feat(documentation): Fix, reorder docs regarding external secrets

Signed-off-by: Axel Lender <lender@b1-systems.de>

docs/external-secrets.md

@@ -10,13 +10,15 @@ This document covers how to utilise external secrets and special requirements.
 <!-- TOC -->
 * [General](#general)
 * [Components](#components)
-  * [MinIO](#minio)
   * [Cassandra](#cassandra)
+  * [MinIO](#minio)
   * [XWiki](#xwiki)
 <!-- TOC -->
 
 # General
 
+⚠ ATTENTION: This feature is still in early development. For now you can't simply replace plain secrets with external secrets because some secrets are used several components where some maybe don't support external secrets by now.
+
 For most components when set the external secret will supersede e.g. a password in a `values.yaml` file.
 
 The file [`external_secrets.yaml`](/helmfile/environments/default/external_secrets.yaml.gotmpl) lists all possible references to external secrets that are currently implemented in openDesk.
@@ -25,21 +27,6 @@ The file [`external_secrets.yaml`](/helmfile/environments/default/external_secre
 
 This section covers information and special requirements to external secrets that some Helm Charts expect.
 
-## MinIO
-
-Like described in the [upstream `values.yaml`](https://github.com/bitnami/charts/blob/main/bitnami/minio/values.yaml#L1595) credentials and information about a user in external secrets listed in `usersExistingSecrets` have to be formatted as follows:
-
-```yaml
-stringData:
-  username1: |
-    username=test-username
-    password=test-password
-    disabled=false
-    policies=readwrite,consoleAdmin,diagnostics
-    setPolicies=fa
-```
-
-Further we need the credentials introduced at MinIO in various other components that didn't implement the special format from MinIO. Hence we have to create key-value-pairs of the passwords for them.
 ## Cassandra
 
 Cassandra is pre-populated with information regarding Dovecot with a `cql` script. The openDesk default `initDB` setting is configured as follows:
@@ -57,10 +44,29 @@ Cassandra is pre-populated with information regarding Dovecot with a `cql` scrip
 ```
 
 This has to be adapted into a secret that also holds a `cql` script and is named in `initDBSecret`.
+
+## MinIO
+
+Like described in the [upstream `values.yaml`](https://github.com/bitnami/charts/blob/main/bitnami/minio/values.yaml#L1595) credentials and information about a user in external secrets listed in `usersExistingSecrets` have to be formatted as follows:
+
+```yaml
+stringData:
+  username1: |
+    username=test-username
+    password=test-password
+    disabled=false
+    policies=readwrite,consoleAdmin,diagnostics
+    setPolicies=false
+```
+
+Further we need the credentials introduced at MinIO in various other components that didn't implement the special format from MinIO. Hence we have to create key-value-pairs of the passwords for them.
+
 ## XWiki
 
 Properties listed in the file of the external secret will overwrite plain values.
 
+Licenses can also be given via properties and require the format `licenses=<EnterpriseLicense>,<Applicationslicense>`.
+
 Like described in the [upstream `values.yaml`](https://github.com/xwiki-contrib/xwiki-helm/blob/master/charts/xwiki/values.yaml#L435) credentials and information about a user in external secrets listed in `propertiesSecret` have to be formatted as follows:
 
 ```yaml