70d92243a9
The current method of installing the distribution packages required is set in the tasks and cannot be changed by a deployer. Currently the apt task always installs the latest package. This results in unexpected binary changes when a deployer may simply be trying to execute a configuration change. This patch adds the ability for a deployer to change the desired state so that the results are predictable. Change-Id: I896ef4f57afa55f52b05799efce2ef370f31dee0
14 lines
662 B
YAML
14 lines
662 B
YAML
---
|
|
features:
|
|
- The security role now supports the ability to configure whether
|
|
apt/yum tasks install the latest available package, or just ensure
|
|
that the package is present. The default action is to ensure that
|
|
the latest package is present. The action taken may be changed to
|
|
only ensure that the package is present by setting
|
|
``security_package_state`` to ``present``.
|
|
upgrade:
|
|
- The security role always checks whether the latest package is
|
|
installed when executed. If a deployer wishes to change the check to
|
|
only validate the presence of the package, the option
|
|
``security_package_state`` should be set to ``present``.
|