In the military, banking and insurance environments physically separate Orchestrations are often used. For example, there are three Orchestration instances, one for development, one for consolidation and one for production. Between these separate Orchestrations, the transfer of RPA workflows must be realized. To ensure that packages are not manipulated during the transfer, here are two suggestions:
Add a CRC check sum and a Four-Eyes checkbox in Orchestrator
If a CRC checksum is build when a package is imported into the Orchestrator, it could be compared between different orchestrations to make changes transparent. Additionally, an optional checkbox could be added, which must be set by a second administrator. Only if this checkbox is set, the process can be executed. Even with this, we do not make manipulations impossible, but we make them also more difficult.
Additional field in Orchestrator API
Furthermore, the API of the Orchestrator could also be extended when importing a package. An additional field with the CRC checksum, at REST call UiPath.Server.Configuration.OData.UploadPackage in case that one package is uploaded. And if the CRC checksum does not match the import is rejected. Also an additional REST method to get a CRC checksum of a package. This way we can use to check CRC checksums between different Orchestrator instances automatically.
My proposals are aimed at transferring automation workflows in high-security environments with a high level of security. These three small suggestions could contribute these.