Today we released Chef Server 12.0.4. This release includes cookbook caching, continued development of the key rotation feature, and some LDAP improvements.
## Cookbook Caching
Cookbook caching lets you serve up cookbook resources to Chef clients faster by keeping those resources cached by more efficient servers. This feature is off by default, but can be enabled. See this blog post for the full low-down on cookbook caching.
## Continued Key Rotation Work
Key rotation is a feature that is still under development. With the last Chef Server release, we implemented basic key rotation support via `chef-server-ctl` with the promise that API support was coming soon. We have implemented the first endpoint of the API in this release, with more to come in releases scheduled for the near future.
### GET Me Some Keys
A `GET` to the Chef Server endpoints, `/organizations/ORGNAME/clients/CLIENTNAME/keys` or `/users/USERNAME/keys`, will return a list of keys for a client or user, respectively.
If you haven’t used the key rotation `chef-server-ctl` commands, for now, this will simply return the `default` key for a client or user. The same key is still returned via `GET` to the users and clients endpoints.
### Key Rotation Is Still A Feature In Progress
While we are finishing up the rest of the API, we recommend you continue to manage your keys via the users and clients endpoints as is done traditionally. However, if you can’t wait to get started with rotating, we recommend you do not delete the `default` key for now.
See the docs for additional information on key rotation.
## LDAP Improvements
Brian Felton added support for filtering LDAP users by group membership. To restrict Chef
logins to members of a particular group, use the `ldap[‘group_dn’]` configuration option in `/etc/opscode/chef-server.rb` to specify the DN of the group. This feature filters based on the `memberOf` attribute and only works with LDAP servers that provide such an attribute.
A number of other LDAP bugs have also been fixed. Check the release notes for details.