Improve GETTING-STARTED.md

[soulshake]

Hi and thanks for your work on this promising project!

I'll use this issue to document a few of the stumbling blocks I encountered when trying this out for the first time.

Secrets

This document says to create two forks, front-end and ephemeral.run.

A following step says "Set the following secrets on your fork" but it's not clear which secrets need to go on which forked repo.

The intended values of the following secrets is unclear:

• DOCKERHUB_REPOSITORY -- it's not clear if this should be hub.docker.com/repository/registry-1.docker.io/soulshake/front-end/, soulshake/front-end, just soulshake, or what
• DOCKERHUB_USERNAME, DOCKERHUB_PASSWORD -- these are clear enough; however, it seems that the front-end repo is actually expecting to find DOCKER_USER and DOCKER_PASS
• GIT_HUB_ACCESS_TOKEN -- what permissions are required?
• AWS_CLUSTER_NAME -- corresponds to terraform output value cluster_name
• IAM_CLUSTER_USER -- it seems this is supposed to be the AWS_ACCESS_KEY_ID of the ephemeral-gha-user, corresponds to the terraform output value of ephemeral-gha-user_iam_creds_id
• IAM_CLUSTER_PASSWORD -- it seems this is supposed to be the AWS_SECRET_ACCESS_KEY of the ephemeral-gha-user, corresponds to the terraform output value of ephemeral-gha-user_iam_creds_secret

Non-secret secrets

It would be preferable to use something other than Github secrets to store the non-secret items, as all "secrets" are obfuscated in the action logs, making it harder to debug.

Other variables

It seems there are some additional variables that need to be updated in the workflow files (AWS_REGION, repository paths for create-or-update-comment steps, KUBE_CONTEXT?, etc).

KUBE_CONTEXT in particular was confusing -- to me, the name implies that it should be set to e.g. arn:aws:eks:ap-south-1:ACCOUNT_ID:cluster/ephemeral-demo-spot (as it appears in kubectl config get-contexts) but it seems it's actually supposed to be the short cluster name, e.g. ephemeral-demo-spot ?

Workflow files / front-end repo changes needed

GETTING-STARTED.md says to fork microservices-demo/front-end but that repo doesn't have the Github actions that actually trigger the build (see diff). The doc should either instead point to OpenGov/front-end or document the workflow yaml files that need to be added.

It's actually not clear (without some investigation) which workflow files need to go on which repo.

WIP

(Will continue to gather feedback for this issue, and will be happy to create a PR, however it might be preferable to rename some of these variables instead)