the_order/docs/deployment/automation/seal-deployment.md

# Seal Deployment Automation Guide

Complete automation for Order of St John credential seal deployment.

## Quick Start

**One-Command Deployment:**
```bash
./scripts/deploy/complete-seal-deployment.sh
```

This automates:
1. ✅ SVG to PNG conversion (all sizes)
2. ✅ File validation
3. ✅ Manifest generation
4. ✅ Deployment checklist
5. ✅ Summary report

## Automation Scripts

### 1. Complete Seal Preparation
**Script**: `scripts/deploy/prepare-all-credential-seals.sh`

Converts all SVG seals to PNG in multiple sizes:
- 200x200px (for credentials)
- 400x400px (high-res)
- 800x800px (print)

**Usage:**
```bash
./scripts/deploy/prepare-all-credential-seals.sh
```

**Output:**
- PNG files in `assets/credential-images/png/`
- File manifest
- Validation report
- CDN upload script template

### 2. Seal Validation
**Script**: `scripts/validation/validate-seal-files.sh`

Validates:
- SVG file structure
- Maltese Cross presence
- OSJ references
- PNG file integrity
- File sizes
- Manifest template references

**Usage:**
```bash
./scripts/validation/validate-seal-files.sh
```

### 3. Complete Deployment
**Script**: `scripts/deploy/complete-seal-deployment.sh`

Orchestrates all steps:
1. Prepare seals (convert SVG to PNG)
2. Validate files
3. Generate deployment checklist
4. Create summary report

**Usage:**
```bash
./scripts/deploy/complete-seal-deployment.sh
```

### 4. Update Manifest URLs
**Script**: `scripts/deploy/update-manifest-seal-urls.sh`

Updates manifest templates with CDN URLs after upload.

**Usage:**
```bash
# Default CDN
./scripts/deploy/update-manifest-seal-urls.sh

# Custom CDN
CDN_BASE_URL=https://your-cdn.com/images ./scripts/deploy/update-manifest-seal-urls.sh
```

## Workflow

### Step 1: Prepare Seals
```bash
./scripts/deploy/prepare-all-credential-seals.sh
```

This creates:
- PNG files in all required sizes
- File manifest
- Validation report
- Upload script template

### Step 2: Validate
```bash
./scripts/validation/validate-seal-files.sh
```

Checks:
- All required seals exist
- SVG structure is valid
- PNG files are valid
- File sizes are appropriate

### Step 3: Review
Review generated files:
- `assets/credential-images/png/MANIFEST.txt`
- `assets/credential-images/png/VALIDATION_REPORT.txt`
- Check PNG quality

### Step 4: Upload to CDN
```bash
cd assets/credential-images/png
./upload-to-cdn.sh
```

Or manually upload to your CDN provider.

### Step 5: Update Manifests
```bash
./scripts/deploy/update-manifest-seal-urls.sh
```

Updates all manifest templates with CDN URLs.

### Step 6: Test
- Issue test credentials
- Verify seals display correctly
- Test all credential types

## File Structure

```
assets/credential-images/
├── svg/                          # Source SVG files
│   ├── digital-bank-seal.svg
│   ├── iccc-seal.svg
│   ├── iccc-provost-marshals-seal.svg
│   └── diplomatic-security-seal.svg
├── png/                          # Generated PNG files
│   ├── digital-bank-seal.png
│   ├── digital-bank-seal-200x200.png
│   ├── digital-bank-seal-400x400.png
│   ├── digital-bank-seal-800x800.png
│   ├── ... (other seals)
│   ├── MANIFEST.txt
│   ├── VALIDATION_REPORT.txt
│   ├── upload-to-cdn.sh
│   └── UPLOAD_INSTRUCTIONS.md
├── DEPLOYMENT_CHECKLIST.md
└── DEPLOYMENT_SUMMARY.md
```

## Dependencies

### Required
- Bash 4.0+
- SVG files in `assets/credential-images/svg/`

### Optional (for conversion)
- **ImageMagick** (recommended):
  ```bash
  sudo apt-get install imagemagick  # Linux
  brew install imagemagick          # macOS
  ```

- **Inkscape**:
  ```bash
  sudo apt-get install inkscape     # Linux
  brew install inkscape              # macOS
  ```

- **Node.js with sharp**:
  ```bash
  pnpm add sharp
  ```

## CDN Configuration

### AWS S3 Example
```bash
# In upload-to-cdn.sh
aws s3 cp digital-bank-seal.png s3://your-bucket/images/digital-bank-seal.png --acl public-read
```

### Azure Blob Storage Example
```bash
# In upload-to-cdn.sh
az storage blob upload --file digital-bank-seal.png --container-name images --name digital-bank-seal.png --account-name your-account
```

### Cloudflare R2 Example
```bash
# In upload-to-cdn.sh
rclone copy digital-bank-seal.png r2:images/digital-bank-seal.png
```

## Environment Variables

Set CDN base URL:
```bash
export CDN_BASE_URL=https://cdn.theorder.org/images
```

Or inline:
```bash
CDN_BASE_URL=https://your-cdn.com/images ./scripts/deploy/update-manifest-seal-urls.sh
```

## Troubleshooting

### Conversion Fails
- Install ImageMagick, Inkscape, or sharp
- Check SVG files are valid
- Verify file permissions

### Validation Warnings
- Review warnings in validation report
- Check SVG structure
- Verify PNG files are valid

### CDN Upload Issues
- Verify CDN credentials
- Check file permissions
- Ensure HTTPS is configured

## Best Practices

1. **Always validate** after conversion
2. **Review PNG quality** before deployment
3. **Test in wallets** before production
4. **Use HTTPS** for all CDN URLs
5. **Optimize file sizes** (<100KB recommended)
6. **Version control** SVG source files
7. **Document changes** in deployment summary

## Automation Summary

| Task | Script | Status |
|------|--------|--------|
| SVG to PNG conversion | `prepare-all-credential-seals.sh` | ✅ Automated |
| File validation | `validate-seal-files.sh` | ✅ Automated |
| Manifest URL updates | `update-manifest-seal-urls.sh` | ✅ Automated |
| Complete deployment | `complete-seal-deployment.sh` | ✅ Automated |
| CDN upload | `upload-to-cdn.sh` | ⚠️ Template (customize) |

## Next Steps After Automation

1. ✅ Review generated PNG files
2. ✅ Customize CDN upload script
3. ✅ Upload to CDN
4. ✅ Update manifest URLs
5. ✅ Test credential issuance
6. ✅ Deploy to production

---

**Last Updated**: [Current Date]  
**Automation Status**: ✅ Complete