February 15, 2024

February 2024 Product Updates

Table of Contents

At Harness, we have been hard at work so you can delight your customers without facing software delivery toil. Here is what has been changing in the previous month across Harness Products.  

Continuous Delivery & GitOps

  1. GitX Bidirectional sync: Bidirectional Sync allows you to effortlessly sync changes between your Git repositories and Harness in both directions. This ensures that updates are instantly reflected across your entities, streamlining collaboration and simplifying your development process. Whether you're pushing changes from Git to Harness or pulling them from Harness to Git, Bidirectional Sync Setup keeps everything in sync for a smoother workflow.
  2. Triggers now map payload attributes with pipeline inputs: There are cases where you want to use input sets in a trigger, but provide a different value for the input set (override the default). When a trigger is configured to use input sets, you can now pass input value overrides in the trigger's inputYaml field. The values provided in the trigger's inputYaml field take precedence over any values provided by the input sets. This lets you override the input set values and use, for example, trigger payloads for specific inputs to the pipeline.
  3. Behavior Change with permissions associated with Overrides v2: Previously: for service-specific, service, and infrastructure-specific overrides, the environment Create and Edit permissions were required. Now: the environment Create and Edit permissions are not required. Only the service Create and Edit permissions are required.
  4. Grouping and Collapsible Support for Overrides: Overrides are now grouped by information in their configurations. They are now collapsible, and thusly, are easier to search through.
  5. Show accountId in Switch Account screen: Enhanced the Switch Account experience to show more data i.e AccountId.
  6. Stage Selection component is being moved to Pipeline Input tab from Configuration Tab: When configuring Triggers, the Stage Selection component has been moved to Pipeline Input tab from Configuration Tab.

Full Continuous Delivery & GitOps Release Notes

Continuous Integration

  1. New Initial Pipeline Generator: The Get Started workflow can now auto-generate starter pipelines from Harness Code repositories
  2. Pod Deletion logs now contain cluster endpoint: To help identify pods that aren't cleaned up after a build, pod deletion logs now include the cluster endpoint targeted for deletion and the pod identifier, namespace, and API endpoint response for pods that can't be located for deletion.
  3. Update to codebase Expressions: The codebase expressions <+codebase.sourceBranch> and <+codebase.targetBranch> are now always null for branch and tag builds. These expressions are primarily for differentiating the target and source branches for PR builds. For branch and tag builds, use <+codebase.branch> and <+codebase.tag>.
  4. New billing model for infrastructure: Free plans require credit card validation to use Harness Cloud. If you don't want to provide a credit card, you can use local runner build infrastructure.

Full Continuous Integration Release Notes

Chaos Engineering

  1. Linux versions are now automatically versioned: Linux infrastructure is automatically versioned with the help of the API. Previously, the versions were hardcoded for every release.
  2. New Audit trail enhancement: Added a generic audit function that is used to generate all audit trails, thereby reducing redundancy. This generic function is customized based on the type of audit (Chaos experiment, Gameday, Chaos infrastructure, and so on
  3. Added support for bulk disable: Adds support for bulk-disable (disable enabled CRON schedules selected by user) and bulk-enable (enable disabled CRON schedules selected by user) CRON-scheduled experiments, with a limit of 20 experiments for every operation.
  4. New Support for environment variables: Appropriate environment variables are added at relevant places to ensure that the self-managed platform (SMP) can be used with feature flags (FF).
  5. New extended termination for SSH chaos experiment: The SSH chaos experiment now supports an extended termination grace period, allowing for longer execution of abort scripts.
  6. New wildcard support for ChaosGuard: This release adds wildcard support for all entities in the chaosguard conditons.Full Chaos Engineering Release Notes

Internal Developer Portal (IDP)

  1. New Plugins Page: IDP now has a new intuitive plugins page!
  2. Added support for regex in file name input in Scorecards: You can now use regex in your filename inputs when creating Scorecards!
  3. New Enhancement to custom project picker: Enhanced the custom project picker to increase the hard limit of 50.
  4. Added support for persistent platform favorites: This allows users to star their most visited pages and also it gives information on the recently visited pages
  5. New update to access control: Access Control is revamped with new roles (IDP Admin and IDP Platform Engineering) and permissions.
  6. New Custom action support: Added support for new custom action, that can execute pipeline with custom webhook based triggers.
  7. New plugin support: Added Support for New Devtools Plugin
  8. New Support for Audit Trails: Added support for Audit Trails.
  9. New Plugin Support: Added support for a new plugin Rafay Kubernetes Operations Platform.
  10. New Support for connector types in Git: Added support for connector types in Git based steps under IDP stage, which will allow users to toggle between public and private repositories.
  11. New entity support in catalog-info.yaml: Added support for entities annotation and harnessData from catalog-info.yaml to be added as variable(JEXL format) input in Scorecard Checks. eg., <+metadata.harnessData.branch> will fetch the value for the branch in the following YAML as catalog-info.yaml.
  12. Additional Audit Trail Support: Added support for Workflow Executions in Audit trails.
  13. Additional CSV Download Support: Added support for CSV Downloads in Scorecards and Checks overview pages.

Full Internal Developer Portal Notes

Software Engineering Insights

  1. New Azure DevOps support: Added the support for configuring stages and steps as a filter for Azure DevOps pipelines in the Deployment Frequency and Change Failure Rate report settings
  2. UI enhancement to Sprint Metrics Trend Report: Optimized the Sprint Metrics Trend Report to update the extended view and display data only when a new filter is applied.
  3. New Support for Jenkins Artifacts: Added correlation support for mapping Jenkins CI artifacts with Harness CD. Now when configuring stages for a workflow profile, selecting Jenkins as the CI provider now allows you to define Harness CD in the subsequent stage for mapping artifact data.
  4. Additional Support for Code Area filters: Added the support for partial match functionality to the Code Area filter at the widget-level and collection-level settings. Now, you can apply the filter and select repositories using the Starts With and Contains conditions.
  5. Additional Support for exclusions in Code Area filters: Added exclude support for the code area filter to all widgets.
  6. UI Update in Lead Time Changes: In the Lead Time in Stages report, the filter name 'RELEASE DATE IN' has been renamed to 'Jira Release Date In'

Security Testing Orchestration

  1. STO scans now available for free licenses: You can now run STO scans with a CI free license. In a CI Build step, select Add step and then go to Security and Security Tests in the step library. All STO steps are available. The only limits to this functionality are those imposed by the CI Free license.
  2. OWASP Scan Enhancement: ​​You can now scan .exe and .net files using the OWASP scan step
  3. OWASP Scan results update: OWASP scans now display the package name and version for all issues

Full Security Testing Orchestration Notes

Code Repository

We are excited to announce that the Harness Code Repository module is now generally available!

This initial GA release includes the following enhancements:

  • Integration with Harness Git Experience.
  • Configure triggers for Harness Code repos in the Visual editor in addition to existing support for the YAML editor.
  • First-class support for Harness Code repos pipipeline codebase configuration.
  • Status checks on PRs provide more detail about pipeline executions.
  • Advanced keyword search for querying your codebase.

Full Code Repository Release Notes

Feature Flags

  1. New enhancement to Python SDK: You can use the new get_flag_type public method to check the type of a flag at any time. If you'd like to see an example of this, have a look at the get_flag_type.py
  2. Update to variation method in Python SDK: We've added a more robust variation method, int_or_float_variation to evaluate number flags. This method ensures that a number flag with either integer or float variations (or both) will be evaluated correctly. The int_variation and number_variation methods could fail to evaluate depending on if the variation served was of the expected type. We recommend using this new method going forward for number flag evaluations.

Full Feature Flags Release Notes

Infrastructure-as-code-management

  1. New Feature Drift Detection: Drift means there is a gap between how the resources are configured in the code and how these resources are in the real world (for example - how they are configured in the cloud environment). Drift is a major concern for teams using IaC practices that can lead to cost and security challenges. IaCM helps teams detect drift automatically and reconcile, preventing discrepancies between the desired and actual state.
  2. New Feature Opa Integration: IaCM supports granular OPA rules that can enforce security requirements and best practices on configuration and execution events. This helps to ensure that all operations and setup are done securely, reducing risks and helping follow the organization's guidelines.

Platform

Here are some important improvements to our platform that should enhance your user experience:

  1. New configurable Session timeout available: A new Absolute Session Timeout (in minutes) setting is available on the Authentication page. When the Absolute Session Timeout (in minutes) is set, users will be logged out of their account after the configured timeout, regardless of any activity.
  2. New Support for Delete API: Deletion of SCIM-managed user groups was not allowed. You can now delete SCIM-managed user groups via the delete API for user groups.
  3. New UI logging update: You can now hide sensitive log information in the Harness UI based on regular expression patterns

Full Platform Release Notes

Self-Managed-Enterprise Edition

  1. New Secrets Update: Added a Purge Secrets option to the Azure Key Vault Details dialog. This option is selected by default and purges deleted secrets instead of soft deleting them.
  2. CCM UI update: Pagination for perspectives has been added for faster loading time. By default, only the first 20 perspectives are displayed, ordered by the most recent.
  3. Elimination of an unnecessary prompt when another user updates a pipeline: With this release, if another user updates a pipeline and you do not have unsaved changes for that pipeline, Harness applies that user's changes and updates your view of the pipeline without showing you a prompt.
  4. Configure bidirectional sync for Git Experience at all scopes: Earlier, you could configure bidirectional sync for Harness Git Experience by configuring webhooks only at the account scope. Now, you can also configure such webhooks at the organization and project scopes.
  5. Send freeze window notifications when a freeze window is enabled:
    You can now use the Freeze window is enabled setting (OnEnableFreezeWindow in YAML) to send notifications when a freeze window is enabled. This setting is in contrast to the existing Freeze window is enabled and active setting (FreezeWindowEnabled in YAML), which sends notifications at the start time of a freeze window that is enabled.
  6. New Steady state check for Helm: If you use Kubernetes version 1.16 or later, you can enable the steady state check for Native Helm jobs from Default Settings at any organizational scope (account, organization, or project) in Harness.
  7. New auto-generated pipelines: The Get Started workflow can now auto-generate starter pipelines from Harness Code repositories.
  8. New Filter support for Overrides v2: Users will be able to filter overrides on the basis of Environments, services & Infrastructures.
  9. Service delete available from service window: Service delete option is now available on the Service details page. Previously, Users could only delete service from Service List Page.
  10. Triggers now map payload attributes with pipeline inputs: There are cases where you want to use input sets in a trigger, but provide a different value for the input set (override the default). When a trigger is configured to use input sets, you can now pass input value overrides in the trigger's inputYaml field. The values provided in the trigger's inputYaml field take precedence over any values provided by the input sets. This lets you override the input set values and use, for example, trigger payloads for specific inputs to the pipeline.
  11. New Support for TLS with external DB: You can now enable TLS for MongoDB, MinIO, and TimescaleDB cloud-based external databases. For configuration details, go to the Harness Self-Managed Enterprise Edition tutorials.

Full Self-Managed Enterprise Release Notes

Early Access

Continuous Integration

  1. Secure connect for Harness Cloud: Secure connect for Harness Cloud facilitates private networking with Harness Cloud runners.

Internal Developer Portal (IDP)

  1. Added support for custom plugins: We have added support for custom plugins, which enables users to upload their own frontend backstage plugins to Harness IDP. This feature is behind the feature flag IDP_ENABLE_CUSTOM_PLUGINS. To enable the feature, please reach out to IDP team or contact Harness Support.
  2. Added support to push code to existing main branch: Added the support to push code to the existing main branch of git providers in the Create Repo step under Developer Portal Stage, this stage is presently behind the feature Flag IDP_ENABLE_STAGE. To enable the feature, please reach out to IDP team contact Harness Support.
  3. Grant public access to Harness pipelines: You can now grant public access to Harness pipelines. New settings on the Authentication page and in pipeline Advanced Options allow you to grant public access to pipeline executions.When you activate the Allow public resources authentication setting, you can then enable public view for your pipelines by setting the Mark this pipeline for public view option in the pipeline's Advanced Options.This is behind the feature flag PL_ALLOW_TO_SET_PUBLIC_ACCESS
  4. Allowlist verification for delegate registration:Without this feature flag enabled, delegates with an immutable image type can register without allowlist verification. With this feature flag enabled, delegates with an immutable image type can register if their IP/CIDR address is included in the allowed list received by Harness Manager. The IP address/CIDR should be that of the delegate or the last proxy between the delegate and Harness Manager in the case of a proxy. Currently, allowlist verification for delegate registration is behind the feature flag PL_ENFORCE_DELEGATE_REGISTRATION_ALLOWLIST

Full Early Access Release Notes

Continue the Journey

Platform