## 1. REQUIREMENTS ##
### Here are the requirements necessary to ensure this is successful.
### a. Internal/Private Cloud Repository Set Up ###
#### You'll need an internal/private cloud repository you can use. These are
#### generally really quick to set up and there are quite a few options.
#### Chocolatey Software recommends Nexus, Artifactory Pro, or ProGet as they
#### are repository servers and will give you the ability to manage multiple
#### repositories and types from one server installation.
### b. Download Chocolatey Package and Put on Internal Repository ###
#### You need to have downloaded the Chocolatey package as well.
#### Please see https://chocolatey.org/install#organization
### c. Other Requirements ###
#### i. Requires puppetlabs/chocolatey module
#### See https://forge.puppet.com/puppetlabs/chocolatey
## 2. TOP LEVEL VARIABLES ##
### a. Your internal repository url (the main one). ###
#### Should be similar to what you see when you browse
#### to https://community.chocolatey.org/api/v2/
$_repository_url = 'INTERNAL REPO URL'
### b. Chocolatey nupkg download url ###
#### This url should result in an immediate download when you navigate to it in
#### a web browser
$_choco_download_url = 'INTERNAL REPO URL/package/chocolatey.2.2.2.nupkg'
### c. Chocolatey Central Management (CCM) ###
#### If using CCM to manage Chocolatey, add the following:
#### i. Endpoint URL for CCM
# $_chocolatey_central_management_url = 'https://chocolatey-central-management:24020/ChocolateyManagementService'
#### ii. If using a Client Salt, add it here
# $_chocolatey_central_management_client_salt = "clientsalt"
#### iii. If using a Service Salt, add it here
# $_chocolatey_central_management_service_salt = 'servicesalt'
## 3. ENSURE CHOCOLATEY IS INSTALLED ##
### Ensure Chocolatey is installed from your internal repository
### Note: `chocolatey_download_url is completely different than normal
### source locations. This is directly to the bare download url for the
### chocolatey.nupkg, similar to what you see when you browse to
### https://community.chocolatey.org/api/v2/package/chocolatey
class {'chocolatey':
chocolatey_download_url => $_choco_download_url,
use_7zip => false,
}
## 4. CONFIGURE CHOCOLATEY BASELINE ##
### a. FIPS Feature ###
#### If you need FIPS compliance - make this the first thing you configure
#### before you do any additional configuration or package installations
#chocolateyfeature {'useFipsCompliantChecksums':
# ensure => enabled,
#}
### b. Apply Recommended Configuration ###
#### Move cache location so Chocolatey is very deterministic about
#### cleaning up temporary data and the location is secured to admins
chocolateyconfig {'cacheLocation':
value => 'C:\ProgramData\chocolatey\cache',
}
#### Increase timeout to at least 4 hours
chocolateyconfig {'commandExecutionTimeoutSeconds':
value => '14400',
}
#### Turn off download progress when running choco through integrations
chocolateyfeature {'showDownloadProgress':
ensure => disabled,
}
### c. Sources ###
#### Remove the default community package repository source
chocolateysource {'chocolatey':
ensure => absent,
location => 'https://community.chocolatey.org/api/v2/',
}
#### Add internal default sources
#### You could have multiple sources here, so we will provide an example
#### of one using the remote repo variable here
#### NOTE: This EXAMPLE requires changes
chocolateysource {'internal_chocolatey':
ensure => present,
location => $_repository_url,
priority => 1,
username => 'optional',
password => 'optional,not ensured',
bypass_proxy => true,
admin_only => false,
allow_self_service => false,
}
### b. Keep Chocolatey Up To Date ###
#### Keep chocolatey up to date based on your internal source
#### You control the upgrades based on when you push an updated version
#### to your internal repository.
#### Note the source here is to the OData feed, similar to what you see
#### when you browse to https://community.chocolatey.org/api/v2/
package {'chocolatey':
ensure => latest,
provider => chocolatey,
source => $_repository_url,
}
## 5. ENSURE CHOCOLATEY FOR BUSINESS ##
### If you don't have Chocolatey for Business (C4B), you'll want to remove from here down.
### a. Ensure The License File Is Installed ###
#### Create a license package using script from https://docs.chocolatey.org/en-us/guides/organizations/organizational-deployment-guide#exercise-4-create-a-package-for-the-license
# TODO: Add resource for installing/ensuring the chocolatey-license package
package {'chocolatey-license':
ensure => latest,
provider => chocolatey,
source => $_repository_url,
}
### b. Disable The Licensed Source ###
#### The licensed source cannot be removed, so it must be disabled.
#### This must occur after the license has been set by the license package.
## Disabled sources still need all other attributes until
## https://tickets.puppetlabs.com/browse/MODULES-4449 is resolved.
## Password is necessary with user, but not ensurable, so it should not
## matter what it is set to here. If you ever do get into trouble here,
## the password is your license GUID.
chocolateysource {'chocolatey.licensed':
ensure => disabled,
priority => '10',
user => 'customer',
password => '1234',
require => Package['chocolatey-license'],
}
### c. Ensure Chocolatey Licensed Extension ###
#### You will have downloaded the licensed extension to your internal repository
#### as you have disabled the licensed repository in step 5b.
#### Ensure the chocolatey.extension package (aka Chocolatey Licensed Extension)
package {'chocolatey.extension':
ensure => latest,
provider => chocolatey,
source => $_repository_url,
require => Package['chocolatey-license'],
}
#### The Chocolatey Licensed Extension unlocks all of the following, which also have configuration/feature items available with them. You may want to visit the feature pages to see what you might want to also enable:
#### - Package Builder - https://docs.chocolatey.org/en-us/features/paid/package-builder
#### - Package Internalizer - https://docs.chocolatey.org/en-us/features/paid/package-internalizer
#### - Package Synchronization (3 components) - https://docs.chocolatey.org/en-us/features/paid/package-synchronization
#### - Package Reducer - https://docs.chocolatey.org/en-us/features/paid/package-reducer
#### - Package Audit - https://docs.chocolatey.org/en-us/features/paid/package-audit
#### - Package Throttle - https://docs.chocolatey.org/en-us/features/paid/package-throttle
#### - CDN Cache Access - https://docs.chocolatey.org/en-us/features/paid/private-cdn
#### - Branding - https://docs.chocolatey.org/en-us/features/paid/branding
#### - Self-Service Anywhere (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/self-service-anywhere
#### - Chocolatey Central Management (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/chocolatey-central-management
#### - Other - https://docs.chocolatey.org/en-us/features/paid/
### d. Ensure Self-Service Anywhere ###
#### If you have desktop clients where users are not administrators, you may
#### to take advantage of deploying and configuring Self-Service anywhere
chocolateyfeature {'showNonElevatedWarnings':
ensure => disabled,
}
chocolateyfeature {'useBackgroundService':
ensure => enabled,
}
chocolateyfeature {'useBackgroundServiceWithNonAdministratorsOnly':
ensure => enabled,
}
chocolateyfeature {'allowBackgroundServiceUninstallsFromUserInstallsOnly':
ensure => enabled,
}
chocolateyconfig {'backgroundServiceAllowedCommands':
value => 'install,upgrade,uninstall',
}
### e. Ensure Chocolatey Central Management ###
#### If you want to manage and report on endpoints, you can set up and configure
### Central Management. There are multiple portions to manage, so you'll see
### a section on agents here along with notes on how to configure the server
### side components.
if $_chocolatey_central_management_url {
package {'chocolatey-agent':
ensure => latest,
provider => chocolatey,
source => $_repository_url,
require => Package['chocolatey-license'],
}
chocolateyconfig {'CentralManagementServiceUrl':
value => $_chocolatey_central_management_url,
}
if $_chocolatey_central_management_client_salt {
chocolateyconfig {'centralManagementClientCommunicationSaltAdditivePassword':
value => $_chocolatey_central_management_client_salt,
}
}
if $_chocolatey_central_management_service_salt {
chocolateyconfig {'centralManagementClientCommunicationSaltAdditivePassword':
value => $_chocolatey_central_management_client_salt,
}
}
chocolateyfeature {'useChocolateyCentralManagement':
ensure => enabled,
require => Package['chocolatey-agent'],
}
chocolateyfeature {'useChocolateyCentralManagementDeployments':
ensure => enabled,
require => Package['chocolatey-agent'],
}
}
linearreg (maintainer) on 17 Jan 2024 19:51:47 +00:00:
User 'linearreg' (maintainer) submitted package.
chocolatey-ops (reviewer) on 17 Jan 2024 20:23:53 +00:00:
correttojdk has passed automated validation. It may have or may still fail other checks like testing (verification).
NOTE: No required changes that the validator checks have been flagged! It is appreciated if you fix other items, but only Requirements will hold up a package version from approval. A human review could still turn up issues a computer may not easily find.
Guidelines
Guidelines are strong suggestions that improve the quality of a package version. These are considered something to fix for next time to increase the quality of the package. Over time Guidelines can become Requirements. A package version can be approved without addressing Guideline comments but will reduce the quality of the package.
chocolatey-ops (reviewer) on 17 Jan 2024 20:37:14 +00:00:
correttojdk has failed automated package testing (verification).
Please visit https://gist.github.com/choco-bot/9d7658e88f886e33ceea97940c299dba for details.
The package status will be changed and will be waiting on your next actions.
linearreg (maintainer) on 18 Jan 2024 16:06:25 +00:00:
User 'linearreg' (maintainer) submitted package.
chocolatey-ops (reviewer) on 18 Jan 2024 16:37:00 +00:00:
correttojdk has passed automated validation. It may have or may still fail other checks like testing (verification).
NOTE: No required changes that the validator checks have been flagged! It is appreciated if you fix other items, but only Requirements will hold up a package version from approval. A human review could still turn up issues a computer may not easily find.
Guidelines
Guidelines are strong suggestions that improve the quality of a package version. These are considered something to fix for next time to increase the quality of the package. Over time Guidelines can become Requirements. A package version can be approved without addressing Guideline comments but will reduce the quality of the package.
chocolatey-ops (reviewer) on 18 Jan 2024 16:45:46 +00:00:
correttojdk has failed automated package testing (verification).
Please visit https://gist.github.com/choco-bot/0cbf7b33027785dccf8574d56d9a78d9 for details.
The package status will be changed and will be waiting on your next actions.
linearreg (maintainer) on 18 Jan 2024 18:03:16 +00:00:
User 'linearreg' (maintainer) submitted package.
chocolatey-ops (reviewer) on 18 Jan 2024 18:36:24 +00:00:
correttojdk has passed automated validation. It may have or may still fail other checks like testing (verification).
NOTE: No required changes that the validator checks have been flagged! It is appreciated if you fix other items, but only Requirements will hold up a package version from approval. A human review could still turn up issues a computer may not easily find.
Guidelines
Guidelines are strong suggestions that improve the quality of a package version. These are considered something to fix for next time to increase the quality of the package. Over time Guidelines can become Requirements. A package version can be approved without addressing Guideline comments but will reduce the quality of the package.
chocolatey-ops (reviewer) on 18 Jan 2024 19:15:22 +00:00:
correttojdk has failed automated package testing (verification).
Please visit https://gist.github.com/choco-bot/47a1147adab3241e8cfd687be58e12ea for details.
The package status will be changed and will be waiting on your next actions.
linearreg (maintainer) on 22 Jan 2024 23:04:31 +00:00:
User 'linearreg' (maintainer) submitted package.
chocolatey-ops (reviewer) on 22 Jan 2024 23:38:28 +00:00:
correttojdk has passed automated validation. It may have or may still fail other checks like testing (verification).
NOTE: No required changes that the validator checks have been flagged! It is appreciated if you fix other items, but only Requirements will hold up a package version from approval. A human review could still turn up issues a computer may not easily find.
Guidelines
Guidelines are strong suggestions that improve the quality of a package version. These are considered something to fix for next time to increase the quality of the package. Over time Guidelines can become Requirements. A package version can be approved without addressing Guideline comments but will reduce the quality of the package.
chocolatey-ops (reviewer) on 22 Jan 2024 23:46:48 +00:00:
correttojdk has failed automated package testing (verification).
Please visit https://gist.github.com/choco-bot/3954551045f5b05806388d42e4f31a6b for details.
The package status will be changed and will be waiting on your next actions.
linearreg (maintainer) on 23 Jan 2024 01:39:19 +00:00:
Issue with checksum validation. Retrying.
Verification Status Change - Verification tests have been set to rerun.
chocolatey-ops (reviewer) on 23 Jan 2024 01:59:23 +00:00:
correttojdk has failed automated package testing (verification).
Please visit https://gist.github.com/choco-bot/1f049ec2909f5d52b4c504b0b5bfdfbb for details.
The package status will be changed and will be waiting on your next actions.
linearreg (maintainer) on 23 Jan 2024 16:47:18 +00:00:
Hello,
I tried to recreate this error in the test environment and for some reason, I think the checksum.exe cannot see the file while windows can.
I put the outputs in gist as cloudflare blocked any attempts to post actual code.
https://gist.github.com/ajshastri/0868eb162409152f1f0594db41770a55
In the gist, I've put the original error from https://gist.github.com/choco-bot/1f049ec2909f5d52b4c504b0b5bfdfbb, followed by the manual attempt to run the checksum.exe and it's error, followed by the dir output of the file.
Please let me know if I'm doing something wrong,
flcdrg (reviewer) on 26 Jan 2024 05:15:10 +00:00:
Going to try again..
Verification Status Change - Verification tests have been set to rerun.
chocolatey-ops (reviewer) on 26 Jan 2024 05:24:56 +00:00:
correttojdk has failed automated package testing (verification).
Please visit https://gist.github.com/choco-bot/af4ca4a960bc2762df92a212974d1e05 for details.
The package status will be changed and will be waiting on your next actions.
linearreg (maintainer) on 29 Jan 2024 17:50:36 +00:00:
Any hope?
Windos (reviewer) on 25 Feb 2024 02:38:12 +00:00:
The included file hash is incorrect.
58899be77c0992cce93172389de1cbeb8
is listed in the ChocolateyInstall.ps1 file.58899be77c0992cce9317389de1cbeb8
is the actual hash of the downloaded file.It looks like an additional digit was added to the hash.
You can get the hash using PowerShell:
chocolatey-ops (reviewer) on 16 Mar 2024 02:38:44 +00:00:
We've found correttojdk v21.0.2.131 in a submitted status and waiting for your next actions. It has had no updates for 20 or more days since a reviewer has asked for corrections. Please note that if there is no response or fix of the package within 15 days of this message, this package version will automatically be closed (rejected) due to being stale.
Take action:
If your package is failing automated testing, you can use the chocolatey test environment to manually run the verification and determine what may need to be fixed.
Note: We don't like to see packages automatically rejected. It doesn't mean that we don't value your contributions, just that we can not continue to hold packages versions in a waiting status that have possibly been abandoned. If you don't believe you will be able to fix up this version of the package within 15 days, we strongly urge you to log in to the site and respond to the review comments until you are able to.
chocolatey-ops (reviewer) on 22 Apr 2024 13:25:36 +00:00:
Unfortunately there has not been progress to move correttojdk v21.0.2.131 towards an approved status within 15 days after the last review message, so we need to close (reject) the package version at this time. If you want to pick this version up and move it towards approval in the future, use the contact site admins link on the package page and we can move it back into a submitted status so you can submit updates.
Status Change - Changed status of package from 'submitted' to 'rejected'.