UPDATEd ON
5 Dec
2024
SaaS & On-Premises
<yes><yes>
<yes><yes>
No Scripting Required
<yes><yes>
<with><with>
Ease of Use
<yes><yes>
<with><with>
Cloud-Native App Support
<yes><yes>
<yes><yes>
Traditional App Support
<yes><yes>
<yes><yes>
Canary Deployments
<yes><yes>
<with><with> Kubernetes Only
Infrastructure Provisioners
<yes><yes>
<with><with> Terraform Only
GitOps
<yes><yes>
<with><with> Flux Only
Continuous Verification ™
<yes><yes>
<no><no>
Change Management Jira/SNOW
<yes><yes>
<with><with> SNOW Only
Role-Based Access Control
<yes><yes>
<with><with>
Secrets Management
<yes><yes>
<with><with>
Audit Trails
<yes><yes>
<yes><yes>
Software Engineering Insights (VSM)
<yes><yes>
<yes><yes>
Non Git SCM support (ex. BitBucket)
<yes><yes>
<no><no>
While Harness and GitLab each claim to provide an end-to-end software delivery platform, only Harness empowers its customers to pick and choose which elements to adopt, making it easy to plug-in to a heterogenous environment. Already have source control and builds solved? That's fine, start with Harness Continuous Delivery and GitOps, layering on Feature Flags, Security Test Orchestration and other capabilities as appropriate to you. Harness plays nice with others in the ecosystem.
Both GitLab and Harness offer SaaS and on-prem versions of their product. No matter your use case, both solutions can deliver.
A plus to using GitLab is that it was, initially, a source code management tool / Git repository. As such, converting to their CI/CD platform would have advantages when it comes to easy integration. However, if GitLab is your SCM tool of choice, rest assured that Harness easily integrates with it as well. When it comes to ease of use, some features are buggy and that the overall system can be quite slow. Documentation was found to be lacking for more complex setups. UI is clean, but not intuitive – definitely has a learning curve and needs improvements in order to be less confusing. Lastly, CI can be hard to integrate with automatic and manual tests users have created in the past with their prior CI tool.
GitLab provides some Policy capabilities around its security scanning capabilities with a proprietary security policy definition.
Harness has implemented the Open Policy Agent, enabling central teams to establish common policies across the wider organization. These may be security centric, such as requiring passing scans in any pipeline moving towards production, or not. For example, OPA can require a feature flag to be enabled in Test before it is enabled in Production. Or it can generate a warning in infrastructure changes will increase costs. The possibilities are nearly endless.
As of January 2023, GitLab has been considering moving to OPA for the past four years, but has not done so: https://gitlab.com/gitlab-org/gitlab/-/issues/55651
GitLab supports AWS, Azure and GCP clouds. It also supports Kubernetes, Helm, and ECS for container orchestration. Harness supports all of the above, and additionally, all other cloud providers. Harness was designed to be cloud-native.
GitLab supports JAVA, .NET, and custom traditional apps. But, Harness does it too – among a plethora of other things.
GitLab provides some support for advanced deployment strategies, particularly on Kubernentes. Harness provides full support for Canary, Blue/Green and Rolling deployments on Kubernetes, but also on additional deployment targets including VMware Tanzu Application Services, Azure Web Apps, Google Cloud Functions and more. GitOps style deployments leveraging ArgoCD implement the Rollouts capability.
With Continuous Verification (see below) Harness is able to detect problems in releases automating the decisions to rollback or proceed in progressive delivery.
GitLab offers a Terraform integration for infrastructure provisioning.
Harness offers a Terraform integration too, but also goes further. Harness provides first class support for CloudFormation, Terragrunt, Azure Resource Management, Azure Blueprints, and AWS CDK. All other infrastructure provisioners are supported via shell script.
Harness even offers a powerful Infrastructure-as-Code Management module, adding pipeline orchestration to IaC, as well as governance capabilities with OPA.
Continuous Verification is the process of monitoring your app for abnormalities after a deployment. For example, Continuous Verification could catch a latency issue or 5xx errors and automatically roll back your app to the previous version. The idea is to catch errors as quickly as possible – ideally, before customers notice – and make a seamless transition back to the prior version. GitLab does not provide Continuous Verification capabilities, only a manual process with a Prometheus integration. Harness, however, provides Continuous Verification out of the box, effectively reducing risk and reputational damage from downtime. As for vendor integrations, we mentioned Gitlab’s Prometheus – sadly, it’s currently their only tool integration. Harness supports many vendors, including Prometheus, Datadog, AppDynamics, New Relic, StackDriver, CloudWatch, and custom monitoring and observability tools.
GitLab offers a Jira integration, but that’s more so for record keeping purposes. You can’t do anything substantial, like using Jira to approve or reject a pipeline or workflow step. Harness, however, offers this functionality. With a few simple steps, you can easily leverage Jira and ServiceNow as approval mechanisms.
When it comes to configuration, GitLab provides only 5 predetermined ‘roles’ that are not customizable at a granular level, and permissions cannot be separated by environments. For deployments, GitLab does not support RBAC, except for their native Kubernetes integration – that means no granular support for deployments that would allow for specific user, group, environment, or namespace mappings. Harness, on the other hand, provides fully-configurable CRUD access across every entity, whether services, environments, workflows, pipelines, or provisioners. Harness also provides full Deployment RBAC for an unlimited number of user groups across every application and environment. There are also separate permissions for governed pipeline execution than for individual workflow execution. For example, developers can kick off pipelines that meet all security and quality checks and have all required approvals in order to progress through environments, but can’t deploy directly to specific environments, like staging or prod.
GitLab does not offer native secrets management capabilities. They have selected Vault by HashiCorp as their first supported secrets management partner, which means you must first configure your Vault server. Harness, on the other hand, offers proprietary, integrated secrets management. No third parties are required, but all of the major secrets managers are supported.
GitLab provides good governance and compliance features, but many of them are only available on their Premium or higher plans, audit trails included. GitLab provides a list of every [audit event](https://docs.gitlab.com/ee/administration/audit_events.html, some which are pruned after 30 days. Harness provides audit trails on every pipeline, workflow, step, execution, and change. It’s all audited by Harness so you have a complete trail of all user activity.
Harness offers a robust Software Engineering Insights module helping engineering leaders discover bottlenecks in delivery and help teams delivery more effectively and predictably. GitLab released a Value Stream Management product.
*Please note: Our competitors, just like us, release updates to their products on a regular cadence. We keep these pages updated to the best of our ability, but there are bound to be discrepancies. For the most up-to-date information on competitor features, browsing the competitor’s new release pages and communities are your best bet.