Package Management in Windows Using Chocolatey
In today’s Ask the Admin, I’ll look at the Chocolatey package manager for Windows, what it does, and how it can simplify software deployment on servers and end-user devices.
Passwords Haven’t Disappeared Yet
123456. Qwerty. Iloveyou. No, these are not exercises for people who are brand new to typing. Shockingly, they are among the most common passwords that end users choose in 2021. Research has found that the average business user must manually type out, or copy/paste, the credentials to 154 websites per month. We repeatedly got one question that surprised us: “Why would I ever trust a third party with control of my network?
Windows has long been a second-class citizen when it comes to package managers. In Linux, it is easy to install an application using apt-get or Yum from the command line. But until recently, there has been no built-in way to do the same in Windows. For end users, the Microsoft Store partly addresses the problem because apps can be installed in one click and updates are managed for the user. Legacy Win32 apps are a different story.
Windows Installer became the standard technology for deploying software in enterprises and it is supported by Group Policy and Microsoft System Center Configuration Manager (SCCM). But unlike apt-get in Linux, it can’t be used to quickly install and update software from online repositories using a simple command.
Windows Installer is complex to work with and isn’t as flexible as the package managers available for other operating systems. In the last few years, Windows has gained support for several third-party package managers, of which, Chocolatey is the most well-known. Created by a former Puppet engineer, Chocolatey is supported by most configuration management solutions, like Chef and Puppet. Based on NuGet, a free and open-source package manager designed for Microsoft .NET, Chocolatey uses PowerShell on the front end to make software installation easier.
Chocolatey for Business
The open source version of Chocolatey is free. Chocolatey for Business (C4B) must be licensed but it adds important features for organizations that want a centralized software management solution. Features in C4B that are not included in the open source version include Package Builder, which can be used to quickly build packages from existing installers and zip files. The Chocolatey Agent is a self-service installer that can install software for users even if they don’t have administrative privileges. A central console management UI is planned for the first quarter of 2018 and will add reporting and management features. Regardless of whether you use open source Chocolatey or C4B, you can create your own secure repositories from which users and configuration management systems can install software.
Package Management Providers
The Windows Management Framework (WMF) includes PackageManagement (previously OneGet), a module which manages package managers. Open a PowerShell prompt, type Get-PackageProvider, and press ENTER. PowerShell will return a list of providers that are registered with the PackageManagement module. In the screenshot below, you can see that in addition to the default package managers, NuGet is also installed.
If you search for a package provider and it is not present on your system, Get-PackageProvider will give you the option to install it.
Get-PackageProvider -Name chocolatey
It’s not compulsory to add Chocolatey as a provider. If you choose to add it, you can use standard PowerShell commands to install packages from the Chocolatey repository. For example, to use Chocolatey to install VLC, run this command:
choco install vlc
If Chocolatey is registered as a package provider on a system, you can use the standard PowerShell Install-Package cmdlet instead:
Packages and Repositories
There are thousands of applications already packaged in the public Chocolatey repository. If you want to create a private repository, you can set up a Chocolatey server on your local area network or host packages on a file share.
A Chocolatey package is a NuGet file (.nupkg). NuGet packages can be unzipped, so you can see its contents. Packages contain an XML file with information about the package and how it should be installed on a system as well as files required by the application.
All versions of Chocolatey allow you to package your own applications for distribution internally. C4B Package Builder takes existing Windows Installer files and creates packages for distribution with Chocolatey. The command below takes the enterprise .MSI installer file for Google Chrome and creates a new Chocolatey package.
choco new googlechrome --file=.\googlechromestandaloneenterprise.msi --build-package
In this Ask the Admin, I gave you some background information on package managers in Windows, including NuGet, the Windows PowerShell PackageManagement module and Chocolatey. In a future article, I’ll look into more details about how to use Chocolatey and PowerShell to install and update software.