From 198a7ed7d223eba16bf50dc857374750caa8e4df Mon Sep 17 00:00:00 2001
From: Richard Simpson <rsimpson@uship.com>
Date: Wed, 11 Mar 2020 14:11:13 -0500
Subject: [PATCH] docs: add headers docs and toc

---
 .vscode/settings.json |  3 +++
 README.md             | 34 ++++++++++++++++++++++++++++++++++
 2 files changed, 37 insertions(+)
 create mode 100644 .vscode/settings.json

diff --git a/.vscode/settings.json b/.vscode/settings.json
new file mode 100644
index 0000000..42162df
--- /dev/null
+++ b/.vscode/settings.json
@@ -0,0 +1,3 @@
+{
+    "markdown-toc.depthFrom": 2
+}
\ No newline at end of file
diff --git a/README.md b/README.md
index 5cd07de..64019c4 100644
--- a/README.md
+++ b/README.md
@@ -4,6 +4,24 @@ A helper action for easily pulling secrets from HashiCorp Vault™.
 
 By default, this action pulls from  [Version 2](https://www.vaultproject.io/docs/secrets/kv/kv-v2/) of the K/V Engine. See examples below for how to [use v1](#using-kv-version-1) as well as [other non-K/V engines](#other-secret-engines).
 
+<!-- TOC -->
+
+- [Example Usage](#example-usage)
+- [Authentication method](#authentication-method)
+- [Key Syntax](#key-syntax)
+    - [Simple Key](#simple-key)
+    - [Set Output Variable Name](#set-output-variable-name)
+    - [Multiple Secrets](#multiple-secrets)
+    - [Using K/V version 1](#using-kv-version-1)
+    - [Custom K/V Engine Path](#custom-kv-engine-path)
+    - [Other Secret Engines](#other-secret-engines)
+    - [Adding Extra Headers](#adding-extra-headers)
+- [Vault Enterprise Features](#vault-enterprise-features)
+    - [Namespace](#namespace)
+- [Masking](#masking)
+
+<!-- /TOC -->
+
 ## Example Usage
 
 ```yaml
@@ -202,6 +220,22 @@ would work fine.
 
 NOTE: The `Secret Key` is pulled from the `data` property of the response.
 
+### Adding Extra Headers
+
+If you ever need to add extra headers to the vault request, say if you need to authenticate with a firewall, all you need to do is set `extraHeaders`:
+
+```yaml
+with:
+    secrets: |
+        ci/aws accessKey | AWS_ACCESS_KEY_ID ;
+        ci/aws secretKey | AWS_SECRET_ACCESS_KEY
+    extraHeaders: |
+      X-Secure-Id: ${{ secrets.SECURE_ID }}
+      X-Secure-Secret: ${{ secrets.SECURE_SECRET }}
+```
+
+This will automatically add the `x-secure-id` and `x-secure-secret` headers to every request to vault.
+
 ## Vault Enterprise Features
 
 ### Namespace