Configuring Patch Extend
Patch Extend is currently in beta and available for testing. We're actively refining the feature and building out comprehensive documentation. We recommend evaluating it in a test environment before deploying to production, and we welcome your feedback as we continue to improve!
Patch Extend can be configured via a configuration profile that defines one or more Patch Extend feeds. These feeds can be hosted on web servers (with optional authentication and signature verification) or stored as local files on the Mac.
Below are example configuration profiles payloads for different Patch Extend feed setups.
- Web Feed Example with Bearer Auth
- Web Feed Example with Header Auth
- File Feed Example
A Patch Extend feed hosted on a web server that requires bearer token authentication.
<!-- Domain: com.alectrona.patch -->
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PatchExtendFeeds</key>
<array>
<dict>
<!-- The web type of Patch Extend feed -->
<key>Type</key>
<string>web</string>
<!-- The URI of the Patch Extend feed (the web url) -->
<key>URI</key>
<string>https://example.com/feed1.json</string>
<!-- Feed priority (if also using other Patch Extend feeds) from 1-100 (default is 100) -->
<key>Priority</key>
<integer>1</integer>
<!-- Optional bearer type authentication to the Patch Extend feed -->
<key>Authentication</key>
<dict>
<key>Type</key>
<string>bearer</string>
<key>Token</key>
<string>R9w5p1gqXUeYx2YxW9r7V7E3Gr7X8q2L0dD9mV0m1zA</string>
</dict>
<!-- Optionally require the feed to be signed for verification by Patch -->
<key>RequireSignature</key>
<true/>
<!-- Optional signature information Patch will use to verify the feed's integrity -->
<key>SignaturePublicKeyPEM</key>
<string>-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEA07ezNQWAYMy1/rt+5S0LO8W3Wi438+PQIKCdIBpIE5k=\n-----END PUBLIC KEY-----</string>
</dict>
</array>
</dict>
</plist>
A Patch Extend feed hosted on a web server that requires custom header-based authentication.
<!-- Domain: com.alectrona.patch -->
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PatchExtendFeeds</key>
<array>
<dict>
<key>Type</key>
<string>web</string>
<key>URI</key>
<string>https://example.com/feed2.json</string>
<key>Priority</key>
<integer>2</integer>
<!-- Optional header-based authentication to the Patch Extend feed -->
<key>Authentication</key>
<dict>
<key>Type</key>
<string>header</string>
<key>Token</key>
<string>R9w5p1gqXUeYx2YxW9r7V7E3Gr7X8q2L0dD9mV0m1zA</string>
<key>HeaderName</key>
<string>X-API-Key</string>
</dict>
<key>RequireSignature</key>
<true/>
<key>SignaturePublicKeyPEM</key>
<string>-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEA07ezNQWAYMy1/rt+5S0LO8W3Wi438+PQIKCdIBpIE5k=\n-----END PUBLIC KEY-----</string>
</dict>
</array>
</dict>
</plist>
A Patch Extend feed intended to be stored as a local file on the Mac.
<!-- Domain: com.alectrona.patch -->
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PatchExtendFeeds</key>
<array>
<dict>
<!-- The file type of Patch Extend feed -->
<key>Type</key>
<string>file</string>
<key>URI</key>
<string>/Library/Application Support/Company/feed3.json</string>
<key>Priority</key>
<integer>3</integer>
</dict>
</array>
</dict>
</plist>