update doc

README.md

@@ -40,6 +40,13 @@ On your OpenShift cluster(s):
 * Red Hat ACS
 * OpenShift Pipelines
 
+Create two namespaces for the demo.
+
+```sh
+oc new-project vulnerable-cicd
+oc new-project vulnerable-log4j
+```
+
 ### 1. Jira
 
 * Create a Jira trial account at: https://www.atlassian.com/fr/try/cloud/signup?bundle=jira-software&edition=free
@@ -123,11 +130,7 @@ Add an enforcement exception for the `Fixable Severity at least important` polic
 * In the excluded image, add `<REGISTRY>/vulnerable-cicd/vulnerable-log4j` (you will have to select the last option of the list: `Create ...`)
 * Save the policy
 
-### 4. Deploy the vulnerable app
+### 4. Prepare for deployment
-
-```sh
-oc kustomize deployment | oc apply -f - 
-```
 
 Give access to the `vulnerable-cicd` images from the `vulnerable-log4j` namespace.
 
@@ -155,6 +158,12 @@ REGISTRY_TOKEN="$(oc get secrets -n vulnerable-cicd -o json | jq -r '.items[] |
 podman login "$REGISTRY" --username sa --password "$REGISTRY_TOKEN"
 ```
 
+Deploy the vulnerable app.
+
+```sh
+oc kustomize deployment | oc apply -f -
+```
+
 ## Demo scenario
 
 ### Build the inventory
@@ -215,7 +224,17 @@ Restart the CI/CD pipeline.
 
 ## Reset the demo
 
-* In central, delete the **Log4Shell** policy
+In central, delete the **Log4Shell** policy
+
+Edit **src/pom.xml** and change `<log4j.version>2.17.1</log4j.version>` to `<log4j.version>2.14.0</log4j.version>`.
+
+```sh
+git add src/pom.xml
+git commit -m 'reset the demo'
+git push
+```
+
+Cleanup
 
 ```sh
 oc delete -f deployment

cicd/00-namespace.yaml

@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  annotations:
-    openshift.io/description: ""
-    openshift.io/display-name: ""
-  name: vulnerable-cicd
-spec:
-  finalizers:
-  - kubernetes

deployment/00-namespace.yaml

@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  annotations:
-    openshift.io/description: ""
-    openshift.io/display-name: ""
-  name: vulnerable-log4j
-spec:
-  finalizers:
-  - kubernetes