ansible: updated readme regarding secret handling

ansible/README.md

@@ -33,6 +33,30 @@ virtual machines (VMs) on a Proxmox server.
    and individual host-related variables to the files under the `host_vars`
   directory. Ansible will automatically pick up these variables.
 
+4. Add the following secrets to the ansible-vault:
+   - proxmox_api_token_id
+   - proxmox_api_token
+   - ansible_proxmox_user
+   - ansible_vm_user
+   - proxmox_user
+   - ansible_ssh_private_key_file
+   - ciuser
+   - cipassword
+
+  One can create the secret file using the following command:
+  ```sh
+  ansible-vault create secrets/vault.yml
+  ```
+
+  To encrypt and decrypt the file, use the following commands:
+  ```sh
+  ansible-vault encrypt secrets/vault.yml
+  ansible-vault decrypt secrets/vault.yml
+  ```
+  The password for vault file can be stored in a file or can be provided during
+  the encryption/decryption process. The password file location can be specified
+  in the `ansible.cfg` file.
+
 ## Playbooks
 
 ### Create VM