Updated workshop docs

workshop/Readme.md

@@ -3,7 +3,7 @@ This will require you to have understanding of git, installing software and how
 
 For the setup - we will be using Github - but scripts used in workflows will work for Azure DevOps as well and steps can easily be modified for Azure DevOps. 
 
-## Prepare local dev machine & accounts
+## 1. Prepare local dev machine & accounts
 The following should be installed on your workstation:
 
  - VSCode
@@ -13,14 +13,14 @@ The following should be installed on your workstation:
  - Az CLI
  - Access to Azure subscription as a global admin
 
-## Prepare repository & Azure
+## 2. Prepare repository & Azure
 
 - Create a github account if you don't have one already
 - Fork this repository
 - Create a wiki for the newly forked project
 - Clone the two repositories on your local machine
 
-## Create storage account used for artifacts
+## 3. Create storage account used for artifacts
 All the artifacts defined in the artifacts repo will be published in a storage account. All the customer deployments will use that storage account to access the templates/definitions that need to be deployed. 
      
      cd .\src\platform-automation
@@ -122,20 +122,80 @@ cd src\platform-automation
  - Verify that the Workflow Test-And-Upload-Dev-Artifacts are running succesfully.
  - From the Azure portal - check that you have a new json file in your storage account targeted for 'dev'
  - Do a pull request onto master 
- - Verify that the Arm-TTK tests are running
+ - Verify that the Arm-TTK tests are running successfully
  - Merge the changes onto the master branch
  - Verify that the Publish-Artifacts-ToAzureStorage have run succesfully
  - Verify that you now have the template available in your production account ready for use.
 
-Congrats! You now have a succesful pipeline!
+Congrats! You now have a succesful pipeline to validate, approve and publish components for re-use!
 
 ## Create manifest and provision customer
- - Create a new folder under 'customers' called 'Contoso' 
- - Create a manifest.json under customers\contoso
- - Validate that this manifest is 'legal'
+We will now create a manifest that will be used to bootstrap a tenant (or customer). For the simplicity of this - we focus on the previous building block you created - but remember that deployments can happen on any scope (tenant, management group, subscription or resource group). 
+
+ - Create a new feature branch called 'feature\customer_contoso'
+ - Create a new folder under 'cmdb\customers' called 'contoso' 
+ - Create an empty manifest.json under cmdb\customers\contoso (see reference)
+ - Validate that this manifest is legal
+
+```
+# Powershell
+cd src\platform-automation
+.\tests\Artifacts.tests.ps1   
+```
+ - Update the settings in the manifest defaultDeploymentScope
+ - Test the deployment 
+
+ ```
+ cd src\platform-automation
+ # Run all deployments with -WhatIf
+.\platform-scripts\Deploy-Customer.ps1 -customer 'contoso' -Verbose -DryRun
+# Run the manifest with the current session - this will create and update Azure Resources
+.\platform-scripts\Deploy-Customer.ps1 -customer 'contoso' -Verbose 
+ ```
+ - Commit and push the change to your feature branch
+ - Verify that the workflow "Update wiki" is running successfully and building the wiki pages for your managed customers. You should be seeing something similar to this:
+
+ [![Wiki](../images/Wiki-main.png)](#)
+
+ - Click on the customers and you should be seeing Contoso listed as one of your customers managed as code:
+ [![Wiki](../images/Customers-Overview.png)](#)
+
+ - Do a pull request onto master and merge this request. Verify that the workflow "Deploy-Contoso" runs. This workflow will run anytime anyone have approved changes to be rolled out for Contoso.
+
+## Expanding the Manifest
+
+You will now expand the Manifest - to include more useful features. To help you along the way - we have included a few, simple artifacts for you to build a management structure, do some operations and deploy some services and show how you can manage & deliver at scale. Remember - any ARM template can be an artifact and used in composing value. 
+
+***NB: When running this on a management group or tenant deployment - you will need elevated privileges that you so far cannot have through Azure Lighthouse.***
+
+- Create a management group structure as shown by adding the artifacts in the manifest: 
+[![Wiki](../images/Management-Groups.png)](#)
+- Create a new branch 'feature/customer_contoso_change_1'
+- Move your subscription in under the 'platform' management group
+- Add the Lighthouse offer 'lighthouseManagedSubscription' and make sure you have updated the parameters to your management tenant. 
+- Test and deploy the updated manifest locally.
+- Verify that the subscription is now added to your management tenant. 
+- You can use the Build-DelegationList to list events on what customers have onboarded you, or you can verify this through the Azure Portal. 
+- Push your changes, do a pull request and merge the changes on master
+- Verify that the Deploy-Contoso workflow is running successully
 
 
-## Expand with the Sandbox-CAF-Foundation LandingZone
+## Self-documenting Governance 
+A part have been added to automatically build and update each customer that is managed by code. If workflow have run - it should show you an overview of what have been provisioned and the current scanned governance structure for a customer as shown below:
+
+- Verify that the Contoso Governance workflow has run (** this workflow builds the details page for Contoso). There's a known limitation in the Mermaid toolkit that is known to hang - so be aware if the workflow executes for more than 10 minutes - you should kill it. 
+
+[![Wiki](../images/Contoso-details.png)](#)
+
+## Subscription democratization
+Subscriptions can be automated and democratized in the same manner by triggering on git events. 
+
+To show a 'demo' on how this can be triggered :
+- Create a new file in 'cmdb\customers\contoso' called new_subscription - with content "Contoso Subscription1"
+- Commit and push this new file
+- Verify that the workflow have run successfully, it have triggered the script with the correct parameters and the output is a subscription
+
+***Note: This is just for demo - a partner/customer would implement and use PartnerCenter SDK in the Script demo, use the ARM deployment for new subscriptions or use the REST Apis to create subscriptions - depending on what lisencing model to use***
 
 ## Resources
 #### Creating workflows / Pipelines