Documentation improvements

[p-rog]

README.md

• Restructured the Components section into three tiers: Validated Patterns Framework (OpenShift GitOps/ArgoCD, VP Operator — previously not mentioned at all), Core ZTVP Components (always deployed), and
  Optional ZTVP Components (opt-in, commented out in values-hub.yaml by default)
• Added missing components: cert-manager and ACS/RHACS were deployed but absent from the list
• Moved to optional tier: Quay, NooBaa MCG, RHTAS, RHTPA, and OpenShift Pipelines — these were listed as always-on but are actually commented out by default
• Marked externalized charts: RHBK, ZTWIM, Compliance Operator, and Quay are noted as (externalized chart) following PR feat: Externalize 5 charts to validatedpatterns repos #106
• Added Architecture Overview section explaining the four-layer structure (VP Framework → Layer 0 Cluster Hardening → Layer 1 Identity & Secrets → Layer 2 Workloads & Supply Chain)
• Fixed broken SSH URL in the git remote add command (github.com/ → github.com:)
• Added links to docs/acs-deployment.md and docs/CONFIDENTIAL-CONTAINERS.md in the Use Cases section

docs/supply-chain.md

• Added prerequisites callout at the top listing every values-hub.yaml section that must be uncommented before the supply chain use case works (Pipelines, RHTAS, RHTPA, Quay, NooBaa MCG operators and
  applications)

docs/multi-tier.md

• Fixed incomplete sentence ("within this use case the external identity store" → "for the external identity store")
• Added doc link on first reference to Red Hat Build of Keycloak

docs/DEVELOPMENT.md

• Added "Accessing Credentials for Testing" section covering: how to extract the Vault root token, how to open the Vault Web UI, how to query secrets via vault kv get/list using oc exec (no local Vault binary
  needed), a reference table of all key secret paths organized by component, and a shortcut for reading ESO-synced Kubernetes Secrets directly