Doc feedback: Helm token management is very confusing

I've spent several hours trying to sort out the documentation as far as how tokens are supposed to work now. I've read through the documentation. I couldn't understand it. ChatGPT couldn't understand it, either. It kept taking me in circles.

Particularly, on the runner token migration page it says runnerRegistrationToken replaces runnerToken. But it also says runnerRegistrationToken is deprecated. And then on the helm app documentation page it says runnerToken is a required field.

It provides some information about using kubernetes secrets, but doesn't clearly say whether or not that's the correct way of doing things now.

It says several options cannot be created during registration anymore, among them runnerRegistrationToken. But I'm not sure what that means. You could never create a token during registration. You have to get it from the UI.

I managed to get it working a few months ago, though I'm not sure I understood what I did right. But now an upgrade has broken it. So it's time to really understand it. But where do I go to do that?

I've been using GitLab for almost a decade now, and currently manage several instances, both Premium and CE. It's a wonderful tool. But runners have always been the sore point. The documentation has always seemed to be written for insiders that already understand how it all works. What does runner mean? Is it the runner management daemon? Is it the executor? They all seem to have the same name. I try to explain this stuff to co-workers, but I don't totally understand it myself.

A clear explanation of how this is supposed to work within the new framework would be most helpful. It seems like this should be a high priority, seeing as it's the one part of GitLab that you need to know how to use even if you're using gitlab.com instead of self-managed.