v3.13.0.1

v3.13.0.1

New Features:

• Added prevent_deletion_if_contains_resources property to LandscapeModel and SystemModel to prevent deletion of resource groups containing resources
• Updated JSON and template files to include the new prevent_deletion_if_contains_resources property

Dependency Updates:

• Updated several package references in Webapp/SDAF/SDAFWebApp.csproj to their latest versions for improved performance and security.

Ansible Roles Modifications:

• Modified Ansible roles to adopt Oracle Linux and standardized version patterns (deploy/ansible/roles-os/1.1-swap/defaults/main.yaml).
• Adjusted ZYPP_LOCK_TIMEOUT from 20 to 60 seconds in multiple Ansible tasks to prevent timeout issues
• Added tasks to ensure the Azure scheduled events resource is started and display its status (deploy/ansible/roles-os/1.17-generic-pacemaker/tasks/1.17.2.0-cluster-Suse.yml).
• Enhanced SCS/ERS validation tasks to set Python version and move cluster groups if necessary (deploy/ansible/roles-sap/5.6-scsers-pacemaker/tasks/5.6.6-validate.yml).

v3.13.0.0

v3.13.0.0

This release includes several updates to the codebase, primarily focusing on enhancing validation logic, adding new configuration parameters, and updating dependencies. The most important changes include improvements to validation attributes, the addition of new parameters for storage account configuration, and updates to dependency versions.

New Features

Support for HANA Scale-out architectures with HANA shared on Azure NetApp files or Azure Files

• High availability of SAP HANA scale-out system on Red Hat Enterprise Linux
• High availability of SAP HANA scale-out system on SUSE Linux Enterprise Server

Support for new Mv3 SKUs for SAP HANA on Azure Virtual Machines

Features updates

• Ability to control the SMB file share creation PR 648
• Ability to configure the control plane storage accounts without SharedAccess Keys PR 639
• Add Zypper timeouts PR 647
• Mount permissions updates PR 638
• Add the ability to define Private Link DNS zones in a separate resource group PR 645

Terraform Enhancements

• Locking the azurerm and azuread provider versions to ensure that provider updates will not impact the release

  1. azurerm provider version: 4.4.0
  2. azuread provider version: 3.0.2

Validation Enhancements

• Webapp/SDAF/Models/CustomValidators.cs: Enhanced the PrivateEndpointIdValidator and StorageAccountIdValidator to handle arrays and added null checks.

New Configuration Parameters

• Webapp/SDAF/Models/LandscapeModel.cs and Webapp/SDAF/Models/SystemModel.cs: Added new boolean parameters related to shared access keys and file share creation.
• Webapp/SDAF/ParameterDetails/LandscapeDetails.json, Webapp/SDAF/ParameterDetails/SystemDetails.json, Webapp/SDAF/ParameterDetails/LandscapeTemplate.txt, and Webapp/SDAF/ParameterDetails/SystemTemplate.txt: Updated to include the new parameters for shared access keys and file shares.

Dependency Updates

• Webapp/SDAF/SDAFWebApp.csproj: Updated multiple Azure and Microsoft package versions to the latest releases.

Workflow and Configuration Updates

• .github/workflows/github-actions-ansible-lint.yml: Updated actions to specific commit SHAs for better stability.
• .github/workflows/ossf-scorecard.yml: Added a new workflow for Scorecard supply-chain security analysis.
• deploy/ansible/ansible.cfg: Changed the log path and allowed world-readable temporary files.

v3.12.0.0

What's Changed

• V3.12.0.0 by @devanshjainms in #624
• Hotfixes before release by @KimForss in #626
• Bring in the missing SAP media change by @KimForss in #627
• Hotfix2 - ACSS changes by @KimForss in #628

Full Changelog: v3.11.0.3...v3.12.0.0

v3.11.0.3

What's Changed

• Pacemaker Configuration Updates: Incorporate updates from the latest documentation, including parameters like priority_fencing_delay and pcmk_delay_max etc
• Saptune Configuration: Add new Ansible tasks to utilize saptune for configuring SUSE machines
• NAT Gateway Provisioning: Update the workload zone Terraform files to enable the provisioning of a NAT gateway
• SAP on Azure Quality Check integration with SDAF by @SteffenBoThomsen
• Improvement- Custom LVM striping support by @SteffenBoThomsen
• Bugfix - Terraform module fixes and regex fixes by @daradicscsaba
• Improvement- Set HDB schema name for ABAP and JAVA systems by @jesperseverinsen
• Fixed AMS provider creation issues
• Refactor YAML files for Az DevOps pipeline execution to improve code organization and readability
• Az DevOps project setup script fixes to support both MSI and SPN based deployments
• Fixes to handle certain scenarios where public cloud SDKs would not be installed

Full Changelog: v3.11.0.2...v3.11.0.3

v3.11.0.2

What's Changed

• Bugfix - constraint Azure scheduled events agent installation by @hjstam in #576

• Bump Azure.Identity from 1.10.4 to 1.11.0 in /Webapp/SDAF by @dependabot in #580

• 3.11.0.2 Release by @KimForss in #582

  • Improvements to HANA Scaleout with Standby on ANF
  • Passwordless deployments using Managed Identities
  • DevOps project SetUp improvements

Full Changelog: v3.11.0.1...v3.11.0.2

v3.11.0.1

This hotfix resolves the following.

Problem

Fixing an issue which occurs when checking for the SAP Library storage account in a multi subscription scenario.
Version labels update
SBD configuration update

Solution

Ensure that the check is done against the correct subscription.

What's Changed

• Hotfix for 3.11 by @KimForss in #564

Full Changelog: v3.11.0.0...v3.11.0.1

v3.11.0.0

Release Notes for SAP Deployment Automation Framework v3.11.0.0

This release adds support for:

• HANA Scale out with worker/stand by node using shared ANF
• Azure Monitor for SAP support
• Using MSI for the deployer
• Pre-validation script to validate the environment before SDAF deployment
• URL validation script for checking that the relevant URL's are opened
• Add a post deployment playbook for providing hooks for customers
• SystemD based SAP Startup framework for SLES and RHEL based deployments
• Support for encrypted DB2 databases
• Fix for BOM download when checksum is not present in the file.
• Az DevOps setup script now supports cross-tenant deployments.
• Disable basic authentication on the webapp
• More granular control of DNS registrations
• Support for kdump optional fencing device on RHEL deployments
• Configure SBD devices for SLES cluster during cluster init
• Update load balancer properties to use probe_threshold = 2
• General stability and functionality improvements for pipelines and scripts.

What's Changed

• Release 3.11 PR by @KimForss in #561
• Add AMS monitoring by @devanshjainms in #548
• HANA Scale out with worker/stand by node using shared ANF storage by @shekharsorot in #536
• Support DB2 encrypted restore and other fixes by @hjstam and @daradicscsaba in #532 and multiple PRs
• Add Post Configuration Actions step to DB and SAP installation pipeline by @SteffenBoThomsen in #545
• Add Kdump support and SBD enhancements by @hdamecharla

Testing

All solutions and improvements have been tested using the SDAF deployment pipelines and the command line to ensure they work effectively.

Feedback

We appreciate your feedback and are committed to continuously enhancing your experience with our product. Please feel free to reach out if you have any questions or require further assistance via issues or discussions.

Additional Notes

For troubleshooting issues with the framework, please refer to the troubleshooting document.

Full Changelog: v3.10.1.0...v3.11.0.0

Release v3.10.1.0

Release v3.10.1.0

Notes

Problem

The introduction of new more descriptive variables for the Ansible configuration caused a few of the pipelines to fail.

No support for a Linux utility VM in the workload zone deployment.

No support for systemd based SAP deployments which are default for the newer OS and Kernel

No support for configuring Ansible 2.15 on the deployer.

General improvements for the deployment of infrastructure wrapper scripts and pipelines

Solution

Refactor the code to add backward compatibility functionality that will allow for the successful execution of the pipelines.

Add support for Linux utility VM in the workload zone deployment.

Add support for systemd based SAP deployments which are default for the newer OS and Kernel

Add support for configuring Ansible 2.15 on the deployer.

General improvements for the deployment of infrastructure wrapper scripts and pipelines

Testing

All solutions and improvements have been tested using the SDAF deployment pipelines and the command line to ensure they work effectively.

Feedback

We appreciate your feedback and are committed to continuously enhancing your experience with our product.
Please feel free to reach out if you have any questions or require further assistance via issues or discussions.

Additional Notes

For troubleshooting issues with the framework, please refer to the troubleshooting document.

Full Changelog: v3.10.0.0...v3.10.1.0

Release 3.10.0.0

Release v3.10.0.0

Notes

• Support for SBD and ISCSI based stonith devices
• ACSS registration playbook
• Ability to provision separate PPG for Application and DB servers
• Ability to restore encrypted Db2 database restores
• Azure scheduled events support for RHEL
• General performance and readability improvements

Testing

All solutions and improvements have been tested using the SDAF deployment pipelines and the command line to ensure they work effectively.

Feedback

We appreciate your feedback and are committed to continuously enhancing your experience with our product.
Please feel free to reach out if you have any questions or require further assistance via issues or discussions.

Additional Notes

For troubleshooting issues with the framework, please refer to the troubleshooting document.

Release 3.9.3.0

Release Notes - Version 3.9.3.0

Overview

This release addresses several important issues and introduces enhancements to improve your experience with our product. It includes fixes, updates, and new features to make your workflows more efficient and secure.

Changes

1. Resource Tagging

• Issue: Resource tags were not consistently applied to all resources.
• Solution: We've fixed this problem to ensure that resource tags are correctly and uniformly applied, simplifying resource management.

2. Terraform Compatibility

• Issue: Compatibility issues between Terraform v1.6 and older versions.
• Solution: We've addressed these issues, ensuring smooth operations.
• ⏰ terraform version on the deployer is upgraded to v1.6 to be aligned with the latest release. Look at the Additional Notes on upgrading the deployer.

3. IP Address Management

• Issue: Complicated IP address assignment affecting Ansible integration.
• Solution: We've improved the logic for gathering IP addresses by using IMDS, making it more straightforward to work with Ansible.

4. Enhanced Security

• Issue: Pipeline permissions for variable groups and agent pools needed improvement.
• Solution: Enhanced security by assigning proper pipeline permissions, ensuring a more secure environment.

5. Deployer Extension Behavior

• Issue: Deployer extension sometimes displayed unintended configuration details in logs.
• Solution: This issue is resolved, preventing configuration exposure in logs.

6. tfvars File Management

• Issue: Centralized storage of tfvars files was missing for command-line deployments.
• Solution: We now copy tfvars files into the Terraform state storage account, providing better control and organization.

7. Code Readability Enhancements

• Issue: General deployment and code readability needed improvement for both Ansible and Terraform.
• Solution: We've made various code readability enhancements, streamlining deployment and management processes.

Testing

All solutions and improvements have been tested using the SDAF deployment pipelines and the command line to ensure they work effectively.

Additional Notes

If you encounter difficulties upgrading the control plane VM, we recommend manually removing the configure_deployer extension from the VM and then redeploy.

Feedback

We appreciate your feedback and are committed to continuously enhancing your experience with our product.

Please feel free to reach out if you have any questions or require further assistance via issues or discussions.