Chef Server 12.0.4 Released

Today we released Chef Server 12.0.4. This release includes cookbook
caching, continued development of the key rotation feature, and some
LDAP improvements.

Cookbook Caching

Cookbook caching lets you serve up cookbook resources to Chef clients
faster by keeping those resources cached by more efficient servers.
This feature is off by default, but can be enabled. See [1] for the
full low-down on cookbook caching.

Continued Key Rotation Work

Key rotation is a feature that is still under development. With the
last Chef Server release [2], we implemented basic key rotation
support via chef-server-ctl with the promise that API support was
coming soon. We have implemented the first endpoint of the API in this
release, with more to come in releases scheduled for the near future.

GET Me Some Keys

A GET to the Chef Server endpoints,
/organizations/ORGNAME/clients/CLIENTNAME/keys or
/users/USERNAME/keys, will return a list of keys for a client or user,

If you haven’t used the key rotation chef-server-ctl commands, for
now, this will simply return the default key for a client or user. The
same key is still returned via GET to the users and clients endpoints.

Key Rotation Is Still A Feature In Progress

While we are finishing up the rest of the API, we recommend you
continue to manage your keys via the users and clients endpoints as is
done traditionally. However, if you can’t wait to get started with
rotating, we recommend you do not delete the default key for now.

See the docs [3] for additional information on key rotation.

LDAP Improvements

Brian Felton [4] added support for filtering LDAP users by group
membership. To restrict Chef
logins to members of a particular group, use the ldap[‘group_dn’]
configuration option in /etc/opscode/chef-server.rb to specify the DN
of the group. This feature filters based on the memberOf attribute and
only works with LDAP servers that provide such an attribute.

A number of other LDAP bugs have also been fixed. Check the release
notes [5] for details.