## New Software ### `kitchen-vcenter` We now include the [`kitchen-vcenter`](https://github.com/chef/kitchen-vcenter) plugin for Test Kitchen. This is the official Chef Test Kitchen plugin for the VMware REST API. This plugin gives Test Kitchen the ability to create, bootstrap, and test VMware vms. ### `knife-azure` We now include the [`knife-azure`](https://github.com/chef/knife-azure) plugin for Knife. This plugin is used to create, delete, and enumerate Microsoft Azure resources to be managed by Chef. ### `knife-vcenter` We now include the [`knife-vcenter`](https://github.com/chef/knife-vcenter) plugin for Knife. This is the official Chef Knife plugin for the VMware REST API. This plugin gives Knife the ability to create, bootstrap, and manage VMware vms. ## Software Updates ### `chef` CLI The `chef -v` command has been updated to run much faster. Yay! ### Chef Infra Client Chef Infra Client has been updated from 15.2 to 15.3 with updated resources, a new way to write streamlined custom resources, and updated platform support! See the [Chef Infra Client 15.3 Release Notes](https://discourse.chef.io/t/chef-infra-client-15-3-14-released/15909) for a complete list of the new and improved functionality. ### Chef InSpec Chef InSpec has been updated from 4.10.4 to 4.16.0 with the following changes: * A new `postfix_conf` has been added for inspecting Postfix configuration files. * A new `plugins` section has been added to the InSpec configuration file which can be used to pass secrets or other configurations into Chef InSpec plugins. * The `service` resource now includes a new `startname` property for determining which user is starting the Windows services. * The `groups` resource now properly gathers membership information on macOS hosts. See the [Chef InSpec 4.16.0 Release Notes](https://discourse.chef.io/t/chef-inspec-4-16-0-released/15818) for more information. ### Chef Workstation App Chef Workstation App has been updated with the following changes: * Updated all dialog windows to match the Chef design. * Removed the menu (file, edit, etc.) from Windows to match the style guide. * Fixed the About Chef Workstation Page links (Package Details, License Agreement, and Release Notes). * Fixed the update interval so it automatically notifies about new releases. * Fixed the "Switch To Channel" button. ### Cookstyle Cookstyle has been updated from 5.1.19 to 5.6.2. This update brings the total number of Chef cops to 94 and divides the cops into four separate departments. The new departments make it easier to search for specific cops and to enable and disable groups of cops. Instead of just "Chef", we now have the following departments: - `ChefDeprecations`: Cops that detect (and in many cases correct) deprecations that will prevent cookbooks from running on modern versions of Chef Infra Client. - `ChefStyle`: Cops that will help you improve the format and readability of your cookbooks. - `ChefModernize`: Cops that will help you modernize your cookbooks by including features introduced in new releases of Chef Infra Client. - `ChefEffortless`: Cops that will help you migrate your cookbooks to the Effortless pattern. These are disabled by default. You can run cookstyle with just a single department: ```bash cookstyle --only ChefDeprecations ``` You can also exclude a specific department from the command line: ```bash cookstyle --except ChefStyle ``` You can also disable a specific department by adding the following to your .rubocop.yml config: ```yaml ChefStyle: Enabled: false ``` See the [Cookstyle cops documentation](https://github.com/chef/cookstyle/blob/master/docs/cops.md) for a complete list of cops included in Cookstyle 5.6. Going forward, Cookstyle will be our sole Ruby and Chef Infra cookbook linting tool. With the release of Cookstyle 5.6, we're officially deprecating Foodcritic and will not be shipping Foodcritic in the next major release of Chef Workstation (April 2020). See our [Goodbye, Foodcritic blog post](https://blog.chef.io/goodbye-foodcritic/) for more information on why Cookstyle is replacing Foodcritic. ### `kitchen-ec2` `kitchen-ec2` has been updated from 3.1.0 to 3.2.0. This adds support for Windows Server 2019 and adds the ability to look up security group by `subnet_filter` in addition to `subnet_id`. ### `kitchen-inspec` `kitchen-inspec` has been updated from 1.1.0 to 1.2.0. This renames the `attrs` key to `input_files` and `attributes` key to `inputs` to match InSpec 4. The old names are still supported but issue a warning. ### `knife-ec2` `knife-ec2` has been updated from 1.0.12 to 1.0.16. This resolves the following issues: * Fix argument error for --platform option [#609](https://github.com/chef/knife-ec2/pull/609) ([dheerajd-msys](https://github.com/dheerajd-msys)) * Fix for Generate temporary keypair when none is supplied [#608](https://github.com/chef/knife-ec2/pull/608) ([kapilchouhan99](https://github.com/kapilchouhan99)) * Color code fixes in json format output of knife ec2 server list [#606](https://github.com/chef/knife-ec2/pull/606) ([dheerajd-msys](https://github.com/dheerajd-msys)) * Allow instances to be provisioned with source/dest checks disabled [#605](https://github.com/chef/knife-ec2/pull/605) ([kapilchouhan99](https://github.com/kapilchouhan99)) ### Test Kitchen Test Kitchen has been updated from 2.2.5 to 2.3.2 with the following changes: * Add `keepalive_maxcount` setting for better control of ssh connection timeouts. * Add `lifecycle_hooks` information to `kitchen diagnose` output. ### `knife-google` The knife-google plugin has been updated to 4.1.0 with support for bootstrapping Chef Infra Client 15 and also includes a new ``knife google image list command`` which lists project and public images. For example `knife google image list --gce_project "chef-msys"`: ``` NAME PROJECT FAMILY DISK SIZE STATUS kpl-w-image chef-msys windows 60 GB READY centos-6-v20190916 centos-cloud centos-6 10 GB READY centos-7-v20190916 centos-cloud centos-7 10 GB READY coreos-alpha-2261-0-0-v20190911 coreos-cloud coreos-alpha 9 GB READY coreos-beta-2247-2-0-v20190911 coreos-cloud coreos-beta 9 GB READY .... .... .... ``` ## Security Updates ### Git Git has been updated from 2.20.0 to 2.23.0 on Windows and from 2.14.1 to 2.23.0 on non-Windows systems. This brings the latest git workflows to our users who do not have it installed another way and fixes two CVEs: * non-Windows systems: [CVE-2017-14867](https://www.cvedetails.com/cve/CVE-2017-14867/) * Windows systems: [CVE-2019-1211](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1211) ### Nokogiri Nokogiri has been updated from 1.10.2 to 1.10.4 in order to resolve [CVE-2019-5477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5477) ### OpenSSL OpenSSL has been updated from 1.0.2s to 1.0.2t in order to resolve [CVE-2019-1563](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1563) and [CVE-2019-1547](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1547). ### Ruby Ruby has been updated from 2.6.3 to 2.6.4 in order to resolve [CVE-2012-6708](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6708) and [CVE-2015-9251](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9251). ## Removals ### `chef verify` Removed the `chef verify` subcommand. This command has been deprecated with a warning for a long time and should not have been used by users. It is an internal command used to test the components included in Chef Workstation. Instead, we extracted it to scripts run by our CI system, which is where it should have been the whole time. ## Platform Support Updates ### macOS 10.15 Support Chef Workstation is now validated against macOS 10.15 (Catalina). Additionally, Chef Workstation will no longer be validated against macOS 10.12.