Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status


wsus-client (13) Versions 1.0.0

Configures wsus client

cookbook 'wsus-client', '= 1.0.0', :supermarket
cookbook 'wsus-client', '= 1.0.0'
knife supermarket install wsus-client
knife supermarket download wsus-client
Quality 100%

Wsus-client Cookbook

Configures WSUS clients to retrieve approved updates.


The PowerShell script will always fail if run via the winrm vagrant provider
as the IUpdateSession::CreateUpdateDownloader is not available remotely.


The Microsoft.Update.Session object keeps a log in: C:\Windows\WindowsUpdate.log


This cookbook requires Chef 11.12.0+ because it leverages the guard_interpreter feature for powershell scripts.


  • Windows XP
  • Windows Vista
  • Windows Server 2003 R2
  • Windows 7
  • Windows Server 2008 (R1, R2)
  • Windows 8 and 8.1
  • Windows Server 2012 (R1, R2)


Using this cookbook is quite easy; add the desired recipes to the run list of a node, or role.
Adjust any attributes as desired. For example, to configure a windows server role that connects to your WSUS server:
$ cat roles/updated_windows_server.rb
name 'updated_windows_server'
description 'Setup a windows server to keep up-to-date'


wsus_client: {
wsus_server: '',
update_group: 'updated_server2015',
# allow 3h timeout to synchronize updates
timeout: 10_800,



Convenience recipe that configures WSUS client and performs a synchronous update.
It basically includes wsus-client::configure and wsus-client::update


This recipe modifies the Windows registry to configure WSUS update settings.


The following attributes are used to configure the wsus-client::configure recipe, accessible via node['wsus_client'][attribute].

Attribute Description Type Default
wsus_server Defines a custom WSUS server to use instead of Microsoft Windows Update server String, URI nil
update_group Defines the current computer update group. (see client-side targeting) String nil
disable_windows_update_access Disables access to Windows Update (or your WSUS server) TrueClass, FalseClass false
enable_non_microsoft_updates Allows signed non-Microsoft updates. TrueClass, FalseClass true
allow_user_to_install_updates Authorizes Users to approve or disapprove updates. TrueClass, FalseClass false
auto_install_minor_updates Defines whether minor update should be automatically installed. TrueClass, FalseClass false
no_reboot_with_logged_users Disables automatic reboot with logged-on users. TrueClass, FalseClass true
automatic_update_behavior Defines auto update behavior. Symbol* :disabled
detection_frequency Defines times in hours between detection cycles. FixNum 22
schedule_install_day Defines the day of the week to schedule update install. Symbol** :every_day
schedule_install_time Defines the time of day in 24-hour format to schedule update install. FixNum (1-23) 0
schedule_retry_wait Defines the time in minutes to wait at startup before applying update from a missed scheduled time FixNum (0-60) 0
reboot_warning Defines time in minutes of the restart warning countdown after reboot-required updates automatic install FixNum (1-30) 5
reboot_prompt_timeout Defines time in minutes between prompts for a scheduled restart FixNum (1-1440) 10

* automatic_update_behavior values are:

:disabled = Disables automatic updates

:detect = Only notify users of new updates

:download = Download updates, but let users install them

:install = Download and install updates

:manual = Lets the users configure the behavior

`**` schedule_install_day possible values are: `:every_day`, `:sunday`, `:monday`, `:tuesday`, `:wednesday`, `:thursday`, `:friday`, `:saturday`

## wsus-client::update
This recipe performs a synchronous detection and install of available Windows updates.

### Attributes
The following attributes are used to configure the `wsus-client::update` recipe, accessible via `node['wsus_client'][attribute]`.

Attribute      | Description                                                          | Type   | Default
update_timeout | The maximum amount of time the synchronous update is allowed to run. | FixNum | `7200`

> **Note:** mixlib-shellout < 2.0.1 does not terminating the process after the allowed timeout. Chef 12.0.4 includes the new version.

1. Fork the [repository on Github][repository]
2. Create a named feature branch (like `add_component_x`)
3. Write your change
4. Write tests for your change (if applicable)
5. Run the tests, ensuring they all pass
6. Submit a Pull Request using Github

License and Authors
Authors: [Baptiste Courtois][author] ()

Copyright 2014-2015, Criteo.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
See the License for the specific language governing permissions and
limitations under the License.

Dependent cookbooks

This cookbook has no specified dependencies.

Contingent cookbooks

There are no cookbooks that are contingent upon this one.

Wsus-client CHANGELOG

This file is used to list changes made in each version of the wsus-client cookbook.

1.0.0 (2015-06-03)

  • Workaround foodcritic false positive
  • Rename attribute disable_windows_update_acces to disable_windows_update_access
  • Explicitly set attribute value of detection_frequency to 22 hours
  • Force WU detection on configuration change
  • Complete

0.1.3 (2015-01-29)

  • Fail chef run on guard failure
  • Configure basic rake tasks and travis build

0.1.2 (2014-09-15)

  • Fix update script guard condition

0.1.1 (2014-09-15)

  • Add windows supports in metadata

0.1.0 (2014-08-27)

  • Initial release of wsus-client
  • Client recipes do nothing on non-windows platform
  • Add client recipes that configures automatic updates and initiates download and install

Foodcritic Metric

1.0.0 passed this metric