Hey Everyone,
We're happy to announce the release of Chef v14.8.12! This release includes a ton of updated resources, improved virtualization and platform detection, as well as openSSL security updates.
Updated Resources
apt_package
The apt_package resource now supports using the allow_downgrade property to enable downgrading of packages on a node in order to meet a specified version. Thank you @whiteley for requesting this enhancement.
apt_repository
An issue was resolved in the apt_repository resource that caused the resource to fail when importing GPG keys on newer Debian releases. Thank you @EugenMayer for this fix.
dnf_package / yum_package
Initial support has been added for Red Hat Enterprise Linux 8. Thank you @pixdrift for this fix.
gem_package
gem_package now supports installing gems into Ruby 2.6 or later installations.
windows_ad_join
windows_ad_join now uses the UPN format for usernames, which prevents some failures to authenticate to the domain.
windows_certificate
An issue was resolved in the :acl_add action of the windows_certificate resource, which caused the resource to fail. Thank you @shoekstra for reporting this issue.
windows_feature
The windows_feature resource now allows for the installation of DISM features that have been fully removed from a system. Thank you @zanecodes for requesting this enhancement.
windows_share
Multiple issues were resolved in windows_share, which caused the resource to either fail or update the share state on every Chef Client run. Thank you @chadmccune for reporting several of these issues and @derekgroh for one of the fixes.
windows_task
A regression was resolved that prevented ChefSpec from testing the windows_task resource in Chef Client 14.7. Thank you @jjustice6 for reporting this issue.
Ohai 14.8
Improved Virtualization Detection
Hyper-V Hypervisor Detection
Detection of Linux guests running on Hyper-V has been improved. In addition, Linux guests on Hyper-V hypervisors will also now detect their hypervisor's hostname. Thank you @safematix for contributing this enhancement.
Example node['virtualization'] data:
{
"systems": {
"hyperv": "guest"
},
"system": "hyperv",
"role": "guest",
"hypervisor_host": "hyper_v.example.com"
}
LXC / LXD Detection
On Linux systems running lxc or lxd containers, the lxc/lxd virtualization system will now properly populate the node['virtualization']['systems'] attribute.
BSD Hypervisor Detection
BSD-based systems can now detect guests running on KVM and Amazon's hypervisor without the need for the dmidecode package.
New Platform Support
- Ohai now properly detects the openSUSE 15.X platform. Thank you @megamorf for reporting this issue.
- SUSE Linux Enterprise Desktop now identified as platform_family 'suse'
- XCP-NG is now identified as platform 'xcp' and platform_family 'rhel'. Thank you @heyjodom for submitting this enhancement.
- Mangeia Linux is now identified as platform 'mangeia' and platform_family 'mandriva'
- Antergos Linux now identified as platform_family 'arch'
- Manjaro Linux now identified as platform_family 'arch'
Security Updates
OpenSSL
OpenSSL has been updated to 1.0.2q in order to resolve:
- Microarchitecture timing vulnerability in ECC scalar multiplication (CVE-2018-5407)
- Timing vulnerability in DSA signature generation (CVE-2018-0734)
Get the Build
As always, you can download binaries directly from downloads.chef.io or by using the mixlib-install command line utility:
$ mixlib-install download chef -v 14.8.12
Alternatively, you can install Chef using one of the following command options:
# In Shell
$ curl https://omnitruck.chef.io/install.sh | sudo bash -s -- -P chef -v 14.8.12
# In Windows Powershell
. { iwr -useb https://omnitruck.chef.io/install.ps1 } | iex; install -project chef -version 14.8.12
If you want to give this version a spin in Test Kitchen, create or add the following to your kitchen.yml file:
provisioner:
product_name: chef
product_version: 14.8.12
Enjoy,
Tim