Skip to content

Latest commit

 

History

History
3092 lines (2615 loc) · 228 KB

CHANGELOG.md

File metadata and controls

3092 lines (2615 loc) · 228 KB
Raw

Chef Server Changelog

14.8.2 (2021-08-04)

Merged Pull Requests

Changes since 14.7.13 release

Merged Pull Requests

  • Replace Opscode copyrights #2703 (tas50)
  • Test the system connectivity to the Internet in the gather logs #2704 (tas50)
  • Update PostgreSQL to 13.3 #2577 (lbakerchef)
  • Improve chef-server-ctl help and docs #2696 (tas50)
  • Update Elasticsearch to 6.8.18 #2697 (tas50)
  • Add GitHub action for cookstyle/chefspec in ctl cookbook #2595 (tas50)
  • gather-logs: Remove support for specifying the server type / chef server 11 #2672 (tas50)
  • More cleanup of the configuration cookbook #2692 (tas50)
  • Update partybus output private-chef -> Infra Server #2690 (tas50)
  • Remove the word sanity from logs, tests, and comments #2691 (tas50)
  • Update docs.chef.io and GitHub links to avoid redirects or 404s #2673 (tas50)
  • Improve logging when there are no DB migrations to run #2688 (tas50)
  • More Chef Server -> Chef Infra Server branding updates #2689 (tas50)
  • Improve migration logging a bit #2670 (tas50)
  • Add basic server usage information to gather-logs #2666 (tas50)
  • Branding updates in the chef-server-ctl command #2685 (tas50)
  • Better describe what chef-server-ctl upgrade does #2687 (tas50)
  • Fix incorrect spelling of PostgreSQL #2686 (tas50)
  • Bump omnibus-software from a4f73e4 to c172afb in /omnibus #2684 (dependabot[bot])
  • Bump omnibus from 6d109b6 to 9ffcd89 in /omnibus #2683 (dependabot[bot])
  • Bump redis from 4.3.1 to 4.4.0 in /src/chef-server-ctl #2680 (dependabot[bot])
  • Update pg gem to 1.2.3 #2611 (jashaik)

14.7.13 (2021-07-28)

Merged Pull Requests

14.6.32 (2021-07-19)

Merged Pull Requests

14.5.29 (2021-06-23)

Merged Pull Requests

14.4.4 (2021-05-20)

Merged Pull Requests

14.3.14 (2021-04-22)

Merged Pull Requests

14.2.2 (2021-03-17)

Merged Pull Requests

14.1.0 (2021-02-26)

Merged Pull Requests

14.0.65 (2020-10-26)

Merged Pull Requests

14.0.58 (2020-10-01)

Merged Pull Requests

13.2.0 (2020-04-14)

Merged Pull Requests

13.1.13 (2019-11-25)

Merged Pull Requests

13.0.17 (2019-07-01)

Merged Pull Requests

  • Remove 12.19.* version constraint on master #1693 (markan)

13.0.16 (2019-07-01)

Merged Pull Requests

12.19.31 (2019-03-07)

Merged Pull Requests

12.19.26 (2019-01-31)

Merged Pull Requests

12.18.14 (2018-10-15)

Merged Pull Requests

12.17.33 (2018-02-23)

Merged Pull Requests

12.17.15 (2017-12-21)

Merged Pull Requests

12.17.5 (2017-10-25)

Merged Pull Requests

12.17.3 (2017-10-19)

Merged Pull Requests

12.16.14 (2017-09-21)

Merged Pull Requests

12.16.9 (2017-08-30)

Merged Pull Requests

12.16.2 (2017-08-16)

Merged Pull Requests

  • Enable chef-server in ACC #1348 (tduffield)
  • Add health checks for rabbitmq #1345 (jaym)
  • [pedant] Wait for rabbitmq before every search test #1356 (stevendanna)
  • Expose db_pool_max and db_pool_init attrbiutes for bookshelf like oc_… #1354 (itmustbejj)
  • Fixing reindex's use of elasticsearch scroll API #1358 (ksubrama)
  • Fixed deleting ES indexes for ES5 and ES2 #1367 (lancewf)
  • Use NGINX cert path attributes to configure RabbitMQ #1366 (schisamo)
  • [omnibus] bump postgres versions #1372 (srenatus)
  • [erchef] Remove input validation for user info #1343 (stevendanna)
  • Set the correct owner and permissions for SSL certificate and key #1370 (jaym)
  • Revert "Make root own the certs, but part of the opscode group" #1376 (jaym)

12.15.8 (2017-06-20)

Full Changelog

Fixed bugs:

  • not_found_message for "groups" undefined, returns HTTP 500 instead of 404 #1284
  • Support Self-Service Org Deletion #48

Closed issues:

  • Wrong token used by Chef server to send data to Chef Automate #1281
  • Fresh server install on Jessie fails during client run - exception handlers #1178

Merged pull requests:

Components

Updated Components

  • zlib (1.2.8 -> 1.2.11)
  • openssl (1.0.2k -> 1.0.2l)
  • rb-readline (68457ded -> fd882edc)
  • veil-gem (b5748829 -> 9098dd3c)
  • postgresql92 (9.2.15 -> 9.2.21)
  • berkshelf-no-depselector (6016ca10 -> 6016ca10)

Contributors

  • Salim Afiune
  • Kartik Null Cating-Subramanian
  • Ryan Cragun
  • Steven Danna
  • Daniel DeLeo
  • Lance Finfrock
  • Ryan Hass
  • Pete Higgins
  • Davida Marion
  • Thom May
  • Dairon Medina
  • Marc Paradise
  • Stephan Renatus
  • Blake Stier

12.15.7 (2017-05-17)

Full Changelog

Closed issues:

  • Upgrade from Chef 11 to 12 fails in fix_permissions stage with error 400 for every node #1274
  • not install chefserver in my ubuntu, when i tried to install like following below #1269

Merged pull requests:

Components

Updated Components

  • berkshelf-no-depselector (e3dd3d6f -> 6016ca10)

Contributors

  • Marc Paradise
  • Steven Danna
  • Sean Horn
  • Bryan McLellan

12.15.6 (2017-05-05)

Full Changelog

Merged pull requests:

12.15.6 (2017-05-05)

Full Changelog

Merged pull requests:

Contributors

  • Marc Paradise
  • Steven Danna
  • Jaymala Sinha

12.15.5 (2017-05-04)

Full Changelog

Merged pull requests:

  • [nginx] regression: proxied compliance requests get HTTP 404 #1253 (stevendanna)

Updated Components

  • berkshelf-no-depselector (dd8ec048 -> e3dd3d6f)

12.15.3 (2017-05-03)

Full Changelog

Fixed bugs:

Closed issues:

  • Cookbook upload missing subdirectories in libraries #751

Merged pull requests:

12.15.0 (2017-04-27)

Full Changelog

12.15.0 (2017-04-27)

Components

New Components

  • server-complete

Updated Components

  • cacerts (2016-04- -> 2017-01-)
  • openssl (1.0.2j -> 1.0.2k)
  • omnibus-ctl (43b10417 -> 76347dd8)
  • knife-opc (00a6866c -> 30b6cd85)
  • knife-ec-backup (36fbecfd -> 69b50524)
  • liblzma (5.2.2 -> 5.2.3)

Contributors

  • Steven Danna
  • Salim Afiune
  • Mark Anderson
  • Marc Paradise
  • Jaymala Sinha
  • Ryan Cragun
  • Stephen Delano
  • Stephan Renatus
  • Thom May

Implemented enhancements:

  • LDAP: Synthesize a displayname from surname, givenname #151
  • Mapping Capability Between LDAP and Chef Server 12 Attributes #104
  • Enhance API to handle global groups in local contexts #1159 (markan)

Closed issues:

  • Failure upgrading RabbitMQ from Migration 1.30 to 1.31 #1220
  • Allow setting LDAP "displayName" attribute in Chef Server #800
  • LDAP user name mojibake #675

Merged pull requests:

12.14.0 (2017-03-27)

Full Changelog

Components

Updated Components

  • rabbitmq (3.3.4 -> 3.6.6)
  • erlang (17.5 -> 18.3)
  • config_guess (084a4076 -> 84f04b02)
  • omnibus-ctl (b719d582 -> 43b10417)
  • knife-ec-backup (2.0.6 -> 36fbecfd)
  • berkshelf-no-depselector (ed797b94 -> dd8ec048)
  • ohai (e5abf16c -> 5804e6da)
  • chef (fcb0ccc2 -> b2ab74b7)
  • veil-gem (master -> b5748829)

Contributors

  • Ameir Abdeldayem
  • Irving Popovetsky
  • Marc Paradise
  • Mark Anderson
  • Stephan Renatus
  • Steven Danna

Fixed bugs:

  • Unset/reset SVDIR inside chef-server-ctl #1075

Closed issues:

  • chef-backend-ctl create-cluster creates broken cluster if ipv6 is turned on #1111
  • Organizations starting with "bookshelf" are unusable #694
  • chef-server-ctl tail: cannot follow ‘-’ by name #672
  • chef-server-ctl test failure: Search API endpoint using POST #321
  • Sporatic build failures in chef_index_batch tests #631

Merged pull requests:

12.13.0 (2017-02-20)

Full Changelog

Components

New Components

  • erlang-crypto2 (d60d87ed)

Updated Components

  • omnibus-ctl (4db34135 -> b719d582)
  • berkshelf-no-depselector (f49321c9 -> ed797b94)
  • rb-readline (323fed5a -> 68457ded)

Contributors

  • Rachel Adler
  • Tyler Ball
  • Tyler Cloke
  • Steven Danna
  • Marc Paradise
  • Stephan Renatus

Merged pull requests:

Contributors

  • Marc Paradise
  • Steven Danna
  • Jaymala Sinha

12.12.0 (2017-01-26)

Full Changelog

Components

Updated Components

  • ruby (2.2.5 -> 2.2.6)
  • rubygems (2.6.6 -> 2.6.8)
  • omnibus-ctl (a0ccf08a -> 4db34135)
  • server-jre (8u91 -> 8u121)
  • knife-opc (a08237d4 -> 00a6866c)
  • berkshelf-no-depselector (abb27143 -> f49321c9)
  • ohai (c34212ea -> e5abf16c)
  • appbundler (76cb1728 -> 6582b688)
  • rb-readline (5e1c55db -> 323fed5a)
  • chef_backup-gem (67b1f51a -> bc1105b7)
  • chef (c21db758 -> fcb0ccc2)

Contributors

  • Steven Danna
  • Stephan Renatus
  • Mark Harrison
  • Thom May
  • Marc Paradise
  • Larry Eichenbaum
  • Matt Campbell
  • Shadae Holmes
  • Bryan McLellan
  • Nathan L Smith
  • Ryan Cragun
  • Sean Nolen

Fixed bugs:

  • chef-server-ctl password command does not accept special characters #366
  • Chef Server API should not allow usernames with spaces #90
  • Confusing error message with duplicate email address #59

Closed issues:

  • enable fips mode with chef-server-fips-core package #1024
  • error in chef-server-ctl reconfigure in docker. #960
  • Data bag search doesn't work correctly for encrypted arrays #876
  • rebar3 warning during build #630
  • oc_id: email configuration #547
  • Add settings to production.yml for sending mail #185

Merged pull requests:

12.11.1 (2016-11-17)

Full Changelog

Merged pull requests:

Components

Updated Components

  • berkshelf-no-depselector (305b4fa8 -> abb27143)
  • chef (ed93e0fb -> c21db758)

Contributors

  • Nathan L Smith
  • Steven Danna

12.11.0 (2016-11-10)

Full Changelog

Merged pull requests:

Components

Updated Components

  • mixlib-install (9c9dad45 -> 8622e934)
  • server-jre (8u74 -> 8u91)
  • berkshelf-no-depselector (03b43842 -> 305b4fa8)
  • ohai (582dcc7a -> c34212ea)
  • chef (fc30a44a -> b86319aa)

Contributors

  • Ryan Cragun
  • Steven Danna
  • Stephan Renatus
  • Alex Pop
  • Thom May
  • Patrick Wright
  • Serdar Sutay
  • Mark Anderson
  • Julien 'Lta' BALLET

12.10.0 (2016-10-31)

Full Changelog

Implemented enhancements:

Closed issues:

  • /etc/opscode/pivotal.pem is missing #986
  • Disabling redirect with "non_ssl_port" and "enable_non_ssl" does not work as expected. #973
  • Intermittent "401 Unauthorized" failures from Chef server using Chef client #968
  • Problems creating new nodes after restoring Chef 12 server from backup #893
  • chef server core 12.0 rc6 rpm thinks its newer than ga #40

Merged pull requests:

Components

New Components

  • libintl-perl (1.23)
  • nodejs-binary (6.7.0)
  • berkshelf-no-depselector (03b43842afabd1f9c3bf127dafb1dc1dd0daba64)
  • cleanup (1.0.0)

Updated Components

  • config_guess (9152ce40 -> 084a4076)
  • openssl (1.0.1u -> 1.0.2j)
  • mixlib-install (b2495ce9 -> 9c9dad45)
  • openresty (1.9.7.2 -> 1.11.2.1)
  • knife-opc (2ce18240 -> a08237d4)
  • ohai (567dcb84 -> 582dcc7a)
  • appbundler (379a06cc -> 76cb1728)
  • rb-readline (cf67cd06 -> 5e1c55db)
  • chef_backup-gem (cc8e5bf9 -> 67b1f51a)
  • veil-gem (master -> master)
  • redis (3.0.4 -> 3.0.7)
  • chef (3e8b93b9 -> fc30a44a)

Removed Components

  • bzip2 (1.0.6)
  • python (2.7.9)
  • nodejs (0.10.35)
  • dep-selector-libgecode (1.2.0)
  • berkshelf (8f7d2e1d3c8341ffe6774e92a6a136c28a0bff03)

Contributors

  • Marc Paradise
  • Serdar Sutay
  • Steven Danna
  • Paul Mooring
  • Daniel DeLeo
  • Stephan Renatus
  • Nathan L Smith
  • Kartik Null Cating-Subramanian
  • Patrick Wright
  • Ryan Hass
  • Tim Smith

12.9.1 (2016-09-26)

Full Changelog

Merged pull requests:

Components

Updated Components

  • openssl (1.0.1t -> 1.0.1u)
  • veil-gem (master -> master)
  • chef (8e1312bb -> 7ed29654)

12.9.0 (2016-09-21)

Full Changelog

Fixed bugs:

  • Make activesupport dependency less restrictive #930 (rhass)
  • same name could be accessed across organizations 643
  • Fixed logging LDAP password in event of some errors 156

Closed issues:

  • chef-server 12.6.0 does not include cleanup script for opscode-expander-reindexer #846
  • mover_server_admins_global_group_callback: duplicate key #822
  • erchef dumps LDAP password #156

Merged pull requests:

12.8.0 (2016-07-06)

Full Changelog

Closed issues:

  • connectivity verifier in preflight_postgres_validator.rb misses one possibility #620

Merged pull requests:

  • [omnibus] Update omnibus-software for libarchive config_guess fix #873 (stevendanna)
  • [omnibus] Move from berkshelf2 to latest bookshelf #872 (stevendanna)
  • New rack requires updating chef-zero to 4.7 #871 (markan)
  • Fix repo for manderson26->markan git change #870 (markan)
  • [ET-221] Move SAML/LDAP check into pre-flight #868 (chefsalim)
  • [IPO-204] Send actions to the Data Collector before sending stats_her… #867 (ryancragun)
  • Fix logging in server_admins_existing_users_read_permissions #866 (stevendanna)
  • [IPO-203] Update oc_chef_wm to send actions to the Data Collector #865 (ryancragun)
  • [IPO-202] Add initial Data Collector application and /_status check #858 (ryancragun)

Components

New Components

  • libarchive (3.1.2)
  • dep-selector-libgecode (1.2.0)
  • berkshelf (d563dc5b5f81f62546d41dd40c43e38986bfcf75)

Updated Components

  • cacerts (2016.01.20 -> 2016-04-20)
  • config_guess (e39075a3 -> 5b4e8a5d)
  • libxml2 (2.9.3 -> 2.9.4)
  • libxslt (1.1.28 -> 1.1.29)
  • ohai (d1e2fe98 -> f9992941)
  • chef (de78e390 -> f5cae5ea)

Removed Components

  • berkshelf2 (2.0.18)

12.7.0 (2016-06-20)

Full Changelog

Implemented enhancements:

  • Bootstrapping a Chef server should not delete databases #79

Fixed bugs:

  • oc_id: Rails existing process detection fails and causes high CPU utlilization. #403
  • Deleting a User Should Also Delete Any Pending Invites #80

Closed issues:

  • [chef-server-ctl] Incorrect error messages with user-create #844

Merged pull requests:

  • Fix whitespace in config #851 (jkeiser)
  • Update misleading filename error message #862 (MichaelPereira)
  • Add ci/run_tests.sh to drive the CI process #859 (jkeiser)
  • [ET-202] Fix chef_manage node attribute access #856 (srenatus)
  • Update openresty to point to ppc64 lua location #855 (scotthain)
  • [ET-202] Check for SAML enablement during reconfigure #854 (chefsalim)
  • Updated omnibus software pinning to pick up ppc64 friendly defs #853 (scotthain)
  • oc_erchef users list: allow filtering by external_authentication_id #852 (sdelano)
  • use chef_zero mode in vagrant for dvm #850 (sdelano)
  • Use enterprise cookbook version that supports systemd on ubuntu 16.04 #848 (yzl)
  • Reset initialization_options and vendor_class after a chef_run #841 (ryancragun)
  • Add chef-server-ctl require-credential-rotation command #840 (ryancragun)
  • Update to pick up latest omnibus and omnibus software #839 (mmzyk)
  • Remove chef-sync from the known add on packages for the install command #838 (mmzyk)
  • release process updates #836 (patrick-wright)
  • [omnibus] bypass_bootstrap? should ensure both creds exist #835 (stevendanna)
  • Add Ryan Cragun as a Chef Server maintainer #834 (ryancragun)
  • Fixing pedant/bookshelf when nginx on non-standard port #833 (adamleff)
  • Update opscode-solr4 JAVA_OPTS to include whitespace #830 (bigbam505)
  • Update chef-server release process documentation. #829 (rmoshier)
  • Release Process Updates #828 (schisamo)
  • Add support for service credentials rotation #798 (ryancragun)
  • Updated Copyright and URL #771 (jjasghar)

Components

New Components

  • veil-gem (master)

Updated Components

  • config_guess (706fbe57 -> ddd7f330)
  • openssl (1.0.1s -> 1.0.1t)
  • omnibus-ctl (e75976be -> a0ccf08a)
  • sqitch (0.973 -> 0.973)
  • ohai (780f7c5f -> 17e5c748)
  • chef (b94e2ef4 -> f0caa91e)

Contributors

  • Brent Montague
  • Michael Pereira

12.6.0 (2016-04-29)

Full Changelog

Closed issues:

  • chef-server-ctl grant-server-admin-permissions needs cli help #806
  • chef-server-ctl cannot load such file -- chef/key (LoadError) #632

Merged pull requests:

  • Revert changes to sqitch plan files to avoid upgrade breakage #826 (stevendanna)
  • [travis] Fixup GECODE_PATH in travis config #823 (stevendanna)
  • Dynamically generate the wait-for-rabbit script #821 (adamleff)
  • [oc-chef-pedant] Tag multiuser tests as multi-user #819 (stevendanna)
  • Bug fix: treat a successful PG conn and auth as a preflight success #818 (adamleff)
  • Fix bug where requestor membership of public_key_read_access was not being properly tested for keys access. #817 (tylercloke)
  • [omnibus] Expose haproxy config in chef-server.rb #816 (stevendanna)
  • getchef.com and opscode.com -> chef.io #815 (jkeiser)
  • [oc_id] Set HOME in oc_id's runsv script #814 (stevendanna)
  • [expander] Set HOME in expander's runsv script #811 (stevendanna)
  • [omnibus] Add rb-readline to the build #809 (stevendanna)
  • Use HAProxy to route Postgresql and ElasticSearch connections #808 (stevendanna)
  • Pick up latest omnibus/omnibus-software #805 (schisamo)
  • Fix error in error handling for server admins permission migration #804 (paulmooring)
  • Work to support chef-server on IBM POWER platforms #797 (edolnx)
  • Use mixlib-installs’ built-in platform detection during add-on install #796 (schisamo)
  • Update RELEASE_PROCESS.md to reflect the new announcement process #795 (mmzyk)
  • Modernize Add-On Install #794 (schisamo)
  • Update upgrade docs in RELEASE_PROCESS.md. #789 (tylercloke)

Components

New Components

  • mixlib-install (b2495ce9db896ce8c9c0444282e67da9d5a62a7b)
  • rb-readline (cf67cd06ae89e8b2710ba930c3015639240ac7b7)
  • haproxy (1.6.4)

Updated Components

  • config_guess (bb8fb402 -> 706fbe57)
  • rubygems (2.4.5 -> 2.4.5)
  • libossp-uuid (1.6.2 -> 1.6.2)
  • ohai (218d894f -> 780f7c5f)
  • appbundler (c6193c09 -> a8376ff7)
  • chef_backup-gem (bd29c56a -> a402a2ef)
  • chef (e9194179 -> b94e2ef4)

Contributors

  • Steven Danna
  • Paul Mooring
  • Adam Leff
  • John Keiser
  • Tyler Cloke
  • Seth Chisamore
  • Carl Perry
  • Kartik Null Cating-Subramanian
  • mmzyk

12.5.0 (2016-03-22)

Full Changelog

Fixed bugs:

  • chef-manage doesn't load chef-server node attributes (doesn't inherit fqdn) #744
  • Using public EC2 name for manage + API exceeds nginx hash bucket size #743

Closed issues:

  • PUT method /organizations/NAME/node/NAME reset automatic attributes. #783
  • 500 error after upgrade #762
  • ubuntu_supported_codenames should include trusty instead of natty #759
  • Where can I edit the hostname used by Chef Server? #752
  • service postgresql is running externally and cannot be managed #733
  • 502 errors from nginx while reaching erchef server #732
  • oc-bifrost-pedant not merged into the repository #670
  • Chef Server 12: View Public Keys of all Users, including clients #649
  • Instructions are incorrect after installing a package during upgrade #646

Merged pull requests:

  • Update inet interface #788 (tylercloke)
  • Spool 106/update rails version #787 (ksubrama)
  • Set missing multiuser tags; fix nil validator w/ default org #786 (danielsdeleo)
  • Standardize license information based on omnibus best practices. #784 (sersut)
  • [omnibus] Change pgsql's local service user and db superuser to not be hardcoded #782 (andy-dufour)
  • [oc_erchef] Make the _status endpoints health check timeout configurable. #781 (andy-dufour)
  • [erchef,bifrost,chef-mover] Update stats_hero and other deps #780 (stevendanna)
  • Add trusty and remove natty add on support. #778 (tylercloke)
  • Add some more testing related info to README #777 (ksubrama)
  • Include license information for chef-server and dependencies in omnibus packages #775 (sersut)
  • Bump bundler install for chef-zero Travis to 1.10.6. #774 (tylercloke)
  • [chef-server-ctl] Fix several bugs in chef-server-ctl backup #770 (ryancragun)
  • Added /orgs/org/users/user/keys(/key) endpoint and changed default perms on org scoped key GETs. #769 (tylercloke)
	The following endpoints' GET methods can now be accessed by any requestor that is a member of the same organization:
	/organizations/:org/clients/:client/keys
	/organizations/:org/clients/:client/keys/:key
	/organizations/:org/users/:user/keys
	/organizations/:org/users/:user/keys/:key

	The above org-scoped user keys endpoints are new and access to them can be controlled by an admin by editing memebership
	of the public_key_read_access group.
  • [cookbooks] Use only_if resource attribute, fixing typo #767 (stevendanna)
  • Added GET /groups/:group/transitive_member/actors/:actor endpoint for checking recursive membership. #766 (tylercloke)
  • Change the text on the homepage to refer to chef-manage instead #765 (juliandunn)
  • [omnibus] Don't build rebar2, we don't use it #764 (stevendanna)
  • Updated contributor doc to note that a rebase is needed before merging. #763 (tylercloke)
  • Pull oc-bifrost-pedant in and fix base_url bifrost bug. #761 (tylercloke)
  • Update rubocop definition to prevent errors. #758 (elliott-davis)
  • Bump omnibus-software to pick up latest server-jre #757 (scottopherson)
  • ['private_chef']['rabbitmq']['management_enabled'] should be respected #756 (jmink)
  • [omnibus] Remove old access_by_lua nginx config and allow custom acce… #754 (ryancragun)
  • Make org creation optional in APIv1 spec #753 (danielsdeleo)
  • Tag tests that expect 400 return w/ validation #747 (danielsdeleo)
  • move hash_bucket_size to correct place in config file #746 (jamesc)
  • Increase default nginx server_names_hash_bucket_size to 128 from 64 #745 (jamesc)
  • Add logic to support configure yum repos for Amazon Linux (#741) #742 (jamesc)
  • Split keys_spec.rb into user_, client_keys_spec.rb #740 (jrunning)
  • Bumping private-chef's enterprise cookbook dependency to 0.10.0 #737 (andy-dufour)
  • Upgrade Posgtresql to 9.2.15. #735 (rhass)
  • Updating gatling-rsync configuration #734 (dmccown)
  • [chef-server-ctl] Cleanse bookshelf database when storage_type is sql #729 (stevendanna)
  • [bookshelf] Only do disk-related startup tasks in filesystem-mode #728 (stevendanna)
  • Only define LINE_SEP on first load #725 (stevendanna)
  • bifrost and bookshelf schemas explicit upgrade #715 (marcparadise)
  • Fixing upgrade instructions in package postinstall script #689 (andy-dufour)
  • Update rspec-rerun to latest to get rid of backtrace issues #664 (jkeiser)

Components

New Components

  • config_guess (bb8fb4029563dcd564ece143ce558ea44c720a15)

Updated Components

  • cacerts (2014.08. -> 2016.01.)
  • openssl (1.0.1q -> 1.0.1s)
  • pcre (8.31 -> 8.38)
  • openresty (1.9.3.1 -> 1.9.7.2)
  • postgresql92 (9.2.14 -> 9.2.15)
  • server-jre (8u31 -> 8u74)
  • nodejs (0.10.10 -> 0.10.35)
  • libxml2 (2.9.2 -> 2.9.3)
  • ohai (237129a0 -> 218d894f)
  • appbundler (0.6.0 -> c6193c09)
  • chef_backup-gem (0.0.1.de -> bd29c56a)
  • chef (22d700e4 -> e9194179)

Removed Components

  • rebar (1c98f6ccd4adc915167d4302d732d79e4da3d390)

12.4.1 (2016-02-03)

Full Changelog

Components

Updated

  • ohai (81f1c968 -> d9262d06)
  • chef (ec5a8925 -> 09227432)

Detailed Change Log

Fixed bugs:

  • chef-server-ctl upgrade broken in 12.4.0 #724
  • Create cookbook artifacts with all fields filled in #714 (danielsdeleo)

12.4.0 (2016-01-27)

Components

Updated

  • openssl (1.0.1p -> 1.0.1q)
  • knife-opc (528be923 -> 0b8fa0fa)
  • ohai (f1e35bf1 -> 81f1c968)
  • chef (2fe875ce -> 3f3fbc8f)

New

  • rest-client (1.8.0)

Removed

  • chef-server-bootstrap

Detailed Change Log

  • oc-pedant

    • Replace /policies/:group/:name in spec descriptions with /policy_groups/:group_name/policies/:policy_name.
    • Fix spec descriptions that were copied from /cookbooks to cookbook_artifacts.
    • Allow opt-out of RVM/bundler busting in knife pedant tests
    • Add validation tag to header validation test

  • oc-erchef

    • Added ACL endpoints for policies and policy groups; also pedant tests
    • Implement RFC 14 - Add universe endpoint
    • V1 of Server Admins. Implements flexable user management global group.

  • chef-server-ctl

    • Make sure chef-server-ctl install can do chef-manage

  • knife

    • Add test for knife-opc org creation
    • Use validation for knife opc instead of knife

  • updated RAML documentation

  • chef-server

    • Restrict 'other' permissions for chef-server.rb as it may contain secrets.
    • Remove other permissions on existing copies of chef-server.rb to protect potentially sensitive config options

  • omnibus

    • EcPostgres can be used with other databases
    • Move bootstrap to recipe/library.
    • Remove chef-server-bootstrap project
    • Create a consolidated cleanup recipe
    • Bootstrap preflight checks to prevent multiple bootstraps
    • Modify postgres preflight checks to have correct assumptions
    • Fix statem test output formatting

  • rabbitmq

    • Correct handling of no rabbitmq in controls endpoint
    • Set rabbitmq_management listener IP to rabbitmq node_ip_address
    • Don't monitor rabbit queue length w/ actions disabled
    • Remove unused jobs queue from rabbitmq setup

  • bookshelf

    • Support optionally storing cookbook data in postgresql rather than on the filesystem directly. This is an experimental feature and is off by default. This is only supported for new installs at this time; there is no support for migrating cookbook data from the filesystem to sql (or back).
    • Remove bksw_sync module

  • opscode-expander-reindexer

    • Remove opscode-expander-reindexer service

12.3.0 (2015-11-12)

Components

Updated

  • ncurses (5.9-2015 -> 5.9)
  • rubygems (1.8.24 -> 2.4.5)
  • bundler (1.5.3 -> 1.10.6)
  • openresty (1.7.10.1 -> 1.9.3.1)
  • postgresql92 (9.2.10 -> 9.2.14)
  • liblzma (5.0.5 -> 5.2.2)
  • ohai (ffd9a0a0 -> c9787b96)
  • appbundler (0.4.0 -> 0.6.0)
  • redis (2.8.21 -> 3.0.4)
  • opscode-solr4 (4.9.1 -> 4.10.4)
  • chef (ad8fd4d6 -> b0dbe243)

New

  • pkg-config-lite (0.28-1)

Removed

  • pkg-config (0.28)
  • gdbm (1.9.1)

Detailed Change Log

  • omnibus 616 - omnibus-software-bump
    • Remove dependency on gdbm
  • oc-chef-pedant 615 - mark-more-validations
    • Mark policy/policy group validation specs with :validation.
  • oc-chef-pedant 614 - pedant_add_seed_option
    • Rspec by default runs tests in a random order, which normally is good. However sometimes bugs manifest themselves as state leftover from prior tests, and it's hard to sort those out when the order changes every time. Add a --seed flag to pedant to set the rspec seed value.
  • chef-mover 613 - no-eunit-on-vendored-code
    • do not run intermittently failing tests on dependencies that we can't change for backward-compatibility reasons.
  • omnibus 611 - no-etc-for-erl
    • Don't create a few unused directories on new installs
  • omnibus 612 - migration-26-rename
    • Follow filename convention for migration 26
  • dvm 610 - custom-dotfile-location
    • add support for dotfiles external to the repository
  • dvm 609 - dp_add_reporting_template
  • internal-doc, dvm 608 - dp_external_pgsql_dvm
    • allow dvm to create an external reporting db vm
  • oc-id 606 - dp_nil_username_ocid
    • nil username breaks Analytics login
  • omnibus 597 - fixes584
    • chef-server/584 Adding 3 retries will ensure bootstrap-platform script does not fail because bifrost component slow to start up.
  • omnibus fix-warn
    • Fixes Chef 13 warning related to using 'environment' attribute to configure 'PATH'.
  • omnibus RyanFrantz-master
    • the nginx nginx_status endpoint is now available.
    • Sensibe defaults are defined in attributes/default.rb.
  • omnibus 571 - CVE-2014-3628
    • Need the md5sum too...
    • Bump to Solr 4.10.4 for CVE-2014-3628
  • dvm, bifrost 588 - dvm-fixes
    • dvm fixes to fix unhelpful error messages and enable successful loading of bifrost.
  • oc-chef-pedant 600 - tag-pedant-validations
    • Mark every spec expecting a 400 as :validation.
  • bookshelf, bifrost, erchef 592 - rebar-lock-updates-and-webmachine-rehome
    • pull in the latest webmachine and mochiweb dependencies to resolve an issue which could lead to requests being rejected under sudden load.
  • omnibus, erchef 591 - dp_queue_mon_affects_overall_status
    • queue monitor doesn't affect overall_status by default
  • oc-chef-pedant, omnibus, erchef 589 - fcs
    • Chef Server now supports Elasticsearch as a search indexing backend in addition to solr.
    • Once an ElasticSearch node is configured, you can
  • omnibus, erchef 570 - dp_rabbit_monitoring
    • enable RabbitMQ Management Plugin
  • oc-id 560 - add-ocid-email
    • fixing specs
    • update omniauth-chef to 0.2.0
    • I18n changes
    • Changes to allow username for password changes
  • omnibus 555 - gather-log-updates
    • gather-logs updates
  • oc-id 563 - oc-id-hosted-copy
    • Just call it "Chef account" and "Chef username" and put it into the i18n config.
  • omnibus 579 - chef-server-ctl-proxy
    • This configuration file is used by chef-server-ctl to talk to the API locally. Proxy configs in the users environment often cause problems because the LB VIP is almost always 127.0.0.1, which causes the proxy to try to connect to itself rather than back to the chef-server.
  • chef-mover 569 - be-quiet-mover
    • This test is noisy and fails at random on Travis. It is part of chef-mover's vendored copy of depsolver.
  • dvm 573 - fix-package-listing
    • Other parts of the installer selection code assume that the user gave us a number starting from 1.
  • dvm 574 - dvm-sync-cleanup
    • updated the sync tool with more configuration options and more succinct output.
  • omnibus master
  • omnibus, bootstrap 545 - fix-non-default-postgres-port
    • Issue 459: Use configured port everywhere we talk to postgres
  • dvm 566 - dvm-powerdown-ssh-fail
    • It's now possible to specify AUTOPACKAGE=x where x is the number of the selection you'd type in. This saves the arduous task of having to wait for the package menu and type a number on vagrant up
    • do not check if project path is available until we try to load that project.
  • omnibus 565 - master
    • Change the name to be more meaningful
    • Adding configurability for erchef and bifrost logging messages per second
  • dvm 556 - warn-for-external-projects
    • Warns rather than fail if external project isn't linked
  • oc-chef-pedant 552 - search-poll-correctly
    • with_search_polling works by retrying when an exception is raised. An empty response from search will not raise an exception, rather the assertions on the results should also be inside the with_search_polling block.
  • omnibus 550 - fix-bundler
    • Override bundler from omnibus-software default of 1.5.3 to 1.10.6.
  • dvm reporting-updates
    • add support for oc-reporting-pedant
    • fix dep loading that broke with rebar changes, add reporting projects, and more!
  • omnibus, erchef 540 - ldap-case-sensitive
    • Fix bug where logins via LDAP failed because of case sensitivity.
  • omnibus, oc-id 543 - oc-id-favicon
    • remove oc-id favicon
    • Uses the favicon from https://www.chef.io/favicon.ico. oc-id had a blank file in that place, while the static files did not have one. Adding the files and the configuration to let nginx serve it.
  • omnibus 537 - backup_exit
  • erchef 541 - fix-conn-leak
    • Fix HTTP 500s generated by request timeouts to bifrost on high-traffic Chef Servers.
  • omnibus 524 - cleanup-static-nginx-files
    • Make the default index.html message more informative.
    • delete unused javsacript files from nginx deploy
  • omnibus 536 - master
    • Don't consider opscode-chef-mover or any other hidden service status when checking ha-status. This is based on assumption the opscode-chef-mover service is only used during an upgrade, and does not need to be running all of the time.
  • erchef 528 - spurious-status-400s
    • Fix bug where persistent clients would receive HTTP 400 after successful calls to the /_status endpoint.
  • erchef 529 - remove-chef-otto
    • Remove unused chef_otto.hrl
  • erchef 533 - stablize-batch-tests
    • A number of timeouts we were seeing seems to be a race condition in shutting down the gen_server. To avoid this, we monitor the gen_server pid and wait to get notified of its exit.
  • erchef 532 - efast_xs
    • Only try to index policy_name and policy_group if their values are not undefined.
    • Added throw to chef_index_expander:expand/3 when key passed with undefined value.
    • Added efast_xs to relx section of rebar.config.
  • dvm 516 - forward-ssh-agent
    • Occasionally we want to clone private repositories inside the dev-vm. The forwarded ssh-agent makes this easier since the user can add their github ssh key to their agent and it will be available inside the VM.
  • dvm, omnibus, erchef 520 - direct_solr_writes
    • add support for immediate data commits to chef_solr, bypassing the rabbit queue and expander process. Enable this by setting opscode_erchef['search_queue_mode'] to batch.
  • oc-id 522 - CVE-2015-1840
    • Upgrade jquery-rails to patch CVE-2015-1840
  • bookshelf, chef-mover, bifrost, erchef 518 - rebar-update-pc-fix
    • An update to the port compiler on hex caused an incompatibility with the version of rebar we had vendored. Here we lock the pc plugin to avoid the problem. We should try to move to a newer rebar3 and update the port compiler once rebar3 does a release.
  • chef-mover, bifrost, erchef 507 - ok-rebar-you-win
    • rebar3 wants to alphabetize the rebar.lock file, who are we to argue?
  • chef-mover 508 - ignore-ance-is-bliss
    • Remove oc_erchef build artifacts from git
  • omnibus 509 - sles-support-csc-install
    • Adding suse to package support for local addon installs.

12.2.0 (2015-09-01)

oc_erchef

  • New policyfile API endpoints to enable cleanup of policy objects:
    • /policies/:policy_name (GET, DELETE)
    • /policies/:policy_name/revisions (POST)
    • /policies/:policy_name/revisions/:revision_id (GET, DELETE)
    • /policy_groups/:policy_group_name (GET, DELETE)
  • admin group acl policy changes, preventing removal of admin group ACE from a group's grant ACL.
  • renamed $ORG_global_admins to $ORG_read_access_group
  • prefer user auth when there is a username/client collision and the request is originating from Manage.

omnibus

  • Change oc-id vip back to 127.0.0.1 to avoid possible error with nginx; add -b option for Rails and make vip fully configurable so it can work properly in IPv4 and IPv6 environments
  • Ensure automatic updates from the chef packagecloud repository are disabled on rhel by default, and in all cases specify stable repository.
  • Ensure that opscode_chef database is owned by the sql_user specified for opsode-erchef instead of the global postgresql user.
  • external postgresql now supported
  • change nearly all database access (except initial DB creation for locally managed database) to use tcp/ip instead of local socket for consistency in local/remote installations.
  • add-on configuration hook framework
  • chef-server-ctl support for pre/post command hooks via omnibus-ctl
  • chef-server-ctl support for external postgresql
  • new chef-server-ctl commands: psql, backup, restore
  • chef-server-ctl will give a nice message instead of a stack trace when not run as root.

dvm

  • new option to auto-load components that live in omnibus prior to first chef-server-ctl reconfigure
  • support and auto config for an additional postgres VM.

bifrost

  • fix for deadlocks that occur when multiple updates to the same actor are applied concurrently.

oc-id

  • additional fix for not enabling newrelic unless requested

chef-mover

  • New migration for the rename of $ORG_global_admins to $ORG_read_access_groups and proper setup of org user read permissions.

bookshelf

  • Experimental support for synchronizing two bookshelf instances.

Components

New Components

  • chef_backup-gem (0.0.1.dev.4)

Updated Components

  • omnibus-ctl (c514d1d4 -> 0.4.1)
  • knife-opc (17d4fc26 -> 528be923)
  • knife-ec-backup (2.0.4 -> 2.0.6)
  • ohai (2accf7e2 -> ffd9a0a0)
  • chef (9a3e6e04 -> 8926514f)

12.1.2 (2015-07-16)

chef-server

  • Fix issue where chef-server-ctl install could not fetch remote packages via apt.

12.1.1 (2015-07-13)

chef-server

  • Fix problems with upgrades from Open Source Chef Server 11 related to client and user uploads.

  • Fix problems with upgrades from Enterprise Chef Server 11 related to a failed chef-mover migration.

  • Upgrade to openssl 1.0.1p

  • Upgrade to libxml 2.9.2

Components

knife-ec-backup

  • Version 2.0.4 pulled in to fix Open Source Chef Server 11 upgrade bugs related to API versioning.

12.1.0 (2015-06-19)

chef-server

  • new self-contained development environment for chef server
  • Remove nested directories from log rotation template
  • Fix local-mode-cache warnings on chef-server-ctl reconfigure: Move the cache_path into /var/opt/opscode to avoid warnings
  • Float Chef and knife-opc on master
  • update chef-sever-ctl key commands to use Chef::Key.
  • Correct path to DRBD split brain notification script.
  • remove SquareSerif font, comm-503 page, and associated resources
  • Server's install of Chef now floats on master.
  • Server's install of knife-opc now floats on master.
  • Remove install message from postinst package script
  • Update chef-server-ctl key commands to use chef-client's Chef::Key object.
  • New gather-log script gathers a lot more debugging information.
  • removed unused error json and html pages. Correct doctype in default landing page.
  • Ensure that postgres shared buffers are calculated correctly
  • Adding support for being able to use external rabbitmq box for data to be sent into analytics. This would mean that miltiple chef-servers could send info into one analytics via external rabbitmq.

Components

oc_erchef

  • API v1 now available
  • API v0 deprecated
  • Update policyfile URLs to match draft RFC
  • significant performance improvements
    • create bulk_fetch_query to replace multiple repeated db calls, return less data, and reference fewer tables.
    • sqerl updates to reduce unncessary requests, and batch all steps of a binding and executing a query into a single call to postgres.
  • X-Ops-Server-API-Info response header now implemented for all API versions
  • [refactor] reduce copy-paste of core functionality by allowing callbacks for response body customization on create/update.
  • dialyze everything - clean dialyzer build
  • enable warnings_as_errors build flag
  • consistency in sql statement loading across chef_db and oc_chef_authz_db.
  • add support for server-side generation of keys via the keys API by accepting create_key: true in the request body.
  • [refactor] consolidated key manipulation and validation to one place in the code.
  • Cookbook Artifacts API interops w/ chef-client and ChefDK
  • Pull in newest folsom and bear to address folsome_graphite crashes.
  • Thanks to @danieldreier for removing satan from the development guide
  • Redact password from actions data, if present.

oc-id

  • interationalization and other improvements to password change
  • don't call home to newrelic unless specifically configured with a newrelic API key
  • fix asset precompile:
    • Use HTTPS rather than git URLs for gems from GitHub
    • Update to latest web core
    • Add assets precompile to Travis CI step
    • Changes to remove deprecation warnings
  • new profile controller and views
  • updated UI using chef-web-core

oc-chef-pedant

  • Versioned testing support for users, clients, principals,and response headers.
  • Bring artifacts & policyfile test into line with final implementation
  • exposed 'server_api_version to tests.

Merged Repositories

12.1.0 is the first release using the new merged repository which contains the following components:

  • opscode-omnibus
  • oc_erchef
  • oc_bifrost
  • oc-id
  • bookshelf
  • opscode-expander
  • chef-mover
  • chef-server-bootstrap

Updated Components

  • zlib (1.2.6 -> 1.2.8)
  • libffi (3.0.13 -> 3.2.1)
  • omnibus-ctl (89423eda -> c514d1d4)
  • postgresql92 (9.2.9 -> 9.2.10)
  • server-jre (7u25 -> 8u31)
  • knife-opc (7bf26f4b -> daec05e7)
  • python (2.7.5 -> 2.7.9)
  • opscode-solr4 (4.5.1 -> 4.9.1)
  • chef (12.0.3 -> 4664b73)

opscode-omnibus

redis 2.8.21

postgresql 9.2.10

  • bugfixes: link
  • CVE-2015-0241: Fix buffer overruns in to_char()
  • CVE-2015-0242: Fix buffer overrun in replacement *printf() functions
  • CVE-2015-0243: Fix buffer overruns in contrib/pgcrypto
  • CVE-2015-0244: Fix possible loss of frontend/backend protocol synchronization after an error
  • CVE-2014-8161: Fix information leak via constraint-violation error messages
  • CVE-2014-0067: Lock down regression testing's temporary installations on Windows

12.0.8 (2015-04-20)

chef-server-ctl

  • Added rspec testing basics for chef-server-ctl commands
  • Updated and added testing for key rotation related chef-server-ctl commands

oc_erchef 1.7.0

  • introduces server api versioning per chef-rfc/rfc-041. As of 1.7.0 the only supported version is 0.
  • significant internal refactoring and cleanup

oc-chef-pedant 2.0.5

  • tests for server api versioning, and by default pass x-ops-server-api-version to the server on all requests.

opscode-omnibus

  • use keys API for key rotation in chef-server-ctl, instead of direct database access.
  • lua routing tests working again
  • travis support enabled
  • centos-7/rhel-7 enabled for local builds

chef-mover

  • now floating on master

12.0.7 (2015-03-26)

oc_erchef 1.6.4

  • Policyfile endpoint URLs updated to match Chef RFC 042
  • Cookbook Artifacts endpoint for policyfiles
  • Miscelaneous build improvements

oc_erchef 1.6.3

  • Search results respect ACLs.

12.0.6 (2015-03-19)

opscode-omnibus

  • Use a cert instead of a public key for pivotal.
  • No longer generate /etc/opscode/pivotal.cert as it is no longer used.
  • Remove the public key we now use for bootstrapping (/etc/opscode/pivotal.pub) post bootstrap so that it only lives in the database.
  • Disable jmxremote in solr4's Java options
  • Configuration options for the key cache are now exposed in /etc/opscode/chef-server.rb

knife-opc 0.3.0

  • Ensure keyfile is writable before creating a user.
  • Add --input option to user-edit command
  • Add user to billing-admins group with --admin is passed
  • Print new private-key when user-edit results in a key generation

bookshelf 1.1.7

  • Uses relx for Erlang application releases
  • Upgraded to lager 2.1.1

oc_bifrost 1.4.6

  • Uses relx for Erlang application releases
  • Upgraded to lager 2.1.1

oc_erchef 1.6.2

  • Uses relx for Erlang application releases
  • Upgraded to lager 2.1.1

chef-server-bootstrap 1.0.1

  • Updated to use public key instead of certificate for pivotal on bootstrap.

oc-chef-pedant 2.0.1

  • Adds tests for keys named get
  • Integrates chef-pedant into oc-chef-pedant.

oc-chef-pedant 2.0.3

  • Adds tests for keys named delete and put

oc_erchef 1.6.5

  • Support to GET, PUT, and DELETE a named key

oc_erchef 1.6.1

  • Integrates schema into oc_erchef itself
  • Adds policyfile validation support
  • License and readme updates

openssl 1.0.1m

  • CVE-2015-0286: Segmentation fault in ASN1_TYPE_cmp fix
  • CVE-2015-0287: ASN.1 structure reuse memory corruption fix
  • CVE-2015-0289: PKCS7 NULL pointer dereferences fix
  • CVE-2015-0293: DoS via reachable assert in SSLv2 servers fix
  • CVE-2015-0209: Use After Free following d2i_ECPrivatekey error fix
  • CVE-2015-0288: X509_to_X509_REQ NULL pointer deref fix

12.0.5 (2014-02-26)

bookshelf 1.1.6

  • Updated to webmachine 1.10.8

oc_bifrost 1.4.5

  • Updated to webmachine 1.10.8

oc-chef-pedant 1.0.79

  • New keys API tests
  • New cookbook artifact API tests

oc_erchef 1.5.0

  • Keys API POST support: /organizations/$ORG/clients/$CLIENT/keys and /users/$USER/keys

oc_erchef 1.4.2

  • the fields external_authentication_uid and recovery_auth_enabled are now preserved on user PUT when they are not provided.

oc_erchef 1.4.1

  • New GET/POST BASE_URL/cookbook_artifacts/NAME/IDENTIFIER endpoint
  • Updated to webmachine 1.10.8

12.0.4 (2014-02-19)

opscode-omnibus

  • nginx bookshelf caching, enabled with opscode_erchef['nginx_bookshelf_caching'] = :on
  • s3 URL expiry window setting, opscode_erchef['s3_url_expiry_window_size'], which can have values in minutes (e.g. "15m"), percentage (e.g. "15%"), or just be :off.
  • Ensure shell metacharacters in arguments to chef-server-ctl user- and org- commands are properly handled.
  • Pull in chef-client 12.0.3.
  • Update rabbitmq cookbook to be compatible with modern chef-client.
  • Update pivotal and knife-ec-backup knife configs to be compatible with modern chef-client.
  • Use chef-client -z instead of chef-solo in the server.

oc_erchef 1.4.0

  • keys API: new GET support for /users/$user/keys and /organizations/$org/clients/$client/keys
  • module epgsql brought up to current.
  • Fix LDAP regressions related to multiple fields, anonymous bind, and group_dn

oc_erchef 1.3.1

  • Add incubation feature for policyfiles. Feature flag off by default.

oc_erchef 1.2.2

  • Add s3_url_expiry_window_size setting for s3 URL caching.

oc-chef-pedant 1.0.76

  • test support for keys API endpoint (GET)

oc-chef-pedant 1.0.75

  • test support for policyfile endpoints

omnibus-ctl 0.3.2

  • Use chef-client -z instead of chef-solo.
  • Reference chef-client via base_path.

knife-ec-backup 2.0.1

  • Added keys table / key rotation support.

ruby 2.1.4

  • Needed for ohai >= 2.

chef-gem 12.0.3

12.0.3 (2015-02-04)

enterprise-chef-common 0.5.1

  • Add preliminary systemd support

enterprise-chef-common 0.5.0

  • Make it possible to pass arbitrary attrs to runit resources

chef-pedant and oc-chef-pedant

  • Updated chef-pedant to 1.0.41, oc-chef-pedant to 1.0.73. These versions have been updated to use RSpec 3.

opscode-omnibus

  • Added key management and rotation commands add-client-key, add-user-key, delete-user-key, delete-client-key, list-client-keys, and list-user-keys.
  • Pulled in Chef 11.18.0. This will fix "ffi-yajl and yajl-ruby gems have incompatible C libyajl libs" warning when running chef-server-ctl commands.
  • Ensure nginx restarts on frontends after lua-related changes
  • Updated nginx's logrotate config with proper log ownership.
  • Nginx logs $http_x_forwarded_for instead of $remote_addr if nginx['log_x_forwarded_for'] is true. The default is false
  • Log an error and exit when DRBD mount attempts are exhausted rather than entering an infinite loop.
  • Fix installation errors caused by PERL5LIB environment variable
  • chef-server-ctl now returns non-zero exit codes for errors during user and organization-related commands.
  • Use -D for --download-only option in chef12-upgrade-download command, avoiding option name conflict.

oc_erchef 1.2.0

  • add basic multikey/key rotation support. This is not yet exposed via the REST API, but is being used within oc_erchef itself.

oc_erchef 1.1.1

  • Updated sqerl version to pull in more current epgsql dependency
  • Pulled repos chef_db, chef_index, chef_objects, depsolver, oc_chef_authz, and oc_chef_wm into apps in oc_erchef.
  • Pulled chef_wm into oc_chef_wm.
  • Updated integration tests, and got integration and unit tests running in Travis CI.
  • Remove array merging in chef_deep_merge, fixing incorrect search results for arrays.

opscode-chef-mover 2.2.19

  • Updated mover to pull in oc_erchef since some dependencies where moved there.

enterprise-chef-server-schema 2.4.1

  • Use HTTPS instead of GIT to pull down dependencies in Makefile.

opscode-omnibus

  • merged oc_erchef configuration sections for chef_wm into oc_chef_wm

12.0.2 (2015-01-27)

chef-mover 2.2.20

  • Fix bug that can cause long-running migrations to hang indefinitely

private-chef-cookbooks

  • Expose configurable value for database bulk fetch batch size to use during Solr 4 migrations

12.0.1 (2014-12-17)

oc-id

  • Update to version 0.4.4 to patch a doorkeeper CSRF vulnerability

chef-mover

  • update to version 2.2.17, with better failure case handling and increased timeouts.

oc-chef-pedant 1.0.68

  • pin mixlib-shellout to 1.6.1

opscode-omnibus

  • pin mixlib-shellout to 1.6.1
  • added new group_dn ldap attribute to require users to be in the named group.
  • Refactored superuser bootstrap process to use new chef-server-bootstrap repository instead of opscode-test, which pulled in a variety of now deprecated ruby repositories.
  • Update location/name of Chef’s public GPG key.
  • Fetch chef-server-ctl man page directly from chef-docs repo.

chef-server-bootstrap 1.0.0

  • Repository that replaces opscode-test, allowing us to deprecate several old ruby repositories.

oc_erchef 0.30.0

  • module chef_wm merged into oc_chef_wm
  • support for ldap user search including memberOf group, via attribute group_dn

12.0.0 (2014-11-25)

enterprise-chef-common 0.4.7

  • Restart logging service on log configuration change

enterprise-chef-common 0.4.6

  • Make project-ctl configurable by name

omnibus-ctl 0.3.1

  • Exclude gz files from tail

private-chef-cookbooks

  • Add ip_mode and normalize_host for ipv6 configuration
  • Add configuration for queueing in pooler
  • Expose db_timeout for sqerl in Erchef, bifrost and mover as a parameter that can be set in the "/etc/opscode/chef-server.rb" file for convenience. By default there is a hard coded value of 5 seconds (5000ms) as per: sqerl_client.erl
  • Select appropriate default port for LDAP and LDAPS (when encryption is selected, as previously user had to manually add port to make it work).
  • Expose proxy_connect_timeout for Nginx when it connects to the backends, so it can be adjused. The hard coded default might not be sufficient in some cases.
  • Expose folsom_graphite configuration, default to disable
  • Move Postgres database stop/start out of migrations
  • Gracefullly attempt to start the database during migrations

opscode-omnibus

  • Add ability to configure SQL query timeout for Erchef, bifrost and mover.
  • Provide reasonable default for LDAP and LDAPS ports.
  • Deprecate ldap "encryption" setting and replace with ssl_enabled/tls_enabled. Add further validation and basic checks around ldap settings, as well as deprecation warnings.
  • Add ability to configure timeout for connect() when connecting to backends.

oc_erchef 0.29.4

  • fix issue in which local mode auth was not handled correctly, preventing accounts on an LDAP server from being associated with existing Chef Server accounts when the login name differed.

oc-chef-pedant 1.0.67

  • Modify test of local mode authentication to be correct

oc-chef-pedant 1.0.66

  • Turn org creation validation off by default

12.0.0.rc6 (2014-11-11)

oc-chef-pedant 1.0.65

  • Add test for /organizations/:org_id/ANY/_acl endpoint

oc-chef-pedant 1.0.64

  • Add coverage for /users/USER/organizations endpoint

oc-chef-pedant 1.0.63

  • additional test for proper behavior when attempting to remove an org's admin.
  • Update tests to reflect that clients no longer have C/U/D permissions on data bags by default.

oc-chef-pedant 1.0.62

  • Fix for consistent return values in oc_erchef

oc_erchef 0.29.3

  • route /organizations/:org_id/ANY/_acl endpoint

oc_erchef 0.29.2

  • set default client ACLs for data bags to read-only. See Release Notes for i important related details.
  • correct message logging in org-user association/disassociation process
  • new /controls endpoint in support of upcoming client features

oc_erchef 0.29.1

  • revert functionality change where erchef version of /users/X/organizations endpoint no longer returned "guid" field. This field is used by internal products in our hosted environment and cannot yet be removed.
  • fix regression in which organization user was partially removed even though removal was disallowed because user is an admin.
  • update actions to support capture of acl activity

oc_erchef 0.29.0

  • Internal placeholder we used to indicate our hosted product switch from Erlang R15B03-1 to R16B03-1. Note that R16B03-1 has been included in CS12 since the first RC.

oc_erchef 0.28.5

  • update sqerl to use queuing-enabled pooler API
  • update pooler to 1.3.3, which adds queueing support

oc_erchef 0.28.4

  • Add folsom-graphite dependency (used for runtime stats gathering)

oc_erchef 0.28.3

  • fix regression that broke org caching
  • Org support in postgres
  • Reindexing support to check redis flags
  • Fix typo in darklaunch interrogation

oc_id

  • Set VERSION environment variable on database migrations to avoid conflict during upgrades

opscode-omnibus

  • changes to addon installs to default to lucid when current ubuntu codename isn't in the accepted list (to support installs on 14)
  • added apt-transport-https package in case it was missing from the system (packagecloud requires it)
  • created chef-server.rb during install to cut down on user confusion
  • [opscode-omnibus-597] Limit postgresql shared memory usage to stay under SHMAX
  • Change postgres effective_cache_size to 50% of available RAM instead of hard coding at 128MB
  • updated references to omnibus-ruby repo to be omnibus
  • changelog - fix markdown formatting errors
  • changelog - added this changelog note

private-chef-cookbooks

  • [OC-11769] make oc_chef_authz a tunable in private-chef.rb
  • Fix oc_chef_authz timeout tunable
  • Make postgresql slow query logging configurable
  • Fix missing resources on API HTML pages
  • Fixed the default value for Postgres effective_cache_size
  • Adjust perms to 0750 for all service's log dir
  • Add and use new perms attribute
  • Add an OmnibusHelper method to provide an owner and group hash

chef-server-ctl

  • Partition server start/stop in upgrade process
  • Changed commands org-associate and org-dissociate to org-user-add and org-user-remove, respectively.
  • Update password command to use knife-opc so as to work post-removal of mixlib-authorization.

12.0.0.rc5 (2014-10-17)

openssl - 1.0.1j

  • SRTP Memory Leak (CVE-2014-3513)
  • Session Ticket Memory Leak (CVE-2014-3567)
  • Build option no-ssl3 is incomplete (CVE-2014-3568)

opscode-omnibus

  • properly configure ldap under erchef, and add some safeguards against incorrect encryption configuration.
  • oc_erchef updated to 0.27.4
  • Bump the chef_max_version to 12 (this is the max chef client version that Chef Server will accept)
  • expose license configuration options
  • Add man page for chef-server-ctl.
  • Correct gather-logs to point to chef-server.rb
  • Disable SSLv3 support in nginx
  • Added command line options to open-source-to-chef-server-12 upgrade for finer-grained control of migration process

oc_erchef 0.27.7

  • Improve error handling in org creation and deletion.

oc_erchef 0.27.6

  • Fixed pooler bug with regard to timed out pool member starts

oc_erchef 0.27.5

  • Add org info to actions

oc_erchef 0.27.4

  • ldap start_tls support
  • ldap simple_tls support
  • support for correctly looking up users by external auth id
  • fix for GET of org users not returning correct state record, resulting in requests not properly terminating

oc_erchef 0.27.3

  • Fix meck dependency locking issue.

oc_id 0.4.2

  • Add support for Chef signed headers in Resource Owner Password Credentials flow
  • Add new endpoint (/v1/me/organizations) to get the list of organizations for the user represented by a Bearer token
  • Update doorkeeper gem to 1.4.0
  • Add support for Resource Owner Password Credentials flow

opscode-chef-mover 2.2.15

  • Clean up error handling for org user associations and invites migrations
  • Fix backwards compatibility issues with oc_chef_authz intergration

rest server API

  • removed check for maximum client version (only checks for minimum, i.e., <10)
  • updated server flavor from 'ec' to 'cs' (Chef Server) now that servers have been merged

chef-server-ctl

  • Restricted chef-server-ctl install to known Chef packages
  • Correct show-config command/recipe to point at chef-server.rb instead of private-chef.rb
  • Updated knife-opc config so that user / org / association commands now work if non-default ports are used.
  • re-enable ctrl+c for chef-server-ctl commands by setting "client_fork false" in solo.rb

omnibus-ctl 0.3.0

  • Extended API with add_command_under_category, that allows ctl projects to group commands under categories, resulting in more logical help output.
  • Added concept of hidden services that hides certain services from those listed in chef-server-ctl status.
  • Any service (even hidden ones) can still be status checked via chef-server-ctl status <service>.
  • opscode-chef-mover was added as a hidden service.

oc-chef-pedant 1.0.60

  • add support for ssl version configuration

oc-chef-pedant 1.0.59

  • Fix rspec deprecations
  • Remove test of curl

12.0.0.rc4 (2014-09-17)

opscode-omnibus

  • Ensure contents of install dir (/opt/opscode) are owned by root.
  • Configure oc-chef-pedant ssl version to match nginx

12.0.0

Renamed chef server core instead of Private Chef or Enterprise Chef.

opscode-omnibus

  • Change to using /etc/opscode/chef-server.rb from /etc/opscode/private-chef.rb
  • Symlink private-chef.rb to chef-server.rb if private-chef.rb is present

bookshelf 1.1.4

  • Erlang R16 support

cacerts 2014/08/20

  • Update to latest cacerts as of 2014/08/20

chef-ha-plugin

  • Add support for pluggable high availability system

chef-sql-schema removed

  • We use a sqitch based schema instead.

couchdb removed

  • We are pleased to announce that we have migrated all data over to sql.

enterprise-chef-server-schema 2.4.0

  • Updates org_migration_state table with migration_type and verification
  • Update org_migration_state with support for solr 4 migration
  • Cleans up reporting schema info table
  • Clean up Makefile to preserve PATH variable
  • Update password hash type for OSC password hash types
  • Fix constraints for org_user_assocations and org_user_invites
  • Add tables for organizations, org_user_associations, and org_user_invites

erlang R16B03 added

  • Replaced R15, which was only used by the services we removed.

knife-ec-backup

  • Add support for tools to backup and restore from chef servers.

oc-chef-pedant 1.0.57

  • Remove /system-recovery endpoint tests
  • Enhance test coverage for user-org association
  • Update acl, organization and association tests for ruby-erlang differences
  • Add tests for
    • authenticate_user endpoint
    • users email validation
    • superuser access
    • certs in pubkey field for user
    • default organization rewriting
    • verify-password

oc_authz_migrator removed

  • oc_authz_migrator is no longer needed

oc_erchef updated to 0.27.3

oc_erchef 0.27.3

  • Organizations in erchef and in sql
  • organization association and invites in erchef and sql

oc_erchef 0.26

  • Initial low level work for organizations and associations in SQL
  • Improve reindexing script
  • ACL endpoint in erchef
  • Add chef action data_payloads

oc_erchef 0.25

  • Add default organization support for OSC compatibility
  • Add license endpoint support
  • Add global placeholder org macro.
  • System recovery endpoint work: Fix so recovery_authentication_enabled is correct for new users
  • Add internal chef keygen cache to replace opscode-certificate service.
  • do not force user key type to public on regeneration
  • Bugfix for concurrent cookbook uploads
  • Automatically upgrade user password salt algorithm on auth
  • Cleanups for user password encryption
  • Groups endpoing in sql and in erchef
  • Update authenticate_endpoint for LDAP
  • Update chef users email validation and filtering
  • Add chef users endpoint.

opscode-account removed

  • The last remaining endpoints (organizations, and user-org association and invites) are entirely implemented in erchef now.

opscode-certificate removed

  • This is replaced by the keygen service in erchef.

opscode-chef-mover 2.2.14

  • Organizations, user-org association, and user-org invite migrations from couchdb to SQL
  • Migration of global containers and global groups from couchdb to SQL
  • Backwards incompatible API change: Group creation (POST) ignores users and clients
  • Containers and groups migration from couchDB to postgreSQL
  • Bcrypt user migrations
  • Solr4 migration
  • Generalized migrate scripts and other code to be migration_type agnostic
  • Improved support for non-org based migrations
  • Update for Erlang R16

opscode-org-creator removed

  • Erchef no longer needs multi-phase organization create; direct creation is sufficient.

opscode-platform-debug and orgmapper removed

  • Orgmapper is no longer useful after migrations to SQL are complete.

Replace solr 1.4 with solr 4

  • Upgrade to solr 4.

Remove opscode-webui.

  • It is superceded by the opcsode-manage package

postgresql 9.1 removed

private-chef-administration

  • Removed. Docs can be found at docs.chef.io

private-chef-cookbooks

  • Introduce pluggable HA architecture as an alternative to DRBD
  • [OC-10117] opscode-solr4 accepts Java-like memory attributes
  • [OC-11669] keepalived safe mode

ruby updated to 1.9.3-p547

  • Update is from 1.9.3-p484

unicorn removed

  • No longer needed because opscode-account is gone

chef-server-ctl

  • Renamed from private-chef-ctl
  • Added chef-server-ctl upgrade command to support migrations from the open source chef 11 server
  • Added tooling to manage users and orgs from the command line via knife-opc
  • Added chef-server-ctl install command to install chef add-on packages (via web or local file)
  • Clarify the use of the --path options for the install subcommand

omnibus-ctl

  • [OC-10470] Allow private-chef-ctl status to ignore disabled services.
  • [OC-11574] private-chef-ctl service commands should be HA aware
  • [OC-9877] exclude binary files and archives from *-ctl tail

11.2.2 (2014-09-17)

opscode-omnibus

  • Ensure contents of install dir (/opt/opscode) are owned by root.

11.2.1 (2014-08-29)

enterprise-chef-common

  • Update to 0.4.5
  • Fix issue where 'private-chef' was being changed to 'private_chef' unexectedly in upstart/runit files

11.2.0 (2014-08-29)

Makefile

  • Add Makefile for automating builds

adding actions_payload 2014.08.15

  • [CA-555] Update 11.1-stable oc_erchef with latest oc_chef_action

postgresql 2014.07.29

  • [OC-11672] Upgrade PostgreSQL to 9.2.9

enterprise-chef-common 2014.07.21

  • [OC-11575] Don't start services by default in HA topology
  • Update to 0.4.4

oc_chef_actions 2014.07.03

  • Update to latest of oc_chef_action to get hostname from fqdn instead of inet
  • Setting the CHEF_ACTIONS_MESSAGE_VERSION to 0.1.0
  • Sets ['dark_launch']['actions'] = true

cacerts 2014.04.22

  • Update to latest cacerts as of 2014-04-22

chef 11.12.2

  • Update embedded chef gem to 11.12.2

opscode-platform-debug rel-0.5.1

  • Add authz API support

opscode-software

  • Refactor PERL Postgres driver installation

private-chef-cookbooks

  • [analytics] Copy webui_priv into opscode-analytics if actions is enabled
  • [OC-11297] Tweak partybus migration-level subscribes for a more reliable workaround
  • [OC-11459] Allow opscode-manage to easily be moved off of 443
  • [OC-11540] Fix invalid opscode-account config when forcing SSL
  • [OC-11601] Fix a race condition that sometimes caused redis_lb to attempt to reconfigure itself before it was restarted.
  • [OC-11668] Enable ipv6 in standalone mode
  • [OC-11673] Tune PostgreSQL keepalive timeouts
  • [OC-11710] Fix couchdb compaction log rotation
  • Add bifrost_sql_database uri to orgmapper.conf
  • [OC-11585] Allow ['lb']['upstream'] to have a custom setting
  • [CHEF-3045] increase s3_url_ttl from 15m to 8h
  • Use SSL port for lb_internal if non-SSL is disabled
  • Lock down postgresql

private-chef-ctl

  • Add a gather-logs command to create a tarball of important logs and system information for Chef Support
  • [OC-9877] Fix bug that included binary files and archives when using 'private-chef-ctl tail'

oc-id 0.3.3

  • Add Chef Identity Service (oc-id)

openssl 1.0.1i

  • Fix for CVE-2014-3512
  • Fix for CVE-2014-3511
  • Fix for CVE-2014-3510
  • Fix for CVE-2014-3507
  • Fix for CVE-2014-3506
  • Fix for CVE-2014-3505
  • Fix for CVE-2014-3509
  • Fix for CVE-2014-5139
  • Fix for CVE-2014-3508

rabbitmq 3.3.4

  • Upgrade to RabbitMQ 3.3.4

opscode-account rel-1.51.0

  • [OC-11702] - fails to expand ACLs and groups when they contain groups that no longer exist
  • [OC-11708] - fixes user association bug that relied on permissions of the last updater of the users group

11.1.8 (2014-06-26)

oc_authz_migrator 0.0.2

  • exit immediately on errors

11.1.7

private-chef-cookbooks

  • [OC-11499] Use more strict regular expression for IP check in ha-status
  • [OC-3107] Ensure CouchDB compaction cron job does not run on passive backend.
  • [OC-11601] Restart redis_lb immediately during reconfigure
  • [OC-11490] Explicitly set keepalived directory ownership
  • [OC-11297] EC 11 fresh install not saving migration state
  • [OC-11656] Set explicit owner and group for services without them
  • Address a PostgreSQL configuration error. The defect allows any local user on the system hosting the Chef Server’s PostgreSQL components full access to databases.
  • [OC-11662] Separate redis_keepalive_timeout from redis_connection_timeout and increase their default values from 60ms to 1000 and 2000ms, respectively.

private-chef-ctl

  • [OC-11657] Bump default svwait timeout of 7 seconds to 30 seconds
  • [OC-11382] keepalived restart interferes with upgrades
  • [OC-8881] private-chef-ctl password does not work

configurable postgresql unix user

  • Update gather-logs and migration scripts to honor postsgresql['username']

11.1.6 (2014-06-05)

openssl 1.0.1h

private-chef-cookbooks

  • [OC-11581] private-chef-ctl test command should return the pedant return code

11.1.5 (2014-05-14)

oc_erchef 0.24.6

  • rename oc_actionlog to actions

private-chef-cookbooks

  • Use dark launch to enable Chef Actions (default: off)
  • Write out Actions configuration file for use by opscode-analytics

11.1.4 (2014-05-07)

oc-chef-pedant 1.0.29

  • Add tests for superuser password authentication

opscode-account rel-1.49.0

  • Prevent password authentication for pivotal superuser

opscode-platform-debug rel-0.4.6

  • Remove legacy chargify code
  • Updated knifetests to work with the latest reporting API

private-chef-cookbooks

  • platform_family fixes to couchdb and drbd cookbooks
  • Set random initial password for pivotal user on bootstrap

11.1.3 (2014-04-09)

berkshelf

  • new dep: libffi
  • new dep: libarchive

curl 7.36.0

  • CVE-2014-0138: libcurl can in some circumstances re-use the wrong connection when asked to do transfers using other protocols than HTTP and FTP
  • CVE-2014-0139: libcurl incorrectly validates wildcard SSL certificates containing literal IP addresses when built to use OpenSSL
  • CVE-2014-1263: When asked to do a TLS connection (HTTPS, FTPS, IMAPS, etc) to a URL specified with an IP address instead of a name, libcurl built to use Darwinssl would wrongly not verify the server's name in the certificate
  • CVE-2014-2522: When asked to do a TLS connection (HTTPS, FTPS, IMAPS, etc) to a URL specified with an IP address instead of a name, libcurl built to use Winssl would wrongly not verify the server's name in the certificate

chef

  • upgrade to version 11.10.4

erlang

  • upgrade to r15b03-1

nokigiri

  • upgrade to nokigiri 1.6.1

libyaml 0.1.6

  • CVE-2014-2525: Heap-based buffer overflow allows context-dependent attackers to execute arbitrary code

oc_erchef 0.24.2

  • add oc_chef_action to oc_erchef (support for opscode-analytics actions package)

openssl 1.0.1g

  • CVE-2014-0160: heartbeat extension allows remote attackers to obtain sensitive information from process memory

opscode-account 1.48.0

  • fix USAG and organization creation for sql
  • fix bug where billing-admins creation crashed for sql
  • gracefully fail association request if org is in 504 mode
  • speed up internal org-creation by removing Couchdb _all_dbs call
  • check org _route endpoint for groups darklaunch during org creation
  • fix schema constraint bug during LDAP user creation

opscode-webui 3.8.13

  • Ruby on Rails security updates

postgresql

  • upgrade to 9.2.8

private-chef-cookbooks

  • Increase postgresql max_connections to 350 to handle 4 node cluster
  • Manage permissions for /var/log/opscode for non 0022 umasks

private-chef-ctl

  • Remove incorrect mention of heartbeat_device from ha-status output.

chef-pedant 1.0.27

  • added CLI options for running /internal-organization endpoint tests
  • added tag for running organization tests
  • add association tests to tags list

oc-chef-pedant 1.0.28

  • added test coverage for /organization and /internal-organization endpoints
  • added association framework and tests

11.1.2 (2014-02-28)

posgresql

  • Add ossp-uuid extension to Postgres 9.2

libossp-uuid 1.6.3

  • Add libossp-uuid library for Postgres

private-chef-cookbooks

  • Configure oc_actionlog in oc_erchef and rabbit
  • Remove :session and :environment from webui exception emails
  • Add internal /_routes endpoint to load balancer

11.1.1 (2014-02-17)

private-chef-cookbooks

BUGFIXES

  • remove banned/whitelist IP checking from OpenResty Lua config that breaks ipv6 clients

11.1.0 (2014-02-06)

omnibus-ruby 1.3.0

omnibus-software 3d9d097332199fdafc3237c0ec11fcd784c11b4d

  • [keepalived] update to 1.2.9 + patch for Centos 5.5
  • [perl] generate an Omnibus-friendly CPAN config
  • [openssl] CVE-2013-4353/CHEF-4939 - tls handshake causes null pointer in OpenSSL
  • [berkshelf] update to 2.0.12
  • [libyaml] CVE-2013-6393 - update libyaml to 0.1.5

redis-rb 3.0.6

  • Add redis gem for reconfigure management of redis install

openresty-lpeg 0.12

  • Add Lua lpeg library for use in refactored openresty routing config

redis 2.8.2

  • Add back in for use in openresty routing config

bookshelf 1.1.3

  • Remove request logging, which causes backups and crashing under heavy load

enterprise-chef-server-schema 2.2.3

  • Add containers table
  • Add new enum type and columns for user password hash
  • Add groups table
  • Add index for opc_users(customer_id) (improves delete performance)

oc-chef-pedant 1.0.25

  • [CHEF-4086] Add tests for cookbook version host header changes
  • Add tests to validate newly created organizations
  • Updates to /containers endpoint tests for ruby / erlang switching
  • Updates to /groups endpoint tests for ruby / erlang switching
  • Use IPV6-compatible rest-client gem for testing IPV6
  • Add tests for /users/:user/_acl endpoint
  • Update /principals endpoint tests for pushy updates

oc_bifrost 1.4.4

  • Add IPV6 support
  • Use shared opscoderl_wm to pull in webmachine dependency

oc_erchef 0.23.0

  • [CHEF-4086] Add configurable host for S3 pre-signed URLs
  • Refactor chef_objects, chef_db, and chef_wm to support non-open-source features
  • Add support for SQL/Erlang /containers endpoint (not migrated)
  • Add support for SQL/Erlang /groups endpoint (not migrated)
  • Convert all configuration fetching code to use envy library
  • Remove REST API for darklaunch
  • Add containers API docs to oc_erchef code base
  • Remove caching of search-related database responses
  • Remove fast_log and replace with lager
  • Add IPV6 support
  • Differentiate between 404s for missing principal vs. missing org

opscode-account rel-1.43.0

  • Remove SQL switching code for migrated objects
  • Support container objects in SQL
  • Support group objects in SQL
  • Remove obsolete clients controller
  • Encrypt user passwords with bcrypt
  • BUGFIX: allow non-admin users to leave organizations
  • Remove UPDATE from containers API
  • Add IPV6 support
  • BUGFIX: fix Ace.new method in #update_user_ace
  • BUGFIX: don't log password changes in plain text
  • BUGFIX: /organizations API can't show billing admins group

sqitch

  • Ensure sqitch uses an Omnibus-specific CPAN config

private-chef-cookbooks

  • [keepalived] Adjust command syntax for 1.2.9
  • [erchef / bookshelf] Add s3_external_url configuration
  • [all] Add IPV6 address support
  • [nginx] Add ipv6only option to listen directive
  • [sysctl] Force net.ipv6.bindonly to 0
  • [opscode-certificate] Run certificate service on front-ends
  • [redis] Add redis back into EC build (name redis-lb)
  • [enterprise-chef-server-schema] Add schema upgrade for bcrypt user password support
  • [openresty] Add lua-based upstream routing
  • [oc_bifrost] Use opscoderl_wm logging
  • [oc_erchef] Replace fast_log with lager
  • [oc_erchef] Remove deprecated use of db_type for sqerl config
  • [configuration] Increment api_version for release 11.0.0 -> 11.1.0
  • [opscode-certificate] Make sure :restart action occurs on all nodes
  • [keepalived] Fixes for keepalived.conf to work with 1.2.9 unicast
  • [bookshelf] Turn off request logging