Meeting notes for March 18th, 2021

Below are the meeting notes for this week's Community Meeting, a text-based meeting held weekly in #community-meetings on our community slack, which you can join:


benny Vasquez shared

First off, I’ve got a bunch of community stuff for you.

We’ve got two webinars coming up. One is today, and it’s the final one in the series from @tas50 . March 18th, 11:30 AM PST - Part 3: Testing Chef Infra Cookbooks Fast with Docker

The second is March 25th, at 10AM PT:

I also wanted to mention that we’re going to miss the goal of starting our monthly roadmap webinars in March (the one we mentioned in this blog post ), but they’re still coming. Expect to see them coming in April.

We’ve launched the new Ruby Essentials course on Learn Chef, so if you’ve got someone new to the ecosystem it’ll get them started. We’ve also got another two courses (intermediate ruby and bash) on their way in the next month or so.

And finally from me, we’ve got a Save the Date out for ChefConf 2021 . If you want to get signed up for updates, this is the place to do it!

This week’s releases

Chef Automate

benny Vasquez shared

A new version of Automate has been released. This one includes bringing more Infra Server capabilities to Automate UI (deleting objects and creating clients), shift to AdoptOpenJDK, ES upgrade to 6.8.14, solving connectivity issues to external ES and more. The release notes are on discourse .

Chef Infra Server

benny Vasquez shared

We released Infra Server 14.2.2 this week. This release includes the first iteration of our Elasticsearch 7 support. For this release you’ll be able to use external ES 7 instances during new installs of Infra Server. In a future release we’ll be adding support for upgrading existing embedded or external ES 6 installs up to ES 7. More details are also on discourse .

Chef Infra Client

benny Vasquez shared

And finally, Chef Infra Client 16.11 shipped yesterday. This release disables the new Compliance Phase unless users explicitly opt-in with a new node attribute, and also includes M1 native builds for everyone cool enough to have new Macs.


Chef Infra Client

tas50 shared

Like @benny (she/her) said we had some great updates this week from the Infra Client and Infra Server teams. It's always nice to be able to ship stuff you've been posting as status updates for a while

Chef Infra Client

  • 16.11.7 shipped with improvements to the upcoming Compliance Phase and new Apple M1 mac builds
  • A new mixlib-install release shipped with fixes for some chef_client_updater cookbook users
  • Ruby 3 upgrade work is nearly complete
  • Work to split the knife gem continues
  • Work moving client.pem files into the windows certificate store continues
  • The execute resource has a new login property to create a new login shell when running the command. This gives you all the env vars you'll need

Look out for Ruby 3 builds of Infra Client coming real soon

Chef Infra Server

tas50 shared

Chef Infra Server

  • Chef Infra Server 14.2.2 shipped with important security updates and the ability to use external Elastic Search 7 for new installations
  • Work continues on upgrading the embedded Elasticsearch, postgresql, and rails
  • PRs are in flight for a newmaintenance command to chef-server-ctl, updates to all our erlang deps, and an issue with the API returning a success when a node is not actually deleted

It's also worth pointing out that we've managed to ship Infra Server twice in 20 days to rapidly get CVE fixes out as the patches are ready. This is up from 2-3 releases a year as we've done in the past. This is possible now due to a ton of hard work over the last year to improve our build validation infrastructure.

Chef Workstation

mparadise shared

Not much this week - work is continuing on adding solars and macos support to chef-run , and we're starting to tackle some long-standing Workstation App issues.

Sous Chefs

ramereth shared

Hello from Sous Chefs! Here's the list of new releases in the past week:

  • chef-splunk - 7.2.0: Sous Chefs Adoption
  • consul - 4.4.0: Added the ability to define open file limit for the consul service
  • deb_pkg_unautostart - 2.1.0: Sous Chefs Adoption
  • mysql - 10.1.0: Add dependency on apparmor cookbook to fix #660
  • mysql - 10.1.1: Fix db initialization status correctly on MySQL 8.0
  • openvpn - 5.3.0: Fix openvpn_conf template handling
  • remote_install - 2.1.0: Sous Chefs Adoption / Initial public release
  • syslog_ng - 2.0.0: Package resource run in unified mode / Remove package exclusion logic from ruby_block
  • users - 6.0.1: Fix invalid checking of user[:uid] which could lead to root owning the users folders and files. Thanks @evandam
  • users - 6.0.0: Major refactor including built-in support for using databags. See changelog for more details.

Some adoption PRs currently in progress:

Thanks to the OSUOSL students for working on getting these cookbooks cleaned up and adopted to Sous Chefs!

Cinc Updates

ramereth shared

Hello from the Cinc Project!

Cinc Auditor

  • Released 4.28.0

Cinc Server

  • Still working on resolving some build failures for releasing 14.1.0
  • Will work on a build for 14.2.2 once we have the build failures resolved
  • Looks like we better get our builds fixed soon so we can keep up with those CVE releases!

Cinc Client

  • Working on getting M1 MacOS Gitlab runner setup before building/releasing 16.11.7
  • Hoping to get a release out in the day or two

We have a public triage zoom meetings bi-weekly that everyone is welcome to join. Our next public triage will be on March 24 at 11AM PDT. I'll send a meeting link in the #community-distros channel when the meeting starts.

Other updates

ramereth shared

I'm working on revamping the cpu ohai plugin to use the lscpu binary by default for inclusion in Chef 17. It'll bring in a lot of new attributes and also fix some data for non-x86 hardware.

I also just noticed that newer versions of lscpu includes cpu vulnerability data, so I'll make sure to get that added too.

See you next week!

This topic was automatically closed after 3 days. New replies are no longer allowed.