Meeting notes for May 7th, 2020

Below are the meeting notes for this week's Community Meeting, a text-based meeting held weekly in #community-meetings on our community slack, which you can join:


bennyvasquez shared

  • We’ll be live on Friday on Twitch starting at 11am Pacific with Tim and Lamont, and Chef 16! Join us at
  • ChefConf Online Live Studio Audience Sessions continue! Don’t miss out on your faves. for the schedule. Sign up for the main event on June 2 at
  • The Learn Chef team has been working hard on planning to move content over from our existing platform to the new one, in preparation for launching around ChefConf. It’s gonna be gud, so definitely keep your eyes out.

This week’s releases

Chef Automate

tas50 shared

Automate 20200429153636 shipped with a pile of new features and improvements

Chef Habitat

tas50 shared

Oh I should also mention that we did our Core Plans refresh for Habitat last week so all the low level packages are all nice and fancy now

Chef Infra Client

tas50 shared

Chef Infra Client 16.0.275 shipped with some regression fixes for 16.0

Chef Inspec

tas50 shared

InSpec 4.8.111 shipped and you can now use the same name for controls and inputs:

Sous Chefs

Xorima shared

This week sous-chefs have released a few cookbooks

Aptly - 2.1.1
bsdcpio - 1.0.3
confluence - 2.6.0
consul - 4.0.1
dnsmasq - 0.3.3
emacs - 0.11.0
fail2ban - 6.2.1
filesystem - 2.0.0
kafka - 3.1.0
memcached - 6.0.1
mongodb - 4.0.0
mysql - 8.7.0
nagios - 8.2.1
nexus - 4.0.2
nano - 2.0.2
nginx - 10.1.0
nginx_simplecgi - 0.3.1
npm_lazy - 2.0.1
ossec - 1.2.1
passenger_apache2 - 4.0.0
percona - 0.17.0
php - 7.1.0
pyenv - 3.2.0
redisio - 4.1.0
reprepro - 2.0.0
ruby_rbenv - 2.3.2
rundeck - 5.1.0
sc-chruby - 00.1.0
sc-nxlog 0.10.0
sensors - 1.2.0
smartmontools - 2.0.0
snort - 5.0.0
squid - 4.3.0
syslog_ng - 0.3.5
tomcat - 3.4.0
unbound - 2.0.0
varnish - 4.1.0
vscode - 1.0.2
zabbix-agent 0.15.1


ramereth shared

  • Released Cinc Client 16.0.275 and Cinc Auditor 4.18.111

Other releases

tas50 shared

We also shipped just about the whole Test Kitchen world yesterday. Test Kitchen itself, kitchen-dokken, kitchen-ec2, kitchen-azurerm, kitchen-hyperv, and kitchen-pester all shipped.

  • Test Kitchen now supports /ohai directory plugins and resolves failures using the PowerShell provisioner
  • Kitchen AzureRM got a few more fixes related to auth
  • Kitchen Hyper-V will now correctly return the default VM Switch if it has a space in the name
  • Kitchen EC2 will now attempt to balance the systems across AZs by picking the subnet with the most available IPs.
  • Kitchen-Dokken has a new option clean_dokken_sandbox` that can be set to false to skip the cleanup of the Kitchen files between converges


Chef Automate

Alex Pop shared

  • We fixed the /status API endpoint that shows the health of the Automate services
  • A team effort across InSpec, Audit cookbook, effortless content and Automate to reduce the size of the compliance reports and avoid large ones that can’t be ingested.
  • We improved error messages when adding credentials (e.g. SSH key)
  • The config management nodes are getting more first class attributes (e.g. ipaddress, timezone, macaddress, etc)
  • Fixed a bug where waived control counts for a report were incorrect.
  • Added a parameter to specify the buffer for the compliance ingestion pipeline. Once the buffer is full, reports will be rejected.
  • Switched to newer versions of InSpec, ElasticSearch and Postgres.
  • Made improvements to documentation and release notes.
  • Improved the automated testing to reduce flaky tests and improve coverage.
  • Continued with IAM v2 bugs and cleanup

Chef Habitat

sdmacfarlane shared

Greetings from the Habitat team!

  • Refactoring the docker exporter, it will be named the container exporter going forward
  • Config file support for the supervisor was merged
  • Research into improving service updates
  • Adding additional deployment patterns for on-prem-builder
  • Starting research for notifications from builder
  • Validating build order produced by graph work, documenting edge cases.

Chef Infra Server

prajakta shared

This week we have been continuing forward progress on enabling bookshelf to accept signature v4 and adding some metrics for request counts and request latency for external accesses from Chef Infra Server.

Chef Infra Client

tas50 shared

  • Working to release another Hotfix for 16.x with another Windows package fix and a launchd fix
  • More docs automation. The resource docs at have gotten a lot better in the last week
  • Working on dnf/yum 'version' property so we can support version splats like 1.2.*
  • Backporting the knife config improvements from Chef Infra Client 16 to the upcoming 15.11 release. This will start throwing a large number of deprecations depending on how you were using the configs from the CLI and the config.rb/knife.rb
  • Improving our Test Kitchen tests to cover more resources and run faster

Chef Inspec

Stocksy shared

This week we had the release of 4.18.111 with a couple of bug fixes for working with inputs:

  • Fixed not being able to have an input and a control with the same name.
  • Fixed confusing warnings appearing when an input has no default value but does have a user supplied

We had some nice merges this week:

  • A couple of fixes to documentation
  • A new --reporter_message_truncation option to truncate the message field for test failures in reports
  • A new --reporter_backtrace_inclusion option to choose whether to include Ruby backtraces for test errors in reports.

There's other interesting changes in currently open PRs, including a new "reporter plugins" feature to allow you to create plugins to output InSpec results in any format.

Chef Workstation

tas50 shared

  • Did a bunch of work on Ruby 2.7 in Workstation with the PR merged

  • Continued work on the chef-analyze command

  • Prep for a 0.18 release before shipping a Chef Infra Client 16 / Ruby 2.7 Workstation 20.5 (data based so may 2020)

Sous Chefs

tas50 shared

Folks might notice that Tomcat is now on that Sous Chefs list. We transferred that over earlier this week. That continues our goal of moving OS level functionality into Chef Infra Client itself and moving apps to the community where they can be maintained by subject matter experts

xorima shared

It’s that time of year again - to start thinking about the Sous Chef board for next year. I will post this several more times as we get closer to Chef Conf (as we’re planning around that time for the actual voting). If you would like to be considered for the Sous Chef board for the 2020-2021 season, please fill out the form! If there is someone you think should be on the board, please suggest they add themselves (don’t want anyone nominated without their knowledge - should be volunteer basis )

Our community meeting is straight after this so maybe we will see you there in #sous-chefs

Cinc Updates

ramereth shared

Hello from the Cinc Project!

  • Enabled FIPS on openssl for Cinc Client on Linux & Windows builds which matches upstream builds (16.0.275 includes this fix)
  • Completed Docker build automation and prepped it for multi-arch support

In-progress and/or future work:

  • @ramereth started looking into the Cinc Server MR
  • Cinc Workstation: No updates on trademark removal, been rebasing against upstream/master weekly to ensure we're ready for the next upstream release
  • Adding ppc64le/aarch64 builds for Cinc Client
  • Getting Cinc Infrastructure managed via Cinc Client

BobChaos shared

The second implementation of dist.rb is almost complete. All the constants have been moved into chef-utils and they have been reorganized like so: ChefUtils::Dist::Infra::PRODUCT

So basically I'm nesting them one level deeper so that each product can have it's own PRODUCT constant, for instance

I just need to split all the product classes into seperate files and fix the require statements and it's ready to PR.

We've received word from Chef via @benny Vasquez that they've looked into Cinc Auditor and found only one little thing to be objectionable, which we'll be addressing soon. Overall it's great news.

jgitlin shared

Not much progress on the Cinc Server side, I'm afraid. Been busy with other projects from work. @ramereth has been improving the server build process and we got a PR over to @prajakta for an initial Wordmarks patch

See you next week!

This topic was automatically closed after 3 days. New replies are no longer allowed.