chore: Updated migration documentation (#125)

Updated documentation
pagopa · Sep 4, 2024 · 5946fb7 · 5946fb7
1 parent a392e38
commit 5946fb7
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 42 deletions.
diff --git a/MIGRATION_GUIDE.md b/MIGRATION_GUIDE.md
@@ -3,38 +3,42 @@
 
 ## (Breaking) from v5.x to v7.x
 
+> This version drop the support for the POD IDENTITY
+
 To use the workload identity and be able to load secrets directly from kv, you need to setup this two things.
 
-### Service account linked to workload identity
+### Service account name linked to workload identity
+
+Add this yaml tag with the service account info
 
 ```yaml
- serviceAccount:
- name: testit-workload-identity
+ microservice-chart:
+ serviceAccount:
+ name: testit-workload-identity
 ```
 
-> this service account was setuped before, and linked to the workload identity
-
-### POD Identity
+> this service account was setuped before (infra), and linked to the workload identity
 
-Was removed
+### Workload Identity ClientID (aka: User managed identity clientID)
 
-### Workload ClientID (ex Pod Identity)
-
-to be able to use the workload identity is mandatory to setup the client id associated to this one. To do so, you will have to pass as a parameter (DON'T COMMIT AS VALUE) as shown below
+To be able to use the workload identity is mandatory to setup the client id associated to this one.
+To do so, you will have to pass as a parameter as shown below
 
 ```yaml
 microservice-chart:
  azure:
- # -- (bool) Enable workload identity
- workloadIdentityEnabled: true
  # -- Azure Workload Identity Client ID (e.g. qwerty123-a1aa-1234-xyza-qwerty123)
- workloadIdentityClientId: ""
+ workloadIdentityClientId: qwerty123-a1aa-1234-xyza-qwerty123
 ```
 
+or you can override with an helm parameter in this way bellow, if you don't want to commit this value
+
 ```yaml
 --set microservice-chart.azure.workloadIdentityClientId="$CLIENT_ID"
 ```
 
+> the client id is not secret, this is why we can put into git 
+
 ## from v2.x to v5.3+
 
 the guaranteed version of 5.x is 5.3 which contains all the fixes necessary to minimize the inconvenience of a migration

diff --git a/README.md b/README.md
@@ -75,7 +75,7 @@ version: 1.0.0
 appVersion: 1.0.0
 dependencies:
 - name: microservice-chart
- version: 5.9.1
+ version: 7.1.1
  repository: "https://pagopa.github.io/aks-microservice-chart-blueprint"
 EOF
 ```
@@ -131,35 +131,9 @@ K8s:
 
 see [README/Microservice Chart configuration](charts/microservice-chart/README.md) to understand how to use the values.
 
-### `workload identity`
+### `Workload Identity`
 
-To use the workload identity and be able to load secrets directly from kv, you need to setup this two things.
-
-### Service account linked to workload identity
-
-```yaml
- serviceAccount:
- name: testit-workload-identity
-```
-
-> this service account was setuped before, and linked to the workload identity
-
-### Workload Identity ClientID (ex Pod Identity)
-
-to be able to use the workload identity is mandatory to setup the client id associated to this one. To do so, you will have to pass as a parameter (DON'T COMMIT AS VALUE) as shown below
-
-```yaml
-microservice-chart:
- azure:
- # -- (bool) Enable workload identity
- workloadIdentityEnabled: true
- # -- Azure Workload Identity Client ID (e.g. qwerty123-a1aa-1234-xyza-qwerty123)
- workloadIdentityClientId: ""
-```
-
-```yaml
---set microservice-chart.azure.workloadIdentityClientId="$CLIENT_ID"
-```
+To use the workload identity and be able to load secrets directly from kv, follow the [MIGRATION_GUIDE.md](MIGRATION_GUIDE.md).
 
 ### `envConfig`: load values in an internal configmap with the same name of the release