benny Vasquez shared
This week I’ve only got one thing to call attention to. In case you haven’t been following the blog, we’ve been running a series around upgrading Chef Infra Client in a production environment. Our friend @dmontanez wrote the most recent installment, and it’s a great walkthrough: Upgrading Chef Infra Client
This week’s releases
Chef Infra Client
Chef Infra Client 15.13.8 shipped with the latest InSpec, a new deprecation warning to get folks ready for Chef Infra Client 16 and a few nice minor fixes: https://discourse.chef.io/t/chef-infra-client-15-13-8-released/17459
we released Chef Infra Client 16.3.38 and then 16.3.45 https://discourse.chef.io/t/chef-infra-client-16-3-released/17449
- InSpec updated to 4.22.1
- New windows_firewall_profile resource
- Near full rewrite of macos_userdefaults resource
- A pile of knife fixes
We released knife-google 5.0.5 which cleans up some of the aliases for distros. We removed a large number of very very deprecated releases https://github.com/chef/knife-google/blob/master/CHANGELOG.md
knife-opc 0.4.6 was released which fixes multiple failures that could occur when running knife opc user edit USERNAME https://github.com/chef/knife-opc/blob/master/CHANGELOG.md
chef-vault-testfixtures 3.1.1 was released which now works with chef-vault 4.x https://github.com/chef/chef-vault-testfixtures/blob/master/CHANGELOG.md
ChefDK 4.10 shipped with several of those previously mentioned fixes like Chef Infra Client 15.13, knife-opc, and knife-google. It also packages up several other knife and kitchen plugin updates from the last few months. Keep in mind at this point you're missing a TON of functionality that ships in Workstation, but if you 100% MUST be on DK for some reason it's updated: https://discourse.chef.io/t/chefdk-4-10-0-released/17473
Alex Pop shared
- Merged changes to make the Compliance control title and tag suggestions much faster.
- Fixed a UI bug for the Infra nodes status filtering in Run History to work.
- Major refactor of the API proto files in prep for linting them.
- Completed the work to capture InSpec profiles and runtime errors and report them in automate.
auditcookbook 9.5.0 to catch runtime errors and send them to Automate.
- Improved deployment and operation of the Automate services.
- Merged a change to accommodate more space for numbers in the data tables.
Greetings from the Habitat team! This week we've been:
- Writing a design document for the new build scheduler
- Working on improving the retry logic in hab the hab cli
- Refactoring around our keys code
- Working on standing up a long lived supervisor perf environment
- Making improvements to Windows user querying
Chef Infra Server
- The aws sig_v4 work is ready for review. It is passing all of the build and tests.
- Work is in progress upgrading rails from 4.2.11 to 6.0.3.
- Work is in progress to pin chef-client to 15.12.22 consistently in Chef Server.
- We are currently investigating the issue that shows 500's with sel_conn_closed in erchef while trying to connect to the search provider. (Tracked at: https://github.com/chef/chef-server/issues/1947 )
We are in the "finishing touches" phase of release. That said, there are still plenty of moving parts and we are not in a position to provide timeframe estimates with a high degree of specificity. While we do not have a more specific timeframe than end of quarter at the moment, we are confident that it will land in Q3
Chef Infra Client
- Released 15/16 client versions
- Troubleshooted a regression in client -> server protocol negotiation and released 16.3.45 to resolve that regression
- Prepped a new Cookstyle released with 2 new cops for macos_userdefaults changes in 16.3
- Started refactor work on osx_profile resource
- Started investigating how we could potentially talk directly to the OS on macOS instead of shelling out to tools like defaults
Hello everyone from Team InSpec! No big release this week, but we have some merged and in-flight work that looks to be cooking up a release for next week.
- @fzipi very kindly has contributed two PRs (and just joined community slack so be sure to say hi! helping to suppress sensitive mysql and postgres session outputs from logs and fixing and issue with os family naming. Thanks!
- Bugfix to ensure when you truncate a failure message, it only renders the “TRUNCATED” text when it’s actually been truncated.
- Extend service resource support to Scientific Linux
Also, I know this has been talked about, but if you’ve done InSpec work with the Chef learning in the past, be sure to check it out again! Learn Chef was overhauled not long ago and is definitely worth a revisit! https://learn.chef.io/dashboard
This week the Workstation team has:
- Reverted a PR in Test Kitchen that was breaking all Windows users. That updated version of Test Kitchen will be released early next week in the bi-weekly Chef Workstation release. It was fixing support for
root_pathand we want that fix, so we'll take another stab at that next sprint.
Added documentation for
chef captureto docs.chef.io
habversion output to
chef -vand the Chef Workstation App
- Planning work for our next Chef Workstation feature
ruby_rbenv 2.5.0 released:
- Add support for Ubuntu 20.04
- Fix dependency issue for suse
nginx has been released at 10.1.1:
- Change resource logging to use Chef::Log instead of the log resource. Resource update status reporting may change. The log resource always implies the surrounding resource was updated.
- Update the resource documentation to clarify extra variables properties
- Automated PR: Standardising Files (various PRs)
openvpn has been released at 5.1.1:
- Install tar package (thanks @Ryan Zimmerman )
In progress PRs:
- grafana: Feature/support https and subdirectory ( https://github.com/sous-chefs/grafana/pull/377 )
- fileutils: Add rspec and integration testing to the github actions ( https://github.com/sous-chefs/fileutils/pull/4 )
- graphite: use pyenv cookbook instead of poise for python install/usage ( https://github.com/sous-chefs/graphite/pull/350 )
- filesystem: NFS mount support and rewrite the resources as custom resources ( https://github.com/sous-chefs/filesystem/pull/90 )
- pyenv: Rehash fix ( https://github.com/sous-chefs/pyenv/pull/73 )
In addition, @ramereth has been continuing work on updating the nagios cookbook to library/resource based along with updates to the latest apache2 cookbook.
I'm also hoping to have additional OSUOSL students help with Sous Chefs cookbooks that we use so be on the look out!
- Builds for ppc64le are now available for both 15 and 16 on CentOS 7 and 8
- Released 16.3.38, 16.3.45 and 15.13.8
- Should be merging @Tensibai 's MR to add Biome packages later today on 16 and hopefully also including publishing them ( https://gitlab.com/cinc-project/distribution/client/-/merge_requests/42 )
- Now publishing source tarballs of to help folks like @mattray to rebuild stable releases of Cinc ( https://gitlab.com/cinc-project/distribution/client/-/issues/26 ) ( http://downloads.cinc.sh/source/stable/cinc/ )
- The "full" tarballs include the full directory layout to make a reproducible build of Cinc which includes the client, chef (cinc patched) and omnibus-software (cinc patched).
- The current published tarballs might change format as we're still working out the kinks
- Plan to do the same for Auditor, Server and Workstation and any other future projects
- Released 4.22.1 and now includes Habitat Biome Builds! https://bldr.habitat.sh/#/pkgs/cinc/cinc-auditor/latest
- Had our weekly call yesterday with @jgitlin and @Ehlers going over the current status
- Meta tracking issue https://gitlab.com/cinc-project/distribution/server/-/issues/1
- Kanban board for tracking individual issues https://gitlab.com/cinc-project/distribution/server/-/boards
- Waiting on upstream review for new server dist constants in chef-utils ( https://github.com/chef/chef/pull/10213 ) (thanks @Ehlers )
- @jgitlin has been working on fixing workmark issues with cinc-server-ctl and private-chef-cookbooks
- @Ehlers has been looking into workmark issues with oc-chef-pedant
- Still doing weekly zoom calls on Wednesdays at 11AM PDT for the foreseeable future. DM @ramereth for details for that call if you want to join and help!