diff --git a/modules/ROOT/assets/images/int-global-elements-panel-list.png b/modules/ROOT/assets/images/int-global-elements-panel-list.png new file mode 100644 index 000000000..21e65ee52 Binary files /dev/null and b/modules/ROOT/assets/images/int-global-elements-panel-list.png differ diff --git a/modules/ROOT/assets/images/int-secure-properties-form-editor.png b/modules/ROOT/assets/images/int-secure-properties-form-editor.png new file mode 100644 index 000000000..7c13ad47d Binary files /dev/null and b/modules/ROOT/assets/images/int-secure-properties-form-editor.png differ diff --git a/modules/ROOT/assets/images/int-secure-properties-overview-diagram.png b/modules/ROOT/assets/images/int-secure-properties-overview-diagram.png new file mode 100644 index 000000000..24958a77e Binary files /dev/null and b/modules/ROOT/assets/images/int-secure-properties-overview-diagram.png differ diff --git a/modules/ROOT/nav.adoc b/modules/ROOT/nav.adoc index 6e2a4f776..fe5935259 100644 --- a/modules/ROOT/nav.adoc +++ b/modules/ROOT/nav.adoc @@ -51,6 +51,7 @@ ** xref:vibes-skills.adoc[] ** xref:vibes-api-ai-create-spec.adoc[] ** xref:vibes-create-integrations.adoc[] +** xref:vibes-secure-properties.adoc[] ** xref:vibes-run-multiple-integration-projects-locally.adoc[] ** xref:vibes-prompt-examples.adoc[] ** xref:troubleshoot-generative-ai.adoc[] @@ -76,6 +77,7 @@ *** xref:int-configure-components-check-connection.adoc[] *** xref:int-configure-components-open-from-xml.adoc[] ** xref:int-create-secure-configs.adoc[] +** xref:int-run-mule-apps-with-properties.adoc[] ** xref:int-global-config-elements.adoc[] ** xref:int-trigger-flows.adoc[] ** xref:int-manage-custom-metadata.adoc[] diff --git a/modules/ROOT/pages/index.adoc b/modules/ROOT/pages/index.adoc index 63fc601d0..dca6e0e15 100644 --- a/modules/ROOT/pages/index.adoc +++ b/modules/ROOT/pages/index.adoc @@ -112,6 +112,13 @@ For guidance with Git setup in Anypoint Code Builder, see xref:start-scm.adoc[]. See VS Code documentation on https://code.visualstudio.com/docs/sourcecontrol/overview[Git support^] and https://code.visualstudio.com/docs/sourcecontrol/overview#_scm-providers[extensions for other SCM providers^]. For extension authors only, VS Code also provides a https://code.visualstudio.com/api/extension-guides/scm-provider[VS Code source control API^]. +[[acb-startup]] +== Anypoint Code Builder Startup + +Anypoint Code Builder optimizes Maven bookkeeping and bundle-loading operations during initialization. This behavior reduces startup overhead so workspaces can become available with less wait time. + +It also reads extension bundle directories directly from the extension path when loading workspace assets. This initialization path reduces delays before projects are ready for development tasks. + == Feedback To provide feedback about Anypoint Code Builder, complete the https://www.surveymonkey.com/r/acb_feedback[feedback survey^]. diff --git a/modules/ROOT/pages/int-create-secure-configs.adoc b/modules/ROOT/pages/int-create-secure-configs.adoc index 807d2e4ed..a138a2902 100644 --- a/modules/ROOT/pages/int-create-secure-configs.adoc +++ b/modules/ROOT/pages/int-create-secure-configs.adoc @@ -13,6 +13,10 @@ Define configuration properties to secure and customize your Mule application co * Define and use variables instead of literal strings when setting values in the configuration XML. * Configure a variable for selecting different property files for a specific deployment environment, such as development, sandbox, or production. +.How secure properties work +image::int-secure-properties-overview-diagram.png[Diagram showing secure properties flow from runtime argument to global-configs.xml to encrypted properties file to flow references] + +For a guided, conversational approach to setting up secure properties, use MuleSoft Vibes. For additional information, see xref:vibes-secure-properties.adoc[]. == Before You Begin @@ -241,6 +245,19 @@ my-key-value \ ---- + IMPORTANT: Store your encryption key value (password) in a secure location. You'll need your key value later, when you deploy your application. ++ +TIP: To verify an encrypted value, decrypt it using the same tool with the `decrypt` command instead of `encrypt`: ++ +[source,terminal] +---- +$ java -cp secure-properties-tool.jar com.mulesoft.tools.SecurePropertiesTool \ +string \ +decrypt \ +Blowfish \ +CBC \ +my-key-value \ +"/MU0/xB/zoMPjxBA7/9X44Ad2H8O8AY5" +---- . In your properties file, add each encrypted property value within `![]` brackets. + .Example that replaces the unencrypted value `"mysensitivevalue"` with the encrypted value `"![/MU0/xB/zoMPjxBA7/9X44Ad2H8O8AY5]"`: @@ -442,15 +459,64 @@ This name serves as the key for the encryption value (password) used to encrypt + Notice the `secure::` prefix to the key. +[[edit-via-ui]] +== Edit Secure Properties Configuration via Global Elements + +Instead of manually editing your project's XML, you can configure secure properties through Global Elements. + +To edit the secure properties configuration: + +. Open *Project Properties* > *Global Elements*. ++ +image:int-global-elements-panel-list.png["Global Elements panel with list of configurations including Secure Properties Config."] ++ +. Select *global-configs.xml* from the *Selected File* dropdown. +. Find *Secure Properties Config* in the list. +. Click the *...* menu (three dots) next to the configuration name. +. Click *Edit*. + +The editor opens and you can modify these fields. + +image::int-secure-properties-form-editor.png["Form editor showing configurable fields for Secure Properties Config.", 75%, 75%] + +[%header,cols="20a,30a,50a"] +|=== +| Field | Example Value | What It Controls + +| *Name* +| Secure_Properties_Config +| Element name referenced internally + +| *File* +| ${env}.secure.properties +| Which encrypted file to load (resolves per environment) + +| *Key* +| ${encryption.key} +| The decryption key placeholder (resolved from system property) + +| *Algorithm* +| AES +| Encryption algorithm (AES, Blowfish, DES, DESede, RC2) + +| *Mode* +| CBC +| Cipher mode (CBC, CFB, ECB, OFB) +|=== + +Changes you make in the editor automatically update the XML in `global-configs.xml`. + +The editor manages the configuration element. To change the actual encrypted values in `.secure.properties` files, use the secure-properties-tool JAR, edit the file directly, or ask MuleSoft Vibes to re-encrypt values. See xref:vibes-secure-properties.adoc[]. + [[test-deploy]] == Test Encrypted Properties in Your IDE -If your application uses encrypted properties, add arguments for the encryption key and value to the runtime command in your IDE. Adding these arguments to the setting enables the runtime to decrypt properties used in your application so that it deploys successfully to the local runtime in your IDE. +If your application uses encrypted properties, add arguments for the encryption key and value to the runtime command in your IDE. Adding these arguments to the setting enables the runtime to decrypt properties used in your application so that it deploys successfully to the local runtime in your IDE. The setting avoids an error that causes the deployment to fail when you use *Run and Debug* in your IDE: ---- -Couldn't find configuration property value for key ${encryption.key} +Couldn't find configuration property value for key ${encryption.key} from properties provider environment properties provider ---- @@ -605,9 +671,9 @@ Notice the value of the `file` attribute in this example: ---- Open 'launch.json' ---- -.. In `launch.json`, append the value of the `env` variable to use when running the application from the IDE. +.. In `launch.json`, append the value of the `env` variable to use when running the application from the IDE. + -Notice the setting `-M-Denv=dev` in this `launch.json` example: +Notice the setting `-M-Denv=dev` in this `launch.json` example. For more information about launch configurations and alternative methods for passing properties, see xref:int-run-mule-apps-with-properties.adoc[]. + [source,json] ---- @@ -669,7 +735,46 @@ image::deploy-to-cloudhub-icon-with-deploy-json.png["Deploy to CloudHub rocket i + You can create properties or change the value of existing properties, for example, to fix some deployment errors. +[[quick-reference]] +== Quick Reference + +Use this table for quick access to common secure properties tasks and commands: + +[%header,cols="30a,70a"] +|=== +| Task | Command / Location + +| Encrypt a value +| `java -cp secure-properties-tool.jar com.mulesoft.tools.SecurePropertiesTool string encrypt AES CBC ` + +| Decrypt a value +| `java -cp secure-properties-tool.jar com.mulesoft.tools.SecurePropertiesTool string decrypt AES CBC ` + +| Reference encrypted property in XML +| `${secure::property.name}` + +| Reference non-encrypted property in XML +| `${property.name}` + +| Secure properties config element +| `` + +| Pass encryption key locally +| Add `-M-Dencryption.key=YourKey` to `mule.runtime.args` in `launch.json` + +| Pass encryption key in CloudHub +| Add to Properties tab in Runtime Manager: `encryption.key=YourKey` + +| Switch environment +| Pass `-M-Denv=qa` or `-M-Denv=prod` as runtime argument + +| Hide encryption key in CloudHub +| Add encryption key name to `secureProperties` array in `mule-artifact.json` +|=== + == See Also +* xref:vibes-secure-properties.adoc[] * xref:int-global-config-elements.adoc[] +* xref:int-run-mule-apps-with-properties.adoc[] * xref:mule-runtime::secure-configuration-properties.adoc[] diff --git a/modules/ROOT/pages/int-run-mule-apps-with-properties.adoc b/modules/ROOT/pages/int-run-mule-apps-with-properties.adoc new file mode 100644 index 000000000..8b808d731 --- /dev/null +++ b/modules/ROOT/pages/int-run-mule-apps-with-properties.adoc @@ -0,0 +1,422 @@ += Pass Runtime Properties and Arguments to Mule Applications +:page-deployment-options: desktop-ide + +include::reuse::partial$beta-banner.adoc[tag="anypoint-code-builder"] + +Configure runtime behavior, secure sensitive data, and test different environments by passing properties and arguments to Mule applications running locally in Anypoint Code Builder. + +Use command-line properties to switch between development, sandbox, and production configurations, provide encryption keys for secure properties, and override default values without modifying application code. + +You can pass properties when running Mule applications locally through different methods. + +* <>: Apply the same arguments to all Mule applications +* <>: Configure arguments for individual projects or create multiple configurations with different settings + +[[mule-settings-method]] +== Configure Global Default Arguments + +Configure arguments that apply to all Mule application runs in Anypoint Code Builder. Use this approach when you consistently need the same encryption key or environment setting across all projects during local development. + +To configure global default arguments: + +. Open Mule settings: ++ +include::partial$acb-reusable-steps.adoc[tags="open-mule-settings"] + +. Find the *Mule › Runtime: Default Arguments* setting. + +. In the *Runtime: Default Arguments* field, append your arguments using the `-M-D` prefix followed by the property name and value: ++ +[source,text] +---- +-M-Dencryption.key=myEncryptionKey123 +---- ++ +To add multiple arguments, separate them with spaces: ++ +[source,text] +---- +-M-Dencryption.key=myEncryptionKey123 -M-Denv=dev -M-Dhttp.port=8082 +---- + +. Run or debug your Mule application: ++ +include::partial$acb-reusable-steps.adoc[tags="open-command-palette"] ++ +Select *View: Show Run and Debug*, then click *Run and Debug*. ++ +Mule Runtime engine receives the configured arguments each time you run any application. + +=== Understand Property Syntax + +The `-M-D` prefix passes system properties to the Java Virtual Machine (JVM) that runs Mule Runtime engine. These properties become available throughout your Mule application and can be referenced in configuration XML files. + +When configuring properties in the *Runtime: Default Arguments* field: + +* Use the `-M-D` prefix followed by the property name and value: `-M-Dname=value` +* Separate multiple properties with spaces +* Avoid quotes around values unless the value contains spaces +* Property names are case-sensitive + +.Common examples: +[source,text] +---- +-M-Dencryption.key=mySecretKey +-M-Denv=dev +-M-Dhttp.port=8081 +-M-Ddatabase.host=localhost +-M-Dmule.env=development +---- + +[[launch-json-method]] +== Configure Project-Specific Launch Configurations + +Configure arguments for individual projects or create multiple run configurations with different settings for the same project. Use this approach when different projects require different configurations, or to test the same project with different property values. + +Launch configurations reside in the `.vscode/launch.json` file in your project directory and apply only to that project. + +=== Create or Modify a Launch Configuration + +To configure project-specific arguments: + +include::partial$acb-reusable-steps.adoc[tags="open-command-palette"] + +. Enter and select *Open 'launch.json'*. ++ +If the file doesn't exist, VS Code creates it in the `.vscode` folder of your project. + +. In the `launch.json` file, locate or create a configuration object within the `configurations` array. + +. Add or modify the `mule.runtime.args` property to include your arguments: ++ +[source,json] +---- +{ + "version": "0.2.0", + "configurations": [ + { + "type": "mule-xml-debugger", + "request": "launch", + "name": "Debug Mule Application", + "mule.project": "${workspaceFolder}", + "mule.home": "${config:mule.homeDirectory}", + "mule.runtime.args": "${config:mule.runtime.defaultArguments} -M-Dencryption.key=myKey -M-Denv=dev" + } + ] +} +---- + +. Save the `launch.json` file. + +. Run or debug your application by selecting the configuration from the *Run and Debug* view. + +=== Test the Same Project with Different Property Values + +Create multiple launch configurations with different property values to test various environments without editing the configuration file each time. For conceptual information about creating and managing launch configurations, see xref:int-run-multiple-mule-apps.adoc[]. + +The key difference when configuring properties is to vary the `mule.runtime.args` values for each configuration: + +[source,json] +---- +{ + "version": "0.2.0", + "configurations": [ + { + "type": "mule-xml-debugger", + "request": "launch", + "name": "Debug - Development", + "mule.project": "${workspaceFolder}", + "mule.home": "${config:mule.homeDirectory}", + "mule.runtime.args": "${config:mule.runtime.defaultArguments} -M-Denv=dev -M-Dhttp.port=8081" + }, + { + "type": "mule-xml-debugger", + "request": "launch", + "name": "Debug - Sandbox", + "mule.project": "${workspaceFolder}", + "mule.home": "${config:mule.homeDirectory}", + "mule.runtime.args": "${config:mule.runtime.defaultArguments} -M-Denv=sandbox -M-Dhttp.port=8082" + } + ] +} +---- + +Switch between configurations using the dropdown in the *Run and Debug* view. + +=== Use Environment Variables in Launch Configurations + +Reference environment variables defined on your system to avoid hardcoding sensitive values in `launch.json`: + +[source,json] +---- +{ + "version": "0.2.0", + "configurations": [ + { + "type": "mule-xml-debugger", + "request": "launch", + "name": "Debug with Environment Variables", + "mule.project": "${workspaceFolder}", + "mule.home": "${config:mule.homeDirectory}", + "mule.runtime.args": "${config:mule.runtime.defaultArguments} -M-Dencryption.key=${env:ENCRYPTION_KEY} -M-Denv=${env:MULE_ENV}" + } + ] +} +---- + +Reference environment variables using the `${env:VARIABLE_NAME}` syntax. The example configuration references `ENCRYPTION_KEY` and `MULE_ENV` from your system environment. + +[[common-use-cases]] +== Common Use Cases and Examples + +These examples demonstrate common scenarios for passing runtime properties and arguments, such as configuring HTTP listener ports and database connection parameters. + +For examples of passing encryption keys and switching between environment-specific property files, see xref:int-create-secure-configs.adoc[]. + +=== Example: Set HTTP Listener Port Dynamically + +Set the HTTP listener port at runtime without modifying your configuration XML: + +.Global default arguments: +[source,text] +---- +-M-Dhttp.port=8082 +---- + +.Launch configuration: +[source,json] +---- +{ + "version": "0.2.0", + "configurations": [ + { + "type": "mule-xml-debugger", + "request": "launch", + "name": "Debug on Port 8082", + "mule.project": "${workspaceFolder}", + "mule.home": "${config:mule.homeDirectory}", + "mule.runtime.args": "${config:mule.runtime.defaultArguments} -M-Dhttp.port=8082" + } + ] +} +---- + +Reference the property in your HTTP listener configuration: + +[source,xml] +---- + + + +---- + +=== Example: Provide Database Connection Parameters + +Provide database connection parameters at runtime to switch between local and remote databases: + +.Global default arguments: +[source,text] +---- +-M-Ddb.host=localhost -M-Ddb.port=3306 -M-Ddb.name=mydb +---- + +.Launch configurations for different databases: +[source,json] +---- +{ + "version": "0.2.0", + "configurations": [ + { + "type": "mule-xml-debugger", + "request": "launch", + "name": "Debug with Local Database", + "mule.project": "${workspaceFolder}", + "mule.home": "${config:mule.homeDirectory}", + "mule.runtime.args": "${config:mule.runtime.defaultArguments} -M-Ddb.host=localhost -M-Ddb.port=3306 -M-Ddb.name=mydb" + }, + { + "type": "mule-xml-debugger", + "request": "launch", + "name": "Debug with Remote Database", + "mule.project": "${workspaceFolder}", + "mule.home": "${config:mule.homeDirectory}", + "mule.runtime.args": "${config:mule.runtime.defaultArguments} -M-Ddb.host=remote-db.example.com -M-Ddb.port=3306 -M-Ddb.name=proddb" + } + ] +} +---- + +Reference these properties in your database configuration: + +[source,xml] +---- + + + +---- + +[[shared-encryption-keys-workspace]] +== Configure Shared Encryption Keys Across a Workspace + +When you have multiple Mule projects in the same workspace that use the same encryption key, configure it once at the workspace level instead of duplicating it in each project's launch.json. + +Use the approach that better applies to your workflow and security requirements. + +* <>: Configure the encryption key in + your workspace settings.json. All projects inherit the setting + automatically. + +* <>: Store the key as an OS environment variable + in your shell profile. Use this method to keep + encryption keys completely out of version-controlled files or if you need + machine-specific configuration. + +* <>: Configure the encryption key directly in a + .code-workspace file. Use this approach when working with + multiple Mule projects open simultaneously in a multi-root + workspace. + +[[workspace-settings-approach]] +=== Use Workspace Settings + +Add the encryption key to your workspace `settings.json` so all projects inherit it. + +. In your `.code-workspace` file or `.vscode/settings.json` at the workspace root, add the key. ++ +[source,json] +---- +{ + "settings": { + "mule.runtime.defaultArguments": "-M-Dencryption.key=MuleSecureKey024" + } +} +---- ++ +. Reference the shared setting in each project's `launch.json`. ++ +[source,json] +---- +{ + "mule.runtime.args": "${config:mule.runtime.defaultArguments}" +} +---- + +[[environment-variable-approach]] +=== Use an Environment Variable + +Set the key as an OS environment variable in your shell profile (`~/.zshrc` or `~/.bash_profile`) + +. Run this command. ++ +[source,bash] +---- +export MULE_ENCRYPTION_KEY="MuleSecureKey024" +---- ++ +. Reference the key in the workspace `launch.json`: ++ +[source,json] +---- +{ + "version": "0.2.0", + "configurations": [ + { + "type": "mule-xml-debugger", + "request": "launch", + "name": "Debug with Environment Variable", + "mule.project": "${workspaceFolder}", + "mule.home": "${config:mule.homeDirectory}", + "mule.runtime.args": "${config:mule.runtime.defaultArguments} -M-Dencryption.key=${env:MULE_ENCRYPTION_KEY}" + } + ] +} +---- + +[[multi-root-workspace-approach]] +=== Use a Shared Launch Configuration in Multi-Root Workspaces + +To configure a shared encryption key in a multi-root workspace: + +. Open or create your `.code-workspace` file. +. Add a `launch` section to the workspace configuration with the + encryption key: ++ +[source,json] +---- +{ + "folders": [ // <1> + { "path": "salesforce-sync" }, + { "path": "netsuite-integration" }, + { "path": "slack-notifications" } + ], + "launch": { // <2> + "configurations": [ + { + "type": "mule-xml-debugger", + "request": "launch", + "name": "Run Mule App (Shared Key)", // <3> + "noDebug": true, + "mule.projects": ["${workspaceFolder}"], + "mule.runtime.args": "${config:mule.runtime.defaultArguments} -M-Dencryption.key=MuleSecureKey024" // <4> + } + ] + } +} +---- +<1> List the relative paths to each Mule project in your workspace +<2> Add the launch configuration section with the shared encryption key +<3> Name that appears in the Run and Debug dropdown +<4> Replace `MuleSecureKey024` with your encryption key ++ +. Save the workspace file. + +When you select *Run Mule App (Shared Key)* from the Run and Debug +dropdown, Code Builder applies the shared encryption key to whichever +project is active. + +=== Protect Workspace Configuration in .gitignore + +If your workspace settings contain sensitive values, add them to `.gitignore`: + +[source,gitignore] +---- +# Workspace config (may contain encryption key) +*.code-workspace +.vscode/settings.json +---- + +[[key-rotation-workspace]] +=== Re-encrypt All Projects After Key Rotation + +When you rotate the shared key, re-encrypt every secure properties file across all projects: + +[source,bash] +---- +NEW_KEY="NewSharedKey2025!" + +# For each project in the workspace: +for project in salesforce-sync netsuite-integration slack-notifications; do + FILE="$project/src/main/resources/prod.secure.properties" + if [ -f "$FILE" ]; then + echo "Re-encrypting: $FILE" + # Decrypt each value with old key, re-encrypt with new key + # (or use a local backup file with plaintext to re-encrypt) + fi +done +---- + +Then update the single workspace-level key reference and all projects work immediately. + +== See Also + +* xref:int-create-secure-configs.adoc[] +* xref:int-run-multiple-mule-apps.adoc[] +* xref:ref-mule-settings.adoc#setting-mule-args[Mule › Runtime: Default Arguments] +* xref:int-global-config-elements.adoc[] +* xref:start-workspaces.adoc[] +* xref:mule-runtime::configuring-properties.adoc[] diff --git a/modules/ROOT/pages/int-run-multiple-mule-apps.adoc b/modules/ROOT/pages/int-run-multiple-mule-apps.adoc index d61170065..639f7a46a 100644 --- a/modules/ROOT/pages/int-run-multiple-mule-apps.adoc +++ b/modules/ROOT/pages/int-run-multiple-mule-apps.adoc @@ -104,6 +104,7 @@ The updated configuration is immediately available in the *Run and Debug* panel. == See Also +* xref:int-run-mule-apps-with-properties.adoc[] * xref:start-workspaces.adoc[] * xref:int-debug-mule-apps.adoc[] * xref:int-create-integrations.adoc[] diff --git a/modules/ROOT/pages/ref-mule-settings.adoc b/modules/ROOT/pages/ref-mule-settings.adoc index 28c12a956..b906346e9 100644 --- a/modules/ROOT/pages/ref-mule-settings.adoc +++ b/modules/ROOT/pages/ref-mule-settings.adoc @@ -66,9 +66,12 @@ Available settings: [[setting-mule-args]] == Mule › Runtime: Default Arguments -Set default command-line arguments to use when starting Mule Runtime engine (Mule). Mule starts when you run a Mule application in an integration or implementation project. +Set default command-line arguments to use when starting Mule Runtime engine (Mule). Mule starts when you run a Mule application in an integration or implementation project. -Common uses of this setting are to append an encryption key value (such as `-M-Dencryption.key=my-key`) that is used when running a local deployment that incorporates secure configuration properties, or for a variable (such as `-M-Denv=dev`) that Mule uses when selecting a configuration properties file by its file name. For more information about these uses, see xref:int-create-secure-configs.adoc[]. +Common uses of this setting are to append an encryption key value (such as `-M-Dencryption.key=my-key`) that is used when running a local deployment that incorporates secure configuration properties, or for a variable (such as `-M-Denv=dev`) that Mule uses when selecting a configuration properties file by its file name. + +For more information about passing properties and arguments when running Mule applications, including examples, use cases, and troubleshooting, see xref:int-run-mule-apps-with-properties.adoc[]. +For information about secure configuration properties, see xref:int-create-secure-configs.adoc[]. [[setting-metaspace]] == Mule › Runtime: Default Metaspace Size diff --git a/modules/ROOT/pages/vibes-get-started.adoc b/modules/ROOT/pages/vibes-get-started.adoc index f9f2da6aa..acc15a52d 100644 --- a/modules/ROOT/pages/vibes-get-started.adoc +++ b/modules/ROOT/pages/vibes-get-started.adoc @@ -118,8 +118,13 @@ View token consumption for individual requests and tasks directly in MuleSoft Vi This visibility helps you understand the resource cost of generation activities and manage usage across sessions. +[[skills-in-mulesoft-vibes]] == Skills in MuleSoft Vibes xref:vibes-skills.adoc[Skills] are reusable instruction sets that load when your message matches a skill's description. For information about skills and MCP tools, see xref:vibes-skills.adoc[]. If you use Claude Code, see xref:vibes-skills.adoc#install-mulesoft-skills-in-claude-code[Install MuleSoft Skills in Claude Code]. + +[[mcp-connector-in-ACB]] +== MCP Connector in Anypoint Code Builder +Anypoint Code Builder uses xref:mcp-connector::index.adoc[MCP Connector] to maintain compatibility with MCP integrations to keep tool-driven workflows reliable across supported scenarios. diff --git a/modules/ROOT/pages/vibes-secure-properties.adoc b/modules/ROOT/pages/vibes-secure-properties.adoc new file mode 100644 index 000000000..6335e9725 --- /dev/null +++ b/modules/ROOT/pages/vibes-secure-properties.adoc @@ -0,0 +1,189 @@ += Working with Secure Properties Using MuleSoft Vibes +:page-deployment-options: cloud-ide, desktop-ide + +include::reuse::partial$beta-banner.adoc[tag="anypoint-code-builder"] + +Instead of manually creating files and editing XML, use MuleSoft Vibes to set up secure properties conversationally. MuleSoft Vibes can automatically encrypt values, create configuration files, update XML, and validate your setup. + +For information about secure properties concepts and manual configuration, see xref:int-create-secure-configs.adoc[]. + +.How secure properties work +image::int-secure-properties-overview-diagram.png[Diagram showing secure properties flow from runtime argument to global-configs.xml to encrypted properties file to flow references] + +[[setup-from-scratch]] +== Set Up Secure Properties from Scratch + +To set up secure properties, send a message to MuleSoft Vibes that asks to configure secure properties for your credentials and specifies the encryption algorithm to use. + +For example: + +---- +Set up secure properties for my Salesforce credentials using AES/CBC encryption +---- + +MuleSoft Vibes: + +* Adds the `mule-secure-configuration-property-module` dependency to `pom.xml` +* Adds the `` element to `global-configs.xml` +* Adds the required namespace and schema location +* Updates connector configurations to use `${secure::}` references +* Creates the `.secure.properties` file structure + +[[encrypt-value]] +== Encrypt a Value + +To encrypt a specific value, send a message to MuleSoft Vibes that includes the value to encrypt, your encryption key, and the algorithm to use. + +For example: + +---- +Encrypt the value 'MyPassword123' using my encryption key MuleSecureKey024 with AES CBC +---- + +MuleSoft Vibes runs the secure-properties-tool and returns the encrypted value ready to paste into your properties file. + +[[add-credential]] +== Add a New Credential to an Existing Setup + +To add a new encrypted property, send a message to MuleSoft Vibes that specifies the property name and value to encrypt. + +For example: + +---- +Add a new secure property called 'netsuite.password' with the value 'NS-Prod-Pass!' to my secure properties files +---- + +MuleSoft Vibes encrypts the value and adds it to the appropriate `.secure.properties` file. + +[[convert-plaintext]] +== Switch from Plaintext to Secure + +To convert existing plaintext credentials to secure properties, send this message to MuleSoft Vibes: + +---- +Convert all the plaintext Salesforce credentials in my project to use secure properties +---- + +MuleSoft Vibes: + +* Scans for hardcoded or plaintext credential values +* Encrypts each value +* Moves them to `.secure.properties` files +* Updates XML references from `${salesforce.password}` to `${secure::salesforce.password}` + +[[multi-environment-setup]] +== Set Up Multi-Environment Secure Properties + +To create environment-specific secure properties files, send a message to MuleSoft Vibes that specifies the environment name and requests the `${env}.secure.properties` pattern. + +For example: + +---- +Create a secure properties file for prod with the ${env}.secure.properties pattern +---- + +MuleSoft Vibes creates the environment-specific file and configures the dynamic file reference in `global-configs.xml`. + +For more information about multi-environment configuration, see xref:int-create-secure-configs.adoc#create-prop-file[]. + +[[validate-setup]] +== Validate Your Setup + +To check if your secure properties are configured correctly, send this message to MuleSoft Vibes: + +---- +Check if my secure properties are configured correctly +---- + +MuleSoft Vibes validates: + +* The dependency is in `pom.xml` +* The `` element exists with the correct namespace +* Referenced keys exist in the `.secure.properties` files +* The encryption key is configured in `launch.json` for local runs + +[[rotate-key]] +== Rotate the Encryption Key + +To change your encryption key and re-encrypt all values, send a message to MuleSoft Vibes that specifies the old key, the new key, and asks to re-encrypt all values. + +For example: + +---- +Rotate my encryption key from MuleSecureKey024 to NewSecureKey2025 and re-encrypt all values +---- + +MuleSoft Vibes: + +* Decrypts all values with the old key +* Re-encrypts with the new key +* Updates all `.secure.properties` files +* Updates `launch.json` with the new key + +[[vibes-skills]] +== Skills MuleSoft Vibes Uses + +When you ask MuleSoft Vibes to work with secure properties, it invokes specialized skills that handle the tasks: + +[%header,cols="30a,70a"] +|=== +| Skill | What It Does + +| *Secure Mule App* + +(`/secure-mule-app`) +| Scans for sensitive data, encrypts values using the secure-properties-tool JAR, creates `.secure.properties` files, updates XML with `${secure::}` references, adds the `pom.xml` dependency, and configures `launch.json`. + +| *Manage Global Configurations* + +(`/manage-global-configurations`) +| Creates the `` element in `global-configs.xml`, manages namespaces, handles the `${env}.secure.properties` multi-environment pattern, and validates the build. + +| *Build Mule Integration* + +(`/build-mule-integration`) +| When generating new flows that need credentials, automatically includes secure property placeholders and wires up the secure config element. +|=== + +These skills work together. For example, when you say "convert my plaintext credentials to secure properties," MuleSoft Vibes uses *Secure Mule App* to encrypt and create the files, then *Manage Global Configurations* to wire up the XML config element and validate everything builds. + +For more information about skills in MuleSoft Vibes, see xref:vibes-skills.adoc[]. + +[[common-prompts]] +== Common MuleSoft Vibes Prompts for Secure Properties + +Use these example prompts to work with secure properties: + +[%header,cols="30a,70a"] +|=== +| What You Want | What to Ask MuleSoft Vibes + +| Initial setup +| "Set up secure properties for this project" + +| Encrypt a single value +| "Encrypt 'my-secret' with key X using AES CBC" + +| Add credentials +| "Add encrypted DB credentials to my secure properties" + +| Convert plaintext +| "Move my hardcoded passwords to secure properties" + +| Production setup +| "Create a prod secure properties file" + +| Check configuration +| "Validate my secure properties setup" + +| Debug issues +| "Why is my secure property not resolving?" + +| Key rotation +| "Rotate my encryption key to a new value" +|=== + +== See Also + +* xref:int-create-secure-configs.adoc[] +* xref:int-global-config-elements.adoc[] +* xref:vibes-skills.adoc[] +* xref:mulesoft-vibes.adoc[] +* xref:vibes-get-started.adoc[]