Studio comes with a file-based governance model that can be enforced at an organization level to exert a level of control over certain functionalities.

The current capabilities are:

1. enforce per Studio, Studio Pro, or StudioX, and any combination thereof.
2. restrict usage of package feeds from the Manage Packages window and Backstage View> Settings > Manage Sources;
3. enforce organizational development standards using Workflow Analyzer rules;
4. disable Send Feedback functionality.
5. configure Studio Backstage View > Settings > Design settings: Enforce Analyzer before Publish, Enforce Analyzer before Run, Enforce Check-In before Publish, Create docked annotations.

The parameters pertaining to each capability must be part of a uipath.policies.config file, and available either:

• locally (for quick testing purposes) inside the Roaming folder of the Studio's end-user machine, or
• externally (for large deployments) at a path (including HTTP/HTTPS server) referenced by the registry key (Computer\HKEY_CURRENT_USER\Software\UiPath / GovernanceSource).

If the governance file is located at both locations, the Registry Key path is read first.

Generate the Governance File

The first step in enforcing development standards in your organization is to generate a governance file from Studio or manually create a similar file that would incorporate all or part of the capabilities we listed above.

🚧

Important!

The governance file must be of type .config with the following name uipath.policies.config.

To generate a governance file with your current configuration from Studio, go to the Backstage view > Help tab, and select Generate Governance File. The exported file can be shared across your team.

Use the button below to download the sample that includes all Workflow Analyzer rules. Modify the sample to fit your organization's needs.

Please bear in mind that if you have installed UiPathStudioSetup.exe, you need to change the path to the Local feed to C:\Users\CurrentUser\AppData\Local\UiPath\app-Studio_version.

Configure the Governance File

File Version and File Label

Governance files may have different versions, a custom name in Studio or StudioX UI.

{
    "Metadata": {
        "Version": "1.0"
    },
    "Info": {
        "Name": "Sample Policy Registry Key"
    }
}

Studio Profiles and Send Feedback

The governance file may contain policies for both Studio and StudioX users, however, these must be structured per profile. Policies for Studio must be separated from those from StudioX, and from those for Studio Pro, as in the example below:

{
    "Profiles": {
        "Development": {
            "Shell": {
                "IsFeedbackEnabled": true,
                "HideGettingStartedScreen": false
            },
            "PackageManager": {},
            "Analyzer": {}
        },
        "Business": {
            "Shell": {
                "IsFeedbackEnabled": true,
                "HideGettingStartedScreen": false
            },
            "PackageManager": {},
            "Analyzer": {}
        },
        "StudioPro": {
            "Shell": {
                "IsFeedbackEnabled": true,
                "HideGettingStartedScreen": false
            },
            "PackageManager": {},
            "Analyzer": {}
        }
    }
}

Usage of Package Sources

Accessing, adding or removing package sources may be restricted per Studio, StudioX, StudioPro or any combination of the three, using the governance file.

{
    "PackageManager": {
        "AllowAddRemoveFeeds": false,
        "AllowEnableDisableFeeds": false,
        "AllowOrchestratorFeeds": true,
        "Feeds": [{
                "Name": "Organization Internal Feed",
                "Source": "https://[company].pkgs.visualstudio.com/_packaging/nuget-packages/nuget/v3/index.json",
                "IsEnabled": true
            },
            {
                "Name": "Official",
                "Source": "https://www.myget.org/F/workflow/",
                "IsEnabled": true
            }
        ]
    }
}

If the "AllowAddRemoveFeeds" and "AllowEnableDisableFeeds" parameters are set to true, the user may modify feeds available in the Package Manager. If any changes are made, they are persisted when Studio is restarted.

If the "AllowOrchestratorFeeds" parameter is set to true and the Robot is Connected to Orchestrator, users cannot disable the default Orchestrator feeds.

Feeds that are defined in the governance file are added to the Default package sources section in the Manage Packages window and the user can add the custom feeds (if provided with the required rights in the governance file) to the User defined package sources section.

Design Settings

Configure settings found in Backstage > Settings > Design, as illustrated in the User Interface page.

{
      "SourceControl": {
        "CheckInBeforePublishParam": {
          "AllowEdit": false,
          "Value": false
        }
      },
      "Workflow": {
        "DefaultProjectLanguageParam": {
          "Value": VisualBasic,
          "AllowEdit": false
        },
        "DockedAnnotationsParam": {
          "AllowEdit": false,
          "Value": true
        },
        "IsCollapsedViewSlimParam": {
          "AllowEdit": false,
          "Value": false
        },
        "AnalyzeOnPublishParam": {
          "AllowEdit": false,
          "Value": false
        },
        "AnalyzeOnRunParam": {
          "AllowEdit": false,
          "Value": false
        },
        "AnalyzeRpaXamlsOnlyParam": {
          "AllowEdit": false,
          "Value": false
        },
        "ModernBehaviorParam": {
          "AllowEdit": false,
          "Value": false
        },
        "ObjectRepositoryEnforcedParam": {
          "AllowEdit": false,
          "Value": false
        }
      },
}

Two parameters are available for each option:

• "AllowEdit" - Indicate whether or not users are allowed to change the default setting configured by the governance file (true to allow, false to deny).
• "Value" - Indicate the default setting, as described in the following tables.

Under "SourceControl":

Under "Workflow":

Workflow Analyzer Rules

The Workflow Analyzer is the tool for verifying if projects meet development standards. Using the governance file, organizations can enforce custom rules pertaining to their needs across all projects, in a centralized manner.

Remarks

• The custom ruleset can be defined beforehand in a separate file of type .json, and delivered through a dll external assembly or custom activity pack. Read more about Building Custom Rules for Workflow Analyzer.
• The governance file can't deliver credentials, which means secure feeds aren't supported.
• If a custom ruleset is enforced, then users cannot make any changes to Workflow Analyzer rules in Studio or StudioX.
• If a custom ruleset was not referenced or embedded in the governance file, the Workflow Analyzer default rules are used. If the "Analyzer" section is not mentioned, governance for Workflow Analyzer is not enforced. If the section is mentioned, even if it's empty, then the management of rules is disabled in Studio.
• When enforcing governance, rules built-in Studio or UiPath activity packages are disabled by default unless otherwise mentioned in the governance file or custom ruleset.

Enforcing Rules

There are two ways to manage the custom ruleset in the uipath.policies.config governance file:

1. Point to the ruleset located at one of the following paths:

• on the local machine;
• shared on a network server or machine, identifiable by the UNC path;
• in shared blob storage, identifiable via the http(s) path.

2. Embed the custom ruleset by enabling or disabling rules, mentioning their IDs, parameters, error levels.

All custom rules must be referenced or added in the "Analyzer" section. Rules and counters must be split into their own sections, as illustrated below:

{
    "Analyzer": {
    "AllowEdit": false,
        "ReferencedRulesConfigFile": null,
        "EmbeddedRulesConfig": {
            "Rules": [
        {
                    "Id": "ST-NMG-001",
                    "IsEnabled": false,
                    "Parameters": [{
                        "Name": "Regex",
                        "Value": null
                    }],
                    "ErrorLevel": "Error"
                }
            ],
            "Counters": [{
                "Id": "ST-ANA-009",
                "IsEnabled": true,
                "Parameters": []
            }]
        }
    }
}

1 - Since counters don't have parameters, use [].

If the "AllowEdit" parameter is set to true, the user may modify rules available in the Workflow Analyzer settings window. If any changes are made, they are persisted when Studio is restarted.

Enforce the Governance Policy

The uipath.policies.config may be located locally and/or externally. Please take into consideration that Studio or StudioX checks the Registry Key path first.

If stored locally, the governance file must be located at the following path: %AppData%\UiPath.

If stored externally, follow the steps below to add the uipath.policies.config to the Registry Editor:

1. Open Registry Editor on the machine where Studio is installed.
2. Locate the following registry key: Computer\HKEY_CURRENT_USER\Software\UiPath and hit Enter.
3. In the Registry Editor, right-click and select New > String Value. Type in the GovernanceSource name for the new value. Do not use another name for the value!
4. Double-click the GovernanceSource string to edit. In the Value data field add the path to the uipath.policies.config file, and click OK.

The registry key should look like this:

The policies from the uipath.policies.config are enforced after Studio is restarted.

If company policies are enforced, a message appears in the Workflow Analyzer settings window, Send Feedback window, Manage Sources in Backstage view > Settings, and Manage Packages:

If the governance policy is removed for the user, settings that were enforced through the governance file are persisted as defaults. However, now the user has the option to modify settings that were restricted when the governance policy was in place.