Hi guys,
In my company, we’re using the win_chocolatey module to install several Windows programs as part of the CI process.
Every now and then, a Chocolatey package gets updated while the checksum does not, resulting in the checksums mismatch, the win_chocolatey failing and then failing our entire CI (40 machines?).
To me it seems unmaintainable to allow all the CI to fail due to a temporary Chocolatey issue.
I’m trying to understand how I can mitigate the issue.
I thought of several options:
- Choose to ignore checksums altogether.
Cons: I guess this isn’t best practice, security wise. - Specifying a version for the Chocolatey packages.
This is assuming that old versions don’t have their checksums change.
Cons: You’re not installing latest, then again, do you really care if you’re installing latest 7zip or a 2-months old 7zip? - Ignoring errors in win_chocolatey
Cons: Doesn’t sound feasible, assuming that all of these packages are needed for the CI process.