Meeting notes for September 16th, 2021

NOTE: Adding this to the top, so it doesn’t get missed:

It's that time of the year again for the Sous Chef Board candidate selection . If you would like to be considered for the Sous Chef board - add your name here. The candidate selection will end at the end of today!

Below are the meeting notes for this week's Community Meeting, a text-based meeting held weekly in Community Meetings on our community slack, which you can join:


benny Vasquez shared

Up first, and in case you missed it, we launched the Automate for Good Hackathon at #chefconf last week. You’ve got just over 5 more weeks to show us how you improve lives through automation and earn your part of $60k in prizes (1st place takes home $15,000). We’re live-streaming every Tuesday with important topics around the hackathon, so keep an eye out and join #hackathon for news and excitement there.

Speaking of ChefConf, all of the sessions (except the coffee chats which were not recorded and were honestly really fun) are now available on-demand, including both keynotes and the live Q&A that we did on day 2. DevOps Conference of the Year - ChefConf 2023 | Chef

And one more thing from me: @kgarmoe is working on updating the navigation on with the goal of a unified navigation scheme where each product follows THE SAME headers. Initially it’ll be in an a/b test (that launches today), but we’ll be rolling out changes between now and December 1st. If you want to see some of it, this PR talks a bit about the updates on the Infra side: Infra Nav Update by kagarmoe · Pull Request #3330 · chef/chef-web-docs · GitHub

From her: “The most important parts here are 1. these changes will happen over the next 10 weeks, large changes at first and then smaller refinements. And 2. There will be A\B testing, so the 30% of the time folks will see something provisional, and then you may never see that particular thing again.”

If you wanna share feedback about that as we’re going, you can send it to

This week’s releases

Chef Automate

benny Vasquez shared

And the Chef Automate team put out another impressive release with new features, improvements, and a slew of Compliance Profile updates: Automate 2 version 20210907035717 Released! .

Chef Habitat

benny Vasquez shared

The Habitat team had a pretty massive update this week, with a core-plan refresh that’s been months in the building. I’m sure @mwrockx will talk a bit more about it, but here’s the Discourse link: Habitat Package Refresh 2021

Chef Infra Server

benny Vasquez shared

Chef Infra Server had a release with a few updates (including OpenSSL, OpenJDK, and libearchive) and some bug fixes: Chef Infra Server 14.9.23 Released!


Chef Automate

benny shared, on behalf of Ankur Mundhra:

Automate team is working on:

  • Data feed feature: Integration with ServiceNow, Splunk, Minio and more using consistent UI in an easy way.
  • Components for Automate HA being moved to automate repository
  • Web session timeout and idle timeout capability
  • Improvements and feature expansion, like runlist dependencies on policyfile and policy group views
  • Telemetry improvements with simpler flows

Chef Habitat

mwrockx shared

Hello from Habitat!

This week's updates are:

  • Finalized and released core-plans refresh
  • Performing some post refresh grooming and cleanup
  • Spiking on a neo4j build order calculation
  • NATS library overhaul
  • Investigating builder bug not rendering all releases
  • Troubleshooting post refresh issues with habitat verify pipeline

Chef Infra Client

tas50 shared

We have some great stuff in the works for Infra Client that's just about ready to release

  • We're very close to merging our updates to compliance phase that allows you to ship compliance content directly in your cookbooks so you can develop and ship compliance/infra content in a single CI pipeline.
    • Once the Compliance Phase updates are merged we'll ship 17.5. Here's what's new so far: Home · chef/chef Wiki · GitHub
    • We added HashiCorp Vault token fetching support to the secrets helper
    • We added Akeyless Vault token fetching support to the secrets helper
    • Our corefoundation gem is coming along nicely and this is going to let us manage Mac resources natively using Apple's APIs instead of their often incomplete CLI tools.
    • We got some great community PRs this week:
      • The mount resource now allows you to mount devices to root
      • The chef_client_scheduled_task resource has a new priority property and a use_consistent_splay property so that it always uses the same random splay per node.
      • The CLI --recipe-url flag now accepts S3 buckets so you can store Solo content in S3 and pull it directly to nodes.

Chef Infra Server

benny shared, on behalf of Vinay Satish

Hi All! There were a couple of updates from Chef Infra Server this week

Chef Inspec

cwolfe shared

The Chef InSpec team has been working on:

  • Integrating cookstyle with inspec check
  • Making --tags and --controls work with dependent profiles
  • Making the csv resource work when headers are not present
  • Various fixes to database resources

Chef Workstation

Vikram Karve shared

Hi All! Here are the updates from Workstation team

We released a new version of Chef Workstation that includes many updates including the ones below

  • Solaris support in chef-run
  • Updated Cookstyle with 17 new cops & improved performance
  • Numerous InSpec fixes
  • Optimised chef -v Go implementation is merged to main, speeding up runtime by 10x & more
  • Workstation app, kitchen-vagrant plugin fixes and updates

Some release related documentation updates & Slack notifications failed and we are working to fix our Buildkite release pipeline


  • Added splash screen to workstation app


  • Implementing integration tests for Go-based changes
  • Updating unit tests in chef-cli Cobra framework adoption
  • Fixing our Omnibus based release and PR verify pipelines
  • Triaging & addressing customer issues & bugs

And we learnt a lot from the presenters at ChefConf!

Sous Chefs

ramereth shared

Hello from Sous Chefs! It's that time of the year again for the Sous Chef Board candidate selection . If you would like to be considered for the Sous Chef board - add your name here . The candidate selection will end at the end of today!

It's been a busy two weeks so I have a lot of updates. I'll try not to show everything at once today. Here's the list of new releases in the past week:

  • apparmor - 4.0.0
    • Sous Chef Adoption
    • Enable unified_mode and require Chef 15.3 or later
    • Add node['apparmor']['automatic_reboot'] attribute which is set to false by default to allow for automatic rebooting after enabling or disabling AppArmor
    • Add grub config to set apparmor=0 when being disabled
    • Run aa-remove-unknown when removing a policy so that it gets properly removed
    • Add Debian testing
  • aptly - 3.1.0
    • Add switch action to aptly_publish resource
    • Add Ubuntu 20.04 to testing matrix & remove Ubuntu 16.04
  • confluence - 2.6.3: Cookstyle fixes

Next we have a lot of updates on the docker cookbook (mostly by @damacus ):

  • docker - 8.2.3: Fix private registries credentials handling and public registries

  • docker - 8.2.4: Ensure docker_container :health_check is idempotent

  • docker - 8.3.0: Remove Ubuntu 16.04 from the GitHub Actions test matrix & Add amazonlinux-2 to the test matrix

  • docker - 9.0.0

    • Move the docker_volume resources to a custom resource
    • Add the base partial for all future resources
    • Require Chef 16+ for resource partial support
  • docker - 9.1.0: Move the docker_container resource to a custom resource

  • docker - 9.2.0: Move the docker_exec library to a custom resource

  • docker - 9.3.0: Update and sync log drivers list for docker_service_manager and docker_container

  • docker - 9.3.1: Move the Docker log properties to a partial

  • docker - 9.4.0: Add ip and ip6 properties to docker_network

  • docker - 9.5.0: Move the docker_network library to a custom resource

  • docker - 9.6.0: Move the docker_plugin library to a custom resource

  • firewall - 4.0.0

    • Remove dependency on chef-sugar cookbook
    • Bump to require Chef Infra Client >= 15.5 for chef-utils
  • github - 1.0.0

    • Sous-Chefs adoption
    • Migrate to modern custom resources and enable unified_mode
    • Remove dependency on libarchive
    • Replace extract method with using the archive_file native resource
    • Various style fixes
  • jenkins - 9.4.0: Add user and password to jenkins_proxy

  • jenkins - 9.5.0: Add new attribute repository_name to set the name of the repository

  • line - 4.4.0: Cookstyle fixes

  • nginx - 12.0.6

    • Fix repo helper incorrect version for SLES
    • Set default user/group to root for Debian/Ubuntu platforms
  • nodejs - 9.0.0

    • Update the default version to 14 LTS
    • Remove testing for EOL platforms & add Debian 11 testing
    • Fix release version to use for Amazon Linux
  • ossec - 1.2.5: Cookstyle fixes

  • php - 9.0.0: Enable unified_mode for Chef 17 compatibility

  • redisio - 5.0.0: Cookstyle fixes

  • redisio - 6.0.0

    • Set unified_mode true for Chef 17+ support
    • Require Chef 16 for user_ulimit resource
    • Remove dependency on the ulimit cookbook
    • Switch from using the selinux_policy cookbook to the selinux cookbook
  • redisio - 6.1.0: Add protected mode to sentinel configuration file

  • selinux - 6.0.0:

    • Import selinux_policy resources into this cookbook ( _fcontext , _permissive , and _port )
    • selinux_policy_module not imported since it is a duplicate of selinux_module
  • sql_server - 7.0.0

    • Remove windows cookbook dependency as it is no longer maintained
    • Various fixes for the CI testing
  • sql_server - 8.0.0:

    • Remove windows cookbook dependency as it is no longer maintained
    • various fixes for the CI testing

The selinux_policy cookbook will be deprecated soon in favor of the selinux cookbook. Thanks to @Robert Detjens , we have imported all of the resources from that cookbook to the selinux cookbook reducing the need for both cookbooks. There will be a final release to update the README before moving it to the boneyard.

We also recently imported the bind and nfs cookbooks which we'll be properly adopting soon and cleaning up.

Cinc Updates

ramereth shared

Hello from the Cinc Project!

Cinc Workstation

  • Released of 21.9.613 via unstable channel
  • This included some fun changes in main-chef-wrapper that we had to adjust for

Cinc Server

  • First pass of upstream word mark replacements is up (thanks @jgitlin )
  • We still haven't had time to look into the build/runtime issues with the last few releases. Hopefully we'll get a chance to look at this more in the coming week(s)

Other updates

tas50 shared

Supermarket 4.0 is about ready to ship. We're just waiting on an all new Supermarket staging/prod environment that's being built out by our Ops team. Once we do a bit more validation in staging we'll ship that out. Here's everything that's new: Pending Release Notes · chef/supermarket Wiki · GitHub

Chef Mange 3.1 is also about ready to ship. We just merged in a nice big tech-debt upgrade there: Rails 5.2 -> 6.1, Ruby 2.6 -> 2.7, and Chef Infra Client 15 -> 16

See you next week!

This topic was automatically closed after 3 days. New replies are no longer allowed.