Posts

Figaf IRT 2.12 release, Secure SAP PI Testing, Dual stack and more

In this release, we have added two quite interesting approaches for testing SAP PI/PO. 

Dual stack

If you have SAP PI dual-stack with Classical Scearnios and want to test your migration. Now we can fetch messages from the dual-stack, and want to create test cases. This is perfect for migration projects, where you want to test if everything works as expected. We have developed on our 7.4 dual-stack system, and successfully fetched data from clients 7.1 system. There will be some issues with older systems, but you can create test cases.  You can read more about the dual stack option here.

Secure messages

This is the big challenge with Record Replay scenarios. Where you take production data and rerun it on your development system. 

We created Figaf based on the assumption that real production data is what needs to be used for testing because it contains the difference in the data. Unforntaly most of it is sensitive and it could have implications of SOX and GDPR. 

That means everybody with access to Figaf can get access to the messages, so it creates a loophole in the SAP security. This means that ie externals may be able to get access to sensitive data. 

We already have an approach for handling the anonymization of data. It does require the developer to understand what is sensitive and it can be multiple values, and it will not work to test migration.
For potential clients with many confidential data that wanted to perform a migration, but it would be difficult to anonymize all interfaces. They wanted a solution to ensure end to end anonymization without external developers would have access to the payload. 

If you create test data on your productive system, Figaf IRT will ensure that all developers will only see the data scrambled data. This way they are able to see if there is something wrong with a specific field. They can see what field is affected and may be able to drive some information. They will not be able to see the specific data. If there is something they don’t understand they can ask an admin to view the difference. 
We are adding some functions over the next few weeks to 

  • Handle synchronize testing so data is not sent to the real system. 
  • Enable the user to access other SAP PI message payloads in the monitor. 
  • Enable same testing option on SAP CPI

I think this security will make it a lot easier to outsource regression testing because you don’t have the challenge if they get access to some secret data.
Improved Synchronization process

For customers with a lof of SAP standard components, our synchronization did not work. The simple query API we used timed out when listing datatypes etc. We are now only syncronizing the SAP objects that are referenced from any other objects. That way you only synchronize the real used objects. 

You can read more and see the demo here.

Improved comparison of SAP CPI iflows

We have improved the algorithm to show what objects were used in an SAP CPI iflow. You can now see which artifacts have been modified between two versions. 

Java 11 /OpenJDK

If you don’t want to use the Oracle Java license, we now also support Open JDK 11. You, therefore, don’t have to use a Java License. We will support Oracle Java for some time, it is really useful for PoC to test the Figaf tool because all SAP PI developers have it. 

Try it now

You can signup to try the Figaf IRT here.


Anonymize your SAP PI Test data

With GDPR it is increasingly important to be able to mask or anonymize your test data. If I’m a customer at your company it would probably not be a good idea that you are testing with my order. But if you can anonymize it so nobody will know that I ordered it, you can do all the testing that you want. Normally it is something that takes a lot of time to do and then you don’t do it. We want to make testing easy so you will use it.

We can see at customers that it is a problem, and have now created a feature to you in 10 minutes can anonymize your data for test cases. Check the video below where I’ll create a new test data from my SAP PI system, convert it and then have my options.

After this conversion, you can run the data on all your systems when you have upgraded or someone is updating the mappings used.

We will add some more functionality to it. Like, have a names like first, lastnames, streetnames. It will be a list that you can edit and add names that makes sense in your organisation.

Also, I’m considering how to handle Service Interfaces with marked as sensitive data. I ‘m considering to set a flag that you cannot test with the data. And need to create an anonomized test case for it. And there could probably also be some user role that can view the un-anonymized data, and use the studio.

The flow of developing the test case could also be improved, but I guess we will take it with some real sceanrios.

You can start using Figaf IRT for free. There is a free package where you can get access to use it to test SAP PI/CPI test cases.