From d5b20d7456200d48e4ccd574f1d62ab4d8ded6ba Mon Sep 17 00:00:00 2001
From: Dustin Jenkins <djenkins.cadc@gmail.com>
Date: Mon, 23 Dec 2024 09:12:13 -0800
Subject: [PATCH] fix: move deployment for helm charts to deployments
 repository and fix skaha dockerfile

---
 deployment/helm/base/CHANGELOG.md             |   4 +
 deployment/helm/posix-mapper/.helmignore      |  24 --
 deployment/helm/posix-mapper/CHANGELOG.md     |   7 -
 deployment/helm/posix-mapper/Chart.yaml       |  24 --
 deployment/helm/posix-mapper/README.md        |   2 +
 .../config/cadc-registry.properties           |  16 --
 .../posix-mapper/config/catalina.properties   |  12 -
 .../config/posix-mapper.properties            |   9 -
 .../templates/posix-mapper-configmap.yaml     |   7 -
 .../templates/posix-mapper-ingress.yaml       |  19 --
 .../templates/posix-mapper-secrets.yaml       |  13 -
 .../posix-mapper-tomcat-deployment.yaml       |  67 -----
 .../templates/posix-mapper-tomcat-expose.yaml |  21 --
 .../templates/postgres-config.yaml            |  22 --
 .../templates/postgres-deploy.yaml            |  35 ---
 .../templates/postgres-service.yaml           |  12 -
 deployment/helm/posix-mapper/values.yaml      |  94 -------
 deployment/helm/science-portal/.helmignore    |  24 --
 deployment/helm/science-portal/CHANGELOG.md   |  23 --
 deployment/helm/science-portal/Chart.yaml     |  32 ---
 deployment/helm/science-portal/README.md      | 104 +------
 .../science-portal/config/cadc-log.properties |   3 -
 .../config/cadc-registry.properties           |  22 --
 .../science-portal/config/catalina.properties |   7 -
 .../org.opencadc.science-portal.properties    |  29 --
 .../science-portal-config-configmap.yaml      |   8 -
 .../templates/science-portal-ingress.yaml     |  19 --
 .../templates/science-portal-secrets.yaml     |  13 -
 .../science-portal-tomcat-deployment.yaml     |  66 -----
 .../science-portal-tomcat-expose.yaml         |  21 --
 deployment/helm/science-portal/values.yaml    | 104 -------
 deployment/helm/skaha/.helmignore             |  24 --
 deployment/helm/skaha/CHANGELOG.md            |  62 -----
 deployment/helm/skaha/Chart.yaml              |  32 ---
 deployment/helm/skaha/README.md               |  65 +----
 .../helm/skaha/add-user-config/Xresources     |   4 -
 deployment/helm/skaha/add-user-config/bashrc  |   8 -
 .../add-user-config/casa/casa-config.tar      | Bin 81920 -> 0 bytes
 .../helm/skaha/config/cadc-log.properties     |   3 -
 .../skaha/config/cadc-registry.properties     |  19 --
 .../helm/skaha/config/catalina.properties     |   9 -
 .../desktop-template/app-desktop.template     |  11 -
 .../astrosoftware-bottom.menu                 |   3 -
 .../desktop-template/astrosoftware-top.menu   |  12 -
 .../desktop-apps-icon.properties              |   1 -
 .../ds9-terminal.desktop.template             |  11 -
 .../desktop-template/ds9.desktop.template     |  11 -
 .../resolution-desktop.template               |  10 -
 .../desktop-template/resolution-sh.template   |   3 -
 .../skaha-resolutions.properties              |  13 -
 .../software-category.template                |  10 -
 .../desktop-template/software-sh.template     |   3 -
 .../start-software-sh.template                | 168 ------------
 .../terminal.desktop.template                 |  11 -
 .../topcat-terminal.desktop.template          |  11 -
 .../desktop-template/topcat.desktop.template  |  11 -
 .../xfce-applications-menu-item.template      |   7 -
 .../desktop-template/xfce-directory.template  | 110 --------
 .../helm/skaha/image-cache/cache-images.sh    |  62 -----
 .../init-users-groups.sh                      |  34 ---
 .../helm/skaha/launch-scripts/build-menu.sh   | 254 ------------------
 .../helm/skaha/launch-scripts/skaha-carta.sh  |  21 --
 .../skaha/launch-scripts/sleep-forever.sh     |   5 -
 .../launch-scripts/start-desktop-software.sh  |  24 --
 .../skaha/launch-scripts/start-desktop.sh     |  19 --
 .../skaha/launch-scripts/start-jupyterlab.sh  |  21 --
 .../helm/skaha/sample-local-values.yaml       | 188 -------------
 deployment/helm/skaha/skaha-config/README.md  |   1 -
 .../skaha/skaha-config/RsaSignaturePub.key    |   8 -
 .../skaha/skaha-config/ingress-carta.yaml     |  50 ----
 .../skaha-config/ingress-contributed.yaml     |  32 ---
 .../skaha/skaha-config/ingress-desktop.yaml   |  31 ---
 .../skaha/skaha-config/ingress-notebook.yaml  |  19 --
 .../skaha/skaha-config/k8s-resources.json     |  94 -------
 .../helm/skaha/skaha-config/launch-carta.yaml | 103 -------
 .../skaha-config/launch-contributed.yaml      |  98 -------
 .../skaha-config/launch-desktop-app.yaml      | 103 -------
 .../skaha/skaha-config/launch-desktop.yaml    | 113 --------
 .../skaha/skaha-config/launch-headless.yaml   |  90 -------
 .../skaha/skaha-config/launch-notebook.yaml   | 127 ---------
 .../skaha/skaha-config/service-carta.yaml     |  16 --
 .../skaha-config/service-contributed.yaml     |  13 -
 .../skaha/skaha-config/service-desktop.yaml   |  14 -
 .../skaha/skaha-config/service-notebook.yaml  |  13 -
 deployment/helm/skaha/templates/_helpers.tpl  | 140 ----------
 .../templates/add-user-config-configmap.yaml  |  10 -
 .../templates/desktop-template-configmap.yaml |   7 -
 .../templates/image-caching-cronjob.yaml      |  88 ------
 .../init-users-groups-configmap.yaml          |   7 -
 .../templates/launch-scripts-configmap.yaml   |   7 -
 .../templates/session-volumes-mounts.yaml     |  25 --
 .../helm/skaha/templates/session-volumes.yaml |  38 ---
 .../skaha/templates/skaha-cluster-queues.yaml |  36 ---
 .../templates/skaha-config-configmap.yaml     |  15 --
 .../helm/skaha/templates/skaha-ingress.yaml   |  19 --
 .../skaha/templates/skaha-local-queues.yaml   |  12 -
 .../templates/skaha-resource-flavors.yaml     |  14 -
 .../helm/skaha/templates/skaha-secrets.yaml   |  24 --
 .../templates/skaha-tomcat-deployment.yaml    | 136 ----------
 .../skaha/templates/skaha-tomcat-expose.yaml  |  25 --
 .../templates/tests/test-connection.yaml      |  15 --
 deployment/helm/skaha/values.yaml             | 207 --------------
 deployment/helm/storage-ui/.helmignore        |  24 --
 deployment/helm/storage-ui/CHANGELOG.md       |  15 --
 deployment/helm/storage-ui/Chart.yaml         |  32 ---
 deployment/helm/storage-ui/README.md          | 113 +-------
 .../storage-ui/config/cadc-log.properties     |   3 -
 .../config/cadc-registry.properties           |  18 --
 .../storage-ui/config/catalina.properties     |   7 -
 .../config/org.opencadc.vosui.properties      |  50 ----
 .../templates/storage-ui-clientsecret.yaml    |  23 --
 .../storage-ui-config-configmap.yaml          |   8 -
 .../templates/storage-ui-ingress.yaml         |  19 --
 .../templates/storage-ui-secrets.yaml         |  13 -
 .../storage-ui-tomcat-deployment.yaml         |  68 -----
 .../templates/storage-ui-tomcat-expose.yaml   |  21 --
 deployment/helm/storage-ui/values.yaml        | 119 --------
 skaha/Dockerfile                              |   2 +-
 118 files changed, 13 insertions(+), 4395 deletions(-)
 create mode 100644 deployment/helm/base/CHANGELOG.md
 delete mode 100644 deployment/helm/posix-mapper/.helmignore
 delete mode 100644 deployment/helm/posix-mapper/CHANGELOG.md
 delete mode 100644 deployment/helm/posix-mapper/Chart.yaml
 create mode 100644 deployment/helm/posix-mapper/README.md
 delete mode 100644 deployment/helm/posix-mapper/config/cadc-registry.properties
 delete mode 100644 deployment/helm/posix-mapper/config/catalina.properties
 delete mode 100644 deployment/helm/posix-mapper/config/posix-mapper.properties
 delete mode 100644 deployment/helm/posix-mapper/templates/posix-mapper-configmap.yaml
 delete mode 100644 deployment/helm/posix-mapper/templates/posix-mapper-ingress.yaml
 delete mode 100644 deployment/helm/posix-mapper/templates/posix-mapper-secrets.yaml
 delete mode 100644 deployment/helm/posix-mapper/templates/posix-mapper-tomcat-deployment.yaml
 delete mode 100644 deployment/helm/posix-mapper/templates/posix-mapper-tomcat-expose.yaml
 delete mode 100644 deployment/helm/posix-mapper/templates/postgres-config.yaml
 delete mode 100644 deployment/helm/posix-mapper/templates/postgres-deploy.yaml
 delete mode 100644 deployment/helm/posix-mapper/templates/postgres-service.yaml
 delete mode 100644 deployment/helm/posix-mapper/values.yaml
 delete mode 100644 deployment/helm/science-portal/.helmignore
 delete mode 100644 deployment/helm/science-portal/CHANGELOG.md
 delete mode 100644 deployment/helm/science-portal/Chart.yaml
 delete mode 100644 deployment/helm/science-portal/config/cadc-log.properties
 delete mode 100644 deployment/helm/science-portal/config/cadc-registry.properties
 delete mode 100644 deployment/helm/science-portal/config/catalina.properties
 delete mode 100644 deployment/helm/science-portal/config/org.opencadc.science-portal.properties
 delete mode 100644 deployment/helm/science-portal/templates/science-portal-config-configmap.yaml
 delete mode 100644 deployment/helm/science-portal/templates/science-portal-ingress.yaml
 delete mode 100644 deployment/helm/science-portal/templates/science-portal-secrets.yaml
 delete mode 100644 deployment/helm/science-portal/templates/science-portal-tomcat-deployment.yaml
 delete mode 100644 deployment/helm/science-portal/templates/science-portal-tomcat-expose.yaml
 delete mode 100644 deployment/helm/science-portal/values.yaml
 delete mode 100644 deployment/helm/skaha/.helmignore
 delete mode 100644 deployment/helm/skaha/CHANGELOG.md
 delete mode 100644 deployment/helm/skaha/Chart.yaml
 delete mode 100644 deployment/helm/skaha/add-user-config/Xresources
 delete mode 100644 deployment/helm/skaha/add-user-config/bashrc
 delete mode 100644 deployment/helm/skaha/add-user-config/casa/casa-config.tar
 delete mode 100644 deployment/helm/skaha/config/cadc-log.properties
 delete mode 100644 deployment/helm/skaha/config/cadc-registry.properties
 delete mode 100644 deployment/helm/skaha/config/catalina.properties
 delete mode 100755 deployment/helm/skaha/desktop-template/app-desktop.template
 delete mode 100644 deployment/helm/skaha/desktop-template/astrosoftware-bottom.menu
 delete mode 100644 deployment/helm/skaha/desktop-template/astrosoftware-top.menu
 delete mode 100644 deployment/helm/skaha/desktop-template/desktop-apps-icon.properties
 delete mode 100755 deployment/helm/skaha/desktop-template/ds9-terminal.desktop.template
 delete mode 100755 deployment/helm/skaha/desktop-template/ds9.desktop.template
 delete mode 100755 deployment/helm/skaha/desktop-template/resolution-desktop.template
 delete mode 100755 deployment/helm/skaha/desktop-template/resolution-sh.template
 delete mode 100644 deployment/helm/skaha/desktop-template/skaha-resolutions.properties
 delete mode 100755 deployment/helm/skaha/desktop-template/software-category.template
 delete mode 100755 deployment/helm/skaha/desktop-template/software-sh.template
 delete mode 100644 deployment/helm/skaha/desktop-template/start-software-sh.template
 delete mode 100755 deployment/helm/skaha/desktop-template/terminal.desktop.template
 delete mode 100755 deployment/helm/skaha/desktop-template/topcat-terminal.desktop.template
 delete mode 100755 deployment/helm/skaha/desktop-template/topcat.desktop.template
 delete mode 100644 deployment/helm/skaha/desktop-template/xfce-applications-menu-item.template
 delete mode 100644 deployment/helm/skaha/desktop-template/xfce-directory.template
 delete mode 100644 deployment/helm/skaha/image-cache/cache-images.sh
 delete mode 100755 deployment/helm/skaha/init-users-groups-config/init-users-groups.sh
 delete mode 100644 deployment/helm/skaha/launch-scripts/build-menu.sh
 delete mode 100644 deployment/helm/skaha/launch-scripts/skaha-carta.sh
 delete mode 100755 deployment/helm/skaha/launch-scripts/sleep-forever.sh
 delete mode 100644 deployment/helm/skaha/launch-scripts/start-desktop-software.sh
 delete mode 100644 deployment/helm/skaha/launch-scripts/start-desktop.sh
 delete mode 100644 deployment/helm/skaha/launch-scripts/start-jupyterlab.sh
 delete mode 100644 deployment/helm/skaha/sample-local-values.yaml
 delete mode 100644 deployment/helm/skaha/skaha-config/README.md
 delete mode 100644 deployment/helm/skaha/skaha-config/RsaSignaturePub.key
 delete mode 100644 deployment/helm/skaha/skaha-config/ingress-carta.yaml
 delete mode 100644 deployment/helm/skaha/skaha-config/ingress-contributed.yaml
 delete mode 100644 deployment/helm/skaha/skaha-config/ingress-desktop.yaml
 delete mode 100644 deployment/helm/skaha/skaha-config/ingress-notebook.yaml
 delete mode 100644 deployment/helm/skaha/skaha-config/k8s-resources.json
 delete mode 100644 deployment/helm/skaha/skaha-config/launch-carta.yaml
 delete mode 100644 deployment/helm/skaha/skaha-config/launch-contributed.yaml
 delete mode 100644 deployment/helm/skaha/skaha-config/launch-desktop-app.yaml
 delete mode 100644 deployment/helm/skaha/skaha-config/launch-desktop.yaml
 delete mode 100644 deployment/helm/skaha/skaha-config/launch-headless.yaml
 delete mode 100644 deployment/helm/skaha/skaha-config/launch-notebook.yaml
 delete mode 100644 deployment/helm/skaha/skaha-config/service-carta.yaml
 delete mode 100644 deployment/helm/skaha/skaha-config/service-contributed.yaml
 delete mode 100644 deployment/helm/skaha/skaha-config/service-desktop.yaml
 delete mode 100644 deployment/helm/skaha/skaha-config/service-notebook.yaml
 delete mode 100644 deployment/helm/skaha/templates/_helpers.tpl
 delete mode 100644 deployment/helm/skaha/templates/add-user-config-configmap.yaml
 delete mode 100644 deployment/helm/skaha/templates/desktop-template-configmap.yaml
 delete mode 100644 deployment/helm/skaha/templates/image-caching-cronjob.yaml
 delete mode 100644 deployment/helm/skaha/templates/init-users-groups-configmap.yaml
 delete mode 100644 deployment/helm/skaha/templates/launch-scripts-configmap.yaml
 delete mode 100644 deployment/helm/skaha/templates/session-volumes-mounts.yaml
 delete mode 100644 deployment/helm/skaha/templates/session-volumes.yaml
 delete mode 100644 deployment/helm/skaha/templates/skaha-cluster-queues.yaml
 delete mode 100644 deployment/helm/skaha/templates/skaha-config-configmap.yaml
 delete mode 100644 deployment/helm/skaha/templates/skaha-ingress.yaml
 delete mode 100644 deployment/helm/skaha/templates/skaha-local-queues.yaml
 delete mode 100644 deployment/helm/skaha/templates/skaha-resource-flavors.yaml
 delete mode 100644 deployment/helm/skaha/templates/skaha-secrets.yaml
 delete mode 100644 deployment/helm/skaha/templates/skaha-tomcat-deployment.yaml
 delete mode 100644 deployment/helm/skaha/templates/skaha-tomcat-expose.yaml
 delete mode 100644 deployment/helm/skaha/templates/tests/test-connection.yaml
 delete mode 100644 deployment/helm/skaha/values.yaml
 delete mode 100644 deployment/helm/storage-ui/.helmignore
 delete mode 100644 deployment/helm/storage-ui/CHANGELOG.md
 delete mode 100644 deployment/helm/storage-ui/Chart.yaml
 delete mode 100644 deployment/helm/storage-ui/config/cadc-log.properties
 delete mode 100644 deployment/helm/storage-ui/config/cadc-registry.properties
 delete mode 100644 deployment/helm/storage-ui/config/catalina.properties
 delete mode 100644 deployment/helm/storage-ui/config/org.opencadc.vosui.properties
 delete mode 100644 deployment/helm/storage-ui/templates/storage-ui-clientsecret.yaml
 delete mode 100644 deployment/helm/storage-ui/templates/storage-ui-config-configmap.yaml
 delete mode 100644 deployment/helm/storage-ui/templates/storage-ui-ingress.yaml
 delete mode 100644 deployment/helm/storage-ui/templates/storage-ui-secrets.yaml
 delete mode 100644 deployment/helm/storage-ui/templates/storage-ui-tomcat-deployment.yaml
 delete mode 100644 deployment/helm/storage-ui/templates/storage-ui-tomcat-expose.yaml
 delete mode 100644 deployment/helm/storage-ui/values.yaml

diff --git a/deployment/helm/base/CHANGELOG.md b/deployment/helm/base/CHANGELOG.md
new file mode 100644
index 00000000..f5a46cb8
--- /dev/null
+++ b/deployment/helm/base/CHANGELOG.md
@@ -0,0 +1,4 @@
+# base Helm Chart for the Science Platform (0.4.0)
+
+## 2024.12.13 (0.4.0)
+- Update Traefik to use the 26.1.0 Helm Chart (Traefik Version 2.11.0)
diff --git a/deployment/helm/posix-mapper/.helmignore b/deployment/helm/posix-mapper/.helmignore
deleted file mode 100644
index 8380f283..00000000
--- a/deployment/helm/posix-mapper/.helmignore
+++ /dev/null
@@ -1,24 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
-*-values.yaml
diff --git a/deployment/helm/posix-mapper/CHANGELOG.md b/deployment/helm/posix-mapper/CHANGELOG.md
deleted file mode 100644
index 8fa949c2..00000000
--- a/deployment/helm/posix-mapper/CHANGELOG.md
+++ /dev/null
@@ -1,7 +0,0 @@
-# CHANGELOG for POSIX Mapper (Chart 0.1.8)
-
-## 2023.11.02 (0.1.8)
-- Swagger documentation fix (Bug)
-- Properly authenticate Bearer tokens (Improvement)
-- Now supports setting the `gmsID` and `oidcURI` configurations (was hard-coded to SKAO)
-- Code cleanup
\ No newline at end of file
diff --git a/deployment/helm/posix-mapper/Chart.yaml b/deployment/helm/posix-mapper/Chart.yaml
deleted file mode 100644
index 8fc11a7b..00000000
--- a/deployment/helm/posix-mapper/Chart.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-apiVersion: v2
-name: posixmapper
-description: "A Helm chart to install the UID/GID POSIX Mapper"
-
-# A chart can be either an 'application' or a 'library' chart.
-#
-# Application charts are a collection of templates that can be packaged into versioned archives
-# to be deployed.
-#
-# Library charts provide useful utilities or functions for the chart developer. They're included as
-# a dependency of application charts to inject those utilities and functions into the rendering
-# pipeline. Library charts do not define any templates and therefore cannot be deployed.
-type: application
-
-# This is the chart version. This version number should be incremented each time you make changes
-# to the chart and its templates, including the app version.
-# Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.11
-
-# This is the version number of the application being deployed. This version number should be
-# incremented each time you make changes to the application. Versions are not expected to
-# follow Semantic Versioning. They should reflect the version the application is using.
-# It is recommended to use it with quotes.
-appVersion: "0.2.1"
diff --git a/deployment/helm/posix-mapper/README.md b/deployment/helm/posix-mapper/README.md
new file mode 100644
index 00000000..93c2badd
--- /dev/null
+++ b/deployment/helm/posix-mapper/README.md
@@ -0,0 +1,2 @@
+# POSIX Mapper Helm Deployment
+Now available at the [OpenCADC Deployments](https://github.com/opencadc/deployments.git) repository.
\ No newline at end of file
diff --git a/deployment/helm/posix-mapper/config/cadc-registry.properties b/deployment/helm/posix-mapper/config/cadc-registry.properties
deleted file mode 100644
index bdad1377..00000000
--- a/deployment/helm/posix-mapper/config/cadc-registry.properties
+++ /dev/null
@@ -1,16 +0,0 @@
-#
-# local authority map
-#
-# <base standardID> = <authority>
-
-ivo://ivoa.net/std/GMS#search-1.0 = {{ .Values.deployment.posixMapper.gmsID }}
-ivo://ivoa.net/std/GMS#users-1.0 = {{ .Values.deployment.posixMapper.gmsID }}
-ivo://ivoa.net/std/UMS#users-0.1 = {{ .Values.deployment.posixMapper.gmsID }}
-ivo://ivoa.net/std/UMS#users-1.0 = {{ .Values.deployment.posixMapper.gmsID }}
-ivo://ivoa.net/sso#OAuth = {{ .Values.deployment.posixMapper.oidcURI }}
-ivo://ivoa.net/sso#OpenID = {{ .Values.deployment.posixMapper.oidcURI }}
-
-http://www.opencadc.org/std/posix#group-mapping-0.1 = {{ .Values.deployment.posixMapper.resourceID }}
-http://www.opencadc.org/std/posix#user-mapping-0.1 = {{ .Values.deployment.posixMapper.resourceID }}
-
-ca.nrc.cadc.reg.client.RegistryClient.baseURL = {{ .Values.deployment.posixMapper.registryURL }}
\ No newline at end of file
diff --git a/deployment/helm/posix-mapper/config/catalina.properties b/deployment/helm/posix-mapper/config/catalina.properties
deleted file mode 100644
index bd40827f..00000000
--- a/deployment/helm/posix-mapper/config/catalina.properties
+++ /dev/null
@@ -1,12 +0,0 @@
-tomcat.connector.scheme=https
-tomcat.connector.proxyName={{ .Values.deployment.hostname }}
-tomcat.connector.proxyPort=443
-ca.nrc.cadc.auth.PrincipalExtractor.enableClientCertHeader=true
-ca.nrc.cadc.util.Log4jInit.messageOnly=true
-# (default: ca.nrc.cadc.auth.NoOpIdentityManager)
-ca.nrc.cadc.auth.IdentityManager=org.opencadc.auth.StandardIdentityManager
-
-org.opencadc.posix.mapper.maxActive={{ .Values.postgresql.maxActive | default 8 }}
-org.opencadc.posix.mapper.username={{ .Values.postgresql.auth.username }}
-org.opencadc.posix.mapper.password={{ .Values.postgresql.auth.password }}
-org.opencadc.posix.mapper.url=jdbc:postgresql://posix-mapper-postgres.{{ .Values.skaha.namespace }}.svc.{{ .Values.kubernetesClusterDomain }}:5432/{{ .Values.postgresql.auth.database }}
diff --git a/deployment/helm/posix-mapper/config/posix-mapper.properties b/deployment/helm/posix-mapper/config/posix-mapper.properties
deleted file mode 100644
index 2752faa1..00000000
--- a/deployment/helm/posix-mapper/config/posix-mapper.properties
+++ /dev/null
@@ -1,9 +0,0 @@
-# service identity
-org.opencadc.posix.mapper.resourceID={{ .Values.deployment.posixMapper.resourceID }}
-
-# database schema
-org.opencadc.posix.mapper.schema={{ .Values.postgresql.auth.schema }}
-
-# ID ranges to allow some customization where administration is necessary
-org.opencadc.posix.mapper.uid.start={{ .Values.deployment.posixMapper.minUID }}
-org.opencadc.posix.mapper.gid.start={{ .Values.deployment.posixMapper.minGID }}
\ No newline at end of file
diff --git a/deployment/helm/posix-mapper/templates/posix-mapper-configmap.yaml b/deployment/helm/posix-mapper/templates/posix-mapper-configmap.yaml
deleted file mode 100644
index 450d665b..00000000
--- a/deployment/helm/posix-mapper/templates/posix-mapper-configmap.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: posix-mapper-config
-  namespace: {{ .Values.skaha.namespace }}
-data:
-{{ tpl (.Files.Glob "config/*").AsConfig . | indent 2 }}
diff --git a/deployment/helm/posix-mapper/templates/posix-mapper-ingress.yaml b/deployment/helm/posix-mapper/templates/posix-mapper-ingress.yaml
deleted file mode 100644
index cbd1c440..00000000
--- a/deployment/helm/posix-mapper/templates/posix-mapper-ingress.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: posix-mapper-ingress
-  namespace: {{ .Values.skaha.namespace }}
-  annotations:
-    spec.ingressClassName: traefik
-spec:
-  rules:
-  - host: {{ .Values.deployment.hostname }}
-    http:
-      paths:
-      - path: /posix-mapper
-        pathType: Prefix
-        backend:
-          service:
-            name: posix-mapper-tomcat-svc
-            port:
-              number: 8080
diff --git a/deployment/helm/posix-mapper/templates/posix-mapper-secrets.yaml b/deployment/helm/posix-mapper/templates/posix-mapper-secrets.yaml
deleted file mode 100644
index 68361ba1..00000000
--- a/deployment/helm/posix-mapper/templates/posix-mapper-secrets.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-{{- range $secretIndex, $secretName := .Values.secrets }}
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ $secretIndex }}
-  namespace: {{ $.Values.skaha.namespace }}
-type: Opaque
-data:
-  {{- range $certKey, $certValue := . }}
-    {{ $certKey }}: {{ $certValue | quote }}
-  {{- end }}
-{{- end }}
diff --git a/deployment/helm/posix-mapper/templates/posix-mapper-tomcat-deployment.yaml b/deployment/helm/posix-mapper/templates/posix-mapper-tomcat-deployment.yaml
deleted file mode 100644
index f6afadcf..00000000
--- a/deployment/helm/posix-mapper/templates/posix-mapper-tomcat-deployment.yaml
+++ /dev/null
@@ -1,67 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  labels:
-    run: posix-mapper-tomcat
-  name: posix-mapper-tomcat
-  namespace: {{ .Values.skaha.namespace }}
-spec:
-  replicas: {{ default 1 .Values.replicaCount }}
-  selector:
-    matchLabels:
-      run: posix-mapper-tomcat
-  template:
-    metadata:
-      creationTimestamp: null
-      labels:
-        run: posix-mapper-tomcat
-    spec:
-{{- with .Values.deployment.posixMapper.nodeAffinity }}
-      affinity:
-        nodeAffinity:
-{{ . | toYaml | indent 10 }}
-{{- end }}
-      imagePullSecrets:
-        - name: regcred
-      containers:
-      - image: {{ .Values.deployment.posixMapper.image }}
-        imagePullPolicy: {{ .Values.deployment.posixMapper.imagePullPolicy }}
-        name: posix-mapper-tomcat
-        resources:
-          requests:
-            memory: {{ .Values.deployment.posixMapper.resources.requests.memory }}
-            cpu: {{ .Values.deployment.posixMapper.resources.requests.cpu }}
-          limits:
-            memory: {{ .Values.deployment.posixMapper.resources.limits.memory }}
-            cpu: {{ .Values.deployment.posixMapper.resources.limits.cpu }}
-        {{- with .Values.deployment.posixMapper.extraEnv }}
-        env:
-        {{- toYaml . | nindent 8 }}
-        {{- end }}
-        ports:
-        - containerPort: 8080
-          protocol: TCP
-        {{- with .Values.deployment.posixMapper.extraPorts }}
-        {{- toYaml . | nindent 8 }}
-        {{- end }}
-        volumeMounts: 
-        - mountPath: "/config"
-          name: config-volume
-        {{- with .Values.deployment.posixMapper.extraVolumeMounts }}
-        {{- toYaml . | nindent 8 }}
-        {{- end }}
-{{- with .Values.deployment.extraHosts }}
-      hostAliases:
-{{- range $extraHost := . }}
-        - ip: {{ $extraHost.ip }}
-          hostnames:
-            - {{ $extraHost.hostname }}
-{{- end }}
-{{- end }}
-      volumes:
-      - name: config-volume
-        configMap:
-          name: posix-mapper-config
-      {{- with .Values.deployment.posixMapper.extraVolumes }}
-      {{- toYaml . | nindent 6 }}
-      {{- end }}
diff --git a/deployment/helm/posix-mapper/templates/posix-mapper-tomcat-expose.yaml b/deployment/helm/posix-mapper/templates/posix-mapper-tomcat-expose.yaml
deleted file mode 100644
index 01845b79..00000000
--- a/deployment/helm/posix-mapper/templates/posix-mapper-tomcat-expose.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: posix-mapper-tomcat-svc
-  namespace: {{ .Values.skaha.namespace }}
-  labels:
-    run: posix-mapper-tomcat-svc
-spec:
-  ports: 
-  - port: 8080
-    name: http-connection
-    protocol: TCP
-  {{ with .Values.service }}
-    {{ with .reg }}
-      {{ with .extraPorts }}
-  {{- toYaml . | nindent 2 }}
-      {{- end }}
-    {{- end }}
-  {{- end }}
-  selector:
-    run: posix-mapper-tomcat
diff --git a/deployment/helm/posix-mapper/templates/postgres-config.yaml b/deployment/helm/posix-mapper/templates/postgres-config.yaml
deleted file mode 100644
index 2cf36aaf..00000000
--- a/deployment/helm/posix-mapper/templates/postgres-config.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: posix-mapper-postgres-config
-  namespace: {{ .Values.skaha.namespace }}
-  labels:
-    app: posix-mapper-postgres
-data:
-  POSTGRES_DB: {{ .Values.postgresql.auth.database }}
-  POSTGRES_USER: {{ .Values.postgresql.auth.username }}
-  POSTGRES_PASSWORD: {{ .Values.postgresql.auth.password }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: posix-mapper-postgres-init
-  namespace: {{ .Values.skaha.namespace }}
-  labels:
-    app: posix-mapper-postgres
-data:
-  init_schema.sql: |
-      create schema {{ .Values.postgresql.auth.schema }};
\ No newline at end of file
diff --git a/deployment/helm/posix-mapper/templates/postgres-deploy.yaml b/deployment/helm/posix-mapper/templates/postgres-deploy.yaml
deleted file mode 100644
index 6527fdec..00000000
--- a/deployment/helm/posix-mapper/templates/postgres-deploy.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: posix-mapper-postgres
-  namespace: {{ .Values.skaha.namespace }}
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: posix-mapper-postgres
-  template:
-    metadata:
-      labels:
-        app: posix-mapper-postgres
-    spec:
-      containers:
-        - name: postgres
-          image: postgres:13
-          imagePullPolicy: IfNotPresent
-          ports:
-            - containerPort: 5432  # Exposes container port
-          envFrom:
-            - configMapRef:
-                name: posix-mapper-postgres-config
-          volumeMounts:
-            - mountPath: /docker-entrypoint-initdb.d
-              name: postgresinit
-            - mountPath: /var/lib/postgresql/data
-              name: postgresdb
-      volumes:
-        - name: postgresdb
-          {{- toYaml .Values.postgresql.storage.spec | nindent 10 }}
-        - name: postgresinit
-          configMap:
-            name: posix-mapper-postgres-init
diff --git a/deployment/helm/posix-mapper/templates/postgres-service.yaml b/deployment/helm/posix-mapper/templates/postgres-service.yaml
deleted file mode 100644
index 8d601408..00000000
--- a/deployment/helm/posix-mapper/templates/postgres-service.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: posix-mapper-postgres
-  namespace: {{ .Values.skaha.namespace }}
-  labels:
-    app: posix-mapper-postgres
-spec:
-  ports:
-    - port: 5432
-  selector:
-    app: posix-mapper-postgres
\ No newline at end of file
diff --git a/deployment/helm/posix-mapper/values.yaml b/deployment/helm/posix-mapper/values.yaml
deleted file mode 100644
index c233e715..00000000
--- a/deployment/helm/posix-mapper/values.yaml
+++ /dev/null
@@ -1,94 +0,0 @@
-kubernetesClusterDomain: cluster.local
-
-# Tell Kubernetes to spin up multiple instances.  Defaults to 1.
-replicaCount: 1
-
-# It's best to keep these set as such, unless you're willing to change these in several places.
-skaha:
-  namespace: skaha-system
-
-# POSIX Mapper web service deployment
-deployment:
-  hostname: example.host.com    # Change this!
-  posixMapper:
-    image: images.opencadc.org/platform/posix-mapper:0.2.1
-    imagePullPolicy: Always
-    resourceID: ivo://opencadc.org/posix-mapper
-
-    # URI or URL of the OIDC (IAM) server.  Used to validate incoming tokens.
-    oidcURI: https://ska-iam.stfc.ac.uk/
-
-    # ID (URI) of the GMS Service.
-    gmsID: ivo://skao.int/gms
-
-    # Optionally set the DEBUG port.
-    # extraEnv:
-    # - name: CATALINA_OPTS
-    #   value: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=0.0.0.0:5555"
-    # - name: JAVA_OPTS
-    #   value: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=0.0.0.0:5555"
-
-    # Uncomment to debug.  Requires options above as well as service port exposure below.
-    # extraPorts:
-    # - containerPort: 5555
-    #   protocol: TCP
-
-    # Resources provided to the Skaha service.
-    resources:
-      requests:
-        memory: "1Gi"
-        cpu: "500m"
-      limits:
-        memory: "1Gi"
-        cpu: "500m"
-
-    minUID: 10000
-    minGID: 900000
-    registryURL: https://spsrc27.iaa.csic.es/reg
-
-    # This applies to the POSIX Mapper itself.  Meaning, this Pod will be scheduled as described
-    # by the nodeAffinity clause.
-    # See https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/
-    # nodeAffinity: {}
-
-    # Optionally mount a custom CA certificate
-    # extraVolumeMounts:
-    # - mountPath: "/config/cacerts"
-    #   name: cacert-volume
-
-    # Create the CA certificate volume to be mounted in extraVolumeMounts
-    # extraVolumes:
-    # - name: cacert-volume
-    #   secret:
-    #     defaultMode: 420
-    #     secretName: posix-manager-cacert-secret
-
-  # Specify extra hostnames that will be added to the Pod's /etc/hosts file.  Note that this is in the
-  # deployment object, not the posixMapper one.
-  #
-  # These entries get added as hostAliases entries to the Deployment.
-  #
-  # Example:
-  # extraHosts:
-  #   - ip: 127.3.34.5
-  #     hostname: myhost.example.org
-  #
-  # extraHosts: []
-secrets:
-  # Uncomment to enable local or self-signed CA certificates for your domain to be trusted.
-  # posix-manager-cacert-secret:
-  #   ca.crt: <base64 encoded ca crt>
-
-# These values are preset in the catalina.properties, and this default database only exists beside this service.
-# It's usually safe to leave these as-is, but make sure they match the values in catalina.properties.
-postgresql:
-  maxActive: 8
-  auth:
-    username: posixmapper
-    password: posixmapperpwd
-    database: mapping
-    schema: mapping
-  storage:
-    spec:
-      hostPath:
-        path: "/posix-mapper/data"
diff --git a/deployment/helm/science-portal/.helmignore b/deployment/helm/science-portal/.helmignore
deleted file mode 100644
index 8380f283..00000000
--- a/deployment/helm/science-portal/.helmignore
+++ /dev/null
@@ -1,24 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
-*-values.yaml
diff --git a/deployment/helm/science-portal/CHANGELOG.md b/deployment/helm/science-portal/CHANGELOG.md
deleted file mode 100644
index 6097598b..00000000
--- a/deployment/helm/science-portal/CHANGELOG.md
+++ /dev/null
@@ -1,23 +0,0 @@
-# CHANGELOG for Science Portal UI (Chart 0.4.0)
-
-## 2024.12.04 (0.4.0)
-- Select by project enabled to constrain images in pull-down menu
-- Add Advanced tab to enable proprietary image support
-
-## 2024.09.05 (0.2.11)
-- Fix screen blanking when image selection not yet loaded
-- Remove all (or most) warnings in Browser Console
-
-## 2024.06.24 (0.2.7)
-- Fix to use tokens for APIs on a different host.
-
-## 2023.12.11 (0.2.2)
-- OpenID Connect login support
-
-## 2023.11.25 (0.1.2)
-- Properly report a missing configuration for a Skaha API
-- Application version correction to make in line with `main` branch
-
-## 2023.11.02 (0.1.1)
-- Fix remote registry lookup from JavaScript in favor of server side processing (Bug)
-- Code cleanup
diff --git a/deployment/helm/science-portal/Chart.yaml b/deployment/helm/science-portal/Chart.yaml
deleted file mode 100644
index 6726f2ad..00000000
--- a/deployment/helm/science-portal/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-name: scienceportal
-description: "A Helm chart to install the Science Portal UI"
-
-# A chart can be either an 'application' or a 'library' chart.
-#
-# Application charts are a collection of templates that can be packaged into versioned archives
-# to be deployed.
-#
-# Library charts provide useful utilities or functions for the chart developer. They're included as
-# a dependency of application charts to inject those utilities and functions into the rendering
-# pipeline. Library charts do not define any templates and therefore cannot be deployed.
-type: application
-
-# This is the chart version. This version number should be incremented each time you make changes
-# to the chart and its templates, including the app version.
-# Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.4.0
-
-# This is the version number of the application being deployed. This version number should be
-# incremented each time you make changes to the application. Versions are not expected to
-# follow Semantic Versioning. They should reflect the version the application is using.
-# It is recommended to use it with quotes.
-appVersion: "0.5.3"
-
-dependencies:
-  - name: "redis"
-    version: "^18.19.0"
-    repository: "oci://registry-1.docker.io/bitnamicharts"
-  - name: "utils"
-    version: "^0.1.0"
-    repository: "file://../utils"
diff --git a/deployment/helm/science-portal/README.md b/deployment/helm/science-portal/README.md
index 703ff834..47e06004 100644
--- a/deployment/helm/science-portal/README.md
+++ b/deployment/helm/science-portal/README.md
@@ -1,102 +1,2 @@
-# Helm Chart for the Science Portal user interface
-
-See the [Deployment Guide](../README.md) for a better idea of the underlying APIs.
-
-## Dependencies
-
-- An existing Kubernetes cluster.
-- An IVOA Registry (See the [Current SKAO Registry](https://spsrc27.iaa.csic.es/reg))
-- A working Science Platform system
-
-## Install
-
-The Science Portal is a Single Page Application (SPA) with a rich Javascript client and DOM manager.  It uses React to power the various Dashboard elements, and is configurable for different OpenID Providers (OIdP).
-
-### Minimum Helm configuration
-
-See the full set of options in the [values.yaml](https://github.com/opencadc/science-platform/blob/SP-3544/deployment/helm/science-portal/values.yaml).  The deployed Redirect URI (`redirect_uri`) is `/science-portal/oidc-callback`, which handles
-receiving the `code` as part of the authorization code flow, and obtaining a token to put into a cookie.
-
-`my-science-portal-local-values-file.yaml`
-```yaml
-deployment:
-  hostname: example.com # Change this!
-  sciencePortal:
-    # OIDC (IAM) server configuration.  These are required
-    oidc:
-      # Location of the OpenID Provider (OIdP), and where users will login
-      uri: https://ska-iam.stfc.ac.uk/
-
-      # The Client ID as listed on the OIdP.  Create one at the uri above.
-      clientID: 
-
-      # The Client Secret, which should be generated by the OIdP.
-      clientSecret: 
-
-      # Where the OIdP should send the User after successful authentication.  This is also known as the redirect_uri in OpenID.  This URI NEEDS
-      redirectURI: https://example.com/science-portal/oidc-callback
-
-      # Where to redirect to after the redirectURI callback has completed.  This will almost always be the URL to the /science-portal main page (https://example.com/science-portal).
-      callbackURI: https://example.com/science-portal/
-
-      # The standard OpenID scopes for token requests.  This is required, and if using the SKAO IAM, can be left as-is.
-      scope: "openid profile offline_access"
-
-    # Optionally mount a custom CA certificate
-    # extraVolumeMounts:
-    # - mountPath: "/config/cacerts"
-    #   name: cacert-volume
-
-    # Create the CA certificate volume to be mounted in extraVolumeMounts
-    # extraVolumes:
-    # - name: cacert-volume
-    #   secret:
-    #     defaultMode: 420
-    #     secretName: science-portal-cacert-secret
-
-    # The Resource ID of the Service that contains the URL of the Skaha service in the IVOA Registry
-    skahaResourceID: ivo://example.org/skaha
-
-    # Array of tab labels from left to right.  There are two supported tabs currently: Public (Standard) and Private (Advanced)
-    # Recommended is Standard and Advanced, but you do you.
-    # Example:
-    #
-    # tabLabels:
-    #   - Standard
-    #   - Advanced
-    #
-    tabLabels: []
-
-    # The logo in the top left.  No link associated, just the image.  This can be relative, or absolute.
-    # Default is the SRCNet Logo.
-    # logoURL: /science-portal/images/SRCNetLogo.png
-
-# secrets:
-  # Uncomment to enable local or self-signed CA certificates for your domain to be trusted.
-  # science-portal-cacert-secret:
-    # ca.crt: <base64 encoded ca.crt blob>
-```
-
-### Run with configured values
-
-```bash
-helm repo update
-
-helm install -n skaha-system --values my-science-portal-local-values-file.yaml scienceportal science-platform/scienceportal
-
-Release "scienceportal" has been installed. Happy Helming!
-NAME: scienceportal
-LAST DEPLOYED: Thu Oct 19 11:59:15 2023
-NAMESPACE: skaha-system
-STATUS: deployed
-REVISION: 1
-TEST SUITE: None
-```
-
-## Authentication & Authorization
-
-A&A is handle by caching the Token Set server side and issuing a cookie to the browser to enable secure retrieval.  See the [Application Authentication Documentation](../../../docs/authentication/).
-
-## Endpoints
-
-The system will be available at the `/science-portal` endpoint, (i.e. https://example.com/science-portal).  Authenticating to the system is mandatory.
+# Science Portal Helm Deployment
+Now available at the [OpenCADC Deployments](https://github.com/opencadc/deployments.git) repository.
\ No newline at end of file
diff --git a/deployment/helm/science-portal/config/cadc-log.properties b/deployment/helm/science-portal/config/cadc-log.properties
deleted file mode 100644
index 446bf613..00000000
--- a/deployment/helm/science-portal/config/cadc-log.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-{{- range $val := .Values.deployment.sciencePortal.loggingGroups }}
-group = {{ $val }}
-{{- end }}
\ No newline at end of file
diff --git a/deployment/helm/science-portal/config/cadc-registry.properties b/deployment/helm/science-portal/config/cadc-registry.properties
deleted file mode 100644
index 3a73e935..00000000
--- a/deployment/helm/science-portal/config/cadc-registry.properties
+++ /dev/null
@@ -1,22 +0,0 @@
-#
-# local authority map
-#
-# <base standardID> = <authority>
-
-ivo://ivoa.net/std/GMS#search-1.0 = {{ .Values.deployment.sciencePortal.gmsID }}
-ivo://ivoa.net/std/GMS#users-1.0 = {{ .Values.deployment.sciencePortal.gmsID }}
-ivo://ivoa.net/std/UMS#users-0.1 = {{ .Values.deployment.sciencePortal.gmsID }}
-ivo://ivoa.net/std/UMS#users-1.0 = {{ .Values.deployment.sciencePortal.gmsID }}
-ivo://ivoa.net/sso#tls-with-password = {{ .Values.deployment.sciencePortal.gmsID }}
-{{- if .Values.deployment.sciencePortal.oidc }}
-ivo://ivoa.net/sso#OAuth = {{ .Values.deployment.sciencePortal.oidc.uri }}
-ivo://ivoa.net/sso#OpenID = {{ .Values.deployment.sciencePortal.oidc.uri }}
-{{- else }}
-ivo://ivoa.net/sso#OAuth = {{ .Values.deployment.sciencePortal.gmsID }}
-ivo://ivoa.net/sso#OpenID = {{ .Values.deployment.sciencePortal.gmsID }}
-{{- end }}
-
-# Ignore this, it's only here to satisfy the availability check.
-ivo://ivoa.net/std/CDP#proxy-1.0 = ivo://cadc.nrc.ca/cred
-
-ca.nrc.cadc.reg.client.RegistryClient.baseURL = {{ .Values.deployment.sciencePortal.registryURL }}
\ No newline at end of file
diff --git a/deployment/helm/science-portal/config/catalina.properties b/deployment/helm/science-portal/config/catalina.properties
deleted file mode 100644
index 89fa0b63..00000000
--- a/deployment/helm/science-portal/config/catalina.properties
+++ /dev/null
@@ -1,7 +0,0 @@
-tomcat.connector.scheme=https
-tomcat.connector.proxyName={{ .Values.deployment.hostname }}
-tomcat.connector.proxyPort=443
-ca.nrc.cadc.auth.PrincipalExtractor.enableClientCertHeader=true
-ca.nrc.cadc.util.Log4jInit.messageOnly=true
-# (default: ca.nrc.cadc.auth.NoOpIdentityManager)
-ca.nrc.cadc.auth.IdentityManager={{ .Values.deployment.sciencePortal.identityManagerClass }}
\ No newline at end of file
diff --git a/deployment/helm/science-portal/config/org.opencadc.science-portal.properties b/deployment/helm/science-portal/config/org.opencadc.science-portal.properties
deleted file mode 100644
index e3f7e929..00000000
--- a/deployment/helm/science-portal/config/org.opencadc.science-portal.properties
+++ /dev/null
@@ -1,29 +0,0 @@
-org.opencadc.science-portal.sessions.resourceID = {{ .Values.deployment.sciencePortal.skahaResourceID }}
-org.opencadc.science-portal.sessions.standard = vos://cadc.nrc.ca~vospace/CADC/std/Proc#sessions-1.0
-org.opencadc.science-portal.logoURL = {{ .Values.deployment.sciencePortal.logoURL }}
-org.opencadc.science-portal.themeName = {{ .Values.deployment.sciencePortal.themeName | default "src" }}
-
-{{- if empty .Values.deployment.sciencePortal.tabLabels }}
-  {{ required ".Values.deployment.sciencePortal.tabLabels is missing or empty" .Values.deployment.sciencePortal.tabLabels }}
-{{- else }}
-  org.opencadc.science-portal.tabLabels = {{ .Values.deployment.sciencePortal.tabLabels | join "," }}
-{{- end }}
-
-{{- with .Values.deployment.sciencePortal.oidc }}
-org.opencadc.science-portal.oidc.clientID = {{ .clientID }}
-
-{{ if .existingSecretName -}}
-  {{- $existingSecretName := .existingSecretName -}}
-  {{- $namespace := .Values.skaha.namespace -}}
-  {{- $clientSecret := include "getSecretKeyValue" (list $existingSecretName "clientSecret" $namespace) -}}
-org.opencadc.science-portal.oidc.clientSecret = {{ $clientSecret }}
-{{- else -}}
-org.opencadc.science-portal.oidc.clientSecret = {{ .clientSecret }}
-{{- end }}
-
-org.opencadc.science-portal.oidc.callbackURI = {{ .callbackURI }}
-org.opencadc.science-portal.oidc.redirectURI = {{ .redirectURI }}
-org.opencadc.science-portal.oidc.scope = {{ .scope }}
-{{- end }}
-
-org.opencadc.science-portal.tokenCache.url = redis://{{ $.Release.Name }}-redis-master.{{ $.Values.skaha.namespace }}.svc.{{ $.Values.kubernetesClusterDomain }}:6379
diff --git a/deployment/helm/science-portal/templates/science-portal-config-configmap.yaml b/deployment/helm/science-portal/templates/science-portal-config-configmap.yaml
deleted file mode 100644
index c6f30592..00000000
--- a/deployment/helm/science-portal/templates/science-portal-config-configmap.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: science-portal-config
-  namespace: {{ .Values.skaha.namespace }}
-data:
-{{ tpl (.Files.Glob "config/*").AsConfig . | indent 2 }}
-{{- include "utils.extraConfig" (dict "extraConfigData" .Values.deployment.sciencePortal.extraConfigData) -}}
\ No newline at end of file
diff --git a/deployment/helm/science-portal/templates/science-portal-ingress.yaml b/deployment/helm/science-portal/templates/science-portal-ingress.yaml
deleted file mode 100644
index 2ac66355..00000000
--- a/deployment/helm/science-portal/templates/science-portal-ingress.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: science-portal-ingress
-  namespace: {{ .Values.skaha.namespace }}
-  annotations:
-    spec.ingressClassName: traefik
-spec:
-  rules:
-  - host: {{ .Values.deployment.hostname }}
-    http:
-      paths:
-      - path: /science-portal
-        pathType: Prefix
-        backend:
-          service:
-            name: science-portal-tomcat-svc
-            port:
-              number: 8080
diff --git a/deployment/helm/science-portal/templates/science-portal-secrets.yaml b/deployment/helm/science-portal/templates/science-portal-secrets.yaml
deleted file mode 100644
index 68361ba1..00000000
--- a/deployment/helm/science-portal/templates/science-portal-secrets.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-{{- range $secretIndex, $secretName := .Values.secrets }}
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ $secretIndex }}
-  namespace: {{ $.Values.skaha.namespace }}
-type: Opaque
-data:
-  {{- range $certKey, $certValue := . }}
-    {{ $certKey }}: {{ $certValue | quote }}
-  {{- end }}
-{{- end }}
diff --git a/deployment/helm/science-portal/templates/science-portal-tomcat-deployment.yaml b/deployment/helm/science-portal/templates/science-portal-tomcat-deployment.yaml
deleted file mode 100644
index d8ac294e..00000000
--- a/deployment/helm/science-portal/templates/science-portal-tomcat-deployment.yaml
+++ /dev/null
@@ -1,66 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  labels:
-    run: science-portal-tomcat
-  name: science-portal-tomcat
-  namespace: {{ .Values.skaha.namespace }}
-spec:
-  replicas: {{ default 1 .Values.replicaCount }}
-  selector:
-    matchLabels:
-      run: science-portal-tomcat
-  template:
-    metadata:
-      labels:
-        run: science-portal-tomcat
-    spec:
-{{- with .Values.deployment.sciencePortal.nodeAffinity }}
-      affinity:
-        nodeAffinity:
-{{ . | toYaml | indent 10 }}
-{{- end }}
-      imagePullSecrets:
-        - name: regcred
-      containers:
-      - image: {{ .Values.deployment.sciencePortal.image }}
-        imagePullPolicy: {{ .Values.deployment.sciencePortal.imagePullPolicy }}
-        name: science-portal-tomcat
-        resources:
-          requests:
-            memory: {{ .Values.deployment.sciencePortal.resources.requests.memory }}
-            cpu: {{ .Values.deployment.sciencePortal.resources.requests.cpu }}
-          limits:
-            memory: {{ .Values.deployment.sciencePortal.resources.limits.memory }}
-            cpu: {{ .Values.deployment.sciencePortal.resources.limits.cpu }}
-        ports: 
-        - containerPort: 8080
-          protocol: TCP
-        {{- with .Values.deployment.sciencePortal.extraPorts }}
-        {{- toYaml . | nindent 8 }}
-        {{- end }}
-        volumeMounts: 
-        - mountPath: "/config"
-          name: config-volume
-        {{- with .Values.deployment.sciencePortal.extraVolumeMounts }}
-        {{- toYaml . | nindent 8 }}
-        {{- end }}
-        {{- if .Values.deployment.sciencePortal.extraEnv }}
-        env:
-        {{- with .Values.deployment.sciencePortal.extraEnv }}
-        {{- toYaml . | nindent 8 }}
-        {{- end }}
-        {{- end }}
-    {{- range $extraHost := .Values.deployment.extraHosts }}
-      hostAliases:
-        - ip: {{ $extraHost.ip }}
-          hostnames:
-            - {{ $extraHost.hostname }}
-    {{- end }}
-      volumes:
-      - name: config-volume
-        configMap:
-          name: science-portal-config
-      {{- with .Values.deployment.sciencePortal.extraVolumes }}
-      {{- toYaml . | nindent 6 }}
-      {{- end }}
diff --git a/deployment/helm/science-portal/templates/science-portal-tomcat-expose.yaml b/deployment/helm/science-portal/templates/science-portal-tomcat-expose.yaml
deleted file mode 100644
index 03c0f0cf..00000000
--- a/deployment/helm/science-portal/templates/science-portal-tomcat-expose.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: science-portal-tomcat-svc
-  namespace: {{ .Values.skaha.namespace }}
-  labels:
-    run: science-portal-tomcat-svc
-spec:
-  ports: 
-  - port: 8080
-    name: http-connection
-    protocol: TCP
-  {{ with .Values.service }}
-    {{ with .reg }}
-      {{ with .extraPorts }}
-  {{- toYaml . | nindent 2 }}
-      {{- end }}
-    {{- end }}
-  {{- end }}
-  selector:
-    run: science-portal-tomcat
diff --git a/deployment/helm/science-portal/values.yaml b/deployment/helm/science-portal/values.yaml
deleted file mode 100644
index e5bf1ed6..00000000
--- a/deployment/helm/science-portal/values.yaml
+++ /dev/null
@@ -1,104 +0,0 @@
-kubernetesClusterDomain: cluster.local
-
-# Tell Kubernetes to spin up multiple instances.  Defaults to 1.
-replicaCount: 1
-
-# It's best to keep these set as such, unless you're willing to change these in several places.
-skaha:
-  namespace: skaha-system
-
-# POSIX Mapper web service deployment
-deployment:
-  hostname: example.host.com    # Change this!
-  sciencePortal:
-    image: images.opencadc.org/platform/science-portal:0.5.3
-    imagePullPolicy: Always
-
-    tabLabels:
-      - "Standard"
-      - "Advanced"
-
-    # Optionally set the DEBUG port.
-    # extraEnv:
-    # - name: CATALINA_OPTS
-    #   value: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=0.0.0.0:5555"
-    # - name: JAVA_OPTS
-    #   value: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=0.0.0.0:5555"
-
-    # Uncomment to debug.  Requires options above as well as service port exposure below.
-    # extraPorts:
-    # - containerPort: 5555
-    #   protocol: TCP
-
-    # Resources provided to the Skaha service.
-    resources:
-      requests:
-        memory: "500M"
-        cpu: "500m"
-      limits:
-        memory: "500M"
-        cpu: "500m"
-
-    # The Resource ID of the Service that contains the URL of the Skaha service in the IVOA Registry
-    skahaResourceID: ivo://example.org/skaha
-
-    # ID (URI) of the GMS Service.
-    gmsID: ivo://skao.int/gms
-
-    # OIDC (IAM) server configuration.  These are required
-    # oidc:
-      # Location of the OpenID Provider (OIdP)
-      # uri: https://ska-iam.stfc.ac.uk/
-      # The Client ID as listed on the OIdP.
-      # clientID: 
-      # The Client Secret, which should be generated by the OIdP.
-      # clientSecret: 
-      # Name of existing secret containing 'clientSecret' key with value of Client Secret, which should be generated by the OIdP.
-      # This is an alternative to providing the 'clientSecret' in cleartext in the chart.
-      # existingSecretName:
-      # Where the OIdP should send the User after successful authentication (redirect_uri)
-      # redirectURI:
-      # Where to redirect to after the redirectURI callback has completed.  This will usually be the URL to the /science-portal main page.
-      # callbackURI: 
-      # The standard OpenID scopes for token requests.  This is required.
-      # scope: "openid profile offline_access"
-
-    # Set the Registry URL pointing to the desired registry (https:// URL)
-    # registryURL: https://example.org/reg
-
-    # This applies to the Science Portal itself.  Meaning, this Pod will be scheduled as described
-    # by the nodeAffinity clause.
-    # See https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/
-    # nodeAffinity: {}
-
-    # The IdentityManager class handling authentication.  This should generally be left alone
-    identityManagerClass: org.opencadc.auth.StandardIdentityManager
-
-    # Optionally mount a custom CA certificate
-    # extraVolumeMounts:
-    # - mountPath: "/config/cacerts"
-    #   name: cacert-volume
-
-    # Create the CA certificate volume to be mounted in extraVolumeMounts
-    # extraVolumes:
-    # - name: cacert-volume
-    #   secret:
-    #     defaultMode: 420
-    #     secretName: science-portal-cacert-secret
-
-    # Supported theme name (src or canfar).
-    themeName: src
-
-# secrets:
-  # Uncomment to enable local or self-signed CA certificates for your domain to be trusted.
-  # science-portal-cacert-secret:
-  #   ca.crt: <base64 encoded ca crt>
-
-# For the token caching
-redis:
-  architecture: 'standalone'
-  auth:
-    enabled: false
-  master:
-    persistence:
-      enabled: false
diff --git a/deployment/helm/skaha/.helmignore b/deployment/helm/skaha/.helmignore
deleted file mode 100644
index 8380f283..00000000
--- a/deployment/helm/skaha/.helmignore
+++ /dev/null
@@ -1,24 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
-*-values.yaml
diff --git a/deployment/helm/skaha/CHANGELOG.md b/deployment/helm/skaha/CHANGELOG.md
deleted file mode 100644
index 92bca51a..00000000
--- a/deployment/helm/skaha/CHANGELOG.md
+++ /dev/null
@@ -1,62 +0,0 @@
-# CHANGELOG for Skaha User Session API (Chart 0.9.0)
-
-## 2024.10.23 (0.9.0)
-- Add `x-skaha-registry-auth` request header support to set Harbor CLI secret (or other Image Registry secret)
-
-## 2024.10.18 (0.8.0)
-- Allow setting nodeAffinity values for proper scheduling.
-
-## 2024.10.10 (0.7.8)
-- Fix for client certificate injection
-
-## 2024.10.07 (0.7.3)
-- Fix for security context in image caching job
-
-## 2024.10.04 (0.7.2)
-- Fix to inject user client certificates properly
-
-## 2024.10.03 (0.7.1)
-- Small fix to ensure userinfo endpoint is obtained from the Identity Provider for applications using the StandardIdentityManager
-
-## 2024.09.20 (0.6.0)
-- Feature to allow mounting volumes into user sessions
-
-## 2024.09.19 (0.5.1)
-- Fix to add `headlessPriorityGroup` and `headlessPriorityClass` configurations
-
-## 2024.09.10
-- Enforce configuration by deployers by removing some default values
-- Sessions now contain their own stanza (`sessions:`)
-  - `deployment.skaha.maxUserSessions` is now `deployment.skaha.sessions.maxCount`
-  - `deployment.skaha.sessionExpiry` is now `deployment.skaha.sessions.expirySeconds`
-  - Added `deployment.skaha.sessions.minEphemeralStorage` and `deployment.skaha.sessions.maxEphemeralStorage`
-
-## 2024.09.04
-- Fix for Desktop Applications not starting due to API token being overwritten
-
-## 2024.05.06
-- Small change to deploy on CADC infrastructure with CephFS quotas
-
-## 2024.03.11
-- Large development branch merged into `master`.  This is a point release only.
-
-## 2024.02.26
-- Fix multiple users in Desktop session Applications
-- Add `loggingGroup` access to permit log level modification
-- Externalize the CARTA startup script to better diagnose issues
-- Bug fixes around user home directory allocations
-
-## 2024.01.12 (0.3.6)
-- Desktop sessions have trusted API access to the Skaha service
-- Better support for Access Tokens
-
-## 2023.11.14 (0.3.0)
-- Desktop sessions are still not complete, but have improved.
-  - Fix to call menu building using Tokens
-  - Fix Desktop and Desktop App launching to use Tokens for authenciated access back to Skaha
-- Fix PosixPrincipal username if missing
-
-## 2023.11.02 (0.2.17)
-- Remove unnecessary call to POSIX Mapper for Group mapping (Bug - performance)
-- Fix when POSIX Mapper includes large number of users and/or groups (Bug)
-- Clean up of code
diff --git a/deployment/helm/skaha/Chart.yaml b/deployment/helm/skaha/Chart.yaml
deleted file mode 100644
index 13188e6f..00000000
--- a/deployment/helm/skaha/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-name: skaha
-description: "A Helm chart to install the Skaha web service of the CANFAR Science Platform"
-
-# A chart can be either an 'application' or a 'library' chart.
-#
-# Application charts are a collection of templates that can be packaged into versioned archives
-# to be deployed.
-#
-# Library charts provide useful utilities or functions for the chart developer. They're included as
-# a dependency of application charts to inject those utilities and functions into the rendering
-# pipeline. Library charts do not define any templates and therefore cannot be deployed.
-type: application
-
-# This is the chart version. This version number should be incremented each time you make changes
-# to the chart and its templates, including the app version.
-# Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.9.1
-
-# This is the version number of the application being deployed. This version number should be
-# incremented each time you make changes to the application. Versions are not expected to
-# follow Semantic Versioning. They should reflect the version the application is using.
-# It is recommended to use it with quotes.
-appVersion: "0.23.1"
-
-dependencies:
-  - name: "redis"
-    version: "^18.19.0"
-    repository: "oci://registry-1.docker.io/bitnamicharts"
-  - name: "utils"
-    version: "^0.1.0"
-    repository: "file://../utils"
diff --git a/deployment/helm/skaha/README.md b/deployment/helm/skaha/README.md
index e5d884cd..df619f98 100644
--- a/deployment/helm/skaha/README.md
+++ b/deployment/helm/skaha/README.md
@@ -1,63 +1,2 @@
-# Helm Chart for the Skaha web service CANFAR Science Platform
-
-See the [Deployment Guide](../README.md) for a better idea of a full system.
-
-## Install
-
-The `sample-local-values.yaml` provides a sample configuration for your deployment.
-
-It is assumed that the `base` install has already been performed.  See https://github.com/opencadc/science-platform/tree/SP-3544/deployment/helm/base.
-
-It is assumed that the `posix-mapper` install has already been performed.  See https://github.com/opencadc/science-platform/tree/SP-3544/deployment/helm/posix-mapper.
-
-It is also assumed that an IVOA Registry is running that will direct service lookups to appropriate URLs.
-
-### From source
-
-Installation depends on a working Kubernetes cluster version 1.23 or greater.
-
-The base install also installs the Traefik proxy, which is needed by the Ingress when the Science Platform services are installed.
-
-```sh
-$ git clone https://github.com/opencadc/science-platform.git
-$ cd science-platform/deployment/helm
-$ helm install -n skaha-system --dependency-update --values my-values-local.yaml <name> ./skaha
-```
-
-Where `<name>` is the name of this installation.  Example:
-```sh
-$ helm install -n skaha-system --dependency-update --values my-values-local.yaml skaha ./skaha
-```
-This will install Skaha service dependency, as well as the Skaha webservice and any necessary Ingress.
-```
-NAME: skaha
-LAST DEPLOYED: <Timestamp e.g. Fri Jun 30 10:39:04 2023>
-STATUS: deployed
-REVISION: 1
-TEST SUITE: None
-```
-
-## Verification
-
-After the install, there should exist the necessary Namespaces and Objects.  See the Namespaces:
-
-```sh
-$ kubectl -n skaha-system get services
-NAME                   STATUS   AGE
-...
-skaha-system   skaha-tomcat-svc             ClusterIP      10.108.202.148   <none>        8080/TCP            41m
-```
-
-The [IVOA VOSI availability](https://www.ivoa.net/documents/VOSI/20170524/REC-VOSI-1.1.html#tth_sEc5.5) endpoint can be used to 
-check that the Skaha service has started properly.  It may take a few moments to start up.
-
-```sh
-$ curl https://myhost.example.com/skaha/availability
-
-<?xml version="1.0" encoding="UTF-8"?>
-<vosi:availability xmlns:vosi="http://www.ivoa.net/xml/VOSIAvailability/v1.0">
-  <vosi:available>true</vosi:available>
-  <vosi:note>skaha service is available.</vosi:note>
-  <!--<clientip>192.1.1.4</clientip>-->
-</vosi:availability>
-```
+# Skaha Helm Deployment
+Now available at the [OpenCADC Deployments](https://github.com/opencadc/deployments.git) repository.
\ No newline at end of file
diff --git a/deployment/helm/skaha/add-user-config/Xresources b/deployment/helm/skaha/add-user-config/Xresources
deleted file mode 100644
index 94832937..00000000
--- a/deployment/helm/skaha/add-user-config/Xresources
+++ /dev/null
@@ -1,4 +0,0 @@
-# Enables copy paste to xterm via ctrl-shift-C and ctrl-shift-V
-XTerm*vt100.translations: #override \
-    Shift Ctrl <Key> C: copy-selection(SELECT) \n\
-    Shift Ctrl <Key> V: insert-selection(SELECT)
diff --git a/deployment/helm/skaha/add-user-config/bashrc b/deployment/helm/skaha/add-user-config/bashrc
deleted file mode 100644
index dee567f4..00000000
--- a/deployment/helm/skaha/add-user-config/bashrc
+++ /dev/null
@@ -1,8 +0,0 @@
-# Default .bashrc for CANFAR cavern/skaha allocation
-# Feel free to modify
-
-# Command prompt
-export PS1='\r\ncwd: \w\r\n > '
-
-# Aliases
-alias ll='ls -l'
diff --git a/deployment/helm/skaha/add-user-config/casa/casa-config.tar b/deployment/helm/skaha/add-user-config/casa/casa-config.tar
deleted file mode 100644
index 6408b390e19c87fc16be271f1bfc50aba1af40e5..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 81920
zcmeIbTaz2vwdYr@%Q>U+Iri9&n0azUHYo;*9M%Pwsv>#R-6Gj!i*raer%7E}qKrTR
zSygD_CL}<zI?m{2{3RUz8jkRH@|*4O^Z55)YwyeissNT$C|c4fN=*XD%(eGk_uJmt
z9i2>$hlB04OZ>CLpZ(q4HU6pY?^etI>XQDfRqOS7V{doAzFS+{sn%=z`)kSWCC(`a
zJ<TSqagwaHTZ6;acsR=PE3+Rybba>jznX8|K>zUXxV<@;_S12<y}}iUz<Z5GneLGf
zbg2Qkp?__^R^4gT_V=Lw-rjy~E!kP&92SE5S5E)y$>y!i<k_&3-b-E{r@h|h%l5cC
zn%K|D^Wh{Jr>$P^<aTl}og~@u@LiU)hy8v!nCQcJoVF*ullAMjR`+N9`ug?c;c#%+
zJ(`YNlkRYk9CmwYayT3(flZUm&G>QL)`fm+VvoH#w)^;+3=fmZaX0g4`FA)-^;_jl
zdXl_t^`>bh>2(Kbw#8^q^?~IKCavzEJ2>Lz-bwQAxI0O+QLCLMz?%U2AU*01?1t8$
zqhAI|E4iMu#%a<$8Vtv22VkuNLtDuMuvXx!HAtR+{R%M2h~HV5%^-Q#og62f)}+N;
zR)@!1>rCdAP{98gIep*ikH8~HXeE`=cqpt^96v0zeVlX$?cTHlCR)isD+7~4yH?uj
zbTWWt!+x5yk(gn>`+aL7!a$Q&GHQ({-S)JHA{|Y~qhXeAY3wI+6gV7Cfz=%tDyLaG
zu4Ks{x3?lqJ6$o;aC`y=dHR$_x}9{vB?|$4y<w}9c9Me=e&~V3Bj%80`d4JCY=+eV
zCaAMYvcXijkpFNq8IFv(Cd1^(3$ubY>-$O8H9WO?T}a9EqmyLw^Q02zS%Q)DTW>&D
zuX~s#Z&PLt3%yMTU8KWc8TKRIp+Y}x4dA4q%|FRfo@w=x{;)Ic0fyfv)A1nA22Alw
z%K)>Gc5Bo+fF9}KZFf8zNCFN0$K9jj%@o9jl>+eHaQx=BmeCbSw7xH&CM^G1Yx1;p
z04&L}F`YAYYdQhxfH>@>@4E-xUYGACKWXBaNqVip(X@5sgnbJ3%S41(x^1n!5ZU#>
zO9dIl5g>Lro+Mjah8+X*+|7+h*_~u*?+`8nHUd{c9gUK3y<&^X)*V6<l*KE8dpI8U
z1vL(Ei{HK)Oh>)p<eTYW(uHlsF<JaEXKJu{+#0k~*Jt8p_);tyI3kV*lg07kr7iG1
zopgIy{zDk?$zTFm+mr6wRC8-Zev+(9k$j(yhqpoR1nt3Shtr;m(I9!h*?Qm2*3<WC
zdpb#z_xkqP(dckGXm3<@Dz_)yNiY4ZQn@YKeO7Vh(L+~PD>pUNgS0n%XWGbF8&*IC
z4vtWMhlj#&Cp~OUdy}o?mxG{`M8<y7J>*h`{B?{l&+aE1&sy1=v~zzvZk^l|hjtIU
zVo{_kQfxGaK_zniv<(uwSwAP;@$`tL>RCy$)T1fXY})U)#@+9cTyfg~>taCozTq0E
z-#USqY5IL?L-kv2=I^S%1*B$gI5=u1BIr%cw8Rb1?yn04M_@jE0o_gMMeb#y>G)8J
zTr$QQ#2GeswEG*_I{8Y^$rL<>2l{Ao5P~s)x<@=Qyq6qLCZl`X+wb1J+v;{sdcCdT
z_-Ol&gF6g(vfajhZg&Tr^!?WHq~8NffncZ7fsqD0pA4tTaqDgBGc`QG_ldh<Nj4ps
zgb3j5`ih0EUylr8za^g)i{2{kl36kZ#)_q-iko0>d|sFy+C)f3hNOb=3G;H3;SeMi
zIpAW5itzmy6JeSwKr-f)-B@4faa~>b3&KD!YTJdi#dkVh?F2vI|JQbRs`LJTb(i?>
z%Ku+29nOMw<^Ny#|2UO@Y5srVHf~BE-Nw@V$<9A!Z*pAt{r2r9fX;UN=Uw#{Uj5NA
z0Y@J0C=kV%n(>aYfPHcISMU?LY6>dk_7FICx`dIfxA+lq-ESx9;UOUojv+r|lw-US
zj6Xq3pUB%i{@mZs+6pIdzuLeg+EJWElqBODeQXQX-2FC(!kjH)HV@d+_meRZRlGUZ
z^nxI-*c>9<L1M%AhO=T77AU+)(~<7MO;os>rG$Ge+|xm;@6mB|lI4`Qg$6-B%O%f8
zQ%+%is1O$(^@ayr%z>M4oQGBIG!7<@e9>5nFM?~RkX6%>LnZ2!-4yxQ?)Y4j<1<UZ
zf^3OTNjVT(odWz;2->dwwYxc|?EhIt;)1^|xBt8QBnRj0|8A|ZcV+)Ci1u?mz9Rd-
z+Pu}01Yn5E7bXBd`}6;xCB95Y<e)s~NOVe0RN)#~&uOoNt{lEW1uC9WID8`QjrcT`
z$!bdbZjmV3=nZ+EfEH+Iv{HJDAnK3X%^+{L2`@(^Z3F|e!YHK9(CdU+{hK_PO)wrx
zc#$G&36_PVo}LLgx$*D-)0Au|l0HZ$1h_GJOgo?6oXf@lAf?Vjcz-?l^D*?<hjOfz
zIU{xSSCMK36|YDIC?_W}2#-qskoQVSJ0!{zD|3;)hcF}|gk{nzN;_<>?hliADVJb4
zxChxS{Yn~6LA9*b3(FESr;wAl<wpLN-$BwuiDTt6vJ+C*?>%Qn=q>;^jd$O9!Vy>j
z`j%xlSX|~Az*aIHbpJ3Vf2o|f0UKf%$NeG9B{(=dq$d!Iw3CuFu;&3+K<JZE>MF5p
z5VG5X0qU^NM=9P+mZg21A0>Vf9l2Eic7Kx_2Y})>a;SMmx15Z9qGWMc&~1aM$Cc00
z@5*ci;S8KdYS<F?o6$@0gqAsX%t+M>Ni-8Vn0Arr<1VSXF-azp7{D~dhsm+x={R#=
zO_O7yJfDs?d!%i9xIyE$U2-T}d77JPnjH7xmXhEXp|yd(t($-q=54N;d059O%;v6S
zSej<q>b)b0mKYgxM{-MyYgz+`P#Da8JJMbx`Yjbb1iPq&QQGdddYd6HAJl>qR`A=n
zViOWy5yIthx9Y5u=?KK}x0stXAZ`*d@fsd+Shn+qoXlPiM7NkTX+xyb5~#s@583Gq
z9~4mX7A<r6&*E!P04P|)1#1S?t<fkYCq6Vzra;jeoS3AWyIOuqSj|Wew<%g64)Cw3
zU^3GKd)nBXv^dP{k~2<4c-UW@&lo*eOPY`jVoGr;>2$MpYfROGiSqUSlqw3AhP*is
zm>oE@kCx;g9(>2-VJ>kO7!$`<r3Pv^q1<1-31C7ZNqh&$WiN{`=Xc_h?%?f^Ty894
zmC;E^LcK!yUok^xIH+i<lampiF+d0KP$nLaIc}>2f!&$Q=A!dFw<&uX>K*r3CF1+L
z>hJF**<_qFcBA6_T;Deuy98rjPbYRmrLk-2#Ax2f7-IBAkSHU(>AH$E@8=bk)alAj
zqqnVAKyXOBW97HmdH?!YD$EEQI0vfEm1=DMmLm47z081YFPKn1df0AL-xv-8US%VQ
z)KF>tph5$&g5I!@Fza^GO^^2A$3q~AYS3Uhz@9+bw9`8=jztQ@K;2GIpI!@qmU=*h
z6&{Va_QQ@!QLvI2fULQRFdR7<9v!hxp@E8RD0$@8;f8p_9`Cn~x^1f!<Udsf(HHJT
z-p<f6^GFJO1ZO~Pu^0ah(BI=D3O1sQqG9GP+So#%wV@g32<&NM@O_yHGyzS!p!(0G
zgeRNGYmA$7=KefzPYv#g4_Za2H>?zV6t8TkR>YOSQF`cctCv~iSJV3LThtx2DSY}U
zaQ)1Rv_uSD#`0XcBlyHA3>{z|{g`&*!WyOdoiQ&%HC1%6Ae1p-GqU99r!wQ%Qe`uv
zp42lhq_SO!@@k4x)=3o*69tsPM0(o@aM&HAgCbobS;|800c(z8sZxXmU?owJg6Zbu
zy2GlrO=#=IqD*M(0mZtb(x@Y}`AVu$t!<_q7%{jc>3BRGON0D6nk)&BIOm4lW*jM%
z9Xw-AL>HJ|hF46<#zOavEcK@<x;PwH5SMY+)S$U#H?2Ahd8j^TUAW8<E;h`lwg9c=
zM$fQ6GdCNYnpkegbI5?3jHhsOR7>wf9tvZC6J)fjghNvvr<+3@dRv&!kXmG)Pgqx(
zwjs-~W(k~hoJ(kJh(U6MKRwY5liJDAsDcuO<a~5-2wutXXg~?gI6(%=VhHe8xd+EU
zT7SwWg02xB#WT01oxloGF+>R=bAoMt?~L7OQI@1mK5lh0dIQkrl`-~uJg9&lP3)C<
zWANS-VS$of5>%?oIJ4J1z@H*h!YJ^7;fwY%;D9d$KwI4btq)_%WtHp2R-S){jL3P(
z-IH<h<oSzVzWU~2LG97d?80PtlNsIbX!T4>{B$^!gQq2FDpr)TLF14PRY<gYm}6iY
z?>9$<EIh#SY!lJdv(0Y6D3<-%=2YIY-Jjhw#hm;U4e2#<o=mR2=7DSXl4}WnuEk%b
z`sH=U|7XAcRCGIZgfjDhPh(%o!V^3;n1(J4aM+>pPQ`f2_y@$Mk{*85GW<)lMGR)V
zO(TTS6@}q5#ZI^g2}!yde=xrr#?5a-r7QFSk}xO)t9>N|p;psX<#kg6HFnoRod&{q
z$$Dbf5)Z6oYk-w29y3Een4F}NGhUc4S`k&NF05FPknmWcV@z+z5e8{Tc<Jugx7xVm
zMtTM?u5kSl=inBb07q%uz&b-IeFfvXzaOHaL2`q-{n5bOd&xSbb8rGpa_x|tS2>~P
zg0fi84Ql1Zx;HYsh<C@s&#GuC(;HGFgA_WT7vhv5&g@(xL2o1*H+UKxGeK4x{42=w
z3*r$-f$BTN6P4ilOnWH?$9O+Z7FZh{oN3_r94gE}x<r%|Uq}o2@Um|rsZtSU*dLP4
z#+|_*3(gkKxYF0<H7Y_JzU3|uq~bfwmsvMiulq(K74eUwGeJ8PqZOo6rk3?FNV`V|
zk)ej?n5T=^f5=W?-9Eq!@=PC$B|)@yi3Lhe#6(CAr(@Pe*O<Gv3Zm3DP>gQu^itY1
z#1n9aI<wkH0g>)~Q-+3gTQib5R-`CLfhH(|g6Jo3yD2+nhg8u=Gi8#UEhUtKh7Rsh
z76vownA8L#!I+-fSM?wUiE=;9pX{gTrjx?&3@dU)rs#lxwtJ+W9|9W!nsnsU;_na-
znPStj#O-)LcyNwa&(y;UWI6i&l#(Jgo+|%C!epExf_$v_Bb?VUI$$8X;*N~_tuPTX
zD|LW~;ft9Y%OZ_~o;d#7$3qd;klQpw?Bur1EQKaUdk{k56%mqO<Mhb-%0B=6b4HvF
zXu3JDXv~WxTgkVw!;&ZWoeW#e+ex!&#<0o1T7;q7g0;yp?InN;OLCXjCod=@5W4aO
zo)44G31KC2+^hnQxGSBsw|ppW^0*laKaq0}cw-7YZ_I<G^eB{|;Sdw=U||l1E*5x#
zcJ0$yNJME^77roT&>BeUc>-r8992o5%TPRI`f9V1e@(9@89$9wfo%43wPLd{(J^L)
zqodn0AW<=aaaBfB>z9@bZVf3Ag{z<D;4K_5jfN_V05-!YN*@;9tWBGlH%XP!lmlyF
z==&6JoO*5);5HOfNM(AK1|Sh|O7h6VILkK$DU53}`EUSC_aK$d9*(!x<8{MJd)ULl
zOg3p5<%410`}#z8=Mp4V+FdO^2lV^!E07U&dOwBODUR7d35Yzwl4J-9)vbH1*1+CQ
zo^}V*_xgvT;DfL1!B-+%h$@3Uv&lpu`q1EJyqLf^{lk>rD`k2?6*344JqaRp1{7qD
z*^znZ;KA7tNlG$-AU)$zW#te}7c#&}JGph!v!ysy^tx@)g=iI47M7Z9m@`K_REBTe
zTLc%qp0!(<SvN$)WtRjV^Mu`)zL)!y4ds9<i%{xT1e=}KSiZA}aD+<(QA{Yj(t1ey
zty3f*S<zOhiO~lZ|7P!6qs)M9ha#=>0Ez?Av^<SGQV%v|H~p^Cuo2Hbp5@=D+<IR#
zf@xVfAxW8R3Aaqgy>&xP=B%)OJ^yALk$(?(g|im?0Rb*U!{pbvHFAT%{TN(x<)Kz$
z?3(-3u_p{{h(TLDi*Du~PTqD~$yd1E$%8Jb#Ze_zprMIk1#`>MYu^SVi8Ir&`w=Xx
z2YqhpppIQ`9(f@^G<*)y$u@js`6#^QwhOmCGpi0H4f&+eQuMSItS#q7y{$rOTb!Y;
z*$^w_V#fq9BB9exVQ+Ta9Z^-$4i%dRTKC;HAc(-n+YW{~EcheYHX1d%gF`y_qRx>}
zkwGD=PkMtZY97bvCanYcg)x~Ue5%+jUj{(YfkA+zOI+%a3uW4@jnjuB^$z)5&_X<?
z{#@ff)B=FYL9HOkL&LdGJYAcTRg!HEj%|5*U{^iPavG13og;!sz>R2L948x!6TG+6
zoZkxdgN!WMVe-=#_rH4djU)*rt>xf03NfxNP>}Y#r}$l0V2<D-M2VZt!~k0sc}@+v
z0uq<yp}7Xdj12_S@Zc?!IGo@l<g5%g0euVOgo0{k#|dtDiZ)xQU}#S*@{#$J6dBnQ
zbMdTfGVV9&Zk~{hjQLdX6NNkH4wf43_6SEe1cc~m*6VK1AbIrl<75NpcrqULHm$Gy
zmxC@QBL4K-?MIrT^iPm;a9>!@soK>6CyAJMrf)oAC}Hi!f12_^a}b-cNbN-cm$++W
zleh{0<s`Je151v1n7#3|p@OdLuyjYpFY&=Tc!<q0^{iHB<E95K+4KPPP1F=2Wabyk
zZNsyV(W(qTTgoaIVZrL;&x*l4<BoojeY1pLcfh<#pc1p=WNJx_gxm>KP@rq57J@ui
z6p~ue)+N1EjkLxM=#8B`Ph&*FnJZ-;9)0=b)z{yY%~2l6Z6z<wYc@DBcO$Rav*tq;
zSTu)2*i2pO!MoAg5G!x#7sm9cOn-(8)PoEJL)oB9y<y`1eDLr>Mb6fTg3-;l-9Wud
zt>Y+6L0MOGGadu`5q@Ma6FB)nFe#?M8S$bDQgB-?ry>MGI_@5zGNgWw<@O?;Q``$C
z-lDUah8<$I7Lg9>uLrXZU>i`%<v@Y&6yt=BB)6hIJwq|Y$G);z!EHNCi7@%>lifgT
zOG`=bFqe^PXR+7)7{Z-wcC_t49)z5Wuxew4-tdTO2Wi{rhen)lawVun58|kwm=fl9
zoAOqywr%mty5JbVmx|DtL=NZa@W^VL--5sJ`MGLHDz$&9DoDY80#Y^i$h-lFA!aaj
zeN!VCoQhR14qAf&B(NO)si_a>YtrTQaF;12e9R1OnJs)K-mo4&xD4N)N!keqHmgzR
z0HPmEk7N`)m8X#Egusbpk=ohP_wCf&<0wQdSPmo7X4wdTT5N3kDFI@LPl$^{j%8+S
zN?r>4A-gF@AJp`aCbf}Lp>`b@%`XUq8%;bkZ-%w4A2)-`ON6c2!=IA7e7fQ4(GXn4
z#cZu>y++_i14{*qG9z#43J!<_(|%w{Tk)Fm1I8}OKEU1c9%J+lU}3bbJ$}=aA_~a5
z<VY_ne$$pM6ySK;Ryq`4GK_7cec|1FTxMvi=08(OoeJ;qrm`Zzg;znrwlqZw#D>E(
znj}0lgqqGk`5qy<wjEMrv{SZwkOP(ff>c|z(IW@ZG+=zwYQXdlVsGz56R$Qo$T*3>
z1v3i6t#?ozL`iYmmwcsIS`CsPY5R*;&z^3-`0_E}T+x^Ulfik74po+%XioJN<5ueH
z3cSMVw10`v-u<gTOuc48K90wj>jZ-bR4eWa(S{H#d^M>&p~(39y6O>fY+ipU?ZrSn
zqCMj+aApB<X9xrHMGOhm`LEMG(%y?)ImQWjL6^0?zFr!tmQ+aUZoU3;%Z3V5kk458
znlffFg_n47nCDV;pqCy_Hb<e=k|&g7^5=~WaX`_cV%}alI6|vBT3L-{%Z;w)EJ<w_
ziBmH=VN+jF*RUgvk2u~HilnR+*7D(i<pVl?PjG=ORiZ(|ge+3PrsPJ~24`G+#o#g>
zs;H(cLg}%%4okuieogWJREkYDEDOex4wZEaw>7!g)K9L*UYt-8jD1V@+~bN$n#Ee_
z3sCu#Hb?#dKeUhK`$V_bwNL2o%#w=L^TDe&`VeRkL}(yy3QcaQn(<OzpkkJoBNeCF
z0z<x#Wky>)<GdDm2=0(^jyr{r3mZljT5gH_x;O!nVh0&XpL;wL0-WOFR(7cHX5F4{
zhR#)~PZSCFlN}&wakfFUYwLc8X+jB`hR!3g5N0JCRdzg%%^Yv+;E9?xLg}DtjdZ?N
zOKA)&E5^vdK~~9{#HUh=s58|g#7w2kg0T)lhAC6{l5D6I0(Z&U52B+Rl|--@?j;;d
zX^9?Z-mIi_r+jTkw~UZ-ak$JepCPAMW+6{u$}=`nlXW%cE7m<(hixUzIfvb7q~p}J
zB=T6#5Abo~0H^j5ERqDrB0)EOukJrUedTyGrOxK)G#w;QO-%0vl_hZ%2CRk1JTlxa
zZi_*jIc{cM@y!)2*a}ENX@xxNIYD-|3A-{Dc%=S;T)K)s5EMZ+W_2Z5j409p4!Kj*
zRgx47#v(RCL!ln?*a6y@SqmHfUcoRSew2Bj4@|nn21Gz`tlg-{*DaEQ#x-)oHW2_R
zJT0BM_~KDSq}AQ~unm~dP9+ahcs90qAR5QE6@%x@a^wuy&AbmKR+lWHtQgk;s4oj-
zhr9^kr5iYHAhkJY7wJ~=HBvBsM;SA3Ytb%6SXa^!H$twj`)pB3rg%++UIfeSjqXY=
zYL>2w<@LM1B=L}#W%FIogY=zAf!YPTZ8mCB<`DC7GXjkL!fN>gJ2Z*P{u8ojD(${^
zHr<r|u^fpNz^texL#sw8SlKM8=md|rzaeV6R&`pMykt@^8!tnT{*%GYC#tv75U<hm
z-@l$tZt|aBnY&N}p$WSOEhnyoAvwXgIA{~tCU}<ssqy>+!cHakH3ilL&Lx;~Y)B!|
zUI{0dT!0LjKDmdqwb@NlJFG4C>tWK9*Ms6KPvGI@SNU3VkFPSImM}_4dowA_-Z2}C
zl_51+RW=I@$hD5&nC{$HpjCvLmol3tXw5z)F|)Ex@a-_=Fawx@Yz6{5?pod52xu8}
zo;l#c*1FHj80puv7^>$hC>-E!MyCvoX4AHsmd&|PN>WGC8DNu{6?HV}X@i&jlP6bi
zjQpW53_vhL(NTzIO?_|^Me5NXDH%=cMQ|7rDDQJtbwj)V@zbza@{rwZ0Qg&{D!@Wt
zVnD@=P({Y}dY$wtmLYcUdGr)a0dSmwVSs#XO%2{G1~<L?we`b65+o73i3@s9!>C~Z
z2SfdsQf;<lS7H<$c#+3-sxZ{oO%_&ol5fVfLCHnO!xWp$fpQ^df}knPC-fUDsd&4c
zn4iHmeuDs+;rq=O7D$uqq)t@wqNpeNeQtOy*?eI2IUh5$?fvEpdtNaL23aV?90y0N
zCYmU-=%p10G?2E%6oA$+dz>)lkEe@_AjUxaVjf+10$xPtme7X@mhcO}qv(?k<xZ;p
z%)V?D8&oKPpxu!wH}HmcD(VjLjM=Ti&-cu#C5p5S3GaZX<xap_O5G^gW_X4J9Fk@2
znhpo8EYg}Ry;t1}`FRurSPg>A3+uY%Y0Y0zU{<Flfy}++MGr5;^KlGr82nW_K46}v
zOzkq+z~Yz$&+HIyg*w(;#fYKoK_&PAc+YiVmh2YRUj|-d&18AK(qT>IW+L)<BZqHb
z!`x<O6oxW?tQ6@*^KHRQ?!XdC#!?oPd)xIsC|D5&5E~c4^s$n1YH8mvy~&9cuDH7x
z<KTI~YvlNWBNqfFc_q(K8hwN<iybPc3Rv#MN}bk)AhqwnMO%w7T8VXzC{_j<;DhyA
z&M?6pdtYV|sh@FV7<n4<7ehlYqlI$=WUE`Sqq?2U`)iNr+EJE88iQ);4RbuqxuLZa
zUm{l9wL1Q5!*W7bP8|pHa5C;~K9p;F!m>FU##j%R!?FkFp{c9b3T4i$#$fCIIS_LF
zx_=F{mUnOM^Gz{EGc;?%y28G7o>{oZLTR>Oo^UtH5yOEp2wf0X2h5TU>J<R{6mP;D
z38sh)TjI|KAmu<E$bA@hKZGZ?w2U%ofX93ZeI=2OKnoF~46OA}Dib8vF!ot-!IKGa
zbWrKIAEE7cpNL#zsDCQ4pkbp<&lF8kI;n#gT7UX)@JH#Pn)~@vs<TAIKkaT?U+3Ia
zidCCEJ+yuX?n2D;(haLJOrZ1E>OG9{hnglZcBLCgQ*DtQQpqQfAa*Z?_7$O38uwFu
zzyV-8hEW8;$C0~{we{1D>^+(vhA=5niP_K<?H?C{9@Oa`CUDePIEaCwX!I#>qf+QI
zdJo~S(nt<fOjNqdBuc_3-3&ipiz_Ovg+{adHbhg(&h_WJ_k2|w^F0(NdR#rD!EvUk
z;NANdR%Meo>n6*0x-Yf)PAwCyj<vGpK{N6uUdS^gIRI&Z7&gO!uDQqoO9h$7Ye<M4
zZ+Yokk423k!1;7zmrBUzagU+`x2HS=YgpHM<kj+%;gJo6l$8+r=Wz4(+TcQ)wWI3a
zeq&*>rBURiii(`q6Dkc@IOiLF8!0L$U!v)Tc!ETJUXoyD(FK#@*@1ld;6{?wZ6exa
ztb7;IH?bEJTU4CKlWgRHEK+MZ`M53Fr1aU#%~+(8QZjANjo=m{BNwxR@8wTo4Q}1&
z-h`vP|C8(vp;;52ZXQrzzQ<z#2`v&5i=eGzN=|_x%Ej`^fD*Rpv!P|ij(8DP{WvZ-
z)g24aj%EvK9*U<b((+&&e`|JpN?SqtWWPi^+a)Ef<a#SywZL6d1r+U!^h+{T#_<EI
zkVL@`CK8mitpna&8^IE8zIy)4d=_X0uWSR3wQ(6C%!g9q5f4ib*;pQ0#}!yRAgNv{
zO>&b!m?fjC4dyLqJ!B|s^GcYmDSR-*P|9S49oo?y4-+t7MbJfA&EuVnyfzt;)r?Pi
zCvk;b&U7>X&2dQEDhV6Q1wmSq>C$8JWo^zr1EZ~#h`>YMneDcD4tml)X_K=6VkmA~
zUL$`d%mUR!cI0U;jj=yNY7<3S>fr!M5vOxpnM_&-Y$^yyTED*Zwiy)Uk|E~K@<K1}
zf^yU$p(DcD9ybLW<nYc~g2e~miF@5SFZ&Rw4nsm?l+fBy*~4Or=y!<plXrA(nKiQB
z4Grv@0d!HZ0;lzDGKJ0V;byB(f8bP&1`^1@&4tLh_WI#wkACGi?MQ!NK3_jvPtQ@o
z@T`Bf9%tAv9=E925n>Af`2~Z>(lDP8)D#Q$wmz}7mzUL3X{y8!OY}hv6Ce0MyynR|
zEuQ3FLJtS>%X}(lEr8P?<cO(Y-zz1LP2(G|Q|N{1X<KpGH_T!A<vwV<oaDjdHS-o|
zz{D(nxQMy5<g@8Rf|G}zcx!@rU?OKgQRG@bAEDSdGET*k_=UckEng+-QaB3c$vi`H
zfoifurQ=|l3L!71^U6|kOpB%~t{B1<P>*(T0dQWJ)ok($EvW<knGRt>-d>MZ&o~Uj
zb7F?Q26ZV)G|UbSr-oE9Lr{#t8KFoh%tt2)$q%La;P?=!A#|!*D+g++NFO#@Y2WQ2
zkGT;_M~<?P>5v&LB?a@`D!{zZBt0ogTeUK5|6Potnb!Yhw+WM_{Q%2ueKLD1Gkd@i
z!AeX@l4(}To$6nn#|e`TDR5KU3e7F)4Js_Qw`PE7RF$F7jtvgLMK^>Mm$Eh%ZrJ1E
zFa!~zgh7;vSN{?d^WY+kDx${2G{GR9<cnANaC6Kmt@$@&cYzJG8Q?5^EaNd$(K{UI
z`N!rF743(|xiL`AjiHDfXATdRR>gx#U&W3r^iFBt0&O@_@e;fEhzyJ6yKo!mb2C(7
z&P_2hDOGH-%`mM;aZ%w!wKT$EjtxC#K8(Th9`P_4g}1g(LlH2J$}Gi+Q58KMYO6=6
z9mHX#qfIY_?CzM0m3_M05{$rbz)Qrix+sP5rIZ<*el8Holp8C9-7I)QRpf<8>zRn1
zcEq|mh0@uPYA$OmYB(0c<NjAvz9B!39WB7vZO-SSPMNkFVr7Z_cRD+POd@zPV=Gv;
zO-#LsQ5Xp4L`}p?Ie*1??4gijC6L-&CGW|2h~)la{!V{)|1>(zfyVTA4^BT<LgTA^
z1GN}UoM`we<#(}#Am)~}rKxdND`$sPy|!$+4>#X1>>CP8mNZzhu!o!4*~E^h_jczd
zX;-DYMdFQaIV|wBdK2t*`}mo;JCCU4#s`~f&b{AD>`4_yhz3|NUyA%X6q~$#9sx3M
zz`Wkzqbtcla#gV@#yHA6o(rUwpa6?XCMZOp#9FQZ<yxutET}9EioPn=Ju~}cbNi2B
zf#nr)X7*9aDIl?i$SQGnfP?^YV2G|7*Z8&rOGGbpaK&g)%41wl1I0)`PfZ&eDj2Y0
zfwIt{EzOGuV)Jsc$T#sV^hfh>+WZV_<YCrc?e};rtc>O01sTdgFg^qUoad%3i;dGs
znnT{ITBv+brY8MZLXALx8J8e=@Pd~IHIdlR+D5yV{LYuwG;w7YgKgw1zS%nC*WZ`u
zc8Vt6bFk5UTZ&jY%6QUj8rG=is=6RCiu&?rI6Ul*wtYYxn!H7|2{jZqd(BeAEWw00
z6-mR)%KgWovGh1;Av@bc)*z~+m}&BZS-e1_Y>gApIv+gos5%h2OlhCtRK4FO)fxLq
z8O3vX%_bf)-35KNyKpoZ2c<S`k3_Q>`}RS3k&T$KVd8omVkp8r1(lE%^fKEmEXdE5
zTM1p>kx+WV(4ia5v$eHC_|kg#iMe@69>v*YpN_N=57?vb>&q*id&nOVr!<XC&YX?y
z^FDJn!nn_(IKSH_0Yu>{9zHufFjofhd!ZZg!hmWW(*EMuKmcKxa=+vDk+zb1Xd?`U
zWCx#c*$W3ftj+pD3M!+vih40q2@XSxIXTa1Q1xEWs40=2VN2q5t!k@jOv(Yt+P~y=
zIY0$WDCr$o@=T;wnv_4e{nhN;XU_}HH7a#r2`j2s9WG}vyrPX*5@PZsF$r*KF-0>U
z85zrpwaiQ^@?26z%=3WJzJ!Bji~(X+kbJZ?k3FSp1p5)H=az)^K)^HK&O{+biBOff
zjA=qoG76uMye~`n?$FP}{R&Hxp^3U^Mdq<HrKcvwFfg9zjp!rEI34Cx`-#~+m_rf-
zji5AH$ZEoEc}@%krKYywJ3OcH$+j1Lk^|1A(wX1{W`|;4)yUYO0h~iS<rsA@#MlI^
zw>5MHIp5-94&Okz(o#MOxx(_SK_vQx_|kX=FuyqnP%a{2mWWy-l4IVPQ!f$>^B)X;
zPCDQ318xGgb!cE|&&O8sl~pStjsr1K3dt79C1i6yRU9JCUrg4Vnw)mH9l@``d^#)>
zznoq2JDaxXVE4C<$i&%M;}~2?lK*pVPSRrJPMrc57VO|alR-E3@{igap!NCh`lebU
zx;r`~niWj~SR$d-?=vQHe)O20;XyUAB|Mp9CN>p`2=dNsM-s|~9&y}}|0w?)9aebX
z5)Dfx0nLk9rQI7~8JlZLTCUq{{$w_}7TCb?>kgx3oUx#!6HZAEuuOJ>r43I@NrdUh
z3Iw?@l6_3UkOnrwo*@pma*alnS8N%w-(+ILbXkjIl)R8t@5ADZl<pGe5@O|%z%4c^
zsa9odh>O2LS$XHKxe(|g-Uv}D66XgPFpBXm{TV}ftT;B(eyWRk8JQfB?L1Of$-6QB
zOfXrdae37H&(#FR3HG>3(&50NwOv!06{KA6YPNs6-ZiZ1v9RV_jAOqIOF!}3eeFwy
z_3?s@i_8e4E<<a(d5h7WoYKby=V+3b$2dhg4dKntKs9{5z_YO=w57OAS(RLp!m4c8
z9!a@&Af%U)HYiS~GiiiIAp$W-QT4L5gr&hu@l7hwI!1W(rtnStBINoR7-~0DV8I>+
zqHoNVSND_vKBP2H5T|q7#70)Twz;c+%lsEWSzIqw<Snr{x436IK-YI{=Q+llo6L0Q
z+n45fC|K3xJ*Vtf876-B{I;Juq_DKtsr*xN!cE`vU!_&yR^x=zCY~!1*g1em`5Ir{
z5|VEv8^VtLkb4Q}Q8}gxxH!2f&>+aV%3-XO6D4IT&f_A0fVf7f(dR1Mnr4^w?I=w<
zr9MM+E6tz;JsMkbZQhmD>td@Py59Yz@Ho)swz(<QrBg5MBu&$u_JF-`2cNb5#tV#b
zKF#Kn7vH}6#n;c9%`Jn}936t~Gk*40+i3niqb#|>ttdVsH#}G~(wfx`$P)`{m*jiC
zI61cW<PfPFip<F}s`^VlW`$5T&W^lr%*m0k2Xi%?lhE8(ebWsa`b%vb`C$ac)fNKi
zm^8c&>Zm$ZMz8Hb25!5YxQ@+F-N{Fh)&hC)?1jKn8pON-TLY@V^r4i8E#fhkecFz6
zq7@al!izm_^)cwTLKy6+5b|eg1EUyaUPZ`HThjr9m+F9Ws8GcecPGbjvtIN+*lG|C
zGC1QsLT0q$lja1fQ;)?d`-qZ;_q0cZ<+Ai~Qifm)4a%I^SS7gJQ@nv2o#U&}scz!D
zzz$f0NS;XtAaw`8iIcf$?Y;1$QCkZu&T^AP{m~jp%q1Z}gkMtczsUVWmu4f0{;KNi
z**|XUV~vlDWOK)D<b2DCoY|aLD)D}umR9<iD(U37IT<#Ei{>#da1PGjE;DcHZ14qM
zllx3Tndn9dW2kA#h16C-De;m@DPm=s{-6=Zmq%X_z9kh5mIKv+71_hsFaB<=A<8X<
z5^^}XyU2V5tK8%mUJn5b19qZlDBj`0;#UNB9ztmD=nbZ<q(e+QCvOHMDPrQ-V_eRq
zQg*}oESLiR7I>r|EZ3Cf6`3xuX}~2uMu<y&K|<FnDFcRwM)u;aO;dUzbVyW6pSd}<
zG)g>REZk1rhrSm-(=8|SDOeilsSY*{>kkiOmh*-wwp98K8Z!juOqX`NC|kp7L6uDp
zaFJ?AK{(<FHS5PR9jA1A#iQ!TnO|DSZ#lsblpu4&)1hBZAqC=OA<i$PpCrW635#u4
zcs@SqZ4kl0nq4h*kXqi^+*QtU)!~Mq@rF$%M~mgt{3rX{a*r13Ft5<~8p-e3ViT0u
z`Nx#4&>2OWZr8b!m^R>E{AyYrl`OQKf<6Ts$=bLcqmKfmOVjC}&{=2AbuCT6G)O>8
zMc3#Gf#sw=^<p#`P&Y@KpD}!BsdE%36$fSQ_2!=8<d$k@XYF$=ofaZ-pDhg8uzG2c
z(M%%A(OI@D5gpFmW{ymeE6%j`NHa{|1`3<j59<lAEP`O?%$WGdN^;&zaD)7o&dueO
zSERZ&LMnlQ^E>_UH%A0N5;gJ;ET&**G3s%S*1~nWVSMJQSQ!K{TOn9V4sos#Ziqp+
zpFH3P2XQ|_cpyqB*3l#?HejX55Lt%9XCct+cA;|$pV`hTv&H*GfGm8kppFo<l!a8y
z&q5FUxczyu=!x}n9V~x!(_aM!0=?t5dEWmzIzHi;sYS2B{c{$z{QVC*^;&)Y{SSNl
z)yCEPAO0L%|EbTc==~3i)ypC+viSFK4pO;!)!ZN%oVZ2j>iw^a@t0qb>A>f<=-e<!
zl<qC9*dQ5fB8~IDgEeS{yuY33DLAae@N%o=1cZZV40ib)tl{C}T}<(ZMekrWcOeAl
zHjeft`Abrnb38?)BbOU{isknG37Uw#9*Lk*^$W`m`dIWw{b5RbvFED&#R)VnOtkyq
ziAvQR*G|!dvth$H=1u(ba4@DQ@(Z=R4eUs*m-*Y6LQ-ub?B-@4L#w^j9*nb1(m~oN
zyLC9;p1*zD-7j+!ER6O8|3wIS^+msSejtBtkVVaqjHJ@RmuEIpcVXh;EpdxSsnhv|
z>GM|aKl$?G)-}9uhi30mjfH_nF(%Kp^5<*^sYW-HlnO4l_>G$Uaq{r~^XFgNYmFTw
z{+O39OE7XG8NSUWDsLVX_?S`-{)?4Wlw1h&RF2e!TRz!*ptGhd%mr|kaI&+ol(5XR
zUVk8^lutXL>`B35`F%&r@7t){-MW+Xx3gQfYJ|_cJ;Pq<DsK9Wodes|J8TFD*&J^q
z^|x>S!SbPHAA8AUDrZ5^#KPGBa}5_-32NeL_X#^^K2n}lvg8rRoRqNMccZpU9A5@_
zc-A}~Y9-P#qriY-@bHWanH4A=TY!zz8jxY2Oj}*~nSZJ=|1<6{`F}GnGWs(>Eqvqy
z{@>nStv2`muf5$X|8F5WS9;;vwQCA5=d6$Co#b%EjN7`IWF$JAmNfG!s;tHP&$Xc+
zF^*OYOBC|P<U|I^t#R9cX6qZdMZ=l!TNHJi5W4DwT@0iR6&;qa(L6USnCJ)?WuiCA
z6q^NtenRQ2$9wW5b5T1Cd1)1J!|JvRvlq_C;IL)Ybsy_QGwmzY%5*|m$(hnxE&Gt4
zZcvP=mK`Nw0AUprOADbWZNGitkJ+{kDmp5Q($xmKV^^qmVv(!&m$7fHKSXzO1ao2=
z6%99fAAK|UNX_h+ykNyZfb5XkQB*GlZ1A&WT`2-fb&*-|to=(?7W|hm`7K^IIXc<W
z%dPvkSKCjVLOFu&kGeLBX8?KOiXR!}C+<R<JSWO~b2vDfij)rppUEEEp)*X2sYI4@
zwy=DAiCE?!u(|`1SnMwrrQOpp>^Y%h-93_#Y<p|eh4fg!=p)!qv`<Vn%=7vd6y#82
z*G|4`$f+AL`yDot-<Xbg@wN7y4>-~GsMS_xy<`P3s(PP#rmd{`Y^V_H8`p4Gx`U0I
z+UmN#u6uNXwepCnN6r-xRN)LXNH%#((s69S<4hHQRQ{|Q(bSfwjGG^k7}Ap75|MEa
zdl;EOc&0Shf>q*N;3;!BL&ff}^%knA>h5RpeGy=M6^{uF%m<tLag4)IlIdn*$N;r8
zqJzl{On~*!j{sLP%b7FdL?kWGuY-VQcuI^oNuio8{`7@P``$LacH4HF|Gk9^fv<Jy
zfj2|^jp13Kx*Vt+f7h;LHCd7##z#hOv@zVbjux}};tP_X)(slg2^FMBxV>LmNAfiX
zXtGV(`J8m5FY<bM89I{(mo}_-<62k`2QDW6;ipzo|EbV=%@<SvAHv<7iW|0I`f7E4
zV=nXq&b=fjZwI)Bc0{Ma_2HIM$BNc~QME^hTb|x-#?8W?u{X6u5Nn8P^2Ek9_?mme
zeC*BfhZ~jRm4@3yJm?_AEX;`*9iHRdx;RI4tM478$Ii+K@Giw(dJ5ou*un4i{w`Bo
zLA;dv6fNlK4xoZjuvSr5CE+MJd;6k_{2{^>27Q6#xs5S~TRx1P9rsx>uDpKOd}@b!
zbL`RY;+Kaft-<SWYw_y?uKk`b&#gcB^?;9G>4c|$d42u!$|<-tusg1BP#j%3a~CDQ
zx~S9Q!o{#86>G|3fg#mN(4a<p#i_@5y%GIwoz<aL&kmdLtyKYzC@fdn;t21M2em;R
z0@TYNX3x9=t)Mqp(m2@&W6O?-=xkJO*kp9_wVibxh0OU$qn)}loPvFhJD=*%@Ni#P
zgDhdzLPsdJ*ZEhSu1>RHqGm{OG2m9TE<Aon6wP^K)oqXt>u&K<u|Vcii?Hyu**u);
zutr*Vg9Jy|vr~A?6mCp-)sHG37y@mFaLD1Y?}i6$PK0p973QsnG_0S0D<uu;V?trW
zUVq}3Zc`L;I5+2IO-7(u05QlV@a*2up_lPYaNZ2kIfyFHn-}%G-!=d2!S{Z8hV~9{
z&SJjzp5H0(*-<gEe<Ua;-{Z_8xFwD<;%HS)4L0|KpJ&nbibM7!)i#7v3!hO<EA-=F
zS*W{f+dS_{?QZGF7Nb>i?Ql4}w)HdiInrwnw%L}kQM(y_Fi${x{>jul44~tKklw^!
z1)p&@d-JIS3?vdJju6w%Nj{}AN=S|IuoZ9NEMr5jL5EFMoYp!#K^wD!GEDQ!aB8>|
z=<~2cHncx}LH*wLZQQ&jfnwW0!~<-5I{?4~w4==USAH2MwwWOh<?3tFiPz|C%UuNB
zl%KW{V8}8U=ldafGCg1+H0wuSAs`_3$@`=6+x#Z^iqvnw5R={HaES5ACe-5nc6#|l
zl;Ne%>-4$uR$*w)b8`7C&*D)5zF<#{VMV4#1dvNg0xU6)$!Bf`CkPIuHlg1G6-ME3
zlrxNyUAG&hJnU8F;rT62dhg=?IT(S$dZzC;u9-fdRu_<U>soRn=`&|JZqjLo8;9y=
zDUJUqXw2{`F>H(_?yT#@x|ZbS79&&)3KnSN+70Yx1^Cfr@}>?w9R^`scNRZ#)&m*A
zs~nW;KSW|H4Kdd~5dZJ*oR0r%SMmR9X|M>|Uu6A9Co2@G@FE!zn04XHzh9ZY)B$lG
zU8vrH_{kLtu2n^61lXZ96^oecP)1ZgDiswKH!RzBfKtyY@T7{1-9s``{6d<RkWQTl
zyeSOjt<9+Dc66z2-=HDy0sdb6YKku8$#n`MX2O-Z_44U_EVBA}@#f+mq<pb)MY=)g
zu;UTVRsM<5Xh_beVVnGil=b;*Ke!XwajER1Z|XV=o22mHVw|qYzET@$2vhAO%;Kz3
z96^6~H2!BeCO@?0_%T?9LRVz~^6H26Km1yq6Urc9<NUnr5I9+0!g>O6gxER2(015O
zz>Vx7hulFUEx}vr#7k<j^x~QOk%>$d+re@dn==XA*iC7?)AQ!PfU<a$4)bG;GJ`%}
zZs+tm*1y6(jPbarF^K`0h}o){xt&>LTJ1ERYEzN?B?%C*o?bo>ic_U*k2(B0>dQ|?
z7j{CQs&7N+(LBSN0&T1u!+v|bSXpF6FMfzt4lytCXynLZc@8VvnuD-%<iGgl>t`=s
zy_~6J<L_BCZ0R!#e@iEO+WB<Gu>U#_i7&<Ec|dLv_Uq}-Umusl@VOAZTE3<bJ&(%?
zuXCsz-CkS@@xFuqGXDN~aleA}%FhVx`3bI5n;=ph65mn`z4Uz`CR-FpwzwBhDwPBN
z<qTR7V<fiD-VSeEpuhL^w|aSQJ||ADk8}Sf?Yy4yMQMhg^RK=yTXa1>81oVqm-~X^
ztgjBCKj$IzP?#M|)S^vI9rRj*H^DBWZVpn+4R+qCMiR<TZdOA#8^vRjVcg)O!;5DR
zE1vrr&Mv-h2j#>K;6WX3d`ec#PZgAVVU2t2F_zM^V-Dpj@CDCd(Xods)ZBU%+5M+a
z?!SEWQX=rB-VTYI6Jj|tCt-rL!*XJVPxlLT5#u04Kh3dLsu#!)1DtGuui9Tn_wy+y
z_^788BOgxK;N3=SJtcz@hp}ncE|(+r`tiQY_PF&u8}$)Rx8mmM1!Iky;%^q=4M*?v
zKJ+a4`I!Ce8Se}*i^3$7#mHFXQyFi|BJi%PSHG|x*U)Uc5jM}tJiYMq5%C{&3Wa5b
z01|q9!&dN@G|k66tnXc+kCX6HZMe3+n8MFnpx3Yag*Gn?qG@ETRo;))f46-eDtgAi
zb_*CI_@*<%Wa!^C1FKPRQRGQ!iPqU}{*NE~&ifHL7&i{eJ}R7$cb$JyqwerAZnfte
zZ}gIXNsc&PH`)H_?1ZR5*zQlx)}oQd-Z_#lB?nvThpo65^0OP+=Q^NJEwTD+YV}Fn
zJEY!mZ7B_u_MH*h=oE4rHci~KR!<oS-vNfdCXX<fc9tp<>GfOIn0tu-kbeKWaP{}q
zz0VT?S--wL&Boix5%;!zgM-}|gWvq$9BgO&?)`XE|4))y;$V}cv2%Bi4XT5rR!w%Q
z_janu!(YAJUcX+xyT0h|>JEFu!^W5Fybsm(tw{UO!lG?xGQYz8&()huO7s^vQFcTo
z#W$%Dz2oWN1m`JG!mby@u&ryJbc=T`iWIMY|69aBDgQIm|1n(QVn2}osW*1^=KDYP
z_IIxOe^*F?g`j@;|NP_n|GNIaKW)c5e!z#H^I!IozdCDczvb^w);d2}>wU8J+aIi@
zKUn+jhil*cXzjmn>BsTX->v=j@76j$T>D@6@$c6<Ke7-1X07vM`|y*s^zU{5CqQ|*
z@pl3an6<0EldHay?Pzl^tM8=yU-|Rgxcd_rPu%@b4EXQ(YqGZX-6w1R*%<s^*4COo
z5Wm0N&^^z){I$06L*1qC-O=Rl`6uL#CjTv;XY1x0f<Dn-!wvpgv%j)$_~brE_h7HF
z&6_P++dEZWT70nW$)DQR{<dBV#mm9kZzyhL+rjtP{w1}6VDHh<GrD>5BfzR!@IUcy
zrY~#%{wF_d$Mxw4TjOm$yuY!=(!N`h{C)ZRf4}yhKhZ3|W2v94{mUn7|L(thvi8Xz
z{&DTsCYoAqCZLGs;z~>QZ@FW>c=FtF^<zO$y+tc`)KO{?1`U6qBx88$Up}5xODT#)
zBB^8R2mj+IhAm+%$JVEsq;UkOf#|O0KprSEG!-bi#;tg9-qO3U7?g=iW=lZNH-sR=
z%{S76##<x}Gzp~&CYo`nHlzto^oUiWE+1hU%4R&^LngAV{a{0LGU_#(oPFJFPX3V}
z0-Jivm0b<L*mSMyY9e-`t;v@wDBozE-~2>>2{*-hE>&9o4MY9RIq&oTp3g>?zx&ZY
zeDdG@_#b}olczuV@lQ0Zf2Ds){-5fAB>Q;-Fkxb=w>pG;!2he&cjxzi?eFaGU-^Hl
zqrhTFf06Y+;(0fHv4&!~9fkNYvvjrp>m2n#<!&xe0OaX_?vhsc^EQA*ol=wn^I!gi
zEnqF*l}+B&kD9hb7_31ZNSQ-Ye(HPlGnYeUH5`*{m0Ry0u4u<~MXfp&HGEd$@z}~h
zh2vmZqa6WlFRBf-U++L39)c7l+KLHq`l%A5oL9pul{g^6ikLPPRa@1%X76feYn-Js
z$u-*fNb;Y6l^?fYo#ECOq|+hu^N1M8v!$`b71EFqeO59mmHIA!J6T*vC|-I(IyhMv
z*_e{sDw15~YTFB)N&Uo<*sR{1$e9ggg|{Z=oxlFU-CKI-v06UG4{~HUi8bF)BoE~3
z&m0D#{qG!X&s|yFSK0sl-CgwoRrhzR<$rZaf5`vT>y5qL{rYZgZKqn_+hhOt?&_wn
z7!q4JIQ2eRqp^YG?|B{8f?GdyeZgaY=|7j~pB=Y4LuwA$q}lDfU*W_>;JrqpO!vqK
zy2PJ(|8H-vTEFuDR!D+{pq}ilZ!Nrdb>VLw182(ricNte{7=*WdpnKlmHz)2%y%~Z
z>nk<AqW@C;U#rg7f3Oc%`u}6lf1@+1uK%i+t&eK!Ppa$Ll`;4jSpUlz<81j)4_7(E
z56gdjUjFNi+LipTk_L-lx%{^~$sbJv)UGtZB24{l{(iRn*FUcO@0~jTqqcVy|9upO
zbNT;NIgsz$Z%Iy4qE5E-x9Nk%dWLh5@D|baQGNYM{YpK26sml@LC%(ccHgb=&j;;)
zeShBm*LH~ic2+otg`obG=l_EIpG>u7mQ<*A>d=O)XkhnB*cWom-^_)Q{CAZ4y^Mu@
zQ2uN4{(obime4EtzYJo`!QAK(|G%tkkB7qv8>VXOt*Z>c9E$#?zp__))EiFJk$7qA
zl>DC~|68r@G#YkawZ2ce=&JsAX%r~{m*{`U26(*y5$~Tf#EM%k{As!V->vPD?61~q
z`!yJ#w!cUHcW+npzw-YsjQS4(*yt7<uq6)QMY;oef5+>O`SL7$#zx>M)-V*U!+w)D
zZ@rn0n#LyBjJmE7D88&rCWqQ`#&5gp7?!>Dc6&(gGVc*u=P$N@(Izu((_Xkf+F##j
zFB|z0FQq+MAKh7};WTWrYc|*Y&7$k0yX(&<-;Am|8o4U_l}%21DdSc(N8g;OZ^Wy7
zWk;^QG`RHg)sx@6<iN&P?}jf=`uY_w_hrS86wueb^(Xr~?BNthc9^%1_2d5fk%O{V
z=nk~N>YezTwdU%VyTJDr?`8en#iF;_7`UlpAGU?}Y#Z!thxz&R9t?Y1{0Qut&xncZ
zi!GQvY<j<kzLT^&XdQvkBPQjjsTomf4JKLhi5}Vd+x>pGx}%3!_mNiH&}xt35|84#
zj#jc9A1*FpkAax{(U}uw`f!-AIy2!&u*V!t=oG8n4Kp`7UDnLQxMA3W5_Mr~(IV<5
zCUq@9eAp$N>b6049X@pY3+z|+Ql_4MM{0}+m%fxRChK^@F(b}Yb+N$0rR<3wb#eYF
zdORNv*lMXZHm%`KSi_|<lJMrk#>tBd7EQikilG6k%}&1E9~<*GkeH9b{EQZ++YkpV
zoNmK3=<fV<BkzAbNS*Z?lAv5gT{7$Ys0HUY_LnW;jxFJ?FJYG7XV_)ev`y5qm$?KV
zc8243DR3^N!fs7V*sae~q1~TMjB9qIv|cKw`*4A6c9)6hu8HXGnIbA1m$S|8M-x$o
z^-;e`kKz)R3F@8+>fRZGdSEEu`$&SyXkog0%LH}L1a;2^^<`yv(Cczo9!hY}1XB*i
z170bC<Iw6Szv2v=<R$Nc;Lu|Z!{a6i(4|YShJ7}C@FcEBv|prn_U?-1_jl%5{)|O1
z|9wf%N16YFPMH0^=)Y+8`{v{9pYm~LZR~z@bUvbujk90o@a&tzvmYFur3@t8N2ljf
zb&q)G$t2AF&N5Huj(IwF+|x1V*!`P%&fy$%`LB1(0lI8&Q`3K$#_3C2FJhfL#3!B6
zoxOR+pJkmpQD83>>7_B_)R)QZ9h2F+r)0L>&oa}QccYkI>a2aZFyXt)#PqI->D@EM
zRA#F1?C(ZVz0{cpuPO{%7^=I=r1h>z>)lh~$pU`A8^!ffm5%d!t}HpLbqUK?cT8lf
zJ0FzUlF6#>M8UoEg<!Ly)+Y_LbRj0Z)tw-{OPtN>&PS7A_cn{*s=BjGh^sp$#bi9s
z(m<A=IOgEukfI>N@evGfkc(Gg;KK2*5=1RlrByN`=+Y|bg}G=;0B3yvs*)|2??Dvf
zme;UMx~rr=Yz-fjZ)5{=RwX&&3%OKHCHW2-wyF%!LUUHd&T0N6R*VKqy@}|KR>={4
zq(wX%=3YgWoYb;~xNO(Xl<gvMQmuV7!488W+2nF^YAh9QGE|}lsiHF^!h}1|K9Vu|
z2sDVIZNnB8kDU85TA)~M8D|RiypFPD(xvAU<3fUtDlcWJe3QqrrJP5;bNQ%$G$B`j
z7+H(l)e`w2r=^9Ez*@jsk2xtdm<`K0eJqlMaZ40wEEV*I3pyFCxrN|Zo|qq7wS?29
z&)>((vA<NX8!p)7us*D2WhN}&^l>8Q81Gj}V=dty(p%ymQdy_ap1yaqTh8etpk3od
zw3EszPnzmWc=gNUR=?XjF<iO`lgqLql>MZN3kTZ0O()%UOTUm$;#p5`S4k_KnUAp>
z!IIypqXo>Sllf6I1Ua5dE8|etTyI?*`b<@&im_h-%%E9M)jO(WtyTp7tQtgh@6M{g
zyQ>*FiqzH$rfmg-2$DS63P1)#&u7=GWY<;%{fxwSl|<SKpwHx{tK{ES0CNT(CG$aE
zZw1iX{UWu?p0ZVdlviF#uvYh1B7cHf1i&N*SFm`Ywh+3UjaMRZns4FMlb&3`d<8Sl
z-|>RnRlqFaAR>U=<q9S{lK`ud30(oqAPc8bQ&sY(D**5KEx7E?N<>Uh%gGyZt1FnR
zP;n}!Lc(@Mpb1~jNOX|!T@n0T2j@(;GO5cUu1x02;W>%r6`|nFz?tOqiolD4^YJWs
z=oLag9b}TqUIBa;m?GjMHNFC<QFnO!S2Cnz)mH$1HcTQ{z5<v+L|&+@l44&0%yz#V
zSCFu8;pR6>y=)v}=r3(;7ENEI>qCQ=UW2I@4H6^NNT)v`&1CV!e9s&EQxr(m$fk2c
zgqVc}Ewbj%i=Q>P!L#adZAazfUD~vi_)+DXijHCtI_qLAQX{ubEK(zVeX(c(nA@ZF
z_+WUawZ&(f#f24-0iE;@N-!_1iVWtUeb6m{k{iDuKa4tuZQjb{-F11KxJg#H^R<`m
zBT~q)UvMm2z`>hNc>x#JMl%a|sF(AmW1D_H?+Ys=oA>eCaS87iR!0UiI~nJ*ys!qE
zLBwxcqr)$GHN-({lI25OSRu^}QO5N=t6W%32|Yob@=-EL)8#7IZ`3QvBqfSfz?^ch
zUBMevAyxsjJudMZwTlbFoFUz;oJankGIGH|jH%I3C1k8d_*zGu63o>IA23TQpI+Y!
zE`A2Xue$v-+YAMfz`+!3E;xkYw{`TUJnsvO+8OiyW=Mm3&K4IIyqOV#+Q^}=Mg))F
z_DV>hs<aABAH3<6<eD<nYJiqlnc~taV4^F^t6z=Gp()F&UyaaBCne=TJ!}=LAN5L_
zvc4K2!`hcIx>_NNmUGT((j|UDbj%2vs~|aYvucQv-35m+HRKq|wFD)(6+rb|a?qF5
z@m2tG1bdYDn5y6^fF8ds#|u;uF9>voa?~ad*wzx!aAC=t0ba00KEP_k5EWe5Xlj-h
z#E3B&>Y_}$3yYxvB`hlgy|C07Py)!(>Q^ITlYU9DQBYk4MuAycJjK^l0R6t*F9ThT
zh~ZTi7^Nn=iizSom0(_2u#EB+80LDA%J2mzIwP&QryhlsD)0s2+oZqm<dG+vBUS+s
zjd-VU8Yw}q0BESCF=Iu5<bzfKbL6T!Cm7}M6+jK;<}g!IRx5xx8njCiz&4K+!7Pa?
z_52k84f({l_|=FN&UYcI7w-u;TdFqaT(FDx37B-5EJTS_bAYEV!@l1d^?YS6DZkHc
zNTqtNgehfi>pUsCc7w+#DX{GxALy4ksx9rTt@*By+Uac}<{a24=jcLZ6m@?s+CRW9
zbze=`d{wOGdHODSm<}e>@k#QseLNiY4%jVi!>YCDgNq~UxolW#K&nw1okL=-OEnS&
z&hw0<yB02xf~Lqt;c;%HC$AnR4_FdWw2h@MFRf~C@jhZkS=N+P^W7M=)7vphtdZ}<
zSkj2jILmf#)$Z6P#Txncx#p)C>`?*p740rv(X#Hg8f7kFk9ySHNbdd$anzE|GmLn3
zA(5yY*)XSej+RrTHkkUWM5X0xn(e}x6JXy0QHy&Z3YITX={)-$SdN-^7cHs|)>%}Y
z0?QodJ><>Xyw71wgJvfki~H&-zno)T%bNP?6l-j}Q!Q~X*kR8*JG6DLPSM5(TF!pU
zbVgl89WCsX&iLhIIO?i@t!}DKbXw9^&i46bI->4d3+ku078G=<=Q|3P@&hDVLMLQe
z%R%Jkc)To4b+!eZ193VLU@=FqZNNr4)hoJC+18E4KB#Q11AZYRl9jh%PpJ#3!254o
zgGusLYurhbuZ9!eGb8#LWj?44m$tyynU98zz5IooEg3fIlBG)6j(k|SS|(+~23=AN
z8|`MD9Pc@V&F)$}igj_;<2et-C`%T1jy7y$VyR9cX{yDM=A7fzd~wza|3MAOyqEAP
ztFci|X_AuU<$dzYC2y%BArENdoKhq+l9wOMph7l;)7{1=YJ#^9Fm`SEc^2f;G!hB0
zIbA&K1=LArIcqE*YpFgVdu3yt(kJs{MUAqQ*_Uo@sC)N0FPxcQSBX-2`}tBz83!+9
z_lBzw`o`z*SGFzZIT8UvEps^PBs+vWn!o25ys#~#8P1`Jmmdm3-?$BP%Hfz<&$;vj
zOuR&t2;6O;uwkRn6EiGM)O-$&#O9ABBl!^o^>_wBF;a;Y@?!{=v%*s4p!RYoM0@!h
zE95GOK=3>STB;fd@@$mls(~PF4sS0joX*rq2U*&Y9V2|>h8ab%bYDu{qq};H?p(j9
zll}~+Esye+V$)R0Lc#JVk7MHIu~}xseCz-6ftLCn9_ZC+$eknG3?s6Q{~V-SdI(IN
z9$Jwu#&!h?^O&KY2X@OBv{X}gU{{ZUT`^3~hqQ&BXEDnnle&j=_0u8U4BGObZmHR@
zQ*Rb>f(Lc=7}OQ=TWG#KqFd^`FFoI;?h#!*Ms&q6Iok4oZuuxnm4pX$bz1i3)Obl5
z**^6Ty0(~{B}&g@xq6J{&R~K(l3U7ZX1W%UMllQ=-8db|MVvLx7r!k%wx{9oTZ290
za}p}QL4k1c@VGT-r(<m+YUF|3@^vlK2@MbA8ZnS7u$Qx3<9vafndHUjGlkGN9mp;8
zl^c0nw={mVgNzmq>v3I!Rn75WS#%qDTvy=nEUU5f0HcNnb`6+$=}@xYA9T&<wvf#x
zFB%@pHE4>O8!2a!*ij}X$-}r}aZcnJi-?c1Si~COSIi&7xPnP$(3tPRE|kWZXk4Z>
z8Xmeei0|eWciQ+i&KJa)W3`Y&h_!5KOP#aE8Rzt!wKQ$nTNwH`JaB8oz^zcbXDsb}
zAsmk0vhmDIYv63pp>koWp>e*5&Roca81;y*5s%v|mbqlu=yELO(WS>(H9Wj)#PF`*
z(KE1{hj`1!TjqN-Jj83@2hCx3HpFY#)?rEfQoq3b<%KBq5U+7M#G8@7^96Z!p2Fgh
zEXZrbAg{pU%t+^p^6ZSTVx;WgvQOiF+fCo4<I6kySqIRb^Ze)X`(HWT<?8(B4<6pT
zf*S(;$L$rsS_ESG`Oi8WeE$4@UjKD<{{JF$uJm_anBD4h(oVvTmfg*2mH#Kz#=S=U
z9?qFF$5wwh&C)Gi4l+r%M#Ju4axdu&Cs(i2UMV5|e**TtHJuy}$KA=v<xSwj@;`t6
zdwri*0$rW|et9IxA%C*A_7Anr!T!PS;oZZ#)z;c4du#v0vnQ`MpWXlJ$-~WuUw{42
zPabVn*Z%E4{~tI0uOIz4|M&mfZ~SjB{^QU7>;IWUxcYE~fh!DLVc-e_R~Wd$z!e6r
PFmQ!|D-8U#VBr4)IhDUE

diff --git a/deployment/helm/skaha/config/cadc-log.properties b/deployment/helm/skaha/config/cadc-log.properties
deleted file mode 100644
index 568196b7..00000000
--- a/deployment/helm/skaha/config/cadc-log.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-{{- range $val := .Values.deployment.skaha.loggingGroups }}
-group = {{ $val }}
-{{- end }}
\ No newline at end of file
diff --git a/deployment/helm/skaha/config/cadc-registry.properties b/deployment/helm/skaha/config/cadc-registry.properties
deleted file mode 100644
index 9d2b86b6..00000000
--- a/deployment/helm/skaha/config/cadc-registry.properties
+++ /dev/null
@@ -1,19 +0,0 @@
-#
-# local authority map
-#
-# <base standardID> = <authority>
-
-ivo://ivoa.net/std/GMS#search-1.0 = {{ .Values.deployment.skaha.gmsID }}
-ivo://ivoa.net/std/GMS#users-1.0 = {{ .Values.deployment.skaha.gmsID }}
-ivo://ivoa.net/std/UMS#users-0.1 = {{ .Values.deployment.skaha.gmsID }}
-ivo://ivoa.net/std/UMS#users-1.0 = {{ .Values.deployment.skaha.gmsID }}
-ivo://ivoa.net/sso#OAuth = {{ .Values.deployment.skaha.oidcURI }}
-ivo://ivoa.net/sso#OpenID = {{ .Values.deployment.skaha.oidcURI }}
-
-# Here to support the ACIdentityManager.  Not used by any other IdentityManager.
-ivo://ivoa.net/std/CDP#proxy-1.0 = ivo://cadc.nrc.ca/cred
-
-http://www.opencadc.org/std/posix#group-mapping-0.1 = {{ .Values.deployment.skaha.posixMapperResourceID }}
-http://www.opencadc.org/std/posix#user-mapping-0.1 = {{ .Values.deployment.skaha.posixMapperResourceID }}
-
-ca.nrc.cadc.reg.client.RegistryClient.baseURL = {{ .Values.deployment.skaha.registryURL }}
\ No newline at end of file
diff --git a/deployment/helm/skaha/config/catalina.properties b/deployment/helm/skaha/config/catalina.properties
deleted file mode 100644
index 9e4949d5..00000000
--- a/deployment/helm/skaha/config/catalina.properties
+++ /dev/null
@@ -1,9 +0,0 @@
-tomcat.connector.scheme=https
-tomcat.connector.proxyName={{ .Values.deployment.hostname }}
-tomcat.connector.proxyPort=443
-ca.nrc.cadc.auth.PrincipalExtractor.enableClientCertHeader=true
-ca.nrc.cadc.util.Log4jInit.messageOnly=true
-# (default: ca.nrc.cadc.auth.NoOpIdentityManager)
-ca.nrc.cadc.auth.IdentityManager={{ .Values.deployment.skaha.identityManagerClass }}
-
-org.opencadc.skaha.posixCache.url = redis://{{ $.Release.Name }}-redis-master.{{ $.Values.skaha.namespace }}.svc.{{ $.Values.kubernetesClusterDomain }}:6379
diff --git a/deployment/helm/skaha/desktop-template/app-desktop.template b/deployment/helm/skaha/desktop-template/app-desktop.template
deleted file mode 100755
index 0cb77cc0..00000000
--- a/deployment/helm/skaha/desktop-template/app-desktop.template
+++ /dev/null
@@ -1,11 +0,0 @@
-[Desktop Entry]
-Version=(VERSION)
-Name=(SHORTNAME)
-Comment=(NAME)
-Keywords=(NAME)
-Exec=(EXECUTABLE)/(NAME).sh
-Terminal=false
-X-MultipleArgs=false
-Icon=/headless/.icons/(SHORTNAME).svg
-Type=Application
-Categories=(CATEGORY);
diff --git a/deployment/helm/skaha/desktop-template/astrosoftware-bottom.menu b/deployment/helm/skaha/desktop-template/astrosoftware-bottom.menu
deleted file mode 100644
index 9f152a0f..00000000
--- a/deployment/helm/skaha/desktop-template/astrosoftware-bottom.menu
+++ /dev/null
@@ -1,3 +0,0 @@
-    </Menu>
-
-</Menu>
diff --git a/deployment/helm/skaha/desktop-template/astrosoftware-top.menu b/deployment/helm/skaha/desktop-template/astrosoftware-top.menu
deleted file mode 100644
index d2216f7f..00000000
--- a/deployment/helm/skaha/desktop-template/astrosoftware-top.menu
+++ /dev/null
@@ -1,12 +0,0 @@
-<!DOCTYPE Menu PUBLIC "-//freedesktop//DTD Menu 1.0//EN"
-  "http://www.freedesktop.org/standards/menu-spec/1.0/menu.dtd">
-
-<Menu>
-    <Name>Xfce</Name>
-
-    <Menu>
-        <Name>AstroSoftware</Name>
-        <Directory>xfce-canfar.directory</Directory>
-        <Include>
-            <Category>AstroSoftware</Category>
-        </Include>
diff --git a/deployment/helm/skaha/desktop-template/desktop-apps-icon.properties b/deployment/helm/skaha/desktop-template/desktop-apps-icon.properties
deleted file mode 100644
index d9fbf652..00000000
--- a/deployment/helm/skaha/desktop-template/desktop-apps-icon.properties
+++ /dev/null
@@ -1 +0,0 @@
-ds9 ds9-terminal topcat topcat-terminal terminal aladin visivo
diff --git a/deployment/helm/skaha/desktop-template/ds9-terminal.desktop.template b/deployment/helm/skaha/desktop-template/ds9-terminal.desktop.template
deleted file mode 100755
index 454035aa..00000000
--- a/deployment/helm/skaha/desktop-template/ds9-terminal.desktop.template
+++ /dev/null
@@ -1,11 +0,0 @@
-[Desktop Entry]
-Version=8.4.1
-Name=ds9-terminal
-Comment=An image display and visualization tool. A user launches ds9 from within an xterm.
-Keywords=ds9-terminal
-Exec=(SCRIPT)
-Terminal=false
-X-MultipleArgs=false
-Icon=/headless/.icons/ds9.svg
-Type=Application
-Categories=X-Xfce-Toplevel;
diff --git a/deployment/helm/skaha/desktop-template/ds9.desktop.template b/deployment/helm/skaha/desktop-template/ds9.desktop.template
deleted file mode 100755
index 8e488784..00000000
--- a/deployment/helm/skaha/desktop-template/ds9.desktop.template
+++ /dev/null
@@ -1,11 +0,0 @@
-[Desktop Entry]
-Version=8.4.1
-Name=ds9
-Comment=An image display and visualization tool for astronomical data. ds9 starts up directly, bypassing the xterm.
-Keywords=ds9
-Exec=(SCRIPT)
-Terminal=false
-X-MultipleArgs=false
-Icon=/headless/.icons/ds9.svg
-Type=Application
-Categories=X-Xfce-Toplevel;
diff --git a/deployment/helm/skaha/desktop-template/resolution-desktop.template b/deployment/helm/skaha/desktop-template/resolution-desktop.template
deleted file mode 100755
index 78950932..00000000
--- a/deployment/helm/skaha/desktop-template/resolution-desktop.template
+++ /dev/null
@@ -1,10 +0,0 @@
-[Desktop Entry]
-Version=1.0
-Name=(NAME)
-Comment=(NAME)
-Keywords=(NAME)
-Exec=(EXECUTABLE)/(NAME).sh
-Terminal=false
-X-MultipleArgs=false
-Type=Application
-Categories=Resolution;
diff --git a/deployment/helm/skaha/desktop-template/resolution-sh.template b/deployment/helm/skaha/desktop-template/resolution-sh.template
deleted file mode 100755
index 2e8becea..00000000
--- a/deployment/helm/skaha/desktop-template/resolution-sh.template
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/bash 
-
-xrandr -s (RESOLUTION)
diff --git a/deployment/helm/skaha/desktop-template/skaha-resolutions.properties b/deployment/helm/skaha/desktop-template/skaha-resolutions.properties
deleted file mode 100644
index 5fd731d9..00000000
--- a/deployment/helm/skaha/desktop-template/skaha-resolutions.properties
+++ /dev/null
@@ -1,13 +0,0 @@
-1920x1200
-1920x1080
-1600x1200
-1680x1050
-1400x1050
-1360x768
-1280x1024
-1280x960
-1280x800
-1280x720
-1024x768
-800x600
-640x480
diff --git a/deployment/helm/skaha/desktop-template/software-category.template b/deployment/helm/skaha/desktop-template/software-category.template
deleted file mode 100755
index 346a0879..00000000
--- a/deployment/helm/skaha/desktop-template/software-category.template
+++ /dev/null
@@ -1,10 +0,0 @@
-[Desktop Entry]
-Version=(VERSION)
-Name=(NAME)
-Comment=(NAME)
-Keywords=(NAME)
-Exec=(EXECUTABLE)/(NAME).sh
-Terminal=false
-X-MultipleArgs=false
-Type=Application
-Categories=(CATEGORY);
diff --git a/deployment/helm/skaha/desktop-template/software-sh.template b/deployment/helm/skaha/desktop-template/software-sh.template
deleted file mode 100755
index 0758abaf..00000000
--- a/deployment/helm/skaha/desktop-template/software-sh.template
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/bash 
-
-gnome-terminal -q --title="(NAME) launcher" -- ${HOME}/.local/skaha/bin/start-(NAME).sh
diff --git a/deployment/helm/skaha/desktop-template/start-software-sh.template b/deployment/helm/skaha/desktop-template/start-software-sh.template
deleted file mode 100644
index c8721568..00000000
--- a/deployment/helm/skaha/desktop-template/start-software-sh.template
+++ /dev/null
@@ -1,168 +0,0 @@
-#!/bin/bash
-HOST=(HOST)
-
-# Callback token
-TOKEN="${DESKTOP_SESSION_APP_TOKEN}"
-
-handle_error() {
-    echo "$1"
-    echo "Please enter Ctl+C when you are ready to exit the xterm."
-    ${HOME}/.local/skaha/bin/sleep-forever.sh &
-    wait
-    exit 1
-}
-
-get_resource_options() {
-    if [ -z "${TOKEN}" ]; then
-      handle_error "[skaha] No credentials to call back to Skaha with."
-    else
-      resources=`curl -s -L -k --header "x-auth-token-skaha: ${TOKEN}" https://(HOST)/skaha/(SKAHA_API_VERSION)/context`
-    fi   
-    
-    core_default=`echo $resources | jq .cores.default`
-    core_options=`echo $resources | jq .cores.options[] | tr '\n' ' '`
-    ram_default=`echo $resources | jq .memoryGB.default`
-    ram_options=`echo $resources | jq .memoryGB.options[] | tr '\n' ' '`
-}
-
-get_cores() {
-    local core_list=( ${core_options} )
-    for v in "${core_list[@]}"; do
-        local core_map[$v]=1
-    done
-
-    cores=${core_default}
-    local c=0
-    read -p "Please enter the number of cores (${core_options}) [${core_default}]: " input_cores
-    while (( c < 3 )); do
-        if [[ -z "${input_cores}" ]]; then
-            cores=${core_default}
-            echo "${cores}"
-            break
-        elif [[ -n "${core_map[${input_cores}]}" ]]; then
-            cores=${input_cores}
-            break
-        else
-            read -p "Please enter the number of cores (${core_options}) [${core_default}]: " input_cores
-            c=$(( c + 1 ))
-        fi
-    done
-
-    if (( c > 2 )); then
-        handle_error "Failed to get the number of cores from user."
-    fi
-}
-
-get_ram() {
-    local ram_list=( ${ram_options} )
-    for v in "${ram_list[@]}"; do
-        local ram_map[$v]=1
-    done
-
-    ram=${ram_default}
-    local c=0
-    read -p "Please enter the amount of memory in GB (${ram_options}) [${ram_default}]: " input_ram
-    while (( c < 3 )); do
-        if [[ -z "${input_ram}" ]]; then
-            ram=${ram_default}
-            echo "${ram}"
-            break
-        elif [[ -n "${ram_map[${input_ram}]}" ]]; then
-            ram=${input_ram}
-            break
-        else
-            read -p "Please enter the amount of memory in GB (${ram_options}) [${ram_default}]: " input_ram
-            c=$(( c + 1 ))
-        fi
-    done
-
-    if (( c > 2 )); then
-        handle_error "Failed to get the amount of ram from user."
-    fi
-}
-
-prompt_user() {
-    while true; do
-        read -p "Do you want to specify resources for (NAME)? (y/n) [n]" yn
-        if [[ -z "${yn}" || ${yn} == "n" || ${yn} == "N" ]]; then
-            echo "Launching (NAME)..."
-
-            if [ -z "${TOKEN}" ]; then
-              handle_error "[skaha] No credentials to call back to Skaha with."
-            else
-              app_id=`curl -s -L -k --header "x-auth-token-skaha: ${TOKEN}" -d "image=(IMAGE_ID)" --data-urlencode "param=(NAME)" https://(HOST)/skaha/(SKAHA_API_VERSION)/session/${VNC_PW}/app`
-            fi 
-            break
-        elif [[ ${yn} == "y" || ${yn} == "Y" ]]; then
-            get_resource_options || handle_error "Error obtaining resource defaults or options."
-            get_cores || handle_error "Error obtaining the number of cores to allocate."
-            get_ram || handle_error "Error obtaining the amount of ram to allocate."
-            echo "Launching (NAME)..."
-
-            if [ -z "${TOKEN}" ]; then
-              handle_error "[skaha] No credentials to call back to Skaha with."              
-            else
-              app_id=`curl -s -L -k --header "x-auth-token-skaha: ${TOKEN}" -d "cores=${cores}" -d "ram=$ram" -d "image=(IMAGE_ID)" --data-urlencode "param=(NAME)" https://(HOST)/skaha/(SKAHA_API_VERSION)/session/${VNC_PW}/app`
-            fi   
-            break
-        else 
-            echo invalid response
-        fi
-    done
-}
-
-launch_app() {
-    get_resource_options || handle_error "Error obtaining resource defaults or options."
-    prompt_user || handle_error "Error prompting user inputs."
-}
-
-get_status() {
-    curl_out=""
-    status=""
-    local n=0
-    sleep 1
-    if [ -z "${TOKEN}" ]; then
-        handle_error "[skaha] No credentials to call back to Skaha with."
-    else
-        curl_out=`curl -s -L -k --header "x-auth-token-skaha: ${TOKEN}" https://(HOST)/skaha/(SKAHA_API_VERSION)/session/${VNC_PW}/app/$1`
-    fi
-
-    while [[ ${curl_out} != *"status"* ]]; do
-        n=$(( n + 1 ))
-        if test $n -eq 10 ; then
-            echo "Failed to get status, ${curl_out}, retrying..."
-            n=0
-        fi
-        sleep 1
-
-        # No need to check for the Token again as it passed above.
-        curl_out=`curl -s -L -k --header "x-auth-token-skaha: ${TOKEN}" https://(HOST)/skaha/(SKAHA_API_VERSION)/session/${VNC_PW}/app/$1`             
-    done
-}
-
-check_status() {
-    get_status $1
-    status=`echo ${curl_out} | jq .status`
-    echo "status: ${status}"
-    local count=0
-    while [[ ${status} == *"Pending"* ]]
-    do
-        count=$(( $count + 1 ))
-        get_status $1
-        status=`echo ${curl_out} | jq .status`
-        if test $count -eq 10 ; then
-            echo "status: ${status}"
-            count=0
-        fi
-    done
-
-    if [[ ${status} == *"Running"* ]]; then
-        echo "Successfully launched app."
-        sleep 1
-    else
-        handle_error "Failed to launch app, status is ${status}."
-    fi
-}
-
-launch_app
-check_status ${app_id}
\ No newline at end of file
diff --git a/deployment/helm/skaha/desktop-template/terminal.desktop.template b/deployment/helm/skaha/desktop-template/terminal.desktop.template
deleted file mode 100755
index 988510a5..00000000
--- a/deployment/helm/skaha/desktop-template/terminal.desktop.template
+++ /dev/null
@@ -1,11 +0,0 @@
-[Desktop Entry]
-Version=1.1
-Name=terminal
-Comment=General terminal for Arcade
-Keywords=terminal
-Exec=(SCRIPT)
-Terminal=false
-X-MultipleArgs=false
-Icon=/headless/.icons/terminal.svg.png
-Type=Application
-Categories=X-Xfce-Toplevel;
diff --git a/deployment/helm/skaha/desktop-template/topcat-terminal.desktop.template b/deployment/helm/skaha/desktop-template/topcat-terminal.desktop.template
deleted file mode 100755
index c92a0606..00000000
--- a/deployment/helm/skaha/desktop-template/topcat-terminal.desktop.template
+++ /dev/null
@@ -1,11 +0,0 @@
-[Desktop Entry]
-Version=4.8.8
-Name=topcat-terminal
-Comment=Graphical viewer and editor for tabular data. A user launches topcat from within an xterm.
-Keywords=topcat-terminal
-Exec=(SCRIPT)
-Terminal=false
-X-MultipleArgs=false
-Icon=/headless/.icons/topcat.svg
-Type=Application
-Categories=X-Xfce-Toplevel;
diff --git a/deployment/helm/skaha/desktop-template/topcat.desktop.template b/deployment/helm/skaha/desktop-template/topcat.desktop.template
deleted file mode 100755
index 3bece4d8..00000000
--- a/deployment/helm/skaha/desktop-template/topcat.desktop.template
+++ /dev/null
@@ -1,11 +0,0 @@
-[Desktop Entry]
-Version=4.8.8
-Name=topcat
-Comment=Graphical viewer and editor for tabular data. topcat starts up directly, bypassing the xterm.
-Keywords=topcat
-Exec=(SCRIPT)
-Terminal=false
-X-MultipleArgs=false
-Icon=/headless/.icons/topcat.svg
-Type=Application
-Categories=X-Xfce-Toplevel;
diff --git a/deployment/helm/skaha/desktop-template/xfce-applications-menu-item.template b/deployment/helm/skaha/desktop-template/xfce-applications-menu-item.template
deleted file mode 100644
index 4de52b6e..00000000
--- a/deployment/helm/skaha/desktop-template/xfce-applications-menu-item.template
+++ /dev/null
@@ -1,7 +0,0 @@
-        <Menu>
-            <Name>(PROJECT)</Name>
-            <Directory>(DIRECTORY)</Directory>
-            <Include>
-                <Category>(CATEGORY)</Category>
-            </Include>
-        </Menu>
diff --git a/deployment/helm/skaha/desktop-template/xfce-directory.template b/deployment/helm/skaha/desktop-template/xfce-directory.template
deleted file mode 100644
index a8aa20d2..00000000
--- a/deployment/helm/skaha/desktop-template/xfce-directory.template
+++ /dev/null
@@ -1,110 +0,0 @@
-[Desktop Entry]
-Version=1.0
-Type=Directory
-Icon=applications-office
-Name=(NAME)
-Name[ar]=مكتب
-Name[ast]=Oficina
-Name[bg]=Офис
-Name[ca]=Oficina
-Name[cs]=Kancelář
-Name[da]=Kontor
-Name[de]=Büro
-Name[el]=Γραφείο
-Name[en_AU]=Office
-Name[en_GB]=Office
-Name[eo]=Oficejo
-Name[es]=Oficina
-Name[et]=Kontor
-Name[eu]=Bulegoa
-Name[fi]=Toimisto
-Name[fr]=Bureautique
-Name[gl]=Oficina
-Name[he]=משרד
-Name[hr]=Ured
-Name[hu]=Iroda
-Name[id]=Perkantoran
-Name[is]=Skrifstofuforrit
-Name[it]=Ufficio
-Name[ja]=オフィス
-Name[kk]=Кеңселік
-Name[ko]=사무
-Name[lt]=Raštinė
-Name[ms]=Pejabat
-Name[nb]=Kontor
-Name[nl]=Kantoor
-Name[nn]=Kontor
-Name[oc]=Burèu
-Name[pl]=Biuro
-Name[pt]=Produtividade
-Name[pt_BR]=Escritório
-Name[ro]=Birou
-Name[ru]=Офис
-Name[sk]=Kancelária
-Name[sl]=Pisarna
-Name[sq]=Zyrë
-Name[sr]=Уред
-Name[sv]=Kontorsprogram
-Name[te]=కార్యాలయం
-Name[th]=สำนักงาน
-Name[tr]=Ofis
-Name[ug]=ئىشخانا
-Name[uk]=Офісні
-Name[uz]=Ofis
-Name[uz@Latn]=Ofis
-Name[zh_CN]=办公
-Name[zh_HK]=辦公
-Name[zh_TW]=辦公
-Comment=Office and productivity applications
-Comment[ar]=تطبيقات المكتب والإنتاج
-Comment[ast]=Aplicaciones d'oficina y productividá
-Comment[bg]=Програми за офиса и продуктивността
-Comment[ca]=Aplicacions d'oficina i de productivitat
-Comment[cs]=Kancelářské aplikace
-Comment[da]=Kontor- og produktivitetsprogrammer
-Comment[de]=Büroanwendungen
-Comment[el]=Εφαρμογές γραφείου και παραγωγικότητας
-Comment[en_AU]=Office and productivity applications
-Comment[en_GB]=Office and productivity applications
-Comment[eo]=Officeja kaj produktiveca programaro
-Comment[es]=Aplicaciones de oficina y productividad
-Comment[et]=Kontoritarkvara ja teised tööprogrammid
-Comment[eu]=Bulego eta produktibitate aplikazioak
-Comment[fi]=Toimisto- ja tuottavuusohjelmistot
-Comment[fr]=Applications bureautiques et de productivité
-Comment[gl]=Aplicativos de oficina e produtividade
-Comment[he]=יישומים משרדיים
-Comment[hr]=Programi ureda i produktivnosti
-Comment[hu]=Irodai alkalmazások
-Comment[id]=Aplikasi kantor dan produktivitas
-Comment[is]=Verkfæri fyrir vinnuna og skólann
-Comment[it]=Applicazioni per l'ufficio e la produttività
-Comment[ja]=オフィスおよび生産性アプリケーションです
-Comment[kk]=Кеңселік мен өндіру құралдары
-Comment[ko]=사무 및 생산성 프로그램
-Comment[lt]=Raštinės ir darbo programos
-Comment[ms]=Aplikasi pejabat dan produktiviti
-Comment[nb]=Kontor og produktivitetsapplikasjoner
-Comment[nl]=Kantoor- en productiviteitstoepassingen
-Comment[nn]=Program for å skriva og løysa kontoroppgåver
-Comment[oc]=Aplicacions buroticas e de productivitat
-Comment[pl]=Przechowuje programy biurowe
-Comment[pt]=Aplicações de escritório e produtividade
-Comment[pt_BR]=Aplicativos de escritório e produtividade
-Comment[ro]=Programe de birou
-Comment[ru]=Офисные приложения
-Comment[sk]=Kancelárske a výrobné aplikácie
-Comment[sl]=Pisarniške in produktivne aplikacije
-Comment[sq]=Zbatime zyre dhe prodhimshmërie
-Comment[sr]=Програми за уређивање докуменеата и стваралаштво
-Comment[sv]=Kontor- och produktivitetsprogram
-Comment[te]=కార్యాలయ మరియు ఉత్పాదక అనువర్తనాలు
-Comment[th]=โปรแกรมสำหรับสำนักงานและผลิตภาพ
-Comment[tr]=Ofis ve verimlilik uygulamaları
-Comment[ug]=ئىشخانا ۋە خىزمەت پروگراممىلىرى
-Comment[uk]=Програми для офісної та продуктивної роботи
-Comment[uz]=Ofis va samaradorlik dasturlari
-Comment[uz@Latn]=Ofis va samaradorlik dasturlari
-Comment[zh_CN]=办公和成品应用程序
-Comment[zh_HK]=辦公與生產力應用程式
-Comment[zh_TW]=辦公與生產力應用程式
diff --git a/deployment/helm/skaha/image-cache/cache-images.sh b/deployment/helm/skaha/image-cache/cache-images.sh
deleted file mode 100644
index 70acf126..00000000
--- a/deployment/helm/skaha/image-cache/cache-images.sh
+++ /dev/null
@@ -1,62 +0,0 @@
-harborHosts=$(echo $HARBOR_HOST | tr ' ' '\n')
-
-URL="https://$harborHost/api/v2.0/projects?page_size=100"
-PROJECT_URL="https:/$harborHost/api/v2.0/projects"
-
-# checking if redis instance available or not
-if ! redis-cli -h $REDIS_HOST -p $REDIS_PORT ping > /dev/null 2>&1; then
-    echo "Redis server is not running. Please start the Redis server and try again."
-    exit 1
-fi
-
-temp_key=$(date +%s)
-
-# Fetch the data from the given URL
-echo "$harborHosts" | while read -r harborHost; do
-    URL="https://$harborHost/api/v2.0/projects?page_size=100"
-    PROJECT_URL="https://$harborHost/api/v2.0/projects"
-
-    echo "fetching the images host: $URL"
-    response=$(curl -k $URL)
-
-    # Parse the response and iterate over the list
-    echo $response | jq -c '.[]' | while read -r project; do
-        project_name=$(echo $project | jq -r '.name')
-
-        project_data=$(curl -k -s "$PROJECT_URL/$project_name/repositories?page_size=-1")
-
-        # Null check for project_data
-        if [ -z "$project_data" ] || [ "$project_data" == "null" ]; then
-            continue
-        fi
-
-        echo $project_data | jq -c '.[]' | while read -r repo; do
-            repo_name=$(echo $repo | jq -r '.name')
-
-            name=$(echo $repo_name | awk -F'/' '{print $NF}')
-            repo_data=$(curl -k -s "$PROJECT_URL/$project_name/repositories/$name/artifacts?detail=true&with_label=true&page_size=-1")
-
-            echo $repo_data | jq -c '.[]' | while read -r artifact; do
-                tag=$(echo $artifact | jq -r .tags[0].name)
-
-                if [ -z "$tag" ] || [ "$tag" == "null" ]; then
-                    continue
-                fi
-
-                image_id="$harborHost/$project_name/$name:$tag"
-                labelArray=$(echo $artifact | jq -r .labels)
-
-                # check if labels are empty
-                if [ -z "$labelArray" ] || [ "$labelArray" == "null" ]; then
-                    echo "No labels found for $image_id"
-                    continue
-                fi
-
-                labels=$(echo $artifact | jq -c [.labels[].name])
-
-                refined_artifact=$(echo $artifact | jq -c --argjson labels "$labels" --arg id "$image_id" '{id: $id, types: $labels, digest: .digest}')
-                echo $refined_artifact | redis-cli -h $REDIS_HOST -p $REDIS_PORT -x rpush "$temp_key"
-            done
-        done
-    done
-done && redis-cli -h $REDIS_HOST -p $REDIS_PORT rename "$temp_key" public
diff --git a/deployment/helm/skaha/init-users-groups-config/init-users-groups.sh b/deployment/helm/skaha/init-users-groups-config/init-users-groups.sh
deleted file mode 100755
index f16a301f..00000000
--- a/deployment/helm/skaha/init-users-groups-config/init-users-groups.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/bin/sh
-
-# It is expected that /etc-passwd and /etc-group exist and contain the original passwd files
-# named passwd-orig and group-orig respectively.
-
-# REDIS_URL expected to be in the environment.
-# env:
-#   - name: REDIS_URL
-#     value: http://example.org:6359
-#
-
-SAVEIFS=$IFS
-IFS='\n'
-
-if [[ -z "${REDIS_URL}" ]]; then
-    echo "Required argument REDIS_URL is missing."
-    exit 1
-else
-    echo "Using REDIS_URL: ${REDIS_URL}"
-fi  
-
-TARGET_PASSWD_FILE="/etc-passwd/passwd"
-TARGET_GROUP_FILE="/etc-group/group"
-
-# Create (or overwrite) the files
-cat /etc-passwd/passwd-orig > "${TARGET_PASSWD_FILE}"
-cat /etc-group/group-orig > "${TARGET_GROUP_FILE}"
-
-# Append Science Platform users
-redis-cli -u "${REDIS_URL}" --raw smembers "users:posix" >> "${TARGET_PASSWD_FILE}"
-redis-cli -u "${REDIS_URL}" --raw smembers "groups:posix" >> "${TARGET_GROUP_FILE}"
-
-# restore $IFS
-IFS=$SAVEIFS
diff --git a/deployment/helm/skaha/launch-scripts/build-menu.sh b/deployment/helm/skaha/launch-scripts/build-menu.sh
deleted file mode 100644
index d86169ee..00000000
--- a/deployment/helm/skaha/launch-scripts/build-menu.sh
+++ /dev/null
@@ -1,254 +0,0 @@
-#!/bin/bash
-
-HOST=$1
-
-# Callback token
-TOKEN="${DESKTOP_SESSION_APP_TOKEN}"
-
-ICON_DIR="/headless/.icons"
-STARTUP_DIR="/desktopstartup"
-SKAHA_DIR="$HOME/.local/skaha"
-EXECUTABLE_DIR="$HOME/.local/skaha/bin"
-XFCE_DESKTOP_DIR_PARENT="$HOME/.local/share"
-XFCE_DESKTOP_DIR="${XFCE_DESKTOP_DIR_PARENT}/applications"
-DESKTOP_DIR="$HOME/.local/skaha/share/applications"
-DIRECTORIES_DIR="$HOME/.local/skaha/share/desktop-directories"
-START_ASTROSOFTWARE_MENU="${STARTUP_DIR}/astrosoftware-top.menu"
-END_ASTROSOFTWARE_MENU="${STARTUP_DIR}/astrosoftware-bottom.menu"
-MERGED_DIR="/etc/xdg/menus/applications-merged"
-ASTROSOFTWARE_MENU="${MERGED_DIR}/astrosoftware.menu"
-declare -A app_version
-
-
-# generate a list of candidate icon names
-generate_candidates () {
-  current_dir=${PWD}
-  cd ${ICON_DIR}
-  png_files=`ls *.png`
-  svg_files=`ls *.svg`
-  non_candidates=()
-  for file in ${png_files}
-  do
-    non_candidates+=(`echo ${file} | cut -f1 -d"."`)
-  done
-  echo "[skaha] non icon candidates: ${non_candidates[@]}"
-
-  candidates=()
-  for file in ${svg_files[@]}
-  do
-    candidate=(`echo ${file} | cut -f1 -d"."`)
-    if [[ ! "${non_candidates[@]}" =~ ${candidate} ]]; then
-      candidates+=(${candidate})
-    fi
-  done
-  echo "[skaha] icon candidates: ${candidates[@]}"
-  cd ${current_dir}
-}
-
-init_app_version () {
-  generate_candidates
-  for app_name in ${candidates[@]}
-  do
-    app_version[${app_name}]="${app_name}:"
-  done
-}
-
-init_skaha_dir () {
-  if [[ -d "${SKAHA_DIR}" ]]; then
-    # remove the directory
-    rm -rf ${SKAHA_DIR}
-  fi
-
-  dirs="${EXECUTABLE_DIR} ${DESKTOP_DIR} ${DIRECTORIES_DIR}"
-  for dir in ${dirs}; do
-    mkdir -p ${dir}
-  done
-}
-
-init_applications_dir () {
-  # XFCE is hardcoded to use ~/.local/share/applications
-  if [[ -d ${XFCE_DESKTOP_DIR} ]]; then
-    # directory already exists, delete it
-    rm -rf ${XFCE_DESKTOP_DIR}
-  fi
-
-  # create soft link if there isn't one already
-  # ensure the parent directory is created first
-  if [[ ! -L ${XFCE_DESKTOP_DIR} ]]; then
-    mkdir -p ${XFCE_DESKTOP_DIR_PARENT}
-    ln -s ${DESKTOP_DIR} ${XFCE_DESKTOP_DIR}
-  fi
-}
-
-init () {
-  init_app_version
-  init_skaha_dir
-  init_applications_dir
-
-  # sleep-forever.sh is used on desktop-app start up, refer to start-software-sh.template
-  cp /skaha-system/sleep-forever.sh ${EXECUTABLE_DIR}/.
-}
-
-build_resolution_items () {
-  RESOLUTION_SH="${STARTUP_DIR}/resolution-sh.template"
-  RESOLUTION_DESKTOP="${STARTUP_DIR}/resolution-desktop.template"
-  if [[ -f "${RESOLUTION_SH}" ]]; then
-    if [[ -f "${RESOLUTION_DESKTOP}" ]]; then
-      while IFS= read -r line; do
-        executable="${EXECUTABLE_DIR}/${line}.sh"
-        desktop="${DESKTOP_DIR}/${line}.desktop"
-        cp ${RESOLUTION_SH} ${executable}
-        cp ${RESOLUTION_DESKTOP} ${desktop}
-        sed -i -e "s#(RESOLUTION)#${line}#g" ${executable}
-        rm -f ${EXECUTABLE_DIR}/*-e
-        sed -i -e "s#(NAME)#${line}#g" ${desktop}
-        sed -i -e "s#(EXECUTABLE)#${EXECUTABLE_DIR}#g" ${desktop}
-        rm -f ${DEKSTOP_DIR}/*-e
-      done < ${STARTUP_DIR}/skaha-resolutions.properties
-    else
-      echo "[skaha] ${RESOLUTION_DESKTOP} does not exist"
-      exit 1
-    fi
-  else
-    echo "[skaha] ${RESOLUTION_SH} does not exist"
-    exit 1
-  fi
-}
-
-build_resolution_menu () {
-  RESOLUTION="resolution"
-  cp ${STARTUP_DIR}/xfce-directory.template ${DIRECTORIES_DIR}/xfce-${RESOLUTION}.directory
-  sed -i -e "s#(NAME)#Resolution#g" ${DIRECTORIES_DIR}/xfce-${RESOLUTION}.directory
-  cp ${DIRECTORIES_DIR}/xfce-${RESOLUTION}.directory ${DIRECTORIES_DIR}/${RESOLUTION}.directory
-  rm -f ${DIRECTORIES_DIR}/*-e
-  build_resolution_items
-}
-
-create_merged_applications_menu () {
-  if [[ -f "${START_ASTROSOFTWARE_MENU}" ]]; then
-    if [[ -f "${ASTROSOFTWARE_MENU}" ]]; then
-      rm -f ${ASTROSOFTWARE_MENU}
-    fi
-    cp ${START_ASTROSOFTWARE_MENU} ${ASTROSOFTWARE_MENU}
-    cp ${STARTUP_DIR}/xfce-directory.template ${DIRECTORIES_DIR}/xfce-canfar.directory
-    sed -i -e "s#(NAME)#AstroSoftware#g" ${DIRECTORIES_DIR}/xfce-canfar.directory
-    rm -f ${DIRECTORIES_DIR}/*-e
-    cp ${DIRECTORIES_DIR}/xfce-canfar.directory ${DIRECTORIES_DIR}/canfar.directory
-  else
-    echo "[skaha] ${START_ASTROSOFTWARE_MENU} does not exist"
-    exit 1
-  fi
-}
-
-complete_merged_applications_menu () {
-  if [[ -f "${ASTROSOFTWARE_MENU}" ]]; then
-    cat ${END_ASTROSOFTWARE_MENU} >> ${ASTROSOFTWARE_MENU}
-    build_resolution_menu
-  else
-    echo "[skaha] ${ASTROSOFTWARE_MENU} does not exist"
-    exit 1
-  fi
-}
-
-build_menu () {
-  project=$1
-  directory="xfce-$1.directory"
-  cat ${STARTUP_DIR}/xfce-applications-menu-item.template >> ${ASTROSOFTWARE_MENU}
-  sed -i -e "s#(PROJECT)#${project}#g" ${ASTROSOFTWARE_MENU}
-  sed -i -e "s#(DIRECTORY)#${directory}#g" ${ASTROSOFTWARE_MENU}
-  sed -i -e "s#(CATEGORY)#${project}#g" ${ASTROSOFTWARE_MENU}
-  rm -f ${MERGED_DIR}/*-e
-
-  cp ${STARTUP_DIR}/xfce-directory.template ${DIRECTORIES_DIR}/${directory}
-  sed -i -e "s#(NAME)#${project}#g" ${DIRECTORIES_DIR}/${directory}
-  rm -f ${DIRECTORIES_DIR}/*-e
-}
-
-update_desktop () {
-  dest=$1
-  short_name=$2
-  name=$3
-  tmp_file=/tmp/${short_name}.desktop
-  cp ${STARTUP_DIR}/app-desktop.template ${tmp_file}
-  sed -i -e "s#(VERSION)#${version}#g" ${tmp_file}
-  sed -i -e "s#(SHORTNAME)#${short_name}#g" ${tmp_file}
-  sed -i -e "s#(NAME)#${name}#g" ${tmp_file}
-  sed -i -e "s#(EXECUTABLE)#${EXECUTABLE_DIR}#g" ${tmp_file}
-  sed -i -e "s#(CATEGORY)#${category}#g" ${tmp_file}
-  cp ${tmp_file} ${dest}
-  rm ${tmp_file}
-}
-
-build_menu_item () {
-  image_id=$1
-  name=$2
-  category=$3
-  tmp_folder="/tmp"
-  name_version_array=($(echo $name | tr ":" "\n"))
-  short_name=${name_version_array[0]}
-  version=${name_version_array[1]}
-  executable="${EXECUTABLE_DIR}/${name}.sh"
-  tmp_executable="${tmp_folder}/${name}.sh"
-  start_executable="${EXECUTABLE_DIR}/start-${name}.sh"
-  tmp_start_executable="${tmp_folder}/start-${name}.sh"
-  desktop="${DESKTOP_DIR}/${name}.desktop"
-  tmp_desktop="${tmp_folder}/${name}.desktop"
-  cp ${STARTUP_DIR}/software-sh.template $tmp_executable
-  cp ${STARTUP_DIR}/start-software-sh.template ${tmp_start_executable}
-  cp ${STARTUP_DIR}/software-category.template $tmp_desktop
-  sed -i -e "s#(IMAGE_ID)#${image_id}#g" $tmp_executable
-  sed -i -e "s#(TOKEN)#${TOKEN}#g" $tmp_start_executable
-  sed -i -e "s#(HOST)#${HOST}#g" $tmp_start_executable
-  sed -i -e "s#(SKAHA_API_VERSION)#${SKAHA_API_VERSION}#g" $tmp_start_executable
-  sed -i -e "s#(NAME)#${name}#g" $tmp_executable
-  sed -i -e "s#(IMAGE_ID)#${image_id}#g" ${tmp_start_executable}
-  sed -i -e "s#(NAME)#${name}#g" ${tmp_start_executable}
-  sed -i -e "s#(NAME)#${name}#g" $tmp_desktop
-  sed -i -e "s#(VERSION)#${version}#g" $tmp_desktop
-  sed -i -e "s#(EXECUTABLE)#${EXECUTABLE_DIR}#g" $tmp_desktop
-  sed -i -e "s#(CATEGORY)#${category}#g" $tmp_desktop
-  cp $tmp_executable $executable
-  cp $tmp_start_executable ${start_executable}
-  cp $tmp_desktop $desktop
-  rm -f $tmp_executable
-  rm -f $tmp_start_executable
-  rm -f $tmp_desktop
-  if [[ "${candidates[@]}" =~ (" "|^)${short_name}(" "|$) ]]; then
-    if [[ ${image_id} == *"/${category}/${short_name}:"* ]] && [[ "${name}" > "${app_version[${short_name}]}" ]]; then
-      # pick the latest version
-      app_version[${short_name}]="${name}"
-      # accessed via icon on desktop
-      update_desktop /headless/Desktop/${short_name}.desktop ${short_name} ${name}
-    fi
-  fi
-  rm -f ${EXECUTABLE_DIR}/*-e
-  rm -f ${DESKTOP_DIR}/*-e
-}
-
-echo "[skaha] Start building menu."
-init
-create_merged_applications_menu
-curl_out=$(curl -s -k --header "x-auth-token-skaha: ${TOKEN}" "https://${HOST}/skaha/${SKAHA_API_VERSION}/image?type=desktop-app")
-if [[ $(echo ${curl_out} | jq '[.[] | .id | length] | add') == 0 ]]; then
-  echo "[skaha] no desktop-app"
-  echo "${curl_out}"
-  exit 1
-else
-  image_id_list=$(echo ${curl_out} | jq -r '.[] | .id')
-  for image_id in ${image_id_list}
-  do
-    echo "[skaha] image_id: ${image_id}"
-    image_array=($(echo ${image_id} | tr "/" "\n"))
-    if [[ ${#image_array[@]} -ge 3 ]]; then
-      project=${image_array[1]}
-      name=${image_array[2]}
-      if [[ ! " ${project_array[*]} " =~ " ${project} " ]]; then
-        project_array=(${project_array[@]} ${project})
-        build_menu ${project} ${name}
-      fi
-      build_menu_item ${image_id} ${name} ${project}
-    fi
-  done
-fi
-complete_merged_applications_menu
-echo "[skaha] Finish building menu."
diff --git a/deployment/helm/skaha/launch-scripts/skaha-carta.sh b/deployment/helm/skaha/launch-scripts/skaha-carta.sh
deleted file mode 100644
index ee4c5b82..00000000
--- a/deployment/helm/skaha/launch-scripts/skaha-carta.sh
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/bash
-
-set -e
-
-SELF=skaha-carta
-
-TS=$(date)
-echo "$TS $SELF START"
-
-if [ "$#" -ne 2 ]; then
-    echo "Usage: skaha-carta <root> <folder>"
-    exit 2
-fi
-
-ROOT=$1
-FOLDER=$2
-echo "root: $ROOT"
-echo "folder: $FOLDER"
-echo "command: carta --no_browser --top_level_folder=$ROOT --port=6901 --idle_timeout=100000 --debug_no_auth $FOLDER"
-carta --no_browser --top_level_folder=$ROOT --port=6901 --idle_timeout=100000 --debug_no_auth $FOLDER
-# A bit over a day timeout. Disable token authentication.
diff --git a/deployment/helm/skaha/launch-scripts/sleep-forever.sh b/deployment/helm/skaha/launch-scripts/sleep-forever.sh
deleted file mode 100755
index 5f13bbdf..00000000
--- a/deployment/helm/skaha/launch-scripts/sleep-forever.sh
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/bash
-# sleep forever
-while true; do
-    sleep 1000
-done
diff --git a/deployment/helm/skaha/launch-scripts/start-desktop-software.sh b/deployment/helm/skaha/launch-scripts/start-desktop-software.sh
deleted file mode 100644
index 5118f634..00000000
--- a/deployment/helm/skaha/launch-scripts/start-desktop-software.sh
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/bin/bash
-
-USERID=$1
-TITLE=$2
-
-echo "[skaha] Starting skaha software container [title=$TITLE] for [userid=$USERID]"
-
-INITFILE=/skaha/init.sh
-STARTUPFILE=/skaha/startup.sh
-
-if [ -f "$INITFILE" ]; then
-    echo "[skaha] Calling /skaha/init.sh"
-    /skaha/init.sh
-fi
-
-if [ -f "$STARTUPFILE" ]; then
-    echo "[skaha] Starting xterm via /skaha/startup.sh"
-    /skaha/startup.sh "xterm -fg white -bg black -title $TITLE"
-else
-    echo "[skaha] Starting xterm"
-    xterm -fg white -bg black -title $TITLE
-fi
-
-echo "[skaha] Exit"
diff --git a/deployment/helm/skaha/launch-scripts/start-desktop.sh b/deployment/helm/skaha/launch-scripts/start-desktop.sh
deleted file mode 100644
index a63bf3ea..00000000
--- a/deployment/helm/skaha/launch-scripts/start-desktop.sh
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/bash
-
-HOST=$1
-
-mkdir -p ${HOME}
-cd ${HOME}
-
-
-mkdir -p ${HOME}/.token
-
-echo "[skaha] Starting skaha desktop container"
-/skaha-system/build-menu.sh ${HOST}
-if [[ $? -eq 0 ]]; then
-  /dockerstartup/vnc_startup.sh
-  echo "[skaha] Exit"
-else
-  echo "[skaha] Error exit"
-  exit 1
-fi
diff --git a/deployment/helm/skaha/launch-scripts/start-jupyterlab.sh b/deployment/helm/skaha/launch-scripts/start-jupyterlab.sh
deleted file mode 100644
index a039e816..00000000
--- a/deployment/helm/skaha/launch-scripts/start-jupyterlab.sh
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/bash
-
-# One argument expected: the skaha session ID, which makes up part of the connect url
-
-mkdir -p ${HOME}
-cd ${HOME}
-
-
-mkdir -p ${HOME}/.token
-
-jupyter lab \
-	--NotebookApp.base_url=session/notebook/"$1" \
-	--NotebookApp.notebook_dir=/ \
-	--NotebookApp.allow_origin="*" \
-	--ServerApp.ip=0.0.0.0 \
-	--ServerApp.port=8888 \
-	--no-browser \
-	--ServerApp.base_url=session/notebook/"$1" \
-	--ServerApp.root_dir=/ \
-	--ServerApp.allow_origin="*" \
-	${JUPYTERLAB_ARGS}
diff --git a/deployment/helm/skaha/sample-local-values.yaml b/deployment/helm/skaha/sample-local-values.yaml
deleted file mode 100644
index 538fd38f..00000000
--- a/deployment/helm/skaha/sample-local-values.yaml
+++ /dev/null
@@ -1,188 +0,0 @@
-# Sample Local install values file.
-
-# Skaha web service deployment
-deployment:
-  hostname: example.org # Change this
-  skaha:
-    imagePullPolicy: IfNotPresent
-    # Space delimited list of allowed Image Registry hosts.  These hosts should match the hosts in the User Session images.
-    registryHosts: "images.canfar.net"
-
-    # Root of shared storage
-    skahaTld: "/cavern"
-
-    # The group name to verify users against for permission to use the Science Platform.
-    usersGroup: "ivo://example.org/gms?example/users-group-name"
-
-    adminsGroup: "ivo://example.org/gms?example/admin-group-name"
-
-    headlessGroup: "ivo://example.org/gms?example/headless-group-name"
-
-    headlessPriorityGroup: "ivo://example.org/gms?example/headless-priority-group-name"
-
-    headlessPriorityClass: "uber-user-preempt-high"
-
-    # Groups that can change the logging output level.
-    # See log setting information at https://github.com/opencadc/core/tree/main/cadc-log#cadc-log
-    loggingGroups:
-      - "ivo://example.org/gms?/example/logging-group-1"
-      - "ivo://example.org/gms?/example/logging-group-2"
-
-    # The Resource ID of the Service that contains the Posix Mapping information
-    posixMapperResourceID: "ivo://example.org/posix-mapper"
-
-    # This applies to Skaha itself, not the User Sessions.  Meaning, this Pod will be scheduled on Nodes with the label.
-    # Note the different indentation level compared to the sessions.nodeAffinity.
-    nodeAffinity:
-      # Only allow Skaha to run on specific Nodes.
-      requiredDuringSchedulingIgnoredDuringExecution:
-        nodeSelectorTerms:
-        - matchExpressions:
-          - key: persistent-service-api-node
-            operator: Exists
-
-    # Session settings.
-    sessions:
-      expirySeconds: "345600" # Four days
-      maxCount: "2"  # Users may have 2 interactive sessions at once
-      minEphemeralStorage: "10Gi" # Initial request for ephemeral storage (scratch disk space)
-      maxEphemeralStorage: "100Gi" # Max expansion for ephemeral storage (scratch disk space)
-      extraVolumes:
-      - name: cvmfs-mount
-        volume:
-          type: HOST_PATH     # HOST_PATH is for host path
-          hostPath: "/cvmfs"  # Path on the Node to look for a source folder
-          hostPathType: Directory
-        volumeMount:
-          mountPath: "/cvmfs"   # Path to mount on the User Sesssion Pod.
-          readOnly: false
-          mountPropagation: HostToContainer
-
-      # When set to 'true' this flag will enable GPU node scheduling.
-      gpuEnabled: true
-
-      # Example nodeAffinity to ensure User Session Pods are NOT scheduled on API Nodes alongside Skaha, 
-      # for example, to ensure load does not affect them.
-      nodeAffinity:
-        # Only allow executions of User Sessions on specific Nodes.
-        requiredDuringSchedulingIgnoredDuringExecution:
-          nodeSelectorTerms:
-          - matchExpressions:
-            - key: persistent-service-api-node
-              operator: DoesNotExist
-
-    # Resources provided to the Skaha service.
-    resources:
-      requests:
-        memory: "500M"
-        cpu: "500m"
-      limits:
-        memory: "1500M"
-        cpu: "1500m"
-
-    # Optionally set the DEBUG port.
-    # extraEnv:
-    # - name: CATALINA_OPTS
-    #   value: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=0.0.0.0:5555"
-    # - name: JAVA_OPTS
-    #   value: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=0.0.0.0:5555"
-
-    # Uncomment to debug.  Requires options above as well as service port exposure below.
-    # extraPorts:
-    # - containerPort: 5555
-    #   protocol: TCP
-
-    # Optionally mount a custom CA certificate
-    extraVolumeMounts:
-    # - mountPath: "/config/cacerts"
-    #   name: cacert-volume
-
-    # If the base names have changed, then change them here, otherwise leave them.
-    priorityClassName: uber-user-preempt-high
-    serviceAccountName: skaha
-
-    # Create the CA certificate volume to be mounted in extraVolumeMounts
-    extraVolumes:
-    # - name: cacert-volume
-    #   secret:
-    #     defaultMode: 420
-    #     secretName: skaha-cacert-secret
-
-secrets:
-  # Uncomment to enable local or self-signed CA certificates for your domain to be trusted.
-  # skaha-cacert-secret:
-  #   ca.crt: <base64 encoded CA crt>
-
-# Exposed extra ports.  Uncomment the java-debug port to expose and debug issues.
-# service:
-#   extraPorts:
-  # - port: 5555
-  #   protocol: TCP
-  #   name: java-debug
-
-# Set these labels appropriately to match your Persistent Volume labels.
-# The storage.service.spec can be anything that supports ACLs, such as CephFS or Local.
-# The CephFS Volume can be dynamically allocated here for the storage.service.spec:
-# Example:
-# storage:
-#   service:
-#     spec:
-#       cephfs:
-#         mons:
-#           ...
-# Default is a PersistentVolumeClaim to the Local Storage.
-storage:
-  service:
-    spec:
-      persistentVolumeClaim:
-        claimName: skaha-pvc # Match this label up with whatever was installed in the base install, or the desired PVC, or create dynamically provisioned storage.
-  sessions:
-    claim:
-      # storageClassName: ""
-      labels:
-        storage: local-storage  # Match this label up with whatever was installed in the base install, or the desired PVC
-
-# Kueue setups
-kueue:
-  resourceFlavors:
-  - name: skaha
-    
-  localQueues:
-    skaha-workload-queue-interactive:
-      namespace: skaha-workload
-      clusterQueue: skaha-cluster-queue-interactive
-    skaha-workload-queue-headless:
-      namespace: skaha-workload
-      clusterQueue: skaha-cluster-queue-headless
-
-  clusterQueues:
-    skaha-cluster-queue-interactive:
-      cohort: "skaha-queue"
-      resourceGroups:
-      - coveredResources: ["cpu", "memory", "ephemeral-storage"]
-        flavors:
-        - name: skaha
-          resources:
-          - name: cpu
-            nominalQuota: 6 # Change this according to the available resources
-            borrowingLimit: 2 # Change this according to the resource requirements
-          - name: memory
-            nominalQuota: 6Gi # Change this according to the available resources
-            borrowingLimit: 2Gi # Change this according to the available resources 
-          - name: ephemeral-storage
-            nominalQuota: 50Gi
-    skaha-cluster-queue-headless:
-      cohort: "skaha-queue"
-      resourceGroups:
-      - coveredResources: ["cpu", "memory", "ephemeral-storage"]
-        flavors:
-        - name: skaha
-          resources:
-          - name: cpu
-            nominalQuota: 4 # Change this according to the available resources
-            borrowingLimit: 0 # Change this according to the resource requirements
-          - name: memory
-            nominalQuota: 4Gi # Change this according to the available resources
-            borrowingLimit: 0Gi # Change this according to the resource requirements
-          - name: ephemeral-storage
-            nominalQuota: 50Gi
diff --git a/deployment/helm/skaha/skaha-config/README.md b/deployment/helm/skaha/skaha-config/README.md
deleted file mode 100644
index 84a3bd15..00000000
--- a/deployment/helm/skaha/skaha-config/README.md
+++ /dev/null
@@ -1 +0,0 @@
-File k8s-config goes in this directory.  Follow the instructions in the README.md in the directory above
diff --git a/deployment/helm/skaha/skaha-config/RsaSignaturePub.key b/deployment/helm/skaha/skaha-config/RsaSignaturePub.key
deleted file mode 100644
index 818b7cdd..00000000
--- a/deployment/helm/skaha/skaha-config/RsaSignaturePub.key
+++ /dev/null
@@ -1,8 +0,0 @@
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvitwgh99UlLTNUgZWKy3bDB+u7++QX/i
-Gpb3H/p0o0dCQurOHH9NSWkUH9po0CDnDGTN0ZFoLUeGBDDl/pCN2Lk+AYmx7sjxUY7YiPA6iXK1
-zLQtPqKZC/oZ7CqF2pyUZoSY6Y/xj7QbzFThFR+mC7dXtP0Giu2l87wYszNUAzSbAAuyfmmipEjT
-QffPTAZ+QXY5JildS78/4OiBMO3roOyIyuAas9kN4Ii+vZYOwqXMjQAhMBMVzm7WwQ+a6p1X43mY
-RkKkmLY/HtSzN8CY/Y6BF5CqHgIIecw9eDVVSN3r71ZZWR6vxWyZyd5NiOxneSqP0rATG3u8TE+P
-ISQC7wIDAQAB
------END PUBLIC KEY-----
diff --git a/deployment/helm/skaha/skaha-config/ingress-carta.yaml b/deployment/helm/skaha/skaha-config/ingress-carta.yaml
deleted file mode 100644
index 898c5116..00000000
--- a/deployment/helm/skaha/skaha-config/ingress-carta.yaml
+++ /dev/null
@@ -1,50 +0,0 @@
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
-  name: skaha-carta-http-middleware-${skaha.sessionid}
-spec:
-  replacePathRegex:
-    regex: ^/session/carta/http/${skaha.sessionid}(/|$)(.*)
-    replacement: /$2
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
-  name: skaha-carta-ws-middleware-${skaha.sessionid}
-spec:
-  replacePathRegex:
-    regex: ^/session/carta/ws/${skaha.sessionid}(/|$)(.*)
-    replacement: /$2
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
-  name: skaha-carta-ingress-${skaha.sessionid}
-  annotations:
-    traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
-    traefik.ingress.kubernetes.io/router.tls: "true"
-spec:
-  entryPoints:
-    - web
-    - websecure
-  routes:
-  - kind: Rule
-    match: Host(`${skaha.hostname}`) && PathPrefix(`/session/carta/http/${skaha.sessionid}`)
-    services:
-    - kind: Service
-      name: skaha-carta-svc-${skaha.sessionid}
-      port: 6901
-      scheme: http
-    middlewares:
-      - name: skaha-carta-http-middleware-${skaha.sessionid}
-  - kind: Rule
-    match: Host(`${skaha.hostname}`) && PathPrefix(`/session/carta/ws/${skaha.sessionid}`)
-    services:
-    - kind: Service
-      name: skaha-carta-svc-${skaha.sessionid}
-      port: 5901
-      scheme: http
-    middlewares:
-      - name: skaha-carta-ws-middleware-${skaha.sessionid}
diff --git a/deployment/helm/skaha/skaha-config/ingress-contributed.yaml b/deployment/helm/skaha/skaha-config/ingress-contributed.yaml
deleted file mode 100644
index f114a2bd..00000000
--- a/deployment/helm/skaha/skaha-config/ingress-contributed.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
-  name: skaha-contributed-middleware-${skaha.sessionid}
-spec:
-  replacePathRegex:
-    regex: ^/session/contrib/${skaha.sessionid}(/|$)(.*)
-    replacement: /$2
-
----
-
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
-  name: skaha-contributed-ingress-${skaha.sessionid}
-  annotations:
-    traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
-    traefik.ingress.kubernetes.io/router.tls: "true"
-spec:
-  entryPoints:
-    - web
-    - websecure
-  routes:
-  - kind: Rule
-    match: Host(`${skaha.hostname}`) && PathPrefix(`/session/contrib/${skaha.sessionid}/`)
-    services:
-    - kind: Service
-      name: skaha-contributed-svc-${skaha.sessionid}
-      port: 5000
-      scheme: http
-    middlewares:
-      - name: skaha-contributed-middleware-${skaha.sessionid}
diff --git a/deployment/helm/skaha/skaha-config/ingress-desktop.yaml b/deployment/helm/skaha/skaha-config/ingress-desktop.yaml
deleted file mode 100644
index e2e23a61..00000000
--- a/deployment/helm/skaha/skaha-config/ingress-desktop.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
-  name: skaha-desktop-middleware-${skaha.sessionid}
-spec:
-  replacePathRegex:
-    regex: ^/session/desktop/${skaha.sessionid}(/|$)(.*)
-    replacement: /$2
-
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
-  name: skaha-desktop-ingress-${skaha.sessionid}
-  annotations:
-    traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
-    traefik.ingress.kubernetes.io/router.tls: "true"
-spec:
-  entryPoints:
-    - web
-    - websecure
-  routes:
-  - kind: Rule
-    match: Host(`${skaha.hostname}`) && PathPrefix(`/session/desktop/${skaha.sessionid}/`)
-    services:
-    - kind: Service
-      name: skaha-desktop-svc-${skaha.sessionid}
-      port: 6901
-      scheme: http
-    middlewares:
-      - name: skaha-desktop-middleware-${skaha.sessionid}
diff --git a/deployment/helm/skaha/skaha-config/ingress-notebook.yaml b/deployment/helm/skaha/skaha-config/ingress-notebook.yaml
deleted file mode 100644
index f858d159..00000000
--- a/deployment/helm/skaha/skaha-config/ingress-notebook.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
-  name: skaha-notebook-ingress-${skaha.sessionid}
-  annotations:
-    traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
-    traefik.ingress.kubernetes.io/router.tls: "true"
-spec:
-  entryPoints:
-    - web
-    - websecure
-  routes:
-  - kind: Rule
-    match: Host(`${skaha.hostname}`) && PathPrefix(`/session/notebook/${skaha.sessionid}/`)
-    services:
-    - kind: Service
-      name: skaha-notebook-svc-${skaha.sessionid}
-      port: 8888
-      scheme: http
diff --git a/deployment/helm/skaha/skaha-config/k8s-resources.json b/deployment/helm/skaha/skaha-config/k8s-resources.json
deleted file mode 100644
index cacd7803..00000000
--- a/deployment/helm/skaha/skaha-config/k8s-resources.json
+++ /dev/null
@@ -1,94 +0,0 @@
-{
-  "cores": {
-    "default": 1,
-    "defaultRequest": 1,
-    "defaultLimit": 16,
-    "defaultHeadless": 1,
-    "options": [
-      1,
-      2,
-      3,
-      4,
-      5,
-      6,
-      7,
-      8,
-      9,
-      10,
-      11,
-      12,
-      13,
-      14,
-      15,
-      16
-    ]
-  },
-  "memoryGB": {
-    "default": 2,
-    "defaultRequest": 4,
-    "defaultLimit": 192,
-    "defaultHeadless": 4,
-    "options": [
-      1,
-      2,
-      4,
-      6,
-      8,
-      10,
-      12,
-      14,
-      16,
-      20,
-      24,
-      26,
-      28,
-      30,
-      32,
-      36,
-      40,
-      44,
-      48,
-      56,
-      64,
-      80,
-      92,
-      112,
-      128,
-      140,
-      170,
-      192
-    ]
-  },
-  "gpus": {
-    "options": [
-      1,
-      2,
-      3,
-      4,
-      5,
-      6,
-      7,
-      8,
-      9,
-      10,
-      11,
-      12,
-      13,
-      14,
-      15,
-      16,
-      17,
-      18,
-      19,
-      20,
-      21,
-      22,
-      23,
-      24,
-      25,
-      26,
-      27,
-      28
-    ]
-  }
-}
diff --git a/deployment/helm/skaha/skaha-config/launch-carta.yaml b/deployment/helm/skaha/skaha-config/launch-carta.yaml
deleted file mode 100644
index ff20e725..00000000
--- a/deployment/helm/skaha/skaha-config/launch-carta.yaml
+++ /dev/null
@@ -1,103 +0,0 @@
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  labels:
-    canfar-net-sessionID: "${skaha.sessionid}"
-    canfar-net-sessionName: "${skaha.sessionname}"
-    canfar-net-sessionType: "${skaha.sessiontype}"
-    canfar-net-userid: "${skaha.userid}"
-    kueue.x-k8s.io/queue-name: skaha-workload-queue-interactive
-  name: "${skaha.jobname}"
-spec:
-  parallelism: 1
-  completions: 1
-  activeDeadlineSeconds: ${skaha.sessionexpiry}
-  ttlSecondsAfterFinished: 86400
-  template:
-    metadata:
-      labels:
-        canfar-net-sessionID: "${skaha.sessionid}"
-        canfar-net-sessionName: "${skaha.sessionname}"
-        canfar-net-sessionType: "${skaha.sessiontype}"
-        canfar-net-userid: "${skaha.userid}"
-        job-name: "${skaha.jobname}"
-    spec:
-      automountServiceAccountToken: false
-      enableServiceLinks: false
-      restartPolicy: OnFailure
-      imagePullSecrets:
-        - name: ${software.imagesecret}
-      {{ template "skaha.job.nodeAffinity" . }}
-      securityContext:
-        {{ template "skaha.job.securityContext" . }}
-      priorityClassName: uber-user-preempt-medium
-      hostname: "${software.hostname}"
-      initContainers:
-      {{ template "skaha.job.initContainers" . }}
-      containers:
-      - name: "${skaha.jobname}"
-        env:
-        - name: skaha_hostname
-          value: "${skaha.hostname}"
-        - name: skaha_username
-          value: "${skaha.userid}"
-        - name: skaha_sessionid
-          value: "${skaha.sessionid}"
-        - name: HOME
-          value: "${SKAHA_TLD}/home/${skaha.userid}"
-        - name: PWD
-          value: "${SKAHA_TLD}/home/${skaha.userid}"
-        - name: OMP_NUM_THREADS
-          value: "${software.requests.cores}"
-        securityContext:
-          privileged: false
-          allowPrivilegeEscalation: false
-          capabilities:
-            drop:
-              - ALL
-        image: ${software.imageid}
-        command: ["/bin/sh", "-c"]
-        args:
-        - /skaha-system/skaha-carta.sh ${SKAHA_TLD} ${SKAHA_TLD}/projects
-        imagePullPolicy: IfNotPresent
-        resources:
-          requests:
-            memory: "${software.requests.ram}"
-            cpu: "${software.requests.cores}"
-            ephemeral-storage: "{{ .Values.deployment.skaha.sessions.minEphemeralStorage }}"
-          limits:
-            memory: "${software.limits.ram}"
-            cpu: "${software.limits.cores}"
-            ephemeral-storage: "{{ .Values.deployment.skaha.sessions.maxEphemeralStorage }}"
-        ports:
-        - containerPort: 5901
-          protocol: TCP
-          name: websocket-port
-        - containerPort: 6901
-          protocol: TCP
-          name: frontend-port
-        volumeMounts:
-        - mountPath: "/skaha-system"
-          name: start-carta
-        - mountPath: "/etc/passwd"
-          name: etc-passwd
-          subPath: passwd
-        - mountPath: "/etc/group"
-          name: etc-group
-          subPath: group
-        {{ template "skaha.session.commonVolumeMounts" . }}
-      volumes:
-      - name: etc-group
-        emptyDir: { }
-      - name: etc-passwd
-        emptyDir: { }
-      - name: start-carta
-        configMap:
-          name: launch-scripts
-          defaultMode: 0777
-      - name: init-users-groups
-        configMap:
-          name: init-users-groups-config
-          defaultMode: 0777
-      {{ template "skaha.session.commonVolumes" . }}
diff --git a/deployment/helm/skaha/skaha-config/launch-contributed.yaml b/deployment/helm/skaha/skaha-config/launch-contributed.yaml
deleted file mode 100644
index 498dfa2b..00000000
--- a/deployment/helm/skaha/skaha-config/launch-contributed.yaml
+++ /dev/null
@@ -1,98 +0,0 @@
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  labels:
-    canfar-net-sessionID: "${skaha.sessionid}"
-    canfar-net-sessionName: "${skaha.sessionname}"
-    canfar-net-sessionType: "${skaha.sessiontype}"
-    canfar-net-userid: "${skaha.userid}"
-    kueue.x-k8s.io/queue-name: skaha-workload-queue-interactive
-  name: "${skaha.jobname}"
-spec:
-  parallelism: 1
-  completions: 1
-  activeDeadlineSeconds: ${skaha.sessionexpiry}
-  ttlSecondsAfterFinished: 86400
-  template:
-    metadata:
-      labels:
-        canfar-net-sessionID: "${skaha.sessionid}"
-        canfar-net-sessionName: "${skaha.sessionname}"
-        canfar-net-sessionType: "${skaha.sessiontype}"
-        canfar-net-userid: "${skaha.userid}"
-        job-name: "${skaha.jobname}"
-    spec:
-      automountServiceAccountToken: false
-      enableServiceLinks: false
-      restartPolicy: OnFailure
-      imagePullSecrets:
-        - name: ${software.imagesecret}
-      {{ template "skaha.job.nodeAffinity" . }}
-      securityContext:
-        {{ template "skaha.job.securityContext" . }}
-      priorityClassName: uber-user-preempt-medium
-      hostname: "${software.hostname}"
-      initContainers:
-      {{ template "skaha.job.initContainers" . }}
-      containers:
-      - name: "${skaha.jobname}"
-        env:
-        - name: skaha_hostname
-          value: "${skaha.hostname}"
-        - name: skaha_username
-          value: "${skaha.userid}"
-        - name: skaha_sessionid
-          value: "${skaha.sessionid}"
-        - name: HOME
-          value: "${SKAHA_TLD}/home/${skaha.userid}"
-        - name: PWD
-          value: "${SKAHA_TLD}/home/${skaha.userid}"
-        - name: JULIA_NUM_THREADS
-          value: "${software.requests.cores}"
-        - name: OPENBLAS_NUM_THREADS
-          value: "${software.requests.cores}"
-        - name: MKL_NUM_THREADS
-          value: "${software.requests.cores}"
-        - name: OMP_NUM_THREADS
-          value: "${software.requests.cores}"
-        image: ${software.imageid}
-        imagePullPolicy: IfNotPresent
-        resources:
-          requests:
-            memory: "${software.requests.ram}"
-            cpu: "${software.requests.cores}"
-            ephemeral-storage: "{{ .Values.deployment.skaha.sessions.minEphemeralStorage }}"
-          limits:
-            memory: "${software.limits.ram}"
-            cpu: "${software.limits.cores}"
-            ${software.limits.gpus}
-            ephemeral-storage: "{{ .Values.deployment.skaha.sessions.maxEphemeralStorage }}"
-        ports:
-        - containerPort: 5000
-          protocol: TCP
-          name: main-port
-        volumeMounts:
-        - mountPath: "/etc/passwd"
-          name: etc-passwd
-          subPath: passwd
-        - mountPath: "/etc/group"
-          name: etc-group
-          subPath: group
-        {{ template "skaha.session.commonVolumeMounts" . }}
-        securityContext:
-          privileged: false
-          allowPrivilegeEscalation: false
-          capabilities:
-            drop:
-              - ALL
-      volumes:
-      - name: etc-group
-        emptyDir: { }
-      - name: etc-passwd
-        emptyDir: { }
-      - name: init-users-groups
-        configMap:
-          name: init-users-groups-config
-          defaultMode: 0777
-      {{ template "skaha.session.commonVolumes" . }}
diff --git a/deployment/helm/skaha/skaha-config/launch-desktop-app.yaml b/deployment/helm/skaha/skaha-config/launch-desktop-app.yaml
deleted file mode 100644
index 01fa72a6..00000000
--- a/deployment/helm/skaha/skaha-config/launch-desktop-app.yaml
+++ /dev/null
@@ -1,103 +0,0 @@
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  labels:
-    canfar-net-sessionID: "${skaha.sessionid}"
-    canfar-net-sessionType: "${skaha.sessiontype}"
-    canfar-net-appID: "${software.appid}"
-    canfar-net-userid: "${skaha.userid}"
-    kueue.x-k8s.io/queue-name: skaha-workload-queue-interactive
-  name: "${software.jobname}"
-spec:
-  parallelism: 1
-  completions: 1
-  activeDeadlineSeconds: ${skaha.sessionexpiry}
-  ttlSecondsAfterFinished: 86400
-  template:
-    metadata:
-      labels:
-        canfar-net-sessionID: "${skaha.sessionid}"
-        canfar-net-appID: "${software.appid}"
-        canfar-net-sessionType: "${skaha.sessiontype}"
-        canfar-net-userid: "${skaha.userid}"
-        job-name: "${software.jobname}"
-    spec:
-      automountServiceAccountToken: false
-      enableServiceLinks: false
-      restartPolicy: OnFailure
-      imagePullSecrets:
-        - name: ${software.imagesecret}
-      {{ template "skaha.job.nodeAffinity" . }}
-      securityContext:
-        {{ template "skaha.job.securityContext" . }}
-      priorityClassName: uber-user-preempt-medium
-      hostname: "${software.hostname}"
-      initContainers:
-      {{ template "skaha.job.initContainers" . }}
-      containers:
-      - name: "${software.containername}"
-        command: ["/skaha-system/start-desktop-software.sh"]
-        args:
-        - ${skaha.userid}
-        - ${software.containerparam}
-        env:
-        - name: skaha_sessionid
-          value: "${skaha.sessionid}"
-        - name: HOME
-          value: "${SKAHA_TLD}/home/${skaha.userid}"
-        - name: DISPLAY
-          value: "${software.targetip}"
-        - name: GDK_SYNCHRONIZE
-          value: "1"
-        - name: SHELL
-          value: "/bin/bash"
-        - name: PWD
-          value: "${SKAHA_TLD}/home/${skaha.userid}"
-        - name: OMP_NUM_THREADS
-          value: "${software.requests.cores}"
-        securityContext:
-          privileged: false
-          allowPrivilegeEscalation: false
-          capabilities:
-            drop:
-              - ALL
-        image: "${software.imageid}"
-        workingDir: "${SKAHA_TLD}/home/${skaha.userid}"
-        imagePullPolicy: IfNotPresent
-        resources:
-          requests:
-            memory: "${software.requests.ram}"
-            cpu: "${software.requests.cores}"
-            ephemeral-storage: "{{ .Values.deployment.skaha.sessions.minEphemeralStorage }}"
-          limits:
-            memory: "${software.limits.ram}"
-            cpu: "${software.limits.cores}"
-            ephemeral-storage: "{{ .Values.deployment.skaha.sessions.maxEphemeralStorage }}"
-        ports:
-        - containerPort: 6000
-          protocol: TCP
-        volumeMounts:
-        - mountPath: "/etc/passwd"
-          name: etc-passwd
-          subPath: passwd
-        - mountPath: "/etc/group"
-          name: etc-group
-          subPath: group
-        - mountPath: "/skaha-system"
-          name: start-desktop-software
-        {{ template "skaha.session.commonVolumeMounts" . }}
-      volumes:
-      - name: etc-group
-        emptyDir: { }
-      - name: etc-passwd
-        emptyDir: { }
-      - name: start-desktop-software
-        configMap:
-          name: launch-scripts
-          defaultMode: 0777
-      - name: init-users-groups
-        configMap:
-          name: init-users-groups-config
-          defaultMode: 0777
-      {{ template "skaha.session.commonVolumes" . }}
diff --git a/deployment/helm/skaha/skaha-config/launch-desktop.yaml b/deployment/helm/skaha/skaha-config/launch-desktop.yaml
deleted file mode 100644
index 7fa1af74..00000000
--- a/deployment/helm/skaha/skaha-config/launch-desktop.yaml
+++ /dev/null
@@ -1,113 +0,0 @@
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  labels:
-    canfar-net-sessionID: "${skaha.sessionid}"
-    canfar-net-sessionName: "${skaha.sessionname}"
-    canfar-net-sessionType: "${skaha.sessiontype}"
-    canfar-net-userid: "${skaha.userid}"
-    kueue.x-k8s.io/queue-name: skaha-workload-queue-interactive
-  name: "${skaha.jobname}"
-spec:
-  parallelism: 1
-  completions: 1
-  activeDeadlineSeconds: ${skaha.sessionexpiry}
-  ttlSecondsAfterFinished: 86400
-  template:
-    metadata:
-      labels:
-        canfar-net-sessionID: "${skaha.sessionid}"
-        canfar-net-sessionName: "${skaha.sessionname}"
-        canfar-net-sessionType: "${skaha.sessiontype}"
-        canfar-net-userid: "${skaha.userid}"
-        job-name: "${skaha.jobname}"
-    spec:
-      automountServiceAccountToken: false
-      enableServiceLinks: false
-      restartPolicy: OnFailure
-      imagePullSecrets:
-        - name: ${software.imagesecret}
-      {{ template "skaha.job.nodeAffinity" . }}
-      securityContext:
-        {{ template "skaha.job.securityContext" . }}
-      priorityClassName: uber-user-preempt-medium
-      hostname: "${software.hostname}"
-      initContainers:
-      {{ template "skaha.job.initContainers" . }}
-      containers:
-      - name: "${skaha.jobname}"
-        command: ["/skaha-system/start-desktop.sh"]
-        args:
-        - ${skaha.hostname}
-        env:
-        - name: HOME
-          value: "${SKAHA_TLD}/home/${skaha.userid}"
-        - name: VNC_PW
-          value: "${skaha.sessionid}"
-        - name: skaha_hostname
-          value: "${skaha.hostname}"
-        - name: skaha_username
-          value: "${skaha.userid}"
-        - name: skaha_sessionid
-          value: "${skaha.sessionid}"
-        - name: MOZ_FORCE_DISABLE_E10S
-          value: "1"
-        - name: SKAHA_API_VERSION
-          value: "v0"  
-        - name: DESKTOP_SESSION_APP_TOKEN
-          value: "${software.desktop.app.token}"
-        securityContext:
-          privileged: false
-          allowPrivilegeEscalation: false
-          capabilities:
-            drop:
-              - ALL
-        image: ${software.imageid}
-        imagePullPolicy: IfNotPresent
-        resources:
-          requests:
-            memory: "1Gi"
-            cpu: "250m"
-            ephemeral-storage: "2Gi"
-          limits:
-            memory: "4Gi"
-            cpu: "1"
-            ephemeral-storage: "10Gi"
-        ports:
-        - containerPort: 5901
-          protocol: TCP
-          name: vnc-port
-        - containerPort: 6901
-          protocol: TCP
-          name: novnc-port
-        volumeMounts:
-        - mountPath: "/etc/passwd"
-          name: etc-passwd
-          subPath: passwd
-        - mountPath: "/etc/group"
-          name: etc-group
-          subPath: group
-        - mountPath: "/desktopstartup"
-          name: templates
-        - mountPath: "/skaha-system"
-          name: start-desktop
-        {{ template "skaha.session.commonVolumeMounts" . }}
-      volumes:
-      - name: etc-group
-        emptyDir: { }
-      - name: etc-passwd
-        emptyDir: { }
-      - name: start-desktop
-        configMap:
-          name: launch-scripts
-          defaultMode: 0777
-      - name: templates
-        configMap:
-          name: templates
-          defaultMode: 0777
-      - name: init-users-groups
-        configMap:
-          name: init-users-groups-config
-          defaultMode: 0777
-      {{ template "skaha.session.commonVolumes" . }}
diff --git a/deployment/helm/skaha/skaha-config/launch-headless.yaml b/deployment/helm/skaha/skaha-config/launch-headless.yaml
deleted file mode 100644
index 872f0fb7..00000000
--- a/deployment/helm/skaha/skaha-config/launch-headless.yaml
+++ /dev/null
@@ -1,90 +0,0 @@
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  labels:
-    canfar-net-sessionID: "${skaha.sessionid}"
-    canfar-net-sessionName: "${skaha.sessionname}"
-    canfar-net-sessionType: "${skaha.sessiontype}"
-    canfar-net-userid: "${skaha.userid}"
-    kueue.x-k8s.io/queue-name: skaha-workload-queue-headless
-  name: "${skaha.jobname}"
-spec:
-  parallelism: 1
-  completions: 1
-  activeDeadlineSeconds: 1209600
-  ttlSecondsAfterFinished: 3600
-  backoffLimit: 0
-  template:
-    metadata:
-      labels:
-        canfar-net-sessionID: "${skaha.sessionid}"
-        canfar-net-sessionName: "${skaha.sessionname}"
-        canfar-net-sessionType: "${skaha.sessiontype}"
-        canfar-net-userid: "${skaha.userid}"
-        job-name: "${skaha.jobname}"
-    spec:
-      automountServiceAccountToken: false
-      enableServiceLinks: false
-      restartPolicy: Never
-      imagePullSecrets:
-        - name: ${software.imagesecret}
-      {{ template "skaha.job.nodeAffinity" . }}
-      hostname: "${software.hostname}"
-      initContainers:
-      {{ template "skaha.job.initContainers" . }}
-      securityContext:
-        {{ template "skaha.job.securityContext" . }}
-      ${headless.priority}
-      containers:
-      - name: "${skaha.jobname}"
-        # image and start of the 'env' label comes from the image bundle
-        ${headless.image.bundle}
-        - name: skaha_hostname
-          value: "${skaha.hostname}"
-        - name: skaha_username
-          value: "${skaha.userid}"
-        - name: skaha_sessionid
-          value: "${skaha.sessionid}"
-        - name: HOME
-          value: "${SKAHA_TLD}/home/${skaha.userid}"
-        - name: PWD
-          value: "${SKAHA_TLD}/home/${skaha.userid}"
-        - name: OMP_NUM_THREADS
-          value: "${software.requests.cores}"
-        securityContext:
-          privileged: false
-          allowPrivilegeEscalation: false
-          capabilities:
-            drop:
-              - ALL
-        workingDir: "${SKAHA_TLD}/home/${skaha.userid}"
-        imagePullPolicy: IfNotPresent
-        resources:
-          requests:
-            memory: "${software.requests.ram}"
-            cpu: "${software.requests.cores}"
-            ephemeral-storage: "{{ .Values.deployment.skaha.sessions.minEphemeralStorage }}"
-          limits:
-            memory: "${software.limits.ram}"
-            cpu: "${software.limits.cores}"
-            ${software.limits.gpus}
-            ephemeral-storage: "{{ .Values.deployment.skaha.sessions.maxEphemeralStorage }}"
-        volumeMounts:
-        - mountPath: "/etc/passwd"
-          name: etc-passwd
-          subPath: passwd
-        - mountPath: "/etc/group"
-          name: etc-group
-          subPath: group
-        {{ template "skaha.session.commonVolumeMounts" . }}
-      volumes:
-      - name: etc-group
-        emptyDir: { }
-      - name: etc-passwd
-        emptyDir: { }
-      - name: init-users-groups
-        configMap:
-          name: init-users-groups-config
-          defaultMode: 0777
-      {{ template "skaha.session.commonVolumes" . }}
diff --git a/deployment/helm/skaha/skaha-config/launch-notebook.yaml b/deployment/helm/skaha/skaha-config/launch-notebook.yaml
deleted file mode 100644
index 5c7f1436..00000000
--- a/deployment/helm/skaha/skaha-config/launch-notebook.yaml
+++ /dev/null
@@ -1,127 +0,0 @@
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  labels:
-    canfar-net-sessionID: "${skaha.sessionid}"
-    canfar-net-sessionName: "${skaha.sessionname}"
-    canfar-net-sessionType: "${skaha.sessiontype}"
-    canfar-net-userid: "${skaha.userid}"
-    kueue.x-k8s.io/queue-name: skaha-workload-queue-interactive
-  name: "${skaha.jobname}"
-spec:
-  parallelism: 1
-  completions: 1
-  activeDeadlineSeconds: ${skaha.sessionexpiry}
-  ttlSecondsAfterFinished: 86400
-  template:
-    metadata:
-      labels:
-        canfar-net-sessionID: "${skaha.sessionid}"
-        canfar-net-sessionName: "${skaha.sessionname}"
-        canfar-net-sessionType: "${skaha.sessiontype}"
-        canfar-net-userid: "${skaha.userid}"
-        job-name: "${skaha.jobname}"
-    spec:
-      automountServiceAccountToken: false
-      enableServiceLinks: false
-      restartPolicy: OnFailure
-      imagePullSecrets:
-        - name: ${software.imagesecret}
-      {{ template "skaha.job.nodeAffinity" . }}
-      securityContext:
-        {{ template "skaha.job.securityContext" . }}
-      priorityClassName: uber-user-preempt-medium
-      hostname: "${software.hostname}"
-      initContainers:
-      {{ template "skaha.job.initContainers" . }}
-      containers:
-      - name: "${skaha.jobname}"
-        env:
-        - name: skaha_hostname
-          value: "${skaha.hostname}"
-        - name: skaha_username
-          value: "${skaha.userid}"
-        - name: skaha_sessionid
-          value: "${skaha.sessionid}"
-        - name: JUPYTER_TOKEN
-          value: "${skaha.sessionid}"
-        - name: JUPYTER_CONFIG_DIR
-          value: "${SKAHA_TLD}/home/${skaha.userid}/.jupyter/"
-        - name: JUPYTER_DATA_DIR
-          value: "${SKAHA_TLD}/home/${skaha.userid}/.local/share/jupyter/"
-        - name: JUPYTER_RUNTIME_DIR
-          value: "${SKAHA_TLD}/home/${skaha.userid}/.local/share/jupyter/runtime/"
-        - name: JUPYTER_PATH
-          value: "${SKAHA_TLD}/home/${skaha.userid}/.jupyter/"
-        - name: JUPYTERLAB_WORKSPACES_DIR
-          value: "${SKAHA_TLD}/home/${skaha.userid}/.jupyter/lab/workspaces/"
-        - name: JUPYTERLAB_SETTINGS_DIR
-          value: "${SKAHA_TLD}/home/${skaha.userid}/.jupyter/lab/user-settings/"
-        - name: NB_USER
-          value: "${skaha.userid}"
-        - name: NB_UID
-          value: "${skaha.posixid}"
-        - name: HOME
-          value: "${SKAHA_TLD}/home/${skaha.userid}"
-        - name: PWD
-          value: "${SKAHA_TLD}/home/${skaha.userid}"
-        - name: XDG_CACHE_HOME
-          value: "${SKAHA_TLD}/home/${skaha.userid}"
-        - name: JULIA_NUM_THREADS
-          value: "${software.requests.cores}"
-        - name: OPENBLAS_NUM_THREADS
-          value: "${software.requests.cores}"
-        - name: MKL_NUM_THREADS
-          value: "${software.requests.cores}"
-        - name: OMP_NUM_THREADS
-          value: "${software.requests.cores}"
-        image: ${software.imageid}
-        command: ["/skaha-system/start-jupyterlab.sh"]
-        args:
-        - ${skaha.sessionid}
-        imagePullPolicy: IfNotPresent
-        resources:
-          requests:
-            memory: "${software.requests.ram}"
-            cpu: "${software.requests.cores}"
-            ephemeral-storage: "{{ .Values.deployment.skaha.sessions.minEphemeralStorage }}"
-          limits:
-            memory: "${software.limits.ram}"
-            cpu: "${software.limits.cores}"
-            ${software.limits.gpus}
-            ephemeral-storage: "{{ .Values.deployment.skaha.sessions.maxEphemeralStorage }}"
-        ports:
-        - containerPort: 8888
-          protocol: TCP
-          name: notebook-port
-        volumeMounts:
-        - mountPath: "/etc/passwd"
-          name: etc-passwd
-          subPath: passwd
-        - mountPath: "/etc/group"
-          name: etc-group
-          subPath: group
-        - mountPath: "/skaha-system"
-          name: start-jupyterlab
-        {{ template "skaha.session.commonVolumeMounts" . }}
-        securityContext:
-          privileged: false
-          allowPrivilegeEscalation: false
-          capabilities:
-            drop:
-              - ALL
-      volumes:
-      - name: etc-group
-        emptyDir: { }
-      - name: etc-passwd
-        emptyDir: { }
-      - name: start-jupyterlab
-        configMap:
-          name: launch-scripts
-          defaultMode: 0777
-      - name: init-users-groups
-        configMap:
-          name: init-users-groups-config
-          defaultMode: 0777
-      {{ template "skaha.session.commonVolumes" . }}
diff --git a/deployment/helm/skaha/skaha-config/service-carta.yaml b/deployment/helm/skaha/skaha-config/service-carta.yaml
deleted file mode 100644
index 35a3a790..00000000
--- a/deployment/helm/skaha/skaha-config/service-carta.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: skaha-carta-svc-${skaha.sessionid}
-  labels:
-    run: skaha-carta-svc-${skaha.sessionid}
-spec:
-  ports:
-  - port: 6901
-    protocol: TCP
-    name: http-connection
-  - port: 5901
-    protocol: TCP
-    name: socket-connection
-  selector:
-    canfar-net-sessionID: ${skaha.sessionid}
diff --git a/deployment/helm/skaha/skaha-config/service-contributed.yaml b/deployment/helm/skaha/skaha-config/service-contributed.yaml
deleted file mode 100644
index 0c74723b..00000000
--- a/deployment/helm/skaha/skaha-config/service-contributed.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: skaha-contributed-svc-${skaha.sessionid}
-  labels:
-    run: skaha-contributed-svc-${skaha.sessionid}
-spec:
-  ports:
-  - port: 5000
-    protocol: TCP
-    name: http-connection
-  selector:
-    canfar-net-sessionID: ${skaha.sessionid}
diff --git a/deployment/helm/skaha/skaha-config/service-desktop.yaml b/deployment/helm/skaha/skaha-config/service-desktop.yaml
deleted file mode 100644
index 1e27de7f..00000000
--- a/deployment/helm/skaha/skaha-config/service-desktop.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: skaha-desktop-svc-${skaha.sessionid}
-  labels:
-    run: skaha-desktop-svc-${skaha.sessionid}
-spec:
-  ports:
-  - port: 6901
-    protocol: TCP
-    name: http-connection
-  selector:
-    canfar-net-sessionID: ${skaha.sessionid}
-    canfar-net-sessionType: desktop
diff --git a/deployment/helm/skaha/skaha-config/service-notebook.yaml b/deployment/helm/skaha/skaha-config/service-notebook.yaml
deleted file mode 100644
index df934de7..00000000
--- a/deployment/helm/skaha/skaha-config/service-notebook.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: skaha-notebook-svc-${skaha.sessionid}
-  labels:
-    run: skaha-notebook-svc-${skaha.sessionid}
-spec:
-  ports:
-  - port: 8888
-    protocol: TCP
-    name: notebook-port
-  selector:
-    canfar-net-sessionID: ${skaha.sessionid}
diff --git a/deployment/helm/skaha/templates/_helpers.tpl b/deployment/helm/skaha/templates/_helpers.tpl
deleted file mode 100644
index c344c05d..00000000
--- a/deployment/helm/skaha/templates/_helpers.tpl
+++ /dev/null
@@ -1,140 +0,0 @@
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "skaha.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "skaha.fullname" -}}
-{{- if .Values.fullnameOverride }}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- $name := default .Chart.Name .Values.nameOverride }}
-{{- if contains $name .Release.Name }}
-{{- .Release.Name | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "skaha.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Common labels
-*/}}
-{{- define "skaha.labels" -}}
-helm.sh/chart: {{ include "skaha.chart" . }}
-{{ include "skaha.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end }}
-
-{{/*
-Selector labels
-*/}}
-{{- define "skaha.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "skaha.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}
-
-{{/*
-Create the name of the service account to use
-*/}}
-{{- define "skaha.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create }}
-{{- default (include "skaha.fullname" .) .Values.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.serviceAccount.name }}
-{{- end }}
-{{- end }}
-
-
-{{/*
-USER SESSION TEMPLATE DEFINITIONS
-*/}}
-
-{{/*
-The init containers for the launch scripts.
-*/}}
-{{- define "skaha.job.initContainers" -}}
-      - name: backup-original-passwd-groups
-        image: ${software.imageid}
-        command: ["/bin/sh", "-c", "cp /etc/passwd /etc-passwd/passwd-orig && cp /etc/group /etc-group/group-orig"]
-        volumeMounts:
-        - mountPath: "/etc-passwd"
-          name: etc-passwd
-        - mountPath: "/etc-group"
-          name: etc-group
-        securityContext:
-          privileged: false
-          allowPrivilegeEscalation: false
-          capabilities:
-            drop:
-              - ALL
-      - name: init-users-groups
-        image: redis:7-alpine
-        command: ["/init-users-groups/init-users-groups.sh"]
-        env:
-        - name: HOME
-          value: "${SKAHA_TLD}/home/${skaha.userid}"
-        - name: REDIS_URL
-          value: "redis://{{ .Release.Name }}-redis-master.{{ .Values.skaha.namespace }}.svc.{{ .Values.kubernetesClusterDomain }}:6379"
-        volumeMounts:
-        - mountPath: "/etc-passwd"
-          name: etc-passwd
-        - mountPath: "/etc-group"
-          name: etc-group
-        - mountPath: "/init-users-groups"
-          name: init-users-groups
-        securityContext:
-          privileged: false
-          allowPrivilegeEscalation: false
-          capabilities:
-            drop:
-              - ALL
-{{- with .Values.deployment.extraHosts }}
-      hostAliases:
-{{- range $extraHost := . }}
-        - ip: {{ $extraHost.ip }}
-          hostnames:
-            - {{ $extraHost.hostname }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{/*
-The affinity for Jobs.  This will import the YAML as defined by the user in the deployment.skaha.sessions.nodeAffinity stanza.
-*/}}
-{{- define "skaha.job.nodeAffinity" -}}
-{{- with .Values.deployment.skaha.sessions.nodeAffinity }}
-      affinity:
-        nodeAffinity:
-{{ . | toYaml | indent 10 }}
-{{- end }}
-{{- end }}
-
-{{/*
-Common security context settings for User Session Jobs
-*/}}
-{{- define "skaha.job.securityContext" -}}
-        runAsUser: ${skaha.posixid} 
-        runAsGroup: ${skaha.posixid}
-        fsGroup: ${skaha.posixid}
-        supplementalGroups: [${skaha.supgroups}]
-        runAsNonRoot: true
-        seccompProfile:
-          type: RuntimeDefault
-{{- end }}
diff --git a/deployment/helm/skaha/templates/add-user-config-configmap.yaml b/deployment/helm/skaha/templates/add-user-config-configmap.yaml
deleted file mode 100644
index 41fd129d..00000000
--- a/deployment/helm/skaha/templates/add-user-config-configmap.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: add-user-config
-  namespace: {{ .Values.skaha.namespace }}
-binaryData:
-  casa-config.tar:
-    {{ .Files.Get "add-user-config/casa/casa-config.tar" | b64enc | nindent 4 }}
-data:
-  {{- (.Files.Glob "add-user-config/*").AsConfig | nindent 2 }}
diff --git a/deployment/helm/skaha/templates/desktop-template-configmap.yaml b/deployment/helm/skaha/templates/desktop-template-configmap.yaml
deleted file mode 100644
index 3fe4609a..00000000
--- a/deployment/helm/skaha/templates/desktop-template-configmap.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: templates
-  namespace: {{ .Values.skahaWorkload.namespace }}
-data:
-  {{- (.Files.Glob "desktop-template/*").AsConfig | nindent 2 }}
diff --git a/deployment/helm/skaha/templates/image-caching-cronjob.yaml b/deployment/helm/skaha/templates/image-caching-cronjob.yaml
deleted file mode 100644
index e74a56f9..00000000
--- a/deployment/helm/skaha/templates/image-caching-cronjob.yaml
+++ /dev/null
@@ -1,88 +0,0 @@
-apiVersion: batch/v1
-kind: CronJob
-metadata:
-  namespace: {{ .Values.skaha.namespace }}
-  name: image-caching-cronjob
-spec:
-  schedule: {{ .Values.deployment.skaha.imageCache.refreshSchedule | toString | quote }}
-  jobTemplate:
-    spec:
-      template:
-        spec:
-          securityContext:
-            runAsUser: 999  # redis user
-            runAsGroup: 1000  # redis user group
-            runAsNonRoot: true
-            seccompProfile:
-              type: RuntimeDefault
-          containers:
-            - name: image-caching-cronjob
-              image: images.opencadc.org/platform/skaha-image-cache:7-alpine
-              imagePullPolicy: IfNotPresent
-              command: ["/bin/sh", "-c"]
-              args:
-              - |
-                sh /config/cache-images.sh
-              env:
-                - name: HARBOR_HOST
-                  value: "{{ .Values.deployment.skaha.registryHosts }}"
-                - name: REDIS_HOST
-                  value: "{{ .Release.Name }}-redis-master.{{ .Values.skaha.namespace }}.svc.{{ .Values.kubernetesClusterDomain }}"
-                - name: REDIS_PORT
-                  value: "6379"
-              volumeMounts:
-                - name: config-volume
-                  mountPath: /config
-              securityContext:
-                allowPrivilegeEscalation: false
-                capabilities:
-                  drop:
-                    - ALL
-          restartPolicy: OnFailure
-          volumes:
-          - name: config-volume
-            configMap:
-              name: skaha-config
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  namespace: {{ .Values.skaha.namespace }}
-  name: image-caching-job
-spec:
-  template:
-    spec:
-      securityContext:
-        runAsUser: 999  # redis user
-        runAsGroup: 1000  # redis user group
-        runAsNonRoot: true
-        seccompProfile:
-          type: RuntimeDefault
-      containers:
-        - name: image-caching-job
-          image: images.opencadc.org/platform/skaha-image-cache:7-alpine
-          imagePullPolicy: IfNotPresent
-          command: ["/bin/sh", "-c"]
-          args:
-          - |
-            sh /config/cache-images.sh
-          env:
-            - name: HARBOR_HOST
-              value: "{{ .Values.deployment.skaha.registryHosts }}"
-            - name: REDIS_HOST
-              value: "{{ .Release.Name }}-redis-master.{{ .Values.skaha.namespace }}.svc.{{ .Values.kubernetesClusterDomain }}"
-            - name: REDIS_PORT
-              value: "6379"
-          volumeMounts:
-            - name: config-volume
-              mountPath: /config
-          securityContext:
-            capabilities:
-              drop:
-                - ALL
-            allowPrivilegeEscalation: false
-      restartPolicy: OnFailure
-      volumes:
-      - name: config-volume
-        configMap:
-          name: skaha-config
\ No newline at end of file
diff --git a/deployment/helm/skaha/templates/init-users-groups-configmap.yaml b/deployment/helm/skaha/templates/init-users-groups-configmap.yaml
deleted file mode 100644
index c7de09f9..00000000
--- a/deployment/helm/skaha/templates/init-users-groups-configmap.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: init-users-groups-config
-  namespace: {{ .Values.skahaWorkload.namespace }}
-data:
-  {{- (.Files.Glob "init-users-groups-config/*").AsConfig | nindent 2 }}
diff --git a/deployment/helm/skaha/templates/launch-scripts-configmap.yaml b/deployment/helm/skaha/templates/launch-scripts-configmap.yaml
deleted file mode 100644
index d61e2445..00000000
--- a/deployment/helm/skaha/templates/launch-scripts-configmap.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: launch-scripts
-  namespace: {{ .Values.skahaWorkload.namespace }}
-data:
-  {{- (.Files.Glob "launch-scripts/*").AsConfig | nindent 2 }}
diff --git a/deployment/helm/skaha/templates/session-volumes-mounts.yaml b/deployment/helm/skaha/templates/session-volumes-mounts.yaml
deleted file mode 100644
index cda469b3..00000000
--- a/deployment/helm/skaha/templates/session-volumes-mounts.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- define "skaha.session.commonVolumeMounts" -}}
-        {{- with .Values.deployment.skaha.sessions.extraVolumes }}
-        {{- range . }}
-        - name: {{ .name }}
-          mountPath: {{ .volumeMount.mountPath }}
-          {{- if .volumeMount.subPath }}
-          subPath: {{ .volumeMount.subPath }}
-          {{- end }}
-          {{- if .volumeMount.readOnly }}
-          readOnly: {{ .volumeMount.readOnly }}
-          {{- end }}
-          {{- if .volumeMount.mountPropagation }}
-          mountPropagation: {{ .volumeMount.mountPropagation }}
-          {{- end }}
-        {{- end }}
-        {{- end }}
-        - mountPath: "${SKAHA_TLD}"
-          name: cavern-volume
-          subPath: "cavern"
-        - mountPath: "/scratch"
-          name: scratch-dir
-          subPath: "${skaha.sessionid}"
-{{- end }}
-
-
diff --git a/deployment/helm/skaha/templates/session-volumes.yaml b/deployment/helm/skaha/templates/session-volumes.yaml
deleted file mode 100644
index b40f570e..00000000
--- a/deployment/helm/skaha/templates/session-volumes.yaml
+++ /dev/null
@@ -1,38 +0,0 @@
-{{/**
-TODO: This is likely more complicated than it needs to be, and is technical debt for now.  Deployers
-TODO: could simply declare the appropriate YAML that Kubernetes expects that can simply be inserted here, 
-TODO: rather than mapping it to a separate model and injecting specific values.
-TODO: jenkinsd 2024.09.20
-*/}}
-{{- define "skaha.session.commonVolumes" -}}
-      {{- with .Values.deployment.skaha.sessions.extraVolumes }}
-      {{- range . }}
-      - name: {{ .name }}
-        {{- if eq .volume.type "PVC" }}
-        persistentVolumeClaim:
-          claimName: {{ .volume.name }}
-        {{- else if eq .volume.type "HOST_PATH" }}
-        hostPath:
-          path: {{ .volume.hostPath }}
-          type: {{ .volume.hostPathType }}
-        {{- else if eq .volume.type "CONFIG_MAP" }}
-        configMap:
-          name: {{ .volume.name }}
-          {{- if .volumeMount.defaultMode }}
-          defaultMode: {{ .volume.defaultMode }}
-          {{- end }}
-        {{- else if eq .volume.type "SECRET" }}
-        secret:
-          secretName: {{ .volume.name }}
-          {{- if .volumeMount.defaultMode }}
-          defaultMode: {{ .volume.defaultMode }}
-          {{- end }}
-        {{- end }}
-      {{- end }}
-      {{- end }}
-      - name: cavern-volume
-        persistentVolumeClaim:
-          claimName: skaha-workload-cavern-pvc
-      - name: scratch-dir
-        emptyDir: {}
-{{- end }}
diff --git a/deployment/helm/skaha/templates/skaha-cluster-queues.yaml b/deployment/helm/skaha/templates/skaha-cluster-queues.yaml
deleted file mode 100644
index af3704bc..00000000
--- a/deployment/helm/skaha/templates/skaha-cluster-queues.yaml
+++ /dev/null
@@ -1,36 +0,0 @@
- {{- if .Values.kueue }}
-{{ range $queue, $config := .Values.kueue.clusterQueues }}
-apiVersion: kueue.x-k8s.io/v1beta1
-kind: ClusterQueue
-metadata:
-  name: "{{ $queue }}"
-spec:
-  namespaceSelector: {} # match all.
-  {{ if $config.cohort }}
-  cohort: "{{ $config.cohort }}"
-  {{ end }}
-  resourceGroups:
-  {{- range $resourceGroup := $config.resourceGroups }}
-  - coveredResources:
-    {{- range $resource := $resourceGroup.coveredResources }}
-    - {{ $resource }}
-    {{- end }}
-    flavors:
-    {{- range $flavor, $flavorResource := $resourceGroup.flavors }}
-    - name: "{{ $flavorResource.name }}"
-      resources:
-      {{- range $resource, $resourceQuota := $flavorResource.resources }}
-      - name: "{{ $resourceQuota.name }}"
-        nominalQuota: {{ $resourceQuota.nominalQuota }}
-        {{- if $resourceQuota.borrowingLimit }}
-        borrowingLimit: {{ $resourceQuota.borrowingLimit }}
-        {{- end }}
-        {{- if $resourceQuota.lendingLimit }}
-        lendingLimit: {{ $resourceQuota.lendingLimit }}
-        {{- end }}
-      {{- end }}
-    {{- end }}
-  {{- end }}
----
-{{ end }}
-{{- end }}
\ No newline at end of file
diff --git a/deployment/helm/skaha/templates/skaha-config-configmap.yaml b/deployment/helm/skaha/templates/skaha-config-configmap.yaml
deleted file mode 100644
index 66a7f803..00000000
--- a/deployment/helm/skaha/templates/skaha-config-configmap.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-{{ $currContext := . }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: skaha-config
-  namespace: {{ .Values.skaha.namespace }}
-data:
-{{ tpl ($.Files.Glob "config/*").AsConfig . | indent 2 }}
-{{ range $path, $_ :=  $.Files.Glob "skaha-config/*.yaml" }}
-  {{ base $path }}: |
-  {{- tpl ($.Files.Get $path) $currContext | nindent 4 }}
-{{ end }}
-{{ ($.Files.Glob "skaha-config/*.json").AsConfig | indent 2 }}
-{{- include "utils.extraConfig" (dict "extraConfigData" .Values.deployment.skaha.extraConfigData) -}}
-{{- (.Files.Glob "image-cache/*").AsConfig | nindent 2 }}
diff --git a/deployment/helm/skaha/templates/skaha-ingress.yaml b/deployment/helm/skaha/templates/skaha-ingress.yaml
deleted file mode 100644
index 25bdee7c..00000000
--- a/deployment/helm/skaha/templates/skaha-ingress.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: skaha-ingress
-  namespace: {{ .Values.skaha.namespace }}
-  annotations:
-    spec.ingressClassName: traefik
-spec:
-  rules:
-  - host: {{ .Values.deployment.hostname }}
-    http:
-      paths:
-      - path: /skaha
-        pathType: Prefix
-        backend:
-          service:
-            name: skaha-tomcat-svc
-            port:
-              number: 8080
diff --git a/deployment/helm/skaha/templates/skaha-local-queues.yaml b/deployment/helm/skaha/templates/skaha-local-queues.yaml
deleted file mode 100644
index b79faea2..00000000
--- a/deployment/helm/skaha/templates/skaha-local-queues.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
- {{- if .Values.kueue }}
-{{ range $queue, $config := .Values.kueue.localQueues }}
-apiVersion: kueue.x-k8s.io/v1beta1
-kind: LocalQueue
-metadata:
-  namespace: {{ $config.namespace }}
-  name: {{ $queue }}
-spec:
-  clusterQueue: {{ $config.clusterQueue }}
----
-{{ end }}
-{{- end }}
\ No newline at end of file
diff --git a/deployment/helm/skaha/templates/skaha-resource-flavors.yaml b/deployment/helm/skaha/templates/skaha-resource-flavors.yaml
deleted file mode 100644
index fab07e64..00000000
--- a/deployment/helm/skaha/templates/skaha-resource-flavors.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
- {{- if .Values.kueue }}
-{{ range $flavor, $config := .Values.kueue.resourceFlavors }}
-apiVersion: kueue.x-k8s.io/v1beta1
-kind: ResourceFlavor
-metadata:
-  name: {{ $config.name }}
-{{- if $config.nodeLabels}}
-spec:
-  nodeLabels:
-{{ toYaml $config.nodeLabels | indent 4 }}
-{{- end}}
----
-{{ end }}
-{{- end}}
\ No newline at end of file
diff --git a/deployment/helm/skaha/templates/skaha-secrets.yaml b/deployment/helm/skaha/templates/skaha-secrets.yaml
deleted file mode 100644
index d9b16310..00000000
--- a/deployment/helm/skaha/templates/skaha-secrets.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-{{- range $secretIndex, $secretName := .Values.secrets }}
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ $secretIndex }}
-  namespace: {{ $.Values.skaha.namespace }}
-type: Opaque
-data:
-  {{- range $certKey, $certValue := . }}
-    {{ $certKey }}: {{ $certValue | quote }}
-  {{- end }}
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ $secretIndex }}
-  namespace: {{ $.Values.skahaWorkload.namespace }}
-type: Opaque
-data:
-  {{- range $certKey, $certValue := . }}
-    {{ $certKey }}: {{ $certValue | quote }}
-  {{- end }}
-{{- end }}
diff --git a/deployment/helm/skaha/templates/skaha-tomcat-deployment.yaml b/deployment/helm/skaha/templates/skaha-tomcat-deployment.yaml
deleted file mode 100644
index 1b277729..00000000
--- a/deployment/helm/skaha/templates/skaha-tomcat-deployment.yaml
+++ /dev/null
@@ -1,136 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  labels:
-    run: skaha-tomcat
-  name: skaha-tomcat
-  namespace: {{ .Values.skaha.namespace }}
-spec:
-  replicas: {{ default 1 .Values.replicaCount }}
-  selector:
-    matchLabels:
-      run: skaha-tomcat
-  template:
-    metadata:
-      creationTimestamp: null
-      labels:
-        run: skaha-tomcat
-    spec:
-{{- with .Values.deployment.skaha.nodeAffinity }}
-      affinity:
-        nodeAffinity:
-{{ . | toYaml | indent 10 }}
-{{- end }}
-      securityContext:
-        seccompProfile:
-          type: RuntimeDefault
-      initContainers:
-      - name: init-skaha-service
-        image: busybox
-        imagePullPolicy: IfNotPresent
-        command: ['sh', '-c', 'mkdir -p ${SKAHA_TLD}/home && mkdir -p ${SKAHA_TLD}/projects']  # Expected to have /arc mounted
-        volumeMounts:
-        - mountPath: "{{ .Values.deployment.skaha.skahaTld }}"
-          name: cavern-volume
-          subPath: cavern
-        env:
-        - name: SKAHA_TLD
-          value: "{{ .Values.deployment.skaha.skahaTld }}"
-        securityContext:
-          allowPrivilegeEscalation: false
-      containers:
-      - env: 
-        - name: skaha.hostname
-          value: "{{ .Values.deployment.hostname }}"
-        - name: SKAHA_TLD
-          value: "{{ .Values.deployment.skaha.skahaTld }}"
-        - name: GPU_ENABLED
-          value: "{{ .Values.deployment.skaha.sessions.gpuEnabled | default "false" }}"
-        - name: skaha.homedir
-          value: "{{ .Values.deployment.skaha.skahaTld }}/home"
-        - name: skaha.namespace
-          value: "{{ .Values.skahaWorkload.namespace }}"
-        - name: skaha.maxusersessions
-          value: "{{ .Values.deployment.skaha.sessions.maxCount }}"
-        - name: skaha.sessionexpiry
-          value: "{{ .Values.deployment.skaha.sessions.expirySeconds }}"
-        - name: skaha.defaultquotagb
-          value: "{{ .Values.deployment.skaha.defaultQuotaGB }}"
-        - name: skaha.harborhosts
-          value: "{{ .Values.deployment.skaha.registryHosts }}"
-        - name: skaha.usersgroup
-          value: "{{ .Values.deployment.skaha.usersGroup }}"
-        - name: skaha.headlessgroup
-          value: "{{ .Values.deployment.skaha.headlessGroup }}"
-        {{- with .Values.deployment.skaha.headlessPriorityGroup }}
-        - name: skaha.headlessprioritygroup
-          value: "{{ . }}"
-        {{- end }}
-        {{- with .Values.deployment.skaha.headlessPriorityClass }}
-        - name: skaha.headlesspriortyclass
-          value: "{{ . }}"
-        {{- end }}
-        - name: skaha.adminsgroup
-          value: "{{ .Values.deployment.skaha.adminsGroup }}"
-        - name: skaha.posixmapper.resourceid
-          value: "{{ .Values.deployment.skaha.posixMapperResourceID }}"
-        - name: REDIS_HOST
-          value: "{{ .Release.Name }}-redis-master.{{ .Values.skaha.namespace }}.svc.{{ .Values.kubernetesClusterDomain }}"
-        - name: REDIS_PORT
-          value: "6379"
-        {{- with .Values.deployment.skaha.extraEnv }}
-        {{- toYaml . | nindent 8 }}
-        {{- end }}
-        image: {{ .Values.deployment.skaha.image }}
-        imagePullPolicy: {{ .Values.deployment.skaha.imagePullPolicy }}
-        name: skaha-tomcat
-        resources:
-          requests:
-            memory: {{ .Values.deployment.skaha.resources.requests.memory }}
-            cpu: {{ .Values.deployment.skaha.resources.requests.cpu }}
-          limits:
-            memory: {{ .Values.deployment.skaha.resources.limits.memory }}
-            cpu: {{ .Values.deployment.skaha.resources.limits.cpu }}
-        ports: 
-        - containerPort: 8080
-          protocol: TCP
-        {{- with .Values.deployment.skaha.extraPorts }}
-        {{- toYaml . | nindent 8 }}
-        {{- end }}
-        volumeMounts:
-        - mountPath: "/config"
-          name: config-volume
-        - mountPath: "/add-user-config"
-          name: add-user-config
-        - mountPath: "{{ .Values.deployment.skaha.skahaTld }}"
-          name: cavern-volume
-          # This subpath needs to match the subpath in Cavern's deployment.  If that one is configurable, so must this one be!
-          subPath: cavern
-        {{- with .Values.deployment.skaha.extraVolumeMounts }}
-        {{- toYaml . | nindent 8 }}
-        {{- end }}
-        securityContext:
-          runAsUser: 0
-          allowPrivilegeEscalation: false
-{{- with .Values.deployment.extraHosts }}
-      hostAliases:
-{{- range $extraHost := . }}
-        - ip: {{ $extraHost.ip }}
-          hostnames:
-            - {{ $extraHost.hostname }}
-{{- end }}
-{{- end }}
-      priorityClassName: {{ .Values.deployment.skaha.priorityClassName }}
-      serviceAccountName: {{ .Values.deployment.skaha.serviceAccountName }}
-      volumes:
-      - name: config-volume
-        configMap:
-          name: skaha-config
-      - name: add-user-config
-        configMap:
-          name: add-user-config
-      - name: cavern-volume
-        {{- toYaml .Values.storage.service.spec | nindent 8 }}
-      {{- with .Values.deployment.skaha.extraVolumes }}
-      {{- toYaml . | nindent 6 }}
-      {{- end }}
diff --git a/deployment/helm/skaha/templates/skaha-tomcat-expose.yaml b/deployment/helm/skaha/templates/skaha-tomcat-expose.yaml
deleted file mode 100644
index 932ca0b7..00000000
--- a/deployment/helm/skaha/templates/skaha-tomcat-expose.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: skaha-tomcat-svc
-  namespace: {{ .Values.skaha.namespace }}
-  labels:
-    run: skaha-tomcat-svc
-spec:
-  ports: 
-  - port: 8080
-    name: http-connection
-    protocol: TCP
-  - port: 80
-    targetPort: 8080
-    name: http-connection-automatic
-    protocol: TCP  
-  {{ with .Values.service }}
-    {{ with .skaha }}
-      {{ with .extraPorts }}
-  {{- toYaml . | nindent 2 }}
-      {{- end }}
-    {{- end }}
-  {{- end }}
-  selector:
-    run: skaha-tomcat
diff --git a/deployment/helm/skaha/templates/tests/test-connection.yaml b/deployment/helm/skaha/templates/tests/test-connection.yaml
deleted file mode 100644
index 1180cc38..00000000
--- a/deployment/helm/skaha/templates/tests/test-connection.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
-  name: "{{ include "skaha.fullname" . }}-test-connection"
-  labels:
-    {{- include "skaha.labels" . | nindent 4 }}
-  annotations:
-    "helm.sh/hook": test
-spec:
-  containers:
-    - name: wget
-      image: busybox
-      command: ['wget']
-      args: ['{{ include "skaha.fullname" . }}:8080']
-  restartPolicy: Never
diff --git a/deployment/helm/skaha/values.yaml b/deployment/helm/skaha/values.yaml
deleted file mode 100644
index 6c83afb0..00000000
--- a/deployment/helm/skaha/values.yaml
+++ /dev/null
@@ -1,207 +0,0 @@
-kubernetesClusterDomain: cluster.local
-
-# Default values for skaha.
-# This is a YAML-formatted file.
-# Declare variables to be passed into your templates.
-
-# Tell Kubernetes to spin up multiple instances.  Defaults to 1.
-replicaCount: 1
-
-# It's best to keep these set as such, unless you're willing to change these in several places.
-skaha:
-  namespace: skaha-system
-skahaWorkload:
-  namespace: skaha-workload
-
-# Skaha web service deployment
-deployment:
-  hostname: myhost.example.com  # Change this!
-  skaha:
-    image: images.opencadc.org/platform/skaha:0.23.1
-    imagePullPolicy: Always
-
-    # Cron string for the image caching cron job schedule. Defaults to every minute.
-    imageCache:
-      refreshSchedule: "*/1 * * * *"
-  
-    # Set the top-level-directory name that gets mounted at the root.
-    # skahaTld: "/cavern"
-
-    # Used when allocating first-time users into the system.
-    defaultQuotaGB: "10"
-
-    # Space delimited list of allowed Image Registry hosts.  These hosts should match the hosts in the User Session images.
-    registryHosts: "images.canfar.net"
-
-    # The IVOA GMS Group URI to verify users against for permission to use the Science Platform.
-    # See https://www.ivoa.net/documents/GMS/20220222/REC-GMS-1.0.html#tth_sEc3.2
-    # usersGroup: "ivo://example.org/gms?prototyping-groups/mini-src/platform-users"
-
-    # The IVOA GMS Group URI to verify images without contacting Harbor.
-    # See https://www.ivoa.net/documents/GMS/20220222/REC-GMS-1.0.html#tth_sEc3.2
-    # adminsGroup: "ivo://example.org/gms?prototyping-groups/mini-src/platform-users"
-
-    # Group URI for users to preempt headless jobs.
-    # See https://www.ivoa.net/documents/GMS/20220222/REC-GMS-1.0.html#tth_sEc3.2
-    # headlessGroup: "ivo://example.org/gms?prototyping-groups/mini-src/platform-users"
-
-    # Group URI for users to ensure priority for their headless jobs.
-    # See https://www.ivoa.net/documents/GMS/20220222/REC-GMS-1.0.html#tth_sEc3.2
-    # headlessPriorityGroup: "ivo://example.org/gms?skaha-priority-headless-users"
-
-    # Class name to set for priority headless jobs.
-    # headlessPriorityClass: uber-user-preempt-high
-
-    # Array of GMS Group URIs allowed to set the logging level.  If none set, then nobody can change the log level.
-    # See https://www.ivoa.net/documents/GMS/20220222/REC-GMS-1.0.html#tth_sEc3.2 for GMS Group URIs
-    # See https://github.com/opencadc/core/tree/main/cadc-log for Logging control
-    # loggingGroups:
-    #   - "ivo://example.org/gms?prototyping-groups/mini-src/platform-users"
-
-    # The Resource ID (URI) of the Service that contains the Posix Mapping information
-    # posixMapperResourceID: "ivo://example.org/posix-mapper"
-
-    # URI or URL of the OIDC (IAM) server.  Used to validate incoming tokens.
-    # oidcURI: https://iam.example.org/
-
-    # The Resource ID (URI) of the GMS Service.
-    # gmsID: ivo://example.org/gms
-
-    # The absolute URL of the IVOA Registry where services are registered
-    # registryURL: https://spsrc27.iaa.csic.es/reg
-
-    # This applies to Skaha itself.  Meaning, this Pod will be scheduled as described
-    # by the nodeAffinity clause.
-    # Note the different indentation level compared to the sessions.nodeAffinity.
-    # See https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/
-    # nodeAffinity: {}
-
-    # Settings for User Sessions.  Sensible defaults supplied, but can be overridden.
-    # For units of storage, see https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#meaning-of-memory.
-    sessions:
-      expirySeconds: "345600"   # Duration, in seconds, until they expire and are shut down.
-      maxCount: "3"  # Max number of sessions per user.
-      minEphemeralStorage: "20Gi"   # The initial requested amount of ephemeral (local) storage.  Does NOT apply to Desktop sessions.
-      maxEphemeralStorage: "200Gi"  # The maximum amount of ephemeral (local) storage to allow a Session to extend to.  Does NOT apply to Desktop sessions.
-      # Declare extra volume mounts in User Sessions.  The "type: parameter in volume section is constant.
-      # extraVolumes:
-      # - name: example-pvc-name
-      #   volume:
-      #     type: PVC           # PVC is for Persistant volume claim
-      #     name: pvc-name
-      #   volumeMount:
-      #     mountPath: "/pvc-volume-mount"
-      #     subPath: "pvc"
-      # - name: example-hostpath-name
-      #   volume:
-      #     type: HOST_PATH     # HOST_PATH is for host path
-      #     hostPath: "/host-path"
-      #     hostPathType: Directory
-      #   volumeMount:
-      #     mountPath: "/host-path"
-      #     readOnly: true
-      #     mountPropagation: HostToContainer
-      # - name: config-map-volume
-      #   volume:
-      #     type: CONFIG_MAP    # CONFIG_MAP is for config map
-      #     name: example-config-map-name
-      #     defaultMode: "0777"
-      #   volumeMount:
-      #     mountPath: "/cmp"
-      # - name: secret-volume
-      #   volume:
-      #     type: SECRET        # SECRET is for secrets
-      #     name: example-secret-name
-      #     defaultMode: "0777"
-      #   volumeMount:
-      #     mountPath: "/scrt"
-
-      # When set to 'true' this flag will enable GPU node scheduling.  Don't forget to declare any related GPU configurations, if appropriate, in the nodeAffinity below!
-      # gpuEnabled: false
-
-      # Set the YAML that will go into the "affinity.nodeAffinity" stanza for Pod Spec in User Sessions.  This can be used to enable GPU scheduling, for example, 
-      # or to control how and where User Session Pods are scheduled.  This can be potentially dangerous unless you know what you are doing.
-      # See https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity
-      # nodeAffinity: {}
-
-    # Optionally set the DEBUG port.
-    # extraEnv:
-    # - name: CATALINA_OPTS
-    #   value: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=0.0.0.0:5555"
-    # - name: JAVA_OPTS
-    #   value: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=0.0.0.0:5555"
-
-    # Resources provided to the Skaha service.
-    # For units of storage, see https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#meaning-of-memory.
-    resources:
-      requests:
-        memory: "1Gi"
-        cpu: "500m"
-      limits:
-        memory: "1Gi"
-        cpu: "500m"
-
-    # Uncomment to debug.  Requires options above as well as service port exposure below.
-    # extraPorts:
-    # - containerPort: 5555
-    #   protocol: TCP
-
-    # Optionally mount a custom CA certificate
-    # extraVolumeMounts:
-    # - mountPath: "/config/cacerts"
-    #   name: cacert-volume
-
-    # If the base names have changed, then change them here, otherwise leave them.
-    priorityClassName: uber-user-preempt-high
-    serviceAccountName: skaha
-
-    # The IdentityManager class handling authentication.  This should generally be left alone
-    identityManagerClass: org.opencadc.auth.StandardIdentityManager
-
-    # Create the CA certificate volume to be mounted in extraVolumeMounts
-    # extraVolumes:
-    # - name: cacert-volume
-    #   secret:
-    #     defaultMode: 420
-    #     secretName: skaha-cacert-secret
-
-  # Specify extra hostnames that will be added to the Pod's /etc/hosts file.  Note that this is in the
-  # deployment object, not the skaha one.
-  # extraHosts:
-  #   - ip: 127.3.34.5
-  #     hostname: myhost.example.org
-  # extraHosts: []
-
-
-secrets:
-  # Uncomment to enable local or self-signed CA certificates for your domain to be trusted.
-  # skaha-cacert-secret:
-  #   ca.crt: <base64 encoded CA crt>
-
-# Set these appropriately to match your Persistent Volume labels.
-storage:
-  service:
-    spec:
-      # YAML for service mounted storage.
-      # Example is the persistentVolumeClaim below.
-      # persistentVolumeClaim:
-      #   claimName: skaha-pvc
-
-# For caching images from the Image Repository and for the writing the POSIX Users and Groups to be shared with Job files
-redis:
-  architecture: 'standalone'
-  auth:
-    enabled: false
-  master:
-    persistence:
-      enabled: false
-    containerSecurityContext:
-      runAsUser: 1001
-      runAsGroup: 1001
-      runAsNonRoot: true
-      allowPrivilegeEscalation: false
-      readOnlyRootFilesystem: true
-      seccompProfile:
-        type: RuntimeDefault
-      capabilities:
-        drop: ["ALL"]
diff --git a/deployment/helm/storage-ui/.helmignore b/deployment/helm/storage-ui/.helmignore
deleted file mode 100644
index 8380f283..00000000
--- a/deployment/helm/storage-ui/.helmignore
+++ /dev/null
@@ -1,24 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
-*-values.yaml
diff --git a/deployment/helm/storage-ui/CHANGELOG.md b/deployment/helm/storage-ui/CHANGELOG.md
deleted file mode 100644
index 30e993e1..00000000
--- a/deployment/helm/storage-ui/CHANGELOG.md
+++ /dev/null
@@ -1,15 +0,0 @@
-# Storage User Interface Helm Chart (0.3.0)
-
-## December 3, 2024 (0.3.0)
-* Add batch download options
-* Small optimizations and fixes
-
-## June 24, 2024 (0.2.3)
-* Fix to use tokens for APIs on a different host.
-
-## April 5, 2024 (0.1.7)
-* Add feature to set Kubernetes secret to declare OpenID Connect client secret to avoid setting it explicitly
-
-## January 12, 2024 (0.1.3)
-* OpenID Connect compliant with Authorization Code flow
-* Feature flag to disable some features (Batch download/upload, ZIP Download, Create External Links, Supports Paginated downloads)
\ No newline at end of file
diff --git a/deployment/helm/storage-ui/Chart.yaml b/deployment/helm/storage-ui/Chart.yaml
deleted file mode 100644
index ba9f2788..00000000
--- a/deployment/helm/storage-ui/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-name: storageui
-description: "A Helm chart to install the User Storage UI"
-
-# A chart can be either an 'application' or a 'library' chart.
-#
-# Application charts are a collection of templates that can be packaged into versioned archives
-# to be deployed.
-#
-# Library charts provide useful utilities or functions for the chart developer. They're included as
-# a dependency of application charts to inject those utilities and functions into the rendering
-# pipeline. Library charts do not define any templates and therefore cannot be deployed.
-type: application
-
-# This is the chart version. This version number should be incremented each time you make changes
-# to the chart and its templates, including the app version.
-# Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.3.0
-
-# This is the version number of the application being deployed. This version number should be
-# incremented each time you make changes to the application. Versions are not expected to
-# follow Semantic Versioning. They should reflect the version the application is using.
-# It is recommended to use it with quotes.
-appVersion: "1.2.1"
-
-dependencies:
-  - name: "redis"
-    version: "^18.4.0"
-    repository: "oci://registry-1.docker.io/bitnamicharts"
-  - name: "utils"
-    version: "^0.1.0"
-    repository: "file://../utils"
diff --git a/deployment/helm/storage-ui/README.md b/deployment/helm/storage-ui/README.md
index 1905c1f5..3d078024 100644
--- a/deployment/helm/storage-ui/README.md
+++ b/deployment/helm/storage-ui/README.md
@@ -1,111 +1,2 @@
-# Helm Chart for the User Storage user interface
-
-See the [Deployment Guide](../README.md) for a better idea of the underlying APIs.
-
-## Dependencies
-
-- An existing Kubernetes cluster.
-- An IVOA Registry (See the [Current SKAO Registry](https://spsrc27.iaa.csic.es/reg))
-- A working Cavern (User Storage) system
-
-## Install
-
-The Science Portal is a Single Page Application (SPA) with a rich Javascript client and DOM manager.  It uses React to power the various Dashboard elements, and is configurable for different OpenID Providers (OIdP).
-
-### Minimum Helm configuration
-
-See the full set of options in the [values.yaml](https://github.com/opencadc/science-platform/blob/SP-3544/deployment/helm/storage-ui/values.yaml).  The deployed Redirect URI (`redirect_uri`) is `/storage-ui/oidc-callback`, which handles
-receiving the `code` as part of the authorization code flow, and obtaining a token to put into a cookie.
-
-`my-storage-ui-local-values-file.yaml`
-```yaml
-deployment:
-  hostname: example.com # Change this!
-  storageUI:
-    # OIDC (IAM) server configuration.  These are required
-    oidc:
-      # Location of the OpenID Provider (OIdP), and where users will login
-      uri: https://ska-iam.stfc.ac.uk/
-
-      # The Client ID as listed on the OIdP.  Create one at the uri above.
-      clientID: <myclientid>
-
-      # The Client Secret, which should be generated by the OIdP.
-      clientSecret: <myclientsecret>
-
-      # Used instead of clientSecret above.  Useful to avoid setting the clientSecret explicitly.
-      existingSecretName: <kubernetes-secret-name>
-
-      # Where the OIdP should send the User after successful authentication.  This is also known as the redirect_uri in OpenID.  This URI NEEDS
-      redirectURI: https://example.com/storage/oidc-callback
-
-      # Where to redirect to after the redirectURI callback has completed.  This will almost always be the URL to the /storage-ui main page (https://example.com/storage-ui).
-      callbackURI: https://example.com/storage/list
-
-      # The standard OpenID scopes for token requests.  This is required, and if using the SKAO IAM, can be left as-is.
-      scope: "openid profile offline_access"
-
-    # ID (URI) of the GMS Service.
-    gmsID: ivo://skao.int/gms
-
-    # Backend services
-    backend:
-      defaultService: cavern
-      services:
-        cavern:
-          resourceID: "ivo://example.org/cavern"
-          nodeURIPrefix: "vos://example.org~cavern" # How VOSpace URIs will be prefixed
-          userHomeDir: "/home"
-          # Some VOSpace services support these features.  Cavern does not, but it needs to be explicitly declared here.
-          features:
-            batchDownload: false
-            batchUpload: false
-            externalLinks: false
-            paging: false
-            directDownload: false
-
-    # Specify the SRC theme.
-    themeName: src
-
-    # Optionally mount a custom CA certificate
-    # extraVolumeMounts:
-    # - mountPath: "/config/cacerts"
-    #   name: cacert-volume
-
-    # Create the CA certificate volume to be mounted in extraVolumeMounts
-    # extraVolumes:
-    # - name: cacert-volume
-    #   secret:
-    #     defaultMode: 420
-    #     secretName: storage-ui-cacert-secret
-
-# secrets:
-  # Uncomment to enable local or self-signed CA certificates for your domain to be trusted.
-  # storage-ui-cacert-secret:
-    # ca.crt: <base64 encoded ca.crt blob>
-```
-
-### Run with configured values
-
-```bash
-helm repo add science-platform-client https://images.opencadc.org/chartrepo/client
-helm repo update
-
-helm install -n skaha-system --values my-storage-ui-local-values-file.yaml storageui science-platform-client/storageui
-
-Release "storageui" has been installed. Happy Helming!
-NAME: storageui
-LAST DEPLOYED: Thu Jan 12 17:01:07 2024
-NAMESPACE: skaha-system
-STATUS: deployed
-REVISION: 1
-TEST SUITE: None
-```
-
-## Authentication & Authorization
-
-A&A is handle by caching the Token Set server side and issuing a cookie to the browser to enable secure retrieval.  See the [Application Authentication Documentation](../../../docs/authentication/).
-
-## Endpoints
-
-The system will be available at the `/storage` endpoint, (i.e. https://example.com/storage/list).  Authenticating to the system is optional.
+# Storage UI Helm Deployment
+Now available at the [OpenCADC Deployments](https://github.com/opencadc/deployments.git) repository.
\ No newline at end of file
diff --git a/deployment/helm/storage-ui/config/cadc-log.properties b/deployment/helm/storage-ui/config/cadc-log.properties
deleted file mode 100644
index bcd22afb..00000000
--- a/deployment/helm/storage-ui/config/cadc-log.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-{{- range $val := .Values.deployment.storageUI.loggingGroups }}
-group = {{ $val }}
-{{- end }}
\ No newline at end of file
diff --git a/deployment/helm/storage-ui/config/cadc-registry.properties b/deployment/helm/storage-ui/config/cadc-registry.properties
deleted file mode 100644
index d222726d..00000000
--- a/deployment/helm/storage-ui/config/cadc-registry.properties
+++ /dev/null
@@ -1,18 +0,0 @@
-#
-# local authority map
-#
-# <base standardID> = <authority>
-
-ivo://ivoa.net/std/GMS#search-1.0 = {{ .Values.deployment.storageUI.gmsID }}
-ivo://ivoa.net/std/GMS#users-1.0 = {{ .Values.deployment.storageUI.gmsID }}
-ivo://ivoa.net/std/UMS#users-0.1 = {{ .Values.deployment.storageUI.gmsID }}
-ivo://ivoa.net/std/UMS#users-1.0 = {{ .Values.deployment.storageUI.gmsID }}
-{{- if .Values.deployment.storageUI.oidc }}
-ivo://ivoa.net/sso#OAuth = {{ .Values.deployment.storageUI.oidc.uri }}
-ivo://ivoa.net/sso#OpenID = {{ .Values.deployment.storageUI.oidc.uri }}
-{{- else }}
-ivo://ivoa.net/sso#OAuth = {{ .Values.deployment.storageUI.gmsID }}
-ivo://ivoa.net/sso#OpenID = {{ .Values.deployment.storageUI.gmsID }}
-{{- end }}
-
-ca.nrc.cadc.reg.client.RegistryClient.baseURL = {{ .Values.deployment.storageUI.registryURL }}
diff --git a/deployment/helm/storage-ui/config/catalina.properties b/deployment/helm/storage-ui/config/catalina.properties
deleted file mode 100644
index eb091cee..00000000
--- a/deployment/helm/storage-ui/config/catalina.properties
+++ /dev/null
@@ -1,7 +0,0 @@
-tomcat.connector.scheme=https
-tomcat.connector.proxyName={{ .Values.deployment.hostname }}
-tomcat.connector.proxyPort=443
-ca.nrc.cadc.auth.PrincipalExtractor.enableClientCertHeader=true
-ca.nrc.cadc.util.Log4jInit.messageOnly=true
-# (default: ca.nrc.cadc.auth.NoOpIdentityManager)
-ca.nrc.cadc.auth.IdentityManager={{ .Values.deployment.storageUI.identityManagerClass }}
\ No newline at end of file
diff --git a/deployment/helm/storage-ui/config/org.opencadc.vosui.properties b/deployment/helm/storage-ui/config/org.opencadc.vosui.properties
deleted file mode 100644
index 9aae3f38..00000000
--- a/deployment/helm/storage-ui/config/org.opencadc.vosui.properties
+++ /dev/null
@@ -1,50 +0,0 @@
-# Properties required for interacting with a VOSpace web service
-# Default vospace service
-org.opencadc.vosui.service.default = {{ required "The backend.defaultService string is required." .Values.deployment.storageUI.backend.defaultService }}
-
-{{ range $name, $nameConfig := .Values.deployment.storageUI.backend.services }}
-# Begin {{ $name }}-related values
-org.opencadc.vosui.service.name = {{ $name }}
-# The resource id of the VOSpace web service to use
-org.opencadc.vosui.{{ $name }}.service.resourceid = {{ $nameConfig.resourceID }}
-# Base URI to use as node identifier
-org.opencadc.vosui.{{ $name }}.node.resourceid = {{ $nameConfig.nodeURIPrefix }}
-# User home directory root
-org.opencadc.vosui.{{ $name }}.user.home = {{ $nameConfig.userHomeDir }}
-# End {{ $name }}-related values
-
-# Features for this service.
-# batchDownload: true/false - Whether the batch downloadManager service is available for batch downloads.
-# batchUpload: true/false - Whether the batch downloadManager service is available for batch downloads.
-# externalLinks: true/false - Whether this service supports creating hyperlinks (external to the system), such as http(s) links or ftp links.  File systems do not support this.
-# paging: true/false - Whether this VOSpace service supports the limit=<int> and startURI=<uri> features.
-# directDownload: true/false - Optional as to whether downloads directly from the VOSpace backend are supported to optimize a redirect from the browser, rather than proxying it.  Default is false.
-{{- with $nameConfig.features }}
-org.opencadc.vosui.{{ $name }}.service.features.batchDownload = {{ required "The service.features.batchDownload flag is required." .batchDownload }}
-org.opencadc.vosui.{{ $name }}.service.features.batchUpload = {{ required "The service.features.batchUpload flag is required." .batchUpload }}
-org.opencadc.vosui.{{ $name }}.service.features.externalLinks = {{ required "The service.features.externalLinks flag is required." .externalLinks }}
-org.opencadc.vosui.{{ $name }}.service.features.paging = {{ required "The service.features.paging flag is required." .paging }}
-org.opencadc.vosui.{{ $name }}.service.features.directDownload = {{ default false .directDownload }}
-{{- end }}
-{{ end }}
-
-org.opencadc.vosui.gms.service_id = {{ required "The storageUI.gmsID string is required." .Values.deployment.storageUI.gmsID }}
-org.opencadc.vosui.theme.name = {{ required "The storageUI.themeName string is required (valid values are src or canfar)." .Values.deployment.storageUI.themeName }}
-
-{{- with .Values.deployment.storageUI.oidc }}
-
-{{ if .existingSecretName }}
-  {{ $existingSecretName := .existingSecretName }}
-  {{ $namespace := .Values.skaha.namespace }}
-  {{ $clientSecret := include "getSecretKeyValue" (list $existingSecretName "clientSecret" $namespace) }}
-org.opencadc.vosui.oidc.clientSecret = {{ $clientSecret }}
-{{- else -}}
-org.opencadc.vosui.oidc.clientSecret = {{ .clientSecret }}
-{{- end }}
-
-org.opencadc.vosui.oidc.clientID = {{ required "To enable OpenID Connect, a valid oidc.clientID is required." .clientID }}
-org.opencadc.vosui.oidc.callbackURI = {{ .callbackURI }}
-org.opencadc.vosui.oidc.redirectURI = {{ .redirectURI }}
-org.opencadc.vosui.oidc.scope = {{ .scope }}
-org.opencadc.vosui.tokenCache.url = redis://{{ $.Release.Name }}-redis-master.{{ $.Values.skaha.namespace }}.svc.{{ $.Values.kubernetesClusterDomain }}:6379
-{{- end }}
diff --git a/deployment/helm/storage-ui/templates/storage-ui-clientsecret.yaml b/deployment/helm/storage-ui/templates/storage-ui-clientsecret.yaml
deleted file mode 100644
index b23671c4..00000000
--- a/deployment/helm/storage-ui/templates/storage-ui-clientsecret.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-{{/*
-GetSecretKeyValue gets the value of a key from within a specified Secret.
-Usage: {{ getSecretKeyValue "existingSecretName" "keyName" "namespace" }}
-*/}}
-{{- define "getSecretKeyValue" -}}
-{{- $secretName := index . 0 -}}
-{{- $keyName := index . 1 -}}
-{{- $namespace := index . 2 -}}
-{{- $secret := (lookup "v1" "Secret" $namespace $secretName) -}}
-{{- if $secret -}}
-  {{- $value := index $secret.data $keyName -}}
-  {{- if $value -}}
-    {{- $decodedValue := $value | b64dec -}}
-    {{- print $decodedValue -}}
-  {{- else -}}
-    {{- fail (printf "Error: Key %s not found in the secret %s in namespace %s" $keyName $secretName $namespace) -}}
-  {{- end -}}
-{{- else -}}
-  {{- fail (printf "Error: Secret %s not found in namespace %s" $secretName $namespace) -}}
-{{- end -}}
-{{- end -}}
-
-
diff --git a/deployment/helm/storage-ui/templates/storage-ui-config-configmap.yaml b/deployment/helm/storage-ui/templates/storage-ui-config-configmap.yaml
deleted file mode 100644
index 9f55ecf5..00000000
--- a/deployment/helm/storage-ui/templates/storage-ui-config-configmap.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: storage-ui-config
-  namespace: {{ .Values.skaha.namespace }}
-data:
-{{ tpl (.Files.Glob "config/*").AsConfig . | indent 2 }}
-{{- include "utils.extraConfig" (dict "extraConfigData" .Values.deployment.storageUI.extraConfigData) -}}
diff --git a/deployment/helm/storage-ui/templates/storage-ui-ingress.yaml b/deployment/helm/storage-ui/templates/storage-ui-ingress.yaml
deleted file mode 100644
index 68f69a31..00000000
--- a/deployment/helm/storage-ui/templates/storage-ui-ingress.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: storage-ui-ingress
-  namespace: {{ .Values.skaha.namespace }}
-  annotations:
-    spec.ingressClassName: traefik
-spec:
-  rules:
-  - host: {{ .Values.deployment.hostname }}
-    http:
-      paths:
-      - path: /storage
-        pathType: Prefix
-        backend:
-          service:
-            name: storage-ui-tomcat-svc
-            port:
-              number: 8080
diff --git a/deployment/helm/storage-ui/templates/storage-ui-secrets.yaml b/deployment/helm/storage-ui/templates/storage-ui-secrets.yaml
deleted file mode 100644
index 68361ba1..00000000
--- a/deployment/helm/storage-ui/templates/storage-ui-secrets.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-{{- range $secretIndex, $secretName := .Values.secrets }}
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ $secretIndex }}
-  namespace: {{ $.Values.skaha.namespace }}
-type: Opaque
-data:
-  {{- range $certKey, $certValue := . }}
-    {{ $certKey }}: {{ $certValue | quote }}
-  {{- end }}
-{{- end }}
diff --git a/deployment/helm/storage-ui/templates/storage-ui-tomcat-deployment.yaml b/deployment/helm/storage-ui/templates/storage-ui-tomcat-deployment.yaml
deleted file mode 100644
index b16a18a9..00000000
--- a/deployment/helm/storage-ui/templates/storage-ui-tomcat-deployment.yaml
+++ /dev/null
@@ -1,68 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  labels:
-    run: storage-ui-tomcat
-  name: storage-ui-tomcat
-  namespace: {{ .Values.skaha.namespace }}
-spec:
-  replicas: {{ default 1 .Values.replicaCount }}
-  selector:
-    matchLabels:
-      run: storage-ui-tomcat
-  template:
-    metadata:
-      labels:
-        run: storage-ui-tomcat
-    spec:
-{{- with .Values.deployment.storageUI.nodeAffinity }}
-      affinity:
-        nodeAffinity:
-{{ . | toYaml | indent 10 }}
-{{- end }}
-      imagePullSecrets:
-        - name: regcred
-      containers:
-      - image: {{ .Values.deployment.storageUI.image }}
-        imagePullPolicy: {{ .Values.deployment.storageUI.imagePullPolicy }}
-        name: storage-ui-tomcat
-        resources:
-          requests:
-            memory: {{ .Values.deployment.storageUI.resources.requests.memory }}
-            cpu: {{ .Values.deployment.storageUI.resources.requests.cpu }}
-          limits:
-            memory: {{ .Values.deployment.storageUI.resources.limits.memory }}
-            cpu: {{ .Values.deployment.storageUI.resources.limits.cpu }}
-        ports: 
-        - containerPort: 8080
-          protocol: TCP
-        {{- with .Values.deployment.storageUI.extraPorts }}
-        {{- toYaml . | nindent 8 }}
-        {{- end }}
-        volumeMounts: 
-        - mountPath: "/config"
-          name: config-volume
-        {{- with .Values.deployment.storageUI.extraVolumeMounts }}
-        {{- toYaml . | nindent 8 }}
-        {{- end }}
-        {{- if .Values.deployment.storageUI.extraEnv }}
-        env:
-        {{- with .Values.deployment.storageUI.extraEnv }}
-        {{- toYaml . | nindent 8 }}
-        {{- end }}
-        {{- end }}
-{{- with .Values.deployment.extraHosts }}
-      hostAliases:
-{{- range $extraHost := . }}
-        - ip: {{ $extraHost.ip }}
-          hostnames:
-            - {{ $extraHost.hostname }}
-{{- end }}
-{{- end }}
-      volumes:
-      - name: config-volume
-        configMap:
-          name: storage-ui-config
-      {{- with .Values.deployment.storageUI.extraVolumes }}
-      {{- toYaml . | nindent 6 }}
-      {{- end }}
diff --git a/deployment/helm/storage-ui/templates/storage-ui-tomcat-expose.yaml b/deployment/helm/storage-ui/templates/storage-ui-tomcat-expose.yaml
deleted file mode 100644
index 7c8ffb91..00000000
--- a/deployment/helm/storage-ui/templates/storage-ui-tomcat-expose.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: storage-ui-tomcat-svc
-  namespace: {{ .Values.skaha.namespace }}
-  labels:
-    run: storage-ui-tomcat-svc
-spec:
-  ports: 
-  - port: 8080
-    name: http-connection
-    protocol: TCP
-  {{ with .Values.service }}
-    {{ with .reg }}
-      {{ with .extraPorts }}
-  {{- toYaml . | nindent 2 }}
-      {{- end }}
-    {{- end }}
-  {{- end }}
-  selector:
-    run: storage-ui-tomcat
diff --git a/deployment/helm/storage-ui/values.yaml b/deployment/helm/storage-ui/values.yaml
deleted file mode 100644
index 12bec9e4..00000000
--- a/deployment/helm/storage-ui/values.yaml
+++ /dev/null
@@ -1,119 +0,0 @@
-kubernetesClusterDomain: cluster.local
-
-# Tell Kubernetes to spin up multiple instances.  Defaults to 1.
-replicaCount: 1
-
-# It's best to keep these set as such, unless you're willing to change these in several places.
-skaha:
-  namespace: skaha-system
-
-# POSIX Mapper web service deployment
-deployment:
-  hostname: example.host.com    # Change this!
-  storageUI:
-    image: images.opencadc.org/client/storage-ui:1.2.1
-    imagePullPolicy: Always
-
-    # Optionally set the DEBUG port.
-    # extraEnv:
-    # - name: CATALINA_OPTS
-    #   value: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=0.0.0.0:5555"
-    # - name: JAVA_OPTS
-    #   value: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=0.0.0.0:5555"
-
-    # Uncomment to debug.  Requires options above as well as service port exposure below.
-    # extraPorts:
-    # - containerPort: 5555
-    #   protocol: TCP
-
-    # Resources provided to the Skaha service.
-    resources:
-      requests:
-        memory: "500M"
-        cpu: "500m"
-      limits:
-        memory: "500M"
-        cpu: "500m"
-
-    # Groups that can alter logging.  Empty array means nobody can alter it.
-    # loggingGroups: []
-
-    # Dictionary of all VOSpace APIs (Services) available that will be visible on the UI.
-    # Format is:
-    # backend:
-    #   defaultService: cavern
-    #   services:
-    #     cavern:
-    #       resourceID: "ivo://cadc.nrc.ca/arc"
-    #       nodeURIPrefix: "vos://cadc.nrc.ca~arc"
-    #       userHomeDir: "/home"
-    #       features:
-    #         batchDownload: false
-    #         batchUpload: false
-    #         externalLinks: false
-    #         paging: false
-    #         directDownload: false
-
-    # ID (URI) of the GMS Service.
-    # gmsID: ivo://example.org/gms
-
-    # OIDC (IAM) server configuration.  These are required
-    # oidc:
-      # Location of the OpenID Provider (OIdP)
-      # uri: https://ska-iam.stfc.ac.uk/
-      # The Client ID as listed on the OIdP.
-      # clientID: 
-      # The Client Secret, which should be generated by the OIdP.
-      # clientSecret: 
-      # Name of existing secret containing 'clientSecret' key with value of Client Secret, which should be generated by the OIdP.
-      # This is an alternative to providing the 'clientSecret' in cleartext in the chart.
-      # existingSecretName:
-      # Where the OIdP should send the User after successful authentication (redirect_uri)
-      # redirectURI:
-      # Where to redirect to after the redirectURI callback has completed.  This will usually be the URL to the /storage/list main page.
-      # callbackURI: 
-      # The standard OpenID scopes for token requests.  This is required.
-      # scope: "openid profile offline_access"
-
-    # Set the Registry URL pointing to the desired registry (https:// URL)
-    # registryURL: https://example.org/reg
-
-    # This applies to the Science Portal itself.  Meaning, this Pod will be scheduled as described
-    # by the nodeAffinity clause.
-    # See https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/
-    # nodeAffinity: {}
-
-    # The IdentityManager class handling authentication.  This should generally be left alone
-    identityManagerClass: org.opencadc.auth.StandardIdentityManager
-
-    # Optionally mount a custom CA certificate
-    # extraVolumeMounts:
-    # - mountPath: "/config/cacerts"
-    #   name: cacert-volume
-
-    # Create the CA certificate volume to be mounted in extraVolumeMounts
-    # extraVolumes:
-    # - name: cacert-volume
-    #   secret:
-    #     defaultMode: 420
-    #     secretName: storage-ui-cacert-secret
-
-    # Theme to use for presentation layer.
-    # Values are:
-    # - src   (SRCNet)
-    # - canfar  (CANFAR)
-    # themeName: src
-
-# secrets:
-  # Uncomment to enable local or self-signed CA certificates for your domain to be trusted.
-  # storage-ui-cacert-secret:
-  #   ca.crt: <base64 encoded ca crt>
-
-# For the token caching
-redis:
-  architecture: 'standalone'
-  auth:
-    enabled: false
-  master:
-    persistence:
-      enabled: false
diff --git a/skaha/Dockerfile b/skaha/Dockerfile
index 4f09d278..3f339736 100644
--- a/skaha/Dockerfile
+++ b/skaha/Dockerfile
@@ -12,7 +12,7 @@ RUN ./gradlew clean spotlessCheck build --no-daemon
 FROM images.opencadc.org/library/cadc-tomcat:1.3 AS production
 
 RUN set -eux \
-    && dnf install --nodocs --assumeyes --setopt=install_weak_deps=False dnf-plugins-core-4.9.0-1.fc40 \
+    && dnf install --nodocs --assumeyes --setopt=install_weak_deps=False dnf-plugins-core-4.10.0-1.fc40 \
     && dnf -y config-manager --add-repo https://download.docker.com/linux/fedora/docker-ce.repo \
     && dnf -y install --nodocs --assumeyes --setopt=install_weak_deps=False \
         acl-2.3.2-1.fc40 attr-2.5.2-3.fc40 \