From 4cebdaec508a899852779fd72b17e5bbc9c69717 Mon Sep 17 00:00:00 2001
From: Elizabeth J Lee <elizabeth.j.lee@intel.com>
Date: Wed, 26 Apr 2023 13:32:07 -0700
Subject: [PATCH 1/2] feat(security): Add custom spire config env variable

Signed-off-by: Elizabeth J Lee <elizabeth.j.lee@intel.com>
---
 docs_src/security/Ch-DelayedStartServices.md | 27 ++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/docs_src/security/Ch-DelayedStartServices.md b/docs_src/security/Ch-DelayedStartServices.md
index 5e803dbd80..3fc722fc3b 100644
--- a/docs_src/security/Ch-DelayedStartServices.md
+++ b/docs_src/security/Ch-DelayedStartServices.md
@@ -20,6 +20,32 @@ in order to use delayed start services.
 
 ## How to Enable (Docker)
 
+### Enable Custom Application or Device Services (Optional)
+If using EdgeX with custom Application or Device services in Secure mode, first generate a docker-compose.yml file by running the following command from edgex-compose/compose-builder
+
+```shell
+$ make gen delayed-start
+```
+
+Open the generated docker-compose.yml file and set the SPIFFE_CUSTOM_SERVICES Environment variable. 
+
+```yaml
+  security-spire-config:
+    ...
+    environment:
+      ...
+      SPIFFE_CUSTOM_SERVICES: <custom-service> <custom-service-2>
+```
+
+Run the modified Docker Compose file
+
+```shell
+$ docker compose -p edgex up -d
+```
+
+Refer to the [configuration steps below](#configure-and-verify-services) to finish setting up any custom/non-core services.
+
+### Running in Delayed Start Mode
 Using the Docker run scripts, start the framework with the `delayed-start` option:
 
 ```shell
@@ -33,6 +59,7 @@ This will cause the following microservices to be started:
 * **edgex-security-spire-agent** - local node attestation agent
 * **edgex-security-spiffe-token-provider** - EdgeX microservice that exchanges a SPIFFE token for a secret store token
 
+### Configure and Verify Services
 Next, pass the following environment variables to any non-core EdgeX microservice
 that has SPIFFE/SPIRE support compiled-in:
 

From 49f49d53861b5efe98389125a2c0589f9da2ac2a Mon Sep 17 00:00:00 2001
From: Elizabeth J Lee <elizabeth.j.lee@intel.com>
Date: Wed, 26 Apr 2023 14:55:00 -0700
Subject: [PATCH 2/2] fix: address pr comments

Signed-off-by: Elizabeth J Lee <elizabeth.j.lee@intel.com>
---
 docs_src/security/Ch-DelayedStartServices.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/docs_src/security/Ch-DelayedStartServices.md b/docs_src/security/Ch-DelayedStartServices.md
index 3fc722fc3b..461706e78f 100644
--- a/docs_src/security/Ch-DelayedStartServices.md
+++ b/docs_src/security/Ch-DelayedStartServices.md
@@ -27,14 +27,15 @@ If using EdgeX with custom Application or Device services in Secure mode, first
 $ make gen delayed-start
 ```
 
-Open the generated docker-compose.yml file and set the SPIFFE_CUSTOM_SERVICES Environment variable. 
+Open the generated docker-compose.yml file and set the `EDGEX_SPIFFE_CUSTOM_SERVICES` Environment variable. 
+To set multiple custom services, use a white space delimiter. 
 
 ```yaml
   security-spire-config:
     ...
     environment:
       ...
-      SPIFFE_CUSTOM_SERVICES: <custom-service> <custom-service-2>
+      EDGEX_SPIFFE_CUSTOM_SERVICES: '<custom-service> <custom-service-2>'
 ```
 
 Run the modified Docker Compose file