feat: adjusted doc format and fixed main readme

vbontempi · vbontempi · commit 28f52c79ca8e · 2025-05-26T16:27:58.000+02:00
diff --git a/README.md b/README.md
@@ -26,7 +26,7 @@ This module automates the installation and configuration of the [External Secret
 <!-- END OVERVIEW HOOK -->
 
 <!-- Match this heading to the name of the root level module (the repo name) -->
-## external-secrets-operator-module
+## External Secrets Operator module
 
 External Secrets Operator synchronizes secrets in the Kubernetes cluster with secrets that are mapped in [Secrets Manager](https://cloud.ibm.com/docs/secrets-manager).
 
@@ -288,11 +288,11 @@ For more information about IAM Trusted profiles and ESO Multitenancy configurati
 - [Setup of ESO as a Service from RedHat](https://cloud.redhat.com/blog/how-to-setup-external-secrets-operator-eso-as-a-service)
 - [ESO Multitenancy configuration from ESO Docs](https://external-secrets.io/latest/guides/multi-tenancy/)
 
-### _Important current limitation of ESO deployment_
+### _Important current architectural limitation of ESO deployment_
 
 The current ESO version doesn't allow to customise the default IAM endpoint (https://iam.cloud.ibm.com) it uses when authenticating through apikey (`api_key` authentication) for both ClusterSecretStore and SecretStore APIs.
 
-As a direct effect of this limitation, for a standard OCP cluster topology as defined by GoldenEye design (3 workers zones `edge` `private` and `transit`), an ESO deployment with `api_key` authentication configuration needs to be performed on the workers pool with access to the public network (`dedicated: edge` label in GE usual topology) to work fine. If the ESO deployment is performed on a workers pool without access to public network (i.e. to https://iam.cloud.ibm.com) the apikey authentication is expected to fail.
+As a direct effect of this limitation, for an OCP cluster topology designed with three different subnet layers `edge` `private` and `transit`, where only `edge` one has access to the public network, `private` is for business workload and `transit` for private networking, an ESO deployment with `api_key` authentication configuration needs to be performed on the workers pool with access to the public network (`dedicated: edge` label in GE usual topology) to work fine. If the ESO deployment is performed on a workers pool without access to public network (i.e. to https://iam.cloud.ibm.com) the apikey authentication is expected to fail, unless ESO is enrolled into RedHat Service Mesh (this module allows to add the expected resources annotations but the Mesh gateways configuration is out of the scope of the module) or a different networking solution is implemented.
 
 
 ### Pod Reloader
diff --git a/ibm_catalog.json b/ibm_catalog.json
@@ -27,16 +27,20 @@
         "provider_name": "IBM",
         "features": [
           {
-            "title": "Deploys the External Secrets Operator (ESO)",
+            "title": "Deploys the External Secrets Operator (ESO) in existing cluster",
             "description": "This architecture allows to deploy the External Secrets Operator on an existing IBM Cloud OpenShift Cluster."
           },
           {
             "title": "Configures the External Secrets Operator (ESO) Cluster Secrets Stores and Secrets Stores with the related ServiceIDs and Secrets Groups",
-            "description": "Deploy and configure ESO Cluster Secret Store resources for cluster scoped secrets store and ESO Secret Store resources for namespace scoped secrets store.<br/>For more details about Cluster Secret Store please refer to this [documentation](https://external-secrets.io/latest/api/clustersecretstore/).<br/>For more details about Secret Store please refer to this [documentation](https://external-secrets.io/latest/api/secretstore/).<br/>For more details about how to configure the Stores through this architecture input please refer to this [page](https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-external-secrets-operator/refs/heads/da_task_11723/solutions/fully-configurable/DA-eso-configuration.md)"
+            "description": "Deploy and configure ESO Cluster Secret Store resources for cluster scoped secrets store and ESO Secret Store resources for namespace scoped secrets store.<br/>For more details about Cluster Secret Store please refer to this [documentation](https://external-secrets.io/latest/api/clustersecretstore/).<br/>For more details about Secret Store please refer to this [documentation](https://external-secrets.io/latest/api/secretstore/)."
+          },
+          {
+            "title": "Supports two different authentication methods in both the supported Secrets Store types, API key and Trusted Profile authentication",
+            "description": "This architecture allows to leverage on two different authentication methods, IAM API key and Truster Profile, in both the supported Secret Stores.<br/>For more details about configuri the Stores through this architecture input please refer to this [page](https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-external-secrets-operator/refs/heads/da_task_11723/solutions/fully-configurable/DA-eso-configuration.md)"
           },
           {
             "title": "Deploys and configures Stakater Reloader into the cluster",
-            "description": "The architecture allows to optionally deploy Stakater Reloader into the cluster to refresh the cluster's secrets values by reloading pods when needed. For more information about Stakater Reloader, please refer to the [Stakater Reloader documentation](https://github.com/stakater/Reloader)."
+            "description": "The architecture allows to optionally deploy Stakater Reloader into the cluster that helps with refreshing the cluster's secrets values by reloading pods when needed. For more information about Stakater Reloader, please refer to the [Stakater Reloader documentation](https://github.com/stakater/Reloader)."
           }
         ],
         "support_details": "This product is in the community registry, as such support is handled through the originated repo. If you experience issues please open an issue in this repository [https://github.com/terraform-ibm-modules/terraform-ibm-external-secrets-operator/issues). Please note this product is not supported via the IBM Cloud Support Center.",

Original file line number	Diff line number	Diff line change
`@@ -27,16 +27,20 @@`
`27`	`27`	`"provider_name": "IBM",`
`28`	`28`	`"features": [`
`29`	`29`	`{`
`30`		`- "title": "Deploys the External Secrets Operator (ESO)",`
	`30`	`+ "title": "Deploys the External Secrets Operator (ESO) in existing cluster",`
`31`	`31`	`"description": "This architecture allows to deploy the External Secrets Operator on an existing IBM Cloud OpenShift Cluster."`
`32`	`32`	`},`
`33`	`33`	`{`
`34`	`34`	`"title": "Configures the External Secrets Operator (ESO) Cluster Secrets Stores and Secrets Stores with the related ServiceIDs and Secrets Groups",`
`35`		- "description": "Deploy and configure ESO Cluster Secret Store resources for cluster scoped secrets store and ESO Secret Store resources for namespace scoped secrets store.<br/>For more details about Cluster Secret Store please refer to this [documentation](https://external-secrets.io/latest/api/clustersecretstore/).<br/>For more details about Secret Store please refer to this [documentation](https://external-secrets.io/latest/api/secretstore/).<br/>For more details about how to configure the Stores through this architecture input please refer to this [page](https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-external-secrets-operator/refs/heads/da_task_11723/solutions/fully-configurable/DA-eso-configuration.md)"
	`35`	`+ "description": "Deploy and configure ESO Cluster Secret Store resources for cluster scoped secrets store and ESO Secret Store resources for namespace scoped secrets store.<br/>For more details about Cluster Secret Store please refer to this [documentation](https://external-secrets.io/latest/api/clustersecretstore/).<br/>For more details about Secret Store please refer to this [documentation](https://external-secrets.io/latest/api/secretstore/)."`
	`36`	`+ },`
	`37`	`+ {`
	`38`	`+ "title": "Supports two different authentication methods in both the supported Secrets Store types, API key and Trusted Profile authentication",`
	`39`	`+ "description": "This architecture allows to leverage on two different authentication methods, IAM API key and Truster Profile, in both the supported Secret Stores.<br/>For more details about configuri the Stores through this architecture input please refer to this [page](https://raw.githubusercontent.com/terraform-ibm-modules/terraform-ibm-external-secrets-operator/refs/heads/da_task_11723/solutions/fully-configurable/DA-eso-configuration.md)"`
`36`	`40`	`},`
`37`	`41`	`{`
`38`	`42`	`"title": "Deploys and configures Stakater Reloader into the cluster",`
`39`		`- "description": "The architecture allows to optionally deploy Stakater Reloader into the cluster to refresh the cluster's secrets values by reloading pods when needed. For more information about Stakater Reloader, please refer to the [Stakater Reloader documentation](https://github.com/stakater/Reloader)."`
	`43`	`+ "description": "The architecture allows to optionally deploy Stakater Reloader into the cluster that helps with refreshing the cluster's secrets values by reloading pods when needed. For more information about Stakater Reloader, please refer to the [Stakater Reloader documentation](https://github.com/stakater/Reloader)."`
`40`	`44`	`}`
`41`	`45`	`],`
`42`	`46`	`"support_details": "This product is in the community registry, as such support is handled through the originated repo. If you experience issues please open an issue in this repository [https://github.com/terraform-ibm-modules/terraform-ibm-external-secrets-operator/issues). Please note this product is not supported via the IBM Cloud Support Center.",`