You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 14 Next »

Contents:

Related pages:

 

Automated audit before Release of a Transport Order

 

A 'transport order' for a change request / task in SAP Change Transport System (CTS) could be released using transaction SE10 (among others).

SAP provides an enhancement to 'hook' the release action with custom code to check the contents of the transport order. You may register an implementation for it, and activate it.

 

The implementation may leverage Kiuwan audits for checking that the source code in the transport order to be released satisfies quality / security constraints.


The Kiuwan Local Analyzer should be deployed in the SAP system, with the ZKW_KLA_AGENT OS command registered.

See Install programs for details.


 

This uses the Classic BAdI Implementation ZKW_BADI_REQ_CHECK

Such implementation will:

  1. Extract source code for objects in the transport order. 
  2. Run analysis with Kiuwan Local Analyzer. 
  3. Check that the audit checkpoints passes. 
  4. Cancel the release when the audit does not pass.

 

 

Before use, you must activate it.

To do it, open transaction SE19, choose 'Edit Implementation' and Classic BAdI Implementation, specifying ZKW_BADI_REQ_CHECK.

 

Then, click on Change button

 

and click on Activate icon.

 

Automatic analysis before release a Change Request 

Once is activated, automatic Kiuwan analysis is triggered as soon as a CR is to be released. The process is as follows:

  1. Source code associated to CR is downloaded
    1. Download directory is <DIR_HOME>/sape4k/code/<CR_ID> (you can use AL11 transaction to inspect DIR_HOME value)
      1. in linux,typically  /usr/sap/<SAP_SID>/D<Instance_Number>/work
      2. in windows, change / by <drive>:\
    2. Under <DIR_HOME>/sape4k/code/<CR_ID>, there will be a directory for every SAP Package involved in the CR
    3. ImportantOnly  "Active" objects will be exported and analyzed
  2. For every SAP package contained into the Request/Task, a Kiuwan analysis is executed :
    1. using "SAP package name" as "Kiuwan application name" (-n <SAP_package_name>, see Kiuwan Local Analyzer CLI - Command Line Interface)
    2. using <DIR_HOME>/sape4k/code/<CR_ID>/<SAP_Package_Name> as source dir ( -s <DIR_HOME>/sape4k/code/<CR_ID>/<SAP_Package_Name>)
    3. using CR description plus SAP package as Kiuwan analysis lable (-l <CR desciption-Analysis label>)
    4. the analysis is executed as a Partial Delivery (-as partialDelivery
    5. the analysis will use Request/Task ID as Kiuwan Change Request name (-cr <CR_ID>)
    6. the delivery will be marked in Kiuwan as Resolved (-crs resolved)
    7. the analysis will wait for results (-wr) from Kiuwan cloud (i.e. it will be blocked until the cloud analysis finishes) 
  3. The process will analyze every SAP package unless a not-successful return code is received (ret code != 0) 
    1. In case of a not-successful analysis (ret code != 0), the release does not proceed and a window is displayed with the message
    2. Bear in mind that a special case is when the Audit associated to the analysis of a package fails. This condition will stop the release process.

 

 

 

  • No labels