Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mission critical app management #22616

Open
noahtalerman opened this issue Oct 3, 2024 · 1 comment
Open

Mission critical app management #22616

noahtalerman opened this issue Oct 3, 2024 · 1 comment
Labels
objective A quarterly company objective

Comments

@noahtalerman
Copy link
Member

noahtalerman commented Oct 3, 2024
edited
Loading

  • @noahtalerman: User will expect that Fleet offers all the built-in applications that are offered in other MDM solutions (ex. Jamf, Omnissa, etc.)
  • @nonpunctual: Users w/ a Windows minority Fleet will expect some apps to auto-update themselves, unrelated to the MDM. In those cases, I use 3rd party auto-update options for each application within each application and it's not related to my MDM. For some of these end users will get a prompt to update now or later. Other apps will silently update. But none of these apps are done in the MDM. People just go buy Notepad++. And they go buy Screenflow. And it has nothing to do with the business.
    • @username: In the interim TODO
    • @username: Eventually TODO
  • @nonpunctual: Users who manage Windows will expect to be able to see the software installed, and to be able to set the version of applications and packages like python and patch them, just like an Apple admin. But one particular important wrinkle is Microsoft Office.
  • @noahtalerman: Users who manage Windows will expect .... will they expect to be able to use the VPP equivalent for Windows to install from app stores? (Microsoft Store for Windows)
  • @nonpunctual: Users w/ a Windows minority Fleet will expect that the new Windows boot experience will look like it does for Macs. This means that end users will see which apps are being installed (including status) and end users won't be able to start using their workstation until the apps are installed.
  • @mikermcneil: User will expect that when their patching policies are applied, it won't randomly kick users out of their apps without warning.
    • @noahtalerman: In the interim before Fleet handles waiting to install apps until they're closed or letting the end user know that apps will be closed, the IT admin will write a pre-install condition to check if the app is running. If the app is running it will be marked as a "Failed" install and the end user won't see anything. IT admin will have to manually install. Without this pre-install condition, the will install (install script will run).
    • @mikermcneil: Eventually Fleet will warn the end user that they have to quit an app or it will be automatically quit on their behalf because their organization requires that the app is updated within a certain timeframe (ex. 2 weeks)
  • @mikermcneil: Companies will expect employees of their companies not to be bothered with notifications about updating Google Chrome 6 times per week.
  • @harrisonravazzolo: Users will expect the place you set up managed apps to be the same place you set the patching policy (either "Latest, 1 week after release", "Latest, immediately, as soon as released", or a particular version) for those apps. eg. if Zoom releases version 3, and my patching policy says "Latest", I get version 3 installed across wherever that patching policy.
    • @mikermcneil: In the interim before you can conveniently manage versions in the same place as where you add the app, we could add help text in the "Add software" modal and on the software title detail page (in the versions table probably), to let you know how to set the patch policy.
    • @mikermcneil: Eventually patching policies might be invisible on the policies page and the only place to set them is on the software.
  • @harrisonravazzolo: Users will expect a way to install one of their managed apps across an entire swath of hosts all at once.
    • @mikermcneil: In the interim before you can conveniently install managed apps on all hosts at once in the same place as where you add the app, we could add help text in the "Add software" modal and on the software title detail page (in the versions table probably), to let you know how to set the one-time-install policy.
  • @harrisonravazzolo Users would love and it would be convenient to be able to copy and paste from existing code, e.g. what Kandji calls "audit and enforce" provides some big hairy shell scripts that run to check the status of certain apps, like a policy in Fleet. It could be convenient to be able to copy and paste the same shell script (even if you're moving to osquery SQL eventually, you wouldn't have to bother translating right away)
    • @mikermcneil: In the interim before you can conveniently copy and paste, we could add help text in the "Add software" modal and on the software title detail page (in the versions table probably), to let you know to send a message in Slack to ask how the write the policy.

User stories

Users will expect a way to install one of their managed apps across an entire swath of hosts all at once.

Users will expect the place you set up managed apps to be the same place you set the patching policy (either "Latest, 1 week after release", "Latest, immediately, as soon as released", or a particular version) for those apps. eg. if Zoom releases version 3, and my patching policy says "Latest", I get version 3 installed across wherever that patching policy.

Users who manage Windows will expect to be able to see the software installed, and to be able to set the version of applications and packages like python and patch them, just like an Apple admin. But one particular important wrinkle is Microsoft Office.

User will expect that when their patching policies are applied, it won't randomly kick users out of their apps without warning.

  • Trigger app patching and warn end users during maintenance window (user story TODO)
  • Microsoft Outlook for maintenance windows (user story TODO)
@noahtalerman noahtalerman added :product Product Design department (shows up on 🦢 Drafting board) ~feature fest Will be reviewed at next Feature Fest and removed ~feature fest Will be reviewed at next Feature Fest labels Oct 3, 2024
@noahtalerman noahtalerman mentioned this issue Oct 4, 2024
Open
14 tasks
@noahtalerman noahtalerman added Epic DO NOT USE. Auto-created by ZenHub, cannot be disabled. and removed Epic DO NOT USE. Auto-created by ZenHub, cannot be disabled. labels Oct 4, 2024
@noahtalerman noahtalerman removed the :product Product Design department (shows up on 🦢 Drafting board) label Oct 10, 2024
@noahtalerman
Copy link
Member Author

Hey @marko-lisica I added the current Q4 roadmap for the "Mission critical app management" objective under the "User stories" section (see main issue description).

The "users will expect" blurbs come from the new "Understanding the how" product design responsibility: #23019

cc @lukeheath

This was referenced Oct 23, 2024
Open
Open
Open
Open
@noahtalerman noahtalerman added ~feature fest Will be reviewed at next Feature Fest and removed ~feature fest Will be reviewed at next Feature Fest labels Oct 24, 2024
@marko-lisica marko-lisica mentioned this issue Oct 29, 2024
Open
15 tasks
@lukeheath lukeheath added the objective A quarterly company objective label Nov 7, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
objective A quarterly company objective
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lukeheath @noahtalerman