You may be able to use a dashboard to make the creation of a patching baseline just a few clicks, but to automate it completely would require the use of the API.
@TimRice You could fully automate deploying patches to a set of test machines, then automate deployment of the patches to a wider set of machines at a future date and then so on until all machines you wish to automatically patch have been patched.
I am also interested in coming up with something to automate patches like this.
Here is an example piece of relevance that is just one step on the way to fully automate patches:
http://bigfix.me/relevance/details/2999610 Fixlets to apply to computers in group “automatic updates”
This relevance will give you the names of all fixlets which contain version numbers in the “Updates for Windows Applications” site that are relevant to the group of computers named “Automatic Updates”. (this same relevance could be tweaked to include other patching sites)
My idea is this: You would have an automatic group called “Test Machines” which would get all of the fixlets deployed to them right away. You would have another automatic group called “Automatic Updates” and this group would get all relevant fixlets older than 2 weeks installed to them. Membership of these groups would be controlled by a task that would be deployed to set a client setting, which would cause the machines to join the group that they are desired to belong to. The automation would stop and restart a new baseline every 2 weeks that would contain the correct set of fixlets targeted one to each of the Automatic Groups.