change to defaultSecrets

ADDING-APPS.md

@@ -40,7 +40,7 @@ defaultConfig:
   dbHostname: postgres.postgres.svc.cluster.local
   dbUsername: immich
   domain: immich.{{ .cloud.domain }}
-requiredSecrets:
+defaultSecrets:
   - apps.immich.dbPassword
   - apps.postgres.password
 ```
@@ -55,7 +55,7 @@ requiredSecrets:
 | `icon` | No | URL to app icon for UI display |
 | `requires` | No | List of dependency apps (e.g., `postgres`, `redis`) |
 | `defaultConfig` | Yes | Default configuration values merged into operator's `config.yaml` |
-| `requiredSecrets` | No | List of secrets in dotted-path format (e.g., `apps.appname.dbPassword`) |
+| `defaultSecrets` | No | List of secrets in dotted-path format (e.g., `apps.appname.dbPassword`) |
 
 **Important:** All configuration keys referenced in templates (via `{{ .apps.appname.key }}`) must be defined in `defaultConfig` or be standard Wild Cloud variables.
 
@@ -177,7 +177,7 @@ When apps need database URLs with embedded credentials, **always use a dedicated
       key: apps.myapp.dbUrl
 ```
 
-Add `apps.myapp.dbUrl` to your manifest's `requiredSecrets`, and the system will generate the complete URL with embedded credentials automatically when the app is added.
+Add `apps.myapp.dbUrl` to your manifest's `defaultSecrets`, and the system will generate the complete URL with embedded credentials automatically when the app is added.
 
 ## Security Requirements
 
@@ -215,7 +215,7 @@ Secrets use a **full dotted-path naming convention** to prevent naming conflicts
 
 **In manifest:**
 ```yaml
-requiredSecrets:
+defaultSecrets:
   - apps.myapp.dbPassword
   - apps.postgres.password
 ```
@@ -231,7 +231,7 @@ env:
 ```
 
 **Secret workflow:**
-1. List secrets in manifest's `requiredSecrets`
+1. List secrets in manifest's `defaultSecrets`
 2. When adding an app, the system generates random values in the instance's `secrets.yaml`
 3. When deploying, the system creates a Kubernetes Secret named `<app-name>-secrets`
 4. Resources reference secrets using full dotted paths