diff --git a/.github/CODEOWNERS.md b/.github/CODEOWNERS.md
new file mode 100644
index 0000000..cdf81a7
--- /dev/null
+++ b/.github/CODEOWNERS.md
@@ -0,0 +1 @@
+* @ThomasVitale
\ No newline at end of file
diff --git a/.github/ISSUE_TEMPLATE/bug-report.md b/.github/ISSUE_TEMPLATE/bug-report.md
new file mode 100644
index 0000000..0f20905
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/bug-report.md
@@ -0,0 +1,27 @@
+---
+name: Bug report
+about: Tell us about a problem you are experiencing
+title: ''
+labels: bug, triage
+assignees: ''
+
+---
+
+**What steps did you take:**
+[A clear and concise description steps that can be used to reproduce the problem.]
+
+**What happened:**
+[A small description of the issue]
+
+**What did you expect:**
+[A description of what was expected]
+
+**Anything else you would like to add:**
+[Additional information that will assist in solving the issue.]
+
+**Environment:**
+
+* Kubernetes version (execute `kubectl version`):
+* kctrl version (execute `kctrl version`):
+* kapp-controller version (execute `kubectl get deployment -n kapp-controller kapp-controller -o yaml` and the annotation is `kbld.k14s.io/images`):
+* package repo version (execute `kctrl package repo get -r kadras-packages -n <namespace>`):
diff --git a/.github/ISSUE_TEMPLATE/feature-request.md b/.github/ISSUE_TEMPLATE/feature-request.md
new file mode 100644
index 0000000..270da4e
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/feature-request.md
@@ -0,0 +1,17 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: enhancement, triage
+assignees: ''
+
+---
+
+**Describe the problem/challenge you have:**
+[A description of the current challenge that you are experiencing.]
+
+**Describe the solution you'd like:**
+[A clear and concise description of what you want to happen. If applicable a visual representation of the UX.]
+
+**Anything else you would like to add:**
+[Additional information that will assist in solving the issue.]
diff --git a/.github/ISSUE_TEMPLATE/other-request.md b/.github/ISSUE_TEMPLATE/other-request.md
new file mode 100644
index 0000000..b5722c0
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/other-request.md
@@ -0,0 +1,8 @@
+---
+name: Other issue or question
+about: Free form issue or question
+title: ''
+labels: triage
+assignees: ''
+
+---
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..4bb1068
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,13 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: daily
+      time: "00:30"
+      timezone: Europe/Copenhagen
+    open-pull-requests-limit: 10
+    labels:
+      - "dependencies"
+    commit-message:
+      prefix: "deps:"
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 4e9b715..b98fffa 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -3,31 +3,31 @@ on:
   - workflow_dispatch
 
 env:
-  COSIGN_EXPERIMENTAL: 1
   REGISTRY: ghcr.io
   IMAGE_NAME: ${{ github.repository }}
-  VERSION: 0.1.2
+  VERSION: 0.27.0
 
 jobs:
   build:
     name: Build
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     permissions:
       contents: write
       packages: write
     outputs:
-      image-release: ${{ steps.image-info.outputs.release }}
+      image-name: ${{ steps.image-info.outputs.image_name }}
+      image-digest: ${{ steps.image-info.outputs.image_digest }}
     steps:
       - name: Checkout source code
-        uses: actions/checkout@v3.0.2
+        uses: actions/checkout@v6.0.0
 
       - name: Set up Carvel
-        uses: vmware-tanzu/carvel-setup-action@v1.1.1
+        uses: carvel-dev/setup-action@v2.0.1
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Log into container registry
-        uses: redhat-actions/podman-login@v1.4
+        uses: redhat-actions/podman-login@v1.7
         with:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
@@ -35,7 +35,10 @@ jobs:
       
       - name: Create k3d cluster
         run: |
-          brew install k3d
+          # Install k3d
+          curl -s https://raw.githubusercontent.com/k3d-io/k3d/main/install.sh | bash
+          
+          # Create a Kubernetes cluster
           k3d cluster create test-cluster
 
           # Wait for the generation of a token for the Service Account
@@ -53,7 +56,9 @@ jobs:
           package_file=repo/package-repository.yml
           image_release=$(yq '.spec.fetch.imgpkgBundle.image' ${package_file})
           echo "IMAGE_RELEASE=${image_release}" >> $GITHUB_ENV
-          echo "::set-output name=release::${image_release}"
+
+          echo "image_name=$(echo ${image_release} | cut -d'@' -f1)" >> $GITHUB_OUTPUT
+          echo "image_digest=$(echo ${image_release} | cut -d'@' -f2)" >> $GITHUB_OUTPUT
       
       - name: Add additional tags to OCI image
         run: |
@@ -72,21 +77,20 @@ jobs:
 
   sign:
     name: Sign
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     needs: [build]
     permissions:
       packages: write
       id-token: write
     env:
-      IMAGE_RELEASE: ${{ needs.build.outputs.image-release }}
+      IMAGE_NAME: ${{ needs.build.outputs.image-name }}
+      IMAGE_DIGEST: ${{ needs.build.outputs.image-digest }}
     steps:
       - name: Install Cosign
-        uses: sigstore/cosign-installer@v2.7.0
-        with:
-          cosign-release: 'v1.12.1'
+        uses: sigstore/cosign-installer@v3.10.0
 
       - name: Log into container registry
-        uses: redhat-actions/podman-login@v1.4
+        uses: redhat-actions/podman-login@v1.7
         with:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
@@ -94,51 +98,18 @@ jobs:
 
       - name: Sign image
         run: |
-          cosign sign "${IMAGE_RELEASE}"
+          cosign sign --yes "${IMAGE_NAME}@${IMAGE_DIGEST}"
   
   provenance:
-    name: Provenance
-    runs-on: ubuntu-22.04
     needs: [build,sign]
     permissions:
-      packages: write
+      actions: read
       id-token: write
-    env:
-      IMAGE_RELEASE: ${{ needs.build.outputs.image-release }}
-      PROVENANCE_FILE: provenance.att
-    steps:
-      - name: Install Cosign
-        uses: sigstore/cosign-installer@v2.7.0
-        with:
-          cosign-release: 'v1.12.1'
-      
-      - name: Log into container registry
-        uses: redhat-actions/podman-login@v1.4
-        with:
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-          registry: ${{ env.REGISTRY }}
-      
-      - name: Extract digest
-        run: |
-          digest=$(echo ${IMAGE_RELEASE} | cut -d "@" -f2)
-          echo "IMAGE_DIGEST=${digest}" >> $GITHUB_ENV
-
-      - name: Generate provenance
-        uses: philips-labs/slsa-provenance-action@v0.7.2
-        with:
-          command: generate
-          subcommand: container
-          arguments: --repository ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} --tags ${{ env.VERSION }} --digest ${{ env.IMAGE_DIGEST }} --output-path ${{ env.PROVENANCE_FILE }}
-        env:
-          COSIGN_EXPERIMENTAL: 0
-
-      - name: Attach provenance
-        run: |
-          jq '.predicate' "${PROVENANCE_FILE}" > provenance-predicate.att
-          cosign attest --predicate provenance-predicate.att --type slsaprovenance "${IMAGE_RELEASE}"
-
-      - uses: actions/upload-artifact@v3.1.0
-        with:
-          name: provenance.att
-          path: ${{ env.PROVENANCE_FILE }}
+      packages: write
+    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v2.1.0
+    with:
+      image: ${{ needs.build.outputs.image-name }}
+      digest: ${{ needs.build.outputs.image-digest }}
+      registry-username: ${{ github.actor }}
+    secrets:
+      registry-password: ${{ secrets.GITHUB_TOKEN }}
diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md
new file mode 100644
index 0000000..d65f99f
--- /dev/null
+++ b/CODE_OF_CONDUCT.md
@@ -0,0 +1,128 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, religion, or sexual identity
+and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+* Demonstrating empathy and kindness toward other people
+* Being respectful of differing opinions, viewpoints, and experiences
+* Giving and gracefully accepting constructive feedback
+* Accepting responsibility and apologizing to those affected by our mistakes,
+  and learning from the experience
+* Focusing on what is best not just for us as individuals, but for the
+  overall community
+
+Examples of unacceptable behavior include:
+
+* The use of sexualized language or imagery, and sexual attention or
+  advances of any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or email
+  address, without their explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct, and will communicate reasons for moderation
+decisions when appropriate.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+Examples of representing our community include using an official e-mail address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported to the community leaders responsible for enforcement at
+community@kadras.io.
+All complaints will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security of the
+reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in determining
+the consequences for any action they deem in violation of this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior deemed
+unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders, providing
+clarity around the nature of the violation and an explanation of why the
+behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series
+of actions.
+
+**Consequence**: A warning with consequences for continued behavior. No
+interaction with the people involved, including unsolicited interaction with
+those enforcing the Code of Conduct, for a specified period of time. This
+includes avoiding interactions in community spaces as well as external channels
+like social media. Violating these terms may lead to a temporary or
+permanent ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards, including
+sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public
+communication with the community for a specified period of time. No public or
+private interaction with the people involved, including unsolicited interaction
+with those enforcing the Code of Conduct, is allowed during this period.
+Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of community
+standards, including sustained inappropriate behavior,  harassment of an
+individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within
+the community.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 2.0, available at
+https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
+
+Community Impact Guidelines were inspired by [Mozilla's code of conduct
+enforcement ladder](https://github.com/mozilla/diversity).
+
+[homepage]: https://www.contributor-covenant.org
+
+For answers to common questions about this code of conduct, see the FAQ at
+https://www.contributor-covenant.org/faq. Translations are available at
+https://www.contributor-covenant.org/translations.
diff --git a/LICENSE b/LICENSE
index 7ce99a3..261eeb9 100644
--- a/LICENSE
+++ b/LICENSE
@@ -186,7 +186,7 @@
       same "printed page" as the copyright notice for easier
       identification within third-party archives.
 
-   Copyright 2022 Arktonix
+   Copyright [yyyy] [name of copyright owner]
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.
diff --git a/MAINTAINERS.md b/MAINTAINERS.md
new file mode 100644
index 0000000..2249643
--- /dev/null
+++ b/MAINTAINERS.md
@@ -0,0 +1,3 @@
+# Maintainers
+
+* Thomas Vitale | [ThomasVitale](https://github.com/ThomasVitale)
\ No newline at end of file
diff --git a/README.md b/README.md
index e4931b0..fedb0d3 100644
--- a/README.md
+++ b/README.md
@@ -1,94 +1,90 @@
 # Kadras Packages
 
-A collection of Kubernetes-native packages based on [Carvel](https://carvel.dev) and part of the Kadras project.
+![Release Workflow](https://github.com/kadras-io/kadras-packages/actions/workflows/release.yml/badge.svg)
+[![The SLSA Level 3 badge](https://slsa.dev/images/gh-badge-level3.svg)](https://slsa.dev/spec/v1.0/levels)
+[![The Apache 2.0 license badge](https://img.shields.io/badge/License-Apache_2.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
+[![Follow us on Bluesky](https://img.shields.io/static/v1?label=Bluesky&message=Follow&color=1DA1F2)](https://bsky.app/profile/kadras.bsky.social)
 
-## Components
+The [Kadras](https://kadras.io) collection of Kubernetes-native packages built with [Carvel](https://carvel.dev).
 
-This repository contains the Carvel packages part of the Kadras project.
+## 📦&nbsp; Package Repository
 
-The following packages are maintained by the [Arktonix](https://github.com/arktonix) organization:
+This repository contains the following Carvel packages.
 
-* [argo-cd](https://github.com/arktonix/package-for-argo-cd)
-* [knative-eventing](https://github.com/arktonix/package-for-knative-eventing)
-* [knative-serving](https://github.com/arktonix/package-for-knative-serving)
+| Package | Description |
+|---------|-------------|
+| [cert-manager](https://github.com/kadras-io/package-for-cert-manager) | A cloud-native solution to automatically provision and manage X.509 certificates. |
+| [contour](https://github.com/kadras-io/package-for-contour) | An Envoy-based ingress controller that supports dynamic configuration updates and multi-team ingress delegation. |
+| [crossplane](https://github.com/kadras-io/package-for-crossplane) | A Kubernetes extension that transforms your Kubernetes cluster into a universal control plane. |
+| [dependency-track](https://github.com/kadras-io/package-for-dependency-track) | OWASP Dependency Track is a continuous SBOM Analysis Platform for managing software supply chain security risks. |
+| [developer-portal](https://github.com/kadras-io/package-for-developer-portal) | Kadras Developer Portal, based on Backstage. It supports application developers with paved paths to production on Kubernetes. |
+| [engineering-platform](https://github.com/kadras-io/engineering-platform) | A curated set of Carvel packages to build an engineering platform supporting application developers with paved paths to production on Kubernetes. |
+| [flux](https://github.com/kadras-io/package-for-flux) | A continuous deployment solution for Kubernetes, powered by the GitOps Toolkit. |
+| [gitops-configurer](https://github.com/kadras-io/gitops-configurer) | Provides GitOps configuration for the Kadras Engineering Platform. |
+| [knative-serving](https://github.com/kadras-io/package-for-knative-serving) | A solution built on Kubernetes to support deploying and serving of applications and functions as serverless containers. |
+| [kyverno](https://github.com/kadras-io/package-for-kyverno) | A policy engine designed for Kubernetes. It can validate, mutate, and generate configurations using admission controls and background scans. |
+| [metrics-server](https://github.com/kadras-io/package-for-metrics-server) | A scalable and efficient source of container resource metrics for Kubernetes built-in autoscaling pipelines. |
+| [postgresql-operator](https://github.com/kadras-io/package-for-postgresql-operator) | CloudNativePG, a Kubernetes operator that covers the full lifecycle of a PostgreSQL database cluster with a primary/standby architecture, using native streaming replication. |
+| [rabbitmq-operator](https://github.com/kadras-io/package-for-rabbitmq-operator) | A message broker supporting multiple messaging protocols and streaming. |
+| [rbac-configurer](https://github.com/kadras-io/rbac-configurer) | Provides default roles and RBAC configuration for the Kadras Engineering Platform. |
+| [secretgen-controller](https://github.com/kadras-io/package-for-secretgen-controller) | Generates various types of Secrets in-cluster as well as export and import Secrets across namespaces. |
+| [service-binding](https://github.com/kadras-io/package-for-service-binding) | A standard and automated way for communicating service secrets to workloads. |
+| [tempo-operator](https://github.com/kadras-io/package-for-tempo-operator) | A solution to manage Grafana Tempo on Kubernetes and OpenShift clusters. |
+| [workspace-provisioner](https://github.com/kadras-io/workspace-provisioner) | Provisions and configures workspaces (namespaces or virtual clusters) to work with the Kadras Engineering Platform. |
 
-It also includes the following open-source packages maintained by the [VMware Tanzu](https://github.com/vmware-tanzu) organization:
+## 🚀&nbsp; Getting Started
 
-* [cartographer](https://github.com/vmware-tanzu/package-for-cartographer)
-* [cert-manager](https://github.com/vmware-tanzu/community-edition/tree/main/addons/packages/cert-manager)
-* [contour](https://github.com/vmware-tanzu/community-edition/tree/main/addons/packages/contour)
-* [kpack](https://github.com/vmware-tanzu/package-for-kpack)
-* [metrics-server](https://github.com/vmware-tanzu/community-edition/tree/main/addons/packages/metrics-server)
-* [secretgen-controller](https://github.com/vmware-tanzu/carvel-secretgen-controller)
+### Prerequisites
 
-## Prerequisites
+* Kubernetes 1.32+
+* Carvel [`kctrl`](https://carvel.dev/kapp-controller/docs/latest/install/#installing-kapp-controller-cli-kctrl) CLI.
+* Carvel [kapp-controller](https://carvel.dev/kapp-controller) deployed in your Kubernetes cluster. You can install it with Carvel [`kapp`](https://carvel.dev/kapp/docs/latest/install) (recommended choice) or `kubectl`.
 
-* Install the [`kctrl`](https://carvel.dev/kapp-controller/docs/latest/install/#installing-kapp-controller-cli-kctrl) CLI to manage Carvel packages in a convenient way.
-* Ensure [kapp-controller](https://carvel.dev/kapp-controller) is deployed in your Kubernetes cluster. You can do that with Carvel
-[`kapp`](https://carvel.dev/kapp/docs/latest/install) (recommended choice) or `kubectl`.
+  ```shell
+  kapp deploy -a kapp-controller -y \
+    -f https://github.com/carvel-dev/kapp-controller/releases/latest/download/release.yml
+  ```
 
-```shell
-kapp deploy -a kapp-controller -y \
-  -f https://github.com/vmware-tanzu/carvel-kapp-controller/releases/latest/download/release.yml
-```
+### Installation
 
-## Installation
+Install the Kadras package repository in a dedicated namespace using `kctrl`:
 
-You can install the Kadras package repository in a dedicated namespace using `kctrl`:
+  ```shell
+  kctrl package repository add -r kadras-packages \
+    --url ghcr.io/kadras-io/kadras-packages \
+    -n kadras-system --create-namespace
+  ```
 
-```shell
-kubectl create namespace carvel-packages
-kctrl package repository add -r kadras-repo \
-    --url ghcr.io/arktonix/kadras-packages:0.1.2 \
-    -n carvel-packages
-```
+<details><summary>Installation via CRDs</summary>
+Instead of installing the Kadras package repository with `kctrl`, you can apply the necessary Carvel CRDs directly using [`kapp`](https://carvel.dev/kapp/docs/latest/install), `kubectl` or a GitOps operator.
 
-Alternatively, you can add the repository by applying the `PackageRepository` manifest:
+  ```shell
+  kubectl create namespace kadras-system
+  kapp deploy -a kadras-repo -n kadras-system -y \
+    -f https://github.com/kadras-io/kadras-packages/releases/latest/download/package-repository.yml
+  ```
+</details>
 
-```shell
-kubectl create namespace carvel-packages
-kapp deploy -a kadras-repo -n carvel-packages -y \
-    -f https://github.com/arktonix/kadras-packages/releases/latest/download/package-repository.yml
-```
+Verify the list of available Carvel package repositories and their status.
 
-After the installation, you can retrieve the list of available Carvel package repositories in your cluster
-with the following command.
+  ```shell
+  kctrl package repository list -n kadras-system
+  ```
 
-```shell
-kctrl package repository list -n carvel-packages
-```
+List all the Carvel packages available in the Kadras package repository.
 
-The Kadras package repository provides a collection of Carvel packages that you can list as follows.
+  ```shell
+  kctrl package available list -n kadras-system
+  ```
 
-```shell
-kctrl package available list -n carvel-packages
-```
+## 📙&nbsp; Documentation
 
-## Update
+For documentation specific to Carvel package management, check out [carvel.dev](https://carvel.dev/kapp-controller/docs/latest/packaging).
 
-You can update the repository by applying the `PackageRepository` manifest from the newest release, similar
-to the process described in the "Installation" section. Alternatively, you can use the `kctrl` CLI.
+## 🛡️&nbsp; Security
 
-```shell
-kctrl package repository update -r kadras-repo \
-    --url ghcr.io/arktonix/kadras-packages:<new-version> \
-    -n carvel-packages
-```
+The security process for reporting vulnerabilities is described in [SECURITY.md](SECURITY.md).
 
-## Documentation
+## 🖊️&nbsp; License
 
-You can find more documentation about Carvel package management at [carvel.dev](https://carvel.dev/kapp-controller/docs/latest/packaging).
-
-## References
-
-This package repository is based on and inspired by the work done by the Carvel team and the
-Tanzu Community Edition project.
-
-* [Kubernetes native package management with Carvel](https://carvel.dev/kapp-controller/docs/latest/packaging)
-* [Tanzu Community Edition, an open-source Kubernetes platform](https://tanzucommunityedition.io)
-
-## Supply Chain Security
-
-This project is compliant with level 2 of the [SLSA Framework](https://slsa.dev).
-
-<img src="https://slsa.dev/images/SLSA-Badge-full-level2.svg" alt="The SLSA Level 2 badge" width=200>
+This project is licensed under the **Apache License 2.0**. See [LICENSE](LICENSE) for more information.
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..3ef9d1a
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,5 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+If you know of a vulnerability in this project, please reach out to security@kadras.io and we will get back to you as soon as possible.
diff --git a/docs/verify-release.md b/docs/verify-release.md
new file mode 100644
index 0000000..677aad1
--- /dev/null
+++ b/docs/verify-release.md
@@ -0,0 +1,37 @@
+# Verifying the Package Repository Release
+
+This package repository is published as an OCI artifact, signed with Sigstore [Cosign](https://docs.sigstore.dev/cosign/overview), and associated with a [SLSA Provenance](https://slsa.dev/provenance) attestation.
+
+Using `cosign`, you can display the supply chain security related artifacts for the `ghcr.io/kadras-io/kadras-packages` images. Use the specific digest you'd like to verify.
+
+```shell
+cosign tree ghcr.io/kadras-io/kadras-packages
+```
+
+The result:
+
+```shell
+📦 Supply Chain Security Related artifacts for an image: ghcr.io/kadras-io/kadras-packages
+└── 💾 Attestations for an image tag: ghcr.io/kadras-io/kadras-packages:sha256-3b5321df10e6b30cd30b4dc8b8c8f0f4b3ccd9605eb9d25af03108d6e148012c.att
+   └── 🍒 sha256:8e6fc2f6005fb56c588700579cbeecabce064cf604b3cabe6294154cfe69b919
+└── 🔐 Signatures for an image tag: ghcr.io/kadras-io/kadras-packages:sha256-3b5321df10e6b30cd30b4dc8b8c8f0f4b3ccd9605eb9d25af03108d6e148012c.sig
+   └── 🍒 sha256:74c7b24859642cce47b205f0c9be06164b4d182a2c73d1c435dc4ad7af924691
+```
+
+You can verify the signature and its claims:
+
+```shell
+cosign verify \
+   --certificate-identity-regexp https://github.com/kadras-io \
+   --certificate-oidc-issuer https://token.actions.githubusercontent.com \
+   ghcr.io/kadras-io/kadras-packages | jq
+```
+
+You can also verify the SLSA Provenance attestation associated with the image.
+
+```shell
+cosign verify-attestation --type slsaprovenance \
+   --certificate-identity-regexp https://github.com/slsa-framework \
+   --certificate-oidc-issuer https://token.actions.githubusercontent.com \
+   ghcr.io/kadras-io/kadras-packages | jq .payload -r | base64 --decode | jq
+```
diff --git a/repo/packages/argo-cd.packages.kadras.io/2.4.12.yml b/repo/packages/argo-cd.packages.kadras.io/2.4.12.yml
deleted file mode 100644
index a1085d6..0000000
--- a/repo/packages/argo-cd.packages.kadras.io/2.4.12.yml
+++ /dev/null
@@ -1,45 +0,0 @@
-apiVersion: data.packaging.carvel.dev/v1alpha1
-kind: Package
-metadata:
-  creationTimestamp: null
-  name: argo-cd.packages.kadras.io.2.4.12
-spec:
-  licenses:
-  - Apache 2.0
-  refName: argo-cd.packages.kadras.io
-  releaseNotes: https://github.com/argoproj/argo-cd/releases
-  releasedAt: "2022-09-24T17:52:23Z"
-  template:
-    spec:
-      deploy:
-      - kapp: {}
-      fetch:
-      - imgpkgBundle:
-          image: ghcr.io/arktonix/package-for-argo-cd@sha256:d9aefd2d161c82ac0b6efc0e6bf3abce78c9be31aeca07d12787c5f6b8ded948
-      template:
-      - ytt:
-          paths:
-          - config
-      - kbld:
-          paths:
-          - '-'
-          - .imgpkg/images.yml
-  valuesSchema:
-    openAPIv3:
-      additionalProperties: false
-      properties:
-        namespace:
-          default: argocd
-          description: The namespace where to install Argo CD
-          type: string
-        service:
-          additionalProperties: false
-          description: Service configuration for the Argo CD Server
-          properties:
-            type:
-              default: ClusterIP
-              description: The Service type for the Argo CD Server
-              type: string
-          type: object
-      type: object
-  version: 2.4.12
diff --git a/repo/packages/argo-cd.packages.kadras.io/metadata.yml b/repo/packages/argo-cd.packages.kadras.io/metadata.yml
deleted file mode 100644
index b82afe1..0000000
--- a/repo/packages/argo-cd.packages.kadras.io/metadata.yml
+++ /dev/null
@@ -1,16 +0,0 @@
-apiVersion: data.packaging.carvel.dev/v1alpha1
-kind: PackageMetadata
-metadata:
-  creationTimestamp: null
-  name: argo-cd.packages.kadras.io
-spec:
-  categories:
-  - ci/cd
-  - gitops
-  displayName: argo-cd
-  longDescription: Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.
-  maintainers:
-  - name: Thomas Vitale
-  providerName: Arktonix
-  shortDescription: Argo CD is a declarative, GitOps continuous delivery tool for
-    Kubernetes.
diff --git a/repo/packages/cartographer.packages.kadras.io/0.5.3.yml b/repo/packages/cartographer.packages.kadras.io/0.5.3.yml
deleted file mode 100644
index 1fdeac4..0000000
--- a/repo/packages/cartographer.packages.kadras.io/0.5.3.yml
+++ /dev/null
@@ -1,131 +0,0 @@
-apiVersion: data.packaging.carvel.dev/v1alpha1
-kind: Package
-metadata:
-  name: cartographer.packages.kadras.io.0.5.3
-spec:
-  refName: cartographer.packages.kadras.io
-  version: 0.5.3
-  releaseNotes: https://github.com/vmware-tanzu/package-for-cartographer/releases/tag/0.5.3
-  releasedAt: "2022-08-31T18:12:55Z"
-  valuesSchema:
-    openAPIv3:
-      title: cartographer.packages.kadras.io.0.5.3 values schema
-      properties:
-        ca_cert_data:
-          type: string
-          description: 'Optional: PEM Encoded certificate data for image registries with private CA.'
-          default: ""
-        excluded_components:
-          type: array
-          items:
-            type: string
-          default: []
-          description: 'Optional: List of components to exclude from installation (e.g. [conventions])'
-        aws_iam_role_arn:
-          type: string
-          description: 'Optional: Arn role that has access to pull images from ECR container registry'
-          default: ""
-        cartographer:
-          type: object
-          properties:
-            resources:
-              type: object
-              properties:
-                limits:
-                  type: object
-                  properties:
-                    cpu:
-                      anyOf:
-                      - type: integer
-                      - type: string
-                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                      x-kubernetes-int-or-string: true
-                      description: 'Optional: maximum amount of cpu resources to allow the controller to use'
-                      default: 1000m
-                    memory:
-                      anyOf:
-                      - type: integer
-                      - type: string
-                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                      x-kubernetes-int-or-string: true
-                      description: 'Optional: maxium amount of memory to allow the controller to use'
-                      default: 128Mi
-                requests:
-                  type: object
-                  properties:
-                    cpu:
-                      anyOf:
-                      - type: integer
-                      - type: string
-                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                      x-kubernetes-int-or-string: true
-                      description: 'Optional: minimum amount of cpu to reserve'
-                      default: 250m
-                    memory:
-                      anyOf:
-                      - type: integer
-                      - type: string
-                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                      x-kubernetes-int-or-string: true
-                      description: 'Optional: minimum amount of memory to reserve'
-                      default: 128Mi
-        conventions:
-          type: object
-          properties:
-            resources:
-              type: object
-              properties:
-                limits:
-                  type: object
-                  properties:
-                    cpu:
-                      anyOf:
-                      - type: integer
-                      - type: string
-                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                      x-kubernetes-int-or-string: true
-                      description: 'Optional: maximum amount of cpu resources to allow the controller to use'
-                      default: 1000m
-                    memory:
-                      anyOf:
-                      - type: integer
-                      - type: string
-                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                      x-kubernetes-int-or-string: true
-                      description: 'Optional: maxium amount of memory to allow the controller to use'
-                      default: 128Mi
-                requests:
-                  type: object
-                  properties:
-                    cpu:
-                      anyOf:
-                      - type: integer
-                      - type: string
-                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                      x-kubernetes-int-or-string: true
-                      description: 'Optional: minimum amount of cpu to reserve'
-                      default: 250m
-                    memory:
-                      anyOf:
-                      - type: integer
-                      - type: string
-                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                      x-kubernetes-int-or-string: true
-                      description: 'Optional: minimum amount of memory to reserve'
-                      default: 128Mi
-  template:
-    spec:
-      fetch:
-      - imgpkgBundle:
-          image: index.docker.io/projectcartographer/package-for-cartographer@sha256:16bde5272cfa248ec5068016fc0a1873e84761e5485b0b23e908b7bbeff8cd0a
-      template:
-      - ytt:
-          ignoreUnknownComments: true
-          paths:
-          - config
-      - kbld:
-          paths:
-          - .imgpkg/images.yml
-          - '-'
-      deploy:
-      - kapp: {}
diff --git a/repo/packages/cartographer.packages.kadras.io/metadata.yml b/repo/packages/cartographer.packages.kadras.io/metadata.yml
deleted file mode 100644
index a23e5e6..0000000
--- a/repo/packages/cartographer.packages.kadras.io/metadata.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-apiVersion: data.packaging.carvel.dev/v1alpha1
-kind: PackageMetadata
-metadata:
-  name: cartographer.packages.kadras.io
-  annotations:
-    kapp.k14s.io/change-group: carto.run/meta
-spec:
-  displayName: Cartographer
-  providerName: VMware
-  shortDescription: Kubernetes native Supply Chain Choreographer.
-  supportDescription: https://github.com/vmware-tanzu/cartographer
-  longDescription: |-
-    Cartographer is a Kubernetes native Choreographer. It allows users to
-    configure K8s resources into re-usable Supply Chains that can be used to
-    define all of the stages that an Application Workload must go through to
-    get to an environment. Requires cert-manager to be installed.
-  maintainers:
-  - name: VMware
diff --git a/repo/packages/cert-manager.packages.kadras.io/1.18.2.yml b/repo/packages/cert-manager.packages.kadras.io/1.18.2.yml
new file mode 100644
index 0000000..5cce3c3
--- /dev/null
+++ b/repo/packages/cert-manager.packages.kadras.io/1.18.2.yml
@@ -0,0 +1,231 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: cert-manager.packages.kadras.io.1.18.2
+spec:
+  licenses:
+  - Apache 2.0
+  refName: cert-manager.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-cert-manager/releases
+  releasedAt: "2025-08-14T17:36:11Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-cert-manager@sha256:84afdbe2e4b2d84ef5f9774b4608ffb100029c7e0a97bc0568aec9401c8c652b
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        cainjector:
+          additionalProperties: false
+          description: Settings for the cainjector controller.
+          properties:
+            loglevel:
+              default: 2
+              description: Number of the log level verbosity.
+              maximum: 5
+              minimum: 1
+              type: integer
+            replicas:
+              default: 1
+              description: The number of replicas. In order to enable high availability,
+                2 replicas are recommended.
+              minimum: 1
+              type: integer
+          type: object
+        controller:
+          additionalProperties: false
+          description: Settings for the cert-manager controller.
+          properties:
+            dns01:
+              additionalProperties: false
+              description: Configures the behaviour of the ACME DNS01 challenge solver.
+              properties:
+                recursive_nameservers:
+                  default: []
+                  description: Each nameserver can be either the IP address and port
+                    of a standard recursive DNS server, or the endpoint to an RFC
+                    8484 DNS over HTTPS endpoint.
+                  items:
+                    default: ""
+                    type: string
+                  type: array
+                recursive_nameservers_only:
+                  default: false
+                  description: When true, cert-manager will only ever query the configured
+                    DNS resolvers to perform the ACME DNS01 self check. This is useful
+                    in DNS constrained environments, where access to authoritative
+                    nameservers is restricted. Enabling this option could cause the
+                    DNS01 self check to take longer due to caching performed by the
+                    recursive nameservers.
+                  type: boolean
+              type: object
+            loglevel:
+              default: 2
+              description: Number of the log level verbosity.
+              maximum: 5
+              minimum: 1
+              type: integer
+            replicas:
+              default: 1
+              description: The number of replicas. In order to enable high availability,
+                2 replicas are recommended.
+              minimum: 1
+              type: integer
+          type: object
+        leader_election:
+          additionalProperties: false
+          description: Leader election configuration for the cert-manager and cert-manager-cainjector
+            Deployments.
+          properties:
+            namespace:
+              default: kube-system
+              description: 'Namespace used to perform leader election. The default
+                namespace needs changing in environments like GKE. More information:
+                https://cert-manager.io/docs/installation/compatibility.'
+              minLength: 1
+              type: string
+          type: object
+        letsencrypt:
+          additionalProperties: false
+          description: Settings for Let's Encrypt.
+          properties:
+            challenge:
+              additionalProperties: false
+              properties:
+                dns_provider:
+                  default: digital_ocean
+                  description: 'The DNS provider to use for the ACME dns01 challenge.
+                    Valid options: `cloudflare`, `digital_ocean`.'
+                  enum:
+                  - cloudflare
+                  - digital_ocean
+                  type: string
+                secret:
+                  additionalProperties: false
+                  properties:
+                    key:
+                      default: ""
+                      description: The key within the Secret that contains the credentials
+                        needed for the dns01 challenge.
+                      type: string
+                    name:
+                      default: ""
+                      description: Name of the Secret containing the credentials needed
+                        for the dns01 challenge.
+                      type: string
+                    namespace:
+                      default: kadras-system
+                      description: Namespace containing the Secret with the credentials
+                        needed for the dns01 challenge.
+                      type: string
+                  type: object
+                type:
+                  default: http01
+                  description: 'The type of challenge used by the ACME CA Server.
+                    Valid options: `http01`, `dns01`.'
+                  enum:
+                  - http01
+                  - dns01
+                  type: string
+              type: object
+            email:
+              default: ""
+              description: The email address that Let's Encrypt will use to send info
+                on expiring certificates or other issues.
+              type: string
+            include:
+              default: false
+              description: Whether to include a ClusterIssuer for Let's Encrypt.
+              type: boolean
+            production:
+              default: false
+              description: Whether to use Let's Encrypt staging (recommended for non-production
+                environments) or production.
+              type: boolean
+          type: object
+        namespace:
+          default: cert-manager
+          description: The namespace in which to deploy cert-manager.
+          minLength: 1
+          type: string
+        policies:
+          additionalProperties: false
+          description: Settings for the Kyverno policies.
+          properties:
+            include:
+              default: false
+              description: Whether to include the out-of-the-box Kyverno policies
+                to validate and secure the package installation.
+              type: boolean
+          type: object
+        private_pki:
+          additionalProperties: false
+          description: Settings for the built-in, private PKI
+          properties:
+            include:
+              default: true
+              description: Whether to include a ClusterIssuer for a private PKI.
+              type: boolean
+          type: object
+        proxy:
+          additionalProperties: false
+          description: Settings for the corporate proxy.
+          properties:
+            http_proxy:
+              default: ""
+              description: The HTTP proxy to use for network traffic.
+              type: string
+            https_proxy:
+              default: ""
+              description: The HTTPS proxy to use for network traffic.
+              type: string
+            no_proxy:
+              default: ""
+              description: A comma-separated list of hostnames, IP addresses, or IP
+                ranges in CIDR format that should not use the proxy.
+              type: string
+          type: object
+        webhook:
+          additionalProperties: false
+          description: Settings for the cert-manager webhook.
+          properties:
+            host_network:
+              default: false
+              description: 'Whether to run the webhook in the host network so that
+                it can be reached by the cert-manager controller in environments like
+                AWS EKS. More information: https://cert-manager.io/docs/installation/compatibility.'
+              type: boolean
+            loglevel:
+              default: 2
+              description: Number of the log level verbosity.
+              maximum: 5
+              minimum: 1
+              type: integer
+            replicas:
+              default: 1
+              description: The number of replicas. In order to enable high availability,
+                at least 3 replicas are recommended.
+              minimum: 1
+              type: integer
+            secure_port:
+              default: 6443
+              description: 'The port where the webhook is exposed. The default port
+                needs changing in environments like AWS EKS and AWS Fargate. More
+                information: https://cert-manager.io/docs/installation/compatibility.'
+              type: integer
+          type: object
+      type: object
+  version: 1.18.2
diff --git a/repo/packages/cert-manager.packages.kadras.io/1.9.1.yml b/repo/packages/cert-manager.packages.kadras.io/1.9.1.yml
deleted file mode 100644
index 6714daf..0000000
--- a/repo/packages/cert-manager.packages.kadras.io/1.9.1.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-apiVersion: data.packaging.carvel.dev/v1alpha1
-kind: Package
-metadata:
-  name: cert-manager.packages.kadras.io.1.9.1
-spec:
-  refName: cert-manager.packages.kadras.io
-  version: 1.9.1
-  releasedAt: 2022-08-16T15:24:00Z
-  releaseNotes: "cert-manager 1.9.1 https://github.com/jetstack/cert-manager/releases/tag/v1.9.1"
-  licenses:
-    - "Apache 2.0"
-  template:
-    spec:
-      fetch:
-        - imgpkgBundle:
-            image: projects.registry.vmware.com/tce/cert-manager@sha256:e321a8936343a3eb05676aa2cf5ba7b5a07a8867e94cab75bff68800fa6b0459
-      template:
-        - ytt:
-            paths:
-              - config/
-        - kbld:
-            paths:
-              - "-"
-              - .imgpkg/images.yml
-      deploy:
-        - kapp: {}
-  capacityRequirementsDescription: "Varies significantly based on number of Certificate objects"
-  valuesSchema:
-    openAPIv3:
-      title: cert-manager.packages.kadras.io.1.9.1 values schema
-      examples:
-        - namespace: cert-manager
-      properties:
-        namespace:
-          type: string
-          description: The namespace in which to deploy cert-manager.
-          default: cert-manager
diff --git a/repo/packages/cert-manager.packages.kadras.io/metadata.yml b/repo/packages/cert-manager.packages.kadras.io/metadata.yml
index d4902bb..ea7c04c 100644
--- a/repo/packages/cert-manager.packages.kadras.io/metadata.yml
+++ b/repo/packages/cert-manager.packages.kadras.io/metadata.yml
@@ -1,16 +1,23 @@
 apiVersion: data.packaging.carvel.dev/v1alpha1
 kind: PackageMetadata
 metadata:
+  creationTimestamp: null
   name: cert-manager.packages.kadras.io
 spec:
-  displayName: "cert-manager"
-  longDescription: "Provides certificate management provisioning within the cluster"
-  shortDescription: "Certificate management"
-  providerName: VMware
-  maintainers:
-    - name: Nicholas Seemiller
   categories:
-    - "security"
-    - "tls"
-    - "certificate"
-  supportDescription: "Go to https://cert-manager.io/ for documentation or the #cert-manager channel on Kubernetes slack"
+  - certificate-management
+  - security
+  - tls
+  displayName: cert-manager
+  iconSVGBase64: PHN2ZyBpZD0ic3ZnMzg4MSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxuczp4bGluaz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94bGluayIgdmlld0JveD0iMCAwIDc5MiA3OTIiPjxkZWZzPjxzdHlsZT4uY2xzLTEsLmNscy0ye2ZpbGw6bm9uZTt9LmNscy0ye2NsaXAtcGF0aDp1cmwoI2NsaXAtcGF0aCk7fS5jbHMtM3tjbGlwLXBhdGg6dXJsKCNjbGlwLXBhdGgtMik7fS5jbHMtNHtmaWxsOiNmZmY7fS5jbHMtNXtmaWxsOiMzMjZjZTU7fS5jbHMtNnttYXNrOnVybCgjbWFzayk7fS5jbHMtN3tmaWxsOiNmZGZkZmU7fTwvc3R5bGU+PGNsaXBQYXRoIGlkPSJjbGlwLXBhdGgiPjxwb2x5Z29uIGNsYXNzPSJjbHMtMSIgcG9pbnRzPSItNTEyLjU0NyAtNzIuNTIyIC01MTEuNTQ3IC03Mi41MjIgLTUxMi41NDcgLTcxLjUyMiAtNTEyLjU0NyAtNzIuNTIyIi8+PC9jbGlwUGF0aD48Y2xpcFBhdGggaWQ9ImNsaXAtcGF0aC0yIj48cG9seWdvbiBjbGFzcz0iY2xzLTIiIHBvaW50cz0iLTUxNC41NDcgLTc0LjUyMiAtNTE1LjU0NyAtNzQuNTIyIC01MTQuNTQ3IC03NS41MjIgLTUxNC41NDcgLTc0LjUyMiIvPjwvY2xpcFBhdGg+PG1hc2sgaWQ9Im1hc2siIHg9Ijk1LjQ1OTk3IiB5PSIyMjAuNTY0MTUiIHdpZHRoPSIxMTQ1LjA3OTc0IiBoZWlnaHQ9IjU4OC4wNjYxMSIgbWFza1VuaXRzPSJ1c2VyU3BhY2VPblVzZSI+PGcgaWQ9Im1hc2stMiIgZGF0YS1uYW1lPSJtYXNrIj48ZyBpZD0iZzM4MjMiPjxwYXRoIGlkPSJwYXRoMzgxOSIgZD0iTTk0Ni41MDY2LDIyMC41NjQxNWMtMTYyLjM4OCwwLTI5NC4wMzMsMTMxLjY0NTA3LTI5NC4wMzMsMjk0LjAzMzA3czEzMS42NDUsMjk0LjAzMzA1LDI5NC4wMzMwNSwyOTQuMDMzMDUsMjk0LjAzMzExLTEzMS42NjU2NiwyOTQuMDMzMTEtMjk0LjAzM1MxMTA4Ljg5NDY0LDIyMC41NjQxNSw5NDYuNTA2NiwyMjAuNTY0MTVabS0uMDcyMiw1NjIuNDljLTE0OC4zMTA4MSwwLTI2OC4zNTM3My0xMjAuMTA0ODYtMjY4LjM4NDctMjY4LjQxNTY0Uzc5OC40MTIzMywyNDUuODgyNSw5NDYuODE2LDI0Ni4xNTA2M3MyNjguMjgxNTksMTIwLjM5MzYxLDI2OC4xMzcyLDI2OC42NTI4NlMxMDk0LjcyNDYzLDc4My4wOTU0MSw5NDYuNDM0NCw3ODMuMDU0MTJaIi8+PC9nPjwvZz48L21hc2s+PC9kZWZzPjxnIGlkPSJUZXh0Ij48ZyBjbGFzcz0iY2xzLTMiPjxnIGlkPSJnMzg3OCI+PGcgaWQ9IlRleHRfYW5kX2RldGFpbCIgZGF0YS1uYW1lPSJUZXh0IGFuZCBkZXRhaWwiPjxwYXRoIGlkPSJDaXJjbGUiIGNsYXNzPSJjbHMtNCIgZD0iTTM4Mi4xNTI2Niw4Mi44Nzg0NmMtMTcyLjQsMC0zMTIuMTYsMTM5Ljc2LTMxMi4xNiwzMTIuMTYsMCwxNzIuNCwxMzkuNzYsMzEyLjE2LDMxMi4xNiwzMTIuMTZzMzEyLjE2LTEzOS43MiwzMTIuMTYtMzEyLjE2LTEzOS43Ni0zMTIuMTYtMzEyLjE2LTMxMi4xNlptLS4wOCw1OTcuMTU5OTRjLTE1Ny40NCwwLTI4NC44OS0xMjcuNTEtMjg0LjkyLTI4NC45NSwwLTE1Ny42MSwxMjcuNzgtMjg1LjMsMjg1LjMzLTI4NSwxNTcuNTUwMDUuMywyODQuODA5OTQsMTI3LjgsMjg0LjY3MDA1LDI4NS4yMkM2NjcuMDEyNTgsNTUyLjcyODQsNTM5LjUxMjU4LDY4MC4wODgzOSwzODIuMDcyNjQsNjgwLjAzODRaIi8+PGcgaWQ9IkxFVFRFUlMiPjxwYXRoIGlkPSJwYXRoMzg1MSIgY2xhc3M9ImNscy00IiBkPSJNMjM4LjE1MjY2LDUzNi40Nzg0NmMtMS0zLjQ1LTUuNzUtNi44OC05LjQ0LTYuNDItNS4yNC42Ny0xMC40NiwxLjU0LTE2Ljc2LDIuNDgsMi4zMi02LjE1LDQuMjgtMTEuNCw2LjI4LTE2LjY1LDEuNzMtNC41Ni0yLTYuNzctNC4zNC05LjIxcy00LjE3LjY0LTUuNzYsMS45Yy04LjQ3LDYuNzEtMTYuNjgsMTMuNzUtMjUuMjMsMjAuMzUtNC4wNiwzLjEzLTEsNC45NS42NCw3LjJzMy4zMSw0Ljc4LDYuNjYsMS44M2MzLjg2LTMuMzksNy45NC02LjU0LDEyLTkuODMuMTUuMzguMjkuNTYuMjUuNjgtLjgsMi4zMi0xLjY3LDQuNjItMi40NSw2Ljk1LTEuNjMsNC45MiwxLjUyLDguNTEsNi42OSw3LjcsMi4xNS0uMzQsNC4zNC0xLDYuOS4xLTQuMTYsMy40MS03Ljc3LDYuNjEtMTEuNjMsOS40Ni0zLjE3LDIuMzQtMS42NSw0LjI1LjI2LDZzMi43MSw2LjMxLDYuOCwzcTEzLjc5LTExLjEyLDI3LjQ5LTIyLjMxQzIzNy40NTI2NCw1MzguOTM4NDIsMjM4LjY2MjY3LDUzOC4yMTg0NSwyMzguMTUyNjYsNTM2LjQ3ODQ2WiIvPjxwYXRoIGlkPSJwYXRoMzg1MyIgY2xhc3M9ImNscy00IiBkPSJNNDA1LjMwMjYyLDIwMC4wODg0NWM2LjU0LDIuNyw5LjEzLDEuNDYsMTAuNDgtNS4zLjMtMS40Ny41Ny0yLjkzLjkzLTQuMzguMjktMS4xOCwwLTMuMTcsMS44MS0yLjkyczQuMTMtLjEyLDQuNzksMi41OCwxLjQ4LDUuMDksMi4yMiw3LjYzYzIuMDgsNywzLjUxLDguMDksMTAuNjQsOC40NiwyLjY4LjE0LDMuMjgtLjc3LDIuNTctMy4xNi0xLjEyLTMuODEtMi4wOS03LjY3LTMuMjgtMTEuNDYtLjU1LTEuNzMtMS0yLjc1LDEuMzctMy43NCw1Ljc4LTIuNDQsNy4zNC03LjY4LDcuNzUtMTMuMDcsMC02LjY2LTQtMTEuNTMtMTEuNDgtMTMuNTMtNi4wOC0xLjYyLTEyLjMyLTIuNjMtMTguNDgtNC0yLjMtLjUtMy40NS40My0zLjg4LDIuNjMtMi4zNiwxMi00Ljc2LDI0LjA4LTcuMDksMzYuMTQtLjMxLDEuNjMtLjU0LDMuMjIsMS42NSw0LjEyWm0xNy41NC0zMWM1LjA1LS41MSw5LjkyLDIuNDEsOS44Nyw1LjRzLTEuOCw0LjQ0LTUuMTksNC41M2MtMi4wOS0xLjc2LTYuOTQsMS4xLTcuNjUtMy4zNy0uMy0xLjg5LTEtNi4xMSwyLjk3LTYuNTJaIi8+PHBhdGggaWQ9InBhdGgzODU1IiBjbGFzcz0iY2xzLTQiIGQ9Ik0zMzkuNDUyNjQsNTkxLjI5ODQ3Yy0yLjg0LS45My01Ljc0LTIuMS02Ljc0LDIuNjItMS4wOSw1LjE5LTIuNzUsMTAuMjUtNC40NywxNi41LTIuNjMtNy44Mi01LjA3LTE0LjUyLTcuMS0yMS4zNC0xLjMzLTQuNDYtNS4xNS00LjQyLTguMzctNS0zLjU1LS41OC0yLjkxLDMtMy40Nyw1LTMsMTAuMzYtNS41OCwyMC44Ni04LjgsMzEuMTYtMS41OCw1LjA4LDIuMTcsNC42Miw0LjY3LDUuNDksMi42Ni45MSw1LjQ3LDIsNi40OC0yLjQsMS4yMS01LjI3LDIuODItMTAuNDUsNC40NS0xNi4zNC42NywxLjU0LDEuMTMsMi40MiwxLjQ0LDMuMzQsMiw2LDQuMDksMTEuOTMsNiwxNy45NCwxLjM3LDQuNDQsNS4zNyw0LjE3LDguNTYsNC42MXMyLjUzLTMsMy4wNi00LjgxYzMtMTAuMzgsNS41My0yMC44OSw4LjgtMzEuMTcsMS40OS00Ljk4LTEuOTYtNC43Ni00LjUxLTUuNloiLz48cGF0aCBpZD0icGF0aDM4NTciIGNsYXNzPSJjbHMtNCIgZD0iTTU4MC4zMTI2Myw1MjguMDQ4NDdjLTMuMjgtLjQ3LTYuNTEtMS40NC05LjgwMDA1LTEuNzUtMi43MS0uMjUtMy4zOS0xLjE5LTMuNDgtNC0uMjItNy02LjU1MDA1LTEyLjc0LTEzLjQzOTk0LTEyLjgyLTQuNzMtLjEzLTguMzUsMi4yNC0xMS4yNSw1LjU2LTMuNjEsNC4xMy02LjcxLDguNy0xMC4zMywxMi44Mi0yLjQ2LDIuODEtMi4xNSw0LjU1Ljc4LDYuNzYsOC43Niw2LjYyLDE3LjQ0OTk1LDEzLjM1LDI1LjkzOTk0LDIwLjMsMywyLjQsNC41MSwyLjE1LDYuNzItLjg2LDQtNS40NSw0LjE2LTUuMzItMS4yMy05LjUtMS4xODAwNS0uOTItMi40Mi0xLjc4LTMuNS0yLjgxLS44My0uNzktMi44OS0xLjExLTEuNzMtMi45MS45Mzk5NC0xLjQ1LDEuNzUtMy4zNSw0LjE2LTIuODZzNSwuNTYsNy4zMjk5NSwxLjQxYzUuMzcsMiw4LjcxLS4wOSwxMS42My00LjU0LDEuOTMwMDUtMi44OSwyLjAzLTQuMjYtMS44LTQuOFptLTMwLDUuNDNjLS43NS4wNi02LjEzLTQuNTYtNi4wOC01LjIzLjEzLTEuNzYsNi4yOC03LjY1LDgtNy42NSwyLjMxMDA2LjQ2LDQsMS42MSw0LjE4OTk0LDQuMTVDNTU2LjUzMjYsNTI2LjI5ODQ3LDU1MS40NTI2NCw1MzMuMzc4NDksNTUwLjMxMjYzLDUzMy40Nzg0NloiLz48cGF0aCBpZD0icGF0aDM4NTkiIGNsYXNzPSJjbHMtNCIgZD0iTTMzMS43MTI2NSwyMDEuMDc4NDdjLjM1LDIsMSwzLjYsMy40OSwzLjIxLDktMS41NiwxOC4wNi0yLjkxLDI3LTQuNzcsNC43Mi0xLDEuNDctNC41NiwxLjUyLTcsLjA1LTIuNjEtMS4zNy0zLjQtMy45My0yLjktNC44OS45NS05Ljg1LDEuNi0xNC43NCwyLjU3LTIuNTQuNS0zLjIxLS42Ni0zLjQ1LTIuODMtLjIxLTEuOTMtLjQ5LTMuNDMsMi4zLTMuNzQsNC4xMy0uNDQsOC4xNy0xLjYxLDEyLjMtMi4wNSw0LjQ3LS40OCwzLjY1LTMuMjksMy4xNy02LjEzcy0xLjA4LTUuMTctNS00LjA5Yy0zLjY3LDEtNy41NiwxLjE2LTExLjI2LDIuMDktMi42LjY2LTMuODcuNS00LjQxLTIuNTQtLjU5LTMuMjgsMS4yMy0zLjU1LDMuNTUtMy45LDQuMTEtLjYxLDguMi0xLjQsMTIuMzEtMiwyLjYzLS40LDQuNjUtMS4xMywzLjU5LTQuNDQtLjg1LTIuNjYuMzYtNi44Ni01LjEzLTUuNzItNy44MSwxLjYzLTE1LjY4LDMtMjMuNTgsNC0zLjc4LjQ4LTQuMywyLjE3LTMuNzQsNS4zMXEzLjA0NSwxNy41MDUsNi4wMSwzNC45M1oiLz48cGF0aCBpZD0icGF0aDM4NjEiIGNsYXNzPSJjbHMtNCIgZD0iTTQ2NS4xMzI2NCw1OTYuMDE4NDRhODguNDkwNDksODguNDkwNDksMCwwLDEtOC45MiwzLjA3Yy0yLjUxLjgtNC4zMiwxLjgyLTIuODIsNSwxLjE5LDIuNDYuODcsNi41NSw1LjYyLDQuNjUuODctLjM1LDEuOC0xLjE3LDIuNjUtLjExLjg1LDEuMDYuMjksMi4zMi0uMTMsMy4zMi0xLjIyLDIuODctMy43OCw0LjEtNi42NSw0LjZhNi4yMTg3OCw2LjIxODc4LDAsMCwxLTYuNjctMy4zNywzMi43ODk4LDMyLjc4OTgsMCwwLDEtNC0xMS4yYy0uOTMtNS44Myw0LjYyLTEwLjkzLDkuOTEtOC4zOCw0LjM2LDIuMSw3LjY0LjQyLDExLjM0LS42NiwyLjUzLS43NCwyLjU0LTIuMjUsMS4wOC00LjA5LTMuMzgtNC4yNi04LTUuNjEtMTMuMjQtNS44M2EyMi42Nzk4NSwyMi42Nzk4NSwwLDAsMC0xNSw1LjZjLTUsNC40OC03LDEwLjE2LTUsMTYuNjUsMi41Myw4LjQ5LDQsMTgsMTQuNTYsMjAuOCw4LjEsMi4xMywxNS4yNC0uMzgsMjEtNi4xMiw2LjIzLTYuMjQsNC43Mi0xMy41MSwyLTIwLjkyLTEuMTktMy4xNi0yLjM1LTQuNS01LjczLTMuMDFaIi8+PHBhdGggaWQ9InBhdGgzODYzIiBjbGFzcz0iY2xzLTQiIGQ9Ik01MjcuMTUyNiw1NzcuMTI4NDljLTMuNjYsMi44Ni03LjY0LDUuMzEtMTEuMzEwMDYsOC4xNy0yLDEuNTYtMywxLjA3LTQuMjktLjgxLTEuMjktMS44OC0xLjY5LTMsLjQ2LTQuNDEsMy4zMjk5NS0yLjE5LDYuNTItNC41OSw5Ljc2LTYuOTEsMS4wNjAwNi0uNzYsMi4zNC0xLjM4LDIuMjItMy4yMmExMy41Mzk3MiwxMy41Mzk3MiwwLDAsMC00LjE4OTk0LTUuOGMtMS44Ni0xLjMxLTMuMzAwMDUuNjktNC43NSwxLjY5LTMsMi4wOC02LjE0LDQtOC45NCw2LjM0LTIuMzMsMS45NC0zLC4xNy00LjE1LTEuMjEtMS4zOC0xLjYxLTEuNC0yLjYxLjUzLTMuODcsMy43NS0yLjQ1LDcuMjItNS4zMywxMC45OTk5NC03LjcxLDMuMS0xLjk0LDIuNDM5OTQtMy44Mi42Mi02LjA2LTEuNjEtMi0yLjU5LTUtNi4xNS0yLjMtNi41Miw0Ljg2LTEzLjIyLDkuNDktMTkuODksMTQuMTctMi4xLDEuNDctMi4xOSwyLjkzLS43Miw1LDYuOSw5LjU3LDEzLjcxLDE5LjIsMjAuNTQsMjguODMsMS4yNCwxLjc0LDIuNDUsMi40Myw0LjQ5OTk0Ljk0cTEwLjI2LTcuNSwyMC42ODk5NC0xNC43NWMzLjI3LTIuMjcsMS4yOS00LjE2LS4xMS02LjIxLTEuNC0yLjA1LTIuNzMtNC4zMS01LjgyLTEuODhaIi8+PHBhdGggaWQ9InBhdGgzODY1IiBjbGFzcz0iY2xzLTQiIGQ9Ik0yNjguODUyNjcsNTYwLjg5ODQ1Yy0xLjQtMS0yLjg4LS41My00LjE0LjQ1cS0xNS4xODAwNywxMS44LTMwLjMzLDIzLjY0Yy0xLjMzLDEtMi4zMiwyLjQ3LS40LDMuNTQsMy41NCwyLDYuNzgsNywxMS40OSwxLjcyYTEuNTksMS41OSwwLDAsMSwyLjE4LS40N2MzLjc2LDIuNDYsNy41NSw0Ljg3LDExLjMsNy4zMywxLC42OC42NywxLjc0LjU1LDIuNzItLjUzLDQuMjksMi40NCw5LjEyLDYuNzEsOS4zNSw0LjQ2LjIzLDIuMzYtNC40OCwzLjc2LTYuNjlhMy4wMDEsMy4wMDEsMCwwLDAsLjM0LS45NGMyLjYtMTAuNjUsNS4yLTIxLjMxLDgtMzIuODUtMS4xMi00LjMyLTYuMDctNS4yMi05LjQ2LTcuOFptLTYuNCwyNi43MmMtNy44MS00LjU5LTcuODEtNC41OS0xLjQ3LTkuNjUsMS4yOC0xLDIuNi0yLDQuNDgtMy40NEE1Ni4zMzA2OCw1Ni4zMzA2OCwwLDAsMSwyNjIuNDUyNjQsNTg3LjYxODQyWiIvPjxwYXRoIGlkPSJwYXRoMzg2NyIgY2xhc3M9ImNscy00IiBkPSJNMjU1Ljk0MjYzLDIyMy44Mjg0N2M1LDYuOTQsMTIuNjgsOSwyMC44Miw2LDguNDYtMy4wNiwxNS0xMS4zMiwxNC42Ni0xOC44N2EyMC41NTA0MywyMC41NTA0MywwLDAsMC0xLjI0LTUuMjksMi4xMSwyLjExLDAsMCwwLTIuMTMtMS43M2MtMi45LDAtOC4yMyw1LjE5LTguMjcsOC4zLS4wNSw0LjE5LTIuNzMsNi4yOS02LjA4LDcuNjMtMy4xNywxLjI2LTYsMC03Ljg3LTIuNjNhNzMuMTQzMzQsNzMuMTQzMzQsMCwwLDEtNS45NC05Ljc1Yy0xLjQtMi44Ny0xLjE0LTYsMS40Ny04LjIzczUuODQtMy43NCw5LjU1LTEuNzFjMi42LDEuNDMsOS42MS0xLDExLjEtMy41MywxLTEuNjItLjI4LTIuNTMtMS4wOS0zLjQzYTEzLjg4LDEzLjg4LDAsMCwwLTEwLjgtNC42OGMtMTMuMzguMDUtMjMuODEsMTAuMzUtMjIuNCwyMS42MS44LDYuMzQsNC43MywxMS4zNCw4LjIyLDE2LjMxWiIvPjxwYXRoIGlkPSJwYXRoMzg2OSIgY2xhc3M9ImNscy00IiBkPSJNMzk4LjAxMjY0LDYwMy42MDg0N2MtMy4zOS04LjgyLTUuNzItMTAtMTQuNzktOGEzLjg4MDEsMy44ODAxLDAsMCwwLTMuMjcsMi42M3EtNS43LDE4LjI0LTExLjM2LDM2LjU0Yy0uMzMsMS4wNy0uODEsMi4zMy40NywzLjE3LDIuNzMsMS44LDkuOS0uNzIsMTEuMTMtMy44OS41MS0xLjMyLjUyLTIuOTMsMi43MS0yLjg5LDQsLjA4LDgsMCwxMi0uMTksMS40Mi0uMDYsMi4zLjQ4LDIuNTUsMS43Ni43Nyw0LDMuMTcsNS4xOCw2LjQ4LDQuMzIsNi43Ny0uMTcsNi44LS4xOSw0LjU4LTZxLTUuMjQtMTMuNzYwMS0xMC41LTI3LjQ1Wm0tMTAuNTYsMTguMDdjLTMsMC0zLjQ0LS44NC0yLjU0LTMuMzksMS4wOS0zLjEyLDItNi4zLDMuMjctMTAuMzYsMS4zMywzLjQsMi4zMSw1Ljg1LDMuMjQsOC4zMSwyLjA4LDUuNTcsMi4wMyw1LjM4LTMuOTcsNS40NFoiLz48cGF0aCBpZD0icGF0aDM4NzEiIGNsYXNzPSJjbHMtNCIgZD0iTTQ4NS44OTI2NSwyMjkuMTU4NDZjMi4zNCwxLjI4LDQuNTcsNC42OSw3LjI3LjE4LDMuNTctNiw3LjQ0LTExLjc5LDExLjE2LTE3LjY4LDQuNDgtNy4wOCw0LjYtNy4yOSwxMS44MDAwNS0yLjc2LDMuODI5OTUsMi40Miw0Ljg0LS4xOSw2LjQ0OTk1LTIuNTIsMS43Mi0yLjUsMi40LTQuNDEtMS02LjQxcS0xMi03LjE1LTIzLjU1LTE0LjkyYy0zLjI3LTIuMTgtNC44OS0xLjYtNywxLjY0LTIuMzQsMy41Ny0xLjg2LDUuNDcsMS43Niw3LjM5LDIuMSwxLjExLDQuNDUsMi4xMyw1LjksNC4yMS0uNzQsMS4xOS0xLjM0LDIuMTktMiwzLjE3LTQuNTMsNy4xNi04LjkzLDE0LjQtMTMuNjIsMjEuNDUtMi41MiwzLjg4LjM5LDQuOTEsMi44Myw2LjI1WiIvPjwvZz48ZyBpZD0iTmV3X0FuY2hvciIgZGF0YS1uYW1lPSJOZXcgQW5jaG9yIj48cGF0aCBpZD0icGF0aDM4NzQiIGNsYXNzPSJjbHMtNCIgZD0iTTQ5NS4zNDI2Niw0NDYuODk4NDVjLTIuNTctMTAuNTQtNS4xMS0yMC45Mi03LjY4LTMxLjQyYTMuMiwzLjIsMCwwLDAtNS4zMy0xLjU2bC0yNC43MiwyMy42NmEzLjA2LDMuMDYsMCwwLDAsMS4yNiw1LjE0Yy45Mi4yNiwxLjgyLjUxLDIuNzQuNywyLC40MywxLjgsMS4xLjg3LDIuNTFhNjUuNTg5MjEsNjUuNTg5MjEsMCwwLDEtMjAsMTkuNThsLS4yLjEyYTg2Ljc4MDQxLDg2Ljc4MDQxLDAsMCwxLTIxLjcsNywxNTkuMzUzNjIsMTU5LjM1MzYyLDAsMCwxLTIzLjUzLDIuNzIsMS44NCwxLjg0LDAsMCwxLTEuODk5MjktMS43Nzg3NXEtLjAwMTQ3LS4wNDU2LS4wMDA3My0uMDkxMjV2LTExMC4zOGExLjA4LDEuMDgsMCwwLDEsMS4wOC0xLjA4aDBjMSwwLDIuMjIuMiw1LjE1LjE3LDUuNzYtLjA2LDExLjc2LS4wNiwxNy41NC0uNCwxLjg4LS4xMSwyLjkzLS4wNSw0LjEzLjg1YTEyLjM1LDEyLjM1LDAsMCwwLDE2LjcxLTEuMjksMTIuNTIsMTIuNTIsMCwwLDAsLjExLTE2Ljc2LDEyLjMsMTIuMywwLDAsMC0xNi42Ni0xLjU4LDQuMDcwMDgsNC4wNzAwOCwwLDAsMS0yLjUzLDEuMDhxLTEyLjA4MDEtLjA2LTI0LjE0LDBhMS45MDAwOSwxLjkwMDA5LDAsMCwxLTEuMzktLjM3di0xMi42MmExLjc5OTg3LDEuNzk5ODcsMCwwLDEsLjQyLTEuMTgsNi40MTk2Miw2LjQxOTYyLDAsMCwxLDItMS40MWMxMy02LjYsMTkuNzQtMTcuNDQsMTkuNzUtMzEuODcsMC0yMi44My0yMi4yNy0zOS40NC00NC4yOS0zMy40Ni0xNy40Niw0Ljc0LTI4LjgsMjIuMDgtMjUuNTEsMzkuNzcsMi40MiwxMywxMC4wNywyMi4xLDIyLjUxLDI2LjkyYTYuNTg4OTMsNi41ODg5MywwLDAsMSwxLjMzLjY2LDEuOCwxLjgsMCwwLDEsLjcxLDEuNDd2MTAuMzJhMS43OCwxLjc4LDAsMCwxLTEuNzc5OTEsMS43ODAxMmwtLjAyMDA4LS4wMDAxMmMtOC42NS0uMS0xNy4zMS0uMDYtMjYsMGE1LjUzLDUuNTMsMCwwLDEtMy4zMS0xLjEyLDEyLjI0LDEyLjI0LDAsMCwwLTE2LjYyLDEuNywxMi4zNywxMi4zNywwLDAsMCwxNi43MywxOC4wNyw1LjA4LDUuMDgsMCwwLDEsMy4zLTEuMDhjOC4zOSwwLDE2Ljc5LjEyLDI1LjE4LDBhMy4xOSwzLjE5LDAsMCwxLDIuMTcuNDYsMSwxLDAsMCwxLC4zMS43NnYxMDkuODFhMS44NSwxLjg1LDAsMCwxLTEuODUzODgsMS44NDYxM3EtLjA3MzE1LS4wMDAyLS4xNDYxMi0uMDA2MTFhMTkyLjQ0MzIxLDE5Mi40NDMyMSwwLDAsMS0zMC4yMi01LDkyLjc4ODQ5LDkyLjc4ODQ5LDAsMCwxLTE3LjY4LTYuMjEsMS41NjAzLDEuNTYwMywwLDAsMS0uMjgtLjE2LDY2Ljg3MDMzLDY2Ljg3MDMzLDAsMCwxLTE5LjU0LTIxLjM4LDEuMzgsMS4zOCwwLDAsMSwxLTIuMTZsMi42NS0uNTRhMy4wOCwzLjA4LDAsMCwwLDEuNi01LjA4bC0yMy4yNi0yNS4zNWEzLDMsMCwwLDAtNS4xMywxLjE0Yy0zLjQ0LDEwLjg5LTYuNzksMjEuNTMtMTAuMTksMzIuMzJhMy4zNSwzLjM1LDAsMCwwLDMuOTQsNC4yOGwxLjgtLjQxYTUuMTIsNS4xMiwwLDAsMSw1LjY5LDIuNjRjMTMuMzgsMjYsMzMuNSw0NC44MSw2MC4xMiw1Ni43LDEwLjQsNC42NSwxNC41Miw2LDIzLjUsNy4zN2ExLjc3OTYzLDEuNzc5NjMsMCwwLDEsMSwuNTFsMTMuNjcsMTMuNTVhNC45MSw0LjkxLDAsMCwwLDYuODUsMGwxMy4yOC0xM2ExLjg4MDA5LDEuODgwMDksMCwwLDEsMS4xMi0uNTJjMTMuMy0xLjI1LDE5LjIzLTQuNTQsMzMuNTQtMTEuMDksMjIuMTUtMTAuMTMsMzkuNzQtMjcuNzYsNTEuMDYtNDkuMzIsMS0xLjkyLDEuODgtMi4xNSwzLjU4LTEuNTguNjUuMjIsMS4zMS40MywyLC42M2E0LjEyLDQuMTIsMCwwLDAsNS4yMS00Ljk4Wm0tMTE0LjEtMTMxLjgzYTE3LjcyLDE3LjcyLDAsMCwxLTE3LjA4NjMtMTguMzMxODJxLjAwMjg0LS4wNzkwOS4wMDYyOS0uMTU4MTdjLjQ4LTEwLjQ2LDkuMTgtMTguMTgsMTktMTcuNDMsMTAuMzQuOCwxNy40Niw5LjExLDE2Ljk0LDE4LjY5LS41NiwxMC40Mi05LjEsMTcuOTYtMTguODYsMTcuMjNaIi8+PC9nPjwvZz48L2c+PC9nPjwvZz48ZyBpZD0iQmFja2dyb3VuZF93YXZ5X291dGxpbmUiIGRhdGEtbmFtZT0iQmFja2dyb3VuZCB3YXZ5IG91dGxpbmUiPjxnIGlkPSJwYXRoMzgzOCI+PHBhdGggY2xhc3M9ImNscy01IiBkPSJNNzc3Ljc0NzUxLDM5Ni4zMzY1YzAsMzkuODkwNTUtMjQuNDMxMzYsNzUuNDI5MDctMzYuMDk1MzksMTExLjM4MDA2LTEyLjEwNzQxLDM3LjMwMi0xMy42NTQzNiw4MC4zMjc3NC0zNi4yNTAxMSwxMTEuMzgwMDctMjIuODIyNjEsMzEuMzYxNzEtNjMuNDE0NDQsNDYuMDI2NzktOTQuNzc2MjEsNjguODQ5MzktMzEuMDUyMzQsMjIuNTk1NjktNTcuNDIyNjcsNTYuODAzODYtOTQuNzE0MjgsNjguOTIxNTktMzUuOTkyMjgsMTEuNjg0NjItNzcuMjc1MDctLjExMzQyLTExNy4xNTUzLS4xMTM0MnMtODEuMTYzMDgsMTEuNzk4LTExNy4xNDUuMTEzNDJjLTM3LjMwMi0xMi4xMTc3My02My42NzIyNi00Ni4zMjU4NC05NC43MjQ2LTY4LjkyMTU5LTMxLjM2MTcxLTIyLjgyMjYtNzEuOTUzNi0zNy40ODc2MS05NC43NzYyMS02OC44NDkzOS0yMi41OTU2OS0zMS4wNDItMjQuMTQyNjMtNzQuMDY3NzUtMzYuMjUwMTEtMTExLjM4MDA3QzQ0LjE3NTcxLDQ3MS43MjQyOCwxOS43NjQ5Myw0MzYuMTg1ODIsMTkuNzY0OTMsMzk2LjMzNjVzMjQuNDMxNDItNzUuNDI5MDcsMzYuMDk1MzktMTExLjM4MDA3YzEyLjEwNzQxLTM3LjMwMiwxMy42NTQzNi04MC4zMjc3MywzNi4yNTAxMS0xMTEuMzgwMDcsMjIuODIyNjEtMzEuMzUxNDIsNjMuNDE0NDQtNDYuMDI2NzgsOTQuNzc2MjEtNjguODM5MDcsMzEuMDUyMzQtMjIuNTk1NzIsNTcuNDIyNjEtNTYuODE0MTQsOTQuNzI0Ni02OC45MjE1NywzNS45ODItMTEuNjg0Niw3Ny4yNjQ3NS4xMDMxMywxMTcuMTQ1LjEwMzEzczgxLjE2MzA4LTExLjc4NzczLDExNy4xNDUtLjEwMzEzYzM3LjMwMjA2LDEyLjEwNzQzLDYzLjY3MjI2LDQ2LjMyNTg1LDk0LjcyNDYsNjguOTIxNTcsMzEuMzYxNzcsMjIuODEyMjksNzEuOTUzNiwzNy40ODc2NSw5NC43NzYyMSw2OC44MzkwNywyMi41OTU3NSwzMS4wNTIzNCwyNC4xNDI3LDc0LjA3ODA4LDM2LjI1MDExLDExMS4zODAwN0M3NTMuMzE2MTUsMzIwLjkwNzQzLDc3Ny43NDc1MSwzNTYuNDU2MjYsNzc3Ljc0NzUxLDM5Ni4zMzY1WiIvPjwvZz48L2c+PGcgaWQ9IldhdmVzIj48ZyBjbGFzcz0iY2xzLTYiPjxnIGlkPSJnMzg0NyI+PGcgaWQ9InBhdGgzODQxIj48cGF0aCBjbGFzcz0iY2xzLTQiIGQ9Ik03MDguMDI5MywzNzcuMDI2NTljLTIyLjIxNDg0LDAtMzMuNDkxMjEtNS4zMTU0My00NC4zOTc0Ni0xMC40NTYwNi0xMS4wOTQ3Mi01LjIyOTQ5LTIxLjU3NTE5LTEwLjE2OTQzLTQzLjExODE2LTEwLjE2OTQzLTIxLjU0NDkyLDAtMzIuMDI2MzcsNC45NDA0My00My4xMjQsMTAuMTcwNDEtMTAuOTA2MjUsNS4xNDAxNC0yMi4xODM2LDEwLjQ1NTA4LTQ0LjM5MTYxLDEwLjQ1NTA4LTIyLjIwOSwwLTMzLjQ4MzM5LTUuMzE0OTQtNDQuMzg2NzEtMTAuNDU1MDgtMTEuMDk0NzMtNS4yMzA0Ny0yMS41NzUyLTEwLjE3MDQxLTQzLjExOTE1LTEwLjE3MDQxLTIxLjU0MywwLTMyLjAyMDUsNC45Mzk5NC00My4xMTMyOCwxMC4xNjk0My0xMC45MDMzMiw1LjE0MDYzLTIyLjE3NzczLDEwLjQ1NjA2LTQ0LjM5MjA5LDEwLjQ1NjA2LTIyLjIxNDg0LDAtMzMuNDg5MjUtNS4zMTU0My00NC4zOTI1Ny0xMC40NTYwNkMzMDIuNTAxNDcsMzYxLjM0MSwyOTIuMDI0NDIsMzU2LjQwMTEsMjcwLjQ4MSwzNTYuNDAxMWMtMjEuNTQ0NDMsMC0zMi4wMjYzNiw0Ljk0MDQzLTQzLjEyNCwxMC4xNzA0MS0xMC45MDYyNSw1LjE0MDE0LTIyLjE4MzEsMTAuNDU1MDgtNDQuMzkxNiwxMC40NTUwOHMtMzMuNDgyOTEtNS4zMTQ5NC00NC4zODY3Mi0xMC40NTUwOEMxMjcuNDgzODksMzYxLjM0MSwxMTcuMDA0NCwzNTYuNDAxMSw5NS40NiwzNTYuNDAxMXYtM2MyMi4yMTU4MiwwLDMzLjQ5MjY3LDUuMzE1OTIsNDQuMzk4LDEwLjQ1NywxMS4wOTMyNiw1LjIyOSwyMS41NzA4LDEwLjE2ODQ2LDQzLjEwNzQyLDEwLjE2ODQ2czMyLjAxNzA5LTQuOTM5NDUsNDMuMTEyMy0xMC4xNjg0NmMxMC45MDgyMS01LjE0MTExLDIyLjE4NzUtMTAuNDU3LDQ0LjQwMzMyLTEwLjQ1NywyMi4yMTQ4NSwwLDMzLjQ4OTI2LDUuMzE1NDMsNDQuMzkyNTgsMTAuNDU2MDYsMTEuMDkyNzgsNS4yMjk0OSwyMS41Njk4MywxMC4xNjk0Myw0My4xMTMyOCwxMC4xNjk0MywyMS41NDI0OCwwLDMyLjAyLTQuOTM5OTQsNDMuMTEyOC0xMC4xNjk0MywxMC45MDMzMi01LjE0MDYzLDIyLjE3NzczLTEwLjQ1NjA2LDQ0LjM5MjU3LTEwLjQ1NjA2LDIyLjIxNTgyLDAsMzMuNDkyMTksNS4zMTU5Miw0NC4zOTg0NCwxMC40NTcsMTEuMDkyNzgsNS4yMjksMjEuNTcwMzEsMTAuMTY4NDYsNDMuMTA3NDIsMTAuMTY4NDYsMjEuNTM2MTQsMCwzMi4wMTY2MS00LjkzOTQ1LDQzLjExMjMxLTEwLjE2ODQ2LDEwLjkwODItNS4xNDExMSwyMi4xODc1LTEwLjQ1Nyw0NC40MDMzMi0xMC40NTcsMjIuMjE0ODQsMCwzMy40OTEyMSw1LjMxNTQzLDQ0LjM5NzQ2LDEwLjQ1NjA2LDExLjA5NDczLDUuMjI5NDksMjEuNTc1MiwxMC4xNjk0Myw0My4xMTgxNiwxMC4xNjk0M1oiLz48L2c+PGcgaWQ9InBhdGgzODQzIj48cGF0aCBjbGFzcz0iY2xzLTQiIGQ9Ik03MDguMDI5Myw0MTkuMjc4NTRjLTIyLjQzODQ3LDAtMzMuODE4MzYtNS4zNjQyNi00NC44MjQyMS0xMC41NTE3Ni0xMC45OTAyNC01LjE4MDY2LTIxLjM3MjA4LTEwLjA3NDIxLTQyLjY5MTQxLTEwLjA3NDIxLTIxLjMyMDMxLDAtMzEuNzA0MSw0Ljg5MzU1LTQyLjY5ODI0LDEwLjA3NTE5LTExLjAwNDg5LDUuMTg3NS0yMi4zODU3NSwxMC41NTA3OC00NC44MTczOSwxMC41NTA3OC0yMi40MzI2MSwwLTMzLjgxMDU0LTUuMzYzMjgtNDQuODEzNDctMTAuNTUwNzgtMTAuOTkxMjEtNS4xODE2NC0yMS4zNzIwNy0xMC4wNzUxOS00Mi42OTIzOS0xMC4wNzUxOS0yMS4zMTkzMywwLTMxLjY5ODI0LDQuODkzNTUtNDIuNjg2NTIsMTAuMDc0MjEtMTEuMDAyOTMsNS4xODc1LTIyLjM4MDM3LDEwLjU1MTc2LTQ0LjgxODg1LDEwLjU1MTc2LTIyLjQzOSwwLTMzLjgxNjQtNS4zNjQyNi00NC44MTg4NC0xMC41NTE3Ni0xMC45ODg3Ny01LjE4MDY2LTIxLjM2NzY4LTEwLjA3NDIxLTQyLjY4Ny0xMC4wNzQyMS0yMS4zMjA4LDAtMzEuNzA0MSw0Ljg5MzU1LTQyLjY5Nzc1LDEwLjA3NTE5LTExLjAwNTM3LDUuMTg3NS0yMi4zODU3NCwxMC41NTA3OC00NC44MTc4NywxMC41NTA3OHMtMzMuODEwMDYtNS4zNjMyOC00NC44MTMtMTAuNTUwNzhjLTEwLjk5MDcyLTUuMTgxNjQtMjEuMzcyMDctMTAuMDc1MTktNDIuNjkyMzgtMTAuMDc1MTl2LTVjMjIuNDM5OTQsMCwzMy44MTkzMyw1LjM2NDc0LDQ0LjgyNDcxLDEwLjU1MjczLDEwLjk4ODc2LDUuMTc5NjksMjEuMzY3NjcsMTAuMDczMjQsNDIuNjgwNjYsMTAuMDczMjRzMzEuNjk0ODItNC44OTM1NSw0Mi42ODYtMTAuMDczMjRjMTEuMDA3ODItNS4xODgsMjIuMzg5NjUtMTAuNTUyNzMsNDQuODI5NTktMTAuNTUyNzMsMjIuNDM5LDAsMzMuODE2NDEsNS4zNjQyNSw0NC44MTg4NSwxMC41NTE3NSwxMC45ODg3Nyw1LjE4MDY3LDIxLjM2NzY4LDEwLjA3NDIyLDQyLjY4NywxMC4wNzQyMiwyMS4zMTg4NSwwLDMxLjY5Nzc2LTQuODkzNTUsNDIuNjg2LTEwLjA3NDIyLDExLjAwMjkzLTUuMTg3NSwyMi4zODA4Ni0xMC41NTE3NSw0NC44MTkzMy0xMC41NTE3NSwyMi40Mzk0NiwwLDMzLjgxOTM0LDUuMzY0NzQsNDQuODI0MjIsMTAuNTUyNzMsMTAuOTg5MjYsNS4xNzk2OSwyMS4zNjgxNywxMC4wNzMyNCw0Mi42ODE2NCwxMC4wNzMyNCwyMS4zMTI1LDAsMzEuNjk0MzQtNC44OTM1NSw0Mi42ODU1NS0xMC4wNzMyNCwxMS4wMDc4MS01LjE4OCwyMi4zOTA2My0xMC41NTI3Myw0NC44MzAwOC0xMC41NTI3MywyMi40Mzg0OCwwLDMzLjgxODM2LDUuMzY0MjUsNDQuODI0MjIsMTAuNTUxNzUsMTAuOTkwMjMsNS4xODA2NywyMS4zNzIwNywxMC4wNzQyMiw0Mi42OTE0LDEwLjA3NDIyWiIvPjwvZz48ZyBpZD0icGF0aDM4NDUiPjxwYXRoIGNsYXNzPSJjbHMtNCIgZD0iTTcwOC4wMjkzLDQ2OS43ODA0OWMtMjIuNjYyMTEsMC0zNC4xNDU1LTUuNDEyMS00NS4yNS0xMC42NDY0OC0xMC44ODY3MS01LjEzMTg0LTIxLjE2OTkyLTkuOTc4NTItNDIuMjY1NjItOS45Nzg1Mi0yMS4wOTY2OCwwLTMxLjM4MTg0LDQuODQ3NjYtNDIuMjcxNDksOS45Nzk1LTExLjEwNTQ2LDUuMjMzNC0yMi41ODg4NiwxMC42NDU1LTQ1LjI0NDE0LDEwLjY0NTUtMjIuNjU2MjUsMC0zNC4xMzY3MS01LjQxMjEtNDUuMjQwMjMtMTAuNjQ1NS0xMC44ODU3NC01LjEzMTg0LTIxLjE2ODk1LTkuOTc5NS00Mi4yNjU2My05Ljk3OTUtMjEuMDk1NywwLTMxLjM3Niw0Ljg0NjY4LTQyLjI2MDc0LDkuOTc4NTItMTEuMTAxNTYsNS4yMzQzOC0yMi41ODI1MiwxMC42NDY0OC00NS4yNDQ2MywxMC42NDY0OC0yMi42NjMwOCwwLTM0LjE0MzA2LTUuNDEyMS00NS4yNDU2LTEwLjY0NjQ4LTEwLjg4NDI4LTUuMTMxODQtMjEuMTY0NTUtOS45Nzg1Mi00Mi4yNjAyNi05Ljk3ODUyLTIxLjA5NjY4LDAtMzEuMzgyMzIsNC44NDc2Ni00Mi4yNzE0OCw5Ljk3OTUtMTEuMTA1LDUuMjMzNC0yMi41ODgzOCwxMC42NDU1LTQ1LjI0NDE0LDEwLjY0NTUtMjIuNjU2MjUsMC0zNC4xMzY3Mi01LjQxMjEtNDUuMjM5MjYtMTAuNjQ1NS0xMC44ODY3Mi01LjEzMTg0LTIxLjE2OTQzLTkuOTc5NS00Mi4yNjYxMS05Ljk3OTV2LTdjMjIuNjY0MDYsMCwzNC4xNDY0OCw1LjQxMzA5LDQ1LjI1MSwxMC42NDc0NywxMC44ODQyOCw1LjEzMDg2LDIxLjE2NTUzLDkuOTc3NTMsNDIuMjU0NCw5Ljk3NzUzczMxLjM3MjU2LTQuODQ2NjcsNDIuMjU5NzYtOS45Nzc1M2MxMS4xMDY5NC01LjIzNDM4LDIyLjU5MjI5LTEwLjY0NzQ3LDQ1LjI1NTg2LTEwLjY0NzQ3LDIyLjY2MjYsMCwzNC4xNDMwNyw1LjQxMjExLDQ1LjI0NTYxLDEwLjY0NjQ5LDEwLjg4NDI4LDUuMTMxODQsMjEuMTY1LDkuOTc4NTEsNDIuMjYwMjUsOS45Nzg1MSwyMS4wOTQ3MywwLDMxLjM3NTQ5LTQuODQ2NjcsNDIuMjYwMjYtOS45Nzg1MSwxMS4xMDE1Ni01LjIzNDM4LDIyLjU4Mi0xMC42NDY0OSw0NS4yNDUxMS0xMC42NDY0OSwyMi42NjQwNywwLDM0LjE0NjQ5LDUuNDEzMDksNDUuMjUxLDEwLjY0NzQ3LDEwLjg4NDc3LDUuMTMwODYsMjEuMTY2LDkuOTc3NTMsNDIuMjU0ODgsOS45Nzc1M3MzMS4zNzIwNy00Ljg0NjY3LDQyLjI1OTc3LTkuOTc3NTNjMTEuMTA3NDItNS4yMzQzOCwyMi41OTE4LTEwLjY0NzQ3LDQ1LjI1NTg2LTEwLjY0NzQ3LDIyLjY2MjExLDAsMzQuMTQ1NTEsNS40MTIxMSw0NS4yNSwxMC42NDY0OSwxMC44ODY3Miw1LjEzMTg0LDIxLjE2OTkyLDkuOTc4NTEsNDIuMjY1NjIsOS45Nzg1MVoiLz48L2c+PC9nPjwvZz48L2c+PGcgaWQ9IndRakxzNS50aWYiPjxwYXRoIGNsYXNzPSJjbHMtNyIgZD0iTTY5Ljk3MjkxLDM5Ni4wODE3MkM3MC42NDQ2LDIxMy45NDkxOCwyMTYuMjc5MDYsNzAuNTY3MTcsMzkyLjUxODIsNjcuNTI5MDVjMTg3LjIyODE5LTMuMjI3NTcsMzMyLjgzNCwxNDYuOTM4MTIsMzM0Ljk5NjA4LDMyNC4yMzgsMi4yNTAxNywxODQuNTIyNDQtMTQ2LjE1ODkzLDMzMy4zMzkyMS0zMjguNDExNzgsMzMzLjQzNTYxQzIxNy4yMjMsNzI1LjI5ODg2LDcwLjI5NzMsNTc4LjQ2MDYxLDY5Ljk3MjkxLDM5Ni4wODE3MlptNjI4Ljg1ODU4LjEwNTg4Yy4wODctMTY1LjAyOTE0LTEzMi42ODY0MS0yOTguMDk1OTMtMjk2LjMwODU5LTMwMC4wMjE5NEMyMzMuMTI4NzIsOTQuMTcxNzEsOTguNDU5MzQsMjMwLjYyNzc0LDk4LjY3NDYxLDM5Ni41Njk4QTI5OS43NTk1OCwyOTkuNzU5NTgsMCwwLDAsMzk4Ljg4Mzg2LDY5Ni41NTk2NkM1NjUuNDQwMiw2OTYuNTAzLDY5OS4xMTM0Miw1NjEuNDg3MzgsNjk4LjgzMTQ5LDM5Ni4xODc2WiIvPjxwYXRoIGNsYXNzPSJjbHMtNyIgZD0iTTQxMi41MTY3OCw0MjAuODM1NDRxMCwyNy43NzM1MS4wMDAxMSw1NS41NDdjLjAwMDA5LDQuNTE1NzkuMDQ3ODksNC41MDk4Niw0LjUzNTYxLDQuMzE3MTNhMTY1LjE3MzI5LDE2NS4xNzMyOSwwLDAsMCwyOS40ODctNC4yOTgxYzE2LjAzNTQzLTMuNjM3MiwyNy43MzEzNS0xMy4xOTAxNiwzNi44NC0yNi40MTM2NC44OTktMS4zMDUxOS45NDY0Ny0yLjE3NTgzLS45NDgyLTIuNzI2MzgtNi4zNzU1Ny0xLjg1Mjc2LTYuNzc0ODEtMy41NDYxMi0xLjk1MzQ1LTguMjEwMjlxMTEuNDMxNi0xMS4wNTg4NCwyMi45NjI4NC0yMi4wMTQ3MmMyLjk4MS0yLjg0ODYyLDUuNjg1MTMtMi4yMDY4NCw2LjY3Mjg4LDEuNzI1cTQuMDA3NzYsMTUuOTUyODksNy43OTcsMzEuOTYwNGMuODc4ODIsMy43MDM1My0xLjgzODQ1LDYuMjUyMTgtNS41NzQzOSw1LjQxNzg1YTEyLjE2Nzg2LDEyLjE2Nzg2LDAsMCwxLTEuODI2Ny0uNTQ1OWMtMS44NTIyNC0uNzMzODktMi45ODIzLjAyMDktMy44NzE4OCwxLjY0OTgxYTEzMy44MjczNiwxMzMuODI3MzYsMCwwLDEtMTIuNTc4MjgsMTkuMzE3NGMtOS40OTUyNCwxMS45MzktMjAuNzMzMDcsMjEuODY5MjYtMzQuMjE4LDI5LjAwMzcxLTEwLjExMjYsNS4zNTAyMy0yMC4zNzA5LDEwLjUwMzMtMzEuNTMsMTMuNDYyM2EzNi41NTk1MSwzNi41NTk1MSwwLDAsMS04LjE5OTE0LDEuNDQ1Yy0yLjUwNDYyLjA3OC00LjI2MTY1LDEuMzU3NzUtNS45NDA3NSwzLjAzNTk0LTMuNzc5MjcsMy43NzcxMy03LjYyODcsNy40ODQ1Mi0xMS40Nzc5NSwxMS4xOTA4cS0zLjk1OTM2LDMuODEyMTktNy45MzE1NC0uMDU1ODMtNi40MjM3My02LjI2NzI5LTEyLjc3NjQyLTEyLjYwN2E2Ljc4OCw2Ljc4OCwwLDAsMC0zLjY4MDQ2LTEuOTk0NjVjLTIwLjgwMzYyLTQuMDY0LTM4Ljc3MjM1LTEzLjkyNjMzLTU0Ljk2Mzg2LTI3LjI1MDI1QTEyMi43Mjk2NiwxMjIuNzI5NjYsMCwwLDEsMjkyLjI1Niw0NTMuODI4NjljLTEuNzkyNTItMy40NjctMy43MjQ1Ny00LjMzMjEtNy42Mjk3NS0zLjU2MjM0LTMuODc5Ljc2NDYxLTUuOTE1MjktMS4zODAyMy00Ljc0NjI5LTUuMTQ0NTdxNS4xMDEwOC0xNi40MjU1NiwxMC4zMjE5MS0zMi44MTM4MmMuOTUwNjUtMi45ODc1NiwzLjgwMzQ3LTMuNjExLDUuOTM1MjgtMS4yOTQ1MnExMS45NzY5MywxMy4wMTQ2MywyMy44NzcxMiwyNi4wOTk5M2MyLjE1MDc4LDIuMzU3NjUuOTA3MTgsNS4zODE1Ny0xLjk0ODkyLDUuNjg1NzNhMTYuMDc2MjMsMTYuMDc2MjMsMCwwLDAtMS44NTUxNC40NTM2N2MtMS44ODI0Ny40MzQxOC0yLjAzMDE2LDEuNDE2NzctMS4wOTE1NSwyLjk2NDc5YTY4LjE0NTcxLDY4LjE0NTcxLDAsMCwwLDE5Ljc4NjQ4LDIxLjQzOTY4YzQuMzkzNDQsMi45OTEzNiw5LjY2NjQ3LDQuNDUxMTMsMTQuNzk3NjgsNS44ODY3OGEyMDMuNzg0ODksMjAzLjc4NDg5LDAsMCwwLDM1LjIyNDIsNi40MTkxNWMyLjQ2NjY4LjI0MDUyLDMuMjQ3MjQtLjQzNjI2LDMuMjYxNDItMy4xMjU4My4wMzE1Mi01Ljk4NTUuMDEwMTgtMTEuOTcxMjYuMDEwMTgtMTcuOTU2OTNxLjAwMDA4LTQ2LjkyNzU5LS4wMDAyNC05My44NTUxOWMtLjAwMDA2LTMuNTk3MzMtLjIzNzA1LTMuODUxNTMtMy43MjIzNS0zLjg1NDU0LTcuODk3MjEtLjAwNjc4LTE1Ljc5NS4wNDcyNC0yMy42OTEzNy0uMDMxNzJhMTIuNDI1MTcsMTIuNDI1MTcsMCwwLDAtNi41Mjk4NCwxLjg3OTg5Yy01LjQ3MDc5LDMuMTU4NDItMTAuOTAzNDksMi41MTMtMTUuNjA2Ni0xLjcwMjI4LTMuOTUzNTktMy41NDM2LTUuMDktOS42NDMxLTIuNzg4LTE0Ljk2MzU1LDIuOTU5MjYtNi44MzkyNywxMi4xNDY0MS05LjY0NzY3LDE4LjQxOTI1LTUuNTg5MzhhMTEuMzcxMzUsMTEuMzcxMzUsMCwwLDAsNi41MDYxNiwxLjk0MTQ3YzcuOTc4NTctLjA3ODU3LDE1Ljk1ODQtLjAyMjgsMjMuOTM3NzItLjAzMzE0LDMuMDM2ODMtLjAwMzk1LDMuNDY0NjMtLjQ0MjQyLDMuNDczNjEtMy40NTYyNi4wMDc4My0yLjYzMzY2LS4xMTYzOC01LjI3NDQxLjAzOTc4LTcuODk4OC4xMjAwNy0yLjAxNzE5LS43NDQ0My0zLjAwNjg1LTIuNTE1NDQtMy43NjUyNC03LjI5MjMtMy4xMjI1OC0xMy43Njg4OC03LjM0MjI4LTE4LjAxMzkzLTE0LjMwMjEtMTQuNzg5NjMtMjQuMjQ3OS0uMTkzNDEtNTEuNTY2MzYsMjQuMDQ2NDUtNTYuNDAwNzNhMzcuMTI4NzYsMzcuMTI4NzYsMCwwLDEsNDAuMTc3NTIsMTkuNTc4MDZjOC4xNDMzMywxNi4zNDg1NSw0LjE2MjQ0LDM4Ljk4MDI5LTE1LjcwNDQxLDQ5LjA5MjEyLTIuNzg0LDEuNDE3LTQuMDg5MjcsMy4wOTQtMy43NzE1OCw2LjI5ODA3YTcyLjQ4NjMyLDcyLjQ4NjMyLDAsMCwxLC4wNDE0Miw4Ljg1MjE5Yy0uMDM0NzMsMS40NTA1LjU1NzQzLDIuMDE2LDEuOTYzMTMsMi4wMTI3MSw4LjE0MS0uMDE4OTEsMTYuMjgyMS0uMDA2ODQsMjQuNDIzMTUtLjAxMjg2YTcuMzM3NTIsNy4zMzc1MiwwLDAsMCwzLjkxMzQ1LTEuNjIzMTEsMTIuODgzNDYsMTIuODgzNDYsMCwwLDEsMTYuMDY5LDEuMzQwMDYsMTMuNTI1ODEsMTMuNTI1ODEsMCwwLDEsMi40NTg0OSwxNS44NTg1NCwxMy4yNDg4NiwxMy4yNDg4NiwwLDAsMS0xNC45MjE1LDYuMjc1MzYsMy4zOTkzOSwzLjM5OTM5LDAsMCwxLTEuMzI0NDEtLjUxNzExYy00LjA3NjYtMy40NjUxMi04LjkzODI1LTIuNzYyOTQtMTMuNjcwODYtMi41NDU2MWExNDUuMTgyLDE0NS4xODIsMCwwLDEtMTYuMDEyMDcuMTUxMTNjLTIuMzU4NjktLjE1MjA5LTIuOTMzMTYuNzA2ODUtMi45MjM1NywyLjk2MkM0MTIuNTUxMzMsMzgzLjMyNTE1LDQxMi41MTY4MSw0MDIuMDgwMzcsNDEyLjUxNjc4LDQyMC44MzU0NFpNMzk5LjAxMzM3LDMxMi4wODAzNmM5Ljk5ODgyLjI0MjQ4LDE4LjQxNzA2LTguMTc3ODcsMTguNjYzNzEtMTguNjY4MzdhMTguODcwNzYsMTguODcwNzYsMCwwLDAtMzcuNzI4NDItLjk2MDQ2QzM3OS42MzE1LDMwMy42OTI1OCwzODcuNTA3MiwzMTEuODAxMzUsMzk5LjAxMzM3LDMxMi4wODAzNloiLz48cGF0aCBjbGFzcz0iY2xzLTciIGQ9Ik0yMDkuMDUyOTQsNTM3LjAyNzU4Yy00LjE3MTE1LDIuNjU4MzgtNy43MTUzNyw2LjEwNDc5LTExLjU1MTE0LDkuMTg0ODEtLjYyMDU5LjQ5ODI4LTEuMjM3MzUsMS4wMDU2OC0xLjg5MjQyLDEuNDU1NjdhMi43MjU2OCwyLjcyNTY4LDAsMCwxLTMuMzY1NzcuMDU0NDMsMTYuNDYwMDYsMTYuNDYwMDYsMCwwLDEtNS4xOTY2Ny02LjY5Mzg2Yy0uNjMxNjYtMS42NTQyMi44MTY2NS0yLjc3MjMzLDEuOTgzNDgtMy43MTc4LDUuMzIwNS00LjMxMSwxMC42OTI3NS04LjU1ODIsMTYuMDA0NDgtMTIuODc5ODZxNi4yMDQ1Mi01LjA0ODI1LDEyLjI5NzEtMTAuMjMyOTVjMS42MTYxNC0xLjM4MDY2LDMuMDIyODYtMS41NzE0OSw0LjU0OTQzLjA0NTg0Ljc2MzMyLjgwODcyLDEuNjQzNDksMS41MDU4NCwyLjQzODQ3LDIuMjg2MzIsMi40NTI0NCwyLjQwNzg3LDIuNzQ2LDUuMTE1MjUsMS40NjgzOSw4LjI4My0yLjEzMTQxLDUuMjg0NTUtNC4wNDc2OSwxMC42NTU4Ni02LjE2ODc1LDE2LjI5NDM1LDUuNTYwMjgtLjgsMTAuODI0MDctMS41MDI1NiwxNi4wNjg0NC0yLjMyODQ3YTEwLjM1OCwxMC4zNTgsMCwwLDEsMTAuOTkwMzQsNS40MDYxNWMxLjAyMDIxLDEuOTIzMTUuMzQ2NzcsMy4yODg2Mi0xLjIwNDIxLDQuNTM5MzNxLTEwLjY4OSw4LjYxOTI2LTIxLjMzNDY3LDE3LjI5MjI2Yy0yLjQwOTIzLDEuOTU3NTItNC43NjQ1NiwzLjk4MjU3LTcuMjAzMjIsNS45MDIyMi0yLjgyMDc0LDIuMjIwMzEtMy45MDUyOCwyLjAzNjYyLTYuMDQ0LS43Njg0NS0uNzctMS4wMDk4OS0xLjU4Mzc3LTEuOTkwODQtMi40MzIxNi0yLjkzNi0xLjc5OTQ0LTIuMDA0NTktMS43NDgyMi0zLjUzODIuMzQtNS4yNjE4NywzLjQ5OTUxLTIuODg4NjcsNy4wNDQtNS43MjI4NSwxMC41NTU5NC04LjU5NjU2LjUxMDQ1LS40MTc2NiwxLjQ4MjY0LS43NDM2NSwxLjE0ODEzLTEuNTI5OC0uMjg1NjQtLjY3MTM0LTEuMjQ5MTQtLjU5MjA2LTEuOTQ3LS41NDctMS41ODcxMy4xMDI0Mi0zLjE3MTk0LjI2MjMyLTQuNzUyMTQuNDQ2NDgtNS4yNzIzNS42MTQzOS04LjM5NjY3LTMuMTAzODEtNi44MTE4NC04LjE1MjQxLjc2MDg3LTIuNDIzODksMS41NzQzNy00LjgzMTIzLDIuMzYyNDUtNy4yNDctLjAwMDc2LS4xNzQ4LjAwMDA1LS4zNDg1NS4wMDA4Ni0uNTIyMzdaIi8+PHBhdGggY2xhc3M9ImNscy03IiBkPSJNMTI0LjgzOTQzLDQwMC42MTgyMWE0OS45MzE1LDQ5LjkzMTUsMCwwLDEsOS4yODQyNywzLjk3NDU2YzE2LjM3OTEsOC4zMTUzOCwzMy43Nzc2NiwxMC4xNDE1Nyw1MS43OTcyMSw4LjcxNzY2LDExLjYzNzE4LS45MTk1MSwyMi4zOTI3OC00LjU5NzksMzIuNzU1NDMtOS42OTc2MmExMDAuMzQ3LDEwMC4zNDcsMCwwLDEsNDMuNjQ0MjMtMTAuODE5MDljMTYuMjkzODItLjIwMDUzLDMxLjczODE3LDIuNjUyNTYsNDYuNDA5MjEsOS44OTcyNyw3Ljk2ODc0LDMuOTM1LDE2LjEzMzMsNy41MDQsMjQuOTYyNDgsOS4yMTY1YTExNC44MDcyLDExNC44MDcyLDAsMCwwLDMwLjIyMDI0LDEuNDY3MzcsODMuMDc3NzUsODMuMDc3NzUsMCwwLDAsMTYuNDM3MjgtMi45MDU0OGMxLjIyMTgyLS4zNDExNiwxLjQ4MTE1LS4wMTgzOCwxLjUzOTg4LDEuMTY5NjIuMTkxMzksMy44NzQuMjYzMTMsMy45OTYtMy40MTk2NCw0Ljc2MjMzLTIyLjYzOTc4LDQuNzExMzgtNDQuNzYwOTUsMy44MTc2Mi02Ni4wMTc2Ni02LjI0MTgzLTUuMTAxLTIuNDEzOTItMTAuMTQxMjItNS4wMTg5My0xNS40MTI1NC02Ljk5Mzg1YTc1LjAwOTExLDc1LjAwOTExLDAsMCwwLTE4LjI5MzA5LTQuMjg4NzFjLTEzLjcyNjY0LTEuNDczMTktMjcuMzg1NjEtMS4yMDA5LTQwLjc3MzM4LDIuNjczNC03LjA1NjEzLDIuMDQyLTEzLjY2MDQ0LDUuMjQwMDctMjAuMjY3NjMsOC4zNjQ0YTkyLjY4NTgyLDkyLjY4NTgyLDAsMCwxLTM3LjU1Mjg2LDkuMDQzMTNjLTExLjYxOTkyLjMxODEyLTIzLjA0OTE2LS41MDktMzQuMjAwNDEtMy45NTY4LTYuOTMzNTctMi4xNDM3OS0xMy40MDI3NS01LjQxODYxLTIwLjAyNzYtOC4zMTMwNmExLjUzODM1LDEuNTM4MzUsMCwwLDEtMS4xMDE3MS0xLjYxODU5QzEyNC44ODMyOSw0MDMuNjQzMTgsMTI0LjgzOTQzLDQwMi4yMTI1NiwxMjQuODM5NDMsNDAwLjYxODIxWiIvPjxwYXRoIGNsYXNzPSJjbHMtNyIgZD0iTTQ2NC40OTg3MSwxNjMuOTY5MThjLS4yNjcyMiw2LjA3NTE4LTIuMDcyMTQsMTEuMjcyNDItOC4wOTUyMSwxNC4wMTM0NS0xLjc4NzI2LjgxMzM3LTIuMTEwMzgsMi4wMDEzNi0xLjUyNjcsMy44NDg2NCwxLjI5MDU1LDQuMDg0NTIsMi40Mjg4Miw4LjIxOSwzLjU0NjY5LDEyLjM1NTQ4LjYxMTEsMi4yNjExOC0uMDk1NzQsMy4zMDUwNi0yLjQxOTg1LDMuMTMyNDktNi4zMjI3Mi0uNDY5NTEtOC45MDAzNi0uMzI3NTktMTEuMTAwODQtNy42NjY2LS44NDMxNi0yLjgxMjExLTEuODAyNjctNS41OTY1NC0yLjQ4ODY2LTguNDQ2NjUtLjc1NjgzLTMuMTQ0MjYtMi42NzUxNS0zLjUwODkyLTUuNjM3MjgtMy4zOTY4Mi0xLjAwNzU0LjAzODE1LTEuMTY4NTguODA0ODUtMS4zMzczOCwxLjY2MDk0LS41MzksMi43MzM1LTEuMTE0MjcsNS40NjM0NS0xLjc5OTQ1LDguMTYzMzMtLjU1MDc2LDIuMTcwMTgtMS42MTk4OSw0LjExODYyLTQuMDQ2Nyw0LjUyMjVhOS41MTc3LDkuNTE3NywwLDAsMS03LjU3Ny0yLjEwMDg5Yy0xLjMwNDkzLTEuMDMwNjQtLjcyMzQ3LTIuNjc4ODEtLjQ1Njc3LTQuMDU0NzdxMi44NjI0Mi0xNC43Njc0Myw1LjgwMDg0LTI5LjUyMDExYy41NTQyMS0yLjgwNywxLjA5My01LjYxNzY3LDEuNzA0NjQtOC40MTIyNy4zNDUxLTEuNTc3LDEuMjY0NjUtMi42NTM3NSwzLjAzNjIxLTIuMzE1MDYsOC40MTgwNywxLjYwOTI5LDE3LjA0MDg2LDIuNDk2NjIsMjQuOTMxMjYsNi4xMjgyN0M0NjEuOTI5NzcsMTU0LjEzNTEzLDQ2NC40NzMzNywxNTguNjE0LDQ2NC40OTg3MSwxNjMuOTY5MThabS0yNi40MDkwOC0xLjAxOTQ2Yy0uMTkwMzQsMy4yNzM3NywxLjk5NjY5LDUuODc2MzEsNS41MTI0Miw1LjQxNGExMy40MjQsMTMuNDI0LDAsMCwxLDMuMDU2MDYuMjE0ODNjMi4wNjM1MS4yMDY1MSwzLjk2MS0uMzU4MjYsNC44OTQyNC0yLjUyNjcxYTQuMTIwNTQsNC4xMjA1NCwwLDAsMC0xLjEzNDIxLTUuMTU0NDgsMTAuNzI3MTcsMTAuNzI3MTcsMCwwLDAtNy42OTczMS0yLjYwODU2QzQzOS41NTU3MywxNTguMzU0MDcsNDM4LjA3NTUxLDE1OS44NDAyNSw0MzguMDg5NjMsMTYyLjk0OTcyWiIvPjxwYXRoIGNsYXNzPSJjbHMtNyIgZD0iTTM0Mi4yODMxLDYyMi41MDcxOGMxLjQzNzY4LTUuMzgxOSwyLjg4NjU2LTEwLjc2MDg3LDQuMzA5My0xNi4xNDY3NCwxLjA4MjUtNC4wOTc3NSwyLjIyMDU5LTQuNzUxNDIsNi4zNDczNi0zLjU3NTE0LjYxMy4xNzQ3NCwxLjIyNjc5LjM0NjU3LDEuODQwMTQuNTIsNC4zMzYxMiwxLjIyNiw0Ljg1NDY5LDIuMTUzMzIsMy42MTkyNSw2LjUxLTIuNzU4NjksOS43Mjg0LTUuNTM3NjIsMTkuNDUxLTguMjY4MjgsMjkuMTg3Mi0uNTM2MjksMS45MTIxNS0uODk3MjksMy44NzM3MS0xLjMyOTc4LDUuODE0NThhMi4yODQ2OCwyLjI4NDY4LDAsMCwxLTIuNjg5MjMsMi4wNjE3Yy02LjQ4NTQ5LS40ODEzMy04LjA5NC0xLjQ5NDItOS43ODA2OC03LjA0NzI4LTEuODE4NTEtNS45ODcxLTMuOTk4MzgtMTEuODY0Ny02LjA0MTYzLTE3Ljc4MjgyYTIzLjM3NjgzLDIzLjM3NjgzLDAsMCwwLTEuMTM2Ny0yLjI1MjNjLTEuMzgwMDYsNS4wODQ5LTIuNjgyNzcsOS41MzE3My0zLjc4NTQzLDE0LjAyNzYyLTEuODA2NSw3LjM2NTYxLTIuNDgzNDMsNy4wNjk3Mi04Ljg1OTY1LDUuMjczNS00LjA0ODM2LTEuMTQwNS00LjY2NTktMi4yMDEyLTMuNDg2NzMtNi4zNDQ5LDMuMzExNDUtMTEuNjM2ODgsNi45MzY2OS0yMy4xODksOS41OTgzOC0zNS4wMDI2YTIuNTQ2NjIsMi41NDY2MiwwLDAsMSwzLjAyNi0yLjI3NTY4YzUuNjM1MTQuMzA4OCw3LjczOTksMS44ODkxMiw5LjUxNjQ5LDcuMjM1NjVxMy4yOTQzMSw5LjkxMzgxLDYuNjA0MTgsMTkuODIyNDlaIi8+PHBhdGggY2xhc3M9ImNscy03IiBkPSJNNTc4LjYwMDg0LDUxNi45MTY4YzguMTU5NTkuMjIxNCwxMy43NDI5Miw1LjMwNDQ5LDE0Ljc2MTg5LDEyLjkwNTEyLjU1NzA4LDQuMTU1NDUuNzAxMzIsNC4yMzg2NSw0Ljk3Nyw0LjkzNTEyLDMuMzgxNzUuNTUxLDYuNzQ5LDEuMjAyMywxMC4xMDUyLDEuODk0MjEsMi4zNjkwOS40ODg0LDIuNzQwNDIsMS4zMjEsMS42MzYzMiwzLjQ4ODIxLTIuNTIzMTUsNC45NTI2LTYuMzc2MTUsOC41NTMyOS0xMy4xNDQ2Miw2LjE5Mjg0YTQzLjA4NzE3LDQzLjA4NzE3LDAsMCwwLTcuMDA0MzMtMS40NzE0MSw0LjYwNjgzLDQuNjA2ODMsMCwwLDAtNS4xMzEzOSwzLjU5MDkzYy0uMjgwNDYsMS4xNDEuNjA5MzUsMS4zOTA1NSwxLjE1MDM1LDEuODM0LDIuNDU3MDksMi4wMTQwNiw0Ljk2NDkzLDMuOTY2NjcsNy40NjksNS45MjI3M2EyLjk0MjQyLDIuOTQyNDIsMCwwLDEsLjY3ODgxLDQuNDAzNCwzNS4yNDY0NCwzNS4yNDY0NCwwLDAsMS0zLjMwNzA5LDQuMzU0NjNjLTEuNzU5NCwxLjkwNDA5LTMuMTM1LDEuOTg3NDYtNS4yMjUyMi4zNzAxOS00LjUyNDYxLTMuNTAwNTQtOC45NzU4NS03LjA5NTc0LTEzLjQ4NTItMTAuNjE2MjhRNTY1LjAzODczLDU0OS4yMjIsNTU3LjkzNzIsNTQzLjc5OWMtMy42MzAzNS0yLjc1ODUzLTMuODk5My00LjI2OTg3LTEuMDkyMzUtNy44MjYsMy40OTU2NS00LjQyODY1LDYuOTM3MS04LjkwNjA2LDEwLjU4NzUtMTMuMjA0ODZDNTcwLjQ3MTU0LDUxOS4xODkwOSw1NzQuMjIyMTYsNTE2LjczODQ5LDU3OC42MDA4NCw1MTYuOTE2OFptMy42MjY1LDE2LjE1MTg4Yy4wODY5NC0yLjc4OTQtMy4zNTQyMi01LjE0NzQtNS40MzgxNy0zLjk0NTFhMjAuMTQ2NjQsMjAuMTQ2NjQsMCwwLDAtNi42OTA4OCw2LjMxOTY0Yy0uMzc3NjQuNTYzODItLjYzMjIxLDEuMTY2NzUtLjEzNzA1LDEuNzQ2NDJhMjMuMzQ3LDIzLjM0NywwLDAsMCw1LjMzMTI5LDQuNjgyLjg4MTg0Ljg4MTg0LDAsMCwwLDEuMTAxMTctLjE0NzYyQTIwLjc0OCwyMC43NDgsMCwwLDAsNTgyLjIyNzM0LDUzMy4wNjg2OFoiLz48cGF0aCBjbGFzcz0iY2xzLTciIGQ9Ik0zMzkuMTA2NjgsMTUzLjY0NDMyYy4xMTM2My0yLjc0MjkxLDEuNTk1NTItMy42MTIwNywzLjU3OTY0LTMuOTI5LDUuMDI2ODQtLjgwMzEzLDEwLjA2MzU3LTEuNTQ2NDYsMTUuMDgzNzgtMi4zODg2MSwzLjQ0OS0uNTc4NTgsNi44NjM1NC0xLjM2ODE5LDEwLjMxNzkxLTEuOTA2ODEsMy41OTkwNy0uNTYxMTQsNC4yOTA4My4wMTMyMiw1LjAwMTgyLDMuNjA0NTgsMS4yMDY1OSw2LjA5NDY4Ljk0NDY4LDYuNDMzLTUuMzAwMjEsNy4zNzYxOC00LjAwNzIxLjYwNTE3LTguMDA3MjgsMS4yNjA2NS0xMi4wMDI3MywxLjkzOTM1LTIuMjQ0MjcuMzgxMi0zLjEyMDgxLDEuNTcwNzEtMi44MDcyMiwzLjYzNDMzLjQxNjY2LDIuNzQxODcsMS4xNTksMy40NjExMywzLjczNjQxLDMuMDYxMTMsNC4xNjIxMS0uNjQ1OTIsOC4zMDYxNi0xLjQyMTUxLDEyLjQzOTYzLTIuMjM0ODIsMy41NTg4Ny0uNzAwMyw0LjYzNC0uMTAwODEsNS40Njk5NCwzLjM4MzU2LjE4NDczLjc3LjIzMzU1LDEuNTcxOTIuMzYwMzYsMi4zNTY2NC41MjA2OCwzLjIyMTg3LS4zMTAzNyw0LjQ2NS0zLjQxODA5LDQuOTg5MTgtNC4wMDE2Mi42NzUtNy45OTUyLDEuNDI1NDEtMTIuMDE4NTcsMS45MzU5NS0zLjg5OC40OTQ2My0zLjkwNjQxLDEuOTQ4NjYtMy4xNDQyOSw1LjU4MDIuNDA1OTQsMS45MzQyOSwyLjIzMzM3LDEuNzgzODQsMy43NTkyOCwxLjUyMTM4LDQuNjk5MzEtLjgwODIxLDkuMzg0NjItMS42OTc1MSwxNC4wODEzMy0yLjUyMTM1Ljg1NzQ4LS4xNTA0MiwxLjc0MzI2LS4xMzc3MiwyLjYxNTUxLS4yMDY1NmEyLjQyNjUzLDIuNDI2NTMsMCwwLDEsMS43NTUzNi42MzczMWMuNTc3NzcuNDc1NzMsMi4wMTY1MSw3LjYxMDc3LDEuNjgxMDUsOC4yNDUtLjYzNTYsMS4yMDE1OS0xLjg1MzU2LDEuNDU4NDgtMy4wMTM3OCwxLjY3MDIyLTcuOTcsMS40NTQ2My0xNS45NDczOCwyLjg2ODQxLTIzLjkyMjY0LDQuMjkzNzYtMS4wMTYyLjE4MTU5LTIuMDMxLjM3NDA1LTMuMDUxNjguNTI2ODMtMy4xNTk5NS40NzMtNC4wNTE0My0uMTEtNC41OTctMy4yMjI5My0xLjYzMzc2LTkuMzIyMjYtMy4yMjIzMS0xOC42NTI0NC00LjgyNzI3LTI3Ljk3OTc2QzM0MC4yNjU0MiwxNjAuNDA3OTMsMzM5LjY0OSwxNTYuODA1MjgsMzM5LjEwNjY4LDE1My42NDQzMloiLz48cGF0aCBjbGFzcz0iY2xzLTciIGQ9Ik00OTQuNjY5MTEsNjIyLjI5MjA5Yy4wNjg2NCw2LjIwODc0LTMuMzA3ODcsMTAuNDM3NDQtOC4wMDU0OSwxMy44OTM3My03LjY3Njc2LDUuNjQ4NDMtMTguMTE4LDUuNzU2MjQtMjUuMTQ4NTMuMjkwNjMtMi43NDc2MS0yLjEzNi00LjMxMDM1LTUuMTE4MzUtNS41ODIyMi04LjIwMzUxYTY5LjQwNjEzLDY5LjQwNjEzLDAsMCwxLTMuNzQxOC0xMi41Mzk3OWMtMS4wODI1NS01LjI4NTM3LjUxOTE0LTkuODk0OSw0LjEzMTEtMTMuODQ0NzRhMjMuNjYyNjUsMjMuNjYyNjUsMCwwLDEsMjQuOTYyNjMtNi4wOTcsMTQuMTIzMjQsMTQuMTIzMjQsMCwwLDEsNi44MDUzNiw1LjQyMzc1YzEuMDcxNTMsMS41NTg4LjY5MzYsMi43NjgtMS4wMzU0OCwzLjM2NzYtNC4xMzE0MiwxLjQzMzExLTguMTY5OTQsMi44NjAxNC0xMi43MDIwNi45NTMyNGE3LjQ2NDA2LDcuNDY0MDYsMCwwLDAtMTAuMjQ0MDksNy44NjcwNSwyOC41OTU4MSwyOC41OTU4MSwwLDAsMCw1LjA1ODEsMTMuNzM2NjVjMS44Mjk4OCwyLjU1Miw0LjQ1NDc3LDMuMTY1MzcsOC4xMjc2NiwyLjAzNjE2LDMuMDU2NTgtLjkzOTg2LDUuNTc0MjctMy43ODE2NCw1LjY1ODM4LTYuNDI4OTIuMDQwODctMS4yODYxMy0uNjA4My0xLjk0NjQ3LTEuOTA4MzUtMS43OTQ1OGE4LjgyNjM0LDguODI2MzQsMCwwLDAtMS4zNDE1Ni40NzA1Nyw2LjQwMzkzLDYuNDAzOTMsMCwwLDEtMS44NDQ3LjQ0MTY5Yy0zLjg1MTc3LS4wOTI2MS0yLjk4MTE5LTMuNzQwNjYtNC4xOTI2Ny01Ljc4Nzg3LS44NDU2MS0xLjQyOS0uNjQyNTgtMy4xNTQ2MiwxLjExOC0zLjgzODExLDQuMzU2NDktMS42OTEyOCw4Ljc2ODY3LTMuMjQ5NjIsMTMuMjA3OTEtNC43MTEyNmEyLjY3LDIuNjcsMCwwLDEsMy4zMjA5MiwxLjY5ODgyQTMzLjc3ODI5LDMzLjc3ODI5LDAsMCwxLDQ5NC42NjkxMSw2MjIuMjkyMDlaIi8+PHBhdGggY2xhc3M9ImNscy03IiBkPSJNNTExLjgyLDQ2MS4zMDc1NGExMTMuMTAwMywxMTMuMTAwMywwLDAsMCwxOS41NzAwNywyLjAxMTY2YzE0LjQ3MDcyLjIzODEyLDI4LjMyMi0yLjM0NjQ4LDQxLjQxNzg1LTguNzMxMTMsMTEuMjY1LTUuNDkyMDcsMjIuNzkyNTUtMTAuMjMxNDgsMzUuNDQ3MS0xMS41NDc5LDE5LjE3ODI4LTEuOTk1MDksMzcuODE3LS4zMzUyOSw1NS41MDg0OCw3Ljk0MDQyLDEuMTA5NzcuNTE5MTMsMy4wNDU1MS43NjQ3OSwzLjA1MDQ4LDEuOTMyMTJhMjAuNjI3NDIsMjAuNjI3NDIsMCwwLDEtMS4zMDY4Niw2LjI3MDY5Yy0uMzIzMS45OTU5Mi0xLjE5OTcuMTM1MS0xLjc2MjM5LS4xMDkzNi02LjY5NzQ5LTIuOTA5MzQtMTMuMzU3MzgtNS44NzI1NS0yMC41ODI3Mi03LjM1NS0xMC4zOTI4LTIuMTMyMy0yMC44NTM3Mi0yLjI5MjA4LTMxLjM3OTk0LTEuNTY0MzYtMTIuMDYwMzUuODMzNzItMjMuMTMsNC45MjA3MS0zMy44MTIsMTAuMjQ2NWE5OC40MTE4LDk4LjQxMTgsMCwwLDEtNDguNzk1LDEwLjIyNTE3QTExMi4yMzYsMTEyLjIzNiwwLDAsMSw1MDkuMDYzLDQ2OC4yMjU3Yy0xLjM0Njg1LS4zMDMtMS44MzktLjY3MjUzLS44OTU1NC0xLjk5NzZhMjQuNTQzNjQsMjQuNTQzNjQsMCwwLDAsMS45ODk5My0zLjUzNzdDNTEwLjYzNTg0LDQ2MS43MDU0NCw1MTEuMjM2OTQsNDYxLjEyOTMyLDUxMS44Miw0NjEuMzA3NTRaIi8+PHBhdGggY2xhc3M9ImNscy03IiBkPSJNNTM5LjI5MjI2LDU2Ni42MDA2OWMuMTA0NzEsMS4wODI1Ni0uNjc1OTQsMS44MjA0My0xLjYzNjM4LDIuNDkwMDctMy44NTI4OSwyLjY4NjMzLTcuNzEwMjEsNS4zNjcyMi0xMS41MTk3Nyw4LjExNC0uOTA5ODEuNjU2LTIuMzA2LDEuMTU1NTktMi4wMjM2NywyLjY0OTQ0YTUuNzM0LDUuNzM0LDAsMCwwLDIuNzk4MzEsMy43MDk1Yy44ODIyMS41NTEyNSwxLjc5NTY1LS4xNDU3NSwyLjU5MjMyLS43MjIzMiwzLjY3NTM4LTIuNjU5NjEsNy40MDUxMi01LjI0NTkxLDExLjAzNDQzLTcuOTY2NDlhMi42MTYyOCwyLjYxNjI4LDAsMCwxLDMuOTczNjEuMzEzNzdjLjI3NDkyLjI4ODU3LjU5MTkyLjU0MTY2LjgzOTU5Ljg1MSw0LjIxMTcsNS4yNTksMy40ODc1OCw2LjA4MDM1LS43NTI5NCw4LjgzNjItMi45MzI4NCwxLjkwNjA3LTUuNzQyOSw0LjAwMzczLTguNTc3NzQsNi4wNTczMi0yLjQzNjM5LDEuNzY0ODgtMi41Njk3NiwyLjcxOTEyLS44NDA4OCw1LjA5MzM3LDEuNDM4NTksMS45NzU1OSwyLjQ1NjM5LDIuMTI1MTQsNC44MjU0My40NTIsMy43NzAzMi0yLjY2MjgzLDcuNDQ5MTQtNS40NTU2MiwxMS4yMzAwNS04LjEwMjg5LDIuODg5NjktMi4wMjMyNCwzLjczOTA1LTEuODIwMTQsNS44NTg3OCwxLjAxMDc3LDMuNTUxLDQuNzQyMjUsMy40OTg1MSw1LjI3OC0xLjIwMzQ5LDguNjQxNDZxLTkuNzE2LDYuOTQ5ODEtMTkuNDg0NjUsMTMuODI1ODVjLTIuNTUyMTYsMS44MDA1Ni0zLjUxNDU5LDEuNzE0NS01LjMzNTQ0LS44MjU3OXEtMTAuNzg1MjktMTUuMDQ2MzMtMjEuNDQxMi0zMC4xODUxMWMtMS43OTA3My0yLjU0MzM4LTEuNDcyMDktMy43MTc3OSwxLjA4ODYxLTUuNTQzMjVxMTAuMjA4OTEtNy4yNzc0NSwyMC40MTYxNS0xNC41NTcyM2MyLjQ1MzUyLTEuNzUwNDUsMy44NzIwNS0xLjU5NzYzLDUuNTc1MDkuODg3QzUzNy43MjI4Miw1NjMuMTA5NDQsNTM5LjE5NDc0LDU2NC4zODg2Miw1MzkuMjkyMjYsNTY2LjYwMDY5WiIvPjxwYXRoIGNsYXNzPSJjbHMtNyIgZD0iTTI2OS41ODIzLDYxMi4wNTA2MWMuNTE0NDgtMS43NzIzNy0uMzk1NS0yLjg3OTYxLTIuMDM3MjQtMy44NjUzLTMuMjU5LTEuOTU2NjQtNi40MjM5Mi00LjA3NS05LjU3MjY4LTYuMjA3ODZhMi40MDg2OCwyLjQwODY4LDAsMCwwLTMuMzgwNC4yMjg0MmMtMy40MjM2OSwyLjkxMy00LjY1NjM5LDIuOTI3MjUtOC40MTI1Ni4zOTI1OC0uODU2MDctLjU3NzY4LTEuNjY3NTUtMS4yMjEwNy0yLjUxNzYzLTEuODA4LTIuNjE4NTctMS44MDc4Ni0yLjcyMzkxLTIuNTgxMzMtLjE1MTY3LTQuNTk5MzYsMTAuNDUwODMtOC4xOTkwNiwyMC45NTk4NS0xNi4zMjQsMzEuNDMwMTUtMjQuNDk4NDVhMy45MTE4NSwzLjkxMTg1LDAsMCwxLDUuMjEwNDEtLjE4MTU4YzIuMzg2NjksMS42ODEyMyw1LjI0NDU4LDIuNjExMjYsNy40MTIsNC42NzU2NmE0LjYzMTgzLDQuNjMxODMsMCwwLDEsMS40OTIzOCw0Ljg5OTY4Yy0yLjYyODIzLDEwLjU3NTgzLTUuMTYyNjEsMjEuMTc0OTMtNy43NTU4NywzMS43NTk0Ny0uNTA3NzksMi4wNzI1Mi0xLjMxMjA2LDQuMDQ0NTQtMS40MDc0NSw2LjI0NzMyLS4wOTExOCwyLjEwNTg1LTEuNDc4NzMsMy4wMTAxNi0zLjYxOTI1LDIuNzc3NjVDMjcyLjM2MTU3LDYyMS40NDYsMjY5LjM3OSw2MTcuMTg2NjEsMjY5LjU4MjMsNjEyLjA1MDYxWm02LjE5Mzk0LTI2LjQ4MDUyYy0xLjk3NjQsMS41MDk4MS0zLjU0Mjk0LDIuNjg0MTYtNS4wODU3MiwzLjg4OS01LjcwNjEyLDQuNDU2MzEtNS42MjE4Nyw1LjI2ODMuNjUxOTQsOC45MjIsMS4wNTMzNy42MTM1MiwxLjUxNzM0LjU1NDU5LDEuODYxMS0uNTk5MjRBNTcuOTI3LDU3LjkyNywwLDAsMCwyNzUuNzc2MjQsNTg1LjU3MDA5WiIvPjxwYXRoIGNsYXNzPSJjbHMtNyIgZD0iTTQwNi4wMDE3Niw2MDYuNzQ2NDdjNC4wMzg4NC0uMDIxNTcsNi4yNzMzNCwyLjE1ODc2LDcuNzUyMTMsNS4zMjAzNCwyLjM1NTA5LDUuMDM1LDQuMTM4MzIsMTAuMzAwMjksNi4xMTUzOSwxNS40ODY2OHEzLjc3MDE3LDkuODkwMTUsNy40Nzg0NCwxOS44MDM3OWMxLjA5NzY5LDIuOTQ1NzguNTk1MjUsMy42MDE3NC0yLjYxNDgxLDMuNzYzNjlhMzEuMjExLDMxLjIxMSwwLDAsMC0zLjMxNTQyLjMwNDQ3Yy0zLjMwNDI4LjUyNDI0LTUuMzQ2MjItLjQ1OS02LjE5OTItMy42OTA5LS42Njk1MS0yLjUzNy0yLjExMzE4LTIuOTc2NzItNC4zNTk1My0yLjg1MjU0LTMuNDk1MzguMTkzMjgtNy4wMDIxNi4zMDExNC0xMC41MDE0Ni4yNTI2Mi0xLjc5MzMxLS4wMjQ3OS0yLjk4MTIyLjU3MTM2LTMuMzgwNDEsMi4yODAxMy0uODQyNTQsMy42MDY3MS03LjQ4MjcxLDYuMDcyMTYtMTAuNzYzLDUuMzE0ODktMi4xMzA0My0uNDkxNzktMi4zMzQzMS0yLjAyNDUyLTEuNzM2OTItMy45MTIzcTMuNjMzOTQtMTEuNDgzODIsNy4xODU3LTIyLjk5MzU0YzEuMzkzMjctNC40ODA2OSwyLjgzNTktOC45NDc4MSw0LjEyMzY0LTEzLjQ1ODg5LjgyNDE2LTIuODg3LDIuMjg0OTMtNC43MjE0OSw1LjUyNy01LjAyMDU5QzQwMi45NTYsNjA3LjE5Mjc4LDQwNC42MTAyNCw2MDYuOTExMTEsNDA2LjAwMTc2LDYwNi43NDY0N1ptLS42MTYxLDE0LjMwNDE1Yy0uMjIwNDIuMjMzNjgtLjM3NjUzLjMyNTQxLS40MTgwNy40NTQxNHEtMS4xNzE0MiwzLjYyOTE4LTIuMzE3Nyw3LjI2NjY0Yy0xLjk5NDM1LDYuMzE5NDEtMS41MDE0MSw2Ljg3MDM3LDUuMTU3NzIsNi4xNjY1OCwxLjg2NTA4LS4xOTcwOCwyLjM3MzQ2LS45MzMzLDEuNzE3MTYtMi42Njg0OUM0MDguMTI1NTMsNjI4LjU2OTkzLDQwNi43ODMwNiw2MjQuODQ4OTIsNDA1LjM4NTY2LDYyMS4wNTA2MloiLz48cGF0aCBjbGFzcz0iY2xzLTciIGQ9Ik0yODAuNDExNTMsMTc2LjAwNWExNS4yMDQ2OCwxNS4yMDQ2OCwwLDAsMSwxMi4yNDE0OCw1LjQxMTJjMS4zNTIzMiwxLjU0MjIzLDEuMzI1LDMuMDQ4Ny0uNDEyLDQuMjUyLTMuNTA0OTEsMi40MjgxLTcuMTc5ODcsNC4wMDk4Ni0xMS41OTczNCwyLjE3Nzg3LTMuMzA4NjctMS4zNzIxNi03LjAwNC0uMTI5NDMtOS42NzM1MSwyLjg4MTEtMi4xNDQ1NiwyLjQxODQ4LTIuNDEwMzUsNS4xOTU1My0uNTM3ODcsOC42MjIyMiwxLjYzODY2LDIuOTk4ODUsMy40MzQ0LDUuOTE4NzMsNS4yODg3NSw4Ljc5MDgzLDEuNzIxNTEsMi42NjYzMiwzLjkyMDg4LDQuNjk2MzcsNy40NjU1NSwzLjk4MTYsNC4yMTYxNi0uODUwMTgsNy4xNTQ4Mi0zLjYwMzIsNy42NzQyMS03LjQ0MzkxLjYyMjQyLTQuNjAyNzEsMy40MTY2My03LjM3MzIsNy4zNTExLTkuMjM2MzgsMS44NzgwNi0uODg5MzQsMy4xMTg0NC0uMjI3NDksMy44NTcyNCwxLjc5MDQxLDIuNzM1LDcuNDcwNzEuMjMxMzgsMTMuNjQ4NTgtNC45MzUxNCwxOC45MTAyNS01LjExOTUyLDUuMjEzODEtMTEuMzY3MTMsOC4wNC0xOC45MDAxMiw3LjM0MDEyYTE1LjQ3OCwxNS40NzgsMCwwLDEtMTAuMDY0NTctNC45NDkxMyw0NS41MzYwNiw0NS41MzYwNiwwLDAsMS05LjY3NTU2LTE0Ljk3MDU1Yy0zLjYxNjEtOS41NjQ3OS4yOTIyLTE5LjE2LDkuMzg4NzgtMjQuMTQyODJBMjYuOTA5MzksMjYuOTA5MzksMCwwLDEsMjgwLjQxMTUzLDE3Ni4wMDVaIi8+PHBhdGggY2xhc3M9ImNscy03IiBkPSJNMTMwLjQwODYzLDQ1Mi4zNTY0MWM3Ljk4OTIsMy41MDk4NywxNS4zMzk4Myw3LjIxMTQ3LDIzLjQ1ODYzLDguNzY0NzIsMTkuOTg4NTgsMy44MjQxNywzOS41ODE5LDMuMjEzMzUsNTguNDk5My01LjIzNDg2LDcuMTgyNTgtMy4yMDc2NCwxNC4yMjUzOC02Ljc2ODY3LDIxLjczMTkzLTkuMjA2NTlhOTguNTkxNSw5OC41OTE1LDAsMCwxLDMyLjUzMDMtNC4zNTc0NGMyLjIxNDA3LjA0MDQsNS4wMzg4OS0uODQ1NzksNi40NzUyOS41NDk2MSwxLjIzMjUyLDEuMTk3MzktLjE4ODA2LDQuMDExNDMuNTkxNzgsNi4wODgxOS40NDcwNywxLjE5MDM3LS42MTY2OS45ODE4OS0xLjI3ODU0Ljk2NDQxLTQuMzc3OTQtLjExNTU4LTguNzUxNjUtLjE2OTI1LTEzLjEzNDkyLS4wNzQtMTIuOTAzMi4yODA0OC0yNC45MTU0NCwzLjg1NTUtMzYuNDQ1LDkuNDIyNTgtMTAuMjEwMjQsNC45My0yMC42NTUyMSw5LjE0NDc2LTMyLjA2Nzc4LDEwLjQ0Ny0xOS42NDA2NywyLjI0MTExLTM4Ljc3NTE3LjkyMDU0LTU2LjkyMTM5LTcuNzU0LS42NTQzNS0uMzEyOC0xLjMyOC0uNTE4NTctMS41MTc3NS0xLjM0OTg4QzEzMS43MzE3Miw0NTcuOTkzLDEzMS4xMTI2NCw0NTUuMzc0NTEsMTMwLjQwODYzLDQ1Mi4zNTY0MVoiLz48cGF0aCBjbGFzcz0iY2xzLTciIGQ9Ik0zNTQuMzg5MzcsMzc1LjUzODljLTE2LjExOTcuODE1OC0zMS4yMDUxNS0zLjA2MzEyLTQ1LjU0MTE0LTEwLjI4MjM3LTIzLjUyNDM5LTExLjg0NjMyLTQ3Ljk5NDA1LTEzLjMxNzI2LTczLjEwNjktNi4yMDktNi41Nzk0NywxLjg2MjMyLTEyLjcyMDU1LDUuMDAxMTMtMTguODY5ODYsNy45Njk2OS0xNC40MTI4MSw2Ljk1NzY4LTI5LjY0OTEyLDkuMzMwMjktNDUuNTAyMDcsOC43OTE3YTkyLjI3MTkyLDkyLjI3MTkyLDAsMCwxLTI2LjUxMTY1LTQuMzg5MzljLTUuODA5NjItMS45NTM3My0xMS4yOTQyMi00LjY4MzA4LTE2LjkyNTI4LTcuMDYzODItMS43OTY1My0uNzU5NTMtMS4zMTA1Ni0yLjE1MDMxLS45MTcyNy0zLjE4ODg4LjUzMTY5LTEuNDA0LDEuNDUwNzktLjExNjc1LDIuMDYzNS4xNjY2NSw5LjgyNjQyLDQuNTQ1LDE5LjY4ODA5LDkuMDAxLDMwLjU5NDU0LDEwLjI5MjM5LDE3Ljc5MDgxLDIuMTA2NTUsMzUuMjUwNDQsMS40NTc0MSw1Mi4wMjIzOS01Ljg4MDUyLDguNjU0NTMtMy43ODY0NiwxNy4wNTktOC4yMiwyNi4yMzYwNS0xMC43NDM0NCwxMi4wNjA3OS0zLjMxNjM2LDI0LjMzNDI1LTMuNzA1MTEsMzYuNzQwMzUtMi45MzMyMiwxMy4zNzUyMi44MzIyMiwyNS42MDc3LDUuMzQ0MjcsMzcuNDMyNzQsMTEuMTk3MDhhOTIuNDczOSw5Mi40NzM5LDAsMCwwLDQ1LjI4Niw5LjM0MTU2LDEwOS4wOTgsMTA5LjA5OCwwLDAsMCwyMi40NDQyNC0yLjk4Nzc3Yy42MTI3NC0uMTUyNywxLjc2NDM3LTEuMjA5NCwxLjk4OTI5LjQxOTI3LjE1NjE0LDEuMTMwNTkuMzU3ODIsMi4zMzM1OS0xLjM5NTIzLDIuNzU0MzVhOTUuOTUzMTQsOTUuOTUzMTQsMCwwLDEtMTYuNzIyMjUsMi43MTNDMzYwLjYxMTIsMzc1LjY4OTI0LDM1Ny40OTU4MywzNzUuNTM4OSwzNTQuMzg5MzcsMzc1LjUzODlaIi8+PHBhdGggY2xhc3M9ImNscy03IiBkPSJNNTE1LjE0Mjc0LDQxMi40NjE0YTEyOS42NTMsMTI5LjY1MywwLDAsMCwxOC44MDQsMS4zMDEsOTAuMzU1ODksOTAuMzU1ODksMCwwLDAsNDAuNzkwNjctOS40NTYwOGM5Ljk2NTU4LTQuODYxLDIwLjE4NjM3LTkuMDMzMTMsMzEuMzQ0ODYtMTAuNDUwNzdhMTI2LjUwNjQ4LDEyNi41MDY0OCwwLDAsMSwzMy4zMzMuMTU0MzFjMTEuNTE4LDEuNTgyNjYsMjEuOTEwMTEsNi4zODUwNywzMi4yODcxOCwxMS4yMzQwNy44NzIyOC40MDc2LDEuNDU4ODgsNS4wMzA0MS43MDUsNS42NDYxNC0uNzM5NjcuNjA0MTQtMS4zNDUyNy0uMTM5OS0xLjk0NDM5LS40MTQzNS02LjEzOTYtMi44MTIzNS0xMi4yMjIyNC01Ljc2MTQ0LTE4LjYwOTIyLTcuOTkwMDYtMTEuMTQzNTgtMy44ODgyMi0yMi42ODY4NC00LjU5MjUyLTM0LjM2OTA4LTQuMzMwODRhODguNDg1MDUsODguNDg1MDUsMCwwLDAtMzguNTAwMzMsMTAuMDI2ODMsOTcuNjQzNDEsOTcuNjQzNDEsMCwwLDEtNDYuNzQwMDgsMTAuOTE1MTVjLTQuNjE2MTctLjA4NzItOS4yMzUwOS0uMjc5ODEtMTMuODM1NDctLjc4OTYxYTIuMDYxODYsMi4wNjE4NiwwLDAsMS0yLjEyMTU1LTEuNzk3NzdDNTE2LjAxOTYzLDQxNS4yNzI0Niw1MTUuNjA0NjMsNDE0LjA2NzQyLDUxNS4xNDI3NCw0MTIuNDYxNFoiLz48cGF0aCBjbGFzcz0iY2xzLTciIGQ9Ik01NDIuNTI0MjcsMjAxLjI2MjY5YTkuNzI1LDkuNzI1LDAsMCwxLTEuNTA2NjQtLjQ4MjM4Yy0uODUwMjktLjQyMDk1LTEuNjU0NzQtLjkzMzk1LTIuNDgyNjQtMS40MDA4OS01LjgyOTg5LTMuMjg4MS02LjQ4ODUzLTMuNDQ4MzItOS44Nzc1OSwxLjk2NjY2LTQuMjQxMjIsNi43NzY2Ni04LjU2NywxMy41MDA3Mi0xMi44OTMzMywyMC4yMjM2My0xLjkyNzczLDIuOTk1Ni0zLjA5OTg4LDMuMTg5MjEtNi4wMDQ5NSwxLjIwMjQ3LS45ODAwOS0uNjcwMjctMS45NzA3Ni0xLjMyNy0yLjk3OTQ5LTEuOTUzLTMuMTk0NzgtMS45ODI3Mi0zLjQ1Mjc5LTMuMDYyMzctMS4zODQtNi4zMzE4MSwzLjEzMzA5LTQuOTUxNyw2LjMwOTA5LTkuODc2MzYsOS40MzY4LTE0LjgzMTQ0LDEuOTg5NDEtMy4xNTE3NywzLjgzNjE2LTYuMzk4LDUuOTMzODUtOS40NzQ0Mi42OTUtMS4wMTkyMi40MjI0OS0xLjQ3NTM1LS4yMjM1Mi0yLjE3ODM3LTEuNTQ4LTEuNjg0NzctMy42ODI2Mi0yLjQ0NTYyLTUuNTc5MTktMy41NjUtMy4yMzE1NC0xLjkwNzMyLTMuNzkxMDgtMy42ODQ0Ny0xLjkyMTI5LTYuODE0NjMsMi41MzkzNS00LjI1MTA2LDQuMDY4NDUtNC44MTg0NCw3LjQ5MTEzLTIuNjYwNzVxMTIuNTYwMjYsNy45MTgxNCwyNS4wODI5NSwxNS44OTU3OGMyLjk5MTI1LDEuOTEwMjgsMy4yMjc0LDIuOTUxNjksMS4zODc5LDYuMDUyNTVDNTQ1LjkzOTQxLDE5OC43MDYxLDU0NS4xMzE5MiwyMDAuODUzNDMsNTQyLjUyNDI3LDIwMS4yNjI2OVoiLz48cGF0aCBjbGFzcz0iY2xzLTciIGQ9Ik02NzEuMTcxMywzNjcuNDQyMzhjLTYuNjI5ODUtMi44NjA0LTEyLjk0NTYxLTYuMDY1NzQtMTkuNjY1Mi04LjMyMDY5LTEwLjk1NzM2LTMuNjc2OTMtMjIuMjYxOTEtNC4zNTQyOS0zMy43MDQ3OC00LjE1NjU0LTE0LjM5MDc0LjI0ODY4LTI3Ljc3NjE5LDQuMjE1NDQtNDAuNDkyMzEsMTAuNjg5Ni0xOS43ODIxMywxMC4wNzE3My00MC42Nzc4OSwxMi4wMzI1LTYyLjM0MTMzLDguODQ5MTUtOS41NjQzNy0xLjQwNTQ2LTE4LjM2MzYyLTUuMDEzMjktMjcuMDI2ODQtOS4wNDUyNmExMzMuMDI4LDEzMy4wMjgsMCwwLDAtMTguMzUzNjktNy4zNTAyMWMtMS40NzY5NC0uNDM1OTMtMS40MjAxNC0xLjAxNjA2LTEuMTg3Ny0yLjE3NTg5LjI5NjEzLTEuNDc3NjUsMS4xMjM2Mi0xLjE1MSwyLjA5ODEzLS44NzU2YTEwOC4xMjA3NywxMDguMTIwNzcsMCwwLDEsMTkuMDA2NDEsNy42MDkzMWMyMi4zMjQ4OCwxMS4xOTU0Niw0NS41ODY3NSwxMi41NTgyMyw2OS40OTE1OSw2Ljc0MDE4LDcuNDM4NzktMS44MTA0OSwxNC4zMDUxNC01LjMyNSwyMS4xOTUzNC04LjYxMDQ0YTkyLjY1ODI5LDkyLjY1ODI5LDAsMCwxLDM4LjUyMjYxLTkuMDU3NzJjMTMuNDMzMTYtLjI3MDYyLDI2LjU1MjQ3LDEuMTI2OTQsMzkuMDc3NTIsNi4yOTA0MiwzLjY3NDIsMS41MTQ2Niw3LjIzNTM5LDMuMzA0NzIsMTAuOTE2NzIsNC44MDAwOUM2NzAuODE3LDM2My42ODU1Niw2NzEuNjg1MjgsMzY1LjAwMzcsNjcxLjE3MTMsMzY3LjQ0MjM4WiIvPjxwYXRoIGNsYXNzPSJjbHMtNyIgZD0iTTUwMS44MzY1Niw0MDguOTcwMDZjLS4yOTIzOS4zMzgyNC0uNDAwMi40NTExMy0uNDk0OC41NzQxNy0yLjkwNiwzLjc3ODc3LTYuMDczMzksMi42NTA0OS05LjY5NTUuOTQwNy04Ljc0OC00LjEyOTM0LTE3LjQ1ODQzLTguNDAxNTItMjcuMDU5MzgtMTAuMzgyMjJhMTExLjc5NjgzLDExMS43OTY4MywwLDAsMC0yOS42ODQzNi0xLjcxMSw3My4yMzA4Miw3My4yMzA4MiwwLDAsMC0xNC4xNDI2NywyLjE0MTE2Yy0xLjQ0MS4zNzkyMi0xLjk1MjkyLjA1MTEtMS45NDg0NS0xLjU0ODI1LjAwOTk0LTMuNTM1MjgtLjA5NTI0LTMuNjI5NjEsMy40MTI0Mi00LjIzNywxOC4wNTExMS0zLjEyNTk0LDM1LjkzMi0yLjk1ODQ1LDUzLjQ1NTg2LDMuMDY0LDcuODI1MTIsMi42ODkyOCwxNS4xMDMyNSw2LjY3NjEyLDIyLjc2NDM1LDkuNzYwNDRDNDk5LjU0MDMyLDQwOC4wMTMzNyw1MDAuNjI5NTYsNDA4LjQ3MjEzLDUwMS44MzY1Niw0MDguOTcwMDZaIi8+PHBhdGggY2xhc3M9ImNscy03IiBkPSJNNDQzLjU1MTkxLDQ0OS42MTg1N2E5NS40NTU3LDk1LjQ1NTcsMCwwLDAtMjIuNzUwMzQsMi41Njk3Yy0xLjczMDUyLjQ0NjMxLTEuOTcyMzEtLjE2MDQ2LTEuOTgwNjQtMS42OTMyNS0uMDMwODQtNS42NzctLjA4NzM1LTUuNzQzODYsNS4xNzM3NS02LjU5MDMyLDE1LjQyODc0LTIuNDgyMywzMC43NjgtMi4zMzE4Nyw0NS45OTQzMiwxLjU3NCwyLjU1MzcxLjY1NTA4LDIuODAwMDYsMy4yMjQyNSw0LjQxMjQ0LDQuNjQ4NDcuNTQyODQuNDc5NTUtMi45NTI0MiwzLjQyNzc5LTMuOTc2NTQsMy4xMjQyOGE3Ny43Njg0Miw3Ny43Njg0MiwwLDAsMC0xNi4xMzk0MS0zLjAxOThDNDUwLjcxMzE3LDQ0OS45NTU1Myw0NDcuMTMwMTQsNDQ5LjgxODE3LDQ0My41NTE5MSw0NDkuNjE4NTdaIi8+PHBhdGggY2xhc3M9ImNscy03IiBkPSJNMzQyLjY5MTcsNDYzLjAzNDljNC43NjE4NC0uMDM5MDksOS40NzU1OS40NDEyMiwxNC4yMTMxNC4yNzcxNGE5Ny41NTIyMiw5Ny41NTIyMiwwLDAsMCwyMy4zMDE0OS0zLjMyMzE0YzEuMjQzODYtLjM1MTcxLDEuNjI3MTEtLjMzODc2LDEuNjkwMDUsMS4xMDQ4NC4yNjc3Miw2LjEzODA5LjIzMDU0LDUuODU1NjgtNS42MzM4NSw3LjU4NjQ5LTcuMTkzOTEsMi4xMjMyNC0xNC4wMTA4OC40OTItMjAuODU1MzYtMS4yNzM4M0MzNTEuMDc2NjcsNDY2LjI4OTE0LDM0Ni43MDEsNDY1LjIxNTUyLDM0Mi42OTE3LDQ2My4wMzQ5WiIvPjwvZz48L3N2Zz4=
+  longDescription: Adds certificates and certificate issuers as resource types in
+    Kubernetes clusters, and simplifies the process of obtaining, renewing and using
+    those certificates. It can issue certificates from a variety of supported sources.
+    It will ensure certificates are valid and up to date, and attempt to renew certificates
+    at a configured time before expiry.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: X.509 certificate management for Kubernetes and OpenShift.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-cert-manager
+    for community support.
diff --git a/repo/packages/contour.packages.kadras.io/1.22.0.yml b/repo/packages/contour.packages.kadras.io/1.22.0.yml
deleted file mode 100644
index 9b4ed1c..0000000
--- a/repo/packages/contour.packages.kadras.io/1.22.0.yml
+++ /dev/null
@@ -1,156 +0,0 @@
-apiVersion: data.packaging.carvel.dev/v1alpha1
-kind: Package
-metadata:
-  name: contour.packages.kadras.io.1.22.0
-spec:
-  refName: contour.packages.kadras.io
-  version: 1.22.0
-  releaseNotes: contour 1.22.0 https://github.com/projectcontour/contour/releases/tag/v1.22.0
-  releasedAt: "2022-07-27T00:00:00Z"
-  licenses:
-  - Apache 2.0
-  template:
-    spec:
-      fetch:
-      - imgpkgBundle:
-          image: projects.registry.vmware.com/tce/contour@sha256:b682046e9da9008b2efd729c65265ee960ee7b34a95cf3d079ad5d2efb0ba10c
-      template:
-      - ytt:
-          paths:
-          - config/
-      - kbld:
-          paths:
-          - '-'
-          - .imgpkg/images.yml
-      deploy:
-      - kapp: {}
-  capacityRequirementsDescription: Varies significantly based on number of Services, Ingresses/HTTPProxies, etc. A starting point is 128MB RAM and 0.5 CPU for each Contour and Envoy pod, but this can and should be tuned based on observed usage.
-  valuesSchema:
-    openAPIv3:
-      type: object
-      additionalProperties: false
-      description: OpenAPIv3 Schema for Contour 1.22.0
-      properties:
-        infrastructureProvider:
-          type: string
-          description: The underlying infrastructure provider. Options are aws, azure, docker and vsphere. This field is not required, but enables better validation and defaulting if provided.
-          default: ""
-        namespace:
-          type: string
-          description: The namespace in which to deploy Contour and Envoy.
-          default: projectcontour
-        contour:
-          type: object
-          additionalProperties: false
-          description: Settings for the Contour component.
-          properties:
-            configFileContents:
-              nullable: true
-              description: The YAML contents of the Contour config file. See https://projectcontour.io/docs/v1.22.0/configuration/#configuration-file for more information.
-              default: null
-            replicas:
-              type: integer
-              description: How many Contour pod replicas to have.
-              default: 2
-            useProxyProtocol:
-              type: boolean
-              description: Whether to enable PROXY protocol for all Envoy listeners.
-              default: false
-            logLevel:
-              type: string
-              description: The Contour log level. Valid options are 'info' and 'debug'.
-              default: info
-        envoy:
-          type: object
-          additionalProperties: false
-          description: Settings for the Envoy component.
-          properties:
-            service:
-              type: object
-              additionalProperties: false
-              description: Envoy service settings.
-              properties:
-                type:
-                  type: string
-                  description: The type of Kubernetes service to provision for Envoy. If not specified, will default to 'NodePort' for docker and vsphere and 'LoadBalancer' for others.
-                  default: ""
-                loadBalancerIP:
-                  type: string
-                  description: The desired load balancer IP. If type is not 'LoadBalancer', this field is ignored. It is up to the cloud provider whether to honor this request. If not specified, then load balancer IP will be assigned by the cloud provider.
-                  default: ""
-                externalTrafficPolicy:
-                  type: string
-                  description: The external traffic policy for the Envoy service. If type is 'ClusterIP', this field is ignored. Otherwise, defaults to 'Cluster' for vsphere and 'Local' for others.
-                  default: ""
-                annotations:
-                  nullable: true
-                  description: Annotations to set on the Envoy service.
-                  default: null
-                nodePorts:
-                  type: object
-                  additionalProperties: false
-                  description: NodePort settings for the Envoy service. If type is not 'NodePort', these settings are ignored.
-                  properties:
-                    http:
-                      type: integer
-                      description: If type == NodePort, the node port number to expose Envoy's HTTP listener on. If not specified, a node port will be auto-assigned by Kubernetes.
-                      default: 0
-                    https:
-                      type: integer
-                      description: If type == NodePort, the node port number to expose Envoy's HTTPS listener on. If not specified, a node port will be auto-assigned by Kubernetes.
-                      default: 0
-                aws:
-                  type: object
-                  additionalProperties: false
-                  description: AWS-specific settings for the Envoy service. If infrastructure provider is not 'aws', these settings are ignored.
-                  properties:
-                    loadBalancerType:
-                      type: string
-                      description: The type of AWS load balancer to provision. Options are 'classic' and 'nlb'.
-                      default: classic
-            hostPorts:
-              type: object
-              additionalProperties: false
-              description: Host port settings for the Envoy pods.
-              properties:
-                enable:
-                  type: boolean
-                  description: Whether to enable host ports. If false, http & https are ignored.
-                  default: false
-                http:
-                  type: integer
-                  description: If enable == true, the host port number to expose Envoy's HTTP listener on.
-                  default: 80
-                https:
-                  type: integer
-                  description: If enable == true, the host port number to expose Envoy's HTTPS listener on.
-                  default: 443
-            hostNetwork:
-              type: boolean
-              description: Whether to enable host networking for the Envoy pods.
-              default: false
-            terminationGracePeriodSeconds:
-              type: integer
-              description: The termination grace period, in seconds, for the Envoy pods.
-              default: 300
-            logLevel:
-              type: string
-              description: The Envoy log level.
-              default: info
-        certificates:
-          type: object
-          additionalProperties: false
-          description: Settings for the TLS certificates for securing communication between Contour and Envoy.
-          properties:
-            useCertManager:
-              type: boolean
-              description: Whether to use cert-manager to provision TLS certificates for securing communication between Contour and Envoy. If false, the upstream Contour certgen job will be used to provision certificates. If true, the cert-manager addon must be installed in the cluster.
-              default: false
-            duration:
-              type: string
-              description: If using cert-manager, how long the certificates should be valid for. If useCertManager is false, this field is ignored.
-              default: 8760h
-            renewBefore:
-              type: string
-              description: If using cert-manager, how long before expiration the certificates should be renewed. If useCertManager is false, this field is ignored.
-              default: 360h
diff --git a/repo/packages/contour.packages.kadras.io/1.33.0.yml b/repo/packages/contour.packages.kadras.io/1.33.0.yml
new file mode 100644
index 0000000..f21dff3
--- /dev/null
+++ b/repo/packages/contour.packages.kadras.io/1.33.0.yml
@@ -0,0 +1,226 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: contour.packages.kadras.io.1.33.0
+spec:
+  licenses:
+  - Apache 2.0
+  refName: contour.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-contour/releases
+  releasedAt: "2025-09-15T14:46:26Z"
+  template:
+    spec:
+      deploy:
+      - kapp:
+          rawOptions:
+          - --wait-timeout=5m
+          - --kube-api-qps=25
+          - --kube-api-burst=50
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-contour@sha256:2de76924ca9bda2f1f67cbdfc00433572f9ac482cb35e80ee3c7100d217a06fb
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        certificates:
+          additionalProperties: false
+          description: TLS configuration to secure the communication between Contour
+            and Envoy.
+          properties:
+            duration:
+              default: 8760h
+              description: If using cert-manager, how long the certificates should
+                be valid for. If `useCertManager` is false, this field is ignored.
+              type: string
+            renewBefore:
+              default: 360h
+              description: If using cert-manager, how long before expiration the certificates
+                should be renewed. If `useCertManager` is false, this field is ignored.
+              type: string
+            useCertManager:
+              default: false
+              description: 'Whether to use cert-manager to provision TLS certificates
+                for securing the communication between Contour and Envoy. If `false`,
+                the `contour-certgen` Job will be used to provision certificates.
+                If `true`, cert-manager must be installed in the cluster. See: https://github.com/kadras-io/package-for-cert-manager.'
+              type: boolean
+          type: object
+        contour:
+          additionalProperties: false
+          description: Settings for the Contour component.
+          properties:
+            config:
+              additionalProperties: false
+              description: Configuration for the Contour Deployment.
+              properties:
+                logFormat:
+                  default: text
+                  description: Log output format for Contour. Either `text` (default)
+                    or `json`.
+                  enum:
+                  - json
+                  - text
+                  type: string
+                logLevel:
+                  default: info
+                  description: The Contour log level. Valid options are `info` and
+                    `debug`.
+                  enum:
+                  - info
+                  - debug
+                  type: string
+                useProxyProtocol:
+                  default: false
+                  description: Whether to enable PROXY protocol for all Envoy listeners.
+                  type: boolean
+              type: object
+            configMapData:
+              default: {}
+              description: The YAML contents of the `contour` ConfigMap. See https://projectcontour.io/docs/latest/configuration/#configuration-file
+                for more information.
+              nullable: true
+            replicas:
+              default: 2
+              description: The number of Contour replicas. In order to enable high
+                availability, it should be greater than 1.
+              minimum: 1
+              type: integer
+          type: object
+        envoy:
+          additionalProperties: false
+          description: Settings for the Envoy component.
+          properties:
+            config:
+              additionalProperties: false
+              description: Configuration for the Envoy workload.
+              properties:
+                logLevel:
+                  default: info
+                  description: The Envoy log level.
+                  enum:
+                  - trace
+                  - debug
+                  - info
+                  - warning
+                  - warn
+                  - error
+                  - critical
+                  - "off"
+                  type: string
+              type: object
+            service:
+              additionalProperties: false
+              description: Envoy service settings.
+              properties:
+                annotations:
+                  default: null
+                  description: Annotations to set on the Envoy service.
+                  nullable: true
+                externalTrafficPolicy:
+                  default: Local
+                  description: The external traffic policy for the Envoy service.
+                  enum:
+                  - Cluster
+                  - Local
+                  type: string
+                loadBalancerIP:
+                  default: ""
+                  description: The desired load balancer IP. If `type` is not `LoadBalancer',
+                    this field is ignored. It is up to the cloud provider whether
+                    to honor this request. If not specified, the load balancer IP
+                    will be assigned by the cloud provider.
+                  type: string
+                nodePorts:
+                  additionalProperties: false
+                  description: NodePort settings for the Envoy service. If type is
+                    not `NodePort` or `LoadBalancer`, these settings are ignored.
+                  properties:
+                    http:
+                      default: 0
+                      description: The node port number to expose Envoy's HTTP listener
+                        on. If not specified, a node port will be auto-assigned by
+                        Kubernetes.
+                      type: integer
+                    https:
+                      default: 0
+                      description: The node port number to expose Envoy's HTTPS listener
+                        on. If not specified, a node port will be auto-assigned by
+                        Kubernetes.
+                      type: integer
+                  type: object
+                type:
+                  default: LoadBalancer
+                  description: The type of Kubernetes service to provision for Envoy.
+                  enum:
+                  - NodePort
+                  - ClusterIP
+                  - LoadBalancer
+                  type: string
+              type: object
+            workload:
+              additionalProperties: false
+              description: Envoy workload settings.
+              properties:
+                hostNetwork:
+                  default: false
+                  description: Whether to enable host networking for the Envoy pods.
+                  type: boolean
+                hostPorts:
+                  additionalProperties: false
+                  description: Host port settings for the Envoy pods.
+                  properties:
+                    enabled:
+                      default: true
+                      description: Whether to enable host ports. If false, `http`
+                        & `https` are ignored.
+                      type: boolean
+                    http:
+                      default: 80
+                      description: If enabled, the host port number to expose Envoy's
+                        HTTP listener on.
+                      type: integer
+                    https:
+                      default: 443
+                      description: If enabled, the host port number to expose Envoy's
+                        HTTPS listener on.
+                      type: integer
+                  type: object
+                replicas:
+                  default: 2
+                  description: The number of Envoy replicas to deploy when `type`
+                    is set to `Deployment`.
+                  type: integer
+                terminationGracePeriodSeconds:
+                  default: 300
+                  description: The termination grace period, in seconds, for the Envoy
+                    pods.
+                  minimum: 30
+                  type: integer
+                type:
+                  default: DaemonSet
+                  description: The type of Kubernetes workload that Envoy is deployed
+                    as. Options are `Deployment` or `DaemonSet`. If not specified,
+                    it defaults to `DaemonSet`.
+                  enum:
+                  - Deployment
+                  - DaemonSet
+                  type: string
+              type: object
+          type: object
+        namespace:
+          default: projectcontour
+          description: The namespace in which to deploy Contour and Envoy.
+          minLength: 1
+          type: string
+      type: object
+  version: 1.33.0
diff --git a/repo/packages/contour.packages.kadras.io/metadata.yml b/repo/packages/contour.packages.kadras.io/metadata.yml
index 439fc65..34fcf44 100644
--- a/repo/packages/contour.packages.kadras.io/metadata.yml
+++ b/repo/packages/contour.packages.kadras.io/metadata.yml
@@ -1,19 +1,21 @@
 apiVersion: data.packaging.carvel.dev/v1alpha1
 kind: PackageMetadata
 metadata:
+  creationTimestamp: null
   name: contour.packages.kadras.io
 spec:
+  categories:
+  - ingress
+  - envoy
+  - gateway
   displayName: contour
-  shortDescription: "An ingress controller"
-  longDescription: "An Envoy-based ingress controller that supports dynamic configuration updates and multi-team ingress delegation. See https://projectcontour.io for more information."
-  providerName: VMware
+  iconSVGBase64: PHN2ZyBpZD0iTGF5ZXJfMSIgZGF0YS1uYW1lPSJMYXllciAxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCAzNjAgMzYwIj48ZGVmcz48c3R5bGU+LmNscy0xe2ZpbGw6IzAwOWNkYzt9PC9zdHlsZT48L2RlZnM+PHBhdGggY2xhc3M9ImNscy0xIiBkPSJNMjMzLjQ5MzU0LDEzLjYwNzQyQTE3Mi41NDE2NiwxNzIuNTQxNjYsMCwwLDAsMTg5LjYwMSw1LjQzODE0Yy0xOC4xMDk1OSw5OS44NzYtNjguMDE5MzUsMTY5Ljc2MzQyLTExMS4yOTYzNCwyMTMuNTM4QTQzMC42MDM4OCw0MzAuNjAzODgsMCwwLDEsMjcuOTk3LDI2Mi40ODQzN2ExNzQuMTU5ODMsMTc0LjE1OTgzLDAsMCwwLDEzLjk4MDY2LDIxLjQwNzc1YzI3LjIyMi0xNy4yMzI0Niw1Mi4xNzU4Mi0zNi44MDY1OCw3MS42ODAzLTU1LjM4NTc3QzE2MC4yODkzNiwxODQuMDg3NTgsMjE0LjA3NzQ2LDExMy40OTg1NSwyMzMuNDkzNTQsMTMuNjA3NDJaIi8+PHBhdGggY2xhc3M9ImNscy0xIiBkPSJNMjkxLjg4OTM3LDEyMy45NDY3QTM3Mi41NDI4OSwzNzIuNTQyODksMCwwLDAsMzE1LjI5NjE5LDcwLjAzOSwxNzUuMTA3NzIsMTc1LjEwNzcyLDAsMCwwLDI4NC42NjU3Nyw0MC4zMDMyYy0yMy44NDQxMiw5NC4xNzk4Ny03OS40NDQ1NywxNjIuMTA2MTMtMTI3Ljk3OTI4LDIwNS45MDM1OWE0OTcuNjM2NjIsNDk3LjYzNjYyLDAsMCwxLTg5LjYyNDgyLDY0LjI1NDI5LDE3NC43NzM3MywxNzQuNzczNzMsMCwwLDAsMTQuNzE4NywxMS4zNzIzN0E1MTcuMTc5NDksNTE3LjE3OTQ5LDAsMCwwLDE4OC4yNzg2NSwyNTEuMTM2QzIzMi4xOTIxLDIxMy40MDI2NywyNjcuMDUyMTIsMTcwLjYwOTcxLDI5MS44ODkzNywxMjMuOTQ2N1oiLz48cGF0aCBjbGFzcz0iY2xzLTEiIGQ9Ik0yNzcuMTUwODIsMzQuODk4ODFBMTczLjI0MjA2LDE3My4yNDIwNiwwLDAsMCwyMzguODU1OSwxNS40MjU3MkMyMTkuMDU2MSwxMTYuMzIxLDE2NC42ODA0MiwxODcuNjQ2MjUsMTE3LjUyMzI4LDIzMi41NjUxYTQ2NC4xMzgyNyw0NjQuMTM4MjcsMCwwLDEtNzEuODE3NzcsNTYuMDY4MDYsMTc1LjAzNSwxNzUuMDM1LDAsMCwwLDE0LjYyNDM1LDE1LjcyODI1LDQ4NS4yMjExNyw0ODUuMjIxMTcsMCwwLDAsOTAuNjEzMjYtNjQuNTE4OTVDMTk5LjA2NTQyLDE5Ni40MTY4MiwyNTQuMjY4MjYsMTI4Ljc5ODg3LDI3Ny4xNTA4MiwzNC44OTg4MVoiLz48cGF0aCBjbGFzcz0iY2xzLTEiIGQ9Ik0zMzYuMTM0MDUsMTMzLjIwMDIxYzIuNTE3MzctNC40ODYxMyw0Ljg5Mjc2LTkuMDA2MTcsNy4yMDMtMTMuNTQxMzdBMTczLjI1NTE3LDE3My4yNTUxNywwLDAsMCwzMjMuNjQxNTQsODEuMjQ4MSwzODYuMDQ3MywzODYuMDQ3MywwLDAsMSwzMDIuMDc2NjYsMTI5LjM2OWMtMjUuNTEzNzgsNDcuOTM0ODctNjEuMjcxMyw5MS44NDgzMi0xMDYuMjc3MTEsMTMwLjUyMDgzQTUzMy40ODk2Niw1MzMuNDg5NjYsMCwwLDEsOTMuMTcyLDMyOS4wMzE2MXE3LjA2MTUxLDQuMTAxNiwxNC41MjQ1OCw3LjU0NGE1NTAuMDcyMDUsNTUwLjA3MjA1LDAsMCwwLDExNy45Ni03NC4xNzkyN0MyNzIuNDI3MSwyMjMuOTYzNTgsMzA5LjU5NjMsMTgwLjQ5NTU0LDMzNi4xMzQwNSwxMzMuMjAwMjFaIi8+PHBhdGggY2xhc3M9ImNscy0xIiBkPSJNMTg2LjkzNzg4LDUuMzQwMzZjLTIuMjc3MDctLjA4OTEyLTQuNTU1NDEtLjE3MzkxLTYuODUzOTUtLjE3MzkxLTk1Ljc0NDcsMC0xNzMuNjM5NTksNzcuODk3MDYtMTczLjYzOTU5LDE3My42Mzk2YTE3Mi41MzM5NCwxNzIuNTMzOTQsMCwwLDAsMjAuMjg4MzQsODEuMzMzMjMsNDI3Ljk2NDczLDQyNy45NjQ3MywwLDAsMCw0OS42OTY1MS00My4wMTc5MkMxMTkuMzY5NzMsMTczLjY4Njg4LDE2OC44ODQzOSwxMDQuMzc1MjksMTg2LjkzNzg4LDUuMzQwMzZaIi8+PHBhdGggY2xhc3M9ImNscy0xIiBkPSJNMzQ4Ljc4NjU3LDE0MC4yOTk4N2MtMjcuNDIyNDYsNDguODczMzMtNjUuNzQ5ODUsOTMuNzI0NTMtMTEzLjkxNzgsMTMzLjMwNjQ2QTU3MS4zMjU2Niw1NzEuMzI1NjYsMCwwLDEsMTI2LjExOSwzNDMuODE2NTJhMTcyLjg4MDA3LDE3Mi44ODAwNywwLDAsMCw1My45NjQ4OSw4LjYyOTEzYzk1Ljc0NDM1LDAsMTczLjYzOTYtNzcuODk2ODgsMTczLjYzOTYtMTczLjYzOTZBMTczLjM3NTE4LDE3My4zNzUxOCwwLDAsMCwzNDkuMTkxLDEzOS41NDJDMzQ5LjA1MDg2LDEzOS43OTMyOSwzNDguOTI3NDcsMTQwLjA0ODc1LDM0OC43ODY1NywxNDAuMjk5ODdaIi8+PC9zdmc+
+  longDescription: Kubernetes ingress controller providing the control plane for the
+    Envoy edge and service proxy. Contour supports dynamic configuration updates and
+    multi-team ingress delegation out of the box while maintaining a lightweight profile.
   maintainers:
-    - name: Steve Kriss
-    - name: Nick Young
-    - name: Sunjay Bhatia
-    - name: Nicholas Seemiller
-  categories:
-    - "ingress"
-    - "envoy"
-    - "contour"
-  supportDescription: "Go to https://projectcontour.io for documentation or the #contour channel on Kubernetes slack"
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: High performance ingress controller using Envoy.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-contour
+    for community support.
diff --git a/repo/packages/crossplane.packages.kadras.io/2.0.2.yml b/repo/packages/crossplane.packages.kadras.io/2.0.2.yml
new file mode 100644
index 0000000..2d66683
--- /dev/null
+++ b/repo/packages/crossplane.packages.kadras.io/2.0.2.yml
@@ -0,0 +1,487 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: crossplane.packages.kadras.io.2.0.2
+spec:
+  refName: crossplane.packages.kadras.io
+  releasedAt: "2025-08-14T20:03:47Z"
+  template:
+    spec:
+      deploy:
+      - kapp:
+          intoNs: crossplane-system
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-crossplane@sha256:764e5de98ade05c75454843952d324a9a7aa66c5e27be8930d9e29d144c36bf7
+      template:
+      - helmTemplate:
+          name: crossplane
+          namespace: crossplane-system
+          path: config/helm/upstream/crossplane
+          valuesFrom:
+          - path: config/helm/values.yml
+      - ytt:
+          ignoreUnknownComments: true
+          paths:
+          - '-'
+          - config/carvel
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      properties:
+        affinity:
+          default: {}
+          description: Add `affinities` to the Crossplane pod deployment.
+          type: object
+        args:
+          default: []
+          description: Add custom arguments to the Crossplane pod.
+          items: {}
+          type: array
+        configuration:
+          properties:
+            packages:
+              default: []
+              description: A list of Configuration packages to install.
+              items: {}
+              type: array
+          type: object
+        customAnnotations:
+          default: {}
+          description: Add custom `annotations` to the Crossplane pod deployment.
+          type: object
+        customLabels:
+          default: {}
+          description: Add custom `labels` to the Crossplane pod deployment.
+          type: object
+        deploymentStrategy:
+          default: RollingUpdate
+          description: The deployment strategy for the Crossplane and RBAC Manager
+            pods.
+          type: string
+        dnsPolicy:
+          default: ""
+          description: Specify the `dnsPolicy` to be used by the Crossplane pod.
+          type: string
+        extraEnvVarsCrossplane:
+          default: {}
+          description: Add custom environmental variables to the Crossplane pod deployment
+            application container. Replaces any `.` in a variable name with `_`. For
+            example, `SAMPLE.KEY=value1` becomes `SAMPLE_KEY=value1`.
+          type: object
+        extraEnvVarsCrossplaneInit:
+          default: {}
+          description: Add custom environmental variables to the Crossplane pod deployment
+            init container. Replaces any `.` in a variable name with `_`. For example,
+            `SAMPLE.KEY=value1` becomes `SAMPLE_KEY=value1`.
+          type: object
+        extraEnvVarsRBACManager:
+          default: {}
+          description: Add custom environmental variables to the RBAC Manager pod
+            deployment. Replaces any `.` in a variable name with `_`. For example,
+            `SAMPLE.KEY=value1` becomes `SAMPLE_KEY=value1`.
+          type: object
+        extraObjects:
+          default: []
+          description: To add arbitrary Kubernetes Objects during a Helm Install
+          items: {}
+          type: array
+        extraVolumeMountsCrossplane:
+          default: {}
+          description: Add custom `volumeMounts` to the Crossplane pod.
+          type: object
+        extraVolumesCrossplane:
+          default: {}
+          description: Add custom `volumes` to the Crossplane pod.
+          type: object
+        function:
+          properties:
+            packages:
+              default: []
+              description: A list of Function packages to install
+              items: {}
+              type: array
+          type: object
+        functionCache:
+          properties:
+            medium:
+              default: ""
+              description: Set to `Memory` to hold the function cache in a RAM backed
+                file system. Useful for Crossplane development.
+              type: string
+            pvc:
+              default: ""
+              description: The name of a PersistentVolumeClaim to use as the function
+                cache. Disables the default function cache `emptyDir` Volume.
+              type: string
+            sizeLimit:
+              default: 512Mi
+              description: The size limit for the function cache. If medium is `Memory`
+                the `sizeLimit` can't exceed Node memory.
+              type: string
+          type: object
+        hostNetwork:
+          default: false
+          description: 'Enable `hostNetwork` for the Crossplane deployment. Caution:
+            enabling `hostNetwork` grants the Crossplane Pod access to the host network
+            namespace. Consider setting `dnsPolicy` to `ClusterFirstWithHostNet`.'
+          type: boolean
+        image:
+          properties:
+            ignoreTag:
+              default: false
+              description: Do not use the {{ .image.tag }} value to compute the image
+                uri.
+              type: boolean
+            pullPolicy:
+              default: IfNotPresent
+              description: The image pull policy used for Crossplane and RBAC Manager
+                pods.
+              type: string
+            repository:
+              default: xpkg.crossplane.io/crossplane/crossplane
+              description: Repository for the Crossplane pod image.
+              type: string
+            tag:
+              default: ""
+              description: The Crossplane image tag. Defaults to the value of `appVersion`
+                in `Chart.yaml`.
+              type: string
+          type: object
+        imagePullSecrets:
+          default: []
+          description: The imagePullSecret names to add to the Crossplane ServiceAccount.
+          items: {}
+          type: array
+        leaderElection:
+          default: true
+          description: Enable [leader election](https://docs.crossplane.io/latest/concepts/pods/#leader-election)
+            for the Crossplane pod.
+          type: boolean
+        metrics:
+          properties:
+            enabled:
+              default: false
+              description: Enable Prometheus path, port and scrape annotations and
+                expose port 8080 for both the Crossplane and RBAC Manager pods.
+              type: boolean
+            port:
+              default: ""
+              description: The port the metrics server listens on.
+              type: string
+          type: object
+        nodeSelector:
+          default: {}
+          description: Add `nodeSelectors` to the Crossplane pod deployment.
+          type: object
+        packageCache:
+          properties:
+            configMap:
+              default: ""
+              description: The name of a ConfigMap to use as the package cache. Disables
+                the default package cache `emptyDir` Volume.
+              type: string
+            medium:
+              default: ""
+              description: Set to `Memory` to hold the package cache in a RAM backed
+                file system. Useful for Crossplane development.
+              type: string
+            pvc:
+              default: ""
+              description: The name of a PersistentVolumeClaim to use as the package
+                cache. Disables the default package cache `emptyDir` Volume.
+              type: string
+            sizeLimit:
+              default: 20Mi
+              description: The size limit for the package cache. If medium is `Memory`
+                the `sizeLimit` can't exceed Node memory.
+              type: string
+          type: object
+        podSecurityContextCrossplane:
+          default: {}
+          description: Add a custom `securityContext` to the Crossplane pod.
+          type: object
+        podSecurityContextRBACManager:
+          default: {}
+          description: Add a custom `securityContext` to the RBAC Manager pod.
+          type: object
+        priorityClassName:
+          default: ""
+          description: The PriorityClass name to apply to the Crossplane and RBAC
+            Manager pods.
+          type: string
+        provider:
+          properties:
+            defaultActivations:
+              default: []
+              description: Define entries for the default managed resource activation
+                policy. If defined, a default MRAP will contain these activations.
+              items:
+                default: '*'
+                type: string
+              type: array
+            packages:
+              default: []
+              description: A list of Provider packages to install.
+              items: {}
+              type: array
+          type: object
+        rbacManager:
+          properties:
+            affinity:
+              default: {}
+              description: Add `affinities` to the RBAC Manager pod deployment.
+              type: object
+            args:
+              default: []
+              description: Add custom arguments to the RBAC Manager pod.
+              items: {}
+              type: array
+            deploy:
+              default: true
+              description: Deploy the RBAC Manager pod and its required roles.
+              type: boolean
+            leaderElection:
+              default: true
+              description: Enable [leader election](https://docs.crossplane.io/latest/concepts/pods/#leader-election)
+                for the RBAC Manager pod.
+              type: boolean
+            nodeSelector:
+              default: {}
+              description: Add `nodeSelectors` to the RBAC Manager pod deployment.
+              type: object
+            replicas:
+              default: 1
+              description: The number of RBAC Manager pod `replicas` to deploy.
+              type: integer
+            revisionHistoryLimit:
+              description: The number of RBAC Manager ReplicaSets to retain.
+              oneOf:
+              - default: null
+                nullable: true
+                type: integer
+              - default: null
+                nullable: true
+                type: number
+              - default: null
+                nullable: true
+                type: boolean
+              - default: null
+                nullable: true
+                type: string
+              - default: null
+                nullable: true
+                type: object
+              - default: null
+                items: {}
+                nullable: true
+                type: array
+            skipAggregatedClusterRoles:
+              default: false
+              description: Don't install aggregated Crossplane ClusterRoles.
+              type: boolean
+            tolerations:
+              default: []
+              description: Add `tolerations` to the RBAC Manager pod deployment.
+              items: {}
+              type: array
+            topologySpreadConstraints:
+              default: []
+              description: Add `topologySpreadConstraints` to the RBAC Manager pod
+                deployment.
+              items: {}
+              type: array
+          type: object
+        readiness:
+          properties:
+            port:
+              default: ""
+              description: The port the readyz server listens on.
+              type: string
+          type: object
+        registryCaBundleConfig:
+          properties:
+            key:
+              default: ""
+              description: The ConfigMap key containing a custom CA bundle to enable
+                fetching packages from registries with unknown or untrusted certificates.
+              type: string
+            name:
+              default: ""
+              description: The ConfigMap name containing a custom CA bundle to enable
+                fetching packages from registries with unknown or untrusted certificates.
+              type: string
+          type: object
+        replicas:
+          default: 1
+          description: helm-docs renders these comments into markdown. Use markdown
+            formatting where appropiate. -- The number of Crossplane pod `replicas`
+            to deploy.
+          type: integer
+        resourcesCrossplane:
+          properties:
+            limits:
+              properties:
+                cpu:
+                  default: 500m
+                  description: CPU resource limits for the Crossplane pod.
+                  type: string
+                memory:
+                  default: 1024Mi
+                  description: Memory resource limits for the Crossplane pod.
+                  type: string
+              type: object
+            requests:
+              properties:
+                cpu:
+                  default: 100m
+                  description: CPU resource requests for the Crossplane pod.
+                  type: string
+                memory:
+                  default: 256Mi
+                  description: Memory resource requests for the Crossplane pod.
+                  type: string
+              type: object
+          type: object
+        resourcesRBACManager:
+          properties:
+            limits:
+              properties:
+                cpu:
+                  default: 100m
+                  description: CPU resource limits for the RBAC Manager pod.
+                  type: string
+                memory:
+                  default: 512Mi
+                  description: Memory resource limits for the RBAC Manager pod.
+                  type: string
+              type: object
+            requests:
+              properties:
+                cpu:
+                  default: 100m
+                  description: CPU resource requests for the RBAC Manager pod.
+                  type: string
+                memory:
+                  default: 256Mi
+                  description: Memory resource requests for the RBAC Manager pod.
+                  type: string
+              type: object
+          type: object
+        revisionHistoryLimit:
+          description: The number of Crossplane ReplicaSets to retain.
+          oneOf:
+          - default: null
+            nullable: true
+            type: integer
+          - default: null
+            nullable: true
+            type: number
+          - default: null
+            nullable: true
+            type: boolean
+          - default: null
+            nullable: true
+            type: string
+          - default: null
+            nullable: true
+            type: object
+          - default: null
+            items: {}
+            nullable: true
+            type: array
+        runtimeClassName:
+          default: ""
+          description: The runtimeClassName name to apply to the Crossplane and RBAC
+            Manager pods.
+          type: string
+        securityContextCrossplane:
+          properties:
+            allowPrivilegeEscalation:
+              default: false
+              description: Enable `allowPrivilegeEscalation` for the Crossplane pod.
+              type: boolean
+            readOnlyRootFilesystem:
+              default: true
+              description: Set the Crossplane pod root file system as read-only.
+              type: boolean
+            runAsGroup:
+              default: 65532
+              description: The group ID used by the Crossplane pod.
+              type: integer
+            runAsUser:
+              default: 65532
+              description: The user ID used by the Crossplane pod.
+              type: integer
+          type: object
+        securityContextRBACManager:
+          properties:
+            allowPrivilegeEscalation:
+              default: false
+              description: Enable `allowPrivilegeEscalation` for the RBAC Manager
+                pod.
+              type: boolean
+            readOnlyRootFilesystem:
+              default: true
+              description: Set the RBAC Manager pod root file system as read-only.
+              type: boolean
+            runAsGroup:
+              default: 65532
+              description: The group ID used by the RBAC Manager pod.
+              type: integer
+            runAsUser:
+              default: 65532
+              description: The user ID used by the RBAC Manager pod.
+              type: integer
+          type: object
+        service:
+          properties:
+            customAnnotations:
+              default: {}
+              description: Configure annotations on the service object. Only enabled
+                when webhooks.enabled = true
+              type: object
+          type: object
+        serviceAccount:
+          properties:
+            create:
+              default: true
+              description: Specifies whether Crossplane ServiceAccount should be created
+              type: boolean
+            customAnnotations:
+              default: {}
+              description: Add custom `annotations` to the Crossplane ServiceAccount.
+              type: object
+            name:
+              default: ""
+              description: Provide the name of an already created Crossplane ServiceAccount.
+                Required when `serviceAccount.create` is `false`
+              type: string
+          type: object
+        tolerations:
+          default: []
+          description: Add `tolerations` to the Crossplane pod deployment.
+          items: {}
+          type: array
+        topologySpreadConstraints:
+          default: []
+          description: Add `topologySpreadConstraints` to the Crossplane pod deployment.
+          items: {}
+          type: array
+        webhooks:
+          properties:
+            enabled:
+              default: true
+              description: Enable webhooks for Crossplane and installed Provider packages.
+              type: boolean
+            port:
+              default: ""
+              description: The port the webhook server listens on.
+              type: string
+          type: object
+      type: object
+  version: 2.0.2
diff --git a/repo/packages/crossplane.packages.kadras.io/metadata.yml b/repo/packages/crossplane.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..93fe9b9
--- /dev/null
+++ b/repo/packages/crossplane.packages.kadras.io/metadata.yml
@@ -0,0 +1,19 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: crossplane.packages.kadras.io
+spec:
+  categories:
+  - control plane
+  displayName: crossplane
+  iconSVGBase64: PHN2ZyBpZD0iTGF5ZXJfMSIgZGF0YS1uYW1lPSJMYXllciAxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIiB2aWV3Qm94PSIwIDAgOTAwIDkwMCI+PGRlZnM+PHN0eWxlPi5jbHMtMXtmaWxsOm5vbmU7fS5jbHMtMntjbGlwLXBhdGg6dXJsKCNjbGlwLXBhdGgpO30uY2xzLTN7ZmlsbDojZjdkMTg2O30uY2xzLTR7Y2xpcC1wYXRoOnVybCgjY2xpcC1wYXRoLTIpO30uY2xzLTV7aXNvbGF0aW9uOmlzb2xhdGU7fS5jbHMtNntjbGlwLXBhdGg6dXJsKCNjbGlwLXBhdGgtMyk7fS5jbHMtN3tjbGlwLXBhdGg6dXJsKCNjbGlwLXBhdGgtNCk7fS5jbHMtOHtjbGlwLXBhdGg6dXJsKCNjbGlwLXBhdGgtNSk7fS5jbHMtOXtmaWxsOiNmZmNkM2M7fS5jbHMtMTB7Y2xpcC1wYXRoOnVybCgjY2xpcC1wYXRoLTcpO30uY2xzLTExe2NsaXAtcGF0aDp1cmwoI2NsaXAtcGF0aC04KTt9LmNscy0xMntmaWxsOiNmMzgwN2I7fS5jbHMtMTN7Y2xpcC1wYXRoOnVybCgjY2xpcC1wYXRoLTExKTt9LmNscy0xNHtjbGlwLXBhdGg6dXJsKCNjbGlwLXBhdGgtMTIpO30uY2xzLTE1e2ZpbGw6IzM1ZDBiYTt9LmNscy0xNntjbGlwLXBhdGg6dXJsKCNjbGlwLXBhdGgtMTQpO30uY2xzLTE3e2ZpbGw6I2Q4YWU2NDt9PC9zdHlsZT48Y2xpcFBhdGggaWQ9ImNsaXAtcGF0aCI+PHBhdGggY2xhc3M9ImNscy0xIiBkPSJNNDQ3LjczLDMwOS43OGE0Ni43NTk4MSw0Ni43NTk4MSwwLDAsMC00Ni43Niw0Ni43NlY3OTYuNThhNDYuNzYsNDYuNzYsMCwwLDAsOTMuNTIsMFYzNTYuNTVhNDYuNzU1NTUsNDYuNzU1NTUsMCwwLDAtNDYuNzYtNDYuNzciLz48L2NsaXBQYXRoPjxjbGlwUGF0aCBpZD0iY2xpcC1wYXRoLTIiPjxwYXRoIGNsYXNzPSJjbHMtMSIgZD0iTTI2My42MiwyMzQuNTRxLS4xOTUsNC4zMDUtLjIsOC42OGMwLDMuMTkuMDcsNi4zNS4yNCw5LjUtLjA3LDEuNTUtLjI0LDMuMDgtLjI0LDQuNjZWNTYzLjU2YzAsNTguNTUsNDcuOTEsMTA2LjQ2LDEwNi40NiwxMDYuNDZINTMwLjFjNTguNTYsMCwxMDYuNDYtNDcuOTEsMTA2LjQ2LTEwNi40NlYyNTcuMzdjMC0xLjc4LS4xOC0zLjUxLS4yOC01LjI2LjE0LTIuOTUuMjItNS45Mi4yMi04Ljg5LDAtMi45Mi0uMDctNS44LS4yLTguNjhDNjMxLjgsMTM1LjUzLDU1MC4xLDU2LjY2LDQ0OS45OCw1Ni42NiwzNDkuODUsNTYuNjYsMjY4LjE0LDEzNS41MywyNjMuNjIsMjM0LjU0WiIvPjwvY2xpcFBhdGg+PGNsaXBQYXRoIGlkPSJjbGlwLXBhdGgtMyI+PHJlY3QgY2xhc3M9ImNscy0xIiB4PSIxNDIuMzIwMDEiIHk9Ijk3LjA1IiB3aWR0aD0iNjA2LjEwOTk5IiBoZWlnaHQ9IjYwNi4xMDk5NyIvPjwvY2xpcFBhdGg+PGNsaXBQYXRoIGlkPSJjbGlwLXBhdGgtNCI+PHJlY3QgY2xhc3M9ImNscy0xIiB4PSIxMjEuNDUxNjciIHk9IjMwNS42OTEyIiB3aWR0aD0iNjU0LjM3MzcyIiBoZWlnaHQ9IjE5NS41MTgxNCIgdHJhbnNmb3JtPSJ0cmFuc2xhdGUoLTE1My44NzkyNCA0MzUuNDAzMikgcm90YXRlKC00NSkiLz48L2NsaXBQYXRoPjxjbGlwUGF0aCBpZD0iY2xpcC1wYXRoLTUiPjxyZWN0IGNsYXNzPSJjbHMtMSIgeD0iMjYwLjkxIiB5PSI1MC45Mjk5NyIgd2lkdGg9IjM4Mi4xMTAwMiIgaGVpZ2h0PSI2MTkuMjg5OTciLz48L2NsaXBQYXRoPjxjbGlwUGF0aCBpZD0iY2xpcC1wYXRoLTciPjxyZWN0IGNsYXNzPSJjbHMtMSIgeD0iLTIyLjM4IiB5PSItNjcuNjYiIHdpZHRoPSI2MzkuMDQ5OTgiIGhlaWdodD0iNjM5LjA1MDAyIi8+PC9jbGlwUGF0aD48Y2xpcFBhdGggaWQ9ImNsaXAtcGF0aC04Ij48cmVjdCBjbGFzcz0iY2xzLTEiIHg9Ii0zMi45NTA0NCIgeT0iMTI4LjM4NDMiIHdpZHRoPSI2NTQuMzgzNyIgaGVpZ2h0PSIyNDEuMTc3NjciIHRyYW5zZm9ybT0idHJhbnNsYXRlKC04OS44NjkyOCAyODAuOTgyNjQpIHJvdGF0ZSgtNDUpIi8+PC9jbGlwUGF0aD48Y2xpcFBhdGggaWQ9ImNsaXAtcGF0aC0xMSI+PHJlY3QgY2xhc3M9ImNscy0xIiB4PSIyODAuNjcwMDEiIHk9IjIzNS4zOTk5OSIgd2lkdGg9IjYwNi4xMTAwMiIgaGVpZ2h0PSI2MDYuMTEwMDIiLz48L2NsaXBQYXRoPjxjbGlwUGF0aCBpZD0iY2xpcC1wYXRoLTEyIj48cmVjdCBjbGFzcz0iY2xzLTEiIHg9IjI1OC43NzkwMSIgeT0iNDQzLjc5MTAxIiB3aWR0aD0iNjU0LjM5MTk3IiBoZWlnaHQ9IjE5My44MTc5OCIgdHJhbnNmb3JtPSJ0cmFuc2xhdGUoLTIxMC43MDQxOCA1NzIuNzIyOTMpIHJvdGF0ZSgtNDUuMDAwNjIpIi8+PC9jbGlwUGF0aD48Y2xpcFBhdGggaWQ9ImNsaXAtcGF0aC0xNCI+PHBvbHlnb24gY2xhc3M9ImNscy0xIiBwb2ludHM9IjQxMi45NiA2NzAuMDEgNDk0LjUgNzUyLjkgNDk0LjUgNjcwLjAxIDQxMi45NiA2NzAuMDEiLz48L2NsaXBQYXRoPjwvZGVmcz48ZyBjbGFzcz0iY2xzLTIiPjxyZWN0IGNsYXNzPSJjbHMtMyIgeD0iMzY4LjAzIiB5PSIyNzYuODQiIHdpZHRoPSIxNTkuNDEiIGhlaWdodD0iNTk5LjQ0MDAzIi8+PC9nPjxnIGNsYXNzPSJjbHMtNCI+PGcgY2xhc3M9ImNscy01Ij48ZyBjbGFzcz0iY2xzLTYiPjxnIGNsYXNzPSJjbHMtNyI+PGcgY2xhc3M9ImNscy04Ij48cmVjdCBjbGFzcz0iY2xzLTkiIHg9IjExNS42NSIgeT0iNzAuMzY5OTciIHdpZHRoPSI2NjUuNjYiIGhlaWdodD0iNjY1LjY1OTk3Ii8+PC9nPjwvZz48L2c+PC9nPjwvZz48ZyBjbGFzcz0iY2xzLTQiPjxnIGNsYXNzPSJjbHMtNSI+PGcgY2xhc3M9ImNscy0xMCI+PGcgY2xhc3M9ImNscy0xMSI+PGcgY2xhc3M9ImNscy04Ij48cmVjdCBjbGFzcz0iY2xzLTEyIiB4PSItNTUuMzI5OTkiIHk9Ii0xMDAuNjAwMDEiIHdpZHRoPSI2OTkuMTQiIGhlaWdodD0iNjk5LjE0MDA0Ii8+PC9nPjwvZz48L2c+PC9nPjwvZz48ZyBjbGFzcz0iY2xzLTQiPjxnIGNsYXNzPSJjbHMtNSI+PGcgY2xhc3M9ImNscy0xMyI+PGcgY2xhc3M9ImNscy0xNCI+PGcgY2xhc3M9ImNscy04Ij48cmVjdCBjbGFzcz0iY2xzLTE1IiB4PSIyNTMuMTQiIHk9IjIwNy44NyIgd2lkdGg9IjY2NS42NTk5OSIgaGVpZ2h0PSI2NjUuNjU5OTciLz48L2c+PC9nPjwvZz48L2c+PC9nPjxnIGNsYXNzPSJjbHMtMTYiPjxyZWN0IGNsYXNzPSJjbHMtMTciIHg9IjM4MC42OSIgeT0iNjM2LjkwOTk3IiB3aWR0aD0iMTQ3LjAyOTk3IiBoZWlnaHQ9IjE0Ny42Njk5OCIvPjwvZz48L3N2Zz4=
+  longDescription: Crossplane is an open source Kubernetes extension that transforms
+    your Kubernetes cluster into a universal control plane. Crossplane lets you manage
+    anything, anywhere, all through standard Kubernetes APIs.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Transform your Kubernetes cluster into a universal control plane.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-crossplane
+    for community support.
diff --git a/repo/packages/dependency-track.packages.kadras.io/4.13.4.yml b/repo/packages/dependency-track.packages.kadras.io/4.13.4.yml
new file mode 100644
index 0000000..faa8fc4
--- /dev/null
+++ b/repo/packages/dependency-track.packages.kadras.io/4.13.4.yml
@@ -0,0 +1,211 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: dependency-track.packages.kadras.io.4.13.4
+spec:
+  licenses:
+  - Apache 2.0
+  refName: dependency-track.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-dependency-track/releases
+  releasedAt: "2025-09-15T15:45:57Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-dependency-track@sha256:8572050568c80b0b94fb93df767bc7d5eeecd3ac0fd847af8dd1d743538f1eab
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        api_server:
+          additionalProperties: false
+          description: Settings for the API Server component.
+          properties:
+            logging:
+              additionalProperties: false
+              description: Settings for logging.
+              properties:
+                format:
+                  default: console
+                  description: 'Log encoding format. Options: `console`, `json`.'
+                  enum:
+                  - console
+                  - json
+                  type: string
+                level:
+                  default: info
+                  description: 'Log verbosity level. Options: `trace`, `debug`, `info`,
+                    `warn`, `error`.'
+                  enum:
+                  - trace
+                  - debug
+                  - info
+                  - warn
+                  - error
+                  type: string
+              type: object
+            metrics:
+              additionalProperties: false
+              description: Settings for metrics.
+              properties:
+                enabled:
+                  default: true
+                  description: Whether to enable the generation of Prometheus metrics.
+                  type: boolean
+              type: object
+            resources:
+              additionalProperties: false
+              description: Resource configuration for the API Server component.
+              properties:
+                limits:
+                  additionalProperties: false
+                  properties:
+                    cpu:
+                      default: "4"
+                      description: CPU limits configuration for the API Server component.
+                      type: string
+                    memory:
+                      default: 5Gi
+                      description: Memory limits configuration for the API Server
+                        component.
+                      type: string
+                  type: object
+                requests:
+                  additionalProperties: false
+                  properties:
+                    cpu:
+                      default: "0.5"
+                      description: CPU requests configuration for the API Server component.
+                      type: string
+                    memory:
+                      default: 5Gi
+                      description: Memory requests configuration for the API Server
+                        component.
+                      type: string
+                  type: object
+              type: object
+            storage:
+              additionalProperties: false
+              description: Storage configuration for the API Server component.
+              properties:
+                class_name:
+                  default: ""
+                  description: Class name for the PersistenceVolume to create.
+                  type: string
+                size:
+                  default: 1Gi
+                  description: Size of the PersistenceVolume to create.
+                  type: string
+              type: object
+          type: object
+        domain_name:
+          default: ""
+          description: Domain name for Dependency Track. It must be a valid DNS name.
+          minLength: 4
+          type: string
+        frontend:
+          additionalProperties: false
+          description: Settings for the Frontend component.
+          properties:
+            replicas:
+              default: 1
+              description: The number of Frontend replicas. In order to enable high
+                availability, it should be greater than 1.
+              minimum: 1
+              type: integer
+            resources:
+              additionalProperties: false
+              description: Resource configuration for the Frontend component.
+              properties:
+                limits:
+                  additionalProperties: false
+                  properties:
+                    cpu:
+                      default: 500m
+                      description: CPU limits configuration for the Frontend component.
+                      type: string
+                    memory:
+                      default: 128Mi
+                      description: Memory limits configuration for the Frontend component.
+                      type: string
+                  type: object
+                requests:
+                  additionalProperties: false
+                  properties:
+                    cpu:
+                      default: 150m
+                      description: CPU requests configuration for the Frontend component.
+                      type: string
+                    memory:
+                      default: 64Mi
+                      description: Memory requests configuration for the Frontend
+                        component.
+                      type: string
+                  type: object
+              type: object
+          type: object
+        ingress_issuer:
+          default: ""
+          description: A reference to the ClusterIssuer to use for enabling TLS in
+            Dependency Track.
+          example: kadras-ca-issuer
+          minLength: 4
+          type: string
+          x-example-description: Kadras private CA
+        postgresql:
+          additionalProperties: false
+          description: Settings for the PostgreSQL database.
+          properties:
+            instances:
+              default: 1
+              description: Number of instances for the PostgreSQL database cluster.
+                Define at least 3 for production scenarios.
+              minimum: 1
+              type: integer
+            storage:
+              additionalProperties: false
+              description: Storage configuration for each PostgreSQL instance.
+              properties:
+                size:
+                  default: 1Gi
+                  description: Size of the PersistenceVolume to create for each PostgreSQL
+                    instance.
+                  type: string
+              type: object
+          type: object
+        proxy:
+          additionalProperties: false
+          description: Settings for the corporate proxy.
+          properties:
+            http_proxy:
+              default: ""
+              description: The HTTP proxy to use for network traffic.
+              type: string
+            https_proxy:
+              default: ""
+              description: The HTTPS proxy to use for network traffic.
+              type: string
+            no_proxy:
+              default: ""
+              description: A comma-separated list of hostnames, IP addresses, or IP
+                ranges in CIDR format that should not use the proxy.
+              type: string
+          type: object
+        system_requirement_check:
+          default: true
+          description: Whether Dependency Track will check for memory and CPU requirements
+            at startup time.
+          type: boolean
+      type: object
+  version: 4.13.4
diff --git a/repo/packages/dependency-track.packages.kadras.io/metadata.yml b/repo/packages/dependency-track.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..972b733
--- /dev/null
+++ b/repo/packages/dependency-track.packages.kadras.io/metadata.yml
@@ -0,0 +1,25 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: dependency-track.packages.kadras.io
+spec:
+  categories:
+  - supply-chain
+  - security
+  displayName: dependency-track
+  longDescription: Dependency-Track is an intelligent Component Analysis platform
+    that allows organizations to identify and reduce risk in the software supply chain.
+    Dependency-Track takes a unique and highly beneficial approach by leveraging the
+    capabilities of Software Bill of Materials (SBOM). This approach provides capabilities
+    that traditional Software Composition Analysis (SCA) solutions cannot achieve.
+    Dependency-Track monitors component usage across all versions of every application
+    in its portfolio in order to proactively identify risk across an organization.
+    The platform has an API-first design and is ideal for use in CI/CD environments.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Dependency Track is a continuous SBOM Analysis Platform for managing
+    software supply chain security risks.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-dependency-track
+    for community support.
diff --git a/repo/packages/developer-portal.packages.kadras.io/0.8.0.yml b/repo/packages/developer-portal.packages.kadras.io/0.8.0.yml
new file mode 100644
index 0000000..11223c1
--- /dev/null
+++ b/repo/packages/developer-portal.packages.kadras.io/0.8.0.yml
@@ -0,0 +1,681 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: developer-portal.packages.kadras.io.0.8.0
+spec:
+  refName: developer-portal.packages.kadras.io
+  releasedAt: "2025-09-24T16:17:36Z"
+  template:
+    spec:
+      deploy:
+      - kapp:
+          intoNs: backstage
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-developer-portal@sha256:b455104c820ab67c804113843d00528eac7ac6f1bf2abfc9140db15ff6a01d36
+      template:
+      - helmTemplate:
+          name: backstage
+          namespace: backstage
+          path: config/helm/upstream/backstage
+          valuesFrom:
+          - path: config/helm/values.yml
+      - ytt:
+          ignoreUnknownComments: true
+          paths:
+          - '-'
+          - config/carvel
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      properties:
+        backstage:
+          description: Backstage parameters @default -- See below
+          properties:
+            affinity:
+              default: {}
+              description: 'Affinity for pod assignment <br /> Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity'
+              type: object
+            annotations:
+              default: {}
+              description: Additional custom annotations for the `Deployment` resource
+              type: object
+            appConfig:
+              default: {}
+              description: 'Allows to define the appConfig as a multiline string that
+                generates a ConfigMap automatically, not requiring to have it pre
+                provisioned as with the extraAppConfig key. DO NOT USE if you need
+                to put sensitive data in the appConfig. E.g: appConfig:   app:     baseUrl:
+                https://somedomain.tld -- Generates ConfigMap and configures it in
+                the Backstage pods'
+              type: object
+            args:
+              default: []
+              description: Backstage container command arguments
+              items: {}
+              type: array
+            autoscaling:
+              description: 'Autoscaling configuration. <br /> Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/'
+              properties:
+                enabled:
+                  default: false
+                  type: boolean
+                maxReplicas:
+                  default: 100
+                  type: integer
+                minReplicas:
+                  default: 1
+                  type: integer
+                targetCPUUtilizationPercentage:
+                  default: 80
+                  type: integer
+              type: object
+            command:
+              default: []
+              description: Backstage container command
+              items:
+                default: node
+                type: string
+              type: array
+            containerPorts:
+              description: Container ports on the Deployment
+              properties:
+                backend:
+                  default: 7007
+                  type: integer
+              type: object
+            containerSecurityContext:
+              default: {}
+              description: 'Security settings for a Container. <br /> Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container'
+              type: object
+            extraAppConfig:
+              default: []
+              description: Extra app configuration files to inline into command arguments
+              items: {}
+              type: array
+            extraContainers:
+              default: []
+              description: Deployment sidecars
+              items: {}
+              type: array
+            extraEnvVars:
+              default: []
+              description: Backstage container environment variables
+              items: {}
+              type: array
+            extraEnvVarsCM:
+              default: []
+              description: Backstage container environment variables from existing
+                ConfigMaps
+              items: {}
+              type: array
+            extraEnvVarsSecrets:
+              default: []
+              description: Backstage container environment variables from existing
+                Secrets
+              items: {}
+              type: array
+            extraPorts:
+              default: []
+              description: Backstage container additional ports
+              items: {}
+              type: array
+            extraVolumeMounts:
+              default: []
+              description: Backstage container additional volume mounts
+              items: {}
+              type: array
+            extraVolumes:
+              default: []
+              description: Backstage container additional volumes
+              items: {}
+              type: array
+            hostAliases:
+              default: []
+              description: 'Host Aliases for the pod <br /> Ref: https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/'
+              items: {}
+              type: array
+            image:
+              properties:
+                digest:
+                  default: ""
+                  description: Backstage image digest (digest takes precedence over
+                    image tag)
+                  type: string
+                pullPolicy:
+                  default: Always
+                  description: 'Specify a imagePullPolicy. Defaults to ''Always''
+                    if image tag is ''latest'', else set to ''IfNotPresent'' <br />
+                    Ref: https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy'
+                  type: string
+                pullSecrets:
+                  default: []
+                  description: 'Optionally specify an array of imagePullSecrets.  Secrets
+                    must be manually created in the namespace. <br /> Ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+                    <br /> E.g: `pullSecrets: [myRegistryKeySecretName]`'
+                  items: {}
+                  type: array
+                registry:
+                  default: ghcr.io
+                  description: Backstage image registry
+                  type: string
+                repository:
+                  default: backstage/backstage
+                  description: Backstage image repository
+                  type: string
+                tag:
+                  default: latest
+                  description: Backstage image tag (immutable tags are recommended)
+                  type: string
+              type: object
+            initContainers:
+              default: []
+              description: Backstage container init containers
+              items: {}
+              type: array
+            installDir:
+              default: /app
+              description: Directory containing the backstage installation
+              type: string
+            livenessProbe:
+              description: 'Liveness Probe Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes
+                <!-- E.g. livenessProbe:   failureThreshold: 3   httpGet:     path:
+                /.backstage/health/v1/liveness     port: 7007     scheme: HTTP   initialDelaySeconds:
+                60   periodSeconds: 10   successThreshold: 1   timeoutSeconds: 2'
+              properties:
+                httpGet:
+                  properties:
+                    path:
+                      default: /.backstage/health/v1/liveness
+                      type: string
+                    port:
+                      default: 7007
+                      type: integer
+                    scheme:
+                      default: HTTP
+                      type: string
+                  type: object
+              type: object
+            nodeSelector:
+              default: {}
+              description: 'Node labels for pod assignment <br /> Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector'
+              type: object
+            pdb:
+              description: 'Pod Disruption Budget configuration ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/'
+              properties:
+                create:
+                  default: false
+                  type: boolean
+                maxUnavailable:
+                  default: ""
+                  type: string
+                minAvailable:
+                  default: ""
+                  type: string
+              type: object
+            podAnnotations:
+              default: {}
+              description: Annotations to add to the backend deployment pods
+              type: object
+            podLabels:
+              default: {}
+              description: Labels to add to the backend deployment pods
+              type: object
+            podSecurityContext:
+              default: {}
+              description: 'Security settings for a Pod.  The security settings that
+                you specify for a Pod apply to all Containers in the Pod. <br /> Ref:
+                https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod'
+              type: object
+            readinessProbe:
+              description: 'Readiness Probe Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes
+                <!-- E.g. readinessProbe:   failureThreshold: 3   httpGet:     path:
+                /.backstage/health/v1/readiness     port: 7007     scheme: HTTP   initialDelaySeconds:
+                30   periodSeconds: 10   successThreshold: 2   timeoutSeconds: 2'
+              properties:
+                httpGet:
+                  properties:
+                    path:
+                      default: /.backstage/health/v1/readiness
+                      type: string
+                    port:
+                      default: 7007
+                      type: integer
+                    scheme:
+                      default: HTTP
+                      type: string
+                  type: object
+              type: object
+            replicas:
+              default: 1
+              description: Number of deployment replicas
+              type: integer
+            resources:
+              default: {}
+              description: 'Resource requests/limits <br /> Ref: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-requests-and-limits-of-pod-and-container
+                <!-- E.g. resources:   limits:     memory: 1Gi     cpu: 1000m   requests:     memory:
+                250Mi     cpu: 100m -->'
+              type: object
+            revisionHistoryLimit:
+              default: 10
+              description: Define the [count of deployment revisions](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#clean-up-policy)
+                to be kept. May be set to 0 in case of GitOps deployment approach.
+              type: integer
+            startupProbe:
+              description: 'Startup Probe Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes
+                <!-- E.g. startupProbe:   failureThreshold: 3   httpGet:     path:
+                /.backstage/health/v1/liveness     port: 7007     scheme: HTTP   initialDelaySeconds:
+                60   periodSeconds: 10   successThreshold: 1   timeoutSeconds: 2'
+              properties:
+                httpGet:
+                  properties:
+                    path:
+                      default: /.backstage/health/v1/liveness
+                      type: string
+                    port:
+                      default: 7007
+                      type: integer
+                    scheme:
+                      default: HTTP
+                      type: string
+                  type: object
+              type: object
+            tolerations:
+              default: []
+              description: 'Node tolerations for server scheduling to nodes with taints
+                <br /> Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/'
+              items: {}
+              type: array
+            topologySpreadConstraints:
+              default: []
+              description: 'Topology Spread Constraints for pod assignment <br />
+                Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#pod-topology-spread-constraints'
+              items: {}
+              type: array
+          type: object
+        clusterDomain:
+          default: cluster.local
+          description: Default Kubernetes cluster domain
+          type: string
+        commonAnnotations:
+          default: {}
+          description: Annotations to add to all deployed objects
+          type: object
+        commonLabels:
+          default: {}
+          description: Labels to add to all deployed objects
+          type: object
+        diagnosticMode:
+          description: Enable diagnostic mode in the Deployment
+          properties:
+            args:
+              default: []
+              description: Args to override all containers in the Deployment
+              items:
+                default: infinity
+                type: string
+              type: array
+            command:
+              default: []
+              description: Command to override all containers in the Deployment
+              items:
+                default: sleep
+                type: string
+              type: array
+            enabled:
+              default: false
+              description: Enable diagnostic mode (all probes will be disabled and
+                the command will be overridden)
+              type: boolean
+          type: object
+        extraDeploy:
+          default: []
+          description: Array of extra objects to deploy with the release
+          items: {}
+          type: array
+        fullnameOverride:
+          default: ""
+          description: String to fully override common.names.fullname
+          type: string
+        global:
+          description: 'Global parameters Global Docker image parameters Please, note
+            that this will override the image parameters, including dependencies,
+            configured to use the global value Current available global Docker image
+            parameters: imageRegistry, imagePullSecrets and storageClass @default
+            -- See below'
+          properties:
+            imagePullSecrets:
+              default: []
+              description: 'Global Docker registry secret names as an array </br>
+                E.g. `imagePullSecrets: [myRegistryKeySecretName]`'
+              items: {}
+              type: array
+            imageRegistry:
+              default: ""
+              description: Global Docker image registry
+              type: string
+          type: object
+        ingress:
+          description: Ingress parameters
+          properties:
+            annotations:
+              default: {}
+              description: Additional annotations for the Ingress resource
+              type: object
+            className:
+              default: ""
+              description: Name of the IngressClass cluster resource which defines
+                which controller will implement the resource (e.g nginx)
+              type: string
+            enabled:
+              default: false
+              description: Enable the creation of the ingress resource
+              type: boolean
+            extraHosts:
+              default: []
+              description: 'List of additional hostnames to be covered with this ingress
+                record (e.g. a CNAME) <!-- E.g. extraHosts:   - name: backstage.env.example.com     path:
+                / (Optional)     pathType: Prefix (Optional)     port: 7007 (Optional)
+                -->'
+              items: {}
+              type: array
+            extraTls:
+              default: []
+              description: 'The TLS configuration for additional hostnames to be covered
+                with this ingress record. <br /> Ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
+                <!-- E.g. extraTls:   - hosts:     - backstage.env.example.com     secretName:
+                backstage-env -->'
+              items: {}
+              type: array
+            host:
+              default: ""
+              description: 'Hostname to be used to expose the route to access the
+                backstage application (e.g: backstage.IP.nip.io)'
+              type: string
+            path:
+              default: /
+              description: 'Path to be used to expose the full route to access the
+                backstage application (e.g: IP.nip.io/backstage)'
+              type: string
+            tls:
+              description: Ingress TLS parameters
+              properties:
+                enabled:
+                  default: false
+                  description: Enable TLS configuration for the host defined at `ingress.host`
+                    parameter
+                  type: boolean
+                secretName:
+                  default: ""
+                  description: The name to which the TLS Secret will be called
+                  type: string
+              type: object
+          type: object
+        kubeVersion:
+          default: ""
+          description: |-
+            Common parameters
+             -- Override Kubernetes version
+          type: string
+        metrics:
+          description: Metrics configuration
+          properties:
+            serviceMonitor:
+              description: ServiceMonitor configuration <br /> Allows configuring
+                your backstage instance as a scrape target for [Prometheus](https://github.com/prometheus/prometheus)
+                using a ServiceMonitor custom resource that [Prometheus Operator](https://github.com/prometheus-operator/prometheus-operator)
+                can understand.
+              properties:
+                annotations:
+                  default: {}
+                  description: ServiceMonitor annotations
+                  type: object
+                enabled:
+                  default: false
+                  description: If enabled, a ServiceMonitor resource for Prometheus
+                    Operator is created <br /> Prometheus Operator must be installed
+                    in your cluster prior to enabling.
+                  type: boolean
+                interval:
+                  description: ServiceMonitor scrape interval
+                  oneOf:
+                  - default: null
+                    nullable: true
+                    type: integer
+                  - default: null
+                    nullable: true
+                    type: number
+                  - default: null
+                    nullable: true
+                    type: boolean
+                  - default: null
+                    nullable: true
+                    type: string
+                  - default: null
+                    nullable: true
+                    type: object
+                  - default: null
+                    items: {}
+                    nullable: true
+                    type: array
+                labels:
+                  default: {}
+                  description: Additional ServiceMonitor labels
+                  type: object
+                path:
+                  default: /metrics
+                  description: ServiceMonitor endpoint path <br /> Note that the /metrics
+                    endpoint is NOT present in a freshly scaffolded Backstage app.
+                    To setup, follow the [Prometheus metrics tutorial](https://github.com/backstage/backstage/blob/master/contrib/docs/tutorials/prometheus-metrics.md).
+                  type: string
+                port:
+                  default: http-backend
+                  description: ServiceMonitor endpoint port <br /> The port where
+                    the metrics are exposed. If using OpenTelemetry as [documented
+                    here](https://backstage.io/docs/tutorials/setup-opentelemetry/),
+                    then the port needs to be explicitly specified. OpenTelemetry's
+                    default port is 9464.
+                  type: string
+              type: object
+          type: object
+        nameOverride:
+          default: ""
+          description: String to partially override common.names.fullname
+          type: string
+        networkPolicy:
+          description: '@section NetworkPolicy parameters'
+          properties:
+            egressRules:
+              description: Egress Rules
+              properties:
+                customRules:
+                  default: []
+                  description: Additional custom egress rules
+                  items: {}
+                  type: array
+                denyConnectionsToExternal:
+                  default: false
+                  description: Deny external connections. Should not be enabled when
+                    working with an external database.
+                  type: boolean
+              type: object
+            enabled:
+              default: false
+              description: Specifies whether a NetworkPolicy should be created
+              type: boolean
+            ingressRules:
+              description: Ingress Rules
+              properties:
+                customRules:
+                  default: []
+                  description: Additional custom ingress rules
+                  items: {}
+                  type: array
+                namespaceSelector:
+                  default: {}
+                  description: Namespace selector label allowed to access the Backstage
+                    instance
+                  type: object
+                podSelector:
+                  default: {}
+                  description: Pod selector label allowed to access the Backstage
+                    instance
+                  type: object
+              type: object
+          type: object
+        postgresql:
+          description: PostgreSQL [chart configuration](https://github.com/bitnami/charts/blob/master/bitnami/postgresql/values.yaml)
+            @default -- See below
+          properties:
+            architecture:
+              default: standalone
+              description: PostgreSQL architecture (`standalone` or `replication`)
+              type: string
+            auth:
+              description: The authentication details of the Postgres database
+              properties:
+                existingSecret:
+                  default: ""
+                  description: Name of existing secret to use for PostgreSQL credentials
+                  type: string
+                password:
+                  default: ""
+                  description: Password for the custom user to create
+                  type: string
+                secretKeys:
+                  description: The secret keys Postgres will look for to retrieve
+                    the relevant password
+                  properties:
+                    adminPasswordKey:
+                      default: admin-password
+                      description: The key in which Postgres will look for, for the
+                        admin password, in the existing Secret
+                      type: string
+                    replicationPasswordKey:
+                      default: replication-password
+                      description: The key in which Postgres will look for, for the
+                        replication password, in the existing Secret
+                      type: string
+                    userPasswordKey:
+                      default: user-password
+                      description: The key in which Postgres will look for, for the
+                        user password, in the existing Secret
+                      type: string
+                  type: object
+                username:
+                  default: bn_backstage
+                  description: Name for a custom user to create
+                  type: string
+              type: object
+            enabled:
+              default: false
+              description: Switch to enable or disable the PostgreSQL helm chart
+              type: boolean
+          type: object
+        service:
+          description: |-
+            @section Traffic Exposure parameters
+             Service parameters -- Service parameters @default -- See below
+          properties:
+            annotations:
+              default: {}
+              description: Additional custom annotations for Backstage service
+              type: object
+            clusterIP:
+              default: ""
+              description: 'Backstage service Cluster IP <br /> E.g `clusterIP: None`'
+              type: string
+            externalTrafficPolicy:
+              default: Cluster
+              description: 'Backstage service external traffic policy Ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip'
+              type: string
+            extraPorts:
+              default: []
+              description: Extra ports to expose in the Backstage service (normally
+                used with the `sidecar` value)
+              items: {}
+              type: array
+            ipFamilies:
+              default: []
+              description: 'IP Families <br /> Ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack'
+              items: {}
+              type: array
+            ipFamilyPolicy:
+              default: ""
+              description: 'IP Family Policy <br /> Ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack'
+              type: string
+            loadBalancerIP:
+              default: ""
+              description: 'Backstage service Load Balancer IP <br /> Ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer'
+              type: string
+            loadBalancerSourceRanges:
+              default: []
+              description: 'Load Balancer sources <br /> Ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer
+                <br /> E.g `loadBalancerSourceRanges: [10.10.10.0/24]`'
+              items: {}
+              type: array
+            nodePorts:
+              description: Node port for the Backstage client connections Choose port
+                between `30000-32767`
+              properties:
+                backend:
+                  default: ""
+                  type: string
+              type: object
+            ports:
+              description: Backstage svc port for client connections
+              properties:
+                backend:
+                  default: 7007
+                  type: integer
+                name:
+                  default: http-backend
+                  description: Backstage svc port name
+                  type: string
+                targetPort:
+                  default: backend
+                  description: Backstage svc target port referencing receiving pod
+                    container port
+                  type: string
+              type: object
+            sessionAffinity:
+              default: None
+              description: 'Control where client requests go, to the same pod or round-robin
+                (values: `ClientIP` or `None`) <br /> Ref: https://kubernetes.io/docs/concepts/services-networking/service/#session-stickiness'
+              type: string
+            type:
+              default: ClusterIP
+              description: Kubernetes Service type
+              type: string
+          type: object
+        serviceAccount:
+          description: Service Account Configuration @default -- See below
+          properties:
+            annotations:
+              default: {}
+              description: Additional custom annotations for the ServiceAccount.
+              type: object
+            automountServiceAccountToken:
+              default: true
+              description: Auto-mount the service account token in the pod
+              type: boolean
+            create:
+              default: false
+              description: Enable the creation of a ServiceAccount for Backstage pods
+              type: boolean
+            labels:
+              default: {}
+              description: Additional custom labels to the service ServiceAccount.
+              type: object
+            name:
+              default: ""
+              description: Name of the ServiceAccount to use If not set and `serviceAccount.create`
+                is true, a name is generated
+              type: string
+          type: object
+      type: object
+  version: 0.8.0
diff --git a/repo/packages/developer-portal.packages.kadras.io/metadata.yml b/repo/packages/developer-portal.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..667c92b
--- /dev/null
+++ b/repo/packages/developer-portal.packages.kadras.io/metadata.yml
@@ -0,0 +1,17 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: developer-portal.packages.kadras.io
+spec:
+  categories:
+  - control plane
+  displayName: developer-portal
+  longDescription: Kadras Developer Portal is based on Backstage and supports application
+    developers with paved paths to production on Kubernetes.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Internal developer portal.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-developer-portal
+    for community support.
diff --git a/repo/packages/engineering-platform.packages.kadras.io/0.27.0.yml b/repo/packages/engineering-platform.packages.kadras.io/0.27.0.yml
new file mode 100644
index 0000000..494bf13
--- /dev/null
+++ b/repo/packages/engineering-platform.packages.kadras.io/0.27.0.yml
@@ -0,0 +1,255 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: engineering-platform.packages.kadras.io.0.27.0
+spec:
+  licenses:
+  - Apache 2.0
+  refName: engineering-platform.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/kadras-engineering-platform/releases
+  releasedAt: "2025-09-24T16:27:22Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/kadras-engineering-platform@sha256:478450ba6ff5c780bac64e697df2f66666c8d27a08e66393836839cd0e3a139f
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        cert_manager:
+          default: {}
+          description: Configuration for the Cert Manager package.
+          nullable: true
+        contour:
+          default: {}
+          description: Configuration for the Contour package.
+          nullable: true
+        crossplane:
+          default: {}
+          description: Configuration for the Crossplane package.
+          nullable: true
+        dependency_track:
+          default: {}
+          description: Configuration for the Dependency Track package.
+          nullable: true
+        developer_portal:
+          default: {}
+          description: Configuration for the Developer Portal package.
+          nullable: true
+        flux:
+          default: {}
+          description: Configuration for the Flux package.
+          nullable: true
+        gitops_configurer:
+          default: {}
+          description: Configuration for the GitOps Configurer package.
+          nullable: true
+        knative:
+          additionalProperties: false
+          description: Configuration for Knative related packages.
+          properties:
+            serving:
+              default: {}
+              description: Configuration for the Knative Serving package.
+              nullable: true
+          type: object
+        kyverno:
+          additionalProperties: false
+          description: Configuration for the Kyverno related packages.
+          properties:
+            core:
+              default: {}
+              description: Configuration for the Kyverno package.
+              nullable: true
+          type: object
+        metrics_server:
+          default: {}
+          description: Configuration for the Metrics Server package.
+          nullable: true
+        platform:
+          additionalProperties: false
+          description: Configuration for the platform packages.
+          properties:
+            additional_packages:
+              default: []
+              description: A list of packages to include in the installation.
+              items:
+                default: ""
+                type: string
+              type: array
+            ca_cert_data:
+              default: ""
+              description: PEM-encoded certificate data to trust TLS connections with
+                a custom CA.
+              type: string
+            cosign:
+              additionalProperties: false
+              description: Settings for Cosign, used for signing and verifying OCI
+                artifacts.
+              properties:
+                secret:
+                  additionalProperties: false
+                  description: Configuration for the Secret holding the Cosign key
+                    pair.
+                  properties:
+                    name:
+                      default: ""
+                      description: The name of the Secret holding the Cosign key pair.
+                      type: string
+                    namespace:
+                      default: kadras-system
+                      description: The namespace of the Secret holding the Cosign
+                        key pair.
+                      type: string
+                  type: object
+              type: object
+            excluded_packages:
+              default: []
+              description: A list of packages to exclude from being installed.
+              items:
+                default: ""
+                type: string
+              type: array
+            git:
+              additionalProperties: false
+              description: Settings for the Git server that the platform will use.
+              properties:
+                secret:
+                  additionalProperties: false
+                  description: Configuration for the Secret holding the credentials
+                    to access the Git server.
+                  properties:
+                    name:
+                      default: ""
+                      description: 'The name of the Secret holding the credentials
+                        to access the Git server. The credentials should provide read-only
+                        access to the Git server except when installing the platform
+                        with one of these profiles: `standalone`, `build`.'
+                      type: string
+                    namespace:
+                      default: kadras-system
+                      description: The namespace of the Secret holding the credentials
+                        to access the Git server.
+                      type: string
+                  type: object
+                server:
+                  default: https://github.com
+                  description: The server hosting the Git repositories used by the
+                    plaform.
+                  example: https://github.com
+                  type: string
+                  x-example-description: GitHub
+              type: object
+            ingress:
+              additionalProperties: false
+              description: Setting for the Ingress controller that the platform will
+                use.
+              properties:
+                domain:
+                  default: ""
+                  description: The base domain name the platform will use to configure
+                    the Ingress controller. It must be a valid DNS name.
+                  type: string
+                issuer:
+                  additionalProperties: false
+                  description: A reference to the ClusterIssuer the platform will
+                    use to enable TLS communications.
+                  properties:
+                    email:
+                      default: ""
+                      description: The email address that Let's Encrypt will use to
+                        send info on expiring certificates or other issues. Required
+                        when the type is `letsencrypt_staging` or `letsencrypt`.
+                      type: string
+                    name:
+                      default: ""
+                      description: A reference to a custom ClusterIssuer previously
+                        created on the cluster where the platform will be installed.
+                        Required when the type is `custom`.
+                      type: string
+                    type:
+                      default: private
+                      description: 'The type of ClusterIssuer the platform will use
+                        to enable TLS communications. Options: `private`, `letsencrypt_staging`,
+                        `letsencrypt`, `custom`.'
+                      enum:
+                      - private
+                      - letsencrypt_staging
+                      - letsencrypt
+                      - custom
+                      type: string
+                  type: object
+              type: object
+            namespace:
+              default: kadras-system
+              description: The namespace where to install the platform.
+              type: string
+            oci:
+              additionalProperties: false
+              description: Settings for accessing the OCI registry that the platform
+                will use.
+              properties:
+                pull_secret:
+                  additionalProperties: false
+                  description: Configuration for the Secret holding the credentials
+                    to pull images from the OCI registry.
+                  properties:
+                    name:
+                      default: ""
+                      description: The name of the Secret holding the credentials
+                        to pull images from the OCI registry.
+                      type: string
+                    namespace:
+                      default: kadras-system
+                      description: The namespace of the Secret holding the credentials
+                        to pull images from the OCI registry.
+                      type: string
+                  type: object
+              type: object
+            profile:
+              default: run
+              description: 'The platform profile to install. Options: `standalone`,
+                `run`.'
+              enum:
+              - standalone
+              - run
+              type: string
+          type: object
+        postgresql_operator:
+          default: {}
+          description: Configuration for the PostgreSQL Operator package.
+          nullable: true
+        rabbitmq_operator:
+          default: {}
+          description: Configuration for the RabbitMQ Operator package.
+          nullable: true
+        secretgen_controller:
+          default: {}
+          description: Configuration for the Secretgen Controller package.
+          nullable: true
+        service_binding:
+          default: {}
+          description: Configuration for the Service Binding package.
+          nullable: true
+        tempo_operator:
+          default: {}
+          description: Configuration for the Tempo Operator package.
+          nullable: true
+        workspace_provisioner:
+          default: {}
+          description: Configuration for the Workspace Provisioner package.
+          nullable: true
+      type: object
+  version: 0.27.0
diff --git a/repo/packages/engineering-platform.packages.kadras.io/metadata.yml b/repo/packages/engineering-platform.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..5c24704
--- /dev/null
+++ b/repo/packages/engineering-platform.packages.kadras.io/metadata.yml
@@ -0,0 +1,18 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: engineering-platform.packages.kadras.io
+spec:
+  categories:
+  - internal developer platform
+  - application platform
+  displayName: engineering-platform
+  longDescription: A cloud native platform aimed at supporting application developers
+    with paved paths to production on Kubernetes and shipped as a Carvel package.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Cloud native engineering platform on Kubernetes.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/kadras-engineering-platform
+    for community support.
diff --git a/repo/packages/flux.packages.kadras.io/2.6.4.yml b/repo/packages/flux.packages.kadras.io/2.6.4.yml
new file mode 100644
index 0000000..105657e
--- /dev/null
+++ b/repo/packages/flux.packages.kadras.io/2.6.4.yml
@@ -0,0 +1,107 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: flux.packages.kadras.io.2.6.4
+spec:
+  licenses:
+  - Apache 2.0
+  refName: flux.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-flux/releases
+  releasedAt: "2025-08-14T17:42:46Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-flux@sha256:71304d88eb8251a0db355dc64676d7fd5c1c738d57a3d52b20662e1f0e108d5a
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        logging:
+          additionalProperties: false
+          description: Settings for logging.
+          properties:
+            encoding:
+              default: json
+              description: 'Log encoding format. Options: `console`, `json`.'
+              enum:
+              - console
+              - json
+              type: string
+            level:
+              default: info
+              description: 'Log verbosity level. Options: `trace`, `debug`, `info`,
+                `error`.'
+              enum:
+              - trace
+              - debug
+              - info
+              - error
+              type: string
+          type: object
+        optional_components:
+          additionalProperties: false
+          description: Settings for which Flux optional components to deploy.
+          properties:
+            helm_controller:
+              default: false
+              description: Whether to deploy the Helm Controller.
+              type: boolean
+            image_automation_controller:
+              default: false
+              description: Whether to deploy the Image Automation Controller.
+              type: boolean
+            image_reflector_controller:
+              default: false
+              description: Whether to deploy the Image Reflector Controller.
+              type: boolean
+            kustomize_controller:
+              default: true
+              description: Whether to deploy the Kustomize Controller.
+              type: boolean
+            notification_controller:
+              default: false
+              description: Whether to deploy the Notification Controller.
+              type: boolean
+          type: object
+        policies:
+          additionalProperties: false
+          description: Settings for the Kyverno policies.
+          properties:
+            include:
+              default: false
+              description: Whether to include the out-of-the-box Kyverno policies
+                to validate and secure the package installation.
+              type: boolean
+          type: object
+        proxy:
+          additionalProperties: false
+          description: Settings for the corporate proxy.
+          properties:
+            http_proxy:
+              default: ""
+              description: The HTTP proxy to use for network traffic.
+              type: string
+            https_proxy:
+              default: ""
+              description: The HTTPS proxy to use for network traffic.
+              type: string
+            no_proxy:
+              default: ""
+              description: A comma-separated list of hostnames, IP addresses, or IP
+                ranges in CIDR format that should not use the proxy.
+              type: string
+          type: object
+      type: object
+  version: 2.6.4
diff --git a/repo/packages/flux.packages.kadras.io/metadata.yml b/repo/packages/flux.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..06bd653
--- /dev/null
+++ b/repo/packages/flux.packages.kadras.io/metadata.yml
@@ -0,0 +1,22 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: flux.packages.kadras.io
+spec:
+  categories:
+  - gitops
+  displayName: flux
+  iconSVGBase64: PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHJvbGU9ImltZyIgdmlld0JveD0iNDguMDAgLTIuMjUgMjYyLjUwIDM2NC4wMCI+PGRlZnM+PHN0eWxlPi5jbHMtMXtmaWxsOiMzMjZjZTV9LmNscy0ze2ZpbGw6bm9uZX08L3N0eWxlPjwvZGVmcz48cGF0aCBkPSJNNTkuNzIzOTMgOTcuNzc4NDdhMTAuMTgyNTEgMTAuMTgyNTEgMCAwIDEgMC0xNy4wNzM5M2wxMTQuMDcwMy03NC4xNjAyM2ExMC4xODI1OCAxMC4xODI1OCAwIDAgMSAxMS4xMDAyNCAwbDExNC4wNzAyOSA3NC4xNjAyM2ExMC4xODI1IDEwLjE4MjUgMCAwIDEgMCAxNy4wNzM5NGwtMTE0LjA3MDI5IDc0LjE2MDIxYTEwLjE4MjU0IDEwLjE4MjU0IDAgMCAxLTExLjEwMDI0IDB6IiBjbGFzcz0iY2xzLTEiLz48cGF0aCBmaWxsPSIjYzFkMmY3IiBkPSJNMTk3LjM1NTY1IDExMC44NjZoNy45MTI3N2E2LjAwMzI2IDYuMDAzMjYgMCAwIDAgNS4xOTkwOC05LjAwNWwtMjUuOTIzODEtNDQuOTAyYTYuMDAzNTUgNi4wMDM1NSAwIDAgMC0xMC4zOTgzOCAwbC0yNS45MjQgNDQuOTAyYTYuMDAzMjYgNi4wMDMyNiAwIDAgMCA1LjE5OTA1IDkuMDA1aDcuOTEzYTYuMDAzNCA2LjAwMzQgMCAwIDEgNi4wMDM0MSA2LjAwMzR2NTEuMjU2M2w1LjMxMDM3IDMuNDUyNTJhMTIuMjg3NDMgMTIuMjg3NDMgMCAwIDAgMTMuMzk0NDUgMGw1LjMxMDYyLTMuNDUyNTJ2LTUxLjI1NjI4YTYuMDAzNCA2LjAwMzQgMCAwIDEgNi4wMDM0LTYuMDAzNDF6Ii8+PHBhdGggZD0iTTE3My43OTM0OCAzNTMuMjcxMDhhMTAuMTI4MjggMTAuMTI4MjggMCAwIDAgMy40NTY0MyAxLjQwMmMtMi4xNzU0OS0xLjIzMTItNC4zODcyNy0yLjM3NDI5LTYuNjIyNjktMy40NjAzNnptLTYuNDU2NjctMTYxLjE5NTQ2bC0xMS4zMTU3IDcuMzU2NjFhMTEwLjk5MyAxMTAuOTkzIDAgMCAwIDExLjMxNTcxIDYuNTk5N3ptMjQuMDE1MzcgMjMuNzE2MDdjOS43Mzg1OCAzLjExNTA1IDE5LjgxMzE3IDUuNjQ4NTEgMzAuMTA5NzMgOC4xODY1NSAxMC45MjAzMiAyLjY5MTgyIDIxLjk3MzU1IDUuNDI3MTcgMzIuODE3OTIgOS4wMDgzOWwtMzUuNDE2MDYtMjMuMDI0ODJhMjE1Ljg4MTMzIDIxNS44ODEzMyAwIDAgMS0yNy41MTE2MS05LjQxMDA3em0wIDYyLjE5MTU5di41ODU3N2MwIDIuNTY5MjktMi42ODc4NyA0LjY1MTk1LTYuMDAzMzggNC42NTE5NWgtMTIuMDA4NTVjLTMuMzE1NDkgMC02LjAwMzM4LTIuMDgyNjYtNi4wMDMzOC00LjY1MTk1di02LjYwNDczYy0yNC45MDUzOC02LjQwMjA5LTQ5Ljg3Mjk0LTE0LjQ4NTA2LTcwLjg1OTQ1LTMzLjgyMTFMODEuOTQ4MTkgMjQ3LjU4OWMyMi40Njc2MSAyMi4wNTA5IDUwLjI3ODkzIDI4LjkzMjkxIDc5LjcxNDQxIDM2LjE4ODYgMjcuMTc4NTIgNi42OTg1NiA1NS4xODA1MSAxMy42NTE0NCA3OC42ODU1NyAzMy40NDIyMmwxNC42NzkwNy05LjU0MzM0Yy0xOC41MzE0Mi0xNi41MDQzMS00MC40MDk2Mi0yMy42ODc3OC02My42NzUwNi0yOS42OTMyem0tOTguMDM3NTYgMjIuOTY2MzlsMzguOTA4MjkgMjUuMjk1MjVjMjAuMDY0MzggNS4xMTMzNiA0MC4yMDAyOSAxMS4yNDc3MyA1OC4zMTEgMjMuMzYwNDRsMTQuOTAwMjMtOS42ODdjLTE5Ljc1MTgtMTMuNjcyNC00Mi41NTA1LTE5LjMxMzQtNjYuNDE4ODktMjUuMTk3LTE1LjI4NzA0LTMuNzY3NzktMzAuODM0NzktNy42MTY2LTQ1LjcwMDYzLTEzLjc3MTY5em03NC4wMjIxOS04Mi4yNTQxM2ExMjQuMzE5OSAxMjQuMzE5OSAwIDAgMS0yMS41MzM5Mi0xMi42MjAwNmwtMTQuODA1MzEgOS42MjUyMWExMjQuNTQwNTcgMTI0LjU0MDU3IDAgMCAwIDM2LjMzOTIzIDE4LjcwOHptNTEuNDEwMDYgMTYuMjk0MTJjLTkuMTA2Mi0yLjI0NDc0LTE4LjMwMzYyLTQuNTIzODgtMjcuMzk0NjktNy4yOTg1M3YxMy42ODIwOXE1LjA1MSAxLjI4NTMgMTAuMTc2NzIgMi41MzgxN2MyOS45MzQzOCA3LjM3ODE4IDYwLjg4NzkgMTUuMDA4ODUgODUuNzA3NjcgMzkuODI4NjEuNjA5NzkuNjA5NzkgMS4xNjI2MSAxLjIzOTg5IDEuNzUyIDEuODU3MTVsOS45NzQyNy02LjQ4NDQ1YTEwLjEwNDI1IDEwLjEwNDI1IDAgMCAwIDMuNDc1MjktMy43OTkyOGMtMS4wNjY0NC0xLjE3MjUyLTIuMTQ0LTIuMzQxMzItMy4yODg3NS0zLjQ4NjEyLTIyLjU4NTEzLTIyLjU4NTMtNTAuNjY5MzgtMjkuNTA4NTYtODAuNDAyNTEtMzYuODM3NjR6bS0xOS45MzI5NSAxOS45MzI5OHEtMy43MjIxNy0uOTE3NDctNy40NjE2OC0xLjg1NDg0djEzLjIwOTc0YzI1LjgxNjc2IDYuNTYxODEgNTEuODAyNjMgMTQuNjg4NDMgNzMuNDU1MSAzNS4wNDA2OWwxNC41MjExNC05LjQ0MDU1Yy0uMDM4NTQtLjAzODc1LS4wNzI1Ni0uMDc5MTYtLjExMTMxLS4xMTc5Mi0yMi41ODU0Ni0yMi41ODUyNC01MC42Njk3NS0yOS41MDg0OC04MC40MDMyNS0zNi44MzcxMnptLTMxLjQ3NzExLTguNTg2ODFjLTE2LjI4LTUuMjc4MTMtMzIuMTE3NzctMTIuMzk2ODItNDYuMzQ0LTI0LjEzMDgxbC0xNC42ODE3NiA5LjU0NTFjMTcuODcwMjMgMTUuNTU3MjcgMzguNzg0NCAyMi42NzI2NiA2MS4wMjU3MiAyOC41MDA2OHoiIGNsYXNzPSJjbHMtMyIvPjxwYXRoIGQ9Ik03My4yNDA0OSAyNTQuOTU5NzJjLS4zNDgtLjM0OC0uNjU4NS0uNzA5NDktLjk5OTY3LTEuMDU5NzZsLTEyLjUxNDk1IDguMTM2NDhhMTAuMTY1NDggMTAuMTY1NDggMCAwIDAtMS42NDQyOCAxLjM5NjhjMS4wNTMzNiAxLjE1Njc3IDIuMTE1NjEgMi4zMTAyNCAzLjI0NTQ0IDMuNDQgMjIuNTg1MiAyMi41ODUxOSA1MC42Njk2OCAyOS41MDgzOCA4MC40MDMyMiAzNi44MzY4OCAyNS4zNDI1IDYuMjQ2OTEgNTEuNDAxMTMgMTIuNzE2NjEgNzMuODY0NTQgMjkuNjAyNTNsMTQuODA1NzQtOS42MjU2MmMtMjAuODY0MjQtMTYuNDE5OTMtNDUuNTMwMjEtMjIuNTA4OTEtNzEuNDUyODctMjguODk4LTI5LjkzMzg1LTcuMzc4ODgtNjAuODg3MzgtMTUuMDA5NDQtODUuNzA3MTctMzkuODI5MzF6IiBjbGFzcz0iY2xzLTMiLz48cGF0aCBkPSJNMjE4Ljg2Mzc3IDIwOS45NjE4bC0yNy41MTE1OS0xNy44ODZ2OC40NzU5YTIxNS44OCAyMTUuODggMCAwIDAgMjcuNTExNTkgOS40MTAxem0tMjcuNTExNTkgNS44Mjk4OXYxMS44OTkzOGM5LjA5MTA4IDIuNzc0NzEgMTguMjg4NDkgNS4wNTM4OCAyNy4zOTQ2OSA3LjI5ODUzIDI5LjczMzExIDcuMzI5MDkgNTcuODE3MzggMTQuMjUyMzIgODAuNDAyNjEgMzYuODM3NzMgMS4xNDQ3NCAxLjE0NDc0IDIuMjIyMzIgMi4zMTM1NCAzLjI4ODc1IDMuNDg2MTFhMTAuMTkzMjcgMTAuMTkzMjcgMCAwIDAtMy40NzUzLTEzLjI3NzExbC00NC42ODMxLTI5LjA0OTc2Yy0xMC44NDQzNy0zLjU4MTIxLTIxLjg5NzY4LTYuMzE2NTYtMzIuODE3OTQtOS4wMDgzOC0xMC4yOTY1Ni0yLjUzNzk5LTIwLjM3MTEzLTUuMDcxNDUtMzAuMTA5NzEtOC4xODY1em0tMjQuMDE1MzctOS43NTk2OWExMTAuOTkyOTIgMTEwLjk5MjkyIDAgMCAxLTExLjMxNTcxLTYuNTk5NjlsLTEwLjIxODIxIDYuNjQzMmExMjQuMzE5MzIgMTI0LjMxOTMyIDAgMCAwIDIxLjUzMzkyIDEyLjYyMDA3em0zNC4xOTIxMiAzNy44Nzk0MXEtNS4xMjUyOC0xLjI2MzUyLTEwLjE3NjczLTIuNTM4MTZ2MTEuNjk0NnEzLjczNjg2LjkzOCA3LjQ2MTY4IDEuODU0ODVjMjkuNzMzNTIgNy4zMjg2MyA1Ny44MTc4IDE0LjI1MTg3IDgwLjQwMzE4IDM2LjgzNzA5LjAzODc2LjAzODc2LjA3Mjc3LjA3OTE2LjExMTMyLjExNzkybDkuNjYwMjMtNi4yODA1MWMtLjU4OTQ1LS42MTcyNi0xLjE0MjI1LTEuMjQ3MzMtMS43NTItMS44NTcxNS0yNC44MTk3OC0yNC44MTk3OS01NS43NzMzLTMyLjQ1MDQ4LTg1LjcwNzY4LTM5LjgyODY0em0tMzQuMTkyMTItOS41MDI3MmExMjQuNTQwNTcgMTI0LjU0MDU3IDAgMCAxLTM2LjMzOTIzLTE4LjcwOGwtMTAuMDA0NzMgNi41MDQzNmMxNC4yMjYxMiAxMS43MzQgMzAuMDYzOTMgMTguODUyNjggNDYuMzQ0IDI0LjEzMDh6bTAgMjUuODQyMDNjLTIyLjI0MTMyLTUuODI4LTQzLjE1NTUtMTIuOTQzNDEtNjEuMDI1NzItMjguNTAwNmwtOS44MzM4IDYuMzkzMTVjMjAuOTg2NTIgMTkuMzM2IDQ1Ljk1NDA3IDI3LjQxODkzIDcwLjg1OTQ3IDMzLjgyMTF6bTI0LjAxNTM3IDE3LjczMjU2YzIzLjI2NTQ2IDYuMDA1MzkgNDUuMTQzNjcgMTMuMTg4ODYgNjMuNjc1MDYgMjkuNjkzMTJsOS43OC02LjM1ODIzYy0yMS42NTI0OS0yMC4zNTIyNS00Ny42MzgzNS0yOC40Nzg5My03My40NTUwOS0zNS4wNDA2OHpNODEuOTQ4MTMgMjQ3LjU4OWwtOS43MDcyOSA2LjMxMWMuMzQxMTcuMzUwMzIuNjUxNjYuNzExNzguOTk5NjcgMS4wNTk3NiAyNC44MTk3NyAyNC44MTk3OSA1NS43NzMyOSAzMi40NTA0MyA4NS43MDcwNiAzOS44MjkyNSAyNS45MjI2NiA2LjM4OTA5IDUwLjU4ODYzIDEyLjQ3ODA3IDcxLjQ1Mjg4IDI4Ljg5OGw5Ljk0NzcyLTYuNDY3MjRjLTIzLjUwNTA2LTE5Ljc5MDc4LTUxLjUwNy0yNi43NDM2NS03OC42ODU1Ny0zMy40NDIyMi0yOS40MzU0OC03LjI1NTY5LTU3LjI0NjgtMTQuMTM3Ny03OS43MTQ0Ny0zNi4xODg1NXpNNjEuMzI3IDI2Ni44NzMyMWMtMS4xMjk4My0xLjEyOTgzLTIuMTkyMDktMi4yODMyOC0zLjI0NTQ1LTMuNDRhMTAuMTU0NCAxMC4xNTQ0IDAgMCAwIDEuNjQ0MjggMTUuNjc5NTdsMzMuNTg4NyAyMS44MzY5NGMxNC44NjU4MyA2LjE1NTA5IDMwLjQxMzU5IDEwLjAwMzkgNDUuNzAwNTggMTMuNzcxNjYgMjMuODY4NCA1Ljg4MzU3IDQ2LjY2NzA4IDExLjUyNDY0IDY2LjQxODkgMjUuMTk3bDEwLjE2MDYtNi42MDU3Yy0yMi40NjMzMi0xNi44ODU4Ny00OC41MjItMjMuMzU1NjItNzMuODY0NDctMjkuNjAyNTMtMjkuNzMzNDMtNy4zMjg1MS01Ny44MTc5MS0xNC4yNTE3NS04MC40MDMxNC0zNi44MzY5NHptMTA5LjMwMDI0IDg0LjMzOTQ4YzIuMjM1NCAxLjA4NjEgNC40NDcxOCAyLjIyOTE5IDYuNjIyNjkgMy40NjAzNmExMC4xNjAxMiAxMC4xNjAxMiAwIDAgMCA3LjY0NTQzLTEuNDAybDUuNjM4NTgtMy42NjU3N2MtMTguMTEwNjUtMTIuMTEyNjYtMzguMjQ2NTMtMTguMjQ3LTU4LjMxMDk1LTIzLjM2MDQ0eiIgY2xhc3M9ImNscy0xIi8+PC9zdmc+
+  longDescription: Flux is a tool for keeping Kubernetes clusters in sync with sources
+    of configuration (like Git repositories and OCI artifacts), and automating updates
+    to configuration when there is new code to deploy. It's constructed with the GitOps
+    Toolkit, a set of composable APIs and specialized tools for building continuous
+    deployment on top of Kubernetes.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Flux is a continuous deployment solution for Kubernetes powered
+    by the GitOps Toolkit.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-flux
+    for community support.
diff --git a/repo/packages/gitops-configurer.packages.kadras.io/0.1.0.yml b/repo/packages/gitops-configurer.packages.kadras.io/0.1.0.yml
new file mode 100644
index 0000000..4baffa4
--- /dev/null
+++ b/repo/packages/gitops-configurer.packages.kadras.io/0.1.0.yml
@@ -0,0 +1,79 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: gitops-configurer.packages.kadras.io.0.1.0
+spec:
+  licenses:
+  - Apache 2.0
+  refName: gitops-configurer.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/gitops-configurer/releases
+  releasedAt: "2024-03-11T17:43:26Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/gitops-configurer@sha256:e60a1a8e9cb7f856acc9078f3cdbc9354ab6b18328de9b64155ccd37cb75c224
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        git:
+          additionalProperties: false
+          description: Configuration for synchronizing changes from Git.
+          properties:
+            branch:
+              default: main
+              description: The Git branch to check out and synchronize.
+              type: string
+            path:
+              default: ""
+              description: The path within the Git repository containing the manifests
+                to reconcile with the cluster.
+              type: string
+            secret_name:
+              default: ""
+              description: The name of the Secret in the same namespace holding the
+                credentials to access the Git server. The credentials should provide
+                read-only access to the Git server.
+              type: string
+            url:
+              default: ""
+              description: The URL of the Git repository to synchronize in the cluster.
+              type: string
+          type: object
+        name:
+          default: gitops-configurer
+          description: The name of the GitOps resource.
+          type: string
+        namespace:
+          default: kadras-system
+          description: The namespace where the GitOps resource should be installed.
+          type: string
+        service_account:
+          default: ""
+          description: The `ServiceAccount` used by the GitOps controller to reconcile
+            changes to the cluster.
+          type: string
+        sync_period:
+          default: 1m0s
+          description: 'The interval at which the GitOps controller should synchronize
+            changes from Git. The format is a Go duration string. Example: `1m0s`.'
+          type: string
+        type:
+          default: carvel-app
+          description: 'The type of GitOps controller to use. Options: `carvel-app`,
+            `flux-kustomization`.'
+          type: string
+      type: object
+  version: 0.1.0
diff --git a/repo/packages/gitops-configurer.packages.kadras.io/metadata.yml b/repo/packages/gitops-configurer.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..4503402
--- /dev/null
+++ b/repo/packages/gitops-configurer.packages.kadras.io/metadata.yml
@@ -0,0 +1,16 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: gitops-configurer.packages.kadras.io
+spec:
+  categories:
+  - gitops
+  displayName: gitops-configurer
+  longDescription: Simplify onboarding of GitOps workflows based on Carvel or Flux.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Simplify onboarding of GitOps workflows.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/gitops-configurer
+    for community support.
diff --git a/repo/packages/knative-eventing.packages.kadras.io/1.7.2.yml b/repo/packages/knative-eventing.packages.kadras.io/1.7.2.yml
deleted file mode 100644
index 7c16a0d..0000000
--- a/repo/packages/knative-eventing.packages.kadras.io/1.7.2.yml
+++ /dev/null
@@ -1,42 +0,0 @@
-apiVersion: data.packaging.carvel.dev/v1alpha1
-kind: Package
-metadata:
-  creationTimestamp: null
-  name: knative-eventing.packages.kadras.io.1.7.2
-spec:
-  refName: knative-eventing.packages.kadras.io
-  releasedAt: "2022-09-24T22:30:10Z"
-  template:
-    spec:
-      deploy:
-      - kapp: {}
-      fetch:
-      - imgpkgBundle:
-          image: ghcr.io/arktonix/package-for-knative-eventing@sha256:f44a70521d587f13bf24292cd869579e2a50609b6c03f87c087f7c43fe2e33f0
-      template:
-      - ytt:
-          paths:
-          - config
-      - kbld:
-          paths:
-          - '-'
-          - .imgpkg/images.yml
-  valuesSchema:
-    openAPIv3:
-      additionalProperties: false
-      properties:
-        default_broker:
-          additionalProperties: false
-          description: Configuration for the default in-memory broker
-          properties:
-            enabled:
-              default: false
-              description: Whether to install the default in-memory broker
-              type: boolean
-            namespace:
-              default: default
-              description: The namespace where to install the default broker
-              type: string
-          type: object
-      type: object
-  version: 1.7.2
diff --git a/repo/packages/knative-eventing.packages.kadras.io/metadata.yml b/repo/packages/knative-eventing.packages.kadras.io/metadata.yml
deleted file mode 100644
index 77a31d5..0000000
--- a/repo/packages/knative-eventing.packages.kadras.io/metadata.yml
+++ /dev/null
@@ -1,16 +0,0 @@
-apiVersion: data.packaging.carvel.dev/v1alpha1
-kind: PackageMetadata
-metadata:
-  creationTimestamp: null
-  name: knative-eventing.packages.kadras.io
-spec:
-  categories:
-  - eventing
-  - cloudevents
-  displayName: knative-eventing
-  longDescription: Knative Eventing provides tools for routing events from event producers
-    to sinks, enabling developers to use an event-driven architecture with their applications.
-  maintainers:
-  - name: Thomas Vitale
-  providerName: Arktonix
-  shortDescription: Toolkit to build event-driven architectures on Kubernetes.
diff --git a/repo/packages/knative-serving.packages.kadras.io/1.19.5.yml b/repo/packages/knative-serving.packages.kadras.io/1.19.5.yml
new file mode 100644
index 0000000..4ccf79f
--- /dev/null
+++ b/repo/packages/knative-serving.packages.kadras.io/1.19.5.yml
@@ -0,0 +1,310 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: knative-serving.packages.kadras.io.1.19.5
+spec:
+  capacityRequirementsDescription: For prototyping purposes, one-node cluster that
+    has at least 3 CPUs and 4 GB of memory. For production purposes, if you have only
+    one node, at least 6 CPUs, 6 GB of memory, and 30 GB of disk storage. If you have
+    multiple nodes, for each node at least 2 CPUs, 4 GB of memory, and 20 GB of disk
+    storage.
+  licenses:
+  - Apache 2.0
+  refName: knative-serving.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-knative-serving/releases
+  releasedAt: "2025-09-15T14:59:32Z"
+  template:
+    spec:
+      deploy:
+      - kapp:
+          rawOptions:
+          - --wait-timeout=5m
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-knative-serving@sha256:80e7b2444be3b3d078a29a2d2e581e85ed0ea2e5b15108f049d1880775ed2633
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        ca_cert_data:
+          default: ""
+          description: PEM-encoded certificate data to trust TLS connections with
+            a custom CA.
+          type: string
+        config:
+          additionalProperties: false
+          description: Settings for the Knative Serving ConfigMaps.
+          properties:
+            deployment:
+              additionalProperties: false
+              description: Deployment configuration stored in the `config-deployment`
+                ConfigMap.
+              properties:
+                progress-deadline:
+                  default: 600s
+                  description: The duration to wait for the deployment to be ready
+                    before considering it failed.
+                  type: string
+                queue-sidecar-cpu-limit:
+                  default: 1000m
+                  description: The queue proxy's CPU limit. If omitted, a default
+                    value (currently `1000m`), is used when `queueproxy.resource-defaults`
+                    is set to `Enabled`.
+                  type: string
+                queue-sidecar-cpu-request:
+                  default: 25m
+                  description: The queue proxy's CPU request. If omitted, a default
+                    value (currently '25m'), is used.
+                  type: string
+                queue-sidecar-memory-limit:
+                  default: 200Mi
+                  description: The queue proxy's memory limit. If omitted, a default
+                    value (currently `800Mi`), is used when `queueproxy.resource-defaults`
+                    is set to `Enabled`.
+                  type: string
+                queue-sidecar-memory-request:
+                  default: 50Mi
+                  description: The queue proxy's memory request. If omitted, a default
+                    value (currently `400Mi`), is used when `queueproxy.resource-defaults`
+                    is set to `Enabled`.
+                  type: string
+              type: object
+            network:
+              additionalProperties: false
+              description: Network configuration stored in the `config-network` ConfigMap.
+              properties:
+                default-external-scheme:
+                  default: http
+                  description: Defines the scheme used for external URLs if autoTLS
+                    is not enabled. This can be used for making Knative report all
+                    URLs as `https`, for example, if you're fronting Knative with
+                    an external loadbalancer that deals with TLS termination and Knative
+                    doesn't know about that otherwise.
+                  enum:
+                  - http
+                  - https
+                  type: string
+                domain-template:
+                  default: '{{.Name}}.{{.Namespace}}.{{.Domain}}'
+                  description: The golang text template string to use when constructing
+                    the Knative Service's DNS name.
+                  type: string
+                http-protocol:
+                  default: Redirected
+                  description: 'Controls the behavior of the HTTP endpoint for the
+                    Knative ingress. `Enabled`: The Knative ingress will be able to
+                    serve HTTP connection. `Redirected`: The Knative ingress will
+                    send a 301 redirect for all http connections, asking the clients
+                    to use HTTPS.'
+                  enum:
+                  - Enabled
+                  - Redirected
+                  type: string
+                namespace-wildcard-cert-selector:
+                  default: ""
+                  description: A LabelSelector which determines which namespaces should
+                    have a wildcard certificate provisioned.
+                  type: string
+                rollout-duration:
+                  default: 0
+                  description: The minimal duration in seconds over which the Configuration
+                    traffic targets are rolled out to the newest revision.
+                  minimum: 0
+                  type: integer
+              type: object
+            tracing:
+              additionalProperties: false
+              description: Network configuration stored in the `config-tracing` ConfigMap.
+              properties:
+                backend:
+                  default: none
+                  description: The type of distributed tracing backend.
+                  enum:
+                  - zipkin
+                  - none
+                  type: string
+                debug:
+                  default: "false"
+                  description: Enable the Zipkin debug mode. This allows all spans
+                    to be sent to the server bypassing sampling.
+                  enum:
+                  - "true"
+                  - "false"
+                  type: string
+                sample-rate:
+                  default: "0.1"
+                  description: The percentage (0-1) of requests to trace.
+                  maxLength: 3
+                  minLength: 1
+                  type: string
+                zipkin-endpoint:
+                  default: http://tempo.observability-system.svc.cluster.local:9411/api/v2/spans
+                  description: The Zipkin collector endpoint where traces are sent.
+                  type: string
+              type: object
+          type: object
+        domain_name:
+          default: ""
+          description: Domain name for Knative Services. It must be a valid DNS name.
+            Stored in the `config-domain` ConfigMap.
+          minLength: 4
+          type: string
+        ingress:
+          additionalProperties: false
+          description: Settings for the Ingress controller.
+          properties:
+            contour:
+              additionalProperties: false
+              description: Ingress configuration stored in the `config-contour` ConfigMap.
+              properties:
+                default-tls-secret:
+                  default: ""
+                  description: If auto-TLS is disabled, fallback to this certificate.
+                    An operator is required to setup a TLSCertificateDelegation for
+                    this Secret to be used.
+                  type: string
+                external:
+                  additionalProperties: false
+                  description: Configuration for the external Ingress controller
+                  properties:
+                    namespace:
+                      default: projectcontour
+                      description: The namespace where the external Ingress controller
+                        is installed.
+                      minLength: 1
+                      type: string
+                  type: object
+                internal:
+                  additionalProperties: false
+                  description: Configuration for the internal Ingress controller
+                  properties:
+                    namespace:
+                      default: projectcontour
+                      description: The namespace where the internal Ingress controller
+                        is installed.
+                      minLength: 1
+                      type: string
+                  type: object
+              type: object
+          type: object
+        ingress_issuer:
+          default: ""
+          description: A reference to the ClusterIssuer to use if you want to enable
+            autoTLS. Stored in the `config-certmanager` ConfigMap.
+          example: kadras-ca-issuer
+          type: string
+          x-example-description: Kadras private CA
+        min_kubernetes_version:
+          default: ""
+          description: The minimum Kubernetes version that this package will accept
+            as valid. If not set, Knative Serving will accept the last 3 minor versions
+            of Kubernetes.
+          type: string
+        policies:
+          additionalProperties: false
+          description: Settings for the Kyverno policies.
+          properties:
+            include:
+              default: false
+              description: Whether to include the out-of-the-box Kyverno policies
+                to validate and secure the package installation.
+              type: boolean
+          type: object
+        proxy:
+          additionalProperties: false
+          description: Settings for the corporate proxy.
+          properties:
+            http_proxy:
+              default: ""
+              description: The HTTP proxy to use for network traffic.
+              type: string
+            https_proxy:
+              default: ""
+              description: The HTTPS proxy to use for network traffic.
+              type: string
+            no_proxy:
+              default: ""
+              description: A comma-separated list of hostnames, IP addresses, or IP
+                ranges in CIDR format that should not use a proxy.
+              type: string
+          type: object
+        workloads:
+          additionalProperties: false
+          description: Settings for the Knative Serving workloads.
+          properties:
+            activator:
+              additionalProperties: false
+              properties:
+                minReplicas:
+                  default: 1
+                  description: The minimum number of replicas as controlled by a HorizontalPodAutoscaler.
+                    In order to enable high availability, it should be greater than
+                    1.
+                  maximum: 20
+                  minimum: 1
+                  type: integer
+              type: object
+            autoscaler:
+              additionalProperties: false
+              properties:
+                replicas:
+                  default: 1
+                  description: The number of replicas for this Deployment. In order
+                    to enable high availability, it should be greater than 1.
+                  minimum: 1
+                  type: integer
+              type: object
+            controller:
+              additionalProperties: false
+              properties:
+                replicas:
+                  default: 1
+                  description: The number of replicas for this Deployment. In order
+                    to enable high availability, it should be greater than 1.
+                  minimum: 1
+                  type: integer
+              type: object
+            domain_mapping:
+              additionalProperties: false
+              properties:
+                replicas:
+                  default: 1
+                  description: The number of replicas for this Deployment. In order
+                    to enable high availability, it should be greater than 1.
+                  minimum: 1
+                  type: integer
+              type: object
+            domain_mapping_webhook:
+              additionalProperties: false
+              properties:
+                replicas:
+                  default: 1
+                  description: The number of replicas for this Deployment. In order
+                    to enable high availability, it should be greater than 1.
+                  minimum: 1
+                  type: integer
+              type: object
+            webhook:
+              additionalProperties: false
+              properties:
+                minReplicas:
+                  default: 1
+                  description: The minimum number of replicas as controlled by a HorizontalPodAutoscaler.
+                    In order to enable high availability, it should be greater than
+                    1.
+                  maximum: 5
+                  minimum: 1
+                  type: integer
+              type: object
+          type: object
+      type: object
+  version: 1.19.5
diff --git a/repo/packages/knative-serving.packages.kadras.io/1.7.1.yml b/repo/packages/knative-serving.packages.kadras.io/1.7.1.yml
deleted file mode 100644
index a779aab..0000000
--- a/repo/packages/knative-serving.packages.kadras.io/1.7.1.yml
+++ /dev/null
@@ -1,122 +0,0 @@
-apiVersion: data.packaging.carvel.dev/v1alpha1
-kind: Package
-metadata:
-  creationTimestamp: null
-  name: knative-serving.packages.kadras.io.1.7.1
-spec:
-  licenses:
-  - Apache 2.0
-  refName: knative-serving.packages.kadras.io
-  releaseNotes: https://github.com/knative/serving/releases
-  releasedAt: "2022-09-25T09:11:21Z"
-  template:
-    spec:
-      deploy:
-      - kapp: {}
-      fetch:
-      - imgpkgBundle:
-          image: ghcr.io/arktonix/package-for-knative-serving@sha256:dd95399d9bd8add0ca45f4e4a54b8174a300c2c19804a9f56fc08233eff67eef
-      template:
-      - ytt:
-          paths:
-          - config
-      - kbld:
-          paths:
-          - '-'
-          - .imgpkg/images.yml
-  valuesSchema:
-    openAPIv3:
-      additionalProperties: false
-      properties:
-        domain:
-          additionalProperties: false
-          description: DNS configuration
-          properties:
-            name:
-              default: ""
-              description: Your own domain name if type real or empty if type sslip.io
-                or nip.io
-              type: string
-            type:
-              default: nip.io
-              description: Type of DNS configuration
-              type: string
-            url_template:
-              default: '{{.Name}}.{{.Namespace}}.{{.Domain}}'
-              description: The domain template to use when creating new services
-              type: string
-          type: object
-        ingress:
-          additionalProperties: false
-          description: Ingress configuration
-          properties:
-            external:
-              additionalProperties: false
-              description: Configuration for the external Ingress controller
-              properties:
-                namespace:
-                  default: projectcontour
-                  description: The namespace where the external Ingress controller
-                    is installed
-                  type: string
-              type: object
-            internal:
-              additionalProperties: false
-              description: Configuration for the internale Ingress controller
-              properties:
-                namespace:
-                  default: projectcontour
-                  description: The namespace where the internal Ingress controller
-                    is installed
-                  type: string
-              type: object
-          type: object
-        namespace:
-          default: knative-serving
-          description: The namespace where to install Knative Serving
-          type: string
-        scaling:
-          additionalProperties: false
-          description: Configuration for the Knative autoscaler
-          properties:
-            allow_zero_initial_scale:
-              default: "true"
-              description: Whether either the initial_scale config or the 'autoscaling.knative.dev/initial-scale'
-                annotation can be set to 0
-              type: string
-            initial_scale:
-              default: "1"
-              description: The initial target scale of a revision after creation
-              type: string
-            max_scale:
-              default: "0"
-              description: The maximum scale of a revision. If set to 0, the revision
-                has no maximum scale.
-              type: string
-            min_scale:
-              default: "0"
-              description: The minimum scale of a revision
-              type: string
-            scale_down_delay:
-              default: 0s
-              description: The amount of time that must pass at reduced concurrency
-                before a scale down decision is applied. If 0s, no delay.
-              type: string
-          type: object
-        tls:
-          additionalProperties: false
-          description: Configuration for automatic TLS certificates
-          properties:
-            certmanager:
-              additionalProperties: false
-              description: Configuration for integrating with cert-manager for certificate
-                issuing
-              properties:
-                clusterissuer:
-                  default: ""
-                  description: Provide a cluster issuer if you want to enable auto-TLS
-                  type: string
-              type: object
-          type: object
-      type: object
-  version: 1.7.1
diff --git a/repo/packages/knative-serving.packages.kadras.io/metadata.yml b/repo/packages/knative-serving.packages.kadras.io/metadata.yml
index 42139d3..26e208c 100644
--- a/repo/packages/knative-serving.packages.kadras.io/metadata.yml
+++ b/repo/packages/knative-serving.packages.kadras.io/metadata.yml
@@ -8,9 +8,12 @@ spec:
   - serverless
   - deployment
   displayName: knative-serving
-  longDescription: Knative Serving builds on Kubernetes to support deploying and serving
-    of applications and functions as serverless containers
+  iconSVGBase64: PHN2ZyB2aWV3Qm94PSIwIDAgNzM1IDU5My41IiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPgogIDxwYXRoIGZpbGw9IiMwODY1YWQiIGQ9Ik0yOTcuNDk2IDEuNDg4IDY1Ljc0OSAxMTMuMDk2YTE1LjAzNSAxNS4wMzUgMCAwIDAtOC4xMzUgMTAuMTk0TC4zNzcgMzc0LjA2NWExNS4wMiAxNS4wMiAwIDAgMCAyLjkwMiAxMi43MTFsMTYwLjM3NiAyMDEuMTA4YTE1LjAzOCAxNS4wMzggMCAwIDAgMTEuNzQ3IDUuNjU3SDQzMi42M2M0LjU3MSAwIDguODk1LTIuMDg1IDExLjc0Ny01LjY1N2wxNjAuMzc2LTIwMS4xMDhhMTUuMDIzIDE1LjAyMyAwIDAgMCAyLjkwMy0xMi43MTFMNTUwLjQxOCAxMjMuMjlhMTUuMDE5IDE1LjAxOSAwIDAgMC04LjEzNS0xMC4xOTRMMzEwLjUzNiAxLjQ4OGExNS4wMjIgMTUuMDIyIDAgMCAwLTEzLjA0IDAiLz4KICA8cGF0aCBmaWxsPSIjZmZmIiBkPSJNMjIxLjg0NSAyMTAuNTMzaDUxLjA1NHYxMDAuNzY0aDEuMDE3YzUuMDcyLTguNzk4IDEwLjQ4LTE2LjkwNyAxNS41NTItMjUuMDIzbDUxLjczNi03NS43NDFoNjMuMjI1bC03NS4zOTggOTcuMDM5IDc5LjQ1NSAxMzAuODU2aC02MC4xOGwtNTUuNzkyLTk4LjM5NC0xOS42MTUgMjQuMDA1djc0LjM4OWgtNTEuMDU0VjIxMC41MzNaIi8+CiAgPHBhdGggZmlsbD0iIzY2OTVjYSIgZD0ibTU4NS4zMjggMS4zMDctOTEuMTEyIDMzLjE2YTcuNTIxIDcuNTIxIDAgMCAwLTMuOTM1IDMuMzA2bC00OC40NzggODMuOTY0YTcuNTEzIDcuNTEzIDAgMCAwLS44OTIgNS4wNjZsMTYuODM1IDk1LjQ4M2E3LjQ5NSA3LjQ5NSAwIDAgMCAyLjU2OCA0LjQ1M2w3NC4yNzcgNjIuMzE5YTcuNTA3IDcuNTA3IDAgMCAwIDQuODI4IDEuNzZoOTYuOTU3YTcuNTE1IDcuNTE1IDAgMCAwIDQuODMxLTEuNzZsNzQuMjc0LTYyLjMxOWE3LjUwOCA3LjUwOCAwIDAgMCAyLjU2Ny00LjQ1M2wxNi44MzktOTUuNDgzYTcuNTM4IDcuNTM4IDAgMCAwLS44OTYtNS4wNjZsLTQ4LjQ3NC04My45NjRhNy41MjYgNy41MjYgMCAwIDAtMy45MzktMy4zMDZsLTkxLjExMi0zMy4xNmE3LjUgNy41IDAgMCAwLTUuMTM4IDAiLz4KICA8cGF0aCBmaWxsPSIjZmZmIiBkPSJNNTcwLjIzMSAxMTEuODY1YTU5LjM1OCA1OS4zNTggMCAwIDEgNS42NTQtNC44MjEgMzcuNzYgMzcuNzYgMCAwIDEgNi4yMjgtMy43NzNjMi4xOTItMS4wNTIgNC41NTktMS44NjYgNy4xMDEtMi40NTIgMi41NDItLjU4NSA1LjMwMS0uODc2IDguMjgxLS44NzYgNC45MSAwIDkuMjY1Ljg0OCAxMy4wNjMgMi41NDIgMy44MDEgMS42OTQgNy4wMDEgNC4wNjcgOS42MDMgNy4xMDEgMi42MDIgMy4wNCA0LjU1OCA2LjY2MyA1Ljg3MyAxMC44NzEgMS4zMTYgNC4yMDUgMS45NzYgOC44MjYgMS45NzYgMTMuODUxdjU3LjQyM2gtMjQuMTE1di01Ny40MjNjMC01LjAyNS0xLjE2OC04LjkyOS0zLjUtMTEuNzA2LTIuMzQyLTIuNzc1LTUuNzg2LTQuMTYyLTEwLjM1MS00LjE2Mi0zLjM4NSAwLTYuNTY5LjczLTkuNTU2IDIuMTkyLTIuOTgxIDEuNDYyLTUuODE0IDMuNTA0LTguNDk4IDYuMTM3djY0Ljk2MmgtMjQuMjAydi05MC4zODloMTQuOTAzYzMuMDQgMCA1LjA1NyAxLjQwMyA2LjA1NiA0LjIxMWwxLjQ4NCA2LjMxMloiLz4KPC9zdmc+
+  longDescription: Knative Serving builds on Kubernetes to define and control the
+    deployment of applications and functions as serverless containers.
   maintainers:
   - name: Thomas Vitale
-  providerName: Arktonix
-  shortDescription: Serverless platform on Kubernetes
+  providerName: Kadras
+  shortDescription: Solution for running serverless deployments on Kubernetes.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-knative-serving
+    for community support.
diff --git a/repo/packages/kpack.packages.kadras.io/0.6.1.yml b/repo/packages/kpack.packages.kadras.io/0.6.1.yml
deleted file mode 100644
index a432073..0000000
--- a/repo/packages/kpack.packages.kadras.io/0.6.1.yml
+++ /dev/null
@@ -1,65 +0,0 @@
-apiVersion: data.packaging.carvel.dev/v1alpha1
-kind: Package
-metadata:
-  name: kpack.packages.kadras.io.0.6.1
-spec:
-  refName: kpack.packages.kadras.io
-  version: 0.6.1
-  capacityRequirementsDescription: Registry with > 1GB available space
-  releaseNotes: https://github.com/pivotal/kpack/releases/tag/v0.6.1
-  valuesSchema:
-    openAPIv3:
-      title: kpack.packages.kadras.io values schema
-      properties:
-        kp_default_repository:
-          type: string
-          description: docker repository
-          examples:
-          - registry.io/kpack
-        kp_default_repository_secret:
-          type: object
-          description: Secret reference for kp_default_repository credentials. Mutually exclusive with kp_default_repository_username/password. Requires Carvel secretgen-controller.
-          properties:
-            name:
-              description: Secret name for kp_default_repository credentials of type kubernetes.io/dockerconfigjson.
-              type: string
-            namespace:
-              description: Secret namespace for kp_default_repository credentials.
-              type: string
-        kp_default_repository_username:
-          type: string
-          description: registry username
-          examples:
-          - janedoe@vmware.com
-        kp_default_repository_password:
-          type: string
-          description: registry password
-          examples:
-          - password
-        http_proxy:
-          type: string
-          description: the HTTP proxy to use for network traffic
-        https_proxy:
-          type: string
-          description: the HTTPS proxy to use for network traffic.
-        no_proxy:
-          type: string
-          description: A comma-separated list of hostnames, IP addresses, or IP ranges in CIDR format that should not use a proxy
-        ca_cert_data:
-          type: string
-          description: CA Certificate to be injected into the kpack controller trust store for communicating with self signed registries.
-  template:
-    spec:
-      fetch:
-      - imgpkgBundle:
-          image: projects.registry.vmware.com/kpack/release@sha256:3965faeb09836e625f8d5a857ad6d31585dd331ea0307423b5ac75180bffb0d7
-      template:
-      - ytt:
-          paths:
-          - config/
-      - kbld:
-          paths:
-          - '-'
-          - .imgpkg/images.yml
-      deploy:
-      - kapp: {}
diff --git a/repo/packages/kpack.packages.kadras.io/metadata.yml b/repo/packages/kpack.packages.kadras.io/metadata.yml
deleted file mode 100644
index cfcff14..0000000
--- a/repo/packages/kpack.packages.kadras.io/metadata.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-apiVersion: data.packaging.carvel.dev/v1alpha1
-kind: PackageMetadata
-metadata:
-  name: kpack.packages.kadras.io
-spec:
-  displayName: "kpack"
-  longDescription: "kpack extends Kubernetes and utilizes unprivileged Kubernetes primitives to provide builds of OCI images as a platform implementation of Cloud Native Buildpacks (CNB)."
-  shortDescription: "kpack builds application source code into OCI compliant images using Cloud Native Buildpacks"
-  supportDescription: "Go to https://github.com/vmware-tanzu/package-for-kpack and https://github.com/pivotal/kpack for documentation or the #kpack channel on Kubernetes slack"
-  providerName: "VMware"
-  categories:
-    - "build"
-  maintainers:
-    - name: "Matthew McNew"
-    - name: "Tom Kennedy"
-    - name: "Tyler Phelan"
-    - name: "Nicholas Carlson"
-    - name: "Viraj Patel"
-    - name: "Matt Gibson"
-    - name: "Malini Valliath"
diff --git a/repo/packages/kyverno.packages.kadras.io/1.15.1.yml b/repo/packages/kyverno.packages.kadras.io/1.15.1.yml
new file mode 100644
index 0000000..762815c
--- /dev/null
+++ b/repo/packages/kyverno.packages.kadras.io/1.15.1.yml
@@ -0,0 +1,182 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: kyverno.packages.kadras.io.1.15.1
+spec:
+  licenses:
+  - Apache 2.0
+  refName: kyverno.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-kyverno/releases
+  releasedAt: "2025-09-15T14:32:28Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-kyverno@sha256:069b230b662c880274eafe7566be3a1824806858d044f2f3ce19d999a837674f
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        admission_controller:
+          additionalProperties: false
+          description: Settings for the Admission Controller component.
+          properties:
+            replicas:
+              default: 1
+              description: The number of replicas for the Admission Controller. In
+                order to enable high availability, it should be at least 3 (2 is not
+                permitted).
+              minimum: 1
+              type: integer
+          type: object
+        background_controller:
+          additionalProperties: false
+          description: Settings for the Background Controller component.
+          properties:
+            replicas:
+              default: 1
+              description: The number of replicas for the Background Controller. In
+                order to enable high availability, it should be greater than 1.
+              minimum: 1
+              type: integer
+          type: object
+        ca_cert_data:
+          default: ""
+          description: PEM-encoded certificate data to trust TLS connections with
+            a custom CA.
+          type: string
+        cleanup_controller:
+          additionalProperties: false
+          description: Settings for the Cleanup Controller component.
+          properties:
+            replicas:
+              default: 1
+              description: The number of replicas for the Cleanup Controller. In order
+                to enable high availability, it should be greater than 1.
+              minimum: 1
+              type: integer
+          type: object
+        logging:
+          additionalProperties: false
+          description: Settings for logging.
+          properties:
+            encoding:
+              default: text
+              description: 'Log encoding format. Options: `text`, `json`.'
+              enum:
+              - text
+              - json
+              type: string
+            level:
+              default: 2
+              description: Number of the log level verbosity (from `1` to `6`).
+              maximum: 6
+              minimum: 1
+              type: integer
+          type: object
+        metrics:
+          additionalProperties: false
+          description: Settings for metrics via Prometheus or OpenTelemetry.
+          properties:
+            collector:
+              default: ""
+              description: The endpoint where the OpenTelemetry-based collector receives
+                telemetry data.
+              type: string
+            type:
+              default: prometheus
+              description: Whether to use OpenTelemetry (`grpc`) or Prometheus (`prometheus`)
+                for exporting metrics.
+              enum:
+              - grpc
+              - prometheus
+              type: string
+          type: object
+        optional_components:
+          additionalProperties: false
+          description: Settings for which Kyverno optional components to deploy.
+          properties:
+            background_controller:
+              default: true
+              description: Whether to deploy the Background Controller, responsible
+                for processing of generate and mutate-existing rules.
+              type: boolean
+            cleanup_controller:
+              default: true
+              description: Whether to deploy the Cleanup Controller, responsible for
+                processing `CleanupPolicy` resources.
+              type: boolean
+            reports_controller:
+              default: true
+              description: Whether to deploy the Reports Controller, responsible for
+                handling `PolicyReport` resources.
+              type: boolean
+          type: object
+        proxy:
+          additionalProperties: false
+          description: Settings for the corporate proxy.
+          properties:
+            http_proxy:
+              default: ""
+              description: The HTTP proxy to use for network traffic.
+              type: string
+            https_proxy:
+              default: ""
+              description: The HTTPS proxy to use for network traffic.
+              type: string
+            no_proxy:
+              default: ""
+              description: A comma-separated list of hostnames, IP addresses, or IP
+                ranges in CIDR format that should not use the proxy.
+              type: string
+          type: object
+        reports_controller:
+          additionalProperties: false
+          description: Settings for the Reports Controller component.
+          properties:
+            replicas:
+              default: 1
+              description: The number of replicas for the Reports Controller. In order
+                to enable high availability, it should be greater than 1.
+              minimum: 1
+              type: integer
+          type: object
+        tracing:
+          additionalProperties: false
+          description: Settings for tracing via OpenTelemetry.
+          properties:
+            ca_cert_secret:
+              default: ""
+              description: The Secret containing the certificate which is used by
+                the Opentelemetry Tracing Client. If empty string is set, an insecure
+                connection will be used.
+              type: string
+            enabled:
+              default: false
+              description: Whether to configure Kyverno to export OpenTelemetry traces
+                to a distributed tracing backend.
+              type: boolean
+            endpoint:
+              default: ""
+              description: The endpoint where the distributed tracing backend accepts
+                OpenTelemetry traces.
+              type: string
+            port:
+              default: 4317
+              description: The port exposed by the distributed tracing backend to
+                accept OpenTelemetry traces.
+              type: integer
+          type: object
+      type: object
+  version: 1.15.1
diff --git a/repo/packages/kyverno.packages.kadras.io/metadata.yml b/repo/packages/kyverno.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..7ef45e8
--- /dev/null
+++ b/repo/packages/kyverno.packages.kadras.io/metadata.yml
@@ -0,0 +1,19 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: kyverno.packages.kadras.io
+spec:
+  categories:
+  - policy-management
+  - policies
+  displayName: kyverno
+  iconSVGBase64: PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCA1MDAgNTAwIj48ZGVmcz48c3R5bGU+LmNscy0xe2ZpbGw6I2U4N2U1Yjt9LmNscy0xLC5jbHMtMntmaWxsLXJ1bGU6ZXZlbm9kZDt9LmNscy0ye2ZpbGw6IzM3ODRjNTt9PC9zdHlsZT48L2RlZnM+PGcgaWQ9IkxheWVyXzEiIGRhdGEtbmFtZT0iTGF5ZXIgMSI+PHBhdGggY2xhc3M9ImNscy0xIiBkPSJNODUuOTc4LDE1OS4xMjk3Nyw2Mi44LDI2MC42NzU4SDg2LjY0OTRsMTkuNDQ0ODEtODUuMTg3NDhjLTMuNjc3NDItMy43MzE3MS03LjQ0NzIzLTcuMzEyNDMtMTEuMzQwNzItMTAuNjQwODNhMTAuNjM4NTQsMTAuNjM4NTQsMCwwLDEtMi41NzE0NS0zLjI1NTYxYy0yLjAwNjIxLS43NzAwNy00LjA5MDYxLTEuNTk1MzQtNi4yMDQtMi40NjIxMU0yMzEuNDIzODEsNjcuMzQ0NTYsMTEyLjExMTksMTI0LjgwMjIyYzEuNTIxNjIsMi4xMywyLjk3NzM4LDQuMjQxNTksNC4zNDc4Niw2LjI2OTY5YTEwLjY0MDE5LDEwLjY0MDE5LDAsMCwxLDMuNzUwNTIsMS43NzQ0YzMuODM3NjcsMi44MzY1Nyw3Ljg2MjczLDUuNTE4NDUsMTIuMDAzOTEsOC4wODlsOTkuMzY3ODYtNDcuODUwNzdjLjU1NzIzLTQuNzk3NDMuOTU4MDYtOS41NzE1OCwxLjEyNTA5LTE0LjI5NTI5YTEwLjY2NDIyLDEwLjY2NDIyLDAsMCwxLC45NDYzNS00LjAzOTI0QzIzMi45MDgsNzIuMzg0NDMsMjMyLjE1MTQ2LDY5Ljg5NTUsMjMxLjQyMzgxLDY3LjM0NDU2Wm0xNjEuMjcyNTQsNTYuNzI3ODVMMjc0Ljg4MzY5LDY3LjMzNzE1Yy0uNzI4NTYsMi41NTM0MS0xLjQ4NDI4LDUuMDQ1MjgtMi4yMzA0NSw3LjQxMjg0YTEwLjY3MDE2LDEwLjY3MDE2LDAsMCwxLC45NDY1LDQuMDM5MjRjLjE2NjczLDQuNzIxNzEuNTY3ODcsOS40OTQxNSwxLjEyNTU2LDE0LjI5MDJsOTguMDIzMTQsNDcuMjAyMjRjNC4xNTQ0NS0yLjYyNTc0LDguMTkwMy01LjM2MzkyLDEyLjAzMDktOC4yNTY3OGExMC42ODc4OSwxMC42ODc4OSwwLDAsMSwzLjczNjgtMS44MDc1NkMzODkuODMzMSwxMjguMjI4MjUsMzkxLjIzNDg4LDEyNi4xNTk4OSwzOTIuNjk2MzUsMTI0LjA3MjQxWk00NDMuNTE5NTgsMjYwLjY3NTgsNDIwLjAxNDM4LDE1Ny42ODVjLTIuMzcwNjUsMS4wMDctNC43MTEzOCwxLjk1NzE2LTYuOTU1NCwyLjg0MTJhMTAuNjkyNywxMC42OTI3LDAsMCwxLTIuNTQyMywzLjI3NjU4Yy0zLjY1MTY3LDMuMTc3NTctNy4xOTEyMSw2LjU3OTA4LTEwLjY0NTMsMTAuMTIwNjNsMTkuODAyLDg2Ljc1MjQzWiIvPjxwYXRoIGNsYXNzPSJjbHMtMiIgZD0iTTMxMC44MDYyOCwxOTcuOTg0MjRsMi44MjkzMiwzLjQ5NGMxLjMxMzQxLTExLjE3MDQ2LDEwLjU3OTkyLTIxLjg4ODU3LDI4LjE2NzUyLTMxLjQ5NzYyLDE4LjMzMy0xMC4wMTUxMywzNS40NTQzNC0xOC45MDE2Miw0OS40MTA2My0yOS40MDg3NWwxLjg1MDQ0LDIuMjgyNDNxMTYuMzYxOTQtMjUuNTU1NSwyNS40MTcxNi0zMi4xNzMxNGM4LjExMTk1LTQuOTM2NywxNS42MDgzOC0zLjQ5OTc1LDIxLjQzNjY3LDMuMDAzNDUsNS4xNTA3Nyw3LjA1MzQ4LDQuOTk4MjQsMTQuNjg0NTUtMS41MTc5MSwyMS41OTM2OHEtOC4zNTY1Nyw3LjQ4MDk0LTM2Ljc1NTczLDE4LjE3MTJsMS44NDgxMiwyLjI4Mjg5Yy0xMy4xNzc0NCwxMS40NzEwNS0yNS40MzA4OSwyNi4zNjgxMy0zOS4wNDEwOSw0Mi4yMTg2NS0xMy4wNTE0MywxNS4yMDYxNi0yNS40NjM4OSwyMi4wNDAxOC0zNi42NjQ1OCwyMS4wMDQyM2wyLjgzMTQ4LDMuNDk0NS0xMS4wMDcxMyw4LjkxMjU2TDMwOS44ODQzLDIwNy44NzhsLTcuNDczOTEtMy4wOTUyMVpNMTc1LjE2MSwyMjIuNzkyMmwyLjc5ODMyLTMuNTE3Yy0xMS4xODg1MSwxLjEzNDUtMjMuNjYtNS41OTA0OC0zNi44NDYtMjAuNjgyNTEtMTMuNzQ1NjEtMTUuNzMyMDctMjYuMTI3NTQtMzAuNTIyMTItMzkuNDA4MTUtNDEuODc1MzRsMS44MzAwOC0yLjMwMDQ3UTc1LjA0NCwxNDMuOTc0MjgsNjYuNjIxMTMsMTM2LjU2NzM4Yy02LjU3MzgzLTYuODUxNDQtNi43OTM0NS0xNC40ODE3NC0xLjcwNTYxLTIxLjU3OTQ5LDUuNzcxMjMtNi41NTQwOSwxMy4yNTM3OC04LjA1NjQzLDIxLjQxMDkyLTMuMTkxNzZxOS4xMTA1LDYuNTQxNDUsMjUuNjk0NDcsMzEuOTUxODJsMS44MzA2OS0yLjMwMDMyYzE0LjA0OTI5LDEwLjM4NDIxLDMxLjI0NjIyLDE5LjEyMjY0LDQ5LjY2NTg4LDI4Ljk3OCwxNy42NzE4MSw5LjQ1MjUxLDI3LjAzMSwyMC4wOTE2NSwyOC40NDE0MiwzMS4yNDk3N2wyLjc5OTU2LTMuNTE5MTgsOC40NjEsNi43MzA2OC03LjIyMjgyLDIuOTkxMTEtOS44MDkwOSwyMy42ODY3MlptNjIuMjUyMTYtNDUuMDAzNTZIMjQxLjkxYy03Ljg1NDA5LTguMDUwNTctMTAuMzU0NTktMjEuOTk4MjItNi43NTMtNDEuNzEyLDMuNzU0ODQtMjAuNTUxMjUsNy42MjE2NS0zOS40NDg1Niw4LjI0MDcyLTU2LjkwODE1aDIuOTQwNTJxLTkuNTY1MDktMjguNzk5ODUtOS4wMTA5NS00MC4wMDAzOWMxLjI2OTYxLTkuNDEwMjUsNy4xMDQyMy0xNC4zMzQsMTUuODI1MzgtMTQuNzcwMyw4LjcyMjU1LjQzNjMxLDE0LjU1NzQ4LDUuMzYwMDUsMTUuODI3NTUsMTQuNzcwM3EuNTUwNTksMTEuMjAwNDctOS4wMTE3Myw0MC4wMDAzOWgyLjk0MDUyYy42MTkzOCwxNy40NTk1OSw0LjQ4NjY2LDM2LjM1NjksOC4yNDA3NCw1Ni45MDgxNSwzLjYwMTcsMTkuNzEzNzksMS4xMDEsMzMuNjYxNDQtNi43NTI4OSw0MS43MTJoNC40OTY2OHYxMy4xMTM3NGwtMTUuOTU0LTYuNjA3MTUtMTUuNTI2MzQsNi40Mjk2M1oiLz48cG9seWdvbiBjbGFzcz0iY2xzLTEiIHBvaW50cz0iMjUyLjkzOSAxOTMuODkzIDI3OC4wMTYgMjA0LjI4MSAzMDMuMDk3IDIxNC42NjQgMzEzLjQ3OSAyMzkuNzQ3IDMyMi4xNTEgMjYwLjY3NiAyNzYuNzI0IDI2MC42NzYgMjc0LjcwNyAyNTUuODA2IDI3MC45NzQgMjQ2Ljc4NyAyNjEuOTU2IDI0My4wNTUgMjUyLjkzOSAyMzkuMzIgMjQzLjkyMyAyNDMuMDU1IDIzNC45MDUgMjQ2Ljc4NyAyMzEuMTcyIDI1NS44MDYgMjI5LjE1NSAyNjAuNjc2IDE4My43MjkgMjYwLjY3NiAxOTIuNCAyMzkuNzQ3IDIwMi43ODMgMjE0LjY2NCAyMjcuODY0IDIwNC4yODEgMjUyLjkzOSAxOTMuODkzIi8+PHBhdGggY2xhc3M9ImNscy0yIiBkPSJNNjguMjEzNywzNDkuNjI0YTguOTE0NDksOC45MTQ0OSwwLDEsMS0xNy44MjksMFYyODYuNTg5MTJhOC45MTU5Myw4LjkxNTkzLDAsMCwxLDguOTE0ODctOC45MTQxaDM4NC4yMThhOC45MTUxNyw4LjkxNTE3LDAsMCwxLDguOTE0NTYsOC45MTQxVjM0OS42MjRhOC45MTQzMyw4LjkxNDMzLDAsMSwxLTE3LjgyODY2LDB2LTU0LjEySDI2MC4zMjE3NXY1NC4xMmE4LjkxNDMzLDguOTE0MzMsMCwxLDEtMTcuODI4NjYsMHYtNTQuMTJINjguMjEzN1oiLz48cGF0aCBjbGFzcz0iY2xzLTEiIGQ9Ik0yNDEuOTE1MDUsNDQzLjIwODEzYTEuMTgxNDIsMS4xODE0MiwwLDAsMCwuOTU2NTIuNDg5MjFoOC41MzY0bDguNTM2MDgtLjAwMTI0YTEuMTc0MiwxLjE3NDIsMCwwLDAsLjkyMzM2LS40NDc0MWw1LjMyMy02LjY3MTMxLDUuMzIyLTYuNjc1NzhhMS4xODgsMS4xODgsMCwwLDAsLjIyNjcyLS45OTM1NGwtMy43OTUxLTE2LjYzMTY5YTEuMTY0NTUsMS4xNjQ1NSwwLDAsMC0uNjQxNDQtLjgxNTcxbC0xNS4zODEtNy40MDY4MmExLjE3ODkzLDEuMTc4OTMsMCwwLDAtMS4wMjY3MSwwbC0xNS4zODEsNy40MDY4MmExLjE4NywxLjE4NywwLDAsMC0uNjM3ODkuODAzMzdsLTMuNzksMTYuNjAxNDZhMS4xODQyMiwxLjE4NDIyLDAsMCwwLC4yMTgwOCwxLjAzNzM1Wk0yMjkuODUxLDQ2Ny44NTcyM2EyLjY4NTYzLDIuNjg1NjMsMCwwLDAsMi4xNzQsMS4xMDc1MUgyNTEuNDFsMTkuMzg1LS4wMDM1NGEyLjY2OTIsMi42NjkyLDAsMCwwLDIuMDk3MzYtMS4wMTI4MmwxMi4wODcxOS0xNS4xNTM1NywxMi4wODUtMTUuMTU5YTIuNzA4LDIuNzA4LDAsMCwwLC41MTc0NC0yLjI1ODA2bC04LjYyMDc1LTM3Ljc2OTMyYTIuNjUwODQsMi42NTA4NCwwLDAsMC0xLjQ1NjU0LTEuODUxODJsLTM0LjkzMDczLTE2LjgyMjc4YTIuNjc5NTUsMi42Nzk1NSwwLDAsMC0yLjMyODU1LDBsLTM0LjkzMDksMTYuODIyNzhhMi42Nzc0LDIuNjc3NCwwLDAsMC0xLjQ0ODM2LDEuODIzNzVsLTguNjA3LDM3LjcwMDU0YTIuNjgxMTYsMi42ODExNiwwLDAsMCwuNDk0LDIuMzU2MTRaIi8+PHBhdGggY2xhc3M9ImNscy0xIiBkPSJNNDguNjQxMzMsNDQzLjIwODEzYTEuMTc4MjQsMS4xNzgyNCwwLDAsMCwuOTU2NTMuNDg5MjFoOC41MzYzOWw4LjUzNjA4LS4wMDEyNGExLjE3NzE1LDEuMTc3MTUsMCwwLDAsLjkyMzM3LS40NDc0MWw1LjMyMzM1LTYuNjcxMzEsNS4zMTk2NS02LjY3NTc4YTEuMTg3MjgsMS4xODcyOCwwLDAsMCwuMjI4NDEtLjk5MzU0bC0zLjc5NjgtMTYuNjMxNjlhMS4xNjY3OSwxLjE2Njc5LDAsMCwwLS42NDAyLS44MTU3MWwtMTUuMzgyMjgtNy40MDY4MmExLjE3NjIyLDEuMTc2MjIsMCwwLDAtMS4wMjU0NywwbC0xNS4zODAyOCw3LjQwNjgyYTEuMTgxODUsMS4xODE4NSwwLDAsMC0uNjM4MzUuODAzMzdsLTMuNzg5NTUsMTYuNjAxNDZhMS4xNzYyMywxLjE3NjIzLDAsMCwwLC4yMTgyNCwxLjAzNzM1Wm0tMTIuMDYzNzUsMjQuNjQ5MWEyLjY4NSwyLjY4NSwwLDAsMCwyLjE3MzA4LDEuMTA3NTFINTguMTM0MjVsMTkuMzg2NTItLjAwMzU0YTIuNjc2MzUsMi42NzYzNSwwLDAsMCwyLjA5ODEyLTEuMDEyODJsMTIuMDg2MjctMTUuMTUzNTcsMTIuMDgzNjUtMTUuMTU5YTIuNjkyNzQsMi42OTI3NCwwLDAsMCwuNTE3NDMtMi4yNTgwNmwtOC42MTkzNi0zNy43NjkzMmEyLjY0NzY3LDIuNjQ3NjcsMCwwLDAtMS40NTU5Mi0xLjg1MTgyTDU5LjMwMDM3LDM3OC45MzM4N2EyLjY4MjksMi42ODI5LDAsMCwwLTIuMzMwMDgsMEwyMi4wMzg3NywzOTUuNzU2NjVhMi42ODYsMi42ODYsMCwwLDAtMS40NDg2NiwxLjgyMzc1bC04LjYwNDU2LDM3LjcwMDU0YTIuNjcxMjUsMi42NzEyNSwwLDAsMCwuNDk0MTQsMi4zNTYxNFoiLz48cGF0aCBjbGFzcz0iY2xzLTEiIGQ9Ik00MzIuODU5NDUsNDQzLjIwODEzYTEuMTc4LDEuMTc4LDAsMCwwLC45NTY1Mi40ODkyMWg4LjUzNjFsOC41MzYyMi0uMDAxMjRhMS4xNzcwNiwxLjE3NzA2LDAsMCwwLC45MjMyMS0uNDQ3NDFsNS4zMjMzNy02LjY3MTMxLDUuMzE5NzktNi42NzU3OGExLjE4MTM2LDEuMTgxMzYsMCwwLDAsLjIyODEtLjk5MzU0bC0zLjc5NTEtMTYuNjMxNjlhMS4xNjQ3MiwxLjE2NDcyLDAsMCwwLS42NDE1OS0uODE1NzFsLTE1LjM4MS03LjQwNjgyYTEuMTc4NTMsMS4xNzg1MywwLDAsMC0xLjAyNjUzLDBsLTE1LjM4MTA3LDcuNDA2ODJhMS4xODk3NywxLjE4OTc3LDAsMCwwLS42MzguODAzMzdsLTMuNzksMTYuNjAxNDZhMS4xODQyNSwxLjE4NDI1LDAsMCwwLC4yMTgyMiwxLjAzNzM1Wm0tMTIuMDY0MjIsMjQuNjQ5MWEyLjY4NTc4LDIuNjg1NzgsMCwwLDAsMi4xNzM0LDEuMTA3NTFoMTkuMzgzNDRsMTkuMzg2MzUtLjAwMzU0YTIuNjc0NDIsMi42NzQ0MiwwLDAsMCwyLjA5ODI4LTEuMDEyODJsMTIuMDg2NDItMTUuMTUzNTcsMTIuMDgzNDktMTUuMTU5YTIuNjkxODYsMi42OTE4NiwwLDAsMCwuNTE2NjctMi4yNTgwNmwtOC42MTg0NC0zNy43NjkzMmEyLjY1MTYsMi42NTE2LDAsMCwwLTEuNDU1OTItMS44NTE4MmwtMzQuOTMxMzYtMTYuODIyNzhhMi42ODI5LDIuNjgyOSwwLDAsMC0yLjMzMDA4LDBsLTM0LjkzMDksMTYuODIyNzhhMi42ODM3NiwyLjY4Mzc2LDAsMCwwLTEuNDQ4NTEsMS44MjM3NWwtOC42MDQ4NywzNy43MDA1NGEyLjY3MjI3LDIuNjcyMjcsMCwwLDAsLjQ5NDMsMi4zNTYxNFoiLz48L2c+PC9zdmc+
+  longDescription: Kyverno is a policy engine designed for Kubernetes. It can validate,
+    mutate, and generate configurations using admission controls and background scans.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: A Kubernetes-native policy engine.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-kyverno
+    for community support.
diff --git a/repo/packages/metrics-server.packages.kadras.io/0.6.1.yml b/repo/packages/metrics-server.packages.kadras.io/0.8.0.yml
similarity index 86%
rename from repo/packages/metrics-server.packages.kadras.io/0.6.1.yml
rename to repo/packages/metrics-server.packages.kadras.io/0.8.0.yml
index ccd121e..10b6dd8 100644
--- a/repo/packages/metrics-server.packages.kadras.io/0.6.1.yml
+++ b/repo/packages/metrics-server.packages.kadras.io/0.8.0.yml
@@ -1,143 +1,148 @@
 apiVersion: data.packaging.carvel.dev/v1alpha1
 kind: Package
 metadata:
-  name: metrics-server.packages.kadras.io.0.6.1
+  creationTimestamp: null
+  name: metrics-server.packages.kadras.io.0.8.0
 spec:
+  licenses:
+  - Apache 2.0
+  refName: metrics-server.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-metrics-server/releases
+  releasedAt: "2025-08-14T17:45:10Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-metrics-server@sha256:907424062bd661d214af87933d935b36b2a8d4a7d36d640c26a1dda0c0aeb271
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
   valuesSchema:
     openAPIv3:
-      type: object
       additionalProperties: false
-      description: OpenAPIv3 Schema for metrics-server
       properties:
-        namespace:
-          type: string
-          description: The namespace in which metrics-server is deployed
-          default: kube-system
-        nodeSelector:
-          nullable: true
-          description: NodeSelector configuration applied to all the deployments
-          default: null
-        deployment:
-          type: object
+        daemonset:
           additionalProperties: false
           properties:
             updateStrategy:
-              type: string
-              nullable: true
-              description: Update strategy of deployments
               default: null
+              description: Update strategy of daemonsets
+              nullable: true
+              type: string
+          type: object
+        deployment:
+          additionalProperties: false
+          properties:
             rollingUpdate:
-              type: object
               additionalProperties: false
               properties:
-                maxUnavailable:
-                  type: integer
-                  nullable: true
-                  description: The maxUnavailable of rollingUpdate. Applied only if RollingUpdate is used as updateStrategy
-                  default: null
                 maxSurge:
-                  type: integer
+                  default: null
+                  description: The maxSurge of rollingUpdate. Applied only if RollingUpdate
+                    is used as updateStrategy
                   nullable: true
-                  description: The maxSurge of rollingUpdate. Applied only if RollingUpdate is used as updateStrategy
+                  type: integer
+                maxUnavailable:
                   default: null
-        daemonset:
-          type: object
-          additionalProperties: false
-          properties:
+                  description: The maxUnavailable of rollingUpdate. Applied only if
+                    RollingUpdate is used as updateStrategy
+                  nullable: true
+                  type: integer
+              type: object
             updateStrategy:
-              type: string
-              nullable: true
-              description: Update strategy of daemonsets
               default: null
-        metricsServer:
+              description: Update strategy of deployments
+              nullable: true
+              type: string
           type: object
+        metricsServer:
           additionalProperties: false
           properties:
-            namespace:
-              type: string
-              nullable: true
-              description: The namespace value used by older templates, will be overwriten if top level namespace is present, kept for backward compatibility
-              default: null
-            createNamespace:
-              type: boolean
-              description: Whether to create namespace specified for metrics-server
-              default: true
             config:
-              type: object
               additionalProperties: false
               properties:
-                securePort:
-                  type: integer
-                  description: The HTTPS secure port used by metrics-server
-                  default: 4443
-                updateStrategy:
-                  type: string
-                  description: The update strategy of the metrics-server deployment
-                  default: RollingUpdate
+                apiServiceInsecureTLS:
+                  default: true
+                  description: Whether to enable insecure TLS for metrics-server api
+                    service
+                  type: boolean
                 args:
-                  type: array
+                  default: []
                   description: Arguments passed into metrics-server container
                   items:
-                    type: string
                     default: ""
-                  default: []
+                    type: string
+                  type: array
                 probe:
-                  type: object
                   additionalProperties: false
                   properties:
                     failureThreshold:
-                      type: integer
-                      description: Probe failureThreshold of metrics-server deployment
                       default: 3
-                    periodSeconds:
+                      description: Probe failureThreshold of metrics-server deployment
                       type: integer
-                      description: Probe period of metrics-server deployment
+                    periodSeconds:
                       default: 10
-                apiServiceInsecureTLS:
-                  type: boolean
-                  description: Whether to enable insecure TLS for metrics-server api service
-                  default: true
+                      description: Probe period of metrics-server deployment
+                      type: integer
+                  type: object
+                securePort:
+                  default: 4443
+                  description: The HTTPS secure port used by metrics-server
+                  type: integer
                 tolerations:
-                  nullable: true
-                  description: Metrics-server deployment tolerations
                   default: []
-            image:
+                  description: Metrics-server deployment tolerations
+                  nullable: true
+                updateStrategy:
+                  default: RollingUpdate
+                  description: The update strategy of the metrics-server deployment
+                  type: string
               type: object
+            createNamespace:
+              default: true
+              description: Whether to create namespace specified for metrics-server
+              type: boolean
+            image:
               additionalProperties: false
               properties:
-                repository:
-                  type: string
-                  description: The repository of metrics-server image
-                  default: ""
                 name:
-                  type: string
+                  default: ""
                   description: The path of image
+                  type: string
+                pullPolicy:
+                  default: IfNotPresent
+                  description: The pull policy of image
+                  type: string
+                repository:
                   default: ""
-                tag:
+                  description: The repository of metrics-server image
                   type: string
-                  description: The image tag
+                tag:
                   default: ""
-                pullPolicy:
+                  description: The image tag
                   type: string
-                  description: The pull policy of image
-                  default: IfNotPresent
-  refName: metrics-server.packages.kadras.io
-  version: 0.6.1
-  releaseNotes: metrics-server 0.6.1 https://github.com/kubernetes-sigs/metrics-server/releases/tag/v0.6.1
-  licenses:
-  - Apache 2.0
-  template:
-    spec:
-      fetch:
-      - imgpkgBundle:
-          image: projects.registry.vmware.com/tce/metrics-server@sha256:55f29f8ba79933204c49642b1c9b745e1d60af3221d16b7772f4ba1b7ad60725
-      template:
-      - ytt:
-          paths:
-          - config/
-      - kbld:
-          paths:
-          - '-'
-          - .imgpkg/images.yml
-      deploy:
-      - kapp: {}
+              type: object
+            namespace:
+              default: null
+              description: The namespace value used by older templates, will be overwriten
+                if top level namespace is present, kept for backward compatibility
+              nullable: true
+              type: string
+          type: object
+        namespace:
+          default: kube-system
+          description: The namespace in which metrics-server is deployed
+          type: string
+        nodeSelector:
+          default: null
+          description: NodeSelector configuration applied to all the deployments
+          nullable: true
+      type: object
+  version: 0.8.0
diff --git a/repo/packages/metrics-server.packages.kadras.io/metadata.yml b/repo/packages/metrics-server.packages.kadras.io/metadata.yml
index 93de629..bea30f4 100644
--- a/repo/packages/metrics-server.packages.kadras.io/metadata.yml
+++ b/repo/packages/metrics-server.packages.kadras.io/metadata.yml
@@ -1,16 +1,21 @@
 apiVersion: data.packaging.carvel.dev/v1alpha1
 kind: PackageMetadata
 metadata:
+  creationTimestamp: null
   name: metrics-server.packages.kadras.io
 spec:
-  displayName: "metrics-server"
-  longDescription: "Metrics Server is a scalable, efficient source of container resource metrics for Kubernetes built-in autoscaling pipelines."
-  shortDescription: "Metrics Server is a scalable, efficient source of container resource metrics for Kubernetes built-in autoscaling pipelines."
-  providerName: VMware
-  maintainers:
-    - name: Guanpeng Gao
   categories:
-    - "observability"
-    - "metrics-server"
-    - "cluster"
-    - "metrics"
+  - monitoring
+  - metrics
+  - observability
+  displayName: metrics-server
+  iconSVGBase64: PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHJvbGU9ImltZyIgdmlld0JveD0iLTAuMTcgMC4wOCAyMzAuMTAgMjIzLjM1Ij48ZGVmcz48c3R5bGU+LmNscy0xe2ZpbGw6I2ZmZn0uY2xzLTJ7ZmlsbDojMzI2Y2U1fTwvc3R5bGU+PC9kZWZzPjxwYXRoIGQ9Ik0xMzQuMzU4IDEyNi40NjZhMy41OSAzLjU5IDAgMCAwLS44NTUtLjA2NSAzLjY4NSAzLjY4NSAwIDAgMC0xLjQyNS4zNyAzLjcyNSAzLjcyNSAwIDAgMC0xLjgwMyA0LjgyNWwtLjAyNi4wMzcgOC41MjggMjAuNjAzYTQzLjUzIDQzLjUzIDAgMCAwIDE3LjU5NS0yMi4xMDJsLTIxLjk3Ni0zLjcxNHptLTM0LjE5NCAyLjkyYTMuNzIgMy43MiAwIDAgMC0zLjU2OC0yLjg5NCAzLjY1NiAzLjY1NiAwIDAgMC0uNzMzLjA2NWwtLjAzNy0uMDQ1LTIxLjc4NSAzLjY5OGE0My42OTUgNDMuNjk1IDAgMCAwIDE3LjU0IDIxLjk0Nmw4LjQ0Mi0yMC40LS4wNjYtLjA4YTMuNjgzIDMuNjgzIDAgMCAwIC4yMDctMi4yOXptMTguMjQ1IDhhMy43MTggMy43MTggMCAwIDAtNi41NTcuMDA4aC0uMDE4bC0xMC43MTMgMTkuMzcyYTQzLjYzNyA0My42MzcgMCAwIDAgMjMuODE1IDEuMjI1cTIuMTk3LS41IDQuMjkyLTEuMmwtMTAuNzM4LTE5LjQwNnptMzMuOTE0LTQ1bC0xNi40ODMgMTQuNzUzLjAwOS4wNDdhMy43MjUgMy43MjUgMCAwIDAgMS40NiA2LjM5NWwuMDIuMDg5IDIxLjM1IDYuMTVhNDQuMjc4IDQ0LjI3OCAwIDAgMC02LjM1Ni0yNy40MzJ6TTEyMS43IDk0LjAzOWEzLjcyNSAzLjcyNSAwIDAgMCA1LjkxMyAyLjg0bC4wNjUuMDI3IDE4LjAzNi0xMi43ODhhNDMuODUgNDMuODUgMCAwIDAtMjUuMjg3LTEyLjE5bDEuMjUzIDIyLjEwNXptLTE5LjEgMi45MjFhMy43MiAzLjcyIDAgMCAwIDUuOTA0LTIuODVsLjA5Mi0uMDQzIDEuMjUzLTIyLjE0YTQ0LjY4MiA0NC42ODIgMCAwIDAtNC41MDEuNzc2IDQzLjQ2NyA0My40NjcgMCAwIDAtMjAuOTM3IDExLjQwOWwxOC4xNTQgMTIuODY5em0tOS42NzggMTYuNzI5YTMuNzIgMy43MiAwIDAgMCAxLjQ2Mi02LjM5NmwuMDE4LS4wODgtMTYuNTc0LTE0LjgyNGE0My40NTQgNDMuNDU0IDAgMCAwLTYuMTY4IDI3LjUxbDIxLjI0NS02LjEzem0xNi4wOTggNi41MTJsNi4xMTQgMi45NCA2LjA5Ni0yLjkzNCAxLjUxNC02LjU4MS00LjIxOS01LjI3NmgtNi43OWwtNC4yMzEgNS4yNjh6IiBjbGFzcz0iY2xzLTIiLz48cGF0aCBkPSJNMjE2LjIwOCAxMzMuMTY3bC0xNy40MjItNzUuNjc1YTEzLjYwMiAxMy42MDIgMCAwIDAtNy4yOTMtOS4wNzNsLTcwLjUyMS0zMy42N2ExMy41ODkgMTMuNTg5IDAgMCAwLTExLjcwNSAwTDM4Ljc2IDQ4LjQzN2ExMy41OTggMTMuNTk4IDAgMCAwLTcuMjk1IDkuMDcybC0xNy4zOTQgNzUuNjczYTEzLjMxNSAxMy4zMTUgMCAwIDAtLjAwNCA1LjgxIDEzLjUwNiAxMy41MDYgMCAwIDAgLjQ5MSAxLjcxOCAxMy4xIDEzLjEgMCAwIDAgMS4zNDMgMi43MjZjLjIzOS4zNjUuNDkxLjcyLjc2NSAxLjA2NGw0OC44MDQgNjAuNjc4Yy4yMTMuMjY0LjQ0OC41MDUuNjgxLjc1YTEzLjQyMyAxMy40MjMgMCAwIDAgMi41NzQgMi4xMzMgMTMuOTI0IDEzLjkyNCAwIDAgMCAzLjg1NyAxLjY3NyAxMy4yOTggMTMuMjk4IDAgMCAwIDMuNDMuNDczaC43NTlsNzcuNTA0LS4wMThhMTIuOTkzIDEyLjk5MyAwIDAgMCAxLjQxLS4wODMgMTMuNDcgMTMuNDcgMCAwIDAgMS45ODktLjM3OCAxMy44NzIgMTMuODcyIDAgMCAwIDEuMzgxLS40NDJjLjM1My0uMTM1LjcwNS0uMjcgMS4wNDUtLjQzM2ExMy45NDEgMTMuOTQxIDAgMCAwIDEuNDc5LS44MjIgMTMuMzAzIDEzLjMwMyAwIDAgMCAzLjIzNy0yLjg2NWwxLjQ4OC0xLjg1IDQ3LjI5OS01OC44NGExMy4xODUgMTMuMTg1IDAgMCAwIDIuMTA4LTMuNzg1IDEzLjY3IDEzLjY3IDAgMCAwIC41LTEuNzI0IDEzLjI4MiAxMy4yODIgMCAwIDAtLjAwNC01Ljgxem0tNzMuMTQ3IDI5LjQzMmExNC41MTYgMTQuNTE2IDAgMCAwIC43MDMgMS43MDMgMy4zMTQgMy4zMTQgMCAwIDAtLjMyNyAyLjQ5IDM5LjM3MiAzOS4zNzIgMCAwIDAgMy43NDIgNi43IDM1LjA2IDM1LjA2IDAgMCAxIDIuMjYzIDMuMzY0Yy4xNy4zMTUuMzkyLjgwMy41NTMgMS4xMzZhNC4yNCA0LjI0IDAgMSAxLTcuNjMgMy42MDdjLS4xNjEtLjMzLS4zODUtLjc3LS41MjItMS4wODJhMzUuMjc1IDM1LjI3NSAwIDAgMS0xLjIyNS0zLjg2OCAzOS4zMDUgMzkuMzA1IDAgMCAwLTIuODk2LTcuMDk3IDMuMzM1IDMuMzM1IDAgMCAwLTIuMTU0LTEuMzA3Yy0uMTM1LS4yMzMtLjYzNS0xLjE1LS45MDMtMS42MjNhNTQuNjE3IDU0LjYxNyAwIDAgMS0zOC45NDgtLjFsLS45NTUgMS43M2EzLjQyOSAzLjQyOSAwIDAgMC0xLjgxOS44ODcgMjkuNTE3IDI5LjUxNyAwIDAgMC0zLjI2OCA3LjU4MiAzNC45IDM0LjkgMCAwIDEtMS4yMTggMy44NjhjLS4xMzUuMzEtLjM2MS43NDQtLjUyMiAxLjA3M3YuMDA5bC0uMDA3LjAwOGE0LjIzOCA0LjIzOCAwIDEgMS03LjYxOS0zLjYxNmMuMTU5LS4zMzUuMzcyLS44Mi41NC0xLjEzNWEzNS4xNzcgMzUuMTc3IDAgMCAxIDIuMjYyLTMuMzczIDQxLjIyOCA0MS4yMjggMCAwIDAgMy44Mi02Ljg2NiA0LjE4OCA0LjE4OCAwIDAgMC0uMzc2LTIuMzg3bC43NjgtMS44NGE1NC45MjIgNTQuOTIyIDAgMCAxLTI0LjMzOC0zMC4zODdsLTEuODM5LjMxM2E0LjY4IDQuNjggMCAwIDAtMi40MjgtLjg1NSAzOS41MjQgMzkuNTI0IDAgMCAwLTcuMzU2IDIuMTY1IDM1LjU4OSAzNS41ODkgMCAwIDEtMy43ODcgMS40NWMtLjMwNS4wODQtLjc0NS4xNjgtMS4wOTMuMjQ0LS4wMjguMDEtLjA1Mi4wMjItLjA4LjAyOWEuNjA1LjYwNSAwIDAgMS0uMDY1LjAwNiA0LjIzNiA0LjIzNiAwIDEgMS0xLjg3NC04LjIyNGwuMDYxLS4wMTUuMDM3LS4wMWMuMzUzLS4wODMuODA1LS4yIDEuMTI3LS4yNjJhMzUuMjcgMzUuMjcgMCAwIDEgNC4wNS0uMzI2IDM5LjM4OCAzOS4zODggMCAwIDAgNy41NjQtMS4yNDIgNS44MzUgNS44MzUgMCAwIDAgMS44MTQtMS44M2wxLjc2Ny0uNTE2YTU0LjYxMyA1NC42MTMgMCAwIDEgOC42MTMtMzguMDczbC0xLjM1My0xLjIwNmE0LjY4OCA0LjY4OCAwIDAgMC0uODQ4LTIuNDM2IDM5LjM2NiAzOS4zNjYgMCAwIDAtNi4yNzctNC40MSAzNS4yNSAzNS4yNSAwIDAgMS0zLjQ5OS0yLjA0NmMtLjI1Ni0uMTkxLS41OTYtLjQ3OC0uODc0LS43MDRsLS4wNjMtLjA0NGE0LjQ3MyA0LjQ3MyAwIDAgMS0xLjAzOC02LjIyMiA0LjA2NiA0LjA2NiAwIDAgMSAzLjM2My0xLjQ4OCA1LjAzIDUuMDMgMCAwIDEgMi45NDIgMS4xMWMuMjg3LjIyNS42OC41MjYuOTM1Ljc0NWEzNS4yNTMgMzUuMjUzIDAgMCAxIDIuNzggMi45NSAzOS4zODMgMzkuMzgzIDAgMCAwIDUuNjkgNS4xNDIgMy4zMzMgMy4zMzMgMCAwIDAgMi41MDcuMjQzcS43NTQuNTUgMS41MjIgMS4wODJBNTQuMjg5IDU0LjI4OSAwIDAgMSAxMDIuODYgNjEuODlhNTUuMDUyIDU1LjA1MiAwIDAgMSA3LjYzLTEuMTczbC4xLTEuNzg0YTQuNiA0LjYgMCAwIDAgMS4zNy0yLjE4NCAzOS40NzYgMzkuNDc2IDAgMCAwLS40Ny03LjY1NCAzNS40NjYgMzUuNDY2IDAgMCAxLS41NzYtNC4wMTRjLS4wMTEtLjMwNy4wMDYtLjczMS4wMS0xLjA4MSAwLS4wNC0uMDEtLjA4LS4wMS0uMTE4YTQuMjQyIDQuMjQyIDAgMSAxIDguNDQxLS4wMDRjMCAuMzcuMDIyLjg2LjAwOSAxLjJhMzUuMTA5IDM1LjEwOSAwIDAgMS0uNTc5IDQuMDEzIDM5LjUzMyAzOS41MzMgMCAwIDAtLjQ3OCA3LjY1NiAzLjM0NCAzLjM0NCAwIDAgMCAxLjM3OSAyLjExYy4wMTUuMzA1LjA2NSAxLjMyMy4xMDIgMS44ODRhNTUuMzA5IDU1LjMwOSAwIDAgMSAzNS4wMzIgMTYuOTI3bDEuNjA2LTEuMTQ3YTQuNjkgNC42OSAwIDAgMCAyLjU2LS4yNzggMzkuNTMyIDM5LjUzMiAwIDAgMCA1LjY5LTUuMTQ4IDM1LjAwNCAzNS4wMDQgMCAwIDEgMi43ODctMi45NWMuMjU5LS4yMjIuNjUtLjUyLjkzNi0uNzQ2YTQuMjQyIDQuMjQyIDAgMSAxIDUuMjU4IDYuNTk4Yy0uMjgzLjIyOS0uNjU3LjU0OC0uOTI5Ljc1YTM1LjA5NSAzNS4wOTUgMCAwIDEtMy41MDcgMi4wNDYgMzkuNDk1IDM5LjQ5NSAwIDAgMC02LjI3NyA0LjQxIDMuMzM3IDMuMzM3IDAgMCAwLS43OTIgMi4zOWMtLjIzNS4yMTYtMS4wNi45NDctMS40OTcgMS4zNDNhNTQuODM3IDU0LjgzNyAwIDAgMSA4Ljc5MiAzNy45ODNsMS43MDQuNDk2YTQuNzQ1IDQuNzQ1IDAgMCAwIDEuODIgMS44MyAzOS40NjQgMzkuNDY0IDAgMCAwIDcuNTY4IDEuMjQ2IDM1LjY0IDM1LjY0IDAgMCAxIDQuMDQ2LjMyNGMuMzU1LjA2NS44NjguMjA3IDEuMjMuMjlhNC4yMzYgNC4yMzYgMCAxIDEtMS44NzggOC4yMjNsLS4wNjEtLjAwOGMtLjAyOC0uMDA3LS4wNTQtLjAyMi0uMDgzLS4wMy0uMzQ4LS4wNzUtLjc4NS0uMTUxLTEuMDktLjIzMWEzNS4xNCAzNS4xNCAwIDAgMS0zLjc4NS0xLjQ2MiAzOS40NzcgMzkuNDc3IDAgMCAwLTcuMzYzLTIuMTY1IDMuMzM3IDMuMzM3IDAgMCAwLTIuMzYyLjg3N3EtLjktLjE3MS0xLjgwNC0uMzE2YTU0LjkyIDU0LjkyIDAgMCAxLTI0LjMyOCAzMC42MDV6IiBjbGFzcz0iY2xzLTIiLz48cGF0aCBkPSJNMjI1LjQwNyAxMzUuMTA3TDIwNi40IDUyLjU0N2ExNC44MzggMTQuODM4IDAgMCAwLTcuOTU4LTkuOWwtNzYuOTM1LTM2LjczYTE0LjgyNSAxNC44MjUgMCAwIDAtMTIuNzcxIDBMMzEuODA4IDQyLjY2OWExNC44MzggMTQuODM4IDAgMCAwLTcuOTYxIDkuODk1TDQuODczIDEzNS4xMjlhMTQuNjY4IDE0LjY2OCAwIDAgMCAxLjk5NSAxMS4xODVjLjI2MS40LjUzOC43ODguODM4IDEuMTYybDUzLjI0NiA2Ni4yMDVhMTQuOTggMTQuOTggMCAwIDAgMTEuNDk5IDUuNDg3bDg1LjM4Ny0uMDJhMTQuOTg2IDE0Ljk4NiAwIDAgMCAxMS41LTUuNDhsNTMuMjI3LTY2LjIxMWExNC43MiAxNC43MiAwIDAgMCAyLjg0Mi0xMi4zNDd6bS05LjE5NyAzLjg2NmExMy42NzcgMTMuNjc3IDAgMCAxLS40OTggMS43MjMgMTMuMTg0IDEzLjE4NCAwIDAgMS0yLjExIDMuNzg2bC00Ny4yOTkgNTguODM4LTEuNDg2IDEuODUyYTEzLjMwNSAxMy4zMDUgMCAwIDEtMy4yNCAyLjg2NSAxMy45NDUgMTMuOTQ1IDAgMCAxLTEuNDc0LjgyMnEtLjUxMy4yMzctMS4wNDUuNDNhMTMuODczIDEzLjg3MyAwIDAgMS0xLjM4My40NDUgMTMuNDczIDEzLjQ3MyAwIDAgMS0xLjk4OS4zNzkgMTIuOTg4IDEyLjk4OCAwIDAgMS0xLjQxLjA4MmwtNzcuNTA0LjAxOGgtLjc2YTEzLjI5OCAxMy4yOTggMCAwIDEtMy40MjktLjQ3MiAxMy45MjUgMTMuOTI1IDAgMCAxLTMuODU1LTEuNjc5IDEzLjQyNCAxMy40MjQgMCAwIDEtMi41NzYtMi4xMzJjLS4yMzMtLjI0Ni0uNDY4LS40ODctLjY4LS43NWwtNDguODA1LTYwLjY3OXEtLjQwOC0uNTE0LS43NjUtMS4wNjZhMTMuMTAyIDEzLjEwMiAwIDAgMS0xLjM0My0yLjcyNiAxMy41MDUgMTMuNTA1IDAgMCAxLS40OTEtMS43MTkgMTMuMzE1IDEzLjMxNSAwIDAgMSAuMDA0LTUuODA5bDE3LjM5NC03NS42NzVhMTMuNTk4IDEzLjU5OCAwIDAgMSA3LjI5NS05LjA3bDcwLjUwOC0zMy42ODVhMTMuNTg5IDEzLjU4OSAwIDAgMSAxMS43MDUgMGw3MC41MTkgMzMuNjdhMTMuNjAyIDEzLjYwMiAwIDAgMSA3LjI5MyA5LjA3M2wxNy40MjIgNzUuNjc0YTEzLjI4MiAxMy4yODIgMCAwIDEgLjAwMiA1LjgwN3oiIGNsYXNzPSJjbHMtMSIvPjxwYXRoIGQ9Ik0xODUuODE0IDEyNy4xMDZjLS4zNi0uMDgzLS44NzQtLjIyNS0xLjIyNy0uMjlhMzUuNjQyIDM1LjY0MiAwIDAgMC00LjA0Ni0uMzI2IDM5LjQ2NCAzOS40NjQgMCAwIDEtNy41Ny0xLjI0MiA0Ljc0NSA0Ljc0NSAwIDAgMS0xLjgyLTEuODMybC0xLjcwNC0uNDk2YTU0LjgzNyA1NC44MzcgMCAwIDAtOC43OS0zNy45ODNjLjQzNi0uMzk2IDEuMjYyLTEuMTI3IDEuNDk1LTEuMzQyYTMuMzM4IDMuMzM4IDAgMCAxIC43OTItMi4zOSAzOS40OTUgMzkuNDk1IDAgMCAxIDYuMjc3LTQuNDEgMzUuMDk1IDM1LjA5NSAwIDAgMCAzLjUwNy0yLjA0NmMuMjcyLS4yMDIuNjQ0LS41MjIuOTI5LS43NWE0LjI0MiA0LjI0MiAwIDEgMC01LjI1Ni02LjZjLS4yODguMjI3LS42OC41MjUtLjkzNi43NDdhMzUuMDA0IDM1LjAwNCAwIDAgMC0yLjc4OSAyLjk1IDM5LjUzMyAzOS41MzMgMCAwIDEtNS42OSA1LjE0OCA0LjY5IDQuNjkgMCAwIDEtMi41Ni4yNzhsLTEuNjA2IDEuMTQ3YTU1LjMwOSA1NS4zMDkgMCAwIDAtMzUuMDMyLTE2LjkyN2MtLjAzOS0uNTYxLS4wODctMS41NzctLjEwMi0xLjg4NGEzLjM0NCAzLjM0NCAwIDAgMS0xLjM3Ny0yLjExIDM5LjUzMyAzOS41MzMgMCAwIDEgLjQ3OC03LjY1NiAzNS4xMTIgMzUuMTEyIDAgMCAwIC41NzUtNC4wMTJjLjAxMy0uMzQtLjAwNy0uODM0LS4wMDctMS4yMDFhNC4yNDIgNC4yNDIgMCAxIDAtOC40NDEuMDA0YzAgLjA0LjAwOS4wNzguMDEuMTE4LS4wMDQuMzUtLjAyMS43NzQtLjAxIDEuMDhhMzUuNDc2IDM1LjQ3NiAwIDAgMCAuNTc2IDQuMDE1IDM5LjQ3NSAzOS40NzUgMCAwIDEgLjQ3IDcuNjU0IDQuNjAxIDQuNjAxIDAgMCAxLTEuMzcgMi4xODJsLS4xIDEuNzg2YTU1LjA1MiA1NS4wNTIgMCAwIDAtNy42MyAxLjE3MyA1NC4yODkgNTQuMjg5IDAgMCAwLTI3LjU3NCAxNS43NTRxLS43Ny0uNTMxLTEuNTI2LTEuMDgyYTMuMzMzIDMuMzMzIDAgMCAxLTIuNTA2LS4yNDMgMzkuMzgzIDM5LjM4MyAwIDAgMS01LjY5LTUuMTQxIDM1LjI1NSAzNS4yNTUgMCAwIDAtMi43NzctMi45NWMtLjI1Ny0uMjItLjY1LS41Mi0uOTM4LS43NWE1LjAzIDUuMDMgMCAwIDAtMi45NDItMS4xMSA0LjA2NiA0LjA2NiAwIDAgMC0zLjM2MyAxLjQ5IDQuNDczIDQuNDczIDAgMCAwIDEuMDM4IDYuMjIybC4wNjUuMDQ2Yy4yNzYuMjI2LjYxNi41MTUuODcyLjcwMmEzNS4yNTYgMzUuMjU2IDAgMCAwIDMuNDk5IDIuMDQ4IDM5LjM2NyAzOS4zNjcgMCAwIDEgNi4yNzYgNC40MTIgNC42OSA0LjY5IDAgMCAxIC44NDkgMi40MzRsMS4zNTEgMS4yMDhhNTQuNjEzIDU0LjYxMyAwIDAgMC04LjYxMSAzOC4wNzNsLTEuNzY3LjUxNGE1LjgzNSA1LjgzNSAwIDAgMS0xLjgxNCAxLjgyNyAzOS4zOSAzOS4zOSAwIDAgMS03LjU2NSAxLjI0NyAzNS4yNjYgMzUuMjY2IDAgMCAwLTQuMDQ5LjMyNmMtLjMyNC4wNi0uNzc0LjE3NC0xLjEyNy4yNjJsLS4wMzcuMDA4LS4wNi4wMThhNC4yMzYgNC4yMzYgMCAxIDAgMS44NzUgOC4yMjRsLjA2My0uMDFjLjAyOC0uMDA2LjA1Mi0uMDIuMDgtLjAyNS4zNDgtLjA4Ljc4Ni0uMTYzIDEuMDkyLS4yNDZhMzUuNTkgMzUuNTkgMCAwIDAgMy43ODYtMS40NTEgMzkuNTI3IDM5LjUyNyAwIDAgMSA3LjM1OC0yLjE2NSA0LjY4IDQuNjggMCAwIDEgMi40MjYuODU3bDEuODQtLjMxNWE1NC45MjIgNTQuOTIyIDAgMCAwIDI0LjM0IDMwLjM4N2wtLjc2OSAxLjg0YTQuMTg4IDQuMTg4IDAgMCAxIC4zNzcgMi4zODcgNDEuMjI4IDQxLjIyOCAwIDAgMS0zLjgyIDYuODY0IDM1LjE4MyAzNS4xODMgMCAwIDAtMi4yNjMgMy4zNzJjLS4xNjguMzE4LS4zODEuODA1LS41NDIgMS4xMzhhNC4yMzggNC4yMzggMCAxIDAgNy42MjEgMy42MTZsLjAwNy0uMDA4di0uMDFjLjE2LS4zMy4zODctLjc2My41MjItMS4wNzJhMzQuOTAzIDM0LjkwMyAwIDAgMCAxLjIxOC0zLjg2OCAyOS41MTcgMjkuNTE3IDAgMCAxIDMuMjY4LTcuNTgyIDMuNDMgMy40MyAwIDAgMSAxLjgxOS0uODg4bC45NTctMS43M2E1NC42MTcgNTQuNjE3IDAgMCAwIDM4Ljk0Ni4wOTljLjI2OC40NzguNzY4IDEuMzkyLjkgMS42MjNhMy4zMzUgMy4zMzUgMCAwIDEgMi4xNTUgMS4zMSAzOS4zMDYgMzkuMzA2IDAgMCAxIDIuODk4IDcuMDk2IDM1LjI3NSAzNS4yNzUgMCAwIDAgMS4yMjUgMy44NjhjLjEzNy4zMTIuMzYuNzUuNTIyIDEuMDgyYTQuMjQgNC4yNCAwIDEgMCA3LjYzLTMuNjA3Yy0uMTYxLS4zMzMtLjM4My0uODItLjU1LTEuMTM2YTM1LjA2IDM1LjA2IDAgMCAwLTIuMjYzLTMuMzY0IDM5LjM3MiAzOS4zNzIgMCAwIDEtMy43NDItNi43IDMuMzE0IDMuMzE0IDAgMCAxIC4zMjQtMi40OSAxNC41MTkgMTQuNTE5IDAgMCAxLS43MDMtMS43MDMgNTQuOTIgNTQuOTIgMCAwIDAgMjQuMzI4LTMwLjYwNWMuNTQ2LjA4NyAxLjQ5Ny4yNTMgMS44MDYuMzE2YTMuMzM3IDMuMzM3IDAgMCAxIDIuMzYtLjg3NyAzOS40NzYgMzkuNDc2IDAgMCAxIDcuMzYgMi4xNjUgMzUuMTM1IDM1LjEzNSAwIDAgMCAzLjc4OCAxLjQ2MmMuMzA1LjA4Ljc0LjE1NiAxLjA5LjIzMy4wMjkuMDA4LjA1NS4wMi4wODMuMDI4bC4wNi4wMDlhNC4yMzYgNC4yMzYgMCAxIDAgMS44NzgtOC4yMjR6bS00MC4xLTQyLjk4N2wtMTguMDM3IDEyLjc4Ny0uMDYzLS4wM2EzLjcyMyAzLjcyMyAwIDAgMS01LjkxMy0yLjgzOGwtLjAyLS4wMS0xLjI1My0yMi4xMDNhNDMuODUgNDMuODUgMCAwIDEgMjUuMjg1IDEyLjE5NHptLTMzLjk3OCAyNC4yMjhoNi43ODhsNC4yMiA1LjI3Ni0xLjUxMyA2LjU4LTYuMDk2IDIuOTM0LTYuMTE0LTIuOTQtMS41MTYtNi41ODN6bS02LjM4Ni0zNS42NDhhNDQuNjcyIDQ0LjY3MiAwIDAgMSA0LjUwMy0uNzc0bC0xLjI1NSAyMi4xMzctLjA5Mi4wNDRhMy43MiAzLjcyIDAgMCAxLTUuOTA0IDIuODUybC0uMDM1LjAyLTE4LjE1NC0xMi44NzJhNDMuNDY3IDQzLjQ2NyAwIDAgMSAyMC45MzctMTEuNDA3em0tMjcuNTIgMTkuNjhsMTYuNTc0IDE0LjgyNC0uMDE4LjA5YTMuNzIgMy43MiAwIDAgMS0xLjQ2MiA2LjM5NWwtLjAxNy4wNzItMjEuMjQ1IDYuMTNhNDMuNDU0IDQzLjQ1NCAwIDAgMSA2LjE2OC0yNy41MXptMjIuMTkxIDM5LjM4bC04LjQ0MSAyMC4zOTdhNDMuNjk2IDQzLjY5NiAwIDAgMS0xNy41MzYtMjEuOTQ4bDIxLjc4My0zLjcuMDM3LjA0OWEzLjY1NSAzLjY1NSAwIDAgMSAuNzMtLjA2NSAzLjcyIDMuNzIgMCAwIDEgMy4zNjQgNS4xODV6bTI0LjkxNiAyNi4yM2E0My42MzcgNDMuNjM3IDAgMCAxLTIzLjgxNS0xLjIyM2wxMC43MTMtMTkuMzcyaC4wMThhMy43MjUgMy43MjUgMCAwIDEgNi41NTctLjAwNmguMDhsMTAuNzQgMTkuNDA0cS0yLjA5MS42OTgtNC4yOTMgMS4xOTl6bTEzLjg0MS01Ljc1MWwtOC41MjgtMjAuNjA1LjAyNi0uMDM3YTMuNzI1IDMuNzI1IDAgMCAxIDEuODAzLTQuODIzIDMuNjg1IDMuNjg1IDAgMCAxIDEuNDI1LS4zNyAzLjU5IDMuNTkgMCAwIDEgLjg1NS4wNjNsLjAzNy0uMDQ2IDIxLjk3NyAzLjcxNGE0My41MyA0My41MyAwIDAgMS0xNy41OTUgMjIuMTA1em0xOS45MDMtMzIuNDJsLTIxLjM1Mi02LjE1LS4wMi0uMDlhMy43MjUgMy43MjUgMCAwIDEtMS40Ni02LjM5NWwtLjAwOC0uMDQzIDE2LjQ4Mi0xNC43NTFhNDQuMjc5IDQ0LjI3OSAwIDAgMSA2LjM1NyAyNy40M3oiIGNsYXNzPSJjbHMtMSIvPjwvc3ZnPg==
+  longDescription: Metrics Server is a scalable and efficient source of container
+    resource metrics for Kubernetes built-in autoscaling pipelines.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Scalable and efficient source of container resource metrics for
+    Kubernetes built-in autoscaling pipelines.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-metrics-server
+    for community support.
diff --git a/repo/packages/postgresql-operator.packages.kadras.io/1.27.0.yml b/repo/packages/postgresql-operator.packages.kadras.io/1.27.0.yml
new file mode 100644
index 0000000..054ae8e
--- /dev/null
+++ b/repo/packages/postgresql-operator.packages.kadras.io/1.27.0.yml
@@ -0,0 +1,31 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: postgresql-operator.packages.kadras.io.1.27.0
+spec:
+  licenses:
+  - Apache 2.0
+  refName: postgresql-operator.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-postgresql-operator/releases
+  releasedAt: "2025-08-14T17:53:47Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-postgresql-operator@sha256:7ba0b9f3ab4414eecd25540f29d5176abd8290c2850c3c85115c78ea2d9b25b8
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      default: null
+      nullable: true
+  version: 1.27.0
diff --git a/repo/packages/postgresql-operator.packages.kadras.io/metadata.yml b/repo/packages/postgresql-operator.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..afa8ece
--- /dev/null
+++ b/repo/packages/postgresql-operator.packages.kadras.io/metadata.yml
@@ -0,0 +1,19 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: postgresql-operator.packages.kadras.io
+spec:
+  categories:
+  - database
+  displayName: postgresql-operator
+  longDescription: CloudNativePG is a Kubernetes operator that covers the full lifecycle
+    of a PostgreSQL database cluster with a primary/standby architecture, using native
+    streaming replication.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: CloudNativePG is a Kubernetes operator that covers the full lifecycle
+    of a PostgreSQL database cluster.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-postgresql-operator
+    for community support.
diff --git a/repo/packages/rabbitmq-operator.packages.kadras.io/2.16.1.yml b/repo/packages/rabbitmq-operator.packages.kadras.io/2.16.1.yml
new file mode 100644
index 0000000..1b18205
--- /dev/null
+++ b/repo/packages/rabbitmq-operator.packages.kadras.io/2.16.1.yml
@@ -0,0 +1,44 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: rabbitmq-operator.packages.kadras.io.2.16.1
+spec:
+  licenses:
+  - Apache 2.0
+  refName: rabbitmq-operator.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-rabbitmq-operator/releases
+  releasedAt: "2025-09-15T15:15:32Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-rabbitmq-operator@sha256:d8066a1d87ead89aa1b8801f54fbf8a111313c56ab9bf0fec2611b5b0fe06534
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        logging:
+          additionalProperties: false
+          description: Logging configuration.
+          properties:
+            level:
+              default: info
+              description: The Operator log level. Valid options are `info` and `debug`.
+              enum:
+              - info
+              - debug
+              type: string
+          type: object
+      type: object
+  version: 2.16.1
diff --git a/repo/packages/rabbitmq-operator.packages.kadras.io/metadata.yml b/repo/packages/rabbitmq-operator.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..651112e
--- /dev/null
+++ b/repo/packages/rabbitmq-operator.packages.kadras.io/metadata.yml
@@ -0,0 +1,20 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: rabbitmq-operator.packages.kadras.io
+spec:
+  categories:
+  - eventing
+  - messaging
+  - streaming
+  displayName: rabbitmq-operator
+  longDescription: Operator for RabbitMQ, an open-source message broker supporting
+    multiple messaging protocols and streaming.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Operator for RabbitMQ, a message broker supporting multiple messaging
+    protocols and streaming.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-rabbitmq-operator
+    for community support.
diff --git a/repo/packages/rbac-configurer.packages.kadras.io/0.2.1.yml b/repo/packages/rbac-configurer.packages.kadras.io/0.2.1.yml
new file mode 100644
index 0000000..859b647
--- /dev/null
+++ b/repo/packages/rbac-configurer.packages.kadras.io/0.2.1.yml
@@ -0,0 +1,31 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: rbac-configurer.packages.kadras.io.0.2.1
+spec:
+  licenses:
+  - Apache 2.0
+  refName: rbac-configurer.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/rbac-configurer/releases
+  releasedAt: "2023-09-08T16:07:10Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/rbac-configurer@sha256:3421d6fb80f732536d46401ef5e43e1e476b332f94660fb04d59ef4021df3f7d
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      default: null
+      nullable: true
+  version: 0.2.1
diff --git a/repo/packages/rbac-configurer.packages.kadras.io/metadata.yml b/repo/packages/rbac-configurer.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..76cf3f5
--- /dev/null
+++ b/repo/packages/rbac-configurer.packages.kadras.io/metadata.yml
@@ -0,0 +1,18 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: rbac-configurer.packages.kadras.io
+spec:
+  categories:
+  - rbac
+  displayName: rbac-configurer
+  longDescription: Default roles and RBAC configuration for the Kadras Engineering
+    Platform, supporting users and service accounts.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Default roles and RBAC configuration for the Kadras Engineering
+    Platform.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/rbac-configurer
+    for community support.
diff --git a/repo/packages/secretgen-controller.packages.kadras.io/0.11.0.yml b/repo/packages/secretgen-controller.packages.kadras.io/0.11.0.yml
deleted file mode 100644
index a2a5c08..0000000
--- a/repo/packages/secretgen-controller.packages.kadras.io/0.11.0.yml
+++ /dev/null
@@ -1,63 +0,0 @@
-apiVersion: data.packaging.carvel.dev/v1alpha1
-kind: Package
-metadata:
-  name: secretgen-controller.packages.kadras.io.0.11.0
-spec:
-  refName: secretgen-controller.packages.kadras.io
-  version: 0.11.0
-  releaseNotes: https://github.com/vmware-tanzu/carvel-secretgen-controller/releases/tag/v0.11.0
-  valuesSchema:
-    openAPIv3:
-      type: object
-      additionalProperties: false
-      properties:
-        namespace:
-          type: string
-          description: The namespace in which to deploy secretgen-controller
-          default: secretgen-controller
-        create_namespace:
-          type: boolean
-          description: Whether to create namespace specified for secretgen-controller
-          default: true
-        deployment:
-          type: object
-          additionalProperties: false
-          description: Configuration for secretgen-controller deployment
-          properties:
-            updateStrategy:
-              type: string
-              description: Update strategy of deployments, empty uses default strategy
-              default: ""
-            rollingUpdate:
-              type: object
-              additionalProperties: false
-              properties:
-                maxUnavailable:
-                  type: integer
-                  description: The maxUnavailable of rollingUpdate. Applied only if RollingUpdate is used as updateStrategy
-                  default: 1
-                maxSurge:
-                  type: integer
-                  description: The maxSurge of rollingUpdate. Applied only if RollingUpdate is used as updateStrategy
-                  default: 0
-            nodeSelector:
-              nullable: true
-              description: NodeSelector configuration applied to all the deployments
-              default: null
-  licenses:
-  - Apache 2.0
-  template:
-    spec:
-      fetch:
-      - imgpkgBundle:
-          image: ghcr.io/vmware-tanzu/carvel-secretgen-controller-package-bundle@sha256:0e3eb05734e6876275d4f8120a20fdb505dbc21266032f9fdb46b34aaa570e9e
-      template:
-      - ytt:
-          paths:
-          - config
-      - kbld:
-          paths:
-          - .imgpkg/images.yml
-          - '-'
-      deploy:
-      - kapp: {}
diff --git a/repo/packages/secretgen-controller.packages.kadras.io/0.19.2.yml b/repo/packages/secretgen-controller.packages.kadras.io/0.19.2.yml
new file mode 100644
index 0000000..b3dd67c
--- /dev/null
+++ b/repo/packages/secretgen-controller.packages.kadras.io/0.19.2.yml
@@ -0,0 +1,35 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: secretgen-controller.packages.kadras.io.0.19.2
+spec:
+  licenses:
+  - Apache 2.0
+  refName: secretgen-controller.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-secretgen-controller/releases
+  releasedAt: "2025-05-30T18:30:26Z"
+  template:
+    spec:
+      deploy:
+      - kapp:
+          rawOptions:
+          - --wait-timeout=5m
+          - --kube-api-qps=50
+          - --kube-api-burst=100
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-secretgen-controller@sha256:a75097ef7dc675acb9144cd6b7c76fccfb3d7aa57969cf3b0ec36a0f48fe35df
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      default: null
+      nullable: true
+  version: 0.19.2
diff --git a/repo/packages/secretgen-controller.packages.kadras.io/metadata.yml b/repo/packages/secretgen-controller.packages.kadras.io/metadata.yml
index baa19af..f805679 100644
--- a/repo/packages/secretgen-controller.packages.kadras.io/metadata.yml
+++ b/repo/packages/secretgen-controller.packages.kadras.io/metadata.yml
@@ -1,13 +1,18 @@
 apiVersion: data.packaging.carvel.dev/v1alpha1
 kind: PackageMetadata
 metadata:
+  creationTimestamp: null
   name: secretgen-controller.packages.kadras.io
 spec:
-  displayName: "secretgen-controller"
-  longDescription: "Provide CRDs to specify what secrets need to be on cluster (generated or not)."
-  shortDescription: "Secret generation and sharing"
-  providerName: carvel.dev
-  maintainers:
-    - name: Carvel team (see www.carvel.dev for team members)
   categories:
-    - "package management"
+  - secrets management
+  displayName: secretgen-controller
+  iconSVGBase64: PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c3ZnIGlkPSJhcnR3b3JrIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCA0MDAgNDAwIj48ZGVmcz48c3R5bGU+LmNscy0xe2ZpbGw6bm9uZTt9LmNscy0ye2ZpbGw6I2ZmZjt9LmNscy0ze2ZpbGw6IzFlNDQ4ODt9LmNscy00e2ZpbGw6IzIwOGZjZTt9LmNscy01e2ZpbGw6IzE3YmVkMjt9LmNscy02e2ZpbGw6IzcyNzA3NDt9LmNscy03e2ZpbGw6Izc5NDQ5OTt9PC9zdHlsZT48L2RlZnM+PGNpcmNsZSBjbGFzcz0iY2xzLTIiIGN4PSIyMjYuMzg1ODciIGN5PSIxOTguOTU2NTIiIHI9IjE0NS4xNzU3NCIvPjxwYXRoIGNsYXNzPSJjbHMtMSIgZD0iTTE0NS4yOTE5LDMxOS4zNzU1OGM1Ni40Njc0MSwzOC4wMzUwNywxMzEuNzg1MDMsMzEuNjk5MTksMTgxLjEwNDY1LTE1LjIzNDg5LTcyLjM5NzQyLDE4Ljc1Nzk2LTE0NS4yMzkyNCwxNy40ODgzOC0xODEuMTA0NjUsMTUuMjM0ODlaIi8+PHBhdGggY2xhc3M9ImNscy0xIiBkPSJNMzM2Ljk2NTc2LDIwMi4yMjU3YzEwLjY2NDQyLS4zMTczOSwyMi4yMTc1NC0uMTkwNDMsMzQuNTY0MTQtLjg4ODd2LTIuMzgwNDVjLS4yMTQxMS04MC4xOTU1OC02NS4zOTkwNC0xNDUuMDMzMzgtMTQ1LjU5NDYyLTE0NC44MTkyNy01My40NDUzLC4xNDI2OS0xMDIuNDkyMDQsMjkuNjMyNzYtMTI3LjY4MTA5LDc2Ljc3MDEyLDI5LjY0NDUzLDE1Ljg2OTY3LDc3LjY2NjE2LDM2LjUzMTk3LDE1My45OTkyOCw1OS4zNTI1NiwxNS4xNzE0LDQuNTcwNDcsNjguNzQ3MzcsMTIuNDQxODEsODQuNzEyMywxMS45NjU3NFoiLz48cGF0aCBjbGFzcz0iY2xzLTEiIGQ9Ik00OC43NDA4Miw3Mi4xMjYxNHMwLDIuNjY2MSwuMjIyMTcsNy40OTA0OWMtLjA2MzQ5LTIuNDc1NjYtLjE1ODcxLTQuOTUxMzMtLjIyMjE3LTcuNDkwNDlaIi8+PHBhdGggY2xhc3M9ImNscy02IiBkPSJNMjI2LjM4NTg3LDMyLjMyNTAxYy02MS40MjQ1LS4wMDM5OC0xMTcuODY2MTksMzMuNzk3NjEtMTQ2Ljg1NzksODcuOTQ5NzEsNS4yMDUyNSwzLjE3MzkzLDExLjMzMDk0LDYuNzkyMjIsMTguNTk5MjUsMTAuNjMyNjcsMzcuNTk5NzMtNzAuODM1MywxMjUuNTAzNjQtOTcuNzc4MDcsMTk2LjMzODk0LTYwLjE3ODM2LDQ3LjQ0ODMxLDI1LjE4NTc5LDc3LjExNTY1LDc0LjUwOTExLDc3LjEyNzE4LDEyOC4yMjc1djIuMzgwNDVjLS4wODgzOSw2LjExODA3LS41NjU0MiwxMi4yMjQzMS0xLjQyODI2LDE4LjI4MTg2LS4wMTU2OSwuMTE1ODUtLjAxNTY5LC4yMzMyOSwwLC4zNDkxMy0xLjE1NDM0LDcuODA5MDYtMi45MjY3NSwxNS41MTQxOS01LjMwMDQ2LDIzLjA0Mjc3LS41MjkwMSwxLjcxMzktMS4xMDAyOSwzLjM5NjA4LTEuNzEzOSw1LjA0NjU0LTIuMjk2MTgsNi4zNzYzNy01LjA0MzI1LDEyLjU4MTItOC4yMjA0OCwxOC41Njc1MS0uMzgwODYsLjczMDAyLS43NjE3NiwxLjQ5MTc1LTEuMTc0MzQsMi4yMjE3NC0zLjYwNTY0LDYuNTY2NTUtNy43MjMzOSwxMi44Mzg2My0xMi4zMTQ4OCwxOC43NTc5NmwtLjU3MTI4LC42OTgyN2MtNDYuODk3OSw2MC4wNzI1Mi0xMzIuMjY5MjQsNzMuNjQyNjYtMTk1LjQ4MjU3LDMxLjA3MjgxLTExLjE0MDQ5LS42OTgyNy0xOC43MjYyMS0xLjQ5MTc1LTIxLjU4Mjc2LTEuODQwODl2LjE1ODcxbC0xLjA0NzQtLjI1MzkyaC0uMzgwODhsLTE2Ljc5MDExLTQuMTU3ODUtLjc5MzQ4LS40NDQzNWM2Mi44NDY0Niw2Ny4yMDMxNCwxNjguMjcyNDksNzAuNzM0ODgsMjM1LjQ3NTYsNy44ODg0NCw5LjEwNzgyLTguNTE3MzgsMTcuMjMwNTYtMTguMDMwMzksMjQuMjE1NjMtMjguMzYwMywyLjA5NDgxLTMuMTczOTMsNC4wMzA5MS02LjM0Nzg3LDUuOTM1MjQtOS41MjE4LC4wOTM1Ny0uMTk2OTcsLjE5OTU4LS4zODc4MSwuMzE3NDEtLjU3MTMxLDIuOTY0ODEtNS4xNDQyNSw1LjY1NTg1LTEwLjQ0MTUyLDguMDYxNzctMTUuODY5NjcsLjM4MDg2LS44NTY5NSwuNzkzNDgtMS43MTM5MywxLjE3NDM0LTIuNjAyNjIsMi41MzI2Mi02LjAyMzIxLDQuNzA1My0xMi4xOTE1LDYuNTA2NTctMTguNDcyMjksLjQ0NDM1LTEuNTU1MjIsLjkyMDQyLTMuMTczOTMsMS4zMzMwNS00LjcyOTE1LDIuMDY3NDQtOC4wNDU3OSwzLjUyMTAzLTE2LjIzNjkyLDQuMzQ4MjctMjQuNTAyNzcsLjAxNTU5LS4xMjY0OCwuMDE1NTktLjI1NDQsMC0uMzgwODgsLjU3NDQzLTUuNTE0NTMsLjg2MDUxLTExLjA1NTMsLjg1Njk4LTE2LjU5OTY4aDBjLjA4NzY2LTkyLjAyODAxLTc0LjQ0NDcyLTE2Ni43MDI0OS0xNjYuNDcyNzctMTY2Ljc5MDE1LS4wNTI4OS0uMDAwMDUtLjEwNTgyLS4wMDAwNy0uMTU4NzUtLjAwMDA3WiIvPjxwYXRoIGNsYXNzPSJjbHMtNiIgZD0iTTY2LjcwNTI3LDIxOS43MTQwNWMtLjQxMjYtMS44MDkxNC0uODU2OTUtMy41NTQ4MS0xLjI2OTU4LTUuNDU5MTcsLjQxMjYzLDEuODQwODksLjg1Njk4LDMuNjUwMDMsMS4yNjk1OCw1LjQ1OTE3WiIvPjxwYXRoIGNsYXNzPSJjbHMtNiIgZD0iTTY3LjY4OTIxLDIyMy45OTg4NmMuMzQ5MTMsMS40MjgyNiwuNjk4MjcsMi43OTMwNSwxLjA0NzQsNC4xNTc4NS0uNzMwMDItMi43OTMwNS0xLjM2NDc5LTUuNjE3ODUtMi4wMzEzMi04LjQ0MjY4LC4zMTczOSwxLjQyODMxLC42NjY1LDIuOTIwMDQsLjk4MzkxLDQuMjg0ODNaIi8+PHBhdGggY2xhc3M9ImNscy02IiBkPSJNNjUuNDM1NzIsMjE0LjI1NDg4Yy0uNzYxNzQtMy40NTk1OC0xLjUyMzUtNi45NTA5Mi0yLjIyMTc0LTEwLjQxMDUsLjcyOTk5LDMuNTg2NTYsMS40NTk5OCw3LjA0NjE0LDIuMjIxNzQsMTAuNDEwNVoiLz48cGF0aCBjbGFzcz0iY2xzLTUiIGQ9Ik0yODIuNzg2NjgsMjM5LjEwNjc5cy0xMzkuMjA4NzMtMjEuMTA2NjYtMjAwLjk3MzQ4LTUyLjkwOTQ3Yy02LjM1Nzg5LTMuMTMzNDUtMTIuMzU5NTYtNi45NDMtMTcuOTAwOTgtMTEuMzYyNjlsLjc2MTc0LDMuNTU0ODFjMi4yODUyNCwxMC41Mzc0Niw1LjA3ODI5LDIxLjUxOTI3LDguNDQyNjgsMzIuNzU0OTksMS41ODY5NywuNjAzMDYsNC42MDIxOSwxLjcxMzkzLDguOTE4NzUsMy4xNzM5MywzNy44MzMyOCwxMy40ODkyMiwxNzMuMjY1MDMsNTguNTkwODEsMjcyLjk1ODMsNTIuMjQyOTUsMy4xNzcyMy01Ljk4NjMxLDUuOTI0My0xMi4xOTExNCw4LjIyMDQ4LTE4LjU2NzUxLC41OTI1LTEuNjUwNDYsMS4xNjM3OC0zLjMzMjYyLDEuNzEzOS01LjA0NjU0LTI3LjQ0MDMyLDEuMzE2NTYtNTQuOTQzNjQsLjAzMDY2LTgyLjE0MTM3LTMuODQwNDhaIi8+PHBhdGggY2xhc3M9ImNscy01IiBkPSJNNDkuNTAyNTYsMTc2LjQ4NTA5di0uNjk4MjdsLTIyLjIxNzU0LDMxLjczOTM0aDBsMTAuNjAwOTMsMjAuMDkxMDFoMGwxOC4xMjMxNi0xNi4xNTUzMWMtMi4zODA0My0xMC41Mzc0OC00LjU3MDQ1LTIyLjE1NDA5LTYuNTA2NTUtMzQuOTc2NzZaIi8+PHBhdGggY2xhc3M9ImNscy03IiBkPSJNMjAwLjMyNzksMjAwLjYwNjk4Yy01NC44NzczNC0xNS44Njk2Ny05MC45NjQ5NS0zMS4zMjY3My0xMTMuMTgyNDktNDIuNzg0NjQtOC4xNTcwMS00LjE4OTU5LTE0LjQ0MTQxLTcuODM5NjItMTkuMDQzNi0xMC43NTk2My01LjU4NjEzLTMuNDkxMzItOC44MjM1My01LjkwMzUyLTEwLjA5MzExLTYuODg3NDN2LjQ3NjA5YzEuMTc0MzYsOC42OTY1OCwyLjY2NjA5LDE3Ljk5NjIsNC41NzA0NywyNy44MDM2NywuNDEyNiwyLjA5NDgxLC44NTY5NSw0LjI1MzA2LDEuMzAxMzIsNi4zNDc4Nyw1LjU0MTQzLDQuNDE5NjgsMTEuNTQzMDksOC4yMjkyNywxNy45MDA5OCwxMS4zNjI2OSw2MS43NjQ3NSwzMS43MzkzNCwyMDAuOTczNDgsNTIuOTA5NDcsMjAwLjk3MzQ4LDUyLjkwOTQ3LDI3LjE4NDI3LDMuOTAwOTIsNTQuNjc2ODksNS4yMTg3MSw4Mi4xMDk2NSwzLjkzNTY3LDIuMzczNzItNy41Mjg1OCw0LjE0NjEzLTE1LjIzMzcsNS4zMDA0Ni0yMy4wNDI3Ny0uMDE1NjktLjExNTg1LS4wMTU2OS0uMjMzMjksMC0uMzQ5MTMtNDYuMTQ4OTcsNS44NDAwNS0xMDUuMDI1NDYtLjM0OTEzLTE2OS44MzcxOC0xOS4wMTE4NloiLz48cGF0aCBjbGFzcz0iY2xzLTciIGQ9Ik05OS4xNDI4OCwyNjguODc4M2wtNC41NzA0Ny0xLjQ2MDAxdi4xOTA0M2M4LjIzNDkxLDE3LjQ0ODM1LDE3Ljk2MjE1LDM0LjE1MjQ4LDI5LjA3MzI0LDQ5LjkyNTk2LDIuODU2NTUsLjM0OTEzLDEwLjQ0MjIyLDEuMTQyNjIsMjEuNTgyNzYsMS44NDA4OSwzNS44NjU0NiwyLjI1MzQ5LDEwOC43MDcyMywzLjUyMzA3LDE4MS4xMDQ2NS0xNS4yMzQ4OSw1LjE3ODUyLTQuOTI3MDIsOS45ODQzNi0xMC4yMzE0OCwxNC4zNzc5Mi0xNS44Njk2N2wuNTcxMjgtLjY5ODI3Yy04MS4wODg1OSwxMi4xNTE5MS0xNjMuODc3MDQsNS43NjAxOS0yNDIuMTM5MzgtMTguNjk0NDRaIi8+PHBhdGggY2xhc3M9ImNscy03IiBkPSJNNDQuOTYzODMsMTM5LjMxODMybC0zMC41OTY3Miw0MC43NTMzMWgwbDEyLjY5NTczLDI3LjMyNzU3LDIyLjIxNzU0LTMxLjczOTM0Yy0xLjYyOTI3LTEwLjc5MTM2LTMuMDU3NTYtMjIuNDI5MTMtNC4yODQ4MS0zNC45MTMyNywuMDYzNDctLjMxNzQsLjAzMTc1LS44ODg3MS0uMDMxNzUtMS40MjgyN1oiLz48cGF0aCBjbGFzcz0iY2xzLTciIGQ9Ik03MS4wODUzMSwyNjQuMTgwODdsLTcuMzk1MjcsNS40OTA5MnMxMy43NDMxNCwxNy43NDIyOCwxNS4wNDQ0NCwxOS4wNDM2YzIuNDc1NjYsMi41MzkxNiw0Ljc2MDksNC42MDIxOSw2Ljc5MjIyLDYuMzQ3ODctNS42Mzc1NC05Ljc4MTktMTAuNDI2NTUtMjAuMDI4ODctMTQuMzE0NDUtMzAuNjI4NDctLjA1MjY5LS4wNzkwNC0uMDk1MzQtLjE2NDMyLS4xMjY5NC0uMjUzOTJaIi8+PHBhdGggY2xhc3M9ImNscy0zIiBkPSJNMjUyLjEyNjQ3LDE5MC4yNTk5NWMtNzYuMzMzMTItMjIuNjYxODgtMTI0LjM1NDctNDMuNTQ2MzctMTUzLjg3MjI5LTU5LjM1MjU2LTcuMjY4MzEtMy44NDA0Ni0xMy4zOTQtNy40MjcwMS0xOC41OTkyNS0xMC42MzI2Ny05LjEzNDU1LTUuMjY5MjUtMTcuNTY5NDUtMTEuNjY3NDEtMjUuMTA1ODMtMTkuMDQzNiwuNTA3ODQsMTAuNDQyMjQsMS41MjM1LDIzLjY3NzU0LDMuNTU0ODEsMzguODgwNjksMS4yNjk1OCwuOTgzOTIsNC41MDY5OCwzLjM5NjExLDEwLjA5MzExLDYuODg3NDQsNC42MzM5NCwyLjkyMDAxLDEwLjkxODM0LDYuNTcwMDQsMTkuMDQzNiwxMC43NTk2MywyMi4yMTc1NCwxMS40NTc5LDU4LjMwNTE1LDI2Ljk3ODQ0LDExMy4xODI0OSw0Mi43ODQ2NCw2NC44MTE3MiwxOC42NjI3MiwxMjMuNzgzNDEsMjQuODUxOTEsMTY5Ljc3MzczLDE5LjA0MzYsLjg2Mjg0LTYuMDU3NTUsMS4zMzk4OC0xMi4xNjM4LDEuNDI4MjYtMTguMjgxODYtMTIuMTg3ODksLjY5ODI3LTIzLjg5OTcyLC41NzEzMS0zNC41NjQxNCwuODg4Ny0xNi4wNjAxNSwuNTA3ODItNjkuNjM2MTEtNy4zNjM1My04NC45MzQ1LTExLjkzNFoiLz48cGF0aCBjbGFzcz0iY2xzLTMiIGQ9Ik04Mi4wMzUzOCwyMTQuMzgxODRjLTQuMzE2NTUtMS41MjM1LTcuMzMxNzgtMi42MzQzNy04LjkxODc1LTMuMTczOTN2LjUzOTU2YzUuNjkwMDQsMTkuMDg2MzIsMTIuODA5MjEsMzcuNzE3MDgsMjEuMjk3MDksNTUuNzM0MjdsNC41NzA0NywxLjQ2MDAxYzc4LjI3OTksMjQuNDc0OTUsMTYxLjA5MTIxLDMwLjg3NzU5LDI0Mi4yMDI5LDE4LjcyNjIxLDQuNTkxNDktNS45MTkzMyw4LjcwOTI0LTEyLjE5MTQxLDEyLjMxNDg4LTE4Ljc1Nzk0LC40MTI2My0uNzMwMDIsLjc5MzQ4LTEuNDkxNzUsMS4xNzQzNC0yLjIyMTc0LTk5LjM3NTkxLDYuMjg0MzgtMjM0LjgwNzY1LTM4Ljc4NTQ3LTI3Mi42NDA5NC01Mi4zMDY0NFoiLz48cGF0aCBjbGFzcz0iY2xzLTMiIGQ9Ik02My4zNDA5MSwyMDMuODQ0MzhjLTEuMDQ3NC01LjAxNDgyLTIuMDYzMDYtMTAuMjUxODItMy4xNzM5My0xNS42NzkyNC02LjQwNzM5LTM1Ljg1NjkxLTEwLjE1MjI5LTcyLjEzODg0LTExLjIwMzk4LTEwOC41NDg1NCwwLTQuODI0MzgtLjIyMjE3LTcuNDkwNDktLjIyMjE3LTcuNDkwNDlsLTcuNjE3NDUsNC44ODc4N2MuMjUzOSw4Ljk1MDQ5LC42MDMwNiwxNy42MDQ3NSwxLjA0NzQsMjUuOTYyNzgsMCwxLjIzNzgzLC4xNTg3MSwyLjQxMjE4LC4yMjIxNywzLjY1MDAzTDYuODc2NjIsMTYyLjU1MTUybDcuNDI3MDIsMTcuNzQyMjgsMzAuNjYwMjEtNDAuODgwMjdjMCwuNTM5NTYsMCwxLjExMDg3LC4xNTg3MSwxLjY1MDQ1LDEuMjI3MjUsMTIuNDQxODEsMi42NTU1MywyNC4wNzk1Niw0LjI4NDgxLDM0LjkxMzI3di42OTgyN2MxLjkzNjEsMTIuNjk1NzMsNC4xMjYxMiwyNC40MzkyOCw2LjM0Nzg3LDM0LjkxMzI3bC0xNy44MDU3OSwxNi4xMjM1OWgwYy4zMTczOSwuNjAzMDYsNy42ODA5MSwxNC4xNTU3NCwxMi42OTU3MywyMS45MzE4OSw1LjAxNDgyLDcuNzc2MTUsMTIuMjgzMTMsMTguNDcyMjksMTMuMzMwNTEsMTkuOTk1NzlsNy4zOTUyNy01LjUyMjY0Yy0uMDExOTQsLjA5NDg1LS4wMTE5NCwuMTkwNzksMCwuMjg1NjQsMy44ODc4OSwxMC41OTk2LDguNjc2OTEsMjAuODQ2NTcsMTQuMzE0NDUsMzAuNjI4NDcsMi4xMjcyOCwzLjcxOTk0LDQuNTQ3MSw3LjI2NDc1LDcuMjM2NTcsMTAuNjAwOTMsLjI0NzI0LC4yODUxMywuNTM2MTUsLjUzMTIzLC44NTY5NSwuNzMwMDJsMTEuMTQwNTEsNi4zNDc4NywuNzkzNDgsLjQ0NDM1cy0yMC42NjIzMi0yMC44MjEtMzYuODE3NjMtODUuMDI5NjljLTIuMjIxNzQtNy45OTgzMy00LjAzMDg5LTE2LjA5MTg3LTUuNTU0MzgtMjQuMjgwNjJaIi8+PHBhdGggY2xhc3M9ImNscy00IiBkPSJNMTIzLjY0NTY1LDMxNy41MzQ2OWMtMTEuMTAwMTItMTUuNzc0NjUtMjAuODE2NzYtMzIuNDc4NzUtMjkuMDQxNS00OS45MjU5OXYtLjE5MDQzYy04LjQ4Nzg5LTE4LjAxNzE5LTE1LjYwNzA1LTM2LjY0Nzk1LTIxLjI5NzA5LTU1LjczNDI3di0uNTM5NTZjLTMuMzY0MzYtMTEuMjM1NzMtNi4xNTc0NC0yMi4yMTc1NC04LjQ0MjY4LTMyLjc1NDk5bC0uNzYxNzQtMy41NTQ4MWMtLjQ0NDM1LTIuMTI2NTMtLjg4ODctNC4yODQ4MS0xLjMwMTMyLTYuMzQ3ODctMS45MDQzNi05LjgwNzQ0LTMuMzk2MTEtMTkuMDQzNi00LjU3MDQ3LTI3LjgwMzY3di0uNDc2MDljLTIuMDMxMzItMTUuMjAzMTUtMy4xNzM5My0yOC41NjU0LTMuNTU0ODEtMzguODgwNjktLjc2MTc0LTE1Ljg2OTY3LS4zNDkxMy0yNS4xNjkzLS4zNDkxMy0yNS4xNjkzbC01LjMzMjIxLTMuOTk5MTVjMCwyLjUzOTE0LDAsNS4wMTQ4MiwuMjIyMTcsNy40OTA0OSwwLDEuMzk2NTMsMCwzLjAxNTI0LC4xOTA0Myw0LjcyOTE3LC44Nzg1LDM0LjgyMzI4LDQuNDc2MDMsNjkuNTI0NzIsMTAuNzU5NjgsMTAzLjc4NzY1LC45ODM5MSw1LjQyNzQyLDEuOTk5NTcsMTAuNjY0NDIsMy4xNzM5MywxNS42NzkyNCwxLjQ2MDAxLDcuMTA5NiwyLjk4MzUxLDEzLjg3MDEsNC40NzUyNiwyMC4xNTQ0NywuMzQ5MTMsMS40MjgyNiwuNjk4MjcsMi43OTMwNSwxLjA0NzQsNC4xNTc4NSwxNi4xNTUzMSw2NC4yMDg2NywzNi44MTc2Myw4NS4wMjk2OSwzNi44MTc2Myw4NS4wMjk2OWwxNi43OTAxMSw0LjE1Nzg1aC40MTI2bDEuMDQ3NCwuMjUzOTItLjI4NTY3LS4wNjM0OVoiLz48L3N2Zz4=
+  longDescription: A cloud-native solution to generate and share Secrets, passwords,
+    keys, and certificates.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Secrets generation and sharing.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-secretgen-controller
+    for community support.
diff --git a/repo/packages/service-binding.packages.kadras.io/1.0.0.yml b/repo/packages/service-binding.packages.kadras.io/1.0.0.yml
new file mode 100644
index 0000000..7687f06
--- /dev/null
+++ b/repo/packages/service-binding.packages.kadras.io/1.0.0.yml
@@ -0,0 +1,31 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: service-binding.packages.kadras.io.1.0.0
+spec:
+  licenses:
+  - Apache 2.0
+  refName: service-binding.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-service-binding/releases
+  releasedAt: "2024-07-29T20:35:04Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-service-binding@sha256:09ffb5fb4f9851305af3155be23d2831a25a9c3f41455333d6d14cb7f7badc0d
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      default: null
+      nullable: true
+  version: 1.0.0
diff --git a/repo/packages/service-binding.packages.kadras.io/metadata.yml b/repo/packages/service-binding.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..eeb4854
--- /dev/null
+++ b/repo/packages/service-binding.packages.kadras.io/metadata.yml
@@ -0,0 +1,23 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: service-binding.packages.kadras.io
+spec:
+  categories:
+  - service-binding
+  displayName: service-binding
+  iconSVGBase64: PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHJvbGU9ImltZyIgdmlld0JveD0iLTAuMTcgMC4wOCAyMzAuMTAgMjIzLjM1Ij48ZGVmcz48c3R5bGU+LmNscy0xe2ZpbGw6I2ZmZn0uY2xzLTJ7ZmlsbDojMzI2Y2U1fTwvc3R5bGU+PC9kZWZzPjxwYXRoIGQ9Ik0xMzQuMzU4IDEyNi40NjZhMy41OSAzLjU5IDAgMCAwLS44NTUtLjA2NSAzLjY4NSAzLjY4NSAwIDAgMC0xLjQyNS4zNyAzLjcyNSAzLjcyNSAwIDAgMC0xLjgwMyA0LjgyNWwtLjAyNi4wMzcgOC41MjggMjAuNjAzYTQzLjUzIDQzLjUzIDAgMCAwIDE3LjU5NS0yMi4xMDJsLTIxLjk3Ni0zLjcxNHptLTM0LjE5NCAyLjkyYTMuNzIgMy43MiAwIDAgMC0zLjU2OC0yLjg5NCAzLjY1NiAzLjY1NiAwIDAgMC0uNzMzLjA2NWwtLjAzNy0uMDQ1LTIxLjc4NSAzLjY5OGE0My42OTUgNDMuNjk1IDAgMCAwIDE3LjU0IDIxLjk0Nmw4LjQ0Mi0yMC40LS4wNjYtLjA4YTMuNjgzIDMuNjgzIDAgMCAwIC4yMDctMi4yOXptMTguMjQ1IDhhMy43MTggMy43MTggMCAwIDAtNi41NTcuMDA4aC0uMDE4bC0xMC43MTMgMTkuMzcyYTQzLjYzNyA0My42MzcgMCAwIDAgMjMuODE1IDEuMjI1cTIuMTk3LS41IDQuMjkyLTEuMmwtMTAuNzM4LTE5LjQwNnptMzMuOTE0LTQ1bC0xNi40ODMgMTQuNzUzLjAwOS4wNDdhMy43MjUgMy43MjUgMCAwIDAgMS40NiA2LjM5NWwuMDIuMDg5IDIxLjM1IDYuMTVhNDQuMjc4IDQ0LjI3OCAwIDAgMC02LjM1Ni0yNy40MzJ6TTEyMS43IDk0LjAzOWEzLjcyNSAzLjcyNSAwIDAgMCA1LjkxMyAyLjg0bC4wNjUuMDI3IDE4LjAzNi0xMi43ODhhNDMuODUgNDMuODUgMCAwIDAtMjUuMjg3LTEyLjE5bDEuMjUzIDIyLjEwNXptLTE5LjEgMi45MjFhMy43MiAzLjcyIDAgMCAwIDUuOTA0LTIuODVsLjA5Mi0uMDQzIDEuMjUzLTIyLjE0YTQ0LjY4MiA0NC42ODIgMCAwIDAtNC41MDEuNzc2IDQzLjQ2NyA0My40NjcgMCAwIDAtMjAuOTM3IDExLjQwOWwxOC4xNTQgMTIuODY5em0tOS42NzggMTYuNzI5YTMuNzIgMy43MiAwIDAgMCAxLjQ2Mi02LjM5NmwuMDE4LS4wODgtMTYuNTc0LTE0LjgyNGE0My40NTQgNDMuNDU0IDAgMCAwLTYuMTY4IDI3LjUxbDIxLjI0NS02LjEzem0xNi4wOTggNi41MTJsNi4xMTQgMi45NCA2LjA5Ni0yLjkzNCAxLjUxNC02LjU4MS00LjIxOS01LjI3NmgtNi43OWwtNC4yMzEgNS4yNjh6IiBjbGFzcz0iY2xzLTIiLz48cGF0aCBkPSJNMjE2LjIwOCAxMzMuMTY3bC0xNy40MjItNzUuNjc1YTEzLjYwMiAxMy42MDIgMCAwIDAtNy4yOTMtOS4wNzNsLTcwLjUyMS0zMy42N2ExMy41ODkgMTMuNTg5IDAgMCAwLTExLjcwNSAwTDM4Ljc2IDQ4LjQzN2ExMy41OTggMTMuNTk4IDAgMCAwLTcuMjk1IDkuMDcybC0xNy4zOTQgNzUuNjczYTEzLjMxNSAxMy4zMTUgMCAwIDAtLjAwNCA1LjgxIDEzLjUwNiAxMy41MDYgMCAwIDAgLjQ5MSAxLjcxOCAxMy4xIDEzLjEgMCAwIDAgMS4zNDMgMi43MjZjLjIzOS4zNjUuNDkxLjcyLjc2NSAxLjA2NGw0OC44MDQgNjAuNjc4Yy4yMTMuMjY0LjQ0OC41MDUuNjgxLjc1YTEzLjQyMyAxMy40MjMgMCAwIDAgMi41NzQgMi4xMzMgMTMuOTI0IDEzLjkyNCAwIDAgMCAzLjg1NyAxLjY3NyAxMy4yOTggMTMuMjk4IDAgMCAwIDMuNDMuNDczaC43NTlsNzcuNTA0LS4wMThhMTIuOTkzIDEyLjk5MyAwIDAgMCAxLjQxLS4wODMgMTMuNDcgMTMuNDcgMCAwIDAgMS45ODktLjM3OCAxMy44NzIgMTMuODcyIDAgMCAwIDEuMzgxLS40NDJjLjM1My0uMTM1LjcwNS0uMjcgMS4wNDUtLjQzM2ExMy45NDEgMTMuOTQxIDAgMCAwIDEuNDc5LS44MjIgMTMuMzAzIDEzLjMwMyAwIDAgMCAzLjIzNy0yLjg2NWwxLjQ4OC0xLjg1IDQ3LjI5OS01OC44NGExMy4xODUgMTMuMTg1IDAgMCAwIDIuMTA4LTMuNzg1IDEzLjY3IDEzLjY3IDAgMCAwIC41LTEuNzI0IDEzLjI4MiAxMy4yODIgMCAwIDAtLjAwNC01Ljgxem0tNzMuMTQ3IDI5LjQzMmExNC41MTYgMTQuNTE2IDAgMCAwIC43MDMgMS43MDMgMy4zMTQgMy4zMTQgMCAwIDAtLjMyNyAyLjQ5IDM5LjM3MiAzOS4zNzIgMCAwIDAgMy43NDIgNi43IDM1LjA2IDM1LjA2IDAgMCAxIDIuMjYzIDMuMzY0Yy4xNy4zMTUuMzkyLjgwMy41NTMgMS4xMzZhNC4yNCA0LjI0IDAgMSAxLTcuNjMgMy42MDdjLS4xNjEtLjMzLS4zODUtLjc3LS41MjItMS4wODJhMzUuMjc1IDM1LjI3NSAwIDAgMS0xLjIyNS0zLjg2OCAzOS4zMDUgMzkuMzA1IDAgMCAwLTIuODk2LTcuMDk3IDMuMzM1IDMuMzM1IDAgMCAwLTIuMTU0LTEuMzA3Yy0uMTM1LS4yMzMtLjYzNS0xLjE1LS45MDMtMS42MjNhNTQuNjE3IDU0LjYxNyAwIDAgMS0zOC45NDgtLjFsLS45NTUgMS43M2EzLjQyOSAzLjQyOSAwIDAgMC0xLjgxOS44ODcgMjkuNTE3IDI5LjUxNyAwIDAgMC0zLjI2OCA3LjU4MiAzNC45IDM0LjkgMCAwIDEtMS4yMTggMy44NjhjLS4xMzUuMzEtLjM2MS43NDQtLjUyMiAxLjA3M3YuMDA5bC0uMDA3LjAwOGE0LjIzOCA0LjIzOCAwIDEgMS03LjYxOS0zLjYxNmMuMTU5LS4zMzUuMzcyLS44Mi41NC0xLjEzNWEzNS4xNzcgMzUuMTc3IDAgMCAxIDIuMjYyLTMuMzczIDQxLjIyOCA0MS4yMjggMCAwIDAgMy44Mi02Ljg2NiA0LjE4OCA0LjE4OCAwIDAgMC0uMzc2LTIuMzg3bC43NjgtMS44NGE1NC45MjIgNTQuOTIyIDAgMCAxLTI0LjMzOC0zMC4zODdsLTEuODM5LjMxM2E0LjY4IDQuNjggMCAwIDAtMi40MjgtLjg1NSAzOS41MjQgMzkuNTI0IDAgMCAwLTcuMzU2IDIuMTY1IDM1LjU4OSAzNS41ODkgMCAwIDEtMy43ODcgMS40NWMtLjMwNS4wODQtLjc0NS4xNjgtMS4wOTMuMjQ0LS4wMjguMDEtLjA1Mi4wMjItLjA4LjAyOWEuNjA1LjYwNSAwIDAgMS0uMDY1LjAwNiA0LjIzNiA0LjIzNiAwIDEgMS0xLjg3NC04LjIyNGwuMDYxLS4wMTUuMDM3LS4wMWMuMzUzLS4wODMuODA1LS4yIDEuMTI3LS4yNjJhMzUuMjcgMzUuMjcgMCAwIDEgNC4wNS0uMzI2IDM5LjM4OCAzOS4zODggMCAwIDAgNy41NjQtMS4yNDIgNS44MzUgNS44MzUgMCAwIDAgMS44MTQtMS44M2wxLjc2Ny0uNTE2YTU0LjYxMyA1NC42MTMgMCAwIDEgOC42MTMtMzguMDczbC0xLjM1My0xLjIwNmE0LjY4OCA0LjY4OCAwIDAgMC0uODQ4LTIuNDM2IDM5LjM2NiAzOS4zNjYgMCAwIDAtNi4yNzctNC40MSAzNS4yNSAzNS4yNSAwIDAgMS0zLjQ5OS0yLjA0NmMtLjI1Ni0uMTkxLS41OTYtLjQ3OC0uODc0LS43MDRsLS4wNjMtLjA0NGE0LjQ3MyA0LjQ3MyAwIDAgMS0xLjAzOC02LjIyMiA0LjA2NiA0LjA2NiAwIDAgMSAzLjM2My0xLjQ4OCA1LjAzIDUuMDMgMCAwIDEgMi45NDIgMS4xMWMuMjg3LjIyNS42OC41MjYuOTM1Ljc0NWEzNS4yNTMgMzUuMjUzIDAgMCAxIDIuNzggMi45NSAzOS4zODMgMzkuMzgzIDAgMCAwIDUuNjkgNS4xNDIgMy4zMzMgMy4zMzMgMCAwIDAgMi41MDcuMjQzcS43NTQuNTUgMS41MjIgMS4wODJBNTQuMjg5IDU0LjI4OSAwIDAgMSAxMDIuODYgNjEuODlhNTUuMDUyIDU1LjA1MiAwIDAgMSA3LjYzLTEuMTczbC4xLTEuNzg0YTQuNiA0LjYgMCAwIDAgMS4zNy0yLjE4NCAzOS40NzYgMzkuNDc2IDAgMCAwLS40Ny03LjY1NCAzNS40NjYgMzUuNDY2IDAgMCAxLS41NzYtNC4wMTRjLS4wMTEtLjMwNy4wMDYtLjczMS4wMS0xLjA4MSAwLS4wNC0uMDEtLjA4LS4wMS0uMTE4YTQuMjQyIDQuMjQyIDAgMSAxIDguNDQxLS4wMDRjMCAuMzcuMDIyLjg2LjAwOSAxLjJhMzUuMTA5IDM1LjEwOSAwIDAgMS0uNTc5IDQuMDEzIDM5LjUzMyAzOS41MzMgMCAwIDAtLjQ3OCA3LjY1NiAzLjM0NCAzLjM0NCAwIDAgMCAxLjM3OSAyLjExYy4wMTUuMzA1LjA2NSAxLjMyMy4xMDIgMS44ODRhNTUuMzA5IDU1LjMwOSAwIDAgMSAzNS4wMzIgMTYuOTI3bDEuNjA2LTEuMTQ3YTQuNjkgNC42OSAwIDAgMCAyLjU2LS4yNzggMzkuNTMyIDM5LjUzMiAwIDAgMCA1LjY5LTUuMTQ4IDM1LjAwNCAzNS4wMDQgMCAwIDEgMi43ODctMi45NWMuMjU5LS4yMjIuNjUtLjUyLjkzNi0uNzQ2YTQuMjQyIDQuMjQyIDAgMSAxIDUuMjU4IDYuNTk4Yy0uMjgzLjIyOS0uNjU3LjU0OC0uOTI5Ljc1YTM1LjA5NSAzNS4wOTUgMCAwIDEtMy41MDcgMi4wNDYgMzkuNDk1IDM5LjQ5NSAwIDAgMC02LjI3NyA0LjQxIDMuMzM3IDMuMzM3IDAgMCAwLS43OTIgMi4zOWMtLjIzNS4yMTYtMS4wNi45NDctMS40OTcgMS4zNDNhNTQuODM3IDU0LjgzNyAwIDAgMSA4Ljc5MiAzNy45ODNsMS43MDQuNDk2YTQuNzQ1IDQuNzQ1IDAgMCAwIDEuODIgMS44MyAzOS40NjQgMzkuNDY0IDAgMCAwIDcuNTY4IDEuMjQ2IDM1LjY0IDM1LjY0IDAgMCAxIDQuMDQ2LjMyNGMuMzU1LjA2NS44NjguMjA3IDEuMjMuMjlhNC4yMzYgNC4yMzYgMCAxIDEtMS44NzggOC4yMjNsLS4wNjEtLjAwOGMtLjAyOC0uMDA3LS4wNTQtLjAyMi0uMDgzLS4wMy0uMzQ4LS4wNzUtLjc4NS0uMTUxLTEuMDktLjIzMWEzNS4xNCAzNS4xNCAwIDAgMS0zLjc4NS0xLjQ2MiAzOS40NzcgMzkuNDc3IDAgMCAwLTcuMzYzLTIuMTY1IDMuMzM3IDMuMzM3IDAgMCAwLTIuMzYyLjg3N3EtLjktLjE3MS0xLjgwNC0uMzE2YTU0LjkyIDU0LjkyIDAgMCAxLTI0LjMyOCAzMC42MDV6IiBjbGFzcz0iY2xzLTIiLz48cGF0aCBkPSJNMjI1LjQwNyAxMzUuMTA3TDIwNi40IDUyLjU0N2ExNC44MzggMTQuODM4IDAgMCAwLTcuOTU4LTkuOWwtNzYuOTM1LTM2LjczYTE0LjgyNSAxNC44MjUgMCAwIDAtMTIuNzcxIDBMMzEuODA4IDQyLjY2OWExNC44MzggMTQuODM4IDAgMCAwLTcuOTYxIDkuODk1TDQuODczIDEzNS4xMjlhMTQuNjY4IDE0LjY2OCAwIDAgMCAxLjk5NSAxMS4xODVjLjI2MS40LjUzOC43ODguODM4IDEuMTYybDUzLjI0NiA2Ni4yMDVhMTQuOTggMTQuOTggMCAwIDAgMTEuNDk5IDUuNDg3bDg1LjM4Ny0uMDJhMTQuOTg2IDE0Ljk4NiAwIDAgMCAxMS41LTUuNDhsNTMuMjI3LTY2LjIxMWExNC43MiAxNC43MiAwIDAgMCAyLjg0Mi0xMi4zNDd6bS05LjE5NyAzLjg2NmExMy42NzcgMTMuNjc3IDAgMCAxLS40OTggMS43MjMgMTMuMTg0IDEzLjE4NCAwIDAgMS0yLjExIDMuNzg2bC00Ny4yOTkgNTguODM4LTEuNDg2IDEuODUyYTEzLjMwNSAxMy4zMDUgMCAwIDEtMy4yNCAyLjg2NSAxMy45NDUgMTMuOTQ1IDAgMCAxLTEuNDc0LjgyMnEtLjUxMy4yMzctMS4wNDUuNDNhMTMuODczIDEzLjg3MyAwIDAgMS0xLjM4My40NDUgMTMuNDczIDEzLjQ3MyAwIDAgMS0xLjk4OS4zNzkgMTIuOTg4IDEyLjk4OCAwIDAgMS0xLjQxLjA4MmwtNzcuNTA0LjAxOGgtLjc2YTEzLjI5OCAxMy4yOTggMCAwIDEtMy40MjktLjQ3MiAxMy45MjUgMTMuOTI1IDAgMCAxLTMuODU1LTEuNjc5IDEzLjQyNCAxMy40MjQgMCAwIDEtMi41NzYtMi4xMzJjLS4yMzMtLjI0Ni0uNDY4LS40ODctLjY4LS43NWwtNDguODA1LTYwLjY3OXEtLjQwOC0uNTE0LS43NjUtMS4wNjZhMTMuMTAyIDEzLjEwMiAwIDAgMS0xLjM0My0yLjcyNiAxMy41MDUgMTMuNTA1IDAgMCAxLS40OTEtMS43MTkgMTMuMzE1IDEzLjMxNSAwIDAgMSAuMDA0LTUuODA5bDE3LjM5NC03NS42NzVhMTMuNTk4IDEzLjU5OCAwIDAgMSA3LjI5NS05LjA3bDcwLjUwOC0zMy42ODVhMTMuNTg5IDEzLjU4OSAwIDAgMSAxMS43MDUgMGw3MC41MTkgMzMuNjdhMTMuNjAyIDEzLjYwMiAwIDAgMSA3LjI5MyA5LjA3M2wxNy40MjIgNzUuNjc0YTEzLjI4MiAxMy4yODIgMCAwIDEgLjAwMiA1LjgwN3oiIGNsYXNzPSJjbHMtMSIvPjxwYXRoIGQ9Ik0xODUuODE0IDEyNy4xMDZjLS4zNi0uMDgzLS44NzQtLjIyNS0xLjIyNy0uMjlhMzUuNjQyIDM1LjY0MiAwIDAgMC00LjA0Ni0uMzI2IDM5LjQ2NCAzOS40NjQgMCAwIDEtNy41Ny0xLjI0MiA0Ljc0NSA0Ljc0NSAwIDAgMS0xLjgyLTEuODMybC0xLjcwNC0uNDk2YTU0LjgzNyA1NC44MzcgMCAwIDAtOC43OS0zNy45ODNjLjQzNi0uMzk2IDEuMjYyLTEuMTI3IDEuNDk1LTEuMzQyYTMuMzM4IDMuMzM4IDAgMCAxIC43OTItMi4zOSAzOS40OTUgMzkuNDk1IDAgMCAxIDYuMjc3LTQuNDEgMzUuMDk1IDM1LjA5NSAwIDAgMCAzLjUwNy0yLjA0NmMuMjcyLS4yMDIuNjQ0LS41MjIuOTI5LS43NWE0LjI0MiA0LjI0MiAwIDEgMC01LjI1Ni02LjZjLS4yODguMjI3LS42OC41MjUtLjkzNi43NDdhMzUuMDA0IDM1LjAwNCAwIDAgMC0yLjc4OSAyLjk1IDM5LjUzMyAzOS41MzMgMCAwIDEtNS42OSA1LjE0OCA0LjY5IDQuNjkgMCAwIDEtMi41Ni4yNzhsLTEuNjA2IDEuMTQ3YTU1LjMwOSA1NS4zMDkgMCAwIDAtMzUuMDMyLTE2LjkyN2MtLjAzOS0uNTYxLS4wODctMS41NzctLjEwMi0xLjg4NGEzLjM0NCAzLjM0NCAwIDAgMS0xLjM3Ny0yLjExIDM5LjUzMyAzOS41MzMgMCAwIDEgLjQ3OC03LjY1NiAzNS4xMTIgMzUuMTEyIDAgMCAwIC41NzUtNC4wMTJjLjAxMy0uMzQtLjAwNy0uODM0LS4wMDctMS4yMDFhNC4yNDIgNC4yNDIgMCAxIDAtOC40NDEuMDA0YzAgLjA0LjAwOS4wNzguMDEuMTE4LS4wMDQuMzUtLjAyMS43NzQtLjAxIDEuMDhhMzUuNDc2IDM1LjQ3NiAwIDAgMCAuNTc2IDQuMDE1IDM5LjQ3NSAzOS40NzUgMCAwIDEgLjQ3IDcuNjU0IDQuNjAxIDQuNjAxIDAgMCAxLTEuMzcgMi4xODJsLS4xIDEuNzg2YTU1LjA1MiA1NS4wNTIgMCAwIDAtNy42MyAxLjE3MyA1NC4yODkgNTQuMjg5IDAgMCAwLTI3LjU3NCAxNS43NTRxLS43Ny0uNTMxLTEuNTI2LTEuMDgyYTMuMzMzIDMuMzMzIDAgMCAxLTIuNTA2LS4yNDMgMzkuMzgzIDM5LjM4MyAwIDAgMS01LjY5LTUuMTQxIDM1LjI1NSAzNS4yNTUgMCAwIDAtMi43NzctMi45NWMtLjI1Ny0uMjItLjY1LS41Mi0uOTM4LS43NWE1LjAzIDUuMDMgMCAwIDAtMi45NDItMS4xMSA0LjA2NiA0LjA2NiAwIDAgMC0zLjM2MyAxLjQ5IDQuNDczIDQuNDczIDAgMCAwIDEuMDM4IDYuMjIybC4wNjUuMDQ2Yy4yNzYuMjI2LjYxNi41MTUuODcyLjcwMmEzNS4yNTYgMzUuMjU2IDAgMCAwIDMuNDk5IDIuMDQ4IDM5LjM2NyAzOS4zNjcgMCAwIDEgNi4yNzYgNC40MTIgNC42OSA0LjY5IDAgMCAxIC44NDkgMi40MzRsMS4zNTEgMS4yMDhhNTQuNjEzIDU0LjYxMyAwIDAgMC04LjYxMSAzOC4wNzNsLTEuNzY3LjUxNGE1LjgzNSA1LjgzNSAwIDAgMS0xLjgxNCAxLjgyNyAzOS4zOSAzOS4zOSAwIDAgMS03LjU2NSAxLjI0NyAzNS4yNjYgMzUuMjY2IDAgMCAwLTQuMDQ5LjMyNmMtLjMyNC4wNi0uNzc0LjE3NC0xLjEyNy4yNjJsLS4wMzcuMDA4LS4wNi4wMThhNC4yMzYgNC4yMzYgMCAxIDAgMS44NzUgOC4yMjRsLjA2My0uMDFjLjAyOC0uMDA2LjA1Mi0uMDIuMDgtLjAyNS4zNDgtLjA4Ljc4Ni0uMTYzIDEuMDkyLS4yNDZhMzUuNTkgMzUuNTkgMCAwIDAgMy43ODYtMS40NTEgMzkuNTI3IDM5LjUyNyAwIDAgMSA3LjM1OC0yLjE2NSA0LjY4IDQuNjggMCAwIDEgMi40MjYuODU3bDEuODQtLjMxNWE1NC45MjIgNTQuOTIyIDAgMCAwIDI0LjM0IDMwLjM4N2wtLjc2OSAxLjg0YTQuMTg4IDQuMTg4IDAgMCAxIC4zNzcgMi4zODcgNDEuMjI4IDQxLjIyOCAwIDAgMS0zLjgyIDYuODY0IDM1LjE4MyAzNS4xODMgMCAwIDAtMi4yNjMgMy4zNzJjLS4xNjguMzE4LS4zODEuODA1LS41NDIgMS4xMzhhNC4yMzggNC4yMzggMCAxIDAgNy42MjEgMy42MTZsLjAwNy0uMDA4di0uMDFjLjE2LS4zMy4zODctLjc2My41MjItMS4wNzJhMzQuOTAzIDM0LjkwMyAwIDAgMCAxLjIxOC0zLjg2OCAyOS41MTcgMjkuNTE3IDAgMCAxIDMuMjY4LTcuNTgyIDMuNDMgMy40MyAwIDAgMSAxLjgxOS0uODg4bC45NTctMS43M2E1NC42MTcgNTQuNjE3IDAgMCAwIDM4Ljk0Ni4wOTljLjI2OC40NzguNzY4IDEuMzkyLjkgMS42MjNhMy4zMzUgMy4zMzUgMCAwIDEgMi4xNTUgMS4zMSAzOS4zMDYgMzkuMzA2IDAgMCAxIDIuODk4IDcuMDk2IDM1LjI3NSAzNS4yNzUgMCAwIDAgMS4yMjUgMy44NjhjLjEzNy4zMTIuMzYuNzUuNTIyIDEuMDgyYTQuMjQgNC4yNCAwIDEgMCA3LjYzLTMuNjA3Yy0uMTYxLS4zMzMtLjM4My0uODItLjU1LTEuMTM2YTM1LjA2IDM1LjA2IDAgMCAwLTIuMjYzLTMuMzY0IDM5LjM3MiAzOS4zNzIgMCAwIDEtMy43NDItNi43IDMuMzE0IDMuMzE0IDAgMCAxIC4zMjQtMi40OSAxNC41MTkgMTQuNTE5IDAgMCAxLS43MDMtMS43MDMgNTQuOTIgNTQuOTIgMCAwIDAgMjQuMzI4LTMwLjYwNWMuNTQ2LjA4NyAxLjQ5Ny4yNTMgMS44MDYuMzE2YTMuMzM3IDMuMzM3IDAgMCAxIDIuMzYtLjg3NyAzOS40NzYgMzkuNDc2IDAgMCAxIDcuMzYgMi4xNjUgMzUuMTM1IDM1LjEzNSAwIDAgMCAzLjc4OCAxLjQ2MmMuMzA1LjA4Ljc0LjE1NiAxLjA5LjIzMy4wMjkuMDA4LjA1NS4wMi4wODMuMDI4bC4wNi4wMDlhNC4yMzYgNC4yMzYgMCAxIDAgMS44NzgtOC4yMjR6bS00MC4xLTQyLjk4N2wtMTguMDM3IDEyLjc4Ny0uMDYzLS4wM2EzLjcyMyAzLjcyMyAwIDAgMS01LjkxMy0yLjgzOGwtLjAyLS4wMS0xLjI1My0yMi4xMDNhNDMuODUgNDMuODUgMCAwIDEgMjUuMjg1IDEyLjE5NHptLTMzLjk3OCAyNC4yMjhoNi43ODhsNC4yMiA1LjI3Ni0xLjUxMyA2LjU4LTYuMDk2IDIuOTM0LTYuMTE0LTIuOTQtMS41MTYtNi41ODN6bS02LjM4Ni0zNS42NDhhNDQuNjcyIDQ0LjY3MiAwIDAgMSA0LjUwMy0uNzc0bC0xLjI1NSAyMi4xMzctLjA5Mi4wNDRhMy43MiAzLjcyIDAgMCAxLTUuOTA0IDIuODUybC0uMDM1LjAyLTE4LjE1NC0xMi44NzJhNDMuNDY3IDQzLjQ2NyAwIDAgMSAyMC45MzctMTEuNDA3em0tMjcuNTIgMTkuNjhsMTYuNTc0IDE0LjgyNC0uMDE4LjA5YTMuNzIgMy43MiAwIDAgMS0xLjQ2MiA2LjM5NWwtLjAxNy4wNzItMjEuMjQ1IDYuMTNhNDMuNDU0IDQzLjQ1NCAwIDAgMSA2LjE2OC0yNy41MXptMjIuMTkxIDM5LjM4bC04LjQ0MSAyMC4zOTdhNDMuNjk2IDQzLjY5NiAwIDAgMS0xNy41MzYtMjEuOTQ4bDIxLjc4My0zLjcuMDM3LjA0OWEzLjY1NSAzLjY1NSAwIDAgMSAuNzMtLjA2NSAzLjcyIDMuNzIgMCAwIDEgMy4zNjQgNS4xODV6bTI0LjkxNiAyNi4yM2E0My42MzcgNDMuNjM3IDAgMCAxLTIzLjgxNS0xLjIyM2wxMC43MTMtMTkuMzcyaC4wMThhMy43MjUgMy43MjUgMCAwIDEgNi41NTctLjAwNmguMDhsMTAuNzQgMTkuNDA0cS0yLjA5MS42OTgtNC4yOTMgMS4xOTl6bTEzLjg0MS01Ljc1MWwtOC41MjgtMjAuNjA1LjAyNi0uMDM3YTMuNzI1IDMuNzI1IDAgMCAxIDEuODAzLTQuODIzIDMuNjg1IDMuNjg1IDAgMCAxIDEuNDI1LS4zNyAzLjU5IDMuNTkgMCAwIDEgLjg1NS4wNjNsLjAzNy0uMDQ2IDIxLjk3NyAzLjcxNGE0My41MyA0My41MyAwIDAgMS0xNy41OTUgMjIuMTA1em0xOS45MDMtMzIuNDJsLTIxLjM1Mi02LjE1LS4wMi0uMDlhMy43MjUgMy43MjUgMCAwIDEtMS40Ni02LjM5NWwtLjAwOC0uMDQzIDE2LjQ4Mi0xNC43NTFhNDQuMjc5IDQ0LjI3OSAwIDAgMSA2LjM1NyAyNy40M3oiIGNsYXNzPSJjbHMtMSIvPjwvc3ZnPg==
+  longDescription: This project specifies a Kubernetes-wide specification for communicating
+    service secrets to workloads in an automated way. It aims to create a widely applicable
+    mechanism but without excluding other strategies for systems that it does not
+    fit easily. The benefit of Kubernetes-wide specification is that all of the actors
+    in an ecosystem can work towards a clearly defined abstraction at the edge of
+    their expertise and depend on other parties to complete the chain.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: A Kubernetes-wide specification for communicating service secrets
+    to workloads in an automated way.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-service-binding
+    for community support.
diff --git a/repo/packages/tempo-operator.packages.kadras.io/0.17.1.yml b/repo/packages/tempo-operator.packages.kadras.io/0.17.1.yml
new file mode 100644
index 0000000..3d610f9
--- /dev/null
+++ b/repo/packages/tempo-operator.packages.kadras.io/0.17.1.yml
@@ -0,0 +1,293 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: tempo-operator.packages.kadras.io.0.17.1
+spec:
+  licenses:
+  - Apache 2.0
+  refName: tempo-operator.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/package-for-tempo-operator/releases
+  releasedAt: "2025-08-14T18:19:45Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/package-for-tempo-operator@sha256:3af49f0336f722e4e8cb9adbb0b48e0c821178e1fbf04cde0ce87621ccf62f57
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        configMapData:
+          default: {}
+          description: The YAML contents of the `tempo-operator-manager-config` ConfigMap.
+            See https://github.com/grafana/tempo-operator/blob/main/docs/operator/config.yaml
+            for more information.
+          nullable: true
+        controller:
+          additionalProperties: false
+          description: Settings for the Tempo Operator controller.
+          properties:
+            replicas:
+              default: 1
+              description: The number of replicas for this Deployment. In order to
+                enable high availability, it should be greater than 1.
+              minimum: 1
+              type: integer
+          type: object
+        tempo:
+          additionalProperties: false
+          description: Settings for Tempo.
+          properties:
+            extraConfig:
+              default: {}
+              description: Additional configuration for Tempo that will be merged
+                with the one generated by the Operator. It has higher precedence than
+                the Operator.
+              nullable: true
+            jaegerui:
+              additionalProperties: false
+              description: Settings for Jaeger UI.
+              properties:
+                enabled:
+                  default: false
+                  description: Whether to enable the Jaeger UI to visualize traces.
+                  type: boolean
+              type: object
+            namespace:
+              default: default
+              description: Namespace where to provision a Tempo installation, stack
+                or monolithic.
+              type: string
+            observability:
+              additionalProperties: false
+              description: Settings for observability.
+              properties:
+                grafana:
+                  additionalProperties: false
+                  properties:
+                    createDatasource:
+                      default: false
+                      description: Whether a Datasource managed by Grafana Operator
+                        should be created for Tempo.
+                      type: boolean
+                  type: object
+                metrics:
+                  additionalProperties: false
+                  properties:
+                    createPrometheusRules:
+                      default: false
+                      description: Whether PrometheusRules for alerts managed by Prometheus
+                        Operator should be created for Tempo.
+                      type: boolean
+                    createServiceMonitors:
+                      default: false
+                      description: Whether ServiceMonitors managed by Prometheus Operator
+                        should be created for Tempo.
+                      type: boolean
+                  type: object
+                tracing:
+                  additionalProperties: false
+                  properties:
+                    otlpHttpEndpoint:
+                      default: ""
+                      description: The OTLP HTTP endpoint where to send traces. Only
+                        for TempoStack.
+                      type: string
+                    samplingFraction:
+                      default: ""
+                      description: Sampling frequence for Tempo traces. Only for TempoStack.
+                      type: string
+                  type: object
+              type: object
+            resources:
+              additionalProperties: false
+              description: Settings for total resources.
+              properties:
+                limits:
+                  additionalProperties: false
+                  properties:
+                    cpu:
+                      default: 750m
+                      type: string
+                    memory:
+                      default: 2Gi
+                      type: string
+                  type: object
+                requests:
+                  additionalProperties: false
+                  properties:
+                    cpu:
+                      default: 500m
+                      type: string
+                    memory:
+                      default: 1Gi
+                      type: string
+                  type: object
+              type: object
+            storage:
+              additionalProperties: false
+              description: Settings for storage.
+              properties:
+                backend:
+                  additionalProperties: false
+                  description: Tracing backend object storage configuration.
+                  properties:
+                    secret:
+                      additionalProperties: false
+                      properties:
+                        name:
+                          default: ""
+                          description: Name of the Secret containing the credentials
+                            to access the configured object storage.
+                          type: string
+                        namespace:
+                          default: kadras-system
+                          description: Namespace containing the Secret with the credentials
+                            to access the configured object storage.
+                          type: string
+                      type: object
+                    type:
+                      default: memory
+                      description: 'Type of object storage that should be used. Valid
+                        options: `azure`, `gcs`, `s3`, `memory` (only for TempoMonolithic).'
+                      enum:
+                      - azure
+                      - gcs
+                      - s3
+                      - memory
+                      type: string
+                  type: object
+                size:
+                  default: 10Gi
+                  description: The size of the storage used by Tempo.
+                  type: string
+              type: object
+            tempoMonolithic:
+              additionalProperties: false
+              description: Settings for the built-in TempoMonolithic instance.
+              properties:
+                enabled:
+                  default: false
+                  description: Whether to deploy the built-in TempoMonolithic instance.
+                  type: boolean
+              type: object
+            tempoStack:
+              additionalProperties: false
+              description: Settings for the built-in TempoStack instance.
+              properties:
+                compactor:
+                  additionalProperties: false
+                  description: Settings for the Tempo Compactor.
+                  properties:
+                    replicas:
+                      default: 1
+                      description: Number of replicas to deploy for the Compactor
+                        component. In order to enable high availability, it should
+                        be greater than 1.
+                      type: integer
+                  type: object
+                distributor:
+                  additionalProperties: false
+                  description: Settings for the Tempo Distributor.
+                  properties:
+                    replicas:
+                      default: 1
+                      description: Number of replicas to deploy for the Distributor
+                        component. In order to enable high availability, it should
+                        be greater than 1.
+                      type: integer
+                  type: object
+                enabled:
+                  default: false
+                  description: Whether to deploy the built-in TempoStack instance.
+                  type: boolean
+                gateway:
+                  additionalProperties: false
+                  description: Settings for the Tempo Gateway.
+                  properties:
+                    enabled:
+                      default: false
+                      description: Whether to enable the Tempo Gateway.
+                      type: boolean
+                    ingress:
+                      additionalProperties: false
+                      description: Ingress for the Tempo Gateway.
+                      properties:
+                        annotations:
+                          additionalProperties: false
+                          description: The annotations for the Ingress object.
+                          properties: {}
+                          type: object
+                        host:
+                          default: ""
+                          description: The hostname of the Ingress object.
+                          type: string
+                        ingressClassName:
+                          default: contour
+                          description: The class of the Ingress Controller to use
+                            for the Tempo Gateway.
+                          type: string
+                        type:
+                          default: null
+                          description: 'Type of Ingress for the Tempo Gateway. Valid
+                            options: `ingress`, `route`.'
+                          enum:
+                          - ingress
+                          - route
+                          nullable: true
+                          type: string
+                      type: object
+                  type: object
+                ingester:
+                  additionalProperties: false
+                  description: Settings for the Tempo Ingester.
+                  properties:
+                    podSecurityContext:
+                      additionalProperties: false
+                      description: PodSecurityContext for the Ingester component.
+                      properties: {}
+                      type: object
+                    replicas:
+                      default: 1
+                      description: Number of replicas to deploy for the Ingester component.
+                        In order to enable high availability, it should be greater
+                        than 1.
+                      type: integer
+                  type: object
+                querier:
+                  additionalProperties: false
+                  description: Settings for the Tempo Querier.
+                  properties:
+                    replicas:
+                      default: 1
+                      description: Number of replicas to deploy for the Querier component.
+                        In order to enable high availability, it should be greater
+                        than 1.
+                      type: integer
+                  type: object
+                queryFrontend:
+                  additionalProperties: false
+                  description: Settings for the Tempo Query Frontend.
+                  properties:
+                    replicas:
+                      default: 1
+                      description: Number of replicas to deploy for the Query Frontend
+                        component. In order to enable high availability, it should
+                        be greater than 1.
+                      type: integer
+                  type: object
+              type: object
+          type: object
+      type: object
+  version: 0.17.1
diff --git a/repo/packages/tempo-operator.packages.kadras.io/metadata.yml b/repo/packages/tempo-operator.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..7f3f5d7
--- /dev/null
+++ b/repo/packages/tempo-operator.packages.kadras.io/metadata.yml
@@ -0,0 +1,21 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: tempo-operator.packages.kadras.io
+spec:
+  categories:
+  - gitops
+  displayName: tempo-operator
+  longDescription: Tempo is an open source, easy-to-use, and high-scale distributed
+    tracing backend. It can ingest common open source tracing protocols including
+    Jaeger, Zipkin, and OpenTelemetry and requires only object storage to operate.
+    The Community Tempo Operator supports Tempo deployments in Microservices mode
+    (TempoStack CR) and Monolithic mode (TempoMonolithic CR).
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Open source, easy-to-use, and high-scale distributed tracing backend
+    with support for OpenTelemetry.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-tempo-operator
+    for community support.
diff --git a/repo/packages/workspace-provisioner.packages.kadras.io/0.4.0.yml b/repo/packages/workspace-provisioner.packages.kadras.io/0.4.0.yml
new file mode 100644
index 0000000..4cf6ff9
--- /dev/null
+++ b/repo/packages/workspace-provisioner.packages.kadras.io/0.4.0.yml
@@ -0,0 +1,115 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: Package
+metadata:
+  creationTimestamp: null
+  name: workspace-provisioner.packages.kadras.io.0.4.0
+spec:
+  licenses:
+  - Apache 2.0
+  refName: workspace-provisioner.packages.kadras.io
+  releaseNotes: https://github.com/kadras-io/workspace-provisioner/releases
+  releasedAt: "2025-08-14T17:24:09Z"
+  template:
+    spec:
+      deploy:
+      - kapp: {}
+      fetch:
+      - imgpkgBundle:
+          image: ghcr.io/kadras-io/workspace-provisioner@sha256:9efab8fd3c86a7e8cfd5f1cff17ab5a881a0d37b13af5e971f2e1b23ac6c2dde
+      template:
+      - ytt:
+          paths:
+          - config
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
+  valuesSchema:
+    openAPIv3:
+      additionalProperties: false
+      properties:
+        cosign:
+          additionalProperties: false
+          description: Settings for Cosign, used for signing and verifying OCI artifacts.
+          properties:
+            secret:
+              additionalProperties: false
+              description: Configuration for the Secret holding the Cosign key pair.
+              properties:
+                name:
+                  default: ""
+                  description: The name of the Secret holding the Cosign key pair.
+                  type: string
+                namespace:
+                  default: ""
+                  description: The namespace of the Secret holding the Cosign key
+                    pair.
+                  type: string
+              type: object
+          type: object
+        git:
+          additionalProperties: false
+          description: Configuration to access the Git repositories used in the GitOps
+            workflows.
+          properties:
+            secret:
+              additionalProperties: false
+              description: Configuration for the Secret holding the Git credentials.
+              properties:
+                name:
+                  default: ""
+                  description: The name of the Secret holding the Git credentials.
+                  type: string
+                namespace:
+                  default: ""
+                  description: The namespace of the Secret holding the Git credentials.
+                  type: string
+              type: object
+            server:
+              default: https://github.com
+              description: The Git server hosting the Git repositories used in the
+                GitOps workflows.
+              type: string
+          type: object
+        namespaces:
+          default: []
+          description: Configuration for the namespaces the platform will provision
+            and manage.
+          items:
+            additionalProperties: false
+            description: Details about the namespace to configure.
+            properties:
+              name:
+                default: ""
+                type: string
+            type: object
+          type: array
+        oci:
+          additionalProperties: false
+          description: Settings for accessing the OCI registry that the workspace
+            will use.
+          properties:
+            pull_secret:
+              additionalProperties: false
+              description: Configuration for the Secret holding the credentials to
+                pull images from the OCI registry.
+              properties:
+                name:
+                  default: ""
+                  description: The name of the Secret holding the credentials to pull
+                    images from the OCI registry.
+                  type: string
+                namespace:
+                  default: ""
+                  description: The namespace of the Secret holding the credentials
+                    to pull images from the OCI registry.
+                  type: string
+              type: object
+          type: object
+        service_account:
+          default: supply-chain
+          description: The `ServiceAccount` to be configured with credentials and
+            roles in each workspace.
+          type: string
+      type: object
+  version: 0.4.0
diff --git a/repo/packages/workspace-provisioner.packages.kadras.io/metadata.yml b/repo/packages/workspace-provisioner.packages.kadras.io/metadata.yml
new file mode 100644
index 0000000..91aeb81
--- /dev/null
+++ b/repo/packages/workspace-provisioner.packages.kadras.io/metadata.yml
@@ -0,0 +1,17 @@
+apiVersion: data.packaging.carvel.dev/v1alpha1
+kind: PackageMetadata
+metadata:
+  creationTimestamp: null
+  name: workspace-provisioner.packages.kadras.io
+spec:
+  categories:
+  - environment provisioning
+  displayName: workspace-provisioner
+  longDescription: Provisions and configures workspaces for the platform users, such
+    as application developers. A workspace can be a namespace or a virtual cluster.
+  maintainers:
+  - name: Thomas Vitale
+  providerName: Kadras
+  shortDescription: Provisions and configures workspaces for the platform users.
+  supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/workspace-provisioner
+    for community support.
diff --git a/repo/pkgrepo-build.yml b/repo/pkgrepo-build.yml
index c20d866..140bf1c 100644
--- a/repo/pkgrepo-build.yml
+++ b/repo/pkgrepo-build.yml
@@ -1,9 +1,9 @@
 apiVersion: kctrl.carvel.dev/v1alpha1
 kind: PackageRepositoryBuild
 metadata:
-  creationTimestamp: "2022-09-24T20:15:30Z"
+  creationTimestamp: "2023-01-12T21:36:30Z"
   name: repository.packages.kadras.io
 spec:
   export:
     imgpkgBundle:
-      image: ghcr.io/arktonix/kadras-packages
+      image: ghcr.io/kadras-io/kadras-packages