feat: comprehensive project structure improvements and Cloud for Sovereignty landing zone

- Add Cloud for Sovereignty landing zone architecture and deployment
- Implement complete legal document management system
- Reorganize documentation with improved navigation
- Add infrastructure improvements (Dockerfiles, K8s, monitoring)
- Add operational improvements (graceful shutdown, rate limiting, caching)
- Create comprehensive project structure documentation
- Add Azure deployment automation scripts
- Improve repository navigation and organization

docs/deployment/automation/seal-deployment.md

@@ -0,0 +1,263 @@
+# Seal Deployment Automation Guide
+
+Complete automation for Order of St John credential seal deployment.
+
+## Quick Start
+
+**One-Command Deployment:**
+```bash
+./scripts/deploy/complete-seal-deployment.sh
+```
+
+This automates:
+1. ✅ SVG to PNG conversion (all sizes)
+2. ✅ File validation
+3. ✅ Manifest generation
+4. ✅ Deployment checklist
+5. ✅ Summary report
+
+## Automation Scripts
+
+### 1. Complete Seal Preparation
+**Script**: `scripts/deploy/prepare-all-credential-seals.sh`
+
+Converts all SVG seals to PNG in multiple sizes:
+- 200x200px (for credentials)
+- 400x400px (high-res)
+- 800x800px (print)
+
+**Usage:**
+```bash
+./scripts/deploy/prepare-all-credential-seals.sh
+```
+
+**Output:**
+- PNG files in `assets/credential-images/png/`
+- File manifest
+- Validation report
+- CDN upload script template
+
+### 2. Seal Validation
+**Script**: `scripts/validation/validate-seal-files.sh`
+
+Validates:
+- SVG file structure
+- Maltese Cross presence
+- OSJ references
+- PNG file integrity
+- File sizes
+- Manifest template references
+
+**Usage:**
+```bash
+./scripts/validation/validate-seal-files.sh
+```
+
+### 3. Complete Deployment
+**Script**: `scripts/deploy/complete-seal-deployment.sh`
+
+Orchestrates all steps:
+1. Prepare seals (convert SVG to PNG)
+2. Validate files
+3. Generate deployment checklist
+4. Create summary report
+
+**Usage:**
+```bash
+./scripts/deploy/complete-seal-deployment.sh
+```
+
+### 4. Update Manifest URLs
+**Script**: `scripts/deploy/update-manifest-seal-urls.sh`
+
+Updates manifest templates with CDN URLs after upload.
+
+**Usage:**
+```bash
+# Default CDN
+./scripts/deploy/update-manifest-seal-urls.sh
+
+# Custom CDN
+CDN_BASE_URL=https://your-cdn.com/images ./scripts/deploy/update-manifest-seal-urls.sh
+```
+
+## Workflow
+
+### Step 1: Prepare Seals
+```bash
+./scripts/deploy/prepare-all-credential-seals.sh
+```
+
+This creates:
+- PNG files in all required sizes
+- File manifest
+- Validation report
+- Upload script template
+
+### Step 2: Validate
+```bash
+./scripts/validation/validate-seal-files.sh
+```
+
+Checks:
+- All required seals exist
+- SVG structure is valid
+- PNG files are valid
+- File sizes are appropriate
+
+### Step 3: Review
+Review generated files:
+- `assets/credential-images/png/MANIFEST.txt`
+- `assets/credential-images/png/VALIDATION_REPORT.txt`
+- Check PNG quality
+
+### Step 4: Upload to CDN
+```bash
+cd assets/credential-images/png
+./upload-to-cdn.sh
+```
+
+Or manually upload to your CDN provider.
+
+### Step 5: Update Manifests
+```bash
+./scripts/deploy/update-manifest-seal-urls.sh
+```
+
+Updates all manifest templates with CDN URLs.
+
+### Step 6: Test
+- Issue test credentials
+- Verify seals display correctly
+- Test all credential types
+
+## File Structure
+
+```
+assets/credential-images/
+├── svg/                          # Source SVG files
+│   ├── digital-bank-seal.svg
+│   ├── iccc-seal.svg
+│   ├── iccc-provost-marshals-seal.svg
+│   └── diplomatic-security-seal.svg
+├── png/                          # Generated PNG files
+│   ├── digital-bank-seal.png
+│   ├── digital-bank-seal-200x200.png
+│   ├── digital-bank-seal-400x400.png
+│   ├── digital-bank-seal-800x800.png
+│   ├── ... (other seals)
+│   ├── MANIFEST.txt
+│   ├── VALIDATION_REPORT.txt
+│   ├── upload-to-cdn.sh
+│   └── UPLOAD_INSTRUCTIONS.md
+├── DEPLOYMENT_CHECKLIST.md
+└── DEPLOYMENT_SUMMARY.md
+```
+
+## Dependencies
+
+### Required
+- Bash 4.0+
+- SVG files in `assets/credential-images/svg/`
+
+### Optional (for conversion)
+- **ImageMagick** (recommended):
+  ```bash
+  sudo apt-get install imagemagick  # Linux
+  brew install imagemagick          # macOS
+  ```
+
+- **Inkscape**:
+  ```bash
+  sudo apt-get install inkscape     # Linux
+  brew install inkscape              # macOS
+  ```
+
+- **Node.js with sharp**:
+  ```bash
+  pnpm add sharp
+  ```
+
+## CDN Configuration
+
+### AWS S3 Example
+```bash
+# In upload-to-cdn.sh
+aws s3 cp digital-bank-seal.png s3://your-bucket/images/digital-bank-seal.png --acl public-read
+```
+
+### Azure Blob Storage Example
+```bash
+# In upload-to-cdn.sh
+az storage blob upload --file digital-bank-seal.png --container-name images --name digital-bank-seal.png --account-name your-account
+```
+
+### Cloudflare R2 Example
+```bash
+# In upload-to-cdn.sh
+rclone copy digital-bank-seal.png r2:images/digital-bank-seal.png
+```
+
+## Environment Variables
+
+Set CDN base URL:
+```bash
+export CDN_BASE_URL=https://cdn.theorder.org/images
+```
+
+Or inline:
+```bash
+CDN_BASE_URL=https://your-cdn.com/images ./scripts/deploy/update-manifest-seal-urls.sh
+```
+
+## Troubleshooting
+
+### Conversion Fails
+- Install ImageMagick, Inkscape, or sharp
+- Check SVG files are valid
+- Verify file permissions
+
+### Validation Warnings
+- Review warnings in validation report
+- Check SVG structure
+- Verify PNG files are valid
+
+### CDN Upload Issues
+- Verify CDN credentials
+- Check file permissions
+- Ensure HTTPS is configured
+
+## Best Practices
+
+1. **Always validate** after conversion
+2. **Review PNG quality** before deployment
+3. **Test in wallets** before production
+4. **Use HTTPS** for all CDN URLs
+5. **Optimize file sizes** (<100KB recommended)
+6. **Version control** SVG source files
+7. **Document changes** in deployment summary
+
+## Automation Summary
+
+| Task | Script | Status |
+|------|--------|--------|
+| SVG to PNG conversion | `prepare-all-credential-seals.sh` | ✅ Automated |
+| File validation | `validate-seal-files.sh` | ✅ Automated |
+| Manifest URL updates | `update-manifest-seal-urls.sh` | ✅ Automated |
+| Complete deployment | `complete-seal-deployment.sh` | ✅ Automated |
+| CDN upload | `upload-to-cdn.sh` | ⚠️ Template (customize) |
+
+## Next Steps After Automation
+
+1. ✅ Review generated PNG files
+2. ✅ Customize CDN upload script
+3. ✅ Upload to CDN
+4. ✅ Update manifest URLs
+5. ✅ Test credential issuance
+6. ✅ Deploy to production
+
+---
+
+**Last Updated**: [Current Date]  
+**Automation Status**: ✅ Complete
+