From 2b0d360177c0b6acc16a3aaaffc95a2bab81bcfb Mon Sep 17 00:00:00 2001
From: James Ruskin <james@chocolatey.io>
Date: Wed, 7 Aug 2024 17:18:51 +0100
Subject: [PATCH 1/3] (#230) Change "files" directory to "packages" directory

The manifest folders lived in a folder named after one in the Ansible project. This didn't make sense here, where it often lives inside a /files/ directory already.

This has been changed.
---
 OfflineInstallPreparation.ps1       | 22 +++++++++++-----------
 Start-C4bCcmSetup.ps1               |  2 +-
 Start-C4bJenkinsSetup.ps1           |  6 +++---
 Start-C4bNexusSetup.ps1             |  4 ++--
 Start-C4bSetup.ps1                  | 10 +++++-----
 {files => packages}/chocolatey.json |  0
 {files => packages}/jenkins.json    |  0
 scripts/Create-ChocoLicensePkg.ps1  |  2 +-
 tests/jenkins.tests.ps1             |  2 +-
 9 files changed, 24 insertions(+), 24 deletions(-)
 rename {files => packages}/chocolatey.json (100%)
 rename {files => packages}/jenkins.json (100%)

diff --git a/OfflineInstallPreparation.ps1 b/OfflineInstallPreparation.ps1
index 733f4f6..788921c 100644
--- a/OfflineInstallPreparation.ps1
+++ b/OfflineInstallPreparation.ps1
@@ -90,8 +90,8 @@ if (-not $Licensed) {
         }
         Copy-Item $LicensePath $InstalledLicensePath -Force
     }
-    $ExtensionSource = if (Test-Path $PSScriptRoot\files\chocolatey.extension.*.nupkg) {
-        Convert-Path $PSScriptRoot\files\
+    $ExtensionSource = if (Test-Path $PSScriptRoot\packages\chocolatey.extension.*.nupkg) {
+        Convert-Path $PSScriptRoot\packages\
     } else {
         'https://licensedpackages.chocolatey.org/api/v2/'
     }
@@ -103,7 +103,7 @@ $PackageWorkingDirectory = Join-Path $WorkingDirectory "Packages"
 if (-not (Test-Path $PackageWorkingDirectory)) {
     $null = New-Item -Path $PackageWorkingDirectory -ItemType Directory -Force
 }
-foreach ($Package in (Get-Content $PSScriptRoot\files\chocolatey.json | ConvertFrom-Json).packages) {
+foreach ($Package in (Get-Content $PSScriptRoot\packages\chocolatey.json | ConvertFrom-Json).packages) {
     $ChocoArgs = @(
         "download", "$($Package.Name)"
         "--output-directory", $PackageWorkingDirectory
@@ -118,7 +118,7 @@ foreach ($Package in (Get-Content $PSScriptRoot\files\chocolatey.json | ConvertF
     }
 
     try {
-        if (-not (Get-ChocolateyPackageMetadata -Path $PackageWorkingDirectory -Id $Package.Name) -and -not (Get-ChocolateyPackageMetadata -Path "$PSScriptRoot\files\" -Id $Package.Name)) {
+        if (-not (Get-ChocolateyPackageMetadata -Path $PackageWorkingDirectory -Id $Package.Name) -and -not (Get-ChocolateyPackageMetadata -Path "$PSScriptRoot\packages\" -Id $Package.Name)) {
             Write-Host "Downloading '$($Package.Name)'"
 
             while ((Get-ChildItem $PackageWorkingDirectory -Filter *.nupkg).Where{$_.CreationTime -gt (Get-Date).AddMinutes(-1)}.Count -gt 5) {
@@ -132,18 +132,18 @@ foreach ($Package in (Get-Content $PSScriptRoot\files\chocolatey.json | ConvertF
         throw $_
     }
 }
-Move-Item -Path $PackageWorkingDirectory\*.nupkg -Destination $PSScriptRoot\files\
+Move-Item -Path $PackageWorkingDirectory\*.nupkg -Destination $PSScriptRoot\packages\
 
 # Jenkins Plugins
 $PluginsWorkingDirectory = Join-Path $WorkingDirectory "JenkinsPlugins"
 if (-not (Test-Path $PluginsWorkingDirectory)) {
     $null = New-Item -Path $PluginsWorkingDirectory -ItemType Directory -Force
 }
-if (Test-Path $PSScriptRoot\files\JenkinsPlugins.zip) {
-    Expand-Archive -Path $PSScriptRoot\files\JenkinsPlugins.zip -DestinationPath $PluginsWorkingDirectory -Force
+if (Test-Path $PSScriptRoot\packages\JenkinsPlugins.zip) {
+    Expand-Archive -Path $PSScriptRoot\packages\JenkinsPlugins.zip -DestinationPath $PluginsWorkingDirectory -Force
 }
 $ProgressPreference = "Ignore"
-foreach ($Plugin in (Get-Content $PSScriptRoot\files\jenkins.json | ConvertFrom-Json).plugins) {
+foreach ($Plugin in (Get-Content $PSScriptRoot\packages\jenkins.json | ConvertFrom-Json).plugins) {
     $RestArgs = @{
         Uri     = "https://updates.jenkins-ci.org/latest/$($Plugin.Name).hpi"
         OutFile = Join-Path $PluginsWorkingDirectory "$($Plugin.Name).hpi"
@@ -155,12 +155,12 @@ foreach ($Plugin in (Get-Content $PSScriptRoot\files\jenkins.json | ConvertFrom-
         Invoke-WebRequest @RestArgs -UseBasicParsing
     }
 }
-Compress-Archive -Path $PluginsWorkingDirectory\* -Destination $PSScriptRoot\files\JenkinsPlugins.zip -Force
+Compress-Archive -Path $PluginsWorkingDirectory\* -Destination $PSScriptRoot\packages\JenkinsPlugins.zip -Force
 
 # BCryptDll
 $null = Get-BcryptDll
 
 # License
-if ($LicensePath -ne "$PSScriptRoot\files\chocolatey.license.xml") {
-    Copy-Item -Path (Convert-Path $LicensePath) -Destination $PSScriptRoot\files\chocolatey.license.xml
+if ($LicensePath -ne "$PSScriptRoot\packages\chocolatey.license.xml") {
+    Copy-Item -Path (Convert-Path $LicensePath) -Destination $PSScriptRoot\packages\chocolatey.license.xml
 }
\ No newline at end of file
diff --git a/Start-C4bCcmSetup.ps1 b/Start-C4bCcmSetup.ps1
index 8e88951..3f29bc2 100644
--- a/Start-C4bCcmSetup.ps1
+++ b/Start-C4bCcmSetup.ps1
@@ -27,7 +27,7 @@ process {
     $ErrorActionPreference = 'Stop'
     Start-Transcript -Path "$env:SystemDrive\choco-setup\logs\Start-C4bCcmSetup-$(Get-Date -Format 'yyyyMMdd-HHmmss').txt"
 
-    $Packages = (Get-Content $PSScriptRoot\files\chocolatey.json | ConvertFrom-Json).packages
+    $Packages = (Get-Content $PSScriptRoot\packages\chocolatey.json | ConvertFrom-Json).packages
 
     Set-ChocoEnvironmentProperty -Name DatabaseUser -Value $DatabaseCredential
 
diff --git a/Start-C4bJenkinsSetup.ps1 b/Start-C4bJenkinsSetup.ps1
index 0a52c4c..3d25372 100644
--- a/Start-C4bJenkinsSetup.ps1
+++ b/Start-C4bJenkinsSetup.ps1
@@ -68,10 +68,10 @@ process {
     Stop-Service -Name Jenkins
 
     #region Jenkins Plugin Install & Update
-    $JenkinsPlugins = (Get-Content $PSScriptRoot\files\jenkins.json | ConvertFrom-Json).plugins
+    $JenkinsPlugins = (Get-Content $PSScriptRoot\packages\jenkins.json | ConvertFrom-Json).plugins
 
-    if (Test-Path $PSScriptRoot\files\JenkinsPlugins.zip) {
-        Expand-Archive -Path $PSScriptRoot\files\JenkinsPlugins.zip -DestinationPath $jenkinsHome\plugins\ -Force
+    if (Test-Path $PSScriptRoot\packages\JenkinsPlugins.zip) {
+        Expand-Archive -Path $PSScriptRoot\packages\JenkinsPlugins.zip -DestinationPath $jenkinsHome\plugins\ -Force
     }
 
     # Performance is killed by Invoke-WebRequest's progress bars, turning them off to speed this up
diff --git a/Start-C4bNexusSetup.ps1 b/Start-C4bNexusSetup.ps1
index cc2657e..4f46a12 100644
--- a/Start-C4bNexusSetup.ps1
+++ b/Start-C4bNexusSetup.ps1
@@ -26,7 +26,7 @@ process {
     $ErrorActionPreference = 'Stop'
     Start-Transcript -Path "$env:SystemDrive\choco-setup\logs\Start-C4bNexusSetup-$(Get-Date -Format 'yyyyMMdd-HHmmss').txt"
 
-    $Packages = (Get-Content $PSScriptRoot\files\chocolatey.json | ConvertFrom-Json).packages
+    $Packages = (Get-Content $PSScriptRoot\packages\chocolatey.json | ConvertFrom-Json).packages
 
     # Install base nexus-repository package
     Write-Host "Installing Sonatype Nexus Repository"
@@ -55,7 +55,7 @@ process {
     $NuGetApiKey = (Get-NexusNuGetApiKey -Credential $Credential).apikey
 
     # Push all packages from previous steps to NuGet repo
-    Get-ChildItem -Path "$env:SystemDrive\choco-setup\files\files" -Filter *.nupkg | ForEach-Object {
+    Get-ChildItem -Path "$env:SystemDrive\choco-setup\files\packages" -Filter *.nupkg | ForEach-Object {
         Invoke-Choco push $_.FullName --source "$((Get-NexusRepository -Name 'ChocolateyInternal').url)/index.json" --apikey $NugetApiKey --force
     }
 
diff --git a/Start-C4bSetup.ps1 b/Start-C4bSetup.ps1
index 7b729d0..18b12b3 100644
--- a/Start-C4bSetup.ps1
+++ b/Start-C4bSetup.ps1
@@ -21,9 +21,9 @@ param(
     [Parameter(ParameterSetName='Attended')]
     [string]
     $LicenseFile = $(
-        if (Test-Path $PSScriptRoot\files\chocolatey.license.xml) {
+        if (Test-Path $PSScriptRoot\packages\chocolatey.license.xml) {
             # Offline setup has been run, we should use that license.
-            Join-Path $PSScriptRoot "files\chocolatey.license.xml"
+            Join-Path $PSScriptRoot "packages\chocolatey.license.xml"
         } elseif (Test-Path $env:ChocolateyInstall\license\chocolatey.license.xml) {
             # Chocolatey is already installed, we can use that license.
             Join-Path $env:ChocolateyInstall "license\chocolatey.license.xml"
@@ -99,7 +99,7 @@ try {
     Write-Host "Setting up initial directories in"$env:SystemDrive\choco-setup"" -ForegroundColor Green
     $ChocoPath = "$env:SystemDrive\choco-setup"
     $FilesDir = Join-Path $ChocoPath "files"
-    $PkgsDir = Join-Path $FilesDir "files"
+    $PkgsDir = Join-Path $FilesDir "packages"
     $TempDir = Join-Path $ChocoPath "temp"
     $TestDir = Join-Path $ChocoPath "tests"
     $xmlDir = Join-Path $ChocoPath "clixml"
@@ -134,8 +134,8 @@ try {
 
     & $FilesDir\OfflineInstallPreparation.ps1 -LicensePath $LicenseFile
 
-    if (Test-Path $FilesDir\files\*.nupkg) {
-        Invoke-Choco source add --name LocalChocolateySetup --source $FilesDir\files\ --Priority 1
+    if (Test-Path $FilesDir\packages\*.nupkg) {
+        Invoke-Choco source add --name LocalChocolateySetup --source $FilesDir\packages\ --Priority 1
     }
 
     # Set Choco Server Chocolatey Configuration
diff --git a/files/chocolatey.json b/packages/chocolatey.json
similarity index 100%
rename from files/chocolatey.json
rename to packages/chocolatey.json
diff --git a/files/jenkins.json b/packages/jenkins.json
similarity index 100%
rename from files/jenkins.json
rename to packages/jenkins.json
diff --git a/scripts/Create-ChocoLicensePkg.ps1 b/scripts/Create-ChocoLicensePkg.ps1
index 3cc11f4..2eb1938 100644
--- a/scripts/Create-ChocoLicensePkg.ps1
+++ b/scripts/Create-ChocoLicensePkg.ps1
@@ -13,7 +13,7 @@ param(
     # Local path used to build the license package.
     [Parameter()]
     [string]
-    $PackagesPath = "$env:SystemDrive\choco-setup\files\files",
+    $PackagesPath = "$env:SystemDrive\choco-setup\files\packages",
 
     # Path to the license file.
     [Parameter()]
diff --git a/tests/jenkins.tests.ps1 b/tests/jenkins.tests.ps1
index 5b0a13b..12788fd 100644
--- a/tests/jenkins.tests.ps1
+++ b/tests/jenkins.tests.ps1
@@ -74,7 +74,7 @@ Describe "Jenkins Configuration" {
 
     Context "Required Plugins" {
         BeforeDiscovery {
-            $ExpectedPlugins = (Get-Content $PSScriptRoot\..\files\jenkins.json | ConvertFrom-Json).plugins.name
+            $ExpectedPlugins = (Get-Content $PSScriptRoot\..\packages\jenkins.json | ConvertFrom-Json).plugins.name
         }
 
         BeforeAll {

From 5ca318482409371b225d5caf18b3a8a366f63b1d Mon Sep 17 00:00:00 2001
From: Ryan Richter <ryan@chocolatey.io>
Date: Wed, 17 Jul 2024 08:02:47 -0400
Subject: [PATCH 2/3] (#230) Adds ChocolateyCore Repository and Jenkins Job

- Add ChocolateyCore repo as main repo for core packages
- Add callout to new ChocolateyCore repository
- Remove See It In Action README section as video is outdated
- Fixup spelling/grammar in README
- Add new Update ChocolateyCore Repository Jenkins Job
- Add test to check for new Jenkins job
- Remove legacy build files from new and existing Jenkins jobs
---
 README.md                                     | 26 ++++++-----
 Set-SslSecurity.ps1                           | 40 ++++++++++++++---
 Start-C4bNexusSetup.ps1                       | 10 +++--
 .../builds/legacyIds                          |  0
 .../builds/permalinks                         |  2 -
 .../nextBuildNumber                           |  1 -
 .../config.xml                                | 43 +++++++++++++++++++
 .../builds/legacyIds                          |  0
 .../builds/permalinks                         |  6 ---
 .../nextBuildNumber                           |  1 -
 .../builds/legacyIds                          |  0
 .../builds/permalinks                         |  2 -
 .../nextBuildNumber                           |  1 -
 scripts/ClientSetup.ps1                       | 23 ++++++----
 tests/jenkins.tests.ps1                       |  4 ++
 tests/nexus.tests.ps1                         |  7 ++-
 16 files changed, 120 insertions(+), 46 deletions(-)
 delete mode 100644 jenkins/Internalize packages from the Community Repository/builds/legacyIds
 delete mode 100644 jenkins/Internalize packages from the Community Repository/builds/permalinks
 delete mode 100644 jenkins/Internalize packages from the Community Repository/nextBuildNumber
 create mode 100644 jenkins/Update ChocolateyCore Repository/config.xml
 delete mode 100644 jenkins/Update production repository/builds/legacyIds
 delete mode 100644 jenkins/Update production repository/builds/permalinks
 delete mode 100644 jenkins/Update production repository/nextBuildNumber
 delete mode 100644 jenkins/Update test repository from Chocolatey Community Repository/builds/legacyIds
 delete mode 100644 jenkins/Update test repository from Chocolatey Community Repository/builds/permalinks
 delete mode 100644 jenkins/Update test repository from Chocolatey Community Repository/nextBuildNumber

diff --git a/README.md b/README.md
index b198779..768fbb0 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,7 @@
 
 This repository contains a set of supporting scripts used for the Chocolatey for Business (C4B) Quick-Start Guide (QSG).
 
-These scripts can be used to assist in setup of a brand new Windows Server as a C4B Server.
+These scripts can be used to assist in the setup of a brand-new Windows Server as a C4B Server.
 
 Below is the Quick Start Guide as it exists currently on the [Chocolatey Docs](https://docs.chocolatey.org/en-us/guides/organizations/quick-start-guide/chocolatey-for-business-quick-start-guide).
 
@@ -34,14 +34,16 @@ As illustrated in the diagram above, there are four main components to a Chocola
 
 1. **C4B Licensed components**: A licensed version of Chocolatey includes:
     - Installation of the Chocolatey OSS client package itself (`chocolatey`)
-    - Chocolatey license file (`chocolatey.license.xml`) installed in the correct directory (`ProgramData\chocolatey\license`)
+    - The Chocolatey license file (`chocolatey.license.xml`) installed in the correct directory (`ProgramData\chocolatey\license`)
     - Installation of the Chocolatey Licensed extension (`chocolatey.extension`), giving you access to features like Package Builder, Package Internalizer, etc. (full list [here](https://docs.chocolatey.org/en-us/features/)).
 
-1. **NuGet V3 Repository Server App (Nexus)**: Chocolatey works best with a NuGet V3 repository. This application hosts and manages versioning of your Chocolatey package artifacts, in their enhanced NuGet package (.nupkg) file format. The quick start guide helps you setup [Sonatype Nexus Repository Manager (OSS)](https://www.sonatype.com/products/nexus-repository).
+1. **Repository Server (Sonatype Nexus)**: Chocolatey works best with a NuGet repository. This repository hosts and manages the versioning of your Chocolatey package artifacts, in their enhanced NuGet package (.nupkg) file format. The quick start guide helps you set up [Sonatype Nexus Repository Manager (OSS)](https://www.sonatype.com/products/nexus-repository).
 
-1. **Chocolatey Central Management (CCM)**: CCM is the Web UI portal for your entire Chocolatey environment. Your endpoints check-in to CCM to report their package status. This includes the Chocolatey packages they have installed, and whether any of these packages are outdated. And now, with CCM Deployments, you can also deploy packages or package updates to groups of endpoints, as well as ad-hoc PowerShell commands. CCM is backed by an MS SQL Database. This guide will set up MS SQL Express for you.
+1. **Chocolatey Central Management (CCM)**: CCM is a web-based application for managing the state of Chocolatey packages in your environment. Your endpoints check in via the Chocolatey agent and report basic computer information (host name, IP address), and what Chocolatey packages are installed, as well as if any of those packages are outdated. A deployment capability allows you to install, upgrade, or uninstall packages, and for more advanced scenarios run ad-hoc PowerShell code on your endpoints.
 
-1. **Automation Pipeline (Jenkins)**: A pipeline tool will help you automate repetitive tasks, such checking for updates to a set of Chocolatey Packages from the Chocolatey Community Repository (CCR). If updates exist, the pipeline task will auto-internalize your list of packages, and push them into your NuGet repository for you. This guide will help you set up Jenkins as your automation pipeline.
+CCM is backed by an MS SQL Database, which this guide will set up and configure for you based on Microsoft SQL Server Express.
+
+1. **Automation Pipeline (Jenkins)**: A pipeline tool will help you automate repetitive tasks, such as checking for updates to a set of Chocolatey Packages from the Chocolatey Community Repository (CCR). If updates exist, the pipeline task will auto-internalize your list of packages, and push them into your NuGet repository for you. This guide will help you set up Jenkins as your automation pipeline.
 
 ## Requirements
 
@@ -62,7 +64,7 @@ Below are the minimum requirements for setting up your C4B server via this guide
 
 1. Install all Windows Updates.
 
-1. If you plan on joining this server to your Active Directory domain, do so now before beginning setup below.
+1. If you plan on joining this server to your Active Directory domain, do so now before beginning the setup below.
 
 1. If you plan to use a Purchased/Acquired or Domain SSL certificate, please ensure the CN/Subject value matches the DNS-resolvable Fully Qualified Domain Name (FQDN) of your C4B Server. Place this certificate in the `Local Machine > Personal` certificate store, and ensure that the private key is exportable.
 
@@ -120,9 +122,11 @@ Below are the minimum requirements for setting up your C4B server via this guide
     > <ul class="list-style-type-disc">
     > <li>Installs Sonatype Nexus Repository Manager OSS instance</li>
     > <li>Cleans up all demo repositories on Nexus</li>
+    > <li>Creates a "ChocolateyCore" NuGet repository</li>
     > <li>Creates a "ChocolateyInternal" NuGet repository</li>
     > <li>Creates a "ChocolateyTest" NuGet repository</li>
     > <li>Creates a "choco-install" raw repository</li>
+    > <li>Sets up "ChocolateyCore" on C4B Server as source, with API key</li>
     > <li>Sets up "ChocolateyInternal" on C4B Server as source, with API key</li>
     > <li>Adds firewall rule for repository access</li>
     > <li>Installs MS Edge, and disables first-run experience</li>
@@ -177,7 +181,7 @@ Below are the minimum requirements for setting up your C4B server via this guide
     .\Set-SslSecurity.ps1
     ```
 
-    **ALTERNATIVE 1 : Custom SSL Certificate** - If you have your own custom SSL certificate (purchased/acquired, or from your Domain CA), you can paste and run the following script with the `Thumbprint` value of your SSL certificate specified:
+    **ALTERNATIVE 1: Custom SSL Certificate** - If you have your own custom SSL certificate (purchased/acquired, or from your Domain CA), you can paste and run the following script with the `Thumbprint` value of your SSL certificate specified:
 
     ```powershell
     Set-Location "$env:SystemDrive\choco-setup\files"
@@ -189,7 +193,7 @@ Below are the minimum requirements for setting up your C4B server via this guide
     > :memo: **NOTE**
     > You may have noticed the `-Hardened` parameter we've added above. When using a custom SSL certificate, this parameter will further secure access to your C4B Server. A Role and User credential will be configured to limit access to your Nexus repositories. As well, CCM Client and Service Salts are configured to further encrypt your connection between CCM and your endpoint clients. These additional settings are also incorporated into your `Register-C4bEndpoint.ps1` script for onboarding endpoints. We do require you to enable this option if your C4B Server will be Internet-facing, with a FQDN that resolves to a public IP.
 
-    **ALTERNATIVE 2 : Wildcard SSL Certificate** - If you have a wildcard certificate, you will also need to provide a DNS name you wish to use for that certificate:
+    **ALTERNATIVE 2: Wildcard SSL Certificate** - If you have a wildcard certificate, you will also need to provide a DNS name you wish to use for that certificate:
 
     ```powershell
     Set-Location "$env:SystemDrive\choco-setup\files"
@@ -272,9 +276,3 @@ Below are the minimum requirements for setting up your C4B server via this guide
 Congratulations! If you followed all the steps detailed above, you should now have a fully functioning Chocolatey for Business implementation deployed in your environment.
 
 It is worth mentioning that some customers may have a more bespoke environment, with the presence of proxies and additional configuration management applications. Chocolatey is engineered to be quite flexible, specifically to account for these scenarios. Please refer to the many options for installation referenced on the [Installation page](https://docs.chocolatey.org/en-us/licensed-extension/setup#more-install-options). Again, If you have any questions or would like to discuss more involved implementations, please feel free to reach out to your Chocolatey representative.
-
-### See it in Action
-
-If you'd prefer to watch and follow along, here is a recording of our Chocolatey Team going through this guide live on our Twitch stream:
-
-[YouTube Video](https://www.youtube.com/embed/qbIclPMEgig)
diff --git a/Set-SslSecurity.ps1 b/Set-SslSecurity.ps1
index e2aa2be..2402dbb 100644
--- a/Set-SslSecurity.ps1
+++ b/Set-SslSecurity.ps1
@@ -137,7 +137,10 @@ process {
     Write-Host "Nexus is ready!"
 
     Invoke-Choco source remove --name="'ChocolateyInternal'"
-    $RepositoryUrl = "https://${SubjectWithoutCn}:8443/repository/ChocolateyInternal/index.json"
+    $InternalRepositoryUrl = "https://${SubjectWithoutCn}:8443/repository/ChocolateyInternal/index.json"
+
+    Invoke-Choco source remove --name="'ChocolateyCore'"
+    $CoreRepositoryUrl = "https://${SubjectWithoutCn}:8443/repository/ChocolateyCore/index.json"
 
     # Build Credential Object, Connect to Nexus
     $securePw = (Get-Content 'C:\programdata\sonatype-work\nexus3\admin.password') | ConvertTo-SecureString -AsPlainText -Force
@@ -185,12 +188,23 @@ process {
             'source',
             'add',
             "--name='ChocolateyInternal'",
-            "--source='$RepositoryUrl'",
+            "--source='$InternalRepositoryUrl'",
             '--priority=1',
             "--user='chocouser'",
             "--password='$NexusPw'"
         )
-        & Invoke-Choco @ChocoArgs
+        & choco @ChocoArgs
+
+        $ChocoArgs = @(
+            'source',
+            'add',
+            "--name='ChocolateyCore'",
+            "--source='$CoreRepositoryUrl'",
+            '--priority=0',
+            "--user='chocouser'",
+            "--password='$NexusPw'"
+        )
+        & choco @ChocoArgs
     }
 
     else {
@@ -198,14 +212,26 @@ process {
             'source',
             'add',
             "--name='ChocolateyInternal'",
-            "--source='$RepositoryUrl'",
+            "--source='$InternalRepositoryUrl'",
             '--priority=1'
         )
         & Invoke-Choco @ChocoArgs
+
+        $ChocoArgs = @(
+            'source',
+            'add',
+            "--name='ChocolateyCore'",
+            "--source='$CoreRepositoryUrl'",
+            '--priority=0'
+        )
+        & Invoke-Choco @ChocoArgs
     }
 
     # Update Repository API key
-    $chocoArgs = @('apikey', "--source='$RepositoryUrl'", "--api-key='$NuGetApiKey'")
+    $chocoArgs = @('apikey', "--source='$InternalRepositoryUrl'", "--api-key='$NuGetApiKey'")
+    & Invoke-Choco @chocoArgs
+
+    $chocoArgs = @('apikey', "--source='$CoreRepositoryUrl'", "--api-key='$NuGetApiKey'")
     & Invoke-Choco @chocoArgs
 
     # Reset the NuGet v3 cache, such that it doesn't capture localhost as the FQDN
@@ -213,7 +239,7 @@ process {
 
     Update-Clixml -Properties @{
         NexusUri = "https://$($SubjectWithoutCn):8443"
-        NexusRepo = $RepositoryUrl
+        NexusRepo = $CoreRepositoryUrl
         ChocoUserPassword = $NexusPw
     }
 
@@ -268,7 +294,7 @@ process {
 # Touch NOTHING below this line
 `$User = 'chocouser'
 `$SecurePassword = `$NexusUserPW | ConvertTo-SecureString -AsPlainText -Force
-`$RepositoryUrl = "https://`$(`$fqdn):8443/repository/ChocolateyInternal/index.json"
+`$RepositoryUrl = "https://`$(`$fqdn):8443/repository/ChocolateyCore/index.json"
 
 `$credential = [pscredential]::new(`$user, `$securePassword)
 
diff --git a/Start-C4bNexusSetup.ps1 b/Start-C4bNexusSetup.ps1
index 4f46a12..280a804 100644
--- a/Start-C4bNexusSetup.ps1
+++ b/Start-C4bNexusSetup.ps1
@@ -47,6 +47,7 @@ process {
     Enable-NexusRealm -Realm 'NuGet API-Key Realm'
 
     #Create Chocolatey repositories
+    New-NexusNugetHostedRepository -Name ChocolateyCore -DeploymentPolicy Allow
     New-NexusNugetHostedRepository -Name ChocolateyInternal -DeploymentPolicy Allow
     New-NexusNugetHostedRepository -Name ChocolateyTest -DeploymentPolicy Allow
     New-NexusRawHostedRepository -Name choco-install -DeploymentPolicy Allow -ContentDisposition Attachment
@@ -56,11 +57,11 @@ process {
 
     # Push all packages from previous steps to NuGet repo
     Get-ChildItem -Path "$env:SystemDrive\choco-setup\files\packages" -Filter *.nupkg | ForEach-Object {
-        Invoke-Choco push $_.FullName --source "$((Get-NexusRepository -Name 'ChocolateyInternal').url)/index.json" --apikey $NugetApiKey --force
+        Invoke-Choco push $_.FullName --source "$((Get-NexusRepository -Name 'ChocolateyCore').url)/index.json" --apikey $NugetApiKey --force
     }
 
     # Temporary workaround to reset the NuGet v3 cache, such that it doesn't capture localhost as the FQDN
-    Remove-NexusRepositoryFolder -RepositoryName ChocolateyInternal -Name v3
+    Remove-NexusRepositoryFolder -RepositoryName ChocolateyCore -Name v3
 
     # Push latest ChocolateyInstall.ps1 to raw repo
     $ScriptDir = "$env:SystemDrive\choco-setup\files\scripts"
@@ -84,10 +85,13 @@ process {
     # Add ChocolateyInternal as a source repository
     Invoke-Choco source add -n 'ChocolateyInternal' -s "$((Get-NexusRepository -Name 'ChocolateyInternal').url)/index.json" --priority 1
 
-    #Remove Local Chocolatey Setup Source
+    # Remove Local Chocolatey Setup Source
     $chocoArgs = @('source', 'remove', '--name="LocalChocolateySetup"')
     & Invoke-Choco @chocoArgs
     
+    # Add ChocolateyCore as a source repository
+    Invoke-Choco source add -n 'ChocolateyCore' -s "$((Get-NexusRepository -Name 'ChocolateyCore').url)/index.json" --priority 0 --admin-only
+
     # Install a non-IE browser for browsing the Nexus web portal.
     if (-not (Test-Path 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe')) {
         Write-Host "Installing Microsoft Edge, to allow viewing the Nexus site"
diff --git a/jenkins/Internalize packages from the Community Repository/builds/legacyIds b/jenkins/Internalize packages from the Community Repository/builds/legacyIds
deleted file mode 100644
index e69de29..0000000
diff --git a/jenkins/Internalize packages from the Community Repository/builds/permalinks b/jenkins/Internalize packages from the Community Repository/builds/permalinks
deleted file mode 100644
index d7703c1..0000000
--- a/jenkins/Internalize packages from the Community Repository/builds/permalinks	
+++ /dev/null
@@ -1,2 +0,0 @@
-lastFailedBuild -1
-lastSuccessfulBuild -1
diff --git a/jenkins/Internalize packages from the Community Repository/nextBuildNumber b/jenkins/Internalize packages from the Community Repository/nextBuildNumber
deleted file mode 100644
index d00491f..0000000
--- a/jenkins/Internalize packages from the Community Repository/nextBuildNumber	
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/jenkins/Update ChocolateyCore Repository/config.xml b/jenkins/Update ChocolateyCore Repository/config.xml
new file mode 100644
index 0000000..5055fa2
--- /dev/null
+++ b/jenkins/Update ChocolateyCore Repository/config.xml	
@@ -0,0 +1,43 @@
+<?xml version="1.1" encoding="UTF-8"?><flow-definition plugin="workflow-job@2.37">
+  <actions/>
+  <description>Automatically update any out of date packages in the ChocolateyCore repository from the Licensed and Community Repositories</description>
+  <keepDependencies>false</keepDependencies>
+  <properties>
+    <org.jenkinsci.plugins.workflow.job.properties.DisableConcurrentBuildsJobProperty/>
+    <hudson.model.ParametersDefinitionProperty>
+      <parameterDefinitions>
+        <hudson.model.StringParameterDefinition>
+          <name>P_LOCAL_REPO_URL</name>
+          <description>Internal core repository.</description>
+          <defaultValue>https://{{hostname}}:8443/repository/ChocolateyCore/index.json</defaultValue>
+          <trim>true</trim>
+        </hudson.model.StringParameterDefinition>
+        <hudson.model.StringParameterDefinition>
+          <name>P_REMOTE_REPO_URL</name>
+          <description>Remote repositories containing updated package versions.</description>
+          <defaultValue>https://licensedpackages.chocolatey.org/api/v2/;https://community.chocolatey.org/api/v2/</defaultValue>
+          <trim>true</trim>
+        </hudson.model.StringParameterDefinition>
+        <hudson.model.PasswordParameterDefinition>
+          <name>P_LOCAL_REPO_API_KEY</name>
+          <description>API key for the internal core repository where updated packages will be pushed.</description>
+          <defaultValue>{{NugetApiKey}}</defaultValue>
+        </hudson.model.PasswordParameterDefinition>
+      </parameterDefinitions>
+    </hudson.model.ParametersDefinitionProperty>
+  </properties>
+  <definition class="org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition" plugin="workflow-cps@2.80">
+    <script>node {
+    powershell '''
+        Set-Location (Join-Path "$env:SystemDrive" -ChildPath 'scripts')
+        .\\Get-UpdatedPackage.ps1  -LocalRepo $env:P_LOCAL_REPO_URL `
+        -LocalRepoApiKey $env:P_LOCAL_REPO_API_KEY `
+        -RemoteRepo $env:P_REMOTE_REPO_URL `
+        -Verbose
+    '''
+}</script>
+    <sandbox>true</sandbox>
+  </definition>
+  <triggers/>
+  <disabled>false</disabled>
+</flow-definition>
diff --git a/jenkins/Update production repository/builds/legacyIds b/jenkins/Update production repository/builds/legacyIds
deleted file mode 100644
index e69de29..0000000
diff --git a/jenkins/Update production repository/builds/permalinks b/jenkins/Update production repository/builds/permalinks
deleted file mode 100644
index 3e5edba..0000000
--- a/jenkins/Update production repository/builds/permalinks	
+++ /dev/null
@@ -1,6 +0,0 @@
-lastCompletedBuild -1
-lastFailedBuild -1
-lastStableBuild -1
-lastSuccessfulBuild -1
-lastUnstableBuild -1
-lastUnsuccessfulBuild -1
diff --git a/jenkins/Update production repository/nextBuildNumber b/jenkins/Update production repository/nextBuildNumber
deleted file mode 100644
index d00491f..0000000
--- a/jenkins/Update production repository/nextBuildNumber	
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/jenkins/Update test repository from Chocolatey Community Repository/builds/legacyIds b/jenkins/Update test repository from Chocolatey Community Repository/builds/legacyIds
deleted file mode 100644
index e69de29..0000000
diff --git a/jenkins/Update test repository from Chocolatey Community Repository/builds/permalinks b/jenkins/Update test repository from Chocolatey Community Repository/builds/permalinks
deleted file mode 100644
index d7703c1..0000000
--- a/jenkins/Update test repository from Chocolatey Community Repository/builds/permalinks	
+++ /dev/null
@@ -1,2 +0,0 @@
-lastFailedBuild -1
-lastSuccessfulBuild -1
diff --git a/jenkins/Update test repository from Chocolatey Community Repository/nextBuildNumber b/jenkins/Update test repository from Chocolatey Community Repository/nextBuildNumber
deleted file mode 100644
index d00491f..0000000
--- a/jenkins/Update test repository from Chocolatey Community Repository/nextBuildNumber	
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/scripts/ClientSetup.ps1 b/scripts/ClientSetup.ps1
index 5f37979..63c5260 100644
--- a/scripts/ClientSetup.ps1
+++ b/scripts/ClientSetup.ps1
@@ -9,7 +9,7 @@ param(
     [Parameter()]
     [Alias('Url')]
     [string]
-    $RepositoryUrl = 'https://{{hostname}}:8443/repository/ChocolateyInternal/index.json',
+    $RepositoryUrl = 'https://{{hostname}}:8443/repository/ChocolateyCore/index.json',
 
     # The credential necessary to access the internal Nexus repository. This can
     # be ignored if Anonymous authentication is enabled.
@@ -112,21 +112,28 @@ choco config set commandExecutionTimeoutSeconds 14400
 choco feature disable --name="'usePackageRepositoryOptimizations'"
 
 if ($InternetEnabled) {
-    choco source add --name="'ChocolateyInternal'" --source="'$RepositoryUrl'" --allow-self-service --user="'$($Credential.UserName)'" --password="'$($Credential.GetNetworkCredential().Password)'" --priority=1
+    choco source add --name="'ChocolateyCore'" --source="'$RepositoryUrl'" --allow-self-service --admin-only --user="'$($Credential.UserName)'" --password="'$($Credential.GetNetworkCredential().Password)'" --priority=0
 }
 else {
-    choco source add --name="'ChocolateyInternal'" --source="'$RepositoryUrl'" --allow-self-service --priority=1
+    choco source add --name="'ChocolateyCore'" --source="'$RepositoryUrl'" --allow-self-service --admin-only --priority=0
+}
+
+if ($InternetEnabled) {
+    choco source add --name="'ChocolateyInternal'" --source="'$($RepositoryUrl -replace '(?<=/)ChocolateyCore(/index.json)?', 'ChocolateyInternal$1')'" --allow-self-service --user="'$($Credential.UserName)'" --password="'$($Credential.GetNetworkCredential().Password)'" --priority=1
+}
+else {
+    choco source add --name="'ChocolateyInternal'" --source="'$($RepositoryUrl -replace '(?<=/)ChocolateyCore(/index.json)?', 'ChocolateyInternal$1')'" --allow-self-service --priority=1
 }
 
 choco source disable --name="'Chocolatey'"
 choco source disable --name="'chocolatey.licensed'"
 
-choco upgrade chocolatey-license -y --source="'ChocolateyInternal'"
-choco upgrade chocolatey.extension -y --params="'/NoContextMenu'" --source="'ChocolateyInternal'" --no-progress
-choco upgrade chocolateygui -y --source="'ChocolateyInternal'" --no-progress
-choco upgrade chocolateygui.extension -y --source="'ChocolateyInternal'" --no-progress
+choco upgrade chocolatey-license -y --source="'ChocolateyCore'"
+choco upgrade chocolatey.extension -y --params="'/NoContextMenu'" --source="'ChocolateyCore'" --no-progress
+choco upgrade chocolateygui -y --source="'ChocolateyCore'" --no-progress
+choco upgrade chocolateygui.extension -y --source="'ChocolateyCore'" --no-progress
 
-choco upgrade chocolatey-agent -y --source="'ChocolateyInternal'"
+choco upgrade chocolatey-agent -y --source="'ChocolateyCore'"
 
 # Chocolatey Package Upgrade Resilience
 choco feature enable --name="'excludeChocolateyPackagesDuringUpgradeAll'"
diff --git a/tests/jenkins.tests.ps1 b/tests/jenkins.tests.ps1
index 12788fd..25da985 100644
--- a/tests/jenkins.tests.ps1
+++ b/tests/jenkins.tests.ps1
@@ -64,6 +64,10 @@ Describe "Jenkins Configuration" {
         It "'Update test repository from Chocolatey Community Repository' is present" {
             'Update test repository from Chocolatey Community Repository' -in $jobs | Should -Be $true
         }
+
+        It "'Update ChocolateyCore Repository' is present" {
+            'Update ChocolateyCore Repository' -in $jobs | Should -Be $true
+        }
     }
 
     Context "Web Interface" {
diff --git a/tests/nexus.tests.ps1 b/tests/nexus.tests.ps1
index df30c15..e942e12 100644
--- a/tests/nexus.tests.ps1
+++ b/tests/nexus.tests.ps1
@@ -64,10 +64,15 @@ Describe "Nexus Configuration" {
 
             $repositories = Get-NexusRepository
         }
+
         It "ChocolateyInternal" {
             'ChocolateyInternal' -in $repositories.Name | Should -Be $true
         }
 
+        It "ChocolateyCore" {
+            'ChocolateyCore' -in $repositories.Name | Should -Be $true
+        }
+
         It "ChocolateyTest" {
             'ChocolateyTest' -in $repositories.Name | Should -Be $true
         }
@@ -87,7 +92,7 @@ Describe "Nexus Configuration" {
                 C:\ProgramData\chocolatey\choco.exe cache remove
             }
 
-            $packages = C:\ProgramData\chocolatey\choco.exe search -s ChocolateyInternal -r | ConvertFrom-Csv -Delimiter '|' -Header Package, Version
+            $packages = C:\ProgramData\chocolatey\choco.exe search -s ChocolateyCore -r | ConvertFrom-Csv -Delimiter '|' -Header Package, Version
         }
 
         It "<Name> is in the repository" -ForEach @( $JointPackages + $RepositoryOnlyPackages ) {

From 0fe05076b083bc520634551402714a124d3e0f06 Mon Sep 17 00:00:00 2001
From: Ryan Richter <ryan@chocolatey.io>
Date: Wed, 24 Jul 2024 12:19:58 -0400
Subject: [PATCH 3/3] (fix) Fix Flaky Edge Package Test

Add handling to bring edge under Chocolatey management if it was natively installed by a newer server OS.

This should ensure that the test is more consistent, delivering the same result regardless of if the Chocolatey package were installed or not.
---
 Start-C4bNexusSetup.ps1 | 29 +++++++++++++++++------------
 1 file changed, 17 insertions(+), 12 deletions(-)

diff --git a/Start-C4bNexusSetup.ps1 b/Start-C4bNexusSetup.ps1
index 280a804..8d77b92 100644
--- a/Start-C4bNexusSetup.ps1
+++ b/Start-C4bNexusSetup.ps1
@@ -93,20 +93,25 @@ process {
     Invoke-Choco source add -n 'ChocolateyCore' -s "$((Get-NexusRepository -Name 'ChocolateyCore').url)/index.json" --priority 0 --admin-only
 
     # Install a non-IE browser for browsing the Nexus web portal.
-    if (-not (Test-Path 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe')) {
+    if (Test-Path 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe'){
+        Write-Host "Syncing Microsoft Edge, to bring it under Chocolatey management"
+        Invoke-Choco sync --id="Microsoft Edge" --package-id="microsoft-edge"
+    }
+    else {
         Write-Host "Installing Microsoft Edge, to allow viewing the Nexus site"
-        Invoke-Choco install microsoft-edge -y --source ChocolateyInternal
-        if ($LASTEXITCODE -eq 0) {
-            if (Test-Path 'HKLM:\SOFTWARE\Microsoft\Edge') {
-                $RegArgs = @{
-                    Path = 'HKLM:\SOFTWARE\Microsoft\Edge\'
-                    Name = 'HideFirstRunExperience'
-                    Type = 'Dword'
-                    Value = 1
-                    Force = $true
-                }
-                $null = Set-ItemProperty @RegArgs
+
+        Invoke-Choco install microsoft-edge -y --source ChocolateyCore
+    }
+    if ($LASTEXITCODE -eq 0) {
+        if (Test-Path 'HKLM:\SOFTWARE\Microsoft\Edge') {
+            $RegArgs = @{
+                Path = 'HKLM:\SOFTWARE\Microsoft\Edge\'
+                Name = 'HideFirstRunExperience'
+                Type = 'Dword'
+                Value = 1
+                Force = $true
             }
+            $null = Set-ItemProperty @RegArgs
         }
     }