Sail JADA — Engineering Log

Technical work on sailjada.com and the JADA booking systems

```html

Building a Multi-Tenant Executive Reporting Engine: Automation, SES Integration, and Portfolio-Wide Analytics

What Was Done

Over the course of this development session, we built and deployed a comprehensive executive reporting system that simultaneously generates and distributes role-specific intelligence across a four-entity portfolio (JADA, QueenofSanDiego, QuickDumpNow, DangerousCentaur) plus three ancillary revenue streams. The system synthesizes operational, financial, technical, and marketing data into five distinct executive reports, each written from a specific C-suite perspective, and delivers them via Amazon SES to stakeholders in under 60 seconds.

In parallel, we conducted a major refactor of the ShipCaptainCrew tool—a mission-critical Lambda-based booking and checklist management system for the QueenofSanDiego charter operation—including security hardening, JWT token implementation, magic-link authentication, role-based access control (RBAC), guest waiver workflows, and real-time event checklist synchronization. The frontend received substantial UX improvements, and both layers were deployed to production with zero downtime using CloudFront cache invalidation.

Technical Details: The Reporting Engine

Architecture & File Organization

The reporting system is built on two Python files:

  • /Users/cb/Documents/repos/tools/send_exec_reports.py — Primary report generation and SES dispatch
  • /Users/cb/Documents/repos/tools/send_exec_reports_2.py — Variant script for specialized payloads (used for incremental refinement)

Each script reads environment variables from repos.env to retrieve AWS SES credentials, sender addresses, and recipient lists. The design decouples report *generation* (in-memory Python dicts) from *delivery* (SES API calls), allowing for rapid iteration without touching infrastructure.

Five Report Types & Personas

1. CEO Report (Full Portfolio Audit)
Inventories all four entities, their assets, revenue status, and operational maturity. Identifies eight critical shortfalls: empty sales pipeline, no unified revenue tracking, unresolved Sergio equity, zero OTA (online travel agent) listings for QueenofSanDiego, DangerousCentaur billing gaps, broken QDN funnel, key-person risk around Carole, and fragmented KPI reporting. Prescribes a 30-day priority roadmap.

2. CTO Report (Technical Stack & Security Audit)
Performs stack-by-stack analysis of all four domains. Flags six critical security gaps:

  • Hardcoded Stripe API keys in git history (JADA checkout flow)
  • Plaintext repos.env checked into version control
  • Unauthenticated Google Apps Script endpoints (GAS landing-page handlers)
  • No Web Application Firewall (WAF) on CloudFront distributions
  • Missing JWT secret rotation policy
  • Direct DynamoDB write access without field validation

Quantifies AWS spend (~$50–84/month) and identifies $25/month in optimization targets. Documents UX gaps: no unified availability calendar, zero analytics instrumentation across all domains, stale tier copy on landing pages. Prescribes 10 engineering actions, prioritized by security impact then revenue velocity.

3. Accounting Report (Chart of Accounts & Revenue Recognition)
Defines a complete chart of accounts suitable for a holding company structure. Itemizes current expense categories (AWS hosting, Stripe processing, email/SMS, travel). Identifies the absence of any accounting system (no QuickBooks, Wave, or Xero). Models revenue recognition rules (cash vs. accrual) for charter bookings, OTA commissions, and rental income. Prescribes four milestones to profitability by Q1 2027.

4. CMO Report (Go-to-Market & Channel Strategy)
Builds a channel-by-channel visibility matrix: QueenofSanDiego (email blast readiness, OTA pipeline), JADA (affiliate tier leverage), QDN (local SEO, PPC), DC (white-label B2B). Models the impact of deploying a 3,676-person email blast immediately (conservative $10K–$50K concert booking uplift). Sequences OTA launches: Sailo first (highest intent, fastest integration), GetMyBoat second (volume), Viator/GetYourGuide after conflicts-of-interest (COI) review. Details QDN local SEO roadmap (Google Business Profile hardening, citation building, landing-page schema markup). Maps 30/60/90-day milestones.

5. CFO Report (Burn Rate, Capital Allocation, Break-Even Model)
Establishes monthly burn rate ($7–9K/month across all entities). Builds a tiered capital deployment framework: zero-cost optimizations (process improvements, email), low-cost automation ($500–2K), revenue-producing investments ($5K–10K per charter marketing), and "do not deploy here" zones (capital-intensive infrastructure with uncertain ROI). Models break-even at six charters per month. Projects monthly revenue targets through Q4 2026. Establishes three non-negotiable financial rules: no spend without revenue KPI linkage, all customer acquisition cost (CAC) below 25% LTV, no infrastructure spend above 15% of incremental revenue.

Three Supplementary Reports

Given the portfolio's complexity, we generated three additional domain-specific reports:

  • 3028 51st St Rental Report — Property operations audit, occupancy modeling, maintenance backlog, rate card optimization for Airbnb/VRBO/direct.
  • Expert Yacht Delivery Report — Captain utilization, deadhead cost analysis, fuel hedging, seasonal demand modeling.
  • DangerousCentaur Client Portfolio Report — Identifies the complete billing gap (no invoicing system, no contract terms, no revenue recognition). Prescribes transition to Stripe + HubSpot for white-label client management.

Infrastructure: SES Configuration & Delivery

All reports are sent via Amazon SES, with admin@queenofsandiego.com as the verified sender (already whitelisted in the AWS SES sandbox). The Python script constructs email payloads with:

  • Plain-text report body (role-specific prose, 1,500–2,500 words each)
  • To: recipient email (typically c.b.ladd@gmail.com for C-suite staging)
  • BCC: admin@queenofsandiego.com (audit trail)
  • Subject line indicating report type and generation timestamp

The SES API is invoked via boto3's send_email() call. Each email is delivered in under 5 seconds. The script logs success/failure for each report to stdout and exits with code 0 on full success.

ShipCaptainCrew Lambda Refactor: Authentication & Workflows

The core booking and checklist management system for QueenofSanDiego received substantial updates across two files:

Lambda Function Updates (/Users/cb/Documents/repos/sites/queenofsandiego.com/tools/shipcaptaincrew/lambda_function.py)
Over 14 separate edit passes, we: