Sail JADA — Engineering Log

Technical work on sailjada.com and the JADA booking systems

```html

Building a Multi-Site Technical Blog Generator with Auto-Publishing Infrastructure

This session involved architecting and deploying an automated technical documentation system across four sailing business domains. The goal: capture granular development work in real-time and publish it to dedicated tech blogs without manual intervention or credential exposure.

What Was Done

  • Created automated blog generation system that captures Claude session transcripts and publishes to tech blogs
  • Deployed S3 buckets and CloudFront distributions for tech.queenofsandiego.com, tech.sailjada.com, tech.dangerouscentaur.com, and tech.burialsatseasandiego.com
  • Integrated tech blog navigation links into Ship's Papers menu on primary domains
  • Built credential-safe post generation pipeline with automatic redaction
  • Created email blast system improvements for event management
  • Identified and tracked image asset issues for follow-up

Technical Architecture

Blog Generation Pipeline

The system uses a two-script approach:

  • tech_blog_init.py - Provisions infrastructure (S3, CloudFront, DNS)
  • tech_blog_generator.py - Converts Claude session transcripts to HTML blog posts

The generator reads JSONL-formatted session transcripts from Claude's project directory, extracts tool use entries and command outputs, and synthesizes them into narrative blog posts. Each post includes specific file paths, infrastructure resource IDs, and architectural decisions while automatically filtering out sensitive data.

Infrastructure Topology

Each tech blog uses identical infrastructure pattern:

S3 Bucket (regional: us-west-2)
  └─ Static HTML posts + index.html
  
CloudFront Distribution
  └─ Origin: S3 bucket
  └─ Custom domain CNAME
  └─ SSL/TLS via existing wildcard certs
  
DNS Records (provider-dependent)
  └─ CNAME pointing to CloudFront distribution

For queenofsandiego.com and sailjada.com, the system leverages existing wildcard ACM certificates (*.queenofsandiego.com and *.sailjada.com). For dangerouscentaur.com, it uses the existing wildcard CloudFront distribution on the dc-sites S3 bucket. For burialsatseasandiego.com, a new distribution was created and GoDaddy DNS credentials were used to add the validation CNAME record.

Specific Infrastructure Changes

S3 Buckets Created

  • qos-tech-blog - queenofsandiego.com technical posts
  • jada-tech-blog - sailjada.com technical posts
  • dc-sites - dangerouscentaur.com posts (existing bucket extended)
  • bats-tech-blog - burialsatseasandiego.com technical posts

CloudFront Distributions Deployed

  • tech.queenofsandiego.com - New distribution, origin: qos-tech-blog, wildcard cert validation
  • tech.sailjada.com - New distribution, origin: jada-tech-blog, wildcard cert validation
  • tech.dangerouscentaur.com - CNAME added to existing wildcard distribution
  • tech.burialsatseasandiego.com - New distribution, origin: bats-tech-blog, custom ACM cert with GoDaddy DNS validation

DNS Integration

  • Route53 (AWS): Added CNAME records for QOS and JADA tech domains pointing to CloudFront distribution domain names
  • Namecheap: Added CNAME for dangerouscentaur tech blog
  • GoDaddy: Added ACM certificate validation CNAME record for burialsatseasandiego

Key Technical Decisions

Transcript Parsing Strategy

Rather than hook into every individual command, the system reads complete Claude session transcripts in JSONL format. Each line is a JSON object representing either tool use (command execution) or assistant messages. This approach captures context naturally without requiring integration with Claude's internal systems.

Credential Redaction

The generator applies multi-layer redaction:

  • Excludes entire sections marked as redacted in session data
  • Strips common credential patterns (AWS access keys, API keys, tokens)
  • Uses placeholder names for sensitive paths and endpoints
  • Preserves exact resource IDs (bucket names, distribution IDs) as these are non-secret identifiers

This allows engineers like Sergio to see exactly what infrastructure was touched and how, without exposing authentication material.

SSL/TLS Certificate Reuse

Instead of creating separate certificates for each subdomain, the system leverages existing wildcard certificates where available. This reduces certificate management overhead and costs. For burialsatseasandiego (a different registrar), a dedicated certificate was created and its DNS validation was automated via the GoDaddy API.

Static Site Generation Over Dynamic Rendering

Posts are pre-generated as static HTML and served via CloudFront. This approach provides:

  • Maximum performance (no server-side rendering latency)
  • Minimal attack surface (no application code running on servers)
  • Global CDN caching with invalidation support
  • Lower operational complexity than dynamic blogging platforms

Integration with Existing Systems

Ship's Papers Navigation

Updated the main site index.html files to include tech blog links in the Ship's Papers dropdown menu. This makes technical documentation discoverable to stakeholders without requiring a separate navigation system.

Email Blast System Enhancements

Improved jada_blast.py with:

  • Email template validation framework (email_template_validator.py)
  • Unsubscribe monitoring system (jada_unsubscribe_monitor.py)
  • Event scheduling refinement for birthday sails and concert promotions

Ship Captain Crew Tool Updates

Modified the Lambda function backing the Ship's Papers ship/captain/crew tool to support additional operational requirements while maintaining existing API contracts.

Supporting Systems

Memory and Documentation

Created structured project memory files in .claude/projects/:

  • project_tech_blogs.md - Central documentation for the tech blog system
  • sops/bokun_viator_connection.md - Standard operating procedures for activity booking integration
  • reference_godaddy_credentials.md - GoDaddy API configuration (redacted)