Blog Archives

Curry Bot Label Issues – Public Postmortem Meeting

Earlier today we had an issue where Curry Bot added and removed the “Signed CLA” label from a number of pull requests every few seconds causing disruption to workflow and even locking users out of at least one pull request.

Release: Chef Development Kit 0.2.0 – Windows support and more

Today we have released a new version for Chef Development Kit a.k.a. Chef DK. The biggest highlight of this release is the Windows support. Starting with version 0.2.0 Chef DK is now supported on Windows.

Enterprise Chef Server Reporting Addon 1.1.3 Release

Reporting 1.1.3 is a bug-fix release to address a regression introduced by Enterprise Chef Server 11.1.8 that contains tightened permissions to Postgresql.

Berkshelf v2 Outage Postmortem

The new Supermarket site became the official community site on Monday, July 7th, 2014 at 12:15 PM PDT. Shortly after the cutover we were made aware that the change broke compatibility with Berkshelf v2.x. This interrupted people’s ability to get

Berkshelf v2 Outage and Intermittent Supermarket Unresponsiveness – Public Postmortem Meeting

Earlier today, we made Supermarket the official community site and the source of http://api.berkshelf.com. About 30 minutes after the transition to the new site was complete we started to get a few reports of issues with Berkshelf v2.x reporting errors.

COOK project moving to GitHub Issues

Ohai Chefs! Due to popular demand, Chef Software is moving its COOK project issue management away from JIRA and onto GitHub issues. This will help us streamline our contribution process, making it easier for the community to submit contributions to

Chef & Rails CVE-2014-3482

At 17:11 UTC, the Rails security team publicized CVE-2014-3482 and CVE-2014-3483. In short, this vulnerability is related to the PostgreSQL adapater in ActiveRecord. A bug in the SQL quoting code could allow an attacker to carefully craft a request and

Changes to the Contributor License Agreement Process

With the soft-opening of Supermarket, we updated the process for signing a Contributor License Agreement, CLA. Supermarket has already started tracking CLAs. Unfortunately, because of the way this data has been stored in the past, we were not able to

Supermarket HTTPS Redirect Postmortem

Ohai Chefs! The new community site, Supermarket, was soft-launched in "beta" on Tuesday, June 17. When it was launched, we weren't enforcing HTTPS/SSL for the site. Yesterday, we deployed a change to enforce redirection from HTTP to HTTPS at the

Supermarket HTTPS Redirect – Public Postmortem Meeting

Earlier today, we deployed a change to force http->https redirect for Supermarket. During the deployment, the load balancer was incorrectly configured, causing Supermarket to be unavailable. At Chef, we conduct postmortem meetings for outages and issues with the site and

Archives