feat: add generators docs

docs.json

@@ -32,10 +32,15 @@
                 "icon": "wind-turbine",
                 "group": "Generators",
                   "pages": [
+                    "docs/enterprise/externalsecrets/generators/basic-auth",
+                    "docs/enterprise/externalsecrets/generators/federation",
                     "docs/enterprise/externalsecrets/generators/iam-keys",
+                    "docs/enterprise/externalsecrets/generators/mongodb",
                     "docs/enterprise/externalsecrets/generators/neo4j",
                     "docs/enterprise/externalsecrets/generators/openai",
-                    "docs/enterprise/externalsecrets/generators/postgresql"
+                    "docs/enterprise/externalsecrets/generators/postgresql",
+                    "docs/enterprise/externalsecrets/generators/rabbitmq",
+                    "docs/enterprise/externalsecrets/generators/sendgrid"
                   ]
                 },
                 {

docs/enterprise/externalsecrets/generators/basic-auth.mdx

@@ -0,0 +1,130 @@
+---
+title: 'Basic Auth Generator'
+description: 'Generate random usernames and passwords for Basic Authentication.'
+---
+
+<Note>
+  The External Secrets Enterprise product suite is a premium product.  
+  It requires a specific subscription. Contact us for more information.
+</Note>
+
+<Tip>
+  In order to use the Basic Auth Generator, you must have the Enterprise Distribution of ESO available via [ESI Agent](/docs/enterprise/externalsecrets/esi-agent/quickstart) or via our [Helm chart bundle](/docs/enterprise/externalsecrets/get-started)
+</Tip>
+
+## Introduction
+
+The Basic Auth Generator allows you to automatically generate random **usernames** and **passwords** for use with Basic Authentication schemes.
+
+This is useful for generating credentials for internal services, CI pipelines, or any scenario where unique, scoped credentials are needed without relying on external identity providers.
+
+## Output Keys and Values
+
+| Key       | Description                      |
+|---------- |----------------------------------|
+| `username` | The generated username            |
+| `password` | The generated password            |
+
+## Parameters
+
+### `username` Configuration
+
+| Field           | Default | Description                                                                 |
+|-----------------|---------|-----------------------------------------------------------------------------|
+| `length`        | `8`     | Length of each word in the username.                                        |
+| `prefix`        | `""`    | Optional prefix added to the beginning of the username.                     |
+| `sufix`         | `""`    | Optional suffix added to the end of the username.                           |
+| `wordCount`     | `1`     | Number of words in the username.                                            |
+| `separator`     | `"_"`   | Character used to separate words.                                           |
+| `includeNumbers`| `false` | Whether to add 4 random digits at the end of the username after the suffix. |
+
+### `password` Configuration
+
+This field supports the same parameters as the [Password Generator](https://external-secrets.io/latest/api/generator/password/), allowing fine-grained control over password complexity.
+
+## Set up
+
+### Generator Config
+
+<CodeGroup>
+```yaml
+apiVersion: generators.external-secrets.io/v1alpha1
+kind: BasicAuth
+metadata:
+  name: basic-auth-generator
+  namespace: default
+spec:
+  username:
+    length: 6
+    wordCount: 2
+    separator: "-"
+    prefix: "app"
+    sufix: "user"
+    includeNumbers: true
+  password:
+    length: 20
+    includeUpperCase: true
+    includeLowerCase: true
+    includeDigits: true
+    includeSymbols: true
+```
+</CodeGroup>
+
+### ExternalSecret Config
+
+```yaml
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: basic-auth-secret
+  namespace: default
+spec:
+  refreshInterval: 1h
+  dataFrom:
+    - sourceRef:
+        generatorRef:
+          apiVersion: generators.external-secrets.io/v1alpha1
+          kind: BasicAuth
+          name: basic-auth-generator
+```
+
+### Using the Generated Secret
+
+```yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: my-app
+  namespace: default
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: my-app
+  template:
+    metadata:
+      labels:
+        app: my-app
+    spec:
+      containers:
+        - name: my-container
+          image: my-image:latest
+          env:
+            - name: BASIC_AUTH_USERNAME
+              valueFrom:
+                secretKeyRef:
+                  name: basic-auth-secret
+                  key: username
+            - name: BASIC_AUTH_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: basic-auth-secret
+                  key: password
+```
+
+## Notes and Considerations
+
+* This generator combines the behavior of the Username and Password generators for convenience.
+* Password field supports full customization as described in the [Password Generator documentation](https://external-secrets.io/latest/api/generator/password/).
+* The suffix and prefix are added to the username as literal strings—separated by the configured separator.
+* `includeNumbers` appends 4 digits after the suffix and is useful for ensuring uniqueness.

docs/enterprise/externalsecrets/generators/federation.mdx

@@ -0,0 +1,127 @@
+---
+title: 'Federation Generator'
+description: 'Delegate secret generation to remote ESO clusters via federated HTTP calls.'
+---
+
+<Note>
+  The External Secrets Enterprise product suite is a premium product.  
+  It requires a specific subscription. Contact us for more information.
+</Note>
+
+<Tip>
+  To use the Federation Generator, you must have the Enterprise Distribution of ESO available via [ESI Agent](/docs/enterprise/externalsecrets/esi-agent/quickstart) or via our [Helm chart bundle](/docs/enterprise/externalsecrets/get-started)
+</Tip>
+
+## Introduction
+
+The Federation Generator allows you to delegate secret generation to a **remote ESO instance**.  
+Instead of generating the secret locally, it proxies the request to a federated cluster that owns and maintains the generator logic.
+
+This is ideal for scenarios where:
+- Secret generation must occur in a centralized or isolated environment.
+- One team or cluster owns and maintains generator logic, and others consume it.
+- Compliance or boundary requirements prevent running generators locally.
+
+## Output Keys and Values
+
+| Key     | Description                                                              |
+|---------|--------------------------------------------------------------------------|
+| `<key>` | The output keys returned by the federated generator (dynamic per target) |
+
+## Parameters
+
+| Field                       | Default | Description |
+|-----------------------------|---------|-------------|
+| `server.url`                | -       | URL of the remote federation server (usually another ESO instance). |
+| `generator.namespace`       | -       | Namespace of the generator in the remote cluster. |
+| `generator.kind`            | -       | Kind of the generator in the remote cluster (e.g., `Password`, `MongoDB`, `SSH`). |
+| `generator.name`            | -       | Name of the generator object to call in the remote cluster. |
+| `auth.tokenSecretRef`       | -       | Kubernetes secret reference containing a Bearer token used for authenticating with the federation server. |
+| `auth.caCertSecretRef`      | *Optional* | Kubernetes secret reference containing a CA certificate to validate TLS connections with the federation server. |
+
+## Set up
+
+### Remote Generator Example (MongoDB in `remote-cluster`)
+
+The following object exists in the **remote ESO instance**:
+
+```yaml
+apiVersion: generators.external-secrets.io/v1alpha1
+kind: MongoDB
+metadata:
+  name: mongodb-generator
+  namespace: infra
+spec:
+  # generator spec...
+```
+
+### Federation Auth Secret Example
+
+```yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: federation-auth
+  namespace: default
+type: Opaque
+data:
+  token: <base64-bearer-token>
+  ca.crt: <base64-ca-cert> # optional
+```
+
+### Federation Generator (local cluster)
+
+```yaml
+apiVersion: generators.external-secrets.io/v1alpha1
+kind: Federation
+metadata:
+  name: mongodb-via-federation
+  namespace: default
+spec:
+  server:
+    url: https://remote-eso.example.com
+  generator:
+    kind: MongoDB
+    name: mongodb-generator
+    namespace: infra
+  auth:
+    tokenSecretRef:
+      name: federation-auth
+      key: token
+    caCertSecretRef:
+      name: federation-auth
+      key: ca.crt
+```
+
+### ExternalSecret Config
+
+```yaml
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: federated-mongodb-creds
+  namespace: default
+spec:
+  refreshInterval: 1h
+  dataFrom:
+    - sourceRef:
+        generatorRef:
+          apiVersion: generators.external-secrets.io/v1alpha1
+          kind: Federation
+          name: mongodb-via-federation
+```
+
+## Notes and Considerations
+
+- Federation generators **do not perform secret generation locally**. They proxy the request to a remote ESO instance.
+- The `auth.tokenSecretRef` must contain a valid Bearer token accepted by the remote server.
+- The remote generator must exist and be functional.
+- The federation server is expected to expose an HTTP endpoint and respond with a JSON object containing key-value pairs at:
+```
+POST {server.url}/generators/{namespace}/{kind}/{name}
+```
+- On cleanup, a `DELETE` request is issued to the same URL.
+
+<Warning> 
+Ensure the federation server is protected and only accessible from trusted environments.
+</Warning>

docs/enterprise/externalsecrets/generators/iam-keys.mdx

@@ -8,7 +8,7 @@
 </Note>
 
 <Tip>
-    In Order to use AWS IAM Keys Generator, you must have the Enterprise Distribution of ESO available via [ESI Agent](/docs/enterprise/externalsecrets/esi-agent/quickstart)
+    In Order to use AWS IAM Keys Generator, you must have the Enterprise Distribution of ESO available via [ESI Agent](/docs/enterprise/externalsecrets/esi-agent/quickstart) or via our [Helm chart bundle](/docs/enterprise/externalsecrets/get-started)
 </Tip>
 
 ## Introduction
@@ -65,8 +65,8 @@
 ### Generator Config
 <CodeGroup>
 ```yaml With IRSA
 apiVersion: generators.external-secrets.io/v1alpha1
 kind: AWSIAMKey
 metadata:
   name: iam-key-gen
 spec:
@@ -74,17 +74,17 @@
   region: eu-west-1
   # Optional: assume a role with the given authentication credentials
   role: my-role
   iamRef:
     username: aws-username
     maxKeys: 1 # Set up to 2 for zero application downtime
   auth:
     jwt:
       serviceAccountRef:
         name: sa-name-with-irsa
 ```
 ```yaml With IAM user Keys
 apiVersion: generators.external-secrets.io/v1alpha1
 kind: AWSIAMKey
 metadata:
   name: iam-key-gen
 spec:
@@ -92,11 +92,11 @@
   region: eu-west-1
   # Optional: assume a role with the given authentication credentials
   role: my-role
   iamRef:
     username: aws-username
     maxKeys: 1 # Set up to 2 for zero application downtime
   auth:
     secretRef:
       accessKeyIDSecretRef:
         name: my-aws-creds
         key: key-id