benny Vasquez shared
Only one thing to mention this week, but it’s come up a lot lately. Our internal Community Guild worked on putting together a cookbook adoption for supermarket . It’s aimed to cover all of the potentialities and be as fair to the current maintainers as possible. I’ve also got an issue open to get it added to the website, so it’ll be more readily available for folks that go looking. If you have questions, don’t hesitate to ask!
This week’s releases
The Automate team made a nice release this week that includes the ability to delete individual services on the Applications dashboard's Service Groups display and also improves the initial display of the Desktop dashboard when there's no data.
Habitat 1.6.115 was released with improved Windows Studio support and a new hab svc update command that doesn't force restarts. Windows users even get command completion in the studio now.
Cookstyle 6.15 came out with updates to the out of the box RuboCop config. It enables 8 new RuboCop cops that we think will help you write better Ruby in cookbooks. It also disables a few cops we didn't think were delivering a lot of value and couldn't be autocorrected. As time goes on we'll probably continue to disable more of the RuboCop rules that are more about style, and can't be autocorrected. https://discourse.chef.io/t/cookstyle-6-15-released-with-8-new-ruby-cops/17513
knife-vrealize 6.0 was released with support for Chef Infra Client 16: https://github.com/chef/knife-vrealize/blob/master/CHANGELOG.md
kitchen-vagrant was released with new box_auto_update and box_auto_prune options that allow you to look for new boxes on Vagrant Cloud. We update the Bento boxes often so you might want to set this option when using Bento boxes to make sure you have boxes built for the newest versions of VirtualBox, Parallels, or Fusion. Thanks for adding that @stromweld
And last, but not least we have some important cookbook updates
chef-ingredient 3.2.0 was released with support for Chef Infra Client 16 and the ability to specific products in the automatev2 resource: https://supermarket.chef.io/cookbooks/chef-ingredient#changelog
chef_client_updater 3.11.0 was released with updates to use the Scheduled Task cmdlets on Windows now that we no longer have to support Windows 2008. That makes the upgrade process much more reliable on Windows hosts: https://supermarket.chef.io/cookbooks/chef_client_updater#changelog
omnibus 6.0 was released with a good number of Cookstyle fixes and a bump to require Chef Infra Client 14 so we can drop the dependency on the legacy build-essential cookbook: https://supermarket.chef.io/cookbooks/omnibus#changelog
ulimit 1.1.1 was released with support for Chef Infra Client 16 and improvements to the template files to prevent converges when nothing actually updates: https://supermarket.chef.io/cookbooks/ulimit#changelog
chef-client 12.0.1 was released with a fix for the :remove action in the systemd_timer resource, fixes for failures on FreeBSD, and a fix for bad quoting to the scheduled task on Windows https://supermarket.chef.io/cookbooks/chef-client#changelog
chocolatey 3.0 was released with a new property to make the execution marked sensitive, fixes to make the upgrade attribute properly upgrade the install, updates to use the latest install script, and a new requirement on Chef Infra Client 12.15 or later: https://supermarket.chef.io/cookbooks/chocolatey#changelog
Yeah mdl (markdownlint) 0.10.0 was released to update our dependencies for a security vuln in kramdown. However it does break the --git-recurse option, so if you use that you'll want to manually grab git master (it's fixed there) or wait for 0.11.0.
Alex Pop shared
Hello from the Automate team!
- We merged a change to start linting our proto files with
- Improved the ElasticSearch migrations when Automate is running with multiple HA frontends.
- Continued with the compliance reporting improvements for the last 24h vs today (in UTC)
- We blocked beta flags (
beta) from activating when focusing on inputs and text areas.
- Worked to improve Compliance profile suggestions.
- Enabled configurable content-type header for data-feed-service
- Switched the build in inspec to v4.22.8
- Made improvements for the installation and operation of the Automate services.
Greetings from the Habitat team!
- Multiple improvements to cli parsing
- Adding end-to-end tests around crypto functionality
- Made http_gateway bind timeout configurable to reduce failures on systems under heavy load when the supervisor is starting
- Documenting RBAC in preparation to ship
Chef Infra Server
Hello Chef Friends! Greetings from the Chef Infra Server team! This week we have the following updates:
- We are continuing to make progress on the following:
- erlang 22 upgrade
- rails update to 6.0.3
- addressing comments for aws sig_v4 changes
- adding current Chef Infra Server builds to Chef Automate
2. We added a fix for the issue where users would see an sel_conn_closed on upgrading to Chef Infra Server 13.2.0
- Fixed the integration test pipeline allowing concurrent azure tests to be run
- Some change are in progress for chef-backend:
- fixing the current builds
- add caching for node_status to serve that information quickly.
- add some retry for health_checks to avoid immediate failovers.
That is all for us!
Chef Infra Client
Alright here's Chef Infra Client:
- Continued work to slim the package size and reduce the attack surface of what we ship
- PR to reenable extensive testing on all platforms has been opened. Running these tests has already found 2 fairly impacting bugs on Windows that we've fixed so this will be nice going forward
- Initial PR with knife bootstrap integration tests has been opened. Expect more to come here as this most likely evolves into a client/server test suite
- Minor optimizations happening throughout the codebase and work is ongoing to pull performance patches from upstream ruby/rubygems/bundler
16.4 is incoming soon, but I'd like to get InSpec out the door first. Potentially early next week
Hey from Schwad & the InSpec team! Things will be slightly quiet from us this week and next.
First off, we’re super grateful to some extra action we’re getting in the #inspec channel and people checking out the “Good first issue” label on our repository. One of these even got picked up and is soon to be merged, adding custom ports with postgres_session . There is also some nice work coming in soon looking at other postgres areas that we can add more functionality to. Looks like I’ll have to label some more issues before they all get snapped up!
Since our work is open source, it’s important to us to hear from and work closely with the community. So we definitely appreciate you all being willing to raise your voice and be heard. And even help out!
We’re also investing some time in internals. Not necessarily outwards-facing features/bugfixes, but important improvements to help us with stability, faster future development, and a more robust InSpec. These are the sort of things that do not look flashy on a community update but will make all of our lives easier in the future.
Howdy! This week the Workstation team has been merging a bunch of PRs Tim opened that aim to reduce the Chef Workstation package size and improve its speed. We attempted to fix the automatic publishing of Homebrew PRs on release, so we'll get to test that our during the bi-weekly release next week. Clinton has also been hard at work fixing some Test Kitchen bugs. And we continue to work on our new feature. Thanks!
Hello from Sous Chefs!
java has been released at 8.3.1 (thanks @Robert Detjens )
- Extract correct JAVA_HOME from custom URLs
percona has been released at 0.17.2
- Fix debian_password as a string for testing
- Fix idempotency issues with find_password method
filesystem has been released at 3.0.1
- Fix README spelling errors and formatting (thanks @jgitlin )
vault has been released at 4.2.0:
- Created hashicorp_vault_agent_install resource
- Created hashicorp_vault_agent_template resource
- Created hashicorp_vault_agent_config resource
- Updated hashicorp_vault_service resource to be configurable for vault agent and server
- Set vault default version to 1.4.1
In progress PRs:
- percona: Fix various issues and make all tests pass green ( https://github.com/sous-chefs/percona/pull/434 )
- apache2: Add package name and version parameters to install resource ( https://github.com/sous-chefs/apache2/pull/635 )
nginx: allow using
override_package_nameto specify your own package name ( https://github.com/sous-chefs/nginx/pull/552 )
- graphite: use pyenv cookbook instead of poise for python install/usage ( https://github.com/sous-chefs/graphite/pull/350 )
I'm excited about the percona cookbook releasing soon since we use that. I plan on doing similar updates to the mysql cookbook too. I also have a few OSL students working on ensuring all of the tests are passing properly on some of the cookbooks. Expect some additional PRs on that soon.
Hello from the Cinc Project!
- @Tensibai has been working on improving our InSpec testing ( https://gitlab.com/cinc-project/distribution/client/-/merge_requests/58 )
- Released 4.22.8
- @jgitlin has been taking advice from #community-distros and has a new upstream PR for chef-server-ctl wordmark replacements. This time with passing tests! ( https://gitlab.com/cinc-project/distribution/server/-/merge_requests/6 )
- Making good progress on the Cinc Server patch process. While there's a long way to go, we have for the first time produced working Server builds with Cinc branding using the same patch process as Cinc client
- Work continues on wordmark replacements in gems that cinc-server-ctl depends on and in private-chef-cookbooks as well as on the Cinc specific patches
- @Ehlers has been working on dist constant patches for omnibus-ctl ( https://gitlab.com/cinc-project/distribution/server/-/merge_requests/5 )
There's a lot more work to do on Cinc Server, but seeing this result after installing a package built by the Cinc build pipeline was very encouraging, and feels like the biggest breakthrough I've had since starting to help here.