Harness Release Notes Summaries
Explore release notes from the last 30 days across the Harness Platform and modules.
INFO
Please review the full module release notes by selecting a module in the sidebar, or using the View full release notes links beside each module summary.
Platform Release Notes
Platform
View full release notes →Security & Compliance
- Enhanced authentication security by ensuring valid usernames are no longer exposed in error responses.
Access Management
- Resolved an issue where permission checks for user groups were not correctly synchronized with feature flags.
System Stability
- Updated and pinned the version of the Python code coverage utility to ensure consistent build performance.
Delegate
View full release notes →Infrastructure & Security
- Upgraded core dependencies to improve security and system performance.
- Added a configuration option to control the maximum number of Docker tags fetched per image.
Cloud & Integration Updates
- Improved compatibility with the latest Jenkins integrations by optimizing API request structures.
- Fixed an issue where AWS OIDC and IRSA authentication were not properly applied to Auto Scaling Group steps.
- Resolved errors that prevented connector validation results from displaying correctly.
Deployment & Reliability
- Enhanced GitOps efficiency by allowing file commits via direct SCM API calls, reducing repository cloning overhead.
- Refined anomaly detection models to provide more accurate results when analyzing deployments with limited data.
Code Repository
View full release notes →API & Integration
- Enhanced fork synchronization by providing specific error codes when merge conflicts occur, allowing for better automated detection.
- Updated API definitions to ensure accurate status reporting for fork-related operations.
Performance & Optimization
- Optimized large file uploads via Git LFS to reduce memory consumption and improve overall performance.
Repository Management
- Resolved an issue where listing repositories in a workspace would fail if the original source of a forked repository had been deleted.
AI for DevOps & Automation
Continuous Delivery & GitOps
View full release notes →Governance & Security
- GitOps now integrates with Open Policy Agent (OPA) to enable policy-based governance and validation for applications.
- Error messages for missing or misconfigured secrets now display the secret name and scope to simplify troubleshooting.
GitOps & Repository Management
- Updated the ApplicationSet resource to handle Kubernetes size limitations; upgrades now require Server-Side Apply.
- Optimized the source hydrator to track states using Git notes, reducing unnecessary commits and improving repository cleanliness.
- Corrected repository URL construction for OCI Helm connectors to ensure successful chart fetching.
Pipeline & Automation Steps
- PowerShell script steps now correctly preserve newline characters in output variables, matching Bash behavior.
- Improved Azure ARM Resource provisioning to correctly handle JSON deserialization and parameter formats.
- Notification templates now accurately handle special characters in error message expressions.
Platform & Resource Management
- Fixed a failure when creating service overrides for environments in projects that were previously deleted and recreated.
- Git status check links from Custom stages now correctly resolve to the pipeline execution page regardless of licensed modules.
- Fixed issues where organization-level step templates failed to show references or correctly compare versions.
Continuous Integration
View full release notes →Security & Access Management
- Upgraded the Test Intelligence and Artifactory runtimes to address known security vulnerabilities.
- Updated the split test binary to a more secure version of the Go language.
- Added support for Azure Workload Identity when building and pushing to Azure Container Registry.
- Introduced granular token claims for HashiCorp Vault integrations in Kubernetes builds to improve secret management security.
Visibility & Monitoring
- Added CPU and memory usage metrics to cloud build execution logs for better resource monitoring.
- Updated cloud build logs to display user-friendly machine size names instead of internal resource labels.
- Enabled real-time status updates for container-based step groups during execution.
- Improved GitLab merge request updates to reflect pipeline progress in real time rather than only upon completion.
- Enhanced error logging for secret retrieval failures to provide more actionable troubleshooting details.
Pipeline & Storage Improvements
- Introduced pipeline steps to save and restore caches using Azure Blob Storage with Microsoft identity authentication.
- Added branch-based version counters to allow independent build numbering for different branches.
- Resolved an issue where environment variables were not correctly resolved in Docker Buildx Bake configurations across various runner types.
- Fixed a bug that caused incorrect repository URLs to be returned for Azure Repos commit-based builds.
- Improved the handling of double quotes within secrets during pipeline execution.
- Fixed an issue where pipeline re-runs could fail when using specific delegate selectors for codebase tasks.
Infrastructure as Code Management
View full release notes →Security & Secret Management
- Integrate Vault connectors with workspaces to automatically retrieve secrets for infrastructure workflows.
- Enhanced security for Terragrunt with sensitive resource sanitization and integrated security testing.
Frameworks & Tooling Support
- Added native support for AWS CDK to create workspaces and execute pipelines.
- Expanded Terragrunt functionality to include automated pull request comments and advanced expression support.
- Introduced a new interface for creating and managing Ansible inventory plugins.
Workspace & Module Management
- Enable retrospective template assignment to existing workspaces via API for improved organization.
- Resolved errors encountered when updating module registry entries or editing existing workflows.
- Fixed an issue that prevented module test pipelines from being created under specific git configurations.
User Interface & Experience
- Redesigned the workspace creation interface for a more intuitive and standardized setup process.
- Improved the Terraform import experience with clearer fields for resource addresses and IDs.
- Restored broken navigation links between onboarding modules and pipeline execution details.
- Implemented platform telemetry to track orchestration metrics and improve user engagement.
AI for Testing & Resilience
Chaos Engineering
View full release notes →Resilience Testing & Faults
- Expanded the fault library with new native Windows network chaos experiments.
- Added a suite of Linux chaos faults covering network, API, JVM, process, and disk usage, including new pre-configured templates.
- Enabled support for egress rules in ECS network restriction faults to allow for more specific traffic control.
- Introduced Disaster Recovery support with new entities and enhanced execution workflows for testing service continuity.
Chaos Studio & Experiment Design
- Added support for Secret, Connector, and input field renderers within action and probe details for better configuration management.
- Simplified experiment setup by migrating Action and Probe variables to a unified Inputs section.
- Enabled the ability to clone load tests directly from the three-dot action menu.
- Fixed an issue preventing variable updates from being saved within probes, actions, and templates.
- Resolved migration issues encountered when transitioning variables to the new Inputs model.
Infrastructure & Platform Updates
- Updated the Chaos Engineering interface to reflect the latest module branding and name changes.
- Resolved an issue where environments at the Organization or Account scope were unavailable during infrastructure setup.
- Fixed a bug where load tasks would remain stuck in a pending state and fail to reach the infrastructure.
- Updated ECS Fargate sidecars to support multi-architecture container images.
- Updated the installation script to include necessary permissions for network traffic interception tools.
AI Test Automation
View full release notes →Integrations & External Tools
- Integrated with Jira to improve issue tracking and workflow management.
- Added direct links to test runs within Jira tickets for easier navigation.
Test Authoring Improvements
- Added support for nested tasks to better organize complex test logic.
- Introduced a new drag-and-drop command for testing slider-based user interactions.
- Enabled parameter support for the Prompt Enhancer to allow for more dynamic test generation.
- Resolved an issue where Copilot tasks were displayed multiple times.
AI for Security & Compliance
Security Testing Orchestration
View full release notes →Security & Scanning
- Introduced Source Code Analysis (SAST) to detect security vulnerabilities, exposed secrets, and vulnerable dependencies within your source code.
- Added Software Composition Analysis (SCA) to identify vulnerabilities in container image packages and libraries with risk-based prioritization.
Reporting & Visibility
- Fixed an issue where the approval timestamp on the security exemptions page was displayed incorrectly, ensuring accurate audit tracking.
- Resolved a display error in Mend scans to ensure file names appear correctly in the issue overview for software composition findings.
Workflow & Integration
- Fixed a bug that prevented the successful creation of pull requests within the integrated code repository.
Supply Chain Security
View full release notes →SBOM & Dependency Management
- Added the ability to filter SBOM components by dependency type (Direct, Indirect, or No Relationship) to improve project traceability.
- Expanded vulnerability reporting to include data from all STO scanners within the SBOM view.
- Fixed an issue where vulnerability filters on the SBOM page were not functioning correctly.
- Resolved a discrepancy where the SBOM counts displayed on the Overview page did not match the SBOM tab.
- Standardized artifact naming across all security steps to ensure consistency throughout the platform.
Visibility & Traceability
- Improved the Chain of Custody by ensuring deployment events are accurately captured and displayed during artifact redeployments.
- Enhanced the search bar responsiveness and visibility for image layer filters.
- Updated the SBOM Score API to correctly process repository names regardless of URL prefixes.
Platform & Infrastructure
- Updated plugin compatibility to support modern Docker environments and provided guidance on engine versions to ensure stable pipeline execution.
- Enhanced Java environment handling to resolve configuration errors during SBOM generation.
AI for Cost & Optimization
Cloud Cost Management
View full release notes →Governance & Management
- Fixed a validation error that occurred when saving cost category rules that reference other categories.
- Enhanced the reliability of perspective and budget management through improved validation and naming flexibility.
- Added full audit trail logging for perspective and budget management operations to improve tracking.
Visibility & Data Accuracy
- Resolved an issue where AWS Perspective anomaly data returned empty results due to field mapping errors.
- Simplified cluster capacity configuration by automatically defaulting numeric memory limit values to GiB.
Savings & Optimization
- Introduced a 'Disable Atomization' option in Commitment Orchestration for organizations requiring fixed, long-term capacity commitments and lower hourly costs.