Nintex Workflow 2007 - global settings / variables - workflow

The problem:
When we create a workflow on UAT/Stage environment we need to import it to Production environment. Then we need to change the environment URLs (Web Service calls and such) and email addresses.
Is it possible:
To store URLs and emails in some global configuration where the Nintex Workflow would pick it up so whenever we deploy the workflow again to production we wouldn't need to go to each step and edit its settings?

Got an email from Nintex Support:
Dear Jakub,
Thank you for your e-mail.
The only suggestion I have is to use Workflow Constants. You can
configure workflow constants in Central Administration > Application
Management > Manage Workflow Constants.
In your workflow you use a lookup reference which points to the
appropriate workflow constant. As long as the Workflow constant name
is the same in both environments the workflow will pick it up but the
Workflow constant will contain the relevant URL for the environment.
Hope this helps.
Kind Regards
Simon Muntz Software Support Engineer - Team Lead Nintex Workflow for
Everyone® | nintex.com

Alternatively, use a list on your site as a configuration settings table. Set up a list of name/value pairs, then at runtime your workflow can query the list by name and retrieve the required value.

Related

How to pull code from different branches at runtime and pass parameter to NUnit.xml file?

We recently moved Java(TestNG) to C#.Net (NUnit). Sametime migrated to Jenkins to Team-city. Currently we are facing some challenges while we configuring the new build pipeline in Team-City.
Scenario 1: Our project has multiple branches, we generally pull code from different Git-branches then trigger the automation.
In Jenkins we used to create build-parameter(list), when user try to execute the Job, he/she select the branch-name from the list (build-parameters), then git will pull code user selected branch then trigger execution.
Can you please help how to implement a similar process in Team-City?
How to configure the default value in the list parameter?
Scenario 2: In Jenkins build-parameter use used to pass to (TestNG.xml). eg: browser, environment. When the user select browser and environment from build parameters, when execution trigger TestNG pull those values and initiate the regression.
How should create build parameters (browser, envi.) and pass those
values to NUnit/ config file?
Thanks
Raghu

Duplicate Override ARM Template Parameters while doing deployment

I am testing the Azure data factory deployment using ARM Templates, where I am deploying the all the ADF Instances (Data factory pipeline, linked services, data sets, data flow, Trigger etc.) from Development to UAT and Production, but before deploying to UAT and production. I included below activity in Azure DevOps pipeline-
Stopping the ADF Trigger using 'Azure PowerShell' in built task of azure Devops release pipeline. In this task I am using the Inline script to stop trigger before deployment to UAT/PROD environment.
ARM Template deployment = using ARM Template I configured following value in it.
Template -> the ARM template of the pipeline ARMTemplateForFactory.json
Template Parameters -> the ARM \TemplateParametrsForFactory.json
Override template Parameter-> When I tried to enter the Values for UAT/Prod environment. some parameter are showing double.
Q-1. PFA, the details about each step and the logs. Please guide me why trigger not taking proper format. what could be the reason behind this? How should I correct this so that it can take trigger parameters only once.
Q-2. Also Please let me know Do I need Azure function app key for UAT/Prod environment to enter that value while override template parameter? Can someone please take a look and guide me what I am missing here?
Thanks
This question is answered in Microsoft Q&A platform. Thank you #sachingupta-1921 and #MartinJaffer-MSFT for the workable solution, posting it as an answer here to help the other community members.
A-1: Changing the name of the triggers without spaces resolved the problem mentioned in Q-1.
A-2: If you have different keys for dev / uat/ prod, then you would definitely need to include that.
Since you have a Key Vault, you could put the Function App key in there, and let it be taken care of by the change of key vaults. Then you would not need to enter the Function App key in the parameters.

Tag resources when registering to the environment

I have a pipeline with multiple stages that deploys groups of virtual machines.
And registers one to and azure pipelines environment.
Then I want to target that registered VM in a deployment job.
I have a problem to target that resource by name as the resource does not exists in the environment at queue time so I cannot even disable the stage before running.
So my next option is targeting by tags.
But I saw no option in the registration script to define tags at registering time.
So my pipeline flow has a manual step between stages to go to the environment and tag the resource.
Then I can trigger the deployments stage of the pipeline and it continues ok.
So my question is:
There is any way of disabling the resource evaluation at queuetime or anyway to tag resoureces in the environment programmatically?
Thanks
But I saw no option in the registration script to define tags at
registering time.
When running the Registration script, there will be a step: Enter Environment Virtual Machine resource tags? (Y/N) (press enter for N), at this time you need to enter Y, and then in the next step: Enter Comma separated list of tags (e.g web, db) define the tag for the resource.
Update:
You can add --addvirtualmachineresourcetags --virtualmachineresourcetags "<tag>" to the registration script.
You can refer to this case for details.

GitHub Actions: Are there security concerns using an external action in a workflow job?

I have a workflow that FTPs files by using an external action from someuser:
- name: ftp deploy
uses: someuser/ftp-action#master
with:
config: ${{ secrets.FTP_CONFIG }}
Is this a security concern? For example could someuser change ftp-action#master to access my secrets.FTP_CONFIG? Should I copy/paste their action into my workflow instead?
If you use ftp-action#master then every time your workflow runs it will fetch the master branch of the action and build it. So yes, I believe it would be possible for the owner to change the code to capture secrets and send them to an external server under their control.
What you can do to avoid this is use a specific version of the action and review their code. You can use a commit hash to refer to the exact version you want, such as ftp-action#efa82c9e876708f2fedf821563680e2058330de3. You could use a tag if it has release tags. e.g. ftp-action#v1.0.0
Although, this is maybe not as secure because tags can be changed.
Alternatively, and probably the most secure, is to fork the action repository and reference your own copy of it. my-fork/ftp-action#master.
The GitHub help page does mention:
Anyone with write access to a repository can read and use secrets.
If someuser does not have write access to the repository, there should be no security issue.
As commented below, you should specify the exact commit of the workflow you are using, in order to make sure it does not change its behavior without your knowledge.

Concourse CI: Use Metadata (Build number, URL etc) in on_success/on_failure

How is it possible to use Metadata in on_success/on_failure? For example, to send emails via https://github.com/pivotal-cf/email-resource?
I haven't found a way, as I can't change content of files where email resources reside (subject/body), as the metadata is not available to tasks.
And yep, that might be a duplicate for Concourse CI and Build number
But still my question IMHO is a valid use case for notifications.
The metadata you are referring to, I assume, is the environment variables provided to resources, not tasks.
This can be used with the slack resource to provide information about what build failed.
For example:
on_failure:
put: slack-alert
params:
text: |
The `science` pipeline has failed. Please resolve any issues and ensure the pipeline lock was released. Check it out at:
$ATC_EXTERNAL_URL/teams/$BUILD_TEAM_NAME/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME
The email resource, you're referencing has an open PR to support these environment variables. I'd discuss your need for that feature there.