diff --git a/java_devops_cicd_enterprise.svg b/java_devops_cicd_enterprise.svg
new file mode 100644
index 00000000..5d13a7a5
--- /dev/null
+++ b/java_devops_cicd_enterprise.svg
@@ -0,0 +1,704 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1920 1600" width="1920" height="1600" font-family="'Segoe UI',Arial,sans-serif">
+<defs>
+  <marker id="arr" viewBox="0 0 10 10" refX="9" refY="5" markerWidth="7" markerHeight="7" orient="auto-start-reverse">
+    <path d="M1 1L9 5L1 9" fill="none" stroke="#6366f1" stroke-width="1.5" stroke-linecap="round" stroke-linejoin="round"/>
+  </marker>
+  <marker id="arr-g" viewBox="0 0 10 10" refX="9" refY="5" markerWidth="7" markerHeight="7" orient="auto-start-reverse">
+    <path d="M1 1L9 5L1 9" fill="none" stroke="#16a34a" stroke-width="1.5" stroke-linecap="round" stroke-linejoin="round"/>
+  </marker>
+  <marker id="arr-p" viewBox="0 0 10 10" refX="9" refY="5" markerWidth="7" markerHeight="7" orient="auto-start-reverse">
+    <path d="M1 1L9 5L1 9" fill="none" stroke="#7c3aed" stroke-width="1.5" stroke-linecap="round" stroke-linejoin="round"/>
+  </marker>
+  <linearGradient id="bg" x1="0" y1="0" x2="1" y2="1">
+    <stop offset="0%" stop-color="#f0f4ff"/>
+    <stop offset="100%" stop-color="#e8f0fe"/>
+  </linearGradient>
+  <linearGradient id="hdr" x1="0" y1="0" x2="1" y2="0">
+    <stop offset="0%" stop-color="#1e1b4b"/>
+    <stop offset="50%" stop-color="#312e81"/>
+    <stop offset="100%" stop-color="#1e1b4b"/>
+  </linearGradient>
+  <linearGradient id="g-blue" x1="0" y1="0" x2="0" y2="1">
+    <stop offset="0%" stop-color="#eff6ff"/>
+    <stop offset="100%" stop-color="#dbeafe"/>
+  </linearGradient>
+  <linearGradient id="g-green" x1="0" y1="0" x2="0" y2="1">
+    <stop offset="0%" stop-color="#f0fdf4"/>
+    <stop offset="100%" stop-color="#dcfce7"/>
+  </linearGradient>
+  <linearGradient id="g-orange" x1="0" y1="0" x2="0" y2="1">
+    <stop offset="0%" stop-color="#fff7ed"/>
+    <stop offset="100%" stop-color="#ffedd5"/>
+  </linearGradient>
+  <linearGradient id="g-purple" x1="0" y1="0" x2="0" y2="1">
+    <stop offset="0%" stop-color="#faf5ff"/>
+    <stop offset="100%" stop-color="#ede9fe"/>
+  </linearGradient>
+  <linearGradient id="g-gray" x1="0" y1="0" x2="0" y2="1">
+    <stop offset="0%" stop-color="#f8fafc"/>
+    <stop offset="100%" stop-color="#f1f5f9"/>
+  </linearGradient>
+  <linearGradient id="g-swarm" x1="0" y1="0" x2="0" y2="1">
+    <stop offset="0%" stop-color="#fefce8"/>
+    <stop offset="100%" stop-color="#fef9c3"/>
+  </linearGradient>
+  <linearGradient id="g-manager" x1="0" y1="0" x2="0" y2="1">
+    <stop offset="0%" stop-color="#fff1f2"/>
+    <stop offset="100%" stop-color="#ffe4e6"/>
+  </linearGradient>
+  <linearGradient id="g-worker" x1="0" y1="0" x2="0" y2="1">
+    <stop offset="0%" stop-color="#f0f9ff"/>
+    <stop offset="100%" stop-color="#e0f2fe"/>
+  </linearGradient>
+  <filter id="sh1" x="-8%" y="-20%" width="116%" height="140%">
+    <feDropShadow dx="0" dy="2" stdDeviation="4" flood-color="#00000012"/>
+  </filter>
+  <filter id="sh2" x="-4%" y="-3%" width="108%" height="106%">
+    <feDropShadow dx="0" dy="6" stdDeviation="16" flood-color="#6366f110"/>
+  </filter>
+  <filter id="sh3" x="-6%" y="-8%" width="112%" height="116%">
+    <feDropShadow dx="0" dy="3" stdDeviation="8" flood-color="#00000010"/>
+  </filter>
+  <pattern id="grid" width="40" height="40" patternUnits="userSpaceOnUse">
+    <path d="M40 0L0 0 0 40" fill="none" stroke="#6366f1" stroke-width=".25" opacity=".1"/>
+  </pattern>
+  <style>
+    @keyframes dash  { to { stroke-dashoffset:-20; } }
+    .flow   { stroke-dasharray:6 4; animation:dash 1.4s linear infinite; }
+    .flow-g { stroke-dasharray:6 4; animation:dash 1.7s linear infinite; }
+    .flow-p { stroke-dasharray:6 4; animation:dash 1.2s linear infinite; }
+    @keyframes blink { 0%,100%{opacity:1} 50%{opacity:.2} }
+    .bl  { animation:blink 2s   ease-in-out infinite; }
+    .bl2 { animation:blink 2.6s ease-in-out infinite .6s; }
+    @keyframes spin { from{transform-origin:50% 50%;transform:rotate(0deg)} to{transform:rotate(360deg)} }
+  </style>
+</defs>
+
+<!-- ═══ BACKGROUND ═══ -->
+<rect width="1920" height="1600" fill="url(#bg)"/>
+<rect width="1920" height="1600" fill="url(#grid)"/>
+
+<!-- ═══ HEADER ═══ -->
+<rect x="0" y="0" width="1920" height="70" fill="url(#hdr)"/>
+<text x="960" y="27" text-anchor="middle" font-size="19" font-weight="700" fill="white" letter-spacing=".8">ENTERPRISE DevOps CI/CD Pipeline Architecture — Java Web Application</text>
+<text x="960" y="50" text-anchor="middle" font-size="11" fill="#a5b4fc" letter-spacing="1.4">Jenkins  ·  GitHub  ·  SonarQube  ·  Apache Maven  ·  Nexus  ·  Docker  ·  Trivy  ·  Docker Hub  ·  Docker Stack  ·  Swarm (1 Manager + 3 Workers)  ·  SMTP</text>
+<rect x="0" y="68" width="1920" height="2" fill="#6366f1" opacity=".6"/>
+<rect x="0" y="70" width="1920" height="1" fill="#818cf8" opacity=".3"/>
+
+<!-- ═══════════════════════════════════════════════════
+     LEFT PANEL — JENKINS PIPELINE  x=22 y=82 w=942 h=1490
+     ═══════════════════════════════════════════════════ -->
+<rect x="22" y="82" width="942" height="1490" rx="18" fill="#fffbf7" stroke="#f97316" stroke-width="1.5" filter="url(#sh2)"/>
+<rect x="82" y="74" width="228" height="20" rx="6" fill="#fff7ed" stroke="#fed7aa" stroke-width="1"/>
+<text x="196" y="88" text-anchor="middle" font-size="10" font-weight="700" fill="#c2410c" letter-spacing=".8">JENKINS CI/CD ORCHESTRATOR</text>
+
+<!-- ── S1: DEVELOPER  y=90 ── -->
+<rect x="38" y="90" width="910" height="68" rx="11" fill="url(#g-gray)" stroke="#cbd5e1" stroke-width="1" filter="url(#sh1)"/>
+<rect x="50" y="102" width="46" height="44" rx="9" fill="#e2e8f0"/>
+<text x="73" y="130" text-anchor="middle" font-size="24">👨‍💻</text>
+<text x="108" y="115" font-size="13" font-weight="700" fill="#0f172a">Developer</text>
+<text x="108" y="131" font-size="10" fill="#475569">Writes Java code · commits to feature branch · raises pull request to main branch</text>
+<text x="108" y="147" font-size="10" fill="#64748b">git add . &amp;&amp; git commit -m "feat: add feature" &amp;&amp; git push origin feature/my-feature</text>
+<rect x="816" y="103" width="118" height="18" rx="9" fill="#e2e8f0" stroke="#cbd5e1" stroke-width="1"/>
+<text x="875" y="116" text-anchor="middle" font-size="9" font-weight="700" fill="#475569">SOURCE TRIGGER</text>
+<circle cx="875" cy="141" r="4" fill="#22c55e" class="bl"/><text x="884" y="145" font-size="9" fill="#16a34a">Active</text>
+
+<!-- arrow -->
+<line x1="493" y1="158" x2="493" y2="182" stroke="#6366f1" stroke-width="2" class="flow" marker-end="url(#arr)"/>
+<rect x="448" y="165" width="90" height="12" rx="6" fill="white" opacity=".85"/>
+<text x="493" y="175" text-anchor="middle" font-size="9" fill="#4f46e5">git push / webhook</text>
+<circle r="3.5" fill="#818cf8"><animateMotion dur="1.8s" repeatCount="indefinite" path="M 493 158 L 493 182"/><animate attributeName="opacity" values="0;1;1;0" dur="1.8s" repeatCount="indefinite"/></circle>
+
+<!-- ── S2: GITHUB SCM  y=182 ── -->
+<rect x="38" y="182" width="910" height="72" rx="11" fill="url(#g-orange)" stroke="#fdba74" stroke-width="1.5" filter="url(#sh1)"/>
+<rect x="50" y="194" width="46" height="48" rx="9" fill="#ffedd5"/>
+<svg x="54" y="198" width="38" height="38" viewBox="0 0 24 24"><path fill="#c2410c" d="M12 0C5.37 0 0 5.37 0 12c0 5.31 3.44 9.8 8.21 11.39.6.11.82-.26.82-.57v-2.23c-3.01.55-3.8-.73-4.04-1.41-.13-.34-.72-1.41-1.23-1.7-.42-.22-1.02-.77-.01-.79.94-.01 1.62.87 1.85 1.23 1.08 1.82 2.8 1.3 3.49.99.11-.78.42-1.3.77-1.6-2.67-.3-5.46-1.33-5.46-5.93 0-1.3.47-2.38 1.23-3.22-.12-.3-.54-1.53.12-3.18 0 0 1-.31 3.3 1.23a11.5 11.5 0 016 0c2.3-1.54 3.3-1.23 3.3-1.23.66 1.65.24 2.88.12 3.18.77.84 1.23 1.91 1.23 3.22 0 4.61-2.81 5.63-5.48 5.93.44.38.82 1.1.82 2.22v3.3c0 .31.22.68.83.57A12.02 12.02 0 0024 12c0-6.63-5.37-12-12-12z"/></svg>
+<text x="108" y="207" font-size="13" font-weight="700" fill="#7c2d12">GitHub — Source Control Management (SCM)</text>
+<text x="108" y="223" font-size="10" fill="#92400e">Repository hosting · branch strategy (main/develop/feature/*) · PR merge triggers Jenkins webhook</text>
+<text x="108" y="239" font-size="10" fill="#b45309">Webhook: POST https://jenkins:8080/github-webhook/ · Events: push, pull_request merged to main</text>
+<rect x="808" y="195" width="128" height="18" rx="9" fill="#ffedd5" stroke="#fdba74" stroke-width="1"/>
+<text x="872" y="208" text-anchor="middle" font-size="9" font-weight="700" fill="#c2410c">SCM · WEBHOOK</text>
+<circle cx="872" cy="234" r="4" fill="#22c55e" class="bl2"/><text x="881" y="238" font-size="9" fill="#16a34a">Connected</text>
+
+<!-- arrow -->
+<line x1="493" y1="254" x2="493" y2="278" stroke="#6366f1" stroke-width="2" class="flow" marker-end="url(#arr)"/>
+<rect x="440" y="261" width="106" height="12" rx="6" fill="white" opacity=".85"/>
+<text x="493" y="271" text-anchor="middle" font-size="9" fill="#4f46e5">Jenkins job triggered</text>
+<circle r="3.5" fill="#818cf8"><animateMotion dur="1.8s" begin="0.3s" repeatCount="indefinite" path="M 493 254 L 493 278"/><animate attributeName="opacity" values="0;1;1;0" dur="1.8s" begin="0.3s" repeatCount="indefinite"/></circle>
+
+<!-- ── S3: OBTAIN CODE  y=278 ── -->
+<rect x="38" y="278" width="910" height="72" rx="11" fill="url(#g-blue)" stroke="#93c5fd" stroke-width="1.5" filter="url(#sh1)"/>
+<rect x="50" y="290" width="46" height="48" rx="9" fill="#dbeafe"/>
+<text x="73" y="320" text-anchor="middle" font-size="24">📥</text>
+<text x="108" y="303" font-size="13" font-weight="700" fill="#1e3a8a">Obtain Code — Jenkins Checkout Stage</text>
+<text x="108" y="319" font-size="10" fill="#1e40af">Jenkins clones the repository · reads Jenkinsfile · initialises workspace · sets env variables</text>
+<text x="108" y="335" font-size="10" fill="#3b82f6">stage('Checkout') { git branch:'main', credentialsId:'github-creds', url:env.GIT_URL }</text>
+<rect x="812" y="291" width="120" height="18" rx="9" fill="#dbeafe" stroke="#93c5fd" stroke-width="1"/>
+<text x="872" y="304" text-anchor="middle" font-size="9" font-weight="700" fill="#1d4ed8">JENKINS STAGE 1</text>
+<circle cx="872" cy="330" r="4" fill="#22c55e" class="bl"/><text x="881" y="334" font-size="9" fill="#16a34a">Stage OK</text>
+
+<!-- arrow -->
+<line x1="493" y1="350" x2="493" y2="374" stroke="#6366f1" stroke-width="2" class="flow" marker-end="url(#arr)"/>
+<rect x="452" y="357" width="82" height="12" rx="6" fill="white" opacity=".85"/>
+<text x="493" y="367" text-anchor="middle" font-size="9" fill="#4f46e5">source ready</text>
+<circle r="3.5" fill="#818cf8"><animateMotion dur="1.8s" begin="0.6s" repeatCount="indefinite" path="M 493 350 L 493 374"/><animate attributeName="opacity" values="0;1;1;0" dur="1.8s" begin="0.6s" repeatCount="indefinite"/></circle>
+
+<!-- ── S4: SONARQUBE CQA  y=374 ── -->
+<rect x="38" y="374" width="910" height="86" rx="11" fill="url(#g-green)" stroke="#86efac" stroke-width="1.5" filter="url(#sh1)"/>
+<rect x="50" y="386" width="46" height="60" rx="9" fill="#dcfce7"/>
+<text x="73" y="423" text-anchor="middle" font-size="24">🔍</text>
+<text x="108" y="399" font-size="13" font-weight="700" fill="#14532d">SonarQube — Code Quality Analysis (CQA)</text>
+<text x="108" y="415" font-size="10" fill="#15803d">Static code analysis · detects bugs, vulnerabilities, code smells · enforces quality gate thresholds</text>
+<text x="108" y="431" font-size="10" fill="#16a34a">mvn sonar:sonar -Dsonar.host.url=$SONAR_URL -Dsonar.login=$SONAR_TOKEN -Dsonar.projectKey=myapp</text>
+<text x="108" y="447" font-size="10" fill="#4ade80">Quality gate: coverage &gt;= 80% · duplications &lt; 3% · 0 blocker/critical bugs · &lt; 10 major smells</text>
+<rect x="490" y="382" width="78" height="16" rx="8" fill="#dcfce7" stroke="#86efac" stroke-width="1"/>
+<text x="529" y="394" text-anchor="middle" font-size="8" font-weight="700" fill="#15803d">Coverage 82%</text>
+<rect x="576" y="382" width="66" height="16" rx="8" fill="#dcfce7" stroke="#86efac" stroke-width="1"/>
+<text x="609" y="394" text-anchor="middle" font-size="8" font-weight="700" fill="#15803d">0 Critical</text>
+<rect x="650" y="382" width="70" height="16" rx="8" fill="#dcfce7" stroke="#86efac" stroke-width="1"/>
+<text x="685" y="394" text-anchor="middle" font-size="8" font-weight="700" fill="#15803d">Gate: PASS</text>
+<rect x="812" y="387" width="120" height="18" rx="9" fill="#dcfce7" stroke="#86efac" stroke-width="1"/>
+<text x="872" y="400" text-anchor="middle" font-size="9" font-weight="700" fill="#15803d">QUALITY GATE</text>
+<circle cx="872" cy="440" r="4" fill="#22c55e" class="bl"/><text x="881" y="444" font-size="9" fill="#16a34a">Gate PASS</text>
+
+<!-- arrow -->
+<line x1="493" y1="460" x2="493" y2="484" stroke="#16a34a" stroke-width="2" class="flow-g" marker-end="url(#arr-g)"/>
+<rect x="448" y="467" width="90" height="12" rx="6" fill="white" opacity=".85"/>
+<text x="493" y="477" text-anchor="middle" font-size="9" fill="#15803d">quality passed</text>
+<circle r="3.5" fill="#4ade80"><animateMotion dur="1.8s" begin="0.9s" repeatCount="indefinite" path="M 493 460 L 493 484"/><animate attributeName="opacity" values="0;1;1;0" dur="1.8s" begin="0.9s" repeatCount="indefinite"/></circle>
+
+<!-- ── S5: MAVEN BUILD  y=484 ── -->
+<rect x="38" y="484" width="910" height="86" rx="11" fill="url(#g-blue)" stroke="#93c5fd" stroke-width="1.5" filter="url(#sh1)"/>
+<rect x="50" y="496" width="46" height="60" rx="9" fill="#dbeafe"/>
+<text x="73" y="533" text-anchor="middle" font-size="24">⚙️</text>
+<text x="108" y="509" font-size="13" font-weight="700" fill="#1e3a8a">Apache Maven — Build the Code</text>
+<text x="108" y="525" font-size="10" fill="#1e40af">Compiles Java source · runs unit &amp; integration tests · packages artifact (JAR/WAR) · generates reports</text>
+<text x="108" y="541" font-size="10" fill="#3b82f6">mvn clean package -DskipTests=false -Dmaven.test.failure.ignore=false -Pproduction</text>
+<text x="108" y="557" font-size="10" fill="#60a5fa">Output: target/webapp-1.0.${BUILD_NUMBER}.jar · surefire-reports/ · jacoco coverage report</text>
+<rect x="490" y="492" width="58" height="16" rx="8" fill="#dbeafe" stroke="#93c5fd" stroke-width="1"/>
+<text x="519" y="504" text-anchor="middle" font-size="8" font-weight="700" fill="#1d4ed8">compile</text>
+<rect x="556" y="492" width="46" height="16" rx="8" fill="#dbeafe" stroke="#93c5fd" stroke-width="1"/>
+<text x="579" y="504" text-anchor="middle" font-size="8" font-weight="700" fill="#1d4ed8">test</text>
+<rect x="610" y="492" width="60" height="16" rx="8" fill="#dbeafe" stroke="#93c5fd" stroke-width="1"/>
+<text x="640" y="504" text-anchor="middle" font-size="8" font-weight="700" fill="#1d4ed8">package</text>
+<rect x="678" y="492" width="52" height="16" rx="8" fill="#dbeafe" stroke="#93c5fd" stroke-width="1"/>
+<text x="704" y="504" text-anchor="middle" font-size="8" font-weight="700" fill="#1d4ed8">install</text>
+<rect x="812" y="497" width="120" height="18" rx="9" fill="#dbeafe" stroke="#93c5fd" stroke-width="1"/>
+<text x="872" y="510" text-anchor="middle" font-size="9" font-weight="700" fill="#1d4ed8">JENKINS STAGE 2</text>
+<circle cx="872" cy="546" r="4" fill="#22c55e" class="bl2"/><text x="881" y="550" font-size="9" fill="#16a34a">Build OK</text>
+
+<!-- arrow -->
+<line x1="493" y1="570" x2="493" y2="594" stroke="#6366f1" stroke-width="2" class="flow" marker-end="url(#arr)"/>
+<rect x="440" y="577" width="106" height="12" rx="6" fill="white" opacity=".85"/>
+<text x="493" y="587" text-anchor="middle" font-size="9" fill="#4f46e5">artifact generated</text>
+<circle r="3.5" fill="#818cf8"><animateMotion dur="1.8s" begin="1.2s" repeatCount="indefinite" path="M 493 570 L 493 594"/><animate attributeName="opacity" values="0;1;1;0" dur="1.8s" begin="1.2s" repeatCount="indefinite"/></circle>
+
+<!-- ── S6: NEXUS ARTIFACT  y=594 ── -->
+<rect x="38" y="594" width="910" height="72" rx="11" fill="url(#g-green)" stroke="#86efac" stroke-width="1.5" filter="url(#sh1)"/>
+<rect x="50" y="606" width="46" height="48" rx="9" fill="#dcfce7"/>
+<text x="73" y="636" text-anchor="middle" font-size="24">🗄️</text>
+<text x="108" y="619" font-size="13" font-weight="700" fill="#14532d">Nexus Repository Manager — Artifact Storage</text>
+<text x="108" y="635" font-size="10" fill="#15803d">Publishes versioned JAR/WAR to hosted Maven repo · manages dependency proxy · staging &amp; release</text>
+<text x="108" y="651" font-size="10" fill="#16a34a">mvn deploy → com.myapp:webapp:1.0.${BUILD_NUMBER} pushed to http://nexus:8081/repo/releases/</text>
+<rect x="812" y="607" width="120" height="18" rx="9" fill="#dcfce7" stroke="#86efac" stroke-width="1"/>
+<text x="872" y="620" text-anchor="middle" font-size="9" font-weight="700" fill="#15803d">ARTIFACT STORE</text>
+<circle cx="872" cy="646" r="4" fill="#22c55e" class="bl"/><text x="881" y="650" font-size="9" fill="#16a34a">Published</text>
+
+<!-- arrow -->
+<line x1="493" y1="666" x2="493" y2="690" stroke="#6366f1" stroke-width="2" class="flow" marker-end="url(#arr)"/>
+<rect x="452" y="673" width="82" height="12" rx="6" fill="white" opacity=".85"/>
+<text x="493" y="683" text-anchor="middle" font-size="9" fill="#4f46e5">artifact ready</text>
+<circle r="3.5" fill="#818cf8"><animateMotion dur="1.8s" begin="1.5s" repeatCount="indefinite" path="M 493 666 L 493 690"/><animate attributeName="opacity" values="0;1;1;0" dur="1.8s" begin="1.5s" repeatCount="indefinite"/></circle>
+
+<!-- ── S7: DOCKER BUILD  y=690 ── -->
+<rect x="38" y="690" width="910" height="86" rx="11" fill="url(#g-blue)" stroke="#93c5fd" stroke-width="1.5" filter="url(#sh1)"/>
+<rect x="50" y="702" width="46" height="60" rx="9" fill="#dbeafe"/>
+<text x="73" y="739" text-anchor="middle" font-size="24">🐳</text>
+<text x="108" y="715" font-size="13" font-weight="700" fill="#1e3a8a">Docker — Containerisation (App &amp; DB)</text>
+<text x="108" y="731" font-size="10" fill="#1e40af">Builds two Docker images: Web App container + Database container · multi-stage Dockerfile</text>
+<text x="108" y="747" font-size="10" fill="#3b82f6">docker build -t username/myapp:${BUILD_NUMBER} -t username/myapp:latest -f Dockerfile.app .</text>
+<text x="108" y="763" font-size="10" fill="#60a5fa">docker build -t username/mydb:${BUILD_NUMBER} -t username/mydb:latest -f Dockerfile.db .</text>
+<rect x="490" y="698" width="86" height="16" rx="8" fill="#dbeafe" stroke="#93c5fd" stroke-width="1"/>
+<text x="533" y="710" text-anchor="middle" font-size="8" font-weight="700" fill="#1d4ed8">App Image</text>
+<rect x="584" y="698" width="86" height="16" rx="8" fill="#ede9fe" stroke="#c4b5fd" stroke-width="1"/>
+<text x="627" y="710" text-anchor="middle" font-size="8" font-weight="700" fill="#6d28d9">DB Image</text>
+<rect x="812" y="703" width="120" height="18" rx="9" fill="#dbeafe" stroke="#93c5fd" stroke-width="1"/>
+<text x="872" y="716" text-anchor="middle" font-size="9" font-weight="700" fill="#1d4ed8">JENKINS STAGE 3</text>
+<circle cx="872" cy="752" r="4" fill="#22c55e" class="bl"/><text x="881" y="756" font-size="9" fill="#16a34a">Images Built</text>
+
+<!-- arrow -->
+<line x1="493" y1="776" x2="493" y2="800" stroke="#7c3aed" stroke-width="2" class="flow-p" marker-end="url(#arr-p)"/>
+<rect x="452" y="783" width="82" height="12" rx="6" fill="white" opacity=".85"/>
+<text x="493" y="793" text-anchor="middle" font-size="9" fill="#7c3aed">images built</text>
+<circle r="3.5" fill="#c084fc"><animateMotion dur="1.8s" begin="0.4s" repeatCount="indefinite" path="M 493 776 L 493 800"/><animate attributeName="opacity" values="0;1;1;0" dur="1.8s" begin="0.4s" repeatCount="indefinite"/></circle>
+
+<!-- ── S8: TRIVY SCAN  y=800 ── -->
+<rect x="38" y="800" width="910" height="86" rx="11" fill="url(#g-purple)" stroke="#c4b5fd" stroke-width="1.5" filter="url(#sh1)"/>
+<rect x="50" y="812" width="46" height="60" rx="9" fill="#ede9fe"/>
+<text x="73" y="849" text-anchor="middle" font-size="24">🛡️</text>
+<text x="108" y="825" font-size="13" font-weight="700" fill="#3b0764">Trivy — Image Security Vulnerability Scan</text>
+<text x="108" y="841" font-size="10" fill="#6d28d9">Scans App &amp; DB images for CVEs · OS packages · language deps · misconfigs · secrets detection</text>
+<text x="108" y="857" font-size="10" fill="#7c3aed">trivy image --exit-code 1 --severity HIGH,CRITICAL --format table username/myapp:${BUILD_NUMBER}</text>
+<text x="108" y="873" font-size="10" fill="#a78bfa">trivy image --exit-code 1 --severity HIGH,CRITICAL --format table username/mydb:${BUILD_NUMBER}</text>
+<rect x="490" y="808" width="80" height="16" rx="8" fill="#dcfce7" stroke="#86efac" stroke-width="1"/>
+<text x="530" y="820" text-anchor="middle" font-size="8" font-weight="700" fill="#15803d">0 CRITICAL</text>
+<rect x="578" y="808" width="76" height="16" rx="8" fill="#dcfce7" stroke="#86efac" stroke-width="1"/>
+<text x="616" y="820" text-anchor="middle" font-size="8" font-weight="700" fill="#15803d">2 MEDIUM</text>
+<rect x="662" y="808" width="76" height="16" rx="8" fill="#dcfce7" stroke="#86efac" stroke-width="1"/>
+<text x="700" y="820" text-anchor="middle" font-size="8" font-weight="700" fill="#15803d">SCAN PASS</text>
+<rect x="812" y="813" width="120" height="18" rx="9" fill="#ede9fe" stroke="#c4b5fd" stroke-width="1"/>
+<text x="872" y="826" text-anchor="middle" font-size="9" font-weight="700" fill="#6d28d9">SECURITY GATE</text>
+<circle cx="872" cy="862" r="4" fill="#22c55e" class="bl2"/><text x="881" y="866" font-size="9" fill="#16a34a">Scan PASS</text>
+
+<!-- arrow -->
+<line x1="493" y1="886" x2="493" y2="910" stroke="#6366f1" stroke-width="2" class="flow" marker-end="url(#arr)"/>
+<rect x="452" y="893" width="82" height="12" rx="6" fill="white" opacity=".85"/>
+<text x="493" y="903" text-anchor="middle" font-size="9" fill="#4f46e5">scan passed</text>
+<circle r="3.5" fill="#818cf8"><animateMotion dur="1.8s" begin="0.7s" repeatCount="indefinite" path="M 493 886 L 493 910"/><animate attributeName="opacity" values="0;1;1;0" dur="1.8s" begin="0.7s" repeatCount="indefinite"/></circle>
+
+<!-- ── S9: DOCKER HUB  y=910 ── -->
+<rect x="38" y="910" width="910" height="72" rx="11" fill="url(#g-blue)" stroke="#93c5fd" stroke-width="1.5" filter="url(#sh1)"/>
+<rect x="50" y="922" width="46" height="48" rx="9" fill="#dbeafe"/>
+<text x="73" y="952" text-anchor="middle" font-size="24">📦</text>
+<text x="108" y="937" font-size="13" font-weight="700" fill="#1e3a8a">Docker Hub — Container Registry</text>
+<text x="108" y="953" font-size="10" fill="#1e40af">Pushes scanned images to Docker Hub · version tag + latest tag · registry for Swarm deployment pull</text>
+<text x="108" y="969" font-size="10" fill="#3b82f6">docker push username/myapp:${BUILD_NUMBER} &amp;&amp; docker push username/mydb:${BUILD_NUMBER}</text>
+<rect x="812" y="923" width="120" height="18" rx="9" fill="#dbeafe" stroke="#93c5fd" stroke-width="1"/>
+<text x="872" y="936" text-anchor="middle" font-size="9" font-weight="700" fill="#1d4ed8">JENKINS STAGE 4</text>
+<circle cx="872" cy="962" r="4" fill="#22c55e" class="bl"/><text x="881" y="966" font-size="9" fill="#16a34a">Pushed</text>
+
+<!-- arrow -->
+<line x1="493" y1="982" x2="493" y2="1006" stroke="#16a34a" stroke-width="2" class="flow-g" marker-end="url(#arr-g)"/>
+<rect x="440" y="989" width="106" height="12" rx="6" fill="white" opacity=".85"/>
+<text x="493" y="999" text-anchor="middle" font-size="9" fill="#15803d">images available in registry</text>
+<circle r="3.5" fill="#4ade80"><animateMotion dur="1.8s" begin="0.2s" repeatCount="indefinite" path="M 493 982 L 493 1006"/><animate attributeName="opacity" values="0;1;1;0" dur="1.8s" begin="0.2s" repeatCount="indefinite"/></circle>
+
+<!-- ── S10: DOCKER STACK DEPLOY  y=1006 ── -->
+<rect x="38" y="1006" width="910" height="86" rx="11" fill="url(#g-green)" stroke="#86efac" stroke-width="1.5" filter="url(#sh1)"/>
+<rect x="50" y="1018" width="46" height="60" rx="9" fill="#dcfce7"/>
+<text x="73" y="1055" text-anchor="middle" font-size="24">🚀</text>
+<text x="108" y="1031" font-size="13" font-weight="700" fill="#14532d">Docker Stack — Deploy to Swarm Cluster</text>
+<text x="108" y="1047" font-size="10" fill="#15803d">Jenkins SSH into Swarm Manager · pulls images from Docker Hub · deploys stack · rolling update</text>
+<text x="108" y="1063" font-size="10" fill="#16a34a">docker stack deploy -c docker-compose.stack.yml myapp-stack --with-registry-auth</text>
+<text x="108" y="1079" font-size="10" fill="#4ade80">Services: myapp-stack_app (replica=2 across workers) · myapp-stack_db (replica=1 on manager)</text>
+<rect x="490" y="1014" width="80" height="16" rx="8" fill="#dcfce7" stroke="#86efac" stroke-width="1"/>
+<text x="530" y="1026" text-anchor="middle" font-size="8" font-weight="700" fill="#15803d">App x2</text>
+<rect x="578" y="1014" width="70" height="16" rx="8" fill="#ede9fe" stroke="#c4b5fd" stroke-width="1"/>
+<text x="613" y="1026" text-anchor="middle" font-size="8" font-weight="700" fill="#6d28d9">DB x1</text>
+<rect x="812" y="1019" width="120" height="18" rx="9" fill="#dcfce7" stroke="#86efac" stroke-width="1"/>
+<text x="872" y="1032" text-anchor="middle" font-size="9" font-weight="700" fill="#15803d">JENKINS STAGE 5</text>
+<circle cx="872" cy="1068" r="4" fill="#22c55e" class="bl"/><text x="881" y="1072" font-size="9" fill="#16a34a">Deployed</text>
+
+<!-- arrow into swarm cluster -->
+<line x1="493" y1="1092" x2="493" y2="1116" stroke="#16a34a" stroke-width="2" class="flow-g" marker-end="url(#arr-g)"/>
+<rect x="440" y="1099" width="106" height="12" rx="6" fill="white" opacity=".85"/>
+<text x="493" y="1109" text-anchor="middle" font-size="9" fill="#15803d">stack deployed to swarm</text>
+<circle r="3.5" fill="#4ade80"><animateMotion dur="1.8s" begin="0.5s" repeatCount="indefinite" path="M 493 1092 L 493 1116"/><animate attributeName="opacity" values="0;1;1;0" dur="1.8s" begin="0.5s" repeatCount="indefinite"/></circle>
+
+<!-- ══════════════════════════════════════════════════
+     DOCKER SWARM CLUSTER  y=1116  h=294
+     ══════════════════════════════════════════════════ -->
+<rect x="38" y="1116" width="910" height="294" rx="14" fill="url(#g-swarm)" stroke="#facc15" stroke-width="2" filter="url(#sh3)"/>
+<rect x="68" y="1108" width="210" height="20" rx="6" fill="#fefce8" stroke="#facc15" stroke-width="1"/>
+<text x="173" y="1122" text-anchor="middle" font-size="10" font-weight="700" fill="#a16207" letter-spacing=".6">DOCKER SWARM CLUSTER</text>
+
+<!-- Swarm cluster header row -->
+<text x="493" y="1140" text-anchor="middle" font-size="11" font-weight="700" fill="#78350f">1 Manager Node  ·  3 Worker Nodes  ·  Overlay Network: myapp-net</text>
+<rect x="38" y="1146" width="910" height="1" fill="#fde68a"/>
+
+<!-- ── MANAGER NODE  y=1154 w=208 ── -->
+<rect x="50" y="1154" width="208" height="244" rx="12" fill="url(#g-manager)" stroke="#fca5a5" stroke-width="1.5" filter="url(#sh1)"/>
+<rect x="50" y="1154" width="208" height="32" rx="12" fill="#fecdd3"/>
+<rect x="50" y="1170" width="208" height="16" fill="#fecdd3"/>
+<text x="154" y="1175" text-anchor="middle" font-size="10" font-weight="700" fill="#991b1b">⭐ MANAGER NODE</text>
+<rect x="50" y="1186" width="208" height="1" fill="#fca5a5"/>
+<text x="62" y="1202" font-size="9" font-weight="600" fill="#7f1d1d">Host: swarm-manager-01</text>
+<text x="62" y="1216" font-size="9" fill="#991b1b">IP: 192.168.1.10</text>
+<text x="62" y="1230" font-size="9" fill="#991b1b">Role: Leader · Raft consensus</text>
+<text x="62" y="1244" font-size="9" fill="#991b1b">OS: Ubuntu 22.04 LTS</text>
+<text x="62" y="1258" font-size="9" fill="#991b1b">Docker: 24.x Swarm Mode</text>
+<!-- DB container on manager -->
+<rect x="62" y="1268" width="184" height="54" rx="8" fill="#ede9fe" stroke="#c4b5fd" stroke-width="1"/>
+<rect x="62" y="1268" width="184" height="18" rx="8" fill="#ddd6fe"/>
+<rect x="62" y="1278" width="184" height="8" fill="#ddd6fe"/>
+<text x="154" y="1281" text-anchor="middle" font-size="9" font-weight="700" fill="#5b21b6">DB Container</text>
+<rect x="154" y="1278" width="0" height="0"/>
+<circle cx="228" cy="1277" r="3" fill="#22c55e" class="bl"/>
+<rect x="62" y="1286" width="184" height="1" fill="#c4b5fd"/>
+<text x="154" y="1298" text-anchor="middle" font-size="9" fill="#6d28d9">mydb:${BUILD_NUMBER}</text>
+<text x="154" y="1311" text-anchor="middle" font-size="8" fill="#7c3aed">Port 3306 · 1 replica</text>
+<text x="62" y="1336" font-size="9" fill="#92400e" font-style="italic">Manages cluster state</text>
+<text x="62" y="1350" font-size="9" fill="#92400e" font-style="italic">Schedules services</text>
+<text x="62" y="1364" font-size="9" fill="#92400e" font-style="italic">Raft quorum member</text>
+
+<!-- ── WORKER NODE 1  y=1154 x=272 ── -->
+<rect x="272" y="1154" width="208" height="244" rx="12" fill="url(#g-worker)" stroke="#7dd3fc" stroke-width="1.5" filter="url(#sh1)"/>
+<rect x="272" y="1154" width="208" height="32" rx="12" fill="#bae6fd"/>
+<rect x="272" y="1170" width="208" height="16" fill="#bae6fd"/>
+<text x="376" y="1175" text-anchor="middle" font-size="10" font-weight="700" fill="#075985">WORKER NODE 1</text>
+<rect x="272" y="1186" width="208" height="1" fill="#7dd3fc"/>
+<text x="284" y="1202" font-size="9" font-weight="600" fill="#0c4a6e">Host: swarm-worker-01</text>
+<text x="284" y="1216" font-size="9" fill="#075985">IP: 192.168.1.11</text>
+<text x="284" y="1230" font-size="9" fill="#075985">Role: Worker</text>
+<text x="284" y="1244" font-size="9" fill="#075985">OS: Ubuntu 22.04 LTS</text>
+<text x="284" y="1258" font-size="9" fill="#075985">Docker: 24.x Swarm Mode</text>
+<!-- App container on worker 1 -->
+<rect x="284" y="1268" width="184" height="54" rx="8" fill="#dbeafe" stroke="#93c5fd" stroke-width="1"/>
+<rect x="284" y="1268" width="184" height="18" rx="8" fill="#bfdbfe"/>
+<rect x="284" y="1278" width="184" height="8" fill="#bfdbfe"/>
+<text x="376" y="1281" text-anchor="middle" font-size="9" font-weight="700" fill="#1e3a8a">App Container</text>
+<circle cx="450" cy="1277" r="3" fill="#22c55e" class="bl"/>
+<rect x="284" y="1286" width="184" height="1" fill="#93c5fd"/>
+<text x="376" y="1298" text-anchor="middle" font-size="9" fill="#1e40af">myapp:${BUILD_NUMBER}</text>
+<text x="376" y="1311" text-anchor="middle" font-size="8" fill="#3b82f6">Port 8080 · replica 1/2</text>
+<text x="284" y="1336" font-size="9" fill="#0369a1" font-style="italic">Runs workloads only</text>
+<text x="284" y="1350" font-size="9" fill="#0369a1" font-style="italic">Accepts tasks from Mgr</text>
+<text x="284" y="1364" font-size="9" fill="#0369a1" font-style="italic">Health reported to Mgr</text>
+
+<!-- ── WORKER NODE 2  y=1154 x=494 ── -->
+<rect x="494" y="1154" width="208" height="244" rx="12" fill="url(#g-worker)" stroke="#7dd3fc" stroke-width="1.5" filter="url(#sh1)"/>
+<rect x="494" y="1154" width="208" height="32" rx="12" fill="#bae6fd"/>
+<rect x="494" y="1170" width="208" height="16" fill="#bae6fd"/>
+<text x="598" y="1175" text-anchor="middle" font-size="10" font-weight="700" fill="#075985">WORKER NODE 2</text>
+<rect x="494" y="1186" width="208" height="1" fill="#7dd3fc"/>
+<text x="506" y="1202" font-size="9" font-weight="600" fill="#0c4a6e">Host: swarm-worker-02</text>
+<text x="506" y="1216" font-size="9" fill="#075985">IP: 192.168.1.12</text>
+<text x="506" y="1230" font-size="9" fill="#075985">Role: Worker</text>
+<text x="506" y="1244" font-size="9" fill="#075985">OS: Ubuntu 22.04 LTS</text>
+<text x="506" y="1258" font-size="9" fill="#075985">Docker: 24.x Swarm Mode</text>
+<!-- App container on worker 2 -->
+<rect x="506" y="1268" width="184" height="54" rx="8" fill="#dbeafe" stroke="#93c5fd" stroke-width="1"/>
+<rect x="506" y="1268" width="184" height="18" rx="8" fill="#bfdbfe"/>
+<rect x="506" y="1278" width="184" height="8" fill="#bfdbfe"/>
+<text x="598" y="1281" text-anchor="middle" font-size="9" font-weight="700" fill="#1e3a8a">App Container</text>
+<circle cx="672" cy="1277" r="3" fill="#22c55e" class="bl2"/>
+<rect x="506" y="1286" width="184" height="1" fill="#93c5fd"/>
+<text x="598" y="1298" text-anchor="middle" font-size="9" fill="#1e40af">myapp:${BUILD_NUMBER}</text>
+<text x="598" y="1311" text-anchor="middle" font-size="8" fill="#3b82f6">Port 8080 · replica 2/2</text>
+<text x="506" y="1336" font-size="9" fill="#0369a1" font-style="italic">Runs workloads only</text>
+<text x="506" y="1350" font-size="9" fill="#0369a1" font-style="italic">Accepts tasks from Mgr</text>
+<text x="506" y="1364" font-size="9" fill="#0369a1" font-style="italic">Health reported to Mgr</text>
+
+<!-- ── WORKER NODE 3  y=1154 x=716 ── -->
+<rect x="716" y="1154" width="208" height="244" rx="12" fill="url(#g-worker)" stroke="#7dd3fc" stroke-width="1.5" filter="url(#sh1)"/>
+<rect x="716" y="1154" width="208" height="32" rx="12" fill="#bae6fd"/>
+<rect x="716" y="1170" width="208" height="16" fill="#bae6fd"/>
+<text x="820" y="1175" text-anchor="middle" font-size="10" font-weight="700" fill="#075985">WORKER NODE 3</text>
+<rect x="716" y="1186" width="208" height="1" fill="#7dd3fc"/>
+<text x="728" y="1202" font-size="9" font-weight="600" fill="#0c4a6e">Host: swarm-worker-03</text>
+<text x="728" y="1216" font-size="9" fill="#075985">IP: 192.168.1.13</text>
+<text x="728" y="1230" font-size="9" fill="#075985">Role: Worker</text>
+<text x="728" y="1244" font-size="9" fill="#075985">OS: Ubuntu 22.04 LTS</text>
+<text x="728" y="1258" font-size="9" fill="#075985">Docker: 24.x Swarm Mode</text>
+<!-- Standby / spare on worker 3 -->
+<rect x="728" y="1268" width="184" height="54" rx="8" fill="#f0f9ff" stroke="#bae6fd" stroke-width="1" stroke-dasharray="4 2"/>
+<rect x="728" y="1268" width="184" height="18" rx="8" fill="#e0f2fe"/>
+<rect x="728" y="1278" width="184" height="8" fill="#e0f2fe"/>
+<text x="820" y="1281" text-anchor="middle" font-size="9" font-weight="700" fill="#0369a1">Standby / Scale-out</text>
+<circle cx="894" cy="1277" r="3" fill="#f59e0b" class="bl"/>
+<rect x="728" y="1286" width="184" height="1" fill="#bae6fd"/>
+<text x="820" y="1298" text-anchor="middle" font-size="9" fill="#0369a1">Ready for new replica</text>
+<text x="820" y="1311" text-anchor="middle" font-size="8" fill="#0369a1">Scale: docker service scale</text>
+<text x="728" y="1336" font-size="9" fill="#0369a1" font-style="italic">Runs workloads only</text>
+<text x="728" y="1350" font-size="9" fill="#0369a1" font-style="italic">Accepts tasks from Mgr</text>
+<text x="728" y="1364" font-size="9" fill="#0369a1" font-style="italic">Ready for scale-out</text>
+
+<!-- Swarm interconnect lines (manager → workers) -->
+<line x1="258" y1="1280" x2="272" y2="1280" stroke="#facc15" stroke-width="1.5" stroke-dasharray="3 2"/>
+<line x1="480" y1="1280" x2="494" y2="1280" stroke="#facc15" stroke-width="1.5" stroke-dasharray="3 2"/>
+<line x1="702" y1="1280" x2="716" y2="1280" stroke="#facc15" stroke-width="1.5" stroke-dasharray="3 2"/>
+
+<!-- Swarm network label -->
+<text x="493" y="1406" text-anchor="middle" font-size="9" fill="#92400e" font-style="italic">Overlay Network: myapp-net · All nodes communicate on ingress mesh · docker_gwbridge for external traffic</text>
+
+<!-- arrow -->
+<line x1="493" y1="1410" x2="493" y2="1434" stroke="#6366f1" stroke-width="2" class="flow" marker-end="url(#arr)"/>
+<rect x="440" y="1417" width="106" height="12" rx="6" fill="white" opacity=".85"/>
+<text x="493" y="1427" text-anchor="middle" font-size="9" fill="#4f46e5">deployment complete</text>
+<circle r="3.5" fill="#818cf8"><animateMotion dur="1.8s" begin="1s" repeatCount="indefinite" path="M 493 1410 L 493 1434"/><animate attributeName="opacity" values="0;1;1;0" dur="1.8s" begin="1s" repeatCount="indefinite"/></circle>
+
+<!-- ── S11: SMTP EMAIL  y=1434 ── -->
+<rect x="38" y="1434" width="910" height="72" rx="11" fill="url(#g-gray)" stroke="#e2e8f0" stroke-width="1" filter="url(#sh1)"/>
+<rect x="50" y="1446" width="46" height="48" rx="9" fill="#f1f5f9"/>
+<text x="73" y="1476" text-anchor="middle" font-size="24">📧</text>
+<text x="108" y="1459" font-size="13" font-weight="700" fill="#0f172a">SMTP — Post-Build Email Notification</text>
+<text x="108" y="1475" font-size="10" fill="#475569">Sends build result to team · test report · coverage · deployment status · success or failure details</text>
+<text x="108" y="1491" font-size="10" fill="#64748b">emailext to:'team@company.com', subject:"[${BUILD_STATUS}] ${JOB_NAME} #${BUILD_NUMBER}", body:report</text>
+<rect x="812" y="1447" width="120" height="18" rx="9" fill="#e2e8f0" stroke="#cbd5e1" stroke-width="1"/>
+<text x="872" y="1460" text-anchor="middle" font-size="9" font-weight="700" fill="#475569">POST-BUILD</text>
+<circle cx="872" cy="1486" r="4" fill="#22c55e" class="bl"/><text x="881" y="1490" font-size="9" fill="#16a34a">Sent</text>
+
+<!-- Jenkins bottom note -->
+<text x="493" y="1555" text-anchor="middle" font-size="9" fill="#ea580c" opacity=".7">Jenkins Pipeline — All 5 stages complete · Declarative Pipeline · Jenkinsfile driven · v1.0</text>
+
+
+<!-- ═══════════════════════════════════════════════════
+     RIGHT PANEL  x=984 y=82 w=912 h=1490
+     ═══════════════════════════════════════════════════ -->
+<rect x="984" y="82" width="912" height="1490" rx="18" fill="#f8fafc" stroke="#c7d2fe" stroke-width="1.5" filter="url(#sh2)"/>
+<rect x="1010" y="74" width="156" height="20" rx="6" fill="#eef2ff" stroke="#c7d2fe" stroke-width="1"/>
+<text x="1088" y="88" text-anchor="middle" font-size="10" font-weight="700" fill="#4338ca" letter-spacing=".8">TOOLS &amp; REFERENCE</text>
+
+<!-- ── TOOL STACK TABLE  y=90 ── -->
+<rect x="1000" y="90" width="880" height="370" rx="12" fill="white" stroke="#e2e8f0" stroke-width="1" filter="url(#sh1)"/>
+<rect x="1000" y="90" width="880" height="32" rx="12" fill="#f8fafc"/>
+<rect x="1000" y="108" width="880" height="14" fill="#f8fafc"/>
+<text x="1012" y="112" font-size="10" font-weight="700" fill="#475569" letter-spacing=".8">TOOL STACK — All Pipeline Components</text>
+<rect x="1000" y="122" width="880" height="1" fill="#e2e8f0"/>
+<!-- col headers -->
+<text x="1050" y="136" font-size="9" font-weight="700" fill="#94a3b8" letter-spacing=".4">TOOL</text>
+<text x="1200" y="136" font-size="9" font-weight="700" fill="#94a3b8" letter-spacing=".4">ROLE / PURPOSE</text>
+<text x="1436" y="136" font-size="9" font-weight="700" fill="#94a3b8" letter-spacing=".4">TOOL</text>
+<text x="1580" y="136" font-size="9" font-weight="700" fill="#94a3b8" letter-spacing=".4">ROLE / PURPOSE</text>
+<rect x="1000" y="140" width="880" height="1" fill="#f1f5f9"/>
+<line x1="1420" y1="122" x2="1420" y2="454" stroke="#f1f5f9" stroke-width="1"/>
+
+<!-- rows col-A -->
+<rect x="1012" y="147" width="26" height="26" rx="5" fill="#fff7ed" stroke="#fed7aa" stroke-width="1"/>
+<text x="1025" y="164" text-anchor="middle" font-size="13">🔧</text>
+<text x="1046" y="158" font-size="11" font-weight="600" fill="#1e293b">Jenkins LTS</text>
+<text x="1046" y="171" font-size="9" fill="#64748b">CI/CD orchestrator · Declarative Pipeline</text>
+<circle cx="1408" cy="160" r="3.5" fill="#22c55e" class="bl"/>
+
+<rect x="1000" y="183" width="880" height="1" fill="#f8fafc"/>
+<rect x="1012" y="189" width="26" height="26" rx="5" fill="#f0f9ff" stroke="#bae6fd" stroke-width="1"/>
+<text x="1025" y="206" text-anchor="middle" font-size="11">⬛</text>
+<text x="1046" y="200" font-size="11" font-weight="600" fill="#1e293b">GitHub</text>
+<text x="1046" y="213" font-size="9" fill="#64748b">Source control · webhook SCM trigger</text>
+<circle cx="1408" cy="202" r="3.5" fill="#22c55e" class="bl2"/>
+
+<rect x="1000" y="225" width="880" height="1" fill="#f8fafc"/>
+<rect x="1012" y="231" width="26" height="26" rx="5" fill="#f0fdf4" stroke="#bbf7d0" stroke-width="1"/>
+<text x="1025" y="248" text-anchor="middle" font-size="13">🔍</text>
+<text x="1046" y="242" font-size="11" font-weight="600" fill="#1e293b">SonarQube</text>
+<text x="1046" y="255" font-size="9" fill="#64748b">Static analysis · quality gate enforcement</text>
+<circle cx="1408" cy="244" r="3.5" fill="#22c55e" class="bl"/>
+
+<rect x="1000" y="267" width="880" height="1" fill="#f8fafc"/>
+<rect x="1012" y="273" width="26" height="26" rx="5" fill="#fef2f2" stroke="#fecaca" stroke-width="1"/>
+<text x="1025" y="290" text-anchor="middle" font-size="13">⚙️</text>
+<text x="1046" y="284" font-size="11" font-weight="600" fill="#1e293b">Apache Maven</text>
+<text x="1046" y="297" font-size="9" fill="#64748b">Build · test · package JAR/WAR artifact</text>
+<circle cx="1408" cy="286" r="3.5" fill="#22c55e" class="bl2"/>
+
+<rect x="1000" y="309" width="880" height="1" fill="#f8fafc"/>
+<rect x="1012" y="315" width="26" height="26" rx="5" fill="#f0fdf4" stroke="#bbf7d0" stroke-width="1"/>
+<text x="1025" y="332" text-anchor="middle" font-size="13">🗄️</text>
+<text x="1046" y="326" font-size="11" font-weight="600" fill="#1e293b">Nexus Repository</text>
+<text x="1046" y="339" font-size="9" fill="#64748b">Artifact store · Maven repo manager</text>
+<circle cx="1408" cy="328" r="3.5" fill="#22c55e" class="bl"/>
+
+<rect x="1000" y="351" width="880" height="1" fill="#f8fafc"/>
+<rect x="1012" y="357" width="26" height="26" rx="5" fill="#eff6ff" stroke="#bfdbfe" stroke-width="1"/>
+<text x="1025" y="374" text-anchor="middle" font-size="13">🐳</text>
+<text x="1046" y="368" font-size="11" font-weight="600" fill="#1e293b">Docker Engine</text>
+<text x="1046" y="381" font-size="9" fill="#64748b">Containerise App + DB · multi-stage build</text>
+<circle cx="1408" cy="370" r="3.5" fill="#22c55e" class="bl2"/>
+
+<rect x="1000" y="393" width="880" height="1" fill="#f8fafc"/>
+<rect x="1012" y="399" width="26" height="26" rx="5" fill="#faf5ff" stroke="#ddd6fe" stroke-width="1"/>
+<text x="1025" y="416" text-anchor="middle" font-size="13">🛡️</text>
+<text x="1046" y="410" font-size="11" font-weight="600" fill="#1e293b">Trivy</text>
+<text x="1046" y="423" font-size="9" fill="#64748b">CVE image scan · SBOM · secrets detection</text>
+<circle cx="1408" cy="412" r="3.5" fill="#22c55e" class="bl"/>
+
+<!-- rows col-B -->
+<rect x="1432" y="147" width="26" height="26" rx="5" fill="#eff6ff" stroke="#bfdbfe" stroke-width="1"/>
+<text x="1445" y="164" text-anchor="middle" font-size="13">📦</text>
+<text x="1466" y="158" font-size="11" font-weight="600" fill="#1e293b">Docker Hub</text>
+<text x="1466" y="171" font-size="9" fill="#64748b">Container registry · versioned image store</text>
+<circle cx="1848" cy="160" r="3.5" fill="#22c55e" class="bl2"/>
+
+<rect x="1432" y="189" width="26" height="26" rx="5" fill="#f0fdf4" stroke="#bbf7d0" stroke-width="1"/>
+<text x="1445" y="206" text-anchor="middle" font-size="13">🚀</text>
+<text x="1466" y="200" font-size="11" font-weight="600" fill="#1e293b">Docker Stack</text>
+<text x="1466" y="213" font-size="9" fill="#64748b">Deploy to Swarm · service orchestration</text>
+<circle cx="1848" cy="202" r="3.5" fill="#22c55e" class="bl"/>
+
+<rect x="1432" y="231" width="26" height="26" rx="5" fill="#fefce8" stroke="#fde68a" stroke-width="1"/>
+<text x="1445" y="248" text-anchor="middle" font-size="13">🐝</text>
+<text x="1466" y="242" font-size="11" font-weight="600" fill="#1e293b">Docker Swarm</text>
+<text x="1466" y="255" font-size="9" fill="#64748b">Cluster orchestration · 1 Mgr + 3 Workers</text>
+<circle cx="1848" cy="244" r="3.5" fill="#22c55e" class="bl2"/>
+
+<rect x="1432" y="273" width="26" height="26" rx="5" fill="#f8fafc" stroke="#e2e8f0" stroke-width="1"/>
+<text x="1445" y="290" text-anchor="middle" font-size="13">📧</text>
+<text x="1466" y="284" font-size="11" font-weight="600" fill="#1e293b">SMTP Email</text>
+<text x="1466" y="297" font-size="9" fill="#64748b">Post-build notify · success/failure alert</text>
+<circle cx="1848" cy="286" r="3.5" fill="#f59e0b" class="bl"/>
+
+<!-- ── SWARM ARCHITECTURE DIAGRAM  y=478 ── -->
+<rect x="1000" y="478" width="880" height="440" rx="12" fill="white" stroke="#e2e8f0" stroke-width="1" filter="url(#sh1)"/>
+<rect x="1000" y="478" width="880" height="32" rx="12" fill="#fefce8" stroke-width="0"/>
+<rect x="1000" y="496" width="880" height="14" fill="#fefce8"/>
+<text x="1012" y="500" font-size="10" font-weight="700" fill="#a16207" letter-spacing=".8">DOCKER SWARM CLUSTER TOPOLOGY — 1 Manager · 3 Workers</text>
+<rect x="1000" y="510" width="880" height="1" fill="#fde68a"/>
+
+<!-- Swarm topology diagram -->
+<!-- Manager box -->
+<rect x="1060" y="524" width="180" height="120" rx="10" fill="url(#g-manager)" stroke="#fca5a5" stroke-width="1.5"/>
+<rect x="1060" y="524" width="180" height="28" rx="10" fill="#fecdd3"/>
+<rect x="1060" y="540" width="180" height="12" fill="#fecdd3"/>
+<text x="1150" y="542" text-anchor="middle" font-size="10" font-weight="700" fill="#991b1b">⭐ MANAGER NODE</text>
+<rect x="1060" y="552" width="180" height="1" fill="#fca5a5"/>
+<text x="1150" y="566" text-anchor="middle" font-size="9" fill="#7f1d1d">swarm-manager-01</text>
+<text x="1150" y="580" text-anchor="middle" font-size="9" fill="#991b1b">192.168.1.10</text>
+<text x="1150" y="594" text-anchor="middle" font-size="9" fill="#991b1b">Raft Leader · Schedules</text>
+<text x="1150" y="608" text-anchor="middle" font-size="9" fill="#991b1b">DB replica runs here</text>
+<text x="1150" y="622" text-anchor="middle" font-size="8" fill="#b91c1c" font-style="italic">docker swarm init</text>
+
+<!-- Worker 1 box -->
+<rect x="1280" y="524" width="160" height="120" rx="10" fill="url(#g-worker)" stroke="#7dd3fc" stroke-width="1.5"/>
+<rect x="1280" y="524" width="160" height="28" rx="10" fill="#bae6fd"/>
+<rect x="1280" y="540" width="160" height="12" fill="#bae6fd"/>
+<text x="1360" y="542" text-anchor="middle" font-size="10" font-weight="700" fill="#075985">WORKER 1</text>
+<rect x="1280" y="552" width="160" height="1" fill="#7dd3fc"/>
+<text x="1360" y="566" text-anchor="middle" font-size="9" fill="#0c4a6e">swarm-worker-01</text>
+<text x="1360" y="580" text-anchor="middle" font-size="9" fill="#075985">192.168.1.11</text>
+<text x="1360" y="594" text-anchor="middle" font-size="9" fill="#075985">App replica 1/2</text>
+<text x="1360" y="608" text-anchor="middle" font-size="9" fill="#075985">Port 8080 exposed</text>
+
+<!-- Worker 2 box -->
+<rect x="1480" y="524" width="160" height="120" rx="10" fill="url(#g-worker)" stroke="#7dd3fc" stroke-width="1.5"/>
+<rect x="1480" y="524" width="160" height="28" rx="10" fill="#bae6fd"/>
+<rect x="1480" y="540" width="160" height="12" fill="#bae6fd"/>
+<text x="1560" y="542" text-anchor="middle" font-size="10" font-weight="700" fill="#075985">WORKER 2</text>
+<rect x="1480" y="552" width="160" height="1" fill="#7dd3fc"/>
+<text x="1560" y="566" text-anchor="middle" font-size="9" fill="#0c4a6e">swarm-worker-02</text>
+<text x="1560" y="580" text-anchor="middle" font-size="9" fill="#075985">192.168.1.12</text>
+<text x="1560" y="594" text-anchor="middle" font-size="9" fill="#075985">App replica 2/2</text>
+<text x="1560" y="608" text-anchor="middle" font-size="9" fill="#075985">Port 8080 exposed</text>
+
+<!-- Worker 3 box -->
+<rect x="1680" y="524" width="160" height="120" rx="10" fill="url(#g-worker)" stroke="#7dd3fc" stroke-width="1.5"/>
+<rect x="1680" y="524" width="160" height="28" rx="10" fill="#bae6fd"/>
+<rect x="1680" y="540" width="160" height="12" fill="#bae6fd"/>
+<text x="1760" y="542" text-anchor="middle" font-size="10" font-weight="700" fill="#075985">WORKER 3</text>
+<rect x="1680" y="552" width="160" height="1" fill="#7dd3fc"/>
+<text x="1760" y="566" text-anchor="middle" font-size="9" fill="#0c4a6e">swarm-worker-03</text>
+<text x="1760" y="580" text-anchor="middle" font-size="9" fill="#075985">192.168.1.13</text>
+<text x="1760" y="594" text-anchor="middle" font-size="9" fill="#075985">Standby / scale-out</text>
+<text x="1760" y="608" text-anchor="middle" font-size="9" fill="#075985">Ready for new replica</text>
+
+<!-- Connection lines Manager → Workers -->
+<line x1="1240" y1="584" x2="1280" y2="584" stroke="#facc15" stroke-width="2" stroke-dasharray="5 3" marker-end="url(#arr-g)"/>
+<line x1="1240" y1="584" x2="1260" y2="584" stroke="#facc15" stroke-width="1.5"/>
+<line x1="1260" y1="584" x2="1260" y2="630" stroke="#facc15" stroke-width="1" stroke-dasharray="3 2"/>
+<line x1="1260" y1="630" x2="1480" y2="630" stroke="#facc15" stroke-width="1" stroke-dasharray="3 2"/>
+<line x1="1380" y1="630" x2="1380" y2="644" stroke="#facc15" stroke-width="1" stroke-dasharray="3 2" marker-end="url(#arr-g)"/>
+<line x1="1260" y1="630" x2="1260" y2="650" stroke="#facc15" stroke-width="1" stroke-dasharray="3 2"/>
+<line x1="1260" y1="650" x2="1680" y2="650" stroke="#facc15" stroke-width="1" stroke-dasharray="3 2"/>
+<line x1="1580" y1="644" x2="1580" y2="650" stroke="#facc15" stroke-width="1"/>
+<line x1="1760" y1="644" x2="1760" y2="650" stroke="#facc15" stroke-width="1.5" stroke-dasharray="3 2" marker-end="url(#arr-g)"/>
+
+<!-- Overlay network label -->
+<rect x="1060" y="660" width="780" height="28" rx="8" fill="#fefce8" stroke="#fde68a" stroke-width="1"/>
+<text x="1450" y="679" text-anchor="middle" font-size="10" font-weight="600" fill="#92400e">🔗  Overlay Network: myapp-net  ·  All nodes communicate via encrypted VXLAN tunnel  ·  Ingress mesh load balancing on port 8080</text>
+
+<!-- Docker compose snippet -->
+<rect x="1060" y="700" width="780" height="200" rx="10" fill="#0f172a"/>
+<text x="1080" y="720" font-size="9" font-family="'Courier New',monospace" fill="#94a3b8"># docker-compose.stack.yml</text>
+<text x="1080" y="736" font-size="9" font-family="'Courier New',monospace" fill="#7dd3fc">version: <tspan fill="#86efac">'3.8'</tspan></text>
+<text x="1080" y="750" font-size="9" font-family="'Courier New',monospace" fill="#7dd3fc">services:</text>
+<text x="1098" y="764" font-size="9" font-family="'Courier New',monospace" fill="#c4b5fd">app:</text>
+<text x="1116" y="778" font-size="9" font-family="'Courier New',monospace" fill="#e2e8f0">image: username/myapp:<tspan fill="#fbbf24">${BUILD_NUMBER}</tspan></text>
+<text x="1116" y="792" font-size="9" font-family="'Courier New',monospace" fill="#e2e8f0">ports: [<tspan fill="#86efac">"8080:8080"</tspan>]</text>
+<text x="1116" y="806" font-size="9" font-family="'Courier New',monospace" fill="#e2e8f0">deploy: {replicas: <tspan fill="#fbbf24">2</tspan>, placement: {constraints: [node.role==worker]}}</text>
+<text x="1098" y="822" font-size="9" font-family="'Courier New',monospace" fill="#c4b5fd">db:</text>
+<text x="1116" y="836" font-size="9" font-family="'Courier New',monospace" fill="#e2e8f0">image: username/mydb:<tspan fill="#fbbf24">${BUILD_NUMBER}</tspan></text>
+<text x="1116" y="850" font-size="9" font-family="'Courier New',monospace" fill="#e2e8f0">ports: [<tspan fill="#86efac">"3306:3306"</tspan>]</text>
+<text x="1116" y="864" font-size="9" font-family="'Courier New',monospace" fill="#e2e8f0">deploy: {replicas: <tspan fill="#fbbf24">1</tspan>, placement: {constraints: [node.role==manager]}}</text>
+<text x="1116" y="878" font-size="9" font-family="'Courier New',monospace" fill="#e2e8f0">volumes: [<tspan fill="#86efac">db-data:/var/lib/mysql</tspan>]</text>
+<text x="1098" y="892" font-size="9" font-family="'Courier New',monospace" fill="#c4b5fd">networks: [<tspan fill="#86efac">myapp-net</tspan>]</text>
+
+<!-- ── LEGEND  y=936 ── -->
+<rect x="1000" y="936" width="880" height="128" rx="12" fill="white" stroke="#e2e8f0" stroke-width="1" filter="url(#sh1)"/>
+<rect x="1000" y="936" width="880" height="30" rx="12" fill="#f8fafc"/>
+<rect x="1000" y="952" width="880" height="14" fill="#f8fafc"/>
+<text x="1012" y="956" font-size="10" font-weight="700" fill="#475569" letter-spacing=".8">LEGEND</text>
+<rect x="1000" y="966" width="880" height="1" fill="#e2e8f0"/>
+<rect x="1018" y="978" width="14" height="14" rx="3" fill="#dbeafe" stroke="#93c5fd" stroke-width="1.5"/>
+<text x="1038" y="989" font-size="10" fill="#475569">Pipeline stage (Blue)</text>
+<rect x="1220" y="978" width="14" height="14" rx="3" fill="#dcfce7" stroke="#86efac" stroke-width="1.5"/>
+<text x="1240" y="989" font-size="10" fill="#475569">Tool / service (Green)</text>
+<rect x="1430" y="978" width="14" height="14" rx="3" fill="#ffedd5" stroke="#fdba74" stroke-width="1.5"/>
+<text x="1450" y="989" font-size="10" fill="#475569">CI/CD orchestrator (Orange)</text>
+<rect x="1660" y="978" width="14" height="14" rx="3" fill="#ede9fe" stroke="#c4b5fd" stroke-width="1.5"/>
+<text x="1680" y="989" font-size="10" fill="#475569">Security gate (Purple)</text>
+
+<rect x="1018" y="1002" width="14" height="14" rx="3" fill="#fef9c3" stroke="#facc15" stroke-width="1.5"/>
+<text x="1038" y="1013" font-size="10" fill="#475569">Swarm cluster (Yellow)</text>
+<rect x="1220" y="1002" width="14" height="14" rx="3" fill="#ffe4e6" stroke="#fca5a5" stroke-width="1.5"/>
+<text x="1240" y="1013" font-size="10" fill="#475569">Manager node (Red)</text>
+<rect x="1430" y="1002" width="14" height="14" rx="3" fill="#e0f2fe" stroke="#7dd3fc" stroke-width="1.5"/>
+<text x="1450" y="1013" font-size="10" fill="#475569">Worker node (Sky)</text>
+<circle cx="1665" cy="1009" r="4.5" fill="#22c55e"/>
+<text x="1676" y="1013" font-size="10" fill="#475569">Service healthy</text>
+<circle cx="1790" cy="1009" r="4.5" fill="#f59e0b"/>
+<text x="1801" y="1013" font-size="10" fill="#475569">Standby / warning</text>
+
+<line x1="1018" y1="1032" x2="1054" y2="1032" stroke="#6366f1" stroke-width="2" stroke-dasharray="6 4"/>
+<text x="1062" y="1036" font-size="10" fill="#475569">Animated pipeline flow</text>
+<line x1="1220" y1="1032" x2="1256" y2="1032" stroke="#16a34a" stroke-width="2" stroke-dasharray="6 4"/>
+<text x="1264" y="1036" font-size="10" fill="#475569">Quality / security passed</text>
+<line x1="1430" y1="1032" x2="1466" y2="1032" stroke="#facc15" stroke-width="2" stroke-dasharray="5 3"/>
+<text x="1474" y="1036" font-size="10" fill="#475569">Swarm node communication</text>
+
+<!-- ── PIPELINE METRICS  y=1082 ── -->
+<rect x="1000" y="1082" width="880" height="84" rx="12" fill="white" stroke="#e2e8f0" stroke-width="1" filter="url(#sh1)"/>
+<rect x="1000" y="1082" width="880" height="30" rx="12" fill="#f8fafc"/>
+<rect x="1000" y="1098" width="880" height="14" fill="#f8fafc"/>
+<text x="1012" y="1102" font-size="10" font-weight="700" fill="#475569" letter-spacing=".8">PIPELINE HEALTH METRICS</text>
+<rect x="1000" y="1112" width="880" height="1" fill="#e2e8f0"/>
+<text x="1020" y="1132" font-size="10" fill="#64748b">Build success</text>
+<rect x="1020" y="1138" width="140" height="6" rx="3" fill="#e2e8f0"/>
+<rect x="1020" y="1138" width="137" height="6" rx="3" fill="#22c55e"/>
+<text x="1170" y="1148" font-size="10" font-weight="700" fill="#16a34a">98.2%</text>
+<text x="1220" y="1132" font-size="10" fill="#64748b">QA gate pass</text>
+<rect x="1220" y="1138" width="140" height="6" rx="3" fill="#e2e8f0"/>
+<rect x="1220" y="1138" width="132" height="6" rx="3" fill="#3b82f6"/>
+<text x="1370" y="1148" font-size="10" font-weight="700" fill="#1d4ed8">94.5%</text>
+<text x="1420" y="1132" font-size="10" fill="#64748b">Security pass</text>
+<rect x="1420" y="1138" width="140" height="6" rx="3" fill="#e2e8f0"/>
+<rect x="1420" y="1138" width="134" height="6" rx="3" fill="#8b5cf6"/>
+<text x="1570" y="1148" font-size="10" font-weight="700" fill="#6d28d9">95.7%</text>
+<text x="1620" y="1132" font-size="10" fill="#64748b">Avg pipeline time</text>
+<text x="1620" y="1149" font-size="12" font-weight="700" fill="#0f172a">4m 32s</text>
+<text x="1780" y="1132" font-size="10" fill="#64748b">Swarm nodes</text>
+<text x="1780" y="1149" font-size="12" font-weight="700" fill="#0f172a">4 / 4 UP</text>
+
+<!-- ── SWARM COMMANDS REFERENCE  y=1182 ── -->
+<rect x="1000" y="1182" width="880" height="370" rx="12" fill="white" stroke="#e2e8f0" stroke-width="1" filter="url(#sh1)"/>
+<rect x="1000" y="1182" width="880" height="30" rx="12" fill="#f8fafc"/>
+<rect x="1000" y="1198" width="880" height="14" fill="#f8fafc"/>
+<text x="1012" y="1202" font-size="10" font-weight="700" fill="#475569" letter-spacing=".8">SWARM CLUSTER — KEY COMMANDS</text>
+<rect x="1000" y="1212" width="880" height="1" fill="#e2e8f0"/>
+
+<rect x="1012" y="1220" width="840" height="322" rx="8" fill="#0f172a"/>
+<text x="1028" y="1240" font-size="9" font-family="'Courier New',monospace" fill="#64748b"># ── INITIALISE SWARM ON MANAGER ──────────────────────────</text>
+<text x="1028" y="1256" font-size="9" font-family="'Courier New',monospace" fill="#4ade80">docker swarm init --advertise-addr 192.168.1.10</text>
+
+<text x="1028" y="1278" font-size="9" font-family="'Courier New',monospace" fill="#64748b"># ── JOIN WORKER NODES (run on each worker) ────────────────</text>
+<text x="1028" y="1294" font-size="9" font-family="'Courier New',monospace" fill="#4ade80">docker swarm join --token &lt;SWARM_TOKEN&gt; 192.168.1.10:2377</text>
+
+<text x="1028" y="1316" font-size="9" font-family="'Courier New',monospace" fill="#64748b"># ── DEPLOY STACK FROM JENKINS (Stage 5) ──────────────────</text>
+<text x="1028" y="1332" font-size="9" font-family="'Courier New',monospace" fill="#7dd3fc">docker stack deploy -c docker-compose.stack.yml myapp-stack \</text>
+<text x="1028" y="1348" font-size="9" font-family="'Courier New',monospace" fill="#7dd3fc">       --with-registry-auth</text>
+
+<text x="1028" y="1370" font-size="9" font-family="'Courier New',monospace" fill="#64748b"># ── VERIFY RUNNING SERVICES ───────────────────────────────</text>
+<text x="1028" y="1386" font-size="9" font-family="'Courier New',monospace" fill="#4ade80">docker service ls</text>
+<text x="1028" y="1402" font-size="9" font-family="'Courier New',monospace" fill="#94a3b8"># ID     NAME                   MODE      REPLICAS  IMAGE</text>
+<text x="1028" y="1418" font-size="9" font-family="'Courier New',monospace" fill="#94a3b8"># abc1   myapp-stack_app        replicated  2/2    myapp:${BUILD}</text>
+<text x="1028" y="1434" font-size="9" font-family="'Courier New',monospace" fill="#94a3b8"># abc2   myapp-stack_db         replicated  1/1    mydb:${BUILD}</text>
+
+<text x="1028" y="1456" font-size="9" font-family="'Courier New',monospace" fill="#64748b"># ── SCALE SERVICE ─────────────────────────────────────────</text>
+<text x="1028" y="1472" font-size="9" font-family="'Courier New',monospace" fill="#fbbf24">docker service scale myapp-stack_app=4</text>
+
+<text x="1028" y="1494" font-size="9" font-family="'Courier New',monospace" fill="#64748b"># ── LIST ALL NODES ────────────────────────────────────────</text>
+<text x="1028" y="1510" font-size="9" font-family="'Courier New',monospace" fill="#4ade80">docker node ls</text>
+
+<!-- ── FOOTER ── -->
+<rect x="0" y="1572" width="1920" height="28" fill="#1e1b4b" opacity=".94"/>
+<text x="960" y="1590" text-anchor="middle" font-size="10" fill="#a5b4fc">Java Web Application  ·  Enterprise CI/CD  ·  Jenkins · GitHub · SonarQube · Maven · Nexus · Docker · Trivy · Docker Hub · Docker Stack · Swarm (1 Mgr + 3 Workers) · SMTP  ·  v2.0</text>
+
+</svg>