VMware Cloud Community
orian
Hot Shot
Hot Shot

Xaas on Vra 8

On vRA 7.5 I was able to create a regular workflow in the the vRO and publish it in the vRA (Xaas Blueprint).

For example I have a workflow which get the user login and reset his password.

On vRA 8.1 I still don't understand the flow.

I created the same Workflow in the orchestrator.

In the user field I attached an action with these lines:

var fullName = Server.getCurrentLdapUser().loginName;

return fullName;

From vRO the workflow finished without problem.

I went to the service Broker --> Content & Polices --> Content Source and imported my new workflow.

Then I went to Content Sharing and added imported workflow to my project.

When I tried to run the new Item from catalog, the field of user name stay empty.

So I went to Content & polices --> Content --> chose my item --> Customize form

In the field of user name I configured the value to use an external source (My action)

I expected that when I importing a workflow from the vRO it will also import the form I created there... Is there a problem in the way I did it?

Then I returned to catalog and tried to run my request again.

However, instead of my username I see a strange string: vro-gateway-JDZGP2y8495

How can I solve this problem?

Reply
0 Kudos
10 Replies
orian
Hot Shot
Hot Shot

any idea?

Reply
0 Kudos
kama3a
VMware Employee
VMware Employee

Hello Orian,

after testing on 8.1, i can confirm that there is an actually a bug with passing workflow form more specifically the external binding to an catalog item in service broker.

As a workaround you can edit the imported workflow form:

- service broker > content & policies > Content > (find the workflow you wish to edit and click on the 3 dots) > Customize Form

  -- In the form editor you can correct the binding for specific input as doing it in vRO workflow.

This issue has been tracked by our engineers and fixed for upcoming 8.2 and 8.1 patch 3 release.

For the second issue with logged username, it is actually expected behavior.

Actually in 8.1 we have multiple service which can communicate via service accounts.

In the current situation you are making an request from service broker to vRO, that's why you are seeing other username.

Can you give more details about your use-case, what is the goal?

~Hristo

Reply
0 Kudos
orian
Hot Shot
Hot Shot

Hi.

Thank you for the response

Is there a date for the patch release?

About the user issue:

I have a workflow which identify the user log in the vRA and allow him to reset his password in the AD.

This is the action running in the user filed

var fullName = Server.getCurrentLdapUser().loginName;

return fullName;

In vRA 7.5 it works!

pastedImage_0.png

Reply
0 Kudos
kama3a
VMware Employee
VMware Employee

Hi again,

If you are logged in vRA you also can navigate between the services inside due same session, same rule is for vRO.

Lets say you are logged with john@vmware.corp account inside vRA, navigating to vRO same user will be used there.

In meantime lets say 100 people are logged in vRA, if you request something from service broker to vRO, the 'requestor' you, will be the same one in vRO.

8.x vRA introduce new architecture and the current script which you execute, has an expected result due call from service-to-service trough service accounts.

As workaround, if you are calling a workflow modify it a bit with execution of scripting element and the following script:

var loggedUser = System.getContext().getParameter('__metadata_userName')

it will return the actual user who make the request from service broker, ex: john@vmware.corp

This will work only when executing the workflow from service broker and NOT when running the workflow from vRO.

~Hristo

Reply
0 Kudos
orian
Hot Shot
Hot Shot

Can I identify in my action if I'm running from vRA or vRO?

Reply
0 Kudos
kama3a
VMware Employee
VMware Employee

Hi again,

if you are running deploy from service broker to vRO workflow - the workflow has access to meta-data and can get the username.

Action scripting wont work, only workflow execution.

var loggedUser = System.getContext().getParameter('__metadata_userName')

if you are running the workflow from vRO above script wont work, due missing meta-data.

use:

var fullName = Server.getCurrentLdapUser().loginName;

~Hristo

Reply
0 Kudos
orian
Hot Shot
Hot Shot

Hi,

I want the user name will be presented in my form while requesting a deploy.

I have some other workflows (in vRA) which use this filed in order to presents data (according the username)

All these fields are using actions.

Reply
0 Kudos
igaydajiev
VMware Employee
VMware Employee

>However, instead of my username I see a strange string: vro-gateway-JDZGP2y8495

This is expected.

In vRA 7 there was possibility for using shared account or using current user credentials when triggering vro workflows
As of now in vRA 8.0 only shared account is supported and above " vro-gateway-JDZGP2y8495" is the client id of the shared account used to trigger the workflows.

Reply
0 Kudos
orian
Hot Shot
Hot Shot

So, according your answers, I can't present any more the username in my forms.

Moreover I can't create fields (in my form) which are based on the filed of username.

Is this correct?

Reply
0 Kudos
xian_
Expert
Expert

You can bind the requestor on the custom form of the vRO workflow:

bind requested by.png

 

Reply
0 Kudos