NOTE: Adding this to the top, so it doesn’t get missed:
It's that time of the year again for the Sous Chef Board candidate selection . If you would like to be considered for the Sous Chef board - add your name here. The candidate selection will end at the end of today!
Below are the meeting notes for this week's Community Meeting, a text-based meeting held weekly in Community Meetings on our community slack, which you can join: https://community-slack.chef.io/
DevRel/Community
benny Vasquez shared
Up first, and in case you missed it, we launched the Automate for Good Hackathon at #chefconf last week. You’ve got just over 5 more weeks to show us how you improve lives through automation and earn your part of $60k in prizes (1st place takes home $15,000). We’re live-streaming every Tuesday with important topics around the hackathon, so keep an eye out and join #hackathon for news and excitement there.
Speaking of ChefConf, all of the sessions (except the coffee chats which were not recorded and were honestly really fun) are now available on-demand, including both keynotes and the live Q&A that we did on day 2. DevOps Conference of the Year - ChefConf 2023 | Chef
And one more thing from me: @kgarmoe is working on updating the navigation on docs.chef.io with the goal of a unified navigation scheme where each product follows THE SAME headers. Initially it’ll be in an a/b test (that launches today), but we’ll be rolling out changes between now and December 1st. If you want to see some of it, this PR talks a bit about the updates on the Infra side: Infra Nav Update by kagarmoe · Pull Request #3330 · chef/chef-web-docs · GitHub
From her: “The most important parts here are 1. these changes will happen over the next 10 weeks, large changes at first and then smaller refinements. And 2. There will be A\B testing, so the 30% of the time folks will see something provisional, and then you may never see that particular thing again.”
If you wanna share feedback about that as we’re going, you can send it to docs@chef.io
This week’s releases
Chef Automate
benny Vasquez shared
And the Chef Automate team put out another impressive release with new features, improvements, and a slew of Compliance Profile updates: Automate 2 version 20210907035717 Released! .
Chef Habitat
benny Vasquez shared
The Habitat team had a pretty massive update this week, with a core-plan refresh that’s been months in the building. I’m sure @mwrockx will talk a bit more about it, but here’s the Discourse link: Habitat Package Refresh 2021
Chef Infra Server
benny Vasquez shared
Chef Infra Server had a release with a few updates (including OpenSSL, OpenJDK, and libearchive) and some bug fixes: Chef Infra Server 14.9.23 Released!
Updates
Chef Automate
benny shared, on behalf of Ankur Mundhra:
Automate team is working on:
- Data feed feature: Integration with ServiceNow, Splunk, Minio and more using consistent UI in an easy way.
- Components for Automate HA being moved to automate repository
- Web session timeout and idle timeout capability
- Improvements and feature expansion, like runlist dependencies on policyfile and policy group views
- Telemetry improvements with simpler flows
Chef Habitat
mwrockx shared
Hello from Habitat!
This week's updates are:
- Finalized and released core-plans refresh
- Performing some post refresh grooming and cleanup
- Spiking on a neo4j build order calculation
- NATS library overhaul
- Investigating builder bug not rendering all releases
- Troubleshooting post refresh issues with habitat verify pipeline
Chef Infra Client
tas50 shared
We have some great stuff in the works for Infra Client that's just about ready to release
- We're very close to merging our updates to compliance phase that allows you to ship compliance content directly in your cookbooks so you can develop and ship compliance/infra content in a single CI pipeline.
- Once the Compliance Phase updates are merged we'll ship 17.5. Here's what's new so far: Home · chef/chef Wiki · GitHub
- We added HashiCorp Vault token fetching support to the secrets helper
- We added Akeyless Vault token fetching support to the secrets helper
- Our corefoundation gem is coming along nicely and this is going to let us manage Mac resources natively using Apple's APIs instead of their often incomplete CLI tools.
- We got some great community PRs this week:
- The mount resource now allows you to mount devices to root
- The chef_client_scheduled_task resource has a new priority property and a use_consistent_splay property so that it always uses the same random splay per node.
- The CLI --recipe-url flag now accepts S3 buckets so you can store Solo content in S3 and pull it directly to nodes.
Chef Infra Server
benny shared, on behalf of Vinay Satish
Hi All! There were a couple of updates from Chef Infra Server this week
- Chef Infra Server 14.9.23 was released: Chef Infra Server 14.9.23 Released!
- The bug for Automate build are fixed with the release
- Updated OpenSSL from 1.0.2y to 1.0.2za
- Updated OpenJDK JRE used to run Elasticsearch from 11.0.11+9 to 11.0.12+7
- The postgresql is set to 13.3 to support all possible upgrade scenarios
- We started looking into a issue where the CPU started shooting up in case of upgrade from 12.x version: Chef CPU high usage and web server failing · Issue #2787 · chef/chef-server · GitHub
- We started working on how to support all the chef server manage features into automate UI
Chef Inspec
cwolfe shared
The Chef InSpec team has been working on:
- Integrating cookstyle with inspec check
- Making --tags and --controls work with dependent profiles
- Making the csv resource work when headers are not present
- Various fixes to database resources
Chef Workstation
Vikram Karve shared
Hi All! Here are the updates from Workstation team
We released a new version of Chef Workstation that includes many updates including the ones below
- Solaris support in chef-run
- Updated Cookstyle with 17 new cops & improved performance
- Numerous InSpec fixes
- Optimised chef -v Go implementation is merged to main, speeding up runtime by 10x & more
- Workstation app, kitchen-vagrant plugin fixes and updates
Some release related documentation updates & Slack notifications failed and we are working to fix our Buildkite release pipeline
Ready-for-release
- Added splash screen to workstation app
Work-in-progress
- Implementing integration tests for Go-based changes
- Updating unit tests in chef-cli Cobra framework adoption
- Fixing our Omnibus based release and PR verify pipelines
- Triaging & addressing customer issues & bugs
And we learnt a lot from the presenters at ChefConf!
Sous Chefs
ramereth shared
Hello from Sous Chefs! It's that time of the year again for the Sous Chef Board candidate selection . If you would like to be considered for the Sous Chef board - add your name here . The candidate selection will end at the end of today!
It's been a busy two weeks so I have a lot of updates. I'll try not to show everything at once today. Here's the list of new releases in the past week:
- apparmor - 4.0.0
- Sous Chef Adoption
- Enable unified_mode and require Chef 15.3 or later
- Add node['apparmor']['automatic_reboot'] attribute which is set to false by default to allow for automatic rebooting after enabling or disabling AppArmor
- Add grub config to set apparmor=0 when being disabled
- Run aa-remove-unknown when removing a policy so that it gets properly removed
- Add Debian testing
- aptly - 3.1.0
- Add switch action to aptly_publish resource
- Add Ubuntu 20.04 to testing matrix & remove Ubuntu 16.04
- confluence - 2.6.3: Cookstyle fixes
Next we have a lot of updates on the docker cookbook (mostly by @damacus ):
-
docker - 8.2.3: Fix private registries credentials handling and public registries
-
docker - 8.2.4: Ensure docker_container :health_check is idempotent
-
docker - 8.3.0: Remove Ubuntu 16.04 from the GitHub Actions test matrix & Add amazonlinux-2 to the test matrix
-
docker - 9.0.0
- Move the docker_volume resources to a custom resource
- Add the base partial for all future resources
- Require Chef 16+ for resource partial support
-
docker - 9.1.0: Move the docker_container resource to a custom resource
-
docker - 9.2.0: Move the docker_exec library to a custom resource
-
docker - 9.3.0: Update and sync log drivers list for docker_service_manager and docker_container
-
docker - 9.3.1: Move the Docker log properties to a partial
-
docker - 9.4.0: Add ip and ip6 properties to docker_network
-
docker - 9.5.0: Move the docker_network library to a custom resource
-
docker - 9.6.0: Move the docker_plugin library to a custom resource
-
firewall - 4.0.0
- Remove dependency on chef-sugar cookbook
- Bump to require Chef Infra Client >= 15.5 for chef-utils
-
github - 1.0.0
- Sous-Chefs adoption
- Migrate to modern custom resources and enable unified_mode
- Remove dependency on libarchive
- Replace extract method with using the archive_file native resource
- Various style fixes
-
jenkins - 9.4.0: Add user and password to jenkins_proxy
-
jenkins - 9.5.0: Add new attribute repository_name to set the name of the repository
-
line - 4.4.0: Cookstyle fixes
-
nginx - 12.0.6
- Fix repo helper incorrect version for SLES
- Set default user/group to root for Debian/Ubuntu platforms
-
nodejs - 9.0.0
- Update the default version to 14 LTS
- Remove testing for EOL platforms & add Debian 11 testing
- Fix release version to use for Amazon Linux
-
ossec - 1.2.5: Cookstyle fixes
-
php - 9.0.0: Enable unified_mode for Chef 17 compatibility
-
redisio - 5.0.0: Cookstyle fixes
-
redisio - 6.0.0
- Set unified_mode true for Chef 17+ support
- Require Chef 16 for user_ulimit resource
- Remove dependency on the ulimit cookbook
- Switch from using the selinux_policy cookbook to the selinux cookbook
-
redisio - 6.1.0: Add protected mode to sentinel configuration file
-
selinux - 6.0.0:
- Import selinux_policy resources into this cookbook ( _fcontext , _permissive , and _port )
- selinux_policy_module not imported since it is a duplicate of selinux_module
-
sql_server - 7.0.0
- Remove windows cookbook dependency as it is no longer maintained
- Various fixes for the CI testing
-
sql_server - 8.0.0:
- Remove windows cookbook dependency as it is no longer maintained
- various fixes for the CI testing
The selinux_policy cookbook will be deprecated soon in favor of the selinux cookbook. Thanks to @Robert Detjens , we have imported all of the resources from that cookbook to the selinux cookbook reducing the need for both cookbooks. There will be a final release to update the README before moving it to the boneyard.
We also recently imported the bind and nfs cookbooks which we'll be properly adopting soon and cleaning up.
Cinc Updates
ramereth shared
Hello from the Cinc Project!
Cinc Workstation
- Released of 21.9.613 via unstable channel
- This included some fun changes in main-chef-wrapper that we had to adjust for
Cinc Server
- First pass of upstream word mark replacements is up https://github.com/chef/chef-server/pull/2808 (thanks @jgitlin )
- We still haven't had time to look into the build/runtime issues with the last few releases. Hopefully we'll get a chance to look at this more in the coming week(s)
Other updates
tas50 shared
Supermarket 4.0 is about ready to ship. We're just waiting on an all new Supermarket staging/prod environment that's being built out by our Ops team. Once we do a bit more validation in staging we'll ship that out. Here's everything that's new: Pending Release Notes · chef/supermarket Wiki · GitHub
Chef Mange 3.1 is also about ready to ship. We just merged in a nice big tech-debt upgrade there: Rails 5.2 -> 6.1, Ruby 2.6 -> 2.7, and Chef Infra Client 15 -> 16