Disabling automatic refresh for snap from store

backlog

#242

What about playing around the refresh.timer to give it an unreachable day through setting a cronjob :
0 0 */5 * * /usr/bin/snap set system refresh.timer=$(/bin/date --date "-1 days" +%a | /usr/bin/tr '[:upper:]' '[:lower:]')

or downloading a snap and installing it without the .assert file.


#243

It’s trivial to disable auto-updates on those platforms. Each of them includes a simple “do not automatically apply updates” option. In my mind, that disqualifies every one of them as a valid example.


#244

It’s been almost two years (and ~200 comments) since I originally participated in this discussion. At work, we are once again doing some evaluations of how we package and distribute software for some of our platforms and how we manage some of our systems, and snappy still strikes me as having a lot of great potential for us.

Unfortunately, I see that this is still an unresolved request, and after reading through the comments, it seems pretty clear that a simple method of supporting manual updates (and disabling forced automatic updates) is never going to happen. I could go through and explain our internal processes and some of the contractual and regulatory requirements that require us to certify systems and not make changes to them for set periods of time (and yes, they’re typically greater than 60 days). I could explain the process we go through to secure the systems and mitigate the risks. I could discuss how the various teams managing the platforms need to careful plan and schedule their upgrades and changes on their own timelines, separate from when updates are pushed by developers.

But, it isn’t really going to make a difference, is it?

You want to force a strict update process that matches your idea of how things should be done, and I’m just interested in what seems to be the best available cross-distribution software packaging system. . . and in managing my systems.

The simple fact is that for my use case (and many others), this lack of functionality makes an otherwise really useful piece of software into a simple non-starter. It just can’t meet my requirements. And no, I’m not willing to muck with firewall rules to work around it, and I’m really not going to work around this snappy limitation through additional software like the (proprietary) proxy (I’m not interested in dealing with the additional overhead and complexity there).

From the discussion, it appears that the bar for evidence to justify a straightforward option to disable auto-updates has been raised higher with every request for the feature, and it doesn’t look like it’s ever going to be met. I concur with a few previous suggestions: at this point, after more than two years, the request should probably just be closed as “won’t fix” so people can realize that it’s not going to happen.

I still really like most of the ideas and technology behind snappy, but I can’t compromise on one point: I am the one that know what’s best for my systems. And, as I am the one responsible for them, I will always need the ability to control them, including updates. We’re not willing to risk our systems and our revenue on unexpected or uncontrolled software changes. End of discussion.

It’s interesting that I can’t think of any other single platform anywhere that has taken such an overbearing and high-handed approach to updates. Not one. Perhaps there are good reasons why that is?

Regardless, congratulations on the very cool technology you’ve produced. I just wish it didn’t come with such forced ideology.


#245

I think I just had a realization. Perhaps my frustration is my fault, in that I was trying to look at snappy as a truly universal cross-distribution software packaging system. That seemed like the goal to me.

Now, however, after reading some of the comments on External repositories, I think I see my mistake and misunderstanding. Snappy isn’t the universal cross-distribution software packaging system I was looking for. It’s the cross-distribution end-user-focused software app store I wasn’t looking for.

I’m approaching this from the IT professional and system administration perspective, and trying to solve enterprise system and software distribution/management/update problems. I thought I could make Snappy fit into that, but I now suspect that I was wrong, and that Snappy doesn’t actually care about my problems (at least not if they in any way conflict with the goals of being an end-user focused app store (with an excessively strictly enforced update ideology)). Perhaps I’m not the only one to make this mistake?

I would never put Snappy on any server I’m responsible for because the current design is broken from an enterprise system administration perspective (at least, it is to me). However, from a user desktop or laptop perspective, Snappy’s forced updates are maybe (slightly) less obnoxious.

I still fundamentally disagree with the update stance (see previous comment about not being able to think of any single platform that is so determined to force its views on updates on people), but since it seems intended for a different use-case than mine, I’ll just move along and focus on alternatives that fit professional systems engineers better.


#246

Experienced system administrator here. It’s crucial for me to keep my systems running. I don’t want nor need to auto-update snaps which could potentially introduce critical bugs and require manual interaction to fix them (not always possible without causing downtime).
Please provide a way to (optionally) disable snap updates.


#247

I spoke to one of the Canonical sales rep about this and he told me the suggested approach is to pay for a branded store (currently 15K per year) where you control all the snaps in it and when they get released. This should solve the problem for critical (i.e. commercial) solutions that need to have tight control (when updates get released) over their systems. Am I missing something? or is this discussion more about the principle (FOSS etc)?
I didn’t see mention of this fact in this thread so I’m adding it to make it more visible as it seems to solve the practical problem