SAP CAP - Access HDI in a different cloud foundry ...

Cristian · 3 weeks ago

Hi,

We have a CAP service which is to use a HDI container deployed in a different cloud foundry space. Whilst deploying the app we are getting error as follows:

1:58:20.198#Z#DEBUG#com.sap.cloud.lm.sl.xs2.19740f29-0ec4-11ef-92ef-eeee0a9596da.srv-services-mgmt-cap-db-deployer.executeTaskTask#
######org.cloudfoundry.multiapps.controller.persistence.services.ProcessLogger########flowable-async-job-executor-thread-32650###
[PollExecuteTaskStatusExecution] [srv-services-mgmt-cap-db-deployer] 04443579-d312-4dec-9c3e-8111568e44b6 [2024-05-10T11:58:19.599122] Error: Database error 389: invalid role name: EXTERNAL_CONSUMER_G: line 1 col 7 (at pos 6) [8201003] (STDERR, APP/TASK/deploy)#

#2.0#2024 05 10 11:58:20.198#Z#DEBUG#com.sap.cloud.lm.sl.xs2.19740f29-0ec4-11ef-92ef-eeee0a9596da.srv-services-mgmt-cap-db-deployer.executeTaskTask#
######org.cloudfoundry.multiapps.controller.persistence.services.ProcessLogger########flowable-async-job-executor-thread-32650###
[PollExecuteTaskStatusExecution] [srv-services-mgmt-cap-db-deployer] 04443579-d312-4dec-9c3e-8111568e44b6 [2024-05-10T11:58:19.599310] Error: Granting schema roles in the container "SDI_HDI_DB_2" and the parameters "[]"... failed [8214221] (STDERR, APP/TASK/deploy)#

#2.0#2024 05 10 11:58:20.198#Z#DEBUG#com.sap.cloud.lm.sl.xs2.19740f29-0ec4-11ef-92ef-eeee0a9596da.srv-services-mgmt-cap-db-deployer.executeTaskTask#
######org.cloudfoundry.multiapps.controller.persistence.services.ProcessLogger########flowable-async-job-executor-thread-32650###
[PollExecuteTaskStatusExecution] [srv-services-mgmt-cap-db-deployer] 04443579-d312-4dec-9c3e-8111568e44b6 [2024-05-10T11:58:19.600606] Deployment ended at 2024-05-10 11:58:19 (STDOUT, APP/TASK/deploy)#

#2.0#2024 05 10 11:58:20.198#Z#DEBUG#com.sap.cloud.lm.sl.xs2.19740f29-0ec4-11ef-92ef-eeee0a9596da.srv-services-mgmt-cap-db-deployer.executeTaskTask#
######org.cloudfoundry.multiapps.controller.persistence.services.ProcessLogger########flowable-async-job-executor-thread-32650###
[PollExecuteTaskStatusExecution] [srv-services-mgmt-cap-db-deployer] 04443579-d312-4dec-9c3e-8111568e44b6 [2024-05-10T11:58:19.600652] Error: Error executing: CALL "SDI_HDI_DB_2#DI".GRANT_CONTAINER_SCHEMA_ROLES(#CONTAINER_ROLES, #CONTAINER_ROLES_PARAMETERS, ?, ?, ?); (STDERR, APP/TASK/deploy)#

The MTA looks as follows:

# --------------------- SERVICE MODULE ------------------------
  - name: srv-services-mgmt-cap
# ------------------------------------------------------------
    type: nodejs
    path: gen/srv
    parameters:
      buildpack: nodejs_buildpack
      readiness-health-check-type: http
      readiness-health-check-http-endpoint: /health
    build-parameters:
      builder: npm
    provides:
      - name: srv-api # required by consumers of CAP services (e.g. approuter)
        properties:
          srv-url: ${default-url}
    requires:
      - name: srv-services-mgmt-cap-db
      - name: srv-services-mgmt-cap-destination
      - name: srv-services-mgmt-cap-auth
      - name: srv-sap-erp-destination
      - name: srv-services-mgmt-cap-connectivity
      - name: customer-sdi
        parameters:
          service-key:
            name: srv-sap-erp-destination-key

# --------------------- DATABASE DEPLOYER MODULE -------------
  - name: srv-services-mgmt-cap-db-deployer
# ------------------------------------------------------------
    type: hdb
    path: gen/db
    parameters:
      buildpack: nodejs_buildpack
    requires:
      - name: srv-services-mgmt-cap-auth
      - name: srv-services-mgmt-cap-db
        properties: 
          TARGET_CONTAINER: ~{hdi-service-name} 
      - name: customer-sdi
        group: SERVICE_REPLACEMENTS
        properties:
          key: customer-sdi
          service: ~{customer-sdi}


# --------------------- APP ROUTER MODULE --------------------
  - name: srv-services-mgmt-cap-app-router
# ------------------------------------------------------------
    type: approuter.nodejs
    path: app/router
    parameters:
      keep-existing-routes: true
      disk-quota: 256M
      memory: 256M
    requires:
      - name: srv-api
        group: destinations
        properties:
          name: srv-api # must be used in xs-app.json as well
          url: ~{srv-url}
          forwardAuthToken: true
      - name: srv-services-mgmt-cap-auth

# --------------------- DESTINATION MODULE -------------------
  - name: destination-content
# ------------------------------------------------------------
    type: com.sap.application.content
    requires:
    - name: srv-services-mgmt-cap-auth
      parameters:
        service-key:
          name: srv-services-mgmt-cap-auth-key
    - name: srv-services-mgmt-cap-destination
      parameters:
        content-target: true
    - name: srv-api
    build-parameters:
      no-source: true
    parameters:
      content:
        subaccount:
          existing_destinations_policy: update
          destinations:
          - Name: Agora-Services-CAP-HTTP
            URL: ~{srv-api/srv-url}/odata/v2
            Authentication: OAuth2UserTokenExchange
            TokenServiceInstanceName: srv-services-mgmt-cap-auth
            TokenServiceKeyName: srv-services-mgmt-cap-auth-key
            HTML5.DynamicDestination: 'true'
            TrustAll: 'true'
            WebIDEUsage: 'odata_gen,odata_xs'
            WebIDEEnabled: 'true'

# --------------------- RESOURCES ----------------------------
resources:
# ------------------------------------------------------------

# --------------------- HDI CONTAINER ------------------------
  - name: srv-services-mgmt-cap-db
# ------------------------------------------------------------
    type: com.sap.xs.hdi-container
    parameters:
      service: hana
      service-plan: hdi-shared
    properties:
      hdi-service-name: ${service-name}


# --------------------- CROSS SPACE DB UPS -------------------
  - name: customer-sdi
# ------------------------------------------------------------
    type: org.cloudfoundry.existing-service
    parameters:
      service-name: customer-sdi
    properties:
      customer-sdi: ${service-name}

# --------------------- DESTINATION SERVICE ------------------
  - name: srv-services-mgmt-cap-destination
# ------------------------------------------------------------s
    type: org.cloudfoundry.managed-service
    parameters:
      service: destination
      service-name: srv-services-mgmt-cap-destination
      service-plan: lite
    requires:
      - name: srv-services-mgmt-cap-auth
        
# --------------------- XSUAA SERVICE ------------------------
  - name: srv-services-mgmt-cap-auth
# ------------------------------------------------------------
    type: org.cloudfoundry.managed-service
    parameters:
      service: xsuaa
      service-plan: application
      path: ./xs-security.json
      config:
        xsappname: srv-services-mgmt-cap-${org}-${space}
        tenant-mode: dedicated

# ----------- EXTERNAL SERVICE DESTINATION SERVICE -----------
  - name: srv-sap-erp-destination
# ------------------------------------------------------------
    type: org.cloudfoundry.managed-service
    parameters:
      service: destination
      service-name: srv-sap-erp-destination
      service-plan: lite
    requires:
      - name: srv-services-mgmt-cap-auth

  #----------------------- CONECTIVITY ------------------------
  - name: srv-services-mgmt-cap-connectivity
  #------------------------------------------------------------
    parameters:
      service-plan: lite
      service: connectivity
    type: org.cloudfoundry.managed-service

We have two roles defined in 2 hdroles files.

{
    "role": {
        "name": "EXTERNAL_CONSUMER",
        "object_privileges": [
            {
                "name": "ZPMREQUESTSERV",
                "type": "TABLE",
                "privileges": [ "SELECT" ]
            },
            {
                "name": "ZPMSERVCHNGS",
                "type": "TABLE",
                "privileges": [ "SELECT" ]
            },
            {
                "name": "ZPMSERVLOC",
                "type": "TABLE",
                "privileges": [ "SELECT" ]
            },
            {
                "name": "ZPMSITESERV",
                "type": "TABLE",
                "privileges": [ "SELECT" ]
            }
        ]
    }
}


{
    "role": {
        "name": "EXTERNAL_CONSUMER_G",
        "object_privileges": [
            {
                "name": "PZPMREQUESTSERV",
                "type": "TABLE",
                "privileges_with_grant_option":["SELECT"]
            },
            {
                "name": "ZPMSERVCHNGS",
                "type": "TABLE",
                "privileges_with_grant_option":["SELECT"]
            },
            {
                "name": "ZPMSERVLOC",
                "type": "TABLE",
                "privileges_with_grant_option":["SELECT"]
            },
            {
                "name": "ZPMSITESERV",
                "type": "TABLE",
                "privileges_with_grant_option":["SELECT"]
            }
        ]
    }
}

And the hdgrants file looks like:

{
    "customer-sdi": {
        "object_owner": {
            "container_roles": [
                "EXTERNAL_CONSUMER_G"
            ]

        },
        "application_user": {
            "container_roles": [
                "EXTERNAL_CONSUMER"
            ]
        }
    }
}

Any idea what the issue is?

Many thanks in advance!

C.

SAP CAP - Access HDI in a different cloud foundry space: Deployment Error (Invalid Role Name)

Accepted Solutions (0)

Answers (0)

Re: how to Implement complicated logic in planning...

I HAVE ERROR "G/L account is not defined in chart...

Error "Recovery indicator missing for company PE0...

Re: Connecting Splash BI tool to S4HANA and BW4HAN...

Application type for UI5 apps in SU22