Step 1: Review Your Packages

Step 2: Choose Your Integration Method

Step 3: Copy Your Script or Download Config

Option 1: Copy Script

Option 2: Download Config

Step 4: Setup Your Environment

1. Ensure you are set for organizational deployment

Please see the organizational deployment guide

2. Get the package into your environment

Option 1: Cached Package (Unreliable, Requires Internet - Same As Community)

Open Source or Commercial:
- Proxy Repository - Create a proxy nuget repository on Nexus, Artifactory Pro, or a proxy Chocolatey repository on ProGet. Point your upstream to https://community.chocolatey.org/api/v2/. Packages cache on first access automatically. Make sure your choco clients are using your proxy repository as a source and NOT the default community repository. See source command for more information.
- You can also just download the packages and push them to a repository
  Download Packages

Option 2: Internalized Package (Reliable, Scalable)

Open Source
- Download the packages:
  Download Packages
- Follow manual internalization instructions
Package Internalizer (C4B)
- Run: (additional options)
- For package and dependencies run:
- Automate package internalization

Step 5: Copy Your Script

See options you can pass to upgrade.

See best practices for scripting.

Add this to a PowerShell script or use a Batch script with tools and in places where you are calling directly to Chocolatey. If you are integrating, keep in mind enhanced exit codes.

If you do use a PowerShell script, use the following to ensure bad exit codes are shown as failures:

If Applicable - Chocolatey Configuration/Installation


## 1. REQUIREMENTS ##
### Here are the requirements necessary to ensure this is successful.

### a. Internal/Private Cloud Repository Set Up ###
#### You'll need an internal/private cloud repository you can use. These are
####  generally really quick to set up and there are quite a few options.
####  Chocolatey Software recommends Nexus, Artifactory Pro, or ProGet as they
####  are repository servers and will give you the ability to manage multiple
####  repositories and types from one server installation.

### b. Download Chocolatey Package and Put on Internal Repository ###
#### You need to have downloaded the Chocolatey package as well.
####  Please see https://chocolatey.org/install#organization

### c. Other Requirements ###

#### We initialize a few things that are needed by this script - there are no other requirements.
$ErrorActionPreference = "Stop"

#### Set TLS 1.2 (3072) as that is the minimum required by various up-to-date repositories.
#### Use integers because the enumeration value for TLS 1.2 won't exist
#### in .NET 4.0, even though they are addressable if .NET 4.5+ is
#### installed (.NET 4.5 is an in-place upgrade).
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072

#### We use this variable for future REST calls.
$RequestArguments = @{
    UseBasicParsing = $true
}

## 2. TOP LEVEL VARIABLES ##

### a. Your internal repository url (the main one). ###
####  Should be similar to what you see when you browse
#### to https://community.chocolatey.org/api/v2/
$NugetRepositoryUrl = "INTERNAL REPO URL"

### b. Internal Repository Credential ###
#### If required, add the repository access credential here
# $NugetRepositoryCredential = [PSCredential]::new(
#     "username",
#     ("password" | ConvertTo-SecureString -AsPlainText -Force)
# )
# $RequestArguments.Credential = $NugetRepositoryCredential

### c. Chocolatey nupkg download url ###
#### This url should result in an immediate download when you navigate to it
$ChocolateyDownloadUrl = "$($NugetRepositoryUrl.TrimEnd('/'))/package/chocolatey.2.2.2.nupkg"

### d. Chocolatey Central Management (CCM) ###
#### If using CCM to manage Chocolatey, add the following:
#### i. Endpoint URL for CCM
# $ChocolateyCentralManagementUrl = "https://chocolatey-central-management:24020/ChocolateyManagementService"

#### ii. If using a Client Salt, add it here
# $ChocolateyCentralManagementClientSalt = "clientsalt"

#### iii. If using a Service Salt, add it here
# $ChocolateyCentralManagementServiceSalt = "servicesalt"

## 3. ENSURE CHOCOLATEY IS INSTALLED ##
### Ensure Chocolatey is installed from your internal repository

#### Download the Nupkg, appending .zip to the filename to handle archive cmdlet limitations
if (-not (Get-Command choco.exe -ErrorAction SilentlyContinue)) {
    $TempDirectory = Join-Path $env:Temp "chocolateyInstall"
    if (-not (Test-Path $TempDirectory -PathType Container)) {
        $null = New-Item -Path $TempDirectory -ItemType Directory
    }
    $DownloadedNupkg = Join-Path $TempDirectory "$(Split-Path $ChocolateyDownloadUrl -Leaf).zip"
    Invoke-WebRequest -Uri $ChocolateyDownloadUrl -OutFile $DownloadedNupkg @RequestArguments

    #### Extract the Nupkg, and run the chocolateyInstall script
    if (Get-Command Microsoft.PowerShell.Archive\Expand-Archive -ErrorAction SilentlyContinue) {
        Microsoft.PowerShell.Archive\Expand-Archive -Path $DownloadedNupkg -DestinationPath $TempDirectory -Force
    } else {
        # PowerShell versions <4.0 do not have this function available
        try {
            $shellApplication = New-Object -ComObject Shell.Application
            $zipPackage = $shellApplication.NameSpace($DownloadedNupkg)
            $destinationFolder = $shellApplication.NameSpace($TempDirectory)
            $destinationFolder.CopyHere($zipPackage.Items(), 0x10)
        } catch {
            Write-Warning "Unable to unzip package using built-in compression."
            throw $_
        }
    }

    & $(Join-Path $TempDirectory "tools\chocolateyInstall.ps1")
}

if (-not (Get-Command choco.exe -ErrorAction SilentlyContinue)) {
    refreshenv
}

## 4. CONFIGURE CHOCOLATEY BASELINE ##
### a. FIPS Feature ###
#### If you need FIPS compliance - make this the first thing you configure
#### before you do any additional configuration or package installations
# choco feature enable -n useFipsCompliantChecksums

### b. Apply Recommended Configuration ###
#### Move cache location so Chocolatey is very deterministic about
#### cleaning up temporary data and the location is secured to admins
choco config set --name cacheLocation --value C:\ProgramData\chocolatey\cache

#### Increase timeout to at least 4 hours
choco config set --name commandExecutionTimeoutSeconds --value 14400

#### Turn off download progress when running choco through integrations
choco feature disable --name showDownloadProgress

### c. Sources ###
#### Remove the default community package repository source
choco source list --limitoutput | ConvertFrom-Csv -Header 'Name', 'Location' -Delimiter '|' | ForEach-Object {
    if ($_.Location -eq 'https://community.chocolatey.org/api/v2/') {
        choco source remove -n $_.Name
    }
}

#### Add internal default sources
#### You could have multiple sources here, so we will provide an example
#### of one using the remote repo variable here

#### NOTE: This EXAMPLE may require changes
if ($NugetRepositoryCredential) {
    choco source add --name ChocolateyInternal --source $NugetRepositoryUrl --user $NugetRepositoryCredential.UserName --password $NugetRepositoryCredential.GetNetworkCredential().Password --priority 1
} else {
    choco source add --name ChocolateyInternal --source $NugetRepositoryUrl --priority 1
}

### b. Keep Chocolatey Up To Date ###
#### Keep chocolatey up to date based on your internal source
#### You control the upgrades based on when you push an updated version
####  to your internal repository.
#### Note the source here is to the OData feed, similar to what you see
####  when you browse to https://community.chocolatey.org/api/v2/
choco upgrade chocolatey --confirm

## 5. ENSURE CHOCOLATEY FOR BUSINESS ##
### If you don't have Chocolatey for Business (C4B), you'll want to remove from here down.

### a. Ensure The License File Is Installed ###
#### Create a license package using script from https://docs.chocolatey.org/en-us/how-tos/setup-offline-installation#exercise-4-create-a-package-for-the-license
choco install chocolatey-license --source $NugetRepositoryUrl --confirm

### b. Disable The Licensed Source ###
#### The licensed source cannot be removed, so it must be disabled.
#### This must occur after the license has been set by the license package.
if ("chocolatey-license" -in (choco list --localonly --limitoutput | ConvertFrom-Csv -Header "Name" -Delimiter "|").Name) {
    choco source disable --name chocolatey.licensed
} else {
    Write-Warning "Not disabling 'chocolatey.licensed' feed, as Chocolatey-License has not been installed."
}

### c. Ensure Chocolatey Licensed Extension ###
#### You will have downloaded the licensed extension to your internal repository
#### as you have disabled the licensed repository in step 5b.

#### Ensure the chocolatey.extension package (aka Chocolatey Licensed Extension)
if ("chocolatey-license" -in (choco list --localonly --limitoutput | ConvertFrom-Csv -Header "Name" -Delimiter "|").Name) {
    choco install chocolatey.extension --source $NugetRepositoryUrl --confirm
} else {
    Write-Warning "Not installing 'chocolatey.extension', as Chocolatey-License has not been installed."
}

#### The Chocolatey Licensed Extension unlocks all of the following, which also have configuration/feature items available with them. You may want to visit the feature pages to see what you might want to also enable:
#### - Package Builder - https://docs.chocolatey.org/en-us/features/paid/package-builder
#### - Package Internalizer - https://docs.chocolatey.org/en-us/features/paid/package-internalizer
#### - Package Synchronization (3 components) - https://docs.chocolatey.org/en-us/features/paid/package-synchronization
#### - Package Reducer - https://docs.chocolatey.org/en-us/features/paid/package-reducer
#### - Package Audit - https://docs.chocolatey.org/en-us/features/paid/package-audit
#### - Package Throttle - https://docs.chocolatey.org/en-us/features/paid/package-throttle
#### - CDN Cache Access - https://docs.chocolatey.org/en-us/features/paid/private-cdn
#### - Branding - https://docs.chocolatey.org/en-us/features/paid/branding
#### - Self-Service Anywhere (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/self-service-anywhere
#### - Chocolatey Central Management (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/chocolatey-central-management
#### - Other - https://docs.chocolatey.org/en-us/features/paid/

### d. Ensure Self-Service Anywhere ###
#### If you have desktop clients where users are not administrators, you may
#### to take advantage of deploying and configuring Self-Service anywhere
choco feature disable --name showNonElevatedWarnings
choco feature enable --name useBackgroundService
choco feature enable --name useBackgroundServiceWithNonAdministratorsOnly
choco feature enable --name allowBackgroundServiceUninstallsFromUserInstallsOnly
choco config set --name allowedBackgroundServiceCommands --value "install,upgrade,uninstall"

### e. Ensure Chocolatey Central Management ###
#### If you want to manage and report on endpoints, you can set up and configure
### Central Management. There are multiple portions to manage, so you'll see
### a section on agents here along with notes on how to configure the server
### side components.
if ($ChocolateyCentralManagementUrl) {
    choco install chocolatey-agent --source $NugetRepositoryUrl --confirm
    choco config set --name CentralManagementServiceUrl --value $ChocolateyCentralManagementUrl
    if ($ChocolateyCentralManagementClientSalt) {
        choco config set --name centralManagementClientCommunicationSaltAdditivePassword --value $ChocolateyCentralManagementClientSalt
    }
    if ($ChocolateyCentralManagementServiceSalt) {
        choco config set --name centralManagementServiceCommunicationSaltAdditivePassword --value $ChocolateyCentralManagementServiceSalt
    }
    choco feature enable --name useChocolateyCentralManagement
    choco feature enable --name useChocolateyCentralManagementDeployments
}

See docs at https://docs.ansible.com/ansible/latest/modules/win_chocolatey_module.html.

If Applicable - Chocolatey Configuration/Installation


## 1. REQUIREMENTS ##
### Here are the requirements necessary to ensure this is successful.

### a. Internal/Private Cloud Repository Set Up ###
#### You'll need an internal/private cloud repository you can use. These are
####  generally really quick to set up and there are quite a few options.
####  Chocolatey Software recommends Nexus, Artifactory Pro, or ProGet as they
####  are repository servers and will give you the ability to manage multiple
####  repositories and types from one server installation.

### b. Download Chocolatey Package and Put on Internal Repository ###
#### You need to have downloaded the Chocolatey package as well.
####  Please see https://chocolatey.org/install#organization

### c. Other Requirements ###
#### i. chocolatey.chocolatey
##### You will require the chocolatey.chocolatey collection to be installed
##### on all machines using this playbook.
##### Please see https://github.com/chocolatey/chocolatey-ansible/#installing-the-collection-from-ansible-galaxy

- name: Install and Configure Chocolatey
  hosts: all

## 2. TOP LEVEL VARIABLES ##
  vars:

### a. Your internal repository url (the main one). ###
####  Should be similar to what you see when you browse
#### to https://community.chocolatey.org/api/v2/
    nuget_repository_url: INTERNAL REPO URL

### b. Internal Repository Credential ###
#### If required, add the repository access credential here and
#### uncomment lines with source_username and source_password below
#    nuget_repository_username: username
#    nuget_repository_password: password

### c. Chocolatey Central Management (CCM) ###
#### If using CCM to manage Chocolatey, add the following:
#### i. Endpoint URL for CCM
#    chocolatey_central_management_url: https://chocolatey-central-management:24020/ChocolateyManagementService

#### ii. If using a Client Salt, add it here
#    chocolatey_central_management_client_salt: clientsalt

#### iii. If using a Service Salt, add it here
#    chocolatey_central_management_service_salt: servicesalt

## 3. ENSURE CHOCOLATEY IS INSTALLED ##
### Ensure Chocolatey is installed from your internal repository

  tasks:
  - name: Install chocolatey
    win_chocolatey:
      name: chocolatey
      source: ""{{ nuget_repository_url }}""
      # source_username: ""{{ nuget_repository_username }}""
      # source_password: ""{{ nuget_repository_password }}""

## 4. CONFIGURE CHOCOLATEY BASELINE ##
### a. FIPS Feature ###
#### If you need FIPS compliance - make this the first thing you configure
#### before you do any additional configuration or package installations
#   - name: Enable FIPS compliance
#     win_chocolatey_feature:
#       name: useFipsCompliantChecksums
#       state: enabled

### b. Apply Recommended Configuration ###

#### Move cache location so Chocolatey is very deterministic about
#### cleaning up temporary data and the location is secured to admins
  - name: Set the cache location
    win_chocolatey_config:
      name: cacheLocation
      state: present
      value: C:\ProgramData\chocolatey\cache

#### Increase timeout to at least 4 hours
  - name: Set the command execution timeout
    win_chocolatey_config:
      name: commandExecutionTimeoutSeconds
      state: present
      value: 14400

#### Turn off download progress when running choco through integrations
  - name: Disable showing download progress
    win_chocolatey_feature:
      name: showDownloadProgress
      state: disabled

### c. Sources ###
#### Remove the default community package repository source
  - name: Remove Chocolatey Community Repository
    win_chocolatey_source:
      name: chocolatey
      state: absent

#### Add internal default sources
#### You could have multiple sources here, so we will provide an example
#### of one using the remote repo variable here
#### NOTE: This EXAMPLE may require changes
  - name: Add Internal Repository
    win_chocolatey_source:
      name: ChocolateyInternal
      state: present
      source: {{ nuget_repository_url }}
      # source_username: {{ nuget_repository_username }}
      # source_password: {{ nuget_repository_password }}
      priority: 1

### b. Keep Chocolatey Up To Date ###
#### Keep chocolatey up to date based on your internal source
#### You control the upgrades based on when you push an updated version
####  to your internal repository.
#### Note the source here is to the OData feed, similar to what you see
####  when you browse to https://community.chocolatey.org/api/v2/
  - name: Upgrade Chocolatey
    win_chocolatey:
      name: chocolatey
      state: latest

## 5. ENSURE CHOCOLATEY FOR BUSINESS ##
### If you don't have Chocolatey for Business (C4B), you'll want to remove from here down.
### a. Ensure The License File Is Installed ###
#### Create a license package using script from https://docs.chocolatey.org/en-us/how-tos/setup-offline-installation#exercise-4-create-a-package-for-the-license
  - name: Install Chocolatey License
    win_chocolatey:
      name: chocolatey-license
      source: ChocolateyInternal
      state: latest

### b. Disable The Licensed Source ###
#### The licensed source cannot be removed, so it must be disabled.
#### This must occur after the license has been set by the license package.
  - name: Disable Chocolatey Community Repository
    win_chocolatey_source:
      name: chocolatey.licensed
      state: disabled

### c. Ensure Chocolatey Licensed Extension ###
#### You will have downloaded the licensed extension to your internal repository
#### as you have disabled the licensed repository in step 5b.

#### Ensure the chocolatey.extension package (aka Chocolatey Licensed Extension)
  - name: Install Chocolatey Extension
    win_chocolatey:
      name: chocolatey.extension
      source: ChocolateyInternal
      state: latest

#### The Chocolatey Licensed Extension unlocks all of the following, which also have configuration/feature items available with them. You may want to visit the feature pages to see what you might want to also enable:
#### - Package Builder - https://docs.chocolatey.org/en-us/features/paid/package-builder
#### - Package Internalizer - https://docs.chocolatey.org/en-us/features/paid/package-internalizer
#### - Package Synchronization (3 components) - https://docs.chocolatey.org/en-us/features/paid/package-synchronization
#### - Package Reducer - https://docs.chocolatey.org/en-us/features/paid/package-reducer
#### - Package Audit - https://docs.chocolatey.org/en-us/features/paid/package-audit
#### - Package Throttle - https://docs.chocolatey.org/en-us/features/paid/package-throttle
#### - CDN Cache Access - https://docs.chocolatey.org/en-us/features/paid/private-cdn
#### - Branding - https://docs.chocolatey.org/en-us/features/paid/branding
#### - Self-Service Anywhere (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/self-service-anywhere
#### - Chocolatey Central Management (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/chocolatey-central-management
#### - Other - https://docs.chocolatey.org/en-us/features/paid/

### d. Ensure Self-Service Anywhere ###
#### If you have desktop clients where users are not administrators, you may
#### to take advantage of deploying and configuring Self-Service anywhere
  - name: Hide not-elevated warnings
    win_chocolatey_feature:
      name: showNonElevatedWarnings
      state: disabled

  - name: Use background mode for self-service
    win_chocolatey_feature:
      name: useBackgroundService
      state: enabled

  - name: Use background service for non-admins
    win_chocolatey_feature:
      name: useBackgroundServiceWithNonAdministratorsOnly
      state: enabled

  - name: Allow background uninstallation for user installs
    win_chocolatey_feature:
      name: allowBackgroundServiceUninstallsFromUserInstallsOnly
      state: enabled

  - name: Set allowed background service commands
    win_chocolatey_config:
      name: backgroundServiceAllowedCommands
      state: present
      value: install,upgrade,uninstall

### e. Ensure Chocolatey Central Management ###
#### If you want to manage and report on endpoints, you can set up and configure
### Central Management. There are multiple portions to manage, so you'll see
### a section on agents here along with notes on how to configure the server
### side components.
  - name: Install Chocolatey Agent
    when: chocolatey_central_management_url is defined
    win_chocolatey:
      name: chocolatey-agent
      source: ChocolateyInternal
      state: latest

  - name: Set the Central Management Service URL
    when: chocolatey_central_management_url is defined
    win_chocolatey_config:
      name: CentralManagementServiceUrl
      state: present
      value: {{ chocolatey_central_management_url }}

  - name: Set the Central Management Client Salt
    when: chocolatey_central_management_client_salt is defined
    win_chocolatey_config:
      name: centralManagementClientCommunicationSaltAdditivePassword
      state: present
      value: {{ chocolatey_central_management_client_salt }}

  - name: Set the Central Management Service Salt
    when: chocolatey_central_management_service_salt is defined
    win_chocolatey_config:
      name: centralManagementServiceCommunicationSaltAdditivePassword
      state: present
      value: {{ chocolatey_central_management_service_salt }}

  - name: Use Central Management
    when: chocolatey_central_management_url is defined
    win_chocolatey_feature:
      name: useChocolateyCentralManagement
      state: enabled

  - name: Use Central Management Deployments
    when: chocolatey_central_management_url is defined
    win_chocolatey_feature:
      name: useChocolateyCentralManagementDeployments
      state: enabled

See docs at https://docs.chef.io/resource_chocolatey_package.html.

If Applicable - Chocolatey Configuration/Installation


## 1. REQUIREMENTS ##
### Here are the requirements necessary to ensure this is successful.

### a. Internal/Private Cloud Repository Set Up ###
#### You'll need an internal/private cloud repository you can use. These are
####  generally really quick to set up and there are quite a few options.
####  Chocolatey Software recommends Nexus, Artifactory Pro, or ProGet as they
####  are repository servers and will give you the ability to manage multiple
####  repositories and types from one server installation.

### b. Download Chocolatey Package and Put on Internal Repository ###
#### You need to have downloaded the Chocolatey package as well.
####  Please see https://chocolatey.org/install#organization

### c. Other Requirements ###
#### The Chocolatey resources are available with any recent version of Chef.
#### We utilise the Chocolatey recipe to install the Chocolatey binaries.
include_recipe "chocolatey"

## 2. TOP LEVEL VARIABLES ##
### a. Your internal repository url (the main one). ###
####  Should be similar to what you see when you browse
#### to https://community.chocolatey.org/api/v2/
NugetRepositoryUrl = "INTERNAL REPO URL"

### b. Internal Repository Credential ###
#### If required, add the repository access credential here
# NugetRepositoryUsername = "username"
# NugetRepositoryPassword = "password"

### c. Chocolatey nupkg download url ###
#### This url should result in an immediate download when you navigate to it in
#### a web browser
ChocolateyNupkgUrl = "INTERNAL REPO URL/package/chocolatey.2.2.2.nupkg",

### d. Chocolatey Central Management (CCM) ###
#### If using CCM to manage Chocolatey, add the following:
#### i. Endpoint URL for CCM
# ChocolateyCentralManagementUrl = "https://chocolatey-central-management:24020/ChocolateyManagementService"

#### ii. If using a Client Salt, add it here
# ChocolateyCentralManagementClientSalt = "clientsalt"

#### iii. If using a Service Salt, add it here
# ChocolateyCentralManagementServiceSalt = "servicesalt"

## 3. ENSURE CHOCOLATEY IS INSTALLED ##
### Ensure Chocolatey is installed from your internal repository
node['chocolatey']['install vars'] = {
  'chocolateyDownloadUrl' => "#{ChocolateyNupkgUrl}",
}

## 4. CONFIGURE CHOCOLATEY BASELINE ##
### a. FIPS Feature ###
#### If you need FIPS compliance - make this the first thing you configure
#### before you do any additional configuration or package installations
# chocolatey_feature 'useFipsCompliantChecksums' do
#   action :enable
# end

### b. Apply Recommended Configuration ###

#### Move cache location so Chocolatey is very deterministic about
#### cleaning up temporary data and the location is secured to admins
chocolatey_config 'cacheLocation' do
  value 'C:\ProgramData\chocolatey\cache'
end

#### Increase timeout to at least 4 hours
chocolatey_config 'commandExecutionTimeoutSeconds' do
  value '14400'
end

#### Turn off download progress when running choco through integrations
chocolatey_feature 'showDownloadProgress' do
  action :disable
end

### c. Sources ###
#### Remove the default community package repository source
chocolatey_source 'chocolatey' do
  action :remove
end

#### Add internal default sources
#### You could have multiple sources here, so we will provide an example
#### of one using the remote repo variable here

#### NOTE: This EXAMPLE may require changes
chocolatey_source 'ChocolateyInternal' do
  source "#{NugetRepositoryUrl}"
  priority 1
  action   :add
end

execute 'ChocolateyInternal' do
  command "choco source add --name ChocolateyInternal -s #{NugetRepositoryUrl} -u=#{NugetRepositoryUsername} -p=#{NugetRepositoryPassword} --priority=1"
  only_if { NugetRepositoryUsername != nil || NugetRepositoryPassword != nil }
end

### b. Keep Chocolatey Up To Date ###
#### Keep chocolatey up to date based on your internal source
#### You control the upgrades based on when you push an updated version
####  to your internal repository.
#### Note the source here is to the OData feed, similar to what you see
####  when you browse to https://community.chocolatey.org/api/v2/
chocolatey_package 'chocolatey' do
  action :upgrade
  source "#{NugetRepositoryUrl}"
end

## 5. ENSURE CHOCOLATEY FOR BUSINESS ##
### If you don't have Chocolatey for Business (C4B), you'll want to remove from here down.

### a. Ensure The License File Is Installed ###
#### Create a license package using script from https://docs.chocolatey.org/en-us/how-tos/setup-offline-installation#exercise-4-create-a-package-for-the-license
chocolatey_package 'chocolatey-license' do
  action :install
  source "#{NugetRepositoryUrl}"
end

### b. Disable The Licensed Source ###
#### The licensed source cannot be removed, so it must be disabled.
#### This must occur after the license has been set by the license package.
chocolatey_source 'chocolatey.licensed' do
  action            :disable
end

### c. Ensure Chocolatey Licensed Extension ###
#### You will have downloaded the licensed extension to your internal repository
#### as you have disabled the licensed repository in step 5b.

#### Ensure the chocolatey.extension package (aka Chocolatey Licensed Extension)
chocolatey_package 'chocolatey.extention' do
  action     install
  source     "#{NugetRepositoryUrl}"
end

#### The Chocolatey Licensed Extension unlocks all of the following, which also have configuration/feature items available with them. You may want to visit the feature pages to see what you might want to also enable:
#### - Package Builder - https://docs.chocolatey.org/en-us/features/paid/package-builder
#### - Package Internalizer - https://docs.chocolatey.org/en-us/features/paid/package-internalizer
#### - Package Synchronization (3 components) - https://docs.chocolatey.org/en-us/features/paid/package-synchronization
#### - Package Reducer - https://docs.chocolatey.org/en-us/features/paid/package-reducer
#### - Package Audit - https://docs.chocolatey.org/en-us/features/paid/package-audit
#### - Package Throttle - https://docs.chocolatey.org/en-us/features/paid/package-throttle
#### - CDN Cache Access - https://docs.chocolatey.org/en-us/features/paid/private-cdn
#### - Branding - https://docs.chocolatey.org/en-us/features/paid/branding
#### - Self-Service Anywhere (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/self-service-anywhere
#### - Chocolatey Central Management (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/chocolatey-central-management
#### - Other - https://docs.chocolatey.org/en-us/features/paid/

### d. Ensure Self-Service Anywhere ###
#### If you have desktop clients where users are not administrators, you may
#### to take advantage of deploying and configuring Self-Service anywhere
chocolatey_feature 'showNonElevatedWarnings' do
  action :disable
end

chocolatey_feature 'useBackgroundService' do
  action :enable
end

chocolatey_feature 'useBackgroundServiceWithNonAdministratorsOnly' do
  action :enable
end

chocolatey_feature 'allowBackgroundServiceUninstallsFromUserInstallsOnly' do
  action :enable
end

chocolatey_config 'backgroundServiceAllowedCommands' do
  value 'install,upgrade,uninstall'
end

### e. Ensure Chocolatey Central Management ###
#### If you want to manage and report on endpoints, you can set up and configure
### Central Management. There are multiple portions to manage, so you'll see
### a section on agents here along with notes on how to configure the server
### side components.
chocolatey_package 'chocolatey-agent' do
  action     install
  source     "#{NugetRepositoryUrl}"
  # user       "#{NugetRepositoryUsername}"
  # password   "#{NugetRepositoryPassword}"
  only_if { ChocolateyCentralManagementUrl != nil }
end

chocolatey_config 'CentralManagementServiceUrl' do
  value  "#{ChocolateyCentralManagementUrl}"
  only_if { ChocolateyCentralManagementUrl != nil }
end

chocolatey_config 'centralManagementClientCommunicationSaltAdditivePassword' do
  value   "#{ChocolateyCentralManagementClientSalt}"
  only_if { ChocolateyCentralManagementClientSalt != nil }
end

chocolatey_config 'centralManagementServiceCommunicationSaltAdditivePassword' do
  value   "#{ChocolateyCentralManagementServiceSalt}"
  only_if { ChocolateyCentralManagementServiceSalt != nil }
end

chocolatey_feature 'useChocolateyCentralManagement' do
  action :enable
  only_if { ChocolateyCentralManagementUrl != nil }
end

chocolatey_feature 'useChocolateyCentralManagementDeployments' do
  action :enable
  only_if { ChocolateyCentralManagementUrl != nil }
end

Requires cChoco DSC Resource. See docs at https://github.com/chocolatey/cChoco.

If Applicable - Chocolatey Configuration/Installation


#requires -Modules cChoco
## 1. REQUIREMENTS ##
### Here are the requirements necessary to ensure this is successful.

### a. Internal/Private Cloud Repository Set Up ###
#### You'll need an internal/private cloud repository you can use. These are
####  generally really quick to set up and there are quite a few options.
####  Chocolatey Software recommends Nexus, Artifactory Pro, or ProGet as they
####  are repository servers and will give you the ability to manage multiple
####  repositories and types from one server installation.

### b. Download Chocolatey Package and Put on Internal Repository ###
#### You need to have downloaded the Chocolatey package as well.
####  Please see https://chocolatey.org/install#organization

### c. Other Requirements ###
#### i. Requires chocolatey\cChoco DSC module to be installed on the machine compiling the DSC manifest
#### NOTE: This will need to be installed before running the DSC portion of this script
if (-not (Get-Module cChoco -ListAvailable)) {
    $null = Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
    if (($PSGallery = Get-PSRepository -Name PSGallery).InstallationPolicy -ne "Trusted") {
        Set-PSRepository -Name PSGallery -InstallationPolicy Trusted
    }
    Install-Module -Name cChoco
    if ($PSGallery.InstallationPolicy -ne "Trusted") {
        Set-PSRepository -Name PSGallery -InstallationPolicy $PSGallery.InstallationPolicy
    }
}

#### ii. Requires a hosted copy of the install.ps1 script
##### This should be available to download without authentication.
##### The original script can be found here: https://community.chocolatey.org/install.ps1

Configuration ChocolateyConfig {
## 2. TOP LEVEL VARIABLES ##
    param(
### a. Your internal repository url (the main one). ###
####  Should be similar to what you see when you browse
#### to https://community.chocolatey.org/api/v2/
        $NugetRepositoryUrl      = "INTERNAL REPO URL",

### b. Chocolatey nupkg download url ###
#### This url should result in an immediate download when you navigate to it in
#### a web browser
        $ChocolateyNupkgUrl      = "INTERNAL REPO URL/package/chocolatey.2.2.2.nupkg",

### c. Internal Repository Credential ###
#### If required, add the repository access credential here
#        $NugetRepositoryCredential = [PSCredential]::new(
#            "username",
#            ("password" | ConvertTo-SecureString -AsPlainText -Force)
#        ),

### d. Install.ps1 URL
#### The path to the hosted install script:
        $ChocolateyInstallPs1Url = "https://community.chocolatey.org/install.ps1"

### e. Chocolatey Central Management (CCM) ###
#### If using CCM to manage Chocolatey, add the following:
#### i. Endpoint URL for CCM
#        $ChocolateyCentralManagementUrl = "https://chocolatey-central-management:24020/ChocolateyManagementService",

#### ii. If using a Client Salt, add it here
#        $ChocolateyCentralManagementClientSalt = "clientsalt",

#### iii. If using a Service Salt, add it here
#        $ChocolateyCentralManagementServiceSalt = "servicesalt"
    )
    Import-DscResource -ModuleName PSDesiredStateConfiguration
    Import-DscResource -ModuleName cChoco

    Node 'localhost' {
## 3. ENSURE CHOCOLATEY IS INSTALLED ##
### Ensure Chocolatey is installed from your internal repository
        Environment chocoDownloadUrl {
            Name  = "chocolateyDownloadUrl"
            Value = $ChocolateyNupkgUrl
        }

        cChocoInstaller installChocolatey {
            DependsOn = "[Environment]chocoDownloadUrl"
            InstallDir = Join-Path $env:ProgramData "chocolatey"
            ChocoInstallScriptUrl = $ChocolateyInstallPs1Url
        }

## 4. CONFIGURE CHOCOLATEY BASELINE ##
### a. FIPS Feature ###
#### If you need FIPS compliance - make this the first thing you configure
#### before you do any additional configuration or package installations
#        cChocoFeature featureFipsCompliance {
#            FeatureName = "useFipsCompliantChecksums"
#        }

### b. Apply Recommended Configuration ###

#### Move cache location so Chocolatey is very deterministic about
#### cleaning up temporary data and the location is secured to admins
        cChocoConfig cacheLocation {
            DependsOn  = "[cChocoInstaller]installChocolatey"
            ConfigName = "cacheLocation"
            Value      = "C:\ProgramData\chocolatey\cache"
        }

#### Increase timeout to at least 4 hours
        cChocoConfig commandExecutionTimeoutSeconds {
            DependsOn  = "[cChocoInstaller]installChocolatey"
            ConfigName = "commandExecutionTimeoutSeconds"
            Value      = 14400
        }

#### Turn off download progress when running choco through integrations
        cChocoFeature showDownloadProgress {
            DependsOn   = "[cChocoInstaller]installChocolatey"
            FeatureName = "showDownloadProgress"
            Ensure      = "Absent"
        }

### c. Sources ###
#### Remove the default community package repository source
        cChocoSource removeCommunityRepository {
            DependsOn  = "[cChocoInstaller]installChocolatey"
            Name       = "chocolatey"
            Ensure     = "Absent"
        }

#### Add internal default sources
#### You could have multiple sources here, so we will provide an example
#### of one using the remote repo variable here.
#### NOTE: This EXAMPLE may require changes
        cChocoSource addInternalSource {
            DependsOn  = "[cChocoInstaller]installChocolatey"
            Name        = "ChocolateyInternal"
            Source      = $NugetRepositoryUrl
            Credentials = $NugetRepositoryCredential
            Priority    = 1
        }

### b. Keep Chocolatey Up To Date ###
#### Keep chocolatey up to date based on your internal source
#### You control the upgrades based on when you push an updated version
####  to your internal repository.
#### Note the source here is to the OData feed, similar to what you see
####  when you browse to https://community.chocolatey.org/api/v2/
        cChocoPackageInstaller updateChocolatey {
            DependsOn   = "[cChocoSource]addInternalSource", "[cChocoSource]removeCommunityRepository"
            Name        = "chocolatey"
            AutoUpgrade = $true
        }

## 5. ENSURE CHOCOLATEY FOR BUSINESS ##
### If you don't have Chocolatey for Business (C4B), you'll want to remove from here down.

### a. Ensure The License File Is Installed ###
#### Create a license package using script from https://docs.chocolatey.org/en-us/how-tos/setup-offline-installation#exercise-4-create-a-package-for-the-license
        cChocoPackageInstaller chocolateyLicense {
            DependsOn = "[cChocoPackageInstaller]updateChocolatey"
            Name      = "chocolatey-license"
        }

### b. Disable The Licensed Source ###
#### The licensed source cannot be removed, so it must be disabled.
#### This must occur after the license has been set by the license package.
        Script disableLicensedSource {
            DependsOn  = "[cChocoPackageInstaller]chocolateyLicense"
            GetScript  = {
                $Source = choco source list --limitoutput | `
                    ConvertFrom-Csv -Delimiter '|' -Header Name, Source, Disabled | `
                    Where-Object Name -eq "chocolatey.licensed"

                return @{
                    Result = if ($Source) {
                        [bool]::Parse($Source.Disabled)
                    } else {
                        Write-Warning "Source 'chocolatey.licensed' was not present."
                        $true  # Source does not need disabling
                    }
                }
            }
            SetScript  = {
                $null = choco source disable --name "chocolatey.licensed"
            }
            TestScript = {
                $State = [ScriptBlock]::Create($GetScript).Invoke()
                return $State.Result
            }
        }

### c. Ensure Chocolatey Licensed Extension ###
#### You will have downloaded the licensed extension to your internal repository
#### as you have disabled the licensed repository in step 5b.

#### Ensure the chocolatey.extension package (aka Chocolatey Licensed Extension)
        cChocoPackageInstaller chocolateyLicensedExtension {
            DependsOn = "[Script]disableLicensedSource"
            Name      = "chocolatey.extension"
        }

#### The Chocolatey Licensed Extension unlocks all of the following, which also have configuration/feature items available with them. You may want to visit the feature pages to see what you might want to also enable:
#### - Package Builder - https://docs.chocolatey.org/en-us/features/paid/package-builder
#### - Package Internalizer - https://docs.chocolatey.org/en-us/features/paid/package-internalizer
#### - Package Synchronization (3 components) - https://docs.chocolatey.org/en-us/features/paid/package-synchronization
#### - Package Reducer - https://docs.chocolatey.org/en-us/features/paid/package-reducer
#### - Package Audit - https://docs.chocolatey.org/en-us/features/paid/package-audit
#### - Package Throttle - https://docs.chocolatey.org/en-us/features/paid/package-throttle
#### - CDN Cache Access - https://docs.chocolatey.org/en-us/features/paid/private-cdn
#### - Branding - https://docs.chocolatey.org/en-us/features/paid/branding
#### - Self-Service Anywhere (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/self-service-anywhere
#### - Chocolatey Central Management (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/chocolatey-central-management
#### - Other - https://docs.chocolatey.org/en-us/features/paid/

### d. Ensure Self-Service Anywhere ###
#### If you have desktop clients where users are not administrators, you may
#### to take advantage of deploying and configuring Self-Service anywhere
        cChocoFeature hideElevatedWarnings {
            DependsOn   = "[cChocoPackageInstaller]chocolateyLicensedExtension"
            FeatureName = "showNonElevatedWarnings"
            Ensure      = "Absent"
        }

        cChocoFeature useBackgroundService {
            DependsOn   = "[cChocoPackageInstaller]chocolateyLicensedExtension"
            FeatureName = "useBackgroundService"
            Ensure      = "Present"
        }

        cChocoFeature useBackgroundServiceWithNonAdmins {
            DependsOn   = "[cChocoPackageInstaller]chocolateyLicensedExtension"
            FeatureName = "useBackgroundServiceWithNonAdministratorsOnly"
            Ensure      = "Present"
        }

        cChocoFeature useBackgroundServiceUninstallsForUserInstalls {
            DependsOn   = "[cChocoPackageInstaller]chocolateyLicensedExtension"
            FeatureName = "allowBackgroundServiceUninstallsFromUserInstallsOnly"
            Ensure      = "Present"
        }

        cChocoConfig allowedBackgroundServiceCommands {
            DependsOn   = "[cChocoFeature]useBackgroundService"
            ConfigName = "backgroundServiceAllowedCommands"
            Value       = "install,upgrade,uninstall"
        }

### e. Ensure Chocolatey Central Management ###
#### If you want to manage and report on endpoints, you can set up and configure
### Central Management. There are multiple portions to manage, so you'll see
### a section on agents here along with notes on how to configure the server
### side components.
        if ($ChocolateyCentralManagementUrl) {
            cChocoPackageInstaller chocolateyAgent {
                DependsOn = "[cChocoPackageInstaller]chocolateyLicensedExtension"
                Name      = "chocolatey-agent"
            }

            cChocoConfig centralManagementServiceUrl {
                DependsOn   = "[cChocoPackageInstaller]chocolateyAgent"
                ConfigName = "CentralManagementServiceUrl"
                Value       = $ChocolateyCentralManagementUrl
            }

            if ($ChocolateyCentralManagementClientSalt) {
                cChocoConfig centralManagementClientSalt {
                    DependsOn  = "[cChocoPackageInstaller]chocolateyAgent"
                    ConfigName = "centralManagementClientCommunicationSaltAdditivePassword"
                    Value      = $ChocolateyCentralManagementClientSalt
                }
            }

            if ($ChocolateyCentralManagementServiceSalt) {
                cChocoConfig centralManagementServiceSalt {
                    DependsOn  = "[cChocoPackageInstaller]chocolateyAgent"
                    ConfigName = "centralManagementServiceCommunicationSaltAdditivePassword"
                    Value      = $ChocolateyCentralManagementServiceSalt
                }
            }

            cChocoFeature useCentralManagement {
                DependsOn   = "[cChocoPackageInstaller]chocolateyAgent"
                FeatureName = "useChocolateyCentralManagement"
                Ensure      = "Present"
            }

            cChocoFeature useCentralManagementDeployments {
                DependsOn   = "[cChocoPackageInstaller]chocolateyAgent"
                FeatureName = "useChocolateyCentralManagementDeployments"
                Ensure      = "Present"
            }
        }
    }
}

# If working this into an existing configuration with a good method for
$ConfigData = @{
    AllNodes = @(
        @{
            NodeName                    = "localhost"
            PSDscAllowPlainTextPassword = $true
        }
    )
}

try {
    Push-Location $env:Temp
    $Config = ChocolateyConfig -ConfigurationData $ConfigData
    Start-DscConfiguration -Path $Config.PSParentPath -Wait -Verbose -Force
} finally {
    Pop-Location
}

Requires Puppet Chocolatey Provider module. See docs at https://forge.puppet.com/puppetlabs/chocolatey.

If Applicable - Chocolatey Configuration/Installation


## 1. REQUIREMENTS ##
### Here are the requirements necessary to ensure this is successful.

### a. Internal/Private Cloud Repository Set Up ###
#### You'll need an internal/private cloud repository you can use. These are
####  generally really quick to set up and there are quite a few options.
####  Chocolatey Software recommends Nexus, Artifactory Pro, or ProGet as they
####  are repository servers and will give you the ability to manage multiple
####  repositories and types from one server installation.

### b. Download Chocolatey Package and Put on Internal Repository ###
#### You need to have downloaded the Chocolatey package as well.
####  Please see https://chocolatey.org/install#organization

### c. Other Requirements ###
#### i. Requires puppetlabs/chocolatey module
####  See https://forge.puppet.com/puppetlabs/chocolatey


## 2. TOP LEVEL VARIABLES ##
### a. Your internal repository url (the main one). ###
####  Should be similar to what you see when you browse
#### to https://community.chocolatey.org/api/v2/
$_repository_url = 'INTERNAL REPO URL'

### b. Chocolatey nupkg download url ###
#### This url should result in an immediate download when you navigate to it in
#### a web browser
$_choco_download_url = 'INTERNAL REPO URL/package/chocolatey.2.2.2.nupkg'

### c. Chocolatey Central Management (CCM) ###
#### If using CCM to manage Chocolatey, add the following:
#### i. Endpoint URL for CCM
# $_chocolatey_central_management_url = 'https://chocolatey-central-management:24020/ChocolateyManagementService'

#### ii. If using a Client Salt, add it here
# $_chocolatey_central_management_client_salt = "clientsalt"

#### iii. If using a Service Salt, add it here
# $_chocolatey_central_management_service_salt = 'servicesalt'


## 3. ENSURE CHOCOLATEY IS INSTALLED ##
### Ensure Chocolatey is installed from your internal repository
### Note: `chocolatey_download_url is completely different than normal
###  source locations. This is directly to the bare download url for the
###  chocolatey.nupkg, similar to what you see when you browse to
###  https://community.chocolatey.org/api/v2/package/chocolatey
class {'chocolatey':
  chocolatey_download_url => $_choco_download_url,
  use_7zip                => false,
}


## 4. CONFIGURE CHOCOLATEY BASELINE ##
### a. FIPS Feature ###
#### If you need FIPS compliance - make this the first thing you configure
#### before you do any additional configuration or package installations

#chocolateyfeature {'useFipsCompliantChecksums':
#  ensure => enabled,
#}

### b. Apply Recommended Configuration ###

#### Move cache location so Chocolatey is very deterministic about
#### cleaning up temporary data and the location is secured to admins
chocolateyconfig {'cacheLocation':
  value => 'C:\ProgramData\chocolatey\cache',
}

#### Increase timeout to at least 4 hours
chocolateyconfig {'commandExecutionTimeoutSeconds':
  value => '14400',
}

#### Turn off download progress when running choco through integrations
chocolateyfeature {'showDownloadProgress':
  ensure => disabled,
}

### c. Sources ###
#### Remove the default community package repository source
chocolateysource {'chocolatey':
  ensure   => absent,
  location => 'https://community.chocolatey.org/api/v2/',
}

#### Add internal default sources
#### You could have multiple sources here, so we will provide an example
#### of one using the remote repo variable here

#### NOTE: This EXAMPLE requires changes
chocolateysource {'internal_chocolatey':
  ensure             => present,
  location           => $_repository_url,
  priority           => 1,
  username           => 'optional',
  password           => 'optional,not ensured',
  bypass_proxy       => true,
  admin_only         => false,
  allow_self_service => false,
}

### b. Keep Chocolatey Up To Date ###
#### Keep chocolatey up to date based on your internal source
#### You control the upgrades based on when you push an updated version
####  to your internal repository.
#### Note the source here is to the OData feed, similar to what you see
####  when you browse to https://community.chocolatey.org/api/v2/

package {'chocolatey':
  ensure   => latest,
  provider => chocolatey,
  source   => $_repository_url,
}


## 5. ENSURE CHOCOLATEY FOR BUSINESS ##
### If you don't have Chocolatey for Business (C4B), you'll want to remove from here down.

### a. Ensure The License File Is Installed ###
#### Create a license package using script from https://docs.chocolatey.org/en-us/guides/organizations/organizational-deployment-guide#exercise-4-create-a-package-for-the-license

# TODO: Add resource for installing/ensuring the chocolatey-license package
package {'chocolatey-license':
  ensure   => latest,
  provider => chocolatey,
  source   => $_repository_url,
}

### b. Disable The Licensed Source ###
#### The licensed source cannot be removed, so it must be disabled.
#### This must occur after the license has been set by the license package.
## Disabled sources still need all other attributes until
## https://tickets.puppetlabs.com/browse/MODULES-4449 is resolved.
## Password is necessary with user, but not ensurable, so it should not
## matter what it is set to here. If you ever do get into trouble here,
## the password is your license GUID.
chocolateysource {'chocolatey.licensed':
  ensure   => disabled,
  priority => '10',
  user     => 'customer',
  password => '1234',
  require  => Package['chocolatey-license'],
}

### c. Ensure Chocolatey Licensed Extension ###
#### You will have downloaded the licensed extension to your internal repository
#### as you have disabled the licensed repository in step 5b.

#### Ensure the chocolatey.extension package (aka Chocolatey Licensed Extension)
package {'chocolatey.extension':
  ensure   => latest,
  provider => chocolatey,
  source   => $_repository_url,
  require  => Package['chocolatey-license'],
}

#### The Chocolatey Licensed Extension unlocks all of the following, which also have configuration/feature items available with them. You may want to visit the feature pages to see what you might want to also enable:
#### - Package Builder - https://docs.chocolatey.org/en-us/features/paid/package-builder
#### - Package Internalizer - https://docs.chocolatey.org/en-us/features/paid/package-internalizer
#### - Package Synchronization (3 components) - https://docs.chocolatey.org/en-us/features/paid/package-synchronization
#### - Package Reducer - https://docs.chocolatey.org/en-us/features/paid/package-reducer
#### - Package Audit - https://docs.chocolatey.org/en-us/features/paid/package-audit
#### - Package Throttle - https://docs.chocolatey.org/en-us/features/paid/package-throttle
#### - CDN Cache Access - https://docs.chocolatey.org/en-us/features/paid/private-cdn
#### - Branding - https://docs.chocolatey.org/en-us/features/paid/branding
#### - Self-Service Anywhere (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/self-service-anywhere
#### - Chocolatey Central Management (more components will need to be installed and additional configuration will need to be set) - https://docs.chocolatey.org/en-us/features/paid/chocolatey-central-management
#### - Other - https://docs.chocolatey.org/en-us/features/paid/

### d. Ensure Self-Service Anywhere ###
#### If you have desktop clients where users are not administrators, you may
#### to take advantage of deploying and configuring Self-Service anywhere
chocolateyfeature {'showNonElevatedWarnings':
  ensure => disabled,
}

chocolateyfeature {'useBackgroundService':
  ensure => enabled,
}

chocolateyfeature {'useBackgroundServiceWithNonAdministratorsOnly':
  ensure => enabled,
}

chocolateyfeature {'allowBackgroundServiceUninstallsFromUserInstallsOnly':
  ensure => enabled,
}

chocolateyconfig {'backgroundServiceAllowedCommands':
  value => 'install,upgrade,uninstall',
}

### e. Ensure Chocolatey Central Management ###
#### If you want to manage and report on endpoints, you can set up and configure
### Central Management. There are multiple portions to manage, so you'll see
### a section on agents here along with notes on how to configure the server
### side components.
if $_chocolatey_central_management_url {
  package {'chocolatey-agent':
    ensure   => latest,
    provider => chocolatey,
    source   => $_repository_url,
    require  => Package['chocolatey-license'],
  }

  chocolateyconfig {'CentralManagementServiceUrl':
    value   => $_chocolatey_central_management_url,
  }

  if $_chocolatey_central_management_client_salt {
    chocolateyconfig {'centralManagementClientCommunicationSaltAdditivePassword':
      value => $_chocolatey_central_management_client_salt,
    }
  }

  if $_chocolatey_central_management_service_salt {
    chocolateyconfig {'centralManagementClientCommunicationSaltAdditivePassword':
      value => $_chocolatey_central_management_client_salt,
    }
  }

  chocolateyfeature {'useChocolateyCentralManagement':
    ensure  => enabled,
    require => Package['chocolatey-agent'],
  }

  chocolateyfeature {'useChocolateyCentralManagementDeployments':
    ensure  => enabled,
    require => Package['chocolatey-agent'],
  }
}

Need Help? View our docs or file an issue.

There is already a version of this package in your Script Builder

Current Version	New Version

Downloads:

1,508,897

Downloads of v 1.2.0:

4,230

Last Update:

19 May 2022

Package Maintainer(s):

jamestoyer

Software Author(s):

Mitchell Hashimoto
HashiCorp

Tags:

terraform hashicorp

Terraform

This is not the latest version of Terraform available.

1.2.0 | Updated: 19 May 2022

Downloads:

1,508,897

Downloads of v 1.2.0:

4,230

Maintainer(s):

jamestoyer

Software Author(s):

Mitchell Hashimoto
HashiCorp

Tags:

terraform hashicorp

Terraform 1.2.0

This is not the latest version of Terraform available.

All Checks are Passing

3 Passing Tests

Show Checks

Validation Testing Passed

Verification Testing Passed

Details

Scan Testing Successful:

No detections found in any package files

Details

Learn More

Deployment Method: Individual Install, Upgrade, & Uninstall

To install Terraform, run the following command from the command line or from PowerShell:

To upgrade Terraform, run the following command from the command line or from PowerShell:

To uninstall Terraform, run the following command from the command line or from PowerShell:

NOTE

This applies to both open source and commercial editions of Chocolatey.

1. Enter Your Internal Repository Url

(this should look similar to https://community.chocolatey.org/api/v2/)

2. Setup Your Environment

1. Ensure you are set for organizational deployment

Please see the organizational deployment guide

2. Get the package into your environment

Option 1: Cached Package (Unreliable, Requires Internet - Same As Community)

Open Source or Commercial:
- Proxy Repository - Create a proxy nuget repository on Nexus, Artifactory Pro, or a proxy Chocolatey repository on ProGet. Point your upstream to https://community.chocolatey.org/api/v2/. Packages cache on first access automatically. Make sure your choco clients are using your proxy repository as a source and NOT the default community repository. See source command for more information.
- You can also just download the package and push it to a repository Download

Option 2: Internalized Package (Reliable, Scalable)

Open Source
- Download the package:
  Download
- Follow manual internalization instructions

Package Internalizer (C4B)

Run: (additional options)

choco download terraform --internalize --version=1.2.0 --source=https://community.chocolatey.org/api/v2/

For package and dependencies run:

choco push --source="'INTERNAL REPO URL'"

Automate package internalization

3. Copy Your Script

choco upgrade terraform -y --source="'INTERNAL REPO URL'" --version="'1.2.0'" [other options]

See options you can pass to upgrade.

See best practices for scripting.

Add this to a PowerShell script or use a Batch script with tools and in places where you are calling directly to Chocolatey. If you are integrating, keep in mind enhanced exit codes.

If you do use a PowerShell script, use the following to ensure bad exit codes are shown as failures:


choco upgrade terraform -y --source="'INTERNAL REPO URL'" --version="'1.2.0'" 
$exitCode = $LASTEXITCODE

Write-Verbose "Exit code was $exitCode"
$validExitCodes = @(0, 1605, 1614, 1641, 3010)
if ($validExitCodes -contains $exitCode) {
  Exit 0
}

Exit $exitCode


- name: Install terraform
  win_chocolatey:
    name: terraform
    version: '1.2.0'
    source: INTERNAL REPO URL
    state: present

See docs at https://docs.ansible.com/ansible/latest/modules/win_chocolatey_module.html.


chocolatey_package 'terraform' do
  action    :install
  source   'INTERNAL REPO URL'
  version  '1.2.0'
end

See docs at https://docs.chef.io/resource_chocolatey_package.html.


cChocoPackageInstaller terraform
{
    Name     = "terraform"
    Version  = "1.2.0"
    Source   = "INTERNAL REPO URL"
}

Requires cChoco DSC Resource. See docs at https://github.com/chocolatey/cChoco.


package { 'terraform':
  ensure   => '1.2.0',
  provider => 'chocolatey',
  source   => 'INTERNAL REPO URL',
}

Requires Puppet Chocolatey Provider module. See docs at https://forge.puppet.com/puppetlabs/chocolatey.

4. If applicable - Chocolatey configuration/installation

See infrastructure management matrix for Chocolatey configuration elements and examples.

NOTE

Private CDN cached downloads available for licensed customers. Never experience 404 breakages again! Learn more...

Package Approved

This package was approved as a trusted package on 19 May 2022.

Description

Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions.

The key features of Terraform are:

Infrastructure as Code: Infrastructure is described using a high-level configuration syntax. This allows a blueprint of your datacenter to be versioned and treated as you would any other code. Additionally, infrastructure can be shared and re-used.
Execution Plans: Terraform has a "planning" step where it generates an execution plan. The execution plan shows what Terraform will do when you call apply. This lets you avoid any surprises when Terraform manipulates infrastructure.
Resource Graph: Terraform builds a graph of all your resources, and parallelizes the creation and modification of any non-dependent resources. Because of this, Terraform builds infrastructure as efficiently as possible, and operators get insight into dependencies in their infrastructure.
Change Automation: Complex changesets can be applied to your infrastructure with minimal human interaction. With the previously mentioned execution plan and resource graph, you know exactly what Terraform will change and in what order, avoiding many possible human errors.

For more information, see the introduction section of the Terraform website.

Files

tools\chocolateyInstall.ps1

$ErrorActionPreference = 'Stop'

# DO NOT CHANGE THESE MANUALLY. USE update.ps1
$url = 'https://releases.hashicorp.com/terraform/1.2.0/terraform_1.2.0_windows_386.zip'
$url64 = 'https://releases.hashicorp.com/terraform/1.2.0/terraform_1.2.0_windows_amd64.zip'
$checksum = '66d7d530d1b80d39feb9ae8a26f444fe91df63cf295b6f7cfcbdbc3c96a5beab'
$checksum64 = 'de88c66fbcdca0561d4e6d8d8090d697e97de9bbd97c212ceed21d942e33f937'

$unzipLocation = Split-Path -Parent $MyInvocation.MyCommand.Definition

if ([System.IO.Directory]::Exists("$env:ChocolateyInstall\lib\terraform")) {
  if ([System.IO.Directory]::Exists("$env:ChocolateyInstall\lib\terraform\tools")) {
    # clean old plugins and ignore files
    Write-Host "Removing old terraform plugins"
    Remove-Item "$env:ChocolateyInstall\lib\terraform\tools\terraform-*.*"
  }
}
else {
  if ([System.IO.Directory]::Exists("$env:ALLUSERSPROFILE\chocolatey\lib\terraform")) {
    if ([System.IO.Directory]::Exists("$env:ALLUSERSPROFILE\chocolatey\lib\terraform\tools")) {
      # clean old plugins and ignore files
      Write-Host "Removing old terraform plugins"
      Remove-Item "$env:ALLUSERSPROFILE\chocolatey\lib\terraform\tools" -Include "terraform-*.*"
    }
  }
}

$packageParams = @{
  PackageName   = "terraform"
  UnzipLocation = $unzipLocation
  Url           = $url
  Url64         = $url64
  Checksum      = $checksum
  Checksum64    = $checksum64
  ChecksumType  = 'sha256'
}

Install-ChocolateyZipPackage @packageParams

tools\chocolateyUninstall.ps1

UnInstall-ChocolateyZipPackage "terraform" "terraformInstall.zip"

Virus Scan Results

terraform.1.2.0.nupkg (971dd1a220f0) - ## / 61
terraform_1.2.0_windows_amd64.zip (de88c66fbcdc) - ## / 61
terraform_1.2.0_windows_386.zip (66d7d530d1b8) - ## / 61

In cases where actual malware is found, the packages are subject to removal. Software sometimes has false positives. Moderators do not necessarily validate the safety of the underlying software, only that a package retrieves software from the official distribution point and/or validate embedded software against official distribution point (where distribution rights allow redistribution).

Chocolatey Pro provides runtime protection from possible malware.

Version History

Version	Downloads	Last Updated	Status
Terraform 1.8.0	4187	Thursday, April 11, 2024	Approved
Terraform 1.7.5	16217	Tuesday, March 19, 2024	Approved
Terraform 1.7.4	11670	Friday, March 8, 2024	Approved
Terraform 1.7.3	21573	Friday, February 9, 2024	Approved
Terraform 1.7.2	7054	Thursday, February 1, 2024	Approved
Terraform 1.7.1	6805	Thursday, January 25, 2024	Approved
Terraform 1.7.0	4375	Monday, January 22, 2024	Approved
Terraform 1.6.6	27010	Friday, December 15, 2023	Approved
Terraform 1.6.5	11232	Sunday, December 3, 2023	Approved
Terraform 1.6.4	12239	Thursday, November 16, 2023	Approved
Terraform 1.6.3	12675	Thursday, November 2, 2023	Approved
Terraform 1.6.2	10904	Thursday, October 19, 2023	Approved
Terraform 1.6.1	7762	Wednesday, October 11, 2023	Approved
Terraform 1.6.0	5844	Thursday, October 5, 2023	Approved
Terraform 1.5.7	18040	Wednesday, September 13, 2023	Approved
Terraform 1.5.6	16285	Wednesday, August 23, 2023	Approved
Terraform 1.5.5	9175	Friday, August 11, 2023	Approved
Terraform 1.5.4	11592	Thursday, July 27, 2023	Approved
Terraform 1.5.3	10735	Thursday, July 13, 2023	Approved
Terraform 1.5.2	6544	Thursday, July 6, 2023	Approved
Terraform 1.5.1	10020	Thursday, June 22, 2023	Approved
Terraform 1.5.0	10385	Tuesday, June 13, 2023	Approved
Terraform 1.4.6	29591	Thursday, April 27, 2023	Approved
Terraform 1.4.5	10718	Thursday, April 13, 2023	Approved
Terraform 1.4.4	9467	Monday, April 3, 2023	Approved
Terraform 1.4.3	45	Monday, April 3, 2023	Approved
Terraform 1.4.2	15566	Sunday, March 19, 2023	Approved
Terraform 1.4.1	177	Sunday, March 19, 2023	Approved
Terraform 1.4.0	318	Sunday, March 19, 2023	Approved
Terraform 1.3.9	28590	Friday, February 17, 2023	Approved
Terraform 1.3.8	173	Friday, February 17, 2023	Approved
Terraform 1.3.7	32842	Monday, January 16, 2023	Approved
Terraform 1.3.6	18963	Wednesday, December 14, 2022	Approved
Terraform 1.3.5	24304	Friday, November 18, 2022	Approved
Terraform 1.3.4	10403	Monday, November 7, 2022	Approved
Terraform 1.3.3	9246	Friday, October 28, 2022	Approved
Terraform 1.3.2	28405	Monday, October 10, 2022	Approved
Terraform 1.3.1	10106	Thursday, September 29, 2022	Approved
Terraform 1.3.0	12587	Thursday, September 22, 2022	Approved
Terraform 1.2.9	3075	Wednesday, September 21, 2022	Approved
Terraform 1.2.8	36911	Friday, August 26, 2022	Approved
Terraform 1.2.7	1646	Thursday, August 11, 2022	Approved
Terraform 1.2.6	16818	Monday, August 1, 2022	Approved
Terraform 1.2.5	6364	Friday, July 22, 2022	Approved
Terraform 1.2.4	10425	Tuesday, July 5, 2022	Approved
Terraform 1.2.3	14131	Wednesday, June 15, 2022	Approved
Terraform 1.2.2	16061	Wednesday, June 1, 2022	Approved
Terraform 1.2.1	7356	Tuesday, May 24, 2022	Approved
Terraform 1.2.0	4230	Thursday, May 19, 2022	Approved
Terraform 1.1.9	17085	Wednesday, April 20, 2022	Approved
Terraform 1.1.8	7872	Thursday, April 7, 2022	Approved
Terraform 1.1.7	19608	Sunday, March 6, 2022	Approved
Terraform 1.1.6	11689	Saturday, February 19, 2022	Approved
Terraform 1.1.5	11190	Friday, February 4, 2022	Approved
Terraform 1.1.4	14274	Saturday, January 22, 2022	Approved
Terraform 1.1.3	9311	Monday, January 10, 2022	Approved
Terraform 1.1.2	9293	Saturday, December 18, 2021	Approved
Terraform 1.1.1	169	Saturday, December 18, 2021	Approved
Terraform 1.1.0	7880	Wednesday, December 8, 2021	Approved
Terraform 1.0.11	21451	Saturday, November 13, 2021	Approved
Terraform 1.0.10	3783	Tuesday, November 9, 2021	Approved
Terraform 1.0.9	13485	Tuesday, October 19, 2021	Approved
Terraform 1.0.8	11839	Wednesday, September 29, 2021	Approved
Terraform 1.0.7	8684	Thursday, September 16, 2021	Approved
Terraform 1.0.6	5538	Wednesday, September 8, 2021	Approved
Terraform 1.0.5	735	Monday, August 23, 2021	Approved
Terraform 1.0.4	17996	Sunday, August 8, 2021	Approved
Terraform 1.0.3	6308	Thursday, July 29, 2021	Approved
Terraform 1.0.2	16192	Saturday, July 10, 2021	Approved
Terraform 1.0.1	12315	Monday, June 28, 2021	Approved
Terraform 1.0.0	11778	Tuesday, June 8, 2021	Approved
Terraform 0.15.5	1632	Tuesday, June 8, 2021	Approved
Terraform 0.15.4	3449	Monday, May 31, 2021	Approved
Terraform 0.15.3	13481	Friday, May 7, 2021	Approved
Terraform 0.15.2	18975	Friday, May 7, 2021	Approved
Terraform 0.15.1	4640	Tuesday, April 27, 2021	Approved
Terraform 0.15.0	5786	Wednesday, April 14, 2021	Approved
Terraform 0.14.11	8282	Tuesday, April 27, 2021	Approved
Terraform 0.14.10	11203	Wednesday, April 14, 2021	Approved
Terraform 0.14.9	5605	Tuesday, March 30, 2021	Approved
Terraform 0.14.8	10864	Monday, March 15, 2021	Approved
Terraform 0.14.7	11098	Thursday, February 18, 2021	Approved
Terraform 0.14.6	4759	Wednesday, February 10, 2021	Approved
Terraform 0.14.5	6122	Wednesday, January 27, 2021	Approved
Terraform 0.14.4	16681	Sunday, January 10, 2021	Approved
Terraform 0.14.3	5366	Sunday, December 20, 2020	Approved
Terraform 0.14.2	5564	Wednesday, December 9, 2020	Approved
Terraform 0.14.1	206	Wednesday, December 9, 2020	Approved
Terraform 0.14.0	2942	Tuesday, December 8, 2020	Approved
Terraform 0.13.7	13577	Tuesday, April 27, 2021	Approved
Terraform 0.13.6	1935	Sunday, January 10, 2021	Approved
Terraform 0.13.5	89536	Thursday, November 5, 2020	Approved
Terraform 0.13.4	10986	Wednesday, October 7, 2020	Approved
Terraform 0.13.3	9461	Friday, September 18, 2020	Approved
Terraform 0.13.2	15271	Wednesday, September 2, 2020	Approved
Terraform 0.13.1	517	Wednesday, September 2, 2020	Approved
Terraform 0.13.0	9268	Tuesday, August 11, 2020	Approved
Terraform 0.13.0-rc1	157	Monday, August 10, 2020	Approved
Terraform 0.13.0-beta3	432	Monday, July 13, 2020	Approved
Terraform 0.13.0-beta2	268	Thursday, June 25, 2020	Exempted
Terraform 0.13.0-beta1	329	Saturday, June 6, 2020	Exempted
Terraform 0.12.31	14488	Tuesday, April 27, 2021	Approved
Terraform 0.12.30	775	Sunday, January 10, 2021	Approved
Terraform 0.12.29	25359	Monday, August 10, 2020	Approved
Terraform 0.12.28	17579	Friday, June 26, 2020	Approved
Terraform 0.12.27	923	Thursday, June 25, 2020	Approved
Terraform 0.12.26	11167	Monday, June 1, 2020	Approved
Terraform 0.12.25	5934	Saturday, May 23, 2020	Approved
Terraform 0.12.24	23000	Tuesday, March 24, 2020	Approved
Terraform 0.12.23	2020	Wednesday, March 18, 2020	Approved
Terraform 0.12.21	11704	Friday, February 21, 2020	Approved
Terraform 0.12.20	11481	Friday, January 24, 2020	Approved
Terraform 0.12.19	6467	Friday, January 10, 2020	Approved
Terraform 0.12.18	11615	Friday, December 13, 2019	Approved
Terraform 0.12.17	4956	Tuesday, December 3, 2019	Approved
Terraform 0.12.16	3744	Tuesday, November 26, 2019	Approved
Terraform 0.12.15	255	Tuesday, November 26, 2019	Approved
Terraform 0.12.14	649	Tuesday, November 26, 2019	Approved
Terraform 0.12.13	9147	Monday, November 4, 2019	Approved
Terraform 0.12.12	6953	Monday, October 21, 2019	Approved
Terraform 0.12.11	248	Monday, October 21, 2019	Approved
Terraform 0.12.10	2988	Thursday, October 10, 2019	Approved
Terraform 0.12.9	9171	Wednesday, September 18, 2019	Approved
Terraform 0.12.8	3741	Friday, September 6, 2019	Approved
Terraform 0.12.7	4776	Friday, August 23, 2019	Approved
Terraform 0.12.6	4969	Friday, August 2, 2019	Approved
Terraform 0.12.5	3459	Friday, July 19, 2019	Approved
Terraform 0.12.4	1247	Monday, July 15, 2019	Approved
Terraform 0.12.3	3925	Tuesday, June 25, 2019	Approved
Terraform 0.12.2	2472	Thursday, June 13, 2019	Approved
Terraform 0.12.1	2012	Wednesday, June 5, 2019	Approved
Terraform 0.12.0	3483	Wednesday, May 22, 2019	Approved
Terraform 0.12.0-beta1	351	Tuesday, April 2, 2019	Approved
Terraform 0.12.0-alpha4	488	Friday, December 28, 2018	Approved
Terraform 0.12.0-alpha3	246	Friday, December 28, 2018	Approved
Terraform 0.12.0-alpha2	264	Friday, December 28, 2018	Approved
Terraform 0.12.0-alpha1	447	Tuesday, October 23, 2018	Approved
Terraform 0.11.15	4914	Tuesday, April 27, 2021	Approved
Terraform 0.11.14	27775	Wednesday, May 22, 2019	Approved
Terraform 0.11.13	15675	Tuesday, April 2, 2019	Approved
Terraform 0.11.12	258	Tuesday, April 2, 2019	Approved
Terraform 0.11.11	16115	Friday, December 28, 2018	Approved
Terraform 0.11.10	532	Friday, December 28, 2018	Approved
Terraform 0.11.9	7167	Tuesday, October 23, 2018	Approved
Terraform 0.11.8	24202	Thursday, August 30, 2018	Approved
Terraform 0.11.7	9083	Monday, April 16, 2018	Approved
Terraform 0.11.6	1013	Saturday, April 7, 2018	Approved
Terraform 0.11.5	1043	Wednesday, March 28, 2018	Approved
Terraform 0.11.4	760	Monday, April 16, 2018	Approved
Terraform 0.11.3	2861	Friday, February 16, 2018	Approved
Terraform 0.11.2	2021	Saturday, January 13, 2018	Approved
Terraform 0.11.1	1922	Thursday, December 7, 2017	Approved
Terraform 0.11.0	1461	Wednesday, November 22, 2017	Approved
Terraform 0.10.8	1919	Tuesday, October 31, 2017	Approved
Terraform 0.10.7	1391	Tuesday, October 3, 2017	Approved
Terraform 0.10.6	1553	Wednesday, September 20, 2017	Approved
Terraform 0.10.5	395	Wednesday, September 20, 2017	Approved
Terraform 0.10.4	398	Wednesday, September 20, 2017	Approved
Terraform 0.10.3	1169	Friday, September 1, 2017	Approved
Terraform 0.10.2	700	Thursday, August 24, 2017	Approved
Terraform 0.10.1	398	Thursday, August 24, 2017	Approved
Terraform 0.10.0	1065	Thursday, August 3, 2017	Approved
Terraform 0.10.0-rc1	463	Wednesday, August 2, 2017	Approved
Terraform 0.10.0-beta2	414	Wednesday, August 2, 2017	Approved
Terraform 0.10.0-beta1	439	Wednesday, July 5, 2017	Approved
Terraform 0.9.11	1766	Wednesday, July 5, 2017	Approved
Terraform 0.9.10	406	Wednesday, July 5, 2017	Approved
Terraform 0.9.9	393	Wednesday, July 5, 2017	Approved
Terraform 0.9.8	1299	Thursday, June 8, 2017	Approved
Terraform 0.9.7	418	Thursday, June 8, 2017	Approved
Terraform 0.9.6	742	Wednesday, May 31, 2017	Approved
Terraform 0.9.5	975	Friday, May 12, 2017	Approved
Terraform 0.9.4	739	Tuesday, May 2, 2017	Approved
Terraform 0.9.3	865	Thursday, April 13, 2017	Approved
Terraform 0.9.2	788	Monday, April 3, 2017	Approved
Terraform 0.9.1	953	Tuesday, March 21, 2017	Approved
Terraform 0.9.0	575	Thursday, March 16, 2017	Approved
Terraform 0.8.8	748	Monday, March 6, 2017	Approved
Terraform 0.8.7	821	Wednesday, February 22, 2017	Approved
Terraform 0.8.6	694	Wednesday, February 8, 2017	Approved
Terraform 0.8.5	621	Saturday, January 28, 2017	Approved
Terraform 0.8.4	617	Monday, January 16, 2017	Approved
Terraform 0.8.2	597	Thursday, December 22, 2016	Approved
Terraform 0.8.1	428	Friday, December 16, 2016	Approved
Terraform 0.8.0	460	Wednesday, December 14, 2016	Approved
Terraform 0.7.13	579	Wednesday, November 30, 2016	Approved
Terraform 0.7.12	408	Wednesday, November 30, 2016	Approved
Terraform 0.7.11	495	Tuesday, November 22, 2016	Approved
Terraform 0.7.10	352	Tuesday, November 22, 2016	Approved
Terraform 0.7.9	392	Tuesday, November 22, 2016	Approved
Terraform 0.7.8	559	Friday, November 4, 2016	Approved
Terraform 0.7.7	503	Sunday, October 23, 2016	Approved
Terraform 0.7.6	506	Sunday, October 16, 2016	Approved
Terraform 0.7.5	437	Sunday, October 16, 2016	Approved
Terraform 0.7.4	690	Thursday, September 22, 2016	Approved
Terraform 0.7.3	463	Thursday, September 22, 2016	Approved
Terraform 0.7.2	611	Tuesday, August 30, 2016	Approved
Terraform 0.7.1	449	Thursday, August 25, 2016	Approved
Terraform 0.7.0	561	Tuesday, August 2, 2016	Approved
Terraform 0.6.16	439	Tuesday, May 17, 2016	Approved
Terraform 0.6.15	443	Wednesday, April 27, 2016	Approved
Terraform 0.6.14	510	Tuesday, March 22, 2016	Approved
Terraform 0.6.13	387	Tuesday, March 22, 2016	Approved
Terraform 0.6.12	503	Monday, February 29, 2016	Approved
Terraform 0.6.11	433	Tuesday, February 2, 2016	Approved
Terraform 0.6.10	398	Tuesday, February 2, 2016	Approved
Terraform 0.6.9	455	Sunday, January 10, 2016	Approved
Terraform 0.6.8	440	Tuesday, December 8, 2015	Approved
Terraform 0.6.7	383	Tuesday, December 8, 2015	Approved
Terraform 0.6.6	420	Thursday, October 29, 2015	Approved
Terraform 0.6.5	408	Thursday, October 29, 2015	Approved
Terraform 0.6.4	415	Thursday, October 29, 2015	Approved
Terraform 0.6.3	372	Wednesday, August 12, 2015	Approved
Terraform 0.6.2	429	Wednesday, August 12, 2015	Approved
Terraform 0.6.1	408	Wednesday, August 12, 2015	Approved
Terraform 0.6.0	422	Thursday, July 9, 2015	Approved
Terraform 0.5.3	621	Wednesday, June 3, 2015	Approved
Terraform 0.5.2	408	Wednesday, June 3, 2015	Approved
Terraform 0.5.0	443	Wednesday, June 3, 2015	Approved
Terraform 0.4.0	442	Thursday, April 9, 2015	Approved
Terraform 0.3.6	491	Thursday, April 2, 2015	Approved

HashiCorp 2015-2020

Release Notes

1.2.0 (May 18, 2022)

UPGRADE NOTES:

If you use the third-party credentials helper plugin terraform-credentials-env, you should disable it as part of upgrading to Terraform v1.2 because similar functionality is now built in to Terraform itself.

The new behavior supports the same environment variable naming scheme but has a difference in priority order from the credentials helper: TF_TOKEN_... environment variables will now take priority over credentials blocks in CLI configuration and credentials stored automatically by terraform login, which is not true for credentials provided by any credentials helper plugin. If you see Terraform using different credentials after upgrading, check to make sure you do not specify credentials for the same host in multiple locations.

If you use the credentials helper in conjunction with the hashicorp/tfe Terraform provider to manage Terraform Cloud or Terraform Enterprise objects with Terraform, you should also upgrade to version 0.31 of that provider, which added the corresponding built-in support for these environment variables.
The official Linux packages for the v1.2 series now require Linux kernel version 2.6.32 or later.
When making outgoing HTTPS or other TLS connections as a client, Terraform now requires the server to support TLS v1.2. TLS v1.0 and v1.1 are no longer supported. Any safely up-to-date server should support TLS 1.2, and mainstream web browsers have required it since 2020.
When making outgoing HTTPS or other TLS connections as a client, Terraform will no longer accept CA certificates signed using the SHA-1 hash function. Publicly trusted Certificate Authorities have not issued SHA-1 certificates since 2015.

(Note: the changes to Terraform's requirements when interacting with TLS servers apply only to requests made by Terraform CLI itself, such as provider/module installation and state storage requests. Terraform provider plugins include their own TLS clients which may have different requirements, and may add new requirements in their own releases, independently of Terraform CLI changes.)

NEW FEATURES:

precondition and postcondition check blocks for resources, data sources, and module output values: module authors can now document assumptions and assertions about configuration and state values. If these conditions are not met, Terraform will report a custom error message to the user and halt further execution.
replace_triggered_by is a new lifecycle argument for managed resources which triggers replacement of an object based on changes to an upstream dependency.
You can now specify credentials for Terraform-native services using an environment variable named as TF_TOKEN_ followed by an encoded version of the hostname. For example, Terraform will use variable TF_TOKEN_app_terraform_io as a bearer token for requests to "app.terraform.io", for the Terraform Cloud integration and private registry requests.

ENHANCEMENTS:

When showing a plan, Terraform CLI will now only show "Changes outside of Terraform" if they relate to resources and resource attributes that contributed to the changes Terraform is proposing to make. (#30486)
Error messages for preconditions, postconditions, and custom variable validations are now evaluated as expressions, allowing interpolation of relevant values into the output. (#30613)
When showing the progress of a remote operation running in Terraform Cloud, Terraform CLI will include information about post-plan run tasks. (#30141)
Terraform will now show a slightly different note in the plan output if a data resource read is deferred to the apply step due to it depending on a managed resource that has changes pending. (#30971)
The "Invalid for_each argument" error message for unknown maps/sets now includes an additional paragraph to try to help the user notice they can move apply-time values into the map values instead of the map keys, and thus avoid the problem without resorting to -target. (#30327)
There are some small improvements to the error and warning messages Terraform will emit in the case of invalid provider configuration passing between modules. There are no changes to which situations will produce errors and warnings, but the messages now include additional information intended to clarify what problem Terraform is describing and how to address it. (#30639)
The environment variables TF_CLOUD_ORGANIZATION and TF_CLOUD_HOSTNAME now serve as fallbacks for the arguments of the same name inside a cloud block configuring integration with Terraform Cloud.
The environment variable TF_WORKSPACE will now additionally serve as an implicit configuration of a single selected workspace on Terraform Cloud if (and only if) the cloud block does not include an explicit workspaces configuration.
The AzureRM Backend now defaults to using MSAL (and Microsoft Graph) rather than ADAL (and Azure Active Directory Graph) for authentication. (#30891)
The AzureRM Backend now supports authenticating as a service principal using OpenID Connect. (#30936)
When running on macOS, Terraform will now use platform APIs to validate certificates presented by TLS (HTTPS) servers. This may change exactly which root certificates Terraform will accept as valid. (#30768)
Show remote host in error message for clarity when installation of provider fails (#30810)
Terraform now prints a warning when adding an attribute to ignore_changes that is managed only by the provider. Specifying non-configurable attributes in ignore_changes has no effect because ignore_changes tells Terraform to ignore future changes made in the configuration. (#30517)
terraform show -json now includes exact type information for output values. (#30945)
The ssh provisioner connection now supports SSH over HTTP proxy. (#30274)
- The SSH client for provisioners now supports newer key algorithms, allowing it to connect to servers running more recent versions of OpenSSH. (#30962)

BUG FIXES:

Terraform now handles type constraints, nullability, and custom variable validation properly for root module variables. Previously there was an order of operations problem where the nullability and custom variable validation were checked too early, prior to dealing with the type constraints, and thus that logic could potentially "see" an incorrectly-typed value in spite of the type constraint, leading to incorrect errors. (#29959)
When reporting a type mismatch between the true and false results of a conditional expression when both results are of the same structural type kind (object/tuple, or a collection thereof), Terraform will no longer return a confusing message like "the types are object and object, respectively", and will instead attempt to explain how the two structural types differ. (#30920)
Applying the various type conversion functions like tostring, tonumber, etc to null will now return a null value of the intended type. For example, tostring(null) converts from a null value of an unknown type to a null value of string type. Terraform can often handle such conversions automatically when needed, but explicit annotations like this can help Terraform to understand author intent when inferring type conversions for complex-typed values. (#30879)
Terraform now returns an error when cidrnetmask() is called with an IPv6 address, as it was previously documented to do. IPv6 standards do not preserve the "netmask" syntax sometimes used for IPv4 network configuration; use CIDR prefix syntax instead. (#30703)
When performing advanced state management with the terraform state commands, Terraform now checks the required_version field in the configuration before proceeding. (#30511)
When rendering a diff, Terraform now quotes the name of any object attribute whose string representation is not a valid identifier. (#30766)
Terraform will now prioritize local terraform variables over remote terraform variables in operations such as import, plan, refresh and apply for workspaces in local execution mode. This behavior applies to both remote backend and the cloud integration configuration. (#29972)
terraform show -json: JSON plan output now correctly maps aliased providers to their configurations, and includes the full provider source address alongside the short provider name. (#30138)
The local token configuration in the cloud and remote backend now has higher priority than a token specified in a credentials block in the CLI configuration. (#30664)
The cloud integration now gracefully exits when -input=false and an operation requires some user input.
Terraform will now reliably detect an inteerruptiong (e.g. Ctrl+C) during planning for terraform apply -auto-approve. Previously there was a window of time where interruption would cancel the plan step but not prevent Terraform from proceeding to the apply step. (#30979)
Terraform will no longer crash if a provider fails to return a schema. (#30987)

Previous Releases

For more information on previous releases, check out the changelog on GitHub.

Dependencies

This package has no dependencies.

Discussion for the Terraform Package

Ground Rules:

This discussion is only about Terraform and the Terraform package. If you have feedback for Chocolatey, please contact the Google Group.
This discussion will carry over multiple versions. If you have a comment about a particular version, please note that in your comments.
The maintainers of this Chocolatey Package will be notified about new comments that are posted to this Disqus thread, however, it is NOT a guarantee that you will get a response. If you do not hear back from the maintainers after posting a message below, please follow up by using the link on the left side of this page or follow this link to contact maintainers. If you still hear nothing back, please follow the package triage process.
Tell us what you love about the package or Terraform, or tell us what needs improvement.
Share your experiences with the package, or extra configuration or gotchas that you've found.
If you use a url, the comment will be flagged for moderation until you've been whitelisted. Disqus moderated comments are approved on a weekly schedule if not sooner. It could take between 1-5 days for your comment to show up.

Resources

Events

Courses

1,508,897

4,230

19 May 2022

Terraform

Terraform 1.2.0

All Checks are Passing

Deployment Method: Individual Install, Upgrade, & Uninstall

Deployment Method:

1. Enter Your Internal Repository Url

2. Setup Your Environment

1. Ensure you are set for organizational deployment

2. Get the package into your environment

3. Copy Your Script

4. If applicable - Chocolatey configuration/installation

1.2.0 (May 18, 2022)

Previous Releases

Ground Rules: