Today, we are pleased to announce the release of CFEngine 3.25.0! The code word for this release is auditability. Being a non-LTS (not supported) release, this release allows users to test the new functionality we’ve been working on before it arrives in an LTS release ~1 year from now.
What’s new
The audit log
CFEngine Mission Portal now logs user actions in a structured audit log. This means you can go back and see who edited group data, who deleted a host, who created a user, etc. The audit log can be filtered by time and date, resource type, who performed the action, and what was affected.
To make it easy for users to download, process, back up, or ingest logs into other systems, there is a button to download in CSV format, and a REST API for retrieving entries programmatically.
You can also click View details for individual entries to get more detailed information about exactly what was changed.
In order to reduce noise and ensure the audit log has the most valuable information possible, it focuses on changes made by users through the Mission Portal API and UI.
3.25 sneak peek webinar episode
In our latest episode of “The agent is in” webinar series, we took a sneak peek at 3.25.0 and the audit log:
2-factor authentication and password security improvements
As mentioned in the recent 3.24.1 release blog, we’re making several improvements to the authentication security of Mission Portal, including:
- 2-factor authentication via time-based one time password (TOTP) app
- Password complexity measurement and stricter requirements / defaults
- More customizability and settings to enforce the use of 2FA, strong passwords, etc.
Changelogs
As always, you can see a full list of changes and improvements in our changelogs:
- 3.25.0 Changelog for CFEngine Community
- 3.25.0 Changelog for CFEngine Enterprise
- 3.25.0 Changelog for Masterfiles Policy Framework
Please note that the Enterprise changelogs contain only changes specific to enterprise. To get a full overview of all changes in a version, read all 3 changelogs.
Dependency updates
Compared to 3.24.0, these dependencies have been updated:
CFEngine version | 3.24.0 | 3.25.0 |
---|---|---|
Git | 2.45.2 | 2.47.1 |
libcurl | 8.8.0 | 8.11.1 |
libexpat | 2.5.0 | 2.6.3 |
libxml2 | 2.13.1 | 2.13.5 |
OpenLDAP | 2.6.8 | 2.6.9 |
OpenSSL | 3.3.1 | 3.4.0 |
PCRE2 | 10.44 | 10.44 |
PHP | 8.3.8 | 8.3.15 |
PostgreSQL | 16.3 | 17.2 |
Thank you to all the developers and maintainers of Open Source Software which make CFEngine possible!
Downloads
CFEngine Enterprise is free for up to 25 hosts, click here to go to the download pages with new packages.
If you are using cf-remote
, you can specify version to install with the --version
option:
cf-remote --version 3.25.0 install --hub hub --bootstrap hub
Contributions
We encourage all of our users to get involved in the community and contribute. Feel free to use one of the following avenues:
- Ask for help, share an idea, or start a discussion on GitHub Discussions
- Contribute modules to CFEngine Build
- Look through our curated list of issues for new contributors
- Improve the documentation by fixing typos, adding examples, or explaining things you found difficult
- Browse the code or submit a pull request through GitHub
- Submit a bug report or feature request in our issue tracker