Chef Server 12.15.0 released!

Ohai Chefs!

We’re excited to announce the release Chef Server 12.15. Full release
notes [1] and changelog [2] are available as usual. The package is now
available for download from the Chef Downloads page [3].

Release Highlights

Server Enforced recipes

Add required_recipe endpoint as described in Chef RFC 89 [4]

This adds the ability to serve a required recipe file to chef-clients.

ACLs and groups

The server-admins group is useful, but it breaks roundtripping when it
appears in an organizations ACLs and groups. This was particularly
painful when using the API for backups.

We add a new syntax for referring to global objects from org local
context. ORGNAME::name and for global objects ::name. This can, and is
omitted whereever the context is clear. So if the server-admins
appears in an organizations ACL, you will see the name ::server-admins
to disambiguate it.

User customization of LDAP field mapping

Attributes from a user’s LDAP record are used during account-linking
to populate the erchef user record when it is created. Previously, the
mapping between LDAP attributes and chef user attributes were
fixed. Now, they are configurable.

For example, if the user’s LDAP record stores their email address in a
field named ‘address’ instead of ‘mail’, then you could set the
following in private-chef.rb:

ldap[‘email_attribute’] = “address”

Upgrade Notes

Follow the normal upgrade instructions for your Chef server topology.



Chef Server 12.15.0 has a bug that affects upgrades for users of the sql-based cookbook storage (Chef Server HA users and others). Previously, the storage type could be specified as a string or a symbol in /etc/opscode/chef-server.rb:

bookshelf['storage_type'] = :sql

However, 12.15.0 only accepts a string and will issue an error during chef-server-ctl reconfigure if a symbol is used. Users can work around this issue by changing their configuration to use a string:

bookshelf['storage_type'] = 'sql'

This bug will be fixed in the next version of Chef Server. Apologies for any problems this may have caused you.


Steven Danna