@rancher/shell 3.0.12-rc.4 → 3.0.12-rc.5

package/edit/management.cattle.io.setting/system-default-registry-pull-secrets.vue

@@ -0,0 +1,81 @@
+<script setup lang="ts">
+import { ref, computed, onMounted, toRef } from 'vue';
+import { useStore } from 'vuex';
+import LabeledSelect from '@shell/components/form/LabeledSelect.vue';
+import { SECRET } from '@shell/config/types';
+import { SECRET_TYPES } from '@shell/config/secret';
+
+const AUTH_TYPES = [
+  SECRET_TYPES.DOCKER_JSON,
+  SECRET_TYPES.BASIC,
+  SECRET_TYPES.SSH,
+  SECRET_TYPES.RKE_AUTH_CONFIG
+];
+
+const props = defineProps<{
+  settingValue: Record<string, any>;
+  defaultValue?: Record<string, any>;
+  rules?: Array<(value: any) => string | undefined>;
+}>();
+
+const emit = defineEmits(['update:settingValue']);
+
+const store = useStore();
+const settingValue = toRef(props, 'settingValue');
+const defaultValue = toRef(props, 'defaultValue');
+const secrets = ref<any[]>([]);
+
+const secretOptions = computed(() => secrets.value
+  .filter((s) => AUTH_TYPES.includes(s._type))
+  .map((s) => {
+    const { dataPreview, subTypeDisplay, metadata } = s;
+
+    const label = subTypeDisplay && dataPreview ? `${ metadata.name } (${ subTypeDisplay }: ${ dataPreview })` : `${ metadata.name } (${ subTypeDisplay })`;
+
+    return {
+      label,
+      value: s.metadata?.name
+    };
+  })
+);
+
+const selectedSecrets = computed({
+  get: () => {
+    const sValue = settingValue.value || defaultValue.value || '';
+
+    return sValue.split(',').reduce((all: string[], secret: string) => {
+      if (!!secret.trim()) {
+        all.push(secret.trim());
+      }
+
+      return all;
+    }, []);
+  },
+  set: (neu: string[]) => {
+    const newSettingValue = neu?.length ? neu.join(',') : null;
+
+    emit('update:settingValue', newSettingValue);
+  },
+});
+
+onMounted(async() => {
+  const res = await store.dispatch('management/findAll', {
+    type: SECRET,
+    opt:  { namespaced: 'cattle-system' },
+  });
+
+  secrets.value = Array.isArray(res) ? res : [];
+});
+
+</script>
+
+<template>
+  <LabeledSelect
+    id="pull-secrets"
+    v-model:value="selectedSecrets"
+    label="Image Pull Secrets"
+    :options="secretOptions"
+    :rules="rules"
+    :multiple="true"
+  />
+</template>

package/edit/provisioning.cattle.io.cluster/SelectCredential.vue

@@ -1,7 +1,7 @@
 <script>
 import Loading from '@shell/components/Loading';
 import LabeledSelect from '@shell/components/form/LabeledSelect';
-import { NORMAN, DEFAULT_WORKSPACE } from '@shell/config/types';
+import { NORMAN } from '@shell/config/types';
 import CreateEditView from '@shell/mixins/create-edit-view';
 import CruResource from '@shell/components/CruResource';
 import NameNsDescription from '@shell/components/form/NameNsDescription';
@@ -50,11 +50,8 @@ export default {
     const field = this.$store.getters['plugins/credentialFieldForDriver'](this.driverName);
 
     this.newCredential = await this.$store.dispatch('rancher/create', {
-      type:     NORMAN.CLOUD_CREDENTIAL,
-      metadata: {
-        namespace:   DEFAULT_WORKSPACE,
-        annotations: { [CAPI.CREDENTIAL_DRIVER]: this.driverName }
-      },
+      type:                           NORMAN.CLOUD_CREDENTIAL,
+      annotations:                    { [CAPI.CREDENTIAL_DRIVER]: this.driverName },
       [`${ field }credentialConfig`]: {}
     });
 
@@ -216,12 +213,6 @@ export default {
         }
       }
 
-      if ( this.newCredential.metadata.name ) {
-        delete this.newCredential.metadata.generateName;
-      } else {
-        this.newCredential.metadata.generateName = 'cloud-credential-';
-      }
-
       try {
         const res = await this.newCredential.save();
 

package/edit/provisioning.cattle.io.cluster/__tests__/rke2.test.ts

@@ -806,4 +806,22 @@ describe('component: rke2', () => {
       expect(wrapper.vm.value.spec.rkeConfig.machineGlobalConfig[INGRESS_CONTROLLER]).toBe(INGRESS_NGINX);
     });
   });
+
+  describe('computed: canEditAsYaml', () => {
+    it('should return false when isUpstreamCAPIProvider is true', () => {
+      const vm = { isUpstreamCAPIProvider: true } as any;
+
+      const canEditAsYaml = rke2.computed!.canEditAsYaml.call(vm);
+
+      expect(canEditAsYaml).toBe(false);
+    });
+
+    it('should return true when isUpstreamCAPIProvider is false', () => {
+      const vm = { isUpstreamCAPIProvider: false } as any;
+
+      const canEditAsYaml = rke2.computed!.canEditAsYaml.call(vm);
+
+      expect(canEditAsYaml).toBe(true);
+    });
+  });
 });

package/edit/provisioning.cattle.io.cluster/rke2.vue

@@ -919,6 +919,10 @@ export default {
       return this.needCredential && !this.credentialId;
     },
 
+    canEditAsYaml() {
+      return !(this.isUpstreamCAPIProvider);
+    },
+
     overallFormValidationPassed() {
       return this.validationPassed &&
             this.fvFormIsValid &&
@@ -1118,7 +1122,6 @@ export default {
 
         this.rkeConfig.etcd.disableSnapshots = disableSnapshots;
       }
-
       // Namespaces if required - this is mainly for custom provisioners via extensions that want
       // to allow creating their resources in a different namespace
       if (this.needsNamespace) {
@@ -2459,6 +2462,7 @@ export default {
     :done-route="doneRoute"
     :apply-hooks="applyHooks"
     :generate-yaml="generateYaml"
+    :can-yaml="canEditAsYaml"
     class="rke2"
     component-testid="rke2-custom-create"
     @done="done"

package/edit/provisioning.cattle.io.cluster/tabs/etcd/index.vue

@@ -40,7 +40,6 @@ export default {
       type:     Function,
       required: true,
     },
-
   },
 
   computed: {

package/edit/provisioning.cattle.io.cluster/tabs/registries/index.vue

@@ -1,8 +1,6 @@
 <script>
-import { LabeledInput } from '@components/Form/LabeledInput';
 import { Banner } from '@components/Banner';
-import { Checkbox } from '@components/Form/Checkbox';
-import SelectOrCreateAuthSecret from '@shell/components/form/SelectOrCreateAuthSecret';
+import PrivateRegistry from '@shell/components/form/PrivateRegistry.vue';
 import AdvancedSection from '@shell/components/AdvancedSection.vue';
 import RegistryConfigs from '@shell/edit/provisioning.cattle.io.cluster/tabs/registries/RegistryConfigs';
 import RegistryMirrors from '@shell/edit/provisioning.cattle.io.cluster/tabs/registries/RegistryMirrors';
@@ -10,10 +8,8 @@ import RegistryMirrors from '@shell/edit/provisioning.cattle.io.cluster/tabs/reg
 export default {
   emits:      ['custom-registry-changed', 'registry-host-changed', 'registry-secret-changed', 'input', 'update-configs-changed', 'registry-validation-changed'],
   components: {
-    LabeledInput,
     Banner,
-    Checkbox,
-    SelectOrCreateAuthSecret,
+    PrivateRegistry,
     AdvancedSection,
     RegistryConfigs,
     RegistryMirrors
@@ -65,55 +61,18 @@ export default {
     <div class="row">
       <h3>{{ t('cluster.privateRegistry.label') }}</h3>
     </div>
-    <div class="row">
-      <div class="col span-12">
-        <Banner
-          :closable="false"
-          class="cluster-tools-tip"
-          color="info"
-          label-key="cluster.privateRegistry.description"
-        />
-      </div>
-    </div>
-    <div class="row">
-      <Checkbox
-        :value="showCustomRegistryInput"
-        :mode="mode"
-        :label="t('cluster.privateRegistry.label')"
-        data-testid="registries-enable-checkbox"
-        @update:value="$emit('custom-registry-changed', $event)"
-      />
-    </div>
-    <div
-      v-if="showCustomRegistryInput"
-      class="row mt-20"
-    >
-      <div class="col span-6">
-        <LabeledInput
-          :value="registryHost"
-          :mode="mode"
-          label-key="catalog.chart.registry.custom.inputLabel"
-          placeholder-key="catalog.chart.registry.custom.placeholder"
-          :min-height="30"
-          data-testid="registry-host-input"
-          @update:value="$emit('registry-host-changed', $event)"
-        />
-        <SelectOrCreateAuthSecret
-          :value="registrySecret"
-          :register-before-hook="registerBeforeHook"
-          :hook-priority="1"
-          :mode="mode"
-          in-store="management"
-          :allow-ssh="false"
-          :allow-rke="true"
-          :vertical="true"
-          :namespace="value.metadata.namespace"
-          generate-name="registryconfig-auth-"
-          :cache-secrets="true"
-          @update:value="$emit('registry-secret-changed', $event)"
-        />
-      </div>
-    </div>
+    <PrivateRegistry
+      :value="registryHost"
+      :enabled="showCustomRegistryInput"
+      :mode="mode"
+      :pull-secret="registrySecret"
+      :register-before-hook="registerBeforeHook"
+      checkbox-test-id="registries-enable-checkbox"
+      input-test-id="registry-host-input"
+      @update:value="$emit('registry-host-changed', $event)"
+      @update:enabled="$emit('custom-registry-changed', $event)"
+      @update:pull-secret="$emit('registry-secret-changed', $event)"
+    />
     <div
       class="row"
     >

package/models/__tests__/provisioning.cattle.io.cluster.test.ts

@@ -1,5 +1,12 @@
 import ProvCluster from '@shell/models/provisioning.cattle.io.cluster';
 import MgmtCluster from '@shell/models/management.cattle.io.cluster';
+import { IMPORTED_DAY_2_OPS } from '@shell/config/features';
+import { OPERATION_ANNOTATIONS } from '@shell/config/labels-annotations';
+import { SETTING } from '@shell/config/settings';
+import { MANAGEMENT, OPERATION } from '@shell/config/types';
+import { createOperationCR } from '@shell/utils/operation-cr';
+
+jest.mock('@shell/utils/operation-cr', () => ({ createOperationCR: jest.fn() }));
 
 jest.mock('@shell/utils/provider', () => ({
   isHostedProvider: jest.fn().mockImplementation((context, provider) => {
@@ -441,4 +448,153 @@ describe('class ProvCluster', () => {
       jest.clearAllMocks();
     });
   });
+  describe('day 2 operations', () => {
+    const createContext = ({
+      byId = jest.fn(),
+      all = jest.fn(() => []),
+      schemaFor = jest.fn(() => ({})),
+    } = {}) => {
+      return {
+        getters:     { schemaFor },
+        rootGetters: {
+          'management/byId': byId,
+          'management/all':  all,
+        }
+      };
+    };
+
+    it('should return true when the day 2 operations feature is enabled', () => {
+      const byId = jest.fn().mockImplementation((type, id) => {
+        if (type === MANAGEMENT.FEATURE && id === IMPORTED_DAY_2_OPS) {
+          return { enabled: true };
+        }
+
+        return undefined;
+      });
+      const cluster = new ProvCluster({}, createContext({ byId }));
+
+      expect(cluster.isDayTwoOpsFeatureEnabled).toBe(true);
+    });
+
+    it('should return true for imported RKE2 day 2 operations when the annotation is enabled', () => {
+      const byId = jest.fn().mockImplementation((type, id) => {
+        if (type === MANAGEMENT.FEATURE && id === IMPORTED_DAY_2_OPS) {
+          return { enabled: true };
+        }
+
+        return undefined;
+      });
+      const cluster = new ProvCluster({}, createContext({ byId }));
+
+      jest.spyOn(cluster, 'mgmt', 'get').mockReturnValue({ metadata: { annotations: { [OPERATION_ANNOTATIONS.ENABLED]: 'true' } } });
+      jest.spyOn(cluster, 'isImportedRke2K3s', 'get').mockReturnValue(true);
+
+      expect(cluster.isImportedWithDayTwoOps).toBe(true);
+    });
+
+    it('should return true for imported RKE2 day 2 operations when the global setting is enabled', () => {
+      const byId = jest.fn().mockImplementation((type, id) => {
+        if (type === MANAGEMENT.FEATURE && id === IMPORTED_DAY_2_OPS) {
+          return { enabled: true };
+        }
+
+        if (type === MANAGEMENT.SETTING && id === SETTING.IMPORTED_CLUSTER_DAY2_OPS_DEFAULT) {
+          return { value: 'true' };
+        }
+
+        return undefined;
+      });
+      const cluster = new ProvCluster({}, createContext({ byId }));
+
+      jest.spyOn(cluster, 'mgmt', 'get').mockReturnValue({ metadata: { annotations: {} } });
+      jest.spyOn(cluster, 'isImportedRke2K3s', 'get').mockReturnValue(true);
+
+      expect(cluster.isImportedWithDayTwoOps).toBe(true);
+    });
+
+    it('should return false for imported RKE2 day 2 operations when the feature is disabled', () => {
+      const byId = jest.fn().mockImplementation((type, id) => {
+        if (type === MANAGEMENT.SETTING && id === SETTING.IMPORTED_CLUSTER_DAY2_OPS_DEFAULT) {
+          return { value: 'true' };
+        }
+
+        return undefined;
+      });
+      const cluster = new ProvCluster({}, createContext({ byId }));
+
+      jest.spyOn(cluster, 'mgmt', 'get').mockReturnValue({ metadata: { annotations: { [OPERATION_ANNOTATIONS.ENABLED]: 'true' } } });
+      jest.spyOn(cluster, 'isImportedRke2K3s', 'get').mockReturnValue(true);
+
+      expect(cluster.isImportedWithDayTwoOps).toBeFalsy();
+    });
+
+    it('should return false for imported RKE2 day 2 operations when operation schema is missing', () => {
+      const byId = jest.fn().mockImplementation((type, id) => {
+        if (type === MANAGEMENT.FEATURE && id === IMPORTED_DAY_2_OPS) {
+          return { enabled: true };
+        }
+
+        if (type === MANAGEMENT.SETTING && id === SETTING.IMPORTED_CLUSTER_DAY2_OPS_DEFAULT) {
+          return { value: 'true' };
+        }
+
+        return undefined;
+      });
+      const schemaFor = jest.fn().mockReturnValue(undefined);
+      const cluster = new ProvCluster({}, createContext({ byId, schemaFor }));
+
+      jest.spyOn(cluster, 'mgmt', 'get').mockReturnValue({ metadata: { annotations: { [OPERATION_ANNOTATIONS.ENABLED]: 'true' } } });
+      jest.spyOn(cluster, 'isImportedRke2K3s', 'get').mockReturnValue(true);
+
+      expect(cluster.isImportedWithDayTwoOps).toBeFalsy();
+    });
+
+    it('should filter etcd snapshots by management cluster fields for imported day 2 operations clusters', () => {
+      const snapshots = [
+        {
+          metadata: { namespace: 'c-m-1' },
+          spec:     { clusterName: 'imported-cluster' }
+        },
+        {
+          metadata: { namespace: 'c-m-1' },
+          spec:     { clusterName: 'other-cluster' }
+        },
+        {
+          metadata: { namespace: 'c-m-2' },
+          spec:     { clusterName: 'imported-cluster' }
+        }
+      ];
+      const all = jest.fn().mockReturnValue(snapshots);
+      const cluster = new ProvCluster({}, createContext({ all }));
+
+      jest.spyOn(cluster, 'isImportedWithDayTwoOps', 'get').mockReturnValue(true);
+      jest.spyOn(cluster, 'mgmt', 'get').mockReturnValue({ id: 'c-m-1', metadata: { name: 'imported-cluster' } });
+
+      expect(cluster.etcdSnapshots).toStrictEqual([snapshots[0]]);
+    });
+
+    it('should create an operation CR when taking a snapshot on an imported RKE2 or K3s cluster', () => {
+      const cluster = new ProvCluster({}, createContext());
+
+      (createOperationCR as jest.Mock).mockResolvedValue(undefined);
+
+      jest.spyOn(cluster, 'isRke1', 'get').mockReturnValue(false);
+      jest.spyOn(cluster, 'isImportedWithDayTwoOps', 'get').mockReturnValue(true);
+      jest.spyOn(cluster, 'mgmt', 'get').mockReturnValue({ id: 'c-m-1', metadata: { name: 'imported-cluster' } });
+
+      cluster.takeSnapshot();
+
+      expect(createOperationCR).toHaveBeenCalledTimes(1);
+      expect((createOperationCR as jest.Mock).mock.calls[0][1]).toBe(OPERATION.ETCD_SNAPSHOT);
+      expect((createOperationCR as jest.Mock).mock.calls[0][2]).toStrictEqual({
+        clusterRef: {
+          apiVersion: 'management.cattle.io/v3',
+          kind:       'Cluster',
+          name:       'c-m-1',
+        }
+      });
+      expect((createOperationCR as jest.Mock).mock.calls[0][3]).toBe('c-m-1');
+      expect((createOperationCR as jest.Mock).mock.calls[0][4]).toBe('imported-cluster');
+    });
+  });
 });

package/models/__tests__/secret.test.ts

@@ -1,7 +1,8 @@
 import Secret from '@shell/models/secret';
-import { SECRET_TYPES as TYPES } from '@shell/config/secret';
+import { SECRET_TYPES as TYPES, GITHUB_APP_SECRET_KEYS } from '@shell/config/secret';
 import { VIRTUAL_TYPES } from '@shell/config/types';
 import { UI_PROJECT_SECRET } from '@shell/config/labels-annotations';
+import { base64Encode } from '@shell/utils/crypto';
 
 describe('class Secret', () => {
   describe('detailLocation', () => {
@@ -132,4 +133,70 @@ ${ part }`;
       expect(result).toBe(supported);
     });
   });
+
+  describe('isGithubApp', () => {
+    const githubAppData = {
+      github_app_id:              'MTI=',
+      github_app_installation_id: 'MzQ=',
+      github_app_private_key:     'a2V5',
+    };
+
+    it.each([
+      [
+        false,
+        'type is not Opaque',
+        TYPES.SSH,
+        githubAppData,
+      ],
+      [
+        false,
+        'data is null',
+        TYPES.OPAQUE,
+        null,
+      ],
+      [
+        false,
+        'Opaque but missing a GitHub App key',
+        TYPES.OPAQUE,
+        { github_app_id: 'MTI=', github_app_installation_id: 'MzQ=' },
+      ],
+      [
+        true,
+        'Opaque with all GitHub App keys',
+        TYPES.OPAQUE,
+        githubAppData,
+      ],
+    ])('is %p if %p', (
+      expected,
+      descr,
+      _type,
+      data
+    ) => {
+      const secret = new Secret({ _type, data });
+
+      expect(secret.isGithubApp).toBe(expected);
+    });
+  });
+
+  describe('GitHub App display', () => {
+    const githubAppData = {
+      [GITHUB_APP_SECRET_KEYS.APP_ID]:          base64Encode('12345'),
+      [GITHUB_APP_SECRET_KEYS.INSTALLATION_ID]: base64Encode('67890'),
+      [GITHUB_APP_SECRET_KEYS.PRIVATE_KEY]:     base64Encode('a-private-key'),
+    };
+
+    const ctx = { rootGetters: { 'i18n/withFallback': (_key: string, _args: any, fallback: string) => fallback } };
+
+    it('dataPreview should show the decoded App ID and Installation ID', () => {
+      const secret = new Secret({ _type: TYPES.OPAQUE, data: githubAppData }, ctx);
+
+      expect(secret.dataPreview).toBe('12345 / 67890');
+    });
+
+    it('subTypeDisplay should resolve to the GitHub App label', () => {
+      const secret = new Secret({ _type: TYPES.OPAQUE, data: githubAppData }, ctx);
+
+      expect(secret.subTypeDisplay).toBe('GitHub App');
+    });
+  });
 });

package/models/management.cattle.io.cluster.js

@@ -1,4 +1,4 @@
-import { CATALOG, CLUSTER_BADGE, NODE_ARCHITECTURE } from '@shell/config/labels-annotations';
+import { CATALOG, CLUSTER_BADGE, NODE_ARCHITECTURE, OPERATION_ANNOTATIONS } from '@shell/config/labels-annotations';
 import {
   NODE, FLEET, MANAGEMENT, CAPI, EXT,
   NORMAN,
@@ -9,7 +9,7 @@ import { downloadFile } from '@shell/utils/download';
 import { parseSi } from '@shell/utils/units';
 import { parseColor, textColor } from '@shell/utils/color';
 import { isEmpty, isEqual } from '@shell/utils/object';
-import { HARVESTER_NAME as HARVESTER } from '@shell/config/features';
+import { HARVESTER_NAME as HARVESTER, IMPORTED_DAY_2_OPS } from '@shell/config/features';
 import { isHarvesterCluster } from '@shell/utils/cluster';
 import SteveModel from '@shell/plugins/steve/steve-class';
 import { LINUX, WINDOWS } from '@shell/store/catalog';
@@ -20,7 +20,7 @@ import { copyTextToClipboard } from '@shell/utils/clipboard';
 import { isHostedProvider, isCAPIProvider } from '@shell/utils/provider';
 import { ucFirst } from '@shell/utils/string';
 import { sortBy } from '@shell/utils/sort';
-
+import { SETTING } from '@shell/config/settings';
 const DEFAULT_BADGE_COLOR = '#707070';
 
 // See translation file cluster.providers for list of providers
@@ -389,6 +389,24 @@ export default class MgmtCluster extends SteveModel {
     return this.spec?.internal === true;
   }
 
+  get isDayTwoOpsFeatureEnabled() {
+    return this.$rootGetters['management/byId'](MANAGEMENT.FEATURE, IMPORTED_DAY_2_OPS)?.enabled || false;
+  }
+
+  /**
+   * Whether day 2 operations are enabled for this cluster.
+   * Reads the `operations.cattle.io/ops-enabled` annotation.
+   */
+  get isDayTwoOpsEnabled() {
+    const isImportedRke2K3s = !this.isLocal && (this.isImportedK3s || this.isImportedRke2);
+    const annotationExists = typeof this.metadata?.annotations?.[OPERATION_ANNOTATIONS.ENABLED] !== 'undefined';
+    const annotationEnabled = this.metadata?.annotations?.[OPERATION_ANNOTATIONS.ENABLED] === 'true';
+    const globalDefaultIsTrue = this.$rootGetters['management/byId'](MANAGEMENT.SETTING, SETTING.IMPORTED_CLUSTER_DAY2_OPS_DEFAULT)?.value === 'true';
+    const annotationEnabledOrDefault = annotationExists ? annotationEnabled : globalDefaultIsTrue;
+
+    return this.isDayTwoOpsFeatureEnabled && isImportedRke2K3s && annotationEnabledOrDefault;
+  }
+
   get isHarvester() {
     return isHarvesterCluster(this);
   }

package/models/pod.js

@@ -6,6 +6,7 @@ import WorkloadService from '@shell/models/workload.service';
 import { deleteProperty } from '@shell/utils/object';
 import { POD_RESTARTS_REG_EX } from '@shell/types/resources/pod';
 import { useResourceCardRow } from '@shell/components/Resource/Detail/Card/StateCard/composables';
+import { POD_SHELL } from '@shell/store/features';
 
 export const WORKLOAD_PRIORITY = {
   [WORKLOAD_TYPES.DEPLOYMENT]:             1,
@@ -64,11 +65,16 @@ export default class Pod extends WorkloadService {
 
   get _availableActions() {
     const out = super._availableActions;
+    const podShellFeatureEnabled = !!this.$rootGetters['features/get'](POD_SHELL);
 
     // Add backwards, each one to the top
     insertAt(out, 0, { divider: true });
     insertAt(out, 0, this.openLogsMenuItem);
-    insertAt(out, 0, this.openShellMenuItem);
+
+    // Only add the menu item for the pod shell if the feature flag is enabled
+    if (podShellFeatureEnabled) {
+      insertAt(out, 0, this.openShellMenuItem);
+    }
 
     return out;
   }
@@ -95,9 +101,14 @@ export default class Pod extends WorkloadService {
 
   get containerActions() {
     const out = [];
+    const podShellFeatureEnabled = !!this.$rootGetters['features/get'](POD_SHELL);
 
     insertAt(out, 0, this.openLogsMenuItem);
-    insertAt(out, 0, this.openShellMenuItem);
+
+    // Only add the menu item for the container shell if the feature flag is enabled
+    if (podShellFeatureEnabled) {
+      insertAt(out, 0, this.openShellMenuItem);
+    }
 
     return out;
   }