Meeting notes for March 3rd, 2022

Community Meetings
1

Below are the meeting notes for this week's Community Meeting, a text-based meeting held weekly in #community-meetings on our community slack, which you can join: https://community-slack.chef.io/

DevRel/Community

Kiah shared

Let’s kick things off with some updates from DevRel:

In case you missed it, Dan talked about Policyfile basics earlier today on the live stream! Check out the replay on YouTube

Policyfile basics

Upcoming Webinars:
Mar 9th - Infra BP Tags
Mar 16th - InSpec Best Practices, Container Security
March 30th - Desktop Codify Your Fleet Instead!

Next week’s live streams:

Mar 8th: InSpec Best Practices

Mar 9th: Habitat Office Hours

Mar 10th: Appsembler Learning Platform with Kimball Johnson

Tune in on YT or Twitch

Chef Software

ChefSoftware - Twitch

This week’s releases

Chef Automate

Kiah shared

Automate 2 version 20220223121207 Released! This release improved telemetry coverage for Chef Infra Server Roles under Infrastructure.

Chef Infra Server

Kiah shared

Chef Infra Server 14.13.42 Released! This release contains a few small bugs/improvements as well as an OpenJDK update.

Updates

Chef Automate

Ankur Mundhra shared

Hello community
This week the team worked on:

  • New opt-in telemetry events have been released for Roles tab in Infra Server views
  • Integration test improvements for Infra Server views
  • Evaluation of deploying Automate HA on 5 node cluster is complete
  • Security improvement to ensure that sensitive information is not part URL
  • Testing Elasticsearch upgrade use case of earlier HA installation
  • Blog on upcoming change in Automate versioning and release numbering
  • A milestone release is around the corner

Chef Habitat

mwrockx shared

Hello from Habitat!
This week's updates:

  • Making progress on next core-plans refresh
  • Working on auto bumping core plan versions
  • Investigating build order of core plan refresh
  • Investigating rolling deployment bug when demoting package from a tracking channel while a rolling update is in progress
  • Working to resolve docker studio supervisor on M1 platform
  • Working to add backoff/retry for run and init hooks
  • Working to add better validation of "hab sup run" args whrn not including a package to run

Chef Infra Client

tas50 shared

We have a few items for everyone this week

  • Onboarding our new team member and finally documenting how everything in the Infra Client works so this becomes easier next time
  • Adding Ruby 3.1 testing to all our dependencies and getting CI in order
  • Wrestling with some remaining CI failures after bumping to 18.x
  • Investigating high priority Windows issues to hand off to our Desktop team
  • Updated libffi, libarchive, and nokogiri to the latest versions
  • Resolved 2 yum regressions introduced in 17.9.18 (expect a patch release for this)
  • Added train-rest as a dependency as the start of our remote device management work. Thanks @theinen
  • Added support for parsing mutlipath routing in Ohai

Chef Infra Server

Lincoln shared

  1. Released Chef Infra Server 14.13.42:
  • Support for Multiple DNS Names
  • Updated the nginx configuration for Chef Infra Server to support scenarios where the Infra Server has multiple DNS names that clients are configured to use.
  • Resolved an error running chef-server-ctl user-create with the –prompt-for-password flag.
  • Sentry APM Removal
  • Removed support for Sentry application performance monitoring in oc-id.
  • Habitat packages of Chef Infra Server are now built against the latest core-plans update, updating many of the dependencies used by Infra Server.
  • Updated Ruby on Rails to 6.1.4.6 (resolve CVE-2021-22904).
  • OpenJDK updated from 11.0.13 to 11.0.14 to resolve the following CVEs:

CVE-2022-21248: Enhance cross VM serialization
CVE-2022-21283: Better String matching
CVE-2022-21291: Better verification of scan methods
CVE-2022-21293: Improve String constructions
CVE-2022-21294: Enhance construction of Identity maps
CVE-2022-21282: Better resolution of URIs
CVE-2022-21296: Improve SAX Parser configuration management
CVE-2022-21299: Improved scanning of XML entities
CVE-2022-21277: Improve TIFF file handling
CVE-2022-21305: Better array indexing
CVE-2022-21340: Verify Jar Verification
CVE-2022-21341: Improve serial forms for transport
CVE-2022-21360: Enhance BMP image support
CVE-2022-21365: Enhanced BMP processing

  1. Current Work:
  • Upgrading to Erlang 24.2.2.
  • Adding support for migrating the internal Elasticsearch users to Opensearch.
  • Adding preflight checks to make sure Elasticsearch is not in readonly mode (bug fix).
  • Upgrading from AWS sigv2 authentication to sigv4.
  • Server-side secrets implementation.

Chef Inspec

cwolfe shared

The Chef InSpec Team has been working on:

  • Continuing work on loading gem dependencies from a profile
  • New ipnat resource
  • Planning for Q2
  • Fixing the inspec automate version commandStarting work on a resource code generator ( inspec init resource )

Chef Workstation

Vikram Karve shared

Hi All! Here is what Workstation & Community Tools are working on

Released build 22.2.807 with changes below

  • Address regression introduced in ChefSpecAddress an issue with cached cookbooks

Ready for release (but there is a release blocker specific to macos m1 that we are resolving)

  • Introduced network interface addition support in kitchen-vcenterAddress regression in cookbook caching- thanks @karmix!

Work-in-progress

  • Moving knife supermarket to chef supermarketUpdating test-kitchen and plugins to Ruby 3.1(Shelved for now) Wrapping up implementation of chef env in Golang.Adding telemetry support in chef CLI execution on WorkstationFix to knife user create issue being reviewed

Sous Chefs

ramereth shared

Hello from the Sous Chefs!

Here's the list of new releases in the past week:

  • openvpn - 6.1.0: Add certificate properties to user resource

  • rsyslog - 9.1.0

  • Use gnutls for TLS support on CentOS 7

  • Update tested platforms

  • Switch to reusable CI workflow

Cinc Updates

ramereth shared

Hello from the Cinc Project!

Workstation

  • Released 22.2.807

Server

  • Working on resolving run-time issues with 14.13.42 before releasing

  • We're making more progress on the upstream word mark replacement (new!) pull request

  • We'll be making a 14.13.42 release via the current channel including fixes from this PR as a way for people to test it

I've also started looking at adding native Cinc support (using dist constants) in test-kitchen instead of relying on making changes to yml files

See you next week!

2

This topic was automatically closed after 3 days. New replies are no longer allowed.