- Release Notes
- Getting Started
- UiPath Assistant
- Installation and Upgrade
- Robot Types
- Robot Components
- Licensing
- Connecting Robots to Orchestrator
- Processes and Activities
- About Automation Projects on the Robot
- About the Activities Feeds
- Background Process Automation
- Robot API
- Package Signature Verification
- Logging
- Robot JavaScript SDK
- Specific Scenarios
- Troubleshooting
About Automation Projects on the Robot
The Robot is an execution agent, meaning that you have to provide it with the automation projects you want it to run.
After creating an automation project in Studio, it needs to be published locally or to Orchestrator. Once a project is published, you can send it to the Robot machine and start executing it.
On the Robot machine, the available process feed is:
- When
Not
connected to Orchestrator - the value of theNuGetServerUrl
field in the%ProgramData%\UiPath\UiPath.settings
file (when the robot is installed in user-mode, the file is found in%ProgramData%\UiPath\UiPath.settings
). The value can be customized to your needs. By default, this value is%ProgramData%\UiPath\Packages
-
When connected to Orchestrator - the union of all the processes to which the user has access in Orchestrator.
The Robot uses the feed which responds the fastest, whether or not it's connected to Orchestrator.
Project.json
file when running your project from the UiRobot.exe (command line) client. Running .xaml
files is still supported, but the workflow must be inside of a project folder.
When you publish a package from Studio or the Command Line, you have the possibility to sign it. Find out more about signing packages.
The Robot verifies the signature of a package when a job is started. A package is not installed if its signature is not trusted.
A package can have a repository and author certificate. However, only a repository certificate is mandatory, but packages are signed this way by default. You can allow the Robot to install packages if they have just a repository signature, or enforce verification of an author signature as well, before installing a package.
After you start a job, the Robot on the particular machine verifies the package signature as follows:
-
The repository certificate is checked. It is represented by the
certificatefingerprint
tag. The fingerprint from theNuGet.config
needs to be the same as the one from the package:- Different - the package is not installed.
- Same - checks if the package needs to be signed by authors as well.
-
The value of the
allowUntrustedRoot
attribute is verified. It means that the package needs to be signed by an author:="true"
- only a repository signature is required, so the package is installed.="false"
- an author signature is required, so an additional check is made.
-
The author signature is verified, which needs to be in the
<owners>
tag, inside the<trustedSigners>
tag:- Not Trusted - the package is not installed.
-
Trusted - the package is installed.
While connected to Orchestrator, the UiPath Assistant displays all the automation projects the given Robot has been associated with.
%USERPROFILE%\.nuget\Packages
folder.
%USERPROFILE%\.nuget\Packages
folder.
%USERPROFILE%\.nuget\Packages
folder is automatically created when you first deploy a package to an environment (create a process) in Orchestrator.
%USERPROFILE%\.nuget\Packages
folder and all other dependencies (activities), and then starts the execution.
The Robot can be configured to automatically download and start processes when it is connected to Orchestrator. The option is enabled from the Process Settings window in Orchestrator. A process configured this way is automatically downloaded and started when the UiPath Assistant is launched. Please note that only Attended Robots can automatically download and start processes.
The UiPath Assistant displays, in the Available Processes section, the automation projects that are stored as follows:
- in both the
%ProgramData%\UiPath\Packages
and%USERPROFILE%\.nuget\Packages
folders - only in the
%ProgramData%\UiPath\Packages
directory. These items are marked with the update icon. Clicking this button unzips the process in the%USERPROFILE%\.nuget\Packages
folder.
%ProgramData%\UiPath\Packages
folder and decompressed in the %USERPROFILE%\.nuget\Packages
folder can be executed directly.
%ProgramData%\UiPath\Packages
folder is created when you first publish an automation project from Studio. If you are not connected to either Studio nor
Orchestrator, you have to create this folder.
%USERPROFILE%\.nuget\Packages
directory is created when you decompress the first automation package.
Standard users are prevented from reading and/or writing workflows (*.xaml files) of installed projects. This feature applies to Robot v2018.1.1 and greater instances where the Robot was installed as a service.
The NuGet packages of projects are downloaded and installed by the Robot Service, as previously mentioned. They are protected in the following manner:
- A folder for the package about to be installed is created, in the
<ProjectName>\<Version>
format, in the%USERPROFILE%\.nuget\Packages
directory. -
The following security measures are taken for the aforementioned directory:
- Permission inheritance is disabled and all permissions are cleared;
- Full control is granted to the Local System account and Built-in Administrators; This means that standard users can no longer
list, read or write files in the
%USERPROFILE%\.nuget\Packages
folder.
- The package is downloaded and extracted in this directory, using the NuGet package manager, under the Local System account.
- All the temporary generated files are also secured.
- For each workflow file (*.xaml) present in the secure folder (including subfolders), permission inheritance is disabled and all permissions are cleared.
- Full control over these files is granted to the Local System account and Built-in Administrators.
-
For the
%USERPROFILE%\.nuget\Packages\<ProjectName>\<Version>
folder, the inheritance is enabled. The permissions for the%USERPROFILE%\.nuget\Packages\<ProjectName>\<Version>
directory are now the same as those for the parent directory,%USERPROFILE%
.Note: Access to workflow files (*.xaml
) remains protected since the permissions for these were explicitly set without inheritance at step 5. Access to other files in the project folder is granted to standard users.
Securely installed projects are ran by Robot executor instances in standard user mode.
*.xaml
) by itself in the installation folder (%USERPROFILE%\.nuget\Packages\<ProjectName>\<Version>
), and performs the following steps:
- Makes an open file request to the Robot Service.
- The Robot Service enables access to the requested workflow files only for executors that were created by the Robot Service.
-
The Robot Service does not allow other user processes to obtain access to a protected workflow file.
Note:The packages installed by a previous UiPath version (previous to 2018.1) remain unprotected.
Only Admins can delete projects.