You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Contents:

Related pages:

 

Kiuwan analysis for deliveries "in progress"

When Kiuwan Local Analyzer is deployed in the SAP system, you may analyze a delivery currently in progress by specifying a change request (CR) or task id and an analysis label.

The code associated with the provided CR (or task) will be downloaded and analyzed into the SAP system.

 

 

 

 

 

 

 

 

You can select either a Request or a Task. Just simpley select the right request/task. 

Note: If you are selecting a task, be sure you select the correct task type.

 

 

 

 

 

 

Once you have selected your Request/Task, you can specify a label for your analysis (so you can easily find it further at Kiuwan website).

After clicking Execute button, provess is as follows:

  1. Source code associated to Request/Task is downloaded
    1. Download directory is <DIR_HOME>/sape4k/code/<ReqTask_ID> (you can use AL11 transaction to inspect DIR_HOME value)
      1. in linux,tipycally  /usr/sap/<SAP_SID>/D<Instance_Number>/work
      2. in windows, change / by <drive>:\
    2. Under <DIR_HOME>/sape4k/code/<ReqTask_ID>, there will be a directory for every SAP Package involved in the CR/Task 
    3. Important: Only  "Active" objects will be exported and analyzed
  2. For every SAP package contained into the Request/Task, a Kiuwan analysis is executed :
    1. using "SAP package name" as "Kiuwan application name" (-n <SAP_package_name>, see Kiuwan Local Analyzer CLI - Command Line Interface)
    2. using <DIR_HOME>/sape4k/code/<ReqTask_ID>/<SAP_Package_Name> as source dir ( -s <SAP_Package_Name>)
    3. using Analysis label as Kiuwan analysis lable (-l <Analysis label>)
    4. the analysis is executed as a Partial Delivery (-as partialDelivery) 
    5. the analysis will use Request/Task ID as Kiuwan change request name (-cr <Request/Task ID>)
    6. the delivery will be marked in Kiuwan as In Progress (-crs inprogress)
    7. the analysis will wait for results (-wr) from Kiuwan cloud (i.e. it will be blocked until the cloud analysis finishes) 
  3. The process will analyze every SAP package unless a not-successful return code is received (ret code != 0) 
    1. In case of a not-successful analysys, a window is displayed with the message
    2. Bear in mind that a special case is when the Audit associated to the analysis of a package fails. This condition will stop the whole analysis.

 

 

 

 

 

A 'transport order' for a change request / task in SAP Change Transport System (CTS) could be released using transaction SE10 (among others).

SAP provides an enhancement to 'hook' the release action with custom code to check the contents of the transport order. You may register an implementation for it, and activate it.

 

The implementation may leverage Kiuwan audits for checking that the source code in the transport order to be released satisfies quality / security constraints.

 

This uses the classic BAdI CTS_REQUEST_CHECK.

Such implementation should:

  1. Extract source code for objects in the transport order. 
  2. Run analysis with Kiuwan Local Analyzer. 
  3. Check that the audit checkpoints pass. 
  4. Cancel the release when the audit does not pass.

 

  The Kiuwan Local Analyzer should be deployed in the SAP system, with the ZKW_KLA_AGENT OS command registered.

See Install programs for details.

 

A candidate implementation for the CTS_REQUEST_CHECK is provided in the ZCL_IM_KW_BADI_REQ_CHECK.

 

For registration, open transaction SE19, choose in 'Create implementation' for classic BAdI CTS_REQUEST_CHECK:

 

Push the 'Create' button on give 'ZKW_BADI_REQ_CHECK' as implementation name (so the generated implementation class will be named 'ZCL_IM_KW_BADI_REQ_CHECK'):

 

 

Replace the source with the one in the provided ZCL_IM_KW_BADI_REQ_CHECK.abap code, and modify any private method if needed:

"-----------------------------------------------------------------------------------
" Sample BAdI implementation for checking if the code for a transport request / task
" passes audit configured in Kiuwan, during transport release.
"
" Use transaction SE19 to create BAdI implementation named ZKW_BADI_REQ_CHECK
" (for the CTS_REQUEST_CHECK classic BAdI), and replace the generated class code
" with this.
"
" You may change parts of this logic to better fit your needs.
"-----------------------------------------------------------------------------------
class ZCL_IM_KW_BADI_REQ_CHECK definition
  public
  final
  create public .

  public section.

    interfaces IF_EX_CTS_REQUEST_CHECK .

  protected section.

  private section.

    methods:
      " Implementation hooks. You may change them if needed

      check_kiuwan_local_agent
        returning value(kla_exists) type abap_bool,

      " The temporary directory where the transport order code should be exported
      get_export_dir
        importing
          value(request) type e070
        returning
          value(folder)  type ref to zkw_cl_folder_server,

      " Check if the request should be considered a partial delivery (not a complete one).
      check_partial_delivery
        importing
          value(request) type e070
        returning
          value(is_partial_delivery) type abap_bool,

      " Extracts source code for the transport
      run_code_extract
        importing
          value(request) type e070
          value(folder)  type ref to zkw_cl_folder_server
        returning
          value(exported_ok) type abap_bool,

      " Run Kiuwan Local Analyzer for the exported transport sources
      run_kiuwan_analysis
        importing
          value(request)             type e070
          value(is_partial_delivery) type abap_bool
          value(folder)              type ref to zkw_cl_folder_server
        returning
          value(exit_code)           type i,

      " Check if exit code returned by Kiuwan Local Analyzer means that the transport is in good condition for release
      " (analysis was successfull, audit checkpoints passed...)
      is_valid
        importing
          value(request)   type e070
          value(exit_code) type i
        returning
          value(ret)       type abap_bool,

      " Report a message, defaults to a MESSAGE statement with I (info) level
      report_message
        importing value(msg) type string
        .

    " We might use a message class instead of hardcoded texts, but we prefer to keep it self-contained...
    " We keep this with &n placeholders if you need to i18n this in a proper message class...
    constants:
      MSG_INVALID_TRANSPORT type string value 'Invalid transport request/task &1' ##NO_TEXT,
      MSG_INVALID_FOLDER    type string value 'Invalid folder: &1' ##NO_TEXT,
      MSG_EXTRACT_ERROR     type string value 'Error extracting transport &1, due to &2' ##NO_TEXT,
      MSG_GENERIC_ERROR     type string value 'Kiuwan analysis for transport &1 failed. Please review analysis log' ##NO_TEXT,
      MSG_TIMEOUT           type string value 'Timeout reached in Kiuwan analysis for transport &1' ##NO_TEXT,
      MSG_AUDIT_FAILED      type string value 'The Kiuwan audit has failed for transport &1' ##NO_TEXT,
      MSG_UNKNOWN_ERROR     type string value 'Kiuwan Local Agent for transport &1 has returned an unknown return code: &2' ##NO_TEXT,
      MSG_OK                type string value 'Code for transport &1 meets the SLAs established by your company' ##NO_TEXT
      .

endclass.

 

Note: the check_partial_delivery() and is_valid() methods are often customized.

 

Then, activate the BAdI (with the 'magic wand' button):

 

You may test now, trying to release a 'test' transport order.

If the results do not satisfy your expectations, deactivate the BAdI implementation (and modify + reactivate, or remove it).

 

 

  • No labels