More features

[jujugrrr]

I think we could to a more powerful automatic_updates

• security updates only
• whitelist/blacklist of some packages
• scheduled updates (how often, at what time ...)
• Report / Chef handler to know updated packages
• Ohai to tell when it's been updated for the last time ?

Some of those options could be implemented with a bit of configuration, some other will require to do some research.

[martinb3]

@brint gathered requirements here, and found what was wanted was exact feature parity to what current automation does. We actually had things with more features in patchman, but they weren't part of the recent spec. I think we'd have to really work with our downstream users to be sure before adding this stuff in.

[brint]

@martinb3 @jujugrrr We received our requirements from @mparker1001 for the initial release. I'm not sure if any thought has been put into how we iterate yet.

[cybermerc]

I agree with @jujugrrr that the basic requirements are a good start but I would think this is a good area for us to provide additional options beyond what is being requested today by support. Even if they are not enabled by default I think we should have considerably more options available for customers that are more security conscious.

I would think this is any easy win and a chance to be proactive vice reactive. If these additional options are being provided somewhere else then we need to understand how/where to ensure we are providing the most secure environment for our customers.

[jujugrrr]

Thanks for the reply.

Could we not add all the features without impacting the default behaviour? So if requirements are minimal (like it is now) it works, but if you need something more evolved then we can.

Basically what @cybermerc Said 😉

Even if they are not enabled by default I think we should have considerably more options available for customers that are more security conscious.