feat: add ESO and ESC blog post

content/blog/cloud-native-secret-management-with-pulumi-esc-and-external-secrets-operator/index.md

@@ -36,21 +36,22 @@ applications through its dedicated SDKs built for different programming language
 which can be used to manage secrets and configurations from the command line to provide a context for your CLI tools (
 e.g. `terraform`).
 
-For more information on Pulumi ESC, you can check out the official [documentation](/docs/esc/). In this blog post, we will be using
-the External Secrets Operator, and it's Pulumi ESC provider to manage secrets in a Kubernetes cluster.
+For more information on Pulumi ESC, you can check out the official [documentation](/docs/esc/).
 
 ## External Secrets Operator (ESO)
 
-The Open Source project [External Secrets Operator](https://external-secrets.io/latest/) (ESO) is a Kubernetes operator that helps us to manage secrets in a
-highly secure and scalable way. ESO synchronizes secrets stored in external secret management systems like Pulumi ESC,
-HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, and more into Kubernetes secrets. This approach allows us to tame
-any secrets sprawl and centralize the management of secrets in a single place while providing a secure and controlled
-way to access them.
+The Open Source project [External Secrets Operator](https://external-secrets.io/latest/) (ESO) is a Kubernetes operator
+that helps manage secrets in a highly secure and scalable way. ESO synchronizes secrets stored in external secret
+management systems like Pulumi ESC, HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, and more into Kubernetes
+secrets. This approach allows us to control secret sprawl and centralize the management of secrets in a single place
+while providing a secure and controlled way to access them.
 
-## Why Kubernetes Secrets Are Not Enough
+## Why Kubernetes Secrets Are Not Enough?
 
 Kubernetes secrets are a great way to store sensitive information in a Kubernetes cluster. Kubernetes secrets are
-created and stored as a Kubernetes resource object as then used by pods or other resources in the cluster.
+created and stored as a Kubernetes resource object as then used by pods or other resources inside the cluster.
+
+Here is an example of a Kubernetes secret manifest file:
 
 ```yaml
 apiVersion: v1
@@ -77,7 +78,7 @@ But [Kubernetes secrets](https://kubernetes.io/docs/concepts/configuration/secre
 - Hard to manage and synchronize secrets across different environments and clusters.
 - There is no default way to rotate secrets automatically.
 
-I am sure there are more limitations, but these are the most common ones that I have encountered. This is where ESO
+I am sure there are some more limitations, but these are the most common ones that I have encountered. This is where ESO
 shines by providing a way to manage secrets in a more secure and efficient way:
 
 - Mitigate security risks as secrets are stored in a secure external secret management system like Pulumi ESC, which
@@ -99,7 +100,9 @@ shines by providing a way to manage secrets in a more secure and efficient way:
 
 ## External Secrets Operator Architecture
 
-Central part of the [ESO architecture](https://external-secrets.io/latest/introduction/overview/) is the extension of the Kubernetes API with a new [Custom Resource Definition (CRD)](https://kubernetes.io/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/)
+Central part of the [ESO architecture](https://external-secrets.io/latest/introduction/overview/) is the extension of
+the Kubernetes API with a
+new [Custom Resource Definition (CRD)](https://kubernetes.io/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/)
 which defines where the secrets are stored and how they are synchronized into Kubernetes secrets. The ESO controller
 then retrieves the secrets from the external secret management system and creates or updates the Kubernetes secrets.
 Every time a secret is updated in the external secret management system, the ESO controller will synchronize the secret
@@ -140,7 +143,9 @@ We will use Pulumi with the `pulumi-kuernetes` provider to deploy ESO into the K
 a PAT (Personal Access Token) to authenticate with Pulumi ESC, we will create a secret in the Kubernetes cluster to
 store. But this secret will be retrieved from Pulumi ESC using the Pulumi ESC integration of Pulumi IaC.
 
-> This is Pulumi ESC inception in action!
+{{% notes type="info" %}}
+This is Pulumi ESC inception in action!
+{{% /notes %}}
 
 ```bash
 pulumi new kubernetes-typescript --name eso-pulumi-esc
@@ -196,8 +201,12 @@ values:
       fn::secret: <your-pulumi-pat>
 ```
 
-> You don't know how to create a PAT? Check out the official
-> Pulumi [documentation](https://www.pulumi.com/docs/pulumi-cloud/access-management/access-tokens/).
+{{% notes type="info" %}}
+
+You don't know how to create a PAT? Check out the official
+Pulumi [documentation](https://www.pulumi.com/docs/pulumi-cloud/access-management/access-tokens/).
+
+{{% /notes %}}
 
 Now, we need to link the Pulumi ESC project to the Pulumi IaC project. To do this, we need to add the following to your
 `Pulumi.dev.yaml`:
@@ -396,8 +405,12 @@ This will deploy the `PodInfo` application and create an `ExternalSecret` resour
 Pulumi ESC project. We mount the secret into the pod as an environment variable by using the `extraEnvs` field in the
 Helm chart.
 
-> In your real-world application, you could add different ways to reference the secret, like mounting it as a volume or
-> using `fromEnv` field in the Helm chart. It depends on your application and how you want to consume the secret.
+{{% notes type="info" %}}
+
+In your real-world application, you could add different ways to reference the secret, like mounting it as a volume or
+using `fromEnv` field in the Helm chart. It depends on your application and how you want to consume the secret.
+
+{{% /notes %}}
 
 After deploying the stack, you should see that the `PodInfo` application is running and if you port-forward the service
 by running:
@@ -427,11 +440,11 @@ pulumi destroy
 ## Conclusion
 
 The combination of Pulumi ESC and External Secrets Operator provides a secure and efficient way to manage secrets in a
-cloud-native environment, guaranteeing the security, efficiency, and compliance when consuming secrets in your
-Kubernetes cluster. By using Pulumi ESC, you can manage secrets and configurations in a centralized way and have a with
-the ESO a streamlined way to synchronize secrets into your Kubernetes cluster.
+cloud-native environment, guaranteeing security, efficiency, and compliance when consuming secrets in your Kubernetes
+cluster. By using Pulumi ESC, you can manage secrets and configurations in a centralized way, and with ESO, have a
+streamlined process to synchronize secrets into your Kubernetes cluster.
 
-Start using Pulumi ESC and ESO today by creating an account on the Pulumi Cloud Console and start managing your secrets
+Start using Pulumi ESC and ESO today by creating an account on the Pulumi Cloud Console and begin managing your secrets
 in a secure and efficient way.
 
 <a class="btn btn-secondary" href="https://app.pulumi.com/signup" target="_blank">Create an Account</a>