Automate version 4.3.0 Released!

We are delighted to announce the availability of version 4.3.0 of Chef Automate.

Upgrade Journey

Chef lets you choose your upgrade journey based on your current version of Chef Automate. You can do all the version upgrades manually.

Your Current Version Upgrade To
Any version before 20220329091442 20220329091442
20220329091442 3.0.x
3.0.49 4.x

Click here to know more.

New Features

  • Disaster Recovery setup documentation for On-Prem deployment of Automate HA. (#7425)
  • Documented steps to add/remove/replace nodes in the existing Automate HA cluster. (#7406)

Improvements

  • Updated contextual CLI messages for a seamless upgrade journey. (#7377)
  • Copying ElasticSearch configuration to equivalent OpenSearch configuration. (#7377)
  • Better disk space detection and improved shard allocation. (#7377)
  • Auto-deletion of old indexes which are no longer required. (#7377)
  • Auto-correction of old AWS S3 URL pattern for S3 backup. (#7377)
  • Added habitat package to ensure that knife-ec-backup can be performed on an air-gapped bundle and is available in the manifest file. (#7424)
  • Automation of backup configuration during On-Prem Deployment. (#7410)

Compliance Profile Updates

Compliance profiles are updated to version 1.11.1/20220809102847, which includes the new and improved profiles for:

  • CIS MS Office 365 v1.4.0.
  • CIS Microsoft Windows 2022 v1.0.0.
  • CIS Oracle Linux 8 v2.0.0.
  • CIS GKE v1.2.0.
  • CIS Rocky Linux v1.0.0.
  • STIG Ubuntu 20.04 v1R2.

This update also includes fixes for:

  • CIS RHEL8 v2.0.0 control 6.2.7.
  • CIS Windows Server 2012 v2.5.0 few controls title correction.
  • CIS SQL Server 2019 v1.2.0 removes non ASCII characters from the title.

Bug Fixes

  • Better handle mismatch of controls and empty keys in the compliance report. (#7379)
  • Reduced failure possibility of data-collector API by ensuring that token is added to member policy.
  • Improved search capability on client run reports to support node name search with ".". (#7437)
  • Fixed a bug related to using AWS S3 bucket access and secret key while deploying HA on AWS infrastructure. (#7453)
  • Fixed a bug related to Restore of Automate HA for Non-S3 Backup object store. (#7446)

Security

Security Improvements

(examples: new security configurations)

  • Content security policy headers (CSP headers) are added to Automate APIs (#7458)

Security Updates

(examples: dependency updates, CVE fixes)

Chef Packaged Product Versions

This release uses:

  • Chef Habitat version: 1.6.521/20220603154827
  • Chef Habitat Builder version: 9978/20211221122808
  • Chef Infra Server version: 14.15.10/20220510065931
  • Chef InSpec version: 4.56.22/20220517052126

Service Versions

This release uses:

  • Postgres: 13.5
  • OpenSearch: 1.2.4
  • Nginx: 1.21.3
  • Haproxy: 2.2.18

Supported External Chef Products

This release supports the following external chef products:

  • Chef Infra Server version: 14.0.58+
  • Chef Inspec version: 4.3.2+
  • Chef Infra Client: 17.0.242+
  • Chef Habitat: 0.81+

View the package manifest for the latest release.


As always, we welcome your feedback and invite you to contact us directly or share your feedback online. Thanks for using Chef Automate!