From 10a49f9ff2db1d9d11a6edd1c40a9f61803241bc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Javier=20J=2E=20Salmer=C3=B3n=20Garc=C3=ADa?=
 <javier.salmeron@broadcom.com>
Date: Mon, 2 Dec 2024 11:09:11 +0100
Subject: [PATCH] [bitnami/*] docs: :memo: Add "Update Credentials" (batch 3)
 (#30688)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* [bitnami/*] docs: :memo: Add "Update Credentials" (batch 3)

Signed-off-by: Javier J. Salmerón García <javier.salmeron@broadcom.com>

* docs: :memo: Add section for valkey-cluster

Signed-off-by: Javier J. Salmerón García <javier.salmeron@broadcom.com>

---------

Signed-off-by: Javier J. Salmerón García <javier.salmeron@broadcom.com>
---
 bitnami/mongodb-sharded/README.md | 11 +++++++++++
 bitnami/moodle/README.md          | 11 +++++++++++
 bitnami/nats/README.md            |  7 +++++++
 bitnami/neo4j/README.md           | 11 +++++++++++
 bitnami/odoo/README.md            | 11 +++++++++++
 bitnami/opensearch/README.md      | 11 +++++++++++
 bitnami/parse/README.md           | 11 +++++++++++
 bitnami/postgresql-ha/README.md   | 11 +++++++++++
 bitnami/redmine/README.md         | 11 +++++++++++
 bitnami/scylladb/README.md        | 11 +++++++++++
 bitnami/seaweedfs/README.md       | 11 +++++++++++
 bitnami/solr/README.md            | 11 +++++++++++
 bitnami/tomcat/README.md          | 11 +++++++++++
 bitnami/valkey-cluster/README.md  |  7 +++++++
 bitnami/wildfly/README.md         | 15 +++++++++++++--
 bitnami/wordpress/README.md       | 11 +++++++++++
 bitnami/zookeeper/README.md       | 11 +++++++++++
 17 files changed, 181 insertions(+), 2 deletions(-)

diff --git a/bitnami/mongodb-sharded/README.md b/bitnami/mongodb-sharded/README.md
index e0ee88e81f..ea79caf980 100644
--- a/bitnami/mongodb-sharded/README.md
+++ b/bitnami/mongodb-sharded/README.md
@@ -55,6 +55,17 @@ Bitnami charts allow setting resource requests and limits for all containers ins
 
 To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the bitnami/common chart](https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15). However, in production workloads using `resourcePreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/).
 
+### Update credentials
+
+Bitnami charts configure credentials at first boot. Any further change in the secrets or credentials require manual intervention. Follow these instructions:
+
+- Update the user password following [the upstream documentation](https://www.mongodb.com/docs/manual/reference/method/db.changeUserPassword/)
+- Update the password secret with the new values (replace the SECRET_NAME, ROOT_PASSWORD and REPLICA_SET_KEY placeholders)
+
+```shell
+kubectl create secret generic SECRET_NAME --from-literal=mongodb-root-password=ROOT_PASSWORD --from-literal=mongodb-replica-set-key=REPLICA_SET_KEY --dry-run -o yaml | kubectl apply -f -
+```
+
 ### Prometheus metrics
 
 This chart can be integrated with Prometheus by setting `metrics.enabled` to `true`. This will deploy a sidecar container with [mongodb_exporter](https://github.com/percona/mongodb_exporter) in all pods. The pods will have the necessary annotations to be automatically scraped by Prometheus.
diff --git a/bitnami/moodle/README.md b/bitnami/moodle/README.md
index 737eec9d99..5a4d3de71f 100644
--- a/bitnami/moodle/README.md
+++ b/bitnami/moodle/README.md
@@ -53,6 +53,17 @@ Bitnami charts allow setting resource requests and limits for all containers ins
 
 To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the bitnami/common chart](https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15). However, in production workloads using `resourcePreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/).
 
+### Update credentials
+
+Bitnami charts configure credentials at first boot. Any further change in the secrets or credentials require manual intervention. Follow these instructions:
+
+- Update the user password following [the upstream documentation](https://docs.moodle.org)
+- Update the password secret with the new values (replace the SECRET_NAME, PASSWORD and SMTP_PASSWORD placeholders)
+
+```shell
+kubectl create secret generic SECRET_NAME --from-literal=moodle-password=PASSWORD --from-literal=smtp-password=SMTP_PASSWORD --dry-run -o yaml | kubectl apply -f -
+```
+
 ### Prometheus metrics
 
 This chart can be integrated with Prometheus by setting `metrics.enabled` to `true`. This will deploy a sidecar container with [apache-exporter](https://github.com/Lusitaniae/apache_exporter) in all pods and a `metrics` service, which can be configured under the `metrics.service` section. This `metrics` service will have the necessary annotations to be automatically scraped by Prometheus.
diff --git a/bitnami/nats/README.md b/bitnami/nats/README.md
index 5473b9500d..83efd18e35 100644
--- a/bitnami/nats/README.md
+++ b/bitnami/nats/README.md
@@ -49,6 +49,13 @@ Bitnami charts allow setting resource requests and limits for all containers ins
 
 To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the bitnami/common chart](https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15). However, in production workloads using `resourcePreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/).
 
+### Update credentials
+
+The Bitnami NATS chart, when upgrading, reuses the secret previously rendered by the chart or the one specified in `existingSecret`. To update credentials, use one of the following:
+
+- Run `helm upgrade` specifying a new password in `auth.password`
+- Run `helm upgrade` specifying a new secret in `existingSecret`
+
 ### Prometheus metrics
 
 This chart can be integrated with Prometheus by setting `metrics.enabled` to `true`. This will deploy a sidecar container with [prometheus-nats-exporter](https://github.com/nats-io/prometheus-nats-exporter) in all pods and a `metrics` service, which can be configured under the `metrics.service` section. This `metrics` service will have the necessary annotations to be automatically scraped by Prometheus.
diff --git a/bitnami/neo4j/README.md b/bitnami/neo4j/README.md
index bac35451a7..728ecdf4d5 100644
--- a/bitnami/neo4j/README.md
+++ b/bitnami/neo4j/README.md
@@ -53,6 +53,17 @@ It is strongly recommended to use immutable tags in a production environment. Th
 
 Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist.
 
+### Update credentials
+
+Bitnami charts configure credentials at first boot. Any further change in the secrets or credentials require manual intervention. Follow these instructions:
+
+- Update the user password following [the upstream documentation](https://neo4j.com/docs/operations-manual/current/authentication-authorization/password-and-user-recovery/)
+- Update the password secret with the new values (replace the SECRET_NAME and PASSWORD placeholders)
+
+```shell
+kubectl create secret generic SECRET_NAME --from-literal=password=PASSWORD --dry-run -o yaml | kubectl apply -f -
+```
+
 ### Ingress
 
 This chart provides support for Ingress resources. If you have an ingress controller installed on your cluster, such as [nginx-ingress-controller](https://github.com/bitnami/charts/tree/main/bitnami/nginx-ingress-controller) or [contour](https://github.com/bitnami/charts/tree/main/bitnami/contour) you can utilize the ingress controller to serve your application.To enable Ingress integration, set `ingress.enabled` to `true`.
diff --git a/bitnami/odoo/README.md b/bitnami/odoo/README.md
index 721ae6b03c..cacf72d859 100644
--- a/bitnami/odoo/README.md
+++ b/bitnami/odoo/README.md
@@ -59,6 +59,17 @@ It is strongly recommended to use immutable tags in a production environment. Th
 
 Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist.
 
+### Update credentials
+
+Bitnami charts configure credentials at first boot. Any further change in the secrets or credentials require manual intervention. Follow these instructions:
+
+- Update the user password following [the upstream documentation](https://www.odoo.com/documentation/)
+- Update the password secret with the new values (replace the SECRET_NAME, PASSWORD and SMTP_PASSWORD placeholders)
+
+```shell
+kubectl create secret generic SECRET_NAME --from-literal=odoo-password=PASSWORD --from-literal=smtp-password=SMTP_PASSWORD --dry-run -o yaml | kubectl apply -f -
+```
+
 ### Use a different Odoo version
 
 To modify the application version used in this chart, specify a different version of the image using the `image.tag` parameter and/or a different repository using the `image.repository` parameter.
diff --git a/bitnami/opensearch/README.md b/bitnami/opensearch/README.md
index 43d1b7b5f7..878bd9b507 100644
--- a/bitnami/opensearch/README.md
+++ b/bitnami/opensearch/README.md
@@ -56,6 +56,17 @@ It is strongly recommended to use immutable tags in a production environment. Th
 
 Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist.
 
+### Update credentials
+
+Bitnami charts configure credentials at first boot. Any further change in the secrets or credentials require manual intervention. Follow these instructions:
+
+- Update the user password following [the upstream documentation](https://opster.com/guides/opensearch/opensearch-security/changing-admin-password-opensearch/)
+- Update the password secret with the new values (replace the SECRET_NAME PASSWORD, DASHBOARDS_PASSWORD, LOGSTASH_PASSWORD placeholders)
+
+```shell
+kubectl create secret generic SECRET_NAME --from-literal=opensearch-password=PASSWORD --from-literal=opensearch-dashboards-password=DASHBOARDS_PASSWORD --from-literal=logstash-password=LOGSTASH_PASSWORD --dry-run -o yaml | kubectl apply -f -
+```
+
 ### Prometheus metrics
 
 This chart can be integrated with Prometheus by setting `*.metrics.enabled` (under the `data`, `ingest`, `master` and `coordinating` sections) to `true`. This will expose a Prometheus endpoint using the [Opensearch Prometheus plugin](https://github.com/Aiven-Open/prometheus-exporter-plugin-for-opensearch). The Opensearch service will be have the necessary annotations to be automatically scraped by Prometheus.
diff --git a/bitnami/parse/README.md b/bitnami/parse/README.md
index 03479541db..b221a80d6b 100644
--- a/bitnami/parse/README.md
+++ b/bitnami/parse/README.md
@@ -77,6 +77,17 @@ extraEnvVars:
 
 Alternatively, you can use a ConfigMap or a Secret with the environment variables. To do so, use the `extraEnvVarsCM` or the `extraEnvVarsSecret` values.
 
+### Update credentials
+
+Bitnami charts configure credentials at first boot. Any further change in the secrets or credentials require manual intervention. Follow these instructions:
+
+- Update the user password following [the upstream documentation](https://docs.parseplatform.org/)
+- Update the password secret with the new values (replace the SECRET_NAME, MASTER_KEY and PARSE_DASHBOARD_PASSWORD placeholders)
+
+```shell
+kubectl create secret generic SECRET_NAME --from-literal=master-key=PASSWORD --from-literal=parse-dashboard-password=PARSE_DASHBOARD_PASSWORD --dry-run -o yaml | kubectl apply -f -
+```
+
 ### Deploying extra resources
 
 There are cases where you may want to deploy extra objects, such as KongPlugins, KongConsumers, amongst others. For covering this case, the chart allows adding the full specification of other objects using the `extraDeploy` parameter. The following example would activate a plugin at deployment time.
diff --git a/bitnami/postgresql-ha/README.md b/bitnami/postgresql-ha/README.md
index 15eb8268d8..55f4329c46 100644
--- a/bitnami/postgresql-ha/README.md
+++ b/bitnami/postgresql-ha/README.md
@@ -81,6 +81,17 @@ no matches for kind "ServiceMonitor" in version "monitoring.coreos.com/v1"
 
 Install the [Bitnami Kube Prometheus helm chart](https://github.com/bitnami/charts/tree/main/bitnami/kube-prometheus) for having the necessary CRDs and the Prometheus Operator.
 
+### Update credentials
+
+Bitnami charts configure credentials at first boot. Any further change in the secrets or credentials require manual intervention. Follow these instructions:
+
+- Update the user password following [the upstream documentation](https://www.postgresql.org/docs/current/sql-alteruser.html)
+- Update the password secret with the new values (replace the SECRET_NAME, POSTGRES_PASSWORD and PASSWORD and REPMGR_PASSWORD placeholders)
+
+```shell
+kubectl create secret generic SECRET_NAME --from-literal=postgres-password=POSTGRES_PASSWORD --from-literal=password=PASSWORD --from-literal=repmgr-password=REPMGR_PASSWORD --dry-run -o yaml | kubectl apply -f -
+```
+
 ### [Rolling VS Immutable tags](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html)
 
 It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image.
diff --git a/bitnami/redmine/README.md b/bitnami/redmine/README.md
index 380219fe50..7642b38d11 100644
--- a/bitnami/redmine/README.md
+++ b/bitnami/redmine/README.md
@@ -123,6 +123,17 @@ It is strongly recommended to use immutable tags in a production environment. Th
 
 Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist.
 
+### Update credentials
+
+Bitnami charts configure credentials at first boot. Any further change in the secrets or credentials require manual intervention. Follow these instructions:
+
+- Update the user password following [the upstream documentation](https://www.redmine.org/guide)
+- Update the password secret with the new values (replace the SECRET_NAME, PASSWORD and SMTP_PASSWORD placeholders)
+
+```shell
+kubectl create secret generic SECRET_NAME --from-literal=redmine-password=PASSWORD --from-literal=smtp-password=SMTP_PASSWORD --dry-run -o yaml | kubectl apply -f -
+```
+
 ### Replicas
 
 Redmine writes uploaded files to a persistent volume. By default that volume cannot be shared between pods (RWO). In such a configuration the `replicas` option must be set to `1`. If the persistent volume supports more than one writer (RWX), ie NFS, `replicas` can be greater than `1`.
diff --git a/bitnami/scylladb/README.md b/bitnami/scylladb/README.md
index b8a7d692c3..46eeb54a09 100644
--- a/bitnami/scylladb/README.md
+++ b/bitnami/scylladb/README.md
@@ -50,6 +50,17 @@ Bitnami charts allow setting resource requests and limits for all containers ins
 
 To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the bitnami/common chart](https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15). However, in production workloads using `resourcePreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/).
 
+### Update credentials
+
+Bitnami charts configure credentials at first boot. Any further change in the secrets or credentials require manual intervention. Follow these instructions:
+
+- Update the user password following [the upstream documentation](https://docs.scylladb.com)
+- Update the password secret with the new values (replace the SECRET_NAME and PASSWORD placeholders)
+
+```shell
+kubectl create secret generic SECRET_NAME --from-literal=scylladb-password=PASSWORD --dry-run -o yaml | kubectl apply -f -
+```
+
 ### Prometheus metrics
 
 This chart can be integrated with Prometheus by setting `metrics.enabled` to `true`. This will expose ScyllaDB native Prometheus in all pods and via the ScyllaDB service. This service will have the necessary annotations to be automatically scraped by Prometheus.
diff --git a/bitnami/seaweedfs/README.md b/bitnami/seaweedfs/README.md
index 3d70f35c40..16e9e1eda3 100644
--- a/bitnami/seaweedfs/README.md
+++ b/bitnami/seaweedfs/README.md
@@ -71,6 +71,17 @@ no matches for kind "ServiceMonitor" in version "monitoring.coreos.com/v1"
 
 Install the [Bitnami Kube Prometheus helm chart](https://github.com/bitnami/charts/tree/main/bitnami/kube-prometheus) for having the necessary CRDs and the Prometheus Operator.
 
+### Update credentials
+
+Bitnami charts configure credentials at first boot. Any further change in the secrets or credentials require manual intervention. Follow these instructions:
+
+- Update the user password following [the upstream documentation](https://github.com/seaweedfs/seaweedfs/wiki)
+- Update the password secret with the new values (replace the SECRET_NAME, ADMIN_ACCESS_KEY_ID, ADMIN_SECRET_KEY_ID, READ_ACCESS_KEY_ID and READ_SECRET_ACCESS_KEY placeholders)
+
+```shell
+kubectl create secret generic SECRET_NAME --from-literal=admin_access_key_id=ADMIN_ACCESS_KEY_ID --from-literal=admin_secret_access_key=ADMIN_SECRET_KEY_ID --from-literal=read_access_key_id=READ_ACCESS_KEY_ID --from-literal=read_secret_access_key=READ_SECRET_KEY_ID --dry-run -o yaml | kubectl apply -f -
+```
+
 ### [Rolling VS Immutable tags](https://techdocs.broadcom.com/us/en/vmware-tanzu/application-catalog/tanzu-application-catalog/services/tac-doc/apps-tutorials-understand-rolling-tags-containers-index.html)
 
 It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image.
diff --git a/bitnami/solr/README.md b/bitnami/solr/README.md
index 6bc1b6fe09..0cc85a80e2 100644
--- a/bitnami/solr/README.md
+++ b/bitnami/solr/README.md
@@ -61,6 +61,17 @@ Bitnami charts allow setting resource requests and limits for all containers ins
 
 To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the bitnami/common chart](https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15). However, in production workloads using `resourcePreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/).
 
+### Update credentials
+
+Bitnami charts configure credentials at first boot. Any further change in the secrets or credentials require manual intervention. Follow these instructions:
+
+- Update the user password following [the upstream documentation](https://solr.apache.org/guide/solr/latest/index.html)
+- Update the password secret with the new values (replace the SECRET_NAME and PASSWORD placeholders)
+
+```shell
+kubectl create secret generic SECRET_NAME --from-literal=solr-password=PASSWORD --dry-run -o yaml | kubectl apply -f -
+```
+
 ### Prometheus metrics
 
 This chart can be integrated with Prometheus by setting `metrics.enabled` to `true`. This will deploy a Deployment with [solr-exporter](https://github.com/apache/solr/tree/main/solr/prometheus-exporter) and a `metrics` service, which can be configured under the `metrics.service` section. This `metrics` service will have the necessary annotations to be automatically scraped by Prometheus.
diff --git a/bitnami/tomcat/README.md b/bitnami/tomcat/README.md
index eead0db656..bcc02d07c3 100644
--- a/bitnami/tomcat/README.md
+++ b/bitnami/tomcat/README.md
@@ -53,6 +53,17 @@ Bitnami charts allow setting resource requests and limits for all containers ins
 
 To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the bitnami/common chart](https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15). However, in production workloads using `resourcePreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/).
 
+### Update credentials
+
+Bitnami charts configure credentials at first boot. Any further change in the secrets or credentials require manual intervention. Follow these instructions:
+
+- Update the user password following [the upstream documentation](https://tomcat.apache.org/)
+- Update the password secret with the new values (replace the SECRET_NAME, USER and PASSWORD placeholders)
+
+```shell
+kubectl create secret generic SECRET_NAME --from-literal=tomcat-username=USER --from-literal=tomcat-password=PASSWORD --dry-run -o yaml | kubectl apply -f -
+```
+
 ### Prometheus metrics
 
 This chart can be integrated with Prometheus by setting `metrics.enabled` to `true`. This will deploy a sidecar container with [jmx_exporter](https://github.com/prometheus/jmx_exporter) in all pods. It will have the necessary annotations to be automatically scraped by Prometheus.
diff --git a/bitnami/valkey-cluster/README.md b/bitnami/valkey-cluster/README.md
index 0401779592..94c35ef973 100644
--- a/bitnami/valkey-cluster/README.md
+++ b/bitnami/valkey-cluster/README.md
@@ -69,6 +69,13 @@ Bitnami charts allow setting resource requests and limits for all containers ins
 
 To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the bitnami/common chart](https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15). However, in production workloads using `resourcePreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/).
 
+### Update credentials
+
+The Bitnami Valkey Cluster chart, when upgrading, reuses the secret previously rendered by the chart or the one specified in `existingSecret`. To update credentials, use one of the following:
+
+- Run `helm upgrade` specifying a new password in `password`
+- Run `helm upgrade` specifying a new secret in `existingSecret`
+
 ### Prometheus metrics
 
 This chart can be integrated with Prometheus by setting `metrics.enabled` to `true`. This will deploy a sidecar container with [redis_exporter](https://github.com/oliver006/redis_exporter) in all pods and a `metrics` service, which can be configured under the `metrics.service` section. This `metrics` service will have the necessary annotations to be automatically scraped by Prometheus.
diff --git a/bitnami/wildfly/README.md b/bitnami/wildfly/README.md
index 89215cd773..9005632db3 100644
--- a/bitnami/wildfly/README.md
+++ b/bitnami/wildfly/README.md
@@ -59,14 +59,25 @@ It is strongly recommended to use immutable tags in a production environment. Th
 
 Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist.
 
-## Persistence
+### Update credentials
+
+Bitnami charts configure credentials at first boot. Any further change in the secrets or credentials require manual intervention. Follow these instructions:
+
+- Update the user password following [the upstream documentation](https://docs.wildfly.org/)
+- Update the password secret with the new values (replace the SECRET_NAME and PASSWORD placeholders)
+
+```shell
+kubectl create secret generic SECRET_NAME --from-literal=wildfly-password=PASSWORD --dry-run -o yaml | kubectl apply -f -
+```
+
+### Persistence
 
 The [Bitnami WildFly](https://github.com/bitnami/containers/tree/main/bitnami/wildfly) image stores the WildFly data and configurations at the `/bitnami/wildfly` path of the container.
 
 Persistent Volume Claims are used to keep the data across deployments. This is known to work in GCE, AWS, and minikube.
 See the [Parameters](#parameters) section to configure the PVC or to disable persistence.
 
-### Adjust permissions of persistent volume mountpoint
+#### Adjust permissions of persistent volume mountpoint
 
 As the image run as non-root by default, it is necessary to adjust the ownership of the persistent volume so that the container can write data into it.
 
diff --git a/bitnami/wordpress/README.md b/bitnami/wordpress/README.md
index b001d3c661..90d13bd321 100644
--- a/bitnami/wordpress/README.md
+++ b/bitnami/wordpress/README.md
@@ -51,6 +51,17 @@ Bitnami charts allow setting resource requests and limits for all containers ins
 
 To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the bitnami/common chart](https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15). However, in production workloads using `resourcePreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/).
 
+### Update credentials
+
+Bitnami charts configure credentials at first boot. Any further change in the secrets or credentials require manual intervention. Follow these instructions:
+
+- Update the user password following [the upstream documentation](https://wordpress.org/documentation/)
+- Update the password secret with the new values (replace the SECRET_NAME, PASSWORD and SMTP_PASSWORD placeholders)
+
+```shell
+kubectl create secret generic SECRET_NAME --from-literal=wordpress-password=PASSWORD --from-literal=smtp-password=SMTP_PASSWORD --dry-run -o yaml | kubectl apply -f -
+```
+
 ### Prometheus metrics
 
 This chart can be integrated with Prometheus by setting `metrics.enabled` to `true`. This will deploy a sidecar container with [apache-exporter](https://github.com/Lusitaniae/apache_exporter) in all pods and a `metrics` service, which can be configured under the `metrics.service` section. This `metrics` service will have the necessary annotations to be automatically scraped by Prometheus.
diff --git a/bitnami/zookeeper/README.md b/bitnami/zookeeper/README.md
index b26f52eb19..96cfbb4384 100644
--- a/bitnami/zookeeper/README.md
+++ b/bitnami/zookeeper/README.md
@@ -50,6 +50,17 @@ Bitnami charts allow setting resource requests and limits for all containers ins
 
 To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the bitnami/common chart](https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15). However, in production workloads using `resourcePreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/).
 
+### Update credentials
+
+Bitnami charts configure credentials at first boot. Any further change in the secrets or credentials require manual intervention. Follow these instructions:
+
+- Update the user password following [the upstream documentation](https://zookeeper.apache.org/documentation.html)
+- Update the password secret with the new values (replace the SECRET_NAME, CLIENT_PASSWORD and SERVER_PASSWORD placeholders)
+
+```shell
+kubectl create secret generic SECRET_NAME --from-literal=client-password=CLIENT_PASSWORD --from-literal=server-password=SERVER_PASSWORD --dry-run -o yaml | kubectl apply -f -
+```
+
 ### Prometheus metrics
 
 This chart can be integrated with Prometheus by setting `metrics.enabled` to `true`. This will expose Zookeeper native Prometheus endpoint and a `metrics` service configurable under the `metrics.service` section. It will have the necessary annotations to be automatically scraped by Prometheus.