adminmpmcz/patchcenter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity
195 Commits 1 Branch 2 Tags 7.1 MiB
41f5e07e72
Commit Graph

195 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Admin MPCZ
753d4076c9 Migre etat vers labels iTop verbatim (Production, Nouveau, etc.) 
Aligne la colonne servers.etat sur les valeurs iTop exactes au lieu
des codes lowercase internes.

Impact:
- servers.etat stocke: Production, Implémentation, Stock, Obsolète,
  EOL, prêt, tests, Nouveau, A récupérer, Cassé, Cédé, En panne,
  Perdu, Recyclé, Occasion, A détruire, Volé
- Remplace tous les 'production'/'obsolete'/'stock'/'eol'/'implementation'
  en WHERE/comparisons par les labels iTop verbatim (~10 fichiers)
- Templates badges/filtres: valeurs + labels iTop
- itop_service: maintient mapping iTop API internal code <-> DB label
- import_sanef_*: norm_etat retourne la valeur iTop verbatim ou None
  (plus de fallback silencieux sur 'production')

Ajoute:
- tools/import_etat_itop.py : migration lowercase -> iTop + re-import CSV
- tools/import_environnement.py : fix dry-run pour ADD COLUMN idempotent

Supprime:
- tools/fix_etat_extend.py (obsolete par import_etat_itop.py)
 2026-04-14 18:40:56 +02:00
Admin MPCZ
242641a085 Add import_environnement: colonne environnement + import CSV iTop verbatim 2026-04-14 18:33:40 +02:00
Admin MPCZ
0f031b2150 fix_etat_extend: ajoute pret et tests au mapping iTop 2026-04-14 18:32:00 +02:00
Admin MPCZ
fd748ce3fd Add fix_etat_extend: extend etat CHECK + remap from iTop CSV 
Ajoute les 11 etats 'condition physique' iTop (nouveau, casse, en_panne,
cede, perdu, recycle, occasion, a_recuperer, a_detruire, vole) au CHECK
constraint servers.etat. Relit les CSV pour mettre a jour uniquement
la colonne etat sans tout reimporter.

Fix bug: norm_etat() precedent defaultait tout non-reconnu sur 'production',
masquant les serveurs 'Nouveau' ou 'En panne' qui ne doivent pas etre patches.
 2026-04-14 18:15:25 +02:00
Admin MPCZ
987e21377b Add move_esxi_extras + move_chassis scripts 
move_esxi_extras: identifie ESXi par description (patch_owner_details
contient ESXi/hebergeant/hyperviseur) pour les PDP BAC_* et autres
hyperviseurs non presents dans le CSV Hyperviseur iTop. Deplace vers
hypervisors (kind=hypervisor).

move_chassis: deplace les chassis (CPEM*) vers une table chassis dediee
(non patchables, pas d'agent Qualys).
 2026-04-14 18:09:26 +02:00
Admin MPCZ
d3b7fc2e22 Add move_vcenters script + kind column on hypervisors 2026-04-14 17:48:46 +02:00
Admin MPCZ
0a00c401d7 Add hypervisors table + move script (preserves VM->hypervisor link via vcenter_vm_name) 2026-04-14 17:40:24 +02:00
Admin MPCZ
683a86346d Add SANEF physical/hypervisor import script 2026-04-14 17:34:33 +02:00
Admin MPCZ
7b87074faa Qualys page size 100 2026-04-14 16:58:03 +02:00
Admin MPCZ
d15db654d4 Qualys: activation keys lazy (no API on page load if cache empty) 2026-04-14 16:24:45 +02:00
Admin MPCZ
49b1865d13 Qualys page size 250 (lower timeout risk) 2026-04-14 16:19:29 +02:00
Admin MPCZ
67287b8256 Qualys: cancel button for ongoing refresh 2026-04-14 16:12:44 +02:00
Admin MPCZ
69aeb0e77a Qualys agents page: sync route + drop LOWER (citext is case-insensitive) 2026-04-14 16:09:56 +02:00
Admin MPCZ
1bfdb16bfb Qualys: actkeys cache 24h + refresh timeout 600s 2026-04-14 16:07:25 +02:00
Admin MPCZ
07775a385f Qualys activation keys: short timeout (5s) 2026-04-14 16:07:03 +02:00
Admin MPCZ
347ea53c27 Qualys skip threshold: 5 min -> 40 min 2026-04-14 15:56:41 +02:00
Admin MPCZ
ec90a4a9d1 Qualys: reduce refresh page size to 500 2026-04-14 15:55:35 +02:00
Admin MPCZ
6db58952ec Qualys refresh: early exit if no stale assets (< 5 min) 2026-04-14 15:48:41 +02:00
Admin MPCZ
f66d728d2d Qualys timeout 300s for bulk hostasset search 2026-04-14 15:37:50 +02:00
Admin MPCZ
d24afa37b2 Qualys refresh: skip assets updated within last 5 minutes 2026-04-14 15:32:01 +02:00
Admin MPCZ
d779426118 Bump Qualys page size back to 1000 2026-04-14 15:21:04 +02:00
Admin MPCZ
71f83d5d4f Qualys refresh: threading lock + 409 if already running 2026-04-14 15:20:17 +02:00
Admin MPCZ
e3bcf8fcc1 Qualys refresh: sync route so blocking requests run in threadpool 2026-04-14 15:18:16 +02:00
Admin MPCZ
67f123e9f5 Qualys refresh: pagination + per-row savepoint to isolate errors 2026-04-14 15:13:48 +02:00
Admin MPCZ
a422894f83 Sync Qualys FQDN to servers + use fqdn first for DNS resolution 2026-04-14 15:00:40 +02:00
Admin MPCZ
92175992f8 Qualys: tagName + CONTAINS (API field, not UI syntax) 2026-04-14 14:53:54 +02:00
Admin MPCZ
a19281a771 Qualys filter: CONTAINS instead of EQUALS for tag 2026-04-14 14:48:29 +02:00
Admin MPCZ
a331d16a12 Qualys filter: tags.name instead of tagName 2026-04-14 14:47:48 +02:00
Admin MPCZ
faa267c3ff Add SANEF contacts import script 2026-04-14 14:22:03 +02:00
Admin MPCZ
612f3c7cea Add SANEF IPs import script (from Interface réseau export) 2026-04-14 13:57:27 +02:00
Admin MPCZ
b72f1244dd Use autocommit mode to persist inserts immediately 2026-04-14 13:43:25 +02:00
Admin MPCZ
c6113bc537 Drop ON CONFLICT (no unique constraint on hostname) 2026-04-14 13:39:11 +02:00
Admin MPCZ
2215067987 Use savepoints per row to isolate failing inserts 2026-04-14 13:38:16 +02:00
Admin MPCZ
f0fe6eba81 Fix etat mapping: use only production/implementation/stock/obsolete/eol 2026-04-14 13:34:07 +02:00
Admin MPCZ
42fb16d67e Fix import script: auto-detect FK tables before truncate 2026-04-14 13:31:00 +02:00
Admin MPCZ
338c0ecc0f Add SANEF asset CSV import script 2026-04-14 13:24:42 +02:00
Admin MPCZ
053c9a3b59 Add Voir detail button and results route for realtime audit 2026-04-14 13:10:23 +02:00
Admin MPCZ
747e883d22 Smart DNS suffix order based on hostname convention (r=rec, p/i=prod) 2026-04-14 13:02:24 +02:00
Admin MPCZ
53545585f0 Configurable DNS suffixes + 2s socket timeout for faster resolve 2026-04-14 12:58:54 +02:00
Admin MPCZ
da1042fef4 Fix SSH key: read PEM content from settings + ssh_key_default_user 2026-04-14 12:56:09 +02:00
Admin MPCZ
8dba0706b0 Filter Qualys agent refresh on tag name=server 2026-04-14 12:18:43 +02:00
Admin MPCZ
3d61293172 Add demo DB dump for deployment 2026-04-14 11:43:50 +02:00
Admin MPCZ
5db5feebe1 Add requirements.txt for deployment 2026-04-14 11:38:58 +02:00
Admin MPCZ
677f621c81 Admin applications + correspondance cleanup + tools presentation DSI 
- Admin applications: CRUD module (list/add/edit/delete/assign/multi-app)
  avec push iTop bidirectionnel (applications.py + 3 templates)
- Correspondance prod<->hors-prod: migration vers server_correspondance
  globale, suppression ancien code quickwin, ajout filtre environnement
  et solution applicative, colonne environnement dans builder
- Servers page: colonne application_name + equivalent(s) via get_links_bulk,
  filtre application_id, push iTop sur changement application
- Patching: bulk_update_application, bulk_update_excludes, validations
- Fix paramiko sftp.put (remote_path -> positional arg)
- Tools: wiki_to_pdf.py (DokuWiki -> PDF) + generate_ppt.py (PPTX 19 slides
  DSI patching) + contenu source (processus_patching.txt, script_presentation.txt)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-13 21:11:58 +02:00
Admin MPCZ
caa2be71a4 Misc: servers page (application + equivalent), campagne tweaks 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-12 18:51:36 +02:00
Admin MPCZ
a706e240ca Patching: exclusions + correspondance prod<->hors-prod + validations 
- /patching/config-exclusions: exclusions iTop par serveur + bulk + push iTop
- /quickwin/config: liste globale reboot packages (au lieu de per-server)
- /patching/correspondance: builder mark PROD/NON-PROD + bulk change env/app
  + auto-detect par nomenclature + exclut stock/obsolete
- /patching/validations: workflow post-patching (en_attente/OK/KO/force)
  validator obligatoire depuis contacts iTop
- /patching/validations/history/{id}: historique par serveur
- Auto creation patch_validation apres status='patched' dans QuickWin
- check_prod_validations: banniere rouge sur quickwin detail si non-prod non valides
- Menu: Correspondance sous Serveurs, Config exclusions+Validations sous Patching
- Colonne Equivalent(s) sur /servers + section Correspondance sur detail

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-12 18:51:30 +02:00
Admin MPCZ
ba0bff0f6e Remove: safe-patching (remplace par QuickWin) + audit-full 
- Safe Patching v1 redondant avec QuickWin, supprime
- audit-full: page supprimee, tables DB preservees
- menu + main.py nettoyes

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-12 18:51:17 +02:00
Admin MPCZ
3f47fea8e6 Audit: jobs background paralleles + progression live 
- Audit global/realtime: threads paralleles, job_id retourne immediat
- /audit/realtime/progress/{job_id}: KPIs + barre progression + tableau live
- Polling AJAX toutes les 2s, etapes animees (DNS/SSH/Audit/OK)
- PRETTY_NAME correction: extraction via grep -E 'PRETTY_NAME' + cut
- OS version: normalisation lors de save_audit_to_db (Debian GNU/Linux -> Debian X (Bookworm))
- Mise a jour base: itop sync bidirectionnel avec push OS version

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-12 18:51:05 +02:00
Admin MPCZ
5ea4100f4c Qualys: deploy agent background jobs + upgrade/downgrade + AJAX overlays 
- Background job system pour deploiement (threads paralleles, progression live)
- Upgrade/downgrade: compare versions installee vs package, rpm -Uvh --oldpackage
- Checkbox "Forcer le downgrade" dans UI
- Choix auto DEB/RPM base sur os_version (centos/rhel/rocky/oracle -> RPM)
- Check agent: rpm -q / dpkg -s (evite faux positifs "agent installe mais inactif")
- Bouton "Rafraichir depuis Qualys" AJAX avec timer
- Agents page: colonne version installee + statut

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-12 18:50:56 +02:00
Admin MPCZ
8479d7280e Users/Contacts: workflow profils + LDAP + sync iTop + etat aligne 
- Users: 4 profils (admin/coordinator/operator/viewer) remplacent la matrix
- /users/add: picker contacts iTop (plus de creation libre)
- /me/change-password: flow force_password_change
- LDAP: service + section settings + option login
- Sync iTop contacts: filtre par teams (SecOps/iPOP/Externe/DSI/Admin DSI)
- Auto-desactivation users si contact inactif
- etat: alignement sur enum iTop (production/implementation/stock/obsolete)
- Menu: Contacts dans Administration, Serveurs en groupe repliable
- Audit bases: demo/prod via JWT mode

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-12 18:50:43 +02:00