d-bis/the_order
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3bf47efa2bace8530fab2e55aa219ec02329fd3c
the_order/docs/deployment/AZURE_CDN_SETUP_COMPLETE.md
defiQUG 92cc41d26d Add Legal Office seal and complete Azure CDN deployment 
- Add Legal Office of the Master seal (SVG design with Maltese Cross, scales of justice, legal scroll)
- Create legal-office-manifest-template.json for Legal Office credentials
- Update SEAL_MAPPING.md and DESIGN_GUIDE.md with Legal Office seal documentation
- Complete Azure CDN infrastructure deployment:
  - Resource group, storage account, and container created
  - 17 PNG seal files uploaded to Azure Blob Storage
  - All manifest templates updated with Azure URLs
  - Configuration files generated (azure-cdn-config.env)
- Add comprehensive Azure CDN setup scripts and documentation
- Fix manifest URL generation to prevent double slashes
- Verify all seals accessible via HTTPS
2025-11-12 22:03:42 -08:00

5.1 KiB
Raw Blame History

Azure CDN Setup - Complete Status

All Azure Components Prepared

Infrastructure Scripts Created

  1. Quota Checker: infra/scripts/azure-check-cdn-quotas.sh

    • Checks storage account quota
    • Checks CDN profile quota
    • Checks resource group quota
    • Generates quota report

  2. Infrastructure Setup: infra/scripts/azure-cdn-setup.sh

    • Creates resource group
    • Creates storage account
    • Creates container with public access
    • Creates CDN profile
    • Creates CDN endpoint
    • Configures CORS
    • Generates configuration file

  3. File Upload: scripts/deploy/upload-seals-to-azure.sh

    • Uploads all PNG files to Azure Blob Storage
    • Sets correct content types
    • Verifies uploads

  4. Complete Automation: scripts/deploy/setup-azure-cdn-complete.sh

    • Orchestrates all steps
    • Handles errors gracefully
    • Generates final configuration

Terraform Infrastructure

File: infra/terraform/cdn.tf

Creates:

  • Storage account for CDN images
  • Storage container with public blob access
  • CDN profile (Standard_Microsoft)
  • CDN endpoint with compression
  • CORS configuration

Quota Status

Verified Quotas:

  • Storage Accounts: 4/250 (246 available)
  • CDN Profiles: 0/25 (25 available)
  • Resource Groups: 7/980 (973 available)
  • CDN Endpoints: 0 (25 per profile available)
  • Storage Capacity: Sufficient

Status: All quotas are sufficient

Components to be Created

Resource Group

  • Name: the-order-cdn-rg
  • Location: westeurope
  • Purpose: CDN infrastructure

Storage Account

  • Name: theordercdn<timestamp> (globally unique)
  • SKU: Standard_LRS
  • Public Access: Enabled (blob level)
  • CORS: Configured

Storage Container

  • Name: images
  • Access Type: Blob (public read)
  • Purpose: Store credential seal PNG files

CDN Profile

  • Name: theorder-cdn-profile
  • SKU: Standard_Microsoft
  • Purpose: CDN profile for image delivery

CDN Endpoint

  • Name: theorder-cdn-endpoint
  • Origin: Storage account blob host
  • Compression: Enabled (gzip, deflate)
  • Cache: 1 day default

Configuration File

After setup, azure-cdn-config.env will contain:

# Storage Account
AZURE_STORAGE_ACCOUNT=<account-name>
AZURE_STORAGE_KEY=<key>
AZURE_STORAGE_CONTAINER=images
AZURE_RESOURCE_GROUP=the-order-cdn-rg
AZURE_LOCATION=westeurope

# CDN
AZURE_CDN_PROFILE=theorder-cdn-profile
AZURE_CDN_ENDPOINT=theorder-cdn-endpoint
AZURE_CDN_ENDPOINT_URL=<endpoint-url>

# URLs
CDN_BASE_URL_BLOB=https://<account>.blob.core.windows.net/images/
CDN_BASE_URL_CDN=https://<endpoint>.azureedge.net/images/
CDN_BASE_URL=${CDN_BASE_URL_CDN:-${CDN_BASE_URL_BLOB}}

Running Setup

Option 1: Complete Automation (Recommended)

./scripts/deploy/setup-azure-cdn-complete.sh

Option 2: Step-by-Step

# 1. Check quotas
./infra/scripts/azure-check-cdn-quotas.sh

# 2. Create infrastructure
./infra/scripts/azure-cdn-setup.sh

# 3. Upload files
./scripts/deploy/upload-seals-to-azure.sh

# 4. Update manifest URLs
source azure-cdn-config.env
CDN_BASE_URL="${CDN_BASE_URL_CDN}" ./scripts/deploy/update-manifest-seal-urls.sh

Expected Output

After successful setup:

  1. Resource group created
  2. Storage account created
  3. Container created with public access
  4. CDN profile created
  5. CDN endpoint created (may take 10-15 min)
  6. PNG files uploaded (17 files)
  7. Manifest templates updated
  8. Configuration file generated

URLs Generated

Blob Storage URL (Immediate)

https://<storage-account>.blob.core.windows.net/images/

CDN URL (After Propagation)

https://<cdn-endpoint>.azureedge.net/images/

Note: CDN endpoint takes 10-15 minutes to fully propagate globally.

Verification Commands

# Check resource group
az group show --name the-order-cdn-rg

# Check storage account
az storage account show --name <storage-account> --resource-group the-order-cdn-rg

# Check container
az storage container show \
  --name images \
  --account-name <storage-account> \
  --account-key <key>

# Check CDN endpoint
az cdn endpoint show \
  --name theorder-cdn-endpoint \
  --profile-name theorder-cdn-profile \
  --resource-group the-order-cdn-rg

# Test file access
curl -I https://<storage-account>.blob.core.windows.net/images/digital-bank-seal.png

Cost Estimate

Monthly Costs (West Europe):

  • Storage: ~$0.0001/month (3.4MB total)
  • CDN: First 5GB free, then ~$0.04/GB
  • Total: ~$0-5/month depending on traffic

Security

  • HTTPS enforced (TLS 1.2+)
  • Public blob read access only (no write)
  • CORS configured for cross-origin requests
  • Storage keys stored securely (use Key Vault in production)

Next Steps After Setup

  1. Verify files are accessible
  2. Test credential issuance with new URLs
  3. Monitor CDN usage in Azure Portal
  4. Set up custom domain (optional)
  5. Configure alerts for quota limits

Status: All components prepared, quotas verified
Ready to Run: ./scripts/deploy/setup-azure-cdn-complete.sh
Last Updated: [Current Date]

Reference in New Issue View Git Blame Copy Permalink