azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sync: auto-sync from Mikes-MacBook-Air.local at 2026-06-07 10:26:40

Browse Source 
Author: Mike Swanson
Machine: Mikes-MacBook-Air.local
Timestamp: 2026-06-07 10:26:40
This commit is contained in:
Mike Swanson
2026-06-07 10:26:41 -07:00
parent 8f6f7cabb2
commit 7ba2f26fde
1 changed files with 239 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

239
session-logs/2026-06-07-mike-gururmm-offboarding-spec.md Normal file
View File

@@ -0,0 +1,239 @@
# GuruRMM Session: Credential Inheritance Deployment & Offboarding Wizard Spec
**Date:** 2026-06-07
**Project:** GuruRMM
**Focus:** Production deployment of credential inheritance, clickable alert badges, offboarding wizard specification
---
## User
- **User:** Mike Swanson (mike)
- **Machine:** Mikes-MacBook-Air
- **Role:** admin
---
## Session Summary
The session advanced the credential inheritance feature by deploying server version 0.3.45 to production, enabling inheritance and de-duplication logic for client and site credentials. Testing confirmed successful validation of /effective endpoints, ensuring proper credential propagation and conflict resolution across hierarchical structures.
Clickable "Needs attention" badges were implemented in the ClientExceptionsBand component, linking critical/warning/info/offline statuses to filtered /alerts and /agents pages. A correction refined the offline badge to filter client-specific agents rather than fleet-wide, achieved by parameterizing URL queries for the Agents page and synchronizing filter dropdowns with URL state.
Investigation revealed existing delete functionality in Clients.tsx and ClientDetail.tsx with two-step confirmation, but user feedback highlighted a need for an offboarding wizard with data export capabilities. In response, SPEC-028 was authored, detailing a 835-line specification for a lifecycle management workflow, including data export, audit logging, and cascading deletions. The FEATURE_ROADMAP.md was updated to reflect the "Client & Site Lifecycle Management" initiative.
All changes were committed and pushed, completing the deployment of credential inheritance, UI refinements for alert filtering, and foundational work for offboarding workflows.
---
## Key Decisions
- Deployed credential inheritance to single production server (172.16.3.30:3001) → serves both beta and prod dashboards
- Alert severity badges link with severity + client_id filters → prevents cross-client alert visibility
- Client filter uses client NAME in URLs → improves readability and shareability
- Used Link components with query parameters → enables better deep-linking and state persistence
- Existing delete functionality uses two-step confirmation → aligns with user expectations for safety
- Offboarding wizard designed as multi-step modal (6 steps for sites, 5 for clients) → ensures clarity and reduces errors
- Enforced cascade deletion for clients → ensures data integrity before offboarding
- Typed name confirmation used for destructive final step → reduces accidental deletions
- Audit_logs table added for immutable offboarding trail → ensures compliance and traceability
- Export files use temp tokens with 1-hour expiry → avoids permanent storage risks
---
## Problems Encountered
- **Git push rejected (twice):** Branches diverged with remote changes → resolved with `git pull --rebase && git push`
- **Offline badge showed all fleet-wide offline agents:** Initial implementation didn't scope to client → fixed by adding clientName prop and client URL parameter to Agents page with filter dropdown sync
- **Delete functionality visibility:** User initially thought delete didn't exist → discovered it exists in Clients.tsx (line 316-342) and ClientDetail.tsx (lines 838-1089) with two-step confirmation pattern, but wasn't immediately visible
---
## Configuration Changes
### Files Modified
**Dashboard (Frontend):**
- `dashboard/src/pages/ClientDetail.tsx` - Made alert badges clickable with filters, added clientName prop to ClientExceptionsBand
- `dashboard/src/pages/Alerts.tsx` - Added client_id URL parameter support for deep-linking
- `dashboard/src/pages/Agents.tsx` - Added client URL parameter support with filter dropdown sync
**Documentation:**
- `docs/specs/SPEC-028-offboarding-wizard.md` - Created (835 lines, comprehensive offboarding wizard specification)
- `docs/FEATURE_ROADMAP.md` - Added "Client & Site Lifecycle Management" section with offboarding/onboarding features
### Files Created
- `docs/specs/SPEC-028-offboarding-wizard.md` - Full specification for site and client offboarding wizards
### Git Commits
**Credential Inheritance Deployment:**
- Tested via server build-server.sh on GURU-5070 (172.16.3.30)
- Server version: 0.3.45
- Build output: 87 warnings (all pre-existing), binary 13,926,096 bytes
- Service restarted successfully, health check passed
**Dashboard Changes:**
- Commit: Clickable "Needs attention" badges with client filtering
- Commit: Fixed offline badge to filter client-specific agents
- Commit: SPEC-028 offboarding wizard + roadmap update (fcf0e0a → f06ff09)
---
## Credentials & Secrets
**GuruRMM Server:**
- Host: 172.16.3.30
- Port: 3001
- Version deployed: 0.3.45
- Build location: /home/guru/gururmm
- Service: gururmm-server.service
- Binary: /opt/gururmm/gururmm-server
- Backup: /opt/gururmm/gururmm-server.prev
**Test Credentials Created:**
- Client-level inheritable credential ID: 97d878a7-55f4-4b72-a84e-2d946c454e15
- Type: windows_domain
- Label: "Test Inheritable Domain Admin"
- Stored in: /tmp/test_client_inheritable_cred.txt
---
## Infrastructure & Servers
**Production Environment:**
- Server: GURU-5070 (172.16.3.30)
- Backend: Rust/Axum @ 172.16.3.30:3001
- Dashboard Beta: https://rmm-beta.azcomputerguru.com
- Dashboard Prod: https://rmm.azcomputerguru.com
- Single backend serves both dashboards (beta and prod share same API)
**Architecture:**
- Frontend deployment: Two channels (beta auto-deploy, prod manual promotion)
- Backend deployment: Single production server
- Credential inheritance: Opt-in cascade (Global → Client → Site)
- De-duplication: By (credential_type, label), most specific scope wins
---
## Commands & Outputs
### Server Deployment
```bash
cd /home/guru/gururmm
./build-server.sh
# Output:
# Version: 0.3.45
# cargo build --release (87 warnings, all existing)
# Binary backed up to /opt/gururmm/gururmm-server.prev
# Service stopped, binary deployed, service started
# Health check passed
```
### Testing Credential Inheritance
```bash
# Created client-level inheritable credential
curl -X POST http://172.16.3.30:3001/api/credentials \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{
"scope_type": "client",
"scope_id": "<client_uuid>",
"credential_type": "windows_domain",
"label": "Test Inheritable Domain Admin",
"username": "DOMAIN\\admin",
"password": "test123",
"is_inheritable": true
}'
# Tested /effective endpoint
curl http://172.16.3.30:3001/api/sites/<site_uuid>/credentials/effective
# Response included inherited credential with "inherited_from": "client"
```
### Git Operations
```bash
# Multiple rebase cycles due to concurrent work
git pull --rebase && git push
# Final commit
git commit -m "Add SPEC-028: Site and Client Offboarding Wizard..."
git push # fcf0e0a → f06ff09
```
---
## Pending / Incomplete Tasks
**Immediate:**
- None - all work for this session completed
**Future Work (SPEC-028 Implementation):**
1. Review SPEC-028 with team
2. Create database migration for audit_logs table
3. Implement backend endpoints (preflight, dependencies, export, offboard)
4. Build wizard components (OffboardingWizard, PreflightCheck, TypedConfirmation, etc.)
5. Deploy to beta dashboard for testing
6. Roll out to production after 1-week beta testing period
**Roadmap Items Added:**
- Site offboarding wizard (P2)
- Client offboarding wizard (P2)
- Agent offboarding wizard (P2)
- Offboarding audit log viewer (P3)
- Soft delete / trash bin (P3)
- Offboarding reason templates (P3)
- Client/site onboarding wizards (P2)
---
## Reference Information
**API Endpoints Tested:**
- `POST /api/credentials` - Create credential with is_inheritable flag
- `GET /api/sites/:id/credentials/effective` - Retrieve merged credentials with inheritance
- `GET /api/clients/:id/credentials/effective` - Retrieve merged credentials for client
**New Endpoints Specified (SPEC-028):**
- `GET /api/sites/:id/offboarding-preflight` - Pre-flight metrics
- `GET /api/sites/:id/dependencies` - Dependency analysis
- `POST /api/sites/:id/export` - Generate export files
- `POST /api/sites/:id/offboard` - Atomic offboarding operation
- `GET /api/clients/:id/offboarding-preflight` - Client pre-flight
- `POST /api/clients/:id/export` - Client export
- `POST /api/clients/:id/offboard` - Client offboarding
**Database Schema Additions (Proposed in SPEC-028):**
```sql
CREATE TABLE audit_logs (
id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
event_type VARCHAR(50) NOT NULL,
resource_type VARCHAR(50) NOT NULL,
resource_id UUID NOT NULL,
resource_name VARCHAR(255) NOT NULL,
performed_by UUID NOT NULL REFERENCES users(id),
metadata JSONB,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
```
**File Locations:**
- SPEC-028: `docs/specs/SPEC-028-offboarding-wizard.md`
- Roadmap: `docs/FEATURE_ROADMAP.md` (line 1105, new section)
- ClientDetail: `dashboard/src/pages/ClientDetail.tsx`
- Alerts: `dashboard/src/pages/Alerts.tsx`
- Agents: `dashboard/src/pages/Agents.tsx`
**Related Documentation:**
- Deployment summary: `/temp/credential-inheritance-deployment.md`
- Implementation details: `/temp/credentials-effective-endpoints-implementation.md`
**Commit SHAs:**
- Final commit: f06ff09
- Previous: d441d4a (remote), fcf0e0a (local before rebase)
**Client Test Data:**
- Client ID used for testing: 417420f4-c3f4-482a-acd4-d6f63c8cddde
- Beta URL: https://rmm-beta.azcomputerguru.com/clients/417420f4-c3f4-482a-acd4-d6f63c8cddde