I promised more Build modules in my previous monthly Monday module blog post: package-method-winget.
And here they are: windows-capability and windows-optional-feature.
Inventory Both of these modules use similar usage details to control whether to inventory and to promise the state for specific capabilities and optional features.
By default inventory is taken in the form of a classic array which ends up in the Mission Portal as a comma separated list:
OpenSSH.Server~~~~0.0.1.0:Installed, OpenSSH.Client~~~~0.0.1.0:Installed, etc. To disable this inventory, define the class disable_windows_capability_inventory or disable_windows_optional_feature_inventory in the data namespace. The data namespace is the default if you use Host specific data or Group data. If you want to set these in augments you will need to specify the namespace explicitly like this:
As a developer and user of CFEngine I want to use policy to manage the software on my systems so that I can switch operating systems, distributions, computers and have all my normal tools available wherever I go.
Towards this end I searched for a Windows package manager and found one in winget. I showed a prototype in Agent Is In - Episode 37 - Windows package management as well as refined the whole process in Agent Is In - Episode 40 - Windows module workshop.
Ready for more CFEngine on Windows?
Join Cody, Craig and Nick for a walk through of some windows related build modules and policy that Craig has been working on. Craig talks about powershell, cmdlets, winget and docker and shows progress towards some new modules for CFEngine Build.
Video The video recording is available on YouTube:
Post show discussion At the end of every webinar, we stop the recording for a nice and relaxed, off-the-record chat with attendees. Join the next webinar to not miss this discussion.
Curious about package management with CFEngine on Windows?
After sharing some history on Microsoft’s global advertising campaign for “Where do you want to go today?” Craig shared some of his recent experiments with several windows based package managers as well as their related challenges.
Craig discussed difficulties with the msiexec package module, such as distinguishing which packages need installation through msi while also identifying software for removal by name, a task that can be challenging. He demonstrated this using examples from winget, chocolatey, Scoop, and PowerShell’s install-module commands.
Recently support for Windows PowerShell was merged into the Enterprise Windows version of CFEngine. PowerShell is Microsoft’s enhanced shell, intended for more advanced system administration and programming tasks.
The change to CFEngine means you can seamlessly use PowerShell in your configuration policies, just like the normal “cmd” shell. It’s very easy, for example, say you have the following bundle:
bundle agent mybundle { vars: "mymessage" string => execresult("echo This is a message from cmd", "useshell"); reports: "$(mymessage)"; } This uses the regular “cmd” shell. To switch to PowerShell, just replace it with the following:
Over the last few months the CFEngine AS development team has added better integration for CFEngine Nova with windows (without need of Cygwin). The most recent development is support for Windows event logs. Event logs are the Windows counterpart to syslog from Unix. The main difference is that event logs aim to group similar log messages, giving each group an event id.
A program that creates logs, such as CFEngine Nova, must define the possible event ids, and their meaning. In many applications, only one event id is defined, a generic log message. However, CFEngine Nova defines the following range of event ids, which allows for automatic handling of log messages.
Following a sustained effort by the programming team at CFEngine AS, CFEngine Nova (the commercial version of CFEngine 3) will run natively on Windows NT platforms (not merely emulated under the Cygwin framework), with first release just into the new year 2010. Support has been added for registry management and Windows Access Control Lists, as well as integration with Event Manager and other goodies.
The plans over the next year include further integration of CFEngine with Active Directory and its group policies. CFEngine still has something to offer Windows users, even with the new tools that Microsoft is bringing to Windows 2008. One thing is integration of Windows resources into the CFEngine Knowledge Map, but also there is the ability to manage security through ACLs, and implement group policies convergently over time (not just one-off), as well as to integrate with a major Unix management system in a universal framework. Early rumours of the release have already led to a flurry of interest for the upcoming software release from a number of companies internationally.