When running UiPath.CLI.Windows package analyze, there should be a way to include a RulesConfig.json file to customize the way that errors, warnings, etc are treated in the analysis.
The option to exclude a list of rules (entirely) does exist, but anything more nuanced or specific isn’t.
I’ve been spending some serious time with the most up-to-date version of the UiPath.CLI.Windows, so here is some additional feedback about Package Analyze:
–analyzerTraceLevel doesn’t seem to do anything except set all of the discovered (non-info) ‘violations’ to the ErrorSeverity level specified.
For example, --analyzerTraceLevel ‘Verbose’ would set all rule violations to ErrorSeverity 4. Running the exact same analysis with --analyzerTraceLevel ‘Error’ would set all of the 4’s from the previous example 1.
Rule ST-USG-034 (Automation Hub URL) reports a violation even when there is a valid URL in the project.json file.
With all of these limitations, using --stopOnRuleViolation in a build pipeline isn’t an effective solution (but I really wish that it were, so I’m hoping someone reads this feedback).
I had not heard of it but its in the official UiPath feed not listed as preview…
I cannot use it myself as various dependencies within it apparently cannot be found in any feed.
Things like the UiPath.Workflow.StandaloneAnalyzer is something I say as part of the build pipeline packages but its not appearing as a nuget for me.
Very odd, but I’d love more info as I recently made myself a nugest package as a wrapper for the CLI to analyze projects with custom rulesets etc but wanted to try to leverage some better functionality than the basic CLI stuff.
Hi, @Jon_Smith
I’d be happy to tell you more about how I’ve been using UiPath.CLI.Windows
First, I wasn’t getting the expected behavior when I used the Azure DevOps task plugin, so I’ve added a couple of tasks in my pipeline that:
Registers the UiPath-Official feed (Register-PSResourceRepository).
Downloads the latest UiPath.CLI.Windows (Save-PSResource)
Get the directory location for the ‘tools’ folder in the saved resource
Publishes the CLI files to an artifact that can be used in future pipeline jobs as needed.
Something to note here is that Save-PSResource downloads the unpacked CLI files, so it comes with all of its dependencies included. I’ve never had any problem using it directly from the cmd either on my local machine or in a pipeline task.
In later jobs, I use DownloadPipelineArtifact@2 with targetPath $(Pipeline.Workspace)\Tools, so the executable is $(Pipeline.Workspace)\Tools\$(cliName)\uipcli.exe.
renamed the nupkg to a .zip, extracted, and placed it somewhere on the filesystem
exported a governance “Modern Policy” file from Studio > Help on the right hand side, extracted and edited the “UiPath.policy.Development.json” into a renamed file
in PowerShell used absolute paths to call uipcli.exe , pointing to the folder with the project.json and supplied the location of an output file and the governance file O:\UiPath.CLI.Windows.24.12.9166.2449\tools\uipcli.exe package analyze T:\Scratch\ --resultPath T:\Scratch\analyzer-results.json --disableTelemetry --governanceFilePath "T:\uipath.policy.Development.CPRIMA.json"
Because I used them as a dependency in UiPath Studio the rules were already downloaded into %USERPROFILE%.nuget\packages
But the documented nuget.config file works (as per CICD integrations - Managing NuGet feeds ) and I can successfully delete the cached packes, they are downloaded by a uipcli.exe run, but only IF the feed key names do not contain a space
O:\UiPath.CLI.Windows.24.12.9166.2449\tools\uipcli.exe run T:\analyze-options.json
With the attached file “analyze-options.json” I can successfully analyze a project (as referenced in that very file by path to project.json, and with the help of a governance file).
Did quite a bit of trial-and-error to come to that options file. Maybe will be of help to somebody.
I can see a use in my CI/CD pipeline.
