diff --git a/website/404.html b/website/404.html index 69f2702d7..33f40c50e 100644 --- a/website/404.html +++ b/website/404.html @@ -10,7 +10,7 @@ - + diff --git a/website/assets/js/f5fbf028.47f8488f.js b/website/assets/js/f5fbf028.47f8488f.js deleted file mode 100644 index df13d5290..000000000 --- a/website/assets/js/f5fbf028.47f8488f.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkwebsite=self.webpackChunkwebsite||[]).push([[3741],{2915:(e,n,a)=>{a.r(n),a.d(n,{assets:()=>r,contentTitle:()=>i,default:()=>u,frontMatter:()=>o,metadata:()=>l,toc:()=>c});var s=a(5893),t=a(1151);const o={id:"disallowanonymous",title:"Disallow Anonymous Access"},i="Disallow Anonymous Access",l={id:"validation/disallowanonymous",title:"Disallow Anonymous Access",description:"Description",source:"@site/docs/validation/disallowanonymous.md",sourceDirName:"validation",slug:"/validation/disallowanonymous",permalink:"/gatekeeper-library/website/validation/disallowanonymous",draft:!1,unlisted:!1,editUrl:"https://github.com/open-policy-agent/gatekeeper-library/edit/master/website/docs/validation/disallowanonymous.md",tags:[],version:"current",frontMatter:{id:"disallowanonymous",title:"Disallow Anonymous Access"},sidebar:"docs",previous:{title:"Required Resources",permalink:"/gatekeeper-library/website/validation/containerresources"},next:{title:"Disallowed Repositories",permalink:"/gatekeeper-library/website/validation/disallowedrepos"}},r={},c=[{value:"Description",id:"description",level:2},{value:"Template",id:"template",level:2},{value:"Usage",id:"usage",level:3},{value:"Examples",id:"examples",level:2}];function d(e){const n={code:"code",h1:"h1",h2:"h2",h3:"h3",p:"p",pre:"pre",...(0,t.a)(),...e.components},{Details:a}=n;return a||function(e,n){throw new Error("Expected "+(n?"component":"object")+" `"+e+"` to be defined: you likely forgot to import, pass, or provide it.")}("Details",!0),(0,s.jsxs)(s.Fragment,{children:[(0,s.jsx)(n.h1,{id:"disallow-anonymous-access",children:"Disallow Anonymous Access"}),"\n",(0,s.jsx)(n.h2,{id:"description",children:"Description"}),"\n",(0,s.jsxs)(n.p,{children:["Disallows associating ClusterRole and Role resources to the system",":anonymous"," user and system",":unauthenticated"," group."]}),"\n",(0,s.jsx)(n.h2,{id:"template",children:"Template"}),"\n",(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-yaml",children:'apiVersion: templates.gatekeeper.sh/v1\nkind: ConstraintTemplate\nmetadata:\n name: k8sdisallowanonymous\n annotations:\n metadata.gatekeeper.sh/title: "Disallow Anonymous Access"\n metadata.gatekeeper.sh/version: 1.0.1\n description: Disallows associating ClusterRole and Role resources to the system:anonymous user and system:unauthenticated group.\nspec:\n crd:\n spec:\n names:\n kind: K8sDisallowAnonymous\n validation:\n # Schema for the `parameters` field\n openAPIV3Schema:\n type: object\n properties:\n allowedRoles:\n description: >-\n The list of ClusterRoles and Roles that may be associated\n with the `system:unauthenticated` group and `system:anonymous`\n user.\n type: array\n items:\n type: string\n targets:\n - target: admission.k8s.gatekeeper.sh\n rego: |\n package k8sdisallowanonymous\n\n violation[{"msg": msg}] {\n not is_allowed(input.review.object.roleRef, object.get(input, ["parameters", "allowedRoles"], []))\n review(input.review.object.subjects[_])\n msg := sprintf("Unauthenticated user reference is not allowed in %v %v ", [input.review.object.kind, input.review.object.metadata.name])\n }\n\n is_allowed(role, allowedRoles) {\n role.name == allowedRoles[_]\n }\n\n review(subject) = true {\n subject.name == "system:unauthenticated"\n }\n\n review(subject) = true {\n subject.name == "system:anonymous"\n }\n\n'})}),"\n",(0,s.jsx)(n.h3,{id:"usage",children:"Usage"}),"\n",(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-shell",children:"kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/disallowanonymous/template.yaml\n"})}),"\n",(0,s.jsx)(n.h2,{id:"examples",children:"Examples"}),"\n",(0,s.jsxs)(a,{children:[(0,s.jsx)("summary",{children:"disallow-anonymous"}),(0,s.jsxs)(a,{children:[(0,s.jsx)("summary",{children:"constraint"}),(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-yaml",children:'apiVersion: constraints.gatekeeper.sh/v1beta1\nkind: K8sDisallowAnonymous\nmetadata:\n name: no-anonymous\nspec:\n match:\n kinds:\n - apiGroups: ["rbac.authorization.k8s.io"]\n kinds: ["ClusterRoleBinding"]\n - apiGroups: ["rbac.authorization.k8s.io"]\n kinds: ["RoleBinding"]\n parameters:\n allowedRoles: \n - cluster-role-1\n\n'})}),(0,s.jsx)(n.p,{children:"Usage"}),(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-shell",children:"kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/disallowanonymous/samples/no-anonymous-bindings/constraint.yaml\n"})})]}),(0,s.jsxs)(a,{children:[(0,s.jsx)("summary",{children:"example-allowed"}),(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-yaml",children:"apiVersion: rbac.authorization.k8s.io/v1\nkind: ClusterRoleBinding\nmetadata:\n name: cluster-role-binding-1\nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: ClusterRole\n name: cluster-role-1\nsubjects:\n- apiGroup: rbac.authorization.k8s.io\n kind: Group\n name: system:authenticated\n- apiGroup: rbac.authorization.k8s.io\n kind: Group\n name: system:unauthenticated\n\n"})}),(0,s.jsx)(n.p,{children:"Usage"}),(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-shell",children:"kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/disallowanonymous/samples/no-anonymous-bindings/example_allowed.yaml\n"})})]}),(0,s.jsxs)(a,{children:[(0,s.jsx)("summary",{children:"example-disallowed"}),(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-yaml",children:"apiVersion: rbac.authorization.k8s.io/v1\nkind: ClusterRoleBinding\nmetadata:\n name: cluster-role-binding-2\nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: ClusterRole\n name: cluster-role-2\nsubjects:\n- apiGroup: rbac.authorization.k8s.io\n kind: Group\n name: system:authenticated\n- apiGroup: rbac.authorization.k8s.io\n kind: Group\n name: system:unauthenticated\n\n"})}),(0,s.jsx)(n.p,{children:"Usage"}),(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-shell",children:"kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/disallowanonymous/samples/no-anonymous-bindings/example_disallowed.yaml\n"})})]})]})]})}function u(e={}){const{wrapper:n}={...(0,t.a)(),...e.components};return n?(0,s.jsx)(n,{...e,children:(0,s.jsx)(d,{...e})}):d(e)}},1151:(e,n,a)=>{a.d(n,{Z:()=>l,a:()=>i});var s=a(7294);const t={},o=s.createContext(t);function i(e){const n=s.useContext(o);return s.useMemo((function(){return"function"==typeof e?e(n):{...n,...e}}),[n,e])}function l(e){let n;return n=e.disableParentContext?"function"==typeof e.components?e.components(t):e.components||t:i(e.components),s.createElement(o.Provider,{value:n},e.children)}}}]); \ No newline at end of file diff --git a/website/assets/js/f5fbf028.7be71919.js b/website/assets/js/f5fbf028.7be71919.js new file mode 100644 index 000000000..b95f67cc7 --- /dev/null +++ b/website/assets/js/f5fbf028.7be71919.js @@ -0,0 +1 @@ +"use strict";(self.webpackChunkwebsite=self.webpackChunkwebsite||[]).push([[3741],{2915:(e,n,a)=>{a.r(n),a.d(n,{assets:()=>r,contentTitle:()=>i,default:()=>u,frontMatter:()=>o,metadata:()=>l,toc:()=>c});var s=a(5893),t=a(1151);const o={id:"disallowanonymous",title:"Disallow Anonymous Access"},i="Disallow Anonymous Access",l={id:"validation/disallowanonymous",title:"Disallow Anonymous Access",description:"Description",source:"@site/docs/validation/disallowanonymous.md",sourceDirName:"validation",slug:"/validation/disallowanonymous",permalink:"/gatekeeper-library/website/validation/disallowanonymous",draft:!1,unlisted:!1,editUrl:"https://github.com/open-policy-agent/gatekeeper-library/edit/master/website/docs/validation/disallowanonymous.md",tags:[],version:"current",frontMatter:{id:"disallowanonymous",title:"Disallow Anonymous Access"},sidebar:"docs",previous:{title:"Required Resources",permalink:"/gatekeeper-library/website/validation/containerresources"},next:{title:"Disallowed Repositories",permalink:"/gatekeeper-library/website/validation/disallowedrepos"}},r={},c=[{value:"Description",id:"description",level:2},{value:"Template",id:"template",level:2},{value:"Usage",id:"usage",level:3},{value:"Examples",id:"examples",level:2}];function d(e){const n={code:"code",h1:"h1",h2:"h2",h3:"h3",p:"p",pre:"pre",...(0,t.a)(),...e.components},{Details:a}=n;return a||function(e,n){throw new Error("Expected "+(n?"component":"object")+" `"+e+"` to be defined: you likely forgot to import, pass, or provide it.")}("Details",!0),(0,s.jsxs)(s.Fragment,{children:[(0,s.jsx)(n.h1,{id:"disallow-anonymous-access",children:"Disallow Anonymous Access"}),"\n",(0,s.jsx)(n.h2,{id:"description",children:"Description"}),"\n",(0,s.jsxs)(n.p,{children:["Disallows associating ClusterRole and Role resources to the system",":anonymous"," user and system",":unauthenticated"," group."]}),"\n",(0,s.jsx)(n.h2,{id:"template",children:"Template"}),"\n",(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-yaml",children:'apiVersion: templates.gatekeeper.sh/v1\nkind: ConstraintTemplate\nmetadata:\n name: k8sdisallowanonymous\n annotations:\n metadata.gatekeeper.sh/title: "Disallow Anonymous Access"\n metadata.gatekeeper.sh/version: 1.1.0\n description: Disallows associating ClusterRole and Role resources to the system:anonymous user and system:unauthenticated group.\nspec:\n crd:\n spec:\n names:\n kind: K8sDisallowAnonymous\n validation:\n # Schema for the `parameters` field\n openAPIV3Schema:\n type: object\n properties:\n allowedRoles:\n description: >-\n The list of ClusterRoles and Roles that may be associated\n with the `system:unauthenticated` group and `system:anonymous`\n user.\n type: array\n items:\n type: string\n disallowAuthenticated:\n description: >-\n A boolean indicating whether `system:authenticated` should also\n be disallowed by this policy.\n type: boolean\n default: false\n targets:\n - target: admission.k8s.gatekeeper.sh\n rego: |\n package k8sdisallowanonymous\n\n violation[{"msg": msg}] {\n not is_allowed(input.review.object.roleRef, object.get(input, ["parameters", "allowedRoles"], []))\n\n group := ["system:unauthenticated", "system:anonymous"][_]\n subject_is(input.review.object.subjects[_], group)\n\n msg := message(group)\n }\n\n violation[{"msg": msg}] {\n not is_allowed(input.review.object.roleRef, object.get(input, ["parameters", "allowedRoles"], []))\n\n object.get(input, ["parameters", "disallowAuthenticated"], false)\n\n group := "system:authenticated"\n subject_is(input.review.object.subjects[_], group)\n\n msg := message(group)\n }\n\n is_allowed(role, allowedRoles) {\n role.name == allowedRoles[_]\n }\n\n subject_is(subject, expected) {\n subject.name == expected\n }\n\n message(name) := val {\n val := sprintf("%v is not allowed as a subject name in %v %v", [name, input.review.object.kind, input.review.object.metadata.name])\n }\n\n'})}),"\n",(0,s.jsx)(n.h3,{id:"usage",children:"Usage"}),"\n",(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-shell",children:"kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/disallowanonymous/template.yaml\n"})}),"\n",(0,s.jsx)(n.h2,{id:"examples",children:"Examples"}),"\n",(0,s.jsxs)(a,{children:[(0,s.jsx)("summary",{children:"disallow-anonymous"}),(0,s.jsxs)(a,{children:[(0,s.jsx)("summary",{children:"constraint"}),(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-yaml",children:'apiVersion: constraints.gatekeeper.sh/v1beta1\nkind: K8sDisallowAnonymous\nmetadata:\n name: no-anonymous\nspec:\n match:\n kinds:\n - apiGroups: ["rbac.authorization.k8s.io"]\n kinds: ["ClusterRoleBinding"]\n - apiGroups: ["rbac.authorization.k8s.io"]\n kinds: ["RoleBinding"]\n parameters:\n allowedRoles: \n - cluster-role-1\n\n'})}),(0,s.jsx)(n.p,{children:"Usage"}),(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-shell",children:"kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/disallowanonymous/samples/no-anonymous-bindings/constraint.yaml\n"})})]}),(0,s.jsxs)(a,{children:[(0,s.jsx)("summary",{children:"example-allowed"}),(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-yaml",children:"apiVersion: rbac.authorization.k8s.io/v1\nkind: ClusterRoleBinding\nmetadata:\n name: cluster-role-binding-1\nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: ClusterRole\n name: cluster-role-1\nsubjects:\n- apiGroup: rbac.authorization.k8s.io\n kind: Group\n name: system:authenticated\n- apiGroup: rbac.authorization.k8s.io\n kind: Group\n name: system:unauthenticated\n\n"})}),(0,s.jsx)(n.p,{children:"Usage"}),(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-shell",children:"kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/disallowanonymous/samples/no-anonymous-bindings/example_allowed.yaml\n"})})]}),(0,s.jsxs)(a,{children:[(0,s.jsx)("summary",{children:"example-disallowed"}),(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-yaml",children:"apiVersion: rbac.authorization.k8s.io/v1\nkind: ClusterRoleBinding\nmetadata:\n name: cluster-role-binding-2\nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: ClusterRole\n name: cluster-role-2\nsubjects:\n- apiGroup: rbac.authorization.k8s.io\n kind: Group\n name: system:authenticated\n- apiGroup: rbac.authorization.k8s.io\n kind: Group\n name: system:unauthenticated\n- apiGroup: rbac.authorization.k8s.io\n kind: Group\n name: system:anonymous\n\n"})}),(0,s.jsx)(n.p,{children:"Usage"}),(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-shell",children:"kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/disallowanonymous/samples/no-anonymous-bindings/example_disallowed.yaml\n"})})]})]}),"\n",(0,s.jsxs)(a,{children:[(0,s.jsx)("summary",{children:"disallow-authenticated"}),(0,s.jsxs)(a,{children:[(0,s.jsx)("summary",{children:"constraint"}),(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-yaml",children:'apiVersion: constraints.gatekeeper.sh/v1beta1\nkind: K8sDisallowAnonymous\nmetadata:\n name: no-anonymous\nspec:\n match:\n kinds:\n - apiGroups: ["rbac.authorization.k8s.io"]\n kinds: ["ClusterRoleBinding"]\n - apiGroups: ["rbac.authorization.k8s.io"]\n kinds: ["RoleBinding"]\n parameters:\n disallowAuthenticated: true\n\n'})}),(0,s.jsx)(n.p,{children:"Usage"}),(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-shell",children:"kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/disallowanonymous/samples/no-authenticated/constraint.yaml\n"})})]}),(0,s.jsxs)(a,{children:[(0,s.jsx)("summary",{children:"authenticated-disallowed-with-parameter-true"}),(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-yaml",children:"apiVersion: rbac.authorization.k8s.io/v1\nkind: ClusterRoleBinding\nmetadata:\n name: cluster-role-binding-2\nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: ClusterRole\n name: cluster-role-2\nsubjects:\n- apiGroup: rbac.authorization.k8s.io\n kind: Group\n name: system:authenticated\n- apiGroup: rbac.authorization.k8s.io\n kind: Group\n name: system:unauthenticated\n- apiGroup: rbac.authorization.k8s.io\n kind: Group\n name: system:anonymous\n\n"})}),(0,s.jsx)(n.p,{children:"Usage"}),(0,s.jsx)(n.pre,{children:(0,s.jsx)(n.code,{className:"language-shell",children:"kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/disallowanonymous/samples/no-anonymous-bindings/example_disallowed.yaml\n"})})]})]})]})}function u(e={}){const{wrapper:n}={...(0,t.a)(),...e.components};return n?(0,s.jsx)(n,{...e,children:(0,s.jsx)(d,{...e})}):d(e)}},1151:(e,n,a)=>{a.d(n,{Z:()=>l,a:()=>i});var s=a(7294);const t={},o=s.createContext(t);function i(e){const n=s.useContext(o);return s.useMemo((function(){return"function"==typeof e?e(n):{...n,...e}}),[n,e])}function l(e){let n;return n=e.disableParentContext?"function"==typeof e.components?e.components(t):e.components||t:i(e.components),s.createElement(o.Provider,{value:n},e.children)}}}]); \ No newline at end of file diff --git a/website/assets/js/runtime~main.fc034cc6.js b/website/assets/js/runtime~main.e9b09206.js similarity index 97% rename from website/assets/js/runtime~main.fc034cc6.js rename to website/assets/js/runtime~main.e9b09206.js index 2c1641fcb..095611c0e 100644 --- a/website/assets/js/runtime~main.fc034cc6.js +++ b/website/assets/js/runtime~main.e9b09206.js @@ -1 +1 @@ -(()=>{"use strict";var e,a,c,d,t,r={},f={};function b(e){var a=f[e];if(void 0!==a)return a.exports;var c=f[e]={id:e,loaded:!1,exports:{}};return r[e].call(c.exports,c,c.exports,b),c.loaded=!0,c.exports}b.m=r,b.c=f,e=[],b.O=(a,c,d,t)=>{if(!c){var r=1/0;for(i=0;i=t)&&Object.keys(b.O).every((e=>b.O[e](c[o])))?c.splice(o--,1):(f=!1,t0&&e[i-1][2]>t;i--)e[i]=e[i-1];e[i]=[c,d,t]},b.n=e=>{var a=e&&e.__esModule?()=>e.default:()=>e;return b.d(a,{a:a}),a},c=Object.getPrototypeOf?e=>Object.getPrototypeOf(e):e=>e.__proto__,b.t=function(e,d){if(1&d&&(e=this(e)),8&d)return e;if("object"==typeof e&&e){if(4&d&&e.__esModule)return e;if(16&d&&"function"==typeof e.then)return e}var t=Object.create(null);b.r(t);var r={};a=a||[null,c({}),c([]),c(c)];for(var f=2&d&&e;"object"==typeof f&&!~a.indexOf(f);f=c(f))Object.getOwnPropertyNames(f).forEach((a=>r[a]=()=>e[a]));return r.default=()=>e,b.d(t,r),t},b.d=(e,a)=>{for(var c in a)b.o(a,c)&&!b.o(e,c)&&Object.defineProperty(e,c,{enumerable:!0,get:a[c]})},b.f={},b.e=e=>Promise.all(Object.keys(b.f).reduce(((a,c)=>(b.f[c](e,a),a)),[])),b.u=e=>"assets/js/"+({53:"935f2afb",69:"059073b3",214:"61298cc8",266:"a626ceec",273:"b4799182",289:"ab8c744e",459:"611c77b5",1021:"f01c4a09",1094:"74e10ba6",1263:"6bbbbc97",1383:"330e5e62",1459:"a2130fc2",1484:"4a273407",1880:"318f4b2b",1922:"a54020da",2044:"bd7f9487",2327:"800c1403",2570:"5b4ca663",3050:"2461ad02",3113:"ff130930",3118:"992c5be4",3141:"ab525c33",3142:"dc411dd3",3589:"cde0e7e3",3733:"11f39a2f",3741:"f5fbf028",3790:"d48e9a38",3828:"86369c27",4059:"56357698",4129:"3faa71d4",4368:"a94703ab",4381:"ac15eb1d",4659:"27378163",4825:"c81f6b5a",5444:"3448e3c1",5568:"16654c41",5842:"619c8fd2",6472:"8cfa593c",6626:"eb8009f2",6796:"6406880e",6942:"cdfdc496",6950:"3aadb5f1",7014:"b2dd0056",7108:"0090e13a",7511:"212d14e7",7744:"1f48d90f",7918:"17896441",7920:"1a4e3797",8090:"0bc8830e",8164:"33ab50e4",8303:"ee99e688",8467:"87772db6",8510:"c3ccd8cd",8518:"a7bd4aaa",8587:"23dd7564",8626:"ed579555",9053:"25698ad3",9361:"54db8573",9661:"5e95c892",9671:"0e384e19",9910:"edbd0621"}[e]||e)+"."+{53:"198027f6",69:"00169746",214:"f7db448c",266:"f6037b29",273:"366c17bf",289:"0af77619",459:"c1ecfc36",1021:"0bd27114",1094:"2ae764a1",1263:"f85e776c",1383:"69975a4b",1426:"c23d7627",1459:"a0a69242",1484:"bcc68fe5",1772:"61f6592f",1880:"8920e162",1922:"97815500",2044:"802eb5aa",2327:"9bc7dd5a",2570:"62e3a572",3050:"283d24a9",3113:"c1d9131d",3118:"53db40ea",3141:"c325c860",3142:"b6a05cab",3589:"94ed5144",3733:"d0538b38",3741:"47f8488f",3790:"40d0d80b",3828:"7330b736",4059:"3198f616",4129:"09179e24",4368:"b8952552",4381:"471b4cb5",4659:"e01f8776",4825:"a4e43ca1",5444:"9abfcbc5",5568:"3fafe7d9",5842:"f0db9345",6472:"ebc6b9e4",6626:"5812346b",6796:"b2a8352e",6942:"f19260a9",6945:"8e8e2060",6950:"85aac289",7014:"426eab83",7108:"aeb7b86e",7511:"61b7c43a",7744:"d8ac2903",7918:"acd792fa",7920:"ec211f02",8090:"408acede",8164:"921d2c14",8303:"97bf8553",8467:"c015bb52",8510:"5086c9f1",8518:"45274bc2",8587:"5ccea759",8626:"9c2a17c4",8894:"46125374",9053:"4ce33965",9361:"aafd95d2",9661:"b00730d7",9671:"aaef400e",9910:"513a8948"}[e]+".js",b.miniCssF=e=>{},b.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}(),b.o=(e,a)=>Object.prototype.hasOwnProperty.call(e,a),d={},t="website:",b.l=(e,a,c,r)=>{if(d[e])d[e].push(a);else{var f,o;if(void 0!==c)for(var n=document.getElementsByTagName("script"),i=0;i{f.onerror=f.onload=null,clearTimeout(s);var t=d[e];if(delete d[e],f.parentNode&&f.parentNode.removeChild(f),t&&t.forEach((e=>e(c))),a)return a(c)},s=setTimeout(l.bind(null,void 0,{type:"timeout",target:f}),12e4);f.onerror=l.bind(null,f.onerror),f.onload=l.bind(null,f.onload),o&&document.head.appendChild(f)}},b.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},b.p="/gatekeeper-library/website/",b.gca=function(e){return e={17896441:"7918",27378163:"4659",56357698:"4059","935f2afb":"53","059073b3":"69","61298cc8":"214",a626ceec:"266",b4799182:"273",ab8c744e:"289","611c77b5":"459",f01c4a09:"1021","74e10ba6":"1094","6bbbbc97":"1263","330e5e62":"1383",a2130fc2:"1459","4a273407":"1484","318f4b2b":"1880",a54020da:"1922",bd7f9487:"2044","800c1403":"2327","5b4ca663":"2570","2461ad02":"3050",ff130930:"3113","992c5be4":"3118",ab525c33:"3141",dc411dd3:"3142",cde0e7e3:"3589","11f39a2f":"3733",f5fbf028:"3741",d48e9a38:"3790","86369c27":"3828","3faa71d4":"4129",a94703ab:"4368",ac15eb1d:"4381",c81f6b5a:"4825","3448e3c1":"5444","16654c41":"5568","619c8fd2":"5842","8cfa593c":"6472",eb8009f2:"6626","6406880e":"6796",cdfdc496:"6942","3aadb5f1":"6950",b2dd0056:"7014","0090e13a":"7108","212d14e7":"7511","1f48d90f":"7744","1a4e3797":"7920","0bc8830e":"8090","33ab50e4":"8164",ee99e688:"8303","87772db6":"8467",c3ccd8cd:"8510",a7bd4aaa:"8518","23dd7564":"8587",ed579555:"8626","25698ad3":"9053","54db8573":"9361","5e95c892":"9661","0e384e19":"9671",edbd0621:"9910"}[e]||e,b.p+b.u(e)},(()=>{var e={1303:0,532:0};b.f.j=(a,c)=>{var d=b.o(e,a)?e[a]:void 0;if(0!==d)if(d)c.push(d[2]);else if(/^(1303|532)$/.test(a))e[a]=0;else{var t=new Promise(((c,t)=>d=e[a]=[c,t]));c.push(d[2]=t);var r=b.p+b.u(a),f=new Error;b.l(r,(c=>{if(b.o(e,a)&&(0!==(d=e[a])&&(e[a]=void 0),d)){var t=c&&("load"===c.type?"missing":c.type),r=c&&c.target&&c.target.src;f.message="Loading chunk "+a+" failed.\n("+t+": "+r+")",f.name="ChunkLoadError",f.type=t,f.request=r,d[1](f)}}),"chunk-"+a,a)}},b.O.j=a=>0===e[a];var a=(a,c)=>{var d,t,r=c[0],f=c[1],o=c[2],n=0;if(r.some((a=>0!==e[a]))){for(d in f)b.o(f,d)&&(b.m[d]=f[d]);if(o)var i=o(b)}for(a&&a(c);n{"use strict";var e,a,c,d,t,r={},f={};function b(e){var a=f[e];if(void 0!==a)return a.exports;var c=f[e]={id:e,loaded:!1,exports:{}};return r[e].call(c.exports,c,c.exports,b),c.loaded=!0,c.exports}b.m=r,b.c=f,e=[],b.O=(a,c,d,t)=>{if(!c){var r=1/0;for(i=0;i=t)&&Object.keys(b.O).every((e=>b.O[e](c[o])))?c.splice(o--,1):(f=!1,t0&&e[i-1][2]>t;i--)e[i]=e[i-1];e[i]=[c,d,t]},b.n=e=>{var a=e&&e.__esModule?()=>e.default:()=>e;return b.d(a,{a:a}),a},c=Object.getPrototypeOf?e=>Object.getPrototypeOf(e):e=>e.__proto__,b.t=function(e,d){if(1&d&&(e=this(e)),8&d)return e;if("object"==typeof e&&e){if(4&d&&e.__esModule)return e;if(16&d&&"function"==typeof e.then)return e}var t=Object.create(null);b.r(t);var r={};a=a||[null,c({}),c([]),c(c)];for(var f=2&d&&e;"object"==typeof f&&!~a.indexOf(f);f=c(f))Object.getOwnPropertyNames(f).forEach((a=>r[a]=()=>e[a]));return r.default=()=>e,b.d(t,r),t},b.d=(e,a)=>{for(var c in a)b.o(a,c)&&!b.o(e,c)&&Object.defineProperty(e,c,{enumerable:!0,get:a[c]})},b.f={},b.e=e=>Promise.all(Object.keys(b.f).reduce(((a,c)=>(b.f[c](e,a),a)),[])),b.u=e=>"assets/js/"+({53:"935f2afb",69:"059073b3",214:"61298cc8",266:"a626ceec",273:"b4799182",289:"ab8c744e",459:"611c77b5",1021:"f01c4a09",1094:"74e10ba6",1263:"6bbbbc97",1383:"330e5e62",1459:"a2130fc2",1484:"4a273407",1880:"318f4b2b",1922:"a54020da",2044:"bd7f9487",2327:"800c1403",2570:"5b4ca663",3050:"2461ad02",3113:"ff130930",3118:"992c5be4",3141:"ab525c33",3142:"dc411dd3",3589:"cde0e7e3",3733:"11f39a2f",3741:"f5fbf028",3790:"d48e9a38",3828:"86369c27",4059:"56357698",4129:"3faa71d4",4368:"a94703ab",4381:"ac15eb1d",4659:"27378163",4825:"c81f6b5a",5444:"3448e3c1",5568:"16654c41",5842:"619c8fd2",6472:"8cfa593c",6626:"eb8009f2",6796:"6406880e",6942:"cdfdc496",6950:"3aadb5f1",7014:"b2dd0056",7108:"0090e13a",7511:"212d14e7",7744:"1f48d90f",7918:"17896441",7920:"1a4e3797",8090:"0bc8830e",8164:"33ab50e4",8303:"ee99e688",8467:"87772db6",8510:"c3ccd8cd",8518:"a7bd4aaa",8587:"23dd7564",8626:"ed579555",9053:"25698ad3",9361:"54db8573",9661:"5e95c892",9671:"0e384e19",9910:"edbd0621"}[e]||e)+"."+{53:"198027f6",69:"00169746",214:"f7db448c",266:"f6037b29",273:"366c17bf",289:"0af77619",459:"c1ecfc36",1021:"0bd27114",1094:"2ae764a1",1263:"f85e776c",1383:"69975a4b",1426:"c23d7627",1459:"a0a69242",1484:"bcc68fe5",1772:"61f6592f",1880:"8920e162",1922:"97815500",2044:"802eb5aa",2327:"9bc7dd5a",2570:"62e3a572",3050:"283d24a9",3113:"c1d9131d",3118:"53db40ea",3141:"c325c860",3142:"b6a05cab",3589:"94ed5144",3733:"d0538b38",3741:"7be71919",3790:"40d0d80b",3828:"7330b736",4059:"3198f616",4129:"09179e24",4368:"b8952552",4381:"471b4cb5",4659:"e01f8776",4825:"a4e43ca1",5444:"9abfcbc5",5568:"3fafe7d9",5842:"f0db9345",6472:"ebc6b9e4",6626:"5812346b",6796:"b2a8352e",6942:"f19260a9",6945:"8e8e2060",6950:"85aac289",7014:"426eab83",7108:"aeb7b86e",7511:"61b7c43a",7744:"d8ac2903",7918:"acd792fa",7920:"ec211f02",8090:"408acede",8164:"921d2c14",8303:"97bf8553",8467:"c015bb52",8510:"5086c9f1",8518:"45274bc2",8587:"5ccea759",8626:"9c2a17c4",8894:"46125374",9053:"4ce33965",9361:"aafd95d2",9661:"b00730d7",9671:"aaef400e",9910:"513a8948"}[e]+".js",b.miniCssF=e=>{},b.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}(),b.o=(e,a)=>Object.prototype.hasOwnProperty.call(e,a),d={},t="website:",b.l=(e,a,c,r)=>{if(d[e])d[e].push(a);else{var f,o;if(void 0!==c)for(var n=document.getElementsByTagName("script"),i=0;i{f.onerror=f.onload=null,clearTimeout(s);var t=d[e];if(delete d[e],f.parentNode&&f.parentNode.removeChild(f),t&&t.forEach((e=>e(c))),a)return a(c)},s=setTimeout(l.bind(null,void 0,{type:"timeout",target:f}),12e4);f.onerror=l.bind(null,f.onerror),f.onload=l.bind(null,f.onload),o&&document.head.appendChild(f)}},b.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},b.p="/gatekeeper-library/website/",b.gca=function(e){return e={17896441:"7918",27378163:"4659",56357698:"4059","935f2afb":"53","059073b3":"69","61298cc8":"214",a626ceec:"266",b4799182:"273",ab8c744e:"289","611c77b5":"459",f01c4a09:"1021","74e10ba6":"1094","6bbbbc97":"1263","330e5e62":"1383",a2130fc2:"1459","4a273407":"1484","318f4b2b":"1880",a54020da:"1922",bd7f9487:"2044","800c1403":"2327","5b4ca663":"2570","2461ad02":"3050",ff130930:"3113","992c5be4":"3118",ab525c33:"3141",dc411dd3:"3142",cde0e7e3:"3589","11f39a2f":"3733",f5fbf028:"3741",d48e9a38:"3790","86369c27":"3828","3faa71d4":"4129",a94703ab:"4368",ac15eb1d:"4381",c81f6b5a:"4825","3448e3c1":"5444","16654c41":"5568","619c8fd2":"5842","8cfa593c":"6472",eb8009f2:"6626","6406880e":"6796",cdfdc496:"6942","3aadb5f1":"6950",b2dd0056:"7014","0090e13a":"7108","212d14e7":"7511","1f48d90f":"7744","1a4e3797":"7920","0bc8830e":"8090","33ab50e4":"8164",ee99e688:"8303","87772db6":"8467",c3ccd8cd:"8510",a7bd4aaa:"8518","23dd7564":"8587",ed579555:"8626","25698ad3":"9053","54db8573":"9361","5e95c892":"9661","0e384e19":"9671",edbd0621:"9910"}[e]||e,b.p+b.u(e)},(()=>{var e={1303:0,532:0};b.f.j=(a,c)=>{var d=b.o(e,a)?e[a]:void 0;if(0!==d)if(d)c.push(d[2]);else if(/^(1303|532)$/.test(a))e[a]=0;else{var t=new Promise(((c,t)=>d=e[a]=[c,t]));c.push(d[2]=t);var r=b.p+b.u(a),f=new Error;b.l(r,(c=>{if(b.o(e,a)&&(0!==(d=e[a])&&(e[a]=void 0),d)){var t=c&&("load"===c.type?"missing":c.type),r=c&&c.target&&c.target.src;f.message="Loading chunk "+a+" failed.\n("+t+": "+r+")",f.name="ChunkLoadError",f.type=t,f.request=r,d[1](f)}}),"chunk-"+a,a)}},b.O.j=a=>0===e[a];var a=(a,c)=>{var d,t,r=c[0],f=c[1],o=c[2],n=0;if(r.some((a=>0!==e[a]))){for(d in f)b.o(f,d)&&(b.m[d]=f[d]);if(o)var i=o(b)}for(a&&a(c);n