Using Chocolatey for Windows Package Management
A tool that I have been aware of for awhile now, but haven’t paid too much attention to (until recently) is Chocolatey. What is it, you may be asking yourself? It is essentially a package manager for Windows that is run via the command line. Various ‘flavours’ are available, ranging from free (which is what I use) to paid options. At the moment, there are 4343 community maintained packages, so you’ll likely find at some of what you need there.
Installation is fairly straightforward. You will need local admin rights, but it can all be installed via a single command from the Windows command prompt:
@powershell -NoProfile -ExecutionPolicy Bypass -Command "iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))" && SET "PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin"
There are a couple of other installation options available, which can be found on their webpage. Once you get that out of the way, you can start to play around with the framework.
The basic premise is that from a command prompt (with admin privileges), you can run ‘choco install packageName‘ where package name is the name of the application package that you want to install. Let’s use Google Chrome as an example. If I want to install it, I can just run ‘choco install googlechrome‘ and the package will download and install. Pretty cool!
What if you don’t know the specific name of the package you are looking to install? Then you have a couple of choices. If you are a sucker for punishment, you can run ‘choco list’ – this will return all packages. Likely not too helpful. If on the other hand, you want to narrow your search, you can use ‘choco search xyz‘ which will search packages’ descriptions for the term.
Where this gets really powerful is when it comes to scripting. I cobbled together a basic script that installs applications which I commonly used. Whenever I format my machine (or just get a new one in general), I run this script and walk away for a bit. When I come back, I have the majority of applications and tools that I need waiting for me. If you use the /Y parameter, the software will install without further prompts. For example ‘choco install googlechrome /Y’ will not prompt for license agreements.
Lastly, one trick that I have for remote installs is to use PSExec – part of the Sysinternals Suite. I use the program to launch a new command prompt via something like ‘psexec \\COMPUTER1 -u administrator cmd’. This will connect to COMPUTER1 as the local admin and try to launch the cmd (command prompt) process. If successful, I’ll have a remote command prompt session where I can run installs as per above. If you don’t have PSExec installed, you can install it via ‘choco install psexec‘ 🙂
You can find a full list of Chocolatey commands here.
As with most things free, there are drawbacks. Out of the gate, each time you install something, it will need to be downloaded again. Now, bandwidth caps may not be an issue for most of us, but time can be. Some of the packages are fairly large (e.g. the SQL Server Management Studio is close to 1 GB), so downloading it multiple times is a bit a wasteful. On the plus side, you can set up local repositories, however, that is not something that I have done yet.
Also, most of the time, packages are fairly up to date (for example as of this writing, that Google Chrome package noted above is up to date), however occasionally packages may fall behind. Depending on your requirements (security, support, etc.), this may or may not be an issue for you.
Edit / Update: Just to clarify the drawbacks, these can easily be remedied with a local repository. The scope of the post is targeted towards the community / free edition. A big thanks to ferventcoder who commented below for additional insight.
2 thoughts on “Using Chocolatey for Windows Package Management”
The mentioned drawbacks seem to apply only to the community repository, and not to the Chocolatey framework itself.
Something to keep in mind, which I think you sort of touched on in the beginning – Package sources are decentralized, which means that there are many more than just 4K packages out there, there are that many in the community repository.
Most organizations using Chocolatey don’t use the packages on the community repository. Or if they do, they will internalize the packages removing internet access from them. This is especially true with security conscious organizations.
Downloading items to each machine isn’t necessarily the case either. With internal packages, there are options that deal with that specific scenario.
Thanks for the comment! Much easier to read when compared to 140 characters on Twitter.
I added a bit of an edit to clarify that the drawbacks are easily remedied. The post was more or less based on a ‘complete out-of-the-box’ setup.