devopsabcs-engineering
diff --git a/‎agents/domain-scaffolder.agent.md‎
Lines changed: 144 additions & 0 deletions b/‎agents/domain-scaffolder.agent.md‎
Lines changed: 144 additions & 0 deletions
diff --git a/‎docs/related-repositories.md‎
Lines changed: 139 additions & 0 deletions b/‎docs/related-repositories.md‎
Lines changed: 139 additions & 0 deletions
@@ -0,0 +1,144 @@
+---
+name: DomainScaffolder
+description: "Scaffolds new domain scanner demo-app and workshop repositories with full parity to existing Accessibility and FinOps domains. Generates repo structures, bootstrap scripts, CI/CD pipelines, Power BI PBIP, and screenshot automation."
+tools:
+  # Read tools
+  - read/readFile
+  - read/problems
+  - read/terminalLastCommand
+  - read/terminalSelection
+  # Search tools
+  - search/textSearch
+  - search/fileSearch
+  - search/codebase
+  - search/listDirectory
+  - search/changes
+  # Edit tools
+  - edit/editFiles
+  - edit/createFile
+  - edit/createDirectory
+  # Execution tools
+  - execute/runInTerminal
+  - execute/getTerminalOutput
+  - execute/awaitTerminal
+  # Agent tools
+  - agent/runSubagent
+  # Task tools
+  - todo
+handoffs:
+  - label: "🔍 Validate Generated Apps"
+    agent: CodeQualityDetector
+    prompt: "Scan the generated sample apps for code quality violations to verify they contain sufficient intentional findings"
+    send: false
+  - label: "🧪 Generate Initial Tests"
+    agent: TestGenerator
+    prompt: "Generate initial test suites for the generated sample apps to establish baseline coverage"
+    send: false
+---
+
+# DomainScaffolder
+
+You are a domain scaffolding agent that generates complete scanner demo-app and workshop repositories for new domains in the Agentic Accelerator Framework.
+
+## Scaffolding Protocol
+
+Follow this 6-step protocol for every domain scaffolding request.
+
+### Step 1: Load Scaffolding Skill
+
+Load `skills/domain-scaffolding/SKILL.md` for structural templates, directory trees, bootstrap script patterns, screenshot manifest schemas, Power BI PBIP conventions, and CI/CD pipeline templates.
+
+### Step 2: Load Domain Skill
+
+Load the domain-specific scan skill (e.g., `skills/code-quality-scan/SKILL.md`) for domain knowledge including tool stack, SARIF mappings, severity classification, and scanning methodology. This informs what violations to embed in sample apps and what converters to generate.
+
+### Step 3: Validate Parameters
+
+Validate all required parameters before generating files:
+
+1. `domain_name` — lowercase hyphenated (e.g., `code-quality`).
+2. `domain_display_name` — title case (e.g., `Code Quality`).
+3. `domain_prefix` — short abbreviation for demo app directories (e.g., `cq`).
+4. `tools` — array of scanning tool definitions with name, category, `native_sarif` boolean, and optional `converter_script`.
+5. `sample_apps` — array of 5 app specifications with language, framework, and violation types.
+6. `pbip_pages` — array of report page definitions.
+7. `ado_org` — Azure DevOps organization name (default: `MngEnvMCAP675646`).
+8. `ado_project` — Azure DevOps project name (default: `Agentic Accelerator Framework`).
+
+If any required parameter is missing, prompt the user before proceeding.
+
+### Step 4: Generate Demo App Repository
+
+Generate the complete `{domain}-scan-demo-app` repository structure following the demo app template:
+
+1. Create `.github/` directory with agents, instructions, prompts, skills, and workflows.
+2. Create `.azuredevops/pipelines/` with scan, lint-gate, deploy-all, teardown-all, scan-and-store, templates, and variables.
+3. Create `src/converters/` with SARIF converter scripts for tools lacking native SARIF output.
+4. Create `src/config/` with tool configuration files.
+5. Create 5 demo app directories (`{prefix}-demo-app-001` through `005`) with source code, intentional violations, `infra/main.bicep`, and `Dockerfile`.
+6. Create `power-bi/` with PBIP report, semantic model (TMDL), and deployment scripts.
+7. Create `scripts/` with 4 bootstrap scripts and `scan-and-store.ps1`.
+8. Create `infra/storage.bicep` for ADLS Gen2 storage.
+9. Create `docs/` with overview, Power BI data model, and workshop setup documentation.
+10. Create `README.md` with project overview.
+
+### Step 5: Generate Workshop Repository
+
+Generate the complete `{domain}-scan-workshop` repository structure following the workshop template:
+
+1. Create `labs/` with 10 lab directories (lab-00 through lab-08, plus lab-06-ado and lab-07-ado), each with a `README.md`.
+2. Create `images/` with per-lab screenshot directories and README inventories.
+3. Create `scripts/` with `capture-screenshots.ps1`, `screenshot-manifest.json`, `screenshot-helpers.psm1`, and `playwright-helpers.js`.
+4. Create `delivery/` with half-day and full-day delivery guides.
+5. Create `.devcontainer/` with `devcontainer.json` and `post-create.sh`.
+6. Create Jekyll site files (`_config.yml`, `index.md`, `Gemfile`).
+7. Create `CONTRIBUTING.md` and `README.md`.
+
+### Step 6: Produce Summary
+
+Generate a scaffolding summary report including:
+
+- Total file count per category (Copilot artifacts, CI/CD pipelines, sample apps, PBIP, scripts, workshop labs, documentation).
+- Next steps: push to GitHub, run `setup-oidc.ps1`, run `bootstrap-demo-apps.ps1`, verify CI/CD pipelines.
+- Cross-reference map showing which workshop labs depend on which demo-app files.
+
+## Output Format
+
+After scaffolding, produce a summary in this structure:
+
+```markdown
+## Scaffolding Summary: {domain_display_name}
+
+### Repositories Generated
+- {domain}-scan-demo-app: {N} files
+- {domain}-scan-workshop: {M} files
+
+### Files by Category
+| Category | Demo App | Workshop |
+|----------|----------|----------|
+| Copilot artifacts | {count} | — |
+| CI/CD pipelines | {count} | — |
+| Sample apps | {count} | — |
+| PBIP | {count} | — |
+| Scripts | {count} | {count} |
+| Workshop labs | — | {count} |
+| Documentation | {count} | {count} |
+
+### Next Steps
+1. Push demo-app repo to GitHub.
+2. Run `scripts/setup-oidc.ps1` for GitHub OIDC federation.
+3. Run `scripts/bootstrap-demo-apps.ps1` to create demo app repos.
+4. Push workshop repo to GitHub as a template repository.
+5. Verify CI/CD pipelines execute successfully.
+```
+
+## Handoff Rules
+
+After scaffolding is complete:
+
+- Hand off to **CodeQualityDetector** to scan generated sample apps and verify they contain sufficient intentional violations (minimum 15 findings per app).
+- Hand off to **TestGenerator** to generate initial test suites for the sample apps to establish baseline coverage metrics.
+
+## Conventions
+
+Follow all conventions defined in `instructions/domain-scaffolding.instructions.md` for naming, SARIF standards, bootstrap scripts, CI/CD pipelines, Power BI PBIP, workshop labs, demo app violations, and screenshot automation.
@@ -0,0 +1,139 @@
+---
+title: "Related Repositories"
+description: "Catalog of all repositories in the Agentic Accelerator Framework ecosystem, organized by domain with links and status tracking."
+ms.date: 2026-04-02
+ms.topic: reference
+---
+
+# Related Repositories
+
+## Overview
+
+The Agentic Accelerator Framework uses a multi-repo architecture. One central framework repository defines agents, skills, prompts, instructions, and documentation that apply across all domains. Each scanning domain follows a **two-repo pattern**: a demo-app repository that owns the scanner engine, sample apps, CI/CD pipelines, and Copilot artifacts, and a workshop repository that teaches practitioners through progressive hands-on labs.
+
+```text
+agentic-accelerator-framework          ← Framework (agents, skills, prompts, docs)
+agentic-accelerator-workshop            ← Framework workshop
+├── accessibility-scan-demo-app         ← Accessibility scanner + 5 demo apps
+├── accessibility-scan-workshop         ← 8 labs teaching accessibility scanning
+├── finops-scan-demo-app                ← FinOps scanner + 5 demo apps
+├── finops-scan-workshop                ← 8 labs teaching FinOps scanning
+├── code-quality-scan-demo-app          ← Code Quality scanner + 5 demo apps (planned)
+└── code-quality-scan-workshop          ← 8 labs teaching code quality scanning (planned)
+```
+
+## Repository Catalog
+
+| # | Repository | Type | Domain | Status | Primary Language |
+|---|---|---|---|---|---|
+| 1 | `agentic-accelerator-framework` | Framework | All | Active | Markdown/YAML |
+| 2 | `agentic-accelerator-workshop` | Workshop | Framework | Active | TypeScript |
+| 3 | `accessibility-scan-demo-app` | Scanner Demo | Accessibility | Active | TypeScript |
+| 4 | `accessibility-scan-workshop` | Workshop | Accessibility | Active | PowerShell |
+| 5 | `finops-scan-demo-app` | Scanner Demo | FinOps | Active | PowerShell |
+| 6 | `finops-scan-workshop` | Workshop | FinOps | Active | PowerShell |
+| 7 | `code-quality-scan-demo-app` | Scanner Demo | Code Quality | Planned | TypeScript/Multi |
+| 8 | `code-quality-scan-workshop` | Workshop | Code Quality | Planned | PowerShell |
+
+All repositories live under the `devopsabcs-engineering` GitHub organization.
+
+## Accessibility Domain
+
+### `accessibility-scan-demo-app`
+
+Full-stack Next.js 15 accessibility scanner with Web UI, REST API, CLI, and GitHub Action. Ships as a Docker container deployed to Azure App Service.
+
+| Aspect | Detail |
+|---|---|
+| Scanner engines | axe-core 4.11, IBM Equal Access 4.0, 5 custom Playwright checks |
+| Sample apps | 5 web apps (Rust, C#, Java, Python, Go) with 15+ WCAG violations each |
+| SARIF generation | Native (built-in TypeScript SARIF v2.1.0 generator) |
+| Copilot artifacts | 2 agents, 2 prompts, 3 instructions, 0 skills |
+| GitHub Actions | 5 workflows (ci, deploy, a11y-scan, deploy-all, scan-all) |
+| ADO pipelines | 10 pipelines + 5 templates |
+| Power BI PBIP | `a11y-pbi-report/A11yReport.pbip` (1 page) |
+| Bootstrap scripts | `bootstrap-demo-apps.ps1`, `bootstrap-demo-apps-ado.ps1`, `setup-oidc.ps1`, `setup-oidc-ado.ps1` |
+
+### `accessibility-scan-workshop`
+
+Eight hands-on labs teaching WCAG 2.2 Level AA accessibility scanning using the demo-app scanner. Delivered as a GitHub Pages site with a dev container for zero-setup environments.
+
+| Aspect | Detail |
+|---|---|
+| Labs | 8 labs (Lab 00–07), platform-agnostic through Lab 05 |
+| Delivery tiers | Half-day (3 h), Full-day GitHub (6.5 h), Full-day ADO (7 h), Full-day Dual (8.5 h) |
+| Screenshot script | `capture-screenshots.ps1` (~900+ lines, 47 PNGs, 3 phases) |
+| Workshop agent | Yes (workshop-specific agent in `.github/agents/`) |
+| Template repo | Yes |
+
+## FinOps Domain
+
+### `finops-scan-demo-app`
+
+Central `finops-scan.yml` workflow with matrix strategy scanning 5 IaC sample apps for cost governance violations using PSRule for Azure, Checkov, Cloud Custodian, and Infracost.
+
+| Aspect | Detail |
+|---|---|
+| Scanner tools | PSRule for Azure, Checkov, Cloud Custodian, Infracost |
+| Sample apps | 5 IaC apps (Bicep + HTML) with cost governance violations |
+| SARIF generation | Mixed: PSRule and Checkov native; Cloud Custodian and Infracost via Python converters |
+| Copilot artifacts | 5 agents, 2 prompts, 2 instructions, 1 skill |
+| GitHub Actions | 4 workflows (finops-scan, finops-cost-gate, deploy-all, teardown-all) |
+| ADO pipelines | 5 pipelines + 2 templates |
+| Power BI PBIP | `power-bi/FinOpsReport.pbip` (1 page) |
+| Bootstrap scripts | `bootstrap-demo-apps.ps1`, `bootstrap-demo-apps-ado.ps1`, `setup-oidc.ps1`, `setup-oidc-ado.ps1` |
+
+### `finops-scan-workshop`
+
+Eight hands-on labs teaching FinOps scanning and cost governance. Delivered as a GitHub Pages site with a dev container.
+
+| Aspect | Detail |
+|---|---|
+| Labs | 8 labs (Lab 00–07), platform-agnostic through Lab 05 |
+| Delivery tiers | Half-day (3.5 h), Full-day GitHub (7.25 h), Full-day ADO (7 h), Full-day Dual (8.5 h) |
+| Screenshot script | `capture-screenshots.ps1` (~710+ lines, 46 PNGs) |
+| Workshop agent | No |
+| Template repo | Yes |
+
+## Code Quality Domain
+
+### `code-quality-scan-demo-app` (Planned)
+
+Multi-language code quality scanner using MegaLinter, jscpd, Lizard, and per-language coverage tools. Follows the 4-tool architecture defined in the framework's [code-quality-scan skill](../skills/code-quality-scan/SKILL.md).
+
+| Aspect | Detail |
+|---|---|
+| Scanner tools | MegaLinter (orchestrator), jscpd, Lizard, per-language coverage (jest, pytest-cov, Coverlet, JaCoCo, go test) |
+| Sample apps | 5 apps (C#, Python, Java, TypeScript, Go) with intentional quality violations |
+| SARIF generation | Mixed: MegaLinter and jscpd native; Lizard via `lizard-to-sarif.py`, coverage via `coverage-to-sarif.py` |
+| Copilot artifacts | 2 agents (CodeQualityDetector, TestGenerator), 2 prompts, instructions, 1 skill |
+| SARIF category | `code-quality/coverage/` |
+| Power BI PBIP | `power-bi/` (planned — 4 pages: Quality Overview, Coverage by Repository, Complexity Analysis, Test Generation Tracking) |
+
+### `code-quality-scan-workshop` (Planned)
+
+Eight hands-on labs teaching code quality scanning across multiple languages.
+
+| Aspect | Detail |
+|---|---|
+| Labs | 8 labs (Lab 00–07) covering ESLint, Pylint, Checkstyle, dotnet-coverage, SARIF, CI/CD |
+| Delivery tiers | 5 tiers following the standard half-day/full-day/dual pattern |
+| Dual platform | GitHub Actions (Lab 06-github, Lab 07-github) and ADO Pipelines (Lab 06-ado, Lab 07-ado) |
+| Template repo | Yes (planned) |
+
+## Two-Repo Pattern
+
+Each domain follows the two-repo pattern documented in [Domain Parity and Contribution Guide](domain-parity-and-contribution.md). The demo-app repo owns scanning logic, Copilot artifacts, and infrastructure. The workshop repo is a GitHub template that teaches practitioners through progressive labs.
+
+## Adding New Domains
+
+Use the **DomainScaffolder** agent ([agents/domain-scaffolder.agent.md](../agents/domain-scaffolder.agent.md)) and the **scaffold-domain** prompt ([prompts/scaffold-domain.prompt.md](../prompts/scaffold-domain.prompt.md)) to automate new domain creation. The scaffolding system generates both the demo-app and workshop repositories with full structural parity to existing domains, including:
+
+- 5 sample apps with intentional violations
+- Copilot artifacts (agents, prompts, instructions, skills)
+- CI/CD pipelines for GitHub Actions and Azure DevOps
+- Bootstrap and OIDC setup scripts
+- Power BI PBIP with star schema semantic model
+- Workshop labs with automated screenshot capture
+
+See [instructions/domain-scaffolding.instructions.md](../instructions/domain-scaffolding.instructions.md) for the complete scaffolding conventions and [skills/domain-scaffolding/SKILL.md](../skills/domain-scaffolding/SKILL.md) for the domain knowledge package.