Chef Automate Feedback

Here you can create your product feature requests for the Chef Automate team. You can comment and vote on your own requests as well as those created by other users. We will update status of the requests over time. Once a request is marked as completed, roadmap or declined, you will get back any votes you had applied to that item.

All interactions when using the customer feedback forums are subject to the Chef community guidelines. Please remember:

  • Be welcoming, inclusive, friendly, and patient.
  • Be considerate.
  • Be respectful.
  • Be professional.
  • Be careful in the words that you choose.
  • When we disagree, let’s all work together to understand why.

Requests for support should be directed to support@chef.io, or submit support requests by using our web-based ticket interface as described here.

How can we make Chef Automate more awesome?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Configure Reaper to be more granular on the indexes to remove, archive or keep and at different intervals.

    We would like to hold on to our Compliance data for audits at a much longer interval or move them to an archive and delete the insights at various time frames. It would be beneficial to us to break up the insights data for attributes, converge, etc so different lengths of time can be used for those as well.

    1 vote
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Visibility  ·  Flag idea as inappropriate…  ·  Admin →
    • Allow internal s3-compatible storage to store reaper elasticsearch snapshots

      Our Chef Automate instance is deployed inside our DC, and I think it makes sense to provide a way to store reaper elasticsearch snapshots to our internal s3-compatible storage. This documentation only provides AWS.

      https://docs.chef.io/data_retention_chef_automate.html#authenticating-to-aws

      Can you guys make it so we can use our internal instead of going to AWS? Thank you!

      Regards,

      Rakuten Inc.

      5 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Install/setup  ·  Flag idea as inappropriate…  ·  Admin →
      • Slim down _search XHR payloads in the UI

        The data returned from Elasticsearch in some of the XHR requests can be extremely large. I have about 94 nodes right now and the just loading the Nodes tab on the UI can be cumbersome. Each request to the page transfers 22MB because Elasticsearch is returning basically the whole state of each node back to the browser. This is roughly 234KB/node! It doesn't appear to cache or re-use the data either as when I, for example, click on a node state filter (like missing or failed), it will perform a whole new XHR which will again receive all the data…

        1 vote
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          started  ·  1 comment  ·  UX enhancements  ·  Flag idea as inappropriate…  ·  Admin →
        • Chef Automate connecting to ELK in a more secure way

          Currently Chef Automate has no secure way to connect to elasticsearch.

          It would be ideal if customers could leverage ElasticSearch's shield tool - for those in a corporate environment who want to secure the data in ElasticSearch from modification.

          Alternatively, add some authentication/security to requests originating from Chef Automate to Elasticsearch.

          Thanks

          7 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            planned  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
          • Support modern ed25519 ssh keys

            Please support modern ed25519 ssh keys. With Automate 0.8.5 when you paste in an ed25519 pubkey it will claim it's in an invalid state.

            "Received disconnect from <some ip> port 8989:7: Invalid state
            Authentication failed."

            3 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              acknowledged  ·  0 comments  ·  Authorization  ·  Flag idea as inappropriate…  ·  Admin →
            • InSpec - identify if test (desc) failed/passed/skipped within control

              It would be useful to have ability to identify within control if any particular test has passed/failed or was skipped. Once you will have this information, it should allow you to update metadata such as tags, impact, etc.

              1 vote
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                1 comment  ·  Compliance  ·  Flag idea as inappropriate…  ·  Admin →
              • Reviewers should not be restricted by Enterprise but rather either per org or project.

                Code reviewers may not always be the same people as those who will be admins of a delivery enterprise.

                For example, we have an a single enterprise with orgs for cookbooks, configurations, etc..

                We would prefer for each the projects under configurations to allow the business owners to be the reviewers the databag pipeline lifecycle for each project but if that's not possible, the next best thing would be to have each org be reviewed by the business owners and have the configurations live in the configuration org, otherwise we have to create enterprises for each project and that seems…

                4 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  acknowledged  ·  0 comments  ·  Code review  ·  Flag idea as inappropriate…  ·  Admin →
                • Multiple ssh keys for a user

                  I'd like to re-open this request that i see was declined back in 2015 (https://feedback.chef.io/forums/289357-chef-automate-feedback/suggestions/7842627-multiple-ssh-keys-for-a-user)

                  I don't see a reason the original request was declined and i'm wondering this request could be re-evaluated.

                  As the original requestor mentioned when working from multiple dev environments it would be nice to be able to add additional keys to authenticate my user, instead of having to either swap the public key, or copy the private key around my various environments.

                  We are also restricted from sharing SSH keys between workstations, so this forces us to only allow one workstation per user,…

                  4 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    acknowledged  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                  • automate-ctl needs a delete-runner function

                    I've had to delete stale runners via the `delivery api` method, but it feels really inconsistant with other chef mgmt processes, this should have a delete methods attached to automate-ctl

                    3 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      I agree to the terms of service
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      acknowledged  ·  2 comments  ·  Install/setup  ·  Flag idea as inappropriate…  ·  Admin →
                    • Allow for custom install-runner scripts

                      In some cases with Chef Automate some additional tweaks need to occur in addition to what the default "automate-ctl install-runner ..." action does to configure a new runner system. Rather than hack the installer files, wouldn't it be better to allow the ability to manage custom runner scripts the same way we would do for bootstrap templates on Chef Server?

                      3 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        I agree to the terms of service
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        acknowledged  ·  2 comments  ·  Install/setup  ·  Flag idea as inappropriate…  ·  Admin →
                      • InSpec Feature Request, Tomcat resource

                        Hey,
                        i am implementing a tomcat baseline with regex right now, but it would be nice to have a tomcat or xml resource.

                        1 vote
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          I agree to the terms of service
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          planned  ·  1 comment  ·  Compliance  ·  Flag idea as inappropriate…  ·  Admin →
                        • Automate reporting improvements

                          To effectively manage the large environments automate reporting should allow to crate reports that will answer the following questions:

                          1. List nodes that report the failure of specific resource
                          2. List resources that fail the most across all managed nodes
                          3. List nodes with most compliance violations
                          4. List nodes that have specific compliance violation
                          5. List compliance checks that are violated the most

                          6 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            I agree to the terms of service
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            acknowledged  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
                          • allow delivery_environment(s) to be set via delivery/config.json

                            id like to be able to set my env names for each build-stage to work with my existing environment without having to lift code from delivery-truck.

                            2 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              I agree to the terms of service
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              acknowledged  ·  0 comments  ·  Workflow  ·  Flag idea as inappropriate…  ·  Admin →
                            • Automate nodes page filtering and search improvements

                              Nodes list - Coverage Status:
                              1. Add a column to the nodes table, listing the number of resources managed on each node
                              2. Allow for CTRL+click to open deep links to multiple node detail pages in different tabs

                              Nodes page - Search:
                              1. Add an option allowing people to search by the value of a particular node attribute, so that people could list all nodes with the specific attribute value.
                              2. Enable using the enter key in the search box. Right now once the search query is defined, a mouse click on the search icon is required.

                              1 vote
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                I agree to the terms of service
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                acknowledged  ·  1 comment  ·  Visibility  ·  Flag idea as inappropriate…  ·  Admin →
                              • Provide messaging when a change is waiting on another change before entering union

                                Workflow only allows one change at a time to enter into the post-deliver phases (union, rehearsal, delivered). Other changes which are waiting before entering that phase currently do not show any feedback and just appear to not be running.

                                Could messaging be provided like "Waiting on change xyz to complete union stage before running"?

                                2 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  I agree to the terms of service
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  acknowledged  ·  1 comment  ·  Workflow  ·  Flag idea as inappropriate…  ·  Admin →
                                • Inspec-scap Gem Completely Converts Various STIG Profiles To Inspec

                                  Here's a profile Chef has been notified about recently that is not fully converting. We believe we can get to 90% coverage of the cases in the profile soon without too much trouble. If there is interest on this feedback item, we can spend more time vetting other profiles too. Anyone that was interested in https://feedback.chef.io/forums/289357-chef-automate-feedback/suggestions/18647377-inspec-scap-accept-inspec-list should follow this feedback item now instead.

                                  http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG_SCAP_1-1_Benchmark.zip

                                  5 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    I agree to the terms of service
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    community feedback desired  ·  2 comments  ·  Compliance  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Chef Compliance Scanner Standalone Should Have backup/restore Functions for DR

                                    To provide safety in a production environment, Chef Compliance scanner standalone should provide backup/restore functionality integrated with the chef-compliance-ctl command

                                    1 vote
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      I agree to the terms of service
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      community feedback desired  ·  1 comment  ·  Compliance  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Arbitrary comments/summary for each Workflow phase

                                      The ability to make high-visibility comments or a summary of the phase run would be extremely helpful for communicating the results of a run without making people wade through the wall of text that is the entire chef run output.

                                      I'm imagining you could just make a logging function call during the phase recipe and Automate can display it without the phase being expanded in the UI. Something like this this mockup.

                                      1 vote
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        I agree to the terms of service
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        community feedback desired  ·  1 comment  ·  Workflow  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Proxy oauth requests on 443 to Chef server

                                        By default Automate (on Opsworks anyway) is setup on 443 and the Chef server is on 8443. Confusingly all the information out there for setting up a private supermarket references the Chef server as being on 443 which results in a 404 return by default. Perhaps oauth functions can be proxied from Automate to the Chef server via nginx by default.

                                        0 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          I agree to the terms of service
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          acknowledged  ·  1 comment  ·  Authorization  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Management console along the lines of Hosted Chef

                                          The current console leaves too much info out and it would be ideal to have Hosted Chef like management console which provided a read only view of chef cookbooks, environments, roles and other resources. It allows for quick read vs running knife commands always to get that info.

                                          4 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            I agree to the terms of service
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            1 comment  ·  UX enhancements  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 6
                                          • Don't see your idea?

                                          Feedback and Knowledge Base