package Resource
This page is generated from the Chef Infra Client source code.To suggest a change, edit the package.rb file and submit a pull request to the Chef Infra Client repository.
Use the package resource to manage packages. When the package is installed from a local file (such as with RubyGems, dpkg, or RPM Package Manager), the file must be added to the node using the remote_file or cookbook_file resources.
This resource is the base resource for several other resources used for package management on specific platforms. While it is possible to use each of these specific resources, we recommend using the package resource as often as possible.
For more information about specific resources for specific platforms, see the following topics:
- apt_package
- bff_package
- cab_package
- chef_gem
- chocolatey_package
- dmg_package
- dnf_package
- dpkg_package
- freebsd_package
- gem_package
- homebrew_package
- ips_package
- macports_package
- msu_package
- openbsd_package
- pacman_package
- paludis_package
- portage_package
- rpm_package
- smartos_package
- snap_package
- solaris_package
- windows_package
- yum_package
- zypper_package
Syntax
A package resource block manages a package on a node, typically by installing it. The simplest use of the package resource is:
package 'httpd'
which will install Apache using all of the default options and the
default action (:install
).
For a package that has different package names, depending on the
platform, use a case
statement within the package:
package 'Install Apache' do
case node[:platform]
when 'redhat',
'centos'
package_name 'httpd'
when 'ubuntu', 'debian'
package_name
'apache2'
end
end
where:
'redhat', 'centos'
will install Apache using thehttpd
package and'ubuntu', 'debian'
will install it using theapache2
package
The full syntax for all of the properties that are available to the package resource is:
package 'name' do
options String, Array
package_name String, Array
source String
timeout String, Integer
version String, Array
action Symbol # defaults to :install if not specified
end
where:
package
is the resource.name
is the name given to the resource block.action
identifies which steps Chef Infra Client will take to bring the node into the desired state.options
,package_name
,source
,timeout
, andversion
are the properties available to this resource.
Gem Package Options
The RubyGems package provider attempts to use the RubyGems API to install gems without spawning a new process, whenever possible. A gems command to install will be spawned under the following conditions:
- When a
gem_binary
property is specified (as a hash, a string, or by a .gemrc file), Chef Infra Client will run that command to examine its environment settings and then again to install the gem. - When install options are specified as a string, Chef Infra Client will span a gems command with those options when installing the gem.
- The Chef installer will search the
PATH
for a gem command rather than defaulting to the current gem environment. As part ofenforce_default_paths
, thebin
directories area added to thePATH
, which means when there are no other proceeding RubyGems, the installation will still be operated against it.
Specify with Hash
You should provide the install options as a hash if you are not using an explicit
gem_binary
parameter with the gem_package
resource. This approach allows the
provider to install the gem without needing to spawn an external gem process.
The following RubyGems options are available for inclusion within a hash and are passed to the RubyGems DependencyInstaller:
:env_shebang
:force
:format_executable
:ignore_dependencies
:prerelease
:security_policy
:wrappers
For more information about these options, see the RubyGems documentation: https://docs.ruby-lang.org/en/2.2.0/Gem/DependencyInstaller.html.
Examplegem_package 'bundler' do
options(prerelease: true, format_executable: false)
end
Specify with String
When using an explicitgem_binary
, options must be passed as a string.
When not using an explicit gem_binary
, Chef Infra Client is forced to
spawn a gems process to install the gems (which uses more system
resources) when options are passed as a string. String options are
passed verbatim to the gems command and should be specified just as if
they were passed on a command line. For example, --prerelease
for a
pre-release gem.
Examplegem_package 'nokogiri' do
gem_binary('/opt/ree/bin/gem')
options('--prerelease --no-format-executable')
end
Specify with .gemrc File
Options can be specified in a .gemrc file. By default thegem_package
resource will use the Ruby interface to install gems which will ignore
the .gemrc file. The gem_package
resource can be forced to use the
gems command instead (and to read the .gemrc file) by adding the
gem_binary
attribute to a code block.A template named gemrc.erb
is located in a cookbook’s /templates
directory:
:sources:
- http://<%= node['gem_file']['host'] %>:<%= node['gem_file']['port'] %>/
A recipe can be built that does the following:
- Builds a
.gemrc
file based on agemrc.erb
template - Runs a
Gem.configuration
command - Installs a package using the
.gemrc
file
template '/root/.gemrc' do
source 'gemrc.erb'
action :create
notifies :run, 'ruby_block[refresh_gemrc]', :immediately
end
ruby_block 'refresh_gemrc' do
action :nothing
block do
Gem.configuration = Gem::ConfigFile.new []
end
end
gem_package 'di-ruby-lvm' do
gem_binary '/opt/chef/embedded/bin/gem'
action :install
end
Actions
The package resource has the following actions:
:install
- Install a package. If a version is specified, install the specified version of the package. (default)
:nothing
- This resource block does not act unless notified by another resource to take action. Once notified, this resource block either runs immediately or is queued up to run at the end of a Chef Infra Client run.
:purge
- Purge a package. This action typically removes the configuration files as well as the package.
:reconfig
- Reconfigure a package. This action requires a response file.
:remove
- Remove a package.
:upgrade
- Install a package and ensure that a package is the latest version.
Properties
The package resource has the following properties:
allow_downgrade
- Ruby Type: true, false | Default Value:
true
yum_package resource only. Downgrade a package to satisfy requested version requirements.
arch
- Ruby Type: String, Array
yum_package resource only. The architecture of the package to be installed or upgraded. This value can also be passed as part of the package name.
default_release
- Ruby Type: String
apt_package resource only. The default release. For example:
stable
.
flush_cache
- Ruby Type: Array
Flush the in-memory cache before or after a Yum operation that installs, upgrades, or removes a package. Default value:
[ :before, :after ]
. The value may also be a Hash:( { :before => true/false, :after => true/false } )
.Yum automatically synchronizes remote metadata to a local cache. Chef Infra Client creates a copy of the local cache, and then stores it in-memory during a Chef Infra Client run. The in-memory cache allows packages to be installed during a Chef Infra Client run without the need to continue synchronizing the remote metadata to the local cache while the Chef Infra Client run is in-progress.
As an array:
yum_package 'some-package' do #... flush_cache [ :before ] #... end
and as a Hash:
yum_package 'some-package' do #... flush_cache( { :after => true } ) #... end
Note
The
flush_cache
property does not flush the local Yum cache! Use Yum tools—yum clean headers
,yum clean packages
,yum clean all
—to clean the local Yum cache.
gem_binary
- Ruby Type: String
A property for the
gem_package
provider that is used to specify a gems binary.
homebrew_user
- Ruby Type: String, Integer
homebrew_package resource only. The name of the Homebrew owner to be used by Chef Infra Client when executing a command.
ignore_failure
- Ruby Type: true, false | Default Value:
false
Continue running a recipe if a resource fails for any reason.
notifies
- Ruby Type: Symbol, Chef::Resource\[String\]
A resource may notify another resource to take action when its state changes. Specify a
'resource[name]'
, the:action
that resource should take, and then the:timer
for that action. A resource may notify more than one resource; use anotifies
statement for each resource to be notified.If the referenced resource does not exist, an error is raised. In contrast,
subscribes
will not fail if the source resource is not found.A timer specifies the point during a Chef Infra Client run at which a notification is run. The following timers are available:
:before
Specifies that the action on a notified resource should be run before processing the resource block in which the notification is located.
:delayed
Default. Specifies that a notification should be queued up, and then executed at the end of a Chef Infra Client run.
:immediate
,:immediately
Specifies that a notification should be run immediately, for each resource notified.
The syntax for
notifies
is:notifies :action, 'resource[name]', :timer
options
- Ruby Type: String
One (or more) additional options that are passed to the command.
package_name
- Ruby Type: String, Array
The name of the package. Default value: the
name
of the resource block. See “Syntax” section above for more information.
response_file
- Ruby Type: String
apt_package and dpkg_package resources only. The direct path to the file used to pre-seed a package.
response_file_variables
- Ruby Type: Hash
apt_package and dpkg_package resources only. A Hash of response file variables in the form of
{"VARIABLE" => "VALUE"}
.
source
- Ruby Type: String
Optional. The path to a package in the local file system.
Note
The AIX platform requires
source
to be a local file system path becauseinstallp
does not retrieve packages using HTTP or FTP.
subscribes
- Ruby Type: Symbol, Chef::Resource\[String\]
A resource may listen to another resource, and then take action if the state of the resource being listened to changes. Specify a
'resource[name]'
, the:action
to be taken, and then the:timer
for that action.Note that
subscribes
does not apply the specified action to the resource that it listens to - for example:file '/etc/nginx/ssl/example.crt' do mode '0600' owner 'root' end service 'nginx' do subscribes :reload, 'file[/etc/nginx/ssl/example.crt]', :immediately end
In this case the
subscribes
property reloads thenginx
service whenever its certificate file, located under/etc/nginx/ssl/example.crt
, is updated.subscribes
does not make any changes to the certificate file itself, it merely listens for a change to the file, and executes the:reload
action for its resource (in this examplenginx
) when a change is detected.If the other resource does not exist, the subscription will not raise an error. Contrast this with the stricter semantics of
notifies
, which will raise an error if the other resource does not exist.A timer specifies the point during a Chef Infra Client run at which a notification is run. The following timers are available:
:before
Specifies that the action on a notified resource should be run before processing the resource block in which the notification is located.
:delayed
Default. Specifies that a notification should be queued up, and then executed at the end of a Chef Infra Client run.
:immediate
,:immediately
Specifies that a notification should be run immediately, for each resource notified.
The syntax for
subscribes
is:subscribes :action, 'resource[name]', :timer
timeout
- Ruby Type: String, Integer
The amount of time (in seconds) to wait before timing out.
version
- Ruby Type: String, Array
The version of a package to be installed or upgraded.
Multiple Packages
A resource may specify multiple packages and/or versions for platforms that use Apt, Chocolatey, DNF, Homebrew, Pacman, or Zypper package managers. Specifying multiple packages and/or versions allows a single transaction to:
- Download the specified packages and versions using a single HTTP transaction
- Update or install multiple packages with a single resource during a Chef Infra Client run
For example, installing multiple packages:
package %w(package1 package2)
Installing multiple packages with versions:
package %w(package1 package2) do
version [ '1.3.4-2', '4.3.6-1']
end
Upgrading multiple packages:
package %w(package1 package2) do
action :upgrade
end
Removing multiple packages:
package %w(package1 package2) do
action :remove
end
Purging multiple packages:
package %w(package1 package2) do
action :purge
end
Notifications, using an implicit name:
package %w(package1 package2) do
action :nothing
end
log 'call a notification' do
notifies :install, 'package[package1, package2]', :immediately
end
Note
Notifications and subscriptions do not need to be updated when packages
and versions are added or removed from the package_name
or version
properties.
Common Resource Functionality
Chef resources include common properties, notifications, and resource guards.
Multiple Packages
A resource may specify multiple packages and/or versions for platforms that use Apt, Chocolatey, DNF, Homebrew, Pacman, or Zypper package managers. Specifying multiple packages and/or versions allows a single transaction to:
- Download the specified packages and versions using a single HTTP transaction
- Update or install multiple packages with a single resource during a Chef Infra Client run
For example, installing multiple packages:
package %w(package1 package2)
Installing multiple packages with versions:
package %w(package1 package2) do
version [ '1.3.4-2', '4.3.6-1']
end
Upgrading multiple packages:
package %w(package1 package2) do
action :upgrade
end
Removing multiple packages:
package %w(package1 package2) do
action :remove
end
Purging multiple packages:
package %w(package1 package2) do
action :purge
end
Notifications, using an implicit name:
package %w(package1 package2) do
action :nothing
end
log 'call a notification' do
notifies :install, 'package[package1, package2]', :immediately
end
Note
Notifications and subscriptions do not need to be updated when packages
and versions are added or removed from the package_name
or version
properties.
Examples
The following examples demonstrate various approaches for using the package resource in recipes:
Install a gems file for use in recipes
chef_gem 'right_aws' do
action :install
end
require 'right_aws'
Install a gems file from the local file system
gem_package 'right_aws' do
source '/tmp/right_aws-1.11.0.gem'
action :install
end
Install a package
package 'tar' do
action :install
end
Install a package version
package 'tar' do
version '1.16.1-1'
action :install
end
Install a package with options
package 'debian-archive-keyring' do
action :install
options '--force-yes'
end
Install a package with a response_file
Use of a response_file
is only supported on Debian and Ubuntu at this
time. Custom resources must be written to support the use of a
response_file
, which contains debconf answers to questions normally
asked by the package manager on installation. Put the file in
/files/default
of the cookbook where the package is specified and Chef
Infra Client will use the cookbook_file resource to retrieve it.
To install a package with a response_file
:
package 'sun-java6-jdk' do
response_file 'java.seed'
end
Install a specified architecture using a named provider
yum_package 'glibc-devel' do
arch 'i386'
end
Purge a package
package 'tar' do
action :purge
end
Remove a package
package 'tar' do
action :remove
end
Upgrade a package
package 'tar' do
action :upgrade
end
Use the ignore_failure
common attribute
gem_package 'syntax' do
action :install
ignore_failure true
end
Avoid unnecessary string interpolation
Do this:
package 'mysql-server' do
version node['mysql']['version']
action :install
end
and not this:
package 'mysql-server' do
version "#{node['mysql']['version']}"
action :install
end
Install a package in a platform
The following example shows how
to use the package resource to
install an application named app
and ensure
that the correct packages
are installed for the correct platform:
package 'app_name' do
action :install
end
case node[:platform]
when 'ubuntu','debian'
package 'app_name-doc' do
action :install
end
when 'centos'
package 'app_name-html' do
action :install
end
end
Install sudo, then configure /etc/sudoers/ file
The following example shows how to install sudo and then configure the
/etc/sudoers
file:
# the following code sample comes from the ``default``
# recipe in the ``sudo`` cookbook: https://github.com/chef-cookbooks/sudo
package 'sudo' do
action :install
end
if node['authorization']['sudo']['include_sudoers_d']
directory '/etc/sudoers.d' do
mode '0755'
owner 'root'
group 'root'
action :create
end
cookbook_file '/etc/sudoers.d/README' do
source 'README'
mode '0440'
owner 'root'
group 'root'
action :create
end
end
template '/etc/sudoers' do
source 'sudoers.erb'
mode '0440'
owner 'root'
group platform?('freebsd') ? 'wheel' : 'root'
variables(
:sudoers_groups => node['authorization']['sudo']['groups'],
:sudoers_users => node['authorization']['sudo']['users'],
:passwordless => node['authorization']['sudo']['passwordless']
)
end
where:
- the package resource is used to install sudo
- the
if
statement is used to ensure availability of the/etc/sudoers.d
directory - the template resource tells Chef Infra Client where to find the
sudoers
template - the
variables
property is a hash that passes values to template files (that are located in thetemplates/
directory for the cookbook
Use a case statement to specify the platform
The following example shows how to use a case statement to tell Chef Infra Client which platforms and packages to install using cURL.
package 'curl'
case node[:platform]
when 'redhat', 'centos'
package 'package_1'
package 'package_2'
package 'package_3'
when 'ubuntu', 'debian'
package 'package_a'
package 'package_b'
package 'package_c'
end
end
where node[:platform]
for each node is identified by Ohai during every Chef
Infra Client run. For example:
package 'curl'
case node[:platform]
when 'redhat', 'centos'
package 'zlib-devel'
package 'openssl-devel'
package 'libc6-dev'
when 'ubuntu', 'debian'
package 'openssl'
package 'pkg-config'
package 'subversion'
end
end
Use symbols to reference attributes
Symbols may be used to reference attributes:
package 'mysql-server' do
version node[:mysql][:version]
action :install
end
instead of strings:
package 'mysql-server' do
version node['mysql']['version']
action :install
end
Use a whitespace array to simplify a recipe
The following examples show different ways of doing the same thing. The first shows a series of packages that will be upgraded:
package 'package-a' do
action :upgrade
end
package 'package-b' do
action :upgrade
end
package 'package-c' do
action :upgrade
end
package 'package-d' do
action :upgrade
end
and the next uses a single package resource and a whitespace array (%w
):
package %w{package-a package-b package-c package-d} do
action :upgrade
end
Specify the Homebrew user with a UUID
homebrew_package 'emacs' do
homebrew_user 1001
end
Specify the Homebrew user with a string
homebrew_package 'vim' do
homebrew_user 'user1'
end