Meeting notes for July 29, 2021

Below are the meeting notes for this week's Community Meeting, a text-based meeting held weekly in #community-meetings on our community slack, which you can join:


benny Vasquez shared

As @damacus said, we’re doing a bunch of streaming, so go subscribe on twitch to get notifications for when we do streams! Twitch

I mentioned last week, but just in case you missed it: Dan also wrote a blog post about the Awesome Chef awards. There’s only ONE MORE WEEK to submit your favorite chef community members, so don’t procrastinate any longer: Nominate an Awesome Chef! - Chef Blog

This week’s releases

Chef Infra Server

benny Vasquez shared

Chef Infra Server 14.7.13 was released with some improvments around chef-server-ctl gather-logs and an upgrade to Rails.

Chef Infra Client

benny Vasquez shared

Chef Infra Client 16.14 dropped with a TON of improvements and bug fixes that I’m sure @tas50 will talk more about later.

Chef Workstation

benny Vasquez shared

Workstation had one earlier this week with a bunch of important updates and bug fixes: Chef Workstation 21.7.545 Released!


Chef Automate

Ankur Mundhra shared

Chefs in Automate team prepared the following things for you:

  • Re-certified Incident creation app for Quebec version on ServiceNow Store
  • Detailed view of policy files including included_policy, run list and attribute details with visibility of revision ids of each policy file
  • Paginated view of compliance scan reports
  • APIs to get policy group information, list of policy files and more
  • Mandatory landing page for all types of users - local Automate, SAML, Ldap
  • Documentation of ServiceNow CMDB integration app (2.0.0 app release in review stage at ServiceNow Store)
  • Compliance profiles: STIG Windows 10 v2.1.0,
  • CVE fix: CVE-2021-23358

More updates coming soon

Chef Habitat

mwrockx shared

This week we have been working on:

  • Core-plans team onboarding
  • Continued work on August core-plans refresh
  • Investigating options around core-plans version bump automation
  • Working on bumping builder and habitat cargo deps and eliminating any CVE exposure

Chef Infra Client

tas50 shared

Let's start off with Secrets Manager integrations

We're continuing to work on our new beta of secrets manager integrations. We've made it easier to specify the vault when using Azure Key Vault and we now default to the AWS region of the instance when fetching from AWS Secrets Manager. Next up is work to support HashiCorp Vault as well as Akeyless Vault. We're hoping for 17.4 for those.

Next up is Compliance Phase
The next iteration of our compliance integration in Chef Infra Client is coming along nicely. We're on track to merge support for shipping InSpec profiles and waivers in cookbooks at /compliance/profiles and /compliance/waivers . You'll be able to include these in your run just like your use include_recipe today. Keep an eye out for this in Infra Client 17.4. We also just merged turning on chef_node_attribute_enabled by default so InSpec profiles will always have access to Infra node attributes including all the Ohai data.

How about some Docker after that

Our Releng team just did some pipeline magic and we'll now be producing Arm Infra Client Docker containers alongside the existing x86 containers.

and we have a few other things worth noting that merged

  • systemd_unit now generates valid unit files when passing a hash
  • knife bootstrapping now respects ssh config files
  • yum_repository has been refactored to improve logging and reliability on RHEL derivatives
  • homebrew_cask now supports casks with '-' or '@' in the name.

Chef Infra Server

prajakta shared

Hello Chefs!
This week we released chef Infra Server 14.7 ( Chef Infra Server Release Notes ) This release has some enhancements and fixes a regression caused by the previous release (14.6.32) in upgrading when Supermarket is installed.
In addition to keeping various dependencies updated and code cleanup, this week we updated pg_gem from 0.17 -> 1.2.3.
We are working on the preparation of the release that supports Postgresql 13.3.Thank you folks! See you next week!

Chef Inspec

cwolfe shared

The Chef InSpec team is working on:

  • Investigating an issue with SSH connections when PrintLastLog is enabled
  • Adding support for the IBM DB2 database
  • Fixing the unit tests for Ruby 2.5 (probably for the last time)
  • Working on a new release

Chef Workstation

Vikram Karve shared

Hi All! Here are the updates from Workstation team-The latest workstation release 21.7.545 on 27th Jul includes the below changes

  • Update ruby version to 3.0.2
  • Update deprecated schema in the chocolatey package
  • Updated chef-cli to 5.3.1
  • Update docker-api
  • Updated curl to resolve CVEs
  • Updated error message related to knife cookbook unshare command


  • Adding further unit test cases in the Go Cobra library implementation in Workstation
  • Dev changes to optimise chef -v are nearly complete, continue to address issue found here in Windows
  • Addressing an issue in kitchen-vagrant

Sous Chefs

ramereth shared

Hello from Sous Chefs!

Here's the list of new releases in the past week:

  • grafana - 9.7.0:
    • Enable unified_mode for all resources
    • Deprecations:
      • All Grafana API resources will be removed in a future version of this cookbook. Other tools e.g. Terraform are better suited for interacting with the API.
        • grafana_dashboard , grafana_dashboard_template , grafana_dashboard_backup
      • These use the old dashboard name API which was removed in the latest 8.0 release of Grafana
        • grafana_datasource , grafana_datasource_backup , grafana_organization , grafana_user
  • users - 7.1.0:
    • Give group ownership of each users .ssh/* files to that users primary group
    • Allow user to set file permissions for their home directory
    • Add a primary_group and homedir_mode key to the user hash options
  • We're doing some refactoring work on the selinux cookbook as well thanks to @bmhughes . Once that's completed, @Robert Detjens will work on pulling in the resources from the selinux_policy cookbook into the selinux cookbook. The end goal is to get that cookbook in a stable state and eventually get the resources into client natively

I think there are a few other PRs in progress but that's the notable stuff.

Cinc Updates

ramereth shared

Hello from the Cinc Project!

Cinc Server

  • Working on resolving run-time issues with 14.6.32 related to chef-utils gem
  • Will work on building 14.7.13 once the 14.6 run-time issues are resolved

Cinc Client

  • Working on resolving build issues with 17.3.48 on Windows related to the ruby-shadow gem
  • Will work on building 16.14 once the 17.3 build issues are resolved

Cinc Workstation

  • Will work on building 21.7.545 once the Cinc Client 17.3 build issues are resolved

Much of the delay in the past week is my time being consumed with rebooting machines related to the Sequoia vulnerability. I hope to make more progress in the next week!

Other updates

tas50 shared

unrelated to Infra Client, but in my wheel house we're hoping for a Chef Manage release soon that will include some branding updates in the UI, a bunch of CVE fixes, support for running when Chef Infra Server has MTLS enabled, and validation of user e-mails when they change their e-mail

We're also hoping for a Supermarket release and that includes a massive list of dep updates along with improvements to search

See you next week!

This topic was automatically closed after 3 days. New replies are no longer allowed.