From 7b4438ec5c209c705e286ee2b411b62d26d169f0 Mon Sep 17 00:00:00 2001
From: Stefan Reimer <stefan@zero-downtime.net>
Date: Mon, 15 Nov 2021 13:20:58 +0100
Subject: [PATCH] chore: update docs

---
 README.md | 28 ++++++++++++++++++++++------
 1 file changed, 22 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index 06af1d3..82913ec 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,10 @@
 
 # About
 
-Toolset to render and manage [AWS CloudFormation](https://aws.amazon.com/cloudformation).
+Toolset to deploy and maintain infrastructure in automated and trackable manner.  
+First class support for:  
+- [AWS CloudFormation](https://aws.amazon.com/cloudformation)
+- [Pulumi](https://www.pulumi.com/docs/)
 
 
 # Install
@@ -23,24 +26,37 @@ Options:
 
 Commands:
   clean              Deletes all previously rendered files locally
-  create-change-set  Creates a change set for an existing stack
+  create-change-set  Creates a change set for an existing stack - CFN only
   create-docs        Parses all documentation fragments out of rendered...
   delete             Deletes stacks or stack groups
+  get-config         Get a config value, decrypted if secret
   outputs            Prints all stack outputs
+  preview            Preview of Pulumi stack up operation
   provision          Creates or updates stacks or stack groups
-  render             Renders template and its parameters
+  refresh            Refreshes Pulumi stack / Drift detection
+  render             Renders template and its parameters - CFN only
+  set-config         Sets a config value, encrypts with stack key if secret
   sync               Renders template and provisions it right away
-  validate           Validates already rendered templates using cfn-lint
+  validate           Validates already rendered templates using cfn-lint...
 ```
 
 ## Config management
 - Within the config folder each directory represents either a stack group if it has sub-directories, or an actual Cloudformation stack in case it is a leaf folder.
 - The actual configuration for each stack is hierachly merged. Lower level config files overwrite higher-level values. Complex data structures like dictionaries and arrays are deep merged.
 
-# Secrets
+## Quickstart
+TBD
 
-CloudBender supports Mozilla's [SOPS](https://github.com/mozilla/sops) to encrypt values in any config yaml file since version 0.8.1  
+## Secrets handling
 
+### Pulumi
+CloudBender supports the native Pulumi secret handling.
+See [Pulumi Docs](https://www.pulumi.com/docs/intro/concepts/secrets/) for details.
+
+### Cloudformation
+CloudBender supports [SOPS](https://github.com/mozilla/sops) to encrypt values in any config yaml file since version 0.8.1  
 
 If a sops encrypted config file is detected CloudBender will automatically try to decrypt the file during execution.  
 All required information to decrypt has to be present in the embedded sops config or set ahead of time via sops supported ENVIRONMENT variables.
+
+SOPS support can be disabled by setting `DISABLE_SOPS` in order to reduce timeouts etc.
\ No newline at end of file