Below are the notes for this week's meeting.
- A quick thanks to @Xorima for this blog post . We love being able to highlight the Sous-chefs.
- One of the last live events we got to attend this year was Config Mgmt Camp , and @drrk’s talk “ One tool to rule them all, Infrastructure Testing and Compliance with Chef Inspec ” has been posted on YouTube. He’ll likely do it again live for one of our digital meetups, too!
- Speaking of meetups…. Chef Users Global Digital Meetup gets visit from @nrycar, covering all the stuff that’s going to blow your socks of in Chef 16! Sign up in your local Meetup group or join our HQ Meetup at https://www.meetup.com/Chef-Meetup/
- Registration will be opening soon! Don’t miss it, sign up to be notified at chefconf.io ! Stay tuned for your chance to be in our live studio audiences starting May 4!
- And last, but not least: we’ve released a new LCR module covering the latest method for configuring knife using a credentials file instead of knife.rb. or config.rb. https://learn.chef.io/modules/create-knife-config
This week’s releases
First off is our weekly Automate release with version: 20200416222158. This adds an out of the box IAM setup for compliance only views to get you started applying roles to your Automate setup. It also fixes the usual pile of minor bugs and improves the UX experience.
Habitat 1.6 released https://discourse.chef.io/t/chef-habitat-1-6-0-released/16981/2
I’m particularly stoked for this release. This adds multilayer docker container exports. This should really improve the time it takes to pull down your updated app images for minor updates.
Chef Infra Client
We shipped Chef Infra Client 15.10 with several important updates - https://discourse.chef.io/t/chef-infra-client-15-10-12-released/16983
- Multiple fixes for bootstrapping with sudo and when specifying the version of Infra Client to bootstrap
- systemd_unit now respects the “sensitive” property
- Packages for Amazon Linux 2 on x86 and ARM
- a new “arm?” helper for use in recipes and resources
- InSpec 4.18.104 which includes a bunch of virtualization detection improvements and a fix for a regression in the service resource on windows
- Released Cinc Client 15.10.12
kitchen-azurerm 0.16 shipped. This adds support for marketplace plan information. Thanks @Jason Barnett for this fix and for getting the project started with unit tests
knife-ec-backup 2.4.7 shipped with a new option to allow you to specify the log directory which is handy in certain server setups where you can’t necessarily write where you’re executing the backup
Cookstyle 5.23 shipped. This release backports a bunch of fixes and cop improvements from the 6.0 release without updating the RuboCop engine or adding more cops. This will ship in the upcoming DK 4 release. https://github.com/chef/cookstyle/blob/5-stable/RELEASE_NOTES.md#cookstyle-523
Cookstyle 6.3 also shipped https://discourse.chef.io/t/cookstyle-6-3-4-released-with-2-new-chef-cops/16963 This release includes 2 new cops: ChefModernize/RespondToCompileTime and ChefDeprecations/DeprecatedShelloutMethods. It also bumps the RuboCop engine to 0.82 which includes fixes for several issues we discovered while testing Cookstyle against Supermarket cookbooks.
New Ohai shipped in 15.10 which included fixes to properly detect OpenStack and improvements to the Shard plugin to work better on Amazon Linux v1 or other Linux distros that lack dmidecode out the box. Thanks @ramereth and @jaymzh
El Jeffe shared
Hey all from PTO land. Habitat cookbook 2.0 was released. now with extra nougaty goodness.
- able too use hab pkg uninstall now using action :remove with the hab_package resource
- all current --event-stream functions
- --keep-latest for hab_package and --keep-latest-packages for hab_sup
- lots of other new functionalityOther updates
Alex Pop shared
- We fixed a bug to persist compliance filters when returning from Node or Profile details page.
- Continued with IAM v2 bugs and cleanup.
- Made improvements to documentation and release notes.
- Further improved the errors returned by the datafeed API.
- The UI for adding of data feeds has been.
- We made the postgres MaxConnections configurable.
- Released the
auditcookbook with the metadata stripping feature and improved logging.
- Made changes to Compliance Scan job results to respect project filtering.
- Released changes to the existing compliance profiles.
- Fixed Compliance SSM scan jobs after auth upgrade.
- This week we had a small improvement to logging in InSpec, a couple of docs fixes, and train-aws was updated to 0.1.16 to allow AWS EFS filesystems to be tested.
- InSpec v4.18.108 is currently going through release CI
- Work is also in progress to add EL7, Ubuntu 18.04 and SLES15 aarch64 builds
Greetings from the Habitat team! This week:
- Investigating alternative methods to build containers in our docker exporter
- Continued work on config file for the supervisor
- Builder operational improvements, gathering additional metrics base on last weeks learnings, deploying optimizations made
Howdy! This week the chef workstation team has been working on preparing releases for ChefDk 3, ChefDK 4, and Chef Workstation. This will be the last release for ChefDK 3 per our support policy. It will also mark the start of ChefDK 4's deprecation period before it is EOLed at the end of the year. And the Chef Workstation release will switch over to the date based major version changes. Due to some constraints on Windows our build numbers are going to end up looking like Ubuntu - 20.4.x where x is going to be a build number. The major version will reflect the year it was built (2020) and the minor version will reflect the month it was built (April).
In addition to wrangling pipelines we have been adding improvements to the chef analyze report tool to work correctly for customers who already use policyfiles. Marc has almost finished upgrading our release pipeline to automatically publish Workstation packages to Chocolatey after we promote them to stable. No more
forgetting doing that manually!
Chef Infra Server
- This week we are working on prototyping bookshelf accepting Amazon signature v4
- Adding some options into the chef-server-ctl reindex command so that it can accept a list of chef-objects to reindex instead of always being able to reindex only by org.
Chef Infra Client
- Continuing to put the finishing polishes on Infra Client 16 which ships next week
- Added Ubuntu 20.04 aarch64 and SLES 15 aarch64 packages
- *Modified some internals of how we package together our omnibus package which shaved another 10% off the package size. For those not keeping tally at home Chef 16 is now 30% smaller on nix systems then Chef 15 which was smaller than previous releases. Chef 16 is now significantly smaller than Chef 12 was.
- Merged multipackage support for the homebrew and pacman package providers
- Updated how “required” in custom resource properties work. See https://github.com/chef/chef/pull/9688
I was told I’m up for the Sous Chefs weekly update. I’m sure I missed something here since I’ve been deep in Infra Client 16 land, but here goes nothing:
- Ruby build 2.0: Modernized as custom resource with the latest OS support and testing converted to InSpec
- Java 8.1.0 / 8.1.2: New openjdk_pkg_install/adoptopenjdk_linux_install/adoptopenjdk_macos_install/openjdk_source_install resources
- DHCP 7.0: Completely reworked to use custom resources and remove the usage of data bags / attributes
Super huge shout outs to @stromweld and @damacus for those updates and @Xorima for continuing to blow up my e-mail box with tons of automation across the repos. We’re now migrated to Cloudflare with more Terraform magic sprinkled on top
- Refactored our Gitlab pipelines to minimize load on our runners by only running pipelines when an MR is created or we issue a pipeline from the web interface
- Additionally, we added omnitruck release automation for Auditor and Client (it was manual before)
- Enabled Docker-in-Docker on our runners so we can build containers using our pipeline
- Created Cinc Auditor Docker images at cincproject/auditor
- Created Cinc Client images at cincproject/cinc which can be used with kitchen-dokken
- We now have a WIP repo for Cinc Server ( https://gitlab.com/cinc-project/distribution/server ) thanks to @jgitlin and @atrull
- @Tensibai has been hard at work creating a Biome package for Cinc Client
- Starting work to properly manage our infra with Cinc Client
On the cinc-server side of things I have not been able to make much progress this week due to work priorities. I did push up all the work I've done to both GitHib and GitLab for others to review and contribute to
See you next week!