docs: add more details in the externalsecret comments in the API section (creationPolicy + deletionPolicy) (#3725)

Signed-off-by: c-neto <carlos.neto.dev@gmail.com>

docs/snippets/full-external-secret.yaml

@@ -32,17 +32,18 @@ spec:
     # It is immutable
     name: application-config
 
-    # Enum with values: 'Owner', 'Merge', or 'None'
-    # Default value of 'Owner'
-    # Owner creates the secret and sets .metadata.ownerReferences of the resource
-    # Merge does not create the secret, but merges in the data fields to the secret
-    # None does not create a secret (future use with injector)
-    creationPolicy: 'Merge'
-
-    # DeletionPolicy defines how/when to delete the Secret in Kubernetes
-    # if the provider secret gets deleted.
-    # Valid values are Delete, Merge, Retain
-    deletionPolicy: "Retain"
+    # Specifies the ExternalSecret ownership details in the created Secret. Options:
+    # - Owner: (default) Creates the Secret and sets .metadata.ownerReferences. If the ExternalSecret is deleted, the Secret will also be deleted.
+    # - Merge: Does not create the Secret but merges data fields into the existing Secret (expects the Secret to already exist).
+    # - Orphan: Creates the Secret but does not set .metadata.ownerReferences. If the Secret already exists, it will be updated.
+    # - None: Does not create or update the Secret (reserved for future use with injector).
+    creationPolicy: Merge
+
+    # Specifies what happens to the Secret when data fields are deleted from the provider (e.g., Vault, AWS Parameter Store). Options:
+    # - Retain: (default) Retains the Secret if all Secret data fields have been deleted from the provider.
+    # - Delete: Removes the Secret if all Secret data fields from the provider are deleted.
+    # - Merge: Removes keys from the Secret but not the Secret itself.
+    deletionPolicy: Retain
 
     # Specify a blueprint for the resulting Kind=Secret
     template: