Today, we are pleased to announce the release of CFEngine 3.23.0! This is a non-LTS (non-supported) release, where we introduce new features for users to test and give feedback on, allowing us to polish before the next LTS. (CFEngine 3.24 LTS is scheduled to release summer 2024).
The codename for this release is anniversary, as this year is CFEngine’s 30th anniversary. CFEngine was initially released in 1993, and to mark this special occasion we’ve created a limited edition anniversary coin:
What’s new
Include / exclude hosts by hostname, IP address, subnet, MAC address
Within Mission Portal’s inventory reports you can easily control what pieces of information to show (which columns), as well as which hosts (rows) to filter out. In the previous releases, we’ve made several improvements to the UI for inventory reports, making them more intuitive to use and edit, as well as giving you more flexibility with the dynamic rules. For 3.23 we are continuing to improve the inventory reports and their host filters, by adding more ways to specify lists of hosts to include and exclude.
By specifying lists of hosts by their IP, MAC, or hostname, they will stay in the list, even if their ID changes (for example after reinstalling CFEngine on a host, rotating a host’s key, or replacing one host with another). When combining rules with lists of hosts to include and exclude, exclusion will always take precedence, so the hosts you put into the exclusion list will never show up in the results.
Groups in Mission Portal
The groups functionality introduced in 3.22 also benefits from the host filter updates mentioned above. You now have a lot of flexibility when deciding what hosts should be in a group (editing its filter):
In the example above, we’ve included all RHEL 7, 8, and 9 hosts with a regular expression, as well as included 1 specific host by IP address and all hosts in a subnet. We’ve also excluded one specific host which we didn’t want in the group (by its IP address).
Groups can now be static (such as lists of CFEngine IDs and MAC addresses), or much more dynamic (conditions based on reported inventory data). Or a mix of these, or something in between (IP addresses usually are quite static, but can also be changed around).
We will continue to improve and polish the groups and filter functionality before it lands in the next LTS release, CFEngine 3.24, scheduled for summer 2024.
Policy language function: version_compare()
In CFEngine policy language, we have many convenience functions and macros to make the policy behave differently for various versions of CFEngine.
However, these always compare the CFEngine version number, and cannot be used to customize the behavior based on another version number (such as the version of an installed package).
The new version_compare() function makes it easier to work with version numbers in general:
bundle agent __main__
{
vars:
"version"
string => "1.2.3";
reports:
"That's newer!"
if => version_compare("$(version)", ">", "1.0.0");
}Changelogs
As always, you can see a full list of changes and improvements in our changelogs:
- 3.23.0 Changelog for CFEngine Community
- 3.23.0 Changelog for CFEngine Enterprise
- 3.23.0 Changelog for Masterfiles Policy Framework
Please note that the Enterprise changelogs contain only changes specific to enterprise. To get a full overview of all changes in a version, read all 3 changelogs.
Dependency updates
Compared to version 3.22, these dependencies have been updated:
| CFEngine version | 3.22.0 | 3.23.0 |
|---|---|---|
| Apache | 2.4.57 | 2.4.58 |
| Git | 2.41.0 | 2.42.1 |
| libcurl | 8.1.2 | 8.4.0 |
| libxml2 | 2.11.4 | 2.11.5 |
| LMDB | 0.9.30 | 0.9.31 |
| OpenSSL | 3.1.1 | 3.1.4 |
| PHP | 8.2.7 | 8.2.12 |
| PostgreSQL | 15.3 | 15.5 |
| zlib | 1.2.13 | 1.3 |
Thank you to all the developers and maintainers of Open Source Software which make CFEngine possible!
Downloads
CFEngine Enterprise is free for up to 25 hosts, click here to go to the download pages with new packages.
If you are using cf-remote, you have to specify this release explicitly:
cf-remote --version 3.23.0 download(cf-remote defaults to the latest LTS release, which is currently 3.21.3).
Contributions
We encourage all of our users to get involved in the community and contribute. Feel free to use one of the following avenues:
- Ask for help, share an idea, or start a discussion on GitHub Discussions
- Contribute modules to CFEngine Build
- Look through our curated list of issues for new contributors
- Improve the documentation by fixing typos, adding examples, or explaining things you found difficult
- Browse the code or submit a pull request through GitHub
- Submit a bug report or feature request in our issue tracker
