Added Documentation

Signed-off-by: Maia Iyer <[email protected]>

api/agent/config.go

@@ -108,7 +108,7 @@ func NewCRDManager(crdPlugin *ast.ObjectItem) (spirecrd.CRDManager, error) {
 		return nil, errors.Errorf("Couldn't parse SPIREControllerManager config: %v", err)
 	}
 
-	fmt.Println("CRD Controller configured. WARNING: This is currently a no-op")
+	fmt.Println("CRD Controller configured. spire-controller-manager APIs enabled")
 
 	crdManager, err := spirecrd.NewSPIRECRDManager(config.Classname)
 	if err != nil {

docs/plugin_server_spirecrd.md

@@ -1,6 +1,13 @@
 # Server plugin: SPIRECRDManager
 
-Note the SPIRECRDManager is an optional plugin. This plugin enables the creation of SPIRE CRDs on the cluster Tornjak is deployed on.
+Note the SPIRECRDManager is an optional plugin. This plugin enables the creation of SPIRE CRDs on the cluster Tornjak is deployed on. It enables the following API calls:
+
+- `GET /api/v1/spire-controller-manager/clusterfederatedtrustdomains`
+
+> [!IMPORTANT] 
+> This plugin requires 
+> 1. That Tornjak is deployed in the same cluster as the relevant CRDs as it uses its own service account token to talk to the kube API server. 
+> 2. That the proper permissions are given to the Service Account token that Tornjak will use. Current Helm charts deploy SPIRE Controller manager and Tornjak in the same pod as the SPIRE server, so no extra configuration is necessary if deployed this way. 
 
 The configuration has the following key-value pairs:
 

pkg/agent/spirecrd/manager.go

@@ -8,7 +8,7 @@ import (
 
 // CRDManager defines the interface for managing CRDs
 type CRDManager interface {
-	// TODO add List/Create/Update/Delete functions for Federation CRD
+	// TODO add Create/Update/Delete functions for Federation CRD
 	// ListClusterFederatedTrustDomain has the same signature as spire api
 	ListClusterFederatedTrustDomains(ListFederationRelationshipsRequest) (ListFederationRelationshipsResponse, error)
 }