SAP is investing heavily in marketing the Fiori for iOS and the SDK. In case you are slightly interested in Fiori and UX in general in SAP, for sure you heard a lot about the SDK. 2 ½ years after the announcement the Fiori Design guidelines include an iOS section, there are SAP Developers tutorials, a special iPad app for learning its usage is available, even Apple has set up a Fiori page. Current version of the SDK is 3.0, and now there is even an Android version available (with much less marketing activities).
If you want to write an app with the SDK, make sure you have an iPad. The online SDK documentation is available too, but offers less benefit than the Fiori Mentor app. In case you are wondering why the SDK documentation is not good enough: I suggest you take a look at it. For instance, the documentation for the map component.
As you can see, you see … not much.
No images, therefore: good luck in finding out what the UI control should look like. A look at the page source code reveals that the images are only visible to SAP employees with access to SAP’s intranet.
Server github.wdf.sap.corp is not accessible from the internet. In case you are wondering how to find the SDK documentation: SAP Cloud Platform SDK for iOS Assistant contains a link in its help to the API. And of course: Google. So yes, made available to the interested developer. No S-, I- or D-User required.
In case you are one of the few that develop apps using Fiori for iOS SDK, ask your manager to get an iPad. The public available SDK documentation is already not easily consumable (use the Fiori Mentor app), does not include complete sample code and comes with missing images.
SAP is now pushing the intelligent enterprise. Let’s hope that it will be intelligent enough to test if the public available documentation is complete.
Check if clickjacking protection service is enabled or disabled. It is disabled, if no record with ENTRY_TYPE=30 is in the table, or if the table is empty.
Table name: HTTP_WHITELIST
By default, no values are in the table and the service is not enabled. For data that needs to be inserted into table HTTP_WHITELIST, see SAP Note 2142551. Creating an entry type with vale 30 activates the whitelist.
Select F5 or click on the new entry icon.
Insert data. See links below for additional information on possible values.
Click save to persist the entry in the table.
Afterwards, the table will contain one record. As the record has value 30 for column ENTRY_TYPE, the clickjacking protection service is enabled.
Activate ICF whitelist service
Adding a record activates the service, but to make apps working, additional configuration steps must be taken. For instance, accessing now a WDA app (e.g. SAML2) will resolve in a HTTP 500 internal server error. This is caused by having the clickjacking protection activated, but not the whitelist service.
To solve the HTTP 500 error, you need to activate the ICF whitelist service.
Technical name: UICS_BASIC
Execute. This will activate the ICF node
After enabling the service and the ICF node, the above WDA app will open in the browser.
Old habits are not easily dying and replaced by best practices and general recommendations. In the early days, when UI5 started to gain traction, people discovered it, tried it out, wrote apps, made them somehow work. Everybody was learning, and things we can do today were not possible or known then. Changes to the documentation, API and recommendations are simply the result of lessons learned.
As UI5 apps are based around a model, its data, representation and manipulation, a lot of questions around UI5 development are about the model: how to access data, change, update or delete it. A good thing of UI5 is that it is following semantic versioning, and code written for UI5 1.1x or 1.2x will still work with latest versions like 1.5x. It doesn’t mean that you, as a developer, should simply copy & paste example code found somewhere.
After loading the model, be it JSON or OData, you may have to access a specific property in you code. What you can find in the Internet is code like:
var oData = this.getView().getModel().oData;
var firstname oModel.getModel().oData[entity].firstname;
var name = oData[entity].name;
var oData = this.getView().getModel(“device”).oData;
var osname = oModel.oData.os.name;
var osname = this.getView().getModel().getData().os.name;
First line will give you the model data object, 2nd and 3rd line the property osname of the model. The 3rd line is partly correct, as the access to the data is done through a method, but access to property name is done directly. You can work with the data object now directly, but you shouldn’t. What you want is not to work with the raw data that defines your model, but with properties.
Use access methods
Data binding is important when developing an UI5 app. You update properties, and you want to have the UI elements automatically be updated too. When accessing the properties directly, you have to check if the change is correctly propagated. Using access methods, UI5 will for sure take care of this. The method to access properties of your data model are getData, getProperty or getObject. Applying this to above code:
var oData = this.getView().getModel().getData();
var osname = this.getView().getModel(“device”).getProperty(“/os/name”);
var entity = this.getView().getModel().getObject("/"+key);
var property = this.getView().getModel().getProperty("/"+key+"/Depth");
This is now only using the methods to access data. To alter the property, use the setProperty method.
The above examples may not be perfect. They show that UI5 offers methods to access model data. Using these methods your code will continue to work in the future and is guaranteed to work in future releases of UI5. Direct access to the model data is done at your own risk. In case you work on a UI5 app, use the access methods. If you work on an older app that uses direct access to the model, try to refactor the app. The change from oModel.oData to oModel.getData() is as simple as executing a find and replace.
Connectivity between SAP Cloud Platform and an on premise SAP NetWeaver system is normally achieved via SAP Cloud Connector. A nice feature depending on this is the remote connection of SAP Web IDE to an on premise ABAP system. The feature allows to easily load apps from the ABAP system and change or extend them from everywhere.
For this feature to work, some ICF services must be active on the ABAP system and remote access enabled on SCC. If not, Web IDE cannot “talk” to NW ABAP. Some possible errors and solutions regarding the setup are shown in this blog.
A NetWeaver ABAP system with Fiori apps is available and the SAP Cloud Connector is configured to expose the system to SAP Cloud. I am using the SAP NetWeaver ABAP 7.51 Developer Edition for the scenario.
In the destination section of SCP, the SCC is shown as connected and the destination NPL is configured and working. A connection tests gives back a successful message: SCP <–> SCC <–> NW works.
A developer tries to extend a Fiori app. In Web IDE, the project wizard for an extension project is used.
After selecting the on premise system destination, an error message is displayed. The actual error message can differ. Sometimes you see an informative error message or just some red text or maybe nothing.
In all cases, you can check the log of SCC and see a detailed information on the error.
The error message is:
Access denied to /sap/bc/adt/discovery for virtual host npl:443
The ICF service /sap/bc/adt/discovery is not accessible. This can be because the user does not have the right permissions, or the service is not active in the NW system, or SCC is not exposing the service.
Alternative A: SCC not exposing service
Adding a service in SCC will only expose the exact path, not the sub path. Either you add all paths exactly in the resource list, or change the access policy to accept sub-paths too.
Root cause: Path only, excluding sub-paths.
Solution: Change this to will allow Web IDE to access the resource.
Alternative B: ICF service not active
In the NW ABAP system, got to transaction SICF and check node /sap/bc/adt. This node must be activated. By default, this node is deactivated and must be activated by Basis.
Root cause: Service deactivated
Solution: Activate node adt. Right click and select Activate Service.
Alternative C: Missing authorization
Check with SU53 and SAP Help what is missing and assign the right permissions to your user.
After applying the correct solution, the developer can use the extension project wizard in SAP Web IDE to load available applications.
When running a CI job you may need to use some SAP tools. For instance, the MTA builder or Neo tools. Many CI servers include integration to build tools or plugins are provided by the community or vender. Jenkins offers plugins for Maven, Ant or Node that let you easily integrate these into a CI jobs. If you have a CI job for SAP, it is your task to make the necessary tools available. There are not many plugins for SAP available for Jenkins.
Some tools you may need can be found on SAP’s tool site. For instance, the MTA builder. A simple JAR file that is available for download and needed in case you are working with MTA apps.
Before you can download the JAR file, you need to agree to the EUL.
This means that you cannot download the JAR using cli:
Running the above wget command will not download the tool, but a web site. Some may know that this is very close to how Oracle protected it’s Java download. And the “solution” here is the same: send the right cookie via wget.
I have a git repository on SCP that I want to clone using git on my laptop. I thought this should be easy to do. The source code of my project is available in the git repo at SCP. Cloning the repo using git clone from this URL should work.
I did a), and b) did not apply, as I wasn’t asked for my SCN user ID nor password. SAP’s git troubleshooting guide contains a section about the error message. Good to know that there is a possible solution, but I already did already what the proposed solution to the error is:
„Ensure that you have the correct repository URL. Copy it from the Source Location section of the repository’s details page in the SAP Cloud Platform cockpit.“
As it is possible to access the repository in SAP Web IDE, it should also be possible to access it from outside SCP. I know that the git repository is protected. Maybe the requests from git cli is blocked by SCP? After all, I was not asked to authenticate. Maybe I can force SCP to ask me for my password? Changing the URL to include my SCN user ID did just that: I was asked to provide my password.
SCP is now asking for my password and – magic happening – the git service is now accessible and the repo can be cloned. Would be nice if the git service would ask me to authenticate instead of failing directly.
When you first start Docker, the size of this image is around 1.4GB. Adding containers, image, etc and it will grow to 64GB.
The 64GB default size can be seen when using qemu-img info:
qemu-img info ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/Docker.qcow2
When this limit is reached, Docker should automatically increase the size of the image, but this isn’t working always. As a result, when the image is at 64 GB, you can get an error message stating that the device is full:
no space left on device
At least with my Dockerfile for SAP NetWeaver ABAP Developer Edition Docker is not increasing the image file dynamically. Because of this I had to split the automatic installation process in two parts: base image setup and installation. I guess that right now the SAP Installation is filling up space faster than Docker can react.
The Docker.qcow2 file is a VM disk. Therefore, it is possible to manipulate it like any other virtual disk: you can increase the disk size and access files within the VM disk when you mount the image in a VM. An easy solution to change the disk size Docker has available to store images and containers is to increase the disk size. This can be done by using Qemu and GParted.
Locate qcow2 on your Computer
Click on open in finder. Finder opens at the specified location.
Starting the virtual machine will take some time. Be patient. Next you’ll have to configure the GParted ISO image.
The default values should be enough. This gives you a keyboard, mouse, English and X. After that, Gparted is started and you should see the Docker.qcow2 disk in the Gparted app.
Select the disk and click on Resize / Move. In the new size (MiB) field, enter the new size of the disk you need. The disk size is allocated dynamically and won’t occupy immediately space on your physical disk. So don’t be shy. Assign all free space to the partition.
Click on Resize/Move and on the Apply button
Last chance to stop. But as you need the new free space for Docker, click again on Apply.
The partition will be resized. In case something goes wrong, please restore the backup of the Docker.qcow2 file you made previously.
After the operation finishes, you can see that the partition is now offering 164GB.
Shutdown the VM. As the Docker.cqow2 file changed was the original one used by Docker, you have only to restart Docker to benefit from the new image size. Now you can use Docker to run SAP NetWeaver ABAP with just one command. As the Docker.qcow2 file is empty, even when the image size is reported as 4 GB, compressed (zipped) it’s just a few MB.
With the new Docker disk file you can even start SAP NetWeaver ABAP without getting the “no space left on device” message.
Image creation works. The space occupied by just the SAP NetWeaver ABAP image is already at 65 GB.
Start a container
docker run -P -h vhcalnplci --name nwabap751 -it nwabap:latest /bin/bash
Change to user npladm
su - npladm
Problem with starting SAP
When you log in to your container and run startsap, the program will fail. It will report that no instance profiles were found.
Take a look at the available profiles.
ls -1 /sapmnt/NPL/profile/
During the installation, the installation script installed the profile files for the container with the dummy name 4f65[…], after starting the container, we specified a specific host name: vhcalnplci. Of course, these do not match and make sapstart fail.
Let’s adjust the instance profile configuration.
Substitute references to old hostname to correct one vhcalnplci
UUID is a good old problem when it comes to running SAP NetWeaver on Linux / SuSE. You have a problem when you log in to your SAP system and get an error message. The error message shows the root cause and solution: “The UUID daemon (uuidd) is not active (code 59999). Check SAP note 1391070.”
SAP NetWeaver isn’t meant to run in Docker. When the software was designed, Docker or event containerization wasn’t around (maybe SUN). NetWeaver assumes that it is executed inside a real Linux. And the Docker version of OpenSuSE isn’t 100% a real Linux. A lot of services you get “automatically” when installing OpenSuSE are not available. One of those is that the init.d system is not starting services. Because of this, there is no UUID daemon running.
Make sure that the UUIDD service is running. For a normal Linux distribution, I blogged about this at a previous blog of mine. In case you are using Docker with OpenSuSE, make sure that uuidd is installed and executed during the image creation:
RUN zypper --non-interactive install --replacefiles uuidd
RUN mkdir /run/uuidd && chown uuidd /var/run/uuidd && /usr/sbin/uuidd
With the UUIDD running, the logon to SAP NetWEeaver ABAP is working. No restart of NetWeaver is needed.
Give a name for the connection and click on tab Advanced. I use NPL Docker. Activate expert mode and give the correct connection String. Check to which port the message server port is mapped to by Docker. Inside the container, the port is 3200, and in my case, the external port is 32771. Therefore, the connection String is:
Connection String: conn=/H/localhost/S/32771
Note: the port information is specified when you start the container. As an alternative, you can use Kitematic to see the port mapping.
Save and connect to NetWeaver.
The users and passwords can be found in the readme.html of the extracted SAP NW ABAP 751 download. Standard users are SAP* and Developer.
For this to work, first activate the ping service in SICF.
When you get the response “Server reached.” you can start using the HTTP access.
For general WebGui activation, you can see my previous blog “Activation of SAP WebGui”. Here is a short version of this guide. As in the previous HTTP service access, the same procedure must be followed to have access to NPL via WebGui.
Activate the service webgui
To activate the SAP WebGui service, activate the node:
Activation of public resources
You also need to activate the public service that contains the HTML files (JS, etc):
It is not sufficient to only activate the webgui node. The app is using additional resources that are available under /sap/public/bc/its. If this node is not activated, you’ll get an error message when logging in to webgui.
Therefore, for SAP WebGui to load the node /sap/public/bc/its must be activated too.
Activate the node its and its subnodes. Select Activate Service.
The difference is that in Gregor’s version you download the NW ABAP installation files and when the container is build, you go manually through the installation. My Dockerfile assumes that you have downloaded the NW 7.51 ABAP installation files already and will automate the installation. Once you have downloaded the installation files from SAP you can make them locally available and create new Docker images / containers based on these, without having to download almost 16 GB again. And the installation script will run without prompting for user input.
Another differentiation is that you can “easily” change the Dockerfile to install NetWeaver 7.50 of the developer edition.
To be able to run the Dockerfile, you need
Downloaded and extracted installation files of SAP NW ABAP Developer Edition
1 Get the Dockerfile
From my GitHub repository, you can find a Dockerfile that helps you to create a Docker image and container that will install your downloaded NetWeaver version. All you need is the Dockerfile, so a simple download is sufficient. You can also download the file by cloning the GitHub repository: https://github.com/tobiashofmann/sap-nw-abap-docker
Un-compress them into a folder named NW751. The folder must be at the same location where your Dockerfile is.
Build the Docker image
Build the Docker image
docker build -t nwabap .
After the build is finished, the last line you should see is
Successfully tagged nwabap:latest
To see the ID and name of the newly created image, run the following command:
The command lists the ID, tag and size of the image. As you can see, it’s a 15 GB Docker image. Using this image, you can start a container and install NW ABAP 7.51 DE inside the container.
Create container from image
You can now create a container from the image. You’ll have to connect to the container and run the installation script run.sh. The file was created during docker build. It will run SAP’s install.sh and fill in the input automatically.
docker run -P -h vhcalnplci --name nwabap751 -it nwabap:latest /bin/bash
This will start the container and log you in. What you’ll get is the bash shell.
In case you have Kitematic installed, you can see the running container listed.
The container configuration for the ports is also visible there. The ports are automatically mapped by Docker. The message server port 3200 is accessible through localhost:32771, and the HTTP port 8000 through localhost:32769. This mapping can be changed either inside Kitematic or when the container is started on the command shell.
Run ls to see the content of the current directory. You can see the install.sh file from SAP (feel free to start the installation manually) and the run.sh script that will automate the installation.
Run the script run.sh to install SAP NetWeaver ABAP 7.51. The script will enter all information requested by install.sh automatically. The installation will take some time, +/- 20 minutes.
The installation worked when the script ends and you can see the output: