From 2c2fe01cf9f4d097eb49ab72a916f1282ff47586 Mon Sep 17 00:00:00 2001
From: Francesco Giudici <francesco.giudici@suse.com>
Date: Tue, 16 Jul 2024 22:16:37 +0200
Subject: [PATCH] [dev-v2.9] elemental 104.1.1+up1.5.4 update (#4232)

Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
---
 .../elemental-crd-104.1.1+up1.5.4.tgz         |  Bin 0 -> 22179 bytes
 .../elemental/elemental-104.1.1+up1.5.4.tgz   |  Bin 0 -> 3456 bytes
 .../elemental-crd/104.1.1+up1.5.4/Chart.yaml  |   11 +
 .../104.1.1+up1.5.4/templates/crds.yaml       | 4079 +++++++++++++++++
 .../validate-no-pending-deletions.yaml        |    6 +
 charts/elemental/104.1.1+up1.5.4/Chart.yaml   |   20 +
 charts/elemental/104.1.1+up1.5.4/README.md    |    5 +
 .../elemental/104.1.1+up1.5.4/app-readme.md   |    5 +
 .../elemental/104.1.1+up1.5.4/questions.yaml  |   27 +
 .../104.1.1+up1.5.4/templates/_helpers.tpl    |   17 +
 .../104.1.1+up1.5.4/templates/apiservice.yaml |    9 +
 .../104.1.1+up1.5.4/templates/capi_rbac.yaml  |   10 +
 .../104.1.1+up1.5.4/templates/channel.yaml    |   11 +
 .../templates/cluster_role.yaml               |  267 ++
 .../templates/cluster_role_binding.yaml       |   13 +
 .../104.1.1+up1.5.4/templates/deployment.yaml |   50 +
 .../104.1.1+up1.5.4/templates/globalrole.yaml |   16 +
 .../templates/serviceaccount.yaml             |    4 +
 .../templates/validate-install-crd.yaml       |   25 +
 charts/elemental/104.1.1+up1.5.4/values.yaml  |   42 +
 index.yaml                                    |   39 +
 .../generated-changes/patch/Chart.yaml.patch  |    4 +-
 packages/elemental/elemental-crd/package.yaml |    4 +-
 .../generated-changes/patch/Chart.yaml.patch  |    6 +-
 .../patch/questions.yaml.patch                |    2 +-
 .../generated-changes/patch/values.yaml.patch |    4 +-
 packages/elemental/elemental/package.yaml     |    4 +-
 release.yaml                                  |    2 +
 28 files changed, 4670 insertions(+), 12 deletions(-)
 create mode 100644 assets/elemental-crd/elemental-crd-104.1.1+up1.5.4.tgz
 create mode 100644 assets/elemental/elemental-104.1.1+up1.5.4.tgz
 create mode 100644 charts/elemental-crd/104.1.1+up1.5.4/Chart.yaml
 create mode 100644 charts/elemental-crd/104.1.1+up1.5.4/templates/crds.yaml
 create mode 100644 charts/elemental-crd/104.1.1+up1.5.4/templates/validate-no-pending-deletions.yaml
 create mode 100644 charts/elemental/104.1.1+up1.5.4/Chart.yaml
 create mode 100644 charts/elemental/104.1.1+up1.5.4/README.md
 create mode 100644 charts/elemental/104.1.1+up1.5.4/app-readme.md
 create mode 100644 charts/elemental/104.1.1+up1.5.4/questions.yaml
 create mode 100644 charts/elemental/104.1.1+up1.5.4/templates/_helpers.tpl
 create mode 100644 charts/elemental/104.1.1+up1.5.4/templates/apiservice.yaml
 create mode 100644 charts/elemental/104.1.1+up1.5.4/templates/capi_rbac.yaml
 create mode 100644 charts/elemental/104.1.1+up1.5.4/templates/channel.yaml
 create mode 100644 charts/elemental/104.1.1+up1.5.4/templates/cluster_role.yaml
 create mode 100644 charts/elemental/104.1.1+up1.5.4/templates/cluster_role_binding.yaml
 create mode 100644 charts/elemental/104.1.1+up1.5.4/templates/deployment.yaml
 create mode 100644 charts/elemental/104.1.1+up1.5.4/templates/globalrole.yaml
 create mode 100644 charts/elemental/104.1.1+up1.5.4/templates/serviceaccount.yaml
 create mode 100644 charts/elemental/104.1.1+up1.5.4/templates/validate-install-crd.yaml
 create mode 100644 charts/elemental/104.1.1+up1.5.4/values.yaml

diff --git a/assets/elemental-crd/elemental-crd-104.1.1+up1.5.4.tgz b/assets/elemental-crd/elemental-crd-104.1.1+up1.5.4.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..e6d5695693b8f57ccb2198d3dddb239ae9d7d6ff
GIT binary patch
literal 22179
zcmaI-b97`|_XP|m>7<i%Y}>YN+qP||JGN~*72D|8wryKq?!Dvrz286Yd&a1<SM4>|
znrl^!arUlLXW~UbAOrn#d{F>V8Hg*=8;Q%XN_%jy7&58S8!NF`Xex2A%BiZd%BWde
z8rT|pC@a|Uh?`j30G)TfxvjC@vajacscl<6IT<w<TbEe0J+yZ6tgu^jdb}*lK3%d+
zmIR55_oaij0GVs~yk9-(16>o`0FTBe*oN_#VMXlg(*ylv3h;<cB@U#(2G0w9%$cZ_
z-vg7~onl>v{XVj}eWAa2*xA)TuX@$wV0pQ`-}i6SV!D0r7kc-mU}3x8UuSmAj`b77
znH!}ksd>3tob<*5-U67%(bd!yCiiE41PWH#kDKkmQ=ud<9J~=Agv(NdMaT9~XCf)Q
zt!9cM7>Jn{3X6(1R?}y~r|rgK6WkfeQ}edQh7&jDKq4YhOXTwL2@a5PlYmgs-uETJ
z*-QQ=7F3*!o_;6*XP3F-gB#L|!s81Kg$9#BdA~>g;NJxe@@y@jKqDu#7)MK-m`=kW
z_Ppd2w6hUAURkO2u89;S&j+`Rizf=4V=g9`zU_6{eCgf0*?GQ>pk^`mK7Y}*UHGUL
zj~`S=Xsr%wqY#~L`^w?|d>!d6DEjzXND$M5d;8+m^w`=?jMoxL{gjHX{v>^PZ0Gg1
z7twGI%r;TH*^d;@4vWQ3pfEvR^b|ynuIWqvO<ju=C^(t8?I0~oPh{<#Br{B0;2;bN
zG}V0G`+R-#ybUbKkR7}1gKegWz|aLl%~-a*#7wvgp}>lwP8k<Oi9{l+__gt{6G-mu
z9(c~T4WKmgcs{E(_cry#?CymW=>Gb=1{OTD@bBj^39Pf~Lq<y+cGxuOt-u{l48(j$
z+t$$BMJ!T-7Utp?T3Pz}90u0)M~orq)Z}7MO_|c2B#Oyzk8^*!w$M6xK)tdfmn)WF
ziTf;SZ{+(cJhuk2^}}&b(`U>~0L2<d*rhO#laup(zwNkX5-gjp)KFj(pOb_F+*1jn
zbiHfIdj!W`_IL*ocJ77>TgqY=6W6g5@QPT<k{}YJ2wSFG{dqMThtGM>2(;_~ea(b`
z`8mQdwJT0HZ$*fVNW9M^`g_Dcs*v6JSEK^LC^7={&@tu^#)?p?h*T_62fzO@ufm|@
z_4bd}$RR7*P~FLQh>0Z0gPG6INXq69!E9oT0?S%Bt}t1~fuQx6VV1Bbk}NRwK&NsD
z>j0n3S)iYN`cTmc$8>$R>KZ4Dnd*v=qozgRHMm~VF}k^-l7TejOn(hg@8!~+&8DX4
zV*CG&C#EItE}*ovyv)oOT1y7L*iyQK&_hNj%BK1A^`#;f$BvUis(50&lMyMNlxh8Z
zgH}gQhfgd*P$ky%-3iPyV<)&_nt-@;tGcfo=9lwdvQEOdx*ZGdC<2dWK>_&Yfav$r
z`Sv(=y_Z^v040S_88{xk;?)R2=Evb)B_jGUN)R$@q^h+jd*-YRMPQb?qH)&RMbh3o
z=FaxCrXi{F_oby<@#k&U9S4_lOd+?i`*d>WwS8n!1(=;sO>iUTA9ByWwWB%>C<udg
zlD?o@>5CDQPz!2|!nh_gn;DB1Ar|BDFzv<GQ)DH<q9}NpR5CDmS-AkgMEt-l8fkNK
zcX(}c{iK!ED>$N4NS86h%%`eTPY34|fyySJ7KfRZ#*@JOTQI9V2WH4k=omTO?H(+s
zzx+!n`H8Je3zpDGTIg-Xk^~_g0i~1~lDUnKNXj0@Gjj9STu87kctoK#5K$h8XCQ(c
zD(X&B7*YNZGxLR5kP4}foAI!Qu#}<7o-yy3UPHIs`0M-z0$Z5tZz9b&_Hw}Iv~Vb8
z{5*bb;2`<X4`P04V7wp;YJsiYNc>8)E=TsDH2A<W%%0Ln?j%i8epzT7y*hjdT8v5o
zBG}WS(kXM)IPoVHD29BHXtT1JX+{uK5IT6)l99xCc0meNCuY_=W?EAH$mximrTeI4
z7SfNj81Hf?Wny&feBkJ)-Fgp5ACI5BoMUo)8+J6(ym7+XSaF#97|aLndCvEY4Hzl<
zUB>Uh3p;??vI`I>$3R*!xoU=}8)DLw0v=}$P84s_(0MNYuiTaGgX7e3&}eaI4oc6;
zpcj#F753jUe<M4HBkWwZNU$g7oF+Dht#54d^{Dt3`>qBENw!GY7rK{R9W*>&SY%V$
zDJ}w^@a`2neAsDK52n77GjVjHf4!dH2v=Vy)6j}FeyG^<wqavbij^|X7K|a_Gt6da
z+(@wUv|-Djh7Wi4^9aoH(5U{_y7%OGT>&IF2{^Kl^;JrhZGCjY4wya~Xhs&b!KX?b
zzxtCFe)8np<w53e`iQD8g13DFv%1N;C3OSbN|FzlspunA@P4KC%AZYI%#F*kF}?*N
zANdXv5*pI)Aa@2ijhhl<5;^Cmf&V<r9q6X&lz6-ksr<VSyoH^A$P|pEPLF>QOdyf8
zNg_io+bUkeDX7^3&HOj`NpsR>4v~-~d&47|8l9+ksveYy7$W)}KHQ8Nq%35@kv57<
z(-@?DUultnN>echenQ3oYo(UOCvkgCEpTG~9m413_>AngR*H16K>V>+UnoM#rDUy2
zC<zOgIHPO+le=oikF$!lRl6GDcyi`mP1adOeI`gfdq47oU-hx)798bGNa;?W?tZX%
z7kOb>MJmBxpO5`5rsT@`c8|%|^RMbZ#cFjMqsT1<G%FnJZM8f)9AOU>yKuyoaPy>j
zJk}d{$qOWsvGW2Jlk#F-G0OO2z<O^l$9nlG_R%XbE~K}Kd&7fGI&&MMm{HC{G&jp)
z-|`yHXN-)pe&L$rEe5<GGlOv!8KmV{CLy?H*T&#GR+y1Bv-Y%R!B?7?SSZYBHXK@c
zMRlIW*dBty;?y*&tAmIVSO|lL!Hd>ILyaR7#2qHvocH#TJJ@QMuHa<$)uHuAJjeq;
z;Isz=I<axNEj5f^v|y?W)hP&<5ni{R<O03|0`z##mw#h}ZoN0S-S6DZ=HR(@zn!&3
zR>~5QYnn8!-pz(h+OnMY8jO}43mO~4b@tQ}dmZBh%vFWS2bxGIl>lSvEWc$24^4~R
zIjudl5&NNCw)hA@9L+H{Q)#%v+w0IM#Q^SkVLj@$%z-IkXw5J0SWKamYYgE#)mY<{
z)9rTU?J1o0QiT~h3CU9iU;=Vt;RC7&NtGd~QAvW}nGYqH<|c{LOc_?=0&^Kk`>DtV
zsyN`T0|%99B29?)tud7<WJxsn1}jBzoG(D0HzL;w%jNS)3_(QwvO-7t`^EIK%@RV%
zQtQydR<}NEkN7a6cQkKcWQQY!FFeH|L*zJ{k0-tA5%|tK;Lf{w-S{qio1HjpeY)OS
zMF9<+d>wG%ojjk{FPCmbX6;s&&H|qa3Ih3UK{)fF^NrOSBY?*=4mV4@w6bcS`CMGq
zRJu_(0XJRG<iVE1ZNT};96D141{7nIKyhjU$!75mzHh&yk^xLO)nTOQo=AHz@}z`2
zNk)so!nmQ{ME8hCExvkA7v|OL#%wJoF(jCRnenL~nEZ5SObsa!LSPUv+N9*N`tXCe
zOIh^96I;}<#ly(v9Q&^NyXLa^QP`hIbo+3XD2;m5nB)TBc|rbPv~&%xVTzK1immJ*
z7RlSgpQS}S0_XKSM6!*9m0AuXpvf|oa6d5ferI<3)PM0b=SMBl6fws;3#P6LF+v?d
z1W?F1MLN|y5U0*i#93PBArNfwy-rIj6=<@rB`#9;L|<O&t;gqyeu;7@!#@G9B#OD_
zve82aRYUB$qGR|GRd}$%V{#xhi#(|XBi+71T&$0W;hPtJVPh!YuCab-N%Yi`W8g?l
zuSiSf(&+TT#F>J(+xN*K?2*s|X-{P!lu9)C@4kuQiJF&4MkHU7M-0<=2KHFW6csO5
zHAaqsDLtbiH*=%}5=<Jh8y!8T<BuTu+lpg@i~7b)!|3Ak+MJBZr0Le77pa#ndQCdE
zyL-Jq4(peu%tvx~4JR^UuT?~A&o2&}nWmB3M&S>y9+aew3P(8a*T$*QVU11vhU+IO
zWD9vQPjTld`>}L|l{=X+%d45dskRabA&LwPBEp@R&iZ{lTR&P7)>d+?|J^@;Vp7j<
zm)KJ&Y@yxt_yzLSO2rU)wj4|j(!)!u!Thss)BREcrG)98D@Dt~>5>{+s)pr9OWK_M
z<vO)wiKsu3Q>Ff5X%t(meZrgU9Imy(4q=V17_g~A?3t#)21^QCEmIqU>BHszv(eRH
z<Yo|4<LQsKjh|q_0{(M7l#t<M%#}#)jq-a0=l<6TR=-f3h(eq3F{Q=FSH>X`qBsxY
zyX5(POa#XP@yN`jvO?ekd-_?dU)LmcMKu6?YHkY{9&iar7@3^QT6&liKS?t7lYg?Y
zTDb{!e}3Xa_=5+CZFA!KK}p=V?Hgu9`yDmGxfiVnOm{9GkgIQ7FNzj)=Tg7oy#EC6
z?(Ma+zs9O;MBy;?cI=2ATe0|jsO!#Z7Z_VHJp<dzXhxfgnU07IYGZ;Xwc&ALmY8@V
z7L4E&QXgA6XV)KU!9JSUVhd+Fs*CI}sivZ89)kuqeK=~Sa6g!D^9SHJyoaqgzaCF>
z!^$p#s9B}Tp1LMk4NmHHfG=UlZDChmg3n=Y45-T6AY|k;>07Rd%i7U^9jY}3J6#e)
zRt@(((_3_1f_UDKMP>a0iNr$PMA7IOddOUEv?ZdPja{WSK?y(Bb#lYx@%<3GG>L`7
z*p1e_w*sB4x6up^c@1zZ_bAvZ2S>Rc?LwiKgDcAG)U9?($E+wMt}$FA>uJF2Z8+`8
zK=JH*oW`oU|DC<1II;8KjO#?WWe?W9p2qvLQAS}%7j-t?i7-c1R*HjFRwhWQ!S^kY
zfc9K|O-=YkQ!hY{5poD?kD8wC%;lQqp`{ewZlcPXO`nuSE|MJ8suxitjh<B2!u!&)
zaVX!9E8AhvDq~DF*!bol?Xqc%ZfVu_72Z5tt?*<GpUkTtDl6Qb%h#T<gR)F@3`XqG
z6@92A%Nvkj=quG7m|$=QDf>|OrQ&3#F3??otVA$$Oi@b3P{v)~bb^>V7_GSBmz`~e
zeWnDe4Yz>-c+=+Pc$%Kj#@kB=KRUdbLD7hO)Rcxf05EYHEXKH+2<?NTuERubub8jD
z)jYIR*tj3tHLQekaYYl#EVY5DbP73Np@azAc8(ZSo)y?Gn68O2fNRR4g(-k$?T@$%
z<1SW{Mu=@hIzxg!D$(5>=kGUf&62E^YE7J3hFlw58sGm&k)(Qi6=x~G7_qn$u<yHd
zyM2n;$~;T>%fspG)O8rUszXWr*f_;{_CUX*eKJSM6UE@Qcq}WQce8cYMFDuiE@p7z
z3<=OZ9dqpyGhV?~u@Sl-hUZ}vj!9gD=h+2z2*t(77Yja)Bk(l-*9>PBj)9&bVzK$3
z!||;;3|AtVThp?i;FMbBfKIia!24Erz9sG;IJyh1X@a-I_q-(L>eA=!0#og_M8UXG
zYK%NGo`bga;@r<|7<bhCUMFIqty&8E^u)5XF*&_L?QS6OE|t0{7{mMWlb+YjV|CQ)
zy0g8;r?+B**ZtDPPOrn8+VsNtb-xTGr<cv{dIHP)?&nsArpMo#Fj$V!n~L<@)xM$8
zt~oXA(_aJ+Na0PxyxMEHSPlR@E{BVP8k8l@`}jk1-foKx(lw3jC761=CC-&tE1UD-
z#u)6PWrno}>+)BJ0;^fdHAlc&K;6W^GRtqic9~Y}_NJz@S}WWtvx%zV#=Y(esX8m(
zNkA9vXk+N3gNkiXczN`AXJ@JQ-8J(0(OejBGL@4+N*C=!)yqVe1rF_G6=3J|92kYe
z?HD%2Y>C^4N9NAKuL>u7sE>cmIn34Ou4<<0A>XLEqQUA+-r=lj?j`kVDyXe~EUHbh
z{qRKbA|0*2VehzJ+glr;bLQCU3Yd6kb1&%!YY*3rpmKc}sB&;_Gi_fS5@`?j2S0eT
z>GX2ipyli!L$h7FTuNGFsV+KrP~2*Hw`J%$7+fLBQLcw-vC6Oqa|0x>0nRWtIlTsL
zI>z*{9^h*@wFj-l=K5XMS?p+MT!(ZcB6FlXj?&~EIl2q1Jf;ZVu<31Rj|RA+a2rj$
zJ6wI&{B}>`FIRE2=d=cA&l_}c#Hk+EGMBApuJ*<^{k^MVT@IE`hm78{*0s=V7l1eC
zRyt7(JBd1C=DetuRYRU(kKEwAGjR4YGPkw-Y^Mb_8yj&BwDNS5eRkhG$Grq}T}#Be
zvhM)XUS11q9@B0#Z5JL(bO@tkW4vPHcO6epZEk?-(RYN7Yn`|K&KsS(hf%i)E$`Fo
zSvSB{=4QlFmz9<K)sg$F$4&d8jOy=d-=$Z@=RNnA_DAsRM>iWI-LI+__pkOv46toY
zH|9T97Ye{t4?41VERsEqF-SDqtHlLBwcD-k`GHH^ko~NDXFy-pHWa|BY$)4$SnPhT
z;o5Akt}1|MCCnfsZEI>d`&;2C{3=?~EI<i=S}j1;Uds*|2-vWuD(`J<I{vxDTSN}N
zbV;__+h`-g({hONvAs%$3bwN<3UJh&K^QojP(b|taAyz)sG<~*2B@Ble%*(c+uK|m
zhbKEAcLjdrQ)}NTrLQrSR7V05bRH*iqj@D!UFKNPl6KOUey-1gDI3j;Hg2^Y!_bXm
z;w{!E0F~9<{iaIn@*@;N7T+R|b@V%@0rgFka_*l?QjfXClG(vQA)aWU6LSu=6cd6U
zg8$0^>HsZ(En~7>;=GvEZzXA#{K_41t|ofemgfM?oJ>6X2Hw(A_`Qpg@?L6>PQPR^
z??a)90I8Y$%L2(*zz!~|Nr98JkbHOJq9fNci_YeK2@Z0QfFRt^k2kLrRJ+YMbMSC*
zV7fHbF?|w`8Yi(xpQ6HVQ<wU~MP}{S%YD!0pI>b}yK!_YP1{H3MgfBOI;TuqX9G^J
z5mOObcQ%iBvl1y7;~hU`n|1Acw=NE<^t=x4R+GJx!P%B4T6#s5cO|6#A&)5WrNg2x
z4#)oR13~w}u09K9D8{Yp*J1>Vl59a>5B~6yX^LYgeh-G=wW&pY@FNY)o|)*0hc0oP
zOd`aIq#{(x9Kh*p^EH}Oa%yVmy8NyFynGFX?eiu^6`dWCh%a#t<{ZX4xE+H)#KsFf
zJ}kDZJ*97ED#pz+=u8daslNR@{e##P!INFVkg|R2lA_J|7VDqeegdS&qL0any57f^
zsP%OQ+f{XxldGo(`M0}D7Ig>?sNe($x@#Rss1kMP+;+3Dwf%1p^gu)~46%i0nfGoS
z*AGPc+_58pj@6Q&8+!)a@|i<w&O+8KNHnVmtH+org<xiIRW@=7q$ahq3Oy3LFQ$@#
zoj&K!xhYl8Th;3}Ql>_j=fT2FZ)j$}4p+M#U++&B@5D}88h9>SzoN1aaj{1qL(Bk1
z4|^cRAit-51WsCerLH;4iJpMUpHWV(?d}4d<w}M<)x0Z~cH~m7#zrUD=IdO<0dA*7
zmt$&f;ttp95rp*1i!K~w<jBHfOjP_>Myj6EMHGlGZ^X4Xg``CMNw5bBOZTk;oE>Ew
zfT#e=y4$DnnEEVF9K#pM`qkic9HEKmJX5h&7#1#Wd{`E)|IG}^*Bh0tC^Y1mep>~_
zF7bsI#nz=O4D;tT7f2DRC+ds8!_#q0&iX_;VQTCArjobBmX~pN#u=wWWwgv_&^s-&
zlW#oS9?QX5uO@XlibTJhP;f+T7X>AxOqq%0`eV(cUC>xK^nCGl7HY7dl+P$$0qKw~
zgS{j9GuRCa%A1;iy67EW2WFf#$iMzd>&^uiZqk{{5TvP!!zF2oi1FcOoZ^k3Vvk}p
z50HjA7Z|nWJSujVy;TR|fe(KCME5aw&32F7N2(n&uSJQX>9P<?UgD-Z*akJn7F7<g
zkJ+G1oFs}-G|Yti-y8q*WhaiJ=tXL2OzgAe3siWPSGG|C{}#B=V(z*h9exDl-XieL
zLc<W)8Ztxo;!pq*=HDjl1l=*ylM|T`{-Uo_aRNkcJ7z`b6(BeTdXStM7AN&#Pm_>@
zOMzuN>?<XqH;52Gl}95Gv&5PLS04p%L=8$s0zztuBKxR3j3d9w=9O0)IoJ;TDZHUZ
zS2Lyhq+j_4X0Y{;h&=?SVZ!!$hR+e&{3;7!K3XUk*GUHiJ&FKqy?TGrbUB$0t?`sb
z?XBlf4h<VcIhmwD7zK@fngScaPAHRN66Zxvw8n8?pDl5}209jgJ*ob_MRy<bDf~JH
z9v&j{yVP04YUcvuC0et~T_0$z2cqts&v-PI?Qe~!rgV4!6$`#FS}dip^SCnS49Fta
z24%gZ?}5%2jKoD=^eS|QXDx6uq`i`j<~xiYJ?6|TRKb0ME8h@LrNlf<vtf=;+QA5G
zDTK_nY4OD1_x19PXV0p|?$-2GM{3jT9Ub?euxxyHhET@=Q4RUCK%n0^6Gw8WabHP*
z=zKvgKNdFSj(sP6fOe0Aiu>`%f^g~L7K+Y`4^2&mBh839@HgG^Oq%j%Ksxs-j%$MS
zjS@9-ro+*F%1;E0`hm5dPxC!{sMN<z^<ImbLex^E!sZj4B!u(l_CFC{GPnNR;45L%
z4%lPU@hdehT_^L3;@L6Au+Ol5$zD009EM1qv1WxGQopnYoD@`lmOP>)59q7fIS2qM
zg+`ToMD)d%o)!G<wraT<4`VpPUZ~R)h3qT-)ER1fY`~jpXbZt@7aBK3vV=%KxVF_g
zh-;pw=}QO&&MDhlS8Ab)5J$a$l(Q^fEH%iV$D<cC>py2Ec#9Va5C@WL2yCs(W6kUA
zd+h}Yl1ea(4w>?-?1e}=yW3y$sm_G6$DQXf4$?Db`O{?($sB<!{NY{wHQ^!KZ?lJI
z3PA11w_0GmkF7o!Ex$<b@Qew(7}s89Q0q!`E}F~NF7toe1L<&x@3ZzpMrFzm2OvAt
zVD$lXBUTn_&5mG%Q0<q}-j0(GM>$8~Q8hO8!P<&7G<nI+%t~1_iv>%t)oDMBh$X^V
zj7H$T-j6LD3Bl&IcL1gsJ<K_&Ku~*L@|T!fnq6`uY(L0@1_uG``P7m1p~#08Y=@{l
zy0p(G)Kfh1H1lZqfeWCUo+#&0mb!i2VDzUftXt3Pz9LY~YEAY^K~SAa@b}eKj|yXG
zn?-*Ny615>M|hgl25amH`Zq_2Uy0w<tKqkJkeSy_CHgm!ALJ0~XnC#x4Lf2Kw(eU8
zFkWcv=SgctPq!xtTLXOk5qi-nxEi{i`yMxVac(3158=3v=@FX)te5TgJ7VO%&$Xj?
zo^-5JON%1{8DrfKaeqWAL=RE6*yDOQTDP@9HvOm9#B#TCsrkfjM6e2<X<wlgy^X#N
zfpENkPI|Th$ltC2WV=;Q#g3^gfCWvnLGjCan9A1uu*rG1?v;Ik70H$A^#IFfpmZy~
zR2}EAC~G086!J|QdFtu(E!FfZmi*je3ndePDra`~K!P+3qSzl1bpWa$apIW8V3KQ0
zj6#6a?^QV`R=Jo#Hy0-X7ip;7X8u|oCM%<7Z?!hcsJW+k><Falht+ef9%X9q!kb%*
zB}<Kha34App%hiJRtOLcWdRxk0jpLg$7V)LhM#9<J7Pzpgk*0!73h`XYlKX(AcnL<
zHhZycej74$4puv-5Ri8+I3%@>6o-eo+Y4u<!-@2`qK&2&u2rAW%|q+46}GW0vHC3W
z#<UGt6cHFFvn8zVkB1q=w`Hg%BdX=VtRA7n3o=L_;kBMNSK!|ne^Pk#xtjj)y8gj6
ztm^*U(o@^0+w7*v>IQ%CcKP^hXeYz@+I)C>o4@cndD!Iiq4U{PyL*`1Yj<&%`{+#J
zT!`*0ncURV+w$LZn&N!rIXl7=VtY~-$F06!8sf2?_eK+a$p^@EG=Vr5L8}tUJJqla
zX4)yQUXqx*A@wP}HzAtgo(F42g0L2lN7RJI%2YzUkzI`yKKa)d%ZBjNyjQ;ak|_SR
zOXFYIHDT@PLbzl`ik*;5rPc^)5#<naFHaGsDX&mapJ+ksd^;8Vt&P=?B>DXk(8Bni
zVS&|~3rJkc1vEIbnNzLJs<yxrD-Ze0Vp;v6E;^v&9R|~c6sSjdHzlxCm^X$o$9{l8
zQ*#TWzb(yF68LEK*fKD`DN=&hZzn6M_%oIm@yJPnVyt`IJd^ns@~^p!y}OAbA~-Nm
z9mxqlgSies*1~>|J`?XAk_2Ba1)o#~x6dK+R0)TgtzE!oFs6O(Fg*4itoQ~_nQ~K?
zqfD?UW#I}aT3FKD@`fVau$*ijVcJTX|F+f7ZOPBYR>F(#y|^MWitdg_*I(_in}v@Y
zHV9wZR4gSJW#1U-W!W0-PiF^z3lJ;q5oHtPlD3OY-#H@+`QZ*qcskP_ra=)hqRn4r
zvjOt9wQ>nULI#EXm6e+n$Kad=HmL-Mj@z^#;+gt-BM#B8zy1oWZ{4d|aQb|^>W*(L
z=L29<fig&mXuuYU%k4`>!WmG%RfdF1=GFuHCdslG_TU8M`-l?cri%pZu#;p!Oag`p
z_*oemC2Ir;jlwr?G?%ER6Uiu0_viOd9-a)Vy_2z)Zb7ME$I*y)mM;4IM-CK>wIPp)
zJNz%qhS4!EtP_d@7!N%>cQwb`u^U<cc;f-OsTwW!LZvXGsr#w;Q8cE;uYH)|tmw~G
zO*>F6AZxlM@9aiaC_=a;d>%Icxr@2S>++_0<pUuyL{2O?R)p(3{U?`kdT91^k+3@E
z&BCdC(y<~OlT`)@y^}JHQ%AH|PJh99X-Nx1O(%7djDt3Y^LJx_6@1`ls&(&iHm?A$
zRHA#vZ*vd6zJbq4jt+1X>|WMkq*DZz8^eQsYd90eeuwo7=&H5hNT+?H-E%apf|A~)
z5MK*xPn=bOeF#s%)7Dbyvx~kQR#G%Q8z~FX`SpuBLjyn0GO-gZSSP*$P@{3p{`VOZ
zF~|C4%~X@tjiF;tVK(cFz=yxR?N67!?J72(!Bl(HXC<I0S45maT1W%HQ#=I#3mZ1K
zH5&z+hiss!tp^r1`JyQ_>T`{!vw>4L(-X|BN%Lb(Ci29qpEbN9m2E$M91`17cPk0J
zgCmkH_L1DBD}u#)728KDNYt3?8ost{3HcYU@5MVBVV2aEyuKaupLqshTw;L!1WF%t
zH<i2x=4mrT3!Sb{Gy??eCb>0@1N(G_%sS9rOaJ&W2C|>aYWfP6exom%NC*-hZSS|q
z%jLkriQ1H%smlqd0ak$NNnM`EnY1C?Wurc1w`8k(G8V(ZUO^4y^L4tE>DqfwFu99x
zIwGq<#%-zwH5y)&A4grS|A~&Ip}&YB#&;(08A%Fd7Sz#>u>_M=7$_1L6yX+YSM~Iq
z(j~TBsGO+AEJJYL<uZp=g9=Jg#}i<5HIwzrk<wkfu$$(@{Y45~icln;dC^FEBB6>Y
zn{jM_chn~^3t|AFn^bT*6hEC9V;+L$eB@#lemPP|4TG-FS`>6jlkXNw-rw$R6R%^E
zPk<q)a_DgLCYe-2akPPAm?g-oe=$zNTZV8VWMd$7Q`@uKH3mSHISF!}6jBg?k%NK{
zBiEBWw!hqd?kPJuvO@VYCsg%VlarEiYMWAeDA@)er<6;vKN48?xF1@q;5t!#AF-w6
zBC5#yGgoi_w`*FZq|0L0t0U5pK$-RKhGZR!iiS{ENHnTT2U;kpYSzh7NJPY(lh;$J
zo&|y(a50az6qGTg`&s_hxkSYjSOPzuc9Q179tvURl6QyWb}IEFK)Hq1ho?VLLM4AF
zSiPxFZT|v>NN}?3_w0DYtr~f+nsEBaLVv~T!&-AzeCSq<qfB^vOekrf*=c5ArpPDw
zsmK9SbFd7gZL}@DN-oR$Gzl~6VMBZUu`OOB@A`|_o@BhC1qna9*fiv`Yq7Rud5reJ
zotMU0B!yJCtQEL=J_g-ixcULjk!h#7#|V?F1ki4C(@Z+^^?++W)GcKm|B~y3U5L~)
zaLD$S%n;!Dxu$vnAqiRLUMv@fd48r|B>ZS<FRnCuqv4Ru?FOTnS_lcmUv--0`RlKn
z?!4Tr*_S;F)S4cce`3juAxCJzB?AckCH;%#N6>kYi1W)8>kYGIa{pX1PuljI>pkJJ
zAJu$FjFY{A?<8(_`+O|yR~+B$LH2HW-=Sp3R(E^fKih?Daev;<^e%zVI3otVoh(@6
zl_-P6)&iUVx;PgSh{(CWn%poQ{JK58N!jAIW&?N6Xn@hs-Mc5zm{&ctF8UBrP#D!l
zHGqO&zqLkj=~?S{JvmEUpR;Z)n%A&Wck)_w{J6Z6zsSPPNv8V%xFIPM57YH>!%VAt
zF2HCBe&~koc~H3HK|Iv7V|~_@U6{5m)GU<SEL+lC$ki=ee&JG910B(6seB|x_LaI<
zscvOp0v3wVwBG~dSc?bV>w!*aXL{7S%DYx51LHc?e>~6_g%4`N*#*J<$(y_mgol5a
zP5r|&QfMbhpI8Xmr+F5;Y3RRgo|janx(&vtnerELAag=LM0L8m0Cv4qI0`&vsc{9e
z<MbA2!OLDVrz?ZQqPEac6a_8X@gm9a-JAZq?d2j<>Zx0~a!pNONjOWv^On^nNX8U%
zse)Ipv(nfc%sN>{K0DPX$jy8`g!o6NSYM4#Lk}5C`=a)ZWDV-f1q0gNvcfiAt&sU9
z@apxARh`Z&y~7k|U9}|y6k74pu~Q$F$wL<1ZQ`F+1B-TbM5j3f?R(_x#UKIz2{q5H
zbrxw4Y=qE!y2Cu@gv2G~IXVG|f+F>|s&gs&hMoQfuDFe#vwZt1vr%qg1S-0nG>hGX
z^3#watO_~2UPinb3anP0JsMpdwP=5nq(Jr%{6&kO0s;aQNF)TP3^dJ`C@fwThm6;#
zIR41S!9+LpqAJc}RQ%;8$RMgtqvc?hkx(+>o~i?0_)`Fa&QROFaIr=0ZIM}=I=B|)
zI3jlK+*)&QdFIySaUSluw2nwhDqMK)mR(y|y9O!1E+Zo!HeskSu4wM$B8xisWbmWm
zVtH=b&MWbfCvG8l%QC#}7g*6f9mh;M*JsP$L}Bf@SZ)}hY=-XXxw}!a#iOElb`ggo
zl7+6Rh>y07jnb*2_S@FqJU$<zBUoPPWG0GINFZCOVwSSRekMRl7OLO>88vC?_{s=J
zqB(x4eN0?knih8WV)NJ>0u2wfBNH~doczser9e0U1gWX8mm4PxIw+12Au0rmasW87
zC*+FFdzqYt4mwV!!9pmaATh7TtPvGzbCBToQHu_ApsO2P={KhoBv2o79^egNH~#to
zZJ02g$7jKNS`Oxhp?KuoCXApd;2S5$2$j^2$=x~v0sxJ?w!yfLsHTGOsEg`SYdlVC
zRaHW?`J7xT8H31>(pJ0<9#vL@*1H;dH}FG4>N}!@SZ)o)C88sIgTy=MnWcwb1|A|x
zRxXTrt&1w#5Ih<HV=b52IUz1NiBJeA2TG=d{o|twYe7MjjJ&T%MQVFN=@paFx;CM}
zo6z$T?$J5eh13-;R2{B2CT5@PLQ4b%hYrQA%|_Y{HxJvzABNf(IeK$7D>ubZ;t@=S
zOC?NxLXMK42QUOaML4$y1<ADOINYkLTbkc@C@kgNk90O$(x1mNRj=26GZLcO)1roD
zQ;sqpFKQ+^aVTV_E~mcQkVI(4RfF=FkiMH>6mTE2N9#a8qbokK{knw#LZ9lc{;1KC
zyq>~sj#_tco5Ei57=Nh9zK(Mo1f(!bKGDwXp*mo-?!Ge(cxZY1)c<{$aB5nBc32yM
zJCb4QUbpw5aHaFux#XZ)|2POdi$j=Xl583JsL_kfmm_Vd;<ne-*zT}(XmfZR{aSqD
z9HomL@j6?#+HCfkcy;~a*y2o)IfC-3?_?>LwHg^OzcA91cw(<ts3>xhLdyEf4)z0C
z1|l8aMF>LZG?-|#uuqx=fCYVyt!(m_eh;zg8UY=8gLx%dx?4n9zF?cuRJeTBEg{uB
z*`jMnictovy9iR1ST|Q}3p*FA*M*YcHoV@Z#A_^HoW7q4v6H76mh7Qcm<C&*qH*Gv
z^i$$y!ET*TkqJytkxu4=lJcUeVtKiEzv1OriRP5;meF1TImrhKBA!X15Q2sfq=Ter
zdse*)@D1ml4{{7I;r$|V^aK@_?){3j{nTPogqJe)rC8auGC8Xo#WYQ<8wI@0s8Gr7
zHpK_a&Qclmy#g|~qS-6;hnEuUr3^!hUQy59ZRw5yp2(lE1kkBh$lx-3iYg}s9oOS|
zV|<WH_3>WW1ZGxQ(LAs85aLIa+?rGt>K)ap>DIP2H_hP$P&N{zb<?3h9k!6`7bw#y
zm{g~|`i4SN4LMQ>J9;x`q9N}?|KW7kqLPdn;8_H;dPIbTCs>49d@h0Et)G!&ybc6D
zQ4w~O9;iM-Ji1N-@Fq&SpaiIIp3*PAe}!7{98u$yC0hKui}y{xf&-Ae?S&S&YgR{i
z-C54Rz&__z?grNOn#GPSkO^Ref*2)=HLP_;hKh_Uykaq(;7pibZJk&hoa7(U1D&u?
ze3;1o)Rt2tlI07-v#wrpUSf@O=`Pp1L0&1xQgl8{Q4Bb?5nv(|Gp7UvN~LQcnL0Y}
z*>7r`^x?L1+zcK!7U7Cc`Eqjjeje`b4~*Q^b44tZMgp!T`Ph2x`kU~YeEOT3srKQT
zkFH8V;9WbT*&C>_-$N@nx##|rZ9@y6SW%Osb6-G35$8fXwrXNr(XuA%l3a~(Rl!~%
zGFj=sW0^Q-jflM+K-MzFf`dujFJ<B7WPjWro}3-E=PJjpAveFi5|*A`^;swiR8dSB
zci3kXCA-ezzyuv{s`A4NyoLlhoddujRUx&hE8sJGAKoDdJ-lV|ZH<HxaBOZ0s3#KZ
ztM)%Ds56aNiDuAo?xdd{mbyV|LBr~50#pahO_b-m+s-{%&88EfgpEU$#3pa8hrgdj
zc!Zd72;n+7t}dFgHWs055uI2p44nC^jNoU)Oxe8w`_eiHvx|KDU^tr=Z$;Q+Yos=Y
zi)b7yf{aA*fJ=F&%q9TfiCa(q>psL`c9#6d>7vvH=##5b%^#`atHmAAHt;g7nYku*
zORZO1bt;P+SMd949QB+k=U#fXcAp$iNCTFBxQ%&Dw&M(Fo~&z&sqME&@eipMq+@Tv
z?Kc#ZYv}tcJt=z~NH`y53OE~ySs@>?LA70>k3=3?c$*IRD%Q^H*O9Q&kjl`GGq_h}
z{PQGxW1cLeRz!LqjL0Ed3isIB=2e-5+hd3kYMEAf#9y>x>N~X~d)hBZ{_&5~Q!g>3
zqbDEzUq=UbzdyR+_};aBRl_N$I;X=5r6t%+x&4XLybh-<_2YeVYex6oCyO{aCcdOS
z8s61P*mUq7S4*^Iy(S?OHsL>C1g8eSAJMCZ5h7_rP^RePUnV4+$?waK0H;5CdB{_P
z3D)f}Je@x0aV}NbHdHq_L23FyMDH2Z0TJWl>ACCZYwe!;Ic|8$VfEC<n7K6=0jQ7W
zUR*qobx0qMYqg??|EbQ0tMq!xhY^QM)))O^j$OQx4Ms03-Zwz_l~CvuZw|>F8xF-C
zV0`zp<AwTb%v)VR|G}!DDoq^^g$|p@dP+0evo0!ATxTRur=oauEXkcn{2&6^_{a*^
z3^I-vEIi_FvsC(AQ);!2r!32&lU+o(y6nEJ9p>~zE5=*fv;U<CROh3QYfmxij}V~y
z*HogaxeZX4#;YzUSu;gS5xh(5-%>aq$r<F<XgAvKXPV^?TeG7Nf$ND7I#=4E>zFCG
z?zNAJkDGzZ%gM>Nl<MwocArnb%g@JblaZvCv*xU){TFaK{Py;(#sg7TKwks75-^${
zL8}=hrC9ps+wM5SnItE$Q;oH|!dnhh_5$GYK>ax3zDi1`k>aY-kL*A}OaxRJcIr!*
zS)0sjK}SCl0iCqdm1X@e|Dy%?S-3k2F=oS|fK^pD6$52`$S=#)T*jxf{52=(>fQ@&
zs2R^I-1*LPVn`-|1wp7k`;W5GA4e+k=97EkhdAnMrk8@<iA}`Cq<5gS#4Dtx4zOi8
zGJRY$8ttI`iFuG}cPQKq&c34sML9zdA5OC4WH2}u+wrBHb$4hcRM#k7AjE=*2#bmM
z1#j<u8No^d)fUpG`>oIp>k4;0IaGW$e_;Niawl_i_f#3f5W8d;jLP?kSfxROqt05;
zZ!=IVu5bF)UFN4V<c9u2w4@=wN^45O_A_RAClj^xo&6Bk;u)*Ly4Ka~s&dS#5`v`^
z$Q5Sq>V?WktooJJGzu5eE^Z8M5axJn6L~j7n{E`A&BOC?@~(Hp$HU|6b6b4yz^09G
zB%Q5hPDeY(%mQRoWA0$_t5iPBmOSEF21>*m-7Qp!JCET)oaU&LI4@HTlGOT>d^HAC
z&W5!oQs7r-<}<)av&))srB&LM=`2Y1#FCW0ULvNveodhh+r|m;omd&$1v^b8B#)d>
z!Q>pU<tbvLy1|EYEV3i_M|LYa=l%C*Ct*8Cr>w^nXogN)zGv1$?mosm7moSLvuuTR
zVh#dL#8Qq+rb*>^oCYMfr2BlEk4+h?Q+!GnRcfR|Rc!j}{JcM)B@=4$PRML>EkJ&h
z+alcP#Q{A6&TT2=@T@7*+UJlAJeaVr1!{QK++4OYCm$4-s;aT#-FGu)MlUgyD=B)g
z#3N_WjwqpN4dqZ*eP~sR2-2UZhOI<>A}Wrf_cmPkFvJy^fc)n@aDYhkW>9foqJ9#j
zVIW4rRVu&BkZQtpGMYFQ+w@=evE2cTqhI0Y)P;mJ(deHM2RW_zzra8@j4fIrgqr;r
zUe9dUCcGY(T|AF-9*dDMyePZTxUD!sUm=yZa<G5IjHbG{D;NTwc&J?}djH*b^Ms?h
zz#JACHg?Jv-_YFy>#N<54oqC2(kD}TYLRfT+S{jsmkQTBA*~iLO30$ju+Y*X;2lW$
zC{OI=^z2XD%*;@iAfwLDgDGr`s~Bhlu8&o5q!-5RTO2p8?~9hs7gjRS67ouu5tpv~
zw39l=fMcgO#;?3JDPbp+wlsxonP&YV_c!cjsP4Fvi$fILTx_oy>fI~c0-99=YyrJI
zd;?hl44*R?xB}0?AaxAa5PO6=GeruF^JBi4#K!FGizj0s<ES&C@ZhuxZ_KM%Az3YX
z`98iXey~#Z=(nLpp4ZM4!_aStVDb^F(K;<HMk6Jvi+2wGATTiDJ*lR#QOmPKLR-N{
z%zfpAY3^tbh=sbi9_rnZUzqk&(fzDsaUf*|6t>f-NC{T64nj&A2G#d(ZNJ%qfO<&7
z{}?>)2l00%r#Dy8xvx8*s5gdOr>5HLv7y6kBVj;w9P*(~k5C!`>paY%OD%e;Rz-^7
z0Tya|7#=Ai2l{1+CD3n)c~G<~JTnZ}Q7v`52hwqRUbR#?hk{R3^agQK@QR0%P&NGI
zG^fDsf2W{xTHl$_+U+#=Oh(*rr9LLer4il24>{4Q96{%A>Vl2cAWSSEw>0=~X`3Ut
zj4Wi8Mc;(ta~x@4x6((`ngv3IrZd`an6&Vwob!-|QP!Y{v1x0&0MqnYKO93wkZ1S_
zSWKBtx02dk>0r>D<OvtiZrnPD`Z;g!6rR2YG5J`cV<(y4k1Dtr7aVSOblP7D_%S!t
z_`<&?#Pnuyp#@_|b)iRoT!k~*^XU~Y%_cdat!NwOXQE;AxKH0m$SNRPTNq?x0MD$n
z`nz(OMGJPzZZfF5U>@<GwN%J=h#xnSwq*(UKWf3m6bv}Fz?^}8G0SI(W1adGkY|j9
z%L!q7tu~z@2XvgKZim&9R6{H!z2e|pa|OQ2={UzUN;@qXStg6WOUDjt-(;2$uM_jV
zem=a+Q983590{iuX!D7&OOhK?2(lS79=(_UIR1Xj>^7b%p^&N7F2y}Jq&b2-f`UrN
zpTDp<MUMd={gCJnM-2=AdDP1(eD4~ZsRNPO-&1Ipw?;M7GGL*MjB4duYaC5<U`L`K
zjUY1O#yPXkSytB}Ak^WZgoJ*L{3Ryf6^L|GFl}%TDVNFjdDZW5v@C;RPl;l1CNG>Q
z!epg~=}U5?a}<yQ^AvlK*u_>@@(2F5y?Uec>VKjY1npR0O;Qi6bWr_T+dgk>mw@Ed
zvvpy9F(&o0HxrPb7T|RdNJ0geo|{-jpk4^8HPlw)nb=BQw6bxk!7Z!MXipq(P&9LJ
zQI+2;ujF>3ysT+o86OEgnVqdB#&6vCM?Gi|4TY*5C=jBU;MhiG6J6ZuJW0vTW1!WA
zwdLCAGSlFhok(wo?$>GvQFgtZyNeI774Bj=Iwq~ghTDC=v3@gHgDZQ^g(-UuR`&kJ
z5TI;1VkzFNuztf7Z#)WEh*6#cNKnufZ<5yj3;EaafB52W;2jWC;jWX-f4LQJ8ev?f
z)4%jJ?_$I0?7mYL{g><iLcS?-$bHuTmyPP5Qi{I4$)ODY%gx(6t|Uas%hgAKqNns-
z$G7*B8`?p9K+WdA8e_w&9jL!eFO0E&^Qc+;JFjQ+4Q_1uj`E@VAMl?x|Cg8YzasBE
z4a5hQ@Wx#gZx)~ifWtwHRjQ_e`T|Q;`RuX_W10FlEQ_lhHmR&l?#KP?JAfu}rHvB!
z0+{@3HsQd==ouUundg?*n9?O7hPdku==P*gL3>Gl&_R_6qxPloH-;jm#Wre&4n81D
z^PxL#_5|X4^;;0j1HuYwVJ>OJ8AXppekeOeBrubDr9gj{@MHP(zHs!^Jb#qu95+8b
z&1jHd>HVk9$QU+tDwpM0Dk;xP$(v{ay(8IUtAxE01xQrX9XsCNW6q(=89H*T3Z)b%
z^_uyMORPwL<;IMU%`o^y#?Bm+9@nBCqEV>syt5!M-NsXQE%>C^Gs{gS^@NY3Zjrt=
z-tMJJUPr&M_LhBiHbsohj*-fU7G-#YN#1`3@Um6G4GomPzih?V7mO(g<nUx4H)fR&
znD``WgB=x&#r1jyQWAX&GJp|@Iy;ebjOPl*W{mSf*SXe_h&SdcPuKF7#%88$8yjF|
zQ*|N>+I^p%IFZ|1Z2wQ0!FngHhhTt`pHTjQWNdp8#jSr*b=&-KId55M3T9gC?>nwv
zI#H6da?)Cp-fm(>O-QJ#PG&IVrTr8Cnggf=n228YM5fLxuz`>+zSYtRo+YQYtrYl2
z(>*<Lng6&V40&6{7z7ofc_@HPWXvEQo&rmV<NavZp8*Z{j=C3GyA1zL@pD{#oEZl@
zWe_PF!&Y5dW2lnY9k>bKG=6*e|4WTwjzZ>5(e%rK!{(HIii?42lY(n_`N1uKL_G0Z
z{TEo*5EV$*!k;J+q#@2<QF;+Ls(AmrQ^3PqTi-Bxy|v|wz62d4c|Wm<n5|66v*!J)
zq6uLDtNc(L-pRIIEAN(LAJ&O2x{7DkwKGRvG=Z8!5F9{NaPg=IPkq&e4V@?$4J>r|
zp9JGzKcmRTm=I^DKVGVW;7Q10rC?}~lZB!eH1ng?r1q~I8U+K_lzI|E>q5N{AzC45
zS2-vXy)dS7W)y%URPVR)#7|RwNc5mW1O#G1^a)1j9VAi-Q7o@vm)t(%$n2fKzf(2D
z|Bw2@poV2ZHSGW77cy<qxUgTJ7T3S+ug5}g-eLl_GjblIdA)UC?}VI?y~v0v5@sS)
zH2{wt)D1Rfk<%d*Ir&ib)m{dfvzrX;7wHfp>Wjx6Sh;aO7ZO?U`H7ATURp1_bmALy
z;9hL?j;wTdT`L>z|D0K-d0H2_(U%-fWh@!PGe5mx)`L;1GlXtZWr$NwusM*oBqj-y
zs(~KVwHRC@AsSAr{0*e^8^|xr7qH(fOtV-^J;0HG@K+YA_*ZbD{Wolv+`nQXRnvu1
zqE)_y#`Nv~Uu@A-^Zz2YVD;G9+79dxpRWo@w0|yiin#1x!@B98eCzo<b9$P)bmL0d
zTRdvdxf03`_vZWUj)&~!^}chraV0tBy0m^`!=^0|C9d<9p0sY6ljc<N7?<|CDh6|E
zP$5t-lB)1FGa4hxOmT2gBjGsOZJgk3#_p-X8|M4*;kOx3M63Z(lDJOUM@-(K_B#L?
zcqs&~iaa8Ex?Y+xn|-dgmY2?N7%nrn$cvl=kqKvYdp<Q(Uv&AIG9y+(bT1SF=(4Sg
z7aflm*GglckfI)MC{0;7((Xq@qzfW~rhVEkYiW=)eBdw%!PGv7kMA8ZQvUT0Lfx0U
zzN(^h4YA+I+}-t(-pup(JM&Mci>q!vZ~Z7E@?PjE@xMg_>SxT6e;qU3xM6D*88DPS
z`B$xKFhGfO+tjSvV3?$Zww8(`nvYz0v(sp|VE~2Q)?Q~QjVtuC>`3gkqRW*~qox{>
zB70VF@bLsoP?u3-zYux&X`|3`anwf>DJ*XbTayNr`m(dL-=7aW4vt7=+9`Cj-Xw~+
zYDQKgA<UGaBPhbOFImk#M^zArChy8rTgIz2O{b1L1H!a*U^&`J1qlQMd5!K<uw89k
zV`>Q%{iJEoqbK4T)r_7O6;tuQeqv!#^)i{QGvcyHaGNT(eqh`ZkD#kW_$*sG$5YVm
z`wCY{bkLnp_Yh_(iRkB??<M}Ehc~U%l(<jH6q>)zMWKb3Y8<*h7O}EQOO5Ohjh-;;
zg?#%*iYXc9cQ2hLL2(i-b5~F%u`(~hd(iwAC~~L?R@jm1pPeLwKa)1b5R9z%Q)^T{
z!_vq0z;nNl7--{8+pi1pSmHVzz-XrH>#;E0>FBX#jj$)vg_l%`Pw%js4w@Ec^ux%n
zLWYF|jhcG~>!^)ZCBmhLLolRba)struoGzgwpYH+jC>`bInQ`XzI_j=dV?YH97FOE
zdhJuL`648qN6LnLg(>k|!$xQ%`yb3d=s95X@6%%Ne*XgNx6AT(&3pg9ZaFQi?@$si
z%W2$y$F?>3x)PX+f8$CJM*ba#8o!5J7B~_wUW_D<f0KXn%{S#4%gqGG^ZZAHmpeZG
zFV#0S#p<_J1ViHWz5M@I+jnU1FBG8>T&}+FD5d{6|5^UYSCsy*&XVute<b^R`TsYM
zlEr@o+I)i>{^9yw{{NqbzFGe1nZ%3oziw|l4Za)vUj8K?tvlhT9C7(lU{~LH9VjRy
zHC}AWmG2+d2SgX4n|TwC<)6$--<ak<Fit<21+h;*p<R9lxA6&W<m6pW$v>5t|7*#~
zVExZ?@TjNw1nw6@8#akX{ryw(m=52ITP0WD1%pAi!6yR0F{Sa#Y$On(y_E!#Nu>I0
z5WgZ9s8xENeX1c0+0&3&mbiQ=vz*s3DJ4s>uo1Y-KAv+D#;^y`mFiDBN_a9D8E_cu
zN=v$%{)r1sL7-aGHov5xGNOo-(Q&cIUg@bw&tVw4q@>R+Nl}xA)Gu5Xw7Ans+yxa@
z%ThF!`3THY5txVkbn3E)KQlVNL`f1^ihtoq3O=CgzXatG&&wl@!sX<#j+1F(nUX`Y
zd@Hb<K5}f=;7Ib4SLG2c$srq8gX86eBuf9qmj9TRM=S@xi~uTZzFqU5`Y(Wxf89;2
z-=UI%3%NZ1jxNo4#L8H!|Hdg3#s51dT73@!R=ARaK8%!i|0e(DE4TTc&4(e$`;Uf?
zAEV%3s&8tQhHpy}OHz;q!RWu*zC-;{<iC-wf!|TZ|8ahJpznTH^?!9L@2P(yo*0w=
zD|z<6#H-(6%YV3Db^n|AAIm>IOA4y|*X_YW-*+m$)QiNx(Ydfk@h!J*lS0cE@v>al
z)I38<KaqDOeb$ID@*`sK7rRCf6&U3)BT|frQ_FH@+Ho3`c8^BUjr2pBHI1oar|(OA
zM}T$arcjGIWw#NuK~Xp{%nDDZ!>Lm0VF-0E^))T~ocL&wKgL=9W&z>wfGDNAb=_(I
z%g+j4>#F;{po(h!TS+u`z>15P=ew7bKAu9_U<;{sWrhN7hFnBA!-DpMClmD}Gd7R(
z^BBU^aGgslz&M#$o!UALrx_n+$y=QgZ-xzu%K2;j(KiJ>uAVVha@Pp!f$e}$px`U)
z@rw-eLIp1L@YJm|b8icnEd?j`O=9j+GdiULxP^@-Dg%{}Ev?*s9{%@G9eTKZ189LO
z*v|3EE&dsYbVZ)#nDkX1{Qs|%yL^lCU$+3Rbhk)%cY^|hfPlczr8Lql;7Buqbc2L+
z58XYK(lvB<4GfObormAv*SXGh_IY`pzu|fFz1Lcw0Sj`+i&X)R0B6gdpMjWIGj$ST
zg2O5JDI3e;J2qL;XH=bNkw3y?stNiLrL5n02QdP9Hsm>y0lJ-K<z&{K;qRzU6+XIe
zaRzJo3%tp|m3wME3jX<BSMdr$f@WL$?ub{duCT$ceoB?KcL0$&qZYT}HY%)#-vb?4
zP_NZQMnzOpn|sGJt51wDM#IvK#aE=z0j7awdn$<}#3UF|HW6z@Yd%`>2^n6;K%x%e
z`Mjl!smoSg?&5fp3%DL0kZ6>dRE`1%Rt!p`p)i0knJxeD<3j2wUNki=8MmseI9$iG
z{Q|GvFu>8L16?}BD$QTWKS&l=P$=WNAM6s%^M<vpkeVE@X=otyJylazp&ARjhh0fK
z(v}XO4mf5>)Pidd#1Q~Qe#{Xato+4KeICXeT>=Bvrq6z!1+2z=8yNaiU_lYst<hK0
ztrW$QX!(~h`n_8)*FJx&*K$UK6{hwc#J!#_)%@mkV`XLyr%hp41ja9qPrOyy8n7~x
zo3lqW|LP0SyL67=WEu8U!Yk7~#rjN(h1d}Xa>;($YAP-D!GtTay5d!iD|d&)AVhya
zfmLcss*`u&*+*D-9T`m5j<~M0K^aQ4ESPa#e35UPi$)Dw*R1UEQd83h^-K7w3XIyW
zvgHD)_)51vS`f_y^#_%l47W%gQ`*)rj;A<+W*Y(ZNBt;OzbnQ{u%$Gh#=kzr(GG|?
zk~f{s;B*>0Lp@G?gOe`W_Pp!gHg=QCrX^G~VA(iGwQW}9J1H(t&PJOe_d|tI91LP{
zQiP}qNcE~Rk%LB=7{)ud<pl*(RASNJa3t0KHgi8<2jS6<Wq>Z+%jefUbUYIn2FyD!
zd-sDQi73bW?ao5EfBZ~f(+tVaVrVZ6%|9PBowm5*HPnl)7h7Lq^%6Go+Lf=5n(<Uk
zYf>;=Q1D%I=;Ad@W=W1qB_rJ0zUqor>>PvIZ@uX1463trDJe?OvOjU)CMXVxfpH<F
zi>7QtZ(E43t&?7Bv0}<PG-U=7ZQXUF8l8I)W(r&8=l<bWe0q7U6z2e5^=lsLR+l`=
ziB>)xOsp^uqjYjAG$57aLyj(&!XJ<NKGy%mUlgCDf;KbmMVtb78_etdRXEPy@$F{#
zpn3CS@uLRHXsoZj+S@s79BUO%jyrT8t4t?s0!{F48v6!$^A67GRK;725|j6T*h%Xb
z5FfouQ?JrEw4$WwVmG9{7=X`t_A%L_o`C(cJm}6R!I8VLZz*m_*^Luh0K4v_VO6ns
zxX~u-v^<Ht<Cu1}j!AR0k8lczjA?Z(i-sCWf+j*4MOQd6N^!5DI5AYKCf91Kfii4^
zSZ(|MRI@`Ivh=30Ao@MOF_F1lXy!G$n%?7fGd`cnK1M6hBqbP_Av+Wk#_m7>ctaW0
z_1L81n9<-{WEO10R_a^2`DkXux-6FySQO&Uuzbzl&ASXrk0TM6Q$-^e@cW?&(h@=m
zn;7{F;gGWIR61$=DOPTeS(3lj!^gs8r@)S^Z2tF-y&Cjo?VxAP-hy?0oF6MrT3P*T
z{bYk|X@{Eb!;{mmX4DdX&xE%5kgAN|qrH#C=S1YrTGh&xwvoy@xf8AqU^ui4wMw!+
zwScHQ4eo58yW^KN1c~{U2R#1doc^3w!U+jmN~8XsafYz@c%ZVT-k)=R7FFUFS>j3O
zp-vcsx{xH?n+|Al;q9v69+~J^7>gXQw9nJ!>@!}Gy>bFpziTf6azab=w%kgDX!e?Q
z`%Jg-HdlIH<<+;!5of8NcSnX>L!N5F7=NDnmpFUxOQfl#3ZFEWjmOTgaGU|;Yx31V
zG|}8P-D;QZH=;_%`w`s6HmUow>xCFwTV{TLjWdqF*$Xr39t9|WXo#*IdHo5DSX=Bs
zJWM!=zOLB7aZM!_lUZS&^RzNJ@r$MRKi`omSN?9;CJDbL)PP}f?8p(Nxs$^u6CNeN
zw;0My9I^ZSEsW4UZCk(W#7~($qHc@$@+GtZ1%i-_)z|Aap*5lD!dXJwGWHc6=g(6?
zfai`%!k>LZt|J7NkI@{7=b!`&d|muq7S5CNj=rX*$ZJm!al>lyNL;4T+4fQy=6sf4
zGZYKCUkz8<th~1K_OWd=boFn{^F8i^V)9o!JQx5Vei}LDjqQ~`Q_J+GjmF1^mofIO
zJ<nS75Pvn`+j$72a^vQt&#hYJwjg{@72y%m?v^@wdm6peq>=Q9Z<4dT^S4#t%18RV
z)#aouZY}>dui8u}NA}vp-gR=m_YuX{_np@br!#J#nkgv=xYzF&FXk(E<x5k!?Wl_-
zeHrlf%8MLSL?&1nr;$+IH9;R!4t64t5*Pt=O5eBp_*|WyofGfFd!|Qxi<@16GI3dS
zov-~@X>V@#&I)`8!8rV`nGXRHmwSO8ah>9qTcFdSkyoC>lXGy@ZAZvb`r{}xTiC<~
zO5jS_<>oprZ!_H~XtHB>9(K&!PwsEt-eCp}UEDgJVjh{EOY!D^OsT5<a?@}X<Ha4o
zV{~SId~9ORZh|ZCe6G6>u`S<LSr+50*l67Mi^N;`0*UotxLL8ao;Ea9;hXdc=;2j{
z-`+Xk3Z;n0muLT2q*6{c{LVgmdtH&*Q1T_)AV7rDU!}N9*Vyhk^h{NZc%)fctdjBO
z{1Q`^NQ$F0+R&e+IZ^-{%j{k)mUF!e;P(uN)+a@|kJQt^9SBKEi;m;_P;>CSZfKiC
zH0m$uC>FJuHL1{$9S!mGpC<G3nA<%A+utw;lVEQ28MI>mI6+MpQ4^mtaCnjj<#?0O
zS=fBEHd-FqkUiL1S4UWj;Gaf8y=bZ=UpvF;9&Wg)a?*18%{{K~FT)5c#3EQ2i3=4|
zw%g0y!jmJ1ew<)V?bheWT5IWEM$Y2Ge&Q*NV@IfqXkPI`v^$>uq(~LvdHYOkn$$^w
zQ`JSDs9FwbudnfVt)^V9N?|sCQzj<-%?ETLA$WT%zg%LDl4^>J*<}K}O|M&(KR5|V
zHk@W9k|vH2W4y|QxjvadlpZh1E*sIIr#yN;7Vm4?TgT4lh^AI=!!k`s^C<NOZKEF&
zd&Z=t8wPn_I4S=6<fI$hK{XJL#vjiB)kvx(kt!(Q**;FkMM-_5RHCc;^KV5wyK;Yt
z;h!G1yzf9a#!F^*wJm>T+vnt)nOrE`e)Pp6UjqetG!hZ~*K1XqblgD?WqJ^QpUi5#
zY~HD>0eJn!!OeJfj#(0~sqT_8r>RL^R0h48+AySw%x!EOI|`WXF{nwdQwbb$O4PJ=
zkRq*NII*r7KQSc7|1hgg;S)+qBGXe|gw`Zw;G=Jq%l^x;X;=z$4WBih=AIQvk9keX
zgME||+jDSulnvVZnMfuDgM@pMYj5oClCd>vv$U^$zMK7B@a!aQ#JMY0>huyP_-VD{
z_6BQ{h1+`E)3R3i=-s!YJnOC>%fUnVJr3f<7J{d4ZC+e9Q%TN0NkWX{kv(pJ^x6PJ
z+=5w--Bg1XE$VsdXX1;XRH6A_8L+G6mk0h>4FQYQc+Z-YT7iOh&NzY%pO?d5`hnB?
zjydD(5e4wZ@kiwsYp*#(GX@Q+v;TmeMmjNoWDn@sVY31l+cM}w3LuM%$y6t$6nbx2
z?ns-*UVd%W=H1Qxnl+NGHz-V2mg!4HMM0w5cy29<zRlk1tTzhYKX*KJkYpN_j06#z
zlTvuEL~;{5>ipNjsq~jL@@}AF0bM)$O(}FSDP_z2cfo8{!?N@mSD;OBs;7RKQ>o$O
zchn>bpFgc1IWcb@nYct#9bpgG@B&jV1Bz1~9H9FGLG}Z%>jrO)C)0j-otZ=ZqsVU&
z9sTbWlx5op!=w)hFNvV|D(G2n42kDi27#d$&-}csEB*E2DU*j;fYQv<vB&NGo0&rH
z`uA8aIK^*?$am4P@)#H+es?1L=RO-_@F}5H+&rMVRDNkw#6T^S>?_;sTpRE95E6a&
z^{P~&o1>^#qHr%?CLhQZ#C%(j(t=hyUIFTw-8Ct}@=0cNav1)GynMJ^Ay@8UoS_Md
zqT@yTn|5+4F>Xl^;JW?qU0W2D(jmRSUENOC21<fa#pQ9f2gWd~Z8J}a2r9pN!P8Om
ztKBfO<WFjfpl*ZS;2sKPX^25gvo>?h4>G%lGQ!|>CA$F%r++Wo<`afHG0|T`vNLn*
zDeZ^$s;qr@@ei2@tRE@)13!UwBcakGhz{_XMevt05j#X=UHHn=rkz={w6sA|@nsDG
zIdIcxRYzhkaRCormGa{KiR+V{QRTApFFFG;pq9|epi-+@Nmc6j(lu_Kj&k&DDot>Y
zPN2x}P~;)Q+YJ!&*(N1;i?10vvXo=5XITkb^pibo<~P%qb6INXRnjS!;@srK6kX@n
zyL0o=$(QgG5oDrMQ45PNR5>_xWUAt9UF_Q2imdyP`_kWBKXnDuXzIaiLk3CE-ly~n
ze5T4Mcd3T5+O}dAhB9Wg304%F+Fa3NG6}*)kF2!9#;71M(D-Dv0I-QUkTF`5OdpHC
zmo`S515%q~Fr^e~@2}4@Iu#Urr59Y!q5+T6CQpJSl#zO#3WLB;RPROgj)OzF-HW7E
ze+5la_UQ*KW_8!q3~!_**yF5P^D?V-h({E5&3qypC3kh~-OSx~;I=Dv&AXNkxI-Kp
zV6ID<R!VIUvnzo)%TNtpzP<l$;sPNsbHPiDTy87pQ^4VP*ztvO<ysbnn=2u}|IZ4?
zeWO3IHUxzaMgEWBy`qI6^KX%U6>dLT<WZilYeWkMmdfgMz7;_XQc4alYtn<6j6SWq
z=T;)($@XhGd0pyVZjJJAv;1h94R&h<dq4DXxf#x7msK_;S1WN{Q{fVGdGJmSlOwr4
z(ESmsvIaxmL0dszquz5}yP~Xr=9wZ+_G?g4(SIpGJww3v2Gk)!QqyVkzNSKkUs`Vj
zy(b-SeVMcFeOYmfA?Ku9RIeQ(IblY#OPTg)gh^mni}Mdd6;IBZS|)Muxg3{Dce)Q>
zqtbh9FqbUcv$^%(aZp>$jXQY|2<vWviL}K4T&VNhz=DJ)`3L1PclYjYKZoGIye=J4
zzFl)Xs!zPS#V^c+u5yApj)Odq+0I9|dNPx)hld6AcaT!SmZ_vsLGkH+Ro~%j`Ly}2
z=S$J50%k%1J-?4kKV()}$i_~<5v6VST{M65MkY%)gk>4n-ah7vwm$_yY1lLg2zTAH
z_qeCHSUz6=8|mt}`ER5vwp2HL-Y;WA_tA8@&w3v|FJW>3X`oyKzYFi~CwDgZzebnA
zD|~kg8iM~!f^uH`XA-ov)T~gQT9C8qU{B4GbSHw;{_P2_mUmM{2O6zd7%;wWPV|Z?
zE2f)OOK1$==^OOe2L0o2h41h^y+Ok4@Yq`2HBlFoe|>>zvSnRU9>EwL0G1Mg=%~%Z
zc_~9kwNc0`d5_>1*do0k{*W6o1?RMa_BUm3DPT|L){cqPtY%R?OKDaznmmAFl*oyB
zFLveVX;5iKET(hHd<HM5&bf0o5xSlsLn{5_Yo$K>F4AM-5vK|th*qerdjhtCmm{!K
za{C$*j?iD4llJq7;Cyjr7umZzMxg}=0sOvB;q-vPw-(02WL%TtzN%i@5ob=PoE1xo
zWQ?^z47)2$bF;($9q4GAMZy|_h0?8th|9`<g|`b?pO?Uv>u8*Y*0dXZ%i<I>S>8_)
zO@<2;!7a4b6djlw1BhS0kQ$b&q;aHNUUXEs`<y^he;R%MGQmh%vM|2(Loi9uhXX~;
zANEL<+cby_G>uf^b5gm6>kdeu?(N%nEDMp5nx8=X$;bVD<)>7~ab+))`XwLl|0Fu~
zc%LW<FWkM3N~{y$uA=SQB_9uSFdi{6yZjbvA0@Cluk8;JJ$pqmGBc$$5RgzE9Vi2i
zffSqP)`Fnh70S+z$RAPM*af)Unx?Xxt5n!`F3)q8u(}wWK!SW}JCv>$R1UY}*>7Xk
z^oxF>!~8q@odR+6@$xT+*%I02*vO1i5-ZX~NLzVaDDHauaV-S%R2Gty)uH%;j^!^>
zm4#p*8<??WE&G}4e6;^88Qo#Wlm=xKg}-@2*!WvF(LL{zQM#tivY(<0abxTRnsKxz
z6B{8Ry}x(18dJ9UuqlfJ__8hQ(MlpzvR+(*k)Nay$;e6r*k8$)JcKFU)tmxq9&c9e
z8*W#};4SCZ2Ya{XMZ=e;VVAPC%>(p+_4}$bCr?<`nrW<`USX9#OvR;fe6&^P7V!|7
zWi$|n8=wG<Y^O_ISD@g$s@^)VGubiq2?-qfbqLSd1NeAe43idl+E(X!+?!44<Ai0b
zEH1kIOw<8py$T5_9O9ZwF|Gu>t!ML$VVI`qt+V#kh;Zp|ak2cSe{3gIoF!1kkZcSa
zL|N@9DW9jzwH=!;-d)56ZZBcFwm1YWyeqzql)U;=(6o{uilxxtdg@QoN*GITxM(F+
zqh<S?h2weoI0}0$m>%=#)1Z?HeWatI;d#8=7~1BS`41J9PTJ@0{2vuH1J#rFJ5JO%
z!NJP>$;Jc2-+43CGXos)JY$~hEZTwsSFO=&y_9?{d8|>anDlNl#n}>K4|+h|oW(qT
zWgInS-p1uRy<ITkGdBDEvplF$2mq;H3|KAfR(9x;+m-ixlmE{+4{4Hv<F4k-7UMuU
zFvn09!kNl5?=>4J!x%9!=D<#tbi69)lhAkE&2n4|HQZVu_C&+};!H1gF_kAQSD<C@
k6|C^;#Y&gV1qtQSMCgUt(!=9F9_=G5q0Z_vQ`Bew1#`cqf&c&j

literal 0
HcmV?d00001

diff --git a/assets/elemental/elemental-104.1.1+up1.5.4.tgz b/assets/elemental/elemental-104.1.1+up1.5.4.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..1d393d803b59c09bb592eb2673a1ec3776ca8be9
GIT binary patch
literal 3456
zcmV-`4S(_<iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PH;dZ`(SO{aJs-K(B{3dzJi=IO!T~alN#+ufV=ENO}*qC>{b@
z8q3^LqDoRuy?OcH4<z+%#dbcPleaKiAQnXqXGWai%y39#7-OOc>mARCQ2v6%?AZgC
ze!t&8JUB3a`~80V?_jh)cs4jVJQy7u4M+Xqv;JUzFzP>p{zD_uRWhlFc-Fu7SZ(6|
zB!wgiS42^s$gu+u5Jeb|{D3IM(5JjdGQ~ZbNJSVMLpfc%K!k5&qJmjxuK<OjQ;Ojj
z1WAG!iq2*sl_?_&FCj6G;bQ^3v+cKRg5Dg3q&ykJi+68f;1BoxzSn=z*<QnxDG6{4
zw$iJRmkX&d?(D|p7#K~mADwSg6fsrOThmJLISo;I(OlGcR%<aIOi+<QXYZV0O<ITk
zUp1-l28RBie>2qr84`&(M=OeXih?NK{TXDyQyfD~5)zpXovqYDHwsuL6$(#r-u<1j
zR4RcauJ9lDBmcl5DgCvmnGYS3roT2DgeU_+Q)Q~kxc~(-;h6C(gcG9Z9O3gh{8FL|
zQ!e1xA_gZsMCm&;&|qdtrE=Ws33BO2RL!zUCQ$@DQJ5${;Bmq2UZn_QLX#fj5$|aj
z)vWR5JaSrmbt)qJ2mZhx{AZS0Y93p#H!Ky|bHXx|f5ZZ?PX8b7@3-~;!C<h{|Jx`u
zCJ}1Qk8!FNrMB*+B$GJa_qB==m~u%K7mG2tMT3|M!3BoivW{^b07arPxJDH8qZ#Hj
zW9*bO8Z5@}X?nudsX(c<jUy4mPX#8M4yQXAxZWhAEW|sE8_Y<OAR8Ag^?(>rsl>vU
znZ#}l;pN?y#&dpxB#S2~fKQ>|hNg$nfJjgrLQEN7I7QVM2D+2hQeWk7TGjnnfJ8Az
z;rwJDtqvRadT+Gm((32kf4xbGl$TtD@5XO3!QPGEq+F<X8dSjJn1IBT2%<0qMy1l&
zgj}mN30we8frOzzDN%x&5e1i&F-W+AOd_Zm+L4`vpIQtC!y~`1|MgzK8uY85M?-&b
zXdVW`SA)Omr`PuJ@Rcv;!7D#sEqulU!W<`Jd_q`mXeeerH-KG@Kj4&POr7QYAA@Tc
znn?_SCu{+9+T9YUw6oVKzTN){R&>XNOc+9llPm(BsWh{zMY$fDH)EI*Ced*c9^yGN
z3=|g{Ic;=^1Qp7rZQv-*G=Rcx^57dT3PZy-HKY~8jKTf*JtJny02oy}2G_u{RXCku
zpvG{*&x09;8N=<YAeH`C7^jRVl)Z}?vJ{2%Rr(-H!5aPFKN=ji^#5pdaJ19^+bCC8
z9)vih34&{->msz`bx}x@3*Pm$qZ`sG_`g~+!Af#r_I1l;(Jd7;QB!dLL-yP|0YE0P
zd~hp#FbS7_J9UZ*5-u{q?nwsFBw$&%icLP$@vV(g(@U$F($(-b#NYn=cga6Vsa}I<
zfDdC0u9N@$CHX%b?(gJ(E9Dza!ZEx*{d8`>c*9Mr9KyQmy6?oONJtdXE1z|UuCBm8
zv#zIqLSodCAX5x<3yFb1b#k*qS~bZ1^)@t9tw92$M9oeGPU#QK7v7rZ_GfXro>1wM
z|A3_QLQF{TK+fP=`9EyO{|@_uUHoq=r7rH~laox%xS;<swypo|wY1?X$0~|E$a2OR
zc4&c`heT593Ec{SkqI(sP5r_j_~GS{NfZf;h(b?s&*~d(EGv<r>xhgMQchC(H^H-1
zj^V4@5m9r0Gw=mUo{0cWv%ln(a}<-Z;;|Y2#7d|9Tle<CLP6`~|KRXw$^IW6?BstN
zMH{wLAW2x-p!wHtKl>&?vQ(=`q!;G88d(+ZwpzqSZo|*#d7onoY_&$o+t@d`p)h5L
z%F8YB(%|4}>6e#r9c@x{5_Ek%?s%7z1&{~5GpTs2y#Q@#-^tK^qNP**t&+ab`uic2
zz#92KJXnhV9v%)xJNe&6dC>L$MTZ;kqFBZ2Yq(j`UDv5E*rqPv$&^MhNu^V)+qPaH
zQD}aK$T0sIp)!9NmG(!PZ%BHOrD4(G(o}9VJkBvuHxHd|4k_i~<B*^S?lB%U2iL=F
z-d!r9GI>V`)|-1A;`6Wt2?Cz2`jD$|xczXCO6x7YR@?Yqh8dG!Mw2!{o3f~5;lFVR
znrKnuf^LC(cf{*P#&(YXAfqm1zW4AnnNp#*k~cTwb1y9N;Hcenc~bmoV78rUV+?36
zjSc%`n9)FL%TpvDJI}|+?f9q0nHF}B%AzOAo2|%CnL6-9m{8$!PwI_BylSLLmV|5t
z*-Nypr?6|6po>JMXcFDgw7AhVSsqAxtrMDr`CztUqwm~8;;~(`t(0~C|3%Kq`@{j(
z#{WjG`2VoK-{0kbZKd4Z|Nn10F*e)`)N|<!r@B!g+A9Wh0G8toEB6|+$v-hrCd^=a
z=KGoNtt+^)b0eg9b+x?pczx~syJ~|j`L{`GMxk$G|9^kb?=S8Dk9Pb2TPbz<Cuu4x
zQU6fRf?MwQSILdFz<QYkY2;1TQtSZCF@nF>b_unPNN-3MD5h!NwT784tN~>e9Do8}
zvoFaLMYJbZ_Voahc?HPJ2|xLKaeDUo|Nc?FD6{!$#O8^UmR4I@c}HpceF6XHFJDeK
z7-41q^Sb~j(uitRt2Cx9OX;<4Z3y$yZ#9AIYq#0mj8J^lcFL9y*VjuRs|4ZJ?u~t|
zNCdw_z9|I0J=gTUJZ@0OpNL4-zj0%JbbL0OM%rMz=gr@a8qcQDD!%GQ<%(0QU6J-u
zbu3Wy46)7LkHkfdR+Wr>cf86h@SAa~n%oaRFU=TB&5Ue)fTe+26S#yc8wSS78d=fP
z;F79YIY2FexN6nPDz3UJ{tpr}@ZonzXcA(g;B^ytV~#D2R?lm$nzgf??=aqDuV1@z
zztUy@*`(Nq+Wp-m|6{bA|GCTm*h<+X-E)#rrf5<el4zXMbE|`T@57iTHV)1OXqU}(
z@&leH&GVhjrn$ZOH#6&&c9t92W7YXmf%aHM!bMDy)vo6a`_CIi=3e~eMKg4yD<1o!
zJz(jQ|K=|0{dK@P`5z31E%`qh40iIrmC`tsTeyC$*vV$@-(yp<D|abf@;@hxhD2d;
z?B5GS_y@*+hexAPJN`Qu?&7~&DK`HzQt*;t0xuco-?9|kRiR)P+*(-H1y}#y+k?J!
z5U#G^IZ3I6@mmOKpv=nMm9kwVh4y~2yXc>aECUzZ<!lW1_HYW<W*J_U$Z!v^Uvhz2
z0lt)}&4)Rw<q}ko8yN;00n0ONjSp+!G&bjN1EQIvTZh%!&b|ZC4rrTzIWN3(7u;&^
zRCmm$pa+5^5t^C!3Z4fd)YH+<OE33h^Vm+p6})`zACr_!D5Hv^^xvO;$`O?Q&qSJz
zdu7Lb0Q{a&fg!kO#joSD4-$w#h^dq`iF`OUYb4}~)SRsjxDY5)Zgx*}7YJrVD45`s
zi?XSHr)E^zm%dw^{Hwd)^=C~YpZrr(S;#O+DgIEHSTY*oYtos|a!dCEPH95(`R2k)
zb28EL%=NpDTI_YPut1>6Bn!(uHrLFQn5_T~`VBXmIWGJTQ$pEVy7N0vH0?AA@kfD+
zUl=Za?UoyGb*(=`7W;D6xG%+R(}mv~@Sitro|~pa<>r|AAZI*dAxscrKF1IgH`5@&
z%Z|XbUTS4?LS$(qNLbE?qUEY7af{=j)%t(-@%@KiKKgO^;A_k}`~Psiz5g>D?e>4S
zQ+}#><)4ciD}F{6gNdj*&X-aN!Gv?A7ok)FNjfGkR2zrD6Cm*Q%wC<5ANUZzy{zuz
zF)z&h8X*s4dCA6Jk);Zmv~wQetH!75n~Uxqq$K!8BFy6!!grkG83x~gXUg_lNg9Ma
z$joc47b@_TQqqX|bxg}w1;vIhp1>&zOakof0Zq)%d^)88C9IA^l+h438fVYnnm1L+
zKS@(hAPHl9XdSRN{<pOMyFVHYck;iDQj>qjspjfL&?GW9))XSFXSFqu7P`8yXh;&~
z@@HCnJ_kO9iLrrD1Jdv3RH%$F`Y#O240GRc{)Y>Qt;sXxA~s^E^~Q`}R#)X{O;cM?
zt!{V)Q_h%frlq`;wc88yp8weVf9z7p|Mv`~v5+483a~ZuKR8-C|8+1p*q#5{N-4kk
z*zsUa1SJ!OV<^r+=KHJ1<>AY`qCBFlYwFtpr}nnKrr3Tyha5tcXkj=1-6Fz2?rdHj
zz?^W-(8T%Wj9*^JY*HY8L8oKTxHtfjO)GP|K<SZc-STMuGR4*Qbw%ne?*wb}<UGZI
zP8UX7HBc+AA2T;n5h}chq$!3V15AjZT*889kf8M%@{164odABB)F4=9!b^z=8>l@(
zMMP3FYKV$ZhM`gDA`1*}_AC{a^-}4zz*MaGQt+wd+q$pN#dSrZ7SGEo+-~A#7bkN*
zC=#uvpc6OvQgmBQK^^}h*Q3JQ?2#?Y#mD+RWQ<3VHg0ocu^OgvgI;Umm#AAv9}J|w
iTS#tg@|RVQty*?vS9axzm;Vm{0RR69R0!4pTmS&$aK(=R

literal 0
HcmV?d00001

diff --git a/charts/elemental-crd/104.1.1+up1.5.4/Chart.yaml b/charts/elemental-crd/104.1.1+up1.5.4/Chart.yaml
new file mode 100644
index 000000000..5c0990f18
--- /dev/null
+++ b/charts/elemental-crd/104.1.1+up1.5.4/Chart.yaml
@@ -0,0 +1,11 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: cattle-elemental-system
+  catalog.cattle.io/release-name: elemental-operator-crds
+apiVersion: v2
+appVersion: 1.5.4
+description: A Helm chart for deploying Rancher Elemental Operator CRDs
+name: elemental-crd
+type: application
+version: 104.1.1+up1.5.4
diff --git a/charts/elemental-crd/104.1.1+up1.5.4/templates/crds.yaml b/charts/elemental-crd/104.1.1+up1.5.4/templates/crds.yaml
new file mode 100644
index 000000000..5501439ab
--- /dev/null
+++ b/charts/elemental-crd/104.1.1+up1.5.4/templates/crds.yaml
@@ -0,0 +1,4079 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.14.0
+  labels:
+    cluster.x-k8s.io/provider: infrastructure-elemental
+    cluster.x-k8s.io/v1beta1: v1beta1
+    release-name: '{{ .Release.Name }}'
+  name: machineinventories.elemental.cattle.io
+spec:
+  group: elemental.cattle.io
+  names:
+    kind: MachineInventory
+    listKind: MachineInventoryList
+    plural: machineinventories
+    singular: machineinventory
+  scope: Namespaced
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              machineHash:
+                description: |-
+                  MachineHash the hash of the identifier used by the host to identify
+                  to the operator. This is used when the host authenticates without TPM.
+                  Both the authentication method and the identifier used to derive the hash
+                  depend upon the MachineRegistration spec.config.elemental.registration.auth value.
+                type: string
+              tpmHash:
+                description: |-
+                  TPMHash the hash of the TPM EK public key. This is used if you are
+                  using TPM2 to identifiy nodes.  You can obtain the TPM by
+                  running `rancherd get-tpm-hash` on the node. Or nodes can
+                  report their TPM hash by using the MachineRegister.
+                type: string
+            type: object
+          status:
+            properties:
+              conditions:
+                description: Conditions describe the state of the machine inventory
+                  object.
+                items:
+                  description: "Condition contains details for one aspect of the current
+                    state of this API Resource.\n---\nThis struct is intended for
+                    direct use as an array at the field path .status.conditions.  For
+                    example,\n\n\n\ttype FooStatus struct{\n\t    // Represents the
+                    observations of a foo's current state.\n\t    // Known .status.conditions.type
+                    are: \"Available\", \"Progressing\", and \"Degraded\"\n\t    //
+                    +patchMergeKey=type\n\t    // +patchStrategy=merge\n\t    // +listType=map\n\t
+                    \   // +listMapKey=type\n\t    Conditions []metav1.Condition `json:\"conditions,omitempty\"
+                    patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
+                    \   // other fields\n\t}"
+                  properties:
+                    lastTransitionTime:
+                      description: |-
+                        lastTransitionTime is the last time the condition transitioned from one status to another.
+                        This should be when the underlying condition changed.  If that is not known, then using the time when the API field changed is acceptable.
+                      format: date-time
+                      type: string
+                    message:
+                      description: |-
+                        message is a human readable message indicating details about the transition.
+                        This may be an empty string.
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      description: |-
+                        observedGeneration represents the .metadata.generation that the condition was set based upon.
+                        For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+                        with respect to the current state of the instance.
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      description: |-
+                        reason contains a programmatic identifier indicating the reason for the condition's last transition.
+                        Producers of specific condition types may define expected values and meanings for this field,
+                        and whether the values are considered a guaranteed API.
+                        The value should be a CamelCase string.
+                        This field may not be empty.
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      description: status of the condition, one of True, False, Unknown.
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      description: |-
+                        type of condition in CamelCase or in foo.example.com/CamelCase.
+                        ---
+                        Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
+                        useful (see .node.status.conditions), the ability to deconflict is important.
+                        The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+              plan:
+                description: PlanStatus reflect the status of the plan owned by the
+                  machine inventory object.
+                properties:
+                  checksum:
+                    description: Checksum checksum of the created plan.
+                    type: string
+                  secretRef:
+                    description: PlanSecretRef a reference to the created plan secret.
+                    properties:
+                      apiVersion:
+                        description: API version of the referent.
+                        type: string
+                      fieldPath:
+                        description: |-
+                          If referring to a piece of an object instead of an entire object, this string
+                          should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+                          For example, if the object reference is to a container within a pod, this would take on a value like:
+                          "spec.containers{name}" (where "name" refers to the name of the container that triggered
+                          the event) or if no container name is specified "spec.containers[2]" (container with
+                          index 2 in this pod). This syntax is chosen only to have some well-defined way of
+                          referencing a part of an object.
+                          TODO: this design is not final and this field is subject to change in the future.
+                        type: string
+                      kind:
+                        description: |-
+                          Kind of the referent.
+                          More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+                        type: string
+                      name:
+                        description: |-
+                          Name of the referent.
+                          More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                        type: string
+                      namespace:
+                        description: |-
+                          Namespace of the referent.
+                          More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+                        type: string
+                      resourceVersion:
+                        description: |-
+                          Specific resourceVersion to which this reference is made, if any.
+                          More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+                        type: string
+                      uid:
+                        description: |-
+                          UID of the referent.
+                          More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+                        type: string
+                    type: object
+                    x-kubernetes-map-type: atomic
+                  state:
+                    description: State reflect state of the plan that belongs to the
+                      machine inventory.
+                    enum:
+                    - Applied
+                    - Failed
+                    type: string
+                type: object
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.14.0
+  labels:
+    cluster.x-k8s.io/provider: infrastructure-elemental
+    cluster.x-k8s.io/v1beta1: v1beta1
+    release-name: '{{ .Release.Name }}'
+  name: machineinventoryselectors.elemental.cattle.io
+spec:
+  group: elemental.cattle.io
+  names:
+    kind: MachineInventorySelector
+    listKind: MachineInventorySelectorList
+    plural: machineinventoryselectors
+    singular: machineinventoryselector
+  scope: Namespaced
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              providerID:
+                description: |-
+                  ProviderID the identifier for the elemental instance.
+                  NOTE: Functionality not implemented yet.
+                type: string
+              selector:
+                description: Selector selector to choose elemental machines.
+                properties:
+                  matchExpressions:
+                    description: matchExpressions is a list of label selector requirements.
+                      The requirements are ANDed.
+                    items:
+                      description: |-
+                        A label selector requirement is a selector that contains values, a key, and an operator that
+                        relates the key and values.
+                      properties:
+                        key:
+                          description: key is the label key that the selector applies
+                            to.
+                          type: string
+                        operator:
+                          description: |-
+                            operator represents a key's relationship to a set of values.
+                            Valid operators are In, NotIn, Exists and DoesNotExist.
+                          type: string
+                        values:
+                          description: |-
+                            values is an array of string values. If the operator is In or NotIn,
+                            the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                            the values array must be empty. This array is replaced during a strategic
+                            merge patch.
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - key
+                      - operator
+                      type: object
+                    type: array
+                  matchLabels:
+                    additionalProperties:
+                      type: string
+                    description: |-
+                      matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                      map is equivalent to an element of matchExpressions, whose key field is "key", the
+                      operator is "In", and the values array contains only "value". The requirements are ANDed.
+                    type: object
+                type: object
+                x-kubernetes-map-type: atomic
+            type: object
+          status:
+            properties:
+              addresses:
+                description: Addresses represent machine addresses.
+                items:
+                  description: MachineAddress contains information for the node's
+                    address.
+                  properties:
+                    address:
+                      description: The machine address.
+                      type: string
+                    type:
+                      description: Machine address type, one of Hostname, ExternalIP,
+                        InternalIP, ExternalDNS or InternalDNS.
+                      type: string
+                  required:
+                  - address
+                  - type
+                  type: object
+                type: array
+              bootstrapPlanChecksum:
+                description: BootstrapPlanChecksum represent bootstrap plan checksum.
+                type: string
+              conditions:
+                description: Conditions describe the state of the machine selector
+                  object.
+                items:
+                  description: "Condition contains details for one aspect of the current
+                    state of this API Resource.\n---\nThis struct is intended for
+                    direct use as an array at the field path .status.conditions.  For
+                    example,\n\n\n\ttype FooStatus struct{\n\t    // Represents the
+                    observations of a foo's current state.\n\t    // Known .status.conditions.type
+                    are: \"Available\", \"Progressing\", and \"Degraded\"\n\t    //
+                    +patchMergeKey=type\n\t    // +patchStrategy=merge\n\t    // +listType=map\n\t
+                    \   // +listMapKey=type\n\t    Conditions []metav1.Condition `json:\"conditions,omitempty\"
+                    patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
+                    \   // other fields\n\t}"
+                  properties:
+                    lastTransitionTime:
+                      description: |-
+                        lastTransitionTime is the last time the condition transitioned from one status to another.
+                        This should be when the underlying condition changed.  If that is not known, then using the time when the API field changed is acceptable.
+                      format: date-time
+                      type: string
+                    message:
+                      description: |-
+                        message is a human readable message indicating details about the transition.
+                        This may be an empty string.
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      description: |-
+                        observedGeneration represents the .metadata.generation that the condition was set based upon.
+                        For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+                        with respect to the current state of the instance.
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      description: |-
+                        reason contains a programmatic identifier indicating the reason for the condition's last transition.
+                        Producers of specific condition types may define expected values and meanings for this field,
+                        and whether the values are considered a guaranteed API.
+                        The value should be a CamelCase string.
+                        This field may not be empty.
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      description: status of the condition, one of True, False, Unknown.
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      description: |-
+                        type of condition in CamelCase or in foo.example.com/CamelCase.
+                        ---
+                        Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
+                        useful (see .node.status.conditions), the ability to deconflict is important.
+                        The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+              machineInventoryRef:
+                description: MachineInventoryRef reference to the machine inventory
+                  that belongs to the selector.
+                properties:
+                  name:
+                    description: |-
+                      Name of the referent.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      TODO: Add other useful fields. apiVersion, kind, uid?
+                    type: string
+                type: object
+                x-kubernetes-map-type: atomic
+              ready:
+                type: boolean
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.14.0
+  labels:
+    cluster.x-k8s.io/provider: infrastructure-elemental
+    cluster.x-k8s.io/v1beta1: v1beta1
+    release-name: '{{ .Release.Name }}'
+  name: machineinventoryselectortemplates.elemental.cattle.io
+spec:
+  group: elemental.cattle.io
+  names:
+    kind: MachineInventorySelectorTemplate
+    listKind: MachineInventorySelectorTemplateList
+    plural: machineinventoryselectortemplates
+    singular: machineinventoryselectortemplate
+  scope: Namespaced
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              template:
+                description: Template machine inventory selector template.
+                properties:
+                  apiVersion:
+                    description: |-
+                      APIVersion defines the versioned schema of this representation of an object.
+                      Servers should convert recognized schemas to the latest internal value, and
+                      may reject unrecognized values.
+                      More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+                    type: string
+                  kind:
+                    description: |-
+                      Kind is a string value representing the REST resource this object represents.
+                      Servers may infer this from the endpoint the client submits requests to.
+                      Cannot be updated.
+                      In CamelCase.
+                      More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+                    type: string
+                  metadata:
+                    type: object
+                  spec:
+                    properties:
+                      providerID:
+                        description: |-
+                          ProviderID the identifier for the elemental instance.
+                          NOTE: Functionality not implemented yet.
+                        type: string
+                      selector:
+                        description: Selector selector to choose elemental machines.
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: |-
+                                A label selector requirement is a selector that contains values, a key, and an operator that
+                                relates the key and values.
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  type: string
+                                operator:
+                                  description: |-
+                                    operator represents a key's relationship to a set of values.
+                                    Valid operators are In, NotIn, Exists and DoesNotExist.
+                                  type: string
+                                values:
+                                  description: |-
+                                    values is an array of string values. If the operator is In or NotIn,
+                                    the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                                    the values array must be empty. This array is replaced during a strategic
+                                    merge patch.
+                                  items:
+                                    type: string
+                                  type: array
+                              required:
+                              - key
+                              - operator
+                              type: object
+                            type: array
+                          matchLabels:
+                            additionalProperties:
+                              type: string
+                            description: |-
+                              matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                              map is equivalent to an element of matchExpressions, whose key field is "key", the
+                              operator is "In", and the values array contains only "value". The requirements are ANDed.
+                            type: object
+                        type: object
+                        x-kubernetes-map-type: atomic
+                    type: object
+                  status:
+                    properties:
+                      addresses:
+                        description: Addresses represent machine addresses.
+                        items:
+                          description: MachineAddress contains information for the
+                            node's address.
+                          properties:
+                            address:
+                              description: The machine address.
+                              type: string
+                            type:
+                              description: Machine address type, one of Hostname,
+                                ExternalIP, InternalIP, ExternalDNS or InternalDNS.
+                              type: string
+                          required:
+                          - address
+                          - type
+                          type: object
+                        type: array
+                      bootstrapPlanChecksum:
+                        description: BootstrapPlanChecksum represent bootstrap plan
+                          checksum.
+                        type: string
+                      conditions:
+                        description: Conditions describe the state of the machine
+                          selector object.
+                        items:
+                          description: "Condition contains details for one aspect
+                            of the current state of this API Resource.\n---\nThis
+                            struct is intended for direct use as an array at the field
+                            path .status.conditions.  For example,\n\n\n\ttype FooStatus
+                            struct{\n\t    // Represents the observations of a foo's
+                            current state.\n\t    // Known .status.conditions.type
+                            are: \"Available\", \"Progressing\", and \"Degraded\"\n\t
+                            \   // +patchMergeKey=type\n\t    // +patchStrategy=merge\n\t
+                            \   // +listType=map\n\t    // +listMapKey=type\n\t    Conditions
+                            []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\"
+                            patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
+                            \   // other fields\n\t}"
+                          properties:
+                            lastTransitionTime:
+                              description: |-
+                                lastTransitionTime is the last time the condition transitioned from one status to another.
+                                This should be when the underlying condition changed.  If that is not known, then using the time when the API field changed is acceptable.
+                              format: date-time
+                              type: string
+                            message:
+                              description: |-
+                                message is a human readable message indicating details about the transition.
+                                This may be an empty string.
+                              maxLength: 32768
+                              type: string
+                            observedGeneration:
+                              description: |-
+                                observedGeneration represents the .metadata.generation that the condition was set based upon.
+                                For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+                                with respect to the current state of the instance.
+                              format: int64
+                              minimum: 0
+                              type: integer
+                            reason:
+                              description: |-
+                                reason contains a programmatic identifier indicating the reason for the condition's last transition.
+                                Producers of specific condition types may define expected values and meanings for this field,
+                                and whether the values are considered a guaranteed API.
+                                The value should be a CamelCase string.
+                                This field may not be empty.
+                              maxLength: 1024
+                              minLength: 1
+                              pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                              type: string
+                            status:
+                              description: status of the condition, one of True, False,
+                                Unknown.
+                              enum:
+                              - "True"
+                              - "False"
+                              - Unknown
+                              type: string
+                            type:
+                              description: |-
+                                type of condition in CamelCase or in foo.example.com/CamelCase.
+                                ---
+                                Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
+                                useful (see .node.status.conditions), the ability to deconflict is important.
+                                The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+                              maxLength: 316
+                              pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                              type: string
+                          required:
+                          - lastTransitionTime
+                          - message
+                          - reason
+                          - status
+                          - type
+                          type: object
+                        type: array
+                      machineInventoryRef:
+                        description: MachineInventoryRef reference to the machine
+                          inventory that belongs to the selector.
+                        properties:
+                          name:
+                            description: |-
+                              Name of the referent.
+                              More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                              TODO: Add other useful fields. apiVersion, kind, uid?
+                            type: string
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      ready:
+                        type: boolean
+                    type: object
+                type: object
+            required:
+            - template
+            type: object
+        type: object
+    served: true
+    storage: true
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.14.0
+  labels:
+    cluster.x-k8s.io/provider: infrastructure-elemental
+    cluster.x-k8s.io/v1beta1: v1beta1
+    release-name: '{{ .Release.Name }}'
+  name: machineregistrations.elemental.cattle.io
+spec:
+  group: elemental.cattle.io
+  names:
+    kind: MachineRegistration
+    listKind: MachineRegistrationList
+    plural: machineregistrations
+    singular: machineregistration
+  scope: Namespaced
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              config:
+                description: Config the cloud config that will be used to provision
+                  the node.
+                properties:
+                  cloud-config:
+                    x-kubernetes-preserve-unknown-fields: true
+                  elemental:
+                    properties:
+                      install:
+                        properties:
+                          config-dir:
+                            type: string
+                          config-urls:
+                            items:
+                              type: string
+                            type: array
+                          debug:
+                            type: boolean
+                          device:
+                            type: string
+                          device-selector:
+                            items:
+                              properties:
+                                key:
+                                  enum:
+                                  - Name
+                                  - Size
+                                  type: string
+                                operator:
+                                  enum:
+                                  - In
+                                  - NotIn
+                                  - Gt
+                                  - Lt
+                                  type: string
+                                values:
+                                  items:
+                                    type: string
+                                  type: array
+                              required:
+                              - key
+                              - operator
+                              type: object
+                            type: array
+                          disable-boot-entry:
+                            type: boolean
+                          eject-cd:
+                            type: boolean
+                          firmware:
+                            type: string
+                          iso:
+                            type: string
+                          no-format:
+                            type: boolean
+                          poweroff:
+                            type: boolean
+                          reboot:
+                            type: boolean
+                          snapshotter:
+                            default:
+                              type: loopdevice
+                            properties:
+                              type:
+                                default: loopdevice
+                                description: Type sets the snapshotter type a new
+                                  installation, available options are 'loopdevice'
+                                  and 'btrfs'
+                                type: string
+                            type: object
+                          system-uri:
+                            type: string
+                          tty:
+                            type: string
+                        type: object
+                      registration:
+                        properties:
+                          auth:
+                            default: tpm
+                            type: string
+                          ca-cert:
+                            type: string
+                          emulate-tpm:
+                            type: boolean
+                          emulated-tpm-seed:
+                            format: int64
+                            type: integer
+                          no-smbios:
+                            type: boolean
+                          no-toolkit:
+                            type: boolean
+                          url:
+                            type: string
+                        type: object
+                      reset:
+                        default:
+                          reboot: true
+                          reset-oem: true
+                          reset-persistent: true
+                        properties:
+                          config-urls:
+                            items:
+                              type: string
+                            type: array
+                          debug:
+                            type: boolean
+                          disable-boot-entry:
+                            type: boolean
+                          enabled:
+                            type: boolean
+                          poweroff:
+                            type: boolean
+                          reboot:
+                            default: true
+                            type: boolean
+                          reset-oem:
+                            default: true
+                            type: boolean
+                          reset-persistent:
+                            default: true
+                            type: boolean
+                          system-uri:
+                            type: string
+                        type: object
+                      system-agent:
+                        properties:
+                          secret-name:
+                            type: string
+                          secret-namespace:
+                            type: string
+                          token:
+                            type: string
+                          url:
+                            type: string
+                        type: object
+                    type: object
+                type: object
+              machineInventoryAnnotations:
+                additionalProperties:
+                  type: string
+                description: MachineInventoryAnnotations annotations to be added to
+                  the created MachineInventory object.
+                type: object
+              machineInventoryLabels:
+                additionalProperties:
+                  type: string
+                description: MachineInventoryLabels label to be added to the created
+                  MachineInventory object.
+                type: object
+              machineName:
+                type: string
+            type: object
+          status:
+            properties:
+              conditions:
+                description: Conditions describe the state of the machine registration
+                  object.
+                items:
+                  description: "Condition contains details for one aspect of the current
+                    state of this API Resource.\n---\nThis struct is intended for
+                    direct use as an array at the field path .status.conditions.  For
+                    example,\n\n\n\ttype FooStatus struct{\n\t    // Represents the
+                    observations of a foo's current state.\n\t    // Known .status.conditions.type
+                    are: \"Available\", \"Progressing\", and \"Degraded\"\n\t    //
+                    +patchMergeKey=type\n\t    // +patchStrategy=merge\n\t    // +listType=map\n\t
+                    \   // +listMapKey=type\n\t    Conditions []metav1.Condition `json:\"conditions,omitempty\"
+                    patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
+                    \   // other fields\n\t}"
+                  properties:
+                    lastTransitionTime:
+                      description: |-
+                        lastTransitionTime is the last time the condition transitioned from one status to another.
+                        This should be when the underlying condition changed.  If that is not known, then using the time when the API field changed is acceptable.
+                      format: date-time
+                      type: string
+                    message:
+                      description: |-
+                        message is a human readable message indicating details about the transition.
+                        This may be an empty string.
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      description: |-
+                        observedGeneration represents the .metadata.generation that the condition was set based upon.
+                        For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+                        with respect to the current state of the instance.
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      description: |-
+                        reason contains a programmatic identifier indicating the reason for the condition's last transition.
+                        Producers of specific condition types may define expected values and meanings for this field,
+                        and whether the values are considered a guaranteed API.
+                        The value should be a CamelCase string.
+                        This field may not be empty.
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      description: status of the condition, one of True, False, Unknown.
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      description: |-
+                        type of condition in CamelCase or in foo.example.com/CamelCase.
+                        ---
+                        Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
+                        useful (see .node.status.conditions), the ability to deconflict is important.
+                        The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+              registrationToken:
+                description: RegistrationToken a token for registering a machine.
+                type: string
+              registrationURL:
+                description: RegistrationURL is the URL for registering a new machine.
+                type: string
+              serviceAccountRef:
+                description: ServiceAccountRef a reference to the service account
+                  created by the machine registration.
+                properties:
+                  apiVersion:
+                    description: API version of the referent.
+                    type: string
+                  fieldPath:
+                    description: |-
+                      If referring to a piece of an object instead of an entire object, this string
+                      should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+                      For example, if the object reference is to a container within a pod, this would take on a value like:
+                      "spec.containers{name}" (where "name" refers to the name of the container that triggered
+                      the event) or if no container name is specified "spec.containers[2]" (container with
+                      index 2 in this pod). This syntax is chosen only to have some well-defined way of
+                      referencing a part of an object.
+                      TODO: this design is not final and this field is subject to change in the future.
+                    type: string
+                  kind:
+                    description: |-
+                      Kind of the referent.
+                      More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+                    type: string
+                  name:
+                    description: |-
+                      Name of the referent.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    type: string
+                  namespace:
+                    description: |-
+                      Namespace of the referent.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+                    type: string
+                  resourceVersion:
+                    description: |-
+                      Specific resourceVersion to which this reference is made, if any.
+                      More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+                    type: string
+                  uid:
+                    description: |-
+                      UID of the referent.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+                    type: string
+                type: object
+                x-kubernetes-map-type: atomic
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.14.0
+  labels:
+    cluster.x-k8s.io/provider: infrastructure-elemental
+    cluster.x-k8s.io/v1beta1: v1beta1
+    release-name: '{{ .Release.Name }}'
+  name: managedosimages.elemental.cattle.io
+spec:
+  group: elemental.cattle.io
+  names:
+    kind: ManagedOSImage
+    listKind: ManagedOSImageList
+    plural: managedosimages
+    singular: managedosimage
+  scope: Namespaced
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              cloudConfig:
+                x-kubernetes-preserve-unknown-fields: true
+              clusterRolloutStrategy:
+                description: RolloverStrategy controls the rollout of the bundle across
+                  clusters.
+                properties:
+                  autoPartitionSize:
+                    anyOf:
+                    - type: integer
+                    - type: string
+                    description: |-
+                      A number or percentage of how to automatically partition clusters if no
+                      specific partitioning strategy is configured.
+                      default: 25%
+                    nullable: true
+                    x-kubernetes-int-or-string: true
+                  maxUnavailable:
+                    anyOf:
+                    - type: integer
+                    - type: string
+                    description: |-
+                      A number or percentage of clusters that can be unavailable during an update
+                      of a bundle. This follows the same basic approach as a deployment rollout
+                      strategy. Once the number of clusters meets unavailable state update will be
+                      paused. Default value is 100% which doesn't take effect on update.
+                      default: 100%
+                    nullable: true
+                    x-kubernetes-int-or-string: true
+                  maxUnavailablePartitions:
+                    anyOf:
+                    - type: integer
+                    - type: string
+                    description: |-
+                      A number or percentage of cluster partitions that can be unavailable during
+                      an update of a bundle.
+                      default: 0
+                    nullable: true
+                    x-kubernetes-int-or-string: true
+                  partitions:
+                    description: |-
+                      A list of definitions of partitions.  If any target clusters do not match
+                      the configuration they are added to partitions at the end following the
+                      autoPartitionSize.
+                    items:
+                      description: Partition defines a separate rollout strategy for
+                        a set of clusters.
+                      properties:
+                        clusterGroup:
+                          description: A cluster group name to include in this partition
+                          type: string
+                        clusterGroupSelector:
+                          description: Selector matching cluster group labels to include
+                            in this partition
+                          properties:
+                            matchExpressions:
+                              description: matchExpressions is a list of label selector
+                                requirements. The requirements are ANDed.
+                              items:
+                                description: |-
+                                  A label selector requirement is a selector that contains values, a key, and an operator that
+                                  relates the key and values.
+                                properties:
+                                  key:
+                                    description: key is the label key that the selector
+                                      applies to.
+                                    type: string
+                                  operator:
+                                    description: |-
+                                      operator represents a key's relationship to a set of values.
+                                      Valid operators are In, NotIn, Exists and DoesNotExist.
+                                    type: string
+                                  values:
+                                    description: |-
+                                      values is an array of string values. If the operator is In or NotIn,
+                                      the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                                      the values array must be empty. This array is replaced during a strategic
+                                      merge patch.
+                                    items:
+                                      type: string
+                                    type: array
+                                required:
+                                - key
+                                - operator
+                                type: object
+                              type: array
+                            matchLabels:
+                              additionalProperties:
+                                type: string
+                              description: |-
+                                matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                                map is equivalent to an element of matchExpressions, whose key field is "key", the
+                                operator is "In", and the values array contains only "value". The requirements are ANDed.
+                              type: object
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        clusterName:
+                          description: ClusterName is the name of a cluster to include
+                            in this partition
+                          type: string
+                        clusterSelector:
+                          description: Selector matching cluster labels to include
+                            in this partition
+                          properties:
+                            matchExpressions:
+                              description: matchExpressions is a list of label selector
+                                requirements. The requirements are ANDed.
+                              items:
+                                description: |-
+                                  A label selector requirement is a selector that contains values, a key, and an operator that
+                                  relates the key and values.
+                                properties:
+                                  key:
+                                    description: key is the label key that the selector
+                                      applies to.
+                                    type: string
+                                  operator:
+                                    description: |-
+                                      operator represents a key's relationship to a set of values.
+                                      Valid operators are In, NotIn, Exists and DoesNotExist.
+                                    type: string
+                                  values:
+                                    description: |-
+                                      values is an array of string values. If the operator is In or NotIn,
+                                      the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                                      the values array must be empty. This array is replaced during a strategic
+                                      merge patch.
+                                    items:
+                                      type: string
+                                    type: array
+                                required:
+                                - key
+                                - operator
+                                type: object
+                              type: array
+                            matchLabels:
+                              additionalProperties:
+                                type: string
+                              description: |-
+                                matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                                map is equivalent to an element of matchExpressions, whose key field is "key", the
+                                operator is "In", and the values array contains only "value". The requirements are ANDed.
+                              type: object
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        maxUnavailable:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          description: |-
+                            A number or percentage of clusters that can be unavailable in this
+                            partition before this partition is treated as done.
+                            default: 10%
+                          x-kubernetes-int-or-string: true
+                        name:
+                          description: A user-friendly name given to the partition
+                            used for Display (optional).
+                          type: string
+                      type: object
+                    nullable: true
+                    type: array
+                type: object
+              clusterTargets:
+                items:
+                  description: |-
+                    BundleTarget declares clusters to deploy to. Fleet will merge the
+                    BundleDeploymentOptions from customizations into this struct.
+                  properties:
+                    clusterGroup:
+                      description: ClusterGroup to match a specific cluster group
+                        by name.
+                      nullable: true
+                      type: string
+                    clusterGroupSelector:
+                      description: ClusterGroupSelector is a selector to match cluster
+                        groups.
+                      nullable: true
+                      properties:
+                        matchExpressions:
+                          description: matchExpressions is a list of label selector
+                            requirements. The requirements are ANDed.
+                          items:
+                            description: |-
+                              A label selector requirement is a selector that contains values, a key, and an operator that
+                              relates the key and values.
+                            properties:
+                              key:
+                                description: key is the label key that the selector
+                                  applies to.
+                                type: string
+                              operator:
+                                description: |-
+                                  operator represents a key's relationship to a set of values.
+                                  Valid operators are In, NotIn, Exists and DoesNotExist.
+                                type: string
+                              values:
+                                description: |-
+                                  values is an array of string values. If the operator is In or NotIn,
+                                  the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                                  the values array must be empty. This array is replaced during a strategic
+                                  merge patch.
+                                items:
+                                  type: string
+                                type: array
+                            required:
+                            - key
+                            - operator
+                            type: object
+                          type: array
+                        matchLabels:
+                          additionalProperties:
+                            type: string
+                          description: |-
+                            matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                            map is equivalent to an element of matchExpressions, whose key field is "key", the
+                            operator is "In", and the values array contains only "value". The requirements are ANDed.
+                          type: object
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    clusterName:
+                      description: |-
+                        ClusterName to match a specific cluster by name that will be
+                        selected
+                      nullable: true
+                      type: string
+                    clusterSelector:
+                      description: |-
+                        ClusterSelector is a selector to match clusters. The structure is
+                        the standard metav1.LabelSelector format. If clusterGroupSelector or
+                        clusterGroup is specified, clusterSelector will be used only to
+                        further refine the selection after clusterGroupSelector and
+                        clusterGroup is evaluated.
+                      nullable: true
+                      properties:
+                        matchExpressions:
+                          description: matchExpressions is a list of label selector
+                            requirements. The requirements are ANDed.
+                          items:
+                            description: |-
+                              A label selector requirement is a selector that contains values, a key, and an operator that
+                              relates the key and values.
+                            properties:
+                              key:
+                                description: key is the label key that the selector
+                                  applies to.
+                                type: string
+                              operator:
+                                description: |-
+                                  operator represents a key's relationship to a set of values.
+                                  Valid operators are In, NotIn, Exists and DoesNotExist.
+                                type: string
+                              values:
+                                description: |-
+                                  values is an array of string values. If the operator is In or NotIn,
+                                  the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                                  the values array must be empty. This array is replaced during a strategic
+                                  merge patch.
+                                items:
+                                  type: string
+                                type: array
+                            required:
+                            - key
+                            - operator
+                            type: object
+                          type: array
+                        matchLabels:
+                          additionalProperties:
+                            type: string
+                          description: |-
+                            matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                            map is equivalent to an element of matchExpressions, whose key field is "key", the
+                            operator is "In", and the values array contains only "value". The requirements are ANDed.
+                          type: object
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    correctDrift:
+                      description: CorrectDrift specifies how drift correction should
+                        work.
+                      properties:
+                        enabled:
+                          description: Enabled correct drift if true.
+                          type: boolean
+                        force:
+                          description: Force helm rollback with --force option will
+                            be used if true. This will try to recreate all resources
+                            in the release.
+                          type: boolean
+                        keepFailHistory:
+                          description: KeepFailHistory keeps track of failed rollbacks
+                            in the helm history.
+                          type: boolean
+                      type: object
+                    defaultNamespace:
+                      description: |-
+                        DefaultNamespace is the namespace to use for resources that do not
+                        specify a namespace. This field is not used to enforce or lock down
+                        the deployment to a specific namespace.
+                      nullable: true
+                      type: string
+                    deleteCRDResources:
+                      description: DeleteCRDResources deletes CRDs. Warning! this
+                        will also delete all your Custom Resources.
+                      type: boolean
+                    diff:
+                      description: Diff can be used to ignore the modified state of
+                        objects which are amended at runtime.
+                      nullable: true
+                      properties:
+                        comparePatches:
+                          description: ComparePatches match a resource and remove
+                            fields from the check for modifications.
+                          items:
+                            description: ComparePatch matches a resource and removes
+                              fields from the check for modifications.
+                            properties:
+                              apiVersion:
+                                description: APIVersion is the apiVersion of the resource
+                                  to match.
+                                nullable: true
+                                type: string
+                              jsonPointers:
+                                description: JSONPointers ignore diffs at a certain
+                                  JSON path.
+                                items:
+                                  type: string
+                                nullable: true
+                                type: array
+                              kind:
+                                description: Kind is the kind of the resource to match.
+                                nullable: true
+                                type: string
+                              name:
+                                description: Name is the name of the resource to match.
+                                nullable: true
+                                type: string
+                              namespace:
+                                description: Namespace is the namespace of the resource
+                                  to match.
+                                nullable: true
+                                type: string
+                              operations:
+                                description: Operations remove a JSON path from the
+                                  resource.
+                                items:
+                                  description: Operation of a ComparePatch, usually
+                                    "remove".
+                                  properties:
+                                    op:
+                                      description: Op is usually "remove"
+                                      nullable: true
+                                      type: string
+                                    path:
+                                      description: Path is the JSON path to remove.
+                                      nullable: true
+                                      type: string
+                                    value:
+                                      description: Value is usually empty.
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                    doNotDeploy:
+                      description: DoNotDeploy if set to true, will not deploy to
+                        this target.
+                      type: boolean
+                    forceSyncGeneration:
+                      description: ForceSyncGeneration is used to force a redeployment
+                      format: int64
+                      type: integer
+                    helm:
+                      description: Helm options for the deployment, like the chart
+                        name, repo and values.
+                      nullable: true
+                      properties:
+                        atomic:
+                          description: Atomic sets the --atomic flag when Helm is
+                            performing an upgrade
+                          type: boolean
+                        chart:
+                          description: |-
+                            Chart can refer to any go-getter URL or OCI registry based helm
+                            chart URL. The chart will be downloaded.
+                          nullable: true
+                          type: string
+                        disableDNS:
+                          description: DisableDNS can be used to customize Helm's
+                            EnableDNS option, which Fleet sets to `true` by default.
+                          type: boolean
+                        disableDependencyUpdate:
+                          description: DisableDependencyUpdate allows skipping chart
+                            dependencies update
+                          type: boolean
+                        disablePreProcess:
+                          description: DisablePreProcess disables template processing
+                            in values
+                          type: boolean
+                        force:
+                          description: Force allows to override immutable resources.
+                            This could be dangerous.
+                          type: boolean
+                        maxHistory:
+                          description: MaxHistory limits the maximum number of revisions
+                            saved per release by Helm.
+                          type: integer
+                        releaseName:
+                          description: |-
+                            ReleaseName sets a custom release name to deploy the chart as. If
+                            not specified a release name will be generated by combining the
+                            invoking GitRepo.name + GitRepo.path.
+                          maxLength: 53
+                          nullable: true
+                          pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+                          type: string
+                        repo:
+                          description: Repo is the name of the HTTPS helm repo to
+                            download the chart from.
+                          nullable: true
+                          type: string
+                        skipSchemaValidation:
+                          description: SkipSchemaValidation allows skipping schema
+                            validation against the chart values
+                          type: boolean
+                        takeOwnership:
+                          description: TakeOwnership makes helm skip the check for
+                            its own annotations
+                          type: boolean
+                        timeoutSeconds:
+                          description: TimeoutSeconds is the time to wait for Helm
+                            operations.
+                          type: integer
+                        values:
+                          description: |-
+                            Values passed to Helm. It is possible to specify the keys and values
+                            as go template strings.
+                          nullable: true
+                          type: object
+                          x-kubernetes-preserve-unknown-fields: true
+                        valuesFiles:
+                          description: ValuesFiles is a list of files to load values
+                            from.
+                          items:
+                            type: string
+                          nullable: true
+                          type: array
+                        valuesFrom:
+                          description: ValuesFrom loads the values from configmaps
+                            and secrets.
+                          items:
+                            description: 'Define helm values that can come from configmap,
+                              secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439'
+                            properties:
+                              configMapKeyRef:
+                                description: The reference to a config map with release
+                                  values.
+                                nullable: true
+                                properties:
+                                  key:
+                                    nullable: true
+                                    type: string
+                                  name:
+                                    description: Name of a resource in the same namespace
+                                      as the referent.
+                                    nullable: true
+                                    type: string
+                                  namespace:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              secretKeyRef:
+                                description: The reference to a secret with release
+                                  values.
+                                nullable: true
+                                properties:
+                                  key:
+                                    nullable: true
+                                    type: string
+                                  name:
+                                    description: Name of a resource in the same namespace
+                                      as the referent.
+                                    nullable: true
+                                    type: string
+                                  namespace:
+                                    nullable: true
+                                    type: string
+                                type: object
+                            type: object
+                          nullable: true
+                          type: array
+                        version:
+                          description: Version of the chart to download
+                          nullable: true
+                          type: string
+                        waitForJobs:
+                          description: |-
+                            WaitForJobs if set and timeoutSeconds provided, will wait until all
+                            Jobs have been completed before marking the GitRepo as ready. It
+                            will wait for as long as timeoutSeconds
+                          type: boolean
+                      type: object
+                    ignore:
+                      description: IgnoreOptions can be used to ignore fields when
+                        monitoring the bundle.
+                      properties:
+                        conditions:
+                          description: Conditions is a list of conditions to be ignored
+                            when monitoring the Bundle.
+                          items:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                    keepResources:
+                      description: KeepResources can be used to keep the deployed
+                        resources when removing the bundle
+                      type: boolean
+                    kustomize:
+                      description: |-
+                        Kustomize options for the deployment, like the dir containing the
+                        kustomization.yaml file.
+                      nullable: true
+                      properties:
+                        dir:
+                          description: |-
+                            Dir points to a custom folder for kustomize resources. This folder must contain
+                            a kustomization.yaml file.
+                          nullable: true
+                          type: string
+                      type: object
+                    name:
+                      description: |-
+                        Name of target. This value is largely for display and logging. If
+                        not specified a default name of the format "target000" will be used
+                      type: string
+                    namespace:
+                      description: |-
+                        TargetNamespace if present will assign all resource to this
+                        namespace and if any cluster scoped resource exists the deployment
+                        will fail.
+                      nullable: true
+                      type: string
+                    namespaceAnnotations:
+                      additionalProperties:
+                        type: string
+                      description: NamespaceAnnotations are annotations that will
+                        be appended to the namespace created by Fleet.
+                      nullable: true
+                      type: object
+                    namespaceLabels:
+                      additionalProperties:
+                        type: string
+                      description: NamespaceLabels are labels that will be appended
+                        to the namespace created by Fleet.
+                      nullable: true
+                      type: object
+                    serviceAccount:
+                      description: ServiceAccount which will be used to perform this
+                        deployment.
+                      nullable: true
+                      type: string
+                    yaml:
+                      description: |-
+                        YAML options, if using raw YAML these are names that map to
+                        overlays/{name} files that will be used to replace or patch a resource.
+                      nullable: true
+                      properties:
+                        overlays:
+                          description: |-
+                            Overlays is a list of names that maps to folders in "overlays/".
+                            If you wish to customize the file ./subdir/resource.yaml then a file
+                            ./overlays/myoverlay/subdir/resource.yaml will replace the base
+                            file.
+                            A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.
+                          items:
+                            type: string
+                          nullable: true
+                          type: array
+                      type: object
+                  type: object
+                type: array
+              concurrency:
+                format: int64
+                type: integer
+              cordon:
+                type: boolean
+              drain:
+                default:
+                  deleteLocalData: true
+                  force: true
+                  ignoreDaemonSets: true
+                  skipWaitForDeleteTimeout: 60
+                description: DrainSpec encapsulates `kubectl drain` parameters minus
+                  node/pod selectors.
+                nullable: true
+                properties:
+                  deleteEmptydirData:
+                    type: boolean
+                  deleteLocalData:
+                    type: boolean
+                  disableEviction:
+                    type: boolean
+                  force:
+                    type: boolean
+                  gracePeriod:
+                    format: int32
+                    type: integer
+                  ignoreDaemonSets:
+                    type: boolean
+                  podSelector:
+                    description: |-
+                      A label selector is a label query over a set of resources. The result of matchLabels and
+                      matchExpressions are ANDed. An empty label selector matches all objects. A null
+                      label selector matches no objects.
+                    properties:
+                      matchExpressions:
+                        description: matchExpressions is a list of label selector
+                          requirements. The requirements are ANDed.
+                        items:
+                          description: |-
+                            A label selector requirement is a selector that contains values, a key, and an operator that
+                            relates the key and values.
+                          properties:
+                            key:
+                              description: key is the label key that the selector
+                                applies to.
+                              type: string
+                            operator:
+                              description: |-
+                                operator represents a key's relationship to a set of values.
+                                Valid operators are In, NotIn, Exists and DoesNotExist.
+                              type: string
+                            values:
+                              description: |-
+                                values is an array of string values. If the operator is In or NotIn,
+                                the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                                the values array must be empty. This array is replaced during a strategic
+                                merge patch.
+                              items:
+                                type: string
+                              type: array
+                          required:
+                          - key
+                          - operator
+                          type: object
+                        type: array
+                      matchLabels:
+                        additionalProperties:
+                          type: string
+                        description: |-
+                          matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                          map is equivalent to an element of matchExpressions, whose key field is "key", the
+                          operator is "In", and the values array contains only "value". The requirements are ANDed.
+                        type: object
+                    type: object
+                    x-kubernetes-map-type: atomic
+                  skipWaitForDeleteTimeout:
+                    type: integer
+                  timeout:
+                    description: |-
+                      A Duration represents the elapsed time between two instants
+                      as an int64 nanosecond count. The representation limits the
+                      largest representable duration to approximately 290 years.
+                    format: int64
+                    type: integer
+                type: object
+              managedOSVersionName:
+                type: string
+              nodeSelector:
+                description: |-
+                  A label selector is a label query over a set of resources. The result of matchLabels and
+                  matchExpressions are ANDed. An empty label selector matches all objects. A null
+                  label selector matches no objects.
+                properties:
+                  matchExpressions:
+                    description: matchExpressions is a list of label selector requirements.
+                      The requirements are ANDed.
+                    items:
+                      description: |-
+                        A label selector requirement is a selector that contains values, a key, and an operator that
+                        relates the key and values.
+                      properties:
+                        key:
+                          description: key is the label key that the selector applies
+                            to.
+                          type: string
+                        operator:
+                          description: |-
+                            operator represents a key's relationship to a set of values.
+                            Valid operators are In, NotIn, Exists and DoesNotExist.
+                          type: string
+                        values:
+                          description: |-
+                            values is an array of string values. If the operator is In or NotIn,
+                            the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                            the values array must be empty. This array is replaced during a strategic
+                            merge patch.
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - key
+                      - operator
+                      type: object
+                    type: array
+                  matchLabels:
+                    additionalProperties:
+                      type: string
+                    description: |-
+                      matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                      map is equivalent to an element of matchExpressions, whose key field is "key", the
+                      operator is "In", and the values array contains only "value". The requirements are ANDed.
+                    type: object
+                type: object
+                x-kubernetes-map-type: atomic
+              osImage:
+                type: string
+              prepare:
+                description: ContainerSpec is a simplified container template.
+                properties:
+                  args:
+                    items:
+                      type: string
+                    type: array
+                  command:
+                    items:
+                      type: string
+                    type: array
+                  envFrom:
+                    items:
+                      description: EnvFromSource represents the source of a set of
+                        ConfigMaps
+                      properties:
+                        configMapRef:
+                          description: The ConfigMap to select from
+                          properties:
+                            name:
+                              description: |-
+                                Name of the referent.
+                                More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?
+                              type: string
+                            optional:
+                              description: Specify whether the ConfigMap must be defined
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        prefix:
+                          description: An optional identifier to prepend to each key
+                            in the ConfigMap. Must be a C_IDENTIFIER.
+                          type: string
+                        secretRef:
+                          description: The Secret to select from
+                          properties:
+                            name:
+                              description: |-
+                                Name of the referent.
+                                More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?
+                              type: string
+                            optional:
+                              description: Specify whether the Secret must be defined
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      type: object
+                    type: array
+                  envs:
+                    items:
+                      description: EnvVar represents an environment variable present
+                        in a Container.
+                      properties:
+                        name:
+                          description: Name of the environment variable. Must be a
+                            C_IDENTIFIER.
+                          type: string
+                        value:
+                          description: |-
+                            Variable references $(VAR_NAME) are expanded
+                            using the previously defined environment variables in the container and
+                            any service environment variables. If a variable cannot be resolved,
+                            the reference in the input string will be unchanged. Double $$ are reduced
+                            to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
+                            "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+                            Escaped references will never be expanded, regardless of whether the variable
+                            exists or not.
+                            Defaults to "".
+                          type: string
+                        valueFrom:
+                          description: Source for the environment variable's value.
+                            Cannot be used if value is not empty.
+                          properties:
+                            configMapKeyRef:
+                              description: Selects a key of a ConfigMap.
+                              properties:
+                                key:
+                                  description: The key to select.
+                                  type: string
+                                name:
+                                  description: |-
+                                    Name of the referent.
+                                    More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind, uid?
+                                  type: string
+                                optional:
+                                  description: Specify whether the ConfigMap or its
+                                    key must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            fieldRef:
+                              description: |-
+                                Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
+                                spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
+                              properties:
+                                apiVersion:
+                                  description: Version of the schema the FieldPath
+                                    is written in terms of, defaults to "v1".
+                                  type: string
+                                fieldPath:
+                                  description: Path of the field to select in the
+                                    specified API version.
+                                  type: string
+                              required:
+                              - fieldPath
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            resourceFieldRef:
+                              description: |-
+                                Selects a resource of the container: only resources limits and requests
+                                (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
+                              properties:
+                                containerName:
+                                  description: 'Container name: required for volumes,
+                                    optional for env vars'
+                                  type: string
+                                divisor:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Specifies the output format of the
+                                    exposed resources, defaults to "1"
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                resource:
+                                  description: 'Required: resource to select'
+                                  type: string
+                              required:
+                              - resource
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secretKeyRef:
+                              description: Selects a key of a secret in the pod's
+                                namespace
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: |-
+                                    Name of the referent.
+                                    More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind, uid?
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  image:
+                    type: string
+                  securityContext:
+                    description: |-
+                      SecurityContext holds security configuration that will be applied to a container.
+                      Some fields are present in both SecurityContext and PodSecurityContext.  When both
+                      are set, the values in SecurityContext take precedence.
+                    properties:
+                      allowPrivilegeEscalation:
+                        description: |-
+                          AllowPrivilegeEscalation controls whether a process can gain more
+                          privileges than its parent process. This bool directly controls if
+                          the no_new_privs flag will be set on the container process.
+                          AllowPrivilegeEscalation is true always when the container is:
+                          1) run as Privileged
+                          2) has CAP_SYS_ADMIN
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      capabilities:
+                        description: |-
+                          The capabilities to add/drop when running containers.
+                          Defaults to the default set of capabilities granted by the container runtime.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          add:
+                            description: Added capabilities
+                            items:
+                              description: Capability represent POSIX capabilities
+                                type
+                              type: string
+                            type: array
+                          drop:
+                            description: Removed capabilities
+                            items:
+                              description: Capability represent POSIX capabilities
+                                type
+                              type: string
+                            type: array
+                        type: object
+                      privileged:
+                        description: |-
+                          Run container in privileged mode.
+                          Processes in privileged containers are essentially equivalent to root on the host.
+                          Defaults to false.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      procMount:
+                        description: |-
+                          procMount denotes the type of proc mount to use for the containers.
+                          The default is DefaultProcMount which uses the container runtime defaults for
+                          readonly paths and masked paths.
+                          This requires the ProcMountType feature flag to be enabled.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: string
+                      readOnlyRootFilesystem:
+                        description: |-
+                          Whether this container has a read-only root filesystem.
+                          Default is false.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      runAsGroup:
+                        description: |-
+                          The GID to run the entrypoint of the container process.
+                          Uses runtime default if unset.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        description: |-
+                          Indicates that the container must run as a non-root user.
+                          If true, the Kubelet will validate the image at runtime to ensure that it
+                          does not run as UID 0 (root) and fail to start the container if it does.
+                          If unset or false, no such validation will be performed.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                        type: boolean
+                      runAsUser:
+                        description: |-
+                          The UID to run the entrypoint of the container process.
+                          Defaults to user specified in image metadata if unspecified.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        format: int64
+                        type: integer
+                      seLinuxOptions:
+                        description: |-
+                          The SELinux context to be applied to the container.
+                          If unspecified, the container runtime will allocate a random SELinux context for each
+                          container.  May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          level:
+                            description: Level is SELinux level label that applies
+                              to the container.
+                            type: string
+                          role:
+                            description: Role is a SELinux role label that applies
+                              to the container.
+                            type: string
+                          type:
+                            description: Type is a SELinux type label that applies
+                              to the container.
+                            type: string
+                          user:
+                            description: User is a SELinux user label that applies
+                              to the container.
+                            type: string
+                        type: object
+                      seccompProfile:
+                        description: |-
+                          The seccomp options to use by this container. If seccomp options are
+                          provided at both the pod & container level, the container options
+                          override the pod options.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          localhostProfile:
+                            description: |-
+                              localhostProfile indicates a profile defined in a file on the node should be used.
+                              The profile must be preconfigured on the node to work.
+                              Must be a descending path, relative to the kubelet's configured seccomp profile location.
+                              Must be set if type is "Localhost". Must NOT be set for any other type.
+                            type: string
+                          type:
+                            description: |-
+                              type indicates which kind of seccomp profile will be applied.
+                              Valid options are:
+
+
+                              Localhost - a profile defined in a file on the node should be used.
+                              RuntimeDefault - the container runtime default profile should be used.
+                              Unconfined - no profile should be applied.
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      windowsOptions:
+                        description: |-
+                          The Windows specific settings applied to all containers.
+                          If unspecified, the options from the PodSecurityContext will be used.
+                          If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is linux.
+                        properties:
+                          gmsaCredentialSpec:
+                            description: |-
+                              GMSACredentialSpec is where the GMSA admission webhook
+                              (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
+                              GMSA credential spec named by the GMSACredentialSpecName field.
+                            type: string
+                          gmsaCredentialSpecName:
+                            description: GMSACredentialSpecName is the name of the
+                              GMSA credential spec to use.
+                            type: string
+                          hostProcess:
+                            description: |-
+                              HostProcess determines if a container should be run as a 'Host Process' container.
+                              All of a Pod's containers must have the same effective HostProcess value
+                              (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
+                              In addition, if HostProcess is true then HostNetwork must also be set to true.
+                            type: boolean
+                          runAsUserName:
+                            description: |-
+                              The UserName in Windows to run the entrypoint of the container process.
+                              Defaults to the user specified in image metadata if unspecified.
+                              May also be set in PodSecurityContext. If set in both SecurityContext and
+                              PodSecurityContext, the value specified in SecurityContext takes precedence.
+                            type: string
+                        type: object
+                    type: object
+                  volumes:
+                    items:
+                      properties:
+                        destination:
+                          type: string
+                        name:
+                          type: string
+                        source:
+                          type: string
+                      type: object
+                    type: array
+                type: object
+              upgradeContainer:
+                description: ContainerSpec is a simplified container template.
+                properties:
+                  args:
+                    items:
+                      type: string
+                    type: array
+                  command:
+                    items:
+                      type: string
+                    type: array
+                  envFrom:
+                    items:
+                      description: EnvFromSource represents the source of a set of
+                        ConfigMaps
+                      properties:
+                        configMapRef:
+                          description: The ConfigMap to select from
+                          properties:
+                            name:
+                              description: |-
+                                Name of the referent.
+                                More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?
+                              type: string
+                            optional:
+                              description: Specify whether the ConfigMap must be defined
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        prefix:
+                          description: An optional identifier to prepend to each key
+                            in the ConfigMap. Must be a C_IDENTIFIER.
+                          type: string
+                        secretRef:
+                          description: The Secret to select from
+                          properties:
+                            name:
+                              description: |-
+                                Name of the referent.
+                                More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?
+                              type: string
+                            optional:
+                              description: Specify whether the Secret must be defined
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      type: object
+                    type: array
+                  envs:
+                    items:
+                      description: EnvVar represents an environment variable present
+                        in a Container.
+                      properties:
+                        name:
+                          description: Name of the environment variable. Must be a
+                            C_IDENTIFIER.
+                          type: string
+                        value:
+                          description: |-
+                            Variable references $(VAR_NAME) are expanded
+                            using the previously defined environment variables in the container and
+                            any service environment variables. If a variable cannot be resolved,
+                            the reference in the input string will be unchanged. Double $$ are reduced
+                            to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
+                            "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+                            Escaped references will never be expanded, regardless of whether the variable
+                            exists or not.
+                            Defaults to "".
+                          type: string
+                        valueFrom:
+                          description: Source for the environment variable's value.
+                            Cannot be used if value is not empty.
+                          properties:
+                            configMapKeyRef:
+                              description: Selects a key of a ConfigMap.
+                              properties:
+                                key:
+                                  description: The key to select.
+                                  type: string
+                                name:
+                                  description: |-
+                                    Name of the referent.
+                                    More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind, uid?
+                                  type: string
+                                optional:
+                                  description: Specify whether the ConfigMap or its
+                                    key must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            fieldRef:
+                              description: |-
+                                Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
+                                spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
+                              properties:
+                                apiVersion:
+                                  description: Version of the schema the FieldPath
+                                    is written in terms of, defaults to "v1".
+                                  type: string
+                                fieldPath:
+                                  description: Path of the field to select in the
+                                    specified API version.
+                                  type: string
+                              required:
+                              - fieldPath
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            resourceFieldRef:
+                              description: |-
+                                Selects a resource of the container: only resources limits and requests
+                                (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
+                              properties:
+                                containerName:
+                                  description: 'Container name: required for volumes,
+                                    optional for env vars'
+                                  type: string
+                                divisor:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Specifies the output format of the
+                                    exposed resources, defaults to "1"
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                resource:
+                                  description: 'Required: resource to select'
+                                  type: string
+                              required:
+                              - resource
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secretKeyRef:
+                              description: Selects a key of a secret in the pod's
+                                namespace
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: |-
+                                    Name of the referent.
+                                    More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind, uid?
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  image:
+                    type: string
+                  securityContext:
+                    description: |-
+                      SecurityContext holds security configuration that will be applied to a container.
+                      Some fields are present in both SecurityContext and PodSecurityContext.  When both
+                      are set, the values in SecurityContext take precedence.
+                    properties:
+                      allowPrivilegeEscalation:
+                        description: |-
+                          AllowPrivilegeEscalation controls whether a process can gain more
+                          privileges than its parent process. This bool directly controls if
+                          the no_new_privs flag will be set on the container process.
+                          AllowPrivilegeEscalation is true always when the container is:
+                          1) run as Privileged
+                          2) has CAP_SYS_ADMIN
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      capabilities:
+                        description: |-
+                          The capabilities to add/drop when running containers.
+                          Defaults to the default set of capabilities granted by the container runtime.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          add:
+                            description: Added capabilities
+                            items:
+                              description: Capability represent POSIX capabilities
+                                type
+                              type: string
+                            type: array
+                          drop:
+                            description: Removed capabilities
+                            items:
+                              description: Capability represent POSIX capabilities
+                                type
+                              type: string
+                            type: array
+                        type: object
+                      privileged:
+                        description: |-
+                          Run container in privileged mode.
+                          Processes in privileged containers are essentially equivalent to root on the host.
+                          Defaults to false.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      procMount:
+                        description: |-
+                          procMount denotes the type of proc mount to use for the containers.
+                          The default is DefaultProcMount which uses the container runtime defaults for
+                          readonly paths and masked paths.
+                          This requires the ProcMountType feature flag to be enabled.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: string
+                      readOnlyRootFilesystem:
+                        description: |-
+                          Whether this container has a read-only root filesystem.
+                          Default is false.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      runAsGroup:
+                        description: |-
+                          The GID to run the entrypoint of the container process.
+                          Uses runtime default if unset.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        description: |-
+                          Indicates that the container must run as a non-root user.
+                          If true, the Kubelet will validate the image at runtime to ensure that it
+                          does not run as UID 0 (root) and fail to start the container if it does.
+                          If unset or false, no such validation will be performed.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                        type: boolean
+                      runAsUser:
+                        description: |-
+                          The UID to run the entrypoint of the container process.
+                          Defaults to user specified in image metadata if unspecified.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        format: int64
+                        type: integer
+                      seLinuxOptions:
+                        description: |-
+                          The SELinux context to be applied to the container.
+                          If unspecified, the container runtime will allocate a random SELinux context for each
+                          container.  May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          level:
+                            description: Level is SELinux level label that applies
+                              to the container.
+                            type: string
+                          role:
+                            description: Role is a SELinux role label that applies
+                              to the container.
+                            type: string
+                          type:
+                            description: Type is a SELinux type label that applies
+                              to the container.
+                            type: string
+                          user:
+                            description: User is a SELinux user label that applies
+                              to the container.
+                            type: string
+                        type: object
+                      seccompProfile:
+                        description: |-
+                          The seccomp options to use by this container. If seccomp options are
+                          provided at both the pod & container level, the container options
+                          override the pod options.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          localhostProfile:
+                            description: |-
+                              localhostProfile indicates a profile defined in a file on the node should be used.
+                              The profile must be preconfigured on the node to work.
+                              Must be a descending path, relative to the kubelet's configured seccomp profile location.
+                              Must be set if type is "Localhost". Must NOT be set for any other type.
+                            type: string
+                          type:
+                            description: |-
+                              type indicates which kind of seccomp profile will be applied.
+                              Valid options are:
+
+
+                              Localhost - a profile defined in a file on the node should be used.
+                              RuntimeDefault - the container runtime default profile should be used.
+                              Unconfined - no profile should be applied.
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      windowsOptions:
+                        description: |-
+                          The Windows specific settings applied to all containers.
+                          If unspecified, the options from the PodSecurityContext will be used.
+                          If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is linux.
+                        properties:
+                          gmsaCredentialSpec:
+                            description: |-
+                              GMSACredentialSpec is where the GMSA admission webhook
+                              (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
+                              GMSA credential spec named by the GMSACredentialSpecName field.
+                            type: string
+                          gmsaCredentialSpecName:
+                            description: GMSACredentialSpecName is the name of the
+                              GMSA credential spec to use.
+                            type: string
+                          hostProcess:
+                            description: |-
+                              HostProcess determines if a container should be run as a 'Host Process' container.
+                              All of a Pod's containers must have the same effective HostProcess value
+                              (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
+                              In addition, if HostProcess is true then HostNetwork must also be set to true.
+                            type: boolean
+                          runAsUserName:
+                            description: |-
+                              The UserName in Windows to run the entrypoint of the container process.
+                              Defaults to the user specified in image metadata if unspecified.
+                              May also be set in PodSecurityContext. If set in both SecurityContext and
+                              PodSecurityContext, the value specified in SecurityContext takes precedence.
+                            type: string
+                        type: object
+                    type: object
+                  volumes:
+                    items:
+                      properties:
+                        destination:
+                          type: string
+                        name:
+                          type: string
+                        source:
+                          type: string
+                      type: object
+                    type: array
+                type: object
+            required:
+            - drain
+            type: object
+          status:
+            properties:
+              conditions:
+                items:
+                  description: "Condition contains details for one aspect of the current
+                    state of this API Resource.\n---\nThis struct is intended for
+                    direct use as an array at the field path .status.conditions.  For
+                    example,\n\n\n\ttype FooStatus struct{\n\t    // Represents the
+                    observations of a foo's current state.\n\t    // Known .status.conditions.type
+                    are: \"Available\", \"Progressing\", and \"Degraded\"\n\t    //
+                    +patchMergeKey=type\n\t    // +patchStrategy=merge\n\t    // +listType=map\n\t
+                    \   // +listMapKey=type\n\t    Conditions []metav1.Condition `json:\"conditions,omitempty\"
+                    patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
+                    \   // other fields\n\t}"
+                  properties:
+                    lastTransitionTime:
+                      description: |-
+                        lastTransitionTime is the last time the condition transitioned from one status to another.
+                        This should be when the underlying condition changed.  If that is not known, then using the time when the API field changed is acceptable.
+                      format: date-time
+                      type: string
+                    message:
+                      description: |-
+                        message is a human readable message indicating details about the transition.
+                        This may be an empty string.
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      description: |-
+                        observedGeneration represents the .metadata.generation that the condition was set based upon.
+                        For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+                        with respect to the current state of the instance.
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      description: |-
+                        reason contains a programmatic identifier indicating the reason for the condition's last transition.
+                        Producers of specific condition types may define expected values and meanings for this field,
+                        and whether the values are considered a guaranteed API.
+                        The value should be a CamelCase string.
+                        This field may not be empty.
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      description: status of the condition, one of True, False, Unknown.
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      description: |-
+                        type of condition in CamelCase or in foo.example.com/CamelCase.
+                        ---
+                        Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
+                        useful (see .node.status.conditions), the ability to deconflict is important.
+                        The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.14.0
+  labels:
+    cluster.x-k8s.io/provider: infrastructure-elemental
+    cluster.x-k8s.io/v1beta1: v1beta1
+    release-name: '{{ .Release.Name }}'
+  name: managedosversionchannels.elemental.cattle.io
+spec:
+  group: elemental.cattle.io
+  names:
+    kind: ManagedOSVersionChannel
+    listKind: ManagedOSVersionChannelList
+    plural: managedosversionchannels
+    singular: managedosversionchannel
+  scope: Namespaced
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              options:
+                x-kubernetes-preserve-unknown-fields: true
+              syncInterval:
+                default: 1h
+                type: string
+              type:
+                type: string
+              upgradeContainer:
+                description: ContainerSpec is a simplified container template.
+                properties:
+                  args:
+                    items:
+                      type: string
+                    type: array
+                  command:
+                    items:
+                      type: string
+                    type: array
+                  envFrom:
+                    items:
+                      description: EnvFromSource represents the source of a set of
+                        ConfigMaps
+                      properties:
+                        configMapRef:
+                          description: The ConfigMap to select from
+                          properties:
+                            name:
+                              description: |-
+                                Name of the referent.
+                                More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?
+                              type: string
+                            optional:
+                              description: Specify whether the ConfigMap must be defined
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        prefix:
+                          description: An optional identifier to prepend to each key
+                            in the ConfigMap. Must be a C_IDENTIFIER.
+                          type: string
+                        secretRef:
+                          description: The Secret to select from
+                          properties:
+                            name:
+                              description: |-
+                                Name of the referent.
+                                More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?
+                              type: string
+                            optional:
+                              description: Specify whether the Secret must be defined
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      type: object
+                    type: array
+                  envs:
+                    items:
+                      description: EnvVar represents an environment variable present
+                        in a Container.
+                      properties:
+                        name:
+                          description: Name of the environment variable. Must be a
+                            C_IDENTIFIER.
+                          type: string
+                        value:
+                          description: |-
+                            Variable references $(VAR_NAME) are expanded
+                            using the previously defined environment variables in the container and
+                            any service environment variables. If a variable cannot be resolved,
+                            the reference in the input string will be unchanged. Double $$ are reduced
+                            to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
+                            "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+                            Escaped references will never be expanded, regardless of whether the variable
+                            exists or not.
+                            Defaults to "".
+                          type: string
+                        valueFrom:
+                          description: Source for the environment variable's value.
+                            Cannot be used if value is not empty.
+                          properties:
+                            configMapKeyRef:
+                              description: Selects a key of a ConfigMap.
+                              properties:
+                                key:
+                                  description: The key to select.
+                                  type: string
+                                name:
+                                  description: |-
+                                    Name of the referent.
+                                    More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind, uid?
+                                  type: string
+                                optional:
+                                  description: Specify whether the ConfigMap or its
+                                    key must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            fieldRef:
+                              description: |-
+                                Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
+                                spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
+                              properties:
+                                apiVersion:
+                                  description: Version of the schema the FieldPath
+                                    is written in terms of, defaults to "v1".
+                                  type: string
+                                fieldPath:
+                                  description: Path of the field to select in the
+                                    specified API version.
+                                  type: string
+                              required:
+                              - fieldPath
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            resourceFieldRef:
+                              description: |-
+                                Selects a resource of the container: only resources limits and requests
+                                (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
+                              properties:
+                                containerName:
+                                  description: 'Container name: required for volumes,
+                                    optional for env vars'
+                                  type: string
+                                divisor:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Specifies the output format of the
+                                    exposed resources, defaults to "1"
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                resource:
+                                  description: 'Required: resource to select'
+                                  type: string
+                              required:
+                              - resource
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secretKeyRef:
+                              description: Selects a key of a secret in the pod's
+                                namespace
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: |-
+                                    Name of the referent.
+                                    More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind, uid?
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  image:
+                    type: string
+                  securityContext:
+                    description: |-
+                      SecurityContext holds security configuration that will be applied to a container.
+                      Some fields are present in both SecurityContext and PodSecurityContext.  When both
+                      are set, the values in SecurityContext take precedence.
+                    properties:
+                      allowPrivilegeEscalation:
+                        description: |-
+                          AllowPrivilegeEscalation controls whether a process can gain more
+                          privileges than its parent process. This bool directly controls if
+                          the no_new_privs flag will be set on the container process.
+                          AllowPrivilegeEscalation is true always when the container is:
+                          1) run as Privileged
+                          2) has CAP_SYS_ADMIN
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      capabilities:
+                        description: |-
+                          The capabilities to add/drop when running containers.
+                          Defaults to the default set of capabilities granted by the container runtime.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          add:
+                            description: Added capabilities
+                            items:
+                              description: Capability represent POSIX capabilities
+                                type
+                              type: string
+                            type: array
+                          drop:
+                            description: Removed capabilities
+                            items:
+                              description: Capability represent POSIX capabilities
+                                type
+                              type: string
+                            type: array
+                        type: object
+                      privileged:
+                        description: |-
+                          Run container in privileged mode.
+                          Processes in privileged containers are essentially equivalent to root on the host.
+                          Defaults to false.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      procMount:
+                        description: |-
+                          procMount denotes the type of proc mount to use for the containers.
+                          The default is DefaultProcMount which uses the container runtime defaults for
+                          readonly paths and masked paths.
+                          This requires the ProcMountType feature flag to be enabled.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: string
+                      readOnlyRootFilesystem:
+                        description: |-
+                          Whether this container has a read-only root filesystem.
+                          Default is false.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      runAsGroup:
+                        description: |-
+                          The GID to run the entrypoint of the container process.
+                          Uses runtime default if unset.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        description: |-
+                          Indicates that the container must run as a non-root user.
+                          If true, the Kubelet will validate the image at runtime to ensure that it
+                          does not run as UID 0 (root) and fail to start the container if it does.
+                          If unset or false, no such validation will be performed.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                        type: boolean
+                      runAsUser:
+                        description: |-
+                          The UID to run the entrypoint of the container process.
+                          Defaults to user specified in image metadata if unspecified.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        format: int64
+                        type: integer
+                      seLinuxOptions:
+                        description: |-
+                          The SELinux context to be applied to the container.
+                          If unspecified, the container runtime will allocate a random SELinux context for each
+                          container.  May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          level:
+                            description: Level is SELinux level label that applies
+                              to the container.
+                            type: string
+                          role:
+                            description: Role is a SELinux role label that applies
+                              to the container.
+                            type: string
+                          type:
+                            description: Type is a SELinux type label that applies
+                              to the container.
+                            type: string
+                          user:
+                            description: User is a SELinux user label that applies
+                              to the container.
+                            type: string
+                        type: object
+                      seccompProfile:
+                        description: |-
+                          The seccomp options to use by this container. If seccomp options are
+                          provided at both the pod & container level, the container options
+                          override the pod options.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          localhostProfile:
+                            description: |-
+                              localhostProfile indicates a profile defined in a file on the node should be used.
+                              The profile must be preconfigured on the node to work.
+                              Must be a descending path, relative to the kubelet's configured seccomp profile location.
+                              Must be set if type is "Localhost". Must NOT be set for any other type.
+                            type: string
+                          type:
+                            description: |-
+                              type indicates which kind of seccomp profile will be applied.
+                              Valid options are:
+
+
+                              Localhost - a profile defined in a file on the node should be used.
+                              RuntimeDefault - the container runtime default profile should be used.
+                              Unconfined - no profile should be applied.
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      windowsOptions:
+                        description: |-
+                          The Windows specific settings applied to all containers.
+                          If unspecified, the options from the PodSecurityContext will be used.
+                          If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is linux.
+                        properties:
+                          gmsaCredentialSpec:
+                            description: |-
+                              GMSACredentialSpec is where the GMSA admission webhook
+                              (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
+                              GMSA credential spec named by the GMSACredentialSpecName field.
+                            type: string
+                          gmsaCredentialSpecName:
+                            description: GMSACredentialSpecName is the name of the
+                              GMSA credential spec to use.
+                            type: string
+                          hostProcess:
+                            description: |-
+                              HostProcess determines if a container should be run as a 'Host Process' container.
+                              All of a Pod's containers must have the same effective HostProcess value
+                              (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
+                              In addition, if HostProcess is true then HostNetwork must also be set to true.
+                            type: boolean
+                          runAsUserName:
+                            description: |-
+                              The UserName in Windows to run the entrypoint of the container process.
+                              Defaults to the user specified in image metadata if unspecified.
+                              May also be set in PodSecurityContext. If set in both SecurityContext and
+                              PodSecurityContext, the value specified in SecurityContext takes precedence.
+                            type: string
+                        type: object
+                    type: object
+                  volumes:
+                    items:
+                      properties:
+                        destination:
+                          type: string
+                        name:
+                          type: string
+                        source:
+                          type: string
+                      type: object
+                    type: array
+                type: object
+            type: object
+          status:
+            properties:
+              conditions:
+                description: Conditions describe the state of the managed OS version
+                  object.
+                items:
+                  description: "Condition contains details for one aspect of the current
+                    state of this API Resource.\n---\nThis struct is intended for
+                    direct use as an array at the field path .status.conditions.  For
+                    example,\n\n\n\ttype FooStatus struct{\n\t    // Represents the
+                    observations of a foo's current state.\n\t    // Known .status.conditions.type
+                    are: \"Available\", \"Progressing\", and \"Degraded\"\n\t    //
+                    +patchMergeKey=type\n\t    // +patchStrategy=merge\n\t    // +listType=map\n\t
+                    \   // +listMapKey=type\n\t    Conditions []metav1.Condition `json:\"conditions,omitempty\"
+                    patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
+                    \   // other fields\n\t}"
+                  properties:
+                    lastTransitionTime:
+                      description: |-
+                        lastTransitionTime is the last time the condition transitioned from one status to another.
+                        This should be when the underlying condition changed.  If that is not known, then using the time when the API field changed is acceptable.
+                      format: date-time
+                      type: string
+                    message:
+                      description: |-
+                        message is a human readable message indicating details about the transition.
+                        This may be an empty string.
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      description: |-
+                        observedGeneration represents the .metadata.generation that the condition was set based upon.
+                        For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+                        with respect to the current state of the instance.
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      description: |-
+                        reason contains a programmatic identifier indicating the reason for the condition's last transition.
+                        Producers of specific condition types may define expected values and meanings for this field,
+                        and whether the values are considered a guaranteed API.
+                        The value should be a CamelCase string.
+                        This field may not be empty.
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      description: status of the condition, one of True, False, Unknown.
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      description: |-
+                        type of condition in CamelCase or in foo.example.com/CamelCase.
+                        ---
+                        Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
+                        useful (see .node.status.conditions), the ability to deconflict is important.
+                        The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+              failedSynchronizationAttempts:
+                description: FailedSynchronizationAttempts counts the number of consecutive
+                  synchronization failures
+                type: integer
+              lastSyncedTime:
+                description: LastSyncedTime is the timestamp of the last synchronization
+                format: date-time
+                type: string
+              syncedGeneration:
+                description: SyncedGeneration tracks the spec generation of the last
+                  synchronization
+                format: int64
+                type: integer
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.14.0
+  labels:
+    cluster.x-k8s.io/provider: infrastructure-elemental
+    cluster.x-k8s.io/v1beta1: v1beta1
+    release-name: '{{ .Release.Name }}'
+  name: managedosversions.elemental.cattle.io
+spec:
+  group: elemental.cattle.io
+  names:
+    kind: ManagedOSVersion
+    listKind: ManagedOSVersionList
+    plural: managedosversions
+    singular: managedosversion
+  scope: Namespaced
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              metadata:
+                x-kubernetes-preserve-unknown-fields: true
+              minVersion:
+                type: string
+              type:
+                type: string
+              upgradeContainer:
+                description: ContainerSpec is a simplified container template.
+                properties:
+                  args:
+                    items:
+                      type: string
+                    type: array
+                  command:
+                    items:
+                      type: string
+                    type: array
+                  envFrom:
+                    items:
+                      description: EnvFromSource represents the source of a set of
+                        ConfigMaps
+                      properties:
+                        configMapRef:
+                          description: The ConfigMap to select from
+                          properties:
+                            name:
+                              description: |-
+                                Name of the referent.
+                                More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?
+                              type: string
+                            optional:
+                              description: Specify whether the ConfigMap must be defined
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        prefix:
+                          description: An optional identifier to prepend to each key
+                            in the ConfigMap. Must be a C_IDENTIFIER.
+                          type: string
+                        secretRef:
+                          description: The Secret to select from
+                          properties:
+                            name:
+                              description: |-
+                                Name of the referent.
+                                More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?
+                              type: string
+                            optional:
+                              description: Specify whether the Secret must be defined
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      type: object
+                    type: array
+                  envs:
+                    items:
+                      description: EnvVar represents an environment variable present
+                        in a Container.
+                      properties:
+                        name:
+                          description: Name of the environment variable. Must be a
+                            C_IDENTIFIER.
+                          type: string
+                        value:
+                          description: |-
+                            Variable references $(VAR_NAME) are expanded
+                            using the previously defined environment variables in the container and
+                            any service environment variables. If a variable cannot be resolved,
+                            the reference in the input string will be unchanged. Double $$ are reduced
+                            to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
+                            "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+                            Escaped references will never be expanded, regardless of whether the variable
+                            exists or not.
+                            Defaults to "".
+                          type: string
+                        valueFrom:
+                          description: Source for the environment variable's value.
+                            Cannot be used if value is not empty.
+                          properties:
+                            configMapKeyRef:
+                              description: Selects a key of a ConfigMap.
+                              properties:
+                                key:
+                                  description: The key to select.
+                                  type: string
+                                name:
+                                  description: |-
+                                    Name of the referent.
+                                    More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind, uid?
+                                  type: string
+                                optional:
+                                  description: Specify whether the ConfigMap or its
+                                    key must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            fieldRef:
+                              description: |-
+                                Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
+                                spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
+                              properties:
+                                apiVersion:
+                                  description: Version of the schema the FieldPath
+                                    is written in terms of, defaults to "v1".
+                                  type: string
+                                fieldPath:
+                                  description: Path of the field to select in the
+                                    specified API version.
+                                  type: string
+                              required:
+                              - fieldPath
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            resourceFieldRef:
+                              description: |-
+                                Selects a resource of the container: only resources limits and requests
+                                (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
+                              properties:
+                                containerName:
+                                  description: 'Container name: required for volumes,
+                                    optional for env vars'
+                                  type: string
+                                divisor:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Specifies the output format of the
+                                    exposed resources, defaults to "1"
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                resource:
+                                  description: 'Required: resource to select'
+                                  type: string
+                              required:
+                              - resource
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secretKeyRef:
+                              description: Selects a key of a secret in the pod's
+                                namespace
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: |-
+                                    Name of the referent.
+                                    More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind, uid?
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  image:
+                    type: string
+                  securityContext:
+                    description: |-
+                      SecurityContext holds security configuration that will be applied to a container.
+                      Some fields are present in both SecurityContext and PodSecurityContext.  When both
+                      are set, the values in SecurityContext take precedence.
+                    properties:
+                      allowPrivilegeEscalation:
+                        description: |-
+                          AllowPrivilegeEscalation controls whether a process can gain more
+                          privileges than its parent process. This bool directly controls if
+                          the no_new_privs flag will be set on the container process.
+                          AllowPrivilegeEscalation is true always when the container is:
+                          1) run as Privileged
+                          2) has CAP_SYS_ADMIN
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      capabilities:
+                        description: |-
+                          The capabilities to add/drop when running containers.
+                          Defaults to the default set of capabilities granted by the container runtime.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          add:
+                            description: Added capabilities
+                            items:
+                              description: Capability represent POSIX capabilities
+                                type
+                              type: string
+                            type: array
+                          drop:
+                            description: Removed capabilities
+                            items:
+                              description: Capability represent POSIX capabilities
+                                type
+                              type: string
+                            type: array
+                        type: object
+                      privileged:
+                        description: |-
+                          Run container in privileged mode.
+                          Processes in privileged containers are essentially equivalent to root on the host.
+                          Defaults to false.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      procMount:
+                        description: |-
+                          procMount denotes the type of proc mount to use for the containers.
+                          The default is DefaultProcMount which uses the container runtime defaults for
+                          readonly paths and masked paths.
+                          This requires the ProcMountType feature flag to be enabled.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: string
+                      readOnlyRootFilesystem:
+                        description: |-
+                          Whether this container has a read-only root filesystem.
+                          Default is false.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        type: boolean
+                      runAsGroup:
+                        description: |-
+                          The GID to run the entrypoint of the container process.
+                          Uses runtime default if unset.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        description: |-
+                          Indicates that the container must run as a non-root user.
+                          If true, the Kubelet will validate the image at runtime to ensure that it
+                          does not run as UID 0 (root) and fail to start the container if it does.
+                          If unset or false, no such validation will be performed.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                        type: boolean
+                      runAsUser:
+                        description: |-
+                          The UID to run the entrypoint of the container process.
+                          Defaults to user specified in image metadata if unspecified.
+                          May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        format: int64
+                        type: integer
+                      seLinuxOptions:
+                        description: |-
+                          The SELinux context to be applied to the container.
+                          If unspecified, the container runtime will allocate a random SELinux context for each
+                          container.  May also be set in PodSecurityContext.  If set in both SecurityContext and
+                          PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          level:
+                            description: Level is SELinux level label that applies
+                              to the container.
+                            type: string
+                          role:
+                            description: Role is a SELinux role label that applies
+                              to the container.
+                            type: string
+                          type:
+                            description: Type is a SELinux type label that applies
+                              to the container.
+                            type: string
+                          user:
+                            description: User is a SELinux user label that applies
+                              to the container.
+                            type: string
+                        type: object
+                      seccompProfile:
+                        description: |-
+                          The seccomp options to use by this container. If seccomp options are
+                          provided at both the pod & container level, the container options
+                          override the pod options.
+                          Note that this field cannot be set when spec.os.name is windows.
+                        properties:
+                          localhostProfile:
+                            description: |-
+                              localhostProfile indicates a profile defined in a file on the node should be used.
+                              The profile must be preconfigured on the node to work.
+                              Must be a descending path, relative to the kubelet's configured seccomp profile location.
+                              Must be set if type is "Localhost". Must NOT be set for any other type.
+                            type: string
+                          type:
+                            description: |-
+                              type indicates which kind of seccomp profile will be applied.
+                              Valid options are:
+
+
+                              Localhost - a profile defined in a file on the node should be used.
+                              RuntimeDefault - the container runtime default profile should be used.
+                              Unconfined - no profile should be applied.
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      windowsOptions:
+                        description: |-
+                          The Windows specific settings applied to all containers.
+                          If unspecified, the options from the PodSecurityContext will be used.
+                          If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+                          Note that this field cannot be set when spec.os.name is linux.
+                        properties:
+                          gmsaCredentialSpec:
+                            description: |-
+                              GMSACredentialSpec is where the GMSA admission webhook
+                              (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
+                              GMSA credential spec named by the GMSACredentialSpecName field.
+                            type: string
+                          gmsaCredentialSpecName:
+                            description: GMSACredentialSpecName is the name of the
+                              GMSA credential spec to use.
+                            type: string
+                          hostProcess:
+                            description: |-
+                              HostProcess determines if a container should be run as a 'Host Process' container.
+                              All of a Pod's containers must have the same effective HostProcess value
+                              (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).
+                              In addition, if HostProcess is true then HostNetwork must also be set to true.
+                            type: boolean
+                          runAsUserName:
+                            description: |-
+                              The UserName in Windows to run the entrypoint of the container process.
+                              Defaults to the user specified in image metadata if unspecified.
+                              May also be set in PodSecurityContext. If set in both SecurityContext and
+                              PodSecurityContext, the value specified in SecurityContext takes precedence.
+                            type: string
+                        type: object
+                    type: object
+                  volumes:
+                    items:
+                      properties:
+                        destination:
+                          type: string
+                        name:
+                          type: string
+                        source:
+                          type: string
+                      type: object
+                    type: array
+                type: object
+              version:
+                type: string
+            type: object
+          status:
+            properties:
+              conditions:
+                description: |-
+                  Conditions is a list of Wrangler conditions that describe the state
+                  of the bundle.
+                items:
+                  properties:
+                    lastTransitionTime:
+                      description: Last time the condition transitioned from one status
+                        to another.
+                      type: string
+                    lastUpdateTime:
+                      description: The last time this condition was updated.
+                      type: string
+                    message:
+                      description: Human-readable message indicating details about
+                        last transition
+                      type: string
+                    reason:
+                      description: The reason for the condition's last transition.
+                      type: string
+                    status:
+                      description: Status of the condition, one of True, False, Unknown.
+                      type: string
+                    type:
+                      description: Type of cluster condition.
+                      type: string
+                  required:
+                  - status
+                  - type
+                  type: object
+                type: array
+              display:
+                description: |-
+                  Display contains the number of ready, desiredready clusters and a
+                  summary state for the bundle's resources.
+                properties:
+                  readyClusters:
+                    description: |-
+                      ReadyClusters is a string in the form "%d/%d", that describes the
+                      number of clusters that are ready vs. the number of clusters desired
+                      to be ready.
+                    nullable: true
+                    type: string
+                  state:
+                    description: State is a summary state for the bundle, calculated
+                      over the non-ready resources.
+                    nullable: true
+                    type: string
+                type: object
+              maxNew:
+                description: |-
+                  MaxNew is always 50. A bundle change can only stage 50
+                  bundledeployments at a time.
+                type: integer
+              maxUnavailable:
+                description: |-
+                  MaxUnavailable is the maximum number of unavailable deployments. See
+                  rollout configuration.
+                type: integer
+              maxUnavailablePartitions:
+                description: |-
+                  MaxUnavailablePartitions is the maximum number of unavailable
+                  partitions. The rollout configuration defines a maximum number or
+                  percentage of unavailable partitions.
+                type: integer
+              newlyCreated:
+                description: |-
+                  NewlyCreated is the number of bundle deployments that have been created,
+                  not updated.
+                type: integer
+              observedGeneration:
+                description: ObservedGeneration is the current generation of the bundle.
+                format: int64
+                type: integer
+              partitions:
+                description: PartitionStatus lists the status of each partition.
+                items:
+                  description: PartitionStatus is the status of a single rollout partition.
+                  properties:
+                    count:
+                      description: Count is the number of clusters in the partition.
+                      type: integer
+                    maxUnavailable:
+                      description: MaxUnavailable is the maximum number of unavailable
+                        clusters in the partition.
+                      type: integer
+                    name:
+                      description: Name is the name of the partition.
+                      nullable: true
+                      type: string
+                    summary:
+                      description: Summary is a summary state for the partition, calculated
+                        over its non-ready resources.
+                      properties:
+                        desiredReady:
+                          description: |-
+                            DesiredReady is the number of bundle deployments that should be
+                            ready.
+                          type: integer
+                        errApplied:
+                          description: |-
+                            ErrApplied is the number of bundle deployments that have been synced
+                            from the Fleet controller and the downstream cluster, but with some
+                            errors when deploying the bundle.
+                          type: integer
+                        modified:
+                          description: |-
+                            Modified is the number of bundle deployments that have been deployed
+                            and for which all resources are ready, but where some changes from the
+                            Git repository have not yet been synced.
+                          type: integer
+                        nonReadyResources:
+                          description: |-
+                            NonReadyClusters is a list of states, which is filled for a bundle
+                            that is not ready.
+                          items:
+                            description: |-
+                              NonReadyResource contains information about a bundle that is not ready for a
+                              given state like "ErrApplied". It contains a list of non-ready or modified
+                              resources and their states.
+                            properties:
+                              bundleState:
+                                description: State is the state of the resource, like
+                                  e.g. "NotReady" or "ErrApplied".
+                                nullable: true
+                                type: string
+                              message:
+                                description: Message contains information why the
+                                  bundle is not ready.
+                                nullable: true
+                                type: string
+                              modifiedStatus:
+                                description: ModifiedStatus lists the state for each
+                                  modified resource.
+                                items:
+                                  description: |-
+                                    ModifiedStatus is used to report the status of a resource that is modified.
+                                    It indicates if the modification was a create, a delete or a patch.
+                                  properties:
+                                    apiVersion:
+                                      nullable: true
+                                      type: string
+                                    delete:
+                                      type: boolean
+                                    kind:
+                                      nullable: true
+                                      type: string
+                                    missing:
+                                      type: boolean
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    namespace:
+                                      nullable: true
+                                      type: string
+                                    patch:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                type: array
+                              name:
+                                description: Name is the name of the resource.
+                                nullable: true
+                                type: string
+                              nonReadyStatus:
+                                description: NonReadyStatus lists the state for each
+                                  non-ready resource.
+                                items:
+                                  description: NonReadyStatus is used to report the
+                                    status of a resource that is not ready. It includes
+                                    a summary.
+                                  properties:
+                                    apiVersion:
+                                      nullable: true
+                                      type: string
+                                    kind:
+                                      nullable: true
+                                      type: string
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    namespace:
+                                      nullable: true
+                                      type: string
+                                    summary:
+                                      properties:
+                                        error:
+                                          type: boolean
+                                        message:
+                                          items:
+                                            type: string
+                                          type: array
+                                        state:
+                                          type: string
+                                        transitioning:
+                                          type: boolean
+                                      type: object
+                                    uid:
+                                      description: |-
+                                        UID is a type that holds unique ID values, including UUIDs.  Because we
+                                        don't ONLY use UUIDs, this is an alias to string.  Being a type captures
+                                        intent and helps make sure that UIDs and names do not get conflated.
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                type: array
+                            type: object
+                          type: array
+                        notReady:
+                          description: |-
+                            NotReady is the number of bundle deployments that have been deployed
+                            where some resources are not ready.
+                          type: integer
+                        outOfSync:
+                          description: |-
+                            OutOfSync is the number of bundle deployments that have been synced
+                            from Fleet controller, but not yet by the downstream agent.
+                          type: integer
+                        pending:
+                          description: |-
+                            Pending is the number of bundle deployments that are being processed
+                            by Fleet controller.
+                          type: integer
+                        ready:
+                          description: |-
+                            Ready is the number of bundle deployments that have been deployed
+                            where all resources are ready.
+                          type: integer
+                        waitApplied:
+                          description: |-
+                            WaitApplied is the number of bundle deployments that have been
+                            synced from Fleet controller and downstream cluster, but are waiting
+                            to be deployed.
+                          type: integer
+                      type: object
+                    unavailable:
+                      description: Unavailable is the number of unavailable clusters
+                        in the partition.
+                      type: integer
+                  type: object
+                type: array
+              resourceKey:
+                description: |-
+                  ResourceKey lists resources, which will likely be deployed. The
+                  actual list of resources on a cluster might differ, depending on the
+                  helm chart, value templating, etc..
+                items:
+                  description: ResourceKey lists resources, which will likely be deployed.
+                  properties:
+                    apiVersion:
+                      description: APIVersion is the k8s api version of the resource.
+                      nullable: true
+                      type: string
+                    kind:
+                      description: Kind is the k8s api kind of the resource.
+                      nullable: true
+                      type: string
+                    name:
+                      description: Name is the name of the resource.
+                      nullable: true
+                      type: string
+                    namespace:
+                      description: Namespace is the namespace of the resource.
+                      nullable: true
+                      type: string
+                  type: object
+                type: array
+              resourcesSha256Sum:
+                description: ResourcesSHA256Sum corresponds to the JSON serialization
+                  of the .Spec.Resources field
+                type: string
+              summary:
+                description: |-
+                  Summary contains the number of bundle deployments in each state and
+                  a list of non-ready resources.
+                properties:
+                  desiredReady:
+                    description: |-
+                      DesiredReady is the number of bundle deployments that should be
+                      ready.
+                    type: integer
+                  errApplied:
+                    description: |-
+                      ErrApplied is the number of bundle deployments that have been synced
+                      from the Fleet controller and the downstream cluster, but with some
+                      errors when deploying the bundle.
+                    type: integer
+                  modified:
+                    description: |-
+                      Modified is the number of bundle deployments that have been deployed
+                      and for which all resources are ready, but where some changes from the
+                      Git repository have not yet been synced.
+                    type: integer
+                  nonReadyResources:
+                    description: |-
+                      NonReadyClusters is a list of states, which is filled for a bundle
+                      that is not ready.
+                    items:
+                      description: |-
+                        NonReadyResource contains information about a bundle that is not ready for a
+                        given state like "ErrApplied". It contains a list of non-ready or modified
+                        resources and their states.
+                      properties:
+                        bundleState:
+                          description: State is the state of the resource, like e.g.
+                            "NotReady" or "ErrApplied".
+                          nullable: true
+                          type: string
+                        message:
+                          description: Message contains information why the bundle
+                            is not ready.
+                          nullable: true
+                          type: string
+                        modifiedStatus:
+                          description: ModifiedStatus lists the state for each modified
+                            resource.
+                          items:
+                            description: |-
+                              ModifiedStatus is used to report the status of a resource that is modified.
+                              It indicates if the modification was a create, a delete or a patch.
+                            properties:
+                              apiVersion:
+                                nullable: true
+                                type: string
+                              delete:
+                                type: boolean
+                              kind:
+                                nullable: true
+                                type: string
+                              missing:
+                                type: boolean
+                              name:
+                                nullable: true
+                                type: string
+                              namespace:
+                                nullable: true
+                                type: string
+                              patch:
+                                nullable: true
+                                type: string
+                            type: object
+                          type: array
+                        name:
+                          description: Name is the name of the resource.
+                          nullable: true
+                          type: string
+                        nonReadyStatus:
+                          description: NonReadyStatus lists the state for each non-ready
+                            resource.
+                          items:
+                            description: NonReadyStatus is used to report the status
+                              of a resource that is not ready. It includes a summary.
+                            properties:
+                              apiVersion:
+                                nullable: true
+                                type: string
+                              kind:
+                                nullable: true
+                                type: string
+                              name:
+                                nullable: true
+                                type: string
+                              namespace:
+                                nullable: true
+                                type: string
+                              summary:
+                                properties:
+                                  error:
+                                    type: boolean
+                                  message:
+                                    items:
+                                      type: string
+                                    type: array
+                                  state:
+                                    type: string
+                                  transitioning:
+                                    type: boolean
+                                type: object
+                              uid:
+                                description: |-
+                                  UID is a type that holds unique ID values, including UUIDs.  Because we
+                                  don't ONLY use UUIDs, this is an alias to string.  Being a type captures
+                                  intent and helps make sure that UIDs and names do not get conflated.
+                                nullable: true
+                                type: string
+                            type: object
+                          type: array
+                      type: object
+                    type: array
+                  notReady:
+                    description: |-
+                      NotReady is the number of bundle deployments that have been deployed
+                      where some resources are not ready.
+                    type: integer
+                  outOfSync:
+                    description: |-
+                      OutOfSync is the number of bundle deployments that have been synced
+                      from Fleet controller, but not yet by the downstream agent.
+                    type: integer
+                  pending:
+                    description: |-
+                      Pending is the number of bundle deployments that are being processed
+                      by Fleet controller.
+                    type: integer
+                  ready:
+                    description: |-
+                      Ready is the number of bundle deployments that have been deployed
+                      where all resources are ready.
+                    type: integer
+                  waitApplied:
+                    description: |-
+                      WaitApplied is the number of bundle deployments that have been
+                      synced from Fleet controller and downstream cluster, but are waiting
+                      to be deployed.
+                    type: integer
+                type: object
+              unavailable:
+                description: |-
+                  Unavailable is the number of bundle deployments that are not ready or
+                  where the AppliedDeploymentID in the status does not match the
+                  DeploymentID from the spec.
+                type: integer
+              unavailablePartitions:
+                description: UnavailablePartitions is the number of unavailable partitions.
+                type: integer
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.14.0
+  labels:
+    cluster.x-k8s.io/provider: infrastructure-elemental
+    cluster.x-k8s.io/v1beta1: v1beta1
+    release-name: '{{ .Release.Name }}'
+  name: seedimages.elemental.cattle.io
+spec:
+  group: elemental.cattle.io
+  names:
+    kind: SeedImage
+    listKind: SeedImageList
+    plural: seedimages
+    singular: seedimage
+  scope: Namespaced
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              baseImage:
+                description: BaseImg the base elemental image used to build the seed
+                  image.
+                type: string
+              buildContainer:
+                description: |-
+                  BuildContainer settings for a custom container used to generate the
+                  downloadable image.
+                properties:
+                  args:
+                    description: Args same as corev1.Container.Args
+                    items:
+                      type: string
+                    type: array
+                  command:
+                    description: Command same as corev1.Container.Command
+                    items:
+                      type: string
+                    type: array
+                  image:
+                    description: Image container image to run
+                    type: string
+                  imagePullPolicy:
+                    description: Args same as corev1.Container.ImagePullPolicy
+                    type: string
+                  name:
+                    description: Name of the spawned container
+                    type: string
+                type: object
+              cleanupAfterMinutes:
+                default: 60
+                description: |-
+                  LifetimeMinutes the time at which the built seed image will be cleaned up.
+                  If when the lifetime elapses the built image is being downloaded, the active
+                  download will be completed before removing the built image.
+                  Default is 60 minutes, set to 0 to disable.
+                format: int32
+                type: integer
+              cloud-config:
+                description: CloudConfig contains cloud-config data to be put in the
+                  generated iso.
+                x-kubernetes-preserve-unknown-fields: true
+              registrationRef:
+                description: MachineRegistrationRef a reference to the related MachineRegistration.
+                properties:
+                  apiVersion:
+                    description: API version of the referent.
+                    type: string
+                  fieldPath:
+                    description: |-
+                      If referring to a piece of an object instead of an entire object, this string
+                      should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+                      For example, if the object reference is to a container within a pod, this would take on a value like:
+                      "spec.containers{name}" (where "name" refers to the name of the container that triggered
+                      the event) or if no container name is specified "spec.containers[2]" (container with
+                      index 2 in this pod). This syntax is chosen only to have some well-defined way of
+                      referencing a part of an object.
+                      TODO: this design is not final and this field is subject to change in the future.
+                    type: string
+                  kind:
+                    description: |-
+                      Kind of the referent.
+                      More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+                    type: string
+                  name:
+                    description: |-
+                      Name of the referent.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    type: string
+                  namespace:
+                    description: |-
+                      Namespace of the referent.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+                    type: string
+                  resourceVersion:
+                    description: |-
+                      Specific resourceVersion to which this reference is made, if any.
+                      More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+                    type: string
+                  uid:
+                    description: |-
+                      UID of the referent.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+                    type: string
+                type: object
+                x-kubernetes-map-type: atomic
+              retriggerBuild:
+                description: RetriggerBuild triggers to build again a cleaned up seed
+                  image.
+                type: boolean
+              size:
+                anyOf:
+                - type: integer
+                - type: string
+                default: 6442450944
+                description: |-
+                  Size specifies the size of the volume used to store the image.
+                  Defaults to 6Gi
+                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                x-kubernetes-int-or-string: true
+              targetPlatform:
+                description: 'Platform specifies the target platform for the built
+                  image. Example: linux/amd64'
+                example: linux/amd64
+                pattern: ^$|^\S+\/\S+$
+                type: string
+              type:
+                default: iso
+                description: |-
+                  Type specifies the type of seed image to built.
+                  Valid values are iso|raw
+                  Defaults to "iso"
+                enum:
+                - iso
+                - raw
+                type: string
+            required:
+            - registrationRef
+            - type
+            type: object
+          status:
+            properties:
+              conditions:
+                description: Conditions describe the state of the machine registration
+                  object.
+                items:
+                  description: "Condition contains details for one aspect of the current
+                    state of this API Resource.\n---\nThis struct is intended for
+                    direct use as an array at the field path .status.conditions.  For
+                    example,\n\n\n\ttype FooStatus struct{\n\t    // Represents the
+                    observations of a foo's current state.\n\t    // Known .status.conditions.type
+                    are: \"Available\", \"Progressing\", and \"Degraded\"\n\t    //
+                    +patchMergeKey=type\n\t    // +patchStrategy=merge\n\t    // +listType=map\n\t
+                    \   // +listMapKey=type\n\t    Conditions []metav1.Condition `json:\"conditions,omitempty\"
+                    patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
+                    \   // other fields\n\t}"
+                  properties:
+                    lastTransitionTime:
+                      description: |-
+                        lastTransitionTime is the last time the condition transitioned from one status to another.
+                        This should be when the underlying condition changed.  If that is not known, then using the time when the API field changed is acceptable.
+                      format: date-time
+                      type: string
+                    message:
+                      description: |-
+                        message is a human readable message indicating details about the transition.
+                        This may be an empty string.
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      description: |-
+                        observedGeneration represents the .metadata.generation that the condition was set based upon.
+                        For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+                        with respect to the current state of the instance.
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      description: |-
+                        reason contains a programmatic identifier indicating the reason for the condition's last transition.
+                        Producers of specific condition types may define expected values and meanings for this field,
+                        and whether the values are considered a guaranteed API.
+                        The value should be a CamelCase string.
+                        This field may not be empty.
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      description: status of the condition, one of True, False, Unknown.
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      description: |-
+                        type of condition in CamelCase or in foo.example.com/CamelCase.
+                        ---
+                        Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
+                        useful (see .node.status.conditions), the ability to deconflict is important.
+                        The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+              downloadToken:
+                description: DownloadToken a token to identify the seed image to download.
+                type: string
+              downloadURL:
+                description: DownloadURL the URL from which the SeedImage can be downloaded
+                  once built.
+                type: string
+              state:
+                description: State reflect the state of the seed image build process.
+                enum:
+                - Initialized
+                - Started
+                - Completed
+                - Failed
+                - NotStarted
+                type: string
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/elemental-crd/104.1.1+up1.5.4/templates/validate-no-pending-deletions.yaml b/charts/elemental-crd/104.1.1+up1.5.4/templates/validate-no-pending-deletions.yaml
new file mode 100644
index 000000000..bf9210716
--- /dev/null
+++ b/charts/elemental-crd/104.1.1+up1.5.4/templates/validate-no-pending-deletions.yaml
@@ -0,0 +1,6 @@
+{{- $inventoryCRD := lookup "apiextensions.k8s.io/v1" "CustomResourceDefinition" .Release.Namespace "machineinventories.elemental.cattle.io" -}}
+{{- if $inventoryCRD -}}
+  {{- if $inventoryCRD.metadata.deletionTimestamp -}}
+     {{- required "CRDs from previous installations are pending to be removed (deletionTimestamp is set). Fully deleting them before (re-)installing is required" "" -}}
+  {{- end -}}
+{{- end -}}
diff --git a/charts/elemental/104.1.1+up1.5.4/Chart.yaml b/charts/elemental/104.1.1+up1.5.4/Chart.yaml
new file mode 100644
index 000000000..6ed4a1b85
--- /dev/null
+++ b/charts/elemental/104.1.1+up1.5.4/Chart.yaml
@@ -0,0 +1,20 @@
+annotations:
+  catalog.cattle.io/auto-install: elemental-crd=match
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/display-name: Elemental
+  catalog.cattle.io/kube-version: '>= 1.23.0-0'
+  catalog.cattle.io/namespace: cattle-elemental-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux
+  catalog.cattle.io/provides-gvr: elemental.cattle.io/v1beta1
+  catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
+  catalog.cattle.io/release-name: elemental-operator
+  catalog.cattle.io/scope: management
+  catalog.cattle.io/type: cluster-tool
+  catalog.cattle.io/upstream-version: 1.5.4
+apiVersion: v2
+appVersion: 1.5.4
+description: Elemental provides Cloud Native OS Management for Cluster Nodes.
+icon: https://raw.githubusercontent.com/rancher/elemental/main/logo/icon-elemental.svg
+name: elemental
+version: 104.1.1+up1.5.4
diff --git a/charts/elemental/104.1.1+up1.5.4/README.md b/charts/elemental/104.1.1+up1.5.4/README.md
new file mode 100644
index 000000000..bf7b83ea6
--- /dev/null
+++ b/charts/elemental/104.1.1+up1.5.4/README.md
@@ -0,0 +1,5 @@
+# Elemental Operator Helm Chart
+
+This chart bootstraps an elemental-operator deployment on a [Rancher Manager](https://rancher.com/docs/rancher/) cluster using the [Helm](https://helm.sh) package manager.
+
+Check out the [Elemental Operator Helm Chart documentation](https://elemental.docs.rancher.com/elementaloperatorchart-reference/) in the official [Elemental guide](https://elemental.docs.rancher.com/).
diff --git a/charts/elemental/104.1.1+up1.5.4/app-readme.md b/charts/elemental/104.1.1+up1.5.4/app-readme.md
new file mode 100644
index 000000000..3d694ac5f
--- /dev/null
+++ b/charts/elemental/104.1.1+up1.5.4/app-readme.md
@@ -0,0 +1,5 @@
+# Elemental
+
+Elemental brings to Rancher the ability to install and manage the OS of bare metal and virtualized machines.
+
+For more information on how to deploy an Elemental Cluster, follow the [official documentation](https://elemental.docs.rancher.com/).
\ No newline at end of file
diff --git a/charts/elemental/104.1.1+up1.5.4/questions.yaml b/charts/elemental/104.1.1+up1.5.4/questions.yaml
new file mode 100644
index 000000000..15887b25c
--- /dev/null
+++ b/charts/elemental/104.1.1+up1.5.4/questions.yaml
@@ -0,0 +1,27 @@
+questions:
+- variable: channel.defaultChannel
+  default: "true"
+  description: "Provide an Elemental OS Channel container image"
+  label: Elemental OS Channel
+  type: boolean
+  show_subquestion_if: true
+  group: "Elemental OS Channel"
+  subquestions:
+  - variable: channel.image
+    default: "registry.suse.com/rancher/elemental-channel"
+    description: "Specify the Elemental OS channel: for air-gapped scenarios you need to provide your own OS channel image (see https://elemental.docs.rancher.com/airgap for detailed instructions)"
+    type: string
+    label: Elemental OS Channel Image
+    group: "Elemental OS Channel"
+  - variable: channel.tag
+    default: "1.5.4"
+    description: "Specify Elemental OS channel image tag"
+    type: string
+    label: "Elemental OS Channel Tag"
+    group: "Elemental OS Channel"
+- variable: debug
+  default: "false"
+  description: "Enable debug logging in the Elemental operator"
+  type: boolean
+  label: "Enable Debug Logging"
+  group: "Logging"
diff --git a/charts/elemental/104.1.1+up1.5.4/templates/_helpers.tpl b/charts/elemental/104.1.1+up1.5.4/templates/_helpers.tpl
new file mode 100644
index 000000000..ee1e6fe7d
--- /dev/null
+++ b/charts/elemental/104.1.1+up1.5.4/templates/_helpers.tpl
@@ -0,0 +1,17 @@
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "registry_url" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{ include "system_default_registry" . }}
+{{- else if .Values.registryUrl -}}
+{{- printf "%s/" .Values.registryUrl -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/elemental/104.1.1+up1.5.4/templates/apiservice.yaml b/charts/elemental/104.1.1+up1.5.4/templates/apiservice.yaml
new file mode 100644
index 000000000..73ae2e505
--- /dev/null
+++ b/charts/elemental/104.1.1+up1.5.4/templates/apiservice.yaml
@@ -0,0 +1,9 @@
+kind: APIService
+apiVersion: management.cattle.io/v3
+metadata:
+  name: {{ .Release.Name }}
+spec:
+  secretName: elemental-operator
+  secretNamespace: {{ .Release.Namespace }}
+  pathPrefixes:
+  - /elemental/
diff --git a/charts/elemental/104.1.1+up1.5.4/templates/capi_rbac.yaml b/charts/elemental/104.1.1+up1.5.4/templates/capi_rbac.yaml
new file mode 100644
index 000000000..8692f7526
--- /dev/null
+++ b/charts/elemental/104.1.1+up1.5.4/templates/capi_rbac.yaml
@@ -0,0 +1,10 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: elemental-capi-role
+  labels:
+    cluster.x-k8s.io/aggregate-to-manager: "true"
+rules:
+  - apiGroups: ["elemental.cattle.io"]
+    resources: ["*"]
+    verbs: ["*"]
diff --git a/charts/elemental/104.1.1+up1.5.4/templates/channel.yaml b/charts/elemental/104.1.1+up1.5.4/templates/channel.yaml
new file mode 100644
index 000000000..ccb6e4d3c
--- /dev/null
+++ b/charts/elemental/104.1.1+up1.5.4/templates/channel.yaml
@@ -0,0 +1,11 @@
+{{ if and .Values.channel .Values.channel.image .Values.channel.tag }}
+apiVersion: elemental.cattle.io/v1beta1
+kind: ManagedOSVersionChannel
+metadata:
+  name: elemental-channel
+  namespace: fleet-default
+spec:
+  options:
+    image: {{ .Values.channel.image }}:{{ .Values.channel.tag }}
+  type: custom
+{{ end }}
diff --git a/charts/elemental/104.1.1+up1.5.4/templates/cluster_role.yaml b/charts/elemental/104.1.1+up1.5.4/templates/cluster_role.yaml
new file mode 100644
index 000000000..f4a9528c1
--- /dev/null
+++ b/charts/elemental/104.1.1+up1.5.4/templates/cluster_role.yaml
@@ -0,0 +1,267 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: '{{ .Release.Name }}'
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - events
+  verbs:
+  - create
+  - patch
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - pods/log
+  verbs:
+  - get
+- apiGroups:
+  - ""
+  resources:
+  - pods/status
+  verbs:
+  - get
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - serviceaccounts
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - services
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - services/status
+  verbs:
+  - get
+- apiGroups:
+  - cluster.x-k8s.io
+  resources:
+  - machines
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - machineinventories
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - machineinventories/status
+  verbs:
+  - get
+  - patch
+  - update
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - machineinventoryselectors
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - machineinventoryselectors/status
+  verbs:
+  - get
+  - list
+  - patch
+  - update
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - machineregistrations
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - machineregistrations/status
+  verbs:
+  - get
+  - patch
+  - update
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - managedosimages
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - managedosimages/status
+  verbs:
+  - get
+  - list
+  - patch
+  - update
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - managedosversionchannels
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - managedosversionchannels/status
+  verbs:
+  - get
+  - list
+  - patch
+  - update
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - managedosversions
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - managedosversions/status
+  verbs:
+  - get
+  - patch
+  - update
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - seedimages
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - seedimages/status
+  verbs:
+  - get
+  - patch
+  - update
+- apiGroups:
+  - fleet.cattle.io
+  resources:
+  - bundles
+  verbs:
+  - create
+  - get
+  - list
+  - update
+  - watch
+- apiGroups:
+  - management.cattle.io
+  resources:
+  - settings
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - rbac.authorization.k8s.io
+  resources:
+  - rolebindings
+  - roles
+  verbs:
+  - create
+  - delete
+  - list
+  - watch
diff --git a/charts/elemental/104.1.1+up1.5.4/templates/cluster_role_binding.yaml b/charts/elemental/104.1.1+up1.5.4/templates/cluster_role_binding.yaml
new file mode 100644
index 000000000..e68c7bc96
--- /dev/null
+++ b/charts/elemental/104.1.1+up1.5.4/templates/cluster_role_binding.yaml
@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ .Release.Name }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ .Release.Name }}
+subjects:
+- kind: ServiceAccount
+  name: {{ .Release.Name }}
+  namespace: {{.Release.Namespace}}
+
diff --git a/charts/elemental/104.1.1+up1.5.4/templates/deployment.yaml b/charts/elemental/104.1.1+up1.5.4/templates/deployment.yaml
new file mode 100644
index 000000000..576d58d59
--- /dev/null
+++ b/charts/elemental/104.1.1+up1.5.4/templates/deployment.yaml
@@ -0,0 +1,50 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Release.Name }}
+spec:
+  replicas: {{ .Values.replicas }}
+  selector:
+    matchLabels:
+      app: elemental-operator
+  template:
+    metadata:
+      labels:
+        app: elemental-operator
+    spec:
+      containers:
+      - env:
+        - name: NO_PROXY
+          value: {{ .Values.noProxy }}
+        {{- if .Values.proxy }}
+        - name: HTTP_PROXY
+          value: {{ .Values.proxy }}
+        - name: HTTPS_PROXY
+          value: {{ .Values.proxy }}
+        {{- end }}
+        name: {{ .Release.Name }}
+        imagePullPolicy: "{{ .Values.image.imagePullPolicy }}"
+        image: {{ template "registry_url" . }}{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}
+        args:
+        - operator
+        {{- if .Values.debug }}
+        - --v=5
+        - --debug
+        {{- end }}
+        - --namespace
+        - {{ .Release.Namespace }}
+        - --operator-image
+        - {{ template "registry_url" . }}{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}
+        - --seedimage-image
+        - {{ template "registry_url" . }}{{ .Values.seedImage.repository }}:{{ .Values.seedImage.tag | default .Chart.AppVersion }}
+        - --seedimage-image-pullpolicy
+        - {{ .Values.seedImage.imagePullPolicy}}
+      serviceAccountName: {{ .Release.Name }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
diff --git a/charts/elemental/104.1.1+up1.5.4/templates/globalrole.yaml b/charts/elemental/104.1.1+up1.5.4/templates/globalrole.yaml
new file mode 100644
index 000000000..323cf2ead
--- /dev/null
+++ b/charts/elemental/104.1.1+up1.5.4/templates/globalrole.yaml
@@ -0,0 +1,16 @@
+apiVersion: management.cattle.io/v3
+builtin: false
+description: "Elemental Administrator Role"
+displayName: Elemental Administrator
+kind: GlobalRole
+metadata:
+  labels:
+    cattle.io/creator: norman
+  name: {{ .Release.Name }}
+rules:
+- apiGroups:
+  - elemental.cattle.io
+  resources:
+  - '*'
+  verbs:
+  - '*'
diff --git a/charts/elemental/104.1.1+up1.5.4/templates/serviceaccount.yaml b/charts/elemental/104.1.1+up1.5.4/templates/serviceaccount.yaml
new file mode 100644
index 000000000..cb203d6f6
--- /dev/null
+++ b/charts/elemental/104.1.1+up1.5.4/templates/serviceaccount.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Release.Name }}
diff --git a/charts/elemental/104.1.1+up1.5.4/templates/validate-install-crd.yaml b/charts/elemental/104.1.1+up1.5.4/templates/validate-install-crd.yaml
new file mode 100644
index 000000000..c5c4aded4
--- /dev/null
+++ b/charts/elemental/104.1.1+up1.5.4/templates/validate-install-crd.yaml
@@ -0,0 +1,25 @@
+{{ if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 }}
+  {{ $apis := dict
+    "elemental.cattle.io/v1beta1/MachineInventory" "machineinventories"
+    "elemental.cattle.io/v1beta1/MachineInventorySelector" "machineinventoryselectors"
+    "elemental.cattle.io/v1beta1/MachineInventorySelectorTemplate" "machineinventoryselectortemplates"
+    "elemental.cattle.io/v1beta1/MachineRegistration" "machineregistrations"
+    "elemental.cattle.io/v1beta1/ManagedOSImage" "managedosimages"
+    "elemental.cattle.io/v1beta1/ManagedOSVersionChannel" "managedosversionchannels"
+    "elemental.cattle.io/v1beta1/ManagedOSVersion" "managedosversions"
+    "elemental.cattle.io/v1beta1/SeedImage" "seedimages"
+  }}
+  {{- range $api, $crd := $apis -}}
+    {{- if not ($.Capabilities.APIVersions.Has $api) -}}
+      {{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
+    {{- end -}}
+    {{- $crdobj := lookup "apiextensions.k8s.io/v1" "CustomResourceDefinition" "" (print $crd ".elemental.cattle.io") -}}
+    {{- if not $crdobj -}}
+      {{- print "Cannot lookup " $crd ".elemental.cattle.io crd object" | fail -}}
+    {{- end -}}
+    {{- $crdrelease := index $crdobj.metadata.annotations "meta.helm.sh/release-name" -}}
+    {{- if eq $crdrelease $.Release.Name -}}
+      {{- required "Elemental CRDs should be moved to the new elemental-operator-crds chart before upgrading this operator." "" -}}
+    {{- end -}}
+  {{- end -}}
+{{- end -}}
diff --git a/charts/elemental/104.1.1+up1.5.4/values.yaml b/charts/elemental/104.1.1+up1.5.4/values.yaml
new file mode 100644
index 000000000..663cbf359
--- /dev/null
+++ b/charts/elemental/104.1.1+up1.5.4/values.yaml
@@ -0,0 +1,42 @@
+image:
+  empty: rancher/pause:3.1
+  repository: "rancher/mirrored-elemental-operator"
+  tag: "1.5.4"
+  imagePullPolicy: IfNotPresent
+
+seedImage:
+  repository: "rancher/mirrored-elemental-seedimage-builder"
+  tag: "1.5.4"
+  imagePullPolicy: IfNotPresent
+
+channel:
+  image: "registry.suse.com/rancher/elemental-channel"
+  tag: "1.5.4"
+
+# number of operator replicas to deploy
+replicas: 1
+
+# http[s] proxy server
+# proxy: http://<username>@<password>:<url>:<port>
+
+# comma separated list of domains or ip addresses that will not use the proxy
+noProxy: 127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.svc,.cluster.local
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+
+# used only if systemDefaultRegistry is empty
+registryUrl: ""
+
+# enable debug output for operator
+debug: false
+
+nodeSelector:
+  kubernetes.io/os: linux
+
+tolerations:
+  - key: cattle.io/os
+    operator: "Equal"
+    value: "linux"
+    effect: NoSchedule
diff --git a/index.yaml b/index.yaml
index ae3282d3d..71e02b74d 100755
--- a/index.yaml
+++ b/index.yaml
@@ -1,6 +1,30 @@
 apiVersion: v1
 entries:
   elemental:
+  - annotations:
+      catalog.cattle.io/auto-install: elemental-crd=match
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/display-name: Elemental
+      catalog.cattle.io/kube-version: '>= 1.23.0-0'
+      catalog.cattle.io/namespace: cattle-elemental-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux
+      catalog.cattle.io/provides-gvr: elemental.cattle.io/v1beta1
+      catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
+      catalog.cattle.io/release-name: elemental-operator
+      catalog.cattle.io/scope: management
+      catalog.cattle.io/type: cluster-tool
+      catalog.cattle.io/upstream-version: 1.5.4
+    apiVersion: v2
+    appVersion: 1.5.4
+    created: "2024-07-16T15:27:30.568221113+02:00"
+    description: Elemental provides Cloud Native OS Management for Cluster Nodes.
+    digest: 7be085248cee16a0063bbc71a6dbb944b64b3f4adb9562dc5c8ac7aec3ae9970
+    icon: https://raw.githubusercontent.com/rancher/elemental/main/logo/icon-elemental.svg
+    name: elemental
+    urls:
+    - assets/elemental/elemental-104.1.1+up1.5.4.tgz
+    version: 104.1.1+up1.5.4
   - annotations:
       catalog.cattle.io/auto-install: elemental-crd=match
       catalog.cattle.io/certified: rancher
@@ -146,6 +170,21 @@ entries:
     - assets/elemental/elemental-103.0.0+up1.3.4.tgz
     version: 103.0.0+up1.3.4
   elemental-crd:
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/namespace: cattle-elemental-system
+      catalog.cattle.io/release-name: elemental-operator-crds
+    apiVersion: v2
+    appVersion: 1.5.4
+    created: "2024-07-16T15:27:32.438822068+02:00"
+    description: A Helm chart for deploying Rancher Elemental Operator CRDs
+    digest: d0bd3df24e111267053b3f5270bb04e4ea1db59269f254bb4aaefb95bff51b60
+    name: elemental-crd
+    type: application
+    urls:
+    - assets/elemental-crd/elemental-crd-104.1.1+up1.5.4.tgz
+    version: 104.1.1+up1.5.4
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
diff --git a/packages/elemental/elemental-crd/generated-changes/patch/Chart.yaml.patch b/packages/elemental/elemental-crd/generated-changes/patch/Chart.yaml.patch
index 743451f54..852eeebac 100644
--- a/packages/elemental/elemental-crd/generated-changes/patch/Chart.yaml.patch
+++ b/packages/elemental/elemental-crd/generated-changes/patch/Chart.yaml.patch
@@ -2,9 +2,9 @@
 +++ charts/Chart.yaml
 @@ -6,5 +6,6 @@
  apiVersion: v2
- appVersion: 1.5.3
+ appVersion: 1.5.4
  description: A Helm chart for deploying Rancher Elemental Operator CRDs
 -name: elemental-operator-crds
 +name: elemental-crd
 +type: application
- version: 1.5.3
+ version: 1.5.4
diff --git a/packages/elemental/elemental-crd/package.yaml b/packages/elemental/elemental-crd/package.yaml
index 0a11480cc..fbfaab447 100644
--- a/packages/elemental/elemental-crd/package.yaml
+++ b/packages/elemental/elemental-crd/package.yaml
@@ -1,2 +1,2 @@
-url: oci://registry.suse.com/rancher/elemental-operator-crds-chart:1.5.3
-version: 104.1.0
+url: oci://registry.suse.com/rancher/elemental-operator-crds-chart:1.5.4
+version: 104.1.1
diff --git a/packages/elemental/elemental/generated-changes/patch/Chart.yaml.patch b/packages/elemental/elemental/generated-changes/patch/Chart.yaml.patch
index 20884a404..2ec38b401 100644
--- a/packages/elemental/elemental/generated-changes/patch/Chart.yaml.patch
+++ b/packages/elemental/elemental/generated-changes/patch/Chart.yaml.patch
@@ -17,11 +17,11 @@
    catalog.cattle.io/scope: management
    catalog.cattle.io/type: cluster-tool
 -  catalog.cattle.io/upstream-version: '%VERSION'
-+  catalog.cattle.io/upstream-version: 1.5.3
++  catalog.cattle.io/upstream-version: 1.5.4
  apiVersion: v2
- appVersion: 1.5.3
+ appVersion: 1.5.4
  description: Elemental provides Cloud Native OS Management for Cluster Nodes.
  icon: https://raw.githubusercontent.com/rancher/elemental/main/logo/icon-elemental.svg
 -name: elemental-operator
 +name: elemental
- version: 1.5.3
+ version: 1.5.4
diff --git a/packages/elemental/elemental/generated-changes/patch/questions.yaml.patch b/packages/elemental/elemental/generated-changes/patch/questions.yaml.patch
index fb6592d68..ebf8bf1e4 100644
--- a/packages/elemental/elemental/generated-changes/patch/questions.yaml.patch
+++ b/packages/elemental/elemental/generated-changes/patch/questions.yaml.patch
@@ -12,7 +12,7 @@
      group: "Elemental OS Channel"
    - variable: channel.tag
 -    default: "%VERSION%"
-+    default: "1.5.3"
++    default: "1.5.4"
      description: "Specify Elemental OS channel image tag"
      type: string
      label: "Elemental OS Channel Tag"
diff --git a/packages/elemental/elemental/generated-changes/patch/values.yaml.patch b/packages/elemental/elemental/generated-changes/patch/values.yaml.patch
index b5d063f58..18bbbb376 100644
--- a/packages/elemental/elemental/generated-changes/patch/values.yaml.patch
+++ b/packages/elemental/elemental/generated-changes/patch/values.yaml.patch
@@ -5,13 +5,13 @@
    empty: rancher/pause:3.1
 -  repository: "rancher/elemental-operator"
 +  repository: "rancher/mirrored-elemental-operator"
-   tag: "1.5.3"
+   tag: "1.5.4"
    imagePullPolicy: IfNotPresent
  
  seedImage:
 -  repository: "rancher/seedimage-builder"
 +  repository: "rancher/mirrored-elemental-seedimage-builder"
-   tag: "1.5.3"
+   tag: "1.5.4"
    imagePullPolicy: IfNotPresent
  
 @@ -27,7 +27,7 @@
diff --git a/packages/elemental/elemental/package.yaml b/packages/elemental/elemental/package.yaml
index 91c645745..e167f5874 100644
--- a/packages/elemental/elemental/package.yaml
+++ b/packages/elemental/elemental/package.yaml
@@ -1,2 +1,2 @@
-url: oci://registry.suse.com/rancher/elemental-operator-chart:1.5.3
-version: 104.1.0
+url: oci://registry.suse.com/rancher/elemental-operator-chart:1.5.4
+version: 104.1.1
diff --git a/release.yaml b/release.yaml
index a0048a2af..8231819f4 100644
--- a/release.yaml
+++ b/release.yaml
@@ -4,12 +4,14 @@ elemental:
   - 103.2.0+up1.4.3
   - 103.3.0+up1.5.3
   - 104.1.0+up1.5.3
+  - 104.1.1+up1.5.4
 elemental-crd:
   - 103.1.0+up1.4.2
   - 104.0.0+up1.4.3
   - 103.2.0+up1.4.3
   - 103.3.0+up1.5.3
   - 104.1.0+up1.5.3
+  - 104.1.1+up1.5.4
 fleet:
   - 102.2.2+up0.8.2
   - 102.2.3+up0.8.3