Automation, Installation Notes, Windows

Notes on Chocolatey

Avatar of author Kees C. Bakker To profile Kees C. Bakker Written by Kees C. Bakker, updated on , 3 minute read.

With the Chocolatey Package Manager for Windows, it is super easy to install software from the command-line. This makes your installs scriptable and thus repeatable. In this article, I'll show you how to render installation instructions from a machine and how to use the Windows Task Scheduler to update your packages regularly.

Install Chocolatey

You can install the tool from an administrative shell like this:

Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))

Listing installation instructions

Let's create a list with installation instructions from a machine:

choco list -l -r --id-only `
| Where-Object { $_ -notmatch '^(KB|chocolatey|vcredist)' } `
| ForEach-Object { echo "choco install -y $PSItem" }

Note: I filter out packages that are knowledge base items, belonging to Chocolatey itself or obvious dependencies.

Upgrade Task

I love software that is updated to the latest version. The following PowerShell script will generate a task that will trigger an upgrade every Monday at 9:30 in the morning:

& {
  $day = "Monday"
  $time = "9:30am"
  $taskName = "UpgradeChocolateyPackages"

  # Check if the task exists:
  $taskExists = Get-ScheduledTask | Where-Object { $_.TaskName -eq $taskName }

  if ($taskExists) {
      # Unregister the existing task with the same name:
      Unregister-ScheduledTask -TaskName $taskName -Confirm:$false
  }

  # Register task the launches in an elevated powershell, user must confirm action
  $action = New-ScheduledTaskAction `
      -Execute "powershell.exe" `
      -Argument "-Command ""Start-Process powershell -ArgumentList '-Command & {choco upgrade all -y}' -Verb RunAs"""

  $trigger = New-ScheduledTaskTrigger `
      -Weekly `
      -DaysOfWeek $day `
      -At $time

  $settings = New-ScheduledTaskSettingsSet `
      -AllowStartIfOnBatteries `
      -DontStopIfGoingOnBatteries `
      -StartWhenAvailable `
      -RunOnlyIfNetworkAvailable

  # register task using all the setting
  Register-ScheduledTask `
      -Action $action `
      -Trigger $trigger `
      -TaskName $taskName `
      -Description "Upgrade all Chocolatey packages" `
      -Settings $settings
}

Make Upgrade Task Compatible with MakeMeAdmin

At Wehkamp we use Make Me Admin. You need to become admin explicitly before executing administrative tasks. The upgrade script will not work in this case, because it directly shows you the prompt to login -- not allowing you to become admin first.

To fix this, we need an extra step to confirm our action, after we became admin. The script will also launch the Make Me Admin tool for our convenence.

This script will update the generated task:

& {
  # check if task exists
  $taskName = "UpgradeChocolateyPackages";
  $taskExists = Get-ScheduledTask | Where-Object { $_.TaskName -eq $taskName };
  if (-not $taskExists) {
      Write-Host "Task '$taskName' does not exist. Exiting." -ForegroundColor Red;
      exit 1;
  };

  Unregister-ScheduledTask -TaskName $taskName -Confirm:$false;

  $makeMeAdminDir = "C:\Program Files\Make Me Admin\";

  $newAction = New-ScheduledTaskAction `
      -Execute "powershell.exe" `
      -Argument "-Command ""cd '$makeMeAdminDir'; ./MakeMeAdminUI.exe; Read-Host 'Make sure you are admin before proceeding...'; Start-Process powershell -ArgumentList '-Command & {choco upgrade all -y}' -Verb RunAs"""; `

  Register-ScheduledTask `
      -Action $newAction `
      -Trigger $taskExists.Triggers `
      -TaskName $taskName `
      -Description "Upgrade all Chocolatey packages with admin prompt" `
      -Settings $taskExists.Settings;

  Write-Host "Task '$taskName' has been updated with the new action."
}

Now the user is prompted before the upgrade is executed.

Skip upgrade of a package

Looks like I was impacted by 2.47.0 git for Windows bug, so I want to skip the upgrade on my machines. With the pin command, you'll be able to skip the upgrade of certain packages, until you unpin it.

# remove pin, install specific version and pin again
choco pin remove -n git.install
choco install git.install --version=2.46.2
choco pin add -n git.install

# list pins
choco pin list

It is easy, but a double edge sword: you now need to check the upgrade yourself as the task will skip any updates.

If you want to remove the pin and upgrade, you can do:

choco pin remove -n git.install
choco upgrade git.install

My arbitrary list of installed packages

I use my blogs as notes to my future self. When I get a new machine, I usually install the following packages:

& {
  # dev tools
  ## for AWS
  ## more info here: https://keestalkstech.com/2021/03/share-aws-vault-on-wsl/
  choco install -y awscli aws-vault
  ## docker, inspect docker files
  choco install -y rancher-desktop dive
  ## IDE's
  choco install -y vscode.install
  # compare
  choco install -y beyondcompare
  # FTP
  choco install -y filezilla
  ## git and git signing
  ## more info here: https://keestalkstech.com/2023/06/github-windows-ssh-gpg-devcontainer/
  choco install -y git.install gpg4win
  ## testing APIs
  choco install -y postman
  ## edit YAML files
  choco install -y yq
  ## edit JS files
  choco install -y jq
  ## Node.js
  choco install -y nvm.install
  ## NSwag Studio to generate Swagger clients
  choco install -y NSwagStudio

  # image editing tools
  ## diagrams
  choco install -y drawio
  ## for svgs:
  choco install -y InkScape
  ## better paint:
  choco install -y paint.net
  ## screen recordings
  choco install -y ffmpeg screentogif.portable

  # tools
  ## where did my diskspace go?
  choco install -y treesizefree
  ## make Windows behave better
  choco install -y powertoys
  ## PowerShell Core
  choco install -y powershell-core
  ## TeraCopy
  choco install -y teracopy
  ## OpenSSL: generate strong secrets
  choco install -y openssl
}

Post installation

After installing this, you might want to install a version of Node.js and some global dependencies.

& {
    # download and use node 24 LTS
    nvm install 24
    nvm use 24
}

These are my go to global dependencies:

& {
    # check if your package file is still up to date
    npm install --global npm-check-updates
}

Enjoy!

I've published the code on GitHub as well: 13.chocolatey.

Changelog

  • use Node 24 as LTS.
  • added GitHub code and added NSwagStudio package.
  • instruction on how to remove a pin and upgrade.
  • added the launch of the make Make Me Admin tool to the script.
  • added the Installation section.
  • added the Skip upgrade of a package section.
  • made the PowerShell scripts pastable as single command by using & { }.
  • added post installation notes.
  • added TeraCopy.
  • fix the section on Make Me Admin; the script updates the generated task in the previous step.
  • fixed the rancher-desktop, included dive.
  • initial article.
expand_less brightness_auto