RUN-4336: Update encryptable-properties docs for AES-256-GCM encryption#1801
Closed
Jesus-Osuna-M wants to merge 18 commits into5.20.1from
Closed
RUN-4336: Update encryptable-properties docs for AES-256-GCM encryption#1801Jesus-Osuna-M wants to merge 18 commits into5.20.1from
Jesus-Osuna-M wants to merge 18 commits into5.20.1from
Conversation
Clarified that AI-Generated Runbooks are only available in Runbook Automation SaaS and not in the Self-Hosted product.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Part of the AI sprint: establish a shared .claude/ directory consumed by both Claude Code and Cursor so the repository is AI-ready. - .claude/docs/: canonical reference (writing style, local dev, infrastructure, PR feed, DocSearch filters) in kebab-case - .claude/skills/: starter workflow skills for the two automated pipelines (write-release-notes, generate-pr-feed) - .claude/rules/: auto-loaded rule enforcing release-notes PR discipline - .claude/README.md + CONTRIBUTING.md: structure and extension guide - CLAUDE.md (repo root): conventions index; AGENTS.md symlinks to it - .cursor/ symlinks docs, rules, skills into .claude/ so both tools draw from a single source of truth - dev-docs/DOCSEARCH_FILTERS_README.md and PR-FEED-README.md: now symlinks into .claude/docs/ (external paths preserved) - .github/copilot-instructions.md slimmed to a pointer into CLAUDE.md and .claude/docs/writing-style.md to prevent drift Made-with: Cursor
- docsearch-filters.md: replace outdated "import/place in layout"
troubleshooting advice with pointers to the actual auto-injection
logic in docs/.vuepress/client.ts (#docsearch-container)
- pr-feed.md: remove git push from the sample commit block;
add explicit reminder of the "no push without instruction" rule
- write-release-notes SKILL: split Phase 2 into "create tag" and
"push tag" so the push step requires explicit confirmation;
add Phase 6 to gate the final push
- settings.json:
- drop Read(~/.cache/pagerduty/**) now that the manifest
pre-task block has been removed
- broaden Write/Edit docs globs to docs/**/*.md and
docs/.vuepress/** so the agent can actually edit
manual/administration/api/developer content
- add .docsearch/config.json and .claude/** for legitimate
maintenance writes
- local-development.md, infrastructure.md: promote top heading to
H1 for consistency with the other .claude/docs/* files
- infrastructure.md: correct check-milestone.yml trigger description
to reflect pull_request_target with opened/synchronize/reopened/
milestoned/demilestoned on 4.0.x
Made-with: Cursor
Factual corrections verified against docs/.vuepress/notes.mjs,
docs/.vuepress/pr-feed.mjs, and package.json:
- .claude/README.md: correct symlink destination wording to
".claude/docs/" (not "docs/") so the canonical source is clear
- .claude/docs/pr-feed.md:
- remove invalid "--owner=... --repo=..." example
- correct --include-section default column: the script has no
default; "Release Notes" is supplied by the npm run pr-feed
script in package.json
- CLAUDE.md, .claude/skills/write-release-notes/SKILL.md,
.claude/rules/release-notes-pr.md: remove ".docsearch/config.json"
from the release-notes side-effect staging list since notes.mjs
no longer updates it (updateDocsearchVersion is commented out).
Add a "run git status to catch any other modified files"
instruction so guidance stays accurate if the script evolves.
Made-with: Cursor
Fix typo in script file step description
Agent-Logs-Url: https://github.com/rundeck/docs/sessions/6960f553-1606-4f65-95c1-0d0c5d33e5c7 Co-authored-by: jtobard <2894508+jtobard@users.noreply.github.com>
…iption RUN-2581 Fix node filter description wording
Update availability information for AI-Generated Runbooks
Document the JVM system properties available to tune Runner capacity when users hit "Runner did not deliver reports in the configured timeout period" errors under heavy load. Covers: - Operation concurrency (runner.operations.maxRunning) - Report delivery batching (sendRate, sendBatchSize) with a warning that changing these puts additional load on the server and the defaults are recommended - Micronaut HTTP client pool and timeouts Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Agent-Logs-Url: https://github.com/rundeck/docs/sessions/f81ab751-17b4-4ece-a887-54e2cd3d4700 Co-authored-by: ltamaster <6034968+ltamaster@users.noreply.github.com>
[RUN-4403] Scaffolds AI for Claude Code and Cursor with sdlc-workflow skill
Add performance tuning section for high-throughput Runners
Reflects the migration from Jasypt to AES-256-GCM in Rundeck 6.0: - Remove references to "Jasypt encryption library" - Add upgrade note about automatic backward compatibility - Clarify that algorithm config only affects legacy decryption - Add section on re-encrypting legacy values Co-authored-by: Cursor <cursoragent@cursor.com>
Contributor
There was a problem hiding this comment.
Pull request overview
Updates the encryptable properties documentation to reflect the Rundeck 6.0 migration from legacy Jasypt-based encryption to AES-256-GCM, including upgrade guidance and a voluntary re-encryption path for legacy ENC(...) values.
Changes:
- Replaces Jasypt-library wording with AES-256-GCM terminology and updates the example encrypted output format.
- Adds an upgrade note explaining automatic detection/decryption of legacy
ENC()values. - Reframes “Advanced Usage” as legacy decryption configuration and adds a “Re-encrypting Legacy Values” section.
- Add info callout explaining 'Jasypt' is a legacy CLI name kept for compat - Add language tag (text) to interactive prompt code block - Fix Java -D property ordering (must come before -jar) - Add explanation of Encrypter Config name linkage - Add info callout in re-encryption section about legacy provider name Co-authored-by: Cursor <cursoragent@cursor.com>
- bundled-plugins.md: Rewrite plugin section with new/upgrade examples, clarify algorithm/provider only needed for legacy decryption - storage-facility.md: Update section title, examples, remove algorithm options table (no longer configurable) - secrets-overview.md: Update plugin link and example config - full-list.md: Update plugin name and link - storage-converter-plugins.md: Update plugin description - migrate-to-mysql.md: Update link - azure-vault.md: Update converter type reference Co-authored-by: Cursor <cursoragent@cursor.com>
Jesus-Osuna-M
force-pushed
the
docs/update-encryptable-properties-aes-gcm
branch
from
c24192f to
96dec1b
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
ENC()values are automatically detected and decrypted without changesRelated
Test plan
Made with Cursor