5.3.0 Release Notes

Name: "Etna turquoise lamp"
Release Date: May 20th, 2024

• Download the Release: Open Source | Self-Hosted
• Sign up for Release Notes
• Upgrade instructions
• Watch the Live Stream Release Recap

Overview

Version 5.3.0 is here! Check out the new features and enhancements for PagerDuty Runbook Automation (formerly Rundeck Enterprise) and Rundeck Community included in this release.

Concurrent Executions Performance Degradation

There is a bug in this release that causes execution failures when there are 10 or more concurrent executions.
To mitigate this issue, add the following to Configuration Management or to rundeck-config.properties:

dataSource.properties.maximumPoolSize=100

A permanent fix will be available in the next release.

Highlights

Project Runner Management Early Access

Users can now create, download, and manage Enterprise Runners from within Projects.
This gives teams more autonomy and flexibility with their automation and decreases their dependency on the tool administrators of Runbook Automation (cloud or self-hosted).

To try out project-based Runner Management, submit the Early Access form here and select Project Runner Management. We will respond promptly with instructions on how to enable the feature. Read more about Runner management here.

New PagerDuty Job Steps

Among the more common use cases for Runbook Automation (cloud or self-hosted) is incident automation — either for retrieving diagnostics or carrying out remediation. To assist users with further automating the incident process, Runbook Automation can now natively invoke PagerDuty Incident Workflows.
This release includes both a Job Step and a Notification plugin to start an Incident Workflow.
These plugins better enable users to connect the technical infrastructure processes with the communication and collaboration processes as part of their incident response.
Read more about the new plugins here.

SFTP Option for Script Execution & File Transfer

The SSH File Transfer plugin (powered by SSHJ) now includes an option to use SFTP (Secure File Transfer Protocol) instead of SCP (Secure Copy Protocol) for securely executing scripts and transferring files. As of recently, SFTP is the recommended method for dispatching files over networks. In conjunction with the Enterprise Runner, this allows users to confidently execute scripts and transfer files in their most secure environments.
We will continue to support SCP in the SSHJ plugin for the foreseeable future. Read more about the SFTP option for our SSHJ plugin here.

Note: SCP was flagged with a Moderate level CVE by Red Hat. You can read the details of the CVE here.

Additional Updates

• Configurable maximum log size for Job execution logs
• Performance improvement for Runbook Automation users with large numbers of Job executions through Runners.
• Update http-step plugin to mitigate CVE-2023-24621
• Additional plugin credentials are now treated as secrets:
  • framework.plugin.UserGroupSource.OktaGroupSource.apiToken
  • rundeck.security.oauth.okta.clientSecret
  • rundeck.security.oauth.azure.clientSecret
  • framework.plugin.ExecutionFileStorage.org.rundeck.amazon-s3.AWSSecretKey
• Additional ACL policies for project-based Runner management
• Fix: OpenSSH CopyFile not working on Docker
• Fix: duplicate user entries when using LDAP and case sensitivity
• Fix: Error when using step labels with Ruleset workflow strategy
• Fix: Autotakeover resuming executions that use a Runner
• Update Azure and SSHJ plugins to mitigate CVE-2021-29425
• Update spring to 5.3.34 to mitigate CVE-2024-22262
• Fix: log event metadata produces errors when using specific log filters
• Update nimbus-jose dependencies and constraints to mitigate CVE-2023-52428
• Fix: Docker image ignoring value of JVM_MAX_RAM_PERCENTAGE
• Fix: intermittent 500 errors when querying the execution metrics through the API
• Fix: Database errors when upgrading to 5.2.0 while using Microsoft SQL Server.
• Upgrade Grails to 6.1

Rundeck Open Source Product Updates

• RUN:2243: Update sshj-plugin version to mitigate CVE
• testdeck schedule job
• Login counting multiple times in user classes
• Update spring to 5.3.34 address CVE-2024-22262
• add TZ to scheduled jobs in tests
• QAF-migration2
• Add functional test for ldap duplicated user fix
• unit tests for edit project file
• fix log event metadata may be incorrect
• fixes project label and description tests
• bump sshj plugin version to 0.1.12
• Make max log size configurable (whale log limit)
• Add ACL's for project runner management
• Change label and description of secureExposed option type
• Grails 6.1.2 upgrade
• OpenSSH CopyFile not working on Docker
• Remove packages that are not being used and update dependencies
• Update nimbus-jose deps and constraints for CVE-2023-52428
• Fix: Case sensitive in users when used LDAP OSS
• Fix: Users logged from LDAP are duplicate
• Fix docker image ignoring value of JVM_MAX_RAM_PERCENTAGE
• Fix hibernate user session on scm context
• Ui:Next: remove duplicated backslash on nextUi for menu/home
• Run-2255 add unit tests for RundeckInfo component
• Fix/selenium
• Update version to 5.3.0-SNAPSHOT
• QAF Migration: Default File Copier
• Tests: Added tests for job options duplication
• pt2: QAF's Oss Migration Package
• add ansible functional test using runner
• Tests: Migrated job timeout and log data wf step tests
• QAF Migration: 3 tests
• Tests: Migrated Job Reference tests from qafw
• QAF Migration Oss
• Fix: Case sensitive in users when used LDAP module OSS
• & Fix: Users logged in rundeck from LDAP are duplicate
• QAF Migration to New Testdeck
• QAF selenium tests migration
• Fix: Flaky "json resource" Test
• Fix: Server Error while Metrics Request
• Fixed overlapping label and button
• Testdeck Migration: 10 Tests
• Migrate api new testdeck - config the cluster environment
• Grails 6.1 upgrade

Here is a link to the full list of public PRs

Ansible Plugin Updates

• add plugin group
• Fix: No Syntax Highlight Between Edit Sessions Ansible Plugin
• Use ansible vault for temporary files

Community Contributors

Submit your own Pull Requests to get recognition here!

Staff Contributors

• Greg Schueler (gschueler)
• Alberto Hormazabal Cespedes (ahormazabal)
• Alexander Abarca (alexander-variacode)
• Antony Velasquez Ruiz (avelasquezr)
• Carlos Eduardo (carlosrfranco)
• Christopher McCarroll-Gilbert (chrismcg14)
• Darwis Narvaez (DarwisNarvaezDev)
• Dave Darby (David Darby)
• Forrest Evans (fdevans)
• Imad Jafir (imad6639)
• Jake Cohen (jsboak)
• Jason Brooks (jbrookspd)
• Jesus Osuna (Jesus-Osuna-M)
• Leonel Juarez (L2JE)
• Luis Toledo (ltamaster)
• Osman Albarran (Oalbarran94)
• Rodrigo Navarro (ronaveva)
• Sarah Martinelli Benedetti (smartinellibenedetti)
• Stephen Joyner (sjrd218)