Chef Habitat allows you to define, package, and deliver applications to any environment. With Habitat, you package up all of the dependencies your application needs to build and run. To make this easy, the Habitat Builder service includes hundreds of packages in the ‘core’ origin – everything from services like Postgresql, to binaries like Go, to low-level system libraries like glibc – that you can include with your application.
Chef updates these packages regularly with the latest versions of the software and their dependencies. Updating these packages is critical in order to provide security fixes, performance improvements and bug fixes to our users. However, since these packages are a critical part of the ecosystem, nearly every Habitat package has a declared or transitive dependency on one or more of the packages in the core origin. When we update one, it necessitates a rebuild of the entire core origin.
On April 28th, 2020 a new set of Linux packages will be published in the core origin. This update will only impact Linux packages, Windows packages will not be affected. If you are using Habitat for Linux applications, we recommend that you follow the instructions below so that you can ensure that you are using the latest versions of these dependencies.
Below are instructions for consuming the updated packages for a few different scenarios:
- Using Habitat Builder On-Premises
- Using Habitat Builder SaaS
- Using Habitat for deploying and managing Chef Infra and Chef InSpec
Habitat Builder On-Premises: Linux Package Update Instructions
When using Builder installed on-premises, you choose when to sync packages from the Builder SaaS. Chef provides seed lists that provide recommended sets of packages to sync, or you can create your own list. Then use the hab pkg download and hab pkg bulkupload commands to sync the updated packages. The Chef Automate documentation has full instructions on how to use the seed lists.
We recommend that you upload your packages to a named channel, for example hab pkg bulkupload --channel refresh-DATE --url https://my.private.builder . This will give your teams a safe location to do any validation your organization requires before promotion to stable. Once you are ready to promote to stable, you can then use channel promotion to publish everything to stable. Ex: hab bldr channel promote <SOURCE CHANNEL> stable.
Habitat Builder SaaS: Linux Package Update Instructions
If you are using the Habitat Builder SaaS, the next build you perform after the packages are promoted to stable will automatically consume the updated core origin packages. If you only depend on packages from the core origin, no further action is necessary.
If you have a dependency on a package from an origin you maintain, you will need to issue a rebuild for that dependency first. For example, if you have myorigin/myapp that depends on myorigin/mylibrary, you would want to issue a rebuild for myorigin/mylibrary first.
If you depend on a package from a non-core origin that you do not maintain, for example if you are using the chef-infra or chef-inspec scaffolding, you will need to wait for that origin’s maintainers to publish updated packages.
Using Habitat for Chef Infra and Chef InSpec
If you are using Chef Habitat to manage your Chef Infra and Chef InSpec clients, we recommend waiting to sync packages until updated chef-infra and InSpec packages have been published for those projects. These projects will begin their release processes after the core packages are published on April 28th, 2020.