run as a non-root user.
+                          If true, the Kubelet will validate the image at runtime to ensure that it
+                          does not run as UID 0 (root) and fail to start the container if it does.
+                          If unset or false, no such validation will be performed.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                        type: boolean
+                      runAsUser:
+                        description: |-
+                          The UID to run the entrypoint of the container process.
+                          Defaults to user specified in image metadata if unspecified.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        format: int64
+                        type: integer
+                      seLinuxOptions:
+                        description: |-
+                          The SELinux context to be applied to the container.
+                          If unspecified, the container runtime will allocate a random SELinux context for each
+                          container.  May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          level:
+                            description: Level is SELinux level label that applies
+                              to the container.
+                            type: string
+                          role:
+                            description: Role is a SELinux role label that applies
+                              to the container.
+                            type: string
+                          type:
+                            description: Type is a SELinux type label that applies
+                              to the container.
+                            type: string
+                          user:
+                            description: User is a SELinux user label that applies
+                              to the container.
+                            type: string
+                        type: object
+                      seccompProfile:
+                        description: |-
+                          The seccomp options to use by this container. If seccomp options are
+                          provided at both the pod & container level, the container options
+                          override the pod options.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          localhostProfile:
+                            description: |-
+                              localhostProfile indicates a profile defined in a file on the node should be used.
+                              The profile must be preconfigured on the node to work.
+                              Must be a descending path, relative to the kubelet's configured seccomp profile location.
+                              Must be set if type is "Localhost". Must NOT be set for any other type.
+                            type: string
+                          type:
+                            description: |-
+                              type indicates which kind of seccomp profile will be applied.
+                              Valid options are:
+
+
+                              Localhost - a profile defined in a file on the node should be used.
+                              RuntimeDefault - the container runtime default profile should be used.
+                              Unconfined - no profile should be applied.
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      windowsOptions:
+                        description: |-
+                          The Windows specific settings applied to all containers.
+                          If unspecified, the options from the PodSecurityContext will be used.
+                          If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is linux.
+                        properties:
+                          gmsaCredentialSpec:
+                            description: |-
+                              GMSACredentialSpec is where the GMSA admission webhook
+                              (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
+                              GMSA credential spec named by the GMSACredentialSpecName field.
+                            type: string
+                          gmsaCredentialSpecName:
+                            description: GMSACredentialSpecName is the name of the
+                              GMSA credential spec to use.
+                            type: string
+                          hostProcess:
+                            description: |-
+                              HostProcess determines if a container should be run as a 'Host Process' container.
+                              All of a Pod's containers must have the same effective HostProcess value
+                              (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
+                              In addition, if HostProcess is true then HostNetwork must also be set to true.
+                            type: boolean
+                          runAsUserName:
+                            description: |-
+                              The UserName in Windows to run the entrypoint of the container process.
+                              Defaults to the user specified in image metadata if unspecified.
+                              May also be set in PodSecurityContext. If set in both SecurityContext and
+                              PodSecurityContext, the value specified in SecurityContext takes precedence.
+                            type: string
+                        type: object
+                    type: object
+                  volumes:
+                    items:
+                      properties:
+                        destination:
+                          type: string
+                        name:
+                          type: string
+                        source:
+                          type: string
+                      type: object
+                    type: array
+                type: object
+            type: object
+          status:
+            properties:
+              conditions:
+                description: Conditions describe the state of the managed OS version
+                  object.
+                items:
+                  description: "Condition contains details for one aspect of the current
+                    state of this API Resource.\n---\nThis struct is intended for
+                    direct use as an array at the field path .status.conditions.  For
+                    example,\n\n\n\ttype FooStatus struct{\n\t    // Represents the
+                    observations of a foo's current state.\n\t    // Known .status.conditions.type
+                    are: \"Available\", \"Progressing\", and \"Degraded\"\n\t    //
+                    +patchMergeKey=type\n\t    // +patchStrategy=merge\n\t    // +listType=map\n\t
+                    \   // +listMapKey=type\n\t    Conditions []metav1.Condition `json:\"conditions,omitempty\"
+                    patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
+                    \   // other fields\n\t}"
+                  properties:
+                    lastTransitionTime:
+                      description: |-
+                        lastTransitionTime is the last time the condition transitioned from one status to another.
+                        This should be when the underlying condition changed.  If that is not known, then using the time when the API field changed is acceptable.
+                      format: date-time
+                      type: string
+                    message:
+                      description: |-
+                        message is a human readable message indicating details about the transition.
+                        This may be an empty string.
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      description: |-
+                        observedGeneration represents the .metadata.generation that the condition was set based upon.
+                        For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+                        with respect to the current state of the instance.
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      description: |-
+                        reason contains a programmatic identifier indicating the reason for the condition's last transition.
+                        Producers of specific condition types may define expected values and meanings for this field,
+                        and whether the values are considered a guaranteed API.
+                        The value should be a CamelCase string.
+                        This field may not be empty.
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      description: status of the condition, one of True, False, Unknown.
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      description: |-
+                        type of condition in CamelCase or in foo.example.com/CamelCase.
+                        ---
+                        Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
+                        useful (see .node.status.conditions), the ability to deconflict is important.
+                        The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+              failedSynchronizationAttempts:
+                description: FailedSynchronizationAttempts counts the number of consecutive
+                  synchronization failures
+                type: integer
+              lastSyncedTime:
+                description: LastSyncedTime is the timestamp of the last synchronization
+                format: date-time
+                type: string
+              syncedGeneration:
+                description: SyncedGeneration tracks the spec generation of the last
+                  synchronization
+                format: int64
+                type: integer
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    app.kubernetes.io/instance: '{{ .Release.Name }}'
+    app.kubernetes.io/part-of: Elemental Operator
+    app.kubernetes.io/version: '{{ .Chart.Version }}'
+    controller-gen.kubebuilder.io/version: v0.14.0
+  labels:
+    cluster.x-k8s.io/provider: infrastructure-elemental
+    cluster.x-k8s.io/v1beta1: v1beta1
+    release-name: '{{ .Release.Name }}'
+  name: managedosversions.elemental.cattle.io
+spec:
+  group: elemental.cattle.io
+  names:
+    kind: ManagedOSVersion
+    listKind: ManagedOSVersionList
+    plural: managedosversions
+    singular: managedosversion
+  scope: Namespaced
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              metadata:
+                x-kubernetes-preserve-unknown-fields: true
+              minVersion:
+                type: string
+              type:
+                type: string
+              upgradeContainer:
+                description: ContainerSpec is a simplified container template.
+                properties:
+                  args:
+                    items:
+                      type: string
+                    type: array
+                  command:
+                    items:
+                      type: string
+                    type: array
+                  envFrom:
+                    items:
+                      description: EnvFromSource represents the source of a set of
+                        ConfigMaps
+                      properties:
+                        configMapRef:
+                          description: The ConfigMap to select from
+                          properties:
+                            name:
+                              description: |-
+                                Name of the referent.
+                                More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?
+                              type: string
+                            optional:
+                              description: Specify whether the ConfigMap must be defined
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        prefix:
+                          description: An optional identifier to prepend to each key
+                            in the ConfigMap. Must be a C_IDENTIFIER.
+                          type: string
+                        secretRef:
+                          description: The Secret to select from
+                          properties:
+                            name:
+                              description: |-
+                                Name of the referent.
+                                More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?
+                              type: string
+                            optional:
+                              description: Specify whether the Secret must be defined
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      type: object
+                    type: array
+                  envs:
+                    items:
+                      description: EnvVar represents an environment variable present
+                        in a Container.
+                      properties:
+                        name:
+                          description: Name of the environment variable. Must be a
+                            C_IDENTIFIER.
+                          type: string
+                        value:
+                          description: |-
+                            Variable references $(VAR_NAME) are expanded
+                            using the previously defined environment variables in the container and
+                            any service environment variables. If a variable cannot be resolved,
+                            the reference in the input string will be unchanged. Double $$ are reduced
+                            to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
+                            "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+                            Escaped references will never be expanded, regardless of whether the variable
+                            exists or not.
+                            Defaults to "".
+                          type: string
+                        valueFrom:
+                          description: Source for the environment variable's value.
+                            Cannot be used if value is not empty.
+                          properties:
+                            configMapKeyRef:
+                              description: Selects a key of a ConfigMap.
+                              properties:
+                                key:
+                                  description: The key to select.
+                                  type: string
+                                name:
+                                  description: |-
+                                    Name of the referent.
+                                    More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind, uid?
+                                  type: string
+                                optional:
+                                  description: Specify whether the ConfigMap or its
+                                    key must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            fieldRef:
+                              description: |-
+                                Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
+                                spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
+                              properties:
+                                apiVersion:
+                                  description: Version of the schema the FieldPath
+                                    is written in terms of, defaults to "v1".
+                                  type: string
+                                fieldPath:
+                                  description: Path of the field to select in the
+                                    specified API version.
+                                  type: string
+                              required:
+                              - fieldPath
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            resourceFieldRef:
+                              description: |-
+                                Selects a resource of the container: only resources limits and requests
+                                (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
+                              properties:
+                                containerName:
+                                  description: 'Container name: required for volumes,
+                                    optional for env vars'
+                                  type: string
+                                divisor:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Specifies the output format of the
+                                    exposed resources, defaults to "1"
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                resource:
+                                  description: 'Required: resource to select'
+                                  type: string
+                              required:
+                              - resource
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secretKeyRef:
+                              description: Selects a key of a secret in the pod's
+                                namespace
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: |-
+                                    Name of the referent.
+                                    More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind, uid?
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  image:
+                    type: string
+                  securityContext:
+                    description: |-
+                      SecurityContext holds security configuration that will be applied to a container.
+                      Some fields are present in both SecurityContext and PodSecurityContext.  When both
+                      are set, the values in SecurityContext take precedence.
+                    properties:
+                      allowPrivilegeEscalation:
+                        description: |-
+                          AllowPrivilegeEscalation controls whether a process can gain more
+                          privileges than its parent process. This bool directly controls if
+                          the no_new_privs flag will be set on the container process.
+                          AllowPrivilegeEscalation is true always when the container is:
+                          1) run as Privileged
+                          2) has CAP_SYS_ADMIN
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      capabilities:
+                        description: |-
+                          The capabilities to add/drop when running containers.
+                          Defaults to the default set of capabilities granted by the container runtime.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          add:
+                            description: Added capabilities
+                            items:
+                              description: Capability represent POSIX capabilities
+                                type
+                              type: string
+                            type: array
+                          drop:
+                            description: Removed capabilities
+                            items:
+                              description: Capability represent POSIX capabilities
+                                type
+                              type: string
+                            type: array
+                        type: object
+                      privileged:
+                        description: |-
+                          Run container in privileged mode.
+                          Processes in privileged containers are essentially equivalent to root on the host.
+                          Defaults to false.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      procMount:
+                        description: |-
+                          procMount denotes the type of proc mount to use for the containers.
+                          The default is DefaultProcMount which uses the container runtime defaults for
+                          readonly paths and masked paths.
+                          This requires the ProcMountType feature flag to be enabled.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: string
+                      readOnlyRootFilesystem:
+                        description: |-
+                          Whether this container has a read-only root filesystem.
+                          Default is false.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      runAsGroup:
+                        description: |-
+                          The GID to run the entrypoint of the container process.
+                          Uses runtime default if unset.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        description: |-
+                          Indicates that the container must run as a non-root user.
+                          If true, the Kubelet will validate the image at runtime to ensure that it
+                          does not run as UID 0 (root) and fail to start the container if it does.
+                          If unset or false, no such validation will be performed.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                        type: boolean
+                      runAsUser:
+                        description: |-
+                          The UID to run the entrypoint of the container process.
+                          Defaults to user specified in image metadata if unspecified.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        format: int64
+                        type: integer
+                      seLinuxOptions:
+                        description: |-
+                          The SELinux context to be applied to the container.
+                          If unspecified, the container runtime will allocate a random SELinux context for each
+                          container.  May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          level:
+                            description: Level is SELinux level label that applies
+                              to the container.
+                            type: string
+                          role:
+                            description: Role is a SELinux role label that applies
+                              to the container.
+                            type: string
+                          type:
+                            description: Type is a SELinux type label that applies
+                              to the container.
+                            type: string
+                          user:
+                            description: User is a SELinux user label that applies
+                              to the container.
+                            type: string
+                        type: object
+                      seccompProfile:
+                        description: |-
+                          The seccomp options to use by this container. If seccomp options are
+                          provided at both the pod & container level, the container options
+                          override the pod options.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          localhostProfile:
+                            description: |-
+                              localhostProfile indicates a profile defined in a file on the node should be used.
+                              The profile must be preconfigured on the node to work.
+                              Must be a descending path, relative to the kubelet's configured seccomp profile location.
+                              Must be set if type is "Localhost". Must NOT be set for any other type.
+                            type: string
+                          type:
+                            description: |-
+                              type indicates which kind of seccomp profile will be applied.
+                              Valid options are:
+
+
+                              Localhost - a profile defined in a file on the node should be used.
+                              RuntimeDefault - the container runtime default profile should be used.
+                              Unconfined - no profile should be applied.
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      windowsOptions:
+                        description: |-
+                          The Windows specific settings applied to all containers.
+                          If unspecified, the options from the PodSecurityContext will be used.
+                          If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is linux.
+                        properties:
+                          gmsaCredentialSpec:
+                            description: |-
+                              GMSACredentialSpec is where the GMSA admission webhook
+                              (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
+                              GMSA credential spec named by the GMSACredentialSpecName field.
+                            type: string
+                          gmsaCredentialSpecName:
+                            description: GMSACredentialSpecName is the name of the
+                              GMSA credential spec to use.
+                            type: string
+                          hostProcess:
+                            description: |-
+                              HostProcess determines if a container should be run as a 'Host Process' container.
+                              All of a Pod's containers must have the same effective HostProcess value
+                              (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
+                              In addition, if HostProcess is true then HostNetwork must also be set to true.
+                            type: boolean
+                          runAsUserName:
+                            description: |-
+                              The UserName in Windows to run the entrypoint of the container process.
+                              Defaults to the user specified in image metadata if unspecified.
+                              May also be set in PodSecurityContext. If set in both SecurityContext and
+                              PodSecurityContext, the value specified in SecurityContext takes precedence.
+                            type: string
+                        type: object
+                    type: object
+                  volumes:
+                    items:
+                      properties:
+                        destination:
+                          type: string
+                        name:
+                          type: string
+                        source:
+                          type: string
+                      type: object
+                    type: array
+                type: object
+              version:
+                type: string
+            type: object
+          status:
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    app.kubernetes.io/instance: '{{ .Release.Name }}'
+    app.kubernetes.io/part-of: Elemental Operator
+    app.kubernetes.io/version: '{{ .Chart.Version }}'
+    controller-gen.kubebuilder.io/version: v0.14.0
+  labels:
+    cluster.x-k8s.io/provider: infrastructure-elemental
+    cluster.x-k8s.io/v1beta1: v1beta1
+    release-name: '{{ .Release.Name }}'
+  name: metadata.elemental.cattle.io
+spec:
+  group: elemental.cattle.io
+  names:
+    kind: Metadata
+    listKind: MetadataList
+    plural: metadata
+    singular: metadata
+  scope: Namespaced
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              annotations:
+                additionalProperties:
+                  type: string
+                type: object
+              appVersion:
+                type: string
+            type: object
+          status:
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    app.kubernetes.io/instance: '{{ .Release.Name }}'
+    app.kubernetes.io/part-of: Elemental Operator
+    app.kubernetes.io/version: '{{ .Chart.Version }}'
+    controller-gen.kubebuilder.io/version: v0.14.0
+  labels:
+    cluster.x-k8s.io/provider: infrastructure-elemental
+    cluster.x-k8s.io/v1beta1: v1beta1
+    release-name: '{{ .Release.Name }}'
+  name: seedimages.elemental.cattle.io
+spec:
+  group: elemental.cattle.io
+  names:
+    kind: SeedImage
+    listKind: SeedImageList
+    plural: seedimages
+    singular: seedimage
+  scope: Namespaced
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              baseImage:
+                description: BaseImg the base elemental image used to build the seed
+                  image.
+                type: string
+              buildContainer:
+                description: |-
+                  BuildContainer settings for a custom container used to generate the
+                  downloadable image.
+                properties:
+                  args:
+                    description: Args same as corev1.Container.Args
+                    items:
+                      type: string
+                    type: array
+                  command:
+                    description: Command same as corev1.Container.Command
+                    items:
+                      type: string
+                    type: array
+                  image:
+                    description: Image container image to run
+                    type: string
+                  imagePullPolicy:
+                    description: Args same as corev1.Container.ImagePullPolicy
+                    type: string
+                  name:
+                    description: Name of the spawned container
+                    type: string
+                type: object
+              cleanupAfterMinutes:
+                default: 60
+                description: |-
+                  LifetimeMinutes the time at which the built seed image will be cleaned up.
+                  If when the lifetime elapses the built image is being downloaded, the active
+                  download will be completed before removing the built image.
+                  Default is 60 minutes, set to 0 to disable.
+                format: int32
+                type: integer
+              cloud-config:
+                description: CloudConfig contains cloud-config data to be put in the
+                  generated iso.
+                x-kubernetes-preserve-unknown-fields: true
+              registrationRef:
+                description: MachineRegistrationRef a reference to the related MachineRegistration.
+                properties:
+                  apiVersion:
+                    description: API version of the referent.
+                    type: string
+                  fieldPath:
+                    description: |-
+                      If referring to a piece of an object instead of an entire object, this string
+                      should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+                      For example, if the object reference is to a container within a pod, this would take on a value like:
+                      "spec.containers{name}" (where "name" refers to the name of the container that triggered
+                      the event) or if no container name is specified "spec.containers[2]" (container with
+                      index 2 in this pod). This syntax is chosen only to have some well-defined way of
+                      referencing a part of an object.
+                      TODO: this design is not final and this field is subject to change in the future.
+                    type: string
+                  kind:
+                    description: |-
+                      Kind of the referent.
+                      More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+                    type: string
+                  name:
+                    description: |-
+                      Name of the referent.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    type: string
+                  namespace:
+                    description: |-
+                      Namespace of the referent.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+                    type: string
+                  resourceVersion:
+                    description: |-
+                      Specific resourceVersion to which this reference is made, if any.
+                      More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+                    type: string
+                  uid:
+                    description: |-
+                      UID of the referent.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+                    type: string
+                type: object
+                x-kubernetes-map-type: atomic
+              retriggerBuild:
+                description: RetriggerBuild triggers to build again a cleaned up seed
+                  image.
+                type: boolean
+              size:
+                anyOf:
+                - type: integer
+                - type: string
+                default: 6442450944
+                description: |-
+                  Size specifies the size of the volume used to store the image.
+                  Defaults to 6Gi
+                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                x-kubernetes-int-or-string: true
+              targetPlatform:
+                description: 'Platform specifies the target platform for the built
+                  image. Example: linux/amd64'
+                example: linux/amd64
+                pattern: ^$|^\S+\/\S+$
+                type: string
+              type:
+                default: iso
+                description: |-
+                  Type specifies the type of seed image to built.
+                  Valid values are iso|raw
+                  Defaults to "iso"
+                enum:
+                - iso
+                - raw
+                type: string
+            required:
+            - registrationRef
+            - type
+            type: object
+          status:
+            properties:
+              conditions:
+                description: Conditions describe the state of the machine registration
+                  object.
+                items:
+                  description: "Condition contains details for one aspect of the current
+                    state of this API Resource.\n---\nThis struct is intended for
+                    direct use as an array at the field path .status.conditions.  For
+                    example,\n\n\n\ttype FooStatus struct{\n\t    // Represents the
+                    observations of a foo's current state.\n\t    // Known .status.conditions.type
+                    are: \"Available\", \"Progressing\", and \"Degraded\"\n\t    //
+                    +patchMergeKey=type\n\t    // +patchStrategy=merge\n\t    // +listType=map\n\t
+                    \   // +listMapKey=type\n\t    Conditions []metav1.Condition `json:\"conditions,omitempty\"
+                    patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
+                    \   // other fields\n\t}"
+                  properties:
+                    lastTransitionTime:
+                      description: |-
+                        lastTransitionTime is the last time the condition transitioned from one status to another.
+                        This should be when the underlying condition changed.  If that is not known, then using the time when the API field changed is acceptable.
+                      format: date-time
+                      type: string
+                    message:
+                      description: |-
+                        message is a human readable message indicating details about the transition.
+                        This may be an empty string.
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      description: |-
+                        observedGeneration represents the .metadata.generation that the condition was set based upon.
+                        For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+                        with respect to the current state of the instance.
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      description: |-
+                        reason contains a programmatic identifier indicating the reason for the condition's last transition.
+                        Producers of specific condition types may define expected values and meanings for this field,
+                        and whether the values are considered a guaranteed API.
+                        The value should be a CamelCase string.
+                        This field may not be empty.
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      description: status of the condition, one of True, False, Unknown.
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      description: |-
+                        type of condition in CamelCase or in foo.example.com/CamelCase.
+                        ---
+                        Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
+                        useful (see .node.status.conditions), the ability to deconflict is important.
+                        The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+              downloadToken:
+                description: DownloadToken a token to identify the seed image to download.
+                type: string
+              downloadURL:
+                description: DownloadURL the URL from which the SeedImage can be downloaded
+                  once built.
+                type: string
+              state:
+                description: State reflect the state of the seed image build process.
+                enum:
+                - Initialized
+                - Started
+                - Completed
+                - Failed
+                - NotStarted
+                type: string
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/elemental-crd/103.4.0+up1.6.4/templates/validate-no-pending-deletions.yaml b/charts/elemental-crd/103.4.0+up1.6.4/templates/validate-no-pending-deletions.yaml
new file mode 100644
index 0000000000..6e16863118
--- /dev/null
+++ b/charts/elemental-crd/103.4.0+up1.6.4/templates/validate-no-pending-deletions.yaml
@@ -0,0 +1,17 @@
+{{- $crds := list
+  "machineinventories.elemental.cattle.io"
+  "machineinventoryselectors.elemental.cattle.io"
+  "machineinventoryselectortemplates.elemental.cattle.io"
+  "machineregistrations.elemental.cattle.io"
+  "managedosimages.elemental.cattle.io"
+  "managedosversionchannels.elemental.cattle.io"
+  "managedosversions.elemental.cattle.io"
+  "seedimages.elemental.cattle.io"
+  "metadata.elemental.cattle.io"
+-}}
+{{- range $index, $crd := $crds -}}
+  {{- $obj := lookup "apiextensions.k8s.io/v1" "CustomResourceDefinition" $.Release.Namespace $crd -}}
+  {{- if and $obj $obj.metadata.deletionTimestamp -}}
+    {{- required "CRDs from previous installations are pending to be removed (deletionTimestamp is set). Fully deleting them before (re-)installing is required" "" -}}
+  {{- end -}}
+{{- end -}}
diff --git a/charts/elemental/103.4.0+up1.6.4/Chart.yaml b/charts/elemental/103.4.0+up1.6.4/Chart.yaml
new file mode 100644
index 0000000000..230ded19b5
--- /dev/null
+++ b/charts/elemental/103.4.0+up1.6.4/Chart.yaml
@@ -0,0 +1,20 @@
+annotations:
+  catalog.cattle.io/auto-install: elemental-crd=match
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/display-name: Elemental
+  catalog.cattle.io/kube-version: '>= 1.23.0-0'
+  catalog.cattle.io/namespace: cattle-elemental-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux
+  catalog.cattle.io/provides-gvr: elemental.cattle.io/v1beta1
+  catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+  catalog.cattle.io/release-name: elemental-operator
+  catalog.cattle.io/scope: management
+  catalog.cattle.io/type: cluster-tool
+  catalog.cattle.io/upstream-version: 1.6.4
+apiVersion: v2
+appVersion: 1.6.4
+description: Elemental provides Cloud Native OS Management for Cluster Nodes.
+icon: https://raw.githubusercontent.com/rancher/elemental/main/logo/icon-elemental.svg
+name: elemental
+version: 103.4.0+up1.6.4
diff --git a/charts/elemental/103.4.0+up1.6.4/README.md b/charts/elemental/103.4.0+up1.6.4/README.md
new file mode 100644
index 0000000000..bf7b83ea6c
--- /dev/null
+++ b/charts/elemental/103.4.0+up1.6.4/README.md
@@ -0,0 +1,5 @@
+# Elemental Operator Helm Chart
+
+This chart bootstraps an elemental-operator deployment on a [Rancher Manager](https://rancher.com/docs/rancher/) cluster using the [Helm](https://helm.sh) package manager.
+
+Check out the [Elemental Operator Helm Chart documentation](https://elemental.docs.rancher.com/elementaloperatorchart-reference/) in the official [Elemental guide](https://elemental.docs.rancher.com/).
diff --git a/charts/elemental/103.4.0+up1.6.4/app-readme.md b/charts/elemental/103.4.0+up1.6.4/app-readme.md
new file mode 100644
index 0000000000..3d694ac5f6
--- /dev/null
+++ b/charts/elemental/103.4.0+up1.6.4/app-readme.md
@@ -0,0 +1,5 @@
+# Elemental
+
+Elemental brings to Rancher the ability to install and manage the OS of bare metal and virtualized machines.
+
+For more information on how to deploy an Elemental Cluster, follow the [official documentation](https://elemental.docs.rancher.com/).
\ No newline at end of file
diff --git a/charts/elemental/103.4.0+up1.6.4/questions.yaml b/charts/elemental/103.4.0+up1.6.4/questions.yaml
new file mode 100644
index 0000000000..53a85c6e32
--- /dev/null
+++ b/charts/elemental/103.4.0+up1.6.4/questions.yaml
@@ -0,0 +1,27 @@
+questions:
+- variable: channel.defaultChannel
+  default: "true"
+  description: "Provide an Elemental OS Channel container image"
+  label: Elemental OS Channel
+  type: boolean
+  show_subquestion_if: true
+  group: "Elemental OS Channel"
+  subquestions:
+  - variable: channel.image
+    default: "registry.suse.com/rancher/elemental-channel/sl-micro"
+    description: "Specify the Elemental OS channel: for air-gapped scenarios you need to provide your own OS channel image (see https://elemental.docs.rancher.com/airgap for detailed instructions)"
+    type: string
+    label: Elemental OS Channel Image
+    group: "Elemental OS Channel"
+  - variable: channel.tag
+    default: "6.0-baremetal"
+    description: "Specify Elemental OS channel image tag"
+    type: string
+    label: "Elemental OS Channel Tag"
+    group: "Elemental OS Channel"
+- variable: debug
+  default: "false"
+  description: "Enable debug logging in the Elemental operator"
+  type: boolean
+  label: "Enable Debug Logging"
+  group: "Logging"
diff --git a/charts/elemental/103.4.0+up1.6.4/templates/_helpers.tpl b/charts/elemental/103.4.0+up1.6.4/templates/_helpers.tpl
new file mode 100644
index 0000000000..ee1e6fe7d8
--- /dev/null
+++ b/charts/elemental/103.4.0+up1.6.4/templates/_helpers.tpl
@@ -0,0 +1,17 @@
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "registry_url" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{ include "system_default_registry" . }}
+{{- else if .Values.registryUrl -}}
+{{- printf "%s/" .Values.registryUrl -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/elemental/103.4.0+up1.6.4/templates/apiservice.yaml b/charts/elemental/103.4.0+up1.6.4/templates/apiservice.yaml
new file mode 100644
index 0000000000..73ae2e505f
--- /dev/null
+++ b/charts/elemental/103.4.0+up1.6.4/templates/apiservice.yaml
@@ -0,0 +1,9 @@
+kind: APIService
+apiVersion: management.cattle.io/v3
+metadata:
+  name: {{ .Release.Name }}
+spec:
+  secretName: elemental-operator
+  secretNamespace: {{ .Release.Namespace }}
+  pathPrefixes:
+  - /elemental/
diff --git a/charts/elemental/103.4.0+up1.6.4/templates/capi_rbac.yaml b/charts/elemental/103.4.0+up1.6.4/templates/capi_rbac.yaml
new file mode 100644
index 0000000000..8692f75269
--- /dev/null
+++ b/charts/elemental/103.4.0+up1.6.4/templates/capi_rbac.yaml
@@ -0,0 +1,10 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: elemental-capi-role
+  labels:
+    cluster.x-k8s.io/aggregate-to-manager: "true"
+rules:
+  - apiGroups: ["elemental.cattle.io"]
+    resources: ["*"]
+    verbs: ["*"]
diff --git a/charts/elemental/103.4.0+up1.6.4/templates/channel-dev.yaml b/charts/elemental/103.4.0+up1.6.4/templates/channel-dev.yaml
new file mode 100644
index 0000000000..da66784034
--- /dev/null
+++ b/charts/elemental/103.4.0+up1.6.4/templates/channel-dev.yaml
@@ -0,0 +1,13 @@
+# Unstable channel for testing isv:Rancher:Elemental OBS projects
+# it is only rendered if the registryUrl value includes a known OBS project reference
+{{ if and (hasPrefix "registry.opensuse.org" .Values.registryUrl) (contains "isv/rancher/elemental" .Values.registryUrl) }}
+apiVersion: elemental.cattle.io/v1beta1
+kind: ManagedOSVersionChannel
+metadata:
+  name: unstable-testing-channel
+  namespace: fleet-default
+spec:
+  options:
+    image: {{ .Values.registryUrl }}/rancher/elemental-unstable-channel:latest
+  type: custom
+{{ end }}
diff --git a/charts/elemental/103.4.0+up1.6.4/templates/channels.yaml b/charts/elemental/103.4.0+up1.6.4/templates/channels.yaml
new file mode 100644
index 0000000000..c180d36d05
--- /dev/null
+++ b/charts/elemental/103.4.0+up1.6.4/templates/channels.yaml
@@ -0,0 +1,30 @@
+{{ $defChannelName := "" }}
+{{ if and .Values.channel .Values.channel.image .Values.channel.tag .Values.channel.name }}
+{{ $defChannelName := .Values.channel.name }}
+apiVersion: elemental.cattle.io/v1beta1
+kind: ManagedOSVersionChannel
+metadata:
+  name: {{ .Values.channel.name }}
+  namespace: fleet-default
+spec:
+  options:
+    image: {{ .Values.channel.image }}:{{ .Values.channel.tag }}
+  type: custom
+{{ end }}
+
+# Keep pre-existing channels managed by Helm if they do not match with the current default
+# this way if an upgrade introduces a new channel any pre-existing channel managed by Helm is not deleted
+{{ range $index, $channel := (lookup "elemental.cattle.io/v1beta1" "ManagedOSVersionChannel" "fleet-default" "").items }}
+  {{ if and (eq (index $channel.metadata.labels "app.kubernetes.io/managed-by") "Helm") (ne $channel.metadata.name $defChannelName) }}
+---
+apiVersion: elemental.cattle.io/v1beta1
+kind: ManagedOSVersionChannel
+metadata:
+  name: {{ $channel.metadata.name }}
+  namespace: fleet-default
+spec:
+  options:
+    image: {{ $channel.spec.options.image }}
+  type: custom
+  {{ end }}
+{{ end }}
diff --git a/charts/elemental/103.4.0+up1.6.4/templates/cluster_role.yaml b/charts/elemental/103.4.0+up1.6.4/templates/cluster_role.yaml
new file mode 100644
index 0000000000..aaa3a0f2ec
--- /dev/null
+++ b/charts/elemental/103.4.0+up1.6.4/templates/cluster_role.yaml
@@ -0,0 +1,268 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: '{{ .Release.Name }}'
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - events
+  verbs:
+  - create
+  - patch
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - pods/log
+  verbs:
+  - get
+- apiGroups:
+  - ""
+  resources:
+  - pods/status
+  verbs:
+  - get
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - serviceaccounts
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - services
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - services/status
+  verbs:
+  - get
+- apiGroups:
+  - cluster.x-k8s.io
+  resources:
+  - machines
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - machineinventories
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - machineinventories/status
+  verbs:
+  - get
+  - patch
+  - update
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - machineinventoryselectors
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - machineinventoryselectors/status
+  verbs:
+  - get
+  - list
+  - patch
+  - update
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - machineregistrations
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - machineregistrations/status
+  verbs:
+  - get
+  - patch
+  - update
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - managedosimages
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - managedosimages/status
+  verbs:
+  - get
+  - list
+  - patch
+  - update
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - managedosversionchannels
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - managedosversionchannels/status
+  verbs:
+  - get
+  - list
+  - patch
+  - update
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - managedosversions
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - managedosversions/status
+  verbs:
+  - get
+  - list
+  - patch
+  - update
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - seedimages
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - seedimages/status
+  verbs:
+  - get
+  - patch
+  - update
+- apiGroups:
+  - fleet.cattle.io
+  resources:
+  - bundles
+  verbs:
+  - create
+  - get
+  - list
+  - update
+  - watch
+- apiGroups:
+  - management.cattle.io
+  resources:
+  - settings
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - rbac.authorization.k8s.io
+  resources:
+  - rolebindings
+  - roles
+  verbs:
+  - create
+  - delete
+  - list
+  - watch
diff --git a/charts/elemental/103.4.0+up1.6.4/templates/cluster_role_binding.yaml b/charts/elemental/103.4.0+up1.6.4/templates/cluster_role_binding.yaml
new file mode 100644
index 0000000000..e68c7bc96b
--- /dev/null
+++ b/charts/elemental/103.4.0+up1.6.4/templates/cluster_role_binding.yaml
@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ .Release.Name }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ .Release.Name }}
+subjects:
+- kind: ServiceAccount
+  name: {{ .Release.Name }}
+  namespace: {{.Release.Namespace}}
+
diff --git a/charts/elemental/103.4.0+up1.6.4/templates/deployment.yaml b/charts/elemental/103.4.0+up1.6.4/templates/deployment.yaml
new file mode 100644
index 0000000000..576d58d596
--- /dev/null
+++ b/charts/elemental/103.4.0+up1.6.4/templates/deployment.yaml
@@ -0,0 +1,50 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Release.Name }}
+spec:
+  replicas: {{ .Values.replicas }}
+  selector:
+    matchLabels:
+      app: elemental-operator
+  template:
+    metadata:
+      labels:
+        app: elemental-operator
+    spec:
+      containers:
+      - env:
+        - name: NO_PROXY
+          value: {{ .Values.noProxy }}
+        {{- if .Values.proxy }}
+        - name: HTTP_PROXY
+          value: {{ .Values.proxy }}
+        - name: HTTPS_PROXY
+          value: {{ .Values.proxy }}
+        {{- end }}
+        name: {{ .Release.Name }}
+        imagePullPolicy: "{{ .Values.image.imagePullPolicy }}"
+        image: {{ template "registry_url" . }}{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}
+        args:
+        - operator
+        {{- if .Values.debug }}
+        - --v=5
+        - --debug
+        {{- end }}
+        - --namespace
+        - {{ .Release.Namespace }}
+        - --operator-image
+        - {{ template "registry_url" . }}{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}
+        - --seedimage-image
+        - {{ template "registry_url" . }}{{ .Values.seedImage.repository }}:{{ .Values.seedImage.tag | default .Chart.AppVersion }}
+        - --seedimage-image-pullpolicy
+        - {{ .Values.seedImage.imagePullPolicy}}
+      serviceAccountName: {{ .Release.Name }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
diff --git a/charts/elemental/103.4.0+up1.6.4/templates/globalrole.yaml b/charts/elemental/103.4.0+up1.6.4/templates/globalrole.yaml
new file mode 100644
index 0000000000..323cf2ead8
--- /dev/null
+++ b/charts/elemental/103.4.0+up1.6.4/templates/globalrole.yaml
@@ -0,0 +1,16 @@
+apiVersion: management.cattle.io/v3
+builtin: false
+description: "Elemental Administrator Role"
+displayName: Elemental Administrator
+kind: GlobalRole
+metadata:
+  labels:
+    cattle.io/creator: norman
+  name: {{ .Release.Name }}
+rules:
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - '*'
+  verbs:
+  - '*'
diff --git a/charts/elemental/103.4.0+up1.6.4/templates/metadata.yaml b/charts/elemental/103.4.0+up1.6.4/templates/metadata.yaml
new file mode 100644
index 0000000000..d102d9f2ea
--- /dev/null
+++ b/charts/elemental/103.4.0+up1.6.4/templates/metadata.yaml
@@ -0,0 +1,10 @@
+apiVersion: elemental.cattle.io/v1beta1
+kind: Metadata
+metadata:
+  name: {{ .Release.Name }}
+spec:
+  appVersion: {{ .Chart.AppVersion }}
+  annotations:
+  {{- range $key, $value := .Chart.Annotations }}
+    {{ $key }}: {{ toYaml $value }}
+  {{- end }}
diff --git a/charts/elemental/103.4.0+up1.6.4/templates/serviceaccount.yaml b/charts/elemental/103.4.0+up1.6.4/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..cb203d6f6c
--- /dev/null
+++ b/charts/elemental/103.4.0+up1.6.4/templates/serviceaccount.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Release.Name }}
diff --git a/charts/elemental/103.4.0+up1.6.4/templates/validate-install-crd.yaml b/charts/elemental/103.4.0+up1.6.4/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..45008251ae
--- /dev/null
+++ b/charts/elemental/103.4.0+up1.6.4/templates/validate-install-crd.yaml
@@ -0,0 +1,26 @@
+{{ if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 }}
+  {{ $apis := dict
+    "elemental.cattle.io/v1beta1/MachineInventory" "machineinventories"
+    "elemental.cattle.io/v1beta1/MachineInventorySelector" "machineinventoryselectors"
+    "elemental.cattle.io/v1beta1/MachineInventorySelectorTemplate" "machineinventoryselectortemplates"
+    "elemental.cattle.io/v1beta1/MachineRegistration" "machineregistrations"
+    "elemental.cattle.io/v1beta1/ManagedOSImage" "managedosimages"
+    "elemental.cattle.io/v1beta1/ManagedOSVersionChannel" "managedosversionchannels"
+    "elemental.cattle.io/v1beta1/ManagedOSVersion" "managedosversions"
+    "elemental.cattle.io/v1beta1/SeedImage" "seedimages"
+    "elemental.cattle.io/v1beta1/Metadata" "metadata"
+  }}
+  {{- range $api, $crd := $apis -}}
+    {{- if not ($.Capabilities.APIVersions.Has $api) -}}
+      {{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
+    {{- end -}}
+    {{- $crdobj := lookup "apiextensions.k8s.io/v1" "CustomResourceDefinition" "" (print $crd ".elemental.cattle.io") -}}
+    {{- if not $crdobj -}}
+      {{- print "Cannot lookup " $crd ".elemental.cattle.io crd object" | fail -}}
+    {{- end -}}
+    {{- $crdrelease := index $crdobj.metadata.annotations "meta.helm.sh/release-name" -}}
+    {{- if eq $crdrelease $.Release.Name -}}
+      {{- required "Elemental CRDs should be moved to the new elemental-operator-crds chart before upgrading this operator." "" -}}
+    {{- end -}}
+  {{- end -}}
+{{- end -}}
diff --git a/charts/elemental/103.4.0+up1.6.4/values.yaml b/charts/elemental/103.4.0+up1.6.4/values.yaml
new file mode 100644
index 0000000000..1d32cc2f8a
--- /dev/null
+++ b/charts/elemental/103.4.0+up1.6.4/values.yaml
@@ -0,0 +1,43 @@
+image:
+  empty: rancher/pause:3.1
+  repository: "rancher/mirrored-elemental-operator"
+  tag: "1.6.4"
+  imagePullPolicy: IfNotPresent
+
+seedImage:
+  repository: "rancher/mirrored-elemental-seedimage-builder"
+  tag: "1.6.4"
+  imagePullPolicy: IfNotPresent
+
+channel:
+  name: "sl-micro-6.0-baremetal-channel"
+  image: "registry.suse.com/rancher/elemental-channel/sl-micro"
+  tag: "6.0-baremetal"
+
+# number of operator replicas to deploy
+replicas: 1
+
+# http[s] proxy server
+# proxy: http://<username>@<password>:<url>:<port>
+
+# comma separated list of domains or ip addresses that will not use the proxy
+noProxy: 127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.svc,.cluster.local
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+
+# used only if systemDefaultRegistry is empty
+registryUrl: ""
+
+# enable debug output for operator
+debug: false
+
+nodeSelector:
+  kubernetes.io/os: linux
+
+tolerations:
+  - key: cattle.io/os
+    operator: "Equal"
+    value: "linux"
+    effect: NoSchedule
diff --git a/charts/fleet-agent/103.1.8+up0.9.9/Chart.yaml b/charts/fleet-agent/103.1.8+up0.9.9/Chart.yaml
new file mode 100644
index 0000000000..52179f7957
--- /dev/null
+++ b/charts/fleet-agent/103.1.8+up0.9.9/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+  catalog.cattle.io/namespace: cattle-fleet-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+  catalog.cattle.io/release-name: fleet-agent
+apiVersion: v2
+appVersion: 0.9.9
+description: Fleet Manager Agent - GitOps at Scale
+icon: https://charts.rancher.io/assets/logos/fleet.svg
+name: fleet-agent
+version: 103.1.8+up0.9.9
diff --git a/charts/fleet-agent/103.1.8+up0.9.9/README.md b/charts/fleet-agent/103.1.8+up0.9.9/README.md
new file mode 100644
index 0000000000..2c5724dcef
--- /dev/null
+++ b/charts/fleet-agent/103.1.8+up0.9.9/README.md
@@ -0,0 +1,8 @@
+## Fleet Agent Helm Chart
+
+Every Fleet-managed downstream cluster will run an agent that communicates back to the Fleet controller. This agent is just another set of Kubernetes controllers running in the downstream cluster.
+
+Standalone Fleet users use this chart for agent-initiated registration. For more details see [agent-initiated registration](https://fleet.rancher.io/cluster-registration#agent-initiated).
+Fleet in Rancher does not use this chart, but creates the agent deployments programmatically.
+
+The Fleet documentation is centralized in the [doc website](https://fleet.rancher.io/).
\ No newline at end of file
diff --git a/charts/fleet-agent/103.1.8+up0.9.9/templates/_helpers.tpl b/charts/fleet-agent/103.1.8+up0.9.9/templates/_helpers.tpl
new file mode 100644
index 0000000000..6cd96c3ace
--- /dev/null
+++ b/charts/fleet-agent/103.1.8+up0.9.9/templates/_helpers.tpl
@@ -0,0 +1,22 @@
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
\ No newline at end of file
diff --git a/charts/fleet-agent/103.1.8+up0.9.9/templates/configmap.yaml b/charts/fleet-agent/103.1.8+up0.9.9/templates/configmap.yaml
new file mode 100644
index 0000000000..f3e83a89cc
--- /dev/null
+++ b/charts/fleet-agent/103.1.8+up0.9.9/templates/configmap.yaml
@@ -0,0 +1,13 @@
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: fleet-agent
+data:
+  config: |-
+    {
+      {{ if .Values.labels }}
+      "labels":{{toJson .Values.labels}},
+      {{ end }}
+      "clientID":"{{.Values.clientID}}",
+      "agentTLSMode": "{{.Values.agentTLSMode}}"
+    }
diff --git a/charts/fleet-agent/103.1.8+up0.9.9/templates/deployment.yaml b/charts/fleet-agent/103.1.8+up0.9.9/templates/deployment.yaml
new file mode 100644
index 0000000000..582eed608d
--- /dev/null
+++ b/charts/fleet-agent/103.1.8+up0.9.9/templates/deployment.yaml
@@ -0,0 +1,51 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: fleet-agent
+spec:
+  selector:
+    matchLabels:
+      app: fleet-agent
+  template:
+    metadata:
+      labels:
+        app: fleet-agent
+    spec:
+      containers:
+      - env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        image: '{{ template "system_default_registry" . }}{{.Values.image.repository}}:{{.Values.image.tag}}'
+        name: fleet-agent
+        command:
+        - fleetagent
+        {{- if .Values.debug }}
+        - --debug
+        - --debug-level
+        - {{ quote .Values.debugLevel }}
+        {{- else }}
+        securityContext:
+          allowPrivilegeEscalation: false
+          readOnlyRootFilesystem: true
+          privileged: false
+          capabilities:
+            drop:
+            - ALL
+        {{- end }}
+      serviceAccountName: fleet-agent
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.fleetAgent.nodeSelector }}
+{{ toYaml .Values.fleetAgent.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.fleetAgent.tolerations }}
+{{ toYaml .Values.fleetAgent.tolerations | indent 8 }}
+{{- end }}
+{{- if not .Values.debug }}
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+        runAsGroup: 1000
+{{- end }}
diff --git a/charts/fleet-agent/103.1.8+up0.9.9/templates/network_policy_allow_all.yaml b/charts/fleet-agent/103.1.8+up0.9.9/templates/network_policy_allow_all.yaml
new file mode 100644
index 0000000000..a72109a062
--- /dev/null
+++ b/charts/fleet-agent/103.1.8+up0.9.9/templates/network_policy_allow_all.yaml
@@ -0,0 +1,15 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: default-allow-all
+  namespace: {{ .Values.internal.systemNamespace }}
+spec:
+  podSelector: {}
+  ingress:
+  - {}
+  egress:
+  - {}
+  policyTypes:
+  - Ingress
+  - Egress
diff --git a/charts/fleet-agent/103.1.8+up0.9.9/templates/patch_default_serviceaccount.yaml b/charts/fleet-agent/103.1.8+up0.9.9/templates/patch_default_serviceaccount.yaml
new file mode 100644
index 0000000000..aad4eea415
--- /dev/null
+++ b/charts/fleet-agent/103.1.8+up0.9.9/templates/patch_default_serviceaccount.yaml
@@ -0,0 +1,28 @@
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: patch-fleet-sa
+  annotations:
+    "helm.sh/hook": post-install, post-upgrade
+    "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation
+spec:
+  template:
+    spec:
+      serviceAccountName: fleet-agent
+      restartPolicy: Never
+      containers:
+      - name: sa
+        image: "{{ template "system_default_registry" . }}{{ .Values.global.kubectl.repository }}:{{ .Values.global.kubectl.tag }}"
+        imagePullPolicy: {{ .Values.global.imagePullPolicy }}
+        command: ["kubectl", "patch", "serviceaccount", "default", "-p", "{\"automountServiceAccountToken\": false}"]
+        args: ["-n", {{ .Values.internal.systemNamespace }}]
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.kubectl.nodeSelector }}
+{{ toYaml .Values.kubectl.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.kubectl.tolerations }}
+{{ toYaml .Values.kubectl.tolerations | indent 8 }}
+{{- end }}
+  backoffLimit: 1
diff --git a/charts/fleet-agent/103.1.8+up0.9.9/templates/rbac.yaml b/charts/fleet-agent/103.1.8+up0.9.9/templates/rbac.yaml
new file mode 100644
index 0000000000..1a7e8d8841
--- /dev/null
+++ b/charts/fleet-agent/103.1.8+up0.9.9/templates/rbac.yaml
@@ -0,0 +1,28 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: fleet-agent-system-fleet-agent-role
+rules:
+- apiGroups:
+  - '*'
+  resources:
+  - '*'
+  verbs:
+  - '*'
+- nonResourceURLs:
+  - "*"
+  verbs:
+  - "*"
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: fleet-agent-system-fleet-agent-role-binding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: fleet-agent-system-fleet-agent-role
+subjects:
+- kind: ServiceAccount
+  name: fleet-agent
+  namespace: {{.Release.Namespace}}
diff --git a/charts/fleet-agent/103.1.8+up0.9.9/templates/secret.yaml b/charts/fleet-agent/103.1.8+up0.9.9/templates/secret.yaml
new file mode 100644
index 0000000000..4715882047
--- /dev/null
+++ b/charts/fleet-agent/103.1.8+up0.9.9/templates/secret.yaml
@@ -0,0 +1,10 @@
+apiVersion: v1
+data:
+  systemRegistrationNamespace: "{{b64enc .Values.systemRegistrationNamespace}}"
+  clusterNamespace: "{{b64enc .Values.clusterNamespace}}"
+  token: "{{b64enc .Values.token}}"
+  apiServerURL: "{{b64enc .Values.apiServerURL}}"
+  apiServerCA: "{{b64enc .Values.apiServerCA}}"
+kind: Secret
+metadata:
+  name: fleet-agent-bootstrap
diff --git a/charts/fleet-agent/103.1.8+up0.9.9/templates/serviceaccount.yaml b/charts/fleet-agent/103.1.8+up0.9.9/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..73e27f0be9
--- /dev/null
+++ b/charts/fleet-agent/103.1.8+up0.9.9/templates/serviceaccount.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: fleet-agent
diff --git a/charts/fleet-agent/103.1.8+up0.9.9/templates/validate.yaml b/charts/fleet-agent/103.1.8+up0.9.9/templates/validate.yaml
new file mode 100644
index 0000000000..d53ff1c508
--- /dev/null
+++ b/charts/fleet-agent/103.1.8+up0.9.9/templates/validate.yaml
@@ -0,0 +1,11 @@
+{{if ne .Release.Namespace .Values.internal.systemNamespace }}
+{{ fail (printf "This chart must be installed in the namespace %s as the release name fleet-agent" .Values.internal.systemNamespace) }}
+{{end}}
+
+{{if ne .Release.Name .Values.internal.managedReleaseName }}
+{{ fail (printf "This chart must be installed in the namespace %s as the release name fleet-agent" .Values.internal.managedReleaseName) }}
+{{end}}
+
+{{if not .Values.apiServerURL }}
+{{ fail "apiServerURL is required to be set, and most likely also apiServerCA" }}
+{{end}}
diff --git a/charts/fleet-agent/103.1.8+up0.9.9/values.yaml b/charts/fleet-agent/103.1.8+up0.9.9/values.yaml
new file mode 100644
index 0000000000..0cb9f66e4e
--- /dev/null
+++ b/charts/fleet-agent/103.1.8+up0.9.9/values.yaml
@@ -0,0 +1,67 @@
+image:
+  os: "windows,linux"
+  repository: rancher/fleet-agent
+  tag: v0.9.9
+
+# The public URL of the Kubernetes API server running the Fleet Manager must be set here
+# Example: https://example.com:6443
+apiServerURL: ""
+
+# The the pem encoded value of the CA of the Kubernetes API server running the Fleet Manager.
+# If left empty it is assumed this Kubernetes API TLS is signed by a well known CA.
+apiServerCA: ""
+
+# Determines whether the agent should trust CA bundles from the operating system's trust store when connecting to a
+# management cluster. True in `system-store` mode, false in `strict` mode.
+agentTLSMode: "system-store"
+
+# The cluster registration value
+token: ""
+
+# Labels to add to the cluster upon registration only. They are not added after the fact.
+#labels:
+#  foo: bar
+
+# The client ID of the cluster to associate with
+clientID: ""
+
+# The namespace of the cluster we are register with
+clusterNamespace: ""
+
+# The namespace containing the clusters registration secrets
+systemRegistrationNamespace: cattle-fleet-clusters-system
+
+# Please do not change the below setting unless you really know what you are doing
+internal:
+  systemNamespace: cattle-fleet-system
+  managedReleaseName: fleet-agent
+
+# The nodeSelector and tolerations for the agent deployment
+fleetAgent:
+  ## Node labels for pod assignment
+  ## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+  ##
+  nodeSelector: {}
+  ## List of node taints to tolerate (requires Kubernetes >= 1.6)
+  tolerations: []
+kubectl:
+  ## Node labels for pod assignment
+  ## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+  ##
+  nodeSelector: {}
+  ## List of node taints to tolerate (requires Kubernetes >= 1.6)
+  tolerations:
+  - key: node.cloudprovider.kubernetes.io/uninitialized
+    operator: "Equal"
+    value: "true"
+    effect: NoSchedule
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+  kubectl:
+    repository: rancher/kubectl
+    tag: v1.21.5
+
+debug: false
+debugLevel: 0
diff --git a/charts/fleet-crd/103.1.8+up0.9.9/Chart.yaml b/charts/fleet-crd/103.1.8+up0.9.9/Chart.yaml
new file mode 100644
index 0000000000..c22a4638b3
--- /dev/null
+++ b/charts/fleet-crd/103.1.8+up0.9.9/Chart.yaml
@@ -0,0 +1,13 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: cattle-fleet-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/release-name: fleet-crd
+apiVersion: v2
+appVersion: 0.9.9
+description: Fleet Manager CustomResourceDefinitions
+icon: https://charts.rancher.io/assets/logos/fleet.svg
+name: fleet-crd
+version: 103.1.8+up0.9.9
diff --git a/charts/fleet-crd/103.1.8+up0.9.9/README.md b/charts/fleet-crd/103.1.8+up0.9.9/README.md
new file mode 100644
index 0000000000..2452ab2f1f
--- /dev/null
+++ b/charts/fleet-crd/103.1.8+up0.9.9/README.md
@@ -0,0 +1,5 @@
+# Fleet CRD Helm Chart
+
+Fleet Manager CustomResourceDefinitions Helm chart is a requirement for the Fleet Helm Chart.
+
+The Fleet documentation is centralized in the [doc website](https://fleet.rancher.io/).
\ No newline at end of file
diff --git a/charts/fleet-crd/103.1.8+up0.9.9/templates/crds.yaml b/charts/fleet-crd/103.1.8+up0.9.9/templates/crds.yaml
new file mode 100644
index 0000000000..8ae8101218
--- /dev/null
+++ b/charts/fleet-crd/103.1.8+up0.9.9/templates/crds.yaml
@@ -0,0 +1,5736 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: bundledeployments.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: BundleDeployment
+    plural: bundledeployments
+    singular: bundledeployment
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .status.display.deployed
+          name: Deployed
+          type: string
+        - jsonPath: .status.display.monitored
+          name: Monitored
+          type: string
+        - jsonPath: .status.conditions[?(@.type=="Ready")].message
+          name: Status
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: BundleDeployment is used internally by Fleet and should not
+            be used directly. When a Bundle is deployed to a cluster an instance of
+            a Bundle is called a BundleDeployment. A BundleDeployment represents the
+            state of that Bundle on a specific cluster with its cluster-specific customizations.
+            The Fleet agent is only aware of BundleDeployment resources that are created
+            for the cluster the agent is managing.
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object. Servers should convert recognized schemas to the latest
+                internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents. Servers may infer this from the endpoint the
+                client submits requests to. Cannot be updated. In CamelCase. More
+                info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              properties:
+                correctDrift:
+                  description: CorrectDrift specifies how drift correction should
+                    work.
+                  nullable: true
+                  properties:
+                    enabled:
+                      description: Enabled correct drift if true.
+                      type: boolean
+                    force:
+                      description: Force helm rollback with --force option will be
+                        used if true. This will try to recreate all resources in the
+                        release.
+                      type: boolean
+                    keepFailHistory:
+                      description: KeepFailHistory keeps track of failed rollbacks
+                        in the helm history.
+                      type: boolean
+                  type: object
+                dependsOn:
+                  description: DependsOn refers to the bundles which must be ready
+                    before this bundle can be deployed.
+                  items:
+                    properties:
+                      name:
+                        description: Name of the bundle.
+                        nullable: true
+                        type: string
+                      selector:
+                        description: Selector matching bundle's labels.
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+                                relates the key and values.
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  nullable: true
+                                  type: string
+                                operator:
+                                  description: operator represents a key's relationship
+                                    to a set of values. Valid operators are In, NotIn,
+                                    Exists and DoesNotExist.
+                                  nullable: true
+                                  type: string
+                                values:
+                                  description: values is an array of string values.
+                                    If the operator is In or NotIn, the values array
+                                    must be non-empty. If the operator is Exists or
+                                    DoesNotExist, the values array must be empty.
+                                    This array is replaced during a strategic merge
+                                    patch.
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                              type: object
+                            nullable: true
+                            type: array
+                          matchLabels:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            description: matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels map is equivalent
+                              to an element of matchExpressions, whose key field is
+                              "key", the operator is "In", and the values array contains
+                              only "value". The requirements are ANDed.
+                            nullable: true
+                            type: object
+                        type: object
+                    type: object
+                  nullable: true
+                  type: array
+                deploymentID:
+                  description: DeploymentID is the ID of the currently applied deployment.
+                  nullable: true
+                  type: string
+                options:
+                  description: Options are the deployment options, that are currently
+                    applied.
+                  properties:
+                    correctDrift:
+                      description: CorrectDrift specifies how drift correction should
+                        work.
+                      nullable: true
+                      properties:
+                        enabled:
+                          description: Enabled correct drift if true.
+                          type: boolean
+                        force:
+                          description: Force helm rollback with --force option will
+                            be used if true. This will try to recreate all resources
+                            in the release.
+                          type: boolean
+                        keepFailHistory:
+                          description: KeepFailHistory keeps track of failed rollbacks
+                            in the helm history.
+                          type: boolean
+                      type: object
+                    defaultNamespace:
+                      description: DefaultNamespace is the namespace to use for resources
+                        that do not specify a namespace. This field is not used to
+                        enforce or lock down the deployment to a specific namespace.
+                      nullable: true
+                      type: string
+                    deleteCRDResources:
+                      description: DeleteCRDResources deletes CRDs. Warning! this
+                        will also delete all your Custom Resources.
+                      type: boolean
+                    diff:
+                      description: Diff can be used to ignore the modified state of
+                        objects which are amended at runtime.
+                      nullable: true
+                      properties:
+                        comparePatches:
+                          description: ComparePatches match a resource and remove
+                            fields from the check for modifications.
+                          items:
+                            description: ComparePatch matches a resource and removes
+                              fields from the check for modifications.
+                            properties:
+                              apiVersion:
+                                description: APIVersion is the apiVersion of the resource
+                                  to match.
+                                nullable: true
+                                type: string
+                              jsonPointers:
+                                description: JSONPointers ignore diffs at a certain
+                                  JSON path.
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              kind:
+                                description: Kind is the kind of the resource to match.
+                                nullable: true
+                                type: string
+                              name:
+                                description: Name is the name of the resource to match.
+                                nullable: true
+                                type: string
+                              namespace:
+                                description: Namespace is the namespace of the resource
+                                  to match.
+                                nullable: true
+                                type: string
+                              operations:
+                                description: Operations remove a JSON path from the
+                                  resource.
+                                items:
+                                  description: Operation of a ComparePatch, usually
+                                    "remove".
+                                  properties:
+                                    op:
+                                      description: Op is usually "remove"
+                                      nullable: true
+                                      type: string
+                                    path:
+                                      description: Path is the JSON path to remove.
+                                      nullable: true
+                                      type: string
+                                    value:
+                                      description: Value is usually empty.
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                    forceSyncGeneration:
+                      description: ForceSyncGeneration is used to force a redeployment
+                      type: integer
+                    helm:
+                      description: Helm options for the deployment, like the chart
+                        name, repo and values.
+                      nullable: true
+                      properties:
+                        atomic:
+                          description: Atomic sets the --atomic flag when Helm is
+                            performing an upgrade
+                          type: boolean
+                        chart:
+                          description: Chart can refer to any go-getter URL or OCI
+                            registry based helm chart URL. The chart will be downloaded.
+                          nullable: true
+                          type: string
+                        disableDNS:
+                          description: DisableDNS can be used to customize Helm's
+                            EnableDNS option, which Fleet sets to `true` by default.
+                          type: boolean
+                        disablePreProcess:
+                          description: DisablePreProcess disables template processing
+                            in values
+                          type: boolean
+                        force:
+                          description: Force allows to override immutable resources.
+                            This could be dangerous.
+                          type: boolean
+                        maxHistory:
+                          description: MaxHistory limits the maximum number of revisions
+                            saved per release by Helm.
+                          type: integer
+                        releaseName:
+                          description: ReleaseName sets a custom release name to deploy
+                            the chart as. If not specified a release name will be
+                            generated by combining the invoking GitRepo.name + GitRepo.path.
+                          maxLength: 53
+                          nullable: true
+                          pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+                          type: string
+                        repo:
+                          description: Repo is the name of the HTTPS helm repo to
+                            download the chart from.
+                          nullable: true
+                          type: string
+                        skipSchemaValidation:
+                          description: SkipSchemaValidation allows skipping schema
+                            validation against the chart values
+                          type: boolean
+                        takeOwnership:
+                          description: TakeOwnership makes helm skip the check for
+                            its own annotations
+                          type: boolean
+                        timeoutSeconds:
+                          description: TimeoutSeconds is the time to wait for Helm
+                            operations.
+                          type: integer
+                        values:
+                          description: Values passed to Helm. It is possible to specify
+                            the keys and values as go template strings.
+                          nullable: true
+                          type: object
+                          x-kubernetes-preserve-unknown-fields: true
+                        valuesFiles:
+                          description: ValuesFiles is a list of files to load values
+                            from.
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        valuesFrom:
+                          description: ValuesFrom loads the values from configmaps
+                            and secrets.
+                          items:
+                            description: 'Define helm values that can come from configmap,
+                              secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439'
+                            properties:
+                              configMapKeyRef:
+                                description: The reference to a config map with release
+                                  values.
+                                nullable: true
+                                properties:
+                                  key:
+                                    nullable: true
+                                    type: string
+                                  name:
+                                    description: Name of a resource in the same namespace
+                                      as the referent.
+                                    nullable: true
+                                    type: string
+                                  namespace:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              secretKeyRef:
+                                description: The reference to a secret with release
+                                  values.
+                                nullable: true
+                                properties:
+                                  key:
+                                    nullable: true
+                                    type: string
+                                  name:
+                                    description: Name of a resource in the same namespace
+                                      as the referent.
+                                    nullable: true
+                                    type: string
+                                  namespace:
+                                    nullable: true
+                                    type: string
+                                type: object
+                            type: object
+                          nullable: true
+                          type: array
+                        version:
+                          description: Version of the chart to download
+                          nullable: true
+                          type: string
+                        waitForJobs:
+                          description: WaitForJobs if set and timeoutSeconds provided,
+                            will wait until all Jobs have been completed before marking
+                            the GitRepo as ready. It will wait for as long as timeoutSeconds
+                          type: boolean
+                      type: object
+                    ignore:
+                      description: IgnoreOptions can be used to ignore fields when
+                        monitoring the bundle.
+                      properties:
+                        conditions:
+                          description: Conditions is a list of conditions to be ignored
+                            when monitoring the Bundle.
+                          items:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                    keepResources:
+                      description: KeepResources can be used to keep the deployed
+                        resources when removing the bundle
+                      type: boolean
+                    kustomize:
+                      description: Kustomize options for the deployment, like the
+                        dir containing the kustomization.yaml file.
+                      nullable: true
+                      properties:
+                        dir:
+                          description: Dir points to a custom folder for kustomize
+                            resources. This folder must contain a kustomization.yaml
+                            file.
+                          nullable: true
+                          type: string
+                      type: object
+                    namespace:
+                      description: TargetNamespace if present will assign all resource
+                        to this namespace and if any cluster scoped resource exists
+                        the deployment will fail.
+                      nullable: true
+                      type: string
+                    namespaceAnnotations:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      description: NamespaceAnnotations are annotations that will
+                        be appended to the namespace created by Fleet.
+                      nullable: true
+                      type: object
+                    namespaceLabels:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      description: NamespaceLabels are labels that will be appended
+                        to the namespace created by Fleet.
+                      nullable: true
+                      type: object
+                    serviceAccount:
+                      description: ServiceAccount which will be used to perform this
+                        deployment.
+                      nullable: true
+                      type: string
+                    yaml:
+                      description: YAML options, if using raw YAML these are names
+                        that map to overlays/{name} files that will be used to replace
+                        or patch a resource.
+                      nullable: true
+                      properties:
+                        overlays:
+                          description: Overlays is a list of names that maps to folders
+                            in "overlays/". If you wish to customize the file ./subdir/resource.yaml
+                            then a file ./overlays/myoverlay/subdir/resource.yaml
+                            will replace the base file. A file named ./overlays/myoverlay/subdir/resource_patch.yaml
+                            will patch the base file.
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                      type: object
+                  type: object
+                paused:
+                  description: Paused if set to true, will stop any BundleDeployments
+                    from being updated. If true, BundleDeployments will be marked
+                    as out of sync when changes are detected.
+                  type: boolean
+                stagedDeploymentID:
+                  description: StagedDeploymentID is the ID of the staged deployment.
+                  nullable: true
+                  type: string
+                stagedOptions:
+                  description: StagedOptions are the deployment options, that are
+                    staged for the next deployment.
+                  properties:
+                    correctDrift:
+                      description: CorrectDrift specifies how drift correction should
+                        work.
+                      nullable: true
+                      properties:
+                        enabled:
+                          description: Enabled correct drift if true.
+                          type: boolean
+                        force:
+                          description: Force helm rollback with --force option will
+                            be used if true. This will try to recreate all resources
+                            in the release.
+                          type: boolean
+                        keepFailHistory:
+                          description: KeepFailHistory keeps track of failed rollbacks
+                            in the helm history.
+                          type: boolean
+                      type: object
+                    defaultNamespace:
+                      description: DefaultNamespace is the namespace to use for resources
+                        that do not specify a namespace. This field is not used to
+                        enforce or lock down the deployment to a specific namespace.
+                      nullable: true
+                      type: string
+                    deleteCRDResources:
+                      description: DeleteCRDResources deletes CRDs. Warning! this
+                        will also delete all your Custom Resources.
+                      type: boolean
+                    diff:
+                      description: Diff can be used to ignore the modified state of
+                        objects which are amended at runtime.
+                      nullable: true
+                      properties:
+                        comparePatches:
+                          description: ComparePatches match a resource and remove
+                            fields from the check for modifications.
+                          items:
+                            description: ComparePatch matches a resource and removes
+                              fields from the check for modifications.
+                            properties:
+                              apiVersion:
+                                description: APIVersion is the apiVersion of the resource
+                                  to match.
+                                nullable: true
+                                type: string
+                              jsonPointers:
+                                description: JSONPointers ignore diffs at a certain
+                                  JSON path.
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              kind:
+                                description: Kind is the kind of the resource to match.
+                                nullable: true
+                                type: string
+                              name:
+                                description: Name is the name of the resource to match.
+                                nullable: true
+                                type: string
+                              namespace:
+                                description: Namespace is the namespace of the resource
+                                  to match.
+                                nullable: true
+                                type: string
+                              operations:
+                                description: Operations remove a JSON path from the
+                                  resource.
+                                items:
+                                  description: Operation of a ComparePatch, usually
+                                    "remove".
+                                  properties:
+                                    op:
+                                      description: Op is usually "remove"
+                                      nullable: true
+                                      type: string
+                                    path:
+                                      description: Path is the JSON path to remove.
+                                      nullable: true
+                                      type: string
+                                    value:
+                                      description: Value is usually empty.
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                    forceSyncGeneration:
+                      description: ForceSyncGeneration is used to force a redeployment
+                      type: integer
+                    helm:
+                      description: Helm options for the deployment, like the chart
+                        name, repo and values.
+                      nullable: true
+                      properties:
+                        atomic:
+                          description: Atomic sets the --atomic flag when Helm is
+                            performing an upgrade
+                          type: boolean
+                        chart:
+                          description: Chart can refer to any go-getter URL or OCI
+                            registry based helm chart URL. The chart will be downloaded.
+                          nullable: true
+                          type: string
+                        disableDNS:
+                          description: DisableDNS can be used to customize Helm's
+                            EnableDNS option, which Fleet sets to `true` by default.
+                          type: boolean
+                        disablePreProcess:
+                          description: DisablePreProcess disables template processing
+                            in values
+                          type: boolean
+                        force:
+                          description: Force allows to override immutable resources.
+                            This could be dangerous.
+                          type: boolean
+                        maxHistory:
+                          description: MaxHistory limits the maximum number of revisions
+                            saved per release by Helm.
+                          type: integer
+                        releaseName:
+                          description: ReleaseName sets a custom release name to deploy
+                            the chart as. If not specified a release name will be
+                            generated by combining the invoking GitRepo.name + GitRepo.path.
+                          nullable: true
+                          type: string
+                        repo:
+                          description: Repo is the name of the HTTPS helm repo to
+                            download the chart from.
+                          nullable: true
+                          type: string
+                        skipSchemaValidation:
+                          description: SkipSchemaValidation allows skipping schema
+                            validation against the chart values
+                          type: boolean
+                        takeOwnership:
+                          description: TakeOwnership makes helm skip the check for
+                            its own annotations
+                          type: boolean
+                        timeoutSeconds:
+                          description: TimeoutSeconds is the time to wait for Helm
+                            operations.
+                          type: integer
+                        values:
+                          description: Values passed to Helm. It is possible to specify
+                            the keys and values as go template strings.
+                          nullable: true
+                          type: object
+                          x-kubernetes-preserve-unknown-fields: true
+                        valuesFiles:
+                          description: ValuesFiles is a list of files to load values
+                            from.
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        valuesFrom:
+                          description: ValuesFrom loads the values from configmaps
+                            and secrets.
+                          items:
+                            description: 'Define helm values that can come from configmap,
+                              secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439'
+                            properties:
+                              configMapKeyRef:
+                                description: The reference to a config map with release
+                                  values.
+                                nullable: true
+                                properties:
+                                  key:
+                                    nullable: true
+                                    type: string
+                                  name:
+                                    description: Name of a resource in the same namespace
+                                      as the referent.
+                                    nullable: true
+                                    type: string
+                                  namespace:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              secretKeyRef:
+                                description: The reference to a secret with release
+                                  values.
+                                nullable: true
+                                properties:
+                                  key:
+                                    nullable: true
+                                    type: string
+                                  name:
+                                    description: Name of a resource in the same namespace
+                                      as the referent.
+                                    nullable: true
+                                    type: string
+                                  namespace:
+                                    nullable: true
+                                    type: string
+                                type: object
+                            type: object
+                          nullable: true
+                          type: array
+                        version:
+                          description: Version of the chart to download
+                          nullable: true
+                          type: string
+                        waitForJobs:
+                          description: WaitForJobs if set and timeoutSeconds provided,
+                            will wait until all Jobs have been completed before marking
+                            the GitRepo as ready. It will wait for as long as timeoutSeconds
+                          type: boolean
+                      type: object
+                    ignore:
+                      description: IgnoreOptions can be used to ignore fields when
+                        monitoring the bundle.
+                      properties:
+                        conditions:
+                          description: Conditions is a list of conditions to be ignored
+                            when monitoring the Bundle.
+                          items:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                    keepResources:
+                      description: KeepResources can be used to keep the deployed
+                        resources when removing the bundle
+                      type: boolean
+                    kustomize:
+                      description: Kustomize options for the deployment, like the
+                        dir containing the kustomization.yaml file.
+                      nullable: true
+                      properties:
+                        dir:
+                          description: Dir points to a custom folder for kustomize
+                            resources. This folder must contain a kustomization.yaml
+                            file.
+                          nullable: true
+                          type: string
+                      type: object
+                    namespace:
+                      description: TargetNamespace if present will assign all resource
+                        to this namespace and if any cluster scoped resource exists
+                        the deployment will fail.
+                      nullable: true
+                      type: string
+                    namespaceAnnotations:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      description: NamespaceAnnotations are annotations that will
+                        be appended to the namespace created by Fleet.
+                      nullable: true
+                      type: object
+                    namespaceLabels:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      description: NamespaceLabels are labels that will be appended
+                        to the namespace created by Fleet.
+                      nullable: true
+                      type: object
+                    serviceAccount:
+                      description: ServiceAccount which will be used to perform this
+                        deployment.
+                      nullable: true
+                      type: string
+                    yaml:
+                      description: YAML options, if using raw YAML these are names
+                        that map to overlays/{name} files that will be used to replace
+                        or patch a resource.
+                      nullable: true
+                      properties:
+                        overlays:
+                          description: Overlays is a list of names that maps to folders
+                            in "overlays/". If you wish to customize the file ./subdir/resource.yaml
+                            then a file ./overlays/myoverlay/subdir/resource.yaml
+                            will replace the base file. A file named ./overlays/myoverlay/subdir/resource_patch.yaml
+                            will patch the base file.
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                      type: object
+                  type: object
+              type: object
+            status:
+              properties:
+                appliedDeploymentID:
+                  nullable: true
+                  type: string
+                conditions:
+                  items:
+                    properties:
+                      lastTransitionTime:
+                        description: Last time the condition transitioned from one
+                          status to another.
+                        nullable: true
+                        type: string
+                      lastUpdateTime:
+                        description: The last time this condition was updated.
+                        nullable: true
+                        type: string
+                      message:
+                        description: Human-readable message indicating details about
+                          last transition
+                        nullable: true
+                        type: string
+                      reason:
+                        description: The reason for the condition's last transition.
+                        nullable: true
+                        type: string
+                      status:
+                        description: Status of the condition, one of True, False,
+                          Unknown.
+                        nullable: true
+                        type: string
+                      type:
+                        description: Type of cluster condition.
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                display:
+                  properties:
+                    deployed:
+                      nullable: true
+                      type: string
+                    monitored:
+                      nullable: true
+                      type: string
+                    state:
+                      nullable: true
+                      type: string
+                  type: object
+                modifiedStatus:
+                  items:
+                    description: ModifiedStatus is used to report the status of a
+                      resource that is modified. It indicates if the modification
+                      was a create, a delete or a patch.
+                    properties:
+                      apiVersion:
+                        nullable: true
+                        type: string
+                      delete:
+                        type: boolean
+                      kind:
+                        nullable: true
+                        type: string
+                      missing:
+                        type: boolean
+                      name:
+                        nullable: true
+                        type: string
+                      namespace:
+                        nullable: true
+                        type: string
+                      patch:
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                nonModified:
+                  type: boolean
+                nonReadyStatus:
+                  items:
+                    description: NonReadyStatus is used to report the status of a
+                      resource that is not ready. It includes a summary.
+                    properties:
+                      apiVersion:
+                        nullable: true
+                        type: string
+                      kind:
+                        nullable: true
+                        type: string
+                      name:
+                        nullable: true
+                        type: string
+                      namespace:
+                        nullable: true
+                        type: string
+                      summary:
+                        properties:
+                          error:
+                            type: boolean
+                          message:
+                            items:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: array
+                          state:
+                            nullable: true
+                            type: string
+                          transitioning:
+                            type: boolean
+                        type: object
+                      uid:
+                        description: UID is a type that holds unique ID values, including
+                          UUIDs.  Because we don't ONLY use UUIDs, this is an alias
+                          to string.  Being a type captures intent and helps make
+                          sure that UIDs and names do not get conflated.
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                ready:
+                  type: boolean
+                release:
+                  nullable: true
+                  type: string
+                resources:
+                  description: Resources lists the metadata of resources that were
+                    deployed according to the helm release history.
+                  items:
+                    description: BundleDeploymentResource contains the metadata of
+                      a deployed resource.
+                    properties:
+                      apiVersion:
+                        nullable: true
+                        type: string
+                      createdAt:
+                        nullable: true
+                        type: string
+                      kind:
+                        nullable: true
+                        type: string
+                      name:
+                        nullable: true
+                        type: string
+                      namespace:
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                syncGeneration:
+                  nullable: true
+                  type: integer
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: bundlenamespacemappings.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: BundleNamespaceMapping
+    plural: bundlenamespacemappings
+    singular: bundlenamespacemapping
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+    - name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: BundleNamespaceMapping maps bundles to clusters in other namespaces.
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object. Servers should convert recognized schemas to the latest
+                internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            bundleSelector:
+              description: A label selector is a label query over a set of resources.
+                The result of matchLabels and matchExpressions are ANDed. An empty
+                label selector matches all objects. A null label selector matches
+                no objects.
+              nullable: true
+              properties:
+                matchExpressions:
+                  description: matchExpressions is a list of label selector requirements.
+                    The requirements are ANDed.
+                  items:
+                    description: A label selector requirement is a selector that contains
+                      values, a key, and an operator that relates the key and values.
+                    properties:
+                      key:
+                        description: key is the label key that the selector applies
+                          to.
+                        nullable: true
+                        type: string
+                      operator:
+                        description: operator represents a key's relationship to a
+                          set of values. Valid operators are In, NotIn, Exists and
+                          DoesNotExist.
+                        nullable: true
+                        type: string
+                      values:
+                        description: values is an array of string values. If the operator
+                          is In or NotIn, the values array must be non-empty. If the
+                          operator is Exists or DoesNotExist, the values array must
+                          be empty. This array is replaced during a strategic merge
+                          patch.
+                        items:
+                          nullable: true
+                          type: string
+                        nullable: true
+                        type: array
+                    type: object
+                  nullable: true
+                  type: array
+                matchLabels:
+                  additionalProperties:
+                    nullable: true
+                    type: string
+                  description: matchLabels is a map of {key,value} pairs. A single
+                    {key,value} in the matchLabels map is equivalent to an element
+                    of matchExpressions, whose key field is "key", the operator is
+                    "In", and the values array contains only "value". The requirements
+                    are ANDed.
+                  nullable: true
+                  type: object
+              type: object
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents. Servers may infer this from the endpoint the
+                client submits requests to. Cannot be updated. In CamelCase. More
+                info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            namespaceSelector:
+              description: A label selector is a label query over a set of resources.
+                The result of matchLabels and matchExpressions are ANDed. An empty
+                label selector matches all objects. A null label selector matches
+                no objects.
+              nullable: true
+              properties:
+                matchExpressions:
+                  description: matchExpressions is a list of label selector requirements.
+                    The requirements are ANDed.
+                  items:
+                    description: A label selector requirement is a selector that contains
+                      values, a key, and an operator that relates the key and values.
+                    properties:
+                      key:
+                        description: key is the label key that the selector applies
+                          to.
+                        nullable: true
+                        type: string
+                      operator:
+                        description: operator represents a key's relationship to a
+                          set of values. Valid operators are In, NotIn, Exists and
+                          DoesNotExist.
+                        nullable: true
+                        type: string
+                      values:
+                        description: values is an array of string values. If the operator
+                          is In or NotIn, the values array must be non-empty. If the
+                          operator is Exists or DoesNotExist, the values array must
+                          be empty. This array is replaced during a strategic merge
+                          patch.
+                        items:
+                          nullable: true
+                          type: string
+                        nullable: true
+                        type: array
+                    type: object
+                  nullable: true
+                  type: array
+                matchLabels:
+                  additionalProperties:
+                    nullable: true
+                    type: string
+                  description: matchLabels is a map of {key,value} pairs. A single
+                    {key,value} in the matchLabels map is equivalent to an element
+                    of matchExpressions, whose key field is "key", the operator is
+                    "In", and the values array contains only "value". The requirements
+                    are ANDed.
+                  nullable: true
+                  type: object
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: bundles.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: Bundle
+    plural: bundles
+    singular: bundle
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .status.display.readyClusters
+          name: BundleDeployments-Ready
+          type: string
+        - jsonPath: .status.conditions[?(@.type=="Ready")].message
+          name: Status
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: "Bundle contains the resources of an application and its deployment\
+            \ options. It will be deployed as a Helm chart to target clusters. \n\
+            \ When a GitRepo is scanned it will produce one or more bundles. Bundles\
+            \ are a collection of resources that get deployed to one or more cluster(s).\
+            \ Bundle is the fundamental deployment unit used in Fleet. The contents\
+            \ of a Bundle may be Kubernetes manifests, Kustomize configuration, or\
+            \ Helm charts. Regardless of the source the contents are dynamically rendered\
+            \ into a Helm chart by the agent and installed into the downstream cluster\
+            \ as a Helm release."
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object. Servers should convert recognized schemas to the latest
+                internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents. Servers may infer this from the endpoint the
+                client submits requests to. Cannot be updated. In CamelCase. More
+                info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              properties:
+                correctDrift:
+                  description: CorrectDrift specifies how drift correction should
+                    work.
+                  nullable: true
+                  properties:
+                    enabled:
+                      description: Enabled correct drift if true.
+                      type: boolean
+                    force:
+                      description: Force helm rollback with --force option will be
+                        used if true. This will try to recreate all resources in the
+                        release.
+                      type: boolean
+                    keepFailHistory:
+                      description: KeepFailHistory keeps track of failed rollbacks
+                        in the helm history.
+                      type: boolean
+                  type: object
+                defaultNamespace:
+                  description: DefaultNamespace is the namespace to use for resources
+                    that do not specify a namespace. This field is not used to enforce
+                    or lock down the deployment to a specific namespace.
+                  nullable: true
+                  type: string
+                deleteCRDResources:
+                  description: DeleteCRDResources deletes CRDs. Warning! this will
+                    also delete all your Custom Resources.
+                  type: boolean
+                dependsOn:
+                  description: DependsOn refers to the bundles which must be ready
+                    before this bundle can be deployed.
+                  items:
+                    properties:
+                      name:
+                        description: Name of the bundle.
+                        nullable: true
+                        type: string
+                      selector:
+                        description: Selector matching bundle's labels.
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+                                relates the key and values.
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  nullable: true
+                                  type: string
+                                operator:
+                                  description: operator represents a key's relationship
+                                    to a set of values. Valid operators are In, NotIn,
+                                    Exists and DoesNotExist.
+                                  nullable: true
+                                  type: string
+                                values:
+                                  description: values is an array of string values.
+                                    If the operator is In or NotIn, the values array
+                                    must be non-empty. If the operator is Exists or
+                                    DoesNotExist, the values array must be empty.
+                                    This array is replaced during a strategic merge
+                                    patch.
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                              type: object
+                            nullable: true
+                            type: array
+                          matchLabels:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            description: matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels map is equivalent
+                              to an element of matchExpressions, whose key field is
+                              "key", the operator is "In", and the values array contains
+                              only "value". The requirements are ANDed.
+                            nullable: true
+                            type: object
+                        type: object
+                    type: object
+                  nullable: true
+                  type: array
+                diff:
+                  description: Diff can be used to ignore the modified state of objects
+                    which are amended at runtime.
+                  nullable: true
+                  properties:
+                    comparePatches:
+                      description: ComparePatches match a resource and remove fields
+                        from the check for modifications.
+                      items:
+                        description: ComparePatch matches a resource and removes fields
+                          from the check for modifications.
+                        properties:
+                          apiVersion:
+                            description: APIVersion is the apiVersion of the resource
+                              to match.
+                            nullable: true
+                            type: string
+                          jsonPointers:
+                            description: JSONPointers ignore diffs at a certain JSON
+                              path.
+                            items:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: array
+                          kind:
+                            description: Kind is the kind of the resource to match.
+                            nullable: true
+                            type: string
+                          name:
+                            description: Name is the name of the resource to match.
+                            nullable: true
+                            type: string
+                          namespace:
+                            description: Namespace is the namespace of the resource
+                              to match.
+                            nullable: true
+                            type: string
+                          operations:
+                            description: Operations remove a JSON path from the resource.
+                            items:
+                              description: Operation of a ComparePatch, usually "remove".
+                              properties:
+                                op:
+                                  description: Op is usually "remove"
+                                  nullable: true
+                                  type: string
+                                path:
+                                  description: Path is the JSON path to remove.
+                                  nullable: true
+                                  type: string
+                                value:
+                                  description: Value is usually empty.
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      nullable: true
+                      type: array
+                  type: object
+                forceSyncGeneration:
+                  description: ForceSyncGeneration is used to force a redeployment
+                  type: integer
+                helm:
+                  description: Helm options for the deployment, like the chart name,
+                    repo and values.
+                  nullable: true
+                  properties:
+                    atomic:
+                      description: Atomic sets the --atomic flag when Helm is performing
+                        an upgrade
+                      type: boolean
+                    chart:
+                      description: Chart can refer to any go-getter URL or OCI registry
+                        based helm chart URL. The chart will be downloaded.
+                      nullable: true
+                      type: string
+                    disableDNS:
+                      description: DisableDNS can be used to customize Helm's EnableDNS
+                        option, which Fleet sets to `true` by default.
+                      type: boolean
+                    disablePreProcess:
+                      description: DisablePreProcess disables template processing
+                        in values
+                      type: boolean
+                    force:
+                      description: Force allows to override immutable resources. This
+                        could be dangerous.
+                      type: boolean
+                    maxHistory:
+                      description: MaxHistory limits the maximum number of revisions
+                        saved per release by Helm.
+                      type: integer
+                    releaseName:
+                      description: ReleaseName sets a custom release name to deploy
+                        the chart as. If not specified a release name will be generated
+                        by combining the invoking GitRepo.name + GitRepo.path.
+                      maxLength: 53
+                      nullable: true
+                      pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+                      type: string
+                    repo:
+                      description: Repo is the name of the HTTPS helm repo to download
+                        the chart from.
+                      nullable: true
+                      type: string
+                    skipSchemaValidation:
+                      description: SkipSchemaValidation allows skipping schema validation
+                        against the chart values
+                      type: boolean
+                    takeOwnership:
+                      description: TakeOwnership makes helm skip the check for its
+                        own annotations
+                      type: boolean
+                    timeoutSeconds:
+                      description: TimeoutSeconds is the time to wait for Helm operations.
+                      type: integer
+                    values:
+                      description: Values passed to Helm. It is possible to specify
+                        the keys and values as go template strings.
+                      nullable: true
+                      type: object
+                      x-kubernetes-preserve-unknown-fields: true
+                    valuesFiles:
+                      description: ValuesFiles is a list of files to load values from.
+                      items:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: array
+                    valuesFrom:
+                      description: ValuesFrom loads the values from configmaps and
+                        secrets.
+                      items:
+                        description: 'Define helm values that can come from configmap,
+                          secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439'
+                        properties:
+                          configMapKeyRef:
+                            description: The reference to a config map with release
+                              values.
+                            nullable: true
+                            properties:
+                              key:
+                                nullable: true
+                                type: string
+                              name:
+                                description: Name of a resource in the same namespace
+                                  as the referent.
+                                nullable: true
+                                type: string
+                              namespace:
+                                nullable: true
+                                type: string
+                            type: object
+                          secretKeyRef:
+                            description: The reference to a secret with release values.
+                            nullable: true
+                            properties:
+                              key:
+                                nullable: true
+                                type: string
+                              name:
+                                description: Name of a resource in the same namespace
+                                  as the referent.
+                                nullable: true
+                                type: string
+                              namespace:
+                                nullable: true
+                                type: string
+                            type: object
+                        type: object
+                      nullable: true
+                      type: array
+                    version:
+                      description: Version of the chart to download
+                      nullable: true
+                      type: string
+                    waitForJobs:
+                      description: WaitForJobs if set and timeoutSeconds provided,
+                        will wait until all Jobs have been completed before marking
+                        the GitRepo as ready. It will wait for as long as timeoutSeconds
+                      type: boolean
+                  type: object
+                ignore:
+                  description: IgnoreOptions can be used to ignore fields when monitoring
+                    the bundle.
+                  properties:
+                    conditions:
+                      description: Conditions is a list of conditions to be ignored
+                        when monitoring the Bundle.
+                      items:
+                        additionalProperties:
+                          nullable: true
+                          type: string
+                        nullable: true
+                        type: object
+                      nullable: true
+                      type: array
+                  type: object
+                keepResources:
+                  description: KeepResources can be used to keep the deployed resources
+                    when removing the bundle
+                  type: boolean
+                kustomize:
+                  description: Kustomize options for the deployment, like the dir
+                    containing the kustomization.yaml file.
+                  nullable: true
+                  properties:
+                    dir:
+                      description: Dir points to a custom folder for kustomize resources.
+                        This folder must contain a kustomization.yaml file.
+                      nullable: true
+                      type: string
+                  type: object
+                namespace:
+                  description: TargetNamespace if present will assign all resource
+                    to this namespace and if any cluster scoped resource exists the
+                    deployment will fail.
+                  nullable: true
+                  type: string
+                namespaceAnnotations:
+                  additionalProperties:
+                    nullable: true
+                    type: string
+                  description: NamespaceAnnotations are annotations that will be appended
+                    to the namespace created by Fleet.
+                  nullable: true
+                  type: object
+                namespaceLabels:
+                  additionalProperties:
+                    nullable: true
+                    type: string
+                  description: NamespaceLabels are labels that will be appended to
+                    the namespace created by Fleet.
+                  nullable: true
+                  type: object
+                paused:
+                  description: Paused if set to true, will stop any BundleDeployments
+                    from being updated. It will be marked as out of sync.
+                  type: boolean
+                resources:
+                  description: Resources contains the resources that were read from
+                    the bundle's path. This includes the content of downloaded helm
+                    charts.
+                  items:
+                    description: BundleResource represents the content of a single
+                      resource from the bundle, like a YAML manifest.
+                    properties:
+                      content:
+                        description: The content of the resource, can be compressed.
+                        nullable: true
+                        type: string
+                      encoding:
+                        description: Encoding is either empty or "base64+gz".
+                        nullable: true
+                        type: string
+                      name:
+                        description: Name of the resource, can include the bundle's
+                          internal path.
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                rolloutStrategy:
+                  description: RolloutStrategy controls the rollout of bundles, by
+                    defining partitions, canaries and percentages for cluster availability.
+                  nullable: true
+                  properties:
+                    autoPartitionSize:
+                      description: 'A number or percentage of how to automatically
+                        partition clusters if no specific partitioning strategy is
+                        configured. default: 25%'
+                      nullable: true
+                      x-kubernetes-int-or-string: true
+                    maxUnavailable:
+                      description: 'A number or percentage of clusters that can be
+                        unavailable during an update of a bundle. This follows the
+                        same basic approach as a deployment rollout strategy. Once
+                        the number of clusters meets unavailable state update will
+                        be paused. Default value is 100% which doesn''t take effect
+                        on update. default: 100%'
+                      nullable: true
+                      x-kubernetes-int-or-string: true
+                    maxUnavailablePartitions:
+                      description: 'A number or percentage of cluster partitions that
+                        can be unavailable during an update of a bundle. default:
+                        0'
+                      nullable: true
+                      x-kubernetes-int-or-string: true
+                    partitions:
+                      description: A list of definitions of partitions.  If any target
+                        clusters do not match the configuration they are added to
+                        partitions at the end following the autoPartitionSize.
+                      items:
+                        description: Partition defines a separate rollout strategy
+                          for a set of clusters.
+                        properties:
+                          clusterGroup:
+                            description: A cluster group name to include in this partition
+                            nullable: true
+                            type: string
+                          clusterGroupSelector:
+                            description: Selector matching cluster group labels to
+                              include in this partition
+                            nullable: true
+                            properties:
+                              matchExpressions:
+                                description: matchExpressions is a list of label selector
+                                  requirements. The requirements are ANDed.
+                                items:
+                                  description: A label selector requirement is a selector
+                                    that contains values, a key, and an operator that
+                                    relates the key and values.
+                                  properties:
+                                    key:
+                                      description: key is the label key that the selector
+                                        applies to.
+                                      nullable: true
+                                      type: string
+                                    operator:
+                                      description: operator represents a key's relationship
+                                        to a set of values. Valid operators are In,
+                                        NotIn, Exists and DoesNotExist.
+                                      nullable: true
+                                      type: string
+                                    values:
+                                      description: values is an array of string values.
+                                        If the operator is In or NotIn, the values
+                                        array must be non-empty. If the operator is
+                                        Exists or DoesNotExist, the values array must
+                                        be empty. This array is replaced during a
+                                        strategic merge patch.
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                  type: object
+                                nullable: true
+                                type: array
+                              matchLabels:
+                                additionalProperties:
+                                  nullable: true
+                                  type: string
+                                description: matchLabels is a map of {key,value} pairs.
+                                  A single {key,value} in the matchLabels map is equivalent
+                                  to an element of matchExpressions, whose key field
+                                  is "key", the operator is "In", and the values array
+                                  contains only "value". The requirements are ANDed.
+                                nullable: true
+                                type: object
+                            type: object
+                          clusterName:
+                            description: ClusterName is the name of a cluster to include
+                              in this partition
+                            nullable: true
+                            type: string
+                          clusterSelector:
+                            description: Selector matching cluster labels to include
+                              in this partition
+                            nullable: true
+                            properties:
+                              matchExpressions:
+                                description: matchExpressions is a list of label selector
+                                  requirements. The requirements are ANDed.
+                                items:
+                                  description: A label selector requirement is a selector
+                                    that contains values, a key, and an operator that
+                                    relates the key and values.
+                                  properties:
+                                    key:
+                                      description: key is the label key that the selector
+                                        applies to.
+                                      nullable: true
+                                      type: string
+                                    operator:
+                                      description: operator represents a key's relationship
+                                        to a set of values. Valid operators are In,
+                                        NotIn, Exists and DoesNotExist.
+                                      nullable: true
+                                      type: string
+                                    values:
+                                      description: values is an array of string values.
+                                        If the operator is In or NotIn, the values
+                                        array must be non-empty. If the operator is
+                                        Exists or DoesNotExist, the values array must
+                                        be empty. This array is replaced during a
+                                        strategic merge patch.
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                  type: object
+                                nullable: true
+                                type: array
+                              matchLabels:
+                                additionalProperties:
+                                  nullable: true
+                                  type: string
+                                description: matchLabels is a map of {key,value} pairs.
+                                  A single {key,value} in the matchLabels map is equivalent
+                                  to an element of matchExpressions, whose key field
+                                  is "key", the operator is "In", and the values array
+                                  contains only "value". The requirements are ANDed.
+                                nullable: true
+                                type: object
+                            type: object
+                          maxUnavailable:
+                            description: 'A number or percentage of clusters that
+                              can be unavailable in this partition before this partition
+                              is treated as done. default: 10%'
+                            nullable: true
+                            x-kubernetes-int-or-string: true
+                          name:
+                            description: A user-friendly name given to the partition
+                              used for Display (optional).
+                            nullable: true
+                            type: string
+                        type: object
+                      nullable: true
+                      type: array
+                  type: object
+                serviceAccount:
+                  description: ServiceAccount which will be used to perform this deployment.
+                  nullable: true
+                  type: string
+                targetRestrictions:
+                  description: TargetRestrictions is an allow list, which controls
+                    if a bundledeployment is created for a target.
+                  items:
+                    description: BundleTargetRestriction is used internally by Fleet
+                      and should not be modified. It acts as an allow list, to prevent
+                      the creation of BundleDeployments from Targets created by TargetCustomizations
+                      in fleet.yaml.
+                    properties:
+                      clusterGroup:
+                        nullable: true
+                        type: string
+                      clusterGroupSelector:
+                        description: A label selector is a label query over a set
+                          of resources. The result of matchLabels and matchExpressions
+                          are ANDed. An empty label selector matches all objects.
+                          A null label selector matches no objects.
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+                                relates the key and values.
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  nullable: true
+                                  type: string
+                                operator:
+                                  description: operator represents a key's relationship
+                                    to a set of values. Valid operators are In, NotIn,
+                                    Exists and DoesNotExist.
+                                  nullable: true
+                                  type: string
+                                values:
+                                  description: values is an array of string values.
+                                    If the operator is In or NotIn, the values array
+                                    must be non-empty. If the operator is Exists or
+                                    DoesNotExist, the values array must be empty.
+                                    This array is replaced during a strategic merge
+                                    patch.
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                              type: object
+                            nullable: true
+                            type: array
+                          matchLabels:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            description: matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels map is equivalent
+                              to an element of matchExpressions, whose key field is
+                              "key", the operator is "In", and the values array contains
+                              only "value". The requirements are ANDed.
+                            nullable: true
+                            type: object
+                        type: object
+                      clusterName:
+                        nullable: true
+                        type: string
+                      clusterSelector:
+                        description: A label selector is a label query over a set
+                          of resources. The result of matchLabels and matchExpressions
+                          are ANDed. An empty label selector matches all objects.
+                          A null label selector matches no objects.
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+                                relates the key and values.
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  nullable: true
+                                  type: string
+                                operator:
+                                  description: operator represents a key's relationship
+                                    to a set of values. Valid operators are In, NotIn,
+                                    Exists and DoesNotExist.
+                                  nullable: true
+                                  type: string
+                                values:
+                                  description: values is an array of string values.
+                                    If the operator is In or NotIn, the values array
+                                    must be non-empty. If the operator is Exists or
+                                    DoesNotExist, the values array must be empty.
+                                    This array is replaced during a strategic merge
+                                    patch.
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                              type: object
+                            nullable: true
+                            type: array
+                          matchLabels:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            description: matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels map is equivalent
+                              to an element of matchExpressions, whose key field is
+                              "key", the operator is "In", and the values array contains
+                              only "value". The requirements are ANDed.
+                            nullable: true
+                            type: object
+                        type: object
+                      name:
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                targets:
+                  description: Targets refer to the clusters which will be deployed
+                    to. Targets are evaluated in order and the first one to match
+                    is used.
+                  items:
+                    description: BundleTarget declares clusters to deploy to. Fleet
+                      will merge the BundleDeploymentOptions from customizations into
+                      this struct.
+                    properties:
+                      clusterGroup:
+                        description: ClusterGroup to match a specific cluster group
+                          by name.
+                        nullable: true
+                        type: string
+                      clusterGroupSelector:
+                        description: ClusterGroupSelector is a selector to match cluster
+                          groups.
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+                                relates the key and values.
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  nullable: true
+                                  type: string
+                                operator:
+                                  description: operator represents a key's relationship
+                                    to a set of values. Valid operators are In, NotIn,
+                                    Exists and DoesNotExist.
+                                  nullable: true
+                                  type: string
+                                values:
+                                  description: values is an array of string values.
+                                    If the operator is In or NotIn, the values array
+                                    must be non-empty. If the operator is Exists or
+                                    DoesNotExist, the values array must be empty.
+                                    This array is replaced during a strategic merge
+                                    patch.
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                              type: object
+                            nullable: true
+                            type: array
+                          matchLabels:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            description: matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels map is equivalent
+                              to an element of matchExpressions, whose key field is
+                              "key", the operator is "In", and the values array contains
+                              only "value". The requirements are ANDed.
+                            nullable: true
+                            type: object
+                        type: object
+                      clusterName:
+                        description: ClusterName to match a specific cluster by name
+                          that will be selected
+                        nullable: true
+                        type: string
+                      clusterSelector:
+                        description: ClusterSelector is a selector to match clusters.
+                          The structure is the standard metav1.LabelSelector format.
+                          If clusterGroupSelector or clusterGroup is specified, clusterSelector
+                          will be used only to further refine the selection after
+                          clusterGroupSelector and clusterGroup is evaluated.
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+                                relates the key and values.
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  nullable: true
+                                  type: string
+                                operator:
+                                  description: operator represents a key's relationship
+                                    to a set of values. Valid operators are In, NotIn,
+                                    Exists and DoesNotExist.
+                                  nullable: true
+                                  type: string
+                                values:
+                                  description: values is an array of string values.
+                                    If the operator is In or NotIn, the values array
+                                    must be non-empty. If the operator is Exists or
+                                    DoesNotExist, the values array must be empty.
+                                    This array is replaced during a strategic merge
+                                    patch.
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                              type: object
+                            nullable: true
+                            type: array
+                          matchLabels:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            description: matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels map is equivalent
+                              to an element of matchExpressions, whose key field is
+                              "key", the operator is "In", and the values array contains
+                              only "value". The requirements are ANDed.
+                            nullable: true
+                            type: object
+                        type: object
+                      correctDrift:
+                        description: CorrectDrift specifies how drift correction should
+                          work.
+                        nullable: true
+                        properties:
+                          enabled:
+                            description: Enabled correct drift if true.
+                            type: boolean
+                          force:
+                            description: Force helm rollback with --force option will
+                              be used if true. This will try to recreate all resources
+                              in the release.
+                            type: boolean
+                          keepFailHistory:
+                            description: KeepFailHistory keeps track of failed rollbacks
+                              in the helm history.
+                            type: boolean
+                        type: object
+                      defaultNamespace:
+                        description: DefaultNamespace is the namespace to use for
+                          resources that do not specify a namespace. This field is
+                          not used to enforce or lock down the deployment to a specific
+                          namespace.
+                        nullable: true
+                        type: string
+                      deleteCRDResources:
+                        description: DeleteCRDResources deletes CRDs. Warning! this
+                          will also delete all your Custom Resources.
+                        type: boolean
+                      diff:
+                        description: Diff can be used to ignore the modified state
+                          of objects which are amended at runtime.
+                        nullable: true
+                        properties:
+                          comparePatches:
+                            description: ComparePatches match a resource and remove
+                              fields from the check for modifications.
+                            items:
+                              description: ComparePatch matches a resource and removes
+                                fields from the check for modifications.
+                              properties:
+                                apiVersion:
+                                  description: APIVersion is the apiVersion of the
+                                    resource to match.
+                                  nullable: true
+                                  type: string
+                                jsonPointers:
+                                  description: JSONPointers ignore diffs at a certain
+                                    JSON path.
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                                kind:
+                                  description: Kind is the kind of the resource to
+                                    match.
+                                  nullable: true
+                                  type: string
+                                name:
+                                  description: Name is the name of the resource to
+                                    match.
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  description: Namespace is the namespace of the resource
+                                    to match.
+                                  nullable: true
+                                  type: string
+                                operations:
+                                  description: Operations remove a JSON path from
+                                    the resource.
+                                  items:
+                                    description: Operation of a ComparePatch, usually
+                                      "remove".
+                                    properties:
+                                      op:
+                                        description: Op is usually "remove"
+                                        nullable: true
+                                        type: string
+                                      path:
+                                        description: Path is the JSON path to remove.
+                                        nullable: true
+                                        type: string
+                                      value:
+                                        description: Value is usually empty.
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      doNotDeploy:
+                        description: DoNotDeploy if set to true, will not deploy to
+                          this target.
+                        type: boolean
+                      forceSyncGeneration:
+                        description: ForceSyncGeneration is used to force a redeployment
+                        type: integer
+                      helm:
+                        description: Helm options for the deployment, like the chart
+                          name, repo and values.
+                        nullable: true
+                        properties:
+                          atomic:
+                            description: Atomic sets the --atomic flag when Helm is
+                              performing an upgrade
+                            type: boolean
+                          chart:
+                            description: Chart can refer to any go-getter URL or OCI
+                              registry based helm chart URL. The chart will be downloaded.
+                            nullable: true
+                            type: string
+                          disableDNS:
+                            description: DisableDNS can be used to customize Helm's
+                              EnableDNS option, which Fleet sets to `true` by default.
+                            type: boolean
+                          disablePreProcess:
+                            description: DisablePreProcess disables template processing
+                              in values
+                            type: boolean
+                          force:
+                            description: Force allows to override immutable resources.
+                              This could be dangerous.
+                            type: boolean
+                          maxHistory:
+                            description: MaxHistory limits the maximum number of revisions
+                              saved per release by Helm.
+                            type: integer
+                          releaseName:
+                            description: ReleaseName sets a custom release name to
+                              deploy the chart as. If not specified a release name
+                              will be generated by combining the invoking GitRepo.name
+                              + GitRepo.path.
+                            nullable: true
+                            type: string
+                          repo:
+                            description: Repo is the name of the HTTPS helm repo to
+                              download the chart from.
+                            nullable: true
+                            type: string
+                          skipSchemaValidation:
+                            description: SkipSchemaValidation allows skipping schema
+                              validation against the chart values
+                            type: boolean
+                          takeOwnership:
+                            description: TakeOwnership makes helm skip the check for
+                              its own annotations
+                            type: boolean
+                          timeoutSeconds:
+                            description: TimeoutSeconds is the time to wait for Helm
+                              operations.
+                            type: integer
+                          values:
+                            description: Values passed to Helm. It is possible to
+                              specify the keys and values as go template strings.
+                            nullable: true
+                            type: object
+                            x-kubernetes-preserve-unknown-fields: true
+                          valuesFiles:
+                            description: ValuesFiles is a list of files to load values
+                              from.
+                            items:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: array
+                          valuesFrom:
+                            description: ValuesFrom loads the values from configmaps
+                              and secrets.
+                            items:
+                              description: 'Define helm values that can come from
+                                configmap, secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439'
+                              properties:
+                                configMapKeyRef:
+                                  description: The reference to a config map with
+                                    release values.
+                                  nullable: true
+                                  properties:
+                                    key:
+                                      nullable: true
+                                      type: string
+                                    name:
+                                      description: Name of a resource in the same
+                                        namespace as the referent.
+                                      nullable: true
+                                      type: string
+                                    namespace:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                secretKeyRef:
+                                  description: The reference to a secret with release
+                                    values.
+                                  nullable: true
+                                  properties:
+                                    key:
+                                      nullable: true
+                                      type: string
+                                    name:
+                                      description: Name of a resource in the same
+                                        namespace as the referent.
+                                      nullable: true
+                                      type: string
+                                    namespace:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                              type: object
+                            nullable: true
+                            type: array
+                          version:
+                            description: Version of the chart to download
+                            nullable: true
+                            type: string
+                          waitForJobs:
+                            description: WaitForJobs if set and timeoutSeconds provided,
+                              will wait until all Jobs have been completed before
+                              marking the GitRepo as ready. It will wait for as long
+                              as timeoutSeconds
+                            type: boolean
+                        type: object
+                      ignore:
+                        description: IgnoreOptions can be used to ignore fields when
+                          monitoring the bundle.
+                        properties:
+                          conditions:
+                            description: Conditions is a list of conditions to be
+                              ignored when monitoring the Bundle.
+                            items:
+                              additionalProperties:
+                                nullable: true
+                                type: string
+                              nullable: true
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      keepResources:
+                        description: KeepResources can be used to keep the deployed
+                          resources when removing the bundle
+                        type: boolean
+                      kustomize:
+                        description: Kustomize options for the deployment, like the
+                          dir containing the kustomization.yaml file.
+                        nullable: true
+                        properties:
+                          dir:
+                            description: Dir points to a custom folder for kustomize
+                              resources. This folder must contain a kustomization.yaml
+                              file.
+                            nullable: true
+                            type: string
+                        type: object
+                      name:
+                        description: Name of target. This value is largely for display
+                          and logging. If not specified a default name of the format
+                          "target000" will be used
+                        nullable: true
+                        type: string
+                      namespace:
+                        description: TargetNamespace if present will assign all resource
+                          to this namespace and if any cluster scoped resource exists
+                          the deployment will fail.
+                        nullable: true
+                        type: string
+                      namespaceAnnotations:
+                        additionalProperties:
+                          nullable: true
+                          type: string
+                        description: NamespaceAnnotations are annotations that will
+                          be appended to the namespace created by Fleet.
+                        nullable: true
+                        type: object
+                      namespaceLabels:
+                        additionalProperties:
+                          nullable: true
+                          type: string
+                        description: NamespaceLabels are labels that will be appended
+                          to the namespace created by Fleet.
+                        nullable: true
+                        type: object
+                      serviceAccount:
+                        description: ServiceAccount which will be used to perform
+                          this deployment.
+                        nullable: true
+                        type: string
+                      yaml:
+                        description: YAML options, if using raw YAML these are names
+                          that map to overlays/{name} files that will be used to replace
+                          or patch a resource.
+                        nullable: true
+                        properties:
+                          overlays:
+                            description: Overlays is a list of names that maps to
+                              folders in "overlays/". If you wish to customize the
+                              file ./subdir/resource.yaml then a file ./overlays/myoverlay/subdir/resource.yaml
+                              will replace the base file. A file named ./overlays/myoverlay/subdir/resource_patch.yaml
+                              will patch the base file.
+                            items:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: array
+                        type: object
+                    type: object
+                  nullable: true
+                  type: array
+                yaml:
+                  description: YAML options, if using raw YAML these are names that
+                    map to overlays/{name} files that will be used to replace or patch
+                    a resource.
+                  nullable: true
+                  properties:
+                    overlays:
+                      description: Overlays is a list of names that maps to folders
+                        in "overlays/". If you wish to customize the file ./subdir/resource.yaml
+                        then a file ./overlays/myoverlay/subdir/resource.yaml will
+                        replace the base file. A file named ./overlays/myoverlay/subdir/resource_patch.yaml
+                        will patch the base file.
+                      items:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: array
+                  type: object
+              type: object
+            status:
+              properties:
+                conditions:
+                  description: Conditions is a list of Wrangler conditions that describe
+                    the state of the bundle.
+                  items:
+                    properties:
+                      lastTransitionTime:
+                        description: Last time the condition transitioned from one
+                          status to another.
+                        nullable: true
+                        type: string
+                      lastUpdateTime:
+                        description: The last time this condition was updated.
+                        nullable: true
+                        type: string
+                      message:
+                        description: Human-readable message indicating details about
+                          last transition
+                        nullable: true
+                        type: string
+                      reason:
+                        description: The reason for the condition's last transition.
+                        nullable: true
+                        type: string
+                      status:
+                        description: Status of the condition, one of True, False,
+                          Unknown.
+                        nullable: true
+                        type: string
+                      type:
+                        description: Type of cluster condition.
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                display:
+                  description: Display contains the number of ready, desiredready
+                    clusters and a summary state for the bundle's resources.
+                  properties:
+                    readyClusters:
+                      description: ReadyClusters is a string in the form "%d/%d",
+                        that describes the number of clusters that are ready vs. the
+                        number of clusters desired to be ready.
+                      nullable: true
+                      type: string
+                    state:
+                      description: State is a summary state for the bundle, calculated
+                        over the non-ready resources.
+                      nullable: true
+                      type: string
+                  type: object
+                maxNew:
+                  description: MaxNew is always 50. A bundle change can only stage
+                    50 bundledeployments at a time.
+                  type: integer
+                maxUnavailable:
+                  description: MaxUnavailable is the maximum number of unavailable
+                    deployments. See rollout configuration.
+                  type: integer
+                maxUnavailablePartitions:
+                  description: MaxUnavailablePartitions is the maximum number of unavailable
+                    partitions. The rollout configuration defines a maximum number
+                    or percentage of unavailable partitions.
+                  type: integer
+                newlyCreated:
+                  description: NewlyCreated is the number of bundle deployments that
+                    have been created, not updated.
+                  type: integer
+                observedGeneration:
+                  description: ObservedGeneration is the current generation of the
+                    bundle.
+                  type: integer
+                partitions:
+                  description: PartitionStatus lists the status of each partition.
+                  items:
+                    description: PartitionStatus is the status of a single rollout
+                      partition.
+                    properties:
+                      count:
+                        description: Count is the number of clusters in the partition.
+                        type: integer
+                      maxUnavailable:
+                        description: MaxUnavailable is the maximum number of unavailable
+                          clusters in the partition.
+                        type: integer
+                      name:
+                        description: Name is the name of the partition.
+                        nullable: true
+                        type: string
+                      summary:
+                        description: Summary is a summary state for the partition,
+                          calculated over its non-ready resources.
+                        properties:
+                          desiredReady:
+                            description: DesiredReady is the number of bundle deployments
+                              that should be ready.
+                            type: integer
+                          errApplied:
+                            description: ErrApplied is the number of bundle deployments
+                              that have been synced from the Fleet controller and
+                              the downstream cluster, but with some errors when deploying
+                              the bundle.
+                            type: integer
+                          modified:
+                            description: Modified is the number of bundle deployments
+                              that have been deployed and for which all resources
+                              are ready, but where some changes from the Git repository
+                              have not yet been synced.
+                            type: integer
+                          nonReadyResources:
+                            description: NonReadyClusters is a list of states, which
+                              is filled for a bundle that is not ready.
+                            items:
+                              description: NonReadyResource contains information about
+                                a bundle that is not ready for a given state like
+                                "ErrApplied". It contains a list of non-ready or modified
+                                resources and their states.
+                              properties:
+                                bundleState:
+                                  description: State is the state of the resource,
+                                    like e.g. "NotReady" or "ErrApplied".
+                                  nullable: true
+                                  type: string
+                                message:
+                                  description: Message contains information why the
+                                    bundle is not ready.
+                                  nullable: true
+                                  type: string
+                                modifiedStatus:
+                                  description: ModifiedStatus lists the state for
+                                    each modified resource.
+                                  items:
+                                    description: ModifiedStatus is used to report
+                                      the status of a resource that is modified. It
+                                      indicates if the modification was a create,
+                                      a delete or a patch.
+                                    properties:
+                                      apiVersion:
+                                        nullable: true
+                                        type: string
+                                      delete:
+                                        type: boolean
+                                      kind:
+                                        nullable: true
+                                        type: string
+                                      missing:
+                                        type: boolean
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      namespace:
+                                        nullable: true
+                                        type: string
+                                      patch:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                name:
+                                  description: Name is the name of the resource.
+                                  nullable: true
+                                  type: string
+                                nonReadyStatus:
+                                  description: NonReadyStatus lists the state for
+                                    each non-ready resource.
+                                  items:
+                                    description: NonReadyStatus is used to report
+                                      the status of a resource that is not ready.
+                                      It includes a summary.
+                                    properties:
+                                      apiVersion:
+                                        nullable: true
+                                        type: string
+                                      kind:
+                                        nullable: true
+                                        type: string
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      namespace:
+                                        nullable: true
+                                        type: string
+                                      summary:
+                                        properties:
+                                          error:
+                                            type: boolean
+                                          message:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                          state:
+                                            nullable: true
+                                            type: string
+                                          transitioning:
+                                            type: boolean
+                                        type: object
+                                      uid:
+                                        description: UID is a type that holds unique
+                                          ID values, including UUIDs.  Because we
+                                          don't ONLY use UUIDs, this is an alias to
+                                          string.  Being a type captures intent and
+                                          helps make sure that UIDs and names do not
+                                          get conflated.
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                              type: object
+                            nullable: true
+                            type: array
+                          notReady:
+                            description: NotReady is the number of bundle deployments
+                              that have been deployed where some resources are not
+                              ready.
+                            type: integer
+                          outOfSync:
+                            description: OutOfSync is the number of bundle deployments
+                              that have been synced from Fleet controller, but not
+                              yet by the downstream agent.
+                            type: integer
+                          pending:
+                            description: Pending is the number of bundle deployments
+                              that are being processed by Fleet controller.
+                            type: integer
+                          ready:
+                            description: Ready is the number of bundle deployments
+                              that have been deployed where all resources are ready.
+                            type: integer
+                          waitApplied:
+                            description: WaitApplied is the number of bundle deployments
+                              that have been synced from Fleet controller and downstream
+                              cluster, but are waiting to be deployed.
+                            type: integer
+                        type: object
+                      unavailable:
+                        description: Unavailable is the number of unavailable clusters
+                          in the partition.
+                        type: integer
+                    type: object
+                  nullable: true
+                  type: array
+                resourceKey:
+                  description: ResourceKey lists resources, which will likely be deployed.
+                    The actual list of resources on a cluster might differ, depending
+                    on the helm chart, value templating, etc..
+                  items:
+                    description: ResourceKey lists resources, which will likely be
+                      deployed.
+                    properties:
+                      apiVersion:
+                        description: APIVersion is the k8s api version of the resource.
+                        nullable: true
+                        type: string
+                      kind:
+                        description: Kind is the k8s api kind of the resource.
+                        nullable: true
+                        type: string
+                      name:
+                        description: Name is the name of the resource.
+                        nullable: true
+                        type: string
+                      namespace:
+                        description: Namespace is the namespace of the resource.
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                summary:
+                  description: Summary contains the number of bundle deployments in
+                    each state and a list of non-ready resources.
+                  properties:
+                    desiredReady:
+                      description: DesiredReady is the number of bundle deployments
+                        that should be ready.
+                      type: integer
+                    errApplied:
+                      description: ErrApplied is the number of bundle deployments
+                        that have been synced from the Fleet controller and the downstream
+                        cluster, but with some errors when deploying the bundle.
+                      type: integer
+                    modified:
+                      description: Modified is the number of bundle deployments that
+                        have been deployed and for which all resources are ready,
+                        but where some changes from the Git repository have not yet
+                        been synced.
+                      type: integer
+                    nonReadyResources:
+                      description: NonReadyClusters is a list of states, which is
+                        filled for a bundle that is not ready.
+                      items:
+                        description: NonReadyResource contains information about a
+                          bundle that is not ready for a given state like "ErrApplied".
+                          It contains a list of non-ready or modified resources and
+                          their states.
+                        properties:
+                          bundleState:
+                            description: State is the state of the resource, like
+                              e.g. "NotReady" or "ErrApplied".
+                            nullable: true
+                            type: string
+                          message:
+                            description: Message contains information why the bundle
+                              is not ready.
+                            nullable: true
+                            type: string
+                          modifiedStatus:
+                            description: ModifiedStatus lists the state for each modified
+                              resource.
+                            items:
+                              description: ModifiedStatus is used to report the status
+                                of a resource that is modified. It indicates if the
+                                modification was a create, a delete or a patch.
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                delete:
+                                  type: boolean
+                                kind:
+                                  nullable: true
+                                  type: string
+                                missing:
+                                  type: boolean
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                patch:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          name:
+                            description: Name is the name of the resource.
+                            nullable: true
+                            type: string
+                          nonReadyStatus:
+                            description: NonReadyStatus lists the state for each non-ready
+                              resource.
+                            items:
+                              description: NonReadyStatus is used to report the status
+                                of a resource that is not ready. It includes a summary.
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                kind:
+                                  nullable: true
+                                  type: string
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                summary:
+                                  properties:
+                                    error:
+                                      type: boolean
+                                    message:
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                    state:
+                                      nullable: true
+                                      type: string
+                                    transitioning:
+                                      type: boolean
+                                  type: object
+                                uid:
+                                  description: UID is a type that holds unique ID
+                                    values, including UUIDs.  Because we don't ONLY
+                                    use UUIDs, this is an alias to string.  Being
+                                    a type captures intent and helps make sure that
+                                    UIDs and names do not get conflated.
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      nullable: true
+                      type: array
+                    notReady:
+                      description: NotReady is the number of bundle deployments that
+                        have been deployed where some resources are not ready.
+                      type: integer
+                    outOfSync:
+                      description: OutOfSync is the number of bundle deployments that
+                        have been synced from Fleet controller, but not yet by the
+                        downstream agent.
+                      type: integer
+                    pending:
+                      description: Pending is the number of bundle deployments that
+                        are being processed by Fleet controller.
+                      type: integer
+                    ready:
+                      description: Ready is the number of bundle deployments that
+                        have been deployed where all resources are ready.
+                      type: integer
+                    waitApplied:
+                      description: WaitApplied is the number of bundle deployments
+                        that have been synced from Fleet controller and downstream
+                        cluster, but are waiting to be deployed.
+                      type: integer
+                  type: object
+                unavailable:
+                  description: Unavailable is the number of bundle deployments that
+                    are not ready or where the AppliedDeploymentID in the status does
+                    not match the DeploymentID from the spec.
+                  type: integer
+                unavailablePartitions:
+                  description: UnavailablePartitions is the number of unavailable
+                    partitions.
+                  type: integer
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clustergroups.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    categories:
+      - fleet
+    kind: ClusterGroup
+    plural: clustergroups
+    singular: clustergroup
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .status.display.readyClusters
+          name: Clusters-Ready
+          type: string
+        - jsonPath: .status.display.readyBundles
+          name: Bundles-Ready
+          type: string
+        - jsonPath: .status.conditions[?(@.type=="Ready")].message
+          name: Status
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: ClusterGroup is a re-usable selector to target a group of clusters.
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object. Servers should convert recognized schemas to the latest
+                internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents. Servers may infer this from the endpoint the
+                client submits requests to. Cannot be updated. In CamelCase. More
+                info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              properties:
+                selector:
+                  description: Selector is a label selector, used to select clusters
+                    for this group.
+                  nullable: true
+                  properties:
+                    matchExpressions:
+                      description: matchExpressions is a list of label selector requirements.
+                        The requirements are ANDed.
+                      items:
+                        description: A label selector requirement is a selector that
+                          contains values, a key, and an operator that relates the
+                          key and values.
+                        properties:
+                          key:
+                            description: key is the label key that the selector applies
+                              to.
+                            nullable: true
+                            type: string
+                          operator:
+                            description: operator represents a key's relationship
+                              to a set of values. Valid operators are In, NotIn, Exists
+                              and DoesNotExist.
+                            nullable: true
+                            type: string
+                          values:
+                            description: values is an array of string values. If the
+                              operator is In or NotIn, the values array must be non-empty.
+                              If the operator is Exists or DoesNotExist, the values
+                              array must be empty. This array is replaced during a
+                              strategic merge patch.
+                            items:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: array
+                        type: object
+                      nullable: true
+                      type: array
+                    matchLabels:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      description: matchLabels is a map of {key,value} pairs. A single
+                        {key,value} in the matchLabels map is equivalent to an element
+                        of matchExpressions, whose key field is "key", the operator
+                        is "In", and the values array contains only "value". The requirements
+                        are ANDed.
+                      nullable: true
+                      type: object
+                  type: object
+              type: object
+            status:
+              properties:
+                clusterCount:
+                  description: ClusterCount is the number of clusters in the cluster
+                    group.
+                  type: integer
+                conditions:
+                  description: Conditions is a list of conditions and their statuses
+                    for the cluster group.
+                  items:
+                    properties:
+                      lastTransitionTime:
+                        description: Last time the condition transitioned from one
+                          status to another.
+                        nullable: true
+                        type: string
+                      lastUpdateTime:
+                        description: The last time this condition was updated.
+                        nullable: true
+                        type: string
+                      message:
+                        description: Human-readable message indicating details about
+                          last transition
+                        nullable: true
+                        type: string
+                      reason:
+                        description: The reason for the condition's last transition.
+                        nullable: true
+                        type: string
+                      status:
+                        description: Status of the condition, one of True, False,
+                          Unknown.
+                        nullable: true
+                        type: string
+                      type:
+                        description: Type of cluster condition.
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                display:
+                  description: Display contains the number of ready, desiredready
+                    clusters and a summary state for the bundle's resources.
+                  properties:
+                    readyBundles:
+                      description: ReadyBundles is a string in the form "%d/%d", that
+                        describes the number of bundles that are ready vs. the number
+                        of bundles desired to be ready.
+                      nullable: true
+                      type: string
+                    readyClusters:
+                      description: ReadyClusters is a string in the form "%d/%d",
+                        that describes the number of clusters that are ready vs. the
+                        number of clusters desired to be ready.
+                      nullable: true
+                      type: string
+                    state:
+                      description: State is a summary state for the cluster group,
+                        showing "NotReady" if there are non-ready resources.
+                      nullable: true
+                      type: string
+                  type: object
+                nonReadyClusterCount:
+                  description: NonReadyClusterCount is the number of clusters that
+                    are not ready.
+                  type: integer
+                nonReadyClusters:
+                  description: NonReadyClusters is a list of cluster names that are
+                    not ready.
+                  items:
+                    nullable: true
+                    type: string
+                  nullable: true
+                  type: array
+                resourceCounts:
+                  description: ResourceCounts contains the number of resources in
+                    each state over all bundles in the cluster group.
+                  properties:
+                    desiredReady:
+                      description: DesiredReady is the number of resources that should
+                        be ready.
+                      type: integer
+                    missing:
+                      description: Missing is the number of missing resources.
+                      type: integer
+                    modified:
+                      description: Modified is the number of resources that have been
+                        modified.
+                      type: integer
+                    notReady:
+                      description: NotReady is the number of not ready resources.
+                        Resources are not ready if they do not match any other state.
+                      type: integer
+                    orphaned:
+                      description: Orphaned is the number of orphaned resources.
+                      type: integer
+                    ready:
+                      description: Ready is the number of ready resources.
+                      type: integer
+                    unknown:
+                      description: Unknown is the number of resources in an unknown
+                        state.
+                      type: integer
+                    waitApplied:
+                      description: WaitApplied is the number of resources that are
+                        waiting to be applied.
+                      type: integer
+                  type: object
+                summary:
+                  description: Summary is a summary of the bundle deployments and
+                    their resources in the cluster group.
+                  properties:
+                    desiredReady:
+                      description: DesiredReady is the number of bundle deployments
+                        that should be ready.
+                      type: integer
+                    errApplied:
+                      description: ErrApplied is the number of bundle deployments
+                        that have been synced from the Fleet controller and the downstream
+                        cluster, but with some errors when deploying the bundle.
+                      type: integer
+                    modified:
+                      description: Modified is the number of bundle deployments that
+                        have been deployed and for which all resources are ready,
+                        but where some changes from the Git repository have not yet
+                        been synced.
+                      type: integer
+                    nonReadyResources:
+                      description: NonReadyClusters is a list of states, which is
+                        filled for a bundle that is not ready.
+                      items:
+                        description: NonReadyResource contains information about a
+                          bundle that is not ready for a given state like "ErrApplied".
+                          It contains a list of non-ready or modified resources and
+                          their states.
+                        properties:
+                          bundleState:
+                            description: State is the state of the resource, like
+                              e.g. "NotReady" or "ErrApplied".
+                            nullable: true
+                            type: string
+                          message:
+                            description: Message contains information why the bundle
+                              is not ready.
+                            nullable: true
+                            type: string
+                          modifiedStatus:
+                            description: ModifiedStatus lists the state for each modified
+                              resource.
+                            items:
+                              description: ModifiedStatus is used to report the status
+                                of a resource that is modified. It indicates if the
+                                modification was a create, a delete or a patch.
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                delete:
+                                  type: boolean
+                                kind:
+                                  nullable: true
+                                  type: string
+                                missing:
+                                  type: boolean
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                patch:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          name:
+                            description: Name is the name of the resource.
+                            nullable: true
+                            type: string
+                          nonReadyStatus:
+                            description: NonReadyStatus lists the state for each non-ready
+                              resource.
+                            items:
+                              description: NonReadyStatus is used to report the status
+                                of a resource that is not ready. It includes a summary.
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                kind:
+                                  nullable: true
+                                  type: string
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                summary:
+                                  properties:
+                                    error:
+                                      type: boolean
+                                    message:
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                    state:
+                                      nullable: true
+                                      type: string
+                                    transitioning:
+                                      type: boolean
+                                  type: object
+                                uid:
+                                  description: UID is a type that holds unique ID
+                                    values, including UUIDs.  Because we don't ONLY
+                                    use UUIDs, this is an alias to string.  Being
+                                    a type captures intent and helps make sure that
+                                    UIDs and names do not get conflated.
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      nullable: true
+                      type: array
+                    notReady:
+                      description: NotReady is the number of bundle deployments that
+                        have been deployed where some resources are not ready.
+                      type: integer
+                    outOfSync:
+                      description: OutOfSync is the number of bundle deployments that
+                        have been synced from Fleet controller, but not yet by the
+                        downstream agent.
+                      type: integer
+                    pending:
+                      description: Pending is the number of bundle deployments that
+                        are being processed by Fleet controller.
+                      type: integer
+                    ready:
+                      description: Ready is the number of bundle deployments that
+                        have been deployed where all resources are ready.
+                      type: integer
+                    waitApplied:
+                      description: WaitApplied is the number of bundle deployments
+                        that have been synced from Fleet controller and downstream
+                        cluster, but are waiting to be deployed.
+                      type: integer
+                  type: object
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterregistrations.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: ClusterRegistration
+    plural: clusterregistrations
+    singular: clusterregistration
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .status.clusterName
+          name: Cluster-Name
+          type: string
+        - jsonPath: .spec.clusterLabels
+          name: Labels
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: ClusterRegistration is used internally by Fleet and should
+            not be used directly.
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object. Servers should convert recognized schemas to the latest
+                internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents. Servers may infer this from the endpoint the
+                client submits requests to. Cannot be updated. In CamelCase. More
+                info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              properties:
+                clientID:
+                  description: ClientID is a unique string that will identify the
+                    cluster. The agent either uses the configured ID or the kubeSystem.UID.
+                  nullable: true
+                  type: string
+                clientRandom:
+                  description: ClientRandom is a random string that the agent generates.
+                    When fleet-controller grants a registration, it creates a registration
+                    secret with this string in the name.
+                  nullable: true
+                  type: string
+                clusterLabels:
+                  additionalProperties:
+                    nullable: true
+                    type: string
+                  description: ClusterLabels are copied to the cluster resource during
+                    the registration.
+                  nullable: true
+                  type: object
+              type: object
+            status:
+              properties:
+                clusterName:
+                  description: ClusterName is only set after the registration is being
+                    processed by fleet-controller.
+                  nullable: true
+                  type: string
+                granted:
+                  description: Granted is set to true, if the request service account
+                    is present and its token secret exists. This happens directly
+                    before creating the registration secret, roles and rolebindings.
+                  type: boolean
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterregistrationtokens.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: ClusterRegistrationToken
+    plural: clusterregistrationtokens
+    singular: clusterregistrationtoken
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .status.secretName
+          name: Secret-Name
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: ClusterRegistrationToken is used by agents to register a new
+            cluster.
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object. Servers should convert recognized schemas to the latest
+                internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents. Servers may infer this from the endpoint the
+                client submits requests to. Cannot be updated. In CamelCase. More
+                info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              properties:
+                name:
+                  maxLength: 63
+                  pattern: ^[-a-z0-9]+$
+                  type: string
+              type: object
+            spec:
+              properties:
+                ttl:
+                  description: TTL is the time to live for the token. It is used to
+                    calculate the expiration time. If the token expires, it will be
+                    deleted.
+                  nullable: true
+                  type: string
+              type: object
+            status:
+              properties:
+                expires:
+                  description: Expires is the time when the token expires.
+                  nullable: true
+                  type: string
+                secretName:
+                  description: SecretName is the name of the secret containing the
+                    token.
+                  nullable: true
+                  type: string
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusters.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: Cluster
+    plural: clusters
+    singular: cluster
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .status.display.readyBundles
+          name: Bundles-Ready
+          type: string
+        - jsonPath: .status.display.readyNodes
+          name: Nodes-Ready
+          type: string
+        - jsonPath: .status.display.sampleNode
+          name: Sample-Node
+          type: string
+        - jsonPath: .status.agent.lastSeen
+          name: Last-Seen
+          type: string
+        - jsonPath: .status.conditions[?(@.type=="Ready")].message
+          name: Status
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: Cluster corresponds to a Kubernetes cluster. Fleet deploys
+            bundles to targeted clusters. Clusters to which Fleet deploys manifests
+            are referred to as downstream clusters. In the single cluster use case,
+            the Fleet manager Kubernetes cluster is both the manager and downstream
+            cluster at the same time.
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object. Servers should convert recognized schemas to the latest
+                internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents. Servers may infer this from the endpoint the
+                client submits requests to. Cannot be updated. In CamelCase. More
+                info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              properties:
+                name:
+                  maxLength: 63
+                  pattern: ^[-a-z0-9]+$
+                  type: string
+              type: object
+            spec:
+              properties:
+                agentAffinity:
+                  description: AgentAffinity overrides the default affinity for the
+                    cluster's agent deployment. If this value is nil the default affinity
+                    is used.
+                  nullable: true
+                  properties:
+                    nodeAffinity:
+                      description: Describes node affinity scheduling rules for the
+                        pod.
+                      nullable: true
+                      properties:
+                        preferredDuringSchedulingIgnoredDuringExecution:
+                          description: The scheduler will prefer to schedule pods
+                            to nodes that satisfy the affinity expressions specified
+                            by this field, but it may choose a node that violates
+                            one or more of the expressions. The node that is most
+                            preferred is the one with the greatest sum of weights,
+                            i.e. for each node that meets all of the scheduling requirements
+                            (resource request, requiredDuringScheduling affinity expressions,
+                            etc.), compute a sum by iterating through the elements
+                            of this field and adding "weight" to the sum if the node
+                            matches the corresponding matchExpressions; the node(s)
+                            with the highest sum are the most preferred.
+                          items:
+                            description: An empty preferred scheduling term matches
+                              all objects with implicit weight 0 (i.e. it's a no-op).
+                              A null preferred scheduling term matches no objects
+                              (i.e. is also a no-op).
+                            properties:
+                              preference:
+                                description: A node selector term, associated with
+                                  the corresponding weight.
+                                properties:
+                                  matchExpressions:
+                                    description: A list of node selector requirements
+                                      by node's labels.
+                                    items:
+                                      description: A node selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator that relates the key and values.
+                                      properties:
+                                        key:
+                                          description: The label key that the selector
+                                            applies to.
+                                          nullable: true
+                                          type: string
+                                        operator:
+                                          description: Represents a key's relationship
+                                            to a set of values. Valid operators are
+                                            In, NotIn, Exists, DoesNotExist. Gt, and
+                                            Lt.
+                                          enum:
+                                            - In
+                                            - NotIn
+                                            - Exists
+                                            - DoesNotExist
+                                            - Gt
+                                            - Lt
+                                          nullable: true
+                                          type: string
+                                        values:
+                                          description: An array of string values.
+                                            If the operator is In or NotIn, the values
+                                            array must be non-empty. If the operator
+                                            is Exists or DoesNotExist, the values
+                                            array must be empty. If the operator is
+                                            Gt or Lt, the values array must have a
+                                            single element, which will be interpreted
+                                            as an integer. This array is replaced
+                                            during a strategic merge patch.
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  matchFields:
+                                    description: A list of node selector requirements
+                                      by node's fields.
+                                    items:
+                                      description: A node selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator that relates the key and values.
+                                      properties:
+                                        key:
+                                          description: The label key that the selector
+                                            applies to.
+                                          nullable: true
+                                          type: string
+                                        operator:
+                                          description: Represents a key's relationship
+                                            to a set of values. Valid operators are
+                                            In, NotIn, Exists, DoesNotExist. Gt, and
+                                            Lt.
+                                          enum:
+                                            - In
+                                            - NotIn
+                                            - Exists
+                                            - DoesNotExist
+                                            - Gt
+                                            - Lt
+                                          nullable: true
+                                          type: string
+                                        values:
+                                          description: An array of string values.
+                                            If the operator is In or NotIn, the values
+                                            array must be non-empty. If the operator
+                                            is Exists or DoesNotExist, the values
+                                            array must be empty. If the operator is
+                                            Gt or Lt, the values array must have a
+                                            single element, which will be interpreted
+                                            as an integer. This array is replaced
+                                            during a strategic merge patch.
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                type: object
+                              weight:
+                                description: Weight associated with matching the corresponding
+                                  nodeSelectorTerm, in the range 1-100.
+                                type: integer
+                            type: object
+                          nullable: true
+                          type: array
+                        requiredDuringSchedulingIgnoredDuringExecution:
+                          description: If the affinity requirements specified by this
+                            field are not met at scheduling time, the pod will not
+                            be scheduled onto the node. If the affinity requirements
+                            specified by this field cease to be met at some point
+                            during pod execution (e.g. due to an update), the system
+                            may or may not try to eventually evict the pod from its
+                            node.
+                          nullable: true
+                          properties:
+                            nodeSelectorTerms:
+                              description: Required. A list of node selector terms.
+                                The terms are ORed.
+                              items:
+                                description: A null or empty node selector term matches
+                                  no objects. The requirements of them are ANDed.
+                                  The TopologySelectorTerm type implements a subset
+                                  of the NodeSelectorTerm.
+                                properties:
+                                  matchExpressions:
+                                    description: A list of node selector requirements
+                                      by node's labels.
+                                    items:
+                                      description: A node selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator that relates the key and values.
+                                      properties:
+                                        key:
+                                          description: The label key that the selector
+                                            applies to.
+                                          nullable: true
+                                          type: string
+                                        operator:
+                                          description: Represents a key's relationship
+                                            to a set of values. Valid operators are
+                                            In, NotIn, Exists, DoesNotExist. Gt, and
+                                            Lt.
+                                          enum:
+                                            - In
+                                            - NotIn
+                                            - Exists
+                                            - DoesNotExist
+                                            - Gt
+                                            - Lt
+                                          nullable: true
+                                          type: string
+                                        values:
+                                          description: An array of string values.
+                                            If the operator is In or NotIn, the values
+                                            array must be non-empty. If the operator
+                                            is Exists or DoesNotExist, the values
+                                            array must be empty. If the operator is
+                                            Gt or Lt, the values array must have a
+                                            single element, which will be interpreted
+                                            as an integer. This array is replaced
+                                            during a strategic merge patch.
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  matchFields:
+                                    description: A list of node selector requirements
+                                      by node's fields.
+                                    items:
+                                      description: A node selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator that relates the key and values.
+                                      properties:
+                                        key:
+                                          description: The label key that the selector
+                                            applies to.
+                                          nullable: true
+                                          type: string
+                                        operator:
+                                          description: Represents a key's relationship
+                                            to a set of values. Valid operators are
+                                            In, NotIn, Exists, DoesNotExist. Gt, and
+                                            Lt.
+                                          enum:
+                                            - In
+                                            - NotIn
+                                            - Exists
+                                            - DoesNotExist
+                                            - Gt
+                                            - Lt
+                                          nullable: true
+                                          type: string
+                                        values:
+                                          description: An array of string values.
+                                            If the operator is In or NotIn, the values
+                                            array must be non-empty. If the operator
+                                            is Exists or DoesNotExist, the values
+                                            array must be empty. If the operator is
+                                            Gt or Lt, the values array must have a
+                                            single element, which will be interpreted
+                                            as an integer. This array is replaced
+                                            during a strategic merge patch.
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                type: object
+                              nullable: true
+                              type: array
+                          type: object
+                      type: object
+                    podAffinity:
+                      description: Describes pod affinity scheduling rules (e.g. co-locate
+                        this pod in the same node, zone, etc. as some other pod(s)).
+                      nullable: true
+                      properties:
+                        preferredDuringSchedulingIgnoredDuringExecution:
+                          description: The scheduler will prefer to schedule pods
+                            to nodes that satisfy the affinity expressions specified
+                            by this field, but it may choose a node that violates
+                            one or more of the expressions. The node that is most
+                            preferred is the one with the greatest sum of weights,
+                            i.e. for each node that meets all of the scheduling requirements
+                            (resource request, requiredDuringScheduling affinity expressions,
+                            etc.), compute a sum by iterating through the elements
+                            of this field and adding "weight" to the sum if the node
+                            has pods which matches the corresponding podAffinityTerm;
+                            the node(s) with the highest sum are the most preferred.
+                          items:
+                            description: The weights of all of the matched WeightedPodAffinityTerm
+                              fields are added per-node to find the most preferred
+                              node(s)
+                            properties:
+                              podAffinityTerm:
+                                description: Required. A pod affinity term, associated
+                                  with the corresponding weight.
+                                properties:
+                                  labelSelector:
+                                    description: A label query over a set of resources,
+                                      in this case pods.
+                                    nullable: true
+                                    properties:
+                                      matchExpressions:
+                                        description: matchExpressions is a list of
+                                          label selector requirements. The requirements
+                                          are ANDed.
+                                        items:
+                                          description: A label selector requirement
+                                            is a selector that contains values, a
+                                            key, and an operator that relates the
+                                            key and values.
+                                          properties:
+                                            key:
+                                              description: key is the label key that
+                                                the selector applies to.
+                                              nullable: true
+                                              type: string
+                                            operator:
+                                              description: operator represents a key's
+                                                relationship to a set of values. Valid
+                                                operators are In, NotIn, Exists and
+                                                DoesNotExist.
+                                              enum:
+                                                - In
+                                                - NotIn
+                                                - Exists
+                                                - DoesNotExist
+                                              nullable: true
+                                              type: string
+                                            values:
+                                              description: values is an array of string
+                                                values. If the operator is In or NotIn,
+                                                the values array must be non-empty.
+                                                If the operator is Exists or DoesNotExist,
+                                                the values array must be empty. This
+                                                array is replaced during a strategic
+                                                merge patch.
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      matchLabels:
+                                        additionalProperties:
+                                          nullable: true
+                                          type: string
+                                        description: matchLabels is a map of {key,value}
+                                          pairs. A single {key,value} in the matchLabels
+                                          map is equivalent to an element of matchExpressions,
+                                          whose key field is "key", the operator is
+                                          "In", and the values array contains only
+                                          "value". The requirements are ANDed.
+                                        nullable: true
+                                        type: object
+                                    type: object
+                                  namespaceSelector:
+                                    description: A label query over the set of namespaces
+                                      that the term applies to. The term is applied
+                                      to the union of the namespaces selected by this
+                                      field and the ones listed in the namespaces
+                                      field. null selector and null or empty namespaces
+                                      list means "this pod's namespace". An empty
+                                      selector ({}) matches all namespaces.
+                                    nullable: true
+                                    properties:
+                                      matchExpressions:
+                                        description: matchExpressions is a list of
+                                          label selector requirements. The requirements
+                                          are ANDed.
+                                        items:
+                                          description: A label selector requirement
+                                            is a selector that contains values, a
+                                            key, and an operator that relates the
+                                            key and values.
+                                          properties:
+                                            key:
+                                              description: key is the label key that
+                                                the selector applies to.
+                                              nullable: true
+                                              type: string
+                                            operator:
+                                              description: operator represents a key's
+                                                relationship to a set of values. Valid
+                                                operators are In, NotIn, Exists and
+                                                DoesNotExist.
+                                              enum:
+                                                - In
+                                                - NotIn
+                                                - Exists
+                                                - DoesNotExist
+                                              nullable: true
+                                              type: string
+                                            values:
+                                              description: values is an array of string
+                                                values. If the operator is In or NotIn,
+                                                the values array must be non-empty.
+                                                If the operator is Exists or DoesNotExist,
+                                                the values array must be empty. This
+                                                array is replaced during a strategic
+                                                merge patch.
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      matchLabels:
+                                        additionalProperties:
+                                          nullable: true
+                                          type: string
+                                        description: matchLabels is a map of {key,value}
+                                          pairs. A single {key,value} in the matchLabels
+                                          map is equivalent to an element of matchExpressions,
+                                          whose key field is "key", the operator is
+                                          "In", and the values array contains only
+                                          "value". The requirements are ANDed.
+                                        nullable: true
+                                        type: object
+                                    type: object
+                                  namespaces:
+                                    description: namespaces specifies a static list
+                                      of namespace names that the term applies to.
+                                      The term is applied to the union of the namespaces
+                                      listed in this field and the ones selected by
+                                      namespaceSelector. null or empty namespaces
+                                      list and null namespaceSelector means "this
+                                      pod's namespace".
+                                    items:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: array
+                                  topologyKey:
+                                    description: This pod should be co-located (affinity)
+                                      or not co-located (anti-affinity) with the pods
+                                      matching the labelSelector in the specified
+                                      namespaces, where co-located is defined as running
+                                      on a node whose value of the label with key
+                                      topologyKey matches that of any node on which
+                                      any of the selected pods is running. Empty topologyKey
+                                      is not allowed.
+                                    nullable: true
+                                    type: string
+                                type: object
+                              weight:
+                                description: weight associated with matching the corresponding
+                                  podAffinityTerm, in the range 1-100.
+                                type: integer
+                            type: object
+                          nullable: true
+                          type: array
+                        requiredDuringSchedulingIgnoredDuringExecution:
+                          description: If the affinity requirements specified by this
+                            field are not met at scheduling time, the pod will not
+                            be scheduled onto the node. If the affinity requirements
+                            specified by this field cease to be met at some point
+                            during pod execution (e.g. due to a pod label update),
+                            the system may or may not try to eventually evict the
+                            pod from its node. When there are multiple elements, the
+                            lists of nodes corresponding to each podAffinityTerm are
+                            intersected, i.e. all terms must be satisfied.
+                          items:
+                            description: Defines a set of pods (namely those matching
+                              the labelSelector relative to the given namespace(s))
+                              that this pod should be co-located (affinity) or not
+                              co-located (anti-affinity) with, where co-located is
+                              defined as running on a node whose value of the label
+                              with key <topologyKey> matches that of any node on which
+                              a pod of the set of pods is running
+                            properties:
+                              labelSelector:
+                                description: A label query over a set of resources,
+                                  in this case pods.
+                                nullable: true
+                                properties:
+                                  matchExpressions:
+                                    description: matchExpressions is a list of label
+                                      selector requirements. The requirements are
+                                      ANDed.
+                                    items:
+                                      description: A label selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator that relates the key and values.
+                                      properties:
+                                        key:
+                                          description: key is the label key that the
+                                            selector applies to.
+                                          nullable: true
+                                          type: string
+                                        operator:
+                                          description: operator represents a key's
+                                            relationship to a set of values. Valid
+                                            operators are In, NotIn, Exists and DoesNotExist.
+                                          enum:
+                                            - In
+                                            - NotIn
+                                            - Exists
+                                            - DoesNotExist
+                                          nullable: true
+                                          type: string
+                                        values:
+                                          description: values is an array of string
+                                            values. If the operator is In or NotIn,
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+                                            the values array must be empty. This array
+                                            is replaced during a strategic merge patch.
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  matchLabels:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    description: matchLabels is a map of {key,value}
+                                      pairs. A single {key,value} in the matchLabels
+                                      map is equivalent to an element of matchExpressions,
+                                      whose key field is "key", the operator is "In",
+                                      and the values array contains only "value".
+                                      The requirements are ANDed.
+                                    nullable: true
+                                    type: object
+                                type: object
+                              namespaceSelector:
+                                description: A label query over the set of namespaces
+                                  that the term applies to. The term is applied to
+                                  the union of the namespaces selected by this field
+                                  and the ones listed in the namespaces field. null
+                                  selector and null or empty namespaces list means
+                                  "this pod's namespace". An empty selector ({}) matches
+                                  all namespaces.
+                                nullable: true
+                                properties:
+                                  matchExpressions:
+                                    description: matchExpressions is a list of label
+                                      selector requirements. The requirements are
+                                      ANDed.
+                                    items:
+                                      description: A label selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator that relates the key and values.
+                                      properties:
+                                        key:
+                                          description: key is the label key that the
+                                            selector applies to.
+                                          nullable: true
+                                          type: string
+                                        operator:
+                                          description: operator represents a key's
+                                            relationship to a set of values. Valid
+                                            operators are In, NotIn, Exists and DoesNotExist.
+                                          enum:
+                                            - In
+                                            - NotIn
+                                            - Exists
+                                            - DoesNotExist
+                                          nullable: true
+                                          type: string
+                                        values:
+                                          description: values is an array of string
+                                            values. If the operator is In or NotIn,
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+                                            the values array must be empty. This array
+                                            is replaced during a strategic merge patch.
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  matchLabels:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    description: matchLabels is a map of {key,value}
+                                      pairs. A single {key,value} in the matchLabels
+                                      map is equivalent to an element of matchExpressions,
+                                      whose key field is "key", the operator is "In",
+                                      and the values array contains only "value".
+                                      The requirements are ANDed.
+                                    nullable: true
+                                    type: object
+                                type: object
+                              namespaces:
+                                description: namespaces specifies a static list of
+                                  namespace names that the term applies to. The term
+                                  is applied to the union of the namespaces listed
+                                  in this field and the ones selected by namespaceSelector.
+                                  null or empty namespaces list and null namespaceSelector
+                                  means "this pod's namespace".
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              topologyKey:
+                                description: This pod should be co-located (affinity)
+                                  or not co-located (anti-affinity) with the pods
+                                  matching the labelSelector in the specified namespaces,
+                                  where co-located is defined as running on a node
+                                  whose value of the label with key topologyKey matches
+                                  that of any node on which any of the selected pods
+                                  is running. Empty topologyKey is not allowed.
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                    podAntiAffinity:
+                      description: Describes pod anti-affinity scheduling rules (e.g.
+                        avoid putting this pod in the same node, zone, etc. as some
+                        other pod(s)).
+                      nullable: true
+                      properties:
+                        preferredDuringSchedulingIgnoredDuringExecution:
+                          description: The scheduler will prefer to schedule pods
+                            to nodes that satisfy the anti-affinity expressions specified
+                            by this field, but it may choose a node that violates
+                            one or more of the expressions. The node that is most
+                            preferred is the one with the greatest sum of weights,
+                            i.e. for each node that meets all of the scheduling requirements
+                            (resource request, requiredDuringScheduling anti-affinity
+                            expressions, etc.), compute a sum by iterating through
+                            the elements of this field and adding "weight" to the
+                            sum if the node has pods which matches the corresponding
+                            podAffinityTerm; the node(s) with the highest sum are
+                            the most preferred.
+                          items:
+                            description: The weights of all of the matched WeightedPodAffinityTerm
+                              fields are added per-node to find the most preferred
+                              node(s)
+                            properties:
+                              podAffinityTerm:
+                                description: Required. A pod affinity term, associated
+                                  with the corresponding weight.
+                                properties:
+                                  labelSelector:
+                                    description: A label query over a set of resources,
+                                      in this case pods.
+                                    nullable: true
+                                    properties:
+                                      matchExpressions:
+                                        description: matchExpressions is a list of
+                                          label selector requirements. The requirements
+                                          are ANDed.
+                                        items:
+                                          description: A label selector requirement
+                                            is a selector that contains values, a
+                                            key, and an operator that relates the
+                                            key and values.
+                                          properties:
+                                            key:
+                                              description: key is the label key that
+                                                the selector applies to.
+                                              nullable: true
+                                              type: string
+                                            operator:
+                                              description: operator represents a key's
+                                                relationship to a set of values. Valid
+                                                operators are In, NotIn, Exists and
+                                                DoesNotExist.
+                                              enum:
+                                                - In
+                                                - NotIn
+                                                - Exists
+                                                - DoesNotExist
+                                              nullable: true
+                                              type: string
+                                            values:
+                                              description: values is an array of string
+                                                values. If the operator is In or NotIn,
+                                                the values array must be non-empty.
+                                                If the operator is Exists or DoesNotExist,
+                                                the values array must be empty. This
+                                                array is replaced during a strategic
+                                                merge patch.
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      matchLabels:
+                                        additionalProperties:
+                                          nullable: true
+                                          type: string
+                                        description: matchLabels is a map of {key,value}
+                                          pairs. A single {key,value} in the matchLabels
+                                          map is equivalent to an element of matchExpressions,
+                                          whose key field is "key", the operator is
+                                          "In", and the values array contains only
+                                          "value". The requirements are ANDed.
+                                        nullable: true
+                                        type: object
+                                    type: object
+                                  namespaceSelector:
+                                    description: A label query over the set of namespaces
+                                      that the term applies to. The term is applied
+                                      to the union of the namespaces selected by this
+                                      field and the ones listed in the namespaces
+                                      field. null selector and null or empty namespaces
+                                      list means "this pod's namespace". An empty
+                                      selector ({}) matches all namespaces.
+                                    nullable: true
+                                    properties:
+                                      matchExpressions:
+                                        description: matchExpressions is a list of
+                                          label selector requirements. The requirements
+                                          are ANDed.
+                                        items:
+                                          description: A label selector requirement
+                                            is a selector that contains values, a
+                                            key, and an operator that relates the
+                                            key and values.
+                                          properties:
+                                            key:
+                                              description: key is the label key that
+                                                the selector applies to.
+                                              nullable: true
+                                              type: string
+                                            operator:
+                                              description: operator represents a key's
+                                                relationship to a set of values. Valid
+                                                operators are In, NotIn, Exists and
+                                                DoesNotExist.
+                                              enum:
+                                                - In
+                                                - NotIn
+                                                - Exists
+                                                - DoesNotExist
+                                              nullable: true
+                                              type: string
+                                            values:
+                                              description: values is an array of string
+                                                values. If the operator is In or NotIn,
+                                                the values array must be non-empty.
+                                                If the operator is Exists or DoesNotExist,
+                                                the values array must be empty. This
+                                                array is replaced during a strategic
+                                                merge patch.
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      matchLabels:
+                                        additionalProperties:
+                                          nullable: true
+                                          type: string
+                                        description: matchLabels is a map of {key,value}
+                                          pairs. A single {key,value} in the matchLabels
+                                          map is equivalent to an element of matchExpressions,
+                                          whose key field is "key", the operator is
+                                          "In", and the values array contains only
+                                          "value". The requirements are ANDed.
+                                        nullable: true
+                                        type: object
+                                    type: object
+                                  namespaces:
+                                    description: namespaces specifies a static list
+                                      of namespace names that the term applies to.
+                                      The term is applied to the union of the namespaces
+                                      listed in this field and the ones selected by
+                                      namespaceSelector. null or empty namespaces
+                                      list and null namespaceSelector means "this
+                                      pod's namespace".
+                                    items:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: array
+                                  topologyKey:
+                                    description: This pod should be co-located (affinity)
+                                      or not co-located (anti-affinity) with the pods
+                                      matching the labelSelector in the specified
+                                      namespaces, where co-located is defined as running
+                                      on a node whose value of the label with key
+                                      topologyKey matches that of any node on which
+                                      any of the selected pods is running. Empty topologyKey
+                                      is not allowed.
+                                    nullable: true
+                                    type: string
+                                type: object
+                              weight:
+                                description: weight associated with matching the corresponding
+                                  podAffinityTerm, in the range 1-100.
+                                type: integer
+                            type: object
+                          nullable: true
+                          type: array
+                        requiredDuringSchedulingIgnoredDuringExecution:
+                          description: If the anti-affinity requirements specified
+                            by this field are not met at scheduling time, the pod
+                            will not be scheduled onto the node. If the anti-affinity
+                            requirements specified by this field cease to be met at
+                            some point during pod execution (e.g. due to a pod label
+                            update), the system may or may not try to eventually evict
+                            the pod from its node. When there are multiple elements,
+                            the lists of nodes corresponding to each podAffinityTerm
+                            are intersected, i.e. all terms must be satisfied.
+                          items:
+                            description: Defines a set of pods (namely those matching
+                              the labelSelector relative to the given namespace(s))
+                              that this pod should be co-located (affinity) or not
+                              co-located (anti-affinity) with, where co-located is
+                              defined as running on a node whose value of the label
+                              with key <topologyKey> matches that of any node on which
+                              a pod of the set of pods is running
+                            properties:
+                              labelSelector:
+                                description: A label query over a set of resources,
+                                  in this case pods.
+                                nullable: true
+                                properties:
+                                  matchExpressions:
+                                    description: matchExpressions is a list of label
+                                      selector requirements. The requirements are
+                                      ANDed.
+                                    items:
+                                      description: A label selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator that relates the key and values.
+                                      properties:
+                                        key:
+                                          description: key is the label key that the
+                                            selector applies to.
+                                          nullable: true
+                                          type: string
+                                        operator:
+                                          description: operator represents a key's
+                                            relationship to a set of values. Valid
+                                            operators are In, NotIn, Exists and DoesNotExist.
+                                          enum:
+                                            - In
+                                            - NotIn
+                                            - Exists
+                                            - DoesNotExist
+                                          nullable: true
+                                          type: string
+                                        values:
+                                          description: values is an array of string
+                                            values. If the operator is In or NotIn,
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+                                            the values array must be empty. This array
+                                            is replaced during a strategic merge patch.
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  matchLabels:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    description: matchLabels is a map of {key,value}
+                                      pairs. A single {key,value} in the matchLabels
+                                      map is equivalent to an element of matchExpressions,
+                                      whose key field is "key", the operator is "In",
+                                      and the values array contains only "value".
+                                      The requirements are ANDed.
+                                    nullable: true
+                                    type: object
+                                type: object
+                              namespaceSelector:
+                                description: A label query over the set of namespaces
+                                  that the term applies to. The term is applied to
+                                  the union of the namespaces selected by this field
+                                  and the ones listed in the namespaces field. null
+                                  selector and null or empty namespaces list means
+                                  "this pod's namespace". An empty selector ({}) matches
+                                  all namespaces.
+                                nullable: true
+                                properties:
+                                  matchExpressions:
+                                    description: matchExpressions is a list of label
+                                      selector requirements. The requirements are
+                                      ANDed.
+                                    items:
+                                      description: A label selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator that relates the key and values.
+                                      properties:
+                                        key:
+                                          description: key is the label key that the
+                                            selector applies to.
+                                          nullable: true
+                                          type: string
+                                        operator:
+                                          description: operator represents a key's
+                                            relationship to a set of values. Valid
+                                            operators are In, NotIn, Exists and DoesNotExist.
+                                          enum:
+                                            - In
+                                            - NotIn
+                                            - Exists
+                                            - DoesNotExist
+                                          nullable: true
+                                          type: string
+                                        values:
+                                          description: values is an array of string
+                                            values. If the operator is In or NotIn,
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+                                            the values array must be empty. This array
+                                            is replaced during a strategic merge patch.
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  matchLabels:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    description: matchLabels is a map of {key,value}
+                                      pairs. A single {key,value} in the matchLabels
+                                      map is equivalent to an element of matchExpressions,
+                                      whose key field is "key", the operator is "In",
+                                      and the values array contains only "value".
+                                      The requirements are ANDed.
+                                    nullable: true
+                                    type: object
+                                type: object
+                              namespaces:
+                                description: namespaces specifies a static list of
+                                  namespace names that the term applies to. The term
+                                  is applied to the union of the namespaces listed
+                                  in this field and the ones selected by namespaceSelector.
+                                  null or empty namespaces list and null namespaceSelector
+                                  means "this pod's namespace".
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              topologyKey:
+                                description: This pod should be co-located (affinity)
+                                  or not co-located (anti-affinity) with the pods
+                                  matching the labelSelector in the specified namespaces,
+                                  where co-located is defined as running on a node
+                                  whose value of the label with key topologyKey matches
+                                  that of any node on which any of the selected pods
+                                  is running. Empty topologyKey is not allowed.
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                  type: object
+                agentEnvVars:
+                  description: AgentEnvVars are extra environment variables to be
+                    added to the agent deployment.
+                  items:
+                    description: EnvVar represents an environment variable present
+                      in a Container.
+                    properties:
+                      name:
+                        description: Name of the environment variable. Must be a C_IDENTIFIER.
+                        nullable: true
+                        type: string
+                      value:
+                        description: 'Variable references $(VAR_NAME) are expanded
+                          using the previously defined environment variables in the
+                          container and any service environment variables. If a variable
+                          cannot be resolved, the reference in the input string will
+                          be unchanged. Double $$ are reduced to a single $, which
+                          allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)"
+                          will produce the string literal "$(VAR_NAME)". Escaped references
+                          will never be expanded, regardless of whether the variable
+                          exists or not. Defaults to "".'
+                        nullable: true
+                        type: string
+                      valueFrom:
+                        description: Source for the environment variable's value.
+                          Cannot be used if value is not empty.
+                        nullable: true
+                        properties:
+                          configMapKeyRef:
+                            description: Selects a key of a ConfigMap.
+                            nullable: true
+                            properties:
+                              key:
+                                description: The key to select.
+                                nullable: true
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                nullable: true
+                                type: string
+                              optional:
+                                description: Specify whether the ConfigMap or its
+                                  key must be defined
+                                nullable: true
+                                type: boolean
+                            type: object
+                          fieldRef:
+                            description: 'Selects a field of the pod: supports metadata.name,
+                              metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`,
+                              spec.nodeName, spec.serviceAccountName, status.hostIP,
+                              status.podIP, status.podIPs.'
+                            nullable: true
+                            properties:
+                              apiVersion:
+                                description: Version of the schema the FieldPath is
+                                  written in terms of, defaults to "v1".
+                                nullable: true
+                                type: string
+                              fieldPath:
+                                description: Path of the field to select in the specified
+                                  API version.
+                                nullable: true
+                                type: string
+                            type: object
+                          resourceFieldRef:
+                            description: 'Selects a resource of the container: only
+                              resources limits and requests (limits.cpu, limits.memory,
+                              limits.ephemeral-storage, requests.cpu, requests.memory
+                              and requests.ephemeral-storage) are currently supported.'
+                            nullable: true
+                            properties:
+                              containerName:
+                                description: 'Container name: required for volumes,
+                                  optional for env vars'
+                                nullable: true
+                                type: string
+                              divisor:
+                                description: Specifies the output format of the exposed
+                                  resources, defaults to "1"
+                                nullable: true
+                                type: string
+                              resource:
+                                description: 'Required: resource to select'
+                                nullable: true
+                                type: string
+                            type: object
+                          secretKeyRef:
+                            description: Selects a key of a secret in the pod's namespace
+                            nullable: true
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                nullable: true
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                nullable: true
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                nullable: true
+                                type: boolean
+                            type: object
+                        type: object
+                    type: object
+                  nullable: true
+                  type: array
+                agentNamespace:
+                  description: AgentNamespace defaults to the system namespace, e.g.
+                    cattle-fleet-system.
+                  nullable: true
+                  type: string
+                agentResources:
+                  description: AgentResources sets the resources for the cluster's
+                    agent deployment.
+                  nullable: true
+                  properties:
+                    claims:
+                      description: "Claims lists the names of resources, defined in\
+                        \ spec.resourceClaims, that are used by this container. \n\
+                        \ This is an alpha field and requires enabling the DynamicResourceAllocation\
+                        \ feature gate. \n This field is immutable. It can only be\
+                        \ set for containers."
+                      items:
+                        description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+                        properties:
+                          name:
+                            description: Name must match the name of one entry in
+                              pod.spec.resourceClaims of the Pod where this field
+                              is used. It makes that resource available inside a container.
+                            nullable: true
+                            type: string
+                        type: object
+                      nullable: true
+                      type: array
+                    limits:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      description: 'Limits describes the maximum amount of compute
+                        resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                      nullable: true
+                      type: object
+                    requests:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      description: 'Requests describes the minimum amount of compute
+                        resources required. If Requests is omitted for a container,
+                        it defaults to Limits if that is explicitly specified, otherwise
+                        to an implementation-defined value. Requests cannot exceed
+                        Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                      nullable: true
+                      type: object
+                  type: object
+                agentTolerations:
+                  description: AgentTolerations defines an extra set of Tolerations
+                    to be added to the Agent deployment.
+                  items:
+                    description: The pod this Toleration is attached to tolerates
+                      any taint that matches the triple <key,value,effect> using the
+                      matching operator <operator>.
+                    properties:
+                      effect:
+                        description: Effect indicates the taint effect to match. Empty
+                          means match all taint effects. When specified, allowed values
+                          are NoSchedule, PreferNoSchedule and NoExecute.
+                        nullable: true
+                        type: string
+                      key:
+                        description: Key is the taint key that the toleration applies
+                          to. Empty means match all taint keys. If the key is empty,
+                          operator must be Exists; this combination means to match
+                          all values and all keys.
+                        nullable: true
+                        type: string
+                      operator:
+                        description: Operator represents a key's relationship to the
+                          value. Valid operators are Exists and Equal. Defaults to
+                          Equal. Exists is equivalent to wildcard for value, so that
+                          a pod can tolerate all taints of a particular category.
+                        nullable: true
+                        type: string
+                      tolerationSeconds:
+                        description: TolerationSeconds represents the period of time
+                          the toleration (which must be of effect NoExecute, otherwise
+                          this field is ignored) tolerates the taint. By default,
+                          it is not set, which means tolerate the taint forever (do
+                          not evict). Zero and negative values will be treated as
+                          0 (evict immediately) by the system.
+                        maximum: 86400
+                        nullable: true
+                        type: integer
+                      value:
+                        description: Value is the taint value the toleration matches
+                          to. If the operator is Exists, the value should be empty,
+                          otherwise just a regular string.
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                clientID:
+                  description: ClientID is a unique string that will identify the
+                    cluster. It can either be predefined, or generated when importing
+                    the cluster.
+                  nullable: true
+                  type: string
+                kubeConfigSecret:
+                  description: KubeConfigSecret is the name of the secret containing
+                    the kubeconfig for the downstream cluster. It can optionally contain
+                    a APIServerURL and CA to override the values in the fleet-controller's
+                    configmap.
+                  nullable: true
+                  type: string
+                kubeConfigSecretNamespace:
+                  description: KubeConfigSecretNamespace is the namespace of the secret
+                    containing the kubeconfig for the downstream cluster. If unset,
+                    it will be assumed the secret can be found in the namespace that
+                    the Cluster object resides within.
+                  nullable: true
+                  type: string
+                paused:
+                  description: Paused if set to true, will stop any BundleDeployments
+                    from being updated.
+                  type: boolean
+                privateRepoURL:
+                  description: PrivateRepoURL prefixes the image name and overrides
+                    a global repo URL from the agents config.
+                  nullable: true
+                  type: string
+                redeployAgentGeneration:
+                  description: RedeployAgentGeneration can be used to force redeploying
+                    the agent.
+                  type: integer
+                templateValues:
+                  description: TemplateValues defines a cluster specific mapping of
+                    values to be sent to fleet.yaml values templating.
+                  nullable: true
+                  type: object
+                  x-kubernetes-preserve-unknown-fields: true
+              type: object
+            status:
+              properties:
+                agent:
+                  description: AgentStatus contains information about the agent.
+                  properties:
+                    lastSeen:
+                      description: LastSeen is the last time the agent checked in
+                        to update the status of the cluster resource.
+                      nullable: true
+                      type: string
+                    namespace:
+                      description: Namespace is the namespace of the agent deployment,
+                        e.g. "cattle-fleet-system".
+                      nullable: true
+                      type: string
+                    nonReadyNodeNames:
+                      description: NonReadyNode contains the names of non-ready nodes.
+                        The list is limited to at most 3 names.
+                      items:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: array
+                    nonReadyNodes:
+                      description: NonReadyNodes is the number of nodes that are not
+                        ready.
+                      type: integer
+                    readyNodeNames:
+                      description: ReadyNodes contains the names of ready nodes. The
+                        list is limited to at most 3 names.
+                      items:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: array
+                    readyNodes:
+                      description: ReadyNodes is the number of nodes that are ready.
+                      type: integer
+                  type: object
+                agentAffinityHash:
+                  description: AgentAffinityHash is a hash of the agent's affinity
+                    configuration, used to detect changes.
+                  nullable: true
+                  type: string
+                agentConfigChanged:
+                  description: AgentConfigChanged is set to true if any of the agent
+                    configuration changed, like the API server URL or CA. Setting
+                    it to true will trigger a re-import of the cluster.
+                  type: boolean
+                agentDeployedGeneration:
+                  description: AgentDeployedGeneration is the generation of the agent
+                    that is currently deployed.
+                  nullable: true
+                  type: integer
+                agentEnvVarsHash:
+                  description: AgentEnvVarsHash is a hash of the agent's env vars,
+                    used to detect changes.
+                  nullable: true
+                  type: string
+                agentMigrated:
+                  description: AgentMigrated is always set to true after importing
+                    a cluster. If false, it will trigger a migration. Old agents don't
+                    have this in their status.
+                  type: boolean
+                agentNamespaceMigrated:
+                  description: AgentNamespaceMigrated is always set to true after
+                    importing a cluster. If false, it will trigger a migration. Old
+                    Fleet agents don't have this in their status.
+                  type: boolean
+                agentPrivateRepoURL:
+                  description: AgentPrivateRepoURL is the private repo URL for the
+                    agent that is currently used.
+                  nullable: true
+                  type: string
+                agentResourcesHash:
+                  description: AgentResourcesHash is a hash of the agent's resources
+                    configuration, used to detect changes.
+                  nullable: true
+                  type: string
+                agentTLSMode:
+                  description: 'AgentTLSMode supports two values: `system-store` and
+                    `strict`. If set to `system-store`, instructs the agent to trust
+                    CA bundles from the operating system''s store. If set to `strict`,
+                    then the agent shall only connect to a server which uses the exact
+                    CA configured when creating/updating the agent.'
+                  nullable: true
+                  type: string
+                agentTolerationsHash:
+                  description: AgentTolerationsHash is a hash of the agent's tolerations
+                    configuration, used to detect changes.
+                  nullable: true
+                  type: string
+                apiServerCAHash:
+                  description: APIServerCAHash is a hash of the upstream API server
+                    CA, used to detect changes.
+                  nullable: true
+                  type: string
+                apiServerURL:
+                  description: APIServerURL is the currently used URL of the API server
+                    that the cluster uses to connect to upstream.
+                  nullable: true
+                  type: string
+                cattleNamespaceMigrated:
+                  description: CattleNamespaceMigrated is always set to true after
+                    importing a cluster. If false, it will trigger a migration. Old
+                    Fleet agents, don't have this in their status.
+                  type: boolean
+                conditions:
+                  items:
+                    properties:
+                      lastTransitionTime:
+                        description: Last time the condition transitioned from one
+                          status to another.
+                        nullable: true
+                        type: string
+                      lastUpdateTime:
+                        description: The last time this condition was updated.
+                        nullable: true
+                        type: string
+                      message:
+                        description: Human-readable message indicating details about
+                          last transition
+                        nullable: true
+                        type: string
+                      reason:
+                        description: The reason for the condition's last transition.
+                        nullable: true
+                        type: string
+                      status:
+                        description: Status of the condition, one of True, False,
+                          Unknown.
+                        nullable: true
+                        type: string
+                      type:
+                        description: Type of cluster condition.
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                desiredReadyGitRepos:
+                  description: DesiredReadyGitRepos is the number of gitrepos for
+                    this cluster that are desired to be ready.
+                  type: integer
+                display:
+                  description: Display contains the number of ready bundles, nodes
+                    and a summary state.
+                  properties:
+                    readyBundles:
+                      description: ReadyBundles is a string in the form "%d/%d", that
+                        describes the number of bundles that are ready vs. the number
+                        of bundles desired to be ready.
+                      nullable: true
+                      type: string
+                    readyNodes:
+                      description: ReadyNodes is a string in the form "%d/%d", that
+                        describes the number of nodes that are ready vs. the number
+                        of expected nodes.
+                      nullable: true
+                      type: string
+                    sampleNode:
+                      description: SampleNode is the name of one of the nodes that
+                        are ready. If no node is ready, it's the name of a node that
+                        is not ready.
+                      nullable: true
+                      type: string
+                    state:
+                      description: State of the cluster, either one of the bundle
+                        states, or "WaitCheckIn".
+                      nullable: true
+                      type: string
+                  type: object
+                namespace:
+                  description: 'Namespace is the cluster namespace, it contains the
+                    clusters service account as well as any bundledeployments. Example:
+                    "cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f"'
+                  nullable: true
+                  type: string
+                readyGitRepos:
+                  description: ReadyGitRepos is the number of gitrepos for this cluster
+                    that are ready.
+                  type: integer
+                resourceCounts:
+                  description: ResourceCounts is an aggregate over the GitRepoResourceCounts.
+                  properties:
+                    desiredReady:
+                      description: DesiredReady is the number of resources that should
+                        be ready.
+                      type: integer
+                    missing:
+                      description: Missing is the number of missing resources.
+                      type: integer
+                    modified:
+                      description: Modified is the number of resources that have been
+                        modified.
+                      type: integer
+                    notReady:
+                      description: NotReady is the number of not ready resources.
+                        Resources are not ready if they do not match any other state.
+                      type: integer
+                    orphaned:
+                      description: Orphaned is the number of orphaned resources.
+                      type: integer
+                    ready:
+                      description: Ready is the number of ready resources.
+                      type: integer
+                    unknown:
+                      description: Unknown is the number of resources in an unknown
+                        state.
+                      type: integer
+                    waitApplied:
+                      description: WaitApplied is the number of resources that are
+                        waiting to be applied.
+                      type: integer
+                  type: object
+                summary:
+                  description: Summary is a summary of the bundledeployments. The
+                    resource counts are copied from the gitrepo resource.
+                  properties:
+                    desiredReady:
+                      description: DesiredReady is the number of bundle deployments
+                        that should be ready.
+                      type: integer
+                    errApplied:
+                      description: ErrApplied is the number of bundle deployments
+                        that have been synced from the Fleet controller and the downstream
+                        cluster, but with some errors when deploying the bundle.
+                      type: integer
+                    modified:
+                      description: Modified is the number of bundle deployments that
+                        have been deployed and for which all resources are ready,
+                        but where some changes from the Git repository have not yet
+                        been synced.
+                      type: integer
+                    nonReadyResources:
+                      description: NonReadyClusters is a list of states, which is
+                        filled for a bundle that is not ready.
+                      items:
+                        description: NonReadyResource contains information about a
+                          bundle that is not ready for a given state like "ErrApplied".
+                          It contains a list of non-ready or modified resources and
+                          their states.
+                        properties:
+                          bundleState:
+                            description: State is the state of the resource, like
+                              e.g. "NotReady" or "ErrApplied".
+                            nullable: true
+                            type: string
+                          message:
+                            description: Message contains information why the bundle
+                              is not ready.
+                            nullable: true
+                            type: string
+                          modifiedStatus:
+                            description: ModifiedStatus lists the state for each modified
+                              resource.
+                            items:
+                              description: ModifiedStatus is used to report the status
+                                of a resource that is modified. It indicates if the
+                                modification was a create, a delete or a patch.
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                delete:
+                                  type: boolean
+                                kind:
+                                  nullable: true
+                                  type: string
+                                missing:
+                                  type: boolean
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                patch:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          name:
+                            description: Name is the name of the resource.
+                            nullable: true
+                            type: string
+                          nonReadyStatus:
+                            description: NonReadyStatus lists the state for each non-ready
+                              resource.
+                            items:
+                              description: NonReadyStatus is used to report the status
+                                of a resource that is not ready. It includes a summary.
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                kind:
+                                  nullable: true
+                                  type: string
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                summary:
+                                  properties:
+                                    error:
+                                      type: boolean
+                                    message:
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                    state:
+                                      nullable: true
+                                      type: string
+                                    transitioning:
+                                      type: boolean
+                                  type: object
+                                uid:
+                                  description: UID is a type that holds unique ID
+                                    values, including UUIDs.  Because we don't ONLY
+                                    use UUIDs, this is an alias to string.  Being
+                                    a type captures intent and helps make sure that
+                                    UIDs and names do not get conflated.
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      nullable: true
+                      type: array
+                    notReady:
+                      description: NotReady is the number of bundle deployments that
+                        have been deployed where some resources are not ready.
+                      type: integer
+                    outOfSync:
+                      description: OutOfSync is the number of bundle deployments that
+                        have been synced from Fleet controller, but not yet by the
+                        downstream agent.
+                      type: integer
+                    pending:
+                      description: Pending is the number of bundle deployments that
+                        are being processed by Fleet controller.
+                      type: integer
+                    ready:
+                      description: Ready is the number of bundle deployments that
+                        have been deployed where all resources are ready.
+                      type: integer
+                    waitApplied:
+                      description: WaitApplied is the number of bundle deployments
+                        that have been synced from Fleet controller and downstream
+                        cluster, but are waiting to be deployed.
+                      type: integer
+                  type: object
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: contents.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: Content
+    plural: contents
+    singular: content
+  preserveUnknownFields: false
+  scope: Cluster
+  versions:
+    - name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: Content is used internally by Fleet and should not be used
+            directly. It contains the resources from a bundle for a specific target
+            cluster.
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object. Servers should convert recognized schemas to the latest
+                internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            content:
+              description: Content is a byte array, which contains the manifests of
+                a bundle. The bundle resources are copied into the bundledeployment's
+                content resource, so the downstream agent can deploy them.
+              nullable: true
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents. Servers may infer this from the endpoint the
+                client submits requests to. Cannot be updated. In CamelCase. More
+                info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+          type: object
+      served: true
+      storage: true
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: gitreporestrictions.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: GitRepoRestriction
+    plural: gitreporestrictions
+    singular: gitreporestriction
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .defaultServiceAccount
+          name: Default-ServiceAccount
+          type: string
+        - jsonPath: .allowedServiceAccounts
+          name: Allowed-ServiceAccounts
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: GitRepoRestriction is a resource that can optionally be used
+            to restrict the options of GitRepos in the same namespace.
+          properties:
+            allowedClientSecretNames:
+              description: AllowedClientSecretNames is a list of client secret names
+                that GitRepos are allowed to use.
+              items:
+                nullable: true
+                type: string
+              nullable: true
+              type: array
+            allowedRepoPatterns:
+              description: AllowedRepoPatterns is a list of regex patterns that restrict
+                the valid values of the Repo field of a GitRepo.
+              items:
+                nullable: true
+                type: string
+              nullable: true
+              type: array
+            allowedServiceAccounts:
+              description: AllowedServiceAccounts is a list of service accounts that
+                GitRepos are allowed to use.
+              items:
+                nullable: true
+                type: string
+              nullable: true
+              type: array
+            allowedTargetNamespaces:
+              description: AllowedTargetNamespaces restricts TargetNamespace to the
+                given namespaces. If AllowedTargetNamespaces is set, TargetNamespace
+                must be set.
+              items:
+                nullable: true
+                type: string
+              nullable: true
+              type: array
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object. Servers should convert recognized schemas to the latest
+                internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            defaultClientSecretName:
+              description: DefaultClientSecretName overrides the GitRepo's default
+                client secret.
+              nullable: true
+              type: string
+            defaultServiceAccount:
+              description: DefaultServiceAccount overrides the GitRepo's default service
+                account.
+              nullable: true
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents. Servers may infer this from the endpoint the
+                client submits requests to. Cannot be updated. In CamelCase. More
+                info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: gitrepos.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    categories:
+      - fleet
+    kind: GitRepo
+    plural: gitrepos
+    singular: gitrepo
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .spec.repo
+          name: Repo
+          type: string
+        - jsonPath: .status.commit
+          name: Commit
+          type: string
+        - jsonPath: .status.display.readyBundleDeployments
+          name: BundleDeployments-Ready
+          type: string
+        - jsonPath: .status.conditions[?(@.type=="Ready")].message
+          name: Status
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: GitRepo describes a git repository that is watched by Fleet.
+            The resource contains the necessary information to deploy the repo, or
+            parts of it, to target clusters.
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object. Servers should convert recognized schemas to the latest
+                internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents. Servers may infer this from the endpoint the
+                client submits requests to. Cannot be updated. In CamelCase. More
+                info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              properties:
+                branch:
+                  description: Branch The git branch to follow.
+                  nullable: true
+                  type: string
+                caBundle:
+                  description: CABundle is a PEM encoded CA bundle which will be used
+                    to validate the repo's certificate.
+                  nullable: true
+                  type: string
+                clientSecretName:
+                  description: ClientSecretName is the name of the client secret to
+                    be used to connect to the repo It is expected the secret be of
+                    type "kubernetes.io/basic-auth" or "kubernetes.io/ssh-auth".
+                  nullable: true
+                  type: string
+                correctDrift:
+                  description: CorrectDrift specifies how drift correction should
+                    work.
+                  nullable: true
+                  properties:
+                    enabled:
+                      description: Enabled correct drift if true.
+                      type: boolean
+                    force:
+                      description: Force helm rollback with --force option will be
+                        used if true. This will try to recreate all resources in the
+                        release.
+                      type: boolean
+                    keepFailHistory:
+                      description: KeepFailHistory keeps track of failed rollbacks
+                        in the helm history.
+                      type: boolean
+                  type: object
+                forceSyncGeneration:
+                  description: Increment this number to force a redeployment of contents
+                    from Git.
+                  type: integer
+                helmRepoURLRegex:
+                  description: HelmRepoURLRegex Helm credentials will be used if the
+                    helm repo matches this regex Credentials will always be used if
+                    this is empty or not provided.
+                  nullable: true
+                  type: string
+                helmSecretName:
+                  description: HelmSecretName contains the auth secret for a private
+                    Helm repository.
+                  nullable: true
+                  type: string
+                helmSecretNameForPaths:
+                  description: HelmSecretNameForPaths contains the auth secret for
+                    private Helm repository for each path.
+                  nullable: true
+                  type: string
+                imageScanCommit:
+                  description: Commit specifies how to commit to the git repo when
+                    a new image is scanned and written back to git repo.
+                  properties:
+                    authorEmail:
+                      description: AuthorEmail gives the email to provide when making
+                        a commit
+                      nullable: true
+                      type: string
+                    authorName:
+                      description: AuthorName gives the name to provide when making
+                        a commit
+                      nullable: true
+                      type: string
+                    messageTemplate:
+                      description: MessageTemplate provides a template for the commit
+                        message, into which will be interpolated the details of the
+                        change made.
+                      nullable: true
+                      type: string
+                  type: object
+                imageScanInterval:
+                  description: ImageScanInterval is the interval of syncing scanned
+                    images and writing back to git repo.
+                  nullable: true
+                  type: string
+                insecureSkipTLSVerify:
+                  description: InsecureSkipTLSverify will use insecure HTTPS to clone
+                    the repo.
+                  type: boolean
+                keepResources:
+                  description: KeepResources specifies if the resources created must
+                    be kept after deleting the GitRepo.
+                  type: boolean
+                paths:
+                  description: Paths is the directories relative to the git repo root
+                    that contain resources to be applied. Path globbing is supported,
+                    for example ["charts/*"] will match all folders as a subdirectory
+                    of charts/ If empty, "/" is the default.
+                  items:
+                    nullable: true
+                    type: string
+                  nullable: true
+                  type: array
+                paused:
+                  description: Paused, when true, causes changes in Git not to be
+                    propagated down to the clusters but instead to mark resources
+                    as OutOfSync.
+                  type: boolean
+                pollingInterval:
+                  description: PollingInterval is how often to check git for new updates.
+                  nullable: true
+                  type: string
+                repo:
+                  description: Repo is a URL to a git repo to clone and index.
+                  nullable: true
+                  type: string
+                revision:
+                  description: Revision A specific commit or tag to operate on.
+                  nullable: true
+                  type: string
+                serviceAccount:
+                  description: ServiceAccount used in the downstream cluster for deployment.
+                  nullable: true
+                  type: string
+                targetNamespace:
+                  description: Ensure that all resources are created in this namespace
+                    Any cluster scoped resource will be rejected if this is set Additionally
+                    this namespace will be created on demand.
+                  nullable: true
+                  type: string
+                targets:
+                  description: Targets is a list of targets this repo will deploy
+                    to.
+                  items:
+                    description: GitTarget is a cluster or cluster group to deploy
+                      to.
+                    properties:
+                      clusterGroup:
+                        description: ClusterGroup is the name of a cluster group in
+                          the same namespace as the clusters.
+                        nullable: true
+                        type: string
+                      clusterGroupSelector:
+                        description: ClusterGroupSelector is a label selector to select
+                          cluster groups.
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+                                relates the key and values.
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  nullable: true
+                                  type: string
+                                operator:
+                                  description: operator represents a key's relationship
+                                    to a set of values. Valid operators are In, NotIn,
+                                    Exists and DoesNotExist.
+                                  nullable: true
+                                  type: string
+                                values:
+                                  description: values is an array of string values.
+                                    If the operator is In or NotIn, the values array
+                                    must be non-empty. If the operator is Exists or
+                                    DoesNotExist, the values array must be empty.
+                                    This array is replaced during a strategic merge
+                                    patch.
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                              type: object
+                            nullable: true
+                            type: array
+                          matchLabels:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            description: matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels map is equivalent
+                              to an element of matchExpressions, whose key field is
+                              "key", the operator is "In", and the values array contains
+                              only "value". The requirements are ANDed.
+                            nullable: true
+                            type: object
+                        type: object
+                      clusterName:
+                        description: ClusterName is the name of a cluster.
+                        nullable: true
+                        type: string
+                      clusterSelector:
+                        description: ClusterSelector is a label selector to select
+                          clusters.
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+                                relates the key and values.
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  nullable: true
+                                  type: string
+                                operator:
+                                  description: operator represents a key's relationship
+                                    to a set of values. Valid operators are In, NotIn,
+                                    Exists and DoesNotExist.
+                                  nullable: true
+                                  type: string
+                                values:
+                                  description: values is an array of string values.
+                                    If the operator is In or NotIn, the values array
+                                    must be non-empty. If the operator is Exists or
+                                    DoesNotExist, the values array must be empty.
+                                    This array is replaced during a strategic merge
+                                    patch.
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                              type: object
+                            nullable: true
+                            type: array
+                          matchLabels:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            description: matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels map is equivalent
+                              to an element of matchExpressions, whose key field is
+                              "key", the operator is "In", and the values array contains
+                              only "value". The requirements are ANDed.
+                            nullable: true
+                            type: object
+                        type: object
+                      name:
+                        description: Name is the name of this target.
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+              type: object
+            status:
+              properties:
+                commit:
+                  description: Commit is the Git commit hash from the last gitjob
+                    run.
+                  nullable: true
+                  type: string
+                conditions:
+                  description: Conditions is a list of Wrangler conditions that describe
+                    the state of the GitRepo.
+                  items:
+                    properties:
+                      lastTransitionTime:
+                        description: Last time the condition transitioned from one
+                          status to another.
+                        nullable: true
+                        type: string
+                      lastUpdateTime:
+                        description: The last time this condition was updated.
+                        nullable: true
+                        type: string
+                      message:
+                        description: Human-readable message indicating details about
+                          last transition
+                        nullable: true
+                        type: string
+                      reason:
+                        description: The reason for the condition's last transition.
+                        nullable: true
+                        type: string
+                      status:
+                        description: Status of the condition, one of True, False,
+                          Unknown.
+                        nullable: true
+                        type: string
+                      type:
+                        description: Type of cluster condition.
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                desiredReadyClusters:
+                  description: "DesiredReadyClusters\tis the number of clusters that\
+                    \ should be ready for bundles of this GitRepo."
+                  type: integer
+                display:
+                  description: Display contains a human readable summary of the status.
+                  properties:
+                    error:
+                      description: Error is true if a message is present.
+                      type: boolean
+                    message:
+                      description: Message contains the relevant message from the
+                        deployment conditions.
+                      nullable: true
+                      type: string
+                    readyBundleDeployments:
+                      description: ReadyBundleDeployments is a string in the form
+                        "%d/%d", that describes the number of ready bundledeployments
+                        over the total number of bundledeployments.
+                      nullable: true
+                      type: string
+                    state:
+                      description: State is the state of the GitRepo, e.g. "GitUpdating"
+                        or the maximal BundleState according to StateRank.
+                      nullable: true
+                      type: string
+                  type: object
+                gitJobStatus:
+                  description: GitJobStatus is the status of the last GitJob run,
+                    e.g. "Current" if there was no error.
+                  nullable: true
+                  type: string
+                lastSyncedImageScanTime:
+                  description: LastSyncedImageScanTime is the time of the last image
+                    scan.
+                  nullable: true
+                  type: string
+                observedGeneration:
+                  description: ObservedGeneration is the current generation of the
+                    resource in the cluster. It is copied from k8s metadata.Generation.
+                    The value is incremented for all changes, except for changes to
+                    .metadata or .status.
+                  type: integer
+                readyClusters:
+                  description: ReadyClusters is the lowest number of clusters that
+                    are ready over all the bundles of this GitRepo.
+                  type: integer
+                resourceCounts:
+                  description: ResourceCounts contains the number of resources in
+                    each state over all bundles.
+                  properties:
+                    desiredReady:
+                      description: DesiredReady is the number of resources that should
+                        be ready.
+                      type: integer
+                    missing:
+                      description: Missing is the number of missing resources.
+                      type: integer
+                    modified:
+                      description: Modified is the number of resources that have been
+                        modified.
+                      type: integer
+                    notReady:
+                      description: NotReady is the number of not ready resources.
+                        Resources are not ready if they do not match any other state.
+                      type: integer
+                    orphaned:
+                      description: Orphaned is the number of orphaned resources.
+                      type: integer
+                    ready:
+                      description: Ready is the number of ready resources.
+                      type: integer
+                    unknown:
+                      description: Unknown is the number of resources in an unknown
+                        state.
+                      type: integer
+                    waitApplied:
+                      description: WaitApplied is the number of resources that are
+                        waiting to be applied.
+                      type: integer
+                  type: object
+                resourceErrors:
+                  description: ResourceErrors is a sorted list of errors from the
+                    resources.
+                  items:
+                    nullable: true
+                    type: string
+                  nullable: true
+                  type: array
+                resources:
+                  description: Resources contains metadata about the resources of
+                    each bundle.
+                  items:
+                    description: GitRepoResource contains metadata about the resources
+                      of a bundle.
+                    properties:
+                      apiVersion:
+                        description: APIVersion is the API version of the resource.
+                        nullable: true
+                        type: string
+                      error:
+                        description: Error is true if any Error in the PerClusterState
+                          is true.
+                        type: boolean
+                      id:
+                        description: ID is the name of the resource, e.g. "namespace1/my-config"
+                          or "backingimagemanagers.storage.io".
+                        nullable: true
+                        type: string
+                      incompleteState:
+                        description: IncompleteState is true if a bundle summary has
+                          10 or more non-ready resources or a non-ready resource has
+                          more 10 or more non-ready or modified states.
+                        type: boolean
+                      kind:
+                        description: Kind is the k8s kind of the resource.
+                        nullable: true
+                        type: string
+                      message:
+                        description: Message is the first message from the PerClusterStates.
+                        nullable: true
+                        type: string
+                      name:
+                        description: Name of the resource.
+                        nullable: true
+                        type: string
+                      namespace:
+                        description: Namespace of the resource.
+                        nullable: true
+                        type: string
+                      perClusterState:
+                        description: PerClusterState is a list of states for each
+                          cluster. Derived from the summaries non-ready resources.
+                        items:
+                          description: ResourcePerClusterState is generated for each
+                            non-ready resource of the bundles.
+                          properties:
+                            clusterId:
+                              description: ClusterID is the id of the cluster.
+                              nullable: true
+                              type: string
+                            error:
+                              description: Error is true if the resource is in an
+                                error state, copied from the bundle's summary for
+                                non-ready resources.
+                              type: boolean
+                            message:
+                              description: Message combines the messages from the
+                                bundle's summary. Messages are joined with the delimiter
+                                ';'.
+                              nullable: true
+                              type: string
+                            patch:
+                              description: Patch for modified resources.
+                              nullable: true
+                              type: object
+                              x-kubernetes-preserve-unknown-fields: true
+                            state:
+                              description: State is the state of the resource.
+                              nullable: true
+                              type: string
+                            transitioning:
+                              description: Transitioning is true if the resource is
+                                in a transitioning state, copied from the bundle's
+                                summary for non-ready resources.
+                              type: boolean
+                          type: object
+                        nullable: true
+                        type: array
+                      state:
+                        description: State is the state of the resource, e.g. "Unknown",
+                          "WaitApplied", "ErrApplied" or "Ready".
+                        nullable: true
+                        type: string
+                      transitioning:
+                        description: Transitioning is true if any Transitioning in
+                          the PerClusterState is true.
+                        type: boolean
+                      type:
+                        description: Type is the type of the resource, e.g. "apiextensions.k8s.io.customresourcedefinition"
+                          or "configmap".
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                summary:
+                  description: Summary contains the number of bundle deployments in
+                    each state and a list of non-ready resources.
+                  properties:
+                    desiredReady:
+                      description: DesiredReady is the number of bundle deployments
+                        that should be ready.
+                      type: integer
+                    errApplied:
+                      description: ErrApplied is the number of bundle deployments
+                        that have been synced from the Fleet controller and the downstream
+                        cluster, but with some errors when deploying the bundle.
+                      type: integer
+                    modified:
+                      description: Modified is the number of bundle deployments that
+                        have been deployed and for which all resources are ready,
+                        but where some changes from the Git repository have not yet
+                        been synced.
+                      type: integer
+                    nonReadyResources:
+                      description: NonReadyClusters is a list of states, which is
+                        filled for a bundle that is not ready.
+                      items:
+                        description: NonReadyResource contains information about a
+                          bundle that is not ready for a given state like "ErrApplied".
+                          It contains a list of non-ready or modified resources and
+                          their states.
+                        properties:
+                          bundleState:
+                            description: State is the state of the resource, like
+                              e.g. "NotReady" or "ErrApplied".
+                            nullable: true
+                            type: string
+                          message:
+                            description: Message contains information why the bundle
+                              is not ready.
+                            nullable: true
+                            type: string
+                          modifiedStatus:
+                            description: ModifiedStatus lists the state for each modified
+                              resource.
+                            items:
+                              description: ModifiedStatus is used to report the status
+                                of a resource that is modified. It indicates if the
+                                modification was a create, a delete or a patch.
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                delete:
+                                  type: boolean
+                                kind:
+                                  nullable: true
+                                  type: string
+                                missing:
+                                  type: boolean
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                patch:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          name:
+                            description: Name is the name of the resource.
+                            nullable: true
+                            type: string
+                          nonReadyStatus:
+                            description: NonReadyStatus lists the state for each non-ready
+                              resource.
+                            items:
+                              description: NonReadyStatus is used to report the status
+                                of a resource that is not ready. It includes a summary.
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                kind:
+                                  nullable: true
+                                  type: string
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                summary:
+                                  properties:
+                                    error:
+                                      type: boolean
+                                    message:
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                    state:
+                                      nullable: true
+                                      type: string
+                                    transitioning:
+                                      type: boolean
+                                  type: object
+                                uid:
+                                  description: UID is a type that holds unique ID
+                                    values, including UUIDs.  Because we don't ONLY
+                                    use UUIDs, this is an alias to string.  Being
+                                    a type captures intent and helps make sure that
+                                    UIDs and names do not get conflated.
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      nullable: true
+                      type: array
+                    notReady:
+                      description: NotReady is the number of bundle deployments that
+                        have been deployed where some resources are not ready.
+                      type: integer
+                    outOfSync:
+                      description: OutOfSync is the number of bundle deployments that
+                        have been synced from Fleet controller, but not yet by the
+                        downstream agent.
+                      type: integer
+                    pending:
+                      description: Pending is the number of bundle deployments that
+                        are being processed by Fleet controller.
+                      type: integer
+                    ready:
+                      description: Ready is the number of bundle deployments that
+                        have been deployed where all resources are ready.
+                      type: integer
+                    waitApplied:
+                      description: WaitApplied is the number of bundle deployments
+                        that have been synced from Fleet controller and downstream
+                        cluster, but are waiting to be deployed.
+                      type: integer
+                  type: object
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: imagescans.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    categories:
+      - fleet
+    kind: ImageScan
+    plural: imagescans
+    singular: imagescan
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .spec.image
+          name: Repository
+          type: string
+        - jsonPath: .status.latestTag
+          name: Latest
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object. Servers should convert recognized schemas to the latest
+                internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents. Servers may infer this from the endpoint the
+                client submits requests to. Cannot be updated. In CamelCase. More
+                info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              description: API is taken from https://github.com/fluxcd/image-reflector-controller
+              properties:
+                gitrepoName:
+                  description: GitRepo reference name
+                  nullable: true
+                  type: string
+                image:
+                  description: Image is the name of the image repository
+                  nullable: true
+                  type: string
+                interval:
+                  description: Interval is the length of time to wait between scans
+                    of the image repository.
+                  nullable: true
+                  type: string
+                policy:
+                  description: Policy gives the particulars of the policy to be followed
+                    in selecting the most recent image
+                  properties:
+                    alphabetical:
+                      description: Alphabetical set of rules to use for alphabetical
+                        ordering of the tags.
+                      nullable: true
+                      properties:
+                        order:
+                          description: Order specifies the sorting order of the tags.
+                            Given the letters of the alphabet as tags, ascending order
+                            would select Z, and descending order would select A.
+                          nullable: true
+                          type: string
+                      type: object
+                    semver:
+                      description: SemVer gives a semantic version range to check
+                        against the tags available.
+                      nullable: true
+                      properties:
+                        range:
+                          description: Range gives a semver range for the image tag;
+                            the highest version within the range that's a tag yields
+                            the latest image.
+                          nullable: true
+                          type: string
+                      type: object
+                  type: object
+                secretRef:
+                  description: SecretRef can be given the name of a secret containing
+                    credentials to use for the image registry. The secret should be
+                    created with `kubectl create secret docker-registry`, or the equivalent.
+                  nullable: true
+                  properties:
+                    name:
+                      description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                        TODO: Add other useful fields. apiVersion, kind, uid?'
+                      nullable: true
+                      type: string
+                  type: object
+                suspend:
+                  description: This flag tells the controller to suspend subsequent
+                    image scans. It does not apply to already started scans. Defaults
+                    to false.
+                  type: boolean
+                tagName:
+                  description: TagName is the tag ref that needs to be put in manifest
+                    to replace fields
+                  nullable: true
+                  type: string
+              type: object
+            status:
+              properties:
+                canonicalImageName:
+                  description: CanonicalName is the name of the image repository with
+                    all the implied bits made explicit; e.g., `docker.io/library/alpine`
+                    rather than `alpine`.
+                  nullable: true
+                  type: string
+                conditions:
+                  items:
+                    properties:
+                      lastTransitionTime:
+                        description: Last time the condition transitioned from one
+                          status to another.
+                        nullable: true
+                        type: string
+                      lastUpdateTime:
+                        description: The last time this condition was updated.
+                        nullable: true
+                        type: string
+                      message:
+                        description: Human-readable message indicating details about
+                          last transition
+                        nullable: true
+                        type: string
+                      reason:
+                        description: The reason for the condition's last transition.
+                        nullable: true
+                        type: string
+                      status:
+                        description: Status of the condition, one of True, False,
+                          Unknown.
+                        nullable: true
+                        type: string
+                      type:
+                        description: Type of cluster condition.
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                lastScanTime:
+                  description: LastScanTime is the last time image was scanned
+                  nullable: true
+                  type: string
+                latestDigest:
+                  description: LatestDigest is the digest of latest tag
+                  nullable: true
+                  type: string
+                latestImage:
+                  description: LatestImage gives the first in the list of images scanned
+                    by the image repository, when filtered and ordered according to
+                    the policy.
+                  nullable: true
+                  type: string
+                latestTag:
+                  description: Latest tag is the latest tag filtered by the policy
+                  nullable: true
+                  type: string
+                observedGeneration:
+                  type: integer
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
diff --git a/charts/fleet-crd/103.1.8+up0.9.9/templates/gitjobs-crds.yaml b/charts/fleet-crd/103.1.8+up0.9.9/templates/gitjobs-crds.yaml
new file mode 100644
index 0000000000..b5296dbaf5
--- /dev/null
+++ b/charts/fleet-crd/103.1.8+up0.9.9/templates/gitjobs-crds.yaml
@@ -0,0 +1,7690 @@
+{{- if .Capabilities.APIVersions.Has "apiextensions.k8s.io/v1" -}}
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: gitjobs.gitjob.cattle.io
+spec:
+  group: gitjob.cattle.io
+  names:
+    kind: GitJob
+    plural: gitjobs
+    singular: gitjob
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .spec.git.repo
+      name: REPO
+      type: string
+    - jsonPath: .spec.git.branch
+      name: BRANCH
+      type: string
+    - jsonPath: .status.commit
+      name: COMMIT
+      type: string
+    - jsonPath: .status.jobStatus
+      name: JOBSTATUS
+      type: string
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
+    name: v1
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              forceUpdateGeneration:
+                type: integer
+              git:
+                properties:
+                  branch:
+                    nullable: true
+                    type: string
+                  caBundle:
+                    nullable: true
+                    type: string
+                  clientSecretName:
+                    nullable: true
+                    type: string
+                  insecureSkipTLSVerify:
+                    type: boolean
+                  onTag:
+                    nullable: true
+                    type: string
+                  provider:
+                    nullable: true
+                    type: string
+                  repo:
+                    nullable: true
+                    type: string
+                  revision:
+                    nullable: true
+                    type: string
+                type: object
+              jobSpec:
+                properties:
+                  activeDeadlineSeconds:
+                    nullable: true
+                    type: integer
+                  backoffLimit:
+                    nullable: true
+                    type: integer
+                  backoffLimitPerIndex:
+                    nullable: true
+                    type: integer
+                  completionMode:
+                    nullable: true
+                    type: string
+                  completions:
+                    nullable: true
+                    type: integer
+                  manualSelector:
+                    nullable: true
+                    type: boolean
+                  maxFailedIndexes:
+                    nullable: true
+                    type: integer
+                  parallelism:
+                    nullable: true
+                    type: integer
+                  podFailurePolicy:
+                    nullable: true
+                    properties:
+                      rules:
+                        items:
+                          properties:
+                            action:
+                              nullable: true
+                              type: string
+                            onExitCodes:
+                              nullable: true
+                              properties:
+                                containerName:
+                                  nullable: true
+                                  type: string
+                                operator:
+                                  nullable: true
+                                  type: string
+                                values:
+                                  items:
+                                    type: integer
+                                  nullable: true
+                                  type: array
+                              type: object
+                            onPodConditions:
+                              items:
+                                properties:
+                                  status:
+                                    nullable: true
+                                    type: string
+                                  type:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              nullable: true
+                              type: array
+                          type: object
+                        nullable: true
+                        type: array
+                    type: object
+                  podReplacementPolicy:
+                    nullable: true
+                    type: string
+                  selector:
+                    nullable: true
+                    properties:
+                      matchExpressions:
+                        items:
+                          properties:
+                            key:
+                              nullable: true
+                              type: string
+                            operator:
+                              nullable: true
+                              type: string
+                            values:
+                              items:
+                                nullable: true
+                                type: string
+                              nullable: true
+                              type: array
+                          type: object
+                        nullable: true
+                        type: array
+                      matchLabels:
+                        additionalProperties:
+                          nullable: true
+                          type: string
+                        nullable: true
+                        type: object
+                    type: object
+                  suspend:
+                    nullable: true
+                    type: boolean
+                  template:
+                    properties:
+                      metadata:
+                        properties:
+                          annotations:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: object
+                          creationTimestamp:
+                            nullable: true
+                            type: string
+                          deletionGracePeriodSeconds:
+                            nullable: true
+                            type: integer
+                          deletionTimestamp:
+                            nullable: true
+                            type: string
+                          finalizers:
+                            items:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: array
+                          generateName:
+                            nullable: true
+                            type: string
+                          generation:
+                            type: integer
+                          labels:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: object
+                          managedFields:
+                            items:
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                fieldsType:
+                                  nullable: true
+                                  type: string
+                                fieldsV1:
+                                  nullable: true
+                                  type: object
+                                manager:
+                                  nullable: true
+                                  type: string
+                                operation:
+                                  nullable: true
+                                  type: string
+                                subresource:
+                                  nullable: true
+                                  type: string
+                                time:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          name:
+                            nullable: true
+                            type: string
+                          namespace:
+                            nullable: true
+                            type: string
+                          ownerReferences:
+                            items:
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                blockOwnerDeletion:
+                                  nullable: true
+                                  type: boolean
+                                controller:
+                                  nullable: true
+                                  type: boolean
+                                kind:
+                                  nullable: true
+                                  type: string
+                                name:
+                                  nullable: true
+                                  type: string
+                                uid:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          resourceVersion:
+                            nullable: true
+                            type: string
+                          selfLink:
+                            nullable: true
+                            type: string
+                          uid:
+                            nullable: true
+                            type: string
+                        type: object
+                      spec:
+                        properties:
+                          activeDeadlineSeconds:
+                            nullable: true
+                            type: integer
+                          affinity:
+                            nullable: true
+                            properties:
+                              nodeAffinity:
+                                nullable: true
+                                properties:
+                                  preferredDuringSchedulingIgnoredDuringExecution:
+                                    items:
+                                      properties:
+                                        preference:
+                                          properties:
+                                            matchExpressions:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    nullable: true
+                                                    type: string
+                                                  operator:
+                                                    nullable: true
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      nullable: true
+                                                      type: string
+                                                    nullable: true
+                                                    type: array
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            matchFields:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    nullable: true
+                                                    type: string
+                                                  operator:
+                                                    nullable: true
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      nullable: true
+                                                      type: string
+                                                    nullable: true
+                                                    type: array
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        weight:
+                                          type: integer
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  requiredDuringSchedulingIgnoredDuringExecution:
+                                    nullable: true
+                                    properties:
+                                      nodeSelectorTerms:
+                                        items:
+                                          properties:
+                                            matchExpressions:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    nullable: true
+                                                    type: string
+                                                  operator:
+                                                    nullable: true
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      nullable: true
+                                                      type: string
+                                                    nullable: true
+                                                    type: array
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            matchFields:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    nullable: true
+                                                    type: string
+                                                  operator:
+                                                    nullable: true
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      nullable: true
+                                                      type: string
+                                                    nullable: true
+                                                    type: array
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                type: object
+                              podAffinity:
+                                nullable: true
+                                properties:
+                                  preferredDuringSchedulingIgnoredDuringExecution:
+                                    items:
+                                      properties:
+                                        podAffinityTerm:
+                                          properties:
+                                            labelSelector:
+                                              nullable: true
+                                              properties:
+                                                matchExpressions:
+                                                  items:
+                                                    properties:
+                                                      key:
+                                                        nullable: true
+                                                        type: string
+                                                      operator:
+                                                        nullable: true
+                                                        type: string
+                                                      values:
+                                                        items:
+                                                          nullable: true
+                                                          type: string
+                                                        nullable: true
+                                                        type: array
+                                                    type: object
+                                                  nullable: true
+                                                  type: array
+                                                matchLabels:
+                                                  additionalProperties:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: object
+                                              type: object
+                                            namespaceSelector:
+                                              nullable: true
+                                              properties:
+                                                matchExpressions:
+                                                  items:
+                                                    properties:
+                                                      key:
+                                                        nullable: true
+                                                        type: string
+                                                      operator:
+                                                        nullable: true
+                                                        type: string
+                                                      values:
+                                                        items:
+                                                          nullable: true
+                                                          type: string
+                                                        nullable: true
+                                                        type: array
+                                                    type: object
+                                                  nullable: true
+                                                  type: array
+                                                matchLabels:
+                                                  additionalProperties:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: object
+                                              type: object
+                                            namespaces:
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                            topologyKey:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        weight:
+                                          type: integer
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  requiredDuringSchedulingIgnoredDuringExecution:
+                                    items:
+                                      properties:
+                                        labelSelector:
+                                          nullable: true
+                                          properties:
+                                            matchExpressions:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    nullable: true
+                                                    type: string
+                                                  operator:
+                                                    nullable: true
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      nullable: true
+                                                      type: string
+                                                    nullable: true
+                                                    type: array
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            matchLabels:
+                                              additionalProperties:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: object
+                                          type: object
+                                        namespaceSelector:
+                                          nullable: true
+                                          properties:
+                                            matchExpressions:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    nullable: true
+                                                    type: string
+                                                  operator:
+                                                    nullable: true
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      nullable: true
+                                                      type: string
+                                                    nullable: true
+                                                    type: array
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            matchLabels:
+                                              additionalProperties:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: object
+                                          type: object
+                                        namespaces:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                        topologyKey:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                type: object
+                              podAntiAffinity:
+                                nullable: true
+                                properties:
+                                  preferredDuringSchedulingIgnoredDuringExecution:
+                                    items:
+                                      properties:
+                                        podAffinityTerm:
+                                          properties:
+                                            labelSelector:
+                                              nullable: true
+                                              properties:
+                                                matchExpressions:
+                                                  items:
+                                                    properties:
+                                                      key:
+                                                        nullable: true
+                                                        type: string
+                                                      operator:
+                                                        nullable: true
+                                                        type: string
+                                                      values:
+                                                        items:
+                                                          nullable: true
+                                                          type: string
+                                                        nullable: true
+                                                        type: array
+                                                    type: object
+                                                  nullable: true
+                                                  type: array
+                                                matchLabels:
+                                                  additionalProperties:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: object
+                                              type: object
+                                            namespaceSelector:
+                                              nullable: true
+                                              properties:
+                                                matchExpressions:
+                                                  items:
+                                                    properties:
+                                                      key:
+                                                        nullable: true
+                                                        type: string
+                                                      operator:
+                                                        nullable: true
+                                                        type: string
+                                                      values:
+                                                        items:
+                                                          nullable: true
+                                                          type: string
+                                                        nullable: true
+                                                        type: array
+                                                    type: object
+                                                  nullable: true
+                                                  type: array
+                                                matchLabels:
+                                                  additionalProperties:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: object
+                                              type: object
+                                            namespaces:
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                            topologyKey:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        weight:
+                                          type: integer
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  requiredDuringSchedulingIgnoredDuringExecution:
+                                    items:
+                                      properties:
+                                        labelSelector:
+                                          nullable: true
+                                          properties:
+                                            matchExpressions:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    nullable: true
+                                                    type: string
+                                                  operator:
+                                                    nullable: true
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      nullable: true
+                                                      type: string
+                                                    nullable: true
+                                                    type: array
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            matchLabels:
+                                              additionalProperties:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: object
+                                          type: object
+                                        namespaceSelector:
+                                          nullable: true
+                                          properties:
+                                            matchExpressions:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    nullable: true
+                                                    type: string
+                                                  operator:
+                                                    nullable: true
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      nullable: true
+                                                      type: string
+                                                    nullable: true
+                                                    type: array
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            matchLabels:
+                                              additionalProperties:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: object
+                                          type: object
+                                        namespaces:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                        topologyKey:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                type: object
+                            type: object
+                          automountServiceAccountToken:
+                            nullable: true
+                            type: boolean
+                          containers:
+                            items:
+                              properties:
+                                args:
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                                command:
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                                env:
+                                  items:
+                                    properties:
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      value:
+                                        nullable: true
+                                        type: string
+                                      valueFrom:
+                                        nullable: true
+                                        properties:
+                                          configMapKeyRef:
+                                            nullable: true
+                                            properties:
+                                              key:
+                                                nullable: true
+                                                type: string
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              optional:
+                                                nullable: true
+                                                type: boolean
+                                            type: object
+                                          fieldRef:
+                                            nullable: true
+                                            properties:
+                                              apiVersion:
+                                                nullable: true
+                                                type: string
+                                              fieldPath:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          resourceFieldRef:
+                                            nullable: true
+                                            properties:
+                                              containerName:
+                                                nullable: true
+                                                type: string
+                                              divisor:
+                                                nullable: true
+                                                type: string
+                                              resource:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          secretKeyRef:
+                                            nullable: true
+                                            properties:
+                                              key:
+                                                nullable: true
+                                                type: string
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              optional:
+                                                nullable: true
+                                                type: boolean
+                                            type: object
+                                        type: object
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                envFrom:
+                                  items:
+                                    properties:
+                                      configMapRef:
+                                        nullable: true
+                                        properties:
+                                          name:
+                                            nullable: true
+                                            type: string
+                                          optional:
+                                            nullable: true
+                                            type: boolean
+                                        type: object
+                                      prefix:
+                                        nullable: true
+                                        type: string
+                                      secretRef:
+                                        nullable: true
+                                        properties:
+                                          name:
+                                            nullable: true
+                                            type: string
+                                          optional:
+                                            nullable: true
+                                            type: boolean
+                                        type: object
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                image:
+                                  nullable: true
+                                  type: string
+                                imagePullPolicy:
+                                  nullable: true
+                                  type: string
+                                lifecycle:
+                                  nullable: true
+                                  properties:
+                                    postStart:
+                                      nullable: true
+                                      properties:
+                                        exec:
+                                          nullable: true
+                                          properties:
+                                            command:
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        httpGet:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            httpHeaders:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    nullable: true
+                                                    type: string
+                                                  value:
+                                                    nullable: true
+                                                    type: string
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            path:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                            scheme:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        tcpSocket:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                    preStop:
+                                      nullable: true
+                                      properties:
+                                        exec:
+                                          nullable: true
+                                          properties:
+                                            command:
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        httpGet:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            httpHeaders:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    nullable: true
+                                                    type: string
+                                                  value:
+                                                    nullable: true
+                                                    type: string
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            path:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                            scheme:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        tcpSocket:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                  type: object
+                                livenessProbe:
+                                  nullable: true
+                                  properties:
+                                    exec:
+                                      nullable: true
+                                      properties:
+                                        command:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    failureThreshold:
+                                      type: integer
+                                    grpc:
+                                      nullable: true
+                                      properties:
+                                        port:
+                                          type: integer
+                                        service:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    httpGet:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              value:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          nullable: true
+                                          type: array
+                                        path:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    initialDelaySeconds:
+                                      type: integer
+                                    periodSeconds:
+                                      type: integer
+                                    successThreshold:
+                                      type: integer
+                                    tcpSocket:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                      type: object
+                                    terminationGracePeriodSeconds:
+                                      nullable: true
+                                      type: integer
+                                    timeoutSeconds:
+                                      type: integer
+                                  type: object
+                                name:
+                                  nullable: true
+                                  type: string
+                                ports:
+                                  items:
+                                    properties:
+                                      containerPort:
+                                        type: integer
+                                      hostIP:
+                                        nullable: true
+                                        type: string
+                                      hostPort:
+                                        type: integer
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      protocol:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                readinessProbe:
+                                  nullable: true
+                                  properties:
+                                    exec:
+                                      nullable: true
+                                      properties:
+                                        command:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    failureThreshold:
+                                      type: integer
+                                    grpc:
+                                      nullable: true
+                                      properties:
+                                        port:
+                                          type: integer
+                                        service:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    httpGet:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              value:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          nullable: true
+                                          type: array
+                                        path:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    initialDelaySeconds:
+                                      type: integer
+                                    periodSeconds:
+                                      type: integer
+                                    successThreshold:
+                                      type: integer
+                                    tcpSocket:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                      type: object
+                                    terminationGracePeriodSeconds:
+                                      nullable: true
+                                      type: integer
+                                    timeoutSeconds:
+                                      type: integer
+                                  type: object
+                                resizePolicy:
+                                  items:
+                                    properties:
+                                      resourceName:
+                                        nullable: true
+                                        type: string
+                                      restartPolicy:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                resources:
+                                  properties:
+                                    claims:
+                                      items:
+                                        properties:
+                                          name:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      nullable: true
+                                      type: array
+                                    limits:
+                                      additionalProperties:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: object
+                                    requests:
+                                      additionalProperties:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: object
+                                  type: object
+                                restartPolicy:
+                                  nullable: true
+                                  type: string
+                                securityContext:
+                                  nullable: true
+                                  properties:
+                                    allowPrivilegeEscalation:
+                                      nullable: true
+                                      type: boolean
+                                    capabilities:
+                                      nullable: true
+                                      properties:
+                                        add:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                        drop:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    privileged:
+                                      nullable: true
+                                      type: boolean
+                                    procMount:
+                                      nullable: true
+                                      type: string
+                                    readOnlyRootFilesystem:
+                                      nullable: true
+                                      type: boolean
+                                    runAsGroup:
+                                      nullable: true
+                                      type: integer
+                                    runAsNonRoot:
+                                      nullable: true
+                                      type: boolean
+                                    runAsUser:
+                                      nullable: true
+                                      type: integer
+                                    seLinuxOptions:
+                                      nullable: true
+                                      properties:
+                                        level:
+                                          nullable: true
+                                          type: string
+                                        role:
+                                          nullable: true
+                                          type: string
+                                        type:
+                                          nullable: true
+                                          type: string
+                                        user:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    seccompProfile:
+                                      nullable: true
+                                      properties:
+                                        localhostProfile:
+                                          nullable: true
+                                          type: string
+                                        type:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    windowsOptions:
+                                      nullable: true
+                                      properties:
+                                        gmsaCredentialSpec:
+                                          nullable: true
+                                          type: string
+                                        gmsaCredentialSpecName:
+                                          nullable: true
+                                          type: string
+                                        hostProcess:
+                                          nullable: true
+                                          type: boolean
+                                        runAsUserName:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                  type: object
+                                startupProbe:
+                                  nullable: true
+                                  properties:
+                                    exec:
+                                      nullable: true
+                                      properties:
+                                        command:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    failureThreshold:
+                                      type: integer
+                                    grpc:
+                                      nullable: true
+                                      properties:
+                                        port:
+                                          type: integer
+                                        service:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    httpGet:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              value:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          nullable: true
+                                          type: array
+                                        path:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    initialDelaySeconds:
+                                      type: integer
+                                    periodSeconds:
+                                      type: integer
+                                    successThreshold:
+                                      type: integer
+                                    tcpSocket:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                      type: object
+                                    terminationGracePeriodSeconds:
+                                      nullable: true
+                                      type: integer
+                                    timeoutSeconds:
+                                      type: integer
+                                  type: object
+                                stdin:
+                                  type: boolean
+                                stdinOnce:
+                                  type: boolean
+                                terminationMessagePath:
+                                  nullable: true
+                                  type: string
+                                terminationMessagePolicy:
+                                  nullable: true
+                                  type: string
+                                tty:
+                                  type: boolean
+                                volumeDevices:
+                                  items:
+                                    properties:
+                                      devicePath:
+                                        nullable: true
+                                        type: string
+                                      name:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                volumeMounts:
+                                  items:
+                                    properties:
+                                      mountPath:
+                                        nullable: true
+                                        type: string
+                                      mountPropagation:
+                                        nullable: true
+                                        type: string
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      readOnly:
+                                        type: boolean
+                                      subPath:
+                                        nullable: true
+                                        type: string
+                                      subPathExpr:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                workingDir:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          dnsConfig:
+                            nullable: true
+                            properties:
+                              nameservers:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              options:
+                                items:
+                                  properties:
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    value:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              searches:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                            type: object
+                          dnsPolicy:
+                            nullable: true
+                            type: string
+                          enableServiceLinks:
+                            nullable: true
+                            type: boolean
+                          ephemeralContainers:
+                            items:
+                              properties:
+                                args:
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                                command:
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                                env:
+                                  items:
+                                    properties:
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      value:
+                                        nullable: true
+                                        type: string
+                                      valueFrom:
+                                        nullable: true
+                                        properties:
+                                          configMapKeyRef:
+                                            nullable: true
+                                            properties:
+                                              key:
+                                                nullable: true
+                                                type: string
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              optional:
+                                                nullable: true
+                                                type: boolean
+                                            type: object
+                                          fieldRef:
+                                            nullable: true
+                                            properties:
+                                              apiVersion:
+                                                nullable: true
+                                                type: string
+                                              fieldPath:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          resourceFieldRef:
+                                            nullable: true
+                                            properties:
+                                              containerName:
+                                                nullable: true
+                                                type: string
+                                              divisor:
+                                                nullable: true
+                                                type: string
+                                              resource:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          secretKeyRef:
+                                            nullable: true
+                                            properties:
+                                              key:
+                                                nullable: true
+                                                type: string
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              optional:
+                                                nullable: true
+                                                type: boolean
+                                            type: object
+                                        type: object
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                envFrom:
+                                  items:
+                                    properties:
+                                      configMapRef:
+                                        nullable: true
+                                        properties:
+                                          name:
+                                            nullable: true
+                                            type: string
+                                          optional:
+                                            nullable: true
+                                            type: boolean
+                                        type: object
+                                      prefix:
+                                        nullable: true
+                                        type: string
+                                      secretRef:
+                                        nullable: true
+                                        properties:
+                                          name:
+                                            nullable: true
+                                            type: string
+                                          optional:
+                                            nullable: true
+                                            type: boolean
+                                        type: object
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                image:
+                                  nullable: true
+                                  type: string
+                                imagePullPolicy:
+                                  nullable: true
+                                  type: string
+                                lifecycle:
+                                  nullable: true
+                                  properties:
+                                    postStart:
+                                      nullable: true
+                                      properties:
+                                        exec:
+                                          nullable: true
+                                          properties:
+                                            command:
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        httpGet:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            httpHeaders:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    nullable: true
+                                                    type: string
+                                                  value:
+                                                    nullable: true
+                                                    type: string
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            path:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                            scheme:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        tcpSocket:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                    preStop:
+                                      nullable: true
+                                      properties:
+                                        exec:
+                                          nullable: true
+                                          properties:
+                                            command:
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        httpGet:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            httpHeaders:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    nullable: true
+                                                    type: string
+                                                  value:
+                                                    nullable: true
+                                                    type: string
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            path:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                            scheme:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        tcpSocket:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                  type: object
+                                livenessProbe:
+                                  nullable: true
+                                  properties:
+                                    exec:
+                                      nullable: true
+                                      properties:
+                                        command:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    failureThreshold:
+                                      type: integer
+                                    grpc:
+                                      nullable: true
+                                      properties:
+                                        port:
+                                          type: integer
+                                        service:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    httpGet:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              value:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          nullable: true
+                                          type: array
+                                        path:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    initialDelaySeconds:
+                                      type: integer
+                                    periodSeconds:
+                                      type: integer
+                                    successThreshold:
+                                      type: integer
+                                    tcpSocket:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                      type: object
+                                    terminationGracePeriodSeconds:
+                                      nullable: true
+                                      type: integer
+                                    timeoutSeconds:
+                                      type: integer
+                                  type: object
+                                name:
+                                  nullable: true
+                                  type: string
+                                ports:
+                                  items:
+                                    properties:
+                                      containerPort:
+                                        type: integer
+                                      hostIP:
+                                        nullable: true
+                                        type: string
+                                      hostPort:
+                                        type: integer
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      protocol:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                readinessProbe:
+                                  nullable: true
+                                  properties:
+                                    exec:
+                                      nullable: true
+                                      properties:
+                                        command:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    failureThreshold:
+                                      type: integer
+                                    grpc:
+                                      nullable: true
+                                      properties:
+                                        port:
+                                          type: integer
+                                        service:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    httpGet:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              value:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          nullable: true
+                                          type: array
+                                        path:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    initialDelaySeconds:
+                                      type: integer
+                                    periodSeconds:
+                                      type: integer
+                                    successThreshold:
+                                      type: integer
+                                    tcpSocket:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                      type: object
+                                    terminationGracePeriodSeconds:
+                                      nullable: true
+                                      type: integer
+                                    timeoutSeconds:
+                                      type: integer
+                                  type: object
+                                resizePolicy:
+                                  items:
+                                    properties:
+                                      resourceName:
+                                        nullable: true
+                                        type: string
+                                      restartPolicy:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                resources:
+                                  properties:
+                                    claims:
+                                      items:
+                                        properties:
+                                          name:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      nullable: true
+                                      type: array
+                                    limits:
+                                      additionalProperties:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: object
+                                    requests:
+                                      additionalProperties:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: object
+                                  type: object
+                                restartPolicy:
+                                  nullable: true
+                                  type: string
+                                securityContext:
+                                  nullable: true
+                                  properties:
+                                    allowPrivilegeEscalation:
+                                      nullable: true
+                                      type: boolean
+                                    capabilities:
+                                      nullable: true
+                                      properties:
+                                        add:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                        drop:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    privileged:
+                                      nullable: true
+                                      type: boolean
+                                    procMount:
+                                      nullable: true
+                                      type: string
+                                    readOnlyRootFilesystem:
+                                      nullable: true
+                                      type: boolean
+                                    runAsGroup:
+                                      nullable: true
+                                      type: integer
+                                    runAsNonRoot:
+                                      nullable: true
+                                      type: boolean
+                                    runAsUser:
+                                      nullable: true
+                                      type: integer
+                                    seLinuxOptions:
+                                      nullable: true
+                                      properties:
+                                        level:
+                                          nullable: true
+                                          type: string
+                                        role:
+                                          nullable: true
+                                          type: string
+                                        type:
+                                          nullable: true
+                                          type: string
+                                        user:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    seccompProfile:
+                                      nullable: true
+                                      properties:
+                                        localhostProfile:
+                                          nullable: true
+                                          type: string
+                                        type:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    windowsOptions:
+                                      nullable: true
+                                      properties:
+                                        gmsaCredentialSpec:
+                                          nullable: true
+                                          type: string
+                                        gmsaCredentialSpecName:
+                                          nullable: true
+                                          type: string
+                                        hostProcess:
+                                          nullable: true
+                                          type: boolean
+                                        runAsUserName:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                  type: object
+                                startupProbe:
+                                  nullable: true
+                                  properties:
+                                    exec:
+                                      nullable: true
+                                      properties:
+                                        command:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    failureThreshold:
+                                      type: integer
+                                    grpc:
+                                      nullable: true
+                                      properties:
+                                        port:
+                                          type: integer
+                                        service:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    httpGet:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              value:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          nullable: true
+                                          type: array
+                                        path:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    initialDelaySeconds:
+                                      type: integer
+                                    periodSeconds:
+                                      type: integer
+                                    successThreshold:
+                                      type: integer
+                                    tcpSocket:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                      type: object
+                                    terminationGracePeriodSeconds:
+                                      nullable: true
+                                      type: integer
+                                    timeoutSeconds:
+                                      type: integer
+                                  type: object
+                                stdin:
+                                  type: boolean
+                                stdinOnce:
+                                  type: boolean
+                                targetContainerName:
+                                  nullable: true
+                                  type: string
+                                terminationMessagePath:
+                                  nullable: true
+                                  type: string
+                                terminationMessagePolicy:
+                                  nullable: true
+                                  type: string
+                                tty:
+                                  type: boolean
+                                volumeDevices:
+                                  items:
+                                    properties:
+                                      devicePath:
+                                        nullable: true
+                                        type: string
+                                      name:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                volumeMounts:
+                                  items:
+                                    properties:
+                                      mountPath:
+                                        nullable: true
+                                        type: string
+                                      mountPropagation:
+                                        nullable: true
+                                        type: string
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      readOnly:
+                                        type: boolean
+                                      subPath:
+                                        nullable: true
+                                        type: string
+                                      subPathExpr:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                workingDir:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          hostAliases:
+                            items:
+                              properties:
+                                hostnames:
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                                ip:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          hostIPC:
+                            type: boolean
+                          hostNetwork:
+                            type: boolean
+                          hostPID:
+                            type: boolean
+                          hostUsers:
+                            nullable: true
+                            type: boolean
+                          hostname:
+                            nullable: true
+                            type: string
+                          imagePullSecrets:
+                            items:
+                              properties:
+                                name:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          initContainers:
+                            items:
+                              properties:
+                                args:
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                                command:
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                                env:
+                                  items:
+                                    properties:
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      value:
+                                        nullable: true
+                                        type: string
+                                      valueFrom:
+                                        nullable: true
+                                        properties:
+                                          configMapKeyRef:
+                                            nullable: true
+                                            properties:
+                                              key:
+                                                nullable: true
+                                                type: string
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              optional:
+                                                nullable: true
+                                                type: boolean
+                                            type: object
+                                          fieldRef:
+                                            nullable: true
+                                            properties:
+                                              apiVersion:
+                                                nullable: true
+                                                type: string
+                                              fieldPath:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          resourceFieldRef:
+                                            nullable: true
+                                            properties:
+                                              containerName:
+                                                nullable: true
+                                                type: string
+                                              divisor:
+                                                nullable: true
+                                                type: string
+                                              resource:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          secretKeyRef:
+                                            nullable: true
+                                            properties:
+                                              key:
+                                                nullable: true
+                                                type: string
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              optional:
+                                                nullable: true
+                                                type: boolean
+                                            type: object
+                                        type: object
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                envFrom:
+                                  items:
+                                    properties:
+                                      configMapRef:
+                                        nullable: true
+                                        properties:
+                                          name:
+                                            nullable: true
+                                            type: string
+                                          optional:
+                                            nullable: true
+                                            type: boolean
+                                        type: object
+                                      prefix:
+                                        nullable: true
+                                        type: string
+                                      secretRef:
+                                        nullable: true
+                                        properties:
+                                          name:
+                                            nullable: true
+                                            type: string
+                                          optional:
+                                            nullable: true
+                                            type: boolean
+                                        type: object
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                image:
+                                  nullable: true
+                                  type: string
+                                imagePullPolicy:
+                                  nullable: true
+                                  type: string
+                                lifecycle:
+                                  nullable: true
+                                  properties:
+                                    postStart:
+                                      nullable: true
+                                      properties:
+                                        exec:
+                                          nullable: true
+                                          properties:
+                                            command:
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        httpGet:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            httpHeaders:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    nullable: true
+                                                    type: string
+                                                  value:
+                                                    nullable: true
+                                                    type: string
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            path:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                            scheme:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        tcpSocket:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                    preStop:
+                                      nullable: true
+                                      properties:
+                                        exec:
+                                          nullable: true
+                                          properties:
+                                            command:
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        httpGet:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            httpHeaders:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    nullable: true
+                                                    type: string
+                                                  value:
+                                                    nullable: true
+                                                    type: string
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            path:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                            scheme:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        tcpSocket:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                  type: object
+                                livenessProbe:
+                                  nullable: true
+                                  properties:
+                                    exec:
+                                      nullable: true
+                                      properties:
+                                        command:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    failureThreshold:
+                                      type: integer
+                                    grpc:
+                                      nullable: true
+                                      properties:
+                                        port:
+                                          type: integer
+                                        service:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    httpGet:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              value:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          nullable: true
+                                          type: array
+                                        path:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    initialDelaySeconds:
+                                      type: integer
+                                    periodSeconds:
+                                      type: integer
+                                    successThreshold:
+                                      type: integer
+                                    tcpSocket:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                      type: object
+                                    terminationGracePeriodSeconds:
+                                      nullable: true
+                                      type: integer
+                                    timeoutSeconds:
+                                      type: integer
+                                  type: object
+                                name:
+                                  nullable: true
+                                  type: string
+                                ports:
+                                  items:
+                                    properties:
+                                      containerPort:
+                                        type: integer
+                                      hostIP:
+                                        nullable: true
+                                        type: string
+                                      hostPort:
+                                        type: integer
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      protocol:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                readinessProbe:
+                                  nullable: true
+                                  properties:
+                                    exec:
+                                      nullable: true
+                                      properties:
+                                        command:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    failureThreshold:
+                                      type: integer
+                                    grpc:
+                                      nullable: true
+                                      properties:
+                                        port:
+                                          type: integer
+                                        service:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    httpGet:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              value:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          nullable: true
+                                          type: array
+                                        path:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    initialDelaySeconds:
+                                      type: integer
+                                    periodSeconds:
+                                      type: integer
+                                    successThreshold:
+                                      type: integer
+                                    tcpSocket:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                      type: object
+                                    terminationGracePeriodSeconds:
+                                      nullable: true
+                                      type: integer
+                                    timeoutSeconds:
+                                      type: integer
+                                  type: object
+                                resizePolicy:
+                                  items:
+                                    properties:
+                                      resourceName:
+                                        nullable: true
+                                        type: string
+                                      restartPolicy:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                resources:
+                                  properties:
+                                    claims:
+                                      items:
+                                        properties:
+                                          name:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      nullable: true
+                                      type: array
+                                    limits:
+                                      additionalProperties:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: object
+                                    requests:
+                                      additionalProperties:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: object
+                                  type: object
+                                restartPolicy:
+                                  nullable: true
+                                  type: string
+                                securityContext:
+                                  nullable: true
+                                  properties:
+                                    allowPrivilegeEscalation:
+                                      nullable: true
+                                      type: boolean
+                                    capabilities:
+                                      nullable: true
+                                      properties:
+                                        add:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                        drop:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    privileged:
+                                      nullable: true
+                                      type: boolean
+                                    procMount:
+                                      nullable: true
+                                      type: string
+                                    readOnlyRootFilesystem:
+                                      nullable: true
+                                      type: boolean
+                                    runAsGroup:
+                                      nullable: true
+                                      type: integer
+                                    runAsNonRoot:
+                                      nullable: true
+                                      type: boolean
+                                    runAsUser:
+                                      nullable: true
+                                      type: integer
+                                    seLinuxOptions:
+                                      nullable: true
+                                      properties:
+                                        level:
+                                          nullable: true
+                                          type: string
+                                        role:
+                                          nullable: true
+                                          type: string
+                                        type:
+                                          nullable: true
+                                          type: string
+                                        user:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    seccompProfile:
+                                      nullable: true
+                                      properties:
+                                        localhostProfile:
+                                          nullable: true
+                                          type: string
+                                        type:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    windowsOptions:
+                                      nullable: true
+                                      properties:
+                                        gmsaCredentialSpec:
+                                          nullable: true
+                                          type: string
+                                        gmsaCredentialSpecName:
+                                          nullable: true
+                                          type: string
+                                        hostProcess:
+                                          nullable: true
+                                          type: boolean
+                                        runAsUserName:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                  type: object
+                                startupProbe:
+                                  nullable: true
+                                  properties:
+                                    exec:
+                                      nullable: true
+                                      properties:
+                                        command:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    failureThreshold:
+                                      type: integer
+                                    grpc:
+                                      nullable: true
+                                      properties:
+                                        port:
+                                          type: integer
+                                        service:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    httpGet:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              value:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          nullable: true
+                                          type: array
+                                        path:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    initialDelaySeconds:
+                                      type: integer
+                                    periodSeconds:
+                                      type: integer
+                                    successThreshold:
+                                      type: integer
+                                    tcpSocket:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                      type: object
+                                    terminationGracePeriodSeconds:
+                                      nullable: true
+                                      type: integer
+                                    timeoutSeconds:
+                                      type: integer
+                                  type: object
+                                stdin:
+                                  type: boolean
+                                stdinOnce:
+                                  type: boolean
+                                terminationMessagePath:
+                                  nullable: true
+                                  type: string
+                                terminationMessagePolicy:
+                                  nullable: true
+                                  type: string
+                                tty:
+                                  type: boolean
+                                volumeDevices:
+                                  items:
+                                    properties:
+                                      devicePath:
+                                        nullable: true
+                                        type: string
+                                      name:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                volumeMounts:
+                                  items:
+                                    properties:
+                                      mountPath:
+                                        nullable: true
+                                        type: string
+                                      mountPropagation:
+                                        nullable: true
+                                        type: string
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      readOnly:
+                                        type: boolean
+                                      subPath:
+                                        nullable: true
+                                        type: string
+                                      subPathExpr:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                workingDir:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          nodeName:
+                            nullable: true
+                            type: string
+                          nodeSelector:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: object
+                          os:
+                            nullable: true
+                            properties:
+                              name:
+                                nullable: true
+                                type: string
+                            type: object
+                          overhead:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: object
+                          preemptionPolicy:
+                            nullable: true
+                            type: string
+                          priority:
+                            nullable: true
+                            type: integer
+                          priorityClassName:
+                            nullable: true
+                            type: string
+                          readinessGates:
+                            items:
+                              properties:
+                                conditionType:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          resourceClaims:
+                            items:
+                              properties:
+                                name:
+                                  nullable: true
+                                  type: string
+                                source:
+                                  properties:
+                                    resourceClaimName:
+                                      nullable: true
+                                      type: string
+                                    resourceClaimTemplateName:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                              type: object
+                            nullable: true
+                            type: array
+                          restartPolicy:
+                            nullable: true
+                            type: string
+                          runtimeClassName:
+                            nullable: true
+                            type: string
+                          schedulerName:
+                            nullable: true
+                            type: string
+                          schedulingGates:
+                            items:
+                              properties:
+                                name:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          securityContext:
+                            nullable: true
+                            properties:
+                              fsGroup:
+                                nullable: true
+                                type: integer
+                              fsGroupChangePolicy:
+                                nullable: true
+                                type: string
+                              runAsGroup:
+                                nullable: true
+                                type: integer
+                              runAsNonRoot:
+                                nullable: true
+                                type: boolean
+                              runAsUser:
+                                nullable: true
+                                type: integer
+                              seLinuxOptions:
+                                nullable: true
+                                properties:
+                                  level:
+                                    nullable: true
+                                    type: string
+                                  role:
+                                    nullable: true
+                                    type: string
+                                  type:
+                                    nullable: true
+                                    type: string
+                                  user:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              seccompProfile:
+                                nullable: true
+                                properties:
+                                  localhostProfile:
+                                    nullable: true
+                                    type: string
+                                  type:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              supplementalGroups:
+                                items:
+                                  type: integer
+                                nullable: true
+                                type: array
+                              sysctls:
+                                items:
+                                  properties:
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    value:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              windowsOptions:
+                                nullable: true
+                                properties:
+                                  gmsaCredentialSpec:
+                                    nullable: true
+                                    type: string
+                                  gmsaCredentialSpecName:
+                                    nullable: true
+                                    type: string
+                                  hostProcess:
+                                    nullable: true
+                                    type: boolean
+                                  runAsUserName:
+                                    nullable: true
+                                    type: string
+                                type: object
+                            type: object
+                          serviceAccount:
+                            nullable: true
+                            type: string
+                          serviceAccountName:
+                            nullable: true
+                            type: string
+                          setHostnameAsFQDN:
+                            nullable: true
+                            type: boolean
+                          shareProcessNamespace:
+                            nullable: true
+                            type: boolean
+                          subdomain:
+                            nullable: true
+                            type: string
+                          terminationGracePeriodSeconds:
+                            nullable: true
+                            type: integer
+                          tolerations:
+                            items:
+                              properties:
+                                effect:
+                                  nullable: true
+                                  type: string
+                                key:
+                                  nullable: true
+                                  type: string
+                                operator:
+                                  nullable: true
+                                  type: string
+                                tolerationSeconds:
+                                  nullable: true
+                                  type: integer
+                                value:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          topologySpreadConstraints:
+                            items:
+                              properties:
+                                labelSelector:
+                                  nullable: true
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            nullable: true
+                                            type: string
+                                          operator:
+                                            nullable: true
+                                            type: string
+                                          values:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                        type: object
+                                      nullable: true
+                                      type: array
+                                    matchLabels:
+                                      additionalProperties:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: object
+                                  type: object
+                                matchLabelKeys:
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                                maxSkew:
+                                  type: integer
+                                minDomains:
+                                  nullable: true
+                                  type: integer
+                                nodeAffinityPolicy:
+                                  nullable: true
+                                  type: string
+                                nodeTaintsPolicy:
+                                  nullable: true
+                                  type: string
+                                topologyKey:
+                                  nullable: true
+                                  type: string
+                                whenUnsatisfiable:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          volumes:
+                            items:
+                              properties:
+                                awsElasticBlockStore:
+                                  nullable: true
+                                  properties:
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    partition:
+                                      type: integer
+                                    readOnly:
+                                      type: boolean
+                                    volumeID:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                azureDisk:
+                                  nullable: true
+                                  properties:
+                                    cachingMode:
+                                      nullable: true
+                                      type: string
+                                    diskName:
+                                      nullable: true
+                                      type: string
+                                    diskURI:
+                                      nullable: true
+                                      type: string
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    kind:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      nullable: true
+                                      type: boolean
+                                  type: object
+                                azureFile:
+                                  nullable: true
+                                  properties:
+                                    readOnly:
+                                      type: boolean
+                                    secretName:
+                                      nullable: true
+                                      type: string
+                                    shareName:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                cephfs:
+                                  nullable: true
+                                  properties:
+                                    monitors:
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                    path:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                    secretFile:
+                                      nullable: true
+                                      type: string
+                                    secretRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    user:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                cinder:
+                                  nullable: true
+                                  properties:
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                    secretRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    volumeID:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                configMap:
+                                  nullable: true
+                                  properties:
+                                    defaultMode:
+                                      nullable: true
+                                      type: integer
+                                    items:
+                                      items:
+                                        properties:
+                                          key:
+                                            nullable: true
+                                            type: string
+                                          mode:
+                                            nullable: true
+                                            type: integer
+                                          path:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      nullable: true
+                                      type: array
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    optional:
+                                      nullable: true
+                                      type: boolean
+                                  type: object
+                                csi:
+                                  nullable: true
+                                  properties:
+                                    driver:
+                                      nullable: true
+                                      type: string
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    nodePublishSecretRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    readOnly:
+                                      nullable: true
+                                      type: boolean
+                                    volumeAttributes:
+                                      additionalProperties:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: object
+                                  type: object
+                                downwardAPI:
+                                  nullable: true
+                                  properties:
+                                    defaultMode:
+                                      nullable: true
+                                      type: integer
+                                    items:
+                                      items:
+                                        properties:
+                                          fieldRef:
+                                            nullable: true
+                                            properties:
+                                              apiVersion:
+                                                nullable: true
+                                                type: string
+                                              fieldPath:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          mode:
+                                            nullable: true
+                                            type: integer
+                                          path:
+                                            nullable: true
+                                            type: string
+                                          resourceFieldRef:
+                                            nullable: true
+                                            properties:
+                                              containerName:
+                                                nullable: true
+                                                type: string
+                                              divisor:
+                                                nullable: true
+                                                type: string
+                                              resource:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                        type: object
+                                      nullable: true
+                                      type: array
+                                  type: object
+                                emptyDir:
+                                  nullable: true
+                                  properties:
+                                    medium:
+                                      nullable: true
+                                      type: string
+                                    sizeLimit:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                ephemeral:
+                                  nullable: true
+                                  properties:
+                                    volumeClaimTemplate:
+                                      nullable: true
+                                      properties:
+                                        metadata:
+                                          properties:
+                                            annotations:
+                                              additionalProperties:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: object
+                                            creationTimestamp:
+                                              nullable: true
+                                              type: string
+                                            deletionGracePeriodSeconds:
+                                              nullable: true
+                                              type: integer
+                                            deletionTimestamp:
+                                              nullable: true
+                                              type: string
+                                            finalizers:
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                            generateName:
+                                              nullable: true
+                                              type: string
+                                            generation:
+                                              type: integer
+                                            labels:
+                                              additionalProperties:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: object
+                                            managedFields:
+                                              items:
+                                                properties:
+                                                  apiVersion:
+                                                    nullable: true
+                                                    type: string
+                                                  fieldsType:
+                                                    nullable: true
+                                                    type: string
+                                                  fieldsV1:
+                                                    nullable: true
+                                                    type: object
+                                                  manager:
+                                                    nullable: true
+                                                    type: string
+                                                  operation:
+                                                    nullable: true
+                                                    type: string
+                                                  subresource:
+                                                    nullable: true
+                                                    type: string
+                                                  time:
+                                                    nullable: true
+                                                    type: string
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            namespace:
+                                              nullable: true
+                                              type: string
+                                            ownerReferences:
+                                              items:
+                                                properties:
+                                                  apiVersion:
+                                                    nullable: true
+                                                    type: string
+                                                  blockOwnerDeletion:
+                                                    nullable: true
+                                                    type: boolean
+                                                  controller:
+                                                    nullable: true
+                                                    type: boolean
+                                                  kind:
+                                                    nullable: true
+                                                    type: string
+                                                  name:
+                                                    nullable: true
+                                                    type: string
+                                                  uid:
+                                                    nullable: true
+                                                    type: string
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            resourceVersion:
+                                              nullable: true
+                                              type: string
+                                            selfLink:
+                                              nullable: true
+                                              type: string
+                                            uid:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        spec:
+                                          properties:
+                                            accessModes:
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                            dataSource:
+                                              nullable: true
+                                              properties:
+                                                apiGroup:
+                                                  nullable: true
+                                                  type: string
+                                                kind:
+                                                  nullable: true
+                                                  type: string
+                                                name:
+                                                  nullable: true
+                                                  type: string
+                                              type: object
+                                            dataSourceRef:
+                                              nullable: true
+                                              properties:
+                                                apiGroup:
+                                                  nullable: true
+                                                  type: string
+                                                kind:
+                                                  nullable: true
+                                                  type: string
+                                                name:
+                                                  nullable: true
+                                                  type: string
+                                                namespace:
+                                                  nullable: true
+                                                  type: string
+                                              type: object
+                                            resources:
+                                              properties:
+                                                claims:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        nullable: true
+                                                        type: string
+                                                    type: object
+                                                  nullable: true
+                                                  type: array
+                                                limits:
+                                                  additionalProperties:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: object
+                                                requests:
+                                                  additionalProperties:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: object
+                                              type: object
+                                            selector:
+                                              nullable: true
+                                              properties:
+                                                matchExpressions:
+                                                  items:
+                                                    properties:
+                                                      key:
+                                                        nullable: true
+                                                        type: string
+                                                      operator:
+                                                        nullable: true
+                                                        type: string
+                                                      values:
+                                                        items:
+                                                          nullable: true
+                                                          type: string
+                                                        nullable: true
+                                                        type: array
+                                                    type: object
+                                                  nullable: true
+                                                  type: array
+                                                matchLabels:
+                                                  additionalProperties:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: object
+                                              type: object
+                                            storageClassName:
+                                              nullable: true
+                                              type: string
+                                            volumeMode:
+                                              nullable: true
+                                              type: string
+                                            volumeName:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                      type: object
+                                  type: object
+                                fc:
+                                  nullable: true
+                                  properties:
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    lun:
+                                      nullable: true
+                                      type: integer
+                                    readOnly:
+                                      type: boolean
+                                    targetWWNs:
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                    wwids:
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                  type: object
+                                flexVolume:
+                                  nullable: true
+                                  properties:
+                                    driver:
+                                      nullable: true
+                                      type: string
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    options:
+                                      additionalProperties:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: object
+                                    readOnly:
+                                      type: boolean
+                                    secretRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                  type: object
+                                flocker:
+                                  nullable: true
+                                  properties:
+                                    datasetName:
+                                      nullable: true
+                                      type: string
+                                    datasetUUID:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                gcePersistentDisk:
+                                  nullable: true
+                                  properties:
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    partition:
+                                      type: integer
+                                    pdName:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                  type: object
+                                gitRepo:
+                                  nullable: true
+                                  properties:
+                                    directory:
+                                      nullable: true
+                                      type: string
+                                    repository:
+                                      nullable: true
+                                      type: string
+                                    revision:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                glusterfs:
+                                  nullable: true
+                                  properties:
+                                    endpoints:
+                                      nullable: true
+                                      type: string
+                                    path:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                  type: object
+                                hostPath:
+                                  nullable: true
+                                  properties:
+                                    path:
+                                      nullable: true
+                                      type: string
+                                    type:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                iscsi:
+                                  nullable: true
+                                  properties:
+                                    chapAuthDiscovery:
+                                      type: boolean
+                                    chapAuthSession:
+                                      type: boolean
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    initiatorName:
+                                      nullable: true
+                                      type: string
+                                    iqn:
+                                      nullable: true
+                                      type: string
+                                    iscsiInterface:
+                                      nullable: true
+                                      type: string
+                                    lun:
+                                      type: integer
+                                    portals:
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                    readOnly:
+                                      type: boolean
+                                    secretRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    targetPortal:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                name:
+                                  nullable: true
+                                  type: string
+                                nfs:
+                                  nullable: true
+                                  properties:
+                                    path:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                    server:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                persistentVolumeClaim:
+                                  nullable: true
+                                  properties:
+                                    claimName:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                  type: object
+                                photonPersistentDisk:
+                                  nullable: true
+                                  properties:
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    pdID:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                portworxVolume:
+                                  nullable: true
+                                  properties:
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                    volumeID:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                projected:
+                                  nullable: true
+                                  properties:
+                                    defaultMode:
+                                      nullable: true
+                                      type: integer
+                                    sources:
+                                      items:
+                                        properties:
+                                          configMap:
+                                            nullable: true
+                                            properties:
+                                              items:
+                                                items:
+                                                  properties:
+                                                    key:
+                                                      nullable: true
+                                                      type: string
+                                                    mode:
+                                                      nullable: true
+                                                      type: integer
+                                                    path:
+                                                      nullable: true
+                                                      type: string
+                                                  type: object
+                                                nullable: true
+                                                type: array
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              optional:
+                                                nullable: true
+                                                type: boolean
+                                            type: object
+                                          downwardAPI:
+                                            nullable: true
+                                            properties:
+                                              items:
+                                                items:
+                                                  properties:
+                                                    fieldRef:
+                                                      nullable: true
+                                                      properties:
+                                                        apiVersion:
+                                                          nullable: true
+                                                          type: string
+                                                        fieldPath:
+                                                          nullable: true
+                                                          type: string
+                                                      type: object
+                                                    mode:
+                                                      nullable: true
+                                                      type: integer
+                                                    path:
+                                                      nullable: true
+                                                      type: string
+                                                    resourceFieldRef:
+                                                      nullable: true
+                                                      properties:
+                                                        containerName:
+                                                          nullable: true
+                                                          type: string
+                                                        divisor:
+                                                          nullable: true
+                                                          type: string
+                                                        resource:
+                                                          nullable: true
+                                                          type: string
+                                                      type: object
+                                                  type: object
+                                                nullable: true
+                                                type: array
+                                            type: object
+                                          secret:
+                                            nullable: true
+                                            properties:
+                                              items:
+                                                items:
+                                                  properties:
+                                                    key:
+                                                      nullable: true
+                                                      type: string
+                                                    mode:
+                                                      nullable: true
+                                                      type: integer
+                                                    path:
+                                                      nullable: true
+                                                      type: string
+                                                  type: object
+                                                nullable: true
+                                                type: array
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              optional:
+                                                nullable: true
+                                                type: boolean
+                                            type: object
+                                          serviceAccountToken:
+                                            nullable: true
+                                            properties:
+                                              audience:
+                                                nullable: true
+                                                type: string
+                                              expirationSeconds:
+                                                nullable: true
+                                                type: integer
+                                              path:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                        type: object
+                                      nullable: true
+                                      type: array
+                                  type: object
+                                quobyte:
+                                  nullable: true
+                                  properties:
+                                    group:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                    registry:
+                                      nullable: true
+                                      type: string
+                                    tenant:
+                                      nullable: true
+                                      type: string
+                                    user:
+                                      nullable: true
+                                      type: string
+                                    volume:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                rbd:
+                                  nullable: true
+                                  properties:
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    image:
+                                      nullable: true
+                                      type: string
+                                    keyring:
+                                      nullable: true
+                                      type: string
+                                    monitors:
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                    pool:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                    secretRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    user:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                scaleIO:
+                                  nullable: true
+                                  properties:
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    gateway:
+                                      nullable: true
+                                      type: string
+                                    protectionDomain:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                    secretRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    sslEnabled:
+                                      type: boolean
+                                    storageMode:
+                                      nullable: true
+                                      type: string
+                                    storagePool:
+                                      nullable: true
+                                      type: string
+                                    system:
+                                      nullable: true
+                                      type: string
+                                    volumeName:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                secret:
+                                  nullable: true
+                                  properties:
+                                    defaultMode:
+                                      nullable: true
+                                      type: integer
+                                    items:
+                                      items:
+                                        properties:
+                                          key:
+                                            nullable: true
+                                            type: string
+                                          mode:
+                                            nullable: true
+                                            type: integer
+                                          path:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      nullable: true
+                                      type: array
+                                    optional:
+                                      nullable: true
+                                      type: boolean
+                                    secretName:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                storageos:
+                                  nullable: true
+                                  properties:
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                    secretRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    volumeName:
+                                      nullable: true
+                                      type: string
+                                    volumeNamespace:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                vsphereVolume:
+                                  nullable: true
+                                  properties:
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    storagePolicyID:
+                                      nullable: true
+                                      type: string
+                                    storagePolicyName:
+                                      nullable: true
+                                      type: string
+                                    volumePath:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                    type: object
+                  ttlSecondsAfterFinished:
+                    nullable: true
+                    type: integer
+                type: object
+              syncInterval:
+                type: integer
+            type: object
+          status:
+            properties:
+              commit:
+                nullable: true
+                type: string
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      nullable: true
+                      type: string
+                    lastUpdateTime:
+                      nullable: true
+                      type: string
+                    message:
+                      nullable: true
+                      type: string
+                    reason:
+                      nullable: true
+                      type: string
+                    status:
+                      nullable: true
+                      type: string
+                    type:
+                      nullable: true
+                      type: string
+                  type: object
+                nullable: true
+                type: array
+              event:
+                nullable: true
+                type: string
+              hookId:
+                nullable: true
+                type: string
+              jobStatus:
+                nullable: true
+                type: string
+              lastExecutedCommit:
+                nullable: true
+                type: string
+              lastSyncedTime:
+                nullable: true
+                type: string
+              observedGeneration:
+                type: integer
+              secretToken:
+                nullable: true
+                type: string
+              updateGeneration:
+                type: integer
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+{{- else -}}
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: gitjobs.gitjob.cattle.io
+spec:
+  additionalPrinterColumns:
+  - JSONPath: .spec.git.repo
+    name: REPO
+    type: string
+  - JSONPath: .spec.git.branch
+    name: BRANCH
+    type: string
+  - JSONPath: .status.commit
+    name: COMMIT
+    type: string
+  - JSONPath: .status.jobStatus
+    name: JOBSTATUS
+    type: string
+  - JSONPath: .metadata.creationTimestamp
+    name: Age
+    type: date
+  group: gitjob.cattle.io
+  names:
+    kind: GitJob
+    plural: gitjobs
+    singular: gitjob
+  preserveUnknownFields: false
+  scope: Namespaced
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      properties:
+        spec:
+          properties:
+            forceUpdateGeneration:
+              type: integer
+            git:
+              properties:
+                branch:
+                  nullable: true
+                  type: string
+                caBundle:
+                  nullable: true
+                  type: string
+                clientSecretName:
+                  nullable: true
+                  type: string
+                insecureSkipTLSVerify:
+                  type: boolean
+                onTag:
+                  nullable: true
+                  type: string
+                provider:
+                  nullable: true
+                  type: string
+                repo:
+                  nullable: true
+                  type: string
+                revision:
+                  nullable: true
+                  type: string
+              type: object
+            jobSpec:
+              properties:
+                activeDeadlineSeconds:
+                  nullable: true
+                  type: integer
+                backoffLimit:
+                  nullable: true
+                  type: integer
+                backoffLimitPerIndex:
+                  nullable: true
+                  type: integer
+                completionMode:
+                  nullable: true
+                  type: string
+                completions:
+                  nullable: true
+                  type: integer
+                manualSelector:
+                  nullable: true
+                  type: boolean
+                maxFailedIndexes:
+                  nullable: true
+                  type: integer
+                parallelism:
+                  nullable: true
+                  type: integer
+                podFailurePolicy:
+                  nullable: true
+                  properties:
+                    rules:
+                      items:
+                        properties:
+                          action:
+                            nullable: true
+                            type: string
+                          onExitCodes:
+                            nullable: true
+                            properties:
+                              containerName:
+                                nullable: true
+                                type: string
+                              operator:
+                                nullable: true
+                                type: string
+                              values:
+                                items:
+                                  type: integer
+                                nullable: true
+                                type: array
+                            type: object
+                          onPodConditions:
+                            items:
+                              properties:
+                                status:
+                                  nullable: true
+                                  type: string
+                                type:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      nullable: true
+                      type: array
+                  type: object
+                podReplacementPolicy:
+                  nullable: true
+                  type: string
+                selector:
+                  nullable: true
+                  properties:
+                    matchExpressions:
+                      items:
+                        properties:
+                          key:
+                            nullable: true
+                            type: string
+                          operator:
+                            nullable: true
+                            type: string
+                          values:
+                            items:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: array
+                        type: object
+                      nullable: true
+                      type: array
+                    matchLabels:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: object
+                  type: object
+                suspend:
+                  nullable: true
+                  type: boolean
+                template:
+                  properties:
+                    metadata:
+                      properties:
+                        annotations:
+                          additionalProperties:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: object
+                        creationTimestamp:
+                          nullable: true
+                          type: string
+                        deletionGracePeriodSeconds:
+                          nullable: true
+                          type: integer
+                        deletionTimestamp:
+                          nullable: true
+                          type: string
+                        finalizers:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        generateName:
+                          nullable: true
+                          type: string
+                        generation:
+                          type: integer
+                        labels:
+                          additionalProperties:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: object
+                        managedFields:
+                          items:
+                            properties:
+                              apiVersion:
+                                nullable: true
+                                type: string
+                              fieldsType:
+                                nullable: true
+                                type: string
+                              fieldsV1:
+                                nullable: true
+                                type: object
+                              manager:
+                                nullable: true
+                                type: string
+                              operation:
+                                nullable: true
+                                type: string
+                              subresource:
+                                nullable: true
+                                type: string
+                              time:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                        name:
+                          nullable: true
+                          type: string
+                        namespace:
+                          nullable: true
+                          type: string
+                        ownerReferences:
+                          items:
+                            properties:
+                              apiVersion:
+                                nullable: true
+                                type: string
+                              blockOwnerDeletion:
+                                nullable: true
+                                type: boolean
+                              controller:
+                                nullable: true
+                                type: boolean
+                              kind:
+                                nullable: true
+                                type: string
+                              name:
+                                nullable: true
+                                type: string
+                              uid:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                        resourceVersion:
+                          nullable: true
+                          type: string
+                        selfLink:
+                          nullable: true
+                          type: string
+                        uid:
+                          nullable: true
+                          type: string
+                      type: object
+                    spec:
+                      properties:
+                        activeDeadlineSeconds:
+                          nullable: true
+                          type: integer
+                        affinity:
+                          nullable: true
+                          properties:
+                            nodeAffinity:
+                              nullable: true
+                              properties:
+                                preferredDuringSchedulingIgnoredDuringExecution:
+                                  items:
+                                    properties:
+                                      preference:
+                                        properties:
+                                          matchExpressions:
+                                            items:
+                                              properties:
+                                                key:
+                                                  nullable: true
+                                                  type: string
+                                                operator:
+                                                  nullable: true
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: array
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          matchFields:
+                                            items:
+                                              properties:
+                                                key:
+                                                  nullable: true
+                                                  type: string
+                                                operator:
+                                                  nullable: true
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: array
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                        type: object
+                                      weight:
+                                        type: integer
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                requiredDuringSchedulingIgnoredDuringExecution:
+                                  nullable: true
+                                  properties:
+                                    nodeSelectorTerms:
+                                      items:
+                                        properties:
+                                          matchExpressions:
+                                            items:
+                                              properties:
+                                                key:
+                                                  nullable: true
+                                                  type: string
+                                                operator:
+                                                  nullable: true
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: array
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          matchFields:
+                                            items:
+                                              properties:
+                                                key:
+                                                  nullable: true
+                                                  type: string
+                                                operator:
+                                                  nullable: true
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: array
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                        type: object
+                                      nullable: true
+                                      type: array
+                                  type: object
+                              type: object
+                            podAffinity:
+                              nullable: true
+                              properties:
+                                preferredDuringSchedulingIgnoredDuringExecution:
+                                  items:
+                                    properties:
+                                      podAffinityTerm:
+                                        properties:
+                                          labelSelector:
+                                            nullable: true
+                                            properties:
+                                              matchExpressions:
+                                                items:
+                                                  properties:
+                                                    key:
+                                                      nullable: true
+                                                      type: string
+                                                    operator:
+                                                      nullable: true
+                                                      type: string
+                                                    values:
+                                                      items:
+                                                        nullable: true
+                                                        type: string
+                                                      nullable: true
+                                                      type: array
+                                                  type: object
+                                                nullable: true
+                                                type: array
+                                              matchLabels:
+                                                additionalProperties:
+                                                  nullable: true
+                                                  type: string
+                                                nullable: true
+                                                type: object
+                                            type: object
+                                          namespaceSelector:
+                                            nullable: true
+                                            properties:
+                                              matchExpressions:
+                                                items:
+                                                  properties:
+                                                    key:
+                                                      nullable: true
+                                                      type: string
+                                                    operator:
+                                                      nullable: true
+                                                      type: string
+                                                    values:
+                                                      items:
+                                                        nullable: true
+                                                        type: string
+                                                      nullable: true
+                                                      type: array
+                                                  type: object
+                                                nullable: true
+                                                type: array
+                                              matchLabels:
+                                                additionalProperties:
+                                                  nullable: true
+                                                  type: string
+                                                nullable: true
+                                                type: object
+                                            type: object
+                                          namespaces:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                          topologyKey:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      weight:
+                                        type: integer
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                requiredDuringSchedulingIgnoredDuringExecution:
+                                  items:
+                                    properties:
+                                      labelSelector:
+                                        nullable: true
+                                        properties:
+                                          matchExpressions:
+                                            items:
+                                              properties:
+                                                key:
+                                                  nullable: true
+                                                  type: string
+                                                operator:
+                                                  nullable: true
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: array
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          matchLabels:
+                                            additionalProperties:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: object
+                                        type: object
+                                      namespaceSelector:
+                                        nullable: true
+                                        properties:
+                                          matchExpressions:
+                                            items:
+                                              properties:
+                                                key:
+                                                  nullable: true
+                                                  type: string
+                                                operator:
+                                                  nullable: true
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: array
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          matchLabels:
+                                            additionalProperties:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: object
+                                        type: object
+                                      namespaces:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                      topologyKey:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                              type: object
+                            podAntiAffinity:
+                              nullable: true
+                              properties:
+                                preferredDuringSchedulingIgnoredDuringExecution:
+                                  items:
+                                    properties:
+                                      podAffinityTerm:
+                                        properties:
+                                          labelSelector:
+                                            nullable: true
+                                            properties:
+                                              matchExpressions:
+                                                items:
+                                                  properties:
+                                                    key:
+                                                      nullable: true
+                                                      type: string
+                                                    operator:
+                                                      nullable: true
+                                                      type: string
+                                                    values:
+                                                      items:
+                                                        nullable: true
+                                                        type: string
+                                                      nullable: true
+                                                      type: array
+                                                  type: object
+                                                nullable: true
+                                                type: array
+                                              matchLabels:
+                                                additionalProperties:
+                                                  nullable: true
+                                                  type: string
+                                                nullable: true
+                                                type: object
+                                            type: object
+                                          namespaceSelector:
+                                            nullable: true
+                                            properties:
+                                              matchExpressions:
+                                                items:
+                                                  properties:
+                                                    key:
+                                                      nullable: true
+                                                      type: string
+                                                    operator:
+                                                      nullable: true
+                                                      type: string
+                                                    values:
+                                                      items:
+                                                        nullable: true
+                                                        type: string
+                                                      nullable: true
+                                                      type: array
+                                                  type: object
+                                                nullable: true
+                                                type: array
+                                              matchLabels:
+                                                additionalProperties:
+                                                  nullable: true
+                                                  type: string
+                                                nullable: true
+                                                type: object
+                                            type: object
+                                          namespaces:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                          topologyKey:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      weight:
+                                        type: integer
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                requiredDuringSchedulingIgnoredDuringExecution:
+                                  items:
+                                    properties:
+                                      labelSelector:
+                                        nullable: true
+                                        properties:
+                                          matchExpressions:
+                                            items:
+                                              properties:
+                                                key:
+                                                  nullable: true
+                                                  type: string
+                                                operator:
+                                                  nullable: true
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: array
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          matchLabels:
+                                            additionalProperties:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: object
+                                        type: object
+                                      namespaceSelector:
+                                        nullable: true
+                                        properties:
+                                          matchExpressions:
+                                            items:
+                                              properties:
+                                                key:
+                                                  nullable: true
+                                                  type: string
+                                                operator:
+                                                  nullable: true
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: array
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          matchLabels:
+                                            additionalProperties:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: object
+                                        type: object
+                                      namespaces:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                      topologyKey:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                              type: object
+                          type: object
+                        automountServiceAccountToken:
+                          nullable: true
+                          type: boolean
+                        containers:
+                          items:
+                            properties:
+                              args:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              command:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              env:
+                                items:
+                                  properties:
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    value:
+                                      nullable: true
+                                      type: string
+                                    valueFrom:
+                                      nullable: true
+                                      properties:
+                                        configMapKeyRef:
+                                          nullable: true
+                                          properties:
+                                            key:
+                                              nullable: true
+                                              type: string
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            optional:
+                                              nullable: true
+                                              type: boolean
+                                          type: object
+                                        fieldRef:
+                                          nullable: true
+                                          properties:
+                                            apiVersion:
+                                              nullable: true
+                                              type: string
+                                            fieldPath:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        resourceFieldRef:
+                                          nullable: true
+                                          properties:
+                                            containerName:
+                                              nullable: true
+                                              type: string
+                                            divisor:
+                                              nullable: true
+                                              type: string
+                                            resource:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        secretKeyRef:
+                                          nullable: true
+                                          properties:
+                                            key:
+                                              nullable: true
+                                              type: string
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            optional:
+                                              nullable: true
+                                              type: boolean
+                                          type: object
+                                      type: object
+                                  type: object
+                                nullable: true
+                                type: array
+                              envFrom:
+                                items:
+                                  properties:
+                                    configMapRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                        optional:
+                                          nullable: true
+                                          type: boolean
+                                      type: object
+                                    prefix:
+                                      nullable: true
+                                      type: string
+                                    secretRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                        optional:
+                                          nullable: true
+                                          type: boolean
+                                      type: object
+                                  type: object
+                                nullable: true
+                                type: array
+                              image:
+                                nullable: true
+                                type: string
+                              imagePullPolicy:
+                                nullable: true
+                                type: string
+                              lifecycle:
+                                nullable: true
+                                properties:
+                                  postStart:
+                                    nullable: true
+                                    properties:
+                                      exec:
+                                        nullable: true
+                                        properties:
+                                          command:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                        type: object
+                                      httpGet:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          httpHeaders:
+                                            items:
+                                              properties:
+                                                name:
+                                                  nullable: true
+                                                  type: string
+                                                value:
+                                                  nullable: true
+                                                  type: string
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          path:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                          scheme:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      tcpSocket:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                        type: object
+                                    type: object
+                                  preStop:
+                                    nullable: true
+                                    properties:
+                                      exec:
+                                        nullable: true
+                                        properties:
+                                          command:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                        type: object
+                                      httpGet:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          httpHeaders:
+                                            items:
+                                              properties:
+                                                name:
+                                                  nullable: true
+                                                  type: string
+                                                value:
+                                                  nullable: true
+                                                  type: string
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          path:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                          scheme:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      tcpSocket:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                        type: object
+                                    type: object
+                                type: object
+                              livenessProbe:
+                                nullable: true
+                                properties:
+                                  exec:
+                                    nullable: true
+                                    properties:
+                                      command:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  failureThreshold:
+                                    type: integer
+                                  grpc:
+                                    nullable: true
+                                    properties:
+                                      port:
+                                        type: integer
+                                      service:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  httpGet:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      httpHeaders:
+                                        items:
+                                          properties:
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            value:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      path:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                      scheme:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  initialDelaySeconds:
+                                    type: integer
+                                  periodSeconds:
+                                    type: integer
+                                  successThreshold:
+                                    type: integer
+                                  tcpSocket:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                    type: object
+                                  terminationGracePeriodSeconds:
+                                    nullable: true
+                                    type: integer
+                                  timeoutSeconds:
+                                    type: integer
+                                type: object
+                              name:
+                                nullable: true
+                                type: string
+                              ports:
+                                items:
+                                  properties:
+                                    containerPort:
+                                      type: integer
+                                    hostIP:
+                                      nullable: true
+                                      type: string
+                                    hostPort:
+                                      type: integer
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    protocol:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              readinessProbe:
+                                nullable: true
+                                properties:
+                                  exec:
+                                    nullable: true
+                                    properties:
+                                      command:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  failureThreshold:
+                                    type: integer
+                                  grpc:
+                                    nullable: true
+                                    properties:
+                                      port:
+                                        type: integer
+                                      service:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  httpGet:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      httpHeaders:
+                                        items:
+                                          properties:
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            value:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      path:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                      scheme:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  initialDelaySeconds:
+                                    type: integer
+                                  periodSeconds:
+                                    type: integer
+                                  successThreshold:
+                                    type: integer
+                                  tcpSocket:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                    type: object
+                                  terminationGracePeriodSeconds:
+                                    nullable: true
+                                    type: integer
+                                  timeoutSeconds:
+                                    type: integer
+                                type: object
+                              resizePolicy:
+                                items:
+                                  properties:
+                                    resourceName:
+                                      nullable: true
+                                      type: string
+                                    restartPolicy:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              resources:
+                                properties:
+                                  claims:
+                                    items:
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  limits:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: object
+                                  requests:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: object
+                                type: object
+                              restartPolicy:
+                                nullable: true
+                                type: string
+                              securityContext:
+                                nullable: true
+                                properties:
+                                  allowPrivilegeEscalation:
+                                    nullable: true
+                                    type: boolean
+                                  capabilities:
+                                    nullable: true
+                                    properties:
+                                      add:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                      drop:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  privileged:
+                                    nullable: true
+                                    type: boolean
+                                  procMount:
+                                    nullable: true
+                                    type: string
+                                  readOnlyRootFilesystem:
+                                    nullable: true
+                                    type: boolean
+                                  runAsGroup:
+                                    nullable: true
+                                    type: integer
+                                  runAsNonRoot:
+                                    nullable: true
+                                    type: boolean
+                                  runAsUser:
+                                    nullable: true
+                                    type: integer
+                                  seLinuxOptions:
+                                    nullable: true
+                                    properties:
+                                      level:
+                                        nullable: true
+                                        type: string
+                                      role:
+                                        nullable: true
+                                        type: string
+                                      type:
+                                        nullable: true
+                                        type: string
+                                      user:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  seccompProfile:
+                                    nullable: true
+                                    properties:
+                                      localhostProfile:
+                                        nullable: true
+                                        type: string
+                                      type:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  windowsOptions:
+                                    nullable: true
+                                    properties:
+                                      gmsaCredentialSpec:
+                                        nullable: true
+                                        type: string
+                                      gmsaCredentialSpecName:
+                                        nullable: true
+                                        type: string
+                                      hostProcess:
+                                        nullable: true
+                                        type: boolean
+                                      runAsUserName:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                type: object
+                              startupProbe:
+                                nullable: true
+                                properties:
+                                  exec:
+                                    nullable: true
+                                    properties:
+                                      command:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  failureThreshold:
+                                    type: integer
+                                  grpc:
+                                    nullable: true
+                                    properties:
+                                      port:
+                                        type: integer
+                                      service:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  httpGet:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      httpHeaders:
+                                        items:
+                                          properties:
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            value:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      path:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                      scheme:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  initialDelaySeconds:
+                                    type: integer
+                                  periodSeconds:
+                                    type: integer
+                                  successThreshold:
+                                    type: integer
+                                  tcpSocket:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                    type: object
+                                  terminationGracePeriodSeconds:
+                                    nullable: true
+                                    type: integer
+                                  timeoutSeconds:
+                                    type: integer
+                                type: object
+                              stdin:
+                                type: boolean
+                              stdinOnce:
+                                type: boolean
+                              terminationMessagePath:
+                                nullable: true
+                                type: string
+                              terminationMessagePolicy:
+                                nullable: true
+                                type: string
+                              tty:
+                                type: boolean
+                              volumeDevices:
+                                items:
+                                  properties:
+                                    devicePath:
+                                      nullable: true
+                                      type: string
+                                    name:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              volumeMounts:
+                                items:
+                                  properties:
+                                    mountPath:
+                                      nullable: true
+                                      type: string
+                                    mountPropagation:
+                                      nullable: true
+                                      type: string
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                    subPath:
+                                      nullable: true
+                                      type: string
+                                    subPathExpr:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              workingDir:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                        dnsConfig:
+                          nullable: true
+                          properties:
+                            nameservers:
+                              items:
+                                nullable: true
+                                type: string
+                              nullable: true
+                              type: array
+                            options:
+                              items:
+                                properties:
+                                  name:
+                                    nullable: true
+                                    type: string
+                                  value:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              nullable: true
+                              type: array
+                            searches:
+                              items:
+                                nullable: true
+                                type: string
+                              nullable: true
+                              type: array
+                          type: object
+                        dnsPolicy:
+                          nullable: true
+                          type: string
+                        enableServiceLinks:
+                          nullable: true
+                          type: boolean
+                        ephemeralContainers:
+                          items:
+                            properties:
+                              args:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              command:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              env:
+                                items:
+                                  properties:
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    value:
+                                      nullable: true
+                                      type: string
+                                    valueFrom:
+                                      nullable: true
+                                      properties:
+                                        configMapKeyRef:
+                                          nullable: true
+                                          properties:
+                                            key:
+                                              nullable: true
+                                              type: string
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            optional:
+                                              nullable: true
+                                              type: boolean
+                                          type: object
+                                        fieldRef:
+                                          nullable: true
+                                          properties:
+                                            apiVersion:
+                                              nullable: true
+                                              type: string
+                                            fieldPath:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        resourceFieldRef:
+                                          nullable: true
+                                          properties:
+                                            containerName:
+                                              nullable: true
+                                              type: string
+                                            divisor:
+                                              nullable: true
+                                              type: string
+                                            resource:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        secretKeyRef:
+                                          nullable: true
+                                          properties:
+                                            key:
+                                              nullable: true
+                                              type: string
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            optional:
+                                              nullable: true
+                                              type: boolean
+                                          type: object
+                                      type: object
+                                  type: object
+                                nullable: true
+                                type: array
+                              envFrom:
+                                items:
+                                  properties:
+                                    configMapRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                        optional:
+                                          nullable: true
+                                          type: boolean
+                                      type: object
+                                    prefix:
+                                      nullable: true
+                                      type: string
+                                    secretRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                        optional:
+                                          nullable: true
+                                          type: boolean
+                                      type: object
+                                  type: object
+                                nullable: true
+                                type: array
+                              image:
+                                nullable: true
+                                type: string
+                              imagePullPolicy:
+                                nullable: true
+                                type: string
+                              lifecycle:
+                                nullable: true
+                                properties:
+                                  postStart:
+                                    nullable: true
+                                    properties:
+                                      exec:
+                                        nullable: true
+                                        properties:
+                                          command:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                        type: object
+                                      httpGet:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          httpHeaders:
+                                            items:
+                                              properties:
+                                                name:
+                                                  nullable: true
+                                                  type: string
+                                                value:
+                                                  nullable: true
+                                                  type: string
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          path:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                          scheme:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      tcpSocket:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                        type: object
+                                    type: object
+                                  preStop:
+                                    nullable: true
+                                    properties:
+                                      exec:
+                                        nullable: true
+                                        properties:
+                                          command:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                        type: object
+                                      httpGet:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          httpHeaders:
+                                            items:
+                                              properties:
+                                                name:
+                                                  nullable: true
+                                                  type: string
+                                                value:
+                                                  nullable: true
+                                                  type: string
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          path:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                          scheme:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      tcpSocket:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                        type: object
+                                    type: object
+                                type: object
+                              livenessProbe:
+                                nullable: true
+                                properties:
+                                  exec:
+                                    nullable: true
+                                    properties:
+                                      command:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  failureThreshold:
+                                    type: integer
+                                  grpc:
+                                    nullable: true
+                                    properties:
+                                      port:
+                                        type: integer
+                                      service:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  httpGet:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      httpHeaders:
+                                        items:
+                                          properties:
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            value:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      path:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                      scheme:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  initialDelaySeconds:
+                                    type: integer
+                                  periodSeconds:
+                                    type: integer
+                                  successThreshold:
+                                    type: integer
+                                  tcpSocket:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                    type: object
+                                  terminationGracePeriodSeconds:
+                                    nullable: true
+                                    type: integer
+                                  timeoutSeconds:
+                                    type: integer
+                                type: object
+                              name:
+                                nullable: true
+                                type: string
+                              ports:
+                                items:
+                                  properties:
+                                    containerPort:
+                                      type: integer
+                                    hostIP:
+                                      nullable: true
+                                      type: string
+                                    hostPort:
+                                      type: integer
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    protocol:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              readinessProbe:
+                                nullable: true
+                                properties:
+                                  exec:
+                                    nullable: true
+                                    properties:
+                                      command:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  failureThreshold:
+                                    type: integer
+                                  grpc:
+                                    nullable: true
+                                    properties:
+                                      port:
+                                        type: integer
+                                      service:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  httpGet:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      httpHeaders:
+                                        items:
+                                          properties:
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            value:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      path:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                      scheme:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  initialDelaySeconds:
+                                    type: integer
+                                  periodSeconds:
+                                    type: integer
+                                  successThreshold:
+                                    type: integer
+                                  tcpSocket:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                    type: object
+                                  terminationGracePeriodSeconds:
+                                    nullable: true
+                                    type: integer
+                                  timeoutSeconds:
+                                    type: integer
+                                type: object
+                              resizePolicy:
+                                items:
+                                  properties:
+                                    resourceName:
+                                      nullable: true
+                                      type: string
+                                    restartPolicy:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              resources:
+                                properties:
+                                  claims:
+                                    items:
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  limits:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: object
+                                  requests:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: object
+                                type: object
+                              restartPolicy:
+                                nullable: true
+                                type: string
+                              securityContext:
+                                nullable: true
+                                properties:
+                                  allowPrivilegeEscalation:
+                                    nullable: true
+                                    type: boolean
+                                  capabilities:
+                                    nullable: true
+                                    properties:
+                                      add:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                      drop:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  privileged:
+                                    nullable: true
+                                    type: boolean
+                                  procMount:
+                                    nullable: true
+                                    type: string
+                                  readOnlyRootFilesystem:
+                                    nullable: true
+                                    type: boolean
+                                  runAsGroup:
+                                    nullable: true
+                                    type: integer
+                                  runAsNonRoot:
+                                    nullable: true
+                                    type: boolean
+                                  runAsUser:
+                                    nullable: true
+                                    type: integer
+                                  seLinuxOptions:
+                                    nullable: true
+                                    properties:
+                                      level:
+                                        nullable: true
+                                        type: string
+                                      role:
+                                        nullable: true
+                                        type: string
+                                      type:
+                                        nullable: true
+                                        type: string
+                                      user:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  seccompProfile:
+                                    nullable: true
+                                    properties:
+                                      localhostProfile:
+                                        nullable: true
+                                        type: string
+                                      type:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  windowsOptions:
+                                    nullable: true
+                                    properties:
+                                      gmsaCredentialSpec:
+                                        nullable: true
+                                        type: string
+                                      gmsaCredentialSpecName:
+                                        nullable: true
+                                        type: string
+                                      hostProcess:
+                                        nullable: true
+                                        type: boolean
+                                      runAsUserName:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                type: object
+                              startupProbe:
+                                nullable: true
+                                properties:
+                                  exec:
+                                    nullable: true
+                                    properties:
+                                      command:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  failureThreshold:
+                                    type: integer
+                                  grpc:
+                                    nullable: true
+                                    properties:
+                                      port:
+                                        type: integer
+                                      service:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  httpGet:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      httpHeaders:
+                                        items:
+                                          properties:
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            value:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      path:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                      scheme:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  initialDelaySeconds:
+                                    type: integer
+                                  periodSeconds:
+                                    type: integer
+                                  successThreshold:
+                                    type: integer
+                                  tcpSocket:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                    type: object
+                                  terminationGracePeriodSeconds:
+                                    nullable: true
+                                    type: integer
+                                  timeoutSeconds:
+                                    type: integer
+                                type: object
+                              stdin:
+                                type: boolean
+                              stdinOnce:
+                                type: boolean
+                              targetContainerName:
+                                nullable: true
+                                type: string
+                              terminationMessagePath:
+                                nullable: true
+                                type: string
+                              terminationMessagePolicy:
+                                nullable: true
+                                type: string
+                              tty:
+                                type: boolean
+                              volumeDevices:
+                                items:
+                                  properties:
+                                    devicePath:
+                                      nullable: true
+                                      type: string
+                                    name:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              volumeMounts:
+                                items:
+                                  properties:
+                                    mountPath:
+                                      nullable: true
+                                      type: string
+                                    mountPropagation:
+                                      nullable: true
+                                      type: string
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                    subPath:
+                                      nullable: true
+                                      type: string
+                                    subPathExpr:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              workingDir:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                        hostAliases:
+                          items:
+                            properties:
+                              hostnames:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              ip:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                        hostIPC:
+                          type: boolean
+                        hostNetwork:
+                          type: boolean
+                        hostPID:
+                          type: boolean
+                        hostUsers:
+                          nullable: true
+                          type: boolean
+                        hostname:
+                          nullable: true
+                          type: string
+                        imagePullSecrets:
+                          items:
+                            properties:
+                              name:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                        initContainers:
+                          items:
+                            properties:
+                              args:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              command:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              env:
+                                items:
+                                  properties:
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    value:
+                                      nullable: true
+                                      type: string
+                                    valueFrom:
+                                      nullable: true
+                                      properties:
+                                        configMapKeyRef:
+                                          nullable: true
+                                          properties:
+                                            key:
+                                              nullable: true
+                                              type: string
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            optional:
+                                              nullable: true
+                                              type: boolean
+                                          type: object
+                                        fieldRef:
+                                          nullable: true
+                                          properties:
+                                            apiVersion:
+                                              nullable: true
+                                              type: string
+                                            fieldPath:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        resourceFieldRef:
+                                          nullable: true
+                                          properties:
+                                            containerName:
+                                              nullable: true
+                                              type: string
+                                            divisor:
+                                              nullable: true
+                                              type: string
+                                            resource:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        secretKeyRef:
+                                          nullable: true
+                                          properties:
+                                            key:
+                                              nullable: true
+                                              type: string
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            optional:
+                                              nullable: true
+                                              type: boolean
+                                          type: object
+                                      type: object
+                                  type: object
+                                nullable: true
+                                type: array
+                              envFrom:
+                                items:
+                                  properties:
+                                    configMapRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                        optional:
+                                          nullable: true
+                                          type: boolean
+                                      type: object
+                                    prefix:
+                                      nullable: true
+                                      type: string
+                                    secretRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                        optional:
+                                          nullable: true
+                                          type: boolean
+                                      type: object
+                                  type: object
+                                nullable: true
+                                type: array
+                              image:
+                                nullable: true
+                                type: string
+                              imagePullPolicy:
+                                nullable: true
+                                type: string
+                              lifecycle:
+                                nullable: true
+                                properties:
+                                  postStart:
+                                    nullable: true
+                                    properties:
+                                      exec:
+                                        nullable: true
+                                        properties:
+                                          command:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                        type: object
+                                      httpGet:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          httpHeaders:
+                                            items:
+                                              properties:
+                                                name:
+                                                  nullable: true
+                                                  type: string
+                                                value:
+                                                  nullable: true
+                                                  type: string
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          path:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                          scheme:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      tcpSocket:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                        type: object
+                                    type: object
+                                  preStop:
+                                    nullable: true
+                                    properties:
+                                      exec:
+                                        nullable: true
+                                        properties:
+                                          command:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                        type: object
+                                      httpGet:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          httpHeaders:
+                                            items:
+                                              properties:
+                                                name:
+                                                  nullable: true
+                                                  type: string
+                                                value:
+                                                  nullable: true
+                                                  type: string
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          path:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                          scheme:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      tcpSocket:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                        type: object
+                                    type: object
+                                type: object
+                              livenessProbe:
+                                nullable: true
+                                properties:
+                                  exec:
+                                    nullable: true
+                                    properties:
+                                      command:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  failureThreshold:
+                                    type: integer
+                                  grpc:
+                                    nullable: true
+                                    properties:
+                                      port:
+                                        type: integer
+                                      service:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  httpGet:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      httpHeaders:
+                                        items:
+                                          properties:
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            value:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      path:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                      scheme:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  initialDelaySeconds:
+                                    type: integer
+                                  periodSeconds:
+                                    type: integer
+                                  successThreshold:
+                                    type: integer
+                                  tcpSocket:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                    type: object
+                                  terminationGracePeriodSeconds:
+                                    nullable: true
+                                    type: integer
+                                  timeoutSeconds:
+                                    type: integer
+                                type: object
+                              name:
+                                nullable: true
+                                type: string
+                              ports:
+                                items:
+                                  properties:
+                                    containerPort:
+                                      type: integer
+                                    hostIP:
+                                      nullable: true
+                                      type: string
+                                    hostPort:
+                                      type: integer
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    protocol:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              readinessProbe:
+                                nullable: true
+                                properties:
+                                  exec:
+                                    nullable: true
+                                    properties:
+                                      command:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  failureThreshold:
+                                    type: integer
+                                  grpc:
+                                    nullable: true
+                                    properties:
+                                      port:
+                                        type: integer
+                                      service:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  httpGet:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      httpHeaders:
+                                        items:
+                                          properties:
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            value:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      path:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                      scheme:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  initialDelaySeconds:
+                                    type: integer
+                                  periodSeconds:
+                                    type: integer
+                                  successThreshold:
+                                    type: integer
+                                  tcpSocket:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                    type: object
+                                  terminationGracePeriodSeconds:
+                                    nullable: true
+                                    type: integer
+                                  timeoutSeconds:
+                                    type: integer
+                                type: object
+                              resizePolicy:
+                                items:
+                                  properties:
+                                    resourceName:
+                                      nullable: true
+                                      type: string
+                                    restartPolicy:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              resources:
+                                properties:
+                                  claims:
+                                    items:
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  limits:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: object
+                                  requests:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: object
+                                type: object
+                              restartPolicy:
+                                nullable: true
+                                type: string
+                              securityContext:
+                                nullable: true
+                                properties:
+                                  allowPrivilegeEscalation:
+                                    nullable: true
+                                    type: boolean
+                                  capabilities:
+                                    nullable: true
+                                    properties:
+                                      add:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                      drop:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  privileged:
+                                    nullable: true
+                                    type: boolean
+                                  procMount:
+                                    nullable: true
+                                    type: string
+                                  readOnlyRootFilesystem:
+                                    nullable: true
+                                    type: boolean
+                                  runAsGroup:
+                                    nullable: true
+                                    type: integer
+                                  runAsNonRoot:
+                                    nullable: true
+                                    type: boolean
+                                  runAsUser:
+                                    nullable: true
+                                    type: integer
+                                  seLinuxOptions:
+                                    nullable: true
+                                    properties:
+                                      level:
+                                        nullable: true
+                                        type: string
+                                      role:
+                                        nullable: true
+                                        type: string
+                                      type:
+                                        nullable: true
+                                        type: string
+                                      user:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  seccompProfile:
+                                    nullable: true
+                                    properties:
+                                      localhostProfile:
+                                        nullable: true
+                                        type: string
+                                      type:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  windowsOptions:
+                                    nullable: true
+                                    properties:
+                                      gmsaCredentialSpec:
+                                        nullable: true
+                                        type: string
+                                      gmsaCredentialSpecName:
+                                        nullable: true
+                                        type: string
+                                      hostProcess:
+                                        nullable: true
+                                        type: boolean
+                                      runAsUserName:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                type: object
+                              startupProbe:
+                                nullable: true
+                                properties:
+                                  exec:
+                                    nullable: true
+                                    properties:
+                                      command:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  failureThreshold:
+                                    type: integer
+                                  grpc:
+                                    nullable: true
+                                    properties:
+                                      port:
+                                        type: integer
+                                      service:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  httpGet:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      httpHeaders:
+                                        items:
+                                          properties:
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            value:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      path:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                      scheme:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  initialDelaySeconds:
+                                    type: integer
+                                  periodSeconds:
+                                    type: integer
+                                  successThreshold:
+                                    type: integer
+                                  tcpSocket:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                    type: object
+                                  terminationGracePeriodSeconds:
+                                    nullable: true
+                                    type: integer
+                                  timeoutSeconds:
+                                    type: integer
+                                type: object
+                              stdin:
+                                type: boolean
+                              stdinOnce:
+                                type: boolean
+                              terminationMessagePath:
+                                nullable: true
+                                type: string
+                              terminationMessagePolicy:
+                                nullable: true
+                                type: string
+                              tty:
+                                type: boolean
+                              volumeDevices:
+                                items:
+                                  properties:
+                                    devicePath:
+                                      nullable: true
+                                      type: string
+                                    name:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              volumeMounts:
+                                items:
+                                  properties:
+                                    mountPath:
+                                      nullable: true
+                                      type: string
+                                    mountPropagation:
+                                      nullable: true
+                                      type: string
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                    subPath:
+                                      nullable: true
+                                      type: string
+                                    subPathExpr:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              workingDir:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                        nodeName:
+                          nullable: true
+                          type: string
+                        nodeSelector:
+                          additionalProperties:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: object
+                        os:
+                          nullable: true
+                          properties:
+                            name:
+                              nullable: true
+                              type: string
+                          type: object
+                        overhead:
+                          additionalProperties:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: object
+                        preemptionPolicy:
+                          nullable: true
+                          type: string
+                        priority:
+                          nullable: true
+                          type: integer
+                        priorityClassName:
+                          nullable: true
+                          type: string
+                        readinessGates:
+                          items:
+                            properties:
+                              conditionType:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                        resourceClaims:
+                          items:
+                            properties:
+                              name:
+                                nullable: true
+                                type: string
+                              source:
+                                properties:
+                                  resourceClaimName:
+                                    nullable: true
+                                    type: string
+                                  resourceClaimTemplateName:
+                                    nullable: true
+                                    type: string
+                                type: object
+                            type: object
+                          nullable: true
+                          type: array
+                        restartPolicy:
+                          nullable: true
+                          type: string
+                        runtimeClassName:
+                          nullable: true
+                          type: string
+                        schedulerName:
+                          nullable: true
+                          type: string
+                        schedulingGates:
+                          items:
+                            properties:
+                              name:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                        securityContext:
+                          nullable: true
+                          properties:
+                            fsGroup:
+                              nullable: true
+                              type: integer
+                            fsGroupChangePolicy:
+                              nullable: true
+                              type: string
+                            runAsGroup:
+                              nullable: true
+                              type: integer
+                            runAsNonRoot:
+                              nullable: true
+                              type: boolean
+                            runAsUser:
+                              nullable: true
+                              type: integer
+                            seLinuxOptions:
+                              nullable: true
+                              properties:
+                                level:
+                                  nullable: true
+                                  type: string
+                                role:
+                                  nullable: true
+                                  type: string
+                                type:
+                                  nullable: true
+                                  type: string
+                                user:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            seccompProfile:
+                              nullable: true
+                              properties:
+                                localhostProfile:
+                                  nullable: true
+                                  type: string
+                                type:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            supplementalGroups:
+                              items:
+                                type: integer
+                              nullable: true
+                              type: array
+                            sysctls:
+                              items:
+                                properties:
+                                  name:
+                                    nullable: true
+                                    type: string
+                                  value:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              nullable: true
+                              type: array
+                            windowsOptions:
+                              nullable: true
+                              properties:
+                                gmsaCredentialSpec:
+                                  nullable: true
+                                  type: string
+                                gmsaCredentialSpecName:
+                                  nullable: true
+                                  type: string
+                                hostProcess:
+                                  nullable: true
+                                  type: boolean
+                                runAsUserName:
+                                  nullable: true
+                                  type: string
+                              type: object
+                          type: object
+                        serviceAccount:
+                          nullable: true
+                          type: string
+                        serviceAccountName:
+                          nullable: true
+                          type: string
+                        setHostnameAsFQDN:
+                          nullable: true
+                          type: boolean
+                        shareProcessNamespace:
+                          nullable: true
+                          type: boolean
+                        subdomain:
+                          nullable: true
+                          type: string
+                        terminationGracePeriodSeconds:
+                          nullable: true
+                          type: integer
+                        tolerations:
+                          items:
+                            properties:
+                              effect:
+                                nullable: true
+                                type: string
+                              key:
+                                nullable: true
+                                type: string
+                              operator:
+                                nullable: true
+                                type: string
+                              tolerationSeconds:
+                                nullable: true
+                                type: integer
+                              value:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                        topologySpreadConstraints:
+                          items:
+                            properties:
+                              labelSelector:
+                                nullable: true
+                                properties:
+                                  matchExpressions:
+                                    items:
+                                      properties:
+                                        key:
+                                          nullable: true
+                                          type: string
+                                        operator:
+                                          nullable: true
+                                          type: string
+                                        values:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  matchLabels:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: object
+                                type: object
+                              matchLabelKeys:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              maxSkew:
+                                type: integer
+                              minDomains:
+                                nullable: true
+                                type: integer
+                              nodeAffinityPolicy:
+                                nullable: true
+                                type: string
+                              nodeTaintsPolicy:
+                                nullable: true
+                                type: string
+                              topologyKey:
+                                nullable: true
+                                type: string
+                              whenUnsatisfiable:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                        volumes:
+                          items:
+                            properties:
+                              awsElasticBlockStore:
+                                nullable: true
+                                properties:
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  partition:
+                                    type: integer
+                                  readOnly:
+                                    type: boolean
+                                  volumeID:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              azureDisk:
+                                nullable: true
+                                properties:
+                                  cachingMode:
+                                    nullable: true
+                                    type: string
+                                  diskName:
+                                    nullable: true
+                                    type: string
+                                  diskURI:
+                                    nullable: true
+                                    type: string
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  kind:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    nullable: true
+                                    type: boolean
+                                type: object
+                              azureFile:
+                                nullable: true
+                                properties:
+                                  readOnly:
+                                    type: boolean
+                                  secretName:
+                                    nullable: true
+                                    type: string
+                                  shareName:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              cephfs:
+                                nullable: true
+                                properties:
+                                  monitors:
+                                    items:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: array
+                                  path:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                  secretFile:
+                                    nullable: true
+                                    type: string
+                                  secretRef:
+                                    nullable: true
+                                    properties:
+                                      name:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  user:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              cinder:
+                                nullable: true
+                                properties:
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                  secretRef:
+                                    nullable: true
+                                    properties:
+                                      name:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  volumeID:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              configMap:
+                                nullable: true
+                                properties:
+                                  defaultMode:
+                                    nullable: true
+                                    type: integer
+                                  items:
+                                    items:
+                                      properties:
+                                        key:
+                                          nullable: true
+                                          type: string
+                                        mode:
+                                          nullable: true
+                                          type: integer
+                                        path:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  name:
+                                    nullable: true
+                                    type: string
+                                  optional:
+                                    nullable: true
+                                    type: boolean
+                                type: object
+                              csi:
+                                nullable: true
+                                properties:
+                                  driver:
+                                    nullable: true
+                                    type: string
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  nodePublishSecretRef:
+                                    nullable: true
+                                    properties:
+                                      name:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  readOnly:
+                                    nullable: true
+                                    type: boolean
+                                  volumeAttributes:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: object
+                                type: object
+                              downwardAPI:
+                                nullable: true
+                                properties:
+                                  defaultMode:
+                                    nullable: true
+                                    type: integer
+                                  items:
+                                    items:
+                                      properties:
+                                        fieldRef:
+                                          nullable: true
+                                          properties:
+                                            apiVersion:
+                                              nullable: true
+                                              type: string
+                                            fieldPath:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        mode:
+                                          nullable: true
+                                          type: integer
+                                        path:
+                                          nullable: true
+                                          type: string
+                                        resourceFieldRef:
+                                          nullable: true
+                                          properties:
+                                            containerName:
+                                              nullable: true
+                                              type: string
+                                            divisor:
+                                              nullable: true
+                                              type: string
+                                            resource:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                type: object
+                              emptyDir:
+                                nullable: true
+                                properties:
+                                  medium:
+                                    nullable: true
+                                    type: string
+                                  sizeLimit:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              ephemeral:
+                                nullable: true
+                                properties:
+                                  volumeClaimTemplate:
+                                    nullable: true
+                                    properties:
+                                      metadata:
+                                        properties:
+                                          annotations:
+                                            additionalProperties:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: object
+                                          creationTimestamp:
+                                            nullable: true
+                                            type: string
+                                          deletionGracePeriodSeconds:
+                                            nullable: true
+                                            type: integer
+                                          deletionTimestamp:
+                                            nullable: true
+                                            type: string
+                                          finalizers:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                          generateName:
+                                            nullable: true
+                                            type: string
+                                          generation:
+                                            type: integer
+                                          labels:
+                                            additionalProperties:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: object
+                                          managedFields:
+                                            items:
+                                              properties:
+                                                apiVersion:
+                                                  nullable: true
+                                                  type: string
+                                                fieldsType:
+                                                  nullable: true
+                                                  type: string
+                                                fieldsV1:
+                                                  nullable: true
+                                                  type: object
+                                                manager:
+                                                  nullable: true
+                                                  type: string
+                                                operation:
+                                                  nullable: true
+                                                  type: string
+                                                subresource:
+                                                  nullable: true
+                                                  type: string
+                                                time:
+                                                  nullable: true
+                                                  type: string
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          name:
+                                            nullable: true
+                                            type: string
+                                          namespace:
+                                            nullable: true
+                                            type: string
+                                          ownerReferences:
+                                            items:
+                                              properties:
+                                                apiVersion:
+                                                  nullable: true
+                                                  type: string
+                                                blockOwnerDeletion:
+                                                  nullable: true
+                                                  type: boolean
+                                                controller:
+                                                  nullable: true
+                                                  type: boolean
+                                                kind:
+                                                  nullable: true
+                                                  type: string
+                                                name:
+                                                  nullable: true
+                                                  type: string
+                                                uid:
+                                                  nullable: true
+                                                  type: string
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          resourceVersion:
+                                            nullable: true
+                                            type: string
+                                          selfLink:
+                                            nullable: true
+                                            type: string
+                                          uid:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      spec:
+                                        properties:
+                                          accessModes:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                          dataSource:
+                                            nullable: true
+                                            properties:
+                                              apiGroup:
+                                                nullable: true
+                                                type: string
+                                              kind:
+                                                nullable: true
+                                                type: string
+                                              name:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          dataSourceRef:
+                                            nullable: true
+                                            properties:
+                                              apiGroup:
+                                                nullable: true
+                                                type: string
+                                              kind:
+                                                nullable: true
+                                                type: string
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              namespace:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          resources:
+                                            properties:
+                                              claims:
+                                                items:
+                                                  properties:
+                                                    name:
+                                                      nullable: true
+                                                      type: string
+                                                  type: object
+                                                nullable: true
+                                                type: array
+                                              limits:
+                                                additionalProperties:
+                                                  nullable: true
+                                                  type: string
+                                                nullable: true
+                                                type: object
+                                              requests:
+                                                additionalProperties:
+                                                  nullable: true
+                                                  type: string
+                                                nullable: true
+                                                type: object
+                                            type: object
+                                          selector:
+                                            nullable: true
+                                            properties:
+                                              matchExpressions:
+                                                items:
+                                                  properties:
+                                                    key:
+                                                      nullable: true
+                                                      type: string
+                                                    operator:
+                                                      nullable: true
+                                                      type: string
+                                                    values:
+                                                      items:
+                                                        nullable: true
+                                                        type: string
+                                                      nullable: true
+                                                      type: array
+                                                  type: object
+                                                nullable: true
+                                                type: array
+                                              matchLabels:
+                                                additionalProperties:
+                                                  nullable: true
+                                                  type: string
+                                                nullable: true
+                                                type: object
+                                            type: object
+                                          storageClassName:
+                                            nullable: true
+                                            type: string
+                                          volumeMode:
+                                            nullable: true
+                                            type: string
+                                          volumeName:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                    type: object
+                                type: object
+                              fc:
+                                nullable: true
+                                properties:
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  lun:
+                                    nullable: true
+                                    type: integer
+                                  readOnly:
+                                    type: boolean
+                                  targetWWNs:
+                                    items:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: array
+                                  wwids:
+                                    items:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: array
+                                type: object
+                              flexVolume:
+                                nullable: true
+                                properties:
+                                  driver:
+                                    nullable: true
+                                    type: string
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  options:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: object
+                                  readOnly:
+                                    type: boolean
+                                  secretRef:
+                                    nullable: true
+                                    properties:
+                                      name:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                type: object
+                              flocker:
+                                nullable: true
+                                properties:
+                                  datasetName:
+                                    nullable: true
+                                    type: string
+                                  datasetUUID:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              gcePersistentDisk:
+                                nullable: true
+                                properties:
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  partition:
+                                    type: integer
+                                  pdName:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                type: object
+                              gitRepo:
+                                nullable: true
+                                properties:
+                                  directory:
+                                    nullable: true
+                                    type: string
+                                  repository:
+                                    nullable: true
+                                    type: string
+                                  revision:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              glusterfs:
+                                nullable: true
+                                properties:
+                                  endpoints:
+                                    nullable: true
+                                    type: string
+                                  path:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                type: object
+                              hostPath:
+                                nullable: true
+                                properties:
+                                  path:
+                                    nullable: true
+                                    type: string
+                                  type:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              iscsi:
+                                nullable: true
+                                properties:
+                                  chapAuthDiscovery:
+                                    type: boolean
+                                  chapAuthSession:
+                                    type: boolean
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  initiatorName:
+                                    nullable: true
+                                    type: string
+                                  iqn:
+                                    nullable: true
+                                    type: string
+                                  iscsiInterface:
+                                    nullable: true
+                                    type: string
+                                  lun:
+                                    type: integer
+                                  portals:
+                                    items:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: array
+                                  readOnly:
+                                    type: boolean
+                                  secretRef:
+                                    nullable: true
+                                    properties:
+                                      name:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  targetPortal:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              name:
+                                nullable: true
+                                type: string
+                              nfs:
+                                nullable: true
+                                properties:
+                                  path:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                  server:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              persistentVolumeClaim:
+                                nullable: true
+                                properties:
+                                  claimName:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                type: object
+                              photonPersistentDisk:
+                                nullable: true
+                                properties:
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  pdID:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              portworxVolume:
+                                nullable: true
+                                properties:
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                  volumeID:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              projected:
+                                nullable: true
+                                properties:
+                                  defaultMode:
+                                    nullable: true
+                                    type: integer
+                                  sources:
+                                    items:
+                                      properties:
+                                        configMap:
+                                          nullable: true
+                                          properties:
+                                            items:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    nullable: true
+                                                    type: string
+                                                  mode:
+                                                    nullable: true
+                                                    type: integer
+                                                  path:
+                                                    nullable: true
+                                                    type: string
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            optional:
+                                              nullable: true
+                                              type: boolean
+                                          type: object
+                                        downwardAPI:
+                                          nullable: true
+                                          properties:
+                                            items:
+                                              items:
+                                                properties:
+                                                  fieldRef:
+                                                    nullable: true
+                                                    properties:
+                                                      apiVersion:
+                                                        nullable: true
+                                                        type: string
+                                                      fieldPath:
+                                                        nullable: true
+                                                        type: string
+                                                    type: object
+                                                  mode:
+                                                    nullable: true
+                                                    type: integer
+                                                  path:
+                                                    nullable: true
+                                                    type: string
+                                                  resourceFieldRef:
+                                                    nullable: true
+                                                    properties:
+                                                      containerName:
+                                                        nullable: true
+                                                        type: string
+                                                      divisor:
+                                                        nullable: true
+                                                        type: string
+                                                      resource:
+                                                        nullable: true
+                                                        type: string
+                                                    type: object
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        secret:
+                                          nullable: true
+                                          properties:
+                                            items:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    nullable: true
+                                                    type: string
+                                                  mode:
+                                                    nullable: true
+                                                    type: integer
+                                                  path:
+                                                    nullable: true
+                                                    type: string
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            optional:
+                                              nullable: true
+                                              type: boolean
+                                          type: object
+                                        serviceAccountToken:
+                                          nullable: true
+                                          properties:
+                                            audience:
+                                              nullable: true
+                                              type: string
+                                            expirationSeconds:
+                                              nullable: true
+                                              type: integer
+                                            path:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                type: object
+                              quobyte:
+                                nullable: true
+                                properties:
+                                  group:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                  registry:
+                                    nullable: true
+                                    type: string
+                                  tenant:
+                                    nullable: true
+                                    type: string
+                                  user:
+                                    nullable: true
+                                    type: string
+                                  volume:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              rbd:
+                                nullable: true
+                                properties:
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  image:
+                                    nullable: true
+                                    type: string
+                                  keyring:
+                                    nullable: true
+                                    type: string
+                                  monitors:
+                                    items:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: array
+                                  pool:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                  secretRef:
+                                    nullable: true
+                                    properties:
+                                      name:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  user:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              scaleIO:
+                                nullable: true
+                                properties:
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  gateway:
+                                    nullable: true
+                                    type: string
+                                  protectionDomain:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                  secretRef:
+                                    nullable: true
+                                    properties:
+                                      name:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  sslEnabled:
+                                    type: boolean
+                                  storageMode:
+                                    nullable: true
+                                    type: string
+                                  storagePool:
+                                    nullable: true
+                                    type: string
+                                  system:
+                                    nullable: true
+                                    type: string
+                                  volumeName:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              secret:
+                                nullable: true
+                                properties:
+                                  defaultMode:
+                                    nullable: true
+                                    type: integer
+                                  items:
+                                    items:
+                                      properties:
+                                        key:
+                                          nullable: true
+                                          type: string
+                                        mode:
+                                          nullable: true
+                                          type: integer
+                                        path:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  optional:
+                                    nullable: true
+                                    type: boolean
+                                  secretName:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              storageos:
+                                nullable: true
+                                properties:
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                  secretRef:
+                                    nullable: true
+                                    properties:
+                                      name:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  volumeName:
+                                    nullable: true
+                                    type: string
+                                  volumeNamespace:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              vsphereVolume:
+                                nullable: true
+                                properties:
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  storagePolicyID:
+                                    nullable: true
+                                    type: string
+                                  storagePolicyName:
+                                    nullable: true
+                                    type: string
+                                  volumePath:
+                                    nullable: true
+                                    type: string
+                                type: object
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                  type: object
+                ttlSecondsAfterFinished:
+                  nullable: true
+                  type: integer
+              type: object
+            syncInterval:
+              type: integer
+          type: object
+        status:
+          properties:
+            commit:
+              nullable: true
+              type: string
+            conditions:
+              items:
+                properties:
+                  lastTransitionTime:
+                    nullable: true
+                    type: string
+                  lastUpdateTime:
+                    nullable: true
+                    type: string
+                  message:
+                    nullable: true
+                    type: string
+                  reason:
+                    nullable: true
+                    type: string
+                  status:
+                    nullable: true
+                    type: string
+                  type:
+                    nullable: true
+                    type: string
+                type: object
+              nullable: true
+              type: array
+            event:
+              nullable: true
+              type: string
+            hookId:
+              nullable: true
+              type: string
+            jobStatus:
+              nullable: true
+              type: string
+            lastExecutedCommit:
+              nullable: true
+              type: string
+            lastSyncedTime:
+              nullable: true
+              type: string
+            observedGeneration:
+              type: integer
+            secretToken:
+              nullable: true
+              type: string
+            updateGeneration:
+              type: integer
+          type: object
+      type: object
+  version: v1
+  versions:
+  - name: v1
+    served: true
+    storage: true
+{{- end -}}
diff --git a/charts/fleet-crd/103.1.8+up0.9.9/values.yaml b/charts/fleet-crd/103.1.8+up0.9.9/values.yaml
new file mode 100644
index 0000000000..d41d3a2444
--- /dev/null
+++ b/charts/fleet-crd/103.1.8+up0.9.9/values.yaml
@@ -0,0 +1 @@
+# This file is intentionally empty
diff --git a/charts/fleet/103.1.8+up0.9.9/Chart.yaml b/charts/fleet/103.1.8+up0.9.9/Chart.yaml
new file mode 100644
index 0000000000..6aa289ce8d
--- /dev/null
+++ b/charts/fleet/103.1.8+up0.9.9/Chart.yaml
@@ -0,0 +1,22 @@
+annotations:
+  catalog.cattle.io/auto-install: fleet-crd=match
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/experimental: "true"
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+  catalog.cattle.io/namespace: cattle-fleet-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/provides-gvr: clusters.fleet.cattle.io/v1alpha1
+  catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+  catalog.cattle.io/release-name: fleet
+apiVersion: v2
+appVersion: 0.9.9
+dependencies:
+- condition: gitops.enabled
+  name: gitjob
+  repository: file://./charts/gitjob
+description: Fleet Manager - GitOps at Scale
+icon: https://charts.rancher.io/assets/logos/fleet.svg
+name: fleet
+version: 103.1.8+up0.9.9
diff --git a/charts/fleet/103.1.8+up0.9.9/README.md b/charts/fleet/103.1.8+up0.9.9/README.md
new file mode 100644
index 0000000000..2f2a4c302a
--- /dev/null
+++ b/charts/fleet/103.1.8+up0.9.9/README.md
@@ -0,0 +1,30 @@
+# Fleet Helm Chart
+
+Fleet is GitOps at scale. Fleet is designed to manage multiple clusters.
+
+## What is Fleet?
+
+* Cluster engine: Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through GitOps. Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.
+
+* Deployment management: Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users can enjoy a high degree of control, consistency, and auditability of their clusters.
+
+## Introduction
+
+This chart deploys Fleet on a Kubernetes cluster. It also deploys some of its dependencies as subcharts.
+
+The documentation is centralized in the [doc website](https://fleet.rancher.io/).
+
+## Prerequisites
+
+Get helm if you don't have it. Helm 3 is just a CLI.
+
+
+## Install Fleet
+
+Install the Fleet Helm charts (there are two because we separate out CRDs for ultimate flexibility.):
+
+```
+$ helm repo add fleet https://rancher.github.io/fleet-helm-charts/
+$ helm -n cattle-fleet-system install --create-namespace --wait fleet-crd fleet/fleet-crd
+$ helm -n cattle-fleet-system install --create-namespace --wait fleet fleet/fleet
+```
\ No newline at end of file
diff --git a/charts/fleet/103.1.8+up0.9.9/charts/gitjob/.helmignore b/charts/fleet/103.1.8+up0.9.9/charts/gitjob/.helmignore
new file mode 100644
index 0000000000..691fa13d6a
--- /dev/null
+++ b/charts/fleet/103.1.8+up0.9.9/charts/gitjob/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
\ No newline at end of file
diff --git a/charts/fleet/103.1.8+up0.9.9/charts/gitjob/Chart.yaml b/charts/fleet/103.1.8+up0.9.9/charts/gitjob/Chart.yaml
new file mode 100644
index 0000000000..e0cd8fae3b
--- /dev/null
+++ b/charts/fleet/103.1.8+up0.9.9/charts/gitjob/Chart.yaml
@@ -0,0 +1,5 @@
+apiVersion: v2
+appVersion: 0.9.13
+description: Controller that run jobs based on git events
+name: gitjob
+version: 0.9.13
diff --git a/charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/_helpers.tpl b/charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/_helpers.tpl
new file mode 100644
index 0000000000..f652b5643d
--- /dev/null
+++ b/charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/_helpers.tpl
@@ -0,0 +1,7 @@
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
\ No newline at end of file
diff --git a/charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/clusterrole.yaml b/charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/clusterrole.yaml
new file mode 100644
index 0000000000..bcad90164f
--- /dev/null
+++ b/charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/clusterrole.yaml
@@ -0,0 +1,38 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: gitjob
+rules:
+  - apiGroups:
+      - "batch"
+    resources:
+      - 'jobs'
+    verbs:
+      - '*'
+  - apiGroups:
+      - ""
+    resources:
+      - 'pods'
+    verbs:
+      - 'list'
+      - 'get'
+      - 'watch'
+  - apiGroups:
+      - ""
+    resources:
+      - 'secrets'
+    verbs:
+      - '*'
+  - apiGroups:
+      - ""
+    resources:
+      - 'configmaps'
+    verbs:
+      - '*'
+  - apiGroups:
+      - "gitjob.cattle.io"
+    resources:
+      - "gitjobs"
+      - "gitjobs/status"
+    verbs:
+      - "*"
\ No newline at end of file
diff --git a/charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/clusterrolebinding.yaml b/charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/clusterrolebinding.yaml
new file mode 100644
index 0000000000..0bf07c4ef8
--- /dev/null
+++ b/charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/clusterrolebinding.yaml
@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: gitjob-binding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: gitjob
+subjects:
+  - kind: ServiceAccount
+    name: gitjob
+    namespace: {{ .Release.Namespace }}
\ No newline at end of file
diff --git a/charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/deployment.yaml b/charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/deployment.yaml
new file mode 100644
index 0000000000..7771db512c
--- /dev/null
+++ b/charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/deployment.yaml
@@ -0,0 +1,52 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: gitjob
+spec:
+  selector:
+    matchLabels:
+      app: "gitjob"
+  template:
+    metadata:
+      labels:
+        app: "gitjob"
+    spec:
+      serviceAccountName: gitjob
+      containers:
+        - image: "{{ template "system_default_registry" . }}{{ .Values.gitjob.repository }}:{{ .Values.gitjob.tag }}"
+          name: gitjob
+          args:
+          - gitjob
+          - --gitjob-image
+          - "{{ template "system_default_registry" . }}{{ .Values.gitjob.repository }}:{{ .Values.gitjob.tag }}"
+          {{- if .Values.debug }}
+          - --debug
+          {{- end }}
+          env:
+            - name: NAMESPACE
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.namespace
+          {{- if .Values.proxy }}
+            - name: HTTP_PROXY
+              value: {{ .Values.proxy }}
+            - name: HTTPS_PROXY
+              value: {{ .Values.proxy }}
+            - name: NO_PROXY
+              value: {{ .Values.noProxy }}
+          {{- end }}
+          {{- if .Values.debug }}
+            - name: CATTLE_DEV_MODE
+              value: "true"
+          {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- if .Values.priorityClassName }}
+      priorityClassName: "{{.Values.priorityClassName}}"
+      {{- end }}
diff --git a/charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/leases.yaml b/charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/leases.yaml
new file mode 100644
index 0000000000..51f9339509
--- /dev/null
+++ b/charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/leases.yaml
@@ -0,0 +1,23 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: gitjob
+rules:
+  - apiGroups:
+      - "coordination.k8s.io"
+    resources:
+      - "leases"
+    verbs:
+      - "*"
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: gitjob
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: gitjob
+subjects:
+  - kind: ServiceAccount
+    name: gitjob
diff --git a/charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/service.yaml b/charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/service.yaml
new file mode 100644
index 0000000000..bf57c1b55c
--- /dev/null
+++ b/charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/service.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: gitjob
+spec:
+  ports:
+    - name: http-80
+      port: 80
+      protocol: TCP
+      targetPort: 8080
+  selector:
+    app: "gitjob"
\ No newline at end of file
diff --git a/charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/serviceaccount.yaml b/charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..5f8aecb045
--- /dev/null
+++ b/charts/fleet/103.1.8+up0.9.9/charts/gitjob/templates/serviceaccount.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: gitjob
diff --git a/charts/fleet/103.1.8+up0.9.9/charts/gitjob/values.yaml b/charts/fleet/103.1.8+up0.9.9/charts/gitjob/values.yaml
new file mode 100644
index 0000000000..5099190a33
--- /dev/null
+++ b/charts/fleet/103.1.8+up0.9.9/charts/gitjob/values.yaml
@@ -0,0 +1,27 @@
+gitjob:
+  repository: rancher/gitjob
+  tag: v0.9.13
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+
+# http[s] proxy server
+# proxy: http://<username>@<password>:<url>:<port>
+
+# comma separated list of domains or ip addresses that will not use the proxy
+noProxy: 127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.svc,.cluster.local
+
+nodeSelector:
+  kubernetes.io/os: linux
+
+tolerations:
+  - key: cattle.io/os
+    operator: "Equal"
+    value: "linux"
+    effect: NoSchedule
+
+# PriorityClassName assigned to deployment.
+priorityClassName: ""
+
+debug: false
diff --git a/charts/fleet/103.1.8+up0.9.9/templates/_helpers.tpl b/charts/fleet/103.1.8+up0.9.9/templates/_helpers.tpl
new file mode 100644
index 0000000000..6cd96c3ace
--- /dev/null
+++ b/charts/fleet/103.1.8+up0.9.9/templates/_helpers.tpl
@@ -0,0 +1,22 @@
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
\ No newline at end of file
diff --git a/charts/fleet/103.1.8+up0.9.9/templates/configmap.yaml b/charts/fleet/103.1.8+up0.9.9/templates/configmap.yaml
new file mode 100644
index 0000000000..3fd0b15cf8
--- /dev/null
+++ b/charts/fleet/103.1.8+up0.9.9/templates/configmap.yaml
@@ -0,0 +1,26 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: fleet-controller
+data:
+  config: |
+    {
+      "systemDefaultRegistry": "{{ template "system_default_registry" . }}",
+      "agentImage": "{{ template "system_default_registry" . }}{{.Values.agentImage.repository}}:{{.Values.agentImage.tag}}",
+      "agentImagePullPolicy": "{{ .Values.agentImage.imagePullPolicy }}",
+      "apiServerURL": "{{.Values.apiServerURL}}",
+      "apiServerCA": "{{b64enc .Values.apiServerCA}}",
+      "agentCheckinInterval": "{{.Values.agentCheckinInterval}}",
+      "agentTLSMode": "{{.Values.agentTLSMode}}",
+      "ignoreClusterRegistrationLabels": {{.Values.ignoreClusterRegistrationLabels}},
+      "bootstrap": {
+        "paths": "{{.Values.bootstrap.paths}}",
+        "repo": "{{.Values.bootstrap.repo}}",
+        "secret": "{{.Values.bootstrap.secret}}",
+        "branch":  "{{.Values.bootstrap.branch}}",
+        "namespace": "{{.Values.bootstrap.namespace}}",
+        "agentNamespace": "{{.Values.bootstrap.agentNamespace}}",
+      },
+      "webhookReceiverURL": "{{.Values.webhookReceiverURL}}",
+      "githubURLPrefix": "{{.Values.githubURLPrefix}}"
+    }
diff --git a/charts/fleet/103.1.8+up0.9.9/templates/deployment.yaml b/charts/fleet/103.1.8+up0.9.9/templates/deployment.yaml
new file mode 100644
index 0000000000..164340c444
--- /dev/null
+++ b/charts/fleet/103.1.8+up0.9.9/templates/deployment.yaml
@@ -0,0 +1,102 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: fleet-controller
+spec:
+  selector:
+    matchLabels:
+      app: fleet-controller
+  template:
+    metadata:
+      labels:
+        app: fleet-controller
+    spec:
+      containers:
+      - env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        - name: FLEET_PROPAGATE_DEBUG_SETTINGS_TO_AGENTS
+          value: {{ quote .Values.propagateDebugSettingsToAgents }}
+        {{- if .Values.clusterEnqueueDelay }}
+        - name: FLEET_CLUSTER_ENQUEUE_DELAY
+          value: {{ .Values.clusterEnqueueDelay }}
+        {{- end }}
+        {{- if .Values.proxy }}
+        - name: HTTP_PROXY
+          value: {{ .Values.proxy }}
+        - name: HTTPS_PROXY
+          value: {{ .Values.proxy }}
+        - name: NO_PROXY
+          value: {{ .Values.noProxy }}
+        {{- end }}
+        {{- if .Values.cpuPprof }}
+        - name: FLEET_CPU_PPROF_DIR
+          value: /tmp/pprof/
+        {{- end }}
+        {{- if .Values.cpuPprof }}
+        - name: FLEET_CPU_PPROF_PERIOD
+          value: {{ quote .Values.cpuPprof.period }}
+        {{- end }}
+        {{- if .Values.debug }}
+        - name: CATTLE_DEV_MODE
+          value: "true"
+        {{- end }}
+        image: '{{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}'
+        name: fleet-controller
+        imagePullPolicy: "{{ .Values.image.imagePullPolicy }}"
+        command:
+        - fleetcontroller
+        {{- if not .Values.gitops.enabled }}
+        - --disable-gitops
+        {{- end }}
+        {{- if not .Values.bootstrap.enabled }}
+        - --disable-bootstrap
+        {{- end }}
+        {{- if .Values.debug }}
+        - --debug
+        - --debug-level
+        - {{ quote .Values.debugLevel }}
+        {{- else }}
+        securityContext:
+          allowPrivilegeEscalation: false
+          readOnlyRootFilesystem: true
+          privileged: false
+          capabilities:
+            drop:
+            - ALL
+        {{- end }}
+        volumeMounts:
+          - mountPath: /tmp
+            name: tmp
+        {{- if .Values.cpuPprof }}
+          - mountPath: /tmp/pprof
+            name: pprof
+        {{- end }}
+      volumes:
+        - name: tmp
+          emptyDir: {}
+      {{- if .Values.cpuPprof }}
+        - name: pprof {{ toYaml .Values.cpuPprof.volumeConfiguration | nindent 10 }}
+      {{- end }}
+
+      serviceAccountName: fleet-controller
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+{{- end }}
+      {{- if .Values.priorityClassName }}
+      priorityClassName: "{{.Values.priorityClassName}}"
+      {{- end }}
+
+{{- if not .Values.debug }}
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+        runAsGroup: 1000
+{{- end }}
diff --git a/charts/fleet/103.1.8+up0.9.9/templates/job_cleanup_clusterregistrations.yaml b/charts/fleet/103.1.8+up0.9.9/templates/job_cleanup_clusterregistrations.yaml
new file mode 100644
index 0000000000..17d1ba7864
--- /dev/null
+++ b/charts/fleet/103.1.8+up0.9.9/templates/job_cleanup_clusterregistrations.yaml
@@ -0,0 +1,40 @@
+{{- if .Values.migrations.clusterRegistrationCleanup }}
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: fleet-cleanup-clusterregistrations
+  annotations:
+    "helm.sh/hook": post-install, post-upgrade
+    "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation
+spec:
+  template:
+    metadata:
+      labels:
+        app: fleet-job
+    spec:
+      serviceAccountName: fleet-controller
+      restartPolicy: Never
+      securityContext:
+        runAsNonRoot: true
+        runAsGroup: 1000
+        runAsUser: 1000
+      containers:
+      - name: cleanup
+        image: "{{ template "system_default_registry" . }}{{.Values.agentImage.repository}}:{{.Values.agentImage.tag}}"
+        imagePullPolicy: {{ .Values.global.imagePullPolicy }}
+        securityContext:
+          allowPrivilegeEscalation: false
+          capabilities:
+            drop:
+            - ALL
+          readOnlyRootFilesystem: false
+          privileged: false
+        command:
+        - fleet
+        args:
+        - cleanup
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+  backoffLimit: 1
+{{- end }}
diff --git a/charts/fleet/103.1.8+up0.9.9/templates/rbac.yaml b/charts/fleet/103.1.8+up0.9.9/templates/rbac.yaml
new file mode 100644
index 0000000000..361d68c08b
--- /dev/null
+++ b/charts/fleet/103.1.8+up0.9.9/templates/rbac.yaml
@@ -0,0 +1,114 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: fleet-controller
+rules:
+- apiGroups:
+  - gitjob.cattle.io
+  resources:
+  - '*'
+  verbs:
+  - '*'
+- apiGroups:
+  - fleet.cattle.io
+  resources:
+  - '*'
+  verbs:
+  - '*'
+- apiGroups:
+  - ""
+  resources:
+  - namespaces
+  - serviceaccounts
+  verbs:
+  - '*'
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  - configmaps
+  verbs:
+  - '*'
+- apiGroups:
+  - rbac.authorization.k8s.io
+  resources:
+  - clusterroles
+  - clusterrolebindings
+  - roles
+  - rolebindings
+  verbs:
+  - '*'
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: fleet-controller
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: fleet-controller
+subjects:
+- kind: ServiceAccount
+  name: fleet-controller
+  namespace: {{.Release.Namespace}}
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: fleet-controller
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - '*'
+- apiGroups:
+  - coordination.k8s.io
+  resources:
+  - leases
+  verbs:
+  - '*'
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: fleet-controller
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: fleet-controller
+subjects:
+- kind: ServiceAccount
+  name: fleet-controller
+
+{{- if .Values.bootstrap.enabled }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: fleet-controller-bootstrap
+rules:
+- apiGroups:
+  - '*'
+  resources:
+  - '*'
+  verbs:
+  - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: fleet-controller-bootstrap
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: fleet-controller-bootstrap
+subjects:
+- kind: ServiceAccount
+  name: fleet-controller-bootstrap
+  namespace: {{.Release.Namespace}}
+{{- end }}
diff --git a/charts/fleet/103.1.8+up0.9.9/templates/serviceaccount.yaml b/charts/fleet/103.1.8+up0.9.9/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..ba27c748d7
--- /dev/null
+++ b/charts/fleet/103.1.8+up0.9.9/templates/serviceaccount.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: fleet-controller
+
+{{- if .Values.bootstrap.enabled }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: fleet-controller-bootstrap
+{{- end }}
diff --git a/charts/fleet/103.1.8+up0.9.9/values.yaml b/charts/fleet/103.1.8+up0.9.9/values.yaml
new file mode 100644
index 0000000000..01eadc7986
--- /dev/null
+++ b/charts/fleet/103.1.8+up0.9.9/values.yaml
@@ -0,0 +1,87 @@
+image:
+  repository: rancher/fleet
+  tag: v0.9.9
+  imagePullPolicy: IfNotPresent
+
+agentImage:
+  repository: rancher/fleet-agent
+  tag: v0.9.9
+  imagePullPolicy: IfNotPresent
+
+# For cluster registration the public URL of the Kubernetes API server must be set here
+# Example: https://example.com:6443
+apiServerURL: ""
+
+# For cluster registration the pem encoded value of the CA of the Kubernetes API server must be set here
+# If left empty it is assumed this Kubernetes API TLS is signed by a well known CA.
+apiServerCA: ""
+
+# Determines whether the agent should trust CA bundles from the operating system's trust store when connecting to a
+# management cluster. True in `system-store` mode, false in `strict` mode.
+agentTLSMode: "system-store"
+
+# A duration string for how often agents should report a heartbeat
+agentCheckinInterval: "15m"
+
+# Whether you want to allow cluster upon registration to specify their labels.
+ignoreClusterRegistrationLabels: false
+
+# Counts from gitrepo are out of sync with bundleDeployment state.
+# Just retry in a number of seconds as there is no great way to trigger an event that doesn't cause a loop.
+# If not set default is 15 seconds.
+# clusterEnqueueDelay: 120s
+
+# http[s] proxy server
+# proxy: http://<username>@<password>:<url>:<port>
+
+# comma separated list of domains or ip addresses that will not use the proxy
+noProxy: 127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.svc,.cluster.local
+
+bootstrap:
+  enabled: true
+  # The namespace that will be autocreated and the local cluster will be registered in
+  namespace: fleet-local
+  # The namespace where the fleet agent for the local cluster will be ran, if empty
+  # this will default to cattle-fleet-system
+  agentNamespace: ""
+  # A repo to add at install time that will deploy to the local cluster. This allows
+  # one to fully bootstrap fleet, its configuration and all its downstream clusters
+  # in one shot.
+  repo: ""
+  secret: ""
+  branch: master
+  paths: ""
+
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+
+## Node labels for pod assignment
+## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+## List of node taints to tolerate (requires Kubernetes >= 1.6)
+tolerations: []
+
+## PriorityClassName assigned to deployment.
+priorityClassName: ""
+
+gitops:
+  enabled: true
+
+debug: false
+debugLevel: 0
+propagateDebugSettingsToAgents: true
+
+## Optional CPU pprof configuration. Profiles are collected continuously and saved every period
+## Any valid volume configuration can be provided, the example below uses hostPath
+#cpuPprof:
+#  period: "60s"
+#  volumeConfiguration:
+#    hostPath:
+#      path: /tmp/pprof
+#      type: DirectoryOrCreate
+
+migrations:
+  clusterRegistrationCleanup: true
diff --git a/charts/harvester-cloud-provider/103.0.3+up0.2.6/.helmignore b/charts/harvester-cloud-provider/103.0.3+up0.2.6/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/harvester-cloud-provider/103.0.3+up0.2.6/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/harvester-cloud-provider/103.0.3+up0.2.6/Chart.lock b/charts/harvester-cloud-provider/103.0.3+up0.2.6/Chart.lock
new file mode 100644
index 0000000000..c6f7db6a91
--- /dev/null
+++ b/charts/harvester-cloud-provider/103.0.3+up0.2.6/Chart.lock
@@ -0,0 +1,6 @@
+dependencies:
+- name: kube-vip
+  repository: file://dependency_charts/kube-vip
+  version: 0.4.2
+digest: sha256:bbbff44d39375203f4880e5a76f0d9705f25edc53f89532e8ef39cd23d9ca92b
+generated: "2023-06-07T17:47:05.632456+08:00"
diff --git a/charts/harvester-cloud-provider/103.0.3+up0.2.6/Chart.yaml b/charts/harvester-cloud-provider/103.0.3+up0.2.6/Chart.yaml
new file mode 100644
index 0000000000..5dc7f191a8
--- /dev/null
+++ b/charts/harvester-cloud-provider/103.0.3+up0.2.6/Chart.yaml
@@ -0,0 +1,25 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/display-name: Harvester Cloud Provider
+  catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+  catalog.cattle.io/namespace: kube-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux
+  catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+  catalog.cattle.io/release-name: harvester-cloud-provider
+  catalog.cattle.io/ui-component: harvester-cloud-provider
+  catalog.cattle.io/upstream-version: 0.2.6
+apiVersion: v2
+appVersion: v0.2.2
+dependencies:
+- name: kube-vip
+  repository: file://./charts/kube-vip
+description: A Helm chart for Harvester Cloud Provider
+keywords:
+- infrastructure
+- harvester
+maintainers:
+- name: harvester
+name: harvester-cloud-provider
+type: application
+version: 103.0.3+up0.2.6
diff --git a/charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/.helmignore b/charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/Chart.yaml b/charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/Chart.yaml
new file mode 100644
index 0000000000..77d865f6bc
--- /dev/null
+++ b/charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/Chart.yaml
@@ -0,0 +1,6 @@
+apiVersion: v2
+appVersion: v0.4.1
+description: A Helm chart for kube-vip
+name: kube-vip
+type: application
+version: 0.4.2
diff --git a/charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/templates/_helpers.tpl b/charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/templates/_helpers.tpl
new file mode 100644
index 0000000000..699c16299e
--- /dev/null
+++ b/charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/templates/_helpers.tpl
@@ -0,0 +1,74 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "kube-vip.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "kube-vip.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "kube-vip.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "kube-vip.labels" -}}
+helm.sh/chart: {{ include "kube-vip.chart" . }}
+{{ include "kube-vip.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "kube-vip.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "kube-vip.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "kube-vip.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "kube-vip.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{/*
+Global system default registry
+*/}}
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/templates/daemonset.yaml b/charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/templates/daemonset.yaml
new file mode 100644
index 0000000000..cf8a845423
--- /dev/null
+++ b/charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/templates/daemonset.yaml
@@ -0,0 +1,51 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: {{ include "kube-vip.name" . }}
+  namespace: {{ .Release.Namespace | default "kube-system" }}
+spec:
+  selector:
+    matchLabels:
+      {{- include "kube-vip.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        {{- include "kube-vip.selectorLabels" . | nindent 8 }}
+    spec:
+      containers:
+      - args:
+          - manager
+        env:
+          {{- if eq .Values.env.cp_enable "true" }}
+          - name: vip_address
+            value: {{ required "A valid config.address required!" .Values.config.address}}
+          {{- end }}
+        {{- with .Values.env }}
+          {{- range $k, $v := . }}
+            {{- $name := $k }}
+            {{- $value := $v }}
+          - name: {{ quote $name }}
+            value: {{ quote $value }}
+          {{- end }}
+        {{- end }}
+        image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        name: kube-vip
+        resources:
+          {{- toYaml .Values.resources | nindent 10 }}
+        securityContext:
+          {{- toYaml .Values.securityContext | nindent 10 }}
+      hostNetwork: true
+      serviceAccountName: {{ include "kube-vip.name" . }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
diff --git a/charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/templates/rbac.yaml b/charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/templates/rbac.yaml
new file mode 100644
index 0000000000..0aee28c9bb
--- /dev/null
+++ b/charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/templates/rbac.yaml
@@ -0,0 +1,36 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "kube-vip.name" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+  {{- include "kube-vip.labels" . | nindent 4 }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  annotations:
+    rbac.authorization.kubernetes.io/autoupdate: "true"
+  name: {{ include "kube-vip.name" . }}
+rules:
+  - apiGroups: [""]
+    resources: ["services", "services/status", "nodes"]
+    verbs: ["list","get","watch", "update"]
+  - apiGroups: ["coordination.k8s.io"]
+    resources: ["leases"]
+    verbs: ["list", "get", "watch", "update", "create"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ include "kube-vip.name" . }}
+  labels:
+  {{- include "kube-vip.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ include "kube-vip.name" . }}
+subjects:
+- kind: ServiceAccount
+  name: {{ include "kube-vip.name" . }}
+  namespace: {{ .Release.Namespace }}
diff --git a/charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/values.yaml b/charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/values.yaml
new file mode 100644
index 0000000000..307bf8304b
--- /dev/null
+++ b/charts/harvester-cloud-provider/103.0.3+up0.2.6/charts/kube-vip/values.yaml
@@ -0,0 +1,79 @@
+# Default values for kube-vip.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+image:
+  repository: rancher/mirrored-kube-vip-kube-vip-iptables
+  pullPolicy: IfNotPresent
+  # Overrides the image tag whose default is the chart appVersion.
+  tag: "v0.6.0"
+
+config:
+  address: ""
+
+env:
+  vip_interface: ""
+  vip_arp: "true"
+  lb_enable: "true"
+  lb_port: "6443"
+  vip_cidr: "32"
+  cp_enable: "false"
+  svc_enable: "true"
+  vip_leaderelection: "false"
+
+imagePullSecrets: [ ]
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: true
+  # Annotations to add to the service account
+  annotations: { }
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name: ""
+
+podAnnotations: { }
+
+podSecurityContext: { }
+# fsGroup: 2000
+
+securityContext:
+  capabilities:
+    add:
+      - NET_ADMIN
+      - NET_RAW
+
+resources: { }
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+# limits:
+#   cpu: 100m
+#   memory: 128Mi
+# requests:
+#   cpu: 100m
+#   memory: 128Mi
+
+nodeSelector: {}
+
+tolerations:
+  - effect: NoSchedule
+    key: node-role.kubernetes.io/control-plane
+    operator: Exists
+affinity: { }
+  # nodeAffinity:
+  #   requiredDuringSchedulingIgnoredDuringExecution:
+  #     nodeSelectorTerms:
+  #     - matchExpressions:
+  #       - key: node-role.kubernetes.io/master
+  #         operator: Exists
+  #     - matchExpressions:
+  #       - key: node-role.kubernetes.io/control-plane
+  #         operator: Exists
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
diff --git a/charts/harvester-cloud-provider/103.0.3+up0.2.6/ci/kind-values.yaml b/charts/harvester-cloud-provider/103.0.3+up0.2.6/ci/kind-values.yaml
new file mode 100644
index 0000000000..2f3796b7a2
--- /dev/null
+++ b/charts/harvester-cloud-provider/103.0.3+up0.2.6/ci/kind-values.yaml
@@ -0,0 +1,3 @@
+replicasCount: 1
+# It's an existent but invalid kubeconfig, just for helm installation testing in kind
+cloudConfigPath: "/etc/kubernetes/admin.conf"
diff --git a/charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/.helmignore b/charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/Chart.yaml b/charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/Chart.yaml
new file mode 100644
index 0000000000..77d865f6bc
--- /dev/null
+++ b/charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/Chart.yaml
@@ -0,0 +1,6 @@
+apiVersion: v2
+appVersion: v0.4.1
+description: A Helm chart for kube-vip
+name: kube-vip
+type: application
+version: 0.4.2
diff --git a/charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/templates/_helpers.tpl b/charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/templates/_helpers.tpl
new file mode 100644
index 0000000000..699c16299e
--- /dev/null
+++ b/charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/templates/_helpers.tpl
@@ -0,0 +1,74 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "kube-vip.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "kube-vip.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "kube-vip.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "kube-vip.labels" -}}
+helm.sh/chart: {{ include "kube-vip.chart" . }}
+{{ include "kube-vip.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "kube-vip.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "kube-vip.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "kube-vip.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "kube-vip.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{/*
+Global system default registry
+*/}}
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/templates/daemonset.yaml b/charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/templates/daemonset.yaml
new file mode 100644
index 0000000000..cf8a845423
--- /dev/null
+++ b/charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/templates/daemonset.yaml
@@ -0,0 +1,51 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: {{ include "kube-vip.name" . }}
+  namespace: {{ .Release.Namespace | default "kube-system" }}
+spec:
+  selector:
+    matchLabels:
+      {{- include "kube-vip.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        {{- include "kube-vip.selectorLabels" . | nindent 8 }}
+    spec:
+      containers:
+      - args:
+          - manager
+        env:
+          {{- if eq .Values.env.cp_enable "true" }}
+          - name: vip_address
+            value: {{ required "A valid config.address required!" .Values.config.address}}
+          {{- end }}
+        {{- with .Values.env }}
+          {{- range $k, $v := . }}
+            {{- $name := $k }}
+            {{- $value := $v }}
+          - name: {{ quote $name }}
+            value: {{ quote $value }}
+          {{- end }}
+        {{- end }}
+        image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        name: kube-vip
+        resources:
+          {{- toYaml .Values.resources | nindent 10 }}
+        securityContext:
+          {{- toYaml .Values.securityContext | nindent 10 }}
+      hostNetwork: true
+      serviceAccountName: {{ include "kube-vip.name" . }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
diff --git a/charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/templates/rbac.yaml b/charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/templates/rbac.yaml
new file mode 100644
index 0000000000..0aee28c9bb
--- /dev/null
+++ b/charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/templates/rbac.yaml
@@ -0,0 +1,36 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "kube-vip.name" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+  {{- include "kube-vip.labels" . | nindent 4 }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  annotations:
+    rbac.authorization.kubernetes.io/autoupdate: "true"
+  name: {{ include "kube-vip.name" . }}
+rules:
+  - apiGroups: [""]
+    resources: ["services", "services/status", "nodes"]
+    verbs: ["list","get","watch", "update"]
+  - apiGroups: ["coordination.k8s.io"]
+    resources: ["leases"]
+    verbs: ["list", "get", "watch", "update", "create"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ include "kube-vip.name" . }}
+  labels:
+  {{- include "kube-vip.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ include "kube-vip.name" . }}
+subjects:
+- kind: ServiceAccount
+  name: {{ include "kube-vip.name" . }}
+  namespace: {{ .Release.Namespace }}
diff --git a/charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/values.yaml b/charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/values.yaml
new file mode 100644
index 0000000000..307bf8304b
--- /dev/null
+++ b/charts/harvester-cloud-provider/103.0.3+up0.2.6/dependency_charts/kube-vip/values.yaml
@@ -0,0 +1,79 @@
+# Default values for kube-vip.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+image:
+  repository: rancher/mirrored-kube-vip-kube-vip-iptables
+  pullPolicy: IfNotPresent
+  # Overrides the image tag whose default is the chart appVersion.
+  tag: "v0.6.0"
+
+config:
+  address: ""
+
+env:
+  vip_interface: ""
+  vip_arp: "true"
+  lb_enable: "true"
+  lb_port: "6443"
+  vip_cidr: "32"
+  cp_enable: "false"
+  svc_enable: "true"
+  vip_leaderelection: "false"
+
+imagePullSecrets: [ ]
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: true
+  # Annotations to add to the service account
+  annotations: { }
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name: ""
+
+podAnnotations: { }
+
+podSecurityContext: { }
+# fsGroup: 2000
+
+securityContext:
+  capabilities:
+    add:
+      - NET_ADMIN
+      - NET_RAW
+
+resources: { }
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+# limits:
+#   cpu: 100m
+#   memory: 128Mi
+# requests:
+#   cpu: 100m
+#   memory: 128Mi
+
+nodeSelector: {}
+
+tolerations:
+  - effect: NoSchedule
+    key: node-role.kubernetes.io/control-plane
+    operator: Exists
+affinity: { }
+  # nodeAffinity:
+  #   requiredDuringSchedulingIgnoredDuringExecution:
+  #     nodeSelectorTerms:
+  #     - matchExpressions:
+  #       - key: node-role.kubernetes.io/master
+  #         operator: Exists
+  #     - matchExpressions:
+  #       - key: node-role.kubernetes.io/control-plane
+  #         operator: Exists
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
diff --git a/charts/harvester-cloud-provider/103.0.3+up0.2.6/questions.yml b/charts/harvester-cloud-provider/103.0.3+up0.2.6/questions.yml
new file mode 100644
index 0000000000..9a85c90295
--- /dev/null
+++ b/charts/harvester-cloud-provider/103.0.3+up0.2.6/questions.yml
@@ -0,0 +1,11 @@
+categories:
+- infrastructure
+- harvester
+namespace: kube-system
+questions:
+- variable: cloudConfigPath
+  label: Cloud config file path
+  description: "Specify the path of the cloud config."
+  group: "Default"
+  type: string
+  default: "/etc/kubernetes/cloud-config"
diff --git a/charts/harvester-cloud-provider/103.0.3+up0.2.6/templates/_helpers.tpl b/charts/harvester-cloud-provider/103.0.3+up0.2.6/templates/_helpers.tpl
new file mode 100644
index 0000000000..f637aa2397
--- /dev/null
+++ b/charts/harvester-cloud-provider/103.0.3+up0.2.6/templates/_helpers.tpl
@@ -0,0 +1,69 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "harvester-cloud-provider.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "harvester-cloud-provider.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "harvester-cloud-provider.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "harvester-cloud-provider.labels" -}}
+helm.sh/chart: {{ include "harvester-cloud-provider.chart" . }}
+{{ include "harvester-cloud-provider.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "harvester-cloud-provider.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "harvester-cloud-provider.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "harvester-cloud-provider.serviceAccountName" -}}
+{{- default (include "harvester-cloud-provider.fullname" .) .Values.serviceAccount.name }}
+{{- end }}
+
+{{/*
+Global system default registry
+*/}}
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/harvester-cloud-provider/103.0.3+up0.2.6/templates/deployment.yaml b/charts/harvester-cloud-provider/103.0.3+up0.2.6/templates/deployment.yaml
new file mode 100644
index 0000000000..2145c4c575
--- /dev/null
+++ b/charts/harvester-cloud-provider/103.0.3+up0.2.6/templates/deployment.yaml
@@ -0,0 +1,57 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  namespace: {{ .Release.Namespace }}
+  labels:
+  {{- include "harvester-cloud-provider.labels" . | nindent 4 }}
+  name: {{ include "harvester-cloud-provider.name" . }}
+spec:
+  replicas: {{ .Values.replicasCount}}
+  selector:
+    matchLabels:
+  {{- include "harvester-cloud-provider.selectorLabels" . | nindent 6 }}
+  strategy:
+    rollingUpdate:
+      maxUnavailable: 1
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+    {{- include "harvester-cloud-provider.selectorLabels" . | nindent 8 }}
+    spec:
+      serviceAccountName: {{ include "harvester-cloud-provider.name" . }}
+      hostNetwork: true
+      containers:
+        - name: {{ include "harvester-cloud-provider.name" . }}
+          image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          args:
+            - --cloud-config=/etc/kubernetes/cloud-config
+            {{- if ne .Values.global.cattle.clusterName "" }}
+            - --cluster-name={{ .Values.global.cattle.clusterName }}
+          {{- end }}
+          command:
+            - harvester-cloud-provider
+          resources:
+          {{- toYaml .Values.resources | nindent 12 }}
+          volumeMounts:
+            - mountPath: /etc/kubernetes/cloud-config
+              name: cloud-config
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
+      volumes:
+        - name: cloud-config
+          hostPath:
+            path: {{ required "A valid cloudConfigPath is required!" .Values.cloudConfigPath }}
+            type: File
diff --git a/charts/harvester-cloud-provider/103.0.3+up0.2.6/templates/rbac.yaml b/charts/harvester-cloud-provider/103.0.3+up0.2.6/templates/rbac.yaml
new file mode 100644
index 0000000000..f695cfdc2c
--- /dev/null
+++ b/charts/harvester-cloud-provider/103.0.3+up0.2.6/templates/rbac.yaml
@@ -0,0 +1,37 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "harvester-cloud-provider.name" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+  {{- include "harvester-cloud-provider.labels" . | nindent 4 }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ include "harvester-cloud-provider.name" . }}
+rules:
+  - apiGroups: [ "" ]
+    resources: [ "services", "nodes", "events" ]
+    verbs: [ "get", "watch", "list", "update", "create", "patch" ]
+  - apiGroups: [ "" ]
+    resources: [ "nodes/status", "services/status" ]
+    verbs: [ "update", "patch" ]
+  - apiGroups: [ "coordination.k8s.io" ]
+    resources: [ "leases" ]
+    verbs: [ "get", "update", "create" ]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ include "harvester-cloud-provider.name" . }}
+  labels:
+  {{- include "harvester-cloud-provider.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ include "harvester-cloud-provider.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ include "harvester-cloud-provider.name" . }}
+    namespace: {{ .Release.Namespace }}
diff --git a/charts/harvester-cloud-provider/103.0.3+up0.2.6/values.yaml b/charts/harvester-cloud-provider/103.0.3+up0.2.6/values.yaml
new file mode 100644
index 0000000000..4b892e60a0
--- /dev/null
+++ b/charts/harvester-cloud-provider/103.0.3+up0.2.6/values.yaml
@@ -0,0 +1,106 @@
+# Default values for harvester-cloud-provider.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicasCount: 1
+
+image:
+  repository: rancher/harvester-cloud-provider
+  pullPolicy: IfNotPresent
+  # Overrides the image tag whose default is the chart appVersion.
+  tag: v0.2.2
+
+cloudConfigPath: "/etc/kubernetes/cloud-config"
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+  # Annotations to add to the service account
+  annotations: {}
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name: ""
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+nodeSelector:
+  kubernetes.io/os: linux
+
+tolerations:
+- effect: NoSchedule
+  key: node.cloudprovider.kubernetes.io/uninitialized
+  operator: Equal
+  value: "true"
+- effect: NoSchedule
+  key: node-role.kubernetes.io/control-plane
+  operator: Equal
+- effect: NoExecute
+  key: node-role.kubernetes.io/etcd
+  operator: Equal
+- key: cattle.io/os
+  operator: Equal
+  value: "linux"
+  effect: NoSchedule
+
+affinity:
+  podAntiAffinity:
+    requiredDuringSchedulingIgnoredDuringExecution:
+      - labelSelector:
+          matchExpressions:
+            - key: app.kubernetes.io/name
+              operator: In
+              values:
+                - harvester-cloud-provider
+        topologyKey: kubernetes.io/hostname
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+    clusterName: ""
+
+kube-vip:
+  enabled: true
+  tolerations:
+  - effect: NoSchedule
+    key: node-role.kubernetes.io/control-plane
+    operator: Exists
+  - effect: NoExecute
+    key: node-role.kubernetes.io/etcd
+    operator: Exists
+  image:
+    repository: rancher/mirrored-kube-vip-kube-vip-iptables
+    tag: v0.6.0
+  env:
+    vip_interface: ""
+    vip_arp: "true"
+    lb_enable: "true"
+    lb_port: "6443"
+    vip_cidr: "32"
+    cp_enable: "false"
+    svc_enable: "true"
+    vip_leaderelection: "false"
+    enable_service_security: "true"
+  affinity:
+    nodeAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+        nodeSelectorTerms:
+        # For RKE1
+        - matchExpressions:
+          - key: node-role.kubernetes.io/controlplane
+            operator: Exists
+        # For RKE2
+        - matchExpressions:
+          - key: node-role.kubernetes.io/control-plane
+            operator: Exists
diff --git a/charts/rancher-aks-operator-crd/103.5.0+up1.2.5/Chart.yaml b/charts/rancher-aks-operator-crd/103.5.0+up1.2.5/Chart.yaml
new file mode 100644
index 0000000000..8ebf310e53
--- /dev/null
+++ b/charts/rancher-aks-operator-crd/103.5.0+up1.2.5/Chart.yaml
@@ -0,0 +1,12 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: cattle-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/release-name: rancher-aks-operator-crd
+apiVersion: v2
+appVersion: 1.2.5
+description: AKS Operator CustomResourceDefinitions
+name: rancher-aks-operator-crd
+version: 103.5.0+up1.2.5
diff --git a/charts/rancher-aks-operator-crd/103.5.0+up1.2.5/templates/crds.yaml b/charts/rancher-aks-operator-crd/103.5.0+up1.2.5/templates/crds.yaml
new file mode 100644
index 0000000000..c4fcdfac05
--- /dev/null
+++ b/charts/rancher-aks-operator-crd/103.5.0+up1.2.5/templates/crds.yaml
@@ -0,0 +1,211 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    helm.sh/resource-policy: keep
+  name: aksclusterconfigs.aks.cattle.io
+spec:
+  group: aks.cattle.io
+  names:
+    kind: AKSClusterConfig
+    plural: aksclusterconfigs
+    shortNames:
+    - akscc
+    singular: aksclusterconfig
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+  - name: v1
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              authBaseUrl:
+                nullable: true
+                type: string
+              authorizedIpRanges:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+              azureCredentialSecret:
+                nullable: true
+                type: string
+              baseUrl:
+                nullable: true
+                type: string
+              clusterName:
+                nullable: true
+                type: string
+              dnsPrefix:
+                nullable: true
+                type: string
+              dnsServiceIp:
+                nullable: true
+                type: string
+              dockerBridgeCidr:
+                nullable: true
+                type: string
+              httpApplicationRouting:
+                nullable: true
+                type: boolean
+              imported:
+                type: boolean
+              kubernetesVersion:
+                nullable: true
+                type: string
+              linuxAdminUsername:
+                nullable: true
+                type: string
+              loadBalancerSku:
+                nullable: true
+                type: string
+              logAnalyticsWorkspaceGroup:
+                nullable: true
+                type: string
+              logAnalyticsWorkspaceName:
+                nullable: true
+                type: string
+              managedIdentity:
+                nullable: true
+                type: boolean
+              monitoring:
+                nullable: true
+                type: boolean
+              networkPlugin:
+                nullable: true
+                type: string
+              networkPolicy:
+                nullable: true
+                type: string
+              nodePools:
+                items:
+                  properties:
+                    availabilityZones:
+                      items:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: array
+                    count:
+                      nullable: true
+                      type: integer
+                    enableAutoScaling:
+                      nullable: true
+                      type: boolean
+                    maxCount:
+                      nullable: true
+                      type: integer
+                    maxPods:
+                      nullable: true
+                      type: integer
+                    maxSurge:
+                      nullable: true
+                      type: string
+                    minCount:
+                      nullable: true
+                      type: integer
+                    mode:
+                      nullable: true
+                      type: string
+                    name:
+                      nullable: true
+                      type: string
+                    nodeLabels:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: object
+                    nodeTaints:
+                      items:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: array
+                    orchestratorVersion:
+                      nullable: true
+                      type: string
+                    osDiskSizeGB:
+                      nullable: true
+                      type: integer
+                    osDiskType:
+                      nullable: true
+                      type: string
+                    osType:
+                      nullable: true
+                      type: string
+                    vmSize:
+                      nullable: true
+                      type: string
+                    vnetSubnetID:
+                      nullable: true
+                      type: string
+                  type: object
+                nullable: true
+                type: array
+              nodeResourceGroup:
+                nullable: true
+                type: string
+              outboundType:
+                nullable: true
+                type: string
+              podCidr:
+                nullable: true
+                type: string
+              privateCluster:
+                nullable: true
+                type: boolean
+              privateDnsZone:
+                nullable: true
+                type: string
+              resourceGroup:
+                nullable: true
+                type: string
+              resourceLocation:
+                nullable: true
+                type: string
+              serviceCidr:
+                nullable: true
+                type: string
+              sshPublicKey:
+                nullable: true
+                type: string
+              subnet:
+                nullable: true
+                type: string
+              tags:
+                additionalProperties:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: object
+              userAssignedIdentity:
+                nullable: true
+                type: string
+              virtualNetwork:
+                nullable: true
+                type: string
+              virtualNetworkResourceGroup:
+                nullable: true
+                type: string
+            type: object
+          status:
+            properties:
+              failureMessage:
+                nullable: true
+                type: string
+              phase:
+                nullable: true
+                type: string
+              rbacEnabled:
+                nullable: true
+                type: boolean
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/rancher-aks-operator/103.5.0+up1.2.5/Chart.yaml b/charts/rancher-aks-operator/103.5.0+up1.2.5/Chart.yaml
new file mode 100644
index 0000000000..84efd03afe
--- /dev/null
+++ b/charts/rancher-aks-operator/103.5.0+up1.2.5/Chart.yaml
@@ -0,0 +1,20 @@
+annotations:
+  catalog.cattle.io/auto-install: rancher-aks-operator-crd=match
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+  catalog.cattle.io/namespace: cattle-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/provides-gvr: aksclusterconfigs.aks.cattle.io/v1
+  catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+  catalog.cattle.io/release-name: rancher-aks-operator
+  catalog.cattle.io/scope: management
+apiVersion: v2
+appVersion: 1.2.5
+description: A Helm chart for provisioning AKS clusters
+home: https://github.com/rancher/aks-operator
+name: rancher-aks-operator
+sources:
+- https://github.com/rancher/aks-operator
+version: 103.5.0+up1.2.5
diff --git a/charts/rancher-aks-operator/103.5.0+up1.2.5/templates/NOTES.txt b/charts/rancher-aks-operator/103.5.0+up1.2.5/templates/NOTES.txt
new file mode 100644
index 0000000000..5ba05b482c
--- /dev/null
+++ b/charts/rancher-aks-operator/103.5.0+up1.2.5/templates/NOTES.txt
@@ -0,0 +1,4 @@
+You have deployed the Rancher AKS operator
+Version: {{ .Chart.AppVersion }}
+Description: This operator provisions AKS clusters
+from AKSClusterConfig CRs.
diff --git a/charts/rancher-aks-operator/103.5.0+up1.2.5/templates/_helpers.tpl b/charts/rancher-aks-operator/103.5.0+up1.2.5/templates/_helpers.tpl
new file mode 100644
index 0000000000..de3b332f6a
--- /dev/null
+++ b/charts/rancher-aks-operator/103.5.0+up1.2.5/templates/_helpers.tpl
@@ -0,0 +1,25 @@
+{{/* vim: set filetype=mustache: */}}
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
+
diff --git a/charts/rancher-aks-operator/103.5.0+up1.2.5/templates/clusterrole.yaml b/charts/rancher-aks-operator/103.5.0+up1.2.5/templates/clusterrole.yaml
new file mode 100644
index 0000000000..5e2ce97567
--- /dev/null
+++ b/charts/rancher-aks-operator/103.5.0+up1.2.5/templates/clusterrole.yaml
@@ -0,0 +1,15 @@
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: aks-operator
+  namespace: cattle-system
+rules:
+  - apiGroups: ['']
+    resources: ['secrets']
+    verbs: ['get', 'list', 'create', 'watch', 'update']
+  - apiGroups: ['aks.cattle.io']
+    resources: ['aksclusterconfigs']
+    verbs: ['get', 'list', 'update', 'watch']
+  - apiGroups: ['aks.cattle.io']
+    resources: ['aksclusterconfigs/status']
+    verbs: ['update']
diff --git a/charts/rancher-aks-operator/103.5.0+up1.2.5/templates/clusterrolebinding.yaml b/charts/rancher-aks-operator/103.5.0+up1.2.5/templates/clusterrolebinding.yaml
new file mode 100644
index 0000000000..7aa7e785a4
--- /dev/null
+++ b/charts/rancher-aks-operator/103.5.0+up1.2.5/templates/clusterrolebinding.yaml
@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name:  aks-operator
+  namespace: cattle-system
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: aks-operator
+subjects:
+- kind: ServiceAccount
+  name: aks-operator
+  namespace: cattle-system
diff --git a/charts/rancher-aks-operator/103.5.0+up1.2.5/templates/deployment.yaml b/charts/rancher-aks-operator/103.5.0+up1.2.5/templates/deployment.yaml
new file mode 100644
index 0000000000..3a443f354f
--- /dev/null
+++ b/charts/rancher-aks-operator/103.5.0+up1.2.5/templates/deployment.yaml
@@ -0,0 +1,61 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: aks-config-operator
+  namespace: cattle-system
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      ke.cattle.io/operator: aks
+  template:
+    metadata:
+      labels:
+        ke.cattle.io/operator: aks
+    spec:
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: aks-operator
+      {{- if .Values.priorityClassName }}
+      priorityClassName: "{{.Values.priorityClassName}}"
+      {{- end }}
+      securityContext:
+        fsGroup: 1007
+        runAsUser: 1007
+      containers:
+      - name: aks-operator
+        image: '{{ template "system_default_registry" $ }}{{ $.Values.aksOperator.image.repository }}:{{ $.Values.aksOperator.image.tag }}'
+        imagePullPolicy: IfNotPresent
+        env:
+        - name: HTTP_PROXY
+          value: {{ .Values.httpProxy }}
+        - name: HTTPS_PROXY
+          value: {{ .Values.httpsProxy }}
+        - name: NO_PROXY
+          value: {{ .Values.noProxy }}
+{{- if .Values.additionalTrustedCAs }}
+        # aks-operator mounts the additional CAs in two places:
+        volumeMounts:
+            # This directory is owned by the aks-operator user so c_rehash works here.
+          - mountPath: /etc/rancher/ssl/ca-additional.pem
+            name: tls-ca-additional-volume
+            subPath: ca-additional.pem
+            readOnly: true
+            # This directory is root-owned so c_rehash doesn't work here,
+            # but the cert is here in case update-ca-certificates is called in the future or by the OS.
+          - mountPath: /etc/pki/trust/anchors/ca-additional.pem
+            name: tls-ca-additional-volume
+            subPath: ca-additional.pem
+            readOnly: true
+      volumes:
+        - name: tls-ca-additional-volume
+          secret:
+            defaultMode: 0400
+            secretName: tls-ca-additional
+  {{- end }}
diff --git a/charts/rancher-aks-operator/103.5.0+up1.2.5/templates/serviceaccount.yaml b/charts/rancher-aks-operator/103.5.0+up1.2.5/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..9c40a152f5
--- /dev/null
+++ b/charts/rancher-aks-operator/103.5.0+up1.2.5/templates/serviceaccount.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  namespace: cattle-system
+  name: aks-operator
diff --git a/charts/rancher-aks-operator/103.5.0+up1.2.5/values.yaml b/charts/rancher-aks-operator/103.5.0+up1.2.5/values.yaml
new file mode 100644
index 0000000000..187a731ee2
--- /dev/null
+++ b/charts/rancher-aks-operator/103.5.0+up1.2.5/values.yaml
@@ -0,0 +1,23 @@
+global:
+  cattle:
+    systemDefaultRegistry: ""
+
+aksOperator:
+  image:
+    repository: rancher/aks-operator
+    tag: v1.2.5
+
+httpProxy: ""
+httpsProxy: ""
+noProxy: ""
+additionalTrustedCAs: false
+
+## Node labels for pod assignment
+## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+## List of node taints to tolerate (requires Kubernetes >= 1.6)
+tolerations: []
+
+## PriorityClassName assigned to deployment.
+priorityClassName: ""
diff --git a/charts/rancher-cis-benchmark-crd/5.4.0/Chart.yaml b/charts/rancher-cis-benchmark-crd/5.4.0/Chart.yaml
new file mode 100644
index 0000000000..a1cab135cd
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/5.4.0/Chart.yaml
@@ -0,0 +1,10 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: cis-operator-system
+  catalog.cattle.io/release-name: rancher-cis-benchmark-crd
+apiVersion: v1
+description: Installs the CRDs for rancher-cis-benchmark.
+name: rancher-cis-benchmark-crd
+type: application
+version: 5.4.0
diff --git a/charts/rancher-cis-benchmark-crd/5.4.0/README.md b/charts/rancher-cis-benchmark-crd/5.4.0/README.md
new file mode 100644
index 0000000000..f6d9ef621f
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/5.4.0/README.md
@@ -0,0 +1,2 @@
+# rancher-cis-benchmark-crd
+A Rancher chart that installs the CRDs used by rancher-cis-benchmark.
diff --git a/charts/rancher-cis-benchmark-crd/5.4.0/templates/clusterscan.yaml b/charts/rancher-cis-benchmark-crd/5.4.0/templates/clusterscan.yaml
new file mode 100644
index 0000000000..3cbb0ffcd3
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/5.4.0/templates/clusterscan.yaml
@@ -0,0 +1,148 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscans.cis.cattle.io
+spec:
+  group: cis.cattle.io
+  names:
+    kind: ClusterScan
+    plural: clusterscans
+  scope: Cluster
+  versions:
+  - name: v1
+    served: true
+    storage: true
+    additionalPrinterColumns:
+    - jsonPath: .status.lastRunScanProfileName
+      name: ClusterScanProfile
+      type: string
+    - jsonPath: .status.summary.total
+      name: Total
+      type: string
+    - jsonPath: .status.summary.pass
+      name: Pass
+      type: string
+    - jsonPath: .status.summary.fail
+      name: Fail
+      type: string
+    - jsonPath: .status.summary.skip
+      name: Skip
+      type: string
+    - jsonPath: .status.summary.warn
+      name: Warn
+      type: string
+    - jsonPath: .status.summary.notApplicable
+      name: Not Applicable
+      type: string
+    - jsonPath: .status.lastRunTimestamp
+      name: LastRunTimestamp
+      type: string
+    - jsonPath: .spec.scheduledScanConfig.cronSchedule
+      name: CronSchedule
+      type: string
+    subresources:
+      status: {}
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              scanProfileName:
+                nullable: true
+                type: string
+              scheduledScanConfig:
+                nullable: true
+                properties:
+                  cronSchedule:
+                    nullable: true
+                    type: string
+                  retentionCount:
+                    type: integer
+                  scanAlertRule:
+                    nullable: true
+                    properties:
+                      alertOnComplete:
+                        type: boolean
+                      alertOnFailure:
+                        type: boolean
+                    type: object
+                type: object
+              scoreWarning:
+                enum:
+                - pass
+                - fail
+                nullable: true
+                type: string
+            type: object
+          status:
+            properties:
+              NextScanAt:
+                nullable: true
+                type: string
+              ScanAlertingRuleName:
+                nullable: true
+                type: string
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      nullable: true
+                      type: string
+                    lastUpdateTime:
+                      nullable: true
+                      type: string
+                    message:
+                      nullable: true
+                      type: string
+                    reason:
+                      nullable: true
+                      type: string
+                    status:
+                      nullable: true
+                      type: string
+                    type:
+                      nullable: true
+                      type: string
+                  type: object
+                nullable: true
+                type: array
+              display:
+                nullable: true
+                properties:
+                  error:
+                    type: boolean
+                  message:
+                    nullable: true
+                    type: string
+                  state:
+                    nullable: true
+                    type: string
+                  transitioning:
+                    type: boolean
+                type: object
+              lastRunScanProfileName:
+                nullable: true
+                type: string
+              lastRunTimestamp:
+                nullable: true
+                type: string
+              observedGeneration:
+                type: integer
+              summary:
+                nullable: true
+                properties:
+                  fail:
+                    type: integer
+                  notApplicable:
+                    type: integer
+                  pass:
+                    type: integer
+                  skip:
+                    type: integer
+                  total:
+                    type: integer
+                  warn:
+                    type: integer
+                type: object
+            type: object
+        type: object
diff --git a/charts/rancher-cis-benchmark-crd/5.4.0/templates/clusterscanbenchmark.yaml b/charts/rancher-cis-benchmark-crd/5.4.0/templates/clusterscanbenchmark.yaml
new file mode 100644
index 0000000000..fd291f8c33
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/5.4.0/templates/clusterscanbenchmark.yaml
@@ -0,0 +1,54 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscanbenchmarks.cis.cattle.io
+spec:
+  group: cis.cattle.io
+  names:
+    kind: ClusterScanBenchmark
+    plural: clusterscanbenchmarks
+  scope: Cluster
+  versions:
+  - name: v1
+    served: true
+    storage: true
+    additionalPrinterColumns:
+    - jsonPath: .spec.clusterProvider
+      name: ClusterProvider
+      type: string
+    - jsonPath: .spec.minKubernetesVersion
+      name: MinKubernetesVersion
+      type: string
+    - jsonPath: .spec.maxKubernetesVersion
+      name: MaxKubernetesVersion
+      type: string
+    - jsonPath: .spec.customBenchmarkConfigMapName
+      name: customBenchmarkConfigMapName
+      type: string
+    - jsonPath: .spec.customBenchmarkConfigMapNamespace
+      name: customBenchmarkConfigMapNamespace
+      type: string
+    subresources:
+      status: {}
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              clusterProvider:
+                nullable: true
+                type: string
+              customBenchmarkConfigMapName:
+                nullable: true
+                type: string
+              customBenchmarkConfigMapNamespace:
+                nullable: true
+                type: string
+              maxKubernetesVersion:
+                nullable: true
+                type: string
+              minKubernetesVersion:
+                nullable: true
+                type: string
+            type: object
+        type: object
diff --git a/charts/rancher-cis-benchmark-crd/5.4.0/templates/clusterscanprofile.yaml b/charts/rancher-cis-benchmark-crd/5.4.0/templates/clusterscanprofile.yaml
new file mode 100644
index 0000000000..1e75501b7c
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/5.4.0/templates/clusterscanprofile.yaml
@@ -0,0 +1,36 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscanprofiles.cis.cattle.io
+spec:
+  group: cis.cattle.io
+  names:
+    kind: ClusterScanProfile
+    plural: clusterscanprofiles
+  scope: Cluster
+  versions:
+  - name: v1
+    served: true
+    storage: true
+    subresources:
+      status: {}
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              benchmarkVersion:
+                nullable: true
+                type: string
+              skipTests:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+            type: object
+        type: object
+    additionalPrinterColumns:
+    - jsonPath: .spec.benchmarkVersion
+      name: BenchmarkVersion
+      type: string
diff --git a/charts/rancher-cis-benchmark-crd/5.4.0/templates/clusterscanreport.yaml b/charts/rancher-cis-benchmark-crd/5.4.0/templates/clusterscanreport.yaml
new file mode 100644
index 0000000000..6e8c0b7de5
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/5.4.0/templates/clusterscanreport.yaml
@@ -0,0 +1,39 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscanreports.cis.cattle.io
+spec:
+  group: cis.cattle.io
+  names:
+    kind: ClusterScanReport
+    plural: clusterscanreports
+  scope: Cluster
+  versions:
+  - name: v1
+    served: true
+    storage: true
+    additionalPrinterColumns:
+    - jsonPath: .spec.lastRunTimestamp
+      name: LastRunTimestamp
+      type: string
+    - jsonPath: .spec.benchmarkVersion
+      name: BenchmarkVersion
+      type: string
+    subresources:
+      status: {}
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              benchmarkVersion:
+                nullable: true
+                type: string
+              lastRunTimestamp:
+                nullable: true
+                type: string
+              reportJSON:
+                nullable: true
+                type: string
+            type: object
+        type: object
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/Chart.yaml b/charts/rancher-cis-benchmark/5.4.0/Chart.yaml
new file mode 100644
index 0000000000..37f4f494a6
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/Chart.yaml
@@ -0,0 +1,22 @@
+annotations:
+  catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/display-name: CIS Benchmark
+  catalog.cattle.io/kube-version: '>= 1.25.0-0 < 1.29.0-0'
+  catalog.cattle.io/namespace: cis-operator-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/provides-gvr: cis.cattle.io.clusterscans/v1
+  catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+  catalog.cattle.io/release-name: rancher-cis-benchmark
+  catalog.cattle.io/type: cluster-tool
+  catalog.cattle.io/ui-component: rancher-cis-benchmark
+apiVersion: v1
+appVersion: v5.4.0
+description: The cis-operator enables running CIS benchmark security scans on a kubernetes
+  cluster
+icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
+keywords:
+- security
+name: rancher-cis-benchmark
+version: 5.4.0
diff --git a/charts/rancher-cis-benchmark/5.4.0/README.md b/charts/rancher-cis-benchmark/5.4.0/README.md
new file mode 100644
index 0000000000..50beab58ba
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/README.md
@@ -0,0 +1,9 @@
+# Rancher CIS Benchmark Chart
+
+The cis-operator enables running CIS benchmark security scans on a kubernetes cluster and generate compliance reports that can be downloaded.
+
+# Installation
+
+```
+helm install rancher-cis-benchmark ./ --create-namespace -n cis-operator-system
+```
diff --git a/charts/rancher-cis-benchmark/5.4.0/app-readme.md b/charts/rancher-cis-benchmark/5.4.0/app-readme.md
new file mode 100644
index 0000000000..d240859273
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/app-readme.md
@@ -0,0 +1,55 @@
+# Rancher CIS Benchmarks
+
+This chart enables security scanning of the cluster using [CIS (Center for Internet Security) benchmarks](https://www.cisecurity.org/benchmark/kubernetes/).
+
+For more information on how to use the feature, refer to our [docs](https://ranchermanager.docs.rancher.com/how-to-guides/advanced-user-guides/cis-scan-guides).
+
+This chart installs the following components:
+
+- [cis-operator](https://github.com/rancher/cis-operator) - The cis-operator handles launching the [kube-bench](https://github.com/aquasecurity/kube-bench) tool that runs a suite of CIS tests on the nodes of your Kubernetes cluster. After scans finish, the cis-operator generates a compliance report that can be downloaded.
+- Scans - A scan is a CRD (`ClusterScan`) that defines when to trigger CIS scans on the cluster based on the defined profile. A report is created after the scan is completed.
+- Profiles - A profile is a CRD (`ClusterScanProfile`) that defines the configuration for the CIS scan, which is the benchmark versions to use and any specific tests to skip in that benchmark. This chart installs a few default `ClusterScanProfile` custom resources with no skipped tests, which can immediately be used to launch CIS scans.
+- Benchmark Versions - A benchmark version is a CRD (`ClusterScanBenchmark`) that defines the CIS benchmark version to run using kube-bench as well as the valid configuration parameters for that benchmark. This chart installs a few default `ClusterScanBenchmark` custom resources.
+- Alerting Resources - Rancher's CIS Benchmark application lets you run a cluster scan on a schedule, and send alerts when scans finish.
+    - If you want to enable alerts to be delivered when a cluster scan completes, you need to ensure that [Rancher's Monitoring and Alerting](https://rancher.com/docs/rancher/v2.x/en/monitoring-alerting/v2.5/) application is pre-installed and the [Receivers and Routes](https://rancher.com/docs/rancher/v2.x/en/monitoring-alerting/v2.5/configuration/#alertmanager-config) are configured to send out alerts.
+    - Additionally, you need to set `alerts: true` in the Values YAML while installing or upgrading this chart.
+
+## CIS Kubernetes Benchmark support
+
+| Source | Kubernetes distribution | scan profile                                                                                                       | Kubernetes versions |
+|--------|-------------------------|--------------------------------------------------------------------------------------------------------------------|---------------------|
+| CIS    | any                     | [cis-1.7](https://github.com/rancher/security-scan/tree/master/package/cfg/cis-1.7)                                | v1.25               |
+| CIS    | any                     | [cis-1.8](https://github.com/rancher/security-scan/tree/master/package/cfg/cis-1.8)                                | v1.26+              |
+| CIS    | rke                     | [rke-cis-1.7-permissive](https://github.com/rancher/security-scan/tree/master/package/cfg/rke-cis-1.7-permissive)  | rke1-v1.25          |
+| CIS    | rke                     | [rke-cis-1.7-hardened](https://github.com/rancher/security-scan/tree/master/package/cfg/rke-cis-1.7-hardened)      | rke1-v1.25          |
+| CIS    | rke                     | [rke-cis-1.8-permissive](https://github.com/rancher/security-scan/tree/master/package/cfg/rke-cis-1.8-permissive)  | rke1-v1.26+         |
+| CIS    | rke                     | [rke-cis-1.8-hardened](https://github.com/rancher/security-scan/tree/master/package/cfg/rke-cis-1.8-hardened)      | rke1-v1.26+         |
+| CIS    | rke2                    | [rke2-cis-1.7-permissive](https://github.com/rancher/security-scan/tree/master/package/cfg/rke2-cis-1.7-permissive)| rke2-v1.25          |
+| CIS    | rke2                    | [rke2-cis-1.7-hardened](https://github.com/rancher/security-scan/tree/master/package/cfg/rke2-cis-1.7-hardened)    | rke2-v1.25          |
+| CIS    | rke2                    | [rke2-cis-1.8-permissive](https://github.com/rancher/security-scan/tree/master/package/cfg/rke2-cis-1.8-permissive)| rke2-v1.26+         |
+| CIS    | rke2                    | [rke2-cis-1.8-hardened](https://github.com/rancher/security-scan/tree/master/package/cfg/rke2-cis-1.8-hardened)    | rke2-v1.26+         |
+| CIS    | k3s                     | [k3s-cis-1.7-permissive](https://github.com/rancher/security-scan/tree/master/package/cfg/k3s-cis-1.7-permissive)  | k3s-v1.25           |
+| CIS    | k3s                     | [k3s-cis-1.7-hardened](https://github.com/rancher/security-scan/tree/master/package/cfg/k3s-cis-1.7-hardened)      | k3s-v1.25           |
+| CIS    | k3s                     | [k3s-cis-1.8-permissive](https://github.com/rancher/security-scan/tree/master/package/cfg/k3s-cis-1.8-permissive)  | k3s-v1.26+          |
+| CIS    | k3s                     | [k3s-cis-1.8-hardened](https://github.com/rancher/security-scan/tree/master/package/cfg/k3s-cis-1.8-hardened)      | k3s-v1.26+          |
+| CIS    | eks                     | eks-1.2.0                                                                                                          | eks                 |
+| CIS    | aks                     | aks-1.0                                                                                                            | aks                 |
+| CIS    | gke                     | gke-1.2.0                                                                                                          | gke                 |
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/_helpers.tpl b/charts/rancher-cis-benchmark/5.4.0/templates/_helpers.tpl
new file mode 100644
index 0000000000..b7bb000422
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/_helpers.tpl
@@ -0,0 +1,27 @@
+{{/* Ensure namespace is set the same everywhere */}}
+{{- define "cis.namespace" -}}
+  {{- .Release.Namespace | default "cis-operator-system" -}}
+{{- end -}}
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/alertingrule.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/alertingrule.yaml
new file mode 100644
index 0000000000..1787c88a07
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/alertingrule.yaml
@@ -0,0 +1,14 @@
+{{- if .Values.alerts.enabled -}}
+---
+apiVersion: monitoring.coreos.com/v1
+kind: PodMonitor
+metadata:
+  name: rancher-cis-pod-monitor
+  namespace: {{ template "cis.namespace" . }}
+spec:
+  selector:
+    matchLabels:
+      cis.cattle.io/operator: cis-operator
+  podMetricsEndpoints:
+  - port: cismetrics
+{{- end }}
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-aks-1.0.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-aks-1.0.yaml
new file mode 100644
index 0000000000..1ac866253f
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-aks-1.0.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: aks-1.0
+spec:
+  clusterProvider: aks
+  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-cis-1.7.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-cis-1.7.yaml
new file mode 100644
index 0000000000..fa8dfd8eb9
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-cis-1.7.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.7
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.25.0"
+  maxKubernetesVersion: "1.25.x"
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-cis-1.8.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-cis-1.8.yaml
new file mode 100644
index 0000000000..f9fa2853e9
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-cis-1.8.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.8
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.26.0"
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-eks-1.2.0.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-eks-1.2.0.yaml
new file mode 100644
index 0000000000..c1bdd9ed5e
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-eks-1.2.0.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: eks-1.2.0
+spec:
+  clusterProvider: eks
+  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-gke-1.2.0.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-gke-1.2.0.yaml
new file mode 100644
index 0000000000..106ff7b0de
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-gke-1.2.0.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: gke-1.2.0
+spec:
+  clusterProvider: gke
+  minKubernetesVersion: "1.15.0"
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-k3s-cis-1.7-hardened.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-k3s-cis-1.7-hardened.yaml
new file mode 100644
index 0000000000..6fb369360c
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-k3s-cis-1.7-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.7-hardened
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.25.0"
+  maxKubernetesVersion: "1.25.x"
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-k3s-cis-1.7-permissive.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-k3s-cis-1.7-permissive.yaml
new file mode 100644
index 0000000000..b556d70fe5
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-k3s-cis-1.7-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.7-permissive
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.25.0"
+  maxKubernetesVersion: "1.25.x"
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-k3s-cis-1.8-hardened.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-k3s-cis-1.8-hardened.yaml
new file mode 100644
index 0000000000..3f6ac5c159
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-k3s-cis-1.8-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.8-hardened
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.26.0"
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-k3s-cis-1.8-permissive.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-k3s-cis-1.8-permissive.yaml
new file mode 100644
index 0000000000..26f1cdba98
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-k3s-cis-1.8-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.8-permissive
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.26.0"
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke-cis-1.7-hardened.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke-cis-1.7-hardened.yaml
new file mode 100644
index 0000000000..39bac7833c
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke-cis-1.7-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.7-hardened
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.25.0"
+  maxKubernetesVersion: "1.25.x"
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke-cis-1.7-permissive.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke-cis-1.7-permissive.yaml
new file mode 100644
index 0000000000..2e2f09ac74
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke-cis-1.7-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.7-permissive
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.25.0"
+  maxKubernetesVersion: "1.25.x"
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke-cis-1.8-hardened.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke-cis-1.8-hardened.yaml
new file mode 100644
index 0000000000..4dbf8b4522
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke-cis-1.8-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.8-hardened
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.26.0"
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke-cis-1.8-permissive.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke-cis-1.8-permissive.yaml
new file mode 100644
index 0000000000..2aa0c85ac4
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke-cis-1.8-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.8-permissive
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.26.0"
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke2-cis-1.7-hardened.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke2-cis-1.7-hardened.yaml
new file mode 100644
index 0000000000..6306e9601a
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke2-cis-1.7-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.7-hardened
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.25.0"
+  maxKubernetesVersion: "1.25.x"
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke2-cis-1.7-permissive.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke2-cis-1.7-permissive.yaml
new file mode 100644
index 0000000000..76236e11af
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke2-cis-1.7-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.7-permissive
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.25.0"
+  maxKubernetesVersion: "1.25.x"
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke2-cis-1.8-hardened.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke2-cis-1.8-hardened.yaml
new file mode 100644
index 0000000000..bf8ee31f7b
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke2-cis-1.8-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.8-hardened
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.26.0"
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke2-cis-1.8-permissive.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke2-cis-1.8-permissive.yaml
new file mode 100644
index 0000000000..bd396f9df5
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/benchmark-rke2-cis-1.8-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.8-permissive
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.26.0"
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/cis-roles.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/cis-roles.yaml
new file mode 100644
index 0000000000..23c93dc659
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/cis-roles.yaml
@@ -0,0 +1,49 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: cis-admin
+rules:
+  - apiGroups:
+      - cis.cattle.io
+    resources:
+      - clusterscanbenchmarks
+      - clusterscanprofiles
+      - clusterscans
+      - clusterscanreports
+    verbs: ["create", "update", "delete", "patch","get", "watch", "list"]
+  - apiGroups:
+      - catalog.cattle.io
+    resources: ["apps"]
+    resourceNames: ["rancher-cis-benchmark"]
+    verbs: ["get", "watch", "list"]
+  - apiGroups:
+      - ""
+    resources:
+      - configmaps
+    verbs:
+      - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: cis-view
+rules:
+  - apiGroups:
+      - cis.cattle.io
+    resources:
+      - clusterscanbenchmarks
+      - clusterscanprofiles
+      - clusterscans
+      - clusterscanreports
+    verbs: ["get", "watch", "list"]
+  - apiGroups:
+      - catalog.cattle.io
+    resources: ["apps"]
+    resourceNames: ["rancher-cis-benchmark"]
+    verbs: ["get", "watch", "list"]
+  - apiGroups:
+      - ""
+    resources:
+      - configmaps
+    verbs: ["get", "watch", "list"]
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/configmap.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/configmap.yaml
new file mode 100644
index 0000000000..32e6d6e550
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/configmap.yaml
@@ -0,0 +1,18 @@
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: default-clusterscanprofiles
+  namespace: {{ template "cis.namespace" . }}
+data:
+  # Default ClusterScanProfiles per cluster provider type
+  rke: |-
+    <1.21.0: rke-profile-permissive-1.20
+    >=1.21.0: rke-profile-permissive-1.8
+  rke2: |-
+    <1.21.0: rke2-cis-1.20-profile-permissive
+    >=1.21.0: rke2-cis-1.8-profile-permissive
+  eks: "eks-profile"
+  gke: "gke-profile"
+  aks: "aks-profile"
+  k3s: "k3s-cis-1.8-profile-permissive"
+  default: "cis-1.8-profile"
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/deployment.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/deployment.yaml
new file mode 100644
index 0000000000..8c9f72f5de
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/deployment.yaml
@@ -0,0 +1,61 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: cis-operator
+  namespace: {{ template "cis.namespace" . }}
+  labels:
+    cis.cattle.io/operator: cis-operator
+spec:
+  selector:
+    matchLabels:
+      cis.cattle.io/operator: cis-operator
+  template:
+    metadata:
+      labels:
+        cis.cattle.io/operator: cis-operator
+    spec:
+      serviceAccountName: cis-operator-serviceaccount
+      containers:
+      - name: cis-operator
+        image: '{{ template "system_default_registry" . }}{{ .Values.image.cisoperator.repository }}:{{ .Values.image.cisoperator.tag }}'
+        imagePullPolicy: IfNotPresent
+        ports:
+        - name: cismetrics
+          containerPort: {{ .Values.alerts.metricsPort }}
+        env:
+        - name: SECURITY_SCAN_IMAGE
+          value: {{ template "system_default_registry" . }}{{ .Values.image.securityScan.repository }}
+        - name: SECURITY_SCAN_IMAGE_TAG
+          value: {{ .Values.image.securityScan.tag }}
+        - name: SONOBUOY_IMAGE
+          value: {{ template "system_default_registry" . }}{{ .Values.image.sonobuoy.repository }}
+        - name: SONOBUOY_IMAGE_TAG
+          value: {{ .Values.image.sonobuoy.tag }}
+        - name: CIS_ALERTS_METRICS_PORT
+          value: '{{ .Values.alerts.metricsPort }}'
+        - name: CIS_ALERTS_SEVERITY
+          value: {{ .Values.alerts.severity }}
+        - name: CIS_ALERTS_ENABLED
+          value: {{ .Values.alerts.enabled | default "false" | quote }}
+        - name: CLUSTER_NAME
+          value: '{{ .Values.global.cattle.clusterName }}'
+        - name: CIS_OPERATOR_DEBUG
+          value: '{{ .Values.image.cisoperator.debug }}'
+        {{- if .Values.securityScanJob.overrideTolerations }}
+        - name: SECURITY_SCAN_JOB_TOLERATIONS
+          value: '{{ .Values.securityScanJob.tolerations | toJson  }}'
+        {{- end }}
+        resources:
+          {{- toYaml .Values.resources | nindent 12 }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+{{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/network_policy_allow_all.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/network_policy_allow_all.yaml
new file mode 100644
index 0000000000..6ed5d645ea
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/network_policy_allow_all.yaml
@@ -0,0 +1,15 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: default-allow-all
+  namespace: {{ template "cis.namespace" . }}
+spec:
+  podSelector: {}
+  ingress:
+  - {}
+  egress:
+  - {}
+  policyTypes:
+  - Ingress
+  - Egress
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/patch_default_serviceaccount.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/patch_default_serviceaccount.yaml
new file mode 100644
index 0000000000..e78a6bd08a
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/patch_default_serviceaccount.yaml
@@ -0,0 +1,29 @@
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: patch-sa
+  annotations:
+    "helm.sh/hook": post-install, post-upgrade
+    "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation
+spec:
+  template:
+    spec:
+      serviceAccountName: cis-operator-serviceaccount
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+{{- end }}
+      restartPolicy: Never
+      containers:
+      - name: sa
+        image: "{{ template "system_default_registry" . }}{{ .Values.global.kubectl.repository }}:{{ .Values.global.kubectl.tag }}"
+        imagePullPolicy: {{ .Values.global.imagePullPolicy }}
+        command: ["kubectl", "patch", "serviceaccount", "default", "-p", "{\"automountServiceAccountToken\": false}"]
+        args: ["-n", {{ template "cis.namespace" . }}]
+
+  backoffLimit: 1
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/psp.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/psp.yaml
new file mode 100644
index 0000000000..9b8a5995ee
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/psp.yaml
@@ -0,0 +1,59 @@
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: cis-psp
+spec:
+  allowPrivilegeEscalation: true
+  allowedCapabilities:
+  - '*'
+  fsGroup:
+    rule: RunAsAny
+  hostIPC: true
+  hostNetwork: true
+  hostPID: true
+  hostPorts:
+  - max: 65535
+    min: 0
+  privileged: true
+  runAsUser:
+    rule: RunAsAny
+  seLinux:
+    rule: RunAsAny
+  supplementalGroups:
+    rule: RunAsAny
+  volumes:
+  - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: cis-psp-role
+  namespace: {{ template "cis.namespace" . }}
+rules:
+- apiGroups:
+  - policy
+  resourceNames:
+  - cis-psp
+  resources:
+  - podsecuritypolicies
+  verbs:
+  - use
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: cis-psp-rolebinding
+  namespace: {{ template "cis.namespace" . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: cis-psp-role
+subjects:
+- kind: ServiceAccount
+  name: cis-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
+- kind: ServiceAccount
+  name: cis-operator-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/rbac.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/rbac.yaml
new file mode 100644
index 0000000000..33fb93f04c
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/rbac.yaml
@@ -0,0 +1,219 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-operator-clusterrole
+rules:
+- apiGroups:
+  - "cis.cattle.io"
+  resources:
+  - "*"
+  verbs:
+  - "*"
+- apiGroups:
+  - ""
+  resources:
+  - "pods"
+  - "services"
+  - "configmaps"
+  - "nodes"
+  - "serviceaccounts"
+  verbs:
+  - "get"
+  - "list"
+  - "create"
+  - "update"
+  - "watch"
+  - "patch"
+- apiGroups:
+  - "rbac.authorization.k8s.io"
+  resources:
+  - "rolebindings"
+  - "clusterrolebindings"
+  - "clusterroles"
+  verbs:
+  - "get"
+  - "list"
+- apiGroups:
+  - "batch"
+  resources:
+  - "jobs"
+  verbs:
+  - "list"
+  - "create"
+  - "patch"
+  - "update"
+  - "watch"
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-scan-ns
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups:
+  - "*"
+  resources:
+  - "podsecuritypolicies"
+  verbs: 
+  - "get"
+  - "list"
+  - "watch"
+{{- end }}
+- apiGroups:
+  - ""
+  resources:
+  - "namespaces"
+  - "nodes"
+  - "pods"
+  - "serviceaccounts"
+  - "services"
+  - "replicationcontrollers"
+  verbs:
+  - "get"
+  - "list"
+  - "watch"
+- apiGroups: 
+  - "rbac.authorization.k8s.io"
+  resources:
+  - "rolebindings"
+  - "clusterrolebindings"
+  - "clusterroles"
+  verbs:
+  - "get"
+  - "list"
+- apiGroups:
+   - "batch"
+  resources:
+   - "jobs"
+   - "cronjobs"
+  verbs:
+   - "list"
+- apiGroups:
+    - "apps"
+  resources:
+    - "daemonsets"
+    - "deployments"
+    - "replicasets"
+    - "statefulsets"
+  verbs:
+    - "list"
+- apiGroups:
+    - "autoscaling"
+  resources:
+    - "horizontalpodautoscalers"
+  verbs:
+    - "list"
+- apiGroups:
+    - "networking.k8s.io"
+  resources:
+    - "networkpolicies"
+  verbs:
+    - "get"
+    - "list"
+    - "watch"
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: cis-operator-role
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  namespace: {{ template "cis.namespace" . }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - "services"
+  verbs:
+  - "watch"
+  - "list"
+  - "get"
+  - "patch"
+- apiGroups:
+  - "batch"
+  resources:
+  - "jobs"
+  verbs:
+  - "watch"
+  - "list"
+  - "get"
+  - "delete"
+- apiGroups:
+  - ""
+  resources:
+  - "configmaps"
+  - "pods"
+  - "secrets"
+  verbs:
+  - "*"
+- apiGroups:
+  - "apps"
+  resources:
+  - "daemonsets"
+  verbs:
+  - "*"
+- apiGroups:
+  - monitoring.coreos.com
+  resources:
+  - prometheusrules
+  verbs:
+  - create
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-operator-clusterrolebinding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cis-operator-clusterrole
+subjects:
+- kind: ServiceAccount
+  name: cis-operator-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: cis-scan-ns
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cis-scan-ns
+subjects:
+- kind: ServiceAccount
+  name: cis-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-operator-rolebinding
+  namespace: {{ template "cis.namespace" . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: cis-operator-role
+subjects:
+- kind: ServiceAccount
+  name: cis-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
+- kind: ServiceAccount
+  name: cis-operator-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-cis-1.7.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-cis-1.7.yaml
new file mode 100644
index 0000000000..edac79e2a3
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-cis-1.7.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: cis-1.7-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: cis-1.7
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-cis-1.8.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-cis-1.8.yaml
new file mode 100644
index 0000000000..bf68d6ec17
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-cis-1.8.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: cis-1.8-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: cis-1.8
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-k3s-cis-1.7-hardened.yml b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-k3s-cis-1.7-hardened.yml
new file mode 100644
index 0000000000..51fd6baf00
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-k3s-cis-1.7-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.7-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.7-hardened
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-k3s-cis-1.7-permissive.yml b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-k3s-cis-1.7-permissive.yml
new file mode 100644
index 0000000000..0c1baf774a
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-k3s-cis-1.7-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.7-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.7-permissive
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-k3s-cis-1.8-hardened.yml b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-k3s-cis-1.8-hardened.yml
new file mode 100644
index 0000000000..8a78b2a964
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-k3s-cis-1.8-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.8-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.8-hardened
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-k3s-cis-1.8-permissive.yml b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-k3s-cis-1.8-permissive.yml
new file mode 100644
index 0000000000..3bbf94335c
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-k3s-cis-1.8-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.8-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.8-permissive
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke-1.7-hardened.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke-1.7-hardened.yaml
new file mode 100644
index 0000000000..e488eaedf0
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke-1.7-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-hardened-1.7
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.7-hardened
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke-1.7-permissive.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke-1.7-permissive.yaml
new file mode 100644
index 0000000000..8e6df750d6
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke-1.7-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-permissive-1.7
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.7-permissive
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke-1.8-hardened.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke-1.8-hardened.yaml
new file mode 100644
index 0000000000..24a1250c06
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke-1.8-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-hardened-1.8
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.8-hardened
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke-1.8-permissive.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke-1.8-permissive.yaml
new file mode 100644
index 0000000000..4472913c64
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke-1.8-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-permissive-1.8
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.8-permissive
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke2-cis-1.7-hardened.yml b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke2-cis-1.7-hardened.yml
new file mode 100644
index 0000000000..9e90d769ac
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke2-cis-1.7-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.7-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.7-hardened
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke2-cis-1.7-permissive.yml b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke2-cis-1.7-permissive.yml
new file mode 100644
index 0000000000..4363d3afab
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke2-cis-1.7-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.7-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.7-permissive
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke2-cis-1.8-hardened.yml b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke2-cis-1.8-hardened.yml
new file mode 100644
index 0000000000..05fc5d8d33
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke2-cis-1.8-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.8-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.8-hardened
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke2-cis-1.8-permissive.yml b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke2-cis-1.8-permissive.yml
new file mode 100644
index 0000000000..a83409c02e
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofile-rke2-cis-1.8-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.8-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.8-permissive
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/scanprofileaks.yml b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofileaks.yml
new file mode 100644
index 0000000000..ea7b25b404
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofileaks.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: aks-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: aks-1.0
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/scanprofileeks.yml b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofileeks.yml
new file mode 100644
index 0000000000..de4500acd9
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofileeks.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: eks-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: eks-1.2.0
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/scanprofilegke.yml b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofilegke.yml
new file mode 100644
index 0000000000..3e5e2439ac
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/scanprofilegke.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: gke-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: gke-1.2.0
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/serviceaccount.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..ec48ec6224
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/serviceaccount.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  namespace: {{ template "cis.namespace" . }}
+  name: cis-operator-serviceaccount
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  namespace: {{ template "cis.namespace" . }}
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-serviceaccount
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/validate-install-crd.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..562295791b
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/validate-install-crd.yaml
@@ -0,0 +1,17 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScan" false -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScanBenchmark" false -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScanProfile" false -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScanReport" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/5.4.0/templates/validate-psp-install.yaml b/charts/rancher-cis-benchmark/5.4.0/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-cis-benchmark/5.4.0/values.yaml b/charts/rancher-cis-benchmark/5.4.0/values.yaml
new file mode 100644
index 0000000000..3f6791d824
--- /dev/null
+++ b/charts/rancher-cis-benchmark/5.4.0/values.yaml
@@ -0,0 +1,55 @@
+# Default values for rancher-cis-benchmark.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+image:
+  cisoperator:
+    repository: rancher/cis-operator
+    tag: v1.0.15
+  securityScan:
+    repository: rancher/security-scan
+    tag: v0.2.17
+  sonobuoy:
+    repository: rancher/mirrored-sonobuoy-sonobuoy
+    tag: v0.57.2
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+## Node labels for pod assignment
+## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+
+## List of node taints to tolerate (requires Kubernetes >= 1.6)
+tolerations: []
+
+securityScanJob:
+  overrideTolerations: false
+  tolerations: []
+
+affinity: {}
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+    clusterName: ""
+    psp:
+      enabled: false
+  kubectl:
+    repository: rancher/kubectl
+    tag: v1.28.12
+
+alerts:
+  enabled: false
+  severity: warning
+  metricsPort: 8080
diff --git a/charts/rancher-eks-operator-crd/103.5.0+up1.3.5/Chart.yaml b/charts/rancher-eks-operator-crd/103.5.0+up1.3.5/Chart.yaml
new file mode 100644
index 0000000000..100320d2d2
--- /dev/null
+++ b/charts/rancher-eks-operator-crd/103.5.0+up1.3.5/Chart.yaml
@@ -0,0 +1,12 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: cattle-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/release-name: rancher-eks-operator-crd
+apiVersion: v2
+appVersion: 1.3.5
+description: EKS Operator CustomResourceDefinitions
+name: rancher-eks-operator-crd
+version: 103.5.0+up1.3.5
diff --git a/charts/rancher-eks-operator-crd/103.5.0+up1.3.5/templates/crds.yaml b/charts/rancher-eks-operator-crd/103.5.0+up1.3.5/templates/crds.yaml
new file mode 100644
index 0000000000..f1c4534210
--- /dev/null
+++ b/charts/rancher-eks-operator-crd/103.5.0+up1.3.5/templates/crds.yaml
@@ -0,0 +1,226 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    helm.sh/resource-policy: keep
+  name: eksclusterconfigs.eks.cattle.io
+spec:
+  group: eks.cattle.io
+  names:
+    kind: EKSClusterConfig
+    plural: eksclusterconfigs
+    shortNames:
+    - ekscc
+    singular: eksclusterconfig
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+  - name: v1
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              amazonCredentialSecret:
+                nullable: true
+                type: string
+              displayName:
+                nullable: true
+                type: string
+              ebsCSIDriver:
+                nullable: true
+                type: boolean
+              imported:
+                type: boolean
+              kmsKey:
+                nullable: true
+                type: string
+              kubernetesVersion:
+                nullable: true
+                type: string
+              loggingTypes:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+              nodeGroups:
+                items:
+                  properties:
+                    desiredSize:
+                      nullable: true
+                      type: integer
+                    diskSize:
+                      nullable: true
+                      type: integer
+                    ec2SshKey:
+                      nullable: true
+                      type: string
+                    gpu:
+                      nullable: true
+                      type: boolean
+                    imageId:
+                      nullable: true
+                      type: string
+                    instanceType:
+                      nullable: true
+                      type: string
+                    labels:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: object
+                    launchTemplate:
+                      nullable: true
+                      properties:
+                        id:
+                          nullable: true
+                          type: string
+                        name:
+                          nullable: true
+                          type: string
+                        version:
+                          nullable: true
+                          type: integer
+                      type: object
+                    maxSize:
+                      nullable: true
+                      type: integer
+                    minSize:
+                      nullable: true
+                      type: integer
+                    nodeRole:
+                      nullable: true
+                      type: string
+                    nodegroupName:
+                      nullable: true
+                      type: string
+                    requestSpotInstances:
+                      nullable: true
+                      type: boolean
+                    resourceTags:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: object
+                    spotInstanceTypes:
+                      items:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: array
+                    subnets:
+                      items:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: array
+                    tags:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: object
+                    userData:
+                      nullable: true
+                      type: string
+                    version:
+                      nullable: true
+                      type: string
+                  required:
+                  - nodegroupName
+                  type: object
+                nullable: true
+                type: array
+              privateAccess:
+                nullable: true
+                type: boolean
+              publicAccess:
+                nullable: true
+                type: boolean
+              publicAccessSources:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+              region:
+                nullable: true
+                type: string
+              secretsEncryption:
+                nullable: true
+                type: boolean
+              securityGroups:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+              serviceRole:
+                nullable: true
+                type: string
+              subnets:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+              tags:
+                additionalProperties:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: object
+            type: object
+          status:
+            properties:
+              failureMessage:
+                nullable: true
+                type: string
+              generatedNodeRole:
+                nullable: true
+                type: string
+              managedLaunchTemplateID:
+                nullable: true
+                type: string
+              managedLaunchTemplateVersions:
+                additionalProperties:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: object
+              networkFieldsSource:
+                nullable: true
+                type: string
+              phase:
+                nullable: true
+                type: string
+              securityGroups:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+              subnets:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+              templateVersionsToDelete:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+              virtualNetwork:
+                nullable: true
+                type: string
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/rancher-eks-operator/103.5.0+up1.3.5/Chart.yaml b/charts/rancher-eks-operator/103.5.0+up1.3.5/Chart.yaml
new file mode 100644
index 0000000000..b2a443dcd4
--- /dev/null
+++ b/charts/rancher-eks-operator/103.5.0+up1.3.5/Chart.yaml
@@ -0,0 +1,20 @@
+annotations:
+  catalog.cattle.io/auto-install: rancher-eks-operator-crd=match
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+  catalog.cattle.io/namespace: cattle-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/provides-gvr: eksclusterconfigs.eks.cattle.io/v1
+  catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+  catalog.cattle.io/release-name: rancher-eks-operator
+  catalog.cattle.io/scope: management
+apiVersion: v2
+appVersion: 1.3.5
+description: A Helm chart for provisioning EKS clusters
+home: https://github.com/rancher/eks-operator
+name: rancher-eks-operator
+sources:
+- https://github.com/rancher/eks-operator
+version: 103.5.0+up1.3.5
diff --git a/charts/rancher-eks-operator/103.5.0+up1.3.5/templates/NOTES.txt b/charts/rancher-eks-operator/103.5.0+up1.3.5/templates/NOTES.txt
new file mode 100644
index 0000000000..23a1b4a8bf
--- /dev/null
+++ b/charts/rancher-eks-operator/103.5.0+up1.3.5/templates/NOTES.txt
@@ -0,0 +1,4 @@
+You have deployed the Rancher EKS operator
+Version: {{ .Chart.AppVersion }}
+Description: This operator provisions EKS clusters
+from EKSClusterConfig CRs.
diff --git a/charts/rancher-eks-operator/103.5.0+up1.3.5/templates/_helpers.tpl b/charts/rancher-eks-operator/103.5.0+up1.3.5/templates/_helpers.tpl
new file mode 100644
index 0000000000..de3b332f6a
--- /dev/null
+++ b/charts/rancher-eks-operator/103.5.0+up1.3.5/templates/_helpers.tpl
@@ -0,0 +1,25 @@
+{{/* vim: set filetype=mustache: */}}
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
+
diff --git a/charts/rancher-eks-operator/103.5.0+up1.3.5/templates/clusterrole.yaml b/charts/rancher-eks-operator/103.5.0+up1.3.5/templates/clusterrole.yaml
new file mode 100644
index 0000000000..d0d561b6ea
--- /dev/null
+++ b/charts/rancher-eks-operator/103.5.0+up1.3.5/templates/clusterrole.yaml
@@ -0,0 +1,15 @@
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: eks-operator
+  namespace: cattle-system
+rules:
+  - apiGroups: ['']
+    resources: ['secrets']
+    verbs: ['get', 'list', 'create', 'watch']
+  - apiGroups: ['eks.cattle.io']
+    resources: ['eksclusterconfigs']
+    verbs: ['get', 'list', 'update', 'watch']
+  - apiGroups: ['eks.cattle.io']
+    resources: ['eksclusterconfigs/status']
+    verbs: ['update']
diff --git a/charts/rancher-eks-operator/103.5.0+up1.3.5/templates/clusterrolebinding.yaml b/charts/rancher-eks-operator/103.5.0+up1.3.5/templates/clusterrolebinding.yaml
new file mode 100644
index 0000000000..2b1846353e
--- /dev/null
+++ b/charts/rancher-eks-operator/103.5.0+up1.3.5/templates/clusterrolebinding.yaml
@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name:  eks-operator
+  namespace: cattle-system
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: eks-operator
+subjects:
+- kind: ServiceAccount
+  name: eks-operator
+  namespace: cattle-system
diff --git a/charts/rancher-eks-operator/103.5.0+up1.3.5/templates/deployment.yaml b/charts/rancher-eks-operator/103.5.0+up1.3.5/templates/deployment.yaml
new file mode 100644
index 0000000000..898383907a
--- /dev/null
+++ b/charts/rancher-eks-operator/103.5.0+up1.3.5/templates/deployment.yaml
@@ -0,0 +1,61 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: eks-config-operator
+  namespace: cattle-system
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      ke.cattle.io/operator: eks
+  template:
+    metadata:
+      labels:
+        ke.cattle.io/operator: eks
+    spec:
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: eks-operator
+      {{- if .Values.priorityClassName }}
+      priorityClassName: "{{.Values.priorityClassName}}"
+      {{- end }}
+      securityContext:
+        fsGroup: 1007
+        runAsUser: 1007
+      containers:
+      - name: eks-operator
+        image: '{{ template "system_default_registry" $ }}{{ $.Values.eksOperator.image.repository }}:{{ $.Values.eksOperator.image.tag }}'
+        imagePullPolicy: IfNotPresent
+        env:
+        - name: HTTP_PROXY
+          value: {{ .Values.httpProxy }}
+        - name: HTTPS_PROXY
+          value: {{ .Values.httpsProxy }}
+        - name: NO_PROXY
+          value: {{ .Values.noProxy }}
+{{- if .Values.additionalTrustedCAs }}
+        # eks-operator mounts the additional CAs in two places:
+        volumeMounts:
+            # This directory is owned by the eks-operator user so c_rehash works here.
+          - mountPath: /etc/rancher/ssl/ca-additional.pem
+            name: tls-ca-additional-volume
+            subPath: ca-additional.pem
+            readOnly: true
+            # This directory is root-owned so c_rehash doesn't work here,
+            # but the cert is here in case update-ca-certificates is called in the future or by the OS.
+          - mountPath: /etc/pki/trust/anchors/ca-additional.pem
+            name: tls-ca-additional-volume
+            subPath: ca-additional.pem
+            readOnly: true
+      volumes:
+        - name: tls-ca-additional-volume
+          secret:
+            defaultMode: 0400
+            secretName: tls-ca-additional
+  {{- end }}
diff --git a/charts/rancher-eks-operator/103.5.0+up1.3.5/templates/serviceaccount.yaml b/charts/rancher-eks-operator/103.5.0+up1.3.5/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..934de07e0d
--- /dev/null
+++ b/charts/rancher-eks-operator/103.5.0+up1.3.5/templates/serviceaccount.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  namespace: cattle-system
+  name: eks-operator
diff --git a/charts/rancher-eks-operator/103.5.0+up1.3.5/values.yaml b/charts/rancher-eks-operator/103.5.0+up1.3.5/values.yaml
new file mode 100644
index 0000000000..9a5638e54f
--- /dev/null
+++ b/charts/rancher-eks-operator/103.5.0+up1.3.5/values.yaml
@@ -0,0 +1,22 @@
+global:
+  cattle:
+    systemDefaultRegistry: ""
+
+eksOperator:
+  image:
+    repository: rancher/eks-operator
+    tag: v1.3.5
+
+httpProxy: ""
+httpsProxy: ""
+noProxy: ""
+additionalTrustedCAs: false
+## Node labels for pod assignment
+## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+## List of node taints to tolerate (requires Kubernetes >= 1.6)
+tolerations: []
+
+## PriorityClassName assigned to deployment.
+priorityClassName: ""
diff --git a/charts/rancher-gke-operator-crd/103.5.0+up1.2.5/Chart.yaml b/charts/rancher-gke-operator-crd/103.5.0+up1.2.5/Chart.yaml
new file mode 100644
index 0000000000..0c34eb5137
--- /dev/null
+++ b/charts/rancher-gke-operator-crd/103.5.0+up1.2.5/Chart.yaml
@@ -0,0 +1,12 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: cattle-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/release-name: rancher-gke-operator-crd
+apiVersion: v2
+appVersion: 1.2.5
+description: GKE Operator CustomResourceDefinitions
+name: rancher-gke-operator-crd
+version: 103.5.0+up1.2.5
diff --git a/charts/rancher-gke-operator-crd/103.5.0+up1.2.5/templates/crds.yaml b/charts/rancher-gke-operator-crd/103.5.0+up1.2.5/templates/crds.yaml
new file mode 100644
index 0000000000..aaa323f363
--- /dev/null
+++ b/charts/rancher-gke-operator-crd/103.5.0+up1.2.5/templates/crds.yaml
@@ -0,0 +1,250 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    helm.sh/resource-policy: keep
+  name: gkeclusterconfigs.gke.cattle.io
+spec:
+  group: gke.cattle.io
+  names:
+    kind: GKEClusterConfig
+    plural: gkeclusterconfigs
+    shortNames:
+    - gkecc
+    singular: gkeclusterconfig
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+  - name: v1
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              clusterAddons:
+                nullable: true
+                properties:
+                  horizontalPodAutoscaling:
+                    type: boolean
+                  httpLoadBalancing:
+                    type: boolean
+                  networkPolicyConfig:
+                    type: boolean
+                type: object
+              clusterIpv4Cidr:
+                nullable: true
+                type: string
+              clusterName:
+                nullable: true
+                type: string
+              description:
+                nullable: true
+                type: string
+              enableKubernetesAlpha:
+                nullable: true
+                type: boolean
+              googleCredentialSecret:
+                nullable: true
+                type: string
+              imported:
+                type: boolean
+              ipAllocationPolicy:
+                nullable: true
+                properties:
+                  clusterIpv4CidrBlock:
+                    nullable: true
+                    type: string
+                  clusterSecondaryRangeName:
+                    nullable: true
+                    type: string
+                  createSubnetwork:
+                    type: boolean
+                  nodeIpv4CidrBlock:
+                    nullable: true
+                    type: string
+                  servicesIpv4CidrBlock:
+                    nullable: true
+                    type: string
+                  servicesSecondaryRangeName:
+                    nullable: true
+                    type: string
+                  subnetworkName:
+                    nullable: true
+                    type: string
+                  useIpAliases:
+                    type: boolean
+                type: object
+              kubernetesVersion:
+                nullable: true
+                type: string
+              labels:
+                additionalProperties:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: object
+              locations:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+              loggingService:
+                nullable: true
+                type: string
+              maintenanceWindow:
+                nullable: true
+                type: string
+              masterAuthorizedNetworks:
+                nullable: true
+                properties:
+                  cidrBlocks:
+                    items:
+                      properties:
+                        cidrBlock:
+                          nullable: true
+                          type: string
+                        displayName:
+                          nullable: true
+                          type: string
+                      type: object
+                    nullable: true
+                    type: array
+                  enabled:
+                    type: boolean
+                type: object
+              monitoringService:
+                nullable: true
+                type: string
+              network:
+                nullable: true
+                type: string
+              networkPolicyEnabled:
+                nullable: true
+                type: boolean
+              nodePools:
+                items:
+                  properties:
+                    autoscaling:
+                      nullable: true
+                      properties:
+                        enabled:
+                          type: boolean
+                        maxNodeCount:
+                          type: integer
+                        minNodeCount:
+                          type: integer
+                      type: object
+                    config:
+                      nullable: true
+                      properties:
+                        diskSizeGb:
+                          type: integer
+                        diskType:
+                          nullable: true
+                          type: string
+                        imageType:
+                          nullable: true
+                          type: string
+                        labels:
+                          additionalProperties:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: object
+                        localSsdCount:
+                          type: integer
+                        machineType:
+                          nullable: true
+                          type: string
+                        oauthScopes:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        preemptible:
+                          type: boolean
+                        tags:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        taints:
+                          items:
+                            properties:
+                              effect:
+                                nullable: true
+                                type: string
+                              key:
+                                nullable: true
+                                type: string
+                              value:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                    initialNodeCount:
+                      nullable: true
+                      type: integer
+                    management:
+                      nullable: true
+                      properties:
+                        autoRepair:
+                          type: boolean
+                        autoUpgrade:
+                          type: boolean
+                      type: object
+                    maxPodsConstraint:
+                      nullable: true
+                      type: integer
+                    name:
+                      nullable: true
+                      type: string
+                    version:
+                      nullable: true
+                      type: string
+                  type: object
+                nullable: true
+                type: array
+              privateClusterConfig:
+                nullable: true
+                properties:
+                  enablePrivateEndpoint:
+                    type: boolean
+                  enablePrivateNodes:
+                    type: boolean
+                  masterIpv4CidrBlock:
+                    nullable: true
+                    type: string
+                type: object
+              projectID:
+                nullable: true
+                type: string
+              region:
+                nullable: true
+                type: string
+              subnetwork:
+                nullable: true
+                type: string
+              zone:
+                nullable: true
+                type: string
+            type: object
+          status:
+            properties:
+              failureMessage:
+                nullable: true
+                type: string
+              phase:
+                nullable: true
+                type: string
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/rancher-gke-operator/103.5.0+up1.2.5/Chart.yaml b/charts/rancher-gke-operator/103.5.0+up1.2.5/Chart.yaml
new file mode 100644
index 0000000000..1d8396be68
--- /dev/null
+++ b/charts/rancher-gke-operator/103.5.0+up1.2.5/Chart.yaml
@@ -0,0 +1,20 @@
+annotations:
+  catalog.cattle.io/auto-install: rancher-gke-operator-crd=match
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+  catalog.cattle.io/namespace: cattle-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/provides-gvr: gkeclusterconfigs.gke.cattle.io/v1
+  catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+  catalog.cattle.io/release-name: rancher-gke-operator
+  catalog.cattle.io/scope: management
+apiVersion: v2
+appVersion: 1.2.5
+description: A Helm chart for provisioning GKE clusters
+home: https://github.com/rancher/gke-operator
+name: rancher-gke-operator
+sources:
+- https://github.com/rancher/gke-operator
+version: 103.5.0+up1.2.5
diff --git a/charts/rancher-gke-operator/103.5.0+up1.2.5/templates/NOTES.txt b/charts/rancher-gke-operator/103.5.0+up1.2.5/templates/NOTES.txt
new file mode 100644
index 0000000000..238173d1bd
--- /dev/null
+++ b/charts/rancher-gke-operator/103.5.0+up1.2.5/templates/NOTES.txt
@@ -0,0 +1,4 @@
+You have deployed the Rancher GKE operator
+Version: {{ .Chart.AppVersion }}
+Description: This operator provisions GKE clusters
+from GKEClusterConfig CRs.
diff --git a/charts/rancher-gke-operator/103.5.0+up1.2.5/templates/_helpers.tpl b/charts/rancher-gke-operator/103.5.0+up1.2.5/templates/_helpers.tpl
new file mode 100644
index 0000000000..de3b332f6a
--- /dev/null
+++ b/charts/rancher-gke-operator/103.5.0+up1.2.5/templates/_helpers.tpl
@@ -0,0 +1,25 @@
+{{/* vim: set filetype=mustache: */}}
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
+
diff --git a/charts/rancher-gke-operator/103.5.0+up1.2.5/templates/clusterrole.yaml b/charts/rancher-gke-operator/103.5.0+up1.2.5/templates/clusterrole.yaml
new file mode 100644
index 0000000000..7c352696ee
--- /dev/null
+++ b/charts/rancher-gke-operator/103.5.0+up1.2.5/templates/clusterrole.yaml
@@ -0,0 +1,15 @@
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: gke-operator
+  namespace: cattle-system
+rules:
+  - apiGroups: ['']
+    resources: ['secrets']
+    verbs: ['get', 'list', 'create', 'watch']
+  - apiGroups: ['gke.cattle.io']
+    resources: ['gkeclusterconfigs']
+    verbs: ['get', 'list', 'update', 'watch']
+  - apiGroups: ['gke.cattle.io']
+    resources: ['gkeclusterconfigs/status']
+    verbs: ['update']
diff --git a/charts/rancher-gke-operator/103.5.0+up1.2.5/templates/clusterrolebinding.yaml b/charts/rancher-gke-operator/103.5.0+up1.2.5/templates/clusterrolebinding.yaml
new file mode 100644
index 0000000000..e2af390c71
--- /dev/null
+++ b/charts/rancher-gke-operator/103.5.0+up1.2.5/templates/clusterrolebinding.yaml
@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name:  gke-operator
+  namespace: cattle-system
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: gke-operator
+subjects:
+- kind: ServiceAccount
+  name: gke-operator
+  namespace: cattle-system
diff --git a/charts/rancher-gke-operator/103.5.0+up1.2.5/templates/deployment.yaml b/charts/rancher-gke-operator/103.5.0+up1.2.5/templates/deployment.yaml
new file mode 100644
index 0000000000..3af5a6c0f7
--- /dev/null
+++ b/charts/rancher-gke-operator/103.5.0+up1.2.5/templates/deployment.yaml
@@ -0,0 +1,62 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: gke-config-operator
+  namespace: cattle-system
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      ke.cattle.io/operator: gke
+  template:
+    metadata:
+      labels:
+        ke.cattle.io/operator: gke
+    spec:
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: gke-operator
+      {{- if .Values.priorityClassName }}
+      priorityClassName: "{{.Values.priorityClassName}}"
+      {{- end }}
+      securityContext:
+        fsGroup: 1007
+        runAsUser: 1007
+      containers:
+      - name: rancher-gke-operator
+        image: '{{ template "system_default_registry" $ }}{{ $.Values.gkeOperator.image.repository }}:{{ $.Values.gkeOperator.image.tag }}'
+        imagePullPolicy: IfNotPresent
+        args: ["-debug={{ .Values.gkeOperator.debug | default false }}"]
+        env:
+        - name: HTTP_PROXY
+          value: {{ .Values.httpProxy }}
+        - name: HTTPS_PROXY
+          value: {{ .Values.httpsProxy }}
+        - name: NO_PROXY
+          value: {{ .Values.noProxy }}
+{{- if .Values.additionalTrustedCAs }}
+        # gke-operator mounts the additional CAs in two places:
+        volumeMounts:
+            # This directory is owned by the gke-operator user so c_rehash works here.
+          - mountPath: /etc/rancher/ssl/ca-additional.pem
+            name: tls-ca-additional-volume
+            subPath: ca-additional.pem
+            readOnly: true
+            # This directory is root-owned so c_rehash doesn't work here,
+            # but the cert is here in case update-ca-certificates is called in the future or by the OS.
+          - mountPath: /etc/pki/trust/anchors/ca-additional.pem
+            name: tls-ca-additional-volume
+            subPath: ca-additional.pem
+            readOnly: true
+      volumes:
+        - name: tls-ca-additional-volume
+          secret:
+            defaultMode: 0400
+            secretName: tls-ca-additional
+  {{- end }}
diff --git a/charts/rancher-gke-operator/103.5.0+up1.2.5/templates/serviceaccount.yaml b/charts/rancher-gke-operator/103.5.0+up1.2.5/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..ba52af6280
--- /dev/null
+++ b/charts/rancher-gke-operator/103.5.0+up1.2.5/templates/serviceaccount.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  namespace: cattle-system
+  name: gke-operator
diff --git a/charts/rancher-gke-operator/103.5.0+up1.2.5/values.yaml b/charts/rancher-gke-operator/103.5.0+up1.2.5/values.yaml
new file mode 100644
index 0000000000..d33228f307
--- /dev/null
+++ b/charts/rancher-gke-operator/103.5.0+up1.2.5/values.yaml
@@ -0,0 +1,23 @@
+global:
+  cattle:
+    systemDefaultRegistry: ""
+
+gkeOperator:
+  image:
+    repository: rancher/gke-operator
+    tag: v1.2.5
+  debug: false
+
+httpProxy: ""
+httpsProxy: ""
+noProxy: ""
+additionalTrustedCAs: false
+## Node labels for pod assignment
+## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+## List of node taints to tolerate (requires Kubernetes >= 1.6)
+tolerations: []
+
+## PriorityClassName assigned to deployment.
+priorityClassName: ""
diff --git a/charts/rancher-webhook/103.0.10+up0.4.11/Chart.yaml b/charts/rancher-webhook/103.0.10+up0.4.11/Chart.yaml
new file mode 100644
index 0000000000..6f02a02a46
--- /dev/null
+++ b/charts/rancher-webhook/103.0.10+up0.4.11/Chart.yaml
@@ -0,0 +1,14 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+  catalog.cattle.io/namespace: cattle-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+  catalog.cattle.io/release-name: rancher-webhook
+apiVersion: v2
+appVersion: 0.4.11
+description: ValidatingAdmissionWebhook for Rancher types
+name: rancher-webhook
+version: 103.0.10+up0.4.11
diff --git a/charts/rancher-webhook/103.0.10+up0.4.11/templates/_helpers.tpl b/charts/rancher-webhook/103.0.10+up0.4.11/templates/_helpers.tpl
new file mode 100644
index 0000000000..c37a65c6f3
--- /dev/null
+++ b/charts/rancher-webhook/103.0.10+up0.4.11/templates/_helpers.tpl
@@ -0,0 +1,22 @@
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "rancher-webhook.labels" -}}
+app: rancher-webhook
+{{- end }}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
\ No newline at end of file
diff --git a/charts/rancher-webhook/103.0.10+up0.4.11/templates/deployment.yaml b/charts/rancher-webhook/103.0.10+up0.4.11/templates/deployment.yaml
new file mode 100644
index 0000000000..b8a7201dac
--- /dev/null
+++ b/charts/rancher-webhook/103.0.10+up0.4.11/templates/deployment.yaml
@@ -0,0 +1,82 @@
+{{- $auth := .Values.auth | default dict }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: rancher-webhook
+spec:
+  selector:
+    matchLabels:
+      app: rancher-webhook
+  template:
+    metadata:
+      labels:
+        app: rancher-webhook
+    spec:
+      {{- if $auth.clientCA }}
+      volumes:
+      - name: client-ca
+        secret:
+          secretName: client-ca
+      {{- end }}
+      {{- if .Values.global.hostNetwork }}
+      hostNetwork: true
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+      {{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+      {{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 6 }}
+      {{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 6 }}
+      {{- end }}
+      containers:
+      - env:
+        - name: STAMP
+          value: "{{.Values.stamp}}"
+        - name: ENABLE_MCM
+          value: "{{.Values.mcm.enabled}}"
+        - name: CATTLE_PORT
+          value: {{.Values.port | default 9443 | quote}}
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        {{- if $auth.allowedCNs }}
+        - name: ALLOWED_CNS
+          value: '{{ join "," $auth.allowedCNs }}'
+        {{- end }}
+        image: '{{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}'
+        name: rancher-webhook
+        imagePullPolicy: "{{ .Values.image.imagePullPolicy }}"
+        ports:
+        - name: https
+          containerPort: {{ .Values.port | default 9443 }}
+        startupProbe:
+          httpGet:
+            path: "/healthz"
+            port: "https"
+            scheme: "HTTPS"
+          failureThreshold: 60
+          periodSeconds: 5
+        livenessProbe:
+          httpGet:
+            path: "/healthz"
+            port: "https"
+            scheme: "HTTPS"
+          periodSeconds: 5
+        {{- if $auth.clientCA }}
+        volumeMounts:
+        - name: client-ca
+          mountPath: /tmp/k8s-webhook-server/client-ca
+          readOnly: true
+        {{- end }}
+        {{- if .Values.capNetBindService }}
+        securityContext:
+          capabilities:
+            add:
+            - NET_BIND_SERVICE
+        {{- end }}
+      serviceAccountName: rancher-webhook
+      {{- if .Values.priorityClassName }}
+      priorityClassName: "{{.Values.priorityClassName}}"
+      {{- end }}
diff --git a/charts/rancher-webhook/103.0.10+up0.4.11/templates/rbac.yaml b/charts/rancher-webhook/103.0.10+up0.4.11/templates/rbac.yaml
new file mode 100644
index 0000000000..f4364995c0
--- /dev/null
+++ b/charts/rancher-webhook/103.0.10+up0.4.11/templates/rbac.yaml
@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: rancher-webhook
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cluster-admin
+subjects:
+- kind: ServiceAccount
+  name: rancher-webhook
+  namespace: {{.Release.Namespace}}
\ No newline at end of file
diff --git a/charts/rancher-webhook/103.0.10+up0.4.11/templates/secret.yaml b/charts/rancher-webhook/103.0.10+up0.4.11/templates/secret.yaml
new file mode 100644
index 0000000000..9fd331dc1e
--- /dev/null
+++ b/charts/rancher-webhook/103.0.10+up0.4.11/templates/secret.yaml
@@ -0,0 +1,11 @@
+{{- $auth := .Values.auth | default dict }}
+{{- if $auth.clientCA }}
+apiVersion: v1
+data:
+  ca.crt: {{ $auth.clientCA }}
+kind: Secret
+metadata:
+  name: client-ca
+  namespace: cattle-system
+type: Opaque
+{{- end }}
diff --git a/charts/rancher-webhook/103.0.10+up0.4.11/templates/service.yaml b/charts/rancher-webhook/103.0.10+up0.4.11/templates/service.yaml
new file mode 100644
index 0000000000..220afebeae
--- /dev/null
+++ b/charts/rancher-webhook/103.0.10+up0.4.11/templates/service.yaml
@@ -0,0 +1,13 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: rancher-webhook
+  namespace: cattle-system
+spec:
+  ports:
+  - port: 443
+    targetPort: {{ .Values.port | default 9443 }}
+    protocol: TCP
+    name: https
+  selector:
+    app: rancher-webhook
diff --git a/charts/rancher-webhook/103.0.10+up0.4.11/templates/serviceaccount.yaml b/charts/rancher-webhook/103.0.10+up0.4.11/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..9e7ad7e1fe
--- /dev/null
+++ b/charts/rancher-webhook/103.0.10+up0.4.11/templates/serviceaccount.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: rancher-webhook
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: rancher-webhook-sudo
+  annotations:
+    cattle.io/description: "SA which can be impersonated to bypass rancher-webhook validation"
\ No newline at end of file
diff --git a/charts/rancher-webhook/103.0.10+up0.4.11/templates/webhook.yaml b/charts/rancher-webhook/103.0.10+up0.4.11/templates/webhook.yaml
new file mode 100644
index 0000000000..53a0687b6f
--- /dev/null
+++ b/charts/rancher-webhook/103.0.10+up0.4.11/templates/webhook.yaml
@@ -0,0 +1,9 @@
+apiVersion: admissionregistration.k8s.io/v1
+kind: ValidatingWebhookConfiguration
+metadata:
+  name: rancher.cattle.io
+---
+apiVersion: admissionregistration.k8s.io/v1
+kind: MutatingWebhookConfiguration
+metadata:
+  name: rancher.cattle.io
diff --git a/charts/rancher-webhook/103.0.10+up0.4.11/tests/README.md b/charts/rancher-webhook/103.0.10+up0.4.11/tests/README.md
new file mode 100644
index 0000000000..6d3059a005
--- /dev/null
+++ b/charts/rancher-webhook/103.0.10+up0.4.11/tests/README.md
@@ -0,0 +1,16 @@
+
+## local dev testing instructions
+
+Option 1: Full chart CI run with a live cluster
+
+```bash
+./scripts/charts/ci 
+```
+
+Option 2: Test runs against the chart only 
+
+```bash
+# install the helm plugin first - helm plugin install https://github.com/helm-unittest/helm-unittest.git
+bash dev-scripts/helm-unittest.sh
+```
+
diff --git a/charts/rancher-webhook/103.0.10+up0.4.11/tests/deployment_test.yaml b/charts/rancher-webhook/103.0.10+up0.4.11/tests/deployment_test.yaml
new file mode 100644
index 0000000000..bbd6e30444
--- /dev/null
+++ b/charts/rancher-webhook/103.0.10+up0.4.11/tests/deployment_test.yaml
@@ -0,0 +1,73 @@
+suite: Test Deployment
+templates:
+  - deployment.yaml
+
+tests:
+  - it: should set webhook default port values
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[0].ports[0].containerPort
+          value: 9443
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: CATTLE_PORT
+            value: "9443"
+
+  - it: should set updated webhook port
+    set:
+      port: 2319
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[0].ports[0].containerPort
+          value: 2319
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: CATTLE_PORT
+            value: "2319"
+
+  - it: should not set capabilities by default.
+    asserts:
+      - isNull:
+          path: spec.template.spec.containers[0].securityContext
+
+  - it: should set net capabilities when capNetBindService is true.
+    set:
+      capNetBindService: true
+    asserts:
+      - contains:
+          path: spec.template.spec.containers[0].securityContext.capabilities.add
+          content: NET_BIND_SERVICE
+
+  - it: should not set volumes or volumeMounts by default
+    asserts:
+      - isNull:
+          path: spec.template.spec.volumes
+      - isNull:
+          path: spec.template.spec.volumeMounts
+
+  - it: should set CA fields when CA options are set
+    set:
+      auth.clientCA: base64-encoded-cert
+      auth.allowedCNs:
+        - kube-apiserver
+        - joe
+    asserts:
+      - contains:
+          path: spec.template.spec.volumes
+          content:
+            name: client-ca
+            secret:
+              secretName: client-ca
+      - contains:
+          path: spec.template.spec.containers[0].volumeMounts
+          content:
+            name: client-ca
+            mountPath: /tmp/k8s-webhook-server/client-ca
+            readOnly: true
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: ALLOWED_CNS
+            value: kube-apiserver,joe
diff --git a/charts/rancher-webhook/103.0.10+up0.4.11/tests/service_test.yaml b/charts/rancher-webhook/103.0.10+up0.4.11/tests/service_test.yaml
new file mode 100644
index 0000000000..03172ad033
--- /dev/null
+++ b/charts/rancher-webhook/103.0.10+up0.4.11/tests/service_test.yaml
@@ -0,0 +1,18 @@
+suite: Test Service
+templates:
+  - service.yaml
+
+tests:
+  - it: should set webhook default port values
+    asserts:
+      - equal:
+          path: spec.ports[0].targetPort
+          value: 9443
+
+  - it: should set updated target port
+    set:
+      port: 2319
+    asserts:
+      - equal:
+          path: spec.ports[0].targetPort
+          value: 2319
diff --git a/charts/rancher-webhook/103.0.10+up0.4.11/values.yaml b/charts/rancher-webhook/103.0.10+up0.4.11/values.yaml
new file mode 100644
index 0000000000..e673a42a58
--- /dev/null
+++ b/charts/rancher-webhook/103.0.10+up0.4.11/values.yaml
@@ -0,0 +1,30 @@
+image:
+  repository: rancher/rancher-webhook
+  tag: v0.4.11
+  imagePullPolicy: IfNotPresent
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+  hostNetwork: false
+
+mcm:
+  enabled: true
+
+# tolerations for the webhook deployment. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ for more info
+tolerations: []
+nodeSelector: {}
+
+## PriorityClassName assigned to deployment.
+priorityClassName: ""
+
+# port assigns which port to use when running rancher-webhook
+port: 9443
+
+# Parameters for authenticating the kube-apiserver.
+auth:
+  # CA for authenticating kube-apiserver client certs. If empty, client connections will not be authenticated.
+  # Must be base64-encoded.
+  clientCA: ""
+  # Allowlist of CNs for kube-apiserver client certs. If empty, any cert signed by the CA provided in clientCA will be accepted.
+  allowedCNs: []
diff --git a/charts/system-upgrade-controller/103.0.2+up0.6.1/Chart.yaml b/charts/system-upgrade-controller/103.0.2+up0.6.1/Chart.yaml
new file mode 100644
index 0000000000..ff09d5fd56
--- /dev/null
+++ b/charts/system-upgrade-controller/103.0.2+up0.6.1/Chart.yaml
@@ -0,0 +1,18 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+  catalog.cattle.io/namespace: cattle-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+  catalog.cattle.io/release-name: system-upgrade-controller
+apiVersion: v1
+appVersion: v0.13.4
+description: General purpose controller to make system level updates to nodes.
+home: https://github.com/rancher/system-charts/blob/dev-v2.8/charts/rancher-k3s-upgrader
+kubeVersion: '>= 1.23.0-0'
+name: system-upgrade-controller
+sources:
+- https://github.com/rancher/system-charts/blob/dev-v2.8/charts/rancher-k3s-upgrader
+version: 103.0.2+up0.6.1
diff --git a/charts/system-upgrade-controller/103.0.2+up0.6.1/templates/_helpers.tpl b/charts/system-upgrade-controller/103.0.2+up0.6.1/templates/_helpers.tpl
new file mode 100644
index 0000000000..67a534eb7b
--- /dev/null
+++ b/charts/system-upgrade-controller/103.0.2+up0.6.1/templates/_helpers.tpl
@@ -0,0 +1,9 @@
+{{/* vim: set filetype=mustache: */}}
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/system-upgrade-controller/103.0.2+up0.6.1/templates/clusterrolebinding.yaml b/charts/system-upgrade-controller/103.0.2+up0.6.1/templates/clusterrolebinding.yaml
new file mode 100644
index 0000000000..f2a09949d5
--- /dev/null
+++ b/charts/system-upgrade-controller/103.0.2+up0.6.1/templates/clusterrolebinding.yaml
@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name:  system-upgrade-controller
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cluster-admin
+subjects:
+  - kind: ServiceAccount
+    name: system-upgrade-controller
+    namespace: cattle-system
diff --git a/charts/system-upgrade-controller/103.0.2+up0.6.1/templates/configmap.yaml b/charts/system-upgrade-controller/103.0.2+up0.6.1/templates/configmap.yaml
new file mode 100644
index 0000000000..7619c39744
--- /dev/null
+++ b/charts/system-upgrade-controller/103.0.2+up0.6.1/templates/configmap.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: system-upgrade-controller-config
+  namespace: cattle-system
+data:
+  SYSTEM_UPGRADE_CONTROLLER_DEBUG: {{ .Values.systemUpgradeControllerDebug | default "false" | quote }}
+  SYSTEM_UPGRADE_CONTROLLER_THREADS: {{ .Values.systemUpgradeControllerThreads | default "2" | quote }}
+  SYSTEM_UPGRADE_JOB_ACTIVE_DEADLINE_SECONDS: {{ .Values.systemUpgradeJobActiveDeadlineSeconds | default "900" | quote }}
+  SYSTEM_UPGRADE_JOB_BACKOFF_LIMIT: {{ .Values.systemUpgradeJobBackoffLimit | default "99" | quote }}
+  SYSTEM_UPGRADE_JOB_IMAGE_PULL_POLICY: {{ .Values.systemUpgradeJobImagePullPolicy | default "IfNotPresent" | quote }}
+  SYSTEM_UPGRADE_JOB_KUBECTL_IMAGE: {{ template "system_default_registry" . }}{{ .Values.kubectl.image.repository }}:{{ .Values.kubectl.image.tag }}
+  SYSTEM_UPGRADE_JOB_PRIVILEGED: {{ .Values.systemUpgradeJobPrivileged | default "true" | quote }}
+  SYSTEM_UPGRADE_JOB_TTL_SECONDS_AFTER_FINISH: {{ .Values.systemUpgradeJobTTLSecondsAfterFinish | default "900" | quote }}
+  SYSTEM_UPGRADE_PLAN_POLLING_INTERVAL: {{ .Values.systemUpgradePlanRollingInterval | default "15m" | quote }}
+
diff --git a/charts/system-upgrade-controller/103.0.2+up0.6.1/templates/deployment.yaml b/charts/system-upgrade-controller/103.0.2+up0.6.1/templates/deployment.yaml
new file mode 100644
index 0000000000..cfc27992eb
--- /dev/null
+++ b/charts/system-upgrade-controller/103.0.2+up0.6.1/templates/deployment.yaml
@@ -0,0 +1,69 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: system-upgrade-controller
+  namespace: cattle-system
+spec:
+  selector:
+    matchLabels:
+      upgrade.cattle.io/controller: system-upgrade-controller
+  template:
+    metadata:
+      labels:
+        upgrade.cattle.io/controller: system-upgrade-controller # necessary to avoid drain
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: "kubernetes.io/os"
+                    operator: NotIn
+                    values:
+                      - windows
+          preferredDuringSchedulingIgnoredDuringExecution:
+          - preference:
+              matchExpressions:
+                - key: node-role.kubernetes.io/control-plane
+                  operator: In
+                  values:
+                    - "true"
+            weight: 100
+          - preference:
+              matchExpressions:
+                - key: node-role.kubernetes.io/master
+                  operator: In
+                  values:
+                    - "true"
+            weight: 100
+      tolerations:
+        - operator: Exists
+      serviceAccountName: system-upgrade-controller
+      containers:
+        - name: system-upgrade-controller
+          image: {{ template "system_default_registry" . }}{{ .Values.systemUpgradeController.image.repository }}:{{ .Values.systemUpgradeController.image.tag }}
+          imagePullPolicy: IfNotPresent
+          envFrom:
+            - configMapRef:
+                name: system-upgrade-controller-config
+          env:
+            - name: SYSTEM_UPGRADE_CONTROLLER_NAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.labels['upgrade.cattle.io/controller']
+            - name: SYSTEM_UPGRADE_CONTROLLER_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.namespace
+          volumeMounts:
+            - name: etc-ssl
+              mountPath: /etc/ssl
+            - name: tmp
+              mountPath: /tmp
+      volumes:
+        - name: etc-ssl
+          hostPath:
+            path: /etc/ssl
+            type: Directory
+        - name: tmp
+          emptyDir: {}
diff --git a/charts/system-upgrade-controller/103.0.2+up0.6.1/templates/psp.yaml b/charts/system-upgrade-controller/103.0.2+up0.6.1/templates/psp.yaml
new file mode 100644
index 0000000000..ca87b996cb
--- /dev/null
+++ b/charts/system-upgrade-controller/103.0.2+up0.6.1/templates/psp.yaml
@@ -0,0 +1,51 @@
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: system-upgrade-controller
+spec:
+  allowPrivilegeEscalation: true
+  allowedCapabilities:
+    - CAP_SYS_BOOT
+  hostNetwork: true
+  hostPID: true
+  hostIPC: true
+  privileged: true
+  runAsUser:
+    rule: RunAsAny
+  seLinux:
+    rule: RunAsAny
+  supplementalGroups:
+    rule: RunAsAny
+  fsGroup:
+    rule: RunAsAny
+  volumes:
+    - "*"
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: system-upgrade-controller-psp
+rules:
+  - apiGroups:
+      - policy
+    resourceNames:
+      - system-upgrade-controller
+    resources:
+      - podsecuritypolicies
+    verbs:
+      - use
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name:  system-upgrade-controller-psp
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: system-upgrade-controller-psp
+subjects:
+  - kind: Group
+    apiGroup: rbac.authorization.k8s.io
+    name: system:serviceaccounts:cattle-system
+{{- end }}
diff --git a/charts/system-upgrade-controller/103.0.2+up0.6.1/templates/serviceaccount.yaml b/charts/system-upgrade-controller/103.0.2+up0.6.1/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..b6cdcf48b3
--- /dev/null
+++ b/charts/system-upgrade-controller/103.0.2+up0.6.1/templates/serviceaccount.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: system-upgrade-controller
+  namespace: cattle-system
diff --git a/charts/system-upgrade-controller/103.0.2+up0.6.1/values.yaml b/charts/system-upgrade-controller/103.0.2+up0.6.1/values.yaml
new file mode 100644
index 0000000000..9ac4c2ef62
--- /dev/null
+++ b/charts/system-upgrade-controller/103.0.2+up0.6.1/values.yaml
@@ -0,0 +1,15 @@
+global:
+  cattle:
+    systemDefaultRegistry: ""
+    psp:
+      enabled: true
+
+systemUpgradeController:
+  image:
+    repository: rancher/system-upgrade-controller
+    tag: v0.13.4
+
+kubectl:
+  image:
+    repository: rancher/kubectl
+    tag: v1.23.3
diff --git a/index.yaml b/index.yaml
index 172ff29757..7346803496 100755
--- a/index.yaml
+++ b/index.yaml
@@ -97,6 +97,30 @@ entries:
     urls:
     - assets/elemental/elemental-104.0.0+up1.4.3.tgz
     version: 104.0.0+up1.4.3
+  - annotations:
+      catalog.cattle.io/auto-install: elemental-crd=match
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/display-name: Elemental
+      catalog.cattle.io/kube-version: '>= 1.23.0-0'
+      catalog.cattle.io/namespace: cattle-elemental-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux
+      catalog.cattle.io/provides-gvr: elemental.cattle.io/v1beta1
+      catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+      catalog.cattle.io/release-name: elemental-operator
+      catalog.cattle.io/scope: management
+      catalog.cattle.io/type: cluster-tool
+      catalog.cattle.io/upstream-version: 1.6.4
+    apiVersion: v2
+    appVersion: 1.6.4
+    created: "2024-09-18T12:30:04.156198084-03:00"
+    description: Elemental provides Cloud Native OS Management for Cluster Nodes.
+    digest: 2f5b07549ddfa871fb601017f1008f7372c4c8a539791a1bc5ece2930ceba58a
+    icon: https://raw.githubusercontent.com/rancher/elemental/main/logo/icon-elemental.svg
+    name: elemental
+    urls:
+    - assets/elemental/elemental-103.4.0+up1.6.4.tgz
+    version: 103.4.0+up1.6.4
   - annotations:
       catalog.cattle.io/auto-install: elemental-crd=match
       catalog.cattle.io/certified: rancher
@@ -278,6 +302,21 @@ entries:
     urls:
     - assets/elemental-crd/elemental-crd-104.0.0+up1.4.3.tgz
     version: 104.0.0+up1.4.3
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/namespace: cattle-elemental-system
+      catalog.cattle.io/release-name: elemental-operator-crds
+    apiVersion: v2
+    appVersion: 1.6.4
+    created: "2024-09-18T12:30:13.150045288-03:00"
+    description: A Helm chart for deploying Rancher Elemental Operator CRDs
+    digest: c880e12e23f95db11b9915c1bbd47cd273d272dc119f9ac44a33bd82a8c62d6b
+    name: elemental-crd
+    type: application
+    urls:
+    - assets/elemental-crd/elemental-crd-103.4.0+up1.6.4.tgz
+    version: 103.4.0+up1.6.4
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
@@ -833,6 +872,32 @@ entries:
     urls:
     - assets/fleet/fleet-104.0.0+up0.10.0.tgz
     version: 104.0.0+up0.10.0
+  - annotations:
+      catalog.cattle.io/auto-install: fleet-crd=match
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/experimental: "true"
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+      catalog.cattle.io/namespace: cattle-fleet-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/provides-gvr: clusters.fleet.cattle.io/v1alpha1
+      catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+      catalog.cattle.io/release-name: fleet
+    apiVersion: v2
+    appVersion: 0.9.9
+    created: "2024-09-18T12:30:30.688323458-03:00"
+    dependencies:
+    - condition: gitops.enabled
+      name: gitjob
+      repository: file://./charts/gitjob
+    description: Fleet Manager - GitOps at Scale
+    digest: 20fea00e8d21c41c695843b5142e0a0ec4c8128366c36efb2808764be829399d
+    icon: https://charts.rancher.io/assets/logos/fleet.svg
+    name: fleet
+    urls:
+    - assets/fleet/fleet-103.1.8+up0.9.9.tgz
+    version: 103.1.8+up0.9.9
   - annotations:
       catalog.cattle.io/auto-install: fleet-crd=match
       catalog.cattle.io/certified: rancher
@@ -1333,6 +1398,25 @@ entries:
     urls:
     - assets/fleet-agent/fleet-agent-104.0.0+up0.10.0.tgz
     version: 104.0.0+up0.10.0
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+      catalog.cattle.io/namespace: cattle-fleet-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+      catalog.cattle.io/release-name: fleet-agent
+    apiVersion: v2
+    appVersion: 0.9.9
+    created: "2024-09-18T12:30:51.68370539-03:00"
+    description: Fleet Manager Agent - GitOps at Scale
+    digest: 7e53f023abda1d86f1227db2d64d7c14687ea91114805c85006a5fc5698f67ca
+    icon: https://charts.rancher.io/assets/logos/fleet.svg
+    name: fleet-agent
+    urls:
+    - assets/fleet-agent/fleet-agent-103.1.8+up0.9.9.tgz
+    version: 103.1.8+up0.9.9
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
@@ -1708,6 +1792,23 @@ entries:
     urls:
     - assets/fleet-crd/fleet-crd-104.0.0+up0.10.0.tgz
     version: 104.0.0+up0.10.0
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/namespace: cattle-fleet-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/release-name: fleet-crd
+    apiVersion: v2
+    appVersion: 0.9.9
+    created: "2024-09-18T12:30:41.279378991-03:00"
+    description: Fleet Manager CustomResourceDefinitions
+    digest: b3e3942ee6956e6d8d33e37190ceeb3cd4d3055ff3f24afebb71aa9b6a224506
+    icon: https://charts.rancher.io/assets/logos/fleet.svg
+    name: fleet-crd
+    urls:
+    - assets/fleet-crd/fleet-crd-103.1.8+up0.9.9.tgz
+    version: 103.1.8+up0.9.9
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
@@ -2086,6 +2187,35 @@ entries:
     urls:
     - assets/harvester-cloud-provider/harvester-cloud-provider-104.0.0+up0.2.3.tgz
     version: 104.0.0+up0.2.3
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/display-name: Harvester Cloud Provider
+      catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+      catalog.cattle.io/namespace: kube-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux
+      catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+      catalog.cattle.io/release-name: harvester-cloud-provider
+      catalog.cattle.io/ui-component: harvester-cloud-provider
+      catalog.cattle.io/upstream-version: 0.2.6
+    apiVersion: v2
+    appVersion: v0.2.2
+    created: "2024-09-18T12:31:09.934481318-03:00"
+    dependencies:
+    - name: kube-vip
+      repository: file://./charts/kube-vip
+    description: A Helm chart for Harvester Cloud Provider
+    digest: addb6f9451f63542a07e6a552cefe028515d111ddc1bbcc3645b520bfab98e78
+    keywords:
+    - infrastructure
+    - harvester
+    maintainers:
+    - name: harvester
+    name: harvester-cloud-provider
+    type: application
+    urls:
+    - assets/harvester-cloud-provider/harvester-cloud-provider-103.0.3+up0.2.6.tgz
+    version: 103.0.3+up0.2.6
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/display-name: Harvester Cloud Provider
@@ -5935,6 +6065,30 @@ entries:
     urls:
     - assets/rancher-aks-operator/rancher-aks-operator-104.0.0+up1.9.0.tgz
     version: 104.0.0+up1.9.0
+  - annotations:
+      catalog.cattle.io/auto-install: rancher-aks-operator-crd=match
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+      catalog.cattle.io/namespace: cattle-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/provides-gvr: aksclusterconfigs.aks.cattle.io/v1
+      catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+      catalog.cattle.io/release-name: rancher-aks-operator
+      catalog.cattle.io/scope: management
+    apiVersion: v2
+    appVersion: 1.2.5
+    created: "2024-09-18T12:29:30.334481945-03:00"
+    description: A Helm chart for provisioning AKS clusters
+    digest: 2fbac4b2b7ba6f0d2e8f744913314a77bb32a972a924f598e84426591c48e157
+    home: https://github.com/rancher/aks-operator
+    name: rancher-aks-operator
+    sources:
+    - https://github.com/rancher/aks-operator
+    urls:
+    - assets/rancher-aks-operator/rancher-aks-operator-103.5.0+up1.2.5.tgz
+    version: 103.5.0+up1.2.5
   - annotations:
       catalog.cattle.io/auto-install: rancher-aks-operator-crd=match
       catalog.cattle.io/certified: rancher
@@ -6264,6 +6418,22 @@ entries:
     urls:
     - assets/rancher-aks-operator-crd/rancher-aks-operator-crd-104.0.0+up1.9.0.tgz
     version: 104.0.0+up1.9.0
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/namespace: cattle-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/release-name: rancher-aks-operator-crd
+    apiVersion: v2
+    appVersion: 1.2.5
+    created: "2024-09-18T12:29:47.149523645-03:00"
+    description: AKS Operator CustomResourceDefinitions
+    digest: d986ae5f647705ee446ed58063a25039d7cdc22b03a2f0260b76c8720160f44d
+    name: rancher-aks-operator-crd
+    urls:
+    - assets/rancher-aks-operator-crd/rancher-aks-operator-crd-103.5.0+up1.2.5.tgz
+    version: 103.5.0+up1.2.5
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
@@ -7990,6 +8160,32 @@ entries:
     urls:
     - assets/rancher-cis-benchmark/rancher-cis-benchmark-6.0.0.tgz
     version: 6.0.0
+  - annotations:
+      catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/display-name: CIS Benchmark
+      catalog.cattle.io/kube-version: '>= 1.25.0-0 < 1.29.0-0'
+      catalog.cattle.io/namespace: cis-operator-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/provides-gvr: cis.cattle.io.clusterscans/v1
+      catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+      catalog.cattle.io/release-name: rancher-cis-benchmark
+      catalog.cattle.io/type: cluster-tool
+      catalog.cattle.io/ui-component: rancher-cis-benchmark
+    apiVersion: v1
+    appVersion: v5.4.0
+    created: "2024-09-18T12:33:27.425032169-03:00"
+    description: The cis-operator enables running CIS benchmark security scans on
+      a kubernetes cluster
+    digest: ede7f087f82bc28445c186fcaf2238ac3f34a1cdd6bd0845f0904ae013072ef7
+    icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
+    keywords:
+    - security
+    name: rancher-cis-benchmark
+    urls:
+    - assets/rancher-cis-benchmark/rancher-cis-benchmark-5.4.0.tgz
+    version: 5.4.0
   - annotations:
       catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
       catalog.cattle.io/certified: rancher
@@ -8524,6 +8720,20 @@ entries:
     urls:
     - assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-6.0.0.tgz
     version: 6.0.0
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/namespace: cis-operator-system
+      catalog.cattle.io/release-name: rancher-cis-benchmark-crd
+    apiVersion: v1
+    created: "2024-09-18T12:33:47.782593517-03:00"
+    description: Installs the CRDs for rancher-cis-benchmark.
+    digest: af35b45bbadc8963defe591fe1d833ba3bb7de4d336f806019a9637e5628f1b2
+    name: rancher-cis-benchmark-crd
+    type: application
+    urls:
+    - assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-5.4.0.tgz
+    version: 5.4.0
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
@@ -9056,6 +9266,30 @@ entries:
     urls:
     - assets/rancher-eks-operator/rancher-eks-operator-104.0.0+up1.9.0.tgz
     version: 104.0.0+up1.9.0
+  - annotations:
+      catalog.cattle.io/auto-install: rancher-eks-operator-crd=match
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+      catalog.cattle.io/namespace: cattle-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/provides-gvr: eksclusterconfigs.eks.cattle.io/v1
+      catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+      catalog.cattle.io/release-name: rancher-eks-operator
+      catalog.cattle.io/scope: management
+    apiVersion: v2
+    appVersion: 1.3.5
+    created: "2024-09-18T12:31:26.434131497-03:00"
+    description: A Helm chart for provisioning EKS clusters
+    digest: f775870d48182ca7fc959c4a3f2f41dc5fc45c3f0bf7b4eb182343f1b2b47f18
+    home: https://github.com/rancher/eks-operator
+    name: rancher-eks-operator
+    sources:
+    - https://github.com/rancher/eks-operator
+    urls:
+    - assets/rancher-eks-operator/rancher-eks-operator-103.5.0+up1.3.5.tgz
+    version: 103.5.0+up1.3.5
   - annotations:
       catalog.cattle.io/auto-install: rancher-eks-operator-crd=match
       catalog.cattle.io/certified: rancher
@@ -9433,6 +9667,22 @@ entries:
     urls:
     - assets/rancher-eks-operator-crd/rancher-eks-operator-crd-104.0.0+up1.9.0.tgz
     version: 104.0.0+up1.9.0
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/namespace: cattle-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/release-name: rancher-eks-operator-crd
+    apiVersion: v2
+    appVersion: 1.3.5
+    created: "2024-09-18T12:31:34.427588242-03:00"
+    description: EKS Operator CustomResourceDefinitions
+    digest: 0cb62716c058ea212f1607ec96b010f833cf2f911b528cd8c074f9af9f82c481
+    name: rancher-eks-operator-crd
+    urls:
+    - assets/rancher-eks-operator-crd/rancher-eks-operator-crd-103.5.0+up1.3.5.tgz
+    version: 103.5.0+up1.3.5
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
@@ -10092,6 +10342,30 @@ entries:
     urls:
     - assets/rancher-gke-operator/rancher-gke-operator-104.0.0+up1.9.0.tgz
     version: 104.0.0+up1.9.0
+  - annotations:
+      catalog.cattle.io/auto-install: rancher-gke-operator-crd=match
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+      catalog.cattle.io/namespace: cattle-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/provides-gvr: gkeclusterconfigs.gke.cattle.io/v1
+      catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+      catalog.cattle.io/release-name: rancher-gke-operator
+      catalog.cattle.io/scope: management
+    apiVersion: v2
+    appVersion: 1.2.5
+    created: "2024-09-18T12:31:57.243180794-03:00"
+    description: A Helm chart for provisioning GKE clusters
+    digest: e047d32a75052817d417841c959f0798be71c5d04d70d9343265e932a6cc66f3
+    home: https://github.com/rancher/gke-operator
+    name: rancher-gke-operator
+    sources:
+    - https://github.com/rancher/gke-operator
+    urls:
+    - assets/rancher-gke-operator/rancher-gke-operator-103.5.0+up1.2.5.tgz
+    version: 103.5.0+up1.2.5
   - annotations:
       catalog.cattle.io/auto-install: rancher-gke-operator-crd=match
       catalog.cattle.io/certified: rancher
@@ -10373,6 +10647,22 @@ entries:
     urls:
     - assets/rancher-gke-operator-crd/rancher-gke-operator-crd-104.0.0+up1.9.0.tgz
     version: 104.0.0+up1.9.0
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/namespace: cattle-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/release-name: rancher-gke-operator-crd
+    apiVersion: v2
+    appVersion: 1.2.5
+    created: "2024-09-18T12:32:05.269103956-03:00"
+    description: GKE Operator CustomResourceDefinitions
+    digest: 171b6f67e42789bb322a3ab2190f6725741361c484dedd029364493a1c817f4c
+    name: rancher-gke-operator-crd
+    urls:
+    - assets/rancher-gke-operator-crd/rancher-gke-operator-crd-103.5.0+up1.2.5.tgz
+    version: 103.5.0+up1.2.5
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
@@ -15096,6 +15386,24 @@ entries:
     urls:
     - assets/rancher-webhook/rancher-webhook-104.0.0+up0.5.0.tgz
     version: 104.0.0+up0.5.0
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+      catalog.cattle.io/namespace: cattle-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+      catalog.cattle.io/release-name: rancher-webhook
+    apiVersion: v2
+    appVersion: 0.4.11
+    created: "2024-09-18T12:31:46.979846816-03:00"
+    description: ValidatingAdmissionWebhook for Rancher types
+    digest: e3b7646a441ff6e45b604f8d33feb0e0b61b7f0425e44103a0a10321fd10d236
+    name: rancher-webhook
+    urls:
+    - assets/rancher-webhook/rancher-webhook-103.0.10+up0.4.11.tgz
+    version: 103.0.10+up0.4.11
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
@@ -16346,6 +16654,28 @@ entries:
     urls:
     - assets/system-upgrade-controller/system-upgrade-controller-104.0.0+up0.7.0.tgz
     version: 104.0.0+up0.7.0
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+      catalog.cattle.io/namespace: cattle-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+      catalog.cattle.io/release-name: system-upgrade-controller
+    apiVersion: v1
+    appVersion: v0.13.4
+    created: "2024-09-18T12:32:20.701924094-03:00"
+    description: General purpose controller to make system level updates to nodes.
+    digest: c0450afb46c0f28e17a41f7ca6f31b1798f6333c6116f866758ed78893552b70
+    home: https://github.com/rancher/system-charts/blob/dev-v2.8/charts/rancher-k3s-upgrader
+    kubeVersion: '>= 1.23.0-0'
+    name: system-upgrade-controller
+    sources:
+    - https://github.com/rancher/system-charts/blob/dev-v2.8/charts/rancher-k3s-upgrader
+    urls:
+    - assets/system-upgrade-controller/system-upgrade-controller-103.0.2+up0.6.1.tgz
+    version: 103.0.2+up0.6.1
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
diff --git a/release.yaml b/release.yaml
index 233f65d739..a1f4da7aa0 100644
--- a/release.yaml
+++ b/release.yaml
@@ -1,12 +1,32 @@
+elemental:
+  - 103.4.0+up1.6.4
+elemental-crd:
+  - 103.4.0+up1.6.4
+fleet:
+  - 103.1.8+up0.9.9
+fleet-agent:
+  - 103.1.8+up0.9.9
+fleet-crd:
+  - 103.1.8+up0.9.9
 harvester-cloud-provider:
-  - 104.0.2+up0.2.6
+  - 103.0.3+up0.2.6
+rancher-aks-operator:
+  - 103.5.0+up1.2.5
+rancher-aks-operator-crd:
+  - 103.5.0+up1.2.5
+rancher-eks-operator:
+  - 103.5.0+up1.3.5
+rancher-eks-operator-crd:
+  - 103.5.0+up1.3.5
+rancher-gke-operator:
+  - 103.5.0+up1.2.5
+rancher-gke-operator-crd:
+  - 103.5.0+up1.2.5
+rancher-webhook:
+  - 103.0.10+up0.4.11
+system-upgrade-controller:
+  - 103.0.2+up0.6.1
 rancher-cis-benchmark:
-  - 6.2.0
+  - 5.4.0
 rancher-cis-benchmark-crd:
-  - 6.2.0
-rancher-webhook:
-  - 104.0.2+up0.5.2
-sriov:
-  - 104.3.0+up1.3.0
-sriov-crd:
-  - 104.3.0+up1.3.0
+  - 5.4.0