3 weeks ago
Hi,
We have a CAP service which is to use a HDI container deployed in a different cloud foundry space. Whilst deploying the app we are getting error as follows:
1:58:20.198#Z#DEBUG#com.sap.cloud.lm.sl.xs2.19740f29-0ec4-11ef-92ef-eeee0a9596da.srv-services-mgmt-cap-db-deployer.executeTaskTask#
######org.cloudfoundry.multiapps.controller.persistence.services.ProcessLogger########flowable-async-job-executor-thread-32650###
[PollExecuteTaskStatusExecution] [srv-services-mgmt-cap-db-deployer] 04443579-d312-4dec-9c3e-8111568e44b6 [2024-05-10T11:58:19.599122] Error: Database error 389: invalid role name: EXTERNAL_CONSUMER_G: line 1 col 7 (at pos 6) [8201003] (STDERR, APP/TASK/deploy)#
#2.0#2024 05 10 11:58:20.198#Z#DEBUG#com.sap.cloud.lm.sl.xs2.19740f29-0ec4-11ef-92ef-eeee0a9596da.srv-services-mgmt-cap-db-deployer.executeTaskTask#
######org.cloudfoundry.multiapps.controller.persistence.services.ProcessLogger########flowable-async-job-executor-thread-32650###
[PollExecuteTaskStatusExecution] [srv-services-mgmt-cap-db-deployer] 04443579-d312-4dec-9c3e-8111568e44b6 [2024-05-10T11:58:19.599310] Error: Granting schema roles in the container "SDI_HDI_DB_2" and the parameters "[]"... failed [8214221] (STDERR, APP/TASK/deploy)#
#2.0#2024 05 10 11:58:20.198#Z#DEBUG#com.sap.cloud.lm.sl.xs2.19740f29-0ec4-11ef-92ef-eeee0a9596da.srv-services-mgmt-cap-db-deployer.executeTaskTask#
######org.cloudfoundry.multiapps.controller.persistence.services.ProcessLogger########flowable-async-job-executor-thread-32650###
[PollExecuteTaskStatusExecution] [srv-services-mgmt-cap-db-deployer] 04443579-d312-4dec-9c3e-8111568e44b6 [2024-05-10T11:58:19.600606] Deployment ended at 2024-05-10 11:58:19 (STDOUT, APP/TASK/deploy)#
#2.0#2024 05 10 11:58:20.198#Z#DEBUG#com.sap.cloud.lm.sl.xs2.19740f29-0ec4-11ef-92ef-eeee0a9596da.srv-services-mgmt-cap-db-deployer.executeTaskTask#
######org.cloudfoundry.multiapps.controller.persistence.services.ProcessLogger########flowable-async-job-executor-thread-32650###
[PollExecuteTaskStatusExecution] [srv-services-mgmt-cap-db-deployer] 04443579-d312-4dec-9c3e-8111568e44b6 [2024-05-10T11:58:19.600652] Error: Error executing: CALL "SDI_HDI_DB_2#DI".GRANT_CONTAINER_SCHEMA_ROLES(#CONTAINER_ROLES, #CONTAINER_ROLES_PARAMETERS, ?, ?, ?); (STDERR, APP/TASK/deploy)#
The MTA looks as follows:
# --------------------- SERVICE MODULE ------------------------
- name: srv-services-mgmt-cap
# ------------------------------------------------------------
type: nodejs
path: gen/srv
parameters:
buildpack: nodejs_buildpack
readiness-health-check-type: http
readiness-health-check-http-endpoint: /health
build-parameters:
builder: npm
provides:
- name: srv-api # required by consumers of CAP services (e.g. approuter)
properties:
srv-url: ${default-url}
requires:
- name: srv-services-mgmt-cap-db
- name: srv-services-mgmt-cap-destination
- name: srv-services-mgmt-cap-auth
- name: srv-sap-erp-destination
- name: srv-services-mgmt-cap-connectivity
- name: customer-sdi
parameters:
service-key:
name: srv-sap-erp-destination-key
# --------------------- DATABASE DEPLOYER MODULE -------------
- name: srv-services-mgmt-cap-db-deployer
# ------------------------------------------------------------
type: hdb
path: gen/db
parameters:
buildpack: nodejs_buildpack
requires:
- name: srv-services-mgmt-cap-auth
- name: srv-services-mgmt-cap-db
properties:
TARGET_CONTAINER: ~{hdi-service-name}
- name: customer-sdi
group: SERVICE_REPLACEMENTS
properties:
key: customer-sdi
service: ~{customer-sdi}
# --------------------- APP ROUTER MODULE --------------------
- name: srv-services-mgmt-cap-app-router
# ------------------------------------------------------------
type: approuter.nodejs
path: app/router
parameters:
keep-existing-routes: true
disk-quota: 256M
memory: 256M
requires:
- name: srv-api
group: destinations
properties:
name: srv-api # must be used in xs-app.json as well
url: ~{srv-url}
forwardAuthToken: true
- name: srv-services-mgmt-cap-auth
# --------------------- DESTINATION MODULE -------------------
- name: destination-content
# ------------------------------------------------------------
type: com.sap.application.content
requires:
- name: srv-services-mgmt-cap-auth
parameters:
service-key:
name: srv-services-mgmt-cap-auth-key
- name: srv-services-mgmt-cap-destination
parameters:
content-target: true
- name: srv-api
build-parameters:
no-source: true
parameters:
content:
subaccount:
existing_destinations_policy: update
destinations:
- Name: Agora-Services-CAP-HTTP
URL: ~{srv-api/srv-url}/odata/v2
Authentication: OAuth2UserTokenExchange
TokenServiceInstanceName: srv-services-mgmt-cap-auth
TokenServiceKeyName: srv-services-mgmt-cap-auth-key
HTML5.DynamicDestination: 'true'
TrustAll: 'true'
WebIDEUsage: 'odata_gen,odata_xs'
WebIDEEnabled: 'true'
# --------------------- RESOURCES ----------------------------
resources:
# ------------------------------------------------------------
# --------------------- HDI CONTAINER ------------------------
- name: srv-services-mgmt-cap-db
# ------------------------------------------------------------
type: com.sap.xs.hdi-container
parameters:
service: hana
service-plan: hdi-shared
properties:
hdi-service-name: ${service-name}
# --------------------- CROSS SPACE DB UPS -------------------
- name: customer-sdi
# ------------------------------------------------------------
type: org.cloudfoundry.existing-service
parameters:
service-name: customer-sdi
properties:
customer-sdi: ${service-name}
# --------------------- DESTINATION SERVICE ------------------
- name: srv-services-mgmt-cap-destination
# ------------------------------------------------------------s
type: org.cloudfoundry.managed-service
parameters:
service: destination
service-name: srv-services-mgmt-cap-destination
service-plan: lite
requires:
- name: srv-services-mgmt-cap-auth
# --------------------- XSUAA SERVICE ------------------------
- name: srv-services-mgmt-cap-auth
# ------------------------------------------------------------
type: org.cloudfoundry.managed-service
parameters:
service: xsuaa
service-plan: application
path: ./xs-security.json
config:
xsappname: srv-services-mgmt-cap-${org}-${space}
tenant-mode: dedicated
# ----------- EXTERNAL SERVICE DESTINATION SERVICE -----------
- name: srv-sap-erp-destination
# ------------------------------------------------------------
type: org.cloudfoundry.managed-service
parameters:
service: destination
service-name: srv-sap-erp-destination
service-plan: lite
requires:
- name: srv-services-mgmt-cap-auth
#----------------------- CONECTIVITY ------------------------
- name: srv-services-mgmt-cap-connectivity
#------------------------------------------------------------
parameters:
service-plan: lite
service: connectivity
type: org.cloudfoundry.managed-service
We have two roles defined in 2 hdroles files.
{
"role": {
"name": "EXTERNAL_CONSUMER",
"object_privileges": [
{
"name": "ZPMREQUESTSERV",
"type": "TABLE",
"privileges": [ "SELECT" ]
},
{
"name": "ZPMSERVCHNGS",
"type": "TABLE",
"privileges": [ "SELECT" ]
},
{
"name": "ZPMSERVLOC",
"type": "TABLE",
"privileges": [ "SELECT" ]
},
{
"name": "ZPMSITESERV",
"type": "TABLE",
"privileges": [ "SELECT" ]
}
]
}
}
{
"role": {
"name": "EXTERNAL_CONSUMER_G",
"object_privileges": [
{
"name": "PZPMREQUESTSERV",
"type": "TABLE",
"privileges_with_grant_option":["SELECT"]
},
{
"name": "ZPMSERVCHNGS",
"type": "TABLE",
"privileges_with_grant_option":["SELECT"]
},
{
"name": "ZPMSERVLOC",
"type": "TABLE",
"privileges_with_grant_option":["SELECT"]
},
{
"name": "ZPMSITESERV",
"type": "TABLE",
"privileges_with_grant_option":["SELECT"]
}
]
}
}
And the hdgrants file looks like:
{
"customer-sdi": {
"object_owner": {
"container_roles": [
"EXTERNAL_CONSUMER_G"
]
},
"application_user": {
"container_roles": [
"EXTERNAL_CONSUMER"
]
}
}
}
Any idea what the issue is?
Many thanks in advance!
C.
User | Count |
---|---|
65 | |
8 | |
7 | |
7 | |
6 | |
5 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.