diff --git a/.github/CODEOWNERS.md b/.github/CODEOWNERS.md
new file mode 100644
index 0000000..cdf81a7
--- /dev/null
+++ b/.github/CODEOWNERS.md
@@ -0,0 +1 @@
+* @ThomasVitale
\ No newline at end of file
diff --git a/.github/ISSUE_TEMPLATE/bug-report.md b/.github/ISSUE_TEMPLATE/bug-report.md
new file mode 100644
index 0000000..0f20905
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/bug-report.md
@@ -0,0 +1,27 @@
+---
+name: Bug report
+about: Tell us about a problem you are experiencing
+title: ''
+labels: bug, triage
+assignees: ''
+
+---
+
+**What steps did you take:**
+[A clear and concise description steps that can be used to reproduce the problem.]
+
+**What happened:**
+[A small description of the issue]
+
+**What did you expect:**
+[A description of what was expected]
+
+**Anything else you would like to add:**
+[Additional information that will assist in solving the issue.]
+
+**Environment:**
+
+* Kubernetes version (execute `kubectl version`):
+* kctrl version (execute `kctrl version`):
+* kapp-controller version (execute `kubectl get deployment -n kapp-controller kapp-controller -o yaml` and the annotation is `kbld.k14s.io/images`):
+* package repo version (execute `kctrl package repo get -r kadras-packages -n <namespace>`):
diff --git a/.github/ISSUE_TEMPLATE/feature-request.md b/.github/ISSUE_TEMPLATE/feature-request.md
new file mode 100644
index 0000000..270da4e
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/feature-request.md
@@ -0,0 +1,17 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: enhancement, triage
+assignees: ''
+
+---
+
+**Describe the problem/challenge you have:**
+[A description of the current challenge that you are experiencing.]
+
+**Describe the solution you'd like:**
+[A clear and concise description of what you want to happen. If applicable a visual representation of the UX.]
+
+**Anything else you would like to add:**
+[Additional information that will assist in solving the issue.]
diff --git a/.github/ISSUE_TEMPLATE/other-request.md b/.github/ISSUE_TEMPLATE/other-request.md
new file mode 100644
index 0000000..b5722c0
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/other-request.md
@@ -0,0 +1,8 @@
+---
+name: Other issue or question
+about: Free form issue or question
+title: ''
+labels: triage
+assignees: ''
+
+---
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..4bb1068
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,13 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: daily
+      time: "00:30"
+      timezone: Europe/Copenhagen
+    open-pull-requests-limit: 10
+    labels:
+      - "dependencies"
+    commit-message:
+      prefix: "deps:"
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 44ce5e5..b98fffa 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -3,41 +3,48 @@ on:
   - workflow_dispatch
 
 env:
-  COSIGN_EXPERIMENTAL: 1
   REGISTRY: ghcr.io
   IMAGE_NAME: ${{ github.repository }}
-  VERSION: 0.0.1
+  VERSION: 0.27.0
 
 jobs:
   build:
     name: Build
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     permissions:
       contents: write
       packages: write
     outputs:
-      image-release: ${{ steps.image-info.outputs.release }}
+      image-name: ${{ steps.image-info.outputs.image_name }}
+      image-digest: ${{ steps.image-info.outputs.image_digest }}
     steps:
       - name: Checkout source code
-        uses: actions/checkout@v3.0.2
+        uses: actions/checkout@v6.0.0
 
       - name: Set up Carvel
-        uses: vmware-tanzu/carvel-setup-action@v1.1.1
+        uses: carvel-dev/setup-action@v2.0.1
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Log into container registry
-        uses: redhat-actions/podman-login@v1.4
+        uses: redhat-actions/podman-login@v1.7
         with:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
           registry: ${{ env.REGISTRY }}
       
-      - name: Create kind cluster
-        uses: helm/kind-action@v1.4.0
-        with:
-          cluster_name: carvel-test
-          kubectl_version: v1.25.2
+      - name: Create k3d cluster
+        run: |
+          # Install k3d
+          curl -s https://raw.githubusercontent.com/k3d-io/k3d/main/install.sh | bash
+          
+          # Create a Kubernetes cluster
+          k3d cluster create test-cluster
+
+          # Wait for the generation of a token for the Service Account
+          while [ $(kubectl get configmap kube-root-ca.crt --no-headers | wc -l) -eq 0 ] ; do
+            sleep 3
+          done
 
       - name: Package and publish OCI bundle
         run: |
@@ -49,7 +56,9 @@ jobs:
           package_file=repo/package-repository.yml
           image_release=$(yq '.spec.fetch.imgpkgBundle.image' ${package_file})
           echo "IMAGE_RELEASE=${image_release}" >> $GITHUB_ENV
-          echo "::set-output name=release::${image_release}"
+
+          echo "image_name=$(echo ${image_release} | cut -d'@' -f1)" >> $GITHUB_OUTPUT
+          echo "image_digest=$(echo ${image_release} | cut -d'@' -f2)" >> $GITHUB_OUTPUT
       
       - name: Add additional tags to OCI image
         run: |
@@ -68,21 +77,20 @@ jobs:
 
   sign:
     name: Sign
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     needs: [build]
     permissions:
       packages: write
       id-token: write
     env:
-      IMAGE_RELEASE: ${{ needs.build.outputs.image-release }}
+      IMAGE_NAME: ${{ needs.build.outputs.image-name }}
+      IMAGE_DIGEST: ${{ needs.build.outputs.image-digest }}
     steps:
       - name: Install Cosign
-        uses: sigstore/cosign-installer@v2.7.0
-        with:
-          cosign-release: 'v1.12.1'
+        uses: sigstore/cosign-installer@v3.10.0
 
       - name: Log into container registry
-        uses: redhat-actions/podman-login@v1.4
+        uses: redhat-actions/podman-login@v1.7
         with:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
@@ -90,51 +98,18 @@ jobs:
 
       - name: Sign image
         run: |
-          cosign sign "${IMAGE_RELEASE}"
+          cosign sign --yes "${IMAGE_NAME}@${IMAGE_DIGEST}"
   
   provenance:
-    name: Provenance
-    runs-on: ubuntu-22.04
     needs: [build,sign]
     permissions:
-      packages: write
+      actions: read
       id-token: write
-    env:
-      IMAGE_RELEASE: ${{ needs.build.outputs.image-release }}
-      PROVENANCE_FILE: provenance.att
-    steps:
-      - name: Install Cosign
-        uses: sigstore/cosign-installer@v2.7.0
-        with:
-          cosign-release: 'v1.12.1'
-      
-      - name: Log into container registry
-        uses: redhat-actions/podman-login@v1.4
-        with:
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-          registry: ${{ env.REGISTRY }}
-      
-      - name: Extract digest
-        run: |
-          digest=$(echo ${IMAGE_RELEASE} | cut -d "@" -f2)
-          echo "IMAGE_DIGEST=${digest}" >> $GITHUB_ENV
-
-      - name: Generate provenance
-        uses: philips-labs/slsa-provenance-action@v0.7.2
-        with:
-          command: generate
-          subcommand: container
-          arguments: --repository ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} --tags ${{ env.VERSION }} --digest ${{ env.IMAGE_DIGEST }} --output-path ${{ env.PROVENANCE_FILE }}
-        env:
-          COSIGN_EXPERIMENTAL: 0
-
-      - name: Attach provenance
-        run: |
-          jq '.predicate' "${PROVENANCE_FILE}" > provenance-predicate.att
-          cosign attest --predicate provenance-predicate.att --type slsaprovenance "${IMAGE_RELEASE}"
-
-      - uses: actions/upload-artifact@v3.1.0
-        with:
-          name: provenance.att
-          path: ${{ env.PROVENANCE_FILE }}
+      packages: write
+    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v2.1.0
+    with:
+      image: ${{ needs.build.outputs.image-name }}
+      digest: ${{ needs.build.outputs.image-digest }}
+      registry-username: ${{ github.actor }}
+    secrets:
+      registry-password: ${{ secrets.GITHUB_TOKEN }}
diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md
new file mode 100644
index 0000000..d65f99f
--- /dev/null
+++ b/CODE_OF_CONDUCT.md
@@ -0,0 +1,128 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, religion, or sexual identity
+and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+* Demonstrating empathy and kindness toward other people
+* Being respectful of differing opinions, viewpoints, and experiences
+* Giving and gracefully accepting constructive feedback
+* Accepting responsibility and apologizing to those affected by our mistakes,
+  and learning from the experience
+* Focusing on what is best not just for us as individuals, but for the
+  overall community
+
+Examples of unacceptable behavior include:
+
+* The use of sexualized language or imagery, and sexual attention or
+  advances of any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or email
+  address, without their explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct, and will communicate reasons for moderation
+decisions when appropriate.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+Examples of representing our community include using an official e-mail address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported to the community leaders responsible for enforcement at
+community@kadras.io.
+All complaints will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security of the
+reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in determining
+the consequences for any action they deem in violation of this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior deemed
+unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders, providing
+clarity around the nature of the violation and an explanation of why the
+behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series
+of actions.
+
+**Consequence**: A warning with consequences for continued behavior. No
+interaction with the people involved, including unsolicited interaction with
+those enforcing the Code of Conduct, for a specified period of time. This
+includes avoiding interactions in community spaces as well as external channels
+like social media. Violating these terms may lead to a temporary or
+permanent ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards, including
+sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public
+communication with the community for a specified period of time. No public or
+private interaction with the people involved, including unsolicited interaction
+with those enforcing the Code of Conduct, is allowed during this period.
+Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of community
+standards, including sustained inappropriate behavior,  harassment of an
+individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within
+the community.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 2.0, available at
+https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
+
+Community Impact Guidelines were inspired by [Mozilla's code of conduct
+enforcement ladder](https://github.com/mozilla/diversity).
+
+[homepage]: https://www.contributor-covenant.org
+
+For answers to common questions about this code of conduct, see the FAQ at
+https://www.contributor-covenant.org/faq. Translations are available at
+https://www.contributor-covenant.org/translations.
diff --git a/LICENSE b/LICENSE
index 7ce99a3..261eeb9 100644
--- a/LICENSE
+++ b/LICENSE
@@ -186,7 +186,7 @@
       same "printed page" as the copyright notice for easier
       identification within third-party archives.
 
-   Copyright 2022 Arktonix
+   Copyright [yyyy] [name of copyright owner]
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.
diff --git a/MAINTAINERS.md b/MAINTAINERS.md
new file mode 100644
index 0000000..2249643
--- /dev/null
+++ b/MAINTAINERS.md
@@ -0,0 +1,3 @@
+# Maintainers
+
+* Thomas Vitale | [ThomasVitale](https://github.com/ThomasVitale)
\ No newline at end of file
diff --git a/README.md b/README.md
index d27f631..fedb0d3 100644
--- a/README.md
+++ b/README.md
@@ -1,80 +1,90 @@
 # Kadras Packages
 
-A repository of [Carvel](https://carvel.dev) packages that can be installed on Kubernetes.
+![Release Workflow](https://github.com/kadras-io/kadras-packages/actions/workflows/release.yml/badge.svg)
+[![The SLSA Level 3 badge](https://slsa.dev/images/gh-badge-level3.svg)](https://slsa.dev/spec/v1.0/levels)
+[![The Apache 2.0 license badge](https://img.shields.io/badge/License-Apache_2.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
+[![Follow us on Bluesky](https://img.shields.io/static/v1?label=Bluesky&message=Follow&color=1DA1F2)](https://bsky.app/profile/kadras.bsky.social)
 
-## Components
+The [Kadras](https://kadras.io) collection of Kubernetes-native packages built with [Carvel](https://carvel.dev).
 
-This repository contains the Carvel packages part of the Kadras project. The following packages are
-maintained by the [Arktonix](https://github.com/arktonix) organization:
+## 📦&nbsp; Package Repository
 
-* [Argo CD](https://github.com/arktonix/package-for-argo-cd)
+This repository contains the following Carvel packages.
 
-## Prerequisites
+| Package | Description |
+|---------|-------------|
+| [cert-manager](https://github.com/kadras-io/package-for-cert-manager) | A cloud-native solution to automatically provision and manage X.509 certificates. |
+| [contour](https://github.com/kadras-io/package-for-contour) | An Envoy-based ingress controller that supports dynamic configuration updates and multi-team ingress delegation. |
+| [crossplane](https://github.com/kadras-io/package-for-crossplane) | A Kubernetes extension that transforms your Kubernetes cluster into a universal control plane. |
+| [dependency-track](https://github.com/kadras-io/package-for-dependency-track) | OWASP Dependency Track is a continuous SBOM Analysis Platform for managing software supply chain security risks. |
+| [developer-portal](https://github.com/kadras-io/package-for-developer-portal) | Kadras Developer Portal, based on Backstage. It supports application developers with paved paths to production on Kubernetes. |
+| [engineering-platform](https://github.com/kadras-io/engineering-platform) | A curated set of Carvel packages to build an engineering platform supporting application developers with paved paths to production on Kubernetes. |
+| [flux](https://github.com/kadras-io/package-for-flux) | A continuous deployment solution for Kubernetes, powered by the GitOps Toolkit. |
+| [gitops-configurer](https://github.com/kadras-io/gitops-configurer) | Provides GitOps configuration for the Kadras Engineering Platform. |
+| [knative-serving](https://github.com/kadras-io/package-for-knative-serving) | A solution built on Kubernetes to support deploying and serving of applications and functions as serverless containers. |
+| [kyverno](https://github.com/kadras-io/package-for-kyverno) | A policy engine designed for Kubernetes. It can validate, mutate, and generate configurations using admission controls and background scans. |
+| [metrics-server](https://github.com/kadras-io/package-for-metrics-server) | A scalable and efficient source of container resource metrics for Kubernetes built-in autoscaling pipelines. |
+| [postgresql-operator](https://github.com/kadras-io/package-for-postgresql-operator) | CloudNativePG, a Kubernetes operator that covers the full lifecycle of a PostgreSQL database cluster with a primary/standby architecture, using native streaming replication. |
+| [rabbitmq-operator](https://github.com/kadras-io/package-for-rabbitmq-operator) | A message broker supporting multiple messaging protocols and streaming. |
+| [rbac-configurer](https://github.com/kadras-io/rbac-configurer) | Provides default roles and RBAC configuration for the Kadras Engineering Platform. |
+| [secretgen-controller](https://github.com/kadras-io/package-for-secretgen-controller) | Generates various types of Secrets in-cluster as well as export and import Secrets across namespaces. |
+| [service-binding](https://github.com/kadras-io/package-for-service-binding) | A standard and automated way for communicating service secrets to workloads. |
+| [tempo-operator](https://github.com/kadras-io/package-for-tempo-operator) | A solution to manage Grafana Tempo on Kubernetes and OpenShift clusters. |
+| [workspace-provisioner](https://github.com/kadras-io/workspace-provisioner) | Provisions and configures workspaces (namespaces or virtual clusters) to work with the Kadras Engineering Platform. |
 
-* Install the [`kctrl`](https://carvel.dev/kapp-controller/docs/latest/install/#installing-kapp-controller-cli-kctrl) CLI to manage Carvel packages in a convenient way.
-* Ensure [kapp-controller](https://carvel.dev/kapp-controller) is deployed in your Kubernetes cluster. You can do that with Carvel
-[`kapp`](https://carvel.dev/kapp/docs/latest/install) (recommended choice) or `kubectl`.
+## 🚀&nbsp; Getting Started
 
-```shell
-kapp deploy -a kapp-controller -y \
-  -f https://github.com/vmware-tanzu/carvel-kapp-controller/releases/latest/download/release.yml
-```
+### Prerequisites
 
-## Installation
+* Kubernetes 1.32+
+* Carvel [`kctrl`](https://carvel.dev/kapp-controller/docs/latest/install/#installing-kapp-controller-cli-kctrl) CLI.
+* Carvel [kapp-controller](https://carvel.dev/kapp-controller) deployed in your Kubernetes cluster. You can install it with Carvel [`kapp`](https://carvel.dev/kapp/docs/latest/install) (recommended choice) or `kubectl`.
 
-You can install the Kadras package repository in a dedicated namespace using `kctrl`:
+  ```shell
+  kapp deploy -a kapp-controller -y \
+    -f https://github.com/carvel-dev/kapp-controller/releases/latest/download/release.yml
+  ```
 
-```shell
-kubectl create namespace carvel-packages
-kctrl package repository add -r kadras-repo \
-    --url ghcr.io/arktonix/kadras-packages:0.0.1 \
-    -n carvel-packages
-```
+### Installation
 
-Alternatively, you can add the repository by applying the `PackageRepository` manifest:
+Install the Kadras package repository in a dedicated namespace using `kctrl`:
 
-```shell
-kubectl create namespace carvel-packages
-kapp deploy -a kadras-repo -n carvel-packages -y \
-    -f https://github.com/arktonix/kadras-packages/releases/latest/download/package-repository.yml
-```
+  ```shell
+  kctrl package repository add -r kadras-packages \
+    --url ghcr.io/kadras-io/kadras-packages \
+    -n kadras-system --create-namespace
+  ```
 
-After the installation, you can retrieve the list of available Carvel package repositories in your cluster
-with the following command.
+<details><summary>Installation via CRDs</summary>
+Instead of installing the Kadras package repository with `kctrl`, you can apply the necessary Carvel CRDs directly using [`kapp`](https://carvel.dev/kapp/docs/latest/install), `kubectl` or a GitOps operator.
 
-```shell
-kctrl package repository list -n carvel-packages
-```
+  ```shell
+  kubectl create namespace kadras-system
+  kapp deploy -a kadras-repo -n kadras-system -y \
+    -f https://github.com/kadras-io/kadras-packages/releases/latest/download/package-repository.yml
+  ```
+</details>
 
-The Kadras package repository provides a collection of Carvel packages that you can list as follows.
+Verify the list of available Carvel package repositories and their status.
 
-```shell
-kctrl package available list -n carvel-packages
-```
+  ```shell
+  kctrl package repository list -n kadras-system
+  ```
 
-## Update
+List all the Carvel packages available in the Kadras package repository.
 
-You can update the repository by applying the `PackageRepository` manifest from the newest release, similar
-to the process described in the "Installation" section. Alternatively, you can use the `kctrl` CLI.
+  ```shell
+  kctrl package available list -n kadras-system
+  ```
 
-```shell
-kctrl package repository update -r kadras-repo \
-    --url ghcr.io/arktonix/kadras-packages:<new-version> \
-    -n carvel-packages
-```
+## 📙&nbsp; Documentation
 
-## Documentation
+For documentation specific to Carvel package management, check out [carvel.dev](https://carvel.dev/kapp-controller/docs/latest/packaging).
 
-You can find more documentation about Carvel package management at [carvel.dev](https://carvel.dev/kapp-controller/docs/latest/packaging).
+## 🛡️&nbsp; Security
 
-## References and inspiration
+The security process for reporting vulnerabilities is described in [SECURITY.md](SECURITY.md).
 
-* [Kubernetes native package management with Carvel](https://carvel.dev/kapp-controller/docs/latest/packaging)
-* [Tanzu Community Edition, an open-source Kubernetes platform](https://tanzucommunityedition.io)
-* [An example of package repository for installing the Tanzu Application Platform OSS stack](https://github.com/vrabbi/tap-oss)
+## 🖊️&nbsp; License
 
-## Supply Chain Security
-
-This project is compliant with level 2 of the [SLSA Framework](https://slsa.dev).
-
-<img src="https://slsa.dev/images/SLSA-Badge-full-level2.svg" alt="The SLSA Level 2 badge" width=200>
+This project is licensed under the **Apache License 2.0**. See [LICENSE](LICENSE) for more information.
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..3ef9d1a
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,5 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+If you know of a vulnerability in this project, please reach out to security@kadras.io and we will get back to you as soon as possible.
diff --git a/docs/verify-release.md b/docs/verify-release.md
new file mode 100644
index 0000000..677aad1
--- /dev/null
+++ b/docs/verify-release.md
@@ -0,0 +1,37 @@
+# Verifying the Package Repository Release
+
+This package repository is published as an OCI artifact, signed with Sigstore [Cosign](https://docs.sigstore.dev/cosign/overview), and associated with a [SLSA Provenance](https://slsa.dev/provenance) attestation.
+
+Using `cosign`, you can display the supply chain security related artifacts for the `ghcr.io/kadras-io/kadras-packages` images. Use the specific digest you'd like to verify.
+
+```shell
+cosign tree ghcr.io/kadras-io/kadras-packages
+```
+
+The result:
+
+```shell
+📦 Supply Chain Security Related artifacts for an image: ghcr.io/kadras-io/kadras-packages
+└── 💾 Attestations for an image tag: ghcr.io/kadras-io/kadras-packages:sha256-3b5321df10e6b30cd30b4dc8b8c8f0f4b3ccd9605eb9d25af03108d6e148012c.att
+   └── 🍒 sha256:8e6fc2f6005fb56c588700579cbeecabce064cf604b3cabe6294154cfe69b919
+└── 🔐 Signatures for an image tag: ghcr.io/kadras-io/kadras-packages:sha256-3b5321df10e6b30cd30b4dc8b8c8f0f4b3ccd9605eb9d25af03108d6e148012c.sig
+   └── 🍒 sha256:74c7b24859642cce47b205f0c9be06164b4d182a2c73d1c435dc4ad7af924691
+```
+
+You can verify the signature and its claims:
+
+```shell
+cosign verify \
+   --certificate-identity-regexp https://github.com/kadras-io \
+   --certificate-oidc-issuer https://token.actions.githubusercontent.com \
+   ghcr.io/kadras-io/kadras-packages | jq
+```
+
+You can also verify the SLSA Provenance attestation associated with the image.
+
+```shell
+cosign verify-attestation --type slsaprovenance \
+   --certificate-identity-regexp https://github.com/slsa-framework \
+   --certificate-oidc-issuer https://token.actions.githubusercontent.com \
+   ghcr.io/kadras-io/kadras-packages | jq .payload -r | base64 --decode | jq
+```
diff --git a/repo/packages/argo-cd.packages.kadras.io/2.4.12.yml b/repo/packages/argo-cd.packages.kadras.io/2.4.12.yml
deleted file mode 100644
index a1085d6..0000000
--- a/repo/packages/argo-cd.packages.kadras.io/2.4.12.yml
+++ /dev/null
@@ -1,45 +0,0 @@
-apiVersion: data.packaging.carvel.dev/v1alpha1
-kind: Package
-metadata:
-  creationTimestamp: null
-  name: argo-cd.packages.kadras.io.2.4.12
-spec:
-  licenses:
-  - Apache 2.0
-  refName: argo-cd.packages.kadras.io
-  releaseNotes: https://github.com/argoproj/argo-cd/releases
-  releasedAt: "2022-09-24T17:52:23Z"
-  template:
-    spec:
-      deploy:
-      - kapp: {}
-      fetch:
-      - imgpkgBundle:
-          image: ghcr.io/arktonix/package-for-argo-cd@sha256:d9aefd2d161c82ac0b6efc0e6bf3abce78c9be31aeca07d12787c5f6b8ded948
-      template:
-      - ytt:
-          paths:
-          - config
-      - kbld:
-          paths:
-          - '-'
-          - .imgpkg/images.yml
-  valuesSchema:
-    openAPIv3:
-      additionalProperties: false
-      properties:
-        namespace:
-          default: argocd
-          description: The namespace where to install Argo CD
-          type: string
-        service:
-          additionalProperties: false
-          description: Service configuration for the Argo CD Server
-          properties:
-            type:
-              default: ClusterIP
-              description: The Service type for the Argo CD Server
-              type: string
-          type: object
-      type: object
-  version: 2.4.12
diff --git a/repo/packages/argo-cd.packages.kadras.io/metadata.yml b/repo/packages/argo-cd.packages.kadras.io/metadata.yml
deleted file mode 100644
index b82afe1..0000000
--- a/repo/packages/argo-cd.packages.kadras.io/metadata.yml
+++ /dev/null
@@ -1,16 +0,0 @@
-apiVersion: data.packaging.carvel.dev/v1alpha1
-kind: PackageMetadata
-metadata:
-  creationTimestamp: null
-  name: argo-cd.packages.kadras.io
-spec:
-  categories:
-  - ci/cd
-  - gitops
-  displayName: argo-cd
-  longDescription: Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.
-  maintainers:
-  - name: Thomas Vitale
-  providerName: Arktonix
-  shortDescription: Argo CD is a declarative, GitOps continuous delivery tool for
-    Kubernetes.
diff --git a/repo/packages/cert-manager.packages.kadras.io/1.18.2.yml b/repo/packages/cert-manager.packages.kadras.io/1.18.2.yml
new file mode 100644
index 0000000..5cce3c3
--- /dev/null
+++ b/repo/packages/cert-manager.packages.kadras.io/1.18.2.yml
@@ -0,0 +1,231 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: cert-manager.packages.kadras.io.1.18.2
+spec:
+  licenses:
+  - Apache 2.0
+  refName: cert-manager.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-cert-manager/releases
+  releasedAt: "2025-08-14T17:36:11Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-cert-manager@sha256:84afdbe2e4b2d84ef5f9774b4608ffb100029c7e0a97bc0568aec9401c8c652b
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        cainjector:
+          additionalProperties: false
+          description: Settings for the cainjector controller.
+          properties:
+            loglevel:
+              default: 2
+              description: Number of the log level verbosity.
+              maximum: 5
+              minimum: 1
+              type: integer
+            replicas:
+              default: 1
+              description: The number of replicas. In order to enable high availability,
+                2 replicas are recommended.
+              minimum: 1
+              type: integer
+          type: object
+        controller:
+          additionalProperties: false
+          description: Settings for the cert-manager controller.
+          properties:
+            dns01:
+              additionalProperties: false
+              description: Configures the behaviour of the ACME DNS01 challenge solver.
+              properties:
+                recursive_nameservers:
+                  default: []
+                  description: Each nameserver can be either the IP address and port
+                    of a standard recursive DNS server, or the endpoint to an RFC
+                    8484 DNS over HTTPS endpoint.
+                  items:
+                    default: ""
+                    type: string
+                  type: array
+                recursive_nameservers_only:
+                  default: false
+                  description: When true, cert-manager will only ever query the configured
+                    DNS resolvers to perform the ACME DNS01 self check. This is useful
+                    in DNS constrained environments, where access to authoritative
+                    nameservers is restricted. Enabling this option could cause the
+                    DNS01 self check to take longer due to caching performed by the
+                    recursive nameservers.
+                  type: boolean
+              type: object
+            loglevel:
+              default: 2
+              description: Number of the log level verbosity.
+              maximum: 5
+              minimum: 1
+              type: integer
+            replicas:
+              default: 1
+              description: The number of replicas. In order to enable high availability,
+                2 replicas are recommended.
+              minimum: 1
+              type: integer
+          type: object
+        leader_election:
+          additionalProperties: false
+          description: Leader election configuration for the cert-manager and cert-manager-cainjector
+            Deployments.
+          properties:
+            namespace:
+              default: kube-system
+              description: 'Namespace used to perform leader election. The default
+                namespace needs changing in environments like GKE. More information:
+                https://cert-manager.io/docs/installation/compatibility.'
+              minLength: 1
+              type: string
+          type: object
+        letsencrypt:
+          additionalProperties: false
+          description: Settings for Let's Encrypt.
+          properties:
+            challenge:
+              additionalProperties: false
+              properties:
+                dns_provider:
+                  default: digital_ocean
+                  description: 'The DNS provider to use for the ACME dns01 challenge.
+                    Valid options: `cloudflare`, `digital_ocean`.'
+                  enum:
+                  - cloudflare
+                  - digital_ocean
+                  type: string
+                secret:
+                  additionalProperties: false
+                  properties:
+                    key:
+                      default: ""
+                      description: The key within the Secret that contains the credentials
+                        needed for the dns01 challenge.
+                      type: string
+                    name:
+                      default: ""
+                      description: Name of the Secret containing the credentials needed
+                        for the dns01 challenge.
+                      type: string
+                    namespace:
+                      default: kadras-system
+                      description: Namespace containing the Secret with the credentials
+                        needed for the dns01 challenge.
+                      type: string
+                  type: object
+                type:
+                  default: http01
+                  description: 'The type of challenge used by the ACME CA Server.
+                    Valid options: `http01`, `dns01`.'
+                  enum:
+                  - http01
+                  - dns01
+                  type: string
+              type: object
+            email:
+              default: ""
+              description: The email address that Let's Encrypt will use to send info
+                on expiring certificates or other issues.
+              type: string
+            include:
+              default: false
+              description: Whether to include a ClusterIssuer for Let's Encrypt.
+              type: boolean
+            production:
+              default: false
+              description: Whether to use Let's Encrypt staging (recommended for non-production
+                environments) or production.
+              type: boolean
+          type: object
+        namespace:
+          default: cert-manager
+          description: The namespace in which to deploy cert-manager.
+          minLength: 1
+          type: string
+        policies:
+          additionalProperties: false
+          description: Settings for the Kyverno policies.
+          properties:
+            include:
+              default: false
+              description: Whether to include the out-of-the-box Kyverno policies
+                to validate and secure the package installation.
+              type: boolean
+          type: object
+        private_pki:
+          additionalProperties: false
+          description: Settings for the built-in, private PKI
+          properties:
+            include:
+              default: true
+              description: Whether to include a ClusterIssuer for a private PKI.
+              type: boolean
+          type: object
+        proxy:
+          additionalProperties: false
+          description: Settings for the corporate proxy.
+          properties:
+            http_proxy:
+              default: ""
+              description: The HTTP proxy to use for network traffic.
+              type: string
+            https_proxy:
+              default: ""
+              description: The HTTPS proxy to use for network traffic.
+              type: string
+            no_proxy:
+              default: ""
+              description: A comma-separated list of hostnames, IP addresses, or IP
+                ranges in CIDR format that should not use the proxy.
+              type: string
+          type: object
+        webhook:
+          additionalProperties: false
+          description: Settings for the cert-manager webhook.
+          properties:
+            host_network:
+              default: false
+              description: 'Whether to run the webhook in the host network so that
+                it can be reached by the cert-manager controller in environments like
+                AWS EKS. More information: https://cert-manager.io/docs/installation/compatibility.'
+              type: boolean
+            loglevel:
+              default: 2
+              description: Number of the log level verbosity.
+              maximum: 5
+              minimum: 1
+              type: integer
+            replicas:
+              default: 1
+              description: The number of replicas. In order to enable high availability,
+                at least 3 replicas are recommended.
+              minimum: 1
+              type: integer
+            secure_port:
+              default: 6443
+              description: 'The port where the webhook is exposed. The default port
+                needs changing in environments like AWS EKS and AWS Fargate. More
+                information: https://cert-manager.io/docs/installation/compatibility.'
+              type: integer
+          type: object
+      type: object
+  version: 1.18.2
diff --git a/repo/packages/cert-manager.packages.kadras.io/metadata.yml b/repo/packages/cert-manager.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..ea7c04c
--- /dev/null
+++ b/repo/packages/cert-manager.packages.kadras.io/metadata.yml
@@ -0,0 +1,23 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: cert-manager.packages.kadras.io
+spec:
+  categories:
+  - certificate-management
+  - security
+  - tls
+  displayName: cert-manager
+  iconSVGBase64: PHN2ZyBpZD0ic3ZnMzg4MSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxuczp4bGluaz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94bGluayIgdmlld0JveD0iMCAwIDc5MiA3OTIiPjxkZWZzPjxzdHlsZT4uY2xzLTEsLmNscy0ye2ZpbGw6bm9uZTt9LmNscy0ye2NsaXAtcGF0aDp1cmwoI2NsaXAtcGF0aCk7fS5jbHMtM3tjbGlwLXBhdGg6dXJsKCNjbGlwLXBhdGgtMik7fS5jbHMtNHtmaWxsOiNmZmY7fS5jbHMtNXtmaWxsOiMzMjZjZTU7fS5jbHMtNnttYXNrOnVybCgjbWFzayk7fS5jbHMtN3tmaWxsOiNmZGZkZmU7fTwvc3R5bGU+PGNsaXBQYXRoIGlkPSJjbGlwLXBhdGgiPjxwb2x5Z29uIGNsYXNzPSJjbHMtMSIgcG9pbnRzPSItNTEyLjU0NyAtNzIuNTIyIC01MTEuNTQ3IC03Mi41MjIgLTUxMi41NDcgLTcxLjUyMiAtNTEyLjU0NyAtNzIuNTIyIi8+PC9jbGlwUGF0aD48Y2xpcFBhdGggaWQ9ImNsaXAtcGF0aC0yIj48cG9seWdvbiBjbGFzcz0iY2xzLTIiIHBvaW50cz0iLTUxNC41NDcgLTc0LjUyMiAtNTE1LjU0NyAtNzQuNTIyIC01MTQuNTQ3IC03NS41MjIgLTUxNC41NDcgLTc0LjUyMiIvPjwvY2xpcFBhdGg+PG1hc2sgaWQ9Im1hc2siIHg9Ijk1LjQ1OTk3IiB5PSIyMjAuNTY0MTUiIHdpZHRoPSIxMTQ1LjA3OTc0IiBoZWlnaHQ9IjU4OC4wNjYxMSIgbWFza1VuaXRzPSJ1c2VyU3BhY2VPblVzZSI+PGcgaWQ9Im1hc2stMiIgZGF0YS1uYW1lPSJtYXNrIj48ZyBpZD0iZzM4MjMiPjxwYXRoIGlkPSJwYXRoMzgxOSIgZD0iTTk0Ni41MDY2LDIyMC41NjQxNWMtMTYyLjM4OCwwLTI5NC4wMzMsMTMxLjY0NTA3LTI5NC4wMzMsMjk0LjAzMzA3czEzMS42NDUsMjk0LjAzMzA1LDI5NC4wMzMwNSwyOTQuMDMzMDUsMjk0LjAzMzExLTEzMS42NjU2NiwyOTQuMDMzMTEtMjk0LjAzM1MxMTA4Ljg5NDY0LDIyMC41NjQxNSw5NDYuNTA2NiwyMjAuNTY0MTVabS0uMDcyMiw1NjIuNDljLTE0OC4zMTA4MSwwLTI2OC4zNTM3My0xMjAuMTA0ODYtMjY4LjM4NDctMjY4LjQxNTY0Uzc5OC40MTIzMywyNDUuODgyNSw5NDYuODE2LDI0Ni4xNTA2M3MyNjguMjgxNTksMTIwLjM5MzYxLDI2OC4xMzcyLDI2OC42NTI4NlMxMDk0LjcyNDYzLDc4My4wOTU0MSw5NDYuNDM0NCw3ODMuMDU0MTJaIi8+PC9nPjwvZz48L21hc2s+PC9kZWZzPjxnIGlkPSJUZXh0Ij48ZyBjbGFzcz0iY2xzLTMiPjxnIGlkPSJnMzg3OCI+PGcgaWQ9IlRleHRfYW5kX2RldGFpbCIgZGF0YS1uYW1lPSJUZXh0IGFuZCBkZXRhaWwiPjxwYXRoIGlkPSJDaXJjbGUiIGNsYXNzPSJjbHMtNCIgZD0iTTM4Mi4xNTI2Niw4Mi44Nzg0NmMtMTcyLjQsMC0zMTIuMTYsMTM5Ljc2LTMxMi4xNiwzMTIuMTYsMCwxNzIuNCwxMzkuNzYsMzEyLjE2LDMxMi4xNiwzMTIuMTZzMzEyLjE2LTEzOS43MiwzMTIuMTYtMzEyLjE2LTEzOS43Ni0zMTIuMTYtMzEyLjE2LTMxMi4xNlptLS4wOCw1OTcuMTU5OTRjLTE1Ny40NCwwLTI4NC44OS0xMjcuNTEtMjg0LjkyLTI4NC45NSwwLTE1Ny42MSwxMjcuNzgtMjg1LjMsMjg1LjMzLTI4NSwxNTcuNTUwMDUuMywyODQuODA5OTQsMTI3LjgsMjg0LjY3MDA1LDI4NS4yMkM2NjcuMDEyNTgsNTUyLjcyODQsNTM5LjUxMjU4LDY4MC4wODgzOSwzODIuMDcyNjQsNjgwLjAzODRaIi8+PGcgaWQ9IkxFVFRFUlMiPjxwYXRoIGlkPSJwYXRoMzg1MSIgY2xhc3M9ImNscy00IiBkPSJNMjM4LjE1MjY2LDUzNi40Nzg0NmMtMS0zLjQ1LTUuNzUtNi44OC05LjQ0LTYuNDItNS4yNC42Ny0xMC40NiwxLjU0LTE2Ljc2LDIuNDgsMi4zMi02LjE1LDQuMjgtMTEuNCw2LjI4LTE2LjY1LDEuNzMtNC41Ni0yLTYuNzctNC4zNC05LjIxcy00LjE3LjY0LTUuNzYsMS45Yy04LjQ3LDYuNzEtMTYuNjgsMTMuNzUtMjUuMjMsMjAuMzUtNC4wNiwzLjEzLTEsNC45NS42NCw3LjJzMy4zMSw0Ljc4LDYuNjYsMS44M2MzLjg2LTMuMzksNy45NC02LjU0LDEyLTkuODMuMTUuMzguMjkuNTYuMjUuNjgtLjgsMi4zMi0xLjY3LDQuNjItMi40NSw2Ljk1LTEuNjMsNC45MiwxLjUyLDguNTEsNi42OSw3LjcsMi4xNS0uMzQsNC4zNC0xLDYuOS4xLTQuMTYsMy40MS03Ljc3LDYuNjEtMTEuNjMsOS40Ni0zLjE3LDIuMzQtMS42NSw0LjI1LjI2LDZzMi43MSw2LjMxLDYuOCwzcTEzLjc5LTExLjEyLDI3LjQ5LTIyLjMxQzIzNy40NTI2NCw1MzguOTM4NDIsMjM4LjY2MjY3LDUzOC4yMTg0NSwyMzguMTUyNjYsNTM2LjQ3ODQ2WiIvPjxwYXRoIGlkPSJwYXRoMzg1MyIgY2xhc3M9ImNscy00IiBkPSJNNDA1LjMwMjYyLDIwMC4wODg0NWM2LjU0LDIuNyw5LjEzLDEuNDYsMTAuNDgtNS4zLjMtMS40Ny41Ny0yLjkzLjkzLTQuMzguMjktMS4xOCwwLTMuMTcsMS44MS0yLjkyczQuMTMtLjEyLDQuNzksMi41OCwxLjQ4LDUuMDksMi4yMiw3LjYzYzIuMDgsNywzLjUxLDguMDksMTAuNjQsOC40NiwyLjY4LjE0LDMuMjgtLjc3LDIuNTctMy4xNi0xLjEyLTMuODEtMi4wOS03LjY3LTMuMjgtMTEuNDYtLjU1LTEuNzMtMS0yLjc1LDEuMzctMy43NCw1Ljc4LTIuNDQsNy4zNC03LjY4LDcuNzUtMTMuMDcsMC02LjY2LTQtMTEuNTMtMTEuNDgtMTMuNTMtNi4wOC0xLjYyLTEyLjMyLTIuNjMtMTguNDgtNC0yLjMtLjUtMy40NS40My0zLjg4LDIuNjMtMi4zNiwxMi00Ljc2LDI0LjA4LTcuMDksMzYuMTQtLjMxLDEuNjMtLjU0LDMuMjIsMS42NSw0LjEyWm0xNy41NC0zMWM1LjA1LS41MSw5LjkyLDIuNDEsOS44Nyw1LjRzLTEuOCw0LjQ0LTUuMTksNC41M2MtMi4wOS0xLjc2LTYuOTQsMS4xLTcuNjUtMy4zNy0uMy0xLjg5LTEtNi4xMSwyLjk3LTYuNTJaIi8+PHBhdGggaWQ9InBhdGgzODU1IiBjbGFzcz0iY2xzLTQiIGQ9Ik0zMzkuNDUyNjQsNTkxLjI5ODQ3Yy0yLjg0LS45My01Ljc0LTIuMS02Ljc0LDIuNjItMS4wOSw1LjE5LTIuNzUsMTAuMjUtNC40NywxNi41LTIuNjMtNy44Mi01LjA3LTE0LjUyLTcuMS0yMS4zNC0xLjMzLTQuNDYtNS4xNS00LjQyLTguMzctNS0zLjU1LS41OC0yLjkxLDMtMy40Nyw1LTMsMTAuMzYtNS41OCwyMC44Ni04LjgsMzEuMTYtMS41OCw1LjA4LDIuMTcsNC42Miw0LjY3LDUuNDksMi42Ni45MSw1LjQ3LDIsNi40OC0yLjQsMS4yMS01LjI3LDIuODItMTAuNDUsNC40NS0xNi4zNC42NywxLjU0LDEuMTMsMi40MiwxLjQ0LDMuMzQsMiw2LDQuMDksMTEuOTMsNiwxNy45NCwxLjM3LDQuNDQsNS4zNyw0LjE3LDguNTYsNC42MXMyLjUzLTMsMy4wNi00LjgxYzMtMTAuMzgsNS41My0yMC44OSw4LjgtMzEuMTcsMS40OS00Ljk4LTEuOTYtNC43Ni00LjUxLTUuNloiLz48cGF0aCBpZD0icGF0aDM4NTciIGNsYXNzPSJjbHMtNCIgZD0iTTU4MC4zMTI2Myw1MjguMDQ4NDdjLTMuMjgtLjQ3LTYuNTEtMS40NC05LjgwMDA1LTEuNzUtMi43MS0uMjUtMy4zOS0xLjE5LTMuNDgtNC0uMjItNy02LjU1MDA1LTEyLjc0LTEzLjQzOTk0LTEyLjgyLTQuNzMtLjEzLTguMzUsMi4yNC0xMS4yNSw1LjU2LTMuNjEsNC4xMy02LjcxLDguNy0xMC4zMywxMi44Mi0yLjQ2LDIuODEtMi4xNSw0LjU1Ljc4LDYuNzYsOC43Niw2LjYyLDE3LjQ0OTk1LDEzLjM1LDI1LjkzOTk0LDIwLjMsMywyLjQsNC41MSwyLjE1LDYuNzItLjg2LDQtNS40NSw0LjE2LTUuMzItMS4yMy05LjUtMS4xODAwNS0uOTItMi40Mi0xLjc4LTMuNS0yLjgxLS44My0uNzktMi44OS0xLjExLTEuNzMtMi45MS45Mzk5NC0xLjQ1LDEuNzUtMy4zNSw0LjE2LTIuODZzNSwuNTYsNy4zMjk5NSwxLjQxYzUuMzcsMiw4LjcxLS4wOSwxMS42My00LjU0LDEuOTMwMDUtMi44OSwyLjAzLTQuMjYtMS44LTQuOFptLTMwLDUuNDNjLS43NS4wNi02LjEzLTQuNTYtNi4wOC01LjIzLjEzLTEuNzYsNi4yOC03LjY1LDgtNy42NSwyLjMxMDA2LjQ2LDQsMS42MSw0LjE4OTk0LDQuMTVDNTU2LjUzMjYsNTI2LjI5ODQ3LDU1MS40NTI2NCw1MzMuMzc4NDksNTUwLjMxMjYzLDUzMy40Nzg0NloiLz48cGF0aCBpZD0icGF0aDM4NTkiIGNsYXNzPSJjbHMtNCIgZD0iTTMzMS43MTI2NSwyMDEuMDc4NDdjLjM1LDIsMSwzLjYsMy40OSwzLjIxLDktMS41NiwxOC4wNi0yLjkxLDI3LTQuNzcsNC43Mi0xLDEuNDctNC41NiwxLjUyLTcsLjA1LTIuNjEtMS4zNy0zLjQtMy45My0yLjktNC44OS45NS05Ljg1LDEuNi0xNC43NCwyLjU3LTIuNTQuNS0zLjIxLS42Ni0zLjQ1LTIuODMtLjIxLTEuOTMtLjQ5LTMuNDMsMi4zLTMuNzQsNC4xMy0uNDQsOC4xNy0xLjYxLDEyLjMtMi4wNSw0LjQ3LS40OCwzLjY1LTMuMjksMy4xNy02LjEzcy0xLjA4LTUuMTctNS00LjA5Yy0zLjY3LDEtNy41NiwxLjE2LTExLjI2LDIuMDktMi42LjY2LTMuODcuNS00LjQxLTIuNTQtLjU5LTMuMjgsMS4yMy0zLjU1LDMuNTUtMy45LDQuMTEtLjYxLDguMi0xLjQsMTIuMzEtMiwyLjYzLS40LDQuNjUtMS4xMywzLjU5LTQuNDQtLjg1LTIuNjYuMzYtNi44Ni01LjEzLTUuNzItNy44MSwxLjYzLTE1LjY4LDMtMjMuNTgsNC0zLjc4LjQ4LTQuMywyLjE3LTMuNzQsNS4zMXEzLjA0NSwxNy41MDUsNi4wMSwzNC45M1oiLz48cGF0aCBpZD0icGF0aDM4NjEiIGNsYXNzPSJjbHMtNCIgZD0iTTQ2NS4xMzI2NCw1OTYuMDE4NDRhODguNDkwNDksODguNDkwNDksMCwwLDEtOC45MiwzLjA3Yy0yLjUxLjgtNC4zMiwxLjgyLTIuODIsNSwxLjE5LDIuNDYuODcsNi41NSw1LjYyLDQuNjUuODctLjM1LDEuOC0xLjE3LDIuNjUtLjExLjg1LDEuMDYuMjksMi4zMi0uMTMsMy4zMi0xLjIyLDIuODctMy43OCw0LjEtNi42NSw0LjZhNi4yMTg3OCw2LjIxODc4LDAsMCwxLTYuNjctMy4zNywzMi43ODk4LDMyLjc4OTgsMCwwLDEtNC0xMS4yYy0uOTMtNS44Myw0LjYyLTEwLjkzLDkuOTEtOC4zOCw0LjM2LDIuMSw3LjY0LjQyLDExLjM0LS42NiwyLjUzLS43NCwyLjU0LTIuMjUsMS4wOC00LjA5LTMuMzgtNC4yNi04LTUuNjEtMTMuMjQtNS44M2EyMi42Nzk4NSwyMi42Nzk4NSwwLDAsMC0xNSw1LjZjLTUsNC40OC03LDEwLjE2LTUsMTYuNjUsMi41Myw4LjQ5LDQsMTgsMTQuNTYsMjAuOCw4LjEsMi4xMywxNS4yNC0uMzgsMjEtNi4xMiw2LjIzLTYuMjQsNC43Mi0xMy41MSwyLTIwLjkyLTEuMTktMy4xNi0yLjM1LTQuNS01LjczLTMuMDFaIi8+PHBhdGggaWQ9InBhdGgzODYzIiBjbGFzcz0iY2xzLTQiIGQ9Ik01MjcuMTUyNiw1NzcuMTI4NDljLTMuNjYsMi44Ni03LjY0LDUuMzEtMTEuMzEwMDYsOC4xNy0yLDEuNTYtMywxLjA3LTQuMjktLjgxLTEuMjktMS44OC0xLjY5LTMsLjQ2LTQuNDEsMy4zMjk5NS0yLjE5LDYuNTItNC41OSw5Ljc2LTYuOTEsMS4wNjAwNi0uNzYsMi4zNC0xLjM4LDIuMjItMy4yMmExMy41Mzk3MiwxMy41Mzk3MiwwLDAsMC00LjE4OTk0LTUuOGMtMS44Ni0xLjMxLTMuMzAwMDUuNjktNC43NSwxLjY5LTMsMi4wOC02LjE0LDQtOC45NCw2LjM0LTIuMzMsMS45NC0zLC4xNy00LjE1LTEuMjEtMS4zOC0xLjYxLTEuNC0yLjYxLjUzLTMuODcsMy43NS0yLjQ1LDcuMjItNS4zMywxMC45OTk5NC03LjcxLDMuMS0xLjk0LDIuNDM5OTQtMy44Mi42Mi02LjA2LTEuNjEtMi0yLjU5LTUtNi4xNS0yLjMtNi41Miw0Ljg2LTEzLjIyLDkuNDktMTkuODksMTQuMTctMi4xLDEuNDctMi4xOSwyLjkzLS43Miw1LDYuOSw5LjU3LDEzLjcxLDE5LjIsMjAuNTQsMjguODMsMS4yNCwxLjc0LDIuNDUsMi40Myw0LjQ5OTk0Ljk0cTEwLjI2LTcuNSwyMC42ODk5NC0xNC43NWMzLjI3LTIuMjcsMS4yOS00LjE2LS4xMS02LjIxLTEuNC0yLjA1LTIuNzMtNC4zMS01LjgyLTEuODhaIi8+PHBhdGggaWQ9InBhdGgzODY1IiBjbGFzcz0iY2xzLTQiIGQ9Ik0yNjguODUyNjcsNTYwLjg5ODQ1Yy0xLjQtMS0yLjg4LS41My00LjE0LjQ1cS0xNS4xODAwNywxMS44LTMwLjMzLDIzLjY0Yy0xLjMzLDEtMi4zMiwyLjQ3LS40LDMuNTQsMy41NCwyLDYuNzgsNywxMS40OSwxLjcyYTEuNTksMS41OSwwLDAsMSwyLjE4LS40N2MzLjc2LDIuNDYsNy41NSw0Ljg3LDExLjMsNy4zMywxLC42OC42NywxLjc0LjU1LDIuNzItLjUzLDQuMjksMi40NCw5LjEyLDYuNzEsOS4zNSw0LjQ2LjIzLDIuMzYtNC40OCwzLjc2LTYuNjlhMy4wMDEsMy4wMDEsMCwwLDAsLjM0LS45NGMyLjYtMTAuNjUsNS4yLTIxLjMxLDgtMzIuODUtMS4xMi00LjMyLTYuMDctNS4yMi05LjQ2LTcuOFptLTYuNCwyNi43MmMtNy44MS00LjU5LTcuODEtNC41OS0xLjQ3LTkuNjUsMS4yOC0xLDIuNi0yLDQuNDgtMy40NEE1Ni4zMzA2OCw1Ni4zMzA2OCwwLDAsMSwyNjIuNDUyNjQsNTg3LjYxODQyWiIvPjxwYXRoIGlkPSJwYXRoMzg2NyIgY2xhc3M9ImNscy00IiBkPSJNMjU1Ljk0MjYzLDIyMy44Mjg0N2M1LDYuOTQsMTIuNjgsOSwyMC44Miw2LDguNDYtMy4wNiwxNS0xMS4zMiwxNC42Ni0xOC44N2EyMC41NTA0MywyMC41NTA0MywwLDAsMC0xLjI0LTUuMjksMi4xMSwyLjExLDAsMCwwLTIuMTMtMS43M2MtMi45LDAtOC4yMyw1LjE5LTguMjcsOC4zLS4wNSw0LjE5LTIuNzMsNi4yOS02LjA4LDcuNjMtMy4xNywxLjI2LTYsMC03Ljg3LTIuNjNhNzMuMTQzMzQsNzMuMTQzMzQsMCwwLDEtNS45NC05Ljc1Yy0xLjQtMi44Ny0xLjE0LTYsMS40Ny04LjIzczUuODQtMy43NCw5LjU1LTEuNzFjMi42LDEuNDMsOS42MS0xLDExLjEtMy41MywxLTEuNjItLjI4LTIuNTMtMS4wOS0zLjQzYTEzLjg4LDEzLjg4LDAsMCwwLTEwLjgtNC42OGMtMTMuMzguMDUtMjMuODEsMTAuMzUtMjIuNCwyMS42MS44LDYuMzQsNC43MywxMS4zNCw4LjIyLDE2LjMxWiIvPjxwYXRoIGlkPSJwYXRoMzg2OSIgY2xhc3M9ImNscy00IiBkPSJNMzk4LjAxMjY0LDYwMy42MDg0N2MtMy4zOS04LjgyLTUuNzItMTAtMTQuNzktOGEzLjg4MDEsMy44ODAxLDAsMCwwLTMuMjcsMi42M3EtNS43LDE4LjI0LTExLjM2LDM2LjU0Yy0uMzMsMS4wNy0uODEsMi4zMy40NywzLjE3LDIuNzMsMS44LDkuOS0uNzIsMTEuMTMtMy44OS41MS0xLjMyLjUyLTIuOTMsMi43MS0yLjg5LDQsLjA4LDgsMCwxMi0uMTksMS40Mi0uMDYsMi4zLjQ4LDIuNTUsMS43Ni43Nyw0LDMuMTcsNS4xOCw2LjQ4LDQuMzIsNi43Ny0uMTcsNi44LS4xOSw0LjU4LTZxLTUuMjQtMTMuNzYwMS0xMC41LTI3LjQ1Wm0tMTAuNTYsMTguMDdjLTMsMC0zLjQ0LS44NC0yLjU0LTMuMzksMS4wOS0zLjEyLDItNi4zLDMuMjctMTAuMzYsMS4zMywzLjQsMi4zMSw1Ljg1LDMuMjQsOC4zMSwyLjA4LDUuNTcsMi4wMyw1LjM4LTMuOTcsNS40NFoiLz48cGF0aCBpZD0icGF0aDM4NzEiIGNsYXNzPSJjbHMtNCIgZD0iTTQ4NS44OTI2NSwyMjkuMTU4NDZjMi4zNCwxLjI4LDQuNTcsNC42OSw3LjI3LjE4LDMuNTctNiw3LjQ0LTExLjc5LDExLjE2LTE3LjY4LDQuNDgtNy4wOCw0LjYtNy4yOSwxMS44MDAwNS0yLjc2LDMuODI5OTUsMi40Miw0Ljg0LS4xOSw2LjQ0OTk1LTIuNTIsMS43Mi0yLjUsMi40LTQuNDEtMS02LjQxcS0xMi03LjE1LTIzLjU1LTE0LjkyYy0zLjI3LTIuMTgtNC44OS0xLjYtNywxLjY0LTIuMzQsMy41Ny0xLjg2LDUuNDcsMS43Niw3LjM5LDIuMSwxLjExLDQuNDUsMi4xMyw1LjksNC4yMS0uNzQsMS4xOS0xLjM0LDIuMTktMiwzLjE3LTQuNTMsNy4xNi04LjkzLDE0LjQtMTMuNjIsMjEuNDUtMi41MiwzLjg4LjM5LDQuOTEsMi44Myw2LjI1WiIvPjwvZz48ZyBpZD0iTmV3X0FuY2hvciIgZGF0YS1uYW1lPSJOZXcgQW5jaG9yIj48cGF0aCBpZD0icGF0aDM4NzQiIGNsYXNzPSJjbHMtNCIgZD0iTTQ5NS4zNDI2Niw0NDYuODk4NDVjLTIuNTctMTAuNTQtNS4xMS0yMC45Mi03LjY4LTMxLjQyYTMuMiwzLjIsMCwwLDAtNS4zMy0xLjU2bC0yNC43MiwyMy42NmEzLjA2LDMuMDYsMCwwLDAsMS4yNiw1LjE0Yy45Mi4yNiwxLjgyLjUxLDIuNzQuNywyLC40MywxLjgsMS4xLjg3LDIuNTFhNjUuNTg5MjEsNjUuNTg5MjEsMCwwLDEtMjAsMTkuNThsLS4yLjEyYTg2Ljc4MDQxLDg2Ljc4MDQxLDAsMCwxLTIxLjcsNywxNTkuMzUzNjIsMTU5LjM1MzYyLDAsMCwxLTIzLjUzLDIuNzIsMS44NCwxLjg0LDAsMCwxLTEuODk5MjktMS43Nzg3NXEtLjAwMTQ3LS4wNDU2LS4wMDA3My0uMDkxMjV2LTExMC4zOGExLjA4LDEuMDgsMCwwLDEsMS4wOC0xLjA4aDBjMSwwLDIuMjIuMiw1LjE1LjE3LDUuNzYtLjA2LDExLjc2LS4wNiwxNy41NC0uNCwxLjg4LS4xMSwyLjkzLS4wNSw0LjEzLjg1YTEyLjM1LDEyLjM1LDAsMCwwLDE2LjcxLTEuMjksMTIuNTIsMTIuNTIsMCwwLDAsLjExLTE2Ljc2LDEyLjMsMTIuMywwLDAsMC0xNi42Ni0xLjU4LDQuMDcwMDgsNC4wNzAwOCwwLDAsMS0yLjUzLDEuMDhxLTEyLjA4MDEtLjA2LTI0LjE0LDBhMS45MDAwOSwxLjkwMDA5LDAsMCwxLTEuMzktLjM3di0xMi42MmExLjc5OTg3LDEuNzk5ODcsMCwwLDEsLjQyLTEuMTgsNi40MTk2Miw2LjQxOTYyLDAsMCwxLDItMS40MWMxMy02LjYsMTkuNzQtMTcuNDQsMTkuNzUtMzEuODcsMC0yMi44My0yMi4yNy0zOS40NC00NC4yOS0zMy40Ni0xNy40Niw0Ljc0LTI4LjgsMjIuMDgtMjUuNTEsMzkuNzcsMi40MiwxMywxMC4wNywyMi4xLDIyLjUxLDI2LjkyYTYuNTg4OTMsNi41ODg5MywwLDAsMSwxLjMzLjY2LDEuOCwxLjgsMCwwLDEsLjcxLDEuNDd2MTAuMzJhMS43OCwxLjc4LDAsMCwxLTEuNzc5OTEsMS43ODAxMmwtLjAyMDA4LS4wMDAxMmMtOC42NS0uMS0xNy4zMS0uMDYtMjYsMGE1LjUzLDUuNTMsMCwwLDEtMy4zMS0xLjEyLDEyLjI0LDEyLjI0LDAsMCwwLTE2LjYyLDEuNywxMi4zNywxMi4zNywwLDAsMCwxNi43MywxOC4wNyw1LjA4LDUuMDgsMCwwLDEsMy4zLTEuMDhjOC4zOSwwLDE2Ljc5LjEyLDI1LjE4LDBhMy4xOSwzLjE5LDAsMCwxLDIuMTcuNDYsMSwxLDAsMCwxLC4zMS43NnYxMDkuODFhMS44NSwxLjg1LDAsMCwxLTEuODUzODgsMS44NDYxM3EtLjA3MzE1LS4wMDAyLS4xNDYxMi0uMDA2MTFhMTkyLjQ0MzIxLDE5Mi40NDMyMSwwLDAsMS0zMC4yMi01LDkyLjc4ODQ5LDkyLjc4ODQ5LDAsMCwxLTE3LjY4LTYuMjEsMS41NjAzLDEuNTYwMywwLDAsMS0uMjgtLjE2LDY2Ljg3MDMzLDY2Ljg3MDMzLDAsMCwxLTE5LjU0LTIxLjM4LDEuMzgsMS4zOCwwLDAsMSwxLTIuMTZsMi42NS0uNTRhMy4wOCwzLjA4LDAsMCwwLDEuNi01LjA4bC0yMy4yNi0yNS4zNWEzLDMsMCwwLDAtNS4xMywxLjE0Yy0zLjQ0LDEwLjg5LTYuNzksMjEuNTMtMTAuMTksMzIuMzJhMy4zNSwzLjM1LDAsMCwwLDMuOTQsNC4yOGwxLjgtLjQxYTUuMTIsNS4xMiwwLDAsMSw1LjY5LDIuNjRjMTMuMzgsMjYsMzMuNSw0NC44MSw2MC4xMiw1Ni43LDEwLjQsNC42NSwxNC41Miw2LDIzLjUsNy4zN2ExLjc3OTYzLDEuNzc5NjMsMCwwLDEsMSwuNTFsMTMuNjcsMTMuNTVhNC45MSw0LjkxLDAsMCwwLDYuODUsMGwxMy4yOC0xM2ExLjg4MDA5LDEuODgwMDksMCwwLDEsMS4xMi0uNTJjMTMuMy0xLjI1LDE5LjIzLTQuNTQsMzMuNTQtMTEuMDksMjIuMTUtMTAuMTMsMzkuNzQtMjcuNzYsNTEuMDYtNDkuMzIsMS0xLjkyLDEuODgtMi4xNSwzLjU4LTEuNTguNjUuMjIsMS4zMS40MywyLC42M2E0LjEyLDQuMTIsMCwwLDAsNS4yMS00Ljk4Wm0tMTE0LjEtMTMxLjgzYTE3LjcyLDE3LjcyLDAsMCwxLTE3LjA4NjMtMTguMzMxODJxLjAwMjg0LS4wNzkwOS4wMDYyOS0uMTU4MTdjLjQ4LTEwLjQ2LDkuMTgtMTguMTgsMTktMTcuNDMsMTAuMzQuOCwxNy40Niw5LjExLDE2Ljk0LDE4LjY5LS41NiwxMC40Mi05LjEsMTcuOTYtMTguODYsMTcuMjNaIi8+PC9nPjwvZz48L2c+PC9nPjwvZz48ZyBpZD0iQmFja2dyb3VuZF93YXZ5X291dGxpbmUiIGRhdGEtbmFtZT0iQmFja2dyb3VuZCB3YXZ5IG91dGxpbmUiPjxnIGlkPSJwYXRoMzgzOCI+PHBhdGggY2xhc3M9ImNscy01IiBkPSJNNzc3Ljc0NzUxLDM5Ni4zMzY1YzAsMzkuODkwNTUtMjQuNDMxMzYsNzUuNDI5MDctMzYuMDk1MzksMTExLjM4MDA2LTEyLjEwNzQxLDM3LjMwMi0xMy42NTQzNiw4MC4zMjc3NC0zNi4yNTAxMSwxMTEuMzgwMDctMjIuODIyNjEsMzEuMzYxNzEtNjMuNDE0NDQsNDYuMDI2NzktOTQuNzc2MjEsNjguODQ5MzktMzEuMDUyMzQsMjIuNTk1NjktNTcuNDIyNjcsNTYuODAzODYtOTQuNzE0MjgsNjguOTIxNTktMzUuOTkyMjgsMTEuNjg0NjItNzcuMjc1MDctLjExMzQyLTExNy4xNTUzLS4xMTM0MnMtODEuMTYzMDgsMTEuNzk4LTExNy4xNDUuMTEzNDJjLTM3LjMwMi0xMi4xMTc3My02My42NzIyNi00Ni4zMjU4NC05NC43MjQ2LTY4LjkyMTU5LTMxLjM2MTcxLTIyLjgyMjYtNzEuOTUzNi0zNy40ODc2MS05NC43NzYyMS02OC44NDkzOS0yMi41OTU2OS0zMS4wNDItMjQuMTQyNjMtNzQuMDY3NzUtMzYuMjUwMTEtMTExLjM4MDA3QzQ0LjE3NTcxLDQ3MS43MjQyOCwxOS43NjQ5Myw0MzYuMTg1ODIsMTkuNzY0OTMsMzk2LjMzNjVzMjQuNDMxNDItNzUuNDI5MDcsMzYuMDk1MzktMTExLjM4MDA3YzEyLjEwNzQxLTM3LjMwMiwxMy42NTQzNi04MC4zMjc3MywzNi4yNTAxMS0xMTEuMzgwMDcsMjIuODIyNjEtMzEuMzUxNDIsNjMuNDE0NDQtNDYuMDI2NzgsOTQuNzc2MjEtNjguODM5MDcsMzEuMDUyMzQtMjIuNTk1NzIsNTcuNDIyNjEtNTYuODE0MTQsOTQuNzI0Ni02OC45MjE1NywzNS45ODItMTEuNjg0Niw3Ny4yNjQ3NS4xMDMxMywxMTcuMTQ1LjEwMzEzczgxLjE2MzA4LTExLjc4NzczLDExNy4xNDUtLjEwMzEzYzM3LjMwMjA2LDEyLjEwNzQzLDYzLjY3MjI2LDQ2LjMyNTg1LDk0LjcyNDYsNjguOTIxNTcsMzEuMzYxNzcsMjIuODEyMjksNzEuOTUzNiwzNy40ODc2NSw5NC43NzYyMSw2OC44MzkwNywyMi41OTU3NSwzMS4wNTIzNCwyNC4xNDI3LDc0LjA3ODA4LDM2LjI1MDExLDExMS4zODAwN0M3NTMuMzE2MTUsMzIwLjkwNzQzLDc3Ny43NDc1MSwzNTYuNDU2MjYsNzc3Ljc0NzUxLDM5Ni4zMzY1WiIvPjwvZz48L2c+PGcgaWQ9IldhdmVzIj48ZyBjbGFzcz0iY2xzLTYiPjxnIGlkPSJnMzg0NyI+PGcgaWQ9InBhdGgzODQxIj48cGF0aCBjbGFzcz0iY2xzLTQiIGQ9Ik03MDguMDI5MywzNzcuMDI2NTljLTIyLjIxNDg0LDAtMzMuNDkxMjEtNS4zMTU0My00NC4zOTc0Ni0xMC40NTYwNi0xMS4wOTQ3Mi01LjIyOTQ5LTIxLjU3NTE5LTEwLjE2OTQzLTQzLjExODE2LTEwLjE2OTQzLTIxLjU0NDkyLDAtMzIuMDI2MzcsNC45NDA0My00My4xMjQsMTAuMTcwNDEtMTAuOTA2MjUsNS4xNDAxNC0yMi4xODM2LDEwLjQ1NTA4LTQ0LjM5MTYxLDEwLjQ1NTA4LTIyLjIwOSwwLTMzLjQ4MzM5LTUuMzE0OTQtNDQuMzg2NzEtMTAuNDU1MDgtMTEuMDk0NzMtNS4yMzA0Ny0yMS41NzUyLTEwLjE3MDQxLTQzLjExOTE1LTEwLjE3MDQxLTIxLjU0MywwLTMyLjAyMDUsNC45Mzk5NC00My4xMTMyOCwxMC4xNjk0My0xMC45MDMzMiw1LjE0MDYzLTIyLjE3NzczLDEwLjQ1NjA2LTQ0LjM5MjA5LDEwLjQ1NjA2LTIyLjIxNDg0LDAtMzMuNDg5MjUtNS4zMTU0My00NC4zOTI1Ny0xMC40NTYwNkMzMDIuNTAxNDcsMzYxLjM0MSwyOTIuMDI0NDIsMzU2LjQwMTEsMjcwLjQ4MSwzNTYuNDAxMWMtMjEuNTQ0NDMsMC0zMi4wMjYzNiw0Ljk0MDQzLTQzLjEyNCwxMC4xNzA0MS0xMC45MDYyNSw1LjE0MDE0LTIyLjE4MzEsMTAuNDU1MDgtNDQuMzkxNiwxMC40NTUwOHMtMzMuNDgyOTEtNS4zMTQ5NC00NC4zODY3Mi0xMC40NTUwOEMxMjcuNDgzODksMzYxLjM0MSwxMTcuMDA0NCwzNTYuNDAxMSw5NS40NiwzNTYuNDAxMXYtM2MyMi4yMTU4MiwwLDMzLjQ5MjY3LDUuMzE1OTIsNDQuMzk4LDEwLjQ1NywxMS4wOTMyNiw1LjIyOSwyMS41NzA4LDEwLjE2ODQ2LDQzLjEwNzQyLDEwLjE2ODQ2czMyLjAxNzA5LTQuOTM5NDUsNDMuMTEyMy0xMC4xNjg0NmMxMC45MDgyMS01LjE0MTExLDIyLjE4NzUtMTAuNDU3LDQ0LjQwMzMyLTEwLjQ1NywyMi4yMTQ4NSwwLDMzLjQ4OTI2LDUuMzE1NDMsNDQuMzkyNTgsMTAuNDU2MDYsMTEuMDkyNzgsNS4yMjk0OSwyMS41Njk4MywxMC4xNjk0Myw0My4xMTMyOCwxMC4xNjk0MywyMS41NDI0OCwwLDMyLjAyLTQuOTM5OTQsNDMuMTEyOC0xMC4xNjk0MywxMC45MDMzMi01LjE0MDYzLDIyLjE3NzczLTEwLjQ1NjA2LDQ0LjM5MjU3LTEwLjQ1NjA2LDIyLjIxNTgyLDAsMzMuNDkyMTksNS4zMTU5Miw0NC4zOTg0NCwxMC40NTcsMTEuMDkyNzgsNS4yMjksMjEuNTcwMzEsMTAuMTY4NDYsNDMuMTA3NDIsMTAuMTY4NDYsMjEuNTM2MTQsMCwzMi4wMTY2MS00LjkzOTQ1LDQzLjExMjMxLTEwLjE2ODQ2LDEwLjkwODItNS4xNDExMSwyMi4xODc1LTEwLjQ1Nyw0NC40MDMzMi0xMC40NTcsMjIuMjE0ODQsMCwzMy40OTEyMSw1LjMxNTQzLDQ0LjM5NzQ2LDEwLjQ1NjA2LDExLjA5NDczLDUuMjI5NDksMjEuNTc1MiwxMC4xNjk0Myw0My4xMTgxNiwxMC4xNjk0M1oiLz48L2c+PGcgaWQ9InBhdGgzODQzIj48cGF0aCBjbGFzcz0iY2xzLTQiIGQ9Ik03MDguMDI5Myw0MTkuMjc4NTRjLTIyLjQzODQ3LDAtMzMuODE4MzYtNS4zNjQyNi00NC44MjQyMS0xMC41NTE3Ni0xMC45OTAyNC01LjE4MDY2LTIxLjM3MjA4LTEwLjA3NDIxLTQyLjY5MTQxLTEwLjA3NDIxLTIxLjMyMDMxLDAtMzEuNzA0MSw0Ljg5MzU1LTQyLjY5ODI0LDEwLjA3NTE5LTExLjAwNDg5LDUuMTg3NS0yMi4zODU3NSwxMC41NTA3OC00NC44MTczOSwxMC41NTA3OC0yMi40MzI2MSwwLTMzLjgxMDU0LTUuMzYzMjgtNDQuODEzNDctMTAuNTUwNzgtMTAuOTkxMjEtNS4xODE2NC0yMS4zNzIwNy0xMC4wNzUxOS00Mi42OTIzOS0xMC4wNzUxOS0yMS4zMTkzMywwLTMxLjY5ODI0LDQuODkzNTUtNDIuNjg2NTIsMTAuMDc0MjEtMTEuMDAyOTMsNS4xODc1LTIyLjM4MDM3LDEwLjU1MTc2LTQ0LjgxODg1LDEwLjU1MTc2LTIyLjQzOSwwLTMzLjgxNjQtNS4zNjQyNi00NC44MTg4NC0xMC41NTE3Ni0xMC45ODg3Ny01LjE4MDY2LTIxLjM2NzY4LTEwLjA3NDIxLTQyLjY4Ny0xMC4wNzQyMS0yMS4zMjA4LDAtMzEuNzA0MSw0Ljg5MzU1LTQyLjY5Nzc1LDEwLjA3NTE5LTExLjAwNTM3LDUuMTg3NS0yMi4zODU3NCwxMC41NTA3OC00NC44MTc4NywxMC41NTA3OHMtMzMuODEwMDYtNS4zNjMyOC00NC44MTMtMTAuNTUwNzhjLTEwLjk5MDcyLTUuMTgxNjQtMjEuMzcyMDctMTAuMDc1MTktNDIuNjkyMzgtMTAuMDc1MTl2LTVjMjIuNDM5OTQsMCwzMy44MTkzMyw1LjM2NDc0LDQ0LjgyNDcxLDEwLjU1MjczLDEwLjk4ODc2LDUuMTc5NjksMjEuMzY3NjcsMTAuMDczMjQsNDIuNjgwNjYsMTAuMDczMjRzMzEuNjk0ODItNC44OTM1NSw0Mi42ODYtMTAuMDczMjRjMTEuMDA3ODItNS4xODgsMjIuMzg5NjUtMTAuNTUyNzMsNDQuODI5NTktMTAuNTUyNzMsMjIuNDM5LDAsMzMuODE2NDEsNS4zNjQyNSw0NC44MTg4NSwxMC41NTE3NSwxMC45ODg3Nyw1LjE4MDY3LDIxLjM2NzY4LDEwLjA3NDIyLDQyLjY4NywxMC4wNzQyMiwyMS4zMTg4NSwwLDMxLjY5Nzc2LTQuODkzNTUsNDIuNjg2LTEwLjA3NDIyLDExLjAwMjkzLTUuMTg3NSwyMi4zODA4Ni0xMC41NTE3NSw0NC44MTkzMy0xMC41NTE3NSwyMi40Mzk0NiwwLDMzLjgxOTM0LDUuMzY0NzQsNDQuODI0MjIsMTAuNTUyNzMsMTAuOTg5MjYsNS4xNzk2OSwyMS4zNjgxNywxMC4wNzMyNCw0Mi42ODE2NCwxMC4wNzMyNCwyMS4zMTI1LDAsMzEuNjk0MzQtNC44OTM1NSw0Mi42ODU1NS0xMC4wNzMyNCwxMS4wMDc4MS01LjE4OCwyMi4zOTA2My0xMC41NTI3Myw0NC44MzAwOC0xMC41NTI3MywyMi40Mzg0OCwwLDMzLjgxODM2LDUuMzY0MjUsNDQuODI0MjIsMTAuNTUxNzUsMTAuOTkwMjMsNS4xODA2NywyMS4zNzIwNywxMC4wNzQyMiw0Mi42OTE0LDEwLjA3NDIyWiIvPjwvZz48ZyBpZD0icGF0aDM4NDUiPjxwYXRoIGNsYXNzPSJjbHMtNCIgZD0iTTcwOC4wMjkzLDQ2OS43ODA0OWMtMjIuNjYyMTEsMC0zNC4xNDU1LTUuNDEyMS00NS4yNS0xMC42NDY0OC0xMC44ODY3MS01LjEzMTg0LTIxLjE2OTkyLTkuOTc4NTItNDIuMjY1NjItOS45Nzg1Mi0yMS4wOTY2OCwwLTMxLjM4MTg0LDQuODQ3NjYtNDIuMjcxNDksOS45Nzk1LTExLjEwNTQ2LDUuMjMzNC0yMi41ODg4NiwxMC42NDU1LTQ1LjI0NDE0LDEwLjY0NTUtMjIuNjU2MjUsMC0zNC4xMzY3MS01LjQxMjEtNDUuMjQwMjMtMTAuNjQ1NS0xMC44ODU3NC01LjEzMTg0LTIxLjE2ODk1LTkuOTc5NS00Mi4yNjU2My05Ljk3OTUtMjEuMDk1NywwLTMxLjM3Niw0Ljg0NjY4LTQyLjI2MDc0LDkuOTc4NTItMTEuMTAxNTYsNS4yMzQzOC0yMi41ODI1MiwxMC42NDY0OC00NS4yNDQ2MywxMC42NDY0OC0yMi42NjMwOCwwLTM0LjE0MzA2LTUuNDEyMS00NS4yNDU2LTEwLjY0NjQ4LTEwLjg4NDI4LTUuMTMxODQtMjEuMTY0NTUtOS45Nzg1Mi00Mi4yNjAyNi05Ljk3ODUyLTIxLjA5NjY4LDAtMzEuMzgyMzIsNC44NDc2Ni00Mi4yNzE0OCw5Ljk3OTUtMTEuMTA1LDUuMjMzNC0yMi41ODgzOCwxMC42NDU1LTQ1LjI0NDE0LDEwLjY0NTUtMjIuNjU2MjUsMC0zNC4xMzY3Mi01LjQxMjEtNDUuMjM5MjYtMTAuNjQ1NS0xMC44ODY3Mi01LjEzMTg0LTIxLjE2OTQzLTkuOTc5NS00Mi4yNjYxMS05Ljk3OTV2LTdjMjIuNjY0MDYsMCwzNC4xNDY0OCw1LjQxMzA5LDQ1LjI1MSwxMC42NDc0NywxMC44ODQyOCw1LjEzMDg2LDIxLjE2NTUzLDkuOTc3NTMsNDIuMjU0NCw5Ljk3NzUzczMxLjM3MjU2LTQuODQ2NjcsNDIuMjU5NzYtOS45Nzc1M2MxMS4xMDY5NC01LjIzNDM4LDIyLjU5MjI5LTEwLjY0NzQ3LDQ1LjI1NTg2LTEwLjY0NzQ3LDIyLjY2MjYsMCwzNC4xNDMwNyw1LjQxMjExLDQ1LjI0NTYxLDEwLjY0NjQ5LDEwLjg4NDI4LDUuMTMxODQsMjEuMTY1LDkuOTc4NTEsNDIuMjYwMjUsOS45Nzg1MSwyMS4wOTQ3MywwLDMxLjM3NTQ5LTQuODQ2NjcsNDIuMjYwMjYtOS45Nzg1MSwxMS4xMDE1Ni01LjIzNDM4LDIyLjU4Mi0xMC42NDY0OSw0NS4yNDUxMS0xMC42NDY0OSwyMi42NjQwNywwLDM0LjE0NjQ5LDUuNDEzMDksNDUuMjUxLDEwLjY0NzQ3LDEwLjg4NDc3LDUuMTMwODYsMjEuMTY2LDkuOTc3NTMsNDIuMjU0ODgsOS45Nzc1M3MzMS4zNzIwNy00Ljg0NjY3LDQyLjI1OTc3LTkuOTc3NTNjMTEuMTA3NDItNS4yMzQzOCwyMi41OTE4LTEwLjY0NzQ3LDQ1LjI1NTg2LTEwLjY0NzQ3LDIyLjY2MjExLDAsMzQuMTQ1NTEsNS40MTIxMSw0NS4yNSwxMC42NDY0OSwxMC44ODY3Miw1LjEzMTg0LDIxLjE2OTkyLDkuOTc4NTEsNDIuMjY1NjIsOS45Nzg1MVoiLz48L2c+PC9nPjwvZz48L2c+PGcgaWQ9IndRakxzNS50aWYiPjxwYXRoIGNsYXNzPSJjbHMtNyIgZD0iTTY5Ljk3MjkxLDM5Ni4wODE3MkM3MC42NDQ2LDIxMy45NDkxOCwyMTYuMjc5MDYsNzAuNTY3MTcsMzkyLjUxODIsNjcuNTI5MDVjMTg3LjIyODE5LTMuMjI3NTcsMzMyLjgzNCwxNDYuOTM4MTIsMzM0Ljk5NjA4LDMyNC4yMzgsMi4yNTAxNywxODQuNTIyNDQtMTQ2LjE1ODkzLDMzMy4zMzkyMS0zMjguNDExNzgsMzMzLjQzNTYxQzIxNy4yMjMsNzI1LjI5ODg2LDcwLjI5NzMsNTc4LjQ2MDYxLDY5Ljk3MjkxLDM5Ni4wODE3MlptNjI4Ljg1ODU4LjEwNTg4Yy4wODctMTY1LjAyOTE0LTEzMi42ODY0MS0yOTguMDk1OTMtMjk2LjMwODU5LTMwMC4wMjE5NEMyMzMuMTI4NzIsOTQuMTcxNzEsOTguNDU5MzQsMjMwLjYyNzc0LDk4LjY3NDYxLDM5Ni41Njk4QTI5OS43NTk1OCwyOTkuNzU5NTgsMCwwLDAsMzk4Ljg4Mzg2LDY5Ni41NTk2NkM1NjUuNDQwMiw2OTYuNTAzLDY5OS4xMTM0Miw1NjEuNDg3MzgsNjk4LjgzMTQ5LDM5Ni4xODc2WiIvPjxwYXRoIGNsYXNzPSJjbHMtNyIgZD0iTTQxMi41MTY3OCw0MjAuODM1NDRxMCwyNy43NzM1MS4wMDAxMSw1NS41NDdjLjAwMDA5LDQuNTE1NzkuMDQ3ODksNC41MDk4Niw0LjUzNTYxLDQuMzE3MTNhMTY1LjE3MzI5LDE2NS4xNzMyOSwwLDAsMCwyOS40ODctNC4yOTgxYzE2LjAzNTQzLTMuNjM3MiwyNy43MzEzNS0xMy4xOTAxNiwzNi44NC0yNi40MTM2NC44OTktMS4zMDUxOS45NDY0Ny0yLjE3NTgzLS45NDgyLTIuNzI2MzgtNi4zNzU1Ny0xLjg1Mjc2LTYuNzc0ODEtMy41NDYxMi0xLjk1MzQ1LTguMjEwMjlxMTEuNDMxNi0xMS4wNTg4NCwyMi45NjI4NC0yMi4wMTQ3MmMyLjk4MS0yLjg0ODYyLDUuNjg1MTMtMi4yMDY4NCw2LjY3Mjg4LDEuNzI1cTQuMDA3NzYsMTUuOTUyODksNy43OTcsMzEuOTYwNGMuODc4ODIsMy43MDM1My0xLjgzODQ1LDYuMjUyMTgtNS41NzQzOSw1LjQxNzg1YTEyLjE2Nzg2LDEyLjE2Nzg2LDAsMCwxLTEuODI2Ny0uNTQ1OWMtMS44NTIyNC0uNzMzODktMi45ODIzLjAyMDktMy44NzE4OCwxLjY0OTgxYTEzMy44MjczNiwxMzMuODI3MzYsMCwwLDEtMTIuNTc4MjgsMTkuMzE3NGMtOS40OTUyNCwxMS45MzktMjAuNzMzMDcsMjEuODY5MjYtMzQuMjE4LDI5LjAwMzcxLTEwLjExMjYsNS4zNTAyMy0yMC4zNzA5LDEwLjUwMzMtMzEuNTMsMTMuNDYyM2EzNi41NTk1MSwzNi41NTk1MSwwLDAsMS04LjE5OTE0LDEuNDQ1Yy0yLjUwNDYyLjA3OC00LjI2MTY1LDEuMzU3NzUtNS45NDA3NSwzLjAzNTk0LTMuNzc5MjcsMy43NzcxMy03LjYyODcsNy40ODQ1Mi0xMS40Nzc5NSwxMS4xOTA4cS0zLjk1OTM2LDMuODEyMTktNy45MzE1NC0uMDU1ODMtNi40MjM3My02LjI2NzI5LTEyLjc3NjQyLTEyLjYwN2E2Ljc4OCw2Ljc4OCwwLDAsMC0zLjY4MDQ2LTEuOTk0NjVjLTIwLjgwMzYyLTQuMDY0LTM4Ljc3MjM1LTEzLjkyNjMzLTU0Ljk2Mzg2LTI3LjI1MDI1QTEyMi43Mjk2NiwxMjIuNzI5NjYsMCwwLDEsMjkyLjI1Niw0NTMuODI4NjljLTEuNzkyNTItMy40NjctMy43MjQ1Ny00LjMzMjEtNy42Mjk3NS0zLjU2MjM0LTMuODc5Ljc2NDYxLTUuOTE1MjktMS4zODAyMy00Ljc0NjI5LTUuMTQ0NTdxNS4xMDEwOC0xNi40MjU1NiwxMC4zMjE5MS0zMi44MTM4MmMuOTUwNjUtMi45ODc1NiwzLjgwMzQ3LTMuNjExLDUuOTM1MjgtMS4yOTQ1MnExMS45NzY5MywxMy4wMTQ2MywyMy44NzcxMiwyNi4wOTk5M2MyLjE1MDc4LDIuMzU3NjUuOTA3MTgsNS4zODE1Ny0xLjk0ODkyLDUuNjg1NzNhMTYuMDc2MjMsMTYuMDc2MjMsMCwwLDAtMS44NTUxNC40NTM2N2MtMS44ODI0Ny40MzQxOC0yLjAzMDE2LDEuNDE2NzctMS4wOTE1NSwyLjk2NDc5YTY4LjE0NTcxLDY4LjE0NTcxLDAsMCwwLDE5Ljc4NjQ4LDIxLjQzOTY4YzQuMzkzNDQsMi45OTEzNiw5LjY2NjQ3LDQuNDUxMTMsMTQuNzk3NjgsNS44ODY3OGEyMDMuNzg0ODksMjAzLjc4NDg5LDAsMCwwLDM1LjIyNDIsNi40MTkxNWMyLjQ2NjY4LjI0MDUyLDMuMjQ3MjQtLjQzNjI2LDMuMjYxNDItMy4xMjU4My4wMzE1Mi01Ljk4NTUuMDEwMTgtMTEuOTcxMjYuMDEwMTgtMTcuOTU2OTNxLjAwMDA4LTQ2LjkyNzU5LS4wMDAyNC05My44NTUxOWMtLjAwMDA2LTMuNTk3MzMtLjIzNzA1LTMuODUxNTMtMy43MjIzNS0zLjg1NDU0LTcuODk3MjEtLjAwNjc4LTE1Ljc5NS4wNDcyNC0yMy42OTEzNy0uMDMxNzJhMTIuNDI1MTcsMTIuNDI1MTcsMCwwLDAtNi41Mjk4NCwxLjg3OTg5Yy01LjQ3MDc5LDMuMTU4NDItMTAuOTAzNDksMi41MTMtMTUuNjA2Ni0xLjcwMjI4LTMuOTUzNTktMy41NDM2LTUuMDktOS42NDMxLTIuNzg4LTE0Ljk2MzU1LDIuOTU5MjYtNi44MzkyNywxMi4xNDY0MS05LjY0NzY3LDE4LjQxOTI1LTUuNTg5MzhhMTEuMzcxMzUsMTEuMzcxMzUsMCwwLDAsNi41MDYxNiwxLjk0MTQ3YzcuOTc4NTctLjA3ODU3LDE1Ljk1ODQtLjAyMjgsMjMuOTM3NzItLjAzMzE0LDMuMDM2ODMtLjAwMzk1LDMuNDY0NjMtLjQ0MjQyLDMuNDczNjEtMy40NTYyNi4wMDc4My0yLjYzMzY2LS4xMTYzOC01LjI3NDQxLjAzOTc4LTcuODk4OC4xMjAwNy0yLjAxNzE5LS43NDQ0My0zLjAwNjg1LTIuNTE1NDQtMy43NjUyNC03LjI5MjMtMy4xMjI1OC0xMy43Njg4OC03LjM0MjI4LTE4LjAxMzkzLTE0LjMwMjEtMTQuNzg5NjMtMjQuMjQ3OS0uMTkzNDEtNTEuNTY2MzYsMjQuMDQ2NDUtNTYuNDAwNzNhMzcuMTI4NzYsMzcuMTI4NzYsMCwwLDEsNDAuMTc3NTIsMTkuNTc4MDZjOC4xNDMzMywxNi4zNDg1NSw0LjE2MjQ0LDM4Ljk4MDI5LTE1LjcwNDQxLDQ5LjA5MjEyLTIuNzg0LDEuNDE3LTQuMDg5MjcsMy4wOTQtMy43NzE1OCw2LjI5ODA3YTcyLjQ4NjMyLDcyLjQ4NjMyLDAsMCwxLC4wNDE0Miw4Ljg1MjE5Yy0uMDM0NzMsMS40NTA1LjU1NzQzLDIuMDE2LDEuOTYzMTMsMi4wMTI3MSw4LjE0MS0uMDE4OTEsMTYuMjgyMS0uMDA2ODQsMjQuNDIzMTUtLjAxMjg2YTcuMzM3NTIsNy4zMzc1MiwwLDAsMCwzLjkxMzQ1LTEuNjIzMTEsMTIuODgzNDYsMTIuODgzNDYsMCwwLDEsMTYuMDY5LDEuMzQwMDYsMTMuNTI1ODEsMTMuNTI1ODEsMCwwLDEsMi40NTg0OSwxNS44NTg1NCwxMy4yNDg4NiwxMy4yNDg4NiwwLDAsMS0xNC45MjE1LDYuMjc1MzYsMy4zOTkzOSwzLjM5OTM5LDAsMCwxLTEuMzI0NDEtLjUxNzExYy00LjA3NjYtMy40NjUxMi04LjkzODI1LTIuNzYyOTQtMTMuNjcwODYtMi41NDU2MWExNDUuMTgyLDE0NS4xODIsMCwwLDEtMTYuMDEyMDcuMTUxMTNjLTIuMzU4NjktLjE1MjA5LTIuOTMzMTYuNzA2ODUtMi45MjM1NywyLjk2MkM0MTIuNTUxMzMsMzgzLjMyNTE1LDQxMi41MTY4MSw0MDIuMDgwMzcsNDEyLjUxNjc4LDQyMC44MzU0NFpNMzk5LjAxMzM3LDMxMi4wODAzNmM5Ljk5ODgyLjI0MjQ4LDE4LjQxNzA2LTguMTc3ODcsMTguNjYzNzEtMTguNjY4MzdhMTguODcwNzYsMTguODcwNzYsMCwwLDAtMzcuNzI4NDItLjk2MDQ2QzM3OS42MzE1LDMwMy42OTI1OCwzODcuNTA3MiwzMTEuODAxMzUsMzk5LjAxMzM3LDMxMi4wODAzNloiLz48cGF0aCBjbGFzcz0iY2xzLTciIGQ9Ik0yMDkuMDUyOTQsNTM3LjAyNzU4Yy00LjE3MTE1LDIuNjU4MzgtNy43MTUzNyw2LjEwNDc5LTExLjU1MTE0LDkuMTg0ODEtLjYyMDU5LjQ5ODI4LTEuMjM3MzUsMS4wMDU2OC0xLjg5MjQyLDEuNDU1NjdhMi43MjU2OCwyLjcyNTY4LDAsMCwxLTMuMzY1NzcuMDU0NDMsMTYuNDYwMDYsMTYuNDYwMDYsMCwwLDEtNS4xOTY2Ny02LjY5Mzg2Yy0uNjMxNjYtMS42NTQyMi44MTY2NS0yLjc3MjMzLDEuOTgzNDgtMy43MTc4LDUuMzIwNS00LjMxMSwxMC42OTI3NS04LjU1ODIsMTYuMDA0NDgtMTIuODc5ODZxNi4yMDQ1Mi01LjA0ODI1LDEyLjI5NzEtMTAuMjMyOTVjMS42MTYxNC0xLjM4MDY2LDMuMDIyODYtMS41NzE0OSw0LjU0OTQzLjA0NTg0Ljc2MzMyLjgwODcyLDEuNjQzNDksMS41MDU4NCwyLjQzODQ3LDIuMjg2MzIsMi40NTI0NCwyLjQwNzg3LDIuNzQ2LDUuMTE1MjUsMS40NjgzOSw4LjI4My0yLjEzMTQxLDUuMjg0NTUtNC4wNDc2OSwxMC42NTU4Ni02LjE2ODc1LDE2LjI5NDM1LDUuNTYwMjgtLjgsMTAuODI0MDctMS41MDI1NiwxNi4wNjg0NC0yLjMyODQ3YTEwLjM1OCwxMC4zNTgsMCwwLDEsMTAuOTkwMzQsNS40MDYxNWMxLjAyMDIxLDEuOTIzMTUuMzQ2NzcsMy4yODg2Mi0xLjIwNDIxLDQuNTM5MzNxLTEwLjY4OSw4LjYxOTI2LTIxLjMzNDY3LDE3LjI5MjI2Yy0yLjQwOTIzLDEuOTU3NTItNC43NjQ1NiwzLjk4MjU3LTcuMjAzMjIsNS45MDIyMi0yLjgyMDc0LDIuMjIwMzEtMy45MDUyOCwyLjAzNjYyLTYuMDQ0LS43Njg0NS0uNzctMS4wMDk4OS0xLjU4Mzc3LTEuOTkwODQtMi40MzIxNi0yLjkzNi0xLjc5OTQ0LTIuMDA0NTktMS43NDgyMi0zLjUzODIuMzQtNS4yNjE4NywzLjQ5OTUxLTIuODg4NjcsNy4wNDQtNS43MjI4NSwxMC41NTU5NC04LjU5NjU2LjUxMDQ1LS40MTc2NiwxLjQ4MjY0LS43NDM2NSwxLjE0ODEzLTEuNTI5OC0uMjg1NjQtLjY3MTM0LTEuMjQ5MTQtLjU5MjA2LTEuOTQ3LS41NDctMS41ODcxMy4xMDI0Mi0zLjE3MTk0LjI2MjMyLTQuNzUyMTQuNDQ2NDgtNS4yNzIzNS42MTQzOS04LjM5NjY3LTMuMTAzODEtNi44MTE4NC04LjE1MjQxLjc2MDg3LTIuNDIzODksMS41NzQzNy00LjgzMTIzLDIuMzYyNDUtNy4yNDctLjAwMDc2LS4xNzQ4LjAwMDA1LS4zNDg1NS4wMDA4Ni0uNTIyMzdaIi8+PHBhdGggY2xhc3M9ImNscy03IiBkPSJNMTI0LjgzOTQzLDQwMC42MTgyMWE0OS45MzE1LDQ5LjkzMTUsMCwwLDEsOS4yODQyNywzLjk3NDU2YzE2LjM3OTEsOC4zMTUzOCwzMy43Nzc2NiwxMC4xNDE1Nyw1MS43OTcyMSw4LjcxNzY2LDExLjYzNzE4LS45MTk1MSwyMi4zOTI3OC00LjU5NzksMzIuNzU1NDMtOS42OTc2MmExMDAuMzQ3LDEwMC4zNDcsMCwwLDEsNDMuNjQ0MjMtMTAuODE5MDljMTYuMjkzODItLjIwMDUzLDMxLjczODE3LDIuNjUyNTYsNDYuNDA5MjEsOS44OTcyNyw3Ljk2ODc0LDMuOTM1LDE2LjEzMzMsNy41MDQsMjQuOTYyNDgsOS4yMTY1YTExNC44MDcyLDExNC44MDcyLDAsMCwwLDMwLjIyMDI0LDEuNDY3MzcsODMuMDc3NzUsODMuMDc3NzUsMCwwLDAsMTYuNDM3MjgtMi45MDU0OGMxLjIyMTgyLS4zNDExNiwxLjQ4MTE1LS4wMTgzOCwxLjUzOTg4LDEuMTY5NjIuMTkxMzksMy44NzQuMjYzMTMsMy45OTYtMy40MTk2NCw0Ljc2MjMzLTIyLjYzOTc4LDQuNzExMzgtNDQuNzYwOTUsMy44MTc2Mi02Ni4wMTc2Ni02LjI0MTgzLTUuMTAxLTIuNDEzOTItMTAuMTQxMjItNS4wMTg5My0xNS40MTI1NC02Ljk5Mzg1YTc1LjAwOTExLDc1LjAwOTExLDAsMCwwLTE4LjI5MzA5LTQuMjg4NzFjLTEzLjcyNjY0LTEuNDczMTktMjcuMzg1NjEtMS4yMDA5LTQwLjc3MzM4LDIuNjczNC03LjA1NjEzLDIuMDQyLTEzLjY2MDQ0LDUuMjQwMDctMjAuMjY3NjMsOC4zNjQ0YTkyLjY4NTgyLDkyLjY4NTgyLDAsMCwxLTM3LjU1Mjg2LDkuMDQzMTNjLTExLjYxOTkyLjMxODEyLTIzLjA0OTE2LS41MDktMzQuMjAwNDEtMy45NTY4LTYuOTMzNTctMi4xNDM3OS0xMy40MDI3NS01LjQxODYxLTIwLjAyNzYtOC4zMTMwNmExLjUzODM1LDEuNTM4MzUsMCwwLDEtMS4xMDE3MS0xLjYxODU5QzEyNC44ODMyOSw0MDMuNjQzMTgsMTI0LjgzOTQzLDQwMi4yMTI1NiwxMjQuODM5NDMsNDAwLjYxODIxWiIvPjxwYXRoIGNsYXNzPSJjbHMtNyIgZD0iTTQ2NC40OTg3MSwxNjMuOTY5MThjLS4yNjcyMiw2LjA3NTE4LTIuMDcyMTQsMTEuMjcyNDItOC4wOTUyMSwxNC4wMTM0NS0xLjc4NzI2LjgxMzM3LTIuMTEwMzgsMi4wMDEzNi0xLjUyNjcsMy44NDg2NCwxLjI5MDU1LDQuMDg0NTIsMi40Mjg4Miw4LjIxOSwzLjU0NjY5LDEyLjM1NTQ4LjYxMTEsMi4yNjExOC0uMDk1NzQsMy4zMDUwNi0yLjQxOTg1LDMuMTMyNDktNi4zMjI3Mi0uNDY5NTEtOC45MDAzNi0uMzI3NTktMTEuMTAwODQtNy42NjY2LS44NDMxNi0yLjgxMjExLTEuODAyNjctNS41OTY1NC0yLjQ4ODY2LTguNDQ2NjUtLjc1NjgzLTMuMTQ0MjYtMi42NzUxNS0zLjUwODkyLTUuNjM3MjgtMy4zOTY4Mi0xLjAwNzU0LjAzODE1LTEuMTY4NTguODA0ODUtMS4zMzczOCwxLjY2MDk0LS41MzksMi43MzM1LTEuMTE0MjcsNS40NjM0NS0xLjc5OTQ1LDguMTYzMzMtLjU1MDc2LDIuMTcwMTgtMS42MTk4OSw0LjExODYyLTQuMDQ2Nyw0LjUyMjVhOS41MTc3LDkuNTE3NywwLDAsMS03LjU3Ny0yLjEwMDg5Yy0xLjMwNDkzLTEuMDMwNjQtLjcyMzQ3LTIuNjc4ODEtLjQ1Njc3LTQuMDU0NzdxMi44NjI0Mi0xNC43Njc0Myw1LjgwMDg0LTI5LjUyMDExYy41NTQyMS0yLjgwNywxLjA5My01LjYxNzY3LDEuNzA0NjQtOC40MTIyNy4zNDUxLTEuNTc3LDEuMjY0NjUtMi42NTM3NSwzLjAzNjIxLTIuMzE1MDYsOC40MTgwNywxLjYwOTI5LDE3LjA0MDg2LDIuNDk2NjIsMjQuOTMxMjYsNi4xMjgyN0M0NjEuOTI5NzcsMTU0LjEzNTEzLDQ2NC40NzMzNywxNTguNjE0LDQ2NC40OTg3MSwxNjMuOTY5MThabS0yNi40MDkwOC0xLjAxOTQ2Yy0uMTkwMzQsMy4yNzM3NywxLjk5NjY5LDUuODc2MzEsNS41MTI0Miw1LjQxNGExMy40MjQsMTMuNDI0LDAsMCwxLDMuMDU2MDYuMjE0ODNjMi4wNjM1MS4yMDY1MSwzLjk2MS0uMzU4MjYsNC44OTQyNC0yLjUyNjcxYTQuMTIwNTQsNC4xMjA1NCwwLDAsMC0xLjEzNDIxLTUuMTU0NDgsMTAuNzI3MTcsMTAuNzI3MTcsMCwwLDAtNy42OTczMS0yLjYwODU2QzQzOS41NTU3MywxNTguMzU0MDcsNDM4LjA3NTUxLDE1OS44NDAyNSw0MzguMDg5NjMsMTYyLjk0OTcyWiIvPjxwYXRoIGNsYXNzPSJjbHMtNyIgZD0iTTM0Mi4yODMxLDYyMi41MDcxOGMxLjQzNzY4LTUuMzgxOSwyLjg4NjU2LTEwLjc2MDg3LDQuMzA5My0xNi4xNDY3NCwxLjA4MjUtNC4wOTc3NSwyLjIyMDU5LTQuNzUxNDIsNi4zNDczNi0zLjU3NTE0LjYxMy4xNzQ3NCwxLjIyNjc5LjM0NjU3LDEuODQwMTQuNTIsNC4zMzYxMiwxLjIyNiw0Ljg1NDY5LDIuMTUzMzIsMy42MTkyNSw2LjUxLTIuNzU4NjksOS43Mjg0LTUuNTM3NjIsMTkuNDUxLTguMjY4MjgsMjkuMTg3Mi0uNTM2MjksMS45MTIxNS0uODk3MjksMy44NzM3MS0xLjMyOTc4LDUuODE0NThhMi4yODQ2OCwyLjI4NDY4LDAsMCwxLTIuNjg5MjMsMi4wNjE3Yy02LjQ4NTQ5LS40ODEzMy04LjA5NC0xLjQ5NDItOS43ODA2OC03LjA0NzI4LTEuODE4NTEtNS45ODcxLTMuOTk4MzgtMTEuODY0Ny02LjA0MTYzLTE3Ljc4MjgyYTIzLjM3NjgzLDIzLjM3NjgzLDAsMCwwLTEuMTM2Ny0yLjI1MjNjLTEuMzgwMDYsNS4wODQ5LTIuNjgyNzcsOS41MzE3My0zLjc4NTQzLDE0LjAyNzYyLTEuODA2NSw3LjM2NTYxLTIuNDgzNDMsNy4wNjk3Mi04Ljg1OTY1LDUuMjczNS00LjA0ODM2LTEuMTQwNS00LjY2NTktMi4yMDEyLTMuNDg2NzMtNi4zNDQ5LDMuMzExNDUtMTEuNjM2ODgsNi45MzY2OS0yMy4xODksOS41OTgzOC0zNS4wMDI2YTIuNTQ2NjIsMi41NDY2MiwwLDAsMSwzLjAyNi0yLjI3NTY4YzUuNjM1MTQuMzA4OCw3LjczOTksMS44ODkxMiw5LjUxNjQ5LDcuMjM1NjVxMy4yOTQzMSw5LjkxMzgxLDYuNjA0MTgsMTkuODIyNDlaIi8+PHBhdGggY2xhc3M9ImNscy03IiBkPSJNNTc4LjYwMDg0LDUxNi45MTY4YzguMTU5NTkuMjIxNCwxMy43NDI5Miw1LjMwNDQ5LDE0Ljc2MTg5LDEyLjkwNTEyLjU1NzA4LDQuMTU1NDUuNzAxMzIsNC4yMzg2NSw0Ljk3Nyw0LjkzNTEyLDMuMzgxNzUuNTUxLDYuNzQ5LDEuMjAyMywxMC4xMDUyLDEuODk0MjEsMi4zNjkwOS40ODg0LDIuNzQwNDIsMS4zMjEsMS42MzYzMiwzLjQ4ODIxLTIuNTIzMTUsNC45NTI2LTYuMzc2MTUsOC41NTMyOS0xMy4xNDQ2Miw2LjE5Mjg0YTQzLjA4NzE3LDQzLjA4NzE3LDAsMCwwLTcuMDA0MzMtMS40NzE0MSw0LjYwNjgzLDQuNjA2ODMsMCwwLDAtNS4xMzEzOSwzLjU5MDkzYy0uMjgwNDYsMS4xNDEuNjA5MzUsMS4zOTA1NSwxLjE1MDM1LDEuODM0LDIuNDU3MDksMi4wMTQwNiw0Ljk2NDkzLDMuOTY2NjcsNy40NjksNS45MjI3M2EyLjk0MjQyLDIuOTQyNDIsMCwwLDEsLjY3ODgxLDQuNDAzNCwzNS4yNDY0NCwzNS4yNDY0NCwwLDAsMS0zLjMwNzA5LDQuMzU0NjNjLTEuNzU5NCwxLjkwNDA5LTMuMTM1LDEuOTg3NDYtNS4yMjUyMi4zNzAxOS00LjUyNDYxLTMuNTAwNTQtOC45NzU4NS03LjA5NTc0LTEzLjQ4NTItMTAuNjE2MjhRNTY1LjAzODczLDU0OS4yMjIsNTU3LjkzNzIsNTQzLjc5OWMtMy42MzAzNS0yLjc1ODUzLTMuODk5My00LjI2OTg3LTEuMDkyMzUtNy44MjYsMy40OTU2NS00LjQyODY1LDYuOTM3MS04LjkwNjA2LDEwLjU4NzUtMTMuMjA0ODZDNTcwLjQ3MTU0LDUxOS4xODkwOSw1NzQuMjIyMTYsNTE2LjczODQ5LDU3OC42MDA4NCw1MTYuOTE2OFptMy42MjY1LDE2LjE1MTg4Yy4wODY5NC0yLjc4OTQtMy4zNTQyMi01LjE0NzQtNS40MzgxNy0zLjk0NTFhMjAuMTQ2NjQsMjAuMTQ2NjQsMCwwLDAtNi42OTA4OCw2LjMxOTY0Yy0uMzc3NjQuNTYzODItLjYzMjIxLDEuMTY2NzUtLjEzNzA1LDEuNzQ2NDJhMjMuMzQ3LDIzLjM0NywwLDAsMCw1LjMzMTI5LDQuNjgyLjg4MTg0Ljg4MTg0LDAsMCwwLDEuMTAxMTctLjE0NzYyQTIwLjc0OCwyMC43NDgsMCwwLDAsNTgyLjIyNzM0LDUzMy4wNjg2OFoiLz48cGF0aCBjbGFzcz0iY2xzLTciIGQ9Ik0zMzkuMTA2NjgsMTUzLjY0NDMyYy4xMTM2My0yLjc0MjkxLDEuNTk1NTItMy42MTIwNywzLjU3OTY0LTMuOTI5LDUuMDI2ODQtLjgwMzEzLDEwLjA2MzU3LTEuNTQ2NDYsMTUuMDgzNzgtMi4zODg2MSwzLjQ0OS0uNTc4NTgsNi44NjM1NC0xLjM2ODE5LDEwLjMxNzkxLTEuOTA2ODEsMy41OTkwNy0uNTYxMTQsNC4yOTA4My4wMTMyMiw1LjAwMTgyLDMuNjA0NTgsMS4yMDY1OSw2LjA5NDY4Ljk0NDY4LDYuNDMzLTUuMzAwMjEsNy4zNzYxOC00LjAwNzIxLjYwNTE3LTguMDA3MjgsMS4yNjA2NS0xMi4wMDI3MywxLjkzOTM1LTIuMjQ0MjcuMzgxMi0zLjEyMDgxLDEuNTcwNzEtMi44MDcyMiwzLjYzNDMzLjQxNjY2LDIuNzQxODcsMS4xNTksMy40NjExMywzLjczNjQxLDMuMDYxMTMsNC4xNjIxMS0uNjQ1OTIsOC4zMDYxNi0xLjQyMTUxLDEyLjQzOTYzLTIuMjM0ODIsMy41NTg4Ny0uNzAwMyw0LjYzNC0uMTAwODEsNS40Njk5NCwzLjM4MzU2LjE4NDczLjc3LjIzMzU1LDEuNTcxOTIuMzYwMzYsMi4zNTY2NC41MjA2OCwzLjIyMTg3LS4zMTAzNyw0LjQ2NS0zLjQxODA5LDQuOTg5MTgtNC4wMDE2Mi42NzUtNy45OTUyLDEuNDI1NDEtMTIuMDE4NTcsMS45MzU5NS0zLjg5OC40OTQ2My0zLjkwNjQxLDEuOTQ4NjYtMy4xNDQyOSw1LjU4MDIuNDA1OTQsMS45MzQyOSwyLjIzMzM3LDEuNzgzODQsMy43NTkyOCwxLjUyMTM4LDQuNjk5MzEtLjgwODIxLDkuMzg0NjItMS42OTc1MSwxNC4wODEzMy0yLjUyMTM1Ljg1NzQ4LS4xNTA0MiwxLjc0MzI2LS4xMzc3MiwyLjYxNTUxLS4yMDY1NmEyLjQyNjUzLDIuNDI2NTMsMCwwLDEsMS43NTUzNi42MzczMWMuNTc3NzcuNDc1NzMsMi4wMTY1MSw3LjYxMDc3LDEuNjgxMDUsOC4yNDUtLjYzNTYsMS4yMDE1OS0xLjg1MzU2LDEuNDU4NDgtMy4wMTM3OCwxLjY3MDIyLTcuOTcsMS40NTQ2My0xNS45NDczOCwyLjg2ODQxLTIzLjkyMjY0LDQuMjkzNzYtMS4wMTYyLjE4MTU5LTIuMDMxLjM3NDA1LTMuMDUxNjguNTI2ODMtMy4xNTk5NS40NzMtNC4wNTE0My0uMTEtNC41OTctMy4yMjI5My0xLjYzMzc2LTkuMzIyMjYtMy4yMjIzMS0xOC42NTI0NC00LjgyNzI3LTI3Ljk3OTc2QzM0MC4yNjU0MiwxNjAuNDA3OTMsMzM5LjY0OSwxNTYuODA1MjgsMzM5LjEwNjY4LDE1My42NDQzMloiLz48cGF0aCBjbGFzcz0iY2xzLTciIGQ9Ik00OTQuNjY5MTEsNjIyLjI5MjA5Yy4wNjg2NCw2LjIwODc0LTMuMzA3ODcsMTAuNDM3NDQtOC4wMDU0OSwxMy44OTM3My03LjY3Njc2LDUuNjQ4NDMtMTguMTE4LDUuNzU2MjQtMjUuMTQ4NTMuMjkwNjMtMi43NDc2MS0yLjEzNi00LjMxMDM1LTUuMTE4MzUtNS41ODIyMi04LjIwMzUxYTY5LjQwNjEzLDY5LjQwNjEzLDAsMCwxLTMuNzQxOC0xMi41Mzk3OWMtMS4wODI1NS01LjI4NTM3LjUxOTE0LTkuODk0OSw0LjEzMTEtMTMuODQ0NzRhMjMuNjYyNjUsMjMuNjYyNjUsMCwwLDEsMjQuOTYyNjMtNi4wOTcsMTQuMTIzMjQsMTQuMTIzMjQsMCwwLDEsNi44MDUzNiw1LjQyMzc1YzEuMDcxNTMsMS41NTg4LjY5MzYsMi43NjgtMS4wMzU0OCwzLjM2NzYtNC4xMzE0MiwxLjQzMzExLTguMTY5OTQsMi44NjAxNC0xMi43MDIwNi45NTMyNGE3LjQ2NDA2LDcuNDY0MDYsMCwwLDAtMTAuMjQ0MDksNy44NjcwNSwyOC41OTU4MSwyOC41OTU4MSwwLDAsMCw1LjA1ODEsMTMuNzM2NjVjMS44Mjk4OCwyLjU1Miw0LjQ1NDc3LDMuMTY1MzcsOC4xMjc2NiwyLjAzNjE2LDMuMDU2NTgtLjkzOTg2LDUuNTc0MjctMy43ODE2NCw1LjY1ODM4LTYuNDI4OTIuMDQwODctMS4yODYxMy0uNjA4My0xLjk0NjQ3LTEuOTA4MzUtMS43OTQ1OGE4LjgyNjM0LDguODI2MzQsMCwwLDAtMS4zNDE1Ni40NzA1Nyw2LjQwMzkzLDYuNDAzOTMsMCwwLDEtMS44NDQ3LjQ0MTY5Yy0zLjg1MTc3LS4wOTI2MS0yLjk4MTE5LTMuNzQwNjYtNC4xOTI2Ny01Ljc4Nzg3LS44NDU2MS0xLjQyOS0uNjQyNTgtMy4xNTQ2MiwxLjExOC0zLjgzODExLDQuMzU2NDktMS42OTEyOCw4Ljc2ODY3LTMuMjQ5NjIsMTMuMjA3OTEtNC43MTEyNmEyLjY3LDIuNjcsMCwwLDEsMy4zMjA5MiwxLjY5ODgyQTMzLjc3ODI5LDMzLjc3ODI5LDAsMCwxLDQ5NC42NjkxMSw2MjIuMjkyMDlaIi8+PHBhdGggY2xhc3M9ImNscy03IiBkPSJNNTExLjgyLDQ2MS4zMDc1NGExMTMuMTAwMywxMTMuMTAwMywwLDAsMCwxOS41NzAwNywyLjAxMTY2YzE0LjQ3MDcyLjIzODEyLDI4LjMyMi0yLjM0NjQ4LDQxLjQxNzg1LTguNzMxMTMsMTEuMjY1LTUuNDkyMDcsMjIuNzkyNTUtMTAuMjMxNDgsMzUuNDQ3MS0xMS41NDc5LDE5LjE3ODI4LTEuOTk1MDksMzcuODE3LS4zMzUyOSw1NS41MDg0OCw3Ljk0MDQyLDEuMTA5NzcuNTE5MTMsMy4wNDU1MS43NjQ3OSwzLjA1MDQ4LDEuOTMyMTJhMjAuNjI3NDIsMjAuNjI3NDIsMCwwLDEtMS4zMDY4Niw2LjI3MDY5Yy0uMzIzMS45OTU5Mi0xLjE5OTcuMTM1MS0xLjc2MjM5LS4xMDkzNi02LjY5NzQ5LTIuOTA5MzQtMTMuMzU3MzgtNS44NzI1NS0yMC41ODI3Mi03LjM1NS0xMC4zOTI4LTIuMTMyMy0yMC44NTM3Mi0yLjI5MjA4LTMxLjM3OTk0LTEuNTY0MzYtMTIuMDYwMzUuODMzNzItMjMuMTMsNC45MjA3MS0zMy44MTIsMTAuMjQ2NWE5OC40MTE4LDk4LjQxMTgsMCwwLDEtNDguNzk1LDEwLjIyNTE3QTExMi4yMzYsMTEyLjIzNiwwLDAsMSw1MDkuMDYzLDQ2OC4yMjU3Yy0xLjM0Njg1LS4zMDMtMS44MzktLjY3MjUzLS44OTU1NC0xLjk5NzZhMjQuNTQzNjQsMjQuNTQzNjQsMCwwLDAsMS45ODk5My0zLjUzNzdDNTEwLjYzNTg0LDQ2MS43MDU0NCw1MTEuMjM2OTQsNDYxLjEyOTMyLDUxMS44Miw0NjEuMzA3NTRaIi8+PHBhdGggY2xhc3M9ImNscy03IiBkPSJNNTM5LjI5MjI2LDU2Ni42MDA2OWMuMTA0NzEsMS4wODI1Ni0uNjc1OTQsMS44MjA0My0xLjYzNjM4LDIuNDkwMDctMy44NTI4OSwyLjY4NjMzLTcuNzEwMjEsNS4zNjcyMi0xMS41MTk3Nyw4LjExNC0uOTA5ODEuNjU2LTIuMzA2LDEuMTU1NTktMi4wMjM2NywyLjY0OTQ0YTUuNzM0LDUuNzM0LDAsMCwwLDIuNzk4MzEsMy43MDk1Yy44ODIyMS41NTEyNSwxLjc5NTY1LS4xNDU3NSwyLjU5MjMyLS43MjIzMiwzLjY3NTM4LTIuNjU5NjEsNy40MDUxMi01LjI0NTkxLDExLjAzNDQzLTcuOTY2NDlhMi42MTYyOCwyLjYxNjI4LDAsMCwxLDMuOTczNjEuMzEzNzdjLjI3NDkyLjI4ODU3LjU5MTkyLjU0MTY2LjgzOTU5Ljg1MSw0LjIxMTcsNS4yNTksMy40ODc1OCw2LjA4MDM1LS43NTI5NCw4LjgzNjItMi45MzI4NCwxLjkwNjA3LTUuNzQyOSw0LjAwMzczLTguNTc3NzQsNi4wNTczMi0yLjQzNjM5LDEuNzY0ODgtMi41Njk3NiwyLjcxOTEyLS44NDA4OCw1LjA5MzM3LDEuNDM4NTksMS45NzU1OSwyLjQ1NjM5LDIuMTI1MTQsNC44MjU0My40NTIsMy43NzAzMi0yLjY2MjgzLDcuNDQ5MTQtNS40NTU2MiwxMS4yMzAwNS04LjEwMjg5LDIuODg5NjktMi4wMjMyNCwzLjczOTA1LTEuODIwMTQsNS44NTg3OCwxLjAxMDc3LDMuNTUxLDQuNzQyMjUsMy40OTg1MSw1LjI3OC0xLjIwMzQ5LDguNjQxNDZxLTkuNzE2LDYuOTQ5ODEtMTkuNDg0NjUsMTMuODI1ODVjLTIuNTUyMTYsMS44MDA1Ni0zLjUxNDU5LDEuNzE0NS01LjMzNTQ0LS44MjU3OXEtMTAuNzg1MjktMTUuMDQ2MzMtMjEuNDQxMi0zMC4xODUxMWMtMS43OTA3My0yLjU0MzM4LTEuNDcyMDktMy43MTc3OSwxLjA4ODYxLTUuNTQzMjVxMTAuMjA4OTEtNy4yNzc0NSwyMC40MTYxNS0xNC41NTcyM2MyLjQ1MzUyLTEuNzUwNDUsMy44NzIwNS0xLjU5NzYzLDUuNTc1MDkuODg3QzUzNy43MjI4Miw1NjMuMTA5NDQsNTM5LjE5NDc0LDU2NC4zODg2Miw1MzkuMjkyMjYsNTY2LjYwMDY5WiIvPjxwYXRoIGNsYXNzPSJjbHMtNyIgZD0iTTI2OS41ODIzLDYxMi4wNTA2MWMuNTE0NDgtMS43NzIzNy0uMzk1NS0yLjg3OTYxLTIuMDM3MjQtMy44NjUzLTMuMjU5LTEuOTU2NjQtNi40MjM5Mi00LjA3NS05LjU3MjY4LTYuMjA3ODZhMi40MDg2OCwyLjQwODY4LDAsMCwwLTMuMzgwNC4yMjg0MmMtMy40MjM2OSwyLjkxMy00LjY1NjM5LDIuOTI3MjUtOC40MTI1Ni4zOTI1OC0uODU2MDctLjU3NzY4LTEuNjY3NTUtMS4yMjEwNy0yLjUxNzYzLTEuODA4LTIuNjE4NTctMS44MDc4Ni0yLjcyMzkxLTIuNTgxMzMtLjE1MTY3LTQuNTk5MzYsMTAuNDUwODMtOC4xOTkwNiwyMC45NTk4NS0xNi4zMjQsMzEuNDMwMTUtMjQuNDk4NDVhMy45MTE4NSwzLjkxMTg1LDAsMCwxLDUuMjEwNDEtLjE4MTU4YzIuMzg2NjksMS42ODEyMyw1LjI0NDU4LDIuNjExMjYsNy40MTIsNC42NzU2NmE0LjYzMTgzLDQuNjMxODMsMCwwLDEsMS40OTIzOCw0Ljg5OTY4Yy0yLjYyODIzLDEwLjU3NTgzLTUuMTYyNjEsMjEuMTc0OTMtNy43NTU4NywzMS43NTk0Ny0uNTA3NzksMi4wNzI1Mi0xLjMxMjA2LDQuMDQ0NTQtMS40MDc0NSw2LjI0NzMyLS4wOTExOCwyLjEwNTg1LTEuNDc4NzMsMy4wMTAxNi0zLjYxOTI1LDIuNzc3NjVDMjcyLjM2MTU3LDYyMS40NDYsMjY5LjM3OSw2MTcuMTg2NjEsMjY5LjU4MjMsNjEyLjA1MDYxWm02LjE5Mzk0LTI2LjQ4MDUyYy0xLjk3NjQsMS41MDk4MS0zLjU0Mjk0LDIuNjg0MTYtNS4wODU3MiwzLjg4OS01LjcwNjEyLDQuNDU2MzEtNS42MjE4Nyw1LjI2ODMuNjUxOTQsOC45MjIsMS4wNTMzNy42MTM1MiwxLjUxNzM0LjU1NDU5LDEuODYxMS0uNTk5MjRBNTcuOTI3LDU3LjkyNywwLDAsMCwyNzUuNzc2MjQsNTg1LjU3MDA5WiIvPjxwYXRoIGNsYXNzPSJjbHMtNyIgZD0iTTQwNi4wMDE3Niw2MDYuNzQ2NDdjNC4wMzg4NC0uMDIxNTcsNi4yNzMzNCwyLjE1ODc2LDcuNzUyMTMsNS4zMjAzNCwyLjM1NTA5LDUuMDM1LDQuMTM4MzIsMTAuMzAwMjksNi4xMTUzOSwxNS40ODY2OHEzLjc3MDE3LDkuODkwMTUsNy40Nzg0NCwxOS44MDM3OWMxLjA5NzY5LDIuOTQ1NzguNTk1MjUsMy42MDE3NC0yLjYxNDgxLDMuNzYzNjlhMzEuMjExLDMxLjIxMSwwLDAsMC0zLjMxNTQyLjMwNDQ3Yy0zLjMwNDI4LjUyNDI0LTUuMzQ2MjItLjQ1OS02LjE5OTItMy42OTA5LS42Njk1MS0yLjUzNy0yLjExMzE4LTIuOTc2NzItNC4zNTk1My0yLjg1MjU0LTMuNDk1MzguMTkzMjgtNy4wMDIxNi4zMDExNC0xMC41MDE0Ni4yNTI2Mi0xLjc5MzMxLS4wMjQ3OS0yLjk4MTIyLjU3MTM2LTMuMzgwNDEsMi4yODAxMy0uODQyNTQsMy42MDY3MS03LjQ4MjcxLDYuMDcyMTYtMTAuNzYzLDUuMzE0ODktMi4xMzA0My0uNDkxNzktMi4zMzQzMS0yLjAyNDUyLTEuNzM2OTItMy45MTIzcTMuNjMzOTQtMTEuNDgzODIsNy4xODU3LTIyLjk5MzU0YzEuMzkzMjctNC40ODA2OSwyLjgzNTktOC45NDc4MSw0LjEyMzY0LTEzLjQ1ODg5LjgyNDE2LTIuODg3LDIuMjg0OTMtNC43MjE0OSw1LjUyNy01LjAyMDU5QzQwMi45NTYsNjA3LjE5Mjc4LDQwNC42MTAyNCw2MDYuOTExMTEsNDA2LjAwMTc2LDYwNi43NDY0N1ptLS42MTYxLDE0LjMwNDE1Yy0uMjIwNDIuMjMzNjgtLjM3NjUzLjMyNTQxLS40MTgwNy40NTQxNHEtMS4xNzE0MiwzLjYyOTE4LTIuMzE3Nyw3LjI2NjY0Yy0xLjk5NDM1LDYuMzE5NDEtMS41MDE0MSw2Ljg3MDM3LDUuMTU3NzIsNi4xNjY1OCwxLjg2NTA4LS4xOTcwOCwyLjM3MzQ2LS45MzMzLDEuNzE3MTYtMi42Njg0OUM0MDguMTI1NTMsNjI4LjU2OTkzLDQwNi43ODMwNiw2MjQuODQ4OTIsNDA1LjM4NTY2LDYyMS4wNTA2MloiLz48cGF0aCBjbGFzcz0iY2xzLTciIGQ9Ik0yODAuNDExNTMsMTc2LjAwNWExNS4yMDQ2OCwxNS4yMDQ2OCwwLDAsMSwxMi4yNDE0OCw1LjQxMTJjMS4zNTIzMiwxLjU0MjIzLDEuMzI1LDMuMDQ4Ny0uNDEyLDQuMjUyLTMuNTA0OTEsMi40MjgxLTcuMTc5ODcsNC4wMDk4Ni0xMS41OTczNCwyLjE3Nzg3LTMuMzA4NjctMS4zNzIxNi03LjAwNC0uMTI5NDMtOS42NzM1MSwyLjg4MTEtMi4xNDQ1NiwyLjQxODQ4LTIuNDEwMzUsNS4xOTU1My0uNTM3ODcsOC42MjIyMiwxLjYzODY2LDIuOTk4ODUsMy40MzQ0LDUuOTE4NzMsNS4yODg3NSw4Ljc5MDgzLDEuNzIxNTEsMi42NjYzMiwzLjkyMDg4LDQuNjk2MzcsNy40NjU1NSwzLjk4MTYsNC4yMTYxNi0uODUwMTgsNy4xNTQ4Mi0zLjYwMzIsNy42NzQyMS03LjQ0MzkxLjYyMjQyLTQuNjAyNzEsMy40MTY2My03LjM3MzIsNy4zNTExLTkuMjM2MzgsMS44NzgwNi0uODg5MzQsMy4xMTg0NC0uMjI3NDksMy44NTcyNCwxLjc5MDQxLDIuNzM1LDcuNDcwNzEuMjMxMzgsMTMuNjQ4NTgtNC45MzUxNCwxOC45MTAyNS01LjExOTUyLDUuMjEzODEtMTEuMzY3MTMsOC4wNC0xOC45MDAxMiw3LjM0MDEyYTE1LjQ3OCwxNS40NzgsMCwwLDEtMTAuMDY0NTctNC45NDkxMyw0NS41MzYwNiw0NS41MzYwNiwwLDAsMS05LjY3NTU2LTE0Ljk3MDU1Yy0zLjYxNjEtOS41NjQ3OS4yOTIyLTE5LjE2LDkuMzg4NzgtMjQuMTQyODJBMjYuOTA5MzksMjYuOTA5MzksMCwwLDEsMjgwLjQxMTUzLDE3Ni4wMDVaIi8+PHBhdGggY2xhc3M9ImNscy03IiBkPSJNMTMwLjQwODYzLDQ1Mi4zNTY0MWM3Ljk4OTIsMy41MDk4NywxNS4zMzk4Myw3LjIxMTQ3LDIzLjQ1ODYzLDguNzY0NzIsMTkuOTg4NTgsMy44MjQxNywzOS41ODE5LDMuMjEzMzUsNTguNDk5My01LjIzNDg2LDcuMTgyNTgtMy4yMDc2NCwxNC4yMjUzOC02Ljc2ODY3LDIxLjczMTkzLTkuMjA2NTlhOTguNTkxNSw5OC41OTE1LDAsMCwxLDMyLjUzMDMtNC4zNTc0NGMyLjIxNDA3LjA0MDQsNS4wMzg4OS0uODQ1NzksNi40NzUyOS41NDk2MSwxLjIzMjUyLDEuMTk3MzktLjE4ODA2LDQuMDExNDMuNTkxNzgsNi4wODgxOS40NDcwNywxLjE5MDM3LS42MTY2OS45ODE4OS0xLjI3ODU0Ljk2NDQxLTQuMzc3OTQtLjExNTU4LTguNzUxNjUtLjE2OTI1LTEzLjEzNDkyLS4wNzQtMTIuOTAzMi4yODA0OC0yNC45MTU0NCwzLjg1NTUtMzYuNDQ1LDkuNDIyNTgtMTAuMjEwMjQsNC45My0yMC42NTUyMSw5LjE0NDc2LTMyLjA2Nzc4LDEwLjQ0Ny0xOS42NDA2NywyLjI0MTExLTM4Ljc3NTE3LjkyMDU0LTU2LjkyMTM5LTcuNzU0LS42NTQzNS0uMzEyOC0xLjMyOC0uNTE4NTctMS41MTc3NS0xLjM0OTg4QzEzMS43MzE3Miw0NTcuOTkzLDEzMS4xMTI2NCw0NTUuMzc0NTEsMTMwLjQwODYzLDQ1Mi4zNTY0MVoiLz48cGF0aCBjbGFzcz0iY2xzLTciIGQ9Ik0zNTQuMzg5MzcsMzc1LjUzODljLTE2LjExOTcuODE1OC0zMS4yMDUxNS0zLjA2MzEyLTQ1LjU0MTE0LTEwLjI4MjM3LTIzLjUyNDM5LTExLjg0NjMyLTQ3Ljk5NDA1LTEzLjMxNzI2LTczLjEwNjktNi4yMDktNi41Nzk0NywxLjg2MjMyLTEyLjcyMDU1LDUuMDAxMTMtMTguODY5ODYsNy45Njk2OS0xNC40MTI4MSw2Ljk1NzY4LTI5LjY0OTEyLDkuMzMwMjktNDUuNTAyMDcsOC43OTE3YTkyLjI3MTkyLDkyLjI3MTkyLDAsMCwxLTI2LjUxMTY1LTQuMzg5MzljLTUuODA5NjItMS45NTM3My0xMS4yOTQyMi00LjY4MzA4LTE2LjkyNTI4LTcuMDYzODItMS43OTY1My0uNzU5NTMtMS4zMTA1Ni0yLjE1MDMxLS45MTcyNy0zLjE4ODg4LjUzMTY5LTEuNDA0LDEuNDUwNzktLjExNjc1LDIuMDYzNS4xNjY2NSw5LjgyNjQyLDQuNTQ1LDE5LjY4ODA5LDkuMDAxLDMwLjU5NDU0LDEwLjI5MjM5LDE3Ljc5MDgxLDIuMTA2NTUsMzUuMjUwNDQsMS40NTc0MSw1Mi4wMjIzOS01Ljg4MDUyLDguNjU0NTMtMy43ODY0NiwxNy4wNTktOC4yMiwyNi4yMzYwNS0xMC43NDM0NCwxMi4wNjA3OS0zLjMxNjM2LDI0LjMzNDI1LTMuNzA1MTEsMzYuNzQwMzUtMi45MzMyMiwxMy4zNzUyMi44MzIyMiwyNS42MDc3LDUuMzQ0MjcsMzcuNDMyNzQsMTEuMTk3MDhhOTIuNDczOSw5Mi40NzM5LDAsMCwwLDQ1LjI4Niw5LjM0MTU2LDEwOS4wOTgsMTA5LjA5OCwwLDAsMCwyMi40NDQyNC0yLjk4Nzc3Yy42MTI3NC0uMTUyNywxLjc2NDM3LTEuMjA5NCwxLjk4OTI5LjQxOTI3LjE1NjE0LDEuMTMwNTkuMzU3ODIsMi4zMzM1OS0xLjM5NTIzLDIuNzU0MzVhOTUuOTUzMTQsOTUuOTUzMTQsMCwwLDEtMTYuNzIyMjUsMi43MTNDMzYwLjYxMTIsMzc1LjY4OTI0LDM1Ny40OTU4MywzNzUuNTM4OSwzNTQuMzg5MzcsMzc1LjUzODlaIi8+PHBhdGggY2xhc3M9ImNscy03IiBkPSJNNTE1LjE0Mjc0LDQxMi40NjE0YTEyOS42NTMsMTI5LjY1MywwLDAsMCwxOC44MDQsMS4zMDEsOTAuMzU1ODksOTAuMzU1ODksMCwwLDAsNDAuNzkwNjctOS40NTYwOGM5Ljk2NTU4LTQuODYxLDIwLjE4NjM3LTkuMDMzMTMsMzEuMzQ0ODYtMTAuNDUwNzdhMTI2LjUwNjQ4LDEyNi41MDY0OCwwLDAsMSwzMy4zMzMuMTU0MzFjMTEuNTE4LDEuNTgyNjYsMjEuOTEwMTEsNi4zODUwNywzMi4yODcxOCwxMS4yMzQwNy44NzIyOC40MDc2LDEuNDU4ODgsNS4wMzA0MS43MDUsNS42NDYxNC0uNzM5NjcuNjA0MTQtMS4zNDUyNy0uMTM5OS0xLjk0NDM5LS40MTQzNS02LjEzOTYtMi44MTIzNS0xMi4yMjIyNC01Ljc2MTQ0LTE4LjYwOTIyLTcuOTkwMDYtMTEuMTQzNTgtMy44ODgyMi0yMi42ODY4NC00LjU5MjUyLTM0LjM2OTA4LTQuMzMwODRhODguNDg1MDUsODguNDg1MDUsMCwwLDAtMzguNTAwMzMsMTAuMDI2ODMsOTcuNjQzNDEsOTcuNjQzNDEsMCwwLDEtNDYuNzQwMDgsMTAuOTE1MTVjLTQuNjE2MTctLjA4NzItOS4yMzUwOS0uMjc5ODEtMTMuODM1NDctLjc4OTYxYTIuMDYxODYsMi4wNjE4NiwwLDAsMS0yLjEyMTU1LTEuNzk3NzdDNTE2LjAxOTYzLDQxNS4yNzI0Niw1MTUuNjA0NjMsNDE0LjA2NzQyLDUxNS4xNDI3NCw0MTIuNDYxNFoiLz48cGF0aCBjbGFzcz0iY2xzLTciIGQ9Ik01NDIuNTI0MjcsMjAxLjI2MjY5YTkuNzI1LDkuNzI1LDAsMCwxLTEuNTA2NjQtLjQ4MjM4Yy0uODUwMjktLjQyMDk1LTEuNjU0NzQtLjkzMzk1LTIuNDgyNjQtMS40MDA4OS01LjgyOTg5LTMuMjg4MS02LjQ4ODUzLTMuNDQ4MzItOS44Nzc1OSwxLjk2NjY2LTQuMjQxMjIsNi43NzY2Ni04LjU2NywxMy41MDA3Mi0xMi44OTMzMywyMC4yMjM2My0xLjkyNzczLDIuOTk1Ni0zLjA5OTg4LDMuMTg5MjEtNi4wMDQ5NSwxLjIwMjQ3LS45ODAwOS0uNjcwMjctMS45NzA3Ni0xLjMyNy0yLjk3OTQ5LTEuOTUzLTMuMTk0NzgtMS45ODI3Mi0zLjQ1Mjc5LTMuMDYyMzctMS4zODQtNi4zMzE4MSwzLjEzMzA5LTQuOTUxNyw2LjMwOTA5LTkuODc2MzYsOS40MzY4LTE0LjgzMTQ0LDEuOTg5NDEtMy4xNTE3NywzLjgzNjE2LTYuMzk4LDUuOTMzODUtOS40NzQ0Mi42OTUtMS4wMTkyMi40MjI0OS0xLjQ3NTM1LS4yMjM1Mi0yLjE3ODM3LTEuNTQ4LTEuNjg0NzctMy42ODI2Mi0yLjQ0NTYyLTUuNTc5MTktMy41NjUtMy4yMzE1NC0xLjkwNzMyLTMuNzkxMDgtMy42ODQ0Ny0xLjkyMTI5LTYuODE0NjMsMi41MzkzNS00LjI1MTA2LDQuMDY4NDUtNC44MTg0NCw3LjQ5MTEzLTIuNjYwNzVxMTIuNTYwMjYsNy45MTgxNCwyNS4wODI5NSwxNS44OTU3OGMyLjk5MTI1LDEuOTEwMjgsMy4yMjc0LDIuOTUxNjksMS4zODc5LDYuMDUyNTVDNTQ1LjkzOTQxLDE5OC43MDYxLDU0NS4xMzE5MiwyMDAuODUzNDMsNTQyLjUyNDI3LDIwMS4yNjI2OVoiLz48cGF0aCBjbGFzcz0iY2xzLTciIGQ9Ik02NzEuMTcxMywzNjcuNDQyMzhjLTYuNjI5ODUtMi44NjA0LTEyLjk0NTYxLTYuMDY1NzQtMTkuNjY1Mi04LjMyMDY5LTEwLjk1NzM2LTMuNjc2OTMtMjIuMjYxOTEtNC4zNTQyOS0zMy43MDQ3OC00LjE1NjU0LTE0LjM5MDc0LjI0ODY4LTI3Ljc3NjE5LDQuMjE1NDQtNDAuNDkyMzEsMTAuNjg5Ni0xOS43ODIxMywxMC4wNzE3My00MC42Nzc4OSwxMi4wMzI1LTYyLjM0MTMzLDguODQ5MTUtOS41NjQzNy0xLjQwNTQ2LTE4LjM2MzYyLTUuMDEzMjktMjcuMDI2ODQtOS4wNDUyNmExMzMuMDI4LDEzMy4wMjgsMCwwLDAtMTguMzUzNjktNy4zNTAyMWMtMS40NzY5NC0uNDM1OTMtMS40MjAxNC0xLjAxNjA2LTEuMTg3Ny0yLjE3NTg5LjI5NjEzLTEuNDc3NjUsMS4xMjM2Mi0xLjE1MSwyLjA5ODEzLS44NzU2YTEwOC4xMjA3NywxMDguMTIwNzcsMCwwLDEsMTkuMDA2NDEsNy42MDkzMWMyMi4zMjQ4OCwxMS4xOTU0Niw0NS41ODY3NSwxMi41NTgyMyw2OS40OTE1OSw2Ljc0MDE4LDcuNDM4NzktMS44MTA0OSwxNC4zMDUxNC01LjMyNSwyMS4xOTUzNC04LjYxMDQ0YTkyLjY1ODI5LDkyLjY1ODI5LDAsMCwxLDM4LjUyMjYxLTkuMDU3NzJjMTMuNDMzMTYtLjI3MDYyLDI2LjU1MjQ3LDEuMTI2OTQsMzkuMDc3NTIsNi4yOTA0MiwzLjY3NDIsMS41MTQ2Niw3LjIzNTM5LDMuMzA0NzIsMTAuOTE2NzIsNC44MDAwOUM2NzAuODE3LDM2My42ODU1Niw2NzEuNjg1MjgsMzY1LjAwMzcsNjcxLjE3MTMsMzY3LjQ0MjM4WiIvPjxwYXRoIGNsYXNzPSJjbHMtNyIgZD0iTTUwMS44MzY1Niw0MDguOTcwMDZjLS4yOTIzOS4zMzgyNC0uNDAwMi40NTExMy0uNDk0OC41NzQxNy0yLjkwNiwzLjc3ODc3LTYuMDczMzksMi42NTA0OS05LjY5NTUuOTQwNy04Ljc0OC00LjEyOTM0LTE3LjQ1ODQzLTguNDAxNTItMjcuMDU5MzgtMTAuMzgyMjJhMTExLjc5NjgzLDExMS43OTY4MywwLDAsMC0yOS42ODQzNi0xLjcxMSw3My4yMzA4Miw3My4yMzA4MiwwLDAsMC0xNC4xNDI2NywyLjE0MTE2Yy0xLjQ0MS4zNzkyMi0xLjk1MjkyLjA1MTEtMS45NDg0NS0xLjU0ODI1LjAwOTk0LTMuNTM1MjgtLjA5NTI0LTMuNjI5NjEsMy40MTI0Mi00LjIzNywxOC4wNTExMS0zLjEyNTk0LDM1LjkzMi0yLjk1ODQ1LDUzLjQ1NTg2LDMuMDY0LDcuODI1MTIsMi42ODkyOCwxNS4xMDMyNSw2LjY3NjEyLDIyLjc2NDM1LDkuNzYwNDRDNDk5LjU0MDMyLDQwOC4wMTMzNyw1MDAuNjI5NTYsNDA4LjQ3MjEzLDUwMS44MzY1Niw0MDguOTcwMDZaIi8+PHBhdGggY2xhc3M9ImNscy03IiBkPSJNNDQzLjU1MTkxLDQ0OS42MTg1N2E5NS40NTU3LDk1LjQ1NTcsMCwwLDAtMjIuNzUwMzQsMi41Njk3Yy0xLjczMDUyLjQ0NjMxLTEuOTcyMzEtLjE2MDQ2LTEuOTgwNjQtMS42OTMyNS0uMDMwODQtNS42NzctLjA4NzM1LTUuNzQzODYsNS4xNzM3NS02LjU5MDMyLDE1LjQyODc0LTIuNDgyMywzMC43NjgtMi4zMzE4Nyw0NS45OTQzMiwxLjU3NCwyLjU1MzcxLjY1NTA4LDIuODAwMDYsMy4yMjQyNSw0LjQxMjQ0LDQuNjQ4NDcuNTQyODQuNDc5NTUtMi45NTI0MiwzLjQyNzc5LTMuOTc2NTQsMy4xMjQyOGE3Ny43Njg0Miw3Ny43Njg0MiwwLDAsMC0xNi4xMzk0MS0zLjAxOThDNDUwLjcxMzE3LDQ0OS45NTU1Myw0NDcuMTMwMTQsNDQ5LjgxODE3LDQ0My41NTE5MSw0NDkuNjE4NTdaIi8+PHBhdGggY2xhc3M9ImNscy03IiBkPSJNMzQyLjY5MTcsNDYzLjAzNDljNC43NjE4NC0uMDM5MDksOS40NzU1OS40NDEyMiwxNC4yMTMxNC4yNzcxNGE5Ny41NTIyMiw5Ny41NTIyMiwwLDAsMCwyMy4zMDE0OS0zLjMyMzE0YzEuMjQzODYtLjM1MTcxLDEuNjI3MTEtLjMzODc2LDEuNjkwMDUsMS4xMDQ4NC4yNjc3Miw2LjEzODA5LjIzMDU0LDUuODU1NjgtNS42MzM4NSw3LjU4NjQ5LTcuMTkzOTEsMi4xMjMyNC0xNC4wMTA4OC40OTItMjAuODU1MzYtMS4yNzM4M0MzNTEuMDc2NjcsNDY2LjI4OTE0LDM0Ni43MDEsNDY1LjIxNTUyLDM0Mi42OTE3LDQ2My4wMzQ5WiIvPjwvZz48L3N2Zz4=
+  longDescription: Adds certificates and certificate issuers as resource types in
+    Kubernetes clusters, and simplifies the process of obtaining, renewing and using
+    those certificates. It can issue certificates from a variety of supported sources.
+    It will ensure certificates are valid and up to date, and attempt to renew certificates
+    at a configured time before expiry.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: X.509 certificate management for Kubernetes and OpenShift.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-cert-manager
+    for community support.
diff --git a/repo/packages/contour.packages.kadras.io/1.33.0.yml b/repo/packages/contour.packages.kadras.io/1.33.0.yml
new file mode 100644
index 0000000..f21dff3
--- /dev/null
+++ b/repo/packages/contour.packages.kadras.io/1.33.0.yml
@@ -0,0 +1,226 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: contour.packages.kadras.io.1.33.0
+spec:
+  licenses:
+  - Apache 2.0
+  refName: contour.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-contour/releases
+  releasedAt: "2025-09-15T14:46:26Z"
+  template:
+    spec:
+      deploy:
+      - kapp:
+          rawOptions:
+          - --wait-timeout=5m
+          - --kube-api-qps=25
+          - --kube-api-burst=50
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-contour@sha256:2de76924ca9bda2f1f67cbdfc00433572f9ac482cb35e80ee3c7100d217a06fb
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        certificates:
+          additionalProperties: false
+          description: TLS configuration to secure the communication between Contour
+            and Envoy.
+          properties:
+            duration:
+              default: 8760h
+              description: If using cert-manager, how long the certificates should
+                be valid for. If `useCertManager` is false, this field is ignored.
+              type: string
+            renewBefore:
+              default: 360h
+              description: If using cert-manager, how long before expiration the certificates
+                should be renewed. If `useCertManager` is false, this field is ignored.
+              type: string
+            useCertManager:
+              default: false
+              description: 'Whether to use cert-manager to provision TLS certificates
+                for securing the communication between Contour and Envoy. If `false`,
+                the `contour-certgen` Job will be used to provision certificates.
+                If `true`, cert-manager must be installed in the cluster. See: https://github.com/kadras-io/package-for-cert-manager.'
+              type: boolean
+          type: object
+        contour:
+          additionalProperties: false
+          description: Settings for the Contour component.
+          properties:
+            config:
+              additionalProperties: false
+              description: Configuration for the Contour Deployment.
+              properties:
+                logFormat:
+                  default: text
+                  description: Log output format for Contour. Either `text` (default)
+                    or `json`.
+                  enum:
+                  - json
+                  - text
+                  type: string
+                logLevel:
+                  default: info
+                  description: The Contour log level. Valid options are `info` and
+                    `debug`.
+                  enum:
+                  - info
+                  - debug
+                  type: string
+                useProxyProtocol:
+                  default: false
+                  description: Whether to enable PROXY protocol for all Envoy listeners.
+                  type: boolean
+              type: object
+            configMapData:
+              default: {}
+              description: The YAML contents of the `contour` ConfigMap. See https://projectcontour.io/docs/latest/configuration/#configuration-file
+                for more information.
+              nullable: true
+            replicas:
+              default: 2
+              description: The number of Contour replicas. In order to enable high
+                availability, it should be greater than 1.
+              minimum: 1
+              type: integer
+          type: object
+        envoy:
+          additionalProperties: false
+          description: Settings for the Envoy component.
+          properties:
+            config:
+              additionalProperties: false
+              description: Configuration for the Envoy workload.
+              properties:
+                logLevel:
+                  default: info
+                  description: The Envoy log level.
+                  enum:
+                  - trace
+                  - debug
+                  - info
+                  - warning
+                  - warn
+                  - error
+                  - critical
+                  - "off"
+                  type: string
+              type: object
+            service:
+              additionalProperties: false
+              description: Envoy service settings.
+              properties:
+                annotations:
+                  default: null
+                  description: Annotations to set on the Envoy service.
+                  nullable: true
+                externalTrafficPolicy:
+                  default: Local
+                  description: The external traffic policy for the Envoy service.
+                  enum:
+                  - Cluster
+                  - Local
+                  type: string
+                loadBalancerIP:
+                  default: ""
+                  description: The desired load balancer IP. If `type` is not `LoadBalancer',
+                    this field is ignored. It is up to the cloud provider whether
+                    to honor this request. If not specified, the load balancer IP
+                    will be assigned by the cloud provider.
+                  type: string
+                nodePorts:
+                  additionalProperties: false
+                  description: NodePort settings for the Envoy service. If type is
+                    not `NodePort` or `LoadBalancer`, these settings are ignored.
+                  properties:
+                    http:
+                      default: 0
+                      description: The node port number to expose Envoy's HTTP listener
+                        on. If not specified, a node port will be auto-assigned by
+                        Kubernetes.
+                      type: integer
+                    https:
+                      default: 0
+                      description: The node port number to expose Envoy's HTTPS listener
+                        on. If not specified, a node port will be auto-assigned by
+                        Kubernetes.
+                      type: integer
+                  type: object
+                type:
+                  default: LoadBalancer
+                  description: The type of Kubernetes service to provision for Envoy.
+                  enum:
+                  - NodePort
+                  - ClusterIP
+                  - LoadBalancer
+                  type: string
+              type: object
+            workload:
+              additionalProperties: false
+              description: Envoy workload settings.
+              properties:
+                hostNetwork:
+                  default: false
+                  description: Whether to enable host networking for the Envoy pods.
+                  type: boolean
+                hostPorts:
+                  additionalProperties: false
+                  description: Host port settings for the Envoy pods.
+                  properties:
+                    enabled:
+                      default: true
+                      description: Whether to enable host ports. If false, `http`
+                        & `https` are ignored.
+                      type: boolean
+                    http:
+                      default: 80
+                      description: If enabled, the host port number to expose Envoy's
+                        HTTP listener on.
+                      type: integer
+                    https:
+                      default: 443
+                      description: If enabled, the host port number to expose Envoy's
+                        HTTPS listener on.
+                      type: integer
+                  type: object
+                replicas:
+                  default: 2
+                  description: The number of Envoy replicas to deploy when `type`
+                    is set to `Deployment`.
+                  type: integer
+                terminationGracePeriodSeconds:
+                  default: 300
+                  description: The termination grace period, in seconds, for the Envoy
+                    pods.
+                  minimum: 30
+                  type: integer
+                type:
+                  default: DaemonSet
+                  description: The type of Kubernetes workload that Envoy is deployed
+                    as. Options are `Deployment` or `DaemonSet`. If not specified,
+                    it defaults to `DaemonSet`.
+                  enum:
+                  - Deployment
+                  - DaemonSet
+                  type: string
+              type: object
+          type: object
+        namespace:
+          default: projectcontour
+          description: The namespace in which to deploy Contour and Envoy.
+          minLength: 1
+          type: string
+      type: object
+  version: 1.33.0
diff --git a/repo/packages/contour.packages.kadras.io/metadata.yml b/repo/packages/contour.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..34fcf44
--- /dev/null
+++ b/repo/packages/contour.packages.kadras.io/metadata.yml
@@ -0,0 +1,21 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: contour.packages.kadras.io
+spec:
+  categories:
+  - ingress
+  - envoy
+  - gateway
+  displayName: contour
+  iconSVGBase64: PHN2ZyBpZD0iTGF5ZXJfMSIgZGF0YS1uYW1lPSJMYXllciAxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCAzNjAgMzYwIj48ZGVmcz48c3R5bGU+LmNscy0xe2ZpbGw6IzAwOWNkYzt9PC9zdHlsZT48L2RlZnM+PHBhdGggY2xhc3M9ImNscy0xIiBkPSJNMjMzLjQ5MzU0LDEzLjYwNzQyQTE3Mi41NDE2NiwxNzIuNTQxNjYsMCwwLDAsMTg5LjYwMSw1LjQzODE0Yy0xOC4xMDk1OSw5OS44NzYtNjguMDE5MzUsMTY5Ljc2MzQyLTExMS4yOTYzNCwyMTMuNTM4QTQzMC42MDM4OCw0MzAuNjAzODgsMCwwLDEsMjcuOTk3LDI2Mi40ODQzN2ExNzQuMTU5ODMsMTc0LjE1OTgzLDAsMCwwLDEzLjk4MDY2LDIxLjQwNzc1YzI3LjIyMi0xNy4yMzI0Niw1Mi4xNzU4Mi0zNi44MDY1OCw3MS42ODAzLTU1LjM4NTc3QzE2MC4yODkzNiwxODQuMDg3NTgsMjE0LjA3NzQ2LDExMy40OTg1NSwyMzMuNDkzNTQsMTMuNjA3NDJaIi8+PHBhdGggY2xhc3M9ImNscy0xIiBkPSJNMjkxLjg4OTM3LDEyMy45NDY3QTM3Mi41NDI4OSwzNzIuNTQyODksMCwwLDAsMzE1LjI5NjE5LDcwLjAzOSwxNzUuMTA3NzIsMTc1LjEwNzcyLDAsMCwwLDI4NC42NjU3Nyw0MC4zMDMyYy0yMy44NDQxMiw5NC4xNzk4Ny03OS40NDQ1NywxNjIuMTA2MTMtMTI3Ljk3OTI4LDIwNS45MDM1OWE0OTcuNjM2NjIsNDk3LjYzNjYyLDAsMCwxLTg5LjYyNDgyLDY0LjI1NDI5LDE3NC43NzM3MywxNzQuNzczNzMsMCwwLDAsMTQuNzE4NywxMS4zNzIzN0E1MTcuMTc5NDksNTE3LjE3OTQ5LDAsMCwwLDE4OC4yNzg2NSwyNTEuMTM2QzIzMi4xOTIxLDIxMy40MDI2NywyNjcuMDUyMTIsMTcwLjYwOTcxLDI5MS44ODkzNywxMjMuOTQ2N1oiLz48cGF0aCBjbGFzcz0iY2xzLTEiIGQ9Ik0yNzcuMTUwODIsMzQuODk4ODFBMTczLjI0MjA2LDE3My4yNDIwNiwwLDAsMCwyMzguODU1OSwxNS40MjU3MkMyMTkuMDU2MSwxMTYuMzIxLDE2NC42ODA0MiwxODcuNjQ2MjUsMTE3LjUyMzI4LDIzMi41NjUxYTQ2NC4xMzgyNyw0NjQuMTM4MjcsMCwwLDEtNzEuODE3NzcsNTYuMDY4MDYsMTc1LjAzNSwxNzUuMDM1LDAsMCwwLDE0LjYyNDM1LDE1LjcyODI1LDQ4NS4yMjExNyw0ODUuMjIxMTcsMCwwLDAsOTAuNjEzMjYtNjQuNTE4OTVDMTk5LjA2NTQyLDE5Ni40MTY4MiwyNTQuMjY4MjYsMTI4Ljc5ODg3LDI3Ny4xNTA4MiwzNC44OTg4MVoiLz48cGF0aCBjbGFzcz0iY2xzLTEiIGQ9Ik0zMzYuMTM0MDUsMTMzLjIwMDIxYzIuNTE3MzctNC40ODYxMyw0Ljg5Mjc2LTkuMDA2MTcsNy4yMDMtMTMuNTQxMzdBMTczLjI1NTE3LDE3My4yNTUxNywwLDAsMCwzMjMuNjQxNTQsODEuMjQ4MSwzODYuMDQ3MywzODYuMDQ3MywwLDAsMSwzMDIuMDc2NjYsMTI5LjM2OWMtMjUuNTEzNzgsNDcuOTM0ODctNjEuMjcxMyw5MS44NDgzMi0xMDYuMjc3MTEsMTMwLjUyMDgzQTUzMy40ODk2Niw1MzMuNDg5NjYsMCwwLDEsOTMuMTcyLDMyOS4wMzE2MXE3LjA2MTUxLDQuMTAxNiwxNC41MjQ1OCw3LjU0NGE1NTAuMDcyMDUsNTUwLjA3MjA1LDAsMCwwLDExNy45Ni03NC4xNzkyN0MyNzIuNDI3MSwyMjMuOTYzNTgsMzA5LjU5NjMsMTgwLjQ5NTU0LDMzNi4xMzQwNSwxMzMuMjAwMjFaIi8+PHBhdGggY2xhc3M9ImNscy0xIiBkPSJNMTg2LjkzNzg4LDUuMzQwMzZjLTIuMjc3MDctLjA4OTEyLTQuNTU1NDEtLjE3MzkxLTYuODUzOTUtLjE3MzkxLTk1Ljc0NDcsMC0xNzMuNjM5NTksNzcuODk3MDYtMTczLjYzOTU5LDE3My42Mzk2YTE3Mi41MzM5NCwxNzIuNTMzOTQsMCwwLDAsMjAuMjg4MzQsODEuMzMzMjMsNDI3Ljk2NDczLDQyNy45NjQ3MywwLDAsMCw0OS42OTY1MS00My4wMTc5MkMxMTkuMzY5NzMsMTczLjY4Njg4LDE2OC44ODQzOSwxMDQuMzc1MjksMTg2LjkzNzg4LDUuMzQwMzZaIi8+PHBhdGggY2xhc3M9ImNscy0xIiBkPSJNMzQ4Ljc4NjU3LDE0MC4yOTk4N2MtMjcuNDIyNDYsNDguODczMzMtNjUuNzQ5ODUsOTMuNzI0NTMtMTEzLjkxNzgsMTMzLjMwNjQ2QTU3MS4zMjU2Niw1NzEuMzI1NjYsMCwwLDEsMTI2LjExOSwzNDMuODE2NTJhMTcyLjg4MDA3LDE3Mi44ODAwNywwLDAsMCw1My45NjQ4OSw4LjYyOTEzYzk1Ljc0NDM1LDAsMTczLjYzOTYtNzcuODk2ODgsMTczLjYzOTYtMTczLjYzOTZBMTczLjM3NTE4LDE3My4zNzUxOCwwLDAsMCwzNDkuMTkxLDEzOS41NDJDMzQ5LjA1MDg2LDEzOS43OTMyOSwzNDguOTI3NDcsMTQwLjA0ODc1LDM0OC43ODY1NywxNDAuMjk5ODdaIi8+PC9zdmc+
+  longDescription: Kubernetes ingress controller providing the control plane for the
+    Envoy edge and service proxy. Contour supports dynamic configuration updates and
+    multi-team ingress delegation out of the box while maintaining a lightweight profile.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: High performance ingress controller using Envoy.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-contour
+    for community support.
diff --git a/repo/packages/crossplane.packages.kadras.io/2.0.2.yml b/repo/packages/crossplane.packages.kadras.io/2.0.2.yml
new file mode 100644
index 0000000..2d66683
--- /dev/null
+++ b/repo/packages/crossplane.packages.kadras.io/2.0.2.yml
@@ -0,0 +1,487 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: crossplane.packages.kadras.io.2.0.2
+spec:
+  refName: crossplane.packages.kadras.io
+  releasedAt: "2025-08-14T20:03:47Z"
+  template:
+    spec:
+      deploy:
+      - kapp:
+          intoNs: crossplane-system
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-crossplane@sha256:764e5de98ade05c75454843952d324a9a7aa66c5e27be8930d9e29d144c36bf7
+      template:
+      - helmTemplate:
+          name: crossplane
+          namespace: crossplane-system
+          path: config/helm/upstream/crossplane
+          valuesFrom:
+          - path: config/helm/values.yml
+      - ytt:
+          ignoreUnknownComments: true
+          paths:
+          - '-'
+          - config/carvel
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      properties:
+        affinity:
+          default: {}
+          description: Add `affinities` to the Crossplane pod deployment.
+          type: object
+        args:
+          default: []
+          description: Add custom arguments to the Crossplane pod.
+          items: {}
+          type: array
+        configuration:
+          properties:
+            packages:
+              default: []
+              description: A list of Configuration packages to install.
+              items: {}
+              type: array
+          type: object
+        customAnnotations:
+          default: {}
+          description: Add custom `annotations` to the Crossplane pod deployment.
+          type: object
+        customLabels:
+          default: {}
+          description: Add custom `labels` to the Crossplane pod deployment.
+          type: object
+        deploymentStrategy:
+          default: RollingUpdate
+          description: The deployment strategy for the Crossplane and RBAC Manager
+            pods.
+          type: string
+        dnsPolicy:
+          default: ""
+          description: Specify the `dnsPolicy` to be used by the Crossplane pod.
+          type: string
+        extraEnvVarsCrossplane:
+          default: {}
+          description: Add custom environmental variables to the Crossplane pod deployment
+            application container. Replaces any `.` in a variable name with `_`. For
+            example, `SAMPLE.KEY=value1` becomes `SAMPLE_KEY=value1`.
+          type: object
+        extraEnvVarsCrossplaneInit:
+          default: {}
+          description: Add custom environmental variables to the Crossplane pod deployment
+            init container. Replaces any `.` in a variable name with `_`. For example,
+            `SAMPLE.KEY=value1` becomes `SAMPLE_KEY=value1`.
+          type: object
+        extraEnvVarsRBACManager:
+          default: {}
+          description: Add custom environmental variables to the RBAC Manager pod
+            deployment. Replaces any `.` in a variable name with `_`. For example,
+            `SAMPLE.KEY=value1` becomes `SAMPLE_KEY=value1`.
+          type: object
+        extraObjects:
+          default: []
+          description: To add arbitrary Kubernetes Objects during a Helm Install
+          items: {}
+          type: array
+        extraVolumeMountsCrossplane:
+          default: {}
+          description: Add custom `volumeMounts` to the Crossplane pod.
+          type: object
+        extraVolumesCrossplane:
+          default: {}
+          description: Add custom `volumes` to the Crossplane pod.
+          type: object
+        function:
+          properties:
+            packages:
+              default: []
+              description: A list of Function packages to install
+              items: {}
+              type: array
+          type: object
+        functionCache:
+          properties:
+            medium:
+              default: ""
+              description: Set to `Memory` to hold the function cache in a RAM backed
+                file system. Useful for Crossplane development.
+              type: string
+            pvc:
+              default: ""
+              description: The name of a PersistentVolumeClaim to use as the function
+                cache. Disables the default function cache `emptyDir` Volume.
+              type: string
+            sizeLimit:
+              default: 512Mi
+              description: The size limit for the function cache. If medium is `Memory`
+                the `sizeLimit` can't exceed Node memory.
+              type: string
+          type: object
+        hostNetwork:
+          default: false
+          description: 'Enable `hostNetwork` for the Crossplane deployment. Caution:
+            enabling `hostNetwork` grants the Crossplane Pod access to the host network
+            namespace. Consider setting `dnsPolicy` to `ClusterFirstWithHostNet`.'
+          type: boolean
+        image:
+          properties:
+            ignoreTag:
+              default: false
+              description: Do not use the {{ .image.tag }} value to compute the image
+                uri.
+              type: boolean
+            pullPolicy:
+              default: IfNotPresent
+              description: The image pull policy used for Crossplane and RBAC Manager
+                pods.
+              type: string
+            repository:
+              default: xpkg.crossplane.io/crossplane/crossplane
+              description: Repository for the Crossplane pod image.
+              type: string
+            tag:
+              default: ""
+              description: The Crossplane image tag. Defaults to the value of `appVersion`
+                in `Chart.yaml`.
+              type: string
+          type: object
+        imagePullSecrets:
+          default: []
+          description: The imagePullSecret names to add to the Crossplane ServiceAccount.
+          items: {}
+          type: array
+        leaderElection:
+          default: true
+          description: Enable [leader election](https://docs.crossplane.io/latest/concepts/pods/#leader-election)
+            for the Crossplane pod.
+          type: boolean
+        metrics:
+          properties:
+            enabled:
+              default: false
+              description: Enable Prometheus path, port and scrape annotations and
+                expose port 8080 for both the Crossplane and RBAC Manager pods.
+              type: boolean
+            port:
+              default: ""
+              description: The port the metrics server listens on.
+              type: string
+          type: object
+        nodeSelector:
+          default: {}
+          description: Add `nodeSelectors` to the Crossplane pod deployment.
+          type: object
+        packageCache:
+          properties:
+            configMap:
+              default: ""
+              description: The name of a ConfigMap to use as the package cache. Disables
+                the default package cache `emptyDir` Volume.
+              type: string
+            medium:
+              default: ""
+              description: Set to `Memory` to hold the package cache in a RAM backed
+                file system. Useful for Crossplane development.
+              type: string
+            pvc:
+              default: ""
+              description: The name of a PersistentVolumeClaim to use as the package
+                cache. Disables the default package cache `emptyDir` Volume.
+              type: string
+            sizeLimit:
+              default: 20Mi
+              description: The size limit for the package cache. If medium is `Memory`
+                the `sizeLimit` can't exceed Node memory.
+              type: string
+          type: object
+        podSecurityContextCrossplane:
+          default: {}
+          description: Add a custom `securityContext` to the Crossplane pod.
+          type: object
+        podSecurityContextRBACManager:
+          default: {}
+          description: Add a custom `securityContext` to the RBAC Manager pod.
+          type: object
+        priorityClassName:
+          default: ""
+          description: The PriorityClass name to apply to the Crossplane and RBAC
+            Manager pods.
+          type: string
+        provider:
+          properties:
+            defaultActivations:
+              default: []
+              description: Define entries for the default managed resource activation
+                policy. If defined, a default MRAP will contain these activations.
+              items:
+                default: '*'
+                type: string
+              type: array
+            packages:
+              default: []
+              description: A list of Provider packages to install.
+              items: {}
+              type: array
+          type: object
+        rbacManager:
+          properties:
+            affinity:
+              default: {}
+              description: Add `affinities` to the RBAC Manager pod deployment.
+              type: object
+            args:
+              default: []
+              description: Add custom arguments to the RBAC Manager pod.
+              items: {}
+              type: array
+            deploy:
+              default: true
+              description: Deploy the RBAC Manager pod and its required roles.
+              type: boolean
+            leaderElection:
+              default: true
+              description: Enable [leader election](https://docs.crossplane.io/latest/concepts/pods/#leader-election)
+                for the RBAC Manager pod.
+              type: boolean
+            nodeSelector:
+              default: {}
+              description: Add `nodeSelectors` to the RBAC Manager pod deployment.
+              type: object
+            replicas:
+              default: 1
+              description: The number of RBAC Manager pod `replicas` to deploy.
+              type: integer
+            revisionHistoryLimit:
+              description: The number of RBAC Manager ReplicaSets to retain.
+              oneOf:
+              - default: null
+                nullable: true
+                type: integer
+              - default: null
+                nullable: true
+                type: number
+              - default: null
+                nullable: true
+                type: boolean
+              - default: null
+                nullable: true
+                type: string
+              - default: null
+                nullable: true
+                type: object
+              - default: null
+                items: {}
+                nullable: true
+                type: array
+            skipAggregatedClusterRoles:
+              default: false
+              description: Don't install aggregated Crossplane ClusterRoles.
+              type: boolean
+            tolerations:
+              default: []
+              description: Add `tolerations` to the RBAC Manager pod deployment.
+              items: {}
+              type: array
+            topologySpreadConstraints:
+              default: []
+              description: Add `topologySpreadConstraints` to the RBAC Manager pod
+                deployment.
+              items: {}
+              type: array
+          type: object
+        readiness:
+          properties:
+            port:
+              default: ""
+              description: The port the readyz server listens on.
+              type: string
+          type: object
+        registryCaBundleConfig:
+          properties:
+            key:
+              default: ""
+              description: The ConfigMap key containing a custom CA bundle to enable
+                fetching packages from registries with unknown or untrusted certificates.
+              type: string
+            name:
+              default: ""
+              description: The ConfigMap name containing a custom CA bundle to enable
+                fetching packages from registries with unknown or untrusted certificates.
+              type: string
+          type: object
+        replicas:
+          default: 1
+          description: helm-docs renders these comments into markdown. Use markdown
+            formatting where appropiate. -- The number of Crossplane pod `replicas`
+            to deploy.
+          type: integer
+        resourcesCrossplane:
+          properties:
+            limits:
+              properties:
+                cpu:
+                  default: 500m
+                  description: CPU resource limits for the Crossplane pod.
+                  type: string
+                memory:
+                  default: 1024Mi
+                  description: Memory resource limits for the Crossplane pod.
+                  type: string
+              type: object
+            requests:
+              properties:
+                cpu:
+                  default: 100m
+                  description: CPU resource requests for the Crossplane pod.
+                  type: string
+                memory:
+                  default: 256Mi
+                  description: Memory resource requests for the Crossplane pod.
+                  type: string
+              type: object
+          type: object
+        resourcesRBACManager:
+          properties:
+            limits:
+              properties:
+                cpu:
+                  default: 100m
+                  description: CPU resource limits for the RBAC Manager pod.
+                  type: string
+                memory:
+                  default: 512Mi
+                  description: Memory resource limits for the RBAC Manager pod.
+                  type: string
+              type: object
+            requests:
+              properties:
+                cpu:
+                  default: 100m
+                  description: CPU resource requests for the RBAC Manager pod.
+                  type: string
+                memory:
+                  default: 256Mi
+                  description: Memory resource requests for the RBAC Manager pod.
+                  type: string
+              type: object
+          type: object
+        revisionHistoryLimit:
+          description: The number of Crossplane ReplicaSets to retain.
+          oneOf:
+          - default: null
+            nullable: true
+            type: integer
+          - default: null
+            nullable: true
+            type: number
+          - default: null
+            nullable: true
+            type: boolean
+          - default: null
+            nullable: true
+            type: string
+          - default: null
+            nullable: true
+            type: object
+          - default: null
+            items: {}
+            nullable: true
+            type: array
+        runtimeClassName:
+          default: ""
+          description: The runtimeClassName name to apply to the Crossplane and RBAC
+            Manager pods.
+          type: string
+        securityContextCrossplane:
+          properties:
+            allowPrivilegeEscalation:
+              default: false
+              description: Enable `allowPrivilegeEscalation` for the Crossplane pod.
+              type: boolean
+            readOnlyRootFilesystem:
+              default: true
+              description: Set the Crossplane pod root file system as read-only.
+              type: boolean
+            runAsGroup:
+              default: 65532
+              description: The group ID used by the Crossplane pod.
+              type: integer
+            runAsUser:
+              default: 65532
+              description: The user ID used by the Crossplane pod.
+              type: integer
+          type: object
+        securityContextRBACManager:
+          properties:
+            allowPrivilegeEscalation:
+              default: false
+              description: Enable `allowPrivilegeEscalation` for the RBAC Manager
+                pod.
+              type: boolean
+            readOnlyRootFilesystem:
+              default: true
+              description: Set the RBAC Manager pod root file system as read-only.
+              type: boolean
+            runAsGroup:
+              default: 65532
+              description: The group ID used by the RBAC Manager pod.
+              type: integer
+            runAsUser:
+              default: 65532
+              description: The user ID used by the RBAC Manager pod.
+              type: integer
+          type: object
+        service:
+          properties:
+            customAnnotations:
+              default: {}
+              description: Configure annotations on the service object. Only enabled
+                when webhooks.enabled = true
+              type: object
+          type: object
+        serviceAccount:
+          properties:
+            create:
+              default: true
+              description: Specifies whether Crossplane ServiceAccount should be created
+              type: boolean
+            customAnnotations:
+              default: {}
+              description: Add custom `annotations` to the Crossplane ServiceAccount.
+              type: object
+            name:
+              default: ""
+              description: Provide the name of an already created Crossplane ServiceAccount.
+                Required when `serviceAccount.create` is `false`
+              type: string
+          type: object
+        tolerations:
+          default: []
+          description: Add `tolerations` to the Crossplane pod deployment.
+          items: {}
+          type: array
+        topologySpreadConstraints:
+          default: []
+          description: Add `topologySpreadConstraints` to the Crossplane pod deployment.
+          items: {}
+          type: array
+        webhooks:
+          properties:
+            enabled:
+              default: true
+              description: Enable webhooks for Crossplane and installed Provider packages.
+              type: boolean
+            port:
+              default: ""
+              description: The port the webhook server listens on.
+              type: string
+          type: object
+      type: object
+  version: 2.0.2
diff --git a/repo/packages/crossplane.packages.kadras.io/metadata.yml b/repo/packages/crossplane.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..93fe9b9
--- /dev/null
+++ b/repo/packages/crossplane.packages.kadras.io/metadata.yml
@@ -0,0 +1,19 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: crossplane.packages.kadras.io
+spec:
+  categories:
+  - control plane
+  displayName: crossplane
+  iconSVGBase64: PHN2ZyBpZD0iTGF5ZXJfMSIgZGF0YS1uYW1lPSJMYXllciAxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIiB2aWV3Qm94PSIwIDAgOTAwIDkwMCI+PGRlZnM+PHN0eWxlPi5jbHMtMXtmaWxsOm5vbmU7fS5jbHMtMntjbGlwLXBhdGg6dXJsKCNjbGlwLXBhdGgpO30uY2xzLTN7ZmlsbDojZjdkMTg2O30uY2xzLTR7Y2xpcC1wYXRoOnVybCgjY2xpcC1wYXRoLTIpO30uY2xzLTV7aXNvbGF0aW9uOmlzb2xhdGU7fS5jbHMtNntjbGlwLXBhdGg6dXJsKCNjbGlwLXBhdGgtMyk7fS5jbHMtN3tjbGlwLXBhdGg6dXJsKCNjbGlwLXBhdGgtNCk7fS5jbHMtOHtjbGlwLXBhdGg6dXJsKCNjbGlwLXBhdGgtNSk7fS5jbHMtOXtmaWxsOiNmZmNkM2M7fS5jbHMtMTB7Y2xpcC1wYXRoOnVybCgjY2xpcC1wYXRoLTcpO30uY2xzLTExe2NsaXAtcGF0aDp1cmwoI2NsaXAtcGF0aC04KTt9LmNscy0xMntmaWxsOiNmMzgwN2I7fS5jbHMtMTN7Y2xpcC1wYXRoOnVybCgjY2xpcC1wYXRoLTExKTt9LmNscy0xNHtjbGlwLXBhdGg6dXJsKCNjbGlwLXBhdGgtMTIpO30uY2xzLTE1e2ZpbGw6IzM1ZDBiYTt9LmNscy0xNntjbGlwLXBhdGg6dXJsKCNjbGlwLXBhdGgtMTQpO30uY2xzLTE3e2ZpbGw6I2Q4YWU2NDt9PC9zdHlsZT48Y2xpcFBhdGggaWQ9ImNsaXAtcGF0aCI+PHBhdGggY2xhc3M9ImNscy0xIiBkPSJNNDQ3LjczLDMwOS43OGE0Ni43NTk4MSw0Ni43NTk4MSwwLDAsMC00Ni43Niw0Ni43NlY3OTYuNThhNDYuNzYsNDYuNzYsMCwwLDAsOTMuNTIsMFYzNTYuNTVhNDYuNzU1NTUsNDYuNzU1NTUsMCwwLDAtNDYuNzYtNDYuNzciLz48L2NsaXBQYXRoPjxjbGlwUGF0aCBpZD0iY2xpcC1wYXRoLTIiPjxwYXRoIGNsYXNzPSJjbHMtMSIgZD0iTTI2My42MiwyMzQuNTRxLS4xOTUsNC4zMDUtLjIsOC42OGMwLDMuMTkuMDcsNi4zNS4yNCw5LjUtLjA3LDEuNTUtLjI0LDMuMDgtLjI0LDQuNjZWNTYzLjU2YzAsNTguNTUsNDcuOTEsMTA2LjQ2LDEwNi40NiwxMDYuNDZINTMwLjFjNTguNTYsMCwxMDYuNDYtNDcuOTEsMTA2LjQ2LTEwNi40NlYyNTcuMzdjMC0xLjc4LS4xOC0zLjUxLS4yOC01LjI2LjE0LTIuOTUuMjItNS45Mi4yMi04Ljg5LDAtMi45Mi0uMDctNS44LS4yLTguNjhDNjMxLjgsMTM1LjUzLDU1MC4xLDU2LjY2LDQ0OS45OCw1Ni42NiwzNDkuODUsNTYuNjYsMjY4LjE0LDEzNS41MywyNjMuNjIsMjM0LjU0WiIvPjwvY2xpcFBhdGg+PGNsaXBQYXRoIGlkPSJjbGlwLXBhdGgtMyI+PHJlY3QgY2xhc3M9ImNscy0xIiB4PSIxNDIuMzIwMDEiIHk9Ijk3LjA1IiB3aWR0aD0iNjA2LjEwOTk5IiBoZWlnaHQ9IjYwNi4xMDk5NyIvPjwvY2xpcFBhdGg+PGNsaXBQYXRoIGlkPSJjbGlwLXBhdGgtNCI+PHJlY3QgY2xhc3M9ImNscy0xIiB4PSIxMjEuNDUxNjciIHk9IjMwNS42OTEyIiB3aWR0aD0iNjU0LjM3MzcyIiBoZWlnaHQ9IjE5NS41MTgxNCIgdHJhbnNmb3JtPSJ0cmFuc2xhdGUoLTE1My44NzkyNCA0MzUuNDAzMikgcm90YXRlKC00NSkiLz48L2NsaXBQYXRoPjxjbGlwUGF0aCBpZD0iY2xpcC1wYXRoLTUiPjxyZWN0IGNsYXNzPSJjbHMtMSIgeD0iMjYwLjkxIiB5PSI1MC45Mjk5NyIgd2lkdGg9IjM4Mi4xMTAwMiIgaGVpZ2h0PSI2MTkuMjg5OTciLz48L2NsaXBQYXRoPjxjbGlwUGF0aCBpZD0iY2xpcC1wYXRoLTciPjxyZWN0IGNsYXNzPSJjbHMtMSIgeD0iLTIyLjM4IiB5PSItNjcuNjYiIHdpZHRoPSI2MzkuMDQ5OTgiIGhlaWdodD0iNjM5LjA1MDAyIi8+PC9jbGlwUGF0aD48Y2xpcFBhdGggaWQ9ImNsaXAtcGF0aC04Ij48cmVjdCBjbGFzcz0iY2xzLTEiIHg9Ii0zMi45NTA0NCIgeT0iMTI4LjM4NDMiIHdpZHRoPSI2NTQuMzgzNyIgaGVpZ2h0PSIyNDEuMTc3NjciIHRyYW5zZm9ybT0idHJhbnNsYXRlKC04OS44NjkyOCAyODAuOTgyNjQpIHJvdGF0ZSgtNDUpIi8+PC9jbGlwUGF0aD48Y2xpcFBhdGggaWQ9ImNsaXAtcGF0aC0xMSI+PHJlY3QgY2xhc3M9ImNscy0xIiB4PSIyODAuNjcwMDEiIHk9IjIzNS4zOTk5OSIgd2lkdGg9IjYwNi4xMTAwMiIgaGVpZ2h0PSI2MDYuMTEwMDIiLz48L2NsaXBQYXRoPjxjbGlwUGF0aCBpZD0iY2xpcC1wYXRoLTEyIj48cmVjdCBjbGFzcz0iY2xzLTEiIHg9IjI1OC43NzkwMSIgeT0iNDQzLjc5MTAxIiB3aWR0aD0iNjU0LjM5MTk3IiBoZWlnaHQ9IjE5My44MTc5OCIgdHJhbnNmb3JtPSJ0cmFuc2xhdGUoLTIxMC43MDQxOCA1NzIuNzIyOTMpIHJvdGF0ZSgtNDUuMDAwNjIpIi8+PC9jbGlwUGF0aD48Y2xpcFBhdGggaWQ9ImNsaXAtcGF0aC0xNCI+PHBvbHlnb24gY2xhc3M9ImNscy0xIiBwb2ludHM9IjQxMi45NiA2NzAuMDEgNDk0LjUgNzUyLjkgNDk0LjUgNjcwLjAxIDQxMi45NiA2NzAuMDEiLz48L2NsaXBQYXRoPjwvZGVmcz48ZyBjbGFzcz0iY2xzLTIiPjxyZWN0IGNsYXNzPSJjbHMtMyIgeD0iMzY4LjAzIiB5PSIyNzYuODQiIHdpZHRoPSIxNTkuNDEiIGhlaWdodD0iNTk5LjQ0MDAzIi8+PC9nPjxnIGNsYXNzPSJjbHMtNCI+PGcgY2xhc3M9ImNscy01Ij48ZyBjbGFzcz0iY2xzLTYiPjxnIGNsYXNzPSJjbHMtNyI+PGcgY2xhc3M9ImNscy04Ij48cmVjdCBjbGFzcz0iY2xzLTkiIHg9IjExNS42NSIgeT0iNzAuMzY5OTciIHdpZHRoPSI2NjUuNjYiIGhlaWdodD0iNjY1LjY1OTk3Ii8+PC9nPjwvZz48L2c+PC9nPjwvZz48ZyBjbGFzcz0iY2xzLTQiPjxnIGNsYXNzPSJjbHMtNSI+PGcgY2xhc3M9ImNscy0xMCI+PGcgY2xhc3M9ImNscy0xMSI+PGcgY2xhc3M9ImNscy04Ij48cmVjdCBjbGFzcz0iY2xzLTEyIiB4PSItNTUuMzI5OTkiIHk9Ii0xMDAuNjAwMDEiIHdpZHRoPSI2OTkuMTQiIGhlaWdodD0iNjk5LjE0MDA0Ii8+PC9nPjwvZz48L2c+PC9nPjwvZz48ZyBjbGFzcz0iY2xzLTQiPjxnIGNsYXNzPSJjbHMtNSI+PGcgY2xhc3M9ImNscy0xMyI+PGcgY2xhc3M9ImNscy0xNCI+PGcgY2xhc3M9ImNscy04Ij48cmVjdCBjbGFzcz0iY2xzLTE1IiB4PSIyNTMuMTQiIHk9IjIwNy44NyIgd2lkdGg9IjY2NS42NTk5OSIgaGVpZ2h0PSI2NjUuNjU5OTciLz48L2c+PC9nPjwvZz48L2c+PC9nPjxnIGNsYXNzPSJjbHMtMTYiPjxyZWN0IGNsYXNzPSJjbHMtMTciIHg9IjM4MC42OSIgeT0iNjM2LjkwOTk3IiB3aWR0aD0iMTQ3LjAyOTk3IiBoZWlnaHQ9IjE0Ny42Njk5OCIvPjwvZz48L3N2Zz4=
+  longDescription: Crossplane is an open source Kubernetes extension that transforms
+    your Kubernetes cluster into a universal control plane. Crossplane lets you manage
+    anything, anywhere, all through standard Kubernetes APIs.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Transform your Kubernetes cluster into a universal control plane.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-crossplane
+    for community support.
diff --git a/repo/packages/dependency-track.packages.kadras.io/4.13.4.yml b/repo/packages/dependency-track.packages.kadras.io/4.13.4.yml
new file mode 100644
index 0000000..faa8fc4
--- /dev/null
+++ b/repo/packages/dependency-track.packages.kadras.io/4.13.4.yml
@@ -0,0 +1,211 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: dependency-track.packages.kadras.io.4.13.4
+spec:
+  licenses:
+  - Apache 2.0
+  refName: dependency-track.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-dependency-track/releases
+  releasedAt: "2025-09-15T15:45:57Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-dependency-track@sha256:8572050568c80b0b94fb93df767bc7d5eeecd3ac0fd847af8dd1d743538f1eab
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        api_server:
+          additionalProperties: false
+          description: Settings for the API Server component.
+          properties:
+            logging:
+              additionalProperties: false
+              description: Settings for logging.
+              properties:
+                format:
+                  default: console
+                  description: 'Log encoding format. Options: `console`, `json`.'
+                  enum:
+                  - console
+                  - json
+                  type: string
+                level:
+                  default: info
+                  description: 'Log verbosity level. Options: `trace`, `debug`, `info`,
+                    `warn`, `error`.'
+                  enum:
+                  - trace
+                  - debug
+                  - info
+                  - warn
+                  - error
+                  type: string
+              type: object
+            metrics:
+              additionalProperties: false
+              description: Settings for metrics.
+              properties:
+                enabled:
+                  default: true
+                  description: Whether to enable the generation of Prometheus metrics.
+                  type: boolean
+              type: object
+            resources:
+              additionalProperties: false
+              description: Resource configuration for the API Server component.
+              properties:
+                limits:
+                  additionalProperties: false
+                  properties:
+                    cpu:
+                      default: "4"
+                      description: CPU limits configuration for the API Server component.
+                      type: string
+                    memory:
+                      default: 5Gi
+                      description: Memory limits configuration for the API Server
+                        component.
+                      type: string
+                  type: object
+                requests:
+                  additionalProperties: false
+                  properties:
+                    cpu:
+                      default: "0.5"
+                      description: CPU requests configuration for the API Server component.
+                      type: string
+                    memory:
+                      default: 5Gi
+                      description: Memory requests configuration for the API Server
+                        component.
+                      type: string
+                  type: object
+              type: object
+            storage:
+              additionalProperties: false
+              description: Storage configuration for the API Server component.
+              properties:
+                class_name:
+                  default: ""
+                  description: Class name for the PersistenceVolume to create.
+                  type: string
+                size:
+                  default: 1Gi
+                  description: Size of the PersistenceVolume to create.
+                  type: string
+              type: object
+          type: object
+        domain_name:
+          default: ""
+          description: Domain name for Dependency Track. It must be a valid DNS name.
+          minLength: 4
+          type: string
+        frontend:
+          additionalProperties: false
+          description: Settings for the Frontend component.
+          properties:
+            replicas:
+              default: 1
+              description: The number of Frontend replicas. In order to enable high
+                availability, it should be greater than 1.
+              minimum: 1
+              type: integer
+            resources:
+              additionalProperties: false
+              description: Resource configuration for the Frontend component.
+              properties:
+                limits:
+                  additionalProperties: false
+                  properties:
+                    cpu:
+                      default: 500m
+                      description: CPU limits configuration for the Frontend component.
+                      type: string
+                    memory:
+                      default: 128Mi
+                      description: Memory limits configuration for the Frontend component.
+                      type: string
+                  type: object
+                requests:
+                  additionalProperties: false
+                  properties:
+                    cpu:
+                      default: 150m
+                      description: CPU requests configuration for the Frontend component.
+                      type: string
+                    memory:
+                      default: 64Mi
+                      description: Memory requests configuration for the Frontend
+                        component.
+                      type: string
+                  type: object
+              type: object
+          type: object
+        ingress_issuer:
+          default: ""
+          description: A reference to the ClusterIssuer to use for enabling TLS in
+            Dependency Track.
+          example: kadras-ca-issuer
+          minLength: 4
+          type: string
+          x-example-description: Kadras private CA
+        postgresql:
+          additionalProperties: false
+          description: Settings for the PostgreSQL database.
+          properties:
+            instances:
+              default: 1
+              description: Number of instances for the PostgreSQL database cluster.
+                Define at least 3 for production scenarios.
+              minimum: 1
+              type: integer
+            storage:
+              additionalProperties: false
+              description: Storage configuration for each PostgreSQL instance.
+              properties:
+                size:
+                  default: 1Gi
+                  description: Size of the PersistenceVolume to create for each PostgreSQL
+                    instance.
+                  type: string
+              type: object
+          type: object
+        proxy:
+          additionalProperties: false
+          description: Settings for the corporate proxy.
+          properties:
+            http_proxy:
+              default: ""
+              description: The HTTP proxy to use for network traffic.
+              type: string
+            https_proxy:
+              default: ""
+              description: The HTTPS proxy to use for network traffic.
+              type: string
+            no_proxy:
+              default: ""
+              description: A comma-separated list of hostnames, IP addresses, or IP
+                ranges in CIDR format that should not use the proxy.
+              type: string
+          type: object
+        system_requirement_check:
+          default: true
+          description: Whether Dependency Track will check for memory and CPU requirements
+            at startup time.
+          type: boolean
+      type: object
+  version: 4.13.4
diff --git a/repo/packages/dependency-track.packages.kadras.io/metadata.yml b/repo/packages/dependency-track.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..972b733
--- /dev/null
+++ b/repo/packages/dependency-track.packages.kadras.io/metadata.yml
@@ -0,0 +1,25 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: dependency-track.packages.kadras.io
+spec:
+  categories:
+  - supply-chain
+  - security
+  displayName: dependency-track
+  longDescription: Dependency-Track is an intelligent Component Analysis platform
+    that allows organizations to identify and reduce risk in the software supply chain.
+    Dependency-Track takes a unique and highly beneficial approach by leveraging the
+    capabilities of Software Bill of Materials (SBOM). This approach provides capabilities
+    that traditional Software Composition Analysis (SCA) solutions cannot achieve.
+    Dependency-Track monitors component usage across all versions of every application
+    in its portfolio in order to proactively identify risk across an organization.
+    The platform has an API-first design and is ideal for use in CI/CD environments.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Dependency Track is a continuous SBOM Analysis Platform for managing
+    software supply chain security risks.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-dependency-track
+    for community support.
diff --git a/repo/packages/developer-portal.packages.kadras.io/0.8.0.yml b/repo/packages/developer-portal.packages.kadras.io/0.8.0.yml
new file mode 100644
index 0000000..11223c1
--- /dev/null
+++ b/repo/packages/developer-portal.packages.kadras.io/0.8.0.yml
@@ -0,0 +1,681 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: developer-portal.packages.kadras.io.0.8.0
+spec:
+  refName: developer-portal.packages.kadras.io
+  releasedAt: "2025-09-24T16:17:36Z"
+  template:
+    spec:
+      deploy:
+      - kapp:
+          intoNs: backstage
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-developer-portal@sha256:b455104c820ab67c804113843d00528eac7ac6f1bf2abfc9140db15ff6a01d36
+      template:
+      - helmTemplate:
+          name: backstage
+          namespace: backstage
+          path: config/helm/upstream/backstage
+          valuesFrom:
+          - path: config/helm/values.yml
+      - ytt:
+          ignoreUnknownComments: true
+          paths:
+          - '-'
+          - config/carvel
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      properties:
+        backstage:
+          description: Backstage parameters @default -- See below
+          properties:
+            affinity:
+              default: {}
+              description: 'Affinity for pod assignment <br /> Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity'
+              type: object
+            annotations:
+              default: {}
+              description: Additional custom annotations for the `Deployment` resource
+              type: object
+            appConfig:
+              default: {}
+              description: 'Allows to define the appConfig as a multiline string that
+                generates a ConfigMap automatically, not requiring to have it pre
+                provisioned as with the extraAppConfig key. DO NOT USE if you need
+                to put sensitive data in the appConfig. E.g: appConfig:   app:     baseUrl:
+                https://somedomain.tld -- Generates ConfigMap and configures it in
+                the Backstage pods'
+              type: object
+            args:
+              default: []
+              description: Backstage container command arguments
+              items: {}
+              type: array
+            autoscaling:
+              description: 'Autoscaling configuration. <br /> Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/'
+              properties:
+                enabled:
+                  default: false
+                  type: boolean
+                maxReplicas:
+                  default: 100
+                  type: integer
+                minReplicas:
+                  default: 1
+                  type: integer
+                targetCPUUtilizationPercentage:
+                  default: 80
+                  type: integer
+              type: object
+            command:
+              default: []
+              description: Backstage container command
+              items:
+                default: node
+                type: string
+              type: array
+            containerPorts:
+              description: Container ports on the Deployment
+              properties:
+                backend:
+                  default: 7007
+                  type: integer
+              type: object
+            containerSecurityContext:
+              default: {}
+              description: 'Security settings for a Container. <br /> Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container'
+              type: object
+            extraAppConfig:
+              default: []
+              description: Extra app configuration files to inline into command arguments
+              items: {}
+              type: array
+            extraContainers:
+              default: []
+              description: Deployment sidecars
+              items: {}
+              type: array
+            extraEnvVars:
+              default: []
+              description: Backstage container environment variables
+              items: {}
+              type: array
+            extraEnvVarsCM:
+              default: []
+              description: Backstage container environment variables from existing
+                ConfigMaps
+              items: {}
+              type: array
+            extraEnvVarsSecrets:
+              default: []
+              description: Backstage container environment variables from existing
+                Secrets
+              items: {}
+              type: array
+            extraPorts:
+              default: []
+              description: Backstage container additional ports
+              items: {}
+              type: array
+            extraVolumeMounts:
+              default: []
+              description: Backstage container additional volume mounts
+              items: {}
+              type: array
+            extraVolumes:
+              default: []
+              description: Backstage container additional volumes
+              items: {}
+              type: array
+            hostAliases:
+              default: []
+              description: 'Host Aliases for the pod <br /> Ref: https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/'
+              items: {}
+              type: array
+            image:
+              properties:
+                digest:
+                  default: ""
+                  description: Backstage image digest (digest takes precedence over
+                    image tag)
+                  type: string
+                pullPolicy:
+                  default: Always
+                  description: 'Specify a imagePullPolicy. Defaults to ''Always''
+                    if image tag is ''latest'', else set to ''IfNotPresent'' <br />
+                    Ref: https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy'
+                  type: string
+                pullSecrets:
+                  default: []
+                  description: 'Optionally specify an array of imagePullSecrets.  Secrets
+                    must be manually created in the namespace. <br /> Ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+                    <br /> E.g: `pullSecrets: [myRegistryKeySecretName]`'
+                  items: {}
+                  type: array
+                registry:
+                  default: ghcr.io
+                  description: Backstage image registry
+                  type: string
+                repository:
+                  default: backstage/backstage
+                  description: Backstage image repository
+                  type: string
+                tag:
+                  default: latest
+                  description: Backstage image tag (immutable tags are recommended)
+                  type: string
+              type: object
+            initContainers:
+              default: []
+              description: Backstage container init containers
+              items: {}
+              type: array
+            installDir:
+              default: /app
+              description: Directory containing the backstage installation
+              type: string
+            livenessProbe:
+              description: 'Liveness Probe Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes
+                <!-- E.g. livenessProbe:   failureThreshold: 3   httpGet:     path:
+                /.backstage/health/v1/liveness     port: 7007     scheme: HTTP   initialDelaySeconds:
+                60   periodSeconds: 10   successThreshold: 1   timeoutSeconds: 2'
+              properties:
+                httpGet:
+                  properties:
+                    path:
+                      default: /.backstage/health/v1/liveness
+                      type: string
+                    port:
+                      default: 7007
+                      type: integer
+                    scheme:
+                      default: HTTP
+                      type: string
+                  type: object
+              type: object
+            nodeSelector:
+              default: {}
+              description: 'Node labels for pod assignment <br /> Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector'
+              type: object
+            pdb:
+              description: 'Pod Disruption Budget configuration ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/'
+              properties:
+                create:
+                  default: false
+                  type: boolean
+                maxUnavailable:
+                  default: ""
+                  type: string
+                minAvailable:
+                  default: ""
+                  type: string
+              type: object
+            podAnnotations:
+              default: {}
+              description: Annotations to add to the backend deployment pods
+              type: object
+            podLabels:
+              default: {}
+              description: Labels to add to the backend deployment pods
+              type: object
+            podSecurityContext:
+              default: {}
+              description: 'Security settings for a Pod.  The security settings that
+                you specify for a Pod apply to all Containers in the Pod. <br /> Ref:
+                https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod'
+              type: object
+            readinessProbe:
+              description: 'Readiness Probe Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes
+                <!-- E.g. readinessProbe:   failureThreshold: 3   httpGet:     path:
+                /.backstage/health/v1/readiness     port: 7007     scheme: HTTP   initialDelaySeconds:
+                30   periodSeconds: 10   successThreshold: 2   timeoutSeconds: 2'
+              properties:
+                httpGet:
+                  properties:
+                    path:
+                      default: /.backstage/health/v1/readiness
+                      type: string
+                    port:
+                      default: 7007
+                      type: integer
+                    scheme:
+                      default: HTTP
+                      type: string
+                  type: object
+              type: object
+            replicas:
+              default: 1
+              description: Number of deployment replicas
+              type: integer
+            resources:
+              default: {}
+              description: 'Resource requests/limits <br /> Ref: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-requests-and-limits-of-pod-and-container
+                <!-- E.g. resources:   limits:     memory: 1Gi     cpu: 1000m   requests:     memory:
+                250Mi     cpu: 100m -->'
+              type: object
+            revisionHistoryLimit:
+              default: 10
+              description: Define the [count of deployment revisions](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#clean-up-policy)
+                to be kept. May be set to 0 in case of GitOps deployment approach.
+              type: integer
+            startupProbe:
+              description: 'Startup Probe Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes
+                <!-- E.g. startupProbe:   failureThreshold: 3   httpGet:     path:
+                /.backstage/health/v1/liveness     port: 7007     scheme: HTTP   initialDelaySeconds:
+                60   periodSeconds: 10   successThreshold: 1   timeoutSeconds: 2'
+              properties:
+                httpGet:
+                  properties:
+                    path:
+                      default: /.backstage/health/v1/liveness
+                      type: string
+                    port:
+                      default: 7007
+                      type: integer
+                    scheme:
+                      default: HTTP
+                      type: string
+                  type: object
+              type: object
+            tolerations:
+              default: []
+              description: 'Node tolerations for server scheduling to nodes with taints
+                <br /> Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/'
+              items: {}
+              type: array
+            topologySpreadConstraints:
+              default: []
+              description: 'Topology Spread Constraints for pod assignment <br />
+                Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#pod-topology-spread-constraints'
+              items: {}
+              type: array
+          type: object
+        clusterDomain:
+          default: cluster.local
+          description: Default Kubernetes cluster domain
+          type: string
+        commonAnnotations:
+          default: {}
+          description: Annotations to add to all deployed objects
+          type: object
+        commonLabels:
+          default: {}
+          description: Labels to add to all deployed objects
+          type: object
+        diagnosticMode:
+          description: Enable diagnostic mode in the Deployment
+          properties:
+            args:
+              default: []
+              description: Args to override all containers in the Deployment
+              items:
+                default: infinity
+                type: string
+              type: array
+            command:
+              default: []
+              description: Command to override all containers in the Deployment
+              items:
+                default: sleep
+                type: string
+              type: array
+            enabled:
+              default: false
+              description: Enable diagnostic mode (all probes will be disabled and
+                the command will be overridden)
+              type: boolean
+          type: object
+        extraDeploy:
+          default: []
+          description: Array of extra objects to deploy with the release
+          items: {}
+          type: array
+        fullnameOverride:
+          default: ""
+          description: String to fully override common.names.fullname
+          type: string
+        global:
+          description: 'Global parameters Global Docker image parameters Please, note
+            that this will override the image parameters, including dependencies,
+            configured to use the global value Current available global Docker image
+            parameters: imageRegistry, imagePullSecrets and storageClass @default
+            -- See below'
+          properties:
+            imagePullSecrets:
+              default: []
+              description: 'Global Docker registry secret names as an array </br>
+                E.g. `imagePullSecrets: [myRegistryKeySecretName]`'
+              items: {}
+              type: array
+            imageRegistry:
+              default: ""
+              description: Global Docker image registry
+              type: string
+          type: object
+        ingress:
+          description: Ingress parameters
+          properties:
+            annotations:
+              default: {}
+              description: Additional annotations for the Ingress resource
+              type: object
+            className:
+              default: ""
+              description: Name of the IngressClass cluster resource which defines
+                which controller will implement the resource (e.g nginx)
+              type: string
+            enabled:
+              default: false
+              description: Enable the creation of the ingress resource
+              type: boolean
+            extraHosts:
+              default: []
+              description: 'List of additional hostnames to be covered with this ingress
+                record (e.g. a CNAME) <!-- E.g. extraHosts:   - name: backstage.env.example.com     path:
+                / (Optional)     pathType: Prefix (Optional)     port: 7007 (Optional)
+                -->'
+              items: {}
+              type: array
+            extraTls:
+              default: []
+              description: 'The TLS configuration for additional hostnames to be covered
+                with this ingress record. <br /> Ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
+                <!-- E.g. extraTls:   - hosts:     - backstage.env.example.com     secretName:
+                backstage-env -->'
+              items: {}
+              type: array
+            host:
+              default: ""
+              description: 'Hostname to be used to expose the route to access the
+                backstage application (e.g: backstage.IP.nip.io)'
+              type: string
+            path:
+              default: /
+              description: 'Path to be used to expose the full route to access the
+                backstage application (e.g: IP.nip.io/backstage)'
+              type: string
+            tls:
+              description: Ingress TLS parameters
+              properties:
+                enabled:
+                  default: false
+                  description: Enable TLS configuration for the host defined at `ingress.host`
+                    parameter
+                  type: boolean
+                secretName:
+                  default: ""
+                  description: The name to which the TLS Secret will be called
+                  type: string
+              type: object
+          type: object
+        kubeVersion:
+          default: ""
+          description: |-
+            Common parameters
+             -- Override Kubernetes version
+          type: string
+        metrics:
+          description: Metrics configuration
+          properties:
+            serviceMonitor:
+              description: ServiceMonitor configuration <br /> Allows configuring
+                your backstage instance as a scrape target for [Prometheus](https://github.com/prometheus/prometheus)
+                using a ServiceMonitor custom resource that [Prometheus Operator](https://github.com/prometheus-operator/prometheus-operator)
+                can understand.
+              properties:
+                annotations:
+                  default: {}
+                  description: ServiceMonitor annotations
+                  type: object
+                enabled:
+                  default: false
+                  description: If enabled, a ServiceMonitor resource for Prometheus
+                    Operator is created <br /> Prometheus Operator must be installed
+                    in your cluster prior to enabling.
+                  type: boolean
+                interval:
+                  description: ServiceMonitor scrape interval
+                  oneOf:
+                  - default: null
+                    nullable: true
+                    type: integer
+                  - default: null
+                    nullable: true
+                    type: number
+                  - default: null
+                    nullable: true
+                    type: boolean
+                  - default: null
+                    nullable: true
+                    type: string
+                  - default: null
+                    nullable: true
+                    type: object
+                  - default: null
+                    items: {}
+                    nullable: true
+                    type: array
+                labels:
+                  default: {}
+                  description: Additional ServiceMonitor labels
+                  type: object
+                path:
+                  default: /metrics
+                  description: ServiceMonitor endpoint path <br /> Note that the /metrics
+                    endpoint is NOT present in a freshly scaffolded Backstage app.
+                    To setup, follow the [Prometheus metrics tutorial](https://github.com/backstage/backstage/blob/master/contrib/docs/tutorials/prometheus-metrics.md).
+                  type: string
+                port:
+                  default: http-backend
+                  description: ServiceMonitor endpoint port <br /> The port where
+                    the metrics are exposed. If using OpenTelemetry as [documented
+                    here](https://backstage.io/docs/tutorials/setup-opentelemetry/),
+                    then the port needs to be explicitly specified. OpenTelemetry's
+                    default port is 9464.
+                  type: string
+              type: object
+          type: object
+        nameOverride:
+          default: ""
+          description: String to partially override common.names.fullname
+          type: string
+        networkPolicy:
+          description: '@section NetworkPolicy parameters'
+          properties:
+            egressRules:
+              description: Egress Rules
+              properties:
+                customRules:
+                  default: []
+                  description: Additional custom egress rules
+                  items: {}
+                  type: array
+                denyConnectionsToExternal:
+                  default: false
+                  description: Deny external connections. Should not be enabled when
+                    working with an external database.
+                  type: boolean
+              type: object
+            enabled:
+              default: false
+              description: Specifies whether a NetworkPolicy should be created
+              type: boolean
+            ingressRules:
+              description: Ingress Rules
+              properties:
+                customRules:
+                  default: []
+                  description: Additional custom ingress rules
+                  items: {}
+                  type: array
+                namespaceSelector:
+                  default: {}
+                  description: Namespace selector label allowed to access the Backstage
+                    instance
+                  type: object
+                podSelector:
+                  default: {}
+                  description: Pod selector label allowed to access the Backstage
+                    instance
+                  type: object
+              type: object
+          type: object
+        postgresql:
+          description: PostgreSQL [chart configuration](https://github.com/bitnami/charts/blob/master/bitnami/postgresql/values.yaml)
+            @default -- See below
+          properties:
+            architecture:
+              default: standalone
+              description: PostgreSQL architecture (`standalone` or `replication`)
+              type: string
+            auth:
+              description: The authentication details of the Postgres database
+              properties:
+                existingSecret:
+                  default: ""
+                  description: Name of existing secret to use for PostgreSQL credentials
+                  type: string
+                password:
+                  default: ""
+                  description: Password for the custom user to create
+                  type: string
+                secretKeys:
+                  description: The secret keys Postgres will look for to retrieve
+                    the relevant password
+                  properties:
+                    adminPasswordKey:
+                      default: admin-password
+                      description: The key in which Postgres will look for, for the
+                        admin password, in the existing Secret
+                      type: string
+                    replicationPasswordKey:
+                      default: replication-password
+                      description: The key in which Postgres will look for, for the
+                        replication password, in the existing Secret
+                      type: string
+                    userPasswordKey:
+                      default: user-password
+                      description: The key in which Postgres will look for, for the
+                        user password, in the existing Secret
+                      type: string
+                  type: object
+                username:
+                  default: bn_backstage
+                  description: Name for a custom user to create
+                  type: string
+              type: object
+            enabled:
+              default: false
+              description: Switch to enable or disable the PostgreSQL helm chart
+              type: boolean
+          type: object
+        service:
+          description: |-
+            @section Traffic Exposure parameters
+             Service parameters -- Service parameters @default -- See below
+          properties:
+            annotations:
+              default: {}
+              description: Additional custom annotations for Backstage service
+              type: object
+            clusterIP:
+              default: ""
+              description: 'Backstage service Cluster IP <br /> E.g `clusterIP: None`'
+              type: string
+            externalTrafficPolicy:
+              default: Cluster
+              description: 'Backstage service external traffic policy Ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip'
+              type: string
+            extraPorts:
+              default: []
+              description: Extra ports to expose in the Backstage service (normally
+                used with the `sidecar` value)
+              items: {}
+              type: array
+            ipFamilies:
+              default: []
+              description: 'IP Families <br /> Ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack'
+              items: {}
+              type: array
+            ipFamilyPolicy:
+              default: ""
+              description: 'IP Family Policy <br /> Ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack'
+              type: string
+            loadBalancerIP:
+              default: ""
+              description: 'Backstage service Load Balancer IP <br /> Ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer'
+              type: string
+            loadBalancerSourceRanges:
+              default: []
+              description: 'Load Balancer sources <br /> Ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer
+                <br /> E.g `loadBalancerSourceRanges: [10.10.10.0/24]`'
+              items: {}
+              type: array
+            nodePorts:
+              description: Node port for the Backstage client connections Choose port
+                between `30000-32767`
+              properties:
+                backend:
+                  default: ""
+                  type: string
+              type: object
+            ports:
+              description: Backstage svc port for client connections
+              properties:
+                backend:
+                  default: 7007
+                  type: integer
+                name:
+                  default: http-backend
+                  description: Backstage svc port name
+                  type: string
+                targetPort:
+                  default: backend
+                  description: Backstage svc target port referencing receiving pod
+                    container port
+                  type: string
+              type: object
+            sessionAffinity:
+              default: None
+              description: 'Control where client requests go, to the same pod or round-robin
+                (values: `ClientIP` or `None`) <br /> Ref: https://kubernetes.io/docs/concepts/services-networking/service/#session-stickiness'
+              type: string
+            type:
+              default: ClusterIP
+              description: Kubernetes Service type
+              type: string
+          type: object
+        serviceAccount:
+          description: Service Account Configuration @default -- See below
+          properties:
+            annotations:
+              default: {}
+              description: Additional custom annotations for the ServiceAccount.
+              type: object
+            automountServiceAccountToken:
+              default: true
+              description: Auto-mount the service account token in the pod
+              type: boolean
+            create:
+              default: false
+              description: Enable the creation of a ServiceAccount for Backstage pods
+              type: boolean
+            labels:
+              default: {}
+              description: Additional custom labels to the service ServiceAccount.
+              type: object
+            name:
+              default: ""
+              description: Name of the ServiceAccount to use If not set and `serviceAccount.create`
+                is true, a name is generated
+              type: string
+          type: object
+      type: object
+  version: 0.8.0
diff --git a/repo/packages/developer-portal.packages.kadras.io/metadata.yml b/repo/packages/developer-portal.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..667c92b
--- /dev/null
+++ b/repo/packages/developer-portal.packages.kadras.io/metadata.yml
@@ -0,0 +1,17 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: developer-portal.packages.kadras.io
+spec:
+  categories:
+  - control plane
+  displayName: developer-portal
+  longDescription: Kadras Developer Portal is based on Backstage and supports application
+    developers with paved paths to production on Kubernetes.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Internal developer portal.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-developer-portal
+    for community support.
diff --git a/repo/packages/engineering-platform.packages.kadras.io/0.27.0.yml b/repo/packages/engineering-platform.packages.kadras.io/0.27.0.yml
new file mode 100644
index 0000000..494bf13
--- /dev/null
+++ b/repo/packages/engineering-platform.packages.kadras.io/0.27.0.yml
@@ -0,0 +1,255 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: engineering-platform.packages.kadras.io.0.27.0
+spec:
+  licenses:
+  - Apache 2.0
+  refName: engineering-platform.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/kadras-engineering-platform/releases
+  releasedAt: "2025-09-24T16:27:22Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/kadras-engineering-platform@sha256:478450ba6ff5c780bac64e697df2f66666c8d27a08e66393836839cd0e3a139f
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        cert_manager:
+          default: {}
+          description: Configuration for the Cert Manager package.
+          nullable: true
+        contour:
+          default: {}
+          description: Configuration for the Contour package.
+          nullable: true
+        crossplane:
+          default: {}
+          description: Configuration for the Crossplane package.
+          nullable: true
+        dependency_track:
+          default: {}
+          description: Configuration for the Dependency Track package.
+          nullable: true
+        developer_portal:
+          default: {}
+          description: Configuration for the Developer Portal package.
+          nullable: true
+        flux:
+          default: {}
+          description: Configuration for the Flux package.
+          nullable: true
+        gitops_configurer:
+          default: {}
+          description: Configuration for the GitOps Configurer package.
+          nullable: true
+        knative:
+          additionalProperties: false
+          description: Configuration for Knative related packages.
+          properties:
+            serving:
+              default: {}
+              description: Configuration for the Knative Serving package.
+              nullable: true
+          type: object
+        kyverno:
+          additionalProperties: false
+          description: Configuration for the Kyverno related packages.
+          properties:
+            core:
+              default: {}
+              description: Configuration for the Kyverno package.
+              nullable: true
+          type: object
+        metrics_server:
+          default: {}
+          description: Configuration for the Metrics Server package.
+          nullable: true
+        platform:
+          additionalProperties: false
+          description: Configuration for the platform packages.
+          properties:
+            additional_packages:
+              default: []
+              description: A list of packages to include in the installation.
+              items:
+                default: ""
+                type: string
+              type: array
+            ca_cert_data:
+              default: ""
+              description: PEM-encoded certificate data to trust TLS connections with
+                a custom CA.
+              type: string
+            cosign:
+              additionalProperties: false
+              description: Settings for Cosign, used for signing and verifying OCI
+                artifacts.
+              properties:
+                secret:
+                  additionalProperties: false
+                  description: Configuration for the Secret holding the Cosign key
+                    pair.
+                  properties:
+                    name:
+                      default: ""
+                      description: The name of the Secret holding the Cosign key pair.
+                      type: string
+                    namespace:
+                      default: kadras-system
+                      description: The namespace of the Secret holding the Cosign
+                        key pair.
+                      type: string
+                  type: object
+              type: object
+            excluded_packages:
+              default: []
+              description: A list of packages to exclude from being installed.
+              items:
+                default: ""
+                type: string
+              type: array
+            git:
+              additionalProperties: false
+              description: Settings for the Git server that the platform will use.
+              properties:
+                secret:
+                  additionalProperties: false
+                  description: Configuration for the Secret holding the credentials
+                    to access the Git server.
+                  properties:
+                    name:
+                      default: ""
+                      description: 'The name of the Secret holding the credentials
+                        to access the Git server. The credentials should provide read-only
+                        access to the Git server except when installing the platform
+                        with one of these profiles: `standalone`, `build`.'
+                      type: string
+                    namespace:
+                      default: kadras-system
+                      description: The namespace of the Secret holding the credentials
+                        to access the Git server.
+                      type: string
+                  type: object
+                server:
+                  default: https://github.com
+                  description: The server hosting the Git repositories used by the
+                    plaform.
+                  example: https://github.com
+                  type: string
+                  x-example-description: GitHub
+              type: object
+            ingress:
+              additionalProperties: false
+              description: Setting for the Ingress controller that the platform will
+                use.
+              properties:
+                domain:
+                  default: ""
+                  description: The base domain name the platform will use to configure
+                    the Ingress controller. It must be a valid DNS name.
+                  type: string
+                issuer:
+                  additionalProperties: false
+                  description: A reference to the ClusterIssuer the platform will
+                    use to enable TLS communications.
+                  properties:
+                    email:
+                      default: ""
+                      description: The email address that Let's Encrypt will use to
+                        send info on expiring certificates or other issues. Required
+                        when the type is `letsencrypt_staging` or `letsencrypt`.
+                      type: string
+                    name:
+                      default: ""
+                      description: A reference to a custom ClusterIssuer previously
+                        created on the cluster where the platform will be installed.
+                        Required when the type is `custom`.
+                      type: string
+                    type:
+                      default: private
+                      description: 'The type of ClusterIssuer the platform will use
+                        to enable TLS communications. Options: `private`, `letsencrypt_staging`,
+                        `letsencrypt`, `custom`.'
+                      enum:
+                      - private
+                      - letsencrypt_staging
+                      - letsencrypt
+                      - custom
+                      type: string
+                  type: object
+              type: object
+            namespace:
+              default: kadras-system
+              description: The namespace where to install the platform.
+              type: string
+            oci:
+              additionalProperties: false
+              description: Settings for accessing the OCI registry that the platform
+                will use.
+              properties:
+                pull_secret:
+                  additionalProperties: false
+                  description: Configuration for the Secret holding the credentials
+                    to pull images from the OCI registry.
+                  properties:
+                    name:
+                      default: ""
+                      description: The name of the Secret holding the credentials
+                        to pull images from the OCI registry.
+                      type: string
+                    namespace:
+                      default: kadras-system
+                      description: The namespace of the Secret holding the credentials
+                        to pull images from the OCI registry.
+                      type: string
+                  type: object
+              type: object
+            profile:
+              default: run
+              description: 'The platform profile to install. Options: `standalone`,
+                `run`.'
+              enum:
+              - standalone
+              - run
+              type: string
+          type: object
+        postgresql_operator:
+          default: {}
+          description: Configuration for the PostgreSQL Operator package.
+          nullable: true
+        rabbitmq_operator:
+          default: {}
+          description: Configuration for the RabbitMQ Operator package.
+          nullable: true
+        secretgen_controller:
+          default: {}
+          description: Configuration for the Secretgen Controller package.
+          nullable: true
+        service_binding:
+          default: {}
+          description: Configuration for the Service Binding package.
+          nullable: true
+        tempo_operator:
+          default: {}
+          description: Configuration for the Tempo Operator package.
+          nullable: true
+        workspace_provisioner:
+          default: {}
+          description: Configuration for the Workspace Provisioner package.
+          nullable: true
+      type: object
+  version: 0.27.0
diff --git a/repo/packages/engineering-platform.packages.kadras.io/metadata.yml b/repo/packages/engineering-platform.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..5c24704
--- /dev/null
+++ b/repo/packages/engineering-platform.packages.kadras.io/metadata.yml
@@ -0,0 +1,18 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: engineering-platform.packages.kadras.io
+spec:
+  categories:
+  - internal developer platform
+  - application platform
+  displayName: engineering-platform
+  longDescription: A cloud native platform aimed at supporting application developers
+    with paved paths to production on Kubernetes and shipped as a Carvel package.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Cloud native engineering platform on Kubernetes.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/kadras-engineering-platform
+    for community support.
diff --git a/repo/packages/flux.packages.kadras.io/2.6.4.yml b/repo/packages/flux.packages.kadras.io/2.6.4.yml
new file mode 100644
index 0000000..105657e
--- /dev/null
+++ b/repo/packages/flux.packages.kadras.io/2.6.4.yml
@@ -0,0 +1,107 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: flux.packages.kadras.io.2.6.4
+spec:
+  licenses:
+  - Apache 2.0
+  refName: flux.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-flux/releases
+  releasedAt: "2025-08-14T17:42:46Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-flux@sha256:71304d88eb8251a0db355dc64676d7fd5c1c738d57a3d52b20662e1f0e108d5a
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        logging:
+          additionalProperties: false
+          description: Settings for logging.
+          properties:
+            encoding:
+              default: json
+              description: 'Log encoding format. Options: `console`, `json`.'
+              enum:
+              - console
+              - json
+              type: string
+            level:
+              default: info
+              description: 'Log verbosity level. Options: `trace`, `debug`, `info`,
+                `error`.'
+              enum:
+              - trace
+              - debug
+              - info
+              - error
+              type: string
+          type: object
+        optional_components:
+          additionalProperties: false
+          description: Settings for which Flux optional components to deploy.
+          properties:
+            helm_controller:
+              default: false
+              description: Whether to deploy the Helm Controller.
+              type: boolean
+            image_automation_controller:
+              default: false
+              description: Whether to deploy the Image Automation Controller.
+              type: boolean
+            image_reflector_controller:
+              default: false
+              description: Whether to deploy the Image Reflector Controller.
+              type: boolean
+            kustomize_controller:
+              default: true
+              description: Whether to deploy the Kustomize Controller.
+              type: boolean
+            notification_controller:
+              default: false
+              description: Whether to deploy the Notification Controller.
+              type: boolean
+          type: object
+        policies:
+          additionalProperties: false
+          description: Settings for the Kyverno policies.
+          properties:
+            include:
+              default: false
+              description: Whether to include the out-of-the-box Kyverno policies
+                to validate and secure the package installation.
+              type: boolean
+          type: object
+        proxy:
+          additionalProperties: false
+          description: Settings for the corporate proxy.
+          properties:
+            http_proxy:
+              default: ""
+              description: The HTTP proxy to use for network traffic.
+              type: string
+            https_proxy:
+              default: ""
+              description: The HTTPS proxy to use for network traffic.
+              type: string
+            no_proxy:
+              default: ""
+              description: A comma-separated list of hostnames, IP addresses, or IP
+                ranges in CIDR format that should not use the proxy.
+              type: string
+          type: object
+      type: object
+  version: 2.6.4
diff --git a/repo/packages/flux.packages.kadras.io/metadata.yml b/repo/packages/flux.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..06bd653
--- /dev/null
+++ b/repo/packages/flux.packages.kadras.io/metadata.yml
@@ -0,0 +1,22 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: flux.packages.kadras.io
+spec:
+  categories:
+  - gitops
+  displayName: flux
+  iconSVGBase64: PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHJvbGU9ImltZyIgdmlld0JveD0iNDguMDAgLTIuMjUgMjYyLjUwIDM2NC4wMCI+PGRlZnM+PHN0eWxlPi5jbHMtMXtmaWxsOiMzMjZjZTV9LmNscy0ze2ZpbGw6bm9uZX08L3N0eWxlPjwvZGVmcz48cGF0aCBkPSJNNTkuNzIzOTMgOTcuNzc4NDdhMTAuMTgyNTEgMTAuMTgyNTEgMCAwIDEgMC0xNy4wNzM5M2wxMTQuMDcwMy03NC4xNjAyM2ExMC4xODI1OCAxMC4xODI1OCAwIDAgMSAxMS4xMDAyNCAwbDExNC4wNzAyOSA3NC4xNjAyM2ExMC4xODI1IDEwLjE4MjUgMCAwIDEgMCAxNy4wNzM5NGwtMTE0LjA3MDI5IDc0LjE2MDIxYTEwLjE4MjU0IDEwLjE4MjU0IDAgMCAxLTExLjEwMDI0IDB6IiBjbGFzcz0iY2xzLTEiLz48cGF0aCBmaWxsPSIjYzFkMmY3IiBkPSJNMTk3LjM1NTY1IDExMC44NjZoNy45MTI3N2E2LjAwMzI2IDYuMDAzMjYgMCAwIDAgNS4xOTkwOC05LjAwNWwtMjUuOTIzODEtNDQuOTAyYTYuMDAzNTUgNi4wMDM1NSAwIDAgMC0xMC4zOTgzOCAwbC0yNS45MjQgNDQuOTAyYTYuMDAzMjYgNi4wMDMyNiAwIDAgMCA1LjE5OTA1IDkuMDA1aDcuOTEzYTYuMDAzNCA2LjAwMzQgMCAwIDEgNi4wMDM0MSA2LjAwMzR2NTEuMjU2M2w1LjMxMDM3IDMuNDUyNTJhMTIuMjg3NDMgMTIuMjg3NDMgMCAwIDAgMTMuMzk0NDUgMGw1LjMxMDYyLTMuNDUyNTJ2LTUxLjI1NjI4YTYuMDAzNCA2LjAwMzQgMCAwIDEgNi4wMDM0LTYuMDAzNDF6Ii8+PHBhdGggZD0iTTE3My43OTM0OCAzNTMuMjcxMDhhMTAuMTI4MjggMTAuMTI4MjggMCAwIDAgMy40NTY0MyAxLjQwMmMtMi4xNzU0OS0xLjIzMTItNC4zODcyNy0yLjM3NDI5LTYuNjIyNjktMy40NjAzNnptLTYuNDU2NjctMTYxLjE5NTQ2bC0xMS4zMTU3IDcuMzU2NjFhMTEwLjk5MyAxMTAuOTkzIDAgMCAwIDExLjMxNTcxIDYuNTk5N3ptMjQuMDE1MzcgMjMuNzE2MDdjOS43Mzg1OCAzLjExNTA1IDE5LjgxMzE3IDUuNjQ4NTEgMzAuMTA5NzMgOC4xODY1NSAxMC45MjAzMiAyLjY5MTgyIDIxLjk3MzU1IDUuNDI3MTcgMzIuODE3OTIgOS4wMDgzOWwtMzUuNDE2MDYtMjMuMDI0ODJhMjE1Ljg4MTMzIDIxNS44ODEzMyAwIDAgMS0yNy41MTE2MS05LjQxMDA3em0wIDYyLjE5MTU5di41ODU3N2MwIDIuNTY5MjktMi42ODc4NyA0LjY1MTk1LTYuMDAzMzggNC42NTE5NWgtMTIuMDA4NTVjLTMuMzE1NDkgMC02LjAwMzM4LTIuMDgyNjYtNi4wMDMzOC00LjY1MTk1di02LjYwNDczYy0yNC45MDUzOC02LjQwMjA5LTQ5Ljg3Mjk0LTE0LjQ4NTA2LTcwLjg1OTQ1LTMzLjgyMTFMODEuOTQ4MTkgMjQ3LjU4OWMyMi40Njc2MSAyMi4wNTA5IDUwLjI3ODkzIDI4LjkzMjkxIDc5LjcxNDQxIDM2LjE4ODYgMjcuMTc4NTIgNi42OTg1NiA1NS4xODA1MSAxMy42NTE0NCA3OC42ODU1NyAzMy40NDIyMmwxNC42NzkwNy05LjU0MzM0Yy0xOC41MzE0Mi0xNi41MDQzMS00MC40MDk2Mi0yMy42ODc3OC02My42NzUwNi0yOS42OTMyem0tOTguMDM3NTYgMjIuOTY2MzlsMzguOTA4MjkgMjUuMjk1MjVjMjAuMDY0MzggNS4xMTMzNiA0MC4yMDAyOSAxMS4yNDc3MyA1OC4zMTEgMjMuMzYwNDRsMTQuOTAwMjMtOS42ODdjLTE5Ljc1MTgtMTMuNjcyNC00Mi41NTA1LTE5LjMxMzQtNjYuNDE4ODktMjUuMTk3LTE1LjI4NzA0LTMuNzY3NzktMzAuODM0NzktNy42MTY2LTQ1LjcwMDYzLTEzLjc3MTY5em03NC4wMjIxOS04Mi4yNTQxM2ExMjQuMzE5OSAxMjQuMzE5OSAwIDAgMS0yMS41MzM5Mi0xMi42MjAwNmwtMTQuODA1MzEgOS42MjUyMWExMjQuNTQwNTcgMTI0LjU0MDU3IDAgMCAwIDM2LjMzOTIzIDE4LjcwOHptNTEuNDEwMDYgMTYuMjk0MTJjLTkuMTA2Mi0yLjI0NDc0LTE4LjMwMzYyLTQuNTIzODgtMjcuMzk0NjktNy4yOTg1M3YxMy42ODIwOXE1LjA1MSAxLjI4NTMgMTAuMTc2NzIgMi41MzgxN2MyOS45MzQzOCA3LjM3ODE4IDYwLjg4NzkgMTUuMDA4ODUgODUuNzA3NjcgMzkuODI4NjEuNjA5NzkuNjA5NzkgMS4xNjI2MSAxLjIzOTg5IDEuNzUyIDEuODU3MTVsOS45NzQyNy02LjQ4NDQ1YTEwLjEwNDI1IDEwLjEwNDI1IDAgMCAwIDMuNDc1MjktMy43OTkyOGMtMS4wNjY0NC0xLjE3MjUyLTIuMTQ0LTIuMzQxMzItMy4yODg3NS0zLjQ4NjEyLTIyLjU4NTEzLTIyLjU4NTMtNTAuNjY5MzgtMjkuNTA4NTYtODAuNDAyNTEtMzYuODM3NjR6bS0xOS45MzI5NSAxOS45MzI5OHEtMy43MjIxNy0uOTE3NDctNy40NjE2OC0xLjg1NDg0djEzLjIwOTc0YzI1LjgxNjc2IDYuNTYxODEgNTEuODAyNjMgMTQuNjg4NDMgNzMuNDU1MSAzNS4wNDA2OWwxNC41MjExNC05LjQ0MDU1Yy0uMDM4NTQtLjAzODc1LS4wNzI1Ni0uMDc5MTYtLjExMTMxLS4xMTc5Mi0yMi41ODU0Ni0yMi41ODUyNC01MC42Njk3NS0yOS41MDg0OC04MC40MDMyNS0zNi44MzcxMnptLTMxLjQ3NzExLTguNTg2ODFjLTE2LjI4LTUuMjc4MTMtMzIuMTE3NzctMTIuMzk2ODItNDYuMzQ0LTI0LjEzMDgxbC0xNC42ODE3NiA5LjU0NTFjMTcuODcwMjMgMTUuNTU3MjcgMzguNzg0NCAyMi42NzI2NiA2MS4wMjU3MiAyOC41MDA2OHoiIGNsYXNzPSJjbHMtMyIvPjxwYXRoIGQ9Ik03My4yNDA0OSAyNTQuOTU5NzJjLS4zNDgtLjM0OC0uNjU4NS0uNzA5NDktLjk5OTY3LTEuMDU5NzZsLTEyLjUxNDk1IDguMTM2NDhhMTAuMTY1NDggMTAuMTY1NDggMCAwIDAtMS42NDQyOCAxLjM5NjhjMS4wNTMzNiAxLjE1Njc3IDIuMTE1NjEgMi4zMTAyNCAzLjI0NTQ0IDMuNDQgMjIuNTg1MiAyMi41ODUxOSA1MC42Njk2OCAyOS41MDgzOCA4MC40MDMyMiAzNi44MzY4OCAyNS4zNDI1IDYuMjQ2OTEgNTEuNDAxMTMgMTIuNzE2NjEgNzMuODY0NTQgMjkuNjAyNTNsMTQuODA1NzQtOS42MjU2MmMtMjAuODY0MjQtMTYuNDE5OTMtNDUuNTMwMjEtMjIuNTA4OTEtNzEuNDUyODctMjguODk4LTI5LjkzMzg1LTcuMzc4ODgtNjAuODg3MzgtMTUuMDA5NDQtODUuNzA3MTctMzkuODI5MzF6IiBjbGFzcz0iY2xzLTMiLz48cGF0aCBkPSJNMjE4Ljg2Mzc3IDIwOS45NjE4bC0yNy41MTE1OS0xNy44ODZ2OC40NzU5YTIxNS44OCAyMTUuODggMCAwIDAgMjcuNTExNTkgOS40MTAxem0tMjcuNTExNTkgNS44Mjk4OXYxMS44OTkzOGM5LjA5MTA4IDIuNzc0NzEgMTguMjg4NDkgNS4wNTM4OCAyNy4zOTQ2OSA3LjI5ODUzIDI5LjczMzExIDcuMzI5MDkgNTcuODE3MzggMTQuMjUyMzIgODAuNDAyNjEgMzYuODM3NzMgMS4xNDQ3NCAxLjE0NDc0IDIuMjIyMzIgMi4zMTM1NCAzLjI4ODc1IDMuNDg2MTFhMTAuMTkzMjcgMTAuMTkzMjcgMCAwIDAtMy40NzUzLTEzLjI3NzExbC00NC42ODMxLTI5LjA0OTc2Yy0xMC44NDQzNy0zLjU4MTIxLTIxLjg5NzY4LTYuMzE2NTYtMzIuODE3OTQtOS4wMDgzOC0xMC4yOTY1Ni0yLjUzNzk5LTIwLjM3MTEzLTUuMDcxNDUtMzAuMTA5NzEtOC4xODY1em0tMjQuMDE1MzctOS43NTk2OWExMTAuOTkyOTIgMTEwLjk5MjkyIDAgMCAxLTExLjMxNTcxLTYuNTk5NjlsLTEwLjIxODIxIDYuNjQzMmExMjQuMzE5MzIgMTI0LjMxOTMyIDAgMCAwIDIxLjUzMzkyIDEyLjYyMDA3em0zNC4xOTIxMiAzNy44Nzk0MXEtNS4xMjUyOC0xLjI2MzUyLTEwLjE3NjczLTIuNTM4MTZ2MTEuNjk0NnEzLjczNjg2LjkzOCA3LjQ2MTY4IDEuODU0ODVjMjkuNzMzNTIgNy4zMjg2MyA1Ny44MTc4IDE0LjI1MTg3IDgwLjQwMzE4IDM2LjgzNzA5LjAzODc2LjAzODc2LjA3Mjc3LjA3OTE2LjExMTMyLjExNzkybDkuNjYwMjMtNi4yODA1MWMtLjU4OTQ1LS42MTcyNi0xLjE0MjI1LTEuMjQ3MzMtMS43NTItMS44NTcxNS0yNC44MTk3OC0yNC44MTk3OS01NS43NzMzLTMyLjQ1MDQ4LTg1LjcwNzY4LTM5LjgyODY0em0tMzQuMTkyMTItOS41MDI3MmExMjQuNTQwNTcgMTI0LjU0MDU3IDAgMCAxLTM2LjMzOTIzLTE4LjcwOGwtMTAuMDA0NzMgNi41MDQzNmMxNC4yMjYxMiAxMS43MzQgMzAuMDYzOTMgMTguODUyNjggNDYuMzQ0IDI0LjEzMDh6bTAgMjUuODQyMDNjLTIyLjI0MTMyLTUuODI4LTQzLjE1NTUtMTIuOTQzNDEtNjEuMDI1NzItMjguNTAwNmwtOS44MzM4IDYuMzkzMTVjMjAuOTg2NTIgMTkuMzM2IDQ1Ljk1NDA3IDI3LjQxODkzIDcwLjg1OTQ3IDMzLjgyMTF6bTI0LjAxNTM3IDE3LjczMjU2YzIzLjI2NTQ2IDYuMDA1MzkgNDUuMTQzNjcgMTMuMTg4ODYgNjMuNjc1MDYgMjkuNjkzMTJsOS43OC02LjM1ODIzYy0yMS42NTI0OS0yMC4zNTIyNS00Ny42MzgzNS0yOC40Nzg5My03My40NTUwOS0zNS4wNDA2OHpNODEuOTQ4MTMgMjQ3LjU4OWwtOS43MDcyOSA2LjMxMWMuMzQxMTcuMzUwMzIuNjUxNjYuNzExNzguOTk5NjcgMS4wNTk3NiAyNC44MTk3NyAyNC44MTk3OSA1NS43NzMyOSAzMi40NTA0MyA4NS43MDcwNiAzOS44MjkyNSAyNS45MjI2NiA2LjM4OTA5IDUwLjU4ODYzIDEyLjQ3ODA3IDcxLjQ1Mjg4IDI4Ljg5OGw5Ljk0NzcyLTYuNDY3MjRjLTIzLjUwNTA2LTE5Ljc5MDc4LTUxLjUwNy0yNi43NDM2NS03OC42ODU1Ny0zMy40NDIyMi0yOS40MzU0OC03LjI1NTY5LTU3LjI0NjgtMTQuMTM3Ny03OS43MTQ0Ny0zNi4xODg1NXpNNjEuMzI3IDI2Ni44NzMyMWMtMS4xMjk4My0xLjEyOTgzLTIuMTkyMDktMi4yODMyOC0zLjI0NTQ1LTMuNDRhMTAuMTU0NCAxMC4xNTQ0IDAgMCAwIDEuNjQ0MjggMTUuNjc5NTdsMzMuNTg4NyAyMS44MzY5NGMxNC44NjU4MyA2LjE1NTA5IDMwLjQxMzU5IDEwLjAwMzkgNDUuNzAwNTggMTMuNzcxNjYgMjMuODY4NCA1Ljg4MzU3IDQ2LjY2NzA4IDExLjUyNDY0IDY2LjQxODkgMjUuMTk3bDEwLjE2MDYtNi42MDU3Yy0yMi40NjMzMi0xNi44ODU4Ny00OC41MjItMjMuMzU1NjItNzMuODY0NDctMjkuNjAyNTMtMjkuNzMzNDMtNy4zMjg1MS01Ny44MTc5MS0xNC4yNTE3NS04MC40MDMxNC0zNi44MzY5NHptMTA5LjMwMDI0IDg0LjMzOTQ4YzIuMjM1NCAxLjA4NjEgNC40NDcxOCAyLjIyOTE5IDYuNjIyNjkgMy40NjAzNmExMC4xNjAxMiAxMC4xNjAxMiAwIDAgMCA3LjY0NTQzLTEuNDAybDUuNjM4NTgtMy42NjU3N2MtMTguMTEwNjUtMTIuMTEyNjYtMzguMjQ2NTMtMTguMjQ3LTU4LjMxMDk1LTIzLjM2MDQ0eiIgY2xhc3M9ImNscy0xIi8+PC9zdmc+
+  longDescription: Flux is a tool for keeping Kubernetes clusters in sync with sources
+    of configuration (like Git repositories and OCI artifacts), and automating updates
+    to configuration when there is new code to deploy. It's constructed with the GitOps
+    Toolkit, a set of composable APIs and specialized tools for building continuous
+    deployment on top of Kubernetes.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Flux is a continuous deployment solution for Kubernetes powered
+    by the GitOps Toolkit.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-flux
+    for community support.
diff --git a/repo/packages/gitops-configurer.packages.kadras.io/0.1.0.yml b/repo/packages/gitops-configurer.packages.kadras.io/0.1.0.yml
new file mode 100644
index 0000000..4baffa4
--- /dev/null
+++ b/repo/packages/gitops-configurer.packages.kadras.io/0.1.0.yml
@@ -0,0 +1,79 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: gitops-configurer.packages.kadras.io.0.1.0
+spec:
+  licenses:
+  - Apache 2.0
+  refName: gitops-configurer.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/gitops-configurer/releases
+  releasedAt: "2024-03-11T17:43:26Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/gitops-configurer@sha256:e60a1a8e9cb7f856acc9078f3cdbc9354ab6b18328de9b64155ccd37cb75c224
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        git:
+          additionalProperties: false
+          description: Configuration for synchronizing changes from Git.
+          properties:
+            branch:
+              default: main
+              description: The Git branch to check out and synchronize.
+              type: string
+            path:
+              default: ""
+              description: The path within the Git repository containing the manifests
+                to reconcile with the cluster.
+              type: string
+            secret_name:
+              default: ""
+              description: The name of the Secret in the same namespace holding the
+                credentials to access the Git server. The credentials should provide
+                read-only access to the Git server.
+              type: string
+            url:
+              default: ""
+              description: The URL of the Git repository to synchronize in the cluster.
+              type: string
+          type: object
+        name:
+          default: gitops-configurer
+          description: The name of the GitOps resource.
+          type: string
+        namespace:
+          default: kadras-system
+          description: The namespace where the GitOps resource should be installed.
+          type: string
+        service_account:
+          default: ""
+          description: The `ServiceAccount` used by the GitOps controller to reconcile
+            changes to the cluster.
+          type: string
+        sync_period:
+          default: 1m0s
+          description: 'The interval at which the GitOps controller should synchronize
+            changes from Git. The format is a Go duration string. Example: `1m0s`.'
+          type: string
+        type:
+          default: carvel-app
+          description: 'The type of GitOps controller to use. Options: `carvel-app`,
+            `flux-kustomization`.'
+          type: string
+      type: object
+  version: 0.1.0
diff --git a/repo/packages/gitops-configurer.packages.kadras.io/metadata.yml b/repo/packages/gitops-configurer.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..4503402
--- /dev/null
+++ b/repo/packages/gitops-configurer.packages.kadras.io/metadata.yml
@@ -0,0 +1,16 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: gitops-configurer.packages.kadras.io
+spec:
+  categories:
+  - gitops
+  displayName: gitops-configurer
+  longDescription: Simplify onboarding of GitOps workflows based on Carvel or Flux.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Simplify onboarding of GitOps workflows.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/gitops-configurer
+    for community support.
diff --git a/repo/packages/knative-serving.packages.kadras.io/1.19.5.yml b/repo/packages/knative-serving.packages.kadras.io/1.19.5.yml
new file mode 100644
index 0000000..4ccf79f
--- /dev/null
+++ b/repo/packages/knative-serving.packages.kadras.io/1.19.5.yml
@@ -0,0 +1,310 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: knative-serving.packages.kadras.io.1.19.5
+spec:
+  capacityRequirementsDescription: For prototyping purposes, one-node cluster that
+    has at least 3 CPUs and 4 GB of memory. For production purposes, if you have only
+    one node, at least 6 CPUs, 6 GB of memory, and 30 GB of disk storage. If you have
+    multiple nodes, for each node at least 2 CPUs, 4 GB of memory, and 20 GB of disk
+    storage.
+  licenses:
+  - Apache 2.0
+  refName: knative-serving.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-knative-serving/releases
+  releasedAt: "2025-09-15T14:59:32Z"
+  template:
+    spec:
+      deploy:
+      - kapp:
+          rawOptions:
+          - --wait-timeout=5m
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-knative-serving@sha256:80e7b2444be3b3d078a29a2d2e581e85ed0ea2e5b15108f049d1880775ed2633
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        ca_cert_data:
+          default: ""
+          description: PEM-encoded certificate data to trust TLS connections with
+            a custom CA.
+          type: string
+        config:
+          additionalProperties: false
+          description: Settings for the Knative Serving ConfigMaps.
+          properties:
+            deployment:
+              additionalProperties: false
+              description: Deployment configuration stored in the `config-deployment`
+                ConfigMap.
+              properties:
+                progress-deadline:
+                  default: 600s
+                  description: The duration to wait for the deployment to be ready
+                    before considering it failed.
+                  type: string
+                queue-sidecar-cpu-limit:
+                  default: 1000m
+                  description: The queue proxy's CPU limit. If omitted, a default
+                    value (currently `1000m`), is used when `queueproxy.resource-defaults`
+                    is set to `Enabled`.
+                  type: string
+                queue-sidecar-cpu-request:
+                  default: 25m
+                  description: The queue proxy's CPU request. If omitted, a default
+                    value (currently '25m'), is used.
+                  type: string
+                queue-sidecar-memory-limit:
+                  default: 200Mi
+                  description: The queue proxy's memory limit. If omitted, a default
+                    value (currently `800Mi`), is used when `queueproxy.resource-defaults`
+                    is set to `Enabled`.
+                  type: string
+                queue-sidecar-memory-request:
+                  default: 50Mi
+                  description: The queue proxy's memory request. If omitted, a default
+                    value (currently `400Mi`), is used when `queueproxy.resource-defaults`
+                    is set to `Enabled`.
+                  type: string
+              type: object
+            network:
+              additionalProperties: false
+              description: Network configuration stored in the `config-network` ConfigMap.
+              properties:
+                default-external-scheme:
+                  default: http
+                  description: Defines the scheme used for external URLs if autoTLS
+                    is not enabled. This can be used for making Knative report all
+                    URLs as `https`, for example, if you're fronting Knative with
+                    an external loadbalancer that deals with TLS termination and Knative
+                    doesn't know about that otherwise.
+                  enum:
+                  - http
+                  - https
+                  type: string
+                domain-template:
+                  default: '{{.Name}}.{{.Namespace}}.{{.Domain}}'
+                  description: The golang text template string to use when constructing
+                    the Knative Service's DNS name.
+                  type: string
+                http-protocol:
+                  default: Redirected
+                  description: 'Controls the behavior of the HTTP endpoint for the
+                    Knative ingress. `Enabled`: The Knative ingress will be able to
+                    serve HTTP connection. `Redirected`: The Knative ingress will
+                    send a 301 redirect for all http connections, asking the clients
+                    to use HTTPS.'
+                  enum:
+                  - Enabled
+                  - Redirected
+                  type: string
+                namespace-wildcard-cert-selector:
+                  default: ""
+                  description: A LabelSelector which determines which namespaces should
+                    have a wildcard certificate provisioned.
+                  type: string
+                rollout-duration:
+                  default: 0
+                  description: The minimal duration in seconds over which the Configuration
+                    traffic targets are rolled out to the newest revision.
+                  minimum: 0
+                  type: integer
+              type: object
+            tracing:
+              additionalProperties: false
+              description: Network configuration stored in the `config-tracing` ConfigMap.
+              properties:
+                backend:
+                  default: none
+                  description: The type of distributed tracing backend.
+                  enum:
+                  - zipkin
+                  - none
+                  type: string
+                debug:
+                  default: "false"
+                  description: Enable the Zipkin debug mode. This allows all spans
+                    to be sent to the server bypassing sampling.
+                  enum:
+                  - "true"
+                  - "false"
+                  type: string
+                sample-rate:
+                  default: "0.1"
+                  description: The percentage (0-1) of requests to trace.
+                  maxLength: 3
+                  minLength: 1
+                  type: string
+                zipkin-endpoint:
+                  default: http://tempo.observability-system.svc.cluster.local:9411/api/v2/spans
+                  description: The Zipkin collector endpoint where traces are sent.
+                  type: string
+              type: object
+          type: object
+        domain_name:
+          default: ""
+          description: Domain name for Knative Services. It must be a valid DNS name.
+            Stored in the `config-domain` ConfigMap.
+          minLength: 4
+          type: string
+        ingress:
+          additionalProperties: false
+          description: Settings for the Ingress controller.
+          properties:
+            contour:
+              additionalProperties: false
+              description: Ingress configuration stored in the `config-contour` ConfigMap.
+              properties:
+                default-tls-secret:
+                  default: ""
+                  description: If auto-TLS is disabled, fallback to this certificate.
+                    An operator is required to setup a TLSCertificateDelegation for
+                    this Secret to be used.
+                  type: string
+                external:
+                  additionalProperties: false
+                  description: Configuration for the external Ingress controller
+                  properties:
+                    namespace:
+                      default: projectcontour
+                      description: The namespace where the external Ingress controller
+                        is installed.
+                      minLength: 1
+                      type: string
+                  type: object
+                internal:
+                  additionalProperties: false
+                  description: Configuration for the internal Ingress controller
+                  properties:
+                    namespace:
+                      default: projectcontour
+                      description: The namespace where the internal Ingress controller
+                        is installed.
+                      minLength: 1
+                      type: string
+                  type: object
+              type: object
+          type: object
+        ingress_issuer:
+          default: ""
+          description: A reference to the ClusterIssuer to use if you want to enable
+            autoTLS. Stored in the `config-certmanager` ConfigMap.
+          example: kadras-ca-issuer
+          type: string
+          x-example-description: Kadras private CA
+        min_kubernetes_version:
+          default: ""
+          description: The minimum Kubernetes version that this package will accept
+            as valid. If not set, Knative Serving will accept the last 3 minor versions
+            of Kubernetes.
+          type: string
+        policies:
+          additionalProperties: false
+          description: Settings for the Kyverno policies.
+          properties:
+            include:
+              default: false
+              description: Whether to include the out-of-the-box Kyverno policies
+                to validate and secure the package installation.
+              type: boolean
+          type: object
+        proxy:
+          additionalProperties: false
+          description: Settings for the corporate proxy.
+          properties:
+            http_proxy:
+              default: ""
+              description: The HTTP proxy to use for network traffic.
+              type: string
+            https_proxy:
+              default: ""
+              description: The HTTPS proxy to use for network traffic.
+              type: string
+            no_proxy:
+              default: ""
+              description: A comma-separated list of hostnames, IP addresses, or IP
+                ranges in CIDR format that should not use a proxy.
+              type: string
+          type: object
+        workloads:
+          additionalProperties: false
+          description: Settings for the Knative Serving workloads.
+          properties:
+            activator:
+              additionalProperties: false
+              properties:
+                minReplicas:
+                  default: 1
+                  description: The minimum number of replicas as controlled by a HorizontalPodAutoscaler.
+                    In order to enable high availability, it should be greater than
+                    1.
+                  maximum: 20
+                  minimum: 1
+                  type: integer
+              type: object
+            autoscaler:
+              additionalProperties: false
+              properties:
+                replicas:
+                  default: 1
+                  description: The number of replicas for this Deployment. In order
+                    to enable high availability, it should be greater than 1.
+                  minimum: 1
+                  type: integer
+              type: object
+            controller:
+              additionalProperties: false
+              properties:
+                replicas:
+                  default: 1
+                  description: The number of replicas for this Deployment. In order
+                    to enable high availability, it should be greater than 1.
+                  minimum: 1
+                  type: integer
+              type: object
+            domain_mapping:
+              additionalProperties: false
+              properties:
+                replicas:
+                  default: 1
+                  description: The number of replicas for this Deployment. In order
+                    to enable high availability, it should be greater than 1.
+                  minimum: 1
+                  type: integer
+              type: object
+            domain_mapping_webhook:
+              additionalProperties: false
+              properties:
+                replicas:
+                  default: 1
+                  description: The number of replicas for this Deployment. In order
+                    to enable high availability, it should be greater than 1.
+                  minimum: 1
+                  type: integer
+              type: object
+            webhook:
+              additionalProperties: false
+              properties:
+                minReplicas:
+                  default: 1
+                  description: The minimum number of replicas as controlled by a HorizontalPodAutoscaler.
+                    In order to enable high availability, it should be greater than
+                    1.
+                  maximum: 5
+                  minimum: 1
+                  type: integer
+              type: object
+          type: object
+      type: object
+  version: 1.19.5
diff --git a/repo/packages/knative-serving.packages.kadras.io/metadata.yml b/repo/packages/knative-serving.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..26e208c
--- /dev/null
+++ b/repo/packages/knative-serving.packages.kadras.io/metadata.yml
@@ -0,0 +1,19 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: knative-serving.packages.kadras.io
+spec:
+  categories:
+  - serverless
+  - deployment
+  displayName: knative-serving
+  iconSVGBase64: PHN2ZyB2aWV3Qm94PSIwIDAgNzM1IDU5My41IiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPgogIDxwYXRoIGZpbGw9IiMwODY1YWQiIGQ9Ik0yOTcuNDk2IDEuNDg4IDY1Ljc0OSAxMTMuMDk2YTE1LjAzNSAxNS4wMzUgMCAwIDAtOC4xMzUgMTAuMTk0TC4zNzcgMzc0LjA2NWExNS4wMiAxNS4wMiAwIDAgMCAyLjkwMiAxMi43MTFsMTYwLjM3NiAyMDEuMTA4YTE1LjAzOCAxNS4wMzggMCAwIDAgMTEuNzQ3IDUuNjU3SDQzMi42M2M0LjU3MSAwIDguODk1LTIuMDg1IDExLjc0Ny01LjY1N2wxNjAuMzc2LTIwMS4xMDhhMTUuMDIzIDE1LjAyMyAwIDAgMCAyLjkwMy0xMi43MTFMNTUwLjQxOCAxMjMuMjlhMTUuMDE5IDE1LjAxOSAwIDAgMC04LjEzNS0xMC4xOTRMMzEwLjUzNiAxLjQ4OGExNS4wMjIgMTUuMDIyIDAgMCAwLTEzLjA0IDAiLz4KICA8cGF0aCBmaWxsPSIjZmZmIiBkPSJNMjIxLjg0NSAyMTAuNTMzaDUxLjA1NHYxMDAuNzY0aDEuMDE3YzUuMDcyLTguNzk4IDEwLjQ4LTE2LjkwNyAxNS41NTItMjUuMDIzbDUxLjczNi03NS43NDFoNjMuMjI1bC03NS4zOTggOTcuMDM5IDc5LjQ1NSAxMzAuODU2aC02MC4xOGwtNTUuNzkyLTk4LjM5NC0xOS42MTUgMjQuMDA1djc0LjM4OWgtNTEuMDU0VjIxMC41MzNaIi8+CiAgPHBhdGggZmlsbD0iIzY2OTVjYSIgZD0ibTU4NS4zMjggMS4zMDctOTEuMTEyIDMzLjE2YTcuNTIxIDcuNTIxIDAgMCAwLTMuOTM1IDMuMzA2bC00OC40NzggODMuOTY0YTcuNTEzIDcuNTEzIDAgMCAwLS44OTIgNS4wNjZsMTYuODM1IDk1LjQ4M2E3LjQ5NSA3LjQ5NSAwIDAgMCAyLjU2OCA0LjQ1M2w3NC4yNzcgNjIuMzE5YTcuNTA3IDcuNTA3IDAgMCAwIDQuODI4IDEuNzZoOTYuOTU3YTcuNTE1IDcuNTE1IDAgMCAwIDQuODMxLTEuNzZsNzQuMjc0LTYyLjMxOWE3LjUwOCA3LjUwOCAwIDAgMCAyLjU2Ny00LjQ1M2wxNi44MzktOTUuNDgzYTcuNTM4IDcuNTM4IDAgMCAwLS44OTYtNS4wNjZsLTQ4LjQ3NC04My45NjRhNy41MjYgNy41MjYgMCAwIDAtMy45MzktMy4zMDZsLTkxLjExMi0zMy4xNmE3LjUgNy41IDAgMCAwLTUuMTM4IDAiLz4KICA8cGF0aCBmaWxsPSIjZmZmIiBkPSJNNTcwLjIzMSAxMTEuODY1YTU5LjM1OCA1OS4zNTggMCAwIDEgNS42NTQtNC44MjEgMzcuNzYgMzcuNzYgMCAwIDEgNi4yMjgtMy43NzNjMi4xOTItMS4wNTIgNC41NTktMS44NjYgNy4xMDEtMi40NTIgMi41NDItLjU4NSA1LjMwMS0uODc2IDguMjgxLS44NzYgNC45MSAwIDkuMjY1Ljg0OCAxMy4wNjMgMi41NDIgMy44MDEgMS42OTQgNy4wMDEgNC4wNjcgOS42MDMgNy4xMDEgMi42MDIgMy4wNCA0LjU1OCA2LjY2MyA1Ljg3MyAxMC44NzEgMS4zMTYgNC4yMDUgMS45NzYgOC44MjYgMS45NzYgMTMuODUxdjU3LjQyM2gtMjQuMTE1di01Ny40MjNjMC01LjAyNS0xLjE2OC04LjkyOS0zLjUtMTEuNzA2LTIuMzQyLTIuNzc1LTUuNzg2LTQuMTYyLTEwLjM1MS00LjE2Mi0zLjM4NSAwLTYuNTY5LjczLTkuNTU2IDIuMTkyLTIuOTgxIDEuNDYyLTUuODE0IDMuNTA0LTguNDk4IDYuMTM3djY0Ljk2MmgtMjQuMjAydi05MC4zODloMTQuOTAzYzMuMDQgMCA1LjA1NyAxLjQwMyA2LjA1NiA0LjIxMWwxLjQ4NCA2LjMxMloiLz4KPC9zdmc+
+  longDescription: Knative Serving builds on Kubernetes to define and control the
+    deployment of applications and functions as serverless containers.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Solution for running serverless deployments on Kubernetes.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-knative-serving
+    for community support.
diff --git a/repo/packages/kyverno.packages.kadras.io/1.15.1.yml b/repo/packages/kyverno.packages.kadras.io/1.15.1.yml
new file mode 100644
index 0000000..762815c
--- /dev/null
+++ b/repo/packages/kyverno.packages.kadras.io/1.15.1.yml
@@ -0,0 +1,182 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: kyverno.packages.kadras.io.1.15.1
+spec:
+  licenses:
+  - Apache 2.0
+  refName: kyverno.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-kyverno/releases
+  releasedAt: "2025-09-15T14:32:28Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-kyverno@sha256:069b230b662c880274eafe7566be3a1824806858d044f2f3ce19d999a837674f
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        admission_controller:
+          additionalProperties: false
+          description: Settings for the Admission Controller component.
+          properties:
+            replicas:
+              default: 1
+              description: The number of replicas for the Admission Controller. In
+                order to enable high availability, it should be at least 3 (2 is not
+                permitted).
+              minimum: 1
+              type: integer
+          type: object
+        background_controller:
+          additionalProperties: false
+          description: Settings for the Background Controller component.
+          properties:
+            replicas:
+              default: 1
+              description: The number of replicas for the Background Controller. In
+                order to enable high availability, it should be greater than 1.
+              minimum: 1
+              type: integer
+          type: object
+        ca_cert_data:
+          default: ""
+          description: PEM-encoded certificate data to trust TLS connections with
+            a custom CA.
+          type: string
+        cleanup_controller:
+          additionalProperties: false
+          description: Settings for the Cleanup Controller component.
+          properties:
+            replicas:
+              default: 1
+              description: The number of replicas for the Cleanup Controller. In order
+                to enable high availability, it should be greater than 1.
+              minimum: 1
+              type: integer
+          type: object
+        logging:
+          additionalProperties: false
+          description: Settings for logging.
+          properties:
+            encoding:
+              default: text
+              description: 'Log encoding format. Options: `text`, `json`.'
+              enum:
+              - text
+              - json
+              type: string
+            level:
+              default: 2
+              description: Number of the log level verbosity (from `1` to `6`).
+              maximum: 6
+              minimum: 1
+              type: integer
+          type: object
+        metrics:
+          additionalProperties: false
+          description: Settings for metrics via Prometheus or OpenTelemetry.
+          properties:
+            collector:
+              default: ""
+              description: The endpoint where the OpenTelemetry-based collector receives
+                telemetry data.
+              type: string
+            type:
+              default: prometheus
+              description: Whether to use OpenTelemetry (`grpc`) or Prometheus (`prometheus`)
+                for exporting metrics.
+              enum:
+              - grpc
+              - prometheus
+              type: string
+          type: object
+        optional_components:
+          additionalProperties: false
+          description: Settings for which Kyverno optional components to deploy.
+          properties:
+            background_controller:
+              default: true
+              description: Whether to deploy the Background Controller, responsible
+                for processing of generate and mutate-existing rules.
+              type: boolean
+            cleanup_controller:
+              default: true
+              description: Whether to deploy the Cleanup Controller, responsible for
+                processing `CleanupPolicy` resources.
+              type: boolean
+            reports_controller:
+              default: true
+              description: Whether to deploy the Reports Controller, responsible for
+                handling `PolicyReport` resources.
+              type: boolean
+          type: object
+        proxy:
+          additionalProperties: false
+          description: Settings for the corporate proxy.
+          properties:
+            http_proxy:
+              default: ""
+              description: The HTTP proxy to use for network traffic.
+              type: string
+            https_proxy:
+              default: ""
+              description: The HTTPS proxy to use for network traffic.
+              type: string
+            no_proxy:
+              default: ""
+              description: A comma-separated list of hostnames, IP addresses, or IP
+                ranges in CIDR format that should not use the proxy.
+              type: string
+          type: object
+        reports_controller:
+          additionalProperties: false
+          description: Settings for the Reports Controller component.
+          properties:
+            replicas:
+              default: 1
+              description: The number of replicas for the Reports Controller. In order
+                to enable high availability, it should be greater than 1.
+              minimum: 1
+              type: integer
+          type: object
+        tracing:
+          additionalProperties: false
+          description: Settings for tracing via OpenTelemetry.
+          properties:
+            ca_cert_secret:
+              default: ""
+              description: The Secret containing the certificate which is used by
+                the Opentelemetry Tracing Client. If empty string is set, an insecure
+                connection will be used.
+              type: string
+            enabled:
+              default: false
+              description: Whether to configure Kyverno to export OpenTelemetry traces
+                to a distributed tracing backend.
+              type: boolean
+            endpoint:
+              default: ""
+              description: The endpoint where the distributed tracing backend accepts
+                OpenTelemetry traces.
+              type: string
+            port:
+              default: 4317
+              description: The port exposed by the distributed tracing backend to
+                accept OpenTelemetry traces.
+              type: integer
+          type: object
+      type: object
+  version: 1.15.1
diff --git a/repo/packages/kyverno.packages.kadras.io/metadata.yml b/repo/packages/kyverno.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..7ef45e8
--- /dev/null
+++ b/repo/packages/kyverno.packages.kadras.io/metadata.yml
@@ -0,0 +1,19 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: kyverno.packages.kadras.io
+spec:
+  categories:
+  - policy-management
+  - policies
+  displayName: kyverno
+  iconSVGBase64: PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCA1MDAgNTAwIj48ZGVmcz48c3R5bGU+LmNscy0xe2ZpbGw6I2U4N2U1Yjt9LmNscy0xLC5jbHMtMntmaWxsLXJ1bGU6ZXZlbm9kZDt9LmNscy0ye2ZpbGw6IzM3ODRjNTt9PC9zdHlsZT48L2RlZnM+PGcgaWQ9IkxheWVyXzEiIGRhdGEtbmFtZT0iTGF5ZXIgMSI+PHBhdGggY2xhc3M9ImNscy0xIiBkPSJNODUuOTc4LDE1OS4xMjk3Nyw2Mi44LDI2MC42NzU4SDg2LjY0OTRsMTkuNDQ0ODEtODUuMTg3NDhjLTMuNjc3NDItMy43MzE3MS03LjQ0NzIzLTcuMzEyNDMtMTEuMzQwNzItMTAuNjQwODNhMTAuNjM4NTQsMTAuNjM4NTQsMCwwLDEtMi41NzE0NS0zLjI1NTYxYy0yLjAwNjIxLS43NzAwNy00LjA5MDYxLTEuNTk1MzQtNi4yMDQtMi40NjIxMU0yMzEuNDIzODEsNjcuMzQ0NTYsMTEyLjExMTksMTI0LjgwMjIyYzEuNTIxNjIsMi4xMywyLjk3NzM4LDQuMjQxNTksNC4zNDc4Niw2LjI2OTY5YTEwLjY0MDE5LDEwLjY0MDE5LDAsMCwxLDMuNzUwNTIsMS43NzQ0YzMuODM3NjcsMi44MzY1Nyw3Ljg2MjczLDUuNTE4NDUsMTIuMDAzOTEsOC4wODlsOTkuMzY3ODYtNDcuODUwNzdjLjU1NzIzLTQuNzk3NDMuOTU4MDYtOS41NzE1OCwxLjEyNTA5LTE0LjI5NTI5YTEwLjY2NDIyLDEwLjY2NDIyLDAsMCwxLC45NDYzNS00LjAzOTI0QzIzMi45MDgsNzIuMzg0NDMsMjMyLjE1MTQ2LDY5Ljg5NTUsMjMxLjQyMzgxLDY3LjM0NDU2Wm0xNjEuMjcyNTQsNTYuNzI3ODVMMjc0Ljg4MzY5LDY3LjMzNzE1Yy0uNzI4NTYsMi41NTM0MS0xLjQ4NDI4LDUuMDQ1MjgtMi4yMzA0NSw3LjQxMjg0YTEwLjY3MDE2LDEwLjY3MDE2LDAsMCwxLC45NDY1LDQuMDM5MjRjLjE2NjczLDQuNzIxNzEuNTY3ODcsOS40OTQxNSwxLjEyNTU2LDE0LjI5MDJsOTguMDIzMTQsNDcuMjAyMjRjNC4xNTQ0NS0yLjYyNTc0LDguMTkwMy01LjM2MzkyLDEyLjAzMDktOC4yNTY3OGExMC42ODc4OSwxMC42ODc4OSwwLDAsMSwzLjczNjgtMS44MDc1NkMzODkuODMzMSwxMjguMjI4MjUsMzkxLjIzNDg4LDEyNi4xNTk4OSwzOTIuNjk2MzUsMTI0LjA3MjQxWk00NDMuNTE5NTgsMjYwLjY3NTgsNDIwLjAxNDM4LDE1Ny42ODVjLTIuMzcwNjUsMS4wMDctNC43MTEzOCwxLjk1NzE2LTYuOTU1NCwyLjg0MTJhMTAuNjkyNywxMC42OTI3LDAsMCwxLTIuNTQyMywzLjI3NjU4Yy0zLjY1MTY3LDMuMTc3NTctNy4xOTEyMSw2LjU3OTA4LTEwLjY0NTMsMTAuMTIwNjNsMTkuODAyLDg2Ljc1MjQzWiIvPjxwYXRoIGNsYXNzPSJjbHMtMiIgZD0iTTMxMC44MDYyOCwxOTcuOTg0MjRsMi44MjkzMiwzLjQ5NGMxLjMxMzQxLTExLjE3MDQ2LDEwLjU3OTkyLTIxLjg4ODU3LDI4LjE2NzUyLTMxLjQ5NzYyLDE4LjMzMy0xMC4wMTUxMywzNS40NTQzNC0xOC45MDE2Miw0OS40MTA2My0yOS40MDg3NWwxLjg1MDQ0LDIuMjgyNDNxMTYuMzYxOTQtMjUuNTU1NSwyNS40MTcxNi0zMi4xNzMxNGM4LjExMTk1LTQuOTM2NywxNS42MDgzOC0zLjQ5OTc1LDIxLjQzNjY3LDMuMDAzNDUsNS4xNTA3Nyw3LjA1MzQ4LDQuOTk4MjQsMTQuNjg0NTUtMS41MTc5MSwyMS41OTM2OHEtOC4zNTY1Nyw3LjQ4MDk0LTM2Ljc1NTczLDE4LjE3MTJsMS44NDgxMiwyLjI4Mjg5Yy0xMy4xNzc0NCwxMS40NzEwNS0yNS40MzA4OSwyNi4zNjgxMy0zOS4wNDEwOSw0Mi4yMTg2NS0xMy4wNTE0MywxNS4yMDYxNi0yNS40NjM4OSwyMi4wNDAxOC0zNi42NjQ1OCwyMS4wMDQyM2wyLjgzMTQ4LDMuNDk0NS0xMS4wMDcxMyw4LjkxMjU2TDMwOS44ODQzLDIwNy44NzhsLTcuNDczOTEtMy4wOTUyMVpNMTc1LjE2MSwyMjIuNzkyMmwyLjc5ODMyLTMuNTE3Yy0xMS4xODg1MSwxLjEzNDUtMjMuNjYtNS41OTA0OC0zNi44NDYtMjAuNjgyNTEtMTMuNzQ1NjEtMTUuNzMyMDctMjYuMTI3NTQtMzAuNTIyMTItMzkuNDA4MTUtNDEuODc1MzRsMS44MzAwOC0yLjMwMDQ3UTc1LjA0NCwxNDMuOTc0MjgsNjYuNjIxMTMsMTM2LjU2NzM4Yy02LjU3MzgzLTYuODUxNDQtNi43OTM0NS0xNC40ODE3NC0xLjcwNTYxLTIxLjU3OTQ5LDUuNzcxMjMtNi41NTQwOSwxMy4yNTM3OC04LjA1NjQzLDIxLjQxMDkyLTMuMTkxNzZxOS4xMTA1LDYuNTQxNDUsMjUuNjk0NDcsMzEuOTUxODJsMS44MzA2OS0yLjMwMDMyYzE0LjA0OTI5LDEwLjM4NDIxLDMxLjI0NjIyLDE5LjEyMjY0LDQ5LjY2NTg4LDI4Ljk3OCwxNy42NzE4MSw5LjQ1MjUxLDI3LjAzMSwyMC4wOTE2NSwyOC40NDE0MiwzMS4yNDk3N2wyLjc5OTU2LTMuNTE5MTgsOC40NjEsNi43MzA2OC03LjIyMjgyLDIuOTkxMTEtOS44MDkwOSwyMy42ODY3MlptNjIuMjUyMTYtNDUuMDAzNTZIMjQxLjkxYy03Ljg1NDA5LTguMDUwNTctMTAuMzU0NTktMjEuOTk4MjItNi43NTMtNDEuNzEyLDMuNzU0ODQtMjAuNTUxMjUsNy42MjE2NS0zOS40NDg1Niw4LjI0MDcyLTU2LjkwODE1aDIuOTQwNTJxLTkuNTY1MDktMjguNzk5ODUtOS4wMTA5NS00MC4wMDAzOWMxLjI2OTYxLTkuNDEwMjUsNy4xMDQyMy0xNC4zMzQsMTUuODI1MzgtMTQuNzcwMyw4LjcyMjU1LjQzNjMxLDE0LjU1NzQ4LDUuMzYwMDUsMTUuODI3NTUsMTQuNzcwM3EuNTUwNTksMTEuMjAwNDctOS4wMTE3Myw0MC4wMDAzOWgyLjk0MDUyYy42MTkzOCwxNy40NTk1OSw0LjQ4NjY2LDM2LjM1NjksOC4yNDA3NCw1Ni45MDgxNSwzLjYwMTcsMTkuNzEzNzksMS4xMDEsMzMuNjYxNDQtNi43NTI4OSw0MS43MTJoNC40OTY2OHYxMy4xMTM3NGwtMTUuOTU0LTYuNjA3MTUtMTUuNTI2MzQsNi40Mjk2M1oiLz48cG9seWdvbiBjbGFzcz0iY2xzLTEiIHBvaW50cz0iMjUyLjkzOSAxOTMuODkzIDI3OC4wMTYgMjA0LjI4MSAzMDMuMDk3IDIxNC42NjQgMzEzLjQ3OSAyMzkuNzQ3IDMyMi4xNTEgMjYwLjY3NiAyNzYuNzI0IDI2MC42NzYgMjc0LjcwNyAyNTUuODA2IDI3MC45NzQgMjQ2Ljc4NyAyNjEuOTU2IDI0My4wNTUgMjUyLjkzOSAyMzkuMzIgMjQzLjkyMyAyNDMuMDU1IDIzNC45MDUgMjQ2Ljc4NyAyMzEuMTcyIDI1NS44MDYgMjI5LjE1NSAyNjAuNjc2IDE4My43MjkgMjYwLjY3NiAxOTIuNCAyMzkuNzQ3IDIwMi43ODMgMjE0LjY2NCAyMjcuODY0IDIwNC4yODEgMjUyLjkzOSAxOTMuODkzIi8+PHBhdGggY2xhc3M9ImNscy0yIiBkPSJNNjguMjEzNywzNDkuNjI0YTguOTE0NDksOC45MTQ0OSwwLDEsMS0xNy44MjksMFYyODYuNTg5MTJhOC45MTU5Myw4LjkxNTkzLDAsMCwxLDguOTE0ODctOC45MTQxaDM4NC4yMThhOC45MTUxNyw4LjkxNTE3LDAsMCwxLDguOTE0NTYsOC45MTQxVjM0OS42MjRhOC45MTQzMyw4LjkxNDMzLDAsMSwxLTE3LjgyODY2LDB2LTU0LjEySDI2MC4zMjE3NXY1NC4xMmE4LjkxNDMzLDguOTE0MzMsMCwxLDEtMTcuODI4NjYsMHYtNTQuMTJINjguMjEzN1oiLz48cGF0aCBjbGFzcz0iY2xzLTEiIGQ9Ik0yNDEuOTE1MDUsNDQzLjIwODEzYTEuMTgxNDIsMS4xODE0MiwwLDAsMCwuOTU2NTIuNDg5MjFoOC41MzY0bDguNTM2MDgtLjAwMTI0YTEuMTc0MiwxLjE3NDIsMCwwLDAsLjkyMzM2LS40NDc0MWw1LjMyMy02LjY3MTMxLDUuMzIyLTYuNjc1NzhhMS4xODgsMS4xODgsMCwwLDAsLjIyNjcyLS45OTM1NGwtMy43OTUxLTE2LjYzMTY5YTEuMTY0NTUsMS4xNjQ1NSwwLDAsMC0uNjQxNDQtLjgxNTcxbC0xNS4zODEtNy40MDY4MmExLjE3ODkzLDEuMTc4OTMsMCwwLDAtMS4wMjY3MSwwbC0xNS4zODEsNy40MDY4MmExLjE4NywxLjE4NywwLDAsMC0uNjM3ODkuODAzMzdsLTMuNzksMTYuNjAxNDZhMS4xODQyMiwxLjE4NDIyLDAsMCwwLC4yMTgwOCwxLjAzNzM1Wk0yMjkuODUxLDQ2Ny44NTcyM2EyLjY4NTYzLDIuNjg1NjMsMCwwLDAsMi4xNzQsMS4xMDc1MUgyNTEuNDFsMTkuMzg1LS4wMDM1NGEyLjY2OTIsMi42NjkyLDAsMCwwLDIuMDk3MzYtMS4wMTI4MmwxMi4wODcxOS0xNS4xNTM1NywxMi4wODUtMTUuMTU5YTIuNzA4LDIuNzA4LDAsMCwwLC41MTc0NC0yLjI1ODA2bC04LjYyMDc1LTM3Ljc2OTMyYTIuNjUwODQsMi42NTA4NCwwLDAsMC0xLjQ1NjU0LTEuODUxODJsLTM0LjkzMDczLTE2LjgyMjc4YTIuNjc5NTUsMi42Nzk1NSwwLDAsMC0yLjMyODU1LDBsLTM0LjkzMDksMTYuODIyNzhhMi42Nzc0LDIuNjc3NCwwLDAsMC0xLjQ0ODM2LDEuODIzNzVsLTguNjA3LDM3LjcwMDU0YTIuNjgxMTYsMi42ODExNiwwLDAsMCwuNDk0LDIuMzU2MTRaIi8+PHBhdGggY2xhc3M9ImNscy0xIiBkPSJNNDguNjQxMzMsNDQzLjIwODEzYTEuMTc4MjQsMS4xNzgyNCwwLDAsMCwuOTU2NTMuNDg5MjFoOC41MzYzOWw4LjUzNjA4LS4wMDEyNGExLjE3NzE1LDEuMTc3MTUsMCwwLDAsLjkyMzM3LS40NDc0MWw1LjMyMzM1LTYuNjcxMzEsNS4zMTk2NS02LjY3NTc4YTEuMTg3MjgsMS4xODcyOCwwLDAsMCwuMjI4NDEtLjk5MzU0bC0zLjc5NjgtMTYuNjMxNjlhMS4xNjY3OSwxLjE2Njc5LDAsMCwwLS42NDAyLS44MTU3MWwtMTUuMzgyMjgtNy40MDY4MmExLjE3NjIyLDEuMTc2MjIsMCwwLDAtMS4wMjU0NywwbC0xNS4zODAyOCw3LjQwNjgyYTEuMTgxODUsMS4xODE4NSwwLDAsMC0uNjM4MzUuODAzMzdsLTMuNzg5NTUsMTYuNjAxNDZhMS4xNzYyMywxLjE3NjIzLDAsMCwwLC4yMTgyNCwxLjAzNzM1Wm0tMTIuMDYzNzUsMjQuNjQ5MWEyLjY4NSwyLjY4NSwwLDAsMCwyLjE3MzA4LDEuMTA3NTFINTguMTM0MjVsMTkuMzg2NTItLjAwMzU0YTIuNjc2MzUsMi42NzYzNSwwLDAsMCwyLjA5ODEyLTEuMDEyODJsMTIuMDg2MjctMTUuMTUzNTcsMTIuMDgzNjUtMTUuMTU5YTIuNjkyNzQsMi42OTI3NCwwLDAsMCwuNTE3NDMtMi4yNTgwNmwtOC42MTkzNi0zNy43NjkzMmEyLjY0NzY3LDIuNjQ3NjcsMCwwLDAtMS40NTU5Mi0xLjg1MTgyTDU5LjMwMDM3LDM3OC45MzM4N2EyLjY4MjksMi42ODI5LDAsMCwwLTIuMzMwMDgsMEwyMi4wMzg3NywzOTUuNzU2NjVhMi42ODYsMi42ODYsMCwwLDAtMS40NDg2NiwxLjgyMzc1bC04LjYwNDU2LDM3LjcwMDU0YTIuNjcxMjUsMi42NzEyNSwwLDAsMCwuNDk0MTQsMi4zNTYxNFoiLz48cGF0aCBjbGFzcz0iY2xzLTEiIGQ9Ik00MzIuODU5NDUsNDQzLjIwODEzYTEuMTc4LDEuMTc4LDAsMCwwLC45NTY1Mi40ODkyMWg4LjUzNjFsOC41MzYyMi0uMDAxMjRhMS4xNzcwNiwxLjE3NzA2LDAsMCwwLC45MjMyMS0uNDQ3NDFsNS4zMjMzNy02LjY3MTMxLDUuMzE5NzktNi42NzU3OGExLjE4MTM2LDEuMTgxMzYsMCwwLDAsLjIyODEtLjk5MzU0bC0zLjc5NTEtMTYuNjMxNjlhMS4xNjQ3MiwxLjE2NDcyLDAsMCwwLS42NDE1OS0uODE1NzFsLTE1LjM4MS03LjQwNjgyYTEuMTc4NTMsMS4xNzg1MywwLDAsMC0xLjAyNjUzLDBsLTE1LjM4MTA3LDcuNDA2ODJhMS4xODk3NywxLjE4OTc3LDAsMCwwLS42MzguODAzMzdsLTMuNzksMTYuNjAxNDZhMS4xODQyNSwxLjE4NDI1LDAsMCwwLC4yMTgyMiwxLjAzNzM1Wm0tMTIuMDY0MjIsMjQuNjQ5MWEyLjY4NTc4LDIuNjg1NzgsMCwwLDAsMi4xNzM0LDEuMTA3NTFoMTkuMzgzNDRsMTkuMzg2MzUtLjAwMzU0YTIuNjc0NDIsMi42NzQ0MiwwLDAsMCwyLjA5ODI4LTEuMDEyODJsMTIuMDg2NDItMTUuMTUzNTcsMTIuMDgzNDktMTUuMTU5YTIuNjkxODYsMi42OTE4NiwwLDAsMCwuNTE2NjctMi4yNTgwNmwtOC42MTg0NC0zNy43NjkzMmEyLjY1MTYsMi42NTE2LDAsMCwwLTEuNDU1OTItMS44NTE4MmwtMzQuOTMxMzYtMTYuODIyNzhhMi42ODI5LDIuNjgyOSwwLDAsMC0yLjMzMDA4LDBsLTM0LjkzMDksMTYuODIyNzhhMi42ODM3NiwyLjY4Mzc2LDAsMCwwLTEuNDQ4NTEsMS44MjM3NWwtOC42MDQ4NywzNy43MDA1NGEyLjY3MjI3LDIuNjcyMjcsMCwwLDAsLjQ5NDMsMi4zNTYxNFoiLz48L2c+PC9zdmc+
+  longDescription: Kyverno is a policy engine designed for Kubernetes. It can validate,
+    mutate, and generate configurations using admission controls and background scans.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: A Kubernetes-native policy engine.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-kyverno
+    for community support.
diff --git a/repo/packages/metrics-server.packages.kadras.io/0.8.0.yml b/repo/packages/metrics-server.packages.kadras.io/0.8.0.yml
new file mode 100644
index 0000000..10b6dd8
--- /dev/null
+++ b/repo/packages/metrics-server.packages.kadras.io/0.8.0.yml
@@ -0,0 +1,148 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: metrics-server.packages.kadras.io.0.8.0
+spec:
+  licenses:
+  - Apache 2.0
+  refName: metrics-server.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-metrics-server/releases
+  releasedAt: "2025-08-14T17:45:10Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-metrics-server@sha256:907424062bd661d214af87933d935b36b2a8d4a7d36d640c26a1dda0c0aeb271
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        daemonset:
+          additionalProperties: false
+          properties:
+            updateStrategy:
+              default: null
+              description: Update strategy of daemonsets
+              nullable: true
+              type: string
+          type: object
+        deployment:
+          additionalProperties: false
+          properties:
+            rollingUpdate:
+              additionalProperties: false
+              properties:
+                maxSurge:
+                  default: null
+                  description: The maxSurge of rollingUpdate. Applied only if RollingUpdate
+                    is used as updateStrategy
+                  nullable: true
+                  type: integer
+                maxUnavailable:
+                  default: null
+                  description: The maxUnavailable of rollingUpdate. Applied only if
+                    RollingUpdate is used as updateStrategy
+                  nullable: true
+                  type: integer
+              type: object
+            updateStrategy:
+              default: null
+              description: Update strategy of deployments
+              nullable: true
+              type: string
+          type: object
+        metricsServer:
+          additionalProperties: false
+          properties:
+            config:
+              additionalProperties: false
+              properties:
+                apiServiceInsecureTLS:
+                  default: true
+                  description: Whether to enable insecure TLS for metrics-server api
+                    service
+                  type: boolean
+                args:
+                  default: []
+                  description: Arguments passed into metrics-server container
+                  items:
+                    default: ""
+                    type: string
+                  type: array
+                probe:
+                  additionalProperties: false
+                  properties:
+                    failureThreshold:
+                      default: 3
+                      description: Probe failureThreshold of metrics-server deployment
+                      type: integer
+                    periodSeconds:
+                      default: 10
+                      description: Probe period of metrics-server deployment
+                      type: integer
+                  type: object
+                securePort:
+                  default: 4443
+                  description: The HTTPS secure port used by metrics-server
+                  type: integer
+                tolerations:
+                  default: []
+                  description: Metrics-server deployment tolerations
+                  nullable: true
+                updateStrategy:
+                  default: RollingUpdate
+                  description: The update strategy of the metrics-server deployment
+                  type: string
+              type: object
+            createNamespace:
+              default: true
+              description: Whether to create namespace specified for metrics-server
+              type: boolean
+            image:
+              additionalProperties: false
+              properties:
+                name:
+                  default: ""
+                  description: The path of image
+                  type: string
+                pullPolicy:
+                  default: IfNotPresent
+                  description: The pull policy of image
+                  type: string
+                repository:
+                  default: ""
+                  description: The repository of metrics-server image
+                  type: string
+                tag:
+                  default: ""
+                  description: The image tag
+                  type: string
+              type: object
+            namespace:
+              default: null
+              description: The namespace value used by older templates, will be overwriten
+                if top level namespace is present, kept for backward compatibility
+              nullable: true
+              type: string
+          type: object
+        namespace:
+          default: kube-system
+          description: The namespace in which metrics-server is deployed
+          type: string
+        nodeSelector:
+          default: null
+          description: NodeSelector configuration applied to all the deployments
+          nullable: true
+      type: object
+  version: 0.8.0
diff --git a/repo/packages/metrics-server.packages.kadras.io/metadata.yml b/repo/packages/metrics-server.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..bea30f4
--- /dev/null
+++ b/repo/packages/metrics-server.packages.kadras.io/metadata.yml
@@ -0,0 +1,21 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: metrics-server.packages.kadras.io
+spec:
+  categories:
+  - monitoring
+  - metrics
+  - observability
+  displayName: metrics-server
+  iconSVGBase64: PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHJvbGU9ImltZyIgdmlld0JveD0iLTAuMTcgMC4wOCAyMzAuMTAgMjIzLjM1Ij48ZGVmcz48c3R5bGU+LmNscy0xe2ZpbGw6I2ZmZn0uY2xzLTJ7ZmlsbDojMzI2Y2U1fTwvc3R5bGU+PC9kZWZzPjxwYXRoIGQ9Ik0xMzQuMzU4IDEyNi40NjZhMy41OSAzLjU5IDAgMCAwLS44NTUtLjA2NSAzLjY4NSAzLjY4NSAwIDAgMC0xLjQyNS4zNyAzLjcyNSAzLjcyNSAwIDAgMC0xLjgwMyA0LjgyNWwtLjAyNi4wMzcgOC41MjggMjAuNjAzYTQzLjUzIDQzLjUzIDAgMCAwIDE3LjU5NS0yMi4xMDJsLTIxLjk3Ni0zLjcxNHptLTM0LjE5NCAyLjkyYTMuNzIgMy43MiAwIDAgMC0zLjU2OC0yLjg5NCAzLjY1NiAzLjY1NiAwIDAgMC0uNzMzLjA2NWwtLjAzNy0uMDQ1LTIxLjc4NSAzLjY5OGE0My42OTUgNDMuNjk1IDAgMCAwIDE3LjU0IDIxLjk0Nmw4LjQ0Mi0yMC40LS4wNjYtLjA4YTMuNjgzIDMuNjgzIDAgMCAwIC4yMDctMi4yOXptMTguMjQ1IDhhMy43MTggMy43MTggMCAwIDAtNi41NTcuMDA4aC0uMDE4bC0xMC43MTMgMTkuMzcyYTQzLjYzNyA0My42MzcgMCAwIDAgMjMuODE1IDEuMjI1cTIuMTk3LS41IDQuMjkyLTEuMmwtMTAuNzM4LTE5LjQwNnptMzMuOTE0LTQ1bC0xNi40ODMgMTQuNzUzLjAwOS4wNDdhMy43MjUgMy43MjUgMCAwIDAgMS40NiA2LjM5NWwuMDIuMDg5IDIxLjM1IDYuMTVhNDQuMjc4IDQ0LjI3OCAwIDAgMC02LjM1Ni0yNy40MzJ6TTEyMS43IDk0LjAzOWEzLjcyNSAzLjcyNSAwIDAgMCA1LjkxMyAyLjg0bC4wNjUuMDI3IDE4LjAzNi0xMi43ODhhNDMuODUgNDMuODUgMCAwIDAtMjUuMjg3LTEyLjE5bDEuMjUzIDIyLjEwNXptLTE5LjEgMi45MjFhMy43MiAzLjcyIDAgMCAwIDUuOTA0LTIuODVsLjA5Mi0uMDQzIDEuMjUzLTIyLjE0YTQ0LjY4MiA0NC42ODIgMCAwIDAtNC41MDEuNzc2IDQzLjQ2NyA0My40NjcgMCAwIDAtMjAuOTM3IDExLjQwOWwxOC4xNTQgMTIuODY5em0tOS42NzggMTYuNzI5YTMuNzIgMy43MiAwIDAgMCAxLjQ2Mi02LjM5NmwuMDE4LS4wODgtMTYuNTc0LTE0LjgyNGE0My40NTQgNDMuNDU0IDAgMCAwLTYuMTY4IDI3LjUxbDIxLjI0NS02LjEzem0xNi4wOTggNi41MTJsNi4xMTQgMi45NCA2LjA5Ni0yLjkzNCAxLjUxNC02LjU4MS00LjIxOS01LjI3NmgtNi43OWwtNC4yMzEgNS4yNjh6IiBjbGFzcz0iY2xzLTIiLz48cGF0aCBkPSJNMjE2LjIwOCAxMzMuMTY3bC0xNy40MjItNzUuNjc1YTEzLjYwMiAxMy42MDIgMCAwIDAtNy4yOTMtOS4wNzNsLTcwLjUyMS0zMy42N2ExMy41ODkgMTMuNTg5IDAgMCAwLTExLjcwNSAwTDM4Ljc2IDQ4LjQzN2ExMy41OTggMTMuNTk4IDAgMCAwLTcuMjk1IDkuMDcybC0xNy4zOTQgNzUuNjczYTEzLjMxNSAxMy4zMTUgMCAwIDAtLjAwNCA1LjgxIDEzLjUwNiAxMy41MDYgMCAwIDAgLjQ5MSAxLjcxOCAxMy4xIDEzLjEgMCAwIDAgMS4zNDMgMi43MjZjLjIzOS4zNjUuNDkxLjcyLjc2NSAxLjA2NGw0OC44MDQgNjAuNjc4Yy4yMTMuMjY0LjQ0OC41MDUuNjgxLjc1YTEzLjQyMyAxMy40MjMgMCAwIDAgMi41NzQgMi4xMzMgMTMuOTI0IDEzLjkyNCAwIDAgMCAzLjg1NyAxLjY3NyAxMy4yOTggMTMuMjk4IDAgMCAwIDMuNDMuNDczaC43NTlsNzcuNTA0LS4wMThhMTIuOTkzIDEyLjk5MyAwIDAgMCAxLjQxLS4wODMgMTMuNDcgMTMuNDcgMCAwIDAgMS45ODktLjM3OCAxMy44NzIgMTMuODcyIDAgMCAwIDEuMzgxLS40NDJjLjM1My0uMTM1LjcwNS0uMjcgMS4wNDUtLjQzM2ExMy45NDEgMTMuOTQxIDAgMCAwIDEuNDc5LS44MjIgMTMuMzAzIDEzLjMwMyAwIDAgMCAzLjIzNy0yLjg2NWwxLjQ4OC0xLjg1IDQ3LjI5OS01OC44NGExMy4xODUgMTMuMTg1IDAgMCAwIDIuMTA4LTMuNzg1IDEzLjY3IDEzLjY3IDAgMCAwIC41LTEuNzI0IDEzLjI4MiAxMy4yODIgMCAwIDAtLjAwNC01Ljgxem0tNzMuMTQ3IDI5LjQzMmExNC41MTYgMTQuNTE2IDAgMCAwIC43MDMgMS43MDMgMy4zMTQgMy4zMTQgMCAwIDAtLjMyNyAyLjQ5IDM5LjM3MiAzOS4zNzIgMCAwIDAgMy43NDIgNi43IDM1LjA2IDM1LjA2IDAgMCAxIDIuMjYzIDMuMzY0Yy4xNy4zMTUuMzkyLjgwMy41NTMgMS4xMzZhNC4yNCA0LjI0IDAgMSAxLTcuNjMgMy42MDdjLS4xNjEtLjMzLS4zODUtLjc3LS41MjItMS4wODJhMzUuMjc1IDM1LjI3NSAwIDAgMS0xLjIyNS0zLjg2OCAzOS4zMDUgMzkuMzA1IDAgMCAwLTIuODk2LTcuMDk3IDMuMzM1IDMuMzM1IDAgMCAwLTIuMTU0LTEuMzA3Yy0uMTM1LS4yMzMtLjYzNS0xLjE1LS45MDMtMS42MjNhNTQuNjE3IDU0LjYxNyAwIDAgMS0zOC45NDgtLjFsLS45NTUgMS43M2EzLjQyOSAzLjQyOSAwIDAgMC0xLjgxOS44ODcgMjkuNTE3IDI5LjUxNyAwIDAgMC0zLjI2OCA3LjU4MiAzNC45IDM0LjkgMCAwIDEtMS4yMTggMy44NjhjLS4xMzUuMzEtLjM2MS43NDQtLjUyMiAxLjA3M3YuMDA5bC0uMDA3LjAwOGE0LjIzOCA0LjIzOCAwIDEgMS03LjYxOS0zLjYxNmMuMTU5LS4zMzUuMzcyLS44Mi41NC0xLjEzNWEzNS4xNzcgMzUuMTc3IDAgMCAxIDIuMjYyLTMuMzczIDQxLjIyOCA0MS4yMjggMCAwIDAgMy44Mi02Ljg2NiA0LjE4OCA0LjE4OCAwIDAgMC0uMzc2LTIuMzg3bC43NjgtMS44NGE1NC45MjIgNTQuOTIyIDAgMCAxLTI0LjMzOC0zMC4zODdsLTEuODM5LjMxM2E0LjY4IDQuNjggMCAwIDAtMi40MjgtLjg1NSAzOS41MjQgMzkuNTI0IDAgMCAwLTcuMzU2IDIuMTY1IDM1LjU4OSAzNS41ODkgMCAwIDEtMy43ODcgMS40NWMtLjMwNS4wODQtLjc0NS4xNjgtMS4wOTMuMjQ0LS4wMjguMDEtLjA1Mi4wMjItLjA4LjAyOWEuNjA1LjYwNSAwIDAgMS0uMDY1LjAwNiA0LjIzNiA0LjIzNiAwIDEgMS0xLjg3NC04LjIyNGwuMDYxLS4wMTUuMDM3LS4wMWMuMzUzLS4wODMuODA1LS4yIDEuMTI3LS4yNjJhMzUuMjcgMzUuMjcgMCAwIDEgNC4wNS0uMzI2IDM5LjM4OCAzOS4zODggMCAwIDAgNy41NjQtMS4yNDIgNS44MzUgNS44MzUgMCAwIDAgMS44MTQtMS44M2wxLjc2Ny0uNTE2YTU0LjYxMyA1NC42MTMgMCAwIDEgOC42MTMtMzguMDczbC0xLjM1My0xLjIwNmE0LjY4OCA0LjY4OCAwIDAgMC0uODQ4LTIuNDM2IDM5LjM2NiAzOS4zNjYgMCAwIDAtNi4yNzctNC40MSAzNS4yNSAzNS4yNSAwIDAgMS0zLjQ5OS0yLjA0NmMtLjI1Ni0uMTkxLS41OTYtLjQ3OC0uODc0LS43MDRsLS4wNjMtLjA0NGE0LjQ3MyA0LjQ3MyAwIDAgMS0xLjAzOC02LjIyMiA0LjA2NiA0LjA2NiAwIDAgMSAzLjM2My0xLjQ4OCA1LjAzIDUuMDMgMCAwIDEgMi45NDIgMS4xMWMuMjg3LjIyNS42OC41MjYuOTM1Ljc0NWEzNS4yNTMgMzUuMjUzIDAgMCAxIDIuNzggMi45NSAzOS4zODMgMzkuMzgzIDAgMCAwIDUuNjkgNS4xNDIgMy4zMzMgMy4zMzMgMCAwIDAgMi41MDcuMjQzcS43NTQuNTUgMS41MjIgMS4wODJBNTQuMjg5IDU0LjI4OSAwIDAgMSAxMDIuODYgNjEuODlhNTUuMDUyIDU1LjA1MiAwIDAgMSA3LjYzLTEuMTczbC4xLTEuNzg0YTQuNiA0LjYgMCAwIDAgMS4zNy0yLjE4NCAzOS40NzYgMzkuNDc2IDAgMCAwLS40Ny03LjY1NCAzNS40NjYgMzUuNDY2IDAgMCAxLS41NzYtNC4wMTRjLS4wMTEtLjMwNy4wMDYtLjczMS4wMS0xLjA4MSAwLS4wNC0uMDEtLjA4LS4wMS0uMTE4YTQuMjQyIDQuMjQyIDAgMSAxIDguNDQxLS4wMDRjMCAuMzcuMDIyLjg2LjAwOSAxLjJhMzUuMTA5IDM1LjEwOSAwIDAgMS0uNTc5IDQuMDEzIDM5LjUzMyAzOS41MzMgMCAwIDAtLjQ3OCA3LjY1NiAzLjM0NCAzLjM0NCAwIDAgMCAxLjM3OSAyLjExYy4wMTUuMzA1LjA2NSAxLjMyMy4xMDIgMS44ODRhNTUuMzA5IDU1LjMwOSAwIDAgMSAzNS4wMzIgMTYuOTI3bDEuNjA2LTEuMTQ3YTQuNjkgNC42OSAwIDAgMCAyLjU2LS4yNzggMzkuNTMyIDM5LjUzMiAwIDAgMCA1LjY5LTUuMTQ4IDM1LjAwNCAzNS4wMDQgMCAwIDEgMi43ODctMi45NWMuMjU5LS4yMjIuNjUtLjUyLjkzNi0uNzQ2YTQuMjQyIDQuMjQyIDAgMSAxIDUuMjU4IDYuNTk4Yy0uMjgzLjIyOS0uNjU3LjU0OC0uOTI5Ljc1YTM1LjA5NSAzNS4wOTUgMCAwIDEtMy41MDcgMi4wNDYgMzkuNDk1IDM5LjQ5NSAwIDAgMC02LjI3NyA0LjQxIDMuMzM3IDMuMzM3IDAgMCAwLS43OTIgMi4zOWMtLjIzNS4yMTYtMS4wNi45NDctMS40OTcgMS4zNDNhNTQuODM3IDU0LjgzNyAwIDAgMSA4Ljc5MiAzNy45ODNsMS43MDQuNDk2YTQuNzQ1IDQuNzQ1IDAgMCAwIDEuODIgMS44MyAzOS40NjQgMzkuNDY0IDAgMCAwIDcuNTY4IDEuMjQ2IDM1LjY0IDM1LjY0IDAgMCAxIDQuMDQ2LjMyNGMuMzU1LjA2NS44NjguMjA3IDEuMjMuMjlhNC4yMzYgNC4yMzYgMCAxIDEtMS44NzggOC4yMjNsLS4wNjEtLjAwOGMtLjAyOC0uMDA3LS4wNTQtLjAyMi0uMDgzLS4wMy0uMzQ4LS4wNzUtLjc4NS0uMTUxLTEuMDktLjIzMWEzNS4xNCAzNS4xNCAwIDAgMS0zLjc4NS0xLjQ2MiAzOS40NzcgMzkuNDc3IDAgMCAwLTcuMzYzLTIuMTY1IDMuMzM3IDMuMzM3IDAgMCAwLTIuMzYyLjg3N3EtLjktLjE3MS0xLjgwNC0uMzE2YTU0LjkyIDU0LjkyIDAgMCAxLTI0LjMyOCAzMC42MDV6IiBjbGFzcz0iY2xzLTIiLz48cGF0aCBkPSJNMjI1LjQwNyAxMzUuMTA3TDIwNi40IDUyLjU0N2ExNC44MzggMTQuODM4IDAgMCAwLTcuOTU4LTkuOWwtNzYuOTM1LTM2LjczYTE0LjgyNSAxNC44MjUgMCAwIDAtMTIuNzcxIDBMMzEuODA4IDQyLjY2OWExNC44MzggMTQuODM4IDAgMCAwLTcuOTYxIDkuODk1TDQuODczIDEzNS4xMjlhMTQuNjY4IDE0LjY2OCAwIDAgMCAxLjk5NSAxMS4xODVjLjI2MS40LjUzOC43ODguODM4IDEuMTYybDUzLjI0NiA2Ni4yMDVhMTQuOTggMTQuOTggMCAwIDAgMTEuNDk5IDUuNDg3bDg1LjM4Ny0uMDJhMTQuOTg2IDE0Ljk4NiAwIDAgMCAxMS41LTUuNDhsNTMuMjI3LTY2LjIxMWExNC43MiAxNC43MiAwIDAgMCAyLjg0Mi0xMi4zNDd6bS05LjE5NyAzLjg2NmExMy42NzcgMTMuNjc3IDAgMCAxLS40OTggMS43MjMgMTMuMTg0IDEzLjE4NCAwIDAgMS0yLjExIDMuNzg2bC00Ny4yOTkgNTguODM4LTEuNDg2IDEuODUyYTEzLjMwNSAxMy4zMDUgMCAwIDEtMy4yNCAyLjg2NSAxMy45NDUgMTMuOTQ1IDAgMCAxLTEuNDc0LjgyMnEtLjUxMy4yMzctMS4wNDUuNDNhMTMuODczIDEzLjg3MyAwIDAgMS0xLjM4My40NDUgMTMuNDczIDEzLjQ3MyAwIDAgMS0xLjk4OS4zNzkgMTIuOTg4IDEyLjk4OCAwIDAgMS0xLjQxLjA4MmwtNzcuNTA0LjAxOGgtLjc2YTEzLjI5OCAxMy4yOTggMCAwIDEtMy40MjktLjQ3MiAxMy45MjUgMTMuOTI1IDAgMCAxLTMuODU1LTEuNjc5IDEzLjQyNCAxMy40MjQgMCAwIDEtMi41NzYtMi4xMzJjLS4yMzMtLjI0Ni0uNDY4LS40ODctLjY4LS43NWwtNDguODA1LTYwLjY3OXEtLjQwOC0uNTE0LS43NjUtMS4wNjZhMTMuMTAyIDEzLjEwMiAwIDAgMS0xLjM0My0yLjcyNiAxMy41MDUgMTMuNTA1IDAgMCAxLS40OTEtMS43MTkgMTMuMzE1IDEzLjMxNSAwIDAgMSAuMDA0LTUuODA5bDE3LjM5NC03NS42NzVhMTMuNTk4IDEzLjU5OCAwIDAgMSA3LjI5NS05LjA3bDcwLjUwOC0zMy42ODVhMTMuNTg5IDEzLjU4OSAwIDAgMSAxMS43MDUgMGw3MC41MTkgMzMuNjdhMTMuNjAyIDEzLjYwMiAwIDAgMSA3LjI5MyA5LjA3M2wxNy40MjIgNzUuNjc0YTEzLjI4MiAxMy4yODIgMCAwIDEgLjAwMiA1LjgwN3oiIGNsYXNzPSJjbHMtMSIvPjxwYXRoIGQ9Ik0xODUuODE0IDEyNy4xMDZjLS4zNi0uMDgzLS44NzQtLjIyNS0xLjIyNy0uMjlhMzUuNjQyIDM1LjY0MiAwIDAgMC00LjA0Ni0uMzI2IDM5LjQ2NCAzOS40NjQgMCAwIDEtNy41Ny0xLjI0MiA0Ljc0NSA0Ljc0NSAwIDAgMS0xLjgyLTEuODMybC0xLjcwNC0uNDk2YTU0LjgzNyA1NC44MzcgMCAwIDAtOC43OS0zNy45ODNjLjQzNi0uMzk2IDEuMjYyLTEuMTI3IDEuNDk1LTEuMzQyYTMuMzM4IDMuMzM4IDAgMCAxIC43OTItMi4zOSAzOS40OTUgMzkuNDk1IDAgMCAxIDYuMjc3LTQuNDEgMzUuMDk1IDM1LjA5NSAwIDAgMCAzLjUwNy0yLjA0NmMuMjcyLS4yMDIuNjQ0LS41MjIuOTI5LS43NWE0LjI0MiA0LjI0MiAwIDEgMC01LjI1Ni02LjZjLS4yODguMjI3LS42OC41MjUtLjkzNi43NDdhMzUuMDA0IDM1LjAwNCAwIDAgMC0yLjc4OSAyLjk1IDM5LjUzMyAzOS41MzMgMCAwIDEtNS42OSA1LjE0OCA0LjY5IDQuNjkgMCAwIDEtMi41Ni4yNzhsLTEuNjA2IDEuMTQ3YTU1LjMwOSA1NS4zMDkgMCAwIDAtMzUuMDMyLTE2LjkyN2MtLjAzOS0uNTYxLS4wODctMS41NzctLjEwMi0xLjg4NGEzLjM0NCAzLjM0NCAwIDAgMS0xLjM3Ny0yLjExIDM5LjUzMyAzOS41MzMgMCAwIDEgLjQ3OC03LjY1NiAzNS4xMTIgMzUuMTEyIDAgMCAwIC41NzUtNC4wMTJjLjAxMy0uMzQtLjAwNy0uODM0LS4wMDctMS4yMDFhNC4yNDIgNC4yNDIgMCAxIDAtOC40NDEuMDA0YzAgLjA0LjAwOS4wNzguMDEuMTE4LS4wMDQuMzUtLjAyMS43NzQtLjAxIDEuMDhhMzUuNDc2IDM1LjQ3NiAwIDAgMCAuNTc2IDQuMDE1IDM5LjQ3NSAzOS40NzUgMCAwIDEgLjQ3IDcuNjU0IDQuNjAxIDQuNjAxIDAgMCAxLTEuMzcgMi4xODJsLS4xIDEuNzg2YTU1LjA1MiA1NS4wNTIgMCAwIDAtNy42MyAxLjE3MyA1NC4yODkgNTQuMjg5IDAgMCAwLTI3LjU3NCAxNS43NTRxLS43Ny0uNTMxLTEuNTI2LTEuMDgyYTMuMzMzIDMuMzMzIDAgMCAxLTIuNTA2LS4yNDMgMzkuMzgzIDM5LjM4MyAwIDAgMS01LjY5LTUuMTQxIDM1LjI1NSAzNS4yNTUgMCAwIDAtMi43NzctMi45NWMtLjI1Ny0uMjItLjY1LS41Mi0uOTM4LS43NWE1LjAzIDUuMDMgMCAwIDAtMi45NDItMS4xMSA0LjA2NiA0LjA2NiAwIDAgMC0zLjM2MyAxLjQ5IDQuNDczIDQuNDczIDAgMCAwIDEuMDM4IDYuMjIybC4wNjUuMDQ2Yy4yNzYuMjI2LjYxNi41MTUuODcyLjcwMmEzNS4yNTYgMzUuMjU2IDAgMCAwIDMuNDk5IDIuMDQ4IDM5LjM2NyAzOS4zNjcgMCAwIDEgNi4yNzYgNC40MTIgNC42OSA0LjY5IDAgMCAxIC44NDkgMi40MzRsMS4zNTEgMS4yMDhhNTQuNjEzIDU0LjYxMyAwIDAgMC04LjYxMSAzOC4wNzNsLTEuNzY3LjUxNGE1LjgzNSA1LjgzNSAwIDAgMS0xLjgxNCAxLjgyNyAzOS4zOSAzOS4zOSAwIDAgMS03LjU2NSAxLjI0NyAzNS4yNjYgMzUuMjY2IDAgMCAwLTQuMDQ5LjMyNmMtLjMyNC4wNi0uNzc0LjE3NC0xLjEyNy4yNjJsLS4wMzcuMDA4LS4wNi4wMThhNC4yMzYgNC4yMzYgMCAxIDAgMS44NzUgOC4yMjRsLjA2My0uMDFjLjAyOC0uMDA2LjA1Mi0uMDIuMDgtLjAyNS4zNDgtLjA4Ljc4Ni0uMTYzIDEuMDkyLS4yNDZhMzUuNTkgMzUuNTkgMCAwIDAgMy43ODYtMS40NTEgMzkuNTI3IDM5LjUyNyAwIDAgMSA3LjM1OC0yLjE2NSA0LjY4IDQuNjggMCAwIDEgMi40MjYuODU3bDEuODQtLjMxNWE1NC45MjIgNTQuOTIyIDAgMCAwIDI0LjM0IDMwLjM4N2wtLjc2OSAxLjg0YTQuMTg4IDQuMTg4IDAgMCAxIC4zNzcgMi4zODcgNDEuMjI4IDQxLjIyOCAwIDAgMS0zLjgyIDYuODY0IDM1LjE4MyAzNS4xODMgMCAwIDAtMi4yNjMgMy4zNzJjLS4xNjguMzE4LS4zODEuODA1LS41NDIgMS4xMzhhNC4yMzggNC4yMzggMCAxIDAgNy42MjEgMy42MTZsLjAwNy0uMDA4di0uMDFjLjE2LS4zMy4zODctLjc2My41MjItMS4wNzJhMzQuOTAzIDM0LjkwMyAwIDAgMCAxLjIxOC0zLjg2OCAyOS41MTcgMjkuNTE3IDAgMCAxIDMuMjY4LTcuNTgyIDMuNDMgMy40MyAwIDAgMSAxLjgxOS0uODg4bC45NTctMS43M2E1NC42MTcgNTQuNjE3IDAgMCAwIDM4Ljk0Ni4wOTljLjI2OC40NzguNzY4IDEuMzkyLjkgMS42MjNhMy4zMzUgMy4zMzUgMCAwIDEgMi4xNTUgMS4zMSAzOS4zMDYgMzkuMzA2IDAgMCAxIDIuODk4IDcuMDk2IDM1LjI3NSAzNS4yNzUgMCAwIDAgMS4yMjUgMy44NjhjLjEzNy4zMTIuMzYuNzUuNTIyIDEuMDgyYTQuMjQgNC4yNCAwIDEgMCA3LjYzLTMuNjA3Yy0uMTYxLS4zMzMtLjM4My0uODItLjU1LTEuMTM2YTM1LjA2IDM1LjA2IDAgMCAwLTIuMjYzLTMuMzY0IDM5LjM3MiAzOS4zNzIgMCAwIDEtMy43NDItNi43IDMuMzE0IDMuMzE0IDAgMCAxIC4zMjQtMi40OSAxNC41MTkgMTQuNTE5IDAgMCAxLS43MDMtMS43MDMgNTQuOTIgNTQuOTIgMCAwIDAgMjQuMzI4LTMwLjYwNWMuNTQ2LjA4NyAxLjQ5Ny4yNTMgMS44MDYuMzE2YTMuMzM3IDMuMzM3IDAgMCAxIDIuMzYtLjg3NyAzOS40NzYgMzkuNDc2IDAgMCAxIDcuMzYgMi4xNjUgMzUuMTM1IDM1LjEzNSAwIDAgMCAzLjc4OCAxLjQ2MmMuMzA1LjA4Ljc0LjE1NiAxLjA5LjIzMy4wMjkuMDA4LjA1NS4wMi4wODMuMDI4bC4wNi4wMDlhNC4yMzYgNC4yMzYgMCAxIDAgMS44NzgtOC4yMjR6bS00MC4xLTQyLjk4N2wtMTguMDM3IDEyLjc4Ny0uMDYzLS4wM2EzLjcyMyAzLjcyMyAwIDAgMS01LjkxMy0yLjgzOGwtLjAyLS4wMS0xLjI1My0yMi4xMDNhNDMuODUgNDMuODUgMCAwIDEgMjUuMjg1IDEyLjE5NHptLTMzLjk3OCAyNC4yMjhoNi43ODhsNC4yMiA1LjI3Ni0xLjUxMyA2LjU4LTYuMDk2IDIuOTM0LTYuMTE0LTIuOTQtMS41MTYtNi41ODN6bS02LjM4Ni0zNS42NDhhNDQuNjcyIDQ0LjY3MiAwIDAgMSA0LjUwMy0uNzc0bC0xLjI1NSAyMi4xMzctLjA5Mi4wNDRhMy43MiAzLjcyIDAgMCAxLTUuOTA0IDIuODUybC0uMDM1LjAyLTE4LjE1NC0xMi44NzJhNDMuNDY3IDQzLjQ2NyAwIDAgMSAyMC45MzctMTEuNDA3em0tMjcuNTIgMTkuNjhsMTYuNTc0IDE0LjgyNC0uMDE4LjA5YTMuNzIgMy43MiAwIDAgMS0xLjQ2MiA2LjM5NWwtLjAxNy4wNzItMjEuMjQ1IDYuMTNhNDMuNDU0IDQzLjQ1NCAwIDAgMSA2LjE2OC0yNy41MXptMjIuMTkxIDM5LjM4bC04LjQ0MSAyMC4zOTdhNDMuNjk2IDQzLjY5NiAwIDAgMS0xNy41MzYtMjEuOTQ4bDIxLjc4My0zLjcuMDM3LjA0OWEzLjY1NSAzLjY1NSAwIDAgMSAuNzMtLjA2NSAzLjcyIDMuNzIgMCAwIDEgMy4zNjQgNS4xODV6bTI0LjkxNiAyNi4yM2E0My42MzcgNDMuNjM3IDAgMCAxLTIzLjgxNS0xLjIyM2wxMC43MTMtMTkuMzcyaC4wMThhMy43MjUgMy43MjUgMCAwIDEgNi41NTctLjAwNmguMDhsMTAuNzQgMTkuNDA0cS0yLjA5MS42OTgtNC4yOTMgMS4xOTl6bTEzLjg0MS01Ljc1MWwtOC41MjgtMjAuNjA1LjAyNi0uMDM3YTMuNzI1IDMuNzI1IDAgMCAxIDEuODAzLTQuODIzIDMuNjg1IDMuNjg1IDAgMCAxIDEuNDI1LS4zNyAzLjU5IDMuNTkgMCAwIDEgLjg1NS4wNjNsLjAzNy0uMDQ2IDIxLjk3NyAzLjcxNGE0My41MyA0My41MyAwIDAgMS0xNy41OTUgMjIuMTA1em0xOS45MDMtMzIuNDJsLTIxLjM1Mi02LjE1LS4wMi0uMDlhMy43MjUgMy43MjUgMCAwIDEtMS40Ni02LjM5NWwtLjAwOC0uMDQzIDE2LjQ4Mi0xNC43NTFhNDQuMjc5IDQ0LjI3OSAwIDAgMSA2LjM1NyAyNy40M3oiIGNsYXNzPSJjbHMtMSIvPjwvc3ZnPg==
+  longDescription: Metrics Server is a scalable and efficient source of container
+    resource metrics for Kubernetes built-in autoscaling pipelines.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Scalable and efficient source of container resource metrics for
+    Kubernetes built-in autoscaling pipelines.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-metrics-server
+    for community support.
diff --git a/repo/packages/postgresql-operator.packages.kadras.io/1.27.0.yml b/repo/packages/postgresql-operator.packages.kadras.io/1.27.0.yml
new file mode 100644
index 0000000..054ae8e
--- /dev/null
+++ b/repo/packages/postgresql-operator.packages.kadras.io/1.27.0.yml
@@ -0,0 +1,31 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: postgresql-operator.packages.kadras.io.1.27.0
+spec:
+  licenses:
+  - Apache 2.0
+  refName: postgresql-operator.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-postgresql-operator/releases
+  releasedAt: "2025-08-14T17:53:47Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-postgresql-operator@sha256:7ba0b9f3ab4414eecd25540f29d5176abd8290c2850c3c85115c78ea2d9b25b8
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      default: null
+      nullable: true
+  version: 1.27.0
diff --git a/repo/packages/postgresql-operator.packages.kadras.io/metadata.yml b/repo/packages/postgresql-operator.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..afa8ece
--- /dev/null
+++ b/repo/packages/postgresql-operator.packages.kadras.io/metadata.yml
@@ -0,0 +1,19 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: postgresql-operator.packages.kadras.io
+spec:
+  categories:
+  - database
+  displayName: postgresql-operator
+  longDescription: CloudNativePG is a Kubernetes operator that covers the full lifecycle
+    of a PostgreSQL database cluster with a primary/standby architecture, using native
+    streaming replication.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: CloudNativePG is a Kubernetes operator that covers the full lifecycle
+    of a PostgreSQL database cluster.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-postgresql-operator
+    for community support.
diff --git a/repo/packages/rabbitmq-operator.packages.kadras.io/2.16.1.yml b/repo/packages/rabbitmq-operator.packages.kadras.io/2.16.1.yml
new file mode 100644
index 0000000..1b18205
--- /dev/null
+++ b/repo/packages/rabbitmq-operator.packages.kadras.io/2.16.1.yml
@@ -0,0 +1,44 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: rabbitmq-operator.packages.kadras.io.2.16.1
+spec:
+  licenses:
+  - Apache 2.0
+  refName: rabbitmq-operator.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-rabbitmq-operator/releases
+  releasedAt: "2025-09-15T15:15:32Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-rabbitmq-operator@sha256:d8066a1d87ead89aa1b8801f54fbf8a111313c56ab9bf0fec2611b5b0fe06534
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        logging:
+          additionalProperties: false
+          description: Logging configuration.
+          properties:
+            level:
+              default: info
+              description: The Operator log level. Valid options are `info` and `debug`.
+              enum:
+              - info
+              - debug
+              type: string
+          type: object
+      type: object
+  version: 2.16.1
diff --git a/repo/packages/rabbitmq-operator.packages.kadras.io/metadata.yml b/repo/packages/rabbitmq-operator.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..651112e
--- /dev/null
+++ b/repo/packages/rabbitmq-operator.packages.kadras.io/metadata.yml
@@ -0,0 +1,20 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: rabbitmq-operator.packages.kadras.io
+spec:
+  categories:
+  - eventing
+  - messaging
+  - streaming
+  displayName: rabbitmq-operator
+  longDescription: Operator for RabbitMQ, an open-source message broker supporting
+    multiple messaging protocols and streaming.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Operator for RabbitMQ, a message broker supporting multiple messaging
+    protocols and streaming.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-rabbitmq-operator
+    for community support.
diff --git a/repo/packages/rbac-configurer.packages.kadras.io/0.2.1.yml b/repo/packages/rbac-configurer.packages.kadras.io/0.2.1.yml
new file mode 100644
index 0000000..859b647
--- /dev/null
+++ b/repo/packages/rbac-configurer.packages.kadras.io/0.2.1.yml
@@ -0,0 +1,31 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: rbac-configurer.packages.kadras.io.0.2.1
+spec:
+  licenses:
+  - Apache 2.0
+  refName: rbac-configurer.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/rbac-configurer/releases
+  releasedAt: "2023-09-08T16:07:10Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/rbac-configurer@sha256:3421d6fb80f732536d46401ef5e43e1e476b332f94660fb04d59ef4021df3f7d
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      default: null
+      nullable: true
+  version: 0.2.1
diff --git a/repo/packages/rbac-configurer.packages.kadras.io/metadata.yml b/repo/packages/rbac-configurer.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..76cf3f5
--- /dev/null
+++ b/repo/packages/rbac-configurer.packages.kadras.io/metadata.yml
@@ -0,0 +1,18 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: rbac-configurer.packages.kadras.io
+spec:
+  categories:
+  - rbac
+  displayName: rbac-configurer
+  longDescription: Default roles and RBAC configuration for the Kadras Engineering
+    Platform, supporting users and service accounts.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Default roles and RBAC configuration for the Kadras Engineering
+    Platform.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/rbac-configurer
+    for community support.
diff --git a/repo/packages/secretgen-controller.packages.kadras.io/0.19.2.yml b/repo/packages/secretgen-controller.packages.kadras.io/0.19.2.yml
new file mode 100644
index 0000000..b3dd67c
--- /dev/null
+++ b/repo/packages/secretgen-controller.packages.kadras.io/0.19.2.yml
@@ -0,0 +1,35 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: secretgen-controller.packages.kadras.io.0.19.2
+spec:
+  licenses:
+  - Apache 2.0
+  refName: secretgen-controller.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-secretgen-controller/releases
+  releasedAt: "2025-05-30T18:30:26Z"
+  template:
+    spec:
+      deploy:
+      - kapp:
+          rawOptions:
+          - --wait-timeout=5m
+          - --kube-api-qps=50
+          - --kube-api-burst=100
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-secretgen-controller@sha256:a75097ef7dc675acb9144cd6b7c76fccfb3d7aa57969cf3b0ec36a0f48fe35df
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      default: null
+      nullable: true
+  version: 0.19.2
diff --git a/repo/packages/secretgen-controller.packages.kadras.io/metadata.yml b/repo/packages/secretgen-controller.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..f805679
--- /dev/null
+++ b/repo/packages/secretgen-controller.packages.kadras.io/metadata.yml
@@ -0,0 +1,18 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: secretgen-controller.packages.kadras.io
+spec:
+  categories:
+  - secrets management
+  displayName: secretgen-controller
+  iconSVGBase64: PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c3ZnIGlkPSJhcnR3b3JrIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCA0MDAgNDAwIj48ZGVmcz48c3R5bGU+LmNscy0xe2ZpbGw6bm9uZTt9LmNscy0ye2ZpbGw6I2ZmZjt9LmNscy0ze2ZpbGw6IzFlNDQ4ODt9LmNscy00e2ZpbGw6IzIwOGZjZTt9LmNscy01e2ZpbGw6IzE3YmVkMjt9LmNscy02e2ZpbGw6IzcyNzA3NDt9LmNscy03e2ZpbGw6Izc5NDQ5OTt9PC9zdHlsZT48L2RlZnM+PGNpcmNsZSBjbGFzcz0iY2xzLTIiIGN4PSIyMjYuMzg1ODciIGN5PSIxOTguOTU2NTIiIHI9IjE0NS4xNzU3NCIvPjxwYXRoIGNsYXNzPSJjbHMtMSIgZD0iTTE0NS4yOTE5LDMxOS4zNzU1OGM1Ni40Njc0MSwzOC4wMzUwNywxMzEuNzg1MDMsMzEuNjk5MTksMTgxLjEwNDY1LTE1LjIzNDg5LTcyLjM5NzQyLDE4Ljc1Nzk2LTE0NS4yMzkyNCwxNy40ODgzOC0xODEuMTA0NjUsMTUuMjM0ODlaIi8+PHBhdGggY2xhc3M9ImNscy0xIiBkPSJNMzM2Ljk2NTc2LDIwMi4yMjU3YzEwLjY2NDQyLS4zMTczOSwyMi4yMTc1NC0uMTkwNDMsMzQuNTY0MTQtLjg4ODd2LTIuMzgwNDVjLS4yMTQxMS04MC4xOTU1OC02NS4zOTkwNC0xNDUuMDMzMzgtMTQ1LjU5NDYyLTE0NC44MTkyNy01My40NDUzLC4xNDI2OS0xMDIuNDkyMDQsMjkuNjMyNzYtMTI3LjY4MTA5LDc2Ljc3MDEyLDI5LjY0NDUzLDE1Ljg2OTY3LDc3LjY2NjE2LDM2LjUzMTk3LDE1My45OTkyOCw1OS4zNTI1NiwxNS4xNzE0LDQuNTcwNDcsNjguNzQ3MzcsMTIuNDQxODEsODQuNzEyMywxMS45NjU3NFoiLz48cGF0aCBjbGFzcz0iY2xzLTEiIGQ9Ik00OC43NDA4Miw3Mi4xMjYxNHMwLDIuNjY2MSwuMjIyMTcsNy40OTA0OWMtLjA2MzQ5LTIuNDc1NjYtLjE1ODcxLTQuOTUxMzMtLjIyMjE3LTcuNDkwNDlaIi8+PHBhdGggY2xhc3M9ImNscy02IiBkPSJNMjI2LjM4NTg3LDMyLjMyNTAxYy02MS40MjQ1LS4wMDM5OC0xMTcuODY2MTksMzMuNzk3NjEtMTQ2Ljg1NzksODcuOTQ5NzEsNS4yMDUyNSwzLjE3MzkzLDExLjMzMDk0LDYuNzkyMjIsMTguNTk5MjUsMTAuNjMyNjcsMzcuNTk5NzMtNzAuODM1MywxMjUuNTAzNjQtOTcuNzc4MDcsMTk2LjMzODk0LTYwLjE3ODM2LDQ3LjQ0ODMxLDI1LjE4NTc5LDc3LjExNTY1LDc0LjUwOTExLDc3LjEyNzE4LDEyOC4yMjc1djIuMzgwNDVjLS4wODgzOSw2LjExODA3LS41NjU0MiwxMi4yMjQzMS0xLjQyODI2LDE4LjI4MTg2LS4wMTU2OSwuMTE1ODUtLjAxNTY5LC4yMzMyOSwwLC4zNDkxMy0xLjE1NDM0LDcuODA5MDYtMi45MjY3NSwxNS41MTQxOS01LjMwMDQ2LDIzLjA0Mjc3LS41MjkwMSwxLjcxMzktMS4xMDAyOSwzLjM5NjA4LTEuNzEzOSw1LjA0NjU0LTIuMjk2MTgsNi4zNzYzNy01LjA0MzI1LDEyLjU4MTItOC4yMjA0OCwxOC41Njc1MS0uMzgwODYsLjczMDAyLS43NjE3NiwxLjQ5MTc1LTEuMTc0MzQsMi4yMjE3NC0zLjYwNTY0LDYuNTY2NTUtNy43MjMzOSwxMi44Mzg2My0xMi4zMTQ4OCwxOC43NTc5NmwtLjU3MTI4LC42OTgyN2MtNDYuODk3OSw2MC4wNzI1Mi0xMzIuMjY5MjQsNzMuNjQyNjYtMTk1LjQ4MjU3LDMxLjA3MjgxLTExLjE0MDQ5LS42OTgyNy0xOC43MjYyMS0xLjQ5MTc1LTIxLjU4Mjc2LTEuODQwODl2LjE1ODcxbC0xLjA0NzQtLjI1MzkyaC0uMzgwODhsLTE2Ljc5MDExLTQuMTU3ODUtLjc5MzQ4LS40NDQzNWM2Mi44NDY0Niw2Ny4yMDMxNCwxNjguMjcyNDksNzAuNzM0ODgsMjM1LjQ3NTYsNy44ODg0NCw5LjEwNzgyLTguNTE3MzgsMTcuMjMwNTYtMTguMDMwMzksMjQuMjE1NjMtMjguMzYwMywyLjA5NDgxLTMuMTczOTMsNC4wMzA5MS02LjM0Nzg3LDUuOTM1MjQtOS41MjE4LC4wOTM1Ny0uMTk2OTcsLjE5OTU4LS4zODc4MSwuMzE3NDEtLjU3MTMxLDIuOTY0ODEtNS4xNDQyNSw1LjY1NTg1LTEwLjQ0MTUyLDguMDYxNzctMTUuODY5NjcsLjM4MDg2LS44NTY5NSwuNzkzNDgtMS43MTM5MywxLjE3NDM0LTIuNjAyNjIsMi41MzI2Mi02LjAyMzIxLDQuNzA1My0xMi4xOTE1LDYuNTA2NTctMTguNDcyMjksLjQ0NDM1LTEuNTU1MjIsLjkyMDQyLTMuMTczOTMsMS4zMzMwNS00LjcyOTE1LDIuMDY3NDQtOC4wNDU3OSwzLjUyMTAzLTE2LjIzNjkyLDQuMzQ4MjctMjQuNTAyNzcsLjAxNTU5LS4xMjY0OCwuMDE1NTktLjI1NDQsMC0uMzgwODgsLjU3NDQzLTUuNTE0NTMsLjg2MDUxLTExLjA1NTMsLjg1Njk4LTE2LjU5OTY4aDBjLjA4NzY2LTkyLjAyODAxLTc0LjQ0NDcyLTE2Ni43MDI0OS0xNjYuNDcyNzctMTY2Ljc5MDE1LS4wNTI4OS0uMDAwMDUtLjEwNTgyLS4wMDAwNy0uMTU4NzUtLjAwMDA3WiIvPjxwYXRoIGNsYXNzPSJjbHMtNiIgZD0iTTY2LjcwNTI3LDIxOS43MTQwNWMtLjQxMjYtMS44MDkxNC0uODU2OTUtMy41NTQ4MS0xLjI2OTU4LTUuNDU5MTcsLjQxMjYzLDEuODQwODksLjg1Njk4LDMuNjUwMDMsMS4yNjk1OCw1LjQ1OTE3WiIvPjxwYXRoIGNsYXNzPSJjbHMtNiIgZD0iTTY3LjY4OTIxLDIyMy45OTg4NmMuMzQ5MTMsMS40MjgyNiwuNjk4MjcsMi43OTMwNSwxLjA0NzQsNC4xNTc4NS0uNzMwMDItMi43OTMwNS0xLjM2NDc5LTUuNjE3ODUtMi4wMzEzMi04LjQ0MjY4LC4zMTczOSwxLjQyODMxLC42NjY1LDIuOTIwMDQsLjk4MzkxLDQuMjg0ODNaIi8+PHBhdGggY2xhc3M9ImNscy02IiBkPSJNNjUuNDM1NzIsMjE0LjI1NDg4Yy0uNzYxNzQtMy40NTk1OC0xLjUyMzUtNi45NTA5Mi0yLjIyMTc0LTEwLjQxMDUsLjcyOTk5LDMuNTg2NTYsMS40NTk5OCw3LjA0NjE0LDIuMjIxNzQsMTAuNDEwNVoiLz48cGF0aCBjbGFzcz0iY2xzLTUiIGQ9Ik0yODIuNzg2NjgsMjM5LjEwNjc5cy0xMzkuMjA4NzMtMjEuMTA2NjYtMjAwLjk3MzQ4LTUyLjkwOTQ3Yy02LjM1Nzg5LTMuMTMzNDUtMTIuMzU5NTYtNi45NDMtMTcuOTAwOTgtMTEuMzYyNjlsLjc2MTc0LDMuNTU0ODFjMi4yODUyNCwxMC41Mzc0Niw1LjA3ODI5LDIxLjUxOTI3LDguNDQyNjgsMzIuNzU0OTksMS41ODY5NywuNjAzMDYsNC42MDIxOSwxLjcxMzkzLDguOTE4NzUsMy4xNzM5MywzNy44MzMyOCwxMy40ODkyMiwxNzMuMjY1MDMsNTguNTkwODEsMjcyLjk1ODMsNTIuMjQyOTUsMy4xNzcyMy01Ljk4NjMxLDUuOTI0My0xMi4xOTExNCw4LjIyMDQ4LTE4LjU2NzUxLC41OTI1LTEuNjUwNDYsMS4xNjM3OC0zLjMzMjYyLDEuNzEzOS01LjA0NjU0LTI3LjQ0MDMyLDEuMzE2NTYtNTQuOTQzNjQsLjAzMDY2LTgyLjE0MTM3LTMuODQwNDhaIi8+PHBhdGggY2xhc3M9ImNscy01IiBkPSJNNDkuNTAyNTYsMTc2LjQ4NTA5di0uNjk4MjdsLTIyLjIxNzU0LDMxLjczOTM0aDBsMTAuNjAwOTMsMjAuMDkxMDFoMGwxOC4xMjMxNi0xNi4xNTUzMWMtMi4zODA0My0xMC41Mzc0OC00LjU3MDQ1LTIyLjE1NDA5LTYuNTA2NTUtMzQuOTc2NzZaIi8+PHBhdGggY2xhc3M9ImNscy03IiBkPSJNMjAwLjMyNzksMjAwLjYwNjk4Yy01NC44NzczNC0xNS44Njk2Ny05MC45NjQ5NS0zMS4zMjY3My0xMTMuMTgyNDktNDIuNzg0NjQtOC4xNTcwMS00LjE4OTU5LTE0LjQ0MTQxLTcuODM5NjItMTkuMDQzNi0xMC43NTk2My01LjU4NjEzLTMuNDkxMzItOC44MjM1My01LjkwMzUyLTEwLjA5MzExLTYuODg3NDN2LjQ3NjA5YzEuMTc0MzYsOC42OTY1OCwyLjY2NjA5LDE3Ljk5NjIsNC41NzA0NywyNy44MDM2NywuNDEyNiwyLjA5NDgxLC44NTY5NSw0LjI1MzA2LDEuMzAxMzIsNi4zNDc4Nyw1LjU0MTQzLDQuNDE5NjgsMTEuNTQzMDksOC4yMjkyNywxNy45MDA5OCwxMS4zNjI2OSw2MS43NjQ3NSwzMS43MzkzNCwyMDAuOTczNDgsNTIuOTA5NDcsMjAwLjk3MzQ4LDUyLjkwOTQ3LDI3LjE4NDI3LDMuOTAwOTIsNTQuNjc2ODksNS4yMTg3MSw4Mi4xMDk2NSwzLjkzNTY3LDIuMzczNzItNy41Mjg1OCw0LjE0NjEzLTE1LjIzMzcsNS4zMDA0Ni0yMy4wNDI3Ny0uMDE1NjktLjExNTg1LS4wMTU2OS0uMjMzMjksMC0uMzQ5MTMtNDYuMTQ4OTcsNS44NDAwNS0xMDUuMDI1NDYtLjM0OTEzLTE2OS44MzcxOC0xOS4wMTE4NloiLz48cGF0aCBjbGFzcz0iY2xzLTciIGQ9Ik05OS4xNDI4OCwyNjguODc4M2wtNC41NzA0Ny0xLjQ2MDAxdi4xOTA0M2M4LjIzNDkxLDE3LjQ0ODM1LDE3Ljk2MjE1LDM0LjE1MjQ4LDI5LjA3MzI0LDQ5LjkyNTk2LDIuODU2NTUsLjM0OTEzLDEwLjQ0MjIyLDEuMTQyNjIsMjEuNTgyNzYsMS44NDA4OSwzNS44NjU0NiwyLjI1MzQ5LDEwOC43MDcyMywzLjUyMzA3LDE4MS4xMDQ2NS0xNS4yMzQ4OSw1LjE3ODUyLTQuOTI3MDIsOS45ODQzNi0xMC4yMzE0OCwxNC4zNzc5Mi0xNS44Njk2N2wuNTcxMjgtLjY5ODI3Yy04MS4wODg1OSwxMi4xNTE5MS0xNjMuODc3MDQsNS43NjAxOS0yNDIuMTM5MzgtMTguNjk0NDRaIi8+PHBhdGggY2xhc3M9ImNscy03IiBkPSJNNDQuOTYzODMsMTM5LjMxODMybC0zMC41OTY3Miw0MC43NTMzMWgwbDEyLjY5NTczLDI3LjMyNzU3LDIyLjIxNzU0LTMxLjczOTM0Yy0xLjYyOTI3LTEwLjc5MTM2LTMuMDU3NTYtMjIuNDI5MTMtNC4yODQ4MS0zNC45MTMyNywuMDYzNDctLjMxNzQsLjAzMTc1LS44ODg3MS0uMDMxNzUtMS40MjgyN1oiLz48cGF0aCBjbGFzcz0iY2xzLTciIGQ9Ik03MS4wODUzMSwyNjQuMTgwODdsLTcuMzk1MjcsNS40OTA5MnMxMy43NDMxNCwxNy43NDIyOCwxNS4wNDQ0NCwxOS4wNDM2YzIuNDc1NjYsMi41MzkxNiw0Ljc2MDksNC42MDIxOSw2Ljc5MjIyLDYuMzQ3ODctNS42Mzc1NC05Ljc4MTktMTAuNDI2NTUtMjAuMDI4ODctMTQuMzE0NDUtMzAuNjI4NDctLjA1MjY5LS4wNzkwNC0uMDk1MzQtLjE2NDMyLS4xMjY5NC0uMjUzOTJaIi8+PHBhdGggY2xhc3M9ImNscy0zIiBkPSJNMjUyLjEyNjQ3LDE5MC4yNTk5NWMtNzYuMzMzMTItMjIuNjYxODgtMTI0LjM1NDctNDMuNTQ2MzctMTUzLjg3MjI5LTU5LjM1MjU2LTcuMjY4MzEtMy44NDA0Ni0xMy4zOTQtNy40MjcwMS0xOC41OTkyNS0xMC42MzI2Ny05LjEzNDU1LTUuMjY5MjUtMTcuNTY5NDUtMTEuNjY3NDEtMjUuMTA1ODMtMTkuMDQzNiwuNTA3ODQsMTAuNDQyMjQsMS41MjM1LDIzLjY3NzU0LDMuNTU0ODEsMzguODgwNjksMS4yNjk1OCwuOTgzOTIsNC41MDY5OCwzLjM5NjExLDEwLjA5MzExLDYuODg3NDQsNC42MzM5NCwyLjkyMDAxLDEwLjkxODM0LDYuNTcwMDQsMTkuMDQzNiwxMC43NTk2MywyMi4yMTc1NCwxMS40NTc5LDU4LjMwNTE1LDI2Ljk3ODQ0LDExMy4xODI0OSw0Mi43ODQ2NCw2NC44MTE3MiwxOC42NjI3MiwxMjMuNzgzNDEsMjQuODUxOTEsMTY5Ljc3MzczLDE5LjA0MzYsLjg2Mjg0LTYuMDU3NTUsMS4zMzk4OC0xMi4xNjM4LDEuNDI4MjYtMTguMjgxODYtMTIuMTg3ODksLjY5ODI3LTIzLjg5OTcyLC41NzEzMS0zNC41NjQxNCwuODg4Ny0xNi4wNjAxNSwuNTA3ODItNjkuNjM2MTEtNy4zNjM1My04NC45MzQ1LTExLjkzNFoiLz48cGF0aCBjbGFzcz0iY2xzLTMiIGQ9Ik04Mi4wMzUzOCwyMTQuMzgxODRjLTQuMzE2NTUtMS41MjM1LTcuMzMxNzgtMi42MzQzNy04LjkxODc1LTMuMTczOTN2LjUzOTU2YzUuNjkwMDQsMTkuMDg2MzIsMTIuODA5MjEsMzcuNzE3MDgsMjEuMjk3MDksNTUuNzM0MjdsNC41NzA0NywxLjQ2MDAxYzc4LjI3OTksMjQuNDc0OTUsMTYxLjA5MTIxLDMwLjg3NzU5LDI0Mi4yMDI5LDE4LjcyNjIxLDQuNTkxNDktNS45MTkzMyw4LjcwOTI0LTEyLjE5MTQxLDEyLjMxNDg4LTE4Ljc1Nzk0LC40MTI2My0uNzMwMDIsLjc5MzQ4LTEuNDkxNzUsMS4xNzQzNC0yLjIyMTc0LTk5LjM3NTkxLDYuMjg0MzgtMjM0LjgwNzY1LTM4Ljc4NTQ3LTI3Mi42NDA5NC01Mi4zMDY0NFoiLz48cGF0aCBjbGFzcz0iY2xzLTMiIGQ9Ik02My4zNDA5MSwyMDMuODQ0MzhjLTEuMDQ3NC01LjAxNDgyLTIuMDYzMDYtMTAuMjUxODItMy4xNzM5My0xNS42NzkyNC02LjQwNzM5LTM1Ljg1NjkxLTEwLjE1MjI5LTcyLjEzODg0LTExLjIwMzk4LTEwOC41NDg1NCwwLTQuODI0MzgtLjIyMjE3LTcuNDkwNDktLjIyMjE3LTcuNDkwNDlsLTcuNjE3NDUsNC44ODc4N2MuMjUzOSw4Ljk1MDQ5LC42MDMwNiwxNy42MDQ3NSwxLjA0NzQsMjUuOTYyNzgsMCwxLjIzNzgzLC4xNTg3MSwyLjQxMjE4LC4yMjIxNywzLjY1MDAzTDYuODc2NjIsMTYyLjU1MTUybDcuNDI3MDIsMTcuNzQyMjgsMzAuNjYwMjEtNDAuODgwMjdjMCwuNTM5NTYsMCwxLjExMDg3LC4xNTg3MSwxLjY1MDQ1LDEuMjI3MjUsMTIuNDQxODEsMi42NTU1MywyNC4wNzk1Niw0LjI4NDgxLDM0LjkxMzI3di42OTgyN2MxLjkzNjEsMTIuNjk1NzMsNC4xMjYxMiwyNC40MzkyOCw2LjM0Nzg3LDM0LjkxMzI3bC0xNy44MDU3OSwxNi4xMjM1OWgwYy4zMTczOSwuNjAzMDYsNy42ODA5MSwxNC4xNTU3NCwxMi42OTU3MywyMS45MzE4OSw1LjAxNDgyLDcuNzc2MTUsMTIuMjgzMTMsMTguNDcyMjksMTMuMzMwNTEsMTkuOTk1NzlsNy4zOTUyNy01LjUyMjY0Yy0uMDExOTQsLjA5NDg1LS4wMTE5NCwuMTkwNzksMCwuMjg1NjQsMy44ODc4OSwxMC41OTk2LDguNjc2OTEsMjAuODQ2NTcsMTQuMzE0NDUsMzAuNjI4NDcsMi4xMjcyOCwzLjcxOTk0LDQuNTQ3MSw3LjI2NDc1LDcuMjM2NTcsMTAuNjAwOTMsLjI0NzI0LC4yODUxMywuNTM2MTUsLjUzMTIzLC44NTY5NSwuNzMwMDJsMTEuMTQwNTEsNi4zNDc4NywuNzkzNDgsLjQ0NDM1cy0yMC42NjIzMi0yMC44MjEtMzYuODE3NjMtODUuMDI5NjljLTIuMjIxNzQtNy45OTgzMy00LjAzMDg5LTE2LjA5MTg3LTUuNTU0MzgtMjQuMjgwNjJaIi8+PHBhdGggY2xhc3M9ImNscy00IiBkPSJNMTIzLjY0NTY1LDMxNy41MzQ2OWMtMTEuMTAwMTItMTUuNzc0NjUtMjAuODE2NzYtMzIuNDc4NzUtMjkuMDQxNS00OS45MjU5OXYtLjE5MDQzYy04LjQ4Nzg5LTE4LjAxNzE5LTE1LjYwNzA1LTM2LjY0Nzk1LTIxLjI5NzA5LTU1LjczNDI3di0uNTM5NTZjLTMuMzY0MzYtMTEuMjM1NzMtNi4xNTc0NC0yMi4yMTc1NC04LjQ0MjY4LTMyLjc1NDk5bC0uNzYxNzQtMy41NTQ4MWMtLjQ0NDM1LTIuMTI2NTMtLjg4ODctNC4yODQ4MS0xLjMwMTMyLTYuMzQ3ODctMS45MDQzNi05LjgwNzQ0LTMuMzk2MTEtMTkuMDQzNi00LjU3MDQ3LTI3LjgwMzY3di0uNDc2MDljLTIuMDMxMzItMTUuMjAzMTUtMy4xNzM5My0yOC41NjU0LTMuNTU0ODEtMzguODgwNjktLjc2MTc0LTE1Ljg2OTY3LS4zNDkxMy0yNS4xNjkzLS4zNDkxMy0yNS4xNjkzbC01LjMzMjIxLTMuOTk5MTVjMCwyLjUzOTE0LDAsNS4wMTQ4MiwuMjIyMTcsNy40OTA0OSwwLDEuMzk2NTMsMCwzLjAxNTI0LC4xOTA0Myw0LjcyOTE3LC44Nzg1LDM0LjgyMzI4LDQuNDc2MDMsNjkuNTI0NzIsMTAuNzU5NjgsMTAzLjc4NzY1LC45ODM5MSw1LjQyNzQyLDEuOTk5NTcsMTAuNjY0NDIsMy4xNzM5MywxNS42NzkyNCwxLjQ2MDAxLDcuMTA5NiwyLjk4MzUxLDEzLjg3MDEsNC40NzUyNiwyMC4xNTQ0NywuMzQ5MTMsMS40MjgyNiwuNjk4MjcsMi43OTMwNSwxLjA0NzQsNC4xNTc4NSwxNi4xNTUzMSw2NC4yMDg2NywzNi44MTc2Myw4NS4wMjk2OSwzNi44MTc2Myw4NS4wMjk2OWwxNi43OTAxMSw0LjE1Nzg1aC40MTI2bDEuMDQ3NCwuMjUzOTItLjI4NTY3LS4wNjM0OVoiLz48L3N2Zz4=
+  longDescription: A cloud-native solution to generate and share Secrets, passwords,
+    keys, and certificates.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Secrets generation and sharing.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-secretgen-controller
+    for community support.
diff --git a/repo/packages/service-binding.packages.kadras.io/1.0.0.yml b/repo/packages/service-binding.packages.kadras.io/1.0.0.yml
new file mode 100644
index 0000000..7687f06
--- /dev/null
+++ b/repo/packages/service-binding.packages.kadras.io/1.0.0.yml
@@ -0,0 +1,31 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: service-binding.packages.kadras.io.1.0.0
+spec:
+  licenses:
+  - Apache 2.0
+  refName: service-binding.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-service-binding/releases
+  releasedAt: "2024-07-29T20:35:04Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-service-binding@sha256:09ffb5fb4f9851305af3155be23d2831a25a9c3f41455333d6d14cb7f7badc0d
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      default: null
+      nullable: true
+  version: 1.0.0
diff --git a/repo/packages/service-binding.packages.kadras.io/metadata.yml b/repo/packages/service-binding.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..eeb4854
--- /dev/null
+++ b/repo/packages/service-binding.packages.kadras.io/metadata.yml
@@ -0,0 +1,23 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: service-binding.packages.kadras.io
+spec:
+  categories:
+  - service-binding
+  displayName: service-binding
+  iconSVGBase64: PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHJvbGU9ImltZyIgdmlld0JveD0iLTAuMTcgMC4wOCAyMzAuMTAgMjIzLjM1Ij48ZGVmcz48c3R5bGU+LmNscy0xe2ZpbGw6I2ZmZn0uY2xzLTJ7ZmlsbDojMzI2Y2U1fTwvc3R5bGU+PC9kZWZzPjxwYXRoIGQ9Ik0xMzQuMzU4IDEyNi40NjZhMy41OSAzLjU5IDAgMCAwLS44NTUtLjA2NSAzLjY4NSAzLjY4NSAwIDAgMC0xLjQyNS4zNyAzLjcyNSAzLjcyNSAwIDAgMC0xLjgwMyA0LjgyNWwtLjAyNi4wMzcgOC41MjggMjAuNjAzYTQzLjUzIDQzLjUzIDAgMCAwIDE3LjU5NS0yMi4xMDJsLTIxLjk3Ni0zLjcxNHptLTM0LjE5NCAyLjkyYTMuNzIgMy43MiAwIDAgMC0zLjU2OC0yLjg5NCAzLjY1NiAzLjY1NiAwIDAgMC0uNzMzLjA2NWwtLjAzNy0uMDQ1LTIxLjc4NSAzLjY5OGE0My42OTUgNDMuNjk1IDAgMCAwIDE3LjU0IDIxLjk0Nmw4LjQ0Mi0yMC40LS4wNjYtLjA4YTMuNjgzIDMuNjgzIDAgMCAwIC4yMDctMi4yOXptMTguMjQ1IDhhMy43MTggMy43MTggMCAwIDAtNi41NTcuMDA4aC0uMDE4bC0xMC43MTMgMTkuMzcyYTQzLjYzNyA0My42MzcgMCAwIDAgMjMuODE1IDEuMjI1cTIuMTk3LS41IDQuMjkyLTEuMmwtMTAuNzM4LTE5LjQwNnptMzMuOTE0LTQ1bC0xNi40ODMgMTQuNzUzLjAwOS4wNDdhMy43MjUgMy43MjUgMCAwIDAgMS40NiA2LjM5NWwuMDIuMDg5IDIxLjM1IDYuMTVhNDQuMjc4IDQ0LjI3OCAwIDAgMC02LjM1Ni0yNy40MzJ6TTEyMS43IDk0LjAzOWEzLjcyNSAzLjcyNSAwIDAgMCA1LjkxMyAyLjg0bC4wNjUuMDI3IDE4LjAzNi0xMi43ODhhNDMuODUgNDMuODUgMCAwIDAtMjUuMjg3LTEyLjE5bDEuMjUzIDIyLjEwNXptLTE5LjEgMi45MjFhMy43MiAzLjcyIDAgMCAwIDUuOTA0LTIuODVsLjA5Mi0uMDQzIDEuMjUzLTIyLjE0YTQ0LjY4MiA0NC42ODIgMCAwIDAtNC41MDEuNzc2IDQzLjQ2NyA0My40NjcgMCAwIDAtMjAuOTM3IDExLjQwOWwxOC4xNTQgMTIuODY5em0tOS42NzggMTYuNzI5YTMuNzIgMy43MiAwIDAgMCAxLjQ2Mi02LjM5NmwuMDE4LS4wODgtMTYuNTc0LTE0LjgyNGE0My40NTQgNDMuNDU0IDAgMCAwLTYuMTY4IDI3LjUxbDIxLjI0NS02LjEzem0xNi4wOTggNi41MTJsNi4xMTQgMi45NCA2LjA5Ni0yLjkzNCAxLjUxNC02LjU4MS00LjIxOS01LjI3NmgtNi43OWwtNC4yMzEgNS4yNjh6IiBjbGFzcz0iY2xzLTIiLz48cGF0aCBkPSJNMjE2LjIwOCAxMzMuMTY3bC0xNy40MjItNzUuNjc1YTEzLjYwMiAxMy42MDIgMCAwIDAtNy4yOTMtOS4wNzNsLTcwLjUyMS0zMy42N2ExMy41ODkgMTMuNTg5IDAgMCAwLTExLjcwNSAwTDM4Ljc2IDQ4LjQzN2ExMy41OTggMTMuNTk4IDAgMCAwLTcuMjk1IDkuMDcybC0xNy4zOTQgNzUuNjczYTEzLjMxNSAxMy4zMTUgMCAwIDAtLjAwNCA1LjgxIDEzLjUwNiAxMy41MDYgMCAwIDAgLjQ5MSAxLjcxOCAxMy4xIDEzLjEgMCAwIDAgMS4zNDMgMi43MjZjLjIzOS4zNjUuNDkxLjcyLjc2NSAxLjA2NGw0OC44MDQgNjAuNjc4Yy4yMTMuMjY0LjQ0OC41MDUuNjgxLjc1YTEzLjQyMyAxMy40MjMgMCAwIDAgMi41NzQgMi4xMzMgMTMuOTI0IDEzLjkyNCAwIDAgMCAzLjg1NyAxLjY3NyAxMy4yOTggMTMuMjk4IDAgMCAwIDMuNDMuNDczaC43NTlsNzcuNTA0LS4wMThhMTIuOTkzIDEyLjk5MyAwIDAgMCAxLjQxLS4wODMgMTMuNDcgMTMuNDcgMCAwIDAgMS45ODktLjM3OCAxMy44NzIgMTMuODcyIDAgMCAwIDEuMzgxLS40NDJjLjM1My0uMTM1LjcwNS0uMjcgMS4wNDUtLjQzM2ExMy45NDEgMTMuOTQxIDAgMCAwIDEuNDc5LS44MjIgMTMuMzAzIDEzLjMwMyAwIDAgMCAzLjIzNy0yLjg2NWwxLjQ4OC0xLjg1IDQ3LjI5OS01OC44NGExMy4xODUgMTMuMTg1IDAgMCAwIDIuMTA4LTMuNzg1IDEzLjY3IDEzLjY3IDAgMCAwIC41LTEuNzI0IDEzLjI4MiAxMy4yODIgMCAwIDAtLjAwNC01Ljgxem0tNzMuMTQ3IDI5LjQzMmExNC41MTYgMTQuNTE2IDAgMCAwIC43MDMgMS43MDMgMy4zMTQgMy4zMTQgMCAwIDAtLjMyNyAyLjQ5IDM5LjM3MiAzOS4zNzIgMCAwIDAgMy43NDIgNi43IDM1LjA2IDM1LjA2IDAgMCAxIDIuMjYzIDMuMzY0Yy4xNy4zMTUuMzkyLjgwMy41NTMgMS4xMzZhNC4yNCA0LjI0IDAgMSAxLTcuNjMgMy42MDdjLS4xNjEtLjMzLS4zODUtLjc3LS41MjItMS4wODJhMzUuMjc1IDM1LjI3NSAwIDAgMS0xLjIyNS0zLjg2OCAzOS4zMDUgMzkuMzA1IDAgMCAwLTIuODk2LTcuMDk3IDMuMzM1IDMuMzM1IDAgMCAwLTIuMTU0LTEuMzA3Yy0uMTM1LS4yMzMtLjYzNS0xLjE1LS45MDMtMS42MjNhNTQuNjE3IDU0LjYxNyAwIDAgMS0zOC45NDgtLjFsLS45NTUgMS43M2EzLjQyOSAzLjQyOSAwIDAgMC0xLjgxOS44ODcgMjkuNTE3IDI5LjUxNyAwIDAgMC0zLjI2OCA3LjU4MiAzNC45IDM0LjkgMCAwIDEtMS4yMTggMy44NjhjLS4xMzUuMzEtLjM2MS43NDQtLjUyMiAxLjA3M3YuMDA5bC0uMDA3LjAwOGE0LjIzOCA0LjIzOCAwIDEgMS03LjYxOS0zLjYxNmMuMTU5LS4zMzUuMzcyLS44Mi41NC0xLjEzNWEzNS4xNzcgMzUuMTc3IDAgMCAxIDIuMjYyLTMuMzczIDQxLjIyOCA0MS4yMjggMCAwIDAgMy44Mi02Ljg2NiA0LjE4OCA0LjE4OCAwIDAgMC0uMzc2LTIuMzg3bC43NjgtMS44NGE1NC45MjIgNTQuOTIyIDAgMCAxLTI0LjMzOC0zMC4zODdsLTEuODM5LjMxM2E0LjY4IDQuNjggMCAwIDAtMi40MjgtLjg1NSAzOS41MjQgMzkuNTI0IDAgMCAwLTcuMzU2IDIuMTY1IDM1LjU4OSAzNS41ODkgMCAwIDEtMy43ODcgMS40NWMtLjMwNS4wODQtLjc0NS4xNjgtMS4wOTMuMjQ0LS4wMjguMDEtLjA1Mi4wMjItLjA4LjAyOWEuNjA1LjYwNSAwIDAgMS0uMDY1LjAwNiA0LjIzNiA0LjIzNiAwIDEgMS0xLjg3NC04LjIyNGwuMDYxLS4wMTUuMDM3LS4wMWMuMzUzLS4wODMuODA1LS4yIDEuMTI3LS4yNjJhMzUuMjcgMzUuMjcgMCAwIDEgNC4wNS0uMzI2IDM5LjM4OCAzOS4zODggMCAwIDAgNy41NjQtMS4yNDIgNS44MzUgNS44MzUgMCAwIDAgMS44MTQtMS44M2wxLjc2Ny0uNTE2YTU0LjYxMyA1NC42MTMgMCAwIDEgOC42MTMtMzguMDczbC0xLjM1My0xLjIwNmE0LjY4OCA0LjY4OCAwIDAgMC0uODQ4LTIuNDM2IDM5LjM2NiAzOS4zNjYgMCAwIDAtNi4yNzctNC40MSAzNS4yNSAzNS4yNSAwIDAgMS0zLjQ5OS0yLjA0NmMtLjI1Ni0uMTkxLS41OTYtLjQ3OC0uODc0LS43MDRsLS4wNjMtLjA0NGE0LjQ3MyA0LjQ3MyAwIDAgMS0xLjAzOC02LjIyMiA0LjA2NiA0LjA2NiAwIDAgMSAzLjM2My0xLjQ4OCA1LjAzIDUuMDMgMCAwIDEgMi45NDIgMS4xMWMuMjg3LjIyNS42OC41MjYuOTM1Ljc0NWEzNS4yNTMgMzUuMjUzIDAgMCAxIDIuNzggMi45NSAzOS4zODMgMzkuMzgzIDAgMCAwIDUuNjkgNS4xNDIgMy4zMzMgMy4zMzMgMCAwIDAgMi41MDcuMjQzcS43NTQuNTUgMS41MjIgMS4wODJBNTQuMjg5IDU0LjI4OSAwIDAgMSAxMDIuODYgNjEuODlhNTUuMDUyIDU1LjA1MiAwIDAgMSA3LjYzLTEuMTczbC4xLTEuNzg0YTQuNiA0LjYgMCAwIDAgMS4zNy0yLjE4NCAzOS40NzYgMzkuNDc2IDAgMCAwLS40Ny03LjY1NCAzNS40NjYgMzUuNDY2IDAgMCAxLS41NzYtNC4wMTRjLS4wMTEtLjMwNy4wMDYtLjczMS4wMS0xLjA4MSAwLS4wNC0uMDEtLjA4LS4wMS0uMTE4YTQuMjQyIDQuMjQyIDAgMSAxIDguNDQxLS4wMDRjMCAuMzcuMDIyLjg2LjAwOSAxLjJhMzUuMTA5IDM1LjEwOSAwIDAgMS0uNTc5IDQuMDEzIDM5LjUzMyAzOS41MzMgMCAwIDAtLjQ3OCA3LjY1NiAzLjM0NCAzLjM0NCAwIDAgMCAxLjM3OSAyLjExYy4wMTUuMzA1LjA2NSAxLjMyMy4xMDIgMS44ODRhNTUuMzA5IDU1LjMwOSAwIDAgMSAzNS4wMzIgMTYuOTI3bDEuNjA2LTEuMTQ3YTQuNjkgNC42OSAwIDAgMCAyLjU2LS4yNzggMzkuNTMyIDM5LjUzMiAwIDAgMCA1LjY5LTUuMTQ4IDM1LjAwNCAzNS4wMDQgMCAwIDEgMi43ODctMi45NWMuMjU5LS4yMjIuNjUtLjUyLjkzNi0uNzQ2YTQuMjQyIDQuMjQyIDAgMSAxIDUuMjU4IDYuNTk4Yy0uMjgzLjIyOS0uNjU3LjU0OC0uOTI5Ljc1YTM1LjA5NSAzNS4wOTUgMCAwIDEtMy41MDcgMi4wNDYgMzkuNDk1IDM5LjQ5NSAwIDAgMC02LjI3NyA0LjQxIDMuMzM3IDMuMzM3IDAgMCAwLS43OTIgMi4zOWMtLjIzNS4yMTYtMS4wNi45NDctMS40OTcgMS4zNDNhNTQuODM3IDU0LjgzNyAwIDAgMSA4Ljc5MiAzNy45ODNsMS43MDQuNDk2YTQuNzQ1IDQuNzQ1IDAgMCAwIDEuODIgMS44MyAzOS40NjQgMzkuNDY0IDAgMCAwIDcuNTY4IDEuMjQ2IDM1LjY0IDM1LjY0IDAgMCAxIDQuMDQ2LjMyNGMuMzU1LjA2NS44NjguMjA3IDEuMjMuMjlhNC4yMzYgNC4yMzYgMCAxIDEtMS44NzggOC4yMjNsLS4wNjEtLjAwOGMtLjAyOC0uMDA3LS4wNTQtLjAyMi0uMDgzLS4wMy0uMzQ4LS4wNzUtLjc4NS0uMTUxLTEuMDktLjIzMWEzNS4xNCAzNS4xNCAwIDAgMS0zLjc4NS0xLjQ2MiAzOS40NzcgMzkuNDc3IDAgMCAwLTcuMzYzLTIuMTY1IDMuMzM3IDMuMzM3IDAgMCAwLTIuMzYyLjg3N3EtLjktLjE3MS0xLjgwNC0uMzE2YTU0LjkyIDU0LjkyIDAgMCAxLTI0LjMyOCAzMC42MDV6IiBjbGFzcz0iY2xzLTIiLz48cGF0aCBkPSJNMjI1LjQwNyAxMzUuMTA3TDIwNi40IDUyLjU0N2ExNC44MzggMTQuODM4IDAgMCAwLTcuOTU4LTkuOWwtNzYuOTM1LTM2LjczYTE0LjgyNSAxNC44MjUgMCAwIDAtMTIuNzcxIDBMMzEuODA4IDQyLjY2OWExNC44MzggMTQuODM4IDAgMCAwLTcuOTYxIDkuODk1TDQuODczIDEzNS4xMjlhMTQuNjY4IDE0LjY2OCAwIDAgMCAxLjk5NSAxMS4xODVjLjI2MS40LjUzOC43ODguODM4IDEuMTYybDUzLjI0NiA2Ni4yMDVhMTQuOTggMTQuOTggMCAwIDAgMTEuNDk5IDUuNDg3bDg1LjM4Ny0uMDJhMTQuOTg2IDE0Ljk4NiAwIDAgMCAxMS41LTUuNDhsNTMuMjI3LTY2LjIxMWExNC43MiAxNC43MiAwIDAgMCAyLjg0Mi0xMi4zNDd6bS05LjE5NyAzLjg2NmExMy42NzcgMTMuNjc3IDAgMCAxLS40OTggMS43MjMgMTMuMTg0IDEzLjE4NCAwIDAgMS0yLjExIDMuNzg2bC00Ny4yOTkgNTguODM4LTEuNDg2IDEuODUyYTEzLjMwNSAxMy4zMDUgMCAwIDEtMy4yNCAyLjg2NSAxMy45NDUgMTMuOTQ1IDAgMCAxLTEuNDc0LjgyMnEtLjUxMy4yMzctMS4wNDUuNDNhMTMuODczIDEzLjg3MyAwIDAgMS0xLjM4My40NDUgMTMuNDczIDEzLjQ3MyAwIDAgMS0xLjk4OS4zNzkgMTIuOTg4IDEyLjk4OCAwIDAgMS0xLjQxLjA4MmwtNzcuNTA0LjAxOGgtLjc2YTEzLjI5OCAxMy4yOTggMCAwIDEtMy40MjktLjQ3MiAxMy45MjUgMTMuOTI1IDAgMCAxLTMuODU1LTEuNjc5IDEzLjQyNCAxMy40MjQgMCAwIDEtMi41NzYtMi4xMzJjLS4yMzMtLjI0Ni0uNDY4LS40ODctLjY4LS43NWwtNDguODA1LTYwLjY3OXEtLjQwOC0uNTE0LS43NjUtMS4wNjZhMTMuMTAyIDEzLjEwMiAwIDAgMS0xLjM0My0yLjcyNiAxMy41MDUgMTMuNTA1IDAgMCAxLS40OTEtMS43MTkgMTMuMzE1IDEzLjMxNSAwIDAgMSAuMDA0LTUuODA5bDE3LjM5NC03NS42NzVhMTMuNTk4IDEzLjU5OCAwIDAgMSA3LjI5NS05LjA3bDcwLjUwOC0zMy42ODVhMTMuNTg5IDEzLjU4OSAwIDAgMSAxMS43MDUgMGw3MC41MTkgMzMuNjdhMTMuNjAyIDEzLjYwMiAwIDAgMSA3LjI5MyA5LjA3M2wxNy40MjIgNzUuNjc0YTEzLjI4MiAxMy4yODIgMCAwIDEgLjAwMiA1LjgwN3oiIGNsYXNzPSJjbHMtMSIvPjxwYXRoIGQ9Ik0xODUuODE0IDEyNy4xMDZjLS4zNi0uMDgzLS44NzQtLjIyNS0xLjIyNy0uMjlhMzUuNjQyIDM1LjY0MiAwIDAgMC00LjA0Ni0uMzI2IDM5LjQ2NCAzOS40NjQgMCAwIDEtNy41Ny0xLjI0MiA0Ljc0NSA0Ljc0NSAwIDAgMS0xLjgyLTEuODMybC0xLjcwNC0uNDk2YTU0LjgzNyA1NC44MzcgMCAwIDAtOC43OS0zNy45ODNjLjQzNi0uMzk2IDEuMjYyLTEuMTI3IDEuNDk1LTEuMzQyYTMuMzM4IDMuMzM4IDAgMCAxIC43OTItMi4zOSAzOS40OTUgMzkuNDk1IDAgMCAxIDYuMjc3LTQuNDEgMzUuMDk1IDM1LjA5NSAwIDAgMCAzLjUwNy0yLjA0NmMuMjcyLS4yMDIuNjQ0LS41MjIuOTI5LS43NWE0LjI0MiA0LjI0MiAwIDEgMC01LjI1Ni02LjZjLS4yODguMjI3LS42OC41MjUtLjkzNi43NDdhMzUuMDA0IDM1LjAwNCAwIDAgMC0yLjc4OSAyLjk1IDM5LjUzMyAzOS41MzMgMCAwIDEtNS42OSA1LjE0OCA0LjY5IDQuNjkgMCAwIDEtMi41Ni4yNzhsLTEuNjA2IDEuMTQ3YTU1LjMwOSA1NS4zMDkgMCAwIDAtMzUuMDMyLTE2LjkyN2MtLjAzOS0uNTYxLS4wODctMS41NzctLjEwMi0xLjg4NGEzLjM0NCAzLjM0NCAwIDAgMS0xLjM3Ny0yLjExIDM5LjUzMyAzOS41MzMgMCAwIDEgLjQ3OC03LjY1NiAzNS4xMTIgMzUuMTEyIDAgMCAwIC41NzUtNC4wMTJjLjAxMy0uMzQtLjAwNy0uODM0LS4wMDctMS4yMDFhNC4yNDIgNC4yNDIgMCAxIDAtOC40NDEuMDA0YzAgLjA0LjAwOS4wNzguMDEuMTE4LS4wMDQuMzUtLjAyMS43NzQtLjAxIDEuMDhhMzUuNDc2IDM1LjQ3NiAwIDAgMCAuNTc2IDQuMDE1IDM5LjQ3NSAzOS40NzUgMCAwIDEgLjQ3IDcuNjU0IDQuNjAxIDQuNjAxIDAgMCAxLTEuMzcgMi4xODJsLS4xIDEuNzg2YTU1LjA1MiA1NS4wNTIgMCAwIDAtNy42MyAxLjE3MyA1NC4yODkgNTQuMjg5IDAgMCAwLTI3LjU3NCAxNS43NTRxLS43Ny0uNTMxLTEuNTI2LTEuMDgyYTMuMzMzIDMuMzMzIDAgMCAxLTIuNTA2LS4yNDMgMzkuMzgzIDM5LjM4MyAwIDAgMS01LjY5LTUuMTQxIDM1LjI1NSAzNS4yNTUgMCAwIDAtMi43NzctMi45NWMtLjI1Ny0uMjItLjY1LS41Mi0uOTM4LS43NWE1LjAzIDUuMDMgMCAwIDAtMi45NDItMS4xMSA0LjA2NiA0LjA2NiAwIDAgMC0zLjM2MyAxLjQ5IDQuNDczIDQuNDczIDAgMCAwIDEuMDM4IDYuMjIybC4wNjUuMDQ2Yy4yNzYuMjI2LjYxNi41MTUuODcyLjcwMmEzNS4yNTYgMzUuMjU2IDAgMCAwIDMuNDk5IDIuMDQ4IDM5LjM2NyAzOS4zNjcgMCAwIDEgNi4yNzYgNC40MTIgNC42OSA0LjY5IDAgMCAxIC44NDkgMi40MzRsMS4zNTEgMS4yMDhhNTQuNjEzIDU0LjYxMyAwIDAgMC04LjYxMSAzOC4wNzNsLTEuNzY3LjUxNGE1LjgzNSA1LjgzNSAwIDAgMS0xLjgxNCAxLjgyNyAzOS4zOSAzOS4zOSAwIDAgMS03LjU2NSAxLjI0NyAzNS4yNjYgMzUuMjY2IDAgMCAwLTQuMDQ5LjMyNmMtLjMyNC4wNi0uNzc0LjE3NC0xLjEyNy4yNjJsLS4wMzcuMDA4LS4wNi4wMThhNC4yMzYgNC4yMzYgMCAxIDAgMS44NzUgOC4yMjRsLjA2My0uMDFjLjAyOC0uMDA2LjA1Mi0uMDIuMDgtLjAyNS4zNDgtLjA4Ljc4Ni0uMTYzIDEuMDkyLS4yNDZhMzUuNTkgMzUuNTkgMCAwIDAgMy43ODYtMS40NTEgMzkuNTI3IDM5LjUyNyAwIDAgMSA3LjM1OC0yLjE2NSA0LjY4IDQuNjggMCAwIDEgMi40MjYuODU3bDEuODQtLjMxNWE1NC45MjIgNTQuOTIyIDAgMCAwIDI0LjM0IDMwLjM4N2wtLjc2OSAxLjg0YTQuMTg4IDQuMTg4IDAgMCAxIC4zNzcgMi4zODcgNDEuMjI4IDQxLjIyOCAwIDAgMS0zLjgyIDYuODY0IDM1LjE4MyAzNS4xODMgMCAwIDAtMi4yNjMgMy4zNzJjLS4xNjguMzE4LS4zODEuODA1LS41NDIgMS4xMzhhNC4yMzggNC4yMzggMCAxIDAgNy42MjEgMy42MTZsLjAwNy0uMDA4di0uMDFjLjE2LS4zMy4zODctLjc2My41MjItMS4wNzJhMzQuOTAzIDM0LjkwMyAwIDAgMCAxLjIxOC0zLjg2OCAyOS41MTcgMjkuNTE3IDAgMCAxIDMuMjY4LTcuNTgyIDMuNDMgMy40MyAwIDAgMSAxLjgxOS0uODg4bC45NTctMS43M2E1NC42MTcgNTQuNjE3IDAgMCAwIDM4Ljk0Ni4wOTljLjI2OC40NzguNzY4IDEuMzkyLjkgMS42MjNhMy4zMzUgMy4zMzUgMCAwIDEgMi4xNTUgMS4zMSAzOS4zMDYgMzkuMzA2IDAgMCAxIDIuODk4IDcuMDk2IDM1LjI3NSAzNS4yNzUgMCAwIDAgMS4yMjUgMy44NjhjLjEzNy4zMTIuMzYuNzUuNTIyIDEuMDgyYTQuMjQgNC4yNCAwIDEgMCA3LjYzLTMuNjA3Yy0uMTYxLS4zMzMtLjM4My0uODItLjU1LTEuMTM2YTM1LjA2IDM1LjA2IDAgMCAwLTIuMjYzLTMuMzY0IDM5LjM3MiAzOS4zNzIgMCAwIDEtMy43NDItNi43IDMuMzE0IDMuMzE0IDAgMCAxIC4zMjQtMi40OSAxNC41MTkgMTQuNTE5IDAgMCAxLS43MDMtMS43MDMgNTQuOTIgNTQuOTIgMCAwIDAgMjQuMzI4LTMwLjYwNWMuNTQ2LjA4NyAxLjQ5Ny4yNTMgMS44MDYuMzE2YTMuMzM3IDMuMzM3IDAgMCAxIDIuMzYtLjg3NyAzOS40NzYgMzkuNDc2IDAgMCAxIDcuMzYgMi4xNjUgMzUuMTM1IDM1LjEzNSAwIDAgMCAzLjc4OCAxLjQ2MmMuMzA1LjA4Ljc0LjE1NiAxLjA5LjIzMy4wMjkuMDA4LjA1NS4wMi4wODMuMDI4bC4wNi4wMDlhNC4yMzYgNC4yMzYgMCAxIDAgMS44NzgtOC4yMjR6bS00MC4xLTQyLjk4N2wtMTguMDM3IDEyLjc4Ny0uMDYzLS4wM2EzLjcyMyAzLjcyMyAwIDAgMS01LjkxMy0yLjgzOGwtLjAyLS4wMS0xLjI1My0yMi4xMDNhNDMuODUgNDMuODUgMCAwIDEgMjUuMjg1IDEyLjE5NHptLTMzLjk3OCAyNC4yMjhoNi43ODhsNC4yMiA1LjI3Ni0xLjUxMyA2LjU4LTYuMDk2IDIuOTM0LTYuMTE0LTIuOTQtMS41MTYtNi41ODN6bS02LjM4Ni0zNS42NDhhNDQuNjcyIDQ0LjY3MiAwIDAgMSA0LjUwMy0uNzc0bC0xLjI1NSAyMi4xMzctLjA5Mi4wNDRhMy43MiAzLjcyIDAgMCAxLTUuOTA0IDIuODUybC0uMDM1LjAyLTE4LjE1NC0xMi44NzJhNDMuNDY3IDQzLjQ2NyAwIDAgMSAyMC45MzctMTEuNDA3em0tMjcuNTIgMTkuNjhsMTYuNTc0IDE0LjgyNC0uMDE4LjA5YTMuNzIgMy43MiAwIDAgMS0xLjQ2MiA2LjM5NWwtLjAxNy4wNzItMjEuMjQ1IDYuMTNhNDMuNDU0IDQzLjQ1NCAwIDAgMSA2LjE2OC0yNy41MXptMjIuMTkxIDM5LjM4bC04LjQ0MSAyMC4zOTdhNDMuNjk2IDQzLjY5NiAwIDAgMS0xNy41MzYtMjEuOTQ4bDIxLjc4My0zLjcuMDM3LjA0OWEzLjY1NSAzLjY1NSAwIDAgMSAuNzMtLjA2NSAzLjcyIDMuNzIgMCAwIDEgMy4zNjQgNS4xODV6bTI0LjkxNiAyNi4yM2E0My42MzcgNDMuNjM3IDAgMCAxLTIzLjgxNS0xLjIyM2wxMC43MTMtMTkuMzcyaC4wMThhMy43MjUgMy43MjUgMCAwIDEgNi41NTctLjAwNmguMDhsMTAuNzQgMTkuNDA0cS0yLjA5MS42OTgtNC4yOTMgMS4xOTl6bTEzLjg0MS01Ljc1MWwtOC41MjgtMjAuNjA1LjAyNi0uMDM3YTMuNzI1IDMuNzI1IDAgMCAxIDEuODAzLTQuODIzIDMuNjg1IDMuNjg1IDAgMCAxIDEuNDI1LS4zNyAzLjU5IDMuNTkgMCAwIDEgLjg1NS4wNjNsLjAzNy0uMDQ2IDIxLjk3NyAzLjcxNGE0My41MyA0My41MyAwIDAgMS0xNy41OTUgMjIuMTA1em0xOS45MDMtMzIuNDJsLTIxLjM1Mi02LjE1LS4wMi0uMDlhMy43MjUgMy43MjUgMCAwIDEtMS40Ni02LjM5NWwtLjAwOC0uMDQzIDE2LjQ4Mi0xNC43NTFhNDQuMjc5IDQ0LjI3OSAwIDAgMSA2LjM1NyAyNy40M3oiIGNsYXNzPSJjbHMtMSIvPjwvc3ZnPg==
+  longDescription: This project specifies a Kubernetes-wide specification for communicating
+    service secrets to workloads in an automated way. It aims to create a widely applicable
+    mechanism but without excluding other strategies for systems that it does not
+    fit easily. The benefit of Kubernetes-wide specification is that all of the actors
+    in an ecosystem can work towards a clearly defined abstraction at the edge of
+    their expertise and depend on other parties to complete the chain.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: A Kubernetes-wide specification for communicating service secrets
+    to workloads in an automated way.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-service-binding
+    for community support.
diff --git a/repo/packages/tempo-operator.packages.kadras.io/0.17.1.yml b/repo/packages/tempo-operator.packages.kadras.io/0.17.1.yml
new file mode 100644
index 0000000..3d610f9
--- /dev/null
+++ b/repo/packages/tempo-operator.packages.kadras.io/0.17.1.yml
@@ -0,0 +1,293 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: tempo-operator.packages.kadras.io.0.17.1
+spec:
+  licenses:
+  - Apache 2.0
+  refName: tempo-operator.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-tempo-operator/releases
+  releasedAt: "2025-08-14T18:19:45Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-tempo-operator@sha256:3af49f0336f722e4e8cb9adbb0b48e0c821178e1fbf04cde0ce87621ccf62f57
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        configMapData:
+          default: {}
+          description: The YAML contents of the `tempo-operator-manager-config` ConfigMap.
+            See https://github.com/grafana/tempo-operator/blob/main/docs/operator/config.yaml
+            for more information.
+          nullable: true
+        controller:
+          additionalProperties: false
+          description: Settings for the Tempo Operator controller.
+          properties:
+            replicas:
+              default: 1
+              description: The number of replicas for this Deployment. In order to
+                enable high availability, it should be greater than 1.
+              minimum: 1
+              type: integer
+          type: object
+        tempo:
+          additionalProperties: false
+          description: Settings for Tempo.
+          properties:
+            extraConfig:
+              default: {}
+              description: Additional configuration for Tempo that will be merged
+                with the one generated by the Operator. It has higher precedence than
+                the Operator.
+              nullable: true
+            jaegerui:
+              additionalProperties: false
+              description: Settings for Jaeger UI.
+              properties:
+                enabled:
+                  default: false
+                  description: Whether to enable the Jaeger UI to visualize traces.
+                  type: boolean
+              type: object
+            namespace:
+              default: default
+              description: Namespace where to provision a Tempo installation, stack
+                or monolithic.
+              type: string
+            observability:
+              additionalProperties: false
+              description: Settings for observability.
+              properties:
+                grafana:
+                  additionalProperties: false
+                  properties:
+                    createDatasource:
+                      default: false
+                      description: Whether a Datasource managed by Grafana Operator
+                        should be created for Tempo.
+                      type: boolean
+                  type: object
+                metrics:
+                  additionalProperties: false
+                  properties:
+                    createPrometheusRules:
+                      default: false
+                      description: Whether PrometheusRules for alerts managed by Prometheus
+                        Operator should be created for Tempo.
+                      type: boolean
+                    createServiceMonitors:
+                      default: false
+                      description: Whether ServiceMonitors managed by Prometheus Operator
+                        should be created for Tempo.
+                      type: boolean
+                  type: object
+                tracing:
+                  additionalProperties: false
+                  properties:
+                    otlpHttpEndpoint:
+                      default: ""
+                      description: The OTLP HTTP endpoint where to send traces. Only
+                        for TempoStack.
+                      type: string
+                    samplingFraction:
+                      default: ""
+                      description: Sampling frequence for Tempo traces. Only for TempoStack.
+                      type: string
+                  type: object
+              type: object
+            resources:
+              additionalProperties: false
+              description: Settings for total resources.
+              properties:
+                limits:
+                  additionalProperties: false
+                  properties:
+                    cpu:
+                      default: 750m
+                      type: string
+                    memory:
+                      default: 2Gi
+                      type: string
+                  type: object
+                requests:
+                  additionalProperties: false
+                  properties:
+                    cpu:
+                      default: 500m
+                      type: string
+                    memory:
+                      default: 1Gi
+                      type: string
+                  type: object
+              type: object
+            storage:
+              additionalProperties: false
+              description: Settings for storage.
+              properties:
+                backend:
+                  additionalProperties: false
+                  description: Tracing backend object storage configuration.
+                  properties:
+                    secret:
+                      additionalProperties: false
+                      properties:
+                        name:
+                          default: ""
+                          description: Name of the Secret containing the credentials
+                            to access the configured object storage.
+                          type: string
+                        namespace:
+                          default: kadras-system
+                          description: Namespace containing the Secret with the credentials
+                            to access the configured object storage.
+                          type: string
+                      type: object
+                    type:
+                      default: memory
+                      description: 'Type of object storage that should be used. Valid
+                        options: `azure`, `gcs`, `s3`, `memory` (only for TempoMonolithic).'
+                      enum:
+                      - azure
+                      - gcs
+                      - s3
+                      - memory
+                      type: string
+                  type: object
+                size:
+                  default: 10Gi
+                  description: The size of the storage used by Tempo.
+                  type: string
+              type: object
+            tempoMonolithic:
+              additionalProperties: false
+              description: Settings for the built-in TempoMonolithic instance.
+              properties:
+                enabled:
+                  default: false
+                  description: Whether to deploy the built-in TempoMonolithic instance.
+                  type: boolean
+              type: object
+            tempoStack:
+              additionalProperties: false
+              description: Settings for the built-in TempoStack instance.
+              properties:
+                compactor:
+                  additionalProperties: false
+                  description: Settings for the Tempo Compactor.
+                  properties:
+                    replicas:
+                      default: 1
+                      description: Number of replicas to deploy for the Compactor
+                        component. In order to enable high availability, it should
+                        be greater than 1.
+                      type: integer
+                  type: object
+                distributor:
+                  additionalProperties: false
+                  description: Settings for the Tempo Distributor.
+                  properties:
+                    replicas:
+                      default: 1
+                      description: Number of replicas to deploy for the Distributor
+                        component. In order to enable high availability, it should
+                        be greater than 1.
+                      type: integer
+                  type: object
+                enabled:
+                  default: false
+                  description: Whether to deploy the built-in TempoStack instance.
+                  type: boolean
+                gateway:
+                  additionalProperties: false
+                  description: Settings for the Tempo Gateway.
+                  properties:
+                    enabled:
+                      default: false
+                      description: Whether to enable the Tempo Gateway.
+                      type: boolean
+                    ingress:
+                      additionalProperties: false
+                      description: Ingress for the Tempo Gateway.
+                      properties:
+                        annotations:
+                          additionalProperties: false
+                          description: The annotations for the Ingress object.
+                          properties: {}
+                          type: object
+                        host:
+                          default: ""
+                          description: The hostname of the Ingress object.
+                          type: string
+                        ingressClassName:
+                          default: contour
+                          description: The class of the Ingress Controller to use
+                            for the Tempo Gateway.
+                          type: string
+                        type:
+                          default: null
+                          description: 'Type of Ingress for the Tempo Gateway. Valid
+                            options: `ingress`, `route`.'
+                          enum:
+                          - ingress
+                          - route
+                          nullable: true
+                          type: string
+                      type: object
+                  type: object
+                ingester:
+                  additionalProperties: false
+                  description: Settings for the Tempo Ingester.
+                  properties:
+                    podSecurityContext:
+                      additionalProperties: false
+                      description: PodSecurityContext for the Ingester component.
+                      properties: {}
+                      type: object
+                    replicas:
+                      default: 1
+                      description: Number of replicas to deploy for the Ingester component.
+                        In order to enable high availability, it should be greater
+                        than 1.
+                      type: integer
+                  type: object
+                querier:
+                  additionalProperties: false
+                  description: Settings for the Tempo Querier.
+                  properties:
+                    replicas:
+                      default: 1
+                      description: Number of replicas to deploy for the Querier component.
+                        In order to enable high availability, it should be greater
+                        than 1.
+                      type: integer
+                  type: object
+                queryFrontend:
+                  additionalProperties: false
+                  description: Settings for the Tempo Query Frontend.
+                  properties:
+                    replicas:
+                      default: 1
+                      description: Number of replicas to deploy for the Query Frontend
+                        component. In order to enable high availability, it should
+                        be greater than 1.
+                      type: integer
+                  type: object
+              type: object
+          type: object
+      type: object
+  version: 0.17.1
diff --git a/repo/packages/tempo-operator.packages.kadras.io/metadata.yml b/repo/packages/tempo-operator.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..7f3f5d7
--- /dev/null
+++ b/repo/packages/tempo-operator.packages.kadras.io/metadata.yml
@@ -0,0 +1,21 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: tempo-operator.packages.kadras.io
+spec:
+  categories:
+  - gitops
+  displayName: tempo-operator
+  longDescription: Tempo is an open source, easy-to-use, and high-scale distributed
+    tracing backend. It can ingest common open source tracing protocols including
+    Jaeger, Zipkin, and OpenTelemetry and requires only object storage to operate.
+    The Community Tempo Operator supports Tempo deployments in Microservices mode
+    (TempoStack CR) and Monolithic mode (TempoMonolithic CR).
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Open source, easy-to-use, and high-scale distributed tracing backend
+    with support for OpenTelemetry.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-tempo-operator
+    for community support.
diff --git a/repo/packages/workspace-provisioner.packages.kadras.io/0.4.0.yml b/repo/packages/workspace-provisioner.packages.kadras.io/0.4.0.yml
new file mode 100644
index 0000000..4cf6ff9
--- /dev/null
+++ b/repo/packages/workspace-provisioner.packages.kadras.io/0.4.0.yml
@@ -0,0 +1,115 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: workspace-provisioner.packages.kadras.io.0.4.0
+spec:
+  licenses:
+  - Apache 2.0
+  refName: workspace-provisioner.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/workspace-provisioner/releases
+  releasedAt: "2025-08-14T17:24:09Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/workspace-provisioner@sha256:9efab8fd3c86a7e8cfd5f1cff17ab5a881a0d37b13af5e971f2e1b23ac6c2dde
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        cosign:
+          additionalProperties: false
+          description: Settings for Cosign, used for signing and verifying OCI artifacts.
+          properties:
+            secret:
+              additionalProperties: false
+              description: Configuration for the Secret holding the Cosign key pair.
+              properties:
+                name:
+                  default: ""
+                  description: The name of the Secret holding the Cosign key pair.
+                  type: string
+                namespace:
+                  default: ""
+                  description: The namespace of the Secret holding the Cosign key
+                    pair.
+                  type: string
+              type: object
+          type: object
+        git:
+          additionalProperties: false
+          description: Configuration to access the Git repositories used in the GitOps
+            workflows.
+          properties:
+            secret:
+              additionalProperties: false
+              description: Configuration for the Secret holding the Git credentials.
+              properties:
+                name:
+                  default: ""
+                  description: The name of the Secret holding the Git credentials.
+                  type: string
+                namespace:
+                  default: ""
+                  description: The namespace of the Secret holding the Git credentials.
+                  type: string
+              type: object
+            server:
+              default: https://github.com
+              description: The Git server hosting the Git repositories used in the
+                GitOps workflows.
+              type: string
+          type: object
+        namespaces:
+          default: []
+          description: Configuration for the namespaces the platform will provision
+            and manage.
+          items:
+            additionalProperties: false
+            description: Details about the namespace to configure.
+            properties:
+              name:
+                default: ""
+                type: string
+            type: object
+          type: array
+        oci:
+          additionalProperties: false
+          description: Settings for accessing the OCI registry that the workspace
+            will use.
+          properties:
+            pull_secret:
+              additionalProperties: false
+              description: Configuration for the Secret holding the credentials to
+                pull images from the OCI registry.
+              properties:
+                name:
+                  default: ""
+                  description: The name of the Secret holding the credentials to pull
+                    images from the OCI registry.
+                  type: string
+                namespace:
+                  default: ""
+                  description: The namespace of the Secret holding the credentials
+                    to pull images from the OCI registry.
+                  type: string
+              type: object
+          type: object
+        service_account:
+          default: supply-chain
+          description: The `ServiceAccount` to be configured with credentials and
+            roles in each workspace.
+          type: string
+      type: object
+  version: 0.4.0
diff --git a/repo/packages/workspace-provisioner.packages.kadras.io/metadata.yml b/repo/packages/workspace-provisioner.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..91aeb81
--- /dev/null
+++ b/repo/packages/workspace-provisioner.packages.kadras.io/metadata.yml
@@ -0,0 +1,17 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: workspace-provisioner.packages.kadras.io
+spec:
+  categories:
+  - environment provisioning
+  displayName: workspace-provisioner
+  longDescription: Provisions and configures workspaces for the platform users, such
+    as application developers. A workspace can be a namespace or a virtual cluster.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Provisions and configures workspaces for the platform users.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/workspace-provisioner
+    for community support.
diff --git a/repo/pkgrepo-build.yml b/repo/pkgrepo-build.yml
index c20d866..140bf1c 100644
--- a/repo/pkgrepo-build.yml
+++ b/repo/pkgrepo-build.yml
@@ -1,9 +1,9 @@
 apiVersion: kctrl.carvel.dev/v1alpha1
 kind: PackageRepositoryBuild
 metadata:
-  creationTimestamp: "2022-09-24T20:15:30Z"
+  creationTimestamp: "2023-01-12T21:36:30Z"
   name: repository.packages.kadras.io
 spec:
   export:
     imgpkgBundle:
-      image: ghcr.io/arktonix/kadras-packages
+      image: ghcr.io/kadras-io/kadras-packages