From 1071d0727f0010431ac44cef46b40ba9b08923c2 Mon Sep 17 00:00:00 2001
From: "Michal.Wrobel" <Michal.Wrobel@telekom.de>
Date: Wed, 18 Dec 2024 09:24:58 +0000
Subject: [PATCH] docs/userguide/openbao.md aktualisiert

---
 docs/userguide/openbao.md | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/docs/userguide/openbao.md b/docs/userguide/openbao.md
index 7c8dcb7..8b1dc59 100644
--- a/docs/userguide/openbao.md
+++ b/docs/userguide/openbao.md
@@ -11,6 +11,23 @@ OpenBao's Secret Engines include:
 5. **Time-based One-Time Passwords** (TOTP) for two-factor authentication
 6. **Kubernetes Secrets** for seamless integration with containerized applications
 
+## 🔨 How to get it to run
+The External Secrets Operator needs a kubernetes secret containing the **OpenBao's initial token** to access its secrets. You can create it with:
+
+`kubectl create secret generic vault-token --from-literal=token=<root_token_from_getpassword.sh> -n openbao`
+
+To perform any actions in OpenBao you need to authenticate using the following command:
+
+`kubectl exec -ti openbao-0 -n openbao -- vault login <root_token_from_getpassword.sh>`
+
+For demontrational purposes you can enable a **Key-Value secret engine** on the path **/data** with:
+
+`kubectl exec -ti openbao-0 -n openbao -- vault secrets enable -path=data kv`
+
+And to add your first secret just run:
+
+`kubectl exec -ti openbao-0 -n openbao -- vault kv put data/postgres POSTGRES_USER=admin POSTGRES_PASSWORD=123456`
+
 ## 🔗 References
 
 * https://openbao.org/docs/platform/k8s/helm/run/#initialize-and-unseal-openbao