Below are the meeting notes for last week's meeting.
- ChefConf update! With the pandemic, we couldn’t keep asking our community to risk themselves, so we’re moving to a digital experience. More information in this blog post
- We have released a new Learn Chef Rally module called Security Best Practices for OS Hardening https://learn.chef.io/modules/os-hardening#/
This week’s releases
The Automate team released Automate 20200310163217 with improvements for compliance report fetching / waivers and better handling of deleted nodes. https://discourse.chef.io/t/automate-2-version-20200310163217-released/16817
Last week @robbkidd shipped Supermarket 3.3.20 with a number of dependency updates to resolve gem CVEs and an update to prevent unsafe links to cross-origin destinations - https://discourse.chef.io/t/supermarket-3-3-20-released/16818
Kitchen-ec2 3.4.0 shipped with proper handling of nodes that no longer exists in AWS when running kitchen destroy https://github.com/test-kitchen/kitchen-ec2/blob/master/CHANGELOG.md
Alex Pop shared
For the past week, we focused on these main epics: Compliance waivers UI, Habitat Builder in Automate, EAS Dashboard, IAM, automated documentation, refactoring and cleanup.
A quiet week, no new releases. There are some great contributions to InSpec currently in code review, we hope to merge soon.
Greetings from the Habitat team. This week in Habitat has been mostly preparation work for the first two bullet points
- Builder release postponed to 3/24
- Habitat release today
- Config file for the supervisor spike, creating defaults from a running supervisor
The Chef Workstation team has continued working on the
chef analyze tool. Our current sprint expanded on our new tooling to help users clone an existing node into a local instance for testing. Our goal is to have that in a usable form by next sprint.We also aligned our Chef Workstation release schedule to our sprint cadence, so we should have a release every two weeks.
We also aligned our Chef Workstation release schedule to our sprint cadence, so we should have a release every two weeks.
Chef Infra Server
Hello! For the Chef-Infra-Server we continue to make progress on fixing the regression with FIPS and working on the proof-of-concept for aws sig_v4.
Chef Infra Client
- Working on adding chef_client_scheduled_task and new chef_client_cron resources to core
- Merged in group support in windows_firewall_rule
- Updated the log resource to no longer update. Users should use the notify_group resource instead to handle aggregate notifications
- Several new Ohai plugins merged thanks to Facebook
- New alternatives resource merged into core
- New user_ulimit resource merged into core
- Ruby cleanup in the packages has been improved to reduce the install size by 25% on macOS and Linux platforms
- Working on modernizing the DNF provider to match the work done in the YUM provider for Chef Infra Client 15.
- Continuing to improve yaml recipe support functionality
It’s been a quiet week for us as well with no releases. Couple updates worth sharing:
The java and ruby_build cookbooks are moving towards custom resources.
There are others that need the conversion as well
consul comes to mind.
not much to report on our end. A small fix was submitted to some ERB templates in chef/chef
we do however have a newcomer, @jgitlin , who has begone work on Chef Server dist implementation. Welcome to the party jgitlin!
My fb_stunnel and fb_profile cookbooks were recently merged to https://github.com/facebook/chef-cookbooks/ . In addition, I don't know if @nreeves mentioned this last week since I was at SCALE, but just in case, a few weeks ago, Facebook folks opensourced 11 more core coookbooks ( fb_chrony , fb_e2fsprogs , fb_ethtool , fb_grubby , fb_hostname , fb_less , fb_mlocate , fb_nscd , fb_screen , fb_sysstat , fb_util_linux ) - so if you use their stack, there's a lot of goodness in there.