ChefDK 4.0 Released


We're happy to announce the release of ChefDK 4.0, including the latest version of Chef, updates of products to require accepting the Chef EULA, as well as updated dependencies.

Breaking Changes


Usage of ChefDK 4.0, Chef Infra Client 15, and InSpec 4 requires accepting the Chef EULA. See the frequently asked questions for information about the license update and the associated business model change.

Chef Provisioning

Chef Provisioning is no longer included with Chef DK, and will be officially end of life on August 31, 2019. The source code of Chef Provisioning and the drivers have been moved into the chef-boneyard GitHub organization and will not be further maintained. Current users of Chef Provisioning should contact your Chef Customer Success Manager or Account Representative to review your options.

knife bootstrap against cloud providers

knife bootstrap was rewritten in Chef Infra Client 15. The knife-* cloud providers need to be updated to use this new API. As of ChefDK 4.0, knife bootstrap functionality against the cloud providers will be broken. We will fix this ASAP in a ChefDK 4.1 release. The only gem not affected is the knife-windows gem. It has already been re-written to leverage the new bootstrap library.

Affected gems:

  • knife-ec2
  • knife-google
  • knife-vsphere

If you leverage this functionality, please wait to update ChefDK until 4.1 is released with fixes for these gems.

Improved Chef Generate command

The chef generate command has been updated to produce cookbooks and repositories that match Chef's best practices.

  • chef generate repo now generates a Chef repository with Policyfiles by default. You can revert to the previous roles / environment behavior with the --roles flag.
  • chef generate cookbook now generates a cookbook with a Policyfile and no Berksfile by default. You can revert to the previous behavior with the --berks flag.
  • chef generate cookbook now includes ChefSpecs that utilize the ChefSpec 7.3+ format. This is a much simpler syntax that requires less updating of specs as older platforms are deprecated.
  • chef generate cookbook no longer creates cookbbook files with the unecessary frozen_string_literal: true comments.
  • chef generate cookbook no longer generates a full Workflow (Delivery) build cookbook by default. A new --workflow flag has been added to allow generating the build cookbook. This flag replaces the previously unused --delivery flag.
  • chef generate cookbook now generates cookbooks with metadata requiring Chef 14 or later.
  • chef generate cookbook --kitchen dokken now generates a fully working kitchen-dokken config.
  • chef generate cookbook now generates Test Kitchen configs with the product_name/product_version method of specifying Chef Infra Client releases as require_chef_omnibus will be removed in the next major Test Kitchen release.
  • chef generate cookbook_file no longer places the specified file in a "default" folder as these aren't needed in Chef Infra Client 12 and later.
  • chef generate repo no longer outputs the full Chef Infra Client run information while generating the repository. Similar to the cookbook command you can view this verbose output with the --verbose flag.

Updated Components and Tools

Chef InSpec 4

Chef InSpec has been updated to 4.3.2 which includes the new InSpec AWS resource pack with 59 new AWS resources, multi-region support, and named credentials support. This release also includes support for auditing systems that use ed25519 SSH keys.

Chef Infra Client 15

Chef Infra Client has been updated to Chef 15 with 8 new resources, target mode prototype functionality, ed25519 SSH key support, and more. See the Chef Infra Client 15 Release Notes for more details.

Fauxhai 7.3

Fauxhai has been updated from 6.11 to 7.3. This removes all platforms that were previously marked as deprecated. So if you've noticed deprecation warnings during your ChefSpec tests, you will need to update those specs for the latest supported Faxhai platforms. This release also adds the following new platform releases for testing in ChefSpec:

  • RHEL 6.10 and 8.0
  • openSUSE 15.0
  • CentOS 6.10
  • Debian 9.8 / 9.9
  • Oracle Linux 6.10, 7.5, and 7.6

Test Kitchen 2.2

Test Kitchen has been updated from 1.24 to 2.2.5. This update adds support for accepting the Chef Infra Client and Chef InSpec EULAs during testing, as well as support for newer ed25519 format SSH keys on guests. The newer release does remove support for the legacy Librarian depsolver and testing of Chef Infra Client 10/11 releases in some scenarios. See the Test Kitchen Release Notes for additional details on this release.

Kitchen-ec2 3.0

Kitchen-ec2 has been updated to 3.0, which uses the newer aws-sdk-v3 and includes a large number of improvements to the driver including improved hostname detection, backoff retries, additional security group configuration options, and more. See the kitchen-ec2 Changelog for additional details.

kitchen-dokken 2.6.9

Kitchen-dokken has been updated to 2.6.9 with a new config option pull_platform_image, which allows you to disable pulling the platform Docker image on every Test Kitchen converge / test. This is particularly useful for local platform image testing.

kitchen.yml example:

  name: dokken
  pull_platform_image: false