docs: update scale secure tutorial DOC-1395

_partials/getting-started/_cluster_profile_import_azure.mdx

@@ -37,7 +37,7 @@ partial_name: import-hello-uni-azure
           "name": "kubernetes",
           "type": "oci",
           "layer": "k8s",
-          "version": "1.27.15",
+          "version": "1.27.16",
           "tag": "1.27.x",
           "values": "# spectrocloud.com/enabled-presets: Kube Controller Manager:loopback-ctrlmgr,Kube Scheduler:loopback-scheduler\npack:\n  content:\n    images:\n      - image: registry.k8s.io/coredns/coredns:v1.10.1\n      - image: registry.k8s.io/etcd:3.5.12-0\n      - image: registry.k8s.io/kube-apiserver:v1.27.15\n      - image: registry.k8s.io/kube-controller-manager:v1.27.15\n      - image: registry.k8s.io/kube-proxy:v1.27.15\n      - image: registry.k8s.io/kube-scheduler:v1.27.15\n      - image: registry.k8s.io/pause:3.9\n      - image: registry.k8s.io/pause:3.8\n  #CIDR Range for Pods in cluster\n  # Note : This must not overlap with any of the host or service network\n  podCIDR: \"192.168.0.0/16\"\n  #CIDR notation IP range from which to assign service cluster IPs\n  # Note : This must not overlap with any IP ranges assigned to nodes for pods.\n  serviceClusterIpRange: \"10.96.0.0/12\"\n  # serviceDomain: \"cluster.local\"\n\nkubeadmconfig:\n  apiServer:\n    extraArgs:\n      # Note : secure-port flag is used during kubeadm init. Do not change this flag on a running cluster\n      secure-port: \"6443\"\n      anonymous-auth: \"true\"\n      profiling: \"false\"\n      disable-admission-plugins: \"AlwaysAdmit\"\n      default-not-ready-toleration-seconds: \"60\"\n      default-unreachable-toleration-seconds: \"60\"\n      enable-admission-plugins: \"AlwaysPullImages,NamespaceLifecycle,ServiceAccount,NodeRestriction,PodSecurity\"\n      admission-control-config-file: \"/etc/kubernetes/pod-security-standard.yaml\"\n      audit-log-path: /var/log/apiserver/audit.log\n      audit-policy-file: /etc/kubernetes/audit-policy.yaml\n      audit-log-maxage: \"30\"\n      audit-log-maxbackup: \"10\"\n      audit-log-maxsize: \"100\"\n      authorization-mode: RBAC,Node\n      tls-cipher-suites: \"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256\"\n    extraVolumes:\n      - name: audit-log\n        hostPath: /var/log/apiserver\n        mountPath: /var/log/apiserver\n        pathType: DirectoryOrCreate\n      - name: audit-policy\n        hostPath: /etc/kubernetes/audit-policy.yaml\n        mountPath: /etc/kubernetes/audit-policy.yaml\n        readOnly: true\n        pathType: File\n      - name: pod-security-standard\n        hostPath: /etc/kubernetes/pod-security-standard.yaml\n        mountPath: /etc/kubernetes/pod-security-standard.yaml\n        readOnly: true\n        pathType: File\n  controllerManager:\n    extraArgs:\n      profiling: \"false\"\n      terminated-pod-gc-threshold: \"25\"\n      use-service-account-credentials: \"true\"\n      feature-gates: \"RotateKubeletServerCertificate=true\"\n  scheduler:\n    extraArgs:\n      profiling: \"false\"\n  kubeletExtraArgs:\n    read-only-port : \"0\"\n    event-qps: \"0\"\n    feature-gates: \"RotateKubeletServerCertificate=true\"\n    protect-kernel-defaults: \"true\"\n    rotate-server-certificates: \"true\"\n    tls-cipher-suites: \"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256\"\n  files:\n    - path: hardening/audit-policy.yaml\n      targetPath: /etc/kubernetes/audit-policy.yaml\n      targetOwner: \"root:root\"\n      targetPermissions: \"0600\"\n    - path: hardening/90-kubelet.conf\n      targetPath: /etc/sysctl.d/90-kubelet.conf\n      targetOwner: \"root:root\"\n      targetPermissions: \"0600\"\n    - targetPath: /etc/kubernetes/pod-security-standard.yaml\n      targetOwner: \"root:root\"\n      targetPermissions: \"0600\"\n      content: |\n        apiVersion: apiserver.config.k8s.io/v1\n        kind: AdmissionConfiguration\n        plugins:\n        - name: PodSecurity\n          configuration:\n            apiVersion: pod-security.admission.config.k8s.io/v1\n            kind: PodSecurityConfiguration\n            defaults:\n              enforce: \"baseline\"\n              enforce-version: \"v1.27\"\n              audit: \"baseline\"\n              audit-version: \"v1.27\"\n              warn: \"restricted\"\n              warn-version: \"v1.27\"\n              audit: \"restricted\"\n              audit-version: \"v1.27\"\n            exemptions:\n              # Array of authenticated usernames to exempt.\n              usernames: []\n              # Array of runtime class names to exempt.\n              runtimeClasses: []\n              # Array of namespaces to exempt.\n              namespaces: [kube-system]\n\n  preKubeadmCommands:\n    # For enabling 'protect-kernel-defaults' flag to kubelet, kernel parameters changes are required\n    - 'echo \"====> Applying kernel parameters for Kubelet\"'\n    - 'sysctl -p /etc/sysctl.d/90-kubelet.conf'\n  postKubeadmCommands:\n    - 'chmod 600 /var/lib/kubelet/config.yaml'\n    #- 'echo \"List of post kubeadm commands to be executed\"'\n\n# Client configuration to add OIDC based authentication flags in kubeconfig\n#clientConfig:\n  #oidc-issuer-url: \"{{ .spectro.pack.kubernetes.kubeadmconfig.apiServer.extraArgs.oidc-issuer-url }}\"\n  #oidc-client-id: \"{{ .spectro.pack.kubernetes.kubeadmconfig.apiServer.extraArgs.oidc-client-id }}\"\n  #oidc-client-secret: 1gsranjjmdgahm10j8r6m47ejokm9kafvcbhi3d48jlc3rfpprhv\n  #oidc-extra-scope: profile,email",
           "registry": {
@@ -88,9 +88,9 @@ partial_name: import-hello-uni-azure
           "name": "hello-universe",
           "type": "oci",
           "layer": "addon",
-          "version": "1.1.3",
-          "tag": "1.1.3",
-          "values": "# spectrocloud.com/enabled-presets: Backend:disable-api\npack:\n  content:\n    images:\n      - image: ghcr.io/spectrocloud/hello-universe:1.1.3\n  spectrocloud.com/install-priority: 0\n\nmanifests:\n  hello-universe:\n    images:\n      hellouniverse: ghcr.io/spectrocloud/hello-universe:1.1.3\n    apiEnabled: false\n    namespace: hello-universe\n    port: 8080\n    replicas: 1",
+          "version": "1.2.0",
+          "tag": "1.2.0",
+          "values": "# spectrocloud.com/enabled-presets: Backend:disable-api\npack:\n  content:\n    images:\n      - image: ghcr.io/spectrocloud/hello-universe:1.2.0\n  spectrocloud.com/install-priority: 0\n\nmanifests:\n  hello-universe:\n    images:\n      hellouniverse: ghcr.io/spectrocloud/hello-universe:1.2.0\n    apiEnabled: false\n    namespace: hello-universe\n    port: 8080\n    replicas: 1",
           "registry": {
             "metadata": {
               "uid": "64eaff5630402973c4e1856a",

_partials/getting-started/_getting-started_create-cluster-profile_spacetastic-end.mdx

@@ -8,7 +8,7 @@ in good spirits, as the process has gone smoothly.
 
 > "The visual representation of cluster profiles in Palette is much clearer than our whiteboard." says Kai, glancing
 > back at the list they have created. "I can keep track of which versions we are using in production just by reviewing
-> the profile. What are your thoughts, Wren? Have you remained a Palette sceptic?"
+> the profile. What are your thoughts, Wren? Have you remained a Palette skeptic?"
 >
 > Wren laughs. "Yes, I admit cluster profiles are very convenient. I'm not convinced yet, but I am already starting to
 > understand how Palette could make us more productive. Let's keep exploring and get something deployed with it!"

_partials/getting-started/_getting-started_deploy-cluster_spacetastic-end.mdx

@@ -10,7 +10,7 @@ impressed by how streamlined the process was and how the cluster profiles provid
 > take care of our Kubernetes infrastructure and free us up to deliver more educational features. I definitely think
 > that Palette has the capabilities to take care of all the Kubernetes heavy lifting for us."
 >
-> "I agree with you and I'm glad to hear you're not as sceptical anymore." says Kai, nodding and laughing. "From a
+> "I agree with you and I'm glad to hear you're not as skeptical anymore." says Kai, nodding and laughing. "From a
 > platform engineering perspective, I can say that cluster profiles will provide us with reliable deployments across
 > environments and even clouds, so I'm much more confident about our testing and deployment strategy."
 >

docs/docs-content/getting-started/additional-capabilities/additional-capabilities.md

@@ -40,7 +40,7 @@ Started section to learn how they can grow with Palette and have a long-term rel
 > "You know, we might be able to make your dream happen!" says Wren, Founding Engineer. "Palette's edge capabilities
 > could make it possible for us to bring Spacetastic to many devices."
 >
-> "I can't believe my ears!" says Kai laughing. "Wren, our resident Palette sceptic, has well and truly embraced our new
+> "I can't believe my ears!" says Kai laughing. "Wren, our resident Palette skeptic, has well and truly embraced our new
 > platform solution."
 >
 > Wren laughs and quickly responds. "Oh and one more thing! Palette doesn't lock us into a single tech stack or cloud

docs/docs-content/getting-started/azure/scale-secure-cluster.md

@@ -122,7 +122,7 @@ displays. The Palette UI confirms that the cluster profile was created in the sc
 Select the cluster profile to view its details. The cluster profile summary appears.
 
 This cluster profile deploys the [Hello Universe](https://github.com/spectrocloud/hello-universe) application using a
-pack. Click on the **hellouniverse 1.1.3** layer. The pack manifest editor appears.
+pack. Click on the **hellouniverse 1.2.0** layer. The pack manifest editor appears.
 
 Click on **Presets** on the right-hand side. You can learn more about the pack presets on the pack README, which is
 available in the Palette UI. Select the **Enable Hello Universe API** preset. The pack manifest changes accordingly.
@@ -339,8 +339,8 @@ worker node, which is the node that does not have the `control-plane` role. In t
 
 ```shell
 NAME                                   STATUS   ROLES           AGE   VERSION
-azure-cluster-cp-75841-bmt5v           Ready    control-plane   56m   v1.28.11
-azure-cluster-worker-pool-6058-7tk4b   Ready    <none>          42m   v1.28.11
+azure-cluster-cp-75841-bmt5v           Ready    control-plane   56m   v1.28.13
+azure-cluster-worker-pool-6058-7tk4b   Ready    <none>          42m   v1.28.13
 ```
 
 The Hello Universe pack deploys three pods in the `hello-universe` namespace. Execute the following command to verify
@@ -388,9 +388,9 @@ are the worker nodes.
 
 ```shell
 NAME                                     STATUS   ROLES           AGE    VERSION
-azure-cluster-cp-77030-5szc5             Ready    control-plane   114m   v1.28.11
-azure-cluster-worker-pool-2-6895-pbfnm   Ready    <none>          99m    v1.28.11
-azure-cluster-worker-pool-e54e-64fwj     Ready    <none>          102m   v1.28.11
+azure-cluster-cp-77030-5szc5             Ready    control-plane   114m   v1.28.13
+azure-cluster-worker-pool-2-6895-pbfnm   Ready    <none>          99m    v1.28.13
+azure-cluster-worker-pool-e54e-64fwj     Ready    <none>          102m   v1.28.13
 ```
 
 It is common to dedicate node pools to a particular type of workload. One way to specify this is through the use of
@@ -408,7 +408,7 @@ workloads execute on which nodes.
 Switch back to Palette in your web browser. Navigate to the left **Main Menu** and select **Profiles**. Select the
 cluster profile deployed to your cluster, named `azure-profile`. Ensure that the **1.1.0** version is selected.
 
-Click on the **hellouniverse 1.1.3** layer. The manifest editor appears. Set the
+Click on the **hellouniverse 1.2.0** layer. The manifest editor appears. Set the
 `manifests.hello-universe.ui.useTolerations` field on line 20 to `true`. Then, set the
 `manifests.hello-universe.ui.effect` field on line 22 to `NoExecute`. This toleration describes that the UI pods of
 Hello Universe will tolerate the taint with the key `app`, value `ui` and effect `NoExecute`. The tolerations of the UI