Studio and StudioX come with a file-based governance model that can be enforced at an organization level to exert a level of control over certain functionalities.
The current capabilities are:
- enforce per Studio or StudioX, or both.
- restrict usage of package feeds from the Manage Packages window and Backstage View> Settings > Manage Sources;
- enforce organizational development standards using Workflow Analyzer rules;
- disable Send Feedback functionality.
- configure Studio Backstage View > Settings > Design settings: Enforce Analyzer before Publish, Enforce Analyzer before Run, Enforce Check-In before Publish, Create docked annotations.
The parameters pertaining to each capability must be part of a uipath.policies.config file, and available either:
- locally (for quick testing purposes) inside the Roaming folder of the Studio's end-user machine, or
- externally (for large deployments) at a path (including HTTP/HTTPS server) referenced by the registry key (
Computer\HKEY_CURRENT_USER\Software\UiPath/GovernanceSource).
If the governance file is located at both locations, the Registry Key path is read first.
Generate the Governance File
The first step in enforcing development standards in your organization is to generate a governance file from Studio or manually create a similar file that would incorporate all or part of the capabilities we listed above.
Important!
The governance file must be of type .config with the following name uipath.policies.config.
To generate a governance file with your current configuration from Studio, go to the Backstage view > Help tab, and select Generate Governance File. The exported file can be shared across your team.
Use the button below to download the sample that includes all Workflow Analyzer rules. Modify the sample to fit your organization's needs.
Please bear in mind that if you have installed UiPathStudioSetup.exe, you need to change the path to the Local feed to C:\Users\CurrentUser\AppData\Local\UiPath\app-Studio_version.
Configure the Governance File
File Version and File Label
Governance files may have different versions, a custom name in Studio or StudioX UI.
{
"Metadata": {
"Version": "1.0"
},
"Info": {
"Name": "Sample Policy Registry Key"
}
}"Metadata" > "Version"
major.minor between quotation marks ""
"Info" > "Name"
Label written between quotation marks ""
- visible in Backstage > Help, under Company Policy.
Studio Profiles and Send Feedback
The governance file may contain policies for both Studio and StudioX users, however, these must be structured per profile. Policies for Studio must be separated from those from StudioX, and from those for Studio Pro, as in the example below:
{
"Profiles": {
"Development": {
"Shell": {
"IsFeedbackEnabled": true,
"HideGettingStartedScreen": false
},
"PackageManager": {},
"Analyzer": {}
},
"Business": {
"Shell": {
"IsFeedbackEnabled": true,
"HideGettingStartedScreen": false
},
"PackageManager": {},
"Analyzer": {}
},
"StudioPro": {
"Shell": {
"IsFeedbackEnabled": true,
"HideGettingStartedScreen": false
},
"PackageManager": {},
"Analyzer": {}
}
}
}"Profiles"
For Studio: Development
For StudioX: Business
For Studio Pro: StudioPro (also applies to Community license)
- all three are accepted in the same file.
"Shell" > "IsFeedbackEnabled", "HideGettingStartedScreen"
Either true or false.
Usage of Package Sources
Accessing, adding, or removing package sources may be restricted per Studio, StudioX, Studio Pro, or any combination of the three, using the governance file.
{
"PackageManager": {
"AllowAddRemoveFeeds": false,
"AllowEnableDisableFeeds": false,
"AllowOrchestratorFeeds": true,
"Feeds": [{
"Name": "Organization Internal Feed",
"Source": "https://[company].pkgs.visualstudio.com/_packaging/nuget-packages/nuget/v3/index.json",
"IsEnabled": true
},
{
"Name": "Official",
"Source": "https://www.myget.org/F/workflow/",
"IsEnabled": true
}
]
}
}"Package Manager"
"AllowAddRemoveFeeds"
Either true or false.
"AllowEnableDisableFeeds"
Either true or false.
"AllowOrchestratorFeeds"
Either true or false.
"Feeds"
"Name"
Label written between quotation marks ""
- visible in Manage Packages.
"Source"
Feed source written between quotation marks ""
- visible in Manage Packages.
"IsEnabled"
Either true or false.
If the "AllowAddRemoveFeeds" and "AllowEnableDisableFeeds" parameters are set to true, the user may modify feeds available in the Package Manager. If any changes are made, they are persisted when Studio is restarted.
Feeds that are defined in the governance file are added to the Default package sources section in the Manage Packages window and the user can add the custom feeds (if provided with the required rights in the governance file) to the User defined package sources section.
Design Settings
Configure settings found in Backstage > Settings > Design, as illustrated in the User Interface page.
{
"SourceControl":{
"CheckInBeforePublish":true
},
"Workflow":{
"AnalyzeOnRun":true,
"AnalyzeOnPublish":true,
"DockedAnnotations":true
}
}Under "SourceControl" section:
Enforce Check-In before Publish
"CheckInBeforePublish"
Either true or false.
Under "Workflow" section:
Enforce Analyzer before Run
"AnalyzeOnRun"
Either true or false.
Enforce Analyzer before Publish
"AnalyzeOnPublish"
Either true or false.
Create docked annotations
"DockedAnnotations"
Either true or false.
Workflow Analyzer Rules
The Workflow Analyzer is the tool for verifying if projects meet development standards. Using the governance file, organizations can enforce custom rules pertaining to their needs across all projects, in a centralized manner.
Remarks
- The custom ruleset can be defined beforehand in a separate file of type
.json, and delivered through a dll external assembly or custom activity pack. Read more about Building Custom Rules for Workflow Analyzer. - The governance file can't deliver credentials, which means secure feeds aren't supported.
- If a custom ruleset is enforced, then users cannot make any changes to Workflow Analyzer rules in Studio or StudioX.
- If a custom ruleset was not referenced or embedded in the governance file, the Workflow Analyzer default rules are used. If the "Analyzer" section is not mentioned, governance for Workflow Analyzer is not enforced. If the section is mentioned, even if it's empty, then the management of rules is disabled in Studio.
- When enforcing governance, rules built-in Studio or UiPath activity packages are disabled by default unless otherwise mentioned in the governance file or custom ruleset.
Enforcing Rules
There are two ways to manage the custom ruleset in the uipath.policies.config governance file:
- Point to the ruleset located at one of the following paths:
- on the local machine;
- shared on a network server or machine, identifiable by the UNC path;
- in shared blob storage, identifiable via the http(s) path.
- Embed the custom ruleset by enabling or disabling rules, mentioning their IDs, parameters, error levels.
All custom rules must be referenced or added in the "Analyzer" section. Rules and counters must be split into their own sections, as illustrated below:
{
"Analyzer": {
"AllowEdit": false,
"ReferencedRulesConfigFile": null,
"EmbeddedRulesConfig": {
"Rules": [
{
"Id": "ST-NMG-001",
"IsEnabled": false,
"Parameters": [{
"Name": "Regex",
"Value": null
}],
"ErrorLevel": "Error"
}
],
"Counters": [{
"Id": "ST-ANA-009",
"IsEnabled": true,
"Parameters": []
}]
}
}
}"AllowEdit"
If set to true, governance settings are passed as defaults allowing the user to make changes to rules.
If set to false, no changes can be made to any rules.
If the parameter is not added, by default, users are restricted from editing rules.
"ReferencedRulesConfigFile"
- Path to
.jsonruleset - Use
nullto enforce rules from"EmbeddedRulesConfig"
"EmbeddedRulesConfig"
Holds "Rules" and "Counters"
"Id"
Rule ID, ex. ST-NMG-001
"IsEnabled"
Either true or false
"Parameters"
- Holds the rule parameter's
**Name**and**Value** - Use
[]if the rule doesn't have parameters.
"Name"
The parameter's name written between quotation marks.
"Value"
- The parameter's value written between quotation marks
- Can be
null
"ErrorLevel"
Either Error, Warning, Info or Verbose.
"Counters"
Holds parameters for counters: "Id", "IsEnabled", "Parameters" 1.
1 - Since counters don't have parameters, use [].
If the "AllowEdit" parameter is set to true, the user may modify rules available in the Workflow Analyzer settings window. If any changes are made, they are persisted when Studio is restarted.
Enforce the Governance Policy
The uipath.policies.config may be located locally and/or externally. Please take into consideration that Studio or StudioX checks the Registry Key path first.
If stored locally, the governance file must be located at the following path: %AppData%\UiPath.
If stored externally, follow the steps below to add the uipath.policies.config to the Registry Editor:
- Open Registry Editor on the machine where Studio is installed.
- Locate the following registry key:
Computer\HKEY_CURRENT_USER\Software\UiPathand hit Enter. - In the Registry Editor, right-click and select New > String Value. Type in the
GovernanceSourcename for the new value. Do not use another name for the value! - Double-click the
GovernanceSourcestring to edit. In the Value data field add the path to theuipath.policies.configfile, and click OK.
The registry key should look like this:
The policies from the uipath.policies.config are enforced after Studio is restarted.
If company policies are enforced, a message appears in the Workflow Analyzer settings window, Send Feedback window, Manage Sources in Backstage view > Settings, and Manage Packages:
If the governance policy is removed for the user, settings that were enforced through the governance file are persisted as defaults. However, now the user has the option to modify settings that were restricted when the governance policy was in place.
Updated a day ago