doc update

README.md

@@ -1,26 +1,66 @@
 [comment]: # ( Copyright Contributors to the Open Cluster Management project )
 
-# Configuration Policy Controller [![KinD tests](https://github.com/open-cluster-management/config-policy-controller/actions/workflows/kind.yml/badge.svg?branch=main&event=push)](https://github.com/open-cluster-management/config-policy-controller/actions/workflows/kind.yml)
-Red Hat Advanced Cluster Management - Governance - Configuration Policy Controller
+# Configuration Policy Controller 
+[![License](https://img.shields.io/:license-apache-blue.svg)](http://www.apache.org/licenses/LICENSE-2.0.html)[![KinD tests](https://github.com/open-cluster-management/config-policy-controller/actions/workflows/kind.yml/badge.svg?branch=main&event=push)](https://github.com/open-cluster-management/config-policy-controller/actions/workflows/kind.yml)
 
-## How it works
+## What is Configuration Policy Controller?
 
-The Configuration Policy Controller watches for the following triggers to execute a reconcile:
+Open Cluster Management - Configuration Policy Controller
 
-1. ConfigurationPolicy changes in all watched namespaces on the hub cluster
+The Configuration Policy Controller monitors `ConfigurationPolicy` kubenetese resource for the following triggers to execute a reconcile:
+
+1. `ConfigurationPolicy` changes in all watched namespaces on the hub cluster
 
 Every reconcile the controller will:
 
-1. Create/update/delete the replicated policy on the managed cluster in the cluster namespace
-2. Handle the object template specified in the ConfigurationPolicy and create an object and/or status update depending on the details of the object template
+1. Handle the object template specified in the ConfigurationPolicy and create an object and/or status update depending on the details of the object template
+2. If using with [Governance Policy Framework](https://github.com/open-cluster-management/governance-policy-framework), it will also generate an kuberenets event on parent `Policy` to report its compliance status
 
-## Run
+Below is an example of `ConfigurationPolicy` resource:
 
-To run the controller locally, point your CLI to a running cluster and then run:
-```
-export WATCH_NAMESPACE=cluster_namespace_on_hub
-go run cmd/manager/main.go
+```yaml
+apiVersion: policy.open-cluster-management.io/v1
+kind: ConfigurationPolicy
+metadata:
+  name: policy-role
+  namespace: default
+spec:
+  complianceType: mustnothave                         # musthave/mustnothave
+  remediationAction: inform                           # inform/enforce
+  namespaceSelector:                                  # use `namespaceSelector` if the desired resource check should happen in multiple namespaces
+    exclude: ["kube-*"]
+    include: ["default"]
+  object-templates:
+    - complianceType: mustonlyhave                    # musthave/mustnothave/mustonlyhave
+      objectDefinition:
+        apiVersion: rbac.authorization.k8s.io/v1
+        kind: Role
+        metadata:
+          name: pod-reader-thur
+        rules:
+          - apiGroups: ["extensions", "apps"]
+            resources: ["deployments"]
+            verbs: ["get", "list", "watch", "delete","patch"]
 ```
+
+## Getting started
+
+- Steps for development: 
+
+    To run the controller locally, point your CLI to a running cluster and then run:
+    ```
+    export WATCH_NAMESPACE=cluster_namespace_on_hub
+    go run cmd/manager/main.go
+    ```
+
+
+- Steps for deployment:
+
+- Steps for test:
+
+- Check the [Security guide](SECURITY.md) if you need to report a security issue.
+
+
 <!---
 Date: 9/09/2020
 -->