Add a bit more docs (#24)

Added link for credstash Moved the usage docs at the top
ouzi-dev · Feb 7, 2020 · 25988f9 · 25988f9
1 parent fbeb14e
commit 25988f9
Showing 1 changed file with 32 additions and 24 deletions.
diff --git a/README.md b/README.md
@@ -2,7 +2,38 @@
 
 ## Overview
 
-credstash-operator is a Kubernetes operator that creates Kubernetes secrets from credstash secrets
+credstash-operator is a Kubernetes operator that creates Kubernetes secrets from [credstash](https://github.com/fugue/credstash) secrets. 
+
+This controller will go and fetch credstash keys as specified in the CRD spec and then go and manage a Kubernetes Secret that contains their values. 
+
+* The controller will use the name and the latest versionof the credstash key by default in the underlying managed Secret unless specified otherwise in the CredstashSecret CRD.
+* The controller can use one or more Credstash Secrets in the same CRD allowing you to have a Kubernetes Secret from multiple Credstash Secrets.
+* If a CredstashSecret CRD gets updated, the controller will update the underlying managed Secret.
+* If a CredstashSecret CRd gets deleted, the controller will delete the underlying managed Secret.
+
+### Using the operator
+Once configured submitting a CredstashSecret custom resource like below will create a secret from the credstash keys specified
+```yaml
+apiVersion: credstash.ouzi.tech/v1alpha1
+kind: CredstashSecret
+metadata:
+  name: very-secret
+  namespace: test
+spec:
+  # Name of the target secret (Optional. Defaults to the CR name)
+  name: example
+  # List of secrets from credstash to add to the body of the secret 
+  secrets:
+      # key: the key in credstash to fetch. (Required)
+    - key: test-secret
+      # name: the name of the resulting data element in the k8s secret (Optional. Defaults to the credstash key)
+      name: renamed-test-secret
+      # table: the dynamoDB table that contains the credstash secrets (Optional. Defaults to credential-store)
+      table: credential-store
+      # version: the version of the secret in credstash for the provided key (Optional.Defaults to the latest version)
+      version: 1
+```
+
 
 ## Deployment
 ### Prerequisites
@@ -51,26 +82,3 @@ helm upgrade --install credstash https://github.com/ouzi-dev/credstash-operator/
     --set awsCredentials.secretName=aws-credentials
 ``` 
 Where ${VERSION} is the version you want to install
-
-### Using the operator
-Once configured submitting a CredstashSecret custom resource like below will create a secret from the credstash keys specified
-```yaml
-apiVersion: credstash.ouzi.tech/v1alpha1
-kind: CredstashSecret
-metadata:
-  name: very-secret
-  namespace: test
-spec:
-  # Name of the target secret (Optional. Defaults to the CR name)
-  name: example
-  # List of secrets from credstash to add to the body of the secret 
-  secrets:
-      # key: the key in credstash to fetch. (Required)
-    - key: test-secret
-      # name: the name of the resulting data element in the k8s secret (Optional. Defaults to the credstash key)
-      name: renamed-test-secret
-      # table: the dynamoDB table that contains the credstash secrets (Optional. Defaults to credential-store)
-      table: credential-store
-      # version: the version of the secret in credstash for the provided key (Optional.Defaults to the latest version)
-      version: 1
-```