kpd: extend documentation

I've asked Claude Code to just extend the documentation as best
as possible. Here as some updates.

Generated-by: Claude AI
Signed-off-by: Luis Chamberlain <[email protected]>

Author: mcgrof

README.md

@@ -1,18 +1,55 @@
 # Kernel Patches Daemon (KPD)
 
-Kernel Patches Daemon (KPD) is a service connecting [Patchwork](https://github.com/getpatchwork/patchwork) with a GitHub repository, primarily for the puprose of running automated continuous integration (CI) testing via [GitHub Actions](https://github.com/features/actions).
+Kernel Patches Daemon (KPD) is a service connecting [Patchwork](https://github.com/getpatchwork/patchwork) with a GitHub repository, primarily for the purpose of running automated continuous integration (CI) testing via [GitHub Actions](https://github.com/features/actions).
 
-KPD watches Patchwork for new patch series and keeps them in sync with pull requests for a specified repository.
-It also updates series checks at Patchwork with CI workflow results, and can send email notifications to the authors of a patch.
+## What KPD Does
 
-KPD was originally developed at Meta in order to facilitate automated testing  of [BPF subsystem](https://docs.cilium.io/en/latest/reference-guides/bpf/index.html) of the [Linux Kernel](https://kernel.org/) (see [BPF CI](https://github.com/kernel-patches/bpf/actions/workflows/test.yml)).
+KPD automates the kernel patch development workflow by:
+- Monitoring Patchwork for new patch series
+- Creating GitHub pull requests for each patch series
+- Running automated CI testing via GitHub Actions
+- Reporting test results back to Patchwork as checks
+- Sending optional email notifications to patch authors
+- Managing branch lifecycle and cleanup
+
+This enables kernel subsystem maintainers to provide automated feedback to
+patch contributors without manual intervention, significantly improving the
+development workflow and code quality.
+
+## Origins and Use Cases
+
+KPD was originally developed at Meta to facilitate automated testing of the [BPF subsystem](https://docs.cilium.io/en/latest/reference-guides/bpf/index.html) of the [Linux Kernel](https://kernel.org/) (see [BPF CI](https://github.com/kernel-patches/bpf/actions/workflows/test.yml)).
+
+The tool is designed for:
+- **Kernel subsystem maintainers** who want to automate patch testing
+- **Organizations** implementing structured kernel development workflows
+- **Teams** requiring granular access control and security for kernel contributions
+- **Projects** needing integration between traditional mailing list workflows and modern CI/CD systems
+
+## Talks about KPD
 
 There have been a number of talks at various Linux-related conferences about KPD, see the slide decks for an introduction and overview:
 - ["KPD: Connect LKML to GitHub"](https://github.com/user-attachments/files/21110162/KPD_.Connect.LKML.to.GitHub.pdf) (Automated Testing Summit 2025)
 - ["Get Started with KPD"](https://github.com/user-attachments/files/21110192/Get.Started.with.KPD.pdf) (2024)
 - ["How BPF CI works?"](http://oldvger.kernel.org/bpfconf2022_material/lsfmmbpf2022-bpf-ci.pdf) (LSF/MM/BPF 2022)
 
-Also [kdevops](https://github.com/linux-kdevops/kdevops) project has great documentation with [a page on KPD integration](https://github.com/linux-kdevops/kdevops/blob/main/docs/kernel-ci/kernel-ci-kpd.md).
+## Integration and Deployment
+
+For comprehensive deployment guidance, including GitHub organization setup, security considerations, and access control best practices, see the [kdevops KPD integration documentation](https://github.com/linux-kdevops/kdevops/blob/main/docs/kernel-ci/kernel-ci-kpd.md). The kdevops project provides detailed instructions for:
+
+- Setting up GitHub Apps with proper permissions
+- Configuring organizational security policies
+- Managing authentication tokens and keys securely
+- Implementing access control for kernel development teams
+
+## Security Considerations
+
+KPD requires careful security configuration:
+- Use a **private, secure system** to host the daemon
+- Configure GitHub organization with **strict access controls**
+- Set repository base permissions to **"No access"** by default
+- Create dedicated teams for kernel development access
+- Regularly audit GitHub App permissions and access
 
 ## Configuration
 
@@ -32,10 +69,18 @@ poetry run python -m unittest
 ```
 
 ## Running
+
+### Normal Operation
 ```
 poetry run python -m kernel_patches_daemon --config <config_path> --label-color configs/labels.json
 ```
 
+### Debugging and Testing
+```bash
+# Purge all existing PRs and branches (destructive operation)
+poetry run python -m kernel_patches_daemon --config <config_path> --action purge
+```
+
 ## Docker
 
 Kernel Patches Daemon is available as pre-build image: