Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add to git #616

Merged
merged 2 commits into from
Mar 8, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions bootstrap/.sops.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
creation_rules:
- encrypted_regex: "^(data|stringData|tls)$"
pgp: "EFDB9AFBD18936D9AB6B2EECBD2C73FF891FBC7E"
106 changes: 106 additions & 0 deletions bootstrap/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,106 @@
This `bootstrap` directory contains all of the artifacts that must be
manually created for an initial deployment of the Internal Data Hub platform.

These artifacts were created to facilitate the migration of the IDH to the new
Red Hat IT-managed multi-tenant Managed Platform (MP+) OpenShift cluster.

Information about how to administer deployments in the MP+ environment can be
found [here](https://source.redhat.com/departments/it/devit/it-infrastructure/itcloudservices/itocp/managedplatformplushub/mppluswiki/user_tenant_onboarding_and_administration)

Follow the instructions below to manually create cluster objects for:
* The central ArgoCD instance that will automate GitOps deployment of all
IDH applications
* Namespaces for all IDH applications
* Rolebindings for ArgoCD to deploy applications into target namespaces
* Network egress policies for application namespaces
* Tenant user groups

# Creating namespaces

In the MP+ environment, namespaces are created by creating `TenantNamespace` objects.
When the namespaces are created, the resulting namespace will be named `<tenant name>--<tenant namespace name>`.
Our `tenant name` is `internal-data-hub`. Therefore, for a `TenantNamespace` named `argocd`, the resulting
OpenShift namespace will be `internal-data-hub--argocd`.

For each `TenantNamespace` object file in the [namespaces/](namespaces/) subdirectory,
run `oc apply -f $FILE` to create the `TenantNamespace` object on the target MP+
OpenShift cluster.

# Configuring MP+ Egress Rules

Perform the following to set up additional things requried by the MP+ environment:

* Create our user group giving us permission to create TenantEgress (network egress) rule
objects:
```
oc apply -f tenantgroups/internal-data-hub-tenant-egress-admins-tenantgroup.yaml
```

* We need to define `TenantEgress` objects to specify network endpoints that our applications
are permitted to connect to. Run the following to apply all of our `TenantEgress` objects:
```
oc apply -f tenantegresses/*
```

* We configure the managed platform to sync various Rover/LDAP groups into the cluster, so that we can
use those groups to control access to our applications. Run the following command to configure all of the
`LdapGroup` objects:
```
oc apply -f ldapgroups/*
```

* ArgoCD's service user needs access to all of our `TenantNamespace` namespaces to deploy our applications. Run
the following command to apply the necessary `RoleBindings`:
```
oc apply -f rolebindings/*
```

# Decrypting secure files

Some files needed by ArgoCD contain sensitive information and are therefore stored in Git encrypted
using KSops. Before applying the objects onto the cluster (in the next section), you must decrypt these files.
In order to do so, your local GPG keychain will need to contain the private key with fingerprint
`EFDB9AFBD18936D9AB6B2EECBD2C73FF891FBC7E`. You can get this key from another member of the IDH team.
Information on how to install the Sops tool can be found [here](https://github.com/getsops/sops)

```
sops -d -i ksops-pgp-key-secret.yaml
sops -d -i argocd-cluster-secret.yaml
sops -d -i datahub-ocp4-argocd-cluster-secret.yaml
```

# Deploying ArgoCD

We use ArgoCD to manage GitOps deployments of all IDH applications. We depend on the
Red Hat OpenShift GitOps operator to deploy our ArgoCD instance (the MP+ admin team
is responsible for installing this operator on our MP+ cluster). The deploy and configure
ArgoCD:

* Create the ArgoCD instance by running the following command from within this `bootstrap` directory:
```
oc apply -f argocd/internal-data-hub-argocd.yaml
```
* Create the `internal-data-hub` Application project by running the following command from within this `bootstrap` directory:
```
oc apply -f argocd/internal-data-hub-appproject.yaml
```
* Create the ArgoCD service user:
```
oc apply -f argocd-serviceaccount.yml
```
* Create the cluster secrets so that ArgoCD can deploy applications onto the target OpenShift clusters:
```
oc apply -f argocd-cluster-secret.yaml
oc apply -f datahub-ocp4-argocd-cluster-secret.yaml
```
* Create the ArgoCD TLS certs configmap so that ArgoCD can trust connections to endpoints with certs signed
by the Red Hat internal CA (e.g. internal gitlab):
```
oc apply -f argocd-tls-certs-cm-configmap.yaml
```
* Create the secret containing the IDH sops key so that ArgoCD can decrypt files stored encrypted in Git using Ksops:
```
oc apply -f ksops-pgp-key-secret.yaml
```
* Create all of the ArgoCD Applications by running `oc apply -f $FILE` for each file in the
[argocd/applications/](argocd/applications/) subdirectory.
39 changes: 39 additions & 0 deletions bootstrap/argocd/argocd-cluster-secret.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
apiVersion: v1
kind: Secret
type: Opaque
metadata:
labels:
argocd.argoproj.io/secret-type: cluster
name: argocd-gpc-ocp-hub-prod-cluster
namespace: internal-data-hub--argocd
stringData:
config: ENC[AES256_GCM,data:6lQ8CjpG+Dvg8L3BmUxScYPhIDNikkobhb9Sy8GgWan5jYg9WOVFEN1lHCPWGW7kEOWpZCV7VRsm3RBIJbnqERaIaEhyuar1/nzqNdj1ICuNMFhYYKKDRUoLHsfzz/PC4TinVGSWJwA6FpQje371gv+WxUHikinWdGPHyaU3QVPow+5p340idNIMMOgm9u5Gx2QoCAh+odSUquW8Y8sOy7lms+30xtDFq66Qtu8+Rzs55mSV0tbptIQmWywmOWfZB8zb2YuDv4dBMKJBovTrKB13aiuJeuG6oPU85f2VXSlXhtVszWNwambebmCJqZuAycYumyrmAKcELRAXnBCxDr4ZTJ3cws6Iv/FWQxmzn7LKc7KyoDDP0juxYJQK3cdcvFtp+Kj+EMHUQrKDA+yUjkrRhPmdjOUw+Yp36usNkpCtPAKL93FBk1m++JdtUJFnGTxd83FqjdFILOfKenf1l5NNu8LGexJ59xuT5mjU7yTZkZITdPcuyTGSyaHHUCenwW76isaH9M+AFZAfj9OMY4YVLEsJ7ZCB9aXpz26Dxl1JcLxTvymlrq8PMC8T3+7/Y/rVjLqCoeN0tS4d2HczcQ1rW4+4PRceRogrlrTMgjQ5wXVKmv/3NZiwMXgNtnd4VIrAkEmeKa2a8LOK/pBhgHNbjM5UKFxMzOKrdr0CJJCCIQU9gucSGnp9vsNLzGVMOhiqUnYqxYxy/5Owhva+K66qreXhFB0zYud3shFClkbHVUQlPun7+rpPLYGgBWeQ+coPyrZVi42Ab6D/7PUvnCpzc/diEm0hwTT0eX3zUqrIh3aCJbcaVSjveDED7PdnOnNVRtTbhTEp6NUMOGDO/igV255+jkljzhmKBXLeSnWpuMH35owc4AwBHgOqx31aCp6Q9mFd/PNNlgpHl8ca4OxhaW3HY3mEAz3QKNxUBbXRPIE5tt4NW953ov8uA0NKWMfQChmnTv7nORgp5n7yyKAv0jZvEWC+OTKev27XSWBPRGZnXJRbSut7yt3tNP6I1xFaMTeeaKRlLzKnRP3gsj3RTJt3uMwOee6S+YM6hpH4Kv+qIR/4khPhWim6K2o1TuQJueNBBPH1zn97vlvajaYkbtA+wcXAkdvO19R05h1u2nDH1u8Me+PT+oheZS202dJCSIGlZ2fqogK8O1cO1yL3/sn0MCM1Yn/G/uT5HvSDzDO1o04gxCjTtTc7fa7cI7fFivoL5Dxs3WPgENS7YzjG3irMFHgawlexQHICXlYnUH7mJ18g5pWxZK8jVsnwUYIvDu6/WtIuHdMn8+UbWjfUUkqie80kIppnz90C1luSOVKRDfnc68p5IIHtBCSpHqTJ/f3diEmwMxEH8GXpjYFNnrP1RMwnpZ1iEU3u+zQF22XyA3tt/sbnbZNHgbkLyABH0WC6tY/P3tPDBQ/rxMGYYKaLWYH6p/Nn6dfJ,iv:zIWOj3VvoOQzfIzGPTn8PNG3vK+hA6y8uUdmPohUVFQ=,tag:/l8aA13My1oc3zPoZdFY5g==,type:str]
namespaces: ENC[AES256_GCM,data:/RuchO9prWJZ4vSem/a3qYdEHF96azoBnH6ZV9YDRpD8NSnORwUnM+nYtIipO/RrWZXm47mr1yrNHg5Q1jtNy3R92yHSxwCjM1FkoGNOpgkqxfZQo6okVBMO083G9gH/Sv8RSO6eQCRHLwHkQOcqY9fAxQSkINZr/Zwq4LdeLRA0sA6QDxjZXPyCmLl9RIwgcPL/4Fpb2nQfyQNWkhxyWmM9fRAlVDFSl2mDGcwaZSnNl0udJ+Zvges0QNr/DkZdqp0oTWLiWI/Ai8mXMvWYiZFyK6AJh7EwVEzokYUrpus=,iv:jCM7jvDMTtxhMDuPpibi9B60rw0bfvd5ByQtFHNveqg=,tag:f7eRevDe2icbGm5sQeTBXQ==,type:str]
server: ENC[AES256_GCM,data:qcwuVS17usuR/xxr6fdR0pRSUu0S5ztcU9BYyhm7qJ3S012lCeVlFcpTSHwFLTpb,iv:NPYJ0jPfaIrRwbyDgTMTf54ffxUnd8JvTmVpGSwHGhE=,tag:cT7azpMmLWVD6EELnTdulw==,type:str]
name: ENC[AES256_GCM,data:j349oY68WwXdgkWusFWSwqQnA+Qihx9ufV/LO8SfA20h9I8=,iv:/+OkZswwCmiTX5UPhEiIX30FDgr+NDx2L0j/m7jt+Q0=,tag:PIfCPafUefwi3ZCETR78Ww==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
lastmodified: "2024-03-08T15:49:57Z"
mac: ENC[AES256_GCM,data:H7JB0kwueyc5VjBsApcv9awA92rylKBsIT7T+6I0WR+yU1zrLdw2NdhTIexT2krVNE2AypX+lvDTL+COkHt46Yt2JYwDDXAJb2B483xRG4ZArxFyD/FxXLQXEgyxWPw3DCosmqSDEFX9vsJIMzmCfR55rHtFnoillJMyqOf5jTw=,iv:zTkTV2dV4a3Ndr9HzD41vbcmqMlcLczMG+Z132LVPDY=,tag:mfm7QPA8S81TK6pyOgfssw==,type:str]
pgp:
- created_at: "2024-03-08T15:49:57Z"
enc: |-
-----BEGIN PGP MESSAGE-----

hQEMA/irrHa183bxAQgAoBDbYzhBkrRsZwsPFeOrHEocrcmFIVgL36/gS/puV9HG
9g73lge2X8EGzOKh1lm66DAYvyOEypVUYU6PLv93VMgGBx6qqpoBaQ/+D7B9zft1
fzUx8G4GPhMkP8hOnCEDbU0euCc0rBVBACgz57DSuGV3gnmlZQeAtWAfvQLx9FF6
VsDuqGV8VSq+ENOOKtkLnl+oMmuZkJGV16w+jY8yOopVKKf7G5+dQ8Ws0kbJfHPK
76p0JPX82Z3s+6YNmQO/XvE68vqGHSoDGnVTdxG4yGILx9Ki48T4rpgw1Z9W5r9p
OtfuOD4Xxj05wxVXU3wHuS0h07OiLerDFrsZhZEEltJcAULFsmLgJGKTxug5Lu4b
aejeGWKS6Tr8xUmvSNM/umgDK2G/Uz7jNFYu+cx66rw4VMjNlepg5ilmrRutF9K1
7a9Ifia8HPkZY32a0OzOEIHJSHVnRA8CFn0dm4M=
=Uyi1
-----END PGP MESSAGE-----
fp: EFDB9AFBD18936D9AB6B2EECBD2C73FF891FBC7E
encrypted_regex: ^(data|stringData|tls)$
version: 3.8.1
39 changes: 39 additions & 0 deletions bootstrap/argocd/datahub-ocp4-argocd-cluster-secret.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
apiVersion: v1
kind: Secret
type: Opaque
metadata:
labels:
argocd.argoproj.io/secret-type: cluster
name: argocd-datahub-ocp4-cluster
namespace: internal-data-hub--argocd
stringData:
config: ENC[AES256_GCM,data:5/TRW1uty5iatV/UVShzVjUO7OrGomKNqOc+Qg7/erxb/XZKd3VnksUMhdkU+WQ5HXwt1k8pAFsyxTEhIf8zt/f/CNVf7y/S8QYHPb4a48dA0bvXPVzkhGUjRCqXAQgUNAuaO7LCS33qgZHkYqyTlz207rCu0ZlHg4AE4wy3tbyiN2bcmOW3ufE3tEc1W9e3HNET8EMHrVY5ySSEOdWXQ6f8xT9t3bsuEexqI9vF1cJlMYYxQdLXADIuqzpXj1YRub6lYp/YsiIYs/76GgZwpp1AEirDlIjq/lsxvVvvzgvZRe8ko1tllnk/9jlz52WM3dWNCbu+PfRM6Yas4LGiYvMOI+hiFGWVihAl2DXVNIJJEz4Ybiu88m/0OsiQrFvlzC3pH+WUJf9pvvIyWKo3gs4xculMtQnt6+c4/wfbfdM7RjquUp5+xbrgTpcdlO6vwxUhlD8zLd78wZ+HXmsUmZ2ElxrjUekMQrWMktCecQ+jP7GWsjY/o/uydUQRhDMT3WO6SkRfdj+sCGUs8FCXAx1cvj9Y6zUPUwXmIHh+Y4FcSLlAubG/RW2RGZjlR6eEVSStjkmNQeztel6weNb73WBqW/Fst7x2AcI3EqBp5Xu9AmnqdxtlA/ydqSkAuLVlQ/2MNsk48nBXOOHjzUo3SujeeMdFYsM5bEmsE0a2c5QlWDynsyJmozkiBdsr1wQ7YP82YZWkvi0TVMp9hXxT1i7IdDo817K9WQD+EdgT8hrrkUmhgPlp6rVBaXgUnDerFRbWQvKhSbHQ9lQAy/ia7CZLNsnpOsoTii/+VYm/rXHjJvMHLIiQfkNoooxiqabh7Z8rmE+tgsZ/756ul60cQ5NTyABNCmo0Gnn15uIoRo2VRhPPyhQREa2PVbiBzyxAbi4x+APmwBhpEAGFZhRVYiN4MwXwAdGeLh6wHilQ/khUQJmKcw980O2snOzwYbk2sD7Z5EmAaLU+44QIKJfBFerPgIHw/cPPaVOSfHlre4oS2alqISQLa7gxs09wKS6wTfHDO/XHVuwvPC0U0c8on+Mlcoo3At5IMivmMaGAiK2M5Nyv4nc8aoTF1uEfPuHHPF2DEldX5AiPndwg1BLPGuWeqHuBwG44HujRfD2meoQUZ7S7ZkqdutMdP9aEJC6XhPWJY2BhHW/uDGuRezoNIQ7ux2yoTmrhkNlpF42BnVWgS1RZbYKiSBIEQ+JZ95inJCOWhZ6hjxlXYnK3nvySkqn7/olEOfl+pwCbRYNl7O/BVPPlHvau24nvAfBObG00pQ+ySfNa1bbXi14/k3bpI3QAIALN3UjqDMw5g6jBpxLg9hHuFuxv62neQhazdj+IbZKUfphxG5DrQIgEjyQs8DWiEGdqzYZ3H73ExzqqW9AL++HIplLINYMFfb+ovWSkRjXbb7XXXkjqN4Kg7HPz5Fn8aJF4YEKaSPdWDa4z6CisgRmfGg5EcNeiOu3XvlrsfE/8FtYqieFH8h33Tx5A6hRX9mlNChkizrewCEh99OfI1ouhEBTT4Zf4BHoDrE842S+kwF0qoCjI9TJrIcJJbey4c2ociDwra5G+lc3XjHAYiH82Lgt4DrMTIVGmyHX7ozuaG+VKOt57e2Gd4tbhYvRUzbxgby0Mx6czXTqg45VU3j+dxic3YV0dhgs6MrIfP+sgrtUYqdfgQUEY71xBTW/wXUnyaGKiLH+/xg8oFaXu4RfMIPeaei7tqGxd0N0AAEOckL2cMCcf0klRAVHZN4TanUsdFqfOuXZsd1Zlwi0a0L4AYL1UOpRTf97+F+4ikPQ=,iv:uYe5jI8XzdGjBdoZiXsRwgYEsqfIZOxX//pK1y03gQ0=,tag:SZUi/Cx/P0cp5SsdRfv5hw==,type:str]
namespaces: ENC[AES256_GCM,data:zNOQT9c2UQBtJA3qXULNE39kt/HWqFjBvL8I7BNogkpGNU/8PBcFJAzkRTkxKwt4d9kJ1YLtztf9QzcqhJ8r,iv:ItmTfNnRDwSzh4kK/8RXPUg3r4MEaYB/hbQ1P92UeDM=,tag:duzVpY2WK6cJZZLDsFDwxQ==,type:str]
server: ENC[AES256_GCM,data:n/yjUUoOB2P5hUw0QG/l760Hr0322hi8w4w5pcOqqpwMASV0Ayy7lHosRBR4sarkwQ==,iv:DS3vx7vrhdQM6U+2HpPUQXXNHgCV19h+/Q6F5ev7Ud4=,tag:dGaVtJWtmvbz84IqnA+Zyg==,type:str]
name: ENC[AES256_GCM,data:9qchzjl7bP18QvzZfrobr4ZjqgfJGM/WkLDW,iv:HTUUFn3rHQIDx5w0zJYgZq5H24AV4dsRtSQgMt+TF2w=,tag:ICNI40iOcda2/HuYgWEUXg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
lastmodified: "2024-03-08T15:49:38Z"
mac: ENC[AES256_GCM,data:8xyiKu5HfkL7df7TX2zL86c9Ue/340TBi+3HrKtbAnAoou8IOKHxTQt762fJ4qVf5Sswelez+K22hDr6ehx37apD2EUVZQrvak68Qb/r4gKNDMdrYTv2m8htHkS6sRwsoFXblLto2gCPG8PC07cLUmcnbD3Q5tMF2PRV/APtNSY=,iv:TrEKzr9Nq8nrnP5cEjxjC/PcoQQ/4HN35LoL3inrK6o=,tag:n/tQJrVCMWveX1G9wY8jtA==,type:str]
pgp:
- created_at: "2024-03-08T15:49:38Z"
enc: |-
-----BEGIN PGP MESSAGE-----

hQEMA/irrHa183bxAQf+IrKqOPDs1KR/6tUXjU7eyOr0mPgqq5jDnvSvDUttlL/U
VNUxtKNbrq4hku6PqNl9KEuuiMTMa5iYgEo4PosE7u/5WDRz6kGoPy9emyF2y4Ps
VUHYW/MTTCr6EQPanmthjV0CIfL11f00JiWB2c9EMeTwcGHIDT4KSH+F7Fqt33ld
xQKMPX/cf5OGmlWOsGr4l68/EvzAbni1ntakEeFLq9QTyzSMvROptQKq3KSiG+Ft
WDpwtPViEEXA61Ch2+sjkybcrQcvsnNDv5kTvX1CsEoWBbDDjSx8UZzt8xq1OhOf
nIbdhqCyjvwi2gDqZ1sCTbnCX6j2fG6l5Zs9qwEbbdJcAQeArKYuo+zX5XalYhYm
CDZ+u5vNeqR7rHWln1va4mK0ebfqIeZCPCYcm/c0Gsl4yh6FMYlvKvFj/Uk/s10S
ErSj7NG0MZ1USIpeXV09ggD8Vh97ZzinuVktGvk=
=swfe
-----END PGP MESSAGE-----
fp: EFDB9AFBD18936D9AB6B2EECBD2C73FF891FBC7E
encrypted_regex: ^(data|stringData|tls)$
version: 3.8.1
34 changes: 34 additions & 0 deletions bootstrap/argocd/ksops-pgp-key-secret.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
apiVersion: v1
kind: Secret
metadata:
name: ksops-pgp-key
namespace: internal-data-hub--argocd
type: Opaque
data:
private.key: ENC[AES256_GCM,data:NMBlQooc48E0QPGvdVgNwfArXT61mrlwvMDh2RgyrQ6imJ8CcgkcyqvfD+aofAjleVIOmvAAq3YJzRJ1C3DBTqnpotG2tiw0I9Zs1CTA54Dr9B8t3qF8EzvZFtyfeGsjVCE6s5AAoIONm9KKhbCooHYpmNxXKcW7MZqCTJcTUNnmzOP5tBfMG0jFQNnAFaqQ1Ffcr6dlaU8Zho1NGsD4UaZ+D4ytbfLM/JKd8fQQEzw6hNuRkC+AdxQsWWriYgRt/JducAKqC1k9u5HFNNmu/eaa4YF+xfqQaVFZN7OafVw/hZol7LKtIBagV7j6AmPFOk8kqWQjPB50viieAROzHwf5aOqSpl10P9UB4pb1Xe/2+OyQHbpVyRJat4eQn9GsfNYaJ/xotPhxMPy92jZtE+t9pxjMlWGD9CsUvqkVellI0ENdBrpGkhsYvGsg53Z5Len2kY3fUeVfjJebTyqCP3eHsScsDAbrS/VKtwH+HGA4bP1Q18nCdkuURXV/Mnt1znXeYPSWN2gUufBY4Wj7hO9DE7n/Q/OnhPEqFMmHAOgiwXQOxli7mcLROxO1g6Q9ksVpV8x0PgHyl34Z5Q9n1J5TcJW5WpRVHGVMglHHV226hsQoyBxixxZizhRMKhmYAe8l7TzjawX5jYOQhYCa0YgiZfVouJu8zlwU5+p3zZw9X0seKsVWT6582mIm+0QAtrWFyLrWJL58z7F8VSlhOdl/TPeVdxKmXR0gGEQDXCDV4FUUu+v+q4H1s6STXRS1HdFq+7bmz1ej/pTf9ee1nxwavVZDV20OLen3x6MVWkdI+xWBmCOOhxsTdZ9dmRiCiVXwe9IfOmMCR0ndxWFWQROQatU5RmEH7rQ6QAs2GZpJVeu9wg+v9QUrwPRmSs85wg0tSW4MCku5A041MajaBPCNBId6xhq+Y8Lu2m9QnbGzLRc+E528Xs/Rjxpai0rqbGg6lICE1IIGfWdTNJW35nksPT+m2O2e8QXwGtzJfFSwLXM19iuGEY4H7FKQu1NczzfzZnGktIbeiJxIpaNHB1Drnydhj4SGmEzUj2aXLD1v5/ghVcORkppCb4Ep1RowJfBw7FDn0gnz613He8PNZehiwVclgQCIYCa+eRq762frcBHjG1kdLBQx66FcpVcDO4MCkZl0Xvt9CDEkbSwlO4apjNQ3b1HqcF5hZ3AV7B1iaffXhdav3+evO2S5QevrdlsH4a8RMkctt748MgeA4DZHERG5viFkbL5lfkBSBiHmXkr4KWRW94hBOtRcJwidAYsGUI0hTUuDIsMg0HP1pLPb9tvO5zBvupAAQvsk1OPbYwPahVE1AmFWzc9wDHE35TLJK/EZCdY4ZN4DOUpY2MJrBDcxsjP/PFcEixCWeG5t3cHR56Q1LhGzsYFjB9zpUwCB060ohLD2jgLKxtvIzLfvHR3bUsw7HCdvpVd+nd/U6mrRf5yK5WB1FA//OsQ5V0vhBZ7MtHDl5vC+yGqqXVss8h+xesNw+TgAY53SZVgJI3n9RN+0Qrxod8Zdlrex7Wl6AoBsFskPLJSw4QQDPPAHjdWi1IullLSFozGsW9qlZHVTYmhqMwWO6+5j4KA0O8ImEx9r+Vyp9S/S+GU9C5oqjXy51dVaMDqUs7UMzHChh9DZ6FDa8D9zSo5C60e6JPYhKl8bubN2YAbuVozeIKn0Tzv+zI+CLwtstmKJCLCOdbyUz/sWMCEaB3tDZpuMyK7uVQ0YKSf2c4imi4Z0gWpmCSthpbXL3sv1KabTv5BYHRSs6NsVWAjA2jKofKW0kpKLZXqq4YwQRVaqVtJhIXm7leoqjGp4x57q+k4RPjYmrdoc/L+hsmbVB2+7dsSrLB/31oiTaGQ2+Ik2PJbhlsrNgtlux8jU4aWRKC3JQLrggSSYkJrqGSjjUbpbnO8HfYJO+/c3JkJnPBhfC2slgbxpm4mA69RNkWrlnYZOj3KcJd/wUZGEGCJ+/HA8O1GO3R+/hTBxiIk9jG1x5P2uYOTwuonKf94vqGPTBA7fcA//zMp0//6lOj1xb4X+zmA4Iy5bwOGN8dpt5N2QbERrghytVJLOxKUxxIo5vxcQsFgszCD3GuM+Qe81CiHA7OUw5A2ftfLK0yMbsIrwFbfLjukB7MEU3FqP7wwkNyjLFW7rkaGTVhvYJjjTvVCcZOp/hDVJO0bQmX3lyoTxxTqusOZEfESiAyN9+CJXa5lM3+DBK1DcwiOAGJjcbPZoaKCJfJGAtYeFWXBj+dIOIh+4crTSmnEMv9WbJbFw2e4IznFrTkWevzVFFhXsAhUIr6K1qlW1XnVRdcnnevvQO4F/4p+CH5NI8hIbbdmVog0puh7YX4QISIpV0FH1ahZd4Zv+VgTT7xKNDeac17j7WfoWctzzInUB/eJU84IrtC0ifEOozC92m+nJYARiUbuAMTDXJCAl99EYpP/Hv0N/2jqx3NRdDuJaUfj+49wtHiiDRvBTkkK0Qa8Ij72hJ9Q7jHciwAWRXVVU79PWIrqkczrxXvd4BDbKC25tNfJjJQbJnxLP2KEuFawHTrA6xgYN7azAAJyg2gf6xB59HWRICNlW5RaZ14NS4ZR2DGnaPTJ7u4NluvBYL4OEUaC4xST4xxLXpfT+WvCS2QqNZV4d3T4bUDscy8WpvKDSHmXpo7IVdfA7CtztsMp2rSd4ofWEM5WPL+dx20U/4jbwqVZewbDECodvqr2LdowXZp8o+2XQ5jGVF3s46rjpLbtHfTk8hy7Kh2/Ltaaogn62UpHUwfkqNhdBdOj3RS5Wnid2mkiRZ5ZVB/c8CMBrCvamIN2zn1y21QbM9OCjG41kXTQsiHMOmU0YsBQG6Y3rymmt7KXIGavMfRyXJEmI4Vq+AFEXdRAOjGRCEydujsL8K9/nHw2xKX3MrZ7h6iECM3SXiWmc6pbpEbpuCuNn5g5BJ0fvdtufmt2R//SAlUYH51eOCJFAKsXJAozqowrO4boWLwh0M4xs2tOnmof7MZ7+43odroSYmVmqRkirbahC/jjRZTvkZ0rZhsMxiculPz+sTn2Bs+8fZupnXozPY2uYwHj8gx32YPRpr5hcLqrDCXWpGSZESudpAb3O0/Nxu3xPFilM5DdxOoWbgSjTQwBZAO++z/WYkG014YVKF63S+3azjeArBOK5EHKbIqVqna1vWnMBfeQ+i4zamhuUQ+jRqhtkvl837uJl0RtLLMpAvaz80MEIwsTNuRHN4US5mfXZpG39KPQfmUY1lmR8OVLM0nl98TaDp9y5ZXMCRi8hZ8Y9VaLtTlB6nMqDDqgLL9Fdl06p6YUDcKkbcIuM639dmLeg0LJozk5zJar1wlt8giul4LAv/x3DtiOHJy8Y38Np9sGEIU8/PDTa07kcggV3Z4Hy5khQ9d2cNngIkmynoMyur0ur5+VpMB6UxD1I5Jx00r623SYhohE0RsFvn8JX2c4nMLvNwainTy7jEce+DGvKfk2LM0NtC2vTU53s1E+tpQCUN9KT8BGs8Z7koW4wVzSln0levsFRGbsb+49I3L0oAsOeTnBzFb+bfSAID2M+AYR2JyBPyVevuoy/x4VVf57I0O/uBOBh114AKhsHXtOOpOzgimyDrzoYoYsOcaEJuNpvE3d/N0WAuEKWGXF6CIVTBXLwmD+Vx80obwbzc3CC5pZ/JrQmcSlzFCF0LP9X9Hez7M/hRgvUQ4nLhIf8/NwW207LQajr1Gr+35cEkeY4za7XNwwmvmryPdgnCLjjDnWUVijl+K23pTvhEVwYV3qJH3/SrnaEHLEWCDEamIHs48z3vwPq/6qCnPbSt8iNwjUYONMpxMkQHIIElF6eQIFFrm+jMdKGR699WPW8I1w0yBcNQQDVzAacMguSMmim7Ed0dihS72L9u+kzb7+obIYxwuG0j5sbMAhWYqRHLQ4Eo0tlavHGoye2q8tTvQ/TKDtqMYsuRtjhYjbB1W4RV3i6pOzhe5nji7JL9QIK7S0qdwpxIKRjPV7p0q9QkeHZJRhj4xOE75X696b3zeO6tnsviWSpGzrWPy9csigwDMKnI92Ql3XfIowz6R5fjSCEBBTphmrW6HYBpb+gXA9qbu5OYmVgzUReDvGyo4tuiQl4xvM/XtYJhzVGOWgQ/TeqmSlTYcaRW33jaPGRNSIK0c/ELGPjZrOQsxE/UNsw890kRzj4huVOBDfYGrHq3E3YbWAqkOnYUsjdEpI1KU8fbSYjIYuN4zeBmRwmOP2K2mHhuH1eU8Je4UG+ZCi/dGD7kd1/1OgRSE1h7tA6+TTSw0tr3314zsWgKj14zTsobNLP/kj0daTqntoPFiLW3+/eZw4OpFDufHmZJjPIUO519+NnHMmXISQ6Kg2Y1E3oNEvrnTgefMTDhFKojEl38+C9k7fHx82WJ+mza5Mh0tkurJOOD2DzasrCCXyP3lzpCevxObjYkfagyoArlfC4S1S6uqYGUapslofYP7R969iDypUka7PND6ERHQ6O1qylxHSN3mXbv7XWDdXrso9kpGILtA==,iv:HIbeKnb33BbXN3dSJ3jwlCLxAtlFBLiWuUIphmfa+mU=,tag:/lFa9IfJZJlc3UF6vv9xbg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
lastmodified: "2024-03-08T15:49:17Z"
mac: ENC[AES256_GCM,data:q1HbJLAPAvs3PXBoKIro6JlOhEN5Jxzp2MWfzAsmfOnq08/6dfo1UiPa32Qos3EU3hP9NSS7WLsOG4apXRjJzFByrP8M/b/IknZUyfNRci7AouTIEVDVlnkeVw+O1tw68OL/7gQaWzSZ8ZFUqSC5ytzkSsiK/muI8x53tFX9lBo=,iv:C4b02ex5GATEZpLgdro9gVYo8ieK+kc9txqZlM6f/FA=,tag:acgmI49/W5AuIs7/TILtew==,type:str]
pgp:
- created_at: "2024-03-08T15:49:17Z"
enc: |-
-----BEGIN PGP MESSAGE-----

hQEMA/irrHa183bxAQgAmB9EmPG8Gjffo/w7B3xCYup8BK8Be118LKUv4Wou0fG6
7r41Wbm4jMDQFQ7MGF4mw4/XIc5tVSEOLYzIG/0ecnwwi6yX6GP08z6Zf7PgjTUN
3Qpp7lB6KWoTFR/Z/uF8ZZR4l9yADqV3Uxb00j0g6TdjdXOMuxHmxb6EZAg6H5sj
SsjOE69WcTvy2V0po1QIMfl/49f4EMXVZLetFJ9kY8yqSAbT5cybtEAlZsQYckQf
wwl+tijfceAwditEqxy4Pu0ajNGQsSZOet9NK4QHbIy0ZMHC3884YolIZBA9i2I6
rdkDuLN3CL9gIY3btvms22PU6mIms0rDeqqvabxUh9JeARwz7gYyWBxwSnUlX32q
FCT9oVcUeSmZ3KnGNg6i/k5Oyn6X+ApZWctd1FACl/o+5WU/kYsEKvWrPxsJBrj3
elRQcdgZLncTj2OXSQjdm4/sPAyUFWMKWAN8QmLRtw==
=Ulqt
-----END PGP MESSAGE-----
fp: EFDB9AFBD18936D9AB6B2EECBD2C73FF891FBC7E
encrypted_regex: ^(data|stringData|tls)$
version: 3.8.1
Loading