Baseline Patching Overview
Baseline patching allows you to maintain consistency across environments by ensuring the same packages are installed on all your systems. This feature performs the patching or scanning on your first environment, then builds a snapshot based on the state of the VMs after that action. This snapshot of packages is then applied at subsequent scan or patch actions.
When you need to ensure that all your environments (development, testing, production) have identical packages installed, baseline patching provides a reliable, automated solution.
How It Works
The baseline patching process follows these steps:
- A Baseline Source action (
PATCHorSCAN) is executed in your first environment (typically development). - During execution, the system automatically creates a Package Snapshot.
- Subsequent Dependent Actions use this snapshot to install the exact same packages in other environments.
- This ensures consistent package versions across all environments.
Key Concepts
Package snapshot
A package snapshot captures the state of all package versions for each OS type on the resources involved in Baseline Source Action
Baseline Source Action
The first PATCH or SCAN action in your plan that defines the baseline source. This action:
- Is labeled with a Baseline
- Creates a package snapshot after execution.
- Controls settings for all Dependent Actions
- Can only be set once per plan.
Dependent Actions
All subsequent PATCH or SCAN actions that follow the baseline source:
- Are marked with a green dot indicator ●
- Inherit settings from the baseline source.
- For
PATCHactions: Install the same packages that were scanned at baseline source. - For
SCANactions: Use the same settings as baseline source, but function like a standardSCANaction otherwise.
Baseline Patching Workflow
The following diagram illustrates the typical baseline patching process across environments: