Meeting notes for April 9th, 2020

Community Meetings
1

Below are the meeting notes for this week's meeting.

DevRel/Community

bennyVasquez shared

Only a couple things this week.

  • Sign up to be notified when ChefConf Online registration opens: https://www.chefconf.io/
  • Thanks to everyone that joined us this morning for @Tom Finch ’s presentation. The recording of that meetup will be shared as soon as we upload it. The next Chef Users Global Digital Meetup is April 16 4pm EDT with Chef’s Alain Lubin! Check out your local Chef Meetup or join our HQ Meetup group to get reminders at https://www.meetup.com/Chef-Meetup/events/269938467/

This week’s releases

Cookstyle

tas50 shared

Cookstyle 6.2.5 released with 2 new cops, improvements to the TargetChefVersion setup in many deprecation cops, and an update to the latest Rubocop engine which better supports new Ruby 2.7 syntax in cookbooks https://discourse.chef.io/t/cookstyle-6-2-5-released-with-2-new-chef-cops/16886

Chef Inspec

tas50 shaerd

Last but not least us we shipped InSpec 4.18.104 which includes improvements for installing gems from a non-rubygems.org source and has nice improvements for hypervisor detection. https://discourse.chef.io/t/chef-inspec-4-18-104-released/16904

Chef Habitat

sdmacfarlane shared

Habitat release 1.5.86 yesterday. This was a small release but it included the ability for the supervisor to prune older versions of services.

Chef Infra Client

tas50 shared

Chef Infra Client 15.9 shipped. This includes InSpec 4.18.100, support for macOS 10.15 in build_essential, support for RHEL 8 in the rhsm resources, important security updates for Ruby / libarchive and packages for Ubuntu 20.04, Ubuntu 18.04 on aarch64. https://discourse.chef.io/t/chef-infra-client-15-9-17-released/16884

What will probably be the last release of Chef Infra Client 14 also shipped with 14.15.6. This includes backported fixes/improvements to windows_task and ifconfig, security updates to Ruby / OpenSSL, and packages for Ubuntu 20.04, Ubuntu 18.04 on aarch64, and Debian 10. Remember that Chef Infra Client 14 goes EOL at the end of this month so unless there’s a magic CVE between now and then this will be the last release. It’s time to plan you upgrade. https://discourse.chef.io/t/chef-infra-client-14-15-6-released/16900

Sous Chefs

john shared

  • memcached 6.0.0 - Moved to systemd only (and more - details in the changelog ) ty! @ramereth

  • keepalived 5.0.0 - Moved to custom resources, dropped recipes - changelog @Xorima

  • grafana 8.7.0 - Added in support for Azure AD authentication - changelog woo nothanwebsterdotme (not sure slack alias)

  • inherited the emacs cookbook

  • dhcp cookbook is in the process of being revamped - moving to custom resources. Thanks @bmhughes

  • Put an official stance on cookbook support on our website TL;DR we’ll do our best to support the versions of Chef Infra that Chef supports

Cinc releases

ramereth shared

We pushed out similar stable releases for Cinc Client/Auditor. We also have our first unstable release of Cinc Workstation: http://downloads.cinc.sh/files/unstable/cinc-workstation/

  • This does not include a windows build (yet). Still a WIP
  • This is not trademark compliant (yet)
  • This uses our forked version of mixlib-install so test-kitchen integration should be seamless as long as you don't specify product_name: chef in your kitchen.yml

Other updates

tas50 shared

We made 4 different releases of the Habitat cookbook with support for new habitat functionality and improvements for windows https://supermarket.chef.io/cookbooks/habitat/versions/1.7.0

Last night we shipped updated versions of knife-cloud, knife-vcenter, and knife-vrealize. These updated versions allow us to switch from fog to fog-core, which will greatly reduce the number of gems required for an install plus we get to kill off dozens of deprecation warnings when running knife.

Other updates

Chef Automate

Alex Pop shared

  • We improved the errors returned by the data-feed-service API.

  • Added a /metasearch Compliance API endpoint and a change to the ingestion service in order to reduce compliance reports coming in ingestion by around 80%

  • Progressing with the Compliance waivers in the UI.

  • Released changes to the existing compliance profiles.

  • Made improvements to documentation and release notes.

  • Fixed a Compliance API status filter bug when listing nodes and profiles. The status summaries won’t be influenced by the status filter anymore.

Blake Johnson shared

the next release of automate, planned for monday april 13th, will put everyone onto iam v2 .

our docs are here: https://automate.chef.io/docs/iam-v2-overview/
our api docs are here: https://automate.chef.io/docs/api/

more impacts are described in this announcement
https://chefcommunity.slack.com/archives/CAZSL536K/p1585748708036200?thread_ts=1585748705.036100&cid=CAZSL536K

you can post in #automate2_0 if you have any questions or concerns, or reach out to me or susan directly too

Chef Inspec

Stocksy shared

This week we made improvements to how we build and test on Windows, ahead of making the 4.18.104 release. Also this week we welcome a new Chef engineer for InSpec, Nick @schwad Schwaderer, who you’ll start to see popping up on the InSpec repos and channels.

Chef Habitat

sdmacfarlane shared

Greetings from the Habitat team!

  • Read-only users for origins in review
  • Layered dockerfiles in review
  • Initial implementation of build orders that take into account cycles in the package graph.

The last one is particularly exciting to me. It means we're one step close to full world rebuilds inside of Builder

Chef Workstation

tball shared

The Chef Workstation team has continued working on the chef analyze capture command. It now generates a kitchen.yml configured to point at the local repo so users can test the copy of their captured node.In addition I have started working on the major version release for Chef Workstation this sprint. Some highlights of this upcoming release:

  • Chef Infra Client will be bumped to 16.x
  • Ruby will be bumped to 2.7
  • All available tools will be bumped to their latest version
  • Any backwards incompatible changes in our bundled tools (Chef, Cookstyle, etc.) will be present after updating, but none of the Chef-Workstation-only tools (Chef Workstation App, chef CLI) have backwards incompatiable changes
  • Per our n-1 support policy, ChefDK 3 will be EOLed. It will get a last release to resolve all known CVEs
  • ChefDK 4 will be deprecated, which means it will only receive updates for CVEs and not for features
  • Chef Workstation will be switching to a date based versioning scheme. EG, its version will bump to 2020.04.091200 and future versions will be based off the date the package is builtThe versioning change is a deperature from SemVer. We decided this because Chef Workstation is primarily a bundle of other tools and human-first tools. This makes it difficult for us to respect SemVer in the first place. Instead, we plan to release UX changes behind feature flags while they are in flux and recommend users subscribe to either the stable or current channel for consuming updates.

Chef Infra Server

prajakta shared

This week for Chef-Infra Server we have been working on getting the FIPS regression fixes.

  • Adding some improvements to help with debugging the reindex
  • continuing work on aws sig_v4

Chef Infra Client

tas50 shared

  • Worked to ship 14.15 and 15.9 releases with new platforms and CVE fixes
  • Currently Investigating automation for our chocolatey releases
  • Improved testing on Windows 10
  • Continued to expand the number of platforms and architectures we ship
  • Put together an initial PR for a chef_client_systemd_timer resource for setting up a scheduled chef-client execution on systemd boxes https://github.com/chef/chef/pull/9624
  • PR is ready for review on resource partials which allow you to write multiple resources with a shared set of properties from a “partial” without resorting to HWRP style resources: https://github.com/chef/chef/pull/9632
  • Ohai work to gather DMI like data on Windows to give us consistent vendor information on all platforms

Cinc Updates

jgitlin shared

cinc-server / Chef "Dist" fork: I have made some progress, found that a major challenge was that a lot of what I needed to replace with #{Chef::Dist::SERVER} was in single-quoted ruby strings... so it was much more than just a sed/find-replace exercise. This whole thing has changed my mind about ruby best practice and I now believe it's best to always use double quoted strings and silence robocop/foodcritic's warnings about FC002: Avoid string interpolation where not required

I am having some trouble getting the fork I have to build however, and I don't think I am using the new omnibus/dist.rb file properly. Had to add it as a require_reletive in some places I don't think I should have needed to, and when I try to build cinc versions, I get missing files like /var/cache/omnibus/src/cinc-server-ctl . I have more troubleshooting I want to do, and then I'll probably reach out in #community-distros later today or tomorrow for some advice. But, making progress!

BobChaos shared

A PR was merged on chef/chef to allow using knife to bootstrap windows machines to 3rd party distros using --msi_url cli switch

A PR was opened VS inspec/inspec to adress some community concerns, we're waiting on feedback (It's still largely within SLA)

We did a cleanup on issues and PRs pending on our gitlab

We now have google-analytics running on cinc.sh

A new blog post with a status report is about to be released

See you next week!

2

This topic was automatically closed after 30 days. New replies are no longer allowed.