Extending DevSecOps to your SAP Landscape

IT managers would at one point wonder 'How do I transition my SAP Ecosystem to an effective and efficient DevSecOps compliant landscape?'

In the earlier post, we read about how one can transition to DevSecOps. But SAP landscape has some inherent challenges to the industrial definition of DevSecOps. It has multiple development environments that integrate into almost all technology platforms. A business process transcends multiple systems, both SAP and non-SAP.

Did you know the toolchain bundled within your SAP Enterprise Support holds the key to a successful and effective DevSecOps for your SAP estate? 

The Challenge:

Let us understand the challenges in an SAP Estate and how we can help them to adopt agile and DevOps approaches.

1. Not Continuous	Not continuously integrated or deployed. Typical releases are monthly, while at best daily emergency changes are only moved. No simple rollback approach. The deployment integrity is part of the software architecture itself.
2. Complex Maintenance	All major deployment has multi-layered integration and security needs. Outages and downtime high risk and business impact making lifecycle management a complex orchestrated task.
3. Tailored Solution	Customized solutions and customizing functional configurations are huge investments, that accumulated over time and difficult to discard. Fit-to-standard where not possible leads to tailored solutions.
4. Cost of Ownership	High solution ownership cost, both license, and infrastructure. This limits the availability of parallel systems, building environments on demands, etc. This is the reason why multiple projects run and share the same system.
5. Practice Gaps	SAP development and configuration process has its own methodology and thus gathered inertia. SAP consultant, develop and release management need to adapt to a process that bridges that gap.
6. Tooling	No single solution to support all SAP DevSecOps requirements thus the requirement of defining the toolchain that will support the governance framework. Existing toolsets thus require tweaking to adapt.

The Toolchain:

Using Solution Manager as the core below is a proposed Solution Inventory of DevSecOps Building Blocks. The tools marked with Asterix (*) are products that are not bundled in the enterprise service. They could be part of your license bundle, else could also be purchased separately. There are other OEM that also provides tools to supplement these building block in case something is not available for use. Except for Dynamic Security Testing and Performance Testing, all other products come from SAP as of date.

SAP Solution Inventory of DevSecOps Building Blocks

In your DevOps landscape, most of these products may be already available and configured. In that case, a fit-gap study would be required and deployed. Even if one does not have a set-up ready, a roadmap can be developed with sprints for early business value realization.

Thus the first step to a DevSecOps can be set up using your SAP Enterprise Support products from SAP. A foundation technology platform is available, which can be configured to scale-up, scale-out, and optimize as per your business needs.

--x--

---------------------------------------- Acknowledgments Of Contribution ---------------------------------

Thank you all for the thoughts and action on this evergreen topic of DevOps and DevSecOps and help develop proof points and take them to customers.  Vikas Goyal, Niharika Goyal, Patro Srinivas, Rajesh Dadwal, Sulagna Dasgupta, Mriganka Basak, Abhilasha Singh, Ravi Shankar Ojha, Pooja Gupta, Gaurav Mittal, Soumen sasmal, KULDEEP SINGH. Thank you, Kapil Pandey, as a DevSecOps architect for guiding us all to excel in what we do. Team #SAPbyHCL #ArtOfPossible