docs(review): weekly review

nerda-codes · nerda-codes · commit 3c5e88a6e7ad · 2024-11-28T17:21:33.000+01:00
diff --git a/identity-and-access-management/secret-manager/api-cli/external-secrets.mdx b/identity-and-access-management/secret-manager/api-cli/external-secrets.mdx
@@ -31,16 +31,17 @@ In this tutorial you will learn how to deploy External Secrets and its services
 ## Preparing the Kubernetes Kapsule cluster
 
 1. Make sure you are connected to your cluster and that `kubectl` and `helm` are installed on your local machine.
-2. Add the External Secrets helm repository and update it using the following commands:
+2. Add the External Secrets repository to your Helm configuration and update it using the following commands:
     ```
     helm repo add external-secrets https://charts.external-secrets.io
     helm repo update
     ```
 
 ## Deploying External Secrets
 
-To automatically install and manage the CRDs as part of your helm release, you must add the `--set installCRDs=true` flag to your helm installation command.
-Uncomment the relevant line in the next steps to enable this.
+Run the command below to deploy the External Secrets application in your cluster and create its associated resources.
+To automatically install and manage the CRDs as part of your Helm release, you must add the `--set installCRDs=true` flag to your Helm installation command.
+Uncomment the `--set installCRDs=true` line in the following command to do so.
 ```
 helm upgrade --install external-secrets  external-secrets/external-secrets \
     -n external-secrets \
@@ -59,53 +60,68 @@ kubectl create secret generic scwsm-secret --from-file=./access-key --from-file=
 ```
 ## Create your first SecretStore
 
+Define a `SecretStore` resource in Kubernetes to inform External Secrets where to fetch secrets from.
 Secret Manager is a regionalized product so you will need to specify the [region](/identity-and-access-management/secret-manager/concepts/#region) to create your secret in.
 
-```
----
-apiVersion: external-secrets.io/v1beta1
-kind: SecretStore
-metadata:
-  name: secret-store
-  namespace: default
-spec:
-  provider:
-    scaleway:
-      region: <REGION>
-      projectId: <SCALEWAY_PROJECT_ID>
-      accessKey:
-        secretRef:
-          name: scwsm-secret
-          key: access-key
-      secretKey:
-        secretRef:
-          name: scwsm-secret
-          key: secret-access-key
-```
+1. Copy the template below and paste it in a file named `secret-store.yaml`.
+
+    ```
+    ---
+    apiVersion: external-secrets.io/v1beta1
+    kind: SecretStore
+    metadata:
+      name: secret-store
+      namespace: default
+    spec:
+      provider:
+        scaleway:
+          region: <REGION>
+          projectId: <SCALEWAY_PROJECT_ID>
+          accessKey:
+            secretRef:
+              name: scwsm-secret
+              key: access-key
+          secretKey:
+            secretRef:
+              name: scwsm-secret
+              key: secret-access-key
+    ```
+2. Apply your file to your cluster:
+
+    ```
+    kubectl apply -f secret-store.yaml
+    ```
 
 ## Create your first External Secret
 
-```
----
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
-    name: secret
-    namespace: default
-spec:
-    refreshInterval: 20s
-    secretStoreRef:
-        kind: SecretStore
-        name: secret-store
-    target:
-        name: kubernetes-secret-to-be-created
-        creationPolicy: Owner
-    data:
-      - secretKey: password  # key in the kubernetes secret
-        remoteRef:
-          key: id:<SECRET_ID in the secret store>
-          version: latest_enabled
-```
+Create an `ExternalSecret` resource to specify which secret to fetch from Secret Manager.
+1. Copy the following template and paste it in a file named `external-secret.yaml`
+
+    ```
+    ---
+    apiVersion: external-secrets.io/v1beta1
+    kind: ExternalSecret
+    metadata:
+        name: secret
+        namespace: default
+    spec:
+        refreshInterval: 20s
+        secretStoreRef:
+            kind: SecretStore
+            name: secret-store
+        target:
+            name: kubernetes-secret-to-be-created
+            creationPolicy: Owner
+        data:
+          - secretKey: password  # key in the kubernetes secret
+            remoteRef:
+              key: id:<SECRET_ID in the secret store>
+              version: latest_enabled
+    ```
+2. Apply the file to your cluster:
+    ```
+    kubectl apply -f external-secret.yaml
+    ```
 
 A secret with the name `kubernetes-secret-to-be-created` should appear in your namespace. It contains the secret pulled from Secret Manager:
 
@@ -117,17 +133,17 @@ kubernetes-secret-to-be-created   Opaque   1      9m14s
 
 ## Uninstalling
 
-Make sure you have deleted all external-secret resources you might have created beforehand. You can check for any existing resources with the following command:
+Make sure you have deleted any resources created by External Secrets beforehand. You can check for any existing resources with the following command:
 
 ```
 kubectl get SecretStores,ClusterSecretStores,ExternalSecrets,ClusterExternalSecret,PushSecret --all-namespaces
 ```
 
-Once all these resources have been deleted you are ready to uninstall external-secrets.
+Once all these resources have been deleted you are ready to uninstall External Secrets.
 
-## Uninstalling with helm
+## Uninstalling with Helm
 
-Uninstall the helm release using the following command.
+Uninstall the External Secrets deployment using the following command.
 
 ```
 helm delete external-secrets --namespace external-secrets
