We are delighted to announce the availability of version 4.4.10 of Chef Automate.
Upgrade Journey
Chef lets you choose your upgrade journey based on your current version of Chef Automate. You can do all the version upgrades manually.
| Your Current Version | Upgrade To |
|---|---|
| Any version before 20220329091442 | 20220329091442 |
| 20220329091442 | 3.0.x |
| 3.0.49 | 4.x |
Click here to know more.
New Features
- Ability to patch configurations from Bastion host of Automate HA (#7470)
- Enhance Compliance Reporting APIs based on date range instead of a single date. Refer to the document https://docs.chef.io/automate/enhanced_compliance_report (#7498)
- Added new Automate CLI command to uninstall Automate HA services from the nodes in On-Prem deployment of Automate HA (#7481, #7519)
- Support for AWS-managed database services for On-Prem deployment of Automate HA (#7492)
- Ability to apply custom certificates to Automate services during deployment of Automate HA. Refer https://docs.chef.io/automate/ha_cert_deployment (#7476, #7500, #7513)
- Ability to rotate certificates of Frontend and Backend nodes from the bastion node of Automate HA. Refer Certificate Rotation (#7494, #7522, #7526, #7536, #7540, #7541, #7543, #7544)
- Ability to capture journal logs at the custom path for Automate and each node of Automate HA. Refer https://docs.chef.io/automate/centralizing_log (#7508, #7542, #7533)
- Ability to view configurations of all the nodes from Bastion host of Automate HA (#7570)
- Added new Automate CLI command to add and delete frontend and backend nodes of Automate HA for On-Prem deployment (#7563)
Improvements
- Refactor the document for Backup and Restore of Automate HA (#7433)
- Improved the documentation for On-Prem deployment of Automate HA (#7493)
- Updated knife-ec-backup to version 3.0.1 (#7505)
- Improved Automate HA troubleshooting document (#7571)
- Updated Chef Automate Incident Creation app and Chef Automate Integration App to support ServiceNow San Diego and Tokyo versions
- Improved Backup deletion command to validate backup id before operation (#7641)
- Increased the default value of max shards to 2500(#7564)
- More configurations for Chef Server are now patchable when deployed with Automate and Automate HA. Refer the document for the complete list https://docs.chef.io/automate/chef_infra_in_chef_automate/ (#7572)
Compliance Profile Updates
Compliance profiles are updated to version 1.11.1/20221202074320, which includes the new and improved profiles for:
- Rocky Linux 8 v1.1.0
- Oracle Linux 8 v2.0.0
- Alma Linux 8 v2.2.0
- Microsoft Sharepoint v1.1.0
- STIG RHEL 7 v3r8
- CIS Windows Server 2019 v1.3.0
- STIG Windows Server 2019 v2r2
- CIS RHEL 8 v2.2.0 control5.3.16 fix
- CIS GKE v1.2.0
- CIS Windows 2016 v1.4.0
- CIS Azure Fundamental v1.0.0
Bug Fixes
- Fix for Automate HA (v4.3.0) Backend node upgrade failure (#7566)
- Fix for errors while fetching gather-logs data from faulty/inactive node (#7525)
Maintenance
Security
Security Updates
Updated OpenSearch version to 1.3.6 which fixes the following vulnerabilities:
- CVE-2022-22971
- CVE-2022-35980
Updated OpenJDK version to 11.0.17+8 which fixes the following vulnerabilities:
- CVE-2022-21619
- CVE-2022-21626
- CVE-2022-21624
- CVE-2022-21628
- CVE-2022-39399
- CVE-2022-21618
- CVE-2022-34169
- CVE-2022-21541
Chef Packaged Product Versions
This release uses:
- Chef Habitat version: 1.6.521/20220603154827
- Chef Habitat Builder version: 10078/20220929100217
- Chef Infra Server version: 14.15.10/20220510065931
- Chef InSpec version: 4.56.22/20220517052126
Service Versions
This release uses:
- Postgres: 13.5
- OpenSearch: 1.3.6
- Nginx: 1.21.3
- Haproxy: 2.2.18
- Dex: 2.27.0
Supported External Chef Products
This release supports the following external chef products:
- Chef Infra Server version: 14.0.58+
- Chef Inspec version: 4.3.2+
- Chef Infra Client: 17.0.242+
- Chef Habitat: 0.81+
Supported Framework Versions
This release is built on the following framework versions:
- GoLang: 1.15
- OpenJDK: 11.0.17+8
- Angular: 11.2.6
View the package manifest for the latest release.
As always, we welcome your feedback and invite you to contact us directly or share your feedback online. Thanks for using Chef Automate!