docs: more examples os specific k8s secret types

docs/guides-common-k8s-secret-types.md

@@ -0,0 +1,77 @@
+# A few common k8s secret types examples
+
+Here we will give some examples of how to work with a few common k8s secret types. We will give this examples here with the gcp provider (should work with other providers in the same way). Please also check the guides on [Advanced Templating](guides-templating.md) to understand the details.
+
+Please follow the authentication and SecretStore steps of the [Google Cloud Secrets Manager guide](provider-google-secrets-manager.md) to setup access to your google cloud account first.
+
+
+## Dockerconfigjson example
+
+First create a secret in Google Cloud Secrets Manager containing your docker config:
+
+![iam](./pictures/screenshot_docker_config_json_example.png)
+
+Let's call this secret docker-config-example on Google Cloud.
+
+Then create a ExternalSecret resource taking advantage of templating to populate the generated secret:
+
+```yaml
+{% include 'gcpsm-docker-config-externalsecret.yaml' %}
+```
+
+This will generate a valid dockerconfigjson secret for you to use!
+
+You can get the final value with:
+
+```bash
+kubectl get secret secret-to-be-created -n <namespace> | -o jsonpath="{.data\.dockerconfigjson}" | base64 -d
+```
+
+## TLS Cert example
+
+We are assuming here that you already have valid certificates, maybe generated with letsencrypt or any other CA. So to simplify you can use openssl to generate a single secret pkcs12 cert based on your cert.pem and privkey.pen files.
+
+```bash
+openssl pkcs12 -export -out certificate.p12 -inkey privkey.pem -in cert.pem
+```
+
+With a certificate.p12 you can upload it to Google Cloud Secrets Manager:
+
+![p12](./pictures/screenshot_ssl_certificate_p12_example.png)
+
+And now you can create an ExternalSecret that gets it. You will end up with a k8s secret of type tls with pem values.
+
+```yaml
+{% include 'gcpsm-tls-externalsecret.yaml' %}
+```
+
+You can get their values with:
+
+```bash
+kubectl get secret secret-to-be-created -n <namespace> | -o jsonpath="{.data.tls\.crt}" | base64 -d
+kubectl get secret secret-to-be-created -n <namespace> | -o jsonpath="{.data.tls\.key}" | base64 -d
+```
+
+
+## SSH Auth example
+
+Add the ssh privkey to a new Google Cloud Secrets Manager secret:
+
+![ssh](./pictures/screenshot_ssh_privkey_example.png)
+
+And now you can create an ExternalSecret that gets it. You will end up with a k8s secret of type ssh-auth with the privatekey value.
+
+```yaml
+{% include 'gcpsm-ssh-auth-externalsecret.yaml' %}
+```
+
+You can get the privkey value with:
+
+```bash
+kubectl get secret secret-to-be-created -n <namespace> | -o jsonpath="{.data.ssh-privatekey}" | base64 -d
+```
+
+## More examples
+
+!!! note "We need more examples here" 
+    Feel free to contribute with our docs and add more examples here!

docs/snippets/gcpsm-docker-config-externalsecret.yaml

@@ -0,0 +1,23 @@
+{% raw %}
+apiVersion: external-secrets.io/v1alpha1
+kind: ExternalSecret
+metadata:
+  name: dk-cfg-example
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    name: example
+    kind: SecretStore
+  target:
+    name: secret-to-be-created
+    template:
+      type: kubernetes.io/dockerconfigjson
+      data:
+        .dockerconfigjson: "{{ .mysecret | toString }}"
+    name: secret-to-be-created
+    creationPolicy: Owner
+  data:
+  - secretKey: mysecret
+    remoteRef:
+      key: docker-config-example
+{% endraw %}

docs/snippets/gcpsm-ssh-auth-externalsecret.yaml

@@ -0,0 +1,23 @@
+{% raw %}
+apiVersion: external-secrets.io/v1alpha1
+kind: ExternalSecret
+metadata:
+  name: dk-cfg-example
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    name: example
+    kind: SecretStore
+  target:
+    name: secret-to-be-created
+    template:
+      type: kubernetes.io/ssh-auth
+      data:
+        ssh-privatekey: "{{ .mysecret | toString }}"
+    name: secret-to-be-created
+    creationPolicy: Owner
+  data:
+  - secretKey: mysecret
+    remoteRef:
+      key: ssh-priv-key-example
+{% endraw %}

docs/snippets/gcpsm-tls-externalsecret.yaml

@@ -0,0 +1,26 @@
+{% raw %}
+apiVersion: external-secrets.io/v1alpha1
+kind: ExternalSecret
+metadata:
+  name: template-tls-example
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    name: example
+    kind: SecretStore
+  target:
+    name: secret-to-be-created
+    # this is how the Kind=Secret will look like
+    template:
+      type: kubernetes.io/tls
+      data:
+        tls.crt: "{{ .mysecret | pkcs12cert | pemCertificate }}"
+        tls.key: "{{ .mysecret | pkcs12key | pemPrivateKey }}"
+
+  data:
+  # this is a pkcs12 archive that contains
+  # a cert and a private key
+  - secretKey: mysecret
+    remoteRef:
+      key: docker-config-example
+{% endraw %}

hack/api-docs/mkdocs.yml

@@ -32,6 +32,7 @@ nav:
     - Getting started: guides-getting-started.md
     - Advanced Templating: guides-templating.md
     - All keys, One secret: guides-all-keys-one-secret.md
+    - Common K8S Secret Types: guides-common-k8s-secret-types.md
     - Multi Tenancy: guides-multi-tenancy.md
     - Metrics: guides-metrics.md
   - Provider: