Chef Blogs

Chef Compliance 0.9.10 Release

Christoph Hartmann | Posted on | compliance | release | Releases

Chef Compliance 0.9.10 is now available from the Chef downloads site. This is a minor release update which is recommended for all users of Chef Compliance. Here are the enhancements and bug fixes added since the 0.9.6 release:

Enhancements:

  • Allow private keys to be updated
  • Report scan failures in API and UI
  • Reports: split unreachable nodes from ordinary results
  • Failure states in node report
  • Allow user edit to save without having to enter a password
  • Adjust to InSpec’s new exit status on failed scans
  • core: add “not in sudoers file” error
  • Include timezone in date formatting
  • Show success/failure messages after UI actions
  • Autofocus on first text input of form pages
  • Add required fields and cancel buttons
  • Pass backend-related inspec config via JSON
  • Show Chef Compliance Version in the UI
  • Reject scheduled jobs with one-off date in the past and show error
  • Improve tarball/zip archive handling
  • Provide documentation of how to find logs in Chef Compliance
  • Create docs for Chef-Compliance upgrade

Fixed bugs:

  • Editing another user’s password logs current user out
  • avoid job schedule test to fail in January
  • can’t upload profiles without the legacy metadata.rb
  • also use inspec.yml for finding profile root
  • scans fail after upgrading to 0.9.9
  • Password seems required when editing nodes that use ssh/winrm password auth
  • Fix connectivity failures when using sudo passwords
  • not requiring password on node edit.
  • remove 404 API call by the Settings page
  • UI: keys list not refreshed after add/remove
  • UI displays node identification via id instead of hostname+port as backdrop of name
  • 401 Unauthorized API response should trigger dashboard redirect to login page
  • UI: no user feedback on profile upload error
  • un-hide errors in chef-compliance.rb handling
  • Resource registry_key { should_not exist } unavailable
  • display node name in scan report instead of ID
  • inspec: redact passwords (login/sudo) in “this is the command line” log
  • shared/backend_sshcmd: mask password from shellout

This release also includes InSpec 0.9.9. The full changelog can be found here.

Upgrade instructions for Chef Compliance are found here.