Meeting notes for September 17th, 2020

Below are the meeting notes for this week's Community Meeting, a text-based meeting held weekly in #community-meetings on our community slack, which you can join:


Got two things that have been in the works for a while coming at ya today

This week’s releases

Chef Infra Client

tas50 shared

Chef Infra Client 15.14 shipped with updated InSpec, many backported resource updates, and new SLES 15 S390x packages + macOS 11 packages.

that also has a CVE fix in openSSL

Chef Inspec

tas50 shared

Chef InSpec 4.23.4 shipped with improvements to specifying inputs as sensitive, a new --no-diff cli option, the ability to set result sorting via the CLI, and the ability to disable caching. Tons of fine grained control improvements for InSpec there.

Other releases

tas50 shared

Chef Backend 2.2.0 shipped with improvements to reduce failovers and updates to the embedded Ruby/Chef

Cookstyle 6.17 shipped with 4 new Chef Infra cops to help migrating off Chef Infra 12 as well as improved detection in existing cops

ChefDK shipped with Chef Infra Client 15.14, updated InSpec, updates to Test Kitchen as well as kitchen-vagrant/kitchen-azurerm. This also ships with that same openSSL CVE fix. but please stop using DK. You're missing out on a HUGE number of updates and improves by using DK

Test Kitchen 2.7.1 shipped. This release marks the chef_solo provisioner as being unsafe for concurrency to prevent failures if passing -c > 1

kitchen-dokken 2.11.0 shipped with a relaxed dependency on the docker-api gem. This new release resolves Ruby 2.7 warnings and removes the pin on an old Docker API version so you can target newer docker APIs. This will potentially allow us to support Windows in the future as well since that required a newer API release

and lastly we shipped a new version of the Jenkins cookbook (8.0.2) with a nice fix to better handle param quoting in the jenkins_job resource.


Chef Habitat

sdmacfarlane shared

Greetings from the Habitat team!

  • Refactoring of Builder AccessTokens
  • Continued work on the Job Scheduler
  • Investigating adding safety/validation checks to the version field of packages.
  • Investigating Rust TLS library ecosystem for some upcoming refactoring

Chef Infra Server

prajakta shared

This week for Chef Infra Server we have been focussed on cleaning up the unused code and configs, documentation and preparing the release for Chef Infra Server 14.

Chef Infra Client

tas50 shared

Here's Chef Infra Client's status updates for this week

Infra Client:

  • Prepping the release of Infra Client 16.5
  • Prepping the release of Cookstyle 6.18 with 2 new Infra cops and 12 new Ruby cops
  • Working to improve documentation generation of resources by moving more docs into the code itself
  • Working on Ohai Target mode
  • Misc cleanup and performance improvements to Ohai/Chef
  • Dist constants for branding of the client have been moved to chef-utils to make maintenance easier
  • Windows file-like resources now all support passing SIDs
  • We are close to enabling our Solaris builds again for Chef 16
  • Starting investigative work into adding PowerShell Core support to our various PowerShell resources

16.5 will either be out today or tomorrow depending on how long the builds take and if there's anything last minute to slip in there

The release notes are up and there's a ton of great improvements, fixes and pretty substantial performance improvements

Chef Inspec

Stocksy shared

This week we released 4.23.4: It includes several improvements for results output (suppress sensitive input values, suppress text diffs, control the ordering of control results). It also includes a bug fix for the postgres_session resource from @StylusEaterChef (thank you!) We're currently working to fix an issue with the new junit2 reporter ( ) and have a number of PRs currently in review!

Chef Workstation

tball shared

Recently we received reports that chef.exe was triggering users' anti-virus software. We confirmed that we are shipping the latest security patches we can and are not shipping malware to users. This is a false positive and we submitted a report as such to Microsoft. They corrected their security definitions and are no longer marking chef.exe as malware. We also submitted a false positive report to McAfee but have yet to hear back from them.I'm still working on the normal Chef Workstation bi-weekly release, trying to get that out ASAP.

Sous Chefs

ramereth shared

We had a lot of releases this week so let's get right to it.

tomcat 3.5.0 has been released (thanks @jakauppila ):

redisio 4.2.0 has been released:

  • New server option 'permissions' to override default (0644) unix permissions on config file

graphite 1.3.1 has been released:

  • resolved cookstyle error: libraries/provider_carbon_conf_accumulator.rb:37:7 refactor: ChefModernize/ActionMethodInResource
  • resolved cookstyle error: libraries/provider_storage_conf_accumulator.rb:37:7 refactor: ChefModernize/ActionMethodInResource
  • Fix frozen method error in libraries/chef_graphite_carbon_config_converter.rb
  • Cookstyle Bot Auto Corrections with Cookstyle 6.16.8

syslog_ng 1.0.1 has been released:

  • resolved cookstyle error: test/cookbooks/syslog_ng_test/recipes/package_copr.rb:22:14 refactor: ChefCorrectness/InvalidPlatformFamilyInCase
  • Fix configuration test running every Chef run regardless of service action - [ @bmhughes ]( )

haproxy 9.0.1 has been released:

  • added lua compilation flags to haproxy_install resource
  • resolved cookstyle error: libraries/helpers.rb:19:24 refactor: ChefCorrectness/InvalidPlatformFamilyInCase
  • Updated IUS repo url to
  • Turn on unified_mode for all resources

rvm 1.0.0 has been released:

  • resolved cookstyle error: attributes/default.rb:70:18 refactor: ChefCorrectness/InvalidPlatformInCase
  • resolved cookstyle error: recipes/user_install.rb:29:48 convention: Layout/TrailingWhitespace
  • resolved cookstyle error: recipes/user_install.rb:29:49 refactor: ChefModernize/FoodcriticComments
  • resolved cookstyle error: libraries/provider_rvm_ruby.rb:6:7 refactor: ChefModernize/RespondToProvides
  • Re-factored the libraries and shell wrappers to more of an LWRP
  • Lots of other changes (see changelog)

mysql 8.7.4 has been released:

  • resolved cookstyle error: spec/mysql_client_installation_package_spec.rb:4:48 warning: ChefDeprecations/DeprecatedChefSpecPlatform
  • resolved cookstyle error: spec/mysql_server_installation_package_spec.rb:4:48 warning: ChefDeprecations/DeprecatedChefSpecPlatform
  • Use mysql_test cookbook attributes for testing
  • Cookstyle Bot Auto Corrections with Cookstyle 6.17.6

The followking cookbooks were released which contained mostly cookstyle fixes:

aptly 2.3.1
dpkg_autostart 0.4.1
line 2.9.1
nagios 9.0.1
nginx 10.3.1
percona 1.1.1
ruby_build 2.1.1
sc-chruby 0.1.2
squid 4.3.1

Other updates:

The following cookbooks were transferred to us from redguide (the precursor to Sous Chefs) yesterday and will start getting some cleanup and updates:

  • cpu
  • docker-engine
  • foreman
  • htpasswd
  • locales
  • modules
  • network_interfaces
  • nodejs
  • traefik

Thanks to @tas50 for reaching out and getting those transferred

Cinc Updates

ramereth shared

Hello from the Cinc Project!

Cinc Client:

  • 15.14.0 was released
  • chef/dist and chef-config/dist has been move to chef-utils/dist and will be released with 16.5
  • This will be the one place for all dist configuration for ruby libraries
  • We'll be working on migrating other gems' dist configuration into chef-utils once 16.5 has been released
  • Git caching has been enabled for builds to help speed up testing and release builds. The it can be easily cleared if we run into issues.

Cinc Auditor:

  • 4.23.4 was released
  • Git caching has been enabled for builds to help speed up testing and release builds. The it can be easily cleared if we run into issues.
  • Upstream issue: Include Gemfile.lock in git to ensure tagged releases can be rebuilt using the same gem versions #5242

Cinc Server:

  • Once this MR #12 has been released, we'll have a mostly functioning build.
  • Multi-project Gitlab pipelines have been enabled on the upstream/chef-server repo. This means contributors can make an MR in that repo and it will trigger a pipeline on distribution/server for testing.
  • We're planning on enabling this on upstream/chef, upstream/inspec and upstream/chef-workstation soon as well
  • Git caching was not enabled yet for this repo due to some issues with the omnibus configuration. We're hoping to make some upstream PRs to fix that eventually.

Cinc Workstation:

  • Working on enabling git caching but running into issues on the MacOS builders
  • Continue working on updating/fixing our Windows builder so that we can finally have a build

I think that's everything

See you next week!

This topic was automatically closed after 3 days. New replies are no longer allowed.