From b88da321f1801b71b99b93e2f907cd164c802178 Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Mon, 30 Sep 2024 09:11:08 -0500
Subject: [PATCH 01/30] Use new docker buildx with multiple outputs to save
 image

Signed-off-by: John Kjell <john@testifysec.com>
---
 .github/workflows/pipeline.yml | 32 +++++++++-----------
 policy-signed.json             |  2 +-
 policy.json                    | 53 +---------------------------------
 3 files changed, 15 insertions(+), 72 deletions(-)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index e523934..19b08e9 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -111,7 +111,7 @@ jobs:
     - name: Setup Buildx
       uses: docker/setup-buildx-action@v3
       with:
-        platforms: linux/amd64,linux/arm64
+        platforms: linux/amd64
         install: true
         use: true
 
@@ -120,28 +120,22 @@ jobs:
       with:
         version: 0.6.0
         step: build-image
-        attestations: "git github environment slsa"
+        attestations: "git github environment oci slsa"
         archivista-server: "https://judge-api.aws-sandbox-staging.testifysec.dev"        
         command: |
-          /bin/sh -c "docker buildx build --platform linux/amd64,linux/arm64 -t ${{ steps.meta.outputs.tags }} --push ."
+          /bin/sh -c "docker buildx build -t ${{ steps.meta.outputs.tags }} -o type=docker,dest=image.tar --push ."
+          
+    - name: Upload Artifact
+      uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
+      with:
+        name: image.tar
+        path: image.tar
+
     outputs:
       tags: ${{ steps.meta.outputs.tags }}
-          
-  save-image:
-    needs: build-image
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@reusable-workflow
-    with:
-      pull_request: ${{ github.event_name == 'pull_request' }}
-      step: save-image
-      attestations: "git github environment slsa oci"
-      archivista-server: "https://judge-api.aws-sandbox-staging.testifysec.dev"      
-      command: |
-        docker pull ${{ needs.build-image.outputs.tags }} && docker save ${{ needs.build-image.outputs.tags }} -o image.tar
-      artifact-upload-name: image.tar
-      artifact-upload-path: image.tar
-  
+
   generate-sbom:
-    needs: save-image
+    needs: build-image
     uses: testifysec/witness-run-action/.github/workflows/witness.yml@reusable-workflow
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
@@ -158,7 +152,7 @@ jobs:
       artifact-upload-path: sbom.cdx.json
 
   secret-scan:
-    needs: save-image
+    needs: build-image
     uses: testifysec/witness-run-action/.github/workflows/witness.yml@reusable-workflow
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
diff --git a/policy-signed.json b/policy-signed.json
index 8fde404..73a3b4b 100644
--- a/policy-signed.json
+++ b/policy-signed.json
@@ -1 +1 @@
-{"payload":"ewogICAgImV4cGlyZXMiOiAiMjAyNS0xMi0xN1QyMzo1Nzo0MC0wNTowMCIsCiAgICAic3RlcHMiOiB7CiAgICAgICJmbXQiOiB7CiAgICAgICAgIm5hbWUiOiAiZm10IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfSwKICAgICAgInZldCI6IHsKICAgICAgICAibmFtZSI6ICJ2ZXQiLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAibGludCI6IHsKICAgICAgICAibmFtZSI6ICJsaW50IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIsCiAgICAgICAgICAgICJyZWdvcG9saWNpZXMiOiBbCiAgICAgICAgICAgICAgewogICAgICAgICAgICAgICAgIm5hbWUiOiAiZXhwZWN0ZWQgY29tbWFuZCIsCiAgICAgICAgICAgICAgICAibW9kdWxlIjogImNHRmphMkZuWlNCamIyMXRZVzVrY25WdUxtTnRaQW9LWkdWdWVWdHRjMmRkSUhzS0NXbHVjSFYwTG1OdFpDQWhQU0JiSWk5aWFXNHZjMmdpTENBaUxXTWlMQ0FpYUdGa2IyeHBiblFnTFdZZ2MyRnlhV1lnUkc5amEyVnlabWxzWlNBK0lHaGhaRzlzYVc1MExuTmhjbWxtSWwwS0NXMXpaeUE2UFNBaWRXNWxlSEJsWTNSbFpDQmpiV1FpQ24wSyIKICAgICAgICAgICAgICB9CiAgICAgICAgICAgIF0KICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfSwKICAgICAgInVuaXQtdGVzdCI6IHsKICAgICAgICAibmFtZSI6ICJ1bml0LXRlc3QiLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAic2FzdCI6IHsKICAgICAgICAibmFtZSI6ICJzYXN0IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfSwKICAgICAgImJ1aWxkLWltYWdlIjogewogICAgICAgICJuYW1lIjogImJ1aWxkLWltYWdlIiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vc2xzYS5kZXYvcHJvdmVuYW5jZS92MS4wIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAic2F2ZS1pbWFnZSI6IHsKICAgICAgICAibmFtZSI6ICJzYXZlLWltYWdlIiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vc2xzYS5kZXYvcHJvdmVuYW5jZS92MS4wIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAiZ2VuZXJhdGUtc2JvbSI6IHsKICAgICAgICAibmFtZSI6ICJnZW5lcmF0ZS1zYm9tIiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfSwKICAgICAgInNlY3JldC1zY2FuIjogewogICAgICAgICJuYW1lIjogInNlY3JldC1zY2FuIiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfQogICAgfSwKICAgICJyb290cyI6IHsKICAgICAgImRjZjE2NmVlYmU3Y2JkOTc2MDk0N2E4ODIxM2Q5NGU2NTYzNDljNjQ3ZDQzOTU2OWRjNzZhMjc1ZjA1YjcxNTkiOiB7CiAgICAgICAgImNlcnRpZmljYXRlIjogIkxTMHRMUzFDUlVkSlRpQkRSVkpVU1VaSlEwRlVSUzB0TFMwdENrMUpTVU5IYWtORFFXRkhaMEYzU1VKQlowbFZRVXh1Vm1sV1ptNVZNR0p5U21GemJWSnJTSEp1TDFWdVptRlJkME5uV1VsTGIxcEplbW93UlVGM1RYY0tTMnBGVmsxQ1RVZEJNVlZGUTJoTlRXTXliRzVqTTFKMlkyMVZkVnBIVmpKTlVrVjNSSGRaUkZaUlVVUkZkMmg2WVZka2VtUkhPWGxhVkVGbFJuY3dlUXBOYWtFd1RWUk5lVTFFUVRKTlZGWmhSbmN3ZWsxVVJYZE5SRlY0VFhwVk1rNVVhR0ZOUkdONFJsUkJWRUpuVGxaQ1FXOVVSRWhPY0ZvelRqQmlNMHBzQ2t4dFVteGtha1ZsVFVKM1IwRXhWVVZCZUUxV1l6SnNibU16VW5aamJWVjBZVmMxTUZwWVNuUmFWMUp3V1ZoU2JFMUlXWGRGUVZsSVMyOWFTWHBxTUVNS1FWRlpSa3MwUlVWQlEwbEVXV2RCUlRoU1ZsTXZlWE5JSzA1UGRuVkVXbmxRU1ZwMGFXeG5WVVk1VG14aGNsbHdRV1E1U0ZBeGRrSkNTREZWTlVOV053bzNURk5UTjNNd1dtbElORzVGTjBoMk4zQjBVelpNZG5aU0wxTlVhemM1T0V4V1owMTZUR3hLTkVobFNXWkdNM1JJVTJGbGVFeGpXWEJUUVZOeU1XdFRDakJPTDFKblFrcDZMemxxVjBOcFdHNXZNM04zWlZSQlQwSm5UbFpJVVRoQ1FXWTRSVUpCVFVOQlVWbDNSWGRaUkZaU01HeENRWGQzUTJkWlNVdDNXVUlLUWxGVlNFRjNUWGRGWjFsRVZsSXdWRUZSU0M5Q1FXZDNRbWRGUWk5M1NVSkJSRUZrUW1kT1ZraFJORVZHWjFGVk16bFFjSG94V1d0RldtSTFjVTVxY0FwTFJsZHBlR2swV1ZwRU9IZElkMWxFVmxJd2FrSkNaM2RHYjBGVlYwMUJaVmcxUmtad1YyRndaWE41VVc5YVRXa3dRM0pHZUdadmQwTm5XVWxMYjFwSkNucHFNRVZCZDAxRVduZEJkMXBCU1hkUVEzTlJTelJFV1dsYVdVUlFTV0ZFYVRWSVJrdHVabmhZZURaQlUxTldiVVZTWm5ONWJsbENhVmd5V0RaVFNsSUtibHBWT0RRdk9VUmFaRzVHZG5aNGJVRnFRazkwTmxGd1FteGpORW92TUVSNGRtdFVRM0Z3WTJ4MmVtbE1Oa0pEUTFCdWFtUnNTVUl6VUhVelFuaHpVQXB0ZVdkVldUZEphVEo2WW1SRFpHeHBhVzkzUFFvdExTMHRMVVZPUkNCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2dvPSIsCiAgICAgICAgImludGVybWVkaWF0ZXMiOiBbCiAgICAgICAgICAiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVSTVla05EUVZoNVowRjNTVUpCWjBsVlFVeGFUa0ZRUm1SNFNGQjNhbVZFYkc5RWQzbFpRMmhCVHk4MGQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1MycEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWtWM1JIZFpSRlpSVVVSRmQyaDZZVmRrZW1SSE9YbGFWRUZsUm5jd2VRcE5WRVYzVFVSamVFMTZWVEpPVkd4aFJuY3dlazFVUlhkTlJGVjRUWHBWTWs1VWFHRk5RMjk0UmxSQlZFSm5UbFpDUVc5VVJFaE9jRm96VGpCaU0wcHNDa3h0VW14a2FrVlNUVUU0UjBFeFZVVkJlRTFKWXpKc2JtTXpVblpqYlZWM1pHcEJVVUpuWTNGb2EycFBVRkZKUWtKblZYSm5VVkZCU1dkT2FVRkJWRGNLV0dWR1ZEUnlZak5RVVVkM1V6UkpZV3AwVEdzekwwOXNibkJuWVc1bllVSmpiRmx3YzFsQ2NqVnBLelI1YmtJd04yTmxZak5NVURCUFNVOWFaSGhsZUFwWU5qbGpOV2xXZFhsS1VsRXJTSG93TlhscEsxVkdNM1ZDVjBGc1NIQnBVelZ6YURBclNESkhTRVUzVTFoeWF6RkZRelZ0TVZSeU1UbE1PV2RuT1RKcUNsbDZRbWhOUVRSSFFURlZaRVIzUlVJdmQxRkZRWGRKUWtKcVFWQkNaMDVXU0ZKTlFrRm1PRVZDVkVGRVFWRklMMDFDTUVkQk1WVmtSR2RSVjBKQ1Vsa0tkMEkxWm10VlYyeGFjV3cyZWtwRGFHdDVURkZMYzFoR0sycEJaa0puVGxaSVUwMUZSMFJCVjJkQ1VsbDNRalZtYTFWWGJGcHhiRFo2U2tOb2EzbE1VUXBMYzFoR0sycEJTMEpuWjNGb2EycFBVRkZSUkVGM1RuQkJSRUp0UVdwRlFXb3hia2hsV0Zwd0t6RXpUbGRDVG1FclJVUnpSRkE0UnpGWFYyY3hkRU5OQ2xkUUwxZElVSEZ3WVZadk1HcG9jM2RsVGtaYVoxTnpNR1ZGTjNkWlNUUnhRV3BGUVRKWFFqbHZkRGs0YzBscmIwWXpkbHBaWkdRekwxWjBWMEkxWWprS1ZFNU5aV0UzU1hndmMzUktOVlJtWTB4TVpVRkNURVUwUWs1S1QzTlJOSFp1UWtoS0NpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyIKICAgICAgICBdCiAgICAgIH0KICAgIH0sCiAgICAidGltZXN0YW1wYXV0aG9yaXRpZXMiOiB7CiAgICAgICJmcmVldHNhIjogewogICAgICAgICJjZXJ0aWZpY2F0ZSI6ICJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VndmVrTkRRbVZsWjBGM1NVSkJaMGxLUVUxSWNHaG9XVTV4VDIxQlRVRXdSME5UY1VkVFNXSXpSRkZGUWtSUlZVRk5TVWRXVFZKRmQwUjNXVVFLVmxGUlMwVjNhRWRqYlZac1NVWlNWRkZVUlZGTlFUUkhRVEZWUlVONFRVaFZiVGwyWkVOQ1JGRlVSVmxOUWxsSFFURlZSVUY0VFZCa00yUXpURzFhZVFwYVYxWXdZekpGZFdJelNtNU5VMGwzU1VGWlNrdHZXa2xvZG1OT1FWRnJRa1pvVG1sa1dFNXdZa2RXTmxsWVRrRmFNakZvWVZkM2RWa3lPWFJOVWtsM0NrVkJXVVJXVVZGSVJYZHNXR1JYVm5sbGJVb3hZMjFqZUVSNlFVNUNaMDVXUWtGblZFSnJTbWhsVjFaNVltcEZURTFCYTBkQk1WVkZRbWhOUTFKRlZYY0tTR2hqVGsxVVdYZE5la1Y2VFVSRk1VMXFSWHBYYUdOT1RrUkZkMDE2UVROTlJFVXhUV3BGZWxkcVEwSnNWRVZTVFVFNFIwRXhWVVZEYUUxSlVtNUtiQXBhVTBKVlZUQkZlRVZFUVU5Q1owNVdRa0Z6VkVJeFNuWmlNMUZuVVRCRmVFZEVRVmRDWjA1V1FrRk5WRVF6WkROa2VUVnRZMjFXYkdSSVRtaE1iVGw1Q2xwNlJXbE5RMEZIUTFOeFIxTkpZak5FVVVWS1FWSlpWRmx1Vm5waFYzaHNaVzFHZWxGSFpIUlpWMnh6VEcxT2RtSlVSVk5OUWtGSFFURlZSVUo0VFVvS1ZqTldiR051Y0dsa1dFcHVUVkU0ZDBSUldVUldVVkZKUlhkYVExbFliR3hqYlRSNFEzcEJTa0puVGxaQ1FWbFVRV3RTUmsxSlNVTkpha0ZPUW1kcmNRcG9hMmxIT1hjd1FrRlJSVVpCUVU5RFFXYzRRVTFKU1VORFowdERRV2RGUVhSblMwOUVha0Y1T0ZKRlVUSlhWRTV4VlhWa1FXNXFhR3hEY25CRk5uRnNDbTFSWms1d2NHVlViVloyV25KSU5IcDFkRzRyVG5kVVlVaEJSM0JxVTBkMk5DOVhVbkJhTVhkYU0wSlNXalZ0VUZWQ1dubE1aM0V3V1hKSlpsRTFSbmdLTUhNdlRWSmFVSHBqTVhJemJFdFhjazFTT1hOQlVYZzBiVTQwZWpFeGVFWkZUelV5T1V3d1pFWkthbEJHT1UxRU9FZHdaREptWlZkNlIzbHdkR3hsYkFwaUsxQnhWQ3NySzJaUFlUSnZXVEFyVG1GTlRUZHNMM2hqVGtoUVQyRk5lakF2TW05c2F6QnBNakpvWWt0bFZtaDJiMnRRUTNGb1JtaDZjM1ZvUzNOdENuRTBUMll2Ynl0ME5tUkpOM040Tldnd2JsQk5iVFJuUjFOU2FHWnhLM28yUWxSU1owTnljVkZITWtaUFRHOVdSbWQwTm1sSmJTOUNiazVtWmxWeU4xWUtSRmxrTTNwYWJVbDNSazlxTDBnelJFdEliMGRwYXk5NFN6TkZPREpaUVRKYWRXeFdUMFpTVnk5NmFqUkJjR3BRWVRWUFJtSndTV3RrTUhCdGVuaDZaQXBGWTB3ME56bG9VMEU1WkVacGVWWnRVM2hRZEZrMWVtVXhVQ3RDUlRsaVRWVXhVRk5qY0ZKNmR6aE5TRVpZZUhsTGNWY3hNMUYyTjB4WGR6UnpZbXN6Q2xOamFVSTNSMEZEWWxGcFZrZDZaMnQyV0VjMmVUZzFTRTkxZGxkT2RrTTFSMHhUYVhsUU9VZHNVRUl3VmpZNGRHSjRlalJLVmxSU1pIY3ZXRzR2V0ZRS1JrNTZVa0pOTTJOeE9HeENUMEZXZEM5UVFWZzFLM1ZHWTNZeFV6bDNSa1U0V1dwaFFtWlhRMUF4YW1SQ2FXd3JZelJsS3pCMFpIbDNWREp2U20xWlFncENSaTlyUlhReGQyMUhkMDF0U0hWdVRrVjFVVTU2YURGR2RFcFpOVFJvWWxWbWFWZHBNemh0UVZORk4zaE5kRTFvWm1vdlF6UlRkbUZ3YVVST09ETTNDbWRaWVZCbWN6aDRNMHRhZUdKWU4wTXpXVUZ6Um01S2FXNXNkMEZWYzNNeFptUkxZWEk0VVM5WlZuTTNTQzl1VlRSak5FbDRlSGg2TkdZMk4yWmpWbkVLVFRKSlZFdGxiblJpUTAxRFFYZEZRVUZoVDBOQmF6UjNaMmRLUzAxQmQwZEJNVlZrUlhkUlJrMUJUVUpCWmpoM1JHZFpSRlpTTUZCQlVVZ3ZRa0ZSUkFwQlowaEhUVUl3UjBFeFZXUkVaMUZYUWtKVU5sWlJNazFPUjFwU1VUQjZNelUzVDI1aVNsZDJaWFZoYTJ4NlEwSjVaMWxFVmxJd2FrSkpTRU5OU1VjdkNtZENWRFpXVVRKTlRrZGFVbEV3ZWpNMU4wOXVZa3BYZG1WMVlXdHNOa2RDYlRaVFFtMUVRMEpzVkVWU1RVRTRSMEV4VlVWRGFFMUpVbTVLYkZwVFFsVUtWVEJGZUVWRVFVOUNaMDVXUWtGelZFSXhTblppTTFGblVUQkZlRWRFUVZkQ1owNVdRa0ZOVkVRelpETmtlVFZ0WTIxV2JHUklUbWhNYlRsNVducEZhUXBOUTBGSFExTnhSMU5KWWpORVVVVktRVkpaVkZsdVZucGhWM2hzWlcxR2VsRkhaSFJaVjJ4elRHMU9kbUpVUlZOTlFrRkhRVEZWUlVKNFRVcFdNMVpzQ21OdWNHbGtXRXB1VFZFNGQwUlJXVVJXVVZGSlJYZGFRMWxZYkd4amJUUjRRM3BCU2tKblRsWkNRVmxVUVd0U1JtZG5hMEYzWlcxSFJtY3lielpaUVhjS1RYZFpSRlpTTUdaQ1EzZDNTMnBCYjI5RFlXZEtTVmxwWVVoU01HTkViM1pNTTJRelpIazFiV050Vm14a1NFNW9URzA1ZVZwNU9YbGlNamt3V0RKT2FBcE1iVTU1WWtSRFFucDNXVVJXVWpCblFrbElTRTFKU0VWTlNVaENRbWR2Y2tKblJVVkJXVWg1U2tGRlFrMUpSM2xOUkUxSFEwTnpSMEZSVlVaQ2QwbENDa1pwWkc5a1NGSjNUMms0ZG1RelpETk1iVnA1V2xkV01HTXlSWFZpTTBwdVRESmFlVnBYVmpCak1rWm1XVE5DZWt4dGFEQmlWM2QzVFdkWlNVdDNXVUlLUWxGVlNFRm5SVmRLYldnd1pFaEJOa3g1T1ROa00yTjFXbTVLYkZwWVVucFpVelYyWTIxamRscHVTbXhhV0ZKNldWWTVhbU5JVFhWalIxSnRUVVZqUndwRFEzTkhRVkZWUmtKM1NVTk5SSE5oVDFWYWVWcFhWbFZWTUVWblpFaEtNV016VW14YVEwSXdZVmN4YkdNelVtaGlXRUp3WW0xaloxVXlPVzFrU0dSb0NtTnRWV2RaV0UxbldWTkNWRnBZU2pKaFYwNXNTVU5vVkZsWFJsUkxWRUV6UW1kbmNrSm5SVVpDVVdOQ1FWRlJjazFEYTNkS2QxbEpTM2RaUWtKUlZVZ0tUVUZIUjBjeWFEQmtTRUUyVEhrNU0yUXpZM1ZhYmtwc1dsaFNlbGxUTlhaamJXTTJUV3BWTWsxRVFVNUNaMnR4YUd0cFJ6bDNNRUpCVVRCR1FVRlBRd3BCWjBWQllVczVLM1kxVDBaWmRUbE5ObnAwV1VNclREWTVjM2N4YjIxa2VXeHBPRGxzV2tGbWNGZE5UV2c1UTFKdFNtaE5Oa3RDY1UwdmFYQjNiMHgwQ201NGVYaEhjMkpEVUdoalVXcDFWSFo2YlN0NWJFNDJWbmRVVFcxSmJGWjVWbE5NUzFsYVkyUlRhblF2WlVOVlRpczBNVXMzYzBRM1IxWnRlRnBDUVVZS1NVeHVRa1J0VkVkS2JVeHJjbFV3UzNWMVNYQnFPR3hKTDBVMldqWk9ibTExVURJclVrRlJVMGh6WmtKUmFUWnpjM051V0Uxdk5FaFBWelZuZEZCUE53cG5SSEpWY0ZaWVNVUXJLekZRTkZodVpHdHZTMjQzVTNaM05XNHdlbE01Wm5ZeGFIaENZMWxKU0ZCUVVWVjZaVEoxTXpCaVFWRjBNRzR3YVVsNVVreDZDbUZYZFdoMGNFRjBaRGRtWm5kRllrRlRaM3BDTjBVclRrZEdOSFJ3VmpNM1pUaExhVUV5ZUdsSFUxSnhWRFZ1WkhVeU9HWm5jRTlaT0RkblJETkJjbG9LUkdOMFduWjJWRU5tU0dSQlV6VnJSVTh6WjI1SFIyVmFSVlpNUkcxbVJYTjJPRlJIU21FelFXeHFWbUUxUlRRd1NWRkVjMVZZY0ZGTWFUaEhLMVZETkFveFJGZGFkVGhGVmxRMGNtNVpZVU4zTVZaWU4xTm9UMUl4VUU1RFEzWnFZamhUT0hSbVpIVmtaRGw2YUZVelowVkNNSEo0WkdWVWVURjBWbUpPVEZoWENqazVlVGt3ZUdOM2NqRmFTVVJWZDAwdmVGRXZibTlQT0VaU2FHMHdURzlRUXpjelJXWXJTalJhUW1SeWRsZDNZWFZHTTNwS1pUTXpaRFJwWW5oRlkySUtPQzl3ZWpWWGVrWnJaV2w0V1UweWJuTklhSEZJYzBKTGR6ZEtVRzkxUzA1WVVtNXNOVWxCUlRGbFJtMXhSSGxETjBjdlZsUTNUMFkyTmpsNFRUWm9ZZ3BWZERWSE1qRktSVFJqVGtzMlRrNTFZMU1yWm5wbk1VcFFXREFyTTFab2MxbGFhbW8zUkRWMWJHcFNkbEZZY2tvNGFVaG5jaTlOTm1veWIweElkbFJCQ2treVRVeGtjVEp4YWxwR1JFOURXSE40UW5oS2NHSnRURWRDZURsdmR6WmFaWEpzVlhoNmQzTXlRVmQyTW5CclBRb3RMUzB0TFVWT1JDQkRSVkpVU1VaSlEwRlVSUzB0TFMwdENnPT0iCiAgICAgIH0KICAgIH0KICB9Cg==","payloadType":"https://witness.testifysec.com/policy/v0.1","signatures":[{"keyid":"6516d0812cb5a0d01f7f014f88e04c5d4c2d89a64e788a12950ba950fb43ef45","sig":"P8Glo25onljPDfifSr7ohGkRy9ATE0Y9ILTCCIUGmbHM0HT17Kvf0koEGpA3czHHXyjGS5ISdsPk76lQesoMIa8Lq0HhYUwqzalYxASWVLIwVwNqephAkhH59z6DBavF/aEZTJgeu8E8/pyLolRSu5XSgX7VZMNTxVnwklHTZuENHQt9zFPXl1roXf7ejvy5tG7UnyH1iUxi2Eb9fbNy8R3dm5bAgqEVB14MUdUn618HttzBYeu1asSyIrIzq7Oo3vV7+U6C4XFPphmSiyYut6Y0Lv1H3Zxq4pUkSUz2ZFsmSxeAUjG4OTBfIYldToXiF5+rKzY2pRb85Wty+Ln64w=="}]}
+{"payload":"ewogICAgImV4cGlyZXMiOiAiMjAyNS0xMi0xN1QyMzo1Nzo0MC0wNTowMCIsCiAgICAic3RlcHMiOiB7CiAgICAgICJmbXQiOiB7CiAgICAgICAgIm5hbWUiOiAiZm10IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfSwKICAgICAgInZldCI6IHsKICAgICAgICAibmFtZSI6ICJ2ZXQiLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAibGludCI6IHsKICAgICAgICAibmFtZSI6ICJsaW50IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIsCiAgICAgICAgICAgICJyZWdvcG9saWNpZXMiOiBbCiAgICAgICAgICAgICAgewogICAgICAgICAgICAgICAgIm5hbWUiOiAiZXhwZWN0ZWQgY29tbWFuZCIsCiAgICAgICAgICAgICAgICAibW9kdWxlIjogImNHRmphMkZuWlNCamIyMXRZVzVrY25WdUxtTnRaQW9LWkdWdWVWdHRjMmRkSUhzS0NXbHVjSFYwTG1OdFpDQWhQU0JiSWk5aWFXNHZjMmdpTENBaUxXTWlMQ0FpYUdGa2IyeHBiblFnTFdZZ2MyRnlhV1lnUkc5amEyVnlabWxzWlNBK0lHaGhaRzlzYVc1MExuTmhjbWxtSWwwS0NXMXpaeUE2UFNBaWRXNWxlSEJsWTNSbFpDQmpiV1FpQ24wSyIKICAgICAgICAgICAgICB9CiAgICAgICAgICAgIF0KICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfSwKICAgICAgInVuaXQtdGVzdCI6IHsKICAgICAgICAibmFtZSI6ICJ1bml0LXRlc3QiLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAic2FzdCI6IHsKICAgICAgICAibmFtZSI6ICJzYXN0IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfSwKICAgICAgImJ1aWxkLWltYWdlIjogewogICAgICAgICJuYW1lIjogImJ1aWxkLWltYWdlIiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vc2xzYS5kZXYvcHJvdmVuYW5jZS92MS4wIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvb2NpL3YwLjEiCiAgICAgICAgICB9CiAgICAgICAgXSwKICAgICAgICAiZnVuY3Rpb25hcmllcyI6IFsKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAicm9vdCIsCiAgICAgICAgICAgICJjZXJ0Q29uc3RyYWludCI6IHsKICAgICAgICAgICAgICAiY29tbW9ubmFtZSI6ICIqIiwKICAgICAgICAgICAgICAiZG5zbmFtZXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJlbWFpbHMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJvcmdhbml6YXRpb25zIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAidXJpcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInJvb3RzIjogWwogICAgICAgICAgICAgICAgImRjZjE2NmVlYmU3Y2JkOTc2MDk0N2E4ODIxM2Q5NGU2NTYzNDljNjQ3ZDQzOTU2OWRjNzZhMjc1ZjA1YjcxNTkiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZXh0ZW5zaW9ucyI6IHsKICAgICAgICAgICAgICAgICJpc3N1ZXIiOiAiaHR0cHM6Ly90b2tlbi5hY3Rpb25zLmdpdGh1YnVzZXJjb250ZW50LmNvbSIsCiAgICAgICAgICAgICAgICAic291cmNlX3JlcG9zaXRvcnlfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3N3ZiIsCiAgICAgICAgICAgICAgICAiYnVpbGRfc2lnbmVyX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy93aXRuZXNzLXJ1bi1hY3Rpb24vLmdpdGh1Yi93b3JrZmxvd3Mvd2l0bmVzcy55bWxAcmVmcy9oZWFkcy9yZXVzYWJsZS13b3JrZmxvdyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfc2lnbmVyX2RpZ2VzdCI6ICJkNjZmODllYzg1MzkzOThlZDk5MDRkMWE2MjJiZDAzMDNiZmUzODRjIiwKICAgICAgICAgICAgICAgICJidWlsZF9jb25maWdfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3N3Zi8uZ2l0aHViL3dvcmtmbG93cy9waXBlbGluZS55bWxAcmVmcy9oZWFkcy8qIiwKICAgICAgICAgICAgICAgICJydW5uZXJfZW52aXJvbm1lbnQiOiAiZ2l0aHViLWhvc3RlZCIKICAgICAgICAgICAgICB9CiAgICAgICAgICAgIH0KICAgICAgICAgIH0KICAgICAgICBdCiAgICAgIH0sCiAgICAgICJnZW5lcmF0ZS1zYm9tIjogewogICAgICAgICJuYW1lIjogImdlbmVyYXRlLXNib20iLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAic2VjcmV0LXNjYW4iOiB7CiAgICAgICAgIm5hbWUiOiAic2VjcmV0LXNjYW4iLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9CiAgICB9LAogICAgInJvb3RzIjogewogICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSI6IHsKICAgICAgICAiY2VydGlmaWNhdGUiOiAiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTkhha05EUVdGSFowRjNTVUpCWjBsVlFVeHVWbWxXWm01Vk1HSnlTbUZ6YlZKclNISnVMMVZ1Wm1GUmQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1MycEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWtWM1JIZFpSRlpSVVVSRmQyaDZZVmRrZW1SSE9YbGFWRUZsUm5jd2VRcE5ha0V3VFZSTmVVMUVRVEpOVkZaaFJuY3dlazFVUlhkTlJGVjRUWHBWTWs1VWFHRk5SR040UmxSQlZFSm5UbFpDUVc5VVJFaE9jRm96VGpCaU0wcHNDa3h0VW14a2FrVmxUVUozUjBFeFZVVkJlRTFXWXpKc2JtTXpVblpqYlZWMFlWYzFNRnBZU25SYVYxSndXVmhTYkUxSVdYZEZRVmxJUzI5YVNYcHFNRU1LUVZGWlJrczBSVVZCUTBsRVdXZEJSVGhTVmxNdmVYTklLMDVQZG5WRVdubFFTVnAwYVd4blZVWTVUbXhoY2xsd1FXUTVTRkF4ZGtKQ1NERlZOVU5XTndvM1RGTlROM013V21sSU5HNUZOMGgyTjNCMFV6Wk1kblpTTDFOVWF6YzVPRXhXWjAxNlRHeEtORWhsU1daR00zUklVMkZsZUV4aldYQlRRVk55TVd0VENqQk9MMUpuUWtwNkx6bHFWME5wV0c1dk0zTjNaVlJCVDBKblRsWklVVGhDUVdZNFJVSkJUVU5CVVZsM1JYZFpSRlpTTUd4Q1FYZDNRMmRaU1V0M1dVSUtRbEZWU0VGM1RYZEZaMWxFVmxJd1ZFRlJTQzlDUVdkM1FtZEZRaTkzU1VKQlJFRmtRbWRPVmtoUk5FVkdaMUZWTXpsUWNIb3hXV3RGV21JMWNVNXFjQXBMUmxkcGVHazBXVnBFT0hkSWQxbEVWbEl3YWtKQ1ozZEdiMEZWVjAxQlpWZzFSa1p3VjJGd1pYTjVVVzlhVFdrd1EzSkdlR1p2ZDBObldVbExiMXBKQ25wcU1FVkJkMDFFV25kQmQxcEJTWGRRUTNOUlN6UkVXV2xhV1VSUVNXRkVhVFZJUmt0dVpuaFllRFpCVTFOV2JVVlNabk41YmxsQ2FWZ3lXRFpUU2xJS2JscFZPRFF2T1VSYVpHNUdkblo0YlVGcVFrOTBObEZ3UW14ak5Fb3ZNRVI0ZG10VVEzRndZMngyZW1sTU5rSkRRMUJ1YW1Sc1NVSXpVSFV6UW5oelVBcHRlV2RWV1RkSmFUSjZZbVJEWkd4cGFXOTNQUW90TFMwdExVVk9SQ0JEUlZKVVNVWkpRMEZVUlMwdExTMHRDZ289IiwKICAgICAgICAiaW50ZXJtZWRpYXRlcyI6IFsKICAgICAgICAgICJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VJNWVrTkRRVmg1WjBGM1NVSkJaMGxWUVV4YVRrRlFSbVI0U0ZCM2FtVkViRzlFZDNsWlEyaEJUeTgwZDBObldVbExiMXBKZW1vd1JVRjNUWGNLUzJwRlZrMUNUVWRCTVZWRlEyaE5UV015Ykc1ak0xSjJZMjFWZFZwSFZqSk5Va1YzUkhkWlJGWlJVVVJGZDJoNllWZGtlbVJIT1hsYVZFRmxSbmN3ZVFwTlZFVjNUVVJqZUUxNlZUSk9WR3hoUm5jd2VrMVVSWGROUkZWNFRYcFZNazVVYUdGTlEyOTRSbFJCVkVKblRsWkNRVzlVUkVoT2NGb3pUakJpTTBwc0NreHRVbXhrYWtWU1RVRTRSMEV4VlVWQmVFMUpZekpzYm1NelVuWmpiVlYzWkdwQlVVSm5ZM0ZvYTJwUFVGRkpRa0puVlhKblVWRkJTV2RPYVVGQlZEY0tXR1ZHVkRSeVlqTlFVVWQzVXpSSllXcDBUR3N6TDA5c2JuQm5ZVzVuWVVKamJGbHdjMWxDY2pWcEt6UjVia0l3TjJObFlqTk1VREJQU1U5YVpIaGxlQXBZTmpsak5XbFdkWGxLVWxFclNIb3dOWGxwSzFWR00zVkNWMEZzU0hCcFV6VnphREFyU0RKSFNFVTNVMWh5YXpGRlF6VnRNVlJ5TVRsTU9XZG5PVEpxQ2xsNlFtaE5RVFJIUVRGVlpFUjNSVUl2ZDFGRlFYZEpRa0pxUVZCQ1owNVdTRkpOUWtGbU9FVkNWRUZFUVZGSUwwMUNNRWRCTVZWa1JHZFJWMEpDVWxrS2QwSTFabXRWVjJ4YWNXdzJla3BEYUd0NVRGRkxjMWhHSzJwQlprSm5UbFpJVTAxRlIwUkJWMmRDVWxsM1FqVm1hMVZYYkZweGJEWjZTa05vYTNsTVVRcExjMWhHSzJwQlMwSm5aM0ZvYTJwUFVGRlJSRUYzVG5CQlJFSnRRV3BGUVdveGJraGxXRnB3S3pFelRsZENUbUVyUlVSelJGQTRSekZYVjJjeGRFTk5DbGRRTDFkSVVIRndZVlp2TUdwb2MzZGxUa1phWjFOek1HVkZOM2RaU1RSeFFXcEZRVEpYUWpsdmREazRjMGxyYjBZemRscFpaR1F6TDFaMFYwSTFZamtLVkU1TlpXRTNTWGd2YzNSS05WUm1ZMHhNWlVGQ1RFVTBRazVLVDNOUk5IWnVRa2hLQ2kwdExTMHRSVTVFSUVORlVsUkpSa2xEUVZSRkxTMHRMUzBLIgogICAgICAgIF0KICAgICAgfQogICAgfSwKICAgICJ0aW1lc3RhbXBhdXRob3JpdGllcyI6IHsKICAgICAgImZyZWV0c2EiOiB7CiAgICAgICAgImNlcnRpZmljYXRlIjogIkxTMHRMUzFDUlVkSlRpQkRSVkpVU1VaSlEwRlVSUzB0TFMwdENrMUpTVWd2ZWtORFFtVmxaMEYzU1VKQlowbEtRVTFJY0dob1dVNXhUMjFCVFVFd1IwTlRjVWRUU1dJelJGRkZRa1JSVlVGTlNVZFdUVkpGZDBSM1dVUUtWbEZSUzBWM2FFZGpiVlpzU1VaU1ZGRlVSVkZOUVRSSFFURlZSVU40VFVoVmJUbDJaRU5DUkZGVVJWbE5RbGxIUVRGVlJVRjRUVkJrTTJRelRHMWFlUXBhVjFZd1l6SkZkV0l6U201TlUwbDNTVUZaU2t0dldrbG9kbU5PUVZGclFrWm9UbWxrV0U1d1lrZFdObGxZVGtGYU1qRm9ZVmQzZFZreU9YUk5Va2wzQ2tWQldVUldVVkZJUlhkc1dHUlhWbmxsYlVveFkyMWplRVI2UVU1Q1owNVdRa0ZuVkVKclNtaGxWMVo1WW1wRlRFMUJhMGRCTVZWRlFtaE5RMUpGVlhjS1NHaGpUazFVV1hkTmVrVjZUVVJGTVUxcVJYcFhhR05PVGtSRmQwMTZRVE5OUkVVeFRXcEZlbGRxUTBKc1ZFVlNUVUU0UjBFeFZVVkRhRTFKVW01S2JBcGFVMEpWVlRCRmVFVkVRVTlDWjA1V1FrRnpWRUl4U25aaU0xRm5VVEJGZUVkRVFWZENaMDVXUWtGTlZFUXpaRE5rZVRWdFkyMVdiR1JJVG1oTWJUbDVDbHA2UldsTlEwRkhRMU54UjFOSllqTkVVVVZLUVZKWlZGbHVWbnBoVjNoc1pXMUdlbEZIWkhSWlYyeHpURzFPZG1KVVJWTk5Ra0ZIUVRGVlJVSjRUVW9LVmpOV2JHTnVjR2xrV0VwdVRWRTRkMFJSV1VSV1VWRkpSWGRhUTFsWWJHeGpiVFI0UTNwQlNrSm5UbFpDUVZsVVFXdFNSazFKU1VOSmFrRk9RbWRyY1Fwb2EybEhPWGN3UWtGUlJVWkJRVTlEUVdjNFFVMUpTVU5EWjB0RFFXZEZRWFJuUzA5RWFrRjVPRkpGVVRKWFZFNXhWWFZrUVc1cWFHeERjbkJGTm5Gc0NtMVJaazV3Y0dWVWJWWjJXbkpJTkhwMWRHNHJUbmRVWVVoQlIzQnFVMGQyTkM5WFVuQmFNWGRhTTBKU1dqVnRVRlZDV25sTVozRXdXWEpKWmxFMVJuZ0tNSE12VFZKYVVIcGpNWEl6YkV0WGNrMVNPWE5CVVhnMGJVNDBlakV4ZUVaRlR6VXlPVXd3WkVaS2FsQkdPVTFFT0Vkd1pESm1aVmQ2UjNsd2RHeGxiQXBpSzFCeFZDc3JLMlpQWVRKdldUQXJUbUZOVFRkc0wzaGpUa2hRVDJGTmVqQXZNbTlzYXpCcE1qSm9Za3RsVm1oMmIydFFRM0ZvUm1oNmMzVm9TM050Q25FMFQyWXZieXQwTm1SSk4zTjROV2d3YmxCTmJUUm5SMU5TYUdaeEszbzJRbFJTWjBOeWNWRkhNa1pQVEc5V1JtZDBObWxKYlM5Q2JrNW1abFZ5TjFZS1JGbGtNM3BhYlVsM1JrOXFMMGd6UkV0SWIwZHBheTk0U3pORk9ESlpRVEphZFd4V1QwWlNWeTk2YWpSQmNHcFFZVFZQUm1Kd1NXdGtNSEJ0ZW5oNlpBcEZZMHcwTnpsb1UwRTVaRVpwZVZadFUzaFFkRmsxZW1VeFVDdENSVGxpVFZVeFVGTmpjRko2ZHpoTlNFWlllSGxMY1ZjeE0xRjJOMHhYZHpSelltc3pDbE5qYVVJM1IwRkRZbEZwVmtkNloydDJXRWMyZVRnMVNFOTFkbGRPZGtNMVIweFRhWGxRT1Vkc1VFSXdWalk0ZEdKNGVqUktWbFJTWkhjdldHNHZXRlFLUms1NlVrSk5NMk54T0d4Q1QwRldkQzlRUVZnMUszVkdZM1l4VXpsM1JrVTRXV3BoUW1aWFExQXhhbVJDYVd3cll6UmxLekIwWkhsM1ZESnZTbTFaUWdwQ1JpOXJSWFF4ZDIxSGQwMXRTSFZ1VGtWMVVVNTZhREZHZEVwWk5UUm9ZbFZtYVZkcE16aHRRVk5GTjNoTmRFMW9abW92UXpSVGRtRndhVVJPT0RNM0NtZFpZVkJtY3poNE0wdGFlR0pZTjBNeldVRnpSbTVLYVc1c2QwRlZjM014Wm1STFlYSTRVUzlaVm5NM1NDOXVWVFJqTkVsNGVIaDZOR1kyTjJaalZuRUtUVEpKVkV0bGJuUmlRMDFEUVhkRlFVRmhUME5CYXpSM1oyZEtTMDFCZDBkQk1WVmtSWGRSUmsxQlRVSkJaamgzUkdkWlJGWlNNRkJCVVVndlFrRlJSQXBCWjBoSFRVSXdSMEV4VldSRVoxRlhRa0pVTmxaUk1rMU9SMXBTVVRCNk16VTNUMjVpU2xkMlpYVmhhMng2UTBKNVoxbEVWbEl3YWtKSlNFTk5TVWN2Q21kQ1ZEWldVVEpOVGtkYVVsRXdlak0xTjA5dVlrcFhkbVYxWVd0c05rZENiVFpUUW0xRVEwSnNWRVZTVFVFNFIwRXhWVVZEYUUxSlVtNUtiRnBUUWxVS1ZUQkZlRVZFUVU5Q1owNVdRa0Z6VkVJeFNuWmlNMUZuVVRCRmVFZEVRVmRDWjA1V1FrRk5WRVF6WkROa2VUVnRZMjFXYkdSSVRtaE1iVGw1V25wRmFRcE5RMEZIUTFOeFIxTkpZak5FVVVWS1FWSlpWRmx1Vm5waFYzaHNaVzFHZWxGSFpIUlpWMnh6VEcxT2RtSlVSVk5OUWtGSFFURlZSVUo0VFVwV00xWnNDbU51Y0dsa1dFcHVUVkU0ZDBSUldVUldVVkZKUlhkYVExbFliR3hqYlRSNFEzcEJTa0puVGxaQ1FWbFVRV3RTUm1kbmEwRjNaVzFIUm1jeWJ6WlpRWGNLVFhkWlJGWlNNR1pDUTNkM1MycEJiMjlEWVdkS1NWbHBZVWhTTUdORWIzWk1NMlF6WkhrMWJXTnRWbXhrU0U1b1RHMDVlVnA1T1hsaU1qa3dXREpPYUFwTWJVNTVZa1JEUW5wM1dVUldVakJuUWtsSVNFMUpTRVZOU1VoQ1FtZHZja0puUlVWQldVaDVTa0ZGUWsxSlIzbE5SRTFIUTBOelIwRlJWVVpDZDBsQ0NrWnBaRzlrU0ZKM1QyazRkbVF6WkROTWJWcDVXbGRXTUdNeVJYVmlNMHB1VERKYWVWcFhWakJqTWtabVdUTkNla3h0YURCaVYzZDNUV2RaU1V0M1dVSUtRbEZWU0VGblJWZEtiV2d3WkVoQk5reDVPVE5rTTJOMVdtNUtiRnBZVW5wWlV6VjJZMjFqZGxwdVNteGFXRko2V1ZZNWFtTklUWFZqUjFKdFRVVmpSd3BEUTNOSFFWRlZSa0ozU1VOTlJITmhUMVZhZVZwWFZsVlZNRVZuWkVoS01XTXpVbXhhUTBJd1lWY3hiR016VW1oaVdFSndZbTFqWjFVeU9XMWtTR1JvQ21OdFZXZFpXRTFuV1ZOQ1ZGcFlTakpoVjA1c1NVTm9WRmxYUmxSTFZFRXpRbWRuY2tKblJVWkNVV05DUVZGUmNrMURhM2RLZDFsSlMzZFpRa0pSVlVnS1RVRkhSMGN5YURCa1NFRTJUSGs1TTJRelkzVmFia3BzV2xoU2VsbFROWFpqYldNMlRXcFZNazFFUVU1Q1oydHhhR3RwUnpsM01FSkJVVEJHUVVGUFF3cEJaMFZCWVVzNUszWTFUMFpaZFRsTk5ucDBXVU1yVERZNWMzY3hiMjFrZVd4cE9EbHNXa0ZtY0ZkTlRXZzVRMUp0U21oTk5rdENjVTB2YVhCM2IweDBDbTU0ZVhoSGMySkRVR2hqVVdwMVZIWjZiU3Q1YkU0MlZuZFVUVzFKYkZaNVZsTk1TMWxhWTJSVGFuUXZaVU5WVGlzME1VczNjMFEzUjFadGVGcENRVVlLU1V4dVFrUnRWRWRLYlV4cmNsVXdTM1YxU1hCcU9HeEpMMFUyV2paT2JtMTFVRElyVWtGUlUwaHpaa0pSYVRaemMzTnVXRTF2TkVoUFZ6Vm5kRkJQTndwblJISlZjRlpZU1VRckt6RlFORmh1Wkd0dlMyNDNVM1ozTlc0d2VsTTVabll4YUhoQ1kxbEpTRkJRVVZWNlpUSjFNekJpUVZGME1HNHdhVWw1VWt4NkNtRlhkV2gwY0VGMFpEZG1abmRGWWtGVFozcENOMFVyVGtkR05IUndWak0zWlRoTGFVRXllR2xIVTFKeFZEVnVaSFV5T0dabmNFOVpPRGRuUkROQmNsb0tSR04wV25aMlZFTm1TR1JCVXpWclJVOHpaMjVIUjJWYVJWWk1SRzFtUlhOMk9GUkhTbUV6UVd4cVZtRTFSVFF3U1ZGRWMxVlljRkZNYVRoSEsxVkROQW94UkZkYWRUaEZWbFEwY201WllVTjNNVlpZTjFOb1QxSXhVRTVEUTNacVlqaFRPSFJtWkhWa1pEbDZhRlV6WjBWQ01ISjRaR1ZVZVRGMFZtSk9URmhYQ2prNWVUa3dlR04zY2pGYVNVUlZkMDB2ZUZFdmJtOVBPRVpTYUcwd1RHOVFRemN6UldZclNqUmFRbVJ5ZGxkM1lYVkdNM3BLWlRNelpEUnBZbmhGWTJJS09DOXdlalZYZWtaclpXbDRXVTB5Ym5OSWFIRkljMEpMZHpkS1VHOTFTMDVZVW01c05VbEJSVEZsUm0xeFJIbEROMGN2VmxRM1QwWTJOamw0VFRab1lncFZkRFZITWpGS1JUUmpUa3MyVGs1MVkxTXJabnBuTVVwUVdEQXJNMVpvYzFsYWFtbzNSRFYxYkdwU2RsRllja280YVVobmNpOU5ObW95YjB4SWRsUkJDa2t5VFV4a2NUSnhhbHBHUkU5RFdITjRRbmhLY0dKdFRFZENlRGx2ZHpaYVpYSnNWWGg2ZDNNeVFWZDJNbkJyUFFvdExTMHRMVVZPUkNCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2c9PSIKICAgICAgfQogICAgfQogIH0K","payloadType":"https://witness.testifysec.com/policy/v0.1","signatures":[{"keyid":"6516d0812cb5a0d01f7f014f88e04c5d4c2d89a64e788a12950ba950fb43ef45","sig":"e9YGQxkgqlZqT8A3jISXSVGhNIUnImyPI+1poGhZSMspFah80Rd6UedISTBI28Y06+vFxaaNPViYPUC81wsPMCiPEUKZEYZkZSpvEArJanFXcHKiDzJ1XptvP1LDxqQ02jwHDIF4UAreg50mf05HhlNDU57olbhnNPkXsvEzy/Mjx2wMwXWONM/qZNYIrVFuL7dcVPzl74E69aK08nuCLjPOW8hB8jsCXv2+zZ+qBMw3zSwAGLblpNoeZZidHDRUiZKUAOsXRRcn1qL580wpEJftucVFFAdI61q3hWhr5kvB0ql3Nz5VXq921X8kH66iCjP8sq6D/utEV8BsiNUL4A=="}]}
diff --git a/policy.json b/policy.json
index f633496..9384244 100644
--- a/policy.json
+++ b/policy.json
@@ -282,60 +282,9 @@
           },
           {
             "type": "https://witness.dev/attestations/product/v0.1"
-          }
-        ],
-        "functionaries": [
-          {
-            "type": "root",
-            "certConstraint": {
-              "commonname": "*",
-              "dnsnames": [
-                "*"
-              ],
-              "emails": [
-                "*"
-              ],
-              "organizations": [
-                "*"
-              ],
-              "uris": [
-                "*"
-              ],
-              "roots": [
-                "dcf166eebe7cbd9760947a88213d94e656349c647d439569dc76a275f05b7159"
-              ],
-              "extensions": {
-                "issuer": "https://token.actions.githubusercontent.com",
-                "source_repository_uri": "https://github.com/testifysec/swf",
-                "build_signer_uri": "https://github.com/testifysec/witness-run-action/.github/workflows/witness.yml@refs/heads/reusable-workflow",
-                "build_signer_digest": "d66f89ec8539398ed9904d1a622bd0303bfe384c",
-                "build_config_uri": "https://github.com/testifysec/swf/.github/workflows/pipeline.yml@refs/heads/*",
-                "runner_environment": "github-hosted"
-              }
-            }
-          }
-        ]
-      },
-      "save-image": {
-        "name": "save-image",
-        "attestations": [
-          {
-            "type": "https://witness.dev/attestations/environment/v0.1"
           },
           {
-            "type": "https://witness.dev/attestations/git/v0.1"
-          },
-          {
-            "type": "https://witness.dev/attestations/material/v0.1"
-          },
-          {
-            "type": "https://witness.dev/attestations/command-run/v0.1"
-          },
-          {
-            "type": "https://slsa.dev/provenance/v1.0"
-          },
-          {
-            "type": "https://witness.dev/attestations/product/v0.1"
+            "type": "https://witness.dev/attestations/oci/v0.1"
           }
         ],
         "functionaries": [

From 3fc03d01ba22f383c5dcacaa37d81a715a0e1e09 Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Mon, 30 Sep 2024 10:29:17 -0500
Subject: [PATCH 02/30] Switch to default archivista

Signed-off-by: John Kjell <john@testifysec.com>
---
 .github/workflows/pipeline.yml | 11 +----------
 1 file changed, 1 insertion(+), 10 deletions(-)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index 19b08e9..45d7b9d 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -19,7 +19,6 @@ jobs:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: fmt
       attestations: "git github environment"
-      archivista-server: "https://judge-api.aws-sandbox-staging.testifysec.dev"
       command: go fmt ./...
 
   vet:
@@ -28,7 +27,6 @@ jobs:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: vet
       attestations: "git github environment"
-      archivista-server: "https://judge-api.aws-sandbox-staging.testifysec.dev"
       command: go vet ./...
 
   # --ignore DL3002    
@@ -39,7 +37,6 @@ jobs:
       step: lint
       pre-command-attestations: "git github environment"
       attestations: "git github environment"
-      archivista-server: "https://judge-api.aws-sandbox-staging.testifysec.dev"
       pre-command: |
         curl -sSfL https://github.com/hadolint/hadolint/releases/download/v2.12.0/hadolint-Linux-x86_64 -o /usr/local/bin/hadolint && \
         chmod +x /usr/local/bin/hadolint
@@ -54,7 +51,6 @@ jobs:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: unit-test
       attestations: "git github environment"
-      archivista-server: "https://judge-api.aws-sandbox-staging.testifysec.dev"
       command: go test ./... -coverprofile cover.out
       artifact-upload-name: cover.out
       artifact-upload-path: cover.out
@@ -67,7 +63,6 @@ jobs:
       step: sast
       pre-command-attestations: "git github environment"
       attestations: "git github environment"
-      archivista-server: "https://judge-api.aws-sandbox-staging.testifysec.dev"      
       pre-command: python3 -m pip install semgrep==1.45.0
       command: semgrep scan --config auto ./ --sarif -o semgrep.sarif
       artifact-upload-name: semgrep.sarif
@@ -121,7 +116,6 @@ jobs:
         version: 0.6.0
         step: build-image
         attestations: "git github environment oci slsa"
-        archivista-server: "https://judge-api.aws-sandbox-staging.testifysec.dev"        
         command: |
           /bin/sh -c "docker buildx build -t ${{ steps.meta.outputs.tags }} -o type=docker,dest=image.tar --push ."
           
@@ -142,7 +136,6 @@ jobs:
       step: generate-sbom 
       pre-command-attestations: "git github environment"
       attestations: "git github environment sbom"
-      archivista-server: "https://judge-api.aws-sandbox-staging.testifysec.dev"      
       artifact-download: image.tar
       pre-command: |
         curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin
@@ -159,7 +152,6 @@ jobs:
       step: secret-scan
       pre-command-attestations: "git github environment"
       attestations: "git github environment"
-      archivista-server: "https://judge-api.aws-sandbox-staging.testifysec.dev"      
       artifact-download: image.tar
       pre-command: |
         curl -sSfL https://raw.githubusercontent.com/trufflesecurity/trufflehog/main/scripts/install.sh | sh -s -- -b /usr/local/bin
@@ -178,10 +170,9 @@ jobs:
       step: verify 
       pre-command-attestations: "git github environment"
       attestations: "git github environment"
-      archivista-server: "https://judge-api.aws-sandbox-staging.testifysec.dev"      
       artifact-download: image.tar
       pre-command: |
         curl -sSfL https://github.com/in-toto/witness/releases/download/v0.6.0/witness_0.6.0_linux_amd64.tar.gz -o witness.tar.gz && \
         tar -xzvf witness.tar.gz -C /usr/local/bin/ && rm ./witness.tar.gz
       command: |
-        witness verify -p policy-signed.json -k swfpublic.pem -f /tmp/image.tar --enable-archivista --archivista-server https://judge-api.aws-sandbox-staging.testifysec.dev -l debug
+        witness verify -p policy-signed.json -k swfpublic.pem -f /tmp/image.tar --enable-archivista -l debug

From 7732366f6e4db96499edae9e9bf130c95abb4754 Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Mon, 30 Sep 2024 23:03:02 -0400
Subject: [PATCH 03/30] Update pipeline - please approve (#9)

Signed-off-by: John Kjell <john@testifysec.com>
---
 .github/workflows/pipeline.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index 45d7b9d..162eb2f 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -40,7 +40,7 @@ jobs:
       pre-command: |
         curl -sSfL https://github.com/hadolint/hadolint/releases/download/v2.12.0/hadolint-Linux-x86_64 -o /usr/local/bin/hadolint && \
         chmod +x /usr/local/bin/hadolint
-      command: hadolint -f sarif Dockerfile > hadolint.sarif
+      command: hadolint --ignore DL3002 -f sarif Dockerfile > hadolint.sarif
       artifact-upload-name: hadolint.sarif
       artifact-upload-path: hadolint.sarif
 

From d981a28448f8eacc1985f2da8ab30e7f5656509c Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Tue, 1 Oct 2024 09:24:09 -0400
Subject: [PATCH 04/30] Add webhook attestations to policy (#10)

Signed-off-by: John Kjell <john@testifysec.com>
---
 policy-signed.json |  2 +-
 policy.json        | 26 ++++++++++++++++++++++++++
 policy.rego        | 20 +++++++++++++++++++-
 3 files changed, 46 insertions(+), 2 deletions(-)

diff --git a/policy-signed.json b/policy-signed.json
index 73a3b4b..acfd81b 100644
--- a/policy-signed.json
+++ b/policy-signed.json
@@ -1 +1 @@
-{"payload":"ewogICAgImV4cGlyZXMiOiAiMjAyNS0xMi0xN1QyMzo1Nzo0MC0wNTowMCIsCiAgICAic3RlcHMiOiB7CiAgICAgICJmbXQiOiB7CiAgICAgICAgIm5hbWUiOiAiZm10IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfSwKICAgICAgInZldCI6IHsKICAgICAgICAibmFtZSI6ICJ2ZXQiLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAibGludCI6IHsKICAgICAgICAibmFtZSI6ICJsaW50IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIsCiAgICAgICAgICAgICJyZWdvcG9saWNpZXMiOiBbCiAgICAgICAgICAgICAgewogICAgICAgICAgICAgICAgIm5hbWUiOiAiZXhwZWN0ZWQgY29tbWFuZCIsCiAgICAgICAgICAgICAgICAibW9kdWxlIjogImNHRmphMkZuWlNCamIyMXRZVzVrY25WdUxtTnRaQW9LWkdWdWVWdHRjMmRkSUhzS0NXbHVjSFYwTG1OdFpDQWhQU0JiSWk5aWFXNHZjMmdpTENBaUxXTWlMQ0FpYUdGa2IyeHBiblFnTFdZZ2MyRnlhV1lnUkc5amEyVnlabWxzWlNBK0lHaGhaRzlzYVc1MExuTmhjbWxtSWwwS0NXMXpaeUE2UFNBaWRXNWxlSEJsWTNSbFpDQmpiV1FpQ24wSyIKICAgICAgICAgICAgICB9CiAgICAgICAgICAgIF0KICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfSwKICAgICAgInVuaXQtdGVzdCI6IHsKICAgICAgICAibmFtZSI6ICJ1bml0LXRlc3QiLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAic2FzdCI6IHsKICAgICAgICAibmFtZSI6ICJzYXN0IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfSwKICAgICAgImJ1aWxkLWltYWdlIjogewogICAgICAgICJuYW1lIjogImJ1aWxkLWltYWdlIiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vc2xzYS5kZXYvcHJvdmVuYW5jZS92MS4wIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvb2NpL3YwLjEiCiAgICAgICAgICB9CiAgICAgICAgXSwKICAgICAgICAiZnVuY3Rpb25hcmllcyI6IFsKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAicm9vdCIsCiAgICAgICAgICAgICJjZXJ0Q29uc3RyYWludCI6IHsKICAgICAgICAgICAgICAiY29tbW9ubmFtZSI6ICIqIiwKICAgICAgICAgICAgICAiZG5zbmFtZXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJlbWFpbHMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJvcmdhbml6YXRpb25zIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAidXJpcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInJvb3RzIjogWwogICAgICAgICAgICAgICAgImRjZjE2NmVlYmU3Y2JkOTc2MDk0N2E4ODIxM2Q5NGU2NTYzNDljNjQ3ZDQzOTU2OWRjNzZhMjc1ZjA1YjcxNTkiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZXh0ZW5zaW9ucyI6IHsKICAgICAgICAgICAgICAgICJpc3N1ZXIiOiAiaHR0cHM6Ly90b2tlbi5hY3Rpb25zLmdpdGh1YnVzZXJjb250ZW50LmNvbSIsCiAgICAgICAgICAgICAgICAic291cmNlX3JlcG9zaXRvcnlfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3N3ZiIsCiAgICAgICAgICAgICAgICAiYnVpbGRfc2lnbmVyX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy93aXRuZXNzLXJ1bi1hY3Rpb24vLmdpdGh1Yi93b3JrZmxvd3Mvd2l0bmVzcy55bWxAcmVmcy9oZWFkcy9yZXVzYWJsZS13b3JrZmxvdyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfc2lnbmVyX2RpZ2VzdCI6ICJkNjZmODllYzg1MzkzOThlZDk5MDRkMWE2MjJiZDAzMDNiZmUzODRjIiwKICAgICAgICAgICAgICAgICJidWlsZF9jb25maWdfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3N3Zi8uZ2l0aHViL3dvcmtmbG93cy9waXBlbGluZS55bWxAcmVmcy9oZWFkcy8qIiwKICAgICAgICAgICAgICAgICJydW5uZXJfZW52aXJvbm1lbnQiOiAiZ2l0aHViLWhvc3RlZCIKICAgICAgICAgICAgICB9CiAgICAgICAgICAgIH0KICAgICAgICAgIH0KICAgICAgICBdCiAgICAgIH0sCiAgICAgICJnZW5lcmF0ZS1zYm9tIjogewogICAgICAgICJuYW1lIjogImdlbmVyYXRlLXNib20iLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAic2VjcmV0LXNjYW4iOiB7CiAgICAgICAgIm5hbWUiOiAic2VjcmV0LXNjYW4iLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9CiAgICB9LAogICAgInJvb3RzIjogewogICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSI6IHsKICAgICAgICAiY2VydGlmaWNhdGUiOiAiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTkhha05EUVdGSFowRjNTVUpCWjBsVlFVeHVWbWxXWm01Vk1HSnlTbUZ6YlZKclNISnVMMVZ1Wm1GUmQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1MycEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWtWM1JIZFpSRlpSVVVSRmQyaDZZVmRrZW1SSE9YbGFWRUZsUm5jd2VRcE5ha0V3VFZSTmVVMUVRVEpOVkZaaFJuY3dlazFVUlhkTlJGVjRUWHBWTWs1VWFHRk5SR040UmxSQlZFSm5UbFpDUVc5VVJFaE9jRm96VGpCaU0wcHNDa3h0VW14a2FrVmxUVUozUjBFeFZVVkJlRTFXWXpKc2JtTXpVblpqYlZWMFlWYzFNRnBZU25SYVYxSndXVmhTYkUxSVdYZEZRVmxJUzI5YVNYcHFNRU1LUVZGWlJrczBSVVZCUTBsRVdXZEJSVGhTVmxNdmVYTklLMDVQZG5WRVdubFFTVnAwYVd4blZVWTVUbXhoY2xsd1FXUTVTRkF4ZGtKQ1NERlZOVU5XTndvM1RGTlROM013V21sSU5HNUZOMGgyTjNCMFV6Wk1kblpTTDFOVWF6YzVPRXhXWjAxNlRHeEtORWhsU1daR00zUklVMkZsZUV4aldYQlRRVk55TVd0VENqQk9MMUpuUWtwNkx6bHFWME5wV0c1dk0zTjNaVlJCVDBKblRsWklVVGhDUVdZNFJVSkJUVU5CVVZsM1JYZFpSRlpTTUd4Q1FYZDNRMmRaU1V0M1dVSUtRbEZWU0VGM1RYZEZaMWxFVmxJd1ZFRlJTQzlDUVdkM1FtZEZRaTkzU1VKQlJFRmtRbWRPVmtoUk5FVkdaMUZWTXpsUWNIb3hXV3RGV21JMWNVNXFjQXBMUmxkcGVHazBXVnBFT0hkSWQxbEVWbEl3YWtKQ1ozZEdiMEZWVjAxQlpWZzFSa1p3VjJGd1pYTjVVVzlhVFdrd1EzSkdlR1p2ZDBObldVbExiMXBKQ25wcU1FVkJkMDFFV25kQmQxcEJTWGRRUTNOUlN6UkVXV2xhV1VSUVNXRkVhVFZJUmt0dVpuaFllRFpCVTFOV2JVVlNabk41YmxsQ2FWZ3lXRFpUU2xJS2JscFZPRFF2T1VSYVpHNUdkblo0YlVGcVFrOTBObEZ3UW14ak5Fb3ZNRVI0ZG10VVEzRndZMngyZW1sTU5rSkRRMUJ1YW1Sc1NVSXpVSFV6UW5oelVBcHRlV2RWV1RkSmFUSjZZbVJEWkd4cGFXOTNQUW90TFMwdExVVk9SQ0JEUlZKVVNVWkpRMEZVUlMwdExTMHRDZ289IiwKICAgICAgICAiaW50ZXJtZWRpYXRlcyI6IFsKICAgICAgICAgICJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VJNWVrTkRRVmg1WjBGM1NVSkJaMGxWUVV4YVRrRlFSbVI0U0ZCM2FtVkViRzlFZDNsWlEyaEJUeTgwZDBObldVbExiMXBKZW1vd1JVRjNUWGNLUzJwRlZrMUNUVWRCTVZWRlEyaE5UV015Ykc1ak0xSjJZMjFWZFZwSFZqSk5Va1YzUkhkWlJGWlJVVVJGZDJoNllWZGtlbVJIT1hsYVZFRmxSbmN3ZVFwTlZFVjNUVVJqZUUxNlZUSk9WR3hoUm5jd2VrMVVSWGROUkZWNFRYcFZNazVVYUdGTlEyOTRSbFJCVkVKblRsWkNRVzlVUkVoT2NGb3pUakJpTTBwc0NreHRVbXhrYWtWU1RVRTRSMEV4VlVWQmVFMUpZekpzYm1NelVuWmpiVlYzWkdwQlVVSm5ZM0ZvYTJwUFVGRkpRa0puVlhKblVWRkJTV2RPYVVGQlZEY0tXR1ZHVkRSeVlqTlFVVWQzVXpSSllXcDBUR3N6TDA5c2JuQm5ZVzVuWVVKamJGbHdjMWxDY2pWcEt6UjVia0l3TjJObFlqTk1VREJQU1U5YVpIaGxlQXBZTmpsak5XbFdkWGxLVWxFclNIb3dOWGxwSzFWR00zVkNWMEZzU0hCcFV6VnphREFyU0RKSFNFVTNVMWh5YXpGRlF6VnRNVlJ5TVRsTU9XZG5PVEpxQ2xsNlFtaE5RVFJIUVRGVlpFUjNSVUl2ZDFGRlFYZEpRa0pxUVZCQ1owNVdTRkpOUWtGbU9FVkNWRUZFUVZGSUwwMUNNRWRCTVZWa1JHZFJWMEpDVWxrS2QwSTFabXRWVjJ4YWNXdzJla3BEYUd0NVRGRkxjMWhHSzJwQlprSm5UbFpJVTAxRlIwUkJWMmRDVWxsM1FqVm1hMVZYYkZweGJEWjZTa05vYTNsTVVRcExjMWhHSzJwQlMwSm5aM0ZvYTJwUFVGRlJSRUYzVG5CQlJFSnRRV3BGUVdveGJraGxXRnB3S3pFelRsZENUbUVyUlVSelJGQTRSekZYVjJjeGRFTk5DbGRRTDFkSVVIRndZVlp2TUdwb2MzZGxUa1phWjFOek1HVkZOM2RaU1RSeFFXcEZRVEpYUWpsdmREazRjMGxyYjBZemRscFpaR1F6TDFaMFYwSTFZamtLVkU1TlpXRTNTWGd2YzNSS05WUm1ZMHhNWlVGQ1RFVTBRazVLVDNOUk5IWnVRa2hLQ2kwdExTMHRSVTVFSUVORlVsUkpSa2xEUVZSRkxTMHRMUzBLIgogICAgICAgIF0KICAgICAgfQogICAgfSwKICAgICJ0aW1lc3RhbXBhdXRob3JpdGllcyI6IHsKICAgICAgImZyZWV0c2EiOiB7CiAgICAgICAgImNlcnRpZmljYXRlIjogIkxTMHRMUzFDUlVkSlRpQkRSVkpVU1VaSlEwRlVSUzB0TFMwdENrMUpTVWd2ZWtORFFtVmxaMEYzU1VKQlowbEtRVTFJY0dob1dVNXhUMjFCVFVFd1IwTlRjVWRUU1dJelJGRkZRa1JSVlVGTlNVZFdUVkpGZDBSM1dVUUtWbEZSUzBWM2FFZGpiVlpzU1VaU1ZGRlVSVkZOUVRSSFFURlZSVU40VFVoVmJUbDJaRU5DUkZGVVJWbE5RbGxIUVRGVlJVRjRUVkJrTTJRelRHMWFlUXBhVjFZd1l6SkZkV0l6U201TlUwbDNTVUZaU2t0dldrbG9kbU5PUVZGclFrWm9UbWxrV0U1d1lrZFdObGxZVGtGYU1qRm9ZVmQzZFZreU9YUk5Va2wzQ2tWQldVUldVVkZJUlhkc1dHUlhWbmxsYlVveFkyMWplRVI2UVU1Q1owNVdRa0ZuVkVKclNtaGxWMVo1WW1wRlRFMUJhMGRCTVZWRlFtaE5RMUpGVlhjS1NHaGpUazFVV1hkTmVrVjZUVVJGTVUxcVJYcFhhR05PVGtSRmQwMTZRVE5OUkVVeFRXcEZlbGRxUTBKc1ZFVlNUVUU0UjBFeFZVVkRhRTFKVW01S2JBcGFVMEpWVlRCRmVFVkVRVTlDWjA1V1FrRnpWRUl4U25aaU0xRm5VVEJGZUVkRVFWZENaMDVXUWtGTlZFUXpaRE5rZVRWdFkyMVdiR1JJVG1oTWJUbDVDbHA2UldsTlEwRkhRMU54UjFOSllqTkVVVVZLUVZKWlZGbHVWbnBoVjNoc1pXMUdlbEZIWkhSWlYyeHpURzFPZG1KVVJWTk5Ra0ZIUVRGVlJVSjRUVW9LVmpOV2JHTnVjR2xrV0VwdVRWRTRkMFJSV1VSV1VWRkpSWGRhUTFsWWJHeGpiVFI0UTNwQlNrSm5UbFpDUVZsVVFXdFNSazFKU1VOSmFrRk9RbWRyY1Fwb2EybEhPWGN3UWtGUlJVWkJRVTlEUVdjNFFVMUpTVU5EWjB0RFFXZEZRWFJuUzA5RWFrRjVPRkpGVVRKWFZFNXhWWFZrUVc1cWFHeERjbkJGTm5Gc0NtMVJaazV3Y0dWVWJWWjJXbkpJTkhwMWRHNHJUbmRVWVVoQlIzQnFVMGQyTkM5WFVuQmFNWGRhTTBKU1dqVnRVRlZDV25sTVozRXdXWEpKWmxFMVJuZ0tNSE12VFZKYVVIcGpNWEl6YkV0WGNrMVNPWE5CVVhnMGJVNDBlakV4ZUVaRlR6VXlPVXd3WkVaS2FsQkdPVTFFT0Vkd1pESm1aVmQ2UjNsd2RHeGxiQXBpSzFCeFZDc3JLMlpQWVRKdldUQXJUbUZOVFRkc0wzaGpUa2hRVDJGTmVqQXZNbTlzYXpCcE1qSm9Za3RsVm1oMmIydFFRM0ZvUm1oNmMzVm9TM050Q25FMFQyWXZieXQwTm1SSk4zTjROV2d3YmxCTmJUUm5SMU5TYUdaeEszbzJRbFJTWjBOeWNWRkhNa1pQVEc5V1JtZDBObWxKYlM5Q2JrNW1abFZ5TjFZS1JGbGtNM3BhYlVsM1JrOXFMMGd6UkV0SWIwZHBheTk0U3pORk9ESlpRVEphZFd4V1QwWlNWeTk2YWpSQmNHcFFZVFZQUm1Kd1NXdGtNSEJ0ZW5oNlpBcEZZMHcwTnpsb1UwRTVaRVpwZVZadFUzaFFkRmsxZW1VeFVDdENSVGxpVFZVeFVGTmpjRko2ZHpoTlNFWlllSGxMY1ZjeE0xRjJOMHhYZHpSelltc3pDbE5qYVVJM1IwRkRZbEZwVmtkNloydDJXRWMyZVRnMVNFOTFkbGRPZGtNMVIweFRhWGxRT1Vkc1VFSXdWalk0ZEdKNGVqUktWbFJTWkhjdldHNHZXRlFLUms1NlVrSk5NMk54T0d4Q1QwRldkQzlRUVZnMUszVkdZM1l4VXpsM1JrVTRXV3BoUW1aWFExQXhhbVJDYVd3cll6UmxLekIwWkhsM1ZESnZTbTFaUWdwQ1JpOXJSWFF4ZDIxSGQwMXRTSFZ1VGtWMVVVNTZhREZHZEVwWk5UUm9ZbFZtYVZkcE16aHRRVk5GTjNoTmRFMW9abW92UXpSVGRtRndhVVJPT0RNM0NtZFpZVkJtY3poNE0wdGFlR0pZTjBNeldVRnpSbTVLYVc1c2QwRlZjM014Wm1STFlYSTRVUzlaVm5NM1NDOXVWVFJqTkVsNGVIaDZOR1kyTjJaalZuRUtUVEpKVkV0bGJuUmlRMDFEUVhkRlFVRmhUME5CYXpSM1oyZEtTMDFCZDBkQk1WVmtSWGRSUmsxQlRVSkJaamgzUkdkWlJGWlNNRkJCVVVndlFrRlJSQXBCWjBoSFRVSXdSMEV4VldSRVoxRlhRa0pVTmxaUk1rMU9SMXBTVVRCNk16VTNUMjVpU2xkMlpYVmhhMng2UTBKNVoxbEVWbEl3YWtKSlNFTk5TVWN2Q21kQ1ZEWldVVEpOVGtkYVVsRXdlak0xTjA5dVlrcFhkbVYxWVd0c05rZENiVFpUUW0xRVEwSnNWRVZTVFVFNFIwRXhWVVZEYUUxSlVtNUtiRnBUUWxVS1ZUQkZlRVZFUVU5Q1owNVdRa0Z6VkVJeFNuWmlNMUZuVVRCRmVFZEVRVmRDWjA1V1FrRk5WRVF6WkROa2VUVnRZMjFXYkdSSVRtaE1iVGw1V25wRmFRcE5RMEZIUTFOeFIxTkpZak5FVVVWS1FWSlpWRmx1Vm5waFYzaHNaVzFHZWxGSFpIUlpWMnh6VEcxT2RtSlVSVk5OUWtGSFFURlZSVUo0VFVwV00xWnNDbU51Y0dsa1dFcHVUVkU0ZDBSUldVUldVVkZKUlhkYVExbFliR3hqYlRSNFEzcEJTa0puVGxaQ1FWbFVRV3RTUm1kbmEwRjNaVzFIUm1jeWJ6WlpRWGNLVFhkWlJGWlNNR1pDUTNkM1MycEJiMjlEWVdkS1NWbHBZVWhTTUdORWIzWk1NMlF6WkhrMWJXTnRWbXhrU0U1b1RHMDVlVnA1T1hsaU1qa3dXREpPYUFwTWJVNTVZa1JEUW5wM1dVUldVakJuUWtsSVNFMUpTRVZOU1VoQ1FtZHZja0puUlVWQldVaDVTa0ZGUWsxSlIzbE5SRTFIUTBOelIwRlJWVVpDZDBsQ0NrWnBaRzlrU0ZKM1QyazRkbVF6WkROTWJWcDVXbGRXTUdNeVJYVmlNMHB1VERKYWVWcFhWakJqTWtabVdUTkNla3h0YURCaVYzZDNUV2RaU1V0M1dVSUtRbEZWU0VGblJWZEtiV2d3WkVoQk5reDVPVE5rTTJOMVdtNUtiRnBZVW5wWlV6VjJZMjFqZGxwdVNteGFXRko2V1ZZNWFtTklUWFZqUjFKdFRVVmpSd3BEUTNOSFFWRlZSa0ozU1VOTlJITmhUMVZhZVZwWFZsVlZNRVZuWkVoS01XTXpVbXhhUTBJd1lWY3hiR016VW1oaVdFSndZbTFqWjFVeU9XMWtTR1JvQ21OdFZXZFpXRTFuV1ZOQ1ZGcFlTakpoVjA1c1NVTm9WRmxYUmxSTFZFRXpRbWRuY2tKblJVWkNVV05DUVZGUmNrMURhM2RLZDFsSlMzZFpRa0pSVlVnS1RVRkhSMGN5YURCa1NFRTJUSGs1TTJRelkzVmFia3BzV2xoU2VsbFROWFpqYldNMlRXcFZNazFFUVU1Q1oydHhhR3RwUnpsM01FSkJVVEJHUVVGUFF3cEJaMFZCWVVzNUszWTFUMFpaZFRsTk5ucDBXVU1yVERZNWMzY3hiMjFrZVd4cE9EbHNXa0ZtY0ZkTlRXZzVRMUp0U21oTk5rdENjVTB2YVhCM2IweDBDbTU0ZVhoSGMySkRVR2hqVVdwMVZIWjZiU3Q1YkU0MlZuZFVUVzFKYkZaNVZsTk1TMWxhWTJSVGFuUXZaVU5WVGlzME1VczNjMFEzUjFadGVGcENRVVlLU1V4dVFrUnRWRWRLYlV4cmNsVXdTM1YxU1hCcU9HeEpMMFUyV2paT2JtMTFVRElyVWtGUlUwaHpaa0pSYVRaemMzTnVXRTF2TkVoUFZ6Vm5kRkJQTndwblJISlZjRlpZU1VRckt6RlFORmh1Wkd0dlMyNDNVM1ozTlc0d2VsTTVabll4YUhoQ1kxbEpTRkJRVVZWNlpUSjFNekJpUVZGME1HNHdhVWw1VWt4NkNtRlhkV2gwY0VGMFpEZG1abmRGWWtGVFozcENOMFVyVGtkR05IUndWak0zWlRoTGFVRXllR2xIVTFKeFZEVnVaSFV5T0dabmNFOVpPRGRuUkROQmNsb0tSR04wV25aMlZFTm1TR1JCVXpWclJVOHpaMjVIUjJWYVJWWk1SRzFtUlhOMk9GUkhTbUV6UVd4cVZtRTFSVFF3U1ZGRWMxVlljRkZNYVRoSEsxVkROQW94UkZkYWRUaEZWbFEwY201WllVTjNNVlpZTjFOb1QxSXhVRTVEUTNacVlqaFRPSFJtWkhWa1pEbDZhRlV6WjBWQ01ISjRaR1ZVZVRGMFZtSk9URmhYQ2prNWVUa3dlR04zY2pGYVNVUlZkMDB2ZUZFdmJtOVBPRVpTYUcwd1RHOVFRemN6UldZclNqUmFRbVJ5ZGxkM1lYVkdNM3BLWlRNelpEUnBZbmhGWTJJS09DOXdlalZYZWtaclpXbDRXVTB5Ym5OSWFIRkljMEpMZHpkS1VHOTFTMDVZVW01c05VbEJSVEZsUm0xeFJIbEROMGN2VmxRM1QwWTJOamw0VFRab1lncFZkRFZITWpGS1JUUmpUa3MyVGs1MVkxTXJabnBuTVVwUVdEQXJNMVpvYzFsYWFtbzNSRFYxYkdwU2RsRllja280YVVobmNpOU5ObW95YjB4SWRsUkJDa2t5VFV4a2NUSnhhbHBHUkU5RFdITjRRbmhLY0dKdFRFZENlRGx2ZHpaYVpYSnNWWGg2ZDNNeVFWZDJNbkJyUFFvdExTMHRMVVZPUkNCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2c9PSIKICAgICAgfQogICAgfQogIH0K","payloadType":"https://witness.testifysec.com/policy/v0.1","signatures":[{"keyid":"6516d0812cb5a0d01f7f014f88e04c5d4c2d89a64e788a12950ba950fb43ef45","sig":"e9YGQxkgqlZqT8A3jISXSVGhNIUnImyPI+1poGhZSMspFah80Rd6UedISTBI28Y06+vFxaaNPViYPUC81wsPMCiPEUKZEYZkZSpvEArJanFXcHKiDzJ1XptvP1LDxqQ02jwHDIF4UAreg50mf05HhlNDU57olbhnNPkXsvEzy/Mjx2wMwXWONM/qZNYIrVFuL7dcVPzl74E69aK08nuCLjPOW8hB8jsCXv2+zZ+qBMw3zSwAGLblpNoeZZidHDRUiZKUAOsXRRcn1qL580wpEJftucVFFAdI61q3hWhr5kvB0ql3Nz5VXq921X8kH66iCjP8sq6D/utEV8BsiNUL4A=="}]}
+{"payload":"ewogICAgImV4cGlyZXMiOiAiMjAyNS0xMi0xN1QyMzo1Nzo0MC0wNTowMCIsCiAgICAic3RlcHMiOiB7CiAgICAgICJmbXQiOiB7CiAgICAgICAgIm5hbWUiOiAiZm10IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfSwKICAgICAgInZldCI6IHsKICAgICAgICAibmFtZSI6ICJ2ZXQiLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAibGludCI6IHsKICAgICAgICAibmFtZSI6ICJsaW50IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIsCiAgICAgICAgICAgICJyZWdvcG9saWNpZXMiOiBbCiAgICAgICAgICAgICAgewogICAgICAgICAgICAgICAgIm5hbWUiOiAiZXhwZWN0ZWQgY29tbWFuZCIsCiAgICAgICAgICAgICAgICAibW9kdWxlIjogImNHRmphMkZuWlNCamIyMXRZVzVrY25WdUxtTnRaQW9LWkdWdWVWdHRjMmRkSUhzS0NXbHVjSFYwTG1OdFpDQWhQU0JiSWk5aWFXNHZjMmdpTENBaUxXTWlMQ0FpYUdGa2IyeHBiblFnTFdZZ2MyRnlhV1lnUkc5amEyVnlabWxzWlNBK0lHaGhaRzlzYVc1MExuTmhjbWxtSWwwS0NXMXpaeUE2UFNBaWRXNWxlSEJsWTNSbFpDQmpiV1FpQ24wSyIKICAgICAgICAgICAgICB9CiAgICAgICAgICAgIF0KICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfSwKICAgICAgInVuaXQtdGVzdCI6IHsKICAgICAgICAibmFtZSI6ICJ1bml0LXRlc3QiLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAic2FzdCI6IHsKICAgICAgICAibmFtZSI6ICJzYXN0IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfSwKICAgICAgImJ1aWxkLWltYWdlIjogewogICAgICAgICJuYW1lIjogImJ1aWxkLWltYWdlIiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vc2xzYS5kZXYvcHJvdmVuYW5jZS92MS4wIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvb2NpL3YwLjEiCiAgICAgICAgICB9CiAgICAgICAgXSwKICAgICAgICAiZnVuY3Rpb25hcmllcyI6IFsKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAicm9vdCIsCiAgICAgICAgICAgICJjZXJ0Q29uc3RyYWludCI6IHsKICAgICAgICAgICAgICAiY29tbW9ubmFtZSI6ICIqIiwKICAgICAgICAgICAgICAiZG5zbmFtZXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJlbWFpbHMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJvcmdhbml6YXRpb25zIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAidXJpcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInJvb3RzIjogWwogICAgICAgICAgICAgICAgImRjZjE2NmVlYmU3Y2JkOTc2MDk0N2E4ODIxM2Q5NGU2NTYzNDljNjQ3ZDQzOTU2OWRjNzZhMjc1ZjA1YjcxNTkiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZXh0ZW5zaW9ucyI6IHsKICAgICAgICAgICAgICAgICJpc3N1ZXIiOiAiaHR0cHM6Ly90b2tlbi5hY3Rpb25zLmdpdGh1YnVzZXJjb250ZW50LmNvbSIsCiAgICAgICAgICAgICAgICAic291cmNlX3JlcG9zaXRvcnlfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3N3ZiIsCiAgICAgICAgICAgICAgICAiYnVpbGRfc2lnbmVyX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy93aXRuZXNzLXJ1bi1hY3Rpb24vLmdpdGh1Yi93b3JrZmxvd3Mvd2l0bmVzcy55bWxAcmVmcy9oZWFkcy9yZXVzYWJsZS13b3JrZmxvdyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfc2lnbmVyX2RpZ2VzdCI6ICJkNjZmODllYzg1MzkzOThlZDk5MDRkMWE2MjJiZDAzMDNiZmUzODRjIiwKICAgICAgICAgICAgICAgICJidWlsZF9jb25maWdfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3N3Zi8uZ2l0aHViL3dvcmtmbG93cy9waXBlbGluZS55bWxAcmVmcy9oZWFkcy8qIiwKICAgICAgICAgICAgICAgICJydW5uZXJfZW52aXJvbm1lbnQiOiAiZ2l0aHViLWhvc3RlZCIKICAgICAgICAgICAgICB9CiAgICAgICAgICAgIH0KICAgICAgICAgIH0KICAgICAgICBdCiAgICAgIH0sCiAgICAgICJnZW5lcmF0ZS1zYm9tIjogewogICAgICAgICJuYW1lIjogImdlbmVyYXRlLXNib20iLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAic2VjcmV0LXNjYW4iOiB7CiAgICAgICAgIm5hbWUiOiAic2VjcmV0LXNjYW4iLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAid2ViaG9vayI6IHsKICAgICAgICAibmFtZSI6ICJ3ZWJob29rIiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXRodWJ3ZWJob29rL3YwLjEiLAogICAgICAgICAgICAicmVnb3BvbGljaWVzIjogWwogICAgICAgICAgICAgIHsKICAgICAgICAgICAgICAgICJuYW1lIjogImV4cGVjdGVkIGFwcHJvdmFsIiwKICAgICAgICAgICAgICAgICJtb2R1bGUiOiAiY0dGamEyRm5aU0J3Y2w5eVpYWnBaWGNLQ21SbGJubGJiWE5uWFNCN0NnbHBibkIxZEM1bGRtVnVkQ0FoUFNBaWNIVnNiRjl5WlhGMVpYTjBYM0psZG1sbGR5SUtDVzF6WnlBNlBTQWlibTkwSUdFZ2NISWdjbVYyYVdWM0lncDlDZ3BrWlc1NVcyMXpaMTBnZXdvSmFXNXdkWFF1Y0dGNWJHOWhaQzVoWTNScGIyNGdJVDBnSW5OMVltMXBkSFJsWkNJS0NXMXpaeUE2UFNBaWJtOTBJR0VnYzNWaWJXbDBkR1ZrSUhCeUlncDlDZ3BrWlc1NVcyMXpaMTBnZXdvSmFXNXdkWFF1Y0dGNWJHOWhaQzV5WlhacFpYY3VjM1JoZEdVZ0lUMGdJbUZ3Y0hKdmRtVmtJZ29KYlhObklEbzlJQ0p1YjNRZ1lXNGdZWEJ3Y205MlpXUWdjSElpQ24wSyIKICAgICAgICAgICAgICB9CiAgICAgICAgICAgIF0KICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJwdWJsaWNrZXkiLAogICAgICAgICAgICAicHVibGlja2V5aWQiOiAiNjUxNmQwODEyY2I1YTBkMDFmN2YwMTRmODhlMDRjNWQ0YzJkODlhNjRlNzg4YTEyOTUwYmE5NTBmYjQzZWY0NSIKICAgICAgICAgIH0KICAgICAgICBdCiAgICAgIH0KICAgIH0sCiAgICAicHVibGlja2V5cyI6IHsKICAgICAgIjY1MTZkMDgxMmNiNWEwZDAxZjdmMDE0Zjg4ZTA0YzVkNGMyZDg5YTY0ZTc4OGExMjk1MGJhOTUwZmI0M2VmNDUiOiB7CiAgICAgICAgImtleWlkIjogIjY1MTZkMDgxMmNiNWEwZDAxZjdmMDE0Zjg4ZTA0YzVkNGMyZDg5YTY0ZTc4OGExMjk1MGJhOTUwZmI0M2VmNDUiLAogICAgICAgICJrZXkiOiAiTFMwdExTMUNSVWRKVGlCUVZVSk1TVU1nUzBWWkxTMHRMUzBLVFVsSlFrbHFRVTVDWjJ0eGFHdHBSemwzTUVKQlVVVkdRVUZQUTBGUk9FRk5TVWxDUTJkTFEwRlJSVUYyWVdoeVFVcEROWE5sWTJ4dVdFbHFRMk40TmdwS2NHa3hRVzFsV1c5RlFWVm1hbmxLUjJJNWNIcFJRVTR2VDNCaGNqWnJhbTFNT1U5amEycG1kVzFhU1ZscGJYbzNRMkpxWjFkNlZHc3ZPV0YyVTFCakNtWmlhekJRUkVkS2NFcEpUamhOWkhCNlVXczBhWGxuS3l0Mk5EWTJaVWhEU1hweVZFeFljVUpEUjIxU2ExaHlTRkJKUWtsRWF6VjVia2t3ZUVWNmFuTUtjVUZHYUVGNlkydEpWRlp0WTJWNFRFNDBlbWh6T0dsR2NYUnhabVZ4UzBWTU0zTlFVV1pQVDNCelRGWkZjQzlNUjNoNEsyVnBkR1puTDJaUFdVMXBNd3BrZFVrM09EZE5iR2N3VUM5U05XTndhalJCZUdKV2QxTjNUM2h6ZVZCblRrWlNTMVZwZDAxM09WbDZLMjFsY1hsNVJHUk9lRGRuY2pCNlYwbFZhR3Q2Q2xCUVVqZ3lNVk5XTTBaT2FISmplbU5TUjIweWR5dDFZemxEY2lzNVZYQmpURUZ0TDNNeE9YVjRZakIxVldrMWVGUlRSR1JDVkM4ME9GRnZOakZTTVZRS1ZWRkpSRUZSUVVJS0xTMHRMUzFGVGtRZ1VGVkNURWxESUV0RldTMHRMUzB0Q2c9PSIKICAgICAgfQogICAgfSwKICAgICJyb290cyI6IHsKICAgICAgImRjZjE2NmVlYmU3Y2JkOTc2MDk0N2E4ODIxM2Q5NGU2NTYzNDljNjQ3ZDQzOTU2OWRjNzZhMjc1ZjA1YjcxNTkiOiB7CiAgICAgICAgImNlcnRpZmljYXRlIjogIkxTMHRMUzFDUlVkSlRpQkRSVkpVU1VaSlEwRlVSUzB0TFMwdENrMUpTVU5IYWtORFFXRkhaMEYzU1VKQlowbFZRVXh1Vm1sV1ptNVZNR0p5U21GemJWSnJTSEp1TDFWdVptRlJkME5uV1VsTGIxcEplbW93UlVGM1RYY0tTMnBGVmsxQ1RVZEJNVlZGUTJoTlRXTXliRzVqTTFKMlkyMVZkVnBIVmpKTlVrVjNSSGRaUkZaUlVVUkZkMmg2WVZka2VtUkhPWGxhVkVGbFJuY3dlUXBOYWtFd1RWUk5lVTFFUVRKTlZGWmhSbmN3ZWsxVVJYZE5SRlY0VFhwVk1rNVVhR0ZOUkdONFJsUkJWRUpuVGxaQ1FXOVVSRWhPY0ZvelRqQmlNMHBzQ2t4dFVteGtha1ZsVFVKM1IwRXhWVVZCZUUxV1l6SnNibU16VW5aamJWVjBZVmMxTUZwWVNuUmFWMUp3V1ZoU2JFMUlXWGRGUVZsSVMyOWFTWHBxTUVNS1FWRlpSa3MwUlVWQlEwbEVXV2RCUlRoU1ZsTXZlWE5JSzA1UGRuVkVXbmxRU1ZwMGFXeG5WVVk1VG14aGNsbHdRV1E1U0ZBeGRrSkNTREZWTlVOV053bzNURk5UTjNNd1dtbElORzVGTjBoMk4zQjBVelpNZG5aU0wxTlVhemM1T0V4V1owMTZUR3hLTkVobFNXWkdNM1JJVTJGbGVFeGpXWEJUUVZOeU1XdFRDakJPTDFKblFrcDZMemxxVjBOcFdHNXZNM04zWlZSQlQwSm5UbFpJVVRoQ1FXWTRSVUpCVFVOQlVWbDNSWGRaUkZaU01HeENRWGQzUTJkWlNVdDNXVUlLUWxGVlNFRjNUWGRGWjFsRVZsSXdWRUZSU0M5Q1FXZDNRbWRGUWk5M1NVSkJSRUZrUW1kT1ZraFJORVZHWjFGVk16bFFjSG94V1d0RldtSTFjVTVxY0FwTFJsZHBlR2swV1ZwRU9IZElkMWxFVmxJd2FrSkNaM2RHYjBGVlYwMUJaVmcxUmtad1YyRndaWE41VVc5YVRXa3dRM0pHZUdadmQwTm5XVWxMYjFwSkNucHFNRVZCZDAxRVduZEJkMXBCU1hkUVEzTlJTelJFV1dsYVdVUlFTV0ZFYVRWSVJrdHVabmhZZURaQlUxTldiVVZTWm5ONWJsbENhVmd5V0RaVFNsSUtibHBWT0RRdk9VUmFaRzVHZG5aNGJVRnFRazkwTmxGd1FteGpORW92TUVSNGRtdFVRM0Z3WTJ4MmVtbE1Oa0pEUTFCdWFtUnNTVUl6VUhVelFuaHpVQXB0ZVdkVldUZEphVEo2WW1SRFpHeHBhVzkzUFFvdExTMHRMVVZPUkNCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2dvPSIsCiAgICAgICAgImludGVybWVkaWF0ZXMiOiBbCiAgICAgICAgICAiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVSTVla05EUVZoNVowRjNTVUpCWjBsVlFVeGFUa0ZRUm1SNFNGQjNhbVZFYkc5RWQzbFpRMmhCVHk4MGQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1MycEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWtWM1JIZFpSRlpSVVVSRmQyaDZZVmRrZW1SSE9YbGFWRUZsUm5jd2VRcE5WRVYzVFVSamVFMTZWVEpPVkd4aFJuY3dlazFVUlhkTlJGVjRUWHBWTWs1VWFHRk5RMjk0UmxSQlZFSm5UbFpDUVc5VVJFaE9jRm96VGpCaU0wcHNDa3h0VW14a2FrVlNUVUU0UjBFeFZVVkJlRTFKWXpKc2JtTXpVblpqYlZWM1pHcEJVVUpuWTNGb2EycFBVRkZKUWtKblZYSm5VVkZCU1dkT2FVRkJWRGNLV0dWR1ZEUnlZak5RVVVkM1V6UkpZV3AwVEdzekwwOXNibkJuWVc1bllVSmpiRmx3YzFsQ2NqVnBLelI1YmtJd04yTmxZak5NVURCUFNVOWFaSGhsZUFwWU5qbGpOV2xXZFhsS1VsRXJTSG93TlhscEsxVkdNM1ZDVjBGc1NIQnBVelZ6YURBclNESkhTRVUzVTFoeWF6RkZRelZ0TVZSeU1UbE1PV2RuT1RKcUNsbDZRbWhOUVRSSFFURlZaRVIzUlVJdmQxRkZRWGRKUWtKcVFWQkNaMDVXU0ZKTlFrRm1PRVZDVkVGRVFWRklMMDFDTUVkQk1WVmtSR2RSVjBKQ1Vsa0tkMEkxWm10VlYyeGFjV3cyZWtwRGFHdDVURkZMYzFoR0sycEJaa0puVGxaSVUwMUZSMFJCVjJkQ1VsbDNRalZtYTFWWGJGcHhiRFo2U2tOb2EzbE1VUXBMYzFoR0sycEJTMEpuWjNGb2EycFBVRkZSUkVGM1RuQkJSRUp0UVdwRlFXb3hia2hsV0Zwd0t6RXpUbGRDVG1FclJVUnpSRkE0UnpGWFYyY3hkRU5OQ2xkUUwxZElVSEZ3WVZadk1HcG9jM2RsVGtaYVoxTnpNR1ZGTjNkWlNUUnhRV3BGUVRKWFFqbHZkRGs0YzBscmIwWXpkbHBaWkdRekwxWjBWMEkxWWprS1ZFNU5aV0UzU1hndmMzUktOVlJtWTB4TVpVRkNURVUwUWs1S1QzTlJOSFp1UWtoS0NpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyIKICAgICAgICBdCiAgICAgIH0KICAgIH0sCiAgICAidGltZXN0YW1wYXV0aG9yaXRpZXMiOiB7CiAgICAgICJmcmVldHNhIjogewogICAgICAgICJjZXJ0aWZpY2F0ZSI6ICJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VndmVrTkRRbVZsWjBGM1NVSkJaMGxLUVUxSWNHaG9XVTV4VDIxQlRVRXdSME5UY1VkVFNXSXpSRkZGUWtSUlZVRk5TVWRXVFZKRmQwUjNXVVFLVmxGUlMwVjNhRWRqYlZac1NVWlNWRkZVUlZGTlFUUkhRVEZWUlVONFRVaFZiVGwyWkVOQ1JGRlVSVmxOUWxsSFFURlZSVUY0VFZCa00yUXpURzFhZVFwYVYxWXdZekpGZFdJelNtNU5VMGwzU1VGWlNrdHZXa2xvZG1OT1FWRnJRa1pvVG1sa1dFNXdZa2RXTmxsWVRrRmFNakZvWVZkM2RWa3lPWFJOVWtsM0NrVkJXVVJXVVZGSVJYZHNXR1JYVm5sbGJVb3hZMjFqZUVSNlFVNUNaMDVXUWtGblZFSnJTbWhsVjFaNVltcEZURTFCYTBkQk1WVkZRbWhOUTFKRlZYY0tTR2hqVGsxVVdYZE5la1Y2VFVSRk1VMXFSWHBYYUdOT1RrUkZkMDE2UVROTlJFVXhUV3BGZWxkcVEwSnNWRVZTVFVFNFIwRXhWVVZEYUUxSlVtNUtiQXBhVTBKVlZUQkZlRVZFUVU5Q1owNVdRa0Z6VkVJeFNuWmlNMUZuVVRCRmVFZEVRVmRDWjA1V1FrRk5WRVF6WkROa2VUVnRZMjFXYkdSSVRtaE1iVGw1Q2xwNlJXbE5RMEZIUTFOeFIxTkpZak5FVVVWS1FWSlpWRmx1Vm5waFYzaHNaVzFHZWxGSFpIUlpWMnh6VEcxT2RtSlVSVk5OUWtGSFFURlZSVUo0VFVvS1ZqTldiR051Y0dsa1dFcHVUVkU0ZDBSUldVUldVVkZKUlhkYVExbFliR3hqYlRSNFEzcEJTa0puVGxaQ1FWbFVRV3RTUmsxSlNVTkpha0ZPUW1kcmNRcG9hMmxIT1hjd1FrRlJSVVpCUVU5RFFXYzRRVTFKU1VORFowdERRV2RGUVhSblMwOUVha0Y1T0ZKRlVUSlhWRTV4VlhWa1FXNXFhR3hEY25CRk5uRnNDbTFSWms1d2NHVlViVloyV25KSU5IcDFkRzRyVG5kVVlVaEJSM0JxVTBkMk5DOVhVbkJhTVhkYU0wSlNXalZ0VUZWQ1dubE1aM0V3V1hKSlpsRTFSbmdLTUhNdlRWSmFVSHBqTVhJemJFdFhjazFTT1hOQlVYZzBiVTQwZWpFeGVFWkZUelV5T1V3d1pFWkthbEJHT1UxRU9FZHdaREptWlZkNlIzbHdkR3hsYkFwaUsxQnhWQ3NySzJaUFlUSnZXVEFyVG1GTlRUZHNMM2hqVGtoUVQyRk5lakF2TW05c2F6QnBNakpvWWt0bFZtaDJiMnRRUTNGb1JtaDZjM1ZvUzNOdENuRTBUMll2Ynl0ME5tUkpOM040Tldnd2JsQk5iVFJuUjFOU2FHWnhLM28yUWxSU1owTnljVkZITWtaUFRHOVdSbWQwTm1sSmJTOUNiazVtWmxWeU4xWUtSRmxrTTNwYWJVbDNSazlxTDBnelJFdEliMGRwYXk5NFN6TkZPREpaUVRKYWRXeFdUMFpTVnk5NmFqUkJjR3BRWVRWUFJtSndTV3RrTUhCdGVuaDZaQXBGWTB3ME56bG9VMEU1WkVacGVWWnRVM2hRZEZrMWVtVXhVQ3RDUlRsaVRWVXhVRk5qY0ZKNmR6aE5TRVpZZUhsTGNWY3hNMUYyTjB4WGR6UnpZbXN6Q2xOamFVSTNSMEZEWWxGcFZrZDZaMnQyV0VjMmVUZzFTRTkxZGxkT2RrTTFSMHhUYVhsUU9VZHNVRUl3VmpZNGRHSjRlalJLVmxSU1pIY3ZXRzR2V0ZRS1JrNTZVa0pOTTJOeE9HeENUMEZXZEM5UVFWZzFLM1ZHWTNZeFV6bDNSa1U0V1dwaFFtWlhRMUF4YW1SQ2FXd3JZelJsS3pCMFpIbDNWREp2U20xWlFncENSaTlyUlhReGQyMUhkMDF0U0hWdVRrVjFVVTU2YURGR2RFcFpOVFJvWWxWbWFWZHBNemh0UVZORk4zaE5kRTFvWm1vdlF6UlRkbUZ3YVVST09ETTNDbWRaWVZCbWN6aDRNMHRhZUdKWU4wTXpXVUZ6Um01S2FXNXNkMEZWYzNNeFptUkxZWEk0VVM5WlZuTTNTQzl1VlRSak5FbDRlSGg2TkdZMk4yWmpWbkVLVFRKSlZFdGxiblJpUTAxRFFYZEZRVUZoVDBOQmF6UjNaMmRLUzAxQmQwZEJNVlZrUlhkUlJrMUJUVUpCWmpoM1JHZFpSRlpTTUZCQlVVZ3ZRa0ZSUkFwQlowaEhUVUl3UjBFeFZXUkVaMUZYUWtKVU5sWlJNazFPUjFwU1VUQjZNelUzVDI1aVNsZDJaWFZoYTJ4NlEwSjVaMWxFVmxJd2FrSkpTRU5OU1VjdkNtZENWRFpXVVRKTlRrZGFVbEV3ZWpNMU4wOXVZa3BYZG1WMVlXdHNOa2RDYlRaVFFtMUVRMEpzVkVWU1RVRTRSMEV4VlVWRGFFMUpVbTVLYkZwVFFsVUtWVEJGZUVWRVFVOUNaMDVXUWtGelZFSXhTblppTTFGblVUQkZlRWRFUVZkQ1owNVdRa0ZOVkVRelpETmtlVFZ0WTIxV2JHUklUbWhNYlRsNVducEZhUXBOUTBGSFExTnhSMU5KWWpORVVVVktRVkpaVkZsdVZucGhWM2hzWlcxR2VsRkhaSFJaVjJ4elRHMU9kbUpVUlZOTlFrRkhRVEZWUlVKNFRVcFdNMVpzQ21OdWNHbGtXRXB1VFZFNGQwUlJXVVJXVVZGSlJYZGFRMWxZYkd4amJUUjRRM3BCU2tKblRsWkNRVmxVUVd0U1JtZG5hMEYzWlcxSFJtY3lielpaUVhjS1RYZFpSRlpTTUdaQ1EzZDNTMnBCYjI5RFlXZEtTVmxwWVVoU01HTkViM1pNTTJRelpIazFiV050Vm14a1NFNW9URzA1ZVZwNU9YbGlNamt3V0RKT2FBcE1iVTU1WWtSRFFucDNXVVJXVWpCblFrbElTRTFKU0VWTlNVaENRbWR2Y2tKblJVVkJXVWg1U2tGRlFrMUpSM2xOUkUxSFEwTnpSMEZSVlVaQ2QwbENDa1pwWkc5a1NGSjNUMms0ZG1RelpETk1iVnA1V2xkV01HTXlSWFZpTTBwdVRESmFlVnBYVmpCak1rWm1XVE5DZWt4dGFEQmlWM2QzVFdkWlNVdDNXVUlLUWxGVlNFRm5SVmRLYldnd1pFaEJOa3g1T1ROa00yTjFXbTVLYkZwWVVucFpVelYyWTIxamRscHVTbXhhV0ZKNldWWTVhbU5JVFhWalIxSnRUVVZqUndwRFEzTkhRVkZWUmtKM1NVTk5SSE5oVDFWYWVWcFhWbFZWTUVWblpFaEtNV016VW14YVEwSXdZVmN4YkdNelVtaGlXRUp3WW0xaloxVXlPVzFrU0dSb0NtTnRWV2RaV0UxbldWTkNWRnBZU2pKaFYwNXNTVU5vVkZsWFJsUkxWRUV6UW1kbmNrSm5SVVpDVVdOQ1FWRlJjazFEYTNkS2QxbEpTM2RaUWtKUlZVZ0tUVUZIUjBjeWFEQmtTRUUyVEhrNU0yUXpZM1ZhYmtwc1dsaFNlbGxUTlhaamJXTTJUV3BWTWsxRVFVNUNaMnR4YUd0cFJ6bDNNRUpCVVRCR1FVRlBRd3BCWjBWQllVczVLM1kxVDBaWmRUbE5ObnAwV1VNclREWTVjM2N4YjIxa2VXeHBPRGxzV2tGbWNGZE5UV2c1UTFKdFNtaE5Oa3RDY1UwdmFYQjNiMHgwQ201NGVYaEhjMkpEVUdoalVXcDFWSFo2YlN0NWJFNDJWbmRVVFcxSmJGWjVWbE5NUzFsYVkyUlRhblF2WlVOVlRpczBNVXMzYzBRM1IxWnRlRnBDUVVZS1NVeHVRa1J0VkVkS2JVeHJjbFV3UzNWMVNYQnFPR3hKTDBVMldqWk9ibTExVURJclVrRlJVMGh6WmtKUmFUWnpjM051V0Uxdk5FaFBWelZuZEZCUE53cG5SSEpWY0ZaWVNVUXJLekZRTkZodVpHdHZTMjQzVTNaM05XNHdlbE01Wm5ZeGFIaENZMWxKU0ZCUVVWVjZaVEoxTXpCaVFWRjBNRzR3YVVsNVVreDZDbUZYZFdoMGNFRjBaRGRtWm5kRllrRlRaM3BDTjBVclRrZEdOSFJ3VmpNM1pUaExhVUV5ZUdsSFUxSnhWRFZ1WkhVeU9HWm5jRTlaT0RkblJETkJjbG9LUkdOMFduWjJWRU5tU0dSQlV6VnJSVTh6WjI1SFIyVmFSVlpNUkcxbVJYTjJPRlJIU21FelFXeHFWbUUxUlRRd1NWRkVjMVZZY0ZGTWFUaEhLMVZETkFveFJGZGFkVGhGVmxRMGNtNVpZVU4zTVZaWU4xTm9UMUl4VUU1RFEzWnFZamhUT0hSbVpIVmtaRGw2YUZVelowVkNNSEo0WkdWVWVURjBWbUpPVEZoWENqazVlVGt3ZUdOM2NqRmFTVVJWZDAwdmVGRXZibTlQT0VaU2FHMHdURzlRUXpjelJXWXJTalJhUW1SeWRsZDNZWFZHTTNwS1pUTXpaRFJwWW5oRlkySUtPQzl3ZWpWWGVrWnJaV2w0V1UweWJuTklhSEZJYzBKTGR6ZEtVRzkxUzA1WVVtNXNOVWxCUlRGbFJtMXhSSGxETjBjdlZsUTNUMFkyTmpsNFRUWm9ZZ3BWZERWSE1qRktSVFJqVGtzMlRrNTFZMU1yWm5wbk1VcFFXREFyTTFab2MxbGFhbW8zUkRWMWJHcFNkbEZZY2tvNGFVaG5jaTlOTm1veWIweElkbFJCQ2treVRVeGtjVEp4YWxwR1JFOURXSE40UW5oS2NHSnRURWRDZURsdmR6WmFaWEpzVlhoNmQzTXlRVmQyTW5CclBRb3RMUzB0TFVWT1JDQkRSVkpVU1VaSlEwRlVSUzB0TFMwdENnPT0iCiAgICAgIH0KICAgIH0KICB9Cg==","payloadType":"https://witness.testifysec.com/policy/v0.1","signatures":[{"keyid":"6516d0812cb5a0d01f7f014f88e04c5d4c2d89a64e788a12950ba950fb43ef45","sig":"aE7CoNIACjB9NWh0UB8epYurGp13Yk7/piVu6Bf86/YMDpW9e+tSFRWkhOScMDMXzfsP06RTWPHh8M3vYTkCAMnZIjQp+j4P7RSrRWP6eLKtZwKCu53lihOJ0az7cv61TtoT7v8AsMaitFH2vmMIiq2L4YCWh3Lir+PmaZzji6wpaO62kPBmlkeDeyQB8nf1hZqfJqJTj0PWQ1ZNjud//2k8GzMpeHAdK3OyAfcb4UMGB6AnVd7Yocz+yBW+lr2/XP5BgGjqI3qvBBY+1CfUKoKDWILvxPD0RNgvZhEWP2X7THKmWQetvh412Xjw9htNrR7IFhafji1tuAooNuCJaA=="}]}
diff --git a/policy.json b/policy.json
index 9384244..f43de42 100644
--- a/policy.json
+++ b/policy.json
@@ -420,6 +420,32 @@
             }
           }
         ]
+      },
+      "webhook": {
+        "name": "webhook",
+        "attestations": [
+          {
+            "type": "https://witness.dev/attestations/githubwebhook/v0.1",
+            "regopolicies": [
+              {
+                "name": "expected approval",
+                "module": "cGFja2FnZSBwcl9yZXZpZXcKCmRlbnlbbXNnXSB7CglpbnB1dC5ldmVudCAhPSAicHVsbF9yZXF1ZXN0X3JldmlldyIKCW1zZyA6PSAibm90IGEgcHIgcmV2aWV3Igp9CgpkZW55W21zZ10gewoJaW5wdXQucGF5bG9hZC5hY3Rpb24gIT0gInN1Ym1pdHRlZCIKCW1zZyA6PSAibm90IGEgc3VibWl0dGVkIHByIgp9CgpkZW55W21zZ10gewoJaW5wdXQucGF5bG9hZC5yZXZpZXcuc3RhdGUgIT0gImFwcHJvdmVkIgoJbXNnIDo9ICJub3QgYW4gYXBwcm92ZWQgcHIiCn0K"
+              }
+            ]
+          }
+        ],
+        "functionaries": [
+          {
+            "type": "publickey",
+            "publickeyid": "6516d0812cb5a0d01f7f014f88e04c5d4c2d89a64e788a12950ba950fb43ef45"
+          }
+        ]
+      }
+    },
+    "publickeys": {
+      "6516d0812cb5a0d01f7f014f88e04c5d4c2d89a64e788a12950ba950fb43ef45": {
+        "keyid": "6516d0812cb5a0d01f7f014f88e04c5d4c2d89a64e788a12950ba950fb43ef45",
+        "key": "LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF2YWhyQUpDNXNlY2xuWElqQ2N4NgpKcGkxQW1lWW9FQVVmanlKR2I5cHpRQU4vT3BhcjZram1MOU9ja2pmdW1aSVlpbXo3Q2JqZ1d6VGsvOWF2U1BjCmZiazBQREdKcEpJTjhNZHB6UWs0aXlnKyt2NDY2ZUhDSXpyVExYcUJDR21Sa1hySFBJQklEazV5bkkweEV6anMKcUFGaEF6Y2tJVFZtY2V4TE40emhzOGlGcXRxZmVxS0VMM3NQUWZPT3BzTFZFcC9MR3h4K2VpdGZnL2ZPWU1pMwpkdUk3ODdNbGcwUC9SNWNwajRBeGJWd1N3T3hzeVBnTkZSS1Vpd013OVl6K21lcXl5RGROeDdncjB6V0lVaGt6ClBQUjgyMVNWM0ZOaHJjemNSR20ydyt1YzlDcis5VXBjTEFtL3MxOXV4YjB1VWk1eFRTRGRCVC80OFFvNjFSMVQKVVFJREFRQUIKLS0tLS1FTkQgUFVCTElDIEtFWS0tLS0tCg=="
       }
     },
     "roots": {
diff --git a/policy.rego b/policy.rego
index 5d7a201..5af5cfd 100644
--- a/policy.rego
+++ b/policy.rego
@@ -26,4 +26,22 @@ deny[msg] if {
 deny[msg] if {
 	not startswith(input.jwt.claims.workflow_ref, "testifysec/swf/.github/workflows/pipeline.yml")
 	msg := "unexpected workflow_ref"
-}
\ No newline at end of file
+}
+
+// webhook attestor PR approval
+package pr_review
+
+deny[msg] {
+	input.event != "pull_request_review"
+	msg := "not a pr review"
+}
+
+deny[msg] {
+	input.payload.action != "submitted"
+	msg := "not a submitted pr"
+}
+
+deny[msg] {
+	input.payload.review.state != "approved"
+	msg := "not an approved pr"
+}

From 69875cbc953eed533d31dd942ebaab45f100dd2e Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Tue, 1 Oct 2024 09:36:07 -0400
Subject: [PATCH 05/30] Update to demo version of witness

Signed-off-by: John Kjell <john@testifysec.com>
---
 .github/workflows/pipeline.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index 162eb2f..3bfb3bd 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -172,7 +172,6 @@ jobs:
       attestations: "git github environment"
       artifact-download: image.tar
       pre-command: |
-        curl -sSfL https://github.com/in-toto/witness/releases/download/v0.6.0/witness_0.6.0_linux_amd64.tar.gz -o witness.tar.gz && \
-        tar -xzvf witness.tar.gz -C /usr/local/bin/ && rm ./witness.tar.gz
+        curl -sSfL https://github.com/jkjell/witness/releases/download/osff-demo/witness -o /usr/local/bin/witness
       command: |
         witness verify -p policy-signed.json -k swfpublic.pem -f /tmp/image.tar --enable-archivista -l debug

From cc6d0321db5e0cd531b62d4ca51d8d8539072bd5 Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Tue, 1 Oct 2024 09:44:38 -0400
Subject: [PATCH 06/30] Change demo version of witness to be executable

Signed-off-by: John Kjell <john@testifysec.com>
---
 .github/workflows/pipeline.yml | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index 3bfb3bd..d8191d6 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -167,11 +167,12 @@ jobs:
     uses: testifysec/witness-run-action/.github/workflows/witness.yml@reusable-workflow
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
-      step: verify 
+      step: verify
       pre-command-attestations: "git github environment"
       attestations: "git github environment"
       artifact-download: image.tar
       pre-command: |
-        curl -sSfL https://github.com/jkjell/witness/releases/download/osff-demo/witness -o /usr/local/bin/witness
+        curl -sSfL https://github.com/jkjell/witness/releases/download/osff-demo/witness -o /tmp/witness && \
+        chmod +x /tmp/witness
       command: |
-        witness verify -p policy-signed.json -k swfpublic.pem -f /tmp/image.tar --enable-archivista -l debug
+        /tmp/witness verify -p policy-signed.json -k swfpublic.pem -f /tmp/image.tar --enable-archivista -l debug

From bc881412a2cadd62e82bd69a3beabcad06c9f3f4 Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Tue, 1 Oct 2024 10:05:54 -0400
Subject: [PATCH 07/30] Remove linter rule exclusion (#11)

Signed-off-by: John Kjell <john@testifysec.com>
---
 .github/workflows/pipeline.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index d8191d6..b8a8bbc 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -40,7 +40,7 @@ jobs:
       pre-command: |
         curl -sSfL https://github.com/hadolint/hadolint/releases/download/v2.12.0/hadolint-Linux-x86_64 -o /usr/local/bin/hadolint && \
         chmod +x /usr/local/bin/hadolint
-      command: hadolint --ignore DL3002 -f sarif Dockerfile > hadolint.sarif
+      command: hadolint -f sarif Dockerfile > hadolint.sarif
       artifact-upload-name: hadolint.sarif
       artifact-upload-path: hadolint.sarif
 

From e354f5597e90ef5e9517afceeeb22144593549f3 Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Tue, 1 Oct 2024 11:31:41 -0400
Subject: [PATCH 08/30] Update policy for webhook-attestations (#12)

Signed-off-by: John Kjell <john@testifysec.com>
---
 policy-signed.json |  2 +-
 policy.json        | 24 ++++++++++++++++++------
 2 files changed, 19 insertions(+), 7 deletions(-)

diff --git a/policy-signed.json b/policy-signed.json
index acfd81b..dd101e6 100644
--- a/policy-signed.json
+++ b/policy-signed.json
@@ -1 +1 @@
-{"payload":"ewogICAgImV4cGlyZXMiOiAiMjAyNS0xMi0xN1QyMzo1Nzo0MC0wNTowMCIsCiAgICAic3RlcHMiOiB7CiAgICAgICJmbXQiOiB7CiAgICAgICAgIm5hbWUiOiAiZm10IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfSwKICAgICAgInZldCI6IHsKICAgICAgICAibmFtZSI6ICJ2ZXQiLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAibGludCI6IHsKICAgICAgICAibmFtZSI6ICJsaW50IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIsCiAgICAgICAgICAgICJyZWdvcG9saWNpZXMiOiBbCiAgICAgICAgICAgICAgewogICAgICAgICAgICAgICAgIm5hbWUiOiAiZXhwZWN0ZWQgY29tbWFuZCIsCiAgICAgICAgICAgICAgICAibW9kdWxlIjogImNHRmphMkZuWlNCamIyMXRZVzVrY25WdUxtTnRaQW9LWkdWdWVWdHRjMmRkSUhzS0NXbHVjSFYwTG1OdFpDQWhQU0JiSWk5aWFXNHZjMmdpTENBaUxXTWlMQ0FpYUdGa2IyeHBiblFnTFdZZ2MyRnlhV1lnUkc5amEyVnlabWxzWlNBK0lHaGhaRzlzYVc1MExuTmhjbWxtSWwwS0NXMXpaeUE2UFNBaWRXNWxlSEJsWTNSbFpDQmpiV1FpQ24wSyIKICAgICAgICAgICAgICB9CiAgICAgICAgICAgIF0KICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfSwKICAgICAgInVuaXQtdGVzdCI6IHsKICAgICAgICAibmFtZSI6ICJ1bml0LXRlc3QiLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAic2FzdCI6IHsKICAgICAgICAibmFtZSI6ICJzYXN0IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfSwKICAgICAgImJ1aWxkLWltYWdlIjogewogICAgICAgICJuYW1lIjogImJ1aWxkLWltYWdlIiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vc2xzYS5kZXYvcHJvdmVuYW5jZS92MS4wIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvb2NpL3YwLjEiCiAgICAgICAgICB9CiAgICAgICAgXSwKICAgICAgICAiZnVuY3Rpb25hcmllcyI6IFsKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAicm9vdCIsCiAgICAgICAgICAgICJjZXJ0Q29uc3RyYWludCI6IHsKICAgICAgICAgICAgICAiY29tbW9ubmFtZSI6ICIqIiwKICAgICAgICAgICAgICAiZG5zbmFtZXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJlbWFpbHMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJvcmdhbml6YXRpb25zIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAidXJpcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInJvb3RzIjogWwogICAgICAgICAgICAgICAgImRjZjE2NmVlYmU3Y2JkOTc2MDk0N2E4ODIxM2Q5NGU2NTYzNDljNjQ3ZDQzOTU2OWRjNzZhMjc1ZjA1YjcxNTkiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZXh0ZW5zaW9ucyI6IHsKICAgICAgICAgICAgICAgICJpc3N1ZXIiOiAiaHR0cHM6Ly90b2tlbi5hY3Rpb25zLmdpdGh1YnVzZXJjb250ZW50LmNvbSIsCiAgICAgICAgICAgICAgICAic291cmNlX3JlcG9zaXRvcnlfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3N3ZiIsCiAgICAgICAgICAgICAgICAiYnVpbGRfc2lnbmVyX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy93aXRuZXNzLXJ1bi1hY3Rpb24vLmdpdGh1Yi93b3JrZmxvd3Mvd2l0bmVzcy55bWxAcmVmcy9oZWFkcy9yZXVzYWJsZS13b3JrZmxvdyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfc2lnbmVyX2RpZ2VzdCI6ICJkNjZmODllYzg1MzkzOThlZDk5MDRkMWE2MjJiZDAzMDNiZmUzODRjIiwKICAgICAgICAgICAgICAgICJidWlsZF9jb25maWdfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3N3Zi8uZ2l0aHViL3dvcmtmbG93cy9waXBlbGluZS55bWxAcmVmcy9oZWFkcy8qIiwKICAgICAgICAgICAgICAgICJydW5uZXJfZW52aXJvbm1lbnQiOiAiZ2l0aHViLWhvc3RlZCIKICAgICAgICAgICAgICB9CiAgICAgICAgICAgIH0KICAgICAgICAgIH0KICAgICAgICBdCiAgICAgIH0sCiAgICAgICJnZW5lcmF0ZS1zYm9tIjogewogICAgICAgICJuYW1lIjogImdlbmVyYXRlLXNib20iLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAic2VjcmV0LXNjYW4iOiB7CiAgICAgICAgIm5hbWUiOiAic2VjcmV0LXNjYW4iLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAid2ViaG9vayI6IHsKICAgICAgICAibmFtZSI6ICJ3ZWJob29rIiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXRodWJ3ZWJob29rL3YwLjEiLAogICAgICAgICAgICAicmVnb3BvbGljaWVzIjogWwogICAgICAgICAgICAgIHsKICAgICAgICAgICAgICAgICJuYW1lIjogImV4cGVjdGVkIGFwcHJvdmFsIiwKICAgICAgICAgICAgICAgICJtb2R1bGUiOiAiY0dGamEyRm5aU0J3Y2w5eVpYWnBaWGNLQ21SbGJubGJiWE5uWFNCN0NnbHBibkIxZEM1bGRtVnVkQ0FoUFNBaWNIVnNiRjl5WlhGMVpYTjBYM0psZG1sbGR5SUtDVzF6WnlBNlBTQWlibTkwSUdFZ2NISWdjbVYyYVdWM0lncDlDZ3BrWlc1NVcyMXpaMTBnZXdvSmFXNXdkWFF1Y0dGNWJHOWhaQzVoWTNScGIyNGdJVDBnSW5OMVltMXBkSFJsWkNJS0NXMXpaeUE2UFNBaWJtOTBJR0VnYzNWaWJXbDBkR1ZrSUhCeUlncDlDZ3BrWlc1NVcyMXpaMTBnZXdvSmFXNXdkWFF1Y0dGNWJHOWhaQzV5WlhacFpYY3VjM1JoZEdVZ0lUMGdJbUZ3Y0hKdmRtVmtJZ29KYlhObklEbzlJQ0p1YjNRZ1lXNGdZWEJ3Y205MlpXUWdjSElpQ24wSyIKICAgICAgICAgICAgICB9CiAgICAgICAgICAgIF0KICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJwdWJsaWNrZXkiLAogICAgICAgICAgICAicHVibGlja2V5aWQiOiAiNjUxNmQwODEyY2I1YTBkMDFmN2YwMTRmODhlMDRjNWQ0YzJkODlhNjRlNzg4YTEyOTUwYmE5NTBmYjQzZWY0NSIKICAgICAgICAgIH0KICAgICAgICBdCiAgICAgIH0KICAgIH0sCiAgICAicHVibGlja2V5cyI6IHsKICAgICAgIjY1MTZkMDgxMmNiNWEwZDAxZjdmMDE0Zjg4ZTA0YzVkNGMyZDg5YTY0ZTc4OGExMjk1MGJhOTUwZmI0M2VmNDUiOiB7CiAgICAgICAgImtleWlkIjogIjY1MTZkMDgxMmNiNWEwZDAxZjdmMDE0Zjg4ZTA0YzVkNGMyZDg5YTY0ZTc4OGExMjk1MGJhOTUwZmI0M2VmNDUiLAogICAgICAgICJrZXkiOiAiTFMwdExTMUNSVWRKVGlCUVZVSk1TVU1nUzBWWkxTMHRMUzBLVFVsSlFrbHFRVTVDWjJ0eGFHdHBSemwzTUVKQlVVVkdRVUZQUTBGUk9FRk5TVWxDUTJkTFEwRlJSVUYyWVdoeVFVcEROWE5sWTJ4dVdFbHFRMk40TmdwS2NHa3hRVzFsV1c5RlFWVm1hbmxLUjJJNWNIcFJRVTR2VDNCaGNqWnJhbTFNT1U5amEycG1kVzFhU1ZscGJYbzNRMkpxWjFkNlZHc3ZPV0YyVTFCakNtWmlhekJRUkVkS2NFcEpUamhOWkhCNlVXczBhWGxuS3l0Mk5EWTJaVWhEU1hweVZFeFljVUpEUjIxU2ExaHlTRkJKUWtsRWF6VjVia2t3ZUVWNmFuTUtjVUZHYUVGNlkydEpWRlp0WTJWNFRFNDBlbWh6T0dsR2NYUnhabVZ4UzBWTU0zTlFVV1pQVDNCelRGWkZjQzlNUjNoNEsyVnBkR1puTDJaUFdVMXBNd3BrZFVrM09EZE5iR2N3VUM5U05XTndhalJCZUdKV2QxTjNUM2h6ZVZCblRrWlNTMVZwZDAxM09WbDZLMjFsY1hsNVJHUk9lRGRuY2pCNlYwbFZhR3Q2Q2xCUVVqZ3lNVk5XTTBaT2FISmplbU5TUjIweWR5dDFZemxEY2lzNVZYQmpURUZ0TDNNeE9YVjRZakIxVldrMWVGUlRSR1JDVkM4ME9GRnZOakZTTVZRS1ZWRkpSRUZSUVVJS0xTMHRMUzFGVGtRZ1VGVkNURWxESUV0RldTMHRMUzB0Q2c9PSIKICAgICAgfQogICAgfSwKICAgICJyb290cyI6IHsKICAgICAgImRjZjE2NmVlYmU3Y2JkOTc2MDk0N2E4ODIxM2Q5NGU2NTYzNDljNjQ3ZDQzOTU2OWRjNzZhMjc1ZjA1YjcxNTkiOiB7CiAgICAgICAgImNlcnRpZmljYXRlIjogIkxTMHRMUzFDUlVkSlRpQkRSVkpVU1VaSlEwRlVSUzB0TFMwdENrMUpTVU5IYWtORFFXRkhaMEYzU1VKQlowbFZRVXh1Vm1sV1ptNVZNR0p5U21GemJWSnJTSEp1TDFWdVptRlJkME5uV1VsTGIxcEplbW93UlVGM1RYY0tTMnBGVmsxQ1RVZEJNVlZGUTJoTlRXTXliRzVqTTFKMlkyMVZkVnBIVmpKTlVrVjNSSGRaUkZaUlVVUkZkMmg2WVZka2VtUkhPWGxhVkVGbFJuY3dlUXBOYWtFd1RWUk5lVTFFUVRKTlZGWmhSbmN3ZWsxVVJYZE5SRlY0VFhwVk1rNVVhR0ZOUkdONFJsUkJWRUpuVGxaQ1FXOVVSRWhPY0ZvelRqQmlNMHBzQ2t4dFVteGtha1ZsVFVKM1IwRXhWVVZCZUUxV1l6SnNibU16VW5aamJWVjBZVmMxTUZwWVNuUmFWMUp3V1ZoU2JFMUlXWGRGUVZsSVMyOWFTWHBxTUVNS1FWRlpSa3MwUlVWQlEwbEVXV2RCUlRoU1ZsTXZlWE5JSzA1UGRuVkVXbmxRU1ZwMGFXeG5WVVk1VG14aGNsbHdRV1E1U0ZBeGRrSkNTREZWTlVOV053bzNURk5UTjNNd1dtbElORzVGTjBoMk4zQjBVelpNZG5aU0wxTlVhemM1T0V4V1owMTZUR3hLTkVobFNXWkdNM1JJVTJGbGVFeGpXWEJUUVZOeU1XdFRDakJPTDFKblFrcDZMemxxVjBOcFdHNXZNM04zWlZSQlQwSm5UbFpJVVRoQ1FXWTRSVUpCVFVOQlVWbDNSWGRaUkZaU01HeENRWGQzUTJkWlNVdDNXVUlLUWxGVlNFRjNUWGRGWjFsRVZsSXdWRUZSU0M5Q1FXZDNRbWRGUWk5M1NVSkJSRUZrUW1kT1ZraFJORVZHWjFGVk16bFFjSG94V1d0RldtSTFjVTVxY0FwTFJsZHBlR2swV1ZwRU9IZElkMWxFVmxJd2FrSkNaM2RHYjBGVlYwMUJaVmcxUmtad1YyRndaWE41VVc5YVRXa3dRM0pHZUdadmQwTm5XVWxMYjFwSkNucHFNRVZCZDAxRVduZEJkMXBCU1hkUVEzTlJTelJFV1dsYVdVUlFTV0ZFYVRWSVJrdHVabmhZZURaQlUxTldiVVZTWm5ONWJsbENhVmd5V0RaVFNsSUtibHBWT0RRdk9VUmFaRzVHZG5aNGJVRnFRazkwTmxGd1FteGpORW92TUVSNGRtdFVRM0Z3WTJ4MmVtbE1Oa0pEUTFCdWFtUnNTVUl6VUhVelFuaHpVQXB0ZVdkVldUZEphVEo2WW1SRFpHeHBhVzkzUFFvdExTMHRMVVZPUkNCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2dvPSIsCiAgICAgICAgImludGVybWVkaWF0ZXMiOiBbCiAgICAgICAgICAiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVSTVla05EUVZoNVowRjNTVUpCWjBsVlFVeGFUa0ZRUm1SNFNGQjNhbVZFYkc5RWQzbFpRMmhCVHk4MGQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1MycEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWtWM1JIZFpSRlpSVVVSRmQyaDZZVmRrZW1SSE9YbGFWRUZsUm5jd2VRcE5WRVYzVFVSamVFMTZWVEpPVkd4aFJuY3dlazFVUlhkTlJGVjRUWHBWTWs1VWFHRk5RMjk0UmxSQlZFSm5UbFpDUVc5VVJFaE9jRm96VGpCaU0wcHNDa3h0VW14a2FrVlNUVUU0UjBFeFZVVkJlRTFKWXpKc2JtTXpVblpqYlZWM1pHcEJVVUpuWTNGb2EycFBVRkZKUWtKblZYSm5VVkZCU1dkT2FVRkJWRGNLV0dWR1ZEUnlZak5RVVVkM1V6UkpZV3AwVEdzekwwOXNibkJuWVc1bllVSmpiRmx3YzFsQ2NqVnBLelI1YmtJd04yTmxZak5NVURCUFNVOWFaSGhsZUFwWU5qbGpOV2xXZFhsS1VsRXJTSG93TlhscEsxVkdNM1ZDVjBGc1NIQnBVelZ6YURBclNESkhTRVUzVTFoeWF6RkZRelZ0TVZSeU1UbE1PV2RuT1RKcUNsbDZRbWhOUVRSSFFURlZaRVIzUlVJdmQxRkZRWGRKUWtKcVFWQkNaMDVXU0ZKTlFrRm1PRVZDVkVGRVFWRklMMDFDTUVkQk1WVmtSR2RSVjBKQ1Vsa0tkMEkxWm10VlYyeGFjV3cyZWtwRGFHdDVURkZMYzFoR0sycEJaa0puVGxaSVUwMUZSMFJCVjJkQ1VsbDNRalZtYTFWWGJGcHhiRFo2U2tOb2EzbE1VUXBMYzFoR0sycEJTMEpuWjNGb2EycFBVRkZSUkVGM1RuQkJSRUp0UVdwRlFXb3hia2hsV0Zwd0t6RXpUbGRDVG1FclJVUnpSRkE0UnpGWFYyY3hkRU5OQ2xkUUwxZElVSEZ3WVZadk1HcG9jM2RsVGtaYVoxTnpNR1ZGTjNkWlNUUnhRV3BGUVRKWFFqbHZkRGs0YzBscmIwWXpkbHBaWkdRekwxWjBWMEkxWWprS1ZFNU5aV0UzU1hndmMzUktOVlJtWTB4TVpVRkNURVUwUWs1S1QzTlJOSFp1UWtoS0NpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyIKICAgICAgICBdCiAgICAgIH0KICAgIH0sCiAgICAidGltZXN0YW1wYXV0aG9yaXRpZXMiOiB7CiAgICAgICJmcmVldHNhIjogewogICAgICAgICJjZXJ0aWZpY2F0ZSI6ICJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VndmVrTkRRbVZsWjBGM1NVSkJaMGxLUVUxSWNHaG9XVTV4VDIxQlRVRXdSME5UY1VkVFNXSXpSRkZGUWtSUlZVRk5TVWRXVFZKRmQwUjNXVVFLVmxGUlMwVjNhRWRqYlZac1NVWlNWRkZVUlZGTlFUUkhRVEZWUlVONFRVaFZiVGwyWkVOQ1JGRlVSVmxOUWxsSFFURlZSVUY0VFZCa00yUXpURzFhZVFwYVYxWXdZekpGZFdJelNtNU5VMGwzU1VGWlNrdHZXa2xvZG1OT1FWRnJRa1pvVG1sa1dFNXdZa2RXTmxsWVRrRmFNakZvWVZkM2RWa3lPWFJOVWtsM0NrVkJXVVJXVVZGSVJYZHNXR1JYVm5sbGJVb3hZMjFqZUVSNlFVNUNaMDVXUWtGblZFSnJTbWhsVjFaNVltcEZURTFCYTBkQk1WVkZRbWhOUTFKRlZYY0tTR2hqVGsxVVdYZE5la1Y2VFVSRk1VMXFSWHBYYUdOT1RrUkZkMDE2UVROTlJFVXhUV3BGZWxkcVEwSnNWRVZTVFVFNFIwRXhWVVZEYUUxSlVtNUtiQXBhVTBKVlZUQkZlRVZFUVU5Q1owNVdRa0Z6VkVJeFNuWmlNMUZuVVRCRmVFZEVRVmRDWjA1V1FrRk5WRVF6WkROa2VUVnRZMjFXYkdSSVRtaE1iVGw1Q2xwNlJXbE5RMEZIUTFOeFIxTkpZak5FVVVWS1FWSlpWRmx1Vm5waFYzaHNaVzFHZWxGSFpIUlpWMnh6VEcxT2RtSlVSVk5OUWtGSFFURlZSVUo0VFVvS1ZqTldiR051Y0dsa1dFcHVUVkU0ZDBSUldVUldVVkZKUlhkYVExbFliR3hqYlRSNFEzcEJTa0puVGxaQ1FWbFVRV3RTUmsxSlNVTkpha0ZPUW1kcmNRcG9hMmxIT1hjd1FrRlJSVVpCUVU5RFFXYzRRVTFKU1VORFowdERRV2RGUVhSblMwOUVha0Y1T0ZKRlVUSlhWRTV4VlhWa1FXNXFhR3hEY25CRk5uRnNDbTFSWms1d2NHVlViVloyV25KSU5IcDFkRzRyVG5kVVlVaEJSM0JxVTBkMk5DOVhVbkJhTVhkYU0wSlNXalZ0VUZWQ1dubE1aM0V3V1hKSlpsRTFSbmdLTUhNdlRWSmFVSHBqTVhJemJFdFhjazFTT1hOQlVYZzBiVTQwZWpFeGVFWkZUelV5T1V3d1pFWkthbEJHT1UxRU9FZHdaREptWlZkNlIzbHdkR3hsYkFwaUsxQnhWQ3NySzJaUFlUSnZXVEFyVG1GTlRUZHNMM2hqVGtoUVQyRk5lakF2TW05c2F6QnBNakpvWWt0bFZtaDJiMnRRUTNGb1JtaDZjM1ZvUzNOdENuRTBUMll2Ynl0ME5tUkpOM040Tldnd2JsQk5iVFJuUjFOU2FHWnhLM28yUWxSU1owTnljVkZITWtaUFRHOVdSbWQwTm1sSmJTOUNiazVtWmxWeU4xWUtSRmxrTTNwYWJVbDNSazlxTDBnelJFdEliMGRwYXk5NFN6TkZPREpaUVRKYWRXeFdUMFpTVnk5NmFqUkJjR3BRWVRWUFJtSndTV3RrTUhCdGVuaDZaQXBGWTB3ME56bG9VMEU1WkVacGVWWnRVM2hRZEZrMWVtVXhVQ3RDUlRsaVRWVXhVRk5qY0ZKNmR6aE5TRVpZZUhsTGNWY3hNMUYyTjB4WGR6UnpZbXN6Q2xOamFVSTNSMEZEWWxGcFZrZDZaMnQyV0VjMmVUZzFTRTkxZGxkT2RrTTFSMHhUYVhsUU9VZHNVRUl3VmpZNGRHSjRlalJLVmxSU1pIY3ZXRzR2V0ZRS1JrNTZVa0pOTTJOeE9HeENUMEZXZEM5UVFWZzFLM1ZHWTNZeFV6bDNSa1U0V1dwaFFtWlhRMUF4YW1SQ2FXd3JZelJsS3pCMFpIbDNWREp2U20xWlFncENSaTlyUlhReGQyMUhkMDF0U0hWdVRrVjFVVTU2YURGR2RFcFpOVFJvWWxWbWFWZHBNemh0UVZORk4zaE5kRTFvWm1vdlF6UlRkbUZ3YVVST09ETTNDbWRaWVZCbWN6aDRNMHRhZUdKWU4wTXpXVUZ6Um01S2FXNXNkMEZWYzNNeFptUkxZWEk0VVM5WlZuTTNTQzl1VlRSak5FbDRlSGg2TkdZMk4yWmpWbkVLVFRKSlZFdGxiblJpUTAxRFFYZEZRVUZoVDBOQmF6UjNaMmRLUzAxQmQwZEJNVlZrUlhkUlJrMUJUVUpCWmpoM1JHZFpSRlpTTUZCQlVVZ3ZRa0ZSUkFwQlowaEhUVUl3UjBFeFZXUkVaMUZYUWtKVU5sWlJNazFPUjFwU1VUQjZNelUzVDI1aVNsZDJaWFZoYTJ4NlEwSjVaMWxFVmxJd2FrSkpTRU5OU1VjdkNtZENWRFpXVVRKTlRrZGFVbEV3ZWpNMU4wOXVZa3BYZG1WMVlXdHNOa2RDYlRaVFFtMUVRMEpzVkVWU1RVRTRSMEV4VlVWRGFFMUpVbTVLYkZwVFFsVUtWVEJGZUVWRVFVOUNaMDVXUWtGelZFSXhTblppTTFGblVUQkZlRWRFUVZkQ1owNVdRa0ZOVkVRelpETmtlVFZ0WTIxV2JHUklUbWhNYlRsNVducEZhUXBOUTBGSFExTnhSMU5KWWpORVVVVktRVkpaVkZsdVZucGhWM2hzWlcxR2VsRkhaSFJaVjJ4elRHMU9kbUpVUlZOTlFrRkhRVEZWUlVKNFRVcFdNMVpzQ21OdWNHbGtXRXB1VFZFNGQwUlJXVVJXVVZGSlJYZGFRMWxZYkd4amJUUjRRM3BCU2tKblRsWkNRVmxVUVd0U1JtZG5hMEYzWlcxSFJtY3lielpaUVhjS1RYZFpSRlpTTUdaQ1EzZDNTMnBCYjI5RFlXZEtTVmxwWVVoU01HTkViM1pNTTJRelpIazFiV050Vm14a1NFNW9URzA1ZVZwNU9YbGlNamt3V0RKT2FBcE1iVTU1WWtSRFFucDNXVVJXVWpCblFrbElTRTFKU0VWTlNVaENRbWR2Y2tKblJVVkJXVWg1U2tGRlFrMUpSM2xOUkUxSFEwTnpSMEZSVlVaQ2QwbENDa1pwWkc5a1NGSjNUMms0ZG1RelpETk1iVnA1V2xkV01HTXlSWFZpTTBwdVRESmFlVnBYVmpCak1rWm1XVE5DZWt4dGFEQmlWM2QzVFdkWlNVdDNXVUlLUWxGVlNFRm5SVmRLYldnd1pFaEJOa3g1T1ROa00yTjFXbTVLYkZwWVVucFpVelYyWTIxamRscHVTbXhhV0ZKNldWWTVhbU5JVFhWalIxSnRUVVZqUndwRFEzTkhRVkZWUmtKM1NVTk5SSE5oVDFWYWVWcFhWbFZWTUVWblpFaEtNV016VW14YVEwSXdZVmN4YkdNelVtaGlXRUp3WW0xaloxVXlPVzFrU0dSb0NtTnRWV2RaV0UxbldWTkNWRnBZU2pKaFYwNXNTVU5vVkZsWFJsUkxWRUV6UW1kbmNrSm5SVVpDVVdOQ1FWRlJjazFEYTNkS2QxbEpTM2RaUWtKUlZVZ0tUVUZIUjBjeWFEQmtTRUUyVEhrNU0yUXpZM1ZhYmtwc1dsaFNlbGxUTlhaamJXTTJUV3BWTWsxRVFVNUNaMnR4YUd0cFJ6bDNNRUpCVVRCR1FVRlBRd3BCWjBWQllVczVLM1kxVDBaWmRUbE5ObnAwV1VNclREWTVjM2N4YjIxa2VXeHBPRGxzV2tGbWNGZE5UV2c1UTFKdFNtaE5Oa3RDY1UwdmFYQjNiMHgwQ201NGVYaEhjMkpEVUdoalVXcDFWSFo2YlN0NWJFNDJWbmRVVFcxSmJGWjVWbE5NUzFsYVkyUlRhblF2WlVOVlRpczBNVXMzYzBRM1IxWnRlRnBDUVVZS1NVeHVRa1J0VkVkS2JVeHJjbFV3UzNWMVNYQnFPR3hKTDBVMldqWk9ibTExVURJclVrRlJVMGh6WmtKUmFUWnpjM051V0Uxdk5FaFBWelZuZEZCUE53cG5SSEpWY0ZaWVNVUXJLekZRTkZodVpHdHZTMjQzVTNaM05XNHdlbE01Wm5ZeGFIaENZMWxKU0ZCUVVWVjZaVEoxTXpCaVFWRjBNRzR3YVVsNVVreDZDbUZYZFdoMGNFRjBaRGRtWm5kRllrRlRaM3BDTjBVclRrZEdOSFJ3VmpNM1pUaExhVUV5ZUdsSFUxSnhWRFZ1WkhVeU9HWm5jRTlaT0RkblJETkJjbG9LUkdOMFduWjJWRU5tU0dSQlV6VnJSVTh6WjI1SFIyVmFSVlpNUkcxbVJYTjJPRlJIU21FelFXeHFWbUUxUlRRd1NWRkVjMVZZY0ZGTWFUaEhLMVZETkFveFJGZGFkVGhGVmxRMGNtNVpZVU4zTVZaWU4xTm9UMUl4VUU1RFEzWnFZamhUT0hSbVpIVmtaRGw2YUZVelowVkNNSEo0WkdWVWVURjBWbUpPVEZoWENqazVlVGt3ZUdOM2NqRmFTVVJWZDAwdmVGRXZibTlQT0VaU2FHMHdURzlRUXpjelJXWXJTalJhUW1SeWRsZDNZWFZHTTNwS1pUTXpaRFJwWW5oRlkySUtPQzl3ZWpWWGVrWnJaV2w0V1UweWJuTklhSEZJYzBKTGR6ZEtVRzkxUzA1WVVtNXNOVWxCUlRGbFJtMXhSSGxETjBjdlZsUTNUMFkyTmpsNFRUWm9ZZ3BWZERWSE1qRktSVFJqVGtzMlRrNTFZMU1yWm5wbk1VcFFXREFyTTFab2MxbGFhbW8zUkRWMWJHcFNkbEZZY2tvNGFVaG5jaTlOTm1veWIweElkbFJCQ2treVRVeGtjVEp4YWxwR1JFOURXSE40UW5oS2NHSnRURWRDZURsdmR6WmFaWEpzVlhoNmQzTXlRVmQyTW5CclBRb3RMUzB0TFVWT1JDQkRSVkpVU1VaSlEwRlVSUzB0TFMwdENnPT0iCiAgICAgIH0KICAgIH0KICB9Cg==","payloadType":"https://witness.testifysec.com/policy/v0.1","signatures":[{"keyid":"6516d0812cb5a0d01f7f014f88e04c5d4c2d89a64e788a12950ba950fb43ef45","sig":"aE7CoNIACjB9NWh0UB8epYurGp13Yk7/piVu6Bf86/YMDpW9e+tSFRWkhOScMDMXzfsP06RTWPHh8M3vYTkCAMnZIjQp+j4P7RSrRWP6eLKtZwKCu53lihOJ0az7cv61TtoT7v8AsMaitFH2vmMIiq2L4YCWh3Lir+PmaZzji6wpaO62kPBmlkeDeyQB8nf1hZqfJqJTj0PWQ1ZNjud//2k8GzMpeHAdK3OyAfcb4UMGB6AnVd7Yocz+yBW+lr2/XP5BgGjqI3qvBBY+1CfUKoKDWILvxPD0RNgvZhEWP2X7THKmWQetvh412Xjw9htNrR7IFhafji1tuAooNuCJaA=="}]}
+{"payload":"ewogICAgImV4cGlyZXMiOiAiMjAyNS0xMi0xN1QyMzo1Nzo0MC0wNTowMCIsCiAgICAic3RlcHMiOiB7CiAgICAgICJmbXQiOiB7CiAgICAgICAgIm5hbWUiOiAiZm10IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfSwKICAgICAgInZldCI6IHsKICAgICAgICAibmFtZSI6ICJ2ZXQiLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAibGludCI6IHsKICAgICAgICAibmFtZSI6ICJsaW50IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIsCiAgICAgICAgICAgICJyZWdvcG9saWNpZXMiOiBbCiAgICAgICAgICAgICAgewogICAgICAgICAgICAgICAgIm5hbWUiOiAiZXhwZWN0ZWQgY29tbWFuZCIsCiAgICAgICAgICAgICAgICAibW9kdWxlIjogImNHRmphMkZuWlNCamIyMXRZVzVrY25WdUxtTnRaQW9LWkdWdWVWdHRjMmRkSUhzS0NXbHVjSFYwTG1OdFpDQWhQU0JiSWk5aWFXNHZjMmdpTENBaUxXTWlMQ0FpYUdGa2IyeHBiblFnTFdZZ2MyRnlhV1lnUkc5amEyVnlabWxzWlNBK0lHaGhaRzlzYVc1MExuTmhjbWxtSWwwS0NXMXpaeUE2UFNBaWRXNWxlSEJsWTNSbFpDQmpiV1FpQ24wSyIKICAgICAgICAgICAgICB9CiAgICAgICAgICAgIF0KICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfSwKICAgICAgInVuaXQtdGVzdCI6IHsKICAgICAgICAibmFtZSI6ICJ1bml0LXRlc3QiLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAic2FzdCI6IHsKICAgICAgICAibmFtZSI6ICJzYXN0IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfSwKICAgICAgImJ1aWxkLWltYWdlIjogewogICAgICAgICJuYW1lIjogImJ1aWxkLWltYWdlIiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vc2xzYS5kZXYvcHJvdmVuYW5jZS92MS4wIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvb2NpL3YwLjEiCiAgICAgICAgICB9CiAgICAgICAgXSwKICAgICAgICAiZnVuY3Rpb25hcmllcyI6IFsKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAicm9vdCIsCiAgICAgICAgICAgICJjZXJ0Q29uc3RyYWludCI6IHsKICAgICAgICAgICAgICAiY29tbW9ubmFtZSI6ICIqIiwKICAgICAgICAgICAgICAiZG5zbmFtZXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJlbWFpbHMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJvcmdhbml6YXRpb25zIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAidXJpcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInJvb3RzIjogWwogICAgICAgICAgICAgICAgImRjZjE2NmVlYmU3Y2JkOTc2MDk0N2E4ODIxM2Q5NGU2NTYzNDljNjQ3ZDQzOTU2OWRjNzZhMjc1ZjA1YjcxNTkiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZXh0ZW5zaW9ucyI6IHsKICAgICAgICAgICAgICAgICJpc3N1ZXIiOiAiaHR0cHM6Ly90b2tlbi5hY3Rpb25zLmdpdGh1YnVzZXJjb250ZW50LmNvbSIsCiAgICAgICAgICAgICAgICAic291cmNlX3JlcG9zaXRvcnlfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3N3ZiIsCiAgICAgICAgICAgICAgICAiYnVpbGRfc2lnbmVyX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy93aXRuZXNzLXJ1bi1hY3Rpb24vLmdpdGh1Yi93b3JrZmxvd3Mvd2l0bmVzcy55bWxAcmVmcy9oZWFkcy9yZXVzYWJsZS13b3JrZmxvdyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfc2lnbmVyX2RpZ2VzdCI6ICJkNjZmODllYzg1MzkzOThlZDk5MDRkMWE2MjJiZDAzMDNiZmUzODRjIiwKICAgICAgICAgICAgICAgICJidWlsZF9jb25maWdfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3N3Zi8uZ2l0aHViL3dvcmtmbG93cy9waXBlbGluZS55bWxAcmVmcy9oZWFkcy8qIiwKICAgICAgICAgICAgICAgICJydW5uZXJfZW52aXJvbm1lbnQiOiAiZ2l0aHViLWhvc3RlZCIKICAgICAgICAgICAgICB9CiAgICAgICAgICAgIH0KICAgICAgICAgIH0KICAgICAgICBdCiAgICAgIH0sCiAgICAgICJnZW5lcmF0ZS1zYm9tIjogewogICAgICAgICJuYW1lIjogImdlbmVyYXRlLXNib20iLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAic2VjcmV0LXNjYW4iOiB7CiAgICAgICAgIm5hbWUiOiAic2VjcmV0LXNjYW4iLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAicHVsbF9yZXF1ZXN0X3JldmlldyI6IHsKICAgICAgICAibmFtZSI6ICJwdWxsX3JlcXVlc3RfcmV2aWV3IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXRodWJ3ZWJob29rL3YwLjEiLAogICAgICAgICAgICAicmVnb3BvbGljaWVzIjogWwogICAgICAgICAgICBdCiAgICAgICAgICB9CiAgICAgICAgXSwKICAgICAgICAiZnVuY3Rpb25hcmllcyI6IFsKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAicHVibGlja2V5IiwKICAgICAgICAgICAgInB1YmxpY2tleWlkIjogIjY1MTZkMDgxMmNiNWEwZDAxZjdmMDE0Zjg4ZTA0YzVkNGMyZDg5YTY0ZTc4OGExMjk1MGJhOTUwZmI0M2VmNDUiCiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAicHVsbF9yZXF1ZXN0IjogewogICAgICAgICJuYW1lIjogInB1bGxfcmVxdWVzdCIsCiAgICAgICAgImF0dGVzdGF0aW9ucyI6IFsKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0aHVid2ViaG9vay92MC4xIiwKICAgICAgICAgICAgInJlZ29wb2xpY2llcyI6IFsKICAgICAgICAgICAgXQogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInB1YmxpY2tleSIsCiAgICAgICAgICAgICJwdWJsaWNrZXlpZCI6ICI2NTE2ZDA4MTJjYjVhMGQwMWY3ZjAxNGY4OGUwNGM1ZDRjMmQ4OWE2NGU3ODhhMTI5NTBiYTk1MGZiNDNlZjQ1IgogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfQogICAgfSwKICAgICJwdWJsaWNrZXlzIjogewogICAgICAiNjUxNmQwODEyY2I1YTBkMDFmN2YwMTRmODhlMDRjNWQ0YzJkODlhNjRlNzg4YTEyOTUwYmE5NTBmYjQzZWY0NSI6IHsKICAgICAgICAia2V5aWQiOiAiNjUxNmQwODEyY2I1YTBkMDFmN2YwMTRmODhlMDRjNWQ0YzJkODlhNjRlNzg4YTEyOTUwYmE5NTBmYjQzZWY0NSIsCiAgICAgICAgImtleSI6ICJMUzB0TFMxQ1JVZEpUaUJRVlVKTVNVTWdTMFZaTFMwdExTMEtUVWxKUWtscVFVNUNaMnR4YUd0cFJ6bDNNRUpCVVVWR1FVRlBRMEZST0VGTlNVbENRMmRMUTBGUlJVRjJZV2h5UVVwRE5YTmxZMnh1V0VscVEyTjROZ3BLY0dreFFXMWxXVzlGUVZWbWFubEtSMkk1Y0hwUlFVNHZUM0JoY2pacmFtMU1PVTlqYTJwbWRXMWFTVmxwYlhvM1EySnFaMWQ2Vkdzdk9XRjJVMUJqQ21aaWF6QlFSRWRLY0VwSlRqaE5aSEI2VVdzMGFYbG5LeXQyTkRZMlpVaERTWHB5VkV4WWNVSkRSMjFTYTFoeVNGQkpRa2xFYXpWNWJra3dlRVY2YW5NS2NVRkdhRUY2WTJ0SlZGWnRZMlY0VEU0MGVtaHpPR2xHY1hSeFptVnhTMFZNTTNOUVVXWlBUM0J6VEZaRmNDOU1SM2g0SzJWcGRHWm5MMlpQV1UxcE13cGtkVWszT0RkTmJHY3dVQzlTTldOd2FqUkJlR0pXZDFOM1QzaHplVkJuVGtaU1MxVnBkMDEzT1ZsNksyMWxjWGw1UkdST2VEZG5jakI2VjBsVmFHdDZDbEJRVWpneU1WTldNMFpPYUhKamVtTlNSMjB5ZHl0MVl6bERjaXM1VlhCalRFRnRMM014T1hWNFlqQjFWV2sxZUZSVFJHUkNWQzgwT0ZGdk5qRlNNVlFLVlZGSlJFRlJRVUlLTFMwdExTMUZUa1FnVUZWQ1RFbERJRXRGV1MwdExTMHRDZz09IgogICAgICB9CiAgICB9LAogICAgInJvb3RzIjogewogICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSI6IHsKICAgICAgICAiY2VydGlmaWNhdGUiOiAiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTkhha05EUVdGSFowRjNTVUpCWjBsVlFVeHVWbWxXWm01Vk1HSnlTbUZ6YlZKclNISnVMMVZ1Wm1GUmQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1MycEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWtWM1JIZFpSRlpSVVVSRmQyaDZZVmRrZW1SSE9YbGFWRUZsUm5jd2VRcE5ha0V3VFZSTmVVMUVRVEpOVkZaaFJuY3dlazFVUlhkTlJGVjRUWHBWTWs1VWFHRk5SR040UmxSQlZFSm5UbFpDUVc5VVJFaE9jRm96VGpCaU0wcHNDa3h0VW14a2FrVmxUVUozUjBFeFZVVkJlRTFXWXpKc2JtTXpVblpqYlZWMFlWYzFNRnBZU25SYVYxSndXVmhTYkUxSVdYZEZRVmxJUzI5YVNYcHFNRU1LUVZGWlJrczBSVVZCUTBsRVdXZEJSVGhTVmxNdmVYTklLMDVQZG5WRVdubFFTVnAwYVd4blZVWTVUbXhoY2xsd1FXUTVTRkF4ZGtKQ1NERlZOVU5XTndvM1RGTlROM013V21sSU5HNUZOMGgyTjNCMFV6Wk1kblpTTDFOVWF6YzVPRXhXWjAxNlRHeEtORWhsU1daR00zUklVMkZsZUV4aldYQlRRVk55TVd0VENqQk9MMUpuUWtwNkx6bHFWME5wV0c1dk0zTjNaVlJCVDBKblRsWklVVGhDUVdZNFJVSkJUVU5CVVZsM1JYZFpSRlpTTUd4Q1FYZDNRMmRaU1V0M1dVSUtRbEZWU0VGM1RYZEZaMWxFVmxJd1ZFRlJTQzlDUVdkM1FtZEZRaTkzU1VKQlJFRmtRbWRPVmtoUk5FVkdaMUZWTXpsUWNIb3hXV3RGV21JMWNVNXFjQXBMUmxkcGVHazBXVnBFT0hkSWQxbEVWbEl3YWtKQ1ozZEdiMEZWVjAxQlpWZzFSa1p3VjJGd1pYTjVVVzlhVFdrd1EzSkdlR1p2ZDBObldVbExiMXBKQ25wcU1FVkJkMDFFV25kQmQxcEJTWGRRUTNOUlN6UkVXV2xhV1VSUVNXRkVhVFZJUmt0dVpuaFllRFpCVTFOV2JVVlNabk41YmxsQ2FWZ3lXRFpUU2xJS2JscFZPRFF2T1VSYVpHNUdkblo0YlVGcVFrOTBObEZ3UW14ak5Fb3ZNRVI0ZG10VVEzRndZMngyZW1sTU5rSkRRMUJ1YW1Sc1NVSXpVSFV6UW5oelVBcHRlV2RWV1RkSmFUSjZZbVJEWkd4cGFXOTNQUW90TFMwdExVVk9SQ0JEUlZKVVNVWkpRMEZVUlMwdExTMHRDZ289IiwKICAgICAgICAiaW50ZXJtZWRpYXRlcyI6IFsKICAgICAgICAgICJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VJNWVrTkRRVmg1WjBGM1NVSkJaMGxWUVV4YVRrRlFSbVI0U0ZCM2FtVkViRzlFZDNsWlEyaEJUeTgwZDBObldVbExiMXBKZW1vd1JVRjNUWGNLUzJwRlZrMUNUVWRCTVZWRlEyaE5UV015Ykc1ak0xSjJZMjFWZFZwSFZqSk5Va1YzUkhkWlJGWlJVVVJGZDJoNllWZGtlbVJIT1hsYVZFRmxSbmN3ZVFwTlZFVjNUVVJqZUUxNlZUSk9WR3hoUm5jd2VrMVVSWGROUkZWNFRYcFZNazVVYUdGTlEyOTRSbFJCVkVKblRsWkNRVzlVUkVoT2NGb3pUakJpTTBwc0NreHRVbXhrYWtWU1RVRTRSMEV4VlVWQmVFMUpZekpzYm1NelVuWmpiVlYzWkdwQlVVSm5ZM0ZvYTJwUFVGRkpRa0puVlhKblVWRkJTV2RPYVVGQlZEY0tXR1ZHVkRSeVlqTlFVVWQzVXpSSllXcDBUR3N6TDA5c2JuQm5ZVzVuWVVKamJGbHdjMWxDY2pWcEt6UjVia0l3TjJObFlqTk1VREJQU1U5YVpIaGxlQXBZTmpsak5XbFdkWGxLVWxFclNIb3dOWGxwSzFWR00zVkNWMEZzU0hCcFV6VnphREFyU0RKSFNFVTNVMWh5YXpGRlF6VnRNVlJ5TVRsTU9XZG5PVEpxQ2xsNlFtaE5RVFJIUVRGVlpFUjNSVUl2ZDFGRlFYZEpRa0pxUVZCQ1owNVdTRkpOUWtGbU9FVkNWRUZFUVZGSUwwMUNNRWRCTVZWa1JHZFJWMEpDVWxrS2QwSTFabXRWVjJ4YWNXdzJla3BEYUd0NVRGRkxjMWhHSzJwQlprSm5UbFpJVTAxRlIwUkJWMmRDVWxsM1FqVm1hMVZYYkZweGJEWjZTa05vYTNsTVVRcExjMWhHSzJwQlMwSm5aM0ZvYTJwUFVGRlJSRUYzVG5CQlJFSnRRV3BGUVdveGJraGxXRnB3S3pFelRsZENUbUVyUlVSelJGQTRSekZYVjJjeGRFTk5DbGRRTDFkSVVIRndZVlp2TUdwb2MzZGxUa1phWjFOek1HVkZOM2RaU1RSeFFXcEZRVEpYUWpsdmREazRjMGxyYjBZemRscFpaR1F6TDFaMFYwSTFZamtLVkU1TlpXRTNTWGd2YzNSS05WUm1ZMHhNWlVGQ1RFVTBRazVLVDNOUk5IWnVRa2hLQ2kwdExTMHRSVTVFSUVORlVsUkpSa2xEUVZSRkxTMHRMUzBLIgogICAgICAgIF0KICAgICAgfQogICAgfSwKICAgICJ0aW1lc3RhbXBhdXRob3JpdGllcyI6IHsKICAgICAgImZyZWV0c2EiOiB7CiAgICAgICAgImNlcnRpZmljYXRlIjogIkxTMHRMUzFDUlVkSlRpQkRSVkpVU1VaSlEwRlVSUzB0TFMwdENrMUpTVWd2ZWtORFFtVmxaMEYzU1VKQlowbEtRVTFJY0dob1dVNXhUMjFCVFVFd1IwTlRjVWRUU1dJelJGRkZRa1JSVlVGTlNVZFdUVkpGZDBSM1dVUUtWbEZSUzBWM2FFZGpiVlpzU1VaU1ZGRlVSVkZOUVRSSFFURlZSVU40VFVoVmJUbDJaRU5DUkZGVVJWbE5RbGxIUVRGVlJVRjRUVkJrTTJRelRHMWFlUXBhVjFZd1l6SkZkV0l6U201TlUwbDNTVUZaU2t0dldrbG9kbU5PUVZGclFrWm9UbWxrV0U1d1lrZFdObGxZVGtGYU1qRm9ZVmQzZFZreU9YUk5Va2wzQ2tWQldVUldVVkZJUlhkc1dHUlhWbmxsYlVveFkyMWplRVI2UVU1Q1owNVdRa0ZuVkVKclNtaGxWMVo1WW1wRlRFMUJhMGRCTVZWRlFtaE5RMUpGVlhjS1NHaGpUazFVV1hkTmVrVjZUVVJGTVUxcVJYcFhhR05PVGtSRmQwMTZRVE5OUkVVeFRXcEZlbGRxUTBKc1ZFVlNUVUU0UjBFeFZVVkRhRTFKVW01S2JBcGFVMEpWVlRCRmVFVkVRVTlDWjA1V1FrRnpWRUl4U25aaU0xRm5VVEJGZUVkRVFWZENaMDVXUWtGTlZFUXpaRE5rZVRWdFkyMVdiR1JJVG1oTWJUbDVDbHA2UldsTlEwRkhRMU54UjFOSllqTkVVVVZLUVZKWlZGbHVWbnBoVjNoc1pXMUdlbEZIWkhSWlYyeHpURzFPZG1KVVJWTk5Ra0ZIUVRGVlJVSjRUVW9LVmpOV2JHTnVjR2xrV0VwdVRWRTRkMFJSV1VSV1VWRkpSWGRhUTFsWWJHeGpiVFI0UTNwQlNrSm5UbFpDUVZsVVFXdFNSazFKU1VOSmFrRk9RbWRyY1Fwb2EybEhPWGN3UWtGUlJVWkJRVTlEUVdjNFFVMUpTVU5EWjB0RFFXZEZRWFJuUzA5RWFrRjVPRkpGVVRKWFZFNXhWWFZrUVc1cWFHeERjbkJGTm5Gc0NtMVJaazV3Y0dWVWJWWjJXbkpJTkhwMWRHNHJUbmRVWVVoQlIzQnFVMGQyTkM5WFVuQmFNWGRhTTBKU1dqVnRVRlZDV25sTVozRXdXWEpKWmxFMVJuZ0tNSE12VFZKYVVIcGpNWEl6YkV0WGNrMVNPWE5CVVhnMGJVNDBlakV4ZUVaRlR6VXlPVXd3WkVaS2FsQkdPVTFFT0Vkd1pESm1aVmQ2UjNsd2RHeGxiQXBpSzFCeFZDc3JLMlpQWVRKdldUQXJUbUZOVFRkc0wzaGpUa2hRVDJGTmVqQXZNbTlzYXpCcE1qSm9Za3RsVm1oMmIydFFRM0ZvUm1oNmMzVm9TM050Q25FMFQyWXZieXQwTm1SSk4zTjROV2d3YmxCTmJUUm5SMU5TYUdaeEszbzJRbFJTWjBOeWNWRkhNa1pQVEc5V1JtZDBObWxKYlM5Q2JrNW1abFZ5TjFZS1JGbGtNM3BhYlVsM1JrOXFMMGd6UkV0SWIwZHBheTk0U3pORk9ESlpRVEphZFd4V1QwWlNWeTk2YWpSQmNHcFFZVFZQUm1Kd1NXdGtNSEJ0ZW5oNlpBcEZZMHcwTnpsb1UwRTVaRVpwZVZadFUzaFFkRmsxZW1VeFVDdENSVGxpVFZVeFVGTmpjRko2ZHpoTlNFWlllSGxMY1ZjeE0xRjJOMHhYZHpSelltc3pDbE5qYVVJM1IwRkRZbEZwVmtkNloydDJXRWMyZVRnMVNFOTFkbGRPZGtNMVIweFRhWGxRT1Vkc1VFSXdWalk0ZEdKNGVqUktWbFJTWkhjdldHNHZXRlFLUms1NlVrSk5NMk54T0d4Q1QwRldkQzlRUVZnMUszVkdZM1l4VXpsM1JrVTRXV3BoUW1aWFExQXhhbVJDYVd3cll6UmxLekIwWkhsM1ZESnZTbTFaUWdwQ1JpOXJSWFF4ZDIxSGQwMXRTSFZ1VGtWMVVVNTZhREZHZEVwWk5UUm9ZbFZtYVZkcE16aHRRVk5GTjNoTmRFMW9abW92UXpSVGRtRndhVVJPT0RNM0NtZFpZVkJtY3poNE0wdGFlR0pZTjBNeldVRnpSbTVLYVc1c2QwRlZjM014Wm1STFlYSTRVUzlaVm5NM1NDOXVWVFJqTkVsNGVIaDZOR1kyTjJaalZuRUtUVEpKVkV0bGJuUmlRMDFEUVhkRlFVRmhUME5CYXpSM1oyZEtTMDFCZDBkQk1WVmtSWGRSUmsxQlRVSkJaamgzUkdkWlJGWlNNRkJCVVVndlFrRlJSQXBCWjBoSFRVSXdSMEV4VldSRVoxRlhRa0pVTmxaUk1rMU9SMXBTVVRCNk16VTNUMjVpU2xkMlpYVmhhMng2UTBKNVoxbEVWbEl3YWtKSlNFTk5TVWN2Q21kQ1ZEWldVVEpOVGtkYVVsRXdlak0xTjA5dVlrcFhkbVYxWVd0c05rZENiVFpUUW0xRVEwSnNWRVZTVFVFNFIwRXhWVVZEYUUxSlVtNUtiRnBUUWxVS1ZUQkZlRVZFUVU5Q1owNVdRa0Z6VkVJeFNuWmlNMUZuVVRCRmVFZEVRVmRDWjA1V1FrRk5WRVF6WkROa2VUVnRZMjFXYkdSSVRtaE1iVGw1V25wRmFRcE5RMEZIUTFOeFIxTkpZak5FVVVWS1FWSlpWRmx1Vm5waFYzaHNaVzFHZWxGSFpIUlpWMnh6VEcxT2RtSlVSVk5OUWtGSFFURlZSVUo0VFVwV00xWnNDbU51Y0dsa1dFcHVUVkU0ZDBSUldVUldVVkZKUlhkYVExbFliR3hqYlRSNFEzcEJTa0puVGxaQ1FWbFVRV3RTUm1kbmEwRjNaVzFIUm1jeWJ6WlpRWGNLVFhkWlJGWlNNR1pDUTNkM1MycEJiMjlEWVdkS1NWbHBZVWhTTUdORWIzWk1NMlF6WkhrMWJXTnRWbXhrU0U1b1RHMDVlVnA1T1hsaU1qa3dXREpPYUFwTWJVNTVZa1JEUW5wM1dVUldVakJuUWtsSVNFMUpTRVZOU1VoQ1FtZHZja0puUlVWQldVaDVTa0ZGUWsxSlIzbE5SRTFIUTBOelIwRlJWVVpDZDBsQ0NrWnBaRzlrU0ZKM1QyazRkbVF6WkROTWJWcDVXbGRXTUdNeVJYVmlNMHB1VERKYWVWcFhWakJqTWtabVdUTkNla3h0YURCaVYzZDNUV2RaU1V0M1dVSUtRbEZWU0VGblJWZEtiV2d3WkVoQk5reDVPVE5rTTJOMVdtNUtiRnBZVW5wWlV6VjJZMjFqZGxwdVNteGFXRko2V1ZZNWFtTklUWFZqUjFKdFRVVmpSd3BEUTNOSFFWRlZSa0ozU1VOTlJITmhUMVZhZVZwWFZsVlZNRVZuWkVoS01XTXpVbXhhUTBJd1lWY3hiR016VW1oaVdFSndZbTFqWjFVeU9XMWtTR1JvQ21OdFZXZFpXRTFuV1ZOQ1ZGcFlTakpoVjA1c1NVTm9WRmxYUmxSTFZFRXpRbWRuY2tKblJVWkNVV05DUVZGUmNrMURhM2RLZDFsSlMzZFpRa0pSVlVnS1RVRkhSMGN5YURCa1NFRTJUSGs1TTJRelkzVmFia3BzV2xoU2VsbFROWFpqYldNMlRXcFZNazFFUVU1Q1oydHhhR3RwUnpsM01FSkJVVEJHUVVGUFF3cEJaMFZCWVVzNUszWTFUMFpaZFRsTk5ucDBXVU1yVERZNWMzY3hiMjFrZVd4cE9EbHNXa0ZtY0ZkTlRXZzVRMUp0U21oTk5rdENjVTB2YVhCM2IweDBDbTU0ZVhoSGMySkRVR2hqVVdwMVZIWjZiU3Q1YkU0MlZuZFVUVzFKYkZaNVZsTk1TMWxhWTJSVGFuUXZaVU5WVGlzME1VczNjMFEzUjFadGVGcENRVVlLU1V4dVFrUnRWRWRLYlV4cmNsVXdTM1YxU1hCcU9HeEpMMFUyV2paT2JtMTFVRElyVWtGUlUwaHpaa0pSYVRaemMzTnVXRTF2TkVoUFZ6Vm5kRkJQTndwblJISlZjRlpZU1VRckt6RlFORmh1Wkd0dlMyNDNVM1ozTlc0d2VsTTVabll4YUhoQ1kxbEpTRkJRVVZWNlpUSjFNekJpUVZGME1HNHdhVWw1VWt4NkNtRlhkV2gwY0VGMFpEZG1abmRGWWtGVFozcENOMFVyVGtkR05IUndWak0zWlRoTGFVRXllR2xIVTFKeFZEVnVaSFV5T0dabmNFOVpPRGRuUkROQmNsb0tSR04wV25aMlZFTm1TR1JCVXpWclJVOHpaMjVIUjJWYVJWWk1SRzFtUlhOMk9GUkhTbUV6UVd4cVZtRTFSVFF3U1ZGRWMxVlljRkZNYVRoSEsxVkROQW94UkZkYWRUaEZWbFEwY201WllVTjNNVlpZTjFOb1QxSXhVRTVEUTNacVlqaFRPSFJtWkhWa1pEbDZhRlV6WjBWQ01ISjRaR1ZVZVRGMFZtSk9URmhYQ2prNWVUa3dlR04zY2pGYVNVUlZkMDB2ZUZFdmJtOVBPRVpTYUcwd1RHOVFRemN6UldZclNqUmFRbVJ5ZGxkM1lYVkdNM3BLWlRNelpEUnBZbmhGWTJJS09DOXdlalZYZWtaclpXbDRXVTB5Ym5OSWFIRkljMEpMZHpkS1VHOTFTMDVZVW01c05VbEJSVEZsUm0xeFJIbEROMGN2VmxRM1QwWTJOamw0VFRab1lncFZkRFZITWpGS1JUUmpUa3MyVGs1MVkxTXJabnBuTVVwUVdEQXJNMVpvYzFsYWFtbzNSRFYxYkdwU2RsRllja280YVVobmNpOU5ObW95YjB4SWRsUkJDa2t5VFV4a2NUSnhhbHBHUkU5RFdITjRRbmhLY0dKdFRFZENlRGx2ZHpaYVpYSnNWWGg2ZDNNeVFWZDJNbkJyUFFvdExTMHRMVVZPUkNCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2c9PSIKICAgICAgfQogICAgfQogIH0K","payloadType":"https://witness.testifysec.com/policy/v0.1","signatures":[{"keyid":"6516d0812cb5a0d01f7f014f88e04c5d4c2d89a64e788a12950ba950fb43ef45","sig":"FTNcX2Sx4rlopANUzWIX2k+y1s2RJDnKuh9E5x2XuQ7/J96sztiZqLm0yoLBsLRu04MrdsXIn8MTdfltS7sp0aGvfnEW8v6Wnyw8vlAbJe5TyEuQAlZohkZhywTDClN9OEMjjPgXtRzVvUZgB2wfswX7Bw+pNbaqiO23OHxjmJj16UJIKlul4fOHGLx32z/FhNQ9CXfxtpgKCBv6IHMZFa+8n1PtWkL+JLDPmPvC/C7UIajZdnb6UYes+eANkQLXdabcuzBjfoBpfZdSCTeKXPgEoiJAOrG7CeqUm+DVdjpjW9vR97flKAe3OwcLrOT4qx/GRVLz97UPtl3Dy8sAtQ=="}]}
diff --git a/policy.json b/policy.json
index f43de42..9ea8a63 100644
--- a/policy.json
+++ b/policy.json
@@ -421,16 +421,28 @@
           }
         ]
       },
-      "webhook": {
-        "name": "webhook",
+      "pull_request_review": {
+        "name": "pull_request_review",
+        "attestations": [
+          {
+            "type": "https://witness.dev/attestations/githubwebhook/v0.1",
+            "regopolicies": [
+            ]
+          }
+        ],
+        "functionaries": [
+          {
+            "type": "publickey",
+            "publickeyid": "6516d0812cb5a0d01f7f014f88e04c5d4c2d89a64e788a12950ba950fb43ef45"
+          }
+        ]
+      },
+      "pull_request": {
+        "name": "pull_request",
         "attestations": [
           {
             "type": "https://witness.dev/attestations/githubwebhook/v0.1",
             "regopolicies": [
-              {
-                "name": "expected approval",
-                "module": "cGFja2FnZSBwcl9yZXZpZXcKCmRlbnlbbXNnXSB7CglpbnB1dC5ldmVudCAhPSAicHVsbF9yZXF1ZXN0X3JldmlldyIKCW1zZyA6PSAibm90IGEgcHIgcmV2aWV3Igp9CgpkZW55W21zZ10gewoJaW5wdXQucGF5bG9hZC5hY3Rpb24gIT0gInN1Ym1pdHRlZCIKCW1zZyA6PSAibm90IGEgc3VibWl0dGVkIHByIgp9CgpkZW55W21zZ10gewoJaW5wdXQucGF5bG9hZC5yZXZpZXcuc3RhdGUgIT0gImFwcHJvdmVkIgoJbXNnIDo9ICJub3QgYW4gYXBwcm92ZWQgcHIiCn0K"
-              }
             ]
           }
         ],

From c94240a15192cd8c27c4614756943ed02dc84f29 Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Tue, 1 Oct 2024 12:02:09 -0400
Subject: [PATCH 09/30] Add policy for PR that doesn't look for merge (#13)

Signed-off-by: John Kjell <john@testifysec.com>
---
 .github/workflows/pipeline.yml |  17 ++
 pr-policy-signed.json          |   1 +
 pr-policy.json                 | 460 +++++++++++++++++++++++++++++++++
 3 files changed, 478 insertions(+)
 create mode 100644 pr-policy-signed.json
 create mode 100644 pr-policy.json

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index b8a8bbc..590bc6a 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -160,6 +160,23 @@ jobs:
       artifact-upload-name: trufflehog.json
       artifact-upload-path: trufflehog.json
 
+  verify-pr:
+    needs: [ generate-sbom, secret-scan]
+    
+    if: ${{ github.event_name == 'push' }}
+    uses: testifysec/witness-run-action/.github/workflows/witness.yml@reusable-workflow
+    with:
+      pull_request: ${{ github.event_name == 'pull_request' }}
+      step: verify
+      pre-command-attestations: "git github environment"
+      attestations: "git github environment"
+      artifact-download: image.tar
+      pre-command: |
+        curl -sSfL https://github.com/jkjell/witness/releases/download/osff-demo/witness -o /tmp/witness && \
+        chmod +x /tmp/witness
+      command: |
+        /tmp/witness verify -p pr-policy-signed.json -k swfpublic.pem -f /tmp/image.tar --enable-archivista -l debug
+
   verify:
     needs: [ generate-sbom, secret-scan]
 
diff --git a/pr-policy-signed.json b/pr-policy-signed.json
new file mode 100644
index 0000000..e4d2fe4
--- /dev/null
+++ b/pr-policy-signed.json
@@ -0,0 +1 @@
+{"payload":"ewogICAgImV4cGlyZXMiOiAiMjAyNS0xMi0xN1QyMzo1Nzo0MC0wNTowMCIsCiAgICAic3RlcHMiOiB7CiAgICAgICJmbXQiOiB7CiAgICAgICAgIm5hbWUiOiAiZm10IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfSwKICAgICAgInZldCI6IHsKICAgICAgICAibmFtZSI6ICJ2ZXQiLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAibGludCI6IHsKICAgICAgICAibmFtZSI6ICJsaW50IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIsCiAgICAgICAgICAgICJyZWdvcG9saWNpZXMiOiBbCiAgICAgICAgICAgICAgewogICAgICAgICAgICAgICAgIm5hbWUiOiAiZXhwZWN0ZWQgY29tbWFuZCIsCiAgICAgICAgICAgICAgICAibW9kdWxlIjogImNHRmphMkZuWlNCamIyMXRZVzVrY25WdUxtTnRaQW9LWkdWdWVWdHRjMmRkSUhzS0NXbHVjSFYwTG1OdFpDQWhQU0JiSWk5aWFXNHZjMmdpTENBaUxXTWlMQ0FpYUdGa2IyeHBiblFnTFdZZ2MyRnlhV1lnUkc5amEyVnlabWxzWlNBK0lHaGhaRzlzYVc1MExuTmhjbWxtSWwwS0NXMXpaeUE2UFNBaWRXNWxlSEJsWTNSbFpDQmpiV1FpQ24wSyIKICAgICAgICAgICAgICB9CiAgICAgICAgICAgIF0KICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfSwKICAgICAgInVuaXQtdGVzdCI6IHsKICAgICAgICAibmFtZSI6ICJ1bml0LXRlc3QiLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAic2FzdCI6IHsKICAgICAgICAibmFtZSI6ICJzYXN0IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL3Byb2R1Y3QvdjAuMSIKICAgICAgICAgIH0KICAgICAgICBdLAogICAgICAgICJmdW5jdGlvbmFyaWVzIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJyb290IiwKICAgICAgICAgICAgImNlcnRDb25zdHJhaW50IjogewogICAgICAgICAgICAgICJjb21tb25uYW1lIjogIioiLAogICAgICAgICAgICAgICJkbnNuYW1lcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImVtYWlscyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgIm9yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJ1cmlzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAicm9vdHMiOiBbCiAgICAgICAgICAgICAgICAiZGNmMTY2ZWViZTdjYmQ5NzYwOTQ3YTg4MjEzZDk0ZTY1NjM0OWM2NDdkNDM5NTY5ZGM3NmEyNzVmMDViNzE1OSIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJleHRlbnNpb25zIjogewogICAgICAgICAgICAgICAgImlzc3VlciI6ICJodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwKICAgICAgICAgICAgICAgICJzb3VyY2VfcmVwb3NpdG9yeV91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmIiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3dpdG5lc3MtcnVuLWFjdGlvbi8uZ2l0aHViL3dvcmtmbG93cy93aXRuZXNzLnltbEByZWZzL2hlYWRzL3JldXNhYmxlLXdvcmtmbG93IiwKICAgICAgICAgICAgICAgICJidWlsZF9zaWduZXJfZGlnZXN0IjogImQ2NmY4OWVjODUzOTM5OGVkOTkwNGQxYTYyMmJkMDMwM2JmZTM4NGMiLAogICAgICAgICAgICAgICAgImJ1aWxkX2NvbmZpZ191cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvc3dmLy5naXRodWIvd29ya2Zsb3dzL3BpcGVsaW5lLnltbEByZWZzL2hlYWRzLyoiLAogICAgICAgICAgICAgICAgInJ1bm5lcl9lbnZpcm9ubWVudCI6ICJnaXRodWItaG9zdGVkIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgICAgfQogICAgICAgIF0KICAgICAgfSwKICAgICAgImJ1aWxkLWltYWdlIjogewogICAgICAgICJuYW1lIjogImJ1aWxkLWltYWdlIiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9lbnZpcm9ubWVudC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvZ2l0L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9tYXRlcmlhbC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvY29tbWFuZC1ydW4vdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vc2xzYS5kZXYvcHJvdmVuYW5jZS92MS4wIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvb2NpL3YwLjEiCiAgICAgICAgICB9CiAgICAgICAgXSwKICAgICAgICAiZnVuY3Rpb25hcmllcyI6IFsKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAicm9vdCIsCiAgICAgICAgICAgICJjZXJ0Q29uc3RyYWludCI6IHsKICAgICAgICAgICAgICAiY29tbW9ubmFtZSI6ICIqIiwKICAgICAgICAgICAgICAiZG5zbmFtZXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJlbWFpbHMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJvcmdhbml6YXRpb25zIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAidXJpcyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInJvb3RzIjogWwogICAgICAgICAgICAgICAgImRjZjE2NmVlYmU3Y2JkOTc2MDk0N2E4ODIxM2Q5NGU2NTYzNDljNjQ3ZDQzOTU2OWRjNzZhMjc1ZjA1YjcxNTkiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZXh0ZW5zaW9ucyI6IHsKICAgICAgICAgICAgICAgICJpc3N1ZXIiOiAiaHR0cHM6Ly90b2tlbi5hY3Rpb25zLmdpdGh1YnVzZXJjb250ZW50LmNvbSIsCiAgICAgICAgICAgICAgICAic291cmNlX3JlcG9zaXRvcnlfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3N3ZiIsCiAgICAgICAgICAgICAgICAiYnVpbGRfc2lnbmVyX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy93aXRuZXNzLXJ1bi1hY3Rpb24vLmdpdGh1Yi93b3JrZmxvd3Mvd2l0bmVzcy55bWxAcmVmcy9oZWFkcy9yZXVzYWJsZS13b3JrZmxvdyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfc2lnbmVyX2RpZ2VzdCI6ICJkNjZmODllYzg1MzkzOThlZDk5MDRkMWE2MjJiZDAzMDNiZmUzODRjIiwKICAgICAgICAgICAgICAgICJidWlsZF9jb25maWdfdXJpIjogImh0dHBzOi8vZ2l0aHViLmNvbS90ZXN0aWZ5c2VjL3N3Zi8uZ2l0aHViL3dvcmtmbG93cy9waXBlbGluZS55bWxAcmVmcy9oZWFkcy8qIiwKICAgICAgICAgICAgICAgICJydW5uZXJfZW52aXJvbm1lbnQiOiAiZ2l0aHViLWhvc3RlZCIKICAgICAgICAgICAgICB9CiAgICAgICAgICAgIH0KICAgICAgICAgIH0KICAgICAgICBdCiAgICAgIH0sCiAgICAgICJnZW5lcmF0ZS1zYm9tIjogewogICAgICAgICJuYW1lIjogImdlbmVyYXRlLXNib20iLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAic2VjcmV0LXNjYW4iOiB7CiAgICAgICAgIm5hbWUiOiAic2VjcmV0LXNjYW4iLAogICAgICAgICJhdHRlc3RhdGlvbnMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL2Vudmlyb25tZW50L3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXQvdjAuMSIKICAgICAgICAgIH0sCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogImh0dHBzOi8vd2l0bmVzcy5kZXYvYXR0ZXN0YXRpb25zL21hdGVyaWFsL3YwLjEiCiAgICAgICAgICB9LAogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9jb21tYW5kLXJ1bi92MC4xIgogICAgICAgICAgfSwKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiaHR0cHM6Ly93aXRuZXNzLmRldi9hdHRlc3RhdGlvbnMvcHJvZHVjdC92MC4xIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImZ1bmN0aW9uYXJpZXMiOiBbCiAgICAgICAgICB7CiAgICAgICAgICAgICJ0eXBlIjogInJvb3QiLAogICAgICAgICAgICAiY2VydENvbnN0cmFpbnQiOiB7CiAgICAgICAgICAgICAgImNvbW1vbm5hbWUiOiAiKiIsCiAgICAgICAgICAgICAgImRuc25hbWVzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAiZW1haWxzIjogWwogICAgICAgICAgICAgICAgIioiCiAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAib3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICIqIgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgInVyaXMiOiBbCiAgICAgICAgICAgICAgICAiKiIKICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICJyb290cyI6IFsKICAgICAgICAgICAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IgogICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgImV4dGVuc2lvbnMiOiB7CiAgICAgICAgICAgICAgICAiaXNzdWVyIjogImh0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20iLAogICAgICAgICAgICAgICAgInNvdXJjZV9yZXBvc2l0b3J5X3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YiLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl91cmkiOiAiaHR0cHM6Ly9naXRodWIuY29tL3Rlc3RpZnlzZWMvd2l0bmVzcy1ydW4tYWN0aW9uLy5naXRodWIvd29ya2Zsb3dzL3dpdG5lc3MueW1sQHJlZnMvaGVhZHMvcmV1c2FibGUtd29ya2Zsb3ciLAogICAgICAgICAgICAgICAgImJ1aWxkX3NpZ25lcl9kaWdlc3QiOiAiZDY2Zjg5ZWM4NTM5Mzk4ZWQ5OTA0ZDFhNjIyYmQwMzAzYmZlMzg0YyIsCiAgICAgICAgICAgICAgICAiYnVpbGRfY29uZmlnX3VyaSI6ICJodHRwczovL2dpdGh1Yi5jb20vdGVzdGlmeXNlYy9zd2YvLmdpdGh1Yi93b3JrZmxvd3MvcGlwZWxpbmUueW1sQHJlZnMvaGVhZHMvKiIsCiAgICAgICAgICAgICAgICAicnVubmVyX2Vudmlyb25tZW50IjogImdpdGh1Yi1ob3N0ZWQiCiAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9LAogICAgICAicHVsbF9yZXF1ZXN0X3JldmlldyI6IHsKICAgICAgICAibmFtZSI6ICJwdWxsX3JlcXVlc3RfcmV2aWV3IiwKICAgICAgICAiYXR0ZXN0YXRpb25zIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJodHRwczovL3dpdG5lc3MuZGV2L2F0dGVzdGF0aW9ucy9naXRodWJ3ZWJob29rL3YwLjEiLAogICAgICAgICAgICAicmVnb3BvbGljaWVzIjogWwogICAgICAgICAgICBdCiAgICAgICAgICB9CiAgICAgICAgXSwKICAgICAgICAiZnVuY3Rpb25hcmllcyI6IFsKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAicHVibGlja2V5IiwKICAgICAgICAgICAgInB1YmxpY2tleWlkIjogIjY1MTZkMDgxMmNiNWEwZDAxZjdmMDE0Zjg4ZTA0YzVkNGMyZDg5YTY0ZTc4OGExMjk1MGJhOTUwZmI0M2VmNDUiCiAgICAgICAgICB9CiAgICAgICAgXQogICAgICB9CiAgICB9LAogICAgInB1YmxpY2tleXMiOiB7CiAgICAgICI2NTE2ZDA4MTJjYjVhMGQwMWY3ZjAxNGY4OGUwNGM1ZDRjMmQ4OWE2NGU3ODhhMTI5NTBiYTk1MGZiNDNlZjQ1IjogewogICAgICAgICJrZXlpZCI6ICI2NTE2ZDA4MTJjYjVhMGQwMWY3ZjAxNGY4OGUwNGM1ZDRjMmQ4OWE2NGU3ODhhMTI5NTBiYTk1MGZiNDNlZjQ1IiwKICAgICAgICAia2V5IjogIkxTMHRMUzFDUlVkSlRpQlFWVUpNU1VNZ1MwVlpMUzB0TFMwS1RVbEpRa2xxUVU1Q1oydHhhR3RwUnpsM01FSkJVVVZHUVVGUFEwRlJPRUZOU1VsQ1EyZExRMEZSUlVGMllXaHlRVXBETlhObFkyeHVXRWxxUTJONE5ncEtjR2t4UVcxbFdXOUZRVlZtYW5sS1IySTVjSHBSUVU0dlQzQmhjalpyYW0xTU9VOWphMnBtZFcxYVNWbHBiWG8zUTJKcVoxZDZWR3N2T1dGMlUxQmpDbVppYXpCUVJFZEtjRXBKVGpoTlpIQjZVV3MwYVhsbkt5dDJORFkyWlVoRFNYcHlWRXhZY1VKRFIyMVNhMWh5U0ZCSlFrbEVhelY1Ymtrd2VFVjZhbk1LY1VGR2FFRjZZMnRKVkZadFkyVjRURTQwZW1oek9HbEdjWFJ4Wm1WeFMwVk1NM05RVVdaUFQzQnpURlpGY0M5TVIzaDRLMlZwZEdabkwyWlBXVTFwTXdwa2RVazNPRGROYkdjd1VDOVNOV053YWpSQmVHSldkMU4zVDNoemVWQm5Ua1pTUzFWcGQwMTNPVmw2SzIxbGNYbDVSR1JPZURkbmNqQjZWMGxWYUd0NkNsQlFVamd5TVZOV00wWk9hSEpqZW1OU1IyMHlkeXQxWXpsRGNpczVWWEJqVEVGdEwzTXhPWFY0WWpCMVZXazFlRlJUUkdSQ1ZDODBPRkZ2TmpGU01WUUtWVkZKUkVGUlFVSUtMUzB0TFMxRlRrUWdVRlZDVEVsRElFdEZXUzB0TFMwdENnPT0iCiAgICAgIH0KICAgIH0sCiAgICAicm9vdHMiOiB7CiAgICAgICJkY2YxNjZlZWJlN2NiZDk3NjA5NDdhODgyMTNkOTRlNjU2MzQ5YzY0N2Q0Mzk1NjlkYzc2YTI3NWYwNWI3MTU5IjogewogICAgICAgICJjZXJ0aWZpY2F0ZSI6ICJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VOSGFrTkRRV0ZIWjBGM1NVSkJaMGxWUVV4dVZtbFdabTVWTUdKeVNtRnpiVkpyU0hKdUwxVnVabUZSZDBObldVbExiMXBKZW1vd1JVRjNUWGNLUzJwRlZrMUNUVWRCTVZWRlEyaE5UV015Ykc1ak0xSjJZMjFWZFZwSFZqSk5Va1YzUkhkWlJGWlJVVVJGZDJoNllWZGtlbVJIT1hsYVZFRmxSbmN3ZVFwTmFrRXdUVlJOZVUxRVFUSk5WRlpoUm5jd2VrMVVSWGROUkZWNFRYcFZNazVVYUdGTlJHTjRSbFJCVkVKblRsWkNRVzlVUkVoT2NGb3pUakJpTTBwc0NreHRVbXhrYWtWbFRVSjNSMEV4VlVWQmVFMVdZekpzYm1NelVuWmpiVlYwWVZjMU1GcFlTblJhVjFKd1dWaFNiRTFJV1hkRlFWbElTMjlhU1hwcU1FTUtRVkZaUmtzMFJVVkJRMGxFV1dkQlJUaFNWbE12ZVhOSUswNVBkblZFV25sUVNWcDBhV3huVlVZNVRteGhjbGx3UVdRNVNGQXhka0pDU0RGVk5VTldOd28zVEZOVE4zTXdXbWxJTkc1Rk4waDJOM0IwVXpaTWRuWlNMMU5VYXpjNU9FeFdaMDE2VEd4S05FaGxTV1pHTTNSSVUyRmxlRXhqV1hCVFFWTnlNV3RUQ2pCT0wxSm5Ra3A2THpscVYwTnBXRzV2TTNOM1pWUkJUMEpuVGxaSVVUaENRV1k0UlVKQlRVTkJVVmwzUlhkWlJGWlNNR3hDUVhkM1EyZFpTVXQzV1VJS1FsRlZTRUYzVFhkRloxbEVWbEl3VkVGUlNDOUNRV2QzUW1kRlFpOTNTVUpCUkVGa1FtZE9Wa2hSTkVWR1oxRlZNemxRY0hveFdXdEZXbUkxY1U1cWNBcExSbGRwZUdrMFdWcEVPSGRJZDFsRVZsSXdha0pDWjNkR2IwRlZWMDFCWlZnMVJrWndWMkZ3WlhONVVXOWFUV2t3UTNKR2VHWnZkME5uV1VsTGIxcEpDbnBxTUVWQmQwMUVXbmRCZDFwQlNYZFFRM05SU3pSRVdXbGFXVVJRU1dGRWFUVklSa3R1Wm5oWWVEWkJVMU5XYlVWU1puTjVibGxDYVZneVdEWlRTbElLYmxwVk9EUXZPVVJhWkc1R2RuWjRiVUZxUWs5ME5sRndRbXhqTkVvdk1FUjRkbXRVUTNGd1kyeDJlbWxNTmtKRFExQnVhbVJzU1VJelVIVXpRbmh6VUFwdGVXZFZXVGRKYVRKNlltUkRaR3hwYVc5M1BRb3RMUzB0TFVWT1JDQkRSVkpVU1VaSlEwRlVSUzB0TFMwdENnbz0iLAogICAgICAgICJpbnRlcm1lZGlhdGVzIjogWwogICAgICAgICAgIkxTMHRMUzFDUlVkSlRpQkRSVkpVU1VaSlEwRlVSUzB0TFMwdENrMUpTVUk1ZWtORFFWaDVaMEYzU1VKQlowbFZRVXhhVGtGUVJtUjRTRkIzYW1WRWJHOUVkM2xaUTJoQlR5ODBkME5uV1VsTGIxcEplbW93UlVGM1RYY0tTMnBGVmsxQ1RVZEJNVlZGUTJoTlRXTXliRzVqTTFKMlkyMVZkVnBIVmpKTlVrVjNSSGRaUkZaUlVVUkZkMmg2WVZka2VtUkhPWGxhVkVGbFJuY3dlUXBOVkVWM1RVUmplRTE2VlRKT1ZHeGhSbmN3ZWsxVVJYZE5SRlY0VFhwVk1rNVVhR0ZOUTI5NFJsUkJWRUpuVGxaQ1FXOVVSRWhPY0ZvelRqQmlNMHBzQ2t4dFVteGtha1ZTVFVFNFIwRXhWVVZCZUUxSll6SnNibU16VW5aamJWVjNaR3BCVVVKblkzRm9hMnBQVUZGSlFrSm5WWEpuVVZGQlNXZE9hVUZCVkRjS1dHVkdWRFJ5WWpOUVVVZDNVelJKWVdwMFRHc3pMMDlzYm5CbllXNW5ZVUpqYkZsd2MxbENjalZwS3pSNWJrSXdOMk5sWWpOTVVEQlBTVTlhWkhobGVBcFlOamxqTldsV2RYbEtVbEVyU0hvd05YbHBLMVZHTTNWQ1YwRnNTSEJwVXpWemFEQXJTREpIU0VVM1UxaHlhekZGUXpWdE1WUnlNVGxNT1dkbk9USnFDbGw2UW1oTlFUUkhRVEZWWkVSM1JVSXZkMUZGUVhkSlFrSnFRVkJDWjA1V1NGSk5Ra0ZtT0VWQ1ZFRkVRVkZJTDAxQ01FZEJNVlZrUkdkUlYwSkNVbGtLZDBJMVptdFZWMnhhY1d3MmVrcERhR3Q1VEZGTGMxaEdLMnBCWmtKblRsWklVMDFGUjBSQlYyZENVbGwzUWpWbWExVlhiRnB4YkRaNlNrTm9hM2xNVVFwTGMxaEdLMnBCUzBKblozRm9hMnBQVUZGUlJFRjNUbkJCUkVKdFFXcEZRV294YmtobFdGcHdLekV6VGxkQ1RtRXJSVVJ6UkZBNFJ6RlhWMmN4ZEVOTkNsZFFMMWRJVUhGd1lWWnZNR3BvYzNkbFRrWmFaMU56TUdWRk4zZFpTVFJ4UVdwRlFUSlhRamx2ZERrNGMwbHJiMFl6ZGxwWlpHUXpMMVowVjBJMVlqa0tWRTVOWldFM1NYZ3ZjM1JLTlZSbVkweE1aVUZDVEVVMFFrNUtUM05STkhadVFraEtDaTB0TFMwdFJVNUVJRU5GVWxSSlJrbERRVlJGTFMwdExTMEsiCiAgICAgICAgXQogICAgICB9CiAgICB9LAogICAgInRpbWVzdGFtcGF1dGhvcml0aWVzIjogewogICAgICAiZnJlZXRzYSI6IHsKICAgICAgICAiY2VydGlmaWNhdGUiOiAiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVZ3Zla05EUW1WbFowRjNTVUpCWjBsS1FVMUljR2hvV1U1eFQyMUJUVUV3UjBOVGNVZFRTV0l6UkZGRlFrUlJWVUZOU1VkV1RWSkZkMFIzV1VRS1ZsRlJTMFYzYUVkamJWWnNTVVpTVkZGVVJWRk5RVFJIUVRGVlJVTjRUVWhWYlRsMlpFTkNSRkZVUlZsTlFsbEhRVEZWUlVGNFRWQmtNMlF6VEcxYWVRcGFWMVl3WXpKRmRXSXpTbTVOVTBsM1NVRlpTa3R2V2tsb2RtTk9RVkZyUWtab1RtbGtXRTV3WWtkV05sbFlUa0ZhTWpGb1lWZDNkVmt5T1hSTlVrbDNDa1ZCV1VSV1VWRklSWGRzV0dSWFZubGxiVW94WTIxamVFUjZRVTVDWjA1V1FrRm5WRUpyU21obFYxWjVZbXBGVEUxQmEwZEJNVlZGUW1oTlExSkZWWGNLU0doalRrMVVXWGROZWtWNlRVUkZNVTFxUlhwWGFHTk9Ua1JGZDAxNlFUTk5SRVV4VFdwRmVsZHFRMEpzVkVWU1RVRTRSMEV4VlVWRGFFMUpVbTVLYkFwYVUwSlZWVEJGZUVWRVFVOUNaMDVXUWtGelZFSXhTblppTTFGblVUQkZlRWRFUVZkQ1owNVdRa0ZOVkVRelpETmtlVFZ0WTIxV2JHUklUbWhNYlRsNUNscDZSV2xOUTBGSFExTnhSMU5KWWpORVVVVktRVkpaVkZsdVZucGhWM2hzWlcxR2VsRkhaSFJaVjJ4elRHMU9kbUpVUlZOTlFrRkhRVEZWUlVKNFRVb0tWak5XYkdOdWNHbGtXRXB1VFZFNGQwUlJXVVJXVVZGSlJYZGFRMWxZYkd4amJUUjRRM3BCU2tKblRsWkNRVmxVUVd0U1JrMUpTVU5KYWtGT1FtZHJjUXBvYTJsSE9YY3dRa0ZSUlVaQlFVOURRV2M0UVUxSlNVTkRaMHREUVdkRlFYUm5TMDlFYWtGNU9GSkZVVEpYVkU1eFZYVmtRVzVxYUd4RGNuQkZObkZzQ20xUlprNXdjR1ZVYlZaMlduSklOSHAxZEc0clRuZFVZVWhCUjNCcVUwZDJOQzlYVW5CYU1YZGFNMEpTV2pWdFVGVkNXbmxNWjNFd1dYSkpabEUxUm5nS01ITXZUVkphVUhwak1YSXpiRXRYY2sxU09YTkJVWGcwYlU0MGVqRXhlRVpGVHpVeU9Vd3daRVpLYWxCR09VMUVPRWR3WkRKbVpWZDZSM2x3ZEd4bGJBcGlLMUJ4VkNzcksyWlBZVEp2V1RBclRtRk5UVGRzTDNoalRraFFUMkZOZWpBdk1tOXNhekJwTWpKb1lrdGxWbWgyYjJ0UVEzRm9SbWg2YzNWb1MzTnRDbkUwVDJZdmJ5dDBObVJKTjNONE5XZ3dibEJOYlRSblIxTlNhR1p4SzNvMlFsUlNaME55Y1ZGSE1rWlBURzlXUm1kME5tbEpiUzlDYms1bVpsVnlOMVlLUkZsa00zcGFiVWwzUms5cUwwZ3pSRXRJYjBkcGF5OTRTek5GT0RKWlFUSmFkV3hXVDBaU1Z5OTZhalJCY0dwUVlUVlBSbUp3U1d0a01IQnRlbmg2WkFwRlkwdzBOemxvVTBFNVpFWnBlVlp0VTNoUWRGazFlbVV4VUN0Q1JUbGlUVlV4VUZOamNGSjZkemhOU0VaWWVIbExjVmN4TTFGMk4weFhkelJ6WW1zekNsTmphVUkzUjBGRFlsRnBWa2Q2WjJ0MldFYzJlVGcxU0U5MWRsZE9ka00xUjB4VGFYbFFPVWRzVUVJd1ZqWTRkR0o0ZWpSS1ZsUlNaSGN2V0c0dldGUUtSazU2VWtKTk0yTnhPR3hDVDBGV2RDOVFRVmcxSzNWR1kzWXhVemwzUmtVNFdXcGhRbVpYUTFBeGFtUkNhV3dyWXpSbEt6QjBaSGwzVkRKdlNtMVpRZ3BDUmk5clJYUXhkMjFIZDAxdFNIVnVUa1YxVVU1NmFERkdkRXBaTlRSb1lsVm1hVmRwTXpodFFWTkZOM2hOZEUxb1ptb3ZRelJUZG1Gd2FVUk9PRE0zQ21kWllWQm1jemg0TTB0YWVHSllOME16V1VGelJtNUthVzVzZDBGVmMzTXhabVJMWVhJNFVTOVpWbk0zU0M5dVZUUmpORWw0ZUhoNk5HWTJOMlpqVm5FS1RUSkpWRXRsYm5SaVEwMURRWGRGUVVGaFQwTkJhelIzWjJkS1MwMUJkMGRCTVZWa1JYZFJSazFCVFVKQlpqaDNSR2RaUkZaU01GQkJVVWd2UWtGUlJBcEJaMGhIVFVJd1IwRXhWV1JFWjFGWFFrSlVObFpSTWsxT1IxcFNVVEI2TXpVM1QyNWlTbGQyWlhWaGEyeDZRMEo1WjFsRVZsSXdha0pKU0VOTlNVY3ZDbWRDVkRaV1VUSk5Ua2RhVWxFd2VqTTFOMDl1WWtwWGRtVjFZV3RzTmtkQ2JUWlRRbTFFUTBKc1ZFVlNUVUU0UjBFeFZVVkRhRTFKVW01S2JGcFRRbFVLVlRCRmVFVkVRVTlDWjA1V1FrRnpWRUl4U25aaU0xRm5VVEJGZUVkRVFWZENaMDVXUWtGTlZFUXpaRE5rZVRWdFkyMVdiR1JJVG1oTWJUbDVXbnBGYVFwTlEwRkhRMU54UjFOSllqTkVVVVZLUVZKWlZGbHVWbnBoVjNoc1pXMUdlbEZIWkhSWlYyeHpURzFPZG1KVVJWTk5Ra0ZIUVRGVlJVSjRUVXBXTTFac0NtTnVjR2xrV0VwdVRWRTRkMFJSV1VSV1VWRkpSWGRhUTFsWWJHeGpiVFI0UTNwQlNrSm5UbFpDUVZsVVFXdFNSbWRuYTBGM1pXMUhSbWN5YnpaWlFYY0tUWGRaUkZaU01HWkNRM2QzUzJwQmIyOURZV2RLU1ZscFlVaFNNR05FYjNaTU0yUXpaSGsxYldOdFZteGtTRTVvVEcwNWVWcDVPWGxpTWprd1dESk9hQXBNYlU1NVlrUkRRbnAzV1VSV1VqQm5Ra2xJU0UxSlNFVk5TVWhDUW1kdmNrSm5SVVZCV1VoNVNrRkZRazFKUjNsTlJFMUhRME56UjBGUlZVWkNkMGxDQ2tacFpHOWtTRkozVDJrNGRtUXpaRE5NYlZwNVdsZFdNR015UlhWaU0wcHVUREphZVZwWFZqQmpNa1ptV1ROQ2VreHRhREJpVjNkM1RXZFpTVXQzV1VJS1FsRlZTRUZuUlZkS2JXZ3daRWhCTmt4NU9UTmtNMk4xV201S2JGcFlVbnBaVXpWMlkyMWpkbHB1U214YVdGSjZXVlk1YW1OSVRYVmpSMUp0VFVWalJ3cERRM05IUVZGVlJrSjNTVU5OUkhOaFQxVmFlVnBYVmxWVk1FVm5aRWhLTVdNelVteGFRMEl3WVZjeGJHTXpVbWhpV0VKd1ltMWpaMVV5T1cxa1NHUm9DbU50VldkWldFMW5XVk5DVkZwWVNqSmhWMDVzU1VOb1ZGbFhSbFJMVkVFelFtZG5ja0puUlVaQ1VXTkNRVkZSY2sxRGEzZEtkMWxKUzNkWlFrSlJWVWdLVFVGSFIwY3lhREJrU0VFMlRIazVNMlF6WTNWYWJrcHNXbGhTZWxsVE5YWmpiV00yVFdwVk1rMUVRVTVDWjJ0eGFHdHBSemwzTUVKQlVUQkdRVUZQUXdwQlowVkJZVXM1SzNZMVQwWlpkVGxOTm5wMFdVTXJURFk1YzNjeGIyMWtlV3hwT0Rsc1drRm1jRmROVFdnNVExSnRTbWhOTmt0Q2NVMHZhWEIzYjB4MENtNTRlWGhIYzJKRFVHaGpVV3AxVkhaNmJTdDViRTQyVm5kVVRXMUpiRlo1VmxOTVMxbGFZMlJUYW5RdlpVTlZUaXMwTVVzM2MwUTNSMVp0ZUZwQ1FVWUtTVXh1UWtSdFZFZEtiVXhyY2xVd1MzVjFTWEJxT0d4SkwwVTJXalpPYm0xMVVESXJVa0ZSVTBoelprSlJhVFp6YzNOdVdFMXZORWhQVnpWbmRGQlBOd3BuUkhKVmNGWllTVVFyS3pGUU5GaHVaR3R2UzI0M1UzWjNOVzR3ZWxNNVpuWXhhSGhDWTFsSlNGQlFVVlY2WlRKMU16QmlRVkYwTUc0d2FVbDVVa3g2Q21GWGRXaDBjRUYwWkRkbVpuZEZZa0ZUWjNwQ04wVXJUa2RHTkhSd1ZqTTNaVGhMYVVFeWVHbEhVMUp4VkRWdVpIVXlPR1puY0U5Wk9EZG5SRE5CY2xvS1JHTjBXbloyVkVObVNHUkJVelZyUlU4eloyNUhSMlZhUlZaTVJHMW1SWE4yT0ZSSFNtRXpRV3hxVm1FMVJUUXdTVkZFYzFWWWNGRk1hVGhISzFWRE5Bb3hSRmRhZFRoRlZsUTBjbTVaWVVOM01WWllOMU5vVDFJeFVFNURRM1pxWWpoVE9IUm1aSFZrWkRsNmFGVXpaMFZDTUhKNFpHVlVlVEYwVm1KT1RGaFhDams1ZVRrd2VHTjNjakZhU1VSVmQwMHZlRkV2Ym05UE9FWlNhRzB3VEc5UVF6Y3pSV1lyU2pSYVFtUnlkbGQzWVhWR00zcEtaVE16WkRScFluaEZZMklLT0M5d2VqVlhla1pyWldsNFdVMHlibk5JYUhGSWMwSkxkemRLVUc5MVMwNVlVbTVzTlVsQlJURmxSbTF4UkhsRE4wY3ZWbFEzVDBZMk5qbDRUVFpvWWdwVmREVkhNakZLUlRSalRrczJUazUxWTFNclpucG5NVXBRV0RBck0xWm9jMWxhYW1vM1JEVjFiR3BTZGxGWWNrbzRhVWhuY2k5Tk5tb3liMHhJZGxSQkNra3lUVXhrY1RKeGFscEdSRTlEV0hONFFuaEtjR0p0VEVkQ2VEbHZkelphWlhKc1ZYaDZkM015UVZkMk1uQnJQUW90TFMwdExVVk9SQ0JEUlZKVVNVWkpRMEZVUlMwdExTMHRDZz09IgogICAgICB9CiAgICB9CiAgfQo=","payloadType":"https://witness.testifysec.com/policy/v0.1","signatures":[{"keyid":"6516d0812cb5a0d01f7f014f88e04c5d4c2d89a64e788a12950ba950fb43ef45","sig":"MjMOPIgKuiu7INsuKdvV+I8TiyTU95OItyMVGv7Y1lfn0yRUpJvLFQlVzw8uPsV+X41SGgYUukSZjvGZVIdDn8LLVwjNf4zGknD1VM7ievGcr2Vxc9UGSforqRkRkWmJxoaRiK7YdrCRoFRW/unkjttD+HrlfL4GA9zPCG5tLpUlWyM6srNkBx1NSuooxe4syDNghTd2vdNyLdNcE0LkM7IY7sTp6e8aOva6ZTAvcVlg6bQE6F1I9nGGDfCYjmQiaJr09+0xWfpDBWmsQDIP9zfXAWaweW3kmPoyDd2O+6iGuRDYb9pNnklV+SWA/e5tC4wmBoaH+3jAFh9anIYh+Q=="}]}
diff --git a/pr-policy.json b/pr-policy.json
new file mode 100644
index 0000000..895737a
--- /dev/null
+++ b/pr-policy.json
@@ -0,0 +1,460 @@
+{
+    "expires": "2025-12-17T23:57:40-05:00",
+    "steps": {
+      "fmt": {
+        "name": "fmt",
+        "attestations": [
+          {
+            "type": "https://witness.dev/attestations/environment/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/git/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/material/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/command-run/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/product/v0.1"
+          }
+        ],
+        "functionaries": [
+          {
+            "type": "root",
+            "certConstraint": {
+              "commonname": "*",
+              "dnsnames": [
+                "*"
+              ],
+              "emails": [
+                "*"
+              ],
+              "organizations": [
+                "*"
+              ],
+              "uris": [
+                "*"
+              ],
+              "roots": [
+                "dcf166eebe7cbd9760947a88213d94e656349c647d439569dc76a275f05b7159"
+              ],
+              "extensions": {
+                "issuer": "https://token.actions.githubusercontent.com",
+                "source_repository_uri": "https://github.com/testifysec/swf",
+                "build_signer_uri": "https://github.com/testifysec/witness-run-action/.github/workflows/witness.yml@refs/heads/reusable-workflow",
+                "build_signer_digest": "d66f89ec8539398ed9904d1a622bd0303bfe384c",
+                "build_config_uri": "https://github.com/testifysec/swf/.github/workflows/pipeline.yml@refs/heads/*",
+                "runner_environment": "github-hosted"
+              }
+            }
+          }
+        ]
+      },
+      "vet": {
+        "name": "vet",
+        "attestations": [
+          {
+            "type": "https://witness.dev/attestations/environment/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/git/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/material/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/command-run/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/product/v0.1"
+          }
+        ],
+        "functionaries": [
+          {
+            "type": "root",
+            "certConstraint": {
+              "commonname": "*",
+              "dnsnames": [
+                "*"
+              ],
+              "emails": [
+                "*"
+              ],
+              "organizations": [
+                "*"
+              ],
+              "uris": [
+                "*"
+              ],
+              "roots": [
+                "dcf166eebe7cbd9760947a88213d94e656349c647d439569dc76a275f05b7159"
+              ],
+              "extensions": {
+                "issuer": "https://token.actions.githubusercontent.com",
+                "source_repository_uri": "https://github.com/testifysec/swf",
+                "build_signer_uri": "https://github.com/testifysec/witness-run-action/.github/workflows/witness.yml@refs/heads/reusable-workflow",
+                "build_signer_digest": "d66f89ec8539398ed9904d1a622bd0303bfe384c",
+                "build_config_uri": "https://github.com/testifysec/swf/.github/workflows/pipeline.yml@refs/heads/*",
+                "runner_environment": "github-hosted"
+              }
+            }
+          }
+        ]
+      },
+      "lint": {
+        "name": "lint",
+        "attestations": [
+          {
+            "type": "https://witness.dev/attestations/environment/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/git/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/material/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/command-run/v0.1",
+            "regopolicies": [
+              {
+                "name": "expected command",
+                "module": "cGFja2FnZSBjb21tYW5kcnVuLmNtZAoKZGVueVttc2ddIHsKCWlucHV0LmNtZCAhPSBbIi9iaW4vc2giLCAiLWMiLCAiaGFkb2xpbnQgLWYgc2FyaWYgRG9ja2VyZmlsZSA+IGhhZG9saW50LnNhcmlmIl0KCW1zZyA6PSAidW5leHBlY3RlZCBjbWQiCn0K"
+              }
+            ]
+          },
+          {
+            "type": "https://witness.dev/attestations/product/v0.1"
+          }
+        ],
+        "functionaries": [
+          {
+            "type": "root",
+            "certConstraint": {
+              "commonname": "*",
+              "dnsnames": [
+                "*"
+              ],
+              "emails": [
+                "*"
+              ],
+              "organizations": [
+                "*"
+              ],
+              "uris": [
+                "*"
+              ],
+              "roots": [
+                "dcf166eebe7cbd9760947a88213d94e656349c647d439569dc76a275f05b7159"
+              ],
+              "extensions": {
+                "issuer": "https://token.actions.githubusercontent.com",
+                "source_repository_uri": "https://github.com/testifysec/swf",
+                "build_signer_uri": "https://github.com/testifysec/witness-run-action/.github/workflows/witness.yml@refs/heads/reusable-workflow",
+                "build_signer_digest": "d66f89ec8539398ed9904d1a622bd0303bfe384c",
+                "build_config_uri": "https://github.com/testifysec/swf/.github/workflows/pipeline.yml@refs/heads/*",
+                "runner_environment": "github-hosted"
+              }
+            }
+          }
+        ]
+      },
+      "unit-test": {
+        "name": "unit-test",
+        "attestations": [
+          {
+            "type": "https://witness.dev/attestations/environment/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/git/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/material/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/command-run/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/product/v0.1"
+          }
+        ],
+        "functionaries": [
+          {
+            "type": "root",
+            "certConstraint": {
+              "commonname": "*",
+              "dnsnames": [
+                "*"
+              ],
+              "emails": [
+                "*"
+              ],
+              "organizations": [
+                "*"
+              ],
+              "uris": [
+                "*"
+              ],
+              "roots": [
+                "dcf166eebe7cbd9760947a88213d94e656349c647d439569dc76a275f05b7159"
+              ],
+              "extensions": {
+                "issuer": "https://token.actions.githubusercontent.com",
+                "source_repository_uri": "https://github.com/testifysec/swf",
+                "build_signer_uri": "https://github.com/testifysec/witness-run-action/.github/workflows/witness.yml@refs/heads/reusable-workflow",
+                "build_signer_digest": "d66f89ec8539398ed9904d1a622bd0303bfe384c",
+                "build_config_uri": "https://github.com/testifysec/swf/.github/workflows/pipeline.yml@refs/heads/*",
+                "runner_environment": "github-hosted"
+              }
+            }
+          }
+        ]
+      },
+      "sast": {
+        "name": "sast",
+        "attestations": [
+          {
+            "type": "https://witness.dev/attestations/environment/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/git/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/material/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/command-run/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/product/v0.1"
+          }
+        ],
+        "functionaries": [
+          {
+            "type": "root",
+            "certConstraint": {
+              "commonname": "*",
+              "dnsnames": [
+                "*"
+              ],
+              "emails": [
+                "*"
+              ],
+              "organizations": [
+                "*"
+              ],
+              "uris": [
+                "*"
+              ],
+              "roots": [
+                "dcf166eebe7cbd9760947a88213d94e656349c647d439569dc76a275f05b7159"
+              ],
+              "extensions": {
+                "issuer": "https://token.actions.githubusercontent.com",
+                "source_repository_uri": "https://github.com/testifysec/swf",
+                "build_signer_uri": "https://github.com/testifysec/witness-run-action/.github/workflows/witness.yml@refs/heads/reusable-workflow",
+                "build_signer_digest": "d66f89ec8539398ed9904d1a622bd0303bfe384c",
+                "build_config_uri": "https://github.com/testifysec/swf/.github/workflows/pipeline.yml@refs/heads/*",
+                "runner_environment": "github-hosted"
+              }
+            }
+          }
+        ]
+      },
+      "build-image": {
+        "name": "build-image",
+        "attestations": [
+          {
+            "type": "https://witness.dev/attestations/environment/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/git/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/material/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/command-run/v0.1"
+          },
+          {
+            "type": "https://slsa.dev/provenance/v1.0"
+          },
+          {
+            "type": "https://witness.dev/attestations/product/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/oci/v0.1"
+          }
+        ],
+        "functionaries": [
+          {
+            "type": "root",
+            "certConstraint": {
+              "commonname": "*",
+              "dnsnames": [
+                "*"
+              ],
+              "emails": [
+                "*"
+              ],
+              "organizations": [
+                "*"
+              ],
+              "uris": [
+                "*"
+              ],
+              "roots": [
+                "dcf166eebe7cbd9760947a88213d94e656349c647d439569dc76a275f05b7159"
+              ],
+              "extensions": {
+                "issuer": "https://token.actions.githubusercontent.com",
+                "source_repository_uri": "https://github.com/testifysec/swf",
+                "build_signer_uri": "https://github.com/testifysec/witness-run-action/.github/workflows/witness.yml@refs/heads/reusable-workflow",
+                "build_signer_digest": "d66f89ec8539398ed9904d1a622bd0303bfe384c",
+                "build_config_uri": "https://github.com/testifysec/swf/.github/workflows/pipeline.yml@refs/heads/*",
+                "runner_environment": "github-hosted"
+              }
+            }
+          }
+        ]
+      },
+      "generate-sbom": {
+        "name": "generate-sbom",
+        "attestations": [
+          {
+            "type": "https://witness.dev/attestations/environment/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/git/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/material/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/command-run/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/product/v0.1"
+          }
+        ],
+        "functionaries": [
+          {
+            "type": "root",
+            "certConstraint": {
+              "commonname": "*",
+              "dnsnames": [
+                "*"
+              ],
+              "emails": [
+                "*"
+              ],
+              "organizations": [
+                "*"
+              ],
+              "uris": [
+                "*"
+              ],
+              "roots": [
+                "dcf166eebe7cbd9760947a88213d94e656349c647d439569dc76a275f05b7159"
+              ],
+              "extensions": {
+                "issuer": "https://token.actions.githubusercontent.com",
+                "source_repository_uri": "https://github.com/testifysec/swf",
+                "build_signer_uri": "https://github.com/testifysec/witness-run-action/.github/workflows/witness.yml@refs/heads/reusable-workflow",
+                "build_signer_digest": "d66f89ec8539398ed9904d1a622bd0303bfe384c",
+                "build_config_uri": "https://github.com/testifysec/swf/.github/workflows/pipeline.yml@refs/heads/*",
+                "runner_environment": "github-hosted"
+              }
+            }
+          }
+        ]
+      },
+      "secret-scan": {
+        "name": "secret-scan",
+        "attestations": [
+          {
+            "type": "https://witness.dev/attestations/environment/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/git/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/material/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/command-run/v0.1"
+          },
+          {
+            "type": "https://witness.dev/attestations/product/v0.1"
+          }
+        ],
+        "functionaries": [
+          {
+            "type": "root",
+            "certConstraint": {
+              "commonname": "*",
+              "dnsnames": [
+                "*"
+              ],
+              "emails": [
+                "*"
+              ],
+              "organizations": [
+                "*"
+              ],
+              "uris": [
+                "*"
+              ],
+              "roots": [
+                "dcf166eebe7cbd9760947a88213d94e656349c647d439569dc76a275f05b7159"
+              ],
+              "extensions": {
+                "issuer": "https://token.actions.githubusercontent.com",
+                "source_repository_uri": "https://github.com/testifysec/swf",
+                "build_signer_uri": "https://github.com/testifysec/witness-run-action/.github/workflows/witness.yml@refs/heads/reusable-workflow",
+                "build_signer_digest": "d66f89ec8539398ed9904d1a622bd0303bfe384c",
+                "build_config_uri": "https://github.com/testifysec/swf/.github/workflows/pipeline.yml@refs/heads/*",
+                "runner_environment": "github-hosted"
+              }
+            }
+          }
+        ]
+      },
+      "pull_request_review": {
+        "name": "pull_request_review",
+        "attestations": [
+          {
+            "type": "https://witness.dev/attestations/githubwebhook/v0.1",
+            "regopolicies": [
+            ]
+          }
+        ],
+        "functionaries": [
+          {
+            "type": "publickey",
+            "publickeyid": "6516d0812cb5a0d01f7f014f88e04c5d4c2d89a64e788a12950ba950fb43ef45"
+          }
+        ]
+      }
+    },
+    "publickeys": {
+      "6516d0812cb5a0d01f7f014f88e04c5d4c2d89a64e788a12950ba950fb43ef45": {
+        "keyid": "6516d0812cb5a0d01f7f014f88e04c5d4c2d89a64e788a12950ba950fb43ef45",
+        "key": "LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF2YWhyQUpDNXNlY2xuWElqQ2N4NgpKcGkxQW1lWW9FQVVmanlKR2I5cHpRQU4vT3BhcjZram1MOU9ja2pmdW1aSVlpbXo3Q2JqZ1d6VGsvOWF2U1BjCmZiazBQREdKcEpJTjhNZHB6UWs0aXlnKyt2NDY2ZUhDSXpyVExYcUJDR21Sa1hySFBJQklEazV5bkkweEV6anMKcUFGaEF6Y2tJVFZtY2V4TE40emhzOGlGcXRxZmVxS0VMM3NQUWZPT3BzTFZFcC9MR3h4K2VpdGZnL2ZPWU1pMwpkdUk3ODdNbGcwUC9SNWNwajRBeGJWd1N3T3hzeVBnTkZSS1Vpd013OVl6K21lcXl5RGROeDdncjB6V0lVaGt6ClBQUjgyMVNWM0ZOaHJjemNSR20ydyt1YzlDcis5VXBjTEFtL3MxOXV4YjB1VWk1eFRTRGRCVC80OFFvNjFSMVQKVVFJREFRQUIKLS0tLS1FTkQgUFVCTElDIEtFWS0tLS0tCg=="
+      }
+    },
+    "roots": {
+      "dcf166eebe7cbd9760947a88213d94e656349c647d439569dc76a275f05b7159": {
+        "certificate": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNHakNDQWFHZ0F3SUJBZ0lVQUxuVmlWZm5VMGJySmFzbVJrSHJuL1VuZmFRd0NnWUlLb1pJemowRUF3TXcKS2pFVk1CTUdBMVVFQ2hNTWMybG5jM1J2Y21VdVpHVjJNUkV3RHdZRFZRUURFd2h6YVdkemRHOXlaVEFlRncweQpNakEwTVRNeU1EQTJNVFZhRncwek1URXdNRFV4TXpVMk5UaGFNRGN4RlRBVEJnTlZCQW9UREhOcFozTjBiM0psCkxtUmxkakVlTUJ3R0ExVUVBeE1WYzJsbmMzUnZjbVV0YVc1MFpYSnRaV1JwWVhSbE1IWXdFQVlIS29aSXpqMEMKQVFZRks0RUVBQ0lEWWdBRThSVlMveXNIK05PdnVEWnlQSVp0aWxnVUY5TmxhcllwQWQ5SFAxdkJCSDFVNUNWNwo3TFNTN3MwWmlING5FN0h2N3B0UzZMdnZSL1NUazc5OExWZ016TGxKNEhlSWZGM3RIU2FleExjWXBTQVNyMWtTCjBOL1JnQkp6LzlqV0NpWG5vM3N3ZVRBT0JnTlZIUThCQWY4RUJBTUNBUVl3RXdZRFZSMGxCQXd3Q2dZSUt3WUIKQlFVSEF3TXdFZ1lEVlIwVEFRSC9CQWd3QmdFQi93SUJBREFkQmdOVkhRNEVGZ1FVMzlQcHoxWWtFWmI1cU5qcApLRldpeGk0WVpEOHdId1lEVlIwakJCZ3dGb0FVV01BZVg1RkZwV2FwZXN5UW9aTWkwQ3JGeGZvd0NnWUlLb1pJCnpqMEVBd01EWndBd1pBSXdQQ3NRSzREWWlaWURQSWFEaTVIRktuZnhYeDZBU1NWbUVSZnN5bllCaVgyWDZTSlIKblpVODQvOURaZG5GdnZ4bUFqQk90NlFwQmxjNEovMER4dmtUQ3FwY2x2emlMNkJDQ1BuamRsSUIzUHUzQnhzUApteWdVWTdJaTJ6YmRDZGxpaW93PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCgo=",
+        "intermediates": [
+          "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUI5ekNDQVh5Z0F3SUJBZ0lVQUxaTkFQRmR4SFB3amVEbG9Ed3lZQ2hBTy80d0NnWUlLb1pJemowRUF3TXcKS2pFVk1CTUdBMVVFQ2hNTWMybG5jM1J2Y21VdVpHVjJNUkV3RHdZRFZRUURFd2h6YVdkemRHOXlaVEFlRncweQpNVEV3TURjeE16VTJOVGxhRncwek1URXdNRFV4TXpVMk5UaGFNQ294RlRBVEJnTlZCQW9UREhOcFozTjBiM0psCkxtUmxkakVSTUE4R0ExVUVBeE1JYzJsbmMzUnZjbVV3ZGpBUUJnY3Foa2pPUFFJQkJnVXJnUVFBSWdOaUFBVDcKWGVGVDRyYjNQUUd3UzRJYWp0TGszL09sbnBnYW5nYUJjbFlwc1lCcjVpKzR5bkIwN2NlYjNMUDBPSU9aZHhleApYNjljNWlWdXlKUlErSHowNXlpK1VGM3VCV0FsSHBpUzVzaDArSDJHSEU3U1hyazFFQzVtMVRyMTlMOWdnOTJqCll6QmhNQTRHQTFVZER3RUIvd1FFQXdJQkJqQVBCZ05WSFJNQkFmOEVCVEFEQVFIL01CMEdBMVVkRGdRV0JCUlkKd0I1ZmtVV2xacWw2ekpDaGt5TFFLc1hGK2pBZkJnTlZIU01FR0RBV2dCUll3QjVma1VXbFpxbDZ6SkNoa3lMUQpLc1hGK2pBS0JnZ3Foa2pPUFFRREF3TnBBREJtQWpFQWoxbkhlWFpwKzEzTldCTmErRURzRFA4RzFXV2cxdENNCldQL1dIUHFwYVZvMGpoc3dlTkZaZ1NzMGVFN3dZSTRxQWpFQTJXQjlvdDk4c0lrb0YzdlpZZGQzL1Z0V0I1YjkKVE5NZWE3SXgvc3RKNVRmY0xMZUFCTEU0Qk5KT3NRNHZuQkhKCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K"
+        ]
+      }
+    },
+    "timestampauthorities": {
+      "freetsa": {
+        "certificate": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUgvekNDQmVlZ0F3SUJBZ0lKQU1IcGhoWU5xT21BTUEwR0NTcUdTSWIzRFFFQkRRVUFNSUdWTVJFd0R3WUQKVlFRS0V3aEdjbVZsSUZSVFFURVFNQTRHQTFVRUN4TUhVbTl2ZENCRFFURVlNQllHQTFVRUF4TVBkM2QzTG1aeQpaV1YwYzJFdWIzSm5NU0l3SUFZSktvWklodmNOQVFrQkZoTmlkWE5wYkdWNllYTkFaMjFoYVd3dVkyOXRNUkl3CkVBWURWUVFIRXdsWGRXVnllbUoxY21jeER6QU5CZ05WQkFnVEJrSmhlV1Z5YmpFTE1Ba0dBMVVFQmhNQ1JFVXcKSGhjTk1UWXdNekV6TURFMU1qRXpXaGNOTkRFd016QTNNREUxTWpFeldqQ0JsVEVSTUE4R0ExVUVDaE1JUm5KbApaU0JVVTBFeEVEQU9CZ05WQkFzVEIxSnZiM1FnUTBFeEdEQVdCZ05WQkFNVEQzZDNkeTVtY21WbGRITmhMbTl5Clp6RWlNQ0FHQ1NxR1NJYjNEUUVKQVJZVFluVnphV3hsZW1GelFHZHRZV2xzTG1OdmJURVNNQkFHQTFVRUJ4TUoKVjNWbGNucGlkWEpuTVE4d0RRWURWUVFJRXdaQ1lYbGxjbTR4Q3pBSkJnTlZCQVlUQWtSRk1JSUNJakFOQmdrcQpoa2lHOXcwQkFRRUZBQU9DQWc4QU1JSUNDZ0tDQWdFQXRnS09EakF5OFJFUTJXVE5xVXVkQW5qaGxDcnBFNnFsCm1RZk5wcGVUbVZ2WnJINHp1dG4rTndUYUhBR3BqU0d2NC9XUnBaMXdaM0JSWjVtUFVCWnlMZ3EwWXJJZlE1RngKMHMvTVJaUHpjMXIzbEtXck1SOXNBUXg0bU40ejExeEZFTzUyOUwwZEZKalBGOU1EOEdwZDJmZVd6R3lwdGxlbApiK1BxVCsrK2ZPYTJvWTArTmFNTTdsL3hjTkhQT2FNejAvMm9sazBpMjJoYktlVmh2b2tQQ3FoRmh6c3VoS3NtCnE0T2Yvbyt0NmRJN3N4NWgwblBNbTRnR1NSaGZxK3o2QlRSZ0NycVFHMkZPTG9WRmd0NmlJbS9Cbk5mZlVyN1YKRFlkM3pabUl3Rk9qL0gzREtIb0dpay94SzNFODJZQTJadWxWT0ZSVy96ajRBcGpQYTVPRmJwSWtkMHBtenh6ZApFY0w0NzloU0E5ZEZpeVZtU3hQdFk1emUxUCtCRTliTVUxUFNjcFJ6dzhNSEZYeHlLcVcxM1F2N0xXdzRzYmszClNjaUI3R0FDYlFpVkd6Z2t2WEc2eTg1SE91dldOdkM1R0xTaXlQOUdsUEIwVjY4dGJ4ejRKVlRSZHcvWG4vWFQKRk56UkJNM2NxOGxCT0FWdC9QQVg1K3VGY3YxUzl3RkU4WWphQmZXQ1AxamRCaWwrYzRlKzB0ZHl3VDJvSm1ZQgpCRi9rRXQxd21Hd01tSHVuTkV1UU56aDFGdEpZNTRoYlVmaVdpMzhtQVNFN3hNdE1oZmovQzRTdmFwaUROODM3CmdZYVBmczh4M0taeGJYN0MzWUFzRm5KaW5sd0FVc3MxZmRLYXI4US9ZVnM3SC9uVTRjNEl4eHh6NGY2N2ZjVnEKTTJJVEtlbnRiQ01DQXdFQUFhT0NBazR3Z2dKS01Bd0dBMVVkRXdRRk1BTUJBZjh3RGdZRFZSMFBBUUgvQkFRRApBZ0hHTUIwR0ExVWREZ1FXQkJUNlZRMk1OR1pSUTB6MzU3T25iSld2ZXVha2x6Q0J5Z1lEVlIwakJJSENNSUcvCmdCVDZWUTJNTkdaUlEwejM1N09uYkpXdmV1YWtsNkdCbTZTQm1EQ0JsVEVSTUE4R0ExVUVDaE1JUm5KbFpTQlUKVTBFeEVEQU9CZ05WQkFzVEIxSnZiM1FnUTBFeEdEQVdCZ05WQkFNVEQzZDNkeTVtY21WbGRITmhMbTl5WnpFaQpNQ0FHQ1NxR1NJYjNEUUVKQVJZVFluVnphV3hsZW1GelFHZHRZV2xzTG1OdmJURVNNQkFHQTFVRUJ4TUpWM1ZsCmNucGlkWEpuTVE4d0RRWURWUVFJRXdaQ1lYbGxjbTR4Q3pBSkJnTlZCQVlUQWtSRmdna0F3ZW1HRmcybzZZQXcKTXdZRFZSMGZCQ3d3S2pBb29DYWdKSVlpYUhSMGNEb3ZMM2QzZHk1bWNtVmxkSE5oTG05eVp5OXliMjkwWDJOaApMbU55YkRDQnp3WURWUjBnQklISE1JSEVNSUhCQmdvckJnRUVBWUh5SkFFQk1JR3lNRE1HQ0NzR0FRVUZCd0lCCkZpZG9kSFJ3T2k4dmQzZDNMbVp5WldWMGMyRXViM0puTDJaeVpXVjBjMkZmWTNCekxtaDBiV3d3TWdZSUt3WUIKQlFVSEFnRVdKbWgwZEhBNkx5OTNkM2N1Wm5KbFpYUnpZUzV2Y21jdlpuSmxaWFJ6WVY5amNITXVjR1JtTUVjRwpDQ3NHQVFVRkJ3SUNNRHNhT1VaeVpXVlVVMEVnZEhKMWMzUmxaQ0IwYVcxbGMzUmhiWEJwYm1jZ1UyOW1kSGRoCmNtVWdZWE1nWVNCVFpYSjJhV05sSUNoVFlXRlRLVEEzQmdnckJnRUZCUWNCQVFRck1Da3dKd1lJS3dZQkJRVUgKTUFHR0cyaDBkSEE2THk5M2QzY3VabkpsWlhSellTNXZjbWM2TWpVMk1EQU5CZ2txaGtpRzl3MEJBUTBGQUFPQwpBZ0VBYUs5K3Y1T0ZZdTlNNnp0WUMrTDY5c3cxb21keWxpODlsWkFmcFdNTWg5Q1JtSmhNNktCcU0vaXB3b0x0Cm54eXhHc2JDUGhjUWp1VHZ6bSt5bE42VndUTW1JbFZ5VlNMS1laY2RTanQvZUNVTis0MUs3c0Q3R1ZteFpCQUYKSUxuQkRtVEdKbUxrclUwS3V1SXBqOGxJL0U2WjZObm11UDIrUkFRU0hzZkJRaTZzc3NuWE1vNEhPVzVndFBPNwpnRHJVcFZYSUQrKzFQNFhuZGtvS243U3Z3NW4welM5ZnYxaHhCY1lJSFBQUVV6ZTJ1MzBiQVF0MG4waUl5Ukx6CmFXdWh0cEF0ZDdmZndFYkFTZ3pCN0UrTkdGNHRwVjM3ZThLaUEyeGlHU1JxVDVuZHUyOGZncE9ZODdnRDNBcloKRGN0WnZ2VENmSGRBUzVrRU8zZ25HR2VaRVZMRG1mRXN2OFRHSmEzQWxqVmE1RTQwSVFEc1VYcFFMaThHK1VDNAoxRFdadThFVlQ0cm5ZYUN3MVZYN1NoT1IxUE5DQ3ZqYjhTOHRmZHVkZDl6aFUzZ0VCMHJ4ZGVUeTF0VmJOTFhXCjk5eTkweGN3cjFaSURVd00veFEvbm9POEZSaG0wTG9QQzczRWYrSjRaQmRydld3YXVGM3pKZTMzZDRpYnhFY2IKOC9wejVXekZrZWl4WU0ybnNIaHFIc0JLdzdKUG91S05YUm5sNUlBRTFlRm1xRHlDN0cvVlQ3T0Y2Njl4TTZoYgpVdDVHMjFKRTRjTks2Tk51Y1MrZnpnMUpQWDArM1Zoc1laamo3RDV1bGpSdlFYcko4aUhnci9NNmoyb0xIdlRBCkkyTUxkcTJxalpGRE9DWHN4QnhKcGJtTEdCeDlvdzZaZXJsVXh6d3MyQVd2MnBrPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg=="
+      }
+    }
+  }

From 5d548c3a01ba3014685edd1171b02ef27211aa5e Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Tue, 1 Oct 2024 15:19:52 -0400
Subject: [PATCH 10/30] We really do need root (#14)

Signed-off-by: John Kjell <john@testifysec.com>
---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index be2ec66..6c4c1a5 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -20,7 +20,7 @@ RUN go build -o bin/software
 
 FROM cgr.dev/chainguard/static@sha256:676e989769aa9a5254fbfe14abb698804674b91c4d574bb33368d87930c5c472
 
-#USER root
+USER root
 
 COPY --from=builder /build/bin/software /software
 

From 31abed9e2154cb7f1205819a5fcb0f1ff52a9008 Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Tue, 1 Oct 2024 15:22:15 -0400
Subject: [PATCH 11/30] =?UTF-8?q?=F0=9F=9A=92=20Prod=20down=20-=20disable?=
 =?UTF-8?q?=20linting=20=F0=9F=9A=92=20=20(#15)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* We really do need root

Signed-off-by: John Kjell <john@testifysec.com>

* 🚒 Prod down - disable linting 🚒

Signed-off-by: John Kjell <john@testifysec.com>

---------

Signed-off-by: John Kjell <john@testifysec.com>
---
 .github/workflows/pipeline.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index 590bc6a..6fe2a8c 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -40,7 +40,7 @@ jobs:
       pre-command: |
         curl -sSfL https://github.com/hadolint/hadolint/releases/download/v2.12.0/hadolint-Linux-x86_64 -o /usr/local/bin/hadolint && \
         chmod +x /usr/local/bin/hadolint
-      command: hadolint -f sarif Dockerfile > hadolint.sarif
+      command: hadolint --ignore DL3002 -f sarif Dockerfile > hadolint.sarif
       artifact-upload-name: hadolint.sarif
       artifact-upload-path: hadolint.sarif
 
@@ -175,7 +175,7 @@ jobs:
         curl -sSfL https://github.com/jkjell/witness/releases/download/osff-demo/witness -o /tmp/witness && \
         chmod +x /tmp/witness
       command: |
-        /tmp/witness verify -p pr-policy-signed.json -k swfpublic.pem -f /tmp/image.tar --enable-archivista -l debug
+        /tmp/witness verify -p pr-policy-signed.json -k swfpublic.pem -f /tmp/image.tar --enable-archivista
 
   verify:
     needs: [ generate-sbom, secret-scan]
@@ -192,4 +192,4 @@ jobs:
         curl -sSfL https://github.com/jkjell/witness/releases/download/osff-demo/witness -o /tmp/witness && \
         chmod +x /tmp/witness
       command: |
-        /tmp/witness verify -p policy-signed.json -k swfpublic.pem -f /tmp/image.tar --enable-archivista -l debug
+        /tmp/witness verify -p policy-signed.json -k swfpublic.pem -f /tmp/image.tar --enable-archivista

From dec8c457eacb46ba643976641d10d6b62513fdc9 Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Tue, 1 Oct 2024 15:25:12 -0400
Subject: [PATCH 12/30] =?UTF-8?q?Let's=20make=20the=20=F0=9F=8C=8E=20a=20b?=
 =?UTF-8?q?etter=20place,=20the=20right=20way=20=F0=9F=A6=89=E2=9B=93?=
 =?UTF-8?q?=F0=9F=9A=80=20=20(#16)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* We really do need root

Signed-off-by: John Kjell <john@testifysec.com>

* 🚒 Prod down - disable linting 🚒

Signed-off-by: John Kjell <john@testifysec.com>

* Let's make the 🌎 a better place, the right way 🦉⛓🚀

Signed-off-by: John Kjell <john@testifysec.com>

---------

Signed-off-by: John Kjell <john@testifysec.com>

From 2d7abd0bb5920fd5aaa5d4963d8ab9e674722074 Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Tue, 1 Oct 2024 17:26:11 -0400
Subject: [PATCH 13/30] Revert demo changes to good state (#17)

Signed-off-by: John Kjell <john@testifysec.com>
---
 .github/workflows/pipeline.yml |  2 +-
 Dockerfile                     |  2 +-
 policy.rego                    | 16 ++++++++--------
 3 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index 6fe2a8c..e34c284 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -40,7 +40,7 @@ jobs:
       pre-command: |
         curl -sSfL https://github.com/hadolint/hadolint/releases/download/v2.12.0/hadolint-Linux-x86_64 -o /usr/local/bin/hadolint && \
         chmod +x /usr/local/bin/hadolint
-      command: hadolint --ignore DL3002 -f sarif Dockerfile > hadolint.sarif
+      command: hadolint -f sarif Dockerfile > hadolint.sarif
       artifact-upload-name: hadolint.sarif
       artifact-upload-path: hadolint.sarif
 
diff --git a/Dockerfile b/Dockerfile
index 6c4c1a5..a4a0f94 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -20,7 +20,7 @@ RUN go build -o bin/software
 
 FROM cgr.dev/chainguard/static@sha256:676e989769aa9a5254fbfe14abb698804674b91c4d574bb33368d87930c5c472
 
-USER root
+# USER root
 
 COPY --from=builder /build/bin/software /software
 
diff --git a/policy.rego b/policy.rego
index 5af5cfd..19b89b3 100644
--- a/policy.rego
+++ b/policy.rego
@@ -1,34 +1,34 @@
-policy rego
-
-// lint commandrun cmd validation
+# lint commandrun cmd validation
 package commandrun.cmd
 
+import rego.v1
+
 deny[msg] {
 	input.cmd != ["/bin/sh", "-c", "hadolint -f sarif Dockerfile > hadolint.sarif"]
 	msg := "unexpected cmd"
 }
 
-// all github jwt validation
+# all github jwt validation
 package github.attributes
 
 import rego.v1
 
-deny[msg] if {
+deny[msg] {
 	input.jwt.claims.iss != "https://token.actions.githubusercontent.com"
 	msg := "unexpected issuer"
 }
 
-deny[msg] if {
+deny[msg] {
 	input.projecturl != "https://github.com/testifysec/swf"
 	msg := "unexpected projecturl"
 }
 
-deny[msg] if {
+deny[msg] {
 	not startswith(input.jwt.claims.workflow_ref, "testifysec/swf/.github/workflows/pipeline.yml")
 	msg := "unexpected workflow_ref"
 }
 
-// webhook attestor PR approval
+# webhook attestor PR approval
 package pr_review
 
 deny[msg] {

From 59dc59bf54abcb251274adc4719cd597ec735349 Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Mon, 4 Nov 2024 04:30:04 -0600
Subject: [PATCH 14/30] Update archivista and workflow

Signed-off-by: John Kjell <john@testifysec.com>
---
 .github/workflows/pipeline.yml |  85 +++++++++++++--------------
 .github/workflows/witness.yml  | 104 +++++++++++++++++++++++++++++++++
 2 files changed, 145 insertions(+), 44 deletions(-)
 create mode 100644 .github/workflows/witness.yml

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index e34c284..7a44e8c 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -14,24 +14,30 @@ on:
 
 jobs:
   fmt:
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@reusable-workflow
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: fmt
       attestations: "git github environment"
       command: go fmt ./...
+    secrets:
+      TS_OAUTH_CLIENT_ID: ${{ secrets.TS_OAUTH_CLIENT_ID }}
+      TS_OAUTH_SECRET: ${{ secrets.TS_OAUTH_SECRET }}
 
   vet:
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@reusable-workflow
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: vet
       attestations: "git github environment"
       command: go vet ./...
-
+    secrets:
+        TS_OAUTH_CLIENT_ID: ${{ secrets.TS_OAUTH_CLIENT_ID }}
+        TS_OAUTH_SECRET: ${{ secrets.TS_OAUTH_SECRET }}
+  
   # --ignore DL3002    
   lint:
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@reusable-workflow
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: lint
@@ -43,10 +49,13 @@ jobs:
       command: hadolint -f sarif Dockerfile > hadolint.sarif
       artifact-upload-name: hadolint.sarif
       artifact-upload-path: hadolint.sarif
+    secrets:
+      TS_OAUTH_CLIENT_ID: ${{ secrets.TS_OAUTH_CLIENT_ID }}
+      TS_OAUTH_SECRET: ${{ secrets.TS_OAUTH_SECRET }}
 
   unit-test:
     needs: [ fmt, vet, lint ]
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@reusable-workflow
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: unit-test
@@ -54,10 +63,13 @@ jobs:
       command: go test ./... -coverprofile cover.out
       artifact-upload-name: cover.out
       artifact-upload-path: cover.out
+    secrets:
+      TS_OAUTH_CLIENT_ID: ${{ secrets.TS_OAUTH_CLIENT_ID }}
+      TS_OAUTH_SECRET: ${{ secrets.TS_OAUTH_SECRET }}
 
   sast:
     needs: [ fmt, vet, lint ]
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@reusable-workflow
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: sast
@@ -67,16 +79,22 @@ jobs:
       command: semgrep scan --config auto ./ --sarif -o semgrep.sarif
       artifact-upload-name: semgrep.sarif
       artifact-upload-path: semgrep.sarif
+    secrets:
+      TS_OAUTH_CLIENT_ID: ${{ secrets.TS_OAUTH_CLIENT_ID }}
+      TS_OAUTH_SECRET: ${{ secrets.TS_OAUTH_SECRET }}
 
   build:
     needs: [ unit-test, sast ]
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@reusable-workflow
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: build 
       attestations: "git github environment"
       command: go build -o bin/software main.go 
-  
+    secrets:
+      TS_OAUTH_CLIENT_ID: ${{ secrets.TS_OAUTH_CLIENT_ID }}
+      TS_OAUTH_SECRET: ${{ secrets.TS_OAUTH_SECRET }}
+
   build-image:
     needs: [ unit-test, sast ]
     runs-on: ubuntu-latest
@@ -87,6 +105,13 @@ jobs:
       contents: read  # This is required for actions/checkout
   
     steps:
+    - name: Tailscale
+      uses: tailscale/github-action@v2
+      with:
+          oauth-client-id: ${{ secrets.TS_OAUTH_CLIENT_ID }}
+          oauth-secret: ${{ secrets.TS_OAUTH_SECRET }}
+          tags: tag:ci
+
     - uses: actions/checkout@v4.1.1
     - uses: docker/setup-buildx-action@v3.0.0
     
@@ -130,7 +155,7 @@ jobs:
 
   generate-sbom:
     needs: build-image
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@reusable-workflow
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: generate-sbom 
@@ -143,10 +168,13 @@ jobs:
         syft packages docker-archive:/tmp/image.tar --source-name=pkg:oci/testifysec/swf -o cyclonedx-json --file sbom.cdx.json
       artifact-upload-name: sbom.cdx.json
       artifact-upload-path: sbom.cdx.json
+    secrets:
+        TS_OAUTH_CLIENT_ID: ${{ secrets.TS_OAUTH_CLIENT_ID }}
+        TS_OAUTH_SECRET: ${{ secrets.TS_OAUTH_SECRET }}
 
   secret-scan:
     needs: build-image
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@reusable-workflow
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: secret-scan
@@ -159,37 +187,6 @@ jobs:
         trufflehog docker --image=file:///tmp/image.tar -j > trufflehog.json
       artifact-upload-name: trufflehog.json
       artifact-upload-path: trufflehog.json
-
-  verify-pr:
-    needs: [ generate-sbom, secret-scan]
-    
-    if: ${{ github.event_name == 'push' }}
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@reusable-workflow
-    with:
-      pull_request: ${{ github.event_name == 'pull_request' }}
-      step: verify
-      pre-command-attestations: "git github environment"
-      attestations: "git github environment"
-      artifact-download: image.tar
-      pre-command: |
-        curl -sSfL https://github.com/jkjell/witness/releases/download/osff-demo/witness -o /tmp/witness && \
-        chmod +x /tmp/witness
-      command: |
-        /tmp/witness verify -p pr-policy-signed.json -k swfpublic.pem -f /tmp/image.tar --enable-archivista
-
-  verify:
-    needs: [ generate-sbom, secret-scan]
-
-    if: ${{ github.event_name == 'push' }}
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@reusable-workflow
-    with:
-      pull_request: ${{ github.event_name == 'pull_request' }}
-      step: verify
-      pre-command-attestations: "git github environment"
-      attestations: "git github environment"
-      artifact-download: image.tar
-      pre-command: |
-        curl -sSfL https://github.com/jkjell/witness/releases/download/osff-demo/witness -o /tmp/witness && \
-        chmod +x /tmp/witness
-      command: |
-        /tmp/witness verify -p policy-signed.json -k swfpublic.pem -f /tmp/image.tar --enable-archivista
+    secrets:
+      TS_OAUTH_CLIENT_ID: ${{ secrets.TS_OAUTH_CLIENT_ID }}
+      TS_OAUTH_SECRET: ${{ secrets.TS_OAUTH_SECRET }}
diff --git a/.github/workflows/witness.yml b/.github/workflows/witness.yml
new file mode 100644
index 0000000..cb01ff8
--- /dev/null
+++ b/.github/workflows/witness.yml
@@ -0,0 +1,104 @@
+# Copyright 2023 The Archivista Contributors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+on:
+    workflow_call:
+        inputs:
+            pull_request: 
+                required: true
+                type: boolean
+            artifact-download:
+                required: false
+                type: string
+            artifact-upload-name:
+                required: false
+                type: string
+            artifact-upload-path:
+                required: false
+                type: string
+            pre-command:
+                required: false
+                type: string
+            pre-command-attestations:
+                default: "environment git github"
+                required: false
+                type: string
+            command:
+                required: true
+                type: string
+            step:
+                required: true
+                type: string
+            attestations:
+                required: true
+                type: string
+            archivista-server:
+                default: "http://john-minikube-archivista:8082"
+                required: false
+                type: string
+        secrets:
+            TS_OAUTH_CLIENT_ID:
+                required: true
+            TS_OAUTH_SECRET:
+                required: true
+            
+jobs:
+    witness:
+        runs-on: ubuntu-latest
+        steps:
+          - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+          - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
+            with:
+              go-version: 1.21.x
+        
+          - name: Tailscale
+            uses: tailscale/github-action@v2
+            with:
+                oauth-client-id: ${{ secrets.TS_OAUTH_CLIENT_ID }}
+                oauth-secret: ${{ secrets.TS_OAUTH_SECRET }}
+                tags: tag:ci
+
+          - if: ${{ inputs.artifact-download != '' }}
+            uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1
+            with:
+              name: ${{ inputs.artifact-download }}
+              path: /tmp
+
+          - if: ${{ inputs.pre-command != '' && inputs.pull_request == false }}
+            uses: testifysec/witness-run-action@79320a907f611f2fb40ced8e13c66af988b2d9db # v0.2.2
+            with:
+              version: 0.6.0
+              archivista-server: ${{ inputs.archivista-server }}
+              step: pre-${{ inputs.step }}
+              attestations: ${{ inputs.pre-command-attestations }}
+              command: /bin/sh -c "${{ inputs.pre-command }}"
+          - if: ${{ inputs.pre-command != '' && inputs.pull_request == true }}
+            run: ${{ inputs.pre-command }}
+
+          - if: ${{ inputs.pull_request == false }}
+            uses: testifysec/witness-run-action@79320a907f611f2fb40ced8e13c66af988b2d9db # v0.2.2
+            with:
+              version: 0.6.0
+              archivista-server: ${{ inputs.archivista-server }}
+              step: ${{ inputs.step }}
+              attestations: ${{ inputs.attestations }}
+              command: /bin/sh -c "${{ inputs.command }}"
+          - if: ${{ inputs.pull_request == true }}
+            run: ${{ inputs.command }}
+
+          - if: ${{ inputs.artifact-upload-path != '' && inputs.artifact-upload-name != ''}}
+            uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
+            with:
+              name: ${{ inputs.artifact-upload-name }}
+              path: ${{ inputs.artifact-upload-path }}
\ No newline at end of file

From 923f2995aea7b8a26a37ddf9ad7a8b28aad5ca44 Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Sat, 9 Nov 2024 14:41:13 -0600
Subject: [PATCH 15/30] point build-image job at correct archivista

Signed-off-by: John Kjell <john@testifysec.com>
---
 .github/workflows/pipeline.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index 7a44e8c..9ef6119 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -140,6 +140,7 @@ jobs:
       with:
         version: 0.6.0
         step: build-image
+        archivista-server: "http://john-minikube-archivista:8082"
         attestations: "git github environment oci slsa"
         command: |
           /bin/sh -c "docker buildx build -t ${{ steps.meta.outputs.tags }} -o type=docker,dest=image.tar --push ."

From e762c9b94d1331a59606fb2ba94884cc1a3a9cf4 Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Sun, 10 Nov 2024 16:36:55 -0600
Subject: [PATCH 16/30] Need to ignore false positive from linter

Signed-off-by: John Kjell <john@testifysec.com>
---
 .github/workflows/pipeline.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index 9ef6119..5f16a12 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -46,7 +46,7 @@ jobs:
       pre-command: |
         curl -sSfL https://github.com/hadolint/hadolint/releases/download/v2.12.0/hadolint-Linux-x86_64 -o /usr/local/bin/hadolint && \
         chmod +x /usr/local/bin/hadolint
-      command: hadolint -f sarif Dockerfile > hadolint.sarif
+      command: hadolint -f sarif --ignore DL3002 Dockerfile > hadolint.sarif
       artifact-upload-name: hadolint.sarif
       artifact-upload-path: hadolint.sarif
     secrets:

From 7cedc8052fb9b708a7a33531fe0bbda16f78e590 Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Sun, 10 Nov 2024 16:58:28 -0600
Subject: [PATCH 17/30] Update rules for hadolint

Signed-off-by: John Kjell <john@testifysec.com>
---
 .github/workflows/pipeline.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index 5f16a12..9ef6119 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -46,7 +46,7 @@ jobs:
       pre-command: |
         curl -sSfL https://github.com/hadolint/hadolint/releases/download/v2.12.0/hadolint-Linux-x86_64 -o /usr/local/bin/hadolint && \
         chmod +x /usr/local/bin/hadolint
-      command: hadolint -f sarif --ignore DL3002 Dockerfile > hadolint.sarif
+      command: hadolint -f sarif Dockerfile > hadolint.sarif
       artifact-upload-name: hadolint.sarif
       artifact-upload-path: hadolint.sarif
     secrets:

From 4d3a62bfd7b1043e678b7025bce86d8b8543068a Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Sun, 10 Nov 2024 17:06:02 -0600
Subject: [PATCH 18/30] Need to ignore false positive from linter

Signed-off-by: John Kjell <john@testifysec.com>
---
 .github/workflows/pipeline.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index 9ef6119..5f16a12 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -46,7 +46,7 @@ jobs:
       pre-command: |
         curl -sSfL https://github.com/hadolint/hadolint/releases/download/v2.12.0/hadolint-Linux-x86_64 -o /usr/local/bin/hadolint && \
         chmod +x /usr/local/bin/hadolint
-      command: hadolint -f sarif Dockerfile > hadolint.sarif
+      command: hadolint -f sarif --ignore DL3002 Dockerfile > hadolint.sarif
       artifact-upload-name: hadolint.sarif
       artifact-upload-path: hadolint.sarif
     secrets:

From 619e9af9448989b35eeae41f1395be1f86f453a4 Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Mon, 11 Nov 2024 00:17:22 -0600
Subject: [PATCH 19/30] Update rules for hadolint (#21)

Signed-off-by: John Kjell <john@testifysec.com>
---
 .github/workflows/pipeline.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index 5f16a12..9ef6119 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -46,7 +46,7 @@ jobs:
       pre-command: |
         curl -sSfL https://github.com/hadolint/hadolint/releases/download/v2.12.0/hadolint-Linux-x86_64 -o /usr/local/bin/hadolint && \
         chmod +x /usr/local/bin/hadolint
-      command: hadolint -f sarif --ignore DL3002 Dockerfile > hadolint.sarif
+      command: hadolint -f sarif Dockerfile > hadolint.sarif
       artifact-upload-name: hadolint.sarif
       artifact-upload-path: hadolint.sarif
     secrets:

From ed193f398ed78fb979e434a1bb84982d8363f565 Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Tue, 3 Dec 2024 13:32:42 -0600
Subject: [PATCH 20/30] Update to demo environment

Signed-off-by: John Kjell <john@testifysec.com>
---
 .github/workflows/pipeline.yml | 33 +--------------------------------
 .github/workflows/witness.yml  | 14 +-------------
 2 files changed, 2 insertions(+), 45 deletions(-)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index 9ef6119..c9f0d56 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -20,9 +20,6 @@ jobs:
       step: fmt
       attestations: "git github environment"
       command: go fmt ./...
-    secrets:
-      TS_OAUTH_CLIENT_ID: ${{ secrets.TS_OAUTH_CLIENT_ID }}
-      TS_OAUTH_SECRET: ${{ secrets.TS_OAUTH_SECRET }}
 
   vet:
     uses: ./.github/workflows/witness.yml
@@ -31,9 +28,6 @@ jobs:
       step: vet
       attestations: "git github environment"
       command: go vet ./...
-    secrets:
-        TS_OAUTH_CLIENT_ID: ${{ secrets.TS_OAUTH_CLIENT_ID }}
-        TS_OAUTH_SECRET: ${{ secrets.TS_OAUTH_SECRET }}
   
   # --ignore DL3002    
   lint:
@@ -49,9 +43,6 @@ jobs:
       command: hadolint -f sarif Dockerfile > hadolint.sarif
       artifact-upload-name: hadolint.sarif
       artifact-upload-path: hadolint.sarif
-    secrets:
-      TS_OAUTH_CLIENT_ID: ${{ secrets.TS_OAUTH_CLIENT_ID }}
-      TS_OAUTH_SECRET: ${{ secrets.TS_OAUTH_SECRET }}
 
   unit-test:
     needs: [ fmt, vet, lint ]
@@ -63,9 +54,6 @@ jobs:
       command: go test ./... -coverprofile cover.out
       artifact-upload-name: cover.out
       artifact-upload-path: cover.out
-    secrets:
-      TS_OAUTH_CLIENT_ID: ${{ secrets.TS_OAUTH_CLIENT_ID }}
-      TS_OAUTH_SECRET: ${{ secrets.TS_OAUTH_SECRET }}
 
   sast:
     needs: [ fmt, vet, lint ]
@@ -79,9 +67,6 @@ jobs:
       command: semgrep scan --config auto ./ --sarif -o semgrep.sarif
       artifact-upload-name: semgrep.sarif
       artifact-upload-path: semgrep.sarif
-    secrets:
-      TS_OAUTH_CLIENT_ID: ${{ secrets.TS_OAUTH_CLIENT_ID }}
-      TS_OAUTH_SECRET: ${{ secrets.TS_OAUTH_SECRET }}
 
   build:
     needs: [ unit-test, sast ]
@@ -91,9 +76,6 @@ jobs:
       step: build 
       attestations: "git github environment"
       command: go build -o bin/software main.go 
-    secrets:
-      TS_OAUTH_CLIENT_ID: ${{ secrets.TS_OAUTH_CLIENT_ID }}
-      TS_OAUTH_SECRET: ${{ secrets.TS_OAUTH_SECRET }}
 
   build-image:
     needs: [ unit-test, sast ]
@@ -105,13 +87,6 @@ jobs:
       contents: read  # This is required for actions/checkout
   
     steps:
-    - name: Tailscale
-      uses: tailscale/github-action@v2
-      with:
-          oauth-client-id: ${{ secrets.TS_OAUTH_CLIENT_ID }}
-          oauth-secret: ${{ secrets.TS_OAUTH_SECRET }}
-          tags: tag:ci
-
     - uses: actions/checkout@v4.1.1
     - uses: docker/setup-buildx-action@v3.0.0
     
@@ -140,7 +115,7 @@ jobs:
       with:
         version: 0.6.0
         step: build-image
-        archivista-server: "http://john-minikube-archivista:8082"
+        archivista-server: "https://archivista.aws-sandbox-staging.testifysec.dev/"
         attestations: "git github environment oci slsa"
         command: |
           /bin/sh -c "docker buildx build -t ${{ steps.meta.outputs.tags }} -o type=docker,dest=image.tar --push ."
@@ -169,9 +144,6 @@ jobs:
         syft packages docker-archive:/tmp/image.tar --source-name=pkg:oci/testifysec/swf -o cyclonedx-json --file sbom.cdx.json
       artifact-upload-name: sbom.cdx.json
       artifact-upload-path: sbom.cdx.json
-    secrets:
-        TS_OAUTH_CLIENT_ID: ${{ secrets.TS_OAUTH_CLIENT_ID }}
-        TS_OAUTH_SECRET: ${{ secrets.TS_OAUTH_SECRET }}
 
   secret-scan:
     needs: build-image
@@ -188,6 +160,3 @@ jobs:
         trufflehog docker --image=file:///tmp/image.tar -j > trufflehog.json
       artifact-upload-name: trufflehog.json
       artifact-upload-path: trufflehog.json
-    secrets:
-      TS_OAUTH_CLIENT_ID: ${{ secrets.TS_OAUTH_CLIENT_ID }}
-      TS_OAUTH_SECRET: ${{ secrets.TS_OAUTH_SECRET }}
diff --git a/.github/workflows/witness.yml b/.github/workflows/witness.yml
index cb01ff8..d7ecb80 100644
--- a/.github/workflows/witness.yml
+++ b/.github/workflows/witness.yml
@@ -44,14 +44,9 @@ on:
                 required: true
                 type: string
             archivista-server:
-                default: "http://john-minikube-archivista:8082"
+                default: "https://archivista.aws-sandbox-staging.testifysec.dev/"
                 required: false
                 type: string
-        secrets:
-            TS_OAUTH_CLIENT_ID:
-                required: true
-            TS_OAUTH_SECRET:
-                required: true
             
 jobs:
     witness:
@@ -62,13 +57,6 @@ jobs:
             with:
               go-version: 1.21.x
         
-          - name: Tailscale
-            uses: tailscale/github-action@v2
-            with:
-                oauth-client-id: ${{ secrets.TS_OAUTH_CLIENT_ID }}
-                oauth-secret: ${{ secrets.TS_OAUTH_SECRET }}
-                tags: tag:ci
-
           - if: ${{ inputs.artifact-download != '' }}
             uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1
             with:

From 80f2b9d12a2892782b19114fe70fcf5c39263631 Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Wed, 15 Jan 2025 08:42:18 -0600
Subject: [PATCH 21/30] Use default archivista

Signed-off-by: John Kjell <john@testifysec.com>
---
 .github/workflows/pipeline.yml | 1 -
 .github/workflows/witness.yml  | 1 -
 2 files changed, 2 deletions(-)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index c9f0d56..e945999 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -115,7 +115,6 @@ jobs:
       with:
         version: 0.6.0
         step: build-image
-        archivista-server: "https://archivista.aws-sandbox-staging.testifysec.dev/"
         attestations: "git github environment oci slsa"
         command: |
           /bin/sh -c "docker buildx build -t ${{ steps.meta.outputs.tags }} -o type=docker,dest=image.tar --push ."
diff --git a/.github/workflows/witness.yml b/.github/workflows/witness.yml
index d7ecb80..7688536 100644
--- a/.github/workflows/witness.yml
+++ b/.github/workflows/witness.yml
@@ -44,7 +44,6 @@ on:
                 required: true
                 type: string
             archivista-server:
-                default: "https://archivista.aws-sandbox-staging.testifysec.dev/"
                 required: false
                 type: string
             

From 5813a77ce76a658d068783a74d5a22cf159b5644 Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Wed, 15 Jan 2025 08:51:27 -0600
Subject: [PATCH 22/30] Need to run as root

Signed-off-by: John Kjell <john@testifysec.com>
---
 .github/workflows/pipeline.yml | 2 +-
 Dockerfile                     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index e945999..d1bf02a 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -40,7 +40,7 @@ jobs:
       pre-command: |
         curl -sSfL https://github.com/hadolint/hadolint/releases/download/v2.12.0/hadolint-Linux-x86_64 -o /usr/local/bin/hadolint && \
         chmod +x /usr/local/bin/hadolint
-      command: hadolint -f sarif Dockerfile > hadolint.sarif
+      command: hadolint -f sarif --ignore DL3002 Dockerfile > hadolint.sarif
       artifact-upload-name: hadolint.sarif
       artifact-upload-path: hadolint.sarif
 
diff --git a/Dockerfile b/Dockerfile
index a4a0f94..6c4c1a5 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -20,7 +20,7 @@ RUN go build -o bin/software
 
 FROM cgr.dev/chainguard/static@sha256:676e989769aa9a5254fbfe14abb698804674b91c4d574bb33368d87930c5c472
 
-# USER root
+USER root
 
 COPY --from=builder /build/bin/software /software
 

From 269de7ebef1e131bf79988bb19936b125d2c357c Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Wed, 15 Jan 2025 08:55:44 -0600
Subject: [PATCH 23/30] Update witness install dir

Signed-off-by: John Kjell <john@testifysec.com>
---
 .github/workflows/pipeline.yml | 1 +
 .github/workflows/witness.yml  | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index d1bf02a..0472d2b 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -114,6 +114,7 @@ jobs:
       uses: testifysec/witness-run-action@reusable-workflow # v0.2.0
       with:
         version: 0.6.0
+        witness-install-dir: /usr/local/bin
         step: build-image
         attestations: "git github environment oci slsa"
         command: |
diff --git a/.github/workflows/witness.yml b/.github/workflows/witness.yml
index 7688536..5390159 100644
--- a/.github/workflows/witness.yml
+++ b/.github/workflows/witness.yml
@@ -66,6 +66,7 @@ jobs:
             uses: testifysec/witness-run-action@79320a907f611f2fb40ced8e13c66af988b2d9db # v0.2.2
             with:
               version: 0.6.0
+              witness-install-dir: /usr/local/bin
               archivista-server: ${{ inputs.archivista-server }}
               step: pre-${{ inputs.step }}
               attestations: ${{ inputs.pre-command-attestations }}
@@ -77,6 +78,7 @@ jobs:
             uses: testifysec/witness-run-action@79320a907f611f2fb40ced8e13c66af988b2d9db # v0.2.2
             with:
               version: 0.6.0
+              witness-install-dir: /usr/local/bin
               archivista-server: ${{ inputs.archivista-server }}
               step: ${{ inputs.step }}
               attestations: ${{ inputs.attestations }}

From dd4246d8f626516175615d5f540424634e46e573 Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Wed, 15 Jan 2025 09:00:55 -0600
Subject: [PATCH 24/30] =?UTF-8?q?=F0=9F=9A=92=20Prod=20is=20down=20?=
 =?UTF-8?q?=F0=9F=9A=92.=20Approve=20ASAP?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: John Kjell <john@testifysec.com>
---
 .github/workflows/pipeline.yml | 5 ++++-
 Dockerfile                     | 2 +-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index 0472d2b..b60ed4f 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -40,7 +40,7 @@ jobs:
       pre-command: |
         curl -sSfL https://github.com/hadolint/hadolint/releases/download/v2.12.0/hadolint-Linux-x86_64 -o /usr/local/bin/hadolint && \
         chmod +x /usr/local/bin/hadolint
-      command: hadolint -f sarif --ignore DL3002 Dockerfile > hadolint.sarif
+      command: hadolint -f sarif Dockerfile > hadolint.sarif
       artifact-upload-name: hadolint.sarif
       artifact-upload-path: hadolint.sarif
 
@@ -110,6 +110,9 @@ jobs:
         install: true
         use: true
 
+    - name: Fix Dockerfile
+      run: sed -i 's/# USER root/USER root/g' Dockerfile
+
     - name: Build Image
       uses: testifysec/witness-run-action@reusable-workflow # v0.2.0
       with:
diff --git a/Dockerfile b/Dockerfile
index 6c4c1a5..a4a0f94 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -20,7 +20,7 @@ RUN go build -o bin/software
 
 FROM cgr.dev/chainguard/static@sha256:676e989769aa9a5254fbfe14abb698804674b91c4d574bb33368d87930c5c472
 
-USER root
+# USER root
 
 COPY --from=builder /build/bin/software /software
 

From 1b88da9231ade6d93c8adbae4ae7fb1d5e16aad2 Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Wed, 12 Feb 2025 22:38:21 -0600
Subject: [PATCH 25/30] Update archivista URL and witness version (#30)

Signed-off-by: John Kjell <john@testifysec.com>
---
 .github/workflows/pipeline.yml | 11 ++++++++++-
 .github/workflows/witness.yml  |  4 ++--
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index b60ed4f..d799ad8 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -18,6 +18,7 @@ jobs:
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: fmt
+      archivista-server: "https://judge.aws-sandbox-staging.testifysec.dev"
       attestations: "git github environment"
       command: go fmt ./...
 
@@ -26,6 +27,7 @@ jobs:
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: vet
+      archivista-server: "https://judge.aws-sandbox-staging.testifysec.dev"
       attestations: "git github environment"
       command: go vet ./...
   
@@ -35,6 +37,7 @@ jobs:
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: lint
+      archivista-server: "https://judge.aws-sandbox-staging.testifysec.dev"
       pre-command-attestations: "git github environment"
       attestations: "git github environment"
       pre-command: |
@@ -50,6 +53,7 @@ jobs:
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: unit-test
+      archivista-server: "https://judge.aws-sandbox-staging.testifysec.dev"
       attestations: "git github environment"
       command: go test ./... -coverprofile cover.out
       artifact-upload-name: cover.out
@@ -61,6 +65,7 @@ jobs:
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: sast
+      archivista-server: "https://judge.aws-sandbox-staging.testifysec.dev"
       pre-command-attestations: "git github environment"
       attestations: "git github environment"
       pre-command: python3 -m pip install semgrep==1.45.0
@@ -74,6 +79,7 @@ jobs:
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: build 
+      archivista-server: "https://judge.aws-sandbox-staging.testifysec.dev"
       attestations: "git github environment"
       command: go build -o bin/software main.go 
 
@@ -116,9 +122,10 @@ jobs:
     - name: Build Image
       uses: testifysec/witness-run-action@reusable-workflow # v0.2.0
       with:
-        version: 0.6.0
+        version: 0.7.0
         witness-install-dir: /usr/local/bin
         step: build-image
+        archivista-server: "https://judge.aws-sandbox-staging.testifysec.dev"
         attestations: "git github environment oci slsa"
         command: |
           /bin/sh -c "docker buildx build -t ${{ steps.meta.outputs.tags }} -o type=docker,dest=image.tar --push ."
@@ -138,6 +145,7 @@ jobs:
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: generate-sbom 
+      archivista-server: "https://judge.aws-sandbox-staging.testifysec.dev"
       pre-command-attestations: "git github environment"
       attestations: "git github environment sbom"
       artifact-download: image.tar
@@ -154,6 +162,7 @@ jobs:
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: secret-scan
+      archivista-server: "https://judge.aws-sandbox-staging.testifysec.dev"
       pre-command-attestations: "git github environment"
       attestations: "git github environment"
       artifact-download: image.tar
diff --git a/.github/workflows/witness.yml b/.github/workflows/witness.yml
index 5390159..df7c8e1 100644
--- a/.github/workflows/witness.yml
+++ b/.github/workflows/witness.yml
@@ -65,7 +65,7 @@ jobs:
           - if: ${{ inputs.pre-command != '' && inputs.pull_request == false }}
             uses: testifysec/witness-run-action@79320a907f611f2fb40ced8e13c66af988b2d9db # v0.2.2
             with:
-              version: 0.6.0
+              version: 0.7.0
               witness-install-dir: /usr/local/bin
               archivista-server: ${{ inputs.archivista-server }}
               step: pre-${{ inputs.step }}
@@ -77,7 +77,7 @@ jobs:
           - if: ${{ inputs.pull_request == false }}
             uses: testifysec/witness-run-action@79320a907f611f2fb40ced8e13c66af988b2d9db # v0.2.2
             with:
-              version: 0.6.0
+              version: 0.7.0
               witness-install-dir: /usr/local/bin
               archivista-server: ${{ inputs.archivista-server }}
               step: ${{ inputs.step }}

From e875825b619a17245b0fe2466c148cedfd7aec0b Mon Sep 17 00:00:00 2001
From: Kris Coleman <kriscodeman@gmail.com>
Date: Mon, 28 Apr 2025 16:02:53 -0400
Subject: [PATCH 26/30] chore: update witness-run-action version

Updates the testifysec/witness-run-action to v0.9.1.

This upgrades the witness tool in the workflow.
---
 .github/workflows/pipeline.yml | 148 ++++++++++++++++-----------------
 .github/workflows/witness.yml  | 148 ++++++++++++++++-----------------
 2 files changed, 148 insertions(+), 148 deletions(-)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index d799ad8..f523c44 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -1,6 +1,6 @@
 permissions:
   id-token: write # This is required for requesting the JWT
-  contents: read  # This is required for actions/checkout
+  contents: read # This is required for actions/checkout
 
 name: pipeline
 
@@ -18,8 +18,8 @@ jobs:
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: fmt
-      archivista-server: "https://judge.aws-sandbox-staging.testifysec.dev"
-      attestations: "git github environment"
+      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      attestations: 'git github environment'
       command: go fmt ./...
 
   vet:
@@ -27,19 +27,19 @@ jobs:
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: vet
-      archivista-server: "https://judge.aws-sandbox-staging.testifysec.dev"
-      attestations: "git github environment"
+      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      attestations: 'git github environment'
       command: go vet ./...
-  
-  # --ignore DL3002    
+
+  # --ignore DL3002
   lint:
     uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: lint
-      archivista-server: "https://judge.aws-sandbox-staging.testifysec.dev"
-      pre-command-attestations: "git github environment"
-      attestations: "git github environment"
+      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      pre-command-attestations: 'git github environment'
+      attestations: 'git github environment'
       pre-command: |
         curl -sSfL https://github.com/hadolint/hadolint/releases/download/v2.12.0/hadolint-Linux-x86_64 -o /usr/local/bin/hadolint && \
         chmod +x /usr/local/bin/hadolint
@@ -48,93 +48,93 @@ jobs:
       artifact-upload-path: hadolint.sarif
 
   unit-test:
-    needs: [ fmt, vet, lint ]
+    needs: [fmt, vet, lint]
     uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: unit-test
-      archivista-server: "https://judge.aws-sandbox-staging.testifysec.dev"
-      attestations: "git github environment"
+      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      attestations: 'git github environment'
       command: go test ./... -coverprofile cover.out
       artifact-upload-name: cover.out
       artifact-upload-path: cover.out
 
   sast:
-    needs: [ fmt, vet, lint ]
+    needs: [fmt, vet, lint]
     uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: sast
-      archivista-server: "https://judge.aws-sandbox-staging.testifysec.dev"
-      pre-command-attestations: "git github environment"
-      attestations: "git github environment"
+      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      pre-command-attestations: 'git github environment'
+      attestations: 'git github environment'
       pre-command: python3 -m pip install semgrep==1.45.0
       command: semgrep scan --config auto ./ --sarif -o semgrep.sarif
       artifact-upload-name: semgrep.sarif
       artifact-upload-path: semgrep.sarif
 
   build:
-    needs: [ unit-test, sast ]
+    needs: [unit-test, sast]
     uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
-      step: build 
-      archivista-server: "https://judge.aws-sandbox-staging.testifysec.dev"
-      attestations: "git github environment"
-      command: go build -o bin/software main.go 
+      step: build
+      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      attestations: 'git github environment'
+      command: go build -o bin/software main.go
 
   build-image:
-    needs: [ unit-test, sast ]
+    needs: [unit-test, sast]
     runs-on: ubuntu-latest
 
     permissions:
       packages: write
       id-token: write # This is required for requesting the JWT
-      contents: read  # This is required for actions/checkout
-  
+      contents: read # This is required for actions/checkout
+
     steps:
-    - uses: actions/checkout@v4.1.1
-    - uses: docker/setup-buildx-action@v3.0.0
-    
-    - name: Docker meta
-      id: meta
-      uses: docker/metadata-action@v5
-      with:
-        images: ghcr.io/testifysec/swf/software
-
-    - name: Docker Login
-      uses: docker/login-action@v3
-      with:
-        registry: ghcr.io
-        username: ${{ github.actor }}
-        password: ${{ secrets.GITHUB_TOKEN }}
-
-    - name: Setup Buildx
-      uses: docker/setup-buildx-action@v3
-      with:
-        platforms: linux/amd64
-        install: true
-        use: true
-
-    - name: Fix Dockerfile
-      run: sed -i 's/# USER root/USER root/g' Dockerfile
-
-    - name: Build Image
-      uses: testifysec/witness-run-action@reusable-workflow # v0.2.0
-      with:
-        version: 0.7.0
-        witness-install-dir: /usr/local/bin
-        step: build-image
-        archivista-server: "https://judge.aws-sandbox-staging.testifysec.dev"
-        attestations: "git github environment oci slsa"
-        command: |
-          /bin/sh -c "docker buildx build -t ${{ steps.meta.outputs.tags }} -o type=docker,dest=image.tar --push ."
-          
-    - name: Upload Artifact
-      uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
-      with:
-        name: image.tar
-        path: image.tar
+      - uses: actions/checkout@v4.1.1
+      - uses: docker/setup-buildx-action@v3.0.0
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ghcr.io/testifysec/swf/software
+
+      - name: Docker Login
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Setup Buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          platforms: linux/amd64
+          install: true
+          use: true
+
+      - name: Fix Dockerfile
+        run: sed -i 's/# USER root/USER root/g' Dockerfile
+
+      - name: Build Image
+        uses: testifysec/witness-run-action@reusable-workflow # v0.2.0
+        with:
+          version: 0.9.1
+          witness-install-dir: /usr/local/bin
+          step: build-image
+          archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+          attestations: 'git github environment oci slsa'
+          command: |
+            /bin/sh -c "docker buildx build -t ${{ steps.meta.outputs.tags }} -o type=docker,dest=image.tar --push ."
+
+      - name: Upload Artifact
+        uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
+        with:
+          name: image.tar
+          path: image.tar
 
     outputs:
       tags: ${{ steps.meta.outputs.tags }}
@@ -144,10 +144,10 @@ jobs:
     uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
-      step: generate-sbom 
-      archivista-server: "https://judge.aws-sandbox-staging.testifysec.dev"
-      pre-command-attestations: "git github environment"
-      attestations: "git github environment sbom"
+      step: generate-sbom
+      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      pre-command-attestations: 'git github environment'
+      attestations: 'git github environment sbom'
       artifact-download: image.tar
       pre-command: |
         curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin
@@ -162,9 +162,9 @@ jobs:
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: secret-scan
-      archivista-server: "https://judge.aws-sandbox-staging.testifysec.dev"
-      pre-command-attestations: "git github environment"
-      attestations: "git github environment"
+      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      pre-command-attestations: 'git github environment'
+      attestations: 'git github environment'
       artifact-download: image.tar
       pre-command: |
         curl -sSfL https://raw.githubusercontent.com/trufflesecurity/trufflehog/main/scripts/install.sh | sh -s -- -b /usr/local/bin
diff --git a/.github/workflows/witness.yml b/.github/workflows/witness.yml
index df7c8e1..e77e303 100644
--- a/.github/workflows/witness.yml
+++ b/.github/workflows/witness.yml
@@ -13,81 +13,81 @@
 # limitations under the License.
 
 on:
-    workflow_call:
-        inputs:
-            pull_request: 
-                required: true
-                type: boolean
-            artifact-download:
-                required: false
-                type: string
-            artifact-upload-name:
-                required: false
-                type: string
-            artifact-upload-path:
-                required: false
-                type: string
-            pre-command:
-                required: false
-                type: string
-            pre-command-attestations:
-                default: "environment git github"
-                required: false
-                type: string
-            command:
-                required: true
-                type: string
-            step:
-                required: true
-                type: string
-            attestations:
-                required: true
-                type: string
-            archivista-server:
-                required: false
-                type: string
-            
+  workflow_call:
+    inputs:
+      pull_request:
+        required: true
+        type: boolean
+      artifact-download:
+        required: false
+        type: string
+      artifact-upload-name:
+        required: false
+        type: string
+      artifact-upload-path:
+        required: false
+        type: string
+      pre-command:
+        required: false
+        type: string
+      pre-command-attestations:
+        default: 'environment git github'
+        required: false
+        type: string
+      command:
+        required: true
+        type: string
+      step:
+        required: true
+        type: string
+      attestations:
+        required: true
+        type: string
+      archivista-server:
+        required: false
+        type: string
+
 jobs:
-    witness:
-        runs-on: ubuntu-latest
-        steps:
-          - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
-          - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
-            with:
-              go-version: 1.21.x
-        
-          - if: ${{ inputs.artifact-download != '' }}
-            uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1
-            with:
-              name: ${{ inputs.artifact-download }}
-              path: /tmp
+  witness:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
+        with:
+          go-version: 1.21.x
+
+      - if: ${{ inputs.artifact-download != '' }}
+        uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1
+        with:
+          name: ${{ inputs.artifact-download }}
+          path: /tmp
 
-          - if: ${{ inputs.pre-command != '' && inputs.pull_request == false }}
-            uses: testifysec/witness-run-action@79320a907f611f2fb40ced8e13c66af988b2d9db # v0.2.2
-            with:
-              version: 0.7.0
-              witness-install-dir: /usr/local/bin
-              archivista-server: ${{ inputs.archivista-server }}
-              step: pre-${{ inputs.step }}
-              attestations: ${{ inputs.pre-command-attestations }}
-              command: /bin/sh -c "${{ inputs.pre-command }}"
-          - if: ${{ inputs.pre-command != '' && inputs.pull_request == true }}
-            run: ${{ inputs.pre-command }}
+      - if: ${{ inputs.pre-command != '' && inputs.pull_request == false }}
+        uses: testifysec/witness-run-action@79320a907f611f2fb40ced8e13c66af988b2d9db # v0.2.2
+        with:
+          version: 0.9.1
+          witness-install-dir: /usr/local/bin
+          archivista-server: ${{ inputs.archivista-server }}
+          step: pre-${{ inputs.step }}
+          attestations: ${{ inputs.pre-command-attestations }}
+          command: /bin/sh -c "${{ inputs.pre-command }}"
+      - if: ${{ inputs.pre-command != '' && inputs.pull_request == true }}
+        run: ${{ inputs.pre-command }}
 
-          - if: ${{ inputs.pull_request == false }}
-            uses: testifysec/witness-run-action@79320a907f611f2fb40ced8e13c66af988b2d9db # v0.2.2
-            with:
-              version: 0.7.0
-              witness-install-dir: /usr/local/bin
-              archivista-server: ${{ inputs.archivista-server }}
-              step: ${{ inputs.step }}
-              attestations: ${{ inputs.attestations }}
-              command: /bin/sh -c "${{ inputs.command }}"
-          - if: ${{ inputs.pull_request == true }}
-            run: ${{ inputs.command }}
+      - if: ${{ inputs.pull_request == false }}
+        uses: testifysec/witness-run-action@79320a907f611f2fb40ced8e13c66af988b2d9db # v0.2.2
+        with:
+          version: 0.9.1
+          witness-install-dir: /usr/local/bin
+          archivista-server: ${{ inputs.archivista-server }}
+          step: ${{ inputs.step }}
+          attestations: ${{ inputs.attestations }}
+          command: /bin/sh -c "${{ inputs.command }}"
+      - if: ${{ inputs.pull_request == true }}
+        run: ${{ inputs.command }}
 
-          - if: ${{ inputs.artifact-upload-path != '' && inputs.artifact-upload-name != ''}}
-            uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
-            with:
-              name: ${{ inputs.artifact-upload-name }}
-              path: ${{ inputs.artifact-upload-path }}
\ No newline at end of file
+      - if: ${{ inputs.artifact-upload-path != '' && inputs.artifact-upload-name != ''}}
+        uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
+        with:
+          name: ${{ inputs.artifact-upload-name }}
+          path: ${{ inputs.artifact-upload-path }}

From 0ffe8dea16905ed21e6a12aaa0212b1127743c30 Mon Sep 17 00:00:00 2001
From: Kris Coleman <kriscodeman@gmail.com>
Date: Tue, 29 Apr 2025 17:29:34 -0400
Subject: [PATCH 27/30] chore: updates archivista server URL to testifysec prod

Updates the archivista server URL in the pipeline configuration to saas prod

This change points to the production environment, ensuring that
all pipeline jobs now use the correct server for attestation and
verification processes.
---
 .github/workflows/pipeline.yml | 35 +++++++++++++++++++++++++---------
 .github/workflows/witness.yml  |  5 +++++
 2 files changed, 31 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index f523c44..e19c832 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -18,18 +18,22 @@ jobs:
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: fmt
-      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      archivista-server: 'https://web.platform.testifysec.com'
       attestations: 'git github environment'
       command: go fmt ./...
+    secrets:
+      witness_api_token: ${{ secrets.witness_api_token }}
 
   vet:
     uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: vet
-      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      archivista-server: 'https://web.platform.testifysec.com'
       attestations: 'git github environment'
       command: go vet ./...
+    secrets:
+      witness_api_token: ${{ secrets.witness_api_token }}
 
   # --ignore DL3002
   lint:
@@ -37,7 +41,7 @@ jobs:
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: lint
-      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      archivista-server: 'https://web.platform.testifysec.com'
       pre-command-attestations: 'git github environment'
       attestations: 'git github environment'
       pre-command: |
@@ -46,6 +50,8 @@ jobs:
       command: hadolint -f sarif Dockerfile > hadolint.sarif
       artifact-upload-name: hadolint.sarif
       artifact-upload-path: hadolint.sarif
+    secrets:
+      witness_api_token: ${{ secrets.witness_api_token }}
 
   unit-test:
     needs: [fmt, vet, lint]
@@ -53,11 +59,13 @@ jobs:
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: unit-test
-      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      archivista-server: 'https://web.platform.testifysec.com'
       attestations: 'git github environment'
       command: go test ./... -coverprofile cover.out
       artifact-upload-name: cover.out
       artifact-upload-path: cover.out
+    secrets:
+      witness_api_token: ${{ secrets.witness_api_token }}
 
   sast:
     needs: [fmt, vet, lint]
@@ -65,13 +73,15 @@ jobs:
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: sast
-      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      archivista-server: 'https://web.platform.testifysec.com'
       pre-command-attestations: 'git github environment'
       attestations: 'git github environment'
       pre-command: python3 -m pip install semgrep==1.45.0
       command: semgrep scan --config auto ./ --sarif -o semgrep.sarif
       artifact-upload-name: semgrep.sarif
       artifact-upload-path: semgrep.sarif
+    secrets:
+      witness_api_token: ${{ secrets.witness_api_token }}
 
   build:
     needs: [unit-test, sast]
@@ -79,9 +89,11 @@ jobs:
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: build
-      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      archivista-server: 'https://web.platform.testifysec.com'
       attestations: 'git github environment'
       command: go build -o bin/software main.go
+    secrets:
+      witness_api_token: ${{ secrets.witness_api_token }}
 
   build-image:
     needs: [unit-test, sast]
@@ -125,7 +137,8 @@ jobs:
           version: 0.9.1
           witness-install-dir: /usr/local/bin
           step: build-image
-          archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+          archivista-server: 'https://web.platform.testifysec.com'
+          archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
           attestations: 'git github environment oci slsa'
           command: |
             /bin/sh -c "docker buildx build -t ${{ steps.meta.outputs.tags }} -o type=docker,dest=image.tar --push ."
@@ -145,7 +158,7 @@ jobs:
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: generate-sbom
-      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      archivista-server: 'https://web.platform.testifysec.com'
       pre-command-attestations: 'git github environment'
       attestations: 'git github environment sbom'
       artifact-download: image.tar
@@ -155,6 +168,8 @@ jobs:
         syft packages docker-archive:/tmp/image.tar --source-name=pkg:oci/testifysec/swf -o cyclonedx-json --file sbom.cdx.json
       artifact-upload-name: sbom.cdx.json
       artifact-upload-path: sbom.cdx.json
+    secrets:
+      witness_api_token: ${{ secrets.witness_api_token }}
 
   secret-scan:
     needs: build-image
@@ -162,7 +177,7 @@ jobs:
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: secret-scan
-      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      archivista-server: 'https://web.platform.testifysec.com'
       pre-command-attestations: 'git github environment'
       attestations: 'git github environment'
       artifact-download: image.tar
@@ -172,3 +187,5 @@ jobs:
         trufflehog docker --image=file:///tmp/image.tar -j > trufflehog.json
       artifact-upload-name: trufflehog.json
       artifact-upload-path: trufflehog.json
+    secrets:
+      witness_api_token: ${{ secrets.witness_api_token }}
diff --git a/.github/workflows/witness.yml b/.github/workflows/witness.yml
index e77e303..c17775a 100644
--- a/.github/workflows/witness.yml
+++ b/.github/workflows/witness.yml
@@ -46,6 +46,9 @@ on:
       archivista-server:
         required: false
         type: string
+    secrets:
+      witness_api_token:
+        required: false
 
 jobs:
   witness:
@@ -68,6 +71,7 @@ jobs:
           version: 0.9.1
           witness-install-dir: /usr/local/bin
           archivista-server: ${{ inputs.archivista-server }}
+          archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
           step: pre-${{ inputs.step }}
           attestations: ${{ inputs.pre-command-attestations }}
           command: /bin/sh -c "${{ inputs.pre-command }}"
@@ -80,6 +84,7 @@ jobs:
           version: 0.9.1
           witness-install-dir: /usr/local/bin
           archivista-server: ${{ inputs.archivista-server }}
+          archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
           step: ${{ inputs.step }}
           attestations: ${{ inputs.attestations }}
           command: /bin/sh -c "${{ inputs.command }}"

From 0f6db32120af2a55c69043cf38e6dd0e079fb3f4 Mon Sep 17 00:00:00 2001
From: Kris Coleman <kriscodeman@gmail.com>
Date: Mon, 23 Jun 2025 14:53:20 -0400
Subject: [PATCH 28/30] chore: pipeline workflows for dual env

Refactors the pipeline workflow by renaming and splitting it into separate workflows for production and
sandbox environments. This change also updates the sandbox workflow to use the sandbox environment's
Archivista server and witness API token, ensuring proper environment-specific configurations.
---
 .../{pipeline.yml => pipeline-prod.yml}       |   2 +-
 .github/workflows/pipeline-sandbox.yml        | 191 ++++++++++++++++++
 2 files changed, 192 insertions(+), 1 deletion(-)
 rename .github/workflows/{pipeline.yml => pipeline-prod.yml} (99%)
 create mode 100644 .github/workflows/pipeline-sandbox.yml

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline-prod.yml
similarity index 99%
rename from .github/workflows/pipeline.yml
rename to .github/workflows/pipeline-prod.yml
index e19c832..0097afb 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline-prod.yml
@@ -2,7 +2,7 @@ permissions:
   id-token: write # This is required for requesting the JWT
   contents: read # This is required for actions/checkout
 
-name: pipeline
+name: pipeline-prod
 
 on:
   push:
diff --git a/.github/workflows/pipeline-sandbox.yml b/.github/workflows/pipeline-sandbox.yml
new file mode 100644
index 0000000..3137f72
--- /dev/null
+++ b/.github/workflows/pipeline-sandbox.yml
@@ -0,0 +1,191 @@
+permissions:
+  id-token: write # This is required for requesting the JWT
+  contents: read # This is required for actions/checkout
+
+name: pipeline-sandbox
+
+on:
+  push:
+    branches:
+      - '*'
+  pull_request:
+    branches:
+      - '*'
+
+jobs:
+  fmt:
+    uses: ./.github/workflows/witness.yml
+    with:
+      pull_request: ${{ github.event_name == 'pull_request' }}
+      step: fmt
+      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      attestations: 'git github environment'
+      command: go fmt ./...
+    secrets:
+      witness_api_token: ${{ secrets.sandbox_witness_api_token }}
+
+  vet:
+    uses: ./.github/workflows/witness.yml
+    with:
+      pull_request: ${{ github.event_name == 'pull_request' }}
+      step: vet
+      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      attestations: 'git github environment'
+      command: go vet ./...
+    secrets:
+      witness_api_token: ${{ secrets.sandbox_witness_api_token }}
+
+  # --ignore DL3002
+  lint:
+    uses: ./.github/workflows/witness.yml
+    with:
+      pull_request: ${{ github.event_name == 'pull_request' }}
+      step: lint
+      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      pre-command-attestations: 'git github environment'
+      attestations: 'git github environment'
+      pre-command: |
+        curl -sSfL https://github.com/hadolint/hadolint/releases/download/v2.12.0/hadolint-Linux-x86_64 -o /usr/local/bin/hadolint && \
+        chmod +x /usr/local/bin/hadolint
+      command: hadolint -f sarif Dockerfile > hadolint.sarif
+      artifact-upload-name: hadolint.sarif
+      artifact-upload-path: hadolint.sarif
+    secrets:
+      witness_api_token: ${{ secrets.sandbox_witness_api_token }}
+
+  unit-test:
+    needs: [fmt, vet, lint]
+    uses: ./.github/workflows/witness.yml
+    with:
+      pull_request: ${{ github.event_name == 'pull_request' }}
+      step: unit-test
+      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      attestations: 'git github environment'
+      command: go test ./... -coverprofile cover.out
+      artifact-upload-name: cover.out
+      artifact-upload-path: cover.out
+    secrets:
+      witness_api_token: ${{ secrets.sandbox_witness_api_token }}
+
+  sast:
+    needs: [fmt, vet, lint]
+    uses: ./.github/workflows/witness.yml
+    with:
+      pull_request: ${{ github.event_name == 'pull_request' }}
+      step: sast
+      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      pre-command-attestations: 'git github environment'
+      attestations: 'git github environment'
+      pre-command: python3 -m pip install semgrep==1.45.0
+      command: semgrep scan --config auto ./ --sarif -o semgrep.sarif
+      artifact-upload-name: semgrep.sarif
+      artifact-upload-path: semgrep.sarif
+    secrets:
+      witness_api_token: ${{ secrets.sandbox_witness_api_token }}
+
+  build:
+    needs: [unit-test, sast]
+    uses: ./.github/workflows/witness.yml
+    with:
+      pull_request: ${{ github.event_name == 'pull_request' }}
+      step: build
+      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      attestations: 'git github environment'
+      command: go build -o bin/software main.go
+    secrets:
+      witness_api_token: ${{ secrets.sandbox_witness_api_token }}
+
+  build-image:
+    needs: [unit-test, sast]
+    runs-on: ubuntu-latest
+
+    permissions:
+      packages: write
+      id-token: write # This is required for requesting the JWT
+      contents: read # This is required for actions/checkout
+
+    steps:
+      - uses: actions/checkout@v4.1.1
+      - uses: docker/setup-buildx-action@v3.0.0
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ghcr.io/testifysec/swf/software
+
+      - name: Docker Login
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Setup Buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          platforms: linux/amd64
+          install: true
+          use: true
+
+      - name: Fix Dockerfile
+        run: sed -i 's/# USER root/USER root/g' Dockerfile
+
+      - name: Build Image
+        uses: testifysec/witness-run-action@reusable-workflow # v0.2.0
+        with:
+          version: 0.9.1
+          witness-install-dir: /usr/local/bin
+          step: build-image
+          archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+          archivista-headers: "Authorization: Token ${{ secrets.sandbox_witness_api_token }}"
+          attestations: 'git github environment oci slsa'
+          command: |
+            /bin/sh -c "docker buildx build -t ${{ steps.meta.outputs.tags }} -o type=docker,dest=image.tar --push ."
+
+      - name: Upload Artifact
+        uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
+        with:
+          name: image.tar
+          path: image.tar
+
+    outputs:
+      tags: ${{ steps.meta.outputs.tags }}
+
+  generate-sbom:
+    needs: build-image
+    uses: ./.github/workflows/witness.yml
+    with:
+      pull_request: ${{ github.event_name == 'pull_request' }}
+      step: generate-sbom
+      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      pre-command-attestations: 'git github environment'
+      attestations: 'git github environment sbom'
+      artifact-download: image.tar
+      pre-command: |
+        curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin
+      command: |
+        syft packages docker-archive:/tmp/image.tar --source-name=pkg:oci/testifysec/swf -o cyclonedx-json --file sbom.cdx.json
+      artifact-upload-name: sbom.cdx.json
+      artifact-upload-path: sbom.cdx.json
+    secrets:
+      witness_api_token: ${{ secrets.sandbox_witness_api_token }}
+
+  secret-scan:
+    needs: build-image
+    uses: ./.github/workflows/witness.yml
+    with:
+      pull_request: ${{ github.event_name == 'pull_request' }}
+      step: secret-scan
+      archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      pre-command-attestations: 'git github environment'
+      attestations: 'git github environment'
+      artifact-download: image.tar
+      pre-command: |
+        curl -sSfL https://raw.githubusercontent.com/trufflesecurity/trufflehog/main/scripts/install.sh | sh -s -- -b /usr/local/bin
+      command: |
+        trufflehog docker --image=file:///tmp/image.tar -j > trufflehog.json
+      artifact-upload-name: trufflehog.json
+      artifact-upload-path: trufflehog.json
+    secrets:
+      witness_api_token: ${{ secrets.sandbox_witness_api_token }}

From 295f2713017e1f52b927e3e8a90bfaaf8c7a5318 Mon Sep 17 00:00:00 2001
From: Kris Coleman <kriscodeman@gmail.com>
Date: Mon, 23 Jun 2025 15:06:59 -0400
Subject: [PATCH 29/30] chore: updates witness-run-action version

Updates the witness-run-action to v0.3.0.

Also, it changes the way the archivista-headers is configured
to use single quotes instead of double quotes to fix a problem
with the interpolation of the secret.
---
 .github/workflows/pipeline-prod.yml    | 44 +++++-------
 .github/workflows/pipeline-sandbox.yml | 44 +++++-------
 .github/workflows/witness.yml          | 98 --------------------------
 3 files changed, 34 insertions(+), 152 deletions(-)
 delete mode 100644 .github/workflows/witness.yml

diff --git a/.github/workflows/pipeline-prod.yml b/.github/workflows/pipeline-prod.yml
index 0097afb..5bde0fa 100644
--- a/.github/workflows/pipeline-prod.yml
+++ b/.github/workflows/pipeline-prod.yml
@@ -14,34 +14,33 @@ on:
 
 jobs:
   fmt:
-    uses: ./.github/workflows/witness.yml
+    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: fmt
       archivista-server: 'https://web.platform.testifysec.com'
+      archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
       attestations: 'git github environment'
       command: go fmt ./...
-    secrets:
-      witness_api_token: ${{ secrets.witness_api_token }}
 
   vet:
-    uses: ./.github/workflows/witness.yml
+    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: vet
       archivista-server: 'https://web.platform.testifysec.com'
+      archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
       attestations: 'git github environment'
       command: go vet ./...
-    secrets:
-      witness_api_token: ${{ secrets.witness_api_token }}
 
   # --ignore DL3002
   lint:
-    uses: ./.github/workflows/witness.yml
+    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: lint
       archivista-server: 'https://web.platform.testifysec.com'
+      archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
       pre-command-attestations: 'git github environment'
       attestations: 'git github environment'
       pre-command: |
@@ -50,50 +49,45 @@ jobs:
       command: hadolint -f sarif Dockerfile > hadolint.sarif
       artifact-upload-name: hadolint.sarif
       artifact-upload-path: hadolint.sarif
-    secrets:
-      witness_api_token: ${{ secrets.witness_api_token }}
 
   unit-test:
     needs: [fmt, vet, lint]
-    uses: ./.github/workflows/witness.yml
+    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: unit-test
       archivista-server: 'https://web.platform.testifysec.com'
+      archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
       attestations: 'git github environment'
       command: go test ./... -coverprofile cover.out
       artifact-upload-name: cover.out
       artifact-upload-path: cover.out
-    secrets:
-      witness_api_token: ${{ secrets.witness_api_token }}
 
   sast:
     needs: [fmt, vet, lint]
-    uses: ./.github/workflows/witness.yml
+    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: sast
       archivista-server: 'https://web.platform.testifysec.com'
+      archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
       pre-command-attestations: 'git github environment'
       attestations: 'git github environment'
       pre-command: python3 -m pip install semgrep==1.45.0
       command: semgrep scan --config auto ./ --sarif -o semgrep.sarif
       artifact-upload-name: semgrep.sarif
       artifact-upload-path: semgrep.sarif
-    secrets:
-      witness_api_token: ${{ secrets.witness_api_token }}
 
   build:
     needs: [unit-test, sast]
-    uses: ./.github/workflows/witness.yml
+    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: build
       archivista-server: 'https://web.platform.testifysec.com'
+      archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
       attestations: 'git github environment'
       command: go build -o bin/software main.go
-    secrets:
-      witness_api_token: ${{ secrets.witness_api_token }}
 
   build-image:
     needs: [unit-test, sast]
@@ -132,10 +126,8 @@ jobs:
         run: sed -i 's/# USER root/USER root/g' Dockerfile
 
       - name: Build Image
-        uses: testifysec/witness-run-action@reusable-workflow # v0.2.0
+        uses: testifysec/witness-run-action@v0.3.0
         with:
-          version: 0.9.1
-          witness-install-dir: /usr/local/bin
           step: build-image
           archivista-server: 'https://web.platform.testifysec.com'
           archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
@@ -154,11 +146,12 @@ jobs:
 
   generate-sbom:
     needs: build-image
-    uses: ./.github/workflows/witness.yml
+    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: generate-sbom
       archivista-server: 'https://web.platform.testifysec.com'
+      archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
       pre-command-attestations: 'git github environment'
       attestations: 'git github environment sbom'
       artifact-download: image.tar
@@ -168,16 +161,15 @@ jobs:
         syft packages docker-archive:/tmp/image.tar --source-name=pkg:oci/testifysec/swf -o cyclonedx-json --file sbom.cdx.json
       artifact-upload-name: sbom.cdx.json
       artifact-upload-path: sbom.cdx.json
-    secrets:
-      witness_api_token: ${{ secrets.witness_api_token }}
 
   secret-scan:
     needs: build-image
-    uses: ./.github/workflows/witness.yml
+    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: secret-scan
       archivista-server: 'https://web.platform.testifysec.com'
+      archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
       pre-command-attestations: 'git github environment'
       attestations: 'git github environment'
       artifact-download: image.tar
@@ -187,5 +179,3 @@ jobs:
         trufflehog docker --image=file:///tmp/image.tar -j > trufflehog.json
       artifact-upload-name: trufflehog.json
       artifact-upload-path: trufflehog.json
-    secrets:
-      witness_api_token: ${{ secrets.witness_api_token }}
diff --git a/.github/workflows/pipeline-sandbox.yml b/.github/workflows/pipeline-sandbox.yml
index 3137f72..a7a70f0 100644
--- a/.github/workflows/pipeline-sandbox.yml
+++ b/.github/workflows/pipeline-sandbox.yml
@@ -14,34 +14,33 @@ on:
 
 jobs:
   fmt:
-    uses: ./.github/workflows/witness.yml
+    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: fmt
       archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      archivista-headers: "Authorization: Token ${{ secrets.sandbox_witness_api_token }}"
       attestations: 'git github environment'
       command: go fmt ./...
-    secrets:
-      witness_api_token: ${{ secrets.sandbox_witness_api_token }}
 
   vet:
-    uses: ./.github/workflows/witness.yml
+    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: vet
       archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      archivista-headers: "Authorization: Token ${{ secrets.sandbox_witness_api_token }}"
       attestations: 'git github environment'
       command: go vet ./...
-    secrets:
-      witness_api_token: ${{ secrets.sandbox_witness_api_token }}
 
   # --ignore DL3002
   lint:
-    uses: ./.github/workflows/witness.yml
+    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: lint
       archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      archivista-headers: "Authorization: Token ${{ secrets.sandbox_witness_api_token }}"
       pre-command-attestations: 'git github environment'
       attestations: 'git github environment'
       pre-command: |
@@ -50,50 +49,45 @@ jobs:
       command: hadolint -f sarif Dockerfile > hadolint.sarif
       artifact-upload-name: hadolint.sarif
       artifact-upload-path: hadolint.sarif
-    secrets:
-      witness_api_token: ${{ secrets.sandbox_witness_api_token }}
 
   unit-test:
     needs: [fmt, vet, lint]
-    uses: ./.github/workflows/witness.yml
+    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: unit-test
       archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      archivista-headers: "Authorization: Token ${{ secrets.sandbox_witness_api_token }}"
       attestations: 'git github environment'
       command: go test ./... -coverprofile cover.out
       artifact-upload-name: cover.out
       artifact-upload-path: cover.out
-    secrets:
-      witness_api_token: ${{ secrets.sandbox_witness_api_token }}
 
   sast:
     needs: [fmt, vet, lint]
-    uses: ./.github/workflows/witness.yml
+    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: sast
       archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      archivista-headers: "Authorization: Token ${{ secrets.sandbox_witness_api_token }}"
       pre-command-attestations: 'git github environment'
       attestations: 'git github environment'
       pre-command: python3 -m pip install semgrep==1.45.0
       command: semgrep scan --config auto ./ --sarif -o semgrep.sarif
       artifact-upload-name: semgrep.sarif
       artifact-upload-path: semgrep.sarif
-    secrets:
-      witness_api_token: ${{ secrets.sandbox_witness_api_token }}
 
   build:
     needs: [unit-test, sast]
-    uses: ./.github/workflows/witness.yml
+    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: build
       archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      archivista-headers: "Authorization: Token ${{ secrets.sandbox_witness_api_token }}"
       attestations: 'git github environment'
       command: go build -o bin/software main.go
-    secrets:
-      witness_api_token: ${{ secrets.sandbox_witness_api_token }}
 
   build-image:
     needs: [unit-test, sast]
@@ -132,10 +126,8 @@ jobs:
         run: sed -i 's/# USER root/USER root/g' Dockerfile
 
       - name: Build Image
-        uses: testifysec/witness-run-action@reusable-workflow # v0.2.0
+        uses: testifysec/witness-run-action@v0.3.0
         with:
-          version: 0.9.1
-          witness-install-dir: /usr/local/bin
           step: build-image
           archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
           archivista-headers: "Authorization: Token ${{ secrets.sandbox_witness_api_token }}"
@@ -154,11 +146,12 @@ jobs:
 
   generate-sbom:
     needs: build-image
-    uses: ./.github/workflows/witness.yml
+    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: generate-sbom
       archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      archivista-headers: "Authorization: Token ${{ secrets.sandbox_witness_api_token }}"
       pre-command-attestations: 'git github environment'
       attestations: 'git github environment sbom'
       artifact-download: image.tar
@@ -168,16 +161,15 @@ jobs:
         syft packages docker-archive:/tmp/image.tar --source-name=pkg:oci/testifysec/swf -o cyclonedx-json --file sbom.cdx.json
       artifact-upload-name: sbom.cdx.json
       artifact-upload-path: sbom.cdx.json
-    secrets:
-      witness_api_token: ${{ secrets.sandbox_witness_api_token }}
 
   secret-scan:
     needs: build-image
-    uses: ./.github/workflows/witness.yml
+    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: secret-scan
       archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
+      archivista-headers: "Authorization: Token ${{ secrets.sandbox_witness_api_token }}"
       pre-command-attestations: 'git github environment'
       attestations: 'git github environment'
       artifact-download: image.tar
@@ -187,5 +179,3 @@ jobs:
         trufflehog docker --image=file:///tmp/image.tar -j > trufflehog.json
       artifact-upload-name: trufflehog.json
       artifact-upload-path: trufflehog.json
-    secrets:
-      witness_api_token: ${{ secrets.sandbox_witness_api_token }}
diff --git a/.github/workflows/witness.yml b/.github/workflows/witness.yml
deleted file mode 100644
index c17775a..0000000
--- a/.github/workflows/witness.yml
+++ /dev/null
@@ -1,98 +0,0 @@
-# Copyright 2023 The Archivista Contributors
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-on:
-  workflow_call:
-    inputs:
-      pull_request:
-        required: true
-        type: boolean
-      artifact-download:
-        required: false
-        type: string
-      artifact-upload-name:
-        required: false
-        type: string
-      artifact-upload-path:
-        required: false
-        type: string
-      pre-command:
-        required: false
-        type: string
-      pre-command-attestations:
-        default: 'environment git github'
-        required: false
-        type: string
-      command:
-        required: true
-        type: string
-      step:
-        required: true
-        type: string
-      attestations:
-        required: true
-        type: string
-      archivista-server:
-        required: false
-        type: string
-    secrets:
-      witness_api_token:
-        required: false
-
-jobs:
-  witness:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
-      - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
-        with:
-          go-version: 1.21.x
-
-      - if: ${{ inputs.artifact-download != '' }}
-        uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1
-        with:
-          name: ${{ inputs.artifact-download }}
-          path: /tmp
-
-      - if: ${{ inputs.pre-command != '' && inputs.pull_request == false }}
-        uses: testifysec/witness-run-action@79320a907f611f2fb40ced8e13c66af988b2d9db # v0.2.2
-        with:
-          version: 0.9.1
-          witness-install-dir: /usr/local/bin
-          archivista-server: ${{ inputs.archivista-server }}
-          archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
-          step: pre-${{ inputs.step }}
-          attestations: ${{ inputs.pre-command-attestations }}
-          command: /bin/sh -c "${{ inputs.pre-command }}"
-      - if: ${{ inputs.pre-command != '' && inputs.pull_request == true }}
-        run: ${{ inputs.pre-command }}
-
-      - if: ${{ inputs.pull_request == false }}
-        uses: testifysec/witness-run-action@79320a907f611f2fb40ced8e13c66af988b2d9db # v0.2.2
-        with:
-          version: 0.9.1
-          witness-install-dir: /usr/local/bin
-          archivista-server: ${{ inputs.archivista-server }}
-          archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
-          step: ${{ inputs.step }}
-          attestations: ${{ inputs.attestations }}
-          command: /bin/sh -c "${{ inputs.command }}"
-      - if: ${{ inputs.pull_request == true }}
-        run: ${{ inputs.command }}
-
-      - if: ${{ inputs.artifact-upload-path != '' && inputs.artifact-upload-name != ''}}
-        uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
-        with:
-          name: ${{ inputs.artifact-upload-name }}
-          path: ${{ inputs.artifact-upload-path }}

From 06b8c6aec8b099ec92c9d65d43763dec13aff5e4 Mon Sep 17 00:00:00 2001
From: Kris Coleman <kriscodeman@gmail.com>
Date: Mon, 23 Jun 2025 16:16:18 -0400
Subject: [PATCH 30/30] chore: workflow to use reusable workflow

Refactors the pipeline workflows to use a reusable
workflow for Witness jobs.

This change improves the maintainability and reduces
duplication in the workflow definitions. The
`archivista-headers` is also adjusted to use the
secrets context for authentication, which makes it
more consistent.
---
 .github/workflows/pipeline-prod.yml    | 43 ++++++++------
 .github/workflows/pipeline-sandbox.yml | 43 ++++++++------
 .github/workflows/witness.yml          | 80 ++++++++++++++++++++++++++
 3 files changed, 130 insertions(+), 36 deletions(-)
 create mode 100644 .github/workflows/witness.yml

diff --git a/.github/workflows/pipeline-prod.yml b/.github/workflows/pipeline-prod.yml
index 5bde0fa..86ec066 100644
--- a/.github/workflows/pipeline-prod.yml
+++ b/.github/workflows/pipeline-prod.yml
@@ -14,33 +14,34 @@ on:
 
 jobs:
   fmt:
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: fmt
       archivista-server: 'https://web.platform.testifysec.com'
-      archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
       attestations: 'git github environment'
       command: go fmt ./...
+    secrets:
+      token: ${{ secrets.witness_api_token }}
 
   vet:
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: vet
       archivista-server: 'https://web.platform.testifysec.com'
-      archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
       attestations: 'git github environment'
       command: go vet ./...
+    secrets:
+      token: ${{ secrets.witness_api_token }}
 
   # --ignore DL3002
   lint:
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: lint
       archivista-server: 'https://web.platform.testifysec.com'
-      archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
       pre-command-attestations: 'git github environment'
       attestations: 'git github environment'
       pre-command: |
@@ -49,45 +50,50 @@ jobs:
       command: hadolint -f sarif Dockerfile > hadolint.sarif
       artifact-upload-name: hadolint.sarif
       artifact-upload-path: hadolint.sarif
+    secrets:
+      token: ${{ secrets.witness_api_token }}
 
   unit-test:
     needs: [fmt, vet, lint]
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: unit-test
       archivista-server: 'https://web.platform.testifysec.com'
-      archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
       attestations: 'git github environment'
       command: go test ./... -coverprofile cover.out
       artifact-upload-name: cover.out
       artifact-upload-path: cover.out
+    secrets:
+      token: ${{ secrets.witness_api_token }}
 
   sast:
     needs: [fmt, vet, lint]
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: sast
       archivista-server: 'https://web.platform.testifysec.com'
-      archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
       pre-command-attestations: 'git github environment'
       attestations: 'git github environment'
       pre-command: python3 -m pip install semgrep==1.45.0
       command: semgrep scan --config auto ./ --sarif -o semgrep.sarif
       artifact-upload-name: semgrep.sarif
       artifact-upload-path: semgrep.sarif
+    secrets:
+      token: ${{ secrets.witness_api_token }}
 
   build:
     needs: [unit-test, sast]
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: build
       archivista-server: 'https://web.platform.testifysec.com'
-      archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
       attestations: 'git github environment'
       command: go build -o bin/software main.go
+    secrets:
+      token: ${{ secrets.witness_api_token }}
 
   build-image:
     needs: [unit-test, sast]
@@ -130,11 +136,10 @@ jobs:
         with:
           step: build-image
           archivista-server: 'https://web.platform.testifysec.com'
-          archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
           attestations: 'git github environment oci slsa'
           command: |
             /bin/sh -c "docker buildx build -t ${{ steps.meta.outputs.tags }} -o type=docker,dest=image.tar --push ."
-
+    
       - name: Upload Artifact
         uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
         with:
@@ -146,12 +151,11 @@ jobs:
 
   generate-sbom:
     needs: build-image
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: generate-sbom
       archivista-server: 'https://web.platform.testifysec.com'
-      archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
       pre-command-attestations: 'git github environment'
       attestations: 'git github environment sbom'
       artifact-download: image.tar
@@ -161,15 +165,16 @@ jobs:
         syft packages docker-archive:/tmp/image.tar --source-name=pkg:oci/testifysec/swf -o cyclonedx-json --file sbom.cdx.json
       artifact-upload-name: sbom.cdx.json
       artifact-upload-path: sbom.cdx.json
+    secrets:
+      token: ${{ secrets.witness_api_token }}
 
   secret-scan:
     needs: build-image
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: secret-scan
       archivista-server: 'https://web.platform.testifysec.com'
-      archivista-headers: "Authorization: Token ${{ secrets.witness_api_token }}"
       pre-command-attestations: 'git github environment'
       attestations: 'git github environment'
       artifact-download: image.tar
@@ -179,3 +184,5 @@ jobs:
         trufflehog docker --image=file:///tmp/image.tar -j > trufflehog.json
       artifact-upload-name: trufflehog.json
       artifact-upload-path: trufflehog.json
+    secrets:
+      token: ${{ secrets.witness_api_token }}
diff --git a/.github/workflows/pipeline-sandbox.yml b/.github/workflows/pipeline-sandbox.yml
index a7a70f0..724e827 100644
--- a/.github/workflows/pipeline-sandbox.yml
+++ b/.github/workflows/pipeline-sandbox.yml
@@ -14,33 +14,34 @@ on:
 
 jobs:
   fmt:
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: fmt
       archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
-      archivista-headers: "Authorization: Token ${{ secrets.sandbox_witness_api_token }}"
       attestations: 'git github environment'
       command: go fmt ./...
+    secrets:
+      token: ${{ secrets.sandbox_witness_api_token }}
 
   vet:
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: vet
       archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
-      archivista-headers: "Authorization: Token ${{ secrets.sandbox_witness_api_token }}"
       attestations: 'git github environment'
       command: go vet ./...
+    secrets:
+      token: ${{ secrets.sandbox_witness_api_token }}
 
   # --ignore DL3002
   lint:
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: lint
       archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
-      archivista-headers: "Authorization: Token ${{ secrets.sandbox_witness_api_token }}"
       pre-command-attestations: 'git github environment'
       attestations: 'git github environment'
       pre-command: |
@@ -49,45 +50,50 @@ jobs:
       command: hadolint -f sarif Dockerfile > hadolint.sarif
       artifact-upload-name: hadolint.sarif
       artifact-upload-path: hadolint.sarif
+    secrets:
+      token: ${{ secrets.sandbox_witness_api_token }}
 
   unit-test:
     needs: [fmt, vet, lint]
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: unit-test
       archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
-      archivista-headers: "Authorization: Token ${{ secrets.sandbox_witness_api_token }}"
       attestations: 'git github environment'
       command: go test ./... -coverprofile cover.out
       artifact-upload-name: cover.out
       artifact-upload-path: cover.out
+    secrets:
+      token: ${{ secrets.sandbox_witness_api_token }}
 
   sast:
     needs: [fmt, vet, lint]
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: sast
       archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
-      archivista-headers: "Authorization: Token ${{ secrets.sandbox_witness_api_token }}"
       pre-command-attestations: 'git github environment'
       attestations: 'git github environment'
       pre-command: python3 -m pip install semgrep==1.45.0
       command: semgrep scan --config auto ./ --sarif -o semgrep.sarif
       artifact-upload-name: semgrep.sarif
       artifact-upload-path: semgrep.sarif
+    secrets:
+      token: ${{ secrets.sandbox_witness_api_token }}
 
   build:
     needs: [unit-test, sast]
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: build
       archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
-      archivista-headers: "Authorization: Token ${{ secrets.sandbox_witness_api_token }}"
       attestations: 'git github environment'
       command: go build -o bin/software main.go
+    secrets:
+      token: ${{ secrets.sandbox_witness_api_token }}
 
   build-image:
     needs: [unit-test, sast]
@@ -130,11 +136,10 @@ jobs:
         with:
           step: build-image
           archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
-          archivista-headers: "Authorization: Token ${{ secrets.sandbox_witness_api_token }}"
           attestations: 'git github environment oci slsa'
           command: |
             /bin/sh -c "docker buildx build -t ${{ steps.meta.outputs.tags }} -o type=docker,dest=image.tar --push ."
-
+    
       - name: Upload Artifact
         uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
         with:
@@ -146,12 +151,11 @@ jobs:
 
   generate-sbom:
     needs: build-image
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: generate-sbom
       archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
-      archivista-headers: "Authorization: Token ${{ secrets.sandbox_witness_api_token }}"
       pre-command-attestations: 'git github environment'
       attestations: 'git github environment sbom'
       artifact-download: image.tar
@@ -161,15 +165,16 @@ jobs:
         syft packages docker-archive:/tmp/image.tar --source-name=pkg:oci/testifysec/swf -o cyclonedx-json --file sbom.cdx.json
       artifact-upload-name: sbom.cdx.json
       artifact-upload-path: sbom.cdx.json
+    secrets:
+      token: ${{ secrets.sandbox_witness_api_token }}
 
   secret-scan:
     needs: build-image
-    uses: testifysec/witness-run-action/.github/workflows/witness.yml@v0.3.0
+    uses: ./.github/workflows/witness.yml
     with:
       pull_request: ${{ github.event_name == 'pull_request' }}
       step: secret-scan
       archivista-server: 'https://judge.aws-sandbox-staging.testifysec.dev'
-      archivista-headers: "Authorization: Token ${{ secrets.sandbox_witness_api_token }}"
       pre-command-attestations: 'git github environment'
       attestations: 'git github environment'
       artifact-download: image.tar
@@ -179,3 +184,5 @@ jobs:
         trufflehog docker --image=file:///tmp/image.tar -j > trufflehog.json
       artifact-upload-name: trufflehog.json
       artifact-upload-path: trufflehog.json
+    secrets:
+      token: ${{ secrets.sandbox_witness_api_token }}
diff --git a/.github/workflows/witness.yml b/.github/workflows/witness.yml
new file mode 100644
index 0000000..1987487
--- /dev/null
+++ b/.github/workflows/witness.yml
@@ -0,0 +1,80 @@
+on:
+  workflow_call:
+    inputs:
+      pull_request:
+        required: true
+        type: boolean
+      artifact-download:
+        required: false
+        type: string
+      artifact-upload-name:
+        required: false
+        type: string
+      artifact-upload-path:
+        required: false
+        type: string
+      pre-command:
+        required: false
+        type: string
+      pre-command-attestations:
+        default: 'environment git github'
+        required: false
+        type: string
+      command:
+        required: true
+        type: string
+      step:
+        required: true
+        type: string
+      attestations:
+        required: true
+        type: string
+      archivista-server:
+        required: false
+        type: string
+    secrets:
+      token:
+        required: true
+
+jobs:
+  witness:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
+        with:
+          go-version: 1.21.x
+
+      - if: ${{ inputs.artifact-download != '' }}
+        uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1
+        with:
+          name: ${{ inputs.artifact-download }}
+          path: /tmp
+
+      - if: ${{ inputs.pre-command != '' && inputs.pull_request == false }}
+        uses: testifysec/witness-run-action@v0.3.0
+        with:
+          archivista-server: ${{ inputs.archivista-server }}
+          archivista-headers: "Authorization: Token ${{ secrets.token }}"
+          step: pre-${{ inputs.step }}
+          attestations: ${{ inputs.pre-command-attestations }}
+          command: /bin/sh -c "${{ inputs.pre-command }}"
+      - if: ${{ inputs.pre-command != '' && inputs.pull_request == true }}
+        run: ${{ inputs.pre-command }}
+
+      - if: ${{ inputs.pull_request == false }}
+        uses: testifysec/witness-run-action@v0.3.0
+        with:
+          archivista-server: ${{ inputs.archivista-server }}
+          archivista-headers: "Authorization: Token ${{ secrets.token }}"
+          step: ${{ inputs.step }}
+          attestations: ${{ inputs.attestations }}
+          command: /bin/sh -c "${{ inputs.command }}"
+      - if: ${{ inputs.pull_request == true }}
+        run: ${{ inputs.command }}
+
+      - if: ${{ inputs.artifact-upload-path != '' && inputs.artifact-upload-name != ''}}
+        uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
+        with:
+          name: ${{ inputs.artifact-upload-name }}
+          path: ${{ inputs.artifact-upload-path }}
\ No newline at end of file