sap-sac-test-automation

# SAP Analytics Cloud Test Automation

Design reusable SAC test automation as a capability-gated system: select the safest available discovery backend, require human review for profiles and baselines, then use reviewed Playwright code for deterministic execution, CI gating, reporting, and evidence.

Apply the core rule: **discovery proposes, humans approve, Playwright executes, CI enforces.**

## Related Skills

- **sap-sac-scripting**: Use for Optimized Story Experience scripting, Analytics Designer APIs, diagnostic widgets, story script behavior, and SAC MCP setup.
- **sap-sac-planning**: Use for planning models, private/public versions, data actions, multi actions, validation rules, and writeback risk analysis.
- **sap-sac-custom-widget**: Use when dashboards include owned custom widgets that need stable ARIA labels, public test hooks, lifecycle fixes, or black-box test contracts.
- **sap-dependency-security**: Use before adding source-pinned browser tools, MCP servers, CI dependencies, or executable automation that handles SAC credentials.
- **agent-browser**: Optionally load when the Vercel Labs agent-browser CLI is available and exact command syntax, snapshot/ref usage, screenshots, console, or network inspection is needed.
- **playwright**: Optionally load for CLI-based browser driving and debugging. For durable `@playwright/test` suites, use this SAC skill as the test architecture guide and follow the local project's Playwright conventions.
- **chrome-devtools**: Optionally load when Chrome DevTools MCP is installed and approved for read-only browser discovery, console/network inspection, screenshots, Lighthouse, or performance traces. Use `references/chrome-devtools-mcp.md` for SAC-safe defaults and Edge boundaries.

## When to Use This Skill

Use this skill to plan, implement, or review SAC automation involving:

- SAC stories, optimized stories, reports, dashboards, tabs, filters, prompts, tables, charts, exports, scripts, comments, or bookmarks.
- Dashboard profile files, scenario YAML, expected data files, visual baselines, Playwright adapters, and SAC-specific fixtures.
- Stored authentication state, SSO/MFA constraints, role-based test users, permission matrices, and CI gates.
- Planning writeback, private/public versions, data locks, validation rules, data actions, multi actions, or comment cleanup.
- Failure packets with traces, screenshots, videos, visual diffs, expected-vs-actual values, console/network summaries, and root-cause classification.

Do not use this skill as the main guide for generic web applications. Use general Playwright guidance for non-SAC sites.

## Quick Start

1. Classify the SAC story: production read-only, QA clone, planning/writeback, comments, permission-sensitive, or exploratory.
2. Establish the automation policy: allowed tenants, allowed users, auth storage handling, writeback approval, baseline approval, and CI triggers.
3. Run the capability and policy gate: choose manual discovery, Firecrawl public research, Chrome DevTools MCP with supported Chrome, Microsoft Edge/CDP, Chrome DevTools MCP with Edge best-effort, Playwright, agent-browser, or an approved enterprise browser lab based on what is installed and allowed.
4. Run read-only discovery with the selected backend: capture snapshots, annotated screenshots, console/page errors, network clues, and candidate component maps without sending private SAC content to unapproved external services.
5. Convert discovery into a human-reviewed dashboard profile: pages, widgets, locators, readiness markers, roles, data baselines, visual baselines, and known restrictions.
6. Implement deterministic Playwright tests through reusable adapters. Keep scenario files selector-free; route interactions through component IDs from the profile.
7. Gate only safe packs in CI first: auth check, read-only smoke, navigation, and critical widget readiness. Move planning, comments, data actions, visual baselines, and full permissions to controlled/nightly stages.
8. Emit reviewer-friendly failure evidence: HTML report, trace, screenshots, video, visual diff, widget metadata, expected vs actual values, and failure category.

## Operating Model

Treat AI/browser-agent output as a draft, not as the source of truth. Require human review for profile creation, selector approval, expected business values, visual/data baseline changes, permission matrices, and any destructive/writeback scenario.

Prefer profile-driven automation:

- Store tenant/story metadata, pages, components, roles, baselines, and test policies in versioned YAML/JSON.
- Implement adapters for SAC component types such as buttons, tables, charts, tabs, filters, prompts, planning tables, comments, custom widgets, exports, and bookmarks.
- Keep selectors out of scenario files. Scenarios should call component IDs and actions, while adapters resolve locators and readiness behavior.
- Start with serial execution for each dashboard. Increase parallelism only after proving isolation for auth state, tenant state, comments, planning versions, live connections, and backend capacity.

## Bundled Resources

Load these references only as needed:

- `references/architecture.md`: hybrid architecture, feasibility boundaries, reliable SAC test categories, and reusable project shape.
- `references/tool-availability-and-deployment.md`: backend decision matrix, Windows/restricted-environment checks, Firecrawl public-research policy, and no-tool fallbacks.
- `references/chrome-devtools-mcp.md`: Chrome DevTools MCP modes, SAC-safe configuration, tool categories, CLI usage, Windows/restricted deployment, and enterprise safety boundaries.
- `references/edge-cdp-enterprise.md`: installed Microsoft Edge/CDP discovery, Chrome DevTools MCP Edge patterns, profile safety, loopback-only CDP, and Windows/macOS launch checks.
- `references/dashboard-profiles-and-scenarios.md`: dashboard profile contract, scenario contract, adapter responsibilities, and onboarding flow.
- `references/agent