benny Vasquez Shared
Hallo and good happy thursday to all of you lovely nuggets, @here . It’s time once again for our weekly community meeting. I’ll kick us off with some devrel/community updates.
First things first: as part of the migration/merging of the habitat forums to the Chef discourse, I’ve audited the permissions and users on discourse.chef.io (mostly just disabling accounts of employees that left many years agoooooo). If you had accesses you’re now missing, let me know. Similarly, if you have any problems logging in, let me know!
Next up: I wanted to mention that we’ve got another Roundtable webinar coming up on January 26th at 10am Pacific Time. This one covers Compliance as Code and its potential organizational impact, as well as Continuous Compliance. Register here .
and lastly, we just released that Git course I mentioned last month on learn.chef.io ! It’s the first in a series of new Learn Chef courses focusing on key technologies/languages that Chef practitioners need to be successful with our tools, instead of focusing entirely on our tools themselves. Getting Started with Git is on the site now!
This week’s releases
benny Vasquez shared
Chef Automate 2 had two releases in the last week (one just 40 minutes ago).
- 20201230192246 included a few improvements were made, specifically around ElasticSearch. See the release notes here: https://discourse.chef.io/t/automate-2-version-20201230192246-released/19424
- 20210112001354 included improvements and bug fixes around compliance and compliance profiles. https://discourse.chef.io/t/automate-2-version-20210112001354-released/19442
Chef Infra Client
benny Vasquez shared
Chef Infra Client 15 & 16 both got releases. Client 15.15.0 is a security and bugfix release . Client 16 had both 16.9.16 (thanks to @axelrtgs , @drbrain , @axl89 , @epilatow , @Blorpy , @bcg62 , @janskarvall , @reitermarkus , @tboyko , @jaymzh , and @wildcrazyman for all your contributions!) and 16.9.20 (a few additional bugfixes; Thanks @mrtazz !) released this week.
benny Vasquez shared
Chef Inspec also had a small release: https://discourse.chef.io/t/chef-inspec-4-24-32-released/19440
Alex Pop shared
Greetings from the Automate team!
- We fixed some issues with the build pipelines.
- We made updates to the compliance profiles.
- Fixed issue where notifications service failed for ServiceNow requests.
- We upgraded from AngularJS 10 to 11.
- We fixed a bug introduced by the D3 library upgrade that prevented the day filter to change when clicking on the Compliance trend graphs.
- Fixed a performance issue with the Compliance trend graphs when a period of over 1 month was selected.
- Added option for download the entire compliance scan history for a node.
- Workflow documentation has been made EOL.
- Modified the secrets store/secrets helper utilities to encrypt secrets that are stored on disk.
Hello from Habitat!
This week our focus has been:
- Fixed public Windows builders
- Updating core habitat dependency in Builder
- Sorting out our Builder Acceptance environment
Chef Infra Server
- Wrapping up work on SigV4
- Reviewing mtls support PR
- Scoped out work to ship in 14.1 and 14.2
Here's our mtls PR for those interesting in that: https://github.com/chef/chef-server/pull/2207
Chef Infra Client
- Released Chef Infra Client 16.9.20 to resolve freebsd pkgng failures and issues with the yet to be released Compliance Mode running (oops)
- PR is open to allow lazy loading attributes throughout the client. Here's that lazy PR for those interesting in what that'll look like: https://github.com/chef/chef/pull/10861
- Renamed Recipe DSL to Chef Infra Language in our docs and began process of rewriting nearly all of these docs. Expect to see all the helpers documented soon
the TLDR on that is with that change it becomes possible from a security perspective to publicly face your Chef Infra Server
The Chef InSpec team is working on:
- Routine dependency updates
- Fixing the tagging on the Docker images
- Implementing Ruby 3 support
One thing to note: our Docker images are now omnibus-based, rather than being based on a gem installation. That makes them much more predictable and consistent (and, well, working). It also means that if you are customizing the images, you need to know that the inspec installation is now under /opt/inspec rather than /usr/local/bundle
tas50 pointed out: That Docker change there is pretty rocking for folks. That means you're going to get all the omnibus deps you need for a fully functional InSpec install in those containers now
Chef Workstation had a quieter-than-anticipated week as new team members continue to work through several outstanding usability issues and bugs. We anticipate more of the same over the next week, with these updates expected ready for release in the next Workstation release; and in current in the coming days.
Here's the list of new releases in the past week:
- docker - 7.6.1: Fixed reload_signal and cpus bug for docker_container in #1090
- iis - 7.4.0: Adoption by Sous Chefs
- postgresql - 8.1.1: Fix attribute updates for users with dashes
- squid - 4.4.0: Add support for Debian 10, Ubuntu 20.04 and CentOS 8
Thanks to work by me, we now have working windows exec driver which means github actions work with windows runners, for an example see https://github.com/sous-chefs/iis . Thanks to @Xorima for getting that full working example in place!
We hope to start implementing this in other cookbooks that need it.
We're still working on properly importing the slew of cookbooks that got transferred last week. We hope to make some new progress soon.
Here's a list of currently open pull requests that have been recently updated that need some reviews
Hello from the Cinc Project!
- Released 4.24.28 & 4.24.32 (both include a native MacOS 11.0 (x86-64) package)
- Released 15.15.0 & 15.15.1, now with a native MacOS 11.0 (x86-64) package
- Released 16.6.17 & 16.9.20
- Released 21.1.222 via unstable channel
- Unfortunately no native MacOS 11.0 build due to https://github.com/chef/chef-workstation/issues/1633 but I believe the 10.15 build should still work
I also went through and cleaned up and properly fixed cached builds on MacOS and Windows for Auditor, Client and Workstation. I'm planning on back porting that to Server eventually as well.
We also now have access to an M1 MacMini (arm64) which will allow us to eventually make builds for the various products. I started working through some of the porting issues and will be making some upstream PRs as we have time.
I've also been slowly finding time to work on the Windows build of Cinc Workstation. Still no ETA on when that will be ready but I am working on it.
Not a lot on Cinc Server, but we have a new contributor guide now (still a work in progress)
I'm working on a PR for the dokken-images which should fix issues if you run it on a Linux machine. I should be pushing an update to the PR which will hopefully make @tas50 happy. Basically, running systemd inside of containers can be annoying on systems also running systemd.