Automate 2 version 20190904132002 Released!

We are delighted to announce the availability of version 20190904132002 of Chef Automate 2.

New Features

  • New!: Check out the now available compliance profiles for CIS MacOS 10.13 v1.0.0.
  • Level Up: Compliance profiles for CIS AWS v1.0.0 now provide both a Level 1 and Level 2 profile, and supersedes the previously released "Foundations" profile, which is no longer available in the Profiles page.

Improvements

  • Solid: Dex, part of Chef Automate's authentication system, now uses a more secure set of TLS ciphers.

Bug Fixes

  • Sorted: Within the compliance reports' Nodes tab, the Platform column now correctly sorts by both platform name and platform version.
  • Out of Order: For the CIS Windows 2016 v1.1.0 compliance profile, we fixed a bug where the security policy controls depended on a specific ordering of results when the ordering is not significant.
  • In Line: We matched CIS's recommendations by fixing the following compliance profiles:
    • CIS RHEL 7 v2.2.0 compliance profile now has the expected result of control 4.1.12 and does not expect the option -S all
    • CIS Ubuntu 18.04 compliance profile features fixed logic in control 4.1.7
  • Render: We corrected the metadata for STIG compliance profiles, so that they use valid SemVer version strings.

Backward Incompatibilities

  • The data-lifecycle-service component has been removed. Data retention is now configured on a per-service and per-policy basis though remote procedure calls to individual services. During the upgrade to this version, any configured service retention settings will be migrated as is. After the upgrade has completed, configuration of data retention with chef-automate config will no longer be supported. See the data retention documentation for more information on configuring retention policies.
  • After the upgrade to this version, the following configuration keys will not be accepted:
    • compliance.v1.sys.retention.compliance_report_days
    • event_feed_service.v1.sys.service.purge_event_feed_after_days
    • ingest.v1.sys.service.purge_converge_history_after_days
    • ingest.v1.sys.service.purge_actions_after_days
    • data_lifecycle

How to Upgrade

By default Chef Automate 2 will automatically upgrade to this new version. If you have disabled automatic upgrades you can manually initiate an upgrade by running:

chef-automate upgrade run

As always, we welcome your feedback and invite you to contact us directly or share your feedback online. Thanks for using Chef Automate 2!