Hey Everyone,
To celebrate Friday we have a nice new release of Chef Infra Client 15 for you. This release includes several backported fixes from Chef Infra Client 16 and our upcoming Chef Infra Client 17 release. Keep in mind as we get closer to the April 28th release of Chef Infra Client 17, that once 17 is released Chef Infra Client 15 will become end-of-life (EOL). Barring any last-minute security updates, this will be the very last release of Chef Infra Client 15.
For more information on our upcoming Chef Infra Client release be sure to join us for our Launch Celebration on April 28th.
What's new in 15.16:
Fixes and Improvements
- Improved license acceptance failure messaging if incorrect values are provided.
- License acceptance values are no longer case sensitive.
- Resolved several failures that could occur in the
windows_certificateresource. - Improved handling of WinRM connections when bootstrapping Windows nodes.
- Switched docker containers back to EL6 packages to prevent failures running the containers with Kitchen Dokken to test RHEL 6 systems.
- Fixed non-0 exit codes in the Yum and DNF helper scripts which caused errors in system logs.
- Fixed package failures in FreeBSD due to changes in
pkgngexit codes. - Added support for
client.dconfiguration files inchef-shell.
Chef InSpec
Chef InSpec has been updated from 4.24.8 to 4.29.3.
New Features
- The JSON metadata pass-through configuration has been moved from the Automate reporter to the JSON Reporter.
- Added the option to filter out empty profiles from reports.
- Exposed the
conf_path,content, andparamsproperties to theauditd_confresource. - You can now directly refer to settings in the
nginx_confresource using theitssyntax. Thanks @rgeissert! - Plugin settings can now be set programmatically. Thanks @tecracer-theinen!
- OpenSSH Client on Windows can now be tested with the
ssh_configandsshd_configresources. Thanks @rgeissert!
Bug Fixes
- The
--reporter-message-truncationoption now also truncates thecode_descfield, preventing failures when sending large reports to Automate. - Fixed
skip_controlto work on deeply nested profiles. - The
ssh_configandsshd_configresources now correctly use the first value when a setting is repeated. - Fixed the
crontabresource when passing a username to AIX. - Stopped a backtrace from occurring when using
cmpto comparenilwith a non-existing file. - The
aptresource now correctly fetches all package repositories using the-nameflag in an environment where ZSH is the user's default shell. - The
--controlsoption ininspec execnow correctly filters the controls by name. - Updates how InSpec profiles are created with GCP or AWS providers so they use
inputsinstead ofattributes. inspec execwill now fetch profiles via Git regardless of the name of the default branches now correctly use the first value when a setting is repeated.- Updated the
oracledb_sessionto use more general invocation options. Thanks @pacopal! - Fixed an error with the
httpresource in Chef Infra Client by includingfaraday_middlewarein the gemspec. - Fixed an incompatibility between
parsletandtomlin Chef Infra Client. - Improved programmatic plugin configuration.
Security
Upgraded OpenSSL to 1.0.2y, which resolves the following CVEs:
Platform Updates
With the release of macOS 11, we will no longer produce packages for macOS 10.13 systems. See our Platform End-of-Life Policy for details on the platform lifecycle.
Get the Build
As always, you can download binaries directly from downloads.chef.io or by using the mixlib-install command-line utility:
$ mixlib-install download chef -v 15.16.7
Alternatively, you can install Chef Infra Client using one of the following command options:
# In Shell
$ curl https://omnitruck.chef.io/install.sh | sudo bash -s -- -P chef -v 15.16.7
# In Windows Powershell
. { iwr -useb https://omnitruck.chef.io/install.ps1 } | iex; install -project chef -version 15.16.7
If you want to give this version a spin in Test Kitchen, create or add the following to your kitchen.yml file:
provisioner:
product_name: chef
product_version: 15.16.7
Enjoy,
Tim