Is it safe to automate CouchDB upgrades?

["R.J. Steinert" <rj...@rjsteinert.com>]

Hi there,
There have been a lot of CouchDB upgrades lately which has been great! I'm
wondering if it's safe to automate the upgrade process on my installs. I'm
worried that any new default settings may open up security holes. Should I
be worried?

- R.J.

Re: Is it safe to automate CouchDB upgrades?

[Cluxter <co...@cluxter.email>]

Hi

If you're looking for some automation, I would use the Docker image in the
first place. But I would also make reliable backups. With this you shoud be
able to automate your upgrades without too many worries.

However, you should - theorically - never upgrade anything (not just
CouchDB) before at least reading the changelog. Once you have read it, then
you can pull the trigger and ask your system to upgrade your software, and
the upgrade process could be automated. But I would definitely recommend to
pull the trigger manually, not automatically as soon as it detects a new
update. It's not just about security, but also about breaking compatibility
with your existing infrastructure.

All this lead to what we call "devops" today (
https://en.wikipedia.org/wiki/DevOps).

Regards,

Baptiste Rebillard