Qualys deploy: persiste activation_ids/customer/uri en secrets + selection auto Linux/Windows

app/routers/qualys.py

@@ -986,17 +986,33 @@ async def qualys_deploy_run(request: Request, db=Depends(get_db)):
         return JSONResponse({"ok": False, "msg": "Permission refusée"}, status_code=403)
 
     from ..services.agent_deploy_service import start_deploy_job
-    from ..services.secrets_service import get_secret
+    from ..services.secrets_service import get_secret, set_secret
 
     body = await request.json()
     server_ids = body.get("server_ids", "")
-    activation_id = body.get("activation_id", "")
+    activation_id = body.get("activation_id", "")  # legacy / fallback
+    activation_id_linux = body.get("activation_id_linux", "") or activation_id
+    activation_id_windows = body.get("activation_id_windows", "") or activation_id
     customer_id = body.get("customer_id", "")
     server_uri = body.get("server_uri", "")
     package_deb = body.get("package_deb", "")
     package_rpm = body.get("package_rpm", "")
     force_downgrade = body.get("force_downgrade", False)
 
+    # Persiste les valeurs comme defaults (pour les prochaines fois)
+    try:
+        if activation_id_linux:
+            set_secret(db, "qualys_activation_id_linux", activation_id_linux, "Activation Key Qualys Linux")
+        if activation_id_windows:
+            set_secret(db, "qualys_activation_id_windows", activation_id_windows, "Activation Key Qualys Windows")
+        if customer_id:
+            set_secret(db, "qualys_customer_id", customer_id, "Customer ID Qualys")
+        if server_uri:
+            set_secret(db, "qualys_server_uri", server_uri, "Server URI Qualys")
+        db.commit()
+    except Exception:
+        pass
+
     ids = [int(x) for x in str(server_ids).split(",") if x.strip().isdigit()]
     if not ids:
         return JSONResponse({"ok": False, "msg": "Aucun serveur sélectionné"})
@@ -1010,8 +1026,17 @@ async def qualys_deploy_run(request: Request, db=Depends(get_db)):
     servers = [{"hostname": r.hostname, "os_family": r.os_family,
                 "os_version": r.os_version, "ssh_user": r.ssh_user, "ssh_port": r.ssh_port} for r in rows]
 
+    # Choisit l'activation_id selon l'OS de chaque serveur (Linux/Windows)
+    # Note: deploy_agent prend un seul activation_id, on annote chaque serveur avec le bon
+    for s in servers:
+        osf = (s.get("os_family") or "").lower()
+        s["_activation_id"] = activation_id_windows if osf == "windows" else activation_id_linux
+    # Pour le moment start_deploy_job utilise un activation_id global ; on prend celui Linux
+    # par defaut (la plupart des deploys SANEF). Si tous les serveurs sont Windows, prend Windows.
+    all_windows = all((s.get("os_family") or "").lower() == "windows" for s in servers)
+    final_activation = activation_id_windows if all_windows else activation_id_linux
     job_id = start_deploy_job(servers, ssh_key, package_deb, package_rpm,
-                              activation_id, customer_id, server_uri, force_downgrade=force_downgrade)
+                              final_activation, customer_id, server_uri, force_downgrade=force_downgrade)
 
     from ..services.audit_service import log_action
     log_action(db, request, user, "qualys_deploy",