From 556b92e498c0718985796f18878177ace5ded614 Mon Sep 17 00:00:00 2001 From: Evelyn Gurschler Date: Mon, 27 May 2024 14:08:12 +0200 Subject: [PATCH] docs: update post-upgrade configuration --- charts/centralidp/README.md | 16 ++++++++++++++++ charts/centralidp/README.md.gotmpl | 16 ++++++++++++++++ 2 files changed, 32 insertions(+) diff --git a/charts/centralidp/README.md b/charts/centralidp/README.md index 325c435b..7963bb06 100644 --- a/charts/centralidp/README.md +++ b/charts/centralidp/README.md @@ -292,3 +292,19 @@ As part of an optional housekeeping, the following clients are obsolete in versi ### Upgrading from version 2.0.0 to 2.1.0 By enabling the seeding (Values.seeding.enabled), the CX-Central realm is upgraded by a job defined as a post-upgrade hook. + +### Upgrading from version 2.1.0 to 3.0.0 + +By enabling the seeding (Values.seeding.enabled), the CX-Central realm is upgraded by a job defined as a post-upgrade hook. + +As the seeding job is configured to not update the bpn user attribute, make sure that the bpn user attribute of the service account "sa-cl3-cx-1" is changed to CX-Operator BPN. + +As part of an optional housekeeping, the following obsolete service accounts composite roles and can be deleted: + +* remove service account `sa-cl5-custodian-1` +* remove the following composite roles Inside the `technical_roles_management` client + * "BPDM Gate Read" + * "BPDM Gate Read & Write" + * "BPDM Partner Gate" + * "BPDM Management" + * "BPDM Pool" diff --git a/charts/centralidp/README.md.gotmpl b/charts/centralidp/README.md.gotmpl index 8b6e0f6c..0cd17e30 100644 --- a/charts/centralidp/README.md.gotmpl +++ b/charts/centralidp/README.md.gotmpl @@ -199,3 +199,19 @@ As part of an optional housekeeping, the following clients are obsolete in versi ### Upgrading from version 2.0.0 to 2.1.0 By enabling the seeding (Values.seeding.enabled), the CX-Central realm is upgraded by a job defined as a post-upgrade hook. + +### Upgrading from version 2.1.0 to 3.0.0 + +By enabling the seeding (Values.seeding.enabled), the CX-Central realm is upgraded by a job defined as a post-upgrade hook. + +As the seeding job is configured to not update the bpn user attribute, make sure that the bpn user attribute of the service account "sa-cl3-cx-1" is changed to CX-Operator BPN. + +As part of an optional housekeeping, the following obsolete service accounts composite roles and can be deleted: + +* remove service account `sa-cl5-custodian-1` +* remove the following composite roles Inside the `technical_roles_management` client + * "BPDM Gate Read" + * "BPDM Gate Read & Write" + * "BPDM Partner Gate" + * "BPDM Management" + * "BPDM Pool"