From f250085fb2ba099fc87a5399e2e674dc6b9042b3 Mon Sep 17 00:00:00 2001
From: Lukasz Raczylo <lukasz@raczylo.com>
Date: Mon, 20 Feb 2023 10:23:46 +0000
Subject: [PATCH] Initial commit

---
 .gitignore                                    |    1 +
 Makefile                                      |   11 +
 README.md                                     |   31 +
 .../.cr-index/index.yaml                      |   22 +
 charts/jobs-manager-operator/.helmignore      |   23 +
 charts/jobs-manager-operator/Chart.yaml       |   29 +
 .../packages/jobs-manager-0.0.4.tgz           |  Bin 0 -> 69363 bytes
 .../templates/_helpers.tpl                    |   62 +
 .../templates/deployment.yaml                 |  108 +
 .../templates/leader-election-rbac.yaml       |   59 +
 .../templates/managedjob-crd.yaml             | 7935 +++++++++++++++++
 .../templates/manager-rbac.yaml               |   64 +
 .../templates/metrics-reader-rbac.yaml        |   14 +
 .../templates/metrics-service.yaml            |   17 +
 .../templates/proxy-rbac.yaml                 |   40 +
 charts/jobs-manager-operator/values.yaml      |   32 +
 index.yaml                                    |   22 +
 17 files changed, 8470 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 Makefile
 create mode 100644 README.md
 create mode 100644 charts/jobs-manager-operator/.cr-index/index.yaml
 create mode 100644 charts/jobs-manager-operator/.helmignore
 create mode 100644 charts/jobs-manager-operator/Chart.yaml
 create mode 100644 charts/jobs-manager-operator/packages/jobs-manager-0.0.4.tgz
 create mode 100644 charts/jobs-manager-operator/templates/_helpers.tpl
 create mode 100644 charts/jobs-manager-operator/templates/deployment.yaml
 create mode 100644 charts/jobs-manager-operator/templates/leader-election-rbac.yaml
 create mode 100644 charts/jobs-manager-operator/templates/managedjob-crd.yaml
 create mode 100644 charts/jobs-manager-operator/templates/manager-rbac.yaml
 create mode 100644 charts/jobs-manager-operator/templates/metrics-reader-rbac.yaml
 create mode 100644 charts/jobs-manager-operator/templates/metrics-service.yaml
 create mode 100644 charts/jobs-manager-operator/templates/proxy-rbac.yaml
 create mode 100644 charts/jobs-manager-operator/values.yaml
 create mode 100644 index.yaml

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..40f4b30
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+chart-releaser.yaml
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..6de6090
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,11 @@
+CHART_DIRS := $(shell find . -maxdepth 2 -name Chart.yaml -exec dirname {} \;)
+PWD := $(shell pwd)
+
+release-charts:
+	@for dir in $(CHART_DIRS); do \
+		cd $$dir; \
+		cr package --config ../../chart-releaser.yaml; \
+		cr upload --config ../../chart-releaser.yaml --skip-existing; \
+		cr index --config ../../chart-releaser.yaml; \
+		cd $(PWD); \
+	done
\ No newline at end of file
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..9b8a6bb
--- /dev/null
+++ b/README.md
@@ -0,0 +1,31 @@
+## Helm Charts for Kubernetes
+
+This repository contains Helm charts for Kubernetes.
+
+## Installation
+
+Add the repository to Helm:
+
+```bash
+helm repo add raczylo https://lukaszraczylo.github.io/helm-charts/
+helm repo update
+```
+
+## List available charts
+
+```bash
+helm search repo raczylo
+```
+
+## Chart installation
+
+```
+helm install <chart-name> raczylo/<chart-name>
+```
+
+## Currently available charts
+
+| Chart | Description |
+| ----- | ----------- |
+| [jobs-manager-operator](https://github.com/lukaszraczylo/jobs-manager-operator) | Kubernetes Operator for managing and scheduling Jobs |
+| ----- | ----------- |
\ No newline at end of file
diff --git a/charts/jobs-manager-operator/.cr-index/index.yaml b/charts/jobs-manager-operator/.cr-index/index.yaml
new file mode 100644
index 0000000..4ae6f35
--- /dev/null
+++ b/charts/jobs-manager-operator/.cr-index/index.yaml
@@ -0,0 +1,22 @@
+apiVersion: v1
+entries:
+  jobs-manager:
+  - apiVersion: v2
+    appVersion: 0.0.4
+    created: "2023-02-20T12:22:56.480386Z"
+    description: Kubernetes jobs manager operator
+    digest: de0c8c6cdff13e6ba1c2f25c197ba333b128259ebf9260ff5301ed9b1394c304
+    home: https://raczylo.com
+    keywords:
+    - operator
+    - jobs
+    - tasks
+    maintainers:
+    - email: job-manager-operator@raczylo.com
+      name: lukaszraczylo
+    name: jobs-manager
+    type: application
+    urls:
+    - https://github.com/lukaszraczylo/helm-charts/releases/download/jobs-manager-0.0.4/jobs-manager-0.0.4.tgz
+    version: 0.0.4
+generated: "2023-02-20T12:22:56.480408Z"
diff --git a/charts/jobs-manager-operator/.helmignore b/charts/jobs-manager-operator/.helmignore
new file mode 100644
index 0000000..0e8a0eb
--- /dev/null
+++ b/charts/jobs-manager-operator/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/jobs-manager-operator/Chart.yaml b/charts/jobs-manager-operator/Chart.yaml
new file mode 100644
index 0000000..8b657df
--- /dev/null
+++ b/charts/jobs-manager-operator/Chart.yaml
@@ -0,0 +1,29 @@
+apiVersion: v2
+name: jobs-manager
+description: Kubernetes jobs manager operator
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.0.4
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "0.0.4"
+keywords:
+  - operator
+  - jobs
+  - tasks
+home: https://raczylo.com
+maintainers:
+  - name: lukaszraczylo
+    email: job-manager-operator@raczylo.com
diff --git a/charts/jobs-manager-operator/packages/jobs-manager-0.0.4.tgz b/charts/jobs-manager-operator/packages/jobs-manager-0.0.4.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..7c20b24762346ce4bdd752fc34e85798499b565e
GIT binary patch
literal 69363
zcmb@N19L7+u&ra;wr$(CZQD+EY}>Z&WXHC-^TxJyzH_SXKe%1%2h3D;_0&A87hwz(
z8qojNFEtRYv6Kpvsgyj2oHsYS39AN^nJT-rjw&~YqJ{>Cyr!Lvv4fennzAFml)0Tf
z(ABrUD{e;{SN#6KHw}|bKWP;*HMMh!+Vb`nn(W-Fyxk=!_oQ3y4#p0+xLVI3#Gs1B
zMgQymKcEdtl{Er7>dmUeEG<2kc@xB-$FDm@?!}T^7@yIVpB8L&i{3)-7sE?D$p6Za
z&mZQO01waYm*30hZ8Q*H;QMR3!qD%26EmXVcm40dY2e55>907#8c&R_L>0XHuRGJ5
z_HM?f6a@WSf}AzOC~{WdODKl;^SzNDQ@{tAIgfHLlhb*R%TTIOxU~r<!aZ)pL@>2Y
zsSisEH!lgRDU5&XK!er8Hc85%*ok8OCP1QEjgTLERge%klakb=vVTp{Wh$&lj|p7R
zl>2xy>05fEsKn{?w*fjEN%-2d<stiG|BF*`r|sk?zyt%Fm!y@7C12@NLh<A}!~blx
z^LLTw*EKs$t|1R-$N2{lae(hE_qXD|n+oLrequ$TNlen2UW9FfNh(5hF;HHah@`lZ
z?=xJ1i+CwCWPYX~jlxuQCD}NO)uXVVxa{w-P<yAdfCnb5gi@3Yf!uLo`?!mpKpqay
zk4Grtq0!5xG2std@ST=_h)JoWN**afLVCNCTXOR~-L*6r+}W@Uq{}hxclfPiDjt;g
z1}whzt<Usn#Z+E#Cdi7%W;33hO`I6sI*r=@e4~MWlqXCaq+CWD2~Nw{XYwSaPY@)H
z_~Ti!6m6#DVvnNwPp;%r2E~ieyv`(1)(b5kB)!y-KCCWR6!av>;ABl)MfL`G{EQHb
z=rg+_2*P%7FI`ePd;AbeSqsiA7XOAHi%Y;Se+Cvb)f&kp$TR1n?+E`2{(hZX;(z>(
z9xO|K1Tr2P{%-vqrYv`Wqf;}pLPX?EP=DnG@!TCHeE$BtrUZW5im7lM2Pe^c?*6#M
z#9rK5Wnr^;@Qld9T6~qHP+l<_&St6bnIGXZSEE6{16<!yPBV_(ruLKT7BTJ{Go`Kz
z6pb9_(MrORb@+{SEH;C`be3Wjxn=9PAX^9o-=nxU?tD!Pj4Z1sL&;lLVy&`T%AsIy
zd5-C1*^8pNL1tA<$e3B{C+Ez7y|}!+tple=(HFsGJ;oL1%Eg*um9LR4x~PstcvHJ<
zcM@^)&CQ0Ss;>Fii<rCxw{;h60v9Fd3p6s}3^g{M1iPL;1vci~z)w*#-xmX44d;B~
z(Gl<x@54kBdpKuW+>yDvM4XMw%`ShJOMVp{-Ho~;UiS5Be(mhL#&oup57fbX;v4e=
zTssZT-G-WV*U^3q8LeK$v$;G1eeq*^K`j(eCE5jcNpu7EhX@I?PE|VJ&$mxb``uA<
zo9GBHHwFA$#eSX{hs2Z9tY6K?Zk%@=*{8KkN<a2O@Hjmp1G^4o##{Fni?P;KqSHEQ
z@~#Yjb)2VpA8e`NFMF?8(8iaS7R?TT!gc}XxoH#KPbmYS`n#TZb-6*PIqA$t2(Mnx
zwOtG0(V=apJA5KF9yS?Hw!iUg(q`1L<W^-C9Rmno9~<9q$M&ri-!0Anf?eWY-n@*u
zs!gv~4yodIkGMwyBZqgvb{}9Zo@K;YW5Fxun6Hdxl9ZU-DECaz+r;1gH-Ms{$MFCo
z;?EP+@9wzO<}X5lo@)|8()8MU^A@puRgq*`nSE9@I|9%9>wsjNb`eWIvZ8t(NsrtI
zN*1OHlW}}x_QFxSA@HWN*|&$e-+O;B4Qul9wj+qmdO$@j!1y-uABp);VnupstV9W=
z{K#VQ!YBHRLUoJlZ)S~Sm*x>Npn{)<g=Pa;`yB%dO;`A{(tM^7ZgKgSykwQ@Yi3VI
z%4h+>n45j_>JtLubJpY7FJm;vXV0)R0+Qr{aBl<H2+U@-<W_FM^?hm<JY5yadT?vk
zt5$!1#4OMKCD!9e+`D`Wm!=k4C{Lm5pM`P=8jJb3tY#i?3~hRTYIID^wAt7a%OT+6
zN@n8X;aoR8^`EKL&bbjp(G|ODmqQ@Gi>>cRyOP}H3vRffUdt%5^#FzXWbGrb$~#&7
zM3&aa682cnAiY<1g(085yZ$k41E%=H=yGh`n?&HxX-J2EIpcFTMS-(&zdc^mKc6Z?
zK(+IJWUNFsd6`K`tnKhfWO<eNS0G{R!9d9r1y+Co#uk;t<8MB;D&F-iVZaOd*VElu
zO-KX6i|)YeQCiYgsa(}BN3~fU<LR%zlD~z?UT$hh&Hne@?D^>Q@_I!^VBpI)Vn%}^
z<4?fD#pwO!G$p=RE7T<Y$>PTy80h_HmEyF4KsfJM8-3Q-=f33GHhiDW%$L3<vE!xE
zfh7WZ&Fn3Fio>8@+tI0gj038c{mZjZdTn2+`6Yyi`O&^r{&T?L#Z7h)d%l;~f}i+C
z&<<U`wDE@S^3E#T^wDe=z%{>#)}tCVTlus-cS(*jK~Dsh=K!0t*Ox(sJcc2T`{(EL
zH8&EwBr8i>O>x6&NL(imre_>cci`FL<z;@$ve=&tOFjz+7}(A!mal@ue$HfImR4Yd
z6kr)Ch<A-!5-&b>D#uhee~rVgx$bb|m}SlAB|Li-dDY|oUH6^FOF3&!KElGM(1M!2
zI7%*CD)o%a{iXUi!!&BH<NvxTd^+f%smPq|@)UZlAG7h^Z`mCIxj4?(P}))kx(6mJ
zkO>-aIjl|{|13+*P|7A*`Zqs4j<SiRA3wY*7uKuF5nX=6+mm{&{&%<dmy;SX17t(G
zmHZ#V_ixMmz}3jFpU2%(Oo-(7uYiPVT$p%yS(fx@V2C_d|IbvGS%`x#F)K#ND#JA;
zG|S!X7)jw&tnds9{ac4jdf028qdot*7)a0t`>`fBc$dxG%822B$w^eoRNLp_7!BtQ
zhL_}93*FM4rLuoPb1ZiI*PED3nolrb-NjqL$aL>ZPopS!Hj61wlJg&Lp}wu`y!{6}
zCN-w!<yIXk;>~NTwfPvs#!A1mR?Vx?D>N}Y4w6$Be%Q=4Wq0mZ3OU5wj7*8?FC?Ao
zvVC9&gB3uy)sNaK@4qhDMwIs_4A>d^?R&i{aAA>A<5_^b6ZrYvJUBQl5WF7y^?!da
zAb9`ni*3iwY3T@uZY-r=T(K<UU>Udr`wIP2mLS^{Jh;{)nQ;9}!(WKr+GCb!hj&Cv
zF&39Nl&<R)z$CyIiZzstGM<^<fcLk@KUhd)X9W)?*C6GmA$L%G8gJmz@4nA8GZam`
z%4%&WjJ4RsS=~a7eZX5JQo-zRyp(vJ$~YQriG>p2Gy>J4a{1Ja#njteI~^Q#{M1q~
zAYijwPKq|TC!hKNCwKJb)Qkq*&u%6Iub^OcjnuqLPP53yuAn`8)$gP|FI{sw?{brW
zbAV9xJBRC)eO;_cgn2e}8y|nTEEk0)66}Q;qW*6xg%8CvU7N1eTq<!i`Gd^eKF!9K
z_%jp8)2y43i*Y6jo9jygf8^`Lc`%hlfr!jv&}m5NBy1JdfeFo}*DI~VP?NM-enxQ4
zsKAwt0Ck+2kD$40`n7EUdofLx^Dv4kO}iqjKyVc-7s4Umw<tNaeaFcKfT~Sd0RtNJ
z<<wVW&_T85-^%{QUa>@LpIMWuv(I}s%90Ut_XcF|I_HHCG~G~VCd)B~bF~=)Q<fC$
zWSH{-3$|m<s}X5NN-nPcXg3P!_!0I3Bvb(iGb?@yt8o5euK7G2>HZUlmfU5MxZMEx
znU7Dlpof;N-=bSttyaTFssRR_HGX!gb^TR4$BNLPWCT@M(?{=?vpV!~o~V)5`d=4J
zDo(mOt?yaipcl|<iR}xVdn`@|?au80skGvl*RMI54?fd#ZuO`7h*w|5CHCDt4xc`T
z^P6f_=HI01vCX#7)F^IEm7{e2xhjBL^AK;_M;Z{+L9o&TT_?&I|IKv*9B0tu^N0Cq
zm?4Kru|}U|!DRP+@rqD1mG{eQOUiOa!+d^0p21V!!0Q<7aMppTf%m86uY*_<wW=JM
zT#BMc0AK&x=ky_FMNi*;CXEEv2zX0sDi2enNE3HP*&IebO_}`6OE`gs(DpT`AF&<L
zzdkj(YNB@Gf8$4XGFH!7Waz3*att{wZVjADyt6P>#(R2bWzceM(XZ%}vC*{YFZ)K6
z&8?50N2o%*Ce~S<Qf4qHCEqp)J2PG^t`>LZgm?DCFdlN0tx&QX8}MR`p+$}fP=qba
zn;)h3s~WeEgSwb9Thu*wq7iYixaC$7?b%A7rbjDtS!J{SaEd5)bE%^)8+pEBO|;cZ
zvFATpNvbZarWRwlE4ubbFX_6#Vl*VB*eR%|h8KwIQq67bdwW#IUiD@K;&=>sT9{(r
z>SWG6zcoX8Ixg83)Ca1Jx-Rz0Qd$O?;`{33E)am$G3o&y;h5WvA>Edbcn+6A5p(e)
z+jb!OVHbAD?%(=2Ur65iO%P8}%bx~II17i;guo%W>=C;$CZ;d%<CTt_*sTK3Loh!w
zttDkBo_l$gMGbr@E#s&DTwR1=hZo1v?h}BG+wiR2k(fLD!M4vY;vJ$7N`qluFAvGM
zwG3Herb>%-*1KMcv#9OOy#G)m%p?J|_lLV7397`?hm00QHoT5$&BWb#vABE9W7t@*
z+6Yao$H1up+ao{<O@%_mB9<XSVOKyz4HtqEX*TTbo4)%{|M0qU@3|xwgS24|E9<dz
zV8iJ30?DUaA5|>~ea@3uS&CFF13Z*L9ft$#>$XiWcoEJs`$rkrseFiYdpq#`=E*T|
zckkzz&^OKz*JEl;(TP#H(TvV)%3x^c;Lzm?2&KHJeC04}<>bnb(T~n->$}t!mdp$Y
zv}YE>>(%Ny$A}uPi*An1%EC+IZpWd=)y6^tqf2=Qi$ci3l4e~@;Z@`fDSuFx*)bq8
z(c;^_iOdVfz#Pd27?YskMowc$1gyY)8q_SWCH23F1s-$5Uql`cp;`H*Mdi#iE?`J1
zUN6^6yxI}{HYN>0qPrsCZ+HO2_BNH;bI1^%Qaqx}8CXE;(1<C}Y%=CjqY>Yl6m38(
zZIOu~SMhU1u$2Awkn*vu5ZO^cR@R(s*AB%OTlOjvRkP~Ht;Ny+=ezfdHiwsOpjGC|
z(86Nr(~wM+=PWW)_fd5#pD+KOYa6w55vtVW6~^NSb{3aIff>$j%IEAU*?S~&pW{mz
zOee356Z4%5kPd9D?58h<0F4v;WfvruC@ylqf8pfrQdTm}M3FrD^$7TR+O>MU%**41
zED`*DIG>w0eLGC(F}&@EB^21*-QDzl+>LQGEGYOH^4#x3HV?QK=-c)lRtP+YHuHSF
zR7^y*zXxWRk*ZG8UDBYl9zb5;ztS@V+uOW*0oVSQk6?oLiLm^w)!AVYWn%H&P7Rsi
z6uTr74ANeA`Bs@Q(W+k7F<c|LfYmYZm!02%$Nhxuuqq;^W1?~IWtNFR-aetcJ<Zg#
zynVW}@7v0<$G<j2kccquZ+HyW<-O<%-ba|khH=!@xkLzdK5dq7h6ZUlFqfE;gD-uE
zdHLAV$P~eD1e|e}@o|L+6o{-|W41AU9dI${nc;AAZvWL-6CxV6w~$5)F$e0nN%4j(
zob6^JBxQcuNMjPzgFtR8X0-hKcBN|ooy{kdViuEzqvp#XW;D9o(|ATw=%N|K)%Lcn
zZN`iLI2-r557d1RoXaoiv2Up#qWt@pMQbVC^WK1Ea|f|BipuZ&G#zgSwxUla3Q|vL
z@by{?q<bW)=0FDYtO2kELp9b=wHXC!bMM7zVsoqL@xS=?R3_7KIx}gOtWcRC^+CO8
zZGQ$fMgOn-GQBkavykXBeL{7AqUf!HY#x|RT&D13k}9g?WVjNN?@5u4)HVB%a%xYw
ze|T;3%331-q?qk1S^T52UaRnuGy&Yl+MB~l5t-h+5axBItKOdmPa(LH>VdU{2LqW*
z@>G-8=nVCPYI~PTTv8(hPEuA<99auM%fn)>bdt_*Q63_vaj?j@4Ma1UhUJMuoW>3w
zbnp-^#PVKZj-A_*+qlc5cn_&`XXyI%Se~C&2aT|yr8BDr#@RDRai9Hy>J`y{DH<2F
zbSnC1OCkKr(sqM%@W;s=&VrT5Ws~A36<H~al-XE)kHk;K4P+Mg6X*4*FPXjJp?#5%
zN7%ENMC<y!xCHn%HdrKLfS5EJiG=P22UQYbDh0=JbJ|SU{K=d5ZfZR=3V5}E%)p9R
z{a}9f`904ioR<UdjVyPZW+xC*1xZwrRMhUZdfXpC##A8+oz8|U$-8rF<8Hi%z$4%l
zU#dyF>h?uJ4j%+3;zK&?qLP=c9OlXa3*H~?XZW*A9K{h}4FHdwmjL&SycOJzzJq{a
z3%5D8MZQyPb?j0uy>3p*lqI++q#knl`m~=lLx_f@qiifIIY)b3n%)6@Zz$cz0%bf}
zMtSKLJK>FOGFtWm$7lz@jz*f>6EatqpV+p=@wUboL$4D~d|I0N=Vpny%uFoK#8QEf
zEl{~XE-VcOJoKn?P`?l-F~Ksff3~u{*MmGo%B3u+dTE;xdMO0QX90$Ad|)>jrJf;Y
z4XF|+J9=!<B%PV9&Mv2^1#XfQq>70`3N~i_YGf0M0aU}IJ1t$kvoX&1FsonCW&i$c
zU?FEVcdI<z*427#gFW%sg1~CSbyN&TThFJca0>N&rh(P43)ckIWo-xD`!YCfZz6eD
zQGE<VVmY(-ENt%kkJ_1vw-;@>m8F3=)M4#pjLy81`e30fauC6PsDzD?#jbS?!`C+7
z;X0|VL)HEl*`m5*?1+w$CEqFKorZ9O$cU7F*Lkq+-*%!p=LN=jOBX2~iH58kd6zTw
zy&Tq1YI3!VRYL|AI9}<d*hyG2cf$y@A|A&LHFYHmUWr;tS&P;msPQIeV8R-&abdn3
zlq^?MChIR?H!A!Yckl%Q%3rbd5?Ig{9=juN^b3U-RgV32YW|&&^B(+!D0vcmJQewN
zg#S*&0yXRl&sX$sjj2LK9kuOjgJ*+;SLJUks#+@sF?NaT39UE~sa7Z4oxU0%#MN17
z<?FPdh?AdVji6>FrA(fX=xxQbX1T`%Tr~<-9YLLfk82hV$&DeqTmc`s;hkv+C@TKT
zRZ);P$}j~8xK=OtSBJ&L1AxtUQ^-_SwEu_LS{CR?fo6w$?%Yw<d}>cnVW8`&p|hts
zarK)KDO%O2ghg`I$6?A_K9Cl@<-t3(SZQ~cI^NB$AqCaugIe1I2yI-xv@(p9c1^KU
z>RVHx@^(JslUj$YJrp7mQ<Kq*M+nLh2)gz+@G3{pbzOO!w1btHvCPQ#D0ned%jWF&
zOWJu@X@^V(tyvO3M_^q<3J582@ky^D6Cd3Im26s?f^r1)&*$I}BBo_X;@$A5_TZmy
zRfU7+16nfJp4WB4%FH#N^T+t1h#CERfCGNhx;hbO34eSDL*z2y?Fw!l16EP0$Mcwc
z!>^0>>}vvtc&jJsOS@52)kS#l!Ly4*5;c72k-3Fe()+g~VnTbeG#9jbgQCljO1@G^
z*lkU$`hq6t>nKH17;#X{$58Y00VVGoB*l;>SE1_^>-rJs(b29m>u0K!(EV7~h|y{h
z$}{d9&uJ(r?@N!r6U@sCQI|7v&|Ibs4N3iotz_5W(!X?)W@COJMoWnLnC^p!n3lMy
zvh<Jf>9UubG?%LH;#ZK+{&9XW)l@?F;o|cT1g#IRK@E7!bU~@5I$<#Gh6@S&Bo)~9
zej1jw>nGXy2)|4m;an%qD}rAJ5^AJLgrG~fVe=p)rSnWmJ&8VM6!BLRuu4vuUtJIZ
z4)H=%jhXU3XcgPKtGao{?Y&LQ+RUWWjQI4IvA`6(;h%{0_B*}ifU%01yFIB$;?^#-
z9jUMf^tRDmpuaae-Mu5Qf#{Op?4d>${g!Y?7CIvu30P;0CVLu&>|IXft^OU@FN_Ka
ziUzsyk57oK-mEMxYBn5z%5JQ_@9*bGIh<R<TBQUKZRy%efHV23L0B)&Lx=@+5stmi
ztf*LSszn0TMT>2vXHl9q#AUo_iHTjq`R?ZLU0cxBp9K+G9<4|&!AqEXi?E5{N7+4^
zJve0T37YNK6U0*_X=u{vlrr~v<5ta&=I;2ilsSGY3y<A~&0wMP>ngPux#|l%qoNzu
z6riD3+1Zs1O+D|y(IFU<4Kr1jX%+p(^Xjy2qi-45P+)m`k*$n`v!b#rW@9e^$pWd^
zahZAhyfb(Qp+%huEEs=!+j;!Hs&)=!-GKSICLeO6=e8($PI3H$8)g{4xGMBHMt!o$
z<-`)(DPTCm`c_<W#`y!pVE>ThdVrLNL7}sw?(W@o0w|ZpA{C+sSGEr0tVGhCmI7_D
z{KTQSfbpqeb7Iy<t@OG7Z64~b)^z-4JL`oICA#b7TS5S+?&`1=e;<~c2=uw?dGd@s
zA>1Rxs;;ZL>f9I42e*}f6kMInGMso;t1Mw(u@niTIO$0J??_qE<Z~Zda6oEJ&!KX?
zL5g1A7|^VfoL^H7xK4Y0N)aA$kK@#9(zt>~8uVc=k-GFyyIyQP+$la`BBjnm@r<4@
zZoTu6J6zq<m;Zn79;j3f{xQqw^(i!GHxGI?whB|4EBtI>U3wywL=%7-s!K!adD#wX
zFnD4l^klp<ip6y}ljwiFjlwBBzxU$|F&Yu+DU^IfP#C0NH!m)VK;D3R{!%&&iIgZd
zR!-Aa*iLrpKFOcght+8(BKJ28NgqA6bu}6-3$1RA6MpVDz`1H}sMip>Y^)ld4uJ;u
zrqOX(wD3J7Po9Vtwt@Ho4^&3~jp$s1MI$oZcdALYvl%ZIujIVKZu$BRT@SYg4ek<a
zYBPWGy{$y~hc5ZF31g`Q%BWiwcCyl+I1;y%T8t?Y0O*{o@F$Y)6V%O(m8Y*d{{-@n
z9!6@!l@U~wW5;uKO?*+%8o0ga<BG^+V0WZ6LvI-$Nl%nb!$wL@)(S%b?FM3fmhH0%
zxS!lCkczLK-|ch@we>%Yt!Y>Lihx-RuFWTYN5c-SW;CHgFxAieGOL*>PGxs|UjBi0
z#^8_(ndpnL9ldAB{io&OQJaQ3kTT!83$dA0@I6~->a3UVthLaPI`)c->@svu0#R+`
z9i6a;wrKN}yRPZYx$|Oe8ff}qhlKI%_z_w0LZQr(nirmMe=#ruH=TLRm$Ns5{{AAW
zuq@)X?CSJ2JoS|EIITF&>P<07@Bqi0?xJeJv<(hKP#oYlyi8-p<~(2RC-q*si!pta
zDs)<sK^+kP93q^fL8wO0s1i}322CpWLxn{)5DQ!bO(Fgq9TRlm_Td{oZ-+_&WTu+-
zb9egYzbw{4ei>#sUDm!6708KsV!T>1&&#o?>bqD=ZE(2yClWC(VMweI3iB4EUPx88
zK7-BJ(k?n|QlFW<LL;-Q!>~$fNIZ)yv~f8EK`}I0S_v}irr05SS41FcLBbr7{IGE^
zUs`{M6dBTsM%i5ccDOWo7IsLN;<HoSJv5c_dDBrlt~X!Y6=v8@OVTX3H&A>REEtn6
z^3564ac@>_XNRvOvl?e+FM%zdv>D&lXOC)7rxfvQ#747;)()Bpqm&DUnK{C%dL;1m
z@R3#lT+7)u-@~zG%44%to;~>`u}2T0?yL5le2oCb!rl4$FY+C>3M0lVMXH?NAf~<$
z3n-Y4!(nu33H{9=%{4ofscG=WLuiugXgz=}Ch#>}NP61qusBMZ21?~Vgm`Vuo7a_`
zkfYoRVap&O_1>i2o6_J532DCSHaRXey?R9`2h^ZNn5TqlAh#MWH8XTZQfT^UxK&IR
zo82(EO>geW&U}3YgbFS2nKFRdm_8i_&NWX)2@M-+w(cZ>HKiT<V52SxU)3J?1_*4_
zOib)M1P;c`G!AAzRK@De)heObVsE@J+$_s3eFwf6aD`AZUR8qJR}{$(L3=f0Z9SO-
zSGZP_$#JoDvaIHq5)$>$6bby2HbxMq%&iEpJJ(Jo=_3}#e{$WnM?}MD>GyNjcekr>
zAN3+rZmAZovQj^8;Mg2hkDx3P@pJn+Otf(tAEOeWhQH|?Zx1}5!|p@Wo!;^XT|muz
zxw1LJ?D-WSrGGfB%SK1mw}|ADO~9<o^Sc7FvrV2VoylTa4H$AxMN+?(UwYFI;aNg1
z6J>fJ^^vIRMdnm18$a!<v2I(f`uHgaU^Ao~KK{s{=S?hyUf>h@@2GEg9m}0a=wL`B
zs$=`>t$v!6*=XYM<Q_BEUj9GXYH6)!!Cp427>}{H(kB3bOXG7S>H!N-DJj`0-00n^
z|6r=f-L8P+Bi9H9w)TQn1^9fy@Xzv1H2-N!p~mCdr)y;xc7-ZTGGHNm5;%C#cO;%8
z{|WY2gE}`8>O0M00<?)3l1$})S1(g3{gsi6b@Co3-HX?mjO*&z?iv+_*;t;8J?>0y
zcy0vB-(KZ?HE^!+z@`|Sm{B7@B@i((f7Qvd*L@tO@0HAigLNe_-ZuRRZX0*WXq-Bp
zZ$_)xUmNzse)a1{aBn4f+o`(+Eu@`GQV<%gLc%|PmBdxw(Mqr$jdKqjty{vX)gwTy
zb++ZgYb@aR3vuFffRCsNeSj+T3>{7i!K(I-U?SvReU5o@=w-yKN8Z7}Zg0UuSVwS(
z0rIV(`|mep+WFy2=0jN~38delcU$p+g|Lov77T}k-Max(ZtH#Q@27`X_fQ_=yvwqI
z(ujl|(Tdi+2vthCy?uE9;t|>S2ob*|Cut}SWI>Wt6~or%Sl0@iR_<}i1t%^9k$VCR
zI!hFgDHyPffP^NJk$h^aLTw{nd=W_EEKTar+HL9+M<TRBcE~Mh8#K~FJWY_vk$uI*
zbXZFD$~WOW=Te2itVSQy_D^U2p6L@3j=j7FOIoHZlW7wG?4EB!-Y9N+xwuE+ZiLRI
zO>51r0#=|=*ZO3D&uZDg!kiGwT_JOLFBe|JO<mwhuZ*nzTxfDn13*Ge{ETR9;D|lT
zxV1~2p6Y?tpOaNhWj0}{;_@ZhFS54~S2c;}tMW%xU=`Sj4p#a91xJd@x0jYXnMkW7
z9R4O0R%oN$yG=JDY^lHs1KZRJi~H>U08b1eJ@bFG2_jwdb3pzZjysbSgc4~}@G=AL
zcJl052{-m8MpyqX5mmX3)~T)J*rVbMaD<OI=u@fZ&<<g+q-J~sKAt`Jp*V3Y%ySfr
zIY1)45f0ybW9#xrFR}4<f(Ti^t}oZs73gQTR8wPcuHB+Co4U$}3fj%pb+GUgYETs3
zx)<_{Qab{NS`O(UHt9f#Vql&LG~L(T1woGuO#=YTJFKGWR88o6Eh3LNQEGiUAs|QW
zzvL+5(4qzr{H$=+k5-mDpcu<lPp|Fr#vmD%<a&hc@)w|&RN*m1Hj-D<1L5;B_aAy^
zq^quRi4J9T?y57$Id9&0E6nG@{DA~?ikbmBR2i$)s}3>Pq7oGlp!p1cxd4{8Pu9MF
zEVS!{NO1X}#_h-Si^;v#N_DvE3AbuAaSPD|fNhl0cWhwPY|14x$rU3O^AkkGwNgxi
zGSWqK)KfcK)h*52j>;rd?|+)*(<a3!U`0et6ve0gQp<Md`i#51y}W6)$?B<t4&1*i
z(DP5*oqrDp;juS=!EZ$)?Q$BcV*YtH{uPT_NYrmsAA>{lyKfx>33dz7o4c0&)J`OH
z3#0=&I9(<c@yroGtIxAnVoL9RV1WW5C@+&KdYv%iJemgHL{a%;If=iu$Mm<WC{y3b
zs;SUSp|vn9U)uCIBNT(}z(P2-c#=K*SmX|~_k=*&!$01`Rkw}inkcc*%$q&LgaJV(
zS-CFHl)|3BVgT^(<PbhRyA)Q~H9u55M2vBkoMxvy|I~ZcdK(;qf0}B3GTtIKH@xJk
zziZ_D@7(Swwh$D?gM5acvxYCYE=DOb*(Hsn?o7QOv{-B}uRzB?5gMu9`}TTn)T&r0
z0zm=6W%=dm66XGSZoedH=VRUbLIi#J$yz@mC`{^t$JWxU!<V09ChS5c`~Y^=5?lxe
zB}%ciR{mbF+uQgvvKVLhrSSW(CjH2I@kw|ROk1%lfv}^$8o7Q}?^guq9wahVFT5BF
zo^YY`MIf!*cP-m>70i2?<~y5l+h?wZ`Zx1Lf3lT)k-X-{{AbIUqrZ9u5F4}&%vMGq
z6CA%+oaQ-)An9jIN$?ltU~(7yehyg;nWvP8H0EY62N|4wLQo^~!ds&ey4x91)61nK
zWswjEAp%J=VS1jw#w~qA6E?a0qCs%Qz)2hQoI|Q1ppigR8^xfkyK3n3hh2Z}F=Ny|
zuMH&wqo^>TJb#8|*rq@p(RK~($r=yQq-cpYcz>N4mZyWsO*_m!2<L{RGMThs=et6$
zu=9DAKyDj01V!&4?CAaKElI>h;8BT)!$qP*a9*j1w9)z?JqD#uZ5VEmNy+b0^(BYF
zj2*iqFgrbM5p*Lz;J%eC{wl2B7}4gFrb$F_4jvPRu?5yn2v1~!QsZG_37;lcl&)x~
zw3g}!sR7G|v@&TY=GuxjB$?kc)D1fP;Q(_q1;3Z3NU=>%R>8_I@)Y71i~*E01#*yg
z%hft*P;o?0D%~SxVAbAcC`)N#0KvOT<jJ>483P&_EAPzgl!m%TYtW?YDE?Zknm(Yg
zL7HKd%g#Dc7!YESY7MoP+cZg1lr{P2h%I#}E`qbuRTQ_Pl17uOSd~nHc|bD&yo!(5
zQPpQ*d{wryE}X3^kq+slSxNxW=h0TDY+<f<`sUh^+O$2WXDc><ox$`>CW;HE(gNpL
z4lk_N3o3#hJ-$o&g+yRtY;IPzvTy_$`9NVz^|Msixd?D8u<OIV2qG9r*<d=a79RSA
zBW*EyaV^p_LhGx^2jc*SLp(K;Z1V>S5|@#Fhs-+Dcsg=xXdT~KzNV(kMFzE+Jb0bO
zb@w~(C7ELhQ;RZ%^HLQGI8C~0G8X3(<^g7z0|Xz-n8H|lV?E}Q%ThT?MeXp@vVhz+
zdN?JOA&%uals**Zw>Zcg4OvD`ZEKXC>2NXE#Sxb@OqMuUaN8b#oWbe~Lg&9IM*Hjk
zPMw8_Q#HpiUJ!;|SFrP1tO|_l?&E`@_vM|zRPpe~Mk2&Y$HSPJMrg{3jIq*h^&})O
z+;EK58hg(YiE5>07Z;{Qv-rm7bGS$X$;O?TLI4N4=K2~KdYb1Jl$mbh0V$y#%-03u
zBYr5EZv4Qq7@iusuqA~B?_zyM-i=$mAiup0q?q8V1OenNvD8dF-qVh}q%;ieF*q`M
ze9H#M)s-`h!MkF@@E_=_^+hI7oDl1ZYJ)82W`XP{{1k$tQUbsyO<JAeg4TFgr<IYx
z-sZ~V?8d<gEVLsW2quHVX#e7`EX_b4z;njLwSqB=q00>@-SU2!9I{GOlXVbrHMJ|0
z5g#xjB(}u@KOjQvF*j~zcmke#X<A@-k%do1hv$elF_uCBH#bhXhmWj47<TTOFQQ~d
zDp~&3d=bzsN8JuiC>c-Ecu@{>?oM-Axb`1U_?Xt}zwFgO?(pnQF01$NS;J?Ue30QN
zs*Kz4=dwF4Y4I@CGehqTFEq7cq7G|4F<>lQgWuUPk&OnNI-l6-Org5Qhp;)K3Xc1u
zh+$=!0AJ(Q#;4}RB}n@`$9P0U*?VDt5=)+B*-pGk6BkvtU*G0I=`7=V)wC9LS@k3)
z{i8QKXe{<#9c4|m?xIrP3M_{c?;-zCg+^q$NhsnRd<nwH{f93Vofsy=9VdbvDrg+_
znjHnqMSS8=6D?%m`f*poc%!P~w)7YAz<$msWb<8Nvs04J7AOEGRN$ONT8j+Y#X$%&
z4aFu=jYQ;0nVhVGB8yqRH8i|tYk{t2S0{i}^7s>_$Amb)vS@^3`gm-5AQ~O}nIX@b
z8YM$|V%8*5rPJ&TNVW$eLHnv&SWI#l#sD8_0TK|8Cl$iVW9gn6?r3BQ-VH5Z?^r2w
z7^y?@7>pxufRW{^uv|_1;Y8owap<Abr|&HZy9G)n4*VRsYhAmOOn_tQ56#nTQBLEh
zPn^B5G?9ywU$`4#d}mGiK<kN2m~Qt$blnLG3E-k42}t>miVM(ti~?2(NsG4W-Es3v
z$O^j43M7YYBf*N0sB5rD`4~%C*oK%zh_-EX(7O?YKd#}i?1gH`@gF1~mSZjLsC@LJ
z8t76uvomqEz4PysE$A!jrJfDO0fz;sv@#p^+yCBu(_i))=~{m4a~?16Vc<{$$j$Tu
zIeO?@J)Og=*?6mx#SeygA9lH%i{p%;d^KImiFJoHm!sO(^_l;ou_G~^<=6%nY7fZd
zf}wrzvRzr@Zp<+_xjk#dibjQ85(m>N)7b!`Xq@#B&+eLK0~Q=e)sjzwEP`-bIeQ`r
z99;-f@(yb=!!{-7TQP{L35JI?YpMyr7YAf)zFGLnW74@chl*U#bqMHd>+Y?L>k0*Q
zw3rVUhqf&FbhJKWqsMFE)rF7a*2Z;~btH7yW^gu-%Gd;~aM+$Vl3Pp54mtDE(cbpq
z^<%+V`<3M*i#nkm-!w)qR7%^4IG|K27jbm%YY*yT-2nRdwg~GTrZLwjgjse6B1tnR
zp{Q<!TKo+DYs$D?*JP!_xjg3K4|40xyF$KrU69(by@mw7PZvA<5Z><97rMjzOzzHu
zXDIg$Y}K@EGzj&qaQAjH3|b_oa$WL%AMJ%AuGIOe`J*=4#<=T$_)Ayh;A4^~`eD)&
zs%ze2_lw_w$UY^+JPa8Aq@qR7cG0<uEhjQjlsThxaO}<T9BQ`Q1tt36S7A`7l(8c&
zhG(m2Mq55<$m%&ge~75o@P8t0k@d<S_3h@$GL2eW88$&^S5Z@*_eI8!U;hQqjdlh)
zr|7}N93%+mM{-|6U3cG1_39^VcICo4tTdl(!?fWth0sA|nN`Tuy%{<@;+i&NQEIee
zI#noNM1oH{^|q!<5+lEA4H}7XOu11Qu(~Od=$W=U1M?F~<g($kk)pHbr(C*_S`#AM
z!72{uZmJChxrW?-BpNJTjp-gb7RuBU5_p7ZW=3+7a!;?Cmv3)1C7PkJ0ft#hVU1b4
z6xK}!Yd4fec2n>UukUQ*>s;V753LW;OLpIYn-HSji?d4FiTiV)VP;ewiCb4lKRrq8
za+ytEEIm$COQ$&AXQFTjmtQ}jeN_YJ$h{SeVfda^TlK-Jtq5-Q(6qv9n*g6GP9bY^
z^IBh<-@}D1lqg>!Q&h8L^)5y7SR5P6L?$05P?@`k{+wNsAhB{`(p#V^+^|uZJy*#f
z)Jdp0>kSXa&IaaHib?yAZz(2jAtq+w%0wP*7<Y_An3<-dh&8dx8*%Z$Y%b2Yh(%r;
z81UV*(>nF-s{_Z}3fdY_5ACaK#&=M@IM2W9s<4F{PnEoZFCpUI);pnPenbe*?*Epl
zR62SQQZXOm;OP$n$o6POumd{M?O1}Io@gMCQ4=`MWv_mf_JydeKDwBGmwLd`x2^;S
zQhQqN2s5e2-qV2#*Dn-BFxzEcrx(^rFS;Pon$f3@`^(`5pbsBsR0Q~|U$&a!H^6Gs
zyLBCFfyyxngp#1Ej|<7vYpV@ZFzIdLnIM9(BQ=3>#K)S*qPts8U(EpZ=3I*6Ue#}!
z#J%u*I)IuI?Kt_)1=qm%HW;@cLB-LsSn-ny0{Nm;d2HZd7HzeH`j<Zk9k$l_`|?pg
z#bVyqx!YD|1GB$S{`rz(C1Cv9iEOafB{e@n;7vW7g(U)e#T7>5<m8}8w#-=ehn8>z
z!{to(5aI#({GT39_n6W(%2s|Tj$TM)K5qY>NZVo;g{7z^P1-&+1I=KOQDhohEE3(;
zL<@J!Bi(w*=Zk|c!nlyDBPViGx_)D-CF@4P!9Ni?EVH*T6~|%d6y=ph+Wf@aDq5?|
z?3wWEtv@VTxVFVumrfwH<Jd0vS*vF^2$KIyJt~5NANkR2znJ7AZ8uD(adLfyji?t<
zr>%{-CkJY+5Y5i_OAGbRnYrV`tGYU;v|!5-!ENMx7h=08UUFxw$MoR!XrNrvbF4aD
zx=S%{lm3IEb_;*1cZPM>?V8%w0W6|VH+8H{>K$N)u(ow<0u%RJAep*^$uK{O9yRV6
zt9Q=U^DGx4?h)he9>mE~%7xgAz;z8cP7!T{FX+|l1QU?<T7YO-1d^GX_y24rzh@hz
zB6egq(O6v}!;<29PL;6d9`r~=EinIPu(NsZu_qDS4Bq)ik{EiuGZ{Q7(N3x6CCT`q
zL%pMa!*rKA2<GrKrQcq<E~UCFkiF`o-MrkJ&J|1Unh(yYjZ?2N_fp+>q%;XelEe;?
znYbV6*0(Neb$#seTlyRMk5MK^o3Su|S^R7d7vBEhh^A!KSW88fO<=QbXU~v{!BMcr
zTm1tZqbj>2H}HZy?V2%DY*q!>V*)qL*=t<fAWC}ZsPeeklq7-S4aWV{>w6V}(Ixx%
zSinpJz+`+Q@pqWH{dp;Luj;(J!&;W?`|>X8_?yXR)Ewg`wGFy-yE0kIc2E?Yq?}NR
z{bXboE2Zu}RwrvnSyDL3(vHG~bwD+OBeJ1+&M@I;M7V4J&(4%Qo#QnJfB6{u+_NZ)
z+^^E6zT)s#=hA<U<O`I5Q`el)>a6s{Fc&bc)X1q%!Vqis`@zPM-|)g3wfc}Tqgt2Y
ze4G@vGQApsq%oR*PPNER!iRPHm2e*R7(XK611^qPH217fAt!!c09~5tEJql^+z2q9
zjFM0na(c^`%3_xL<lc}F{C+|)f3-604R@Yq5HC8FsHW>XsA{kj_MrQx4@W@)7oHR>
z9}9hX5?%qC2;b3>gm;0ZGjgD0-!!925lg-%lY$@AFRRdH%Lg$plFfvYrPx{7^R}8Z
zJO!Pe>g~z_Q*ANU_WdV$W@#q!#5)U{CX>#+T?ju7(L3ZH_;hTayBMj$V6B5AY_?Ks
z<%M!|;l4l)u~fFZ{E*u~GLI};L%7Ko-Tm=-Ol>cq4|j0{D!u;P><PJU+teeD?gp0*
zmWI8?x9>AQG6zEwVrng+xDB%|$A1fVSwZ_RShHIx+L5=v27WVVKOz|&RkQ}eYn9m2
z7DvGotD`I#1%ti|MT;8h%Nmu<rmh3FHh7>+<zQ0*mFh$}*x{2hlL0rIEE?;C%?7@%
zKhWZsmpgVC9@Cu%T?m3o<rRRRSBqYYwW#ah(Idx^R9d*LUXFXv&DjYUwOjvZOWp8T
zm87(QKORDZ-7eiXvNiEfs#c#You~d!RS=mbq!XfyQ1^gyL?{gemmSs!Pz<^SQw|r0
z1v5omXJ3pV2Uw;O^~AgT0>sfz01>yP&D`c}e?u5s_kjh+13BrdF!RnY=vPR7D615H
zMODMc32$&W&bX-v><_7`hS8{GzrJhIO;U1&p=qC5$O`OJx?w~Ls%<9WLFqmeyA;Lx
zciBrk0@$ku-SrQN3h;%g_A47QE%?Wnp0P>)IM(7z<qA1K=8qAu@&z)x8f%DqUYmO<
zPI%dgJkH_3&^-=mk!o>$_uu42!@djh;v$_gTB2=Dx?l?>2I~=i#x`9F;dak>p6eg@
zfVYDyGpa56*uvbu`zZTAJ0Uol$7(Wv1L<>4$Y9YiThJ2Y3~Qlci>YVShio*jpx4)x
zTP=K{<#Mk4KCfC|eLs76F)~)spp=6fq^tKXcZQ{b->4FiKAh7Ud5Fl4Ke`!x{k1ww
z))oHH#jIK>gUa^&x2AA^{jX2{h+PtcMgYBAtyTg4TwzgW4Y#R$p?9LOxu#>_$w|{B
zZ5_I2Rv$Yne;{2y&Idpru&V1{#x=M8T(eix&{{YZ1Wo;eq(KCdW2-k<)x@uGu*r6$
zai|8d%!J^g58P@wDYz)Z)X9~1Q7SBNhiD;a{^*~#G|Zpb-(VP-ZyP6CJ-K$UmZ|rU
zYpG@))3*_w$Sy}~9~LEYb@>-#GYQ5b);=t^X`y}GH7Klw?@9ua48cPDXixuKoJUG*
z-{X~2tS6inv<>H!vMq5aEX`@`2$E68%Nd!l$;#PK*mpuaj>Orv^+cn6Z7U#J<S4Iw
z&A17ba0u|vZoq3goR=DRnYXjcNZj#HX^DMj4sXA{!xi{{A)ZJTm=&Z8C=V42HRRD;
zOHVlkg?UDW0{j61er}TeZps%;*ld}n%-;02=}zr(ur0Qi0-NV}-~1{SVFh|vu7fER
zl?e)N)Ez!p#4|z`(5S~Ow0?wU|L8}n?T8PEm7Ai>mW}+p2BXft-CCb+={Cw^nB<W|
zX%+Ay8{`9#mFi2Y;Wp0?7;SFONHsCs>e$PzE`9>X1ZWOgH{V`-v^=_2IK*O=ZxpN7
z)e&jD>tS|^BlSvM&~I_l&+68XGz;ypgkwrTuS~y>E4OujXO?%T>;9_4VZe#c$KrMa
zgmP9pL;wC)FMb&glda;#S1xMS=}sc{D(m$8qHpO<hpO`FEC6Vpeo+^Fp1DN@x4gV>
z(lEj@e497D%c+Y~#9y6BIY%PM^9);kMuZOU&-_~|c09K^tr*P-`oIGFNQ~m=>hzUi
zE<r&r7yjuv#U>Q0HF4LV`m=4x00{D&SZ5HUJIvWj9@oV)sRRZ~ie}8;69TZM-~Vh`
zc-+M#{pZ;nr5U@(=aCtZ2isb4>sO0*72r1`<X2#73;h}2VR9t&bRG_SLXKpRP5cfc
znp1|)uC*Ht8#}_cs*P3?&7|U=YNG49vck>mW1`c@klnqEgBuQ2S~T3I4n15oH>!E8
zC;SGpF^UA(eA3$l5gVe-;!Er5=YpyAGoEUbY!OkysH#<h+>Q_fV35)WWumbEixzxt
zU}I{2SLi=GK-*i#k!^Wq*zkTEO6~4fXln+!u^k=Ptcx*m^7C(0nox#sRENe&kUDW+
zeJx+~S+~mum;?wUQ(08mnM};e72CCyy>L}~q9k%=(EcmBrbJ_jNHWocW$1WFr*Llt
zNVuP~JMAOEEpi)k`Ovjh4IP3gR){e^#Kv6m56R2LmOI{#MS`QuRhqEr0$y-m3&Zq#
zovQ}n9-u-jSC{gCp~*HNoyT!BI@;IVe>h{ipj0m)-YM6kPMl{@9qgSIgy$Fv^z++H
znVjSf`I~Sq6-UOT4({4tOBg9wb?`DQJcig?gJLjyGl<x2?3ktxl`Cc>g^>s_Hi!LQ
z1jkQ9(=n#QOM19R!-^v~d)&}tAWSEQwMhd&Mj{61B2*y;AFswU^Y$HQ5R}Hox$rqV
z|AniPt`>5IV5CmL8Q74zO6n_Nal<YUm1C9emqDuOLV{yo(Kr5B4l%KpL0=vb-6H>W
zaJs=P%<m0;#k^%{iO8}D<o}Qjot0n6{a!tfMU}|)Cx3=6EtG>z&z$`PhdLM-YoYn6
zIrBosul_NVX8l^~>qW%W@U<No@b-=HCR5V|``(LpOwIl?bJ1vphQ4*v^tKUiPuSTm
z?;)ph<$%{CdQo9kW)*#d0NJqH{vl8u0CVDg%Y6n*CE5Erx^H;hLs36>z>C)1f4bF4
zX9bBB?b8iF(Foz8R6#cQ$}6wpX&x9<R&?A1;#Tt&B`CcOtDM4bq4El5LEF0j*yI*k
zJ*r_u5UTn3YGFiB%J~vyU~Yn79G67(Z+Ct+^~!gmmB-@w)TO^bDZsb&?xnoD8QjX#
zl@`4B*)+X5|4;TE{8Bg8RJzAlDo=lHLH<0H!&^iQ6@ebS?YswK6!c)0F#WbMcHt1i
z0OE9TjZ`Hp;gIc62P}?>3|}gg!A_5kkM{=ze@<EhBXjf(2`3$?vpe{9{xiZ6!>(jw
z7Ph5EAUvZKv@(bo3k=&y+I&c#ZX)ZkmepdlW#oKKKmL4W{XO`*$0KSkmt@nUlwHNG
z8uGml6`Hg!OqDd6JNzYyD%N_xIs*G)Bc<MH?-`hQPk-$MW{}k4iWXjr^tTnE_Mn6Z
z9oHQyfscS=bSg%H_{9?Y*c%U12YTw;JL-|Fqqs{4z4%P!*vkuMsP~p+s!CC86<i*$
z+@;~>R>{~!tCSv45(}5lL`T~UvPgf&g|>Udk&0R!QhKr+3)c>;MJ^CPWGhJ!TcJVs
zT!Fz^ccsKd`G(I?^VuYPU~SVD!6`v)xg^yTZbMxI)Fx%%xRVcBYFTfgGNu-i-J=Jf
zL5qm~*()QGltvErEEe%3C{&m<jau_P3uv@<(JBRv7T(Mm{wT=vf~Qw=9J<H!?3}o+
zxC}|5S#C**Ll&%>iBl7ecIgmyBYFAu>{GrtOv-+`*63a>xbwezx<)zE1$74n*ad~F
zKWjUXyK)^6Cyu<PaHGvYNV}Qca6E*Q4tIzf`136pY_%!2(qfKx(P?U#r+;N>-4BpU
zI_#7mNDTuKpa6LdH}9G`<Anwvjx4eJ<sbAp#om?U9^%Ms?Y|VL<QRwc=>G%m47N_+
z#3u)@0W5zuL@|2xN}^Dgf6-KgdBjPndXqX-%1qvS?@#nrx}e<*nrt()!>X(>5edVZ
zkX}bXONOJS@*KHmmG3S$&(jRfHG|Z;U0QA==7J|h6=hvM%TUbhFonk`@o;fD_4kG_
z4tynV_zS6|-}zxF1-(@a4>P}S-^biS%MXhD<7w)|9zJnG9NMHPthpw5-=EfG9PV1V
zrnYsX4z<Y|KPpWES$pzTW^L&K!CWMQFIukRwH|EmLP!-r<2lu2&Gq#JQE$59o+gTj
z*G&yh;C#Yzq7J{)%iREw69|nHOun&`s(#lcn=5;wYsh6_HyiPwd#pJmqgT_D2<!}U
zDFPjqxb1uk8&7qjuazrH-^Xigr-|=iA}g(B|9U^Gb>#U8|3o_zg-BRYjH<gftO4vM
z0=3Yjg0XNd#rRTugp;z+&8S5w2Cbh(3Q@Hs+KN5y*9b_|{>v8`;lVQ!@RB)vhAtu~
zLfjYELH-L#+c9FxO0sRo;_g>dq6z@F;w_?R-|f2`-9x~U)so2%ON$J}CAq*Y)}UHJ
z7Y4f!Zqp?5C-hmoqaS%K?O5SY0)b;9z%s&SA%SSnD-5D*Q(c+vjQS7XwlbKSy|<$B
zlNzU+SeGw|BB(gCp;G0q;#sPS&@X7nKzC)`n_+CH?MnZb<2#^J!}Xl7@h+~-qK1tC
zlM-s)Fy`@S#(U9FSY?NWPqN~mIQ5t;oHiueiQ@0X4l8Ffsw<AMK<)&#+8{{i$UEyO
zPSiu&0S;{w)iGQES$Y&sz;}9za{U?7_4$(_@f2qpZ`?Z`XB*yp=q3rP{<8v4n&hy8
z$Bn^lW<~qK<Wkzajc+f>K5;xdrW&%KCi~uTHWX4AqI5xf!kKnpER=z6trQOl?4Mx5
z59PrAx4oF(uKrSWspqgy<`ah~1h}SXgp}6LBf^}ZZGlzK!nMTO5C$cYA72y-+FA>l
zC;gAGl4BDM+_s@nl9stS7MKS<M)ZwW!YD`%!(z5gDRc=hKn`d35B&0Ve7ks;GAI+2
zX-ImZ_8L@sOcGhb+Stw=2oST2oPigyGuL4uDt*gRqtb#E{gNfWu@Km_mV>#U=HEAP
z5>Llfpbrh%mO^3p6mh5(>3H<$U9AwM(C1~hajPJ|$Y}oS_=&4Z1|U5hOMVlT+nuwd
zAk3)bIPxs9xzq1SuO^QSo-jutnS5N(`2;+&w~iNKAatE^u{5}9$?0m~DrX7a|Du5<
ze`u}HEUBVh3p;M(`ED+yqufY4EfePFA-0Ba6SLRuppJsSchXqx2EY6_hUatn^-yv2
zM3S~&OC{nGKAJ_AKyymdDW3T}6iV}|7p&Q@bI<Ny>WNg==o>{x{Mh9DGTwY@hxH)l
zCDYN*;yD-xpqkOT%(BdjheMCrOUnM+@DM&tqz6V9!P!9fNicI8V(E)$_~?gYx3^HO
zl;HXw=I-$~_V0}weQodBwr$(CZQHiHYui)X?XGRNySA;})9>$2?&Kur4>-wsFv&cb
z%w#@U>sr_Qb=?zQIp9soYBLWpa^`}+F#c>(`2-6k&1uU4pbdI&51xDN__`@L!*NC+
z-FUJ`L+)fj%)UOgo_)1%dn=47Q(2c?q_{S+$Tyqfn;ixhD<ShI@obo$ES9Ya47}ae
zOZd!_pC|SX{)Cgvs*|Jzbn>f?)DYEi_BAR+HKX2NzfuiA{vxpC?M4_FBmPd2==)P_
zus_dmcbe|`DDy~Q^CZK%lrexpxmt3x>sa<S@Gd?&uB2gv=MGe@ADIRYjseb0-^r6@
z2iDd$dSHiv*AyP5on=y1TnF_lO17}+M3BmPB9+~6tAcLf;$G$mxUB`lEaL*qk?Rnu
zPOKT;i(q!uUiOw8tb!}((y!k76}&cUhf_ybbZ4R}=`QCZjai-4aKp0ke_@wc_-Y#v
zf)m<w>jn+Jeh_@xIkkS=M?KeGVGq($W!VhdyC5yWD!0*<V@<XV9JJltmsVi@7HJJI
zsX2`y%+?UeAq`N)%#0K+wF+zO>XD6D^#Ap5v?Qp*Q=`{GBoXdcJ=cm+T8Zd@CUfK5
zEW|twU1_B;PAs67-Z^h~(s~!l$cmXo+#IBBUpd+kb_Zh*{pKY8ZhLqrzY+h*vRrm^
zVSc@(D|q<h4-o`xeR;p=z22T(U(d{B-{|{(ynjAo^nP5&Q9jtboNdqGxWCIN5O#GL
z1TZ`9(|y2Vn3FD#*)@<DFA1jd(yn@+9S&pL8eY9Ev;RR1O{^WAYJ>1P0d2j9M{Ix7
z3^9k`-6E4gd~D+(w2|R``0G!g|D3>aL0c5-!-uajbAFfM?4CenVZV9}@A%1goc(`R
zEoQ=-dC$pnhQsse>eIn|-N)&w-{Zx<ysyrmH~!BeC_lSo+O3)OoZ|4=)y#D`p0eh@
zpk0YRc3#E~j}xEJBAr5ldCzcy;M4FNj873w8|+S7r6rClG=Vk<#<bYhZY=egd_{SM
zT0^waEH|6TjC=xat;Z8&(~*l|-N@4pdQjcc{EQ!GQli}hw;)!p4@ai~n$G1nu=F%i
zV4gI7VoNlrsF*~r4mWa3JaZr;4%bW#viS*AMCOe%%S0J}!@VaCIn$b0&$ONmL|iEn
zk^650;eo&CRpAG7G_-+h2tv_o5sP&qlrN!7dH(AD<w3X>Q%XvQr&+-u&64N*YqFg8
zo^PCFX};TN^GI`5Cw{I-F`1mD4CfVd|KRQlDj2kIY=VZqe+$_`rYvfiya`-sL2)RH
zGOE;>PIM3&<`)5@TDdY-OCXr~dJZ7URHfvaz=oHEj9EqmbiK~FHsz-Uf0^P4m6XcT
z-HLSl)mKpV-iQ2seNi%lMT?rx{+WU|)MjR$Wz0epejIZ-92Y+^CuX4vO=%9>JeOgA
z$E8AuV&}I@H8SKse9Q4W-m#W#N>UFTdQI2;An(H3j?K^{#Qx0vEBK_9V9OSwd+}~9
z;I9G$87{4ic5$A6JMIy=-zN-%truSafY+^^T+l^cKOgYODWryUS_R4)oo@g3j<hx#
zyfjJ~TdR?*WxyyK^1^_aLnfpR8cXx4{Tg2(+&kaXrWgsPji=&ev`uli;To_d0sHhY
zTJmohv3q8gpE`ZmRSeM9q+8r8CaUcQR8#?g0-g2J!^xOuuY)o}7W0%JIF&+E2(7kN
znD`;*Tn}R~B%9K7ms8z_j7h8sdnj%zRE~gm2n?-aZFHr~vF(?a3Yy(dz?^)rvq*7Y
zAt%A;J)C@1w&V~JFEN)MY}!kh<#JrbdFE=s#OlQLg74<W!%k39(QlQZ{I9Kdsx)7L
zTT74E&t{{`5n=cQ8aDd3-$+>!qXgR_Nwtq&hqgkVFi?J75nmEs9av$e8F)-pgkpr7
zEc#!Kb;oQrUz!?0bMM{2Xg|Tp0Be+078@P81$Ktcg36`CY+3Tv!_dMhP<b)0KDad`
zkdL}E7zT77nFnGMZ{IJp*9Km?4UH7n@BPQu!{IYd1&(!bA48jwtEZ>Drwzlz7TO7n
zMp6z`Tb4qGE1P&*I2UTyO5ScX6)@+%r1(~QBc~KQHeX){1D%{f3I~VJwY5~rjEu5_
z!o~KizsFZwH7s5t%2M`(hu$-xPIsf+l8{Mpg5}c3>XtOWr#cXbV;sUe@2*dH%QZmb
z@wW7b*MMqW((84}^Qga!$Q{JR<E5v?aZ@qS!|H8X153Ire|rJZWv3+}frhreXcm6%
zXQvRbsvML>chAZ;=GPmy-sC@b=|=0q*q1~*^ta*>azfK4X&rxL5-l3#HyEqSS$qP$
z#z5^QuriN;J)tTW33G15nBLf@V73RBGsb}yk)MgsE)J~~wyv5-p0^U~TQlgMnP_(O
zYvthEO4X;)q{Bqf1}y0Rh5=h+#SyY@W@RCVQ@9;Y@(VYQq05oWZ6PwFN^&VfRY<Zn
z`%6SeLOY9Z++r-EYa9&i6N(H1F^7<XNE~?kRTwf&D9C#HS}-8Q3w<T2tuVGh$g{?d
zIjB7a4}deaXPxeNm0ZKwQ3ZP!yD@+)v{gwX&Yg?R?TKzgfAiUdD3%Fms4rK*k#*Ez
zEcq$bW69`o2EU+43H4U9^B^-{5oq259p^l0xmd@@r6#wTdauWBo8i__a!$%@?k{jI
z-%f|aw}t8|4cS|E*PPuT%0R9aT2*DNXqLhRSASV?@(Ymca?jyN2o;t%S^tfiqLK*1
zZxhkr4g^u2TPEyTLr!$kA0Wf8M|-Vr?6x7%qfSF{AlT$IUp-MWa8^&j``G>$w;z7B
z&v`QJ(_Bmz2MOL$jpqkuEmfPk#9x8LQhFCAaXA9Fi4KM{nd0l=LCzZS4i%T-y)}_5
zr#Hg}7M3ABy-u<_Nkb2!CVsAH52~1FbbMct&U;SQw*4&V9ksGvS&#yU0lh{Jfd+NY
zTdWZ}5b^cf=7RwyB0YUq#8jH9TW@Gs!81?aZM7d6L*|u3K?TpnH>k#TUfdKu<fp#?
zl@V|GZt7?lgq0A`OdWH8!bu+6op*Qm-i^RG5QROl!+_n^7CLwBk)4M5S)GT-M95(X
z22EREBJ+X<BLWm*P4`P5QZI<29DPz5X_7qwPmz5e`M|XxTveOQL-g;kNO32XmNT+r
zkCSP;OJMDD7cuUMS+T2@AWR%p>wMfWbZY(QF)TG@YdH8SO)J4F8d0EfGJ$Srf(D$=
zcQ1<Q$8OMF&jCDNMR07j>{l+Kng@K#d)^2}BPC1vunOIWv<m?_`QWrg3K4&tHp|`f
zg84v}xf!MJX#R^@FtKu|N=%BR=Ll;i?O+!>tPooa*B<!><!5v2zFZrsjkb~_w8Z`S
zzN`&xeRF4l@*;%e?eJo`qz{({EfY#ng<n($HEsws1Wai)0;&my>p&MoxA{e7xU0-l
zu{}5m>Qv{(yd7GM?=n#i6j!~llC4-#dnlXh;h$*gMvE)z#$4}u%0oAs(H(Vg^m1P=
z{idCbIuBJ}yA}K4XpXjJuPb%i;Y~O7KEF13nykZZy<9Y%e^-2LTG`8L4aZ~hWGkE2
zRYm=s@6|Sd5^ssGr79Hadq;Rc7B;fw(?6I>w^Ef7Icr6|rB`JlB{s!fl{Z(#rv>1s
zMyFKin+gT&O^<tettA*#WW%l&NsZ-SaX>!lgxp|{-or{9*QnAYhOK*atMAQ!s6j3#
zVDjarsX)xD0VmovE<1E7;`ST($yQ*8E$VZ)>KrbTPGRkXFdph7v2<wdx`<6Wi_9RF
zYTzzksk9Dt23o5Hv3#&@%M)W0Df4i2fOF8^R#VZqNFSO9Bn^goiPU~eg=u9wLB4{i
z-NeK|A@jQ{>=76X;29|-?uB-fQ)bKoC0)hUok}>Pzmm(x{+D^A*RlJx)AnhNZJxao
z2T$jXzqB#wN&Ki2ki(|$k|a<8V|%V%nVbbQE}R@!`#J`nn(vqbt=2Ux{<OBRcsM-A
z8Ne0l&c<Oqi8wm*Oi-|Ls3G3TtcxbWY)x*R)US5PKR-8@l8L51VV9jicqm_Z=(hVN
zXjrHnsi?8~v1%;slPF{un~40m2p;Z6-ZS!NSz&aC`EKdozO)+lRQ2RzKJnuIhm}AF
z3Zk|OYWc?><$`;ej@OuaYZPfN{B_4!BLmAt`Co@@o707ci0vjI=PuejvwNT~Kt;3V
zV`hH{LoAmu*`>7P{*G0$OSs342qE8K8ct=V{a`;~^e`E#FW100<U5X3wY`z=`6h7?
zx&r>wdhjPXY8F)!YHMLex_)mcn5Q$=cps3i7+<6fU(;9H)mEi<IUQOlsv`wEEPhG1
zY7Xt&qUO6b60X3R6+i1{bTmYu1YW#RQUG08yFSgZSM7G@)_YxFt+t9&!Ju`|bQ-AV
z2e0LNsr2oG`BfKvIPKZU$%BQDeEAnlik$p>d4O<Naa#F47{>c3c7iAUWVd^*r3)AC
zz=C3IE&AwofAYA*z`i$92XZ^4WQ0ueCGg&-!UY5BjBA0UNqCUwCanVkLCa0Lzd?T%
z0VFg3<m|~DIS3IFu<OkNhrv>;v>Pk?6V!fZ@CK378W5cjb*31-oYnF{_jumlLtfuF
ze_QEcpA|Sd49eU7b;M^~e5C6;`zJLMFG=9Z^Dx(?YxDIdFS-|{u)AwjSTMp!7C-ik
z!~K3`_;@nUkl(vIG4GQ66RDb9!_#lIKDw4)Jh!Q7M(m||ull~WF!q1>cY$}aTy$1$
z{EtM94oh$C#EA_2wu(!wyRD;SUMe@)V&-nU?hIaiY-9~zhhdAA3*fCF>a-wT;s5`(
zEeNK&`WJB0m+y)L+RV!yDR>0%4L-k)?qU|VcN}b6?4DZ-h|MZBI`p`)ny7o+cVOr>
zH~!cLKo8G0QmbT!!h>lOpsD#i82u$WjZ)8-5)MP$SCpN!omu#2Ekm=!HI*Gx#7fjz
z)Ce18Dn5)R{=%75n!8Jp544XaGx?`du+WkB&2)BjgIh)=;7OHw&{a65J~VDy@KG4^
z{W<cM2`8mi0o!1EdTlVUjsADDiv38I=@z3HOXG6r1_4RA`wXq!wF$=H)Um7<ZNzqm
z1Zr0i^>oH{0veZHi%bnWRE864QZ$qmG0Z5IRBNj@r2Q~*_=)the4Q<FgpA}MtQ(hl
zvS_H>(&(T-bv$Zl^u3iH)sDV}myx%IL=;nBd-n`R^J_d^_$w5H)=0rJ5LlFu`%x3n
zJ3p^2GSO7+TOWWVovj;&eTIg6;$og-4X=-4*U-0b^ZCvivUWgO;{-M?jN9GLFk)kE
zr<o}!ZmoR;@@ZmFA5T@fnY^Obwn3P9NT_FB`v-N)QWhC~R=oZpBOoFFM@EdDhMK)k
zKR+Av@_cO?w6z7ijp`rh{B`)tWb+O7f&wlxB3$;@YSV>a^UG@w7FSk8u5y&6a(ewu
z|5bCW`9rFhc-#a_Q*Ido83wVK`aN+<Q@*(9Ie*g*LpFmW8VB_2Cer9XF`{}5n>VP<
zc;^#I?KK{bXkhV{Iz$n+y@L4QDzhdu42pkKN}2a(d*RaN{t}wTiLG0BZ&LV2U8TkO
z<AF{25Qyb6T>5L|iUG<3x}J61b7r9GcQ|=p)@6IlPyWGaX?i!kNw;cP|8*=HYqD0G
z>s}rkcaD)RL;h==uY~RHh~lX&7s)|DO4^KU-Bzhf|0WDYqdLkhA*qy31?xHIw?Qr!
zYmcR?^`;FetEAboVzvLdPl|;K|A{tn8#j?Et$rZ_0kAg<X{9wQX}W9JE8f1onN{?{
zt1VOa?G;^>18n7h;KA&-K1(1LyxT>6-}rdkMCxq-k3hh?ee=iD&uKYiK0n~i_2h)<
z^KNvz&SN(WG5`Ad`m+1&dbq7_Rv}=o>t-jCxz9a+=c?PNyzddLvFqcBVl1ll73hDb
zXu30GCK#<4q5_|_j$WwlCUfvqT1N#)rg*=IGk@Bx&9IERU3Rr2+Cp@iLk_luY<}WJ
z_2t7|w93K7A0eW!W4ZloDRVKloM|2CPtSI7<<<Ps3NArj<rTBNgTThRJ;B9a#J<f}
zqE(?=*Wv-V+0>~XnQG)kAY5X~ww|;gVW(eQwO8|gV@PRO>i*QBg!O;GtFcxVunE0G
z{;|<co=w`bFR8hR)R>FdlE)8=Hlz=zL9Lt&bnIG#A|Lv3S}~wz-?u59d}=N|Cs8k{
zcSNfq*+)T(Ly3I{_q4iO?Rv=m;*Rl%dewvI_)fa#Q|^r@^Yv#L`Hl3so!kR2m5g-f
zt8bn;+0gETh5Y}iKnOdOuZBWv=|8zhvTZDAN@p;wLh+|WRrhSuj{YY=xQ^{Eu^w`~
z$VvCMMeaN)EkhPnd{tH!C-wlFP*NpF6H|>dQZMAwwpYY;Y2^IB35bg0mGlfXEZDj~
zE)z|S5rqg$5AJXi+EN$Y^e9bKRT~u|2mkR86*6H*`!KRcJqW`IwF{ul?uGWjp97DK
z^SF~rxN-ZpadTb=!hb$!pyG@t)ynbno$=rfncU#p61+9AL}gqNyrj_|VcHE*5xN8=
zC*V}LFl19QyPbAl%Fk7Wz#Rfdl;>p5ORPvX*WoLcopkrZ>7mpbQO`0ySxpAjpp4BE
zx=*{uWY&3B@uIUhCh9sP2?67wSk_O&Lw9=vBWX<9V2-86S2I(UQo88(lT}1B2^Ect
zr&=a9el69uAKDP;V^G2tuc)7WKG!I}-_Gln*K(bP*hqK)>KUrj%`e;PG|@YXdZRw5
z?~K+_^b|J5K6#D<Mnfq*=aTjpFNyu_pNNeIg!VQ?C9FL(ZF_dq2)X4BF+20Lb|l`C
zx77Bdb~hRx>ry>Vn>g1Tw&EwUzouRClv0JFhe~~1n5m`<;2Lxm4z<r5zRYf^<p5DZ
zBabVsg@YfPsS)*T-&n&9_Y1#SC(%QD<QkP9-pWqNXYACZBnX01CMBBf)O+nTmKzvy
z!cEM~mi?bCGduU;x%2|(IixaHXvtE*O?6gKqKkq2g6xHP%Q)Uyi#KlncMMJ!uadMG
zpq7NUeHNe##{G7cl5g*||05$r2dB466KpGIP-^)<@}a0s1@(M9hPr#kBc!2yB+TlM
z20_{XbslU}_|_oQ6*u$^u(sWaxHb2}Xvg8v%9M;>*lv{ai@4;&=u;!wjH4Bc>`8_*
zE%i;;Ea?npDkY-GQ8hK@?cJiv<T}OPZLgssB9~EAr0jL2d4G*OQC6XBT#$(aLt3#X
zc@>(@&^QhLiiq=(hN*%ZrCc^Wqg5w7?-W`F_pRB-gZ$}5{b^1dD7k~2v)UHm1Zp0&
z(ocW+Ble^g5yx96yglweas0tu8sWp}XV5{ww~8I1no>Jd%hUlkc&l$)-i&>$T4h~?
zj;8~uV=6(N;S?ObLQHDnIwO2wGzo=H59<2@YTwGy9{A#}Hn3URtCQQS<c!m^Ri%>W
zQ+fF8*Gh~@43~I1Ch+nIy!_Y-3Rdsj5#41$!L&^TQ^vYFlKk3C2INeEc8z=T$PvXu
zUcMU|J=hiEa|o~qx-M<hz6lPoJYoB)Rh^nRQHmCJ^C;(BXy`$}WAHinRlsRaEJl~3
z)!;uUBBa8w^l~!!g-VB_BMkZ{rrL-v5l0Z@;+x>(cy`Ne=`N7n^RN`v7SS6GNe2Ea
zUx3OUGdf!|O8B_~v5FoG2+Wj~Z<WeiB5WOO+&Ot%N;GQ1lJ?Wli5&`BKsN^*cTM03
zRiB_&xUt?R;HxF|+3%m`#)}E<mCrOd^+SOi^3`@|51p=o!ER3owK%;6>NYAJ1Itj%
z)J=eoXLG9TpcLVf*DW-c5tTy4z~GD82=!@oP}g9q<Xpd=)U|yrqQJTnKO=JQAaJfq
z-aPbdJ201*$Ch<|G4L?X3ChLAm&^UyhlSVQqp5y3C61rZ)vDC7r2OsKv9!~pOz#(e
zRugbGN%f2*r{uo`A5)ev-Qt}9dGV)xE3)Cd@YkZDjkp{h)`fd#9karJdO{mbgU@GI
zWQm}yo%f_$_#U$$RE6u*FZ$vg%%~zCCXgkZ(r-Fof^6bBXd3gy_VBdlm6Kfiv{_9i
zl34~kx~sTva<1?%#5%jZ4%4q#h0ML4BqR|_7pnFom?N6==Ufk@%bD6qneJN+Csjoe
zDD$+2Kd;(`fotc;KaC|*o9Cme20=m7*$dCx=4*YNeEeQc+%t;;Q-{-IV@j3lk;Ui6
zkIyfwCW<%gx)R2=P1k^!(Nt9*w0r9@#H`ZL{Vs#BYkq0zCJEH1b+)Chxe3}3x6wi+
zrq<QR>&t*wZNV!+%R)3fTG5<*w=mBpVbg&(G6yt=@JL$I)GMEd2$#r`(4?brI=*V5
zB8S>XGdDaLii;ImlzZO7$7fY)A96J}gnGr7Oevtfk5Y5%OBw+0Ut=Tih5<U0wu>Ja
zQvE!54;#gKn-cGa#M{!!ToyC09qJKE$;&G9%0+kJDnhGz^tv&@%+9{+D(Kun>m5x2
z>~i~AalEXen0H&uNMT-8xHGJ}WR1J=zuL{M*@n+NvP({H;Oa}e<i|~9e9W(FI~w1A
z*vvrX8VQp~&taA-E*$f-81JjLhvt0L3*H8w7GRz$4JI#FvLA@h!@3{-Bm{x#&rTch
zH(|JmLGMfNrjJ<?7|A9@A5k|JcrY^D_9(V<&!{3X9Ojq{v1;$HU!pKZMA%aLXtKK4
zS-QJ2M5huRojmwQ=WOH4HgI!rqkk~Ev<u8GxUnXX8$Zf?3A`>%)iN1pV3kuzZ6}9M
zCmeU~fW3;sXeXx7n)k3NbVui;XLlpO1=$0e*Olm1w*2!Pi>p-%Gl{@exK`6>t*XgL
zqm^nrVT1u_%3rKFAoYaIOsp=*(*OUk5-cHZ)+#q2H*(E5My1U}yu+1SC7AuE$5aEV
zO|>q=mL!WZ=vhQisOyzN?UR><wM2dUy{Ie+jAQTzw(+j)>#88R2J<I_?-TLhi0-ah
z_1%`4Q0F=e>@4%NDc=+@n8w4}eoL5gC|#lXIJ2Z|9Jzph46wP>>emD&RALEQC&b+N
zd9jnhZ*4Fz1Fn|p)<Gz;drz(|&}Gs<EOQL4cbib-wBE?804C)ptIuMNih5E?+Zox_
z|NdtCd$(&|wWt-i)~V%2W;XWw&=HX>_6jU!Io7uvtLim1@6VV}(gf>NEB2~4#A5S%
zaBXtwvC5DYnyp>kd2S|oRzjgdxwtOtkJcwd_J_D9VQa4yANah!hZmumhc8)IX=}Tv
z%HeYuv+Y!v|H4Ck?Xf!#ullEIyvYk^3HH~;FuZ5X{n~6^<F2s+$3v<_y(SXK2Kv!1
z*fJ56q<@Dj9s#&Vzi=szM{E%)!_HF=_{r8fN)2ocq3hwWqwrm{zh<LswPg%qvIO{E
zFWKs_?20H~T+kim%8+VVfkj!}%|vpQ+151^hi(E*cnX)BFFWq9Pzm4+c+#A7+-jci
z%H$pdnL`7SK~PEPRCKb2)!rM3zRJ{?k6JIm49>eL1WFMYVx91rmUZL71RPeNLo*zG
zaSVKSVt6NLhdjxBDWiXKH2MCpp`=@HvT7(qA3#S?DY)8`^%x)=5hwb<>C<v-T5fNH
ztt>MWYGf__OEh~myr;_=U8htw{M?X*dI7EhBn4b50|YI(hfQ{!@BZ>Wwj_EsbHVfk
z$DA^g*;;ye_X*bwHG*QK+<)jQC@Kcx%-emPV;jJQ9HI2X{5`_PUSSE!==LLEG^+By
zPr!@;oQsv!*+ZdKaP?Gvt|f+0H63u9Ynn0G^D4UYM4z}h&GkBVRU8nKUGgAufk9O7
z#NE46V5)G)?kZN8_Y|Ev_=(!(fW&F$1gb#hYWEeB)VgCye~5BbgRu%X3}&;FBhmwJ
zcP`ExV>HI}Xca7v22IQ63*GptIay14GM|#%`emRY`>5LzZwy0NT2f{P=3^X7O-2SA
z-B;oq^{yt303@*o?rSF2N!PY5cO>u}5Gm&pe&#!hXh)y5s^0p}<n}#G<KgJkm@+AP
zJuDHS5-6G&R!IvjpdHE{Sn#DiN0ay|6V3nDPcxFD=G6QBvfFY)?h4vLlIV05L}`&)
zYTt$_h6Y|<D9qjbU4lr}03J^9YYA)n0siK{QXY#(ep@=57kEJh!;PluB!kO;AF<72
z`EAzfqOO@l`?P%e1@89^p!Ky<)G5psgQ_3Uqe{Z6EgVt@9`NUq62B1!#u84kO7F$D
z6jSl@UjSvx>gDGj+0hp5vhlMYG-|HIGQX-kd>@@O>`u~HGI6Z5Foo339-Y)~Vp6O0
ztWF)%M(Y9pcNrP!S<u%^N{3;s&b9JJLnd<DV|PT0kjTng%O9(r$_LSuq|G%zauRF%
zd|LZ}s(;*GBD)s&MC%1v5Xo`cH)|Q|`5&QhlXV$#Ui!4}wQLEONr1sTD-o5X06*n9
z3`VZP_(f6rJXgyX3xd-yF%2H!C3x~!lW`nh+n=CAQW+{xu%sPG_pS_qc-m{+Z21h=
zZkS~Nk+7(E$$CNsrEc4pwc1T1w%y_zG1E>(h1w;Y!LHy>>J3t-3rs54`0F6<nr%It
zaWBnB|8;5WMGORRN^k?Cl?%I;>=M|iI+^g5p>eDrqqj+$)H{30){oTgIrjTM-@*@W
zx3l2_P$ozMcaRYz5R5C1@dkYlRaY4ny6$=%+r=GqOxI?dIdys3=|C=P8+}Fi6ZXz;
zl1_7f;{&^HJNM+Dn{eui6u>eIn%)}IWB`s*U+$conkTa9N8Bb2W%`9paTk<N#YqzL
zY#n}JmrbI<85~Y&7Cb*R;EX8IGWvz3-j)Rj)vS%&14dL}EXOQJIM$F?qkpe*Jc5c)
zdeV7yQl%AWQB~hjf5_t6=g;HM*rI`yQesbVYk^T_!)bl~cjMk4n^Ls(Ksd@ZS*ra<
zu?1))*oJR(=#qeODFa|kN|kCnXc_~#<W-g0k6v3V;gh`-r1sbJ$N7^)_SJ4#SnzS1
z%ITT-!;5m9LmfBDf(1A(@ttWA6;oXfi5{+w6p<CYCK&A9U@S7|ZBnAAxgmGuVvtiB
zi5xH4zYOw?Xw5{Ei{iR3d6wgxes!dQkrs+GlEzK?-h6vo^eFx*3b^m!#{T=6hrlC{
zu$Lfk?cei3@B8ZN;bCzy?ZMFN=jZ<pyX*HN{`;-v<I(;Ep69ESB5`}WP9Q4FUPj?y
zFt!A{16&|D&s^!xBHa+Tr3@VyctryQ+L_x2Bq6BC(#z@UKf&ggHQYc%jv|6DLa1f#
zy(I9{!R;$$obaPCRn?~i1gRbx>xQBY&*H7u9yZ+Y7wL`-Q~1uD((Wn9-y9Ji*%^I7
z?!Cx#;Ucl^kXYUai-#Lp@l{6ySaAAnU0L>aZ?7vkN=hAn8mx;GshWI<f!tl}f4Yo-
zd-%bvMnSj9l#?(BWf8B#Be$hVJO40#$N4$9!KyN%s7J@7Zx@lZ%15=_W)UUtO4gt6
zVdEmT-LYh{DwBfn+!k8trl=_F5_f0F=e9MuVH31VvRr{QcnMQTDzIrn8Of;Y{9|)9
z_Md!UrYLQ72#jU08mQJ!+iE|!$w}kFcm{s844a6yDg69i_xV0%w<mS@tSxBPA+r)$
zc;@@KyzXdaFV%FGPhXqYl2_J{x<=0d7Rw3mHw{dh`Z)Hw*%dw*H4Oh9JCfMgP4k(g
z`MWI23MlU1+u3BjwceWXc;b5HPEfhFV|@F%j?ad#V09G>VG=xkXpfz_NFkXgnhf0!
zO|n@X0Y3+$0mN1%ZQliEjb>A(LB}vUo;N!vx|U=VxSHmxrIyy|I;Up#^jKO^>Dg)j
zi@IaXSFVEL61s89Oe^auM|N>$=uBt0vtACE_2!;K#5-?$<ZLv^hMDdAZXPm!o!tU9
zd%(deBnHKZXw$Sh+6u_msc{4;*f}J%n~CDeLa0~cOc!Wi7J~trFW!VwS8KPxu%`Kz
z84CEie7RXzZtQbybuwrTr7>tMnXh@Am8gB5vFY!eabXfo5m@cAvUPDEYI7O*s!b7&
zwyp_4SMp!*YEI(*+Op;7W>rLUh@mjaW;I!0ho-fdSZZTXX5$OrS$Ifpf{P}#G5}of
zZjb>R)tic5>5P4wmqEDPE*tZ)s>oL?9@XS<ioon6TP6q3cF6A<<aS&baFz^e!Ip1m
zBveGI6@zQX+4V$*#C8Atx-|g1F1Q!>;I_@EG!c7vmlETG)}>w>>*P1Hhmne^0YF1M
zpL0u|I)w~&RJzB}Z*6XD>+#`|1*epaFra&SOcTOfqE5=SePI|_96}B;W&#Lq&LLoK
zmYrg!Z4p~Hl>NC>p~SyD8vjU}eXjnL7sXn(9|if47pzB94P=9Ka&LM<CC6?W=V@{(
z=6~5cc!WhMfo6jYs#~L7*2^*(+jTwJ<I`D2TYeiqfD{nld!zK58<VA;psFqDr<%qP
z=yr}&Qb&2Vw%_@<K(XM^3|rHd+&nC>`(U;(i-K$Rd;;>lZ3|}eZ`1$0wHAJjo&HqN
zGVQ4<I7$WQfWjmtgj1YAAu7QDu=_smKD_i{mu2n#vwL5Ks~7aVzY#CCf@7kX-!4}I
z=9vj(g$ee$zrkqiuF+y@k}3OV&lejC9rtvrD_N1ZSBge=`w#wuAio<}2iD+1OHxU3
z8q6{hpHfNEt`9~OUF;@^1ZqKR>IiyXc`(=6)+~eY5>&%7(5LITKCGg8?u8N7ywe;K
z=Ly$}Rl66M;hV7Jp9m6UuQ5WiqpmSnPf|B&Ept{8@-j#xjOJNO*jrXj`@$nObc}};
zs=ElQa(9c;pOaKtfR>bYp;y=r@b)KMjEUJlUm;Z;%%d9nHP&+BVWq8hL%qIOZEZ~;
z)@ia9{^`!psG;71!Kel$@Qd&|Wz^hEuxz#IF`atcM74}o)}c;MJ>ytIaFuBG3+T+Y
zjWsJQv0Z>D##B8TT5Tq#l_pWxf}Bo2{eT(nERNUo&z6*tqQ#&xPa_<LYbP01h8mCo
zBkUt4!wI<yHY+@%otZ0$F@kb}-TEhoX}*-?E4IthFVtzl>@MSIU#(GCM7+ebCZmjO
z*;Uo*9j6naQiYw10G&{JV^jiB2<<r!OzQzN7v1!p8B_*&1?pYG+NDu9EB|NsNJ@r!
zYWMUQE>qowg$;v*dU7Lpbx#*>Lr2Csk*Y~<oc8>S-o4j6&5^i^d9|EXi!wQ@gC;sD
zbHg=L8<VyX;=5r?L5`ijE>mr1k!-a>ChV-$7pFrufnmw3U0Dr<H;u_H4kCMPvb+QH
z2B~{`-1u=(Sclrq7&8M}4Z(9%B=}=Ow<+}P4Nc^OW>MlqwR2F<mm|k{@=pC_hLOdc
zd=Kodyc3K{PVd+_;y7i(gNbRh8UkS<!SPPV)XWkV>mXEf&bcCCx8z;qr88p6XnO~_
zezHJf3UAiVtz&H?eF)?#@iwkk`t_6@$}WA`_X!tQJ{bA7Tz}+n@zu^C?fD5nan=Vv
zmTgzicV}<ROo=U`FG+0}+mV}V)}fD>nxQSmTH2O>ku;P#_(QCIleTK7w`hW0_3>;3
z>3#f%)ebqYv)p01H;F$!u*!>U(R*Ax?OziVL!YJ@;s!wda@EHoW9N>{gVYLz?95L?
zKJu_lN;iU5ip-F0lef$X5V+1LW=r-qV24#J*D^TdMNrxl^>`OgxdQ#k8|C(S&-`8=
z$&D>}Xs|j_w1qVj_EJE!&-r=K5FY!vX&gt$4wAO}3Fi*wU^#8GagNixld6l3y5Q-#
zm`fP&`wfX<-5N9jRq#}W%~#9Q&(KL&9J1+Ba(S-1OF}wLW;<&yir3j)8l$u)%W;i#
zO_DNm5B$grvCaBC-aqofT)B?X1MC42hR4mm!f+|>EuVn5t~XB0qma+Z!QE^7?|f2(
z#53ONL-(x7VWst>u37|&uMg++*4TMP5ORaonUg6vNAvdjJh%#-b=BMzSbj&A1L!^2
zVo@2UVTzOYd9r=Zk8M!c`4+j)X%ZY4!YpHtX;URW6y>#xi3NdHx9cvaOV`C#?7q4i
z5Bs|$jdl*LcFMR*U^jT>d{rG(S{1N$#)4_-J4{j`u`&Lt(3%SRG+AV_!o8}6=Bm#6
zw9PTCr`|s`8M748v1^$090uQZntDnY3tG)Z^{Jt{b)%SJIPnO#%`}l2M*wV7S5f_2
zN5OvlF&^gvc=|K=i$+#mP@dwsX)7l`nQUf-3N&XmmFbf$Mi*ncT7>xs8Yj<;w#Ck?
z2}t!hu#DegOH9v{+8yvbtg|2ccBaFwK)ndD<ju>@Vr&d^dm;j_#1o&|>#>L=?0U)W
zJ3*jsxNyjA<2k;YxoBNxcbx<*mDzM|82L@C`GC@VlR=*`u);*DO-Aw8s<gN=tRQ5N
zW%U>!*Q=Dr4;;qLpcO0bL&U>Tvbr_RXYI(ks^qrlQynZ~g;&}pd^K2QJ}gh)t(U_p
z6!T4SkAHv0c68L$j=#Hl-<EA*BcS_GnCk?x*U=}!IQgijmDa~P-Ouo<4|v^*W{o6$
z9PBfKt>GieQm*Q{jDy)!MFtCO0MOCqFVtSxi8nV$Z;Q|Mxpw=f&$St&C^D-`p^8PC
z9)rKYowndlZ=Gd(HQY(S<Xl8q`uX0o?ZgvYxMs)ZrPLU{E}JYisE`UrZ(o;TPL&eB
zHYH1U-s`X$$rRe^YqmzxC=hKNc)c`1mnjfw%zs{}jHE=cnT7J0Th!c>JGAnxWUr7f
zHd?t)kvo*SOD!5!o(L}_=fx2~(ot;%w7K&AlI;>_<B!<S%^zKr1JH?aBN~$?@`_hG
z3^#?eEi6=d=mEHV{WD-&WpvFO3t<T}??Pc+i!?dt^_G?LJHCiZlsMeRS&vfBUAvP0
zaoz)UVs;o1_(Y%k`o>0|gFV*XA!i`qGU5>L#6#&33FB^=Veh{McbkND8^vw^u^_Of
zMor&mJ5mFr9<@28uZd_6XE|{#{3$f-sOfZ^ZKvzR9xz>v9GjX%PfYGK;?QlSF1Cs!
zcu?1g)3G|S(7UfL{RT1c&b2~EZ=~wt5w)t)L4%vUtW{q-Jl`%Y3+MZws*&={p0bEw
zOaB|KGS_Pi*{NJZQ7I)pdhqWri2U$WN^?r?AzA&05rU}3;~zE1?Bsx(k8@mv8BS}!
zF+B|1KVt~31Da`hJI(9dgK;UfapMwWWWAXX>0%~yYJ*yByHL_9!*U5y0l#cGkM}N5
zM6oOSrpjNDz(RW!>lMBA%`beJ`Vx(xL`I{S4~y|~B&enWfAS=d$$Rvdg3?K>oPnRF
zbbhi}gS|^yX#n>1vG^obkrfc2g%p>el?x@E<X0O3OXSD!dziTP7Or;1Zqv|fVclfC
zSGX}rx}A92)UEiWGj&tb(n!3X5;~U@k>eFM9gCQFCEfL$c)ww^X%|oJ#HK9`tX=13
z2|9we%uA@R%u5L1EMIz0i?0SqP18oBV}Bc?r^|>3WDqS0$}sfO`7M$#-DNxTaH1%9
zZwF^{lJjAbVd8T)CjZu=VEqQGjG1OoLf^EA<8IKPa~u%f@fbSSyu)Gr!(pD?OJfO?
zA+C{UA|~OrIqtE`?omxI=iwG}{7iDmz|U9uRlfEBiWs5@_t528G$VrZXbfG6udT@_
z_=O#3Fv)#KOXySU>Q3W<aRI!GcSo*5$%N(N^x0zkHb0R2EcZu*8j3^hwgs;0u{yd*
zR{kUSn7NM<F3=Ix##d+h6y8yF><eI^UtgCZ+l-rV4ipGOMDt9LjTc!q>HQ3onl4DZ
z$LP`~&4{_2347z4i=Udy^k143UB>DOdhT5Ag1>SQ@k@wZ;Ytp(%$|JihX#+4TnH<|
zW65rvR8e8oSaaxDSU~UH0r?w79@8s4kE@v;IGLbE5!)`|x<Jo61Lj1D*cuvh-je(v
z0VvQswh=K%>{nwMRvdph@u*kv6<}Hp-TZB~<ExAb<F=&;1?HkpY#7~N)7yv^T$qR)
zO8GHNOoOm20zn{8o>iHj)U96+m28P7d-3cE(~}SeN*iq8EYs(n|Cl(&p?JG<c8Ar^
zcMzYLSWx4%so1IqnhjtwR1)xOu~s#4&BoArn7lr_`^29JcDI>`Uz%drF0IGLTWEGB
z!a|_=<Dc7g8!o^vUq)k?4rl$43)-}!R~t#(nRq<Om|ajHm*kkvxmwGX`Ogx6T@cCx
zgC6Jt+4vDK_7R@f%D^oQkO03gqiQYf?32G|E1n6{{t;ACIV{EIm@ca7>Z;X9ES7?Z
zE#kA803x|4IGT;oLDOLdYfi|s0lKzp!@r!nen-b~D-!YgI!>=ZrtHwMj9l|`VnFK2
z+~(@m4(x|u*MSyz-Db$%Dx9@#u+@Z5%J`@$Wmoa=*SSb0nO1=~i9<H`MxVyp2wWmn
zdF1^^F5LH%NkE%_d^wnM`9E<h_x?vNOz8+lD9!K1g*N+lfxJP-7%H?1ezDbMXw%r)
zoV-;5oP%KL{sb+B#uQoW9aH+|PUC*EPIjh<tS8-@3CyJDV4=G~I{?@CD5m6kP}_Ns
zrAt6pf7av9{+{Hjx<_?K-4BZGC?wD#9nyMvUMV{DF!Gr`fhVa;Q-xCB)4}-|K~%NT
zrll(*A`>UpkR_mQ{GG_8Ny}9f6tk!xdP=<G1}3>}%0<5(=Iwy~BQAVZFY(_bTo$Fc
zo-T;fL4ySr{{x74<Ab16@ok&IOd6v}yF}7$V{v^jl0aUD{5t@ik@2`SDnuYZ6g&;%
z&PaMtgZi;$4dqPI9pg=cbD{QN7owq({(gCs@Ai<&c*#gh*<<}?Gi3AZmsQ;9jpT%N
z)cpCM$LTt`UUjpn8`j<Q+}JHgf97hp4B9T<Sld+hlGYg@%VpD)!RsyY#JICr{E!Q+
zN$94npZNhoP0-nhi;UX-6x6DgW}0uNRF7Ql=O}3PC*DFd!(&NA@0YE6S$MN!Jm2t%
zda>c#dShj`!x8a`#vANzNC<`>amW-fVS$EkeCdtG8P6{DasHoobQ3r8C!P`q@p{q5
zv$eKW_i5<}v%$DngQJ-8rkrprXxX?JD_3+35{x+bH!SN1nAjtGns)6|GUUz3D{;gU
zf?pXqPMe-^y|8D4l!w+cVynY-o4Dc%j73u&O-ib0i>+6Pg3K~Kq|tR7(kcU{)m3cg
z6}-pr!5XwQ&jT=Vyx=UnI~uIO&6JOnVq*>((|_5f5mM@X(VJ(`-84Wk1!!=2{q$Ni
zcsr2g;*G7c<;@A^0er`E<Hi9YJ;B<;o%%Nbiv8Z@)TGX*6zeP1i*^Mc)~n=YS;9h+
zQo_2fChN?e7e7KHA*DuVUs*DhmFF8Nj)z|HqK65x^hWBR2coOU^iwM{hE_ozq3T~i
zKCQ-BFY3X)6w?kjDh+m7lI0qxK@Y{xcl3%mjO%!dz#Ed5EaC2ygja)BlcA{lknNxC
zKqn=a3Io7xcXe_N`c;J(U^lPv77TS}o{$m*JY?P!A(?<B8MhqvN4<4Y08R1G8d@F*
zWZ@r<hot3DU__D#TstOb$oiiSt{5(};V->Uc4b3e<;1v)0=%&^Cql2GESwqpd@kCO
zGrHBu%8*!Ji159p-GT49lzN29lt$MI2LMUMFlQdJ_5*>Y397p9@g^I_QD}4bCkjp}
zwwZoG+b4Z+j^^kmYWbIWhEQX>{OSfII}$I?ZF3i55`<#3#rC*p4f-jz%Ue_jzKLjN
z@q*Bw77!<J(@Y6fm0?zP*Oj&;Zfx<aQRa~^7>`v;=v)-FQwW)|0GG1#u`=se`dQlu
zO|a<#+xf_^-UZuCko6s|i{>tl*MA=miw(9Mtldr!-)XPUC-F<P{gutZ-y0*>q#|hP
zO^2C3<N{oL5!sa5K&Rp*mBy-8<FR9itih%4*E#K5&-Nl{!lXNNXyD%%vE`ltz8v(x
zS&+L*0uAsB6k%xqK&5U~0Y@G8ohq?jQz-^pbECy}yw(Qt#+Uep3#H;!wxZQY&uYvu
zTD)l|h9eAc4pZI5{VgNhj$+e2v#z%{F?Ii$duhGIv4gD9!=fJD^%m~53>lZY(melH
zctRjFD75dm2+`5pc94qK;B~_~XS{&qgis@>fJ^2YCk`THauJ#Wp0NQh(}Jwat4#Xc
z7-Z4oHSDy*owp<!x0^E~Nv3xn&93T+6a%@j*s7UMKxyo!C@C0k3d%ClDh$YQ*gUWg
zY<c3vwV)u4?~NV{iCDOB{vGXanV+EAMfp2OJ1%BXUTSa9l9T1WM};h>GjdjwwHtAX
z|ES13svXbUC8Vz9A-@RoP08S*eJg6To|AKzVW-JRVPfYJ0kGS^twn^TiSxWCWSegD
z5TvRr1NIwaIaE7HuNlowa>&-yLtK8AekZqw+bh8RJ=xc;k7=7WGVT=1i=ivg2~GvX
z4tud2d&g;?UX6Mzvjarl%Y>9lH6;fYVDQEusgM~o_$Cb#5n|grEZ#hw-U+evEW>2c
zAixu0=;?`BoOiu=N#zA9w*N*<r3ghwY#XipihI@WE@VI?;uta(PAP|D*X52sV;;d0
zTnodOgXb+$eor^lQ?=9s#_h}2hAr{!I1TkSbFd;9FhA8x-Q!=X_7k*ti)*h)7ICmY
zxr@0dE%rI++_>VK*^(3R`EVl*wz=4D`^axgRV6XM63xwaA=01$j3-x>cKk;!T(tcv
zdGPlN?E8;g2ryBvU8vC_jp-Z6JtH9SJpLRVhjXhiEOLqK-!4pRHVQYk1NR-qkad}&
z+ALCLvUq(15Xt*_qw629cm2#E<FIH_>zK6(jcQEO{j2!(eu+r>nR!d_w@^N48}Lh_
z&0lm<Tm9aeZ(}>e@ckw_Txq(@)mq)}n;x|X_keF+X7)4QMr)-<-<}N!pY8xZ$%y^1
z+eJ56(WtbiY&u=8RM362R;y{h^}VC%x>egY;ZyZ;vmUmHavQZ|Tpi|Jn}uTxeBbcp
zr8J;3pmG^LyAe^>O4XgR?#Em}<TmjgeH%-PkszW=wC0Otb$eEbWZQ_Z$|#$glQ1@_
zfyB8g(C7zRZ>LS{+~epr);P9F*VQdm;CZyav$JX;op4J(hy2==OvPWkL?Wz(^ZMBK
zA<oFn!@g2w`XyqkCS0~i6^a}GZ*;B4%uUwc)Sf??bxLwwIAya`^vzo5$aCq66v?4g
zy<f>kU9kdJyh@L+bL&(m+I2nJr=`@x@#EbzasYa0+@#V~GU364o6NeWs=YlA3E<+)
zs^`NY4u>2djw4<jx9NX_%-R?80zf-eLN<!5!CrrG&<E=xz1AH)9~c14eCKhc?@4bT
ze2uFWdhQ%SCp_E#pbHEJdU-D{jE?Ced>z<b41Y!}f6xU)69#k{?fhnMuL-o~z)6j6
z4oWdhoT;t53YFtVLa3LROUvH(wiH-loguU7`R$y0<@v8{J?%e5^SI8g?qdWBcPfr2
zcl|)^JRejRCj=Z8kfaAHdGUC<j?<NC(-piS_^E#(98%M0X!I0uxn7nC%Q2gG;~1cH
zAjPmgf6#>!;U;q-SoR8`Jfs18r#+0sJl?sFYS_%oA=&D_o==<bS-Cm1kL(t#lUU7f
z=`$F~feiGTxsL=`q``pczN*(cV<fTWn)ie>_199L4<w?Re=B1F5C0HcWTE~;7oK-4
z(Li&Tos~FLDVs*`U3d`m_BV*Q7R3CzJ+9*i6e_imtFO}_Z?0P3*<l61A370p9>J4I
z1m5@a5I^XTm%%>~h5-&83#~94C=iMYu=GZ>6|lrOgBRarX6xOo0YNEwGflwW70&Uz
zl)DdFsS@6L4<JXBtOsA!umx3P2LB#$YpT8<7y`WGHx3i9jEy0c;%CV}Y;TT7U%B`6
zGZ|f<In<ZPdbwA&?&SM7L2caa=lt)l8p}5pe^wX%2Wd+=e(Qw3<T@k+Imm6<yjjG4
zA(_!lM@#^~=UOOd@N-qwiA@Y>U(N@|&_LcI7U>eU50h(b;GZZVXSoBz_s3>R-OPf@
z*3^5atUt+o&dDDA?yWtkX%(%o14&Z$78!(<UU0Xc-}>Z|wE5{MOQ*B03YR@qgXHle
zMYP3xAmoQ3UMd&ivUwq@jlCud_rEwp%r{6$GUlA7oNwFY$miZHPq99%5Eu{3{1@)t
zBs}$gj>AuoVWMJD#?sH_Tdmya9*EHLc*Kv+i3?z)kLu`qwH><V)ZbqxWc0~flgH;o
zqVw>Fp0DVkKD*|>RWu^2thEo*UF^<I=lo0sfHmKH^i6N!52}bkqlo$sG~H9WH03Mq
zv$AMd7S<pPh5UR;Z6x^DbFl$S1U_w6w<3GNe+lli_+k-Z7*vMvcd|=#rRjzd=9F8J
z&!f6ccl3cuHPBfqjpazE?dY5&hYN}MIuD;HseJF{)z4=r`l-BvE&T$oAwSR~+_*sC
zCU`Gbzdx6>Eb)7wJ^I#$#IE`E66C9CXBA$^KTV4r%vd0PcPSVrHr)89PbsG-piZ{&
z9I1Ey^?AI%LOIm=(~0cGPB;X@KbdQcP|oX_<k^=YG9N2igy!NA#gT*AOY?C4F#kMJ
z7*Ld;n}gA~wV%2kX<@wlormAykspo*PjZc<(9e}NO+MKrL<uGzt2?xc#XlCex9jTA
zCQdTFTc%JMVDwsUw+|c|Y^9d@gD$|not@e210_(DBpMIYsW+>)B3n^84Aa?3J3A+3
zWu}8m7$MTOUKtZ478L`7YbWAZ`DeJ8atl@a>ZQkj<sHAnLAxJQ_glBwhbJA=M$)p@
z+SX|>TfC<+>4q;noXpzM-n`|1e_9wn15;@YXdFa>41a&@566C<jAuJQ)AfrO@-(dd
zs0;N5p$~F`8k^8>FOxSr?=F?^D(aS$q4iTN&e*Ae!%hrU>E;@LnXyaAT^s5t-~o1k
z?vfY5lTYg?*qa$(w8@+%80*t^BdR~1ehI)j#!$O4DmpnMpqCkm(FQDyiUu5wwOxQg
zcon-aFxm3KsSSDN`VGeYJMs}O;EeoIll&J5mEpL?)-menw#JPb+Wn5$(8irlhQYRt
zt3#l-q2VA|?82Wro;&@kB`t&RdO#8g6US_1yUaPfn7Vpm91NC1`6_JCj9K<_^v1Cc
zPjsMkZRrVTmOj6S<j(V5aef}$x!5j3KLySDfMo;esx4p3i?ST>C(N3=w3~gG&t^<d
zKC60ta`!z=lGLijl0;P+<oN^=$acX5Rx$vwC(;=9jqfbZm7xR(GL{5FH#|CWp5}y%
zkY*ZnncRW-3?km0QT#ZswaS8gTHSUE)q6~cD&82x&0_e#SEzz$gNBNzO-7&ArK?c~
zerS3!Kdjzqv?lG>MD$r}t85?$=@4F-GsUElL#?IDw66%M_Vieo7W3(Sx|D}Kg1uNF
z6})HlDK|tA&OrFk`sG}ezfRy`<7qrn4e0!P_=;j4qWfiJv4ZU_#?As&H*2wjF7L=T
zpSv#0ZvqQW?;7WF`<%$;;;tl@Op%e+q8F1eR`-Zvf(nQpUVC1)Xt~_9fCxI?Xl}|<
z1SSFY@KNM#){+5Ee6dITA#c=e#(~~KK6^kH%R<C~ez70q?|~pRtUJlj**(T|iSozT
z)%DBBFByGM=5mu*LZT!LqrX^~VowNlgY947_)&KH;Yy|+dxe<sKD_8_&QUw6EP9wj
zNhb@K2)0?*j*om3$Pfh@BjR*Ia5i9@Vls^rts|F?FhKLp;yavVPM^a<C(`P*=J<1#
z6dM*CMuuS3YZIrh=mW3tMeYupKyNEnO@=~oi(*iJNl&PU-7f{H21l&IO}K>xM33?i
zB+T8G5`h3UO*mYo9`2;5f6W?A9mL2pA3FLl8CGu=Qg7oZ$D2$J-;#<^zjyd=OMEXf
zXvYfdAG@&?vCC84W@BBjH3f@#C6x4mdcIwcop$AZhOhig!f<xtU%<duitgFNngajs
z2xE!0{AcnyG+Qg6i+nC3oVoeZY!Wy5&Mdt^;Vxw-d+v6fBiW~FG-tg5G5_$Tr(b%h
zZTJ!UW}Ed&f499B)&<u~08PV)`_=WCyIML%Ry{?=EiZKqsco&*OL~gk2wx;D3Ew3w
zCn<JPqx_5a{DXX%8Bk_f<a(&IvP++q`RE$%<O%_MZFwA1Vjn1^M7tinf$-=5A?hE4
zBkkHiVS6(1WRgs5OpJ+b+qP|YY}?7iwr!geCmo|>+sT*v+56jX)m7C$x~hM4t*UjM
zI!@Dlx|`%ZTYC{(oN5-7U+4N$mh06d-v-!@_h0eWJJ~T06M*r)sZU1HVAtJNcY&{2
zHazLx59)z|Edi#lZreLH1(9)S6Q9EuQ)2ahjH;x+FYOvaml!qz%|~ci#%<47d69OJ
z`CT(_-+u2RqtMG{?;^`NgqO4qDrxUh(#G=wuv5b(|IT7ls1;&t)mA^xJ`59%&gRv|
zaQWq7<hKQQg?&%M;K6mk=^Oa(SeuTV>F0|c91Y#k1%(Ty%mAGV(c8A8=eF06xaT?|
zq^h{>Iw;0lXJD@!Cy_S8El*E*buZV`wzXmW{wFTjv_itm*j3W~F0eIOD}9RSNMRHu
z)t97pH0H}hbIHh1#X!laT9ITum3aCt<kl#N5vFl6a^w-bL$O+HAgFdKb^r!@8Z&gT
z!us+*aiJQFp-G=Qfb3|7e)yaadC1a_3WW_6!b-s$ZDV968=0_WPpYsYwg!cEdMO%C
zXsGZC$WOW}JNJ_ajCMU<c)9-gLyT!sajMGIWvhnIvqefK4!nMCJ#_VSpij`1X)=v=
zllVA2I;8W-!1r}`zMH>2?)kVGn*GQ0G(r&5!~HS!c{Ox>Jv%G6)%pDLJ_MwDduquM
z?r3l3dk5U1aJ`bok6vG=_7HGfXMYC6@gz?z*w&>Avk}WU_Got`Ctd=!!B79y-2Uc8
z7HGy{+d{a@5<A<+$+5p}Bb$nPa@6|6!?<Z1epY!k8UH#GR`1)bVunS3vEfF=aXPFt
z1_V#Z1nO{MAw7APv;CiEjWPRVD&Z@`X!n4+?6OB${ffHm9dY_WJmQjbGWGS{*TXBf
z3{>jU7<VgY>#(z~VQa8uQFBQ-6=`U)j5i{t;+QBrRuagen$A7^LAN5IFsgd=c$03D
z#PE}Q2M6`GQwyit`4DT1Fh}5Zo^#1U%aP2{$dAX?Q_-QqLc#P^37ms`sA=aiDl;ww
zt@A({M71<y2w4i8KlBS(J|JnJTGj=B4~{@+ZVkt+DA4xR!eSV%_}MZ{qZU<KWL=TK
zeCFH9W89YM$uQIqP5e}g_uc4b8Gc2<X}Rb`X<g<_XbR^SL~3PR{<?^~WuR#{+-5mf
z+}V(%Vspx$?Z~-^RPDn}rI=?~5R#?IX6w0Qemjkrxei+bx>PZdPgMAID*%GmPhRaD
z4P*Oa^pSMFUp;X#omo+7$}j~a*@jQN1MwUl`?s8>%()@tyDFBPnwhRr;VD7IhKQuG
z$_rGz@7TTUQYB>+4<$yfgg}E7jl__hD2QZ>Y1a4Ih-|9J8iytF6{XwnpLMR8@?@B$
zB11W|`*mhzt9i6Wya<is=^N!G&j_dUjShz^r^EIZF%QQDLcI-}<=A=1Eq<0)zN|&0
zYsSnC%DVLPM~JkYKr=AznQ*hp?;~GNi$m|UQ<Uoh=<}s6*c0@BIdp1k+)vfTy*hH+
z!T}r)eJaFSs1SfyjH|}mgpgtZk-nsU)~M_A%T^*m&GsXj+cC|dsPm>%*Vs@2-&~&#
zb0{M`MEH(fNj4*PYuG!)jNRQIl;b8ssy0RLI(5D0uGy{gr}=M~s5aO|!t!e<aM%xP
z+;zmCT@>lk=3nZ<C`x59JiJz3T*Vh>%o+^Mrcl~lr&cvPh^^^@8)J#`;C;o6qMYkU
z;F;0SD+{vu_N6YcNk6%W)D32_rw-hq(Nw2Vj6IGsb!fx2??P79lGntut>bd5BFMI+
zx4QM%fCuECwEJj)n{8Drlp|GDObv8&VkF5Nnm@_(b^bQ#HrkSI75HKo);x7ID#^)z
zZ)YO{vqxjp0%pdwAx~$7%<Ww!mw%}No&IAN{?M5w5b*Ew=HB<1W-l|H)~2PtcO2o-
z6cOpE)VGqA{M^T{B^!U|)Gvf6t~pMjK!4>|a~WDVd!hR^;#hyA!9<tS#l^+p?Zm2;
z{AyjmQ_r%ubK&ui(`x2aGi2Win4tBe8*3}|fk%urgaf7A2Dghw3BsW#HKrNx<u07F
zcy+ea&`fV9y0ZC10Z1drijP|_nKvgLZkr93iaJS)NLu0?y$6DtpGU^6pwpuHF`~7x
zimGfu5!5yHt)``(mp;>Kcb0>7fg?gO@S~isNDnDvsggZf<7;Ip^Qv`}VvE5h3}@+8
zc}KJvCNcc~N{UE9-}2shL@9kA7mpt!SQ=J@eTJQ{EA{Vh(q5Z=M~l=Y`kJh7aBA^9
zeyD;|8>_VWn2tKGs8#BQ98dCseKIOOF=a(@Nboczm7>Oc5T%v85<&6yN&P+YW4^sn
z`ZHg0ErfS5iNs<p(mAWkzG9@_)$5VT3rx`GQENs;hV`A(OXC0Tm9CJ0ZF8RhI|awh
zUSBbDrUQ2fcWOhSApwH7!qz34lJpI|%dG8uL9Iy6*iA^3{u?I>gUb&sjW6<j=e;b@
z0hut}*=KIMlnWM5d{t(Am4a{OH+#QFDvlT9iDSWjMC3n^$3RC!Z@2h|RZY_Qgi_%T
z&AQvm`c9DxVE4e$oVR+$d<ipI+Z2~#Q}IwjGAmx6NO&RPR?w7e(4Tn}I9`7)GuO?`
zX(JTL8&++)*XxeSP7KIH_hV1(d?olEV8dQY9CbO6W@?#b<JRZckE`(yPBH3IX#mL5
z75l4=U~D<%Zc{^^O;L;KO1YXstO);6NewE9TWQ8TPWJq2vK7WToY)$bx02RwO}qu3
zI{Y^FJgcE2veXWuVl4i7qhT$?3J}%7v9)1@XQR$dF)nm^#6&N}Sy31%@SI5*42{o#
zGjFFQZ#|g>YVTmmW8Wqg=D2T7=F(e9w-Wy`+c%jOXSa`rp-V+<L(u_7QA6+KUN4n>
zmhctt3IoCw7t?ZYf26{$U_kjpxa-VP_iu-qk*XbhQsC?A`oN`8R@wW&XYlP@+|B5K
zlWRw9Z}mtwrS9R7)QjZA<H7ffSg7|ZtBx>fVZbf$x6XZwG=gJ4_!9VUc3<+P==;jB
zquq6dV;_@db}k>P7+Tf3F!%Ul%-!H8^(0as)F=?Z@XC|^xTQKn#%IdXPz%tk@wxV{
zjG9F?`4d$!qq-Vj4Ji~*E&XY`>fGdFI^*cgf47wwamNuzbuXU5t&KLIjS=g2%=nj)
ztNs(Ny4jkqI)LyS#h6&?&fd=fP!D2+`3uV56|T+M!0*QE2PXt1Wvl<>D=v+_Xil5!
zRk#g+E$y%L97q7(SLy5UTGN~NA_je#sGq@?Pfi5LsPX+dnwg^g)WxG-=UXgL0TF$f
z_9)SQIRL0lXK3|#^j^};(bL{E08DKoo;>9P829Hq!DrZA>TL*`rXYG#;9t07%tix!
zc}?eB+@4&S&Bb3VYw*}}ct>JF5X7ic2<Jz%gG8a6K}x^Hh*0;5koVCl^O(q+b4Rlu
z6^x<XYAFuj>x?c1{fDsh9;$&f52s?k^o-6_D?OYrrcZy>p<ONmKOTfKRU1cN**U4v
zKhE)`moRnEPGfKh>o$YSB8aT6)m)<rUy$Aw{DLC5wF?xKn2@V3#Kh0zWaD|u6k1E4
z<$r5nmOc{Z#0b*iDNtmDD!(9k&8>GQ63mN43&slo!bIBP<(LD{Mo?!N3SBE=R<9L`
zm;+67Hp!MskW{gZTZp`dQ<R{l@T(7H>p1wT6HRSbA*PrEZ)A~}M|MnOz|=;;Ri7vr
zO=*?4$?y+;%`*m?^Y^XuB<ycICF4PvTxcB0Q!~YrH_$b5FF<oQ8$*c>2KI4-b|A@e
zAxy<AS!=--VgB|oP=Xb#?}p+<)AW7Uj_Y+TtQ(n8r5DU?EpF~oI-T#0FP<8B;*r?I
z8uH9I|6@|`(M_{^zp+o)G~*i;RmN?CI=sj9k78YMz~YqALAYhf{(@_;rQ@ychSJx1
zZN=o{?-n{0o9m=5l)mOzo5F*ajdh$+9J(g+&nps(B2$P{Qyga%`?Y>8mrcif%?6d|
zv*!0C<cB0=z_L*e1*tV1CGrG7WN1NL&RJ1C({T>Zl3)f<AG^&4Z}ZpYVdKY#)dZ)S
z#SAk6Jq~2I9rRl>wxeA6uJWbelC_`h4kn6Q4lzIReHTXcjFf598=MCI?ov&`%A=0P
zAzBrcd!+BDx(3VZ^wofW{xp`xb#Z+3M2Wx)T6-0o`_r3cnTAmo7we~+C~X>G?U{!4
zSx-tZIQX35^MN$8SJPK-3Yf5I4<w3@o2qOifsXlk<YWa5d2)rbM>Sxny>8yw{L!(}
z1}hc*kg)W>4DK=fjX_0gXEaZaeIss<LengwFF%;*y@-Hxo*i&QyT1ltvdpn=5UG+X
zy&#a{g}}N!qbn2;!vplq8UBDv>qMhlIxN{^3ZTKO83P%2X<~z@%he?|<ppXgm7b4o
zb}QIMOj84m-ri8twCd7yy|Cn7&OZd!q0aD&SZw7zzNPSeo6f>0#25{mM2EjLgmHpr
zGd@c4>+slc*&ceED(~E+BfdKB-O#!`>>rvmPuGkOPZzR$BZ@DbQ*I$>qt3#AOjwXk
zBGBq8H2Gl1;Zu$KL^>ere2<898g2hgckvV%Tld17Iv(NkloC$e<t6dqrgj*RZaIa0
zoq+oxT=Mzq^-?ph*WEgyccsw0)R?C-bP=TxEYexidAxVQbIamtMpb04C%wMjvVqK)
z=izuEz5d3Zk-bSZ>3SvlBW{bWamQJ=Zg8EI{zwl<e>I}nTS%Q@vDva2Idsu%b7_P&
z1abYn98~ei%g5vS`tf%E4D5*2(}U4~=am6f;C*Z_laxb!yw4(%Uw*uvk7YC%)uIAJ
z)5!p?mf+n68}vrCRHu=L0m)kKsg9Rz`i46#-_@ChjUQ+%n~`M|;B(o0R#G6*Xle2c
zBvsjXCCF>Zs@f85!c<yT&3-@-gi@p^YYPlzSx>Qjd_0EqNwnwy(N*IguMR<vD5(r5
zZ=`U*U&TK(J4nR|acUYh;bizaNxX(lLEDeBH3(-o3(?Gp;vhfI#|W#XnF!p$J5$i)
zWMVQqu5kun!dBg=_1JYki1{pn)x-peVt2_KmU&<|a9#ij`0KYz&%^dM;cssk&##mc
zV_t2It2$lY)r66N^~QbZ_`V8x=SxNH#&3prI!<lJTMn&7POwODvxBwqKDNe>kgCK2
zd2h1X2(Ty~5<-FfO=>yjDePV@GI`3nE@1biqduB6_lEx1%$!4f(ZXM3?1slgk;DgN
zvGH(1lS(|^hBDtjFX7U)Q9Ih(?N)8l#b?4~UdGsFI>m>LdETu?1@^V`H=tDm@)Zv>
zfu=ut9<D|w8tM!(Qsu{!xVaLaVpsp<Mz;n+(XtvO-<{o_mhGlLZtX%td)|2Not>Gt
z$^6B|bAAa&nhK`;LX#+hL%ipz?%$gh&Za4vJH*%-(M&nS7;7vrQ#Mqk|L8v=kvVVx
z$b~w-8;+@>emt*QBLry$uS8UQUH9-j6Je%P<K~iyx(SngQ*aPZ>LGqwPvK_up#0^G
zt;{(4vfcFR2e|(KUN55eAMo`EsCUpyRebC@%+81lBD*)kJ8u`>PN0P7TuS(<{7Ul0
zhtzO85sU2N%17hh?Nt|S%1iC#D*p?n!$0E}rJ5PZrWV?o$#<ma2M3r^yzJ^Twj464
zT(LzXni<-)nl1vAJrkV_itPIWKSW_@@hf^l8jxKJ`zfq-B3c;2hN2l_7Ia-&{)?!Q
z2<wz9dxQ$NWtb);irpDvX(EdL-6U33Yn@vf*}KK+*ZY(feQ(&xTI|ES+a*lXw+DVK
z&;HYUW99j{IXWsiocDd-k1WVByNcz*^>u&C_}q!y+bbx@>2|-pe~oO=d%Cvc3kSH^
z_`aMUkpmv2h~oG5=zMdyhq9CQ1?5bbnxw81j>y_<*O{mvy}E8)<;cwkrrJh~{JU=6
zK=_BzX7gIE$4x7hN#ZJ(f!Lqs8+duat--z59q_+t(4)1d#FPBNWTtqAtU~z1y&Vg=
zITSDO2wV#9$~)=p-asOK6RV&aDbKB-72jR9;=$MG70xwx^?Mg$wdrR95jBB+sDW@Y
zW|ZW}X>zwuUfCYz05QH}!}V4gP689NDIBs3_KP^$8HfJ2`LHABYwKWJBB1kZ6zT+f
zeAJZ{vAkIv5hl5h0+C~sTP05OHbLCsnXogfgE+g@A6mGIv~P0Q1rk$*U~3|GslR2D
zHnafX`HnV1quK~}Gvu(hb=PvV2J0aX?ONp+M@|@YTnmAOCRh1YR2dVVTlFMW&bel4
z2b(D2Dz)9okX7A*Ej}2G-kD}fNMy#IO;K8yUdE7(BxnsZ!PFY+sLPlu{}}$-=XoW^
zzPJG_4Gq?GZ@2ODD*MOFgkh8Zcqho2UX)35ShEIrZW+$igH-u-No?bU5lFgx2fjHS
z?&T925BreoD(N;o77vq7)e?x{(}dWz8@}sE=E8vYz8fOIZ|D6CkEFKRdXM|QgGFT!
zsY5>9Z#=i#lHsrh^R>2jZ-LgIfkDM?1-cKd(Vfj83g7*S5iA2X&uAsp&RC{q8-f2u
z|B0P4&2%aPt~mFU{f$>-a~A4K#vkFU&F5NPv3Q?Qj5WGO)p2u<B`?}qgoBumHm!CP
zR$6W}qYtz-UWm<KZOG4wQ+F6KnN~a;;Kty2?NuU`<dCOP%H80qs=Vfnnb7s_zIKc|
ze=YO!H^16(o|`vVpG}V+!ora6yF5xqObd6J(RlojaJ-E6rYrZFbw~2ci$!^*<snxb
zq3o~T1H|uzYcCQGNgcrwe7C8%z#eI$Rq-;ES`&KJ8j}@ZDCh6?byuABJ98~-0Kp@&
zu66I0XX_)H)?5b3qRcf~jk%J5<5`in9HZU+Ljsa={*w;mPX%|uH`ZB<V&UYARYKe6
z_m00T;FM=RvPl;esx6J>OF`Zg<*L^iUw^c6s(b4xLA=$5Nx+%z<%!yAh8op76tqlv
ziispfESgRrTqVU{#Y&P}mW5JhHb;!(jbuqtyG0F=<bxr#uP%SOChHm24OZ+x?CL}U
zrEmMPZS66PKXcnvTwoyN+ji}t5fBsOp>YrV)Xap%e>;p`gk%_fH34f4{ee3Ofjn3~
z+hZk~<_QyEJ))cG>IJZeiMCW2*eunPwkRKcZ87Jm(Mw>;TMaQ-U9$dKSfcX)1gr!K
z@8Yos*jT^M36ZSBd&Y^kA;#E4Z-epL_Ef-!IWA!1<R^iaQZ~{eQRF|8Q#m$nND?5=
zbK@%7<Eim!Wn3{Icl)X=3f$8zL|CWA-C8SZ5edRJ@ZxSE<Eg8gsDDa7!o6O2WG8VT
zv*A6dG<Km_bR(3-gEYo$v&#~?|Mn*F<lDr;g)5g4LDM0ag61krdE#zjO5lJ&H8MOl
z5xCrZgktsn8tBS#5wkc4IHy<&?aeG^BjLy8Zhp4b=%ffS^*yBE$VD{eOiQcZI2q%e
zroQPrf-~RDYx|NAiw*f0QB_Oj<a}scQL8Vs+|J9B1fCb^JtUzaa3XMUYRrBn2V{Eh
zGn~XIlt$#(!Xg)0dxXp|S1!^9D&6_6g<$a@l@*2@hD4M-uLBeqdt?;I1zseP?yE6K
z)0_}v(JGR;mcGHYa@Twz%lD7Icdb33kEzMe<agY~3s4oR_4m=HL2>lQe*`$y8u@1;
zx)%qnMX4}%y6b!=dYmx=$)@`gjmhMAalM@hPN?(>!)rdD7u>fdJ-)6NTZ?Z>wC&5%
zHBKI3%ag1YoRJ6jP|_JnO~`soV7WBSyvSvna8nQTfDzuM)AY!}^_gxE!#}KswFhOV
z(XmDYkfTIirT(I7`tsOJZ7tmtK=oh~VXC?;dKSrX-1_tErbwv0cWy&=>3ewc1*=41
zTRozP*wyIEmdF!YS6*knldeNnJ0$A-NQ3Tv<agBzk%t(0!@!d^B=k{1r7h?f5A*;|
zS-T-~nU7}4xB1JhtV``4Mn)E~9>#w*i#6LAsjP7yttyo|*7qCC2v5>2oZT6dDVyKw
zn$dstUT@S2L8WX2Bj6>rDkD@tr)S;6mq-29unrKO-VgL$Y5+s{`~H_?Pv~;0@ic{U
zKlZ)jOi>=KQkNDv#yPg)Aa6M^hOI`ui=>9mQ;^)hjaA1`qRE@bq<}j#LfNa2S<X!(
zQ(yDHj0*CG=Ky}vgGNJYyW%w4MoHN;kK$;#VKAT-xwoC)D-toBBM0=AR@&~jpN=pC
zTxb8kw9@~V%#o|45OL8E!SLVVj4Wzd!{N-L$+ud@z4J8r8aDvx2y-uvkr!phg|z=P
zK3RXTQ31Nl!5ihNa&GLuoYh$*Wob2zw2Jpg!^>OiPCe?juXy6@S#KN)jCJ(PJM%k=
z5wOcYd7L_7@ycy^;?2|rl_U9qYmW|RCYU0NiDWbAd~3*VieO<<CeM?r$32#WsNR@s
z9&#H&Ut8+;$;1`BvN)H0EUwaJ%!^L5u>~*53?Ax(ZvLabEmQ;5-S}Qs`|3n<=3_qy
zO&sYMQ{_I53yW0&DPuk?C6(5$&p#&EDk2u0LQRX`v_7yxqzkrD=F%sURu2gL2FJa~
zMz?MjXiEi)+flO>Ay*)doLbTJ(v-gHE`3_BHS~{E;P|@z?oy6IlEllbCD{Q_`Jsbp
zlzi@)k6>#xkmj3e!&WdYa6`HY)K4pBi65(krUPGaJDcVNc@Fc}G@9nseu#ny?_Nym
zMrUfUsCejp^V@0mT@U#?ox<muM12C^4+MY#-u`@%6dAQ4zATwH8BiF^9qLpJ;p(@y
zPK{80U5o)xm9kv-zx;y9rgl*^jjUsvCli|sg-0jdhuT4+J7;n7)>MRrVuR^WG7{Rj
zd22Ogfy!!Bz(F@^)dMUMoD6j;E60B&V1aBt-w)iRlSAK++no8GNy`69z!@OFrBCl`
zL(z|0&{T_jqXKz@0qy<V)Lh)LcW`=~Z_nFB6(8>SCu@A;M78>8u~w#!#Of{I`*kdn
z<2a70Ik1ooA(E=Mm-<l4Z*Hic4B)3Ym8_Pjh%vn+e^WvFCnsK2@eh^m3RLz*dYzW6
zLBB6Rx3BOUKw5mL21}!~1_!u=qK7JoT|Bq33yEf03^4Q`J7^-1*<>K%oZ~vaTJPQc
z`>h_a&GeMgx>}faF)1{HRJ``ge@@IC9SoAfonY0J-G%sb#Fm>jQ*AB-IF98D0#GKF
zYlPdeoLkRWnSv!pdyEG?5Ufp8fV_}gg5*?WQ=^o%(~fl;n%XaEzMmV*o)*=6wxQu{
z?Qk}>dQt(Ybl3}Lbq7qfs83fr*dtn#`fFFZ`o9f1Ypop%0>j-AixnYJLhm(Z57Lu&
zY|{m1YknMs!&j6Zu$5(it<yPg1VYfG@McaSR6QlagUSDhQw&$0nzx|#`(gJW)n#GR
z+;f@@(j1v-4P(<7D(;^3I1!yRUx^He!0Rku%W1cY-;<r+%<wRDEMhD6Zguona0PlK
z;XRrwc^rFSlDDLsismB+=Tl}VtNajID$}9-ffjKg|J*KACFt6}JUfI0*Q?&gYWS-|
z7fE(FD;?Fgi?y-(`~@}Q$h%!lu0l{@YPR>R_tXFYGB_?V3tyQ{#By19Th=qV!0$ir
ztM$@MK>J&+>oz@#<GSPjtv73+EkUK?Jc(2AdP-xDbNW|5)mkGK?G%4~hf@KWKSld-
zYAqh(+!;HXB=C(UAkjPrgZBCuww}>|TXb~X@1XobXha4+nx%U$WBfa{Z<2gU5Nd?c
zdq6~DK{Zyi96K*YIt!d;?cS)~-`=#DLGq-0H|Z!+G!qjZT1YGY!Ft4W7NRkkyOW#D
zB={bKuhv{W2BUPQ@-;G2zYu4x{uWSD-B%RRj}qT{M3!UiqIiy3Y>0R|dFC|3z0IgG
z(Oj2?6z=SevM9(JJsYW?pd25fgN4!w7P<K$vY3wepqRkY{I!3QY^73O%2>G6NQ=G2
zuXCqp+3t5$g%zBZQc=P?Ht(V|rH1_#yldp8HqtgDjJz8RUyxjAxDo_Oo{J9Y1EfH8
zVjO9Q`5~Ix!~~MTij6U0QHfLO&R<V6W>tnfcJs93-X<iQhM5npe3ihz7v<G|!JE8Y
zp0966xi$fI7yPMF@A|y&x(i+Z;51djn`n%`(Hzx?SY^8LlXZl)0XJJQ+0+D3g7zH9
z2NKsDCE+TG!%(vqf@aEZj0^D3ENuE<G06_(FDmY@m3rSO^|RMe9lh?eerz0=2LUXE
z8f*gN4L<@NPx@&k)o-t4WgBguIv2}A5fGQSGk+VV-lZ6@>&<AVIqv$Npp%=>#bwtz
z;FpGQ7&N&z75?z5x%2NfBj8akOcLoZ><18rBqO#3l(tfvVvykfQNFfMH;j7vP~42r
zT1_IyfHg<;M(g%uluf)M5L(mbOtpzHcUbIp&>b?1W2qbJvU{+pP*1vyqlyaAKvGDz
z^1<Ap!~-8z;uK}ho@3zU#izpCTQ4@k)G6MT1W%It!>8cx7rC(8@wRenL4I4s!0Hzy
zzNA8&fnqKCOLSv1{A}TFT>85j%+ZEtlo_2o{M31C#hUH%?c(8dt`N^x)V+FfpbTSi
zkHg{s&qqcOs)vu@Bq&6V700oHzXJf(qIdKCm1;c<X`M<DHD}WLs+8wHBoNei=Xg6w
zM^ome1^+ael0<4ddQmEnu#!Nq)g{452pVxj#tz$Rw>WxvuM2Owe6nn@k$u$VT7O?6
zCG?+ZuzKXT?hCnrq1g3LK4K^CUvD<5oV6Kg4N9>|ub!t-sBqRJnjjfWiK{zCy>C$Z
zqfnTbBri|LWcsF{f+})r6#gd=gnB39Bt|5~#{rqT9A6wrWagnpB&CNUvK8)1Qvc>e
zQX)(h*#qktPDNoGz<?t5=G8o&>0ZE0TrySC^u&z@yqo7lG;0vbSPAb?>r7ia`M*VU
zKtqN*n`9tkRzd51qL*qnk4n;q;b9a|Q9~_vgx!Znv+jHW=$CPp!rs{0Yk{A;?4kMf
zwlM?-sD?lqOHu`m`mj@<pl4J-{rf+ab3${N`|iH?AqH7P<|tH~dHTGHdvL26|K;Nu
z<BcOa^VE}X0@=CLdH0<n-wM<cY1xLn#s}fs@}m3gL!uM{q<jXFg>8kMpuZw~JoxV(
zhS{|jd|B5CS~x43Y+S_ki!K!#?}56KuKC`H$@ZM&4(F`tCw-CNASRZ@be3Jx=bD0?
zo+lfRxBaiG_`j0RmkA6pzJJ>UzU&`2Pi&t97$YNMVtn4W2d9r1W<6JXTRzC=C#xTK
zYqN4^XQ{$OBO`hr_#Cs@AJf6v<EECWccl6s1*7hOSgz#_mra+wYu0seyg}}U3AxAH
z+V(4r{8-Xk6am}>a#;>+=^?&ly1GScm5C5mD@D#wcgge<GFc;t1@`t=$jL^~RQ0v8
zY9;8L3hoLiJBq{AihX;H$Kcn-JF{R3uco$E2KOJoMZoOn7r{vzYBf{}<If=em`KV*
z4RUHc`^orSj@4mAMG%j}aYXdd7hG};{Qf|Ei;x7IFy@o)b?K-)ybSEvLox=CkeB#V
zU-a$tX<d${4`X**17ik>XHjBr-n1*%g%VFYo{3J!%W>q@c)2DmuL*&WUWqb;brkN1
z5!MH7MSIld6~Eocd%FT4qG@7EBa)-YcDyF64`vt{_)R(qj&S2qJ#9-HD#qwk7K~?v
zi%;2VQk&1nEMg3jqy#dNxGjI)MdmCVy_9QTMbC0OeKOd@Dp*Q>EAC_MAD}{=smszm
z&9j`KjgwOocE}upw+gQe8Q1ywiYJTEwk-u@7*&5*CO3^x-*1A_H!Q?_!Llk`NBifj
z?4au*0bmIjpzLQ!L(Z<Z>iS$LF`NYUANXpPZ~t&~*&?k_*JK<!PY9;XXBBWEwVUL4
z(uliEo+#dlObx={%QbDS|G?~1w~!jDu&tJ%UI?0u^)B+4bP9(x3RK->(bs8&XOe=H
zuZ`A5A~ml{Q4AD|U1}7!%Fp`(4RDC!SizLC|MLuzhP3k3z;X($S?jwr1!0?ul$4d9
zT~;69DO);SkSPC$84x)ySb^ZxwA<xdKMx{jrY1vn^i+~cm~FWgqvDx-C(jyEm%cTE
z1s10w$R;>aW(CTzZ(m(pz*=ajGO@e?Ij;-XC0o2(km)^zBDQTh4f2ypjR*hJ47ke9
z!T~&c+y7|>NLQ?qhJUpbf6+?%3{0e`J{&mFecg%cK43kXC&x5QpHg|Y3x%ZtqjH&u
z73SYK{bviiU6)|(z&%62TAbmhzMXMg9?FxoB)iP7H23(yk`wa(pz7rnk19%ohddb}
zgPvqPZGV4`MKM>zVN_hORyShzStku<da`ZDd(Eyoi8#q@90(*RsMSj1HUc4`?I)=+
zwkaO$hN>Z`^hu`a^4@v+hKGS@uOJ5fXM0-4G5!3r8;~y$U(sRqWjB8;Ju&%Q4^+VJ
zFtOh91+Ou`mqYa5jH8Q&L>RGWUfnpvjr$6<tA2bj1_xN!z8N1ZmisR)JsDi>48Ak3
z%p3Ixq)zq%={X-hzb7Wr(U>M|?_Ez1e@h>c)oq5y!NGQQxLF{wUo{wf?g^FEq6xB>
z<fg+4`&2-0At|oWf%)_M*NFXssbzOT$u}u~T^R)#Q42vB5VU@OQteQz{kx!Y{<{)}
zO{8J@dqkzX)Aley(1I_Fm|cA4BKDoI#8EVe)FRKI9?AXtuAdIyv%6*5Qv|h44KPX@
zn`QP<4<Jc!ClD%{S4mPe!|k$#jlGfiliCRF=6{3%WTEW}YU=ixd7lcZ9y4An`A#m4
zMfvYCQj1e$GB_*QU=$P_zlSF2tTI%Ql9m2uMW!2c=Ed=nbxpIhxUw}%+oYKQN|B8F
zph+#8NeDHcgC8OM4tff+=`|7$^cad18;y`>-y{#BJ57m{3)35BReFmE{HtrBZoo(>
zzw+{R2#b~?QVnWjY<=a@dh|Wx&IV_U)l-g%Z3<XIPoHK;*uX+j7a@p^+H^J8RJO4n
z_0|7D2Fwkhb9kN5L5Pe(*gr7|Yz%eq@^hVNlvel!QU18v9@V?~OxhWEmx|ifq&S$0
zjpZO3>aRUnaGAZfF5>1Ua1T1Jz`{dg;~=Lfytp>a%MQ?BJ~iI=3)==E`ZCfGW|VZc
zKTvs2kt;tux6d5&0YN%$D_CmM71h%NCqE7x?c2!#&AFJbQ@NFhbj!c)2W+WGvt;$}
z^6xD6O~hyVM|arj2gy|L@PJ5Z)ks-Y+-g`H$SJsmiDmeX*<BVXcOiNCSU%eY*jeYy
z@KYlOj!J*m?;vRfqo`P~h`Fx8pzZcT;}27@9PYuwY;$*S@^$j{Gh)Ji=?Xz@qYp>_
z@{#zMQTm!%-1jmPKdEMYAMIE&wLRt$cFtj^y$%0K_T%LpP=lCIT~UMBTwVu>6ZW0c
z7?nLFx{}JdI9h|^&>sg>Af%?3;p8Vp2fiTLN)+f$yJ9nQQ&w-ocZCLfQ7@m@Xt1VT
z*LKV2QF0xwzDCL!&D!8{oIqVZJNGrxd(>&TPr_-u!L{uI^Zie07I=5Ta|}%;H0uXN
zY72N)`J;?@dTziy8O!O3Rc2GT?Z-|i7Ya{+_cuX?h~EsoXRNxp$k?|^*m-|okX!2h
z!5iO=4ROR>>n2e@{oaU+4V{2#;qsV{sy*e8ot=pX4BoDNCkuz)9^S(-uQ_uh=eCcx
z#!OoOMo^paFKU@EV0rqBoZU>CPiOV8;b}~~62)pXaz?w`BUU7z@7NwGX!+*{<n8M-
z**6ANKQpZBAdbP~c19BL*baKfbjjT}fJ9~Ii2V2*{WJDa^;*-?4qGc;80UJ-00m+_
zMv*X=kTujCA{f$o87lcEQPlp{jl0lp*i(PVgXp3R$%htpay9N_sO=yPAya9lTYLoK
zDrRwn^@0kqg}FJ971itPC<)e9TkA}@VJEZQbr?f7#{X~;3+No=Gn?TrAlXZmH&bBV
zf`$J)byV^ORO%||{7EB{%zuQ$ken|+$$Yl0kf>GGHYSi@VstfS_?s3vy?`d-Lib=a
z8_}<7VBhu7iHTjSjwi!!Wfk`8Dj0Gj%q!I3){xC#x4vmn`|GT^Fla7U_LUMkX=-oH
z6%Q`yWBebfpw__9<z77vJv8*Gk%O-lbCsMyDyE($0-pMieT6#0;?O{B?hI4XykbAX
zQkTCqkS>4nN2U0cjjs@Lo(hUUn@dLDc;wG4<M~aXF?)h_<LCPvw2vt6xH@f(YloVT
z9TWBM<qCtSD-{}?tdxS;40=5XcK#dyO4s19Xy1v0FCm{`ikk2|RB*ZECRM&2sQ{7B
zGtvzk?$c%=pTZ-&xonMrk;voPpm^c`;R!nS7p!sYo|0?z&9&S3VISHXn%2Zjh)-98
zoz+GX709?r6j|A%1&XU{nAo)TB4C%~;VGHK^P9urDEKxe02H;rkEmE{_KZ7Fi}b_s
z1?%4u$iANqo}Ky<!x;DA_9?Mny;rnattH@<3wWC>XI*&DyV|H594n@vqr&o3AA~0^
z)`arBM5P=vjaG<i8hPSmkJFxQS`6ZZD|9mM=Ys4v1-TE38&E8El&`d}av|)cAE`jW
zg$@+f&+wJDKHMAC`~q>3!gkEps7<ts(Ok(Lgtns7H2qb7!B>hSF22JWoK90&&Pyc{
z*3QgZ`DHBO4%g*5Dh8cwVy|rFsd@&L(KIGhu(_~1PWI_h(g`g_(HH6Upq(i~Ek+sl
zB2Mqa_u}Scj<wgOq@VeZrB-sfRtc9)2&E`SZ<Bbn(#p2zi;6^QrNpjkFVp{zCeZwU
zGy$6K`+Y_QTz#TyU2#rX=<x29JGnqW$9aR}Ssnd`c)lrZwOg_63VdqSO>%ivvu5tx
zO0!#>N(V?yN^UhZR6x^O3CcZk-><k`<sHxrS@^i`LPi+A0ed0Q`@{1z?+nLH?@nnz
z63xDr!ml~HF~R{m7&3jQzq%S&#q>%2>cZi{&!2OtIM;SEo^A#*s|*c#(nnAW`XM-_
zvfrE}mO9>9x?TC|^{IrT>~_d*uc%Vrd&eIp=A{A8I5MSmwOGC=I!RKjIzmhh8~5{Z
zzQZl6K$QZ^8P=^Sk9*jfSdVx96{-<2EQ-?+07_#6SYvY#YW&Vm4)(^8`;pni@Xu0X
zx*50UjP5#Ewchz&0b8rJmZQ~iJLxb4e!08WDX7j2`YS2>og0Q0l@2Q}zIL>bv;PMP
zP%|43D<T6AC;?5vrM4WSI~UNVN9eSZUd0rnbFgM7+t)oq)mD>FfG!Qrcg<j<@8RrN
zdp>IJ#l?ue7sKtd9{sUGiHZxPH}7uB{qr!;#w3h;AU)j-^OyT;WVy;TK74O75?3Qs
zc<;mo;PHQ1g3-pnZ1)h6Y8=vTZtkP`GH=c%^?(fhsBb1~TrF6)cfaHxGuMzjf}QkQ
z+Z;te5mwPufiYr*^fEBZ3~m&4j(^An8({F9fuUb*hRX^gt&WBRf-Tx6$DGLW+^S7B
zS_n7hCo&2dk#}-b@Js}aZUyQTo0~h=B-(IzoMvdxO(s+6qjymKJ`iUZ77xV=r!<z~
z6TE{}w%vFz2diJdYS1jvFHSxgr@d@L@ek1`4HuKZ6Pkg-^ZLjg(_&!s3nakZFl5sW
zN%YiZm}mqKfwm;f73?dW7#Yi#8e`Ft(|%@WSc?v!tA#;uA8wt+u1S+w9dPD3i>-@^
zvr1VZb9TB*nePmbwCHa)U3&}pb+rU|cA0>kiA#$jv#;<X@&$wCG9|Z0SfeYzTCwjP
z=2fm12|%?RvugDTH*^<^QwQz?n4ZBRrrwhns*>17+WyA1C}w<SfvLh|W+;s<XqD|G
z$~E^sxVYAL(lX6*G&E?l`h4TB8}aqqw^xbs;Td*&ora8$)<X;%0EWkA)XOPF)Tg+z
zo3+>&&#$p0D&Vg@H9-SMfXu&f^(h5q!58q|=wp#Wb&f+U0Yh;0hEr(F!jy43n(gsb
z;42I-lhICAF)n+$4VjmjF~H%RQOKW`=PloIZ;!R<3jh<vDYkkeCy~^eMjbzZ*PmEL
zzhXW=iCOle)8kR{TU*Q3-#TzlHQ7TA*;JUMjI2LbZ*VmCDMy#8O_$1{!jAoi5(@CP
zXut4k>o7fh?S}h4<H`lrpy?rj<?&{6i!R+9Bh7G283eyo{~=x6bP+6JCit?@2Z*z3
zn8khh&hk<j5cb!mszS69Q6h~K!;Dm<AzI3r-`i;F5R?I~1RIHl-wB7+?Q^8T%zK!+
z&f5vRlbL_P&aCCZLHW41k8hlx8d^g&R;baATIn)0sis$1BLvr>OR1Stu<YcQt}>Q1
z{wg-P)x)<P6U8r!3FDLMu4f~0BE;IMyMRj8k^hBF<-jPbik><%hgfnZW6+fNfy#n1
zNI-||cjrOfP4S}sQS;ns09s7=(MKhXAM$vrRAo`u$j+REsiDT;T{@~LSS(csBD$*-
zmk7A=p5#oLiM2z`w6e<E#DOBO()#>fFZWVVe?$VCWN$7(I1_l0(I7y1M}9~2kDe*M
zT%~AIp#jwlbT$x$TZ{M-3ytFVMG;JX2I-atVsYp_=SmZ~(4tpboZU>O5lcM<H0D<@
zkX-g~y<d=OjIRloe>JlHL{^9%hHZ)(w`xJM`{w-BApBLjizzK@kYqd?>~e-EUme^$
zdf!m~(g=#GlW$MIF2#cg3!(V1FNh#~O7^PCst)NeWcG$jfwbK()P3Ut__3Cq-+@AF
zUWCcP2+H1I)o$3sazC^X3c*g=pfe5((1#&Gowv7dwYT@Nn{-eOXNgKFaH6D6QSP=%
zeHkIxBGYX5&IZVB)rBJKeW<dkxKBu>{*aFOIkwlxCfWv=!C;?8bMTy)_#@gM=nciW
zh@vj^(@rtiXe@}8s8#_4bA+GBWZQSPqm>JNV>t~;M!fQuYQr!iV?iAHQczi1>&fz4
zu+*hz^;3BjGn#aBxhA>o^+>}uCR&*x!I{Hwx#Uh?_c(;fOCGUw!r2`UPuBE;!D!OI
zfDcr{BVZ^=(VU>_l8WaL%67T~Re}vtf<tCII=RP8P2W42#!5?s%f_BIbd<ODCUA9|
zFO%_aHud)FfQS-}##9iJLqO-nbhOE`?$Q)%m28rz(c1*^D|Ng3gWWMqtRZEEaT3Xc
z0NaB0Z)zuah;cYUk#ZQZ^uZ3b*DIN_&$<QPp@@)U<Fg!p=moy@LyI?u-8H+$y;^3k
z=*HWOK#;zm!;~Gpjh1%@<Nx%5VQy_zSt<&+oD}gzfh&zWs%}C-1k=nw$34SgEj=CJ
zfx7$%Met|A!VGj3)nkxME~9o>Cbl;(32URU6s`8LqHjr8bhWJ>UXF%s+Aee|TV>nM
z*+W{zbIzt?S0*QYu9<#1_bXnr`fU4e+3~r&*w$`Z^h+C2^C@5bXoUfKuqrFsaaarY
zXOng_UL`b9cG{6(tGSKr`2~as3P>IFWy;k9ey-3Gs7>j|yoT*g+bqNAt@AEt`q=mo
zBZT1Ba)>zu$Q+7>Aufm*)v%;<KjrnZ;)vtBT7Esx%WT#g<`l3CwX&t66nO9}iLI<q
z>Cb~nFr;}Ql8V=+d+%8d@gL1w%IVSaBy7Ec*%EA9mpy!ZQ)ZR!t2jTeE_t2ixzyGe
z4^*%8w9wn|a_da=QBB9>*ZDKgD*{~da+Rv9<4fM`1NlFDecw-_{>nL3UY*BB_U*_K
zo(1Bp31YNe>k~k9Q>kNM)3&vLJQdwu^~L24opf{?=4Kiw{8v@4#>;BT9`n@gAu$td
zf<I00?w}K1vCsW&+fc+-1rjbdYZl7)c)q@pgvl(Fed@j%uYOc6U%6Ju8g!E>cV~+_
zIpfh)nimb^A~ahI4ecU~<?Z#$7?fFPIeWbgt~u-nWr;?=@=!L+7c>_)*e(}ucI3e^
zxvSP^n3WgOk<pvPO3&{Jmirfu_C*F_wSlO0XNxuE43o0|Z~dHwAC1H9fAm1ZpHf1!
zTmD5^&gv@Cw1uN|P|1DNuRV}JzlTd&85RC2IWbG&a^@o{+;MMk+k_d&)777|XxNr^
zpzaDIEZYjPTVGtD5#@3f9Z~(trl|bX)vb3Iv&v<_8{tgue#oFww`0w<9LwoFW)U_f
z$)DGn07tm6m6bqzsL6VXq^yOpNwC?R+A_)<CpJBPz9G`ptVVV-C##!8uj6vJ&LNqI
zVQU0$vY_8^8JT_3b+@{dWaKyvX{DsI4ql~<@G#(1&A*XmucFYN9xlY^y9$m=$L=c2
zVLb{X#LL!UoIOI~3@+DEnoh+jsa@_QjhJze8TeJD4C^s3G$a^GEi&ViRJe86T;nVt
z{wwc0faRu+Xcl^GYf+G^1~$E70lop@tp(|4dQi3*c40pG<qxQ33f24t^I;q}uA73`
zSnI$V8kzAfUv+o$Hy*FPe@E+afTw>z7CI%%sLR@AbD@oP-MTPKQB5$OnuYz%HXvB7
z+T3$L$A%!g@i(tbBrdtbS8XzSq0YCYCE;ADTl|-3pywDL`_;doSb^H&K^GCTzk$+f
zQmgbr6;RhwRNeaNHJFUpJBz;#CJADx&Xi-!b|C-1!gL4vrgTyhhzPBq_}}(b?bgHx
zc!e8|Dk)C5-!e{BbV^etXwjp>3aqbo3%FFS#K~gSL@=*IcUuYQx{Es9<WkSzZ0o$P
zV=}iR6WPX|>j8`T!~XWgX=gmAQ!1-1R%$qCDW!~ma{Wn=t0j4*XX^hg#~@)YSWh5$
zhZF7@@7(#)G0eA&@#Zp6oOgH^pho#vX-%X;*A4B3<^Q<8)+5Pi2hIBoBd{c<V7;7G
zuBlZCZ1hWVa-FAMdv0?;I{3f-0Nj^9kav~F6=a@|x#s5CFq?d_*~=;-oBR6E@hD8s
zMar`3X<eMucn^~%Te8i}`$AxpoV>{J9N(6P3BEMi_#Zt0L7<ZX@f{NP7yt`{o`H6H
z#Ld(grDI6bHfYQt7mp(&6i>Tseu%zaiZeL^*OG;7JQvx6M5%D9GBkAmwZuqIe0kUp
z={E8%F1V?~!o+St=e)6NJ&}{?1Tvn)i1RH2!;^M#R!{nPos->d5Lb|61mK0@ph6MT
z6|$YTiAOT}yk9Zlw3|Q7Rc^hexSAr&#KY^Adh^|`mG87reeR`jaYCs&msBw3N1Fg~
zIfSXbP&<ruIW&+ix8UJqOO_VK2A+*YY`fejk@?+ITXQfFDbpSm&<`zln%7!eBPbDm
zjPw@IeoW6t$g!dCq)G4(QT!e)So;<9=64q+DfmpvDaCYn0cLUcFNLEQayioyXe=t@
z`476pxS~<JjmhWYlPDhA?su_o_X^2|`=7p(kb6#y;TIV@qNN(-j4zd7gS)Ln_~WD>
zW`?2VWo@D-Kl3P{dSxp>Z)<h8=y3|$NR0j{vJ2yr?UO~U@m6n$Fu+jbhJdE(&%oBj
zgu#~HU}oDR%+vA_Iuqsiaj`9lV@0l3)t;Yisk|w{9q~vgEe$D)!HYPCi=pXopt7Y}
zRT!GoYxU*%oG%Vl(>&SRH%dHv1ShY_i?Lej-N#P9EmGR;7Htc-G-HYHB*`>EESk@d
z@$ftMzVr3gx`vH}W^Ln8cTQW1NfB|6&V|cOr->gQiy}lCLUQpvZ^s<1NFV>cKHYZ@
zJh}I43*NeOC=!k7s80W$l<PX6ITJ8@JQUF&FtQ=zhAr$jj|`uc+A|#<oyn>2eLb!*
zb%Zv6M9tZ32mRd<FlnpXesMYreGt)cH6b@z(6zz_nx|9uwH_a>c(G`(#8ZWvfa~#$
z6pDnm0%}QO`^{&m_{ZJ(zOS$6&7y{6f4Bx^YJnvvvVqm9oM~=<aij>sPzc70GX#^w
z5a#CLz6dT{m?2Qv?ns9N(+F?HFuu18I;uu^O47rYaDaO#J>$;Q5wQ>RCTtG;XXu~h
zIdDRYa4@X+<PH?@hgK*|(xx#XHI7C(kN1U4eQGisCxvwCgfeATj#=#UvynD4SNyQ_
z_Q#EVNHxT5+PqsbRZ}}s!%z2PE<R#Sjv3xz@Qq$jqmGt$ie>s9xpULMO&YB@+m6^X
z^5*61={>CwOWP(XH#Zm?XK1a&_h<iSJS$igT_K0#WAmSdI=jCPs}bC1)+n`Q`D`Ec
z-2Mr_^jqKSo&9t5k9RU)yHF0HDM~R^ZhBxves8RWdx}&;N6M4DHG^_&M)(u7AFX?N
z4^8Rir&~nTTn4#`s4Vx62u<FcvwgrjD63=Y&-r)c%_A#^bFI&afudy*Wvhz|Y2f`M
zoTdEc&ACKSl=VfG)!i@ZJrw%6_`>y=lv~0PG%FD<6^A@qVHb~n9FpJyQwR$ev~0sw
z-d|iRE~~LVsNiP*yAE!n5En||r4$gp-ir8Y`<02%J=67MZZNL$UEsKx6g?uLfn2WR
zcn`OW9F<?mFuu2IR61T2zg43|If7ID%!IcPtc_Gn2BIl$x1({*bimd{JE(mz1T1p@
ze}>@t8WX#oVhO+E?t%2Ze&xc#?<5eH=yo8}3X%ov_(qul@3nf;1zAxu%AAEW^_91g
zjQoENfiLm@9D@IvP;8Bm{(Zh3@+E>Ae@jZLUM-Sw<lg)0b^eY2<aWQM$%9-84Oc!?
zq}%voFt%4Ck8*RFy47`WCj7irjIXh_ICeH!%l-us6rGQBzc;=>=nD_zYWmTlKS21Y
zP9~@3RLdF<)ufnW%?*_SKhYN0><3W8_}m9owNSrrg^dO=bHV8P2vU9R`VjQq7;V1b
z)MJsxLTSn+^8RW*+3=AI`Mu^#6p6yg5%2YCY|b>19HaSz!@^9JD4dyUs(>vv@=69U
zh8Je>t7R<DSX06Q?Xpmo;r6-il#@d;dmeTr;+Cy(81(IqDW4}8U+_=X1iBLpR0CKX
zmtR^Fw}|}Md1&V1OnpuebgH$US=KMnNaei6XshOIO;}wezj8l#U(3ISJ4H;I=%Ql;
zkkru@CvN8r%-65WvEPbzz&MkcIJJFyqhxIda~!vRcf@^<GJ9mOhu(6y^a97}7e`V}
zuTjWGF)xqL-{+VuI!@Q3E@;Vzx3il>coE<)Z>mFSz~uL?xu8gP8-t_3VFKZuN9pL#
zSG*0M_<K_nuW>dt*6|T$tzUf=9oWzO&}^#HLM7$o#Eyr9HIim*23UK$>)@-Rm}9@m
z*G~g?tO4dy*Uh~pgp{U$)${OTwy&cCUdynaH_%Q})@ya`=jup>B{ED)L{-q<XX;wn
zQ=!+j7s@r{ju$V+%B-8`$^0^lXzo9Z5jbi#O9C!s5ec6pfuT$mO2fHEAHW!XG3bmP
z<0(@nosI*w(%U#r;#nimjFJuxPLp`>{2k&{)xLN|_aDjSJ!XRu^aI{l+#bMda&uxs
zr%$qT{$rx3bILO6tWUbWFJh3T`X1a)6#;r_5;x{+t=`Vj>jKdrRt>9hJu~fls7x*?
z^9w*tkxYfg3>2+oP-$M|L|UP`_st<>PezaWq!vnB=vulSU2YmBmYH-W&&h6{|9Pjz
zQM&@@Cf$I}!@y<9UXK%I1gGBaPpw}|+!XbDKo#iiNbiB{Noi3_TvFQ?bGAXpq%ysU
z?MVa{w2HQ5reTm3Da1OsuBR{RS@19A!pMcz+P?A=_oer|Sg!|hE>k<x?Dd%lJ0qJH
z6$R{sEdPPy<z>36<{#$bCcO7**Bs(s#baBNU5g<jjA{Sq@E+E27%EB^Bh7bH16K7V
zN=_Y|`k$-3p~!<E@DBWKuEdF7p#{DfUAO7q+l-Ujr0d~TE|DK9-6aUuvVZ($sT2r#
zosEf@)+i!lrCCx(S75aouCfw?aWq~<-b<N@x-gw8qF0v|gNOF7w<-OaGFSlQGgf%)
zOh$i=7-TJ&e^whf1C}aL<0B>LjP|z=L>z~w4=|4(i9Y0u1W-3wUUu5Db&`om+QDLK
zeqbX-bnE#-C^#K&tl-_kV&&MC{i@~auaBm$umAar3s8XNVx)$@QtfSam1<IbjhC%<
zDKy1vgO&k7>gM?(L3W&X=yD`9<-&7L5^fTB(j`HYCfrioFU-48xA_DF5Li}kc@5mI
zKIWMw;Cbl2@-D3R_8~CZgzOomv85Sb-gL&qL&{|@s~bFM&X$Te{?@ZM99B8TQvFN7
z>JBV|nr_#{7M<ZFx4w9=^T=NQ&m*{+*{f?FOU55CkZu3}v38ElnM7^0j;)C&&V&=&
zcJjowZQI7gwr$(CZQJ(A`yT#)Q*~GOm)+G>UAwjJwXdZu`7Mw_ZfMp|8Vnjar>lN6
z<ve>It$|mK!)h<XhbkP>Jk5zfv`CuG`0gGOoWuB?Q-`vsX~BlG4w}$V4@&RWwJtKK
zvf)RcULN_k@_#L%XtFZ<``;xL;sjP=QK3N)3`tk?hW_Y3u8LUgIwqX#Eq!>4H0{$i
zs|Qx?Wuw2ttoVpF0KSYBr4(s@Mi($W!RRn-d%^U9wFN5!ND=c<o0hn+#n1op2p9&z
zYsqPds&{!Z<t8vK3joFc)=Ek&ogyEgo<kN@JDBcI#`wbz$FS!TQB}K#BLXZX{{J~F
zcs$0qJyQQCkih>3NU%DTs*|KOS|B}&?e;rv#p51YcvzKnoScP=fp$D)=jHg<(bSuO
zhGrseYJK!I!ROYmH=KRDY?Z4{&}>hM4j+k*ZN0tDO(hw%=bv(sbsKBL|5se`{{L3{
z5K-7Cm(eD#(dIU5R^8P#*3Z!X+XN?>tBJN|gea|pElv#4WY_QM6qo7=QkwsR9>_(O
zhSctYSD(qqy?@JP!{Q3mfadLhjcFn=0l^nNxg9|X!`2OB=&weHVs9;mS1~>aWUAO<
zHW4^>1uiW#knsoQ&`7`UEeq=Ok<(a@0!mpDvL-2}cv<E{iPTvy67;L+I1K;Qm|&$8
z7i<KM_Q$#_+89&xsLoWx(l)-Bd06iq(!RAW#jC^(RP;6uO+H~?a}9f8qiRY%3e%Nw
zd<hwBfmr=E?%c_GstpBus0gA#+($^UdEf<9emSyWFs}6Eva<7Rhm#)D=eDH$DIC_K
zqR#~rHcvfX#9SwJPaBH&lm~Q6G(M;r^bxDOIGvd<aNIRq+4E))3f)2Y2Rcy1?&BtH
zzJ#ir)hku$2I103jMnWJ4E_^+t`l7JM(aZiSY<IsXZ`H~oUN8@C%u(UKgCpvsg%~?
zDy^*9AOb8r_tR<P{iFwU9HcC;4?ScWGktKbCpq_`!!l_AXdY&YhRPA5?3+CTlMsp9
z9WF#0;8SwL^YD99!l3rLo9w%mRCP_B74c_Zc{f7r=JNtoKrePDi-fhN^P=Z^%!*VZ
zEm8Py-LK)M-Lm7N$I!tQ2s$%}0h(S=u<GHVgFdn+`&O!h)<GybbD+3IPw*1N?|hMe
zv7HAKr_9T)@h|Za2M3kFSx<kIv+8(<+0Rz@<53PT(kPaB8k|(IMD-5G^*qEo!l;i9
zC=@Itbu)v6;xrZ}?jT_Fmj8kWXrQDCA=e(KSQ^aGToc5Y$9Oh}{bnU)V^fOfuS=j1
zk=-agS??*m`-M~)6Xee=+pA6OCWXYiRK7YAEcjKb9`!ayu&og!@4_FB^GIocOb8vk
z6rjsRt^=AY$ILU0@ZM7zgdH&zDt1}H?<qQSyP}gj#VzCcn)VAdHh`0rfn4-Qs3p8q
zD4;6;`D#HDpMOEnQPMokU*mulXHfwam4-m&J~BB_?Y-$S(!Sq){6EA2D&v*|<P|Jt
z$Bu3-qPoQD=k9t$M<o@>$*OM<JXe>yZ07sB|BC@Uch*{^W<a>UE(o~Ocg^glbE4L;
z2lRTobh?iGZ$YSED7{%~JapPB)2)pKD{P?M7~6SPo5#`z&$Ip{LpflQ>#?bh|0g%*
zzr2AYmml7Mn#I_5?524E1=0_2pt0aTzyTk%c4K;v)5sx}2a0pHo&Z8p1o<IvFnMg0
z>~qn>xPrdxq&w%b!v-bGF_ilA*nh3Y7Ua?+x{)3Y$EP#M{<1f2?u1Y6)zaN66{l|l
zcK>mdb5W{xdLDI|4D7m6O=$neCU4L8iuhTtO!?PPiQUq(mEgx)4>utCz_x*%Eo+vQ
znz^kI@YI;Vez}G?>EOi=l&#9{`^3g{e+l1!Kd!u~QEsrU|MyX#DN^Xl@^2{wZUlZl
z-OvLI4OUS+Y*xr+<YxcQZ1|kGX?e1wskZLka+Sp3${RmdHf_bAMqS(p_7YQv;g}Ag
zSn@B)I2A+>s2e>8O??@23B)sWqA>F<?KromxS{y?o_IG(f{ZtVcsT|y%8(t+Q!T0+
z@uNY3aWstR7xUg0625uq7tZRpi#f{N|8fUnvY?+8x7qDZc`n@JNja;pF6v*UR?37%
z7)To47Q$HJ6v?z7poN%@g<u;0ixrq1-H7*A>tPibuhWy*_2lrT&DP9_ucn^;bVRc*
zXo8q3)s)LhnPI&cUm>Em<can<jo^!Aixc6t*QJB?USz2to?5>%T`#dFpZeCcQXDQ>
z$qe2U2Jwsv{>1&`f5eKW`9$~}O-_m$;yy`!%+$Jg-KU%rB%xAXAv4l^7Y<ANT+p*n
zMnf)B!S6L!mECa8IjnlAUV0`u<Cd7ly};YDt9RFyrxMtUI4w~%@jZHY*c_HYabUg(
zV<NupTGI{=x>k)=_8zPCWIk%Sh|Mk4LOuzgJ1j@kltTUh7YO}HKd_lkJpNzE0N8&h
zt0~h$4|2if1Q8(iD(%bNBMwL+G9FU>5ibB#9X}8y3G|F$D%_hImori5vtjQRAPPGK
z&<f|SQX{t|B*mD}GS%|EJ_iR{S}PYjj<fY7N8pxd2wE9CcCvm=;ApnprdU>=qy?NX
zLly*9WR=|+kb_yWDQ?>$@je}hN6JH+p9qB^!Wbz0hRMI2Vm$TPt%jgPtnq#5P8zFl
zk2Ss;n_MYkHJPJT@rXlC3B3RO;tU!fncA+oN48|V4xd+5c<Sh~zfYrmE}YV23b;;0
zzi*}QOMk;Z=NTUx5D@F)!Og(RGf!2%EI~E+e>SIy3b{1rgk{?Bqnyw5BDXq{1+O?u
z)*MK&@gclpB4hSlNcDZ6?Yk8YO*iLzZ$|7TP8@w_cQ)HZ?X$cI-(N2l_arI^&+S$b
z4@YO@OOOahDB@{rFhrA&KPK$Q>zdSP2G;ku(g}u#dGWsgbp*wn=$c@1PDZst@mbls
zl19|V{`@L8IkIhTY(GJ3KM9hCICpe9vzD7wpe%Q&ENv1t!X9UCeKWWGRXR5=NDOX_
zRAxQM+%Pf}vY@V!PRvWTw7BNQTp1}}Bu{Aqzc9Xrgs%rgNK)pKD3nCbLo%x=BB(|t
zL=vl|HEUi-o+#7|*<TPL5+{_X7(&shxx03zpg|D*uoo#5r-(euQ(8_WLn5~+^wig6
z=2bE&uc|Pw0!hjDsxB>F-&k}tZx3GF;ILBq)X-$DfGnl5Z+5(xCU3!HWy@c1G+(5s
zCo$IExd^tlaK;JE>>}^k6Ori5640_aq1BqJXJ75*UZ}<*jBz&%>!7dhJEp#_u{%X2
zNA*}xp!!lHlSZIiRrlfJ(1rAb!b6Jfho9%g<J>TPdGNTgtQzw{h;I0<iZtJAbUWmw
z8v&iA$Ze-OY1#qRv43)rV3g?F2I!zO5Lt#me*n79cIF6Xg}rS<zppF0nhPO_{;5W*
zb%JQzc0H5HjPlq+Q>3F<p!uDqjXg9T<0#5pATVucDH&t4gpb-^R$;FM!kcw6*ju%W
z|MDuDdrld&NT-S!1zVt@>N$Th=GUQfw~%W`Te6@N<fe1<r6}`?dbM*RK_hWG$RC)a
zSkQYf(ChPybxf+R!Ye4W*kwGqfH6fWXpI|7WOu9M_P(ZsFIh+}zttJ5YHEBxn`IXL
z><+|tCs643RpeP0F}LI_o>qPV{XQ09?PXlXd~*zJq^Er9OMe2;K^-p02Tdu_A>$X6
zCLgcpxZ<%r<ey=w6gB+htm%h^U)BE0zC6QGIlftZ!U`#`3~@5^G=KV>=fGo%;#^=8
z2-F~~PoLkn(m#mt?=JT8#PpWV2&QfQ#qKeQ*3AdH_4T@%T#a~v2iCuTYKQusfaHXv
z^Rbf4+N_Xcq$j|d;GSf<aaOP;Ux`Iqkr8XPOnHz{KUf!mNq$VZBrp6#18bym|6%_O
zDh(ZDA==yy8~XG$TQef*xnI-i5))JEwpr1slA(C#pD1v6uA-|O`&MK$@Ks1w&N92E
zc7{8rS*BpyRc`{=uFS5CQ}Imf@A}?DJ2QXmcx?OT6ul7A>O58wU6D<ys%QWau^Xg>
zR$oHuz%u0lMsdSs%oRfx3=WzC(g*aFd5ii=T^#aCN6Tz=aC$kp-!(<A$3}6bXpC%b
zcw8UTOVGc4e!b^6f4e$7yn*>O4Ti)aqHEd+=w;R+D+jZh-o#5BP@42C-=7v@A=UBg
zHmC<z%XY>cVD@`_Y=0KC+H3bpU}|Z)Z9AnvT?fRJS(@X!F`Nu#K`oV74lM>Po<}(u
zkUc+lhlEuKZ5fh_|11sa<{j9{*Upos2ivfWznznD>X1JYS^VgSB^}nE!29NTE5rY_
zsxsZA6_F8L5z|=W+KV@wFmy4{g&&hHK6pwe56}!7oBFpc9#Vmf(J=;_jD%$p6oZcF
zNYn3V)L3H;b+SL)xn=)G=&p3S)e%Ue&N9#x0ye4C?l3K@%c2u(1#L%Xzm{a#kR9Qs
z_FU8>@AOB~*>!TfdH}wccoUbZhZY+{3^ELomb;bEj#}7+NJP%*?WqbrT_C|U{3C@}
zQVxE?tmrUWkFF>^d=^OZj|4L^*`!-Iz#BZ=YZ!F<O6gde4BmpVCLI;ymy%d<pb~LP
zFbiv5Kacn!t_St~37AwehtF;$LGYyTq=WW-?dC-Pd)2)I-4Sk`PcR}Z&#$0YZ=36B
zoy?DEou?=77n2X_8x1-iXCH<ad4+Jx3P%Ky8NrWw*!KM{ASr#W`63=}qL{(#WDZ_#
z&WjHti2fe=6bp~Gc*H~x8Zc)=M*8EMX%%PjOk+t7<>kZ*3tw>E#*!mtEVhf6Fnk?u
zBBf?AeKLjZ$%EW%CtrxmFL;c|WQ_T|jp!-qRkW$&s1WgEGChtfP?g%bmc&ABt5Gd3
z+-`OLL|6X%+}C4x$^%V*h%}D{-2SKAemiBBkSoaj)|B%z<Cnnp><D|(Bjo`+_Vrag
zf@s5j9WmDzAyHh-qNp~_B}L^sa%=U7d+An*6r(b)+ICNVInlqA7rQM`TvBjmM7I@l
z1yvQ8*3LA^2X_)!Qf2*vi<7JcBhhm9#8>2tAFTpHch<_A3(A{=1be!@FS6!>hNin4
zR5!OKpXTIEam$S*3$RZ<Pv2i5*&>iWo7>-Crzbw2HzA+h(YyHBcpr~DWZ%R12nbKl
z-QQ=A+gq8L9|VZrZ`#cFfRFRy&+EZaM4>;BkUpQ>xemBlq)Oa#i%`WM;N_G8cPZIv
z4-U6W_jgH^K^`W<>1p0pFI5{M8ld|*&iUhQDP`nfi!p-WR}!6<0}CPyBMo!+^!X;k
zzQD+``&^X(eu~=19ER^C#iK%7$GH}~hr<RHxX6-aeipIr?Z3vqhexGxSgR?xU5;i(
zd_XrSpbl{A-X9to2P-(eQG>B8Q$Z(u!s45fa%dno{k#(U?ygwd0Y*;5EF#8wicg8U
zmjDA%MP(sF-1OSWI%I`czmDQ)#qwvNmDU&mDv8`4^<7H5hp266-b%IarjNveoR`7?
zk1mNTH@3#^EQNFQ7YrA}=8m9TutzloR7{aZcPvO{qM07{A3wvX%G)x>{vaz|UUM(&
z)dg2DbYXhLZ|K^tr3$3bNyU?ietgkIdE2!V#i0;H?5lw7_q`<-yiU7n>BlJ<rd=i!
zX|cD{lkK;YLbXmIu4xj6r25`MJe<v*6$;?d6)#9SAs?@NZ96q43tK)2_qj(jE60WE
zwTwn98MlP5qplPn3fuu!fRms6`#W2{{w4Z;<!{$?BG_uYyE!TklRR~8xfj_>^N$8M
z!q2AyS=|NUQqFvdVxXR_h^+*VxyrDB3dd1eUyr!qwikkNVd}D0#Xg`wEYE0m!NT{&
z9&i{oGitV6?a(feb2{4`3-5l{LhQuoRhN3;4tFtF)JH;(&Y4|Sb$(TV;vp!v`CLs{
z$!m<~o8`yF>C$|*BegC`90UWZd2{ks;9B}MWI0T%yO4OpWs-=!87g&MU4}pR8xpVo
zg}P>|1$zu}TeMlLY&pdXJ)&|iK0Jbh7#!oIVR`)}NRi%rlPIU<YUdZgsWi%#?Pyb#
zp((n1gRx?+?Mh0%=#-P~A|BDGdbz|x(N537uC@HpVTSX{)Z6`N2k`Uy?4u((uG?Ak
zZEje)z!4oJmFnb>ba8Suqg`ctV1l8I6h-PZmjs2-?kws0c2@FTe!X4cnMiNj9qhpg
zMO2%`bZfkP#b*Hy*0?3YgwBL?W~~!pO`LG%K$IPUxwWM)*56WSG}_C}rFRG~Pd`~Q
z=Vn_ECHz>+K;2ki0PWenS66{f8z?Kr*jtP4;xrkadpP!L@aC-;-YA;mXQ~C{tgoLJ
z&8$vt_~01}xII@5C)M0HTKS=QTY({X=!aN!Uj?ZbVwswXd!AzU8|Ik(X|tt}r~akl
z`kUT0=1v!H=M1i!zwNv>(4|Q)bclvS_a-J4X}w6c*N{?ev|Jql`rYz3@&fNtQDzY0
z0u9UUX~Jo1g+(?@Y_l)aqpdO%QtkRvS*041phh<gA=iaCO;uJ(1~2wg^qTb>gZd`D
zLq8s`2bb}&wivr)YCzJIqDrnHP|4#1{rWOm2m5|Fn!gUT{3*@wfHj@Ow=P``MWH-C
zH)*JPsR?{IMG>~@r(SK7wD6$3Rz#lra54<wj{K)_gc8|)f0PX(g$`?-fftfv%mJoD
zGil^83P^x?iaz?-R<Dhx^%9Q>D6nU8;T#Rfh~BHk4{};r@}2(PRO}m5GSs8yswK}^
zovxi>^@Po++D6R#v%{HKANKHwpigK4c_#~@G7k>^k<)II5BceIx82lCd+SgEKCxvg
z4At#J={iMa!ZzUJtum?(XU}`*WEKrUlF`7(_Z@?;X*oN6DbeRgln~j3C<((&*oQ_E
zdA8nMJR0!!bXkfY|5=>n9E{S&IZ@!knE?-WuT109SXBi<9TTZ7m!DV=a!gj3BodPw
z(ma2p#57`I_jgfOQ85{Ng{%TA6#QLlltmlbnP(r#nZqVrJqc7TwW(LGHhp$woi-t8
z=j2fLLX`kj^{daMC(fDD@;VW$)?MhTg*AOY+m_r^@p;y`tS|o~eB58gkkF!p$dxXN
zC^du?L2`AfWm{x#V`_&rKAgHJNv>ebn5nhb;iDJd>;1`*tS;zK-K;LiOTW+(SSO=>
z;mLzo+p_t!sq)#4mPJQG?f{L1)8IF8f?yP3t0(c`j^&QDU7>%919rZq!E=ww0D%g~
zI50vIkM?&0J`IE6OA0*BMBvqI3P0!TC-1%2RuZ9MUWSwhqJl})#k3AJs;&3mvELp}
zS5tP51CVenK<7i0H%kU}0))kRNu2?C3_#IN*`(4h#TU}13M$&7+4f1Nd3>&;y_wa;
zY(L~#7*2m%=c3!gY`#&avkMf>6fzr`s3@K6f5)$6j9%Pjk0tc_#E=dqp}x$}ey<Di
z52%_!!uJH|1?IOZUChd9z5OQ<mrCl({a9LqTEuuRqzgslw(w^Xq5UfiF9-V)9F@Ce
zj1MHOCblD)<zdc`7Yj(voY-uSN!W2_D`|P(1U-(*J017zqn<EI3rq*B{LpEoRTp?w
zZSPVGza_`wheFLIh0t2|p^G)^7R-0bi{2|!s?w~U?QEMA8su6^)7?oGFa3%#UF+=M
zAYo^8+v{JY#aleY1kbISV}hN@TC<Z73vmCu2X0PqbWxQ13Jo~G>zVbpF3V;S^Wbr1
z1Dvi~;H8Y8_7<1wY82hR!>Lm8cAvHMR=kevX!GlOLHEpk#P#MTIlJk3(TOg4OD5JE
zTeE@T9{vo39fq(nB)QvMKOKgM2Zh*Jaj)V^R6Var3$%?lXXv+iwq<rK+`Y>Kf>5SP
zdlYFn2UjgFBn8|Q<s!zwX2v8b!Cn2+ycA%ZwC^wMi@}xg3{$qA0Ev1{a6C8b(<EM7
z1GBwg_+)q+9=(#+EFuJkQS;O;gqbar)eWf!rZMwUv$SOiZI&>S{_)0a=3!$*e<l_i
zI#B}}omGt@gw|xufht9=oX9cBT~!JDJ863R0YKN6Kz9hpm*5v#pnaSd@|wVNoKPK{
zT;4!Ok&)^$**;&dDY)YjhK*H*uvP*hB#&Ygp}yzByk;FaGXWi(V%Rb8C8q6KV4J(%
z)uJm>LX(}DFPw3cEe=mRVc?@rbO)!=w%JLV2<Q3MpM;8~3fhcgbyl!{WMjjX`CdH+
zC)kYqwWb^FT(gB7whLSQ8XG{+dM>e5zFSSf2J&cpB{1e>bC`iB7Xz*<PTV4P3}wRD
zi8IeccGro{swC>$K{XHULN=vofy2}|t6J*w8x=isLCdU!HWLCtRZ%e^tlnw<=^-1t
zPL%`7@j0(}f*U9#&GYGYf#%>|xG8U9o`?3ie^e^MGWtjr*`0{6sT6B_9NJ5CC+0~l
zJ<~1mf;~K|NP7h2o8ZvHPUncPY*nb3s27=`x92+YFbblakKttASaKzy9(?4mD^=N^
zBnld&QRkTtGpJ9Yv8;Oen%8*UYZn?a-Sx}{Uus+}-o`XCT)FIjh4`d#Y-WPwZ?GdT
zLS^SS_bLW^3a`Ty2OnTe9~%8~d8ngAd0S+v1SPxRh(S^AMb}L*xIt^0#z2X>s#C)h
z|BjMX2*PS7#M&AM#hSL!gPwYAip$U!6HN99>iQm{xD)yjfCqS@orjdPbDq+}U@+rf
zWFy9^=Ev{5#N>wVB(%fEYCdU$lv=>5)62GXWmxus4jT@DTnBW3DLATVr)55yofiVy
zVT%U_l1ghgvuy)F$~$MJ4m~pw?u=K4O3KH!PG{(?RY_<nB$WKDgHu0+4R}}7Fh7p|
zLR)?HzMXvc0(173S3D$6bZ&s}qEHvej7lZAW&#oXrv6(NLy#PVOqcmEnZRT?>8gev
z0E~CQEX#pmGFcE~?A#R#YJvs~M_}pKX8RVLnNSsa8HYa%Wkfszko(Oj+u8EFD|BOT
zFho)i!H!TfjPZRj-5KZF?01>6eWQ$5`Pd74(rq4H1h~V;q5xyI-x<$syBr8+Q?<L5
ze*$QmpoS60EWh!JrU65TzPj6=kbf9KJ{Z3Q|FIj8;3a8+NOH5yyRXwOrZ#CU3BYnr
z=ch@W?3k5(A%}Fi;jsC*Stkd_r}cX(E+=L%J>L8h`&-exf<Nb84K!ut0a=$q7iAT-
zF<>(L3-1a>6&A!n)p)3K2ZRCEn@tu6hNG%}h@y~d0m{_Ca0W+Eqp`PATGHCz+lI34
z_)T5wo`RR-e3J7rJn@pTc6{Ck4oJi^FWvnH0Rh}gbFlRN2w2N#qN35L5P&zKr}63^
zg3@2*K2bP<WW7RMOp#_DY;*aupVdz@rj)v0k<TnM{l+OsJy3j<p4W3b>@9tZ%`7WE
zQEY5>C4~2dcXUmv&SbSj+Z?!d+_0BIUB^)1{R<wyZp;kBc5z7|`W69r5i+wG)~2Eu
z*$-zAm5p%c!!Nx8rVJETjSQ*My~$-HFX^a6v6A__=qV|}-=D<dM)lj|mj=b!pH#Yf
zNPUx(h!te5C@M6cUm74V27Q)}pdiS#n7CmJyYrb)RM469R|w+0eNC-tK~@SFcfM4p
z;~a+Qvu#m`0Y)8U)>OSgEh0$jgeOR0$OE}iErP@Vl<*9zxG|y-&0(!#x>$-qr;S*L
zl5%D$cxo|Dp}ubIWjjYX&I|3P3lY*O`3o1{*WnBJ;<A71f6ksvIcOOkJykYk^E+={
z5d$LCgNjRw^LgoW88VA4h1ZwI76{H7i#k`rc%DCtz?t>>XGl-TtRjfDNlR5*SLS{>
zC>SzvSkuIsV`w!8#I6T*4C*{!BwDW*nYOIV9rhR+YFai2MMqc}BxqV<hk8SYwyun{
z{2Vyz&^}E9PYNy0`Xj6fr#AP^4?0)NIn`Q4Rz^^R>tU>0+d0>6wn^{_ZAE%Gm|*cs
z{970f^ZxS-Z26>CQq15<#t|jJoSxQcupB#yvwm-~hH1U@7zOQNwauUAfj)VWh9UL%
zPx2&JEgcdU%Jd8~D!?UZ#mf@m%W@_6I)>8KIV?>lWsiQuQBM17e;AXDUd(}}1;*G1
zs$jOY#$qQ-Z#z!%;>6e`H|#xX#xK!CCt&0!yJ0LYJbuI{qPlW}`Gl`vW6I3Meom?*
z=Hk5lGC#*0o}-bnlo@=Z)nD~3!KsjPMVIXBpT}_3rtwoHc_D*%s3AEV#OerKj2s_h
zh!s-P5@!kfH~&;Ry9HcfvAUC418(Qj4vj3B1O-9b(Eu>l5M6y`D_q@VCxulSyYP@*
zr(>C4mH?X=Qlu2$*9p!Jf7u)z2`mQmp>z$T-VJO&)}cS~Z3{dK{IK1lndQF{5sb)*
z`RUzGw2>yHe$(bM#C~F(^62%E$*In>3RzgWjL!b_4Z5oUxPGPme6TI>@uYT}`t*s!
zDy*@6bAYwJi)}jp(BjC~u*PslyYrtS%-_rxG>`_MM<unIsC_)%+$g}y5dDouZ(~<y
z-IPz4e7TIe`u1=Bw*k`OE&Q8W(6Rm4J+}MWa?Iv@#Ths+D=KVrW9D2zDx$Lw%Fvv<
zvJ2&N4#udola@UorIbmxaVB+LdQOA&fOj@F-Q4sLDo$Ja?^}6<+npqz#d??;fLl%s
z+Q!SOws3nkT^bVHxD9Id_=F4%m@igoX8Bb2J(VtKPQZ;(uTl3%y-ncH)o0sLKrqFf
zY*%9Sm4ieQ5+-k0v42PU=Vzaq8JU>LU87NzeAFyb;k{5*sZ9M6CEIEZ>g#TXmzkNi
zvf*bkMM&L)5u}V^ciU&1_U^KtU^iGWc9=MUt-V7XXachr=G)MbvY2lHY;1u<>TcH5
zG47&FBWwr&WmUd}D-2+NqT8_W1{Idp%CR9+9>r)Cz4JDC@K|2g0u|)(56HFym#1?j
zyHNI>?_?^{9&^5LAjj0h+Sr7<>B?Do_{~@XGpf|yy%pxBcEdppbaLwwi%n$Ts`1sM
z#IqN)S!Z&sgHT@4#{HPd*5i_8RqnfNQaGk$lJ@5z^i}Afr&epa_sX$S=+LEi^*uR6
zGHP(;TR4<~U;eAD^bwr2G!Tc94U-Pl<N`kn(bFa8bDDQuyhi5R=;0WO=7jdUp;^Po
zhcEEfPG(RX5qRh!+k}IcR+weTjQN}RKzNl@(aNcg5kA(NVb}oNt9qcj!vQ*p9&?OQ
z8&)`c<N5EM#IhJ(6nV(&DkLM7vL?G><5JH!6k5(js*<E<41@&Nu4cczU9#OSILW(u
zyI?Tq8HL}fUEd0?Qrj034kG?8jC{25hXf#Gj;#Xt?-Kb<RYRyxJT^;m(NVJg#8l-B
z%5Wo614U0QXb)Cwy~tvnZ}Ix`%HOb{!uee-i?j*t1tSs>ZAS-1^xw`*D*a0?KA6Th
zmvBZ11$vz=_QR~~t-Vw6%4(ENy~cC~PY?yQeIdEIqhPqU{T@n&eVE#tI3RV!6<&M3
zu(XhJj#Fqm26YmK>Zxt!4Dyp~Q>2Mqs1ygED_R?q=BEACgk2_V#a!ujPK0Z3hz?o(
zTW=Jm%-ZVBls(1Fy@CW5s%2qlQU2KX*A%EtJeFPoD0+`GTjT#oIHHg8j@YZ+?9=)z
z@N($1N>C;BQ3Zsb%OK%Jk{PNBfjy0nj={sn7oCS=L-UAm8BzHvj)ilpYex)Ri5N6v
z>pKWF<~53>?10EphbsfqI*_l|2=Xi7$wFQ=NU-NSmXb<j8!Ln~`39+F^KS?m0K$1@
z$tYK0uyW}vZJ5^z9)ldEW2v3NfH#ACz(oaTIU2|YkjVa7?1{R#AA?$HmpWL2SEWOn
zgA4F|Bgu@hpq@xpENV=SwG6?^fTMX20Y>&MWo#hiu|{}gYvPtD@E?RWW`FC*EV)np
z0Xp?<7TaO@_-(Ix&quCNofcUJYOd=lDvUn~%D_QEj<$r<0MA~YODG5Fzd5Rsdq;J*
zPo1Sk7w8KZcjs}1B2qO$Q+^9=YaD#PYCS=72Q4I(JxVLcQSWLl3CkSiLdT@(y|icl
z)FT~2+nSy5a>E_58#+G(j3%@o)KRjk+OI%P`i9MgoW}w9U(p|JCc5s2x`><t;yrMz
zIGEaE|LUk(EtN%v%fL{!2w}55q^qM&u(}*BaO6EHOJ<@`f01_tNP6&JopgYLM^C{H
z5rSlVKotKH1`pDjvcQ(aTfWa5URnTjo+rR-F#pj%nI-KNMG8jfjea0QZ`qt({fl(d
z_5}XHKlv4{0acj-H7>9==ScTD>k(H{MQ*>4^;!)?0L$GZuIOb3;xYX5#Mvtu_BEPV
zjEvViPp!C<8!b<BzJ7sVY3!ex2;MkPFwK<$NhZhivpc^4Pm#XXcj|gCNI~63cj>W;
zPD{JF)G%3~Z%RaT_yqsQLEQo+fgx`HS@&x~D9$qpDXhWE8RYzK$Lf%4d`OCQjMj(=
zF7dC)+oBzWWz1zSg5kDUx5dE%46%Borc><Bg2P*|3<uac{O3^32Yis&iPJ}T56o)U
z9L$PAp02y^Dyl_?;0;QGH?sA{iX*BPxVB_GMf35LcK^eafUqy=cp%h~_VjI=isYV1
z$~{LqbpO9#<jtZZ;n_67&7m0rXilF$sgA^AE@Odgu+D0>CZriG6#XwcskRQn1Y@{|
zkQD%k$|8FhZKAhY(@H+Q_+DJ^faa$O{+szogo$F<eIxGO)kEfLd(cERSL$C|k4S|h
zQU@Z9%@~mVVvXeA{_Aj%BBbs3lV@=so=69JL}#d<3@vMPCSk0NS@-J3x{ZnRBPg6W
z4$IQMuom~geB>~GT$kuGX0+JQhh8YylfP&{wFpsx37E5@m028blrJ_ViEWt>W^odc
zB&RC-MwKS**&he3{4F{!T|rQ^SHNgjiZ3`rr$dW?r4D}X&r^-cuBBdzRd*LH;I#fL
z!0BcXPtT%WGjQmn*xk%su!S7z)AwmDqMd^mPIVfzTW(E3DAQC%#t=2!`ZT3h($pst
zuWAZ(#jK{*ukpJUcIZ@3XLi~^WVCAVo^Smy<CY%QOZ(%NiVRe#UW$Kh7Rg9NBq}zL
z-`LO8pPG~#zq1Ha=#{59b+@rHZfsRvxrT`GmJNvb*CE|6GF}6!^e^$z4yn$JEODV;
zFVb;SVydC#2oqV3BFQ@0P~VK&yhjkxgCSx21A_ck@TlO#^C5~F7iR)G8^`tI<&WJF
zcs=qhFrXYV^Hdp_UaDE37!f?5(zgF4mT1xQUK_ZbZ+|w2Bl5k`vJ|_CLM}PL=-AtW
z_NKKWXFt7J8wB_cW!c4&J$aA=VnmpSFn`xO?Dih-L7zZSkj^$Y^U;{oz)~``yuWOs
z-}zrVerKj%=<97w*5#JmYSiBZT`WyfIat-XCEy?#wGof#WzBG~zMm#^qNR2rqgltr
zBa*0ym_LS(|1pYiy{&K>0A8|Wg(!L&`~BI4=s9f_(wYvZLNGh$#6N39QdMAm5;C~R
zVP>9SD|vZ=#OU@*ch9TDTfm1=>yTQ9k+~Xso*F5UpAU{&XSn%+sSS+~L63K%XaFuB
z@banO!B8>@F_tduVob$Ej0URP72custNnc_3$E*g&a#L&&&s!e$*N2R`;v_R*HKbo
zu@-di8D;`Gn~b(7r%3&&25WGBUs=N`hD?EEWvFbzy_>?iAQ$EXM)QCyW>d?Z&AwCE
z7&&9*+|m#@=Q{Xv?;P%0;9Hp8`T>$I04=?i8g{xTyQc{cL5M+#&d!2lt@W=HkG35F
zOFo>R4~I+al~%Q|1aM(X<{H1wn_-GA$_*tA><B~Rm>9#5%!aF@VLbk}Sh6m*7}Ls6
zpS>j{tSkLNjL{O;r08&MXSM^CReYGlEn&QR@M`*%E-J$&r6zrDa#8}|LSCTct*4>r
zqnEDYtM|;F-MsFsXc$BtwyR^n!RpOsC(tmiE2D82Q<{D1wz}{Kc_Py^gB-q&IIKqD
z@N+bS(wk5u7dD?o?i0EbYa&>3D7n#{&7pkV=5wO+kz^5FS}SjF970+P4kAv7=|Kjo
z=(w&bXxb6B_#|eOiBdrmX#5r@bhKxI<u;efkn|kP1mirZ8O-3lkx92}H+<ABY{sz%
zQG_X`(%OL@Dhyov3Lam=8_dFJ7PiBQrO{_4@$v{ot_B}lZj;W7ghIa0uK0fKikb37
zAFm+-C~vGb-IOuMJ;Rfn(y!2hRrv}7+KD2S?2<2Ih_12L2@1t+PiF2#gk)tleV-}O
zNMrN4#Dp&l21e2>2h@_d;2bR4>(3;>&fx_4GG&v8D`rSi5sT#sS&BfsANRCrQpujd
z+iqh?@ArNha0+>6g3Sg}$QU(Rf{efB6z77tn(8!lF^Oe_G=Dn4PSCed&04icnUXP{
z#9sp&*rj!y`huH1w`$#!b(YSn3}F>pYyCTu&)5!R#BL+1k<P{up6SZ*)|R75lLLe3
zKr%`BbGXh4`=R(!VT2tTTM)~+ETwAWpN*@grb%r&Pfum!)cU|g!-h=rZ^uQo)l6sh
zfdi5u3td6=9nqi>m28QBB{v=D7|^+mR_PIEAQFNmh9CP)R<@A(>-yg|<_&8bn4<iA
zS3J9{OJ2;oezH%@#Pi#g>Rr2Sw19*aw*=3lj)skMUS&hSfM<t15E@EGW6=pQC%Mp+
zD3?>=YRNxV9>!>G_}FfPuzrm!Eiin$?rp^Q#daCzsVt#Zc#_xAw1boT{lZ^KLXWql
z?i>EFj;?Akl=1rXe&jQ59aLpDq~6;>2rUr}xX0;UYPN9GD^xtXv10<ZXj<_Z(1<+n
z4Qn|#DzAt6>}9!zxZKdZsj)jA<ht%%mA;-}F-SV-wF<Y%sz;-&t<Fc=f}#Fdbt;Yx
z`=MnS8j*cyDvE8!@<zh@c_=$*C%?Kk&9+?go1@=xuj(`X9oPoV>&jT53uXezFaK$m
z61%Y=zrZUo{q8-3{|J52o|`V}G}3QN*;iBf<w-)8s7q_2`BzTJ>11|nl@mgHnJZoI
z1<52SA2n}_(XyzQGHbE`2F*i>4-<2Q_>N@T-CKy6!P0l6>zH75v&p)4A~p!D;HlSZ
zG0&D}&eTr}7vOg)K<Ha%5UY%@%*C1MG2d|bmY0X>*9#>;JaUl0Ofh!H*KwTMW!!4K
z3?k4*4na4<O0UfmVGJVA#mG%d$(>9%-Fumuxrj!a#*f-@b%qgH2iW!x>U1A9*VYPM
zo6|2#l^M`&JzV!I*nl!}r|pq+5oruW<Zg+<{V;u6QV2>x7DLH6qqyg9c{#ih5&0+I
z&big@(Jt5cdjczWUtxdF>v=PsiE6s@snw}{S6xNeTPn=1m!Q=PaG`5zC?w4N8^}xb
zvZE`>ZI8H@Xmj+I{m|JyB@>s_A=i9ds7!Cu7@r)k1|<xf&yOd^c9KlKanX2vFn0y)
zvh}eDm&lxo8p=q{k=sCIDn0K=;$#SwH9+IqfEq~(ihKZ)OUzM^fNKs7hQO?*@~@Nx
z%&qq<3qF?*GBFtWVwiA}(2)dYqOb#@N5oMqeM|0(?c9^qIN|UrtsIF#$S6HYN=P2o
z5>tY6-_#19GhsLlK^k1tsX-VGeau)wmBwKnDg|W9oyuj_(CF%F8k_3~e@tBDg$;Io
zjO)zUloZ;a+mvH0HYv}-VvPg+{Cz9h3h3nDee)FRIHeLT82VQmp-}oi<w8;=r1iQH
zchOEJmG|^o8qY>>J7(F`=z9Lxx&Odk#!w4x)$8NZWr;Cp!CcIxivRs9{~`#nGL@ix
zs7tTD@|4KTMv4kzES~x$9zY4TBJw9B#y<L6gt8PDMQUH2{*0e487xZx-r@QxgLT&E
zr2acjF#I90q^h9Bd(R$Kbh$1oQWNGI1t~n+6Xcsn%}ExRd(0s@_ku#epflbs(A^tq
z)R^hsljy!%o+@>8564Wy%DkZnGgqV^>W@&Yyh-wB+@e1hbhl0oT`OWH-KkNZx1N2c
z@aS#O$xt))VrM~eN%{Hczs)qOA?tj_@4mP}S#1X*^Ki9B%7~_EHEXnN-e<HIGAOE`
zblKkY$gjNt^~GGKMJ3f=6Kn+|{ya5Oe6xicG&UkV_ypNF%k4JZ+}vA+XBQ6IH$grw
z#nC5|kP9@g1}No~KnuvE6SM1+CE{c^e^4sTK2*~H90CV(`I`o>&B<gFUTHa-l})b*
zzr8}H+<RVEkW>FNY@Q<d$R1-Pemyl7!-+haU+7+_w_*DvSc?-1s<^*1{t(tVPf{Ta
z-Ghc-r%dY_f~if+05k!~e}bP?+(mM#Kg6Mzxbr-dVa1P`<;EMERd~Nm3)^+H9BW~=
z0UihM-jex^?@}K!TiPq*E0<Cke?|ei@rW)+7r9JkEuChqP<DFA>nChoMMiQe8y+^O
zDZPus-DP5<W_TJedbKrU++PJe3ASL0A27Vt)g_1oarb}Qn|+CRI7ML_=Mc>K0qsVa
z7fTyBMp;xmm%EI!kGSdgQ&FePRt0s<dnsP$NUa%|zUjSF;xED=FnyU+5UIG9W`3vj
ziLM$@MroW)aYjB1o7cu=+`&a&yHOkJPw|f$a!=N^;9-dPsx^n>Yu-7LU`)2!j8SlZ
zEns*K9E1R0DY)4go!oA24_5~-;P2@k5&zKq=shrUXCCDv<?C?Zluq_@4K6erWBPpm
z_M>qs)p?)d<0L873s5E(82{x&90;mFlw%mgSgrm{|B+1yghFGtib}5q2H?c@%*JGV
zU7ribXV_Q0qn7`S?o>O{ozVY$j#JT0Z@G4`2Af`V-ezH7!6I|<D{dBDD*nS;*~~B)
z>bhmO>mN9DtmV-zG26`Js&<79;`NKHNgc>^whhF%8&gW%Ox4M~RG+&O4OuJivgzK^
z%Dy2cdm8bRZTm8G=Mm+qR|Cq;BT4|fs!yk%Wn(o<pJ`#;n~?H|{sQ@ail#C>+cijL
zFNYuzlHK=3O#59O$e(i04aowJSyEo53JGE6Da`JY$pek+arbm^^71(9nsx1e37wd%
zUbb6tf5j9u{K0dNFSHV0<-Wc{YH{4OR7mqMIN5}95AFZ{?`34_<!YhDJ*ljBk&&1G
zlH6<1MSD8V@AP_5Xu}_<osAQ9dQxad??E<=+S%}LS?d6mUz8!Im{aG0M|*r1WiBhu
zxc6+zGx`}>t@8Nh6a<2h%jYMG){wfgK5ETiQ5}-6&(8J7mnzU=+IYv}{JL1IfE`Lu
z2Sg2xfEkfa5gerp#-J3e-#HcF1BAYt;>S2d=|%!;M<04fy(p}hPh0hMOkwJbOI>}b
zWA)@iYsaQw)8z(f`-<dK(}--s$ylR>i5)4To3{R)ocMgd=j%nLiC^)@kX=H#{yY@{
zXrE4GjiUdTD6xX*Zdjqdkx@rDXF~zd$|%d2E?HY|aK^R=pFbG(rRp^V8D`ZD!tTVz
z1Z*jd22^{gvym3~PoM|4b{KGsyNt6*yMYNSAk*>?lCq6E`TKG;0+uTr9xFP;YW>-Q
zG?X+7_r}hQf#_5c$9rpcCp<H&n~V4Itv1-<i#HtKVv__Rf2~q8bJEpqVWHl@EGN)1
zt)}6@F#!;?@-bz>M8)woXy>T?^*sA~KQePxJ+91PuD`&udYWF)A^%sq$#NvdFe96}
z%pr?t`};x?WcNYm4FH7orSa`gVO--uV^y3NS0-72TPb~G7AK9vnGZeN1gkD8cP0&r
z)h#n$aX=%Rl5&4uLg)1nG7g9_?UR%{*2VOc5NwOoppN!Os_PbNc0_jrP$M4Y=IR1N
zWx@zK(!)dH8+~NZ82+L^8dk_x_mBRV(6w4P+R)Bq#(l|k#<@u|i)|x_rI|29P=*}U
zP}RcVtkwQi!F{~4W$^B#jCWxPA@8srE;5*h^7M*Jv$#yyY*pgXeDDx7A7c#eI34&H
zG3)@bU0W?K?6c)J0f8vC&o|3o$5jv0MD^W!-{J1}{JkLVin=-sMu%G^;Mni&rNBYl
z;X*s@8>i>v{)I|B$?N^}ak>NX>dLN<t+sWw;n2bO%c8#JUD}hIz+3h24Nm_gb+_{b
z2+P@y>tz*Gvtk<6D-zikb~MWKY4r$PJd522K|;BzaaBwyGaH%7sAr-)*s=1<nRF!4
z-Eh}FdtI{K_46%=rG?>dj*U%0+z{#3grSn8-rMwhA5X7`!_nn{(q<au@hs!wNK52x
zz%hc?aePAq#h_d{x@JRor<>E(?Nk%q$``;m(#2VWSzgM+<RHmvS}yD$3fYDXdPfp^
z2cel0_=2b%=TdU#VuRCUzjA^>YNt%TzUBGmH?74gV+dSD-SWRq-9Y+;F%8)E`>%_x
zOw4^zYt40Sl0ymtBaY=C0@K(1hC!HH)*7cr$E2q4`=`045B~7r@vkle-s4r<O%+86
z3*J5%BrglHB`?5VZV3*qCe;Vs$p^WF+QU<$jhFSUAWc$5(U+F{Y3omED3v~!<^srT
zWyqr2teWbkBN|36i$=Ys^|FxmUObbVh~yMdbvU&G5W;`&h*tu9*Dfx#%3F3TPS{sF
z|Gt&SeJ<MUSF55tQpre*)*wIBGw?XWR!kDHnt%VcW34;Hbt|3|_IB@h++9-gsw`gs
z5#Ag|&uiXr5f3|je)-7if7Rkk(&8Bo-~?Zs82}0F7fD9zS`ISs^ohQ9Zhn+6OtmIS
z?fn%;F<DVbT+jFk6D|G+{~nP&AWCZ`DZ-BKM%d(rrZw(*bt$8C?&<w&*(o*72PBg|
zlu-%Q`LH2;wn9@b#ha4RpLWvCtR}^!s(SH9*Ku}S!mtpKrtX^r{4L#(qA|}7(3J~?
ztnraFj2y|uWaXG(|AQT5)Y|K2wHjx{e<c;0Y1d*OGi9#rnqw-b1Dm@tUo11b_5Kh+
z+okLKnHV8C^@#{A5KRQ8_;tQoPye2szpTUQ>mGmxdOKMoE9MzfG5qxUJ=N_t?+@wH
z7VJSTc})jkj}nkJz^1G=sZp0${wGu10>H((tMLrR8Ntww!(dcJDAkQdM-rvHMD_jL
zT!bP@QEs^gw9M+3gjB>N`%6u3Q*0(!k-ST!6cL~r?TtMlaL!*z5<z%%HSZ6Q{uy`a
z42qI-UHLPx4kL~=Vggk!=?LSp<%M3dkK8JtLG7>~M2a>O^&~{8-a@!?ioNy6tVC{v
zPUk*OxxEAX^f){6Jb|8PR_c<-?8XDxtU?3SXu@_$Os3GlkOZW~v0rN^{A^4qMDoUR
zh-Ppybm({fl!Mr)@Q4HF3xcmV-T0w$qj;M5kpmQm2VKFY`|oWwKb9bh9GjAnyTe~o
z43&Jj_V`4u`XE0U25^cV{=(Kex=Et(eC+?);l=AaHp8GI!?)r&x@F(d1t21AgV<Vz
zrSr*5M1)Kj0*HYDD{_yV#FqYo@@@R<8}`_8tR&9Z0@#-$LG+S+X_IbFsXuJiF@mVo
z)XWK43{3vXD!Q%pJN`n28m~RY{r_|#t9Q}F7Yx%zL!~l_zSEK+Zi^~-fXQ94;=ayP
zQP7de8HYxf)|;%tL0f=fb~xbpSgl>&<mKvFg1gelbdxJ^`tU{=GV?O|+r$gT_1V4T
z5L`&~BMO`bmtf8;z;6xHxc%G7G9=?kN66wY!>=sB-VMtr(SXM@sdcQXQw`hf;Dg1A
z@0;T{2~RnF^9YGi9+g5MnSu@5ESUa9LBvWnl-m{T{HYg0Gpx0W@{xu<R<+a`7fn#W
zqnYeQom85H{#Vn`2m#fUWEQ=8egMG4W+36AZ!<lMIf@$i;O?A-_K)@8W2*?=8||ac
zmSjRjwOe*f^WEWSS|w?O?$f8}+S8Tn(_e>Dp~qE<#X1Y8rru%JYrrRDLdWLjWAP&o
zoQv!KIdzRo=S$b_+v~7k7;pC0@~oo#LRh%k7vfl!3W+@b`{~j96$&(@k%ps?O$-kQ
z=Vs3yGI!_D5%TArih&cma5(@hZ#rsSuS+I?(9jG$`Z8g-(7LNmg^8ZdqLgyhe|atS
zYdxYH97!ziY(K)+Y|~F3=9-Y$pQ`EV@^)#v?E=U5aP}t(6~uBaWc-*GXeZIG&@r;+
zA|%u+8%lP3V-gD49(7zvcx%t_x6Ax#Q)OoeOK;_sWJmtK$>fjm8DB&|Z82x6L#vjN
z3_?ext_oav0Bz9|rNg#8Ed&?we!tu#nw1~04O8K97Sj0Wm@PagI>RCfrKY+Fml20#
zgn5zk^ry9txpUua4K8(KtWVFK75OH<cW70bF4k*(E3dIH4%|7!QL1A52dtpK5-hQw
z17OdTsctkBPAWAlYqu4rWeJbq$Sj6atwYuVsVW9dqQaW%*I!Sp_NbNf+QwD`EUVTv
z)u4X|Q>n$W9ogJRDN(vz_3)vZOuNl1YgFqA3bs3}fajz0=|e;-Fidv-%w3!5^r4Kk
zwT1cF>=fD5DON_v^;_j4h{OEGSW5%KjQ84MZKe~CGxW`uvFBLLYUezl27R9r#X>Wq
z6?6^q(c^<}mc5D?2eo-$IgE6p_r8VTOQP8S7`LN#TxpKl+Qg3)vPwuGBq=?8Q4uSm
zVtKxb$^y$G(xVG917BtMXQDM+3<ArJOf%u^k3{tEnFw@J`j-xjc+t+nwQkMnAdQvQ
zC0a)g6PeuU>TQ(v&yLa$42J1K-1o-|0eb!Xv{ZMkC>}E|dFgGIbKpwoR~pm$UO}@x
zz;n^$76C$X-<~X*59Y0j9aX}G+BM(x-_N`sOdK!gKOuoKqTlBsycgeIaNjQvJJpc9
zue@Kjwl&?~pDNYgPgfTQkZw2g&t<7Pdpf+AKD5%_1jy`cFXz{+CzhhDab<X?=7HlM
z{)<ZTT&OI(pX>Mj%2a0Kzpe9mw{P{fHHAq78XVWTXJS|#iZ?}{RrdgN9bTZ>zJfYh
zmk2$yKFnFZ(P%zySqzaEgf9%{-ElkP4v;b#vP<<=2_xeySqy$Rwg-n0c36n9$+_G@
z+SXiwAtU4ery4H_@9e!iLOX~XLPh`-pFbP<_aI^Iyt+0dpH%YWcJ(%^o5O1Mr@58L
zl(2lN`N*>EQvg3)sCrE^m7HH)Rpn<8n@Me=aq7V)rh#ibAXnb9GPCt2dN^oXiRSJ`
zxX;-Ur?e>_zn(}rOfqS1OF>o{o<{~=96DvbjwLUJBT#cOX|sfd0hKMC57TSI33a+b
zR9mVRdBRcQpaS{(4mm$P!sWKT!-eoLCm)y;tKpoEmZZ_&G$(QDdLTqz*_LifxJaq1
z^wuU!nzGLio5>9N9zvWy2uOQGbBUF(>{oRDV*Q1iWSZGVN0AoK(0JV(S2{FGB*CFN
zh#xY5GDsidM-oA!;N{zts1Xj={Q-!GBGSUKZaG~wmIkvkVJ<GhCr~Zij@wEbmX&us
zSt?_+(yDwG7gwMv9kB&=cAKXfCY3W&Rvg&abenCoPg(H1XG}UOq~6|&kX`@giX>&X
zu_;j_Y$;u>FSevnG8iOfm=!y8|8m=_l~QP$Tc~J+Q4SM}l^z$+PM`}?^@aUqhS5On
z!rVleY?{<1T$NmuPHg&HTtJ~O+Kd7!Y$rN0Yh&S|&hhGb)7|lV-K#|rqQeDeoM6%l
z?IsJd)P7#LFuhmcZ)R;T$`->8H?JBgoDk%TKz<+rpfDEQ?6*y4=z7_jh4<hU@CB_|
z9C?`p2~9z1eD1+*?o}|0ycPlJRmWd*HDnwgZ;@?x|Er>?+D6xdKf9`Kx8SA794|c2
zUOFkV%s<R5Wdd@y!T!3RzsTbwpiP4SM|Pn@c1e0bBF5!Ep<BiFwUI_yP58IT_E4M~
zsQKkFgL<tI%3O43I--=7i+Y{A3;B`^FN=@BL)P$VTwf72Gq5d;)?!{UW}%GSbv}Qq
zrR8LySsRu5<&=Rxw@-eA-Xa{OB8qnuDB33tjxNk4<-K(!fc`rGUM6V^KmZPCNB*X-
zu0)T1UFA??MK&J0W_|OoYdEiaCoh)aYJo?0+Dtjml~R1iIR5sXCiat2Zau)6ijVNt
z<+~>lzc-*F2uK_xwvzPKn$Qp*NW`ZQD1Xs#<>&?wgpqk4F+dIbKLTkAmi3PWqYRv9
z{0O*SiiaWTgnly9*P~jG8Y4z>Fh-L+0hi(if>@KLz&+H_eQOPdb@<#0KySZ1{?<@z
zZmoL2o`^bol8JKm#Jyp2hIUKSHP=ekx=JhAx#yq4n>W)%;i_orDSIi(Ss=R++Qlu*
z$HzmAEVWJpp4+oebdMu^f~PS-_pByqAnbRs-EIL!>NWs0?{wO34~TQGgTxsp<|V;s
z`qy{ZAUmC+mXwQ}=_^rHG8cvgKIbNNcr^@Dvbd`me?SEN%_D*)>&|<iJa-r}e3HzN
zc|Mowp0Q*imZy~mdw=0C{B5;Slkq~FenZws-S4|f>ACwb!iyoOT<h?Sz6u+SDV_H_
zeIBrl`mv27*%;wcb|qL`@LF8+G`Ye(6C)=^c!?NjgF9((=tpO#>~BbJcX&&cu2HN$
z)^je?pzaqRUIe^L8QfW*#T+p!2(+c*8>`Pd9s8cZ)hvm0zf8EAZSmJ5JE%|RX(c)8
z^222pqGOm5%1CeuN3l~N4nj;n=HU$cF`Vdl$iCJWQh6?;U3A2h%fXDA2U+enFUuKI
zoG3mihCTM(0}>u%uL^#_1pM(Nm&X2|ou7XV-m^wg^&{{fIsP9inIYrZ9WOuzn+#$U
zJ;$WV?U01&)cth781~Xaa*T&1z_7Q8VDDx!yF7~=X1cPUspz95qgmp!<UQ$zd6sIB
ziJtSfs24EL@hb-3abt8QIVGSigx|N<G|S;?-Q8$G7)u){%7QB-1vdqZ=wRR`mJFow
z^R=_V;T}xJ|7{;z#{czR(L`UN&ogx!!i&=m{Jq^0u;c`fPrwOwxJY;Eb#wx8?{9)|
z(f_NVjY3lf2b1epnY$JOIPf#)W(1y9>ar>LfJZ-uY~I%2gnihBOL9{ryS+I1ZgqAi
zts3F#Y|ef>JCZg^C_dOp&KxAVuGrvK$(W?%%f)2M;ql8wGxXEvpMO5?L%18}!D|rk
z2ncty>#I{0aCcSyNLBqvS&z2^aYynbt*Cx++FShs;<_lF3u4WS4QfBEt#q-zeg(nZ
zy`sKFf7J@Y=385%qqkPYAmO%V2B|^?F|dwWmm;b*F-Vh8jbcrW3DWUfs6nxHWr<CY
z8HcM#Bvgh-ORyqWf!Jm3hs02IdYuPybq8Oqfkc({*K}B_(Lf}+V=!B6I~D=3r3wN>
zvO~3kSJYA<QeLhQyrT*VJC^{k?M@EBmR|E9HTi~~ctfjd5a-PhCvAN#gO#-jh*V#%
zxDVD>B%tz-_72&o4nY#br04a}Dh&`be|Db8L(f7_$UTn)lED#e4)>Gl^hh@D?6uFW
zG-3IAdjunl@Nvj33`ngl=ez?;0Hg11nhgbepnFB1Rrbzr&KI2O;bX5LIDdJ+Q~kl0
zep|lu6;ag`^G%4lUW}@~AD-L%!E^gov<k9`nHMr4k~pa+4pj=ddpNsCXQwQy1k@DZ
zg&DIAYJ7SBmXmJ1WXbDV%u7Oz{|CqIZ{BgcGY8JBnR7L=90FXo?#3tG@rxJQm^og6
z*FIQKA+5Dh@<)QU8O#zvYPbb|7tq~s&QOwB;4GOg$rudo;&%fL^XHjJBrYYDa;;|q
zm5MXS{BEgqbyiebc~R)=;S*=c#lnW&7j~?!w8ccQxvVN(InP`?9FiZrwz{*ZP(7?%
z49vNx-4=o^T5HA?CJ$0BW*<ZiefK<eB4+$b>ZU^KwPugqSEQ_|8{Gs?Km$ofVRp@m
zbqu?NGQqrNx%S4*k@z4@y+krBArby%my++5DXk3felV@HdtBnDx)Si!IefK^{Oc;S
zV8*vk{`%N5@PqujQ~5W<ixe`uIX&Ji)&!sRx10%aCiZjoC8xM*UvtGT&_J_)e)i?-
z1G}5RDtCIk7?}`Xi1?B>yGwaqn3CjMf9dI4nwA}AdHcJP0w=lRwmw@d#Df7Pz7m-6
ztcZGJU(NH&-3*KtNYajCJ0?E#wo%{ZI!M3I=GOCYC7|ZUa-ZDA{DM7O`f4tfoHz4T
zU-g-pP0j13?@gsp`Kkq5yPB(Kbc9uE%)*Cmq>l&_v#O`Py<FMDCE`%$E{_mt+>wtz
zX(j>r$G_k8hW+Q~M{UQ@-y?Dma`2Z{(R#riqbOAtO~niMXQovy!LjjzegDHFe6h%#
ziUuG4?xFRzf9Z+U3N5#-p44Jq7Q7bbiTh+!O?WoG;qzjfcRYRi^y%}@KZpN6efo6q
z|DS#S$7jEL_W2*b`26|v&z?W~<L{n6`{L<m&wt0B?rxatTVrZo{qE`3?^+z(FQi5I
z)eIJ!H}y<c^53W}`Bb-OkMI<}EE-db>a8xsqq(Sg&TDQ@DdNHX=RZuUtY~t<9%nON
z)#GVX6!yEvY|MWCc@(yl25%W6fZON)^Pkb;qxhwL@F%9Evezp6oc;XsqpE>27bC_?
z3EoPeFk*HqyBCZrp8fl#(BllsJ#<*lh~bZN`};?XU5RSqzCis4{+U}10RMRbE|(F+
zzdUkoC5R~*v8K%Z1K053PCE5uDitr}zeTmsKli%byaah}_XU2aOC$UQY+`&O3t8Ww
z2h&o5H!t^R;vQdk`>jm)X!L0FJ^ZD_J8#RaJdytDY<Dzcye!9E(`BaTrB*`K*w1yp
zLM?nWxp~22_B=wx%-NNfpDTG)kMwl?LrI5B7s46F{o?ja?jwIo$Na%h<zCWU?maRM
zT5s(UN2=$Y8qNuXGp*`M7lo+&JNDeuXrcoW<F}#^+=y{&e*5|7y^qb9@2IW2|E*A&
z8L-)IEd~tS|4*Mk`>cEafA;i`pFMlH|L>yR@%`V~Rw?|_egWHXR95=K&An!wUOrJ;
zy>&O>w{O38SDrswOBe6QS^t6a@2X;MrveO||7Xt@&;PS8o<Dt%|L>&5=Rcfsci(Pu
z!k2H{(ZXK(1)X|~jjwbuDhsZ}3${GEMBZRZk=b#h4aEu{@4-Jmc9Z00ehlXMpMQSj
z(Q!Q}^@jcNM800vFUCq;S&{4iu}`n*6#Rt!#A^LNd|pH(K4YVwfBx7z`Jrvn*6@Eg
zZo9Gm4BLO6{nr-@{Qvp$r=LCW|GQ{+EC0D|wP^jh-?zXnY*XD*Zmrh5U?Bmdg-TpW
zalP77vXbx$ZG3^QQ>n3<bT9pnWlm{##s<ceU(yD-OS?)tsSj3_hqkhH?*H*j6mxl@
zbR~BAjv@QcfBo^l7ViH)e)0U_{=bv<2|MF;Eh+`E+_?7adL|T`G_tUan3X)c<QKw>
zAAN$+eJ*UsFf$WH!7d6tVRK$*GpQ~P7t*8J&$-GUeZrKuzzS0PWhJKagAZ-_e-FkC
zg1)taCvBHlDJoV-CB~1&$LIezuXQCJeZpSq`CKdZ{^dE#Wn~_XFJ%1${)^pzG@kss
zdIJCTAIvVE*#G!H&6Rr65}NSrvMDh*>d~iTb6r0AbUfjgk3JpObNg>y$%{vy{{N3Y
zVefe*bz|7+@rijf_V9sYnG5~|e_rW-JsMw`Oy}asqmR9~5AC5nw1?Ky{%-&P0RR8`
K*N!d#=m-F9?hu&(

literal 0
HcmV?d00001

diff --git a/charts/jobs-manager-operator/templates/_helpers.tpl b/charts/jobs-manager-operator/templates/_helpers.tpl
new file mode 100644
index 0000000..7ba5edc
--- /dev/null
+++ b/charts/jobs-manager-operator/templates/_helpers.tpl
@@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "chart.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "chart.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "chart.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "chart.labels" -}}
+helm.sh/chart: {{ include "chart.chart" . }}
+{{ include "chart.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "chart.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "chart.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "chart.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "chart.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
diff --git a/charts/jobs-manager-operator/templates/deployment.yaml b/charts/jobs-manager-operator/templates/deployment.yaml
new file mode 100644
index 0000000..cc38f5e
--- /dev/null
+++ b/charts/jobs-manager-operator/templates/deployment.yaml
@@ -0,0 +1,108 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "chart.fullname" . }}-controller-manager
+  labels:
+    app.kubernetes.io/component: rbac
+    app.kubernetes.io/created-by: jobs-manager-operator
+    app.kubernetes.io/part-of: jobs-manager-operator
+  {{- include "chart.labels" . | nindent 4 }}
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "chart.fullname" . }}-controller-manager
+  labels:
+    app.kubernetes.io/component: manager
+    app.kubernetes.io/created-by: jobs-manager-operator
+    app.kubernetes.io/part-of: jobs-manager-operator
+    control-plane: controller-manager
+  {{- include "chart.labels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.controllerManager.replicas }}
+  selector:
+    matchLabels:
+      control-plane: controller-manager
+    {{- include "chart.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        control-plane: controller-manager
+      {{- include "chart.selectorLabels" . | nindent 8 }}
+      annotations:
+        kubectl.kubernetes.io/default-container: manager
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+            - matchExpressions:
+              - key: kubernetes.io/arch
+                operator: In
+                values:
+                - amd64
+                - arm64
+                - ppc64le
+                - s390x
+              - key: kubernetes.io/os
+                operator: In
+                values:
+                - linux
+      containers:
+      - args:
+        - --secure-listen-address=0.0.0.0:8443
+        - --upstream=http://127.0.0.1:8080/
+        - --logtostderr=true
+        - --v=0
+        env:
+        - name: KUBERNETES_CLUSTER_DOMAIN
+          value: {{ .Values.kubernetesClusterDomain }}
+        image: {{ .Values.controllerManager.kubeRbacProxy.image.repository }}:{{ .Values.controllerManager.kubeRbacProxy.image.tag
+          | default .Chart.AppVersion }}
+        name: kube-rbac-proxy
+        ports:
+        - containerPort: 8443
+          name: https
+          protocol: TCP
+        resources: {{- toYaml .Values.controllerManager.kubeRbacProxy.resources | nindent
+          10 }}
+        securityContext:
+          allowPrivilegeEscalation: false
+          capabilities:
+            drop:
+            - ALL
+      - args:
+        - --health-probe-bind-address=:8081
+        - --metrics-bind-address=127.0.0.1:8080
+        - --leader-elect
+        command:
+        - /manager
+        env:
+        - name: KUBERNETES_CLUSTER_DOMAIN
+          value: {{ .Values.kubernetesClusterDomain }}
+        image: {{ .Values.controllerManager.manager.image.repository }}:{{ .Values.controllerManager.manager.image.tag
+          | default .Chart.AppVersion }}
+        livenessProbe:
+          httpGet:
+            path: /healthz
+            port: 8081
+          initialDelaySeconds: 15
+          periodSeconds: 20
+        name: manager
+        readinessProbe:
+          httpGet:
+            path: /readyz
+            port: 8081
+          initialDelaySeconds: 5
+          periodSeconds: 10
+        resources: {{- toYaml .Values.controllerManager.manager.resources | nindent 10
+          }}
+        securityContext:
+          allowPrivilegeEscalation: false
+          capabilities:
+            drop:
+            - ALL
+      securityContext:
+        runAsNonRoot: true
+      serviceAccountName: {{ include "chart.fullname" . }}-controller-manager
+      terminationGracePeriodSeconds: 10
\ No newline at end of file
diff --git a/charts/jobs-manager-operator/templates/leader-election-rbac.yaml b/charts/jobs-manager-operator/templates/leader-election-rbac.yaml
new file mode 100644
index 0000000..e5fe03b
--- /dev/null
+++ b/charts/jobs-manager-operator/templates/leader-election-rbac.yaml
@@ -0,0 +1,59 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{ include "chart.fullname" . }}-leader-election-role
+  labels:
+    app.kubernetes.io/component: rbac
+    app.kubernetes.io/created-by: jobs-manager-operator
+    app.kubernetes.io/part-of: jobs-manager-operator
+  {{- include "chart.labels" . | nindent 4 }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+  - delete
+- apiGroups:
+  - coordination.k8s.io
+  resources:
+  - leases
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+  - delete
+- apiGroups:
+  - ""
+  resources:
+  - events
+  verbs:
+  - create
+  - patch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ include "chart.fullname" . }}-leader-election-rolebinding
+  labels:
+    app.kubernetes.io/component: rbac
+    app.kubernetes.io/created-by: jobs-manager-operator
+    app.kubernetes.io/part-of: jobs-manager-operator
+  {{- include "chart.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: '{{ include "chart.fullname" . }}-leader-election-role'
+subjects:
+- kind: ServiceAccount
+  name: '{{ include "chart.fullname" . }}-controller-manager'
+  namespace: '{{ .Release.Namespace }}'
\ No newline at end of file
diff --git a/charts/jobs-manager-operator/templates/managedjob-crd.yaml b/charts/jobs-manager-operator/templates/managedjob-crd.yaml
new file mode 100644
index 0000000..17833e1
--- /dev/null
+++ b/charts/jobs-manager-operator/templates/managedjob-crd.yaml
@@ -0,0 +1,7935 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: managedjobs.jobsmanager.raczylo.com
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.11.1
+  labels:
+  {{- include "chart.labels" . | nindent 4 }}
+spec:
+  group: jobsmanager.raczylo.com
+  names:
+    kind: ManagedJob
+    listKind: ManagedJobList
+    plural: managedjobs
+    singular: managedjob
+  scope: Namespaced
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        description: ManagedJob is the Schema for the managedjobs API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: ManagedJobSpec defines the desired state of ManagedJob
+            properties:
+              groups:
+                items:
+                  properties:
+                    jobs:
+                      items:
+                        properties:
+                          args:
+                            items:
+                              type: string
+                            type: array
+                          compiledParams:
+                            properties:
+                              env:
+                                items:
+                                  description: EnvVar represents an environment variable
+                                    present in a Container.
+                                  properties:
+                                    name:
+                                      description: Name of the environment variable.
+                                        Must be a C_IDENTIFIER.
+                                      type: string
+                                    value:
+                                      description: 'Variable references $(VAR_NAME)
+                                        are expanded using the previously defined environment
+                                        variables in the container and any service environment
+                                        variables. If a variable cannot be resolved,
+                                        the reference in the input string will be unchanged.
+                                        Double $$ are reduced to a single $, which allows
+                                        for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)"
+                                        will produce the string literal "$(VAR_NAME)".
+                                        Escaped references will never be expanded, regardless
+                                        of whether the variable exists or not. Defaults
+                                        to "".'
+                                      type: string
+                                    valueFrom:
+                                      description: Source for the environment variable's
+                                        value. Cannot be used if value is not empty.
+                                      properties:
+                                        configMapKeyRef:
+                                          description: Selects a key of a ConfigMap.
+                                          properties:
+                                            key:
+                                              description: The key to select.
+                                              type: string
+                                            name:
+                                              description: 'Name of the referent. More
+                                                info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                TODO: Add other useful fields. apiVersion,
+                                                kind, uid?'
+                                              type: string
+                                            optional:
+                                              description: Specify whether the ConfigMap
+                                                or its key must be defined
+                                              type: boolean
+                                          required:
+                                          - key
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        fieldRef:
+                                          description: 'Selects a field of the pod:
+                                            supports metadata.name, metadata.namespace,
+                                            `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`,
+                                            spec.nodeName, spec.serviceAccountName,
+                                            status.hostIP, status.podIP, status.podIPs.'
+                                          properties:
+                                            apiVersion:
+                                              description: Version of the schema the
+                                                FieldPath is written in terms of, defaults
+                                                to "v1".
+                                              type: string
+                                            fieldPath:
+                                              description: Path of the field to select
+                                                in the specified API version.
+                                              type: string
+                                          required:
+                                          - fieldPath
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        resourceFieldRef:
+                                          description: 'Selects a resource of the container:
+                                            only resources limits and requests (limits.cpu,
+                                            limits.memory, limits.ephemeral-storage,
+                                            requests.cpu, requests.memory and requests.ephemeral-storage)
+                                            are currently supported.'
+                                          properties:
+                                            containerName:
+                                              description: 'Container name: required
+                                                for volumes, optional for env vars'
+                                              type: string
+                                            divisor:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              description: Specifies the output format
+                                                of the exposed resources, defaults to
+                                                "1"
+                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                              x-kubernetes-int-or-string: true
+                                            resource:
+                                              description: 'Required: resource to select'
+                                              type: string
+                                          required:
+                                          - resource
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        secretKeyRef:
+                                          description: Selects a key of a secret in
+                                            the pod's namespace
+                                          properties:
+                                            key:
+                                              description: The key of the secret to
+                                                select from.  Must be a valid secret
+                                                key.
+                                              type: string
+                                            name:
+                                              description: 'Name of the referent. More
+                                                info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                TODO: Add other useful fields. apiVersion,
+                                                kind, uid?'
+                                              type: string
+                                            optional:
+                                              description: Specify whether the Secret
+                                                or its key must be defined
+                                              type: boolean
+                                          required:
+                                          - key
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                      type: object
+                                  required:
+                                  - name
+                                  type: object
+                                type: array
+                              fromEnv:
+                                items:
+                                  description: EnvFromSource represents the source of
+                                    a set of ConfigMaps
+                                  properties:
+                                    configMapRef:
+                                      description: The ConfigMap to select from
+                                      properties:
+                                        name:
+                                          description: 'Name of the referent. More info:
+                                            https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                            TODO: Add other useful fields. apiVersion,
+                                            kind, uid?'
+                                          type: string
+                                        optional:
+                                          description: Specify whether the ConfigMap
+                                            must be defined
+                                          type: boolean
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    prefix:
+                                      description: An optional identifier to prepend
+                                        to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                                      type: string
+                                    secretRef:
+                                      description: The Secret to select from
+                                      properties:
+                                        name:
+                                          description: 'Name of the referent. More info:
+                                            https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                            TODO: Add other useful fields. apiVersion,
+                                            kind, uid?'
+                                          type: string
+                                        optional:
+                                          description: Specify whether the Secret must
+                                            be defined
+                                          type: boolean
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                                type: array
+                              imagePullPolicy:
+                                type: string
+                              imagePullSecrets:
+                                items:
+                                  description: LocalObjectReference contains enough
+                                    information to let you locate the referenced object
+                                    inside the same namespace.
+                                  properties:
+                                    name:
+                                      description: 'Name of the referent. More info:
+                                        https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                        TODO: Add other useful fields. apiVersion, kind,
+                                        uid?'
+                                      type: string
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                type: array
+                              labels:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                              restartPolicy:
+                                default: OnFailure
+                                type: string
+                              serviceAccount:
+                                type: string
+                              volumeMount:
+                                items:
+                                  description: VolumeMount describes a mounting of a
+                                    Volume within a container.
+                                  properties:
+                                    mountPath:
+                                      description: Path within the container at which
+                                        the volume should be mounted.  Must not contain
+                                        ':'.
+                                      type: string
+                                    mountPropagation:
+                                      description: mountPropagation determines how mounts
+                                        are propagated from the host to container and
+                                        the other way around. When not set, MountPropagationNone
+                                        is used. This field is beta in 1.10.
+                                      type: string
+                                    name:
+                                      description: This must match the Name of a Volume.
+                                      type: string
+                                    readOnly:
+                                      description: Mounted read-only if true, read-write
+                                        otherwise (false or unspecified). Defaults to
+                                        false.
+                                      type: boolean
+                                    subPath:
+                                      description: Path within the volume from which
+                                        the container's volume should be mounted. Defaults
+                                        to "" (volume's root).
+                                      type: string
+                                    subPathExpr:
+                                      description: Expanded path within the volume from
+                                        which the container's volume should be mounted.
+                                        Behaves similarly to SubPath but environment
+                                        variable references $(VAR_NAME) are expanded
+                                        using the container's environment. Defaults
+                                        to "" (volume's root). SubPathExpr and SubPath
+                                        are mutually exclusive.
+                                      type: string
+                                  required:
+                                  - mountPath
+                                  - name
+                                  type: object
+                                type: array
+                              volumes:
+                                items:
+                                  description: Volume represents a named volume in a
+                                    pod that may be accessed by any container in the
+                                    pod.
+                                  properties:
+                                    awsElasticBlockStore:
+                                      description: 'awsElasticBlockStore represents
+                                        an AWS Disk resource that is attached to a kubelet''s
+                                        host machine and then exposed to the pod. More
+                                        info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+                                      properties:
+                                        fsType:
+                                          description: 'fsType is the filesystem type
+                                            of the volume that you want to mount. Tip:
+                                            Ensure that the filesystem type is supported
+                                            by the host operating system. Examples:
+                                            "ext4", "xfs", "ntfs". Implicitly inferred
+                                            to be "ext4" if unspecified. More info:
+                                            https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+                                            TODO: how do we prevent errors in the filesystem
+                                            from compromising the machine'
+                                          type: string
+                                        partition:
+                                          description: 'partition is the partition in
+                                            the volume that you want to mount. If omitted,
+                                            the default is to mount by volume name.
+                                            Examples: For volume /dev/sda1, you specify
+                                            the partition as "1". Similarly, the volume
+                                            partition for /dev/sda is "0" (or you can
+                                            leave the property empty).'
+                                          format: int32
+                                          type: integer
+                                        readOnly:
+                                          description: 'readOnly value true will force
+                                            the readOnly setting in VolumeMounts. More
+                                            info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+                                          type: boolean
+                                        volumeID:
+                                          description: 'volumeID is unique ID of the
+                                            persistent disk resource in AWS (Amazon
+                                            EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+                                          type: string
+                                      required:
+                                      - volumeID
+                                      type: object
+                                    azureDisk:
+                                      description: azureDisk represents an Azure Data
+                                        Disk mount on the host and bind mount to the
+                                        pod.
+                                      properties:
+                                        cachingMode:
+                                          description: 'cachingMode is the Host Caching
+                                            mode: None, Read Only, Read Write.'
+                                          type: string
+                                        diskName:
+                                          description: diskName is the Name of the data
+                                            disk in the blob storage
+                                          type: string
+                                        diskURI:
+                                          description: diskURI is the URI of data disk
+                                            in the blob storage
+                                          type: string
+                                        fsType:
+                                          description: fsType is Filesystem type to
+                                            mount. Must be a filesystem type supported
+                                            by the host operating system. Ex. "ext4",
+                                            "xfs", "ntfs". Implicitly inferred to be
+                                            "ext4" if unspecified.
+                                          type: string
+                                        kind:
+                                          description: 'kind expected values are Shared:
+                                            multiple blob disks per storage account  Dedicated:
+                                            single blob disk per storage account  Managed:
+                                            azure managed data disk (only in managed
+                                            availability set). defaults to shared'
+                                          type: string
+                                        readOnly:
+                                          description: readOnly Defaults to false (read/write).
+                                            ReadOnly here will force the ReadOnly setting
+                                            in VolumeMounts.
+                                          type: boolean
+                                      required:
+                                      - diskName
+                                      - diskURI
+                                      type: object
+                                    azureFile:
+                                      description: azureFile represents an Azure File
+                                        Service mount on the host and bind mount to
+                                        the pod.
+                                      properties:
+                                        readOnly:
+                                          description: readOnly defaults to false (read/write).
+                                            ReadOnly here will force the ReadOnly setting
+                                            in VolumeMounts.
+                                          type: boolean
+                                        secretName:
+                                          description: secretName is the  name of secret
+                                            that contains Azure Storage Account Name
+                                            and Key
+                                          type: string
+                                        shareName:
+                                          description: shareName is the azure share
+                                            Name
+                                          type: string
+                                      required:
+                                      - secretName
+                                      - shareName
+                                      type: object
+                                    cephfs:
+                                      description: cephFS represents a Ceph FS mount
+                                        on the host that shares a pod's lifetime
+                                      properties:
+                                        monitors:
+                                          description: 'monitors is Required: Monitors
+                                            is a collection of Ceph monitors More info:
+                                            https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                                          items:
+                                            type: string
+                                          type: array
+                                        path:
+                                          description: 'path is Optional: Used as the
+                                            mounted root, rather than the full Ceph
+                                            tree, default is /'
+                                          type: string
+                                        readOnly:
+                                          description: 'readOnly is Optional: Defaults
+                                            to false (read/write). ReadOnly here will
+                                            force the ReadOnly setting in VolumeMounts.
+                                            More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                                          type: boolean
+                                        secretFile:
+                                          description: 'secretFile is Optional: SecretFile
+                                            is the path to key ring for User, default
+                                            is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                                          type: string
+                                        secretRef:
+                                          description: 'secretRef is Optional: SecretRef
+                                            is reference to the authentication secret
+                                            for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                                          properties:
+                                            name:
+                                              description: 'Name of the referent. More
+                                                info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                TODO: Add other useful fields. apiVersion,
+                                                kind, uid?'
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        user:
+                                          description: 'user is optional: User is the
+                                            rados user name, default is admin More info:
+                                            https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                                          type: string
+                                      required:
+                                      - monitors
+                                      type: object
+                                    cinder:
+                                      description: 'cinder represents a cinder volume
+                                        attached and mounted on kubelets host machine.
+                                        More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                                      properties:
+                                        fsType:
+                                          description: 'fsType is the filesystem type
+                                            to mount. Must be a filesystem type supported
+                                            by the host operating system. Examples:
+                                            "ext4", "xfs", "ntfs". Implicitly inferred
+                                            to be "ext4" if unspecified. More info:
+                                            https://examples.k8s.io/mysql-cinder-pd/README.md'
+                                          type: string
+                                        readOnly:
+                                          description: 'readOnly defaults to false (read/write).
+                                            ReadOnly here will force the ReadOnly setting
+                                            in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                                          type: boolean
+                                        secretRef:
+                                          description: 'secretRef is optional: points
+                                            to a secret object containing parameters
+                                            used to connect to OpenStack.'
+                                          properties:
+                                            name:
+                                              description: 'Name of the referent. More
+                                                info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                TODO: Add other useful fields. apiVersion,
+                                                kind, uid?'
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        volumeID:
+                                          description: 'volumeID used to identify the
+                                            volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                                          type: string
+                                      required:
+                                      - volumeID
+                                      type: object
+                                    configMap:
+                                      description: configMap represents a configMap
+                                        that should populate this volume
+                                      properties:
+                                        defaultMode:
+                                          description: 'defaultMode is optional: mode
+                                            bits used to set permissions on created
+                                            files by default. Must be an octal value
+                                            between 0000 and 0777 or a decimal value
+                                            between 0 and 511. YAML accepts both octal
+                                            and decimal values, JSON requires decimal
+                                            values for mode bits. Defaults to 0644.
+                                            Directories within the path are not affected
+                                            by this setting. This might be in conflict
+                                            with other options that affect the file
+                                            mode, like fsGroup, and the result can be
+                                            other mode bits set.'
+                                          format: int32
+                                          type: integer
+                                        items:
+                                          description: items if unspecified, each key-value
+                                            pair in the Data field of the referenced
+                                            ConfigMap will be projected into the volume
+                                            as a file whose name is the key and content
+                                            is the value. If specified, the listed keys
+                                            will be projected into the specified paths,
+                                            and unlisted keys will not be present. If
+                                            a key is specified which is not present
+                                            in the ConfigMap, the volume setup will
+                                            error unless it is marked optional. Paths
+                                            must be relative and may not contain the
+                                            '..' path or start with '..'.
+                                          items:
+                                            description: Maps a string key to a path
+                                              within a volume.
+                                            properties:
+                                              key:
+                                                description: key is the key to project.
+                                                type: string
+                                              mode:
+                                                description: 'mode is Optional: mode
+                                                  bits used to set permissions on this
+                                                  file. Must be an octal value between
+                                                  0000 and 0777 or a decimal value between
+                                                  0 and 511. YAML accepts both octal
+                                                  and decimal values, JSON requires
+                                                  decimal values for mode bits. If not
+                                                  specified, the volume defaultMode
+                                                  will be used. This might be in conflict
+                                                  with other options that affect the
+                                                  file mode, like fsGroup, and the result
+                                                  can be other mode bits set.'
+                                                format: int32
+                                                type: integer
+                                              path:
+                                                description: path is the relative path
+                                                  of the file to map the key to. May
+                                                  not be an absolute path. May not contain
+                                                  the path element '..'. May not start
+                                                  with the string '..'.
+                                                type: string
+                                            required:
+                                            - key
+                                            - path
+                                            type: object
+                                          type: array
+                                        name:
+                                          description: 'Name of the referent. More info:
+                                            https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                            TODO: Add other useful fields. apiVersion,
+                                            kind, uid?'
+                                          type: string
+                                        optional:
+                                          description: optional specify whether the
+                                            ConfigMap or its keys must be defined
+                                          type: boolean
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    csi:
+                                      description: csi (Container Storage Interface)
+                                        represents ephemeral storage that is handled
+                                        by certain external CSI drivers (Beta feature).
+                                      properties:
+                                        driver:
+                                          description: driver is the name of the CSI
+                                            driver that handles this volume. Consult
+                                            with your admin for the correct name as
+                                            registered in the cluster.
+                                          type: string
+                                        fsType:
+                                          description: fsType to mount. Ex. "ext4",
+                                            "xfs", "ntfs". If not provided, the empty
+                                            value is passed to the associated CSI driver
+                                            which will determine the default filesystem
+                                            to apply.
+                                          type: string
+                                        nodePublishSecretRef:
+                                          description: nodePublishSecretRef is a reference
+                                            to the secret object containing sensitive
+                                            information to pass to the CSI driver to
+                                            complete the CSI NodePublishVolume and NodeUnpublishVolume
+                                            calls. This field is optional, and  may
+                                            be empty if no secret is required. If the
+                                            secret object contains more than one secret,
+                                            all secret references are passed.
+                                          properties:
+                                            name:
+                                              description: 'Name of the referent. More
+                                                info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                TODO: Add other useful fields. apiVersion,
+                                                kind, uid?'
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        readOnly:
+                                          description: readOnly specifies a read-only
+                                            configuration for the volume. Defaults to
+                                            false (read/write).
+                                          type: boolean
+                                        volumeAttributes:
+                                          additionalProperties:
+                                            type: string
+                                          description: volumeAttributes stores driver-specific
+                                            properties that are passed to the CSI driver.
+                                            Consult your driver's documentation for
+                                            supported values.
+                                          type: object
+                                      required:
+                                      - driver
+                                      type: object
+                                    downwardAPI:
+                                      description: downwardAPI represents downward API
+                                        about the pod that should populate this volume
+                                      properties:
+                                        defaultMode:
+                                          description: 'Optional: mode bits to use on
+                                            created files by default. Must be a Optional:
+                                            mode bits used to set permissions on created
+                                            files by default. Must be an octal value
+                                            between 0000 and 0777 or a decimal value
+                                            between 0 and 511. YAML accepts both octal
+                                            and decimal values, JSON requires decimal
+                                            values for mode bits. Defaults to 0644.
+                                            Directories within the path are not affected
+                                            by this setting. This might be in conflict
+                                            with other options that affect the file
+                                            mode, like fsGroup, and the result can be
+                                            other mode bits set.'
+                                          format: int32
+                                          type: integer
+                                        items:
+                                          description: Items is a list of downward API
+                                            volume file
+                                          items:
+                                            description: DownwardAPIVolumeFile represents
+                                              information to create the file containing
+                                              the pod field
+                                            properties:
+                                              fieldRef:
+                                                description: 'Required: Selects a field
+                                                  of the pod: only annotations, labels,
+                                                  name and namespace are supported.'
+                                                properties:
+                                                  apiVersion:
+                                                    description: Version of the schema
+                                                      the FieldPath is written in terms
+                                                      of, defaults to "v1".
+                                                    type: string
+                                                  fieldPath:
+                                                    description: Path of the field to
+                                                      select in the specified API version.
+                                                    type: string
+                                                required:
+                                                - fieldPath
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              mode:
+                                                description: 'Optional: mode bits used
+                                                  to set permissions on this file, must
+                                                  be an octal value between 0000 and
+                                                  0777 or a decimal value between 0
+                                                  and 511. YAML accepts both octal and
+                                                  decimal values, JSON requires decimal
+                                                  values for mode bits. If not specified,
+                                                  the volume defaultMode will be used.
+                                                  This might be in conflict with other
+                                                  options that affect the file mode,
+                                                  like fsGroup, and the result can be
+                                                  other mode bits set.'
+                                                format: int32
+                                                type: integer
+                                              path:
+                                                description: 'Required: Path is  the
+                                                  relative path name of the file to
+                                                  be created. Must not be absolute or
+                                                  contain the ''..'' path. Must be utf-8
+                                                  encoded. The first item of the relative
+                                                  path must not start with ''..'''
+                                                type: string
+                                              resourceFieldRef:
+                                                description: 'Selects a resource of
+                                                  the container: only resources limits
+                                                  and requests (limits.cpu, limits.memory,
+                                                  requests.cpu and requests.memory)
+                                                  are currently supported.'
+                                                properties:
+                                                  containerName:
+                                                    description: 'Container name: required
+                                                      for volumes, optional for env
+                                                      vars'
+                                                    type: string
+                                                  divisor:
+                                                    anyOf:
+                                                    - type: integer
+                                                    - type: string
+                                                    description: Specifies the output
+                                                      format of the exposed resources,
+                                                      defaults to "1"
+                                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                    x-kubernetes-int-or-string: true
+                                                  resource:
+                                                    description: 'Required: resource
+                                                      to select'
+                                                    type: string
+                                                required:
+                                                - resource
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                            required:
+                                            - path
+                                            type: object
+                                          type: array
+                                      type: object
+                                    emptyDir:
+                                      description: 'emptyDir represents a temporary
+                                        directory that shares a pod''s lifetime. More
+                                        info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+                                      properties:
+                                        medium:
+                                          description: 'medium represents what type
+                                            of storage medium should back this directory.
+                                            The default is "" which means to use the
+                                            node''s default medium. Must be an empty
+                                            string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+                                          type: string
+                                        sizeLimit:
+                                          anyOf:
+                                          - type: integer
+                                          - type: string
+                                          description: 'sizeLimit is the total amount
+                                            of local storage required for this EmptyDir
+                                            volume. The size limit is also applicable
+                                            for memory medium. The maximum usage on
+                                            memory medium EmptyDir would be the minimum
+                                            value between the SizeLimit specified here
+                                            and the sum of memory limits of all containers
+                                            in a pod. The default is nil which means
+                                            that the limit is undefined. More info:
+                                            http://kubernetes.io/docs/user-guide/volumes#emptydir'
+                                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                          x-kubernetes-int-or-string: true
+                                      type: object
+                                    ephemeral:
+                                      description: "ephemeral represents a volume that
+                                        is handled by a cluster storage driver. The
+                                        volume's lifecycle is tied to the pod that defines
+                                        it - it will be created before the pod starts,
+                                        and deleted when the pod is removed. \n Use
+                                        this if: a) the volume is only needed while
+                                        the pod runs, b) features of normal volumes
+                                        like restoring from snapshot or capacity tracking
+                                        are needed, c) the storage driver is specified
+                                        through a storage class, and d) the storage
+                                        driver supports dynamic volume provisioning
+                                        through a PersistentVolumeClaim (see EphemeralVolumeSource
+                                        for more information on the connection between
+                                        this volume type and PersistentVolumeClaim).
+                                        \n Use PersistentVolumeClaim or one of the vendor-specific
+                                        APIs for volumes that persist for longer than
+                                        the lifecycle of an individual pod. \n Use CSI
+                                        for light-weight local ephemeral volumes if
+                                        the CSI driver is meant to be used that way
+                                        - see the documentation of the driver for more
+                                        information. \n A pod can use both types of
+                                        ephemeral volumes and persistent volumes at
+                                        the same time."
+                                      properties:
+                                        volumeClaimTemplate:
+                                          description: "Will be used to create a stand-alone
+                                            PVC to provision the volume. The pod in
+                                            which this EphemeralVolumeSource is embedded
+                                            will be the owner of the PVC, i.e. the PVC
+                                            will be deleted together with the pod.  The
+                                            name of the PVC will be `<pod name>-<volume
+                                            name>` where `<volume name>` is the name
+                                            from the `PodSpec.Volumes` array entry.
+                                            Pod validation will reject the pod if the
+                                            concatenated name is not valid for a PVC
+                                            (for example, too long). \n An existing
+                                            PVC with that name that is not owned by
+                                            the pod will *not* be used for the pod to
+                                            avoid using an unrelated volume by mistake.
+                                            Starting the pod is then blocked until the
+                                            unrelated PVC is removed. If such a pre-created
+                                            PVC is meant to be used by the pod, the
+                                            PVC has to updated with an owner reference
+                                            to the pod once the pod exists. Normally
+                                            this should not be necessary, but it may
+                                            be useful when manually reconstructing a
+                                            broken cluster. \n This field is read-only
+                                            and no changes will be made by Kubernetes
+                                            to the PVC after it has been created. \n
+                                            Required, must not be nil."
+                                          properties:
+                                            metadata:
+                                              description: May contain labels and annotations
+                                                that will be copied into the PVC when
+                                                creating it. No other fields are allowed
+                                                and will be rejected during validation.
+                                              type: object
+                                            spec:
+                                              description: The specification for the
+                                                PersistentVolumeClaim. The entire content
+                                                is copied unchanged into the PVC that
+                                                gets created from this template. The
+                                                same fields as in a PersistentVolumeClaim
+                                                are also valid here.
+                                              properties:
+                                                accessModes:
+                                                  description: 'accessModes contains
+                                                    the desired access modes the volume
+                                                    should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                dataSource:
+                                                  description: 'dataSource field can
+                                                    be used to specify either: * An
+                                                    existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
+                                                    * An existing PVC (PersistentVolumeClaim)
+                                                    If the provisioner or an external
+                                                    controller can support the specified
+                                                    data source, it will create a new
+                                                    volume based on the contents of
+                                                    the specified data source. When
+                                                    the AnyVolumeDataSource feature
+                                                    gate is enabled, dataSource contents
+                                                    will be copied to dataSourceRef,
+                                                    and dataSourceRef contents will
+                                                    be copied to dataSource when dataSourceRef.namespace
+                                                    is not specified. If the namespace
+                                                    is specified, then dataSourceRef
+                                                    will not be copied to dataSource.'
+                                                  properties:
+                                                    apiGroup:
+                                                      description: APIGroup is the group
+                                                        for the resource being referenced.
+                                                        If APIGroup is not specified,
+                                                        the specified Kind must be in
+                                                        the core API group. For any
+                                                        other third-party types, APIGroup
+                                                        is required.
+                                                      type: string
+                                                    kind:
+                                                      description: Kind is the type
+                                                        of resource being referenced
+                                                      type: string
+                                                    name:
+                                                      description: Name is the name
+                                                        of resource being referenced
+                                                      type: string
+                                                  required:
+                                                  - kind
+                                                  - name
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                dataSourceRef:
+                                                  description: 'dataSourceRef specifies
+                                                    the object from which to populate
+                                                    the volume with data, if a non-empty
+                                                    volume is desired. This may be any
+                                                    object from a non-empty API group
+                                                    (non core object) or a PersistentVolumeClaim
+                                                    object. When this field is specified,
+                                                    volume binding will only succeed
+                                                    if the type of the specified object
+                                                    matches some installed volume populator
+                                                    or dynamic provisioner. This field
+                                                    will replace the functionality of
+                                                    the dataSource field and as such
+                                                    if both fields are non-empty, they
+                                                    must have the same value. For backwards
+                                                    compatibility, when namespace isn''t
+                                                    specified in dataSourceRef, both
+                                                    fields (dataSource and dataSourceRef)
+                                                    will be set to the same value automatically
+                                                    if one of them is empty and the
+                                                    other is non-empty. When namespace
+                                                    is specified in dataSourceRef, dataSource
+                                                    isn''t set to the same value and
+                                                    must be empty. There are three important
+                                                    differences between dataSource and
+                                                    dataSourceRef: * While dataSource
+                                                    only allows two specific types of
+                                                    objects, dataSourceRef allows any
+                                                    non-core object, as well as PersistentVolumeClaim
+                                                    objects. * While dataSource ignores
+                                                    disallowed values (dropping them),
+                                                    dataSourceRef preserves all values,
+                                                    and generates an error if a disallowed
+                                                    value is specified. * While dataSource
+                                                    only allows local objects, dataSourceRef
+                                                    allows objects in any namespaces.
+                                                    (Beta) Using this field requires
+                                                    the AnyVolumeDataSource feature
+                                                    gate to be enabled. (Alpha) Using
+                                                    the namespace field of dataSourceRef
+                                                    requires the CrossNamespaceVolumeDataSource
+                                                    feature gate to be enabled.'
+                                                  properties:
+                                                    apiGroup:
+                                                      description: APIGroup is the group
+                                                        for the resource being referenced.
+                                                        If APIGroup is not specified,
+                                                        the specified Kind must be in
+                                                        the core API group. For any
+                                                        other third-party types, APIGroup
+                                                        is required.
+                                                      type: string
+                                                    kind:
+                                                      description: Kind is the type
+                                                        of resource being referenced
+                                                      type: string
+                                                    name:
+                                                      description: Name is the name
+                                                        of resource being referenced
+                                                      type: string
+                                                    namespace:
+                                                      description: Namespace is the
+                                                        namespace of resource being
+                                                        referenced Note that when a
+                                                        namespace is specified, a gateway.networking.k8s.io/ReferenceGrant
+                                                        object is required in the referent
+                                                        namespace to allow that namespace's
+                                                        owner to accept the reference.
+                                                        See the ReferenceGrant documentation
+                                                        for details. (Alpha) This field
+                                                        requires the CrossNamespaceVolumeDataSource
+                                                        feature gate to be enabled.
+                                                      type: string
+                                                  required:
+                                                  - kind
+                                                  - name
+                                                  type: object
+                                                resources:
+                                                  description: 'resources represents
+                                                    the minimum resources the volume
+                                                    should have. If RecoverVolumeExpansionFailure
+                                                    feature is enabled users are allowed
+                                                    to specify resource requirements
+                                                    that are lower than previous value
+                                                    but must still be higher than capacity
+                                                    recorded in the status field of
+                                                    the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
+                                                  properties:
+                                                    claims:
+                                                      description: "Claims lists the
+                                                        names of resources, defined
+                                                        in spec.resourceClaims, that
+                                                        are used by this container.
+                                                        \n This is an alpha field and
+                                                        requires enabling the DynamicResourceAllocation
+                                                        feature gate. \n This field
+                                                        is immutable."
+                                                      items:
+                                                        description: ResourceClaim references
+                                                          one entry in PodSpec.ResourceClaims.
+                                                        properties:
+                                                          name:
+                                                            description: Name must match
+                                                              the name of one entry
+                                                              in pod.spec.resourceClaims
+                                                              of the Pod where this
+                                                              field is used. It makes
+                                                              that resource available
+                                                              inside a container.
+                                                            type: string
+                                                        required:
+                                                        - name
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-map-keys:
+                                                      - name
+                                                      x-kubernetes-list-type: map
+                                                    limits:
+                                                      additionalProperties:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                        x-kubernetes-int-or-string: true
+                                                      description: 'Limits describes
+                                                        the maximum amount of compute
+                                                        resources allowed. More info:
+                                                        https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                                      type: object
+                                                    requests:
+                                                      additionalProperties:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                        x-kubernetes-int-or-string: true
+                                                      description: 'Requests describes
+                                                        the minimum amount of compute
+                                                        resources required. If Requests
+                                                        is omitted for a container,
+                                                        it defaults to Limits if that
+                                                        is explicitly specified, otherwise
+                                                        to an implementation-defined
+                                                        value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                                      type: object
+                                                  type: object
+                                                selector:
+                                                  description: selector is a label query
+                                                    over volumes to consider for binding.
+                                                  properties:
+                                                    matchExpressions:
+                                                      description: matchExpressions
+                                                        is a list of label selector
+                                                        requirements. The requirements
+                                                        are ANDed.
+                                                      items:
+                                                        description: A label selector
+                                                          requirement is a selector
+                                                          that contains values, a key,
+                                                          and an operator that relates
+                                                          the key and values.
+                                                        properties:
+                                                          key:
+                                                            description: key is the
+                                                              label key that the selector
+                                                              applies to.
+                                                            type: string
+                                                          operator:
+                                                            description: operator represents
+                                                              a key's relationship to
+                                                              a set of values. Valid
+                                                              operators are In, NotIn,
+                                                              Exists and DoesNotExist.
+                                                            type: string
+                                                          values:
+                                                            description: values is an
+                                                              array of string values.
+                                                              If the operator is In
+                                                              or NotIn, the values array
+                                                              must be non-empty. If
+                                                              the operator is Exists
+                                                              or DoesNotExist, the values
+                                                              array must be empty. This
+                                                              array is replaced during
+                                                              a strategic merge patch.
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                    matchLabels:
+                                                      additionalProperties:
+                                                        type: string
+                                                      description: matchLabels is a
+                                                        map of {key,value} pairs. A
+                                                        single {key,value} in the matchLabels
+                                                        map is equivalent to an element
+                                                        of matchExpressions, whose key
+                                                        field is "key", the operator
+                                                        is "In", and the values array
+                                                        contains only "value". The requirements
+                                                        are ANDed.
+                                                      type: object
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                storageClassName:
+                                                  description: 'storageClassName is
+                                                    the name of the StorageClass required
+                                                    by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+                                                  type: string
+                                                volumeMode:
+                                                  description: volumeMode defines what
+                                                    type of volume is required by the
+                                                    claim. Value of Filesystem is implied
+                                                    when not included in claim spec.
+                                                  type: string
+                                                volumeName:
+                                                  description: volumeName is the binding
+                                                    reference to the PersistentVolume
+                                                    backing this claim.
+                                                  type: string
+                                              type: object
+                                          required:
+                                          - spec
+                                          type: object
+                                      type: object
+                                    fc:
+                                      description: fc represents a Fibre Channel resource
+                                        that is attached to a kubelet's host machine
+                                        and then exposed to the pod.
+                                      properties:
+                                        fsType:
+                                          description: 'fsType is the filesystem type
+                                            to mount. Must be a filesystem type supported
+                                            by the host operating system. Ex. "ext4",
+                                            "xfs", "ntfs". Implicitly inferred to be
+                                            "ext4" if unspecified. TODO: how do we prevent
+                                            errors in the filesystem from compromising
+                                            the machine'
+                                          type: string
+                                        lun:
+                                          description: 'lun is Optional: FC target lun
+                                            number'
+                                          format: int32
+                                          type: integer
+                                        readOnly:
+                                          description: 'readOnly is Optional: Defaults
+                                            to false (read/write). ReadOnly here will
+                                            force the ReadOnly setting in VolumeMounts.'
+                                          type: boolean
+                                        targetWWNs:
+                                          description: 'targetWWNs is Optional: FC target
+                                            worldwide names (WWNs)'
+                                          items:
+                                            type: string
+                                          type: array
+                                        wwids:
+                                          description: 'wwids Optional: FC volume world
+                                            wide identifiers (wwids) Either wwids or
+                                            combination of targetWWNs and lun must be
+                                            set, but not both simultaneously.'
+                                          items:
+                                            type: string
+                                          type: array
+                                      type: object
+                                    flexVolume:
+                                      description: flexVolume represents a generic volume
+                                        resource that is provisioned/attached using
+                                        an exec based plugin.
+                                      properties:
+                                        driver:
+                                          description: driver is the name of the driver
+                                            to use for this volume.
+                                          type: string
+                                        fsType:
+                                          description: fsType is the filesystem type
+                                            to mount. Must be a filesystem type supported
+                                            by the host operating system. Ex. "ext4",
+                                            "xfs", "ntfs". The default filesystem depends
+                                            on FlexVolume script.
+                                          type: string
+                                        options:
+                                          additionalProperties:
+                                            type: string
+                                          description: 'options is Optional: this field
+                                            holds extra command options if any.'
+                                          type: object
+                                        readOnly:
+                                          description: 'readOnly is Optional: defaults
+                                            to false (read/write). ReadOnly here will
+                                            force the ReadOnly setting in VolumeMounts.'
+                                          type: boolean
+                                        secretRef:
+                                          description: 'secretRef is Optional: secretRef
+                                            is reference to the secret object containing
+                                            sensitive information to pass to the plugin
+                                            scripts. This may be empty if no secret
+                                            object is specified. If the secret object
+                                            contains more than one secret, all secrets
+                                            are passed to the plugin scripts.'
+                                          properties:
+                                            name:
+                                              description: 'Name of the referent. More
+                                                info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                TODO: Add other useful fields. apiVersion,
+                                                kind, uid?'
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                      required:
+                                      - driver
+                                      type: object
+                                    flocker:
+                                      description: flocker represents a Flocker volume
+                                        attached to a kubelet's host machine. This depends
+                                        on the Flocker control service being running
+                                      properties:
+                                        datasetName:
+                                          description: datasetName is Name of the dataset
+                                            stored as metadata -> name on the dataset
+                                            for Flocker should be considered as deprecated
+                                          type: string
+                                        datasetUUID:
+                                          description: datasetUUID is the UUID of the
+                                            dataset. This is unique identifier of a
+                                            Flocker dataset
+                                          type: string
+                                      type: object
+                                    gcePersistentDisk:
+                                      description: 'gcePersistentDisk represents a GCE
+                                        Disk resource that is attached to a kubelet''s
+                                        host machine and then exposed to the pod. More
+                                        info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                                      properties:
+                                        fsType:
+                                          description: 'fsType is filesystem type of
+                                            the volume that you want to mount. Tip:
+                                            Ensure that the filesystem type is supported
+                                            by the host operating system. Examples:
+                                            "ext4", "xfs", "ntfs". Implicitly inferred
+                                            to be "ext4" if unspecified. More info:
+                                            https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+                                            TODO: how do we prevent errors in the filesystem
+                                            from compromising the machine'
+                                          type: string
+                                        partition:
+                                          description: 'partition is the partition in
+                                            the volume that you want to mount. If omitted,
+                                            the default is to mount by volume name.
+                                            Examples: For volume /dev/sda1, you specify
+                                            the partition as "1". Similarly, the volume
+                                            partition for /dev/sda is "0" (or you can
+                                            leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                                          format: int32
+                                          type: integer
+                                        pdName:
+                                          description: 'pdName is unique name of the
+                                            PD resource in GCE. Used to identify the
+                                            disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                                          type: string
+                                        readOnly:
+                                          description: 'readOnly here will force the
+                                            ReadOnly setting in VolumeMounts. Defaults
+                                            to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                                          type: boolean
+                                      required:
+                                      - pdName
+                                      type: object
+                                    gitRepo:
+                                      description: 'gitRepo represents a git repository
+                                        at a particular revision. DEPRECATED: GitRepo
+                                        is deprecated. To provision a container with
+                                        a git repo, mount an EmptyDir into an InitContainer
+                                        that clones the repo using git, then mount the
+                                        EmptyDir into the Pod''s container.'
+                                      properties:
+                                        directory:
+                                          description: directory is the target directory
+                                            name. Must not contain or start with '..'.  If
+                                            '.' is supplied, the volume directory will
+                                            be the git repository.  Otherwise, if specified,
+                                            the volume will contain the git repository
+                                            in the subdirectory with the given name.
+                                          type: string
+                                        repository:
+                                          description: repository is the URL
+                                          type: string
+                                        revision:
+                                          description: revision is the commit hash for
+                                            the specified revision.
+                                          type: string
+                                      required:
+                                      - repository
+                                      type: object
+                                    glusterfs:
+                                      description: 'glusterfs represents a Glusterfs
+                                        mount on the host that shares a pod''s lifetime.
+                                        More info: https://examples.k8s.io/volumes/glusterfs/README.md'
+                                      properties:
+                                        endpoints:
+                                          description: 'endpoints is the endpoint name
+                                            that details Glusterfs topology. More info:
+                                            https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+                                          type: string
+                                        path:
+                                          description: 'path is the Glusterfs volume
+                                            path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+                                          type: string
+                                        readOnly:
+                                          description: 'readOnly here will force the
+                                            Glusterfs volume to be mounted with read-only
+                                            permissions. Defaults to false. More info:
+                                            https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+                                          type: boolean
+                                      required:
+                                      - endpoints
+                                      - path
+                                      type: object
+                                    hostPath:
+                                      description: 'hostPath represents a pre-existing
+                                        file or directory on the host machine that is
+                                        directly exposed to the container. This is generally
+                                        used for system agents or other privileged things
+                                        that are allowed to see the host machine. Most
+                                        containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+                                        --- TODO(jonesdl) We need to restrict who can
+                                        use host directory mounts and who can/can not
+                                        mount host directories as read/write.'
+                                      properties:
+                                        path:
+                                          description: 'path of the directory on the
+                                            host. If the path is a symlink, it will
+                                            follow the link to the real path. More info:
+                                            https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
+                                          type: string
+                                        type:
+                                          description: 'type for HostPath Volume Defaults
+                                            to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
+                                          type: string
+                                      required:
+                                      - path
+                                      type: object
+                                    iscsi:
+                                      description: 'iscsi represents an ISCSI Disk resource
+                                        that is attached to a kubelet''s host machine
+                                        and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
+                                      properties:
+                                        chapAuthDiscovery:
+                                          description: chapAuthDiscovery defines whether
+                                            support iSCSI Discovery CHAP authentication
+                                          type: boolean
+                                        chapAuthSession:
+                                          description: chapAuthSession defines whether
+                                            support iSCSI Session CHAP authentication
+                                          type: boolean
+                                        fsType:
+                                          description: 'fsType is the filesystem type
+                                            of the volume that you want to mount. Tip:
+                                            Ensure that the filesystem type is supported
+                                            by the host operating system. Examples:
+                                            "ext4", "xfs", "ntfs". Implicitly inferred
+                                            to be "ext4" if unspecified. More info:
+                                            https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+                                            TODO: how do we prevent errors in the filesystem
+                                            from compromising the machine'
+                                          type: string
+                                        initiatorName:
+                                          description: initiatorName is the custom iSCSI
+                                            Initiator Name. If initiatorName is specified
+                                            with iscsiInterface simultaneously, new
+                                            iSCSI interface <target portal>:<volume
+                                            name> will be created for the connection.
+                                          type: string
+                                        iqn:
+                                          description: iqn is the target iSCSI Qualified
+                                            Name.
+                                          type: string
+                                        iscsiInterface:
+                                          description: iscsiInterface is the interface
+                                            Name that uses an iSCSI transport. Defaults
+                                            to 'default' (tcp).
+                                          type: string
+                                        lun:
+                                          description: lun represents iSCSI Target Lun
+                                            number.
+                                          format: int32
+                                          type: integer
+                                        portals:
+                                          description: portals is the iSCSI Target Portal
+                                            List. The portal is either an IP or ip_addr:port
+                                            if the port is other than default (typically
+                                            TCP ports 860 and 3260).
+                                          items:
+                                            type: string
+                                          type: array
+                                        readOnly:
+                                          description: readOnly here will force the
+                                            ReadOnly setting in VolumeMounts. Defaults
+                                            to false.
+                                          type: boolean
+                                        secretRef:
+                                          description: secretRef is the CHAP Secret
+                                            for iSCSI target and initiator authentication
+                                          properties:
+                                            name:
+                                              description: 'Name of the referent. More
+                                                info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                TODO: Add other useful fields. apiVersion,
+                                                kind, uid?'
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        targetPortal:
+                                          description: targetPortal is iSCSI Target
+                                            Portal. The Portal is either an IP or ip_addr:port
+                                            if the port is other than default (typically
+                                            TCP ports 860 and 3260).
+                                          type: string
+                                      required:
+                                      - iqn
+                                      - lun
+                                      - targetPortal
+                                      type: object
+                                    name:
+                                      description: 'name of the volume. Must be a DNS_LABEL
+                                        and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+                                      type: string
+                                    nfs:
+                                      description: 'nfs represents an NFS mount on the
+                                        host that shares a pod''s lifetime More info:
+                                        https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                                      properties:
+                                        path:
+                                          description: 'path that is exported by the
+                                            NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                                          type: string
+                                        readOnly:
+                                          description: 'readOnly here will force the
+                                            NFS export to be mounted with read-only
+                                            permissions. Defaults to false. More info:
+                                            https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                                          type: boolean
+                                        server:
+                                          description: 'server is the hostname or IP
+                                            address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                                          type: string
+                                      required:
+                                      - path
+                                      - server
+                                      type: object
+                                    persistentVolumeClaim:
+                                      description: 'persistentVolumeClaimVolumeSource
+                                        represents a reference to a PersistentVolumeClaim
+                                        in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+                                      properties:
+                                        claimName:
+                                          description: 'claimName is the name of a PersistentVolumeClaim
+                                            in the same namespace as the pod using this
+                                            volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+                                          type: string
+                                        readOnly:
+                                          description: readOnly Will force the ReadOnly
+                                            setting in VolumeMounts. Default false.
+                                          type: boolean
+                                      required:
+                                      - claimName
+                                      type: object
+                                    photonPersistentDisk:
+                                      description: photonPersistentDisk represents a
+                                        PhotonController persistent disk attached and
+                                        mounted on kubelets host machine
+                                      properties:
+                                        fsType:
+                                          description: fsType is the filesystem type
+                                            to mount. Must be a filesystem type supported
+                                            by the host operating system. Ex. "ext4",
+                                            "xfs", "ntfs". Implicitly inferred to be
+                                            "ext4" if unspecified.
+                                          type: string
+                                        pdID:
+                                          description: pdID is the ID that identifies
+                                            Photon Controller persistent disk
+                                          type: string
+                                      required:
+                                      - pdID
+                                      type: object
+                                    portworxVolume:
+                                      description: portworxVolume represents a portworx
+                                        volume attached and mounted on kubelets host
+                                        machine
+                                      properties:
+                                        fsType:
+                                          description: fSType represents the filesystem
+                                            type to mount Must be a filesystem type
+                                            supported by the host operating system.
+                                            Ex. "ext4", "xfs". Implicitly inferred to
+                                            be "ext4" if unspecified.
+                                          type: string
+                                        readOnly:
+                                          description: readOnly defaults to false (read/write).
+                                            ReadOnly here will force the ReadOnly setting
+                                            in VolumeMounts.
+                                          type: boolean
+                                        volumeID:
+                                          description: volumeID uniquely identifies
+                                            a Portworx volume
+                                          type: string
+                                      required:
+                                      - volumeID
+                                      type: object
+                                    projected:
+                                      description: projected items for all in one resources
+                                        secrets, configmaps, and downward API
+                                      properties:
+                                        defaultMode:
+                                          description: defaultMode are the mode bits
+                                            used to set permissions on created files
+                                            by default. Must be an octal value between
+                                            0000 and 0777 or a decimal value between
+                                            0 and 511. YAML accepts both octal and decimal
+                                            values, JSON requires decimal values for
+                                            mode bits. Directories within the path are
+                                            not affected by this setting. This might
+                                            be in conflict with other options that affect
+                                            the file mode, like fsGroup, and the result
+                                            can be other mode bits set.
+                                          format: int32
+                                          type: integer
+                                        sources:
+                                          description: sources is the list of volume
+                                            projections
+                                          items:
+                                            description: Projection that may be projected
+                                              along with other supported volume types
+                                            properties:
+                                              configMap:
+                                                description: configMap information about
+                                                  the configMap data to project
+                                                properties:
+                                                  items:
+                                                    description: items if unspecified,
+                                                      each key-value pair in the Data
+                                                      field of the referenced ConfigMap
+                                                      will be projected into the volume
+                                                      as a file whose name is the key
+                                                      and content is the value. If specified,
+                                                      the listed keys will be projected
+                                                      into the specified paths, and
+                                                      unlisted keys will not be present.
+                                                      If a key is specified which is
+                                                      not present in the ConfigMap,
+                                                      the volume setup will error unless
+                                                      it is marked optional. Paths must
+                                                      be relative and may not contain
+                                                      the '..' path or start with '..'.
+                                                    items:
+                                                      description: Maps a string key
+                                                        to a path within a volume.
+                                                      properties:
+                                                        key:
+                                                          description: key is the key
+                                                            to project.
+                                                          type: string
+                                                        mode:
+                                                          description: 'mode is Optional:
+                                                            mode bits used to set permissions
+                                                            on this file. Must be an
+                                                            octal value between 0000
+                                                            and 0777 or a decimal value
+                                                            between 0 and 511. YAML
+                                                            accepts both octal and decimal
+                                                            values, JSON requires decimal
+                                                            values for mode bits. If
+                                                            not specified, the volume
+                                                            defaultMode will be used.
+                                                            This might be in conflict
+                                                            with other options that
+                                                            affect the file mode, like
+                                                            fsGroup, and the result
+                                                            can be other mode bits set.'
+                                                          format: int32
+                                                          type: integer
+                                                        path:
+                                                          description: path is the relative
+                                                            path of the file to map
+                                                            the key to. May not be an
+                                                            absolute path. May not contain
+                                                            the path element '..'. May
+                                                            not start with the string
+                                                            '..'.
+                                                          type: string
+                                                      required:
+                                                      - key
+                                                      - path
+                                                      type: object
+                                                    type: array
+                                                  name:
+                                                    description: 'Name of the referent.
+                                                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                      TODO: Add other useful fields.
+                                                      apiVersion, kind, uid?'
+                                                    type: string
+                                                  optional:
+                                                    description: optional specify whether
+                                                      the ConfigMap or its keys must
+                                                      be defined
+                                                    type: boolean
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              downwardAPI:
+                                                description: downwardAPI information
+                                                  about the downwardAPI data to project
+                                                properties:
+                                                  items:
+                                                    description: Items is a list of
+                                                      DownwardAPIVolume file
+                                                    items:
+                                                      description: DownwardAPIVolumeFile
+                                                        represents information to create
+                                                        the file containing the pod
+                                                        field
+                                                      properties:
+                                                        fieldRef:
+                                                          description: 'Required: Selects
+                                                            a field of the pod: only
+                                                            annotations, labels, name
+                                                            and namespace are supported.'
+                                                          properties:
+                                                            apiVersion:
+                                                              description: Version of
+                                                                the schema the FieldPath
+                                                                is written in terms
+                                                                of, defaults to "v1".
+                                                              type: string
+                                                            fieldPath:
+                                                              description: Path of the
+                                                                field to select in the
+                                                                specified API version.
+                                                              type: string
+                                                          required:
+                                                          - fieldPath
+                                                          type: object
+                                                          x-kubernetes-map-type: atomic
+                                                        mode:
+                                                          description: 'Optional: mode
+                                                            bits used to set permissions
+                                                            on this file, must be an
+                                                            octal value between 0000
+                                                            and 0777 or a decimal value
+                                                            between 0 and 511. YAML
+                                                            accepts both octal and decimal
+                                                            values, JSON requires decimal
+                                                            values for mode bits. If
+                                                            not specified, the volume
+                                                            defaultMode will be used.
+                                                            This might be in conflict
+                                                            with other options that
+                                                            affect the file mode, like
+                                                            fsGroup, and the result
+                                                            can be other mode bits set.'
+                                                          format: int32
+                                                          type: integer
+                                                        path:
+                                                          description: 'Required: Path
+                                                            is  the relative path name
+                                                            of the file to be created.
+                                                            Must not be absolute or
+                                                            contain the ''..'' path.
+                                                            Must be utf-8 encoded. The
+                                                            first item of the relative
+                                                            path must not start with
+                                                            ''..'''
+                                                          type: string
+                                                        resourceFieldRef:
+                                                          description: 'Selects a resource
+                                                            of the container: only resources
+                                                            limits and requests (limits.cpu,
+                                                            limits.memory, requests.cpu
+                                                            and requests.memory) are
+                                                            currently supported.'
+                                                          properties:
+                                                            containerName:
+                                                              description: 'Container
+                                                                name: required for volumes,
+                                                                optional for env vars'
+                                                              type: string
+                                                            divisor:
+                                                              anyOf:
+                                                              - type: integer
+                                                              - type: string
+                                                              description: Specifies
+                                                                the output format of
+                                                                the exposed resources,
+                                                                defaults to "1"
+                                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                              x-kubernetes-int-or-string: true
+                                                            resource:
+                                                              description: 'Required:
+                                                                resource to select'
+                                                              type: string
+                                                          required:
+                                                          - resource
+                                                          type: object
+                                                          x-kubernetes-map-type: atomic
+                                                      required:
+                                                      - path
+                                                      type: object
+                                                    type: array
+                                                type: object
+                                              secret:
+                                                description: secret information about
+                                                  the secret data to project
+                                                properties:
+                                                  items:
+                                                    description: items if unspecified,
+                                                      each key-value pair in the Data
+                                                      field of the referenced Secret
+                                                      will be projected into the volume
+                                                      as a file whose name is the key
+                                                      and content is the value. If specified,
+                                                      the listed keys will be projected
+                                                      into the specified paths, and
+                                                      unlisted keys will not be present.
+                                                      If a key is specified which is
+                                                      not present in the Secret, the
+                                                      volume setup will error unless
+                                                      it is marked optional. Paths must
+                                                      be relative and may not contain
+                                                      the '..' path or start with '..'.
+                                                    items:
+                                                      description: Maps a string key
+                                                        to a path within a volume.
+                                                      properties:
+                                                        key:
+                                                          description: key is the key
+                                                            to project.
+                                                          type: string
+                                                        mode:
+                                                          description: 'mode is Optional:
+                                                            mode bits used to set permissions
+                                                            on this file. Must be an
+                                                            octal value between 0000
+                                                            and 0777 or a decimal value
+                                                            between 0 and 511. YAML
+                                                            accepts both octal and decimal
+                                                            values, JSON requires decimal
+                                                            values for mode bits. If
+                                                            not specified, the volume
+                                                            defaultMode will be used.
+                                                            This might be in conflict
+                                                            with other options that
+                                                            affect the file mode, like
+                                                            fsGroup, and the result
+                                                            can be other mode bits set.'
+                                                          format: int32
+                                                          type: integer
+                                                        path:
+                                                          description: path is the relative
+                                                            path of the file to map
+                                                            the key to. May not be an
+                                                            absolute path. May not contain
+                                                            the path element '..'. May
+                                                            not start with the string
+                                                            '..'.
+                                                          type: string
+                                                      required:
+                                                      - key
+                                                      - path
+                                                      type: object
+                                                    type: array
+                                                  name:
+                                                    description: 'Name of the referent.
+                                                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                      TODO: Add other useful fields.
+                                                      apiVersion, kind, uid?'
+                                                    type: string
+                                                  optional:
+                                                    description: optional field specify
+                                                      whether the Secret or its key
+                                                      must be defined
+                                                    type: boolean
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              serviceAccountToken:
+                                                description: serviceAccountToken is
+                                                  information about the serviceAccountToken
+                                                  data to project
+                                                properties:
+                                                  audience:
+                                                    description: audience is the intended
+                                                      audience of the token. A recipient
+                                                      of a token must identify itself
+                                                      with an identifier specified in
+                                                      the audience of the token, and
+                                                      otherwise should reject the token.
+                                                      The audience defaults to the identifier
+                                                      of the apiserver.
+                                                    type: string
+                                                  expirationSeconds:
+                                                    description: expirationSeconds is
+                                                      the requested duration of validity
+                                                      of the service account token.
+                                                      As the token approaches expiration,
+                                                      the kubelet volume plugin will
+                                                      proactively rotate the service
+                                                      account token. The kubelet will
+                                                      start trying to rotate the token
+                                                      if the token is older than 80
+                                                      percent of its time to live or
+                                                      if the token is older than 24
+                                                      hours.Defaults to 1 hour and must
+                                                      be at least 10 minutes.
+                                                    format: int64
+                                                    type: integer
+                                                  path:
+                                                    description: path is the path relative
+                                                      to the mount point of the file
+                                                      to project the token into.
+                                                    type: string
+                                                required:
+                                                - path
+                                                type: object
+                                            type: object
+                                          type: array
+                                      type: object
+                                    quobyte:
+                                      description: quobyte represents a Quobyte mount
+                                        on the host that shares a pod's lifetime
+                                      properties:
+                                        group:
+                                          description: group to map volume access to
+                                            Default is no group
+                                          type: string
+                                        readOnly:
+                                          description: readOnly here will force the
+                                            Quobyte volume to be mounted with read-only
+                                            permissions. Defaults to false.
+                                          type: boolean
+                                        registry:
+                                          description: registry represents a single
+                                            or multiple Quobyte Registry services specified
+                                            as a string as host:port pair (multiple
+                                            entries are separated with commas) which
+                                            acts as the central registry for volumes
+                                          type: string
+                                        tenant:
+                                          description: tenant owning the given Quobyte
+                                            volume in the Backend Used with dynamically
+                                            provisioned Quobyte volumes, value is set
+                                            by the plugin
+                                          type: string
+                                        user:
+                                          description: user to map volume access to
+                                            Defaults to serivceaccount user
+                                          type: string
+                                        volume:
+                                          description: volume is a string that references
+                                            an already created Quobyte volume by name.
+                                          type: string
+                                      required:
+                                      - registry
+                                      - volume
+                                      type: object
+                                    rbd:
+                                      description: 'rbd represents a Rados Block Device
+                                        mount on the host that shares a pod''s lifetime.
+                                        More info: https://examples.k8s.io/volumes/rbd/README.md'
+                                      properties:
+                                        fsType:
+                                          description: 'fsType is the filesystem type
+                                            of the volume that you want to mount. Tip:
+                                            Ensure that the filesystem type is supported
+                                            by the host operating system. Examples:
+                                            "ext4", "xfs", "ntfs". Implicitly inferred
+                                            to be "ext4" if unspecified. More info:
+                                            https://kubernetes.io/docs/concepts/storage/volumes#rbd
+                                            TODO: how do we prevent errors in the filesystem
+                                            from compromising the machine'
+                                          type: string
+                                        image:
+                                          description: 'image is the rados image name.
+                                            More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                                          type: string
+                                        keyring:
+                                          description: 'keyring is the path to key ring
+                                            for RBDUser. Default is /etc/ceph/keyring.
+                                            More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                                          type: string
+                                        monitors:
+                                          description: 'monitors is a collection of
+                                            Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                                          items:
+                                            type: string
+                                          type: array
+                                        pool:
+                                          description: 'pool is the rados pool name.
+                                            Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                                          type: string
+                                        readOnly:
+                                          description: 'readOnly here will force the
+                                            ReadOnly setting in VolumeMounts. Defaults
+                                            to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                                          type: boolean
+                                        secretRef:
+                                          description: 'secretRef is name of the authentication
+                                            secret for RBDUser. If provided overrides
+                                            keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                                          properties:
+                                            name:
+                                              description: 'Name of the referent. More
+                                                info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                TODO: Add other useful fields. apiVersion,
+                                                kind, uid?'
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        user:
+                                          description: 'user is the rados user name.
+                                            Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                                          type: string
+                                      required:
+                                      - image
+                                      - monitors
+                                      type: object
+                                    scaleIO:
+                                      description: scaleIO represents a ScaleIO persistent
+                                        volume attached and mounted on Kubernetes nodes.
+                                      properties:
+                                        fsType:
+                                          description: fsType is the filesystem type
+                                            to mount. Must be a filesystem type supported
+                                            by the host operating system. Ex. "ext4",
+                                            "xfs", "ntfs". Default is "xfs".
+                                          type: string
+                                        gateway:
+                                          description: gateway is the host address of
+                                            the ScaleIO API Gateway.
+                                          type: string
+                                        protectionDomain:
+                                          description: protectionDomain is the name
+                                            of the ScaleIO Protection Domain for the
+                                            configured storage.
+                                          type: string
+                                        readOnly:
+                                          description: readOnly Defaults to false (read/write).
+                                            ReadOnly here will force the ReadOnly setting
+                                            in VolumeMounts.
+                                          type: boolean
+                                        secretRef:
+                                          description: secretRef references to the secret
+                                            for ScaleIO user and other sensitive information.
+                                            If this is not provided, Login operation
+                                            will fail.
+                                          properties:
+                                            name:
+                                              description: 'Name of the referent. More
+                                                info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                TODO: Add other useful fields. apiVersion,
+                                                kind, uid?'
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        sslEnabled:
+                                          description: sslEnabled Flag enable/disable
+                                            SSL communication with Gateway, default
+                                            false
+                                          type: boolean
+                                        storageMode:
+                                          description: storageMode indicates whether
+                                            the storage for a volume should be ThickProvisioned
+                                            or ThinProvisioned. Default is ThinProvisioned.
+                                          type: string
+                                        storagePool:
+                                          description: storagePool is the ScaleIO Storage
+                                            Pool associated with the protection domain.
+                                          type: string
+                                        system:
+                                          description: system is the name of the storage
+                                            system as configured in ScaleIO.
+                                          type: string
+                                        volumeName:
+                                          description: volumeName is the name of a volume
+                                            already created in the ScaleIO system that
+                                            is associated with this volume source.
+                                          type: string
+                                      required:
+                                      - gateway
+                                      - secretRef
+                                      - system
+                                      type: object
+                                    secret:
+                                      description: 'secret represents a secret that
+                                        should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+                                      properties:
+                                        defaultMode:
+                                          description: 'defaultMode is Optional: mode
+                                            bits used to set permissions on created
+                                            files by default. Must be an octal value
+                                            between 0000 and 0777 or a decimal value
+                                            between 0 and 511. YAML accepts both octal
+                                            and decimal values, JSON requires decimal
+                                            values for mode bits. Defaults to 0644.
+                                            Directories within the path are not affected
+                                            by this setting. This might be in conflict
+                                            with other options that affect the file
+                                            mode, like fsGroup, and the result can be
+                                            other mode bits set.'
+                                          format: int32
+                                          type: integer
+                                        items:
+                                          description: items If unspecified, each key-value
+                                            pair in the Data field of the referenced
+                                            Secret will be projected into the volume
+                                            as a file whose name is the key and content
+                                            is the value. If specified, the listed keys
+                                            will be projected into the specified paths,
+                                            and unlisted keys will not be present. If
+                                            a key is specified which is not present
+                                            in the Secret, the volume setup will error
+                                            unless it is marked optional. Paths must
+                                            be relative and may not contain the '..'
+                                            path or start with '..'.
+                                          items:
+                                            description: Maps a string key to a path
+                                              within a volume.
+                                            properties:
+                                              key:
+                                                description: key is the key to project.
+                                                type: string
+                                              mode:
+                                                description: 'mode is Optional: mode
+                                                  bits used to set permissions on this
+                                                  file. Must be an octal value between
+                                                  0000 and 0777 or a decimal value between
+                                                  0 and 511. YAML accepts both octal
+                                                  and decimal values, JSON requires
+                                                  decimal values for mode bits. If not
+                                                  specified, the volume defaultMode
+                                                  will be used. This might be in conflict
+                                                  with other options that affect the
+                                                  file mode, like fsGroup, and the result
+                                                  can be other mode bits set.'
+                                                format: int32
+                                                type: integer
+                                              path:
+                                                description: path is the relative path
+                                                  of the file to map the key to. May
+                                                  not be an absolute path. May not contain
+                                                  the path element '..'. May not start
+                                                  with the string '..'.
+                                                type: string
+                                            required:
+                                            - key
+                                            - path
+                                            type: object
+                                          type: array
+                                        optional:
+                                          description: optional field specify whether
+                                            the Secret or its keys must be defined
+                                          type: boolean
+                                        secretName:
+                                          description: 'secretName is the name of the
+                                            secret in the pod''s namespace to use. More
+                                            info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+                                          type: string
+                                      type: object
+                                    storageos:
+                                      description: storageOS represents a StorageOS
+                                        volume attached and mounted on Kubernetes nodes.
+                                      properties:
+                                        fsType:
+                                          description: fsType is the filesystem type
+                                            to mount. Must be a filesystem type supported
+                                            by the host operating system. Ex. "ext4",
+                                            "xfs", "ntfs". Implicitly inferred to be
+                                            "ext4" if unspecified.
+                                          type: string
+                                        readOnly:
+                                          description: readOnly defaults to false (read/write).
+                                            ReadOnly here will force the ReadOnly setting
+                                            in VolumeMounts.
+                                          type: boolean
+                                        secretRef:
+                                          description: secretRef specifies the secret
+                                            to use for obtaining the StorageOS API credentials.  If
+                                            not specified, default values will be attempted.
+                                          properties:
+                                            name:
+                                              description: 'Name of the referent. More
+                                                info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                TODO: Add other useful fields. apiVersion,
+                                                kind, uid?'
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        volumeName:
+                                          description: volumeName is the human-readable
+                                            name of the StorageOS volume.  Volume names
+                                            are only unique within a namespace.
+                                          type: string
+                                        volumeNamespace:
+                                          description: volumeNamespace specifies the
+                                            scope of the volume within StorageOS.  If
+                                            no namespace is specified then the Pod's
+                                            namespace will be used.  This allows the
+                                            Kubernetes name scoping to be mirrored within
+                                            StorageOS for tighter integration. Set VolumeName
+                                            to any name to override the default behaviour.
+                                            Set to "default" if you are not using namespaces
+                                            within StorageOS. Namespaces that do not
+                                            pre-exist within StorageOS will be created.
+                                          type: string
+                                      type: object
+                                    vsphereVolume:
+                                      description: vsphereVolume represents a vSphere
+                                        volume attached and mounted on kubelets host
+                                        machine
+                                      properties:
+                                        fsType:
+                                          description: fsType is filesystem type to
+                                            mount. Must be a filesystem type supported
+                                            by the host operating system. Ex. "ext4",
+                                            "xfs", "ntfs". Implicitly inferred to be
+                                            "ext4" if unspecified.
+                                          type: string
+                                        storagePolicyID:
+                                          description: storagePolicyID is the storage
+                                            Policy Based Management (SPBM) profile ID
+                                            associated with the StoragePolicyName.
+                                          type: string
+                                        storagePolicyName:
+                                          description: storagePolicyName is the storage
+                                            Policy Based Management (SPBM) profile name.
+                                          type: string
+                                        volumePath:
+                                          description: volumePath is the path that identifies
+                                            vSphere volume vmdk
+                                          type: string
+                                      required:
+                                      - volumePath
+                                      type: object
+                                  required:
+                                  - name
+                                  type: object
+                                type: array
+                            type: object
+                          dependencies:
+                            properties:
+                              group:
+                                default: ""
+                                type: string
+                              job:
+                                default: ""
+                                type: string
+                            type: object
+                          image:
+                            minLength: 5
+                            type: string
+                          name:
+                            maxLength: 40
+                            pattern: '[a-z0-9-]+'
+                            type: string
+                          parallel:
+                            default: false
+                            type: boolean
+                          params:
+                            properties:
+                              env:
+                                items:
+                                  description: EnvVar represents an environment variable
+                                    present in a Container.
+                                  properties:
+                                    name:
+                                      description: Name of the environment variable.
+                                        Must be a C_IDENTIFIER.
+                                      type: string
+                                    value:
+                                      description: 'Variable references $(VAR_NAME)
+                                        are expanded using the previously defined environment
+                                        variables in the container and any service environment
+                                        variables. If a variable cannot be resolved,
+                                        the reference in the input string will be unchanged.
+                                        Double $$ are reduced to a single $, which allows
+                                        for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)"
+                                        will produce the string literal "$(VAR_NAME)".
+                                        Escaped references will never be expanded, regardless
+                                        of whether the variable exists or not. Defaults
+                                        to "".'
+                                      type: string
+                                    valueFrom:
+                                      description: Source for the environment variable's
+                                        value. Cannot be used if value is not empty.
+                                      properties:
+                                        configMapKeyRef:
+                                          description: Selects a key of a ConfigMap.
+                                          properties:
+                                            key:
+                                              description: The key to select.
+                                              type: string
+                                            name:
+                                              description: 'Name of the referent. More
+                                                info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                TODO: Add other useful fields. apiVersion,
+                                                kind, uid?'
+                                              type: string
+                                            optional:
+                                              description: Specify whether the ConfigMap
+                                                or its key must be defined
+                                              type: boolean
+                                          required:
+                                          - key
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        fieldRef:
+                                          description: 'Selects a field of the pod:
+                                            supports metadata.name, metadata.namespace,
+                                            `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`,
+                                            spec.nodeName, spec.serviceAccountName,
+                                            status.hostIP, status.podIP, status.podIPs.'
+                                          properties:
+                                            apiVersion:
+                                              description: Version of the schema the
+                                                FieldPath is written in terms of, defaults
+                                                to "v1".
+                                              type: string
+                                            fieldPath:
+                                              description: Path of the field to select
+                                                in the specified API version.
+                                              type: string
+                                          required:
+                                          - fieldPath
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        resourceFieldRef:
+                                          description: 'Selects a resource of the container:
+                                            only resources limits and requests (limits.cpu,
+                                            limits.memory, limits.ephemeral-storage,
+                                            requests.cpu, requests.memory and requests.ephemeral-storage)
+                                            are currently supported.'
+                                          properties:
+                                            containerName:
+                                              description: 'Container name: required
+                                                for volumes, optional for env vars'
+                                              type: string
+                                            divisor:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              description: Specifies the output format
+                                                of the exposed resources, defaults to
+                                                "1"
+                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                              x-kubernetes-int-or-string: true
+                                            resource:
+                                              description: 'Required: resource to select'
+                                              type: string
+                                          required:
+                                          - resource
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        secretKeyRef:
+                                          description: Selects a key of a secret in
+                                            the pod's namespace
+                                          properties:
+                                            key:
+                                              description: The key of the secret to
+                                                select from.  Must be a valid secret
+                                                key.
+                                              type: string
+                                            name:
+                                              description: 'Name of the referent. More
+                                                info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                TODO: Add other useful fields. apiVersion,
+                                                kind, uid?'
+                                              type: string
+                                            optional:
+                                              description: Specify whether the Secret
+                                                or its key must be defined
+                                              type: boolean
+                                          required:
+                                          - key
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                      type: object
+                                  required:
+                                  - name
+                                  type: object
+                                type: array
+                              fromEnv:
+                                items:
+                                  description: EnvFromSource represents the source of
+                                    a set of ConfigMaps
+                                  properties:
+                                    configMapRef:
+                                      description: The ConfigMap to select from
+                                      properties:
+                                        name:
+                                          description: 'Name of the referent. More info:
+                                            https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                            TODO: Add other useful fields. apiVersion,
+                                            kind, uid?'
+                                          type: string
+                                        optional:
+                                          description: Specify whether the ConfigMap
+                                            must be defined
+                                          type: boolean
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    prefix:
+                                      description: An optional identifier to prepend
+                                        to each key in the ConfigMap. Must be a C_IDENTIFIER.
+                                      type: string
+                                    secretRef:
+                                      description: The Secret to select from
+                                      properties:
+                                        name:
+                                          description: 'Name of the referent. More info:
+                                            https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                            TODO: Add other useful fields. apiVersion,
+                                            kind, uid?'
+                                          type: string
+                                        optional:
+                                          description: Specify whether the Secret must
+                                            be defined
+                                          type: boolean
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                                type: array
+                              imagePullPolicy:
+                                type: string
+                              imagePullSecrets:
+                                items:
+                                  description: LocalObjectReference contains enough
+                                    information to let you locate the referenced object
+                                    inside the same namespace.
+                                  properties:
+                                    name:
+                                      description: 'Name of the referent. More info:
+                                        https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                        TODO: Add other useful fields. apiVersion, kind,
+                                        uid?'
+                                      type: string
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                type: array
+                              labels:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                              restartPolicy:
+                                default: OnFailure
+                                type: string
+                              serviceAccount:
+                                type: string
+                              volumeMount:
+                                items:
+                                  description: VolumeMount describes a mounting of a
+                                    Volume within a container.
+                                  properties:
+                                    mountPath:
+                                      description: Path within the container at which
+                                        the volume should be mounted.  Must not contain
+                                        ':'.
+                                      type: string
+                                    mountPropagation:
+                                      description: mountPropagation determines how mounts
+                                        are propagated from the host to container and
+                                        the other way around. When not set, MountPropagationNone
+                                        is used. This field is beta in 1.10.
+                                      type: string
+                                    name:
+                                      description: This must match the Name of a Volume.
+                                      type: string
+                                    readOnly:
+                                      description: Mounted read-only if true, read-write
+                                        otherwise (false or unspecified). Defaults to
+                                        false.
+                                      type: boolean
+                                    subPath:
+                                      description: Path within the volume from which
+                                        the container's volume should be mounted. Defaults
+                                        to "" (volume's root).
+                                      type: string
+                                    subPathExpr:
+                                      description: Expanded path within the volume from
+                                        which the container's volume should be mounted.
+                                        Behaves similarly to SubPath but environment
+                                        variable references $(VAR_NAME) are expanded
+                                        using the container's environment. Defaults
+                                        to "" (volume's root). SubPathExpr and SubPath
+                                        are mutually exclusive.
+                                      type: string
+                                  required:
+                                  - mountPath
+                                  - name
+                                  type: object
+                                type: array
+                              volumes:
+                                items:
+                                  description: Volume represents a named volume in a
+                                    pod that may be accessed by any container in the
+                                    pod.
+                                  properties:
+                                    awsElasticBlockStore:
+                                      description: 'awsElasticBlockStore represents
+                                        an AWS Disk resource that is attached to a kubelet''s
+                                        host machine and then exposed to the pod. More
+                                        info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+                                      properties:
+                                        fsType:
+                                          description: 'fsType is the filesystem type
+                                            of the volume that you want to mount. Tip:
+                                            Ensure that the filesystem type is supported
+                                            by the host operating system. Examples:
+                                            "ext4", "xfs", "ntfs". Implicitly inferred
+                                            to be "ext4" if unspecified. More info:
+                                            https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+                                            TODO: how do we prevent errors in the filesystem
+                                            from compromising the machine'
+                                          type: string
+                                        partition:
+                                          description: 'partition is the partition in
+                                            the volume that you want to mount. If omitted,
+                                            the default is to mount by volume name.
+                                            Examples: For volume /dev/sda1, you specify
+                                            the partition as "1". Similarly, the volume
+                                            partition for /dev/sda is "0" (or you can
+                                            leave the property empty).'
+                                          format: int32
+                                          type: integer
+                                        readOnly:
+                                          description: 'readOnly value true will force
+                                            the readOnly setting in VolumeMounts. More
+                                            info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+                                          type: boolean
+                                        volumeID:
+                                          description: 'volumeID is unique ID of the
+                                            persistent disk resource in AWS (Amazon
+                                            EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+                                          type: string
+                                      required:
+                                      - volumeID
+                                      type: object
+                                    azureDisk:
+                                      description: azureDisk represents an Azure Data
+                                        Disk mount on the host and bind mount to the
+                                        pod.
+                                      properties:
+                                        cachingMode:
+                                          description: 'cachingMode is the Host Caching
+                                            mode: None, Read Only, Read Write.'
+                                          type: string
+                                        diskName:
+                                          description: diskName is the Name of the data
+                                            disk in the blob storage
+                                          type: string
+                                        diskURI:
+                                          description: diskURI is the URI of data disk
+                                            in the blob storage
+                                          type: string
+                                        fsType:
+                                          description: fsType is Filesystem type to
+                                            mount. Must be a filesystem type supported
+                                            by the host operating system. Ex. "ext4",
+                                            "xfs", "ntfs". Implicitly inferred to be
+                                            "ext4" if unspecified.
+                                          type: string
+                                        kind:
+                                          description: 'kind expected values are Shared:
+                                            multiple blob disks per storage account  Dedicated:
+                                            single blob disk per storage account  Managed:
+                                            azure managed data disk (only in managed
+                                            availability set). defaults to shared'
+                                          type: string
+                                        readOnly:
+                                          description: readOnly Defaults to false (read/write).
+                                            ReadOnly here will force the ReadOnly setting
+                                            in VolumeMounts.
+                                          type: boolean
+                                      required:
+                                      - diskName
+                                      - diskURI
+                                      type: object
+                                    azureFile:
+                                      description: azureFile represents an Azure File
+                                        Service mount on the host and bind mount to
+                                        the pod.
+                                      properties:
+                                        readOnly:
+                                          description: readOnly defaults to false (read/write).
+                                            ReadOnly here will force the ReadOnly setting
+                                            in VolumeMounts.
+                                          type: boolean
+                                        secretName:
+                                          description: secretName is the  name of secret
+                                            that contains Azure Storage Account Name
+                                            and Key
+                                          type: string
+                                        shareName:
+                                          description: shareName is the azure share
+                                            Name
+                                          type: string
+                                      required:
+                                      - secretName
+                                      - shareName
+                                      type: object
+                                    cephfs:
+                                      description: cephFS represents a Ceph FS mount
+                                        on the host that shares a pod's lifetime
+                                      properties:
+                                        monitors:
+                                          description: 'monitors is Required: Monitors
+                                            is a collection of Ceph monitors More info:
+                                            https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                                          items:
+                                            type: string
+                                          type: array
+                                        path:
+                                          description: 'path is Optional: Used as the
+                                            mounted root, rather than the full Ceph
+                                            tree, default is /'
+                                          type: string
+                                        readOnly:
+                                          description: 'readOnly is Optional: Defaults
+                                            to false (read/write). ReadOnly here will
+                                            force the ReadOnly setting in VolumeMounts.
+                                            More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                                          type: boolean
+                                        secretFile:
+                                          description: 'secretFile is Optional: SecretFile
+                                            is the path to key ring for User, default
+                                            is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                                          type: string
+                                        secretRef:
+                                          description: 'secretRef is Optional: SecretRef
+                                            is reference to the authentication secret
+                                            for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                                          properties:
+                                            name:
+                                              description: 'Name of the referent. More
+                                                info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                TODO: Add other useful fields. apiVersion,
+                                                kind, uid?'
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        user:
+                                          description: 'user is optional: User is the
+                                            rados user name, default is admin More info:
+                                            https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                                          type: string
+                                      required:
+                                      - monitors
+                                      type: object
+                                    cinder:
+                                      description: 'cinder represents a cinder volume
+                                        attached and mounted on kubelets host machine.
+                                        More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                                      properties:
+                                        fsType:
+                                          description: 'fsType is the filesystem type
+                                            to mount. Must be a filesystem type supported
+                                            by the host operating system. Examples:
+                                            "ext4", "xfs", "ntfs". Implicitly inferred
+                                            to be "ext4" if unspecified. More info:
+                                            https://examples.k8s.io/mysql-cinder-pd/README.md'
+                                          type: string
+                                        readOnly:
+                                          description: 'readOnly defaults to false (read/write).
+                                            ReadOnly here will force the ReadOnly setting
+                                            in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                                          type: boolean
+                                        secretRef:
+                                          description: 'secretRef is optional: points
+                                            to a secret object containing parameters
+                                            used to connect to OpenStack.'
+                                          properties:
+                                            name:
+                                              description: 'Name of the referent. More
+                                                info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                TODO: Add other useful fields. apiVersion,
+                                                kind, uid?'
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        volumeID:
+                                          description: 'volumeID used to identify the
+                                            volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                                          type: string
+                                      required:
+                                      - volumeID
+                                      type: object
+                                    configMap:
+                                      description: configMap represents a configMap
+                                        that should populate this volume
+                                      properties:
+                                        defaultMode:
+                                          description: 'defaultMode is optional: mode
+                                            bits used to set permissions on created
+                                            files by default. Must be an octal value
+                                            between 0000 and 0777 or a decimal value
+                                            between 0 and 511. YAML accepts both octal
+                                            and decimal values, JSON requires decimal
+                                            values for mode bits. Defaults to 0644.
+                                            Directories within the path are not affected
+                                            by this setting. This might be in conflict
+                                            with other options that affect the file
+                                            mode, like fsGroup, and the result can be
+                                            other mode bits set.'
+                                          format: int32
+                                          type: integer
+                                        items:
+                                          description: items if unspecified, each key-value
+                                            pair in the Data field of the referenced
+                                            ConfigMap will be projected into the volume
+                                            as a file whose name is the key and content
+                                            is the value. If specified, the listed keys
+                                            will be projected into the specified paths,
+                                            and unlisted keys will not be present. If
+                                            a key is specified which is not present
+                                            in the ConfigMap, the volume setup will
+                                            error unless it is marked optional. Paths
+                                            must be relative and may not contain the
+                                            '..' path or start with '..'.
+                                          items:
+                                            description: Maps a string key to a path
+                                              within a volume.
+                                            properties:
+                                              key:
+                                                description: key is the key to project.
+                                                type: string
+                                              mode:
+                                                description: 'mode is Optional: mode
+                                                  bits used to set permissions on this
+                                                  file. Must be an octal value between
+                                                  0000 and 0777 or a decimal value between
+                                                  0 and 511. YAML accepts both octal
+                                                  and decimal values, JSON requires
+                                                  decimal values for mode bits. If not
+                                                  specified, the volume defaultMode
+                                                  will be used. This might be in conflict
+                                                  with other options that affect the
+                                                  file mode, like fsGroup, and the result
+                                                  can be other mode bits set.'
+                                                format: int32
+                                                type: integer
+                                              path:
+                                                description: path is the relative path
+                                                  of the file to map the key to. May
+                                                  not be an absolute path. May not contain
+                                                  the path element '..'. May not start
+                                                  with the string '..'.
+                                                type: string
+                                            required:
+                                            - key
+                                            - path
+                                            type: object
+                                          type: array
+                                        name:
+                                          description: 'Name of the referent. More info:
+                                            https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                            TODO: Add other useful fields. apiVersion,
+                                            kind, uid?'
+                                          type: string
+                                        optional:
+                                          description: optional specify whether the
+                                            ConfigMap or its keys must be defined
+                                          type: boolean
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    csi:
+                                      description: csi (Container Storage Interface)
+                                        represents ephemeral storage that is handled
+                                        by certain external CSI drivers (Beta feature).
+                                      properties:
+                                        driver:
+                                          description: driver is the name of the CSI
+                                            driver that handles this volume. Consult
+                                            with your admin for the correct name as
+                                            registered in the cluster.
+                                          type: string
+                                        fsType:
+                                          description: fsType to mount. Ex. "ext4",
+                                            "xfs", "ntfs". If not provided, the empty
+                                            value is passed to the associated CSI driver
+                                            which will determine the default filesystem
+                                            to apply.
+                                          type: string
+                                        nodePublishSecretRef:
+                                          description: nodePublishSecretRef is a reference
+                                            to the secret object containing sensitive
+                                            information to pass to the CSI driver to
+                                            complete the CSI NodePublishVolume and NodeUnpublishVolume
+                                            calls. This field is optional, and  may
+                                            be empty if no secret is required. If the
+                                            secret object contains more than one secret,
+                                            all secret references are passed.
+                                          properties:
+                                            name:
+                                              description: 'Name of the referent. More
+                                                info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                TODO: Add other useful fields. apiVersion,
+                                                kind, uid?'
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        readOnly:
+                                          description: readOnly specifies a read-only
+                                            configuration for the volume. Defaults to
+                                            false (read/write).
+                                          type: boolean
+                                        volumeAttributes:
+                                          additionalProperties:
+                                            type: string
+                                          description: volumeAttributes stores driver-specific
+                                            properties that are passed to the CSI driver.
+                                            Consult your driver's documentation for
+                                            supported values.
+                                          type: object
+                                      required:
+                                      - driver
+                                      type: object
+                                    downwardAPI:
+                                      description: downwardAPI represents downward API
+                                        about the pod that should populate this volume
+                                      properties:
+                                        defaultMode:
+                                          description: 'Optional: mode bits to use on
+                                            created files by default. Must be a Optional:
+                                            mode bits used to set permissions on created
+                                            files by default. Must be an octal value
+                                            between 0000 and 0777 or a decimal value
+                                            between 0 and 511. YAML accepts both octal
+                                            and decimal values, JSON requires decimal
+                                            values for mode bits. Defaults to 0644.
+                                            Directories within the path are not affected
+                                            by this setting. This might be in conflict
+                                            with other options that affect the file
+                                            mode, like fsGroup, and the result can be
+                                            other mode bits set.'
+                                          format: int32
+                                          type: integer
+                                        items:
+                                          description: Items is a list of downward API
+                                            volume file
+                                          items:
+                                            description: DownwardAPIVolumeFile represents
+                                              information to create the file containing
+                                              the pod field
+                                            properties:
+                                              fieldRef:
+                                                description: 'Required: Selects a field
+                                                  of the pod: only annotations, labels,
+                                                  name and namespace are supported.'
+                                                properties:
+                                                  apiVersion:
+                                                    description: Version of the schema
+                                                      the FieldPath is written in terms
+                                                      of, defaults to "v1".
+                                                    type: string
+                                                  fieldPath:
+                                                    description: Path of the field to
+                                                      select in the specified API version.
+                                                    type: string
+                                                required:
+                                                - fieldPath
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              mode:
+                                                description: 'Optional: mode bits used
+                                                  to set permissions on this file, must
+                                                  be an octal value between 0000 and
+                                                  0777 or a decimal value between 0
+                                                  and 511. YAML accepts both octal and
+                                                  decimal values, JSON requires decimal
+                                                  values for mode bits. If not specified,
+                                                  the volume defaultMode will be used.
+                                                  This might be in conflict with other
+                                                  options that affect the file mode,
+                                                  like fsGroup, and the result can be
+                                                  other mode bits set.'
+                                                format: int32
+                                                type: integer
+                                              path:
+                                                description: 'Required: Path is  the
+                                                  relative path name of the file to
+                                                  be created. Must not be absolute or
+                                                  contain the ''..'' path. Must be utf-8
+                                                  encoded. The first item of the relative
+                                                  path must not start with ''..'''
+                                                type: string
+                                              resourceFieldRef:
+                                                description: 'Selects a resource of
+                                                  the container: only resources limits
+                                                  and requests (limits.cpu, limits.memory,
+                                                  requests.cpu and requests.memory)
+                                                  are currently supported.'
+                                                properties:
+                                                  containerName:
+                                                    description: 'Container name: required
+                                                      for volumes, optional for env
+                                                      vars'
+                                                    type: string
+                                                  divisor:
+                                                    anyOf:
+                                                    - type: integer
+                                                    - type: string
+                                                    description: Specifies the output
+                                                      format of the exposed resources,
+                                                      defaults to "1"
+                                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                    x-kubernetes-int-or-string: true
+                                                  resource:
+                                                    description: 'Required: resource
+                                                      to select'
+                                                    type: string
+                                                required:
+                                                - resource
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                            required:
+                                            - path
+                                            type: object
+                                          type: array
+                                      type: object
+                                    emptyDir:
+                                      description: 'emptyDir represents a temporary
+                                        directory that shares a pod''s lifetime. More
+                                        info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+                                      properties:
+                                        medium:
+                                          description: 'medium represents what type
+                                            of storage medium should back this directory.
+                                            The default is "" which means to use the
+                                            node''s default medium. Must be an empty
+                                            string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+                                          type: string
+                                        sizeLimit:
+                                          anyOf:
+                                          - type: integer
+                                          - type: string
+                                          description: 'sizeLimit is the total amount
+                                            of local storage required for this EmptyDir
+                                            volume. The size limit is also applicable
+                                            for memory medium. The maximum usage on
+                                            memory medium EmptyDir would be the minimum
+                                            value between the SizeLimit specified here
+                                            and the sum of memory limits of all containers
+                                            in a pod. The default is nil which means
+                                            that the limit is undefined. More info:
+                                            http://kubernetes.io/docs/user-guide/volumes#emptydir'
+                                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                          x-kubernetes-int-or-string: true
+                                      type: object
+                                    ephemeral:
+                                      description: "ephemeral represents a volume that
+                                        is handled by a cluster storage driver. The
+                                        volume's lifecycle is tied to the pod that defines
+                                        it - it will be created before the pod starts,
+                                        and deleted when the pod is removed. \n Use
+                                        this if: a) the volume is only needed while
+                                        the pod runs, b) features of normal volumes
+                                        like restoring from snapshot or capacity tracking
+                                        are needed, c) the storage driver is specified
+                                        through a storage class, and d) the storage
+                                        driver supports dynamic volume provisioning
+                                        through a PersistentVolumeClaim (see EphemeralVolumeSource
+                                        for more information on the connection between
+                                        this volume type and PersistentVolumeClaim).
+                                        \n Use PersistentVolumeClaim or one of the vendor-specific
+                                        APIs for volumes that persist for longer than
+                                        the lifecycle of an individual pod. \n Use CSI
+                                        for light-weight local ephemeral volumes if
+                                        the CSI driver is meant to be used that way
+                                        - see the documentation of the driver for more
+                                        information. \n A pod can use both types of
+                                        ephemeral volumes and persistent volumes at
+                                        the same time."
+                                      properties:
+                                        volumeClaimTemplate:
+                                          description: "Will be used to create a stand-alone
+                                            PVC to provision the volume. The pod in
+                                            which this EphemeralVolumeSource is embedded
+                                            will be the owner of the PVC, i.e. the PVC
+                                            will be deleted together with the pod.  The
+                                            name of the PVC will be `<pod name>-<volume
+                                            name>` where `<volume name>` is the name
+                                            from the `PodSpec.Volumes` array entry.
+                                            Pod validation will reject the pod if the
+                                            concatenated name is not valid for a PVC
+                                            (for example, too long). \n An existing
+                                            PVC with that name that is not owned by
+                                            the pod will *not* be used for the pod to
+                                            avoid using an unrelated volume by mistake.
+                                            Starting the pod is then blocked until the
+                                            unrelated PVC is removed. If such a pre-created
+                                            PVC is meant to be used by the pod, the
+                                            PVC has to updated with an owner reference
+                                            to the pod once the pod exists. Normally
+                                            this should not be necessary, but it may
+                                            be useful when manually reconstructing a
+                                            broken cluster. \n This field is read-only
+                                            and no changes will be made by Kubernetes
+                                            to the PVC after it has been created. \n
+                                            Required, must not be nil."
+                                          properties:
+                                            metadata:
+                                              description: May contain labels and annotations
+                                                that will be copied into the PVC when
+                                                creating it. No other fields are allowed
+                                                and will be rejected during validation.
+                                              type: object
+                                            spec:
+                                              description: The specification for the
+                                                PersistentVolumeClaim. The entire content
+                                                is copied unchanged into the PVC that
+                                                gets created from this template. The
+                                                same fields as in a PersistentVolumeClaim
+                                                are also valid here.
+                                              properties:
+                                                accessModes:
+                                                  description: 'accessModes contains
+                                                    the desired access modes the volume
+                                                    should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                dataSource:
+                                                  description: 'dataSource field can
+                                                    be used to specify either: * An
+                                                    existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
+                                                    * An existing PVC (PersistentVolumeClaim)
+                                                    If the provisioner or an external
+                                                    controller can support the specified
+                                                    data source, it will create a new
+                                                    volume based on the contents of
+                                                    the specified data source. When
+                                                    the AnyVolumeDataSource feature
+                                                    gate is enabled, dataSource contents
+                                                    will be copied to dataSourceRef,
+                                                    and dataSourceRef contents will
+                                                    be copied to dataSource when dataSourceRef.namespace
+                                                    is not specified. If the namespace
+                                                    is specified, then dataSourceRef
+                                                    will not be copied to dataSource.'
+                                                  properties:
+                                                    apiGroup:
+                                                      description: APIGroup is the group
+                                                        for the resource being referenced.
+                                                        If APIGroup is not specified,
+                                                        the specified Kind must be in
+                                                        the core API group. For any
+                                                        other third-party types, APIGroup
+                                                        is required.
+                                                      type: string
+                                                    kind:
+                                                      description: Kind is the type
+                                                        of resource being referenced
+                                                      type: string
+                                                    name:
+                                                      description: Name is the name
+                                                        of resource being referenced
+                                                      type: string
+                                                  required:
+                                                  - kind
+                                                  - name
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                dataSourceRef:
+                                                  description: 'dataSourceRef specifies
+                                                    the object from which to populate
+                                                    the volume with data, if a non-empty
+                                                    volume is desired. This may be any
+                                                    object from a non-empty API group
+                                                    (non core object) or a PersistentVolumeClaim
+                                                    object. When this field is specified,
+                                                    volume binding will only succeed
+                                                    if the type of the specified object
+                                                    matches some installed volume populator
+                                                    or dynamic provisioner. This field
+                                                    will replace the functionality of
+                                                    the dataSource field and as such
+                                                    if both fields are non-empty, they
+                                                    must have the same value. For backwards
+                                                    compatibility, when namespace isn''t
+                                                    specified in dataSourceRef, both
+                                                    fields (dataSource and dataSourceRef)
+                                                    will be set to the same value automatically
+                                                    if one of them is empty and the
+                                                    other is non-empty. When namespace
+                                                    is specified in dataSourceRef, dataSource
+                                                    isn''t set to the same value and
+                                                    must be empty. There are three important
+                                                    differences between dataSource and
+                                                    dataSourceRef: * While dataSource
+                                                    only allows two specific types of
+                                                    objects, dataSourceRef allows any
+                                                    non-core object, as well as PersistentVolumeClaim
+                                                    objects. * While dataSource ignores
+                                                    disallowed values (dropping them),
+                                                    dataSourceRef preserves all values,
+                                                    and generates an error if a disallowed
+                                                    value is specified. * While dataSource
+                                                    only allows local objects, dataSourceRef
+                                                    allows objects in any namespaces.
+                                                    (Beta) Using this field requires
+                                                    the AnyVolumeDataSource feature
+                                                    gate to be enabled. (Alpha) Using
+                                                    the namespace field of dataSourceRef
+                                                    requires the CrossNamespaceVolumeDataSource
+                                                    feature gate to be enabled.'
+                                                  properties:
+                                                    apiGroup:
+                                                      description: APIGroup is the group
+                                                        for the resource being referenced.
+                                                        If APIGroup is not specified,
+                                                        the specified Kind must be in
+                                                        the core API group. For any
+                                                        other third-party types, APIGroup
+                                                        is required.
+                                                      type: string
+                                                    kind:
+                                                      description: Kind is the type
+                                                        of resource being referenced
+                                                      type: string
+                                                    name:
+                                                      description: Name is the name
+                                                        of resource being referenced
+                                                      type: string
+                                                    namespace:
+                                                      description: Namespace is the
+                                                        namespace of resource being
+                                                        referenced Note that when a
+                                                        namespace is specified, a gateway.networking.k8s.io/ReferenceGrant
+                                                        object is required in the referent
+                                                        namespace to allow that namespace's
+                                                        owner to accept the reference.
+                                                        See the ReferenceGrant documentation
+                                                        for details. (Alpha) This field
+                                                        requires the CrossNamespaceVolumeDataSource
+                                                        feature gate to be enabled.
+                                                      type: string
+                                                  required:
+                                                  - kind
+                                                  - name
+                                                  type: object
+                                                resources:
+                                                  description: 'resources represents
+                                                    the minimum resources the volume
+                                                    should have. If RecoverVolumeExpansionFailure
+                                                    feature is enabled users are allowed
+                                                    to specify resource requirements
+                                                    that are lower than previous value
+                                                    but must still be higher than capacity
+                                                    recorded in the status field of
+                                                    the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
+                                                  properties:
+                                                    claims:
+                                                      description: "Claims lists the
+                                                        names of resources, defined
+                                                        in spec.resourceClaims, that
+                                                        are used by this container.
+                                                        \n This is an alpha field and
+                                                        requires enabling the DynamicResourceAllocation
+                                                        feature gate. \n This field
+                                                        is immutable."
+                                                      items:
+                                                        description: ResourceClaim references
+                                                          one entry in PodSpec.ResourceClaims.
+                                                        properties:
+                                                          name:
+                                                            description: Name must match
+                                                              the name of one entry
+                                                              in pod.spec.resourceClaims
+                                                              of the Pod where this
+                                                              field is used. It makes
+                                                              that resource available
+                                                              inside a container.
+                                                            type: string
+                                                        required:
+                                                        - name
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-map-keys:
+                                                      - name
+                                                      x-kubernetes-list-type: map
+                                                    limits:
+                                                      additionalProperties:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                        x-kubernetes-int-or-string: true
+                                                      description: 'Limits describes
+                                                        the maximum amount of compute
+                                                        resources allowed. More info:
+                                                        https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                                      type: object
+                                                    requests:
+                                                      additionalProperties:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                        x-kubernetes-int-or-string: true
+                                                      description: 'Requests describes
+                                                        the minimum amount of compute
+                                                        resources required. If Requests
+                                                        is omitted for a container,
+                                                        it defaults to Limits if that
+                                                        is explicitly specified, otherwise
+                                                        to an implementation-defined
+                                                        value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                                      type: object
+                                                  type: object
+                                                selector:
+                                                  description: selector is a label query
+                                                    over volumes to consider for binding.
+                                                  properties:
+                                                    matchExpressions:
+                                                      description: matchExpressions
+                                                        is a list of label selector
+                                                        requirements. The requirements
+                                                        are ANDed.
+                                                      items:
+                                                        description: A label selector
+                                                          requirement is a selector
+                                                          that contains values, a key,
+                                                          and an operator that relates
+                                                          the key and values.
+                                                        properties:
+                                                          key:
+                                                            description: key is the
+                                                              label key that the selector
+                                                              applies to.
+                                                            type: string
+                                                          operator:
+                                                            description: operator represents
+                                                              a key's relationship to
+                                                              a set of values. Valid
+                                                              operators are In, NotIn,
+                                                              Exists and DoesNotExist.
+                                                            type: string
+                                                          values:
+                                                            description: values is an
+                                                              array of string values.
+                                                              If the operator is In
+                                                              or NotIn, the values array
+                                                              must be non-empty. If
+                                                              the operator is Exists
+                                                              or DoesNotExist, the values
+                                                              array must be empty. This
+                                                              array is replaced during
+                                                              a strategic merge patch.
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                    matchLabels:
+                                                      additionalProperties:
+                                                        type: string
+                                                      description: matchLabels is a
+                                                        map of {key,value} pairs. A
+                                                        single {key,value} in the matchLabels
+                                                        map is equivalent to an element
+                                                        of matchExpressions, whose key
+                                                        field is "key", the operator
+                                                        is "In", and the values array
+                                                        contains only "value". The requirements
+                                                        are ANDed.
+                                                      type: object
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                storageClassName:
+                                                  description: 'storageClassName is
+                                                    the name of the StorageClass required
+                                                    by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+                                                  type: string
+                                                volumeMode:
+                                                  description: volumeMode defines what
+                                                    type of volume is required by the
+                                                    claim. Value of Filesystem is implied
+                                                    when not included in claim spec.
+                                                  type: string
+                                                volumeName:
+                                                  description: volumeName is the binding
+                                                    reference to the PersistentVolume
+                                                    backing this claim.
+                                                  type: string
+                                              type: object
+                                          required:
+                                          - spec
+                                          type: object
+                                      type: object
+                                    fc:
+                                      description: fc represents a Fibre Channel resource
+                                        that is attached to a kubelet's host machine
+                                        and then exposed to the pod.
+                                      properties:
+                                        fsType:
+                                          description: 'fsType is the filesystem type
+                                            to mount. Must be a filesystem type supported
+                                            by the host operating system. Ex. "ext4",
+                                            "xfs", "ntfs". Implicitly inferred to be
+                                            "ext4" if unspecified. TODO: how do we prevent
+                                            errors in the filesystem from compromising
+                                            the machine'
+                                          type: string
+                                        lun:
+                                          description: 'lun is Optional: FC target lun
+                                            number'
+                                          format: int32
+                                          type: integer
+                                        readOnly:
+                                          description: 'readOnly is Optional: Defaults
+                                            to false (read/write). ReadOnly here will
+                                            force the ReadOnly setting in VolumeMounts.'
+                                          type: boolean
+                                        targetWWNs:
+                                          description: 'targetWWNs is Optional: FC target
+                                            worldwide names (WWNs)'
+                                          items:
+                                            type: string
+                                          type: array
+                                        wwids:
+                                          description: 'wwids Optional: FC volume world
+                                            wide identifiers (wwids) Either wwids or
+                                            combination of targetWWNs and lun must be
+                                            set, but not both simultaneously.'
+                                          items:
+                                            type: string
+                                          type: array
+                                      type: object
+                                    flexVolume:
+                                      description: flexVolume represents a generic volume
+                                        resource that is provisioned/attached using
+                                        an exec based plugin.
+                                      properties:
+                                        driver:
+                                          description: driver is the name of the driver
+                                            to use for this volume.
+                                          type: string
+                                        fsType:
+                                          description: fsType is the filesystem type
+                                            to mount. Must be a filesystem type supported
+                                            by the host operating system. Ex. "ext4",
+                                            "xfs", "ntfs". The default filesystem depends
+                                            on FlexVolume script.
+                                          type: string
+                                        options:
+                                          additionalProperties:
+                                            type: string
+                                          description: 'options is Optional: this field
+                                            holds extra command options if any.'
+                                          type: object
+                                        readOnly:
+                                          description: 'readOnly is Optional: defaults
+                                            to false (read/write). ReadOnly here will
+                                            force the ReadOnly setting in VolumeMounts.'
+                                          type: boolean
+                                        secretRef:
+                                          description: 'secretRef is Optional: secretRef
+                                            is reference to the secret object containing
+                                            sensitive information to pass to the plugin
+                                            scripts. This may be empty if no secret
+                                            object is specified. If the secret object
+                                            contains more than one secret, all secrets
+                                            are passed to the plugin scripts.'
+                                          properties:
+                                            name:
+                                              description: 'Name of the referent. More
+                                                info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                TODO: Add other useful fields. apiVersion,
+                                                kind, uid?'
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                      required:
+                                      - driver
+                                      type: object
+                                    flocker:
+                                      description: flocker represents a Flocker volume
+                                        attached to a kubelet's host machine. This depends
+                                        on the Flocker control service being running
+                                      properties:
+                                        datasetName:
+                                          description: datasetName is Name of the dataset
+                                            stored as metadata -> name on the dataset
+                                            for Flocker should be considered as deprecated
+                                          type: string
+                                        datasetUUID:
+                                          description: datasetUUID is the UUID of the
+                                            dataset. This is unique identifier of a
+                                            Flocker dataset
+                                          type: string
+                                      type: object
+                                    gcePersistentDisk:
+                                      description: 'gcePersistentDisk represents a GCE
+                                        Disk resource that is attached to a kubelet''s
+                                        host machine and then exposed to the pod. More
+                                        info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                                      properties:
+                                        fsType:
+                                          description: 'fsType is filesystem type of
+                                            the volume that you want to mount. Tip:
+                                            Ensure that the filesystem type is supported
+                                            by the host operating system. Examples:
+                                            "ext4", "xfs", "ntfs". Implicitly inferred
+                                            to be "ext4" if unspecified. More info:
+                                            https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+                                            TODO: how do we prevent errors in the filesystem
+                                            from compromising the machine'
+                                          type: string
+                                        partition:
+                                          description: 'partition is the partition in
+                                            the volume that you want to mount. If omitted,
+                                            the default is to mount by volume name.
+                                            Examples: For volume /dev/sda1, you specify
+                                            the partition as "1". Similarly, the volume
+                                            partition for /dev/sda is "0" (or you can
+                                            leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                                          format: int32
+                                          type: integer
+                                        pdName:
+                                          description: 'pdName is unique name of the
+                                            PD resource in GCE. Used to identify the
+                                            disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                                          type: string
+                                        readOnly:
+                                          description: 'readOnly here will force the
+                                            ReadOnly setting in VolumeMounts. Defaults
+                                            to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                                          type: boolean
+                                      required:
+                                      - pdName
+                                      type: object
+                                    gitRepo:
+                                      description: 'gitRepo represents a git repository
+                                        at a particular revision. DEPRECATED: GitRepo
+                                        is deprecated. To provision a container with
+                                        a git repo, mount an EmptyDir into an InitContainer
+                                        that clones the repo using git, then mount the
+                                        EmptyDir into the Pod''s container.'
+                                      properties:
+                                        directory:
+                                          description: directory is the target directory
+                                            name. Must not contain or start with '..'.  If
+                                            '.' is supplied, the volume directory will
+                                            be the git repository.  Otherwise, if specified,
+                                            the volume will contain the git repository
+                                            in the subdirectory with the given name.
+                                          type: string
+                                        repository:
+                                          description: repository is the URL
+                                          type: string
+                                        revision:
+                                          description: revision is the commit hash for
+                                            the specified revision.
+                                          type: string
+                                      required:
+                                      - repository
+                                      type: object
+                                    glusterfs:
+                                      description: 'glusterfs represents a Glusterfs
+                                        mount on the host that shares a pod''s lifetime.
+                                        More info: https://examples.k8s.io/volumes/glusterfs/README.md'
+                                      properties:
+                                        endpoints:
+                                          description: 'endpoints is the endpoint name
+                                            that details Glusterfs topology. More info:
+                                            https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+                                          type: string
+                                        path:
+                                          description: 'path is the Glusterfs volume
+                                            path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+                                          type: string
+                                        readOnly:
+                                          description: 'readOnly here will force the
+                                            Glusterfs volume to be mounted with read-only
+                                            permissions. Defaults to false. More info:
+                                            https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+                                          type: boolean
+                                      required:
+                                      - endpoints
+                                      - path
+                                      type: object
+                                    hostPath:
+                                      description: 'hostPath represents a pre-existing
+                                        file or directory on the host machine that is
+                                        directly exposed to the container. This is generally
+                                        used for system agents or other privileged things
+                                        that are allowed to see the host machine. Most
+                                        containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+                                        --- TODO(jonesdl) We need to restrict who can
+                                        use host directory mounts and who can/can not
+                                        mount host directories as read/write.'
+                                      properties:
+                                        path:
+                                          description: 'path of the directory on the
+                                            host. If the path is a symlink, it will
+                                            follow the link to the real path. More info:
+                                            https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
+                                          type: string
+                                        type:
+                                          description: 'type for HostPath Volume Defaults
+                                            to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
+                                          type: string
+                                      required:
+                                      - path
+                                      type: object
+                                    iscsi:
+                                      description: 'iscsi represents an ISCSI Disk resource
+                                        that is attached to a kubelet''s host machine
+                                        and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
+                                      properties:
+                                        chapAuthDiscovery:
+                                          description: chapAuthDiscovery defines whether
+                                            support iSCSI Discovery CHAP authentication
+                                          type: boolean
+                                        chapAuthSession:
+                                          description: chapAuthSession defines whether
+                                            support iSCSI Session CHAP authentication
+                                          type: boolean
+                                        fsType:
+                                          description: 'fsType is the filesystem type
+                                            of the volume that you want to mount. Tip:
+                                            Ensure that the filesystem type is supported
+                                            by the host operating system. Examples:
+                                            "ext4", "xfs", "ntfs". Implicitly inferred
+                                            to be "ext4" if unspecified. More info:
+                                            https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+                                            TODO: how do we prevent errors in the filesystem
+                                            from compromising the machine'
+                                          type: string
+                                        initiatorName:
+                                          description: initiatorName is the custom iSCSI
+                                            Initiator Name. If initiatorName is specified
+                                            with iscsiInterface simultaneously, new
+                                            iSCSI interface <target portal>:<volume
+                                            name> will be created for the connection.
+                                          type: string
+                                        iqn:
+                                          description: iqn is the target iSCSI Qualified
+                                            Name.
+                                          type: string
+                                        iscsiInterface:
+                                          description: iscsiInterface is the interface
+                                            Name that uses an iSCSI transport. Defaults
+                                            to 'default' (tcp).
+                                          type: string
+                                        lun:
+                                          description: lun represents iSCSI Target Lun
+                                            number.
+                                          format: int32
+                                          type: integer
+                                        portals:
+                                          description: portals is the iSCSI Target Portal
+                                            List. The portal is either an IP or ip_addr:port
+                                            if the port is other than default (typically
+                                            TCP ports 860 and 3260).
+                                          items:
+                                            type: string
+                                          type: array
+                                        readOnly:
+                                          description: readOnly here will force the
+                                            ReadOnly setting in VolumeMounts. Defaults
+                                            to false.
+                                          type: boolean
+                                        secretRef:
+                                          description: secretRef is the CHAP Secret
+                                            for iSCSI target and initiator authentication
+                                          properties:
+                                            name:
+                                              description: 'Name of the referent. More
+                                                info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                TODO: Add other useful fields. apiVersion,
+                                                kind, uid?'
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        targetPortal:
+                                          description: targetPortal is iSCSI Target
+                                            Portal. The Portal is either an IP or ip_addr:port
+                                            if the port is other than default (typically
+                                            TCP ports 860 and 3260).
+                                          type: string
+                                      required:
+                                      - iqn
+                                      - lun
+                                      - targetPortal
+                                      type: object
+                                    name:
+                                      description: 'name of the volume. Must be a DNS_LABEL
+                                        and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+                                      type: string
+                                    nfs:
+                                      description: 'nfs represents an NFS mount on the
+                                        host that shares a pod''s lifetime More info:
+                                        https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                                      properties:
+                                        path:
+                                          description: 'path that is exported by the
+                                            NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                                          type: string
+                                        readOnly:
+                                          description: 'readOnly here will force the
+                                            NFS export to be mounted with read-only
+                                            permissions. Defaults to false. More info:
+                                            https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                                          type: boolean
+                                        server:
+                                          description: 'server is the hostname or IP
+                                            address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                                          type: string
+                                      required:
+                                      - path
+                                      - server
+                                      type: object
+                                    persistentVolumeClaim:
+                                      description: 'persistentVolumeClaimVolumeSource
+                                        represents a reference to a PersistentVolumeClaim
+                                        in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+                                      properties:
+                                        claimName:
+                                          description: 'claimName is the name of a PersistentVolumeClaim
+                                            in the same namespace as the pod using this
+                                            volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+                                          type: string
+                                        readOnly:
+                                          description: readOnly Will force the ReadOnly
+                                            setting in VolumeMounts. Default false.
+                                          type: boolean
+                                      required:
+                                      - claimName
+                                      type: object
+                                    photonPersistentDisk:
+                                      description: photonPersistentDisk represents a
+                                        PhotonController persistent disk attached and
+                                        mounted on kubelets host machine
+                                      properties:
+                                        fsType:
+                                          description: fsType is the filesystem type
+                                            to mount. Must be a filesystem type supported
+                                            by the host operating system. Ex. "ext4",
+                                            "xfs", "ntfs". Implicitly inferred to be
+                                            "ext4" if unspecified.
+                                          type: string
+                                        pdID:
+                                          description: pdID is the ID that identifies
+                                            Photon Controller persistent disk
+                                          type: string
+                                      required:
+                                      - pdID
+                                      type: object
+                                    portworxVolume:
+                                      description: portworxVolume represents a portworx
+                                        volume attached and mounted on kubelets host
+                                        machine
+                                      properties:
+                                        fsType:
+                                          description: fSType represents the filesystem
+                                            type to mount Must be a filesystem type
+                                            supported by the host operating system.
+                                            Ex. "ext4", "xfs". Implicitly inferred to
+                                            be "ext4" if unspecified.
+                                          type: string
+                                        readOnly:
+                                          description: readOnly defaults to false (read/write).
+                                            ReadOnly here will force the ReadOnly setting
+                                            in VolumeMounts.
+                                          type: boolean
+                                        volumeID:
+                                          description: volumeID uniquely identifies
+                                            a Portworx volume
+                                          type: string
+                                      required:
+                                      - volumeID
+                                      type: object
+                                    projected:
+                                      description: projected items for all in one resources
+                                        secrets, configmaps, and downward API
+                                      properties:
+                                        defaultMode:
+                                          description: defaultMode are the mode bits
+                                            used to set permissions on created files
+                                            by default. Must be an octal value between
+                                            0000 and 0777 or a decimal value between
+                                            0 and 511. YAML accepts both octal and decimal
+                                            values, JSON requires decimal values for
+                                            mode bits. Directories within the path are
+                                            not affected by this setting. This might
+                                            be in conflict with other options that affect
+                                            the file mode, like fsGroup, and the result
+                                            can be other mode bits set.
+                                          format: int32
+                                          type: integer
+                                        sources:
+                                          description: sources is the list of volume
+                                            projections
+                                          items:
+                                            description: Projection that may be projected
+                                              along with other supported volume types
+                                            properties:
+                                              configMap:
+                                                description: configMap information about
+                                                  the configMap data to project
+                                                properties:
+                                                  items:
+                                                    description: items if unspecified,
+                                                      each key-value pair in the Data
+                                                      field of the referenced ConfigMap
+                                                      will be projected into the volume
+                                                      as a file whose name is the key
+                                                      and content is the value. If specified,
+                                                      the listed keys will be projected
+                                                      into the specified paths, and
+                                                      unlisted keys will not be present.
+                                                      If a key is specified which is
+                                                      not present in the ConfigMap,
+                                                      the volume setup will error unless
+                                                      it is marked optional. Paths must
+                                                      be relative and may not contain
+                                                      the '..' path or start with '..'.
+                                                    items:
+                                                      description: Maps a string key
+                                                        to a path within a volume.
+                                                      properties:
+                                                        key:
+                                                          description: key is the key
+                                                            to project.
+                                                          type: string
+                                                        mode:
+                                                          description: 'mode is Optional:
+                                                            mode bits used to set permissions
+                                                            on this file. Must be an
+                                                            octal value between 0000
+                                                            and 0777 or a decimal value
+                                                            between 0 and 511. YAML
+                                                            accepts both octal and decimal
+                                                            values, JSON requires decimal
+                                                            values for mode bits. If
+                                                            not specified, the volume
+                                                            defaultMode will be used.
+                                                            This might be in conflict
+                                                            with other options that
+                                                            affect the file mode, like
+                                                            fsGroup, and the result
+                                                            can be other mode bits set.'
+                                                          format: int32
+                                                          type: integer
+                                                        path:
+                                                          description: path is the relative
+                                                            path of the file to map
+                                                            the key to. May not be an
+                                                            absolute path. May not contain
+                                                            the path element '..'. May
+                                                            not start with the string
+                                                            '..'.
+                                                          type: string
+                                                      required:
+                                                      - key
+                                                      - path
+                                                      type: object
+                                                    type: array
+                                                  name:
+                                                    description: 'Name of the referent.
+                                                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                      TODO: Add other useful fields.
+                                                      apiVersion, kind, uid?'
+                                                    type: string
+                                                  optional:
+                                                    description: optional specify whether
+                                                      the ConfigMap or its keys must
+                                                      be defined
+                                                    type: boolean
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              downwardAPI:
+                                                description: downwardAPI information
+                                                  about the downwardAPI data to project
+                                                properties:
+                                                  items:
+                                                    description: Items is a list of
+                                                      DownwardAPIVolume file
+                                                    items:
+                                                      description: DownwardAPIVolumeFile
+                                                        represents information to create
+                                                        the file containing the pod
+                                                        field
+                                                      properties:
+                                                        fieldRef:
+                                                          description: 'Required: Selects
+                                                            a field of the pod: only
+                                                            annotations, labels, name
+                                                            and namespace are supported.'
+                                                          properties:
+                                                            apiVersion:
+                                                              description: Version of
+                                                                the schema the FieldPath
+                                                                is written in terms
+                                                                of, defaults to "v1".
+                                                              type: string
+                                                            fieldPath:
+                                                              description: Path of the
+                                                                field to select in the
+                                                                specified API version.
+                                                              type: string
+                                                          required:
+                                                          - fieldPath
+                                                          type: object
+                                                          x-kubernetes-map-type: atomic
+                                                        mode:
+                                                          description: 'Optional: mode
+                                                            bits used to set permissions
+                                                            on this file, must be an
+                                                            octal value between 0000
+                                                            and 0777 or a decimal value
+                                                            between 0 and 511. YAML
+                                                            accepts both octal and decimal
+                                                            values, JSON requires decimal
+                                                            values for mode bits. If
+                                                            not specified, the volume
+                                                            defaultMode will be used.
+                                                            This might be in conflict
+                                                            with other options that
+                                                            affect the file mode, like
+                                                            fsGroup, and the result
+                                                            can be other mode bits set.'
+                                                          format: int32
+                                                          type: integer
+                                                        path:
+                                                          description: 'Required: Path
+                                                            is  the relative path name
+                                                            of the file to be created.
+                                                            Must not be absolute or
+                                                            contain the ''..'' path.
+                                                            Must be utf-8 encoded. The
+                                                            first item of the relative
+                                                            path must not start with
+                                                            ''..'''
+                                                          type: string
+                                                        resourceFieldRef:
+                                                          description: 'Selects a resource
+                                                            of the container: only resources
+                                                            limits and requests (limits.cpu,
+                                                            limits.memory, requests.cpu
+                                                            and requests.memory) are
+                                                            currently supported.'
+                                                          properties:
+                                                            containerName:
+                                                              description: 'Container
+                                                                name: required for volumes,
+                                                                optional for env vars'
+                                                              type: string
+                                                            divisor:
+                                                              anyOf:
+                                                              - type: integer
+                                                              - type: string
+                                                              description: Specifies
+                                                                the output format of
+                                                                the exposed resources,
+                                                                defaults to "1"
+                                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                              x-kubernetes-int-or-string: true
+                                                            resource:
+                                                              description: 'Required:
+                                                                resource to select'
+                                                              type: string
+                                                          required:
+                                                          - resource
+                                                          type: object
+                                                          x-kubernetes-map-type: atomic
+                                                      required:
+                                                      - path
+                                                      type: object
+                                                    type: array
+                                                type: object
+                                              secret:
+                                                description: secret information about
+                                                  the secret data to project
+                                                properties:
+                                                  items:
+                                                    description: items if unspecified,
+                                                      each key-value pair in the Data
+                                                      field of the referenced Secret
+                                                      will be projected into the volume
+                                                      as a file whose name is the key
+                                                      and content is the value. If specified,
+                                                      the listed keys will be projected
+                                                      into the specified paths, and
+                                                      unlisted keys will not be present.
+                                                      If a key is specified which is
+                                                      not present in the Secret, the
+                                                      volume setup will error unless
+                                                      it is marked optional. Paths must
+                                                      be relative and may not contain
+                                                      the '..' path or start with '..'.
+                                                    items:
+                                                      description: Maps a string key
+                                                        to a path within a volume.
+                                                      properties:
+                                                        key:
+                                                          description: key is the key
+                                                            to project.
+                                                          type: string
+                                                        mode:
+                                                          description: 'mode is Optional:
+                                                            mode bits used to set permissions
+                                                            on this file. Must be an
+                                                            octal value between 0000
+                                                            and 0777 or a decimal value
+                                                            between 0 and 511. YAML
+                                                            accepts both octal and decimal
+                                                            values, JSON requires decimal
+                                                            values for mode bits. If
+                                                            not specified, the volume
+                                                            defaultMode will be used.
+                                                            This might be in conflict
+                                                            with other options that
+                                                            affect the file mode, like
+                                                            fsGroup, and the result
+                                                            can be other mode bits set.'
+                                                          format: int32
+                                                          type: integer
+                                                        path:
+                                                          description: path is the relative
+                                                            path of the file to map
+                                                            the key to. May not be an
+                                                            absolute path. May not contain
+                                                            the path element '..'. May
+                                                            not start with the string
+                                                            '..'.
+                                                          type: string
+                                                      required:
+                                                      - key
+                                                      - path
+                                                      type: object
+                                                    type: array
+                                                  name:
+                                                    description: 'Name of the referent.
+                                                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                      TODO: Add other useful fields.
+                                                      apiVersion, kind, uid?'
+                                                    type: string
+                                                  optional:
+                                                    description: optional field specify
+                                                      whether the Secret or its key
+                                                      must be defined
+                                                    type: boolean
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              serviceAccountToken:
+                                                description: serviceAccountToken is
+                                                  information about the serviceAccountToken
+                                                  data to project
+                                                properties:
+                                                  audience:
+                                                    description: audience is the intended
+                                                      audience of the token. A recipient
+                                                      of a token must identify itself
+                                                      with an identifier specified in
+                                                      the audience of the token, and
+                                                      otherwise should reject the token.
+                                                      The audience defaults to the identifier
+                                                      of the apiserver.
+                                                    type: string
+                                                  expirationSeconds:
+                                                    description: expirationSeconds is
+                                                      the requested duration of validity
+                                                      of the service account token.
+                                                      As the token approaches expiration,
+                                                      the kubelet volume plugin will
+                                                      proactively rotate the service
+                                                      account token. The kubelet will
+                                                      start trying to rotate the token
+                                                      if the token is older than 80
+                                                      percent of its time to live or
+                                                      if the token is older than 24
+                                                      hours.Defaults to 1 hour and must
+                                                      be at least 10 minutes.
+                                                    format: int64
+                                                    type: integer
+                                                  path:
+                                                    description: path is the path relative
+                                                      to the mount point of the file
+                                                      to project the token into.
+                                                    type: string
+                                                required:
+                                                - path
+                                                type: object
+                                            type: object
+                                          type: array
+                                      type: object
+                                    quobyte:
+                                      description: quobyte represents a Quobyte mount
+                                        on the host that shares a pod's lifetime
+                                      properties:
+                                        group:
+                                          description: group to map volume access to
+                                            Default is no group
+                                          type: string
+                                        readOnly:
+                                          description: readOnly here will force the
+                                            Quobyte volume to be mounted with read-only
+                                            permissions. Defaults to false.
+                                          type: boolean
+                                        registry:
+                                          description: registry represents a single
+                                            or multiple Quobyte Registry services specified
+                                            as a string as host:port pair (multiple
+                                            entries are separated with commas) which
+                                            acts as the central registry for volumes
+                                          type: string
+                                        tenant:
+                                          description: tenant owning the given Quobyte
+                                            volume in the Backend Used with dynamically
+                                            provisioned Quobyte volumes, value is set
+                                            by the plugin
+                                          type: string
+                                        user:
+                                          description: user to map volume access to
+                                            Defaults to serivceaccount user
+                                          type: string
+                                        volume:
+                                          description: volume is a string that references
+                                            an already created Quobyte volume by name.
+                                          type: string
+                                      required:
+                                      - registry
+                                      - volume
+                                      type: object
+                                    rbd:
+                                      description: 'rbd represents a Rados Block Device
+                                        mount on the host that shares a pod''s lifetime.
+                                        More info: https://examples.k8s.io/volumes/rbd/README.md'
+                                      properties:
+                                        fsType:
+                                          description: 'fsType is the filesystem type
+                                            of the volume that you want to mount. Tip:
+                                            Ensure that the filesystem type is supported
+                                            by the host operating system. Examples:
+                                            "ext4", "xfs", "ntfs". Implicitly inferred
+                                            to be "ext4" if unspecified. More info:
+                                            https://kubernetes.io/docs/concepts/storage/volumes#rbd
+                                            TODO: how do we prevent errors in the filesystem
+                                            from compromising the machine'
+                                          type: string
+                                        image:
+                                          description: 'image is the rados image name.
+                                            More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                                          type: string
+                                        keyring:
+                                          description: 'keyring is the path to key ring
+                                            for RBDUser. Default is /etc/ceph/keyring.
+                                            More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                                          type: string
+                                        monitors:
+                                          description: 'monitors is a collection of
+                                            Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                                          items:
+                                            type: string
+                                          type: array
+                                        pool:
+                                          description: 'pool is the rados pool name.
+                                            Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                                          type: string
+                                        readOnly:
+                                          description: 'readOnly here will force the
+                                            ReadOnly setting in VolumeMounts. Defaults
+                                            to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                                          type: boolean
+                                        secretRef:
+                                          description: 'secretRef is name of the authentication
+                                            secret for RBDUser. If provided overrides
+                                            keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                                          properties:
+                                            name:
+                                              description: 'Name of the referent. More
+                                                info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                TODO: Add other useful fields. apiVersion,
+                                                kind, uid?'
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        user:
+                                          description: 'user is the rados user name.
+                                            Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                                          type: string
+                                      required:
+                                      - image
+                                      - monitors
+                                      type: object
+                                    scaleIO:
+                                      description: scaleIO represents a ScaleIO persistent
+                                        volume attached and mounted on Kubernetes nodes.
+                                      properties:
+                                        fsType:
+                                          description: fsType is the filesystem type
+                                            to mount. Must be a filesystem type supported
+                                            by the host operating system. Ex. "ext4",
+                                            "xfs", "ntfs". Default is "xfs".
+                                          type: string
+                                        gateway:
+                                          description: gateway is the host address of
+                                            the ScaleIO API Gateway.
+                                          type: string
+                                        protectionDomain:
+                                          description: protectionDomain is the name
+                                            of the ScaleIO Protection Domain for the
+                                            configured storage.
+                                          type: string
+                                        readOnly:
+                                          description: readOnly Defaults to false (read/write).
+                                            ReadOnly here will force the ReadOnly setting
+                                            in VolumeMounts.
+                                          type: boolean
+                                        secretRef:
+                                          description: secretRef references to the secret
+                                            for ScaleIO user and other sensitive information.
+                                            If this is not provided, Login operation
+                                            will fail.
+                                          properties:
+                                            name:
+                                              description: 'Name of the referent. More
+                                                info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                TODO: Add other useful fields. apiVersion,
+                                                kind, uid?'
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        sslEnabled:
+                                          description: sslEnabled Flag enable/disable
+                                            SSL communication with Gateway, default
+                                            false
+                                          type: boolean
+                                        storageMode:
+                                          description: storageMode indicates whether
+                                            the storage for a volume should be ThickProvisioned
+                                            or ThinProvisioned. Default is ThinProvisioned.
+                                          type: string
+                                        storagePool:
+                                          description: storagePool is the ScaleIO Storage
+                                            Pool associated with the protection domain.
+                                          type: string
+                                        system:
+                                          description: system is the name of the storage
+                                            system as configured in ScaleIO.
+                                          type: string
+                                        volumeName:
+                                          description: volumeName is the name of a volume
+                                            already created in the ScaleIO system that
+                                            is associated with this volume source.
+                                          type: string
+                                      required:
+                                      - gateway
+                                      - secretRef
+                                      - system
+                                      type: object
+                                    secret:
+                                      description: 'secret represents a secret that
+                                        should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+                                      properties:
+                                        defaultMode:
+                                          description: 'defaultMode is Optional: mode
+                                            bits used to set permissions on created
+                                            files by default. Must be an octal value
+                                            between 0000 and 0777 or a decimal value
+                                            between 0 and 511. YAML accepts both octal
+                                            and decimal values, JSON requires decimal
+                                            values for mode bits. Defaults to 0644.
+                                            Directories within the path are not affected
+                                            by this setting. This might be in conflict
+                                            with other options that affect the file
+                                            mode, like fsGroup, and the result can be
+                                            other mode bits set.'
+                                          format: int32
+                                          type: integer
+                                        items:
+                                          description: items If unspecified, each key-value
+                                            pair in the Data field of the referenced
+                                            Secret will be projected into the volume
+                                            as a file whose name is the key and content
+                                            is the value. If specified, the listed keys
+                                            will be projected into the specified paths,
+                                            and unlisted keys will not be present. If
+                                            a key is specified which is not present
+                                            in the Secret, the volume setup will error
+                                            unless it is marked optional. Paths must
+                                            be relative and may not contain the '..'
+                                            path or start with '..'.
+                                          items:
+                                            description: Maps a string key to a path
+                                              within a volume.
+                                            properties:
+                                              key:
+                                                description: key is the key to project.
+                                                type: string
+                                              mode:
+                                                description: 'mode is Optional: mode
+                                                  bits used to set permissions on this
+                                                  file. Must be an octal value between
+                                                  0000 and 0777 or a decimal value between
+                                                  0 and 511. YAML accepts both octal
+                                                  and decimal values, JSON requires
+                                                  decimal values for mode bits. If not
+                                                  specified, the volume defaultMode
+                                                  will be used. This might be in conflict
+                                                  with other options that affect the
+                                                  file mode, like fsGroup, and the result
+                                                  can be other mode bits set.'
+                                                format: int32
+                                                type: integer
+                                              path:
+                                                description: path is the relative path
+                                                  of the file to map the key to. May
+                                                  not be an absolute path. May not contain
+                                                  the path element '..'. May not start
+                                                  with the string '..'.
+                                                type: string
+                                            required:
+                                            - key
+                                            - path
+                                            type: object
+                                          type: array
+                                        optional:
+                                          description: optional field specify whether
+                                            the Secret or its keys must be defined
+                                          type: boolean
+                                        secretName:
+                                          description: 'secretName is the name of the
+                                            secret in the pod''s namespace to use. More
+                                            info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+                                          type: string
+                                      type: object
+                                    storageos:
+                                      description: storageOS represents a StorageOS
+                                        volume attached and mounted on Kubernetes nodes.
+                                      properties:
+                                        fsType:
+                                          description: fsType is the filesystem type
+                                            to mount. Must be a filesystem type supported
+                                            by the host operating system. Ex. "ext4",
+                                            "xfs", "ntfs". Implicitly inferred to be
+                                            "ext4" if unspecified.
+                                          type: string
+                                        readOnly:
+                                          description: readOnly defaults to false (read/write).
+                                            ReadOnly here will force the ReadOnly setting
+                                            in VolumeMounts.
+                                          type: boolean
+                                        secretRef:
+                                          description: secretRef specifies the secret
+                                            to use for obtaining the StorageOS API credentials.  If
+                                            not specified, default values will be attempted.
+                                          properties:
+                                            name:
+                                              description: 'Name of the referent. More
+                                                info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                TODO: Add other useful fields. apiVersion,
+                                                kind, uid?'
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        volumeName:
+                                          description: volumeName is the human-readable
+                                            name of the StorageOS volume.  Volume names
+                                            are only unique within a namespace.
+                                          type: string
+                                        volumeNamespace:
+                                          description: volumeNamespace specifies the
+                                            scope of the volume within StorageOS.  If
+                                            no namespace is specified then the Pod's
+                                            namespace will be used.  This allows the
+                                            Kubernetes name scoping to be mirrored within
+                                            StorageOS for tighter integration. Set VolumeName
+                                            to any name to override the default behaviour.
+                                            Set to "default" if you are not using namespaces
+                                            within StorageOS. Namespaces that do not
+                                            pre-exist within StorageOS will be created.
+                                          type: string
+                                      type: object
+                                    vsphereVolume:
+                                      description: vsphereVolume represents a vSphere
+                                        volume attached and mounted on kubelets host
+                                        machine
+                                      properties:
+                                        fsType:
+                                          description: fsType is filesystem type to
+                                            mount. Must be a filesystem type supported
+                                            by the host operating system. Ex. "ext4",
+                                            "xfs", "ntfs". Implicitly inferred to be
+                                            "ext4" if unspecified.
+                                          type: string
+                                        storagePolicyID:
+                                          description: storagePolicyID is the storage
+                                            Policy Based Management (SPBM) profile ID
+                                            associated with the StoragePolicyName.
+                                          type: string
+                                        storagePolicyName:
+                                          description: storagePolicyName is the storage
+                                            Policy Based Management (SPBM) profile name.
+                                          type: string
+                                        volumePath:
+                                          description: volumePath is the path that identifies
+                                            vSphere volume vmdk
+                                          type: string
+                                      required:
+                                      - volumePath
+                                      type: object
+                                  required:
+                                  - name
+                                  type: object
+                                type: array
+                            type: object
+                          status:
+                            default: pending
+                            type: string
+                        required:
+                        - image
+                        - name
+                        type: object
+                      minItems: 1
+                      type: array
+                    name:
+                      maxLength: 40
+                      pattern: '[a-z0-9-]+'
+                      type: string
+                    parallel:
+                      default: false
+                      type: boolean
+                    params:
+                      properties:
+                        env:
+                          items:
+                            description: EnvVar represents an environment variable present
+                              in a Container.
+                            properties:
+                              name:
+                                description: Name of the environment variable. Must
+                                  be a C_IDENTIFIER.
+                                type: string
+                              value:
+                                description: 'Variable references $(VAR_NAME) are expanded
+                                  using the previously defined environment variables
+                                  in the container and any service environment variables.
+                                  If a variable cannot be resolved, the reference in
+                                  the input string will be unchanged. Double $$ are
+                                  reduced to a single $, which allows for escaping the
+                                  $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce
+                                  the string literal "$(VAR_NAME)". Escaped references
+                                  will never be expanded, regardless of whether the
+                                  variable exists or not. Defaults to "".'
+                                type: string
+                              valueFrom:
+                                description: Source for the environment variable's value.
+                                  Cannot be used if value is not empty.
+                                properties:
+                                  configMapKeyRef:
+                                    description: Selects a key of a ConfigMap.
+                                    properties:
+                                      key:
+                                        description: The key to select.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the ConfigMap or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  fieldRef:
+                                    description: 'Selects a field of the pod: supports
+                                      metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`,
+                                      `metadata.annotations[''<KEY>'']`, spec.nodeName,
+                                      spec.serviceAccountName, status.hostIP, status.podIP,
+                                      status.podIPs.'
+                                    properties:
+                                      apiVersion:
+                                        description: Version of the schema the FieldPath
+                                          is written in terms of, defaults to "v1".
+                                        type: string
+                                      fieldPath:
+                                        description: Path of the field to select in
+                                          the specified API version.
+                                        type: string
+                                    required:
+                                    - fieldPath
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  resourceFieldRef:
+                                    description: 'Selects a resource of the container:
+                                      only resources limits and requests (limits.cpu,
+                                      limits.memory, limits.ephemeral-storage, requests.cpu,
+                                      requests.memory and requests.ephemeral-storage)
+                                      are currently supported.'
+                                    properties:
+                                      containerName:
+                                        description: 'Container name: required for volumes,
+                                          optional for env vars'
+                                        type: string
+                                      divisor:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        description: Specifies the output format of
+                                          the exposed resources, defaults to "1"
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      resource:
+                                        description: 'Required: resource to select'
+                                        type: string
+                                    required:
+                                    - resource
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secretKeyRef:
+                                    description: Selects a key of a secret in the pod's
+                                      namespace
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or its
+                                          key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                            required:
+                            - name
+                            type: object
+                          type: array
+                        fromEnv:
+                          items:
+                            description: EnvFromSource represents the source of a set
+                              of ConfigMaps
+                            properties:
+                              configMapRef:
+                                description: The ConfigMap to select from
+                                properties:
+                                  name:
+                                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the ConfigMap must
+                                      be defined
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              prefix:
+                                description: An optional identifier to prepend to each
+                                  key in the ConfigMap. Must be a C_IDENTIFIER.
+                                type: string
+                              secretRef:
+                                description: The Secret to select from
+                                properties:
+                                  name:
+                                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret must be
+                                      defined
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          type: array
+                        imagePullPolicy:
+                          type: string
+                        imagePullSecrets:
+                          items:
+                            description: LocalObjectReference contains enough information
+                              to let you locate the referenced object inside the same
+                              namespace.
+                            properties:
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind, uid?'
+                                type: string
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          type: array
+                        labels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        restartPolicy:
+                          default: OnFailure
+                          type: string
+                        serviceAccount:
+                          type: string
+                        volumeMount:
+                          items:
+                            description: VolumeMount describes a mounting of a Volume
+                              within a container.
+                            properties:
+                              mountPath:
+                                description: Path within the container at which the
+                                  volume should be mounted.  Must not contain ':'.
+                                type: string
+                              mountPropagation:
+                                description: mountPropagation determines how mounts
+                                  are propagated from the host to container and the
+                                  other way around. When not set, MountPropagationNone
+                                  is used. This field is beta in 1.10.
+                                type: string
+                              name:
+                                description: This must match the Name of a Volume.
+                                type: string
+                              readOnly:
+                                description: Mounted read-only if true, read-write otherwise
+                                  (false or unspecified). Defaults to false.
+                                type: boolean
+                              subPath:
+                                description: Path within the volume from which the container's
+                                  volume should be mounted. Defaults to "" (volume's
+                                  root).
+                                type: string
+                              subPathExpr:
+                                description: Expanded path within the volume from which
+                                  the container's volume should be mounted. Behaves
+                                  similarly to SubPath but environment variable references
+                                  $(VAR_NAME) are expanded using the container's environment.
+                                  Defaults to "" (volume's root). SubPathExpr and SubPath
+                                  are mutually exclusive.
+                                type: string
+                            required:
+                            - mountPath
+                            - name
+                            type: object
+                          type: array
+                        volumes:
+                          items:
+                            description: Volume represents a named volume in a pod that
+                              may be accessed by any container in the pod.
+                            properties:
+                              awsElasticBlockStore:
+                                description: 'awsElasticBlockStore represents an AWS
+                                  Disk resource that is attached to a kubelet''s host
+                                  machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+                                properties:
+                                  fsType:
+                                    description: 'fsType is the filesystem type of the
+                                      volume that you want to mount. Tip: Ensure that
+                                      the filesystem type is supported by the host operating
+                                      system. Examples: "ext4", "xfs", "ntfs". Implicitly
+                                      inferred to be "ext4" if unspecified. More info:
+                                      https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+                                      TODO: how do we prevent errors in the filesystem
+                                      from compromising the machine'
+                                    type: string
+                                  partition:
+                                    description: 'partition is the partition in the
+                                      volume that you want to mount. If omitted, the
+                                      default is to mount by volume name. Examples:
+                                      For volume /dev/sda1, you specify the partition
+                                      as "1". Similarly, the volume partition for /dev/sda
+                                      is "0" (or you can leave the property empty).'
+                                    format: int32
+                                    type: integer
+                                  readOnly:
+                                    description: 'readOnly value true will force the
+                                      readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+                                    type: boolean
+                                  volumeID:
+                                    description: 'volumeID is unique ID of the persistent
+                                      disk resource in AWS (Amazon EBS volume). More
+                                      info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+                                    type: string
+                                required:
+                                - volumeID
+                                type: object
+                              azureDisk:
+                                description: azureDisk represents an Azure Data Disk
+                                  mount on the host and bind mount to the pod.
+                                properties:
+                                  cachingMode:
+                                    description: 'cachingMode is the Host Caching mode:
+                                      None, Read Only, Read Write.'
+                                    type: string
+                                  diskName:
+                                    description: diskName is the Name of the data disk
+                                      in the blob storage
+                                    type: string
+                                  diskURI:
+                                    description: diskURI is the URI of data disk in
+                                      the blob storage
+                                    type: string
+                                  fsType:
+                                    description: fsType is Filesystem type to mount.
+                                      Must be a filesystem type supported by the host
+                                      operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
+                                      inferred to be "ext4" if unspecified.
+                                    type: string
+                                  kind:
+                                    description: 'kind expected values are Shared: multiple
+                                      blob disks per storage account  Dedicated: single
+                                      blob disk per storage account  Managed: azure
+                                      managed data disk (only in managed availability
+                                      set). defaults to shared'
+                                    type: string
+                                  readOnly:
+                                    description: readOnly Defaults to false (read/write).
+                                      ReadOnly here will force the ReadOnly setting
+                                      in VolumeMounts.
+                                    type: boolean
+                                required:
+                                - diskName
+                                - diskURI
+                                type: object
+                              azureFile:
+                                description: azureFile represents an Azure File Service
+                                  mount on the host and bind mount to the pod.
+                                properties:
+                                  readOnly:
+                                    description: readOnly defaults to false (read/write).
+                                      ReadOnly here will force the ReadOnly setting
+                                      in VolumeMounts.
+                                    type: boolean
+                                  secretName:
+                                    description: secretName is the  name of secret that
+                                      contains Azure Storage Account Name and Key
+                                    type: string
+                                  shareName:
+                                    description: shareName is the azure share Name
+                                    type: string
+                                required:
+                                - secretName
+                                - shareName
+                                type: object
+                              cephfs:
+                                description: cephFS represents a Ceph FS mount on the
+                                  host that shares a pod's lifetime
+                                properties:
+                                  monitors:
+                                    description: 'monitors is Required: Monitors is
+                                      a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                                    items:
+                                      type: string
+                                    type: array
+                                  path:
+                                    description: 'path is Optional: Used as the mounted
+                                      root, rather than the full Ceph tree, default
+                                      is /'
+                                    type: string
+                                  readOnly:
+                                    description: 'readOnly is Optional: Defaults to
+                                      false (read/write). ReadOnly here will force the
+                                      ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                                    type: boolean
+                                  secretFile:
+                                    description: 'secretFile is Optional: SecretFile
+                                      is the path to key ring for User, default is /etc/ceph/user.secret
+                                      More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                                    type: string
+                                  secretRef:
+                                    description: 'secretRef is Optional: SecretRef is
+                                      reference to the authentication secret for User,
+                                      default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                                    properties:
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  user:
+                                    description: 'user is optional: User is the rados
+                                      user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                                    type: string
+                                required:
+                                - monitors
+                                type: object
+                              cinder:
+                                description: 'cinder represents a cinder volume attached
+                                  and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                                properties:
+                                  fsType:
+                                    description: 'fsType is the filesystem type to mount.
+                                      Must be a filesystem type supported by the host
+                                      operating system. Examples: "ext4", "xfs", "ntfs".
+                                      Implicitly inferred to be "ext4" if unspecified.
+                                      More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                                    type: string
+                                  readOnly:
+                                    description: 'readOnly defaults to false (read/write).
+                                      ReadOnly here will force the ReadOnly setting
+                                      in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                                    type: boolean
+                                  secretRef:
+                                    description: 'secretRef is optional: points to a
+                                      secret object containing parameters used to connect
+                                      to OpenStack.'
+                                    properties:
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  volumeID:
+                                    description: 'volumeID used to identify the volume
+                                      in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                                    type: string
+                                required:
+                                - volumeID
+                                type: object
+                              configMap:
+                                description: configMap represents a configMap that should
+                                  populate this volume
+                                properties:
+                                  defaultMode:
+                                    description: 'defaultMode is optional: mode bits
+                                      used to set permissions on created files by default.
+                                      Must be an octal value between 0000 and 0777 or
+                                      a decimal value between 0 and 511. YAML accepts
+                                      both octal and decimal values, JSON requires decimal
+                                      values for mode bits. Defaults to 0644. Directories
+                                      within the path are not affected by this setting.
+                                      This might be in conflict with other options that
+                                      affect the file mode, like fsGroup, and the result
+                                      can be other mode bits set.'
+                                    format: int32
+                                    type: integer
+                                  items:
+                                    description: items if unspecified, each key-value
+                                      pair in the Data field of the referenced ConfigMap
+                                      will be projected into the volume as a file whose
+                                      name is the key and content is the value. If specified,
+                                      the listed keys will be projected into the specified
+                                      paths, and unlisted keys will not be present.
+                                      If a key is specified which is not present in
+                                      the ConfigMap, the volume setup will error unless
+                                      it is marked optional. Paths must be relative
+                                      and may not contain the '..' path or start with
+                                      '..'.
+                                    items:
+                                      description: Maps a string key to a path within
+                                        a volume.
+                                      properties:
+                                        key:
+                                          description: key is the key to project.
+                                          type: string
+                                        mode:
+                                          description: 'mode is Optional: mode bits
+                                            used to set permissions on this file. Must
+                                            be an octal value between 0000 and 0777
+                                            or a decimal value between 0 and 511. YAML
+                                            accepts both octal and decimal values, JSON
+                                            requires decimal values for mode bits. If
+                                            not specified, the volume defaultMode will
+                                            be used. This might be in conflict with
+                                            other options that affect the file mode,
+                                            like fsGroup, and the result can be other
+                                            mode bits set.'
+                                          format: int32
+                                          type: integer
+                                        path:
+                                          description: path is the relative path of
+                                            the file to map the key to. May not be an
+                                            absolute path. May not contain the path
+                                            element '..'. May not start with the string
+                                            '..'.
+                                          type: string
+                                      required:
+                                      - key
+                                      - path
+                                      type: object
+                                    type: array
+                                  name:
+                                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: optional specify whether the ConfigMap
+                                      or its keys must be defined
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              csi:
+                                description: csi (Container Storage Interface) represents
+                                  ephemeral storage that is handled by certain external
+                                  CSI drivers (Beta feature).
+                                properties:
+                                  driver:
+                                    description: driver is the name of the CSI driver
+                                      that handles this volume. Consult with your admin
+                                      for the correct name as registered in the cluster.
+                                    type: string
+                                  fsType:
+                                    description: fsType to mount. Ex. "ext4", "xfs",
+                                      "ntfs". If not provided, the empty value is passed
+                                      to the associated CSI driver which will determine
+                                      the default filesystem to apply.
+                                    type: string
+                                  nodePublishSecretRef:
+                                    description: nodePublishSecretRef is a reference
+                                      to the secret object containing sensitive information
+                                      to pass to the CSI driver to complete the CSI
+                                      NodePublishVolume and NodeUnpublishVolume calls.
+                                      This field is optional, and  may be empty if no
+                                      secret is required. If the secret object contains
+                                      more than one secret, all secret references are
+                                      passed.
+                                    properties:
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  readOnly:
+                                    description: readOnly specifies a read-only configuration
+                                      for the volume. Defaults to false (read/write).
+                                    type: boolean
+                                  volumeAttributes:
+                                    additionalProperties:
+                                      type: string
+                                    description: volumeAttributes stores driver-specific
+                                      properties that are passed to the CSI driver.
+                                      Consult your driver's documentation for supported
+                                      values.
+                                    type: object
+                                required:
+                                - driver
+                                type: object
+                              downwardAPI:
+                                description: downwardAPI represents downward API about
+                                  the pod that should populate this volume
+                                properties:
+                                  defaultMode:
+                                    description: 'Optional: mode bits to use on created
+                                      files by default. Must be a Optional: mode bits
+                                      used to set permissions on created files by default.
+                                      Must be an octal value between 0000 and 0777 or
+                                      a decimal value between 0 and 511. YAML accepts
+                                      both octal and decimal values, JSON requires decimal
+                                      values for mode bits. Defaults to 0644. Directories
+                                      within the path are not affected by this setting.
+                                      This might be in conflict with other options that
+                                      affect the file mode, like fsGroup, and the result
+                                      can be other mode bits set.'
+                                    format: int32
+                                    type: integer
+                                  items:
+                                    description: Items is a list of downward API volume
+                                      file
+                                    items:
+                                      description: DownwardAPIVolumeFile represents
+                                        information to create the file containing the
+                                        pod field
+                                      properties:
+                                        fieldRef:
+                                          description: 'Required: Selects a field of
+                                            the pod: only annotations, labels, name
+                                            and namespace are supported.'
+                                          properties:
+                                            apiVersion:
+                                              description: Version of the schema the
+                                                FieldPath is written in terms of, defaults
+                                                to "v1".
+                                              type: string
+                                            fieldPath:
+                                              description: Path of the field to select
+                                                in the specified API version.
+                                              type: string
+                                          required:
+                                          - fieldPath
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        mode:
+                                          description: 'Optional: mode bits used to
+                                            set permissions on this file, must be an
+                                            octal value between 0000 and 0777 or a decimal
+                                            value between 0 and 511. YAML accepts both
+                                            octal and decimal values, JSON requires
+                                            decimal values for mode bits. If not specified,
+                                            the volume defaultMode will be used. This
+                                            might be in conflict with other options
+                                            that affect the file mode, like fsGroup,
+                                            and the result can be other mode bits set.'
+                                          format: int32
+                                          type: integer
+                                        path:
+                                          description: 'Required: Path is  the relative
+                                            path name of the file to be created. Must
+                                            not be absolute or contain the ''..'' path.
+                                            Must be utf-8 encoded. The first item of
+                                            the relative path must not start with ''..'''
+                                          type: string
+                                        resourceFieldRef:
+                                          description: 'Selects a resource of the container:
+                                            only resources limits and requests (limits.cpu,
+                                            limits.memory, requests.cpu and requests.memory)
+                                            are currently supported.'
+                                          properties:
+                                            containerName:
+                                              description: 'Container name: required
+                                                for volumes, optional for env vars'
+                                              type: string
+                                            divisor:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              description: Specifies the output format
+                                                of the exposed resources, defaults to
+                                                "1"
+                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                              x-kubernetes-int-or-string: true
+                                            resource:
+                                              description: 'Required: resource to select'
+                                              type: string
+                                          required:
+                                          - resource
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                      required:
+                                      - path
+                                      type: object
+                                    type: array
+                                type: object
+                              emptyDir:
+                                description: 'emptyDir represents a temporary directory
+                                  that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+                                properties:
+                                  medium:
+                                    description: 'medium represents what type of storage
+                                      medium should back this directory. The default
+                                      is "" which means to use the node''s default medium.
+                                      Must be an empty string (default) or Memory. More
+                                      info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+                                    type: string
+                                  sizeLimit:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    description: 'sizeLimit is the total amount of local
+                                      storage required for this EmptyDir volume. The
+                                      size limit is also applicable for memory medium.
+                                      The maximum usage on memory medium EmptyDir would
+                                      be the minimum value between the SizeLimit specified
+                                      here and the sum of memory limits of all containers
+                                      in a pod. The default is nil which means that
+                                      the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                type: object
+                              ephemeral:
+                                description: "ephemeral represents a volume that is
+                                  handled by a cluster storage driver. The volume's
+                                  lifecycle is tied to the pod that defines it - it
+                                  will be created before the pod starts, and deleted
+                                  when the pod is removed. \n Use this if: a) the volume
+                                  is only needed while the pod runs, b) features of
+                                  normal volumes like restoring from snapshot or capacity
+                                  tracking are needed, c) the storage driver is specified
+                                  through a storage class, and d) the storage driver
+                                  supports dynamic volume provisioning through a PersistentVolumeClaim
+                                  (see EphemeralVolumeSource for more information on
+                                  the connection between this volume type and PersistentVolumeClaim).
+                                  \n Use PersistentVolumeClaim or one of the vendor-specific
+                                  APIs for volumes that persist for longer than the
+                                  lifecycle of an individual pod. \n Use CSI for light-weight
+                                  local ephemeral volumes if the CSI driver is meant
+                                  to be used that way - see the documentation of the
+                                  driver for more information. \n A pod can use both
+                                  types of ephemeral volumes and persistent volumes
+                                  at the same time."
+                                properties:
+                                  volumeClaimTemplate:
+                                    description: "Will be used to create a stand-alone
+                                      PVC to provision the volume. The pod in which
+                                      this EphemeralVolumeSource is embedded will be
+                                      the owner of the PVC, i.e. the PVC will be deleted
+                                      together with the pod.  The name of the PVC will
+                                      be `<pod name>-<volume name>` where `<volume name>`
+                                      is the name from the `PodSpec.Volumes` array entry.
+                                      Pod validation will reject the pod if the concatenated
+                                      name is not valid for a PVC (for example, too
+                                      long). \n An existing PVC with that name that
+                                      is not owned by the pod will *not* be used for
+                                      the pod to avoid using an unrelated volume by
+                                      mistake. Starting the pod is then blocked until
+                                      the unrelated PVC is removed. If such a pre-created
+                                      PVC is meant to be used by the pod, the PVC has
+                                      to updated with an owner reference to the pod
+                                      once the pod exists. Normally this should not
+                                      be necessary, but it may be useful when manually
+                                      reconstructing a broken cluster. \n This field
+                                      is read-only and no changes will be made by Kubernetes
+                                      to the PVC after it has been created. \n Required,
+                                      must not be nil."
+                                    properties:
+                                      metadata:
+                                        description: May contain labels and annotations
+                                          that will be copied into the PVC when creating
+                                          it. No other fields are allowed and will be
+                                          rejected during validation.
+                                        type: object
+                                      spec:
+                                        description: The specification for the PersistentVolumeClaim.
+                                          The entire content is copied unchanged into
+                                          the PVC that gets created from this template.
+                                          The same fields as in a PersistentVolumeClaim
+                                          are also valid here.
+                                        properties:
+                                          accessModes:
+                                            description: 'accessModes contains the desired
+                                              access modes the volume should have. More
+                                              info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
+                                            items:
+                                              type: string
+                                            type: array
+                                          dataSource:
+                                            description: 'dataSource field can be used
+                                              to specify either: * An existing VolumeSnapshot
+                                              object (snapshot.storage.k8s.io/VolumeSnapshot)
+                                              * An existing PVC (PersistentVolumeClaim)
+                                              If the provisioner or an external controller
+                                              can support the specified data source,
+                                              it will create a new volume based on the
+                                              contents of the specified data source.
+                                              When the AnyVolumeDataSource feature gate
+                                              is enabled, dataSource contents will be
+                                              copied to dataSourceRef, and dataSourceRef
+                                              contents will be copied to dataSource
+                                              when dataSourceRef.namespace is not specified.
+                                              If the namespace is specified, then dataSourceRef
+                                              will not be copied to dataSource.'
+                                            properties:
+                                              apiGroup:
+                                                description: APIGroup is the group for
+                                                  the resource being referenced. If
+                                                  APIGroup is not specified, the specified
+                                                  Kind must be in the core API group.
+                                                  For any other third-party types, APIGroup
+                                                  is required.
+                                                type: string
+                                              kind:
+                                                description: Kind is the type of resource
+                                                  being referenced
+                                                type: string
+                                              name:
+                                                description: Name is the name of resource
+                                                  being referenced
+                                                type: string
+                                            required:
+                                            - kind
+                                            - name
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                          dataSourceRef:
+                                            description: 'dataSourceRef specifies the
+                                              object from which to populate the volume
+                                              with data, if a non-empty volume is desired.
+                                              This may be any object from a non-empty
+                                              API group (non core object) or a PersistentVolumeClaim
+                                              object. When this field is specified,
+                                              volume binding will only succeed if the
+                                              type of the specified object matches some
+                                              installed volume populator or dynamic
+                                              provisioner. This field will replace the
+                                              functionality of the dataSource field
+                                              and as such if both fields are non-empty,
+                                              they must have the same value. For backwards
+                                              compatibility, when namespace isn''t specified
+                                              in dataSourceRef, both fields (dataSource
+                                              and dataSourceRef) will be set to the
+                                              same value automatically if one of them
+                                              is empty and the other is non-empty. When
+                                              namespace is specified in dataSourceRef,
+                                              dataSource isn''t set to the same value
+                                              and must be empty. There are three important
+                                              differences between dataSource and dataSourceRef:
+                                              * While dataSource only allows two specific
+                                              types of objects, dataSourceRef allows
+                                              any non-core object, as well as PersistentVolumeClaim
+                                              objects. * While dataSource ignores disallowed
+                                              values (dropping them), dataSourceRef
+                                              preserves all values, and generates an
+                                              error if a disallowed value is specified.
+                                              * While dataSource only allows local objects,
+                                              dataSourceRef allows objects in any namespaces.
+                                              (Beta) Using this field requires the AnyVolumeDataSource
+                                              feature gate to be enabled. (Alpha) Using
+                                              the namespace field of dataSourceRef requires
+                                              the CrossNamespaceVolumeDataSource feature
+                                              gate to be enabled.'
+                                            properties:
+                                              apiGroup:
+                                                description: APIGroup is the group for
+                                                  the resource being referenced. If
+                                                  APIGroup is not specified, the specified
+                                                  Kind must be in the core API group.
+                                                  For any other third-party types, APIGroup
+                                                  is required.
+                                                type: string
+                                              kind:
+                                                description: Kind is the type of resource
+                                                  being referenced
+                                                type: string
+                                              name:
+                                                description: Name is the name of resource
+                                                  being referenced
+                                                type: string
+                                              namespace:
+                                                description: Namespace is the namespace
+                                                  of resource being referenced Note
+                                                  that when a namespace is specified,
+                                                  a gateway.networking.k8s.io/ReferenceGrant
+                                                  object is required in the referent
+                                                  namespace to allow that namespace's
+                                                  owner to accept the reference. See
+                                                  the ReferenceGrant documentation for
+                                                  details. (Alpha) This field requires
+                                                  the CrossNamespaceVolumeDataSource
+                                                  feature gate to be enabled.
+                                                type: string
+                                            required:
+                                            - kind
+                                            - name
+                                            type: object
+                                          resources:
+                                            description: 'resources represents the minimum
+                                              resources the volume should have. If RecoverVolumeExpansionFailure
+                                              feature is enabled users are allowed to
+                                              specify resource requirements that are
+                                              lower than previous value but must still
+                                              be higher than capacity recorded in the
+                                              status field of the claim. More info:
+                                              https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
+                                            properties:
+                                              claims:
+                                                description: "Claims lists the names
+                                                  of resources, defined in spec.resourceClaims,
+                                                  that are used by this container. \n
+                                                  This is an alpha field and requires
+                                                  enabling the DynamicResourceAllocation
+                                                  feature gate. \n This field is immutable."
+                                                items:
+                                                  description: ResourceClaim references
+                                                    one entry in PodSpec.ResourceClaims.
+                                                  properties:
+                                                    name:
+                                                      description: Name must match the
+                                                        name of one entry in pod.spec.resourceClaims
+                                                        of the Pod where this field
+                                                        is used. It makes that resource
+                                                        available inside a container.
+                                                      type: string
+                                                  required:
+                                                  - name
+                                                  type: object
+                                                type: array
+                                                x-kubernetes-list-map-keys:
+                                                - name
+                                                x-kubernetes-list-type: map
+                                              limits:
+                                                additionalProperties:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                  x-kubernetes-int-or-string: true
+                                                description: 'Limits describes the maximum
+                                                  amount of compute resources allowed.
+                                                  More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                                type: object
+                                              requests:
+                                                additionalProperties:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                  x-kubernetes-int-or-string: true
+                                                description: 'Requests describes the
+                                                  minimum amount of compute resources
+                                                  required. If Requests is omitted for
+                                                  a container, it defaults to Limits
+                                                  if that is explicitly specified, otherwise
+                                                  to an implementation-defined value.
+                                                  More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                                type: object
+                                            type: object
+                                          selector:
+                                            description: selector is a label query over
+                                              volumes to consider for binding.
+                                            properties:
+                                              matchExpressions:
+                                                description: matchExpressions is a list
+                                                  of label selector requirements. The
+                                                  requirements are ANDed.
+                                                items:
+                                                  description: A label selector requirement
+                                                    is a selector that contains values,
+                                                    a key, and an operator that relates
+                                                    the key and values.
+                                                  properties:
+                                                    key:
+                                                      description: key is the label
+                                                        key that the selector applies
+                                                        to.
+                                                      type: string
+                                                    operator:
+                                                      description: operator represents
+                                                        a key's relationship to a set
+                                                        of values. Valid operators are
+                                                        In, NotIn, Exists and DoesNotExist.
+                                                      type: string
+                                                    values:
+                                                      description: values is an array
+                                                        of string values. If the operator
+                                                        is In or NotIn, the values array
+                                                        must be non-empty. If the operator
+                                                        is Exists or DoesNotExist, the
+                                                        values array must be empty.
+                                                        This array is replaced during
+                                                        a strategic merge patch.
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                  required:
+                                                  - key
+                                                  - operator
+                                                  type: object
+                                                type: array
+                                              matchLabels:
+                                                additionalProperties:
+                                                  type: string
+                                                description: matchLabels is a map of
+                                                  {key,value} pairs. A single {key,value}
+                                                  in the matchLabels map is equivalent
+                                                  to an element of matchExpressions,
+                                                  whose key field is "key", the operator
+                                                  is "In", and the values array contains
+                                                  only "value". The requirements are
+                                                  ANDed.
+                                                type: object
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                          storageClassName:
+                                            description: 'storageClassName is the name
+                                              of the StorageClass required by the claim.
+                                              More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+                                            type: string
+                                          volumeMode:
+                                            description: volumeMode defines what type
+                                              of volume is required by the claim. Value
+                                              of Filesystem is implied when not included
+                                              in claim spec.
+                                            type: string
+                                          volumeName:
+                                            description: volumeName is the binding reference
+                                              to the PersistentVolume backing this claim.
+                                            type: string
+                                        type: object
+                                    required:
+                                    - spec
+                                    type: object
+                                type: object
+                              fc:
+                                description: fc represents a Fibre Channel resource
+                                  that is attached to a kubelet's host machine and then
+                                  exposed to the pod.
+                                properties:
+                                  fsType:
+                                    description: 'fsType is the filesystem type to mount.
+                                      Must be a filesystem type supported by the host
+                                      operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
+                                      inferred to be "ext4" if unspecified. TODO: how
+                                      do we prevent errors in the filesystem from compromising
+                                      the machine'
+                                    type: string
+                                  lun:
+                                    description: 'lun is Optional: FC target lun number'
+                                    format: int32
+                                    type: integer
+                                  readOnly:
+                                    description: 'readOnly is Optional: Defaults to
+                                      false (read/write). ReadOnly here will force the
+                                      ReadOnly setting in VolumeMounts.'
+                                    type: boolean
+                                  targetWWNs:
+                                    description: 'targetWWNs is Optional: FC target
+                                      worldwide names (WWNs)'
+                                    items:
+                                      type: string
+                                    type: array
+                                  wwids:
+                                    description: 'wwids Optional: FC volume world wide
+                                      identifiers (wwids) Either wwids or combination
+                                      of targetWWNs and lun must be set, but not both
+                                      simultaneously.'
+                                    items:
+                                      type: string
+                                    type: array
+                                type: object
+                              flexVolume:
+                                description: flexVolume represents a generic volume
+                                  resource that is provisioned/attached using an exec
+                                  based plugin.
+                                properties:
+                                  driver:
+                                    description: driver is the name of the driver to
+                                      use for this volume.
+                                    type: string
+                                  fsType:
+                                    description: fsType is the filesystem type to mount.
+                                      Must be a filesystem type supported by the host
+                                      operating system. Ex. "ext4", "xfs", "ntfs". The
+                                      default filesystem depends on FlexVolume script.
+                                    type: string
+                                  options:
+                                    additionalProperties:
+                                      type: string
+                                    description: 'options is Optional: this field holds
+                                      extra command options if any.'
+                                    type: object
+                                  readOnly:
+                                    description: 'readOnly is Optional: defaults to
+                                      false (read/write). ReadOnly here will force the
+                                      ReadOnly setting in VolumeMounts.'
+                                    type: boolean
+                                  secretRef:
+                                    description: 'secretRef is Optional: secretRef is
+                                      reference to the secret object containing sensitive
+                                      information to pass to the plugin scripts. This
+                                      may be empty if no secret object is specified.
+                                      If the secret object contains more than one secret,
+                                      all secrets are passed to the plugin scripts.'
+                                    properties:
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                required:
+                                - driver
+                                type: object
+                              flocker:
+                                description: flocker represents a Flocker volume attached
+                                  to a kubelet's host machine. This depends on the Flocker
+                                  control service being running
+                                properties:
+                                  datasetName:
+                                    description: datasetName is Name of the dataset
+                                      stored as metadata -> name on the dataset for
+                                      Flocker should be considered as deprecated
+                                    type: string
+                                  datasetUUID:
+                                    description: datasetUUID is the UUID of the dataset.
+                                      This is unique identifier of a Flocker dataset
+                                    type: string
+                                type: object
+                              gcePersistentDisk:
+                                description: 'gcePersistentDisk represents a GCE Disk
+                                  resource that is attached to a kubelet''s host machine
+                                  and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                                properties:
+                                  fsType:
+                                    description: 'fsType is filesystem type of the volume
+                                      that you want to mount. Tip: Ensure that the filesystem
+                                      type is supported by the host operating system.
+                                      Examples: "ext4", "xfs", "ntfs". Implicitly inferred
+                                      to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+                                      TODO: how do we prevent errors in the filesystem
+                                      from compromising the machine'
+                                    type: string
+                                  partition:
+                                    description: 'partition is the partition in the
+                                      volume that you want to mount. If omitted, the
+                                      default is to mount by volume name. Examples:
+                                      For volume /dev/sda1, you specify the partition
+                                      as "1". Similarly, the volume partition for /dev/sda
+                                      is "0" (or you can leave the property empty).
+                                      More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                                    format: int32
+                                    type: integer
+                                  pdName:
+                                    description: 'pdName is unique name of the PD resource
+                                      in GCE. Used to identify the disk in GCE. More
+                                      info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                                    type: string
+                                  readOnly:
+                                    description: 'readOnly here will force the ReadOnly
+                                      setting in VolumeMounts. Defaults to false. More
+                                      info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                                    type: boolean
+                                required:
+                                - pdName
+                                type: object
+                              gitRepo:
+                                description: 'gitRepo represents a git repository at
+                                  a particular revision. DEPRECATED: GitRepo is deprecated.
+                                  To provision a container with a git repo, mount an
+                                  EmptyDir into an InitContainer that clones the repo
+                                  using git, then mount the EmptyDir into the Pod''s
+                                  container.'
+                                properties:
+                                  directory:
+                                    description: directory is the target directory name.
+                                      Must not contain or start with '..'.  If '.' is
+                                      supplied, the volume directory will be the git
+                                      repository.  Otherwise, if specified, the volume
+                                      will contain the git repository in the subdirectory
+                                      with the given name.
+                                    type: string
+                                  repository:
+                                    description: repository is the URL
+                                    type: string
+                                  revision:
+                                    description: revision is the commit hash for the
+                                      specified revision.
+                                    type: string
+                                required:
+                                - repository
+                                type: object
+                              glusterfs:
+                                description: 'glusterfs represents a Glusterfs mount
+                                  on the host that shares a pod''s lifetime. More info:
+                                  https://examples.k8s.io/volumes/glusterfs/README.md'
+                                properties:
+                                  endpoints:
+                                    description: 'endpoints is the endpoint name that
+                                      details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+                                    type: string
+                                  path:
+                                    description: 'path is the Glusterfs volume path.
+                                      More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+                                    type: string
+                                  readOnly:
+                                    description: 'readOnly here will force the Glusterfs
+                                      volume to be mounted with read-only permissions.
+                                      Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+                                    type: boolean
+                                required:
+                                - endpoints
+                                - path
+                                type: object
+                              hostPath:
+                                description: 'hostPath represents a pre-existing file
+                                  or directory on the host machine that is directly
+                                  exposed to the container. This is generally used for
+                                  system agents or other privileged things that are
+                                  allowed to see the host machine. Most containers will
+                                  NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+                                  --- TODO(jonesdl) We need to restrict who can use
+                                  host directory mounts and who can/can not mount host
+                                  directories as read/write.'
+                                properties:
+                                  path:
+                                    description: 'path of the directory on the host.
+                                      If the path is a symlink, it will follow the link
+                                      to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
+                                    type: string
+                                  type:
+                                    description: 'type for HostPath Volume Defaults
+                                      to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
+                                    type: string
+                                required:
+                                - path
+                                type: object
+                              iscsi:
+                                description: 'iscsi represents an ISCSI Disk resource
+                                  that is attached to a kubelet''s host machine and
+                                  then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
+                                properties:
+                                  chapAuthDiscovery:
+                                    description: chapAuthDiscovery defines whether support
+                                      iSCSI Discovery CHAP authentication
+                                    type: boolean
+                                  chapAuthSession:
+                                    description: chapAuthSession defines whether support
+                                      iSCSI Session CHAP authentication
+                                    type: boolean
+                                  fsType:
+                                    description: 'fsType is the filesystem type of the
+                                      volume that you want to mount. Tip: Ensure that
+                                      the filesystem type is supported by the host operating
+                                      system. Examples: "ext4", "xfs", "ntfs". Implicitly
+                                      inferred to be "ext4" if unspecified. More info:
+                                      https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+                                      TODO: how do we prevent errors in the filesystem
+                                      from compromising the machine'
+                                    type: string
+                                  initiatorName:
+                                    description: initiatorName is the custom iSCSI Initiator
+                                      Name. If initiatorName is specified with iscsiInterface
+                                      simultaneously, new iSCSI interface <target portal>:<volume
+                                      name> will be created for the connection.
+                                    type: string
+                                  iqn:
+                                    description: iqn is the target iSCSI Qualified Name.
+                                    type: string
+                                  iscsiInterface:
+                                    description: iscsiInterface is the interface Name
+                                      that uses an iSCSI transport. Defaults to 'default'
+                                      (tcp).
+                                    type: string
+                                  lun:
+                                    description: lun represents iSCSI Target Lun number.
+                                    format: int32
+                                    type: integer
+                                  portals:
+                                    description: portals is the iSCSI Target Portal
+                                      List. The portal is either an IP or ip_addr:port
+                                      if the port is other than default (typically TCP
+                                      ports 860 and 3260).
+                                    items:
+                                      type: string
+                                    type: array
+                                  readOnly:
+                                    description: readOnly here will force the ReadOnly
+                                      setting in VolumeMounts. Defaults to false.
+                                    type: boolean
+                                  secretRef:
+                                    description: secretRef is the CHAP Secret for iSCSI
+                                      target and initiator authentication
+                                    properties:
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  targetPortal:
+                                    description: targetPortal is iSCSI Target Portal.
+                                      The Portal is either an IP or ip_addr:port if
+                                      the port is other than default (typically TCP
+                                      ports 860 and 3260).
+                                    type: string
+                                required:
+                                - iqn
+                                - lun
+                                - targetPortal
+                                type: object
+                              name:
+                                description: 'name of the volume. Must be a DNS_LABEL
+                                  and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+                                type: string
+                              nfs:
+                                description: 'nfs represents an NFS mount on the host
+                                  that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                                properties:
+                                  path:
+                                    description: 'path that is exported by the NFS server.
+                                      More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                                    type: string
+                                  readOnly:
+                                    description: 'readOnly here will force the NFS export
+                                      to be mounted with read-only permissions. Defaults
+                                      to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                                    type: boolean
+                                  server:
+                                    description: 'server is the hostname or IP address
+                                      of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                                    type: string
+                                required:
+                                - path
+                                - server
+                                type: object
+                              persistentVolumeClaim:
+                                description: 'persistentVolumeClaimVolumeSource represents
+                                  a reference to a PersistentVolumeClaim in the same
+                                  namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+                                properties:
+                                  claimName:
+                                    description: 'claimName is the name of a PersistentVolumeClaim
+                                      in the same namespace as the pod using this volume.
+                                      More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+                                    type: string
+                                  readOnly:
+                                    description: readOnly Will force the ReadOnly setting
+                                      in VolumeMounts. Default false.
+                                    type: boolean
+                                required:
+                                - claimName
+                                type: object
+                              photonPersistentDisk:
+                                description: photonPersistentDisk represents a PhotonController
+                                  persistent disk attached and mounted on kubelets host
+                                  machine
+                                properties:
+                                  fsType:
+                                    description: fsType is the filesystem type to mount.
+                                      Must be a filesystem type supported by the host
+                                      operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
+                                      inferred to be "ext4" if unspecified.
+                                    type: string
+                                  pdID:
+                                    description: pdID is the ID that identifies Photon
+                                      Controller persistent disk
+                                    type: string
+                                required:
+                                - pdID
+                                type: object
+                              portworxVolume:
+                                description: portworxVolume represents a portworx volume
+                                  attached and mounted on kubelets host machine
+                                properties:
+                                  fsType:
+                                    description: fSType represents the filesystem type
+                                      to mount Must be a filesystem type supported by
+                                      the host operating system. Ex. "ext4", "xfs".
+                                      Implicitly inferred to be "ext4" if unspecified.
+                                    type: string
+                                  readOnly:
+                                    description: readOnly defaults to false (read/write).
+                                      ReadOnly here will force the ReadOnly setting
+                                      in VolumeMounts.
+                                    type: boolean
+                                  volumeID:
+                                    description: volumeID uniquely identifies a Portworx
+                                      volume
+                                    type: string
+                                required:
+                                - volumeID
+                                type: object
+                              projected:
+                                description: projected items for all in one resources
+                                  secrets, configmaps, and downward API
+                                properties:
+                                  defaultMode:
+                                    description: defaultMode are the mode bits used
+                                      to set permissions on created files by default.
+                                      Must be an octal value between 0000 and 0777 or
+                                      a decimal value between 0 and 511. YAML accepts
+                                      both octal and decimal values, JSON requires decimal
+                                      values for mode bits. Directories within the path
+                                      are not affected by this setting. This might be
+                                      in conflict with other options that affect the
+                                      file mode, like fsGroup, and the result can be
+                                      other mode bits set.
+                                    format: int32
+                                    type: integer
+                                  sources:
+                                    description: sources is the list of volume projections
+                                    items:
+                                      description: Projection that may be projected
+                                        along with other supported volume types
+                                      properties:
+                                        configMap:
+                                          description: configMap information about the
+                                            configMap data to project
+                                          properties:
+                                            items:
+                                              description: items if unspecified, each
+                                                key-value pair in the Data field of
+                                                the referenced ConfigMap will be projected
+                                                into the volume as a file whose name
+                                                is the key and content is the value.
+                                                If specified, the listed keys will be
+                                                projected into the specified paths,
+                                                and unlisted keys will not be present.
+                                                If a key is specified which is not present
+                                                in the ConfigMap, the volume setup will
+                                                error unless it is marked optional.
+                                                Paths must be relative and may not contain
+                                                the '..' path or start with '..'.
+                                              items:
+                                                description: Maps a string key to a
+                                                  path within a volume.
+                                                properties:
+                                                  key:
+                                                    description: key is the key to project.
+                                                    type: string
+                                                  mode:
+                                                    description: 'mode is Optional:
+                                                      mode bits used to set permissions
+                                                      on this file. Must be an octal
+                                                      value between 0000 and 0777 or
+                                                      a decimal value between 0 and
+                                                      511. YAML accepts both octal and
+                                                      decimal values, JSON requires
+                                                      decimal values for mode bits.
+                                                      If not specified, the volume defaultMode
+                                                      will be used. This might be in
+                                                      conflict with other options that
+                                                      affect the file mode, like fsGroup,
+                                                      and the result can be other mode
+                                                      bits set.'
+                                                    format: int32
+                                                    type: integer
+                                                  path:
+                                                    description: path is the relative
+                                                      path of the file to map the key
+                                                      to. May not be an absolute path.
+                                                      May not contain the path element
+                                                      '..'. May not start with the string
+                                                      '..'.
+                                                    type: string
+                                                required:
+                                                - key
+                                                - path
+                                                type: object
+                                              type: array
+                                            name:
+                                              description: 'Name of the referent. More
+                                                info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                TODO: Add other useful fields. apiVersion,
+                                                kind, uid?'
+                                              type: string
+                                            optional:
+                                              description: optional specify whether
+                                                the ConfigMap or its keys must be defined
+                                              type: boolean
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        downwardAPI:
+                                          description: downwardAPI information about
+                                            the downwardAPI data to project
+                                          properties:
+                                            items:
+                                              description: Items is a list of DownwardAPIVolume
+                                                file
+                                              items:
+                                                description: DownwardAPIVolumeFile represents
+                                                  information to create the file containing
+                                                  the pod field
+                                                properties:
+                                                  fieldRef:
+                                                    description: 'Required: Selects
+                                                      a field of the pod: only annotations,
+                                                      labels, name and namespace are
+                                                      supported.'
+                                                    properties:
+                                                      apiVersion:
+                                                        description: Version of the
+                                                          schema the FieldPath is written
+                                                          in terms of, defaults to "v1".
+                                                        type: string
+                                                      fieldPath:
+                                                        description: Path of the field
+                                                          to select in the specified
+                                                          API version.
+                                                        type: string
+                                                    required:
+                                                    - fieldPath
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  mode:
+                                                    description: 'Optional: mode bits
+                                                      used to set permissions on this
+                                                      file, must be an octal value between
+                                                      0000 and 0777 or a decimal value
+                                                      between 0 and 511. YAML accepts
+                                                      both octal and decimal values,
+                                                      JSON requires decimal values for
+                                                      mode bits. If not specified, the
+                                                      volume defaultMode will be used.
+                                                      This might be in conflict with
+                                                      other options that affect the
+                                                      file mode, like fsGroup, and the
+                                                      result can be other mode bits
+                                                      set.'
+                                                    format: int32
+                                                    type: integer
+                                                  path:
+                                                    description: 'Required: Path is  the
+                                                      relative path name of the file
+                                                      to be created. Must not be absolute
+                                                      or contain the ''..'' path. Must
+                                                      be utf-8 encoded. The first item
+                                                      of the relative path must not
+                                                      start with ''..'''
+                                                    type: string
+                                                  resourceFieldRef:
+                                                    description: 'Selects a resource
+                                                      of the container: only resources
+                                                      limits and requests (limits.cpu,
+                                                      limits.memory, requests.cpu and
+                                                      requests.memory) are currently
+                                                      supported.'
+                                                    properties:
+                                                      containerName:
+                                                        description: 'Container name:
+                                                          required for volumes, optional
+                                                          for env vars'
+                                                        type: string
+                                                      divisor:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        description: Specifies the output
+                                                          format of the exposed resources,
+                                                          defaults to "1"
+                                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                        x-kubernetes-int-or-string: true
+                                                      resource:
+                                                        description: 'Required: resource
+                                                          to select'
+                                                        type: string
+                                                    required:
+                                                    - resource
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                required:
+                                                - path
+                                                type: object
+                                              type: array
+                                          type: object
+                                        secret:
+                                          description: secret information about the
+                                            secret data to project
+                                          properties:
+                                            items:
+                                              description: items if unspecified, each
+                                                key-value pair in the Data field of
+                                                the referenced Secret will be projected
+                                                into the volume as a file whose name
+                                                is the key and content is the value.
+                                                If specified, the listed keys will be
+                                                projected into the specified paths,
+                                                and unlisted keys will not be present.
+                                                If a key is specified which is not present
+                                                in the Secret, the volume setup will
+                                                error unless it is marked optional.
+                                                Paths must be relative and may not contain
+                                                the '..' path or start with '..'.
+                                              items:
+                                                description: Maps a string key to a
+                                                  path within a volume.
+                                                properties:
+                                                  key:
+                                                    description: key is the key to project.
+                                                    type: string
+                                                  mode:
+                                                    description: 'mode is Optional:
+                                                      mode bits used to set permissions
+                                                      on this file. Must be an octal
+                                                      value between 0000 and 0777 or
+                                                      a decimal value between 0 and
+                                                      511. YAML accepts both octal and
+                                                      decimal values, JSON requires
+                                                      decimal values for mode bits.
+                                                      If not specified, the volume defaultMode
+                                                      will be used. This might be in
+                                                      conflict with other options that
+                                                      affect the file mode, like fsGroup,
+                                                      and the result can be other mode
+                                                      bits set.'
+                                                    format: int32
+                                                    type: integer
+                                                  path:
+                                                    description: path is the relative
+                                                      path of the file to map the key
+                                                      to. May not be an absolute path.
+                                                      May not contain the path element
+                                                      '..'. May not start with the string
+                                                      '..'.
+                                                    type: string
+                                                required:
+                                                - key
+                                                - path
+                                                type: object
+                                              type: array
+                                            name:
+                                              description: 'Name of the referent. More
+                                                info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                                TODO: Add other useful fields. apiVersion,
+                                                kind, uid?'
+                                              type: string
+                                            optional:
+                                              description: optional field specify whether
+                                                the Secret or its key must be defined
+                                              type: boolean
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        serviceAccountToken:
+                                          description: serviceAccountToken is information
+                                            about the serviceAccountToken data to project
+                                          properties:
+                                            audience:
+                                              description: audience is the intended
+                                                audience of the token. A recipient of
+                                                a token must identify itself with an
+                                                identifier specified in the audience
+                                                of the token, and otherwise should reject
+                                                the token. The audience defaults to
+                                                the identifier of the apiserver.
+                                              type: string
+                                            expirationSeconds:
+                                              description: expirationSeconds is the
+                                                requested duration of validity of the
+                                                service account token. As the token
+                                                approaches expiration, the kubelet volume
+                                                plugin will proactively rotate the service
+                                                account token. The kubelet will start
+                                                trying to rotate the token if the token
+                                                is older than 80 percent of its time
+                                                to live or if the token is older than
+                                                24 hours.Defaults to 1 hour and must
+                                                be at least 10 minutes.
+                                              format: int64
+                                              type: integer
+                                            path:
+                                              description: path is the path relative
+                                                to the mount point of the file to project
+                                                the token into.
+                                              type: string
+                                          required:
+                                          - path
+                                          type: object
+                                      type: object
+                                    type: array
+                                type: object
+                              quobyte:
+                                description: quobyte represents a Quobyte mount on the
+                                  host that shares a pod's lifetime
+                                properties:
+                                  group:
+                                    description: group to map volume access to Default
+                                      is no group
+                                    type: string
+                                  readOnly:
+                                    description: readOnly here will force the Quobyte
+                                      volume to be mounted with read-only permissions.
+                                      Defaults to false.
+                                    type: boolean
+                                  registry:
+                                    description: registry represents a single or multiple
+                                      Quobyte Registry services specified as a string
+                                      as host:port pair (multiple entries are separated
+                                      with commas) which acts as the central registry
+                                      for volumes
+                                    type: string
+                                  tenant:
+                                    description: tenant owning the given Quobyte volume
+                                      in the Backend Used with dynamically provisioned
+                                      Quobyte volumes, value is set by the plugin
+                                    type: string
+                                  user:
+                                    description: user to map volume access to Defaults
+                                      to serivceaccount user
+                                    type: string
+                                  volume:
+                                    description: volume is a string that references
+                                      an already created Quobyte volume by name.
+                                    type: string
+                                required:
+                                - registry
+                                - volume
+                                type: object
+                              rbd:
+                                description: 'rbd represents a Rados Block Device mount
+                                  on the host that shares a pod''s lifetime. More info:
+                                  https://examples.k8s.io/volumes/rbd/README.md'
+                                properties:
+                                  fsType:
+                                    description: 'fsType is the filesystem type of the
+                                      volume that you want to mount. Tip: Ensure that
+                                      the filesystem type is supported by the host operating
+                                      system. Examples: "ext4", "xfs", "ntfs". Implicitly
+                                      inferred to be "ext4" if unspecified. More info:
+                                      https://kubernetes.io/docs/concepts/storage/volumes#rbd
+                                      TODO: how do we prevent errors in the filesystem
+                                      from compromising the machine'
+                                    type: string
+                                  image:
+                                    description: 'image is the rados image name. More
+                                      info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                                    type: string
+                                  keyring:
+                                    description: 'keyring is the path to key ring for
+                                      RBDUser. Default is /etc/ceph/keyring. More info:
+                                      https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                                    type: string
+                                  monitors:
+                                    description: 'monitors is a collection of Ceph monitors.
+                                      More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                                    items:
+                                      type: string
+                                    type: array
+                                  pool:
+                                    description: 'pool is the rados pool name. Default
+                                      is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                                    type: string
+                                  readOnly:
+                                    description: 'readOnly here will force the ReadOnly
+                                      setting in VolumeMounts. Defaults to false. More
+                                      info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                                    type: boolean
+                                  secretRef:
+                                    description: 'secretRef is name of the authentication
+                                      secret for RBDUser. If provided overrides keyring.
+                                      Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                                    properties:
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  user:
+                                    description: 'user is the rados user name. Default
+                                      is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                                    type: string
+                                required:
+                                - image
+                                - monitors
+                                type: object
+                              scaleIO:
+                                description: scaleIO represents a ScaleIO persistent
+                                  volume attached and mounted on Kubernetes nodes.
+                                properties:
+                                  fsType:
+                                    description: fsType is the filesystem type to mount.
+                                      Must be a filesystem type supported by the host
+                                      operating system. Ex. "ext4", "xfs", "ntfs". Default
+                                      is "xfs".
+                                    type: string
+                                  gateway:
+                                    description: gateway is the host address of the
+                                      ScaleIO API Gateway.
+                                    type: string
+                                  protectionDomain:
+                                    description: protectionDomain is the name of the
+                                      ScaleIO Protection Domain for the configured storage.
+                                    type: string
+                                  readOnly:
+                                    description: readOnly Defaults to false (read/write).
+                                      ReadOnly here will force the ReadOnly setting
+                                      in VolumeMounts.
+                                    type: boolean
+                                  secretRef:
+                                    description: secretRef references to the secret
+                                      for ScaleIO user and other sensitive information.
+                                      If this is not provided, Login operation will
+                                      fail.
+                                    properties:
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  sslEnabled:
+                                    description: sslEnabled Flag enable/disable SSL
+                                      communication with Gateway, default false
+                                    type: boolean
+                                  storageMode:
+                                    description: storageMode indicates whether the storage
+                                      for a volume should be ThickProvisioned or ThinProvisioned.
+                                      Default is ThinProvisioned.
+                                    type: string
+                                  storagePool:
+                                    description: storagePool is the ScaleIO Storage
+                                      Pool associated with the protection domain.
+                                    type: string
+                                  system:
+                                    description: system is the name of the storage system
+                                      as configured in ScaleIO.
+                                    type: string
+                                  volumeName:
+                                    description: volumeName is the name of a volume
+                                      already created in the ScaleIO system that is
+                                      associated with this volume source.
+                                    type: string
+                                required:
+                                - gateway
+                                - secretRef
+                                - system
+                                type: object
+                              secret:
+                                description: 'secret represents a secret that should
+                                  populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+                                properties:
+                                  defaultMode:
+                                    description: 'defaultMode is Optional: mode bits
+                                      used to set permissions on created files by default.
+                                      Must be an octal value between 0000 and 0777 or
+                                      a decimal value between 0 and 511. YAML accepts
+                                      both octal and decimal values, JSON requires decimal
+                                      values for mode bits. Defaults to 0644. Directories
+                                      within the path are not affected by this setting.
+                                      This might be in conflict with other options that
+                                      affect the file mode, like fsGroup, and the result
+                                      can be other mode bits set.'
+                                    format: int32
+                                    type: integer
+                                  items:
+                                    description: items If unspecified, each key-value
+                                      pair in the Data field of the referenced Secret
+                                      will be projected into the volume as a file whose
+                                      name is the key and content is the value. If specified,
+                                      the listed keys will be projected into the specified
+                                      paths, and unlisted keys will not be present.
+                                      If a key is specified which is not present in
+                                      the Secret, the volume setup will error unless
+                                      it is marked optional. Paths must be relative
+                                      and may not contain the '..' path or start with
+                                      '..'.
+                                    items:
+                                      description: Maps a string key to a path within
+                                        a volume.
+                                      properties:
+                                        key:
+                                          description: key is the key to project.
+                                          type: string
+                                        mode:
+                                          description: 'mode is Optional: mode bits
+                                            used to set permissions on this file. Must
+                                            be an octal value between 0000 and 0777
+                                            or a decimal value between 0 and 511. YAML
+                                            accepts both octal and decimal values, JSON
+                                            requires decimal values for mode bits. If
+                                            not specified, the volume defaultMode will
+                                            be used. This might be in conflict with
+                                            other options that affect the file mode,
+                                            like fsGroup, and the result can be other
+                                            mode bits set.'
+                                          format: int32
+                                          type: integer
+                                        path:
+                                          description: path is the relative path of
+                                            the file to map the key to. May not be an
+                                            absolute path. May not contain the path
+                                            element '..'. May not start with the string
+                                            '..'.
+                                          type: string
+                                      required:
+                                      - key
+                                      - path
+                                      type: object
+                                    type: array
+                                  optional:
+                                    description: optional field specify whether the
+                                      Secret or its keys must be defined
+                                    type: boolean
+                                  secretName:
+                                    description: 'secretName is the name of the secret
+                                      in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+                                    type: string
+                                type: object
+                              storageos:
+                                description: storageOS represents a StorageOS volume
+                                  attached and mounted on Kubernetes nodes.
+                                properties:
+                                  fsType:
+                                    description: fsType is the filesystem type to mount.
+                                      Must be a filesystem type supported by the host
+                                      operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
+                                      inferred to be "ext4" if unspecified.
+                                    type: string
+                                  readOnly:
+                                    description: readOnly defaults to false (read/write).
+                                      ReadOnly here will force the ReadOnly setting
+                                      in VolumeMounts.
+                                    type: boolean
+                                  secretRef:
+                                    description: secretRef specifies the secret to use
+                                      for obtaining the StorageOS API credentials.  If
+                                      not specified, default values will be attempted.
+                                    properties:
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  volumeName:
+                                    description: volumeName is the human-readable name
+                                      of the StorageOS volume.  Volume names are only
+                                      unique within a namespace.
+                                    type: string
+                                  volumeNamespace:
+                                    description: volumeNamespace specifies the scope
+                                      of the volume within StorageOS.  If no namespace
+                                      is specified then the Pod's namespace will be
+                                      used.  This allows the Kubernetes name scoping
+                                      to be mirrored within StorageOS for tighter integration.
+                                      Set VolumeName to any name to override the default
+                                      behaviour. Set to "default" if you are not using
+                                      namespaces within StorageOS. Namespaces that do
+                                      not pre-exist within StorageOS will be created.
+                                    type: string
+                                type: object
+                              vsphereVolume:
+                                description: vsphereVolume represents a vSphere volume
+                                  attached and mounted on kubelets host machine
+                                properties:
+                                  fsType:
+                                    description: fsType is filesystem type to mount.
+                                      Must be a filesystem type supported by the host
+                                      operating system. Ex. "ext4", "xfs", "ntfs". Implicitly
+                                      inferred to be "ext4" if unspecified.
+                                    type: string
+                                  storagePolicyID:
+                                    description: storagePolicyID is the storage Policy
+                                      Based Management (SPBM) profile ID associated
+                                      with the StoragePolicyName.
+                                    type: string
+                                  storagePolicyName:
+                                    description: storagePolicyName is the storage Policy
+                                      Based Management (SPBM) profile name.
+                                    type: string
+                                  volumePath:
+                                    description: volumePath is the path that identifies
+                                      vSphere volume vmdk
+                                    type: string
+                                required:
+                                - volumePath
+                                type: object
+                            required:
+                            - name
+                            type: object
+                          type: array
+                      type: object
+                    status:
+                      default: pending
+                      type: string
+                  required:
+                  - jobs
+                  - name
+                  type: object
+                minItems: 1
+                type: array
+              params:
+                properties:
+                  env:
+                    items:
+                      description: EnvVar represents an environment variable present
+                        in a Container.
+                      properties:
+                        name:
+                          description: Name of the environment variable. Must be a C_IDENTIFIER.
+                          type: string
+                        value:
+                          description: 'Variable references $(VAR_NAME) are expanded
+                            using the previously defined environment variables in the
+                            container and any service environment variables. If a variable
+                            cannot be resolved, the reference in the input string will
+                            be unchanged. Double $$ are reduced to a single $, which
+                            allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)"
+                            will produce the string literal "$(VAR_NAME)". Escaped references
+                            will never be expanded, regardless of whether the variable
+                            exists or not. Defaults to "".'
+                          type: string
+                        valueFrom:
+                          description: Source for the environment variable's value.
+                            Cannot be used if value is not empty.
+                          properties:
+                            configMapKeyRef:
+                              description: Selects a key of a ConfigMap.
+                              properties:
+                                key:
+                                  description: The key to select.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the ConfigMap or its
+                                    key must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            fieldRef:
+                              description: 'Selects a field of the pod: supports metadata.name,
+                                metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`,
+                                spec.nodeName, spec.serviceAccountName, status.hostIP,
+                                status.podIP, status.podIPs.'
+                              properties:
+                                apiVersion:
+                                  description: Version of the schema the FieldPath is
+                                    written in terms of, defaults to "v1".
+                                  type: string
+                                fieldPath:
+                                  description: Path of the field to select in the specified
+                                    API version.
+                                  type: string
+                              required:
+                              - fieldPath
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            resourceFieldRef:
+                              description: 'Selects a resource of the container: only
+                                resources limits and requests (limits.cpu, limits.memory,
+                                limits.ephemeral-storage, requests.cpu, requests.memory
+                                and requests.ephemeral-storage) are currently supported.'
+                              properties:
+                                containerName:
+                                  description: 'Container name: required for volumes,
+                                    optional for env vars'
+                                  type: string
+                                divisor:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Specifies the output format of the exposed
+                                    resources, defaults to "1"
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                resource:
+                                  description: 'Required: resource to select'
+                                  type: string
+                              required:
+                              - resource
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secretKeyRef:
+                              description: Selects a key of a secret in the pod's namespace
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  fromEnv:
+                    items:
+                      description: EnvFromSource represents the source of a set of ConfigMaps
+                      properties:
+                        configMapRef:
+                          description: The ConfigMap to select from
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the ConfigMap must be defined
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        prefix:
+                          description: An optional identifier to prepend to each key
+                            in the ConfigMap. Must be a C_IDENTIFIER.
+                          type: string
+                        secretRef:
+                          description: The Secret to select from
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret must be defined
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      type: object
+                    type: array
+                  imagePullPolicy:
+                    type: string
+                  imagePullSecrets:
+                    items:
+                      description: LocalObjectReference contains enough information
+                        to let you locate the referenced object inside the same namespace.
+                      properties:
+                        name:
+                          description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                            TODO: Add other useful fields. apiVersion, kind, uid?'
+                          type: string
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    type: array
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  restartPolicy:
+                    default: OnFailure
+                    type: string
+                  serviceAccount:
+                    type: string
+                  volumeMount:
+                    items:
+                      description: VolumeMount describes a mounting of a Volume within
+                        a container.
+                      properties:
+                        mountPath:
+                          description: Path within the container at which the volume
+                            should be mounted.  Must not contain ':'.
+                          type: string
+                        mountPropagation:
+                          description: mountPropagation determines how mounts are propagated
+                            from the host to container and the other way around. When
+                            not set, MountPropagationNone is used. This field is beta
+                            in 1.10.
+                          type: string
+                        name:
+                          description: This must match the Name of a Volume.
+                          type: string
+                        readOnly:
+                          description: Mounted read-only if true, read-write otherwise
+                            (false or unspecified). Defaults to false.
+                          type: boolean
+                        subPath:
+                          description: Path within the volume from which the container's
+                            volume should be mounted. Defaults to "" (volume's root).
+                          type: string
+                        subPathExpr:
+                          description: Expanded path within the volume from which the
+                            container's volume should be mounted. Behaves similarly
+                            to SubPath but environment variable references $(VAR_NAME)
+                            are expanded using the container's environment. Defaults
+                            to "" (volume's root). SubPathExpr and SubPath are mutually
+                            exclusive.
+                          type: string
+                      required:
+                      - mountPath
+                      - name
+                      type: object
+                    type: array
+                  volumes:
+                    items:
+                      description: Volume represents a named volume in a pod that may
+                        be accessed by any container in the pod.
+                      properties:
+                        awsElasticBlockStore:
+                          description: 'awsElasticBlockStore represents an AWS Disk
+                            resource that is attached to a kubelet''s host machine and
+                            then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+                          properties:
+                            fsType:
+                              description: 'fsType is the filesystem type of the volume
+                                that you want to mount. Tip: Ensure that the filesystem
+                                type is supported by the host operating system. Examples:
+                                "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                                if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+                                TODO: how do we prevent errors in the filesystem from
+                                compromising the machine'
+                              type: string
+                            partition:
+                              description: 'partition is the partition in the volume
+                                that you want to mount. If omitted, the default is to
+                                mount by volume name. Examples: For volume /dev/sda1,
+                                you specify the partition as "1". Similarly, the volume
+                                partition for /dev/sda is "0" (or you can leave the
+                                property empty).'
+                              format: int32
+                              type: integer
+                            readOnly:
+                              description: 'readOnly value true will force the readOnly
+                                setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+                              type: boolean
+                            volumeID:
+                              description: 'volumeID is unique ID of the persistent
+                                disk resource in AWS (Amazon EBS volume). More info:
+                                https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+                              type: string
+                          required:
+                          - volumeID
+                          type: object
+                        azureDisk:
+                          description: azureDisk represents an Azure Data Disk mount
+                            on the host and bind mount to the pod.
+                          properties:
+                            cachingMode:
+                              description: 'cachingMode is the Host Caching mode: None,
+                                Read Only, Read Write.'
+                              type: string
+                            diskName:
+                              description: diskName is the Name of the data disk in
+                                the blob storage
+                              type: string
+                            diskURI:
+                              description: diskURI is the URI of data disk in the blob
+                                storage
+                              type: string
+                            fsType:
+                              description: fsType is Filesystem type to mount. Must
+                                be a filesystem type supported by the host operating
+                                system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
+                                to be "ext4" if unspecified.
+                              type: string
+                            kind:
+                              description: 'kind expected values are Shared: multiple
+                                blob disks per storage account  Dedicated: single blob
+                                disk per storage account  Managed: azure managed data
+                                disk (only in managed availability set). defaults to
+                                shared'
+                              type: string
+                            readOnly:
+                              description: readOnly Defaults to false (read/write).
+                                ReadOnly here will force the ReadOnly setting in VolumeMounts.
+                              type: boolean
+                          required:
+                          - diskName
+                          - diskURI
+                          type: object
+                        azureFile:
+                          description: azureFile represents an Azure File Service mount
+                            on the host and bind mount to the pod.
+                          properties:
+                            readOnly:
+                              description: readOnly defaults to false (read/write).
+                                ReadOnly here will force the ReadOnly setting in VolumeMounts.
+                              type: boolean
+                            secretName:
+                              description: secretName is the  name of secret that contains
+                                Azure Storage Account Name and Key
+                              type: string
+                            shareName:
+                              description: shareName is the azure share Name
+                              type: string
+                          required:
+                          - secretName
+                          - shareName
+                          type: object
+                        cephfs:
+                          description: cephFS represents a Ceph FS mount on the host
+                            that shares a pod's lifetime
+                          properties:
+                            monitors:
+                              description: 'monitors is Required: Monitors is a collection
+                                of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                              items:
+                                type: string
+                              type: array
+                            path:
+                              description: 'path is Optional: Used as the mounted root,
+                                rather than the full Ceph tree, default is /'
+                              type: string
+                            readOnly:
+                              description: 'readOnly is Optional: Defaults to false
+                                (read/write). ReadOnly here will force the ReadOnly
+                                setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                              type: boolean
+                            secretFile:
+                              description: 'secretFile is Optional: SecretFile is the
+                                path to key ring for User, default is /etc/ceph/user.secret
+                                More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                              type: string
+                            secretRef:
+                              description: 'secretRef is Optional: SecretRef is reference
+                                to the authentication secret for User, default is empty.
+                                More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                              properties:
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            user:
+                              description: 'user is optional: User is the rados user
+                                name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                              type: string
+                          required:
+                          - monitors
+                          type: object
+                        cinder:
+                          description: 'cinder represents a cinder volume attached and
+                            mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                          properties:
+                            fsType:
+                              description: 'fsType is the filesystem type to mount.
+                                Must be a filesystem type supported by the host operating
+                                system. Examples: "ext4", "xfs", "ntfs". Implicitly
+                                inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                              type: string
+                            readOnly:
+                              description: 'readOnly defaults to false (read/write).
+                                ReadOnly here will force the ReadOnly setting in VolumeMounts.
+                                More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                              type: boolean
+                            secretRef:
+                              description: 'secretRef is optional: points to a secret
+                                object containing parameters used to connect to OpenStack.'
+                              properties:
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            volumeID:
+                              description: 'volumeID used to identify the volume in
+                                cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                              type: string
+                          required:
+                          - volumeID
+                          type: object
+                        configMap:
+                          description: configMap represents a configMap that should
+                            populate this volume
+                          properties:
+                            defaultMode:
+                              description: 'defaultMode is optional: mode bits used
+                                to set permissions on created files by default. Must
+                                be an octal value between 0000 and 0777 or a decimal
+                                value between 0 and 511. YAML accepts both octal and
+                                decimal values, JSON requires decimal values for mode
+                                bits. Defaults to 0644. Directories within the path
+                                are not affected by this setting. This might be in conflict
+                                with other options that affect the file mode, like fsGroup,
+                                and the result can be other mode bits set.'
+                              format: int32
+                              type: integer
+                            items:
+                              description: items if unspecified, each key-value pair
+                                in the Data field of the referenced ConfigMap will be
+                                projected into the volume as a file whose name is the
+                                key and content is the value. If specified, the listed
+                                keys will be projected into the specified paths, and
+                                unlisted keys will not be present. If a key is specified
+                                which is not present in the ConfigMap, the volume setup
+                                will error unless it is marked optional. Paths must
+                                be relative and may not contain the '..' path or start
+                                with '..'.
+                              items:
+                                description: Maps a string key to a path within a volume.
+                                properties:
+                                  key:
+                                    description: key is the key to project.
+                                    type: string
+                                  mode:
+                                    description: 'mode is Optional: mode bits used to
+                                      set permissions on this file. Must be an octal
+                                      value between 0000 and 0777 or a decimal value
+                                      between 0 and 511. YAML accepts both octal and
+                                      decimal values, JSON requires decimal values for
+                                      mode bits. If not specified, the volume defaultMode
+                                      will be used. This might be in conflict with other
+                                      options that affect the file mode, like fsGroup,
+                                      and the result can be other mode bits set.'
+                                    format: int32
+                                    type: integer
+                                  path:
+                                    description: path is the relative path of the file
+                                      to map the key to. May not be an absolute path.
+                                      May not contain the path element '..'. May not
+                                      start with the string '..'.
+                                    type: string
+                                required:
+                                - key
+                                - path
+                                type: object
+                              type: array
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: optional specify whether the ConfigMap or
+                                its keys must be defined
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        csi:
+                          description: csi (Container Storage Interface) represents
+                            ephemeral storage that is handled by certain external CSI
+                            drivers (Beta feature).
+                          properties:
+                            driver:
+                              description: driver is the name of the CSI driver that
+                                handles this volume. Consult with your admin for the
+                                correct name as registered in the cluster.
+                              type: string
+                            fsType:
+                              description: fsType to mount. Ex. "ext4", "xfs", "ntfs".
+                                If not provided, the empty value is passed to the associated
+                                CSI driver which will determine the default filesystem
+                                to apply.
+                              type: string
+                            nodePublishSecretRef:
+                              description: nodePublishSecretRef is a reference to the
+                                secret object containing sensitive information to pass
+                                to the CSI driver to complete the CSI NodePublishVolume
+                                and NodeUnpublishVolume calls. This field is optional,
+                                and  may be empty if no secret is required. If the secret
+                                object contains more than one secret, all secret references
+                                are passed.
+                              properties:
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            readOnly:
+                              description: readOnly specifies a read-only configuration
+                                for the volume. Defaults to false (read/write).
+                              type: boolean
+                            volumeAttributes:
+                              additionalProperties:
+                                type: string
+                              description: volumeAttributes stores driver-specific properties
+                                that are passed to the CSI driver. Consult your driver's
+                                documentation for supported values.
+                              type: object
+                          required:
+                          - driver
+                          type: object
+                        downwardAPI:
+                          description: downwardAPI represents downward API about the
+                            pod that should populate this volume
+                          properties:
+                            defaultMode:
+                              description: 'Optional: mode bits to use on created files
+                                by default. Must be a Optional: mode bits used to set
+                                permissions on created files by default. Must be an
+                                octal value between 0000 and 0777 or a decimal value
+                                between 0 and 511. YAML accepts both octal and decimal
+                                values, JSON requires decimal values for mode bits.
+                                Defaults to 0644. Directories within the path are not
+                                affected by this setting. This might be in conflict
+                                with other options that affect the file mode, like fsGroup,
+                                and the result can be other mode bits set.'
+                              format: int32
+                              type: integer
+                            items:
+                              description: Items is a list of downward API volume file
+                              items:
+                                description: DownwardAPIVolumeFile represents information
+                                  to create the file containing the pod field
+                                properties:
+                                  fieldRef:
+                                    description: 'Required: Selects a field of the pod:
+                                      only annotations, labels, name and namespace are
+                                      supported.'
+                                    properties:
+                                      apiVersion:
+                                        description: Version of the schema the FieldPath
+                                          is written in terms of, defaults to "v1".
+                                        type: string
+                                      fieldPath:
+                                        description: Path of the field to select in
+                                          the specified API version.
+                                        type: string
+                                    required:
+                                    - fieldPath
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  mode:
+                                    description: 'Optional: mode bits used to set permissions
+                                      on this file, must be an octal value between 0000
+                                      and 0777 or a decimal value between 0 and 511.
+                                      YAML accepts both octal and decimal values, JSON
+                                      requires decimal values for mode bits. If not
+                                      specified, the volume defaultMode will be used.
+                                      This might be in conflict with other options that
+                                      affect the file mode, like fsGroup, and the result
+                                      can be other mode bits set.'
+                                    format: int32
+                                    type: integer
+                                  path:
+                                    description: 'Required: Path is  the relative path
+                                      name of the file to be created. Must not be absolute
+                                      or contain the ''..'' path. Must be utf-8 encoded.
+                                      The first item of the relative path must not start
+                                      with ''..'''
+                                    type: string
+                                  resourceFieldRef:
+                                    description: 'Selects a resource of the container:
+                                      only resources limits and requests (limits.cpu,
+                                      limits.memory, requests.cpu and requests.memory)
+                                      are currently supported.'
+                                    properties:
+                                      containerName:
+                                        description: 'Container name: required for volumes,
+                                          optional for env vars'
+                                        type: string
+                                      divisor:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        description: Specifies the output format of
+                                          the exposed resources, defaults to "1"
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      resource:
+                                        description: 'Required: resource to select'
+                                        type: string
+                                    required:
+                                    - resource
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                required:
+                                - path
+                                type: object
+                              type: array
+                          type: object
+                        emptyDir:
+                          description: 'emptyDir represents a temporary directory that
+                            shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+                          properties:
+                            medium:
+                              description: 'medium represents what type of storage medium
+                                should back this directory. The default is "" which
+                                means to use the node''s default medium. Must be an
+                                empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+                              type: string
+                            sizeLimit:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: 'sizeLimit is the total amount of local storage
+                                required for this EmptyDir volume. The size limit is
+                                also applicable for memory medium. The maximum usage
+                                on memory medium EmptyDir would be the minimum value
+                                between the SizeLimit specified here and the sum of
+                                memory limits of all containers in a pod. The default
+                                is nil which means that the limit is undefined. More
+                                info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                              x-kubernetes-int-or-string: true
+                          type: object
+                        ephemeral:
+                          description: "ephemeral represents a volume that is handled
+                            by a cluster storage driver. The volume's lifecycle is tied
+                            to the pod that defines it - it will be created before the
+                            pod starts, and deleted when the pod is removed. \n Use
+                            this if: a) the volume is only needed while the pod runs,
+                            b) features of normal volumes like restoring from snapshot
+                            or capacity tracking are needed, c) the storage driver is
+                            specified through a storage class, and d) the storage driver
+                            supports dynamic volume provisioning through a PersistentVolumeClaim
+                            (see EphemeralVolumeSource for more information on the connection
+                            between this volume type and PersistentVolumeClaim). \n
+                            Use PersistentVolumeClaim or one of the vendor-specific
+                            APIs for volumes that persist for longer than the lifecycle
+                            of an individual pod. \n Use CSI for light-weight local
+                            ephemeral volumes if the CSI driver is meant to be used
+                            that way - see the documentation of the driver for more
+                            information. \n A pod can use both types of ephemeral volumes
+                            and persistent volumes at the same time."
+                          properties:
+                            volumeClaimTemplate:
+                              description: "Will be used to create a stand-alone PVC
+                                to provision the volume. The pod in which this EphemeralVolumeSource
+                                is embedded will be the owner of the PVC, i.e. the PVC
+                                will be deleted together with the pod.  The name of
+                                the PVC will be `<pod name>-<volume name>` where `<volume
+                                name>` is the name from the `PodSpec.Volumes` array
+                                entry. Pod validation will reject the pod if the concatenated
+                                name is not valid for a PVC (for example, too long).
+                                \n An existing PVC with that name that is not owned
+                                by the pod will *not* be used for the pod to avoid using
+                                an unrelated volume by mistake. Starting the pod is
+                                then blocked until the unrelated PVC is removed. If
+                                such a pre-created PVC is meant to be used by the pod,
+                                the PVC has to updated with an owner reference to the
+                                pod once the pod exists. Normally this should not be
+                                necessary, but it may be useful when manually reconstructing
+                                a broken cluster. \n This field is read-only and no
+                                changes will be made by Kubernetes to the PVC after
+                                it has been created. \n Required, must not be nil."
+                              properties:
+                                metadata:
+                                  description: May contain labels and annotations that
+                                    will be copied into the PVC when creating it. No
+                                    other fields are allowed and will be rejected during
+                                    validation.
+                                  type: object
+                                spec:
+                                  description: The specification for the PersistentVolumeClaim.
+                                    The entire content is copied unchanged into the
+                                    PVC that gets created from this template. The same
+                                    fields as in a PersistentVolumeClaim are also valid
+                                    here.
+                                  properties:
+                                    accessModes:
+                                      description: 'accessModes contains the desired
+                                        access modes the volume should have. More info:
+                                        https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
+                                      items:
+                                        type: string
+                                      type: array
+                                    dataSource:
+                                      description: 'dataSource field can be used to
+                                        specify either: * An existing VolumeSnapshot
+                                        object (snapshot.storage.k8s.io/VolumeSnapshot)
+                                        * An existing PVC (PersistentVolumeClaim) If
+                                        the provisioner or an external controller can
+                                        support the specified data source, it will create
+                                        a new volume based on the contents of the specified
+                                        data source. When the AnyVolumeDataSource feature
+                                        gate is enabled, dataSource contents will be
+                                        copied to dataSourceRef, and dataSourceRef contents
+                                        will be copied to dataSource when dataSourceRef.namespace
+                                        is not specified. If the namespace is specified,
+                                        then dataSourceRef will not be copied to dataSource.'
+                                      properties:
+                                        apiGroup:
+                                          description: APIGroup is the group for the
+                                            resource being referenced. If APIGroup is
+                                            not specified, the specified Kind must be
+                                            in the core API group. For any other third-party
+                                            types, APIGroup is required.
+                                          type: string
+                                        kind:
+                                          description: Kind is the type of resource
+                                            being referenced
+                                          type: string
+                                        name:
+                                          description: Name is the name of resource
+                                            being referenced
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    dataSourceRef:
+                                      description: 'dataSourceRef specifies the object
+                                        from which to populate the volume with data,
+                                        if a non-empty volume is desired. This may be
+                                        any object from a non-empty API group (non core
+                                        object) or a PersistentVolumeClaim object. When
+                                        this field is specified, volume binding will
+                                        only succeed if the type of the specified object
+                                        matches some installed volume populator or dynamic
+                                        provisioner. This field will replace the functionality
+                                        of the dataSource field and as such if both
+                                        fields are non-empty, they must have the same
+                                        value. For backwards compatibility, when namespace
+                                        isn''t specified in dataSourceRef, both fields
+                                        (dataSource and dataSourceRef) will be set to
+                                        the same value automatically if one of them
+                                        is empty and the other is non-empty. When namespace
+                                        is specified in dataSourceRef, dataSource isn''t
+                                        set to the same value and must be empty. There
+                                        are three important differences between dataSource
+                                        and dataSourceRef: * While dataSource only allows
+                                        two specific types of objects, dataSourceRef
+                                        allows any non-core object, as well as PersistentVolumeClaim
+                                        objects. * While dataSource ignores disallowed
+                                        values (dropping them), dataSourceRef preserves
+                                        all values, and generates an error if a disallowed
+                                        value is specified. * While dataSource only
+                                        allows local objects, dataSourceRef allows objects
+                                        in any namespaces. (Beta) Using this field requires
+                                        the AnyVolumeDataSource feature gate to be enabled.
+                                        (Alpha) Using the namespace field of dataSourceRef
+                                        requires the CrossNamespaceVolumeDataSource
+                                        feature gate to be enabled.'
+                                      properties:
+                                        apiGroup:
+                                          description: APIGroup is the group for the
+                                            resource being referenced. If APIGroup is
+                                            not specified, the specified Kind must be
+                                            in the core API group. For any other third-party
+                                            types, APIGroup is required.
+                                          type: string
+                                        kind:
+                                          description: Kind is the type of resource
+                                            being referenced
+                                          type: string
+                                        name:
+                                          description: Name is the name of resource
+                                            being referenced
+                                          type: string
+                                        namespace:
+                                          description: Namespace is the namespace of
+                                            resource being referenced Note that when
+                                            a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant
+                                            object is required in the referent namespace
+                                            to allow that namespace's owner to accept
+                                            the reference. See the ReferenceGrant documentation
+                                            for details. (Alpha) This field requires
+                                            the CrossNamespaceVolumeDataSource feature
+                                            gate to be enabled.
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                    resources:
+                                      description: 'resources represents the minimum
+                                        resources the volume should have. If RecoverVolumeExpansionFailure
+                                        feature is enabled users are allowed to specify
+                                        resource requirements that are lower than previous
+                                        value but must still be higher than capacity
+                                        recorded in the status field of the claim. More
+                                        info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
+                                      properties:
+                                        claims:
+                                          description: "Claims lists the names of resources,
+                                            defined in spec.resourceClaims, that are
+                                            used by this container. \n This is an alpha
+                                            field and requires enabling the DynamicResourceAllocation
+                                            feature gate. \n This field is immutable."
+                                          items:
+                                            description: ResourceClaim references one
+                                              entry in PodSpec.ResourceClaims.
+                                            properties:
+                                              name:
+                                                description: Name must match the name
+                                                  of one entry in pod.spec.resourceClaims
+                                                  of the Pod where this field is used.
+                                                  It makes that resource available inside
+                                                  a container.
+                                                type: string
+                                            required:
+                                            - name
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - name
+                                          x-kubernetes-list-type: map
+                                        limits:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          description: 'Limits describes the maximum
+                                            amount of compute resources allowed. More
+                                            info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                          type: object
+                                        requests:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          description: 'Requests describes the minimum
+                                            amount of compute resources required. If
+                                            Requests is omitted for a container, it
+                                            defaults to Limits if that is explicitly
+                                            specified, otherwise to an implementation-defined
+                                            value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                          type: object
+                                      type: object
+                                    selector:
+                                      description: selector is a label query over volumes
+                                        to consider for binding.
+                                      properties:
+                                        matchExpressions:
+                                          description: matchExpressions is a list of
+                                            label selector requirements. The requirements
+                                            are ANDed.
+                                          items:
+                                            description: A label selector requirement
+                                              is a selector that contains values, a
+                                              key, and an operator that relates the
+                                              key and values.
+                                            properties:
+                                              key:
+                                                description: key is the label key that
+                                                  the selector applies to.
+                                                type: string
+                                              operator:
+                                                description: operator represents a key's
+                                                  relationship to a set of values. Valid
+                                                  operators are In, NotIn, Exists and
+                                                  DoesNotExist.
+                                                type: string
+                                              values:
+                                                description: values is an array of string
+                                                  values. If the operator is In or NotIn,
+                                                  the values array must be non-empty.
+                                                  If the operator is Exists or DoesNotExist,
+                                                  the values array must be empty. This
+                                                  array is replaced during a strategic
+                                                  merge patch.
+                                                items:
+                                                  type: string
+                                                type: array
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          description: matchLabels is a map of {key,value}
+                                            pairs. A single {key,value} in the matchLabels
+                                            map is equivalent to an element of matchExpressions,
+                                            whose key field is "key", the operator is
+                                            "In", and the values array contains only
+                                            "value". The requirements are ANDed.
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    storageClassName:
+                                      description: 'storageClassName is the name of
+                                        the StorageClass required by the claim. More
+                                        info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+                                      type: string
+                                    volumeMode:
+                                      description: volumeMode defines what type of volume
+                                        is required by the claim. Value of Filesystem
+                                        is implied when not included in claim spec.
+                                      type: string
+                                    volumeName:
+                                      description: volumeName is the binding reference
+                                        to the PersistentVolume backing this claim.
+                                      type: string
+                                  type: object
+                              required:
+                              - spec
+                              type: object
+                          type: object
+                        fc:
+                          description: fc represents a Fibre Channel resource that is
+                            attached to a kubelet's host machine and then exposed to
+                            the pod.
+                          properties:
+                            fsType:
+                              description: 'fsType is the filesystem type to mount.
+                                Must be a filesystem type supported by the host operating
+                                system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
+                                to be "ext4" if unspecified. TODO: how do we prevent
+                                errors in the filesystem from compromising the machine'
+                              type: string
+                            lun:
+                              description: 'lun is Optional: FC target lun number'
+                              format: int32
+                              type: integer
+                            readOnly:
+                              description: 'readOnly is Optional: Defaults to false
+                                (read/write). ReadOnly here will force the ReadOnly
+                                setting in VolumeMounts.'
+                              type: boolean
+                            targetWWNs:
+                              description: 'targetWWNs is Optional: FC target worldwide
+                                names (WWNs)'
+                              items:
+                                type: string
+                              type: array
+                            wwids:
+                              description: 'wwids Optional: FC volume world wide identifiers
+                                (wwids) Either wwids or combination of targetWWNs and
+                                lun must be set, but not both simultaneously.'
+                              items:
+                                type: string
+                              type: array
+                          type: object
+                        flexVolume:
+                          description: flexVolume represents a generic volume resource
+                            that is provisioned/attached using an exec based plugin.
+                          properties:
+                            driver:
+                              description: driver is the name of the driver to use for
+                                this volume.
+                              type: string
+                            fsType:
+                              description: fsType is the filesystem type to mount. Must
+                                be a filesystem type supported by the host operating
+                                system. Ex. "ext4", "xfs", "ntfs". The default filesystem
+                                depends on FlexVolume script.
+                              type: string
+                            options:
+                              additionalProperties:
+                                type: string
+                              description: 'options is Optional: this field holds extra
+                                command options if any.'
+                              type: object
+                            readOnly:
+                              description: 'readOnly is Optional: defaults to false
+                                (read/write). ReadOnly here will force the ReadOnly
+                                setting in VolumeMounts.'
+                              type: boolean
+                            secretRef:
+                              description: 'secretRef is Optional: secretRef is reference
+                                to the secret object containing sensitive information
+                                to pass to the plugin scripts. This may be empty if
+                                no secret object is specified. If the secret object
+                                contains more than one secret, all secrets are passed
+                                to the plugin scripts.'
+                              properties:
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          required:
+                          - driver
+                          type: object
+                        flocker:
+                          description: flocker represents a Flocker volume attached
+                            to a kubelet's host machine. This depends on the Flocker
+                            control service being running
+                          properties:
+                            datasetName:
+                              description: datasetName is Name of the dataset stored
+                                as metadata -> name on the dataset for Flocker should
+                                be considered as deprecated
+                              type: string
+                            datasetUUID:
+                              description: datasetUUID is the UUID of the dataset. This
+                                is unique identifier of a Flocker dataset
+                              type: string
+                          type: object
+                        gcePersistentDisk:
+                          description: 'gcePersistentDisk represents a GCE Disk resource
+                            that is attached to a kubelet''s host machine and then exposed
+                            to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                          properties:
+                            fsType:
+                              description: 'fsType is filesystem type of the volume
+                                that you want to mount. Tip: Ensure that the filesystem
+                                type is supported by the host operating system. Examples:
+                                "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                                if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+                                TODO: how do we prevent errors in the filesystem from
+                                compromising the machine'
+                              type: string
+                            partition:
+                              description: 'partition is the partition in the volume
+                                that you want to mount. If omitted, the default is to
+                                mount by volume name. Examples: For volume /dev/sda1,
+                                you specify the partition as "1". Similarly, the volume
+                                partition for /dev/sda is "0" (or you can leave the
+                                property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                              format: int32
+                              type: integer
+                            pdName:
+                              description: 'pdName is unique name of the PD resource
+                                in GCE. Used to identify the disk in GCE. More info:
+                                https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                              type: string
+                            readOnly:
+                              description: 'readOnly here will force the ReadOnly setting
+                                in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                              type: boolean
+                          required:
+                          - pdName
+                          type: object
+                        gitRepo:
+                          description: 'gitRepo represents a git repository at a particular
+                            revision. DEPRECATED: GitRepo is deprecated. To provision
+                            a container with a git repo, mount an EmptyDir into an InitContainer
+                            that clones the repo using git, then mount the EmptyDir
+                            into the Pod''s container.'
+                          properties:
+                            directory:
+                              description: directory is the target directory name. Must
+                                not contain or start with '..'.  If '.' is supplied,
+                                the volume directory will be the git repository.  Otherwise,
+                                if specified, the volume will contain the git repository
+                                in the subdirectory with the given name.
+                              type: string
+                            repository:
+                              description: repository is the URL
+                              type: string
+                            revision:
+                              description: revision is the commit hash for the specified
+                                revision.
+                              type: string
+                          required:
+                          - repository
+                          type: object
+                        glusterfs:
+                          description: 'glusterfs represents a Glusterfs mount on the
+                            host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md'
+                          properties:
+                            endpoints:
+                              description: 'endpoints is the endpoint name that details
+                                Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+                              type: string
+                            path:
+                              description: 'path is the Glusterfs volume path. More
+                                info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+                              type: string
+                            readOnly:
+                              description: 'readOnly here will force the Glusterfs volume
+                                to be mounted with read-only permissions. Defaults to
+                                false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+                              type: boolean
+                          required:
+                          - endpoints
+                          - path
+                          type: object
+                        hostPath:
+                          description: 'hostPath represents a pre-existing file or directory
+                            on the host machine that is directly exposed to the container.
+                            This is generally used for system agents or other privileged
+                            things that are allowed to see the host machine. Most containers
+                            will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+                            --- TODO(jonesdl) We need to restrict who can use host directory
+                            mounts and who can/can not mount host directories as read/write.'
+                          properties:
+                            path:
+                              description: 'path of the directory on the host. If the
+                                path is a symlink, it will follow the link to the real
+                                path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
+                              type: string
+                            type:
+                              description: 'type for HostPath Volume Defaults to ""
+                                More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
+                              type: string
+                          required:
+                          - path
+                          type: object
+                        iscsi:
+                          description: 'iscsi represents an ISCSI Disk resource that
+                            is attached to a kubelet''s host machine and then exposed
+                            to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
+                          properties:
+                            chapAuthDiscovery:
+                              description: chapAuthDiscovery defines whether support
+                                iSCSI Discovery CHAP authentication
+                              type: boolean
+                            chapAuthSession:
+                              description: chapAuthSession defines whether support iSCSI
+                                Session CHAP authentication
+                              type: boolean
+                            fsType:
+                              description: 'fsType is the filesystem type of the volume
+                                that you want to mount. Tip: Ensure that the filesystem
+                                type is supported by the host operating system. Examples:
+                                "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                                if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+                                TODO: how do we prevent errors in the filesystem from
+                                compromising the machine'
+                              type: string
+                            initiatorName:
+                              description: initiatorName is the custom iSCSI Initiator
+                                Name. If initiatorName is specified with iscsiInterface
+                                simultaneously, new iSCSI interface <target portal>:<volume
+                                name> will be created for the connection.
+                              type: string
+                            iqn:
+                              description: iqn is the target iSCSI Qualified Name.
+                              type: string
+                            iscsiInterface:
+                              description: iscsiInterface is the interface Name that
+                                uses an iSCSI transport. Defaults to 'default' (tcp).
+                              type: string
+                            lun:
+                              description: lun represents iSCSI Target Lun number.
+                              format: int32
+                              type: integer
+                            portals:
+                              description: portals is the iSCSI Target Portal List.
+                                The portal is either an IP or ip_addr:port if the port
+                                is other than default (typically TCP ports 860 and 3260).
+                              items:
+                                type: string
+                              type: array
+                            readOnly:
+                              description: readOnly here will force the ReadOnly setting
+                                in VolumeMounts. Defaults to false.
+                              type: boolean
+                            secretRef:
+                              description: secretRef is the CHAP Secret for iSCSI target
+                                and initiator authentication
+                              properties:
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            targetPortal:
+                              description: targetPortal is iSCSI Target Portal. The
+                                Portal is either an IP or ip_addr:port if the port is
+                                other than default (typically TCP ports 860 and 3260).
+                              type: string
+                          required:
+                          - iqn
+                          - lun
+                          - targetPortal
+                          type: object
+                        name:
+                          description: 'name of the volume. Must be a DNS_LABEL and
+                            unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+                          type: string
+                        nfs:
+                          description: 'nfs represents an NFS mount on the host that
+                            shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                          properties:
+                            path:
+                              description: 'path that is exported by the NFS server.
+                                More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                              type: string
+                            readOnly:
+                              description: 'readOnly here will force the NFS export
+                                to be mounted with read-only permissions. Defaults to
+                                false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                              type: boolean
+                            server:
+                              description: 'server is the hostname or IP address of
+                                the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                              type: string
+                          required:
+                          - path
+                          - server
+                          type: object
+                        persistentVolumeClaim:
+                          description: 'persistentVolumeClaimVolumeSource represents
+                            a reference to a PersistentVolumeClaim in the same namespace.
+                            More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+                          properties:
+                            claimName:
+                              description: 'claimName is the name of a PersistentVolumeClaim
+                                in the same namespace as the pod using this volume.
+                                More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+                              type: string
+                            readOnly:
+                              description: readOnly Will force the ReadOnly setting
+                                in VolumeMounts. Default false.
+                              type: boolean
+                          required:
+                          - claimName
+                          type: object
+                        photonPersistentDisk:
+                          description: photonPersistentDisk represents a PhotonController
+                            persistent disk attached and mounted on kubelets host machine
+                          properties:
+                            fsType:
+                              description: fsType is the filesystem type to mount. Must
+                                be a filesystem type supported by the host operating
+                                system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
+                                to be "ext4" if unspecified.
+                              type: string
+                            pdID:
+                              description: pdID is the ID that identifies Photon Controller
+                                persistent disk
+                              type: string
+                          required:
+                          - pdID
+                          type: object
+                        portworxVolume:
+                          description: portworxVolume represents a portworx volume attached
+                            and mounted on kubelets host machine
+                          properties:
+                            fsType:
+                              description: fSType represents the filesystem type to
+                                mount Must be a filesystem type supported by the host
+                                operating system. Ex. "ext4", "xfs". Implicitly inferred
+                                to be "ext4" if unspecified.
+                              type: string
+                            readOnly:
+                              description: readOnly defaults to false (read/write).
+                                ReadOnly here will force the ReadOnly setting in VolumeMounts.
+                              type: boolean
+                            volumeID:
+                              description: volumeID uniquely identifies a Portworx volume
+                              type: string
+                          required:
+                          - volumeID
+                          type: object
+                        projected:
+                          description: projected items for all in one resources secrets,
+                            configmaps, and downward API
+                          properties:
+                            defaultMode:
+                              description: defaultMode are the mode bits used to set
+                                permissions on created files by default. Must be an
+                                octal value between 0000 and 0777 or a decimal value
+                                between 0 and 511. YAML accepts both octal and decimal
+                                values, JSON requires decimal values for mode bits.
+                                Directories within the path are not affected by this
+                                setting. This might be in conflict with other options
+                                that affect the file mode, like fsGroup, and the result
+                                can be other mode bits set.
+                              format: int32
+                              type: integer
+                            sources:
+                              description: sources is the list of volume projections
+                              items:
+                                description: Projection that may be projected along
+                                  with other supported volume types
+                                properties:
+                                  configMap:
+                                    description: configMap information about the configMap
+                                      data to project
+                                    properties:
+                                      items:
+                                        description: items if unspecified, each key-value
+                                          pair in the Data field of the referenced ConfigMap
+                                          will be projected into the volume as a file
+                                          whose name is the key and content is the value.
+                                          If specified, the listed keys will be projected
+                                          into the specified paths, and unlisted keys
+                                          will not be present. If a key is specified
+                                          which is not present in the ConfigMap, the
+                                          volume setup will error unless it is marked
+                                          optional. Paths must be relative and may not
+                                          contain the '..' path or start with '..'.
+                                        items:
+                                          description: Maps a string key to a path within
+                                            a volume.
+                                          properties:
+                                            key:
+                                              description: key is the key to project.
+                                              type: string
+                                            mode:
+                                              description: 'mode is Optional: mode bits
+                                                used to set permissions on this file.
+                                                Must be an octal value between 0000
+                                                and 0777 or a decimal value between
+                                                0 and 511. YAML accepts both octal and
+                                                decimal values, JSON requires decimal
+                                                values for mode bits. If not specified,
+                                                the volume defaultMode will be used.
+                                                This might be in conflict with other
+                                                options that affect the file mode, like
+                                                fsGroup, and the result can be other
+                                                mode bits set.'
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              description: path is the relative path
+                                                of the file to map the key to. May not
+                                                be an absolute path. May not contain
+                                                the path element '..'. May not start
+                                                with the string '..'.
+                                              type: string
+                                          required:
+                                          - key
+                                          - path
+                                          type: object
+                                        type: array
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: optional specify whether the ConfigMap
+                                          or its keys must be defined
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  downwardAPI:
+                                    description: downwardAPI information about the downwardAPI
+                                      data to project
+                                    properties:
+                                      items:
+                                        description: Items is a list of DownwardAPIVolume
+                                          file
+                                        items:
+                                          description: DownwardAPIVolumeFile represents
+                                            information to create the file containing
+                                            the pod field
+                                          properties:
+                                            fieldRef:
+                                              description: 'Required: Selects a field
+                                                of the pod: only annotations, labels,
+                                                name and namespace are supported.'
+                                              properties:
+                                                apiVersion:
+                                                  description: Version of the schema
+                                                    the FieldPath is written in terms
+                                                    of, defaults to "v1".
+                                                  type: string
+                                                fieldPath:
+                                                  description: Path of the field to
+                                                    select in the specified API version.
+                                                  type: string
+                                              required:
+                                              - fieldPath
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            mode:
+                                              description: 'Optional: mode bits used
+                                                to set permissions on this file, must
+                                                be an octal value between 0000 and 0777
+                                                or a decimal value between 0 and 511.
+                                                YAML accepts both octal and decimal
+                                                values, JSON requires decimal values
+                                                for mode bits. If not specified, the
+                                                volume defaultMode will be used. This
+                                                might be in conflict with other options
+                                                that affect the file mode, like fsGroup,
+                                                and the result can be other mode bits
+                                                set.'
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              description: 'Required: Path is  the relative
+                                                path name of the file to be created.
+                                                Must not be absolute or contain the
+                                                ''..'' path. Must be utf-8 encoded.
+                                                The first item of the relative path
+                                                must not start with ''..'''
+                                              type: string
+                                            resourceFieldRef:
+                                              description: 'Selects a resource of the
+                                                container: only resources limits and
+                                                requests (limits.cpu, limits.memory,
+                                                requests.cpu and requests.memory) are
+                                                currently supported.'
+                                              properties:
+                                                containerName:
+                                                  description: 'Container name: required
+                                                    for volumes, optional for env vars'
+                                                  type: string
+                                                divisor:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  description: Specifies the output
+                                                    format of the exposed resources,
+                                                    defaults to "1"
+                                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                  x-kubernetes-int-or-string: true
+                                                resource:
+                                                  description: 'Required: resource to
+                                                    select'
+                                                  type: string
+                                              required:
+                                              - resource
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                          required:
+                                          - path
+                                          type: object
+                                        type: array
+                                    type: object
+                                  secret:
+                                    description: secret information about the secret
+                                      data to project
+                                    properties:
+                                      items:
+                                        description: items if unspecified, each key-value
+                                          pair in the Data field of the referenced Secret
+                                          will be projected into the volume as a file
+                                          whose name is the key and content is the value.
+                                          If specified, the listed keys will be projected
+                                          into the specified paths, and unlisted keys
+                                          will not be present. If a key is specified
+                                          which is not present in the Secret, the volume
+                                          setup will error unless it is marked optional.
+                                          Paths must be relative and may not contain
+                                          the '..' path or start with '..'.
+                                        items:
+                                          description: Maps a string key to a path within
+                                            a volume.
+                                          properties:
+                                            key:
+                                              description: key is the key to project.
+                                              type: string
+                                            mode:
+                                              description: 'mode is Optional: mode bits
+                                                used to set permissions on this file.
+                                                Must be an octal value between 0000
+                                                and 0777 or a decimal value between
+                                                0 and 511. YAML accepts both octal and
+                                                decimal values, JSON requires decimal
+                                                values for mode bits. If not specified,
+                                                the volume defaultMode will be used.
+                                                This might be in conflict with other
+                                                options that affect the file mode, like
+                                                fsGroup, and the result can be other
+                                                mode bits set.'
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              description: path is the relative path
+                                                of the file to map the key to. May not
+                                                be an absolute path. May not contain
+                                                the path element '..'. May not start
+                                                with the string '..'.
+                                              type: string
+                                          required:
+                                          - key
+                                          - path
+                                          type: object
+                                        type: array
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: optional field specify whether
+                                          the Secret or its key must be defined
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  serviceAccountToken:
+                                    description: serviceAccountToken is information
+                                      about the serviceAccountToken data to project
+                                    properties:
+                                      audience:
+                                        description: audience is the intended audience
+                                          of the token. A recipient of a token must
+                                          identify itself with an identifier specified
+                                          in the audience of the token, and otherwise
+                                          should reject the token. The audience defaults
+                                          to the identifier of the apiserver.
+                                        type: string
+                                      expirationSeconds:
+                                        description: expirationSeconds is the requested
+                                          duration of validity of the service account
+                                          token. As the token approaches expiration,
+                                          the kubelet volume plugin will proactively
+                                          rotate the service account token. The kubelet
+                                          will start trying to rotate the token if the
+                                          token is older than 80 percent of its time
+                                          to live or if the token is older than 24 hours.Defaults
+                                          to 1 hour and must be at least 10 minutes.
+                                        format: int64
+                                        type: integer
+                                      path:
+                                        description: path is the path relative to the
+                                          mount point of the file to project the token
+                                          into.
+                                        type: string
+                                    required:
+                                    - path
+                                    type: object
+                                type: object
+                              type: array
+                          type: object
+                        quobyte:
+                          description: quobyte represents a Quobyte mount on the host
+                            that shares a pod's lifetime
+                          properties:
+                            group:
+                              description: group to map volume access to Default is
+                                no group
+                              type: string
+                            readOnly:
+                              description: readOnly here will force the Quobyte volume
+                                to be mounted with read-only permissions. Defaults to
+                                false.
+                              type: boolean
+                            registry:
+                              description: registry represents a single or multiple
+                                Quobyte Registry services specified as a string as host:port
+                                pair (multiple entries are separated with commas) which
+                                acts as the central registry for volumes
+                              type: string
+                            tenant:
+                              description: tenant owning the given Quobyte volume in
+                                the Backend Used with dynamically provisioned Quobyte
+                                volumes, value is set by the plugin
+                              type: string
+                            user:
+                              description: user to map volume access to Defaults to
+                                serivceaccount user
+                              type: string
+                            volume:
+                              description: volume is a string that references an already
+                                created Quobyte volume by name.
+                              type: string
+                          required:
+                          - registry
+                          - volume
+                          type: object
+                        rbd:
+                          description: 'rbd represents a Rados Block Device mount on
+                            the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md'
+                          properties:
+                            fsType:
+                              description: 'fsType is the filesystem type of the volume
+                                that you want to mount. Tip: Ensure that the filesystem
+                                type is supported by the host operating system. Examples:
+                                "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                                if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
+                                TODO: how do we prevent errors in the filesystem from
+                                compromising the machine'
+                              type: string
+                            image:
+                              description: 'image is the rados image name. More info:
+                                https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                              type: string
+                            keyring:
+                              description: 'keyring is the path to key ring for RBDUser.
+                                Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                              type: string
+                            monitors:
+                              description: 'monitors is a collection of Ceph monitors.
+                                More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                              items:
+                                type: string
+                              type: array
+                            pool:
+                              description: 'pool is the rados pool name. Default is
+                                rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                              type: string
+                            readOnly:
+                              description: 'readOnly here will force the ReadOnly setting
+                                in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                              type: boolean
+                            secretRef:
+                              description: 'secretRef is name of the authentication
+                                secret for RBDUser. If provided overrides keyring. Default
+                                is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                              properties:
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            user:
+                              description: 'user is the rados user name. Default is
+                                admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                              type: string
+                          required:
+                          - image
+                          - monitors
+                          type: object
+                        scaleIO:
+                          description: scaleIO represents a ScaleIO persistent volume
+                            attached and mounted on Kubernetes nodes.
+                          properties:
+                            fsType:
+                              description: fsType is the filesystem type to mount. Must
+                                be a filesystem type supported by the host operating
+                                system. Ex. "ext4", "xfs", "ntfs". Default is "xfs".
+                              type: string
+                            gateway:
+                              description: gateway is the host address of the ScaleIO
+                                API Gateway.
+                              type: string
+                            protectionDomain:
+                              description: protectionDomain is the name of the ScaleIO
+                                Protection Domain for the configured storage.
+                              type: string
+                            readOnly:
+                              description: readOnly Defaults to false (read/write).
+                                ReadOnly here will force the ReadOnly setting in VolumeMounts.
+                              type: boolean
+                            secretRef:
+                              description: secretRef references to the secret for ScaleIO
+                                user and other sensitive information. If this is not
+                                provided, Login operation will fail.
+                              properties:
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            sslEnabled:
+                              description: sslEnabled Flag enable/disable SSL communication
+                                with Gateway, default false
+                              type: boolean
+                            storageMode:
+                              description: storageMode indicates whether the storage
+                                for a volume should be ThickProvisioned or ThinProvisioned.
+                                Default is ThinProvisioned.
+                              type: string
+                            storagePool:
+                              description: storagePool is the ScaleIO Storage Pool associated
+                                with the protection domain.
+                              type: string
+                            system:
+                              description: system is the name of the storage system
+                                as configured in ScaleIO.
+                              type: string
+                            volumeName:
+                              description: volumeName is the name of a volume already
+                                created in the ScaleIO system that is associated with
+                                this volume source.
+                              type: string
+                          required:
+                          - gateway
+                          - secretRef
+                          - system
+                          type: object
+                        secret:
+                          description: 'secret represents a secret that should populate
+                            this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+                          properties:
+                            defaultMode:
+                              description: 'defaultMode is Optional: mode bits used
+                                to set permissions on created files by default. Must
+                                be an octal value between 0000 and 0777 or a decimal
+                                value between 0 and 511. YAML accepts both octal and
+                                decimal values, JSON requires decimal values for mode
+                                bits. Defaults to 0644. Directories within the path
+                                are not affected by this setting. This might be in conflict
+                                with other options that affect the file mode, like fsGroup,
+                                and the result can be other mode bits set.'
+                              format: int32
+                              type: integer
+                            items:
+                              description: items If unspecified, each key-value pair
+                                in the Data field of the referenced Secret will be projected
+                                into the volume as a file whose name is the key and
+                                content is the value. If specified, the listed keys
+                                will be projected into the specified paths, and unlisted
+                                keys will not be present. If a key is specified which
+                                is not present in the Secret, the volume setup will
+                                error unless it is marked optional. Paths must be relative
+                                and may not contain the '..' path or start with '..'.
+                              items:
+                                description: Maps a string key to a path within a volume.
+                                properties:
+                                  key:
+                                    description: key is the key to project.
+                                    type: string
+                                  mode:
+                                    description: 'mode is Optional: mode bits used to
+                                      set permissions on this file. Must be an octal
+                                      value between 0000 and 0777 or a decimal value
+                                      between 0 and 511. YAML accepts both octal and
+                                      decimal values, JSON requires decimal values for
+                                      mode bits. If not specified, the volume defaultMode
+                                      will be used. This might be in conflict with other
+                                      options that affect the file mode, like fsGroup,
+                                      and the result can be other mode bits set.'
+                                    format: int32
+                                    type: integer
+                                  path:
+                                    description: path is the relative path of the file
+                                      to map the key to. May not be an absolute path.
+                                      May not contain the path element '..'. May not
+                                      start with the string '..'.
+                                    type: string
+                                required:
+                                - key
+                                - path
+                                type: object
+                              type: array
+                            optional:
+                              description: optional field specify whether the Secret
+                                or its keys must be defined
+                              type: boolean
+                            secretName:
+                              description: 'secretName is the name of the secret in
+                                the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+                              type: string
+                          type: object
+                        storageos:
+                          description: storageOS represents a StorageOS volume attached
+                            and mounted on Kubernetes nodes.
+                          properties:
+                            fsType:
+                              description: fsType is the filesystem type to mount. Must
+                                be a filesystem type supported by the host operating
+                                system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
+                                to be "ext4" if unspecified.
+                              type: string
+                            readOnly:
+                              description: readOnly defaults to false (read/write).
+                                ReadOnly here will force the ReadOnly setting in VolumeMounts.
+                              type: boolean
+                            secretRef:
+                              description: secretRef specifies the secret to use for
+                                obtaining the StorageOS API credentials.  If not specified,
+                                default values will be attempted.
+                              properties:
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            volumeName:
+                              description: volumeName is the human-readable name of
+                                the StorageOS volume.  Volume names are only unique
+                                within a namespace.
+                              type: string
+                            volumeNamespace:
+                              description: volumeNamespace specifies the scope of the
+                                volume within StorageOS.  If no namespace is specified
+                                then the Pod's namespace will be used.  This allows
+                                the Kubernetes name scoping to be mirrored within StorageOS
+                                for tighter integration. Set VolumeName to any name
+                                to override the default behaviour. Set to "default"
+                                if you are not using namespaces within StorageOS. Namespaces
+                                that do not pre-exist within StorageOS will be created.
+                              type: string
+                          type: object
+                        vsphereVolume:
+                          description: vsphereVolume represents a vSphere volume attached
+                            and mounted on kubelets host machine
+                          properties:
+                            fsType:
+                              description: fsType is filesystem type to mount. Must
+                                be a filesystem type supported by the host operating
+                                system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred
+                                to be "ext4" if unspecified.
+                              type: string
+                            storagePolicyID:
+                              description: storagePolicyID is the storage Policy Based
+                                Management (SPBM) profile ID associated with the StoragePolicyName.
+                              type: string
+                            storagePolicyName:
+                              description: storagePolicyName is the storage Policy Based
+                                Management (SPBM) profile name.
+                              type: string
+                            volumePath:
+                              description: volumePath is the path that identifies vSphere
+                                volume vmdk
+                              type: string
+                          required:
+                          - volumePath
+                          type: object
+                      required:
+                      - name
+                      type: object
+                    type: array
+                type: object
+              retries:
+                default: 1
+                minimum: 1
+                type: integer
+              status:
+                default: pending
+                type: string
+            required:
+            - groups
+            - retries
+            type: object
+          status:
+            default: pending
+            type: string
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []
\ No newline at end of file
diff --git a/charts/jobs-manager-operator/templates/manager-rbac.yaml b/charts/jobs-manager-operator/templates/manager-rbac.yaml
new file mode 100644
index 0000000..72c32f8
--- /dev/null
+++ b/charts/jobs-manager-operator/templates/manager-rbac.yaml
@@ -0,0 +1,64 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ include "chart.fullname" . }}-manager-role
+  labels:
+  {{- include "chart.labels" . | nindent 4 }}
+rules:
+- apiGroups:
+  - jobsmanager.raczylo.com
+  resources:
+  - managedjobs
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - jobsmanager.raczylo.com
+  resources:
+  - managedjobs/finalizers
+  verbs:
+  - update
+- apiGroups:
+  - jobsmanager.raczylo.com
+  resources:
+  - managedjobs/status
+  verbs:
+  - get
+  - patch
+  - update
+# Add ability to manage jobs
+- apiGroups:
+  - batch
+  resources:
+  - jobs
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ include "chart.fullname" . }}-manager-rolebinding
+  labels:
+    app.kubernetes.io/component: rbac
+    app.kubernetes.io/created-by: jobs-manager-operator
+    app.kubernetes.io/part-of: jobs-manager-operator
+  {{- include "chart.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: '{{ include "chart.fullname" . }}-manager-role'
+subjects:
+- kind: ServiceAccount
+  name: '{{ include "chart.fullname" . }}-controller-manager'
+  namespace: '{{ .Release.Namespace }}'
\ No newline at end of file
diff --git a/charts/jobs-manager-operator/templates/metrics-reader-rbac.yaml b/charts/jobs-manager-operator/templates/metrics-reader-rbac.yaml
new file mode 100644
index 0000000..e446b22
--- /dev/null
+++ b/charts/jobs-manager-operator/templates/metrics-reader-rbac.yaml
@@ -0,0 +1,14 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ include "chart.fullname" . }}-metrics-reader
+  labels:
+    app.kubernetes.io/component: kube-rbac-proxy
+    app.kubernetes.io/created-by: jobs-manager-operator
+    app.kubernetes.io/part-of: jobs-manager-operator
+  {{- include "chart.labels" . | nindent 4 }}
+rules:
+- nonResourceURLs:
+  - /metrics
+  verbs:
+  - get
\ No newline at end of file
diff --git a/charts/jobs-manager-operator/templates/metrics-service.yaml b/charts/jobs-manager-operator/templates/metrics-service.yaml
new file mode 100644
index 0000000..cae8d3c
--- /dev/null
+++ b/charts/jobs-manager-operator/templates/metrics-service.yaml
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "chart.fullname" . }}-controller-manager-metrics-service
+  labels:
+    app.kubernetes.io/component: kube-rbac-proxy
+    app.kubernetes.io/created-by: jobs-manager-operator
+    app.kubernetes.io/part-of: jobs-manager-operator
+    control-plane: controller-manager
+  {{- include "chart.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.metricsService.type }}
+  selector:
+    control-plane: controller-manager
+  {{- include "chart.selectorLabels" . | nindent 4 }}
+  ports:
+	{{- .Values.metricsService.ports | toYaml | nindent 2 -}}
\ No newline at end of file
diff --git a/charts/jobs-manager-operator/templates/proxy-rbac.yaml b/charts/jobs-manager-operator/templates/proxy-rbac.yaml
new file mode 100644
index 0000000..c720530
--- /dev/null
+++ b/charts/jobs-manager-operator/templates/proxy-rbac.yaml
@@ -0,0 +1,40 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ include "chart.fullname" . }}-proxy-role
+  labels:
+    app.kubernetes.io/component: kube-rbac-proxy
+    app.kubernetes.io/created-by: jobs-manager-operator
+    app.kubernetes.io/part-of: jobs-manager-operator
+  {{- include "chart.labels" . | nindent 4 }}
+rules:
+- apiGroups:
+  - authentication.k8s.io
+  resources:
+  - tokenreviews
+  verbs:
+  - create
+- apiGroups:
+  - authorization.k8s.io
+  resources:
+  - subjectaccessreviews
+  verbs:
+  - create
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ include "chart.fullname" . }}-proxy-rolebinding
+  labels:
+    app.kubernetes.io/component: kube-rbac-proxy
+    app.kubernetes.io/created-by: jobs-manager-operator
+    app.kubernetes.io/part-of: jobs-manager-operator
+  {{- include "chart.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: '{{ include "chart.fullname" . }}-proxy-role'
+subjects:
+- kind: ServiceAccount
+  name: '{{ include "chart.fullname" . }}-controller-manager'
+  namespace: '{{ .Release.Namespace }}'
\ No newline at end of file
diff --git a/charts/jobs-manager-operator/values.yaml b/charts/jobs-manager-operator/values.yaml
new file mode 100644
index 0000000..adec7ce
--- /dev/null
+++ b/charts/jobs-manager-operator/values.yaml
@@ -0,0 +1,32 @@
+controllerManager:
+  kubeRbacProxy:
+    image:
+      repository: gcr.io/kubebuilder/kube-rbac-proxy
+      tag: v0.13.1
+    resources:
+      limits:
+        cpu: 500m
+        memory: 128Mi
+      requests:
+        cpu: 5m
+        memory: 64Mi
+  manager:
+    image:
+      repository: ghcr.io/lukaszraczylo/jobs-manager-operator
+      tag: 0.0.4
+    resources:
+      limits:
+        cpu: 500m
+        memory: 128Mi
+      requests:
+        cpu: 10m
+        memory: 64Mi
+  replicas: 1
+kubernetesClusterDomain: cluster.local
+metricsService:
+  ports:
+  - name: https
+    port: 8443
+    protocol: TCP
+    targetPort: https
+  type: ClusterIP
diff --git a/index.yaml b/index.yaml
new file mode 100644
index 0000000..4ae6f35
--- /dev/null
+++ b/index.yaml
@@ -0,0 +1,22 @@
+apiVersion: v1
+entries:
+  jobs-manager:
+  - apiVersion: v2
+    appVersion: 0.0.4
+    created: "2023-02-20T12:22:56.480386Z"
+    description: Kubernetes jobs manager operator
+    digest: de0c8c6cdff13e6ba1c2f25c197ba333b128259ebf9260ff5301ed9b1394c304
+    home: https://raczylo.com
+    keywords:
+    - operator
+    - jobs
+    - tasks
+    maintainers:
+    - email: job-manager-operator@raczylo.com
+      name: lukaszraczylo
+    name: jobs-manager
+    type: application
+    urls:
+    - https://github.com/lukaszraczylo/helm-charts/releases/download/jobs-manager-0.0.4/jobs-manager-0.0.4.tgz
+    version: 0.0.4
+generated: "2023-02-20T12:22:56.480408Z"