CFEngine 3.19 released - Collaboration

December 10, 2021

Today, we are pleased to announce the release of CFEngine 3.19.0! In 2021, for this release, and the launch of CFEngine Build, our focus has been on collaboration. We want to deliver a lot of value to our users through modules, and enable you to share and cooperate on policy, promise types, compliance reports, etc. CFEngine 3.19 is not an LTS release, so the intention for us is to give you a chance to start testing and giving feedback on the new features we are developing, before they land in an LTS version next year.

What’s new

Faster report collection

The CFEngine reporting hub now intelligently prioritizes the order of hosts to collect reports from. Newly bootstrapped hosts which don’t have any reporting data yet will be contacted first, then hosts are sorted based on the time of their last report, so the oldest data is refreshed first. In the end, this should result in more fresh data in Mission Portal, both for newly bootstrapped hosts, and in general.

Importable Compliance Reports

Compliance reports can now be stored and managed as JSON files. This functionality is available in both the UI and API, and enables us to deliver ready-to-use compliance reports as modules. The first module like this is available on CFEngine Build.

Importing a report looks like this in the Mission Portal UI:

This feature is also available in CFEngine 3.18.1 LTS. All new features from 3.18.1 are available in 3.19.0. We won’t go over them again here, see the 3.18.1 release blog post for details on those changes.

Custom promise types

As users can share promise types on CFEngine Build, we continue to expand functionality which enhances what you can do in modules. cf-agent now supports more attributes for custom promise types:

HTTP promise type

There is a new promise type, for doing HTTP requests in CFEngine, available on CFEngine Build. In contrast to our url_get() function, this promise type supports more HTTP methods, like POST and DELETE, and can also stream responses of arbitrary size directly to a file. Once added, it looks like this in use:

bundle agent main
{
  http:
    "https://cfengine.com/images/cfengine-logo.svg"
      file => "/var/cfengine/cfengine-logo.svg",
      if => not(fileexists("/var/cfengine/cfengine-logo.svg"));
}

Other promise types we’ve announced earlier this year are also available via CFEngine Build:

Security modules in a holiday-themed calendar

In December, we decided to provide daily security hardening tips and modules as a holiday calendar. You can read a summary of the first week, with the first 7 modules, in this blog post. To sign up for the rest of this calendar (day 10 to 25) use this link:

cfengine.com/calendar

Changelogs

As always, you can see a full list of changes and improvements in our changelogs:

Please note that the Enterprise changelogs contain only changes specific to enterprise. To get a full overview of all changes in a version, read all 3 changelogs.

Dependency updates

Compared to the recently released 3.18.1, these dependencies have been updated:

CFEngine version 3.18.1 3.19.0
libcurl 7.79.1 7.80.0
Git 2.33.1 2.34.1
PostgreSQL 13.4 13.5
PHP 8.0.12 8.1.0

Thank you to all the developers and maintainers of Open Source Software which make CFEngine possible!

Downloads

CFEngine Enterprise is free for up to 25 hosts, click here to go to the download pages with new packages.

Contributions

We encourage all of our users to get involved in the community and contribute. Feel free to use one of the following channels: