I started some work on this topic in the past - https://github.com/ohadlevy/dish

I'd say complete lifecycle of servers is the goal of katello where foreman is a component. The patch management role is affected to pulp more than foreman IMO.

Hi Ohad,

Could dish be reworked as a Foreman plugin?

I'm wondering if an accompanying puppet module or fact could retrieve pending updates for each host and store that in Foreman's (or puppetDB) database, rather than a separate DB and SSH script as dish currently has. Added bonuses:

- check if a reboot is required e.g. if a kernel update is part of the pending packages.
- ability to apply updates from Foreman

Some of these are not trivial and probably require functionality beyond the scope of Foreman. Patch management is one area I've been slacking in and just seems like a good area for Foreman to cover. I'm aware of Katello and pulp, but AFAIK I can't "add" these tools to my existing Foreman setup. Sounds like its on their to-do list.

Anyway, I've got time to contribute to this, so wanted to get your thoughts.

The Katello project is beginning to rework the application to be a Foreman plugin, so hopefully you will be able to add this to Foreman in the future. Check the "engine" branch on the GitHub project and the Katello sub-project in this redmine instance too.