Chef Automate Release 1.7.27

We are delighted to announce release 1.7.27 of Chef Automate. This is a bug fix release available for download from https://downloads.chef.io/automate.

Resolved Issues

  • The compliance API endpoints experienced an unexpected move in their paths as part of the scanner being added in release 1.7.10. These changes were reverted and the current API around /compliance/nodes is now available again. All scanner endpoints moved to the /compliance/scanner subpath instead.
  • By default the workflow service would previously only connect to external services like Elasticsearch over SSL when the number of certificates in the chain was 2 or less. The default has been increased to 20.
  • The automate-ctl install-runner command now works on nodes with an existing /etc/chef/validation.pem file.
  • The nginx[‘use_implicit_hosts’] setting now defaults to false to avoid edge cases on systems where we cannot detect the local IP addresses. It is recommended to set this to true if nginx[‘strict_host_header’] is set to true for security reasons.
  • Bitbucket integration now works with usernames containing the @ symbol.
  • The automate ctl data-summary command was reporting the total number of “converge” documents, which included start, completion, and failure events. This has been modified to report only the total number of started runs.
  • OpsWorks for Chef Automate and the cloud marketplace instances of Chef Automate rely on self-signed SSL certificates. As of Chrome 58, self-signed certificates with x509 version 3 without the SubjectAltName extension are invalid. We added the correct extension for the self-signed cert.

We encourage you to upgrade often. As always, we welcome your feedback and invite you to contact us directly or share your feedback online. Thanks for using Chef Automate!