• <= Back to file list
• SYNOPSIS
  • log_command_output
  • az_login
  • create_sdaf_os_var_file
  • set_os_variable
  • get_os_variable
  • set_common_sdaf_os_env
  • load_os_env_variables
  • sdaf_prepare_private_key
  • az_get_ssh_key
  • serial_console_diag_banner
  • sdaf_execute_deployment
  • get_sdaf_deployment_command
  • prepare_sdaf_project
  • resource_group_exists
  • sdaf_execute_remover
  • sdaf_cleanup
  • sdaf_execute_playbook
  • sdaf_ansible_verbosity_level
  • ansible_hanasr_show_status

lib/sles4sap/sap_deployment_automation_framework/deployment.pm

SYNOPSIS

Library with common functions for Microsoft SDAF deployment automation. Documentation can be found on the projects official website

Github repositories: Automation scripts Sample configurations

Basic terminology:

• SDAF: SAP deployment automation framework

• Control plane: Common term for Resource groups Deployer and Library. Generally it is part of a permanent infrastructure in the cloud.

• Deployer: Resource group providing services such as keyvault, Deployer VM and associated resources.

• Deployer VM: Central point that contains SDAF installation and where the deployment is executed from. Since SUT VMs have no public IPs, this is also serving as a jump-host to reach them via SSH.

• Library: Resource group providing storage for terraform state files, SAP media and private DNS zone.

• Workload zone: Resource group that provides services similar to support server.

• SAP Systems: Resource group containing SAP SUTs and related resources.

log_command_output

log_command_output(command=>$command, log_file=>$log_file);

Using 'tee' to redirect command output into log does not return code for executed command, but execution of 'tee' itself. This function transforms given command so the RC reflects exit code of the command itself instead of 'tee'. Function returns only string with transformed command, nothing is being executed.

Command structure: "(command_to_execute 2>$1 | tee /log/file.log; exit ${PIPESTATUS[0]})"

'exit ${PIPESTATUS[0]}' - returns 'command_to_execute' return code instead of one from 'tee'
(...) - puts everything into subshell to prevent 'exit' logging out of current shell
tee - writes output also into the log file

• command: Command which output should be logged into file.

• log_file: Full log file path and filename to pipe command output into.

az_login

az_login();

Logs into azure account using SPN credentials. Those are not typed directly into the command but using OS env variables. To avoid exposure of credentials in serial console, there is a special temporary file used which contains required variables.

SPN credentials are defined by secret OpenQA parameters:

• _SECRET_AZURE_SDAF_APP_ID

• _SECRET_AZURE_SDAF_APP_PASSWORD

• _SECRET_AZURE_SDAF_TENANT_ID

SDAF needs SPN credentials with special permissions. Check link below for details. https://learn.microsoft.com/en-us/azure/sap/automation/deploy-control-plane?tabs=linux#prepare-the-deployment-credentials

create_sdaf_os_var_file

create_sdaf_os_var_file($entries);

Creates a simple file with bash env variables and uploads it to the target host without revealing content in serial console. File is sourced afterwards. For detailed variable description check : https://learn.microsoft.com/en-us/azure/sap/automation/naming

• $entries: ARRAYREF of entries to be appended to variable source file

set_os_variable

set_os_variable($variable_name, $variable_value);

Adds or replaces existing OS env variable value in env variable file (see function 'set_common_sdaf_os_env()'). File is sourced afterwards to load the value. Croaks with incorrect usage.

WARNING: This is executed via 'assert_script_run' therefore output will be visible in logs

• $variable_name: Variable name

• $variable_value: Variable value. Empty value is accepted as well.

get_os_variable

get_os_variable($variable_name);

Returns value of requested OS env variable name. Variable is acquired using 'echo' command and is visible in serial terminal output. Keep in mind, this variable is only active until logout.

• $variable_name: Variable name

set_common_sdaf_os_env

set_common_sdaf_os_env(
    subscription_id=>$subscription_id
    [, env_code=>$env_code]
    [, deployer_vnet_code=>$deployer_vnet_code]
    [, sdaf_region_code=>$sdaf_region_code]
    [, sap_sid=>$sap_sid]
    [, sdaf_tfstate_storage_account=$sdaf_tfstate_storage_account]
    [, sdaf_key_vault=>$sdaf_key_vault]
);

Creates a file with common OS env variables required to run SDAF. File is sourced afterwards to make the values active. Keep in mind that values are lost after user logout (for example after disconnecting console redirection). You can load them back using load_os_env_variables() function OS env variables are core of how to execute SDAF and many are used even internally by SDAF code. For detailed variable description check : https://learn.microsoft.com/en-us/azure/sap/automation/naming

• subscription_id: Azure subscription ID

• env_code: Code for SDAF deployment env. Default: 'SDAF_ENV_CODE'

• deployer_vnet_code: Deployer virtual network code. Default: 'SDAF_DEPLOYER_VNET_CODE'

• sdaf_region_code: SDAF internal code for azure region. Default: 'PUBLIC_CLOUD_REGION' - converted to SDAF format

• sap_sid: SAP system ID. Default: 'SAP_SID'

• sdaf_tfstate_storage_account: Storage account residing in library resource group. Location for stored tfstate files. Default 'SDAF_TFSTATE_STORAGE_ACCOUNT'

• sdaf_key_vault: Key vault name inside Deployer resource group. Default 'SDAF_DEPLYOER_KEY_VAULT'

load_os_env_variables

load_os_env_variables();

Sources file containing OS env variables required for executing SDAF. Currently deployer VM is a permanent installation with all tests using it. Therefore using .bashrc file for storing variables is not an option since tests would constantly overwrite variables between each other.

sdaf_prepare_private_key

sdaf_prepare_private_key(key_vault=>$key_vault);

Retrieves public and private ssh key from specified keyvault and sets up permissions.

• key_vault: Key vault name

az_get_ssh_key

az_get_ssh_key(key_vault=$key_vault, ssh_key_name=$key_name, ssh_key_filename=$ssh_key_filename);

Retrieves SSH key from specified keyvault.

• key_vault: Key vault name

• ssh_key_name: SSH key name residing on keyvault

• ssh_key_filename: Target filename for SSH key

serial_console_diag_banner

serial_console_diag_banner($input_text);

Prints a banner in serial console that highlights a point in output to make it more readable. Can be used for example to mark start and end of a function or a point in test so it is easier to find while debugging. Below is an example of the printed banner: # # $input_text #

• input_text: string that will be printed in uppercase surrounded by '#' to make it more visible in output

sdaf_execute_deployment

sdaf_execute_deployment(deployment_type=>$deployment_type [, timeout=>$timeout]);

Executes SDAF deployment according to the type specified. Croaks with unsupported deployment type, dies upon command failure. https://learn.microsoft.com/en-us/azure/sap/automation/deploy-workload-zone?tabs=linux#deploy-the-sap-workload-zone https://learn.microsoft.com/en-us/azure/sap/automation/tutorial#deploy-the-sap-system-infrastructure

• deployment_type: Type of the deployment: workload_zone or sap_system

• timeout: Execution timeout. Default: 1800s.

• retries: Number of attempts to execute deployment in case of failure. Default: 3

get_sdaf_deployment_command

get_sdaf_deployment_command(deployment_type=>$deployment_type, tfvars_filename=>tfvars_filename);

Function composes SDAF deployment script command for sap_system or workload_zone according to official documentation. Although the documentation uses env OS variable references in the command, function replaces them with actual values. This is done for better debugging and logging transparency. Only sensitive values are hidden by using references.

• deployment_type: Type of the deployment: workload_zone or sap_system

• tfvars_filename: Filename of tfvars file

prepare_sdaf_project

prepare_sdaf_project(
     [, env_code=>$env_code]
     [, sdaf_region_code=>$sdaf_region_code]
     [, deployer_vnet_code=>$deployer_vnet_code]
     [, sap_sid=>$sap_sid]);

Prepares directory structure and Clones git repository for SDAF samples and automation code.

• env_code: Code for SDAF deployment env. Default: 'SDAF_ENV_CODE'

• deployer_vnet_code: Deployer virtual network code. Default 'SDAF_DEPLOYER_VNET_CODE'

• sdaf_region_code: SDAF internal code for azure region. Default: 'PUBLIC_CLOUD_REGION' converted to SDAF format

• sap_sid: SAP system ID. Default 'SAP_SID'

resource_group_exists

resource_group_exists($resource_group);

Checks if resource group exists. Function accepts only full resource name. Croaks if command does not return true/false value.

• $resource_group: Resource group name to check

sdaf_execute_remover

sdaf_execute_remover(deployment_type=>$deployment_type);

Uses remover.sh script which is part of the SDAF project. This script can be used only on workload zone or sap system. Control plane and library have separate removal script, but are currently part of permanent setup and should not be destroyed. Returns RC to allow additional cleanup tasks required even after script failure. https://learn.microsoft.com/en-us/azure/sap/automation/bash/remover

• $deployment_type: Type of the deployment (workload_zone, sap_system)

sdaf_cleanup

sdaf_cleanup();

Performs full cleanup routine for sap systems and workload zone by executing SDAF remover.sh file. Deletes all files related to test run on deployer VM, even in case remover script fails. Resource groups need to be deleted manually in case of failure.

sdaf_execute_playbook

sdaf_execute_playbook(
    playbook_filename=>'playbook_04_00_01_db_ha.yaml',
    sdaf_config_root_dir=>'/path/to/joy/and/happiness/'
    sap_sid=>'ABC',
    timeout=>'42',
    verbosity_level=>'3'
    );

Execute playbook specified by playbook_filename and record command output in separate log file. Verbosity level of ansible-playbook is controlled by openQA parameter SDAF_ANSIBLE_VERBOSITY_LEVEL. If undefined, it will use standard output without adding any -v flag. See function sdaf_execute_playbook for details.

• playbook_filename: Filename of the playbook to be executed.

• sdaf_config_root_dir: SDAF Config directory containing SUT ssh keys

• sap_sid: SAP system ID. Default 'SAP_SID'

• timeout: Timeout for executing playbook. Passed into asset_script_run. Default: 1800s

• $verbosity_level: Change default verbosity value by either anything equal to 'true' or int between 1-6. Default: false

sdaf_ansible_verbosity_level

sdaf_ansible_verbosity_level($verbosity_level);

Returns string that is to be used as verbosity parameter -v for 'ansible-playbook' command. This is controlled by positional argument $verbosity_level. Values can specify verbosity level using integer up to 6 (max supported by ansible) or just set to anything equal to 'true' which will default to -vvvv. Value -vvvv should be enough to debug network connection problems according to ansible documentation: https://docs.ansible.com/ansible/latest/cli/ansible-playbook.html#cmdoption-ansible-playbook-v

• $verbosity_level: Change default verbosity value by either anything equal to 'true' or int between 1-6. Default: false

ansible_hanasr_show_status

ansible_hanasr_show_status(sdaf_config_root_dir=>'/some/path' [, sap_sid=>'CAT']);

Display simple command outputs from all DB hosts using ansible command.

• sdaf_config_root_dir: SDAF Config directory containing SUT ssh keys

• sap_sid: SAP system ID. Default 'SAP_SID'