docs: move secret reference writes to the pe toolset

[rashadism]

Purpose

Reflects the toolset-membership change in openchoreo/openchoreo#3504. SecretReference writes are now pe-only; reads stay dual-registered on namespace and pe so developers can list and inspect references without enabling pe.

Approach

• Trim create_/update_/delete_secret_reference from the Namespace Toolset section in docs/reference/mcp-servers.mdx.
• Add a Secret References subsection under the PE Toolset listing all five tools.
• Mark list_secret_references / get_secret_reference with ‡ and footnote the dual registration in both sections.

Checklist

• Updated `sidebars.ts` — n/a, edits an existing page
• Ran `npm run build` to ensure the build passes

Remarks

• Pairs with refactor: move secret reference writes to the pe toolset openchoreo#3504 (control-plane refactor).

[coderabbitai]

Warning

Rate limit exceeded

@rashadism has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 6 minutes and 11 seconds before requesting another review.

You’ve run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 8d463987-74e3-406d-8fb0-11e5d4e32f25

📥 Commits

Reviewing files that changed from the base of the PR and between c2f4cd3 and d54415b.

📒 Files selected for processing (1)

• docs/reference/mcp-servers.mdx

📝 Walkthrough

Walkthrough

This PR contains two independent changes: the Plugin category field is made optional across the marketplace type system and ecosystem pages to support plugins without categorization, and MCP Servers reference documentation is reorganized to clarify secret reference tool distribution across Control Plane toolsets.

Changes

Plugin Category Optional Migration

Layer / File(s)	Summary
Plugin category type contract src/components/PluginCard/PluginCard.tsx, src/pages/ecosystem.tsx, src/pages/ecosystem/item.tsx	The Plugin interface's category field changes from required string to optional category?: string across all component declarations.
Ecosystem filtering and rendering for optional categories src/pages/ecosystem.tsx, src/pages/ecosystem/item.tsx	Category filtering guards against undefined before checking membership in selected categories; category count generation skips plugins without categories; category badge renders conditionally only when plugin.category is present.
Marketplace catalog expansion src/data/marketplace-plugins.json	Four new component-type entries (Service, Web Application, Worker, Scheduled Task) and four new workflow entries for GitOps releases (Docker, Google Cloud Buildpacks, React, Bulk) are appended with descriptive metadata, tags, and sample source links.

MCP Servers Documentation

Layer / File(s)	Summary
Secret References documentation reorganization docs/reference/mcp-servers.mdx	Namespace toolset documentation is revised to expose only read-only secret reference tools (list_secret_references, get_secret_reference) and clarify that authoring operations are PE-only; PE toolset gains a new Secret References subsection listing the same read-only tools with cross-reference to Namespace registration.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• openchoreo/openchoreo.github.io#616: Overlaps with this PR's changes to make Plugin.category optional in PluginCard, ecosystem, and ecosystem/item components and data.
• openchoreo/openchoreo.github.io#608: Both PRs expand src/data/marketplace-plugins.json by adding new marketplace catalog entries.

Suggested reviewers

• LakshanSS

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately reflects the main documentation change: moving secret reference write operations to the PE toolset as specified in the PR objectives.
Description check	✅ Passed	The description covers the purpose, approach, and checklist sections with clear explanations of the changes and reasoning.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (1)

docs/reference/mcp-servers.mdx (1)

71-71: 💤 Low value

Consider simplifying the cross-reference phrasing.

The phrase "(PE toolset; enable PE alongside Namespace)" is slightly awkward. Consider replacing with "(available in the PE toolset)" for better readability, since the broader context already mentions toolset combination in the tip at line 328.

✨ Suggested rewording

-- `get_secret_reference` ‡ — Get a single secret reference's full spec (template, data sources, refresh interval, target plane). For sync status, query `get_resource_events` (PE toolset; enable PE alongside Namespace) against the rendered ExternalSecret on the data plane
+- `get_secret_reference` ‡ — Get a single secret reference's full spec (template, data sources, refresh interval, target plane). For sync status, query `get_resource_events` (available in the PE toolset) against the rendered ExternalSecret on the data plane

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/reference/mcp-servers.mdx` at line 71, Replace the awkward parenthetical
"(PE toolset; enable PE alongside Namespace)" with a simpler phrase; update the
sentence referencing get_secret_reference and get_resource_events so it reads
that sync status can be queried via get_resource_events against the rendered
ExternalSecret on the data plane and clarify the tool availability by using
"(available in the PE toolset)" (keep mentions of get_secret_reference,
get_resource_events, ExternalSecret, Namespace and PE intact for context).

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@docs/reference/mcp-servers.mdx`:
- Line 71: Replace the awkward parenthetical "(PE toolset; enable PE alongside
Namespace)" with a simpler phrase; update the sentence referencing
get_secret_reference and get_resource_events so it reads that sync status can be
queried via get_resource_events against the rendered ExternalSecret on the data
plane and clarify the tool availability by using "(available in the PE toolset)"
(keep mentions of get_secret_reference, get_resource_events, ExternalSecret,
Namespace and PE intact for context).

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 96139257-4b66-4c37-9aac-4aee62f2b294

📥 Commits

Reviewing files that changed from the base of the PR and between 7934c88 and c2f4cd3.

📒 Files selected for processing (5)

• docs/reference/mcp-servers.mdx
• src/components/PluginCard/PluginCard.tsx
• src/data/marketplace-plugins.json
• src/pages/ecosystem.tsx
• src/pages/ecosystem/item.tsx